2122 files changed, 48183 insertions, 34227 deletions

diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index ab30e1789d..95d673cd30 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -4,10 +4,10 @@
   "features": {
     // installs nodejs into container
     "ghcr.io/devcontainers/features/node:1": {
-      "version": "20"
+      "version": "lts"
     },
     "ghcr.io/devcontainers/features/git-lfs:1.2.2": {},
-    "ghcr.io/devcontainers-contrib/features/poetry:2": {},
+    "ghcr.io/jsburckhardt/devcontainer-features/uv:1": {},
     "ghcr.io/devcontainers/features/python:1": {
       "version": "3.12"
     },
diff --git a/.dockerignore b/.dockerignore
index 94aca6b8d3..843f12a7be 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -36,15 +36,6 @@ _testmain.go
 coverage.all
 cpu.out
 
-/modules/migration/bindata.go
-/modules/migration/bindata.go.hash
-/modules/options/bindata.go
-/modules/options/bindata.go.hash
-/modules/public/bindata.go
-/modules/public/bindata.go.hash
-/modules/templates/bindata.go
-/modules/templates/bindata.go.hash
-
 *.db
 *.log
 
diff --git a/.eslintrc.cjs b/.eslintrc.cjs
index f9e1050240..e2609922da 100644
--- a/.eslintrc.cjs
+++ b/.eslintrc.cjs
@@ -91,6 +91,7 @@ module.exports = {
       plugins: ['@vitest/eslint-plugin'],
       globals: vitestPlugin.environments.env.globals,
       rules: {
+        'github/unescaped-html-literal': [0],
         '@vitest/consistent-test-filename': [0],
         '@vitest/consistent-test-it': [0],
         '@vitest/expect-expect': [0],
@@ -325,6 +326,7 @@ module.exports = {
     '@typescript-eslint/no-unnecessary-type-arguments': [0],
     '@typescript-eslint/no-unnecessary-type-assertion': [2],
     '@typescript-eslint/no-unnecessary-type-constraint': [2],
+    '@typescript-eslint/no-unnecessary-type-conversion': [2],
     '@typescript-eslint/no-unsafe-argument': [0],
     '@typescript-eslint/no-unsafe-assignment': [0],
     '@typescript-eslint/no-unsafe-call': [0],
@@ -423,7 +425,7 @@ module.exports = {
     'github/no-useless-passive': [2],
     'github/prefer-observers': [2],
     'github/require-passive-events': [2],
-    'github/unescaped-html-literal': [0],
+    'github/unescaped-html-literal': [2],
     'grouped-accessor-pairs': [2],
     'guard-for-in': [0],
     'id-blacklist': [0],
@@ -482,7 +484,7 @@ module.exports = {
     'max-nested-callbacks': [0],
     'max-params': [0],
     'max-statements': [0],
-    'multiline-comment-style': [2, 'separate-lines'],
+    'multiline-comment-style': [0],
     'new-cap': [0],
     'no-alert': [0],
     'no-array-constructor': [0], // handled by @typescript-eslint/no-array-constructor
@@ -644,7 +646,7 @@ module.exports = {
     'no-multi-str': [2],
     'no-negated-condition': [0],
     'no-nested-ternary': [0],
-    'no-new-func': [2],
+    'no-new-func': [0], // handled by @typescript-eslint/no-implied-eval
     'no-new-native-nonconstructor': [2],
     'no-new-object': [2],
     'no-new-symbol': [2],
diff --git a/.gitattributes b/.gitattributes
index 52695f70c2..e218bbe25d 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -4,6 +4,7 @@
 /assets/*.json linguist-generated
 /public/assets/img/svg/*.svg linguist-generated
 /templates/swagger/v1_json.tmpl linguist-generated
+/options/fileicon/** linguist-generated
 /vendor/** -text -eol linguist-vendored
 /web_src/js/vendor/** -text -eol linguist-vendored
 Dockerfile.* linguist-language=Dockerfile
diff --git a/.github/labeler.yml b/.github/labeler.yml
index 0af43cd029..a82bf0c2b2 100644
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -61,7 +61,7 @@ modifies/dependencies:
           - "package.json"
           - "package-lock.json"
           - "pyproject.toml"
-          - "poetry.lock"
+          - "uv.lock"
           - "go.mod"
           - "go.sum"
 
@@ -81,3 +81,13 @@ docs-update-needed:
   - changed-files:
       - any-glob-to-any-file:
           - "custom/conf/app.example.ini"
+
+topic/code-linting:
+  - changed-files:
+      - any-glob-to-any-file:
+          - ".eslintrc.cjs"
+          - ".golangci.yml"
+          - ".markdownlint.yaml"
+          - ".spectral.yaml"
+          - ".yamllint.yaml"
+          - "stylelint.config.js"
diff --git a/.github/workflows/files-changed.yml b/.github/workflows/files-changed.yml
index be27537924..21d3ea7393 100644
--- a/.github/workflows/files-changed.yml
+++ b/.github/workflows/files-changed.yml
@@ -77,7 +77,7 @@ jobs:
               - "tools/lint-templates-*.js"
               - "templates/**/*.tmpl"
               - "pyproject.toml"
-              - "poetry.lock"
+              - "uv.lock"
 
             docker:
               - "Dockerfile"
@@ -98,4 +98,3 @@ jobs:
               - "**/*.yaml"
               - ".yamllint.yaml"
               - "pyproject.toml"
-              - "poetry.lock"
diff --git a/.github/workflows/pull-compliance.yml b/.github/workflows/pull-compliance.yml
index 64090d6490..56685ffb46 100644
--- a/.github/workflows/pull-compliance.yml
+++ b/.github/workflows/pull-compliance.yml
@@ -32,15 +32,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
+      - uses: astral-sh/setup-uv@v6
+      - run: uv python install 3.12
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
-      - run: pip install poetry
       - run: make deps-py
       - run: make deps-frontend
       - run: make lint-templates
@@ -51,10 +49,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
-      - run: pip install poetry
+      - uses: astral-sh/setup-uv@v6
+      - run: uv python install 3.12
       - run: make deps-py
       - run: make lint-yaml
 
@@ -66,7 +62,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend
@@ -137,7 +133,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend
@@ -186,7 +182,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend
diff --git a/.github/workflows/pull-db-tests.yml b/.github/workflows/pull-db-tests.yml
index 6e879053d3..55c2d2bf5e 100644
--- a/.github/workflows/pull-db-tests.yml
+++ b/.github/workflows/pull-db-tests.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       pgsql:
-        image: postgres:12
+        image: postgres:14
         env:
           POSTGRES_DB: test
           POSTGRES_PASSWORD: postgres
@@ -98,7 +98,7 @@ jobs:
         ports:
           - "9200:9200"
       meilisearch:
-        image: getmeili/meilisearch:v1.2.0
+        image: getmeili/meilisearch:v1
         env:
           MEILI_ENV: development # disable auth
         ports:
diff --git a/.github/workflows/pull-e2e-tests.yml b/.github/workflows/pull-e2e-tests.yml
index b84c69e4a0..cc3fbd9c34 100644
--- a/.github/workflows/pull-e2e-tests.yml
+++ b/.github/workflows/pull-e2e-tests.yml
@@ -12,7 +12,9 @@ jobs:
     uses: ./.github/workflows/files-changed.yml
 
   test-e2e:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
+    # the "test-e2e" won't pass, and it seems that there is no useful test, so skip
+    # if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
+    if: false
     needs: files-changed
     runs-on: ubuntu-latest
     steps:
@@ -23,7 +25,7 @@ jobs:
           check-latest: true
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend frontend deps-backend
diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml
index 2264c9e822..c2cc14f771 100644
--- a/.github/workflows/release-nightly.yml
+++ b/.github/workflows/release-nightly.yml
@@ -22,7 +22,7 @@ jobs:
           check-latest: true
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend deps-backend
@@ -59,6 +59,8 @@ jobs:
           aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
   nightly-docker-rootful:
     runs-on: namespace-profile-gitea-release-docker
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -85,17 +87,27 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: fetch go modules
         run: make vendor
       - name: build rootful docker image
         uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/riscv64
           push: true
-          tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}
+          tags: |-
+            gitea/gitea:${{ steps.clean_name.outputs.branch }}
+            ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}
   nightly-docker-rootless:
     runs-on: namespace-profile-gitea-release-docker
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -122,6 +134,12 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: fetch go modules
         run: make vendor
       - name: build rootless docker image
@@ -131,4 +149,6 @@ jobs:
           platforms: linux/amd64,linux/arm64
           push: true
           file: Dockerfile.rootless
-          tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless
+          tags: |-
+            gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless
+            ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless
diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml
index a406602dc0..c9c15c31a0 100644
--- a/.github/workflows/release-tag-rc.yml
+++ b/.github/workflows/release-tag-rc.yml
@@ -23,7 +23,7 @@ jobs:
           check-latest: true
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend deps-backend
@@ -69,6 +69,8 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
   docker-rootful:
     runs-on: namespace-profile-gitea-release-docker
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -79,7 +81,9 @@ jobs:
       - uses: docker/metadata-action@v5
         id: meta
         with:
-          images: gitea/gitea
+          images: |-
+            gitea/gitea
+            ghcr.io/go-gitea/gitea
           flavor: |
             latest=false
           # 1.2.3-rc0
@@ -90,16 +94,24 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: build rootful docker image
         uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/riscv64
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
   docker-rootless:
     runs-on: namespace-profile-gitea-release-docker
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -110,7 +122,9 @@ jobs:
       - uses: docker/metadata-action@v5
         id: meta
         with:
-          images: gitea/gitea
+          images: |-
+            gitea/gitea
+            ghcr.io/go-gitea/gitea
           # each tag below will have the suffix of -rootless
           flavor: |
             latest=false
@@ -123,11 +137,17 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: build rootless docker image
         uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/riscv64
           push: true
           file: Dockerfile.rootless
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml
index 08bb9baecf..ae717c7cec 100644
--- a/.github/workflows/release-tag-version.yml
+++ b/.github/workflows/release-tag-version.yml
@@ -14,6 +14,8 @@ concurrency:
 jobs:
   binary:
     runs-on: namespace-profile-gitea-release-binary
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -25,7 +27,7 @@ jobs:
           check-latest: true
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 24
           cache: npm
           cache-dependency-path: package-lock.json
       - run: make deps-frontend deps-backend
@@ -71,6 +73,8 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
   docker-rootful:
     runs-on: namespace-profile-gitea-release-docker
+    permissions:
+      packages: write # to publish to ghcr.io
     steps:
       - uses: actions/checkout@v4
       # fetch all commits instead of only the last as some branches are long lived and could have many between versions
@@ -81,7 +85,9 @@ jobs:
       - uses: docker/metadata-action@v5
         id: meta
         with:
-          images: gitea/gitea
+          images: |-
+            gitea/gitea
+            ghcr.io/go-gitea/gitea
           # this will generate tags in the following format:
           # latest
           # 1
@@ -96,11 +102,17 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: build rootful docker image
         uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/riscv64
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
@@ -116,7 +128,9 @@ jobs:
       - uses: docker/metadata-action@v5
         id: meta
         with:
-          images: gitea/gitea
+          images: |-
+            gitea/gitea
+            ghcr.io/go-gitea/gitea
           # each tag below will have the suffix of -rootless
           flavor: |
             suffix=-rootless,onlatest=true
@@ -134,11 +148,17 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GHCR using PAT
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: build rootless docker image
         uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/riscv64
           push: true
           file: Dockerfile.rootless
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.gitignore b/.gitignore
index 703be8f681..fc2d74a33a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -22,6 +22,9 @@ _test
 .vscode
 __debug_bin*
 
+# Visual Studio
+/.vs/
+
 *.cgo1.go
 *.cgo2.c
 _cgo_defun.c
@@ -39,14 +42,10 @@ _testmain.go
 coverage.all
 cpu.out
 
-/modules/migration/bindata.go
-/modules/migration/bindata.go.hash
-/modules/options/bindata.go
-/modules/options/bindata.go.hash
-/modules/public/bindata.go
-/modules/public/bindata.go.hash
-/modules/templates/bindata.go
-/modules/templates/bindata.go.hash
+/modules/migration/bindata.*
+/modules/options/bindata.*
+/modules/public/bindata.*
+/modules/templates/bindata.*
 
 *.db
 *.log
@@ -110,3 +109,15 @@ prime/
 
 # Manpage
 /man
+
+# Ignore AI/LLM instruction files
+/.claude/
+/.cursorrules
+/.cursor/
+/.goosehints
+/.windsurfrules
+/.github/copilot-instructions.md
+/AGENT.md
+/CLAUDE.md
+/llms.txt
+
diff --git a/.golangci.yml b/.golangci.yml
index cf7a6f1a1f..2ad39fbae2 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,7 +1,9 @@
+version: "2"
+output:
+  sort-order:
+    - file
 linters:
-  enable-all: false
-  disable-all: true
-  fast: false
+  default: none
   enable:
     - bidichk
     - depguard
@@ -9,141 +11,172 @@ linters:
     - errcheck
     - forbidigo
     - gocritic
-    - gofmt
-    - gofumpt
-    - gosimple
     - govet
     - ineffassign
+    - mirror
     - nakedret
     - nolintlint
+    - perfsprint
     - revive
     - staticcheck
-    - stylecheck
     - testifylint
-    - typecheck
     - unconvert
-    - unused
     - unparam
+    - unused
+    - usestdlibvars
     - usetesting
     - wastedassign
-
-run:
-  timeout: 10m
-
-output:
-  sort-results: true
-  sort-order: [file]
-  show-stats: true
-
-linters-settings:
-  testifylint:
-    disable:
-      - go-require
-      - require-error
-  stylecheck:
-    checks: ["all", "-ST1005", "-ST1003"]
-  nakedret:
-    max-func-lines: 0
-  gocritic:
-    disabled-checks:
-      - ifElseChain
-      - singleCaseSwitch # Every time this occurred in the code, there  was no other way.
-  revive:
-    severity: error
-    rules:
-      - name: atomic
-      - name: bare-return
-      - name: blank-imports
-      - name: constant-logical-expr
-      - name: context-as-argument
-      - name: context-keys-type
-      - name: dot-imports
-      - name: duplicated-imports
-      - name: empty-lines
-      - name: error-naming
-      - name: error-return
-      - name: error-strings
-      - name: errorf
-      - name: exported
-      - name: identical-branches
-      - name: if-return
-      - name: increment-decrement
-      - name: indent-error-flow
-      - name: modifies-value-receiver
-      - name: package-comments
-      - name: range
-      - name: receiver-naming
-      - name: redefines-builtin-id
-      - name: string-of-int
-      - name: superfluous-else
-      - name: time-naming
-      - name: unconditional-recursion
-      - name: unexported-return
-      - name: unreachable-code
-      - name: var-declaration
-      - name: var-naming
-  gofumpt:
-    extra-rules: true
-  depguard:
+  settings:
+    depguard:
+      rules:
+        main:
+          deny:
+            - pkg: encoding/json
+              desc: use gitea's modules/json instead of encoding/json
+            - pkg: github.com/unknwon/com
+              desc: use gitea's util and replacements
+            - pkg: io/ioutil
+              desc: use os or io instead
+            - pkg: golang.org/x/exp
+              desc: it's experimental and unreliable
+            - pkg: code.gitea.io/gitea/modules/git/internal
+              desc: do not use the internal package, use AddXxx function instead
+            - pkg: gopkg.in/ini.v1
+              desc: do not use the ini package, use gitea's config system instead
+            - pkg: gitea.com/go-chi/cache
+              desc: do not use the go-chi cache package, use gitea's cache system
+    nolintlint:
+      allow-unused: false
+      require-explanation: true
+      require-specific: true
+    gocritic:
+      enabled-checks:
+        - equalFold
+      disabled-checks:
+        - ifElseChain
+        - singleCaseSwitch # Every time this occurred in the code, there was no other way.
+    revive:
+      severity: error
+      rules:
+        - name: atomic
+        - name: bare-return
+        - name: blank-imports
+        - name: constant-logical-expr
+        - name: context-as-argument
+        - name: context-keys-type
+        - name: dot-imports
+        - name: duplicated-imports
+        - name: empty-lines
+        - name: error-naming
+        - name: error-return
+        - name: error-strings
+        - name: errorf
+        - name: exported
+        - name: identical-branches
+        - name: if-return
+        - name: increment-decrement
+        - name: indent-error-flow
+        - name: modifies-value-receiver
+        - name: package-comments
+        - name: range
+        - name: receiver-naming
+        - name: redefines-builtin-id
+        - name: string-of-int
+        - name: superfluous-else
+        - name: time-naming
+        - name: unconditional-recursion
+        - name: unexported-return
+        - name: unreachable-code
+        - name: var-declaration
+        - name: var-naming
+          arguments:
+            - [] # AllowList - do not remove as args for the rule are positional and won't work without lists first
+            - [] # DenyList
+            - - skip-package-name-checks: true # supress errors from underscore in migration packages
+    staticcheck:
+      checks:
+        - all
+        - -ST1003
+        - -ST1005
+        - -QF1001
+        - -QF1006
+        - -QF1008
+    testifylint:
+      disable:
+        - go-require
+        - require-error
+    usetesting:
+      os-temp-dir: true
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
     rules:
-      main:
-        deny:
-          - pkg: encoding/json
-            desc: use gitea's modules/json instead of encoding/json
-          - pkg: github.com/unknwon/com
-            desc: use gitea's util and replacements
-          - pkg: io/ioutil
-            desc: use os or io instead
-          - pkg: golang.org/x/exp
-            desc: it's experimental and unreliable
-          - pkg: code.gitea.io/gitea/modules/git/internal
-            desc: do not use the internal package, use AddXxx function instead
-          - pkg: gopkg.in/ini.v1
-            desc: do not use the ini package, use gitea's config system instead
-          - pkg: gitea.com/go-chi/cache
-            desc: do not use the go-chi cache package, use gitea's cache system
-  usetesting:
-    os-temp-dir: true
-
+      - linters:
+          - dupl
+          - errcheck
+          - gocyclo
+          - gosec
+          - staticcheck
+          - unparam
+        path: _test\.go
+      - linters:
+          - dupl
+          - errcheck
+          - gocyclo
+          - gosec
+        path: models/migrations/v
+      - linters:
+          - forbidigo
+        path: cmd
+      - linters:
+          - dupl
+        text: (?i)webhook
+      - linters:
+          - gocritic
+        text: (?i)`ID' should not be capitalized
+      - linters:
+          - deadcode
+          - unused
+        text: (?i)swagger
+      - linters:
+          - staticcheck
+        text: (?i)argument x is overwritten before first use
+      - linters:
+          - gocritic
+        text: '(?i)commentFormatting: put a space between `//` and comment text'
+      - linters:
+          - gocritic
+        text: '(?i)exitAfterDefer:'
+    paths:
+      - node_modules
+      - public
+      - web_src
+      - third_party$
+      - builtin$
+      - examples$
 issues:
   max-issues-per-linter: 0
   max-same-issues: 0
-  exclude-dirs: [node_modules, public, web_src]
-  exclude-case-sensitive: true
-  exclude-rules:
-    - path: _test\.go
-      linters:
-        - gocyclo
-        - errcheck
-        - dupl
-        - gosec
-        - unparam
-        - staticcheck
-    - path: models/migrations/v
-      linters:
-        - gocyclo
-        - errcheck
-        - dupl
-        - gosec
-    - path: cmd
-      linters:
-        - forbidigo
-    - text: "webhook"
-      linters:
-        - dupl
-    - text: "`ID' should not be capitalized"
-      linters:
-        - gocritic
-    - text: "swagger"
-      linters:
-        - unused
-        - deadcode
-    - text: "argument x is overwritten before first use"
-      linters:
-        - staticcheck
-    - text: "commentFormatting: put a space between `//` and comment text"
-      linters:
-        - gocritic
-    - text: "exitAfterDefer:"
-      linters:
-        - gocritic
+formatters:
+  enable:
+    - gofmt
+    - gofumpt
+  settings:
+    gofumpt:
+      extra-rules: true
+  exclusions:
+    generated: lax
+    paths:
+      - node_modules
+      - public
+      - web_src
+      - third_party$
+      - builtin$
+      - examples$
+
+run:
+  timeout: 10m
diff --git a/.ignore b/.ignore
index 5b96dabd38..29912ad5c3 100644
--- a/.ignore
+++ b/.ignore
@@ -1,9 +1,6 @@
 *.min.css
 *.min.js
 /assets/*.json
-/modules/options/bindata.go
-/modules/public/bindata.go
-/modules/templates/bindata.go
 /options/gitignore
 /options/license
 /public/assets
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7541bccb2a..b72ac4849a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,451 @@ This changelog goes through the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.com).
 
+## [1.24.0](https://github.com/go-gitea/gitea/releases/tag/1.24.0) - 2025-05-26
+
+* BREAKING
+  * Make Gitea always use its internal config, ignore `/etc/gitconfig` (#33076)
+  * Improve log format (#33814)
+  * Fix markdown render behaviors (#34122)
+  * Add package version api endpoints (#34173)
+
+* FEATURES
+  * Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187)
+  * Add fullscreen mode as a more efficient operation way to view projects (#34081)
+  * Add anonymous access support for private/unlisted repositories (#34051)
+  * Support public code/issue access for private repositories (#33127)
+  * Add middleware for request prioritization (#33951)
+  * Add cli flags LDAP group configuration (#33933)
+  * Add file tree to file view page (#32721)
+  * Add material icons for file list (#33837)
+  * Artifacts download api for artifact actions v4 (#33510)
+  * Support choose email when creating a commit via web UI (#33432)
+  * Add basic auth support to rss/atom feeds (#33371)
+  * Add sorting by exclusive labels (issue priority) (#33206)
+  * Add sub issue list support (#32940)
+  * Private README.md for organization (#32872)
+  * Email option to embed images as base64 instead of link (#32061)
+  * Option to delay conflict checking of old pull requests until page view (#27779)
+  * Worktime tracking for the organization level (#19808)
+
+* PERFORMANCE
+  * Add cache for common package queries (#22491)
+  * Move issue pin to an standalone table for querying performance (#33452)
+  * Improve commits list performance to reduce unnecessary database queries (#33528)
+  * Optimize total count of feed when loading activities in user dashboard. (#33841)
+  * Optimize heatmap query (#33853)
+  * Only use prev and next buttons for pagination on user dashboard (#33981)
+  * Improve pull request list API performance (#34052)
+  * Cache GPG keys, emails and users when list commits (#34086)
+  * Refactor Git Attribute & performance optimization (#34154)
+  * Performance optimization for tags synchronization (#34355) #34522
+
+* ENHANCEMENTS
+  * Code
+    * Display when a release attachment was uploaded (#34261)
+    * Support creating relative link to raw path in markdown (#34105)
+    * Improve code block readability and isolate copy button (#34009)
+    * Improve repository commit view (#33877)
+    * Full-file syntax highlighting for diff pages (#33766)
+    * Clone repository with Tea CLI (#33725)
+    * Improve sync fork behavior (#33319)
+    * Make git clone URL could use current signed-in user (#33091)
+    * Add submodule diff links (#33097)
+    * Link to tree views of submodules if possible (#33424)
+    * Only keep popular licenses (#33832)
+    * De-emphasize signed commits (#31160)
+
+  * Actions
+    * Add flat-square action badge style (#34062)
+    * Update action status badge layout (#34018)
+    * Download actions job logs from API (#33858)
+    * Always show the "rerun" button for action jobs (#33692)
+    * Add auto-expanding running actions step (#30058)
+    * Update status check for all supported on.pull_request.types in Gitea (#33117)
+    * Workflow_dispatch use workflow from trigger branch (#33098)
+    * Add action auto-scroll (#30057)
+    * Add workflow_job webhook (#33694)
+    * Add a button editing action secret (#34462)
+
+  * Pull Request
+    * Auto expand "New PR" form (#33971)
+    * Mark parent directory as viewed when all files are viewed (#33958)
+    * Show info about maintainers are allowed to edit a PR (#33738)
+    * Automerge supports deleting branch automatically after merging (#32343)
+    * Add additional command hints for PowerShell & CMD (#33548)
+
+  * Issues
+    * Allow filtering issues by any assignee (#33343)
+    * Show warning on navigation if currently editing comment or title (#32920)
+    * Make tracked time representation display as hours (#33315)
+    * Add No Results Prompt Message on Issue List Page (#33699)
+    * Add sort option recentclose for issues and pulls (#34525) #34539
+
+  * Packages
+    * Link to nuget dependencies (#26554)
+    * Add composor source field (#33502)
+
+  * Administration
+    * Improve navbar: add "admin" tip, add "active" style (#32927)
+    * Add a option "--user-type bot" to admin user create, improve role display (#27885)
+    * Improve admin user view page (#33735)
+    * Support performance trace (#32973)
+    * Change pprof labels to be prometheus compatible (#32865)
+    * Allow admins and org owners to change org member public status (#28294)
+    * Optimize the installation page (#32994)
+    * Make public URL generation configurable (#34250)
+    * Add a --fullname arg to gitea admin user create. (#34241)
+
+  * Others
+    * Improve oauth2 error handling (#33969)
+    * Fail mirroring more gracefully (#34002)
+    * Align User Details Page Header Layout with Design Specifications (#34192)
+    * Webhook add X-Gitea-Hook-Installation-Target-Type Header (#33752)
+    * Optimize the dashboard (#32990)
+    * Improve button layout on small screens (#33633)
+    * Add cropping support when modifying the user/org/repo avatar (#33498)
+    * Make ROOT_URL support using request Host header (#32564)
+    * Add `show more` organizations icon in user's profile (#32986)
+    * Introduce `--page-space-bottom` at 64px (#30692)
+    * Improve theme display (#30671)
+    * Add alphabetical project sorting (#33504)
+    * Add global lock for migrations to make upgrade more safe with multiple replications (#33706)
+    * Add descriptions for private repo public access settings and improve the UI (#34057)
+
+* API
+  * Actions Runner rest api (#33873)
+  * Inclusion of rename organization api (#33303)
+  * Add API to support link package to repository and unlink it (#33481)
+  * Add API endpoint to request contents of multiple files simultaniously (#34139)
+  * Actions artifacts API list/download check status upload confirmed (#34273)
+  * Add API routes to lock and unlock issues (#34165)
+  * Fix some user name usages (#33689)
+  * Allow filtering /repos/{owner}/{repo}/pulls by target base branch queryparam (#33684)
+  * Improve swagger generation (#33664)
+  * Support Ephemeral action runners (#33570)
+  * Support workflow event dispatch via API (#33545)
+  * Support workflow event dispatch via API (#32059)
+  * Added Description Field for Secrets and Variables  (#33526)
+  * Reject star-related requests if stars are disabled (#33208)
+  * Let API create and edit system webhooks, attempt 2 (#33180)
+  * Use `Project-URL` metadata field to get a PyPI package's homepage URL (#33089)
+  * Add `last_committer_date` and `last_author_date` for file contents API (#32921)
+
+* REFACTORS
+  * Remove context from git struct (#33793)
+  * Refactor admin/common.ts (#33788)
+  * Refactor repo-settings.ts (#33785)
+  * Refactor repo-issue.ts (#33784)
+  * Small refactor to reduce unnecessary database queries and remove duplicated functions (#33779)
+  * Refactor initRepoBranchTagSelector to use new init framework (#33776)
+  * Refactor buttons to use new init framework (#33774)
+  * Refactor markup and pdf-viewer to use new init framework (#33772)
+  * Refactor error system (#33771)
+  * Refactor mail code (#33768)
+  * Update TypeScript types (#33799)
+  * Refactor older tests to use testify (#33140)
+  * Move notifywatch to service layer (#33825)
+  * Decouple context from repository related structs (#33823)
+  * Remove context from mail struct (#33811)
+  * Refactor dropdown ellipsis (#34123)
+  * Refactor functions to reduce repopath expose (#33892)
+  * Refactor repo-diff.ts (#33746)
+  * Refactor web route handler (#33488)
+  * Refactor user & avatar (#33433)
+  * Refactor user package (#33423)
+  * Refactor decouple context from migration structs (#33399)
+  * Refactor context flash msg and global variables (#33375)
+  * Refactor response writer & access logger (#33323)
+  * Refactor ref type (#33242)
+  * Refactor context repository (#33202)
+  * Refactor legacy JS (#33115)
+  * Refactor legacy line-number and scroll code (#33094)
+  * Refactor env var related code (#33075)
+  * Move SetMerged to service layer (#33045)
+  * Merge updatecommentattachment functions (#33044)
+  * Refactor pull-request compare&create page (#33071)
+  * Refactor repo-new.ts (#33070)
+  * Refactor pagination (#33037)
+  * Refactor tests (#33021)
+  * Refactor markup render to fix various path problems (#34114)
+  * Refactor Branch struct in package modules/git (#33980)
+  * Don't create duplicated functions for code repositories and wiki repositories (#33924)
+  * Move git references checking to gitrepo packages to reduce expose of repository path (#33891)
+  * Refactor cache-control (#33861)
+  * Decouple diff stats query from actual diffing (#33810)
+  * Move part of updating protected branch logic to service layer (#33742)
+  * Decouple Batch from git.Repository to simplify usage without requiring the creation of a Repository struct. (#34001)
+  * Refactor tmpl and blob_excerpt (#32967)
+  * Refactor template & test related code (#32938)
+  * Refactor db package and remove unnecessary `DumpTables` (#32930)
+  * Refactor pprof labels and process desc (#32909)
+  * Refactor repo-projects.ts (#32892)
+  * Refactor getpatch/getdiff functions and remove unnecessary fallback (#32817)
+  * Uniform all temporary directories and allow customizing temp path (#32352)
+  * Remove context from retry downloader (#33871)
+  * Refactor global init code and add more comments (#33755)
+  * Remove some unnecessary template helpers (#33069)
+  * Move and rename UpdateRepository (#34136)
+  * Move hooks function to gitrepo and reduce expose repopath (#33890)
+  * Add abstraction layer to delete repository from disk (#33879)
+  * Add abstraction layer to check if the repository exists on disk (#33874)
+  * Move ParseCommitWithSSHSignature to service layer (#34087)
+  * Move duplicated functions (#33977)
+  * Extract code to their own functions for push update (#33944)
+  * Move gitgraph from modules to services layer (#33527)
+  * Move commits signature and verify functions to service layers (#33605)
+  * Use `CloseIssue` and `ReopenIssue` instead of `ChangeStatus` (#32467)
+  * Refactor arch route handlers (#32993)
+  * Refactor "string truncate" (#32984)
+  * Refactor arch route handlers (#32972)
+  * Clarify path param naming (#32969)
+  * Refactor request context (#32956)
+  * Move some errors to their own sub packages (#32880)
+  * Move RepoTransfer from models to models/repo sub package (#32506)
+  * Move delete deploy keys into service layer (#32201)
+  * Refactor webhook events (#33337)
+  * Move some Actions related functions from `routers` to `services` (#33280)
+  * Refactor RefName (#33234)
+  * Refactor context RefName and RepoAssignment (#33226)
+  * Refactor repository transfer (#33211)
+  * Refactor error system (#33626)
+  * Refactor error system (#33610)
+  * Refactor package (routes and error handling, npm peer dependency) (#33111)
+  * Use test context in tests and new loop system in benchmarks (#33648)
+  * Some small refactors (#33144)
+  * Simplify context ref name (#33267)
+
+* BUGFIXES
+  * Fix some dropdown problems on the issue sidebar (#34308) #34327
+  * Do not return archive download URLs in API if downloads are disabled (#34324) #34338
+  * Fix LFS files being editable in web UI (#34356) #34362
+  * Fix only text/* being viewable in web UI (#34374) #34378
+  * Fix LFS file not stored in LFS when uploaded/edited via API or web UI (#34367)
+  * Grey out expired artifact on Artifacts list (#34314) #34404
+  * Fix incorrect divergence cache after switching default branch (#34370) #34406
+  * Refactor commit message rendering and fix bugs (#34412) #34414
+  * Merge and tweak markup editor expander CSS (#34409) #34415
+  * Fix GetUsersByEmails (#34423) #34425
+  * Only git operations should update last changed of a repository (#34388) #34427
+  * Fix comment textarea scroll issue in Firefox (#34438) #34446
+  * Fix repo broken check (#34444) #34452
+  * Fix remove org user failure on mssql (#34449) #34453
+  * Fix Workflow run Not Found page (#34459) #34466
+  * When updating comment, if the content is the same, just return and not update the database (#34422) #34464
+  * Fix project board view (#34470) #34475
+  * Fix get / delete runner to use consistent http 404 and 500 status (#34480) #34488
+  * Fix url validation in webhook add/edit API (#34492) #34496
+  * Fix edithook api can not update package, status and workflow_job events (#34495) #34499
+  * Fix ephemeral runner deletion (#34447) #34513
+  * Don't display error log when .git-blame-ignore-revs doesn't exist (#34457)
+  * Only allow admins to rename default/protected branches (#33276)
+  * Improve "lock conversation" UI (#34207)
+  * Fix incorrect file links (#34189)
+  * Optimize Overflow Menu (#34183)
+  * Check user/org repo limit instead of doer (#34147)
+  * Make markdown render match GitHub's behavior (#34129)
+  * Fix team permission (#34128)
+  * Correctly handle submodule view and avoid throwing 500 error (#34121)
+  * Fix users being able bypass limits with repo transfers (#34031)
+  * Avoid creating unnecessary temporary cat file sub process (#33942)
+  * Refactor organization menu (#33928)
+  * Fix various Fomantic UI and htmx problems (#33851)
+  * Fix 500 error when error occurred in migration page (#33256)
+  * Validate that the tag doesn't exist when creating a tag via the web (#33241)
+  * Add missed transaction on setmerged (#33079)
+  * Rework create/fork/adopt/generate repository to make sure resources will be cleanup once failed (#31035)
+  * Valid email address should only start with alphanumeric (#28174)
+  * Fix webhook url (#34186)
+  * Fix "toAbsoluteLocaleDate" test when system locale is not en-US (#33939)
+  * Fix file name could not be searched if the file was not a text file when using the Bleve indexer (#33959)
+  * Fix cannot delete runners via the modal dialog (#33895)
+  * Fix unpin hint on the pinned pull requests (#33207)
+  * Fix parentCommit invalid memory address or nil pointer dereference. (#33204)
+  * Fix comment header padding (#33377)
+  * Fix some migration and repo name problems (#33986)
+  * Fix various trivial frontend problems (#34263)
+  * Fix Set Email Preference dropdown and button placement (#34255)
+  * Fix quoted replies incorrectly render user input as part of the quote (#34216)
+  * Fix button alignments and remove unnecessary styles (#34206)
+  * Restore form inputs on organization create error (#34201)
+  * Try to fix ACME (3rd) (#33807)
+  * Fix incorrect ref "blob" (#33240)
+  * Fix dynamic content loading init problem (#33748)
+  * Fix git empty check and HEAD request (#33690)
+  * Fix Untranslated Text on Actions Page (#33635)
+  * Fix issue label delete incorrect labels webhook payload (#34575)
+  * Fix incorrect page navigation with up and down arrow on last item of dashboard repos (#34570)
+  * Fix/improve avatar sync from LDAP (#34573)
+  * Fix some trivial problems (#34579)
+  * Retain issue sort type when a keyword search is introduced (#34559)
+  * Always use an empty line to separate the commit message and trailer (#34512)
+  * Fix line-button issue after file selection in file tree (#34574)
+  * Fix doctor deleting orphaned issues attachments (#34142)
+  * Add webhook assigning test and fix possible bug (#34420)
+  * Fix possible nil description of pull request when migrating from CodeCommit (#34541)
+  * Refactor commit reader (#34542)
+  * Fix possible pull request broken when leave the page immediately after clicking the update button #34509
+  * Ignore "Close" error when uploading container blob (#34620)
+  * Fix missed merge commit sha and time when migrating from codecommit (#34645)
+  * Fix GetUsersByEmails (#34643)
+  * Misc CSS fixes (#34638)
+  * Add codecommit to supported services in api docs (#34626)
+  * Validate hex colors when creating/editing labels (#34623)
+  * Fix possible pull request broken when leave the page immediately after clicking the update button (#34509)
+  * Fix margin issue in markup paragraph rendering (#34599)
+  * Fix migration pull request title too long (#34577)
+  * Fix footnote jump behavior on the issue page. (#34621)
+  * Fix "oras" OCI client compatibility (#34666)
+  * Fix last admin check when syncing users (#34649)
+  * Fix skip paths check on tag push events in workflows (#34602) #34670
+
+* MISC
+
+  * Bump to alpine 3.22 (#34613)
+  * Make pull request and issue history more compact (#34588)
+  * Run integration tests against postgres 14 (#34514) #34536
+  * Enable addtional linters (#34085)
+  * Enable testifylint rules (#34075)
+  * Enable staticcheck QFxxxx rules (#34064)
+  * Improve Actions test (#32883)
+  * Drop fomantic build (#33845)
+  * Go1.24 (#33562)
+  * Run yamllint with strict mode, fix issue (#33551)
+  * Disable cron task to update license (#33486)
+  * Optimize makefile help information generation (#33390)
+  * Convert github.com/xanzy/go-gitlab into gitlab.com/gitlab-org/api/client-go (#33126)
+  * Add missed changelogs (#33649)
+  * Update .changelog file to add performance label group (#33472)
+  * Add missing POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES in app.example.ini (#33363)
+  * Update README screenshots (#33347)
+  * Update unrs-resolver (#34279)
+  * Update go&js dependencies (#34262)
+  * Optimize the calling code of queryElems (#34235)
+  * Update protected_branch.tmpl (#34193)
+  * Feat/optimize span svg layout (#34185)
+  * Set MERMAID_MAX_SOURCE_CHARACTERS to 50000 (#34152)
+  * Update JS and PY deps (#34143)
+  * Add Chinese translations for README files (#34132)
+  * Use `overflow-wrap: anywhere` to replace `word-break: break-all` (#34126)
+  * Clarify ownership in password change error messages (#34092)
+  * Add toggleClass function in dom.ts (#34063)
+  * Update to golangci-lint v2 (#34054)
+  * Update Makefile test comments (#34013)
+  * Update go mod dependencies (#33988)
+  * Use filepath.Join instead of path.Join for file system file operations (#33978)
+  * Prepare common tmpl functions in a middleware (#33957)
+  * Remove unused or abused styles (#33918)
+  * Update JS and PY deps, misc tweaks (#33903)
+  * Try to figure out attribute checker problem (#33901)
+  * Add lock for a repository pull mirror (#33876)
+  * Fine tune push mirror UI (#33866)
+  * Improve issue & code search (#33860)
+  * Use pullrequestlist instead of []*pullrequest (#33765)
+  * Upgrade act to 0.261.4 and actions-proto-go to v0.4.1 (#33760)
+  * Align sidebar gears to the right (#33721)
+  * Update Go dependencies (skip blevesearch, meilisearch) (#33655)
+  * Add migrations and doctor fixes (#33556)
+  * Remove "class-name" from svg icon (#33540)
+  * Update MAINTAINERS (#33529)
+  * Add "No data available" display when list is empty (#33517)
+  * Use `git diff-tree` for `DiffFileTree` on diff pages (#33514)
+  * Give organisation members access to organisation feeds (#33508)
+  * Update feishu icon (#33470)
+  * Hide/disable unusable UI elements when a repository is archived (#33459)
+  * Update `@github/text-expander-element` to 2.9.0 (#33435)
+  * Do not access GitRepo when a repo is being created (#33380)
+  * Fix incorrect ref usages (#33301)
+  * Prepare for support performance trace (#33286)
+  * Enable Typescript `noImplicitThis` (#33250)
+  * Remove unused CSS styles and move some styles to proper files (#33217)
+  * Add .run to gitignore (#33175)
+  * Fix typo in gitea downloader test and add missing codebase in `ToGitServiceType` (#33146)
+  * Remove extended glob pattern from branch protection UI (#33125)
+  * Clean up legacy form CSS styles (#33081)
+  * Unset XDG_HOME_CONFIG as gitea manages configuration locations (#33067)
+  * Add IntelliJ Gateway's .uuid to gitignore (#33052)
+  * User facing messages for AGit errors (#33012)
+  * Always show assignees on right (#33006)
+  * Fix eslint (#33002)
+  * Update JS dependencies (#32914)
+  * Bump x/net (#32896) (#32900)
+  * Only activity tab needs heatmap data loading (#34652)
+
+## [1.23.8](https://github.com/go-gitea/gitea/releases/tag/1.23.8) - 2025-05-11
+
+* SECURITY
+  * Fix a bug when uploading file via lfs ssh command (#34408) (#34411)
+  * Update net package (#34228) (#34232)
+* BUGFIXES
+  * Fix releases sidebar navigation link (#34436) #34439
+  * Fix bug webhook milestone is not right. (#34419) #34429
+  * Fix two missed null value checks on the wiki page. (#34205) (#34215)
+  * Swift files can be passed either as file or as form value (#34068) (#34236)
+  * Fix bug when API get pull changed files for deleted head repository (#34333) (#34368)
+  * Upgrade github v61 -> v71 to fix migrating bug (#34389)
+  * Fix bug when visiting comparation page (#34334) (#34364)
+  * Fix wrong review requests when updating the pull request (#34286) (#34304)
+  * Fix github migration error when using multiple tokens (#34144) (#34302)
+  * Explicitly not update indexes when sync database schemas (#34281) (#34295)
+  * Fix panic when comment is nil (#34257) (#34277)
+  * Fix project board links to related Pull Requests (#34213) (#34222)
+  * Don't assume the default wiki branch is master in the wiki API (#34244) (#34245)
+* DOCUMENTATION
+  * Update token creation API swagger documentation (#34288) (#34296)
+* MISC
+  * Fix CI Build (#34315)
+  * Add riscv64 support (#34199) (#34204)
+  * Bump go version in go.mod (#34160)
+  * remove hardcoded 'code' string in clone_panel.tmpl (#34153) (#34158)
+
+## [1.23.7](https://github.com/go-gitea/gitea/releases/tag/1.23.7) - 2025-04-07
+
+* Enhancements
+  * Add a config option to block "expensive" pages for anonymous users (#34024) (#34071)
+  * Also check default ssh-cert location for host (#34099) (#34100) (#34116)
+* BUGFIXES
+  * Fix discord webhook 400 status code when description limit is exceeded (#34084) (#34124)
+  * Get changed files based on merge base when checking `pull_request` actions trigger (#34106) (#34120)
+  * Fix invalid version in RPM package path (#34112) (#34115)
+  * Return default avatar url when user id is zero rather than updating database (#34094) (#34095)
+  * Add additional ReplaceAll in pathsep to cater for different pathsep (#34061) (#34070)
+  * Try to fix check-attr bug (#34029) (#34033)
+  * Git client will follow 301 but 307 (#34005) (#34010)
+  * Fix block expensive for 1.23 (#34127)
+  * Fix markdown frontmatter rendering (#34102) (#34107)
+  * Add new CLI flags to set name and scopes when creating a user with access token (#34080) (#34103)
+  * Do not show 500 error when default branch doesn't exist (#34096) (#34097)
+  * Hide activity contributors, recent commits and code frequrency left tabs if there is no code permission (#34053) (#34065)
+  * Simplify emoji rendering (#34048) (#34049)
+  * Adjust the layout of the toolbar on the Issues/Projects page (#33667) (#34047)
+  * Pull request updates will also trigger code owners review requests (#33744) (#34045)
+  * Fix org repo creation being limited by user limits (#34030) (#34044)
+  * Fix git client accessing renamed repo (#34034) (#34043)
+  * Fix the issue with error message logging for the `check-attr` command on Windows OS. (#34035) (#34036)
+  * Polyfill WeakRef (#34025) (#34028)
+
+## [1.23.6](https://github.com/go-gitea/gitea/releases/tag/v1.23.6) - 2025-03-24
+
+* SECURITY
+  * Fix LFS URL (#33840) (#33843)
+  * Update jwt and redis packages (#33984) (#33987)
+  * Update golang crypto and net (#33989)
+* BUGFIXES
+  * Drop timeout for requests made to the internal hook api (#33947) (#33970)
+  * Fix maven panic when no package exists (#33888) (#33889)
+  * Fix markdown render (#33870) (#33875)
+  * Fix auto concurrency cancellation skips commit status updates (#33764) (#33849)
+  * Fix oauth2 auth (#33961) (#33962)
+  * Fix incorrect 1.23 translations (#33932)
+  * Try to figure out attribute checker problem (#33901) (#33902)
+  * Ignore trivial errors when updating push data (#33864) (#33887)
+  * Fix some UI problems for 1.23 (#33856)
+  * Removing unwanted ui container (#33833) (#33835)
+  * Support disable passkey auth (#33348) (#33819)
+  * Do not call "git diff" when listing PRs (#33817)
+  * Try to fix ACME (3rd) (#33807) (#33808)
+  * Fix incorrect code search indexer options (#33992) #33999
+
 ## [1.23.5](https://github.com/go-gitea/gitea/releases/tag/v1.23.5) - 2025-03-04
 
 * SECURITY
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index 979831eb9b..6a7126388e 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -30,7 +30,7 @@ These are the values to which people in the Gitea community should aspire.
 - **Be constructive.**
   - Avoid derailing: stay on topic; if you want to talk about something else, start a new conversation.
   - Avoid unconstructive criticism: don't merely decry the current state of affairs; offer—or at least solicit—suggestions as to how things may be improved.
-  - Avoid snarking (pithy, unproductive, sniping comments)
+  - Avoid snarking (pithy, unproductive, sniping comments).
   - Avoid discussing potentially offensive or sensitive issues; this all too often leads to unnecessary conflict.
   - Avoid microaggressions (brief and commonplace verbal, behavioral and environmental indignities that communicate hostile, derogatory or negative slights and insults to a person or group).
 - **Be responsible.**
@@ -42,7 +42,7 @@ People are complicated. You should expect to be misunderstood and to misundersta
 
 ### Our Pledge
 
-In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
 
 ### Our Standards
 
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 11c99d1e3a..96e05c578f 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -591,7 +591,7 @@ be reviewed by two maintainers and must pass the automatic tests.
 ## Releasing Gitea
 
 - Let $vmaj, $vmin and $vpat be Major, Minor and Patch version numbers, $vpat should be rc1, rc2, 0, 1, ...... $vmaj.$vmin will be kept the same as milestones on github or gitea in future.
-- Before releasing, confirm all the version's milestone issues or PRs has been resolved. Then discuss the release on Discord channel #maintainers and get agreed with almost all the owners and mergers. Or you can declare the version and if nobody against in about serval hours.
+- Before releasing, confirm all the version's milestone issues or PRs has been resolved. Then discuss the release on Discord channel #maintainers and get agreed with almost all the owners and mergers. Or you can declare the version and if nobody is against it in about several hours.
 - If this is a big version first you have to create PR for changelog on branch `main` with PRs with label `changelog` and after it has been merged do following steps:
   - Create `-dev` tag as `git tag -s -F release.notes v$vmaj.$vmin.0-dev` and push the tag as `git push origin v$vmaj.$vmin.0-dev`.
   - When CI has finished building tag then you have to create a new branch named `release/v$vmaj.$vmin`
diff --git a/Dockerfile b/Dockerfile
index fa2ae9913c..f852cf4235 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # Build stage
-FROM docker.io/library/golang:1.24-alpine3.21 AS build-env
+FROM docker.io/library/golang:1.24-alpine3.22 AS build-env
 
 ARG GOPROXY
 ENV GOPROXY=${GOPROXY:-direct}
@@ -39,9 +39,8 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
               /tmp/local/etc/s6/.s6-svscan/* \
               /go/src/code.gitea.io/gitea/gitea \
               /go/src/code.gitea.io/gitea/environment-to-ini
-RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
 
-FROM docker.io/library/alpine:3.21
+FROM docker.io/library/alpine:3.22
 LABEL maintainer="maintainers@gitea.io"
 
 EXPOSE 22 3000
@@ -83,4 +82,3 @@ CMD ["/usr/bin/s6-svscan", "/etc/s6"]
 COPY --from=build-env /tmp/local /
 COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
 COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index b74dfa58e0..f955edc667 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -1,5 +1,5 @@
 # Build stage
-FROM docker.io/library/golang:1.24-alpine3.21 AS build-env
+FROM docker.io/library/golang:1.24-alpine3.22 AS build-env
 
 ARG GOPROXY
 ENV GOPROXY=${GOPROXY:-direct}
@@ -37,9 +37,8 @@ RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
               /tmp/local/usr/local/bin/gitea \
               /go/src/code.gitea.io/gitea/gitea \
               /go/src/code.gitea.io/gitea/environment-to-ini
-RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
 
-FROM docker.io/library/alpine:3.21
+FROM docker.io/library/alpine:3.22
 LABEL maintainer="maintainers@gitea.io"
 
 EXPOSE 2222 3000
@@ -52,6 +51,7 @@ RUN apk --no-cache add \
     git \
     curl \
     gnupg \
+    openssh-keygen \
     && rm -rf /var/cache/apk/*
 
 RUN addgroup \
@@ -71,7 +71,6 @@ RUN chown git:git /var/lib/gitea /etc/gitea
 COPY --from=build-env /tmp/local /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
 
 # git:git
 USER 1000:1000
diff --git a/MAINTAINERS b/MAINTAINERS
index 7d21f449fe..63da471f9b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -36,9 +36,7 @@ a1012112796 <1012112796@qq.com> (@a1012112796)
 Karl Heinz Marbaise <kama@soebes.de> (@khmarbaise)
 Norwin Roosen <git@nroo.de> (@noerw)
 Kyle Dumont <kdumontnu@gmail.com> (@kdumontnu)
-Patrick Schratz <patrick.schratz@gmail.com> (@pat-s)
 Janis Estelmann <admin@oldschoolhack.me> (@KN4CK3R)
-Steven Kriegler <sk.bunsenbrenner@gmail.com> (@justusbunsi)
 Jimmy Praet <jimmy.praet@telenet.be> (@jpraet)
 Leon Hofmeister <dev.lh@web.de> (@delvh)
 Wim <wim@42.be> (@42wim)
@@ -64,3 +62,4 @@ Rowan Bohde <rowan.bohde@gmail.com> (@bohde)
 hiifong <i@hiif.ong> (@hiifong)
 metiftikci <metiftikci@hotmail.com> (@metiftikci)
 Christopher Homberger <christopher.homberger@web.de> (@ChristopherHX)
+Tobias Balle-Petersen <tobiasbp@gmail.com> (@tobiasbp)
diff --git a/Makefile b/Makefile
index 9933a6ff8d..53671e9927 100644
--- a/Makefile
+++ b/Makefile
@@ -26,17 +26,18 @@ COMMA := ,
 XGO_VERSION := go-1.24.x
 
 AIR_PACKAGE ?= github.com/air-verse/air@v1
-EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3.2.1
-GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.7.0
-GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.64.7
+EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3
+GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.8.0
+GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.1.6
 GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.12
-MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.6.0
-SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0
+MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.7.0
+SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.32.3
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
 GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1
 GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1
 ACTIONLINT_PACKAGE ?= github.com/rhysd/actionlint/cmd/actionlint@v1
-GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.17.1
+GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.20.0
+GOPLS_MODERNIZE_PACKAGE ?= golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize@v0.20.0
 
 DOCKER_IMAGE ?= gitea/gitea
 DOCKER_TAG ?= latest
@@ -47,6 +48,17 @@ ifeq ($(HAS_GO), yes)
 	CGO_CFLAGS ?= $(shell $(GO) env CGO_CFLAGS) $(CGO_EXTRA_CFLAGS)
 endif
 
+CGO_ENABLED ?= 0
+ifneq (,$(findstring sqlite,$(TAGS))$(findstring pam,$(TAGS)))
+	CGO_ENABLED = 1
+endif
+
+STATIC ?=
+EXTLDFLAGS ?=
+ifneq ($(STATIC),)
+	EXTLDFLAGS = -extldflags "-static"
+endif
+
 ifeq ($(GOOS),windows)
 	IS_WINDOWS := yes
 else ifeq ($(patsubst Windows%,Windows,$(OS)),Windows)
@@ -80,7 +92,6 @@ ifeq ($(RACE_ENABLED),true)
 endif
 
 STORED_VERSION_FILE := VERSION
-HUGO_VERSION ?= 0.111.3
 
 GITHUB_REF_TYPE ?= branch
 GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
@@ -110,7 +121,7 @@ endif
 
 LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
 
-LINUX_ARCHS ?= linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64
+LINUX_ARCHS ?= linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64,linux/riscv64
 
 GO_TEST_PACKAGES ?= $(filter-out $(shell $(GO) list code.gitea.io/gitea/models/migrations/...) code.gitea.io/gitea/tests/integration/migration-test code.gitea.io/gitea/tests code.gitea.io/gitea/tests/integration code.gitea.io/gitea/tests/e2e,$(shell $(GO) list ./... | grep -v /vendor/))
 MIGRATE_TEST_PACKAGES ?= $(shell $(GO) list code.gitea.io/gitea/models/migrations/...)
@@ -120,8 +131,7 @@ WEBPACK_CONFIGS := webpack.config.js tailwind.config.js
 WEBPACK_DEST := public/assets/js/index.js public/assets/css/index.css
 WEBPACK_DEST_ENTRIES := public/assets/js public/assets/css public/assets/fonts
 
-BINDATA_DEST := modules/public/bindata.go modules/options/bindata.go modules/templates/bindata.go
-BINDATA_HASH := $(addsuffix .hash,$(BINDATA_DEST))
+BINDATA_DEST_WILDCARD := modules/migration/bindata.* modules/public/bindata.* modules/options/bindata.* modules/templates/bindata.*
 
 GENERATED_GO_DEST := modules/charset/invisible_gen.go modules/charset/ambiguous_gen.go
 
@@ -149,14 +159,8 @@ SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) templates options/locale/locale_en-US
 EDITORCONFIG_FILES := templates .github/workflows options/locale/locale_en-US.ini
 
 GO_SOURCES := $(wildcard *.go)
-GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go" ! -path modules/options/bindata.go ! -path modules/public/bindata.go ! -path modules/templates/bindata.go)
+GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go")
 GO_SOURCES += $(GENERATED_GO_DEST)
-GO_SOURCES_NO_BINDATA := $(GO_SOURCES)
-
-ifeq ($(filter $(TAGS_SPLIT),bindata),bindata)
-	GO_SOURCES += $(BINDATA_DEST)
-	GENERATED_GO_DEST += $(BINDATA_DEST)
-endif
 
 # Force installation of playwright dependencies by setting this flag
 ifdef DEPS_PLAYWRIGHT
@@ -226,7 +230,7 @@ clean-all: clean ## delete backend, frontend and integration files
 
 .PHONY: clean
 clean: ## delete backend and integration files
-	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA_DEST) $(BINDATA_HASH) \
+	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA_DEST_WILDCARD) \
 		integrations*.test \
 		e2e*.test \
 		tests/integration/gitea-integration-* \
@@ -237,7 +241,7 @@ clean: ## delete backend and integration files
 		tests/e2e/reports/ tests/e2e/test-artifacts/ tests/e2e/test-snapshots/
 
 .PHONY: fmt
-fmt: ## format the Go code
+fmt: ## format the Go and template code
 	@GOFUMPT_PACKAGE=$(GOFUMPT_PACKAGE) $(GO) run build/code-batch-process.go gitea-fmt -w '{file-list}'
 	$(eval TEMPLATES := $(shell find templates -type f -name '*.tmpl'))
 	@# strip whitespace after '{{' or '(' and before '}}' or ')' unless there is only
@@ -256,6 +260,19 @@ fmt-check: fmt
 	  exit 1; \
 	fi
 
+.PHONY: fix
+fix: ## apply automated fixes to Go code
+	$(GO) run $(GOPLS_MODERNIZE_PACKAGE) -fix ./...
+
+.PHONY: fix-check
+fix-check: fix
+	@diff=$$(git diff --color=always $(GO_SOURCES)); \
+	if [ -n "$$diff" ]; then \
+	  echo "Please run 'make fix' and commit the result:"; \
+	  printf "%s" "$${diff}"; \
+	  exit 1; \
+	fi
+
 .PHONY: $(TAGS_EVIDENCE)
 $(TAGS_EVIDENCE):
 	@mkdir -p $(MAKE_EVIDENCE_DIR)
@@ -268,7 +285,7 @@ endif
 .PHONY: generate-swagger
 generate-swagger: $(SWAGGER_SPEC) ## generate the swagger spec from code comments
 
-$(SWAGGER_SPEC): $(GO_SOURCES_NO_BINDATA) $(SWAGGER_SPEC_INPUT)
+$(SWAGGER_SPEC): $(GO_SOURCES) $(SWAGGER_SPEC_INPUT)
 	$(GO) run $(SWAGGER_PACKAGE) generate spec --exclude "$(SWAGGER_EXCLUDE)" --input "$(SWAGGER_SPEC_INPUT)" --output './$(SWAGGER_SPEC)'
 
 .PHONY: swagger-check
@@ -295,7 +312,7 @@ checks: checks-frontend checks-backend ## run various consistency checks
 checks-frontend: lockfile-check svg-check ## check frontend files
 
 .PHONY: checks-backend
-checks-backend: tidy-check swagger-check fmt-check swagger-validate security-check ## check backend files
+checks-backend: tidy-check swagger-check fmt-check fix-check swagger-validate security-check ## check backend files
 
 .PHONY: lint
 lint: lint-frontend lint-backend lint-spell ## lint everything
@@ -373,7 +390,7 @@ lint-go-gitea-vet: ## lint go files with gitea-vet
 .PHONY: lint-go-gopls
 lint-go-gopls: ## lint go files with gopls
 	@echo "Running gopls check..."
-	@GO=$(GO) GOPLS_PACKAGE=$(GOPLS_PACKAGE) tools/lint-go-gopls.sh $(GO_SOURCES_NO_BINDATA)
+	@GO=$(GO) GOPLS_PACKAGE=$(GOPLS_PACKAGE) tools/lint-go-gopls.sh $(GO_SOURCES)
 
 .PHONY: lint-editorconfig
 lint-editorconfig:
@@ -387,11 +404,11 @@ lint-actions: ## lint action workflow files
 .PHONY: lint-templates
 lint-templates: .venv node_modules ## lint template files
 	@node tools/lint-templates-svg.js
-	@poetry run djlint $(shell find templates -type f -iname '*.tmpl')
+	@uv run --frozen djlint $(shell find templates -type f -iname '*.tmpl')
 
 .PHONY: lint-yaml
 lint-yaml: .venv ## lint yaml files
-	@poetry run yamllint -s .
+	@uv run --frozen yamllint -s .
 
 .PHONY: watch
 watch: ## watch everything and continuously rebuild
@@ -410,12 +427,12 @@ watch-backend: go-check ## watch backend files and continuously rebuild
 test: test-frontend test-backend ## test everything
 
 .PHONY: test-backend
-test-backend: ## test frontend files
+test-backend: ## test backend files
 	@echo "Running go test with $(GOTESTFLAGS) -tags '$(TEST_TAGS)'..."
 	@$(GO) test $(GOTESTFLAGS) -tags='$(TEST_TAGS)' $(GO_TEST_PACKAGES)
 
 .PHONY: test-frontend
-test-frontend: node_modules ## test backend files
+test-frontend: node_modules ## test frontend files
 	npx vitest
 
 .PHONY: test-check
@@ -737,10 +754,13 @@ generate-go: $(TAGS_PREREQ)
 
 .PHONY: security-check
 security-check:
-	go run $(GOVULNCHECK_PACKAGE) ./...
+	go run $(GOVULNCHECK_PACKAGE) -show color ./...
 
 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
-	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
+ifneq ($(and $(STATIC),$(findstring pam,$(TAGS))),)
+  $(error pam support set via TAGS doesn't support static builds)
+endif
+	CGO_ENABLED="$(CGO_ENABLED)" CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(EXTLDFLAGS) $(LDFLAGS)' -o $@
 
 .PHONY: release
 release: frontend generate release-windows release-linux release-darwin release-freebsd release-copy release-compress vendor release-sources release-check
@@ -816,14 +836,15 @@ deps-tools: ## install tool dependencies
 	$(GO) install $(GOVULNCHECK_PACKAGE) & \
 	$(GO) install $(ACTIONLINT_PACKAGE) & \
 	$(GO) install $(GOPLS_PACKAGE) & \
+	$(GO) install $(GOPLS_MODERNIZE_PACKAGE) & \
 	wait
 
 node_modules: package-lock.json
 	npm install --no-save
 	@touch node_modules
 
-.venv: poetry.lock
-	poetry install
+.venv: uv.lock
+	uv sync
 	@touch .venv
 
 .PHONY: update
@@ -841,8 +862,8 @@ update-js: node-check | node_modules ## update js dependencies
 .PHONY: update-py
 update-py: node-check | node_modules ## update py dependencies
 	npx updates -u -f pyproject.toml
-	rm -rf .venv poetry.lock
-	poetry install
+	rm -rf .venv uv.lock
+	uv sync
 	@touch .venv
 
 .PHONY: webpack
diff --git a/README.md b/README.md
index 5ae65cd2ac..aa2c6010fa 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@
 [![Contribute with Gitpod](https://img.shields.io/badge/Contribute%20with-Gitpod-908a85?logo=gitpod&color=green)](https://gitpod.io/#https://github.com/go-gitea/gitea)
 [![](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com "Crowdin")
 
-[View this document in Chinese](./README_ZH.md)
+[�體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
 
 ## Purpose
 
@@ -80,9 +80,9 @@ Expected workflow is: Fork -> Patch -> Push -> Pull Request
 
 [![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com)
 
-Translations are done through [Crowdin](https://translate.gitea.com). If you want to translate to a new language ask one of the managers in the Crowdin project to add a new language there.
+Translations are done through [Crowdin](https://translate.gitea.com). If you want to translate to a new language, ask one of the managers in the Crowdin project to add a new language there.
 
-You can also just create an issue for adding a language or ask on discord on the #translation channel. If you need context or find some translation issues, you can leave a comment on the string or ask on Discord. For general translation questions there is a section in the docs. Currently a bit empty but we hope to fill it as questions pop up.
+You can also just create an issue for adding a language or ask on Discord on the #translation channel. If you need context or find some translation issues, you can leave a comment on the string or ask on Discord. For general translation questions there is a section in the docs. Currently a bit empty, but we hope to fill it as questions pop up.
 
 Get more information from [documentation](https://docs.gitea.com/contributing/localization).
 
diff --git a/README.zh-cn.md b/README.zh-cn.md
new file mode 100644
index 0000000000..f34b25b945
--- /dev/null
+++ b/README.zh-cn.md
@@ -0,0 +1,206 @@
+# Gitea
+
+[![](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main)](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain "Release Nightly")
+[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
+[![](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea "Go Report Card")
+[![](https://pkg.go.dev/badge/code.gitea.io/gitea?status.svg)](https://pkg.go.dev/code.gitea.io/gitea "GoDoc")
+[![](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest "GitHub release")
+[![](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea "Help Contribute to Open Source")
+[![](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea "Become a backer/sponsor of gitea")
+[![](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT "License: MIT")
+[![Contribute with Gitpod](https://img.shields.io/badge/Contribute%20with-Gitpod-908a85?logo=gitpod&color=green)](https://gitpod.io/#https://github.com/go-gitea/gitea)
+[![](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com "Crowdin")
+
+[English](./README.md) | [�體中文](./README.zh-tw.md)
+
+## 目的
+
+这个项目的目标是�供最简��最快速�最无痛的方��设置自托管的 Git �务。
+
+由于 Gitea 是用 Go 语言编写的，它�以在 Go 支�的所有平�和架构上�行，包括 Linux�macOS 和 Windows 的 x86�amd64�ARM 和 PowerPC 架构。这个项目自 2016 年 11 月从 [Gogs](https://gogs.io) [分�](https://blog.gitea.com/welcome-to-gitea/) 而�，但已�有了很多�化。
+
+在线演示�以访问 [demo.gitea.com](https://demo.gitea.com)。
+
+�访问�费的 Gitea �务（有一定数�的仓库�制），�以访问 [gitea.com](https://gitea.com/user/login)。
+
+�快速部署您自己的专用 Gitea 实例，�以在 [cloud.gitea.com](https://cloud.gitea.com) 开始�费试用。
+
+## 文件
+
+您�以在我们的官方 [文件网站](https://docs.gitea.com/) 上找到全�的文件。
+
+它包括安装�管��使用�开��贡献指�等，帮助您快速入门并有效地探索所有功能。
+
+如果您有任何建议或想�贡献，�以访问 [文件仓库](https://gitea.com/gitea/docs)
+
+## 构建
+
+从�代�树的根目录�行：
+
+    TAGS="bindata" make build
+
+如果需� SQLite 支�：
+
+    TAGS="bindata sqlite sqlite_unlock_notify" make build
+
+`build` 目标分为两个�目标：
+
+- `make backend` 需� [Go Stable](https://go.dev/dl/)，所需版本在 [go.mod](/go.mod) 中定义。
+- `make frontend` 需� [Node.js LTS](https://nodejs.org/en/download/) 或更高版本。
+
+需�互�网连接�下载 go 和 npm 模�。从包�预构建�端文件的官方�代�压缩包构建时，�会触� `frontend` 目标，因此�以在没有 Node.js 的情况下构建。
+
+更多信�：https://docs.gitea.com/installation/install-from-source
+
+## 使用
+
+构建�，默认情况下会在�代�树的根目录生�一个�为 `gitea` 的二进制文件。��行它，请使用：
+
+    ./gitea web
+
+> [!注�]
+> 如果您对使用我们的 API 感兴趣，我们�供了实验性支�，并附有 [文件](https://docs.gitea.com/api)。
+
+## 贡献
+
+预期的工作�程是：Fork -> Patch -> Push -> Pull Request
+
+> [!注�]
+>
+> 1. **在开始进行 Pull Request 之�，您必须阅读 [贡献者指�](CONTRIBUTING.md)。**
+> 2. 如果您在项目中�现了�洞，请�下写信给 **security@gitea.io**。谢谢�
+
+## 翻译
+
+[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com)
+
+翻译通过 [Crowdin](https://translate.gitea.com) 进行。如果您想翻译�新的语言，请在 Crowdin 项目中请求管�员添加新语言。
+
+您也�以创建一个 issue �添加语言，或者在 discord 的 #translation 频�上询问。如果您需�上下文或�现一些翻译问题，�以在字符串上留言或在 Discord 上询问。对于一般的翻译问题，文档中有一个部分。目�有点空，但我们希望��问题的出现而填充它。
+
+更多信�请�阅 [文件](https://docs.gitea.com/contributing/localization)。
+
+## 官方和第三方项目
+
+我们�供了一个官方的 [go-sdk](https://gitea.com/gitea/go-sdk)，一个�为 [tea](https://gitea.com/gitea/tea) 的 CLI 工具和一个 Gitea Action 的 [action runner](https://gitea.com/gitea/act_runner)。
+
+我们在 [gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea) 维护了一个 Gitea 相关项目的列表，您�以在那里�现更多的第三方项目，包括 SDK��件�主题等。
+
+## 通讯
+
+[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
+
+如果您有任何文件未涵盖的问题，�以在我们的 [Discord �务器](https://discord.gg/Gitea) 上与我们�系，或者在 [discourse 论�](https://forum.gitea.com/) 上创建帖�。
+
+## 作者
+
+- [维护者](https://github.com/orgs/go-gitea/people)
+- [贡献者](https://github.com/go-gitea/gitea/graphs/contributors)
+- [翻译者](options/locale/TRANSLATORS)
+
+## 支�者
+
+感谢所有支�者� � [[�为支�者](https://opencollective.com/gitea#backer)]
+
+<a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
+
+## 赞助商
+
+通过�为赞助商�支�这个项目。您的标志将显示在这里，并带有链接到您的网站。 [[�为赞助商](https://opencollective.com/gitea#sponsor)]
+
+<a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
+
+## 常�问题
+
+**Gitea 怎么�音？**
+
+Gitea 的�音是 [/ɡɪ’ti:/](https://youtu.be/EM71-2uDAoY)，就� "gi-tea" 一样，g 是硬音。
+
+**为什么这个项目没有托管在 Gitea 实例上？**
+
+我们正在 [努力](https://github.com/go-gitea/gitea/issues/1029)。
+
+**在哪里�以找到安全补�？**
+
+在 [�布日志](https://github.com/go-gitea/gitea/releases) 或 [�更日志](https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md) 中，�索关键� `SECURITY` 以找到安全补�。
+
+## 许��
+
+这个项目是根� MIT 许��授�的。
+请�阅 [LICENSE](https://github.com/go-gitea/gitea/blob/main/LICENSE) 文件以获�完整的许��文本。
+
+## 进一步信�
+
+<details>
+<summary>寻找界�概述？查看这里�</summary>
+
+### 登录/注册页�
+
+![Login](https://dl.gitea.com/screenshots/login.png)
+![Register](https://dl.gitea.com/screenshots/register.png)
+
+### 用户仪表�
+
+![Home](https://dl.gitea.com/screenshots/home.png)
+![Issues](https://dl.gitea.com/screenshots/issues.png)
+![Pull Requests](https://dl.gitea.com/screenshots/pull_requests.png)
+![Milestones](https://dl.gitea.com/screenshots/milestones.png)
+
+### 用户资料
+
+![Profile](https://dl.gitea.com/screenshots/user_profile.png)
+
+### 探索
+
+![Repos](https://dl.gitea.com/screenshots/explore_repos.png)
+![Users](https://dl.gitea.com/screenshots/explore_users.png)
+![Orgs](https://dl.gitea.com/screenshots/explore_orgs.png)
+
+### 仓库
+
+![Home](https://dl.gitea.com/screenshots/repo_home.png)
+![Commits](https://dl.gitea.com/screenshots/repo_commits.png)
+![Branches](https://dl.gitea.com/screenshots/repo_branches.png)
+![Labels](https://dl.gitea.com/screenshots/repo_labels.png)
+![Milestones](https://dl.gitea.com/screenshots/repo_milestones.png)
+![Releases](https://dl.gitea.com/screenshots/repo_releases.png)
+![Tags](https://dl.gitea.com/screenshots/repo_tags.png)
+
+#### 仓库问题
+
+![List](https://dl.gitea.com/screenshots/repo_issues.png)
+![Issue](https://dl.gitea.com/screenshots/repo_issue.png)
+
+#### 仓库拉�请求
+
+![List](https://dl.gitea.com/screenshots/repo_pull_requests.png)
+![Pull Request](https://dl.gitea.com/screenshots/repo_pull_request.png)
+![File](https://dl.gitea.com/screenshots/repo_pull_request_file.png)
+![Commits](https://dl.gitea.com/screenshots/repo_pull_request_commits.png)
+
+#### 仓库�作
+
+![List](https://dl.gitea.com/screenshots/repo_actions.png)
+![Details](https://dl.gitea.com/screenshots/repo_actions_run.png)
+
+#### 仓库活动
+
+![Activity](https://dl.gitea.com/screenshots/repo_activity.png)
+![Contributors](https://dl.gitea.com/screenshots/repo_contributors.png)
+![Code Frequency](https://dl.gitea.com/screenshots/repo_code_frequency.png)
+![Recent Commits](https://dl.gitea.com/screenshots/repo_recent_commits.png)
+
+### 组织
+
+![Home](https://dl.gitea.com/screenshots/org_home.png)
+
+</details>
diff --git a/README.zh-tw.md b/README.zh-tw.md
new file mode 100644
index 0000000000..9de3f85dd5
--- /dev/null
+++ b/README.zh-tw.md
@@ -0,0 +1,206 @@
+# Gitea
+
+[![](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main)](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain "Release Nightly")
+[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
+[![](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea "Go Report Card")
+[![](https://pkg.go.dev/badge/code.gitea.io/gitea?status.svg)](https://pkg.go.dev/code.gitea.io/gitea "GoDoc")
+[![](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest "GitHub release")
+[![](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea "Help Contribute to Open Source")
+[![](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea "Become a backer/sponsor of gitea")
+[![](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT "License: MIT")
+[![Contribute with Gitpod](https://img.shields.io/badge/Contribute%20with-Gitpod-908a85?logo=gitpod&color=green)](https://gitpod.io/#https://github.com/go-gitea/gitea)
+[![](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com "Crowdin")
+
+[English](./README.md) | [简体中文](./README.zh-cn.md)
+
+## 目的
+
+這個項目的目標是�供最簡單�最快速�最無痛的方�來設置自託管的 Git �務。
+
+由於 Gitea 是用 Go 語言編寫的，它�以在 Go 支�的所有平�和架構上�行，包括 Linux�macOS 和 Windows 的 x86�amd64�ARM 和 PowerPC 架構。這個項目自 2016 年 11 月從 [Gogs](https://gogs.io) [分�](https://blog.gitea.com/welcome-to-gitea/) 而來，但已經有了很多變化。
+
+在線演示�以訪� [demo.gitea.com](https://demo.gitea.com)。
+
+�訪��費的 Gitea �務（有一定數�的倉庫�制），�以訪� [gitea.com](https://gitea.com/user/login)。
+
+�快速部署您自己的專用 Gitea 實例，�以在 [cloud.gitea.com](https://cloud.gitea.com) 開始�費試用。
+
+## 文件
+
+您�以在我們的官方 [文件網站](https://docs.gitea.com/) 上找到全�的文件。
+
+它包括安��管��使用�開發�貢�指�等，幫助您快速入門並有效地探索所有功能。
+
+如果您有任何建議或想�貢�，�以訪� [文件倉庫](https://gitea.com/gitea/docs)
+
+## 構建
+
+從�代碼樹的根目錄�行：
+
+    TAGS="bindata" make build
+
+如果需� SQLite 支�：
+
+    TAGS="bindata sqlite sqlite_unlock_notify" make build
+
+`build` 目標分為兩個�目標：
+
+- `make backend` 需� [Go Stable](https://go.dev/dl/)，所需版本在 [go.mod](/go.mod) 中定義。
+- `make frontend` 需� [Node.js LTS](https://nodejs.org/en/download/) 或更高版本。
+
+需�互�網連接來下載 go 和 npm 模塊。從包��構建�端文件的官方�代碼壓縮包構建時，�會觸發 `frontend` 目標，因此�以在沒有 Node.js 的情�下構建。
+
+更多信�：https://docs.gitea.com/installation/install-from-source
+
+## 使用
+
+構建後，默�情�下會在�代碼樹的根目錄生�一個�為 `gitea` 的二進制文件。��行它，請使用：
+
+    ./gitea web
+
+> [!注�]
+> 如果您�使用我們的 API 感興趣，我們�供了實驗性支�，並附有 [文件](https://docs.gitea.com/api)。
+
+## 貢�
+
+�期的工作�程是：Fork -> Patch -> Push -> Pull Request
+
+> [!注�]
+>
+> 1. **在開始進行 Pull Request 之�，您必須閱讀 [貢�者指�](CONTRIBUTING.md)。**
+> 2. 如果您在項目中發�了�洞，請�下寫信給 **security@gitea.io**。���
+
+## 翻譯
+
+[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com)
+
+翻譯通� [Crowdin](https://translate.gitea.com) 進行。如果您想翻譯�新的語言，請在 Crowdin 項目中請求管�員添加新語言。
+
+您也�以創建一個 issue 來添加語言，或者在 discord 的 #translation 頻�上詢�。如果您需�上下文或發�一些翻譯�題，�以在字符串上留言或在 Discord 上詢�。�於一般的翻譯�題，文檔中有一個部分。目�有點空，但我們希望隨著�題的出�而填充它。
+
+更多信�請�閱 [文件](https://docs.gitea.com/contributing/localization)。
+
+## 官方和第三方項目
+
+我們�供了一個官方的 [go-sdk](https://gitea.com/gitea/go-sdk)，一個�為 [tea](https://gitea.com/gitea/tea) 的 CLI 工具和一個 Gitea Action 的 [action runner](https://gitea.com/gitea/act_runner)。
+
+我們在 [gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea) 維護了一個 Gitea 相關項目的列表，您�以在那裡發�更多的第三方項目，包括 SDK��件�主題等。
+
+## 通訊
+
+[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
+
+如果您有任何文件未涵蓋的�題，�以在我們的 [Discord �務器](https://discord.gg/Gitea) 上與我們�繫，或者在 [discourse 論壇](https://forum.gitea.com/) 上創建帖�。
+
+## 作者
+
+- [維護者](https://github.com/orgs/go-gitea/people)
+- [貢�者](https://github.com/go-gitea/gitea/graphs/contributors)
+- [翻譯者](options/locale/TRANSLATORS)
+
+## 支�者
+
+感�所有支�者� � [[�為支�者](https://opencollective.com/gitea#backer)]
+
+<a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
+
+## 贊助商
+
+通��為贊助商來支�這個項目。您的標誌將顯示在這裡，並帶有�接到您的網站。 [[�為贊助商](https://opencollective.com/gitea#sponsor)]
+
+<a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
+
+## 常見�題
+
+**Gitea 怎麼發音？**
+
+Gitea 的發音是 [/ɡɪ’ti:/](https://youtu.be/EM71-2uDAoY)，就� "gi-tea" 一樣，g 是硬音。
+
+**為什麼這個項目沒有託管在 Gitea 實例上？**
+
+我們正在 [努力](https://github.com/go-gitea/gitea/issues/1029)。
+
+**在哪裡�以找到安全補�？**
+
+在 [發佈日誌](https://github.com/go-gitea/gitea/releases) 或 [變更日誌](https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md) 中，�索關�詞 `SECURITY` 以找到安全補�。
+
+## 許�證
+
+這個項目是根據 MIT 許�證授權的。
+請�閱 [LICENSE](https://github.com/go-gitea/gitea/blob/main/LICENSE) 文件以��完整的許�證文本。
+
+## 進一步信�
+
+<details>
+<summary>尋找界�概述？查看這裡�</summary>
+
+### 登錄/註冊��
+
+![Login](https://dl.gitea.com/screenshots/login.png)
+![Register](https://dl.gitea.com/screenshots/register.png)
+
+### 用戶儀表�
+
+![Home](https://dl.gitea.com/screenshots/home.png)
+![Issues](https://dl.gitea.com/screenshots/issues.png)
+![Pull Requests](https://dl.gitea.com/screenshots/pull_requests.png)
+![Milestones](https://dl.gitea.com/screenshots/milestones.png)
+
+### 用戶資料
+
+![Profile](https://dl.gitea.com/screenshots/user_profile.png)
+
+### 探索
+
+![Repos](https://dl.gitea.com/screenshots/explore_repos.png)
+![Users](https://dl.gitea.com/screenshots/explore_users.png)
+![Orgs](https://dl.gitea.com/screenshots/explore_orgs.png)
+
+### 倉庫
+
+![Home](https://dl.gitea.com/screenshots/repo_home.png)
+![Commits](https://dl.gitea.com/screenshots/repo_commits.png)
+![Branches](https://dl.gitea.com/screenshots/repo_branches.png)
+![Labels](https://dl.gitea.com/screenshots/repo_labels.png)
+![Milestones](https://dl.gitea.com/screenshots/repo_milestones.png)
+![Releases](https://dl.gitea.com/screenshots/repo_releases.png)
+![Tags](https://dl.gitea.com/screenshots/repo_tags.png)
+
+#### 倉庫�題
+
+![List](https://dl.gitea.com/screenshots/repo_issues.png)
+![Issue](https://dl.gitea.com/screenshots/repo_issue.png)
+
+#### 倉庫拉�請求
+
+![List](https://dl.gitea.com/screenshots/repo_pull_requests.png)
+![Pull Request](https://dl.gitea.com/screenshots/repo_pull_request.png)
+![File](https://dl.gitea.com/screenshots/repo_pull_request_file.png)
+![Commits](https://dl.gitea.com/screenshots/repo_pull_request_commits.png)
+
+#### 倉庫�作
+
+![List](https://dl.gitea.com/screenshots/repo_actions.png)
+![Details](https://dl.gitea.com/screenshots/repo_actions_run.png)
+
+#### 倉庫活動
+
+![Activity](https://dl.gitea.com/screenshots/repo_activity.png)
+![Contributors](https://dl.gitea.com/screenshots/repo_contributors.png)
+![Code Frequency](https://dl.gitea.com/screenshots/repo_code_frequency.png)
+![Recent Commits](https://dl.gitea.com/screenshots/repo_recent_commits.png)
+
+### 組織
+
+![Home](https://dl.gitea.com/screenshots/org_home.png)
+
+</details>
diff --git a/README_ZH.md b/README_ZH.md
deleted file mode 100644
index 89c34f6b63..0000000000
--- a/README_ZH.md
+++ /dev/null
@@ -1,156 +0,0 @@
-# Gitea
-
-[![](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml/badge.svg?branch=main)](https://github.com/go-gitea/gitea/actions/workflows/release-nightly.yml?query=branch%3Amain "Release Nightly")
-[![](https://img.shields.io/discord/322538954119184384.svg?logo=discord&logoColor=white&label=Discord&color=5865F2)](https://discord.gg/Gitea "Join the Discord chat at https://discord.gg/Gitea")
-[![](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea "Go Report Card")
-[![](https://pkg.go.dev/badge/code.gitea.io/gitea?status.svg)](https://pkg.go.dev/code.gitea.io/gitea "GoDoc")
-[![](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest "GitHub release")
-[![](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea "Help Contribute to Open Source")
-[![](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea "Become a backer/sponsor of gitea")
-[![](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT "License: MIT")
-[![Contribute with Gitpod](https://img.shields.io/badge/Contribute%20with-Gitpod-908a85?logo=gitpod&color=green)](https://gitpod.io/#https://github.com/go-gitea/gitea)
-[![](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com "Crowdin")
-
-[View this document in English](./README.md)
-
-## 目标
-
-Gitea 的首�目标是创建一个�易安装，�行�常快速，安装和使用体验良好的自建 Git �务。我们采用 Go 作为�端语言，这使我们��生�一个�执行程���。并且他还支�跨平�，支� Linux�macOS 和 Windows 以���架构，除了 x86 和 amd64，还包括 ARM 和 PowerPC。
-
-如果你想试用在线演示和报告问题，请访问 [demo.gitea.com](https://demo.gitea.com/)。
-
-如果你想使用�费的 Gitea �务（有仓库数��制），请访问 [gitea.com](https://gitea.com/user/login)。
-
-如果你想在 Gitea Cloud 上快速部署你自己独享的 Gitea 实例，请访问 [cloud.gitea.com](https://cloud.gitea.com) 开始�费试用。
-
-## 文档
-
-关于如何安装请访问我们的 [文档站](https://docs.gitea.com/zh-cn/category/installation)，如果没有找到对应的文档，你也�以通过 [Discord - 英文](https://discord.gg/gitea) 和 QQ群 328432459 �和我们交�。
-
-## 编译
-
-在�代�的根目录下执行：
-
-    TAGS="bindata" make build
-
-或者如果需�SQLite支�：
-
-    TAGS="bindata sqlite sqlite_unlock_notify" make build
-
-编译过程会分�2个�任务：
-
-- `make backend`，需� [Go Stable](https://go.dev/dl/)，最低版本需求�查看 [go.mod](/go.mod)。
-- `make frontend`，需� [Node.js LTS](https://nodejs.org/en/download/) 或更高版本。
-
-你需�连接网络�下载 go 和 npm modules。当从 tar 格�的�文件编译时，其中包�了预编译的�端文件，因此 `make frontend` 将�会被执行。这�许编译时�需� Node.js。
-
-更多信�: https://docs.gitea.com/installation/install-from-source
-
-## 使用
-
-编译之�，默认会在根目录下生�一个�为 `gitea` 的文件。你�以这样执行它：
-
-    ./gitea web
-
-> [!注�]
-> 如果你�使用API，请�� [API 文档](https://godoc.org/code.gitea.io/sdk/gitea)。
-
-## 贡献
-
-贡献�程：Fork -> Patch -> Push -> Pull Request
-
-> [!注�]
->
-> 1. **开始贡献代�之�请确�你已�看过了 [贡献者�导（英文）](CONTRIBUTING.md)**。
-> 2. 所有的安全问题，请�下��邮件给 **security@gitea.io**。 谢谢�
-
-## 翻译
-
-[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://translate.gitea.com)
-
-多语言翻译是基于Crowdin进行的。
-
-从 [文档](https://docs.gitea.com/contributing/localization) 中获�更多信�。
-
-## 官方和第三方项目
-
-Gitea �供官方的 [go-sdk](https://gitea.com/gitea/go-sdk)，以��为 [tea](https://gitea.com/gitea/tea) 的 CLI 工具 和 用于 Gitea Action 的 [action runner](https://gitea.com/gitea/act_runner)。
-
-[gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea) 是一个 Gitea 相关项目的列表，你�以在这里找到更多的第三方项目，包括 SDK��件�主题等等。
-
-## 作者
-
-- [Maintainers](https://github.com/orgs/go-gitea/people)
-- [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
-- [Translators](options/locale/TRANSLATORS)
-
-## 授�许�
-
-本项目采用 MIT 开�授�许��，完整的授�说明已放置在 [LICENSE](https://github.com/go-gitea/gitea/blob/main/LICENSE) 文件中。
-
-## 更多信�
-
-<details>
-<summary>截图</summary>
-
-### 登录界�
-
-![登录](https://dl.gitea.com/screenshots/login.png)
-![注册](https://dl.gitea.com/screenshots/register.png)
-
-### 用户首页
-
-![首页](https://dl.gitea.com/screenshots/home.png)
-![工�列表](https://dl.gitea.com/screenshots/issues.png)
-![�并请求列表](https://dl.gitea.com/screenshots/pull_requests.png)
-![里程碑列表](https://dl.gitea.com/screenshots/milestones.png)
-
-### 用户资料
-
-![用户资料](https://dl.gitea.com/screenshots/user_profile.png)
-
-### 探索
-
-![仓库列表](https://dl.gitea.com/screenshots/explore_repos.png)
-![用户列表](https://dl.gitea.com/screenshots/explore_users.png)
-![组织列表](https://dl.gitea.com/screenshots/explore_orgs.png)
-
-### 仓库
-
-![首页](https://dl.gitea.com/screenshots/repo_home.png)
-![�交列表](https://dl.gitea.com/screenshots/repo_commits.png)
-![分支列表](https://dl.gitea.com/screenshots/repo_branches.png)
-![标签列表](https://dl.gitea.com/screenshots/repo_labels.png)
-![里程碑列表](https://dl.gitea.com/screenshots/repo_milestones.png)
-![版本�布](https://dl.gitea.com/screenshots/repo_releases.png)
-![标签列表](https://dl.gitea.com/screenshots/repo_tags.png)
-
-#### 仓库工�
-
-![列表](https://dl.gitea.com/screenshots/repo_issues.png)
-![工�](https://dl.gitea.com/screenshots/repo_issue.png)
-
-#### 仓库�并请求
-
-![列表](https://dl.gitea.com/screenshots/repo_pull_requests.png)
-![�并请求](https://dl.gitea.com/screenshots/repo_pull_request.png)
-![文件](https://dl.gitea.com/screenshots/repo_pull_request_file.png)
-![�交列表](https://dl.gitea.com/screenshots/repo_pull_request_commits.png)
-
-#### 仓库 Actions
-
-![列表](https://dl.gitea.com/screenshots/repo_actions.png)
-![Run](https://dl.gitea.com/screenshots/repo_actions_run.png)
-
-#### 仓库动�
-
-![动�](https://dl.gitea.com/screenshots/repo_activity.png)
-![贡献者](https://dl.gitea.com/screenshots/repo_contributors.png)
-![代�频率](https://dl.gitea.com/screenshots/repo_code_frequency.png)
-![最近的�交](https://dl.gitea.com/screenshots/repo_recent_commits.png)
-
-### 组织
-
-![首页](https://dl.gitea.com/screenshots/org_home.png)
-
-</details>
diff --git a/SECURITY.md b/SECURITY.md
index c9dbf859f5..d7c27ea613 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -14,12 +14,12 @@ Please **DO NOT** file a public issue, instead send your report privately to `se
 
 Due to the sensitive nature of security information, you can use the below GPG public key to encrypt your mail body.
 
-The PGP key is valid until July 9, 2025.
+The PGP key is valid until July 4, 2026.
 
 ```
 Key ID: 6FCD2D5B
 Key Type: RSA
-Expires: 7/9/2025
+Expires: 7/4/2026
 Key Size: 4096/4096
 Fingerprint: 3DE0 3D1E 144A 7F06 9359 99DC AAFD 2381 6FCD 2D5B
 ```
@@ -42,18 +42,18 @@ lzpAjnN9/KLtQroutrm+Ft0mdjDiJUeFVl1cOHDhoyfCsQh62HumoyZoZvqzQd6e
 AbN11nq6aViMe2Q3je1AbiBnRnQSHxt1Tc8X4IshO3MQK1Sk7oPI6LA5oQARAQAB
 tCJHaXRlYSBTZWN1cml0eSA8c2VjdXJpdHlAZ2l0ZWEuaW8+iQJXBBMBCABBAhsD
 BQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAFiEEPeA9HhRKfwaTWZncqv0jgW/N
-LVsFAmaMse0FCQW4fW8ACgkQqv0jgW/NLVtXLg/+PF4G9Jhlui15BTNlEBJAV2P/
-1QlAV2krk0fP7tykn0FR9RfGIfVV/kwC1f+ouosYPQDDevl9LWdUIM+g94DtNo2o
-7ACpcL3morvt5lVGpIZHL8TbX0qmFRXL/pB/cB+K6IwYvh2mrbp2zH+r4SCRyFYq
-BjgXYFTI1MylJ1ShAjU6Z+m3oJ+2xs5LzHS0X6zkTjzA2Zl4zQzciQ9T+wJcE7Zi
-HXdM1+YMF8KGNP8J9Rpug5oNDJ98lgZirRY7c3A/1xmYBiPnULwuuymdqEZO7l70
-SeAlE1RWYX8kbOBnBb/KY4XwE3Vic1oEzc9DiPWVH1ElX86WNNsFzuyULiwoBoWg
-pqZGhL9x1p5+46RGQSDczsHM7YGVtfYOiDo2PAVrmwsT0BnXnK8Oe3YIkvmUPEJu
-OkLt0Z6A5n8pz8zhQzuApwBsK4ncJ8zTCpvz/pfKKqZC/Vnoh3gKGhDGvOZ+b5IJ
-0kUTe2JsbnwFixDUMDtacQ1op8XOyLoLVmgqLn0+Pws4XPBlMof2bioFir3yHKnP
-gNchsF1agrlSIo5GA8u4ga+IlCSfvFIKrl7+cxacKcJYt/vbOU5KcvVJI5EtHKCG
-xfHjHY2ah1Qww7SxW6IXiRZZzPpsL2mBM2CD7N3qh9bV2s27wxYCdUodsIZbiyHe
-oWPzfBnkmiAN8KlZxHm5Ag0EYrVn/gEQALrFLQjCR3GjuHSindz0rd3Fnx/t7Sen
+LVsFAmhoHmkFCQeT6esACgkQqv0jgW/NLVuFLRAAmjBQSKRAgs2bFIEj7HLAbDp4
+f+XkdH+GsT3jRPOZ9QZgmtM+TfoE4yNgIVfOl+s4RdjM/W4QzqZuPQ55hbEHd056
+cJmm7B+6GsHFcdrPmh65sOCEIyh4+t45dUfeWpFsDPqm9j1UHXAJQIpB8vDEVAPH
+t+3wLCk8GMPJs1o5tIyMmaO23ngvkwn8eG7KgY+rp2PzObrb5g7ppci0ILzILkrp
+HVjZsEfUWRgSVF7LuU5ppqDKrlcqwUpQq6n3kGMZcLrCp6ACKP04TBmTfUxNwdL7
+I0N7apI2Pbct9T1Gv/lYAUFWyU2c3gh/EBLbO6BukaLOFRQHrtNfdJV/YnMPlcXr
+LUJjK9K4eAH9DsrZqrisz/LthsC2BaNIN3KRMTk5YTYgmIh8GXzSgihORmtDFELC
+RroID3pTuS0zjXh+wpY9GuPTh7UW23p42Daxca4fAT4k5EclvDRUrL21xMopPMiL
+HuNdELz4FVchRTy05PjzKVyjVInDNojE2KUxnjxZDzYJ6aT/g+coD5yfntYm8BEj
++ZzL0ndZES54hzKLpv7zwBQwFzam68clZYmDPILOPTflQDfpGEWmJK4undFU5obz
+ZsQRz0R3ulspChATbZxO0d5LX2obLpKO9X3b5VoO1KF+R8Vjw1Y0KxrNZ6rIcfqH
+Z50QVQKSe9dm08K0ON+5Ag0EYrVn/gEQALrFLQjCR3GjuHSindz0rd3Fnx/t7Sen
 T+p07yCSSoSlmnJHCQmwh4vfg1blyz0zZ4vkIhtpHsEgc+ZAG+WQXSsJ2iRz+eSN
 GwoOQl4XC3n+QWkc1ws+btr48+6UqXIQU+F8TPQyx/PIgi2nZXJB7f5+mjCqsk46
 XvH4nTr4kJjuqMSR/++wvre2qNQRa/q/dTsK0OaN/mJsdX6Oi+aGNaQJUhIG7F+E
@@ -65,19 +65,19 @@ s+GsP9I3cmWWQcKYxWHtE8xTXnNCVPFZQj2nwhJzae8ypfOtulBRA3dUKWGKuDH/
 axFENhUsT397aOU3qkP/od4a64JyNIEo4CTTSPVeWd7njsGqli2U3A4xL2CcyYvt
 D/MWcMBGEoLSNTswwKdom4FaJpn5KThnK/T0bQcmJblJhoCtppXisbexZnCpuS0x
 Zdlm2T14KJ3LABEBAAGJAjwEGAEIACYCGwwWIQQ94D0eFEp/BpNZmdyq/SOBb80t
-WwUCZoyyjQUJBbh+DwAKCRCq/SOBb80tW18XD/9MXztmf01MT+1kZdBouZ/7Rp/7
-9kuqo//B1G+RXau4oFtPqb67kNe2WaIc3u5B73PUHsMf3i6z4ib2KbMhZZerLn0O
-dRglcuPeNWmsASY3dH/XVG0cT0zvvWegagd12TJEl3Vs+7XNrOw4cwDj9L1+GH9m
-kSt4uaANWn/6a3RvMRhiVEYuNwhAzcKaactPmYqrLJgoVLbRSDkgyHaMQ2jKgLxk
-ifS/fvluGV0ub2Po6DJiqfRpd1tDvPhe9y1+r1WFDZsOcvTcZUfSt/7dXMGfqGu0
-2daVFlfeSXSALrDE5uc0UxodHCpP3sqRYDZevGLBRaaTkIjYXG/+N898+7K5WJF4
-xXOLWxM2cwGkG7eC9pugcDnBp9XlF7O+GBiZ05JUe5flXDQFZ+h3exjopu6KHF1B
-RnzNy8LC0UKb+AuvRIOLV92a9Q9wGWU/jaVDu6nZ0umAeuSzxiHoDsonm0Fl9QAz
-2/xCokebuoeLrEK7R2af3X86mqq3sVO4ax+HPYChzOaVQBiHUW/TAldWcldYYphR
-/e2WsbmQfvCRtz/bZfo+aUVnrHNjzVMtF2SszdVmA/04Y8pS28MqtuRqhm5DPOOd
-g1YeUywK5jRZ1twyo1kzJEFPLaoeaXaycsR1PMVBW0Urik5mrR/pOWq7PPoZoKb2
-lXYLE8bwkuQTmsyL1g==
-=9i7d
+WwUCaGgeJAUJB5PppgAKCRCq/SOBb80tW/NWEACB6Jrf0gWlk7e+hNCdnbM0ZVWU
+f2sHNFfXxxsdhpcDgKbNHtkZb8nZgv8AX+5fTtUwMVa3vKcdw30xFiIM5N7cCIPV
+vg/5z5BtfEaitnabEUG2iiVDIy8IHXIcK10rX+7BosA3QDl2PsiBHwyi5G13lRk8
+zGTSNDuOalug33h5/lr2dPigamkq74Aoy29q8Rjad6GfWHipL2bFimgtY+Zdi0BH
+NLk4EJXxj1SgVx5dtkQzWJReBA5M+FQ4QYQZBO+f4TDoOLmjui152uhkoLBQbGAa
+WWJFTVxm0bG5MXloEL3gA8DfU7XDwuW/sHJC5pBko8RpQViooOhckMepZV3Y83DK
+bwLYa3JmPgj2rEv4993dvrJbQhpGd082HOxOsllCs8pgNq1SnXpWYfcGTgGKC3ts
+U8YZUUJUQ7mi2L8Tv3ix20c9EiGmA30JAmA8eZTC3cWup91ZkkVBFRml2czTXajd
+RWZ6GbHV5503ueDQcB8yBVgF3CSixs67+dGSbD3p86OqGrjAcJzM5TFbNKcnGLdE
+kGbZpNwAISy750lXzXKmyrh5RTCeTOQerbwCMBvHZO+HAevA/LXDTw2OAiSIQlP5
+sYA4sFYLQ30OAkgJcmdp/pSgVj/erNtSN07ClrOpDb/uFpQymO6K2h0Pst3feNVK
+9M2VbqL9C51z/wyHLg==
+=SfZA
 -----END PGP PUBLIC KEY BLOCK-----
 
 ```
diff --git a/assets/go-licenses.json b/assets/go-licenses.json
index b98b5d6471..d961444239 100644
--- a/assets/go-licenses.json
+++ b/assets/go-licenses.json
@@ -115,8 +115,8 @@
     "licenseText": "Copyright (c) 2009 The Go Authors. All rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\nnotice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\ncopyright notice, this list of conditions and the following disclaimer\nin the documentation and/or other materials provided with the\ndistribution.\n   * Neither the name of Google Inc. nor the names of its\ncontributors may be used to endorse or promote products derived from\nthis software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
   },
   {
-    "name": "github.com/RoaringBitmap/roaring",
-    "path": "github.com/RoaringBitmap/roaring/LICENSE",
+    "name": "github.com/RoaringBitmap/roaring/v2",
+    "path": "github.com/RoaringBitmap/roaring/v2/LICENSE",
     "licenseText": "\n                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright 2016 by the authors\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n\n================================================================================\n\nPortions of runcontainer.go are from the Go standard library, which is licensed\nunder:\n\nCopyright (c) 2009 The Go Authors. All rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\n     notice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\n     copyright notice, this list of conditions and the following disclaimer\n     in the documentation and/or other materials provided with the\n     distribution.\n   * Neither the name of Google Inc. nor the names of its\n     contributors may be used to endorse or promote products derived from\n     this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
   },
   {
@@ -295,6 +295,11 @@
     "licenseText": "The MIT License (MIT)\n\nCopyright (c) 2014 Bob Matcuk\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n\n"
   },
   {
+    "name": "github.com/bohde/codel",
+    "path": "github.com/bohde/codel/LICENSE",
+    "licenseText": "BSD 3-Clause License\n\nCopyright (c) 2018, Rowan Bohde\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are met:\n\n* Redistributions of source code must retain the above copyright notice, this\n  list of conditions and the following disclaimer.\n\n* Redistributions in binary form must reproduce the above copyright notice,\n  this list of conditions and the following disclaimer in the documentation\n  and/or other materials provided with the distribution.\n\n* Neither the name of the copyright holder nor the names of its\n  contributors may be used to endorse or promote products derived from\n  this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE\nFOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\nOR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
+  },
+  {
     "name": "github.com/boombuler/barcode",
     "path": "github.com/boombuler/barcode/LICENSE",
     "licenseText": "The MIT License (MIT)\n\nCopyright (c) 2014 Florian Sundermann\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
@@ -595,11 +600,6 @@
     "licenseText": "Copyright (c) 2017 The Go Authors. All rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\nnotice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\ncopyright notice, this list of conditions and the following disclaimer\nin the documentation and/or other materials provided with the\ndistribution.\n   * Neither the name of Google Inc. nor the names of its\ncontributors may be used to endorse or promote products derived from\nthis software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
   },
   {
-    "name": "github.com/golang/geo",
-    "path": "github.com/golang/geo/LICENSE",
-    "licenseText": "\n                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
-  },
-  {
     "name": "github.com/golang/groupcache/lru",
     "path": "github.com/golang/groupcache/lru/LICENSE",
     "licenseText": "Apache License\nVersion 2.0, January 2004\nhttp://www.apache.org/licenses/\n\nTERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n1. Definitions.\n\n\"License\" shall mean the terms and conditions for use, reproduction, and\ndistribution as defined by Sections 1 through 9 of this document.\n\n\"Licensor\" shall mean the copyright owner or entity authorized by the copyright\nowner that is granting the License.\n\n\"Legal Entity\" shall mean the union of the acting entity and all other entities\nthat control, are controlled by, or are under common control with that entity.\nFor the purposes of this definition, \"control\" means (i) the power, direct or\nindirect, to cause the direction or management of such entity, whether by\ncontract or otherwise, or (ii) ownership of fifty percent (50%) or more of the\noutstanding shares, or (iii) beneficial ownership of such entity.\n\n\"You\" (or \"Your\") shall mean an individual or Legal Entity exercising\npermissions granted by this License.\n\n\"Source\" form shall mean the preferred form for making modifications, including\nbut not limited to software source code, documentation source, and configuration\nfiles.\n\n\"Object\" form shall mean any form resulting from mechanical transformation or\ntranslation of a Source form, including but not limited to compiled object code,\ngenerated documentation, and conversions to other media types.\n\n\"Work\" shall mean the work of authorship, whether in Source or Object form, made\navailable under the License, as indicated by a copyright notice that is included\nin or attached to the work (an example is provided in the Appendix below).\n\n\"Derivative Works\" shall mean any work, whether in Source or Object form, that\nis based on (or derived from) the Work and for which the editorial revisions,\nannotations, elaborations, or other modifications represent, as a whole, an\noriginal work of authorship. For the purposes of this License, Derivative Works\nshall not include works that remain separable from, or merely link (or bind by\nname) to the interfaces of, the Work and Derivative Works thereof.\n\n\"Contribution\" shall mean any work of authorship, including the original version\nof the Work and any modifications or additions to that Work or Derivative Works\nthereof, that is intentionally submitted to Licensor for inclusion in the Work\nby the copyright owner or by an individual or Legal Entity authorized to submit\non behalf of the copyright owner. For the purposes of this definition,\n\"submitted\" means any form of electronic, verbal, or written communication sent\nto the Licensor or its representatives, including but not limited to\ncommunication on electronic mailing lists, source code control systems, and\nissue tracking systems that are managed by, or on behalf of, the Licensor for\nthe purpose of discussing and improving the Work, but excluding communication\nthat is conspicuously marked or otherwise designated in writing by the copyright\nowner as \"Not a Contribution.\"\n\n\"Contributor\" shall mean Licensor and any individual or Legal Entity on behalf\nof whom a Contribution has been received by Licensor and subsequently\nincorporated within the Work.\n\n2. Grant of Copyright License.\n\nSubject to the terms and conditions of this License, each Contributor hereby\ngrants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,\nirrevocable copyright license to reproduce, prepare Derivative Works of,\npublicly display, publicly perform, sublicense, and distribute the Work and such\nDerivative Works in Source or Object form.\n\n3. Grant of Patent License.\n\nSubject to the terms and conditions of this License, each Contributor hereby\ngrants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,\nirrevocable (except as stated in this section) patent license to make, have\nmade, use, offer to sell, sell, import, and otherwise transfer the Work, where\nsuch license applies only to those patent claims licensable by such Contributor\nthat are necessarily infringed by their Contribution(s) alone or by combination\nof their Contribution(s) with the Work to which such Contribution(s) was\nsubmitted. If You institute patent litigation against any entity (including a\ncross-claim or counterclaim in a lawsuit) alleging that the Work or a\nContribution incorporated within the Work constitutes direct or contributory\npatent infringement, then any patent licenses granted to You under this License\nfor that Work shall terminate as of the date such litigation is filed.\n\n4. Redistribution.\n\nYou may reproduce and distribute copies of the Work or Derivative Works thereof\nin any medium, with or without modifications, and in Source or Object form,\nprovided that You meet the following conditions:\n\nYou must give any other recipients of the Work or Derivative Works a copy of\nthis License; and\nYou must cause any modified files to carry prominent notices stating that You\nchanged the files; and\nYou must retain, in the Source form of any Derivative Works that You distribute,\nall copyright, patent, trademark, and attribution notices from the Source form\nof the Work, excluding those notices that do not pertain to any part of the\nDerivative Works; and\nIf the Work includes a \"NOTICE\" text file as part of its distribution, then any\nDerivative Works that You distribute must include a readable copy of the\nattribution notices contained within such NOTICE file, excluding those notices\nthat do not pertain to any part of the Derivative Works, in at least one of the\nfollowing places: within a NOTICE text file distributed as part of the\nDerivative Works; within the Source form or documentation, if provided along\nwith the Derivative Works; or, within a display generated by the Derivative\nWorks, if and wherever such third-party notices normally appear. The contents of\nthe NOTICE file are for informational purposes only and do not modify the\nLicense. You may add Your own attribution notices within Derivative Works that\nYou distribute, alongside or as an addendum to the NOTICE text from the Work,\nprovided that such additional attribution notices cannot be construed as\nmodifying the License.\nYou may add Your own copyright statement to Your modifications and may provide\nadditional or different license terms and conditions for use, reproduction, or\ndistribution of Your modifications, or for any such Derivative Works as a whole,\nprovided Your use, reproduction, and distribution of the Work otherwise complies\nwith the conditions stated in this License.\n\n5. Submission of Contributions.\n\nUnless You explicitly state otherwise, any Contribution intentionally submitted\nfor inclusion in the Work by You to the Licensor shall be under the terms and\nconditions of this License, without any additional terms or conditions.\nNotwithstanding the above, nothing herein shall supersede or modify the terms of\nany separate license agreement you may have executed with Licensor regarding\nsuch Contributions.\n\n6. Trademarks.\n\nThis License does not grant permission to use the trade names, trademarks,\nservice marks, or product names of the Licensor, except as required for\nreasonable and customary use in describing the origin of the Work and\nreproducing the content of the NOTICE file.\n\n7. Disclaimer of Warranty.\n\nUnless required by applicable law or agreed to in writing, Licensor provides the\nWork (and each Contributor provides its Contributions) on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,\nincluding, without limitation, any warranties or conditions of TITLE,\nNON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are\nsolely responsible for determining the appropriateness of using or\nredistributing the Work and assume any risks associated with Your exercise of\npermissions under this License.\n\n8. Limitation of Liability.\n\nIn no event and under no legal theory, whether in tort (including negligence),\ncontract, or otherwise, unless required by applicable law (such as deliberate\nand grossly negligent acts) or agreed to in writing, shall any Contributor be\nliable to You for damages, including any direct, indirect, special, incidental,\nor consequential damages of any character arising as a result of this License or\nout of the use or inability to use the Work (including but not limited to\ndamages for loss of goodwill, work stoppage, computer failure or malfunction, or\nany and all other commercial damages or losses), even if such Contributor has\nbeen advised of the possibility of such damages.\n\n9. Accepting Warranty or Additional Liability.\n\nWhile redistributing the Work or Derivative Works thereof, You may choose to\noffer, and charge a fee for, acceptance of support, warranty, indemnity, or\nother liability obligations and/or rights consistent with this License. However,\nin accepting such obligations, You may act only on Your own behalf and on Your\nsole responsibility, not on behalf of any other Contributor, and only if You\nagree to indemnify, defend, and hold each Contributor harmless for any liability\nincurred by, or claims asserted against, such Contributor by reason of your\naccepting any such warranty or additional liability.\n\nEND OF TERMS AND CONDITIONS\n\nAPPENDIX: How to apply the Apache License to your work\n\nTo apply the Apache License to your work, attach the following boilerplate\nnotice, with the fields enclosed by brackets \"[]\" replaced with your own\nidentifying information. (Don't include the brackets!) The text should be\nenclosed in the appropriate comment syntax for the file format. We also\nrecommend that a file or class name and description of purpose be included on\nthe same \"printed page\" as the copyright notice for easier identification within\nthird-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n     http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
@@ -620,8 +620,13 @@
     "licenseText": "\n                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
   },
   {
-    "name": "github.com/google/go-github/v61/github",
-    "path": "github.com/google/go-github/v61/github/LICENSE",
+    "name": "github.com/google/flatbuffers/go",
+    "path": "github.com/google/flatbuffers/go/LICENSE",
+    "licenseText": "\n                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
+  },
+  {
+    "name": "github.com/google/go-github/v71/github",
+    "path": "github.com/google/go-github/v71/github/LICENSE",
     "licenseText": "Copyright (c) 2013 The go-github AUTHORS. All rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\nnotice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\ncopyright notice, this list of conditions and the following disclaimer\nin the documentation and/or other materials provided with the\ndistribution.\n   * Neither the name of Google Inc. nor the names of its\ncontributors may be used to endorse or promote products derived from\nthis software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
   },
   {
@@ -832,7 +837,7 @@
   {
     "name": "github.com/meilisearch/meilisearch-go",
     "path": "github.com/meilisearch/meilisearch-go/LICENSE",
-    "licenseText": "MIT License\n\nCopyright (c) 2020-2024 Meili SAS\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
+    "licenseText": "MIT License\n\nCopyright (c) 2020-2025 Meili SAS\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
   },
   {
     "name": "github.com/mholt/acmez/v3",
@@ -1075,9 +1080,14 @@
     "licenseText": "Apache License\nVersion 2.0, January 2004\nhttp://www.apache.org/licenses/\n\nTERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n1. Definitions.\n\n\"License\" shall mean the terms and conditions for use, reproduction, and\ndistribution as defined by Sections 1 through 9 of this document.\n\n\"Licensor\" shall mean the copyright owner or entity authorized by the copyright\nowner that is granting the License.\n\n\"Legal Entity\" shall mean the union of the acting entity and all other entities\nthat control, are controlled by, or are under common control with that entity.\nFor the purposes of this definition, \"control\" means (i) the power, direct or\nindirect, to cause the direction or management of such entity, whether by\ncontract or otherwise, or (ii) ownership of fifty percent (50%) or more of the\noutstanding shares, or (iii) beneficial ownership of such entity.\n\n\"You\" (or \"Your\") shall mean an individual or Legal Entity exercising\npermissions granted by this License.\n\n\"Source\" form shall mean the preferred form for making modifications, including\nbut not limited to software source code, documentation source, and configuration\nfiles.\n\n\"Object\" form shall mean any form resulting from mechanical transformation or\ntranslation of a Source form, including but not limited to compiled object code,\ngenerated documentation, and conversions to other media types.\n\n\"Work\" shall mean the work of authorship, whether in Source or Object form, made\navailable under the License, as indicated by a copyright notice that is included\nin or attached to the work (an example is provided in the Appendix below).\n\n\"Derivative Works\" shall mean any work, whether in Source or Object form, that\nis based on (or derived from) the Work and for which the editorial revisions,\nannotations, elaborations, or other modifications represent, as a whole, an\noriginal work of authorship. For the purposes of this License, Derivative Works\nshall not include works that remain separable from, or merely link (or bind by\nname) to the interfaces of, the Work and Derivative Works thereof.\n\n\"Contribution\" shall mean any work of authorship, including the original version\nof the Work and any modifications or additions to that Work or Derivative Works\nthereof, that is intentionally submitted to Licensor for inclusion in the Work\nby the copyright owner or by an individual or Legal Entity authorized to submit\non behalf of the copyright owner. For the purposes of this definition,\n\"submitted\" means any form of electronic, verbal, or written communication sent\nto the Licensor or its representatives, including but not limited to\ncommunication on electronic mailing lists, source code control systems, and\nissue tracking systems that are managed by, or on behalf of, the Licensor for\nthe purpose of discussing and improving the Work, but excluding communication\nthat is conspicuously marked or otherwise designated in writing by the copyright\nowner as \"Not a Contribution.\"\n\n\"Contributor\" shall mean Licensor and any individual or Legal Entity on behalf\nof whom a Contribution has been received by Licensor and subsequently\nincorporated within the Work.\n\n2. Grant of Copyright License.\n\nSubject to the terms and conditions of this License, each Contributor hereby\ngrants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,\nirrevocable copyright license to reproduce, prepare Derivative Works of,\npublicly display, publicly perform, sublicense, and distribute the Work and such\nDerivative Works in Source or Object form.\n\n3. Grant of Patent License.\n\nSubject to the terms and conditions of this License, each Contributor hereby\ngrants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,\nirrevocable (except as stated in this section) patent license to make, have\nmade, use, offer to sell, sell, import, and otherwise transfer the Work, where\nsuch license applies only to those patent claims licensable by such Contributor\nthat are necessarily infringed by their Contribution(s) alone or by combination\nof their Contribution(s) with the Work to which such Contribution(s) was\nsubmitted. If You institute patent litigation against any entity (including a\ncross-claim or counterclaim in a lawsuit) alleging that the Work or a\nContribution incorporated within the Work constitutes direct or contributory\npatent infringement, then any patent licenses granted to You under this License\nfor that Work shall terminate as of the date such litigation is filed.\n\n4. Redistribution.\n\nYou may reproduce and distribute copies of the Work or Derivative Works thereof\nin any medium, with or without modifications, and in Source or Object form,\nprovided that You meet the following conditions:\n\nYou must give any other recipients of the Work or Derivative Works a copy of\nthis License; and\nYou must cause any modified files to carry prominent notices stating that You\nchanged the files; and\nYou must retain, in the Source form of any Derivative Works that You distribute,\nall copyright, patent, trademark, and attribution notices from the Source form\nof the Work, excluding those notices that do not pertain to any part of the\nDerivative Works; and\nIf the Work includes a \"NOTICE\" text file as part of its distribution, then any\nDerivative Works that You distribute must include a readable copy of the\nattribution notices contained within such NOTICE file, excluding those notices\nthat do not pertain to any part of the Derivative Works, in at least one of the\nfollowing places: within a NOTICE text file distributed as part of the\nDerivative Works; within the Source form or documentation, if provided along\nwith the Derivative Works; or, within a display generated by the Derivative\nWorks, if and wherever such third-party notices normally appear. The contents of\nthe NOTICE file are for informational purposes only and do not modify the\nLicense. You may add Your own attribution notices within Derivative Works that\nYou distribute, alongside or as an addendum to the NOTICE text from the Work,\nprovided that such additional attribution notices cannot be construed as\nmodifying the License.\nYou may add Your own copyright statement to Your modifications and may provide\nadditional or different license terms and conditions for use, reproduction, or\ndistribution of Your modifications, or for any such Derivative Works as a whole,\nprovided Your use, reproduction, and distribution of the Work otherwise complies\nwith the conditions stated in this License.\n\n5. Submission of Contributions.\n\nUnless You explicitly state otherwise, any Contribution intentionally submitted\nfor inclusion in the Work by You to the Licensor shall be under the terms and\nconditions of this License, without any additional terms or conditions.\nNotwithstanding the above, nothing herein shall supersede or modify the terms of\nany separate license agreement you may have executed with Licensor regarding\nsuch Contributions.\n\n6. Trademarks.\n\nThis License does not grant permission to use the trade names, trademarks,\nservice marks, or product names of the Licensor, except as required for\nreasonable and customary use in describing the origin of the Work and\nreproducing the content of the NOTICE file.\n\n7. Disclaimer of Warranty.\n\nUnless required by applicable law or agreed to in writing, Licensor provides the\nWork (and each Contributor provides its Contributions) on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,\nincluding, without limitation, any warranties or conditions of TITLE,\nNON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are\nsolely responsible for determining the appropriateness of using or\nredistributing the Work and assume any risks associated with Your exercise of\npermissions under this License.\n\n8. Limitation of Liability.\n\nIn no event and under no legal theory, whether in tort (including negligence),\ncontract, or otherwise, unless required by applicable law (such as deliberate\nand grossly negligent acts) or agreed to in writing, shall any Contributor be\nliable to You for damages, including any direct, indirect, special, incidental,\nor consequential damages of any character arising as a result of this License or\nout of the use or inability to use the Work (including but not limited to\ndamages for loss of goodwill, work stoppage, computer failure or malfunction, or\nany and all other commercial damages or losses), even if such Contributor has\nbeen advised of the possibility of such damages.\n\n9. Accepting Warranty or Additional Liability.\n\nWhile redistributing the Work or Derivative Works thereof, You may choose to\noffer, and charge a fee for, acceptance of support, warranty, indemnity, or\nother liability obligations and/or rights consistent with this License. However,\nin accepting such obligations, You may act only on Your own behalf and on Your\nsole responsibility, not on behalf of any other Contributor, and only if You\nagree to indemnify, defend, and hold each Contributor harmless for any liability\nincurred by, or claims asserted against, such Contributor by reason of your\naccepting any such warranty or additional liability.\n\nEND OF TERMS AND CONDITIONS\n\nAPPENDIX: How to apply the Apache License to your work\n\nTo apply the Apache License to your work, attach the following boilerplate\nnotice, with the fields enclosed by brackets \"[]\" replaced with your own\nidentifying information. (Don't include the brackets!) The text should be\nenclosed in the appropriate comment syntax for the file format. We also\nrecommend that a file or class name and description of purpose be included on\nthe same \"printed page\" as the copyright notice for easier identification within\nthird-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n     http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License."
   },
   {
-    "name": "github.com/urfave/cli/v2",
-    "path": "github.com/urfave/cli/v2/LICENSE",
-    "licenseText": "MIT License\n\nCopyright (c) 2022 urfave/cli maintainers\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
+    "name": "github.com/urfave/cli-docs/v3",
+    "path": "github.com/urfave/cli-docs/v3/LICENSE",
+    "licenseText": "MIT License\n\nCopyright (c) 2023 urfave/cli maintainers\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
+  },
+  {
+    "name": "github.com/urfave/cli/v3",
+    "path": "github.com/urfave/cli/v3/LICENSE",
+    "licenseText": "MIT License\n\nCopyright (c) 2023 urfave/cli maintainers\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
   },
   {
     "name": "github.com/valyala/fastjson",
@@ -1105,11 +1115,6 @@
     "licenseText": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"{}\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright {yyyy} {name of copyright owner}\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n\n"
   },
   {
-    "name": "github.com/xrash/smetrics",
-    "path": "github.com/xrash/smetrics/LICENSE",
-    "licenseText": "Copyright (C) 2016 Felipe da Cunha Gonçalves\nAll Rights Reserved.\n\nMIT LICENSE\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of\nthis software and associated documentation files (the \"Software\"), to deal in\nthe Software without restriction, including without limitation the rights to\nuse, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of\nthe Software, and to permit persons to whom the Software is furnished to do so,\nsubject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS\nFOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\nCOPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER\nIN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN\nCONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n"
-  },
-  {
     "name": "github.com/yohcop/openid-go",
     "path": "github.com/yohcop/openid-go/LICENSE",
     "licenseText": "Copyright 2015 Yohann Coppel\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n"
diff --git a/build.go b/build.go
index 234579b514..e81ba54690 100644
--- a/build.go
+++ b/build.go
@@ -5,19 +5,10 @@
 
 package main
 
-// Libraries that are included to vendor utilities used during build.
+// Libraries that are included to vendor utilities used during Makefile build.
 // These libraries will not be included in a normal compilation.
 
 import (
-	// for embed
-	_ "github.com/shurcooL/vfsgen"
-
-	// for cover merge
-	_ "golang.org/x/tools/cover"
-
 	// for vet
 	_ "code.gitea.io/gitea-vet"
-
-	// for swagger
-	_ "github.com/go-swagger/go-swagger/cmd/swagger"
 )
diff --git a/build/generate-bindata.go b/build/generate-bindata.go
index 2fcb7c2f2a..2553770762 100644
--- a/build/generate-bindata.go
+++ b/build/generate-bindata.go
@@ -6,87 +6,22 @@
 package main
 
 import (
-	"bytes"
-	"crypto/sha1"
 	"fmt"
-	"log"
-	"net/http"
 	"os"
-	"path/filepath"
-	"strconv"
 
-	"github.com/shurcooL/vfsgen"
+	"code.gitea.io/gitea/modules/assetfs"
 )
 
-func needsUpdate(dir, filename string) (bool, []byte) {
-	needRegen := false
-	_, err := os.Stat(filename)
-	if err != nil {
-		needRegen = true
-	}
-
-	oldHash, err := os.ReadFile(filename + ".hash")
-	if err != nil {
-		oldHash = []byte{}
-	}
-
-	hasher := sha1.New()
-
-	err = filepath.WalkDir(dir, func(path string, d os.DirEntry, err error) error {
-		if err != nil {
-			return err
-		}
-		info, err := d.Info()
-		if err != nil {
-			return err
-		}
-		_, _ = hasher.Write([]byte(d.Name()))
-		_, _ = hasher.Write([]byte(info.ModTime().String()))
-		_, _ = hasher.Write([]byte(strconv.FormatInt(info.Size(), 16)))
-		return nil
-	})
-	if err != nil {
-		return true, oldHash
-	}
-
-	newHash := hasher.Sum([]byte{})
-
-	if bytes.Compare(oldHash, newHash) != 0 {
-		return true, newHash
-	}
-
-	return needRegen, newHash
-}
-
 func main() {
-	if len(os.Args) < 4 {
-		log.Fatal("Insufficient number of arguments. Need: directory packageName filename")
-	}
-
-	dir, packageName, filename := os.Args[1], os.Args[2], os.Args[3]
-	var useGlobalModTime bool
-	if len(os.Args) == 5 {
-		useGlobalModTime, _ = strconv.ParseBool(os.Args[4])
-	}
-
-	update, newHash := needsUpdate(dir, filename)
-
-	if !update {
-		fmt.Printf("bindata for %s already up-to-date\n", packageName)
-		return
+	if len(os.Args) != 3 {
+		fmt.Println("usage: ./generate-bindata {local-directory} {bindata-filename}")
+		os.Exit(1)
 	}
 
-	fmt.Printf("generating bindata for %s\n", packageName)
-	var fsTemplates http.FileSystem = http.Dir(dir)
-	err := vfsgen.Generate(fsTemplates, vfsgen.Options{
-		PackageName:      packageName,
-		BuildTags:        "bindata",
-		VariableName:     "Assets",
-		Filename:         filename,
-		UseGlobalModTime: useGlobalModTime,
-	})
-	if err != nil {
-		log.Fatalf("%v\n", err)
+	dir, filename := os.Args[1], os.Args[2]
+	fmt.Printf("generating bindata for %s to %s\n", dir, filename)
+	if err := assetfs.GenerateEmbedBindata(dir, filename); err != nil {
+		fmt.Printf("failed: %s\n", err.Error())
+		os.Exit(1)
 	}
-	_ = os.WriteFile(filename+".hash", newHash, 0o666)
 }
diff --git a/cmd/actions.go b/cmd/actions.go
index f582c16c81..2c51c6a1bc 100644
--- a/cmd/actions.go
+++ b/cmd/actions.go
@@ -4,12 +4,13 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -17,7 +18,7 @@ var (
 	CmdActions = &cli.Command{
 		Name:  "actions",
 		Usage: "Manage Gitea Actions",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdActionsGenRunnerToken,
 		},
 	}
@@ -38,10 +39,7 @@ var (
 	}
 )
 
-func runGenerateActionsRunnerToken(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runGenerateActionsRunnerToken(ctx context.Context, c *cli.Command) error {
 	setting.MustInstalled()
 
 	scope := c.String("scope")
diff --git a/cmd/admin.go b/cmd/admin.go
index 6c9480e76e..559544edd3 100644
--- a/cmd/admin.go
+++ b/cmd/admin.go
@@ -15,7 +15,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	repo_module "code.gitea.io/gitea/modules/repository"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -23,7 +23,7 @@ var (
 	CmdAdmin = &cli.Command{
 		Name:  "admin",
 		Usage: "Perform common administrative operations",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdUser,
 			subcmdRepoSyncReleases,
 			subcmdRegenerate,
@@ -41,7 +41,7 @@ var (
 	subcmdRegenerate = &cli.Command{
 		Name:  "regenerate",
 		Usage: "Regenerate specific files",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			microcmdRegenHooks,
 			microcmdRegenKeys,
 		},
@@ -50,15 +50,15 @@ var (
 	subcmdAuth = &cli.Command{
 		Name:  "auth",
 		Usage: "Modify external auth providers",
-		Subcommands: []*cli.Command{
-			microcmdAuthAddOauth,
-			microcmdAuthUpdateOauth,
-			microcmdAuthAddLdapBindDn,
-			microcmdAuthUpdateLdapBindDn,
-			microcmdAuthAddLdapSimpleAuth,
-			microcmdAuthUpdateLdapSimpleAuth,
-			microcmdAuthAddSMTP,
-			microcmdAuthUpdateSMTP,
+		Commands: []*cli.Command{
+			microcmdAuthAddOauth(),
+			microcmdAuthUpdateOauth(),
+			microcmdAuthAddLdapBindDn(),
+			microcmdAuthUpdateLdapBindDn(),
+			microcmdAuthAddLdapSimpleAuth(),
+			microcmdAuthUpdateLdapSimpleAuth(),
+			microcmdAuthAddSMTP(),
+			microcmdAuthUpdateSMTP(),
 			microcmdAuthList,
 			microcmdAuthDelete,
 		},
@@ -70,9 +70,9 @@ var (
 		Action: runSendMail,
 		Flags: []cli.Flag{
 			&cli.StringFlag{
-				Name:  "title",
-				Usage: `a title of a message`,
-				Value: "",
+				Name:     "title",
+				Usage:    "a title of a message",
+				Required: true,
 			},
 			&cli.StringFlag{
 				Name:  "content",
@@ -86,17 +86,16 @@ var (
 			},
 		},
 	}
+)
 
-	idFlag = &cli.Int64Flag{
+func idFlag() *cli.Int64Flag {
+	return &cli.Int64Flag{
 		Name:  "id",
 		Usage: "ID of authentication source",
 	}
-)
-
-func runRepoSyncReleases(_ *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
+}
 
+func runRepoSyncReleases(ctx context.Context, _ *cli.Command) error {
 	if err := initDB(ctx); err != nil {
 		return err
 	}
@@ -107,7 +106,7 @@ func runRepoSyncReleases(_ *cli.Context) error {
 
 	log.Trace("Synchronizing repository releases (this may take a while)")
 	for page := 1; ; page++ {
-		repos, count, err := repo_model.SearchRepositoryByName(ctx, &repo_model.SearchRepoOptions{
+		repos, count, err := repo_model.SearchRepositoryByName(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: repo_model.RepositoryListDefaultPageSize,
 				Page:     page,
diff --git a/cmd/admin_auth.go b/cmd/admin_auth.go
index 4777a92908..1a09366722 100644
--- a/cmd/admin_auth.go
+++ b/cmd/admin_auth.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"os"
@@ -13,14 +14,14 @@ import (
 	"code.gitea.io/gitea/models/db"
 	auth_service "code.gitea.io/gitea/services/auth"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
 	microcmdAuthDelete = &cli.Command{
 		Name:   "delete",
 		Usage:  "Delete specific auth source",
-		Flags:  []cli.Flag{idFlag},
+		Flags:  []cli.Flag{idFlag()},
 		Action: runDeleteAuth,
 	}
 	microcmdAuthList = &cli.Command{
@@ -56,10 +57,7 @@ var (
 	}
 )
 
-func runListAuth(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runListAuth(ctx context.Context, c *cli.Command) error {
 	if err := initDB(ctx); err != nil {
 		return err
 	}
@@ -90,14 +88,11 @@ func runListAuth(c *cli.Context) error {
 	return nil
 }
 
-func runDeleteAuth(c *cli.Context) error {
+func runDeleteAuth(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
 	if err := initDB(ctx); err != nil {
 		return err
 	}
diff --git a/cmd/admin_auth_ldap.go b/cmd/admin_auth_ldap.go
index 274ec181d1..069ad6600c 100644
--- a/cmd/admin_auth_ldap.go
+++ b/cmd/admin_auth_ldap.go
@@ -9,9 +9,10 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/auth/source/ldap"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 type (
@@ -23,8 +24,8 @@ type (
 	}
 )
 
-var (
-	commonLdapCLIFlags = []cli.Flag{
+func commonLdapCLIFlags() []cli.Flag {
+	return []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Usage: "Authentication name.",
@@ -102,8 +103,10 @@ var (
 			Usage: "The attribute of the user’s LDAP record containing the user’s avatar.",
 		},
 	}
+}
 
-	ldapBindDnCLIFlags = append(commonLdapCLIFlags,
+func ldapBindDnCLIFlags() []cli.Flag {
+	return append(commonLdapCLIFlags(),
 		&cli.StringFlag{
 			Name:  "bind-dn",
 			Usage: "The DN to bind to the LDAP server with when searching for the user.",
@@ -156,49 +159,59 @@ var (
 			Name:  "group-team-map-removal",
 			Usage: "Remove users from synchronized teams if user does not belong to corresponding LDAP group",
 		})
+}
 
-	ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
+func ldapSimpleAuthCLIFlags() []cli.Flag {
+	return append(commonLdapCLIFlags(),
 		&cli.StringFlag{
 			Name:  "user-dn",
 			Usage: "The user's DN.",
 		})
+}
 
-	microcmdAuthAddLdapBindDn = &cli.Command{
+func microcmdAuthAddLdapBindDn() *cli.Command {
+	return &cli.Command{
 		Name:  "add-ldap",
 		Usage: "Add new LDAP (via Bind DN) authentication source",
-		Action: func(c *cli.Context) error {
-			return newAuthService().addLdapBindDn(c)
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().addLdapBindDn(ctx, cmd)
 		},
-		Flags: ldapBindDnCLIFlags,
+		Flags: ldapBindDnCLIFlags(),
 	}
+}
 
-	microcmdAuthUpdateLdapBindDn = &cli.Command{
+func microcmdAuthUpdateLdapBindDn() *cli.Command {
+	return &cli.Command{
 		Name:  "update-ldap",
 		Usage: "Update existing LDAP (via Bind DN) authentication source",
-		Action: func(c *cli.Context) error {
-			return newAuthService().updateLdapBindDn(c)
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().updateLdapBindDn(ctx, cmd)
 		},
-		Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...),
+		Flags: append([]cli.Flag{idFlag()}, ldapBindDnCLIFlags()...),
 	}
+}
 
-	microcmdAuthAddLdapSimpleAuth = &cli.Command{
+func microcmdAuthAddLdapSimpleAuth() *cli.Command {
+	return &cli.Command{
 		Name:  "add-ldap-simple",
 		Usage: "Add new LDAP (simple auth) authentication source",
-		Action: func(c *cli.Context) error {
-			return newAuthService().addLdapSimpleAuth(c)
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().addLdapSimpleAuth(ctx, cmd)
 		},
-		Flags: ldapSimpleAuthCLIFlags,
+		Flags: ldapSimpleAuthCLIFlags(),
 	}
+}
 
-	microcmdAuthUpdateLdapSimpleAuth = &cli.Command{
+func microcmdAuthUpdateLdapSimpleAuth() *cli.Command {
+	return &cli.Command{
 		Name:  "update-ldap-simple",
 		Usage: "Update existing LDAP (simple auth) authentication source",
-		Action: func(c *cli.Context) error {
-			return newAuthService().updateLdapSimpleAuth(c)
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().updateLdapSimpleAuth(ctx, cmd)
 		},
-		Flags: append([]cli.Flag{idFlag}, ldapSimpleAuthCLIFlags...),
+		Flags: append([]cli.Flag{idFlag()}, ldapSimpleAuthCLIFlags()...),
 	}
-)
+}
 
 // newAuthService creates a service with default functions.
 func newAuthService() *authService {
@@ -210,8 +223,8 @@ func newAuthService() *authService {
 	}
 }
 
-// parseAuthSource assigns values on authSource according to command line flags.
-func parseAuthSource(c *cli.Context, authSource *auth.Source) {
+// parseAuthSourceLdap assigns values on authSource according to command line flags.
+func parseAuthSourceLdap(c *cli.Command, authSource *auth.Source) {
 	if c.IsSet("name") {
 		authSource.Name = c.String("name")
 	}
@@ -227,10 +240,11 @@ func parseAuthSource(c *cli.Context, authSource *auth.Source) {
 	if c.IsSet("disable-synchronize-users") {
 		authSource.IsSyncEnabled = !c.Bool("disable-synchronize-users")
 	}
+	authSource.TwoFactorPolicy = util.Iif(c.Bool("skip-local-2fa"), "skip", "")
 }
 
 // parseLdapConfig assigns values on config according to command line flags.
-func parseLdapConfig(c *cli.Context, config *ldap.Source) error {
+func parseLdapConfig(c *cli.Command, config *ldap.Source) error {
 	if c.IsSet("name") {
 		config.Name = c.String("name")
 	}
@@ -243,7 +257,7 @@ func parseLdapConfig(c *cli.Context, config *ldap.Source) error {
 	if c.IsSet("security-protocol") {
 		p, ok := findLdapSecurityProtocolByName(c.String("security-protocol"))
 		if !ok {
-			return fmt.Errorf("Unknown security protocol name: %s", c.String("security-protocol"))
+			return fmt.Errorf("unknown security protocol name: %s", c.String("security-protocol"))
 		}
 		config.SecurityProtocol = p
 	}
@@ -298,9 +312,6 @@ func parseLdapConfig(c *cli.Context, config *ldap.Source) error {
 	if c.IsSet("allow-deactivate-all") {
 		config.AllowDeactivateAll = c.Bool("allow-deactivate-all")
 	}
-	if c.IsSet("skip-local-2fa") {
-		config.SkipLocalTwoFA = c.Bool("skip-local-2fa")
-	}
 	if c.IsSet("enable-groups") {
 		config.GroupsEnabled = c.Bool("enable-groups")
 	}
@@ -338,32 +349,27 @@ func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) {
 
 // getAuthSource gets the login source by its id defined in the command line flags.
 // It returns an error if the id is not set, does not match any source or if the source is not of expected type.
-func (a *authService) getAuthSource(ctx context.Context, c *cli.Context, authType auth.Type) (*auth.Source, error) {
+func (a *authService) getAuthSource(ctx context.Context, c *cli.Command, authType auth.Type) (*auth.Source, error) {
 	if err := argsSet(c, "id"); err != nil {
 		return nil, err
 	}
-
 	authSource, err := a.getAuthSourceByID(ctx, c.Int64("id"))
 	if err != nil {
 		return nil, err
 	}
 
 	if authSource.Type != authType {
-		return nil, fmt.Errorf("Invalid authentication type. expected: %s, actual: %s", authType.String(), authSource.Type.String())
+		return nil, fmt.Errorf("invalid authentication type. expected: %s, actual: %s", authType.String(), authSource.Type.String())
 	}
 
 	return authSource, nil
 }
 
 // addLdapBindDn adds a new LDAP via Bind DN authentication source.
-func (a *authService) addLdapBindDn(c *cli.Context) error {
+func (a *authService) addLdapBindDn(ctx context.Context, c *cli.Command) error {
 	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-search-base", "user-filter", "email-attribute"); err != nil {
 		return err
 	}
-
-	ctx, cancel := installSignals()
-	defer cancel()
-
 	if err := a.initDB(ctx); err != nil {
 		return err
 	}
@@ -376,7 +382,7 @@ func (a *authService) addLdapBindDn(c *cli.Context) error {
 		},
 	}
 
-	parseAuthSource(c, authSource)
+	parseAuthSourceLdap(c, authSource)
 	if err := parseLdapConfig(c, authSource.Cfg.(*ldap.Source)); err != nil {
 		return err
 	}
@@ -385,10 +391,7 @@ func (a *authService) addLdapBindDn(c *cli.Context) error {
 }
 
 // updateLdapBindDn updates a new LDAP via Bind DN authentication source.
-func (a *authService) updateLdapBindDn(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func (a *authService) updateLdapBindDn(ctx context.Context, c *cli.Command) error {
 	if err := a.initDB(ctx); err != nil {
 		return err
 	}
@@ -398,7 +401,7 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error {
 		return err
 	}
 
-	parseAuthSource(c, authSource)
+	parseAuthSourceLdap(c, authSource)
 	if err := parseLdapConfig(c, authSource.Cfg.(*ldap.Source)); err != nil {
 		return err
 	}
@@ -407,14 +410,11 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error {
 }
 
 // addLdapSimpleAuth adds a new LDAP (simple auth) authentication source.
-func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
+func (a *authService) addLdapSimpleAuth(ctx context.Context, c *cli.Command) error {
 	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-dn", "user-filter", "email-attribute"); err != nil {
 		return err
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
 	if err := a.initDB(ctx); err != nil {
 		return err
 	}
@@ -427,7 +427,7 @@ func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
 		},
 	}
 
-	parseAuthSource(c, authSource)
+	parseAuthSourceLdap(c, authSource)
 	if err := parseLdapConfig(c, authSource.Cfg.(*ldap.Source)); err != nil {
 		return err
 	}
@@ -436,10 +436,7 @@ func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
 }
 
 // updateLdapSimpleAuth updates a new LDAP (simple auth) authentication source.
-func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func (a *authService) updateLdapSimpleAuth(ctx context.Context, c *cli.Command) error {
 	if err := a.initDB(ctx); err != nil {
 		return err
 	}
@@ -449,7 +446,7 @@ func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
 		return err
 	}
 
-	parseAuthSource(c, authSource)
+	parseAuthSourceLdap(c, authSource)
 	if err := parseLdapConfig(c, authSource.Cfg.(*ldap.Source)); err != nil {
 		return err
 	}
diff --git a/cmd/admin_auth_ldap_test.go b/cmd/admin_auth_ldap_test.go
index bab42226ae..2da7ebc573 100644
--- a/cmd/admin_auth_ldap_test.go
+++ b/cmd/admin_auth_ldap_test.go
@@ -8,17 +8,16 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/services/auth/source/ldap"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 func TestAddLdapBindDn(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	osExiter := cli.OsExiter
-	defer func() { cli.OsExiter = osExiter }()
-	cli.OsExiter = func(code int) {}
+	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
 
 	// Test cases
 	cases := []struct {
@@ -135,7 +134,7 @@ func TestAddLdapBindDn(t *testing.T) {
 				"--user-filter", "(memberOf=cn=user-group,ou=example,dc=domain,dc=org)",
 				"--email-attribute", "mail",
 			},
-			errMsg: "Unknown security protocol name: zzzzz",
+			errMsg: "unknown security protocol name: zzzzz",
 		},
 		// case 3
 		{
@@ -229,22 +228,23 @@ func TestAddLdapBindDn(t *testing.T) {
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "case %d: should not call updateAuthSource", n)
+				assert.FailNow(t, "updateAuthSource called", "case %d: should not call updateAuthSource", n)
 				return nil
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
-				assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
+				assert.FailNow(t, "getAuthSourceByID called", "case %d: should not call getAuthSourceByID", n)
 				return nil, nil
 			},
 		}
 
 		// Create a copy of command to test
-		app := cli.NewApp()
-		app.Flags = microcmdAuthAddLdapBindDn.Flags
-		app.Action = service.addLdapBindDn
+		app := cli.Command{
+			Flags:  microcmdAuthAddLdapBindDn().Flags,
+			Action: service.addLdapBindDn,
+		}
 
 		// Run it
-		err := app.Run(c.args)
+		err := app.Run(t.Context(), c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -256,9 +256,7 @@ func TestAddLdapBindDn(t *testing.T) {
 
 func TestAddLdapSimpleAuth(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	osExiter := cli.OsExiter
-	defer func() { cli.OsExiter = osExiter }()
-	cli.OsExiter = func(code int) {}
+	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
 
 	// Test cases
 	cases := []struct {
@@ -348,12 +346,12 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 				"--name", "ldap (simple auth) source",
 				"--security-protocol", "zzzzz",
 				"--host", "ldap-server",
-				"--port", "123",
+				"--port", "1234",
 				"--user-filter", "(&(objectClass=posixAccount)(cn=%s))",
 				"--email-attribute", "mail",
 				"--user-dn", "cn=%s,ou=Users,dc=domain,dc=org",
 			},
-			errMsg: "Unknown security protocol name: zzzzz",
+			errMsg: "unknown security protocol name: zzzzz",
 		},
 		// case 3
 		{
@@ -460,22 +458,23 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "case %d: should not call updateAuthSource", n)
+				assert.FailNow(t, "updateAuthSource called", "case %d: should not call updateAuthSource", n)
 				return nil
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
-				assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
+				assert.FailNow(t, "getAuthSourceById called", "case %d: should not call getAuthSourceByID", n)
 				return nil, nil
 			},
 		}
 
 		// Create a copy of command to test
-		app := cli.NewApp()
-		app.Flags = microcmdAuthAddLdapSimpleAuth.Flags
-		app.Action = service.addLdapSimpleAuth
+		app := &cli.Command{
+			Flags:  microcmdAuthAddLdapSimpleAuth().Flags,
+			Action: service.addLdapSimpleAuth,
+		}
 
 		// Run it
-		err := app.Run(c.args)
+		err := app.Run(t.Context(), c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -487,9 +486,7 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 
 func TestUpdateLdapBindDn(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	osExiter := cli.OsExiter
-	defer func() { cli.OsExiter = osExiter }()
-	cli.OsExiter = func(code int) {}
+	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
 
 	// Test cases
 	cases := []struct {
@@ -864,7 +861,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
 				"--id", "1",
 				"--security-protocol", "xxxxx",
 			},
-			errMsg: "Unknown security protocol name: xxxxx",
+			errMsg: "unknown security protocol name: xxxxx",
 		},
 		// case 22
 		{
@@ -883,7 +880,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
 				Type: auth.OAuth2,
 				Cfg:  &ldap.Source{},
 			},
-			errMsg: "Invalid authentication type. expected: LDAP (via BindDN), actual: OAuth2",
+			errMsg: "invalid authentication type. expected: LDAP (via BindDN), actual: OAuth2",
 		},
 		// case 24
 		{
@@ -925,7 +922,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
 				return nil
 			},
 			createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "case %d: should not call createAuthSource", n)
+				assert.FailNow(t, "createAuthSource called", "case %d: should not call createAuthSource", n)
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
@@ -947,12 +944,12 @@ func TestUpdateLdapBindDn(t *testing.T) {
 		}
 
 		// Create a copy of command to test
-		app := cli.NewApp()
-		app.Flags = microcmdAuthUpdateLdapBindDn.Flags
-		app.Action = service.updateLdapBindDn
-
+		app := cli.Command{
+			Flags:  microcmdAuthUpdateLdapBindDn().Flags,
+			Action: service.updateLdapBindDn,
+		}
 		// Run it
-		err := app.Run(c.args)
+		err := app.Run(t.Context(), c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -964,9 +961,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
 
 func TestUpdateLdapSimpleAuth(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	osExiter := cli.OsExiter
-	defer func() { cli.OsExiter = osExiter }()
-	cli.OsExiter = func(code int) {}
+	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
 
 	// Test cases
 	cases := []struct {
@@ -1257,7 +1252,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 				"--id", "1",
 				"--security-protocol", "xxxxx",
 			},
-			errMsg: "Unknown security protocol name: xxxxx",
+			errMsg: "unknown security protocol name: xxxxx",
 		},
 		// case 18
 		{
@@ -1276,7 +1271,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 				Type: auth.PAM,
 				Cfg:  &ldap.Source{},
 			},
-			errMsg: "Invalid authentication type. expected: LDAP (simple auth), actual: PAM",
+			errMsg: "invalid authentication type. expected: LDAP (simple auth), actual: PAM",
 		},
 		// case 20
 		{
@@ -1315,7 +1310,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 				return nil
 			},
 			createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "case %d: should not call createAuthSource", n)
+				assert.FailNow(t, "createAuthSource called", "case %d: should not call createAuthSource", n)
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
@@ -1337,12 +1332,12 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 		}
 
 		// Create a copy of command to test
-		app := cli.NewApp()
-		app.Flags = microcmdAuthUpdateLdapSimpleAuth.Flags
-		app.Action = service.updateLdapSimpleAuth
-
+		app := cli.Command{
+			Flags:  microcmdAuthUpdateLdapSimpleAuth().Flags,
+			Action: service.updateLdapSimpleAuth,
+		}
 		// Run it
-		err := app.Run(c.args)
+		err := app.Run(t.Context(), c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
diff --git a/cmd/admin_auth_oauth.go b/cmd/admin_auth_oauth.go
index 8e6239ac33..8848c94fc5 100644
--- a/cmd/admin_auth_oauth.go
+++ b/cmd/admin_auth_oauth.go
@@ -4,18 +4,20 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"net/url"
 
 	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/auth/source/oauth2"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var (
-	oauthCLIFlags = []cli.Flag{
+func oauthCLIFlags() []cli.Flag {
+	return []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Value: "",
@@ -86,6 +88,14 @@ var (
 			Usage: "Scopes to request when to authenticate against this OAuth2 source",
 		},
 		&cli.StringFlag{
+			Name:  "ssh-public-key-claim-name",
+			Usage: "Claim name that provides SSH public keys",
+		},
+		&cli.StringFlag{
+			Name:  "full-name-claim-name",
+			Usage: "Claim name that provides user's full name",
+		},
+		&cli.StringFlag{
 			Name:  "required-claim-name",
 			Value: "",
 			Usage: "Claim name that has to be set to allow users to login with this source",
@@ -120,23 +130,34 @@ var (
 			Usage: "Activate automatic team membership removal depending on groups",
 		},
 	}
+}
 
-	microcmdAuthAddOauth = &cli.Command{
-		Name:   "add-oauth",
-		Usage:  "Add new Oauth authentication source",
-		Action: runAddOauth,
-		Flags:  oauthCLIFlags,
+func microcmdAuthAddOauth() *cli.Command {
+	return &cli.Command{
+		Name:  "add-oauth",
+		Usage: "Add new Oauth authentication source",
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().runAddOauth(ctx, cmd)
+		},
+		Flags: oauthCLIFlags(),
 	}
+}
 
-	microcmdAuthUpdateOauth = &cli.Command{
-		Name:   "update-oauth",
-		Usage:  "Update existing Oauth authentication source",
-		Action: runUpdateOauth,
-		Flags:  append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...),
+func microcmdAuthUpdateOauth() *cli.Command {
+	return &cli.Command{
+		Name:  "update-oauth",
+		Usage: "Update existing Oauth authentication source",
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().runUpdateOauth(ctx, cmd)
+		},
+		Flags: append(oauthCLIFlags()[:1], append([]cli.Flag{&cli.Int64Flag{
+			Name:  "id",
+			Usage: "ID of authentication source",
+		}}, oauthCLIFlags()[1:]...)...),
 	}
-)
+}
 
-func parseOAuth2Config(c *cli.Context) *oauth2.Source {
+func parseOAuth2Config(c *cli.Command) *oauth2.Source {
 	var customURLMapping *oauth2.CustomURLMapping
 	if c.IsSet("use-custom-urls") {
 		customURLMapping = &oauth2.CustomURLMapping{
@@ -156,7 +177,6 @@ func parseOAuth2Config(c *cli.Context) *oauth2.Source {
 		OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
 		CustomURLMapping:              customURLMapping,
 		IconURL:                       c.String("icon-url"),
-		SkipLocalTwoFA:                c.Bool("skip-local-2fa"),
 		Scopes:                        c.StringSlice("scopes"),
 		RequiredClaimName:             c.String("required-claim-name"),
 		RequiredClaimValue:            c.String("required-claim-value"),
@@ -165,14 +185,13 @@ func parseOAuth2Config(c *cli.Context) *oauth2.Source {
 		RestrictedGroup:               c.String("restricted-group"),
 		GroupTeamMap:                  c.String("group-team-map"),
 		GroupTeamMapRemoval:           c.Bool("group-team-map-removal"),
+		SSHPublicKeyClaimName:         c.String("ssh-public-key-claim-name"),
+		FullNameClaimName:             c.String("full-name-claim-name"),
 	}
 }
 
-func runAddOauth(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
+func (a *authService) runAddOauth(ctx context.Context, c *cli.Command) error {
+	if err := a.initDB(ctx); err != nil {
 		return err
 	}
 
@@ -184,27 +203,25 @@ func runAddOauth(c *cli.Context) error {
 		}
 	}
 
-	return auth_model.CreateSource(ctx, &auth_model.Source{
-		Type:     auth_model.OAuth2,
-		Name:     c.String("name"),
-		IsActive: true,
-		Cfg:      config,
+	return a.createAuthSource(ctx, &auth_model.Source{
+		Type:            auth_model.OAuth2,
+		Name:            c.String("name"),
+		IsActive:        true,
+		Cfg:             config,
+		TwoFactorPolicy: util.Iif(c.Bool("skip-local-2fa"), "skip", ""),
 	})
 }
 
-func runUpdateOauth(c *cli.Context) error {
+func (a *authService) runUpdateOauth(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
+	if err := a.initDB(ctx); err != nil {
 		return err
 	}
 
-	source, err := auth_model.GetSourceByID(ctx, c.Int64("id"))
+	source, err := a.getAuthSourceByID(ctx, c.Int64("id"))
 	if err != nil {
 		return err
 	}
@@ -261,6 +278,12 @@ func runUpdateOauth(c *cli.Context) error {
 	if c.IsSet("group-team-map-removal") {
 		oAuth2Config.GroupTeamMapRemoval = c.Bool("group-team-map-removal")
 	}
+	if c.IsSet("ssh-public-key-claim-name") {
+		oAuth2Config.SSHPublicKeyClaimName = c.String("ssh-public-key-claim-name")
+	}
+	if c.IsSet("full-name-claim-name") {
+		oAuth2Config.FullNameClaimName = c.String("full-name-claim-name")
+	}
 
 	// update custom URL mapping
 	customURLMapping := &oauth2.CustomURLMapping{}
@@ -294,6 +317,6 @@ func runUpdateOauth(c *cli.Context) error {
 
 	oAuth2Config.CustomURLMapping = customURLMapping
 	source.Cfg = oAuth2Config
-
-	return auth_model.UpdateSource(ctx, source)
+	source.TwoFactorPolicy = util.Iif(c.Bool("skip-local-2fa"), "skip", "")
+	return a.updateAuthSource(ctx, source)
 }
diff --git a/cmd/admin_auth_oauth_test.go b/cmd/admin_auth_oauth_test.go
new file mode 100644
index 0000000000..bb9da667fd
--- /dev/null
+++ b/cmd/admin_auth_oauth_test.go
@@ -0,0 +1,343 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"context"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/services/auth/source/oauth2"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/urfave/cli/v3"
+)
+
+func TestAddOauth(t *testing.T) {
+	testCases := []struct {
+		name   string
+		args   []string
+		source *auth_model.Source
+		errMsg string
+	}{
+		{
+			name: "valid config",
+			args: []string{
+				"--name", "test",
+				"--provider", "github",
+				"--key", "some_key",
+				"--secret", "some_secret",
+			},
+			source: &auth_model.Source{
+				Type:     auth_model.OAuth2,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Scopes:       []string{},
+					Provider:     "github",
+					ClientID:     "some_key",
+					ClientSecret: "some_secret",
+				},
+				TwoFactorPolicy: "",
+			},
+		},
+		{
+			name: "valid config with openid connect",
+			args: []string{
+				"--name", "test",
+				"--provider", "openidConnect",
+				"--key", "some_key",
+				"--secret", "some_secret",
+				"--auto-discover-url", "https://example.com",
+			},
+			source: &auth_model.Source{
+				Type:     auth_model.OAuth2,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Scopes:                        []string{},
+					Provider:                      "openidConnect",
+					ClientID:                      "some_key",
+					ClientSecret:                  "some_secret",
+					OpenIDConnectAutoDiscoveryURL: "https://example.com",
+				},
+				TwoFactorPolicy: "",
+			},
+		},
+		{
+			name: "valid config with options",
+			args: []string{
+				"--name", "test",
+				"--provider", "gitlab",
+				"--key", "some_key",
+				"--secret", "some_secret",
+				"--use-custom-urls", "true",
+				"--custom-token-url", "https://example.com/token",
+				"--custom-auth-url", "https://example.com/auth",
+				"--custom-profile-url", "https://example.com/profile",
+				"--custom-email-url", "https://example.com/email",
+				"--custom-tenant-id", "some_tenant",
+				"--icon-url", "https://example.com/icon",
+				"--scopes", "scope1,scope2",
+				"--skip-local-2fa", "true",
+				"--required-claim-name", "claim_name",
+				"--required-claim-value", "claim_value",
+				"--group-claim-name", "group_name",
+				"--admin-group", "admin",
+				"--restricted-group", "restricted",
+				"--group-team-map", `{"group1": [1,2]}`,
+				"--group-team-map-removal=true",
+				"--ssh-public-key-claim-name", "attr_ssh_pub_key",
+				"--full-name-claim-name", "attr_full_name",
+			},
+			source: &auth_model.Source{
+				Type:     auth_model.OAuth2,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Provider:     "gitlab",
+					ClientID:     "some_key",
+					ClientSecret: "some_secret",
+					CustomURLMapping: &oauth2.CustomURLMapping{
+						TokenURL:   "https://example.com/token",
+						AuthURL:    "https://example.com/auth",
+						ProfileURL: "https://example.com/profile",
+						EmailURL:   "https://example.com/email",
+						Tenant:     "some_tenant",
+					},
+					IconURL:               "https://example.com/icon",
+					Scopes:                []string{"scope1", "scope2"},
+					RequiredClaimName:     "claim_name",
+					RequiredClaimValue:    "claim_value",
+					GroupClaimName:        "group_name",
+					AdminGroup:            "admin",
+					RestrictedGroup:       "restricted",
+					GroupTeamMap:          `{"group1": [1,2]}`,
+					GroupTeamMapRemoval:   true,
+					SSHPublicKeyClaimName: "attr_ssh_pub_key",
+					FullNameClaimName:     "attr_full_name",
+				},
+				TwoFactorPolicy: "skip",
+			},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			var createdSource *auth_model.Source
+			a := &authService{
+				initDB: func(ctx context.Context) error {
+					return nil
+				},
+				createAuthSource: func(ctx context.Context, source *auth_model.Source) error {
+					createdSource = source
+					return nil
+				},
+			}
+
+			app := &cli.Command{
+				Flags:  microcmdAuthAddOauth().Flags,
+				Action: a.runAddOauth,
+			}
+
+			args := []string{"oauth-test"}
+			args = append(args, tc.args...)
+
+			err := app.Run(t.Context(), args)
+
+			if tc.errMsg != "" {
+				assert.EqualError(t, err, tc.errMsg)
+			} else {
+				assert.NoError(t, err)
+				assert.Equal(t, tc.source, createdSource)
+			}
+		})
+	}
+}
+
+func TestUpdateOauth(t *testing.T) {
+	testCases := []struct {
+		name               string
+		args               []string
+		id                 int64
+		existingAuthSource *auth_model.Source
+		authSource         *auth_model.Source
+		errMsg             string
+	}{
+		{
+			name: "missing id",
+			args: []string{
+				"--name", "test",
+			},
+			errMsg: "--id flag is missing",
+		},
+		{
+			name: "valid config",
+			id:   1,
+			existingAuthSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.OAuth2,
+				Name:     "old name",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Provider:     "github",
+					ClientID:     "old_key",
+					ClientSecret: "old_secret",
+				},
+				TwoFactorPolicy: "",
+			},
+			args: []string{
+				"--id", "1",
+				"--name", "test",
+				"--provider", "gitlab",
+				"--key", "new_key",
+				"--secret", "new_secret",
+			},
+			authSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.OAuth2,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Provider:         "gitlab",
+					ClientID:         "new_key",
+					ClientSecret:     "new_secret",
+					CustomURLMapping: &oauth2.CustomURLMapping{},
+				},
+				TwoFactorPolicy: "",
+			},
+		},
+		{
+			name: "valid config with options",
+			id:   1,
+			existingAuthSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.OAuth2,
+				Name:     "old name",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Provider:     "gitlab",
+					ClientID:     "old_key",
+					ClientSecret: "old_secret",
+					CustomURLMapping: &oauth2.CustomURLMapping{
+						TokenURL:   "https://old.example.com/token",
+						AuthURL:    "https://old.example.com/auth",
+						ProfileURL: "https://old.example.com/profile",
+						EmailURL:   "https://old.example.com/email",
+						Tenant:     "old_tenant",
+					},
+					IconURL:               "https://old.example.com/icon",
+					Scopes:                []string{"old_scope1", "old_scope2"},
+					RequiredClaimName:     "old_claim_name",
+					RequiredClaimValue:    "old_claim_value",
+					GroupClaimName:        "old_group_name",
+					AdminGroup:            "old_admin",
+					RestrictedGroup:       "old_restricted",
+					GroupTeamMap:          `{"old_group1": [1,2]}`,
+					GroupTeamMapRemoval:   true,
+					SSHPublicKeyClaimName: "old_ssh_pub_key",
+					FullNameClaimName:     "old_full_name",
+				},
+				TwoFactorPolicy: "",
+			},
+			args: []string{
+				"--id", "1",
+				"--name", "test",
+				"--provider", "github",
+				"--key", "new_key",
+				"--secret", "new_secret",
+				"--use-custom-urls", "true",
+				"--custom-token-url", "https://example.com/token",
+				"--custom-auth-url", "https://example.com/auth",
+				"--custom-profile-url", "https://example.com/profile",
+				"--custom-email-url", "https://example.com/email",
+				"--custom-tenant-id", "new_tenant",
+				"--icon-url", "https://example.com/icon",
+				"--scopes", "scope1,scope2",
+				"--skip-local-2fa=true",
+				"--required-claim-name", "claim_name",
+				"--required-claim-value", "claim_value",
+				"--group-claim-name", "group_name",
+				"--admin-group", "admin",
+				"--restricted-group", "restricted",
+				"--group-team-map", `{"group1": [1,2]}`,
+				"--group-team-map-removal=false",
+				"--ssh-public-key-claim-name", "new_ssh_pub_key",
+				"--full-name-claim-name", "new_full_name",
+			},
+			authSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.OAuth2,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &oauth2.Source{
+					Provider:     "github",
+					ClientID:     "new_key",
+					ClientSecret: "new_secret",
+					CustomURLMapping: &oauth2.CustomURLMapping{
+						TokenURL:   "https://example.com/token",
+						AuthURL:    "https://example.com/auth",
+						ProfileURL: "https://example.com/profile",
+						EmailURL:   "https://example.com/email",
+						Tenant:     "new_tenant",
+					},
+					IconURL:               "https://example.com/icon",
+					Scopes:                []string{"scope1", "scope2"},
+					RequiredClaimName:     "claim_name",
+					RequiredClaimValue:    "claim_value",
+					GroupClaimName:        "group_name",
+					AdminGroup:            "admin",
+					RestrictedGroup:       "restricted",
+					GroupTeamMap:          `{"group1": [1,2]}`,
+					GroupTeamMapRemoval:   false,
+					SSHPublicKeyClaimName: "new_ssh_pub_key",
+					FullNameClaimName:     "new_full_name",
+				},
+				TwoFactorPolicy: "skip",
+			},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			a := &authService{
+				initDB: func(ctx context.Context) error {
+					return nil
+				},
+				getAuthSourceByID: func(ctx context.Context, id int64) (*auth_model.Source, error) {
+					return &auth_model.Source{
+						ID:       1,
+						Type:     auth_model.OAuth2,
+						Name:     "test",
+						IsActive: true,
+						Cfg: &oauth2.Source{
+							CustomURLMapping: &oauth2.CustomURLMapping{},
+						},
+						TwoFactorPolicy: "skip",
+					}, nil
+				},
+				updateAuthSource: func(ctx context.Context, source *auth_model.Source) error {
+					assert.Equal(t, tc.authSource, source)
+					return nil
+				},
+			}
+
+			app := &cli.Command{
+				Flags:  microcmdAuthUpdateOauth().Flags,
+				Action: a.runUpdateOauth,
+			}
+
+			args := []string{"oauth-test"}
+			args = append(args, tc.args...)
+
+			err := app.Run(t.Context(), args)
+
+			if tc.errMsg != "" {
+				assert.EqualError(t, err, tc.errMsg)
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}
diff --git a/cmd/admin_auth_stmp.go b/cmd/admin_auth_smtp.go
index d724746905..93e0587fc3 100644
--- a/cmd/admin_auth_stmp.go
+++ b/cmd/admin_auth_smtp.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"strings"
 
@@ -11,11 +12,11 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/auth/source/smtp"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var (
-	smtpCLIFlags = []cli.Flag{
+func smtpCLIFlags() []cli.Flag {
+	return []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Value: "",
@@ -38,12 +39,10 @@ var (
 		&cli.BoolFlag{
 			Name:  "force-smtps",
 			Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.",
-			Value: true,
 		},
 		&cli.BoolFlag{
 			Name:  "skip-verify",
 			Usage: "Skip TLS verify.",
-			Value: true,
 		},
 		&cli.StringFlag{
 			Name:  "helo-hostname",
@@ -53,7 +52,6 @@ var (
 		&cli.BoolFlag{
 			Name:  "disable-helo",
 			Usage: "Disable SMTP helo.",
-			Value: true,
 		},
 		&cli.StringFlag{
 			Name:  "allowed-domains",
@@ -63,7 +61,6 @@ var (
 		&cli.BoolFlag{
 			Name:  "skip-local-2fa",
 			Usage: "Skip 2FA to log on.",
-			Value: true,
 		},
 		&cli.BoolFlag{
 			Name:  "active",
@@ -71,23 +68,34 @@ var (
 			Value: true,
 		},
 	}
+}
 
-	microcmdAuthAddSMTP = &cli.Command{
-		Name:   "add-smtp",
-		Usage:  "Add new SMTP authentication source",
-		Action: runAddSMTP,
-		Flags:  smtpCLIFlags,
+func microcmdAuthUpdateSMTP() *cli.Command {
+	return &cli.Command{
+		Name:  "update-smtp",
+		Usage: "Update existing SMTP authentication source",
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().runUpdateSMTP(ctx, cmd)
+		},
+		Flags: append(smtpCLIFlags()[:1], append([]cli.Flag{&cli.Int64Flag{
+			Name:  "id",
+			Usage: "ID of authentication source",
+		}}, smtpCLIFlags()[1:]...)...),
 	}
+}
 
-	microcmdAuthUpdateSMTP = &cli.Command{
-		Name:   "update-smtp",
-		Usage:  "Update existing SMTP authentication source",
-		Action: runUpdateSMTP,
-		Flags:  append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...),
+func microcmdAuthAddSMTP() *cli.Command {
+	return &cli.Command{
+		Name:  "add-smtp",
+		Usage: "Add new SMTP authentication source",
+		Action: func(ctx context.Context, cmd *cli.Command) error {
+			return newAuthService().runAddSMTP(ctx, cmd)
+		},
+		Flags: smtpCLIFlags(),
 	}
-)
+}
 
-func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error {
+func parseSMTPConfig(c *cli.Command, conf *smtp.Source) error {
 	if c.IsSet("auth-type") {
 		conf.Auth = c.String("auth-type")
 		validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"}
@@ -117,17 +125,11 @@ func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error {
 	if c.IsSet("disable-helo") {
 		conf.DisableHelo = c.Bool("disable-helo")
 	}
-	if c.IsSet("skip-local-2fa") {
-		conf.SkipLocalTwoFA = c.Bool("skip-local-2fa")
-	}
 	return nil
 }
 
-func runAddSMTP(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
+func (a *authService) runAddSMTP(ctx context.Context, c *cli.Command) error {
+	if err := a.initDB(ctx); err != nil {
 		return err
 	}
 
@@ -155,27 +157,25 @@ func runAddSMTP(c *cli.Context) error {
 		smtpConfig.Auth = "PLAIN"
 	}
 
-	return auth_model.CreateSource(ctx, &auth_model.Source{
-		Type:     auth_model.SMTP,
-		Name:     c.String("name"),
-		IsActive: active,
-		Cfg:      &smtpConfig,
+	return a.createAuthSource(ctx, &auth_model.Source{
+		Type:            auth_model.SMTP,
+		Name:            c.String("name"),
+		IsActive:        active,
+		Cfg:             &smtpConfig,
+		TwoFactorPolicy: util.Iif(c.Bool("skip-local-2fa"), "skip", ""),
 	})
 }
 
-func runUpdateSMTP(c *cli.Context) error {
+func (a *authService) runUpdateSMTP(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
+	if err := a.initDB(ctx); err != nil {
 		return err
 	}
 
-	source, err := auth_model.GetSourceByID(ctx, c.Int64("id"))
+	source, err := a.getAuthSourceByID(ctx, c.Int64("id"))
 	if err != nil {
 		return err
 	}
@@ -195,6 +195,6 @@ func runUpdateSMTP(c *cli.Context) error {
 	}
 
 	source.Cfg = smtpConfig
-
-	return auth_model.UpdateSource(ctx, source)
+	source.TwoFactorPolicy = util.Iif(c.Bool("skip-local-2fa"), "skip", "")
+	return a.updateAuthSource(ctx, source)
 }
diff --git a/cmd/admin_auth_smtp_test.go b/cmd/admin_auth_smtp_test.go
new file mode 100644
index 0000000000..e54e01830c
--- /dev/null
+++ b/cmd/admin_auth_smtp_test.go
@@ -0,0 +1,271 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"context"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/services/auth/source/smtp"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/urfave/cli/v3"
+)
+
+func TestAddSMTP(t *testing.T) {
+	testCases := []struct {
+		name   string
+		args   []string
+		source *auth_model.Source
+		errMsg string
+	}{
+		{
+			name: "missing name",
+			args: []string{
+				"--host", "localhost",
+				"--port", "25",
+			},
+			errMsg: "name must be set",
+		},
+		{
+			name: "missing host",
+			args: []string{
+				"--name", "test",
+				"--port", "25",
+			},
+			errMsg: "host must be set",
+		},
+		{
+			name: "missing port",
+			args: []string{
+				"--name", "test",
+				"--host", "localhost",
+			},
+			errMsg: "port must be set",
+		},
+		{
+			name: "valid config",
+			args: []string{
+				"--name", "test",
+				"--host", "localhost",
+				"--port", "25",
+			},
+			source: &auth_model.Source{
+				Type:     auth_model.SMTP,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &smtp.Source{
+					Auth: "PLAIN",
+					Host: "localhost",
+					Port: 25,
+				},
+				TwoFactorPolicy: "",
+			},
+		},
+		{
+			name: "valid config with options",
+			args: []string{
+				"--name", "test",
+				"--host", "localhost",
+				"--port", "25",
+				"--auth-type", "LOGIN",
+				"--force-smtps",
+				"--skip-verify",
+				"--helo-hostname", "example.com",
+				"--disable-helo=true",
+				"--allowed-domains", "example.com,example.org",
+				"--skip-local-2fa",
+				"--active=false",
+			},
+			source: &auth_model.Source{
+				Type:     auth_model.SMTP,
+				Name:     "test",
+				IsActive: false,
+				Cfg: &smtp.Source{
+					Auth:           "LOGIN",
+					Host:           "localhost",
+					Port:           25,
+					ForceSMTPS:     true,
+					SkipVerify:     true,
+					HeloHostname:   "example.com",
+					DisableHelo:    true,
+					AllowedDomains: "example.com,example.org",
+				},
+				TwoFactorPolicy: "skip",
+			},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			a := &authService{
+				initDB: func(ctx context.Context) error {
+					return nil
+				},
+				createAuthSource: func(ctx context.Context, source *auth_model.Source) error {
+					assert.Equal(t, tc.source, source)
+					return nil
+				},
+			}
+
+			cmd := &cli.Command{
+				Flags:  microcmdAuthAddSMTP().Flags,
+				Action: a.runAddSMTP,
+			}
+
+			args := []string{"smtp-test"}
+			args = append(args, tc.args...)
+
+			t.Log(args)
+			err := cmd.Run(t.Context(), args)
+
+			if tc.errMsg != "" {
+				assert.EqualError(t, err, tc.errMsg)
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}
+
+func TestUpdateSMTP(t *testing.T) {
+	testCases := []struct {
+		name               string
+		args               []string
+		existingAuthSource *auth_model.Source
+		authSource         *auth_model.Source
+		errMsg             string
+	}{
+		{
+			name: "missing id",
+			args: []string{
+				"--name", "test",
+				"--host", "localhost",
+				"--port", "25",
+			},
+			errMsg: "--id flag is missing",
+		},
+		{
+			name: "valid config",
+			existingAuthSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.SMTP,
+				Name:     "old name",
+				IsActive: true,
+				Cfg: &smtp.Source{
+					Auth: "PLAIN",
+					Host: "old host",
+					Port: 26,
+				},
+			},
+			args: []string{
+				"--id", "1",
+				"--name", "test",
+				"--host", "localhost",
+				"--port", "25",
+			},
+			authSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.SMTP,
+				Name:     "test",
+				IsActive: true,
+				Cfg: &smtp.Source{
+					Auth: "PLAIN",
+					Host: "localhost",
+					Port: 25,
+				},
+			},
+		},
+		{
+			name: "valid config with options",
+			existingAuthSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.SMTP,
+				Name:     "old name",
+				IsActive: true,
+				Cfg: &smtp.Source{
+					Auth:           "PLAIN",
+					Host:           "old host",
+					Port:           26,
+					HeloHostname:   "old.example.com",
+					AllowedDomains: "old.example.com",
+				},
+				TwoFactorPolicy: "",
+			},
+			args: []string{
+				"--id", "1",
+				"--name", "test",
+				"--host", "localhost",
+				"--port", "25",
+				"--auth-type", "LOGIN",
+				"--force-smtps",
+				"--skip-verify",
+				"--helo-hostname", "example.com",
+				"--disable-helo",
+				"--allowed-domains", "example.com,example.org",
+				"--skip-local-2fa",
+				"--active=false",
+			},
+			authSource: &auth_model.Source{
+				ID:       1,
+				Type:     auth_model.SMTP,
+				Name:     "test",
+				IsActive: false,
+				Cfg: &smtp.Source{
+					Auth:           "LOGIN",
+					Host:           "localhost",
+					Port:           25,
+					ForceSMTPS:     true,
+					SkipVerify:     true,
+					HeloHostname:   "example.com",
+					DisableHelo:    true,
+					AllowedDomains: "example.com,example.org",
+				},
+				TwoFactorPolicy: "skip",
+			},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			a := &authService{
+				initDB: func(ctx context.Context) error {
+					return nil
+				},
+				getAuthSourceByID: func(ctx context.Context, id int64) (*auth_model.Source, error) {
+					return &auth_model.Source{
+						ID:       1,
+						Type:     auth_model.SMTP,
+						Name:     "test",
+						IsActive: true,
+						Cfg: &smtp.Source{
+							Auth: "PLAIN",
+						},
+					}, nil
+				},
+
+				updateAuthSource: func(ctx context.Context, source *auth_model.Source) error {
+					assert.Equal(t, tc.authSource, source)
+					return nil
+				},
+			}
+
+			app := &cli.Command{
+				Flags:  microcmdAuthUpdateSMTP().Flags,
+				Action: a.runUpdateSMTP,
+			}
+			args := []string{"smtp-tests"}
+			args = append(args, tc.args...)
+
+			err := app.Run(t.Context(), args)
+
+			if tc.errMsg != "" {
+				assert.EqualError(t, err, tc.errMsg)
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}
diff --git a/cmd/admin_regenerate.go b/cmd/admin_regenerate.go
index ab769f6d0c..a5f1bd5105 100644
--- a/cmd/admin_regenerate.go
+++ b/cmd/admin_regenerate.go
@@ -4,11 +4,13 @@
 package cmd
 
 import (
+	"context"
+
 	"code.gitea.io/gitea/modules/graceful"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
 	repo_service "code.gitea.io/gitea/services/repository"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -25,20 +27,14 @@ var (
 	}
 )
 
-func runRegenerateHooks(_ *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runRegenerateHooks(ctx context.Context, _ *cli.Command) error {
 	if err := initDB(ctx); err != nil {
 		return err
 	}
 	return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext())
 }
 
-func runRegenerateKeys(_ *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runRegenerateKeys(ctx context.Context, _ *cli.Command) error {
 	if err := initDB(ctx); err != nil {
 		return err
 	}
diff --git a/cmd/admin_user.go b/cmd/admin_user.go
index 967a6ed88a..3a24c3e56f 100644
--- a/cmd/admin_user.go
+++ b/cmd/admin_user.go
@@ -4,18 +4,18 @@
 package cmd
 
 import (
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var subcmdUser = &cli.Command{
 	Name:  "user",
 	Usage: "Modify users",
-	Subcommands: []*cli.Command{
-		microcmdUserCreate,
+	Commands: []*cli.Command{
+		microcmdUserCreate(),
 		microcmdUserList,
-		microcmdUserChangePassword,
-		microcmdUserDelete,
+		microcmdUserChangePassword(),
+		microcmdUserDelete(),
 		microcmdUserGenerateAccessToken,
-		microcmdUserMustChangePassword,
+		microcmdUserMustChangePassword(),
 	},
 }
diff --git a/cmd/admin_user_change_password.go b/cmd/admin_user_change_password.go
index f1ed46e70b..c27905b4db 100644
--- a/cmd/admin_user_change_password.go
+++ b/cmd/admin_user_change_password.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 
@@ -13,44 +14,41 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	user_service "code.gitea.io/gitea/services/user"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var microcmdUserChangePassword = &cli.Command{
-	Name:   "change-password",
-	Usage:  "Change a user's password",
-	Action: runChangePassword,
-	Flags: []cli.Flag{
-		&cli.StringFlag{
-			Name:    "username",
-			Aliases: []string{"u"},
-			Value:   "",
-			Usage:   "The user to change password for",
+func microcmdUserChangePassword() *cli.Command {
+	return &cli.Command{
+		Name:   "change-password",
+		Usage:  "Change a user's password",
+		Action: runChangePassword,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "username",
+				Aliases:  []string{"u"},
+				Usage:    "The user to change password for",
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:     "password",
+				Aliases:  []string{"p"},
+				Usage:    "New password to set for user",
+				Required: true,
+			},
+			&cli.BoolFlag{
+				Name:  "must-change-password",
+				Usage: "User must change password (can be disabled by --must-change-password=false)",
+				Value: true,
+			},
 		},
-		&cli.StringFlag{
-			Name:    "password",
-			Aliases: []string{"p"},
-			Value:   "",
-			Usage:   "New password to set for user",
-		},
-		&cli.BoolFlag{
-			Name:  "must-change-password",
-			Usage: "User must change password (can be disabled by --must-change-password=false)",
-			Value: true,
-		},
-	},
-}
-
-func runChangePassword(c *cli.Context) error {
-	if err := argsSet(c, "username", "password"); err != nil {
-		return err
 	}
+}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
-		return err
+func runChangePassword(ctx context.Context, c *cli.Command) error {
+	if !setting.IsInTesting {
+		if err := initDB(ctx); err != nil {
+			return err
+		}
 	}
 
 	user, err := user_model.GetUserByName(ctx, c.String("username"))
diff --git a/cmd/admin_user_change_password_test.go b/cmd/admin_user_change_password_test.go
new file mode 100644
index 0000000000..17d0382af7
--- /dev/null
+++ b/cmd/admin_user_change_password_test.go
@@ -0,0 +1,91 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestChangePasswordCommand(t *testing.T) {
+	ctx := t.Context()
+
+	defer func() {
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
+	}()
+
+	t.Run("change password successfully", func(t *testing.T) {
+		// defer func() {
+		// 	require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
+		// }()
+		// Prepare test user
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+		err := microcmdUserCreate().Run(ctx, []string{"create", "--username", "testuser", "--email", "testuser@gitea.local", "--random-password"})
+		require.NoError(t, err)
+
+		// load test user
+		userBase := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+
+		// Change the password
+		err = microcmdUserChangePassword().Run(ctx, []string{"change-password", "--username", "testuser", "--password", "newpassword"})
+		require.NoError(t, err)
+
+		// Verify the password has been changed
+		user := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+		assert.NotEqual(t, userBase.Passwd, user.Passwd)
+		assert.NotEqual(t, userBase.Salt, user.Salt)
+
+		// Additional check for must-change-password flag
+		require.NoError(t, microcmdUserChangePassword().Run(ctx, []string{"change-password", "--username", "testuser", "--password", "anotherpassword", "--must-change-password=false"}))
+		user = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+		assert.False(t, user.MustChangePassword)
+
+		require.NoError(t, microcmdUserChangePassword().Run(ctx, []string{"change-password", "--username", "testuser", "--password", "yetanotherpassword", "--must-change-password"}))
+		user = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+		assert.True(t, user.MustChangePassword)
+	})
+
+	t.Run("failure cases", func(t *testing.T) {
+		testCases := []struct {
+			name        string
+			args        []string
+			expectedErr string
+		}{
+			{
+				name:        "user does not exist",
+				args:        []string{"change-password", "--username", "nonexistentuser", "--password", "newpassword"},
+				expectedErr: "user does not exist",
+			},
+			{
+				name:        "missing username",
+				args:        []string{"change-password", "--password", "newpassword"},
+				expectedErr: `"username" not set`,
+			},
+			{
+				name:        "missing password",
+				args:        []string{"change-password", "--username", "testuser"},
+				expectedErr: `"password" not set`,
+			},
+			{
+				name:        "too short password",
+				args:        []string{"change-password", "--username", "testuser", "--password", "1"},
+				expectedErr: "password is not long enough",
+			},
+		}
+
+		for _, tc := range testCases {
+			t.Run(tc.name, func(t *testing.T) {
+				err := microcmdUserChangePassword().Run(ctx, tc.args)
+				require.Error(t, err)
+				require.Contains(t, err.Error(), tc.expectedErr)
+			})
+		}
+	})
+}
diff --git a/cmd/admin_user_create.go b/cmd/admin_user_create.go
index 5e03d6ca3f..cbdb5f90e2 100644
--- a/cmd/admin_user_create.go
+++ b/cmd/admin_user_create.go
@@ -7,6 +7,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
@@ -15,73 +16,95 @@ import (
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var microcmdUserCreate = &cli.Command{
-	Name:   "create",
-	Usage:  "Create a new user in database",
-	Action: runCreateUser,
-	Flags: []cli.Flag{
-		&cli.StringFlag{
-			Name:  "name",
-			Usage: "Username. DEPRECATED: use username instead",
+func microcmdUserCreate() *cli.Command {
+	return &cli.Command{
+		Name:   "create",
+		Usage:  "Create a new user in database",
+		Action: runCreateUser,
+		MutuallyExclusiveFlags: []cli.MutuallyExclusiveFlags{
+			{
+				Flags: [][]cli.Flag{
+					{
+						&cli.StringFlag{
+							Name:  "name",
+							Usage: "Username. DEPRECATED: use username instead",
+						},
+						&cli.StringFlag{
+							Name:  "username",
+							Usage: "Username",
+						},
+					},
+				},
+				Required: true,
+			},
 		},
-		&cli.StringFlag{
-			Name:  "username",
-			Usage: "Username",
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "user-type",
+				Usage: "Set user's type: individual or bot",
+				Value: "individual",
+			},
+			&cli.StringFlag{
+				Name:  "password",
+				Usage: "User password",
+			},
+			&cli.StringFlag{
+				Name:     "email",
+				Usage:    "User email address",
+				Required: true,
+			},
+			&cli.BoolFlag{
+				Name:  "admin",
+				Usage: "User is an admin",
+			},
+			&cli.BoolFlag{
+				Name:  "random-password",
+				Usage: "Generate a random password for the user",
+			},
+			&cli.BoolFlag{
+				Name:        "must-change-password",
+				Usage:       "User must change password after initial login, defaults to true for all users except the first one (can be disabled by --must-change-password=false)",
+				HideDefault: true,
+			},
+			&cli.IntFlag{
+				Name:  "random-password-length",
+				Usage: "Length of the random password to be generated",
+				Value: 12,
+			},
+			&cli.BoolFlag{
+				Name:  "access-token",
+				Usage: "Generate access token for the user",
+			},
+			&cli.StringFlag{
+				Name:  "access-token-name",
+				Usage: `Name of the generated access token`,
+				Value: "gitea-admin",
+			},
+			&cli.StringFlag{
+				Name:  "access-token-scopes",
+				Usage: `Scopes of the generated access token, comma separated. Examples: "all", "public-only,read:issue", "write:repository,write:user"`,
+				Value: "all",
+			},
+			&cli.BoolFlag{
+				Name:  "restricted",
+				Usage: "Make a restricted user account",
+			},
+			&cli.StringFlag{
+				Name:  "fullname",
+				Usage: `The full, human-readable name of the user`,
+			},
 		},
-		&cli.StringFlag{
-			Name:  "user-type",
-			Usage: "Set user's type: individual or bot",
-			Value: "individual",
-		},
-		&cli.StringFlag{
-			Name:  "password",
-			Usage: "User password",
-		},
-		&cli.StringFlag{
-			Name:  "email",
-			Usage: "User email address",
-		},
-		&cli.BoolFlag{
-			Name:  "admin",
-			Usage: "User is an admin",
-		},
-		&cli.BoolFlag{
-			Name:  "random-password",
-			Usage: "Generate a random password for the user",
-		},
-		&cli.BoolFlag{
-			Name:               "must-change-password",
-			Usage:              "User must change password after initial login, defaults to true for all users except the first one (can be disabled by --must-change-password=false)",
-			DisableDefaultText: true,
-		},
-		&cli.IntFlag{
-			Name:  "random-password-length",
-			Usage: "Length of the random password to be generated",
-			Value: 12,
-		},
-		&cli.BoolFlag{
-			Name:  "access-token",
-			Usage: "Generate access token for the user",
-		},
-		&cli.BoolFlag{
-			Name:  "restricted",
-			Usage: "Make a restricted user account",
-		},
-	},
+	}
 }
 
-func runCreateUser(c *cli.Context) error {
+func runCreateUser(ctx context.Context, c *cli.Command) error {
 	// this command highly depends on the many setting options (create org, visibility, etc.), so it must have a full setting load first
 	// duplicate setting loading should be safe at the moment, but it should be refactored & improved in the future.
 	setting.LoadSettings()
 
-	if err := argsSet(c, "email"); err != nil {
-		return err
-	}
-
 	userTypes := map[string]user_model.UserType{
 		"individual": user_model.UserTypeIndividual,
 		"bot":        user_model.UserTypeBot,
@@ -98,12 +121,6 @@ func runCreateUser(c *cli.Context) error {
 			return errors.New("password can only be set for individual users")
 		}
 	}
-	if c.IsSet("name") && c.IsSet("username") {
-		return errors.New("cannot set both --name and --username flags")
-	}
-	if !c.IsSet("name") && !c.IsSet("username") {
-		return errors.New("one of --name or --username flags must be set")
-	}
 
 	if c.IsSet("password") && c.IsSet("random-password") {
 		return errors.New("cannot set both -random-password and -password flags")
@@ -114,16 +131,12 @@ func runCreateUser(c *cli.Context) error {
 		username = c.String("username")
 	} else {
 		username = c.String("name")
-		_, _ = fmt.Fprintf(c.App.ErrWriter, "--name flag is deprecated. Use --username instead.\n")
+		_, _ = fmt.Fprintf(c.ErrWriter, "--name flag is deprecated. Use --username instead.\n")
 	}
 
-	ctx := c.Context
 	if !setting.IsInTesting {
-		// FIXME: need to refactor the "installSignals/initDB" related code later
+		// FIXME: need to refactor the "initDB" related code later
 		// it doesn't make sense to call it in (almost) every command action function
-		var cancel context.CancelFunc
-		ctx, cancel = installSignals()
-		defer cancel()
 		if err := initDB(ctx); err != nil {
 			return err
 		}
@@ -180,6 +193,7 @@ func runCreateUser(c *cli.Context) error {
 		Passwd:             password,
 		MustChangePassword: mustChangePassword,
 		Visibility:         visibility,
+		FullName:           c.String("fullname"),
 	}
 
 	overwriteDefault := &user_model.CreateUserOverwriteOptions{
@@ -187,23 +201,40 @@ func runCreateUser(c *cli.Context) error {
 		IsRestricted: restricted,
 	}
 
+	var accessTokenName string
+	var accessTokenScope auth_model.AccessTokenScope
+	if c.IsSet("access-token") {
+		accessTokenName = strings.TrimSpace(c.String("access-token-name"))
+		if accessTokenName == "" {
+			return errors.New("access-token-name cannot be empty")
+		}
+		var err error
+		accessTokenScope, err = auth_model.AccessTokenScope(c.String("access-token-scopes")).Normalize()
+		if err != nil {
+			return fmt.Errorf("invalid access token scope provided: %w", err)
+		}
+		if !accessTokenScope.HasPermissionScope() {
+			return errors.New("access token does not have any permission")
+		}
+	} else if c.IsSet("access-token-name") || c.IsSet("access-token-scopes") {
+		return errors.New("access-token-name and access-token-scopes flags are only valid when access-token flag is set")
+	}
+
+	// arguments should be prepared before creating the user & access token, in case there is anything wrong
+
+	// create the user
 	if err := user_model.CreateUser(ctx, u, &user_model.Meta{}, overwriteDefault); err != nil {
 		return fmt.Errorf("CreateUser: %w", err)
 	}
+	fmt.Printf("New user '%s' has been successfully created!\n", username)
 
-	if c.Bool("access-token") {
-		t := &auth_model.AccessToken{
-			Name: "gitea-admin",
-			UID:  u.ID,
-		}
-
+	// create the access token
+	if accessTokenScope != "" {
+		t := &auth_model.AccessToken{Name: accessTokenName, UID: u.ID, Scope: accessTokenScope}
 		if err := auth_model.NewAccessToken(ctx, t); err != nil {
 			return err
 		}
-
 		fmt.Printf("Access token was successfully created... %s\n", t.Token)
 	}
-
-	fmt.Printf("New user '%s' has been successfully created!\n", username)
 	return nil
 }
diff --git a/cmd/admin_user_create_test.go b/cmd/admin_user_create_test.go
index d8044e8de7..437e07d9a2 100644
--- a/cmd/admin_user_create_test.go
+++ b/cmd/admin_user_create_test.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 	"testing"
 
+	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
@@ -17,11 +18,10 @@ import (
 )
 
 func TestAdminUserCreate(t *testing.T) {
-	app := NewMainApp(AppVersion{})
-
 	reset := func() {
 		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
 		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.EmailAddress{}))
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &auth_model.AccessToken{}))
 	}
 
 	t.Run("MustChangePassword", func(t *testing.T) {
@@ -29,8 +29,9 @@ func TestAdminUserCreate(t *testing.T) {
 			IsAdmin            bool
 			MustChangePassword bool
 		}
+
 		createCheck := func(name, args string) check {
-			require.NoError(t, app.Run(strings.Fields(fmt.Sprintf("./gitea admin user create --username %s --email %s@gitea.local %s --password foobar", name, name, args))))
+			require.NoError(t, microcmdUserCreate().Run(t.Context(), strings.Fields(fmt.Sprintf("create --username %s --email %s@gitea.local %s --password foobar", name, name, args))))
 			u := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: name})
 			return check{IsAdmin: u.IsAdmin, MustChangePassword: u.MustChangePassword}
 		}
@@ -48,19 +49,86 @@ func TestAdminUserCreate(t *testing.T) {
 		assert.Equal(t, check{IsAdmin: false, MustChangePassword: false}, createCheck("u5", "--must-change-password=false"))
 	})
 
-	t.Run("UserType", func(t *testing.T) {
-		createUser := func(name, args string) error {
-			return app.Run(strings.Fields(fmt.Sprintf("./gitea admin user create --username %s --email %s@gitea.local %s", name, name, args)))
-		}
+	createUser := func(name string, args ...string) error {
+		return microcmdUserCreate().Run(t.Context(), append([]string{"create", "--username", name, "--email", name + "@gitea.local"}, args...))
+	}
 
+	t.Run("UserType", func(t *testing.T) {
 		reset()
-		assert.ErrorContains(t, createUser("u", "--user-type invalid"), "invalid user type")
-		assert.ErrorContains(t, createUser("u", "--user-type bot --password 123"), "can only be set for individual users")
-		assert.ErrorContains(t, createUser("u", "--user-type bot --must-change-password"), "can only be set for individual users")
+		assert.ErrorContains(t, createUser("u", "--user-type", "invalid"), "invalid user type")
+		assert.ErrorContains(t, createUser("u", "--user-type", "bot", "--password", "123"), "can only be set for individual users")
+		assert.ErrorContains(t, createUser("u", "--user-type", "bot", "--must-change-password"), "can only be set for individual users")
 
-		assert.NoError(t, createUser("u", "--user-type bot"))
+		assert.NoError(t, createUser("u", "--user-type", "bot"))
 		u := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "u"})
 		assert.Equal(t, user_model.UserTypeBot, u.Type)
-		assert.Equal(t, "", u.Passwd)
+		assert.Empty(t, u.Passwd)
+	})
+
+	t.Run("AccessToken", func(t *testing.T) {
+		// no generated access token
+		reset()
+		assert.NoError(t, createUser("u", "--random-password"))
+		assert.Equal(t, 1, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 0, unittest.GetCount(t, &auth_model.AccessToken{}))
+
+		// using "--access-token" only means "all" access
+		reset()
+		assert.NoError(t, createUser("u", "--random-password", "--access-token"))
+		assert.Equal(t, 1, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 1, unittest.GetCount(t, &auth_model.AccessToken{}))
+		accessToken := unittest.AssertExistsAndLoadBean(t, &auth_model.AccessToken{Name: "gitea-admin"})
+		hasScopes, err := accessToken.Scope.HasScope(auth_model.AccessTokenScopeWriteAdmin, auth_model.AccessTokenScopeWriteRepository)
+		assert.NoError(t, err)
+		assert.True(t, hasScopes)
+
+		// using "--access-token" with name & scopes
+		reset()
+		assert.NoError(t, createUser("u", "--random-password", "--access-token", "--access-token-name", "new-token-name", "--access-token-scopes", "read:issue,read:user"))
+		assert.Equal(t, 1, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 1, unittest.GetCount(t, &auth_model.AccessToken{}))
+		accessToken = unittest.AssertExistsAndLoadBean(t, &auth_model.AccessToken{Name: "new-token-name"})
+		hasScopes, err = accessToken.Scope.HasScope(auth_model.AccessTokenScopeReadIssue, auth_model.AccessTokenScopeReadUser)
+		assert.NoError(t, err)
+		assert.True(t, hasScopes)
+		hasScopes, err = accessToken.Scope.HasScope(auth_model.AccessTokenScopeWriteAdmin, auth_model.AccessTokenScopeWriteRepository)
+		assert.NoError(t, err)
+		assert.False(t, hasScopes)
+
+		// using "--access-token-name" without "--access-token"
+		reset()
+		err = createUser("u", "--random-password", "--access-token-name", "new-token-name")
+		assert.Equal(t, 0, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 0, unittest.GetCount(t, &auth_model.AccessToken{}))
+		assert.ErrorContains(t, err, "access-token-name and access-token-scopes flags are only valid when access-token flag is set")
+
+		// using "--access-token-scopes" without "--access-token"
+		reset()
+		err = createUser("u", "--random-password", "--access-token-scopes", "read:issue")
+		assert.Equal(t, 0, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 0, unittest.GetCount(t, &auth_model.AccessToken{}))
+		assert.ErrorContains(t, err, "access-token-name and access-token-scopes flags are only valid when access-token flag is set")
+
+		// empty permission
+		reset()
+		err = createUser("u", "--random-password", "--access-token", "--access-token-scopes", "public-only")
+		assert.Equal(t, 0, unittest.GetCount(t, &user_model.User{}))
+		assert.Equal(t, 0, unittest.GetCount(t, &auth_model.AccessToken{}))
+		assert.ErrorContains(t, err, "access token does not have any permission")
+	})
+
+	t.Run("UserFields", func(t *testing.T) {
+		reset()
+		assert.NoError(t, createUser("u-FullNameWithSpace", "--random-password", "--fullname", "First O'Middle Last"))
+		unittest.AssertExistsAndLoadBean(t, &user_model.User{
+			Name:      "u-FullNameWithSpace",
+			LowerName: "u-fullnamewithspace",
+			FullName:  "First O'Middle Last",
+			Email:     "u-FullNameWithSpace@gitea.local",
+		})
+
+		assert.NoError(t, createUser("u-FullNameEmpty", "--random-password", "--fullname", ""))
+		u := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "u-fullnameempty"})
+		assert.Empty(t, u.FullName)
 	})
 }
diff --git a/cmd/admin_user_delete.go b/cmd/admin_user_delete.go
index 520557554a..f91041577c 100644
--- a/cmd/admin_user_delete.go
+++ b/cmd/admin_user_delete.go
@@ -4,53 +4,56 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"strings"
 
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
 	user_service "code.gitea.io/gitea/services/user"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var microcmdUserDelete = &cli.Command{
-	Name:  "delete",
-	Usage: "Delete specific user by id, name or email",
-	Flags: []cli.Flag{
-		&cli.Int64Flag{
-			Name:  "id",
-			Usage: "ID of user of the user to delete",
+func microcmdUserDelete() *cli.Command {
+	return &cli.Command{
+		Name:  "delete",
+		Usage: "Delete specific user by id, name or email",
+		Flags: []cli.Flag{
+			&cli.Int64Flag{
+				Name:  "id",
+				Usage: "ID of user of the user to delete",
+			},
+			&cli.StringFlag{
+				Name:    "username",
+				Aliases: []string{"u"},
+				Usage:   "Username of the user to delete",
+			},
+			&cli.StringFlag{
+				Name:    "email",
+				Aliases: []string{"e"},
+				Usage:   "Email of the user to delete",
+			},
+			&cli.BoolFlag{
+				Name:  "purge",
+				Usage: "Purge user, all their repositories, organizations and comments",
+			},
 		},
-		&cli.StringFlag{
-			Name:    "username",
-			Aliases: []string{"u"},
-			Usage:   "Username of the user to delete",
-		},
-		&cli.StringFlag{
-			Name:    "email",
-			Aliases: []string{"e"},
-			Usage:   "Email of the user to delete",
-		},
-		&cli.BoolFlag{
-			Name:  "purge",
-			Usage: "Purge user, all their repositories, organizations and comments",
-		},
-	},
-	Action: runDeleteUser,
+		Action: runDeleteUser,
+	}
 }
 
-func runDeleteUser(c *cli.Context) error {
+func runDeleteUser(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("id") && !c.IsSet("username") && !c.IsSet("email") {
 		return errors.New("You must provide the id, username or email of a user to delete")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(ctx); err != nil {
-		return err
+	if !setting.IsInTesting {
+		if err := initDB(ctx); err != nil {
+			return err
+		}
 	}
 
 	if err := storage.Init(); err != nil {
@@ -70,11 +73,11 @@ func runDeleteUser(c *cli.Context) error {
 		return err
 	}
 	if c.IsSet("username") && user.LowerName != strings.ToLower(strings.TrimSpace(c.String("username"))) {
-		return fmt.Errorf("The user %s who has email %s does not match the provided username %s", user.Name, c.String("email"), c.String("username"))
+		return fmt.Errorf("the user %s who has email %s does not match the provided username %s", user.Name, c.String("email"), c.String("username"))
 	}
 
 	if c.IsSet("id") && user.ID != c.Int64("id") {
-		return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id"))
+		return fmt.Errorf("the user %s does not match the provided id %d", user.Name, c.Int64("id"))
 	}
 
 	return user_service.DeleteUser(ctx, user, c.Bool("purge"))
diff --git a/cmd/admin_user_delete_test.go b/cmd/admin_user_delete_test.go
new file mode 100644
index 0000000000..d0330582d7
--- /dev/null
+++ b/cmd/admin_user_delete_test.go
@@ -0,0 +1,111 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"strconv"
+	"strings"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestAdminUserDelete(t *testing.T) {
+	ctx := t.Context()
+	defer func() {
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.EmailAddress{}))
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &auth_model.AccessToken{}))
+	}()
+
+	setupTestUser := func(t *testing.T) {
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+		err := microcmdUserCreate().Run(t.Context(), []string{"create", "--username", "testuser", "--email", "testuser@gitea.local", "--random-password"})
+		require.NoError(t, err)
+	}
+
+	t.Run("delete user by id", func(t *testing.T) {
+		setupTestUser(t)
+
+		u := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+		err := microcmdUserDelete().Run(ctx, []string{"delete-test", "--id", strconv.FormatInt(u.ID, 10)})
+		require.NoError(t, err)
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+	})
+	t.Run("delete user by username", func(t *testing.T) {
+		setupTestUser(t)
+
+		err := microcmdUserDelete().Run(ctx, []string{"delete-test", "--username", "testuser"})
+		require.NoError(t, err)
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+	})
+	t.Run("delete user by email", func(t *testing.T) {
+		setupTestUser(t)
+
+		err := microcmdUserDelete().Run(ctx, []string{"delete-test", "--email", "testuser@gitea.local"})
+		require.NoError(t, err)
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+	})
+	t.Run("delete user by all 3 attributes", func(t *testing.T) {
+		setupTestUser(t)
+
+		u := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+		err := microcmdUserDelete().Run(ctx, []string{"delete", "--id", strconv.FormatInt(u.ID, 10), "--username", "testuser", "--email", "testuser@gitea.local"})
+		require.NoError(t, err)
+		unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+	})
+}
+
+func TestAdminUserDeleteFailure(t *testing.T) {
+	testCases := []struct {
+		name        string
+		args        []string
+		expectedErr string
+	}{
+		{
+			name:        "no user to delete",
+			args:        []string{"delete", "--username", "nonexistentuser"},
+			expectedErr: "user does not exist",
+		},
+		{
+			name:        "user exists but provided username does not match",
+			args:        []string{"delete", "--email", "testuser@gitea.local", "--username", "wrongusername"},
+			expectedErr: "the user testuser who has email testuser@gitea.local does not match the provided username wrongusername",
+		},
+		{
+			name:        "user exists but provided id does not match",
+			args:        []string{"delete", "--username", "testuser", "--id", "999"},
+			expectedErr: "the user testuser does not match the provided id 999",
+		},
+		{
+			name:        "no required flags are provided",
+			args:        []string{"delete"},
+			expectedErr: "You must provide the id, username or email of a user to delete",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			ctx := t.Context()
+			if strings.Contains(tc.name, "user exists") {
+				unittest.AssertNotExistsBean(t, &user_model.User{LowerName: "testuser"})
+				err := microcmdUserCreate().Run(t.Context(), []string{"create", "--username", "testuser", "--email", "testuser@gitea.local", "--random-password"})
+				require.NoError(t, err)
+			}
+
+			err := microcmdUserDelete().Run(ctx, tc.args)
+			require.Error(t, err)
+			require.Contains(t, err.Error(), tc.expectedErr)
+		})
+
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.EmailAddress{}))
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &auth_model.AccessToken{}))
+	}
+}
diff --git a/cmd/admin_user_generate_access_token.go b/cmd/admin_user_generate_access_token.go
index 6c2c10494e..61064fdef4 100644
--- a/cmd/admin_user_generate_access_token.go
+++ b/cmd/admin_user_generate_access_token.go
@@ -4,13 +4,14 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var microcmdUserGenerateAccessToken = &cli.Command{
@@ -34,21 +35,18 @@ var microcmdUserGenerateAccessToken = &cli.Command{
 		},
 		&cli.StringFlag{
 			Name:  "scopes",
-			Value: "",
-			Usage: "Comma separated list of scopes to apply to access token",
+			Value: "all",
+			Usage: `Comma separated list of scopes to apply to access token, examples: "all", "public-only,read:issue", "write:repository,write:user"`,
 		},
 	},
 	Action: runGenerateAccessToken,
 }
 
-func runGenerateAccessToken(c *cli.Context) error {
+func runGenerateAccessToken(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("username") {
-		return errors.New("You must provide a username to generate a token for")
+		return errors.New("you must provide a username to generate a token for")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
 	if err := initDB(ctx); err != nil {
 		return err
 	}
@@ -77,6 +75,9 @@ func runGenerateAccessToken(c *cli.Context) error {
 	if err != nil {
 		return fmt.Errorf("invalid access token scope provided: %w", err)
 	}
+	if !accessTokenScope.HasPermissionScope() {
+		return errors.New("access token does not have any permission")
+	}
 	t.Scope = accessTokenScope
 
 	// create the token
diff --git a/cmd/admin_user_list.go b/cmd/admin_user_list.go
index 4c2b26d1df..e3d345e2f2 100644
--- a/cmd/admin_user_list.go
+++ b/cmd/admin_user_list.go
@@ -4,13 +4,14 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"text/tabwriter"
 
 	user_model "code.gitea.io/gitea/models/user"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var microcmdUserList = &cli.Command{
@@ -25,10 +26,7 @@ var microcmdUserList = &cli.Command{
 	},
 }
 
-func runListUsers(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runListUsers(ctx context.Context, c *cli.Command) error {
 	if err := initDB(ctx); err != nil {
 		return err
 	}
diff --git a/cmd/admin_user_must_change_password.go b/cmd/admin_user_must_change_password.go
index 2794414259..8521853dc1 100644
--- a/cmd/admin_user_must_change_password.go
+++ b/cmd/admin_user_must_change_password.go
@@ -4,40 +4,41 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-var microcmdUserMustChangePassword = &cli.Command{
-	Name:   "must-change-password",
-	Usage:  "Set the must change password flag for the provided users or all users",
-	Action: runMustChangePassword,
-	Flags: []cli.Flag{
-		&cli.BoolFlag{
-			Name:    "all",
-			Aliases: []string{"A"},
-			Usage:   "All users must change password, except those explicitly excluded with --exclude",
+func microcmdUserMustChangePassword() *cli.Command {
+	return &cli.Command{
+		Name:   "must-change-password",
+		Usage:  "Set the must change password flag for the provided users or all users",
+		Action: runMustChangePassword,
+		Flags: []cli.Flag{
+			&cli.BoolFlag{
+				Name:    "all",
+				Aliases: []string{"A"},
+				Usage:   "All users must change password, except those explicitly excluded with --exclude",
+			},
+			&cli.StringSliceFlag{
+				Name:    "exclude",
+				Aliases: []string{"e"},
+				Usage:   "Do not change the must-change-password flag for these users",
+			},
+			&cli.BoolFlag{
+				Name:  "unset",
+				Usage: "Instead of setting the must-change-password flag, unset it",
+			},
 		},
-		&cli.StringSliceFlag{
-			Name:    "exclude",
-			Aliases: []string{"e"},
-			Usage:   "Do not change the must-change-password flag for these users",
-		},
-		&cli.BoolFlag{
-			Name:  "unset",
-			Usage: "Instead of setting the must-change-password flag, unset it",
-		},
-	},
+	}
 }
 
-func runMustChangePassword(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runMustChangePassword(ctx context.Context, c *cli.Command) error {
 	if c.NArg() == 0 && !c.IsSet("all") {
 		return errors.New("either usernames or --all must be provided")
 	}
@@ -46,8 +47,10 @@ func runMustChangePassword(c *cli.Context) error {
 	all := c.Bool("all")
 	exclude := c.StringSlice("exclude")
 
-	if err := initDB(ctx); err != nil {
-		return err
+	if !setting.IsInTesting {
+		if err := initDB(ctx); err != nil {
+			return err
+		}
 	}
 
 	n, err := user_model.SetMustChangePassword(ctx, all, mustChangePassword, c.Args().Slice(), exclude)
diff --git a/cmd/admin_user_must_change_password_test.go b/cmd/admin_user_must_change_password_test.go
new file mode 100644
index 0000000000..a6611fdc04
--- /dev/null
+++ b/cmd/admin_user_must_change_password_test.go
@@ -0,0 +1,78 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestMustChangePassword(t *testing.T) {
+	defer func() {
+		require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
+	}()
+	err := microcmdUserCreate().Run(t.Context(), []string{"create", "--username", "testuser", "--email", "testuser@gitea.local", "--random-password"})
+	require.NoError(t, err)
+	err = microcmdUserCreate().Run(t.Context(), []string{"create", "--username", "testuserexclude", "--email", "testuserexclude@gitea.local", "--random-password"})
+	require.NoError(t, err)
+	// Reset password change flag
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--all", "--unset"})
+	require.NoError(t, err)
+
+	testUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.False(t, testUser.MustChangePassword)
+	testUserExclude := unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.False(t, testUserExclude.MustChangePassword)
+
+	// Make all users change password
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--all"})
+	require.NoError(t, err)
+
+	testUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.True(t, testUser.MustChangePassword)
+	testUserExclude = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.True(t, testUserExclude.MustChangePassword)
+
+	// Reset password change flag but exclude all tested users
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--all", "--unset", "--exclude", "testuser,testuserexclude"})
+	require.NoError(t, err)
+
+	testUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.True(t, testUser.MustChangePassword)
+	testUserExclude = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.True(t, testUserExclude.MustChangePassword)
+
+	// Reset password change flag by listing multiple users
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--unset", "testuser", "testuserexclude"})
+	require.NoError(t, err)
+
+	testUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.False(t, testUser.MustChangePassword)
+	testUserExclude = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.False(t, testUserExclude.MustChangePassword)
+
+	// Exclude a user from all user
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--all", "--exclude", "testuserexclude"})
+	require.NoError(t, err)
+
+	testUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.True(t, testUser.MustChangePassword)
+	testUserExclude = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.False(t, testUserExclude.MustChangePassword)
+
+	// Unset a flag for single user
+	err = microcmdUserMustChangePassword().Run(t.Context(), []string{"change-test", "--unset", "testuser"})
+	require.NoError(t, err)
+
+	testUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuser"})
+	assert.False(t, testUser.MustChangePassword)
+	testUserExclude = unittest.AssertExistsAndLoadBean(t, &user_model.User{LowerName: "testuserexclude"})
+	assert.False(t, testUserExclude.MustChangePassword)
+}
diff --git a/cmd/cert.go b/cmd/cert.go
index 38241d71a3..53b4f9dcb4 100644
--- a/cmd/cert.go
+++ b/cmd/cert.go
@@ -6,6 +6,7 @@
 package cmd
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -13,6 +14,7 @@ import (
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"encoding/pem"
+	"fmt"
 	"log"
 	"math/big"
 	"net"
@@ -20,47 +22,59 @@ import (
 	"strings"
 	"time"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-// CmdCert represents the available cert sub-command.
-var CmdCert = &cli.Command{
-	Name:  "cert",
-	Usage: "Generate self-signed certificate",
-	Description: `Generate a self-signed X.509 certificate for a TLS server.
+// cmdCert represents the available cert sub-command.
+func cmdCert() *cli.Command {
+	return &cli.Command{
+		Name:  "cert",
+		Usage: "Generate self-signed certificate",
+		Description: `Generate a self-signed X.509 certificate for a TLS server.
 Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`,
-	Action: runCert,
-	Flags: []cli.Flag{
-		&cli.StringFlag{
-			Name:  "host",
-			Value: "",
-			Usage: "Comma-separated hostnames and IPs to generate a certificate for",
+		Action: runCert,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "host",
+				Usage:    "Comma-separated hostnames and IPs to generate a certificate for",
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:  "ecdsa-curve",
+				Value: "",
+				Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521",
+			},
+			&cli.IntFlag{
+				Name:  "rsa-bits",
+				Value: 3072,
+				Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set",
+			},
+			&cli.StringFlag{
+				Name:  "start-date",
+				Value: "",
+				Usage: "Creation date formatted as Jan 1 15:04:05 2011",
+			},
+			&cli.DurationFlag{
+				Name:  "duration",
+				Value: 365 * 24 * time.Hour,
+				Usage: "Duration that certificate is valid for",
+			},
+			&cli.BoolFlag{
+				Name:  "ca",
+				Usage: "whether this cert should be its own Certificate Authority",
+			},
+			&cli.StringFlag{
+				Name:  "out",
+				Value: "cert.pem",
+				Usage: "Path to the file where there certificate will be saved",
+			},
+			&cli.StringFlag{
+				Name:  "keyout",
+				Value: "key.pem",
+				Usage: "Path to the file where there certificate key will be saved",
+			},
 		},
-		&cli.StringFlag{
-			Name:  "ecdsa-curve",
-			Value: "",
-			Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521",
-		},
-		&cli.IntFlag{
-			Name:  "rsa-bits",
-			Value: 3072,
-			Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set",
-		},
-		&cli.StringFlag{
-			Name:  "start-date",
-			Value: "",
-			Usage: "Creation date formatted as Jan 1 15:04:05 2011",
-		},
-		&cli.DurationFlag{
-			Name:  "duration",
-			Value: 365 * 24 * time.Hour,
-			Usage: "Duration that certificate is valid for",
-		},
-		&cli.BoolFlag{
-			Name:  "ca",
-			Usage: "whether this cert should be its own Certificate Authority",
-		},
-	},
+	}
 }
 
 func publicKey(priv any) any {
@@ -89,11 +103,7 @@ func pemBlockForKey(priv any) *pem.Block {
 	}
 }
 
-func runCert(c *cli.Context) error {
-	if err := argsSet(c, "host"); err != nil {
-		return err
-	}
-
+func runCert(_ context.Context, c *cli.Command) error {
 	var priv any
 	var err error
 	switch c.String("ecdsa-curve") {
@@ -108,17 +118,17 @@ func runCert(c *cli.Context) error {
 	case "P521":
 		priv, err = ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
 	default:
-		log.Fatalf("Unrecognized elliptic curve: %q", c.String("ecdsa-curve"))
+		err = fmt.Errorf("unrecognized elliptic curve: %q", c.String("ecdsa-curve"))
 	}
 	if err != nil {
-		log.Fatalf("Failed to generate private key: %v", err)
+		return fmt.Errorf("failed to generate private key: %w", err)
 	}
 
 	var notBefore time.Time
 	if startDate := c.String("start-date"); startDate != "" {
 		notBefore, err = time.Parse("Jan 2 15:04:05 2006", startDate)
 		if err != nil {
-			log.Fatalf("Failed to parse creation date: %v", err)
+			return fmt.Errorf("failed to parse creation date %w", err)
 		}
 	} else {
 		notBefore = time.Now()
@@ -129,7 +139,7 @@ func runCert(c *cli.Context) error {
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
 	if err != nil {
-		log.Fatalf("Failed to generate serial number: %v", err)
+		return fmt.Errorf("failed to generate serial number: %w", err)
 	}
 
 	template := x509.Certificate{
@@ -146,8 +156,8 @@ func runCert(c *cli.Context) error {
 		BasicConstraintsValid: true,
 	}
 
-	hosts := strings.Split(c.String("host"), ",")
-	for _, h := range hosts {
+	hosts := strings.SplitSeq(c.String("host"), ",")
+	for h := range hosts {
 		if ip := net.ParseIP(h); ip != nil {
 			template.IPAddresses = append(template.IPAddresses, ip)
 		} else {
@@ -162,35 +172,35 @@ func runCert(c *cli.Context) error {
 
 	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey(priv), priv)
 	if err != nil {
-		log.Fatalf("Failed to create certificate: %v", err)
+		return fmt.Errorf("failed to create certificate: %w", err)
 	}
 
-	certOut, err := os.Create("cert.pem")
+	certOut, err := os.Create(c.String("out"))
 	if err != nil {
-		log.Fatalf("Failed to open cert.pem for writing: %v", err)
+		return fmt.Errorf("failed to open %s for writing: %w", c.String("keyout"), err)
 	}
 	err = pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
 	if err != nil {
-		log.Fatalf("Failed to encode certificate: %v", err)
+		return fmt.Errorf("failed to encode certificate: %w", err)
 	}
 	err = certOut.Close()
 	if err != nil {
-		log.Fatalf("Failed to write cert: %v", err)
+		return fmt.Errorf("failed to write cert: %w", err)
 	}
-	log.Println("Written cert.pem")
+	fmt.Fprintf(c.Writer, "Written cert to %s\n", c.String("out"))
 
-	keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
+	keyOut, err := os.OpenFile(c.String("keyout"), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
-		log.Fatalf("Failed to open key.pem for writing: %v", err)
+		return fmt.Errorf("failed to open %s for writing: %w", c.String("keyout"), err)
 	}
 	err = pem.Encode(keyOut, pemBlockForKey(priv))
 	if err != nil {
-		log.Fatalf("Failed to encode key: %v", err)
+		return fmt.Errorf("failed to encode key: %w", err)
 	}
 	err = keyOut.Close()
 	if err != nil {
-		log.Fatalf("Failed to write key: %v", err)
+		return fmt.Errorf("failed to write key: %w", err)
 	}
-	log.Println("Written key.pem")
+	fmt.Fprintf(c.Writer, "Written key to %s\n", c.String("keyout"))
 	return nil
 }
diff --git a/cmd/cert_test.go b/cmd/cert_test.go
new file mode 100644
index 0000000000..4242d8915b
--- /dev/null
+++ b/cmd/cert_test.go
@@ -0,0 +1,123 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCertCommand(t *testing.T) {
+	cases := []struct {
+		name string
+		args []string
+	}{
+		{
+			name: "RSA cert generation",
+			args: []string{
+				"cert-test",
+				"--host", "localhost",
+				"--rsa-bits", "2048",
+				"--duration", "1h",
+				"--start-date", "Jan 1 00:00:00 2024",
+			},
+		},
+		{
+			name: "ECDSA cert generation",
+			args: []string{
+				"cert-test",
+				"--host", "localhost",
+				"--ecdsa-curve", "P256",
+				"--duration", "1h",
+				"--start-date", "Jan 1 00:00:00 2024",
+			},
+		},
+		{
+			name: "mixed host, certificate authority",
+			args: []string{
+				"cert-test",
+				"--host", "localhost,127.0.0.1",
+				"--duration", "1h",
+				"--start-date", "Jan 1 00:00:00 2024",
+			},
+		},
+	}
+
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			app := cmdCert()
+			tempDir := t.TempDir()
+
+			certFile := filepath.Join(tempDir, "cert.pem")
+			keyFile := filepath.Join(tempDir, "key.pem")
+
+			err := app.Run(t.Context(), append(c.args, "--out", certFile, "--keyout", keyFile))
+			require.NoError(t, err)
+
+			assert.FileExists(t, certFile)
+			assert.FileExists(t, keyFile)
+		})
+	}
+}
+
+func TestCertCommandFailures(t *testing.T) {
+	cases := []struct {
+		name   string
+		args   []string
+		errMsg string
+	}{
+		{
+			name: "Start Date Parsing failure",
+			args: []string{
+				"cert-test",
+				"--host", "localhost",
+				"--start-date", "invalid-date",
+			},
+			errMsg: "parsing time",
+		},
+		{
+			name: "Unknown curve",
+			args: []string{
+				"cert-test",
+				"--host", "localhost",
+				"--ecdsa-curve", "invalid-curve",
+			},
+			errMsg: "unrecognized elliptic curve",
+		},
+		{
+			name: "Key generation failure",
+			args: []string{
+				"cert-test",
+				"--host", "localhost",
+				"--rsa-bits", "invalid-bits",
+			},
+		},
+		{
+			name: "Missing parameters",
+			args: []string{
+				"cert-test",
+			},
+			errMsg: `"host" not set`,
+		},
+	}
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			app := cmdCert()
+			tempDir := t.TempDir()
+
+			certFile := filepath.Join(tempDir, "cert.pem")
+			keyFile := filepath.Join(tempDir, "key.pem")
+			err := app.Run(t.Context(), append(c.args, "--out", certFile, "--keyout", keyFile))
+			require.Error(t, err)
+			if c.errMsg != "" {
+				assert.ErrorContains(t, err, c.errMsg)
+			}
+			assert.NoFileExists(t, certFile)
+			assert.NoFileExists(t, keyFile)
+		})
+	}
+}
diff --git a/cmd/cmd.go b/cmd/cmd.go
index 423dce2674..5b96bcbf9a 100644
--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@@ -18,20 +18,19 @@ import (
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // argsSet checks that all the required arguments are set. args is a list of
 // arguments that must be set in the passed Context.
-func argsSet(c *cli.Context, args ...string) error {
+func argsSet(c *cli.Command, args ...string) error {
 	for _, a := range args {
 		if !c.IsSet(a) {
 			return errors.New(a + " is not set")
 		}
 
-		if util.IsEmptyString(c.String(a)) {
+		if c.Value(a) == nil {
 			return errors.New(a + " is required")
 		}
 	}
@@ -109,7 +108,7 @@ func setupConsoleLogger(level log.Level, colorize bool, out io.Writer) {
 	log.GetManager().GetLogger(log.DEFAULT).ReplaceAllWriters(writer)
 }
 
-func globalBool(c *cli.Context, name string) bool {
+func globalBool(c *cli.Command, name string) bool {
 	for _, ctx := range c.Lineage() {
 		if ctx.Bool(name) {
 			return true
@@ -120,8 +119,8 @@ func globalBool(c *cli.Context, name string) bool {
 
 // PrepareConsoleLoggerLevel by default, use INFO level for console logger, but some sub-commands (for git/ssh protocol) shouldn't output any log to stdout.
 // Any log appears in git stdout pipe will break the git protocol, eg: client can't push and hangs forever.
-func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(*cli.Context) error {
-	return func(c *cli.Context) error {
+func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(context.Context, *cli.Command) (context.Context, error) {
+	return func(ctx context.Context, c *cli.Command) (context.Context, error) {
 		level := defaultLevel
 		if globalBool(c, "quiet") {
 			level = log.FATAL
@@ -130,6 +129,16 @@ func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(*cli.Context) error
 			level = log.TRACE
 		}
 		log.SetConsoleLogger(log.DEFAULT, "console-default", level)
-		return nil
+		return ctx, nil
 	}
 }
+
+func isValidDefaultSubCommand(cmd *cli.Command) (string, bool) {
+	// Dirty patch for urfave/cli's strange design.
+	// "./gitea bad-cmd" should not start the web server.
+	rootArgs := cmd.Root().Args().Slice()
+	if len(rootArgs) != 0 && rootArgs[0] != cmd.Name {
+		return rootArgs[0], false
+	}
+	return "", true
+}
diff --git a/cmd/cmd_test.go b/cmd/cmd_test.go
new file mode 100644
index 0000000000..a36d05c76e
--- /dev/null
+++ b/cmd/cmd_test.go
@@ -0,0 +1,38 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/urfave/cli/v3"
+)
+
+func TestDefaultCommand(t *testing.T) {
+	test := func(t *testing.T, args []string, expectedRetName string, expectedRetValid bool) {
+		called := false
+		cmd := &cli.Command{
+			DefaultCommand: "test",
+			Commands: []*cli.Command{
+				{
+					Name: "test",
+					Action: func(ctx context.Context, command *cli.Command) error {
+						retName, retValid := isValidDefaultSubCommand(command)
+						assert.Equal(t, expectedRetName, retName)
+						assert.Equal(t, expectedRetValid, retValid)
+						called = true
+						return nil
+					},
+				},
+			},
+		}
+		assert.NoError(t, cmd.Run(t.Context(), args))
+		assert.True(t, called)
+	}
+	test(t, []string{"./gitea"}, "", true)
+	test(t, []string{"./gitea", "test"}, "", true)
+	test(t, []string{"./gitea", "other"}, "other", false)
+}
diff --git a/cmd/docs.go b/cmd/docs.go
index 605d02e3ef..098c0e9a8a 100644
--- a/cmd/docs.go
+++ b/cmd/docs.go
@@ -4,11 +4,13 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"strings"
 
-	"github.com/urfave/cli/v2"
+	cli_docs "github.com/urfave/cli-docs/v3"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdDocs represents the available docs sub-command.
@@ -30,16 +32,16 @@ var CmdDocs = &cli.Command{
 	},
 }
 
-func runDocs(ctx *cli.Context) error {
-	docs, err := ctx.App.ToMarkdown()
-	if ctx.Bool("man") {
-		docs, err = ctx.App.ToMan()
+func runDocs(_ context.Context, cmd *cli.Command) error {
+	docs, err := cli_docs.ToMarkdown(cmd.Root())
+	if cmd.Bool("man") {
+		docs, err = cli_docs.ToMan(cmd.Root())
 	}
 	if err != nil {
 		return err
 	}
 
-	if !ctx.Bool("man") {
+	if !cmd.Bool("man") {
 		// Clean up markdown. The following bug was fixed in v2, but is present in v1.
 		// It affects markdown output (even though the issue is referring to man pages)
 		// https://github.com/urfave/cli/issues/1040
@@ -51,8 +53,8 @@ func runDocs(ctx *cli.Context) error {
 	}
 
 	out := os.Stdout
-	if ctx.String("output") != "" {
-		fi, err := os.Create(ctx.String("output"))
+	if cmd.String("output") != "" {
+		fi, err := os.Create(cmd.String("output"))
 		if err != nil {
 			return err
 		}
diff --git a/cmd/doctor.go b/cmd/doctor.go
index 52699cc4dd..9e0fcbf877 100644
--- a/cmd/doctor.go
+++ b/cmd/doctor.go
@@ -20,7 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/services/doctor"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 	"xorm.io/xorm"
 )
 
@@ -30,7 +30,7 @@ var CmdDoctor = &cli.Command{
 	Usage:       "Diagnose and optionally fix problems, convert or re-create database tables",
 	Description: "A command to diagnose problems with the current Gitea instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.",
 
-	Subcommands: []*cli.Command{
+	Commands: []*cli.Command{
 		cmdDoctorCheck,
 		cmdRecreateTable,
 		cmdDoctorConvert,
@@ -93,16 +93,13 @@ You should back-up your database before doing this and ensure that your database
 	Action: runRecreateTable,
 }
 
-func runRecreateTable(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
+func runRecreateTable(ctx context.Context, cmd *cli.Command) error {
 	// Redirect the default golog to here
 	golog.SetFlags(0)
 	golog.SetPrefix("")
 	golog.SetOutput(log.LoggerToWriter(log.GetLogger(log.DEFAULT).Info))
 
-	debug := ctx.Bool("debug")
+	debug := cmd.Bool("debug")
 	setting.MustInstalled()
 	setting.LoadDBSetting()
 
@@ -113,15 +110,15 @@ func runRecreateTable(ctx *cli.Context) error {
 	}
 
 	setting.Database.LogSQL = debug
-	if err := db.InitEngine(stdCtx); err != nil {
+	if err := db.InitEngine(ctx); err != nil {
 		fmt.Println(err)
 		fmt.Println("Check if you are using the right config file. You can use a --config directive to specify one.")
 		return nil
 	}
 
-	args := ctx.Args()
-	names := make([]string, 0, ctx.NArg())
-	for i := 0; i < ctx.NArg(); i++ {
+	args := cmd.Args()
+	names := make([]string, 0, cmd.NArg())
+	for i := 0; i < cmd.NArg(); i++ {
 		names = append(names, args.Get(i))
 	}
 
@@ -131,7 +128,7 @@ func runRecreateTable(ctx *cli.Context) error {
 	}
 	recreateTables := migrate_base.RecreateTables(beans...)
 
-	return db.InitEngineWithMigration(stdCtx, func(ctx context.Context, x *xorm.Engine) error {
+	return db.InitEngineWithMigration(ctx, func(ctx context.Context, x *xorm.Engine) error {
 		if err := migrations.EnsureUpToDate(ctx, x); err != nil {
 			return err
 		}
@@ -139,16 +136,17 @@ func runRecreateTable(ctx *cli.Context) error {
 	})
 }
 
-func setupDoctorDefaultLogger(ctx *cli.Context, colorize bool) {
+func setupDoctorDefaultLogger(cmd *cli.Command, colorize bool) {
 	// Silence the default loggers
 	setupConsoleLogger(log.FATAL, log.CanColorStderr, os.Stderr)
 
-	logFile := ctx.String("log-file")
-	if logFile == "" {
+	logFile := cmd.String("log-file")
+	switch logFile {
+	case "":
 		return // if no doctor log-file is set, do not show any log from default logger
-	} else if logFile == "-" {
+	case "-":
 		setupConsoleLogger(log.TRACE, colorize, os.Stdout)
-	} else {
+	default:
 		logFile, _ = filepath.Abs(logFile)
 		writeMode := log.WriterMode{Level: log.TRACE, WriterOption: log.WriterFileOption{FileName: logFile}}
 		writer, err := log.NewEventWriter("console-to-file", "file", writeMode)
@@ -160,23 +158,20 @@ func setupDoctorDefaultLogger(ctx *cli.Context, colorize bool) {
 	}
 }
 
-func runDoctorCheck(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
+func runDoctorCheck(ctx context.Context, cmd *cli.Command) error {
 	colorize := log.CanColorStdout
-	if ctx.IsSet("color") {
-		colorize = ctx.Bool("color")
+	if cmd.IsSet("color") {
+		colorize = cmd.Bool("color")
 	}
 
-	setupDoctorDefaultLogger(ctx, colorize)
+	setupDoctorDefaultLogger(cmd, colorize)
 
 	// Finally redirect the default golang's log to here
 	golog.SetFlags(0)
 	golog.SetPrefix("")
 	golog.SetOutput(log.LoggerToWriter(log.GetLogger(log.DEFAULT).Info))
 
-	if ctx.IsSet("list") {
+	if cmd.IsSet("list") {
 		w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0)
 		_, _ = w.Write([]byte("Default\tName\tTitle\n"))
 		doctor.SortChecks(doctor.Checks)
@@ -194,12 +189,12 @@ func runDoctorCheck(ctx *cli.Context) error {
 	}
 
 	var checks []*doctor.Check
-	if ctx.Bool("all") {
+	if cmd.Bool("all") {
 		checks = make([]*doctor.Check, len(doctor.Checks))
 		copy(checks, doctor.Checks)
-	} else if ctx.IsSet("run") {
-		addDefault := ctx.Bool("default")
-		runNamesSet := container.SetOf(ctx.StringSlice("run")...)
+	} else if cmd.IsSet("run") {
+		addDefault := cmd.Bool("default")
+		runNamesSet := container.SetOf(cmd.StringSlice("run")...)
 		for _, check := range doctor.Checks {
 			if (addDefault && check.IsDefault) || runNamesSet.Contains(check.Name) {
 				checks = append(checks, check)
@@ -216,5 +211,5 @@ func runDoctorCheck(ctx *cli.Context) error {
 			}
 		}
 	}
-	return doctor.RunChecks(stdCtx, colorize, ctx.Bool("fix"), checks)
+	return doctor.RunChecks(ctx, colorize, cmd.Bool("fix"), checks)
 }
diff --git a/cmd/doctor_convert.go b/cmd/doctor_convert.go
index 48c835ad0e..8cb718d383 100644
--- a/cmd/doctor_convert.go
+++ b/cmd/doctor_convert.go
@@ -4,13 +4,14 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // cmdDoctorConvert represents the available convert sub-command.
@@ -21,11 +22,8 @@ var cmdDoctorConvert = &cli.Command{
 	Action:      runDoctorConvert,
 }
 
-func runDoctorConvert(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(stdCtx); err != nil {
+func runDoctorConvert(ctx context.Context, cmd *cli.Command) error {
+	if err := initDB(ctx); err != nil {
 		return err
 	}
 
diff --git a/cmd/doctor_test.go b/cmd/doctor_test.go
index 3e1ff299c5..da942b38b6 100644
--- a/cmd/doctor_test.go
+++ b/cmd/doctor_test.go
@@ -11,7 +11,7 @@ import (
 	"code.gitea.io/gitea/services/doctor"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 func TestDoctorRun(t *testing.T) {
@@ -22,12 +22,13 @@ func TestDoctorRun(t *testing.T) {
 
 		SkipDatabaseInitialization: true,
 	})
-	app := cli.NewApp()
-	app.Commands = []*cli.Command{cmdDoctorCheck}
-	err := app.Run([]string{"./gitea", "check", "--run", "test-check"})
+	app := &cli.Command{
+		Commands: []*cli.Command{cmdDoctorCheck},
+	}
+	err := app.Run(t.Context(), []string{"./gitea", "check", "--run", "test-check"})
 	assert.NoError(t, err)
-	err = app.Run([]string{"./gitea", "check", "--run", "no-such"})
+	err = app.Run(t.Context(), []string{"./gitea", "check", "--run", "no-such"})
 	assert.ErrorContains(t, err, `unknown checks: "no-such"`)
-	err = app.Run([]string{"./gitea", "check", "--run", "test-check,no-such"})
+	err = app.Run(t.Context(), []string{"./gitea", "check", "--run", "test-check,no-such"})
 	assert.ErrorContains(t, err, `unknown checks: "no-such"`)
 }
diff --git a/cmd/dump.go b/cmd/dump.go
index ececc80f72..ed19e3d4bf 100644
--- a/cmd/dump.go
+++ b/cmd/dump.go
@@ -5,7 +5,7 @@
 package cmd
 
 import (
-	"fmt"
+	"context"
 	"os"
 	"path"
 	"path/filepath"
@@ -21,7 +21,7 @@ import (
 
 	"gitea.com/go-chi/session"
 	"github.com/mholt/archiver/v3"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdDump represents the available dump sub-command.
@@ -93,7 +93,7 @@ var CmdDump = &cli.Command{
 		},
 		&cli.StringFlag{
 			Name:  "type",
-			Usage: fmt.Sprintf(`Dump output format, default to "zip", supported types: %s`, strings.Join(dump.SupportedOutputTypes, ", ")),
+			Usage: `Dump output format, default to "zip", supported types: ` + strings.Join(dump.SupportedOutputTypes, ", "),
 		},
 	},
 }
@@ -102,17 +102,17 @@ func fatal(format string, args ...any) {
 	log.Fatal(format, args...)
 }
 
-func runDump(ctx *cli.Context) error {
+func runDump(ctx context.Context, cmd *cli.Command) error {
 	setting.MustInstalled()
 
-	quite := ctx.Bool("quiet")
-	verbose := ctx.Bool("verbose")
+	quite := cmd.Bool("quiet")
+	verbose := cmd.Bool("verbose")
 	if verbose && quite {
 		fatal("Option --quiet and --verbose cannot both be set")
 	}
 
 	// outFileName is either "-" or a file name (will be made absolute)
-	outFileName, outType := dump.PrepareFileNameAndType(ctx.String("file"), ctx.String("type"))
+	outFileName, outType := dump.PrepareFileNameAndType(cmd.String("file"), cmd.String("type"))
 	if outType == "" {
 		fatal("Invalid output type")
 	}
@@ -137,10 +137,7 @@ func runDump(ctx *cli.Context) error {
 	setting.DisableLoggerInit()
 	setting.LoadSettings() // cannot access session settings otherwise
 
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
-	err := db.InitEngine(stdCtx)
+	err := db.InitEngine(ctx)
 	if err != nil {
 		return err
 	}
@@ -166,7 +163,7 @@ func runDump(ctx *cli.Context) error {
 	}
 	dumper.GlobalExcludeAbsPath(outFileName)
 
-	if ctx.IsSet("skip-repository") && ctx.Bool("skip-repository") {
+	if cmd.IsSet("skip-repository") && cmd.Bool("skip-repository") {
 		log.Info("Skip dumping local repositories")
 	} else {
 		log.Info("Dumping local repositories... %s", setting.RepoRootPath)
@@ -174,7 +171,7 @@ func runDump(ctx *cli.Context) error {
 			fatal("Failed to include repositories: %v", err)
 		}
 
-		if ctx.IsSet("skip-lfs-data") && ctx.Bool("skip-lfs-data") {
+		if cmd.IsSet("skip-lfs-data") && cmd.Bool("skip-lfs-data") {
 			log.Info("Skip dumping LFS data")
 		} else if !setting.LFS.StartServer {
 			log.Info("LFS isn't enabled. Skip dumping LFS data")
@@ -189,12 +186,12 @@ func runDump(ctx *cli.Context) error {
 		}
 	}
 
-	if ctx.Bool("skip-db") {
+	if cmd.Bool("skip-db") {
 		// Ensure that we don't dump the database file that may reside in setting.AppDataPath or elsewhere.
 		dumper.GlobalExcludeAbsPath(setting.Database.Path)
 		log.Info("Skipping database")
 	} else {
-		tmpDir := ctx.String("tempdir")
+		tmpDir := cmd.String("tempdir")
 		if _, err := os.Stat(tmpDir); os.IsNotExist(err) {
 			fatal("Path does not exist: %s", tmpDir)
 		}
@@ -210,7 +207,7 @@ func runDump(ctx *cli.Context) error {
 			}
 		}()
 
-		targetDBType := ctx.String("database")
+		targetDBType := cmd.String("database")
 		if len(targetDBType) > 0 && targetDBType != setting.Database.Type.String() {
 			log.Info("Dumping database %s => %s...", setting.Database.Type, targetDBType)
 		} else {
@@ -231,7 +228,7 @@ func runDump(ctx *cli.Context) error {
 		fatal("Failed to include specified app.ini: %v", err)
 	}
 
-	if ctx.IsSet("skip-custom-dir") && ctx.Bool("skip-custom-dir") {
+	if cmd.IsSet("skip-custom-dir") && cmd.Bool("skip-custom-dir") {
 		log.Info("Skipping custom directory")
 	} else {
 		customDir, err := os.Stat(setting.CustomPath)
@@ -264,7 +261,7 @@ func runDump(ctx *cli.Context) error {
 			excludes = append(excludes, opts.ProviderConfig)
 		}
 
-		if ctx.IsSet("skip-index") && ctx.Bool("skip-index") {
+		if cmd.IsSet("skip-index") && cmd.Bool("skip-index") {
 			excludes = append(excludes, setting.Indexer.RepoPath)
 			excludes = append(excludes, setting.Indexer.IssuePath)
 		}
@@ -279,7 +276,7 @@ func runDump(ctx *cli.Context) error {
 		}
 	}
 
-	if ctx.IsSet("skip-attachment-data") && ctx.Bool("skip-attachment-data") {
+	if cmd.IsSet("skip-attachment-data") && cmd.Bool("skip-attachment-data") {
 		log.Info("Skip dumping attachment data")
 	} else if err := storage.Attachments.IterateObjects("", func(objPath string, object storage.Object) error {
 		info, err := object.Stat()
@@ -291,7 +288,7 @@ func runDump(ctx *cli.Context) error {
 		fatal("Failed to dump attachments: %v", err)
 	}
 
-	if ctx.IsSet("skip-package-data") && ctx.Bool("skip-package-data") {
+	if cmd.IsSet("skip-package-data") && cmd.Bool("skip-package-data") {
 		log.Info("Skip dumping package data")
 	} else if !setting.Packages.Enabled {
 		log.Info("Packages isn't enabled. Skip dumping package data")
@@ -308,7 +305,7 @@ func runDump(ctx *cli.Context) error {
 	// Doesn't check if LogRootPath exists before processing --skip-log intentionally,
 	// ensuring that it's clear the dump is skipped whether the directory's initialized
 	// yet or not.
-	if ctx.IsSet("skip-log") && ctx.Bool("skip-log") {
+	if cmd.IsSet("skip-log") && cmd.Bool("skip-log") {
 		log.Info("Skip dumping log files")
 	} else {
 		isExist, err := util.IsExist(setting.Log.RootPath)
diff --git a/cmd/dump_repo.go b/cmd/dump_repo.go
index 3a24cf6c5f..a75b2d1b94 100644
--- a/cmd/dump_repo.go
+++ b/cmd/dump_repo.go
@@ -19,7 +19,7 @@ import (
 	"code.gitea.io/gitea/services/convert"
 	"code.gitea.io/gitea/services/migrations"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdDumpRepository represents the available dump repository sub-command.
@@ -79,11 +79,13 @@ wiki, issues, labels, releases, release_assets, milestones, pull_requests, comme
 	},
 }
 
-func runDumpRepository(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
+func runDumpRepository(ctx context.Context, cmd *cli.Command) error {
+	setupConsoleLogger(log.INFO, log.CanColorStderr, os.Stderr)
 
-	if err := initDB(stdCtx); err != nil {
+	setting.DisableLoggerInit()
+	setting.LoadSettings() // cannot access skip_tls_verify settings otherwise
+
+	if err := initDB(ctx); err != nil {
 		return err
 	}
 
@@ -100,8 +102,8 @@ func runDumpRepository(ctx *cli.Context) error {
 
 	var (
 		serviceType structs.GitServiceType
-		cloneAddr   = ctx.String("clone_addr")
-		serviceStr  = ctx.String("git_service")
+		cloneAddr   = cmd.String("clone_addr")
+		serviceStr  = cmd.String("git_service")
 	)
 
 	if strings.HasPrefix(strings.ToLower(cloneAddr), "https://github.com/") {
@@ -119,13 +121,13 @@ func runDumpRepository(ctx *cli.Context) error {
 	opts := base.MigrateOptions{
 		GitServiceType: serviceType,
 		CloneAddr:      cloneAddr,
-		AuthUsername:   ctx.String("auth_username"),
-		AuthPassword:   ctx.String("auth_password"),
-		AuthToken:      ctx.String("auth_token"),
-		RepoName:       ctx.String("repo_name"),
+		AuthUsername:   cmd.String("auth_username"),
+		AuthPassword:   cmd.String("auth_password"),
+		AuthToken:      cmd.String("auth_token"),
+		RepoName:       cmd.String("repo_name"),
 	}
 
-	if len(ctx.String("units")) == 0 {
+	if len(cmd.String("units")) == 0 {
 		opts.Wiki = true
 		opts.Issues = true
 		opts.Milestones = true
@@ -135,8 +137,8 @@ func runDumpRepository(ctx *cli.Context) error {
 		opts.PullRequests = true
 		opts.ReleaseAssets = true
 	} else {
-		units := strings.Split(ctx.String("units"), ",")
-		for _, unit := range units {
+		units := strings.SplitSeq(cmd.String("units"), ",")
+		for unit := range units {
 			switch strings.ToLower(strings.TrimSpace(unit)) {
 			case "":
 				continue
@@ -164,7 +166,7 @@ func runDumpRepository(ctx *cli.Context) error {
 
 	// the repo_dir will be removed if error occurs in DumpRepository
 	// make sure the directory doesn't exist or is empty, prevent from deleting user files
-	repoDir := ctx.String("repo_dir")
+	repoDir := cmd.String("repo_dir")
 	if exists, err := util.IsExist(repoDir); err != nil {
 		return fmt.Errorf("unable to stat repo_dir %q: %w", repoDir, err)
 	} else if exists {
@@ -179,7 +181,7 @@ func runDumpRepository(ctx *cli.Context) error {
 	if err := migrations.DumpRepository(
 		context.Background(),
 		repoDir,
-		ctx.String("owner_name"),
+		cmd.String("owner_name"),
 		opts,
 	); err != nil {
 		log.Fatal("Failed to dump repository: %v", err)
diff --git a/cmd/embedded.go b/cmd/embedded.go
index 9f03f7be7c..1908352453 100644
--- a/cmd/embedded.go
+++ b/cmd/embedded.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"os"
@@ -19,7 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/gobwas/glob"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdEmbedded represents the available extract sub-command.
@@ -28,7 +29,7 @@ var (
 		Name:        "embedded",
 		Usage:       "Extract embedded resources",
 		Description: "A command for extracting embedded resources, like templates and images",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdList,
 			subcmdView,
 			subcmdExtract,
@@ -100,7 +101,7 @@ type assetFile struct {
 	path string
 }
 
-func initEmbeddedExtractor(c *cli.Context) error {
+func initEmbeddedExtractor(c *cli.Command) error {
 	setupConsoleLogger(log.ERROR, log.CanColorStderr, os.Stderr)
 
 	patterns, err := compileCollectPatterns(c.Args().Slice())
@@ -115,31 +116,31 @@ func initEmbeddedExtractor(c *cli.Context) error {
 	return nil
 }
 
-func runList(c *cli.Context) error {
+func runList(_ context.Context, c *cli.Command) error {
 	if err := runListDo(c); err != nil {
-		fmt.Fprintf(os.Stderr, "%v\n", err)
+		_, _ = fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runView(c *cli.Context) error {
+func runView(_ context.Context, c *cli.Command) error {
 	if err := runViewDo(c); err != nil {
-		fmt.Fprintf(os.Stderr, "%v\n", err)
+		_, _ = fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runExtract(c *cli.Context) error {
+func runExtract(_ context.Context, c *cli.Command) error {
 	if err := runExtractDo(c); err != nil {
-		fmt.Fprintf(os.Stderr, "%v\n", err)
+		_, _ = fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runListDo(c *cli.Context) error {
+func runListDo(c *cli.Command) error {
 	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
@@ -151,7 +152,7 @@ func runListDo(c *cli.Context) error {
 	return nil
 }
 
-func runViewDo(c *cli.Context) error {
+func runViewDo(c *cli.Command) error {
 	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
@@ -174,7 +175,7 @@ func runViewDo(c *cli.Context) error {
 	return nil
 }
 
-func runExtractDo(c *cli.Context) error {
+func runExtractDo(c *cli.Command) error {
 	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
@@ -216,7 +217,7 @@ func runExtractDo(c *cli.Context) error {
 	for _, a := range matchedAssetFiles {
 		if err := extractAsset(destdir, a, overwrite, rename); err != nil {
 			// Non-fatal error
-			fmt.Fprintf(os.Stderr, "%s: %v", a.path, err)
+			_, _ = fmt.Fprintf(os.Stderr, "%s: %v\n", a.path, err)
 		}
 	}
 
@@ -271,7 +272,7 @@ func extractAsset(d string, a assetFile, overwrite, rename bool) error {
 	return nil
 }
 
-func collectAssetFilesByPattern(c *cli.Context, globs []glob.Glob, path string, layer *assetfs.Layer) {
+func collectAssetFilesByPattern(c *cli.Command, globs []glob.Glob, path string, layer *assetfs.Layer) {
 	fs := assetfs.Layered(layer)
 	files, err := fs.ListAllFiles(".", true)
 	if err != nil {
@@ -294,16 +295,14 @@ func collectAssetFilesByPattern(c *cli.Context, globs []glob.Glob, path string,
 	}
 }
 
-func compileCollectPatterns(args []string) ([]glob.Glob, error) {
+func compileCollectPatterns(args []string) (_ []glob.Glob, err error) {
 	if len(args) == 0 {
 		args = []string{"**"}
 	}
 	pat := make([]glob.Glob, len(args))
 	for i := range args {
-		if g, err := glob.Compile(args[i], '/'); err != nil {
-			return nil, fmt.Errorf("'%s': Invalid glob pattern: %w", args[i], err)
-		} else { //nolint:revive
-			pat[i] = g
+		if pat[i], err = glob.Compile(args[i], '/'); err != nil {
+			return nil, fmt.Errorf("invalid glob patterh %q: %w", args[i], err)
 		}
 	}
 	return pat, nil
diff --git a/cmd/generate.go b/cmd/generate.go
index 90b32ecaf0..cf491604ef 100644
--- a/cmd/generate.go
+++ b/cmd/generate.go
@@ -5,13 +5,14 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 	"os"
 
 	"code.gitea.io/gitea/modules/generate"
 
 	"github.com/mattn/go-isatty"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -19,7 +20,7 @@ var (
 	CmdGenerate = &cli.Command{
 		Name:  "generate",
 		Usage: "Generate Gitea's secrets/keys/tokens",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdSecret,
 		},
 	}
@@ -27,7 +28,7 @@ var (
 	subcmdSecret = &cli.Command{
 		Name:  "secret",
 		Usage: "Generate a secret token",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			microcmdGenerateInternalToken,
 			microcmdGenerateLfsJwtSecret,
 			microcmdGenerateSecretKey,
@@ -54,7 +55,7 @@ var (
 	}
 )
 
-func runGenerateInternalToken(c *cli.Context) error {
+func runGenerateInternalToken(_ context.Context, c *cli.Command) error {
 	internalToken, err := generate.NewInternalToken()
 	if err != nil {
 		return err
@@ -69,7 +70,7 @@ func runGenerateInternalToken(c *cli.Context) error {
 	return nil
 }
 
-func runGenerateLfsJwtSecret(c *cli.Context) error {
+func runGenerateLfsJwtSecret(_ context.Context, c *cli.Command) error {
 	_, jwtSecretBase64, err := generate.NewJwtSecretWithBase64()
 	if err != nil {
 		return err
@@ -84,7 +85,7 @@ func runGenerateLfsJwtSecret(c *cli.Context) error {
 	return nil
 }
 
-func runGenerateSecretKey(c *cli.Context) error {
+func runGenerateSecretKey(_ context.Context, c *cli.Command) error {
 	secretKey, err := generate.NewSecretKey()
 	if err != nil {
 		return err
diff --git a/cmd/hook.go b/cmd/hook.go
index 41e3c3ce34..b741127ca3 100644
--- a/cmd/hook.go
+++ b/cmd/hook.go
@@ -20,11 +20,11 @@ import (
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 const (
-	hookBatchSize = 30
+	hookBatchSize = 500
 )
 
 var (
@@ -32,9 +32,10 @@ var (
 	CmdHook = &cli.Command{
 		Name:        "hook",
 		Usage:       "(internal) Should only be called by Git",
+		Hidden:      true, // internal commands shouldn't be visible
 		Description: "Delegate commands to corresponding Git hooks",
 		Before:      PrepareConsoleLoggerLevel(log.FATAL),
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdHookPreReceive,
 			subcmdHookUpdate,
 			subcmdHookPostReceive,
@@ -161,12 +162,10 @@ func (n *nilWriter) WriteString(s string) (int, error) {
 	return len(s), nil
 }
 
-func runHookPreReceive(c *cli.Context) error {
+func runHookPreReceive(ctx context.Context, c *cli.Command) error {
 	if isInternal, _ := strconv.ParseBool(os.Getenv(repo_module.EnvIsInternal)); isInternal {
 		return nil
 	}
-	ctx, cancel := installSignals()
-	defer cancel()
 
 	setup(ctx, c.Bool("debug"))
 
@@ -292,7 +291,7 @@ Gitea or set your environment appropriately.`, "")
 
 // runHookUpdate avoid to do heavy operations on update hook because it will be
 // invoked for every ref update which does not like pre-receive and post-receive
-func runHookUpdate(c *cli.Context) error {
+func runHookUpdate(_ context.Context, c *cli.Command) error {
 	if isInternal, _ := strconv.ParseBool(os.Getenv(repo_module.EnvIsInternal)); isInternal {
 		return nil
 	}
@@ -309,15 +308,12 @@ func runHookUpdate(c *cli.Context) error {
 	return nil
 }
 
-func runHookPostReceive(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runHookPostReceive(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 
 	// First of all run update-server-info no matter what
 	if _, _, err := git.NewCommand("update-server-info").RunStdString(ctx, nil); err != nil {
-		return fmt.Errorf("Failed to call 'git update-server-info': %w", err)
+		return fmt.Errorf("failed to call 'git update-server-info': %w", err)
 	}
 
 	// Now if we're an internal don't do anything else
@@ -485,7 +481,7 @@ func hookPrintResult(output, isCreate bool, branch, url string) {
 func pushOptions() map[string]string {
 	opts := make(map[string]string)
 	if pushCount, err := strconv.Atoi(os.Getenv(private.GitPushOptionCount)); err == nil {
-		for idx := 0; idx < pushCount; idx++ {
+		for idx := range pushCount {
 			opt := os.Getenv(fmt.Sprintf("GIT_PUSH_OPTION_%d", idx))
 			kv := strings.SplitN(opt, "=", 2)
 			if len(kv) == 2 {
@@ -496,10 +492,7 @@ func pushOptions() map[string]string {
 	return opts
 }
 
-func runHookProcReceive(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runHookProcReceive(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 
 	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
@@ -740,7 +733,7 @@ func readPktLine(ctx context.Context, in *bufio.Reader, requestType pktLineType)
 
 	// read prefix
 	lengthBytes := make([]byte, 4)
-	for i := 0; i < 4; i++ {
+	for i := range 4 {
 		lengthBytes[i], err = in.ReadByte()
 		if err != nil {
 			return nil, fail(ctx, "Protocol: stdin error", "Pkt-Line: read stdin failed : %v", err)
diff --git a/cmd/keys.go b/cmd/keys.go
index 7fdbe16119..5ca3b91e15 100644
--- a/cmd/keys.go
+++ b/cmd/keys.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"strings"
@@ -11,13 +12,14 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdKeys represents the available keys sub-command
 var CmdKeys = &cli.Command{
 	Name:        "keys",
 	Usage:       "(internal) Should only be called by SSH server",
+	Hidden:      true, // internal commands shouldn't not be visible
 	Description: "Queries the Gitea database to get the authorized command for a given ssh key fingerprint",
 	Before:      PrepareConsoleLoggerLevel(log.FATAL),
 	Action:      runKeys,
@@ -49,7 +51,7 @@ var CmdKeys = &cli.Command{
 	},
 }
 
-func runKeys(c *cli.Context) error {
+func runKeys(ctx context.Context, c *cli.Command) error {
 	if !c.IsSet("username") {
 		return errors.New("No username provided")
 	}
@@ -68,9 +70,6 @@ func runKeys(c *cli.Context) error {
 		return errors.New("No key type and content provided")
 	}
 
-	ctx, cancel := installSignals()
-	defer cancel()
-
 	setup(ctx, c.Bool("debug"))
 
 	authorizedString, extra := private.AuthorizedPublicKeyByContent(ctx, content)
@@ -78,6 +77,6 @@ func runKeys(c *cli.Context) error {
 	if extra.Error != nil {
 		return extra.Error
 	}
-	_, _ = fmt.Fprintln(c.App.Writer, strings.TrimSpace(authorizedString.Text))
+	_, _ = fmt.Fprintln(c.Root().Writer, strings.TrimSpace(authorizedString.Text))
 	return nil
 }
diff --git a/cmd/mailer.go b/cmd/mailer.go
index 0c5f2c8c8d..72bd8e5601 100644
--- a/cmd/mailer.go
+++ b/cmd/mailer.go
@@ -4,24 +4,18 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-func runSendMail(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runSendMail(ctx context.Context, c *cli.Command) error {
 	setting.MustInstalled()
 
-	if err := argsSet(c, "title"); err != nil {
-		return err
-	}
-
 	subject := c.String("title")
 	confirmSkiped := c.Bool("force")
 	body := c.String("content")
diff --git a/cmd/main.go b/cmd/main.go
index 7251bd09a3..3fdaf48ed9 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -4,36 +4,40 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
+	"io"
 	"os"
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
-// cmdHelp is our own help subcommand with more information
-// Keep in mind that the "./gitea help"(subcommand) is different from "./gitea --help"(flag), the flag doesn't parse the config or output "DEFAULT CONFIGURATION:" information
-func cmdHelp() *cli.Command {
-	c := &cli.Command{
-		Name:      "help",
-		Aliases:   []string{"h"},
-		Usage:     "Shows a list of commands or help for one command",
-		ArgsUsage: "[command]",
-		Action: func(c *cli.Context) (err error) {
-			lineage := c.Lineage() // The order is from child to parent: help, doctor, Gitea, {Command:nil}
-			targetCmdIdx := 0
-			if c.Command.Name == "help" {
-				targetCmdIdx = 1
-			}
-			if lineage[targetCmdIdx+1].Command != nil {
-				err = cli.ShowCommandHelp(lineage[targetCmdIdx+1], lineage[targetCmdIdx].Command.Name)
-			} else {
-				err = cli.ShowAppHelp(c)
-			}
-			_, _ = fmt.Fprintf(c.App.Writer, `
+var cliHelpPrinterOld = cli.HelpPrinter
+
+func init() {
+	cli.HelpPrinter = cliHelpPrinterNew
+}
+
+// cliHelpPrinterNew helps to print "DEFAULT CONFIGURATION" for the following cases ( "-c" can apper in any position):
+// * ./gitea -c /dev/null -h
+// * ./gitea -c help /dev/null help
+// * ./gitea help -c /dev/null
+// * ./gitea help -c /dev/null web
+// * ./gitea help web -c /dev/null
+// * ./gitea web help -c /dev/null
+// * ./gitea web -h -c /dev/null
+func cliHelpPrinterNew(out io.Writer, templ string, data any) {
+	cmd, _ := data.(*cli.Command)
+	if cmd != nil {
+		prepareWorkPathAndCustomConf(cmd)
+	}
+	cliHelpPrinterOld(out, templ, data)
+	if setting.CustomConf != "" {
+		_, _ = fmt.Fprintf(out, `
 DEFAULT CONFIGURATION:
    AppPath:    %s
    WorkPath:   %s
@@ -41,75 +45,34 @@ DEFAULT CONFIGURATION:
    ConfigFile: %s
 
 `, setting.AppPath, setting.AppWorkPath, setting.CustomPath, setting.CustomConf)
-			return err
-		},
 	}
-	return c
 }
 
-func appGlobalFlags() []cli.Flag {
-	return []cli.Flag{
-		// make the builtin flags at the top
-		cli.HelpFlag,
-
-		// shared configuration flags, they are for global and for each sub-command at the same time
-		// eg: such command is valid: "./gitea --config /tmp/app.ini web --config /tmp/app.ini", while it's discouraged indeed
-		// keep in mind that the short flags like "-C", "-c" and "-w" are globally polluted, they can't be used for sub-commands anymore.
-		&cli.StringFlag{
-			Name:    "custom-path",
-			Aliases: []string{"C"},
-			Usage:   "Set custom path (defaults to '{WorkPath}/custom')",
-		},
-		&cli.StringFlag{
-			Name:    "config",
-			Aliases: []string{"c"},
-			Value:   setting.CustomConf,
-			Usage:   "Set custom config file (defaults to '{WorkPath}/custom/conf/app.ini')",
-		},
-		&cli.StringFlag{
-			Name:    "work-path",
-			Aliases: []string{"w"},
-			Usage:   "Set Gitea's working path (defaults to the Gitea's binary directory)",
-		},
+func prepareSubcommandWithGlobalFlags(originCmd *cli.Command) {
+	originBefore := originCmd.Before
+	originCmd.Before = func(ctx context.Context, cmd *cli.Command) (context.Context, error) {
+		prepareWorkPathAndCustomConf(cmd)
+		if originBefore != nil {
+			return originBefore(ctx, cmd)
+		}
+		return ctx, nil
 	}
 }
 
-func prepareSubcommandWithConfig(command *cli.Command, globalFlags []cli.Flag) {
-	command.Flags = append(append([]cli.Flag{}, globalFlags...), command.Flags...)
-	command.Action = prepareWorkPathAndCustomConf(command.Action)
-	command.HideHelp = true
-	if command.Name != "help" {
-		command.Subcommands = append(command.Subcommands, cmdHelp())
+// prepareWorkPathAndCustomConf tries to prepare the work path, custom path and custom config from various inputs:
+// command line flags, environment variables, config file
+func prepareWorkPathAndCustomConf(cmd *cli.Command) {
+	var args setting.ArgWorkPathAndCustomConf
+	if cmd.IsSet("work-path") {
+		args.WorkPath = cmd.String("work-path")
 	}
-	for i := range command.Subcommands {
-		prepareSubcommandWithConfig(command.Subcommands[i], globalFlags)
+	if cmd.IsSet("custom-path") {
+		args.CustomPath = cmd.String("custom-path")
 	}
-}
-
-// prepareWorkPathAndCustomConf wraps the Action to prepare the work path and custom config
-// It can't use "Before", because each level's sub-command's Before will be called one by one, so the "init" would be done multiple times
-func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(ctx *cli.Context) error {
-	return func(ctx *cli.Context) error {
-		var args setting.ArgWorkPathAndCustomConf
-		// from children to parent, check the global flags
-		for _, curCtx := range ctx.Lineage() {
-			if curCtx.IsSet("work-path") && args.WorkPath == "" {
-				args.WorkPath = curCtx.String("work-path")
-			}
-			if curCtx.IsSet("custom-path") && args.CustomPath == "" {
-				args.CustomPath = curCtx.String("custom-path")
-			}
-			if curCtx.IsSet("config") && args.CustomConf == "" {
-				args.CustomConf = curCtx.String("config")
-			}
-		}
-		setting.InitWorkPathAndCommonConfig(os.Getenv, args)
-		if ctx.Bool("help") || action == nil {
-			// the default behavior of "urfave/cli": "nil action" means "show help"
-			return cmdHelp().Action(ctx)
-		}
-		return action(ctx)
+	if cmd.IsSet("config") {
+		args.CustomConf = cmd.String("config")
 	}
+	setting.InitWorkPathAndCommonConfig(os.Getenv, args)
 }
 
 type AppVersion struct {
@@ -117,18 +80,36 @@ type AppVersion struct {
 	Extra   string
 }
 
-func NewMainApp(appVer AppVersion) *cli.App {
-	app := cli.NewApp()
-	app.Name = "Gitea"
-	app.HelpName = "gitea"
+func NewMainApp(appVer AppVersion) *cli.Command {
+	app := &cli.Command{}
+	app.Name = "gitea" // must be lower-cased because it appears in the "USAGE" section like "gitea doctor [command [command options]]"
 	app.Usage = "A painless self-hosted Git service"
 	app.Description = `Gitea program contains "web" and other subcommands. If no subcommand is given, it starts the web server by default. Use "web" subcommand for more web server arguments, use other subcommands for other purposes.`
 	app.Version = appVer.Version + appVer.Extra
-	app.EnableBashCompletion = true
-
-	// these sub-commands need to use config file
+	app.EnableShellCompletion = true
+	app.Flags = []cli.Flag{
+		&cli.StringFlag{
+			Name:      "work-path",
+			Aliases:   []string{"w"},
+			TakesFile: true,
+			Usage:     "Set Gitea's working path (defaults to the Gitea's binary directory)",
+		},
+		&cli.StringFlag{
+			Name:      "config",
+			Aliases:   []string{"c"},
+			TakesFile: true,
+			Value:     setting.CustomConf,
+			Usage:     "Set custom config file (defaults to '{WorkPath}/custom/conf/app.ini')",
+		},
+		&cli.StringFlag{
+			Name:      "custom-path",
+			Aliases:   []string{"C"},
+			TakesFile: true,
+			Usage:     "Set custom path (defaults to '{WorkPath}/custom')",
+		},
+	}
+	// these sub-commands need to use a config file
 	subCmdWithConfig := []*cli.Command{
-		cmdHelp(), // the "help" sub-command was used to show the more information for "work path" and "custom config"
 		CmdWeb,
 		CmdServ,
 		CmdHook,
@@ -147,20 +128,18 @@ func NewMainApp(appVer AppVersion) *cli.App {
 
 	// these sub-commands do not need the config file, and they do not depend on any path or environment variable.
 	subCmdStandalone := []*cli.Command{
-		CmdCert,
+		cmdCert(),
 		CmdGenerate,
 		CmdDocs,
 	}
 
+	// TODO: we should eventually drop the default command,
+	// but not sure whether it would break Windows users who used to double-click the EXE to run.
 	app.DefaultCommand = CmdWeb.Name
 
-	globalFlags := appGlobalFlags()
-	app.Flags = append(app.Flags, cli.VersionFlag)
-	app.Flags = append(app.Flags, globalFlags...)
-	app.HideHelp = true // use our own help action to show helps (with more information like default config)
 	app.Before = PrepareConsoleLoggerLevel(log.INFO)
 	for i := range subCmdWithConfig {
-		prepareSubcommandWithConfig(subCmdWithConfig[i], globalFlags)
+		prepareSubcommandWithGlobalFlags(subCmdWithConfig[i])
 	}
 	app.Commands = append(app.Commands, subCmdWithConfig...)
 	app.Commands = append(app.Commands, subCmdStandalone...)
@@ -169,8 +148,10 @@ func NewMainApp(appVer AppVersion) *cli.App {
 	return app
 }
 
-func RunMainApp(app *cli.App, args ...string) error {
-	err := app.Run(args)
+func RunMainApp(app *cli.Command, args ...string) error {
+	ctx, cancel := installSignals()
+	defer cancel()
+	err := app.Run(ctx, args)
 	if err == nil {
 		return nil
 	}
diff --git a/cmd/main_test.go b/cmd/main_test.go
index 3ec584d323..d49ebfd4df 100644
--- a/cmd/main_test.go
+++ b/cmd/main_test.go
@@ -4,6 +4,8 @@
 package cmd
 
 import (
+	"context"
+	"errors"
 	"fmt"
 	"io"
 	"path/filepath"
@@ -15,7 +17,7 @@ import (
 	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 func TestMain(m *testing.M) {
@@ -26,10 +28,10 @@ func makePathOutput(workPath, customPath, customConf string) string {
 	return fmt.Sprintf("WorkPath=%s\nCustomPath=%s\nCustomConf=%s", workPath, customPath, customConf)
 }
 
-func newTestApp(testCmdAction func(ctx *cli.Context) error) *cli.App {
+func newTestApp(testCmdAction cli.ActionFunc) *cli.Command {
 	app := NewMainApp(AppVersion{})
 	testCmd := &cli.Command{Name: "test-cmd", Action: testCmdAction}
-	prepareSubcommandWithConfig(testCmd, appGlobalFlags())
+	prepareSubcommandWithGlobalFlags(testCmd)
 	app.Commands = append(app.Commands, testCmd)
 	app.DefaultCommand = testCmd.Name
 	return app
@@ -41,7 +43,7 @@ type runResult struct {
 	ExitCode int
 }
 
-func runTestApp(app *cli.App, args ...string) (runResult, error) {
+func runTestApp(app *cli.Command, args ...string) (runResult, error) {
 	outBuf := new(strings.Builder)
 	errBuf := new(strings.Builder)
 	app.Writer = outBuf
@@ -64,7 +66,7 @@ func TestCliCmd(t *testing.T) {
 	defaultCustomConf := filepath.Join(defaultCustomPath, "conf/app.ini")
 
 	cli.CommandHelpTemplate = "(command help template)"
-	cli.AppHelpTemplate = "(app help template)"
+	cli.RootCommandHelpTemplate = "(app help template)"
 	cli.SubcommandHelpTemplate = "(subcommand help template)"
 
 	cases := []struct {
@@ -72,12 +74,56 @@ func TestCliCmd(t *testing.T) {
 		cmd string
 		exp string
 	}{
-		// main command help
+		// help commands
+		{
+			cmd: "./gitea -h",
+			exp: "DEFAULT CONFIGURATION:",
+		},
 		{
 			cmd: "./gitea help",
 			exp: "DEFAULT CONFIGURATION:",
 		},
 
+		{
+			cmd: "./gitea -c /dev/null -h",
+			exp: "ConfigFile: /dev/null",
+		},
+
+		{
+			cmd: "./gitea -c /dev/null help",
+			exp: "ConfigFile: /dev/null",
+		},
+		{
+			cmd: "./gitea help -c /dev/null",
+			exp: "ConfigFile: /dev/null",
+		},
+
+		{
+			cmd: "./gitea -c /dev/null test-cmd -h",
+			exp: "ConfigFile: /dev/null",
+		},
+		{
+			cmd: "./gitea test-cmd -c /dev/null -h",
+			exp: "ConfigFile: /dev/null",
+		},
+		{
+			cmd: "./gitea test-cmd -h -c /dev/null",
+			exp: "ConfigFile: /dev/null",
+		},
+
+		{
+			cmd: "./gitea -c /dev/null test-cmd help",
+			exp: "ConfigFile: /dev/null",
+		},
+		{
+			cmd: "./gitea test-cmd -c /dev/null help",
+			exp: "ConfigFile: /dev/null",
+		},
+		{
+			cmd: "./gitea test-cmd help -c /dev/null",
+			exp: "ConfigFile: /dev/null",
+		},
+
 		// parse paths
 		{
 			cmd: "./gitea test-cmd",
@@ -108,12 +154,12 @@ func TestCliCmd(t *testing.T) {
 		},
 	}
 
-	app := newTestApp(func(ctx *cli.Context) error {
-		_, _ = fmt.Fprint(ctx.App.Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
-		return nil
-	})
 	for _, c := range cases {
 		t.Run(c.cmd, func(t *testing.T) {
+			app := newTestApp(func(ctx context.Context, cmd *cli.Command) error {
+				_, _ = fmt.Fprint(cmd.Root().Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
+				return nil
+			})
 			for k, v := range c.env {
 				t.Setenv(k, v)
 			}
@@ -127,31 +173,31 @@ func TestCliCmd(t *testing.T) {
 }
 
 func TestCliCmdError(t *testing.T) {
-	app := newTestApp(func(ctx *cli.Context) error { return fmt.Errorf("normal error") })
+	app := newTestApp(func(ctx context.Context, cmd *cli.Command) error { return errors.New("normal error") })
 	r, err := runTestApp(app, "./gitea", "test-cmd")
 	assert.Error(t, err)
 	assert.Equal(t, 1, r.ExitCode)
-	assert.Equal(t, "", r.Stdout)
+	assert.Empty(t, r.Stdout)
 	assert.Equal(t, "Command error: normal error\n", r.Stderr)
 
-	app = newTestApp(func(ctx *cli.Context) error { return cli.Exit("exit error", 2) })
+	app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return cli.Exit("exit error", 2) })
 	r, err = runTestApp(app, "./gitea", "test-cmd")
 	assert.Error(t, err)
 	assert.Equal(t, 2, r.ExitCode)
-	assert.Equal(t, "", r.Stdout)
+	assert.Empty(t, r.Stdout)
 	assert.Equal(t, "exit error\n", r.Stderr)
 
-	app = newTestApp(func(ctx *cli.Context) error { return nil })
+	app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return nil })
 	r, err = runTestApp(app, "./gitea", "test-cmd", "--no-such")
 	assert.Error(t, err)
 	assert.Equal(t, 1, r.ExitCode)
-	assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stdout)
-	assert.Equal(t, "", r.Stderr) // the cli package's strange behavior, the error message is not in stderr ....
+	assert.Empty(t, r.Stdout)
+	assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stderr)
 
-	app = newTestApp(func(ctx *cli.Context) error { return nil })
+	app = newTestApp(func(ctx context.Context, cmd *cli.Command) error { return nil })
 	r, err = runTestApp(app, "./gitea", "test-cmd")
 	assert.NoError(t, err)
 	assert.Equal(t, -1, r.ExitCode) // the cli.OsExiter is not called
-	assert.Equal(t, "", r.Stdout)
-	assert.Equal(t, "", r.Stderr)
+	assert.Empty(t, r.Stdout)
+	assert.Empty(t, r.Stderr)
 }
diff --git a/cmd/manager.go b/cmd/manager.go
index bd2da8edc7..f0935ea065 100644
--- a/cmd/manager.go
+++ b/cmd/manager.go
@@ -4,12 +4,13 @@
 package cmd
 
 import (
+	"context"
 	"os"
 	"time"
 
 	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -18,7 +19,7 @@ var (
 		Name:        "manager",
 		Usage:       "Manage the running gitea process",
 		Description: "This is a command for managing the running gitea process",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			subcmdShutdown,
 			subcmdRestart,
 			subcmdReloadTemplates,
@@ -108,46 +109,31 @@ var (
 	}
 )
 
-func runShutdown(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runShutdown(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	extra := private.Shutdown(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runRestart(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runRestart(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	extra := private.Restart(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runReloadTemplates(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runReloadTemplates(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	extra := private.ReloadTemplates(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runFlushQueues(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runFlushQueues(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	extra := private.FlushQueues(ctx, c.Duration("timeout"), c.Bool("non-blocking"))
 	return handleCliResponseExtra(extra)
 }
 
-func runProcesses(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runProcesses(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	extra := private.Processes(ctx, os.Stdout, c.Bool("flat"), c.Bool("no-system"), c.Bool("stacktraces"), c.Bool("json"), c.String("cancel"))
 	return handleCliResponseExtra(extra)
diff --git a/cmd/manager_logging.go b/cmd/manager_logging.go
index c2ae25ec57..ac29e7d3e5 100644
--- a/cmd/manager_logging.go
+++ b/cmd/manager_logging.go
@@ -4,6 +4,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"os"
@@ -11,7 +12,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 var (
@@ -60,7 +61,7 @@ var (
 	subcmdLogging = &cli.Command{
 		Name:  "logging",
 		Usage: "Adjust logging commands",
-		Subcommands: []*cli.Command{
+		Commands: []*cli.Command{
 			{
 				Name:  "pause",
 				Usage: "Pause logging (Gitea will buffer logs up to a certain point and will drop them after that point)",
@@ -104,7 +105,7 @@ var (
 			}, {
 				Name:  "add",
 				Usage: "Add a logger",
-				Subcommands: []*cli.Command{
+				Commands: []*cli.Command{
 					{
 						Name:  "file",
 						Usage: "Add a file logger",
@@ -118,7 +119,6 @@ var (
 								Name:    "rotate",
 								Aliases: []string{"r"},
 								Usage:   "Rotate logs",
-								Value:   true,
 							},
 							&cli.Int64Flag{
 								Name:    "max-size",
@@ -129,7 +129,6 @@ var (
 								Name:    "daily",
 								Aliases: []string{"d"},
 								Usage:   "Rotate logs daily",
-								Value:   true,
 							},
 							&cli.IntFlag{
 								Name:    "max-days",
@@ -140,7 +139,6 @@ var (
 								Name:    "compress",
 								Aliases: []string{"z"},
 								Usage:   "Compress rotated logs",
-								Value:   true,
 							},
 							&cli.IntFlag{
 								Name:    "compression-level",
@@ -195,10 +193,7 @@ var (
 	}
 )
 
-func runRemoveLogger(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runRemoveLogger(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	logger := c.String("logger")
 	if len(logger) == 0 {
@@ -210,10 +205,7 @@ func runRemoveLogger(c *cli.Context) error {
 	return handleCliResponseExtra(extra)
 }
 
-func runAddConnLogger(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runAddConnLogger(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	vals := map[string]any{}
 	mode := "conn"
@@ -237,13 +229,10 @@ func runAddConnLogger(c *cli.Context) error {
 	if c.IsSet("reconnect-on-message") {
 		vals["reconnectOnMsg"] = c.Bool("reconnect-on-message")
 	}
-	return commonAddLogger(c, mode, vals)
+	return commonAddLogger(ctx, c, mode, vals)
 }
 
-func runAddFileLogger(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runAddFileLogger(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	vals := map[string]any{}
 	mode := "file"
@@ -270,10 +259,10 @@ func runAddFileLogger(c *cli.Context) error {
 	if c.IsSet("compression-level") {
 		vals["compressionLevel"] = c.Int("compression-level")
 	}
-	return commonAddLogger(c, mode, vals)
+	return commonAddLogger(ctx, c, mode, vals)
 }
 
-func commonAddLogger(c *cli.Context, mode string, vals map[string]any) error {
+func commonAddLogger(ctx context.Context, c *cli.Command, mode string, vals map[string]any) error {
 	if len(c.String("level")) > 0 {
 		vals["level"] = log.LevelFromString(c.String("level")).String()
 	}
@@ -300,46 +289,33 @@ func commonAddLogger(c *cli.Context, mode string, vals map[string]any) error {
 	if c.IsSet("writer") {
 		writer = c.String("writer")
 	}
-	ctx, cancel := installSignals()
-	defer cancel()
 
 	extra := private.AddLogger(ctx, logger, writer, mode, vals)
 	return handleCliResponseExtra(extra)
 }
 
-func runPauseLogging(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runPauseLogging(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	userMsg := private.PauseLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runResumeLogging(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runResumeLogging(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	userMsg := private.ResumeLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runReleaseReopenLogging(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runReleaseReopenLogging(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 	userMsg := private.ReleaseReopenLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runSetLogSQL(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
+func runSetLogSQL(ctx context.Context, c *cli.Command) error {
 	setup(ctx, c.Bool("debug"))
 
 	extra := private.SetLogSQL(ctx, !c.Bool("off"))
diff --git a/cmd/migrate.go b/cmd/migrate.go
index 25d8b50c45..e24dc9e572 100644
--- a/cmd/migrate.go
+++ b/cmd/migrate.go
@@ -11,7 +11,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/services/versioned_migration"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdMigrate represents the available migrate sub-command.
@@ -22,11 +22,8 @@ var CmdMigrate = &cli.Command{
 	Action:      runMigrate,
 }
 
-func runMigrate(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(stdCtx); err != nil {
+func runMigrate(ctx context.Context, c *cli.Command) error {
+	if err := initDB(ctx); err != nil {
 		return err
 	}
 
diff --git a/cmd/migrate_storage.go b/cmd/migrate_storage.go
index f9ed140395..2c63e15f50 100644
--- a/cmd/migrate_storage.go
+++ b/cmd/migrate_storage.go
@@ -22,7 +22,7 @@ import (
 	"code.gitea.io/gitea/modules/storage"
 	"code.gitea.io/gitea/services/versioned_migration"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdMigrateStorage represents the available migrate storage sub-command.
@@ -213,11 +213,8 @@ func migrateActionsArtifacts(ctx context.Context, dstStorage storage.ObjectStora
 	})
 }
 
-func runMigrateStorage(ctx *cli.Context) error {
-	stdCtx, cancel := installSignals()
-	defer cancel()
-
-	if err := initDB(stdCtx); err != nil {
+func runMigrateStorage(ctx context.Context, cmd *cli.Command) error {
+	if err := initDB(ctx); err != nil {
 		return err
 	}
 
@@ -238,51 +235,51 @@ func runMigrateStorage(ctx *cli.Context) error {
 
 	var dstStorage storage.ObjectStorage
 	var err error
-	switch strings.ToLower(ctx.String("storage")) {
+	switch strings.ToLower(cmd.String("storage")) {
 	case "":
 		fallthrough
 	case string(setting.LocalStorageType):
-		p := ctx.String("path")
+		p := cmd.String("path")
 		if p == "" {
 			log.Fatal("Path must be given when storage is local")
 			return nil
 		}
 		dstStorage, err = storage.NewLocalStorage(
-			stdCtx,
+			ctx,
 			&setting.Storage{
 				Path: p,
 			})
 	case string(setting.MinioStorageType):
 		dstStorage, err = storage.NewMinioStorage(
-			stdCtx,
+			ctx,
 			&setting.Storage{
 				MinioConfig: setting.MinioStorageConfig{
-					Endpoint:           ctx.String("minio-endpoint"),
-					AccessKeyID:        ctx.String("minio-access-key-id"),
-					SecretAccessKey:    ctx.String("minio-secret-access-key"),
-					Bucket:             ctx.String("minio-bucket"),
-					Location:           ctx.String("minio-location"),
-					BasePath:           ctx.String("minio-base-path"),
-					UseSSL:             ctx.Bool("minio-use-ssl"),
-					InsecureSkipVerify: ctx.Bool("minio-insecure-skip-verify"),
-					ChecksumAlgorithm:  ctx.String("minio-checksum-algorithm"),
-					BucketLookUpType:   ctx.String("minio-bucket-lookup-type"),
+					Endpoint:           cmd.String("minio-endpoint"),
+					AccessKeyID:        cmd.String("minio-access-key-id"),
+					SecretAccessKey:    cmd.String("minio-secret-access-key"),
+					Bucket:             cmd.String("minio-bucket"),
+					Location:           cmd.String("minio-location"),
+					BasePath:           cmd.String("minio-base-path"),
+					UseSSL:             cmd.Bool("minio-use-ssl"),
+					InsecureSkipVerify: cmd.Bool("minio-insecure-skip-verify"),
+					ChecksumAlgorithm:  cmd.String("minio-checksum-algorithm"),
+					BucketLookUpType:   cmd.String("minio-bucket-lookup-type"),
 				},
 			})
 	case string(setting.AzureBlobStorageType):
 		dstStorage, err = storage.NewAzureBlobStorage(
-			stdCtx,
+			ctx,
 			&setting.Storage{
 				AzureBlobConfig: setting.AzureBlobStorageConfig{
-					Endpoint:    ctx.String("azureblob-endpoint"),
-					AccountName: ctx.String("azureblob-account-name"),
-					AccountKey:  ctx.String("azureblob-account-key"),
-					Container:   ctx.String("azureblob-container"),
-					BasePath:    ctx.String("azureblob-base-path"),
+					Endpoint:    cmd.String("azureblob-endpoint"),
+					AccountName: cmd.String("azureblob-account-name"),
+					AccountKey:  cmd.String("azureblob-account-key"),
+					Container:   cmd.String("azureblob-container"),
+					BasePath:    cmd.String("azureblob-base-path"),
 				},
 			})
 	default:
-		return fmt.Errorf("unsupported storage type: %s", ctx.String("storage"))
+		return fmt.Errorf("unsupported storage type: %s", cmd.String("storage"))
 	}
 	if err != nil {
 		return err
@@ -299,14 +296,14 @@ func runMigrateStorage(ctx *cli.Context) error {
 		"actions-artifacts": migrateActionsArtifacts,
 	}
 
-	tp := strings.ToLower(ctx.String("type"))
+	tp := strings.ToLower(cmd.String("type"))
 	if m, ok := migratedMethods[tp]; ok {
-		if err := m(stdCtx, dstStorage); err != nil {
+		if err := m(ctx, dstStorage); err != nil {
 			return err
 		}
 		log.Info("%s files have successfully been copied to the new storage.", tp)
 		return nil
 	}
 
-	return fmt.Errorf("unsupported storage: %s", ctx.String("type"))
+	return fmt.Errorf("unsupported storage: %s", cmd.String("type"))
 }
diff --git a/cmd/migrate_storage_test.go b/cmd/migrate_storage_test.go
index f8fa95a927..6817867e28 100644
--- a/cmd/migrate_storage_test.go
+++ b/cmd/migrate_storage_test.go
@@ -69,6 +69,6 @@ func TestMigratePackages(t *testing.T) {
 	entries, err := os.ReadDir(p)
 	assert.NoError(t, err)
 	assert.Len(t, entries, 2)
-	assert.EqualValues(t, "01", entries[0].Name())
-	assert.EqualValues(t, "tmp", entries[1].Name())
+	assert.Equal(t, "01", entries[0].Name())
+	assert.Equal(t, "tmp", entries[1].Name())
 }
diff --git a/cmd/restore_repo.go b/cmd/restore_repo.go
index 37b32aa304..c61f5a582e 100644
--- a/cmd/restore_repo.go
+++ b/cmd/restore_repo.go
@@ -4,12 +4,13 @@
 package cmd
 
 import (
+	"context"
 	"strings"
 
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdRestoreRepository represents the available restore a repository sub-command.
@@ -48,10 +49,7 @@ wiki, issues, labels, releases, release_assets, milestones, pull_requests, comme
 	},
 }
 
-func runRestoreRepository(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runRestoreRepository(ctx context.Context, c *cli.Command) error {
 	setting.MustInstalled()
 	var units []string
 	if s := c.String("units"); s != "" {
diff --git a/cmd/serv.go b/cmd/serv.go
index 476fd9a2ea..38c79f68cd 100644
--- a/cmd/serv.go
+++ b/cmd/serv.go
@@ -11,7 +11,6 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
-	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -20,7 +19,7 @@ import (
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	git_model "code.gitea.io/gitea/models/git"
 	"code.gitea.io/gitea/models/perm"
-	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/lfstransfer"
@@ -34,15 +33,7 @@ import (
 
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/kballard/go-shellquote"
-	"github.com/urfave/cli/v2"
-)
-
-const (
-	verbUploadPack      = "git-upload-pack"
-	verbUploadArchive   = "git-upload-archive"
-	verbReceivePack     = "git-receive-pack"
-	verbLfsAuthenticate = "git-lfs-authenticate"
-	verbLfsTransfer     = "git-lfs-transfer"
+	"github.com/urfave/cli/v3"
 )
 
 // CmdServ represents the available serv sub-command.
@@ -50,6 +41,7 @@ var CmdServ = &cli.Command{
 	Name:        "serv",
 	Usage:       "(internal) Should only be called by SSH shell",
 	Description: "Serv provides access auth for repositories",
+	Hidden:      true, // Internal commands shouldn't be visible in help
 	Before:      PrepareConsoleLoggerLevel(log.FATAL),
 	Action:      runServ,
 	Flags: []cli.Flag{
@@ -78,22 +70,6 @@ func setup(ctx context.Context, debug bool) {
 	}
 }
 
-var (
-	// keep getAccessMode() in sync
-	allowedCommands = container.SetOf(
-		verbUploadPack,
-		verbUploadArchive,
-		verbReceivePack,
-		verbLfsAuthenticate,
-		verbLfsTransfer,
-	)
-	allowedCommandsLfs = container.SetOf(
-		verbLfsAuthenticate,
-		verbLfsTransfer,
-	)
-	alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`)
-)
-
 // fail prints message to stdout, it's mainly used for git serv and git hook commands.
 // The output will be passed to git client and shown to user.
 func fail(ctx context.Context, userMessage, logMsgFmt string, args ...any) error {
@@ -139,19 +115,20 @@ func handleCliResponseExtra(extra private.ResponseExtra) error {
 
 func getAccessMode(verb, lfsVerb string) perm.AccessMode {
 	switch verb {
-	case verbUploadPack, verbUploadArchive:
+	case git.CmdVerbUploadPack, git.CmdVerbUploadArchive:
 		return perm.AccessModeRead
-	case verbReceivePack:
+	case git.CmdVerbReceivePack:
 		return perm.AccessModeWrite
-	case verbLfsAuthenticate, verbLfsTransfer:
+	case git.CmdVerbLfsAuthenticate, git.CmdVerbLfsTransfer:
 		switch lfsVerb {
-		case "upload":
+		case git.CmdSubVerbLfsUpload:
 			return perm.AccessModeWrite
-		case "download":
+		case git.CmdSubVerbLfsDownload:
 			return perm.AccessModeRead
 		}
 	}
 	// should be unreachable
+	setting.PanicInDevOrTesting("unknown verb: %s %s", verb, lfsVerb)
 	return perm.AccessModeNone
 }
 
@@ -173,13 +150,10 @@ func getLFSAuthToken(ctx context.Context, lfsVerb string, results *private.ServC
 	if err != nil {
 		return "", fail(ctx, "Failed to sign JWT Token", "Failed to sign JWT token: %v", err)
 	}
-	return fmt.Sprintf("Bearer %s", tokenString), nil
+	return "Bearer " + tokenString, nil
 }
 
-func runServ(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runServ(ctx context.Context, c *cli.Command) error {
 	// FIXME: This needs to internationalised
 	setup(ctx, c.Bool("debug"))
 
@@ -230,41 +204,37 @@ func runServ(c *cli.Context) error {
 		log.Debug("SSH_ORIGINAL_COMMAND: %s", os.Getenv("SSH_ORIGINAL_COMMAND"))
 	}
 
-	words, err := shellquote.Split(cmd)
+	sshCmdArgs, err := shellquote.Split(cmd)
 	if err != nil {
 		return fail(ctx, "Error parsing arguments", "Failed to parse arguments: %v", err)
 	}
 
-	if len(words) < 2 {
+	if len(sshCmdArgs) < 2 {
 		if git.DefaultFeatures().SupportProcReceive {
 			// for AGit Flow
 			if cmd == "ssh_info" {
-				fmt.Print(`{"type":"gitea","version":1}`)
+				fmt.Print(`{"type":"agit","version":1}`)
 				return nil
 			}
 		}
 		return fail(ctx, "Too few arguments", "Too few arguments in cmd: %s", cmd)
 	}
 
-	verb := words[0]
-	repoPath := strings.TrimPrefix(words[1], "/")
-
-	var lfsVerb string
-
-	rr := strings.SplitN(repoPath, "/", 2)
-	if len(rr) != 2 {
+	repoPath := strings.TrimPrefix(sshCmdArgs[1], "/")
+	repoPathFields := strings.SplitN(repoPath, "/", 2)
+	if len(repoPathFields) != 2 {
 		return fail(ctx, "Invalid repository path", "Invalid repository path: %v", repoPath)
 	}
 
-	username := rr[0]
-	reponame := strings.TrimSuffix(rr[1], ".git")
+	username := repoPathFields[0]
+	reponame := strings.TrimSuffix(repoPathFields[1], ".git") // “the-repo-name" or "the-repo-name.wiki"
 
 	// LowerCase and trim the repoPath as that's how they are stored.
 	// This should be done after splitting the repoPath into username and reponame
 	// so that username and reponame are not affected.
 	repoPath = strings.ToLower(strings.TrimSpace(repoPath))
 
-	if alphaDashDotPattern.MatchString(reponame) {
+	if !repo.IsValidSSHAccessRepoName(reponame) {
 		return fail(ctx, "Invalid repo name", "Invalid repo name: %s", reponame)
 	}
 
@@ -286,22 +256,23 @@ func runServ(c *cli.Context) error {
 		}()
 	}
 
-	if allowedCommands.Contains(verb) {
-		if allowedCommandsLfs.Contains(verb) {
-			if !setting.LFS.StartServer {
-				return fail(ctx, "LFS Server is not enabled", "")
-			}
-			if verb == verbLfsTransfer && !setting.LFS.AllowPureSSH {
-				return fail(ctx, "LFS SSH transfer is not enabled", "")
-			}
-			if len(words) > 2 {
-				lfsVerb = words[2]
-			}
-		}
-	} else {
+	verb, lfsVerb := sshCmdArgs[0], ""
+	if !git.IsAllowedVerbForServe(verb) {
 		return fail(ctx, "Unknown git command", "Unknown git command %s", verb)
 	}
 
+	if git.IsAllowedVerbForServeLfs(verb) {
+		if !setting.LFS.StartServer {
+			return fail(ctx, "LFS Server is not enabled", "")
+		}
+		if verb == git.CmdVerbLfsTransfer && !setting.LFS.AllowPureSSH {
+			return fail(ctx, "LFS SSH transfer is not enabled", "")
+		}
+		if len(sshCmdArgs) > 2 {
+			lfsVerb = sshCmdArgs[2]
+		}
+	}
+
 	requestedMode := getAccessMode(verb, lfsVerb)
 
 	results, extra := private.ServCommand(ctx, keyID, username, reponame, requestedMode, verb, lfsVerb)
@@ -310,7 +281,7 @@ func runServ(c *cli.Context) error {
 	}
 
 	// LFS SSH protocol
-	if verb == verbLfsTransfer {
+	if verb == git.CmdVerbLfsTransfer {
 		token, err := getLFSAuthToken(ctx, lfsVerb, results)
 		if err != nil {
 			return err
@@ -319,7 +290,7 @@ func runServ(c *cli.Context) error {
 	}
 
 	// LFS token authentication
-	if verb == verbLfsAuthenticate {
+	if verb == git.CmdVerbLfsAuthenticate {
 		url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, url.PathEscape(results.OwnerName), url.PathEscape(results.RepoName))
 
 		token, err := getLFSAuthToken(ctx, lfsVerb, results)
@@ -372,9 +343,9 @@ func runServ(c *cli.Context) error {
 		repo_module.EnvPusherEmail+"="+results.UserEmail,
 		repo_module.EnvPusherID+"="+strconv.FormatInt(results.UserID, 10),
 		repo_module.EnvRepoID+"="+strconv.FormatInt(results.RepoID, 10),
-		repo_module.EnvPRID+"="+fmt.Sprintf("%d", 0),
-		repo_module.EnvDeployKeyID+"="+fmt.Sprintf("%d", results.DeployKeyID),
-		repo_module.EnvKeyID+"="+fmt.Sprintf("%d", results.KeyID),
+		repo_module.EnvPRID+"="+strconv.Itoa(0),
+		repo_module.EnvDeployKeyID+"="+strconv.FormatInt(results.DeployKeyID, 10),
+		repo_module.EnvKeyID+"="+strconv.FormatInt(results.KeyID, 10),
 		repo_module.EnvAppURL+"="+setting.AppURL,
 	)
 	// to avoid breaking, here only use the minimal environment variables for the "gitea serv" command.
diff --git a/cmd/web.go b/cmd/web.go
index dc5c6de48a..61ee3cbc20 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -28,7 +28,7 @@ import (
 	"code.gitea.io/gitea/routers/install"
 
 	"github.com/felixge/fgprof"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // PIDFile could be set from build tag
@@ -130,19 +130,19 @@ func showWebStartupMessage(msg string) {
 	}
 }
 
-func serveInstall(ctx *cli.Context) error {
+func serveInstall(cmd *cli.Command) error {
 	showWebStartupMessage("Prepare to run install page")
 
 	routers.InitWebInstallPage(graceful.GetManager().HammerContext())
 
 	// Flag for port number in case first time run conflict
-	if ctx.IsSet("port") {
-		if err := setPort(ctx.String("port")); err != nil {
+	if cmd.IsSet("port") {
+		if err := setPort(cmd.String("port")); err != nil {
 			return err
 		}
 	}
-	if ctx.IsSet("install-port") {
-		if err := setPort(ctx.String("install-port")); err != nil {
+	if cmd.IsSet("install-port") {
+		if err := setPort(cmd.String("install-port")); err != nil {
 			return err
 		}
 	}
@@ -163,7 +163,7 @@ func serveInstall(ctx *cli.Context) error {
 	return nil
 }
 
-func serveInstalled(ctx *cli.Context) error {
+func serveInstalled(c *cli.Command) error {
 	setting.InitCfgProvider(setting.CustomConf)
 	setting.LoadCommonSettings()
 	setting.MustInstalled()
@@ -213,9 +213,13 @@ func serveInstalled(ctx *cli.Context) error {
 		log.Fatal("Can not find APP_DATA_PATH %q", setting.AppDataPath)
 	}
 
+	// the AppDataTempDir is fully managed by us with a safe sub-path
+	// so it's safe to automatically remove the outdated files
+	setting.AppDataTempDir("").RemoveOutdated(3 * 24 * time.Hour)
+
 	// Override the provided port number within the configuration
-	if ctx.IsSet("port") {
-		if err := setPort(ctx.String("port")); err != nil {
+	if c.IsSet("port") {
+		if err := setPort(c.String("port")); err != nil {
 			return err
 		}
 	}
@@ -240,13 +244,17 @@ func servePprof() {
 	finished()
 }
 
-func runWeb(ctx *cli.Context) error {
+func runWeb(_ context.Context, cmd *cli.Command) error {
 	defer func() {
 		if panicked := recover(); panicked != nil {
 			log.Fatal("PANIC: %v\n%s", panicked, log.Stack(2))
 		}
 	}()
 
+	if subCmdName, valid := isValidDefaultSubCommand(cmd); !valid {
+		return fmt.Errorf("unknown command: %s", subCmdName)
+	}
+
 	managerCtx, cancel := context.WithCancel(context.Background())
 	graceful.InitManager(managerCtx)
 	defer cancel()
@@ -258,12 +266,12 @@ func runWeb(ctx *cli.Context) error {
 	}
 
 	// Set pid file setting
-	if ctx.IsSet("pid") {
-		createPIDFile(ctx.String("pid"))
+	if cmd.IsSet("pid") {
+		createPIDFile(cmd.String("pid"))
 	}
 
 	if !setting.InstallLock {
-		if err := serveInstall(ctx); err != nil {
+		if err := serveInstall(cmd); err != nil {
 			return err
 		}
 	} else {
@@ -274,7 +282,7 @@ func runWeb(ctx *cli.Context) error {
 		go servePprof()
 	}
 
-	return serveInstalled(ctx)
+	return serveInstalled(cmd)
 }
 
 func setPort(port string) error {
diff --git a/cmd/web_acme.go b/cmd/web_acme.go
index 172dde913b..5f7a308334 100644
--- a/cmd/web_acme.go
+++ b/cmd/web_acme.go
@@ -136,7 +136,7 @@ func runACME(listenAddr string, m http.Handler) error {
 }
 
 func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
-	if r.Method != "GET" && r.Method != "HEAD" {
+	if r.Method != http.MethodGet && r.Method != http.MethodHead {
 		http.Error(w, "Use HTTPS", http.StatusBadRequest)
 		return
 	}
diff --git a/cmd/web_graceful.go b/cmd/web_graceful.go
index 996537be3b..5e06d2c216 100644
--- a/cmd/web_graceful.go
+++ b/cmd/web_graceful.go
@@ -23,12 +23,6 @@ func NoHTTPRedirector() {
 	graceful.GetManager().InformCleanup()
 }
 
-// NoMainListener tells our cleanup routine that we will not be using a possibly provided listener
-// for our main HTTP/HTTPS service
-func NoMainListener() {
-	graceful.GetManager().InformCleanup()
-}
-
 // NoInstallListener tells our cleanup routine that we will not be using a possibly provided listener
 // for our install HTTP/HTTPS service
 func NoInstallListener() {
diff --git a/contrib/autocompletion/README b/contrib/autocompletion/README
deleted file mode 100644
index 1defd219d8..0000000000
--- a/contrib/autocompletion/README
+++ /dev/null
@@ -1,17 +0,0 @@
-Bash and Zsh completion
-=======================
-
-From within the gitea root run:
-
-```bash
-source contrib/autocompletion/bash_autocomplete
-```
-
-or for zsh run:
-
-```bash
-source contrib/autocompletion/zsh_autocomplete
-```
-
-These scripts will check if gitea is on the path and if so add autocompletion for `gitea`. Or if not autocompletion will work for `./gitea`.
-If gitea has been installed as a different program pass in the `PROG` environment variable to set the correct program name.
diff --git a/contrib/autocompletion/bash_autocomplete b/contrib/autocompletion/bash_autocomplete
deleted file mode 100755
index 5cb62f26a7..0000000000
--- a/contrib/autocompletion/bash_autocomplete
+++ /dev/null
@@ -1,30 +0,0 @@
-#! /bin/bash
-# Heavily inspired by https://github.com/urfave/cli
-
-_cli_bash_autocomplete() {
-  if [[ "${COMP_WORDS[0]}" != "source" ]]; then
-    local cur opts base
-    COMPREPLY=()
-    cur="${COMP_WORDS[COMP_CWORD]}"
-    if [[ "$cur" == "-"* ]]; then
-      opts=$( ${COMP_WORDS[@]:0:$COMP_CWORD} ${cur} --generate-bash-completion )
-    else
-      opts=$( ${COMP_WORDS[@]:0:$COMP_CWORD} --generate-bash-completion )
-    fi
-    COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
-    return 0
-  fi
-}
-
-if [ -z "$PROG" ] && [ ! "$(command -v gitea &> /dev/null)" ] ; then
-  complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete gitea
-elif [ -z "$PROG" ]; then
-  complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete ./gitea
-  complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete "$PWD/gitea"
-else
-  complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete "$PROG"
-  unset PROG
-fi
-
-
-
diff --git a/contrib/autocompletion/zsh_autocomplete b/contrib/autocompletion/zsh_autocomplete
deleted file mode 100644
index b3b40df503..0000000000
--- a/contrib/autocompletion/zsh_autocomplete
+++ /dev/null
@@ -1,30 +0,0 @@
-#compdef ${PROG:=gitea}
-
-
-# Heavily inspired by https://github.com/urfave/cli
-
-_cli_zsh_autocomplete() {
-
-  local -a opts
-  local cur
-  cur=${words[-1]}
-  if [[ "$cur" == "-"* ]]; then
-    opts=("${(@f)$(_CLI_ZSH_AUTOCOMPLETE_HACK=1 ${words[@]:0:#words[@]-1} ${cur} --generate-bash-completion)}")
-  else
-    opts=("${(@f)$(_CLI_ZSH_AUTOCOMPLETE_HACK=1 ${words[@]:0:#words[@]-1} --generate-bash-completion)}")
-  fi
-
-  if [[ "${opts[1]}" != "" ]]; then
-    _describe 'values' opts
-  else
-    _files
-  fi
-
-  return
-}
-
-if [ -z $PROG ] ; then
-  compdef _cli_zsh_autocomplete gitea
-else
-  compdef _cli_zsh_autocomplete $(basename $PROG)
-fi
diff --git a/contrib/backport/backport.go b/contrib/backport/backport.go
index eb19437445..2052295fb1 100644
--- a/contrib/backport/backport.go
+++ b/contrib/backport/backport.go
@@ -1,31 +1,30 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-//nolint:forbidigo
+//nolint:forbidigo // use of print functions is allowed in cli
 package main
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"log"
 	"net/http"
 	"os"
 	"os/exec"
-	"os/signal"
 	"path"
 	"strconv"
 	"strings"
-	"syscall"
 
-	"github.com/google/go-github/v61/github"
-	"github.com/urfave/cli/v2"
+	"github.com/google/go-github/v71/github"
+	"github.com/urfave/cli/v3"
 	"gopkg.in/yaml.v3"
 )
 
 const defaultVersion = "v1.18" // to backport to
 
 func main() {
-	app := cli.NewApp()
+	app := &cli.Command{}
 	app.Name = "backport"
 	app.Usage = "Backport provided PR-number on to the current or previous released version"
 	app.Description = `Backport will look-up the PR in Gitea's git log and attempt to cherry-pick it on the current version`
@@ -90,7 +89,7 @@ func main() {
 			Usage: "Set this flag to continue from a git cherry-pick that has broken",
 		},
 	}
-	cli.AppHelpTemplate = `NAME:
+	cli.RootCommandHelpTemplate = `NAME:
 	{{.Name}} - {{.Usage}}
 USAGE:
 	{{.HelpName}} {{if .VisibleFlags}}[options]{{end}} {{if .ArgsUsage}}{{.ArgsUsage}}{{else}}[arguments...]{{end}}
@@ -104,16 +103,12 @@ OPTIONS:
 `
 
 	app.Action = runBackport
-
-	if err := app.Run(os.Args); err != nil {
+	if err := app.Run(context.Background(), os.Args); err != nil {
 		fmt.Fprintf(os.Stderr, "Unable to backport: %v\n", err)
 	}
 }
 
-func runBackport(c *cli.Context) error {
-	ctx, cancel := installSignals()
-	defer cancel()
-
+func runBackport(ctx context.Context, c *cli.Command) error {
 	continuing := c.Bool("continue")
 
 	var pr string
@@ -158,7 +153,7 @@ func runBackport(c *cli.Context) error {
 
 	args := c.Args().Slice()
 	if len(args) == 0 && pr == "" {
-		return fmt.Errorf("no PR number provided\nProvide a PR number to backport")
+		return errors.New("no PR number provided\nProvide a PR number to backport")
 	} else if len(args) != 1 && pr == "" {
 		return fmt.Errorf("multiple PRs provided %v\nOnly a single PR can be backported at a time", args)
 	}
@@ -342,8 +337,8 @@ func determineRemote(ctx context.Context, forkUser string) (string, string, erro
 		fmt.Fprintf(os.Stderr, "Unable to list git remotes:\n%s\n", string(out))
 		return "", "", fmt.Errorf("unable to determine forked remote: %w", err)
 	}
-	lines := strings.Split(string(out), "\n")
-	for _, line := range lines {
+	lines := strings.SplitSeq(string(out), "\n")
+	for line := range lines {
 		fields := strings.Split(line, "\t")
 		name, remote := fields[0], fields[1]
 		// only look at pushers
@@ -361,12 +356,12 @@ func determineRemote(ctx context.Context, forkUser string) (string, string, erro
 		if !strings.Contains(remote, forkUser) {
 			continue
 		}
-		if strings.HasPrefix(remote, "git@github.com:") {
-			forkUser = strings.TrimPrefix(remote, "git@github.com:")
-		} else if strings.HasPrefix(remote, "https://github.com/") {
-			forkUser = strings.TrimPrefix(remote, "https://github.com/")
-		} else if strings.HasPrefix(remote, "https://www.github.com/") {
-			forkUser = strings.TrimPrefix(remote, "https://www.github.com/")
+		if after, ok := strings.CutPrefix(remote, "git@github.com:"); ok {
+			forkUser = after
+		} else if after, ok := strings.CutPrefix(remote, "https://github.com/"); ok {
+			forkUser = after
+		} else if after, ok := strings.CutPrefix(remote, "https://www.github.com/"); ok {
+			forkUser = after
 		} else if forkUser == "" {
 			return "", "", fmt.Errorf("unable to extract forkUser from remote %s: %s", name, remote)
 		}
@@ -459,25 +454,3 @@ func determineSHAforPR(ctx context.Context, prStr, accessToken string) (string,
 
 	return "", nil
 }
-
-func installSignals() (context.Context, context.CancelFunc) {
-	ctx, cancel := context.WithCancel(context.Background())
-	go func() {
-		// install notify
-		signalChannel := make(chan os.Signal, 1)
-
-		signal.Notify(
-			signalChannel,
-			syscall.SIGINT,
-			syscall.SIGTERM,
-		)
-		select {
-		case <-signalChannel:
-		case <-ctx.Done():
-		}
-		cancel()
-		signal.Reset()
-	}()
-
-	return ctx, cancel
-}
diff --git a/contrib/environment-to-ini/environment-to-ini.go b/contrib/environment-to-ini/environment-to-ini.go
index a7d7a6d293..5eb576c6fe 100644
--- a/contrib/environment-to-ini/environment-to-ini.go
+++ b/contrib/environment-to-ini/environment-to-ini.go
@@ -4,16 +4,17 @@
 package main
 
 import (
+	"context"
 	"os"
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 func main() {
-	app := cli.NewApp()
+	app := cli.Command{}
 	app.Name = "environment-to-ini"
 	app.Usage = "Use provided environment to update configuration ini"
 	app.Description = `As a helper to allow docker users to update the gitea configuration
@@ -72,13 +73,13 @@ func main() {
 		},
 	}
 	app.Action = runEnvironmentToIni
-	err := app.Run(os.Args)
+	err := app.Run(context.Background(), os.Args)
 	if err != nil {
 		log.Fatal("Failed to run app with %s: %v", os.Args, err)
 	}
 }
 
-func runEnvironmentToIni(c *cli.Context) error {
+func runEnvironmentToIni(_ context.Context, c *cli.Command) error {
 	// the config system may change the environment variables, so get a copy first, to be used later
 	env := append([]string{}, os.Environ()...)
 	setting.InitWorkPathAndCfgProvider(os.Getenv, setting.ArgWorkPathAndCustomConf{
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 0fc49accef..aa2fcee765 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -59,29 +59,23 @@ RUN_USER = ; git
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
-;; The protocol the server listens on. One of 'http', 'https', 'http+unix', 'fcgi' or 'fcgi+unix'. Defaults to 'http'
-;; Note: Value must be lowercase.
+;; The protocol the server listens on. One of "http", "https", "http+unix", "fcgi" or "fcgi+unix".
 ;PROTOCOL = http
 ;;
-;; Expect PROXY protocol headers on connections
-;USE_PROXY_PROTOCOL = false
-;;
-;; Use PROXY protocol in TLS Bridging mode
-;PROXY_PROTOCOL_TLS_BRIDGING = false
-;;
-; Timeout to wait for PROXY protocol header (set to 0 to have no timeout)
-;PROXY_PROTOCOL_HEADER_TIMEOUT=5s
-;;
-; Accept PROXY protocol headers with UNKNOWN type
-;PROXY_PROTOCOL_ACCEPT_UNKNOWN=false
-;;
-;; Set the domain for the server
+;; Set the domain for the server.
 ;DOMAIN = localhost
 ;;
-;; The AppURL used by Gitea to generate absolute links, defaults to "{PROTOCOL}://{DOMAIN}:{HTTP_PORT}/".
-;; Most users should set it to the real website URL of their Gitea instance.
+;; The AppURL is used to generate public URL links, defaults to "{PROTOCOL}://{DOMAIN}:{HTTP_PORT}/".
+;; Most users should set it to the real website URL of their Gitea instance when there is a reverse proxy.
 ;ROOT_URL =
 ;;
+;; Controls how to detect the public URL.
+;; Although it defaults to "legacy" (to avoid breaking existing users), most instances should use the "auto" behavior,
+;; especially when the Gitea instance needs to be accessed in a container network.
+;; * legacy: detect the public URL from "Host" header if "X-Forwarded-Proto" header exists, otherwise use "ROOT_URL".
+;; * auto: always use "Host" header, and also use "X-Forwarded-Proto" header if it exists. If no "Host" header, use "ROOT_URL".
+;PUBLIC_URL_DETECTION = legacy
+;;
 ;; For development purpose only. It makes Gitea handle sub-path ("/sub-path/owner/repo/...") directly when debugging without a reverse proxy.
 ;; DO NOT USE IT IN PRODUCTION!!!
 ;USE_SUB_URL_PATH = false
@@ -90,13 +84,25 @@ RUN_USER = ; git
 ;STATIC_URL_PREFIX =
 ;;
 ;; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
-;; If PROTOCOL is set to `http+unix` or `fcgi+unix`, this should be the name of the Unix socket file to use.
+;; If PROTOCOL is set to "http+unix" or "fcgi+unix", this should be the name of the Unix socket file to use.
 ;; Relative paths will be made absolute against the _`AppWorkPath`_.
 ;HTTP_ADDR = 0.0.0.0
 ;;
-;; The port to listen on. Leave empty when using a unix socket.
+;; The port to listen on for "http" or "https" protocol. Leave empty when using a unix socket.
 ;HTTP_PORT = 3000
 ;;
+;; Expect PROXY protocol headers on connections
+;USE_PROXY_PROTOCOL = false
+;;
+;; Use PROXY protocol in TLS Bridging mode
+;PROXY_PROTOCOL_TLS_BRIDGING = false
+;;
+;; Timeout to wait for PROXY protocol header (set to 0 to have no timeout)
+;PROXY_PROTOCOL_HEADER_TIMEOUT = 5s
+;;
+;; Accept PROXY protocol headers with UNKNOWN type
+;PROXY_PROTOCOL_ACCEPT_UNKNOWN = false
+;;
 ;; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
 ;; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
 ;; ROOT_URL.  Defaults are false for REDIRECT_OTHER_PORT and 80 for
@@ -180,30 +186,19 @@ RUN_USER = ; git
 ;; If you intend to use the AuthorizedPrincipalsCommand functionality then you should turn this off.
 ;SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE = true
 ;;
-;; For the built-in SSH server, choose the ciphers to support for SSH connections,
-;; for system SSH this setting has no effect
-;SSH_SERVER_CIPHERS = chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com
-;;
-;; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
-;; for system SSH this setting has no effect
-;SSH_SERVER_KEY_EXCHANGES = curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1
-;;
-;; For the built-in SSH server, choose the MACs to support for SSH connections,
-;; for system SSH this setting has no effect
-;SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1
+;; For the builtin SSH server, choose the supported ciphers/key-exchange-algorithms/MACs for SSH connections.
+;; The supported names are listed in https://github.com/golang/crypto/blob/master/ssh/common.go.
+;; Leave them empty to use the Golang crypto's recommended default values.
+;; For system SSH (non-builtin SSH server), this setting has no effect.
+;SSH_SERVER_CIPHERS =
+;SSH_SERVER_KEY_EXCHANGES =
+;SSH_SERVER_MACS =
 ;;
 ;; For the built-in SSH server, choose the keypair to offer as the host key
 ;; The private key should be at SSH_SERVER_HOST_KEY and the public SSH_SERVER_HOST_KEY.pub
 ;; relative paths are made absolute relative to the APP_DATA_PATH
 ;SSH_SERVER_HOST_KEYS=ssh/gitea.rsa, ssh/gogs.rsa
 ;;
-;; Directory to create temporary files in when testing public keys using ssh-keygen,
-;; default is the system temporary directory.
-;SSH_KEY_TEST_PATH =
-;;
-;; Use `ssh-keygen` to parse public SSH keys. The value is passed to the shell. By default, Gitea does the parsing itself.
-;SSH_KEYGEN_PATH =
-;;
 ;; Enable SSH Authorized Key Backup when rewriting all keys, default is false
 ;SSH_AUTHORIZED_KEYS_BACKUP = false
 ;;
@@ -294,6 +289,9 @@ RUN_USER = ; git
 ;; Default path for App data
 ;APP_DATA_PATH = data ; relative paths will be made absolute with _`AppWorkPath`_
 ;;
+;; Base path for App's temp files, leave empty to use the managed tmp directory in APP_DATA_PATH
+;APP_TEMP_PATH =
+;;
 ;; Enable gzip compression for runtime-generated content, static resources excluded
 ;ENABLE_GZIP = false
 ;;
@@ -522,6 +520,10 @@ INTERNAL_TOKEN =
 ;;
 ;; On user registration, record the IP address and user agent of the user to help identify potential abuse.
 ;; RECORD_USER_SIGNUP_METADATA = false
+;;
+;; Set the two-factor auth behavior.
+;; Set to "enforced", to force users to enroll into Two-Factor Authentication, users without 2FA have no access to repositories via API or web.
+;TWO_FACTOR_AUTH =
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -780,6 +782,9 @@ LEVEL = Info
 ;ALLOW_ONLY_EXTERNAL_REGISTRATION = false
 ;;
 ;; User must sign in to view anything.
+;; It could be set to "expensive" to block anonymous users accessing some pages which consume a lot of resources,
+;; for example: block anonymous AI crawlers from accessing repo code pages.
+;; The "expensive" mode is experimental and subject to change.
 ;REQUIRE_SIGNIN_VIEW = false
 ;;
 ;; Mail notification
@@ -941,7 +946,29 @@ LEVEL = Info
 ;;
 ;; Disable the code explore page.
 ;DISABLE_CODE_PAGE = false
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;[qos]
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Enable request quality of service and overload protection.
+; ENABLED = false
 ;;
+;; The maximum number of concurrent requests that the server will
+;; process before enqueueing new requests. Default is "CpuNum * 4".
+; MAX_INFLIGHT =
+;;
+;; The maximum number of requests that can be enqueued before new
+;; requests will be dropped.
+; MAX_WAITING = 100
+;;
+;; Target maximum wait time a request may be enqueued for. Requests
+;; that are enqueued for less than this amount of time will not be
+;; dropped. When wait times exceed this amount, a portion of requests
+;; will be dropped until wait times have decreased below this amount.
+; TARGET_WAIT_TIME = 250ms
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -1068,15 +1095,6 @@ LEVEL = Info
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;[repository.local]
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;
-;; Path for local repository copy. Defaults to `tmp/local-repo` (content gets deleted on gitea restart)
-;LOCAL_COPY_PATH = tmp/local-repo
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;[repository.upload]
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -1084,9 +1102,6 @@ LEVEL = Info
 ;; Whether repository file uploads are enabled. Defaults to `true`
 ;ENABLED = true
 ;;
-;; Path for uploads. Defaults to `data/tmp/uploads` (content gets deleted on gitea restart)
-;TEMP_PATH = data/tmp/uploads
-;;
 ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
 ;ALLOWED_TYPES =
 ;;
@@ -1140,6 +1155,10 @@ LEVEL = Info
 ;;
 ;; Retarget child pull requests to the parent pull request branch target on merge of parent pull request. It only works on merged PRs where the head and base branch target the same repo.
 ;RETARGET_CHILDREN_ON_MERGE = true
+;;
+;; Delay mergeable check until page view or API access, for pull requests that have not been updated in the specified days when their base branches get updated.
+;; Use "-1" to always check all pull requests (old behavior). Use "0" to always delay the checks.
+;DELAY_CHECK_FOR_INACTIVE_DAYS = 7
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -1167,17 +1186,24 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
-;; GPG key to use to sign commits, Defaults to the default - that is the value of git config --get user.signingkey
+;; GPG or SSH key to use to sign commits, Defaults to the default - that is the value of git config --get user.signingkey
+;; Depending on the value of SIGNING_FORMAT this is either:
+;; - openpgp: the GPG key ID
+;; - ssh: the path to the ssh public key "/path/to/key.pub": where "/path/to/key" is the private key, use ssh-keygen -t ed25519 to generate a new key pair without password
 ;; run in the context of the RUN_USER
 ;; Switch to none to stop signing completely
 ;SIGNING_KEY = default
 ;;
-;; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer.
+;; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer and the signing format.
 ;; These should match a publicized name and email address for the key. (When SIGNING_KEY is default these are set to
-;; the results of git config --get user.name and git config --get user.email respectively and can only be overridden
+;; the results of git config --get user.name, git config --get user.email and git config --default openpgp --get gpg.format respectively and can only be overridden
 ;; by setting the SIGNING_KEY ID to the correct ID.)
 ;SIGNING_NAME =
 ;SIGNING_EMAIL =
+;; SIGNING_FORMAT can be one of:
+;; - openpgp (default): use GPG to sign commits
+;; - ssh: use SSH to sign commits
+;SIGNING_FORMAT = openpgp
 ;;
 ;; Sets the default trust model for repositories. Options are: collaborator, committer, collaboratorcommitter
 ;DEFAULT_TRUST_MODEL = collaborator
@@ -1204,6 +1230,13 @@ LEVEL = Info
 ;; - commitssigned: require that all the commits in the head branch are signed.
 ;; - approved: only sign when merging an approved pr to a protected branch
 ;MERGES = pubkey, twofa, basesigned, commitssigned
+;;
+;; Determines which additional ssh keys are trusted for all signed commits regardless of the user
+;; This is useful for ssh signing key rotation.
+;; Exposes the provided SIGNING_NAME and SIGNING_EMAIL as the signer, regardless of the SIGNING_FORMAT value.
+;; Multiple keys should be comma separated.
+;; E.g."ssh-<algorithm> <key>". or "ssh-<algorithm> <key1>, ssh-<algorithm> <key2>".
+;TRUSTED_SSH_KEYS =
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -1410,14 +1443,14 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
-;; Render soft line breaks as hard line breaks, which means a single newline character between
-;; paragraphs will cause a line break and adding trailing whitespace to paragraphs is not
-;; necessary to force a line break.
-;; Render soft line breaks as hard line breaks for comments
-;ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true
-;;
-;; Render soft line breaks as hard line breaks for markdown documents
-;ENABLE_HARD_LINE_BREAK_IN_DOCUMENTS = false
+;; Customize render options for different contexts. Set to "none" to disable the defaults, or use comma separated list:
+;; * short-issue-pattern: recognized "#123" issue reference and render it as a link to the issue
+;; * new-line-hard-break: render soft line breaks as hard line breaks, which means a single newline character between
+;;   paragraphs will cause a line break and adding trailing whitespace to paragraphs is not
+;;   necessary to force a line break.
+;RENDER_OPTIONS_COMMENT = short-issue-pattern, new-line-hard-break
+;RENDER_OPTIONS_WIKI = short-issue-pattern
+;RENDER_OPTIONS_REPO_FILE =
 ;;
 ;; Comma separated list of custom URL-Schemes that are allowed as links when rendering Markdown
 ;; for example git,magnet,ftp (more at https://en.wikipedia.org/wiki/List_of_URI_schemes)
@@ -1431,6 +1464,11 @@ LEVEL = Info
 ;;
 ;; Enables math inline and block detection
 ;ENABLE_MATH = true
+;;
+;; Enable delimiters for math code block detection. Set to "none" to disable all,
+;; or use comma separated list: inline-dollar, inline-parentheses, block-dollar, block-square-brackets
+;; Defaults to "inline-dollar,block-dollar" to follow GitHub's behavior.
+;MATH_CODE_BLOCK_DETECTION =
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -2424,6 +2462,8 @@ LEVEL = Info
 ;DEFAULT_GIT_TREES_PER_PAGE = 1000
 ;; Default max size of a blob returned by the blobs API (default is 10MiB)
 ;DEFAULT_MAX_BLOB_SIZE = 10485760
+;; Default max combined size of all blobs returned by the files API (default is 100MiB)
+;DEFAULT_MAX_RESPONSE_SIZE = 104857600
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -2464,7 +2504,7 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Set the maximum number of characters in a mermaid source. (Set to -1 to disable limits)
-;MERMAID_MAX_SOURCE_CHARACTERS = 5000
+;MERMAID_MAX_SOURCE_CHARACTERS = 50000
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -2585,9 +2625,6 @@ LEVEL = Info
 ;; Currently, only `minio` and `azureblob` is supported.
 ;SERVE_DIRECT = false
 ;;
-;; Path for chunked uploads. Defaults to APP_DATA_PATH + `tmp/package-upload`
-;CHUNKED_UPLOAD_PATH = tmp/package-upload
-;;
 ;; Maximum count of package versions a single owner can have (`-1` means no limits)
 ;LIMIT_TOTAL_OWNER_COUNT = -1
 ;; Maximum size of packages a single owner can use (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
diff --git a/docker/manifest.rootless.tmpl b/docker/manifest.rootless.tmpl
index 1ebf5b73c8..3fa94ab0ec 100644
--- a/docker/manifest.rootless.tmpl
+++ b/docker/manifest.rootless.tmpl
@@ -22,3 +22,8 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-riscv64-rootless
+    platform:
+      architecture: riscv64
+      os: linux
diff --git a/docker/manifest.tmpl b/docker/manifest.tmpl
index 08ccf61b57..c68ca46dd8 100644
--- a/docker/manifest.tmpl
+++ b/docker/manifest.tmpl
@@ -22,3 +22,8 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-riscv64
+    platform:
+      architecture: riscv64
+      os: linux
diff --git a/docker/root/etc/s6/openssh/setup b/docker/root/etc/s6/openssh/setup
index dbb3bafd35..48e7d4b211 100755
--- a/docker/root/etc/s6/openssh/setup
+++ b/docker/root/etc/s6/openssh/setup
@@ -31,6 +31,21 @@ if [ -e /data/ssh/ssh_host_ecdsa_cert ]; then
   SSH_ECDSA_CERT=${SSH_ECDSA_CERT:-"/data/ssh/ssh_host_ecdsa_cert"}
 fi
 
+# In case someone wants to sign the `{keyname}.pub` key by `ssh-keygen -s ca -I identity ...` to
+# make use of the ssh-key certificate authority feature (see ssh-keygen CERTIFICATES section),
+# the generated key file name is `{keyname}-cert.pub`
+if [ -e /data/ssh/ssh_host_ed25519_key-cert.pub ]; then
+  SSH_ED25519_CERT=${SSH_ED25519_CERT:-"/data/ssh/ssh_host_ed25519_key-cert.pub"}
+fi
+
+if [ -e /data/ssh/ssh_host_rsa_key-cert.pub ]; then
+  SSH_RSA_CERT=${SSH_RSA_CERT:-"/data/ssh/ssh_host_rsa_key-cert.pub"}
+fi
+
+if [ -e /data/ssh/ssh_host_ecdsa_key-cert.pub ]; then
+  SSH_ECDSA_CERT=${SSH_ECDSA_CERT:-"/data/ssh/ssh_host_ecdsa_key-cert.pub"}
+fi
+
 if [ -d /etc/ssh ]; then
     SSH_PORT=${SSH_PORT:-"22"} \
     SSH_LISTEN_PORT=${SSH_LISTEN_PORT:-"${SSH_PORT}"} \
diff --git a/flake.lock b/flake.lock
index 2f7b86359b..67f87dfaf6 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1739214665,
-        "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=",
+        "lastModified": 1752480373,
+        "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a",
+        "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 1b930649d0..13aa5008e6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -11,33 +11,45 @@
         pkgs = nixpkgs.legacyPackages.${system};
       in
       {
-        devShells.default = pkgs.mkShell {
-          buildInputs = with pkgs; [
-            # generic
-            git
-            git-lfs
-            gnumake
-            gnused
-            gnutar
-            gzip
+        devShells.default =
+          with pkgs;
+          let
+            # only bump toolchain versions here
+            go = go_1_24;
+            nodejs = nodejs_24;
+            python3 = python312;
+          in
+          pkgs.mkShell {
+            buildInputs = [
+              # generic
+              git
+              git-lfs
+              gnumake
+              gnused
+              gnutar
+              gzip
 
-            # frontend
-            nodejs_22
+              # frontend
+              nodejs
 
-            # linting
-            python312
-            poetry
+              # linting
+              python3
+              uv
 
-            # backend
-            go_1_24
-            gofumpt
-            sqlite
-          ];
-          shellHook = ''
-            export GO="${pkgs.go_1_24}/bin/go"
-            export GOROOT="${pkgs.go_1_24}/share/go"
-          '';
-        };
+              # backend
+              go
+              glibc.static
+              gofumpt
+              sqlite
+            ];
+            CFLAGS = "-I${glibc.static.dev}/include";
+            LDFLAGS = "-L ${glibc.static}/lib";
+            GO = "${go}/bin/go";
+            GOROOT = "${go}/share/go";
+
+            TAGS = "sqlite sqlite_unlock_notify";
+            STATIC = "true";
+          };
       }
     );
 }
diff --git a/go.mod b/go.mod
index b0e294565b..eab0d417cf 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module code.gitea.io/gitea
 
-go 1.24
+go 1.24.5
 
 // rfc5280 said: "The serial number is an integer assigned by the CA to each certificate."
 // But some CAs use negative serial number, just relax the check. related:
@@ -10,7 +10,7 @@ godebug x509negativeserial=1
 require (
 	code.gitea.io/actions-proto-go v0.4.1
 	code.gitea.io/gitea-vet v0.2.3
-	code.gitea.io/sdk/gitea v0.20.0
+	code.gitea.io/sdk/gitea v0.21.0
 	codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570
 	connectrpc.com/connect v1.18.1
 	gitea.com/go-chi/binding v0.0.0-20240430071103-39a851e106ed
@@ -21,19 +21,20 @@ require (
 	gitea.com/lunny/levelqueue v0.4.2-0.20230414023320-3c0159fe0fe4
 	github.com/42wim/httpsig v1.2.2
 	github.com/42wim/sshsig v0.0.0-20240818000253-e3a6333df815
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0
 	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.0
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358
-	github.com/ProtonMail/go-crypto v1.1.6
-	github.com/PuerkitoBio/goquery v1.10.2
+	github.com/ProtonMail/go-crypto v1.2.0
+	github.com/PuerkitoBio/goquery v1.10.3
 	github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3
-	github.com/alecthomas/chroma/v2 v2.15.0
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.60
-	github.com/aws/aws-sdk-go-v2/service/codecommit v1.27.16
+	github.com/alecthomas/chroma/v2 v2.17.0
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.67
+	github.com/aws/aws-sdk-go-v2/service/codecommit v1.28.2
 	github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb
-	github.com/blevesearch/bleve/v2 v2.4.2
-	github.com/buildkite/terminal-to-html/v3 v3.16.6
-	github.com/caddyserver/certmagic v0.21.7
+	github.com/blevesearch/bleve/v2 v2.5.0
+	github.com/bohde/codel v0.2.0
+	github.com/buildkite/terminal-to-html/v3 v3.16.8
+	github.com/caddyserver/certmagic v0.23.0
 	github.com/charmbracelet/git-lfs-transfer v0.2.0
 	github.com/chi-middleware/proxy v1.1.1
 	github.com/dimiro1/reply v0.0.0-20200315094148-d0136a4c9e21
@@ -41,33 +42,32 @@ require (
 	github.com/djherbis/nio/v3 v3.0.1
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5
 	github.com/dustin/go-humanize v1.0.1
-	github.com/editorconfig/editorconfig-core-go/v2 v2.6.2
+	github.com/editorconfig/editorconfig-core-go/v2 v2.6.3
 	github.com/emersion/go-imap v1.2.1
 	github.com/emirpasic/gods v1.18.1
 	github.com/ethantkoenig/rupture v1.0.1
 	github.com/felixge/fgprof v0.9.5
-	github.com/fsnotify/fsnotify v1.8.0
+	github.com/fsnotify/fsnotify v1.9.0
 	github.com/gliderlabs/ssh v0.3.8
-	github.com/go-ap/activitypub v0.0.0-20250212090640-aeb6499ba581
+	github.com/go-ap/activitypub v0.0.0-20250409143848-7113328b1f3d
 	github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73
-	github.com/go-chi/chi/v5 v5.2.1
+	github.com/go-chi/chi/v5 v5.2.2
 	github.com/go-chi/cors v1.2.1
 	github.com/go-co-op/gocron v1.37.0
 	github.com/go-enry/go-enry/v2 v2.9.2
 	github.com/go-git/go-billy/v5 v5.6.2
-	github.com/go-git/go-git/v5 v5.13.2
-	github.com/go-ldap/ldap/v3 v3.4.10
+	github.com/go-git/go-git/v5 v5.16.0
+	github.com/go-ldap/ldap/v3 v3.4.11
 	github.com/go-redsync/redsync/v4 v4.13.0
-	github.com/go-sql-driver/mysql v1.9.0
-	github.com/go-swagger/go-swagger v0.31.0
-	github.com/go-webauthn/webauthn v0.11.2
+	github.com/go-sql-driver/mysql v1.9.2
+	github.com/go-webauthn/webauthn v0.12.3
 	github.com/gobwas/glob v0.2.3
 	github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f
 	github.com/gogs/go-gogs-client v0.0.0-20210131175652-1d7215cd8d85
 	github.com/golang-jwt/jwt/v5 v5.2.2
-	github.com/google/go-github/v61 v61.0.0
+	github.com/google/go-github/v71 v71.0.0
 	github.com/google/licenseclassifier/v2 v2.0.0
-	github.com/google/pprof v0.0.0-20250208200701-d0013a598941
+	github.com/google/pprof v0.0.0-20250422154841-e1f9c1950416
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/feeds v1.2.0
 	github.com/gorilla/sessions v1.4.0
@@ -79,60 +79,59 @@ require (
 	github.com/json-iterator/go v1.1.12
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
 	github.com/klauspost/compress v1.18.0
-	github.com/klauspost/cpuid/v2 v2.2.9
+	github.com/klauspost/cpuid/v2 v2.2.10
 	github.com/lib/pq v1.10.9
-	github.com/markbates/goth v1.80.0
+	github.com/markbates/goth v1.81.0
 	github.com/mattn/go-isatty v0.0.20
-	github.com/mattn/go-sqlite3 v1.14.24
-	github.com/meilisearch/meilisearch-go v0.29.1-0.20241106140435-0bf60fad690a
+	github.com/mattn/go-sqlite3 v1.14.28
+	github.com/meilisearch/meilisearch-go v0.31.0
 	github.com/mholt/archiver/v3 v3.5.1
 	github.com/microcosm-cc/bluemonday v1.0.27
 	github.com/microsoft/go-mssqldb v1.8.0
-	github.com/minio/minio-go/v7 v7.0.87
+	github.com/minio/minio-go/v7 v7.0.91
 	github.com/msteinert/pam v1.2.0
 	github.com/nektos/act v0.2.63
-	github.com/niklasfasching/go-org v1.7.0
+	github.com/niklasfasching/go-org v1.8.0
 	github.com/olivere/elastic/v7 v7.0.32
 	github.com/opencontainers/go-digest v1.0.0
-	github.com/opencontainers/image-spec v1.1.0
+	github.com/opencontainers/image-spec v1.1.1
 	github.com/pkg/errors v0.9.1
 	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.21.0
+	github.com/prometheus/client_golang v1.22.0
 	github.com/quasoft/websspi v1.1.2
 	github.com/redis/go-redis/v9 v9.7.3
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
 	github.com/sassoftware/go-rpmutils v0.4.0
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3
-	github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92
 	github.com/stretchr/testify v1.10.0
 	github.com/syndtr/goleveldb v1.0.0
 	github.com/tstranex/u2f v1.0.0
 	github.com/ulikunitz/xz v0.5.12
-	github.com/urfave/cli/v2 v2.27.5
+	github.com/urfave/cli-docs/v3 v3.0.0-alpha6
+	github.com/urfave/cli/v3 v3.3.3
 	github.com/wneessen/go-mail v0.6.2
 	github.com/xeipuuv/gojsonschema v1.2.0
 	github.com/yohcop/openid-go v1.0.1
-	github.com/yuin/goldmark v1.7.8
+	github.com/yuin/goldmark v1.7.10
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
 	github.com/yuin/goldmark-meta v1.1.0
-	gitlab.com/gitlab-org/api/client-go v0.123.0
-	golang.org/x/crypto v0.35.0
-	golang.org/x/image v0.24.0
-	golang.org/x/net v0.36.0
-	golang.org/x/oauth2 v0.27.0
-	golang.org/x/sync v0.11.0
-	golang.org/x/sys v0.30.0
-	golang.org/x/text v0.22.0
-	golang.org/x/tools v0.30.0
-	google.golang.org/grpc v1.70.0
-	google.golang.org/protobuf v1.36.5
+	gitlab.com/gitlab-org/api/client-go v0.127.0
+	golang.org/x/crypto v0.39.0
+	golang.org/x/image v0.26.0
+	golang.org/x/net v0.40.0
+	golang.org/x/oauth2 v0.29.0
+	golang.org/x/sync v0.15.0
+	golang.org/x/sys v0.33.0
+	golang.org/x/text v0.26.0
+	google.golang.org/grpc v1.72.0
+	google.golang.org/protobuf v1.36.6
 	gopkg.in/ini.v1 v1.67.0
 	gopkg.in/yaml.v3 v3.0.1
 	mvdan.cc/xurls/v2 v2.6.0
 	strk.kbt.io/projects/go/libravatar v0.0.0-20191008002943-06d1c002b251
 	xorm.io/builder v0.3.13
-	xorm.io/xorm v1.3.9
+	xorm.io/xorm v1.3.10
 )
 
 require (
@@ -140,52 +139,48 @@ require (
 	dario.cat/mergo v1.0.1 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
 	git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
-	github.com/DataDog/zstd v1.5.6 // indirect
-	github.com/Masterminds/goutils v1.1.1 // indirect
-	github.com/Masterminds/semver/v3 v3.3.1 // indirect
-	github.com/Masterminds/sprig/v3 v3.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
+	github.com/DataDog/zstd v1.5.7 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/RoaringBitmap/roaring v1.9.4 // indirect
+	github.com/RoaringBitmap/roaring/v2 v2.4.5 // indirect
 	github.com/andybalholm/brotli v1.1.1 // indirect
 	github.com/andybalholm/cascadia v1.3.3 // indirect
 	github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect
-	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/aws/aws-sdk-go-v2 v1.36.2 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.33 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.33 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
 	github.com/aws/smithy-go v1.22.3 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/bits-and-blooms/bitset v1.20.0 // indirect
-	github.com/blevesearch/bleve_index_api v1.1.12 // indirect
-	github.com/blevesearch/geo v0.1.20 // indirect
-	github.com/blevesearch/go-faiss v1.0.20 // indirect
+	github.com/bits-and-blooms/bitset v1.22.0 // indirect
+	github.com/blevesearch/bleve_index_api v1.2.8 // indirect
+	github.com/blevesearch/geo v0.2.0 // indirect
+	github.com/blevesearch/go-faiss v1.0.25 // indirect
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
 	github.com/blevesearch/mmap-go v1.0.4 // indirect
-	github.com/blevesearch/scorch_segment_api/v2 v2.2.15 // indirect
+	github.com/blevesearch/scorch_segment_api/v2 v2.3.10 // indirect
 	github.com/blevesearch/segment v0.9.1 // indirect
 	github.com/blevesearch/snowballstem v0.9.0 // indirect
 	github.com/blevesearch/upsidedown_store_api v1.0.2 // indirect
-	github.com/blevesearch/vellum v1.0.10 // indirect
-	github.com/blevesearch/zapx/v11 v11.3.10 // indirect
-	github.com/blevesearch/zapx/v12 v12.3.10 // indirect
-	github.com/blevesearch/zapx/v13 v13.3.10 // indirect
-	github.com/blevesearch/zapx/v14 v14.3.10 // indirect
-	github.com/blevesearch/zapx/v15 v15.3.13 // indirect
-	github.com/blevesearch/zapx/v16 v16.1.5 // indirect
+	github.com/blevesearch/vellum v1.1.0 // indirect
+	github.com/blevesearch/zapx/v11 v11.4.1 // indirect
+	github.com/blevesearch/zapx/v12 v12.4.1 // indirect
+	github.com/blevesearch/zapx/v13 v13.4.1 // indirect
+	github.com/blevesearch/zapx/v14 v14.4.1 // indirect
+	github.com/blevesearch/zapx/v15 v15.4.1 // indirect
+	github.com/blevesearch/zapx/v16 v16.2.3 // indirect
 	github.com/bmatcuk/doublestar/v4 v4.8.1 // indirect
 	github.com/boombuler/barcode v1.0.2 // indirect
-	github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874 // indirect
+	github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf // indirect
 	github.com/caddyserver/zerossl v0.1.3 // indirect
 	github.com/cention-sany/utf7 v0.0.0-20170124080048-26cad61bd60a // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/cloudflare/circl v1.6.0 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
 	github.com/couchbase/go-couchbase v0.1.1 // indirect
-	github.com/couchbase/gomemcached v0.3.2 // indirect
+	github.com/couchbase/gomemcached v0.3.3 // indirect
 	github.com/couchbase/goutils v0.1.2 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
 	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/davidmz/go-pageant v1.0.2 // indirect
@@ -193,103 +188,69 @@ require (
 	github.com/dlclark/regexp2 v1.11.5 // indirect
 	github.com/emersion/go-sasl v0.0.0-20241020182733-b788ff22d5a6 // indirect
 	github.com/fatih/color v1.18.0 // indirect
-	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.8.0 // indirect
 	github.com/git-lfs/pktline v0.0.0-20230103162542-ca444d533ef1 // indirect
-	github.com/go-ap/errors v0.0.0-20250124135319-3da8adefd4a9 // indirect
-	github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect
+	github.com/go-ap/errors v0.0.0-20250409143711-5686c11ae650 // indirect
+	github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
 	github.com/go-enry/go-oniguruma v1.2.1 // indirect
 	github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
-	github.com/go-openapi/analysis v0.23.0 // indirect
-	github.com/go-openapi/errors v0.22.0 // indirect
-	github.com/go-openapi/inflect v0.21.0 // indirect
-	github.com/go-openapi/jsonpointer v0.21.0 // indirect
-	github.com/go-openapi/jsonreference v0.21.0 // indirect
-	github.com/go-openapi/loads v0.22.0 // indirect
-	github.com/go-openapi/runtime v0.28.0 // indirect
-	github.com/go-openapi/spec v0.21.0 // indirect
-	github.com/go-openapi/strfmt v0.23.0 // indirect
-	github.com/go-openapi/swag v0.23.0 // indirect
-	github.com/go-openapi/validate v0.24.0 // indirect
-	github.com/go-webauthn/x v0.1.16 // indirect
+	github.com/go-webauthn/x v0.1.20 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
 	github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
 	github.com/golang-sql/sqlexp v0.1.0 // indirect
-	github.com/golang/geo v0.0.0-20230421003525-6adc56603217 // indirect
 	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/golang/snappy v0.0.4 // indirect
+	github.com/golang/snappy v1.0.0 // indirect
 	github.com/google/btree v1.1.3 // indirect
+	github.com/google/flatbuffers v25.2.10+incompatible // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/go-tpm v0.9.3 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
-	github.com/gorilla/handlers v1.5.2 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
-	github.com/jessevdk/go-flags v1.6.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/klauspost/pgzip v1.2.6 // indirect
-	github.com/kr/pretty v0.3.1 // indirect
-	github.com/kr/text v0.2.0 // indirect
-	github.com/libdns/libdns v0.2.3 // indirect
-	github.com/magiconair/properties v1.8.9 // indirect
+	github.com/libdns/libdns v1.0.0-beta.1 // indirect
 	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/markbates/going v1.0.3 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/mattn/go-shellwords v1.0.12 // indirect
-	github.com/mholt/acmez/v3 v3.0.1 // indirect
-	github.com/miekg/dns v1.1.63 // indirect
+	github.com/mholt/acmez/v3 v3.1.2 // indirect
+	github.com/miekg/dns v1.1.65 // indirect
 	github.com/minio/crc64nvme v1.0.1 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
-	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
-	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mrjones/oauth v0.0.0-20190623134757-126b35219450 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/nwaples/rardecode v1.1.3 // indirect
-	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/onsi/ginkgo v1.16.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
 	github.com/pierrec/lz4/v4 v4.1.22 // indirect
 	github.com/pjbgf/sha1cd v0.3.2 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.62.0 // indirect
-	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.63.0 // indirect
+	github.com/prometheus/procfs v0.16.1 // indirect
 	github.com/rhysd/actionlint v1.7.7 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
-	github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a // indirect
 	github.com/rs/xid v1.6.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/sagikazarmark/locafero v0.7.0 // indirect
-	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
-	github.com/shopspring/decimal v1.4.0 // indirect
-	github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/skeema/knownhosts v1.3.1 // indirect
-	github.com/sourcegraph/conc v0.3.0 // indirect
-	github.com/spf13/afero v1.12.0 // indirect
-	github.com/spf13/cast v1.7.1 // indirect
-	github.com/spf13/pflag v1.0.6 // indirect
-	github.com/spf13/viper v1.19.0 // indirect
 	github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect
-	github.com/subosito/gotenv v1.6.0 // indirect
-	github.com/toqueteos/webbrowser v1.2.0 // indirect
 	github.com/unknwon/com v1.0.1 // indirect
 	github.com/valyala/fastjson v1.6.4 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
@@ -297,28 +258,25 @@ require (
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
-	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
 	github.com/zeebo/assert v1.3.0 // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
 	go.etcd.io/bbolt v1.4.0 // indirect
-	go.mongodb.org/mongo-driver v1.17.2 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	go.uber.org/zap/exp v0.3.0 // indirect
-	golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa // indirect
-	golang.org/x/mod v0.23.0 // indirect
-	golang.org/x/time v0.10.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 // indirect
+	golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
+	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/time v0.11.0 // indirect
+	golang.org/x/tools v0.33.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250422160041-2d3770c4ea7f // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
 
 replace github.com/hashicorp/go-version => github.com/6543/go-version v1.3.1
 
-replace github.com/shurcooL/vfsgen => github.com/lunny/vfsgen v0.0.0-20220105142115-2c99e1ffdfa0
-
-replace github.com/nektos/act => gitea.com/gitea/act v0.261.4
+replace github.com/nektos/act => gitea.com/gitea/act v0.261.6
 
 // TODO: the only difference is in `PutObject`: the fork doesn't use `NewVerifyingReader(r, sha256.New(), oid, expectedSize)`, need to figure out why
 replace github.com/charmbracelet/git-lfs-transfer => gitea.com/gitea/git-lfs-transfer v0.2.0
@@ -326,6 +284,8 @@ replace github.com/charmbracelet/git-lfs-transfer => gitea.com/gitea/git-lfs-tra
 // TODO: This could be removed after https://github.com/mholt/archiver/pull/396 merged
 replace github.com/mholt/archiver/v3 => github.com/anchore/archiver/v3 v3.5.2
 
+replace git.sr.ht/~mariusor/go-xsd-duration => gitea.com/gitea/go-xsd-duration v0.0.0-20220703122237-02e73435a078
+
 exclude github.com/gofrs/uuid v3.2.0+incompatible
 
 exclude github.com/gofrs/uuid v4.0.0+incompatible
diff --git a/go.sum b/go.sum
index 4c1af56868..2ccdc64d77 100644
--- a/go.sum
+++ b/go.sum
@@ -4,8 +4,8 @@ code.gitea.io/actions-proto-go v0.4.1 h1:l0EYhjsgpUe/1VABo2eK7zcoNX2W44WOnb0MSLr
 code.gitea.io/actions-proto-go v0.4.1/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
 code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI=
 code.gitea.io/gitea-vet v0.2.3/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE=
-code.gitea.io/sdk/gitea v0.20.0 h1:Zm/QDwwZK1awoM4AxdjeAQbxolzx2rIP8dDfmKu+KoU=
-code.gitea.io/sdk/gitea v0.20.0/go.mod h1:faouBHC/zyx5wLgjmRKR62ydyvMzwWf3QnU0bH7Cw6U=
+code.gitea.io/sdk/gitea v0.21.0 h1:69n6oz6kEVHRo1+APQQyizkhrZrLsTLXey9142pfkD4=
+code.gitea.io/sdk/gitea v0.21.0/go.mod h1:tnBjVhuKJCn8ibdyyhvUyxrR1Ca2KHEoTWoukNhXQPA=
 codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570 h1:TXbikPqa7YRtfU9vS6QJBg77pUvbEb6StRdZO8t1bEY=
 codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570/go.mod h1:IIAjsijsd8q1isWX8MACefDEgTQslQ4stk2AeeTt3kM=
 connectrpc.com/connect v1.18.1 h1:PAg7CjSAGvscaf6YZKUefjoih5Z/qYkyaTrBW8xvYPw=
@@ -14,12 +14,12 @@ dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
 dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 h1:cliQ4HHsCo6xi2oWZYKWW4bly/Ory9FuTpFPRxj/mAg=
-git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078/go.mod h1:g/V2Hjas6Z1UHUp4yIx6bATpNzJ7DYtD0FG3+xARWxs=
-gitea.com/gitea/act v0.261.4 h1:Tf9eLlvsYFtKcpuxlMvf9yT3g4Hshb2Beqw6C1STuH8=
-gitea.com/gitea/act v0.261.4/go.mod h1:Pg5C9kQY1CEA3QjthjhlrqOC/QOT5NyWNjOjRHw23Ok=
+gitea.com/gitea/act v0.261.6 h1:CjZwKOyejonNFDmsXOw3wGm5Vet573hHM6VMLsxtvPY=
+gitea.com/gitea/act v0.261.6/go.mod h1:Pg5C9kQY1CEA3QjthjhlrqOC/QOT5NyWNjOjRHw23Ok=
 gitea.com/gitea/git-lfs-transfer v0.2.0 h1:baHaNoBSRaeq/xKayEXwiDQtlIjps4Ac/Ll4KqLMB40=
 gitea.com/gitea/git-lfs-transfer v0.2.0/go.mod h1:UrXUCm3xLQkq15fu7qlXHUMlrhdlXHoi13KH2Dfiits=
+gitea.com/gitea/go-xsd-duration v0.0.0-20220703122237-02e73435a078 h1:BAFmdZpRW7zMQZQDClaCWobRj9uL1MR3MzpCVJvc5s4=
+gitea.com/gitea/go-xsd-duration v0.0.0-20220703122237-02e73435a078/go.mod h1:g/V2Hjas6Z1UHUp4yIx6bATpNzJ7DYtD0FG3+xARWxs=
 gitea.com/go-chi/binding v0.0.0-20240430071103-39a851e106ed h1:EZZBtilMLSZNWtHHcgq2mt6NSGhJSZBuduAlinMEmso=
 gitea.com/go-chi/binding v0.0.0-20240430071103-39a851e106ed/go.mod h1:E3i3cgB04dDx0v3CytCgRTTn9Z/9x891aet3r456RVw=
 gitea.com/go-chi/cache v0.2.1 h1:bfAPkvXlbcZxPCpcmDVCWoHgiBSBmZN/QosnZvEC0+g=
@@ -40,12 +40,12 @@ github.com/42wim/sshsig v0.0.0-20240818000253-e3a6333df815 h1:5EoemV++kUK2Sw98yW
 github.com/42wim/sshsig v0.0.0-20240818000253-e3a6333df815/go.mod h1:zjsWZdDLrcDojDIfpQg7A6J4YZLT0cbwuAD26AppDBo=
 github.com/6543/go-version v1.3.1 h1:HvOp+Telns7HWJ2Xo/05YXQSB2bE0WmVgbHqwMPZT4U=
 github.com/6543/go-version v1.3.1/go.mod h1:oqFAHCwtLVUTLdhQmVZWYvaHXTdsbB4SY85at64SQEo=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 h1:g0EZJwz7xkXQiZAI5xi9f3WWFYBlX1CPTrR+NDToRkQ=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0/go.mod h1:XCW7KnZet0Opnr7HccfUw1PLc4CjHqpcaxW8DHklNkQ=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 h1:B/dfvscEQtew9dVuoxqxrUKKv8Ih2f55PydknDamU+g=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08HJchL04dOy+RD4hgrjph0cwGGMntdI=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 h1:F0gBpfdPLGsw+nsgk6aqqkZS1jiixa5WwFe3fk/T3Ys=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2/go.mod h1:SqINnQ9lVVdRlyC8cd1lCI0SdX4n2paeABd2K8ggfnE=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA=
 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.6.0 h1:PiSrjRPpkQNjrM8H0WwKMnZUdu1RGMtd/LdGKUrOo+c=
 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.6.0/go.mod h1:oDrbWx4ewMylP7xHivfgixbfGBT6APAwsSoHRKotnIc=
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1 h1:MyVTgWR8qd/Jw1Le0NZebGBUCLbtak3bJ3z1OlqZBpw=
@@ -56,36 +56,30 @@ github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.0 h1:UXT0o77lXQrikd1kg
 github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.0/go.mod h1:cTvi54pg19DoT07ekoeMgE/taAwNtCShVeZqA+Iv2xI=
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2 h1:kYRSnvJju5gYVyhkij+RTJ/VR6QIUaCfWeaFm2ycsjQ=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/DataDog/zstd v1.5.6 h1:LbEglqepa/ipmmQJUDnSsfvA8e8IStVcGaFWDuxvGOY=
-github.com/DataDog/zstd v1.5.6/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
+github.com/DataDog/zstd v1.5.7 h1:ybO8RBeh29qrxIhCA9E8gKY6xfONU9T6G6aP9DTKfLE=
+github.com/DataDog/zstd v1.5.7/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
 github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
-github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
-github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
-github.com/Masterminds/semver/v3 v3.3.1 h1:QtNSWtVZ3nBfk8mAOu/B6v7FMJ+NHTIgUPi7rj+4nv4=
-github.com/Masterminds/semver/v3 v3.3.1/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM=
-github.com/Masterminds/sprig/v3 v3.3.0 h1:mQh0Yrg1XPo6vjYXgtf5OtijNAKJRNcTdOOGZe3tPhs=
-github.com/Masterminds/sprig/v3 v3.3.0/go.mod h1:Zy1iXRYNqNLUolqCpL4uhk6SHUMAOSCzdgBfDb35Lz0=
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
-github.com/ProtonMail/go-crypto v1.1.6 h1:ZcV+Ropw6Qn0AX9brlQLAUXfqLBc7Bl+f/DmNxpLfdw=
-github.com/ProtonMail/go-crypto v1.1.6/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
-github.com/PuerkitoBio/goquery v1.10.2 h1:7fh2BdHcG6VFZsK7toXBT/Bh1z5Wmy8Q9MV9HqT2AM8=
-github.com/PuerkitoBio/goquery v1.10.2/go.mod h1:0guWGjcLu9AYC7C1GHnpysHy056u9aEkUHwhdnePMCU=
+github.com/ProtonMail/go-crypto v1.2.0 h1:+PhXXn4SPGd+qk76TlEePBfOfivE0zkWFenhGhFLzWs=
+github.com/ProtonMail/go-crypto v1.2.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
+github.com/PuerkitoBio/goquery v1.10.3 h1:pFYcNSqHxBD06Fpj/KsbStFRsgRATgnf3LeXiUkhzPo=
+github.com/PuerkitoBio/goquery v1.10.3/go.mod h1:tMUX0zDMHXYlAQk6p35XxQMqMweEKB7iK7iLNd4RH4Y=
 github.com/RoaringBitmap/roaring v0.4.23/go.mod h1:D0gp8kJQgE1A4LQ5wFLggQEyvDi06Mq5mKs52e1TwOo=
 github.com/RoaringBitmap/roaring v0.7.1/go.mod h1:jdT9ykXwHFNdJbEtxePexlFYH9LXucApeS0/+/g+p1I=
-github.com/RoaringBitmap/roaring v1.9.4 h1:yhEIoH4YezLYT04s1nHehNO64EKFTop/wBhxv2QzDdQ=
-github.com/RoaringBitmap/roaring v1.9.4/go.mod h1:6AXUsoIEzDTFFQCe1RbGA6uFONMhvejWj5rqITANK90=
+github.com/RoaringBitmap/roaring/v2 v2.4.5 h1:uGrrMreGjvAtTBobc0g5IrW1D5ldxDQYe2JW2gggRdg=
+github.com/RoaringBitmap/roaring/v2 v2.4.5/go.mod h1:FiJcsfkGje/nZBZgCu0ZxCPOKD/hVXDS2dXi7/eUFE0=
 github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3 h1:BP0HiyNT3AQEYi+if3wkRcIdQFHtsw6xX3Kx0glckgA=
 github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3/go.mod h1:hMNtySovKkn2gdDuLqnqveP+mfhUSaBdoBcr2I7Zt0E=
 github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
 github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
 github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
-github.com/alecthomas/chroma/v2 v2.15.0 h1:LxXTQHFoYrstG2nnV9y2X5O94sOBzf0CIUpSTbpxvMc=
-github.com/alecthomas/chroma/v2 v2.15.0/go.mod h1:gUhVLrPDXPtp/f+L1jo9xepo9gL4eLwRuGAunSZMkio=
+github.com/alecthomas/chroma/v2 v2.17.0 h1:3r2Cgk+nXNICMBxIFGnTRTbQFUwMiLisW+9uos0TtUI=
+github.com/alecthomas/chroma/v2 v2.17.0/go.mod h1:RVX6AvYm4VfYe/zsk7mjHueLDZor3aWCNE14TFlepBk=
 github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
 github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc=
 github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
@@ -103,18 +97,16 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
-github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go-v2 v1.36.2 h1:Ub6I4lq/71+tPb/atswvToaLGVMxKZvjYDVOWEExOcU=
-github.com/aws/aws-sdk-go-v2 v1.36.2/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.60 h1:1dq+ELaT5ogfmqtV1eocq8SpOK1NRsuUfmhQtD/XAh4=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.60/go.mod h1:HDes+fn/xo9VeszXqjBVkxOo/aUy8Mc6QqKvZk32GlE=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.33 h1:knLyPMw3r3JsU8MFHWctE4/e2qWbPaxDYLlohPvnY8c=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.33/go.mod h1:EBp2HQ3f+XCB+5J+IoEbGhoV7CpJbnrsd4asNXmTL0A=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.33 h1:K0+Ne08zqti8J9jwENxZ5NoUyBnaFDTu3apwQJWrwwA=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.33/go.mod h1:K97stwwzaWzmqxO8yLGHhClbVW1tC6VT1pDLk1pGrq4=
-github.com/aws/aws-sdk-go-v2/service/codecommit v1.27.16 h1:DodiGgET+sAVT1Wsx9lHDpEPxzoY7Y6wCpYh6LsGTWQ=
-github.com/aws/aws-sdk-go-v2/service/codecommit v1.27.16/go.mod h1:FyuFDtt95CXzQCClFbkb9rqKDX8+IRvSzmjFSkQOX4g=
+github.com/aws/aws-sdk-go-v2 v1.36.3 h1:mJoei2CxPutQVxaATCzDUjcZEjVRdpsiiXi2o38yqWM=
+github.com/aws/aws-sdk-go-v2 v1.36.3/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.67 h1:9KxtdcIA/5xPNQyZRgUSpYOE6j9Bc4+D7nZua0KGYOM=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.67/go.mod h1:p3C44m+cfnbv763s52gCqrjaqyPikj9Sg47kUVaNZQQ=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 h1:ZK5jHhnrioRkUNOc+hOgQKlUL5JeC3S6JgLxtQ+Rm0Q=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34/go.mod h1:p4VfIceZokChbA9FzMbRGz5OV+lekcVtHlPKEO0gSZY=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 h1:SZwFm17ZUNNg5Np0ioo/gq8Mn6u9w19Mri8DnJ15Jf0=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34/go.mod h1:dFZsC0BLo346mvKQLWmoJxT+Sjp+qcVR1tRVHQGOH9Q=
+github.com/aws/aws-sdk-go-v2/service/codecommit v1.28.2 h1:enL75gIdaPAoBztv/GDuMgOocEUpO2jYc45qp2Uweqs=
+github.com/aws/aws-sdk-go-v2/service/codecommit v1.28.2/go.mod h1:JsdLne5QNlqJdCQFm2DbHLNmNfEWSU7HnTuvi8SIl+E=
 github.com/aws/smithy-go v1.22.3 h1:Z//5NuZCSW6R4PhQ93hShNbyBbn8BWCmCVCt+Q8Io5k=
 github.com/aws/smithy-go v1.22.3/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
@@ -124,20 +116,20 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/bits-and-blooms/bitset v1.1.10/go.mod h1:w0XsmFg8qg6cmpTtJ0z3pKgjTDBMMnI/+I2syrE6XBE=
 github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
 github.com/bits-and-blooms/bitset v1.12.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
-github.com/bits-and-blooms/bitset v1.20.0 h1:2F+rfL86jE2d/bmw7OhqUg2Sj/1rURkBn3MdfoPyRVU=
-github.com/bits-and-blooms/bitset v1.20.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/bits-and-blooms/bitset v1.22.0 h1:Tquv9S8+SGaS3EhyA+up3FXzmkhxPGjQQCkcs2uw7w4=
+github.com/bits-and-blooms/bitset v1.22.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
 github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb h1:m935MPodAbYS46DG4pJSv7WO+VECIWUQ7OJYSoTrMh4=
 github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb/go.mod h1:PkYb9DJNAwrSvRx5DYA+gUcOIgTGVMNkfSCbZM8cWpI=
 github.com/blevesearch/bleve/v2 v2.0.5/go.mod h1:ZjWibgnbRX33c+vBRgla9QhPb4QOjD6fdVJ+R1Bk8LM=
-github.com/blevesearch/bleve/v2 v2.4.2 h1:NooYP1mb3c0StkiY9/xviiq2LGSaE8BQBCc/pirMx0U=
-github.com/blevesearch/bleve/v2 v2.4.2/go.mod h1:ATNKj7Yl2oJv/lGuF4kx39bST2dveX6w0th2FFYLkc8=
+github.com/blevesearch/bleve/v2 v2.5.0 h1:HzYqBy/5/M9Ul9ESEmXzN/3Jl7YpmWBdHM/+zzv/3k4=
+github.com/blevesearch/bleve/v2 v2.5.0/go.mod h1:PcJzTPnEynO15dCf9isxOga7YFRa/cMSsbnRwnszXUk=
 github.com/blevesearch/bleve_index_api v1.0.0/go.mod h1:fiwKS0xLEm+gBRgv5mumf0dhgFr2mDgZah1pqv1c1M4=
-github.com/blevesearch/bleve_index_api v1.1.12 h1:P4bw9/G/5rulOF7SJ9l4FsDoo7UFJ+5kexNy1RXfegY=
-github.com/blevesearch/bleve_index_api v1.1.12/go.mod h1:PbcwjIcRmjhGbkS/lJCpfgVSMROV6TRubGGAODaK1W8=
-github.com/blevesearch/geo v0.1.20 h1:paaSpu2Ewh/tn5DKn/FB5SzvH0EWupxHEIwbCk/QPqM=
-github.com/blevesearch/geo v0.1.20/go.mod h1:DVG2QjwHNMFmjo+ZgzrIq2sfCh6rIHzy9d9d0B59I6w=
-github.com/blevesearch/go-faiss v1.0.20 h1:AIkdTQFWuZ5LQmKQSebgMR4RynGNw8ZseJXaan5kvtI=
-github.com/blevesearch/go-faiss v1.0.20/go.mod h1:jrxHrbl42X/RnDPI+wBoZU8joxxuRwedrxqswQ3xfU8=
+github.com/blevesearch/bleve_index_api v1.2.8 h1:Y98Pu5/MdlkRyLM0qDHostYo7i+Vv1cDNhqTeR4Sy6Y=
+github.com/blevesearch/bleve_index_api v1.2.8/go.mod h1:rKQDl4u51uwafZxFrPD1R7xFOwKnzZW7s/LSeK4lgo0=
+github.com/blevesearch/geo v0.2.0 h1:f+IE3/C3mGeXDyhtMbWel6BgqBqaOUz43GtWg26GlB0=
+github.com/blevesearch/geo v0.2.0/go.mod h1:k8Hyfz12kM8QmeWLhgX7VMMCoVFmttBnr62V5zniXak=
+github.com/blevesearch/go-faiss v1.0.25 h1:lel1rkOUGbT1CJ0YgzKwC7k+XH0XVBHnCVWahdCXk4U=
+github.com/blevesearch/go-faiss v1.0.25/go.mod h1:OMGQwOaRRYxrmeNdMrXJPvVx8gBnvE5RYrr0BahNnkk=
 github.com/blevesearch/go-porterstemmer v1.0.3 h1:GtmsqID0aZdCSNiY8SkuPJ12pD4jI+DdXTAn4YRcHCo=
 github.com/blevesearch/go-porterstemmer v1.0.3/go.mod h1:angGc5Ht+k2xhJdZi511LtmxuEf0OVpvUUNrwmM1P7M=
 github.com/blevesearch/gtreap v0.1.1 h1:2JWigFrzDMR+42WGIN/V2p0cUvn4UP3C4Q5nmaZGW8Y=
@@ -146,8 +138,8 @@ github.com/blevesearch/mmap-go v1.0.2/go.mod h1:ol2qBqYaOUsGdm7aRMRrYGgPvnwLe6Y+
 github.com/blevesearch/mmap-go v1.0.4 h1:OVhDhT5B/M1HNPpYPBKIEJaD0F3Si+CrEKULGCDPWmc=
 github.com/blevesearch/mmap-go v1.0.4/go.mod h1:EWmEAOmdAS9z/pi/+Toxu99DnsbhG1TIxUoRmJw/pSs=
 github.com/blevesearch/scorch_segment_api/v2 v2.0.1/go.mod h1:lq7yK2jQy1yQjtjTfU931aVqz7pYxEudHaDwOt1tXfU=
-github.com/blevesearch/scorch_segment_api/v2 v2.2.15 h1:prV17iU/o+A8FiZi9MXmqbagd8I0bCqM7OKUYPbnb5Y=
-github.com/blevesearch/scorch_segment_api/v2 v2.2.15/go.mod h1:db0cmP03bPNadXrCDuVkKLV6ywFSiRgPFT1YVrestBc=
+github.com/blevesearch/scorch_segment_api/v2 v2.3.10 h1:Yqk0XD1mE0fDZAJXTjawJ8If/85JxnLd8v5vG/jWE/s=
+github.com/blevesearch/scorch_segment_api/v2 v2.3.10/go.mod h1:Z3e6ChN3qyN35yaQpl00MfI5s8AxUJbpTR/DL8QOQ+8=
 github.com/blevesearch/segment v0.9.0/go.mod h1:9PfHYUdQCgHktBgvtUOF4x+pc4/l8rdH0u5spnW85UQ=
 github.com/blevesearch/segment v0.9.1 h1:+dThDy+Lvgj5JMxhmOVlgFfkUtZV2kw49xax4+jTfSU=
 github.com/blevesearch/segment v0.9.1/go.mod h1:zN21iLm7+GnBHWTao9I+Au/7MBiL8pPFtJBJTsk6kQw=
@@ -158,40 +150,43 @@ github.com/blevesearch/upsidedown_store_api v1.0.2 h1:U53Q6YoWEARVLd1OYNc9kvhBMG
 github.com/blevesearch/upsidedown_store_api v1.0.2/go.mod h1:M01mh3Gpfy56Ps/UXHjEO/knbqyQ1Oamg8If49gRwrQ=
 github.com/blevesearch/vellum v1.0.3/go.mod h1:2u5ax02KeDuNWu4/C+hVQMD6uLN4txH1JbtpaDNLJRo=
 github.com/blevesearch/vellum v1.0.4/go.mod h1:cMhywHI0de50f7Nj42YgvyD6bFJ2WkNRvNBlNMrEVgY=
-github.com/blevesearch/vellum v1.0.10 h1:HGPJDT2bTva12hrHepVT3rOyIKFFF4t7Gf6yMxyMIPI=
-github.com/blevesearch/vellum v1.0.10/go.mod h1:ul1oT0FhSMDIExNjIxHqJoGpVrBpKCdgDQNxfqgJt7k=
+github.com/blevesearch/vellum v1.1.0 h1:CinkGyIsgVlYf8Y2LUQHvdelgXr6PYuvoDIajq6yR9w=
+github.com/blevesearch/vellum v1.1.0/go.mod h1:QgwWryE8ThtNPxtgWJof5ndPfx0/YMBh+W2weHKPw8Y=
 github.com/blevesearch/zapx/v11 v11.2.0/go.mod h1:gN/a0alGw1FZt/YGTo1G6Z6XpDkeOfujX5exY9sCQQM=
-github.com/blevesearch/zapx/v11 v11.3.10 h1:hvjgj9tZ9DeIqBCxKhi70TtSZYMdcFn7gDb71Xo/fvk=
-github.com/blevesearch/zapx/v11 v11.3.10/go.mod h1:0+gW+FaE48fNxoVtMY5ugtNHHof/PxCqh7CnhYdnMzQ=
+github.com/blevesearch/zapx/v11 v11.4.1 h1:qFCPlFbsEdwbbckJkysptSQOsHn4s6ZOHL5GMAIAVHA=
+github.com/blevesearch/zapx/v11 v11.4.1/go.mod h1:qNOGxIqdPC1MXauJCD9HBG487PxviTUUbmChFOAosGs=
 github.com/blevesearch/zapx/v12 v12.2.0/go.mod h1:fdjwvCwWWwJW/EYTYGtAp3gBA0geCYGLcVTtJEZnY6A=
-github.com/blevesearch/zapx/v12 v12.3.10 h1:yHfj3vXLSYmmsBleJFROXuO08mS3L1qDCdDK81jDl8s=
-github.com/blevesearch/zapx/v12 v12.3.10/go.mod h1:0yeZg6JhaGxITlsS5co73aqPtM04+ycnI6D1v0mhbCs=
+github.com/blevesearch/zapx/v12 v12.4.1 h1:K77bhypII60a4v8mwvav7r4IxWA8qxhNjgF9xGdb9eQ=
+github.com/blevesearch/zapx/v12 v12.4.1/go.mod h1:QRPrlPOzAxBNMI0MkgdD+xsTqx65zbuPr3Ko4Re49II=
 github.com/blevesearch/zapx/v13 v13.2.0/go.mod h1:o5rAy/lRS5JpAbITdrOHBS/TugWYbkcYZTz6VfEinAQ=
-github.com/blevesearch/zapx/v13 v13.3.10 h1:0KY9tuxg06rXxOZHg3DwPJBjniSlqEgVpxIqMGahDE8=
-github.com/blevesearch/zapx/v13 v13.3.10/go.mod h1:w2wjSDQ/WBVeEIvP0fvMJZAzDwqwIEzVPnCPrz93yAk=
+github.com/blevesearch/zapx/v13 v13.4.1 h1:EnkEMZFUK0lsW/jOJJF2xOcp+W8TjEsyeN5BeAZEYYE=
+github.com/blevesearch/zapx/v13 v13.4.1/go.mod h1:e6duBMlCvgbH9rkzNMnUa9hRI9F7ri2BRcHfphcmGn8=
 github.com/blevesearch/zapx/v14 v14.2.0/go.mod h1:GNgZusc1p4ot040cBQMRGEZobvwjCquiEKYh1xLFK9g=
-github.com/blevesearch/zapx/v14 v14.3.10 h1:SG6xlsL+W6YjhX5N3aEiL/2tcWh3DO75Bnz77pSwwKU=
-github.com/blevesearch/zapx/v14 v14.3.10/go.mod h1:qqyuR0u230jN1yMmE4FIAuCxmahRQEOehF78m6oTgns=
+github.com/blevesearch/zapx/v14 v14.4.1 h1:G47kGCshknBZzZAtjcnIAMn3oNx8XBLxp8DMq18ogyE=
+github.com/blevesearch/zapx/v14 v14.4.1/go.mod h1:O7sDxiaL2r2PnCXbhh1Bvm7b4sP+jp4unE9DDPWGoms=
 github.com/blevesearch/zapx/v15 v15.2.0/go.mod h1:MmQceLpWfME4n1WrBFIwplhWmaQbQqLQARpaKUEOs/A=
-github.com/blevesearch/zapx/v15 v15.3.13 h1:6EkfaZiPlAxqXz0neniq35my6S48QI94W/wyhnpDHHQ=
-github.com/blevesearch/zapx/v15 v15.3.13/go.mod h1:Turk/TNRKj9es7ZpKK95PS7f6D44Y7fAFy8F4LXQtGg=
-github.com/blevesearch/zapx/v16 v16.1.5 h1:b0sMcarqNFxuXvjoXsF8WtwVahnxyhEvBSRJi/AUHjU=
-github.com/blevesearch/zapx/v16 v16.1.5/go.mod h1:J4mSF39w1QELc11EWRSBFkPeZuO7r/NPKkHzDCoiaI8=
+github.com/blevesearch/zapx/v15 v15.4.1 h1:B5IoTMUCEzFdc9FSQbhVOxAY+BO17c05866fNruiI7g=
+github.com/blevesearch/zapx/v15 v15.4.1/go.mod h1:b/MreHjYeQoLjyY2+UaM0hGZZUajEbE0xhnr1A2/Q6Y=
+github.com/blevesearch/zapx/v16 v16.2.3 h1:7Y0r+a3diEvlazsncexq1qoFOcBd64xwMS7aDm4lo1s=
+github.com/blevesearch/zapx/v16 v16.2.3/go.mod h1:wVJ+GtURAaRG9KQAMNYyklq0egV+XJlGcXNCE0OFjjA=
 github.com/bmatcuk/doublestar/v4 v4.8.1 h1:54Bopc5c2cAvhLRAzqOGCYHYyhcDHsFF4wWIR5wKP38=
 github.com/bmatcuk/doublestar/v4 v4.8.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
+github.com/bmizerany/perks v0.0.0-20141205001514-d9a9656a3a4b/go.mod h1:ac9efd0D1fsDb3EJvhqgXRbFx7bs2wqZ10HQPeU8U/Q=
+github.com/bohde/codel v0.2.0 h1:fzF7ibgKmCfQbOzQCblmQcwzDRmV7WO7VMLm/hDvD3E=
+github.com/bohde/codel v0.2.0/go.mod h1:Idb1IRvTdwkRjIjguLIo+FXhIBhcpGl94o7xra6ggWk=
 github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/boombuler/barcode v1.0.2 h1:79yrbttoZrLGkL/oOI8hBrUKucwOL0oOjUgEguGMcJ4=
 github.com/boombuler/barcode v1.0.2/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
-github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874 h1:N7oVaKyGp8bttX0bfZGmcGkjz7DLQXhAn3DNd3T0ous=
-github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874/go.mod h1:r5xuitiExdLAJ09PR7vBVENGvp4ZuTBeWTGtxuX3K+c=
+github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf h1:TqhNAT4zKbTdLa62d2HDBFdvgSbIGB3eJE8HqhgiL9I=
+github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf/go.mod h1:r5xuitiExdLAJ09PR7vBVENGvp4ZuTBeWTGtxuX3K+c=
 github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
 github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
 github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
 github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
-github.com/buildkite/terminal-to-html/v3 v3.16.6 h1:QKHWPjAnKQnV1hVG/Nb2TwYDr4pliSbvCQDENk8EaJo=
-github.com/buildkite/terminal-to-html/v3 v3.16.6/go.mod h1:PgzeBymbRFC8I2m46Sci3S18AbwonEgpaz3TGhD7EPs=
-github.com/caddyserver/certmagic v0.21.7 h1:66KJioPFJwttL43KYSWk7ErSmE6LfaJgCQuhm8Sg6fg=
-github.com/caddyserver/certmagic v0.21.7/go.mod h1:LCPG3WLxcnjVKl/xpjzM0gqh0knrKKKiO5WVttX2eEI=
+github.com/buildkite/terminal-to-html/v3 v3.16.8 h1:QN/daUob6cmK8GcdKnwn9+YTlPr1vNj+oeAIiJK6fPc=
+github.com/buildkite/terminal-to-html/v3 v3.16.8/go.mod h1:+k1KVKROZocrTLsEQ9PEf9A+8+X8uaVV5iO1ZIOwKYM=
+github.com/caddyserver/certmagic v0.23.0 h1:CfpZ/50jMfG4+1J/u2LV6piJq4HOfO6ppOnOf7DkFEU=
+github.com/caddyserver/certmagic v0.23.0/go.mod h1:9mEZIWqqWoI+Gf+4Trh04MOVPD0tGSxtqsxg87hAIH4=
 github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+YTAyA=
 github.com/caddyserver/zerossl v0.1.3/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
 github.com/cention-sany/utf7 v0.0.0-20170124080048-26cad61bd60a h1:MISbI8sU/PSK/ztvmWKFcI7UGb5/HQT7B+i3a2myKgI=
@@ -206,22 +201,22 @@ github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moA
 github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ=
 github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk=
 github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
-github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=
-github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
+github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/couchbase/ghistogram v0.1.0/go.mod h1:s1Jhy76zqfEecpNWJfWUiKZookAFaiGOEoyzgHt9i7k=
 github.com/couchbase/go-couchbase v0.1.1 h1:ClFXELcKj/ojyoTYbsY34QUrrYCBi/1G749sXSCkdhk=
 github.com/couchbase/go-couchbase v0.1.1/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A=
-github.com/couchbase/gomemcached v0.3.2 h1:08rxiOoNcv0x5LTxgcYhnx1aPvV7iEtfeyUgqsJyPk0=
-github.com/couchbase/gomemcached v0.3.2/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo=
+github.com/couchbase/gomemcached v0.3.3 h1:D7qqXLO8wNa4pn5oE65lT3pA3IeStn4joT7/JgGXzKc=
+github.com/couchbase/gomemcached v0.3.3/go.mod h1:pISAjweI42vljCumsJIo7CVhqIMIIP9g3Wfhl1JJw68=
 github.com/couchbase/goutils v0.1.2 h1:gWr8B6XNWPIhfalHNog3qQKfGiYyh4K4VhO3P2o9BCs=
 github.com/couchbase/goutils v0.1.2/go.mod h1:h89Ek/tiOxxqjz30nPPlwZdQbdB8BwgnuBxeoUe/ViE=
 github.com/couchbase/moss v0.1.0/go.mod h1:9MaHIaRuy9pvLPUJxB8sh8OrLfyDczECVL37grCIubs=
 github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
-github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0=
-github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
+github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
+github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
 github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
@@ -251,11 +246,11 @@ github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdf
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
-github.com/editorconfig/editorconfig-core-go/v2 v2.6.2 h1:dKG8sc7n321deIVRcQtwlMNoBEra7j0qQ8RwxO8RN0w=
-github.com/editorconfig/editorconfig-core-go/v2 v2.6.2/go.mod h1:7dvD3GCm7eBw53xZ/lsiq72LqobdMg3ITbMBxnmJmqY=
+github.com/editorconfig/editorconfig-core-go/v2 v2.6.3 h1:XVUp6qW3BIkmM3/1EkrHpa6bL56APOynfXcZEmIgOhs=
+github.com/editorconfig/editorconfig-core-go/v2 v2.6.3/go.mod h1:ThHVc+hqbUsmE1wmK/MASpQEhCleWu1JDJDNhUOMy0c=
 github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
-github.com/elazarl/goproxy v1.4.0 h1:4GyuSbFa+s26+3rmYNSuUVsx+HgPrV1bk1jXI0l9wjM=
-github.com/elazarl/goproxy v1.4.0/go.mod h1:X/5W/t+gzDyLfHW4DrMdpjqYjpXsURlBt9lpBDxZZZQ=
+github.com/elazarl/goproxy v1.7.2 h1:Y2o6urb7Eule09PjlhQRGNsqRfPmYI3KKQLFpCAV3+o=
+github.com/elazarl/goproxy v1.7.2/go.mod h1:82vkLNir0ALaW14Rc399OTTjyNREgmdL2cVoIbS6XaE=
 github.com/emersion/go-imap v1.2.1 h1:+s9ZjMEjOB8NzZMVTM3cCenz2JrQIGGo5j1df19WjTA=
 github.com/emersion/go-imap v1.2.1/go.mod h1:Qlx1FSx2FTxjnjWpIlVNEuX+ylerZQNFE5NsmKFSejY=
 github.com/emersion/go-message v0.15.0/go.mod h1:wQUEfE+38+7EW8p8aZ96ptg6bAb1iwdgej19uXASlE4=
@@ -271,35 +266,31 @@ github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
 github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
 github.com/felixge/fgprof v0.9.5 h1:8+vR6yu2vvSKn08urWyEuxx75NWPEvybbkBirEpsbVY=
 github.com/felixge/fgprof v0.9.5/go.mod h1:yKl+ERSa++RYOs32d8K6WEXCB4uXdLls4ZaZPpayhMM=
-github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
-github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw=
 github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g=
-github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
-github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
-github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M=
-github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
-github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
-github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
+github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
+github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/fxamacker/cbor/v2 v2.8.0 h1:fFtUGXUzXPHTIUdne5+zzMPTfffl3RD5qYnkY40vtxU=
+github.com/fxamacker/cbor/v2 v2.8.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
 github.com/git-lfs/pktline v0.0.0-20230103162542-ca444d533ef1 h1:mtDjlmloH7ytdblogrMz1/8Hqua1y8B4ID+bh3rvod0=
 github.com/git-lfs/pktline v0.0.0-20230103162542-ca444d533ef1/go.mod h1:fenKRzpXDjNpsIBhuhUzvjCKlDjKam0boRAenTE0Q6A=
 github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c=
 github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU=
 github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE=
 github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24=
-github.com/go-ap/activitypub v0.0.0-20250212090640-aeb6499ba581 h1:73sFEdBsWBTBut0aDMPgt8HRuMO+ML0fd8AA/zjO8BQ=
-github.com/go-ap/activitypub v0.0.0-20250212090640-aeb6499ba581/go.mod h1:IO2PtAsxfGXN5IHrPuOslENFbq7MprYLNOyiiOELoRQ=
-github.com/go-ap/errors v0.0.0-20250124135319-3da8adefd4a9 h1:AJBGzuJVgfkKF3LoXCNQfH9yWmsVDV/oPDJE/zeXOjE=
-github.com/go-ap/errors v0.0.0-20250124135319-3da8adefd4a9/go.mod h1:Vkh+Z3f24K8nMsJKXo1FHn5ebPsXvB/WDH5JRtYqdNo=
+github.com/go-ap/activitypub v0.0.0-20250409143848-7113328b1f3d h1:IWrWGnmKzpHqginJ18ljKkty/X8glxM8Mg3pk6bkb8g=
+github.com/go-ap/activitypub v0.0.0-20250409143848-7113328b1f3d/go.mod h1:EUtZuXtHo4yKkTJmcbAZYW+X1G2poeT8icmBh24eq7o=
+github.com/go-ap/errors v0.0.0-20250409143711-5686c11ae650 h1:tlwla5IQUea0CuktkBd2FLDwVzts4OeTWPPkhQPSK5Q=
+github.com/go-ap/errors v0.0.0-20250409143711-5686c11ae650/go.mod h1:Vkh+Z3f24K8nMsJKXo1FHn5ebPsXvB/WDH5JRtYqdNo=
 github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73 h1:GMKIYXyXPGIp+hYiWOhfqK4A023HdgisDT4YGgf99mw=
 github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73/go.mod h1:jyveZeGw5LaADntW+UEsMjl3IlIwk+DxlYNsbofQkGA=
-github.com/go-asn1-ber/asn1-ber v1.5.7 h1:DTX+lbVTWaTw1hQ+PbZPlnDZPEIs0SS/GCZAl535dDk=
-github.com/go-asn1-ber/asn1-ber v1.5.7/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
+github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo=
+github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
 github.com/go-chi/chi/v5 v5.0.1/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
-github.com/go-chi/chi/v5 v5.2.1 h1:KOIHODQj58PmL80G2Eak4WdvUzjSJSm0vG72crDCqb8=
-github.com/go-chi/chi/v5 v5.2.1/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
+github.com/go-chi/chi/v5 v5.2.2 h1:CMwsvRVTbXVytCk1Wd72Zy1LAsAh9GxMmSNWLHCG618=
+github.com/go-chi/chi/v5 v5.2.2/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
 github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
 github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0=
@@ -316,34 +307,12 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN
 github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
-github.com/go-git/go-git/v5 v5.13.2 h1:7O7xvsK7K+rZPKW6AQR1YyNhfywkv7B8/FsP3ki6Zv0=
-github.com/go-git/go-git/v5 v5.13.2/go.mod h1:hWdW5P4YZRjmpGHwRH2v3zkWcNl6HeXaXQEMGb3NJ9A=
+github.com/go-git/go-git/v5 v5.16.0 h1:k3kuOEpkc0DeY7xlL6NaaNg39xdgQbtH5mwCafHO9AQ=
+github.com/go-git/go-git/v5 v5.16.0/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
 github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A=
 github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
-github.com/go-ldap/ldap/v3 v3.4.10 h1:ot/iwPOhfpNVgB1o+AVXljizWZ9JTp7YF5oeyONmcJU=
-github.com/go-ldap/ldap/v3 v3.4.10/go.mod h1:JXh4Uxgi40P6E9rdsYqpUtbW46D9UTjJ9QSwGRznplY=
-github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU=
-github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo=
-github.com/go-openapi/errors v0.22.0 h1:c4xY/OLxUBSTiepAg3j/MHuAv5mJhnf53LLMWFB+u/w=
-github.com/go-openapi/errors v0.22.0/go.mod h1:J3DmZScxCDufmIMsdOuDHxJbdOGC0xtUynjIx092vXE=
-github.com/go-openapi/inflect v0.21.0 h1:FoBjBTQEcbg2cJUWX6uwL9OyIW8eqc9k4KhN4lfbeYk=
-github.com/go-openapi/inflect v0.21.0/go.mod h1:INezMuUu7SJQc2AyR3WO0DqqYUJSj8Kb4hBd7WtjlAw=
-github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
-github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
-github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ=
-github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4=
-github.com/go-openapi/loads v0.22.0 h1:ECPGd4jX1U6NApCGG1We+uEozOAvXvJSF4nnwHZ8Aco=
-github.com/go-openapi/loads v0.22.0/go.mod h1:yLsaTCS92mnSAZX5WWoxszLj0u+Ojl+Zs5Stn1oF+rs=
-github.com/go-openapi/runtime v0.28.0 h1:gpPPmWSNGo214l6n8hzdXYhPuJcGtziTOgUpvsFWGIQ=
-github.com/go-openapi/runtime v0.28.0/go.mod h1:QN7OzcS+XuYmkQLw05akXk0jRH/eZ3kb18+1KwW9gyc=
-github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9ZY=
-github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk=
-github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c=
-github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4=
-github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
-github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
-github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58=
-github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ=
+github.com/go-ldap/ldap/v3 v3.4.11 h1:4k0Yxweg+a3OyBLjdYn5OKglv18JNvfDykSoI8bW0gU=
+github.com/go-ldap/ldap/v3 v3.4.11/go.mod h1:bY7t0FLK8OAVpp/vV6sSlpz3EQDGcQwc8pF0ujLgKvM=
 github.com/go-redis/redis v6.15.9+incompatible h1:K0pv1D7EQUjfyoMql+r/jZqCLizCGKFlFgcHWWmHQjg=
 github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
 github.com/go-redis/redis/v7 v7.4.1 h1:PASvf36gyUpr2zdOUS/9Zqc80GbM+9BDyiJSJDDOrTI=
@@ -352,17 +321,15 @@ github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC
 github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
 github.com/go-redsync/redsync/v4 v4.13.0 h1:49X6GJfnbLGaIpBBREM/zA4uIMDXKAh1NDkvQ1EkZKA=
 github.com/go-redsync/redsync/v4 v4.13.0/go.mod h1:HMW4Q224GZQz6x1Xc7040Yfgacukdzu7ifTDAKiyErQ=
-github.com/go-sql-driver/mysql v1.9.0 h1:Y0zIbQXhQKmQgTp44Y1dp3wTXcn804QoTptLZT1vtvo=
-github.com/go-sql-driver/mysql v1.9.0/go.mod h1:pDetrLJeA3oMujJuvXc8RJoasr589B6A9fwzD3QMrqw=
-github.com/go-swagger/go-swagger v0.31.0 h1:H8eOYQnY2u7vNKWDNykv2xJP3pBhRG/R+SOCAmKrLlc=
-github.com/go-swagger/go-swagger v0.31.0/go.mod h1:WSigRRWEig8zV6t6Sm8Y+EmUjlzA/HoaZJ5edupq7po=
+github.com/go-sql-driver/mysql v1.9.2 h1:4cNKDYQ1I84SXslGddlsrMhc8k4LeDVj6Ad6WRjiHuU=
+github.com/go-sql-driver/mysql v1.9.2/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
 github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
-github.com/go-webauthn/webauthn v0.11.2 h1:Fgx0/wlmkClTKlnOsdOQ+K5HcHDsDcYIvtYmfhEOSUc=
-github.com/go-webauthn/webauthn v0.11.2/go.mod h1:aOtudaF94pM71g3jRwTYYwQTG1KyTILTcZqN1srkmD0=
-github.com/go-webauthn/x v0.1.16 h1:EaVXZntpyHviN9ykjdRBQIw9B0Ed3LO5FW7mDiMQEa8=
-github.com/go-webauthn/x v0.1.16/go.mod h1:jhYjfwe/AVYaUs2mUXArj7vvZj+SpooQPyyQGNab+Us=
+github.com/go-webauthn/webauthn v0.12.3 h1:hHQl1xkUuabUU9uS+ISNCMLs9z50p9mDUZI/FmkayNE=
+github.com/go-webauthn/webauthn v0.12.3/go.mod h1:4JRe8Z3W7HIw8NGEWn2fnUwecoDzkkeach/NnvhkqGY=
+github.com/go-webauthn/x v0.1.20 h1:brEBDqfiPtNNCdS/peu8gARtq8fIPsHz0VzpPjGvgiw=
+github.com/go-webauthn/x v0.1.20/go.mod h1:n/gAc8ssZJGATM0qThE+W+vfgXiMedsWi3wf/C4lld0=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
 github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
 github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
@@ -383,8 +350,6 @@ github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0kt
 github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
 github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI=
-github.com/golang/geo v0.0.0-20230421003525-6adc56603217 h1:HKlyj6in2JV6wVkmQ4XmG/EIm+SCYlPZ+V4GWit7Z+I=
-github.com/golang/geo v0.0.0-20230421003525-6adc56603217/go.mod h1:8wI0hitZ3a1IxZfeH3/5I97CI8i5cLGsYe7xNhQGs9U=
 github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
 github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -400,21 +365,25 @@ github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.2/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
-github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/snappy v1.0.0 h1:Oy607GVXHs7RtbggtPBnr2RmDArIsAefDwvrdWvRhGs=
+github.com/golang/snappy v1.0.0/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/gomodule/redigo v1.8.9 h1:Sl3u+2BI/kk+VEatbj0scLdrFhjPmbxOc1myhDP41ws=
 github.com/gomodule/redigo v1.8.9/go.mod h1:7ArFNvsTjH8GMMzB4uy1snslv2BwmginuMs06a1uzZE=
 github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
 github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
+github.com/google/flatbuffers v24.3.25+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/google/flatbuffers v25.2.10+incompatible h1:F3vclr7C3HpB1k9mxCGRMXq6FdUalZ6H/pNX4FP1v0Q=
+github.com/google/flatbuffers v25.2.10+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-github/v61 v61.0.0 h1:VwQCBwhyE9JclCI+22/7mLB1PuU9eowCXKY5pNlu1go=
-github.com/google/go-github/v61 v61.0.0/go.mod h1:0WR+KmsWX75G2EbpyGsGmradjo3IiciuI4BmdVCobQY=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/go-github/v71 v71.0.0 h1:Zi16OymGKZZMm8ZliffVVJ/Q9YZreDKONCr+WUd0Z30=
+github.com/google/go-github/v71 v71.0.0/go.mod h1:URZXObp2BLlMjwu0O8g4y6VBneUj2bCHgnI8FfgZ51M=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/go-tpm v0.9.3 h1:+yx0/anQuGzi+ssRqeD6WpXjW2L/V0dItUayO0i9sRc=
@@ -425,8 +394,8 @@ github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/
 github.com/google/licenseclassifier/v2 v2.0.0 h1:1Y57HHILNf4m0ABuMVb6xk4vAJYEUO0gDxNpog0pyeA=
 github.com/google/licenseclassifier/v2 v2.0.0/go.mod h1:cOjbdH0kyC9R22sdQbYsFkto4NGCAc+ZSwbeThazEtM=
 github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
-github.com/google/pprof v0.0.0-20250208200701-d0013a598941 h1:43XjGa6toxLpeksjcxs1jIoIyr+vUfOqY2c6HB4bpoc=
-github.com/google/pprof v0.0.0-20250208200701-d0013a598941/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/pprof v0.0.0-20250422154841-e1f9c1950416 h1:1/qwHx8P72glDXdyCKesJ+/c40x71SY4q2avOxJ2iYQ=
+github.com/google/pprof v0.0.0-20250422154841-e1f9c1950416/go.mod h1:5hDyRhoBCxViHszMt12TnOpEI4VVi+U8Gm9iphldiMA=
 github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -439,8 +408,6 @@ github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8=
 github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0=
 github.com/gorilla/feeds v1.2.0 h1:O6pBiXJ5JHhPvqy53NsjKOThq+dNFm8+DFrxBEdzSCc=
 github.com/gorilla/feeds v1.2.0/go.mod h1:WMib8uJP3BbY+X8Szd1rA5Pzhdfh+HCCAYT2z7Fza6Y=
-github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
-github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w=
 github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
 github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1 h1:LqbZZ9sNMWVjeXS4NN5oVvhMjDyLhmA1LG86oSo+IqY=
@@ -449,7 +416,6 @@ github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
 github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
-github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
 github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
 github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
@@ -463,12 +429,10 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l
 github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
 github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
 github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
-github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
 github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8=
 github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
 github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
 github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
-github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
 github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
@@ -493,8 +457,6 @@ github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh6
 github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs=
 github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY=
 github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
-github.com/jessevdk/go-flags v1.6.1 h1:Cvu5U8UGrLay1rZfv/zP7iLpSHGUZ/Ou68T0iX1bBK4=
-github.com/jessevdk/go-flags v1.6.1/go.mod h1:Mk8T1hIAWpOiJiHa9rJASDK2UGWji0EuPGBnNLMooyc=
 github.com/jhillyerd/enmime v1.3.0 h1:LV5kzfLidiOr8qRGIpYYmUZCnhrPbcFAnAFUnWn99rw=
 github.com/jhillyerd/enmime v1.3.0/go.mod h1:6c6jg5HdRRV2FtvVL69LjiX1M8oE0xDX9VEhV3oy4gs=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
@@ -514,8 +476,8 @@ github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zt
 github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
-github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY=
-github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8=
+github.com/klauspost/cpuid/v2 v2.2.10 h1:tBs3QSyvjDyFTq3uoc/9xFpCuOsJQFNPiAhYdw2skhE=
+github.com/klauspost/cpuid/v2 v2.2.10/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
 github.com/klauspost/pgzip v1.2.6 h1:8RXeL5crjEUFnR2/Sn6GJNWtSQ3Dk8pq4CL3jvdDyjU=
 github.com/klauspost/pgzip v1.2.6/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
@@ -534,20 +496,16 @@ github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+
 github.com/ledongthuc/pdf v0.0.0-20220302134840-0c2507a12d80/go.mod h1:imJHygn/1yfhB7XSJJKlFZKl/J+dCPAknuiaGOshXAs=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
-github.com/libdns/libdns v0.2.3 h1:ba30K4ObwMGB/QTmqUxf3H4/GmUrCAIkMWejeGl12v8=
-github.com/libdns/libdns v0.2.3/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
-github.com/lunny/vfsgen v0.0.0-20220105142115-2c99e1ffdfa0 h1:F/3FfGmKdiKFa8kL3YrpZ7pe9H4l4AzA1pbaOUnRvPI=
-github.com/lunny/vfsgen v0.0.0-20220105142115-2c99e1ffdfa0/go.mod h1:JEfTc3+2DF9Z4PXhLLvXL42zexJyh8rIq3OzUj/0rAk=
+github.com/libdns/libdns v1.0.0-beta.1 h1:KIf4wLfsrEpXpZ3vmc/poM8zCATXT2klbdPe6hyOBjQ=
+github.com/libdns/libdns v1.0.0-beta.1/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM=
-github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4=
 github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU=
 github.com/markbates/going v1.0.3 h1:mY45T5TvW+Xz5A6jY7lf4+NLg9D8+iuStIHyR7M8qsE=
 github.com/markbates/going v1.0.3/go.mod h1:fQiT6v6yQar9UD6bd/D4Z5Afbk9J6BBVBtLiyY4gp2o=
-github.com/markbates/goth v1.80.0 h1:NnvatczZDzOs1hn9Ug+dVYf2Viwwkp/ZDX5K+GLjan8=
-github.com/markbates/goth v1.80.0/go.mod h1:4/GYHo+W6NWisrMPZnq0Yr2Q70UntNLn7KXEFhrIdAY=
+github.com/markbates/goth v1.81.0 h1:XVcCkeGWokynPV7MXvgb8pd2s3r7DS40P7931w6kdnE=
+github.com/markbates/goth v1.81.0/go.mod h1:+6z31QyUms84EHmuBY7iuqYSxyoN3njIgg9iCF/lR1k=
 github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
 github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
@@ -557,32 +515,28 @@ github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6T
 github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebGE2xrk=
 github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y=
-github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
-github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
-github.com/meilisearch/meilisearch-go v0.29.1-0.20241106140435-0bf60fad690a h1:F0y+3QtCG00mr4KueQWuHv1tlIQeNXhH+XAKYLhb3X4=
-github.com/meilisearch/meilisearch-go v0.29.1-0.20241106140435-0bf60fad690a/go.mod h1:NYOgjEGt/+oExD+NixreBMqxtIB0kCndXOOgpGhoqEs=
-github.com/mholt/acmez/v3 v3.0.1 h1:4PcjKjaySlgXK857aTfDuRbmnM5gb3Ruz3tvoSJAUp8=
-github.com/mholt/acmez/v3 v3.0.1/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
+github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
+github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/meilisearch/meilisearch-go v0.31.0 h1:yZRhY1qJqdH8h6GFZALGtkDLyj8f9v5aJpsNMyrUmnY=
+github.com/meilisearch/meilisearch-go v0.31.0/go.mod h1:aNtyuwurDg/ggxQIcKqWH6G9g2ptc8GyY7PLY4zMn/g=
+github.com/mholt/acmez/v3 v3.1.2 h1:auob8J/0FhmdClQicvJvuDavgd5ezwLBfKuYmynhYzc=
+github.com/mholt/acmez/v3 v3.1.2/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
 github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
 github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
 github.com/microsoft/go-mssqldb v1.8.0 h1:7cyZ/AT7ycDsEoWPIXibd+aVKFtteUNhDGf3aobP+tw=
 github.com/microsoft/go-mssqldb v1.8.0/go.mod h1:6znkekS3T2vp0waiMhen4GPU1BiAsrP+iXHcE7a7rFo=
-github.com/miekg/dns v1.1.63 h1:8M5aAw6OMZfFXTT7K5V0Eu5YiiL8l7nUAkyN6C9YwaY=
-github.com/miekg/dns v1.1.63/go.mod h1:6NGHfjhpmr5lt3XPLuyfDJi5AXbNIPM9PY6H6sF1Nfs=
+github.com/miekg/dns v1.1.65 h1:0+tIPHzUW0GCge7IiK3guGP57VAw7hoPDfApjkMD1Fc=
+github.com/miekg/dns v1.1.65/go.mod h1:Dzw9769uoKVaLuODMDZz9M6ynFU6Em65csPuoi8G0ck=
 github.com/minio/crc64nvme v1.0.1 h1:DHQPrYPdqK7jQG/Ls5CTBZWeex/2FMS3G5XGkycuFrY=
 github.com/minio/crc64nvme v1.0.1/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg=
 github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
 github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
-github.com/minio/minio-go/v7 v7.0.87 h1:nkr9x0u53PespfxfUqxP3UYWiE2a41gaofgNnC4Y8WQ=
-github.com/minio/minio-go/v7 v7.0.87/go.mod h1:33+O8h0tO7pCeCWwBVa07RhVVfB/3vS4kEX7rwYKmIg=
-github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
-github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
+github.com/minio/minio-go/v7 v7.0.91 h1:tWLZnEfo3OZl5PoXQwcwTAPNNrjyWwOh6cbZitW5JQc=
+github.com/minio/minio-go/v7 v7.0.91/go.mod h1:uvMUcGrpgeSAAI6+sD3818508nUyMULw94j2Nxku/Go=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
-github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -597,16 +551,14 @@ github.com/msteinert/pam v1.2.0 h1:mYfjlvN2KYs2Pb9G6nb/1f/nPfAttT/Jee5Sq9r3bGE=
 github.com/msteinert/pam v1.2.0/go.mod h1:d2n0DCUK8rGecChV3JzvmsDjOY4R7AYbsNxAT+ftQl0=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/niklasfasching/go-org v1.7.0 h1:vyMdcMWWTe/XmANk19F4k8XGBYg0GQ/gJGMimOjGMek=
-github.com/niklasfasching/go-org v1.7.0/go.mod h1:WuVm4d45oePiE0eX25GqTDQIt/qPW1T9DGkRscqLW5o=
+github.com/niklasfasching/go-org v1.8.0 h1:WyGLaajLLp8JbQzkmapZ1y0MOzKuKV47HkZRloi+HGY=
+github.com/niklasfasching/go-org v1.8.0/go.mod h1:e2A9zJs7cdONrEGs3gvxCcaAEpwwPNPG7csDpXckMNg=
 github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
 github.com/nwaples/rardecode v1.1.3 h1:cWCaZwfM5H7nAD6PyEdcVnczzV8i/JtotnyW/dD9lEc=
 github.com/nwaples/rardecode v1.1.3/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
-github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4=
-github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
 github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
 github.com/olivere/elastic/v7 v7.0.32 h1:R7CXvbu8Eq+WlsLgxmKVKPox0oOwAE/2T9Si5BnvK6E=
@@ -623,12 +575,10 @@ github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
 github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
-github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
-github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
+github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
+github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
 github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
-github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
-github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
 github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
 github.com/pierrec/lz4/v4 v4.1.2/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
 github.com/pierrec/lz4/v4 v4.1.22 h1:cKFw6uJDK+/gfw5BcDL0JL5aBsAFdsIT18eRtLj7VIU=
@@ -645,14 +595,14 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pquerna/otp v1.4.0 h1:wZvl1TIVxKRThZIBiwOOHOGP/1+nZyWBil9Y2XNEDzg=
 github.com/pquerna/otp v1.4.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
-github.com/prometheus/client_golang v1.21.0 h1:DIsaGmiaBkSangBgMtWdNfxbMNdku5IK6iNhrEqWvdA=
-github.com/prometheus/client_golang v1.21.0/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg=
-github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
-github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
-github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io=
-github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I=
-github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
-github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q=
+github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0=
+github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
+github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
+github.com/prometheus/common v0.63.0 h1:YR/EIY1o3mEFP/kZCD7iDMnLPlGyuU2Gb3HIcXnA98k=
+github.com/prometheus/common v0.63.0/go.mod h1:VVFF/fBIoToEnWRVkYoXEkq3R3paCoxG9PXP74SnV18=
+github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg=
+github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is=
 github.com/quasoft/websspi v1.1.2 h1:/mA4w0LxWlE3novvsoEL6BBA1WnjJATbjkh1kFrTidw=
 github.com/quasoft/websspi v1.1.2/go.mod h1:HmVdl939dQ0WIXZhyik+ARdI03M6bQzaSEKcgpFmewk=
 github.com/rcrowley/go-metrics v0.0.0-20190826022208-cac0b30c2563/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
@@ -672,18 +622,13 @@ github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
-github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
-github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a h1:w3tdWGKbLGBPtR/8/oO74W6hmz0qE5q0z9aqSAewaaM=
-github.com/rogpeppe/go-internal v1.13.2-0.20241226121412-a5dc8ff20d0a/go.mod h1:S8kfXMp+yh77OxPD4fdM6YUknrZpQxLhvxzS4gDHENY=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU=
 github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sagikazarmark/locafero v0.7.0 h1:5MqpDsTGNDhY8sGp0Aowyf0qKsPrhewaLSsFaodPcyo=
-github.com/sagikazarmark/locafero v0.7.0/go.mod h1:2za3Cg5rMaTMoG/2Ulr9AwtFaIppKXTRYnozin4aB5k=
-github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
-github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
 github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 h1:lZUw3E0/J3roVtGQ+SCrUrg3ON6NgVqpn3+iol9aGu4=
 github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY=
 github.com/sassoftware/go-rpmutils v0.4.0 h1:ojND82NYBxgwrV+mX1CWsd5QJvvEZTKddtCdFLPWhpg=
@@ -692,10 +637,6 @@ github.com/serenize/snaker v0.0.0-20171204205717-a683aaf2d516/go.mod h1:Yow6lPLS
 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
-github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
-github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
-github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c h1:aqg5Vm5dwtvL+YgDpBcK1ITf3o96N/K7/wsRXQnUTEs=
-github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c/go.mod h1:owqhoLW1qZoYLZzLnBw+QkPP9WZnjlSWihhxAJC1+/M=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
@@ -707,22 +648,12 @@ github.com/smartystreets/assertions v1.1.1/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYl
 github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s=
 github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337 h1:WN9BUFbdyOsSH/XohnWpXOlq9NBD5sGAB2FciQMUEe8=
 github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
-github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
-github.com/spf13/afero v1.12.0 h1:UcOPyRBYczmFn6yvphxkn9ZEOY65cpwGKb5mL36mrqs=
-github.com/spf13/afero v1.12.0/go.mod h1:ZTlWwG4/ahT8W7T0WQ5uYmjI9duaLQGy3Q2OAl4sk/4=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
-github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y=
-github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
-github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
-github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI=
-github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg=
 github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf h1:pvbZ0lM0XWPBqUKqFU8cmavspvIl9nulOYwdy6IFRRo=
 github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf/go.mod h1:RJID2RhlZKId02nZ62WenDCkgHFerpIOmW0iT7GKmXM=
 github.com/stephens2424/writerset v1.0.2/go.mod h1:aS2JhsMn6eA7e82oNmW4rfsgAOp9COBTTl8mzkwADnc=
@@ -730,6 +661,7 @@ github.com/steveyen/gtreap v0.1.0/go.mod h1:kl/5J7XbrOmlIbYIXdRHDDE5QxHqpk0cmkT7
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -739,17 +671,14 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/stvp/tempredis v0.0.0-20181119212430-b82af8480203 h1:QVqDTf3h2WHt08YuiTGPZLls0Wq99X9bWd0Q5ZSBesM=
 github.com/stvp/tempredis v0.0.0-20181119212430-b82af8480203/go.mod h1:oqN97ltKNihBbwlX8dLpwxCl3+HnXKV/R0e+sRLd9C8=
-github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
-github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
 github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
 github.com/tinylib/msgp v1.1.0/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
-github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ=
-github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM=
 github.com/tstranex/u2f v1.0.0 h1:HhJkSzDDlVSVIVt7pDJwCHQj67k7A5EeBgPmeD+pVsQ=
 github.com/tstranex/u2f v1.0.0/go.mod h1:eahSLaqAS0zsIEv80+vXT7WanXs7MQQDg3j3wGBSayo=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
@@ -759,8 +688,10 @@ github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
 github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/unknwon/com v1.0.1 h1:3d1LTxD+Lnf3soQiD4Cp/0BRB+Rsa/+RTvz8GMMzIXs=
 github.com/unknwon/com v1.0.1/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM=
-github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
-github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
+github.com/urfave/cli-docs/v3 v3.0.0-alpha6 h1:w/l/N0xw1rO/aHRIGXJ0lDwwYFOzilup1qGvIytP3BI=
+github.com/urfave/cli-docs/v3 v3.0.0-alpha6/go.mod h1:p7Z4lg8FSTrPB9GTaNyTrK3ygffHZcK3w0cU2VE+mzU=
+github.com/urfave/cli/v3 v3.3.3 h1:byCBaVdIXuLPIDm5CYZRVG6NvT7tv1ECqdU4YzlEa3I=
+github.com/urfave/cli/v3 v3.3.3/go.mod h1:FJSKtM/9AiiTOJL4fJ6TbMUkxBXn7GO9guZqoZtpYpo=
 github.com/valyala/fastjson v1.6.4 h1:uAUNq9Z6ymTgGhcm0UynUAB6tlbakBrz6CQFax3BXVQ=
 github.com/valyala/fastjson v1.6.4/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY=
 github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
@@ -780,8 +711,6 @@ github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQ
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
-github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
-github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
 github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
 github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
 github.com/yohcop/openid-go v1.0.1 h1:DPRd3iPO5F6O5zX2e62XpVAbPT6wV51cuucH0z9g3js=
@@ -790,8 +719,8 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yuin/goldmark v1.4.15/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-github.com/yuin/goldmark v1.7.8 h1:iERMLn0/QJeHFhxSt3p6PeN9mGnvIKSpG9YYorDMnic=
-github.com/yuin/goldmark v1.7.8/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E=
+github.com/yuin/goldmark v1.7.10 h1:S+LrtBjRmqMac2UdtB6yyCEJm+UILZ2fefI4p7o0QpI=
+github.com/yuin/goldmark v1.7.10/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
 github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc h1:+IAOyRda+RLrxa1WC7umKOZRsGq4QrFFMYApOeHzQwQ=
 github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc/go.mod h1:ovIvrum6DQJA4QsJSovrkC4saKHQVs7TvcaeO8AIl5I=
 github.com/yuin/goldmark-meta v1.1.0 h1:pWw+JLHGZe8Rk0EGsMVssiNb/AaPMHfSRszZeUeiOUc=
@@ -802,13 +731,11 @@ github.com/zeebo/blake3 v0.2.4 h1:KYQPkhpRtcqh0ssGYcKLG1JYvddkEA8QwCM/yBqhaZI=
 github.com/zeebo/blake3 v0.2.4/go.mod h1:7eeQ6d2iXWRGF6npfaxl2CU+xy2Fjo2gxeyZGCRUjcE=
 github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo=
 github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4=
-gitlab.com/gitlab-org/api/client-go v0.123.0 h1:W3LZ5QNyiSCJA0Zchkwz8nQIUzOuDoSWMZtRDT5DjPI=
-gitlab.com/gitlab-org/api/client-go v0.123.0/go.mod h1:Jh0qjLILEdbO6z/OY94RD+3NDQRUKiuFSFYozN6cpKM=
+gitlab.com/gitlab-org/api/client-go v0.127.0 h1:8xnxcNKGF2gDazEoMs+hOZfOspSSw8D0vAoWhQk9U+U=
+gitlab.com/gitlab-org/api/client-go v0.127.0/go.mod h1:bYC6fPORKSmtuPRyD9Z2rtbAjE7UeNatu2VWHRf4/LE=
 go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.4.0 h1:TU77id3TnN/zKr7CO/uk+fBCwF2jGcMuw2B/FMAzYIk=
 go.etcd.io/bbolt v1.4.0/go.mod h1:AsD+OCi/qPN1giOX1aiLAha3o1U8rAz65bvN4j0sRuk=
-go.mongodb.org/mongo-driver v1.17.2 h1:gvZyk8352qSfzyZ2UMWcpDpMSGEr1eqE4T793SqyhzM=
-go.mongodb.org/mongo-driver v1.17.2/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
@@ -827,18 +754,18 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
-golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
-golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
-golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa h1:t2QcU6V556bFjYgu4L6C+6VrCPyJZ+eyRsABUPs1mz4=
-golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa/go.mod h1:BHOTPb3L19zxehTsLoJXVaTktb06DFgmdW6Wb9s8jqk=
-golang.org/x/image v0.24.0 h1:AN7zRgVsbvmTfNyqIbbOraYL8mSwcKncEj8ofjgzcMQ=
-golang.org/x/image v0.24.0/go.mod h1:4b/ITuLfqYq1hqZcjofwctIhi7sZh2WaCjvsBNjjya8=
+golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
+golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
+golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw=
+golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM=
+golang.org/x/image v0.26.0 h1:4XjIFEZWQmCZi6Wv8BoxsDhRU3RVnLX04dToTDAEPlY=
+golang.org/x/image v0.26.0/go.mod h1:lcxbMFAovzpnJxzXS3nyL83K27tmqtKzIJpctK8YO5c=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@@ -848,12 +775,11 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM=
-golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
+golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
@@ -868,23 +794,25 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
-golang.org/x/net v0.36.0 h1:vWF2fRbw4qslQsQzgFqZff+BItCvGFQqKzKIzx1rmoA=
-golang.org/x/net v0.36.0/go.mod h1:bFmbeoIPfrw4sMHNhb4J9f6+tPziuGjq7Jk/38fxi1I=
-golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M=
-golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
+golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
+golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
+golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98=
+golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
 golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181221143128-b4a75ba826a6/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -915,8 +843,10 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -926,8 +856,10 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
-golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
+golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
 golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
+golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
+golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -938,10 +870,11 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
 golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
-golang.org/x/time v0.10.0 h1:3usCWA8tQn0L8+hFJQNgzpWbd89begxN66o1Ojdn5L4=
-golang.org/x/time v0.10.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
+golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
+golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
+golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
@@ -952,24 +885,24 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.30.0 h1:BgcpHewrV5AUp2G9MebG4XPFI1E2W41zU1SaqVA9vJY=
-golang.org/x/tools v0.30.0/go.mod h1:c347cR/OJfw5TI+GfX7RUPNMdDRRbjvYTS0jPyvsVtY=
+golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
+golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 h1:DMTIbak9GhdaSxEjvVzAeNZvyc03I61duqNbnm3SU0M=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2/go.mod h1:LuRYeWDFV6WOn90g357N17oMCaxpgCnbi/44qJvDn2I=
-google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
-google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250422160041-2d3770c4ea7f h1:N/PrbTw4kdkqNRzVfWPrBekzLuarFREcbFOiOLkXon4=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250422160041-2d3770c4ea7f/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
+google.golang.org/grpc v1.72.0 h1:S7UkcVa60b5AAQTaO6ZKamFp1zMZSU0fGDK2WZLbBnM=
+google.golang.org/grpc v1.72.0/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
-google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -991,6 +924,7 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
@@ -1015,9 +949,11 @@ modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
 modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
 mvdan.cc/xurls/v2 v2.6.0 h1:3NTZpeTxYVWNSokW3MKeyVkz/j7uYXYiMtXRUfmjbgI=
 mvdan.cc/xurls/v2 v2.6.0/go.mod h1:bCvEZ1XvdA6wDnxY7jPPjEmigDtvtvPXAD/Exa9IMSk=
+pgregory.net/rapid v0.4.2 h1:lsi9jhvZTYvzVpeG93WWgimPRmiJQfGFRNTEZh1dtY0=
+pgregory.net/rapid v0.4.2/go.mod h1:UYpPVyjFHzYBGHIxLFoupi8vwk6rXNzRY9OMvVxFIOU=
 strk.kbt.io/projects/go/libravatar v0.0.0-20191008002943-06d1c002b251 h1:mUcz5b3FJbP5Cvdq7Khzn6J9OCUQJaBwgBkCR+MOwSs=
 strk.kbt.io/projects/go/libravatar v0.0.0-20191008002943-06d1c002b251/go.mod h1:FJGmPh3vz9jSos1L/F91iAgnC/aejc0wIIrF2ZwJxdY=
 xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
 xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
-xorm.io/xorm v1.3.9 h1:TUovzS0ko+IQ1XnNLfs5dqK1cJl1H5uHpWbWqAQ04nU=
-xorm.io/xorm v1.3.9/go.mod h1:LsCCffeeYp63ssk0pKumP6l96WZcHix7ChpurcLNuMw=
+xorm.io/xorm v1.3.10 h1:yR83hTT4mKIPyA/lvWFTzS35xjLwkiYnwdw0Qupeh0o=
+xorm.io/xorm v1.3.10/go.mod h1:Lo7hmsFF0F0GbDE7ubX5ZKa+eCf0eCuiJAUG3oI5cxQ=
diff --git a/main.go b/main.go
index 756c3e0f9b..2c25bac4e3 100644
--- a/main.go
+++ b/main.go
@@ -21,7 +21,7 @@ import (
 	_ "code.gitea.io/gitea/modules/markup/markdown"
 	_ "code.gitea.io/gitea/modules/markup/orgmode"
 
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 // these flags will be set by the build flags
diff --git a/models/actions/artifact.go b/models/actions/artifact.go
index 524224f070..757bd13acd 100644
--- a/models/actions/artifact.go
+++ b/models/actions/artifact.go
@@ -30,6 +30,25 @@ const (
 	ArtifactStatusDeleted                                   // 6, ArtifactStatusDeleted is the status of an artifact that is deleted
 )
 
+func (status ArtifactStatus) ToString() string {
+	switch status {
+	case ArtifactStatusUploadPending:
+		return "upload is not yet completed"
+	case ArtifactStatusUploadConfirmed:
+		return "upload is completed"
+	case ArtifactStatusUploadError:
+		return "upload failed"
+	case ArtifactStatusExpired:
+		return "expired"
+	case ArtifactStatusPendingDeletion:
+		return "pending deletion"
+	case ArtifactStatusDeleted:
+		return "deleted"
+	default:
+		return "unknown"
+	}
+}
+
 func init() {
 	db.RegisterModel(new(ActionArtifact))
 }
diff --git a/models/actions/run.go b/models/actions/run.go
index 89f7f3e640..f5ccba06c2 100644
--- a/models/actions/run.go
+++ b/models/actions/run.go
@@ -5,6 +5,7 @@ package actions
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"slices"
 	"strings"
@@ -15,6 +16,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/util"
@@ -164,12 +166,24 @@ func (run *ActionRun) GetPullRequestEventPayload() (*api.PullRequestPayload, err
 	return nil, fmt.Errorf("event %s is not a pull request event", run.Event)
 }
 
+func (run *ActionRun) GetWorkflowRunEventPayload() (*api.WorkflowRunPayload, error) {
+	if run.Event == webhook_module.HookEventWorkflowRun {
+		var payload api.WorkflowRunPayload
+		if err := json.Unmarshal([]byte(run.EventPayload), &payload); err != nil {
+			return nil, err
+		}
+		return &payload, nil
+	}
+	return nil, fmt.Errorf("event %s is not a workflow run event", run.Event)
+}
+
 func (run *ActionRun) IsSchedule() bool {
 	return run.ScheduleID > 0
 }
 
 func updateRepoRunsNumbers(ctx context.Context, repo *repo_model.Repository) error {
 	_, err := db.GetEngine(ctx).ID(repo.ID).
+		NoAutoTime().
 		SetExpr("num_action_runs",
 			builder.Select("count(*)").From("action_run").
 				Where(builder.Eq{"repo_id": repo.ID}),
@@ -245,7 +259,7 @@ func CancelPreviousJobs(ctx context.Context, repoID int64, ref, workflowID strin
 
 				// If the update affected 0 rows, it means the job has changed in the meantime, so we need to try again.
 				if n == 0 {
-					return cancelledJobs, fmt.Errorf("job has changed, try again")
+					return cancelledJobs, errors.New("job has changed, try again")
 				}
 
 				cancelledJobs = append(cancelledJobs, job)
@@ -268,86 +282,81 @@ func CancelPreviousJobs(ctx context.Context, repoID int64, ref, workflowID strin
 // InsertRun inserts a run
 // The title will be cut off at 255 characters if it's longer than 255 characters.
 func InsertRun(ctx context.Context, run *ActionRun, jobs []*jobparser.SingleWorkflow) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	index, err := db.GetNextResourceIndex(ctx, "action_run_index", run.RepoID)
-	if err != nil {
-		return err
-	}
-	run.Index = index
-	run.Title = util.EllipsisDisplayString(run.Title, 255)
-
-	if err := db.Insert(ctx, run); err != nil {
-		return err
-	}
-
-	if run.Repo == nil {
-		repo, err := repo_model.GetRepositoryByID(ctx, run.RepoID)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		index, err := db.GetNextResourceIndex(ctx, "action_run_index", run.RepoID)
 		if err != nil {
 			return err
 		}
-		run.Repo = repo
-	}
+		run.Index = index
+		run.Title = util.EllipsisDisplayString(run.Title, 255)
 
-	if err := updateRepoRunsNumbers(ctx, run.Repo); err != nil {
-		return err
-	}
-
-	runJobs := make([]*ActionRunJob, 0, len(jobs))
-	var hasWaiting bool
-	for _, v := range jobs {
-		id, job := v.Job()
-		needs := job.Needs()
-		if err := v.SetJob(id, job.EraseNeeds()); err != nil {
+		if err := db.Insert(ctx, run); err != nil {
 			return err
 		}
-		payload, _ := v.Marshal()
-		status := StatusWaiting
-		if len(needs) > 0 || run.NeedApproval {
-			status = StatusBlocked
-		} else {
-			hasWaiting = true
+
+		if run.Repo == nil {
+			repo, err := repo_model.GetRepositoryByID(ctx, run.RepoID)
+			if err != nil {
+				return err
+			}
+			run.Repo = repo
 		}
-		job.Name = util.EllipsisDisplayString(job.Name, 255)
-		runJobs = append(runJobs, &ActionRunJob{
-			RunID:             run.ID,
-			RepoID:            run.RepoID,
-			OwnerID:           run.OwnerID,
-			CommitSHA:         run.CommitSHA,
-			IsForkPullRequest: run.IsForkPullRequest,
-			Name:              job.Name,
-			WorkflowPayload:   payload,
-			JobID:             id,
-			Needs:             needs,
-			RunsOn:            job.RunsOn(),
-			Status:            status,
-		})
-	}
-	if err := db.Insert(ctx, runJobs); err != nil {
-		return err
-	}
 
-	// if there is a job in the waiting status, increase tasks version.
-	if hasWaiting {
-		if err := IncreaseTaskVersion(ctx, run.OwnerID, run.RepoID); err != nil {
+		if err := updateRepoRunsNumbers(ctx, run.Repo); err != nil {
 			return err
 		}
-	}
 
-	return committer.Commit()
+		runJobs := make([]*ActionRunJob, 0, len(jobs))
+		var hasWaiting bool
+		for _, v := range jobs {
+			id, job := v.Job()
+			needs := job.Needs()
+			if err := v.SetJob(id, job.EraseNeeds()); err != nil {
+				return err
+			}
+			payload, _ := v.Marshal()
+			status := StatusWaiting
+			if len(needs) > 0 || run.NeedApproval {
+				status = StatusBlocked
+			} else {
+				hasWaiting = true
+			}
+			job.Name = util.EllipsisDisplayString(job.Name, 255)
+			runJobs = append(runJobs, &ActionRunJob{
+				RunID:             run.ID,
+				RepoID:            run.RepoID,
+				OwnerID:           run.OwnerID,
+				CommitSHA:         run.CommitSHA,
+				IsForkPullRequest: run.IsForkPullRequest,
+				Name:              job.Name,
+				WorkflowPayload:   payload,
+				JobID:             id,
+				Needs:             needs,
+				RunsOn:            job.RunsOn(),
+				Status:            status,
+			})
+		}
+		if err := db.Insert(ctx, runJobs); err != nil {
+			return err
+		}
+
+		// if there is a job in the waiting status, increase tasks version.
+		if hasWaiting {
+			if err := IncreaseTaskVersion(ctx, run.OwnerID, run.RepoID); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
 }
 
-func GetRunByID(ctx context.Context, id int64) (*ActionRun, error) {
+func GetRunByRepoAndID(ctx context.Context, repoID, runID int64) (*ActionRun, error) {
 	var run ActionRun
-	has, err := db.GetEngine(ctx).Where("id=?", id).Get(&run)
+	has, err := db.GetEngine(ctx).Where("id=? AND repo_id=?", runID, repoID).Get(&run)
 	if err != nil {
 		return nil, err
 	} else if !has {
-		return nil, fmt.Errorf("run with id %d: %w", id, util.ErrNotExist)
+		return nil, fmt.Errorf("run with id %d: %w", runID, util.ErrNotExist)
 	}
 
 	return &run, nil
@@ -412,23 +421,16 @@ func UpdateRun(ctx context.Context, run *ActionRun, cols ...string) error {
 		return err
 	}
 	if affected == 0 {
-		return fmt.Errorf("run has changed")
+		return errors.New("run has changed")
 		// It's impossible that the run is not found, since Gitea never deletes runs.
 	}
 
 	if run.Status != 0 || slices.Contains(cols, "status") {
 		if run.RepoID == 0 {
-			run, err = GetRunByID(ctx, run.ID)
-			if err != nil {
-				return err
-			}
+			setting.PanicInDevOrTesting("RepoID should not be 0")
 		}
-		if run.Repo == nil {
-			repo, err := repo_model.GetRepositoryByID(ctx, run.RepoID)
-			if err != nil {
-				return err
-			}
-			run.Repo = repo
+		if err = run.LoadRepo(ctx); err != nil {
+			return err
 		}
 		if err := updateRepoRunsNumbers(ctx, run.Repo); err != nil {
 			return err
diff --git a/models/actions/run_job.go b/models/actions/run_job.go
index de4b6aab66..e7fa21270c 100644
--- a/models/actions/run_job.go
+++ b/models/actions/run_job.go
@@ -10,6 +10,7 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/util"
 
@@ -19,11 +20,12 @@ import (
 // ActionRunJob represents a job of a run
 type ActionRunJob struct {
 	ID                int64
-	RunID             int64      `xorm:"index"`
-	Run               *ActionRun `xorm:"-"`
-	RepoID            int64      `xorm:"index"`
-	OwnerID           int64      `xorm:"index"`
-	CommitSHA         string     `xorm:"index"`
+	RunID             int64                  `xorm:"index"`
+	Run               *ActionRun             `xorm:"-"`
+	RepoID            int64                  `xorm:"index"`
+	Repo              *repo_model.Repository `xorm:"-"`
+	OwnerID           int64                  `xorm:"index"`
+	CommitSHA         string                 `xorm:"index"`
 	IsForkPullRequest bool
 	Name              string `xorm:"VARCHAR(255)"`
 	Attempt           int64
@@ -49,7 +51,7 @@ func (job *ActionRunJob) Duration() time.Duration {
 
 func (job *ActionRunJob) LoadRun(ctx context.Context) error {
 	if job.Run == nil {
-		run, err := GetRunByID(ctx, job.RunID)
+		run, err := GetRunByRepoAndID(ctx, job.RepoID, job.RunID)
 		if err != nil {
 			return err
 		}
@@ -58,6 +60,17 @@ func (job *ActionRunJob) LoadRun(ctx context.Context) error {
 	return nil
 }
 
+func (job *ActionRunJob) LoadRepo(ctx context.Context) error {
+	if job.Repo == nil {
+		repo, err := repo_model.GetRepositoryByID(ctx, job.RepoID)
+		if err != nil {
+			return err
+		}
+		job.Repo = repo
+	}
+	return nil
+}
+
 // LoadAttributes load Run if not loaded
 func (job *ActionRunJob) LoadAttributes(ctx context.Context) error {
 	if job == nil {
@@ -83,7 +96,7 @@ func GetRunJobByID(ctx context.Context, id int64) (*ActionRunJob, error) {
 	return &job, nil
 }
 
-func GetRunJobsByRunID(ctx context.Context, runID int64) ([]*ActionRunJob, error) {
+func GetRunJobsByRunID(ctx context.Context, runID int64) (ActionJobList, error) {
 	var jobs []*ActionRunJob
 	if err := db.GetEngine(ctx).Where("run_id=?", runID).OrderBy("id").Find(&jobs); err != nil {
 		return nil, err
@@ -129,7 +142,7 @@ func UpdateRunJob(ctx context.Context, job *ActionRunJob, cond builder.Cond, col
 	{
 		// Other goroutines may aggregate the status of the run and update it too.
 		// So we need load the run and its jobs before updating the run.
-		run, err := GetRunByID(ctx, job.RunID)
+		run, err := GetRunByRepoAndID(ctx, job.RepoID, job.RunID)
 		if err != nil {
 			return 0, err
 		}
@@ -172,12 +185,12 @@ func AggregateJobStatus(jobs []*ActionRunJob) Status {
 		return StatusSuccess
 	case hasCancelled:
 		return StatusCancelled
-	case hasFailure:
-		return StatusFailure
 	case hasRunning:
 		return StatusRunning
 	case hasWaiting:
 		return StatusWaiting
+	case hasFailure:
+		return StatusFailure
 	case hasBlocked:
 		return StatusBlocked
 	default:
diff --git a/models/actions/run_job_list.go b/models/actions/run_job_list.go
index 6c5d3b3252..5f7bb62878 100644
--- a/models/actions/run_job_list.go
+++ b/models/actions/run_job_list.go
@@ -7,6 +7,7 @@ import (
 	"context"
 
 	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/timeutil"
 
@@ -21,7 +22,33 @@ func (jobs ActionJobList) GetRunIDs() []int64 {
 	})
 }
 
+func (jobs ActionJobList) LoadRepos(ctx context.Context) error {
+	repoIDs := container.FilterSlice(jobs, func(j *ActionRunJob) (int64, bool) {
+		return j.RepoID, j.RepoID != 0 && j.Repo == nil
+	})
+	if len(repoIDs) == 0 {
+		return nil
+	}
+
+	repos := make(map[int64]*repo_model.Repository, len(repoIDs))
+	if err := db.GetEngine(ctx).In("id", repoIDs).Find(&repos); err != nil {
+		return err
+	}
+	for _, j := range jobs {
+		if j.RepoID > 0 && j.Repo == nil {
+			j.Repo = repos[j.RepoID]
+		}
+	}
+	return nil
+}
+
 func (jobs ActionJobList) LoadRuns(ctx context.Context, withRepo bool) error {
+	if withRepo {
+		if err := jobs.LoadRepos(ctx); err != nil {
+			return err
+		}
+	}
+
 	runIDs := jobs.GetRunIDs()
 	runs := make(map[int64]*ActionRun, len(runIDs))
 	if err := db.GetEngine(ctx).In("id", runIDs).Find(&runs); err != nil {
@@ -30,15 +57,9 @@ func (jobs ActionJobList) LoadRuns(ctx context.Context, withRepo bool) error {
 	for _, j := range jobs {
 		if j.RunID > 0 && j.Run == nil {
 			j.Run = runs[j.RunID]
+			j.Run.Repo = j.Repo
 		}
 	}
-	if withRepo {
-		var runsList RunList = make([]*ActionRun, 0, len(runs))
-		for _, r := range runs {
-			runsList = append(runsList, r)
-		}
-		return runsList.LoadRepos(ctx)
-	}
 	return nil
 }
 
@@ -59,22 +80,31 @@ type FindRunJobOptions struct {
 func (opts FindRunJobOptions) ToConds() builder.Cond {
 	cond := builder.NewCond()
 	if opts.RunID > 0 {
-		cond = cond.And(builder.Eq{"run_id": opts.RunID})
+		cond = cond.And(builder.Eq{"`action_run_job`.run_id": opts.RunID})
 	}
 	if opts.RepoID > 0 {
-		cond = cond.And(builder.Eq{"repo_id": opts.RepoID})
-	}
-	if opts.OwnerID > 0 {
-		cond = cond.And(builder.Eq{"owner_id": opts.OwnerID})
+		cond = cond.And(builder.Eq{"`action_run_job`.repo_id": opts.RepoID})
 	}
 	if opts.CommitSHA != "" {
-		cond = cond.And(builder.Eq{"commit_sha": opts.CommitSHA})
+		cond = cond.And(builder.Eq{"`action_run_job`.commit_sha": opts.CommitSHA})
 	}
 	if len(opts.Statuses) > 0 {
-		cond = cond.And(builder.In("status", opts.Statuses))
+		cond = cond.And(builder.In("`action_run_job`.status", opts.Statuses))
 	}
 	if opts.UpdatedBefore > 0 {
-		cond = cond.And(builder.Lt{"updated": opts.UpdatedBefore})
+		cond = cond.And(builder.Lt{"`action_run_job`.updated": opts.UpdatedBefore})
 	}
 	return cond
 }
+
+func (opts FindRunJobOptions) ToJoins() []db.JoinFunc {
+	if opts.OwnerID > 0 {
+		return []db.JoinFunc{
+			func(sess db.Engine) error {
+				sess.Join("INNER", "repository", "repository.id = repo_id AND repository.owner_id = ?", opts.OwnerID)
+				return nil
+			},
+		}
+	}
+	return nil
+}
diff --git a/models/actions/run_job_status_test.go b/models/actions/run_job_status_test.go
index 523d38327e..b9ae9f34bf 100644
--- a/models/actions/run_job_status_test.go
+++ b/models/actions/run_job_status_test.go
@@ -58,14 +58,14 @@ func TestAggregateJobStatus(t *testing.T) {
 		{[]Status{StatusCancelled, StatusRunning}, StatusCancelled},
 		{[]Status{StatusCancelled, StatusBlocked}, StatusCancelled},
 
-		// failure with other status, fail fast
-		// Should "running" win? Maybe no: old code does make "running" win, but GitHub does fail fast.
+		// failure with other status, usually fail fast, but "running" wins to match GitHub's behavior
+		// another reason that we can't make "failure" wins over "running": it would cause a weird behavior that user cannot cancel a workflow or get current running workflows correctly by filter after a job fail.
 		{[]Status{StatusFailure}, StatusFailure},
 		{[]Status{StatusFailure, StatusSuccess}, StatusFailure},
 		{[]Status{StatusFailure, StatusSkipped}, StatusFailure},
 		{[]Status{StatusFailure, StatusCancelled}, StatusCancelled},
-		{[]Status{StatusFailure, StatusWaiting}, StatusFailure},
-		{[]Status{StatusFailure, StatusRunning}, StatusFailure},
+		{[]Status{StatusFailure, StatusWaiting}, StatusWaiting},
+		{[]Status{StatusFailure, StatusRunning}, StatusRunning},
 		{[]Status{StatusFailure, StatusBlocked}, StatusFailure},
 
 		// skipped with other status
diff --git a/models/actions/run_list.go b/models/actions/run_list.go
index b9b9324e07..12c55e538e 100644
--- a/models/actions/run_list.go
+++ b/models/actions/run_list.go
@@ -72,39 +72,50 @@ type FindRunOptions struct {
 	TriggerEvent  webhook_module.HookEventType
 	Approved      bool // not util.OptionalBool, it works only when it's true
 	Status        []Status
+	CommitSHA     string
 }
 
 func (opts FindRunOptions) ToConds() builder.Cond {
 	cond := builder.NewCond()
 	if opts.RepoID > 0 {
-		cond = cond.And(builder.Eq{"repo_id": opts.RepoID})
-	}
-	if opts.OwnerID > 0 {
-		cond = cond.And(builder.Eq{"owner_id": opts.OwnerID})
+		cond = cond.And(builder.Eq{"`action_run`.repo_id": opts.RepoID})
 	}
 	if opts.WorkflowID != "" {
-		cond = cond.And(builder.Eq{"workflow_id": opts.WorkflowID})
+		cond = cond.And(builder.Eq{"`action_run`.workflow_id": opts.WorkflowID})
 	}
 	if opts.TriggerUserID > 0 {
-		cond = cond.And(builder.Eq{"trigger_user_id": opts.TriggerUserID})
+		cond = cond.And(builder.Eq{"`action_run`.trigger_user_id": opts.TriggerUserID})
 	}
 	if opts.Approved {
-		cond = cond.And(builder.Gt{"approved_by": 0})
+		cond = cond.And(builder.Gt{"`action_run`.approved_by": 0})
 	}
 	if len(opts.Status) > 0 {
-		cond = cond.And(builder.In("status", opts.Status))
+		cond = cond.And(builder.In("`action_run`.status", opts.Status))
 	}
 	if opts.Ref != "" {
-		cond = cond.And(builder.Eq{"ref": opts.Ref})
+		cond = cond.And(builder.Eq{"`action_run`.ref": opts.Ref})
 	}
 	if opts.TriggerEvent != "" {
-		cond = cond.And(builder.Eq{"trigger_event": opts.TriggerEvent})
+		cond = cond.And(builder.Eq{"`action_run`.trigger_event": opts.TriggerEvent})
+	}
+	if opts.CommitSHA != "" {
+		cond = cond.And(builder.Eq{"`action_run`.commit_sha": opts.CommitSHA})
 	}
 	return cond
 }
 
+func (opts FindRunOptions) ToJoins() []db.JoinFunc {
+	if opts.OwnerID > 0 {
+		return []db.JoinFunc{func(sess db.Engine) error {
+			sess.Join("INNER", "repository", "repository.id = repo_id AND repository.owner_id = ?", opts.OwnerID)
+			return nil
+		}}
+	}
+	return nil
+}
+
 func (opts FindRunOptions) ToOrders() string {
-	return "`id` DESC"
+	return "`action_run`.`id` DESC"
 }
 
 type StatusInfo struct {
diff --git a/models/actions/runner.go b/models/actions/runner.go
index 9ddf346aa6..81d4249ae0 100644
--- a/models/actions/runner.go
+++ b/models/actions/runner.go
@@ -5,6 +5,7 @@ package actions
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -14,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/shared/types"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/util"
@@ -86,9 +88,10 @@ func (r *ActionRunner) BelongsToOwnerType() types.OwnerType {
 		return types.OwnerTypeRepository
 	}
 	if r.OwnerID != 0 {
-		if r.Owner.Type == user_model.UserTypeOrganization {
+		switch r.Owner.Type {
+		case user_model.UserTypeOrganization:
 			return types.OwnerTypeOrganization
-		} else if r.Owner.Type == user_model.UserTypeIndividual {
+		case user_model.UserTypeIndividual:
 			return types.OwnerTypeIndividual
 		}
 	}
@@ -122,8 +125,15 @@ func (r *ActionRunner) IsOnline() bool {
 	return false
 }
 
-// Editable checks if the runner is editable by the user
-func (r *ActionRunner) Editable(ownerID, repoID int64) bool {
+// EditableInContext checks if the runner is editable by the "context" owner/repo
+// ownerID == 0 and repoID == 0 means "admin" context, any runner including global runners could be edited
+// ownerID == 0 and repoID != 0 means "repo" context, any runner belonging to the given repo could be edited
+// ownerID != 0 and repoID == 0 means "owner(org/user)" context, any runner belonging to the given user/org could be edited
+// ownerID != 0 and repoID != 0 means "owner" OR "repo" context, legacy behavior, but we should forbid using it
+func (r *ActionRunner) EditableInContext(ownerID, repoID int64) bool {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
 	if ownerID == 0 && repoID == 0 {
 		return true
 	}
@@ -167,6 +177,12 @@ func init() {
 	db.RegisterModel(&ActionRunner{})
 }
 
+// FindRunnerOptions
+// ownerID == 0 and repoID == 0 means any runner including global runners
+// repoID != 0 and WithAvailable == false means any runner for the given repo
+// repoID != 0 and WithAvailable == true means any runner for the given repo, parent user/org, and global runners
+// ownerID != 0 and repoID == 0 and WithAvailable == false means any runner for the given user/org
+// ownerID != 0 and repoID == 0 and WithAvailable == true means any runner for the given user/org and global runners
 type FindRunnerOptions struct {
 	db.ListOptions
 	IDs           []int64
@@ -283,6 +299,23 @@ func DeleteRunner(ctx context.Context, id int64) error {
 	return err
 }
 
+// DeleteEphemeralRunner deletes a ephemeral runner by given ID.
+func DeleteEphemeralRunner(ctx context.Context, id int64) error {
+	runner, err := GetRunnerByID(ctx, id)
+	if err != nil {
+		if errors.Is(err, util.ErrNotExist) {
+			return nil
+		}
+		return err
+	}
+	if !runner.Ephemeral {
+		return nil
+	}
+
+	_, err = db.DeleteByID[ActionRunner](ctx, id)
+	return err
+}
+
 // CreateRunner creates new runner.
 func CreateRunner(ctx context.Context, t *ActionRunner) error {
 	if t.OwnerID != 0 && t.RepoID != 0 {
diff --git a/models/actions/runner_token_test.go b/models/actions/runner_token_test.go
index 159805e5f7..21614b7086 100644
--- a/models/actions/runner_token_test.go
+++ b/models/actions/runner_token_test.go
@@ -17,7 +17,7 @@ func TestGetLatestRunnerToken(t *testing.T) {
 	token := unittest.AssertExistsAndLoadBean(t, &ActionRunnerToken{ID: 3})
 	expectedToken, err := GetLatestRunnerToken(db.DefaultContext, 1, 0)
 	assert.NoError(t, err)
-	assert.EqualValues(t, expectedToken, token)
+	assert.Equal(t, expectedToken, token)
 }
 
 func TestNewRunnerToken(t *testing.T) {
@@ -26,7 +26,7 @@ func TestNewRunnerToken(t *testing.T) {
 	assert.NoError(t, err)
 	expectedToken, err := GetLatestRunnerToken(db.DefaultContext, 1, 0)
 	assert.NoError(t, err)
-	assert.EqualValues(t, expectedToken, token)
+	assert.Equal(t, expectedToken, token)
 }
 
 func TestUpdateRunnerToken(t *testing.T) {
@@ -36,5 +36,5 @@ func TestUpdateRunnerToken(t *testing.T) {
 	assert.NoError(t, UpdateRunnerToken(db.DefaultContext, token))
 	expectedToken, err := GetLatestRunnerToken(db.DefaultContext, 1, 0)
 	assert.NoError(t, err)
-	assert.EqualValues(t, expectedToken, token)
+	assert.Equal(t, expectedToken, token)
 }
diff --git a/models/actions/schedule.go b/models/actions/schedule.go
index 2edf483fe0..ffde5092e0 100644
--- a/models/actions/schedule.go
+++ b/models/actions/schedule.go
@@ -56,65 +56,54 @@ func CreateScheduleTask(ctx context.Context, rows []*ActionSchedule) error {
 		return nil
 	}
 
-	// Begin transaction
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	// Loop through each schedule row
-	for _, row := range rows {
-		row.Title = util.EllipsisDisplayString(row.Title, 255)
-		// Create new schedule row
-		if err = db.Insert(ctx, row); err != nil {
-			return err
-		}
-
-		// Loop through each schedule spec and create a new spec row
-		now := time.Now()
-
-		for _, spec := range row.Specs {
-			specRow := &ActionScheduleSpec{
-				RepoID:     row.RepoID,
-				ScheduleID: row.ID,
-				Spec:       spec,
-			}
-			// Parse the spec and check for errors
-			schedule, err := specRow.Parse()
-			if err != nil {
-				continue // skip to the next spec if there's an error
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// Loop through each schedule row
+		for _, row := range rows {
+			row.Title = util.EllipsisDisplayString(row.Title, 255)
+			// Create new schedule row
+			if err := db.Insert(ctx, row); err != nil {
+				return err
 			}
 
-			specRow.Next = timeutil.TimeStamp(schedule.Next(now).Unix())
-
-			// Insert the new schedule spec row
-			if err = db.Insert(ctx, specRow); err != nil {
-				return err
+			// Loop through each schedule spec and create a new spec row
+			now := time.Now()
+
+			for _, spec := range row.Specs {
+				specRow := &ActionScheduleSpec{
+					RepoID:     row.RepoID,
+					ScheduleID: row.ID,
+					Spec:       spec,
+				}
+				// Parse the spec and check for errors
+				schedule, err := specRow.Parse()
+				if err != nil {
+					continue // skip to the next spec if there's an error
+				}
+
+				specRow.Next = timeutil.TimeStamp(schedule.Next(now).Unix())
+
+				// Insert the new schedule spec row
+				if err = db.Insert(ctx, specRow); err != nil {
+					return err
+				}
 			}
 		}
-	}
-
-	// Commit transaction
-	return committer.Commit()
+		return nil
+	})
 }
 
 func DeleteScheduleTaskByRepo(ctx context.Context, id int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if _, err := db.GetEngine(ctx).Delete(&ActionSchedule{RepoID: id}); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if _, err := db.GetEngine(ctx).Delete(&ActionSchedule{RepoID: id}); err != nil {
+			return err
+		}
 
-	if _, err := db.GetEngine(ctx).Delete(&ActionScheduleSpec{RepoID: id}); err != nil {
-		return err
-	}
+		if _, err := db.GetEngine(ctx).Delete(&ActionScheduleSpec{RepoID: id}); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 func CleanRepoScheduleTasks(ctx context.Context, repo *repo_model.Repository) ([]*ActionRunJob, error) {
diff --git a/models/actions/status.go b/models/actions/status.go
index eda2234137..2b1d70613c 100644
--- a/models/actions/status.go
+++ b/models/actions/status.go
@@ -4,6 +4,8 @@
 package actions
 
 import (
+	"slices"
+
 	"code.gitea.io/gitea/modules/translation"
 
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
@@ -88,12 +90,7 @@ func (s Status) IsBlocked() bool {
 
 // In returns whether s is one of the given statuses
 func (s Status) In(statuses ...Status) bool {
-	for _, v := range statuses {
-		if s == v {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(statuses, s)
 }
 
 func (s Status) AsResult() runnerv1.Result {
diff --git a/models/actions/task.go b/models/actions/task.go
index 9f13ff94c9..c1306a8418 100644
--- a/models/actions/task.go
+++ b/models/actions/task.go
@@ -6,6 +6,7 @@ package actions
 import (
 	"context"
 	"crypto/subtle"
+	"errors"
 	"fmt"
 	"time"
 
@@ -277,14 +278,13 @@ func CreateTaskForRunner(ctx context.Context, runner *ActionRunner) (*ActionTask
 		return nil, false, err
 	}
 
-	var workflowJob *jobparser.Job
-	if gots, err := jobparser.Parse(job.WorkflowPayload); err != nil {
+	parsedWorkflows, err := jobparser.Parse(job.WorkflowPayload)
+	if err != nil {
 		return nil, false, fmt.Errorf("parse workflow of job %d: %w", job.ID, err)
-	} else if len(gots) != 1 {
+	} else if len(parsedWorkflows) != 1 {
 		return nil, false, fmt.Errorf("workflow of job %d: not single workflow", job.ID)
-	} else { //nolint:revive
-		_, workflowJob = gots[0].Job()
 	}
+	_, workflowJob := parsedWorkflows[0].Job()
 
 	if _, err := e.Insert(task); err != nil {
 		return nil, false, err
@@ -335,6 +335,11 @@ func UpdateTask(ctx context.Context, task *ActionTask, cols ...string) error {
 		sess.Cols(cols...)
 	}
 	_, err := sess.Update(task)
+
+	// Automatically delete the ephemeral runner if the task is done
+	if err == nil && task.Status.IsDone() && util.SliceContainsString(cols, "status") {
+		return DeleteEphemeralRunner(ctx, task.RunnerID)
+	}
 	return err
 }
 
@@ -347,78 +352,70 @@ func UpdateTaskByState(ctx context.Context, runnerID int64, state *runnerv1.Task
 		stepStates[v.Id] = v
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	e := db.GetEngine(ctx)
-
-	task := &ActionTask{}
-	if has, err := e.ID(state.Id).Get(task); err != nil {
-		return nil, err
-	} else if !has {
-		return nil, util.ErrNotExist
-	} else if runnerID != task.RunnerID {
-		return nil, fmt.Errorf("invalid runner for task")
-	}
-
-	if task.Status.IsDone() {
-		// the state is final, do nothing
-		return task, nil
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*ActionTask, error) {
+		e := db.GetEngine(ctx)
 
-	// state.Result is not unspecified means the task is finished
-	if state.Result != runnerv1.Result_RESULT_UNSPECIFIED {
-		task.Status = Status(state.Result)
-		task.Stopped = timeutil.TimeStamp(state.StoppedAt.AsTime().Unix())
-		if err := UpdateTask(ctx, task, "status", "stopped"); err != nil {
-			return nil, err
-		}
-		if _, err := UpdateRunJob(ctx, &ActionRunJob{
-			ID:      task.JobID,
-			Status:  task.Status,
-			Stopped: task.Stopped,
-		}, nil); err != nil {
+		task := &ActionTask{}
+		if has, err := e.ID(state.Id).Get(task); err != nil {
 			return nil, err
+		} else if !has {
+			return nil, util.ErrNotExist
+		} else if runnerID != task.RunnerID {
+			return nil, errors.New("invalid runner for task")
 		}
-	} else {
-		// Force update ActionTask.Updated to avoid the task being judged as a zombie task
-		task.Updated = timeutil.TimeStampNow()
-		if err := UpdateTask(ctx, task, "updated"); err != nil {
-			return nil, err
-		}
-	}
 
-	if err := task.LoadAttributes(ctx); err != nil {
-		return nil, err
-	}
-
-	for _, step := range task.Steps {
-		var result runnerv1.Result
-		if v, ok := stepStates[step.Index]; ok {
-			result = v.Result
-			step.LogIndex = v.LogIndex
-			step.LogLength = v.LogLength
-			step.Started = convertTimestamp(v.StartedAt)
-			step.Stopped = convertTimestamp(v.StoppedAt)
+		if task.Status.IsDone() {
+			// the state is final, do nothing
+			return task, nil
 		}
-		if result != runnerv1.Result_RESULT_UNSPECIFIED {
-			step.Status = Status(result)
-		} else if step.Started != 0 {
-			step.Status = StatusRunning
+
+		// state.Result is not unspecified means the task is finished
+		if state.Result != runnerv1.Result_RESULT_UNSPECIFIED {
+			task.Status = Status(state.Result)
+			task.Stopped = timeutil.TimeStamp(state.StoppedAt.AsTime().Unix())
+			if err := UpdateTask(ctx, task, "status", "stopped"); err != nil {
+				return nil, err
+			}
+			if _, err := UpdateRunJob(ctx, &ActionRunJob{
+				ID:      task.JobID,
+				Status:  task.Status,
+				Stopped: task.Stopped,
+			}, nil); err != nil {
+				return nil, err
+			}
+		} else {
+			// Force update ActionTask.Updated to avoid the task being judged as a zombie task
+			task.Updated = timeutil.TimeStampNow()
+			if err := UpdateTask(ctx, task, "updated"); err != nil {
+				return nil, err
+			}
 		}
-		if _, err := e.ID(step.ID).Update(step); err != nil {
+
+		if err := task.LoadAttributes(ctx); err != nil {
 			return nil, err
 		}
-	}
 
-	if err := committer.Commit(); err != nil {
-		return nil, err
-	}
+		for _, step := range task.Steps {
+			var result runnerv1.Result
+			if v, ok := stepStates[step.Index]; ok {
+				result = v.Result
+				step.LogIndex = v.LogIndex
+				step.LogLength = v.LogLength
+				step.Started = convertTimestamp(v.StartedAt)
+				step.Stopped = convertTimestamp(v.StoppedAt)
+			}
+			if result != runnerv1.Result_RESULT_UNSPECIFIED {
+				step.Status = Status(result)
+			} else if step.Started != 0 {
+				step.Status = StatusRunning
+			}
+			if _, err := e.ID(step.ID).Update(step); err != nil {
+				return nil, err
+			}
+		}
 
-	return task, nil
+		return task, nil
+	})
 }
 
 func StopTask(ctx context.Context, taskID int64, status Status) error {
diff --git a/models/actions/task_list.go b/models/actions/task_list.go
index df4b43c5ef..0c80397899 100644
--- a/models/actions/task_list.go
+++ b/models/actions/task_list.go
@@ -48,6 +48,7 @@ func (tasks TaskList) LoadAttributes(ctx context.Context) error {
 type FindTaskOptions struct {
 	db.ListOptions
 	RepoID        int64
+	JobID         int64
 	OwnerID       int64
 	CommitSHA     string
 	Status        Status
@@ -61,6 +62,9 @@ func (opts FindTaskOptions) ToConds() builder.Cond {
 	if opts.RepoID > 0 {
 		cond = cond.And(builder.Eq{"repo_id": opts.RepoID})
 	}
+	if opts.JobID > 0 {
+		cond = cond.And(builder.Eq{"job_id": opts.JobID})
+	}
 	if opts.OwnerID > 0 {
 		cond = cond.And(builder.Eq{"owner_id": opts.OwnerID})
 	}
diff --git a/models/actions/tasks_version.go b/models/actions/tasks_version.go
index 96c5468c1a..b686ce2443 100644
--- a/models/actions/tasks_version.go
+++ b/models/actions/tasks_version.go
@@ -73,33 +73,29 @@ func increaseTasksVersionByScope(ctx context.Context, ownerID, repoID int64) err
 }
 
 func IncreaseTaskVersion(ctx context.Context, ownerID, repoID int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	// 1. increase global
-	if err := increaseTasksVersionByScope(ctx, 0, 0); err != nil {
-		log.Error("IncreaseTasksVersionByScope(Global): %v", err)
-		return err
-	}
-
-	// 2. increase owner
-	if ownerID > 0 {
-		if err := increaseTasksVersionByScope(ctx, ownerID, 0); err != nil {
-			log.Error("IncreaseTasksVersionByScope(Owner): %v", err)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// 1. increase global
+		if err := increaseTasksVersionByScope(ctx, 0, 0); err != nil {
+			log.Error("IncreaseTasksVersionByScope(Global): %v", err)
 			return err
 		}
-	}
 
-	// 3. increase repo
-	if repoID > 0 {
-		if err := increaseTasksVersionByScope(ctx, 0, repoID); err != nil {
-			log.Error("IncreaseTasksVersionByScope(Repo): %v", err)
-			return err
+		// 2. increase owner
+		if ownerID > 0 {
+			if err := increaseTasksVersionByScope(ctx, ownerID, 0); err != nil {
+				log.Error("IncreaseTasksVersionByScope(Owner): %v", err)
+				return err
+			}
+		}
+
+		// 3. increase repo
+		if repoID > 0 {
+			if err := increaseTasksVersionByScope(ctx, 0, repoID); err != nil {
+				log.Error("IncreaseTasksVersionByScope(Repo): %v", err)
+				return err
+			}
 		}
-	}
 
-	return committer.Commit()
+		return nil
+	})
 }
diff --git a/models/actions/utils.go b/models/actions/utils.go
index 12657942fc..f6ba661ae3 100644
--- a/models/actions/utils.go
+++ b/models/actions/utils.go
@@ -82,3 +82,22 @@ func calculateDuration(started, stopped timeutil.TimeStamp, status Status) time.
 	}
 	return timeSince(s).Truncate(time.Second)
 }
+
+// best effort function to convert an action schedule to action run, to be used in GenerateGiteaContext
+func (s *ActionSchedule) ToActionRun() *ActionRun {
+	return &ActionRun{
+		Title:         s.Title,
+		RepoID:        s.RepoID,
+		Repo:          s.Repo,
+		OwnerID:       s.OwnerID,
+		WorkflowID:    s.WorkflowID,
+		TriggerUserID: s.TriggerUserID,
+		TriggerUser:   s.TriggerUser,
+		Ref:           s.Ref,
+		CommitSHA:     s.CommitSHA,
+		Event:         s.Event,
+		EventPayload:  s.EventPayload,
+		Created:       s.Created,
+		Updated:       s.Updated,
+	}
+}
diff --git a/models/activities/action.go b/models/activities/action.go
index c89ba3e14e..1a0dfe6412 100644
--- a/models/activities/action.go
+++ b/models/activities/action.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"net/url"
 	"path"
+	"slices"
 	"strconv"
 	"strings"
 	"time"
@@ -125,12 +126,7 @@ func (at ActionType) String() string {
 }
 
 func (at ActionType) InActions(actions ...string) bool {
-	for _, action := range actions {
-		if action == at.String() {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(actions, at.String())
 }
 
 // Action represents user operation type and other information to
@@ -191,7 +187,7 @@ func (a *Action) LoadActUser(ctx context.Context) {
 		return
 	}
 	var err error
-	a.ActUser, err = user_model.GetUserByID(ctx, a.ActUserID)
+	a.ActUser, err = user_model.GetPossibleUserByID(ctx, a.ActUserID)
 	if err == nil {
 		return
 	} else if user_model.IsErrUserNotExist(err) {
@@ -530,7 +526,7 @@ func ActivityQueryCondition(ctx context.Context, opts GetFeedsOptions) (builder.
 
 	if opts.RequestedTeam != nil {
 		env := repo_model.AccessibleTeamReposEnv(organization.OrgFromUser(opts.RequestedUser), opts.RequestedTeam)
-		teamRepoIDs, err := env.RepoIDs(ctx, 1, opts.RequestedUser.NumRepos)
+		teamRepoIDs, err := env.RepoIDs(ctx)
 		if err != nil {
 			return nil, fmt.Errorf("GetTeamRepositories: %w", err)
 		}
diff --git a/models/activities/action_list.go b/models/activities/action_list.go
index 6789ebcb99..b52cf7ee49 100644
--- a/models/activities/action_list.go
+++ b/models/activities/action_list.go
@@ -5,6 +5,7 @@ package activities
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strconv"
 
@@ -205,7 +206,7 @@ func (actions ActionList) LoadIssues(ctx context.Context) error {
 // GetFeeds returns actions according to the provided options
 func GetFeeds(ctx context.Context, opts GetFeedsOptions) (ActionList, int64, error) {
 	if opts.RequestedUser == nil && opts.RequestedTeam == nil && opts.RequestedRepo == nil {
-		return nil, 0, fmt.Errorf("need at least one of these filters: RequestedUser, RequestedTeam, RequestedRepo")
+		return nil, 0, errors.New("need at least one of these filters: RequestedUser, RequestedTeam, RequestedRepo")
 	}
 
 	var err error
diff --git a/models/activities/action_test.go b/models/activities/action_test.go
index ee2a225a3e..ff311ac891 100644
--- a/models/activities/action_test.go
+++ b/models/activities/action_test.go
@@ -130,7 +130,7 @@ func TestDeleteIssueActions(t *testing.T) {
 
 	// load an issue
 	issue := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 4})
-	assert.NotEqualValues(t, issue.ID, issue.Index) // it needs to use different ID/Index to test the DeleteIssueActions to delete some actions by IssueIndex
+	assert.NotEqual(t, issue.ID, issue.Index) // it needs to use different ID/Index to test the DeleteIssueActions to delete some actions by IssueIndex
 
 	// insert a comment
 	err := db.Insert(db.DefaultContext, &issue_model.Comment{Type: issue_model.CommentTypeComment, IssueID: issue.ID})
diff --git a/models/activities/notification_list.go b/models/activities/notification_list.go
index 0cbb91df3c..6539e14ea2 100644
--- a/models/activities/notification_list.go
+++ b/models/activities/notification_list.go
@@ -70,17 +70,9 @@ func (opts FindNotificationOptions) ToOrders() string {
 // for each watcher, or updates it if already exists
 // receiverID > 0 just send to receiver, else send to all watcher
 func CreateOrUpdateIssueNotifications(ctx context.Context, issueID, commentID, notificationAuthorID, receiverID int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := createOrUpdateIssueNotifications(ctx, issueID, commentID, notificationAuthorID, receiverID); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return createOrUpdateIssueNotifications(ctx, issueID, commentID, notificationAuthorID, receiverID)
+	})
 }
 
 func createOrUpdateIssueNotifications(ctx context.Context, issueID, commentID, notificationAuthorID, receiverID int64) error {
@@ -208,10 +200,7 @@ func (nl NotificationList) LoadRepos(ctx context.Context) (repo_model.Repository
 	repos := make(map[int64]*repo_model.Repository, len(repoIDs))
 	left := len(repoIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", repoIDs[:limit]).
 			Rows(new(repo_model.Repository))
@@ -282,10 +271,7 @@ func (nl NotificationList) LoadIssues(ctx context.Context) ([]int, error) {
 	issues := make(map[int64]*issues_model.Issue, len(issueIDs))
 	left := len(issueIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", issueIDs[:limit]).
 			Rows(new(issues_model.Issue))
@@ -377,10 +363,7 @@ func (nl NotificationList) LoadUsers(ctx context.Context) ([]int, error) {
 	users := make(map[int64]*user_model.User, len(userIDs))
 	left := len(userIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", userIDs[:limit]).
 			Rows(new(user_model.User))
@@ -428,10 +411,7 @@ func (nl NotificationList) LoadComments(ctx context.Context) ([]int, error) {
 	comments := make(map[int64]*issues_model.Comment, len(commentIDs))
 	left := len(commentIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", commentIDs[:limit]).
 			Rows(new(issues_model.Comment))
diff --git a/models/activities/notification_test.go b/models/activities/notification_test.go
index 52f0eacba1..5d2a29bc36 100644
--- a/models/activities/notification_test.go
+++ b/models/activities/notification_test.go
@@ -44,11 +44,11 @@ func TestNotificationsForUser(t *testing.T) {
 	assert.NoError(t, err)
 	if assert.Len(t, notfs, 3) {
 		assert.EqualValues(t, 5, notfs[0].ID)
-		assert.EqualValues(t, user.ID, notfs[0].UserID)
+		assert.Equal(t, user.ID, notfs[0].UserID)
 		assert.EqualValues(t, 4, notfs[1].ID)
-		assert.EqualValues(t, user.ID, notfs[1].UserID)
+		assert.Equal(t, user.ID, notfs[1].UserID)
 		assert.EqualValues(t, 2, notfs[2].ID)
-		assert.EqualValues(t, user.ID, notfs[2].UserID)
+		assert.Equal(t, user.ID, notfs[2].UserID)
 	}
 }
 
@@ -58,7 +58,7 @@ func TestNotification_GetRepo(t *testing.T) {
 	repo, err := notf.GetRepo(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.Equal(t, repo, notf.Repository)
-	assert.EqualValues(t, notf.RepoID, repo.ID)
+	assert.Equal(t, notf.RepoID, repo.ID)
 }
 
 func TestNotification_GetIssue(t *testing.T) {
@@ -67,7 +67,7 @@ func TestNotification_GetIssue(t *testing.T) {
 	issue, err := notf.GetIssue(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.Equal(t, issue, notf.Issue)
-	assert.EqualValues(t, notf.IssueID, issue.ID)
+	assert.Equal(t, notf.IssueID, issue.ID)
 }
 
 func TestGetNotificationCount(t *testing.T) {
@@ -136,5 +136,5 @@ func TestSetIssueReadBy(t *testing.T) {
 
 	nt, err := activities_model.GetIssueNotification(db.DefaultContext, user.ID, issue.ID)
 	assert.NoError(t, err)
-	assert.EqualValues(t, activities_model.NotificationStatusRead, nt.Status)
+	assert.Equal(t, activities_model.NotificationStatusRead, nt.Status)
 }
diff --git a/models/activities/repo_activity.go b/models/activities/repo_activity.go
index 3ccdbd47d3..aeaa452c9e 100644
--- a/models/activities/repo_activity.go
+++ b/models/activities/repo_activity.go
@@ -139,10 +139,7 @@ func GetActivityStatsTopAuthors(ctx context.Context, repo *repo_model.Repository
 		return v[i].Commits > v[j].Commits
 	})
 
-	cnt := count
-	if cnt > len(v) {
-		cnt = len(v)
-	}
+	cnt := min(count, len(v))
 
 	return v[:cnt], nil
 }
diff --git a/models/activities/statistic.go b/models/activities/statistic.go
index ff81ad78a1..940651d359 100644
--- a/models/activities/statistic.go
+++ b/models/activities/statistic.go
@@ -17,13 +17,16 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/models/webhook"
+	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
 )
 
 // Statistic contains the database statistics
 type Statistic struct {
 	Counter struct {
-		User, Org, PublicKey,
+		UsersActive, UsersNotActive,
+		Org, PublicKey,
 		Repo, Watch, Star, Access,
 		Issue, IssueClosed, IssueOpen,
 		Comment, Oauth, Follow,
@@ -53,8 +56,20 @@ type IssueByRepositoryCount struct {
 // GetStatistic returns the database statistics
 func GetStatistic(ctx context.Context) (stats Statistic) {
 	e := db.GetEngine(ctx)
-	stats.Counter.User = user_model.CountUsers(ctx, nil)
-	stats.Counter.Org, _ = db.Count[organization.Organization](ctx, organization.FindOrgOptions{IncludePrivate: true})
+
+	// Number of active users
+	usersActiveOpts := user_model.CountUserFilter{
+		IsActive: optional.Some(true),
+	}
+	stats.Counter.UsersActive = user_model.CountUsers(ctx, &usersActiveOpts)
+
+	// Number of inactive users
+	usersNotActiveOpts := user_model.CountUserFilter{
+		IsActive: optional.Some(false),
+	}
+	stats.Counter.UsersNotActive = user_model.CountUsers(ctx, &usersNotActiveOpts)
+
+	stats.Counter.Org, _ = db.Count[organization.Organization](ctx, organization.FindOrgOptions{IncludeVisibility: structs.VisibleTypePrivate})
 	stats.Counter.PublicKey, _ = e.Count(new(asymkey_model.PublicKey))
 	stats.Counter.Repo, _ = repo_model.CountRepositories(ctx, repo_model.CountRepositoryOptions{})
 	stats.Counter.Watch, _ = e.Count(new(repo_model.Watch))
diff --git a/models/activities/user_heatmap.go b/models/activities/user_heatmap.go
index 1f8f0f590e..ef67838be7 100644
--- a/models/activities/user_heatmap.go
+++ b/models/activities/user_heatmap.go
@@ -66,7 +66,7 @@ func getUserHeatmapData(ctx context.Context, user *user_model.User, team *organi
 		Select(groupBy+" AS timestamp, count(user_id) as contributions").
 		Table("action").
 		Where(cond).
-		And("created_unix > ?", timeutil.TimeStampNow()-31536000).
+		And("created_unix > ?", timeutil.TimeStampNow()-(366+7)*86400). // (366+7) days to include the first week for the heatmap
 		GroupBy(groupByName).
 		OrderBy("timestamp").
 		Find(&hdata)
diff --git a/models/asymkey/error.go b/models/asymkey/error.go
index 1ed6edd71a..b765624579 100644
--- a/models/asymkey/error.go
+++ b/models/asymkey/error.go
@@ -132,7 +132,7 @@ func IsErrGPGKeyParsing(err error) bool {
 }
 
 func (err ErrGPGKeyParsing) Error() string {
-	return fmt.Sprintf("failed to parse gpg key %s", err.ParseError.Error())
+	return "failed to parse gpg key " + err.ParseError.Error()
 }
 
 // ErrGPGKeyNotExist represents a "GPGKeyNotExist" kind of error.
diff --git a/models/asymkey/gpg_key.go b/models/asymkey/gpg_key.go
index 7f35a96a59..38de7cbda6 100644
--- a/models/asymkey/gpg_key.go
+++ b/models/asymkey/gpg_key.go
@@ -5,6 +5,7 @@ package asymkey
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
@@ -207,7 +208,7 @@ func parseGPGKey(ctx context.Context, ownerID int64, e *openpgp.Entity, verified
 // deleteGPGKey does the actual key deletion
 func deleteGPGKey(ctx context.Context, keyID string) (int64, error) {
 	if keyID == "" {
-		return 0, fmt.Errorf("empty KeyId forbidden") // Should never happen but just to be sure
+		return 0, errors.New("empty KeyId forbidden") // Should never happen but just to be sure
 	}
 	// Delete imported key
 	n, err := db.GetEngine(ctx).Where("key_id=?", keyID).Delete(new(GPGKeyImport))
@@ -227,15 +228,15 @@ func DeleteGPGKey(ctx context.Context, doer *user_model.User, id int64) (err err
 		return fmt.Errorf("GetPublicKeyByID: %w", err)
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if _, err = deleteGPGKey(ctx, key.KeyID); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		_, err = deleteGPGKey(ctx, key.KeyID)
 		return err
-	}
+	})
+}
 
-	return committer.Commit()
+func FindGPGKeyWithSubKeys(ctx context.Context, keyID string) ([]*GPGKey, error) {
+	return db.Find[GPGKey](ctx, FindGPGKeyOptions{
+		KeyID:          keyID,
+		IncludeSubKeys: true,
+	})
 }
diff --git a/models/asymkey/gpg_key_add.go b/models/asymkey/gpg_key_add.go
index ec2031088a..1c7d2c1da2 100644
--- a/models/asymkey/gpg_key_add.go
+++ b/models/asymkey/gpg_key_add.go
@@ -91,7 +91,7 @@ func AddGPGKey(ctx context.Context, ownerID int64, content, token, signature str
 			signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\r\n"), strings.NewReader(signature), nil)
 		}
 		if err != nil {
-			log.Error("Unable to validate token signature. Error: %v", err)
+			log.Debug("AddGPGKey CheckArmoredDetachedSignature failed: %v", err)
 			return nil, ErrGPGInvalidTokenSignature{
 				ID:      ekeys[0].PrimaryKey.KeyIdString(),
 				Wrapped: err,
diff --git a/models/asymkey/gpg_key_commit_verification.go b/models/asymkey/gpg_key_commit_verification.go
index 1591cd5068..b85374e073 100644
--- a/models/asymkey/gpg_key_commit_verification.go
+++ b/models/asymkey/gpg_key_commit_verification.go
@@ -4,6 +4,7 @@
 package asymkey
 
 import (
+	"errors"
 	"fmt"
 	"hash"
 
@@ -14,25 +15,6 @@ import (
 	"github.com/ProtonMail/go-crypto/openpgp/packet"
 )
 
-//   __________________  ________   ____  __.
-//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
-// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
-// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
-//  \______  /|____|    \______  / |____|__ \___  > ____|
-//         \/                  \/          \/   \/\/
-// _________                        .__  __
-// \_   ___ \  ____   _____   _____ |__|/  |_
-// /    \  \/ /  _ \ /     \ /     \|  \   __\
-// \     \___(  <_> )  Y Y  \  Y Y  \  ||  |
-//  \______  /\____/|__|_|  /__|_|  /__||__|
-//         \/             \/      \/
-// ____   ____           .__  _____.__               __  .__
-// \   \ /   /___________|__|/ ____\__| ____ _____ _/  |_|__| ____   ____
-//  \   Y   // __ \_  __ \  \   __\|  |/ ___\\__  \\   __\  |/  _ \ /    \
-//   \     /\  ___/|  | \/  ||  |  |  \  \___ / __ \|  | |  (  <_> )   |  \
-//    \___/  \___  >__|  |__||__|  |__|\___  >____  /__| |__|\____/|___|  /
-//               \/                        \/     \/                    \/
-
 // This file provides functions relating commit verification
 
 // CommitVerification represents a commit validation of signature
@@ -40,8 +22,8 @@ type CommitVerification struct {
 	Verified       bool
 	Warning        bool
 	Reason         string
-	SigningUser    *user_model.User
-	CommittingUser *user_model.User
+	SigningUser    *user_model.User // if Verified, then SigningUser is non-nil
+	CommittingUser *user_model.User // if Verified, then CommittingUser is non-nil
 	SigningEmail   string
 	SigningKey     *GPGKey
 	SigningSSHKey  *PublicKey
@@ -68,7 +50,7 @@ const (
 func verifySign(s *packet.Signature, h hash.Hash, k *GPGKey) error {
 	// Check if key can sign
 	if !k.CanSign {
-		return fmt.Errorf("key can not sign")
+		return errors.New("key can not sign")
 	}
 	// Decode key
 	pkey, err := base64DecPubKey(k.Content)
diff --git a/models/asymkey/gpg_key_common.go b/models/asymkey/gpg_key_common.go
index 1291cbc542..76f52a3ca4 100644
--- a/models/asymkey/gpg_key_common.go
+++ b/models/asymkey/gpg_key_common.go
@@ -7,6 +7,7 @@ import (
 	"bytes"
 	"crypto"
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"hash"
 	"io"
@@ -75,7 +76,7 @@ func base64DecPubKey(content string) (*packet.PublicKey, error) {
 	// Check type
 	pkey, ok := p.(*packet.PublicKey)
 	if !ok {
-		return nil, fmt.Errorf("key is not a public key")
+		return nil, errors.New("key is not a public key")
 	}
 	return pkey, nil
 }
@@ -122,15 +123,15 @@ func readArmoredSign(r io.Reader) (body io.Reader, err error) {
 func ExtractSignature(s string) (*packet.Signature, error) {
 	r, err := readArmoredSign(strings.NewReader(s))
 	if err != nil {
-		return nil, fmt.Errorf("Failed to read signature armor")
+		return nil, errors.New("Failed to read signature armor")
 	}
 	p, err := packet.Read(r)
 	if err != nil {
-		return nil, fmt.Errorf("Failed to read signature packet")
+		return nil, errors.New("Failed to read signature packet")
 	}
 	sig, ok := p.(*packet.Signature)
 	if !ok {
-		return nil, fmt.Errorf("Packet is not a signature")
+		return nil, errors.New("Packet is not a signature")
 	}
 	return sig, nil
 }
diff --git a/models/asymkey/gpg_key_verify.go b/models/asymkey/gpg_key_verify.go
index 6eedb5b7ba..55c64973b4 100644
--- a/models/asymkey/gpg_key_verify.go
+++ b/models/asymkey/gpg_key_verify.go
@@ -14,97 +14,76 @@ import (
 	"code.gitea.io/gitea/modules/log"
 )
 
-//   __________________  ________   ____  __.
-//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
-// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
-// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
-//  \______  /|____|    \______  / |____|__ \___  > ____|
-//         \/                  \/          \/   \/\/
-// ____   ____           .__  _____
-// \   \ /   /___________|__|/ ____\__.__.
-//  \   Y   // __ \_  __ \  \   __<   |  |
-//   \     /\  ___/|  | \/  ||  |  \___  |
-//    \___/  \___  >__|  |__||__|  / ____|
-//               \/                \/
-
 // This file provides functions relating verifying gpg keys
 
 // VerifyGPGKey marks a GPG key as verified
 func VerifyGPGKey(ctx context.Context, ownerID int64, keyID, token, signature string) (string, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return "", err
-	}
-	defer committer.Close()
-
-	key := new(GPGKey)
-
-	has, err := db.GetEngine(ctx).Where("owner_id = ? AND key_id = ?", ownerID, keyID).Get(key)
-	if err != nil {
-		return "", err
-	} else if !has {
-		return "", ErrGPGKeyNotExist{}
-	}
-
-	if err := key.LoadSubKeys(ctx); err != nil {
-		return "", err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (string, error) {
+		key := new(GPGKey)
 
-	sig, err := ExtractSignature(signature)
-	if err != nil {
-		return "", ErrGPGInvalidTokenSignature{
-			ID:      key.KeyID,
-			Wrapped: err,
+		has, err := db.GetEngine(ctx).Where("owner_id = ? AND key_id = ?", ownerID, keyID).Get(key)
+		if err != nil {
+			return "", err
+		} else if !has {
+			return "", ErrGPGKeyNotExist{}
 		}
-	}
 
-	signer, err := hashAndVerifyWithSubKeys(sig, token, key)
-	if err != nil {
-		return "", ErrGPGInvalidTokenSignature{
-			ID:      key.KeyID,
-			Wrapped: err,
+		if err := key.LoadSubKeys(ctx); err != nil {
+			return "", err
 		}
-	}
-	if signer == nil {
-		signer, err = hashAndVerifyWithSubKeys(sig, token+"\n", key)
+
+		sig, err := ExtractSignature(signature)
 		if err != nil {
 			return "", ErrGPGInvalidTokenSignature{
 				ID:      key.KeyID,
 				Wrapped: err,
 			}
 		}
-	}
-	if signer == nil {
-		signer, err = hashAndVerifyWithSubKeys(sig, token+"\n\n", key)
+
+		signer, err := hashAndVerifyWithSubKeys(sig, token, key)
 		if err != nil {
 			return "", ErrGPGInvalidTokenSignature{
 				ID:      key.KeyID,
 				Wrapped: err,
 			}
 		}
-	}
-
-	if signer == nil {
-		log.Error("Unable to validate token signature. Error: %v", err)
-		return "", ErrGPGInvalidTokenSignature{
-			ID: key.KeyID,
+		if signer == nil {
+			signer, err = hashAndVerifyWithSubKeys(sig, token+"\n", key)
+			if err != nil {
+				return "", ErrGPGInvalidTokenSignature{
+					ID:      key.KeyID,
+					Wrapped: err,
+				}
+			}
+		}
+		if signer == nil {
+			signer, err = hashAndVerifyWithSubKeys(sig, token+"\n\n", key)
+			if err != nil {
+				return "", ErrGPGInvalidTokenSignature{
+					ID:      key.KeyID,
+					Wrapped: err,
+				}
+			}
 		}
-	}
 
-	if signer.PrimaryKeyID != key.KeyID && signer.KeyID != key.KeyID {
-		return "", ErrGPGKeyNotExist{}
-	}
+		if signer == nil {
+			log.Debug("VerifyGPGKey failed: no signer")
+			return "", ErrGPGInvalidTokenSignature{
+				ID: key.KeyID,
+			}
+		}
 
-	key.Verified = true
-	if _, err := db.GetEngine(ctx).ID(key.ID).SetExpr("verified", true).Update(new(GPGKey)); err != nil {
-		return "", err
-	}
+		if signer.PrimaryKeyID != key.KeyID && signer.KeyID != key.KeyID {
+			return "", ErrGPGKeyNotExist{}
+		}
 
-	if err := committer.Commit(); err != nil {
-		return "", err
-	}
+		key.Verified = true
+		if _, err := db.GetEngine(ctx).ID(key.ID).SetExpr("verified", true).Update(new(GPGKey)); err != nil {
+			return "", err
+		}
 
-	return key.KeyID, nil
+		return key.KeyID, nil
+	})
 }
 
 // VerificationToken returns token for the user that will be valid in minutes (time)
diff --git a/models/asymkey/ssh_key.go b/models/asymkey/ssh_key.go
index 7a18732c32..87205f0651 100644
--- a/models/asymkey/ssh_key.go
+++ b/models/asymkey/ssh_key.go
@@ -99,40 +99,36 @@ func AddPublicKey(ctx context.Context, ownerID int64, name, content string, auth
 		return nil, err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	if err := checkKeyFingerprint(ctx, fingerprint); err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*PublicKey, error) {
+		if err := checkKeyFingerprint(ctx, fingerprint); err != nil {
+			return nil, err
+		}
 
-	// Key name of same user cannot be duplicated.
-	has, err := db.GetEngine(ctx).
-		Where("owner_id = ? AND name = ?", ownerID, name).
-		Get(new(PublicKey))
-	if err != nil {
-		return nil, err
-	} else if has {
-		return nil, ErrKeyNameAlreadyUsed{ownerID, name}
-	}
+		// Key name of same user cannot be duplicated.
+		has, err := db.GetEngine(ctx).
+			Where("owner_id = ? AND name = ?", ownerID, name).
+			Get(new(PublicKey))
+		if err != nil {
+			return nil, err
+		} else if has {
+			return nil, ErrKeyNameAlreadyUsed{ownerID, name}
+		}
 
-	key := &PublicKey{
-		OwnerID:       ownerID,
-		Name:          name,
-		Fingerprint:   fingerprint,
-		Content:       content,
-		Mode:          perm.AccessModeWrite,
-		Type:          KeyTypeUser,
-		LoginSourceID: authSourceID,
-	}
-	if err = addKey(ctx, key); err != nil {
-		return nil, fmt.Errorf("addKey: %w", err)
-	}
+		key := &PublicKey{
+			OwnerID:       ownerID,
+			Name:          name,
+			Fingerprint:   fingerprint,
+			Content:       content,
+			Mode:          perm.AccessModeWrite,
+			Type:          KeyTypeUser,
+			LoginSourceID: authSourceID,
+		}
+		if err = addKey(ctx, key); err != nil {
+			return nil, fmt.Errorf("addKey: %w", err)
+		}
 
-	return key, committer.Commit()
+		return key, nil
+	})
 }
 
 // GetPublicKeyByID returns public key by given ID.
@@ -288,33 +284,24 @@ func PublicKeyIsExternallyManaged(ctx context.Context, id int64) (bool, error) {
 
 // deleteKeysMarkedForDeletion returns true if ssh keys needs update
 func deleteKeysMarkedForDeletion(ctx context.Context, keys []string) (bool, error) {
-	// Start session
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return false, err
-	}
-	defer committer.Close()
-
-	// Delete keys marked for deletion
-	var sshKeysNeedUpdate bool
-	for _, KeyToDelete := range keys {
-		key, err := SearchPublicKeyByContent(ctx, KeyToDelete)
-		if err != nil {
-			log.Error("SearchPublicKeyByContent: %v", err)
-			continue
-		}
-		if _, err = db.DeleteByID[PublicKey](ctx, key.ID); err != nil {
-			log.Error("DeleteByID[PublicKey]: %v", err)
-			continue
+	return db.WithTx2(ctx, func(ctx context.Context) (bool, error) {
+		// Delete keys marked for deletion
+		var sshKeysNeedUpdate bool
+		for _, KeyToDelete := range keys {
+			key, err := SearchPublicKeyByContent(ctx, KeyToDelete)
+			if err != nil {
+				log.Error("SearchPublicKeyByContent: %v", err)
+				continue
+			}
+			if _, err = db.DeleteByID[PublicKey](ctx, key.ID); err != nil {
+				log.Error("DeleteByID[PublicKey]: %v", err)
+				continue
+			}
+			sshKeysNeedUpdate = true
 		}
-		sshKeysNeedUpdate = true
-	}
 
-	if err := committer.Commit(); err != nil {
-		return false, err
-	}
-
-	return sshKeysNeedUpdate, nil
+		return sshKeysNeedUpdate, nil
+	})
 }
 
 // AddPublicKeysBySource add a users public keys. Returns true if there are changes.
@@ -355,13 +342,13 @@ func AddPublicKeysBySource(ctx context.Context, usr *user_model.User, s *auth.So
 	return sshKeysNeedUpdate
 }
 
-// SynchronizePublicKeys updates a users public keys. Returns true if there are changes.
+// SynchronizePublicKeys updates a user's public keys. Returns true if there are changes.
 func SynchronizePublicKeys(ctx context.Context, usr *user_model.User, s *auth.Source, sshPublicKeys []string) bool {
 	var sshKeysNeedUpdate bool
 
 	log.Trace("synchronizePublicKeys[%s]: Handling Public SSH Key synchronization for user %s", s.Name, usr.Name)
 
-	// Get Public Keys from DB with current LDAP source
+	// Get Public Keys from DB with the current auth source
 	var giteaKeys []string
 	keys, err := db.Find[PublicKey](ctx, FindPublicKeyOptions{
 		OwnerID:       usr.ID,
diff --git a/models/asymkey/ssh_key_commit_verification.go b/models/asymkey/ssh_key_commit_verification.go
deleted file mode 100644
index 27c6df3578..0000000000
--- a/models/asymkey/ssh_key_commit_verification.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// Copyright 2021 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package asymkey
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"strings"
-
-	"code.gitea.io/gitea/models/db"
-	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/log"
-
-	"github.com/42wim/sshsig"
-)
-
-// ParseCommitWithSSHSignature check if signature is good against keystore.
-func ParseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committer *user_model.User) *CommitVerification {
-	// Now try to associate the signature with the committer, if present
-	if committer.ID != 0 {
-		keys, err := db.Find[PublicKey](ctx, FindPublicKeyOptions{
-			OwnerID:    committer.ID,
-			NotKeytype: KeyTypePrincipal,
-		})
-		if err != nil { // Skipping failed to get ssh keys of user
-			log.Error("ListPublicKeys: %v", err)
-			return &CommitVerification{
-				CommittingUser: committer,
-				Verified:       false,
-				Reason:         "gpg.error.failed_retrieval_gpg_keys",
-			}
-		}
-
-		committerEmailAddresses, err := user_model.GetEmailAddresses(ctx, committer.ID)
-		if err != nil {
-			log.Error("GetEmailAddresses: %v", err)
-		}
-
-		activated := false
-		for _, e := range committerEmailAddresses {
-			if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {
-				activated = true
-				break
-			}
-		}
-
-		for _, k := range keys {
-			if k.Verified && activated {
-				commitVerification := verifySSHCommitVerification(c.Signature.Signature, c.Signature.Payload, k, committer, committer, c.Committer.Email)
-				if commitVerification != nil {
-					return commitVerification
-				}
-			}
-		}
-	}
-
-	return &CommitVerification{
-		CommittingUser: committer,
-		Verified:       false,
-		Reason:         NoKeyFound,
-	}
-}
-
-func verifySSHCommitVerification(sig, payload string, k *PublicKey, committer, signer *user_model.User, email string) *CommitVerification {
-	if err := sshsig.Verify(bytes.NewBuffer([]byte(payload)), []byte(sig), []byte(k.Content), "git"); err != nil {
-		return nil
-	}
-
-	return &CommitVerification{ // Everything is ok
-		CommittingUser: committer,
-		Verified:       true,
-		Reason:         fmt.Sprintf("%s / %s", signer.Name, k.Fingerprint),
-		SigningUser:    signer,
-		SigningSSHKey:  k,
-		SigningEmail:   email,
-	}
-}
diff --git a/models/asymkey/ssh_key_deploy.go b/models/asymkey/ssh_key_deploy.go
index 923c5020ed..4ab84eabcf 100644
--- a/models/asymkey/ssh_key_deploy.go
+++ b/models/asymkey/ssh_key_deploy.go
@@ -125,39 +125,35 @@ func AddDeployKey(ctx context.Context, repoID int64, name, content string, readO
 		accessMode = perm.AccessModeWrite
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	pkey, exist, err := db.Get[PublicKey](ctx, builder.Eq{"fingerprint": fingerprint})
-	if err != nil {
-		return nil, err
-	} else if exist {
-		if pkey.Type != KeyTypeDeploy {
-			return nil, ErrKeyAlreadyExist{0, fingerprint, ""}
-		}
-	} else {
-		// First time use this deploy key.
-		pkey = &PublicKey{
-			Fingerprint: fingerprint,
-			Mode:        accessMode,
-			Type:        KeyTypeDeploy,
-			Content:     content,
-			Name:        name,
+	return db.WithTx2(ctx, func(ctx context.Context) (*DeployKey, error) {
+		pkey, exist, err := db.Get[PublicKey](ctx, builder.Eq{"fingerprint": fingerprint})
+		if err != nil {
+			return nil, err
+		} else if exist {
+			if pkey.Type != KeyTypeDeploy {
+				return nil, ErrKeyAlreadyExist{0, fingerprint, ""}
+			}
+		} else {
+			// First time use this deploy key.
+			pkey = &PublicKey{
+				Fingerprint: fingerprint,
+				Mode:        accessMode,
+				Type:        KeyTypeDeploy,
+				Content:     content,
+				Name:        name,
+			}
+			if err = addKey(ctx, pkey); err != nil {
+				return nil, fmt.Errorf("addKey: %w", err)
+			}
 		}
-		if err = addKey(ctx, pkey); err != nil {
-			return nil, fmt.Errorf("addKey: %w", err)
-		}
-	}
 
-	key, err := addDeployKey(ctx, pkey.ID, repoID, name, pkey.Fingerprint, accessMode)
-	if err != nil {
-		return nil, err
-	}
+		key, err := addDeployKey(ctx, pkey.ID, repoID, name, pkey.Fingerprint, accessMode)
+		if err != nil {
+			return nil, err
+		}
 
-	return key, committer.Commit()
+		return key, nil
+	})
 }
 
 // GetDeployKeyByID returns deploy key by given ID.
diff --git a/models/asymkey/ssh_key_fingerprint.go b/models/asymkey/ssh_key_fingerprint.go
index 1ed3b5df2a..b666469ae8 100644
--- a/models/asymkey/ssh_key_fingerprint.go
+++ b/models/asymkey/ssh_key_fingerprint.go
@@ -6,30 +6,16 @@ package asymkey
 import (
 	"context"
 	"fmt"
-	"strings"
 
 	"code.gitea.io/gitea/models/db"
-	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/process"
-	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
 
 	"golang.org/x/crypto/ssh"
 	"xorm.io/builder"
 )
 
-// ___________.__                                         .__        __
-// \_   _____/|__| ____    ____   ________________________|__| _____/  |_
-//  |    __)  |  |/    \  / ___\_/ __ \_  __ \____ \_  __ \  |/    \   __\
-//  |     \   |  |   |  \/ /_/  >  ___/|  | \/  |_> >  | \/  |   |  \  |
-//  \___  /   |__|___|  /\___  / \___  >__|  |   __/|__|  |__|___|  /__|
-//      \/            \//_____/      \/      |__|                 \/
-//
-// This file contains functions for fingerprinting SSH keys
-//
-// The database is used in checkKeyFingerprint however most of these functions probably belong in a module
+// The database is used in checkKeyFingerprint. However, most of these functions probably belong in a module
 
-// checkKeyFingerprint only checks if key fingerprint has been used as public key,
+// checkKeyFingerprint only checks if key fingerprint has been used as a public key,
 // it is OK to use same key as deploy key for multiple repositories/users.
 func checkKeyFingerprint(ctx context.Context, fingerprint string) error {
 	has, err := db.Exist[PublicKey](ctx, builder.Eq{"fingerprint": fingerprint})
@@ -41,29 +27,6 @@ func checkKeyFingerprint(ctx context.Context, fingerprint string) error {
 	return nil
 }
 
-func calcFingerprintSSHKeygen(publicKeyContent string) (string, error) {
-	// Calculate fingerprint.
-	tmpPath, err := writeTmpKeyFile(publicKeyContent)
-	if err != nil {
-		return "", err
-	}
-	defer func() {
-		if err := util.Remove(tmpPath); err != nil {
-			log.Warn("Unable to remove temporary key file: %s: Error: %v", tmpPath, err)
-		}
-	}()
-	stdout, stderr, err := process.GetManager().Exec("AddPublicKey", "ssh-keygen", "-lf", tmpPath)
-	if err != nil {
-		if strings.Contains(stderr, "is not a public key file") {
-			return "", ErrKeyUnableVerify{stderr}
-		}
-		return "", util.NewInvalidArgumentErrorf("'ssh-keygen -lf %s' failed with error '%s': %s", tmpPath, err, stderr)
-	} else if len(stdout) < 2 {
-		return "", util.NewInvalidArgumentErrorf("not enough output for calculating fingerprint: %s", stdout)
-	}
-	return strings.Split(stdout, " ")[1], nil
-}
-
 func calcFingerprintNative(publicKeyContent string) (string, error) {
 	// Calculate fingerprint.
 	pk, _, _, _, err := ssh.ParseAuthorizedKey([]byte(publicKeyContent))
@@ -75,15 +38,12 @@ func calcFingerprintNative(publicKeyContent string) (string, error) {
 
 // CalcFingerprint calculate public key's fingerprint
 func CalcFingerprint(publicKeyContent string) (string, error) {
-	// Call the method based on configuration
-	useNative := setting.SSH.KeygenPath == ""
-	calcFn := util.Iif(useNative, calcFingerprintNative, calcFingerprintSSHKeygen)
-	fp, err := calcFn(publicKeyContent)
+	fp, err := calcFingerprintNative(publicKeyContent)
 	if err != nil {
 		if IsErrKeyUnableVerify(err) {
 			return "", err
 		}
-		return "", fmt.Errorf("CalcFingerprint(%s): %w", util.Iif(useNative, "native", "ssh-keygen"), err)
+		return "", fmt.Errorf("CalcFingerprint: %w", err)
 	}
 	return fp, nil
 }
diff --git a/models/asymkey/ssh_key_parse.go b/models/asymkey/ssh_key_parse.go
index 94b1cf112b..fc39f28624 100644
--- a/models/asymkey/ssh_key_parse.go
+++ b/models/asymkey/ssh_key_parse.go
@@ -10,14 +10,12 @@ import (
 	"encoding/base64"
 	"encoding/binary"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"math/big"
-	"os"
-	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 
@@ -93,7 +91,7 @@ func parseKeyString(content string) (string, error) {
 
 			block, _ := pem.Decode([]byte(content))
 			if block == nil {
-				return "", fmt.Errorf("failed to parse PEM block containing the public key")
+				return "", errors.New("failed to parse PEM block containing the public key")
 			}
 			if strings.Contains(block.Type, "PRIVATE") {
 				return "", ErrKeyIsPrivate
@@ -174,20 +172,9 @@ func CheckPublicKeyString(content string) (_ string, err error) {
 		return content, nil
 	}
 
-	var (
-		fnName  string
-		keyType string
-		length  int
-	)
-	if len(setting.SSH.KeygenPath) == 0 {
-		fnName = "SSHNativeParsePublicKey"
-		keyType, length, err = SSHNativeParsePublicKey(content)
-	} else {
-		fnName = "SSHKeyGenParsePublicKey"
-		keyType, length, err = SSHKeyGenParsePublicKey(content)
-	}
+	keyType, length, err := SSHNativeParsePublicKey(content)
 	if err != nil {
-		return "", fmt.Errorf("%s: %w", fnName, err)
+		return "", fmt.Errorf("SSHNativeParsePublicKey: %w", err)
 	}
 	log.Trace("Key info [native: %v]: %s-%d", setting.SSH.StartBuiltinServer, keyType, length)
 
@@ -221,7 +208,7 @@ func SSHNativeParsePublicKey(keyLine string) (string, int, error) {
 
 	// The ssh library can parse the key, so next we find out what key exactly we have.
 	switch pkey.Type() {
-	case ssh.KeyAlgoDSA:
+	case ssh.KeyAlgoDSA: //nolint:staticcheck // it's deprecated
 		rawPub := struct {
 			Name       string
 			P, Q, G, Y *big.Int
@@ -257,56 +244,3 @@ func SSHNativeParsePublicKey(keyLine string) (string, int, error) {
 	}
 	return "", 0, fmt.Errorf("unsupported key length detection for type: %s", pkey.Type())
 }
-
-// writeTmpKeyFile writes key content to a temporary file
-// and returns the name of that file, along with any possible errors.
-func writeTmpKeyFile(content string) (string, error) {
-	tmpFile, err := os.CreateTemp(setting.SSH.KeyTestPath, "gitea_keytest")
-	if err != nil {
-		return "", fmt.Errorf("TempFile: %w", err)
-	}
-	defer tmpFile.Close()
-
-	if _, err = tmpFile.WriteString(content); err != nil {
-		return "", fmt.Errorf("WriteString: %w", err)
-	}
-	return tmpFile.Name(), nil
-}
-
-// SSHKeyGenParsePublicKey extracts key type and length using ssh-keygen.
-func SSHKeyGenParsePublicKey(key string) (string, int, error) {
-	tmpName, err := writeTmpKeyFile(key)
-	if err != nil {
-		return "", 0, fmt.Errorf("writeTmpKeyFile: %w", err)
-	}
-	defer func() {
-		if err := util.Remove(tmpName); err != nil {
-			log.Warn("Unable to remove temporary key file: %s: Error: %v", tmpName, err)
-		}
-	}()
-
-	keygenPath := setting.SSH.KeygenPath
-	if len(keygenPath) == 0 {
-		keygenPath = "ssh-keygen"
-	}
-
-	stdout, stderr, err := process.GetManager().Exec("SSHKeyGenParsePublicKey", keygenPath, "-lf", tmpName)
-	if err != nil {
-		return "", 0, fmt.Errorf("fail to parse public key: %s - %s", err, stderr)
-	}
-	if strings.Contains(stdout, "is not a public key file") {
-		return "", 0, ErrKeyUnableVerify{stdout}
-	}
-
-	fields := strings.Split(stdout, " ")
-	if len(fields) < 4 {
-		return "", 0, fmt.Errorf("invalid public key line: %s", stdout)
-	}
-
-	keyType := strings.Trim(fields[len(fields)-1], "()\r\n")
-	length, err := strconv.ParseInt(fields[0], 10, 32)
-	if err != nil {
-		return "", 0, err
-	}
-	return strings.ToLower(keyType), int(length), nil
-}
diff --git a/models/asymkey/ssh_key_test.go b/models/asymkey/ssh_key_test.go
index 3650f1892f..21e4ddf62e 100644
--- a/models/asymkey/ssh_key_test.go
+++ b/models/asymkey/ssh_key_test.go
@@ -42,29 +42,7 @@ func Test_SSHParsePublicKey(t *testing.T) {
 				keyTypeN, lengthN, err := SSHNativeParsePublicKey(tc.content)
 				assert.NoError(t, err)
 				assert.Equal(t, tc.keyType, keyTypeN)
-				assert.EqualValues(t, tc.length, lengthN)
-			})
-			if tc.skipSSHKeygen {
-				return
-			}
-			t.Run("SSHKeygen", func(t *testing.T) {
-				keyTypeK, lengthK, err := SSHKeyGenParsePublicKey(tc.content)
-				if err != nil {
-					// Some servers do not support ecdsa format.
-					if !strings.Contains(err.Error(), "line 1 too long:") {
-						assert.FailNow(t, "%v", err)
-					}
-				}
-				assert.Equal(t, tc.keyType, keyTypeK)
-				assert.EqualValues(t, tc.length, lengthK)
-			})
-			t.Run("SSHParseKeyNative", func(t *testing.T) {
-				keyTypeK, lengthK, err := SSHNativeParsePublicKey(tc.content)
-				if err != nil {
-					assert.FailNow(t, "%v", err)
-				}
-				assert.Equal(t, tc.keyType, keyTypeK)
-				assert.EqualValues(t, tc.length, lengthK)
+				assert.Equal(t, tc.length, lengthN)
 			})
 		})
 	}
@@ -186,14 +164,6 @@ func Test_calcFingerprint(t *testing.T) {
 				assert.NoError(t, err)
 				assert.Equal(t, tc.fp, fpN)
 			})
-			if tc.skipSSHKeygen {
-				return
-			}
-			t.Run("SSHKeygen", func(t *testing.T) {
-				fpK, err := calcFingerprintSSHKeygen(tc.content)
-				assert.NoError(t, err)
-				assert.Equal(t, tc.fp, fpK)
-			})
 		})
 	}
 }
diff --git a/models/asymkey/ssh_key_verify.go b/models/asymkey/ssh_key_verify.go
index 208288c77b..04917239ee 100644
--- a/models/asymkey/ssh_key_verify.go
+++ b/models/asymkey/ssh_key_verify.go
@@ -4,8 +4,8 @@
 package asymkey
 
 import (
-	"bytes"
 	"context"
+	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/log"
@@ -15,41 +15,33 @@ import (
 
 // VerifySSHKey marks a SSH key as verified
 func VerifySSHKey(ctx context.Context, ownerID int64, fingerprint, token, signature string) (string, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return "", err
-	}
-	defer committer.Close()
-
-	key := new(PublicKey)
-
-	has, err := db.GetEngine(ctx).Where("owner_id = ? AND fingerprint = ?", ownerID, fingerprint).Get(key)
-	if err != nil {
-		return "", err
-	} else if !has {
-		return "", ErrKeyNotExist{}
-	}
-
-	err = sshsig.Verify(bytes.NewBuffer([]byte(token)), []byte(signature), []byte(key.Content), "gitea")
-	if err != nil {
-		// edge case for Windows based shells that will add CR LF if piped to ssh-keygen command
-		// see https://github.com/PowerShell/PowerShell/issues/5974
-		if sshsig.Verify(bytes.NewBuffer([]byte(token+"\r\n")), []byte(signature), []byte(key.Content), "gitea") != nil {
-			log.Error("Unable to validate token signature. Error: %v", err)
-			return "", ErrSSHInvalidTokenSignature{
-				Fingerprint: key.Fingerprint,
-			}
+	return db.WithTx2(ctx, func(ctx context.Context) (string, error) {
+		key := new(PublicKey)
+
+		has, err := db.GetEngine(ctx).Where("owner_id = ? AND fingerprint = ?", ownerID, fingerprint).Get(key)
+		if err != nil {
+			return "", err
+		} else if !has {
+			return "", ErrKeyNotExist{}
 		}
-	}
 
-	key.Verified = true
-	if _, err := db.GetEngine(ctx).ID(key.ID).Cols("verified").Update(key); err != nil {
-		return "", err
-	}
+		err = sshsig.Verify(strings.NewReader(token), []byte(signature), []byte(key.Content), "gitea")
+		if err != nil {
+			// edge case for Windows based shells that will add CR LF if piped to ssh-keygen command
+			// see https://github.com/PowerShell/PowerShell/issues/5974
+			if sshsig.Verify(strings.NewReader(token+"\r\n"), []byte(signature), []byte(key.Content), "gitea") != nil {
+				log.Debug("VerifySSHKey sshsig.Verify failed: %v", err)
+				return "", ErrSSHInvalidTokenSignature{
+					Fingerprint: key.Fingerprint,
+				}
+			}
+		}
 
-	if err := committer.Commit(); err != nil {
-		return "", err
-	}
+		key.Verified = true
+		if _, err := db.GetEngine(ctx).ID(key.ID).Cols("verified").Update(key); err != nil {
+			return "", err
+		}
 
-	return key.Fingerprint, nil
+		return key.Fingerprint, nil
+	})
 }
diff --git a/models/auth/access_token_scope.go b/models/auth/access_token_scope.go
index 0e5b2e96e6..3eae19b2a5 100644
--- a/models/auth/access_token_scope.go
+++ b/models/auth/access_token_scope.go
@@ -213,12 +213,7 @@ func GetRequiredScopes(level AccessTokenScopeLevel, scopeCategories ...AccessTok
 
 // ContainsCategory checks if a list of categories contains a specific category
 func ContainsCategory(categories []AccessTokenScopeCategory, category AccessTokenScopeCategory) bool {
-	for _, c := range categories {
-		if c == category {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(categories, category)
 }
 
 // GetScopeLevelFromAccessMode converts permission access mode to scope level
@@ -295,6 +290,10 @@ func (s AccessTokenScope) Normalize() (AccessTokenScope, error) {
 	return bitmap.toScope(), nil
 }
 
+func (s AccessTokenScope) HasPermissionScope() bool {
+	return s != "" && s != AccessTokenScopePublicOnly
+}
+
 // PublicOnly checks if this token scope is limited to public resources
 func (s AccessTokenScope) PublicOnly() (bool, error) {
 	bitmap, err := s.parse()
diff --git a/models/auth/access_token_scope_test.go b/models/auth/access_token_scope_test.go
index 9e4aa83633..b93c25528f 100644
--- a/models/auth/access_token_scope_test.go
+++ b/models/auth/access_token_scope_test.go
@@ -28,11 +28,11 @@ func TestAccessTokenScope_Normalize(t *testing.T) {
 
 	for _, scope := range GetAccessTokenCategories() {
 		tests = append(tests,
-			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%s", scope)), AccessTokenScope(fmt.Sprintf("read:%s", scope)), nil},
-			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("write:%s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
-			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("write:%[1]s,read:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
-			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
-			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s,write:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
+			scopeTestNormalize{AccessTokenScope("read:" + scope), AccessTokenScope("read:" + scope), nil},
+			scopeTestNormalize{AccessTokenScope("write:" + scope), AccessTokenScope("write:" + scope), nil},
+			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("write:%[1]s,read:%[1]s", scope)), AccessTokenScope("write:" + scope), nil},
+			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s", scope)), AccessTokenScope("write:" + scope), nil},
+			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s,write:%[1]s", scope)), AccessTokenScope("write:" + scope), nil},
 		)
 	}
 
@@ -63,20 +63,20 @@ func TestAccessTokenScope_HasScope(t *testing.T) {
 	for _, scope := range GetAccessTokenCategories() {
 		tests = append(tests,
 			scopeTestHasScope{
-				AccessTokenScope(fmt.Sprintf("read:%s", scope)),
-				AccessTokenScope(fmt.Sprintf("read:%s", scope)), true, nil,
+				AccessTokenScope("read:" + scope),
+				AccessTokenScope("read:" + scope), true, nil,
 			},
 			scopeTestHasScope{
-				AccessTokenScope(fmt.Sprintf("write:%s", scope)),
-				AccessTokenScope(fmt.Sprintf("write:%s", scope)), true, nil,
+				AccessTokenScope("write:" + scope),
+				AccessTokenScope("write:" + scope), true, nil,
 			},
 			scopeTestHasScope{
-				AccessTokenScope(fmt.Sprintf("write:%s", scope)),
-				AccessTokenScope(fmt.Sprintf("read:%s", scope)), true, nil,
+				AccessTokenScope("write:" + scope),
+				AccessTokenScope("read:" + scope), true, nil,
 			},
 			scopeTestHasScope{
-				AccessTokenScope(fmt.Sprintf("read:%s", scope)),
-				AccessTokenScope(fmt.Sprintf("write:%s", scope)), false, nil,
+				AccessTokenScope("read:" + scope),
+				AccessTokenScope("write:" + scope), false, nil,
 			},
 		)
 	}
diff --git a/models/auth/auth_token.go b/models/auth/auth_token.go
index 81f07d1a83..54ff5a0d75 100644
--- a/models/auth/auth_token.go
+++ b/models/auth/auth_token.go
@@ -15,7 +15,7 @@ import (
 
 var ErrAuthTokenNotExist = util.NewNotExistErrorf("auth token does not exist")
 
-type AuthToken struct { //nolint:revive
+type AuthToken struct { //nolint:revive // export stutter
 	ID          string `xorm:"pk"`
 	TokenHash   string
 	UserID      int64              `xorm:"INDEX"`
diff --git a/models/auth/oauth2.go b/models/auth/oauth2.go
index c270e4856e..d664841306 100644
--- a/models/auth/oauth2.go
+++ b/models/auth/oauth2.go
@@ -12,6 +12,7 @@ import (
 	"fmt"
 	"net"
 	"net/url"
+	"slices"
 	"strings"
 
 	"code.gitea.io/gitea/models/db"
@@ -288,35 +289,31 @@ type UpdateOAuth2ApplicationOptions struct {
 
 // UpdateOAuth2Application updates an oauth2 application
 func UpdateOAuth2Application(ctx context.Context, opts UpdateOAuth2ApplicationOptions) (*OAuth2Application, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	app, err := GetOAuth2ApplicationByID(ctx, opts.ID)
-	if err != nil {
-		return nil, err
-	}
-	if app.UID != opts.UserID {
-		return nil, errors.New("UID mismatch")
-	}
-	builtinApps := BuiltinApplications()
-	if _, builtin := builtinApps[app.ClientID]; builtin {
-		return nil, fmt.Errorf("failed to edit OAuth2 application: application is locked: %s", app.ClientID)
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*OAuth2Application, error) {
+		app, err := GetOAuth2ApplicationByID(ctx, opts.ID)
+		if err != nil {
+			return nil, err
+		}
+		if app.UID != opts.UserID {
+			return nil, errors.New("UID mismatch")
+		}
+		builtinApps := BuiltinApplications()
+		if _, builtin := builtinApps[app.ClientID]; builtin {
+			return nil, fmt.Errorf("failed to edit OAuth2 application: application is locked: %s", app.ClientID)
+		}
 
-	app.Name = opts.Name
-	app.RedirectURIs = opts.RedirectURIs
-	app.ConfidentialClient = opts.ConfidentialClient
-	app.SkipSecondaryAuthorization = opts.SkipSecondaryAuthorization
+		app.Name = opts.Name
+		app.RedirectURIs = opts.RedirectURIs
+		app.ConfidentialClient = opts.ConfidentialClient
+		app.SkipSecondaryAuthorization = opts.SkipSecondaryAuthorization
 
-	if err = updateOAuth2Application(ctx, app); err != nil {
-		return nil, err
-	}
-	app.ClientSecret = ""
+		if err = updateOAuth2Application(ctx, app); err != nil {
+			return nil, err
+		}
+		app.ClientSecret = ""
 
-	return app, committer.Commit()
+		return app, nil
+	})
 }
 
 func updateOAuth2Application(ctx context.Context, app *OAuth2Application) error {
@@ -357,23 +354,17 @@ func deleteOAuth2Application(ctx context.Context, id, userid int64) error {
 
 // DeleteOAuth2Application deletes the application with the given id and the grants and auth codes related to it. It checks if the userid was the creator of the app.
 func DeleteOAuth2Application(ctx context.Context, id, userid int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	app, err := GetOAuth2ApplicationByID(ctx, id)
-	if err != nil {
-		return err
-	}
-	builtinApps := BuiltinApplications()
-	if _, builtin := builtinApps[app.ClientID]; builtin {
-		return fmt.Errorf("failed to delete OAuth2 application: application is locked: %s", app.ClientID)
-	}
-	if err := deleteOAuth2Application(ctx, id, userid); err != nil {
-		return err
-	}
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		app, err := GetOAuth2ApplicationByID(ctx, id)
+		if err != nil {
+			return err
+		}
+		builtinApps := BuiltinApplications()
+		if _, builtin := builtinApps[app.ClientID]; builtin {
+			return fmt.Errorf("failed to delete OAuth2 application: application is locked: %s", app.ClientID)
+		}
+		return deleteOAuth2Application(ctx, id, userid)
+	})
 }
 
 //////////////////////////////////////////////////////
@@ -511,12 +502,7 @@ func (grant *OAuth2Grant) IncreaseCounter(ctx context.Context) error {
 
 // ScopeContains returns true if the grant scope contains the specified scope
 func (grant *OAuth2Grant) ScopeContains(scope string) bool {
-	for _, currentScope := range strings.Split(grant.Scope, " ") {
-		if scope == currentScope {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(strings.Split(grant.Scope, " "), scope)
 }
 
 // SetNonce updates the current nonce value of a grant
@@ -616,8 +602,8 @@ func (err ErrOAuthApplicationNotFound) Unwrap() error {
 	return util.ErrNotExist
 }
 
-// GetActiveOAuth2SourceByName returns a OAuth2 AuthSource based on the given name
-func GetActiveOAuth2SourceByName(ctx context.Context, name string) (*Source, error) {
+// GetActiveOAuth2SourceByAuthName returns a OAuth2 AuthSource based on the given name
+func GetActiveOAuth2SourceByAuthName(ctx context.Context, name string) (*Source, error) {
 	authSource := new(Source)
 	has, err := db.GetEngine(ctx).Where("name = ? and type = ? and is_active = ?", name, OAuth2, true).Get(authSource)
 	if err != nil {
diff --git a/models/auth/oauth2_test.go b/models/auth/oauth2_test.go
index fa89a58b14..c6626b283e 100644
--- a/models/auth/oauth2_test.go
+++ b/models/auth/oauth2_test.go
@@ -126,7 +126,7 @@ func TestOAuth2Application_CreateGrant(t *testing.T) {
 	assert.NotNil(t, grant)
 	assert.Equal(t, int64(2), grant.UserID)
 	assert.Equal(t, int64(1), grant.ApplicationID)
-	assert.Equal(t, "", grant.Scope)
+	assert.Empty(t, grant.Scope)
 }
 
 //////////////////// Grant
diff --git a/models/auth/session.go b/models/auth/session.go
index 75a205f702..0378d0ec6f 100644
--- a/models/auth/session.go
+++ b/models/auth/session.go
@@ -35,26 +35,22 @@ func UpdateSession(ctx context.Context, key string, data []byte) error {
 
 // ReadSession reads the data for the provided session
 func ReadSession(ctx context.Context, key string) (*Session, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	session, exist, err := db.Get[Session](ctx, builder.Eq{"`key`": key})
-	if err != nil {
-		return nil, err
-	} else if !exist {
-		session = &Session{
-			Key:    key,
-			Expiry: timeutil.TimeStampNow(),
-		}
-		if err := db.Insert(ctx, session); err != nil {
+	return db.WithTx2(ctx, func(ctx context.Context) (*Session, error) {
+		session, exist, err := db.Get[Session](ctx, builder.Eq{"`key`": key})
+		if err != nil {
 			return nil, err
+		} else if !exist {
+			session = &Session{
+				Key:    key,
+				Expiry: timeutil.TimeStampNow(),
+			}
+			if err := db.Insert(ctx, session); err != nil {
+				return nil, err
+			}
 		}
-	}
 
-	return session, committer.Commit()
+		return session, nil
+	})
 }
 
 // ExistSession checks if a session exists
@@ -72,40 +68,36 @@ func DestroySession(ctx context.Context, key string) error {
 
 // RegenerateSession regenerates a session from the old id
 func RegenerateSession(ctx context.Context, oldKey, newKey string) (*Session, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": newKey}); err != nil {
-		return nil, err
-	} else if has {
-		return nil, fmt.Errorf("session Key: %s already exists", newKey)
-	}
-
-	if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": oldKey}); err != nil {
-		return nil, err
-	} else if !has {
-		if err := db.Insert(ctx, &Session{
-			Key:    oldKey,
-			Expiry: timeutil.TimeStampNow(),
-		}); err != nil {
+	return db.WithTx2(ctx, func(ctx context.Context) (*Session, error) {
+		if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": newKey}); err != nil {
+			return nil, err
+		} else if has {
+			return nil, fmt.Errorf("session Key: %s already exists", newKey)
+		}
+
+		if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": oldKey}); err != nil {
 			return nil, err
+		} else if !has {
+			if err := db.Insert(ctx, &Session{
+				Key:    oldKey,
+				Expiry: timeutil.TimeStampNow(),
+			}); err != nil {
+				return nil, err
+			}
 		}
-	}
 
-	if _, err := db.Exec(ctx, "UPDATE "+db.TableName(&Session{})+" SET `key` = ? WHERE `key`=?", newKey, oldKey); err != nil {
-		return nil, err
-	}
+		if _, err := db.Exec(ctx, "UPDATE "+db.TableName(&Session{})+" SET `key` = ? WHERE `key`=?", newKey, oldKey); err != nil {
+			return nil, err
+		}
 
-	s, _, err := db.Get[Session](ctx, builder.Eq{"`key`": newKey})
-	if err != nil {
-		// is not exist, it should be impossible
-		return nil, err
-	}
+		s, _, err := db.Get[Session](ctx, builder.Eq{"`key`": newKey})
+		if err != nil {
+			// is not exist, it should be impossible
+			return nil, err
+		}
 
-	return s, committer.Commit()
+		return s, nil
+	})
 }
 
 // CountSessions returns the number of sessions
diff --git a/models/auth/source.go b/models/auth/source.go
index a3a250cd91..08cfc9615b 100644
--- a/models/auth/source.go
+++ b/models/auth/source.go
@@ -58,6 +58,15 @@ var Names = map[Type]string{
 // Config represents login config as far as the db is concerned
 type Config interface {
 	convert.Conversion
+	SetAuthSource(*Source)
+}
+
+type ConfigBase struct {
+	AuthSource *Source
+}
+
+func (p *ConfigBase) SetAuthSource(s *Source) {
+	p.AuthSource = s
 }
 
 // SkipVerifiable configurations provide a IsSkipVerify to check if SkipVerify is set
@@ -104,19 +113,15 @@ func RegisterTypeConfig(typ Type, exemplar Config) {
 	}
 }
 
-// SourceSettable configurations can have their authSource set on them
-type SourceSettable interface {
-	SetAuthSource(*Source)
-}
-
 // Source represents an external way for authorizing users.
 type Source struct {
-	ID            int64 `xorm:"pk autoincr"`
-	Type          Type
-	Name          string             `xorm:"UNIQUE"`
-	IsActive      bool               `xorm:"INDEX NOT NULL DEFAULT false"`
-	IsSyncEnabled bool               `xorm:"INDEX NOT NULL DEFAULT false"`
-	Cfg           convert.Conversion `xorm:"TEXT"`
+	ID              int64 `xorm:"pk autoincr"`
+	Type            Type
+	Name            string `xorm:"UNIQUE"`
+	IsActive        bool   `xorm:"INDEX NOT NULL DEFAULT false"`
+	IsSyncEnabled   bool   `xorm:"INDEX NOT NULL DEFAULT false"`
+	TwoFactorPolicy string `xorm:"two_factor_policy NOT NULL DEFAULT ''"`
+	Cfg             Config `xorm:"TEXT"`
 
 	CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
 	UpdatedUnix timeutil.TimeStamp `xorm:"INDEX updated"`
@@ -140,9 +145,7 @@ func (source *Source) BeforeSet(colName string, val xorm.Cell) {
 			return
 		}
 		source.Cfg = constructor()
-		if settable, ok := source.Cfg.(SourceSettable); ok {
-			settable.SetAuthSource(source)
-		}
+		source.Cfg.SetAuthSource(source)
 	}
 }
 
@@ -200,6 +203,10 @@ func (source *Source) SkipVerify() bool {
 	return ok && skipVerifiable.IsSkipVerify()
 }
 
+func (source *Source) TwoFactorShouldSkip() bool {
+	return source.TwoFactorPolicy == "skip"
+}
+
 // CreateSource inserts a AuthSource in the DB if not already
 // existing with the given name.
 func CreateSource(ctx context.Context, source *Source) error {
@@ -223,9 +230,7 @@ func CreateSource(ctx context.Context, source *Source) error {
 		return nil
 	}
 
-	if settable, ok := source.Cfg.(SourceSettable); ok {
-		settable.SetAuthSource(source)
-	}
+	source.Cfg.SetAuthSource(source)
 
 	registerableSource, ok := source.Cfg.(RegisterableSource)
 	if !ok {
@@ -320,9 +325,7 @@ func UpdateSource(ctx context.Context, source *Source) error {
 		return nil
 	}
 
-	if settable, ok := source.Cfg.(SourceSettable); ok {
-		settable.SetAuthSource(source)
-	}
+	source.Cfg.SetAuthSource(source)
 
 	registerableSource, ok := source.Cfg.(RegisterableSource)
 	if !ok {
@@ -331,7 +334,7 @@ func UpdateSource(ctx context.Context, source *Source) error {
 
 	err = registerableSource.RegisterSource()
 	if err != nil {
-		// restore original values since we cannot update the provider it self
+		// restore original values since we cannot update the provider itself
 		if _, err := db.GetEngine(ctx).ID(source.ID).AllCols().Update(originalSource); err != nil {
 			log.Error("UpdateSource: Error while wrapOpenIDConnectInitializeError: %v", err)
 		}
diff --git a/models/auth/source_test.go b/models/auth/source_test.go
index 84aede0a6b..64c7460b64 100644
--- a/models/auth/source_test.go
+++ b/models/auth/source_test.go
@@ -19,6 +19,8 @@ import (
 )
 
 type TestSource struct {
+	auth_model.ConfigBase
+
 	Provider                      string
 	ClientID                      string
 	ClientSecret                  string
diff --git a/models/auth/twofactor.go b/models/auth/twofactor.go
index d0c341a192..200ce7c7c0 100644
--- a/models/auth/twofactor.go
+++ b/models/auth/twofactor.go
@@ -164,3 +164,13 @@ func DeleteTwoFactorByID(ctx context.Context, id, userID int64) error {
 	}
 	return nil
 }
+
+func HasTwoFactorOrWebAuthn(ctx context.Context, id int64) (bool, error) {
+	has, err := HasTwoFactorByUID(ctx, id)
+	if err != nil {
+		return false, err
+	} else if has {
+		return true, nil
+	}
+	return HasWebAuthnRegistrationsByUID(ctx, id)
+}
diff --git a/models/db/context.go b/models/db/context.go
index 4b98796ef0..ad99ada8c8 100644
--- a/models/db/context.go
+++ b/models/db/context.go
@@ -67,7 +67,7 @@ func contextSafetyCheck(e Engine) {
 		_ = e.SQL("SELECT 1").Iterate(&m{}, func(int, any) error {
 			callers := make([]uintptr, 32)
 			callerNum := runtime.Callers(1, callers)
-			for i := 0; i < callerNum; i++ {
+			for i := range callerNum {
 				if funcName := runtime.FuncForPC(callers[i]).Name(); funcName == "xorm.io/xorm.(*Session).Iterate" {
 					contextSafetyDeniedFuncPCs = append(contextSafetyDeniedFuncPCs, callers[i])
 				}
@@ -82,7 +82,7 @@ func contextSafetyCheck(e Engine) {
 	// it should be very fast: xxxx ns/op
 	callers := make([]uintptr, 32)
 	callerNum := runtime.Callers(3, callers) // skip 3: runtime.Callers, contextSafetyCheck, GetEngine
-	for i := 0; i < callerNum; i++ {
+	for i := range callerNum {
 		if slices.Contains(contextSafetyDeniedFuncPCs, callers[i]) {
 			panic(errors.New("using database context in an iterator would cause corrupted results"))
 		}
@@ -178,6 +178,15 @@ func WithTx(parentCtx context.Context, f func(ctx context.Context) error) error
 	return txWithNoCheck(parentCtx, f)
 }
 
+// WithTx2 is similar to WithTx, but it has two return values: result and error.
+func WithTx2[T any](parentCtx context.Context, f func(ctx context.Context) (T, error)) (ret T, errRet error) {
+	errRet = WithTx(parentCtx, func(ctx context.Context) (errInner error) {
+		ret, errInner = f(ctx)
+		return errInner
+	})
+	return ret, errRet
+}
+
 func txWithNoCheck(parentCtx context.Context, f func(ctx context.Context) error) error {
 	sess := xormEngine.NewSession()
 	defer sess.Close()
diff --git a/models/db/context_test.go b/models/db/context_test.go
index e8c6b74d93..a6bd11d2ae 100644
--- a/models/db/context_test.go
+++ b/models/db/context_test.go
@@ -118,7 +118,7 @@ func TestContextSafety(t *testing.T) {
 		})
 		return nil
 	})
-	assert.EqualValues(t, testCount, actualCount)
+	assert.Equal(t, testCount, actualCount)
 
 	// deny the bad usages
 	assert.PanicsWithError(t, "using database context in an iterator would cause corrupted results", func() {
diff --git a/models/db/engine.go b/models/db/engine.go
index 91015f7038..ba287d58f0 100755
--- a/models/db/engine.go
+++ b/models/db/engine.go
@@ -127,7 +127,7 @@ func IsTableNotEmpty(beanOrTableName any) (bool, error) {
 
 // DeleteAllRecords will delete all the records of this table
 func DeleteAllRecords(tableName string) error {
-	_, err := xormEngine.Exec(fmt.Sprintf("DELETE FROM %s", tableName))
+	_, err := xormEngine.Exec("DELETE FROM " + tableName)
 	return err
 }
 
diff --git a/models/db/engine_init.go b/models/db/engine_init.go
index 7a071fa29b..bb02aff274 100644
--- a/models/db/engine_init.go
+++ b/models/db/engine_init.go
@@ -42,9 +42,10 @@ func newXORMEngine() (*xorm.Engine, error) {
 	if err != nil {
 		return nil, err
 	}
-	if setting.Database.Type == "mysql" {
+	switch setting.Database.Type {
+	case "mysql":
 		engine.Dialect().SetParams(map[string]string{"rowFormat": "DYNAMIC"})
-	} else if setting.Database.Type == "mssql" {
+	case "mssql":
 		engine.Dialect().SetParams(map[string]string{"DEFAULT_VARCHAR": "nvarchar"})
 	}
 	engine.SetSchema(setting.Database.Schema)
diff --git a/models/db/engine_test.go b/models/db/engine_test.go
index 10a1a33ff0..a236f83735 100644
--- a/models/db/engine_test.go
+++ b/models/db/engine_test.go
@@ -52,7 +52,7 @@ func TestDeleteOrphanedObjects(t *testing.T) {
 
 	countAfter, err := db.GetEngine(db.DefaultContext).Count(&issues_model.PullRequest{})
 	assert.NoError(t, err)
-	assert.EqualValues(t, countBefore, countAfter)
+	assert.Equal(t, countBefore, countAfter)
 }
 
 func TestPrimaryKeys(t *testing.T) {
diff --git a/models/db/error.go b/models/db/error.go
index 665e970e17..d47c7adac4 100644
--- a/models/db/error.go
+++ b/models/db/error.go
@@ -65,7 +65,7 @@ func (err ErrNotExist) Error() string {
 	if err.ID != 0 {
 		return fmt.Sprintf("%s does not exist [id: %d]", name, err.ID)
 	}
-	return fmt.Sprintf("%s does not exist", name)
+	return name + " does not exist"
 }
 
 // Unwrap unwraps this as a ErrNotExist err
diff --git a/models/db/list_test.go b/models/db/list_test.go
index 45194611f8..170473a968 100644
--- a/models/db/list_test.go
+++ b/models/db/list_test.go
@@ -47,6 +47,6 @@ func TestFind(t *testing.T) {
 
 	repoUnits, newCnt, err := db.FindAndCount[repo_model.RepoUnit](db.DefaultContext, opts)
 	assert.NoError(t, err)
-	assert.EqualValues(t, cnt, newCnt)
+	assert.Equal(t, cnt, newCnt)
 	assert.Len(t, repoUnits, repoUnitCount)
 }
diff --git a/models/db/name.go b/models/db/name.go
index 0e11c78372..48c7fdbce5 100644
--- a/models/db/name.go
+++ b/models/db/name.go
@@ -5,6 +5,7 @@ package db
 
 import (
 	"fmt"
+	"slices"
 	"strings"
 	"unicode/utf8"
 
@@ -80,10 +81,8 @@ func IsUsableName(reservedNames, reservedPatterns []string, name string) error {
 		return util.NewInvalidArgumentErrorf("name is empty")
 	}
 
-	for i := range reservedNames {
-		if name == reservedNames[i] {
-			return ErrNameReserved{name}
-		}
+	if slices.Contains(reservedNames, name) {
+		return ErrNameReserved{name}
 	}
 
 	for _, pat := range reservedPatterns {
diff --git a/models/db/sql_postgres_with_schema.go b/models/db/sql_postgres_with_schema.go
index 64b61b2ef3..812fe4a6a6 100644
--- a/models/db/sql_postgres_with_schema.go
+++ b/models/db/sql_postgres_with_schema.go
@@ -39,7 +39,7 @@ func (d *postgresSchemaDriver) Open(name string) (driver.Conn, error) {
 
 	// golangci lint is incorrect here - there is no benefit to using driver.ExecerContext here
 	// and in any case pq does not implement it
-	if execer, ok := conn.(driver.Execer); ok { //nolint:staticcheck
+	if execer, ok := conn.(driver.Execer); ok { //nolint:staticcheck // see above
 		_, err := execer.Exec(`SELECT set_config(
 			'search_path',
 			$1 || ',' || current_setting('search_path'),
@@ -64,7 +64,7 @@ func (d *postgresSchemaDriver) Open(name string) (driver.Conn, error) {
 	// driver.String.ConvertValue will never return err for string
 
 	// golangci lint is incorrect here - there is no benefit to using stmt.ExecWithContext here
-	_, err = stmt.Exec([]driver.Value{schemaValue}) //nolint:staticcheck
+	_, err = stmt.Exec([]driver.Value{schemaValue}) //nolint:staticcheck // see above
 	if err != nil {
 		_ = conn.Close()
 		return nil, err
diff --git a/models/dbfs/dbfile.go b/models/dbfs/dbfile.go
index dd27b5c36b..eaf506fbe6 100644
--- a/models/dbfs/dbfile.go
+++ b/models/dbfs/dbfile.go
@@ -46,10 +46,7 @@ func (f *file) readAt(fileMeta *dbfsMeta, offset int64, p []byte) (n int, err er
 	blobPos := int(offset % f.blockSize)
 	blobOffset := offset - int64(blobPos)
 	blobRemaining := int(f.blockSize) - blobPos
-	needRead := len(p)
-	if needRead > blobRemaining {
-		needRead = blobRemaining
-	}
+	needRead := min(len(p), blobRemaining)
 	if blobOffset+int64(blobPos)+int64(needRead) > fileMeta.FileSize {
 		needRead = int(fileMeta.FileSize - blobOffset - int64(blobPos))
 	}
@@ -66,14 +63,8 @@ func (f *file) readAt(fileMeta *dbfsMeta, offset int64, p []byte) (n int, err er
 		blobData = nil
 	}
 
-	canCopy := len(blobData) - blobPos
-	if canCopy <= 0 {
-		canCopy = 0
-	}
-	realRead := needRead
-	if realRead > canCopy {
-		realRead = canCopy
-	}
+	canCopy := max(len(blobData)-blobPos, 0)
+	realRead := min(needRead, canCopy)
 	if realRead > 0 {
 		copy(p[:realRead], fileData.BlobData[blobPos:blobPos+realRead])
 	}
@@ -113,10 +104,7 @@ func (f *file) Write(p []byte) (n int, err error) {
 		blobPos := int(f.offset % f.blockSize)
 		blobOffset := f.offset - int64(blobPos)
 		blobRemaining := int(f.blockSize) - blobPos
-		needWrite := len(p)
-		if needWrite > blobRemaining {
-			needWrite = blobRemaining
-		}
+		needWrite := min(len(p), blobRemaining)
 		buf := make([]byte, f.blockSize)
 		readBytes, err := f.readAt(fileMeta, blobOffset, buf)
 		if err != nil && !errors.Is(err, io.EOF) {
diff --git a/models/dbfs/dbfs_test.go b/models/dbfs/dbfs_test.go
index 96cb1014c7..0257d2bd15 100644
--- a/models/dbfs/dbfs_test.go
+++ b/models/dbfs/dbfs_test.go
@@ -31,15 +31,15 @@ func TestDbfsBasic(t *testing.T) {
 
 	n, err := f.Write([]byte("0123456789")) // blocks: 0123 4567 89
 	assert.NoError(t, err)
-	assert.EqualValues(t, 10, n)
+	assert.Equal(t, 10, n)
 
 	_, err = f.Seek(0, io.SeekStart)
 	assert.NoError(t, err)
 
 	buf, err := io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 10, n)
-	assert.EqualValues(t, "0123456789", string(buf))
+	assert.Equal(t, 10, n)
+	assert.Equal(t, "0123456789", string(buf))
 
 	// write some new data
 	_, err = f.Seek(1, io.SeekStart)
@@ -50,14 +50,14 @@ func TestDbfsBasic(t *testing.T) {
 	// read from offset
 	buf, err = io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "9", string(buf))
+	assert.Equal(t, "9", string(buf))
 
 	// read all
 	_, err = f.Seek(0, io.SeekStart)
 	assert.NoError(t, err)
 	buf, err = io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "0bcdefghi9", string(buf))
+	assert.Equal(t, "0bcdefghi9", string(buf))
 
 	// write to new size
 	_, err = f.Seek(-1, io.SeekEnd)
@@ -68,7 +68,7 @@ func TestDbfsBasic(t *testing.T) {
 	assert.NoError(t, err)
 	buf, err = io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "0bcdefghiJKLMNOP", string(buf))
+	assert.Equal(t, "0bcdefghiJKLMNOP", string(buf))
 
 	// write beyond EOF and fill with zero
 	_, err = f.Seek(5, io.SeekCurrent)
@@ -79,7 +79,7 @@ func TestDbfsBasic(t *testing.T) {
 	assert.NoError(t, err)
 	buf, err = io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "0bcdefghiJKLMNOP\x00\x00\x00\x00\x00xyzu", string(buf))
+	assert.Equal(t, "0bcdefghiJKLMNOP\x00\x00\x00\x00\x00xyzu", string(buf))
 
 	// write to the block with zeros
 	_, err = f.Seek(-6, io.SeekCurrent)
@@ -90,7 +90,7 @@ func TestDbfsBasic(t *testing.T) {
 	assert.NoError(t, err)
 	buf, err = io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "0bcdefghiJKLMNOP\x00\x00\x00ABCDzu", string(buf))
+	assert.Equal(t, "0bcdefghiJKLMNOP\x00\x00\x00ABCDzu", string(buf))
 
 	assert.NoError(t, f.Close())
 
@@ -117,7 +117,7 @@ func TestDbfsBasic(t *testing.T) {
 	assert.NoError(t, err)
 	stat, err := f.Stat()
 	assert.NoError(t, err)
-	assert.EqualValues(t, "test.txt", stat.Name())
+	assert.Equal(t, "test.txt", stat.Name())
 	assert.EqualValues(t, 0, stat.Size())
 	_, err = f.Write([]byte("0123456789"))
 	assert.NoError(t, err)
@@ -144,7 +144,7 @@ func TestDbfsReadWrite(t *testing.T) {
 
 	line, err := f2r.ReadString('\n')
 	assert.NoError(t, err)
-	assert.EqualValues(t, "line 1\n", line)
+	assert.Equal(t, "line 1\n", line)
 	_, err = f2r.ReadString('\n')
 	assert.ErrorIs(t, err, io.EOF)
 
@@ -153,7 +153,7 @@ func TestDbfsReadWrite(t *testing.T) {
 
 	line, err = f2r.ReadString('\n')
 	assert.NoError(t, err)
-	assert.EqualValues(t, "line 2\n", line)
+	assert.Equal(t, "line 2\n", line)
 	_, err = f2r.ReadString('\n')
 	assert.ErrorIs(t, err, io.EOF)
 }
@@ -186,5 +186,5 @@ func TestDbfsSeekWrite(t *testing.T) {
 
 	buf, err := io.ReadAll(fr)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "111333", string(buf))
+	assert.Equal(t, "111333", string(buf))
 }
diff --git a/models/fixtures/action_artifact.yml b/models/fixtures/action_artifact.yml
index 485474108f..ee8ef0d5ce 100644
--- a/models/fixtures/action_artifact.yml
+++ b/models/fixtures/action_artifact.yml
@@ -11,6 +11,24 @@
   content_encoding: ""
   artifact_path: "abc.txt"
   artifact_name: "artifact-download"
+  status: 2
+  created_unix: 1712338649
+  updated_unix: 1712338649
+  expired_unix: 1720114649
+
+-
+  id: 2
+  run_id: 791
+  runner_id: 1
+  repo_id: 4
+  owner_id: 1
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  storage_path: ""
+  file_size: 1024
+  file_compressed_size: 1024
+  content_encoding: "30/20/1712348022422036662.chunk"
+  artifact_path: "abc.txt"
+  artifact_name: "artifact-download-incomplete"
   status: 1
   created_unix: 1712338649
   updated_unix: 1712338649
@@ -87,3 +105,39 @@
   created_unix: 1730330775
   updated_unix: 1730330775
   expired_unix: 1738106775
+
+-
+  id: 24
+  run_id: 795
+  runner_id: 1
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  storage_path: "27/5/1730330775594233150.chunk"
+  file_size: 1024
+  file_compressed_size: 1024
+  content_encoding: "application/zip"
+  artifact_path: "artifact-795-1.zip"
+  artifact_name: "artifact-795-1"
+  status: 2
+  created_unix: 1730330775
+  updated_unix: 1730330775
+  expired_unix: 1738106775
+
+-
+  id: 25
+  run_id: 795
+  runner_id: 1
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  storage_path: "27/5/1730330775594233150.chunk"
+  file_size: 1024
+  file_compressed_size: 1024
+  content_encoding: "application/zip"
+  artifact_path: "artifact-795-2.zip"
+  artifact_name: "artifact-795-2"
+  status: 2
+  created_unix: 1730330775
+  updated_unix: 1730330775
+  expired_unix: 1738106775
diff --git a/models/fixtures/action_run.yml b/models/fixtures/action_run.yml
index 1db849352f..09dfa6cccb 100644
--- a/models/fixtures/action_run.yml
+++ b/models/fixtures/action_run.yml
@@ -9,6 +9,7 @@
   ref: "refs/heads/master"
   commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
   event: "push"
+  trigger_event: "push"
   is_fork_pull_request: 0
   status: 1
   started: 1683636528
@@ -28,6 +29,7 @@
   ref: "refs/heads/master"
   commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
   event: "push"
+  trigger_event: "push"
   is_fork_pull_request: 0
   status: 1
   started: 1683636528
@@ -47,8 +49,9 @@
   ref: "refs/heads/master"
   commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
   event: "push"
+  trigger_event: "push"
   is_fork_pull_request: 0
-  status: 1
+  status: 6 # running
   started: 1683636528
   stopped: 1683636626
   created: 1683636108
@@ -66,6 +69,47 @@
   ref: "refs/heads/test"
   commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
   event: "push"
+  trigger_event: "push"
+  is_fork_pull_request: 0
+  status: 1
+  started: 1683636528
+  stopped: 1683636626
+  created: 1683636108
+  updated: 1683636626
+  need_approval: 0
+  approved_by: 0
+-
+  id: 802
+  title: "workflow run list"
+  repo_id: 5
+  owner_id: 3
+  workflow_id: "test.yaml"
+  index: 191
+  trigger_user_id: 1
+  ref: "refs/heads/test"
+  commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
+  event: "push"
+  trigger_event: "push"
+  is_fork_pull_request: 0
+  status: 1
+  started: 1683636528
+  stopped: 1683636626
+  created: 1683636108
+  updated: 1683636626
+  need_approval: 0
+  approved_by: 0
+-
+  id: 803
+  title: "workflow run list for user"
+  repo_id: 2
+  owner_id: 0
+  workflow_id: "test.yaml"
+  index: 192
+  trigger_user_id: 1
+  ref: "refs/heads/test"
+  commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
+  event: "push"
+  trigger_event: "push"
   is_fork_pull_request: 0
   status: 1
   started: 1683636528
@@ -74,3 +118,24 @@
   updated: 1683636626
   need_approval: 0
   approved_by: 0
+
+-
+  id: 795
+  title: "to be deleted (test)"
+  repo_id: 2
+  owner_id: 2
+  workflow_id: "test.yaml"
+  index: 191
+  trigger_user_id: 1
+  ref: "refs/heads/test"
+  commit_sha: "c2d72f548424103f01ee1dc02889c1e2bff816b0"
+  event: "push"
+  trigger_event: "push"
+  is_fork_pull_request: 0
+  status: 2
+  started: 1683636528
+  stopped: 1683636626
+  created: 1683636108
+  updated: 1683636626
+  need_approval: 0
+  approved_by: 0
diff --git a/models/fixtures/action_run_job.yml b/models/fixtures/action_run_job.yml
index 8837e6ec2d..6c06d94aa4 100644
--- a/models/fixtures/action_run_job.yml
+++ b/models/fixtures/action_run_job.yml
@@ -69,3 +69,63 @@
   status: 5
   started: 1683636528
   stopped: 1683636626
+
+-
+  id: 198
+  run_id: 795
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  name: job_1
+  attempt: 1
+  job_id: job_1
+  task_id: 53
+  status: 1
+  started: 1683636528
+  stopped: 1683636626
+
+-
+  id: 199
+  run_id: 795
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  name: job_2
+  attempt: 1
+  job_id: job_2
+  task_id: 54
+  status: 2
+  started: 1683636528
+  stopped: 1683636626
+-
+  id: 203
+  run_id: 802
+  repo_id: 5
+  owner_id: 0
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  name: job2
+  attempt: 1
+  job_id: job2
+  needs: '["job1"]'
+  task_id: 51
+  status: 5
+  started: 1683636528
+  stopped: 1683636626
+-
+  id: 204
+  run_id: 803
+  repo_id: 2
+  owner_id: 0
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  name: job2
+  attempt: 1
+  job_id: job2
+  needs: '["job1"]'
+  task_id: 51
+  status: 5
+  started: 1683636528
+  stopped: 1683636626
diff --git a/models/fixtures/action_runner.yml b/models/fixtures/action_runner.yml
new file mode 100644
index 0000000000..ecb7214006
--- /dev/null
+++ b/models/fixtures/action_runner.yml
@@ -0,0 +1,51 @@
+-
+  id: 34346
+  name: runner_to_be_deleted-user
+  uuid: 3EF231BD-FBB7-4E4B-9602-E6F28363EF18
+  token_hash: 3EF231BD-FBB7-4E4B-9602-E6F28363EF18
+  version: "1.0.0"
+  owner_id: 1
+  repo_id: 0
+  description: "This runner is going to be deleted"
+  agent_labels: '["runner_to_be_deleted","linux"]'
+-
+  id: 34347
+  name: runner_to_be_deleted-org
+  uuid: 3EF231BD-FBB7-4E4B-9602-E6F28363EF19
+  token_hash: 3EF231BD-FBB7-4E4B-9602-E6F28363EF19
+  version: "1.0.0"
+  owner_id: 3
+  repo_id: 0
+  description: "This runner is going to be deleted"
+  agent_labels: '["runner_to_be_deleted","linux"]'
+-
+  id: 34348
+  name: runner_to_be_deleted-repo1
+  uuid: 3EF231BD-FBB7-4E4B-9602-E6F28363EF20
+  token_hash: 3EF231BD-FBB7-4E4B-9602-E6F28363EF20
+  version: "1.0.0"
+  owner_id: 0
+  repo_id: 1
+  description: "This runner is going to be deleted"
+  agent_labels: '["runner_to_be_deleted","linux"]'
+-
+  id: 34349
+  name: runner_to_be_deleted
+  uuid: 3EF231BD-FBB7-4E4B-9602-E6F28363EF17
+  token_hash: 3EF231BD-FBB7-4E4B-9602-E6F28363EF17
+  version: "1.0.0"
+  owner_id: 0
+  repo_id: 0
+  description: "This runner is going to be deleted"
+  agent_labels: '["runner_to_be_deleted","linux"]'
+-
+  id: 34350
+  name: runner_to_be_deleted-org-ephemeral
+  uuid: 3FF231BD-FBB7-4E4B-9602-E6F28363EF20
+  token_hash: 3FF231BD-FBB7-4E4B-9602-E6F28363EF20
+  ephemeral: true
+  version: "1.0.0"
+  owner_id: 3
+  repo_id: 0
+  description: "This runner is going to be deleted"
+  agent_labels: '["runner_to_be_deleted","linux"]'
diff --git a/models/fixtures/action_task.yml b/models/fixtures/action_task.yml
index 506a47d8a0..c79fb07050 100644
--- a/models/fixtures/action_task.yml
+++ b/models/fixtures/action_task.yml
@@ -117,3 +117,63 @@
   log_length: 707
   log_size: 90179
   log_expired: 0
+-
+  id: 52
+  job_id: 196
+  attempt: 1
+  runner_id: 34350
+  status: 6 # running
+  started: 1683636528
+  stopped: 1683636626
+  repo_id: 4
+  owner_id: 1
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  token_hash: f8d3962425466b6709b9ac51446f93260c54afe8e7b6d3686e34f991fb8a8953822b0deed86fe41a103f34bc48dbc4784222
+  token_salt: ffffffffff
+  token_last_eight: ffffffff
+  log_filename: artifact-test2/2f/47.log
+  log_in_storage: 1
+  log_length: 707
+  log_size: 90179
+  log_expired: 0
+-
+  id: 53
+  job_id: 198
+  attempt: 1
+  runner_id: 1
+  status: 1
+  started: 1683636528
+  stopped: 1683636626
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  token_hash: b8d3962425466b6709b9ac51446f93260c54afe8e7b6d3686e34f991fb8a8953822b0deed86fe41a103f34bc48dbc4784223
+  token_salt: ffffffffff
+  token_last_eight: ffffffff
+  log_filename: artifact-test2/2f/47.log
+  log_in_storage: 1
+  log_length: 0
+  log_size: 0
+  log_expired: 0
+-
+  id: 54
+  job_id: 199
+  attempt: 1
+  runner_id: 1
+  status: 2
+  started: 1683636528
+  stopped: 1683636626
+  repo_id: 2
+  owner_id: 2
+  commit_sha: c2d72f548424103f01ee1dc02889c1e2bff816b0
+  is_fork_pull_request: 0
+  token_hash: b8d3962425466b6709b9ac51446f93260c54afe8e7b6d3686e34f991fb8a8953822b0deed86fe41a103f34bc48dbc4784224
+  token_salt: ffffffffff
+  token_last_eight: ffffffff
+  log_filename: artifact-test2/2f/47.log
+  log_in_storage: 1
+  log_length: 0
+  log_size: 0
+  log_expired: 0
diff --git a/models/fixtures/branch.yml b/models/fixtures/branch.yml
index 17b1869ab6..03e21d04b4 100644
--- a/models/fixtures/branch.yml
+++ b/models/fixtures/branch.yml
@@ -93,3 +93,123 @@
   is_deleted: false
   deleted_by_id: 0
   deleted_unix: 0
+
+-
+  id: 16
+  repo_id: 16
+  name: 'master'
+  commit_id: '69554a64c1e6030f051e5c3f94bfbd773cd6a324'
+  commit_message: 'not signed commit'
+  commit_time: 1502042309
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 17
+  repo_id: 16
+  name: 'not-signed'
+  commit_id: '69554a64c1e6030f051e5c3f94bfbd773cd6a324'
+  commit_message: 'not signed commit'
+  commit_time: 1502042309
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 18
+  repo_id: 16
+  name: 'good-sign-not-yet-validated'
+  commit_id: '27566bd5738fc8b4e3fef3c5e72cce608537bd95'
+  commit_message: 'good signed commit (with not yet validated email)'
+  commit_time: 1502042234
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 19
+  repo_id: 16
+  name: 'good-sign'
+  commit_id: 'f27c2b2b03dcab38beaf89b0ab4ff61f6de63441'
+  commit_message: 'good signed commit'
+  commit_time: 1502042101
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 20
+  repo_id: 1
+  name: 'feature/1'
+  commit_id: '65f1bf27bc3bf70f64657658635e66094edbcb4d'
+  commit_message: 'Initial commit'
+  commit_time: 1489950479
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 21
+  repo_id: 49
+  name: 'master'
+  commit_id: 'aacbdfe9e1c4b47f60abe81849045fa4e96f1d75'
+  commit_message: "Add 'test/test.txt'"
+  commit_time: 1572535577
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 22
+  repo_id: 1
+  name: 'develop'
+  commit_id: '65f1bf27bc3bf70f64657658635e66094edbcb4d'
+  commit_message: "Initial commit"
+  commit_time: 1489927679
+  pusher_id: 1
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 23
+  repo_id: 3
+  name: 'master'
+  commit_id: '2a47ca4b614a9f5a43abbd5ad851a54a616ffee6'
+  commit_message: "init project"
+  commit_time: 1497448461
+  pusher_id: 1
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 24
+  repo_id: 3
+  name: 'test_branch'
+  commit_id: 'd22b4d4daa5be07329fcef6ed458f00cf3392da0'
+  commit_message: "test commit"
+  commit_time: 1602935385
+  pusher_id: 1
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
+
+-
+  id: 25
+  repo_id: 54
+  name: 'master'
+  commit_id: '73cf03db6ece34e12bf91e8853dc58f678f2f82d'
+  commit_message: 'Initial commit'
+  commit_time: 1671663402
+  pusher_id: 2
+  is_deleted: false
+  deleted_by_id: 0
+  deleted_unix: 0
diff --git a/models/fixtures/commit_status.yml b/models/fixtures/commit_status.yml
index 20d57975ef..87c652e53a 100644
--- a/models/fixtures/commit_status.yml
+++ b/models/fixtures/commit_status.yml
@@ -7,6 +7,7 @@
   target_url: https://example.com/builds/
   description: My awesome CI-service
   context: ci/awesomeness
+  context_hash: c65f4d64a3b14a3eced0c9b36799e66e1bd5ced7
   creator_id: 2
 
 -
@@ -18,6 +19,7 @@
   target_url: https://example.com/converage/
   description: My awesome Coverage service
   context: cov/awesomeness
+  context_hash: 3929ac7bccd3fa1bf9b38ddedb77973b1b9a8cfe
   creator_id: 2
 
 -
@@ -29,6 +31,7 @@
   target_url: https://example.com/converage/
   description: My awesome Coverage service
   context: cov/awesomeness
+  context_hash: 3929ac7bccd3fa1bf9b38ddedb77973b1b9a8cfe
   creator_id: 2
 
 -
@@ -40,6 +43,7 @@
   target_url: https://example.com/builds/
   description: My awesome CI-service
   context: ci/awesomeness
+  context_hash: c65f4d64a3b14a3eced0c9b36799e66e1bd5ced7
   creator_id: 2
 
 -
@@ -51,4 +55,5 @@
   target_url: https://example.com/builds/
   description: My awesome deploy service
   context: deploy/awesomeness
+  context_hash: ae9547713a6665fc4261d0756904932085a41cf2
   creator_id: 2
diff --git a/models/fixtures/email_address.yml b/models/fixtures/email_address.yml
index b2a0432635..0f6bd9ee6d 100644
--- a/models/fixtures/email_address.yml
+++ b/models/fixtures/email_address.yml
@@ -81,7 +81,7 @@
 -
   id: 11
   uid: 4
-  email: user4@example.com
+  email: User4@Example.Com
   lower_email: user4@example.com
   is_activated: true
   is_primary: true
diff --git a/models/fixtures/hook_task.yml b/models/fixtures/hook_task.yml
index d573406b36..6023719b1e 100644
--- a/models/fixtures/hook_task.yml
+++ b/models/fixtures/hook_task.yml
@@ -18,7 +18,7 @@
   id: 2
   hook_id: 1
   uuid: uuid2
-  is_delivered: false
+  is_delivered: true
 
 -
   id: 3
diff --git a/models/fixtures/public_key.yml b/models/fixtures/public_key.yml
index ae620ee2d1..856b0e3fb2 100644
--- a/models/fixtures/public_key.yml
+++ b/models/fixtures/public_key.yml
@@ -9,3 +9,4 @@
   created_unix: 1559593109
   updated_unix: 1565224552
   login_source_id: 0
+  verified: false
diff --git a/models/fixtures/repo_transfer.yml b/models/fixtures/repo_transfer.yml
index db92c95248..b12e6b207f 100644
--- a/models/fixtures/repo_transfer.yml
+++ b/models/fixtures/repo_transfer.yml
@@ -21,3 +21,11 @@
   repo_id: 32
   created_unix: 1553610671
   updated_unix: 1553610671
+
+-
+  id: 4
+  doer_id: 3
+  recipient_id: 1
+  repo_id: 5
+  created_unix: 1553610671
+  updated_unix: 1553610671
diff --git a/models/fixtures/webhook.yml b/models/fixtures/webhook.yml
index ebc4062b60..ec282914b8 100644
--- a/models/fixtures/webhook.yml
+++ b/models/fixtures/webhook.yml
@@ -1,7 +1,7 @@
 -
   id: 1
   repo_id: 1
-  url: www.example.com/url1
+  url: https://www.example.com/url1
   content_type: 1 # json
   events: '{"push_only":true,"send_everything":false,"choose_events":false,"events":{"create":false,"push":true,"pull_request":false}}'
   is_active: true
@@ -9,7 +9,7 @@
 -
   id: 2
   repo_id: 1
-  url: www.example.com/url2
+  url: https://www.example.com/url2
   content_type: 1 # json
   events: '{"push_only":false,"send_everything":false,"choose_events":false,"events":{"create":false,"push":true,"pull_request":true}}'
   is_active: false
@@ -18,7 +18,7 @@
   id: 3
   owner_id: 3
   repo_id: 3
-  url: www.example.com/url3
+  url: https://www.example.com/url3
   content_type: 1 # json
   events: '{"push_only":false,"send_everything":false,"choose_events":false,"events":{"create":false,"push":true,"pull_request":true}}'
   is_active: true
@@ -26,7 +26,7 @@
 -
   id: 4
   repo_id: 2
-  url: www.example.com/url4
+  url: https://www.example.com/url4
   content_type: 1 # json
   events: '{"push_only":true,"branch_filter":"{master,feature*}"}'
   is_active: true
@@ -35,7 +35,7 @@
   id: 5
   repo_id: 0
   owner_id: 0
-  url: www.example.com/url5
+  url: https://www.example.com/url5
   content_type: 1 # json
   events: '{"push_only":true,"branch_filter":"{master,feature*}"}'
   is_active: true
@@ -45,7 +45,7 @@
   id: 6
   repo_id: 0
   owner_id: 0
-  url: www.example.com/url6
+  url: https://www.example.com/url6
   content_type: 1 # json
   events: '{"push_only":true,"branch_filter":"{master,feature*}"}'
   is_active: true
diff --git a/models/git/branch.go b/models/git/branch.go
index d1caa35947..6021e1101f 100644
--- a/models/git/branch.go
+++ b/models/git/branch.go
@@ -173,6 +173,18 @@ func GetBranch(ctx context.Context, repoID int64, branchName string) (*Branch, e
 	return &branch, nil
 }
 
+// IsBranchExist returns true if the branch exists in the repository.
+func IsBranchExist(ctx context.Context, repoID int64, branchName string) (bool, error) {
+	var branch Branch
+	has, err := db.GetEngine(ctx).Where("repo_id=?", repoID).And("name=?", branchName).Get(&branch)
+	if err != nil {
+		return false, err
+	} else if !has {
+		return false, nil
+	}
+	return !branch.IsDeleted, nil
+}
+
 func GetBranches(ctx context.Context, repoID int64, branchNames []string, includeDeleted bool) ([]*Branch, error) {
 	branches := make([]*Branch, 0, len(branchNames))
 
@@ -223,6 +235,11 @@ func GetDeletedBranchByID(ctx context.Context, repoID, branchID int64) (*Branch,
 	return &branch, nil
 }
 
+func DeleteRepoBranches(ctx context.Context, repoID int64) error {
+	_, err := db.GetEngine(ctx).Where("repo_id=?", repoID).Delete(new(Branch))
+	return err
+}
+
 func DeleteBranches(ctx context.Context, repoID, doerID int64, branchIDs []int64) error {
 	return db.WithTx(ctx, func(ctx context.Context) error {
 		branches := make([]*Branch, 0, len(branchIDs))
@@ -455,7 +472,7 @@ type RecentlyPushedNewBranch struct {
 // if opts.CommitAfterUnix is 0, we will find the branches that were committed to in the last 2 hours
 // if opts.ListOptions is not set, we will only display top 2 latest branches.
 // Protected branches will be skipped since they are unlikely to be used to create new PRs.
-func FindRecentlyPushedNewBranches(ctx context.Context, doer *user_model.User, opts *FindRecentlyPushedNewBranchesOptions) ([]*RecentlyPushedNewBranch, error) {
+func FindRecentlyPushedNewBranches(ctx context.Context, doer *user_model.User, opts FindRecentlyPushedNewBranchesOptions) ([]*RecentlyPushedNewBranch, error) {
 	if doer == nil {
 		return []*RecentlyPushedNewBranch{}, nil
 	}
@@ -470,7 +487,7 @@ func FindRecentlyPushedNewBranches(ctx context.Context, doer *user_model.User, o
 		ForkFrom:   opts.BaseRepo.ID,
 		Archived:   optional.Some(false),
 	}
-	repoCond := repo_model.SearchRepositoryCondition(&repoOpts).And(repo_model.AccessibleRepositoryCondition(doer, unit.TypeCode))
+	repoCond := repo_model.SearchRepositoryCondition(repoOpts).And(repo_model.AccessibleRepositoryCondition(doer, unit.TypeCode))
 	if opts.Repo.ID == opts.BaseRepo.ID {
 		// should also include the base repo's branches
 		repoCond = repoCond.Or(builder.Eq{"id": opts.BaseRepo.ID})
diff --git a/models/git/branch_test.go b/models/git/branch_test.go
index b8ea663e81..252dcc5690 100644
--- a/models/git/branch_test.go
+++ b/models/git/branch_test.go
@@ -21,7 +21,7 @@ import (
 func TestAddDeletedBranch(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	assert.EqualValues(t, git.Sha1ObjectFormat.Name(), repo.ObjectFormatName)
+	assert.Equal(t, git.Sha1ObjectFormat.Name(), repo.ObjectFormatName)
 	firstBranch := unittest.AssertExistsAndLoadBean(t, &git_model.Branch{ID: 1})
 
 	assert.True(t, firstBranch.IsDeleted)
diff --git a/models/git/commit_status.go b/models/git/commit_status.go
index d1c94aa023..e255bca5d0 100644
--- a/models/git/commit_status.go
+++ b/models/git/commit_status.go
@@ -17,10 +17,10 @@ import (
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/translation"
 
@@ -30,17 +30,17 @@ import (
 
 // CommitStatus holds a single Status of a single Commit
 type CommitStatus struct {
-	ID          int64                  `xorm:"pk autoincr"`
-	Index       int64                  `xorm:"INDEX UNIQUE(repo_sha_index)"`
-	RepoID      int64                  `xorm:"INDEX UNIQUE(repo_sha_index)"`
-	Repo        *repo_model.Repository `xorm:"-"`
-	State       api.CommitStatusState  `xorm:"VARCHAR(7) NOT NULL"`
-	SHA         string                 `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_sha_index)"`
-	TargetURL   string                 `xorm:"TEXT"`
-	Description string                 `xorm:"TEXT"`
-	ContextHash string                 `xorm:"VARCHAR(64) index"`
-	Context     string                 `xorm:"TEXT"`
-	Creator     *user_model.User       `xorm:"-"`
+	ID          int64                          `xorm:"pk autoincr"`
+	Index       int64                          `xorm:"INDEX UNIQUE(repo_sha_index)"`
+	RepoID      int64                          `xorm:"INDEX UNIQUE(repo_sha_index)"`
+	Repo        *repo_model.Repository         `xorm:"-"`
+	State       commitstatus.CommitStatusState `xorm:"VARCHAR(7) NOT NULL"`
+	SHA         string                         `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_sha_index)"`
+	TargetURL   string                         `xorm:"TEXT"`
+	Description string                         `xorm:"TEXT"`
+	ContextHash string                         `xorm:"VARCHAR(64) index"`
+	Context     string                         `xorm:"TEXT"`
+	Creator     *user_model.User               `xorm:"-"`
 	CreatorID   int64
 
 	CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
@@ -222,7 +222,7 @@ func (status *CommitStatus) HideActionsURL(ctx context.Context) {
 		}
 	}
 
-	prefix := fmt.Sprintf("%s/actions", status.Repo.Link())
+	prefix := status.Repo.Link() + "/actions"
 	if strings.HasPrefix(status.TargetURL, prefix) {
 		status.TargetURL = ""
 	}
@@ -230,22 +230,25 @@ func (status *CommitStatus) HideActionsURL(ctx context.Context) {
 
 // CalcCommitStatus returns commit status state via some status, the commit statues should order by id desc
 func CalcCommitStatus(statuses []*CommitStatus) *CommitStatus {
-	var lastStatus *CommitStatus
-	state := api.CommitStatusSuccess
+	if len(statuses) == 0 {
+		return nil
+	}
+
+	states := make(commitstatus.CommitStatusStates, 0, len(statuses))
+	targetURL := ""
 	for _, status := range statuses {
-		if status.State.NoBetterThan(state) {
-			state = status.State
-			lastStatus = status
+		states = append(states, status.State)
+		if status.TargetURL != "" {
+			targetURL = status.TargetURL
 		}
 	}
-	if lastStatus == nil {
-		if len(statuses) > 0 {
-			lastStatus = statuses[0]
-		} else {
-			lastStatus = &CommitStatus{}
-		}
+
+	return &CommitStatus{
+		RepoID:    statuses[0].RepoID,
+		SHA:       statuses[0].SHA,
+		State:     states.Combine(),
+		TargetURL: targetURL,
 	}
-	return lastStatus
 }
 
 // CommitStatusOptions holds the options for query commit statuses
@@ -298,27 +301,37 @@ type CommitStatusIndex struct {
 	MaxIndex int64  `xorm:"index"`
 }
 
+func makeRepoCommitQuery(ctx context.Context, repoID int64, sha string) *xorm.Session {
+	return db.GetEngine(ctx).Table(&CommitStatus{}).
+		Where("repo_id = ?", repoID).And("sha = ?", sha)
+}
+
 // GetLatestCommitStatus returns all statuses with a unique context for a given commit.
-func GetLatestCommitStatus(ctx context.Context, repoID int64, sha string, listOptions db.ListOptions) ([]*CommitStatus, int64, error) {
-	getBase := func() *xorm.Session {
-		return db.GetEngine(ctx).Table(&CommitStatus{}).
-			Where("repo_id = ?", repoID).And("sha = ?", sha)
-	}
+func GetLatestCommitStatus(ctx context.Context, repoID int64, sha string, listOptions db.ListOptions) ([]*CommitStatus, error) {
 	indices := make([]int64, 0, 10)
-	sess := getBase().Select("max( `index` ) as `index`").
-		GroupBy("context_hash").OrderBy("max( `index` ) desc")
+	sess := makeRepoCommitQuery(ctx, repoID, sha).
+		Select("max( `index` ) as `index`").
+		GroupBy("context_hash").
+		OrderBy("max( `index` ) desc")
 	if !listOptions.IsListAll() {
 		sess = db.SetSessionPagination(sess, &listOptions)
 	}
-	count, err := sess.FindAndCount(&indices)
-	if err != nil {
-		return nil, count, err
+	if err := sess.Find(&indices); err != nil {
+		return nil, err
 	}
 	statuses := make([]*CommitStatus, 0, len(indices))
 	if len(indices) == 0 {
-		return statuses, count, nil
+		return statuses, nil
 	}
-	return statuses, count, getBase().And(builder.In("`index`", indices)).Find(&statuses)
+	err := makeRepoCommitQuery(ctx, repoID, sha).And(builder.In("`index`", indices)).Find(&statuses)
+	return statuses, err
+}
+
+func CountLatestCommitStatus(ctx context.Context, repoID int64, sha string) (int64, error) {
+	return makeRepoCommitQuery(ctx, repoID, sha).
+		Select("count(context_hash)").
+		GroupBy("context_hash").
+		Count()
 }
 
 // GetLatestCommitStatusForPairs returns all statuses with a unique context for a given list of repo-sha pairs
@@ -457,35 +470,31 @@ func NewCommitStatus(ctx context.Context, opts NewCommitStatusOptions) error {
 		return fmt.Errorf("NewCommitStatus[%s, %s]: no user specified", opts.Repo.FullName(), opts.SHA)
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return fmt.Errorf("NewCommitStatus[repo_id: %d, user_id: %d, sha: %s]: %w", opts.Repo.ID, opts.Creator.ID, opts.SHA, err)
-	}
-	defer committer.Close()
-
-	// Get the next Status Index
-	idx, err := GetNextCommitStatusIndex(ctx, opts.Repo.ID, opts.SHA.String())
-	if err != nil {
-		return fmt.Errorf("generate commit status index failed: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// Get the next Status Index
+		idx, err := GetNextCommitStatusIndex(ctx, opts.Repo.ID, opts.SHA.String())
+		if err != nil {
+			return fmt.Errorf("generate commit status index failed: %w", err)
+		}
 
-	opts.CommitStatus.Description = strings.TrimSpace(opts.CommitStatus.Description)
-	opts.CommitStatus.Context = strings.TrimSpace(opts.CommitStatus.Context)
-	opts.CommitStatus.TargetURL = strings.TrimSpace(opts.CommitStatus.TargetURL)
-	opts.CommitStatus.SHA = opts.SHA.String()
-	opts.CommitStatus.CreatorID = opts.Creator.ID
-	opts.CommitStatus.RepoID = opts.Repo.ID
-	opts.CommitStatus.Index = idx
-	log.Debug("NewCommitStatus[%s, %s]: %d", opts.Repo.FullName(), opts.SHA, opts.CommitStatus.Index)
+		opts.CommitStatus.Description = strings.TrimSpace(opts.CommitStatus.Description)
+		opts.CommitStatus.Context = strings.TrimSpace(opts.CommitStatus.Context)
+		opts.CommitStatus.TargetURL = strings.TrimSpace(opts.CommitStatus.TargetURL)
+		opts.CommitStatus.SHA = opts.SHA.String()
+		opts.CommitStatus.CreatorID = opts.Creator.ID
+		opts.CommitStatus.RepoID = opts.Repo.ID
+		opts.CommitStatus.Index = idx
+		log.Debug("NewCommitStatus[%s, %s]: %d", opts.Repo.FullName(), opts.SHA, opts.CommitStatus.Index)
 
-	opts.CommitStatus.ContextHash = hashCommitStatusContext(opts.CommitStatus.Context)
+		opts.CommitStatus.ContextHash = hashCommitStatusContext(opts.CommitStatus.Context)
 
-	// Insert new CommitStatus
-	if _, err = db.GetEngine(ctx).Insert(opts.CommitStatus); err != nil {
-		return fmt.Errorf("insert CommitStatus[%s, %s]: %w", opts.Repo.FullName(), opts.SHA, err)
-	}
+		// Insert new CommitStatus
+		if err = db.Insert(ctx, opts.CommitStatus); err != nil {
+			return fmt.Errorf("insert CommitStatus[%s, %s]: %w", opts.Repo.FullName(), opts.SHA, err)
+		}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 // SignCommitWithStatuses represents a commit with validation of signature and status state.
diff --git a/models/git/commit_status_summary.go b/models/git/commit_status_summary.go
index 7603e7aa65..dd416fa015 100644
--- a/models/git/commit_status_summary.go
+++ b/models/git/commit_status_summary.go
@@ -7,19 +7,19 @@ import (
 	"context"
 
 	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
 
 	"xorm.io/builder"
 )
 
 // CommitStatusSummary holds the latest commit Status of a single Commit
 type CommitStatusSummary struct {
-	ID        int64                 `xorm:"pk autoincr"`
-	RepoID    int64                 `xorm:"INDEX UNIQUE(repo_id_sha)"`
-	SHA       string                `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_id_sha)"`
-	State     api.CommitStatusState `xorm:"VARCHAR(7) NOT NULL"`
-	TargetURL string                `xorm:"TEXT"`
+	ID        int64                          `xorm:"pk autoincr"`
+	RepoID    int64                          `xorm:"INDEX UNIQUE(repo_id_sha)"`
+	SHA       string                         `xorm:"VARCHAR(64) NOT NULL INDEX UNIQUE(repo_id_sha)"`
+	State     commitstatus.CommitStatusState `xorm:"VARCHAR(7) NOT NULL"`
+	TargetURL string                         `xorm:"TEXT"`
 }
 
 func init() {
@@ -55,11 +55,15 @@ func GetLatestCommitStatusForRepoAndSHAs(ctx context.Context, repoSHAs []RepoSHA
 }
 
 func UpdateCommitStatusSummary(ctx context.Context, repoID int64, sha string) error {
-	commitStatuses, _, err := GetLatestCommitStatus(ctx, repoID, sha, db.ListOptionsAll)
+	commitStatuses, err := GetLatestCommitStatus(ctx, repoID, sha, db.ListOptionsAll)
 	if err != nil {
 		return err
 	}
-	state := CalcCommitStatus(commitStatuses)
+	// it guarantees that commitStatuses is not empty because this function is always called after a commit status is created
+	if len(commitStatuses) == 0 {
+		setting.PanicInDevOrTesting("no commit statuses found for repo %d and sha %s", repoID, sha)
+	}
+	state := CalcCommitStatus(commitStatuses) // non-empty commitStatuses is guaranteed
 	// mysql will return 0 when update a record which state hasn't been changed which behaviour is different from other database,
 	// so we need to use insert in on duplicate
 	if setting.Database.Type.IsMySQL() {
diff --git a/models/git/commit_status_test.go b/models/git/commit_status_test.go
index 37d785e938..4c0f5e891b 100644
--- a/models/git/commit_status_test.go
+++ b/models/git/commit_status_test.go
@@ -14,9 +14,9 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
-	"code.gitea.io/gitea/modules/structs"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -26,7 +26,7 @@ func TestGetCommitStatuses(t *testing.T) {
 
 	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
 
-	sha1 := "1234123412341234123412341234123412341234"
+	sha1 := "1234123412341234123412341234123412341234" // the mocked commit ID in test fixtures
 
 	statuses, maxResults, err := db.FindAndCount[git_model.CommitStatus](db.DefaultContext, &git_model.CommitStatusOptions{
 		ListOptions: db.ListOptions{Page: 1, PageSize: 50},
@@ -38,23 +38,23 @@ func TestGetCommitStatuses(t *testing.T) {
 	assert.Len(t, statuses, 5)
 
 	assert.Equal(t, "ci/awesomeness", statuses[0].Context)
-	assert.Equal(t, structs.CommitStatusPending, statuses[0].State)
+	assert.Equal(t, commitstatus.CommitStatusPending, statuses[0].State)
 	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/statuses/1234123412341234123412341234123412341234", statuses[0].APIURL(db.DefaultContext))
 
 	assert.Equal(t, "cov/awesomeness", statuses[1].Context)
-	assert.Equal(t, structs.CommitStatusWarning, statuses[1].State)
+	assert.Equal(t, commitstatus.CommitStatusWarning, statuses[1].State)
 	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/statuses/1234123412341234123412341234123412341234", statuses[1].APIURL(db.DefaultContext))
 
 	assert.Equal(t, "cov/awesomeness", statuses[2].Context)
-	assert.Equal(t, structs.CommitStatusSuccess, statuses[2].State)
+	assert.Equal(t, commitstatus.CommitStatusSuccess, statuses[2].State)
 	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/statuses/1234123412341234123412341234123412341234", statuses[2].APIURL(db.DefaultContext))
 
 	assert.Equal(t, "ci/awesomeness", statuses[3].Context)
-	assert.Equal(t, structs.CommitStatusFailure, statuses[3].State)
+	assert.Equal(t, commitstatus.CommitStatusFailure, statuses[3].State)
 	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/statuses/1234123412341234123412341234123412341234", statuses[3].APIURL(db.DefaultContext))
 
 	assert.Equal(t, "deploy/awesomeness", statuses[4].Context)
-	assert.Equal(t, structs.CommitStatusError, statuses[4].State)
+	assert.Equal(t, commitstatus.CommitStatusError, statuses[4].State)
 	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/statuses/1234123412341234123412341234123412341234", statuses[4].APIURL(db.DefaultContext))
 
 	statuses, maxResults, err = db.FindAndCount[git_model.CommitStatus](db.DefaultContext, &git_model.CommitStatusOptions{
@@ -75,110 +75,110 @@ func Test_CalcCommitStatus(t *testing.T) {
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusPending,
+					State: commitstatus.CommitStatusPending,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusPending,
+				State: commitstatus.CommitStatusPending,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 				{
-					State: structs.CommitStatusPending,
+					State: commitstatus.CommitStatusPending,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusPending,
+				State: commitstatus.CommitStatusPending,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 				{
-					State: structs.CommitStatusPending,
+					State: commitstatus.CommitStatusPending,
 				},
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusPending,
+				State: commitstatus.CommitStatusPending,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusError,
+					State: commitstatus.CommitStatusError,
 				},
 				{
-					State: structs.CommitStatusPending,
+					State: commitstatus.CommitStatusPending,
 				},
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusError,
+				State: commitstatus.CommitStatusFailure,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusWarning,
+					State: commitstatus.CommitStatusWarning,
 				},
 				{
-					State: structs.CommitStatusPending,
+					State: commitstatus.CommitStatusPending,
 				},
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusWarning,
+				State: commitstatus.CommitStatusPending,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 				{
-					State: structs.CommitStatusSuccess,
+					State: commitstatus.CommitStatusSuccess,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusSuccess,
+				State: commitstatus.CommitStatusSuccess,
 			},
 		},
 		{
 			statuses: []*git_model.CommitStatus{
 				{
-					State: structs.CommitStatusFailure,
+					State: commitstatus.CommitStatusFailure,
 				},
 				{
-					State: structs.CommitStatusError,
+					State: commitstatus.CommitStatusError,
 				},
 				{
-					State: structs.CommitStatusWarning,
+					State: commitstatus.CommitStatusWarning,
 				},
 			},
 			expected: &git_model.CommitStatus{
-				State: structs.CommitStatusError,
+				State: commitstatus.CommitStatusFailure,
 			},
 		},
 	}
 
 	for _, kase := range kases {
-		assert.Equal(t, kase.expected, git_model.CalcCommitStatus(kase.statuses))
+		assert.Equal(t, kase.expected, git_model.CalcCommitStatus(kase.statuses), "statuses: %v", kase.statuses)
 	}
 }
 
@@ -208,7 +208,7 @@ func TestFindRepoRecentCommitStatusContexts(t *testing.T) {
 		Creator: user2,
 		SHA:     commit.ID,
 		CommitStatus: &git_model.CommitStatus{
-			State:     structs.CommitStatusFailure,
+			State:     commitstatus.CommitStatusFailure,
 			TargetURL: "https://example.com/tests/",
 			Context:   "compliance/lint-backend",
 		},
@@ -220,7 +220,7 @@ func TestFindRepoRecentCommitStatusContexts(t *testing.T) {
 		Creator: user2,
 		SHA:     commit.ID,
 		CommitStatus: &git_model.CommitStatus{
-			State:     structs.CommitStatusSuccess,
+			State:     commitstatus.CommitStatusSuccess,
 			TargetURL: "https://example.com/tests/",
 			Context:   "compliance/lint-backend",
 		},
@@ -256,3 +256,26 @@ func TestCommitStatusesHideActionsURL(t *testing.T) {
 	assert.Empty(t, statuses[0].TargetURL)
 	assert.Equal(t, "https://mycicd.org/1", statuses[1].TargetURL)
 }
+
+func TestGetCountLatestCommitStatus(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+
+	sha1 := "1234123412341234123412341234123412341234" // the mocked commit ID in test fixtures
+
+	commitStatuses, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo1.ID, sha1, db.ListOptions{
+		Page:     1,
+		PageSize: 2,
+	})
+	assert.NoError(t, err)
+	assert.Len(t, commitStatuses, 2)
+	assert.Equal(t, commitstatus.CommitStatusFailure, commitStatuses[0].State)
+	assert.Equal(t, "ci/awesomeness", commitStatuses[0].Context)
+	assert.Equal(t, commitstatus.CommitStatusError, commitStatuses[1].State)
+	assert.Equal(t, "deploy/awesomeness", commitStatuses[1].Context)
+
+	count, err := git_model.CountLatestCommitStatus(db.DefaultContext, repo1.ID, sha1)
+	assert.NoError(t, err)
+	assert.EqualValues(t, 3, count)
+}
diff --git a/models/git/lfs.go b/models/git/lfs.go
index bb6361050a..c471baf588 100644
--- a/models/git/lfs.go
+++ b/models/git/lfs.go
@@ -112,7 +112,6 @@ type LFSMetaObject struct {
 	ID           int64 `xorm:"pk autoincr"`
 	lfs.Pointer  `xorm:"extends"`
 	RepositoryID int64              `xorm:"UNIQUE(s) INDEX NOT NULL"`
-	Existing     bool               `xorm:"-"`
 	CreatedUnix  timeutil.TimeStamp `xorm:"created"`
 	UpdatedUnix  timeutil.TimeStamp `xorm:"INDEX updated"`
 }
@@ -136,26 +135,18 @@ var ErrLFSObjectNotExist = db.ErrNotExist{Resource: "LFS Meta object"}
 // NewLFSMetaObject stores a given populated LFSMetaObject structure in the database
 // if it is not already present.
 func NewLFSMetaObject(ctx context.Context, repoID int64, p lfs.Pointer) (*LFSMetaObject, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
 	m, exist, err := db.Get[LFSMetaObject](ctx, builder.Eq{"repository_id": repoID, "oid": p.Oid})
 	if err != nil {
 		return nil, err
 	} else if exist {
-		m.Existing = true
-		return m, committer.Commit()
+		return m, nil
 	}
 
 	m = &LFSMetaObject{Pointer: p, RepositoryID: repoID}
 	if err = db.Insert(ctx, m); err != nil {
 		return nil, err
 	}
-
-	return m, committer.Commit()
+	return m, nil
 }
 
 // GetLFSMetaObjectByOid selects a LFSMetaObject entry from database by its OID.
diff --git a/models/git/lfs_lock.go b/models/git/lfs_lock.go
index 07ce7d4abf..c5f9a4e6de 100644
--- a/models/git/lfs_lock.go
+++ b/models/git/lfs_lock.go
@@ -70,32 +70,28 @@ func (l *LFSLock) LoadOwner(ctx context.Context) error {
 
 // CreateLFSLock creates a new lock.
 func CreateLFSLock(ctx context.Context, repo *repo_model.Repository, lock *LFSLock) (*LFSLock, error) {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	if err := CheckLFSAccessForRepo(dbCtx, lock.OwnerID, repo, perm.AccessModeWrite); err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*LFSLock, error) {
+		if err := CheckLFSAccessForRepo(ctx, lock.OwnerID, repo, perm.AccessModeWrite); err != nil {
+			return nil, err
+		}
 
-	lock.Path = util.PathJoinRel(lock.Path)
-	lock.RepoID = repo.ID
+		lock.Path = util.PathJoinRel(lock.Path)
+		lock.RepoID = repo.ID
 
-	l, err := GetLFSLock(dbCtx, repo, lock.Path)
-	if err == nil {
-		return l, ErrLFSLockAlreadyExist{lock.RepoID, lock.Path}
-	}
-	if !IsErrLFSLockNotExist(err) {
-		return nil, err
-	}
+		l, err := GetLFSLock(ctx, repo, lock.Path)
+		if err == nil {
+			return l, ErrLFSLockAlreadyExist{lock.RepoID, lock.Path}
+		}
+		if !IsErrLFSLockNotExist(err) {
+			return nil, err
+		}
 
-	if err := db.Insert(dbCtx, lock); err != nil {
-		return nil, err
-	}
+		if err := db.Insert(ctx, lock); err != nil {
+			return nil, err
+		}
 
-	return lock, committer.Commit()
+		return lock, nil
+	})
 }
 
 // GetLFSLock returns release by given path.
@@ -163,30 +159,26 @@ func CountLFSLockByRepoID(ctx context.Context, repoID int64) (int64, error) {
 
 // DeleteLFSLockByID deletes a lock by given ID.
 func DeleteLFSLockByID(ctx context.Context, id int64, repo *repo_model.Repository, u *user_model.User, force bool) (*LFSLock, error) {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	lock, err := GetLFSLockByID(dbCtx, id)
-	if err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*LFSLock, error) {
+		lock, err := GetLFSLockByID(ctx, id)
+		if err != nil {
+			return nil, err
+		}
 
-	if err := CheckLFSAccessForRepo(dbCtx, u.ID, repo, perm.AccessModeWrite); err != nil {
-		return nil, err
-	}
+		if err := CheckLFSAccessForRepo(ctx, u.ID, repo, perm.AccessModeWrite); err != nil {
+			return nil, err
+		}
 
-	if !force && u.ID != lock.OwnerID {
-		return nil, errors.New("user doesn't own lock and force flag is not set")
-	}
+		if !force && u.ID != lock.OwnerID {
+			return nil, errors.New("user doesn't own lock and force flag is not set")
+		}
 
-	if _, err := db.GetEngine(dbCtx).ID(id).Delete(new(LFSLock)); err != nil {
-		return nil, err
-	}
+		if _, err := db.GetEngine(ctx).ID(id).Delete(new(LFSLock)); err != nil {
+			return nil, err
+		}
 
-	return lock, committer.Commit()
+		return lock, nil
+	})
 }
 
 // CheckLFSAccessForRepo check needed access mode base on action
diff --git a/models/git/protected_branch.go b/models/git/protected_branch.go
index a3caed73c4..55bbe6938c 100644
--- a/models/git/protected_branch.go
+++ b/models/git/protected_branch.go
@@ -246,7 +246,7 @@ func (protectBranch *ProtectedBranch) GetUnprotectedFilePatterns() []glob.Glob {
 
 func getFilePatterns(filePatterns string) []glob.Glob {
 	extarr := make([]glob.Glob, 0, 10)
-	for _, expr := range strings.Split(strings.ToLower(filePatterns), ";") {
+	for expr := range strings.SplitSeq(strings.ToLower(filePatterns), ";") {
 		expr = strings.TrimSpace(expr)
 		if expr != "" {
 			if g, err := glob.Compile(expr, '.', '/'); err != nil {
@@ -518,7 +518,7 @@ func updateTeamWhitelist(ctx context.Context, repo *repo_model.Repository, curre
 		return currentWhitelist, nil
 	}
 
-	teams, err := organization.GetTeamsWithAccessToRepo(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead)
+	teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead, unit.TypeCode, unit.TypePullRequests)
 	if err != nil {
 		return nil, fmt.Errorf("GetTeamsWithAccessToRepo [org_id: %d, repo_id: %d]: %v", repo.OwnerID, repo.ID, err)
 	}
diff --git a/models/git/protected_branch_list_test.go b/models/git/protected_branch_list_test.go
index a46402c543..298c2fa074 100644
--- a/models/git/protected_branch_list_test.go
+++ b/models/git/protected_branch_list_test.go
@@ -70,7 +70,7 @@ func TestBranchRuleMatchPriority(t *testing.T) {
 				assert.Error(t, fmt.Errorf("no matched rules but expected %s[%d]", kase.Rules[kase.ExpectedMatchIdx], kase.ExpectedMatchIdx))
 			}
 		} else {
-			assert.EqualValues(t, kase.Rules[kase.ExpectedMatchIdx], matchedPB.RuleName)
+			assert.Equal(t, kase.Rules[kase.ExpectedMatchIdx], matchedPB.RuleName)
 		}
 	}
 }
diff --git a/models/git/protected_branch_test.go b/models/git/protected_branch_test.go
index e1c91d927d..367992081d 100644
--- a/models/git/protected_branch_test.go
+++ b/models/git/protected_branch_test.go
@@ -74,7 +74,7 @@ func TestBranchRuleMatch(t *testing.T) {
 		} else {
 			infact = " not"
 		}
-		assert.EqualValues(t, kase.ExpectedMatch, pb.Match(kase.BranchName),
+		assert.Equal(t, kase.ExpectedMatch, pb.Match(kase.BranchName),
 			"%s should%s match %s but it is%s", kase.BranchName, should, kase.Rule, infact,
 		)
 	}
diff --git a/models/issues/comment.go b/models/issues/comment.go
index ab9b2042f3..d22f08fa87 100644
--- a/models/issues/comment.go
+++ b/models/issues/comment.go
@@ -9,6 +9,7 @@ import (
 	"context"
 	"fmt"
 	"html/template"
+	"slices"
 	"strconv"
 	"unicode/utf8"
 
@@ -196,12 +197,7 @@ func (t CommentType) HasMailReplySupport() bool {
 }
 
 func (t CommentType) CountedAsConversation() bool {
-	for _, ct := range ConversationCountedCommentType() {
-		if t == ct {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(ConversationCountedCommentType(), t)
 }
 
 // ConversationCountedCommentType returns the comment types that are counted as a conversation
@@ -614,7 +610,7 @@ func UpdateCommentAttachments(ctx context.Context, c *Comment, uuids []string) e
 		if err != nil {
 			return fmt.Errorf("getAttachmentsByUUIDs [uuids: %v]: %w", uuids, err)
 		}
-		for i := 0; i < len(attachments); i++ {
+		for i := range attachments {
 			attachments[i].IssueID = c.IssueID
 			attachments[i].CommentID = c.ID
 			if err := repo_model.UpdateAttachment(ctx, attachments[i]); err != nil {
@@ -719,7 +715,8 @@ func (c *Comment) LoadReactions(ctx context.Context, repo *repo_model.Repository
 	return nil
 }
 
-func (c *Comment) loadReview(ctx context.Context) (err error) {
+// LoadReview loads the associated review
+func (c *Comment) LoadReview(ctx context.Context) (err error) {
 	if c.ReviewID == 0 {
 		return nil
 	}
@@ -736,11 +733,6 @@ func (c *Comment) loadReview(ctx context.Context) (err error) {
 	return nil
 }
 
-// LoadReview loads the associated review
-func (c *Comment) LoadReview(ctx context.Context) error {
-	return c.loadReview(ctx)
-}
-
 // DiffSide returns "previous" if Comment.Line is a LOC of the previous changes and "proposed" if it is a LOC of the proposed changes.
 func (c *Comment) DiffSide() string {
 	if c.Line < 0 {
@@ -774,81 +766,73 @@ func (c *Comment) CodeCommentLink(ctx context.Context) string {
 
 // CreateComment creates comment with context
 func CreateComment(ctx context.Context, opts *CreateCommentOptions) (_ *Comment, err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	e := db.GetEngine(ctx)
-	var LabelID int64
-	if opts.Label != nil {
-		LabelID = opts.Label.ID
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		var LabelID int64
+		if opts.Label != nil {
+			LabelID = opts.Label.ID
+		}
 
-	var commentMetaData *CommentMetaData
-	if opts.ProjectColumnTitle != "" {
-		commentMetaData = &CommentMetaData{
-			ProjectColumnID:    opts.ProjectColumnID,
-			ProjectColumnTitle: opts.ProjectColumnTitle,
-			ProjectTitle:       opts.ProjectTitle,
+		var commentMetaData *CommentMetaData
+		if opts.ProjectColumnTitle != "" {
+			commentMetaData = &CommentMetaData{
+				ProjectColumnID:    opts.ProjectColumnID,
+				ProjectColumnTitle: opts.ProjectColumnTitle,
+				ProjectTitle:       opts.ProjectTitle,
+			}
 		}
-	}
 
-	comment := &Comment{
-		Type:             opts.Type,
-		PosterID:         opts.Doer.ID,
-		Poster:           opts.Doer,
-		IssueID:          opts.Issue.ID,
-		LabelID:          LabelID,
-		OldMilestoneID:   opts.OldMilestoneID,
-		MilestoneID:      opts.MilestoneID,
-		OldProjectID:     opts.OldProjectID,
-		ProjectID:        opts.ProjectID,
-		TimeID:           opts.TimeID,
-		RemovedAssignee:  opts.RemovedAssignee,
-		AssigneeID:       opts.AssigneeID,
-		AssigneeTeamID:   opts.AssigneeTeamID,
-		CommitID:         opts.CommitID,
-		CommitSHA:        opts.CommitSHA,
-		Line:             opts.LineNum,
-		Content:          opts.Content,
-		OldTitle:         opts.OldTitle,
-		NewTitle:         opts.NewTitle,
-		OldRef:           opts.OldRef,
-		NewRef:           opts.NewRef,
-		DependentIssueID: opts.DependentIssueID,
-		TreePath:         opts.TreePath,
-		ReviewID:         opts.ReviewID,
-		Patch:            opts.Patch,
-		RefRepoID:        opts.RefRepoID,
-		RefIssueID:       opts.RefIssueID,
-		RefCommentID:     opts.RefCommentID,
-		RefAction:        opts.RefAction,
-		RefIsPull:        opts.RefIsPull,
-		IsForcePush:      opts.IsForcePush,
-		Invalidated:      opts.Invalidated,
-		CommentMetaData:  commentMetaData,
-	}
-	if _, err = e.Insert(comment); err != nil {
-		return nil, err
-	}
+		comment := &Comment{
+			Type:             opts.Type,
+			PosterID:         opts.Doer.ID,
+			Poster:           opts.Doer,
+			IssueID:          opts.Issue.ID,
+			LabelID:          LabelID,
+			OldMilestoneID:   opts.OldMilestoneID,
+			MilestoneID:      opts.MilestoneID,
+			OldProjectID:     opts.OldProjectID,
+			ProjectID:        opts.ProjectID,
+			TimeID:           opts.TimeID,
+			RemovedAssignee:  opts.RemovedAssignee,
+			AssigneeID:       opts.AssigneeID,
+			AssigneeTeamID:   opts.AssigneeTeamID,
+			CommitID:         opts.CommitID,
+			CommitSHA:        opts.CommitSHA,
+			Line:             opts.LineNum,
+			Content:          opts.Content,
+			OldTitle:         opts.OldTitle,
+			NewTitle:         opts.NewTitle,
+			OldRef:           opts.OldRef,
+			NewRef:           opts.NewRef,
+			DependentIssueID: opts.DependentIssueID,
+			TreePath:         opts.TreePath,
+			ReviewID:         opts.ReviewID,
+			Patch:            opts.Patch,
+			RefRepoID:        opts.RefRepoID,
+			RefIssueID:       opts.RefIssueID,
+			RefCommentID:     opts.RefCommentID,
+			RefAction:        opts.RefAction,
+			RefIsPull:        opts.RefIsPull,
+			IsForcePush:      opts.IsForcePush,
+			Invalidated:      opts.Invalidated,
+			CommentMetaData:  commentMetaData,
+		}
+		if err = db.Insert(ctx, comment); err != nil {
+			return nil, err
+		}
 
-	if err = opts.Repo.LoadOwner(ctx); err != nil {
-		return nil, err
-	}
+		if err = opts.Repo.LoadOwner(ctx); err != nil {
+			return nil, err
+		}
 
-	if err = updateCommentInfos(ctx, opts, comment); err != nil {
-		return nil, err
-	}
+		if err = updateCommentInfos(ctx, opts, comment); err != nil {
+			return nil, err
+		}
 
-	if err = comment.AddCrossReferences(ctx, opts.Doer, false); err != nil {
-		return nil, err
-	}
-	if err = committer.Commit(); err != nil {
-		return nil, err
-	}
-	return comment, nil
+		if err = comment.AddCrossReferences(ctx, opts.Doer, false); err != nil {
+			return nil, err
+		}
+		return comment, nil
+	})
 }
 
 func updateCommentInfos(ctx context.Context, opts *CreateCommentOptions, comment *Comment) (err error) {
@@ -860,7 +844,7 @@ func updateCommentInfos(ctx context.Context, opts *CreateCommentOptions, comment
 		}
 		if comment.ReviewID != 0 {
 			if comment.Review == nil {
-				if err := comment.loadReview(ctx); err != nil {
+				if err := comment.LoadReview(ctx); err != nil {
 					return err
 				}
 			}
@@ -1100,33 +1084,21 @@ func UpdateCommentInvalidate(ctx context.Context, c *Comment) error {
 
 // UpdateComment updates information of comment.
 func UpdateComment(ctx context.Context, c *Comment, contentVersion int, doer *user_model.User) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-
-	c.ContentVersion = contentVersion + 1
-
-	affected, err := sess.ID(c.ID).AllCols().Where("content_version = ?", contentVersion).Update(c)
-	if err != nil {
-		return err
-	}
-	if affected == 0 {
-		return ErrCommentAlreadyChanged
-	}
-	if err := c.LoadIssue(ctx); err != nil {
-		return err
-	}
-	if err := c.AddCrossReferences(ctx, doer, true); err != nil {
-		return err
-	}
-	if err := committer.Commit(); err != nil {
-		return fmt.Errorf("Commit: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		c.ContentVersion = contentVersion + 1
 
-	return nil
+		affected, err := db.GetEngine(ctx).ID(c.ID).AllCols().Where("content_version = ?", contentVersion).Update(c)
+		if err != nil {
+			return err
+		}
+		if affected == 0 {
+			return ErrCommentAlreadyChanged
+		}
+		if err := c.LoadIssue(ctx); err != nil {
+			return err
+		}
+		return c.AddCrossReferences(ctx, doer, true)
+	})
 }
 
 // DeleteComment deletes the comment
@@ -1285,31 +1257,28 @@ func InsertIssueComments(ctx context.Context, comments []*Comment) error {
 		return comment.IssueID, true
 	})
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	for _, comment := range comments {
-		if _, err := db.GetEngine(ctx).NoAutoTime().Insert(comment); err != nil {
-			return err
-		}
-
-		for _, reaction := range comment.Reactions {
-			reaction.IssueID = comment.IssueID
-			reaction.CommentID = comment.ID
-		}
-		if len(comment.Reactions) > 0 {
-			if err := db.Insert(ctx, comment.Reactions); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, comment := range comments {
+			if _, err := db.GetEngine(ctx).NoAutoTime().Insert(comment); err != nil {
 				return err
 			}
+
+			for _, reaction := range comment.Reactions {
+				reaction.IssueID = comment.IssueID
+				reaction.CommentID = comment.ID
+			}
+			if len(comment.Reactions) > 0 {
+				if err := db.Insert(ctx, comment.Reactions); err != nil {
+					return err
+				}
+			}
 		}
-	}
 
-	for _, issueID := range issueIDs {
-		if err := UpdateIssueNumComments(ctx, issueID); err != nil {
-			return err
+		for _, issueID := range issueIDs {
+			if err := UpdateIssueNumComments(ctx, issueID); err != nil {
+				return err
+			}
 		}
-	}
-	return committer.Commit()
+		return nil
+	})
 }
diff --git a/models/issues/comment_code.go b/models/issues/comment_code.go
index b562aab500..55e67a1243 100644
--- a/models/issues/comment_code.go
+++ b/models/issues/comment_code.go
@@ -5,6 +5,7 @@ package issues
 
 import (
 	"context"
+	"strconv"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/renderhelper"
@@ -114,7 +115,9 @@ func findCodeComments(ctx context.Context, opts FindCommentsOptions, issue *Issu
 		}
 
 		var err error
-		rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo)
+		rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo, renderhelper.RepoCommentOptions{
+			FootnoteContextID: strconv.FormatInt(comment.ID, 10),
+		})
 		if comment.RenderedContent, err = markdown.RenderString(rctx, comment.Content); err != nil {
 			return nil, err
 		}
diff --git a/models/issues/comment_list.go b/models/issues/comment_list.go
index c483ada75a..f6c485449f 100644
--- a/models/issues/comment_list.go
+++ b/models/issues/comment_list.go
@@ -57,10 +57,7 @@ func (comments CommentList) loadLabels(ctx context.Context) error {
 	commentLabels := make(map[int64]*Label, len(labelIDs))
 	left := len(labelIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", labelIDs[:limit]).
 			Rows(new(Label))
@@ -107,10 +104,7 @@ func (comments CommentList) loadMilestones(ctx context.Context) error {
 	milestoneMaps := make(map[int64]*Milestone, len(milestoneIDs))
 	left := len(milestoneIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		err := db.GetEngine(ctx).
 			In("id", milestoneIDs[:limit]).
 			Find(&milestoneMaps)
@@ -146,10 +140,7 @@ func (comments CommentList) loadOldMilestones(ctx context.Context) error {
 	milestoneMaps := make(map[int64]*Milestone, len(milestoneIDs))
 	left := len(milestoneIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		err := db.GetEngine(ctx).
 			In("id", milestoneIDs[:limit]).
 			Find(&milestoneMaps)
@@ -184,10 +175,7 @@ func (comments CommentList) loadAssignees(ctx context.Context) error {
 	assignees := make(map[int64]*user_model.User, len(assigneeIDs))
 	left := len(assigneeIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", assigneeIDs[:limit]).
 			Rows(new(user_model.User))
@@ -256,10 +244,7 @@ func (comments CommentList) LoadIssues(ctx context.Context) error {
 	issues := make(map[int64]*Issue, len(issueIDs))
 	left := len(issueIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("id", issueIDs[:limit]).
 			Rows(new(Issue))
@@ -313,10 +298,7 @@ func (comments CommentList) loadDependentIssues(ctx context.Context) error {
 	issues := make(map[int64]*Issue, len(issueIDs))
 	left := len(issueIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := e.
 			In("id", issueIDs[:limit]).
 			Rows(new(Issue))
@@ -392,10 +374,7 @@ func (comments CommentList) LoadAttachments(ctx context.Context) (err error) {
 	commentsIDs := comments.getAttachmentCommentIDs()
 	left := len(commentsIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("comment_id", commentsIDs[:limit]).
 			Rows(new(repo_model.Attachment))
diff --git a/models/issues/comment_test.go b/models/issues/comment_test.go
index ae0bc3ce17..c08e3b970d 100644
--- a/models/issues/comment_test.go
+++ b/models/issues/comment_test.go
@@ -34,10 +34,10 @@ func TestCreateComment(t *testing.T) {
 	assert.NoError(t, err)
 	then := time.Now().Unix()
 
-	assert.EqualValues(t, issues_model.CommentTypeComment, comment.Type)
-	assert.EqualValues(t, "Hello", comment.Content)
-	assert.EqualValues(t, issue.ID, comment.IssueID)
-	assert.EqualValues(t, doer.ID, comment.PosterID)
+	assert.Equal(t, issues_model.CommentTypeComment, comment.Type)
+	assert.Equal(t, "Hello", comment.Content)
+	assert.Equal(t, issue.ID, comment.IssueID)
+	assert.Equal(t, doer.ID, comment.PosterID)
 	unittest.AssertInt64InRange(t, now, then, int64(comment.CreatedUnix))
 	unittest.AssertExistsAndLoadBean(t, comment) // assert actually added to DB
 
@@ -58,9 +58,9 @@ func Test_UpdateCommentAttachment(t *testing.T) {
 	assert.NoError(t, err)
 
 	attachment2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: attachment.ID})
-	assert.EqualValues(t, attachment.Name, attachment2.Name)
-	assert.EqualValues(t, comment.ID, attachment2.CommentID)
-	assert.EqualValues(t, comment.IssueID, attachment2.IssueID)
+	assert.Equal(t, attachment.Name, attachment2.Name)
+	assert.Equal(t, comment.ID, attachment2.CommentID)
+	assert.Equal(t, comment.IssueID, attachment2.IssueID)
 }
 
 func TestFetchCodeComments(t *testing.T) {
@@ -111,7 +111,7 @@ func TestMigrate_InsertIssueComments(t *testing.T) {
 	assert.NoError(t, err)
 
 	issueModified := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
-	assert.EqualValues(t, issue.NumComments+1, issueModified.NumComments)
+	assert.Equal(t, issue.NumComments+1, issueModified.NumComments)
 
 	unittest.CheckConsistencyFor(t, &issues_model.Issue{})
 }
@@ -122,5 +122,5 @@ func Test_UpdateIssueNumComments(t *testing.T) {
 
 	assert.NoError(t, issues_model.UpdateIssueNumComments(db.DefaultContext, issue2.ID))
 	issue2 = unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 2})
-	assert.EqualValues(t, 1, issue2.NumComments)
+	assert.Equal(t, 1, issue2.NumComments)
 }
diff --git a/models/issues/dependency.go b/models/issues/dependency.go
index 146dd1887d..0eaa47e359 100644
--- a/models/issues/dependency.go
+++ b/models/issues/dependency.go
@@ -128,79 +128,64 @@ const (
 
 // CreateIssueDependency creates a new dependency for an issue
 func CreateIssueDependency(ctx context.Context, user *user_model.User, issue, dep *Issue) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	// Check if it already exists
-	exists, err := issueDepExists(ctx, issue.ID, dep.ID)
-	if err != nil {
-		return err
-	}
-	if exists {
-		return ErrDependencyExists{issue.ID, dep.ID}
-	}
-	// And if it would be circular
-	circular, err := issueDepExists(ctx, dep.ID, issue.ID)
-	if err != nil {
-		return err
-	}
-	if circular {
-		return ErrCircularDependency{issue.ID, dep.ID}
-	}
-
-	if err := db.Insert(ctx, &IssueDependency{
-		UserID:       user.ID,
-		IssueID:      issue.ID,
-		DependencyID: dep.ID,
-	}); err != nil {
-		return err
-	}
-
-	// Add comment referencing the new dependency
-	if err = createIssueDependencyComment(ctx, user, issue, dep, true); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// Check if it already exists
+		exists, err := issueDepExists(ctx, issue.ID, dep.ID)
+		if err != nil {
+			return err
+		}
+		if exists {
+			return ErrDependencyExists{issue.ID, dep.ID}
+		}
+		// And if it would be circular
+		circular, err := issueDepExists(ctx, dep.ID, issue.ID)
+		if err != nil {
+			return err
+		}
+		if circular {
+			return ErrCircularDependency{issue.ID, dep.ID}
+		}
+
+		if err := db.Insert(ctx, &IssueDependency{
+			UserID:       user.ID,
+			IssueID:      issue.ID,
+			DependencyID: dep.ID,
+		}); err != nil {
+			return err
+		}
+
+		// Add comment referencing the new dependency
+		return createIssueDependencyComment(ctx, user, issue, dep, true)
+	})
 }
 
 // RemoveIssueDependency removes a dependency from an issue
 func RemoveIssueDependency(ctx context.Context, user *user_model.User, issue, dep *Issue, depType DependencyType) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	var issueDepToDelete IssueDependency
-
-	switch depType {
-	case DependencyTypeBlockedBy:
-		issueDepToDelete = IssueDependency{IssueID: issue.ID, DependencyID: dep.ID}
-	case DependencyTypeBlocking:
-		issueDepToDelete = IssueDependency{IssueID: dep.ID, DependencyID: issue.ID}
-	default:
-		return ErrUnknownDependencyType{depType}
-	}
-
-	affected, err := db.GetEngine(ctx).Delete(&issueDepToDelete)
-	if err != nil {
-		return err
-	}
-
-	// If we deleted nothing, the dependency did not exist
-	if affected <= 0 {
-		return ErrDependencyNotExists{issue.ID, dep.ID}
-	}
-
-	// Add comment referencing the removed dependency
-	if err = createIssueDependencyComment(ctx, user, issue, dep, false); err != nil {
-		return err
-	}
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		var issueDepToDelete IssueDependency
+
+		switch depType {
+		case DependencyTypeBlockedBy:
+			issueDepToDelete = IssueDependency{IssueID: issue.ID, DependencyID: dep.ID}
+		case DependencyTypeBlocking:
+			issueDepToDelete = IssueDependency{IssueID: dep.ID, DependencyID: issue.ID}
+		default:
+			return ErrUnknownDependencyType{depType}
+		}
+
+		affected, err := db.GetEngine(ctx).Delete(&issueDepToDelete)
+		if err != nil {
+			return err
+		}
+
+		// If we deleted nothing, the dependency did not exist
+		if affected <= 0 {
+			return ErrDependencyNotExists{issue.ID, dep.ID}
+		}
+
+		// Add comment referencing the removed dependency
+		return createIssueDependencyComment(ctx, user, issue, dep, false)
+	})
 }
 
 // Check if the dependency already exists
diff --git a/models/issues/issue.go b/models/issues/issue.go
index 5204f27faf..ef651359ab 100644
--- a/models/issues/issue.go
+++ b/models/issues/issue.go
@@ -10,6 +10,7 @@ import (
 	"html/template"
 	"regexp"
 	"slices"
+	"strconv"
 
 	"code.gitea.io/gitea/models/db"
 	project_model "code.gitea.io/gitea/models/project"
@@ -754,18 +755,14 @@ func (issue *Issue) HasOriginalAuthor() bool {
 
 // InsertIssues insert issues to database
 func InsertIssues(ctx context.Context, issues ...*Issue) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	for _, issue := range issues {
-		if err := insertIssue(ctx, issue); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, issue := range issues {
+			if err := insertIssue(ctx, issue); err != nil {
+				return err
+			}
 		}
-	}
-	return committer.Commit()
+		return nil
+	})
 }
 
 func insertIssue(ctx context.Context, issue *Issue) error {
@@ -815,7 +812,7 @@ func ChangeIssueTimeEstimate(ctx context.Context, issue *Issue, doer *user_model
 			Doer:    doer,
 			Repo:    issue.Repo,
 			Issue:   issue,
-			Content: fmt.Sprintf("%d", timeEstimate),
+			Content: strconv.FormatInt(timeEstimate, 10),
 		}
 		if _, err := CreateComment(ctx, opts); err != nil {
 			return fmt.Errorf("createComment: %w", err)
diff --git a/models/issues/issue_index.go b/models/issues/issue_index.go
index 2eb61858bf..1fe4a08a09 100644
--- a/models/issues/issue_index.go
+++ b/models/issues/issue_index.go
@@ -12,20 +12,12 @@ import (
 // RecalculateIssueIndexForRepo create issue_index for repo if not exist and
 // update it based on highest index of existing issues assigned to a repo
 func RecalculateIssueIndexForRepo(ctx context.Context, repoID int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		var maxIndex int64
+		if _, err := db.GetEngine(ctx).Select(" MAX(`index`)").Table("issue").Where("repo_id=?", repoID).Get(&maxIndex); err != nil {
+			return err
+		}
 
-	var maxIndex int64
-	if _, err = db.GetEngine(ctx).Select(" MAX(`index`)").Table("issue").Where("repo_id=?", repoID).Get(&maxIndex); err != nil {
-		return err
-	}
-
-	if err = db.SyncMaxResourceIndex(ctx, "issue_index", repoID, maxIndex); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+		return db.SyncMaxResourceIndex(ctx, "issue_index", repoID, maxIndex)
+	})
 }
diff --git a/models/issues/issue_label.go b/models/issues/issue_label.go
index 10fc821454..151469a9b8 100644
--- a/models/issues/issue_label.go
+++ b/models/issues/issue_label.go
@@ -88,36 +88,28 @@ func NewIssueLabel(ctx context.Context, issue *Issue, label *Label, doer *user_m
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = issue.LoadRepo(ctx); err != nil {
-		return err
-	}
-
-	// Do NOT add invalid labels
-	if issue.RepoID != label.RepoID && issue.Repo.OwnerID != label.OrgID {
-		return nil
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = issue.LoadRepo(ctx); err != nil {
+			return err
+		}
 
-	if err = RemoveDuplicateExclusiveIssueLabels(ctx, issue, label, doer); err != nil {
-		return nil
-	}
+		// Do NOT add invalid labels
+		if issue.RepoID != label.RepoID && issue.Repo.OwnerID != label.OrgID {
+			return nil
+		}
 
-	if err = newIssueLabel(ctx, issue, label, doer); err != nil {
-		return err
-	}
+		if err = RemoveDuplicateExclusiveIssueLabels(ctx, issue, label, doer); err != nil {
+			return nil
+		}
 
-	issue.isLabelsLoaded = false
-	issue.Labels = nil
-	if err = issue.LoadLabels(ctx); err != nil {
-		return err
-	}
+		if err = newIssueLabel(ctx, issue, label, doer); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		issue.isLabelsLoaded = false
+		issue.Labels = nil
+		return issue.LoadLabels(ctx)
+	})
 }
 
 // newIssueLabels add labels to an issue. It will check if the labels are valid for the issue
@@ -151,24 +143,16 @@ func newIssueLabels(ctx context.Context, issue *Issue, labels []*Label, doer *us
 
 // NewIssueLabels creates a list of issue-label relations.
 func NewIssueLabels(ctx context.Context, issue *Issue, labels []*Label, doer *user_model.User) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = newIssueLabels(ctx, issue, labels, doer); err != nil {
-		return err
-	}
-
-	// reload all labels
-	issue.isLabelsLoaded = false
-	issue.Labels = nil
-	if err = issue.LoadLabels(ctx); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = newIssueLabels(ctx, issue, labels, doer); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		// reload all labels
+		issue.isLabelsLoaded = false
+		issue.Labels = nil
+		return issue.LoadLabels(ctx)
+	})
 }
 
 func deleteIssueLabel(ctx context.Context, issue *Issue, label *Label, doer *user_model.User) (err error) {
@@ -206,6 +190,7 @@ func DeleteIssueLabel(ctx context.Context, issue *Issue, label *Label, doer *use
 	}
 
 	issue.Labels = nil
+	issue.isLabelsLoaded = false
 	return issue.LoadLabels(ctx)
 }
 
@@ -364,35 +349,23 @@ func clearIssueLabels(ctx context.Context, issue *Issue, doer *user_model.User)
 // ClearIssueLabels removes all issue labels as the given user.
 // Triggers appropriate WebHooks, if any.
 func ClearIssueLabels(ctx context.Context, issue *Issue, doer *user_model.User) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := issue.LoadRepo(ctx); err != nil {
-		return err
-	} else if err = issue.LoadPullRequest(ctx); err != nil {
-		return err
-	}
-
-	perm, err := access_model.GetUserRepoPermission(ctx, issue.Repo, doer)
-	if err != nil {
-		return err
-	}
-	if !perm.CanWriteIssuesOrPulls(issue.IsPull) {
-		return ErrRepoLabelNotExist{}
-	}
-
-	if err = clearIssueLabels(ctx, issue, doer); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err := issue.LoadRepo(ctx); err != nil {
+			return err
+		} else if err = issue.LoadPullRequest(ctx); err != nil {
+			return err
+		}
 
-	if err = committer.Commit(); err != nil {
-		return fmt.Errorf("Commit: %w", err)
-	}
+		perm, err := access_model.GetUserRepoPermission(ctx, issue.Repo, doer)
+		if err != nil {
+			return err
+		}
+		if !perm.CanWriteIssuesOrPulls(issue.IsPull) {
+			return ErrRepoLabelNotExist{}
+		}
 
-	return nil
+		return clearIssueLabels(ctx, issue, doer)
+	})
 }
 
 type labelSorter []*Label
@@ -437,69 +410,61 @@ func RemoveDuplicateExclusiveLabels(labels []*Label) []*Label {
 // ReplaceIssueLabels removes all current labels and add new labels to the issue.
 // Triggers appropriate WebHooks, if any.
 func ReplaceIssueLabels(ctx context.Context, issue *Issue, labels []*Label, doer *user_model.User) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = issue.LoadRepo(ctx); err != nil {
+			return err
+		}
 
-	if err = issue.LoadRepo(ctx); err != nil {
-		return err
-	}
+		if err = issue.LoadLabels(ctx); err != nil {
+			return err
+		}
 
-	if err = issue.LoadLabels(ctx); err != nil {
-		return err
-	}
+		labels = RemoveDuplicateExclusiveLabels(labels)
 
-	labels = RemoveDuplicateExclusiveLabels(labels)
+		sort.Sort(labelSorter(labels))
+		sort.Sort(labelSorter(issue.Labels))
 
-	sort.Sort(labelSorter(labels))
-	sort.Sort(labelSorter(issue.Labels))
+		var toAdd, toRemove []*Label
 
-	var toAdd, toRemove []*Label
+		addIndex, removeIndex := 0, 0
+		for addIndex < len(labels) && removeIndex < len(issue.Labels) {
+			addLabel := labels[addIndex]
+			removeLabel := issue.Labels[removeIndex]
+			if addLabel.ID == removeLabel.ID {
+				// Silently drop invalid labels
+				if removeLabel.RepoID != issue.RepoID && removeLabel.OrgID != issue.Repo.OwnerID {
+					toRemove = append(toRemove, removeLabel)
+				}
 
-	addIndex, removeIndex := 0, 0
-	for addIndex < len(labels) && removeIndex < len(issue.Labels) {
-		addLabel := labels[addIndex]
-		removeLabel := issue.Labels[removeIndex]
-		if addLabel.ID == removeLabel.ID {
-			// Silently drop invalid labels
-			if removeLabel.RepoID != issue.RepoID && removeLabel.OrgID != issue.Repo.OwnerID {
+				addIndex++
+				removeIndex++
+			} else if addLabel.ID < removeLabel.ID {
+				// Only add if the label is valid
+				if addLabel.RepoID == issue.RepoID || addLabel.OrgID == issue.Repo.OwnerID {
+					toAdd = append(toAdd, addLabel)
+				}
+				addIndex++
+			} else {
 				toRemove = append(toRemove, removeLabel)
+				removeIndex++
 			}
-
-			addIndex++
-			removeIndex++
-		} else if addLabel.ID < removeLabel.ID {
-			// Only add if the label is valid
-			if addLabel.RepoID == issue.RepoID || addLabel.OrgID == issue.Repo.OwnerID {
-				toAdd = append(toAdd, addLabel)
-			}
-			addIndex++
-		} else {
-			toRemove = append(toRemove, removeLabel)
-			removeIndex++
 		}
-	}
-	toAdd = append(toAdd, labels[addIndex:]...)
-	toRemove = append(toRemove, issue.Labels[removeIndex:]...)
+		toAdd = append(toAdd, labels[addIndex:]...)
+		toRemove = append(toRemove, issue.Labels[removeIndex:]...)
 
-	if len(toAdd) > 0 {
-		if err = newIssueLabels(ctx, issue, toAdd, doer); err != nil {
-			return fmt.Errorf("addLabels: %w", err)
+		if len(toAdd) > 0 {
+			if err = newIssueLabels(ctx, issue, toAdd, doer); err != nil {
+				return fmt.Errorf("addLabels: %w", err)
+			}
 		}
-	}
 
-	for _, l := range toRemove {
-		if err = deleteIssueLabel(ctx, issue, l, doer); err != nil {
-			return fmt.Errorf("removeLabel: %w", err)
+		for _, l := range toRemove {
+			if err = deleteIssueLabel(ctx, issue, l, doer); err != nil {
+				return fmt.Errorf("removeLabel: %w", err)
+			}
 		}
-	}
-
-	issue.Labels = nil
-	if err = issue.LoadLabels(ctx); err != nil {
-		return err
-	}
 
-	return committer.Commit()
+		issue.Labels = nil
+		return issue.LoadLabels(ctx)
+	})
 }
diff --git a/models/issues/issue_list.go b/models/issues/issue_list.go
index 6c74b533b3..26b93189b8 100644
--- a/models/issues/issue_list.go
+++ b/models/issues/issue_list.go
@@ -42,10 +42,7 @@ func (issues IssueList) LoadRepositories(ctx context.Context) (repo_model.Reposi
 	repoMaps := make(map[int64]*repo_model.Repository, len(repoIDs))
 	left := len(repoIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		err := db.GetEngine(ctx).
 			In("id", repoIDs[:limit]).
 			Find(&repoMaps)
@@ -116,10 +113,7 @@ func (issues IssueList) LoadLabels(ctx context.Context) error {
 	issueIDs := issues.getIssueIDs()
 	left := len(issueIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).Table("label").
 			Join("LEFT", "issue_label", "issue_label.label_id = label.id").
 			In("issue_label.issue_id", issueIDs[:limit]).
@@ -171,10 +165,7 @@ func (issues IssueList) LoadMilestones(ctx context.Context) error {
 	milestoneMaps := make(map[int64]*Milestone, len(milestoneIDs))
 	left := len(milestoneIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		err := db.GetEngine(ctx).
 			In("id", milestoneIDs[:limit]).
 			Find(&milestoneMaps)
@@ -203,10 +194,7 @@ func (issues IssueList) LoadProjects(ctx context.Context) error {
 	}
 
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 
 		projects := make([]*projectWithIssueID, 0, limit)
 		err := db.GetEngine(ctx).
@@ -245,10 +233,7 @@ func (issues IssueList) LoadAssignees(ctx context.Context) error {
 	issueIDs := issues.getIssueIDs()
 	left := len(issueIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).Table("issue_assignees").
 			Join("INNER", "`user`", "`user`.id = `issue_assignees`.assignee_id").
 			In("`issue_assignees`.issue_id", issueIDs[:limit]).OrderBy(user_model.GetOrderByName()).
@@ -306,10 +291,7 @@ func (issues IssueList) LoadPullRequests(ctx context.Context) error {
 	pullRequestMaps := make(map[int64]*PullRequest, len(issuesIDs))
 	left := len(issuesIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("issue_id", issuesIDs[:limit]).
 			Rows(new(PullRequest))
@@ -354,10 +336,7 @@ func (issues IssueList) LoadAttachments(ctx context.Context) (err error) {
 	issuesIDs := issues.getIssueIDs()
 	left := len(issuesIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).
 			In("issue_id", issuesIDs[:limit]).
 			Rows(new(repo_model.Attachment))
@@ -399,10 +378,7 @@ func (issues IssueList) loadComments(ctx context.Context, cond builder.Cond) (er
 	issuesIDs := issues.getIssueIDs()
 	left := len(issuesIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		rows, err := db.GetEngine(ctx).Table("comment").
 			Join("INNER", "issue", "issue.id = comment.issue_id").
 			In("issue.id", issuesIDs[:limit]).
@@ -466,10 +442,7 @@ func (issues IssueList) loadTotalTrackedTimes(ctx context.Context) (err error) {
 
 	left := len(ids)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 
 		// select issue_id, sum(time) from tracked_time where issue_id in (<issue ids in current page>) group by issue_id
 		rows, err := db.GetEngine(ctx).Table("tracked_time").
diff --git a/models/issues/issue_list_test.go b/models/issues/issue_list_test.go
index 9069e1012d..5b4d2ca5ab 100644
--- a/models/issues/issue_list_test.go
+++ b/models/issues/issue_list_test.go
@@ -27,7 +27,7 @@ func TestIssueList_LoadRepositories(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Len(t, repos, 2)
 	for _, issue := range issueList {
-		assert.EqualValues(t, issue.RepoID, issue.Repo.ID)
+		assert.Equal(t, issue.RepoID, issue.Repo.ID)
 	}
 }
 
@@ -41,28 +41,28 @@ func TestIssueList_LoadAttributes(t *testing.T) {
 
 	assert.NoError(t, issueList.LoadAttributes(db.DefaultContext))
 	for _, issue := range issueList {
-		assert.EqualValues(t, issue.RepoID, issue.Repo.ID)
+		assert.Equal(t, issue.RepoID, issue.Repo.ID)
 		for _, label := range issue.Labels {
-			assert.EqualValues(t, issue.RepoID, label.RepoID)
+			assert.Equal(t, issue.RepoID, label.RepoID)
 			unittest.AssertExistsAndLoadBean(t, &issues_model.IssueLabel{IssueID: issue.ID, LabelID: label.ID})
 		}
 		if issue.PosterID > 0 {
-			assert.EqualValues(t, issue.PosterID, issue.Poster.ID)
+			assert.Equal(t, issue.PosterID, issue.Poster.ID)
 		}
 		if issue.AssigneeID > 0 {
-			assert.EqualValues(t, issue.AssigneeID, issue.Assignee.ID)
+			assert.Equal(t, issue.AssigneeID, issue.Assignee.ID)
 		}
 		if issue.MilestoneID > 0 {
-			assert.EqualValues(t, issue.MilestoneID, issue.Milestone.ID)
+			assert.Equal(t, issue.MilestoneID, issue.Milestone.ID)
 		}
 		if issue.IsPull {
-			assert.EqualValues(t, issue.ID, issue.PullRequest.IssueID)
+			assert.Equal(t, issue.ID, issue.PullRequest.IssueID)
 		}
 		for _, attachment := range issue.Attachments {
-			assert.EqualValues(t, issue.ID, attachment.IssueID)
+			assert.Equal(t, issue.ID, attachment.IssueID)
 		}
 		for _, comment := range issue.Comments {
-			assert.EqualValues(t, issue.ID, comment.IssueID)
+			assert.Equal(t, issue.ID, comment.IssueID)
 		}
 		if issue.ID == int64(1) {
 			assert.Equal(t, int64(400), issue.TotalTrackedTime)
diff --git a/models/issues/issue_lock.go b/models/issues/issue_lock.go
index b21629b529..2e5bf64cc6 100644
--- a/models/issues/issue_lock.go
+++ b/models/issues/issue_lock.go
@@ -12,8 +12,14 @@ import (
 
 // IssueLockOptions defines options for locking and/or unlocking an issue/PR
 type IssueLockOptions struct {
-	Doer   *user_model.User
-	Issue  *Issue
+	Doer  *user_model.User
+	Issue *Issue
+
+	// Reason is the doer-provided comment message for the locked issue
+	// GitHub doesn't support changing the "reasons" by config file, so GitHub has pre-defined "reason" enum values.
+	// Gitea is not like GitHub, it allows site admin to define customized "reasons" in the config file.
+	// So the API caller might not know what kind of "reasons" are valid, and the customized reasons are not translatable.
+	// To make things clear and simple: doer have the chance to use any reason they like, we do not do validation.
 	Reason string
 }
 
@@ -41,26 +47,19 @@ func updateIssueLock(ctx context.Context, opts *IssueLockOptions, lock bool) err
 		commentType = CommentTypeUnlock
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err := UpdateIssueCols(ctx, opts.Issue, "is_locked"); err != nil {
+			return err
+		}
 
-	if err := UpdateIssueCols(ctx, opts.Issue, "is_locked"); err != nil {
+		opt := &CreateCommentOptions{
+			Doer:    opts.Doer,
+			Issue:   opts.Issue,
+			Repo:    opts.Issue.Repo,
+			Type:    commentType,
+			Content: opts.Reason,
+		}
+		_, err := CreateComment(ctx, opt)
 		return err
-	}
-
-	opt := &CreateCommentOptions{
-		Doer:    opts.Doer,
-		Issue:   opts.Issue,
-		Repo:    opts.Issue.Repo,
-		Type:    commentType,
-		Content: opts.Reason,
-	}
-	if _, err := CreateComment(ctx, opt); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	})
 }
diff --git a/models/issues/issue_search.go b/models/issues/issue_search.go
index 737b69f154..79bd6a19b0 100644
--- a/models/issues/issue_search.go
+++ b/models/issues/issue_search.go
@@ -21,8 +21,10 @@ import (
 	"xorm.io/xorm"
 )
 
+const ScopeSortPrefix = "scope-"
+
 // IssuesOptions represents options of an issue.
-type IssuesOptions struct { //nolint
+type IssuesOptions struct { //nolint:revive // export stutter
 	Paginator          *db.ListOptions
 	RepoIDs            []int64 // overwrites RepoCond if the length is not 0
 	AllPublic          bool    // include also all public repositories
@@ -70,11 +72,24 @@ func (o *IssuesOptions) Copy(edit ...func(options *IssuesOptions)) *IssuesOption
 // applySorts sort an issues-related session based on the provided
 // sortType string
 func applySorts(sess *xorm.Session, sortType string, priorityRepoID int64) {
+	// Since this sortType is dynamically created, it has to be treated specially.
+	if after, ok := strings.CutPrefix(sortType, ScopeSortPrefix); ok {
+		scope := after
+		sess.Join("LEFT", "issue_label", "issue.id = issue_label.issue_id")
+		// "exclusive_order=0" means "no order is set", so exclude it from the JOIN criteria and then "LEFT JOIN" result is also null
+		sess.Join("LEFT", "label", "label.id = issue_label.label_id AND label.exclusive_order <> 0 AND label.name LIKE ?", scope+"/%")
+		// Use COALESCE to make sure we sort NULL last regardless of backend DB (2147483647 == max int)
+		sess.OrderBy("COALESCE(label.exclusive_order, 2147483647) ASC").Desc("issue.id")
+		return
+	}
+
 	switch sortType {
 	case "oldest":
 		sess.Asc("issue.created_unix").Asc("issue.id")
 	case "recentupdate":
 		sess.Desc("issue.updated_unix").Desc("issue.created_unix").Desc("issue.id")
+	case "recentclose":
+		sess.Desc("issue.closed_unix").Desc("issue.created_unix").Desc("issue.id")
 	case "leastupdate":
 		sess.Asc("issue.updated_unix").Asc("issue.created_unix").Asc("issue.id")
 	case "mostcomment":
diff --git a/models/issues/issue_stats.go b/models/issues/issue_stats.go
index 50409fbbd8..adedaa3d3a 100644
--- a/models/issues/issue_stats.go
+++ b/models/issues/issue_stats.go
@@ -94,10 +94,7 @@ func GetIssueStats(ctx context.Context, opts *IssuesOptions) (*IssueStats, error
 	// ids in a temporary table and join from them.
 	accum := &IssueStats{}
 	for i := 0; i < len(opts.IssueIDs); {
-		chunk := i + MaxQueryParameters
-		if chunk > len(opts.IssueIDs) {
-			chunk = len(opts.IssueIDs)
-		}
+		chunk := min(i+MaxQueryParameters, len(opts.IssueIDs))
 		stats, err := getIssueStatsChunk(ctx, opts, opts.IssueIDs[i:chunk])
 		if err != nil {
 			return nil, err
diff --git a/models/issues/issue_test.go b/models/issues/issue_test.go
index c32aa26b2b..1c5db55bbc 100644
--- a/models/issues/issue_test.go
+++ b/models/issues/issue_test.go
@@ -5,6 +5,7 @@ package issues_test
 
 import (
 	"fmt"
+	"slices"
 	"sort"
 	"sync"
 	"testing"
@@ -141,8 +142,8 @@ func TestUpdateIssueCols(t *testing.T) {
 	then := time.Now().Unix()
 
 	updatedIssue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: issue.ID})
-	assert.EqualValues(t, newTitle, updatedIssue.Title)
-	assert.EqualValues(t, prevContent, updatedIssue.Content)
+	assert.Equal(t, newTitle, updatedIssue.Title)
+	assert.Equal(t, prevContent, updatedIssue.Content)
 	unittest.AssertInt64InRange(t, now, then, int64(updatedIssue.UpdatedUnix))
 }
 
@@ -201,7 +202,7 @@ func TestIssues(t *testing.T) {
 		assert.NoError(t, err)
 		if assert.Len(t, issues, len(test.ExpectedIssueIDs)) {
 			for i, issue := range issues {
-				assert.EqualValues(t, test.ExpectedIssueIDs[i], issue.ID)
+				assert.Equal(t, test.ExpectedIssueIDs[i], issue.ID)
 			}
 		}
 	}
@@ -234,10 +235,10 @@ func testInsertIssue(t *testing.T, title, content string, expectIndex int64) *is
 		has, err := db.GetEngine(db.DefaultContext).ID(issue.ID).Get(&newIssue)
 		assert.NoError(t, err)
 		assert.True(t, has)
-		assert.EqualValues(t, issue.Title, newIssue.Title)
-		assert.EqualValues(t, issue.Content, newIssue.Content)
+		assert.Equal(t, issue.Title, newIssue.Title)
+		assert.Equal(t, issue.Content, newIssue.Content)
 		if expectIndex > 0 {
-			assert.EqualValues(t, expectIndex, newIssue.Index)
+			assert.Equal(t, expectIndex, newIssue.Index)
 		}
 	})
 	return &newIssue
@@ -270,8 +271,8 @@ func TestIssue_ResolveMentions(t *testing.T) {
 		for i, user := range resolved {
 			ids[i] = user.ID
 		}
-		sort.Slice(ids, func(i, j int) bool { return ids[i] < ids[j] })
-		assert.EqualValues(t, expected, ids)
+		slices.Sort(ids)
+		assert.Equal(t, expected, ids)
 	}
 
 	// Public repo, existing user
@@ -292,7 +293,7 @@ func TestResourceIndex(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
 	var wg sync.WaitGroup
-	for i := 0; i < 100; i++ {
+	for i := range 100 {
 		wg.Add(1)
 		go func(i int) {
 			testInsertIssue(t, fmt.Sprintf("issue %d", i+1), "my issue", 0)
@@ -314,7 +315,7 @@ func TestCorrectIssueStats(t *testing.T) {
 	issueAmount := issues_model.MaxQueryParameters + 10
 
 	var wg sync.WaitGroup
-	for i := 0; i < issueAmount; i++ {
+	for i := range issueAmount {
 		wg.Add(1)
 		go func(i int) {
 			testInsertIssue(t, fmt.Sprintf("Issue %d", i+1), "Bugs are nasty", 0)
@@ -392,28 +393,28 @@ func TestIssueLoadAttributes(t *testing.T) {
 
 	for _, issue := range issueList {
 		assert.NoError(t, issue.LoadAttributes(db.DefaultContext))
-		assert.EqualValues(t, issue.RepoID, issue.Repo.ID)
+		assert.Equal(t, issue.RepoID, issue.Repo.ID)
 		for _, label := range issue.Labels {
-			assert.EqualValues(t, issue.RepoID, label.RepoID)
+			assert.Equal(t, issue.RepoID, label.RepoID)
 			unittest.AssertExistsAndLoadBean(t, &issues_model.IssueLabel{IssueID: issue.ID, LabelID: label.ID})
 		}
 		if issue.PosterID > 0 {
-			assert.EqualValues(t, issue.PosterID, issue.Poster.ID)
+			assert.Equal(t, issue.PosterID, issue.Poster.ID)
 		}
 		if issue.AssigneeID > 0 {
-			assert.EqualValues(t, issue.AssigneeID, issue.Assignee.ID)
+			assert.Equal(t, issue.AssigneeID, issue.Assignee.ID)
 		}
 		if issue.MilestoneID > 0 {
-			assert.EqualValues(t, issue.MilestoneID, issue.Milestone.ID)
+			assert.Equal(t, issue.MilestoneID, issue.Milestone.ID)
 		}
 		if issue.IsPull {
-			assert.EqualValues(t, issue.ID, issue.PullRequest.IssueID)
+			assert.Equal(t, issue.ID, issue.PullRequest.IssueID)
 		}
 		for _, attachment := range issue.Attachments {
-			assert.EqualValues(t, issue.ID, attachment.IssueID)
+			assert.Equal(t, issue.ID, attachment.IssueID)
 		}
 		for _, comment := range issue.Comments {
-			assert.EqualValues(t, issue.ID, comment.IssueID)
+			assert.Equal(t, issue.ID, comment.IssueID)
 		}
 		if issue.ID == int64(1) {
 			assert.Equal(t, int64(400), issue.TotalTrackedTime)
diff --git a/models/issues/issue_update.go b/models/issues/issue_update.go
index 7b3fe04aa5..1c16817491 100644
--- a/models/issues/issue_update.go
+++ b/models/issues/issue_update.go
@@ -5,16 +5,14 @@ package issues
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/organization"
-	"code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
-	project_model "code.gitea.io/gitea/models/project"
 	repo_model "code.gitea.io/gitea/models/repo"
-	system_model "code.gitea.io/gitea/models/system"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
@@ -169,20 +167,9 @@ func CloseIssue(ctx context.Context, issue *Issue, doer *user_model.User) (*Comm
 		return nil, err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	comment, err := SetIssueAsClosed(ctx, issue, doer, false)
-	if err != nil {
-		return nil, err
-	}
-	if err := committer.Commit(); err != nil {
-		return nil, err
-	}
-	return comment, nil
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		return SetIssueAsClosed(ctx, issue, doer, false)
+	})
 }
 
 // ReopenIssue changes issue status to open.
@@ -194,88 +181,64 @@ func ReopenIssue(ctx context.Context, issue *Issue, doer *user_model.User) (*Com
 		return nil, err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	comment, err := setIssueAsReopen(ctx, issue, doer)
-	if err != nil {
-		return nil, err
-	}
-	if err := committer.Commit(); err != nil {
-		return nil, err
-	}
-	return comment, nil
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		return setIssueAsReopen(ctx, issue, doer)
+	})
 }
 
 // ChangeIssueTitle changes the title of this issue, as the given user.
 func ChangeIssueTitle(ctx context.Context, issue *Issue, doer *user_model.User, oldTitle string) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	issue.Title = util.EllipsisDisplayString(issue.Title, 255)
-	if err = UpdateIssueCols(ctx, issue, "name"); err != nil {
-		return fmt.Errorf("updateIssueCols: %w", err)
-	}
-
-	if err = issue.LoadRepo(ctx); err != nil {
-		return fmt.Errorf("loadRepo: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		issue.Title = util.EllipsisDisplayString(issue.Title, 255)
+		if err = UpdateIssueCols(ctx, issue, "name"); err != nil {
+			return fmt.Errorf("updateIssueCols: %w", err)
+		}
 
-	opts := &CreateCommentOptions{
-		Type:     CommentTypeChangeTitle,
-		Doer:     doer,
-		Repo:     issue.Repo,
-		Issue:    issue,
-		OldTitle: oldTitle,
-		NewTitle: issue.Title,
-	}
-	if _, err = CreateComment(ctx, opts); err != nil {
-		return fmt.Errorf("createComment: %w", err)
-	}
-	if err = issue.AddCrossReferences(ctx, doer, true); err != nil {
-		return err
-	}
+		if err = issue.LoadRepo(ctx); err != nil {
+			return fmt.Errorf("loadRepo: %w", err)
+		}
 
-	return committer.Commit()
+		opts := &CreateCommentOptions{
+			Type:     CommentTypeChangeTitle,
+			Doer:     doer,
+			Repo:     issue.Repo,
+			Issue:    issue,
+			OldTitle: oldTitle,
+			NewTitle: issue.Title,
+		}
+		if _, err = CreateComment(ctx, opts); err != nil {
+			return fmt.Errorf("createComment: %w", err)
+		}
+		return issue.AddCrossReferences(ctx, doer, true)
+	})
 }
 
 // ChangeIssueRef changes the branch of this issue, as the given user.
 func ChangeIssueRef(ctx context.Context, issue *Issue, doer *user_model.User, oldRef string) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = UpdateIssueCols(ctx, issue, "ref"); err != nil {
-		return fmt.Errorf("updateIssueCols: %w", err)
-	}
-
-	if err = issue.LoadRepo(ctx); err != nil {
-		return fmt.Errorf("loadRepo: %w", err)
-	}
-	oldRefFriendly := strings.TrimPrefix(oldRef, git.BranchPrefix)
-	newRefFriendly := strings.TrimPrefix(issue.Ref, git.BranchPrefix)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = UpdateIssueCols(ctx, issue, "ref"); err != nil {
+			return fmt.Errorf("updateIssueCols: %w", err)
+		}
 
-	opts := &CreateCommentOptions{
-		Type:   CommentTypeChangeIssueRef,
-		Doer:   doer,
-		Repo:   issue.Repo,
-		Issue:  issue,
-		OldRef: oldRefFriendly,
-		NewRef: newRefFriendly,
-	}
-	if _, err = CreateComment(ctx, opts); err != nil {
-		return fmt.Errorf("createComment: %w", err)
-	}
+		if err = issue.LoadRepo(ctx); err != nil {
+			return fmt.Errorf("loadRepo: %w", err)
+		}
+		oldRefFriendly := strings.TrimPrefix(oldRef, git.BranchPrefix)
+		newRefFriendly := strings.TrimPrefix(issue.Ref, git.BranchPrefix)
 
-	return committer.Commit()
+		opts := &CreateCommentOptions{
+			Type:   CommentTypeChangeIssueRef,
+			Doer:   doer,
+			Repo:   issue.Repo,
+			Issue:  issue,
+			OldRef: oldRefFriendly,
+			NewRef: newRefFriendly,
+		}
+		if _, err = CreateComment(ctx, opts); err != nil {
+			return fmt.Errorf("createComment: %w", err)
+		}
+		return nil
+	})
 }
 
 // AddDeletePRBranchComment adds delete branch comment for pull request issue
@@ -297,64 +260,56 @@ func AddDeletePRBranchComment(ctx context.Context, doer *user_model.User, repo *
 
 // UpdateIssueAttachments update attachments by UUIDs for the issue
 func UpdateIssueAttachments(ctx context.Context, issueID int64, uuids []string) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	attachments, err := repo_model.GetAttachmentsByUUIDs(ctx, uuids)
-	if err != nil {
-		return fmt.Errorf("getAttachmentsByUUIDs [uuids: %v]: %w", uuids, err)
-	}
-	for i := 0; i < len(attachments); i++ {
-		attachments[i].IssueID = issueID
-		if err := repo_model.UpdateAttachment(ctx, attachments[i]); err != nil {
-			return fmt.Errorf("update attachment [id: %d]: %w", attachments[i].ID, err)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		attachments, err := repo_model.GetAttachmentsByUUIDs(ctx, uuids)
+		if err != nil {
+			return fmt.Errorf("getAttachmentsByUUIDs [uuids: %v]: %w", uuids, err)
 		}
-	}
-	return committer.Commit()
+		for i := range attachments {
+			attachments[i].IssueID = issueID
+			if err := repo_model.UpdateAttachment(ctx, attachments[i]); err != nil {
+				return fmt.Errorf("update attachment [id: %d]: %w", attachments[i].ID, err)
+			}
+		}
+		return nil
+	})
 }
 
 // ChangeIssueContent changes issue content, as the given user.
 func ChangeIssueContent(ctx context.Context, issue *Issue, doer *user_model.User, content string, contentVersion int) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	hasContentHistory, err := HasIssueContentHistory(ctx, issue.ID, 0)
-	if err != nil {
-		return fmt.Errorf("HasIssueContentHistory: %w", err)
-	}
-	if !hasContentHistory {
-		if err = SaveIssueContentHistory(ctx, issue.PosterID, issue.ID, 0,
-			issue.CreatedUnix, issue.Content, true); err != nil {
-			return fmt.Errorf("SaveIssueContentHistory: %w", err)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		hasContentHistory, err := HasIssueContentHistory(ctx, issue.ID, 0)
+		if err != nil {
+			return fmt.Errorf("HasIssueContentHistory: %w", err)
+		}
+		if !hasContentHistory {
+			if err = SaveIssueContentHistory(ctx, issue.PosterID, issue.ID, 0,
+				issue.CreatedUnix, issue.Content, true); err != nil {
+				return fmt.Errorf("SaveIssueContentHistory: %w", err)
+			}
 		}
-	}
 
-	issue.Content = content
-	issue.ContentVersion = contentVersion + 1
+		issue.Content = content
+		issue.ContentVersion = contentVersion + 1
 
-	affected, err := db.GetEngine(ctx).ID(issue.ID).Cols("content", "content_version").Where("content_version = ?", contentVersion).Update(issue)
-	if err != nil {
-		return err
-	}
-	if affected == 0 {
-		return ErrIssueAlreadyChanged
-	}
-
-	if err = SaveIssueContentHistory(ctx, doer.ID, issue.ID, 0,
-		timeutil.TimeStampNow(), issue.Content, false); err != nil {
-		return fmt.Errorf("SaveIssueContentHistory: %w", err)
-	}
+		affected, err := db.GetEngine(ctx).ID(issue.ID).Cols("content", "content_version").Where("content_version = ?", contentVersion).Update(issue)
+		if err != nil {
+			return err
+		}
+		if affected == 0 {
+			return ErrIssueAlreadyChanged
+		}
 
-	if err = issue.AddCrossReferences(ctx, doer, true); err != nil {
-		return fmt.Errorf("addCrossReferences: %w", err)
-	}
+		if err = SaveIssueContentHistory(ctx, doer.ID, issue.ID, 0,
+			timeutil.TimeStampNow(), issue.Content, false); err != nil {
+			return fmt.Errorf("SaveIssueContentHistory: %w", err)
+		}
 
-	return committer.Commit()
+		if err = issue.AddCrossReferences(ctx, doer, true); err != nil {
+			return fmt.Errorf("addCrossReferences: %w", err)
+		}
+		return nil
+	})
 }
 
 // NewIssueOptions represents the options of a new issue.
@@ -386,10 +341,10 @@ func NewIssueWithIndex(ctx context.Context, doer *user_model.User, opts NewIssue
 	}
 
 	if opts.Issue.Index <= 0 {
-		return fmt.Errorf("no issue index provided")
+		return errors.New("no issue index provided")
 	}
 	if opts.Issue.ID > 0 {
-		return fmt.Errorf("issue exist")
+		return errors.New("issue exist")
 	}
 
 	if _, err := e.Insert(opts.Issue); err != nil {
@@ -514,23 +469,19 @@ func UpdateIssueDeadline(ctx context.Context, issue *Issue, deadlineUnix timeuti
 	if issue.DeadlineUnix == deadlineUnix {
 		return nil
 	}
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
 
-	// Update the deadline
-	if err = UpdateIssueCols(ctx, &Issue{ID: issue.ID, DeadlineUnix: deadlineUnix}, "deadline_unix"); err != nil {
-		return err
-	}
-
-	// Make the comment
-	if _, err = createDeadlineComment(ctx, doer, issue, deadlineUnix); err != nil {
-		return fmt.Errorf("createRemovedDueDateComment: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// Update the deadline
+		if err = UpdateIssueCols(ctx, &Issue{ID: issue.ID, DeadlineUnix: deadlineUnix}, "deadline_unix"); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		// Make the comment
+		if _, err = createDeadlineComment(ctx, doer, issue, deadlineUnix); err != nil {
+			return fmt.Errorf("createRemovedDueDateComment: %w", err)
+		}
+		return nil
+	})
 }
 
 // FindAndUpdateIssueMentions finds users mentioned in the given content string, and saves them in the database.
@@ -611,7 +562,7 @@ func ResolveIssueMentionsByVisibility(ctx context.Context, issue *Issue, doer *u
 				unittype = unit.TypePullRequests
 			}
 			for _, team := range teams {
-				if team.AccessMode >= perm.AccessModeAdmin {
+				if team.HasAdminAccess() {
 					checked = append(checked, team.ID)
 					resolved[issue.Repo.Owner.LowerName+"/"+team.LowerName] = true
 					continue
@@ -715,137 +666,13 @@ func UpdateReactionsMigrationsByType(ctx context.Context, gitServiceType api.Git
 	return err
 }
 
-// DeleteIssuesByRepoID deletes issues by repositories id
-func DeleteIssuesByRepoID(ctx context.Context, repoID int64) (attachmentPaths []string, err error) {
-	// MariaDB has a performance bug: https://jira.mariadb.org/browse/MDEV-16289
-	// so here it uses "DELETE ... WHERE IN" with pre-queried IDs.
-	sess := db.GetEngine(ctx)
-
-	for {
-		issueIDs := make([]int64, 0, db.DefaultMaxInSize)
-
-		err := sess.Table(&Issue{}).Where("repo_id = ?", repoID).OrderBy("id").Limit(db.DefaultMaxInSize).Cols("id").Find(&issueIDs)
-		if err != nil {
-			return nil, err
-		}
-
-		if len(issueIDs) == 0 {
-			break
-		}
-
-		// Delete content histories
-		_, err = sess.In("issue_id", issueIDs).Delete(&ContentHistory{})
-		if err != nil {
-			return nil, err
-		}
-
-		// Delete comments and attachments
-		_, err = sess.In("issue_id", issueIDs).Delete(&Comment{})
-		if err != nil {
-			return nil, err
-		}
-
-		// Dependencies for issues in this repository
-		_, err = sess.In("issue_id", issueIDs).Delete(&IssueDependency{})
-		if err != nil {
-			return nil, err
-		}
-
-		// Delete dependencies for issues in other repositories
-		_, err = sess.In("dependency_id", issueIDs).Delete(&IssueDependency{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&IssueUser{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&Reaction{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&IssueWatch{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&Stopwatch{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&TrackedTime{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&project_model.ProjectIssue{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("dependent_issue_id", issueIDs).Delete(&Comment{})
-		if err != nil {
-			return nil, err
-		}
-
-		var attachments []*repo_model.Attachment
-		err = sess.In("issue_id", issueIDs).Find(&attachments)
-		if err != nil {
-			return nil, err
-		}
-
-		for j := range attachments {
-			attachmentPaths = append(attachmentPaths, attachments[j].RelativePath())
-		}
-
-		_, err = sess.In("issue_id", issueIDs).Delete(&repo_model.Attachment{})
-		if err != nil {
-			return nil, err
-		}
-
-		_, err = sess.In("id", issueIDs).Delete(&Issue{})
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	return attachmentPaths, err
-}
-
-// DeleteOrphanedIssues delete issues without a repo
-func DeleteOrphanedIssues(ctx context.Context) error {
-	var attachmentPaths []string
-	err := db.WithTx(ctx, func(ctx context.Context) error {
-		var ids []int64
-
-		if err := db.GetEngine(ctx).Table("issue").Distinct("issue.repo_id").
-			Join("LEFT", "repository", "issue.repo_id=repository.id").
-			Where(builder.IsNull{"repository.id"}).GroupBy("issue.repo_id").
-			Find(&ids); err != nil {
-			return err
-		}
-
-		for i := range ids {
-			paths, err := DeleteIssuesByRepoID(ctx, ids[i])
-			if err != nil {
-				return err
-			}
-			attachmentPaths = append(attachmentPaths, paths...)
-		}
-
-		return nil
-	})
-	if err != nil {
-		return err
-	}
-
-	// Remove issue attachment files.
-	for i := range attachmentPaths {
-		system_model.RemoveAllWithNotice(ctx, "Delete issue attachment", attachmentPaths[i])
+func GetOrphanedIssueRepoIDs(ctx context.Context) ([]int64, error) {
+	var repoIDs []int64
+	if err := db.GetEngine(ctx).Table("issue").Distinct("issue.repo_id").
+		Join("LEFT", "repository", "issue.repo_id=repository.id").
+		Where(builder.IsNull{"repository.id"}).
+		Find(&repoIDs); err != nil {
+		return nil, err
 	}
-	return nil
+	return repoIDs, nil
 }
diff --git a/models/issues/issue_xref.go b/models/issues/issue_xref.go
index e2e35859df..f8495929cf 100644
--- a/models/issues/issue_xref.go
+++ b/models/issues/issue_xref.go
@@ -235,7 +235,7 @@ func (issue *Issue) verifyReferencedIssue(stdCtx context.Context, ctx *crossRefe
 
 // AddCrossReferences add cross references
 func (c *Comment) AddCrossReferences(stdCtx context.Context, doer *user_model.User, removeOld bool) error {
-	if c.Type != CommentTypeCode && c.Type != CommentTypeComment {
+	if !c.Type.HasContentSupport() {
 		return nil
 	}
 	if err := c.LoadIssue(stdCtx); err != nil {
diff --git a/models/issues/label.go b/models/issues/label.go
index 8a5d9321cc..25d6f1303e 100644
--- a/models/issues/label.go
+++ b/models/issues/label.go
@@ -87,6 +87,7 @@ type Label struct {
 	OrgID           int64 `xorm:"INDEX"`
 	Name            string
 	Exclusive       bool
+	ExclusiveOrder  int `xorm:"DEFAULT 0"` // 0 means no exclusive order
 	Description     string
 	Color           string `xorm:"VARCHAR(7)"`
 	NumIssues       int
@@ -208,24 +209,20 @@ func NewLabel(ctx context.Context, l *Label) error {
 
 // NewLabels creates new labels
 func NewLabels(ctx context.Context, labels ...*Label) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	for _, l := range labels {
-		color, err := label.NormalizeColor(l.Color)
-		if err != nil {
-			return err
-		}
-		l.Color = color
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, l := range labels {
+			color, err := label.NormalizeColor(l.Color)
+			if err != nil {
+				return err
+			}
+			l.Color = color
 
-		if err := db.Insert(ctx, l); err != nil {
-			return err
+			if err := db.Insert(ctx, l); err != nil {
+				return err
+			}
 		}
-	}
-	return committer.Commit()
+		return nil
+	})
 }
 
 // UpdateLabel updates label information.
@@ -236,7 +233,7 @@ func UpdateLabel(ctx context.Context, l *Label) error {
 	}
 	l.Color = color
 
-	return updateLabelCols(ctx, l, "name", "description", "color", "exclusive", "archived_unix")
+	return updateLabelCols(ctx, l, "name", "description", "color", "exclusive", "exclusive_order", "archived_unix")
 }
 
 // DeleteLabel delete a label
@@ -249,35 +246,26 @@ func DeleteLabel(ctx context.Context, id, labelID int64) error {
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	sess := db.GetEngine(ctx)
-
-	if l.BelongsToOrg() && l.OrgID != id {
-		return nil
-	}
-	if l.BelongsToRepo() && l.RepoID != id {
-		return nil
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if l.BelongsToOrg() && l.OrgID != id {
+			return nil
+		}
+		if l.BelongsToRepo() && l.RepoID != id {
+			return nil
+		}
 
-	if _, err = db.DeleteByID[Label](ctx, labelID); err != nil {
-		return err
-	} else if _, err = sess.
-		Where("label_id = ?", labelID).
-		Delete(new(IssueLabel)); err != nil {
-		return err
-	}
+		if _, err = db.DeleteByID[Label](ctx, labelID); err != nil {
+			return err
+		} else if _, err = db.GetEngine(ctx).
+			Where("label_id = ?", labelID).
+			Delete(new(IssueLabel)); err != nil {
+			return err
+		}
 
-	// delete comments about now deleted label_id
-	if _, err = sess.Where("label_id = ?", labelID).Cols("label_id").Delete(&Comment{}); err != nil {
+		// delete comments about now deleted label_id
+		_, err = db.GetEngine(ctx).Where("label_id = ?", labelID).Cols("label_id").Delete(&Comment{})
 		return err
-	}
-
-	return committer.Commit()
+	})
 }
 
 // GetLabelByID returns a label by given ID.
diff --git a/models/issues/label_test.go b/models/issues/label_test.go
index 185fa11bbc..226036d543 100644
--- a/models/issues/label_test.go
+++ b/models/issues/label_test.go
@@ -20,7 +20,7 @@ func TestLabel_CalOpenIssues(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	label := unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: 1})
 	label.CalOpenIssues()
-	assert.EqualValues(t, 2, label.NumOpenIssues)
+	assert.Equal(t, 2, label.NumOpenIssues)
 }
 
 func TestLabel_LoadSelectedLabelsAfterClick(t *testing.T) {
@@ -154,7 +154,7 @@ func TestGetLabelsByRepoID(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, labels, len(expectedIssueIDs))
 		for i, label := range labels {
-			assert.EqualValues(t, expectedIssueIDs[i], label.ID)
+			assert.Equal(t, expectedIssueIDs[i], label.ID)
 		}
 	}
 	testSuccess(1, "leastissues", []int64{2, 1})
@@ -221,7 +221,7 @@ func TestGetLabelsByOrgID(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, labels, len(expectedIssueIDs))
 		for i, label := range labels {
-			assert.EqualValues(t, expectedIssueIDs[i], label.ID)
+			assert.Equal(t, expectedIssueIDs[i], label.ID)
 		}
 	}
 	testSuccess(3, "leastissues", []int64{3, 4})
@@ -267,10 +267,10 @@ func TestUpdateLabel(t *testing.T) {
 	label.Name = update.Name
 	assert.NoError(t, issues_model.UpdateLabel(db.DefaultContext, update))
 	newLabel := unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: 1})
-	assert.EqualValues(t, label.ID, newLabel.ID)
-	assert.EqualValues(t, label.Color, newLabel.Color)
-	assert.EqualValues(t, label.Name, newLabel.Name)
-	assert.EqualValues(t, label.Description, newLabel.Description)
+	assert.Equal(t, label.ID, newLabel.ID)
+	assert.Equal(t, label.Color, newLabel.Color)
+	assert.Equal(t, label.Name, newLabel.Name)
+	assert.Equal(t, label.Description, newLabel.Description)
 	assert.EqualValues(t, 0, newLabel.ArchivedUnix)
 	unittest.CheckConsistencyFor(t, &issues_model.Label{}, &repo_model.Repository{})
 }
@@ -313,7 +313,7 @@ func TestNewIssueLabel(t *testing.T) {
 		Content:  "1",
 	})
 	label = unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: 2})
-	assert.EqualValues(t, prevNumIssues+1, label.NumIssues)
+	assert.Equal(t, prevNumIssues+1, label.NumIssues)
 
 	// re-add existing IssueLabel
 	assert.NoError(t, issues_model.NewIssueLabel(db.DefaultContext, issue, label, doer))
@@ -366,11 +366,11 @@ func TestNewIssueLabels(t *testing.T) {
 	})
 	unittest.AssertExistsAndLoadBean(t, &issues_model.IssueLabel{IssueID: issue.ID, LabelID: label1.ID})
 	label1 = unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: 1})
-	assert.EqualValues(t, 3, label1.NumIssues)
-	assert.EqualValues(t, 1, label1.NumClosedIssues)
+	assert.Equal(t, 3, label1.NumIssues)
+	assert.Equal(t, 1, label1.NumClosedIssues)
 	label2 = unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: 2})
-	assert.EqualValues(t, 1, label2.NumIssues)
-	assert.EqualValues(t, 1, label2.NumClosedIssues)
+	assert.Equal(t, 1, label2.NumIssues)
+	assert.Equal(t, 1, label2.NumClosedIssues)
 
 	// corner case: test empty slice
 	assert.NoError(t, issues_model.NewIssueLabels(db.DefaultContext, issue, []*issues_model.Label{}, doer))
@@ -408,8 +408,8 @@ func TestDeleteIssueLabel(t *testing.T) {
 			LabelID:  labelID,
 		}, `content=''`)
 		label = unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: labelID})
-		assert.EqualValues(t, expectedNumIssues, label.NumIssues)
-		assert.EqualValues(t, expectedNumClosedIssues, label.NumClosedIssues)
+		assert.Equal(t, expectedNumIssues, label.NumIssues)
+		assert.Equal(t, expectedNumClosedIssues, label.NumClosedIssues)
 	}
 	testSuccess(1, 1, 2)
 	testSuccess(2, 5, 2)
diff --git a/models/issues/milestone.go b/models/issues/milestone.go
index 4c9bae58f7..373f39f4ff 100644
--- a/models/issues/milestone.go
+++ b/models/issues/milestone.go
@@ -105,22 +105,16 @@ func (m *Milestone) State() api.StateType {
 
 // NewMilestone creates new milestone of repository.
 func NewMilestone(ctx context.Context, m *Milestone) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		m.Name = strings.TrimSpace(m.Name)
 
-	m.Name = strings.TrimSpace(m.Name)
-
-	if err = db.Insert(ctx, m); err != nil {
-		return err
-	}
+		if err = db.Insert(ctx, m); err != nil {
+			return err
+		}
 
-	if _, err = db.Exec(ctx, "UPDATE `repository` SET num_milestones = num_milestones + 1 WHERE id = ?", m.RepoID); err != nil {
+		_, err = db.Exec(ctx, "UPDATE `repository` SET num_milestones = num_milestones + 1 WHERE id = ?", m.RepoID)
 		return err
-	}
-	return committer.Commit()
+	})
 }
 
 // HasMilestoneByRepoID returns if the milestone exists in the repository.
@@ -155,28 +149,23 @@ func GetMilestoneByRepoIDANDName(ctx context.Context, repoID int64, name string)
 
 // UpdateMilestone updates information of given milestone.
 func UpdateMilestone(ctx context.Context, m *Milestone, oldIsClosed bool) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if m.IsClosed && !oldIsClosed {
-		m.ClosedDateUnix = timeutil.TimeStampNow()
-	}
-
-	if err := updateMilestone(ctx, m); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if m.IsClosed && !oldIsClosed {
+			m.ClosedDateUnix = timeutil.TimeStampNow()
+		}
 
-	// if IsClosed changed, update milestone numbers of repository
-	if oldIsClosed != m.IsClosed {
-		if err := updateRepoMilestoneNum(ctx, m.RepoID); err != nil {
+		if err := updateMilestone(ctx, m); err != nil {
 			return err
 		}
-	}
 
-	return committer.Commit()
+		// if IsClosed changed, update milestone numbers of repository
+		if oldIsClosed != m.IsClosed {
+			if err := updateRepoMilestoneNum(ctx, m.RepoID); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
 }
 
 func updateMilestone(ctx context.Context, m *Milestone) error {
@@ -213,44 +202,28 @@ func UpdateMilestoneCounters(ctx context.Context, id int64) error {
 
 // ChangeMilestoneStatusByRepoIDAndID changes a milestone open/closed status if the milestone ID is in the repo.
 func ChangeMilestoneStatusByRepoIDAndID(ctx context.Context, repoID, milestoneID int64, isClosed bool) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	m := &Milestone{
-		ID:     milestoneID,
-		RepoID: repoID,
-	}
-
-	has, err := db.GetEngine(ctx).ID(milestoneID).Where("repo_id = ?", repoID).Get(m)
-	if err != nil {
-		return err
-	} else if !has {
-		return ErrMilestoneNotExist{ID: milestoneID, RepoID: repoID}
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		m := &Milestone{
+			ID:     milestoneID,
+			RepoID: repoID,
+		}
 
-	if err := changeMilestoneStatus(ctx, m, isClosed); err != nil {
-		return err
-	}
+		has, err := db.GetEngine(ctx).ID(milestoneID).Where("repo_id = ?", repoID).Get(m)
+		if err != nil {
+			return err
+		} else if !has {
+			return ErrMilestoneNotExist{ID: milestoneID, RepoID: repoID}
+		}
 
-	return committer.Commit()
+		return changeMilestoneStatus(ctx, m, isClosed)
+	})
 }
 
 // ChangeMilestoneStatus changes the milestone open/closed status.
 func ChangeMilestoneStatus(ctx context.Context, m *Milestone, isClosed bool) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := changeMilestoneStatus(ctx, m, isClosed); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return changeMilestoneStatus(ctx, m, isClosed)
+	})
 }
 
 func changeMilestoneStatus(ctx context.Context, m *Milestone, isClosed bool) error {
@@ -284,40 +257,34 @@ func DeleteMilestoneByRepoID(ctx context.Context, repoID, id int64) error {
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if _, err = db.DeleteByID[Milestone](ctx, m.ID); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if _, err = db.DeleteByID[Milestone](ctx, m.ID); err != nil {
+			return err
+		}
 
-	numMilestones, err := db.Count[Milestone](ctx, FindMilestoneOptions{
-		RepoID: repo.ID,
-	})
-	if err != nil {
-		return err
-	}
-	numClosedMilestones, err := db.Count[Milestone](ctx, FindMilestoneOptions{
-		RepoID:   repo.ID,
-		IsClosed: optional.Some(true),
-	})
-	if err != nil {
-		return err
-	}
-	repo.NumMilestones = int(numMilestones)
-	repo.NumClosedMilestones = int(numClosedMilestones)
+		numMilestones, err := db.Count[Milestone](ctx, FindMilestoneOptions{
+			RepoID: repo.ID,
+		})
+		if err != nil {
+			return err
+		}
+		numClosedMilestones, err := db.Count[Milestone](ctx, FindMilestoneOptions{
+			RepoID:   repo.ID,
+			IsClosed: optional.Some(true),
+		})
+		if err != nil {
+			return err
+		}
+		repo.NumMilestones = int(numMilestones)
+		repo.NumClosedMilestones = int(numClosedMilestones)
 
-	if _, err = db.GetEngine(ctx).ID(repo.ID).Cols("num_milestones, num_closed_milestones").Update(repo); err != nil {
-		return err
-	}
+		if _, err = db.GetEngine(ctx).ID(repo.ID).Cols("num_milestones, num_closed_milestones").Update(repo); err != nil {
+			return err
+		}
 
-	if _, err = db.Exec(ctx, "UPDATE `issue` SET milestone_id = 0 WHERE milestone_id = ?", m.ID); err != nil {
+		_, err = db.Exec(ctx, "UPDATE `issue` SET milestone_id = 0 WHERE milestone_id = ?", m.ID)
 		return err
-	}
-	return committer.Commit()
+	})
 }
 
 func updateRepoMilestoneNum(ctx context.Context, repoID int64) error {
@@ -360,22 +327,15 @@ func InsertMilestones(ctx context.Context, ms ...*Milestone) (err error) {
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-
-	// to return the id, so we should not use batch insert
-	for _, m := range ms {
-		if _, err = sess.NoAutoTime().Insert(m); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// to return the id, so we should not use batch insert
+		for _, m := range ms {
+			if _, err = db.GetEngine(ctx).NoAutoTime().Insert(m); err != nil {
+				return err
+			}
 		}
-	}
 
-	if _, err = db.Exec(ctx, "UPDATE `repository` SET num_milestones = num_milestones + ? WHERE id = ?", len(ms), ms[0].RepoID); err != nil {
+		_, err = db.Exec(ctx, "UPDATE `repository` SET num_milestones = num_milestones + ? WHERE id = ?", len(ms), ms[0].RepoID)
 		return err
-	}
-	return committer.Commit()
+	})
 }
diff --git a/models/issues/milestone_test.go b/models/issues/milestone_test.go
index 28cd0c028b..f73355c27d 100644
--- a/models/issues/milestone_test.go
+++ b/models/issues/milestone_test.go
@@ -69,7 +69,7 @@ func TestGetMilestonesByRepoID(t *testing.T) {
 
 		assert.Len(t, milestones, n)
 		for _, milestone := range milestones {
-			assert.EqualValues(t, repoID, milestone.RepoID)
+			assert.Equal(t, repoID, milestone.RepoID)
 		}
 	}
 	test(1, api.StateOpen)
@@ -327,7 +327,7 @@ func TestUpdateMilestone(t *testing.T) {
 	milestone.Content = "newMilestoneContent"
 	assert.NoError(t, issues_model.UpdateMilestone(db.DefaultContext, milestone, milestone.IsClosed))
 	milestone = unittest.AssertExistsAndLoadBean(t, &issues_model.Milestone{ID: 1})
-	assert.EqualValues(t, "newMilestoneName", milestone.Name)
+	assert.Equal(t, "newMilestoneName", milestone.Name)
 	unittest.CheckConsistencyFor(t, &issues_model.Milestone{})
 }
 
@@ -364,7 +364,7 @@ func TestMigrate_InsertMilestones(t *testing.T) {
 	assert.NoError(t, err)
 	unittest.AssertExistsAndLoadBean(t, ms)
 	repoModified := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: repo.ID})
-	assert.EqualValues(t, repo.NumMilestones+1, repoModified.NumMilestones)
+	assert.Equal(t, repo.NumMilestones+1, repoModified.NumMilestones)
 
 	unittest.CheckConsistencyFor(t, &issues_model.Milestone{})
 }
diff --git a/models/issues/pull.go b/models/issues/pull.go
index e3af00224d..00d7bfe1ca 100644
--- a/models/issues/pull.go
+++ b/models/issues/pull.go
@@ -6,10 +6,10 @@ package issues
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"regexp"
-	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/models/db"
@@ -103,27 +103,6 @@ const (
 	PullRequestStatusAncestor
 )
 
-func (status PullRequestStatus) String() string {
-	switch status {
-	case PullRequestStatusConflict:
-		return "CONFLICT"
-	case PullRequestStatusChecking:
-		return "CHECKING"
-	case PullRequestStatusMergeable:
-		return "MERGEABLE"
-	case PullRequestStatusManuallyMerged:
-		return "MANUALLY_MERGED"
-	case PullRequestStatusError:
-		return "ERROR"
-	case PullRequestStatusEmpty:
-		return "EMPTY"
-	case PullRequestStatusAncestor:
-		return "ANCESTOR"
-	default:
-		return strconv.Itoa(int(status))
-	}
-}
-
 // PullRequestFlow the flow of pull request
 type PullRequestFlow int
 
@@ -385,17 +364,10 @@ func (pr *PullRequest) GetApprovers(ctx context.Context) string {
 
 func (pr *PullRequest) getReviewedByLines(ctx context.Context, writer io.Writer) error {
 	maxReviewers := setting.Repository.PullRequest.DefaultMergeMessageMaxApprovers
-
 	if maxReviewers == 0 {
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
 	// Note: This doesn't page as we only expect a very limited number of reviews
 	reviews, err := FindLatestReviews(ctx, FindReviewOptions{
 		Types:        []ReviewType{ReviewTypeApprove},
@@ -431,11 +403,11 @@ func (pr *PullRequest) getReviewedByLines(ctx context.Context, writer io.Writer)
 		}
 		reviewersWritten++
 	}
-	return committer.Commit()
+	return nil
 }
 
-// GetGitRefName returns git ref for hidden pull request branch
-func (pr *PullRequest) GetGitRefName() string {
+// GetGitHeadRefName returns git ref for hidden pull request branch
+func (pr *PullRequest) GetGitHeadRefName() string {
 	return fmt.Sprintf("%s%d/head", git.PullPrefix, pr.Index)
 }
 
@@ -485,45 +457,36 @@ func (pr *PullRequest) IsFromFork() bool {
 
 // NewPullRequest creates new pull request with labels for repository.
 func NewPullRequest(ctx context.Context, repo *repo_model.Repository, issue *Issue, labelIDs []int64, uuids []string, pr *PullRequest) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	idx, err := db.GetNextResourceIndex(ctx, "issue_index", repo.ID)
-	if err != nil {
-		return fmt.Errorf("generate pull request index failed: %w", err)
-	}
-
-	issue.Index = idx
-	issue.Title = util.EllipsisDisplayString(issue.Title, 255)
-
-	if err = NewIssueWithIndex(ctx, issue.Poster, NewIssueOptions{
-		Repo:        repo,
-		Issue:       issue,
-		LabelIDs:    labelIDs,
-		Attachments: uuids,
-		IsPull:      true,
-	}); err != nil {
-		if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) || IsErrNewIssueInsert(err) {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		idx, err := db.GetNextResourceIndex(ctx, "issue_index", repo.ID)
+		if err != nil {
+			return fmt.Errorf("generate pull request index failed: %w", err)
 		}
-		return fmt.Errorf("newIssue: %w", err)
-	}
-
-	pr.Index = issue.Index
-	pr.BaseRepo = repo
-	pr.IssueID = issue.ID
-	if err = db.Insert(ctx, pr); err != nil {
-		return fmt.Errorf("insert pull repo: %w", err)
-	}
 
-	if err = committer.Commit(); err != nil {
-		return fmt.Errorf("Commit: %w", err)
-	}
+		issue.Index = idx
+		issue.Title = util.EllipsisDisplayString(issue.Title, 255)
+
+		if err = NewIssueWithIndex(ctx, issue.Poster, NewIssueOptions{
+			Repo:        repo,
+			Issue:       issue,
+			LabelIDs:    labelIDs,
+			Attachments: uuids,
+			IsPull:      true,
+		}); err != nil {
+			if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) || IsErrNewIssueInsert(err) {
+				return err
+			}
+			return fmt.Errorf("newIssue: %w", err)
+		}
 
-	return nil
+		pr.Index = issue.Index
+		pr.BaseRepo = repo
+		pr.IssueID = issue.ID
+		if err = db.Insert(ctx, pr); err != nil {
+			return fmt.Errorf("insert pull repo: %w", err)
+		}
+		return nil
+	})
 }
 
 // ErrUserMustCollaborator represents an error that the user must be a collaborator to a given repo.
@@ -670,12 +633,6 @@ func GetAllUnmergedAgitPullRequestByPoster(ctx context.Context, uid int64) ([]*P
 	return pulls, err
 }
 
-// Update updates all fields of pull request.
-func (pr *PullRequest) Update(ctx context.Context) error {
-	_, err := db.GetEngine(ctx).ID(pr.ID).AllCols().Update(pr)
-	return err
-}
-
 // UpdateCols updates specific fields of pull request.
 func (pr *PullRequest) UpdateCols(ctx context.Context, cols ...string) error {
 	_, err := db.GetEngine(ctx).ID(pr.ID).Cols(cols...).Update(pr)
@@ -732,7 +689,7 @@ func (pr *PullRequest) GetWorkInProgressPrefix(ctx context.Context) string {
 // UpdateCommitDivergence update Divergence of a pull request
 func (pr *PullRequest) UpdateCommitDivergence(ctx context.Context, ahead, behind int) error {
 	if pr.ID == 0 {
-		return fmt.Errorf("pull ID is 0")
+		return errors.New("pull ID is 0")
 	}
 	pr.CommitsAhead = ahead
 	pr.CommitsBehind = behind
@@ -925,7 +882,7 @@ func ParseCodeOwnersLine(ctx context.Context, tokens []string) (*CodeOwnerRule,
 		if strings.Contains(user, "/") {
 			s := strings.Split(user, "/")
 			if len(s) != 2 {
-				warnings = append(warnings, fmt.Sprintf("incorrect codeowner group: %s", user))
+				warnings = append(warnings, "incorrect codeowner group: "+user)
 				continue
 			}
 			orgName := s[0]
@@ -933,12 +890,12 @@ func ParseCodeOwnersLine(ctx context.Context, tokens []string) (*CodeOwnerRule,
 
 			org, err := org_model.GetOrgByName(ctx, orgName)
 			if err != nil {
-				warnings = append(warnings, fmt.Sprintf("incorrect codeowner organization: %s", user))
+				warnings = append(warnings, "incorrect codeowner organization: "+user)
 				continue
 			}
 			teams, err := org.LoadTeams(ctx)
 			if err != nil {
-				warnings = append(warnings, fmt.Sprintf("incorrect codeowner team: %s", user))
+				warnings = append(warnings, "incorrect codeowner team: "+user)
 				continue
 			}
 
@@ -950,7 +907,7 @@ func ParseCodeOwnersLine(ctx context.Context, tokens []string) (*CodeOwnerRule,
 		} else {
 			u, err := user_model.GetUserByName(ctx, user)
 			if err != nil {
-				warnings = append(warnings, fmt.Sprintf("incorrect codeowner user: %s", user))
+				warnings = append(warnings, "incorrect codeowner user: "+user)
 				continue
 			}
 			rule.Users = append(rule.Users, u)
@@ -1004,22 +961,18 @@ func TokenizeCodeOwnersLine(line string) []string {
 
 // InsertPullRequests inserted pull requests
 func InsertPullRequests(ctx context.Context, prs ...*PullRequest) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-	for _, pr := range prs {
-		if err := insertIssue(ctx, pr.Issue); err != nil {
-			return err
-		}
-		pr.IssueID = pr.Issue.ID
-		if _, err := sess.NoAutoTime().Insert(pr); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, pr := range prs {
+			if err := insertIssue(ctx, pr.Issue); err != nil {
+				return err
+			}
+			pr.IssueID = pr.Issue.ID
+			if _, err := db.GetEngine(ctx).NoAutoTime().Insert(pr); err != nil {
+				return err
+			}
 		}
-	}
-	return committer.Commit()
+		return nil
+	})
 }
 
 // GetPullRequestByMergedCommit returns a merged pull request by the given commit
diff --git a/models/issues/pull_list.go b/models/issues/pull_list.go
index b685175f8e..84f9f6166d 100644
--- a/models/issues/pull_list.go
+++ b/models/issues/pull_list.go
@@ -152,7 +152,8 @@ func PullRequests(ctx context.Context, baseRepoID int64, opts *PullRequestsOptio
 	applySorts(findSession, opts.SortType, 0)
 	findSession = db.SetSessionPagination(findSession, opts)
 	prs := make([]*PullRequest, 0, opts.PageSize)
-	return prs, maxResults, findSession.Find(&prs)
+	found := findSession.Find(&prs)
+	return prs, maxResults, found
 }
 
 // PullRequestList defines a list of pull requests
diff --git a/models/issues/pull_list_test.go b/models/issues/pull_list_test.go
index f5553e7885..eb2de006d6 100644
--- a/models/issues/pull_list_test.go
+++ b/models/issues/pull_list_test.go
@@ -40,7 +40,7 @@ func TestPullRequestList_LoadReviewCommentsCounts(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Len(t, reviewComments, 2)
 	for _, pr := range prs {
-		assert.EqualValues(t, 1, reviewComments[pr.IssueID])
+		assert.Equal(t, 1, reviewComments[pr.IssueID])
 	}
 }
 
diff --git a/models/issues/pull_test.go b/models/issues/pull_test.go
index 090659864a..39efaa5792 100644
--- a/models/issues/pull_test.go
+++ b/models/issues/pull_test.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestPullRequest_LoadAttributes(t *testing.T) {
@@ -76,6 +77,47 @@ func TestPullRequestsNewest(t *testing.T) {
 	}
 }
 
+func TestPullRequests_Closed_RecentSortType(t *testing.T) {
+	// Issue ID | Closed At.  | Updated At
+	//    2     | 1707270001  | 1707270001
+	//    3     | 1707271000  | 1707279999
+	//    11    | 1707279999  | 1707275555
+	tests := []struct {
+		sortType             string
+		expectedIssueIDOrder []int64
+	}{
+		{"recentupdate", []int64{3, 11, 2}},
+		{"recentclose", []int64{11, 3, 2}},
+	}
+
+	assert.NoError(t, unittest.PrepareTestDatabase())
+	_, err := db.Exec(db.DefaultContext, "UPDATE issue SET closed_unix = 1707270001, updated_unix = 1707270001, is_closed = true WHERE id = 2")
+	require.NoError(t, err)
+	_, err = db.Exec(db.DefaultContext, "UPDATE issue SET closed_unix = 1707271000, updated_unix = 1707279999, is_closed = true WHERE id = 3")
+	require.NoError(t, err)
+	_, err = db.Exec(db.DefaultContext, "UPDATE issue SET closed_unix = 1707279999, updated_unix = 1707275555, is_closed = true WHERE id = 11")
+	require.NoError(t, err)
+
+	for _, test := range tests {
+		t.Run(test.sortType, func(t *testing.T) {
+			prs, _, err := issues_model.PullRequests(db.DefaultContext, 1, &issues_model.PullRequestsOptions{
+				ListOptions: db.ListOptions{
+					Page: 1,
+				},
+				State:    "closed",
+				SortType: test.sortType,
+			})
+			require.NoError(t, err)
+
+			if assert.Len(t, prs, len(test.expectedIssueIDOrder)) {
+				for i := range test.expectedIssueIDOrder {
+					assert.Equal(t, test.expectedIssueIDOrder[i], prs[i].IssueID)
+				}
+			}
+		})
+	}
+}
+
 func TestLoadRequestedReviewers(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
@@ -206,19 +248,6 @@ func TestGetPullRequestByIssueID(t *testing.T) {
 	assert.True(t, issues_model.IsErrPullRequestNotExist(err))
 }
 
-func TestPullRequest_Update(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-	pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 1})
-	pr.BaseBranch = "baseBranch"
-	pr.HeadBranch = "headBranch"
-	pr.Update(db.DefaultContext)
-
-	pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
-	assert.Equal(t, "baseBranch", pr.BaseBranch)
-	assert.Equal(t, "headBranch", pr.HeadBranch)
-	unittest.CheckConsistencyFor(t, pr)
-}
-
 func TestPullRequest_UpdateCols(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	pr := &issues_model.PullRequest{
@@ -285,7 +314,7 @@ func TestDeleteOrphanedObjects(t *testing.T) {
 
 	countAfter, err := db.GetEngine(db.DefaultContext).Count(&issues_model.PullRequest{})
 	assert.NoError(t, err)
-	assert.EqualValues(t, countBefore, countAfter)
+	assert.Equal(t, countBefore, countAfter)
 }
 
 func TestParseCodeOwnersLine(t *testing.T) {
@@ -318,7 +347,7 @@ func TestGetApprovers(t *testing.T) {
 	setting.Repository.PullRequest.DefaultMergeMessageOfficialApproversOnly = false
 	approvers := pr.GetApprovers(db.DefaultContext)
 	expected := "Reviewed-by: User Five <user5@example.com>\nReviewed-by: Org Six <org6@example.com>\n"
-	assert.EqualValues(t, expected, approvers)
+	assert.Equal(t, expected, approvers)
 }
 
 func TestGetPullRequestByMergedCommit(t *testing.T) {
diff --git a/models/issues/reaction.go b/models/issues/reaction.go
index f24001fd23..3b5ad6d7ab 100644
--- a/models/issues/reaction.go
+++ b/models/issues/reaction.go
@@ -224,21 +224,9 @@ func CreateReaction(ctx context.Context, opts *ReactionOptions) (*Reaction, erro
 		return nil, ErrForbiddenIssueReaction{opts.Type}
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	reaction, err := createReaction(ctx, opts)
-	if err != nil {
-		return reaction, err
-	}
-
-	if err := committer.Commit(); err != nil {
-		return nil, err
-	}
-	return reaction, nil
+	return db.WithTx2(ctx, func(ctx context.Context) (*Reaction, error) {
+		return createReaction(ctx, opts)
+	})
 }
 
 // DeleteReaction deletes reaction for issue or comment.
diff --git a/models/issues/review.go b/models/issues/review.go
index 1c5c2ee30a..b758fa5ffa 100644
--- a/models/issues/review.go
+++ b/models/issues/review.go
@@ -5,6 +5,7 @@ package issues
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"slices"
 	"strings"
@@ -333,54 +334,51 @@ func IsOfficialReviewerTeam(ctx context.Context, issue *Issue, team *organizatio
 
 // CreateReview creates a new review based on opts
 func CreateReview(ctx context.Context, opts CreateReviewOptions) (*Review, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-
-	review := &Review{
-		Issue:        opts.Issue,
-		IssueID:      opts.Issue.ID,
-		Reviewer:     opts.Reviewer,
-		ReviewerTeam: opts.ReviewerTeam,
-		Content:      opts.Content,
-		Official:     opts.Official,
-		CommitID:     opts.CommitID,
-		Stale:        opts.Stale,
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*Review, error) {
+		sess := db.GetEngine(ctx)
+
+		review := &Review{
+			Issue:        opts.Issue,
+			IssueID:      opts.Issue.ID,
+			Reviewer:     opts.Reviewer,
+			ReviewerTeam: opts.ReviewerTeam,
+			Content:      opts.Content,
+			Official:     opts.Official,
+			CommitID:     opts.CommitID,
+			Stale:        opts.Stale,
+		}
 
-	if opts.Reviewer != nil {
-		review.Type = opts.Type
-		review.ReviewerID = opts.Reviewer.ID
+		if opts.Reviewer != nil {
+			review.Type = opts.Type
+			review.ReviewerID = opts.Reviewer.ID
 
-		reviewCond := builder.Eq{"reviewer_id": opts.Reviewer.ID, "issue_id": opts.Issue.ID}
-		// make sure user review requests are cleared
-		if opts.Type != ReviewTypePending {
-			if _, err := sess.Where(reviewCond.And(builder.Eq{"type": ReviewTypeRequest})).Delete(new(Review)); err != nil {
-				return nil, err
+			reviewCond := builder.Eq{"reviewer_id": opts.Reviewer.ID, "issue_id": opts.Issue.ID}
+			// make sure user review requests are cleared
+			if opts.Type != ReviewTypePending {
+				if _, err := sess.Where(reviewCond.And(builder.Eq{"type": ReviewTypeRequest})).Delete(new(Review)); err != nil {
+					return nil, err
+				}
 			}
-		}
-		// make sure if the created review gets dismissed no old review surface
-		// other types can be ignored, as they don't affect branch protection
-		if opts.Type == ReviewTypeApprove || opts.Type == ReviewTypeReject {
-			if _, err := sess.Where(reviewCond.And(builder.In("type", ReviewTypeApprove, ReviewTypeReject))).
-				Cols("dismissed").Update(&Review{Dismissed: true}); err != nil {
-				return nil, err
+			// make sure if the created review gets dismissed no old review surface
+			// other types can be ignored, as they don't affect branch protection
+			if opts.Type == ReviewTypeApprove || opts.Type == ReviewTypeReject {
+				if _, err := sess.Where(reviewCond.And(builder.In("type", ReviewTypeApprove, ReviewTypeReject))).
+					Cols("dismissed").Update(&Review{Dismissed: true}); err != nil {
+					return nil, err
+				}
 			}
+		} else if opts.ReviewerTeam != nil {
+			review.Type = ReviewTypeRequest
+			review.ReviewerTeamID = opts.ReviewerTeam.ID
+		} else {
+			return nil, errors.New("provide either reviewer or reviewer team")
 		}
-	} else if opts.ReviewerTeam != nil {
-		review.Type = ReviewTypeRequest
-		review.ReviewerTeamID = opts.ReviewerTeam.ID
-	} else {
-		return nil, fmt.Errorf("provide either reviewer or reviewer team")
-	}
 
-	if _, err := sess.Insert(review); err != nil {
-		return nil, err
-	}
-	return review, committer.Commit()
+		if _, err := sess.Insert(review); err != nil {
+			return nil, err
+		}
+		return review, nil
+	})
 }
 
 // GetCurrentReview returns the current pending review of reviewer for given issue
@@ -604,168 +602,152 @@ func DismissReview(ctx context.Context, review *Review, isDismiss bool) (err err
 
 // InsertReviews inserts review and review comments
 func InsertReviews(ctx context.Context, reviews []*Review) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		sess := db.GetEngine(ctx)
 
-	for _, review := range reviews {
-		if _, err := sess.NoAutoTime().Insert(review); err != nil {
-			return err
-		}
+		for _, review := range reviews {
+			if _, err := sess.NoAutoTime().Insert(review); err != nil {
+				return err
+			}
 
-		if _, err := sess.NoAutoTime().Insert(&Comment{
-			Type:             CommentTypeReview,
-			Content:          review.Content,
-			PosterID:         review.ReviewerID,
-			OriginalAuthor:   review.OriginalAuthor,
-			OriginalAuthorID: review.OriginalAuthorID,
-			IssueID:          review.IssueID,
-			ReviewID:         review.ID,
-			CreatedUnix:      review.CreatedUnix,
-			UpdatedUnix:      review.UpdatedUnix,
-		}); err != nil {
-			return err
-		}
+			if _, err := sess.NoAutoTime().Insert(&Comment{
+				Type:             CommentTypeReview,
+				Content:          review.Content,
+				PosterID:         review.ReviewerID,
+				OriginalAuthor:   review.OriginalAuthor,
+				OriginalAuthorID: review.OriginalAuthorID,
+				IssueID:          review.IssueID,
+				ReviewID:         review.ID,
+				CreatedUnix:      review.CreatedUnix,
+				UpdatedUnix:      review.UpdatedUnix,
+			}); err != nil {
+				return err
+			}
 
-		for _, c := range review.Comments {
-			c.ReviewID = review.ID
-		}
+			for _, c := range review.Comments {
+				c.ReviewID = review.ID
+			}
 
-		if len(review.Comments) > 0 {
-			if _, err := sess.NoAutoTime().Insert(review.Comments); err != nil {
-				return err
+			if len(review.Comments) > 0 {
+				if _, err := sess.NoAutoTime().Insert(review.Comments); err != nil {
+					return err
+				}
 			}
-		}
 
-		if err := UpdateIssueNumComments(ctx, review.IssueID); err != nil {
-			return err
+			if err := UpdateIssueNumComments(ctx, review.IssueID); err != nil {
+				return err
+			}
 		}
-	}
-
-	return committer.Commit()
+		return nil
+	})
 }
 
 // AddReviewRequest add a review request from one reviewer
 func AddReviewRequest(ctx context.Context, issue *Issue, reviewer, doer *user_model.User) (*Comment, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		sess := db.GetEngine(ctx)
 
-	review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, reviewer.ID)
-	if err != nil && !IsErrReviewNotExist(err) {
-		return nil, err
-	}
-
-	if review != nil {
-		// skip it when reviewer hase been request to review
-		if review.Type == ReviewTypeRequest {
-			return nil, committer.Commit() // still commit the transaction, or committer.Close() will rollback it, even if it's a reused transaction.
-		}
-
-		if issue.IsClosed {
-			return nil, ErrReviewRequestOnClosedPR{}
+		review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, reviewer.ID)
+		if err != nil && !IsErrReviewNotExist(err) {
+			return nil, err
 		}
 
-		if issue.IsPull {
-			if err := issue.LoadPullRequest(ctx); err != nil {
-				return nil, err
+		if review != nil {
+			// skip it when reviewer has been request to review
+			if review.Type == ReviewTypeRequest {
+				return nil, nil // still commit the transaction, or committer.Close() will rollback it, even if it's a reused transaction.
 			}
-			if issue.PullRequest.HasMerged {
+
+			if issue.IsClosed {
 				return nil, ErrReviewRequestOnClosedPR{}
 			}
+
+			if issue.IsPull {
+				if err := issue.LoadPullRequest(ctx); err != nil {
+					return nil, err
+				}
+				if issue.PullRequest.HasMerged {
+					return nil, ErrReviewRequestOnClosedPR{}
+				}
+			}
 		}
-	}
 
-	// if the reviewer is an official reviewer,
-	// remove the official flag in the all previous reviews
-	official, err := IsOfficialReviewer(ctx, issue, reviewer)
-	if err != nil {
-		return nil, err
-	} else if official {
-		if _, err := sess.Exec("UPDATE `review` SET official=? WHERE issue_id=? AND reviewer_id=?", false, issue.ID, reviewer.ID); err != nil {
+		// if the reviewer is an official reviewer,
+		// remove the official flag in the all previous reviews
+		official, err := IsOfficialReviewer(ctx, issue, reviewer)
+		if err != nil {
 			return nil, err
+		} else if official {
+			if _, err := sess.Exec("UPDATE `review` SET official=? WHERE issue_id=? AND reviewer_id=?", false, issue.ID, reviewer.ID); err != nil {
+				return nil, err
+			}
 		}
-	}
 
-	review, err = CreateReview(ctx, CreateReviewOptions{
-		Type:     ReviewTypeRequest,
-		Issue:    issue,
-		Reviewer: reviewer,
-		Official: official,
-		Stale:    false,
-	})
-	if err != nil {
-		return nil, err
-	}
+		review, err = CreateReview(ctx, CreateReviewOptions{
+			Type:     ReviewTypeRequest,
+			Issue:    issue,
+			Reviewer: reviewer,
+			Official: official,
+			Stale:    false,
+		})
+		if err != nil {
+			return nil, err
+		}
 
-	comment, err := CreateComment(ctx, &CreateCommentOptions{
-		Type:            CommentTypeReviewRequest,
-		Doer:            doer,
-		Repo:            issue.Repo,
-		Issue:           issue,
-		RemovedAssignee: false,       // Use RemovedAssignee as !isRequest
-		AssigneeID:      reviewer.ID, // Use AssigneeID as reviewer ID
-		ReviewID:        review.ID,
-	})
-	if err != nil {
-		return nil, err
-	}
+		comment, err := CreateComment(ctx, &CreateCommentOptions{
+			Type:            CommentTypeReviewRequest,
+			Doer:            doer,
+			Repo:            issue.Repo,
+			Issue:           issue,
+			RemovedAssignee: false,       // Use RemovedAssignee as !isRequest
+			AssigneeID:      reviewer.ID, // Use AssigneeID as reviewer ID
+			ReviewID:        review.ID,
+		})
+		if err != nil {
+			return nil, err
+		}
 
-	// func caller use the created comment to retrieve created review too.
-	comment.Review = review
+		// func caller use the created comment to retrieve created review too.
+		comment.Review = review
 
-	return comment, committer.Commit()
+		return comment, nil
+	})
 }
 
 // RemoveReviewRequest remove a review request from one reviewer
 func RemoveReviewRequest(ctx context.Context, issue *Issue, reviewer, doer *user_model.User) (*Comment, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, reviewer.ID)
-	if err != nil && !IsErrReviewNotExist(err) {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, reviewer.ID)
+		if err != nil && !IsErrReviewNotExist(err) {
+			return nil, err
+		}
 
-	if review == nil || review.Type != ReviewTypeRequest {
-		return nil, nil
-	}
+		if review == nil || review.Type != ReviewTypeRequest {
+			return nil, nil
+		}
 
-	if _, err = db.DeleteByBean(ctx, review); err != nil {
-		return nil, err
-	}
+		if _, err = db.DeleteByBean(ctx, review); err != nil {
+			return nil, err
+		}
 
-	official, err := IsOfficialReviewer(ctx, issue, reviewer)
-	if err != nil {
-		return nil, err
-	} else if official {
-		if err := restoreLatestOfficialReview(ctx, issue.ID, reviewer.ID); err != nil {
+		official, err := IsOfficialReviewer(ctx, issue, reviewer)
+		if err != nil {
 			return nil, err
+		} else if official {
+			if err := restoreLatestOfficialReview(ctx, issue.ID, reviewer.ID); err != nil {
+				return nil, err
+			}
 		}
-	}
 
-	comment, err := CreateComment(ctx, &CreateCommentOptions{
-		Type:            CommentTypeReviewRequest,
-		Doer:            doer,
-		Repo:            issue.Repo,
-		Issue:           issue,
-		RemovedAssignee: true,        // Use RemovedAssignee as !isRequest
-		AssigneeID:      reviewer.ID, // Use AssigneeID as reviewer ID
+		return CreateComment(ctx, &CreateCommentOptions{
+			Type:            CommentTypeReviewRequest,
+			Doer:            doer,
+			Repo:            issue.Repo,
+			Issue:           issue,
+			RemovedAssignee: true,        // Use RemovedAssignee as !isRequest
+			AssigneeID:      reviewer.ID, // Use AssigneeID as reviewer ID
+		})
 	})
-	if err != nil {
-		return nil, err
-	}
-
-	return comment, committer.Commit()
 }
 
 // Recalculate the latest official review for reviewer
@@ -786,120 +768,112 @@ func restoreLatestOfficialReview(ctx context.Context, issueID, reviewerID int64)
 
 // AddTeamReviewRequest add a review request from one team
 func AddTeamReviewRequest(ctx context.Context, issue *Issue, reviewer *organization.Team, doer *user_model.User) (*Comment, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		review, err := GetTeamReviewerByIssueIDAndTeamID(ctx, issue.ID, reviewer.ID)
+		if err != nil && !IsErrReviewNotExist(err) {
+			return nil, err
+		}
 
-	review, err := GetTeamReviewerByIssueIDAndTeamID(ctx, issue.ID, reviewer.ID)
-	if err != nil && !IsErrReviewNotExist(err) {
-		return nil, err
-	}
+		// This team already has been requested to review - therefore skip this.
+		if review != nil {
+			return nil, nil
+		}
 
-	// This team already has been requested to review - therefore skip this.
-	if review != nil {
-		return nil, nil
-	}
+		official, err := IsOfficialReviewerTeam(ctx, issue, reviewer)
+		if err != nil {
+			return nil, fmt.Errorf("isOfficialReviewerTeam(): %w", err)
+		} else if !official {
+			if official, err = IsOfficialReviewer(ctx, issue, doer); err != nil {
+				return nil, fmt.Errorf("isOfficialReviewer(): %w", err)
+			}
+		}
 
-	official, err := IsOfficialReviewerTeam(ctx, issue, reviewer)
-	if err != nil {
-		return nil, fmt.Errorf("isOfficialReviewerTeam(): %w", err)
-	} else if !official {
-		if official, err = IsOfficialReviewer(ctx, issue, doer); err != nil {
-			return nil, fmt.Errorf("isOfficialReviewer(): %w", err)
+		if review, err = CreateReview(ctx, CreateReviewOptions{
+			Type:         ReviewTypeRequest,
+			Issue:        issue,
+			ReviewerTeam: reviewer,
+			Official:     official,
+			Stale:        false,
+		}); err != nil {
+			return nil, err
 		}
-	}
 
-	if review, err = CreateReview(ctx, CreateReviewOptions{
-		Type:         ReviewTypeRequest,
-		Issue:        issue,
-		ReviewerTeam: reviewer,
-		Official:     official,
-		Stale:        false,
-	}); err != nil {
-		return nil, err
-	}
+		if official {
+			if _, err := db.Exec(ctx, "UPDATE `review` SET official=? WHERE issue_id=? AND reviewer_team_id=?", false, issue.ID, reviewer.ID); err != nil {
+				return nil, err
+			}
+		}
 
-	if official {
-		if _, err := db.Exec(ctx, "UPDATE `review` SET official=? WHERE issue_id=? AND reviewer_team_id=?", false, issue.ID, reviewer.ID); err != nil {
-			return nil, err
+		comment, err := CreateComment(ctx, &CreateCommentOptions{
+			Type:            CommentTypeReviewRequest,
+			Doer:            doer,
+			Repo:            issue.Repo,
+			Issue:           issue,
+			RemovedAssignee: false,       // Use RemovedAssignee as !isRequest
+			AssigneeTeamID:  reviewer.ID, // Use AssigneeTeamID as reviewer team ID
+			ReviewID:        review.ID,
+		})
+		if err != nil {
+			return nil, fmt.Errorf("CreateComment(): %w", err)
 		}
-	}
 
-	comment, err := CreateComment(ctx, &CreateCommentOptions{
-		Type:            CommentTypeReviewRequest,
-		Doer:            doer,
-		Repo:            issue.Repo,
-		Issue:           issue,
-		RemovedAssignee: false,       // Use RemovedAssignee as !isRequest
-		AssigneeTeamID:  reviewer.ID, // Use AssigneeTeamID as reviewer team ID
-		ReviewID:        review.ID,
+		return comment, nil
 	})
-	if err != nil {
-		return nil, fmt.Errorf("CreateComment(): %w", err)
-	}
-
-	return comment, committer.Commit()
 }
 
 // RemoveTeamReviewRequest remove a review request from one team
 func RemoveTeamReviewRequest(ctx context.Context, issue *Issue, reviewer *organization.Team, doer *user_model.User) (*Comment, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	review, err := GetTeamReviewerByIssueIDAndTeamID(ctx, issue.ID, reviewer.ID)
-	if err != nil && !IsErrReviewNotExist(err) {
-		return nil, err
-	}
-
-	if review == nil {
-		return nil, nil
-	}
-
-	if _, err = db.DeleteByBean(ctx, review); err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*Comment, error) {
+		review, err := GetTeamReviewerByIssueIDAndTeamID(ctx, issue.ID, reviewer.ID)
+		if err != nil && !IsErrReviewNotExist(err) {
+			return nil, err
+		}
 
-	official, err := IsOfficialReviewerTeam(ctx, issue, reviewer)
-	if err != nil {
-		return nil, fmt.Errorf("isOfficialReviewerTeam(): %w", err)
-	}
+		if review == nil {
+			return nil, nil
+		}
 
-	if official {
-		// recalculate which is the latest official review from that team
-		review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, -reviewer.ID)
-		if err != nil && !IsErrReviewNotExist(err) {
+		if _, err = db.DeleteByBean(ctx, review); err != nil {
 			return nil, err
 		}
 
-		if review != nil {
-			if _, err := db.Exec(ctx, "UPDATE `review` SET official=? WHERE id=?", true, review.ID); err != nil {
+		official, err := IsOfficialReviewerTeam(ctx, issue, reviewer)
+		if err != nil {
+			return nil, fmt.Errorf("isOfficialReviewerTeam(): %w", err)
+		}
+
+		if official {
+			// recalculate which is the latest official review from that team
+			review, err := GetReviewByIssueIDAndUserID(ctx, issue.ID, -reviewer.ID)
+			if err != nil && !IsErrReviewNotExist(err) {
 				return nil, err
 			}
+
+			if review != nil {
+				if _, err := db.Exec(ctx, "UPDATE `review` SET official=? WHERE id=?", true, review.ID); err != nil {
+					return nil, err
+				}
+			}
 		}
-	}
 
-	if doer == nil {
-		return nil, committer.Commit()
-	}
+		if doer == nil {
+			return nil, nil
+		}
 
-	comment, err := CreateComment(ctx, &CreateCommentOptions{
-		Type:            CommentTypeReviewRequest,
-		Doer:            doer,
-		Repo:            issue.Repo,
-		Issue:           issue,
-		RemovedAssignee: true,        // Use RemovedAssignee as !isRequest
-		AssigneeTeamID:  reviewer.ID, // Use AssigneeTeamID as reviewer team ID
-	})
-	if err != nil {
-		return nil, fmt.Errorf("CreateComment(): %w", err)
-	}
+		comment, err := CreateComment(ctx, &CreateCommentOptions{
+			Type:            CommentTypeReviewRequest,
+			Doer:            doer,
+			Repo:            issue.Repo,
+			Issue:           issue,
+			RemovedAssignee: true,        // Use RemovedAssignee as !isRequest
+			AssigneeTeamID:  reviewer.ID, // Use AssigneeTeamID as reviewer team ID
+		})
+		if err != nil {
+			return nil, fmt.Errorf("CreateComment(): %w", err)
+		}
 
-	return comment, committer.Commit()
+		return comment, nil
+	})
 }
 
 // MarkConversation Add or remove Conversation mark for a code comment
@@ -933,7 +907,7 @@ func MarkConversation(ctx context.Context, comment *Comment, doer *user_model.Us
 // the PR writer , official reviewer and poster can do it
 func CanMarkConversation(ctx context.Context, issue *Issue, doer *user_model.User) (permResult bool, err error) {
 	if doer == nil || issue == nil {
-		return false, fmt.Errorf("issue or doer is nil")
+		return false, errors.New("issue or doer is nil")
 	}
 
 	if err = issue.LoadRepo(ctx); err != nil {
@@ -965,61 +939,56 @@ func CanMarkConversation(ctx context.Context, issue *Issue, doer *user_model.Use
 
 // DeleteReview delete a review and it's code comments
 func DeleteReview(ctx context.Context, r *Review) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if r.ID == 0 {
-		return fmt.Errorf("review is not allowed to be 0")
-	}
-
-	if r.Type == ReviewTypeRequest {
-		return fmt.Errorf("review request can not be deleted using this method")
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if r.ID == 0 {
+			return errors.New("review is not allowed to be 0")
+		}
 
-	opts := FindCommentsOptions{
-		Type:     CommentTypeCode,
-		IssueID:  r.IssueID,
-		ReviewID: r.ID,
-	}
+		if r.Type == ReviewTypeRequest {
+			return errors.New("review request can not be deleted using this method")
+		}
 
-	if _, err := db.Delete[Comment](ctx, opts); err != nil {
-		return err
-	}
+		opts := FindCommentsOptions{
+			Type:     CommentTypeCode,
+			IssueID:  r.IssueID,
+			ReviewID: r.ID,
+		}
 
-	opts = FindCommentsOptions{
-		Type:     CommentTypeReview,
-		IssueID:  r.IssueID,
-		ReviewID: r.ID,
-	}
+		if _, err := db.Delete[Comment](ctx, opts); err != nil {
+			return err
+		}
 
-	if _, err := db.Delete[Comment](ctx, opts); err != nil {
-		return err
-	}
+		opts = FindCommentsOptions{
+			Type:     CommentTypeReview,
+			IssueID:  r.IssueID,
+			ReviewID: r.ID,
+		}
 
-	opts = FindCommentsOptions{
-		Type:     CommentTypeDismissReview,
-		IssueID:  r.IssueID,
-		ReviewID: r.ID,
-	}
+		if _, err := db.Delete[Comment](ctx, opts); err != nil {
+			return err
+		}
 
-	if _, err := db.Delete[Comment](ctx, opts); err != nil {
-		return err
-	}
+		opts = FindCommentsOptions{
+			Type:     CommentTypeDismissReview,
+			IssueID:  r.IssueID,
+			ReviewID: r.ID,
+		}
 
-	if _, err := db.DeleteByID[Review](ctx, r.ID); err != nil {
-		return err
-	}
+		if _, err := db.Delete[Comment](ctx, opts); err != nil {
+			return err
+		}
 
-	if r.Official {
-		if err := restoreLatestOfficialReview(ctx, r.IssueID, r.ReviewerID); err != nil {
+		if _, err := db.DeleteByID[Review](ctx, r.ID); err != nil {
 			return err
 		}
-	}
 
-	return committer.Commit()
+		if r.Official {
+			if err := restoreLatestOfficialReview(ctx, r.IssueID, r.ReviewerID); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
 }
 
 // GetCodeCommentsCount return count of CodeComments a Review has
diff --git a/models/issues/review_list.go b/models/issues/review_list.go
index 928f24fb2d..bbb8c489fa 100644
--- a/models/issues/review_list.go
+++ b/models/issues/review_list.go
@@ -22,7 +22,7 @@ type ReviewList []*Review
 // LoadReviewers loads reviewers
 func (reviews ReviewList) LoadReviewers(ctx context.Context) error {
 	reviewerIDs := make([]int64, len(reviews))
-	for i := 0; i < len(reviews); i++ {
+	for i := range reviews {
 		reviewerIDs[i] = reviews[i].ReviewerID
 	}
 	reviewers, err := user_model.GetPossibleUserByIDs(ctx, reviewerIDs)
diff --git a/models/issues/stopwatch.go b/models/issues/stopwatch.go
index 7c05a3a883..761b8f91a0 100644
--- a/models/issues/stopwatch.go
+++ b/models/issues/stopwatch.go
@@ -5,7 +5,6 @@ package issues
 
 import (
 	"context"
-	"fmt"
 	"time"
 
 	"code.gitea.io/gitea/models/db"
@@ -15,20 +14,6 @@ import (
 	"code.gitea.io/gitea/modules/util"
 )
 
-// ErrIssueStopwatchNotExist represents an error that stopwatch is not exist
-type ErrIssueStopwatchNotExist struct {
-	UserID  int64
-	IssueID int64
-}
-
-func (err ErrIssueStopwatchNotExist) Error() string {
-	return fmt.Sprintf("issue stopwatch doesn't exist[uid: %d, issue_id: %d", err.UserID, err.IssueID)
-}
-
-func (err ErrIssueStopwatchNotExist) Unwrap() error {
-	return util.ErrNotExist
-}
-
 // Stopwatch represents a stopwatch for time tracking.
 type Stopwatch struct {
 	ID          int64              `xorm:"pk autoincr"`
@@ -55,13 +40,11 @@ func getStopwatch(ctx context.Context, userID, issueID int64) (sw *Stopwatch, ex
 	return sw, exists, err
 }
 
-// UserIDCount is a simple coalition of UserID and Count
 type UserStopwatch struct {
 	UserID      int64
 	StopWatches []*Stopwatch
 }
 
-// GetUIDsAndNotificationCounts between the two provided times
 func GetUIDsAndStopwatch(ctx context.Context) ([]*UserStopwatch, error) {
 	sws := []*Stopwatch{}
 	if err := db.GetEngine(ctx).Where("issue_id != 0").Find(&sws); err != nil {
@@ -87,7 +70,7 @@ func GetUIDsAndStopwatch(ctx context.Context) ([]*UserStopwatch, error) {
 	return res, nil
 }
 
-// GetUserStopwatches return list of all stopwatches of a user
+// GetUserStopwatches return list of the user's all stopwatches
 func GetUserStopwatches(ctx context.Context, userID int64, listOptions db.ListOptions) ([]*Stopwatch, error) {
 	sws := make([]*Stopwatch, 0, 8)
 	sess := db.GetEngine(ctx).Where("stopwatch.user_id = ?", userID)
@@ -102,7 +85,7 @@ func GetUserStopwatches(ctx context.Context, userID int64, listOptions db.ListOp
 	return sws, nil
 }
 
-// CountUserStopwatches return count of all stopwatches of a user
+// CountUserStopwatches return count of the user's all stopwatches
 func CountUserStopwatches(ctx context.Context, userID int64) (int64, error) {
 	return db.GetEngine(ctx).Where("user_id = ?", userID).Count(&Stopwatch{})
 }
@@ -136,43 +119,21 @@ func HasUserStopwatch(ctx context.Context, userID int64) (exists bool, sw *Stopw
 	return exists, sw, issue, err
 }
 
-// FinishIssueStopwatchIfPossible if stopwatch exist then finish it otherwise ignore
-func FinishIssueStopwatchIfPossible(ctx context.Context, user *user_model.User, issue *Issue) error {
-	_, exists, err := getStopwatch(ctx, user.ID, issue.ID)
-	if err != nil {
-		return err
-	}
-	if !exists {
-		return nil
-	}
-	return FinishIssueStopwatch(ctx, user, issue)
-}
-
-// CreateOrStopIssueStopwatch create an issue stopwatch if it's not exist, otherwise finish it
-func CreateOrStopIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue) error {
-	_, exists, err := getStopwatch(ctx, user.ID, issue.ID)
-	if err != nil {
-		return err
-	}
-	if exists {
-		return FinishIssueStopwatch(ctx, user, issue)
-	}
-	return CreateIssueStopwatch(ctx, user, issue)
-}
-
-// FinishIssueStopwatch if stopwatch exist then finish it otherwise return an error
-func FinishIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue) error {
+// FinishIssueStopwatch if stopwatch exists, then finish it.
+func FinishIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue) (ok bool, err error) {
 	sw, exists, err := getStopwatch(ctx, user.ID, issue.ID)
 	if err != nil {
-		return err
+		return false, err
+	} else if !exists {
+		return false, nil
 	}
-	if !exists {
-		return ErrIssueStopwatchNotExist{
-			UserID:  user.ID,
-			IssueID: issue.ID,
-		}
+	if err = finishIssueStopwatch(ctx, user, issue, sw); err != nil {
+		return false, err
 	}
+	return true, nil
+}
 
+func finishIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue, sw *Stopwatch) error {
 	// Create tracked time out of the time difference between start date and actual date
 	timediff := time.Now().Unix() - int64(sw.CreatedUnix)
 
@@ -184,14 +145,12 @@ func FinishIssueStopwatch(ctx context.Context, user *user_model.User, issue *Iss
 		Time:    timediff,
 	}
 
-	if err := db.Insert(ctx, tt); err != nil {
+	if err := issue.LoadRepo(ctx); err != nil {
 		return err
 	}
-
-	if err := issue.LoadRepo(ctx); err != nil {
+	if err := db.Insert(ctx, tt); err != nil {
 		return err
 	}
-
 	if _, err := CreateComment(ctx, &CreateCommentOptions{
 		Doer:    user,
 		Issue:   issue,
@@ -202,83 +161,65 @@ func FinishIssueStopwatch(ctx context.Context, user *user_model.User, issue *Iss
 	}); err != nil {
 		return err
 	}
-	_, err = db.DeleteByBean(ctx, sw)
+	_, err := db.DeleteByBean(ctx, sw)
 	return err
 }
 
-// CreateIssueStopwatch creates a stopwatch if not exist, otherwise return an error
-func CreateIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue) error {
-	if err := issue.LoadRepo(ctx); err != nil {
-		return err
-	}
-
-	// if another stopwatch is running: stop it
-	exists, _, otherIssue, err := HasUserStopwatch(ctx, user.ID)
-	if err != nil {
-		return err
-	}
-	if exists {
-		if err := FinishIssueStopwatch(ctx, user, otherIssue); err != nil {
-			return err
+// CreateIssueStopwatch creates a stopwatch if the issue doesn't have the user's stopwatch.
+// It also stops any other stopwatch that might be running for the user.
+func CreateIssueStopwatch(ctx context.Context, user *user_model.User, issue *Issue) (ok bool, err error) {
+	{ // if another issue's stopwatch is running: stop it; if this issue has a stopwatch: return an error.
+		exists, otherStopWatch, otherIssue, err := HasUserStopwatch(ctx, user.ID)
+		if err != nil {
+			return false, err
+		}
+		if exists {
+			if otherStopWatch.IssueID == issue.ID {
+				// don't allow starting stopwatch for the same issue
+				return false, nil
+			}
+			// stop the other issue's stopwatch
+			if err = finishIssueStopwatch(ctx, user, otherIssue, otherStopWatch); err != nil {
+				return false, err
+			}
 		}
 	}
 
-	// Create stopwatch
-	sw := &Stopwatch{
-		UserID:  user.ID,
-		IssueID: issue.ID,
+	if err = issue.LoadRepo(ctx); err != nil {
+		return false, err
 	}
-
-	if err := db.Insert(ctx, sw); err != nil {
-		return err
+	if err = db.Insert(ctx, &Stopwatch{UserID: user.ID, IssueID: issue.ID}); err != nil {
+		return false, err
 	}
-
-	if err := issue.LoadRepo(ctx); err != nil {
-		return err
-	}
-
-	if _, err := CreateComment(ctx, &CreateCommentOptions{
+	if _, err = CreateComment(ctx, &CreateCommentOptions{
 		Doer:  user,
 		Issue: issue,
 		Repo:  issue.Repo,
 		Type:  CommentTypeStartTracking,
 	}); err != nil {
-		return err
+		return false, err
 	}
-
-	return nil
+	return true, nil
 }
 
 // CancelStopwatch removes the given stopwatch and logs it into issue's timeline.
-func CancelStopwatch(ctx context.Context, user *user_model.User, issue *Issue) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	if err := cancelStopwatch(ctx, user, issue); err != nil {
-		return err
-	}
-	return committer.Commit()
-}
-
-func cancelStopwatch(ctx context.Context, user *user_model.User, issue *Issue) error {
-	e := db.GetEngine(ctx)
-	sw, exists, err := getStopwatch(ctx, user.ID, issue.ID)
-	if err != nil {
-		return err
-	}
-
-	if exists {
-		if _, err := e.Delete(sw); err != nil {
+func CancelStopwatch(ctx context.Context, user *user_model.User, issue *Issue) (ok bool, err error) {
+	err = db.WithTx(ctx, func(ctx context.Context) error {
+		e := db.GetEngine(ctx)
+		sw, exists, err := getStopwatch(ctx, user.ID, issue.ID)
+		if err != nil {
 			return err
+		} else if !exists {
+			return nil
 		}
 
-		if err := issue.LoadRepo(ctx); err != nil {
+		if err = issue.LoadRepo(ctx); err != nil {
 			return err
 		}
-
-		if _, err := CreateComment(ctx, &CreateCommentOptions{
+		if _, err = e.Delete(sw); err != nil {
+			return err
+		}
+		if _, err = CreateComment(ctx, &CreateCommentOptions{
 			Doer:  user,
 			Issue: issue,
 			Repo:  issue.Repo,
@@ -286,6 +227,8 @@ func cancelStopwatch(ctx context.Context, user *user_model.User, issue *Issue) e
 		}); err != nil {
 			return err
 		}
-	}
-	return nil
+		ok = true
+		return nil
+	})
+	return ok, err
 }
diff --git a/models/issues/stopwatch_test.go b/models/issues/stopwatch_test.go
index a1bf9dc931..6333c10234 100644
--- a/models/issues/stopwatch_test.go
+++ b/models/issues/stopwatch_test.go
@@ -10,7 +10,6 @@ import (
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/timeutil"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -18,26 +17,22 @@ import (
 func TestCancelStopwatch(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
-	user1, err := user_model.GetUserByID(db.DefaultContext, 1)
-	assert.NoError(t, err)
-
-	issue1, err := issues_model.GetIssueByID(db.DefaultContext, 1)
-	assert.NoError(t, err)
-	issue2, err := issues_model.GetIssueByID(db.DefaultContext, 2)
-	assert.NoError(t, err)
+	user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
+	issue1 := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
 
-	err = issues_model.CancelStopwatch(db.DefaultContext, user1, issue1)
+	ok, err := issues_model.CancelStopwatch(db.DefaultContext, user1, issue1)
 	assert.NoError(t, err)
+	assert.True(t, ok)
 	unittest.AssertNotExistsBean(t, &issues_model.Stopwatch{UserID: user1.ID, IssueID: issue1.ID})
+	unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{Type: issues_model.CommentTypeCancelTracking, PosterID: user1.ID, IssueID: issue1.ID})
 
-	_ = unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{Type: issues_model.CommentTypeCancelTracking, PosterID: user1.ID, IssueID: issue1.ID})
-
-	assert.NoError(t, issues_model.CancelStopwatch(db.DefaultContext, user1, issue2))
+	ok, err = issues_model.CancelStopwatch(db.DefaultContext, user1, issue1)
+	assert.NoError(t, err)
+	assert.False(t, ok)
 }
 
 func TestStopwatchExists(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
-
 	assert.True(t, issues_model.StopwatchExists(db.DefaultContext, 1, 1))
 	assert.False(t, issues_model.StopwatchExists(db.DefaultContext, 1, 2))
 }
@@ -58,21 +53,35 @@ func TestHasUserStopwatch(t *testing.T) {
 func TestCreateOrStopIssueStopwatch(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
-	user2, err := user_model.GetUserByID(db.DefaultContext, 2)
+	user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})
+	issue1 := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+	issue3 := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 3})
+
+	// create a new stopwatch
+	ok, err := issues_model.CreateIssueStopwatch(db.DefaultContext, user4, issue1)
 	assert.NoError(t, err)
-	org3, err := user_model.GetUserByID(db.DefaultContext, 3)
+	assert.True(t, ok)
+	unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: user4.ID, IssueID: issue1.ID})
+	// should not create a second stopwatch for the same issue
+	ok, err = issues_model.CreateIssueStopwatch(db.DefaultContext, user4, issue1)
 	assert.NoError(t, err)
-
-	issue1, err := issues_model.GetIssueByID(db.DefaultContext, 1)
+	assert.False(t, ok)
+	// on a different issue, it will finish the existing stopwatch and create a new one
+	ok, err = issues_model.CreateIssueStopwatch(db.DefaultContext, user4, issue3)
 	assert.NoError(t, err)
-	issue2, err := issues_model.GetIssueByID(db.DefaultContext, 2)
+	assert.True(t, ok)
+	unittest.AssertNotExistsBean(t, &issues_model.Stopwatch{UserID: user4.ID, IssueID: issue1.ID})
+	unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: user4.ID, IssueID: issue3.ID})
+
+	// user2 already has a stopwatch in test fixture
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	issue2 := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 2})
+	ok, err = issues_model.FinishIssueStopwatch(db.DefaultContext, user2, issue2)
 	assert.NoError(t, err)
-
-	assert.NoError(t, issues_model.CreateOrStopIssueStopwatch(db.DefaultContext, org3, issue1))
-	sw := unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: 3, IssueID: 1})
-	assert.LessOrEqual(t, sw.CreatedUnix, timeutil.TimeStampNow())
-
-	assert.NoError(t, issues_model.CreateOrStopIssueStopwatch(db.DefaultContext, user2, issue2))
-	unittest.AssertNotExistsBean(t, &issues_model.Stopwatch{UserID: 2, IssueID: 2})
-	unittest.AssertExistsAndLoadBean(t, &issues_model.TrackedTime{UserID: 2, IssueID: 2})
+	assert.True(t, ok)
+	unittest.AssertNotExistsBean(t, &issues_model.Stopwatch{UserID: user2.ID, IssueID: issue2.ID})
+	unittest.AssertExistsAndLoadBean(t, &issues_model.TrackedTime{UserID: user2.ID, IssueID: issue2.ID})
+	ok, err = issues_model.FinishIssueStopwatch(db.DefaultContext, user2, issue2)
+	assert.NoError(t, err)
+	assert.False(t, ok)
 }
diff --git a/models/issues/tracked_time.go b/models/issues/tracked_time.go
index ea404d36cd..9c11881e44 100644
--- a/models/issues/tracked_time.go
+++ b/models/issues/tracked_time.go
@@ -168,35 +168,31 @@ func GetTrackedSeconds(ctx context.Context, opts FindTrackedTimesOptions) (track
 
 // AddTime will add the given time (in seconds) to the issue
 func AddTime(ctx context.Context, user *user_model.User, issue *Issue, amount int64, created time.Time) (*TrackedTime, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	t, err := addTime(ctx, user, issue, amount, created)
-	if err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*TrackedTime, error) {
+		t, err := addTime(ctx, user, issue, amount, created)
+		if err != nil {
+			return nil, err
+		}
 
-	if err := issue.LoadRepo(ctx); err != nil {
-		return nil, err
-	}
+		if err := issue.LoadRepo(ctx); err != nil {
+			return nil, err
+		}
 
-	if _, err := CreateComment(ctx, &CreateCommentOptions{
-		Issue: issue,
-		Repo:  issue.Repo,
-		Doer:  user,
-		// Content before v1.21 did store the formatted string instead of seconds,
-		// so use "|" as delimiter to mark the new format
-		Content: fmt.Sprintf("|%d", amount),
-		Type:    CommentTypeAddTimeManual,
-		TimeID:  t.ID,
-	}); err != nil {
-		return nil, err
-	}
+		if _, err := CreateComment(ctx, &CreateCommentOptions{
+			Issue: issue,
+			Repo:  issue.Repo,
+			Doer:  user,
+			// Content before v1.21 did store the formatted string instead of seconds,
+			// so use "|" as delimiter to mark the new format
+			Content: fmt.Sprintf("|%d", amount),
+			Type:    CommentTypeAddTimeManual,
+			TimeID:  t.ID,
+		}); err != nil {
+			return nil, err
+		}
 
-	return t, committer.Commit()
+		return t, nil
+	})
 }
 
 func addTime(ctx context.Context, user *user_model.User, issue *Issue, amount int64, created time.Time) (*TrackedTime, error) {
@@ -241,72 +237,58 @@ func TotalTimesForEachUser(ctx context.Context, options *FindTrackedTimesOptions
 
 // DeleteIssueUserTimes deletes times for issue
 func DeleteIssueUserTimes(ctx context.Context, issue *Issue, user *user_model.User) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	opts := FindTrackedTimesOptions{
-		IssueID: issue.ID,
-		UserID:  user.ID,
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		opts := FindTrackedTimesOptions{
+			IssueID: issue.ID,
+			UserID:  user.ID,
+		}
 
-	removedTime, err := deleteTimes(ctx, opts)
-	if err != nil {
-		return err
-	}
-	if removedTime == 0 {
-		return db.ErrNotExist{Resource: "tracked_time"}
-	}
+		removedTime, err := deleteTimes(ctx, opts)
+		if err != nil {
+			return err
+		}
+		if removedTime == 0 {
+			return db.ErrNotExist{Resource: "tracked_time"}
+		}
 
-	if err := issue.LoadRepo(ctx); err != nil {
-		return err
-	}
-	if _, err := CreateComment(ctx, &CreateCommentOptions{
-		Issue: issue,
-		Repo:  issue.Repo,
-		Doer:  user,
-		// Content before v1.21 did store the formatted string instead of seconds,
-		// so use "|" as delimiter to mark the new format
-		Content: fmt.Sprintf("|%d", removedTime),
-		Type:    CommentTypeDeleteTimeManual,
-	}); err != nil {
+		if err := issue.LoadRepo(ctx); err != nil {
+			return err
+		}
+		_, err = CreateComment(ctx, &CreateCommentOptions{
+			Issue: issue,
+			Repo:  issue.Repo,
+			Doer:  user,
+			// Content before v1.21 did store the formatted string instead of seconds,
+			// so use "|" as delimiter to mark the new format
+			Content: fmt.Sprintf("|%d", removedTime),
+			Type:    CommentTypeDeleteTimeManual,
+		})
 		return err
-	}
-
-	return committer.Commit()
+	})
 }
 
 // DeleteTime delete a specific Time
 func DeleteTime(ctx context.Context, t *TrackedTime) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := t.LoadAttributes(ctx); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err := t.LoadAttributes(ctx); err != nil {
+			return err
+		}
 
-	if err := deleteTime(ctx, t); err != nil {
-		return err
-	}
+		if err := deleteTime(ctx, t); err != nil {
+			return err
+		}
 
-	if _, err := CreateComment(ctx, &CreateCommentOptions{
-		Issue: t.Issue,
-		Repo:  t.Issue.Repo,
-		Doer:  t.User,
-		// Content before v1.21 did store the formatted string instead of seconds,
-		// so use "|" as delimiter to mark the new format
-		Content: fmt.Sprintf("|%d", t.Time),
-		Type:    CommentTypeDeleteTimeManual,
-	}); err != nil {
+		_, err := CreateComment(ctx, &CreateCommentOptions{
+			Issue: t.Issue,
+			Repo:  t.Issue.Repo,
+			Doer:  t.User,
+			// Content before v1.21 did store the formatted string instead of seconds,
+			// so use "|" as delimiter to mark the new format
+			Content: fmt.Sprintf("|%d", t.Time),
+			Type:    CommentTypeDeleteTimeManual,
+		})
 		return err
-	}
-
-	return committer.Commit()
+	})
 }
 
 func deleteTimes(ctx context.Context, opts FindTrackedTimesOptions) (removedTime int64, err error) {
@@ -350,10 +332,7 @@ func GetIssueTotalTrackedTime(ctx context.Context, opts *IssuesOptions, isClosed
 	// we get the statistics in smaller chunks and get accumulates
 	var accum int64
 	for i := 0; i < len(opts.IssueIDs); {
-		chunk := i + MaxQueryParameters
-		if chunk > len(opts.IssueIDs) {
-			chunk = len(opts.IssueIDs)
-		}
+		chunk := min(i+MaxQueryParameters, len(opts.IssueIDs))
 		time, err := getIssueTotalTrackedTimeChunk(ctx, opts, isClosed, opts.IssueIDs[i:chunk])
 		if err != nil {
 			return 0, err
diff --git a/models/migrations/base/db.go b/models/migrations/base/db.go
index eb1c44a79e..479a46379c 100644
--- a/models/migrations/base/db.go
+++ b/models/migrations/base/db.go
@@ -52,7 +52,7 @@ func RecreateTable(sess *xorm.Session, bean any) error {
 	// TODO: This will not work if there are foreign keys
 
 	tableName := sess.Engine().TableName(bean)
-	tempTableName := fmt.Sprintf("tmp_recreate__%s", tableName)
+	tempTableName := "tmp_recreate__" + tableName
 
 	// We need to move the old table away and create a new one with the correct columns
 	// We will need to do this in stages to prevent data loss
@@ -82,7 +82,7 @@ func RecreateTable(sess *xorm.Session, bean any) error {
 	}
 	newTableColumns := table.Columns()
 	if len(newTableColumns) == 0 {
-		return fmt.Errorf("no columns in new table")
+		return errors.New("no columns in new table")
 	}
 	hasID := false
 	for _, column := range newTableColumns {
@@ -518,7 +518,7 @@ func ModifyColumn(x *xorm.Engine, tableName string, col *schemas.Column) error {
 
 func removeAllWithRetry(dir string) error {
 	var err error
-	for i := 0; i < 20; i++ {
+	for range 20 {
 		err = os.RemoveAll(dir)
 		if err == nil {
 			break
@@ -552,11 +552,11 @@ func deleteDB() error {
 		}
 		defer db.Close()
 
-		if _, err = db.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s", setting.Database.Name)); err != nil {
+		if _, err = db.Exec("DROP DATABASE IF EXISTS " + setting.Database.Name); err != nil {
 			return err
 		}
 
-		if _, err = db.Exec(fmt.Sprintf("CREATE DATABASE IF NOT EXISTS %s", setting.Database.Name)); err != nil {
+		if _, err = db.Exec("CREATE DATABASE IF NOT EXISTS " + setting.Database.Name); err != nil {
 			return err
 		}
 		return nil
@@ -568,11 +568,11 @@ func deleteDB() error {
 		}
 		defer db.Close()
 
-		if _, err = db.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s", setting.Database.Name)); err != nil {
+		if _, err = db.Exec("DROP DATABASE IF EXISTS " + setting.Database.Name); err != nil {
 			return err
 		}
 
-		if _, err = db.Exec(fmt.Sprintf("CREATE DATABASE %s", setting.Database.Name)); err != nil {
+		if _, err = db.Exec("CREATE DATABASE " + setting.Database.Name); err != nil {
 			return err
 		}
 		db.Close()
@@ -594,7 +594,7 @@ func deleteDB() error {
 
 			if !schrows.Next() {
 				// Create and setup a DB schema
-				_, err = db.Exec(fmt.Sprintf("CREATE SCHEMA %s", setting.Database.Schema))
+				_, err = db.Exec("CREATE SCHEMA " + setting.Database.Schema)
 				if err != nil {
 					return err
 				}
diff --git a/models/migrations/base/tests.go b/models/migrations/base/tests.go
index fe6de9c517..33fd1df707 100644
--- a/models/migrations/base/tests.go
+++ b/models/migrations/base/tests.go
@@ -1,7 +1,6 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-//nolint:forbidigo
 package base
 
 import (
@@ -15,6 +14,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/tempdir"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/testlogger"
 
@@ -105,7 +105,7 @@ func MainTest(m *testing.M) {
 	giteaConf := os.Getenv("GITEA_CONF")
 	if giteaConf == "" {
 		giteaConf = filepath.Join(filepath.Dir(setting.AppPath), "tests/sqlite.ini")
-		fmt.Printf("Environment variable $GITEA_CONF not set - defaulting to %s\n", giteaConf)
+		_, _ = fmt.Fprintf(os.Stderr, "Environment variable $GITEA_CONF not set - defaulting to %s\n", giteaConf)
 	}
 
 	if !filepath.IsAbs(giteaConf) {
@@ -114,15 +114,16 @@ func MainTest(m *testing.M) {
 		setting.CustomConf = giteaConf
 	}
 
-	tmpDataPath, err := os.MkdirTemp("", "data")
+	tmpDataPath, cleanup, err := tempdir.OsTempDir("gitea-test").MkdirTempRandom("data")
 	if err != nil {
 		testlogger.Fatalf("Unable to create temporary data path %v\n", err)
 	}
+	defer cleanup()
 
 	setting.CustomPath = filepath.Join(setting.AppWorkPath, "custom")
 	setting.AppDataPath = tmpDataPath
 
-	unittest.InitSettings()
+	unittest.InitSettingsForTesting()
 	if err = git.InitFull(context.Background()); err != nil {
 		testlogger.Fatalf("Unable to InitFull: %v\n", err)
 	}
@@ -132,10 +133,7 @@ func MainTest(m *testing.M) {
 	exitStatus := m.Run()
 
 	if err := removeAllWithRetry(setting.RepoRootPath); err != nil {
-		fmt.Fprintf(os.Stderr, "os.RemoveAll: %v\n", err)
-	}
-	if err := removeAllWithRetry(tmpDataPath); err != nil {
-		fmt.Fprintf(os.Stderr, "os.RemoveAll: %v\n", err)
+		_, _ = fmt.Fprintf(os.Stderr, "os.RemoveAll: %v\n", err)
 	}
 	os.Exit(exitStatus)
 }
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
index 572738013f..4f899453b5 100644
--- a/models/migrations/migrations.go
+++ b/models/migrations/migrations.go
@@ -6,6 +6,7 @@ package migrations
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/models/migrations/v1_10"
@@ -23,6 +24,7 @@ import (
 	"code.gitea.io/gitea/models/migrations/v1_22"
 	"code.gitea.io/gitea/models/migrations/v1_23"
 	"code.gitea.io/gitea/models/migrations/v1_24"
+	"code.gitea.io/gitea/models/migrations/v1_25"
 	"code.gitea.io/gitea/models/migrations/v1_6"
 	"code.gitea.io/gitea/models/migrations/v1_7"
 	"code.gitea.io/gitea/models/migrations/v1_8"
@@ -378,6 +380,12 @@ func prepareMigrationTasks() []*migration {
 		newMigration(315, "Add Ephemeral to ActionRunner", v1_24.AddEphemeralToActionRunner),
 		newMigration(316, "Add description for secrets and variables", v1_24.AddDescriptionForSecretsAndVariables),
 		newMigration(317, "Add new index for action for heatmap", v1_24.AddNewIndexForUserDashboard),
+		newMigration(318, "Add anonymous_access_mode for repo_unit", v1_24.AddRepoUnitAnonymousAccessMode),
+		newMigration(319, "Add ExclusiveOrder to Label table", v1_24.AddExclusiveOrderColumnToLabelTable),
+		newMigration(320, "Migrate two_factor_policy to login_source table", v1_24.MigrateSkipTwoFactor),
+
+		// Gitea 1.24.0 ends at database version 321
+		newMigration(321, "Use LONGTEXT for some columns and fix review_state.updated_files column", v1_25.UseLongTextInSomeColumnsAndFixBugs),
 	}
 	return preparedMigrations
 }
@@ -423,7 +431,7 @@ func EnsureUpToDate(ctx context.Context, x *xorm.Engine) error {
 	}
 
 	if currentDB < 0 {
-		return fmt.Errorf("database has not been initialized")
+		return errors.New("database has not been initialized")
 	}
 
 	if minDBVersion > currentDB {
diff --git a/models/migrations/migrations_test.go b/models/migrations/migrations_test.go
index e66b015b3d..8649d116f5 100644
--- a/models/migrations/migrations_test.go
+++ b/models/migrations/migrations_test.go
@@ -22,7 +22,7 @@ func TestMigrations(t *testing.T) {
 
 	assert.EqualValues(t, 71, migrationIDNumberToDBVersion(70))
 
-	assert.EqualValues(t, []*migration{{idNumber: 70}, {idNumber: 71}}, getPendingMigrations(70, preparedMigrations))
-	assert.EqualValues(t, []*migration{{idNumber: 71}}, getPendingMigrations(71, preparedMigrations))
-	assert.EqualValues(t, []*migration{}, getPendingMigrations(72, preparedMigrations))
+	assert.Equal(t, []*migration{{idNumber: 70}, {idNumber: 71}}, getPendingMigrations(70, preparedMigrations))
+	assert.Equal(t, []*migration{{idNumber: 71}}, getPendingMigrations(71, preparedMigrations))
+	assert.Equal(t, []*migration{}, getPendingMigrations(72, preparedMigrations))
 }
diff --git a/models/migrations/v1_10/v100.go b/models/migrations/v1_10/v100.go
index 5d2fd8e244..1742bea296 100644
--- a/models/migrations/v1_10/v100.go
+++ b/models/migrations/v1_10/v100.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"net/url"
diff --git a/models/migrations/v1_10/v101.go b/models/migrations/v1_10/v101.go
index f023a2a0e7..6c8dfe2486 100644
--- a/models/migrations/v1_10/v101.go
+++ b/models/migrations/v1_10/v101.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_10/v88.go b/models/migrations/v1_10/v88.go
index 7e86ac364f..eb8e81c19e 100644
--- a/models/migrations/v1_10/v88.go
+++ b/models/migrations/v1_10/v88.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"crypto/sha1"
diff --git a/models/migrations/v1_10/v89.go b/models/migrations/v1_10/v89.go
index d5f27ffdc6..0df2a6e17b 100644
--- a/models/migrations/v1_10/v89.go
+++ b/models/migrations/v1_10/v89.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v90.go b/models/migrations/v1_10/v90.go
index 295d4b1c1b..5521a97e32 100644
--- a/models/migrations/v1_10/v90.go
+++ b/models/migrations/v1_10/v90.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v91.go b/models/migrations/v1_10/v91.go
index 48cac2de70..08db6c2742 100644
--- a/models/migrations/v1_10/v91.go
+++ b/models/migrations/v1_10/v91.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v92.go b/models/migrations/v1_10/v92.go
index 9080108594..b6c04a9234 100644
--- a/models/migrations/v1_10/v92.go
+++ b/models/migrations/v1_10/v92.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"xorm.io/builder"
diff --git a/models/migrations/v1_10/v93.go b/models/migrations/v1_10/v93.go
index ee59a8db39..c131be9a8d 100644
--- a/models/migrations/v1_10/v93.go
+++ b/models/migrations/v1_10/v93.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v94.go b/models/migrations/v1_10/v94.go
index c131af162b..13b7d7b303 100644
--- a/models/migrations/v1_10/v94.go
+++ b/models/migrations/v1_10/v94.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v95.go b/models/migrations/v1_10/v95.go
index 3b1f67fd9c..86b52026bf 100644
--- a/models/migrations/v1_10/v95.go
+++ b/models/migrations/v1_10/v95.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v96.go b/models/migrations/v1_10/v96.go
index 34c8240031..ca35a169c4 100644
--- a/models/migrations/v1_10/v96.go
+++ b/models/migrations/v1_10/v96.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"path/filepath"
diff --git a/models/migrations/v1_10/v97.go b/models/migrations/v1_10/v97.go
index dee45b32e3..5872bb63e5 100644
--- a/models/migrations/v1_10/v97.go
+++ b/models/migrations/v1_10/v97.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v98.go b/models/migrations/v1_10/v98.go
index bdd9aed089..d21c326459 100644
--- a/models/migrations/v1_10/v98.go
+++ b/models/migrations/v1_10/v98.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_10/v99.go b/models/migrations/v1_10/v99.go
index ebe6597f7c..223c188057 100644
--- a/models/migrations/v1_10/v99.go
+++ b/models/migrations/v1_10/v99.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_10 //nolint
+package v1_10
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_11/v102.go b/models/migrations/v1_11/v102.go
index 9358e4cef3..e52290afb0 100644
--- a/models/migrations/v1_11/v102.go
+++ b/models/migrations/v1_11/v102.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_11/v103.go b/models/migrations/v1_11/v103.go
index 53527dac58..a515710160 100644
--- a/models/migrations/v1_11/v103.go
+++ b/models/migrations/v1_11/v103.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v104.go b/models/migrations/v1_11/v104.go
index 3e8ee64bc1..3b0d3c64b2 100644
--- a/models/migrations/v1_11/v104.go
+++ b/models/migrations/v1_11/v104.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_11/v105.go b/models/migrations/v1_11/v105.go
index b91340c30a..d86973a0f6 100644
--- a/models/migrations/v1_11/v105.go
+++ b/models/migrations/v1_11/v105.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v106.go b/models/migrations/v1_11/v106.go
index ecb11cdd1e..edffe18683 100644
--- a/models/migrations/v1_11/v106.go
+++ b/models/migrations/v1_11/v106.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v107.go b/models/migrations/v1_11/v107.go
index f0bfe5862c..a158e3bb50 100644
--- a/models/migrations/v1_11/v107.go
+++ b/models/migrations/v1_11/v107.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v108.go b/models/migrations/v1_11/v108.go
index a85096234d..8f14504ceb 100644
--- a/models/migrations/v1_11/v108.go
+++ b/models/migrations/v1_11/v108.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v109.go b/models/migrations/v1_11/v109.go
index ea565ccda3..f7616aec7b 100644
--- a/models/migrations/v1_11/v109.go
+++ b/models/migrations/v1_11/v109.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v110.go b/models/migrations/v1_11/v110.go
index 81afa1331d..512f728c03 100644
--- a/models/migrations/v1_11/v110.go
+++ b/models/migrations/v1_11/v110.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_11/v111.go b/models/migrations/v1_11/v111.go
index ff108479a9..c27465f051 100644
--- a/models/migrations/v1_11/v111.go
+++ b/models/migrations/v1_11/v111.go
@@ -1,10 +1,11 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"fmt"
+	"slices"
 
 	"xorm.io/xorm"
 )
@@ -344,10 +345,8 @@ func AddBranchProtectionCanPushAndEnableWhitelist(x *xorm.Engine) error {
 			}
 			return AccessModeWrite <= perm.UnitsMode[UnitTypeCode], nil
 		}
-		for _, id := range protectedBranch.ApprovalsWhitelistUserIDs {
-			if id == reviewer.ID {
-				return true, nil
-			}
+		if slices.Contains(protectedBranch.ApprovalsWhitelistUserIDs, reviewer.ID) {
+			return true, nil
 		}
 
 		// isUserInTeams
diff --git a/models/migrations/v1_11/v112.go b/models/migrations/v1_11/v112.go
index 0857663119..fe45cf9222 100644
--- a/models/migrations/v1_11/v112.go
+++ b/models/migrations/v1_11/v112.go
@@ -1,12 +1,12 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
-	"fmt"
 	"path/filepath"
 
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 
@@ -31,7 +31,7 @@ func RemoveAttachmentMissedRepo(x *xorm.Engine) error {
 		for i := 0; i < len(attachments); i++ {
 			uuid := attachments[i].UUID
 			if err = util.RemoveAll(filepath.Join(setting.Attachment.Storage.Path, uuid[0:1], uuid[1:2], uuid)); err != nil {
-				fmt.Printf("Error: %v", err) //nolint:forbidigo
+				log.Warn("Unable to remove attachment file by UUID %s: %v", uuid, err)
 			}
 		}
 
diff --git a/models/migrations/v1_11/v113.go b/models/migrations/v1_11/v113.go
index dea344a44f..a4d54f66fb 100644
--- a/models/migrations/v1_11/v113.go
+++ b/models/migrations/v1_11/v113.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_11/v114.go b/models/migrations/v1_11/v114.go
index 95adcee989..9467a8a90c 100644
--- a/models/migrations/v1_11/v114.go
+++ b/models/migrations/v1_11/v114.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"net/url"
diff --git a/models/migrations/v1_11/v115.go b/models/migrations/v1_11/v115.go
index 8c631cfd0b..5933c0520f 100644
--- a/models/migrations/v1_11/v115.go
+++ b/models/migrations/v1_11/v115.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"crypto/md5"
@@ -146,7 +146,7 @@ func copyOldAvatarToNewLocation(userID int64, oldAvatar string) (string, error)
 		return "", fmt.Errorf("io.ReadAll: %w", err)
 	}
 
-	newAvatar := fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("%d-%x", userID, md5.Sum(data)))))
+	newAvatar := fmt.Sprintf("%x", md5.Sum(fmt.Appendf(nil, "%d-%x", userID, md5.Sum(data))))
 	if newAvatar == oldAvatar {
 		return newAvatar, nil
 	}
diff --git a/models/migrations/v1_11/v116.go b/models/migrations/v1_11/v116.go
index 85aa76c1e0..729fbad18b 100644
--- a/models/migrations/v1_11/v116.go
+++ b/models/migrations/v1_11/v116.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_11 //nolint
+package v1_11
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v117.go b/models/migrations/v1_12/v117.go
index 8eadcdef2b..73b58ca34b 100644
--- a/models/migrations/v1_12/v117.go
+++ b/models/migrations/v1_12/v117.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v118.go b/models/migrations/v1_12/v118.go
index eb022dc5e4..e8b4249743 100644
--- a/models/migrations/v1_12/v118.go
+++ b/models/migrations/v1_12/v118.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v119.go b/models/migrations/v1_12/v119.go
index 60bfe6a57d..b4bf29a935 100644
--- a/models/migrations/v1_12/v119.go
+++ b/models/migrations/v1_12/v119.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v120.go b/models/migrations/v1_12/v120.go
index 3f7ed8d373..14d515f5a7 100644
--- a/models/migrations/v1_12/v120.go
+++ b/models/migrations/v1_12/v120.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v121.go b/models/migrations/v1_12/v121.go
index 175ec9164d..a28ae4e1c9 100644
--- a/models/migrations/v1_12/v121.go
+++ b/models/migrations/v1_12/v121.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_12/v122.go b/models/migrations/v1_12/v122.go
index 6e31d863a1..bc1b175f6a 100644
--- a/models/migrations/v1_12/v122.go
+++ b/models/migrations/v1_12/v122.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v123.go b/models/migrations/v1_12/v123.go
index b0c3af07a3..52b10bb850 100644
--- a/models/migrations/v1_12/v123.go
+++ b/models/migrations/v1_12/v123.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v124.go b/models/migrations/v1_12/v124.go
index d2ba03ffe0..9a93f436d4 100644
--- a/models/migrations/v1_12/v124.go
+++ b/models/migrations/v1_12/v124.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v125.go b/models/migrations/v1_12/v125.go
index ec4ffaab25..7f582ecff5 100644
--- a/models/migrations/v1_12/v125.go
+++ b/models/migrations/v1_12/v125.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v126.go b/models/migrations/v1_12/v126.go
index ca9ec3aa3f..64fd7f7478 100644
--- a/models/migrations/v1_12/v126.go
+++ b/models/migrations/v1_12/v126.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/builder"
diff --git a/models/migrations/v1_12/v127.go b/models/migrations/v1_12/v127.go
index 00e391dc87..9bd78db95e 100644
--- a/models/migrations/v1_12/v127.go
+++ b/models/migrations/v1_12/v127.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v128.go b/models/migrations/v1_12/v128.go
index cba64711d0..e7dbff3766 100644
--- a/models/migrations/v1_12/v128.go
+++ b/models/migrations/v1_12/v128.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v129.go b/models/migrations/v1_12/v129.go
index cf228242b9..3e4d3aca68 100644
--- a/models/migrations/v1_12/v129.go
+++ b/models/migrations/v1_12/v129.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v130.go b/models/migrations/v1_12/v130.go
index 391810c7ca..107bb756fd 100644
--- a/models/migrations/v1_12/v130.go
+++ b/models/migrations/v1_12/v130.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"code.gitea.io/gitea/modules/json"
diff --git a/models/migrations/v1_12/v131.go b/models/migrations/v1_12/v131.go
index 5184bc3590..1266c2f185 100644
--- a/models/migrations/v1_12/v131.go
+++ b/models/migrations/v1_12/v131.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v132.go b/models/migrations/v1_12/v132.go
index 3b2b28f7ab..8b1ae6db93 100644
--- a/models/migrations/v1_12/v132.go
+++ b/models/migrations/v1_12/v132.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v133.go b/models/migrations/v1_12/v133.go
index c9087fc8c1..69e20597d8 100644
--- a/models/migrations/v1_12/v133.go
+++ b/models/migrations/v1_12/v133.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_12/v134.go b/models/migrations/v1_12/v134.go
index a918d38757..09d743964d 100644
--- a/models/migrations/v1_12/v134.go
+++ b/models/migrations/v1_12/v134.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v135.go b/models/migrations/v1_12/v135.go
index 8898011df5..5df0ad7fc4 100644
--- a/models/migrations/v1_12/v135.go
+++ b/models/migrations/v1_12/v135.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v136.go b/models/migrations/v1_12/v136.go
index d91ff92feb..0f53278b46 100644
--- a/models/migrations/v1_12/v136.go
+++ b/models/migrations/v1_12/v136.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v137.go b/models/migrations/v1_12/v137.go
index 0d86b72010..9d38483488 100644
--- a/models/migrations/v1_12/v137.go
+++ b/models/migrations/v1_12/v137.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_12/v138.go b/models/migrations/v1_12/v138.go
index 8c8d353f40..4485adeb2d 100644
--- a/models/migrations/v1_12/v138.go
+++ b/models/migrations/v1_12/v138.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_12/v139.go b/models/migrations/v1_12/v139.go
index 279aa7df87..a3799841ac 100644
--- a/models/migrations/v1_12/v139.go
+++ b/models/migrations/v1_12/v139.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_12 //nolint
+package v1_12
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_13/v140.go b/models/migrations/v1_13/v140.go
index 2d3337012d..a9a047bca9 100644
--- a/models/migrations/v1_13/v140.go
+++ b/models/migrations/v1_13/v140.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"fmt"
@@ -21,12 +21,7 @@ func FixLanguageStatsToSaveSize(x *xorm.Engine) error {
 	// RepoIndexerType specifies the repository indexer type
 	type RepoIndexerType int
 
-	const (
-		// RepoIndexerTypeCode code indexer - 0
-		RepoIndexerTypeCode RepoIndexerType = iota //nolint:unused
-		// RepoIndexerTypeStats repository stats indexer - 1
-		RepoIndexerTypeStats
-	)
+	const RepoIndexerTypeStats RepoIndexerType = 1
 
 	// RepoIndexerStatus see models/repo_indexer.go
 	type RepoIndexerStatus struct {
@@ -46,7 +41,7 @@ func FixLanguageStatsToSaveSize(x *xorm.Engine) error {
 	}
 
 	// Delete language stats
-	if _, err := x.Exec(fmt.Sprintf("%s language_stat", truncExpr)); err != nil {
+	if _, err := x.Exec(truncExpr + " language_stat"); err != nil {
 		return err
 	}
 
diff --git a/models/migrations/v1_13/v141.go b/models/migrations/v1_13/v141.go
index ae211e0e44..b54bc1727c 100644
--- a/models/migrations/v1_13/v141.go
+++ b/models/migrations/v1_13/v141.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_13/v142.go b/models/migrations/v1_13/v142.go
index 7c7c01ad47..d08a0ae0bf 100644
--- a/models/migrations/v1_13/v142.go
+++ b/models/migrations/v1_13/v142.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_13/v143.go b/models/migrations/v1_13/v143.go
index 885768dff3..b9a856ed0f 100644
--- a/models/migrations/v1_13/v143.go
+++ b/models/migrations/v1_13/v143.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_13/v144.go b/models/migrations/v1_13/v144.go
index f5a0bc5751..9352d78bc8 100644
--- a/models/migrations/v1_13/v144.go
+++ b/models/migrations/v1_13/v144.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_13/v145.go b/models/migrations/v1_13/v145.go
index 8acb29bf33..86ebb4f9d9 100644
--- a/models/migrations/v1_13/v145.go
+++ b/models/migrations/v1_13/v145.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"fmt"
@@ -42,7 +42,7 @@ func IncreaseLanguageField(x *xorm.Engine) error {
 
 	switch {
 	case setting.Database.Type.IsMySQL():
-		if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE language_stat MODIFY COLUMN language %s", sqlType)); err != nil {
+		if _, err := sess.Exec("ALTER TABLE language_stat MODIFY COLUMN language " + sqlType); err != nil {
 			return err
 		}
 	case setting.Database.Type.IsMSSQL():
@@ -64,7 +64,7 @@ func IncreaseLanguageField(x *xorm.Engine) error {
 				return fmt.Errorf("Drop table `language_stat` constraint `%s`: %w", constraint, err)
 			}
 		}
-		if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE language_stat ALTER COLUMN language %s", sqlType)); err != nil {
+		if _, err := sess.Exec("ALTER TABLE language_stat ALTER COLUMN language " + sqlType); err != nil {
 			return err
 		}
 		// Finally restore the constraint
@@ -72,7 +72,7 @@ func IncreaseLanguageField(x *xorm.Engine) error {
 			return err
 		}
 	case setting.Database.Type.IsPostgreSQL():
-		if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE language_stat ALTER COLUMN language TYPE %s", sqlType)); err != nil {
+		if _, err := sess.Exec("ALTER TABLE language_stat ALTER COLUMN language TYPE " + sqlType); err != nil {
 			return err
 		}
 	}
diff --git a/models/migrations/v1_13/v146.go b/models/migrations/v1_13/v146.go
index 7d9a878704..355c772c26 100644
--- a/models/migrations/v1_13/v146.go
+++ b/models/migrations/v1_13/v146.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_13/v147.go b/models/migrations/v1_13/v147.go
index 510ef39b28..0059c06220 100644
--- a/models/migrations/v1_13/v147.go
+++ b/models/migrations/v1_13/v147.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_13/v148.go b/models/migrations/v1_13/v148.go
index 7bb8ab700b..d276db3d61 100644
--- a/models/migrations/v1_13/v148.go
+++ b/models/migrations/v1_13/v148.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_13/v149.go b/models/migrations/v1_13/v149.go
index 2a1db04cbb..a96b8e5ac7 100644
--- a/models/migrations/v1_13/v149.go
+++ b/models/migrations/v1_13/v149.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_13/v150.go b/models/migrations/v1_13/v150.go
index d5ba489566..590ea72903 100644
--- a/models/migrations/v1_13/v150.go
+++ b/models/migrations/v1_13/v150.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_13/v151.go b/models/migrations/v1_13/v151.go
index 25af1d03ec..454929534f 100644
--- a/models/migrations/v1_13/v151.go
+++ b/models/migrations/v1_13/v151.go
@@ -1,10 +1,11 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -113,7 +114,7 @@ func SetDefaultPasswordToArgon2(x *xorm.Engine) error {
 
 	newTableColumns := table.Columns()
 	if len(newTableColumns) == 0 {
-		return fmt.Errorf("no columns in new table")
+		return errors.New("no columns in new table")
 	}
 	hasID := false
 	for _, column := range newTableColumns {
diff --git a/models/migrations/v1_13/v152.go b/models/migrations/v1_13/v152.go
index 502c82a40d..648e26446f 100644
--- a/models/migrations/v1_13/v152.go
+++ b/models/migrations/v1_13/v152.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_13/v153.go b/models/migrations/v1_13/v153.go
index 0b2dd3eb62..e5462fc162 100644
--- a/models/migrations/v1_13/v153.go
+++ b/models/migrations/v1_13/v153.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_13/v154.go b/models/migrations/v1_13/v154.go
index 60cc56713e..5477d1b889 100644
--- a/models/migrations/v1_13/v154.go
+++ b/models/migrations/v1_13/v154.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_13 //nolint
+package v1_13
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_14/main_test.go b/models/migrations/v1_14/main_test.go
index 7a091b9b9a..978f88577c 100644
--- a/models/migrations/v1_14/main_test.go
+++ b/models/migrations/v1_14/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"testing"
diff --git a/models/migrations/v1_14/v155.go b/models/migrations/v1_14/v155.go
index e814f59938..505a9ae033 100644
--- a/models/migrations/v1_14/v155.go
+++ b/models/migrations/v1_14/v155.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v156.go b/models/migrations/v1_14/v156.go
index 2cf4954a15..2fa5819610 100644
--- a/models/migrations/v1_14/v156.go
+++ b/models/migrations/v1_14/v156.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v157.go b/models/migrations/v1_14/v157.go
index 7187278d29..2c5625ebbd 100644
--- a/models/migrations/v1_14/v157.go
+++ b/models/migrations/v1_14/v157.go
@@ -1,24 +1,13 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"xorm.io/xorm"
 )
 
 func FixRepoTopics(x *xorm.Engine) error {
-	type Topic struct { //nolint:unused
-		ID        int64  `xorm:"pk autoincr"`
-		Name      string `xorm:"UNIQUE VARCHAR(25)"`
-		RepoCount int
-	}
-
-	type RepoTopic struct { //nolint:unused
-		RepoID  int64 `xorm:"pk"`
-		TopicID int64 `xorm:"pk"`
-	}
-
 	type Repository struct {
 		ID     int64    `xorm:"pk autoincr"`
 		Topics []string `xorm:"TEXT JSON"`
diff --git a/models/migrations/v1_14/v158.go b/models/migrations/v1_14/v158.go
index 1094d8abf7..3c57e8e3da 100644
--- a/models/migrations/v1_14/v158.go
+++ b/models/migrations/v1_14/v158.go
@@ -1,10 +1,10 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
-	"fmt"
+	"errors"
 	"strconv"
 
 	"code.gitea.io/gitea/modules/log"
@@ -82,7 +82,7 @@ func UpdateCodeCommentReplies(x *xorm.Engine) error {
 			sqlCmd = "SELECT TOP " + strconv.Itoa(batchSize) + " * FROM #temp_comments WHERE " +
 				"(id NOT IN ( SELECT TOP " + strconv.Itoa(start) + " id FROM #temp_comments ORDER BY id )) ORDER BY id"
 		default:
-			return fmt.Errorf("Unsupported database type")
+			return errors.New("Unsupported database type")
 		}
 
 		if err := sess.SQL(sqlCmd).Find(&comments); err != nil {
diff --git a/models/migrations/v1_14/v159.go b/models/migrations/v1_14/v159.go
index 149ae0f6a8..e6f6f0f061 100644
--- a/models/migrations/v1_14/v159.go
+++ b/models/migrations/v1_14/v159.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_14/v160.go b/models/migrations/v1_14/v160.go
index 4dea91b514..73f3798954 100644
--- a/models/migrations/v1_14/v160.go
+++ b/models/migrations/v1_14/v160.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_14/v161.go b/models/migrations/v1_14/v161.go
index ac7e821a80..eb92dee77c 100644
--- a/models/migrations/v1_14/v161.go
+++ b/models/migrations/v1_14/v161.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"context"
diff --git a/models/migrations/v1_14/v162.go b/models/migrations/v1_14/v162.go
index 2e4e0b8eb0..a0ddd36d55 100644
--- a/models/migrations/v1_14/v162.go
+++ b/models/migrations/v1_14/v162.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_14/v163.go b/models/migrations/v1_14/v163.go
index 0cd8ba68c8..84c35190b7 100644
--- a/models/migrations/v1_14/v163.go
+++ b/models/migrations/v1_14/v163.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_14/v164.go b/models/migrations/v1_14/v164.go
index 54f6951427..d2fd9b8464 100644
--- a/models/migrations/v1_14/v164.go
+++ b/models/migrations/v1_14/v164.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v165.go b/models/migrations/v1_14/v165.go
index 926350cdf7..6e1b34156b 100644
--- a/models/migrations/v1_14/v165.go
+++ b/models/migrations/v1_14/v165.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
@@ -16,10 +16,7 @@ func ConvertHookTaskTypeToVarcharAndTrim(x *xorm.Engine) error {
 		return nil
 	}
 
-	type HookTask struct { //nolint:unused
-		Typ string `xorm:"VARCHAR(16) index"`
-	}
-
+	// HookTask: Typ string `xorm:"VARCHAR(16) index"`
 	if err := base.ModifyColumn(x, "hook_task", &schemas.Column{
 		Name: "typ",
 		SQLType: schemas.SQLType{
@@ -42,10 +39,7 @@ func ConvertHookTaskTypeToVarcharAndTrim(x *xorm.Engine) error {
 		return err
 	}
 
-	type Webhook struct { //nolint:unused
-		Type string `xorm:"VARCHAR(16) index"`
-	}
-
+	// Webhook: Type string `xorm:"VARCHAR(16) index"`
 	if err := base.ModifyColumn(x, "webhook", &schemas.Column{
 		Name: "type",
 		SQLType: schemas.SQLType{
diff --git a/models/migrations/v1_14/v166.go b/models/migrations/v1_14/v166.go
index e5731582fd..4c106bd7da 100644
--- a/models/migrations/v1_14/v166.go
+++ b/models/migrations/v1_14/v166.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"crypto/sha256"
diff --git a/models/migrations/v1_14/v167.go b/models/migrations/v1_14/v167.go
index 9d416f6a32..d77bbc401e 100644
--- a/models/migrations/v1_14/v167.go
+++ b/models/migrations/v1_14/v167.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v168.go b/models/migrations/v1_14/v168.go
index a30a8859f7..aa93eec19b 100644
--- a/models/migrations/v1_14/v168.go
+++ b/models/migrations/v1_14/v168.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_14/v169.go b/models/migrations/v1_14/v169.go
index 5b81bb58b1..4f9df0d96f 100644
--- a/models/migrations/v1_14/v169.go
+++ b/models/migrations/v1_14/v169.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_14/v170.go b/models/migrations/v1_14/v170.go
index 7b6498a3e9..a2ff4623e1 100644
--- a/models/migrations/v1_14/v170.go
+++ b/models/migrations/v1_14/v170.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v171.go b/models/migrations/v1_14/v171.go
index 51a35a02ad..7b200e960a 100644
--- a/models/migrations/v1_14/v171.go
+++ b/models/migrations/v1_14/v171.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v172.go b/models/migrations/v1_14/v172.go
index 0f9bef902a..bbd61d87b2 100644
--- a/models/migrations/v1_14/v172.go
+++ b/models/migrations/v1_14/v172.go
@@ -1,7 +1,7 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_14/v173.go b/models/migrations/v1_14/v173.go
index 2d9eee9197..7752fbe966 100644
--- a/models/migrations/v1_14/v173.go
+++ b/models/migrations/v1_14/v173.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v174.go b/models/migrations/v1_14/v174.go
index c839e15db8..4049e43070 100644
--- a/models/migrations/v1_14/v174.go
+++ b/models/migrations/v1_14/v174.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v175.go b/models/migrations/v1_14/v175.go
index 70d72b2600..92ed130473 100644
--- a/models/migrations/v1_14/v175.go
+++ b/models/migrations/v1_14/v175.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v176.go b/models/migrations/v1_14/v176.go
index 1ed49f75fa..ef5dce9a02 100644
--- a/models/migrations/v1_14/v176.go
+++ b/models/migrations/v1_14/v176.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_14/v176_test.go b/models/migrations/v1_14/v176_test.go
index ea3e750d7f..5c1db4db71 100644
--- a/models/migrations/v1_14/v176_test.go
+++ b/models/migrations/v1_14/v176_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"testing"
diff --git a/models/migrations/v1_14/v177.go b/models/migrations/v1_14/v177.go
index 6e1838f369..96676bf8d9 100644
--- a/models/migrations/v1_14/v177.go
+++ b/models/migrations/v1_14/v177.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_14/v177_test.go b/models/migrations/v1_14/v177_test.go
index 5568a18fec..263f69f338 100644
--- a/models/migrations/v1_14/v177_test.go
+++ b/models/migrations/v1_14/v177_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_14 //nolint
+package v1_14
 
 import (
 	"testing"
diff --git a/models/migrations/v1_15/main_test.go b/models/migrations/v1_15/main_test.go
index 366f19788e..d01585e997 100644
--- a/models/migrations/v1_15/main_test.go
+++ b/models/migrations/v1_15/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"testing"
diff --git a/models/migrations/v1_15/v178.go b/models/migrations/v1_15/v178.go
index 6d236eb049..ca3a5c262e 100644
--- a/models/migrations/v1_15/v178.go
+++ b/models/migrations/v1_15/v178.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_15/v179.go b/models/migrations/v1_15/v179.go
index f6b142eb42..d6fb86ffec 100644
--- a/models/migrations/v1_15/v179.go
+++ b/models/migrations/v1_15/v179.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_15/v180.go b/models/migrations/v1_15/v180.go
index c71e771861..dd132f8330 100644
--- a/models/migrations/v1_15/v180.go
+++ b/models/migrations/v1_15/v180.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"code.gitea.io/gitea/modules/json"
diff --git a/models/migrations/v1_15/v181.go b/models/migrations/v1_15/v181.go
index 2185ed0213..fb1d3d7a75 100644
--- a/models/migrations/v1_15/v181.go
+++ b/models/migrations/v1_15/v181.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"strings"
diff --git a/models/migrations/v1_15/v181_test.go b/models/migrations/v1_15/v181_test.go
index 1b075be7a0..73b5c1f3d6 100644
--- a/models/migrations/v1_15/v181_test.go
+++ b/models/migrations/v1_15/v181_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"strings"
@@ -49,7 +49,7 @@ func Test_AddPrimaryEmail2EmailAddress(t *testing.T) {
 		assert.NoError(t, err)
 		assert.True(t, has)
 		assert.True(t, emailAddress.IsPrimary)
-		assert.EqualValues(t, user.IsActive, emailAddress.IsActivated)
-		assert.EqualValues(t, user.ID, emailAddress.UID)
+		assert.Equal(t, user.IsActive, emailAddress.IsActivated)
+		assert.Equal(t, user.ID, emailAddress.UID)
 	}
 }
diff --git a/models/migrations/v1_15/v182.go b/models/migrations/v1_15/v182.go
index 9ca500c0f9..f53ff11df9 100644
--- a/models/migrations/v1_15/v182.go
+++ b/models/migrations/v1_15/v182.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_15/v182_test.go b/models/migrations/v1_15/v182_test.go
index 75ef8e1cd8..5fc6a0c467 100644
--- a/models/migrations/v1_15/v182_test.go
+++ b/models/migrations/v1_15/v182_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"testing"
diff --git a/models/migrations/v1_15/v183.go b/models/migrations/v1_15/v183.go
index effad1b467..5d0582f03d 100644
--- a/models/migrations/v1_15/v183.go
+++ b/models/migrations/v1_15/v183.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_15/v184.go b/models/migrations/v1_15/v184.go
index 4b3dd1467a..2823bc1f7a 100644
--- a/models/migrations/v1_15/v184.go
+++ b/models/migrations/v1_15/v184.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"context"
diff --git a/models/migrations/v1_15/v185.go b/models/migrations/v1_15/v185.go
index e5878ec193..60af59edca 100644
--- a/models/migrations/v1_15/v185.go
+++ b/models/migrations/v1_15/v185.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_15/v186.go b/models/migrations/v1_15/v186.go
index 01aab3add5..67dc97d13d 100644
--- a/models/migrations/v1_15/v186.go
+++ b/models/migrations/v1_15/v186.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_15/v187.go b/models/migrations/v1_15/v187.go
index 21cd6772b7..5fd90c65fb 100644
--- a/models/migrations/v1_15/v187.go
+++ b/models/migrations/v1_15/v187.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_15/v188.go b/models/migrations/v1_15/v188.go
index 71e45cab0e..4494e6ff05 100644
--- a/models/migrations/v1_15/v188.go
+++ b/models/migrations/v1_15/v188.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_15 //nolint
+package v1_15
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_16/main_test.go b/models/migrations/v1_16/main_test.go
index 817a0c13a4..7f93d6e9e5 100644
--- a/models/migrations/v1_16/main_test.go
+++ b/models/migrations/v1_16/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"testing"
diff --git a/models/migrations/v1_16/v189.go b/models/migrations/v1_16/v189.go
index 5649645051..6bc99e58ab 100644
--- a/models/migrations/v1_16/v189.go
+++ b/models/migrations/v1_16/v189.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"encoding/binary"
diff --git a/models/migrations/v1_16/v189_test.go b/models/migrations/v1_16/v189_test.go
index 32ef821d27..fb56ac8e11 100644
--- a/models/migrations/v1_16/v189_test.go
+++ b/models/migrations/v1_16/v189_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"testing"
@@ -75,8 +75,8 @@ func Test_UnwrapLDAPSourceCfg(t *testing.T) {
 				return
 			}
 
-			assert.EqualValues(t, expected, converted, "UnwrapLDAPSourceCfg failed for %d", source.ID)
-			assert.EqualValues(t, source.ID%2 == 0, source.IsActive, "UnwrapLDAPSourceCfg failed for %d", source.ID)
+			assert.Equal(t, expected, converted, "UnwrapLDAPSourceCfg failed for %d", source.ID)
+			assert.Equal(t, source.ID%2 == 0, source.IsActive, "UnwrapLDAPSourceCfg failed for %d", source.ID)
 		}
 	}
 }
diff --git a/models/migrations/v1_16/v190.go b/models/migrations/v1_16/v190.go
index 5953802849..1eb6b6ddb4 100644
--- a/models/migrations/v1_16/v190.go
+++ b/models/migrations/v1_16/v190.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v191.go b/models/migrations/v1_16/v191.go
index c618783c08..957c82e484 100644
--- a/models/migrations/v1_16/v191.go
+++ b/models/migrations/v1_16/v191.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_16/v192.go b/models/migrations/v1_16/v192.go
index 2d5d158a09..9d03fbe3c8 100644
--- a/models/migrations/v1_16/v192.go
+++ b/models/migrations/v1_16/v192.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_16/v193.go b/models/migrations/v1_16/v193.go
index 8d3ce7a558..a5af2de380 100644
--- a/models/migrations/v1_16/v193.go
+++ b/models/migrations/v1_16/v193.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v193_test.go b/models/migrations/v1_16/v193_test.go
index b279967a2c..2e827f0550 100644
--- a/models/migrations/v1_16/v193_test.go
+++ b/models/migrations/v1_16/v193_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"testing"
@@ -62,7 +62,7 @@ func Test_AddRepoIDForAttachment(t *testing.T) {
 		has, err := x.ID(attach.IssueID).Get(&issue)
 		assert.NoError(t, err)
 		assert.True(t, has)
-		assert.EqualValues(t, attach.RepoID, issue.RepoID)
+		assert.Equal(t, attach.RepoID, issue.RepoID)
 	}
 
 	var releaseAttachments []*NewAttachment
@@ -75,6 +75,6 @@ func Test_AddRepoIDForAttachment(t *testing.T) {
 		has, err := x.ID(attach.ReleaseID).Get(&release)
 		assert.NoError(t, err)
 		assert.True(t, has)
-		assert.EqualValues(t, attach.RepoID, release.RepoID)
+		assert.Equal(t, attach.RepoID, release.RepoID)
 	}
 }
diff --git a/models/migrations/v1_16/v194.go b/models/migrations/v1_16/v194.go
index 6aa13c50cf..2e4ed8340e 100644
--- a/models/migrations/v1_16/v194.go
+++ b/models/migrations/v1_16/v194.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v195.go b/models/migrations/v1_16/v195.go
index 6d7e94141e..4fd42b7bd2 100644
--- a/models/migrations/v1_16/v195.go
+++ b/models/migrations/v1_16/v195.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v195_test.go b/models/migrations/v1_16/v195_test.go
index 742397bf32..946e06e399 100644
--- a/models/migrations/v1_16/v195_test.go
+++ b/models/migrations/v1_16/v195_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"testing"
diff --git a/models/migrations/v1_16/v196.go b/models/migrations/v1_16/v196.go
index 7cbafc61e5..6c9caa100f 100644
--- a/models/migrations/v1_16/v196.go
+++ b/models/migrations/v1_16/v196.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v197.go b/models/migrations/v1_16/v197.go
index 97888b2847..862bdfdcbd 100644
--- a/models/migrations/v1_16/v197.go
+++ b/models/migrations/v1_16/v197.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v198.go b/models/migrations/v1_16/v198.go
index 115bb313a0..f35ede138a 100644
--- a/models/migrations/v1_16/v198.go
+++ b/models/migrations/v1_16/v198.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v199.go b/models/migrations/v1_16/v199.go
index 6adcf890af..4020352f2b 100644
--- a/models/migrations/v1_16/v199.go
+++ b/models/migrations/v1_16/v199.go
@@ -1,6 +1,6 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 // We used to use a table `remote_version` to store information for updater, now we use `AppState`, so this migration task is a no-op now.
diff --git a/models/migrations/v1_16/v200.go b/models/migrations/v1_16/v200.go
index c08c20e51d..de57fad8fe 100644
--- a/models/migrations/v1_16/v200.go
+++ b/models/migrations/v1_16/v200.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v201.go b/models/migrations/v1_16/v201.go
index 35e0c9f2fb..2c43698b0c 100644
--- a/models/migrations/v1_16/v201.go
+++ b/models/migrations/v1_16/v201.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v202.go b/models/migrations/v1_16/v202.go
index 6ba36152f1..d8c8fdcadc 100644
--- a/models/migrations/v1_16/v202.go
+++ b/models/migrations/v1_16/v202.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v203.go b/models/migrations/v1_16/v203.go
index e8e6b52453..c3241cba57 100644
--- a/models/migrations/v1_16/v203.go
+++ b/models/migrations/v1_16/v203.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v204.go b/models/migrations/v1_16/v204.go
index ece03e1305..4d375307e7 100644
--- a/models/migrations/v1_16/v204.go
+++ b/models/migrations/v1_16/v204.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_16/v205.go b/models/migrations/v1_16/v205.go
index d6c577083c..78241bad5b 100644
--- a/models/migrations/v1_16/v205.go
+++ b/models/migrations/v1_16/v205.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_16/v206.go b/models/migrations/v1_16/v206.go
index 581a7d76e9..01a9c386eb 100644
--- a/models/migrations/v1_16/v206.go
+++ b/models/migrations/v1_16/v206.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_16/v207.go b/models/migrations/v1_16/v207.go
index 91208f066c..19126ead1f 100644
--- a/models/migrations/v1_16/v207.go
+++ b/models/migrations/v1_16/v207.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v208.go b/models/migrations/v1_16/v208.go
index 1a11ef096a..fb643324f4 100644
--- a/models/migrations/v1_16/v208.go
+++ b/models/migrations/v1_16/v208.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v209.go b/models/migrations/v1_16/v209.go
index be3100e02a..230838647b 100644
--- a/models/migrations/v1_16/v209.go
+++ b/models/migrations/v1_16/v209.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_16/v210.go b/models/migrations/v1_16/v210.go
index 51b7d81e99..0b94baf8e3 100644
--- a/models/migrations/v1_16/v210.go
+++ b/models/migrations/v1_16/v210.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"encoding/base32"
diff --git a/models/migrations/v1_16/v210_test.go b/models/migrations/v1_16/v210_test.go
index d43fb03106..3b4ac7aa4b 100644
--- a/models/migrations/v1_16/v210_test.go
+++ b/models/migrations/v1_16/v210_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_16 //nolint
+package v1_16
 
 import (
 	"testing"
@@ -71,5 +71,5 @@ func Test_RemigrateU2FCredentials(t *testing.T) {
 		return
 	}
 
-	assert.EqualValues(t, expected, got)
+	assert.Equal(t, expected, got)
 }
diff --git a/models/migrations/v1_17/main_test.go b/models/migrations/v1_17/main_test.go
index 79cb3fa078..571a4f55a3 100644
--- a/models/migrations/v1_17/main_test.go
+++ b/models/migrations/v1_17/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"testing"
diff --git a/models/migrations/v1_17/v211.go b/models/migrations/v1_17/v211.go
index 9b72c8610b..517cf19388 100644
--- a/models/migrations/v1_17/v211.go
+++ b/models/migrations/v1_17/v211.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_17/v212.go b/models/migrations/v1_17/v212.go
index e3f9437121..788792211f 100644
--- a/models/migrations/v1_17/v212.go
+++ b/models/migrations/v1_17/v212.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_17/v213.go b/models/migrations/v1_17/v213.go
index bb3f466e52..b2bbdf7279 100644
--- a/models/migrations/v1_17/v213.go
+++ b/models/migrations/v1_17/v213.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_17/v214.go b/models/migrations/v1_17/v214.go
index 2268164919..1925324f0f 100644
--- a/models/migrations/v1_17/v214.go
+++ b/models/migrations/v1_17/v214.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_17/v215.go b/models/migrations/v1_17/v215.go
index b338f85417..748539225d 100644
--- a/models/migrations/v1_17/v215.go
+++ b/models/migrations/v1_17/v215.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"code.gitea.io/gitea/models/pull"
diff --git a/models/migrations/v1_17/v216.go b/models/migrations/v1_17/v216.go
index 268f472a42..37aeacb6fc 100644
--- a/models/migrations/v1_17/v216.go
+++ b/models/migrations/v1_17/v216.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 // This migration added non-ideal indices to the action table which on larger datasets slowed things down
 // it has been superseded by v218.go
diff --git a/models/migrations/v1_17/v217.go b/models/migrations/v1_17/v217.go
index 3f970b68a5..04626bcbc5 100644
--- a/models/migrations/v1_17/v217.go
+++ b/models/migrations/v1_17/v217.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_17/v218.go b/models/migrations/v1_17/v218.go
index 4c05a9b539..17d4cd89d4 100644
--- a/models/migrations/v1_17/v218.go
+++ b/models/migrations/v1_17/v218.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_17/v219.go b/models/migrations/v1_17/v219.go
index d266029fd9..6e335cb813 100644
--- a/models/migrations/v1_17/v219.go
+++ b/models/migrations/v1_17/v219.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"time"
diff --git a/models/migrations/v1_17/v220.go b/models/migrations/v1_17/v220.go
index 904ddc5192..4ac8c58e1e 100644
--- a/models/migrations/v1_17/v220.go
+++ b/models/migrations/v1_17/v220.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	packages_model "code.gitea.io/gitea/models/packages"
diff --git a/models/migrations/v1_17/v221.go b/models/migrations/v1_17/v221.go
index 9e159388bd..9e6a67eb18 100644
--- a/models/migrations/v1_17/v221.go
+++ b/models/migrations/v1_17/v221.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"encoding/base32"
diff --git a/models/migrations/v1_17/v221_test.go b/models/migrations/v1_17/v221_test.go
index 9ca54142e2..a2dc0fae55 100644
--- a/models/migrations/v1_17/v221_test.go
+++ b/models/migrations/v1_17/v221_test.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"encoding/base32"
diff --git a/models/migrations/v1_17/v222.go b/models/migrations/v1_17/v222.go
index 2ffb94eb1c..a5ea537d8a 100644
--- a/models/migrations/v1_17/v222.go
+++ b/models/migrations/v1_17/v222.go
@@ -1,10 +1,11 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/models/migrations/base"
@@ -29,7 +30,7 @@ func DropOldCredentialIDColumn(x *xorm.Engine) error {
 	}
 	if !credentialIDBytesExists {
 		// looks like 221 hasn't properly run
-		return fmt.Errorf("webauthn_credential does not have a credential_id_bytes column... it is not safe to run this migration")
+		return errors.New("webauthn_credential does not have a credential_id_bytes column... it is not safe to run this migration")
 	}
 
 	// Create webauthnCredential table
diff --git a/models/migrations/v1_17/v223.go b/models/migrations/v1_17/v223.go
index 018451ee4c..b2bfb76551 100644
--- a/models/migrations/v1_17/v223.go
+++ b/models/migrations/v1_17/v223.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_17 //nolint
+package v1_17
 
 import (
 	"context"
diff --git a/models/migrations/v1_18/main_test.go b/models/migrations/v1_18/main_test.go
index f71a21d1fb..ebcfb45a94 100644
--- a/models/migrations/v1_18/main_test.go
+++ b/models/migrations/v1_18/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"testing"
diff --git a/models/migrations/v1_18/v224.go b/models/migrations/v1_18/v224.go
index f3d522b91a..6dc12020ea 100644
--- a/models/migrations/v1_18/v224.go
+++ b/models/migrations/v1_18/v224.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_18/v225.go b/models/migrations/v1_18/v225.go
index b0ac3777fc..bc6117e38f 100644
--- a/models/migrations/v1_18/v225.go
+++ b/models/migrations/v1_18/v225.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_18/v226.go b/models/migrations/v1_18/v226.go
index f87e24b11d..8ed9761476 100644
--- a/models/migrations/v1_18/v226.go
+++ b/models/migrations/v1_18/v226.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"xorm.io/builder"
diff --git a/models/migrations/v1_18/v227.go b/models/migrations/v1_18/v227.go
index 5fe5dcd0c9..3aca686d59 100644
--- a/models/migrations/v1_18/v227.go
+++ b/models/migrations/v1_18/v227.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_18/v228.go b/models/migrations/v1_18/v228.go
index 3e7a36de15..b13f6461bd 100644
--- a/models/migrations/v1_18/v228.go
+++ b/models/migrations/v1_18/v228.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_18/v229.go b/models/migrations/v1_18/v229.go
index 10d9f35097..bc15e01390 100644
--- a/models/migrations/v1_18/v229.go
+++ b/models/migrations/v1_18/v229.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_18/v229_test.go b/models/migrations/v1_18/v229_test.go
index d489328c00..5722dd3557 100644
--- a/models/migrations/v1_18/v229_test.go
+++ b/models/migrations/v1_18/v229_test.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"testing"
diff --git a/models/migrations/v1_18/v230.go b/models/migrations/v1_18/v230.go
index ea5b4d02e1..078fce7643 100644
--- a/models/migrations/v1_18/v230.go
+++ b/models/migrations/v1_18/v230.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_18/v230_test.go b/models/migrations/v1_18/v230_test.go
index 40db4c2ffe..25b2f6525d 100644
--- a/models/migrations/v1_18/v230_test.go
+++ b/models/migrations/v1_18/v230_test.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_18 //nolint
+package v1_18
 
 import (
 	"testing"
diff --git a/models/migrations/v1_19/main_test.go b/models/migrations/v1_19/main_test.go
index 59f42af111..87e807be6e 100644
--- a/models/migrations/v1_19/main_test.go
+++ b/models/migrations/v1_19/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"testing"
diff --git a/models/migrations/v1_19/v231.go b/models/migrations/v1_19/v231.go
index 79e46132f0..8ef1e4e743 100644
--- a/models/migrations/v1_19/v231.go
+++ b/models/migrations/v1_19/v231.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_19/v232.go b/models/migrations/v1_19/v232.go
index 9caf587c1e..493dbc6df8 100644
--- a/models/migrations/v1_19/v232.go
+++ b/models/migrations/v1_19/v232.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_19/v233.go b/models/migrations/v1_19/v233.go
index ba4cd8e20b..9eb6d40509 100644
--- a/models/migrations/v1_19/v233.go
+++ b/models/migrations/v1_19/v233.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_19/v233_test.go b/models/migrations/v1_19/v233_test.go
index 32c10ab0f4..7436ff7483 100644
--- a/models/migrations/v1_19/v233_test.go
+++ b/models/migrations/v1_19/v233_test.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"testing"
@@ -64,7 +64,7 @@ func Test_AddHeaderAuthorizationEncryptedColWebhook(t *testing.T) {
 		assert.Equal(t, e.Meta, got[i].Meta)
 
 		if e.HeaderAuthorization == "" {
-			assert.Equal(t, "", got[i].HeaderAuthorizationEncrypted)
+			assert.Empty(t, got[i].HeaderAuthorizationEncrypted)
 		} else {
 			cipherhex := got[i].HeaderAuthorizationEncrypted
 			cleartext, err := secret.DecryptSecret(setting.SecretKey, cipherhex)
diff --git a/models/migrations/v1_19/v234.go b/models/migrations/v1_19/v234.go
index 728a580807..3475384d6f 100644
--- a/models/migrations/v1_19/v234.go
+++ b/models/migrations/v1_19/v234.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_19/v235.go b/models/migrations/v1_19/v235.go
index 3715de3920..297d90f65a 100644
--- a/models/migrations/v1_19/v235.go
+++ b/models/migrations/v1_19/v235.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_19/v236.go b/models/migrations/v1_19/v236.go
index f172a85b1f..0ed4d97a27 100644
--- a/models/migrations/v1_19/v236.go
+++ b/models/migrations/v1_19/v236.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_19/v237.go b/models/migrations/v1_19/v237.go
index b23c765aa5..cf30226ccd 100644
--- a/models/migrations/v1_19/v237.go
+++ b/models/migrations/v1_19/v237.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_19/v238.go b/models/migrations/v1_19/v238.go
index 266e6cea58..de681bfc7a 100644
--- a/models/migrations/v1_19/v238.go
+++ b/models/migrations/v1_19/v238.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_19/v239.go b/models/migrations/v1_19/v239.go
index 10076f2401..8f4a65be95 100644
--- a/models/migrations/v1_19/v239.go
+++ b/models/migrations/v1_19/v239.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_19/v240.go b/models/migrations/v1_19/v240.go
index 4505f86299..7fdbaeb9dc 100644
--- a/models/migrations/v1_19/v240.go
+++ b/models/migrations/v1_19/v240.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/models/db"
diff --git a/models/migrations/v1_19/v241.go b/models/migrations/v1_19/v241.go
index a617d6fd2f..e35801a057 100644
--- a/models/migrations/v1_19/v241.go
+++ b/models/migrations/v1_19/v241.go
@@ -1,7 +1,7 @@
 // Copyright 2022 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_19/v242.go b/models/migrations/v1_19/v242.go
index 4470835214..e9e759eaaa 100644
--- a/models/migrations/v1_19/v242.go
+++ b/models/migrations/v1_19/v242.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_19/v243.go b/models/migrations/v1_19/v243.go
index 55bbfafb2f..9c3f372594 100644
--- a/models/migrations/v1_19/v243.go
+++ b/models/migrations/v1_19/v243.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_19 //nolint
+package v1_19
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/main_test.go b/models/migrations/v1_20/main_test.go
index 92a1a9f622..2fd63a7118 100644
--- a/models/migrations/v1_20/main_test.go
+++ b/models/migrations/v1_20/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"testing"
diff --git a/models/migrations/v1_20/v244.go b/models/migrations/v1_20/v244.go
index 977566ad7d..76cdccaca5 100644
--- a/models/migrations/v1_20/v244.go
+++ b/models/migrations/v1_20/v244.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/v245.go b/models/migrations/v1_20/v245.go
index ab58d12880..4acb11416c 100644
--- a/models/migrations/v1_20/v245.go
+++ b/models/migrations/v1_20/v245.go
@@ -1,11 +1,10 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"context"
-	"fmt"
 
 	"code.gitea.io/gitea/models/migrations/base"
 	"code.gitea.io/gitea/modules/setting"
@@ -57,7 +56,7 @@ func RenameWebhookOrgToOwner(x *xorm.Engine) error {
 			return err
 		}
 		sqlType := x.Dialect().SQLType(inferredTable.GetColumn("org_id"))
-		if _, err := sess.Exec(fmt.Sprintf("ALTER TABLE `webhook` CHANGE org_id owner_id %s", sqlType)); err != nil {
+		if _, err := sess.Exec("ALTER TABLE `webhook` CHANGE org_id owner_id " + sqlType); err != nil {
 			return err
 		}
 	case setting.Database.Type.IsMSSQL():
diff --git a/models/migrations/v1_20/v246.go b/models/migrations/v1_20/v246.go
index e6340ef079..22bf723404 100644
--- a/models/migrations/v1_20/v246.go
+++ b/models/migrations/v1_20/v246.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/v247.go b/models/migrations/v1_20/v247.go
index 59fc5c46b5..4f82937e18 100644
--- a/models/migrations/v1_20/v247.go
+++ b/models/migrations/v1_20/v247.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_20/v248.go b/models/migrations/v1_20/v248.go
index 40555210e7..4f2091e4bc 100644
--- a/models/migrations/v1_20/v248.go
+++ b/models/migrations/v1_20/v248.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_20/v249.go b/models/migrations/v1_20/v249.go
index 02951a74d6..c6d3a177ca 100644
--- a/models/migrations/v1_20/v249.go
+++ b/models/migrations/v1_20/v249.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_20/v250.go b/models/migrations/v1_20/v250.go
index 86388ef0b8..ec45e6e5c3 100644
--- a/models/migrations/v1_20/v250.go
+++ b/models/migrations/v1_20/v250.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"strings"
diff --git a/models/migrations/v1_20/v251.go b/models/migrations/v1_20/v251.go
index 7743248a3f..a274c22a73 100644
--- a/models/migrations/v1_20/v251.go
+++ b/models/migrations/v1_20/v251.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_20/v252.go b/models/migrations/v1_20/v252.go
index ab61cd9b8b..d6aa602753 100644
--- a/models/migrations/v1_20/v252.go
+++ b/models/migrations/v1_20/v252.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_20/v253.go b/models/migrations/v1_20/v253.go
index 96c494bd8d..c96454dbf9 100644
--- a/models/migrations/v1_20/v253.go
+++ b/models/migrations/v1_20/v253.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/log"
diff --git a/models/migrations/v1_20/v254.go b/models/migrations/v1_20/v254.go
index 1e26979a5b..9cdbfb3916 100644
--- a/models/migrations/v1_20/v254.go
+++ b/models/migrations/v1_20/v254.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/v255.go b/models/migrations/v1_20/v255.go
index 14b70f8f96..caf198700e 100644
--- a/models/migrations/v1_20/v255.go
+++ b/models/migrations/v1_20/v255.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_20/v256.go b/models/migrations/v1_20/v256.go
index 822153b93e..7b84c1e154 100644
--- a/models/migrations/v1_20/v256.go
+++ b/models/migrations/v1_20/v256.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/v257.go b/models/migrations/v1_20/v257.go
index 6c6ca4c748..9d5f7c07df 100644
--- a/models/migrations/v1_20/v257.go
+++ b/models/migrations/v1_20/v257.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_20/v258.go b/models/migrations/v1_20/v258.go
index 47174ce805..1d3faffdae 100644
--- a/models/migrations/v1_20/v258.go
+++ b/models/migrations/v1_20/v258.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_20/v259.go b/models/migrations/v1_20/v259.go
index 5b8ced4ad7..9e0dc9b61d 100644
--- a/models/migrations/v1_20/v259.go
+++ b/models/migrations/v1_20/v259.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"fmt"
@@ -329,7 +329,7 @@ func ConvertScopedAccessTokens(x *xorm.Engine) error {
 	for _, token := range tokens {
 		var scopes []string
 		allNewScopesMap := make(map[AccessTokenScope]bool)
-		for _, oldScope := range strings.Split(token.Scope, ",") {
+		for oldScope := range strings.SplitSeq(token.Scope, ",") {
 			if newScopes, exists := accessTokenScopeMap[OldAccessTokenScope(oldScope)]; exists {
 				for _, newScope := range newScopes {
 					allNewScopesMap[newScope] = true
diff --git a/models/migrations/v1_20/v259_test.go b/models/migrations/v1_20/v259_test.go
index 5bc9a71391..0bf63719e5 100644
--- a/models/migrations/v1_20/v259_test.go
+++ b/models/migrations/v1_20/v259_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_20 //nolint
+package v1_20
 
 import (
 	"sort"
@@ -96,7 +96,7 @@ func Test_ConvertScopedAccessTokens(t *testing.T) {
 	tokens := make([]AccessToken, 0)
 	err = x.Find(&tokens)
 	assert.NoError(t, err)
-	assert.Equal(t, len(tests), len(tokens))
+	assert.Len(t, tokens, len(tests))
 
 	// sort the tokens (insertion order by auto-incrementing primary key)
 	sort.Slice(tokens, func(i, j int) bool {
diff --git a/models/migrations/v1_21/main_test.go b/models/migrations/v1_21/main_test.go
index 9afdea1677..536a7ade08 100644
--- a/models/migrations/v1_21/main_test.go
+++ b/models/migrations/v1_21/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"testing"
diff --git a/models/migrations/v1_21/v260.go b/models/migrations/v1_21/v260.go
index 6ca52c5998..8540c58ae8 100644
--- a/models/migrations/v1_21/v260.go
+++ b/models/migrations/v1_21/v260.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_21/v261.go b/models/migrations/v1_21/v261.go
index 4ec1160d0b..122b98eb93 100644
--- a/models/migrations/v1_21/v261.go
+++ b/models/migrations/v1_21/v261.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_21/v262.go b/models/migrations/v1_21/v262.go
index 23e900572a..6e88e29b9d 100644
--- a/models/migrations/v1_21/v262.go
+++ b/models/migrations/v1_21/v262.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v263.go b/models/migrations/v1_21/v263.go
index 2c7cbadf0d..55c418bde0 100644
--- a/models/migrations/v1_21/v263.go
+++ b/models/migrations/v1_21/v263.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_21/v264.go b/models/migrations/v1_21/v264.go
index e81a17ad6d..7fc0ec6024 100644
--- a/models/migrations/v1_21/v264.go
+++ b/models/migrations/v1_21/v264.go
@@ -1,11 +1,11 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/timeutil"
@@ -57,7 +57,7 @@ func AddBranchTable(x *xorm.Engine) error {
 	if err != nil {
 		return err
 	} else if !has {
-		return fmt.Errorf("no admin user found")
+		return errors.New("no admin user found")
 	}
 
 	branches := make([]Branch, 0, 100)
diff --git a/models/migrations/v1_21/v265.go b/models/migrations/v1_21/v265.go
index 800eb95f72..b6892acc27 100644
--- a/models/migrations/v1_21/v265.go
+++ b/models/migrations/v1_21/v265.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v266.go b/models/migrations/v1_21/v266.go
index 79a5f5e14c..440549e868 100644
--- a/models/migrations/v1_21/v266.go
+++ b/models/migrations/v1_21/v266.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v267.go b/models/migrations/v1_21/v267.go
index bc0e954bdc..394139a17e 100644
--- a/models/migrations/v1_21/v267.go
+++ b/models/migrations/v1_21/v267.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_21/v268.go b/models/migrations/v1_21/v268.go
index 332793ff07..b677d2383e 100644
--- a/models/migrations/v1_21/v268.go
+++ b/models/migrations/v1_21/v268.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v269.go b/models/migrations/v1_21/v269.go
index 475ec02380..042040927d 100644
--- a/models/migrations/v1_21/v269.go
+++ b/models/migrations/v1_21/v269.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v270.go b/models/migrations/v1_21/v270.go
index b9cc84d3ac..ab7c5660ba 100644
--- a/models/migrations/v1_21/v270.go
+++ b/models/migrations/v1_21/v270.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v271.go b/models/migrations/v1_21/v271.go
index 098f6499d5..05e1af1351 100644
--- a/models/migrations/v1_21/v271.go
+++ b/models/migrations/v1_21/v271.go
@@ -1,7 +1,8 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
+
 import (
 	"code.gitea.io/gitea/modules/timeutil"
 
diff --git a/models/migrations/v1_21/v272.go b/models/migrations/v1_21/v272.go
index a729c49f1b..14c1e0c4b0 100644
--- a/models/migrations/v1_21/v272.go
+++ b/models/migrations/v1_21/v272.go
@@ -1,7 +1,8 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
+
 import (
 	"xorm.io/xorm"
 )
diff --git a/models/migrations/v1_21/v273.go b/models/migrations/v1_21/v273.go
index 61c79f4a76..e614a56a7d 100644
--- a/models/migrations/v1_21/v273.go
+++ b/models/migrations/v1_21/v273.go
@@ -1,7 +1,8 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
+
 import (
 	"code.gitea.io/gitea/modules/timeutil"
 
diff --git a/models/migrations/v1_21/v274.go b/models/migrations/v1_21/v274.go
index df5994f159..d0b557a151 100644
--- a/models/migrations/v1_21/v274.go
+++ b/models/migrations/v1_21/v274.go
@@ -1,7 +1,8 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
+
 import (
 	"time"
 
diff --git a/models/migrations/v1_21/v275.go b/models/migrations/v1_21/v275.go
index 78804a59d6..2bfe5c72fa 100644
--- a/models/migrations/v1_21/v275.go
+++ b/models/migrations/v1_21/v275.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v276.go b/models/migrations/v1_21/v276.go
index 9d22c9052e..3ab7e22cd0 100644
--- a/models/migrations/v1_21/v276.go
+++ b/models/migrations/v1_21/v276.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"context"
diff --git a/models/migrations/v1_21/v277.go b/models/migrations/v1_21/v277.go
index 12529160b7..0c102eddde 100644
--- a/models/migrations/v1_21/v277.go
+++ b/models/migrations/v1_21/v277.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v278.go b/models/migrations/v1_21/v278.go
index d6a462d1e7..846f228678 100644
--- a/models/migrations/v1_21/v278.go
+++ b/models/migrations/v1_21/v278.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_21/v279.go b/models/migrations/v1_21/v279.go
index 2abd1bbe84..beb39effe1 100644
--- a/models/migrations/v1_21/v279.go
+++ b/models/migrations/v1_21/v279.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_21 //nolint
+package v1_21
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_22/main_test.go b/models/migrations/v1_22/main_test.go
index efd8dbaa8c..ac8facd6aa 100644
--- a/models/migrations/v1_22/main_test.go
+++ b/models/migrations/v1_22/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"testing"
diff --git a/models/migrations/v1_22/v280.go b/models/migrations/v1_22/v280.go
index a8ee4a3bf7..2271cb6089 100644
--- a/models/migrations/v1_22/v280.go
+++ b/models/migrations/v1_22/v280.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_22/v281.go b/models/migrations/v1_22/v281.go
index fc1866aa83..129ec2cba0 100644
--- a/models/migrations/v1_22/v281.go
+++ b/models/migrations/v1_22/v281.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_22/v282.go b/models/migrations/v1_22/v282.go
index baad9e0916..eed64c30f7 100644
--- a/models/migrations/v1_22/v282.go
+++ b/models/migrations/v1_22/v282.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_22/v283.go b/models/migrations/v1_22/v283.go
index 0a45c51245..0eca031b65 100644
--- a/models/migrations/v1_22/v283.go
+++ b/models/migrations/v1_22/v283.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_22/v283_test.go b/models/migrations/v1_22/v283_test.go
index e89a7cbfc2..743f860466 100644
--- a/models/migrations/v1_22/v283_test.go
+++ b/models/migrations/v1_22/v283_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"testing"
diff --git a/models/migrations/v1_22/v284.go b/models/migrations/v1_22/v284.go
index 2b95078980..31b38f6aed 100644
--- a/models/migrations/v1_22/v284.go
+++ b/models/migrations/v1_22/v284.go
@@ -1,7 +1,8 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
+
 import (
 	"xorm.io/xorm"
 )
diff --git a/models/migrations/v1_22/v285.go b/models/migrations/v1_22/v285.go
index a55cc17c04..fed89f670e 100644
--- a/models/migrations/v1_22/v285.go
+++ b/models/migrations/v1_22/v285.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"time"
diff --git a/models/migrations/v1_22/v286.go b/models/migrations/v1_22/v286.go
index 1fcde33202..f3ba50dbb6 100644
--- a/models/migrations/v1_22/v286.go
+++ b/models/migrations/v1_22/v286.go
@@ -1,6 +1,6 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
-package v1_22 //nolint
+package v1_22
 
 import (
 	"errors"
diff --git a/models/migrations/v1_22/v286_test.go b/models/migrations/v1_22/v286_test.go
index 1f213ddb6e..b4a50f6fcb 100644
--- a/models/migrations/v1_22/v286_test.go
+++ b/models/migrations/v1_22/v286_test.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"testing"
@@ -108,11 +108,11 @@ func Test_RepositoryFormat(t *testing.T) {
 	ok, err := x.ID(2).Get(repo)
 	assert.NoError(t, err)
 	assert.True(t, ok)
-	assert.EqualValues(t, "sha1", repo.ObjectFormatName)
+	assert.Equal(t, "sha1", repo.ObjectFormatName)
 
 	repo = new(Repository)
 	ok, err = x.ID(id).Get(repo)
 	assert.NoError(t, err)
 	assert.True(t, ok)
-	assert.EqualValues(t, "sha256", repo.ObjectFormatName)
+	assert.Equal(t, "sha256", repo.ObjectFormatName)
 }
diff --git a/models/migrations/v1_22/v287.go b/models/migrations/v1_22/v287.go
index c8b1593286..5fd901f9de 100644
--- a/models/migrations/v1_22/v287.go
+++ b/models/migrations/v1_22/v287.go
@@ -1,7 +1,7 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_22/v287_test.go b/models/migrations/v1_22/v287_test.go
index 9c7b10947d..2b42a33c38 100644
--- a/models/migrations/v1_22/v287_test.go
+++ b/models/migrations/v1_22/v287_test.go
@@ -1,10 +1,10 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
-	"fmt"
+	"strconv"
 	"testing"
 
 	"code.gitea.io/gitea/models/migrations/base"
@@ -50,7 +50,7 @@ func Test_UpdateBadgeColName(t *testing.T) {
 	for i, e := range oldBadges {
 		got := got[i+1] // 1 is in the badge.yml
 		assert.Equal(t, e.ID, got.ID)
-		assert.Equal(t, fmt.Sprintf("%d", e.ID), got.Slug)
+		assert.Equal(t, strconv.FormatInt(e.ID, 10), got.Slug)
 	}
 
 	// TODO: check if badges have been updated
diff --git a/models/migrations/v1_22/v288.go b/models/migrations/v1_22/v288.go
index 7c93bfcc66..26c850c218 100644
--- a/models/migrations/v1_22/v288.go
+++ b/models/migrations/v1_22/v288.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_22/v289.go b/models/migrations/v1_22/v289.go
index b9941aadd9..78689a4ffa 100644
--- a/models/migrations/v1_22/v289.go
+++ b/models/migrations/v1_22/v289.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_22/v290.go b/models/migrations/v1_22/v290.go
index 9c54d4e87c..0f4d78410c 100644
--- a/models/migrations/v1_22/v290.go
+++ b/models/migrations/v1_22/v290.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_22/v291.go b/models/migrations/v1_22/v291.go
index 74726fae96..823a644a95 100644
--- a/models/migrations/v1_22/v291.go
+++ b/models/migrations/v1_22/v291.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_22/v292.go b/models/migrations/v1_22/v292.go
index beca556aee..440f48ce80 100644
--- a/models/migrations/v1_22/v292.go
+++ b/models/migrations/v1_22/v292.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 // NOTE: noop the original migration has bug which some projects will be skip, so
 // these projects will have no default board.
diff --git a/models/migrations/v1_22/v293.go b/models/migrations/v1_22/v293.go
index 53cc719294..5299b8618f 100644
--- a/models/migrations/v1_22/v293.go
+++ b/models/migrations/v1_22/v293.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_22/v293_test.go b/models/migrations/v1_22/v293_test.go
index cfe4345143..2c8f7683a8 100644
--- a/models/migrations/v1_22/v293_test.go
+++ b/models/migrations/v1_22/v293_test.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"testing"
diff --git a/models/migrations/v1_22/v294.go b/models/migrations/v1_22/v294.go
index 20e261fb1b..8776e51a16 100644
--- a/models/migrations/v1_22/v294.go
+++ b/models/migrations/v1_22/v294.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_22/v294_test.go b/models/migrations/v1_22/v294_test.go
index a1d702cb77..1cf03d6120 100644
--- a/models/migrations/v1_22/v294_test.go
+++ b/models/migrations/v1_22/v294_test.go
@@ -1,10 +1,9 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
-	"slices"
 	"testing"
 
 	"code.gitea.io/gitea/models/migrations/base"
@@ -44,7 +43,7 @@ func Test_AddUniqueIndexForProjectIssue(t *testing.T) {
 	for _, index := range tables[0].Indexes {
 		if index.Type == schemas.UniqueType {
 			found = true
-			slices.Equal(index.Cols, []string{"project_id", "issue_id"})
+			assert.ElementsMatch(t, index.Cols, []string{"project_id", "issue_id"})
 			break
 		}
 	}
diff --git a/models/migrations/v1_22/v295.go b/models/migrations/v1_22/v295.go
index 17bdadb4ad..319b1a399b 100644
--- a/models/migrations/v1_22/v295.go
+++ b/models/migrations/v1_22/v295.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_22/v296.go b/models/migrations/v1_22/v296.go
index 1ecacab95f..75350f9f65 100644
--- a/models/migrations/v1_22/v296.go
+++ b/models/migrations/v1_22/v296.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_22/v297.go b/models/migrations/v1_22/v297.go
index 7d4b506925..9a4405f266 100644
--- a/models/migrations/v1_22/v297.go
+++ b/models/migrations/v1_22/v297.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import (
 	"code.gitea.io/gitea/models/perm"
diff --git a/models/migrations/v1_22/v298.go b/models/migrations/v1_22/v298.go
index b9f3b95ade..7700173a00 100644
--- a/models/migrations/v1_22/v298.go
+++ b/models/migrations/v1_22/v298.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_22 //nolint
+package v1_22
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_23/main_test.go b/models/migrations/v1_23/main_test.go
index b7948bd4dd..f7b2caed83 100644
--- a/models/migrations/v1_23/main_test.go
+++ b/models/migrations/v1_23/main_test.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"testing"
diff --git a/models/migrations/v1_23/v299.go b/models/migrations/v1_23/v299.go
index f6db960c3b..11021d8855 100644
--- a/models/migrations/v1_23/v299.go
+++ b/models/migrations/v1_23/v299.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import "xorm.io/xorm"
 
@@ -14,5 +14,9 @@ func AddContentVersionToIssueAndComment(x *xorm.Engine) error {
 		ContentVersion int `xorm:"NOT NULL DEFAULT 0"`
 	}
 
-	return x.Sync(new(Comment), new(Issue))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(Comment), new(Issue))
+	return err
 }
diff --git a/models/migrations/v1_23/v300.go b/models/migrations/v1_23/v300.go
index f1f1cccdbf..13c6489c5e 100644
--- a/models/migrations/v1_23/v300.go
+++ b/models/migrations/v1_23/v300.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import "xorm.io/xorm"
 
@@ -13,5 +13,9 @@ func AddForcePushBranchProtection(x *xorm.Engine) error {
 		ForcePushAllowlistTeamIDs    []int64 `xorm:"JSON TEXT"`
 		ForcePushAllowlistDeployKeys bool    `xorm:"NOT NULL DEFAULT false"`
 	}
-	return x.Sync(new(ProtectedBranch))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(ProtectedBranch))
+	return err
 }
diff --git a/models/migrations/v1_23/v301.go b/models/migrations/v1_23/v301.go
index b7797f6c6b..ed8e9ef059 100644
--- a/models/migrations/v1_23/v301.go
+++ b/models/migrations/v1_23/v301.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import "xorm.io/xorm"
 
@@ -10,5 +10,9 @@ func AddSkipSecondaryAuthColumnToOAuth2ApplicationTable(x *xorm.Engine) error {
 	type oauth2Application struct {
 		SkipSecondaryAuthorization bool `xorm:"NOT NULL DEFAULT FALSE"`
 	}
-	return x.Sync(new(oauth2Application))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(oauth2Application))
+	return err
 }
diff --git a/models/migrations/v1_23/v302.go b/models/migrations/v1_23/v302.go
index d7ea03eb3d..e4a50b3ec8 100644
--- a/models/migrations/v1_23/v302.go
+++ b/models/migrations/v1_23/v302.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
@@ -14,5 +14,8 @@ func AddIndexToActionTaskStoppedLogExpired(x *xorm.Engine) error {
 		Stopped    timeutil.TimeStamp `xorm:"index(stopped_log_expired)"`
 		LogExpired bool               `xorm:"index(stopped_log_expired)"`
 	}
-	return x.Sync(new(ActionTask))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreDropIndices: true,
+	}, new(ActionTask))
+	return err
 }
diff --git a/models/migrations/v1_23/v302_test.go b/models/migrations/v1_23/v302_test.go
new file mode 100644
index 0000000000..b008b6fc03
--- /dev/null
+++ b/models/migrations/v1_23/v302_test.go
@@ -0,0 +1,51 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_23
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/migrations/base"
+	"code.gitea.io/gitea/modules/timeutil"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_AddIndexToActionTaskStoppedLogExpired(t *testing.T) {
+	type ActionTask struct {
+		ID       int64
+		JobID    int64
+		Attempt  int64
+		RunnerID int64              `xorm:"index"`
+		Status   int                `xorm:"index"`
+		Started  timeutil.TimeStamp `xorm:"index"`
+		Stopped  timeutil.TimeStamp `xorm:"index(stopped_log_expired)"`
+
+		RepoID            int64  `xorm:"index"`
+		OwnerID           int64  `xorm:"index"`
+		CommitSHA         string `xorm:"index"`
+		IsForkPullRequest bool
+
+		Token          string `xorm:"-"`
+		TokenHash      string `xorm:"UNIQUE"` // sha256 of token
+		TokenSalt      string
+		TokenLastEight string `xorm:"index token_last_eight"`
+
+		LogFilename  string  // file name of log
+		LogInStorage bool    // read log from database or from storage
+		LogLength    int64   // lines count
+		LogSize      int64   // blob size
+		LogIndexes   []int64 `xorm:"LONGBLOB"`                   // line number to offset
+		LogExpired   bool    `xorm:"index(stopped_log_expired)"` // files that are too old will be deleted
+
+		Created timeutil.TimeStamp `xorm:"created"`
+		Updated timeutil.TimeStamp `xorm:"updated index"`
+	}
+
+	// Prepare and load the testing database
+	x, deferable := base.PrepareTestEnv(t, 0, new(ActionTask))
+	defer deferable()
+
+	assert.NoError(t, AddIndexToActionTaskStoppedLogExpired(x))
+}
diff --git a/models/migrations/v1_23/v303.go b/models/migrations/v1_23/v303.go
index adfe917d3f..dc541a9535 100644
--- a/models/migrations/v1_23/v303.go
+++ b/models/migrations/v1_23/v303.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"xorm.io/xorm"
@@ -19,5 +19,9 @@ func AddCommentMetaDataColumn(x *xorm.Engine) error {
 		CommentMetaData *CommentMetaData `xorm:"JSON TEXT"` // put all non-index metadata in a single field
 	}
 
-	return x.Sync(new(Comment))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(Comment))
+	return err
 }
diff --git a/models/migrations/v1_23/v304.go b/models/migrations/v1_23/v304.go
index 65cffedbd9..35d4d4881a 100644
--- a/models/migrations/v1_23/v304.go
+++ b/models/migrations/v1_23/v304.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import "xorm.io/xorm"
 
@@ -9,5 +9,8 @@ func AddIndexForReleaseSha1(x *xorm.Engine) error {
 	type Release struct {
 		Sha1 string `xorm:"INDEX VARCHAR(64)"`
 	}
-	return x.Sync(new(Release))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreDropIndices: true,
+	}, new(Release))
+	return err
 }
diff --git a/models/migrations/v1_23/v304_test.go b/models/migrations/v1_23/v304_test.go
new file mode 100644
index 0000000000..c3dfa5e7e7
--- /dev/null
+++ b/models/migrations/v1_23/v304_test.go
@@ -0,0 +1,40 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_23
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/migrations/base"
+	"code.gitea.io/gitea/modules/timeutil"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_AddIndexForReleaseSha1(t *testing.T) {
+	type Release struct {
+		ID               int64  `xorm:"pk autoincr"`
+		RepoID           int64  `xorm:"INDEX UNIQUE(n)"`
+		PublisherID      int64  `xorm:"INDEX"`
+		TagName          string `xorm:"INDEX UNIQUE(n)"`
+		OriginalAuthor   string
+		OriginalAuthorID int64 `xorm:"index"`
+		LowerTagName     string
+		Target           string
+		Title            string
+		Sha1             string `xorm:"VARCHAR(64)"`
+		NumCommits       int64
+		Note             string             `xorm:"TEXT"`
+		IsDraft          bool               `xorm:"NOT NULL DEFAULT false"`
+		IsPrerelease     bool               `xorm:"NOT NULL DEFAULT false"`
+		IsTag            bool               `xorm:"NOT NULL DEFAULT false"` // will be true only if the record is a tag and has no related releases
+		CreatedUnix      timeutil.TimeStamp `xorm:"INDEX"`
+	}
+
+	// Prepare and load the testing database
+	x, deferable := base.PrepareTestEnv(t, 0, new(Release))
+	defer deferable()
+
+	assert.NoError(t, AddIndexForReleaseSha1(x))
+}
diff --git a/models/migrations/v1_23/v305.go b/models/migrations/v1_23/v305.go
index 4d881192b2..3762279de1 100644
--- a/models/migrations/v1_23/v305.go
+++ b/models/migrations/v1_23/v305.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_23/v306.go b/models/migrations/v1_23/v306.go
index 276b438e95..c5c89dbeb8 100644
--- a/models/migrations/v1_23/v306.go
+++ b/models/migrations/v1_23/v306.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import "xorm.io/xorm"
 
@@ -9,5 +9,9 @@ func AddBlockAdminMergeOverrideBranchProtection(x *xorm.Engine) error {
 	type ProtectedBranch struct {
 		BlockAdminMergeOverride bool `xorm:"NOT NULL DEFAULT false"`
 	}
-	return x.Sync(new(ProtectedBranch))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(ProtectedBranch))
+	return err
 }
diff --git a/models/migrations/v1_23/v307.go b/models/migrations/v1_23/v307.go
index ef7f5f2c3f..54a69d250b 100644
--- a/models/migrations/v1_23/v307.go
+++ b/models/migrations/v1_23/v307.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_23/v308.go b/models/migrations/v1_23/v308.go
index 1e8a9b0af2..695fdfcc2d 100644
--- a/models/migrations/v1_23/v308.go
+++ b/models/migrations/v1_23/v308.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_23/v309.go b/models/migrations/v1_23/v309.go
index 5b39398443..e629b718a8 100644
--- a/models/migrations/v1_23/v309.go
+++ b/models/migrations/v1_23/v309.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_23/v310.go b/models/migrations/v1_23/v310.go
index 394417f5a0..074b1c54d3 100644
--- a/models/migrations/v1_23/v310.go
+++ b/models/migrations/v1_23/v310.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"xorm.io/xorm"
@@ -12,5 +12,9 @@ func AddPriorityToProtectedBranch(x *xorm.Engine) error {
 		Priority int64 `xorm:"NOT NULL DEFAULT 0"`
 	}
 
-	return x.Sync(new(ProtectedBranch))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(ProtectedBranch))
+	return err
 }
diff --git a/models/migrations/v1_23/v311.go b/models/migrations/v1_23/v311.go
index 0fc1ac8c0e..ef48085c79 100644
--- a/models/migrations/v1_23/v311.go
+++ b/models/migrations/v1_23/v311.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_23 //nolint
+package v1_23
 
 import (
 	"xorm.io/xorm"
@@ -11,6 +11,9 @@ func AddTimeEstimateColumnToIssueTable(x *xorm.Engine) error {
 	type Issue struct {
 		TimeEstimate int64 `xorm:"NOT NULL DEFAULT 0"`
 	}
-
-	return x.Sync(new(Issue))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(Issue))
+	return err
 }
diff --git a/models/migrations/v1_24/v312.go b/models/migrations/v1_24/v312.go
index 9766dc1ccf..823b0eae40 100644
--- a/models/migrations/v1_24/v312.go
+++ b/models/migrations/v1_24/v312.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"xorm.io/xorm"
@@ -17,5 +17,9 @@ func (pullAutoMerge) TableName() string {
 }
 
 func AddDeleteBranchAfterMergeForAutoMerge(x *xorm.Engine) error {
-	return x.Sync(new(pullAutoMerge))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(pullAutoMerge))
+	return err
 }
diff --git a/models/migrations/v1_24/v313.go b/models/migrations/v1_24/v313.go
index ee9d479340..7e6cda6bfd 100644
--- a/models/migrations/v1_24/v313.go
+++ b/models/migrations/v1_24/v313.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_24/v314.go b/models/migrations/v1_24/v314.go
index e537be13b5..51cb2e34aa 100644
--- a/models/migrations/v1_24/v314.go
+++ b/models/migrations/v1_24/v314.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_24/v315.go b/models/migrations/v1_24/v315.go
index aefb872d0f..52b9b44785 100644
--- a/models/migrations/v1_24/v315.go
+++ b/models/migrations/v1_24/v315.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"xorm.io/xorm"
@@ -11,6 +11,9 @@ func AddEphemeralToActionRunner(x *xorm.Engine) error {
 	type ActionRunner struct {
 		Ephemeral bool `xorm:"ephemeral NOT NULL DEFAULT false"`
 	}
-
-	return x.Sync(new(ActionRunner))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(ActionRunner))
+	return err
 }
diff --git a/models/migrations/v1_24/v316.go b/models/migrations/v1_24/v316.go
index 0378133e53..14e888f9ee 100644
--- a/models/migrations/v1_24/v316.go
+++ b/models/migrations/v1_24/v316.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"xorm.io/xorm"
@@ -16,5 +16,9 @@ func AddDescriptionForSecretsAndVariables(x *xorm.Engine) error {
 		Description string `xorm:"TEXT"`
 	}
 
-	return x.Sync(new(Secret), new(ActionVariable))
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(Secret), new(ActionVariable))
+	return err
 }
diff --git a/models/migrations/v1_24/v317.go b/models/migrations/v1_24/v317.go
index 3da5a4a078..a13db2dd27 100644
--- a/models/migrations/v1_24/v317.go
+++ b/models/migrations/v1_24/v317.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_24 //nolint
+package v1_24
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_24/v318.go b/models/migrations/v1_24/v318.go
new file mode 100644
index 0000000000..9b4a540960
--- /dev/null
+++ b/models/migrations/v1_24/v318.go
@@ -0,0 +1,21 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_24
+
+import (
+	"code.gitea.io/gitea/models/perm"
+
+	"xorm.io/xorm"
+)
+
+func AddRepoUnitAnonymousAccessMode(x *xorm.Engine) error {
+	type RepoUnit struct { //revive:disable-line:exported
+		AnonymousAccessMode perm.AccessMode `xorm:"NOT NULL DEFAULT 0"`
+	}
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(RepoUnit))
+	return err
+}
diff --git a/models/migrations/v1_24/v319.go b/models/migrations/v1_24/v319.go
new file mode 100644
index 0000000000..648081f74e
--- /dev/null
+++ b/models/migrations/v1_24/v319.go
@@ -0,0 +1,19 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_24
+
+import (
+	"xorm.io/xorm"
+)
+
+func AddExclusiveOrderColumnToLabelTable(x *xorm.Engine) error {
+	type Label struct {
+		ExclusiveOrder int `xorm:"DEFAULT 0"`
+	}
+	_, err := x.SyncWithOptions(xorm.SyncOptions{
+		IgnoreConstrains: true,
+		IgnoreIndices:    true,
+	}, new(Label))
+	return err
+}
diff --git a/models/migrations/v1_24/v320.go b/models/migrations/v1_24/v320.go
new file mode 100644
index 0000000000..ebef71939c
--- /dev/null
+++ b/models/migrations/v1_24/v320.go
@@ -0,0 +1,57 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_24
+
+import (
+	"code.gitea.io/gitea/modules/json"
+
+	"xorm.io/xorm"
+)
+
+func MigrateSkipTwoFactor(x *xorm.Engine) error {
+	type LoginSource struct {
+		TwoFactorPolicy string `xorm:"two_factor_policy NOT NULL DEFAULT ''"`
+	}
+	_, err := x.SyncWithOptions(
+		xorm.SyncOptions{
+			IgnoreConstrains: true,
+			IgnoreIndices:    true,
+		},
+		new(LoginSource),
+	)
+	if err != nil {
+		return err
+	}
+
+	type LoginSourceSimple struct {
+		ID  int64
+		Cfg string
+	}
+
+	var loginSources []LoginSourceSimple
+	err = x.Table("login_source").Find(&loginSources)
+	if err != nil {
+		return err
+	}
+
+	for _, source := range loginSources {
+		if source.Cfg == "" {
+			continue
+		}
+
+		var cfg map[string]any
+		err = json.Unmarshal([]byte(source.Cfg), &cfg)
+		if err != nil {
+			return err
+		}
+
+		if cfg["SkipLocalTwoFA"] == true {
+			_, err = x.Exec("UPDATE login_source SET two_factor_policy = 'skip' WHERE id = ?", source.ID)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
diff --git a/models/migrations/v1_25/main_test.go b/models/migrations/v1_25/main_test.go
new file mode 100644
index 0000000000..d2c4a4105d
--- /dev/null
+++ b/models/migrations/v1_25/main_test.go
@@ -0,0 +1,14 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_25
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/migrations/base"
+)
+
+func TestMain(m *testing.M) {
+	base.MainTest(m)
+}
diff --git a/models/migrations/v1_25/v321.go b/models/migrations/v1_25/v321.go
new file mode 100644
index 0000000000..73ef180f48
--- /dev/null
+++ b/models/migrations/v1_25/v321.go
@@ -0,0 +1,52 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_25
+
+import (
+	"code.gitea.io/gitea/models/migrations/base"
+	"code.gitea.io/gitea/modules/setting"
+
+	"xorm.io/xorm"
+	"xorm.io/xorm/schemas"
+)
+
+func UseLongTextInSomeColumnsAndFixBugs(x *xorm.Engine) error {
+	if !setting.Database.Type.IsMySQL() {
+		return nil // Only mysql need to change from text to long text, for other databases, they are the same
+	}
+
+	if err := base.ModifyColumn(x, "review_state", &schemas.Column{
+		Name: "updated_files",
+		SQLType: schemas.SQLType{
+			Name: "LONGTEXT",
+		},
+		Length:         0,
+		Nullable:       false,
+		DefaultIsEmpty: true,
+	}); err != nil {
+		return err
+	}
+
+	if err := base.ModifyColumn(x, "package_property", &schemas.Column{
+		Name: "value",
+		SQLType: schemas.SQLType{
+			Name: "LONGTEXT",
+		},
+		Length:         0,
+		Nullable:       false,
+		DefaultIsEmpty: true,
+	}); err != nil {
+		return err
+	}
+
+	return base.ModifyColumn(x, "notice", &schemas.Column{
+		Name: "description",
+		SQLType: schemas.SQLType{
+			Name: "LONGTEXT",
+		},
+		Length:         0,
+		Nullable:       false,
+		DefaultIsEmpty: true,
+	})
+}
diff --git a/models/migrations/v1_25/v321_test.go b/models/migrations/v1_25/v321_test.go
new file mode 100644
index 0000000000..4897783fd3
--- /dev/null
+++ b/models/migrations/v1_25/v321_test.go
@@ -0,0 +1,70 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package v1_25
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/migrations/base"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/timeutil"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_UseLongTextInSomeColumnsAndFixBugs(t *testing.T) {
+	if !setting.Database.Type.IsMySQL() {
+		t.Skip("Only MySQL needs to change from TEXT to LONGTEXT")
+	}
+
+	type ReviewState struct {
+		ID           int64              `xorm:"pk autoincr"`
+		UserID       int64              `xorm:"NOT NULL UNIQUE(pull_commit_user)"`
+		PullID       int64              `xorm:"NOT NULL INDEX UNIQUE(pull_commit_user) DEFAULT 0"` // Which PR was the review on?
+		CommitSHA    string             `xorm:"NOT NULL VARCHAR(64) UNIQUE(pull_commit_user)"`     // Which commit was the head commit for the review?
+		UpdatedFiles map[string]int     `xorm:"NOT NULL TEXT JSON"`                                // Stores for each of the changed files of a PR whether they have been viewed, changed since last viewed, or not viewed
+		UpdatedUnix  timeutil.TimeStamp `xorm:"updated"`                                           // Is an accurate indicator of the order of commits as we do not expect it to be possible to make reviews on previous commits
+	}
+
+	type PackageProperty struct {
+		ID      int64  `xorm:"pk autoincr"`
+		RefType int    `xorm:"INDEX NOT NULL"`
+		RefID   int64  `xorm:"INDEX NOT NULL"`
+		Name    string `xorm:"INDEX NOT NULL"`
+		Value   string `xorm:"TEXT NOT NULL"`
+	}
+
+	type Notice struct {
+		ID          int64 `xorm:"pk autoincr"`
+		Type        int
+		Description string             `xorm:"LONGTEXT"`
+		CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
+	}
+
+	// Prepare and load the testing database
+	x, deferable := base.PrepareTestEnv(t, 0, new(ReviewState), new(PackageProperty), new(Notice))
+	defer deferable()
+
+	assert.NoError(t, UseLongTextInSomeColumnsAndFixBugs(x))
+
+	tables, err := x.DBMetas()
+	assert.NoError(t, err)
+
+	for _, table := range tables {
+		switch table.Name {
+		case "review_state":
+			column := table.GetColumn("updated_files")
+			assert.NotNil(t, column)
+			assert.Equal(t, "LONGTEXT", column.SQLType.Name)
+		case "package_property":
+			column := table.GetColumn("value")
+			assert.NotNil(t, column)
+			assert.Equal(t, "LONGTEXT", column.SQLType.Name)
+		case "notice":
+			column := table.GetColumn("description")
+			assert.NotNil(t, column)
+			assert.Equal(t, "LONGTEXT", column.SQLType.Name)
+		}
+	}
+}
diff --git a/models/migrations/v1_6/v70.go b/models/migrations/v1_6/v70.go
index 74434a84a1..41f0966942 100644
--- a/models/migrations/v1_6/v70.go
+++ b/models/migrations/v1_6/v70.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_6 //nolint
+package v1_6
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_6/v71.go b/models/migrations/v1_6/v71.go
index 586187228b..2b11f57c92 100644
--- a/models/migrations/v1_6/v71.go
+++ b/models/migrations/v1_6/v71.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_6 //nolint
+package v1_6
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_6/v72.go b/models/migrations/v1_6/v72.go
index 04cef9a170..9fad88a1b6 100644
--- a/models/migrations/v1_6/v72.go
+++ b/models/migrations/v1_6/v72.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_6 //nolint
+package v1_6
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_7/v73.go b/models/migrations/v1_7/v73.go
index b5a748aae3..e0b7a28537 100644
--- a/models/migrations/v1_7/v73.go
+++ b/models/migrations/v1_7/v73.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_7 //nolint
+package v1_7
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_7/v74.go b/models/migrations/v1_7/v74.go
index f0567e3c9b..376be37a24 100644
--- a/models/migrations/v1_7/v74.go
+++ b/models/migrations/v1_7/v74.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_7 //nolint
+package v1_7
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_7/v75.go b/models/migrations/v1_7/v75.go
index fa7430970c..ef11575466 100644
--- a/models/migrations/v1_7/v75.go
+++ b/models/migrations/v1_7/v75.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_7 //nolint
+package v1_7
 
 import (
 	"xorm.io/builder"
diff --git a/models/migrations/v1_8/v76.go b/models/migrations/v1_8/v76.go
index d3fbd94deb..81e9307549 100644
--- a/models/migrations/v1_8/v76.go
+++ b/models/migrations/v1_8/v76.go
@@ -1,7 +1,7 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_8/v77.go b/models/migrations/v1_8/v77.go
index 8b19993924..4fe5ebe635 100644
--- a/models/migrations/v1_8/v77.go
+++ b/models/migrations/v1_8/v77.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_8/v78.go b/models/migrations/v1_8/v78.go
index 8f041c1484..e67f464131 100644
--- a/models/migrations/v1_8/v78.go
+++ b/models/migrations/v1_8/v78.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import (
 	"code.gitea.io/gitea/models/migrations/base"
diff --git a/models/migrations/v1_8/v79.go b/models/migrations/v1_8/v79.go
index eb3a9ed0f4..3f50114d5a 100644
--- a/models/migrations/v1_8/v79.go
+++ b/models/migrations/v1_8/v79.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import (
 	"code.gitea.io/gitea/modules/setting"
diff --git a/models/migrations/v1_8/v80.go b/models/migrations/v1_8/v80.go
index cebbbead28..6f9df47a93 100644
--- a/models/migrations/v1_8/v80.go
+++ b/models/migrations/v1_8/v80.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import "xorm.io/xorm"
 
diff --git a/models/migrations/v1_8/v81.go b/models/migrations/v1_8/v81.go
index a100dc1ef7..3c2acc6458 100644
--- a/models/migrations/v1_8/v81.go
+++ b/models/migrations/v1_8/v81.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_8 //nolint
+package v1_8
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_9/v82.go b/models/migrations/v1_9/v82.go
index 26806dd645..c685d3b86b 100644
--- a/models/migrations/v1_9/v82.go
+++ b/models/migrations/v1_9/v82.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_9/v83.go b/models/migrations/v1_9/v83.go
index 10e6c45875..a0cd57f7c5 100644
--- a/models/migrations/v1_9/v83.go
+++ b/models/migrations/v1_9/v83.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"code.gitea.io/gitea/modules/timeutil"
diff --git a/models/migrations/v1_9/v84.go b/models/migrations/v1_9/v84.go
index c7155fe9cf..423915ae57 100644
--- a/models/migrations/v1_9/v84.go
+++ b/models/migrations/v1_9/v84.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_9/v85.go b/models/migrations/v1_9/v85.go
index a23d7c5d6e..48e1cd5dc4 100644
--- a/models/migrations/v1_9/v85.go
+++ b/models/migrations/v1_9/v85.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"fmt"
diff --git a/models/migrations/v1_9/v86.go b/models/migrations/v1_9/v86.go
index cf2725d158..9464ff0cf6 100644
--- a/models/migrations/v1_9/v86.go
+++ b/models/migrations/v1_9/v86.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"xorm.io/xorm"
diff --git a/models/migrations/v1_9/v87.go b/models/migrations/v1_9/v87.go
index fa01b6e5e3..81a4ebf80d 100644
--- a/models/migrations/v1_9/v87.go
+++ b/models/migrations/v1_9/v87.go
@@ -1,7 +1,7 @@
 // Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package v1_9 //nolint
+package v1_9
 
 import (
 	"xorm.io/xorm"
diff --git a/models/organization/org.go b/models/organization/org.go
index 3e55a36758..5eba004d69 100644
--- a/models/organization/org.go
+++ b/models/organization/org.go
@@ -178,12 +178,6 @@ func (org *Organization) HomeLink() string {
 	return org.AsUser().HomeLink()
 }
 
-// CanCreateRepo returns if user login can create a repository
-// NOTE: functions calling this assume a failure due to repository count limit; if new checks are added, those functions should be revised
-func (org *Organization) CanCreateRepo() bool {
-	return org.AsUser().CanCreateRepo()
-}
-
 // FindOrgMembersOpts represensts find org members conditions
 type FindOrgMembersOpts struct {
 	db.ListOptions
@@ -316,74 +310,69 @@ func CreateOrganization(ctx context.Context, org *Organization, owner *user_mode
 	org.NumMembers = 1
 	org.Type = user_model.UserTypeOrganization
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = user_model.DeleteUserRedirect(ctx, org.Name); err != nil {
-		return err
-	}
-
-	if err = db.Insert(ctx, org); err != nil {
-		return fmt.Errorf("insert organization: %w", err)
-	}
-	if err = user_model.GenerateRandomAvatar(ctx, org.AsUser()); err != nil {
-		return fmt.Errorf("generate random avatar: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = user_model.DeleteUserRedirect(ctx, org.Name); err != nil {
+			return err
+		}
 
-	// Add initial creator to organization and owner team.
-	if err = db.Insert(ctx, &OrgUser{
-		UID:      owner.ID,
-		OrgID:    org.ID,
-		IsPublic: setting.Service.DefaultOrgMemberVisible,
-	}); err != nil {
-		return fmt.Errorf("insert org-user relation: %w", err)
-	}
+		if err = db.Insert(ctx, org); err != nil {
+			return fmt.Errorf("insert organization: %w", err)
+		}
+		if err = user_model.GenerateRandomAvatar(ctx, org.AsUser()); err != nil {
+			return fmt.Errorf("generate random avatar: %w", err)
+		}
 
-	// Create default owner team.
-	t := &Team{
-		OrgID:                   org.ID,
-		LowerName:               strings.ToLower(OwnerTeamName),
-		Name:                    OwnerTeamName,
-		AccessMode:              perm.AccessModeOwner,
-		NumMembers:              1,
-		IncludesAllRepositories: true,
-		CanCreateOrgRepo:        true,
-	}
-	if err = db.Insert(ctx, t); err != nil {
-		return fmt.Errorf("insert owner team: %w", err)
-	}
+		// Add initial creator to organization and owner team.
+		if err = db.Insert(ctx, &OrgUser{
+			UID:      owner.ID,
+			OrgID:    org.ID,
+			IsPublic: setting.Service.DefaultOrgMemberVisible,
+		}); err != nil {
+			return fmt.Errorf("insert org-user relation: %w", err)
+		}
 
-	// insert units for team
-	units := make([]TeamUnit, 0, len(unit.AllRepoUnitTypes))
-	for _, tp := range unit.AllRepoUnitTypes {
-		up := perm.AccessModeOwner
-		if tp == unit.TypeExternalTracker || tp == unit.TypeExternalWiki {
-			up = perm.AccessModeRead
+		// Create default owner team.
+		t := &Team{
+			OrgID:                   org.ID,
+			LowerName:               strings.ToLower(OwnerTeamName),
+			Name:                    OwnerTeamName,
+			AccessMode:              perm.AccessModeOwner,
+			NumMembers:              1,
+			IncludesAllRepositories: true,
+			CanCreateOrgRepo:        true,
+		}
+		if err = db.Insert(ctx, t); err != nil {
+			return fmt.Errorf("insert owner team: %w", err)
 		}
-		units = append(units, TeamUnit{
-			OrgID:      org.ID,
-			TeamID:     t.ID,
-			Type:       tp,
-			AccessMode: up,
-		})
-	}
 
-	if err = db.Insert(ctx, &units); err != nil {
-		return err
-	}
+		// insert units for team
+		units := make([]TeamUnit, 0, len(unit.AllRepoUnitTypes))
+		for _, tp := range unit.AllRepoUnitTypes {
+			up := perm.AccessModeOwner
+			if tp == unit.TypeExternalTracker || tp == unit.TypeExternalWiki {
+				up = perm.AccessModeRead
+			}
+			units = append(units, TeamUnit{
+				OrgID:      org.ID,
+				TeamID:     t.ID,
+				Type:       tp,
+				AccessMode: up,
+			})
+		}
 
-	if err = db.Insert(ctx, &TeamUser{
-		UID:    owner.ID,
-		OrgID:  org.ID,
-		TeamID: t.ID,
-	}); err != nil {
-		return fmt.Errorf("insert team-user relation: %w", err)
-	}
+		if err = db.Insert(ctx, &units); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		if err = db.Insert(ctx, &TeamUser{
+			UID:    owner.ID,
+			OrgID:  org.ID,
+			TeamID: t.ID,
+		}); err != nil {
+			return fmt.Errorf("insert team-user relation: %w", err)
+		}
+		return nil
+	})
 }
 
 // GetOrgByName returns organization by given name.
@@ -505,31 +494,26 @@ func AddOrgUser(ctx context.Context, orgID, uid int64) error {
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	// check in transaction
-	isAlreadyMember, err = IsOrganizationMember(ctx, orgID, uid)
-	if err != nil || isAlreadyMember {
-		return err
-	}
-
-	ou := &OrgUser{
-		UID:      uid,
-		OrgID:    orgID,
-		IsPublic: setting.Service.DefaultOrgMemberVisible,
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// check in transaction
+		isAlreadyMember, err = IsOrganizationMember(ctx, orgID, uid)
+		if err != nil || isAlreadyMember {
+			return err
+		}
 
-	if err := db.Insert(ctx, ou); err != nil {
-		return err
-	} else if _, err = db.Exec(ctx, "UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {
-		return err
-	}
+		ou := &OrgUser{
+			UID:      uid,
+			OrgID:    orgID,
+			IsPublic: setting.Service.DefaultOrgMemberVisible,
+		}
 
-	return committer.Commit()
+		if err := db.Insert(ctx, ou); err != nil {
+			return err
+		} else if _, err = db.Exec(ctx, "UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {
+			return err
+		}
+		return nil
+	})
 }
 
 // GetOrgByID returns the user object by given ID if exists.
@@ -608,8 +592,3 @@ func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder {
 			"team_user.uid":    userID,
 		})
 }
-
-// TeamsWithAccessToRepo returns all teams that have given access level to the repository.
-func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) {
-	return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode)
-}
diff --git a/models/organization/org_list.go b/models/organization/org_list.go
index 78ac0e704a..81457191fe 100644
--- a/models/organization/org_list.go
+++ b/models/organization/org_list.go
@@ -50,8 +50,8 @@ type SearchOrganizationsOptions struct {
 // FindOrgOptions finds orgs options
 type FindOrgOptions struct {
 	db.ListOptions
-	UserID         int64
-	IncludePrivate bool
+	UserID            int64
+	IncludeVisibility structs.VisibleType
 }
 
 func queryUserOrgIDs(userID int64, includePrivate bool) *builder.Builder {
@@ -65,11 +65,10 @@ func queryUserOrgIDs(userID int64, includePrivate bool) *builder.Builder {
 func (opts FindOrgOptions) ToConds() builder.Cond {
 	var cond builder.Cond = builder.Eq{"`user`.`type`": user_model.UserTypeOrganization}
 	if opts.UserID > 0 {
-		cond = cond.And(builder.In("`user`.`id`", queryUserOrgIDs(opts.UserID, opts.IncludePrivate)))
-	}
-	if !opts.IncludePrivate {
-		cond = cond.And(builder.Eq{"`user`.visibility": structs.VisibleTypePublic})
+		cond = cond.And(builder.In("`user`.`id`", queryUserOrgIDs(opts.UserID, opts.IncludeVisibility == structs.VisibleTypePrivate)))
 	}
+	// public=0, limited=1, private=2
+	cond = cond.And(builder.Lte{"`user`.visibility": opts.IncludeVisibility})
 	return cond
 }
 
@@ -77,6 +76,16 @@ func (opts FindOrgOptions) ToOrders() string {
 	return "`user`.lower_name ASC"
 }
 
+func DoerViewOtherVisibility(doer, other *user_model.User) structs.VisibleType {
+	if doer == nil || other == nil {
+		return structs.VisibleTypePublic
+	}
+	if doer.IsAdmin || doer.ID == other.ID {
+		return structs.VisibleTypePrivate
+	}
+	return structs.VisibleTypeLimited
+}
+
 // GetOrgsCanCreateRepoByUserID returns a list of organizations where given user ID
 // are allowed to create repos.
 func GetOrgsCanCreateRepoByUserID(ctx context.Context, userID int64) ([]*Organization, error) {
diff --git a/models/organization/org_list_test.go b/models/organization/org_list_test.go
index 0f0f8a4bcd..a2a25c6f91 100644
--- a/models/organization/org_list_test.go
+++ b/models/organization/org_list_test.go
@@ -10,25 +10,32 @@ import (
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/structs"
 
 	"github.com/stretchr/testify/assert"
 )
 
-func TestCountOrganizations(t *testing.T) {
+func TestOrgList(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
+	t.Run("CountOrganizations", testCountOrganizations)
+	t.Run("FindOrgs", testFindOrgs)
+	t.Run("GetUserOrgsList", testGetUserOrgsList)
+	t.Run("LoadOrgListTeams", testLoadOrgListTeams)
+	t.Run("DoerViewOtherVisibility", testDoerViewOtherVisibility)
+}
+
+func testCountOrganizations(t *testing.T) {
 	expected, err := db.GetEngine(db.DefaultContext).Where("type=?", user_model.UserTypeOrganization).Count(&organization.Organization{})
 	assert.NoError(t, err)
-	cnt, err := db.Count[organization.Organization](db.DefaultContext, organization.FindOrgOptions{IncludePrivate: true})
+	cnt, err := db.Count[organization.Organization](db.DefaultContext, organization.FindOrgOptions{IncludeVisibility: structs.VisibleTypePrivate})
 	assert.NoError(t, err)
 	assert.Equal(t, expected, cnt)
 }
 
-func TestFindOrgs(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-
+func testFindOrgs(t *testing.T) {
 	orgs, err := db.Find[organization.Organization](db.DefaultContext, organization.FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: true,
+		UserID:            4,
+		IncludeVisibility: structs.VisibleTypePrivate,
 	})
 	assert.NoError(t, err)
 	if assert.Len(t, orgs, 1) {
@@ -36,33 +43,30 @@ func TestFindOrgs(t *testing.T) {
 	}
 
 	orgs, err = db.Find[organization.Organization](db.DefaultContext, organization.FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: false,
+		UserID: 4,
 	})
 	assert.NoError(t, err)
 	assert.Empty(t, orgs)
 
 	total, err := db.Count[organization.Organization](db.DefaultContext, organization.FindOrgOptions{
-		UserID:         4,
-		IncludePrivate: true,
+		UserID:            4,
+		IncludeVisibility: structs.VisibleTypePrivate,
 	})
 	assert.NoError(t, err)
 	assert.EqualValues(t, 1, total)
 }
 
-func TestGetUserOrgsList(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
+func testGetUserOrgsList(t *testing.T) {
 	orgs, err := organization.GetUserOrgsList(db.DefaultContext, &user_model.User{ID: 4})
 	assert.NoError(t, err)
 	if assert.Len(t, orgs, 1) {
 		assert.EqualValues(t, 3, orgs[0].ID)
 		// repo_id: 3 is in the team, 32 is public, 5 is private with no team
-		assert.EqualValues(t, 2, orgs[0].NumRepos)
+		assert.Equal(t, 2, orgs[0].NumRepos)
 	}
 }
 
-func TestLoadOrgListTeams(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
+func testLoadOrgListTeams(t *testing.T) {
 	orgs, err := organization.GetUserOrgsList(db.DefaultContext, &user_model.User{ID: 4})
 	assert.NoError(t, err)
 	assert.Len(t, orgs, 1)
@@ -71,3 +75,10 @@ func TestLoadOrgListTeams(t *testing.T) {
 	assert.Len(t, teamsMap, 1)
 	assert.Len(t, teamsMap[3], 5)
 }
+
+func testDoerViewOtherVisibility(t *testing.T) {
+	assert.Equal(t, structs.VisibleTypePublic, organization.DoerViewOtherVisibility(nil, nil))
+	assert.Equal(t, structs.VisibleTypeLimited, organization.DoerViewOtherVisibility(&user_model.User{ID: 1}, &user_model.User{ID: 2}))
+	assert.Equal(t, structs.VisibleTypePrivate, organization.DoerViewOtherVisibility(&user_model.User{ID: 1}, &user_model.User{ID: 1}))
+	assert.Equal(t, structs.VisibleTypePrivate, organization.DoerViewOtherVisibility(&user_model.User{ID: 1, IsAdmin: true}, &user_model.User{ID: 2}))
+}
diff --git a/models/organization/org_test.go b/models/organization/org_test.go
index 6638abd8e0..234325a8cd 100644
--- a/models/organization/org_test.go
+++ b/models/organization/org_test.go
@@ -135,7 +135,7 @@ func TestIsOrganizationOwner(t *testing.T) {
 	test := func(orgID, userID int64, expected bool) {
 		isOwner, err := organization.IsOrganizationOwner(db.DefaultContext, orgID, userID)
 		assert.NoError(t, err)
-		assert.EqualValues(t, expected, isOwner)
+		assert.Equal(t, expected, isOwner)
 	}
 	test(3, 2, true)
 	test(3, 3, false)
@@ -149,7 +149,7 @@ func TestIsOrganizationMember(t *testing.T) {
 	test := func(orgID, userID int64, expected bool) {
 		isMember, err := organization.IsOrganizationMember(db.DefaultContext, orgID, userID)
 		assert.NoError(t, err)
-		assert.EqualValues(t, expected, isMember)
+		assert.Equal(t, expected, isMember)
 	}
 	test(3, 2, true)
 	test(3, 3, false)
@@ -164,7 +164,7 @@ func TestIsPublicMembership(t *testing.T) {
 	test := func(orgID, userID int64, expected bool) {
 		isMember, err := organization.IsPublicMembership(db.DefaultContext, orgID, userID)
 		assert.NoError(t, err)
-		assert.EqualValues(t, expected, isMember)
+		assert.Equal(t, expected, isMember)
 	}
 	test(3, 2, true)
 	test(3, 3, false)
@@ -237,7 +237,7 @@ func TestRestrictedUserOrgMembers(t *testing.T) {
 				memberUIDs = append(memberUIDs, member.UID)
 			}
 			slices.Sort(memberUIDs)
-			assert.EqualValues(t, tc.expectedUIDs, memberUIDs)
+			assert.Equal(t, tc.expectedUIDs, memberUIDs)
 		})
 	}
 }
@@ -255,7 +255,7 @@ func TestGetOrgUsersByOrgID(t *testing.T) {
 	sort.Slice(orgUsers, func(i, j int) bool {
 		return orgUsers[i].ID < orgUsers[j].ID
 	})
-	assert.EqualValues(t, []*organization.OrgUser{{
+	assert.Equal(t, []*organization.OrgUser{{
 		ID:       1,
 		OrgID:    3,
 		UID:      2,
@@ -322,7 +322,7 @@ func TestAccessibleReposEnv_CountRepos(t *testing.T) {
 		assert.NoError(t, err)
 		count, err := env.CountRepos(db.DefaultContext)
 		assert.NoError(t, err)
-		assert.EqualValues(t, expectedCount, count)
+		assert.Equal(t, expectedCount, count)
 	}
 	testSuccess(2, 3)
 	testSuccess(4, 2)
@@ -334,7 +334,7 @@ func TestAccessibleReposEnv_RepoIDs(t *testing.T) {
 	testSuccess := func(userID int64, expectedRepoIDs []int64) {
 		env, err := repo_model.AccessibleReposEnv(db.DefaultContext, org, userID)
 		assert.NoError(t, err)
-		repoIDs, err := env.RepoIDs(db.DefaultContext, 1, 100)
+		repoIDs, err := env.RepoIDs(db.DefaultContext)
 		assert.NoError(t, err)
 		assert.Equal(t, expectedRepoIDs, repoIDs)
 	}
@@ -342,25 +342,6 @@ func TestAccessibleReposEnv_RepoIDs(t *testing.T) {
 	testSuccess(4, []int64{3, 32})
 }
 
-func TestAccessibleReposEnv_Repos(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
-	testSuccess := func(userID int64, expectedRepoIDs []int64) {
-		env, err := repo_model.AccessibleReposEnv(db.DefaultContext, org, userID)
-		assert.NoError(t, err)
-		repos, err := env.Repos(db.DefaultContext, 1, 100)
-		assert.NoError(t, err)
-		expectedRepos := make(repo_model.RepositoryList, len(expectedRepoIDs))
-		for i, repoID := range expectedRepoIDs {
-			expectedRepos[i] = unittest.AssertExistsAndLoadBean(t,
-				&repo_model.Repository{ID: repoID})
-		}
-		assert.Equal(t, expectedRepos, repos)
-	}
-	testSuccess(2, []int64{3, 5, 32})
-	testSuccess(4, []int64{3, 32})
-}
-
 func TestAccessibleReposEnv_MirrorRepos(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
diff --git a/models/organization/org_user.go b/models/organization/org_user.go
index 08d936d922..4d7527c15f 100644
--- a/models/organization/org_user.go
+++ b/models/organization/org_user.go
@@ -78,7 +78,7 @@ func IsOrganizationAdmin(ctx context.Context, orgID, uid int64) (bool, error) {
 		return false, err
 	}
 	for _, t := range teams {
-		if t.AccessMode >= perm.AccessModeAdmin {
+		if t.HasAdminAccess() {
 			return true, nil
 		}
 	}
diff --git a/models/organization/org_user_test.go b/models/organization/org_user_test.go
index c5110b2a34..689544430d 100644
--- a/models/organization/org_user_test.go
+++ b/models/organization/org_user_test.go
@@ -139,7 +139,7 @@ func TestAddOrgUser(t *testing.T) {
 		unittest.AssertExistsAndLoadBean(t, ou)
 		assert.Equal(t, isPublic, ou.IsPublic)
 		org = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: orgID})
-		assert.EqualValues(t, expectedNumMembers, org.NumMembers)
+		assert.Equal(t, expectedNumMembers, org.NumMembers)
 	}
 
 	setting.Service.DefaultOrgMemberVisible = false
diff --git a/models/organization/team.go b/models/organization/team.go
index 96666da39a..7f3a9b3829 100644
--- a/models/organization/team.go
+++ b/models/organization/team.go
@@ -113,7 +113,7 @@ func (t *Team) LoadUnits(ctx context.Context) (err error) {
 
 // GetUnitNames returns the team units names
 func (t *Team) GetUnitNames() (res []string) {
-	if t.AccessMode >= perm.AccessModeAdmin {
+	if t.HasAdminAccess() {
 		return unit.AllUnitKeyNames()
 	}
 
@@ -126,7 +126,7 @@ func (t *Team) GetUnitNames() (res []string) {
 // GetUnitsMap returns the team units permissions
 func (t *Team) GetUnitsMap() map[string]string {
 	m := make(map[string]string)
-	if t.AccessMode >= perm.AccessModeAdmin {
+	if t.HasAdminAccess() {
 		for _, u := range unit.Units {
 			m[u.NameKey] = t.AccessMode.ToString()
 		}
@@ -153,6 +153,10 @@ func (t *Team) IsMember(ctx context.Context, userID int64) bool {
 	return isMember
 }
 
+func (t *Team) HasAdminAccess() bool {
+	return t.AccessMode >= perm.AccessModeAdmin
+}
+
 // LoadMembers returns paginated members in team of organization.
 func (t *Team) LoadMembers(ctx context.Context) (err error) {
 	t.Members, err = GetTeamMembers(ctx, &SearchMembersOptions{
@@ -238,22 +242,6 @@ func GetTeamByID(ctx context.Context, teamID int64) (*Team, error) {
 	return t, nil
 }
 
-// GetTeamNamesByID returns team's lower name from a list of team ids.
-func GetTeamNamesByID(ctx context.Context, teamIDs []int64) ([]string, error) {
-	if len(teamIDs) == 0 {
-		return []string{}, nil
-	}
-
-	var teamNames []string
-	err := db.GetEngine(ctx).Table("team").
-		Select("lower_name").
-		In("id", teamIDs).
-		Asc("name").
-		Find(&teamNames)
-
-	return teamNames, err
-}
-
 // IncrTeamRepoNum increases the number of repos for the given team by 1
 func IncrTeamRepoNum(ctx context.Context, teamID int64) error {
 	_, err := db.GetEngine(ctx).Incr("num_repos").ID(teamID).Update(new(Team))
diff --git a/models/organization/team_repo.go b/models/organization/team_repo.go
index 53edd203a8..b3e266dbc7 100644
--- a/models/organization/team_repo.go
+++ b/models/organization/team_repo.go
@@ -9,6 +9,8 @@ import (
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/perm"
 	"code.gitea.io/gitea/models/unit"
+
+	"xorm.io/builder"
 )
 
 // TeamRepo represents an team-repository relation.
@@ -48,26 +50,27 @@ func RemoveTeamRepo(ctx context.Context, teamID, repoID int64) error {
 	return err
 }
 
-// GetTeamsWithAccessToRepo returns all teams in an organization that have given access level to the repository.
-func GetTeamsWithAccessToRepo(ctx context.Context, orgID, repoID int64, mode perm.AccessMode) ([]*Team, error) {
+// GetTeamsWithAccessToAnyRepoUnit returns all teams in an organization that have given access level to the repository special unit.
+// This function is only used for finding some teams that can be used as branch protection allowlist or reviewers, it isn't really used for access control.
+// FIXME: TEAM-UNIT-PERMISSION this logic is not complete, search the fixme keyword to see more details
+func GetTeamsWithAccessToAnyRepoUnit(ctx context.Context, orgID, repoID int64, mode perm.AccessMode, unitType unit.Type, unitTypesMore ...unit.Type) ([]*Team, error) {
 	teams := make([]*Team, 0, 5)
-	return teams, db.GetEngine(ctx).Where("team.authorize >= ?", mode).
-		Join("INNER", "team_repo", "team_repo.team_id = team.id").
-		And("team_repo.org_id = ?", orgID).
-		And("team_repo.repo_id = ?", repoID).
-		OrderBy("name").
-		Find(&teams)
-}
 
-// GetTeamsWithAccessToRepoUnit returns all teams in an organization that have given access level to the repository special unit.
-func GetTeamsWithAccessToRepoUnit(ctx context.Context, orgID, repoID int64, mode perm.AccessMode, unitType unit.Type) ([]*Team, error) {
-	teams := make([]*Team, 0, 5)
-	return teams, db.GetEngine(ctx).Where("team_unit.access_mode >= ?", mode).
+	sub := builder.Select("team_id").From("team_unit").
+		Where(builder.Expr("team_unit.team_id = team.id")).
+		And(builder.In("team_unit.type", append([]unit.Type{unitType}, unitTypesMore...))).
+		And(builder.Expr("team_unit.access_mode >= ?", mode))
+
+	err := db.GetEngine(ctx).
 		Join("INNER", "team_repo", "team_repo.team_id = team.id").
-		Join("INNER", "team_unit", "team_unit.team_id = team.id").
 		And("team_repo.org_id = ?", orgID).
 		And("team_repo.repo_id = ?", repoID).
-		And("team_unit.type = ?", unitType).
+		And(builder.Or(
+			builder.Expr("team.authorize >= ?", mode),
+			builder.In("team.id", sub),
+		)).
 		OrderBy("name").
 		Find(&teams)
+
+	return teams, err
 }
diff --git a/models/organization/team_repo_test.go b/models/organization/team_repo_test.go
index c0d6750df9..73a06a93c2 100644
--- a/models/organization/team_repo_test.go
+++ b/models/organization/team_repo_test.go
@@ -22,7 +22,7 @@ func TestGetTeamsWithAccessToRepoUnit(t *testing.T) {
 	org41 := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 41})
 	repo61 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 61})
 
-	teams, err := organization.GetTeamsWithAccessToRepoUnit(db.DefaultContext, org41.ID, repo61.ID, perm.AccessModeRead, unit.TypePullRequests)
+	teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(db.DefaultContext, org41.ID, repo61.ID, perm.AccessModeRead, unit.TypePullRequests)
 	assert.NoError(t, err)
 	if assert.Len(t, teams, 2) {
 		assert.EqualValues(t, 21, teams[0].ID)
diff --git a/models/organization/team_test.go b/models/organization/team_test.go
index deaabbfa2c..b0bf842584 100644
--- a/models/organization/team_test.go
+++ b/models/organization/team_test.go
@@ -77,7 +77,7 @@ func TestGetTeam(t *testing.T) {
 	testSuccess := func(orgID int64, name string) {
 		team, err := organization.GetTeam(db.DefaultContext, orgID, name)
 		assert.NoError(t, err)
-		assert.EqualValues(t, orgID, team.OrgID)
+		assert.Equal(t, orgID, team.OrgID)
 		assert.Equal(t, name, team.Name)
 	}
 	testSuccess(3, "Owners")
@@ -95,7 +95,7 @@ func TestGetTeamByID(t *testing.T) {
 	testSuccess := func(teamID int64) {
 		team, err := organization.GetTeamByID(db.DefaultContext, teamID)
 		assert.NoError(t, err)
-		assert.EqualValues(t, teamID, team.ID)
+		assert.Equal(t, teamID, team.ID)
 	}
 	testSuccess(1)
 	testSuccess(2)
@@ -163,7 +163,7 @@ func TestGetUserOrgTeams(t *testing.T) {
 		teams, err := organization.GetUserOrgTeams(db.DefaultContext, orgID, userID)
 		assert.NoError(t, err)
 		for _, team := range teams {
-			assert.EqualValues(t, orgID, team.OrgID)
+			assert.Equal(t, orgID, team.OrgID)
 			unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{TeamID: team.ID, UID: userID})
 		}
 	}
diff --git a/models/organization/team_unit.go b/models/organization/team_unit.go
index 3087b70770..c6ec6b39b2 100644
--- a/models/organization/team_unit.go
+++ b/models/organization/team_unit.go
@@ -31,21 +31,16 @@ func getUnitsByTeamID(ctx context.Context, teamID int64) (units []*TeamUnit, err
 
 // UpdateTeamUnits updates a teams's units
 func UpdateTeamUnits(ctx context.Context, team *Team, units []TeamUnit) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if _, err = db.GetEngine(ctx).Where("team_id = ?", team.ID).Delete(new(TeamUnit)); err != nil {
-		return err
-	}
-
-	if len(units) > 0 {
-		if err = db.Insert(ctx, units); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if _, err = db.GetEngine(ctx).Where("team_id = ?", team.ID).Delete(new(TeamUnit)); err != nil {
 			return err
 		}
-	}
 
-	return committer.Commit()
+		if len(units) > 0 {
+			if err = db.Insert(ctx, units); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
 }
diff --git a/models/packages/container/search.go b/models/packages/container/search.go
index 5df35117ce..9321d9eb41 100644
--- a/models/packages/container/search.go
+++ b/models/packages/container/search.go
@@ -25,6 +25,7 @@ type BlobSearchOptions struct {
 	Digest     string
 	Tag        string
 	IsManifest bool
+	OnlyLead   bool
 	Repository string
 }
 
@@ -43,7 +44,10 @@ func (opts *BlobSearchOptions) toConds() builder.Cond {
 		cond = cond.And(builder.Eq{"package_version.lower_version": strings.ToLower(opts.Tag)})
 	}
 	if opts.IsManifest {
-		cond = cond.And(builder.Eq{"package_file.lower_name": ManifestFilename})
+		cond = cond.And(builder.Eq{"package_file.lower_name": container_module.ManifestFilename})
+	}
+	if opts.OnlyLead {
+		cond = cond.And(builder.Eq{"package_file.is_lead": true})
 	}
 	if opts.Digest != "" {
 		var propsCond builder.Cond = builder.Eq{
@@ -73,11 +77,9 @@ func GetContainerBlob(ctx context.Context, opts *BlobSearchOptions) (*packages.P
 	pfds, err := getContainerBlobsLimit(ctx, opts, 1)
 	if err != nil {
 		return nil, err
-	}
-	if len(pfds) != 1 {
+	} else if len(pfds) == 0 {
 		return nil, ErrContainerBlobNotExist
 	}
-
 	return pfds[0], nil
 }
 
@@ -233,7 +235,7 @@ func SearchImageTags(ctx context.Context, opts *ImageTagsSearchOptions) ([]*pack
 func SearchExpiredUploadedBlobs(ctx context.Context, olderThan time.Duration) ([]*packages.PackageFile, error) {
 	var cond builder.Cond = builder.Eq{
 		"package_version.is_internal":   true,
-		"package_version.lower_version": UploadVersion,
+		"package_version.lower_version": container_module.UploadVersion,
 		"package.type":                  packages.TypeContainer,
 	}
 	cond = cond.And(builder.Lt{"package_file.created_unix": time.Now().Add(-olderThan).Unix()})
diff --git a/models/packages/descriptor.go b/models/packages/descriptor.go
index d251fcc4a9..2d43dc3046 100644
--- a/models/packages/descriptor.go
+++ b/models/packages/descriptor.go
@@ -11,6 +11,7 @@ import (
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/packages/alpine"
 	"code.gitea.io/gitea/modules/packages/arch"
@@ -102,22 +103,26 @@ func (pd *PackageDescriptor) CalculateBlobSize() int64 {
 
 // GetPackageDescriptor gets the package description for a version
 func GetPackageDescriptor(ctx context.Context, pv *PackageVersion) (*PackageDescriptor, error) {
-	p, err := GetPackageByID(ctx, pv.PackageID)
+	return GetPackageDescriptorWithCache(ctx, pv, cache.NewEphemeralCache())
+}
+
+func GetPackageDescriptorWithCache(ctx context.Context, pv *PackageVersion, c *cache.EphemeralCache) (*PackageDescriptor, error) {
+	p, err := cache.GetWithEphemeralCache(ctx, c, "package", pv.PackageID, GetPackageByID)
 	if err != nil {
 		return nil, err
 	}
-	o, err := user_model.GetUserByID(ctx, p.OwnerID)
+	o, err := cache.GetWithEphemeralCache(ctx, c, "user", p.OwnerID, user_model.GetUserByID)
 	if err != nil {
 		return nil, err
 	}
 	var repository *repo_model.Repository
 	if p.RepoID > 0 {
-		repository, err = repo_model.GetRepositoryByID(ctx, p.RepoID)
+		repository, err = cache.GetWithEphemeralCache(ctx, c, "repo", p.RepoID, repo_model.GetRepositoryByID)
 		if err != nil && !repo_model.IsErrRepoNotExist(err) {
 			return nil, err
 		}
 	}
-	creator, err := user_model.GetUserByID(ctx, pv.CreatorID)
+	creator, err := cache.GetWithEphemeralCache(ctx, c, "user", pv.CreatorID, user_model.GetUserByID)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			creator = user_model.NewGhostUser()
@@ -145,9 +150,13 @@ func GetPackageDescriptor(ctx context.Context, pv *PackageVersion) (*PackageDesc
 		return nil, err
 	}
 
-	pfds, err := GetPackageFileDescriptors(ctx, pfs)
-	if err != nil {
-		return nil, err
+	pfds := make([]*PackageFileDescriptor, 0, len(pfs))
+	for _, pf := range pfs {
+		pfd, err := getPackageFileDescriptor(ctx, pf, c)
+		if err != nil {
+			return nil, err
+		}
+		pfds = append(pfds, pfd)
 	}
 
 	var metadata any
@@ -197,7 +206,7 @@ func GetPackageDescriptor(ctx context.Context, pv *PackageVersion) (*PackageDesc
 	case TypeVagrant:
 		metadata = &vagrant.Metadata{}
 	default:
-		panic(fmt.Sprintf("unknown package type: %s", string(p.Type)))
+		panic("unknown package type: " + string(p.Type))
 	}
 	if metadata != nil {
 		if err := json.Unmarshal([]byte(pv.MetadataJSON), &metadata); err != nil {
@@ -221,7 +230,11 @@ func GetPackageDescriptor(ctx context.Context, pv *PackageVersion) (*PackageDesc
 
 // GetPackageFileDescriptor gets a package file descriptor for a package file
 func GetPackageFileDescriptor(ctx context.Context, pf *PackageFile) (*PackageFileDescriptor, error) {
-	pb, err := GetBlobByID(ctx, pf.BlobID)
+	return getPackageFileDescriptor(ctx, pf, cache.NewEphemeralCache())
+}
+
+func getPackageFileDescriptor(ctx context.Context, pf *PackageFile, c *cache.EphemeralCache) (*PackageFileDescriptor, error) {
+	pb, err := cache.GetWithEphemeralCache(ctx, c, "package_file_blob", pf.BlobID, GetBlobByID)
 	if err != nil {
 		return nil, err
 	}
@@ -251,9 +264,13 @@ func GetPackageFileDescriptors(ctx context.Context, pfs []*PackageFile) ([]*Pack
 
 // GetPackageDescriptors gets the package descriptions for the versions
 func GetPackageDescriptors(ctx context.Context, pvs []*PackageVersion) ([]*PackageDescriptor, error) {
+	return getPackageDescriptors(ctx, pvs, cache.NewEphemeralCache())
+}
+
+func getPackageDescriptors(ctx context.Context, pvs []*PackageVersion, c *cache.EphemeralCache) ([]*PackageDescriptor, error) {
 	pds := make([]*PackageDescriptor, 0, len(pvs))
 	for _, pv := range pvs {
-		pd, err := GetPackageDescriptor(ctx, pv)
+		pd, err := GetPackageDescriptorWithCache(ctx, pv, c)
 		if err != nil {
 			return nil, err
 		}
diff --git a/models/packages/nuget/search.go b/models/packages/nuget/search.go
index 7a505ff08f..a4b23f31d5 100644
--- a/models/packages/nuget/search.go
+++ b/models/packages/nuget/search.go
@@ -33,7 +33,7 @@ func SearchVersions(ctx context.Context, opts *packages_model.PackageSearchOptio
 		Where(cond).
 		OrderBy("package.name ASC")
 	if opts.Paginator != nil {
-		skip, take := opts.GetSkipTake()
+		skip, take := opts.Paginator.GetSkipTake()
 		inner = inner.Limit(take, skip)
 	}
 
diff --git a/models/packages/package.go b/models/packages/package.go
index 8935dbaa1c..38d1cdcf66 100644
--- a/models/packages/package.go
+++ b/models/packages/package.go
@@ -127,7 +127,7 @@ func (pt Type) Name() string {
 	case TypeVagrant:
 		return "Vagrant"
 	}
-	panic(fmt.Sprintf("unknown package type: %s", string(pt)))
+	panic("unknown package type: " + string(pt))
 }
 
 // SVGName gets the name of the package type svg image
@@ -178,7 +178,7 @@ func (pt Type) SVGName() string {
 	case TypeVagrant:
 		return "gitea-vagrant"
 	}
-	panic(fmt.Sprintf("unknown package type: %s", string(pt)))
+	panic("unknown package type: " + string(pt))
 }
 
 // Package represents a package
diff --git a/models/packages/package_file.go b/models/packages/package_file.go
index 270cb32fdf..bf877485d6 100644
--- a/models/packages/package_file.go
+++ b/models/packages/package_file.go
@@ -115,6 +115,11 @@ func DeleteFileByID(ctx context.Context, fileID int64) error {
 	return err
 }
 
+func UpdateFile(ctx context.Context, pf *PackageFile, cols []string) error {
+	_, err := db.GetEngine(ctx).ID(pf.ID).Cols(cols...).Update(pf)
+	return err
+}
+
 // PackageFileSearchOptions are options for SearchXXX methods
 type PackageFileSearchOptions struct {
 	OwnerID       int64
diff --git a/models/packages/package_property.go b/models/packages/package_property.go
index e0170016cf..acc05d8d5a 100644
--- a/models/packages/package_property.go
+++ b/models/packages/package_property.go
@@ -32,7 +32,7 @@ type PackageProperty struct {
 	RefType PropertyType `xorm:"INDEX NOT NULL"`
 	RefID   int64        `xorm:"INDEX NOT NULL"`
 	Name    string       `xorm:"INDEX NOT NULL"`
-	Value   string       `xorm:"TEXT NOT NULL"`
+	Value   string       `xorm:"LONGTEXT NOT NULL"`
 }
 
 // InsertProperty creates a property
@@ -66,6 +66,20 @@ func UpdateProperty(ctx context.Context, pp *PackageProperty) error {
 	return err
 }
 
+func InsertOrUpdateProperty(ctx context.Context, refType PropertyType, refID int64, name, value string) error {
+	pp := PackageProperty{RefType: refType, RefID: refID, Name: name}
+	ok, err := db.GetEngine(ctx).Get(&pp)
+	if err != nil {
+		return err
+	}
+	if ok {
+		_, err = db.GetEngine(ctx).Where("ref_type=? AND ref_id=? AND name=?", refType, refID, name).Cols("value").Update(&PackageProperty{Value: value})
+		return err
+	}
+	_, err = InsertProperty(ctx, refType, refID, name, value)
+	return err
+}
+
 // DeleteAllProperties deletes all properties of a ref
 func DeleteAllProperties(ctx context.Context, refType PropertyType, refID int64) error {
 	_, err := db.GetEngine(ctx).Where("ref_type = ? AND ref_id = ?", refType, refID).Delete(&PackageProperty{})
@@ -78,8 +92,8 @@ func DeletePropertyByID(ctx context.Context, propertyID int64) error {
 	return err
 }
 
-// DeletePropertyByName deletes properties by name
-func DeletePropertyByName(ctx context.Context, refType PropertyType, refID int64, name string) error {
+// DeletePropertiesByName deletes properties by name
+func DeletePropertiesByName(ctx context.Context, refType PropertyType, refID int64, name string) error {
 	_, err := db.GetEngine(ctx).Where("ref_type = ? AND ref_id = ? AND name = ?", refType, refID, name).Delete(&PackageProperty{})
 	return err
 }
diff --git a/models/packages/package_version.go b/models/packages/package_version.go
index 278e8e3a86..0a478c0323 100644
--- a/models/packages/package_version.go
+++ b/models/packages/package_version.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/util"
 
 	"xorm.io/builder"
+	"xorm.io/xorm"
 )
 
 // ErrDuplicatePackageVersion indicates a duplicated package version error
@@ -36,6 +37,14 @@ type PackageVersion struct {
 	DownloadCount int64              `xorm:"NOT NULL DEFAULT 0"`
 }
 
+// IsPrerelease checks if the version is a prerelease version according to semantic versioning
+func (pv *PackageVersion) IsPrerelease() bool {
+	if pv == nil || pv.Version == "" {
+		return false
+	}
+	return strings.Contains(pv.Version, "-")
+}
+
 // GetOrInsertVersion inserts a version. If the same version exist already ErrDuplicatePackageVersion is returned
 func GetOrInsertVersion(ctx context.Context, pv *PackageVersion) (*PackageVersion, error) {
 	e := db.GetEngine(ctx)
@@ -187,7 +196,7 @@ type PackageSearchOptions struct {
 	HasFileWithName string                // only results are found which are associated with a file with the specific name
 	HasFiles        optional.Option[bool] // only results are found which have associated files
 	Sort            VersionSort
-	db.Paginator
+	Paginator       db.Paginator
 }
 
 func (opts *PackageSearchOptions) ToConds() builder.Cond {
@@ -279,9 +288,19 @@ func (opts *PackageSearchOptions) configureOrderBy(e db.Engine) {
 	default:
 		e.Desc("package_version.created_unix")
 	}
+	e.Desc("package_version.id") // Sort by id for stable order with duplicates in the other field
+}
 
-	// Sort by id for stable order with duplicates in the other field
-	e.Asc("package_version.id")
+func searchVersionsBySession(sess *xorm.Session, opts *PackageSearchOptions) ([]*PackageVersion, int64, error) {
+	opts.configureOrderBy(sess)
+	pvs := make([]*PackageVersion, 0, 10)
+	if opts.Paginator != nil {
+		sess = db.SetSessionPagination(sess, opts.Paginator)
+		count, err := sess.FindAndCount(&pvs)
+		return pvs, count, err
+	}
+	err := sess.Find(&pvs)
+	return pvs, int64(len(pvs)), err
 }
 
 // SearchVersions gets all versions of packages matching the search options
@@ -291,16 +310,7 @@ func SearchVersions(ctx context.Context, opts *PackageSearchOptions) ([]*Package
 		Table("package_version").
 		Join("INNER", "package", "package.id = package_version.package_id").
 		Where(opts.ToConds())
-
-	opts.configureOrderBy(sess)
-
-	if opts.Paginator != nil {
-		sess = db.SetSessionPagination(sess, opts)
-	}
-
-	pvs := make([]*PackageVersion, 0, 10)
-	count, err := sess.FindAndCount(&pvs)
-	return pvs, count, err
+	return searchVersionsBySession(sess, opts)
 }
 
 // SearchLatestVersions gets the latest version of every package matching the search options
@@ -318,15 +328,7 @@ func SearchLatestVersions(ctx context.Context, opts *PackageSearchOptions) ([]*P
 		Join("INNER", "package", "package.id = package_version.package_id").
 		Where(builder.In("package_version.id", in))
 
-	opts.configureOrderBy(sess)
-
-	if opts.Paginator != nil {
-		sess = db.SetSessionPagination(sess, opts)
-	}
-
-	pvs := make([]*PackageVersion, 0, 10)
-	count, err := sess.FindAndCount(&pvs)
-	return pvs, count, err
+	return searchVersionsBySession(sess, opts)
 }
 
 // ExistVersion checks if a version matching the search options exist
diff --git a/models/perm/access/repo_permission.go b/models/perm/access/repo_permission.go
index 5e7ecb31ea..7de43ecd07 100644
--- a/models/perm/access/repo_permission.go
+++ b/models/perm/access/repo_permission.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 )
 
@@ -25,7 +26,8 @@ type Permission struct {
 	units     []*repo_model.RepoUnit
 	unitsMode map[unit.Type]perm_model.AccessMode
 
-	everyoneAccessMode map[unit.Type]perm_model.AccessMode
+	everyoneAccessMode  map[unit.Type]perm_model.AccessMode // the unit's minimal access mode for every signed-in user
+	anonymousAccessMode map[unit.Type]perm_model.AccessMode // the unit's minimal access mode for anonymous (non-signed-in) user
 }
 
 // IsOwner returns true if current user is the owner of repository.
@@ -39,7 +41,8 @@ func (p *Permission) IsAdmin() bool {
 }
 
 // HasAnyUnitAccess returns true if the user might have at least one access mode to any unit of this repository.
-// It doesn't count the "everyone access mode".
+// It doesn't count the "public(anonymous/everyone) access mode".
+// TODO: most calls to this function should be replaced with `HasAnyUnitAccessOrPublicAccess`
 func (p *Permission) HasAnyUnitAccess() bool {
 	for _, v := range p.unitsMode {
 		if v >= perm_model.AccessModeRead {
@@ -49,13 +52,22 @@ func (p *Permission) HasAnyUnitAccess() bool {
 	return p.AccessMode >= perm_model.AccessModeRead
 }
 
-func (p *Permission) HasAnyUnitAccessOrEveryoneAccess() bool {
+func (p *Permission) HasAnyUnitPublicAccess() bool {
+	for _, v := range p.anonymousAccessMode {
+		if v >= perm_model.AccessModeRead {
+			return true
+		}
+	}
 	for _, v := range p.everyoneAccessMode {
 		if v >= perm_model.AccessModeRead {
 			return true
 		}
 	}
-	return p.HasAnyUnitAccess()
+	return false
+}
+
+func (p *Permission) HasAnyUnitAccessOrPublicAccess() bool {
+	return p.HasAnyUnitPublicAccess() || p.HasAnyUnitAccess()
 }
 
 // HasUnits returns true if the permission contains attached units
@@ -73,14 +85,16 @@ func (p *Permission) GetFirstUnitRepoID() int64 {
 }
 
 // UnitAccessMode returns current user access mode to the specify unit of the repository
-// It also considers "everyone access mode"
+// It also considers "public (anonymous/everyone) access mode"
 func (p *Permission) UnitAccessMode(unitType unit.Type) perm_model.AccessMode {
 	// if the units map contains the access mode, use it, but admin/owner mode could override it
 	if m, ok := p.unitsMode[unitType]; ok {
 		return util.Iif(p.AccessMode >= perm_model.AccessModeAdmin, p.AccessMode, m)
 	}
 	// if the units map does not contain the access mode, return the default access mode if the unit exists
-	unitDefaultAccessMode := max(p.AccessMode, p.everyoneAccessMode[unitType])
+	unitDefaultAccessMode := p.AccessMode
+	unitDefaultAccessMode = max(unitDefaultAccessMode, p.anonymousAccessMode[unitType])
+	unitDefaultAccessMode = max(unitDefaultAccessMode, p.everyoneAccessMode[unitType])
 	hasUnit := slices.ContainsFunc(p.units, func(u *repo_model.RepoUnit) bool { return u.Type == unitType })
 	return util.Iif(hasUnit, unitDefaultAccessMode, perm_model.AccessModeNone)
 }
@@ -171,27 +185,41 @@ func (p *Permission) LogString() string {
 		format += "\n\tunitsMode[%-v]: %-v"
 		args = append(args, key.LogString(), value.LogString())
 	}
+	format += "\n\tanonymousAccessMode: %-v"
+	args = append(args, p.anonymousAccessMode)
 	format += "\n\teveryoneAccessMode: %-v"
 	args = append(args, p.everyoneAccessMode)
 	format += "\n\t]>"
 	return fmt.Sprintf(format, args...)
 }
 
+func applyPublicAccessPermission(unitType unit.Type, accessMode perm_model.AccessMode, modeMap *map[unit.Type]perm_model.AccessMode) {
+	if setting.Repository.ForcePrivate {
+		return
+	}
+	if accessMode >= perm_model.AccessModeRead && accessMode > (*modeMap)[unitType] {
+		if *modeMap == nil {
+			*modeMap = make(map[unit.Type]perm_model.AccessMode)
+		}
+		(*modeMap)[unitType] = accessMode
+	}
+}
+
 func finalProcessRepoUnitPermission(user *user_model.User, perm *Permission) {
+	// apply public (anonymous) access permissions
+	for _, u := range perm.units {
+		applyPublicAccessPermission(u.Type, u.AnonymousAccessMode, &perm.anonymousAccessMode)
+	}
+
 	if user == nil || user.ID <= 0 {
 		// for anonymous access, it could be:
 		// AccessMode is None or Read, units has repo units, unitModes is nil
 		return
 	}
 
-	// apply everyone access permissions
+	// apply public (everyone) access permissions
 	for _, u := range perm.units {
-		if u.EveryoneAccessMode >= perm_model.AccessModeRead && u.EveryoneAccessMode > perm.everyoneAccessMode[u.Type] {
-			if perm.everyoneAccessMode == nil {
-				perm.everyoneAccessMode = make(map[unit.Type]perm_model.AccessMode)
-			}
-			perm.everyoneAccessMode[u.Type] = u.EveryoneAccessMode
-		}
+		applyPublicAccessPermission(u.Type, u.EveryoneAccessMode, &perm.everyoneAccessMode)
 	}
 
 	if perm.unitsMode == nil {
@@ -209,6 +237,11 @@ func finalProcessRepoUnitPermission(user *user_model.User, perm *Permission) {
 				break
 			}
 		}
+		for t := range perm.anonymousAccessMode {
+			if shouldKeep = shouldKeep || u.Type == t; shouldKeep {
+				break
+			}
+		}
 		for t := range perm.everyoneAccessMode {
 			if shouldKeep = shouldKeep || u.Type == t; shouldKeep {
 				break
@@ -235,7 +268,6 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 	perm.units = repo.Units
 
 	// anonymous user visit private repo.
-	// TODO: anonymous user visit public unit of private repo???
 	if user == nil && repo.IsPrivate {
 		perm.AccessMode = perm_model.AccessModeNone
 		return perm, nil
@@ -254,7 +286,8 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 	}
 
 	// Prevent strangers from checking out public repo of private organization/users
-	// Allow user if they are collaborator of a repo within a private user or a private organization but not a member of the organization itself
+	// Allow user if they are a collaborator of a repo within a private user or a private organization but not a member of the organization itself
+	// TODO: rename it to "IsOwnerVisibleToDoer"
 	if !organization.HasOrgOrUserVisible(ctx, repo.Owner, user) && !isCollaborator {
 		perm.AccessMode = perm_model.AccessModeNone
 		return perm, nil
@@ -272,7 +305,7 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 		return perm, nil
 	}
 
-	// plain user
+	// plain user TODO: this check should be replaced, only need to check collaborator access mode
 	perm.AccessMode, err = accessLevel(ctx, user, repo)
 	if err != nil {
 		return perm, err
@@ -282,6 +315,19 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 		return perm, nil
 	}
 
+	// now: the owner is visible to doer, if the repo is public, then the min access mode is read
+	minAccessMode := util.Iif(!repo.IsPrivate && !user.IsRestricted, perm_model.AccessModeRead, perm_model.AccessModeNone)
+	perm.AccessMode = max(perm.AccessMode, minAccessMode)
+
+	// get units mode from teams
+	teams, err := organization.GetUserRepoTeams(ctx, repo.OwnerID, user.ID, repo.ID)
+	if err != nil {
+		return perm, err
+	}
+	if len(teams) == 0 {
+		return perm, nil
+	}
+
 	perm.unitsMode = make(map[unit.Type]perm_model.AccessMode)
 
 	// Collaborators on organization
@@ -291,15 +337,9 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 		}
 	}
 
-	// get units mode from teams
-	teams, err := organization.GetUserRepoTeams(ctx, repo.OwnerID, user.ID, repo.ID)
-	if err != nil {
-		return perm, err
-	}
-
 	// if user in an owner team
 	for _, team := range teams {
-		if team.AccessMode >= perm_model.AccessModeAdmin {
+		if team.HasAdminAccess() {
 			perm.AccessMode = perm_model.AccessModeOwner
 			perm.unitsMode = nil
 			return perm, nil
@@ -307,19 +347,12 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 	}
 
 	for _, u := range repo.Units {
-		var found bool
 		for _, team := range teams {
+			unitAccessMode := minAccessMode
 			if teamMode, exist := team.UnitAccessModeEx(ctx, u.Type); exist {
-				perm.unitsMode[u.Type] = max(perm.unitsMode[u.Type], teamMode)
-				found = true
-			}
-		}
-
-		// for a public repo on an organization, a non-restricted user has read permission on non-team defined units.
-		if !found && !repo.IsPrivate && !user.IsRestricted {
-			if _, ok := perm.unitsMode[u.Type]; !ok {
-				perm.unitsMode[u.Type] = perm_model.AccessModeRead
+				unitAccessMode = max(perm.unitsMode[u.Type], unitAccessMode, teamMode)
 			}
+			perm.unitsMode[u.Type] = unitAccessMode
 		}
 	}
 
@@ -367,7 +400,7 @@ func IsUserRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *use
 	}
 
 	for _, team := range teams {
-		if team.AccessMode >= perm_model.AccessModeAdmin {
+		if team.HasAdminAccess() {
 			return true, nil
 		}
 	}
@@ -376,13 +409,13 @@ func IsUserRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *use
 
 // AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
 // user does not have access.
-func AccessLevel(ctx context.Context, user *user_model.User, repo *repo_model.Repository) (perm_model.AccessMode, error) { //nolint
+func AccessLevel(ctx context.Context, user *user_model.User, repo *repo_model.Repository) (perm_model.AccessMode, error) { //nolint:revive // export stutter
 	return AccessLevelUnit(ctx, user, repo, unit.TypeCode)
 }
 
 // AccessLevelUnit returns the Access a user has to a repository's. Will return NoneAccess if the
 // user does not have access.
-func AccessLevelUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type) (perm_model.AccessMode, error) { //nolint
+func AccessLevelUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type) (perm_model.AccessMode, error) { //nolint:revive // export stutter
 	perm, err := GetUserRepoPermission(ctx, repo, user)
 	if err != nil {
 		return perm_model.AccessModeNone, err
@@ -490,3 +523,7 @@ func CheckRepoUnitUser(ctx context.Context, repo *repo_model.Repository, user *u
 
 	return perm.CanRead(unitType)
 }
+
+func PermissionNoAccess() Permission {
+	return Permission{AccessMode: perm_model.AccessModeNone}
+}
diff --git a/models/perm/access/repo_permission_test.go b/models/perm/access/repo_permission_test.go
index 9862da0673..c8675b1ded 100644
--- a/models/perm/access/repo_permission_test.go
+++ b/models/perm/access/repo_permission_test.go
@@ -6,12 +6,16 @@ package access
 import (
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/organization"
 	perm_model "code.gitea.io/gitea/models/perm"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
+	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestHasAnyUnitAccess(t *testing.T) {
@@ -22,14 +26,21 @@ func TestHasAnyUnitAccess(t *testing.T) {
 		units: []*repo_model.RepoUnit{{Type: unit.TypeWiki}},
 	}
 	assert.False(t, perm.HasAnyUnitAccess())
-	assert.False(t, perm.HasAnyUnitAccessOrEveryoneAccess())
+	assert.False(t, perm.HasAnyUnitAccessOrPublicAccess())
 
 	perm = Permission{
 		units:              []*repo_model.RepoUnit{{Type: unit.TypeWiki}},
 		everyoneAccessMode: map[unit.Type]perm_model.AccessMode{unit.TypeIssues: perm_model.AccessModeRead},
 	}
 	assert.False(t, perm.HasAnyUnitAccess())
-	assert.True(t, perm.HasAnyUnitAccessOrEveryoneAccess())
+	assert.True(t, perm.HasAnyUnitAccessOrPublicAccess())
+
+	perm = Permission{
+		units:               []*repo_model.RepoUnit{{Type: unit.TypeWiki}},
+		anonymousAccessMode: map[unit.Type]perm_model.AccessMode{unit.TypeIssues: perm_model.AccessModeRead},
+	}
+	assert.False(t, perm.HasAnyUnitAccess())
+	assert.True(t, perm.HasAnyUnitAccessOrPublicAccess())
 
 	perm = Permission{
 		AccessMode: perm_model.AccessModeRead,
@@ -43,7 +54,7 @@ func TestHasAnyUnitAccess(t *testing.T) {
 	assert.True(t, perm.HasAnyUnitAccess())
 }
 
-func TestApplyEveryoneRepoPermission(t *testing.T) {
+func TestApplyPublicAccessRepoPermission(t *testing.T) {
 	perm := Permission{
 		AccessMode: perm_model.AccessModeNone,
 		units: []*repo_model.RepoUnit{
@@ -56,6 +67,15 @@ func TestApplyEveryoneRepoPermission(t *testing.T) {
 	perm = Permission{
 		AccessMode: perm_model.AccessModeNone,
 		units: []*repo_model.RepoUnit{
+			{Type: unit.TypeWiki, AnonymousAccessMode: perm_model.AccessModeRead},
+		},
+	}
+	finalProcessRepoUnitPermission(nil, &perm)
+	assert.True(t, perm.CanRead(unit.TypeWiki))
+
+	perm = Permission{
+		AccessMode: perm_model.AccessModeNone,
+		units: []*repo_model.RepoUnit{
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 	}
@@ -136,3 +156,45 @@ func TestUnitAccessMode(t *testing.T) {
 	}
 	assert.Equal(t, perm_model.AccessModeRead, perm.UnitAccessMode(unit.TypeWiki), "has unit, and map, use map")
 }
+
+func TestGetUserRepoPermission(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+	ctx := t.Context()
+	repo32 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 32}) // org public repo
+	require.NoError(t, repo32.LoadOwner(ctx))
+	require.True(t, repo32.Owner.IsOrganization())
+
+	require.NoError(t, db.TruncateBeans(ctx, &organization.Team{}, &organization.TeamUser{}, &organization.TeamRepo{}, &organization.TeamUnit{}))
+	org := repo32.Owner
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})
+	team := &organization.Team{OrgID: org.ID, LowerName: "test_team"}
+	require.NoError(t, db.Insert(ctx, team))
+
+	t.Run("DoerInTeamWithNoRepo", func(t *testing.T) {
+		require.NoError(t, db.Insert(ctx, &organization.TeamUser{OrgID: org.ID, TeamID: team.ID, UID: user.ID}))
+		perm, err := GetUserRepoPermission(ctx, repo32, user)
+		require.NoError(t, err)
+		assert.Equal(t, perm_model.AccessModeRead, perm.AccessMode)
+		assert.Nil(t, perm.unitsMode) // doer in the team, but has no access to the repo
+	})
+
+	require.NoError(t, db.Insert(ctx, &organization.TeamRepo{OrgID: org.ID, TeamID: team.ID, RepoID: repo32.ID}))
+	require.NoError(t, db.Insert(ctx, &organization.TeamUnit{OrgID: org.ID, TeamID: team.ID, Type: unit.TypeCode, AccessMode: perm_model.AccessModeNone}))
+	t.Run("DoerWithTeamUnitAccessNone", func(t *testing.T) {
+		perm, err := GetUserRepoPermission(ctx, repo32, user)
+		require.NoError(t, err)
+		assert.Equal(t, perm_model.AccessModeRead, perm.AccessMode)
+		assert.Equal(t, perm_model.AccessModeRead, perm.unitsMode[unit.TypeCode])
+		assert.Equal(t, perm_model.AccessModeRead, perm.unitsMode[unit.TypeIssues])
+	})
+
+	require.NoError(t, db.TruncateBeans(ctx, &organization.TeamUnit{}))
+	require.NoError(t, db.Insert(ctx, &organization.TeamUnit{OrgID: org.ID, TeamID: team.ID, Type: unit.TypeCode, AccessMode: perm_model.AccessModeWrite}))
+	t.Run("DoerWithTeamUnitAccessWrite", func(t *testing.T) {
+		perm, err := GetUserRepoPermission(ctx, repo32, user)
+		require.NoError(t, err)
+		assert.Equal(t, perm_model.AccessModeRead, perm.AccessMode)
+		assert.Equal(t, perm_model.AccessModeWrite, perm.unitsMode[unit.TypeCode])
+		assert.Equal(t, perm_model.AccessModeRead, perm.unitsMode[unit.TypeIssues])
+	})
+}
diff --git a/models/project/column.go b/models/project/column.go
index 77ff5ef83e..9b9d874997 100644
--- a/models/project/column.go
+++ b/models/project/column.go
@@ -147,7 +147,7 @@ func NewColumn(ctx context.Context, column *Column) error {
 		return err
 	}
 	if res.ColumnCount >= maxProjectColumns {
-		return fmt.Errorf("NewBoard: maximum number of columns reached")
+		return errors.New("NewBoard: maximum number of columns reached")
 	}
 	column.Sorting = int8(util.Iif(res.ColumnCount > 0, res.MaxSorting+1, 0))
 	_, err := db.GetEngine(ctx).Insert(column)
@@ -172,7 +172,7 @@ func deleteColumnByID(ctx context.Context, columnID int64) error {
 	}
 
 	if column.Default {
-		return fmt.Errorf("deleteColumnByID: cannot delete default column")
+		return errors.New("deleteColumnByID: cannot delete default column")
 	}
 
 	// move all issues to the default column
diff --git a/models/project/column_test.go b/models/project/column_test.go
index 66db23a3e4..6a615090a5 100644
--- a/models/project/column_test.go
+++ b/models/project/column_test.go
@@ -97,9 +97,9 @@ func Test_MoveColumnsOnProject(t *testing.T) {
 	columnsAfter, err := project1.GetColumns(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.Len(t, columnsAfter, 3)
-	assert.EqualValues(t, columns[1].ID, columnsAfter[0].ID)
-	assert.EqualValues(t, columns[2].ID, columnsAfter[1].ID)
-	assert.EqualValues(t, columns[0].ID, columnsAfter[2].ID)
+	assert.Equal(t, columns[1].ID, columnsAfter[0].ID)
+	assert.Equal(t, columns[2].ID, columnsAfter[1].ID)
+	assert.Equal(t, columns[0].ID, columnsAfter[2].ID)
 }
 
 func Test_NewColumn(t *testing.T) {
@@ -110,7 +110,7 @@ func Test_NewColumn(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Len(t, columns, 3)
 
-	for i := 0; i < maxProjectColumns-3; i++ {
+	for i := range maxProjectColumns - 3 {
 		err := NewColumn(db.DefaultContext, &Column{
 			Title:     fmt.Sprintf("column-%d", i+4),
 			ProjectID: project1.ID,
diff --git a/models/project/issue.go b/models/project/issue.go
index 98eed2a213..47d1537ec7 100644
--- a/models/project/issue.go
+++ b/models/project/issue.go
@@ -5,7 +5,7 @@ package project
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/util"
@@ -35,7 +35,7 @@ func deleteProjectIssuesByProjectID(ctx context.Context, projectID int64) error
 
 func (c *Column) moveIssuesToAnotherColumn(ctx context.Context, newColumn *Column) error {
 	if c.ProjectID != newColumn.ProjectID {
-		return fmt.Errorf("columns have to be in the same project")
+		return errors.New("columns have to be in the same project")
 	}
 
 	if c.ID == newColumn.ID {
diff --git a/models/project/project.go b/models/project/project.go
index d27e053094..c003664fa3 100644
--- a/models/project/project.go
+++ b/models/project/project.go
@@ -129,11 +129,11 @@ func (p *Project) LoadRepo(ctx context.Context) (err error) {
 	return err
 }
 
-func ProjectLinkForOrg(org *user_model.User, projectID int64) string { //nolint
+func ProjectLinkForOrg(org *user_model.User, projectID int64) string { //nolint:revive // export stutter
 	return fmt.Sprintf("%s/-/projects/%d", org.HomeLink(), projectID)
 }
 
-func ProjectLinkForRepo(repo *repo_model.Repository, projectID int64) string { //nolint
+func ProjectLinkForRepo(repo *repo_model.Repository, projectID int64) string { //nolint:revive // export stutter
 	return fmt.Sprintf("%s/projects/%d", repo.Link(), projectID)
 }
 
@@ -359,41 +359,25 @@ func updateRepositoryProjectCount(ctx context.Context, repoID int64) error {
 
 // ChangeProjectStatusByRepoIDAndID toggles a project between opened and closed
 func ChangeProjectStatusByRepoIDAndID(ctx context.Context, repoID, projectID int64, isClosed bool) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	p := new(Project)
-
-	has, err := db.GetEngine(ctx).ID(projectID).Where("repo_id = ?", repoID).Get(p)
-	if err != nil {
-		return err
-	} else if !has {
-		return ErrProjectNotExist{ID: projectID, RepoID: repoID}
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		p := new(Project)
 
-	if err := changeProjectStatus(ctx, p, isClosed); err != nil {
-		return err
-	}
+		has, err := db.GetEngine(ctx).ID(projectID).Where("repo_id = ?", repoID).Get(p)
+		if err != nil {
+			return err
+		} else if !has {
+			return ErrProjectNotExist{ID: projectID, RepoID: repoID}
+		}
 
-	return committer.Commit()
+		return changeProjectStatus(ctx, p, isClosed)
+	})
 }
 
 // ChangeProjectStatus toggle a project between opened and closed
 func ChangeProjectStatus(ctx context.Context, p *Project, isClosed bool) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := changeProjectStatus(ctx, p, isClosed); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return changeProjectStatus(ctx, p, isClosed)
+	})
 }
 
 func changeProjectStatus(ctx context.Context, p *Project, isClosed bool) error {
diff --git a/models/project/project_test.go b/models/project/project_test.go
index dd421b4659..c2e924e8ae 100644
--- a/models/project/project_test.go
+++ b/models/project/project_test.go
@@ -113,10 +113,10 @@ func TestProjectsSort(t *testing.T) {
 			OrderBy: GetSearchOrderByBySortType(tt.sortType),
 		})
 		assert.NoError(t, err)
-		assert.EqualValues(t, int64(6), count)
+		assert.Equal(t, int64(6), count)
 		if assert.Len(t, projects, 6) {
 			for i := range projects {
-				assert.EqualValues(t, tt.wants[i], projects[i].ID)
+				assert.Equal(t, tt.wants[i], projects[i].ID)
 			}
 		}
 	}
diff --git a/models/pull/automerge.go b/models/pull/automerge.go
index 3cafacc3a4..7f940a9849 100644
--- a/models/pull/automerge.go
+++ b/models/pull/automerge.go
@@ -5,12 +5,14 @@ package pull
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // AutoMerge represents a pull request scheduled for merging when checks succeed
@@ -76,7 +78,10 @@ func GetScheduledMergeByPullID(ctx context.Context, pullID int64) (bool, *AutoMe
 		return false, nil, err
 	}
 
-	doer, err := user_model.GetUserByID(ctx, scheduledPRM.DoerID)
+	doer, err := user_model.GetPossibleUserByID(ctx, scheduledPRM.DoerID)
+	if errors.Is(err, util.ErrNotExist) {
+		doer, err = user_model.NewGhostUser(), nil
+	}
 	if err != nil {
 		return false, nil, err
 	}
diff --git a/models/pull/review_state.go b/models/pull/review_state.go
index e46a22a49d..137af00eab 100644
--- a/models/pull/review_state.go
+++ b/models/pull/review_state.go
@@ -6,6 +6,7 @@ package pull
 import (
 	"context"
 	"fmt"
+	"maps"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/log"
@@ -100,9 +101,7 @@ func mergeFiles(oldFiles, newFiles map[string]ViewedState) map[string]ViewedStat
 		return oldFiles
 	}
 
-	for file, viewed := range newFiles {
-		oldFiles[file] = viewed
-	}
+	maps.Copy(oldFiles, newFiles)
 	return oldFiles
 }
 
diff --git a/models/renderhelper/commit_checker.go b/models/renderhelper/commit_checker.go
index 4815643e67..407e45fb54 100644
--- a/models/renderhelper/commit_checker.go
+++ b/models/renderhelper/commit_checker.go
@@ -47,7 +47,7 @@ func (c *commitChecker) IsCommitIDExisting(commitID string) bool {
 		c.gitRepo, c.gitRepoCloser = r, closer
 	}
 
-	exist = c.gitRepo.IsReferenceExist(commitID) // Don't use IsObjectExist since it doesn't support short hashs with gogit edition.
+	exist = c.gitRepo.IsReferenceExist(commitID) // Don't use IsObjectExist since it doesn't support short hashes with gogit edition.
 	c.commitCache[commitID] = exist
 	return exist
 }
diff --git a/models/renderhelper/repo_comment.go b/models/renderhelper/repo_comment.go
index 6bd5e91ad1..ae0fbf0abd 100644
--- a/models/renderhelper/repo_comment.go
+++ b/models/renderhelper/repo_comment.go
@@ -28,14 +28,14 @@ func (r *RepoComment) IsCommitIDExisting(commitID string) bool {
 	return r.commitChecker.IsCommitIDExisting(commitID)
 }
 
-func (r *RepoComment) ResolveLink(link string, likeType markup.LinkType) (finalLink string) {
-	switch likeType {
-	case markup.LinkTypeApp:
-		finalLink = r.ctx.ResolveLinkApp(link)
+func (r *RepoComment) ResolveLink(link, preferLinkType string) string {
+	linkType, link := markup.ParseRenderedLink(link, preferLinkType)
+	switch linkType {
+	case markup.LinkTypeRoot:
+		return r.ctx.ResolveLinkRoot(link)
 	default:
-		finalLink = r.ctx.ResolveLinkRelative(r.repoLink, r.opts.CurrentRefPath, link)
+		return r.ctx.ResolveLinkRelative(r.repoLink, r.opts.CurrentRefPath, link)
 	}
-	return finalLink
 }
 
 var _ markup.RenderHelper = (*RepoComment)(nil)
@@ -44,30 +44,31 @@ type RepoCommentOptions struct {
 	DeprecatedRepoName  string // it is only a patch for the non-standard "markup" api
 	DeprecatedOwnerName string // it is only a patch for the non-standard "markup" api
 	CurrentRefPath      string // eg: "branch/main" or "commit/11223344"
+	FootnoteContextID   string // the extra context ID for footnotes, used to avoid conflicts with other footnotes in the same page
 }
 
 func NewRenderContextRepoComment(ctx context.Context, repo *repo_model.Repository, opts ...RepoCommentOptions) *markup.RenderContext {
-	helper := &RepoComment{
-		repoLink: repo.Link(),
-		opts:     util.OptionalArg(opts),
-	}
+	helper := &RepoComment{opts: util.OptionalArg(opts)}
 	rctx := markup.NewRenderContext(ctx)
 	helper.ctx = rctx
+	var metas map[string]string
 	if repo != nil {
 		helper.repoLink = repo.Link()
 		helper.commitChecker = newCommitChecker(ctx, repo)
-		rctx = rctx.WithMetas(repo.ComposeMetas(ctx))
+		metas = repo.ComposeCommentMetas(ctx)
 	} else {
-		// this is almost dead code, only to pass the incorrect tests
-		helper.repoLink = fmt.Sprintf("%s/%s", helper.opts.DeprecatedOwnerName, helper.opts.DeprecatedRepoName)
-		rctx = rctx.WithMetas(map[string]string{
-			"user": helper.opts.DeprecatedOwnerName,
-			"repo": helper.opts.DeprecatedRepoName,
-
-			"markdownLineBreakStyle":       "comment",
-			"markupAllowShortIssuePattern": "true",
-		})
+		// repo can be nil when rendering a commit message in user's dashboard feedback whose repository has been deleted
+		metas = map[string]string{}
+		if helper.opts.DeprecatedOwnerName != "" {
+			// this is almost dead code, only to pass the incorrect tests
+			helper.repoLink = fmt.Sprintf("%s/%s", helper.opts.DeprecatedOwnerName, helper.opts.DeprecatedRepoName)
+			metas["user"] = helper.opts.DeprecatedOwnerName
+			metas["repo"] = helper.opts.DeprecatedRepoName
+		}
+		metas["markdownNewLineHardBreak"] = "true"
+		metas["markupAllowShortIssuePattern"] = "true"
 	}
-	rctx = rctx.WithHelper(helper)
+	metas["footnoteContextId"] = helper.opts.FootnoteContextID
+	rctx = rctx.WithMetas(metas).WithHelper(helper)
 	return rctx
 }
diff --git a/models/renderhelper/repo_comment_test.go b/models/renderhelper/repo_comment_test.go
index 776152db96..3b13bff73c 100644
--- a/models/renderhelper/repo_comment_test.go
+++ b/models/renderhelper/repo_comment_test.go
@@ -72,4 +72,11 @@ func TestRepoComment(t *testing.T) {
 <a href="/user2/repo1/commit/1234/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/commit/1234/image" alt="./image"/></a></p>
 `, rendered)
 	})
+
+	t.Run("NoRepo", func(t *testing.T) {
+		rctx := NewRenderContextRepoComment(t.Context(), nil).WithMarkupType(markdown.MarkupName)
+		rendered, err := markup.RenderString(rctx, "any")
+		assert.NoError(t, err)
+		assert.Equal(t, "<p>any</p>\n", rendered)
+	})
 }
diff --git a/models/renderhelper/repo_file.go b/models/renderhelper/repo_file.go
index 794828c617..e0375ed280 100644
--- a/models/renderhelper/repo_file.go
+++ b/models/renderhelper/repo_file.go
@@ -29,17 +29,17 @@ func (r *RepoFile) IsCommitIDExisting(commitID string) bool {
 	return r.commitChecker.IsCommitIDExisting(commitID)
 }
 
-func (r *RepoFile) ResolveLink(link string, likeType markup.LinkType) string {
-	finalLink := link
-	switch likeType {
-	case markup.LinkTypeApp:
-		finalLink = r.ctx.ResolveLinkApp(link)
-	case markup.LinkTypeDefault:
-		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "src", r.opts.CurrentRefPath), r.opts.CurrentTreePath, link)
+func (r *RepoFile) ResolveLink(link, preferLinkType string) (finalLink string) {
+	linkType, link := markup.ParseRenderedLink(link, preferLinkType)
+	switch linkType {
+	case markup.LinkTypeRoot:
+		finalLink = r.ctx.ResolveLinkRoot(link)
 	case markup.LinkTypeRaw:
 		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "raw", r.opts.CurrentRefPath), r.opts.CurrentTreePath, link)
 	case markup.LinkTypeMedia:
 		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "media", r.opts.CurrentRefPath), r.opts.CurrentTreePath, link)
+	default:
+		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "src", r.opts.CurrentRefPath), r.opts.CurrentTreePath, link)
 	}
 	return finalLink
 }
@@ -61,15 +61,13 @@ func NewRenderContextRepoFile(ctx context.Context, repo *repo_model.Repository,
 	if repo != nil {
 		helper.repoLink = repo.Link()
 		helper.commitChecker = newCommitChecker(ctx, repo)
-		rctx = rctx.WithMetas(repo.ComposeDocumentMetas(ctx))
+		rctx = rctx.WithMetas(repo.ComposeRepoFileMetas(ctx))
 	} else {
 		// this is almost dead code, only to pass the incorrect tests
 		helper.repoLink = fmt.Sprintf("%s/%s", helper.opts.DeprecatedOwnerName, helper.opts.DeprecatedRepoName)
 		rctx = rctx.WithMetas(map[string]string{
 			"user": helper.opts.DeprecatedOwnerName,
 			"repo": helper.opts.DeprecatedRepoName,
-
-			"markdownLineBreakStyle": "document",
 		})
 	}
 	rctx = rctx.WithHelper(helper)
diff --git a/models/renderhelper/repo_file_test.go b/models/renderhelper/repo_file_test.go
index 29cb45f6f7..3b48efba3a 100644
--- a/models/renderhelper/repo_file_test.go
+++ b/models/renderhelper/repo_file_test.go
@@ -48,8 +48,8 @@ func TestRepoFile(t *testing.T) {
 		assert.Equal(t,
 			`<p><a href="/user2/repo1/src/branch/main/test" rel="nofollow">/test</a>
 <a href="/user2/repo1/src/branch/main/test" rel="nofollow">./test</a>
-<a href="/user2/repo1/media/branch/main/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/branch/main/image" alt="/image"/></a>
-<a href="/user2/repo1/media/branch/main/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/branch/main/image" alt="./image"/></a></p>
+<a href="/user2/repo1/src/branch/main/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/branch/main/image" alt="/image"/></a>
+<a href="/user2/repo1/src/branch/main/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/branch/main/image" alt="./image"/></a></p>
 `, rendered)
 	})
 
@@ -62,7 +62,7 @@ func TestRepoFile(t *testing.T) {
 `)
 		assert.NoError(t, err)
 		assert.Equal(t, `<p><a href="/user2/repo1/src/commit/1234/test" rel="nofollow">/test</a>
-<a href="/user2/repo1/media/commit/1234/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/commit/1234/image" alt="/image"/></a></p>
+<a href="/user2/repo1/src/commit/1234/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/commit/1234/image" alt="/image"/></a></p>
 `, rendered)
 	})
 
@@ -77,7 +77,7 @@ func TestRepoFile(t *testing.T) {
 <video src="LINK">
 `)
 		assert.NoError(t, err)
-		assert.Equal(t, `<a href="/user2/repo1/media/commit/1234/my-dir/LINK" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/commit/1234/my-dir/LINK"/></a>
+		assert.Equal(t, `<a href="/user2/repo1/src/commit/1234/my-dir/LINK" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/media/commit/1234/my-dir/LINK"/></a>
 <video src="/user2/repo1/media/commit/1234/my-dir/LINK">
 </video>`, rendered)
 	})
@@ -100,7 +100,7 @@ func TestRepoFileOrgMode(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Equal(t, `<p>
 <a href="https://google.com/" rel="nofollow">https://google.com/</a>
-<a href="/user2/repo1/media/commit/1234/my-dir/ImageLink.svg" rel="nofollow">The Image Desc</a></p>
+<a href="/user2/repo1/src/commit/1234/my-dir/ImageLink.svg" rel="nofollow">The Image Desc</a></p>
 `, rendered)
 	})
 
diff --git a/models/renderhelper/repo_wiki.go b/models/renderhelper/repo_wiki.go
index aa456bf6ce..b75f1b9701 100644
--- a/models/renderhelper/repo_wiki.go
+++ b/models/renderhelper/repo_wiki.go
@@ -30,18 +30,16 @@ func (r *RepoWiki) IsCommitIDExisting(commitID string) bool {
 	return r.commitChecker.IsCommitIDExisting(commitID)
 }
 
-func (r *RepoWiki) ResolveLink(link string, likeType markup.LinkType) string {
-	finalLink := link
-	switch likeType {
-	case markup.LinkTypeApp:
-		finalLink = r.ctx.ResolveLinkApp(link)
-	case markup.LinkTypeDefault:
-		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "wiki", r.opts.currentRefPath), r.opts.currentTreePath, link)
-	case markup.LinkTypeMedia:
+func (r *RepoWiki) ResolveLink(link, preferLinkType string) (finalLink string) {
+	linkType, link := markup.ParseRenderedLink(link, preferLinkType)
+	switch linkType {
+	case markup.LinkTypeRoot:
+		finalLink = r.ctx.ResolveLinkRoot(link)
+	case markup.LinkTypeMedia, markup.LinkTypeRaw:
 		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "wiki/raw", r.opts.currentRefPath), r.opts.currentTreePath, link)
-	case markup.LinkTypeRaw: // wiki doesn't use it
+	default:
+		finalLink = r.ctx.ResolveLinkRelative(path.Join(r.repoLink, "wiki", r.opts.currentRefPath), r.opts.currentTreePath, link)
 	}
-
 	return finalLink
 }
 
@@ -70,7 +68,6 @@ func NewRenderContextRepoWiki(ctx context.Context, repo *repo_model.Repository,
 			"user": helper.opts.DeprecatedOwnerName,
 			"repo": helper.opts.DeprecatedRepoName,
 
-			"markdownLineBreakStyle":       "document",
 			"markupAllowShortIssuePattern": "true",
 		})
 	}
diff --git a/models/renderhelper/repo_wiki_test.go b/models/renderhelper/repo_wiki_test.go
index b24508f1f2..4f6da541a5 100644
--- a/models/renderhelper/repo_wiki_test.go
+++ b/models/renderhelper/repo_wiki_test.go
@@ -45,8 +45,8 @@ func TestRepoWiki(t *testing.T) {
 		assert.Equal(t,
 			`<p><a href="/user2/repo1/wiki/test" rel="nofollow">/test</a>
 <a href="/user2/repo1/wiki/test" rel="nofollow">./test</a>
-<a href="/user2/repo1/wiki/raw/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/image" alt="/image"/></a>
-<a href="/user2/repo1/wiki/raw/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/image" alt="./image"/></a></p>
+<a href="/user2/repo1/wiki/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/image" alt="/image"/></a>
+<a href="/user2/repo1/wiki/image" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/image" alt="./image"/></a></p>
 `, rendered)
 	})
 
@@ -57,7 +57,7 @@ func TestRepoWiki(t *testing.T) {
 <video src="LINK">
 `)
 		assert.NoError(t, err)
-		assert.Equal(t, `<a href="/user2/repo1/wiki/raw/LINK" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/LINK"/></a>
+		assert.Equal(t, `<a href="/user2/repo1/wiki/LINK" target="_blank" rel="nofollow noopener"><img src="/user2/repo1/wiki/raw/LINK"/></a>
 <video src="/user2/repo1/wiki/raw/LINK">
 </video>`, rendered)
 	})
diff --git a/models/renderhelper/simple_document.go b/models/renderhelper/simple_document.go
index 91d888aa87..9b3dacaea3 100644
--- a/models/renderhelper/simple_document.go
+++ b/models/renderhelper/simple_document.go
@@ -15,8 +15,14 @@ type SimpleDocument struct {
 	baseLink string
 }
 
-func (r *SimpleDocument) ResolveLink(link string, likeType markup.LinkType) string {
-	return r.ctx.ResolveLinkRelative(r.baseLink, "", link)
+func (r *SimpleDocument) ResolveLink(link, preferLinkType string) string {
+	linkType, link := markup.ParseRenderedLink(link, preferLinkType)
+	switch linkType {
+	case markup.LinkTypeRoot:
+		return r.ctx.ResolveLinkRoot(link)
+	default:
+		return r.ctx.ResolveLinkRelative(r.baseLink, "", link)
+	}
 }
 
 var _ markup.RenderHelper = (*SimpleDocument)(nil)
diff --git a/models/renderhelper/simple_document_test.go b/models/renderhelper/simple_document_test.go
index 908e640f9c..890592860a 100644
--- a/models/renderhelper/simple_document_test.go
+++ b/models/renderhelper/simple_document_test.go
@@ -30,7 +30,7 @@ func TestSimpleDocument(t *testing.T) {
 	assert.Equal(t,
 		`<p>65f1bf27bc3bf70f64657658635e66094edbcb4d
 #1
-<a href="/base/user2" rel="nofollow">@user2</a></p>
+<a href="/user2" rel="nofollow">@user2</a></p>
 <p><a href="/base/test" rel="nofollow">/test</a>
 <a href="/base/test" rel="nofollow">./test</a>
 <a href="/base/image" target="_blank" rel="nofollow noopener"><img src="/base/image" alt="/image"/></a>
diff --git a/models/repo.go b/models/repo.go
index 9bc67079a9..522debb9fe 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -290,19 +290,14 @@ func UpdateRepoStats(ctx context.Context, id int64) error {
 }
 
 func updateUserStarNumbers(ctx context.Context, users []user_model.User) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	for _, user := range users {
-		if _, err = db.Exec(ctx, "UPDATE `user` SET num_stars=(SELECT COUNT(*) FROM `star` WHERE uid=?) WHERE id=?", user.ID, user.ID); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, user := range users {
+			if _, err := db.Exec(ctx, "UPDATE `user` SET num_stars=(SELECT COUNT(*) FROM `star` WHERE uid=?) WHERE id=?", user.ID, user.ID); err != nil {
+				return err
+			}
 		}
-	}
-
-	return committer.Commit()
+		return nil
+	})
 }
 
 // DoctorUserStarNum recalculate Stars number for all user
diff --git a/models/repo/attachment.go b/models/repo/attachment.go
index fa4f6c47e6..835bee5402 100644
--- a/models/repo/attachment.go
+++ b/models/repo/attachment.go
@@ -224,7 +224,7 @@ func DeleteAttachmentsByComment(ctx context.Context, commentID int64, remove boo
 // UpdateAttachmentByUUID Updates attachment via uuid
 func UpdateAttachmentByUUID(ctx context.Context, attach *Attachment, cols ...string) error {
 	if attach.UUID == "" {
-		return fmt.Errorf("attachment uuid should be not blank")
+		return errors.New("attachment uuid should be not blank")
 	}
 	_, err := db.GetEngine(ctx).Where("uuid=?", attach.UUID).Cols(cols...).Update(attach)
 	return err
diff --git a/models/repo/avatar.go b/models/repo/avatar.go
index ccfac12cad..eff64bd239 100644
--- a/models/repo/avatar.go
+++ b/models/repo/avatar.go
@@ -9,6 +9,7 @@ import (
 	"image/png"
 	"io"
 	"net/url"
+	"strconv"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/avatar"
@@ -37,7 +38,7 @@ func (repo *Repository) RelAvatarLink(ctx context.Context) string {
 
 // generateRandomAvatar generates a random avatar for repository.
 func generateRandomAvatar(ctx context.Context, repo *Repository) error {
-	idToString := fmt.Sprintf("%d", repo.ID)
+	idToString := strconv.FormatInt(repo.ID, 10)
 
 	seed := idToString
 	img, err := avatar.RandomImage([]byte(seed))
diff --git a/models/repo/collaboration_test.go b/models/repo/collaboration_test.go
index 639050f5fd..7b07dbffdf 100644
--- a/models/repo/collaboration_test.go
+++ b/models/repo/collaboration_test.go
@@ -25,8 +25,8 @@ func TestRepository_GetCollaborators(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, collaborators, int(expectedLen))
 		for _, collaborator := range collaborators {
-			assert.EqualValues(t, collaborator.User.ID, collaborator.Collaboration.UserID)
-			assert.EqualValues(t, repoID, collaborator.Collaboration.RepoID)
+			assert.Equal(t, collaborator.User.ID, collaborator.Collaboration.UserID)
+			assert.Equal(t, repoID, collaborator.Collaboration.RepoID)
 		}
 	}
 	test(1)
@@ -51,7 +51,7 @@ func TestRepository_GetCollaborators(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Len(t, collaborators2, 1)
 
-	assert.NotEqualValues(t, collaborators1[0].ID, collaborators2[0].ID)
+	assert.NotEqual(t, collaborators1[0].ID, collaborators2[0].ID)
 }
 
 func TestRepository_IsCollaborator(t *testing.T) {
@@ -76,10 +76,10 @@ func TestRepository_ChangeCollaborationAccessMode(t *testing.T) {
 	assert.NoError(t, repo_model.ChangeCollaborationAccessMode(db.DefaultContext, repo, 4, perm.AccessModeAdmin))
 
 	collaboration := unittest.AssertExistsAndLoadBean(t, &repo_model.Collaboration{RepoID: repo.ID, UserID: 4})
-	assert.EqualValues(t, perm.AccessModeAdmin, collaboration.Mode)
+	assert.Equal(t, perm.AccessModeAdmin, collaboration.Mode)
 
 	access := unittest.AssertExistsAndLoadBean(t, &access_model.Access{UserID: 4, RepoID: repo.ID})
-	assert.EqualValues(t, perm.AccessModeAdmin, access.Mode)
+	assert.Equal(t, perm.AccessModeAdmin, access.Mode)
 
 	assert.NoError(t, repo_model.ChangeCollaborationAccessMode(db.DefaultContext, repo, 4, perm.AccessModeAdmin))
 
diff --git a/models/repo/language_stats.go b/models/repo/language_stats.go
index 0bc0f1fb40..1cddd25f1d 100644
--- a/models/repo/language_stats.go
+++ b/models/repo/language_stats.go
@@ -141,102 +141,90 @@ func GetTopLanguageStats(ctx context.Context, repo *Repository, limit int) (Lang
 
 // UpdateLanguageStats updates the language statistics for repository
 func UpdateLanguageStats(ctx context.Context, repo *Repository, commitID string, stats map[string]int64) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		sess := db.GetEngine(ctx)
 
-	oldstats, err := GetLanguageStats(ctx, repo)
-	if err != nil {
-		return err
-	}
-	var topLang string
-	var s int64
-	for lang, size := range stats {
-		if size > s {
-			s = size
-			topLang = strings.ToLower(lang)
+		oldstats, err := GetLanguageStats(ctx, repo)
+		if err != nil {
+			return err
+		}
+		var topLang string
+		var s int64
+		for lang, size := range stats {
+			if size > s {
+				s = size
+				topLang = lang
+			}
 		}
-	}
 
-	for lang, size := range stats {
-		upd := false
-		llang := strings.ToLower(lang)
-		for _, s := range oldstats {
-			// Update already existing language
-			if strings.ToLower(s.Language) == llang {
-				s.CommitID = commitID
-				s.IsPrimary = llang == topLang
-				s.Size = size
-				if _, err := sess.ID(s.ID).Cols("`commit_id`", "`size`", "`is_primary`").Update(s); err != nil {
+		for lang, size := range stats {
+			upd := false
+			for _, s := range oldstats {
+				// Update already existing language
+				if strings.EqualFold(s.Language, lang) {
+					s.CommitID = commitID
+					s.IsPrimary = lang == topLang
+					s.Size = size
+					if _, err := sess.ID(s.ID).Cols("`commit_id`", "`size`", "`is_primary`").Update(s); err != nil {
+						return err
+					}
+					upd = true
+					break
+				}
+			}
+			// Insert new language
+			if !upd {
+				if err := db.Insert(ctx, &LanguageStat{
+					RepoID:    repo.ID,
+					CommitID:  commitID,
+					IsPrimary: lang == topLang,
+					Language:  lang,
+					Size:      size,
+				}); err != nil {
 					return err
 				}
-				upd = true
-				break
 			}
 		}
-		// Insert new language
-		if !upd {
-			if err := db.Insert(ctx, &LanguageStat{
-				RepoID:    repo.ID,
-				CommitID:  commitID,
-				IsPrimary: llang == topLang,
-				Language:  lang,
-				Size:      size,
-			}); err != nil {
-				return err
+		// Delete old languages
+		statsToDelete := make([]int64, 0, len(oldstats))
+		for _, s := range oldstats {
+			if s.CommitID != commitID {
+				statsToDelete = append(statsToDelete, s.ID)
 			}
 		}
-	}
-	// Delete old languages
-	statsToDelete := make([]int64, 0, len(oldstats))
-	for _, s := range oldstats {
-		if s.CommitID != commitID {
-			statsToDelete = append(statsToDelete, s.ID)
-		}
-	}
-	if len(statsToDelete) > 0 {
-		if _, err := sess.In("`id`", statsToDelete).Delete(&LanguageStat{}); err != nil {
-			return err
+		if len(statsToDelete) > 0 {
+			if _, err := sess.In("`id`", statsToDelete).Delete(&LanguageStat{}); err != nil {
+				return err
+			}
 		}
-	}
 
-	// Update indexer status
-	if err = UpdateIndexerStatus(ctx, repo, RepoIndexerTypeStats, commitID); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+		// Update indexer status
+		return UpdateIndexerStatus(ctx, repo, RepoIndexerTypeStats, commitID)
+	})
 }
 
 // CopyLanguageStat Copy originalRepo language stat information to destRepo (use for forked repo)
 func CopyLanguageStat(ctx context.Context, originalRepo, destRepo *Repository) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	RepoLang := make(LanguageStatList, 0, 6)
-	if err := db.GetEngine(ctx).Where("`repo_id` = ?", originalRepo.ID).Desc("`size`").Find(&RepoLang); err != nil {
-		return err
-	}
-	if len(RepoLang) > 0 {
-		for i := range RepoLang {
-			RepoLang[i].ID = 0
-			RepoLang[i].RepoID = destRepo.ID
-			RepoLang[i].CreatedUnix = timeutil.TimeStampNow()
-		}
-		// update destRepo's indexer status
-		tmpCommitID := RepoLang[0].CommitID
-		if err := UpdateIndexerStatus(ctx, destRepo, RepoIndexerTypeStats, tmpCommitID); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		RepoLang := make(LanguageStatList, 0, 6)
+		if err := db.GetEngine(ctx).Where("`repo_id` = ?", originalRepo.ID).Desc("`size`").Find(&RepoLang); err != nil {
 			return err
 		}
-		if err := db.Insert(ctx, &RepoLang); err != nil {
-			return err
+		if len(RepoLang) > 0 {
+			for i := range RepoLang {
+				RepoLang[i].ID = 0
+				RepoLang[i].RepoID = destRepo.ID
+				RepoLang[i].CreatedUnix = timeutil.TimeStampNow()
+			}
+			// update destRepo's indexer status
+			tmpCommitID := RepoLang[0].CommitID
+			if err := UpdateIndexerStatus(ctx, destRepo, RepoIndexerTypeStats, tmpCommitID); err != nil {
+				return err
+			}
+			if err := db.Insert(ctx, &RepoLang); err != nil {
+				return err
+			}
 		}
-	}
-	return committer.Commit()
+		return nil
+	})
 }
diff --git a/models/repo/org_repo.go b/models/repo/org_repo.go
index fa519d25b1..96f21ba2ac 100644
--- a/models/repo/org_repo.go
+++ b/models/repo/org_repo.go
@@ -48,8 +48,7 @@ func GetTeamRepositories(ctx context.Context, opts *SearchTeamRepoOptions) (Repo
 // accessible to a particular user
 type AccessibleReposEnvironment interface {
 	CountRepos(ctx context.Context) (int64, error)
-	RepoIDs(ctx context.Context, page, pageSize int) ([]int64, error)
-	Repos(ctx context.Context, page, pageSize int) (RepositoryList, error)
+	RepoIDs(ctx context.Context) ([]int64, error)
 	MirrorRepos(ctx context.Context) (RepositoryList, error)
 	AddKeyword(keyword string)
 	SetSort(db.SearchOrderBy)
@@ -132,40 +131,18 @@ func (env *accessibleReposEnv) CountRepos(ctx context.Context) (int64, error) {
 	return repoCount, nil
 }
 
-func (env *accessibleReposEnv) RepoIDs(ctx context.Context, page, pageSize int) ([]int64, error) {
-	if page <= 0 {
-		page = 1
-	}
-
-	repoIDs := make([]int64, 0, pageSize)
+func (env *accessibleReposEnv) RepoIDs(ctx context.Context) ([]int64, error) {
+	var repoIDs []int64
 	return repoIDs, db.GetEngine(ctx).
 		Table("repository").
 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").
 		Where(env.cond()).
-		GroupBy("`repository`.id,`repository`."+strings.Fields(string(env.orderBy))[0]).
+		GroupBy("`repository`.id,`repository`." + strings.Fields(string(env.orderBy))[0]).
 		OrderBy(string(env.orderBy)).
-		Limit(pageSize, (page-1)*pageSize).
 		Cols("`repository`.id").
 		Find(&repoIDs)
 }
 
-func (env *accessibleReposEnv) Repos(ctx context.Context, page, pageSize int) (RepositoryList, error) {
-	repoIDs, err := env.RepoIDs(ctx, page, pageSize)
-	if err != nil {
-		return nil, fmt.Errorf("GetUserRepositoryIDs: %w", err)
-	}
-
-	repos := make([]*Repository, 0, len(repoIDs))
-	if len(repoIDs) == 0 {
-		return repos, nil
-	}
-
-	return repos, db.GetEngine(ctx).
-		In("`repository`.id", repoIDs).
-		OrderBy(string(env.orderBy)).
-		Find(&repos)
-}
-
 func (env *accessibleReposEnv) MirrorRepoIDs(ctx context.Context) ([]int64, error) {
 	repoIDs := make([]int64, 0, 10)
 	return repoIDs, db.GetEngine(ctx).
diff --git a/models/repo/pushmirror_test.go b/models/repo/pushmirror_test.go
index e19749d93a..9fb7471147 100644
--- a/models/repo/pushmirror_test.go
+++ b/models/repo/pushmirror_test.go
@@ -39,8 +39,6 @@ func TestPushMirrorsIterate(t *testing.T) {
 		Interval:       0,
 	})
 
-	time.Sleep(1 * time.Millisecond)
-
 	repo_model.PushMirrorsIterate(db.DefaultContext, 1, func(idx int, bean any) error {
 		m, ok := bean.(*repo_model.PushMirror)
 		assert.True(t, ok)
diff --git a/models/repo/release.go b/models/repo/release.go
index 1c2e4a48e3..0db57503ce 100644
--- a/models/repo/release.go
+++ b/models/repo/release.go
@@ -161,6 +161,11 @@ func UpdateRelease(ctx context.Context, rel *Release) error {
 	return err
 }
 
+func UpdateReleaseNumCommits(ctx context.Context, rel *Release) error {
+	_, err := db.GetEngine(ctx).ID(rel.ID).Cols("num_commits").Update(rel)
+	return err
+}
+
 // AddReleaseAttachments adds a release attachments
 func AddReleaseAttachments(ctx context.Context, releaseID int64, attachmentUUIDs []string) (err error) {
 	// Check attachments
@@ -175,7 +180,7 @@ func AddReleaseAttachments(ctx context.Context, releaseID int64, attachmentUUIDs
 		}
 		attachments[i].ReleaseID = releaseID
 		// No assign value could be 0, so ignore AllCols().
-		if _, err = db.GetEngine(ctx).ID(attachments[i].ID).Update(attachments[i]); err != nil {
+		if _, err = db.GetEngine(ctx).ID(attachments[i].ID).Cols("release_id").Update(attachments[i]); err != nil {
 			return fmt.Errorf("update attachment [%d]: %w", attachments[i].ID, err)
 		}
 	}
@@ -418,8 +423,8 @@ func UpdateReleasesMigrationsByType(ctx context.Context, gitServiceType structs.
 	return err
 }
 
-// PushUpdateDeleteTagsContext updates a number of delete tags with context
-func PushUpdateDeleteTagsContext(ctx context.Context, repo *Repository, tags []string) error {
+// PushUpdateDeleteTags updates a number of delete tags with context
+func PushUpdateDeleteTags(ctx context.Context, repo *Repository, tags []string) error {
 	if len(tags) == 0 {
 		return nil
 	}
@@ -448,58 +453,6 @@ func PushUpdateDeleteTagsContext(ctx context.Context, repo *Repository, tags []s
 	return nil
 }
 
-// PushUpdateDeleteTag must be called for any push actions to delete tag
-func PushUpdateDeleteTag(ctx context.Context, repo *Repository, tagName string) error {
-	rel, err := GetRelease(ctx, repo.ID, tagName)
-	if err != nil {
-		if IsErrReleaseNotExist(err) {
-			return nil
-		}
-		return fmt.Errorf("GetRelease: %w", err)
-	}
-	if rel.IsTag {
-		if _, err = db.DeleteByID[Release](ctx, rel.ID); err != nil {
-			return fmt.Errorf("Delete: %w", err)
-		}
-	} else {
-		rel.IsDraft = true
-		rel.NumCommits = 0
-		rel.Sha1 = ""
-		if _, err = db.GetEngine(ctx).ID(rel.ID).AllCols().Update(rel); err != nil {
-			return fmt.Errorf("Update: %w", err)
-		}
-	}
-
-	return nil
-}
-
-// SaveOrUpdateTag must be called for any push actions to add tag
-func SaveOrUpdateTag(ctx context.Context, repo *Repository, newRel *Release) error {
-	rel, err := GetRelease(ctx, repo.ID, newRel.TagName)
-	if err != nil && !IsErrReleaseNotExist(err) {
-		return fmt.Errorf("GetRelease: %w", err)
-	}
-
-	if rel == nil {
-		rel = newRel
-		if _, err = db.GetEngine(ctx).Insert(rel); err != nil {
-			return fmt.Errorf("InsertOne: %w", err)
-		}
-	} else {
-		rel.Sha1 = newRel.Sha1
-		rel.CreatedUnix = newRel.CreatedUnix
-		rel.NumCommits = newRel.NumCommits
-		rel.IsDraft = false
-		if rel.IsTag && newRel.PublisherID > 0 {
-			rel.PublisherID = newRel.PublisherID
-		}
-		if _, err = db.GetEngine(ctx).ID(rel.ID).AllCols().Update(rel); err != nil {
-			return fmt.Errorf("Update: %w", err)
-		}
-	}
-	return nil
-}
-
 // RemapExternalUser ExternalUserRemappable interface
 func (r *Release) RemapExternalUser(externalName string, externalID, userID int64) error {
 	r.OriginalAuthor = externalName
@@ -519,30 +472,24 @@ func (r *Release) GetExternalID() int64 { return r.OriginalAuthorID }
 
 // InsertReleases migrates release
 func InsertReleases(ctx context.Context, rels ...*Release) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-
-	for _, rel := range rels {
-		if _, err := sess.NoAutoTime().Insert(rel); err != nil {
-			return err
-		}
-
-		if len(rel.Attachments) > 0 {
-			for i := range rel.Attachments {
-				rel.Attachments[i].ReleaseID = rel.ID
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		for _, rel := range rels {
+			if _, err := db.GetEngine(ctx).NoAutoTime().Insert(rel); err != nil {
+				return err
 			}
 
-			if _, err := sess.NoAutoTime().Insert(rel.Attachments); err != nil {
-				return err
+			if len(rel.Attachments) > 0 {
+				for i := range rel.Attachments {
+					rel.Attachments[i].ReleaseID = rel.ID
+				}
+
+				if _, err := db.GetEngine(ctx).NoAutoTime().Insert(rel.Attachments); err != nil {
+					return err
+				}
 			}
 		}
-	}
-
-	return committer.Commit()
+		return nil
+	})
 }
 
 func FindTagsByCommitIDs(ctx context.Context, repoID int64, commitIDs ...string) (map[string][]*Release, error) {
@@ -558,3 +505,8 @@ func FindTagsByCommitIDs(ctx context.Context, repoID int64, commitIDs ...string)
 	}
 	return res, nil
 }
+
+func DeleteRepoReleases(ctx context.Context, repoID int64) error {
+	_, err := db.GetEngine(ctx).Where("repo_id = ?", repoID).Delete(new(Release))
+	return err
+}
diff --git a/models/repo/repo.go b/models/repo/repo.go
index a8732f60bf..2403b3b40b 100644
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@@ -5,6 +5,7 @@ package repo
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"html/template"
 	"maps"
@@ -59,22 +60,22 @@ type ErrRepoIsArchived struct {
 }
 
 func (err ErrRepoIsArchived) Error() string {
-	return fmt.Sprintf("%s is archived", err.Repo.LogString())
+	return err.Repo.LogString() + " is archived"
 }
 
 type globalVarsStruct struct {
-	validRepoNamePattern   *regexp.Regexp
-	invalidRepoNamePattern *regexp.Regexp
-	reservedRepoNames      []string
-	reservedRepoPatterns   []string
+	validRepoNamePattern     *regexp.Regexp
+	invalidRepoNamePattern   *regexp.Regexp
+	reservedRepoNames        []string
+	reservedRepoNamePatterns []string
 }
 
 var globalVars = sync.OnceValue(func() *globalVarsStruct {
 	return &globalVarsStruct{
-		validRepoNamePattern:   regexp.MustCompile(`[-.\w]+`),
-		invalidRepoNamePattern: regexp.MustCompile(`[.]{2,}`),
-		reservedRepoNames:      []string{".", "..", "-"},
-		reservedRepoPatterns:   []string{"*.git", "*.wiki", "*.rss", "*.atom"},
+		validRepoNamePattern:     regexp.MustCompile(`^[-.\w]+$`),
+		invalidRepoNamePattern:   regexp.MustCompile(`[.]{2,}`),
+		reservedRepoNames:        []string{".", "..", "-"},
+		reservedRepoNamePatterns: []string{"*.wiki", "*.git", "*.rss", "*.atom"},
 	}
 })
 
@@ -85,7 +86,16 @@ func IsUsableRepoName(name string) error {
 		// Note: usually this error is normally caught up earlier in the UI
 		return db.ErrNameCharsNotAllowed{Name: name}
 	}
-	return db.IsUsableName(vars.reservedRepoNames, vars.reservedRepoPatterns, name)
+	return db.IsUsableName(vars.reservedRepoNames, vars.reservedRepoNamePatterns, name)
+}
+
+// IsValidSSHAccessRepoName is like IsUsableRepoName, but it allows "*.wiki" because wiki repo needs to be accessed in SSH code
+func IsValidSSHAccessRepoName(name string) bool {
+	vars := globalVars()
+	if !vars.validRepoNamePattern.MatchString(name) || vars.invalidRepoNamePattern.MatchString(name) {
+		return false
+	}
+	return db.IsUsableName(vars.reservedRepoNames, vars.reservedRepoNamePatterns[1:], name) == nil
 }
 
 // TrustModelType defines the types of trust model for this repository
@@ -425,32 +435,33 @@ func (repo *Repository) MustGetUnit(ctx context.Context, tp unit.Type) *RepoUnit
 		return ru
 	}
 
-	if tp == unit.TypeExternalWiki {
+	switch tp {
+	case unit.TypeExternalWiki:
 		return &RepoUnit{
 			Type:   tp,
 			Config: new(ExternalWikiConfig),
 		}
-	} else if tp == unit.TypeExternalTracker {
+	case unit.TypeExternalTracker:
 		return &RepoUnit{
 			Type:   tp,
 			Config: new(ExternalTrackerConfig),
 		}
-	} else if tp == unit.TypePullRequests {
+	case unit.TypePullRequests:
 		return &RepoUnit{
 			Type:   tp,
 			Config: new(PullRequestsConfig),
 		}
-	} else if tp == unit.TypeIssues {
+	case unit.TypeIssues:
 		return &RepoUnit{
 			Type:   tp,
 			Config: new(IssuesConfig),
 		}
-	} else if tp == unit.TypeActions {
+	case unit.TypeActions:
 		return &RepoUnit{
 			Type:   tp,
 			Config: new(ActionsConfig),
 		}
-	} else if tp == unit.TypeProjects {
+	case unit.TypeProjects:
 		cfg := new(ProjectsConfig)
 		cfg.ProjectsMode = ProjectsModeNone
 		return &RepoUnit{
@@ -510,15 +521,15 @@ func (repo *Repository) composeCommonMetas(ctx context.Context) map[string]strin
 			"repo": repo.Name,
 		}
 
-		unit, err := repo.GetUnit(ctx, unit.TypeExternalTracker)
+		unitExternalTracker, err := repo.GetUnit(ctx, unit.TypeExternalTracker)
 		if err == nil {
-			metas["format"] = unit.ExternalTrackerConfig().ExternalTrackerFormat
-			switch unit.ExternalTrackerConfig().ExternalTrackerStyle {
+			metas["format"] = unitExternalTracker.ExternalTrackerConfig().ExternalTrackerFormat
+			switch unitExternalTracker.ExternalTrackerConfig().ExternalTrackerStyle {
 			case markup.IssueNameStyleAlphanumeric:
 				metas["style"] = markup.IssueNameStyleAlphanumeric
 			case markup.IssueNameStyleRegexp:
 				metas["style"] = markup.IssueNameStyleRegexp
-				metas["regexp"] = unit.ExternalTrackerConfig().ExternalTrackerRegexpPattern
+				metas["regexp"] = unitExternalTracker.ExternalTrackerConfig().ExternalTrackerRegexpPattern
 			default:
 				metas["style"] = markup.IssueNameStyleNumeric
 			}
@@ -542,11 +553,11 @@ func (repo *Repository) composeCommonMetas(ctx context.Context) map[string]strin
 	return repo.commonRenderingMetas
 }
 
-// ComposeMetas composes a map of metas for properly rendering comments or comment-like contents (commit message)
-func (repo *Repository) ComposeMetas(ctx context.Context) map[string]string {
+// ComposeCommentMetas composes a map of metas for properly rendering comments or comment-like contents (commit message)
+func (repo *Repository) ComposeCommentMetas(ctx context.Context) map[string]string {
 	metas := maps.Clone(repo.composeCommonMetas(ctx))
-	metas["markdownLineBreakStyle"] = "comment"
-	metas["markupAllowShortIssuePattern"] = "true"
+	metas["markdownNewLineHardBreak"] = strconv.FormatBool(setting.Markdown.RenderOptionsComment.NewLineHardBreak)
+	metas["markupAllowShortIssuePattern"] = strconv.FormatBool(setting.Markdown.RenderOptionsComment.ShortIssuePattern)
 	return metas
 }
 
@@ -554,16 +565,17 @@ func (repo *Repository) ComposeMetas(ctx context.Context) map[string]string {
 func (repo *Repository) ComposeWikiMetas(ctx context.Context) map[string]string {
 	// does wiki need the "teams" and "org" from common metas?
 	metas := maps.Clone(repo.composeCommonMetas(ctx))
-	metas["markdownLineBreakStyle"] = "document"
-	metas["markupAllowShortIssuePattern"] = "true"
+	metas["markdownNewLineHardBreak"] = strconv.FormatBool(setting.Markdown.RenderOptionsWiki.NewLineHardBreak)
+	metas["markupAllowShortIssuePattern"] = strconv.FormatBool(setting.Markdown.RenderOptionsWiki.ShortIssuePattern)
 	return metas
 }
 
-// ComposeDocumentMetas composes a map of metas for properly rendering documents (repo files)
-func (repo *Repository) ComposeDocumentMetas(ctx context.Context) map[string]string {
+// ComposeRepoFileMetas composes a map of metas for properly rendering documents (repo files)
+func (repo *Repository) ComposeRepoFileMetas(ctx context.Context) map[string]string {
 	// does document(file) need the "teams" and "org" from common metas?
 	metas := maps.Clone(repo.composeCommonMetas(ctx))
-	metas["markdownLineBreakStyle"] = "document"
+	metas["markdownNewLineHardBreak"] = strconv.FormatBool(setting.Markdown.RenderOptionsRepoFile.NewLineHardBreak)
+	metas["markupAllowShortIssuePattern"] = strconv.FormatBool(setting.Markdown.RenderOptionsRepoFile.ShortIssuePattern)
 	return metas
 }
 
@@ -640,8 +652,14 @@ func (repo *Repository) AllowsPulls(ctx context.Context) bool {
 }
 
 // CanEnableEditor returns true if repository meets the requirements of web editor.
+// FIXME: most CanEnableEditor calls should be replaced with CanContentChange
+// And all other like CanCreateBranch / CanEnablePulls should also be updated
 func (repo *Repository) CanEnableEditor() bool {
-	return !repo.IsMirror
+	return repo.CanContentChange()
+}
+
+func (repo *Repository) CanContentChange() bool {
+	return !repo.IsMirror && !repo.IsArchived
 }
 
 // DescriptionHTML does special handles to description and return HTML string.
@@ -819,7 +837,7 @@ func GetRepositoryByName(ctx context.Context, ownerID int64, name string) (*Repo
 func GetRepositoryByURL(ctx context.Context, repoURL string) (*Repository, error) {
 	ret, err := giturl.ParseRepositoryURL(ctx, repoURL)
 	if err != nil || ret.OwnerName == "" {
-		return nil, fmt.Errorf("unknown or malformed repository URL")
+		return nil, errors.New("unknown or malformed repository URL")
 	}
 	return GetRepositoryByOwnerAndName(ctx, ret.OwnerName, ret.RepoName)
 }
diff --git a/models/repo/repo_list.go b/models/repo/repo_list.go
index 02c228e8a0..f2cdd2f284 100644
--- a/models/repo/repo_list.go
+++ b/models/repo/repo_list.go
@@ -359,7 +359,7 @@ func UserOrgPublicUnitRepoCond(userID, orgID int64) builder.Cond {
 }
 
 // SearchRepositoryCondition creates a query condition according search repository options
-func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond {
+func SearchRepositoryCondition(opts SearchRepoOptions) builder.Cond {
 	cond := builder.NewCond()
 
 	if opts.Private {
@@ -449,7 +449,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond {
 	if opts.Keyword != "" {
 		// separate keyword
 		subQueryCond := builder.NewCond()
-		for _, v := range strings.Split(opts.Keyword, ",") {
+		for v := range strings.SplitSeq(opts.Keyword, ",") {
 			if opts.TopicOnly {
 				subQueryCond = subQueryCond.Or(builder.Eq{"topic.name": strings.ToLower(v)})
 			} else {
@@ -464,7 +464,7 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond {
 		keywordCond := builder.In("id", subQuery)
 		if !opts.TopicOnly {
 			likes := builder.NewCond()
-			for _, v := range strings.Split(opts.Keyword, ",") {
+			for v := range strings.SplitSeq(opts.Keyword, ",") {
 				likes = likes.Or(builder.Like{"lower_name", strings.ToLower(v)})
 
 				// If the string looks like "org/repo", match against that pattern too
@@ -551,18 +551,18 @@ func SearchRepositoryCondition(opts *SearchRepoOptions) builder.Cond {
 
 // SearchRepository returns repositories based on search options,
 // it returns results in given range and number of total results.
-func SearchRepository(ctx context.Context, opts *SearchRepoOptions) (RepositoryList, int64, error) {
+func SearchRepository(ctx context.Context, opts SearchRepoOptions) (RepositoryList, int64, error) {
 	cond := SearchRepositoryCondition(opts)
 	return SearchRepositoryByCondition(ctx, opts, cond, true)
 }
 
 // CountRepository counts repositories based on search options,
-func CountRepository(ctx context.Context, opts *SearchRepoOptions) (int64, error) {
+func CountRepository(ctx context.Context, opts SearchRepoOptions) (int64, error) {
 	return db.GetEngine(ctx).Where(SearchRepositoryCondition(opts)).Count(new(Repository))
 }
 
 // SearchRepositoryByCondition search repositories by condition
-func SearchRepositoryByCondition(ctx context.Context, opts *SearchRepoOptions, cond builder.Cond, loadAttributes bool) (RepositoryList, int64, error) {
+func SearchRepositoryByCondition(ctx context.Context, opts SearchRepoOptions, cond builder.Cond, loadAttributes bool) (RepositoryList, int64, error) {
 	sess, count, err := searchRepositoryByCondition(ctx, opts, cond)
 	if err != nil {
 		return nil, 0, err
@@ -590,23 +590,25 @@ func SearchRepositoryByCondition(ctx context.Context, opts *SearchRepoOptions, c
 	return repos, count, nil
 }
 
-func searchRepositoryByCondition(ctx context.Context, opts *SearchRepoOptions, cond builder.Cond) (db.Engine, int64, error) {
-	if opts.Page <= 0 {
-		opts.Page = 1
+func searchRepositoryByCondition(ctx context.Context, opts SearchRepoOptions, cond builder.Cond) (db.Engine, int64, error) {
+	page := opts.Page
+	if page <= 0 {
+		page = 1
 	}
 
-	if len(opts.OrderBy) == 0 {
-		opts.OrderBy = db.SearchOrderByAlphabetically
+	orderBy := opts.OrderBy
+	if len(orderBy) == 0 {
+		orderBy = db.SearchOrderByAlphabetically
 	}
 
 	args := make([]any, 0)
 	if opts.PriorityOwnerID > 0 {
-		opts.OrderBy = db.SearchOrderBy(fmt.Sprintf("CASE WHEN owner_id = ? THEN 0 ELSE owner_id END, %s", opts.OrderBy))
+		orderBy = db.SearchOrderBy(fmt.Sprintf("CASE WHEN owner_id = ? THEN 0 ELSE owner_id END, %s", orderBy))
 		args = append(args, opts.PriorityOwnerID)
 	} else if strings.Count(opts.Keyword, "/") == 1 {
 		// With "owner/repo" search times, prioritise results which match the owner field
 		orgName := strings.Split(opts.Keyword, "/")[0]
-		opts.OrderBy = db.SearchOrderBy(fmt.Sprintf("CASE WHEN owner_name LIKE ? THEN 0 ELSE 1 END, %s", opts.OrderBy))
+		orderBy = db.SearchOrderBy(fmt.Sprintf("CASE WHEN owner_name LIKE ? THEN 0 ELSE 1 END, %s", orderBy))
 		args = append(args, orgName)
 	}
 
@@ -623,9 +625,9 @@ func searchRepositoryByCondition(ctx context.Context, opts *SearchRepoOptions, c
 		}
 	}
 
-	sess = sess.Where(cond).OrderBy(opts.OrderBy.String(), args...)
+	sess = sess.Where(cond).OrderBy(orderBy.String(), args...)
 	if opts.PageSize > 0 {
-		sess = sess.Limit(opts.PageSize, (opts.Page-1)*opts.PageSize)
+		sess = sess.Limit(opts.PageSize, (page-1)*opts.PageSize)
 	}
 	return sess, count, nil
 }
@@ -689,14 +691,14 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu
 
 // SearchRepositoryByName takes keyword and part of repository name to search,
 // it returns results in given range and number of total results.
-func SearchRepositoryByName(ctx context.Context, opts *SearchRepoOptions) (RepositoryList, int64, error) {
+func SearchRepositoryByName(ctx context.Context, opts SearchRepoOptions) (RepositoryList, int64, error) {
 	opts.IncludeDescription = false
 	return SearchRepository(ctx, opts)
 }
 
 // SearchRepositoryIDs takes keyword and part of repository name to search,
 // it returns results in given range and number of total results.
-func SearchRepositoryIDs(ctx context.Context, opts *SearchRepoOptions) ([]int64, int64, error) {
+func SearchRepositoryIDs(ctx context.Context, opts SearchRepoOptions) ([]int64, int64, error) {
 	opts.IncludeDescription = false
 
 	cond := SearchRepositoryCondition(opts)
@@ -740,7 +742,7 @@ func FindUserCodeAccessibleOwnerRepoIDs(ctx context.Context, ownerID int64, user
 }
 
 // GetUserRepositories returns a list of repositories of given user.
-func GetUserRepositories(ctx context.Context, opts *SearchRepoOptions) (RepositoryList, int64, error) {
+func GetUserRepositories(ctx context.Context, opts SearchRepoOptions) (RepositoryList, int64, error) {
 	if len(opts.OrderBy) == 0 {
 		opts.OrderBy = "updated_unix DESC"
 	}
@@ -767,5 +769,5 @@ func GetUserRepositories(ctx context.Context, opts *SearchRepoOptions) (Reposito
 
 	sess = sess.Where(cond).OrderBy(opts.OrderBy.String())
 	repos := make(RepositoryList, 0, opts.PageSize)
-	return repos, count, db.SetSessionPagination(sess, opts).Find(&repos)
+	return repos, count, db.SetSessionPagination(sess, &opts).Find(&repos)
 }
diff --git a/models/repo/repo_list_test.go b/models/repo/repo_list_test.go
index ca6007f6c7..7eb76416c2 100644
--- a/models/repo/repo_list_test.go
+++ b/models/repo/repo_list_test.go
@@ -17,162 +17,162 @@ import (
 
 func getTestCases() []struct {
 	name  string
-	opts  *repo_model.SearchRepoOptions
+	opts  repo_model.SearchRepoOptions
 	count int
 } {
 	testCases := []struct {
 		name  string
-		opts  *repo_model.SearchRepoOptions
+		opts  repo_model.SearchRepoOptions
 		count int
 	}{
 		{
 			name:  "PublicRepositoriesByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{PageSize: 10}, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{PageSize: 10}, Collaborate: optional.Some(false)},
 			count: 7,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesByNameWithPagesizeLimitFirstPage",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesByNameWithPagesizeLimitSecondPage",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 2, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 2, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesByNameWithPagesizeLimitThirdPage",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 3, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 3, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesByNameWithPagesizeLimitFourthPage",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 3, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 3, PageSize: 5}, Private: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "PublicRepositoriesOfUser",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Collaborate: optional.Some(false)},
 			count: 2,
 		},
 		{
 			name:  "PublicRepositoriesOfUser2",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Collaborate: optional.Some(false)},
 			count: 0,
 		},
 		{
 			name:  "PublicRepositoriesOfOrg3",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Collaborate: optional.Some(false)},
 			count: 2,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfUser",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, Collaborate: optional.Some(false)},
 			count: 4,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfUser2",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true, Collaborate: optional.Some(false)},
 			count: 0,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfOrg3",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Private: true, Collaborate: optional.Some(false)},
 			count: 4,
 		},
 		{
 			name:  "PublicRepositoriesOfUserIncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15},
 			count: 5,
 		},
 		{
 			name:  "PublicRepositoriesOfUser2IncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18},
 			count: 1,
 		},
 		{
 			name:  "PublicRepositoriesOfOrg3IncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20},
 			count: 3,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfUserIncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true},
 			count: 9,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfUser2IncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true},
 			count: 4,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfOrg3IncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Private: true},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 20, Private: true},
 			count: 7,
 		},
 		{
 			name:  "PublicRepositoriesOfOrganization",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, Collaborate: optional.Some(false)},
 			count: 1,
 		},
 		{
 			name:  "PublicAndPrivateRepositoriesOfOrganization",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, Private: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, Private: true, Collaborate: optional.Some(false)},
 			count: 2,
 		},
 		{
 			name:  "AllPublic/PublicRepositoriesByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{PageSize: 10}, AllPublic: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{PageSize: 10}, AllPublic: true, Collaborate: optional.Some(false)},
 			count: 7,
 		},
 		{
 			name:  "AllPublic/PublicAndPrivateRepositoriesByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, AllPublic: true, Collaborate: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{Keyword: "big_test_", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, AllPublic: true, Collaborate: optional.Some(false)},
 			count: 14,
 		},
 		{
 			name:  "AllPublic/PublicRepositoriesOfUserIncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, AllPublic: true, Template: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, AllPublic: true, Template: optional.Some(false)},
 			count: 34,
 		},
 		{
 			name:  "AllPublic/PublicAndPrivateRepositoriesOfUserIncludingCollaborative",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, AllPublic: true, AllLimited: true, Template: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, AllPublic: true, AllLimited: true, Template: optional.Some(false)},
 			count: 39,
 		},
 		{
 			name:  "AllPublic/PublicAndPrivateRepositoriesOfUserIncludingCollaborativeByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "test", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, AllPublic: true},
+			opts:  repo_model.SearchRepoOptions{Keyword: "test", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 15, Private: true, AllPublic: true},
 			count: 15,
 		},
 		{
 			name:  "AllPublic/PublicAndPrivateRepositoriesOfUser2IncludingCollaborativeByName",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "test", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true, AllPublic: true},
+			opts:  repo_model.SearchRepoOptions{Keyword: "test", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 18, Private: true, AllPublic: true},
 			count: 13,
 		},
 		{
 			name:  "AllPublic/PublicRepositoriesOfOrganization",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, AllPublic: true, Collaborate: optional.Some(false), Template: optional.Some(false)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, OwnerID: 17, AllPublic: true, Collaborate: optional.Some(false), Template: optional.Some(false)},
 			count: 34,
 		},
 		{
 			name:  "AllTemplates",
-			opts:  &repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Template: optional.Some(true)},
+			opts:  repo_model.SearchRepoOptions{ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Template: optional.Some(true)},
 			count: 2,
 		},
 		{
 			name:  "OwnerSlashRepoSearch",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "user/repo2", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, OwnerID: 0},
+			opts:  repo_model.SearchRepoOptions{Keyword: "user/repo2", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, OwnerID: 0},
 			count: 2,
 		},
 		{
 			name:  "OwnerSlashSearch",
-			opts:  &repo_model.SearchRepoOptions{Keyword: "user20/", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, OwnerID: 0},
+			opts:  repo_model.SearchRepoOptions{Keyword: "user20/", ListOptions: db.ListOptions{Page: 1, PageSize: 10}, Private: true, OwnerID: 0},
 			count: 4,
 		},
 	}
@@ -184,7 +184,7 @@ func TestSearchRepository(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
 	// test search public repository on explore page
-	repos, count, err := repo_model.SearchRepositoryByName(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err := repo_model.SearchRepositoryByName(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -199,7 +199,7 @@ func TestSearchRepository(t *testing.T) {
 	}
 	assert.Equal(t, int64(1), count)
 
-	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -213,7 +213,7 @@ func TestSearchRepository(t *testing.T) {
 	assert.Len(t, repos, 2)
 
 	// test search private repository on explore page
-	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -229,7 +229,7 @@ func TestSearchRepository(t *testing.T) {
 	}
 	assert.Equal(t, int64(1), count)
 
-	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -244,14 +244,14 @@ func TestSearchRepository(t *testing.T) {
 	assert.Len(t, repos, 3)
 
 	// Test non existing owner
-	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, &repo_model.SearchRepoOptions{OwnerID: unittest.NonexistentID})
+	repos, count, err = repo_model.SearchRepositoryByName(db.DefaultContext, repo_model.SearchRepoOptions{OwnerID: unittest.NonexistentID})
 
 	assert.NoError(t, err)
 	assert.Empty(t, repos)
 	assert.Equal(t, int64(0), count)
 
 	// Test search within description
-	repos, count, err = repo_model.SearchRepository(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepository(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -268,7 +268,7 @@ func TestSearchRepository(t *testing.T) {
 	assert.Equal(t, int64(1), count)
 
 	// Test NOT search within description
-	repos, count, err = repo_model.SearchRepository(db.DefaultContext, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepository(db.DefaultContext, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     1,
 			PageSize: 10,
@@ -374,22 +374,22 @@ func TestSearchRepositoryByTopicName(t *testing.T) {
 
 	testCases := []struct {
 		name  string
-		opts  *repo_model.SearchRepoOptions
+		opts  repo_model.SearchRepoOptions
 		count int
 	}{
 		{
 			name:  "AllPublic/SearchPublicRepositoriesFromTopicAndName",
-			opts:  &repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql"},
+			opts:  repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql"},
 			count: 2,
 		},
 		{
 			name:  "AllPublic/OnlySearchPublicRepositoriesFromTopic",
-			opts:  &repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql", TopicOnly: true},
+			opts:  repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql", TopicOnly: true},
 			count: 1,
 		},
 		{
 			name:  "AllPublic/OnlySearchMultipleKeywordPublicRepositoriesFromTopic",
-			opts:  &repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql,golang", TopicOnly: true},
+			opts:  repo_model.SearchRepoOptions{OwnerID: 21, AllPublic: true, Keyword: "graphql,golang", TopicOnly: true},
 			count: 2,
 		},
 	}
diff --git a/models/repo/repo_test.go b/models/repo/repo_test.go
index dffbd18261..66abe864fc 100644
--- a/models/repo/repo_test.go
+++ b/models/repo/repo_test.go
@@ -86,7 +86,7 @@ func TestMetas(t *testing.T) {
 
 	repo.Units = nil
 
-	metas := repo.ComposeMetas(db.DefaultContext)
+	metas := repo.ComposeCommentMetas(db.DefaultContext)
 	assert.Equal(t, "testRepo", metas["repo"])
 	assert.Equal(t, "testOwner", metas["user"])
 
@@ -100,7 +100,7 @@ func TestMetas(t *testing.T) {
 	testSuccess := func(expectedStyle string) {
 		repo.Units = []*RepoUnit{&externalTracker}
 		repo.commonRenderingMetas = nil
-		metas := repo.ComposeMetas(db.DefaultContext)
+		metas := repo.ComposeCommentMetas(db.DefaultContext)
 		assert.Equal(t, expectedStyle, metas["style"])
 		assert.Equal(t, "testRepo", metas["repo"])
 		assert.Equal(t, "testOwner", metas["user"])
@@ -121,7 +121,7 @@ func TestMetas(t *testing.T) {
 	repo, err := GetRepositoryByID(db.DefaultContext, 3)
 	assert.NoError(t, err)
 
-	metas = repo.ComposeMetas(db.DefaultContext)
+	metas = repo.ComposeCommentMetas(db.DefaultContext)
 	assert.Contains(t, metas, "org")
 	assert.Contains(t, metas, "teams")
 	assert.Equal(t, "org3", metas["org"])
@@ -216,8 +216,23 @@ func TestIsUsableRepoName(t *testing.T) {
 
 	assert.Error(t, IsUsableRepoName("-"))
 	assert.Error(t, IsUsableRepoName("🌞"))
+	assert.Error(t, IsUsableRepoName("the/repo"))
 	assert.Error(t, IsUsableRepoName("the..repo"))
 	assert.Error(t, IsUsableRepoName("foo.wiki"))
 	assert.Error(t, IsUsableRepoName("foo.git"))
 	assert.Error(t, IsUsableRepoName("foo.RSS"))
 }
+
+func TestIsValidSSHAccessRepoName(t *testing.T) {
+	assert.True(t, IsValidSSHAccessRepoName("a"))
+	assert.True(t, IsValidSSHAccessRepoName("-1_."))
+	assert.True(t, IsValidSSHAccessRepoName(".profile"))
+	assert.True(t, IsValidSSHAccessRepoName("foo.wiki"))
+
+	assert.False(t, IsValidSSHAccessRepoName("-"))
+	assert.False(t, IsValidSSHAccessRepoName("🌞"))
+	assert.False(t, IsValidSSHAccessRepoName("the/repo"))
+	assert.False(t, IsValidSSHAccessRepoName("the..repo"))
+	assert.False(t, IsValidSSHAccessRepoName("foo.git"))
+	assert.False(t, IsValidSSHAccessRepoName("foo.RSS"))
+}
diff --git a/models/repo/repo_unit.go b/models/repo/repo_unit.go
index cb52c2c9e2..a5207bc22a 100644
--- a/models/repo/repo_unit.go
+++ b/models/repo/repo_unit.go
@@ -5,7 +5,6 @@ package repo
 
 import (
 	"context"
-	"fmt"
 	"slices"
 	"strings"
 
@@ -33,7 +32,7 @@ func IsErrUnitTypeNotExist(err error) bool {
 }
 
 func (err ErrUnitTypeNotExist) Error() string {
-	return fmt.Sprintf("Unit type does not exist: %s", err.UT.LogString())
+	return "Unit type does not exist: " + err.UT.LogString()
 }
 
 func (err ErrUnitTypeNotExist) Unwrap() error {
@@ -42,12 +41,13 @@ func (err ErrUnitTypeNotExist) Unwrap() error {
 
 // RepoUnit describes all units of a repository
 type RepoUnit struct { //revive:disable-line:exported
-	ID                 int64
-	RepoID             int64              `xorm:"INDEX(s)"`
-	Type               unit.Type          `xorm:"INDEX(s)"`
-	Config             convert.Conversion `xorm:"TEXT"`
-	CreatedUnix        timeutil.TimeStamp `xorm:"INDEX CREATED"`
-	EveryoneAccessMode perm.AccessMode    `xorm:"NOT NULL DEFAULT 0"`
+	ID                  int64
+	RepoID              int64              `xorm:"INDEX(s)"`
+	Type                unit.Type          `xorm:"INDEX(s)"`
+	Config              convert.Conversion `xorm:"TEXT"`
+	CreatedUnix         timeutil.TimeStamp `xorm:"INDEX CREATED"`
+	AnonymousAccessMode perm.AccessMode    `xorm:"NOT NULL DEFAULT 0"`
+	EveryoneAccessMode  perm.AccessMode    `xorm:"NOT NULL DEFAULT 0"`
 }
 
 func init() {
@@ -185,10 +185,8 @@ func (cfg *ActionsConfig) IsWorkflowDisabled(file string) bool {
 }
 
 func (cfg *ActionsConfig) DisableWorkflow(file string) {
-	for _, workflow := range cfg.DisabledWorkflows {
-		if file == workflow {
-			return
-		}
+	if slices.Contains(cfg.DisabledWorkflows, file) {
+		return
 	}
 
 	cfg.DisabledWorkflows = append(cfg.DisabledWorkflows, file)
@@ -341,3 +339,9 @@ func UpdateRepoUnit(ctx context.Context, unit *RepoUnit) error {
 	_, err := db.GetEngine(ctx).ID(unit.ID).Update(unit)
 	return err
 }
+
+func UpdateRepoUnitPublicAccess(ctx context.Context, unit *RepoUnit) error {
+	_, err := db.GetEngine(ctx).Where("repo_id=? AND `type`=?", unit.RepoID, unit.Type).
+		Cols("anonymous_access_mode", "everyone_access_mode").Update(unit)
+	return err
+}
diff --git a/models/repo/repo_unit_test.go b/models/repo/repo_unit_test.go
index a760594013..56dda5672d 100644
--- a/models/repo/repo_unit_test.go
+++ b/models/repo/repo_unit_test.go
@@ -12,19 +12,19 @@ import (
 func TestActionsConfig(t *testing.T) {
 	cfg := &ActionsConfig{}
 	cfg.DisableWorkflow("test1.yaml")
-	assert.EqualValues(t, []string{"test1.yaml"}, cfg.DisabledWorkflows)
+	assert.Equal(t, []string{"test1.yaml"}, cfg.DisabledWorkflows)
 
 	cfg.DisableWorkflow("test1.yaml")
-	assert.EqualValues(t, []string{"test1.yaml"}, cfg.DisabledWorkflows)
+	assert.Equal(t, []string{"test1.yaml"}, cfg.DisabledWorkflows)
 
 	cfg.EnableWorkflow("test1.yaml")
-	assert.EqualValues(t, []string{}, cfg.DisabledWorkflows)
+	assert.Equal(t, []string{}, cfg.DisabledWorkflows)
 
 	cfg.EnableWorkflow("test1.yaml")
-	assert.EqualValues(t, []string{}, cfg.DisabledWorkflows)
+	assert.Equal(t, []string{}, cfg.DisabledWorkflows)
 
 	cfg.DisableWorkflow("test1.yaml")
 	cfg.DisableWorkflow("test2.yaml")
 	cfg.DisableWorkflow("test3.yaml")
-	assert.EqualValues(t, "test1.yaml,test2.yaml,test3.yaml", cfg.ToString())
+	assert.Equal(t, "test1.yaml,test2.yaml,test3.yaml", cfg.ToString())
 }
diff --git a/models/repo/star.go b/models/repo/star.go
index 4c66855525..bc865f8373 100644
--- a/models/repo/star.go
+++ b/models/repo/star.go
@@ -25,48 +25,45 @@ func init() {
 
 // StarRepo or unstar repository.
 func StarRepo(ctx context.Context, doer *user_model.User, repo *Repository, star bool) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	staring := IsStaring(ctx, doer.ID, repo.ID)
-
-	if star {
-		if user_model.IsUserBlockedBy(ctx, doer, repo.OwnerID) {
-			return user_model.ErrBlockedUser
-		}
-
-		if staring {
-			return nil
-		}
-
-		if err := db.Insert(ctx, &Star{UID: doer.ID, RepoID: repo.ID}); err != nil {
-			return err
-		}
-		if _, err := db.Exec(ctx, "UPDATE `repository` SET num_stars = num_stars + 1 WHERE id = ?", repo.ID); err != nil {
-			return err
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		staring := IsStaring(ctx, doer.ID, repo.ID)
+
+		if star {
+			if user_model.IsUserBlockedBy(ctx, doer, repo.OwnerID) {
+				return user_model.ErrBlockedUser
+			}
+
+			if staring {
+				return nil
+			}
+
+			if err := db.Insert(ctx, &Star{UID: doer.ID, RepoID: repo.ID}); err != nil {
+				return err
+			}
+			if _, err := db.Exec(ctx, "UPDATE `repository` SET num_stars = num_stars + 1 WHERE id = ?", repo.ID); err != nil {
+				return err
+			}
+			if _, err := db.Exec(ctx, "UPDATE `user` SET num_stars = num_stars + 1 WHERE id = ?", doer.ID); err != nil {
+				return err
+			}
+		} else {
+			if !staring {
+				return nil
+			}
+
+			if _, err := db.DeleteByBean(ctx, &Star{UID: doer.ID, RepoID: repo.ID}); err != nil {
+				return err
+			}
+			if _, err := db.Exec(ctx, "UPDATE `repository` SET num_stars = num_stars - 1 WHERE id = ?", repo.ID); err != nil {
+				return err
+			}
+			if _, err := db.Exec(ctx, "UPDATE `user` SET num_stars = num_stars - 1 WHERE id = ?", doer.ID); err != nil {
+				return err
+			}
 		}
-		if _, err := db.Exec(ctx, "UPDATE `user` SET num_stars = num_stars + 1 WHERE id = ?", doer.ID); err != nil {
-			return err
-		}
-	} else {
-		if !staring {
-			return nil
-		}
-
-		if _, err := db.DeleteByBean(ctx, &Star{UID: doer.ID, RepoID: repo.ID}); err != nil {
-			return err
-		}
-		if _, err := db.Exec(ctx, "UPDATE `repository` SET num_stars = num_stars - 1 WHERE id = ?", repo.ID); err != nil {
-			return err
-		}
-		if _, err := db.Exec(ctx, "UPDATE `user` SET num_stars = num_stars - 1 WHERE id = ?", doer.ID); err != nil {
-			return err
-		}
-	}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 // IsStaring checks if user has starred given repository.
diff --git a/models/repo/topic.go b/models/repo/topic.go
index 430a60f603..baeae01efa 100644
--- a/models/repo/topic.go
+++ b/models/repo/topic.go
@@ -227,32 +227,26 @@ func GetRepoTopicByName(ctx context.Context, repoID int64, topicName string) (*T
 
 // AddTopic adds a topic name to a repository (if it does not already have it)
 func AddTopic(ctx context.Context, repoID int64, topicName string) (*Topic, error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
-
-	topic, err := GetRepoTopicByName(ctx, repoID, topicName)
-	if err != nil {
-		return nil, err
-	}
-	if topic != nil {
-		// Repo already have topic
-		return topic, nil
-	}
-
-	topic, err = addTopicByNameToRepo(ctx, repoID, topicName)
-	if err != nil {
-		return nil, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (*Topic, error) {
+		topic, err := GetRepoTopicByName(ctx, repoID, topicName)
+		if err != nil {
+			return nil, err
+		}
+		if topic != nil {
+			// Repo already have topic
+			return topic, nil
+		}
 
-	if err = syncTopicsInRepository(sess, repoID); err != nil {
-		return nil, err
-	}
+		topic, err = addTopicByNameToRepo(ctx, repoID, topicName)
+		if err != nil {
+			return nil, err
+		}
 
-	return topic, committer.Commit()
+		if err = syncTopicsInRepository(ctx, repoID); err != nil {
+			return nil, err
+		}
+		return topic, nil
+	})
 }
 
 // DeleteTopic removes a topic name from a repository (if it has it)
@@ -266,14 +260,15 @@ func DeleteTopic(ctx context.Context, repoID int64, topicName string) (*Topic, e
 		return nil, nil
 	}
 
-	err = removeTopicFromRepo(ctx, repoID, topic)
-	if err != nil {
-		return nil, err
-	}
-
-	err = syncTopicsInRepository(db.GetEngine(ctx), repoID)
-
-	return topic, err
+	return db.WithTx2(ctx, func(ctx context.Context) (*Topic, error) {
+		if err = removeTopicFromRepo(ctx, repoID, topic); err != nil {
+			return nil, err
+		}
+		if err = syncTopicsInRepository(ctx, repoID); err != nil {
+			return nil, err
+		}
+		return topic, nil
+	})
 }
 
 // SaveTopics save topics to a repository
@@ -285,64 +280,55 @@ func SaveTopics(ctx context.Context, repoID int64, topicNames ...string) error {
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		var addedTopicNames []string
+		for _, topicName := range topicNames {
+			if strings.TrimSpace(topicName) == "" {
+				continue
+			}
 
-	var addedTopicNames []string
-	for _, topicName := range topicNames {
-		if strings.TrimSpace(topicName) == "" {
-			continue
+			var found bool
+			for _, t := range topics {
+				if strings.EqualFold(topicName, t.Name) {
+					found = true
+					break
+				}
+			}
+			if !found {
+				addedTopicNames = append(addedTopicNames, topicName)
+			}
 		}
 
-		var found bool
+		var removeTopics []*Topic
 		for _, t := range topics {
-			if strings.EqualFold(topicName, t.Name) {
-				found = true
-				break
+			var found bool
+			for _, topicName := range topicNames {
+				if strings.EqualFold(topicName, t.Name) {
+					found = true
+					break
+				}
 			}
-		}
-		if !found {
-			addedTopicNames = append(addedTopicNames, topicName)
-		}
-	}
-
-	var removeTopics []*Topic
-	for _, t := range topics {
-		var found bool
-		for _, topicName := range topicNames {
-			if strings.EqualFold(topicName, t.Name) {
-				found = true
-				break
+			if !found {
+				removeTopics = append(removeTopics, t)
 			}
 		}
-		if !found {
-			removeTopics = append(removeTopics, t)
-		}
-	}
 
-	for _, topicName := range addedTopicNames {
-		_, err := addTopicByNameToRepo(ctx, repoID, topicName)
-		if err != nil {
-			return err
+		for _, topicName := range addedTopicNames {
+			_, err := addTopicByNameToRepo(ctx, repoID, topicName)
+			if err != nil {
+				return err
+			}
 		}
-	}
 
-	for _, topic := range removeTopics {
-		err := removeTopicFromRepo(ctx, repoID, topic)
-		if err != nil {
-			return err
+		for _, topic := range removeTopics {
+			err := removeTopicFromRepo(ctx, repoID, topic)
+			if err != nil {
+				return err
+			}
 		}
-	}
 
-	if err := syncTopicsInRepository(sess, repoID); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+		return syncTopicsInRepository(ctx, repoID)
+	})
 }
 
 // GenerateTopics generates topics from a template repository
@@ -353,19 +339,19 @@ func GenerateTopics(ctx context.Context, templateRepo, generateRepo *Repository)
 		}
 	}
 
-	return syncTopicsInRepository(db.GetEngine(ctx), generateRepo.ID)
+	return syncTopicsInRepository(ctx, generateRepo.ID)
 }
 
 // syncTopicsInRepository makes sure topics in the topics table are copied into the topics field of the repository
-func syncTopicsInRepository(sess db.Engine, repoID int64) error {
+func syncTopicsInRepository(ctx context.Context, repoID int64) error {
 	topicNames := make([]string, 0, 25)
-	if err := sess.Table("topic").Cols("name").
+	if err := db.GetEngine(ctx).Table("topic").Cols("name").
 		Join("INNER", "repo_topic", "repo_topic.topic_id = topic.id").
 		Where("repo_topic.repo_id = ?", repoID).Asc("topic.name").Find(&topicNames); err != nil {
 		return err
 	}
 
-	if _, err := sess.ID(repoID).Cols("topics").Update(&Repository{
+	if _, err := db.GetEngine(ctx).ID(repoID).Cols("topics").Update(&Repository{
 		Topics: topicNames,
 	}); err != nil {
 		return err
diff --git a/models/repo/topic_test.go b/models/repo/topic_test.go
index 1600896b6e..b6a7aed7b1 100644
--- a/models/repo/topic_test.go
+++ b/models/repo/topic_test.go
@@ -53,7 +53,7 @@ func TestAddTopic(t *testing.T) {
 	totalNrOfTopics++
 	topic, err := repo_model.GetTopicByName(db.DefaultContext, "gitea")
 	assert.NoError(t, err)
-	assert.EqualValues(t, 1, topic.RepoCount)
+	assert.Equal(t, 1, topic.RepoCount)
 
 	topics, err = db.Find[repo_model.Topic](db.DefaultContext, &repo_model.FindTopicOptions{})
 	assert.NoError(t, err)
diff --git a/models/repo/transfer.go b/models/repo/transfer.go
index b669145d68..3fb8cb69ab 100644
--- a/models/repo/transfer.go
+++ b/models/repo/transfer.go
@@ -61,7 +61,7 @@ func (err ErrRepoTransferInProgress) Unwrap() error {
 }
 
 // RepoTransfer is used to manage repository transfers
-type RepoTransfer struct { //nolint
+type RepoTransfer struct { //nolint:revive // export stutter
 	ID          int64 `xorm:"pk autoincr"`
 	DoerID      int64
 	Doer        *user_model.User `xorm:"-"`
@@ -249,7 +249,7 @@ func CreatePendingRepositoryTransfer(ctx context.Context, doer, newOwner *user_m
 		}
 
 		repo.Status = RepositoryPendingTransfer
-		if err := UpdateRepositoryCols(ctx, repo, "status"); err != nil {
+		if err := UpdateRepositoryColsNoAutoTime(ctx, repo, "status"); err != nil {
 			return err
 		}
 
diff --git a/models/repo/update.go b/models/repo/update.go
index fce357a1ac..3228ae11a4 100644
--- a/models/repo/update.go
+++ b/models/repo/update.go
@@ -19,19 +19,14 @@ func UpdateRepositoryOwnerNames(ctx context.Context, ownerID int64, ownerName st
 	if ownerID == 0 {
 		return nil
 	}
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
 
-	if _, err := db.GetEngine(ctx).Where("owner_id = ?", ownerID).Cols("owner_name").Update(&Repository{
+	if _, err := db.GetEngine(ctx).Where("owner_id = ?", ownerID).Cols("owner_name").NoAutoTime().Update(&Repository{
 		OwnerName: ownerName,
 	}); err != nil {
 		return err
 	}
 
-	return committer.Commit()
+	return nil
 }
 
 // UpdateRepositoryUpdatedTime updates a repository's updated time
@@ -40,15 +35,15 @@ func UpdateRepositoryUpdatedTime(ctx context.Context, repoID int64, updateTime t
 	return err
 }
 
-// UpdateRepositoryCols updates repository's columns
-func UpdateRepositoryCols(ctx context.Context, repo *Repository, cols ...string) error {
-	_, err := db.GetEngine(ctx).ID(repo.ID).Cols(cols...).Update(repo)
+// UpdateRepositoryColsWithAutoTime updates repository's columns and the timestamp fields automatically
+func UpdateRepositoryColsWithAutoTime(ctx context.Context, repo *Repository, colName string, moreColNames ...string) error {
+	_, err := db.GetEngine(ctx).ID(repo.ID).Cols(append([]string{colName}, moreColNames...)...).Update(repo)
 	return err
 }
 
-// UpdateRepositoryColsNoAutoTime updates repository's columns and but applies time change automatically
-func UpdateRepositoryColsNoAutoTime(ctx context.Context, repo *Repository, cols ...string) error {
-	_, err := db.GetEngine(ctx).ID(repo.ID).Cols(cols...).NoAutoTime().Update(repo)
+// UpdateRepositoryColsNoAutoTime updates repository's columns, doesn't change timestamp field automatically
+func UpdateRepositoryColsNoAutoTime(ctx context.Context, repo *Repository, colName string, moreColNames ...string) error {
+	_, err := db.GetEngine(ctx).ID(repo.ID).Cols(append([]string{colName}, moreColNames...)...).NoAutoTime().Update(repo)
 	return err
 }
 
@@ -111,31 +106,31 @@ func (err ErrRepoFilesAlreadyExist) Unwrap() error {
 	return util.ErrAlreadyExist
 }
 
-// CheckCreateRepository check if could created a repository
-func CheckCreateRepository(ctx context.Context, doer, u *user_model.User, name string, overwriteOrAdopt bool) error {
-	if !doer.CanCreateRepo() {
-		return ErrReachLimitOfRepo{u.MaxRepoCreation}
+// CheckCreateRepository check if doer could create a repository in new owner
+func CheckCreateRepository(ctx context.Context, doer, owner *user_model.User, name string, overwriteOrAdopt bool) error {
+	if !doer.CanCreateRepoIn(owner) {
+		return ErrReachLimitOfRepo{owner.MaxRepoCreation}
 	}
 
 	if err := IsUsableRepoName(name); err != nil {
 		return err
 	}
 
-	has, err := IsRepositoryModelOrDirExist(ctx, u, name)
+	has, err := IsRepositoryModelOrDirExist(ctx, owner, name)
 	if err != nil {
 		return fmt.Errorf("IsRepositoryExist: %w", err)
 	} else if has {
-		return ErrRepoAlreadyExist{u.Name, name}
+		return ErrRepoAlreadyExist{owner.Name, name}
 	}
 
-	repoPath := RepoPath(u.Name, name)
+	repoPath := RepoPath(owner.Name, name)
 	isExist, err := util.IsExist(repoPath)
 	if err != nil {
 		log.Error("Unable to check if %s exists. Error: %v", repoPath, err)
 		return err
 	}
 	if !overwriteOrAdopt && isExist {
-		return ErrRepoFilesAlreadyExist{u.Name, name}
+		return ErrRepoFilesAlreadyExist{owner.Name, name}
 	}
 	return nil
 }
diff --git a/models/repo/upload.go b/models/repo/upload.go
index 18834f6b83..f7d4749842 100644
--- a/models/repo/upload.go
+++ b/models/repo/upload.go
@@ -10,7 +10,7 @@ import (
 	"io"
 	"mime/multipart"
 	"os"
-	"path"
+	"path/filepath"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/log"
@@ -51,14 +51,10 @@ func init() {
 	db.RegisterModel(new(Upload))
 }
 
-// UploadLocalPath returns where uploads is stored in local file system based on given UUID.
-func UploadLocalPath(uuid string) string {
-	return path.Join(setting.Repository.Upload.TempPath, uuid[0:1], uuid[1:2], uuid)
-}
-
-// LocalPath returns where uploads are temporarily stored in local file system.
+// LocalPath returns where uploads are temporarily stored in local file system based on given UUID.
 func (upload *Upload) LocalPath() string {
-	return UploadLocalPath(upload.UUID)
+	uuid := upload.UUID
+	return setting.AppDataTempDir("repo-uploads").JoinPath(uuid[0:1], uuid[1:2], uuid)
 }
 
 // NewUpload creates a new upload object.
@@ -69,7 +65,7 @@ func NewUpload(ctx context.Context, name string, buf []byte, file multipart.File
 	}
 
 	localPath := upload.LocalPath()
-	if err = os.MkdirAll(path.Dir(localPath), os.ModePerm); err != nil {
+	if err = os.MkdirAll(filepath.Dir(localPath), os.ModePerm); err != nil {
 		return nil, fmt.Errorf("MkdirAll: %w", err)
 	}
 
@@ -121,24 +117,14 @@ func DeleteUploads(ctx context.Context, uploads ...*Upload) (err error) {
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
 	ids := make([]int64, len(uploads))
-	for i := 0; i < len(uploads); i++ {
+	for i := range uploads {
 		ids[i] = uploads[i].ID
 	}
 	if err = db.DeleteByIDs[Upload](ctx, ids...); err != nil {
 		return fmt.Errorf("delete uploads: %w", err)
 	}
 
-	if err = committer.Commit(); err != nil {
-		return err
-	}
-
 	for _, upload := range uploads {
 		localPath := upload.LocalPath()
 		isFile, err := util.IsFile(localPath)
diff --git a/models/repo/watch_test.go b/models/repo/watch_test.go
index c39ef607e8..7ed72386c9 100644
--- a/models/repo/watch_test.go
+++ b/models/repo/watch_test.go
@@ -36,7 +36,7 @@ func TestGetWatchers(t *testing.T) {
 	// One watchers are inactive, thus minus 1
 	assert.Len(t, watches, repo.NumWatches-1)
 	for _, watch := range watches {
-		assert.EqualValues(t, repo.ID, watch.RepoID)
+		assert.Equal(t, repo.ID, watch.RepoID)
 	}
 
 	watches, err = repo_model.GetWatchers(db.DefaultContext, unittest.NonexistentID)
diff --git a/models/repo/wiki.go b/models/repo/wiki.go
index 4239a815b2..832e15ae0d 100644
--- a/models/repo/wiki.go
+++ b/models/repo/wiki.go
@@ -46,7 +46,7 @@ func IsErrWikiReservedName(err error) bool {
 }
 
 func (err ErrWikiReservedName) Error() string {
-	return fmt.Sprintf("wiki title is reserved: %s", err.Title)
+	return "wiki title is reserved: " + err.Title
 }
 
 func (err ErrWikiReservedName) Unwrap() error {
@@ -65,7 +65,7 @@ func IsErrWikiInvalidFileName(err error) bool {
 }
 
 func (err ErrWikiInvalidFileName) Error() string {
-	return fmt.Sprintf("Invalid wiki filename: %s", err.FileName)
+	return "Invalid wiki filename: " + err.FileName
 }
 
 func (err ErrWikiInvalidFileName) Unwrap() error {
diff --git a/models/repo_test.go b/models/repo_test.go
index bcf62237f0..b6c53fd197 100644
--- a/models/repo_test.go
+++ b/models/repo_test.go
@@ -29,10 +29,10 @@ func Test_repoStatsCorrectIssueNumComments(t *testing.T) {
 
 	issue2 := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 2})
 	assert.NotNil(t, issue2)
-	assert.EqualValues(t, 0, issue2.NumComments) // the fixture data is wrong, but we don't fix it here
+	assert.Equal(t, 0, issue2.NumComments) // the fixture data is wrong, but we don't fix it here
 
 	assert.NoError(t, repoStatsCorrectIssueNumComments(db.DefaultContext, 2))
 	// reload the issue
 	issue2 = unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 2})
-	assert.EqualValues(t, 1, issue2.NumComments)
+	assert.Equal(t, 1, issue2.NumComments)
 }
diff --git a/models/system/notice.go b/models/system/notice.go
index e7ec6a9693..91bf4be0f6 100644
--- a/models/system/notice.go
+++ b/models/system/notice.go
@@ -29,7 +29,7 @@ const (
 type Notice struct {
 	ID          int64 `xorm:"pk autoincr"`
 	Type        NoticeType
-	Description string             `xorm:"TEXT"`
+	Description string             `xorm:"LONGTEXT"`
 	CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
 }
 
diff --git a/models/system/setting_test.go b/models/system/setting_test.go
index 8f04412fb4..7e7e0c8fca 100644
--- a/models/system/setting_test.go
+++ b/models/system/setting_test.go
@@ -21,24 +21,24 @@ func TestSettings(t *testing.T) {
 
 	rev, settings, err := system.GetAllSettings(db.DefaultContext)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 1, rev)
+	assert.Equal(t, 1, rev)
 	assert.Len(t, settings, 1) // there is only one "revision" key
 
 	err = system.SetSettings(db.DefaultContext, map[string]string{keyName: "true"})
 	assert.NoError(t, err)
 	rev, settings, err = system.GetAllSettings(db.DefaultContext)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 2, rev)
+	assert.Equal(t, 2, rev)
 	assert.Len(t, settings, 2)
-	assert.EqualValues(t, "true", settings[keyName])
+	assert.Equal(t, "true", settings[keyName])
 
 	err = system.SetSettings(db.DefaultContext, map[string]string{keyName: "false"})
 	assert.NoError(t, err)
 	rev, settings, err = system.GetAllSettings(db.DefaultContext)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 3, rev)
+	assert.Equal(t, 3, rev)
 	assert.Len(t, settings, 2)
-	assert.EqualValues(t, "false", settings[keyName])
+	assert.Equal(t, "false", settings[keyName])
 
 	// setting the same value should not trigger DuplicateKey error, and the "version" should be increased
 	err = system.SetSettings(db.DefaultContext, map[string]string{keyName: "false"})
@@ -47,5 +47,5 @@ func TestSettings(t *testing.T) {
 	rev, settings, err = system.GetAllSettings(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.Len(t, settings, 2)
-	assert.EqualValues(t, 4, rev)
+	assert.Equal(t, 4, rev)
 }
diff --git a/models/unit/unit.go b/models/unit/unit.go
index c816fc6c68..c0560678ca 100644
--- a/models/unit/unit.go
+++ b/models/unit/unit.go
@@ -6,6 +6,7 @@ package unit
 import (
 	"errors"
 	"fmt"
+	"slices"
 	"strings"
 	"sync/atomic"
 
@@ -20,17 +21,21 @@ type Type int
 
 // Enumerate all the unit types
 const (
-	TypeInvalid         Type = iota // 0 invalid
-	TypeCode                        // 1 code
-	TypeIssues                      // 2 issues
-	TypePullRequests                // 3 PRs
-	TypeReleases                    // 4 Releases
-	TypeWiki                        // 5 Wiki
-	TypeExternalWiki                // 6 ExternalWiki
-	TypeExternalTracker             // 7 ExternalTracker
-	TypeProjects                    // 8 Projects
-	TypePackages                    // 9 Packages
-	TypeActions                     // 10 Actions
+	TypeInvalid Type = iota // 0 invalid
+
+	TypeCode            // 1 code
+	TypeIssues          // 2 issues
+	TypePullRequests    // 3 PRs
+	TypeReleases        // 4 Releases
+	TypeWiki            // 5 Wiki
+	TypeExternalWiki    // 6 ExternalWiki
+	TypeExternalTracker // 7 ExternalTracker
+	TypeProjects        // 8 Projects
+	TypePackages        // 9 Packages
+	TypeActions         // 10 Actions
+
+	// FIXME: TEAM-UNIT-PERMISSION: the team unit "admin" permission's design is not right, when a new unit is added in the future,
+	// admin team won't inherit the correct admin permission for the new unit, need to have a complete fix before adding any new unit.
 )
 
 // Value returns integer value for unit type (used by template)
@@ -200,22 +205,12 @@ func LoadUnitConfig() error {
 
 // UnitGlobalDisabled checks if unit type is global disabled
 func (u Type) UnitGlobalDisabled() bool {
-	for _, ud := range DisabledRepoUnitsGet() {
-		if u == ud {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(DisabledRepoUnitsGet(), u)
 }
 
 // CanBeDefault checks if the unit type can be a default repo unit
 func (u *Type) CanBeDefault() bool {
-	for _, nadU := range NotAllowedDefaultRepoUnits {
-		if *u == nadU {
-			return false
-		}
-	}
-	return true
+	return !slices.Contains(NotAllowedDefaultRepoUnits, *u)
 }
 
 // Unit is a section of one repository
@@ -380,20 +375,3 @@ func AllUnitKeyNames() []string {
 	}
 	return res
 }
-
-// MinUnitAccessMode returns the minial permission of the permission map
-func MinUnitAccessMode(unitsMap map[Type]perm.AccessMode) perm.AccessMode {
-	res := perm.AccessModeNone
-	for t, mode := range unitsMap {
-		// Don't allow `TypeExternal{Tracker,Wiki}` to influence this as they can only be set to READ perms.
-		if t == TypeExternalTracker || t == TypeExternalWiki {
-			continue
-		}
-
-		// get the minial permission great than AccessModeNone except all are AccessModeNone
-		if mode > perm.AccessModeNone && (res == perm.AccessModeNone || mode < res) {
-			res = mode
-		}
-	}
-	return res
-}
diff --git a/models/unittest/consistency.go b/models/unittest/consistency.go
index 71839001be..364afb5c52 100644
--- a/models/unittest/consistency.go
+++ b/models/unittest/consistency.go
@@ -11,6 +11,7 @@ import (
 	"code.gitea.io/gitea/models/db"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"xorm.io/builder"
 )
 
@@ -24,7 +25,7 @@ const (
 var consistencyCheckMap = make(map[string]func(t assert.TestingT, bean any))
 
 // CheckConsistencyFor test that all matching database entries are consistent
-func CheckConsistencyFor(t assert.TestingT, beansToCheck ...any) {
+func CheckConsistencyFor(t require.TestingT, beansToCheck ...any) {
 	for _, bean := range beansToCheck {
 		sliceType := reflect.SliceOf(reflect.TypeOf(bean))
 		sliceValue := reflect.MakeSlice(sliceType, 0, 10)
@@ -42,13 +43,11 @@ func CheckConsistencyFor(t assert.TestingT, beansToCheck ...any) {
 	}
 }
 
-func checkForConsistency(t assert.TestingT, bean any) {
+func checkForConsistency(t require.TestingT, bean any) {
 	tb, err := db.TableInfo(bean)
 	assert.NoError(t, err)
 	f := consistencyCheckMap[tb.Name]
-	if f == nil {
-		assert.FailNow(t, "unknown bean type: %#v", bean)
-	}
+	require.NotNil(t, f, "unknown bean type: %#v", bean)
 	f(t, bean)
 }
 
@@ -71,8 +70,8 @@ func init() {
 		AssertCountByCond(t, "follow", builder.Eq{"user_id": user.int("ID")}, user.int("NumFollowing"))
 		AssertCountByCond(t, "follow", builder.Eq{"follow_id": user.int("ID")}, user.int("NumFollowers"))
 		if user.int("Type") != modelsUserTypeOrganization {
-			assert.EqualValues(t, 0, user.int("NumMembers"), "Unexpected number of members for user id: %d", user.int("ID"))
-			assert.EqualValues(t, 0, user.int("NumTeams"), "Unexpected number of teams for user id: %d", user.int("ID"))
+			assert.Equal(t, 0, user.int("NumMembers"), "Unexpected number of members for user id: %d", user.int("ID"))
+			assert.Equal(t, 0, user.int("NumTeams"), "Unexpected number of teams for user id: %d", user.int("ID"))
 		}
 	}
 
@@ -119,7 +118,7 @@ func init() {
 		assert.EqualValues(t, issue.int("NumComments"), actual, "Unexpected number of comments for issue id: %d", issue.int("ID"))
 		if issue.bool("IsPull") {
 			prRow := AssertExistsAndLoadMap(t, "pull_request", builder.Eq{"issue_id": issue.int("ID")})
-			assert.EqualValues(t, parseInt(prRow["index"]), issue.int("Index"), "Unexpected index for issue id: %d", issue.int("ID"))
+			assert.Equal(t, parseInt(prRow["index"]), issue.int("Index"), "Unexpected index for issue id: %d", issue.int("ID"))
 		}
 	}
 
@@ -127,7 +126,7 @@ func init() {
 		pr := reflectionWrap(bean)
 		issueRow := AssertExistsAndLoadMap(t, "issue", builder.Eq{"id": pr.int("IssueID")})
 		assert.True(t, parseBool(issueRow["is_pull"]))
-		assert.EqualValues(t, parseInt(issueRow["index"]), pr.int("Index"), "Unexpected index for pull request id: %d", pr.int("ID"))
+		assert.Equal(t, parseInt(issueRow["index"]), pr.int("Index"), "Unexpected index for pull request id: %d", pr.int("ID"))
 	}
 
 	checkForMilestoneConsistency := func(t assert.TestingT, bean any) {
diff --git a/models/unittest/fixtures_loader.go b/models/unittest/fixtures_loader.go
index 674f5cbe54..0560da8349 100644
--- a/models/unittest/fixtures_loader.go
+++ b/models/unittest/fixtures_loader.go
@@ -120,7 +120,7 @@ func (f *fixturesLoaderInternal) loadFixtures(tx *sql.Tx, fixture *FixtureItem)
 		}
 	}
 
-	_, err = tx.Exec(fmt.Sprintf("DELETE FROM %s", fixture.tableNameQuoted)) // sqlite3 doesn't support truncate
+	_, err = tx.Exec("DELETE FROM " + fixture.tableNameQuoted) // sqlite3 doesn't support truncate
 	if err != nil {
 		return err
 	}
diff --git a/models/unittest/fscopy.go b/models/unittest/fscopy.go
index b7ba6b7ef5..98b01815bd 100644
--- a/models/unittest/fscopy.go
+++ b/models/unittest/fscopy.go
@@ -28,7 +28,7 @@ func SyncFile(srcPath, destPath string) error {
 	}
 
 	if src.Size() == dest.Size() &&
-		src.ModTime() == dest.ModTime() &&
+		src.ModTime().Equal(dest.ModTime()) &&
 		src.Mode() == dest.Mode() {
 		return nil
 	}
diff --git a/models/unittest/testdb.go b/models/unittest/testdb.go
index 7a9ca9698d..cb60cf5f85 100644
--- a/models/unittest/testdb.go
+++ b/models/unittest/testdb.go
@@ -20,6 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/setting/config"
 	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/tempdir"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/util"
 
@@ -35,8 +36,8 @@ func fatalTestError(fmtStr string, args ...any) {
 	os.Exit(1)
 }
 
-// InitSettings initializes config provider and load common settings for tests
-func InitSettings() {
+// InitSettingsForTesting initializes config provider and load common settings for tests
+func InitSettingsForTesting() {
 	setting.IsInTesting = true
 	log.OsExiter = func(code int) {
 		if code != 0 {
@@ -75,7 +76,7 @@ func MainTest(m *testing.M, testOptsArg ...*TestOptions) {
 	testOpts := util.OptionalArg(testOptsArg, &TestOptions{})
 	giteaRoot = test.SetupGiteaRoot()
 	setting.CustomPath = filepath.Join(giteaRoot, "custom")
-	InitSettings()
+	InitSettingsForTesting()
 
 	fixturesOpts := FixturesOptions{Dir: filepath.Join(giteaRoot, "models", "fixtures"), Files: testOpts.FixtureFiles}
 	if err := CreateTestEngine(fixturesOpts); err != nil {
@@ -92,15 +93,19 @@ func MainTest(m *testing.M, testOptsArg ...*TestOptions) {
 	setting.SSH.Domain = "try.gitea.io"
 	setting.Database.Type = "sqlite3"
 	setting.Repository.DefaultBranch = "master" // many test code still assume that default branch is called "master"
-	repoRootPath, err := os.MkdirTemp(os.TempDir(), "repos")
+	repoRootPath, cleanup1, err := tempdir.OsTempDir("gitea-test").MkdirTempRandom("repos")
 	if err != nil {
 		fatalTestError("TempDir: %v\n", err)
 	}
+	defer cleanup1()
+
 	setting.RepoRootPath = repoRootPath
-	appDataPath, err := os.MkdirTemp(os.TempDir(), "appdata")
+	appDataPath, cleanup2, err := tempdir.OsTempDir("gitea-test").MkdirTempRandom("appdata")
 	if err != nil {
 		fatalTestError("TempDir: %v\n", err)
 	}
+	defer cleanup2()
+
 	setting.AppDataPath = appDataPath
 	setting.AppWorkPath = giteaRoot
 	setting.StaticRootPath = giteaRoot
@@ -153,13 +158,6 @@ func MainTest(m *testing.M, testOptsArg ...*TestOptions) {
 			fatalTestError("tear down failed: %v\n", err)
 		}
 	}
-
-	if err = util.RemoveAll(repoRootPath); err != nil {
-		fatalTestError("util.RemoveAll: %v\n", err)
-	}
-	if err = util.RemoveAll(appDataPath); err != nil {
-		fatalTestError("util.RemoveAll: %v\n", err)
-	}
 	os.Exit(exitStatus)
 }
 
diff --git a/models/unittest/unit_tests.go b/models/unittest/unit_tests.go
index 1c5595aef8..4a4cec40ae 100644
--- a/models/unittest/unit_tests.go
+++ b/models/unittest/unit_tests.go
@@ -153,9 +153,9 @@ func DumpQueryResult(t require.TestingT, sqlOrBean any, sqlArgs ...any) {
 	goDB := x.DB().DB
 	sql, ok := sqlOrBean.(string)
 	if !ok {
-		sql = fmt.Sprintf("SELECT * FROM %s", db.TableName(sqlOrBean))
+		sql = "SELECT * FROM " + db.TableName(sqlOrBean)
 	} else if !strings.Contains(sql, " ") {
-		sql = fmt.Sprintf("SELECT * FROM %s", sql)
+		sql = "SELECT * FROM " + sql
 	}
 	rows, err := goDB.Query(sql, sqlArgs...)
 	require.NoError(t, err)
diff --git a/models/user/avatar.go b/models/user/avatar.go
index 2a41b99129..542bd93b98 100644
--- a/models/user/avatar.go
+++ b/models/user/avatar.go
@@ -5,7 +5,6 @@ package user
 
 import (
 	"context"
-	"crypto/md5"
 	"fmt"
 	"image/png"
 	"io"
@@ -61,7 +60,9 @@ func GenerateRandomAvatar(ctx context.Context, u *User) error {
 
 // AvatarLinkWithSize returns a link to the user's avatar with size. size <= 0 means default size
 func (u *User) AvatarLinkWithSize(ctx context.Context, size int) string {
-	if u.IsGhost() || u.IsGiteaActions() {
+	// ghost user was deleted, Gitea actions is a bot user, 0 means the user should be a virtual user
+	// which comes from git configure information
+	if u.IsGhost() || u.IsGiteaActions() || u.ID <= 0 {
 		return avatars.DefaultAvatarLink()
 	}
 
@@ -104,7 +105,7 @@ func (u *User) IsUploadAvatarChanged(data []byte) bool {
 	if !u.UseCustomAvatar || len(u.Avatar) == 0 {
 		return true
 	}
-	avatarID := fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("%d-%x", u.ID, md5.Sum(data)))))
+	avatarID := avatar.HashAvatar(u.ID, data)
 	return u.Avatar != avatarID
 }
 
diff --git a/models/user/badge.go b/models/user/badge.go
index 3ff3530a36..e475ceb748 100644
--- a/models/user/badge.go
+++ b/models/user/badge.go
@@ -19,7 +19,7 @@ type Badge struct {
 }
 
 // UserBadge represents a user badge
-type UserBadge struct { //nolint:revive
+type UserBadge struct { //nolint:revive // export stutter
 	ID      int64 `xorm:"pk autoincr"`
 	BadgeID int64
 	UserID  int64 `xorm:"INDEX"`
diff --git a/models/user/email_address.go b/models/user/email_address.go
index 2ba6a56450..cb423945f8 100644
--- a/models/user/email_address.go
+++ b/models/user/email_address.go
@@ -256,15 +256,9 @@ func IsEmailUsed(ctx context.Context, email string) (bool, error) {
 
 // ActivateEmail activates the email address to given user.
 func ActivateEmail(ctx context.Context, email *EmailAddress) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	if err := updateActivation(ctx, email, true); err != nil {
-		return err
-	}
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return updateActivation(ctx, email, true)
+	})
 }
 
 func updateActivation(ctx context.Context, email *EmailAddress, activate bool) error {
@@ -305,33 +299,30 @@ func makeEmailPrimaryInternal(ctx context.Context, emailID int64, isActive bool)
 		return ErrUserNotExist{UID: email.UID}
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	sess := db.GetEngine(ctx)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		sess := db.GetEngine(ctx)
 
-	// 1. Update user table
-	user.Email = email.Email
-	if _, err = sess.ID(user.ID).Cols("email").Update(user); err != nil {
-		return err
-	}
+		// 1. Update user table
+		user.Email = email.Email
+		if _, err := sess.ID(user.ID).Cols("email").Update(user); err != nil {
+			return err
+		}
 
-	// 2. Update old primary email
-	if _, err = sess.Where("uid=? AND is_primary=?", email.UID, true).Cols("is_primary").Update(&EmailAddress{
-		IsPrimary: false,
-	}); err != nil {
-		return err
-	}
+		// 2. Update old primary email
+		if _, err := sess.Where("uid=? AND is_primary=?", email.UID, true).Cols("is_primary").Update(&EmailAddress{
+			IsPrimary: false,
+		}); err != nil {
+			return err
+		}
 
-	// 3. update new primary email
-	email.IsPrimary = true
-	if _, err = sess.ID(email.ID).Cols("is_primary").Update(email); err != nil {
-		return err
-	}
+		// 3. update new primary email
+		email.IsPrimary = true
+		if _, err := sess.ID(email.ID).Cols("is_primary").Update(email); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 // ChangeInactivePrimaryEmail replaces the inactive primary email of a given user
diff --git a/models/user/email_address_test.go b/models/user/email_address_test.go
index d72d873de2..c0666246b0 100644
--- a/models/user/email_address_test.go
+++ b/models/user/email_address_test.go
@@ -4,6 +4,7 @@
 package user_test
 
 import (
+	"slices"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
@@ -100,12 +101,7 @@ func TestListEmails(t *testing.T) {
 	assert.Greater(t, count, int64(5))
 
 	contains := func(match func(s *user_model.SearchEmailResult) bool) bool {
-		for _, v := range emails {
-			if match(v) {
-				return true
-			}
-		}
-		return false
+		return slices.ContainsFunc(emails, match)
 	}
 
 	assert.True(t, contains(func(s *user_model.SearchEmailResult) bool { return s.UID == 18 }))
@@ -205,7 +201,7 @@ func TestEmailAddressValidate(t *testing.T) {
 	}
 	for kase, err := range kases {
 		t.Run(kase, func(t *testing.T) {
-			assert.EqualValues(t, err, user_model.ValidateEmail(kase))
+			assert.Equal(t, err, user_model.ValidateEmail(kase))
 		})
 	}
 }
diff --git a/models/user/follow.go b/models/user/follow.go
index cf9672109a..e098caab5b 100644
--- a/models/user/follow.go
+++ b/models/user/follow.go
@@ -38,24 +38,20 @@ func FollowUser(ctx context.Context, user, follow *User) (err error) {
 		return ErrBlockedUser
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = db.Insert(ctx, &Follow{UserID: user.ID, FollowID: follow.ID}); err != nil {
-		return err
-	}
-
-	if _, err = db.Exec(ctx, "UPDATE `user` SET num_followers = num_followers + 1 WHERE id = ?", follow.ID); err != nil {
-		return err
-	}
-
-	if _, err = db.Exec(ctx, "UPDATE `user` SET num_following = num_following + 1 WHERE id = ?", user.ID); err != nil {
-		return err
-	}
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = db.Insert(ctx, &Follow{UserID: user.ID, FollowID: follow.ID}); err != nil {
+			return err
+		}
+
+		if _, err = db.Exec(ctx, "UPDATE `user` SET num_followers = num_followers + 1 WHERE id = ?", follow.ID); err != nil {
+			return err
+		}
+
+		if _, err = db.Exec(ctx, "UPDATE `user` SET num_following = num_following + 1 WHERE id = ?", user.ID); err != nil {
+			return err
+		}
+		return nil
+	})
 }
 
 // UnfollowUser unmarks someone as another's follower.
@@ -64,22 +60,18 @@ func UnfollowUser(ctx context.Context, userID, followID int64) (err error) {
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if _, err = db.DeleteByBean(ctx, &Follow{UserID: userID, FollowID: followID}); err != nil {
+			return err
+		}
 
-	if _, err = db.DeleteByBean(ctx, &Follow{UserID: userID, FollowID: followID}); err != nil {
-		return err
-	}
+		if _, err = db.Exec(ctx, "UPDATE `user` SET num_followers = num_followers - 1 WHERE id = ?", followID); err != nil {
+			return err
+		}
 
-	if _, err = db.Exec(ctx, "UPDATE `user` SET num_followers = num_followers - 1 WHERE id = ?", followID); err != nil {
-		return err
-	}
-
-	if _, err = db.Exec(ctx, "UPDATE `user` SET num_following = num_following - 1 WHERE id = ?", userID); err != nil {
-		return err
-	}
-	return committer.Commit()
+		if _, err = db.Exec(ctx, "UPDATE `user` SET num_following = num_following - 1 WHERE id = ?", userID); err != nil {
+			return err
+		}
+		return nil
+	})
 }
diff --git a/models/user/search.go b/models/user/search.go
index 85915f4020..cfd0d011bc 100644
--- a/models/user/search.go
+++ b/models/user/search.go
@@ -45,13 +45,14 @@ func (opts *SearchUserOptions) toSearchQueryBase(ctx context.Context) *xorm.Sess
 	var cond builder.Cond
 	cond = builder.Eq{"type": opts.Type}
 	if opts.IncludeReserved {
-		if opts.Type == UserTypeIndividual {
+		switch opts.Type {
+		case UserTypeIndividual:
 			cond = cond.Or(builder.Eq{"type": UserTypeUserReserved}).Or(
 				builder.Eq{"type": UserTypeBot},
 			).Or(
 				builder.Eq{"type": UserTypeRemoteUser},
 			)
-		} else if opts.Type == UserTypeOrganization {
+		case UserTypeOrganization:
 			cond = cond.Or(builder.Eq{"type": UserTypeOrganizationReserved})
 		}
 	}
@@ -136,7 +137,7 @@ func (opts *SearchUserOptions) toSearchQueryBase(ctx context.Context) *xorm.Sess
 
 // SearchUsers takes options i.e. keyword and part of user name to search,
 // it returns results in given range and number of total results.
-func SearchUsers(ctx context.Context, opts *SearchUserOptions) (users []*User, _ int64, _ error) {
+func SearchUsers(ctx context.Context, opts SearchUserOptions) (users []*User, _ int64, _ error) {
 	sessCount := opts.toSearchQueryBase(ctx)
 	defer sessCount.Close()
 	count, err := sessCount.Count(new(User))
@@ -151,7 +152,7 @@ func SearchUsers(ctx context.Context, opts *SearchUserOptions) (users []*User, _
 	sessQuery := opts.toSearchQueryBase(ctx).OrderBy(opts.OrderBy.String())
 	defer sessQuery.Close()
 	if opts.Page > 0 {
-		sessQuery = db.SetSessionPagination(sessQuery, opts)
+		sessQuery = db.SetSessionPagination(sessQuery, &opts)
 	}
 
 	// the sql may contain JOIN, so we must only select User related columns
diff --git a/models/user/setting.go b/models/user/setting.go
index b4af0e5ccd..c65afae76c 100644
--- a/models/user/setting.go
+++ b/models/user/setting.go
@@ -5,6 +5,7 @@ package user
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -114,10 +115,10 @@ func GetUserAllSettings(ctx context.Context, uid int64) (map[string]*Setting, er
 
 func validateUserSettingKey(key string) error {
 	if len(key) == 0 {
-		return fmt.Errorf("setting key must be set")
+		return errors.New("setting key must be set")
 	}
 	if strings.ToLower(key) != key {
-		return fmt.Errorf("setting key should be lowercase")
+		return errors.New("setting key should be lowercase")
 	}
 	return nil
 }
diff --git a/models/user/setting_keys.go b/models/user/setting_options.go
index 2c2ed078be..7be5039329 100644
--- a/models/user/setting_keys.go
+++ b/models/user/setting_options.go
@@ -21,4 +21,9 @@ const (
 	SignupUserAgent = "signup.user_agent"
 
 	SettingsKeyCodeViewShowFileTree = "code_view.show_file_tree"
+
+	SettingsKeyEmailNotificationGiteaActions        = "email_notification.gitea_actions"
+	SettingEmailNotificationGiteaActionsAll         = "all"
+	SettingEmailNotificationGiteaActionsFailureOnly = "failure-only" // Default for actions email preference
+	SettingEmailNotificationGiteaActionsDisabled    = "disabled"
 )
diff --git a/models/user/setting_test.go b/models/user/setting_test.go
index c607d9fd00..3c199013f3 100644
--- a/models/user/setting_test.go
+++ b/models/user/setting_test.go
@@ -30,15 +30,15 @@ func TestSettings(t *testing.T) {
 	settings, err := user_model.GetSettings(db.DefaultContext, 99, []string{keyName})
 	assert.NoError(t, err)
 	assert.Len(t, settings, 1)
-	assert.EqualValues(t, newSetting.SettingValue, settings[keyName].SettingValue)
+	assert.Equal(t, newSetting.SettingValue, settings[keyName].SettingValue)
 
 	settingValue, err := user_model.GetUserSetting(db.DefaultContext, 99, keyName)
 	assert.NoError(t, err)
-	assert.EqualValues(t, newSetting.SettingValue, settingValue)
+	assert.Equal(t, newSetting.SettingValue, settingValue)
 
 	settingValue, err = user_model.GetUserSetting(db.DefaultContext, 99, "no_such")
 	assert.NoError(t, err)
-	assert.EqualValues(t, "", settingValue)
+	assert.Empty(t, settingValue)
 
 	// updated setting
 	updatedSetting := &user_model.Setting{UserID: 99, SettingKey: keyName, SettingValue: "Updated"}
@@ -49,7 +49,7 @@ func TestSettings(t *testing.T) {
 	settings, err = user_model.GetUserAllSettings(db.DefaultContext, 99)
 	assert.NoError(t, err)
 	assert.Len(t, settings, 1)
-	assert.EqualValues(t, updatedSetting.SettingValue, settings[updatedSetting.SettingKey].SettingValue)
+	assert.Equal(t, updatedSetting.SettingValue, settings[updatedSetting.SettingKey].SettingValue)
 
 	// delete setting
 	err = user_model.DeleteUserSetting(db.DefaultContext, 99, keyName)
diff --git a/models/user/user.go b/models/user/user.go
index 3c72aa7cc4..c362cbc6d2 100644
--- a/models/user/user.go
+++ b/models/user/user.go
@@ -247,19 +247,20 @@ func (u *User) MaxCreationLimit() int {
 	return u.MaxRepoCreation
 }
 
-// CanCreateRepo returns if user login can create a repository
-// NOTE: functions calling this assume a failure due to repository count limit; if new checks are added, those functions should be revised
-func (u *User) CanCreateRepo() bool {
+// CanCreateRepoIn checks whether the doer(u) can create a repository in the owner
+// NOTE: functions calling this assume a failure due to repository count limit; it ONLY checks the repo number LIMIT, if new checks are added, those functions should be revised
+func (u *User) CanCreateRepoIn(owner *User) bool {
 	if u.IsAdmin {
 		return true
 	}
-	if u.MaxRepoCreation <= -1 {
-		if setting.Repository.MaxCreationLimit <= -1 {
+	const noLimit = -1
+	if owner.MaxRepoCreation == noLimit {
+		if setting.Repository.MaxCreationLimit == noLimit {
 			return true
 		}
-		return u.NumRepos < setting.Repository.MaxCreationLimit
+		return owner.NumRepos < setting.Repository.MaxCreationLimit
 	}
-	return u.NumRepos < u.MaxRepoCreation
+	return owner.NumRepos < owner.MaxRepoCreation
 }
 
 // CanCreateOrganization returns true if user can create organisation.
@@ -272,13 +273,12 @@ func (u *User) CanEditGitHook() bool {
 	return !setting.DisableGitHooks && (u.IsAdmin || u.AllowGitHook)
 }
 
-// CanForkRepo returns if user login can fork a repository
-// It checks especially that the user can create repos, and potentially more
-func (u *User) CanForkRepo() bool {
+// CanForkRepoIn ONLY checks repository count limit
+func (u *User) CanForkRepoIn(owner *User) bool {
 	if setting.Repository.AllowForkWithoutMaximumLimit {
 		return true
 	}
-	return u.CanCreateRepo()
+	return u.CanCreateRepoIn(owner)
 }
 
 // CanImportLocal returns true if user can migrate repository by local path.
@@ -828,6 +828,21 @@ func IsLastAdminUser(ctx context.Context, user *User) bool {
 type CountUserFilter struct {
 	LastLoginSince *int64
 	IsAdmin        optional.Option[bool]
+	IsActive       optional.Option[bool]
+}
+
+// HasUsers checks whether there are any users in the database, or only one user exists.
+func HasUsers(ctx context.Context) (ret struct {
+	HasAnyUser, HasOnlyOneUser bool
+}, err error,
+) {
+	res, err := db.GetEngine(ctx).Table(&User{}).Cols("id").Limit(2).Query()
+	if err != nil {
+		return ret, fmt.Errorf("error checking user existence: %w", err)
+	}
+	ret.HasAnyUser = len(res) != 0
+	ret.HasOnlyOneUser = len(res) == 1
+	return ret, nil
 }
 
 // CountUsers returns number of users.
@@ -848,6 +863,10 @@ func countUsers(ctx context.Context, opts *CountUserFilter) int64 {
 		if opts.IsAdmin.Has() {
 			cond = cond.And(builder.Eq{"is_admin": opts.IsAdmin.Value()})
 		}
+
+		if opts.IsActive.Has() {
+			cond = cond.And(builder.Eq{"is_active": opts.IsActive.Value()})
+		}
 	}
 
 	count, err := sess.Where(cond).Count(new(User))
@@ -1146,13 +1165,7 @@ func ValidateCommitsWithEmails(ctx context.Context, oldCommits []*git.Commit) ([
 	}
 
 	for _, c := range oldCommits {
-		user, ok := emailUserMap[c.Author.Email]
-		if !ok {
-			user = &User{
-				Name:  c.Author.Name,
-				Email: c.Author.Email,
-			}
-		}
+		user := emailUserMap.GetByEmail(c.Author.Email) // FIXME: why ValidateCommitsWithEmails uses "Author", but ParseCommitsWithSignature uses "Committer"?
 		newCommits = append(newCommits, &UserCommit{
 			User:   user,
 			Commit: c,
@@ -1161,19 +1174,29 @@ func ValidateCommitsWithEmails(ctx context.Context, oldCommits []*git.Commit) ([
 	return newCommits, nil
 }
 
-func GetUsersByEmails(ctx context.Context, emails []string) (map[string]*User, error) {
+type EmailUserMap struct {
+	m map[string]*User
+}
+
+func (eum *EmailUserMap) GetByEmail(email string) *User {
+	return eum.m[strings.ToLower(email)]
+}
+
+func GetUsersByEmails(ctx context.Context, emails []string) (*EmailUserMap, error) {
 	if len(emails) == 0 {
 		return nil, nil
 	}
 
 	needCheckEmails := make(container.Set[string])
 	needCheckUserNames := make(container.Set[string])
+	noReplyAddressSuffix := "@" + strings.ToLower(setting.Service.NoReplyAddress)
 	for _, email := range emails {
-		if strings.HasSuffix(email, fmt.Sprintf("@%s", setting.Service.NoReplyAddress)) {
-			username := strings.TrimSuffix(email, fmt.Sprintf("@%s", setting.Service.NoReplyAddress))
-			needCheckUserNames.Add(username)
+		emailLower := strings.ToLower(email)
+		if noReplyUserNameLower, ok := strings.CutSuffix(emailLower, noReplyAddressSuffix); ok {
+			needCheckUserNames.Add(noReplyUserNameLower)
+			needCheckEmails.Add(emailLower)
 		} else {
-			needCheckEmails.Add(strings.ToLower(email))
+			needCheckEmails.Add(emailLower)
 		}
 	}
 
@@ -1187,31 +1210,30 @@ func GetUsersByEmails(ctx context.Context, emails []string) (map[string]*User, e
 	for _, email := range emailAddresses {
 		userIDs.Add(email.UID)
 	}
-	users, err := GetUsersMapByIDs(ctx, userIDs.Values())
-	if err != nil {
-		return nil, err
-	}
-
 	results := make(map[string]*User, len(emails))
-	for _, email := range emailAddresses {
-		user := users[email.UID]
-		if user != nil {
-			if user.KeepEmailPrivate {
-				results[user.LowerName+"@"+setting.Service.NoReplyAddress] = user
-			} else {
-				results[email.Email] = user
+
+	if len(userIDs) > 0 {
+		users, err := GetUsersMapByIDs(ctx, userIDs.Values())
+		if err != nil {
+			return nil, err
+		}
+
+		for _, email := range emailAddresses {
+			user := users[email.UID]
+			if user != nil {
+				results[email.LowerEmail] = user
 			}
 		}
 	}
 
-	users = make(map[int64]*User, len(needCheckUserNames))
+	users := make(map[int64]*User, len(needCheckUserNames))
 	if err := db.GetEngine(ctx).In("lower_name", needCheckUserNames.Values()).Find(&users); err != nil {
 		return nil, err
 	}
 	for _, user := range users {
-		results[user.LowerName+"@"+setting.Service.NoReplyAddress] = user
+		results[strings.ToLower(user.GetPlaceholderEmail())] = user
 	}
-	return results, nil
+	return &EmailUserMap{results}, nil
 }
 
 // GetUserByEmail returns the user object by given e-mail if exists.
@@ -1232,8 +1254,8 @@ func GetUserByEmail(ctx context.Context, email string) (*User, error) {
 	}
 
 	// Finally, if email address is the protected email address:
-	if strings.HasSuffix(email, fmt.Sprintf("@%s", setting.Service.NoReplyAddress)) {
-		username := strings.TrimSuffix(email, fmt.Sprintf("@%s", setting.Service.NoReplyAddress))
+	if strings.HasSuffix(email, "@"+setting.Service.NoReplyAddress) {
+		username := strings.TrimSuffix(email, "@"+setting.Service.NoReplyAddress)
 		user := &User{}
 		has, err := db.GetEngine(ctx).Where("lower_name=?", username).Get(user)
 		if err != nil {
diff --git a/models/user/user_list.go b/models/user/user_list.go
index 4241905058..1b6a27dd86 100644
--- a/models/user/user_list.go
+++ b/models/user/user_list.go
@@ -17,10 +17,7 @@ func GetUsersMapByIDs(ctx context.Context, userIDs []int64) (map[int64]*User, er
 
 	left := len(userIDs)
 	for left > 0 {
-		limit := db.DefaultMaxInSize
-		if left < limit {
-			limit = left
-		}
+		limit := min(left, db.DefaultMaxInSize)
 		err := db.GetEngine(ctx).
 			In("id", userIDs[:limit]).
 			Find(&userMaps)
diff --git a/models/user/user_system.go b/models/user/user_system.go
index 6fbfd9e69e..e07274d291 100644
--- a/models/user/user_system.go
+++ b/models/user/user_system.go
@@ -10,8 +10,8 @@ import (
 )
 
 const (
-	GhostUserID   = -1
-	GhostUserName = "Ghost"
+	GhostUserID   int64 = -1
+	GhostUserName       = "Ghost"
 )
 
 // NewGhostUser creates and returns a fake user for someone has deleted their account.
@@ -36,9 +36,9 @@ func (u *User) IsGhost() bool {
 }
 
 const (
-	ActionsUserID    = -2
-	ActionsUserName  = "gitea-actions"
-	ActionsUserEmail = "teabot@gitea.io"
+	ActionsUserID    int64 = -2
+	ActionsUserName        = "gitea-actions"
+	ActionsUserEmail       = "teabot@gitea.io"
 )
 
 func IsGiteaActionsUserName(name string) bool {
diff --git a/models/user/user_test.go b/models/user/user_test.go
index 1132c02f28..7944fc4b73 100644
--- a/models/user/user_test.go
+++ b/models/user/user_test.go
@@ -19,9 +19,11 @@ import (
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/timeutil"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestIsUsableUsername(t *testing.T) {
@@ -47,14 +49,48 @@ func TestOAuth2Application_LoadUser(t *testing.T) {
 	assert.NotNil(t, user)
 }
 
-func TestGetUserEmailsByNames(t *testing.T) {
+func TestUserEmails(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
+	t.Run("GetUserEmailsByNames", func(t *testing.T) {
+		// ignore none active user email
+		assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user9"}))
+		assert.ElementsMatch(t, []string{"user8@example.com", "user5@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user5"}))
+		assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "org7"}))
+	})
+	t.Run("GetUsersByEmails", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Service.NoReplyAddress, "NoReply.gitea.internal")()
+		testGetUserByEmail := func(t *testing.T, email string, uid int64) {
+			m, err := user_model.GetUsersByEmails(db.DefaultContext, []string{email})
+			require.NoError(t, err)
+			user := m.GetByEmail(email)
+			if uid == 0 {
+				require.Nil(t, user)
+				return
+			}
+			require.NotNil(t, user)
+			assert.Equal(t, uid, user.ID)
+		}
+		cases := []struct {
+			Email string
+			UID   int64
+		}{
+			{"UseR1@example.com", 1},
+			{"user1-2@example.COM", 1},
+			{"USER2@" + setting.Service.NoReplyAddress, 2},
+			{"user4@example.com", 4},
+			{"no-such", 0},
+		}
+		for _, c := range cases {
+			t.Run(c.Email, func(t *testing.T) {
+				testGetUserByEmail(t, c.Email, c.UID)
+			})
+		}
 
-	// ignore none active user email
-	assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user9"}))
-	assert.ElementsMatch(t, []string{"user8@example.com", "user5@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user5"}))
-
-	assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "org7"}))
+		t.Run("NoReplyConflict", func(t *testing.T) {
+			setting.Service.NoReplyAddress = "example.com"
+			testGetUserByEmail(t, "user1-2@example.COM", 1)
+		})
+	})
 }
 
 func TestCanCreateOrganization(t *testing.T) {
@@ -77,73 +113,73 @@ func TestCanCreateOrganization(t *testing.T) {
 
 func TestSearchUsers(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
-	testSuccess := func(opts *user_model.SearchUserOptions, expectedUserOrOrgIDs []int64) {
+	testSuccess := func(opts user_model.SearchUserOptions, expectedUserOrOrgIDs []int64) {
 		users, _, err := user_model.SearchUsers(db.DefaultContext, opts)
 		assert.NoError(t, err)
 		cassText := fmt.Sprintf("ids: %v, opts: %v", expectedUserOrOrgIDs, opts)
 		if assert.Len(t, users, len(expectedUserOrOrgIDs), "case: %s", cassText) {
 			for i, expectedID := range expectedUserOrOrgIDs {
-				assert.EqualValues(t, expectedID, users[i].ID, "case: %s", cassText)
+				assert.Equal(t, expectedID, users[i].ID, "case: %s", cassText)
 			}
 		}
 	}
 
 	// test orgs
-	testOrgSuccess := func(opts *user_model.SearchUserOptions, expectedOrgIDs []int64) {
+	testOrgSuccess := func(opts user_model.SearchUserOptions, expectedOrgIDs []int64) {
 		opts.Type = user_model.UserTypeOrganization
 		testSuccess(opts, expectedOrgIDs)
 	}
 
-	testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1, PageSize: 2}},
 		[]int64{3, 6})
 
-	testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 2, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 2, PageSize: 2}},
 		[]int64{7, 17})
 
-	testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 3, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 3, PageSize: 2}},
 		[]int64{19, 25})
 
-	testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 4, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 4, PageSize: 2}},
 		[]int64{26, 41})
 
-	testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 5, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 5, PageSize: 2}},
 		[]int64{42})
 
-	testOrgSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 6, PageSize: 2}},
+	testOrgSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 6, PageSize: 2}},
 		[]int64{})
 
 	// test users
-	testUserSuccess := func(opts *user_model.SearchUserOptions, expectedUserIDs []int64) {
+	testUserSuccess := func(opts user_model.SearchUserOptions, expectedUserIDs []int64) {
 		opts.Type = user_model.UserTypeIndividual
 		testSuccess(opts, expectedUserIDs)
 	}
 
-	testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}},
+	testUserSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}},
 		[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34, 37, 38, 39, 40})
 
-	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(false)},
+	testUserSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(false)},
 		[]int64{9})
 
-	testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
 		[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34, 37, 38, 39, 40})
 
-	testUserSuccess(&user_model.SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})
 
 	// order by name asc default
-	testUserSuccess(&user_model.SearchUserOptions{Keyword: "user1", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{Keyword: "user1", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})
 
-	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsAdmin: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsAdmin: optional.Some(true)},
 		[]int64{1})
 
-	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsRestricted: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsRestricted: optional.Some(true)},
 		[]int64{29})
 
-	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsProhibitLogin: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsProhibitLogin: optional.Some(true)},
 		[]int64{37})
 
-	testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsTwoFactorEnabled: optional.Some(true)},
+	testUserSuccess(user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsTwoFactorEnabled: optional.Some(true)},
 		[]int64{24})
 }
 
@@ -173,9 +209,9 @@ func TestHashPasswordDeterministic(t *testing.T) {
 	b := make([]byte, 16)
 	u := &user_model.User{}
 	algos := hash.RecommendedHashAlgorithms
-	for j := 0; j < len(algos); j++ {
+	for j := range algos {
 		u.PasswdHashAlgo = algos[j]
-		for i := 0; i < 50; i++ {
+		for range 50 {
 			// generate a random password
 			rand.Read(b)
 			pass := string(b)
@@ -502,18 +538,15 @@ func TestIsUserVisibleToViewer(t *testing.T) {
 }
 
 func Test_ValidateUser(t *testing.T) {
-	oldSetting := setting.Service.AllowedUserVisibilityModesSlice
-	defer func() {
-		setting.Service.AllowedUserVisibilityModesSlice = oldSetting
-	}()
-	setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, true}
+	defer test.MockVariableValue(&setting.Service.AllowedUserVisibilityModesSlice, []bool{true, false, true})()
+
 	kases := map[*user_model.User]bool{
 		{ID: 1, Visibility: structs.VisibleTypePublic}:  true,
 		{ID: 2, Visibility: structs.VisibleTypeLimited}: false,
 		{ID: 2, Visibility: structs.VisibleTypePrivate}: true,
 	}
 	for kase, expected := range kases {
-		assert.EqualValues(t, expected, nil == user_model.ValidateUser(kase), "case: %+v", kase)
+		assert.Equal(t, expected, nil == user_model.ValidateUser(kase), "case: %+v", kase)
 	}
 }
 
@@ -537,7 +570,7 @@ func Test_NormalizeUserFromEmail(t *testing.T) {
 	for _, testCase := range testCases {
 		normalizedName, err := user_model.NormalizeUserName(testCase.Input)
 		assert.NoError(t, err)
-		assert.EqualValues(t, testCase.Expected, normalizedName)
+		assert.Equal(t, testCase.Expected, normalizedName)
 		if testCase.IsNormalizedValid {
 			assert.NoError(t, user_model.IsUsableUsername(normalizedName))
 		} else {
@@ -564,7 +597,7 @@ func TestEmailTo(t *testing.T) {
 	for _, testCase := range testCases {
 		t.Run(testCase.result, func(t *testing.T) {
 			testUser := &user_model.User{FullName: testCase.fullName, Email: testCase.mail}
-			assert.EqualValues(t, testCase.result, testUser.EmailTo())
+			assert.Equal(t, testCase.result, testUser.EmailTo())
 		})
 	}
 }
@@ -575,12 +608,7 @@ func TestDisabledUserFeatures(t *testing.T) {
 	testValues := container.SetOf(setting.UserFeatureDeletion,
 		setting.UserFeatureManageSSHKeys,
 		setting.UserFeatureManageGPGKeys)
-
-	oldSetting := setting.Admin.ExternalUserDisableFeatures
-	defer func() {
-		setting.Admin.ExternalUserDisableFeatures = oldSetting
-	}()
-	setting.Admin.ExternalUserDisableFeatures = testValues
+	defer test.MockVariableValue(&setting.Admin.ExternalUserDisableFeatures, testValues)()
 
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
 
@@ -616,3 +644,37 @@ func TestGetInactiveUsers(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Empty(t, users)
 }
+
+func TestCanCreateRepo(t *testing.T) {
+	defer test.MockVariableValue(&setting.Repository.MaxCreationLimit)()
+	const noLimit = -1
+	doerNormal := &user_model.User{}
+	doerAdmin := &user_model.User{IsAdmin: true}
+	t.Run("NoGlobalLimit", func(t *testing.T) {
+		setting.Repository.MaxCreationLimit = noLimit
+
+		assert.True(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: noLimit}))
+		assert.False(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 0}))
+		assert.True(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 100}))
+
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: noLimit}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 0}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 100}))
+	})
+
+	t.Run("GlobalLimit50", func(t *testing.T) {
+		setting.Repository.MaxCreationLimit = 50
+
+		assert.True(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: noLimit}))
+		assert.False(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 60, MaxRepoCreation: noLimit})) // limited by global limit
+		assert.False(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 0}))
+		assert.True(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 100}))
+		assert.True(t, doerNormal.CanCreateRepoIn(&user_model.User{NumRepos: 60, MaxRepoCreation: 100}))
+
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: noLimit}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 60, MaxRepoCreation: noLimit}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 0}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 10, MaxRepoCreation: 100}))
+		assert.True(t, doerAdmin.CanCreateRepoIn(&user_model.User{NumRepos: 60, MaxRepoCreation: 100}))
+	})
+}
diff --git a/models/webhook/hooktask.go b/models/webhook/hooktask.go
index ff3fdbadb2..96ec11e43f 100644
--- a/models/webhook/hooktask.go
+++ b/models/webhook/hooktask.go
@@ -198,7 +198,8 @@ func MarkTaskDelivered(ctx context.Context, task *HookTask) (bool, error) {
 func CleanupHookTaskTable(ctx context.Context, cleanupType HookTaskCleanupType, olderThan time.Duration, numberToKeep int) error {
 	log.Trace("Doing: CleanupHookTaskTable")
 
-	if cleanupType == OlderThan {
+	switch cleanupType {
+	case OlderThan:
 		deleteOlderThan := time.Now().Add(-olderThan).UnixNano()
 		deletes, err := db.GetEngine(ctx).
 			Where("is_delivered = ? and delivered < ?", true, deleteOlderThan).
@@ -207,7 +208,7 @@ func CleanupHookTaskTable(ctx context.Context, cleanupType HookTaskCleanupType,
 			return err
 		}
 		log.Trace("Deleted %d rows from hook_task", deletes)
-	} else if cleanupType == PerWebhook {
+	case PerWebhook:
 		hookIDs := make([]int64, 0, 10)
 		err := db.GetEngine(ctx).
 			Table("webhook").
diff --git a/models/webhook/webhook.go b/models/webhook/webhook.go
index 97ad373027..7d4b2e2237 100644
--- a/models/webhook/webhook.go
+++ b/models/webhook/webhook.go
@@ -240,7 +240,7 @@ func CreateWebhooks(ctx context.Context, ws []*Webhook) error {
 	if len(ws) == 0 {
 		return nil
 	}
-	for i := 0; i < len(ws); i++ {
+	for i := range ws {
 		ws[i].Type = strings.TrimSpace(ws[i].Type)
 	}
 	return db.Insert(ctx, ws)
@@ -319,21 +319,16 @@ func UpdateWebhookLastStatus(ctx context.Context, w *Webhook) error {
 // DeleteWebhookByID uses argument bean as query condition,
 // ID must be specified and do not assign unnecessary fields.
 func DeleteWebhookByID(ctx context.Context, id int64) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if count, err := db.DeleteByID[Webhook](ctx, id); err != nil {
-		return err
-	} else if count == 0 {
-		return ErrWebhookNotExist{ID: id}
-	} else if _, err = db.DeleteByBean(ctx, &HookTask{HookID: id}); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if count, err := db.DeleteByID[Webhook](ctx, id); err != nil {
+			return err
+		} else if count == 0 {
+			return ErrWebhookNotExist{ID: id}
+		} else if _, err = db.DeleteByBean(ctx, &HookTask{HookID: id}); err != nil {
+			return err
+		}
+		return nil
+	})
 }
 
 // DeleteWebhookByRepoID deletes webhook of repository by given ID.
diff --git a/models/webhook/webhook_test.go b/models/webhook/webhook_test.go
index 6ff77a380d..edad8fc996 100644
--- a/models/webhook/webhook_test.go
+++ b/models/webhook/webhook_test.go
@@ -67,13 +67,13 @@ func TestWebhook_UpdateEvent(t *testing.T) {
 }
 
 func TestWebhook_EventsArray(t *testing.T) {
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"create", "delete", "fork", "push",
 		"issues", "issue_assign", "issue_label", "issue_milestone", "issue_comment",
 		"pull_request", "pull_request_assign", "pull_request_label", "pull_request_milestone",
 		"pull_request_comment", "pull_request_review_approved", "pull_request_review_rejected",
 		"pull_request_review_comment", "pull_request_sync", "pull_request_review_request", "wiki", "repository", "release",
-		"package", "status", "workflow_job",
+		"package", "status", "workflow_run", "workflow_job",
 	},
 		(&Webhook{
 			HookEvent: &webhook_module.HookEvent{SendEverything: true},
@@ -90,7 +90,7 @@ func TestWebhook_EventsArray(t *testing.T) {
 func TestCreateWebhook(t *testing.T) {
 	hook := &Webhook{
 		RepoID:      3,
-		URL:         "www.example.com/unit_test",
+		URL:         "https://www.example.com/unit_test",
 		ContentType: ContentTypeJSON,
 		Events:      `{"push_only":false,"send_everything":false,"choose_events":false,"events":{"create":false,"push":true,"pull_request":true}}`,
 	}
diff --git a/modules/actions/artifacts.go b/modules/actions/artifacts.go
index 4d074435ef..d28726e899 100644
--- a/modules/actions/artifacts.go
+++ b/modules/actions/artifacts.go
@@ -20,7 +20,7 @@ func IsArtifactV4(art *actions_model.ActionArtifact) bool {
 
 func DownloadArtifactV4ServeDirectOnly(ctx *context.Base, art *actions_model.ActionArtifact) (bool, error) {
 	if setting.Actions.ArtifactStorage.ServeDirect() {
-		u, err := storage.ActionsArtifacts.URL(art.StoragePath, art.ArtifactPath, nil)
+		u, err := storage.ActionsArtifacts.URL(art.StoragePath, art.ArtifactPath, ctx.Req.Method, nil)
 		if u != nil && err == nil {
 			ctx.Redirect(u.String(), http.StatusFound)
 			return true, nil
diff --git a/modules/actions/workflows.go b/modules/actions/workflows.go
index 0d2b0dd919..27bcafa649 100644
--- a/modules/actions/workflows.go
+++ b/modules/actions/workflows.go
@@ -6,6 +6,7 @@ package actions
 import (
 	"bytes"
 	"io"
+	"slices"
 	"strings"
 
 	"code.gitea.io/gitea/modules/git"
@@ -43,21 +44,23 @@ func IsWorkflow(path string) bool {
 	return strings.HasPrefix(path, ".gitea/workflows") || strings.HasPrefix(path, ".github/workflows")
 }
 
-func ListWorkflows(commit *git.Commit) (git.Entries, error) {
-	tree, err := commit.SubTree(".gitea/workflows")
+func ListWorkflows(commit *git.Commit) (string, git.Entries, error) {
+	rpath := ".gitea/workflows"
+	tree, err := commit.SubTree(rpath)
 	if _, ok := err.(git.ErrNotExist); ok {
-		tree, err = commit.SubTree(".github/workflows")
+		rpath = ".github/workflows"
+		tree, err = commit.SubTree(rpath)
 	}
 	if _, ok := err.(git.ErrNotExist); ok {
-		return nil, nil
+		return "", nil, nil
 	}
 	if err != nil {
-		return nil, err
+		return "", nil, err
 	}
 
 	entries, err := tree.ListEntriesRecursiveFast()
 	if err != nil {
-		return nil, err
+		return "", nil, err
 	}
 
 	ret := make(git.Entries, 0, len(entries))
@@ -66,7 +69,7 @@ func ListWorkflows(commit *git.Commit) (git.Entries, error) {
 			ret = append(ret, entry)
 		}
 	}
-	return ret, nil
+	return rpath, ret, nil
 }
 
 func GetContentFromEntry(entry *git.TreeEntry) ([]byte, error) {
@@ -102,7 +105,7 @@ func DetectWorkflows(
 	payload api.Payloader,
 	detectSchedule bool,
 ) ([]*DetectedWorkflow, []*DetectedWorkflow, error) {
-	entries, err := ListWorkflows(commit)
+	_, entries, err := ListWorkflows(commit)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -147,7 +150,7 @@ func DetectWorkflows(
 }
 
 func DetectScheduledWorkflows(gitRepo *git.Repository, commit *git.Commit) ([]*DetectedWorkflow, error) {
-	entries, err := ListWorkflows(commit)
+	_, entries, err := ListWorkflows(commit)
 	if err != nil {
 		return nil, err
 	}
@@ -243,6 +246,10 @@ func detectMatched(gitRepo *git.Repository, commit *git.Commit, triggedEvent web
 		webhook_module.HookEventPackage:
 		return matchPackageEvent(payload.(*api.PackagePayload), evt)
 
+	case // workflow_run
+		webhook_module.HookEventWorkflowRun:
+		return matchWorkflowRunEvent(payload.(*api.WorkflowRunPayload), evt)
+
 	default:
 		log.Warn("unsupported event %q", triggedEvent)
 		return false
@@ -311,6 +318,10 @@ func matchPushEvent(commit *git.Commit, pushPayload *api.PushPayload, evt *jobpa
 				matchTimes++
 			}
 		case "paths":
+			if refName.IsTag() {
+				matchTimes++
+				break
+			}
 			filesChanged, err := commit.GetFilesChangedSinceCommit(pushPayload.Before)
 			if err != nil {
 				log.Error("GetFilesChangedSinceCommit [commit_sha1: %s]: %v", commit.ID.String(), err)
@@ -324,6 +335,10 @@ func matchPushEvent(commit *git.Commit, pushPayload *api.PushPayload, evt *jobpa
 				}
 			}
 		case "paths-ignore":
+			if refName.IsTag() {
+				matchTimes++
+				break
+			}
 			filesChanged, err := commit.GetFilesChangedSinceCommit(pushPayload.Before)
 			if err != nil {
 				log.Error("GetFilesChangedSinceCommit [commit_sha1: %s]: %v", commit.ID.String(), err)
@@ -463,7 +478,7 @@ func matchPullRequestEvent(gitRepo *git.Repository, commit *git.Commit, prPayloa
 				matchTimes++
 			}
 		case "paths":
-			filesChanged, err := headCommit.GetFilesChangedSinceCommit(prPayload.PullRequest.Base.Ref)
+			filesChanged, err := headCommit.GetFilesChangedSinceCommit(prPayload.PullRequest.MergeBase)
 			if err != nil {
 				log.Error("GetFilesChangedSinceCommit [commit_sha1: %s]: %v", headCommit.ID.String(), err)
 			} else {
@@ -476,7 +491,7 @@ func matchPullRequestEvent(gitRepo *git.Repository, commit *git.Commit, prPayloa
 				}
 			}
 		case "paths-ignore":
-			filesChanged, err := headCommit.GetFilesChangedSinceCommit(prPayload.PullRequest.Base.Ref)
+			filesChanged, err := headCommit.GetFilesChangedSinceCommit(prPayload.PullRequest.MergeBase)
 			if err != nil {
 				log.Error("GetFilesChangedSinceCommit [commit_sha1: %s]: %v", headCommit.ID.String(), err)
 			} else {
@@ -554,21 +569,12 @@ func matchPullRequestReviewEvent(prPayload *api.PullRequestPayload, evt *jobpars
 				actions = append(actions, "submitted", "edited")
 			}
 
-			matched := false
 			for _, val := range vals {
-				for _, action := range actions {
-					if glob.MustCompile(val, '/').Match(action) {
-						matched = true
-						break
-					}
-				}
-				if matched {
+				if slices.ContainsFunc(actions, glob.MustCompile(val, '/').Match) {
+					matchTimes++
 					break
 				}
 			}
-			if matched {
-				matchTimes++
-			}
 		default:
 			log.Warn("pull request review event unsupported condition %q", cond)
 		}
@@ -603,21 +609,12 @@ func matchPullRequestReviewCommentEvent(prPayload *api.PullRequestPayload, evt *
 				actions = append(actions, "created", "edited")
 			}
 
-			matched := false
 			for _, val := range vals {
-				for _, action := range actions {
-					if glob.MustCompile(val, '/').Match(action) {
-						matched = true
-						break
-					}
-				}
-				if matched {
+				if slices.ContainsFunc(actions, glob.MustCompile(val, '/').Match) {
+					matchTimes++
 					break
 				}
 			}
-			if matched {
-				matchTimes++
-			}
 		default:
 			log.Warn("pull request review comment event unsupported condition %q", cond)
 		}
@@ -698,3 +695,53 @@ func matchPackageEvent(payload *api.PackagePayload, evt *jobparser.Event) bool {
 	}
 	return matchTimes == len(evt.Acts())
 }
+
+func matchWorkflowRunEvent(payload *api.WorkflowRunPayload, evt *jobparser.Event) bool {
+	// with no special filter parameters
+	if len(evt.Acts()) == 0 {
+		return true
+	}
+
+	matchTimes := 0
+	// all acts conditions should be satisfied
+	for cond, vals := range evt.Acts() {
+		switch cond {
+		case "types":
+			action := payload.Action
+			for _, val := range vals {
+				if glob.MustCompile(val, '/').Match(action) {
+					matchTimes++
+					break
+				}
+			}
+		case "workflows":
+			workflow := payload.Workflow
+			patterns, err := workflowpattern.CompilePatterns(vals...)
+			if err != nil {
+				break
+			}
+			if !workflowpattern.Skip(patterns, []string{workflow.Name}, &workflowpattern.EmptyTraceWriter{}) {
+				matchTimes++
+			}
+		case "branches":
+			patterns, err := workflowpattern.CompilePatterns(vals...)
+			if err != nil {
+				break
+			}
+			if !workflowpattern.Skip(patterns, []string{payload.WorkflowRun.HeadBranch}, &workflowpattern.EmptyTraceWriter{}) {
+				matchTimes++
+			}
+		case "branches-ignore":
+			patterns, err := workflowpattern.CompilePatterns(vals...)
+			if err != nil {
+				break
+			}
+			if !workflowpattern.Filter(patterns, []string{payload.WorkflowRun.HeadBranch}, &workflowpattern.EmptyTraceWriter{}) {
+				matchTimes++
+			}
+		default:
+			log.Warn("workflow run event unsupported condition %q", cond)
+		}
+	}
+	return matchTimes == len(evt.Acts())
+}
diff --git a/modules/actions/workflows_test.go b/modules/actions/workflows_test.go
index c8e1e553fe..e23431651d 100644
--- a/modules/actions/workflows_test.go
+++ b/modules/actions/workflows_test.go
@@ -125,6 +125,24 @@ func TestDetectMatched(t *testing.T) {
 			yamlOn:       "on: schedule",
 			expected:     true,
 		},
+		{
+			desc:         "push to tag matches workflow with paths condition (should skip paths check)",
+			triggedEvent: webhook_module.HookEventPush,
+			payload: &api.PushPayload{
+				Ref:    "refs/tags/v1.0.0",
+				Before: "0000000",
+				Commits: []*api.PayloadCommit{
+					{
+						ID:      "abcdef123456",
+						Added:   []string{"src/main.go"},
+						Message: "Release v1.0.0",
+					},
+				},
+			},
+			commit:   nil,
+			yamlOn:   "on:\n  push:\n    paths:\n      - src/**",
+			expected: true,
+		},
 	}
 
 	for _, tc := range testCases {
diff --git a/modules/assetfs/embed.go b/modules/assetfs/embed.go
new file mode 100644
index 0000000000..95176372d1
--- /dev/null
+++ b/modules/assetfs/embed.go
@@ -0,0 +1,375 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package assetfs
+
+import (
+	"bytes"
+	"compress/gzip"
+	"io"
+	"io/fs"
+	"os"
+	"path"
+	"path/filepath"
+	"strings"
+	"sync"
+	"time"
+
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/util"
+)
+
+type EmbeddedFile interface {
+	io.ReadSeeker
+	fs.ReadDirFile
+	ReadDir(n int) ([]fs.DirEntry, error)
+}
+
+type EmbeddedFileInfo interface {
+	fs.FileInfo
+	fs.DirEntry
+	GetGzipContent() ([]byte, bool)
+}
+
+type decompressor interface {
+	io.Reader
+	Close() error
+	Reset(io.Reader) error
+}
+
+type embeddedFileInfo struct {
+	fs       *embeddedFS
+	fullName string
+	data     []byte
+
+	BaseName   string              `json:"n"`
+	OriginSize int64               `json:"s,omitempty"`
+	DataBegin  int64               `json:"b,omitempty"`
+	DataLen    int64               `json:"l,omitempty"`
+	Children   []*embeddedFileInfo `json:"c,omitempty"`
+}
+
+func (fi *embeddedFileInfo) GetGzipContent() ([]byte, bool) {
+	// when generating the bindata, if the compressed data equals or is larger than the original data, we store the original data
+	if fi.DataLen == fi.OriginSize {
+		return nil, false
+	}
+	return fi.data, true
+}
+
+type EmbeddedFileBase struct {
+	info       *embeddedFileInfo
+	dataReader io.ReadSeeker
+	seekPos    int64
+}
+
+func (f *EmbeddedFileBase) ReadDir(n int) ([]fs.DirEntry, error) {
+	// this method is used to satisfy the "func (f ioFile) ReadDir(...)" in httpfs
+	l, err := f.info.fs.ReadDir(f.info.fullName)
+	if err != nil {
+		return nil, err
+	}
+	if n < 0 || n > len(l) {
+		return l, nil
+	}
+	return l[:n], nil
+}
+
+type EmbeddedOriginFile struct {
+	EmbeddedFileBase
+}
+
+type EmbeddedCompressedFile struct {
+	EmbeddedFileBase
+	decompressor    decompressor
+	decompressorPos int64
+}
+
+type embeddedFS struct {
+	meta func() *EmbeddedMeta
+
+	files   map[string]*embeddedFileInfo
+	filesMu sync.RWMutex
+
+	data []byte
+}
+
+type EmbeddedMeta struct {
+	Root *embeddedFileInfo
+}
+
+func NewEmbeddedFS(data []byte) fs.ReadDirFS {
+	efs := &embeddedFS{data: data, files: make(map[string]*embeddedFileInfo)}
+	efs.meta = sync.OnceValue(func() *EmbeddedMeta {
+		var meta EmbeddedMeta
+		p := bytes.LastIndexByte(data, '\n')
+		if p < 0 {
+			return &meta
+		}
+		if err := json.Unmarshal(data[p+1:], &meta); err != nil {
+			panic("embedded file is not valid")
+		}
+		return &meta
+	})
+	return efs
+}
+
+var _ fs.ReadDirFS = (*embeddedFS)(nil)
+
+func (e *embeddedFS) ReadDir(name string) (l []fs.DirEntry, err error) {
+	fi, err := e.getFileInfo(name)
+	if err != nil {
+		return nil, err
+	}
+	if !fi.IsDir() {
+		return nil, fs.ErrNotExist
+	}
+	l = make([]fs.DirEntry, len(fi.Children))
+	for i, child := range fi.Children {
+		l[i], err = e.getFileInfo(name + "/" + child.BaseName)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return l, nil
+}
+
+func (e *embeddedFS) getFileInfo(fullName string) (*embeddedFileInfo, error) {
+	// no need to do heavy "path.Clean()" because we don't want to support "foo/../bar" or absolute paths
+	fullName = strings.TrimPrefix(fullName, "./")
+	if fullName == "" {
+		fullName = "."
+	}
+
+	e.filesMu.RLock()
+	fi := e.files[fullName]
+	e.filesMu.RUnlock()
+	if fi != nil {
+		return fi, nil
+	}
+
+	fields := strings.Split(fullName, "/")
+	fi = e.meta().Root
+	if fullName != "." {
+		found := true
+		for _, field := range fields {
+			for _, child := range fi.Children {
+				if found = child.BaseName == field; found {
+					fi = child
+					break
+				}
+			}
+			if !found {
+				return nil, fs.ErrNotExist
+			}
+		}
+	}
+
+	e.filesMu.Lock()
+	defer e.filesMu.Unlock()
+	if fi != nil {
+		fi.fs = e
+		fi.fullName = fullName
+		fi.data = e.data[fi.DataBegin : fi.DataBegin+fi.DataLen]
+		e.files[fullName] = fi // do not cache nil, otherwise keeping accessing random non-existing file will cause OOM
+		return fi, nil
+	}
+	return nil, fs.ErrNotExist
+}
+
+func (e *embeddedFS) Open(name string) (fs.File, error) {
+	info, err := e.getFileInfo(name)
+	if err != nil {
+		return nil, err
+	}
+	base := EmbeddedFileBase{info: info}
+	base.dataReader = bytes.NewReader(base.info.data)
+	if info.DataLen != info.OriginSize {
+		decomp, err := gzip.NewReader(base.dataReader)
+		if err != nil {
+			return nil, err
+		}
+		return &EmbeddedCompressedFile{EmbeddedFileBase: base, decompressor: decomp}, nil
+	}
+	return &EmbeddedOriginFile{base}, nil
+}
+
+var (
+	_ EmbeddedFileInfo = (*embeddedFileInfo)(nil)
+	_ EmbeddedFile     = (*EmbeddedOriginFile)(nil)
+	_ EmbeddedFile     = (*EmbeddedCompressedFile)(nil)
+)
+
+func (f *EmbeddedOriginFile) Read(p []byte) (n int, err error) {
+	return f.dataReader.Read(p)
+}
+
+func (f *EmbeddedCompressedFile) Read(p []byte) (n int, err error) {
+	if f.decompressorPos > f.seekPos {
+		if err = f.decompressor.Reset(bytes.NewReader(f.info.data)); err != nil {
+			return 0, err
+		}
+		f.decompressorPos = 0
+	}
+	if f.decompressorPos < f.seekPos {
+		if _, err = io.CopyN(io.Discard, f.decompressor, f.seekPos-f.decompressorPos); err != nil {
+			return 0, err
+		}
+		f.decompressorPos = f.seekPos
+	}
+	n, err = f.decompressor.Read(p)
+	f.decompressorPos += int64(n)
+	f.seekPos = f.decompressorPos
+	return n, err
+}
+
+func (f *EmbeddedFileBase) Seek(offset int64, whence int) (int64, error) {
+	switch whence {
+	case io.SeekStart:
+		f.seekPos = offset
+	case io.SeekCurrent:
+		f.seekPos += offset
+	case io.SeekEnd:
+		f.seekPos = f.info.OriginSize + offset
+	}
+	return f.seekPos, nil
+}
+
+func (f *EmbeddedFileBase) Stat() (fs.FileInfo, error) {
+	return f.info, nil
+}
+
+func (f *EmbeddedOriginFile) Close() error {
+	return nil
+}
+
+func (f *EmbeddedCompressedFile) Close() error {
+	return f.decompressor.Close()
+}
+
+func (fi *embeddedFileInfo) Name() string {
+	return fi.BaseName
+}
+
+func (fi *embeddedFileInfo) Size() int64 {
+	return fi.OriginSize
+}
+
+func (fi *embeddedFileInfo) Mode() fs.FileMode {
+	return util.Iif(fi.IsDir(), fs.ModeDir|0o555, 0o444)
+}
+
+func (fi *embeddedFileInfo) ModTime() time.Time {
+	return getExecutableModTime()
+}
+
+func (fi *embeddedFileInfo) IsDir() bool {
+	return fi.Children != nil
+}
+
+func (fi *embeddedFileInfo) Sys() any {
+	return nil
+}
+
+func (fi *embeddedFileInfo) Type() fs.FileMode {
+	return util.Iif(fi.IsDir(), fs.ModeDir, 0)
+}
+
+func (fi *embeddedFileInfo) Info() (fs.FileInfo, error) {
+	return fi, nil
+}
+
+// getExecutableModTime returns the modification time of the executable file.
+// In bindata, we can't use the ModTime of the files because we need to make the build reproducible
+var getExecutableModTime = sync.OnceValue(func() (modTime time.Time) {
+	exePath, err := os.Executable()
+	if err != nil {
+		return modTime
+	}
+	exePath, err = filepath.Abs(exePath)
+	if err != nil {
+		return modTime
+	}
+	exePath, err = filepath.EvalSymlinks(exePath)
+	if err != nil {
+		return modTime
+	}
+	st, err := os.Stat(exePath)
+	if err != nil {
+		return modTime
+	}
+	return st.ModTime()
+})
+
+func GenerateEmbedBindata(fsRootPath, outputFile string) error {
+	output, err := os.OpenFile(outputFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.ModePerm)
+	if err != nil {
+		return err
+	}
+	defer output.Close()
+
+	meta := &EmbeddedMeta{}
+	meta.Root = &embeddedFileInfo{}
+	var outputOffset int64
+	var embedFiles func(parent *embeddedFileInfo, fsPath, embedPath string) error
+	embedFiles = func(parent *embeddedFileInfo, fsPath, embedPath string) error {
+		dirEntries, err := os.ReadDir(fsPath)
+		if err != nil {
+			return err
+		}
+		for _, dirEntry := range dirEntries {
+			if err != nil {
+				return err
+			}
+			if dirEntry.IsDir() {
+				child := &embeddedFileInfo{
+					BaseName: dirEntry.Name(),
+					Children: []*embeddedFileInfo{}, // non-nil means it's a directory
+				}
+				parent.Children = append(parent.Children, child)
+				if err = embedFiles(child, filepath.Join(fsPath, dirEntry.Name()), path.Join(embedPath, dirEntry.Name())); err != nil {
+					return err
+				}
+			} else {
+				data, err := os.ReadFile(filepath.Join(fsPath, dirEntry.Name()))
+				if err != nil {
+					return err
+				}
+				var compressed bytes.Buffer
+				gz, _ := gzip.NewWriterLevel(&compressed, gzip.BestCompression)
+				if _, err = gz.Write(data); err != nil {
+					return err
+				}
+				if err = gz.Close(); err != nil {
+					return err
+				}
+
+				// only use the compressed data if it is smaller than the original data
+				outputBytes := util.Iif(len(compressed.Bytes()) < len(data), compressed.Bytes(), data)
+				child := &embeddedFileInfo{
+					BaseName:   dirEntry.Name(),
+					OriginSize: int64(len(data)),
+					DataBegin:  outputOffset,
+					DataLen:    int64(len(outputBytes)),
+				}
+				if _, err = output.Write(outputBytes); err != nil {
+					return err
+				}
+				outputOffset += child.DataLen
+				parent.Children = append(parent.Children, child)
+			}
+		}
+		return nil
+	}
+
+	if err = embedFiles(meta.Root, fsRootPath, ""); err != nil {
+		return err
+	}
+	jsonBuf, err := json.Marshal(meta) // can't use json.NewEncoder here because it writes extra EOL
+	if err != nil {
+		return err
+	}
+	_, _ = output.Write([]byte{'\n'})
+	_, err = output.Write(jsonBuf)
+	return err
+}
diff --git a/modules/assetfs/embed_test.go b/modules/assetfs/embed_test.go
new file mode 100644
index 0000000000..06598da4c4
--- /dev/null
+++ b/modules/assetfs/embed_test.go
@@ -0,0 +1,98 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package assetfs
+
+import (
+	"bytes"
+	"io/fs"
+	"net/http"
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestEmbed(t *testing.T) {
+	tmpDir := t.TempDir()
+	tmpDataDir := tmpDir + "/data"
+	_ = os.MkdirAll(tmpDataDir+"/foo/bar", 0o755)
+	_ = os.WriteFile(tmpDataDir+"/a.txt", []byte("a"), 0o644)
+	_ = os.WriteFile(tmpDataDir+"/foo/bar/b.txt", bytes.Repeat([]byte("a"), 1000), 0o644)
+	_ = os.WriteFile(tmpDataDir+"/foo/c.txt", []byte("c"), 0o644)
+	require.NoError(t, GenerateEmbedBindata(tmpDataDir, tmpDir+"/out.dat"))
+
+	data, err := os.ReadFile(tmpDir + "/out.dat")
+	require.NoError(t, err)
+	efs := NewEmbeddedFS(data)
+
+	// test a non-existing file
+	_, err = fs.ReadFile(efs, "not exist")
+	assert.ErrorIs(t, err, fs.ErrNotExist)
+
+	// test a normal file (no compression)
+	content, err := fs.ReadFile(efs, "a.txt")
+	require.NoError(t, err)
+	assert.Equal(t, "a", string(content))
+	fi, err := fs.Stat(efs, "a.txt")
+	require.NoError(t, err)
+	_, ok := fi.(EmbeddedFileInfo).GetGzipContent()
+	assert.False(t, ok)
+
+	// test a compressed file
+	content, err = fs.ReadFile(efs, "foo/bar/b.txt")
+	require.NoError(t, err)
+	assert.Equal(t, bytes.Repeat([]byte("a"), 1000), content)
+	fi, err = fs.Stat(efs, "foo/bar/b.txt")
+	require.NoError(t, err)
+	assert.False(t, fi.Mode().IsDir())
+	assert.True(t, fi.Mode().IsRegular())
+	gzipContent, ok := fi.(EmbeddedFileInfo).GetGzipContent()
+	assert.True(t, ok)
+	assert.Greater(t, len(gzipContent), 1)
+	assert.Less(t, len(gzipContent), 1000)
+
+	// test list root directory
+	entries, err := fs.ReadDir(efs, ".")
+	require.NoError(t, err)
+	assert.Len(t, entries, 2)
+	assert.Equal(t, "a.txt", entries[0].Name())
+	assert.False(t, entries[0].IsDir())
+
+	// test list subdirectory
+	entries, err = fs.ReadDir(efs, "foo")
+	require.NoError(t, err)
+	require.Len(t, entries, 2)
+	assert.Equal(t, "bar", entries[0].Name())
+	assert.True(t, entries[0].IsDir())
+	assert.Equal(t, "c.txt", entries[1].Name())
+	assert.False(t, entries[1].IsDir())
+
+	// test directory mode
+	fi, err = fs.Stat(efs, "foo")
+	require.NoError(t, err)
+	assert.True(t, fi.IsDir())
+	assert.True(t, fi.Mode().IsDir())
+	assert.False(t, fi.Mode().IsRegular())
+
+	// test httpfs
+	hfs := http.FS(efs)
+	hf, err := hfs.Open("foo/bar/b.txt")
+	require.NoError(t, err)
+	hi, err := hf.Stat()
+	require.NoError(t, err)
+	fiEmbedded, ok := hi.(EmbeddedFileInfo)
+	require.True(t, ok)
+	gzipContent, ok = fiEmbedded.GetGzipContent()
+	assert.True(t, ok)
+	assert.Greater(t, len(gzipContent), 1)
+	assert.Less(t, len(gzipContent), 1000)
+
+	// test httpfs directory listing
+	hf, err = hfs.Open("foo")
+	require.NoError(t, err)
+	dirs, err := hf.Readdir(1)
+	require.NoError(t, err)
+	assert.Len(t, dirs, 1)
+}
diff --git a/modules/assetfs/layered.go b/modules/assetfs/layered.go
index 4f3811ba2b..ce55475bd9 100644
--- a/modules/assetfs/layered.go
+++ b/modules/assetfs/layered.go
@@ -52,8 +52,8 @@ func Local(name, base string, sub ...string) *Layer {
 }
 
 // Bindata returns a new Layer with the given name, it serves files from the given bindata asset.
-func Bindata(name string, fs http.FileSystem) *Layer {
-	return &Layer{name: name, fs: fs}
+func Bindata(name string, fs fs.FS) *Layer {
+	return &Layer{name: name, fs: http.FS(fs)}
 }
 
 // LayeredFS is a layered asset file-system. It works like http.FileSystem, but it can have multiple layers.
diff --git a/modules/assetfs/layered_test.go b/modules/assetfs/layered_test.go
index 03a3ae0d7c..b549815ea5 100644
--- a/modules/assetfs/layered_test.go
+++ b/modules/assetfs/layered_test.go
@@ -52,7 +52,7 @@ func TestLayered(t *testing.T) {
 	assert.NoError(t, err)
 	bs, err := io.ReadAll(f)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "f1", string(bs))
+	assert.Equal(t, "f1", string(bs))
 	_ = f.Close()
 
 	assertRead := func(expected string, expectedErr error, elems ...string) {
@@ -76,27 +76,27 @@ func TestLayered(t *testing.T) {
 
 	files, err := assets.ListFiles(".", true)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"f1", "f2", "fa"}, files)
+	assert.Equal(t, []string{"f1", "f2", "fa"}, files)
 
 	files, err = assets.ListFiles(".", false)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"d1", "d2", "da"}, files)
+	assert.Equal(t, []string{"d1", "d2", "da"}, files)
 
 	files, err = assets.ListFiles(".")
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"d1", "d2", "da", "f1", "f2", "fa"}, files)
+	assert.Equal(t, []string{"d1", "d2", "da", "f1", "f2", "fa"}, files)
 
 	files, err = assets.ListAllFiles(".", true)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"d1/f", "d2/f", "da/f", "f1", "f2", "fa"}, files)
+	assert.Equal(t, []string{"d1/f", "d2/f", "da/f", "f1", "f2", "fa"}, files)
 
 	files, err = assets.ListAllFiles(".", false)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"d1", "d2", "da", "da/sub1", "da/sub2"}, files)
+	assert.Equal(t, []string{"d1", "d2", "da", "da/sub1", "da/sub2"}, files)
 
 	files, err = assets.ListAllFiles(".")
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"d1", "d1/f",
 		"d2", "d2/f",
 		"da", "da/f", "da/sub1", "da/sub2",
@@ -104,6 +104,6 @@ func TestLayered(t *testing.T) {
 	}, files)
 
 	assert.Empty(t, assets.GetFileLayerName("no-such"))
-	assert.EqualValues(t, "l1", assets.GetFileLayerName("f1"))
-	assert.EqualValues(t, "l2", assets.GetFileLayerName("f2"))
+	assert.Equal(t, "l1", assets.GetFileLayerName("f1"))
+	assert.Equal(t, "l2", assets.GetFileLayerName("f2"))
 }
diff --git a/modules/auth/httpauth/httpauth.go b/modules/auth/httpauth/httpauth.go
new file mode 100644
index 0000000000..7f1f1ee152
--- /dev/null
+++ b/modules/auth/httpauth/httpauth.go
@@ -0,0 +1,47 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package httpauth
+
+import (
+	"encoding/base64"
+	"strings"
+
+	"code.gitea.io/gitea/modules/util"
+)
+
+type BasicAuth struct {
+	Username, Password string
+}
+
+type BearerToken struct {
+	Token string
+}
+
+type ParsedAuthorizationHeader struct {
+	BasicAuth   *BasicAuth
+	BearerToken *BearerToken
+}
+
+func ParseAuthorizationHeader(header string) (ret ParsedAuthorizationHeader, _ bool) {
+	parts := strings.Fields(header)
+	if len(parts) != 2 {
+		return ret, false
+	}
+	if util.AsciiEqualFold(parts[0], "basic") {
+		s, err := base64.StdEncoding.DecodeString(parts[1])
+		if err != nil {
+			return ret, false
+		}
+		u, p, ok := strings.Cut(string(s), ":")
+		if !ok {
+			return ret, false
+		}
+		ret.BasicAuth = &BasicAuth{Username: u, Password: p}
+		return ret, true
+	} else if util.AsciiEqualFold(parts[0], "token") || util.AsciiEqualFold(parts[0], "bearer") {
+		ret.BearerToken = &BearerToken{Token: parts[1]}
+		return ret, true
+	}
+	return ret, false
+}
diff --git a/modules/auth/httpauth/httpauth_test.go b/modules/auth/httpauth/httpauth_test.go
new file mode 100644
index 0000000000..087b86917f
--- /dev/null
+++ b/modules/auth/httpauth/httpauth_test.go
@@ -0,0 +1,43 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package httpauth
+
+import (
+	"encoding/base64"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestParseAuthorizationHeader(t *testing.T) {
+	type parsed = ParsedAuthorizationHeader
+	type basic = BasicAuth
+	type bearer = BearerToken
+	cases := []struct {
+		headerValue string
+		expected    parsed
+		ok          bool
+	}{
+		{"", parsed{}, false},
+		{"?", parsed{}, false},
+		{"foo", parsed{}, false},
+		{"any value", parsed{}, false},
+
+		{"Basic ?", parsed{}, false},
+		{"Basic " + base64.StdEncoding.EncodeToString([]byte("foo")), parsed{}, false},
+		{"Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar")), parsed{BasicAuth: &basic{"foo", "bar"}}, true},
+		{"basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar")), parsed{BasicAuth: &basic{"foo", "bar"}}, true},
+
+		{"token value", parsed{BearerToken: &bearer{"value"}}, true},
+		{"Token value", parsed{BearerToken: &bearer{"value"}}, true},
+		{"bearer value", parsed{BearerToken: &bearer{"value"}}, true},
+		{"Bearer value", parsed{BearerToken: &bearer{"value"}}, true},
+		{"Bearer wrong value", parsed{}, false},
+	}
+	for _, c := range cases {
+		ret, ok := ParseAuthorizationHeader(c.headerValue)
+		assert.Equal(t, c.ok, ok, "header %q", c.headerValue)
+		assert.Equal(t, c.expected, ret, "header %q", c.headerValue)
+	}
+}
diff --git a/modules/auth/openid/discovery_cache_test.go b/modules/auth/openid/discovery_cache_test.go
index 7d4b27c5df..f3d7dd226e 100644
--- a/modules/auth/openid/discovery_cache_test.go
+++ b/modules/auth/openid/discovery_cache_test.go
@@ -26,7 +26,8 @@ func (s *testDiscoveredInfo) OpLocalID() string {
 }
 
 func TestTimedDiscoveryCache(t *testing.T) {
-	dc := newTimedDiscoveryCache(1 * time.Second)
+	ttl := 50 * time.Millisecond
+	dc := newTimedDiscoveryCache(ttl)
 
 	// Put some initial values
 	dc.Put("foo", &testDiscoveredInfo{}) // openid.opEndpoint: "a", openid.opLocalID: "b", openid.claimedID: "c"})
@@ -41,8 +42,8 @@ func TestTimedDiscoveryCache(t *testing.T) {
 	// Attempt to get a non-existent value
 	assert.Nil(t, dc.Get("bar"))
 
-	// Sleep one second and try retrieve again
-	time.Sleep(1 * time.Second)
+	// Sleep for a while and try to retrieve again
+	time.Sleep(ttl * 3 / 2)
 
 	assert.Nil(t, dc.Get("foo"))
 }
diff --git a/modules/auth/password/hash/common.go b/modules/auth/password/hash/common.go
index 487c0738f4..d5e2c34314 100644
--- a/modules/auth/password/hash/common.go
+++ b/modules/auth/password/hash/common.go
@@ -18,7 +18,7 @@ func parseIntParam(value, param, algorithmName, config string, previousErr error
 	return parsed, previousErr // <- Keep the previous error as this function should still return an error once everything has been checked if any call failed
 }
 
-func parseUIntParam(value, param, algorithmName, config string, previousErr error) (uint64, error) { //nolint:unparam
+func parseUIntParam(value, param, algorithmName, config string, previousErr error) (uint64, error) { //nolint:unparam // algorithmName is always argon2
 	parsed, err := strconv.ParseUint(value, 10, 64)
 	if err != nil {
 		log.Error("invalid integer for %s representation in %s hash spec %s", param, algorithmName, config)
diff --git a/modules/auth/password/password.go b/modules/auth/password/password.go
index c66b62937f..a1e101dd62 100644
--- a/modules/auth/password/password.go
+++ b/modules/auth/password/password.go
@@ -101,7 +101,7 @@ func Generate(n int) (string, error) {
 	buffer := make([]byte, n)
 	maxInt := big.NewInt(int64(len(validChars)))
 	for {
-		for j := 0; j < n; j++ {
+		for j := range n {
 			rnd, err := rand.Int(rand.Reader, maxInt)
 			if err != nil {
 				return "", err
diff --git a/modules/auth/password/password_test.go b/modules/auth/password/password_test.go
index 6c35dc86bd..0fea593c85 100644
--- a/modules/auth/password/password_test.go
+++ b/modules/auth/password/password_test.go
@@ -50,7 +50,7 @@ func TestComplexity_Generate(t *testing.T) {
 
 	test := func(t *testing.T, modes []string) {
 		testComplextity(modes)
-		for i := 0; i < maxCount; i++ {
+		for range maxCount {
 			pwd, err := Generate(pwdLen)
 			assert.NoError(t, err)
 			assert.Len(t, pwd, pwdLen)
diff --git a/modules/auth/password/pwn/pwn.go b/modules/auth/password/pwn/pwn.go
index f77ce9f40b..99a6ca6cea 100644
--- a/modules/auth/password/pwn/pwn.go
+++ b/modules/auth/password/pwn/pwn.go
@@ -101,7 +101,7 @@ func (c *Client) CheckPassword(pw string, padding bool) (int, error) {
 	}
 	defer resp.Body.Close()
 
-	for _, pair := range strings.Split(string(body), "\n") {
+	for pair := range strings.SplitSeq(string(body), "\n") {
 		parts := strings.Split(pair, ":")
 		if len(parts) != 2 {
 			continue
diff --git a/modules/avatar/avatar_test.go b/modules/avatar/avatar_test.go
index a721c77868..a5a1a7c1b0 100644
--- a/modules/avatar/avatar_test.go
+++ b/modules/avatar/avatar_test.go
@@ -94,8 +94,8 @@ func Test_ProcessAvatarImage(t *testing.T) {
 	assert.NotEqual(t, origin, result)
 	decoded, err := png.Decode(bytes.NewReader(result))
 	assert.NoError(t, err)
-	assert.EqualValues(t, scaledSize, decoded.Bounds().Max.X)
-	assert.EqualValues(t, scaledSize, decoded.Bounds().Max.Y)
+	assert.Equal(t, scaledSize, decoded.Bounds().Max.X)
+	assert.Equal(t, scaledSize, decoded.Bounds().Max.Y)
 
 	// if origin image is smaller than the default size, use the origin image
 	origin = newImgData(1)
diff --git a/modules/avatar/hash_test.go b/modules/avatar/hash_test.go
index 1b8249c696..c518144b47 100644
--- a/modules/avatar/hash_test.go
+++ b/modules/avatar/hash_test.go
@@ -19,8 +19,8 @@ func Test_HashAvatar(t *testing.T) {
 	var buff bytes.Buffer
 	png.Encode(&buff, myImage)
 
-	assert.EqualValues(t, "9ddb5bac41d57e72aa876321d0c09d71090c05f94bc625303801be2f3240d2cb", avatar.HashAvatar(1, buff.Bytes()))
-	assert.EqualValues(t, "9a5d44e5d637b9582a976676e8f3de1dccd877c2fe3e66ca3fab1629f2f47609", avatar.HashAvatar(8, buff.Bytes()))
-	assert.EqualValues(t, "ed7399158672088770de6f5211ce15528ebd675e92fc4fc060c025f4b2794ccb", avatar.HashAvatar(1024, buff.Bytes()))
-	assert.EqualValues(t, "161178642c7d59eb25a61dddced5e6b66eae1c70880d5f148b1b497b767e72d9", avatar.HashAvatar(1024, []byte{}))
+	assert.Equal(t, "9ddb5bac41d57e72aa876321d0c09d71090c05f94bc625303801be2f3240d2cb", avatar.HashAvatar(1, buff.Bytes()))
+	assert.Equal(t, "9a5d44e5d637b9582a976676e8f3de1dccd877c2fe3e66ca3fab1629f2f47609", avatar.HashAvatar(8, buff.Bytes()))
+	assert.Equal(t, "ed7399158672088770de6f5211ce15528ebd675e92fc4fc060c025f4b2794ccb", avatar.HashAvatar(1024, buff.Bytes()))
+	assert.Equal(t, "161178642c7d59eb25a61dddced5e6b66eae1c70880d5f148b1b497b767e72d9", avatar.HashAvatar(1024, []byte{}))
 }
diff --git a/modules/avatar/identicon/block.go b/modules/avatar/identicon/block.go
index cb1803a231..fc8ce90212 100644
--- a/modules/avatar/identicon/block.go
+++ b/modules/avatar/identicon/block.go
@@ -24,8 +24,8 @@ func drawBlock(img *image.Paletted, x, y, size, angle int, points []int) {
 		rotate(points, m, m, angle)
 	}
 
-	for i := 0; i < size; i++ {
-		for j := 0; j < size; j++ {
+	for i := range size {
+		for j := range size {
 			if pointInPolygon(i, j, points) {
 				img.SetColorIndex(x+i, y+j, 1)
 			}
diff --git a/modules/avatar/identicon/identicon.go b/modules/avatar/identicon/identicon.go
index 63926d5f19..ee92416a53 100644
--- a/modules/avatar/identicon/identicon.go
+++ b/modules/avatar/identicon/identicon.go
@@ -8,6 +8,7 @@ package identicon
 
 import (
 	"crypto/sha256"
+	"errors"
 	"fmt"
 	"image"
 	"image/color"
@@ -29,7 +30,7 @@ type Identicon struct {
 // fore all possible foreground colors. only one foreground color will be picked randomly for one image
 func New(size int, back color.Color, fore ...color.Color) (*Identicon, error) {
 	if len(fore) == 0 {
-		return nil, fmt.Errorf("foreground is not set")
+		return nil, errors.New("foreground is not set")
 	}
 
 	if size < minImageSize {
@@ -133,7 +134,7 @@ func drawBlocks(p *image.Paletted, size int, c, b1, b2 blockFunc, b1Angle, b2Ang
 
 	// then we make it left-right mirror, so we didn't draw 3/6/9 before
 	for x := 0; x < size/2; x++ {
-		for y := 0; y < size; y++ {
+		for y := range size {
 			p.SetColorIndex(size-x, y, p.ColorIndexAt(x, y))
 		}
 	}
diff --git a/modules/badge/badge.go b/modules/badge/badge.go
index b30d0b4729..d2e9bd9d1b 100644
--- a/modules/badge/badge.go
+++ b/modules/badge/badge.go
@@ -4,6 +4,10 @@
 package badge
 
 import (
+	"strings"
+	"sync"
+	"unicode"
+
 	actions_model "code.gitea.io/gitea/models/actions"
 )
 
@@ -11,94 +15,115 @@ import (
 // We use 10x scale to calculate more precisely
 // Then scale down to normal size in tmpl file
 
-type Label struct {
-	text  string
-	width int
-}
-
-func (l Label) Text() string {
-	return l.text
-}
-
-func (l Label) Width() int {
-	return l.width
-}
-
-func (l Label) TextLength() int {
-	return int(float64(l.width-defaultOffset) * 9.5)
-}
-
-func (l Label) X() int {
-	return l.width*5 + 10
-}
-
-type Message struct {
+type Text struct {
 	text  string
 	width int
 	x     int
 }
 
-func (m Message) Text() string {
-	return m.text
+func (t Text) Text() string {
+	return t.text
 }
 
-func (m Message) Width() int {
-	return m.width
+func (t Text) Width() int {
+	return t.width
 }
 
-func (m Message) X() int {
-	return m.x
+func (t Text) X() int {
+	return t.x
 }
 
-func (m Message) TextLength() int {
-	return int(float64(m.width-defaultOffset) * 9.5)
+func (t Text) TextLength() int {
+	return int(float64(t.width-defaultOffset) * 10)
 }
 
 type Badge struct {
-	Color    string
-	FontSize int
-	Label    Label
-	Message  Message
+	IDPrefix   string
+	FontFamily string
+	Color      string
+	FontSize   int
+	Label      Text
+	Message    Text
 }
 
 func (b Badge) Width() int {
 	return b.Label.width + b.Message.width
 }
 
+// Style follows https://shields.io/badges
 const (
-	defaultOffset    = 9
-	defaultFontSize  = 11
-	DefaultColor     = "#9f9f9f" // Grey
-	defaultFontWidth = 7         // approximate speculation
+	StyleFlat       = "flat"
+	StyleFlatSquare = "flat-square"
 )
 
-var StatusColorMap = map[actions_model.Status]string{
-	actions_model.StatusSuccess:   "#4c1",    // Green
-	actions_model.StatusSkipped:   "#dfb317", // Yellow
-	actions_model.StatusUnknown:   "#97ca00", // Light Green
-	actions_model.StatusFailure:   "#e05d44", // Red
-	actions_model.StatusCancelled: "#fe7d37", // Orange
-	actions_model.StatusWaiting:   "#dfb317", // Yellow
-	actions_model.StatusRunning:   "#dfb317", // Yellow
-	actions_model.StatusBlocked:   "#dfb317", // Yellow
-}
+const (
+	defaultOffset     = 10
+	defaultFontSize   = 11
+	DefaultColor      = "#9f9f9f" // Grey
+	DefaultFontFamily = "DejaVu Sans,Verdana,Geneva,sans-serif"
+	DefaultStyle      = StyleFlat
+)
+
+var GlobalVars = sync.OnceValue(func() (ret struct {
+	StatusColorMap       map[actions_model.Status]string
+	DejaVuGlyphWidthData map[rune]uint8
+	AllStyles            []string
+},
+) {
+	ret.StatusColorMap = map[actions_model.Status]string{
+		actions_model.StatusSuccess:   "#4c1",    // Green
+		actions_model.StatusSkipped:   "#dfb317", // Yellow
+		actions_model.StatusUnknown:   "#97ca00", // Light Green
+		actions_model.StatusFailure:   "#e05d44", // Red
+		actions_model.StatusCancelled: "#fe7d37", // Orange
+		actions_model.StatusWaiting:   "#dfb317", // Yellow
+		actions_model.StatusRunning:   "#dfb317", // Yellow
+		actions_model.StatusBlocked:   "#dfb317", // Yellow
+	}
+	ret.DejaVuGlyphWidthData = dejaVuGlyphWidthDataFunc()
+	ret.AllStyles = []string{StyleFlat, StyleFlatSquare}
+	return ret
+})
 
 // GenerateBadge generates badge with given template
 func GenerateBadge(label, message, color string) Badge {
-	lw := defaultFontWidth*len(label) + defaultOffset
-	mw := defaultFontWidth*len(message) + defaultOffset
-	x := lw*10 + mw*5 - 10
+	lw := calculateTextWidth(label) + defaultOffset
+	mw := calculateTextWidth(message) + defaultOffset
+
+	lx := lw * 5
+	mx := lw*10 + mw*5 - 10
 	return Badge{
-		Label: Label{
+		FontFamily: DefaultFontFamily,
+		Label: Text{
 			text:  label,
 			width: lw,
+			x:     lx,
 		},
-		Message: Message{
+		Message: Text{
 			text:  message,
 			width: mw,
-			x:     x,
+			x:     mx,
 		},
 		FontSize: defaultFontSize * 10,
 		Color:    color,
 	}
 }
+
+func calculateTextWidth(text string) int {
+	width := 0
+	widthData := GlobalVars().DejaVuGlyphWidthData
+	for _, char := range strings.TrimSpace(text) {
+		charWidth, ok := widthData[char]
+		if !ok {
+			// use the width of 'm' in case of missing glyph width data for a printable character
+			if unicode.IsPrint(char) {
+				charWidth = widthData['m']
+			} else {
+				charWidth = 0
+			}
+		}
+		width += int(charWidth)
+	}
+
+	return width
+}
diff --git a/modules/badge/badge_glyph_width.go b/modules/badge/badge_glyph_width.go
new file mode 100644
index 0000000000..0d950c5a70
--- /dev/null
+++ b/modules/badge/badge_glyph_width.go
@@ -0,0 +1,206 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package badge
+
+// DejaVuGlyphWidthData is generated by `sfnt.Face.GlyphAdvance(nil, <rune>, 11, font.HintingNone)` with DejaVu Sans
+// v2.37 (https://github.com/dejavu-fonts/dejavu-fonts/releases/download/version_2_37/dejavu-sans-ttf-2.37.zip).
+//
+// Fonts defined in "DefaultFontFamily" all have similar widths (including "DejaVu Sans"),
+// and these widths are fixed and don't seem to change.
+//
+// A devtest page "/devtest/badge-actions-svg" could be used to check the rendered images.
+
+func dejaVuGlyphWidthDataFunc() map[rune]uint8 {
+	return map[rune]uint8{
+		32:  3,
+		33:  4,
+		34:  5,
+		35:  9,
+		36:  7,
+		37:  10,
+		38:  9,
+		39:  3,
+		40:  4,
+		41:  4,
+		42:  6,
+		43:  9,
+		44:  3,
+		45:  4,
+		46:  3,
+		47:  4,
+		48:  7,
+		49:  7,
+		50:  7,
+		51:  7,
+		52:  7,
+		53:  7,
+		54:  7,
+		55:  7,
+		56:  7,
+		57:  7,
+		58:  4,
+		59:  4,
+		60:  9,
+		61:  9,
+		62:  9,
+		63:  6,
+		64:  11,
+		65:  8,
+		66:  8,
+		67:  8,
+		68:  8,
+		69:  7,
+		70:  6,
+		71:  9,
+		72:  8,
+		73:  3,
+		74:  3,
+		75:  7,
+		76:  6,
+		77:  9,
+		78:  8,
+		79:  9,
+		80:  7,
+		81:  9,
+		82:  8,
+		83:  7,
+		84:  7,
+		85:  8,
+		86:  8,
+		87:  11,
+		88:  8,
+		89:  7,
+		90:  8,
+		91:  4,
+		92:  4,
+		93:  4,
+		94:  9,
+		95:  6,
+		96:  6,
+		97:  7,
+		98:  7,
+		99:  6,
+		100: 7,
+		101: 7,
+		102: 4,
+		103: 7,
+		104: 7,
+		105: 3,
+		106: 3,
+		107: 6,
+		108: 3,
+		109: 11,
+		110: 7,
+		111: 7,
+		112: 7,
+		113: 7,
+		114: 5,
+		115: 6,
+		116: 4,
+		117: 7,
+		118: 7,
+		119: 9,
+		120: 7,
+		121: 7,
+		122: 6,
+		123: 7,
+		124: 4,
+		125: 7,
+		126: 9,
+		161: 4,
+		162: 7,
+		163: 7,
+		164: 7,
+		165: 7,
+		166: 4,
+		167: 6,
+		168: 6,
+		169: 11,
+		170: 5,
+		171: 7,
+		172: 9,
+		174: 11,
+		175: 6,
+		176: 6,
+		177: 9,
+		178: 4,
+		179: 4,
+		180: 6,
+		181: 7,
+		182: 7,
+		183: 3,
+		184: 6,
+		185: 4,
+		186: 5,
+		187: 7,
+		188: 11,
+		189: 11,
+		190: 11,
+		191: 6,
+		192: 8,
+		193: 8,
+		194: 8,
+		195: 8,
+		196: 8,
+		197: 8,
+		198: 11,
+		199: 8,
+		200: 7,
+		201: 7,
+		202: 7,
+		203: 7,
+		204: 3,
+		205: 3,
+		206: 3,
+		207: 3,
+		208: 9,
+		209: 8,
+		210: 9,
+		211: 9,
+		212: 9,
+		213: 9,
+		214: 9,
+		215: 9,
+		216: 9,
+		217: 8,
+		218: 8,
+		219: 8,
+		220: 8,
+		221: 7,
+		222: 7,
+		223: 7,
+		224: 7,
+		225: 7,
+		226: 7,
+		227: 7,
+		228: 7,
+		229: 7,
+		230: 11,
+		231: 6,
+		232: 7,
+		233: 7,
+		234: 7,
+		235: 7,
+		236: 3,
+		237: 3,
+		238: 3,
+		239: 3,
+		240: 7,
+		241: 7,
+		242: 7,
+		243: 7,
+		244: 7,
+		245: 7,
+		246: 7,
+		247: 9,
+		248: 7,
+		249: 7,
+		250: 7,
+		251: 7,
+		252: 7,
+		253: 7,
+		254: 7,
+		255: 7,
+	}
+}
diff --git a/modules/base/tool.go b/modules/base/tool.go
index 02ca85569e..ed94575e74 100644
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@@ -8,13 +8,10 @@ import (
 	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/subtle"
-	"encoding/base64"
 	"encoding/hex"
-	"errors"
 	"fmt"
 	"hash"
 	"strconv"
-	"strings"
 	"time"
 
 	"code.gitea.io/gitea/modules/setting"
@@ -36,19 +33,6 @@ func ShortSha(sha1 string) string {
 	return util.TruncateRunes(sha1, 10)
 }
 
-// BasicAuthDecode decode basic auth string
-func BasicAuthDecode(encoded string) (string, string, error) {
-	s, err := base64.StdEncoding.DecodeString(encoded)
-	if err != nil {
-		return "", "", err
-	}
-
-	if username, password, ok := strings.Cut(string(s), ":"); ok {
-		return username, password, nil
-	}
-	return "", "", errors.New("invalid basic authentication")
-}
-
 // VerifyTimeLimitCode verify time limit code
 func VerifyTimeLimitCode(now time.Time, data string, minutes int, code string) bool {
 	if len(code) <= 18 {
diff --git a/modules/base/tool_test.go b/modules/base/tool_test.go
index 7cebedb073..b7365e40c4 100644
--- a/modules/base/tool_test.go
+++ b/modules/base/tool_test.go
@@ -26,25 +26,6 @@ func TestShortSha(t *testing.T) {
 	assert.Equal(t, "veryverylo", ShortSha("veryverylong"))
 }
 
-func TestBasicAuthDecode(t *testing.T) {
-	_, _, err := BasicAuthDecode("?")
-	assert.Equal(t, "illegal base64 data at input byte 0", err.Error())
-
-	user, pass, err := BasicAuthDecode("Zm9vOmJhcg==")
-	assert.NoError(t, err)
-	assert.Equal(t, "foo", user)
-	assert.Equal(t, "bar", pass)
-
-	_, _, err = BasicAuthDecode("aW52YWxpZA==")
-	assert.Error(t, err)
-
-	_, _, err = BasicAuthDecode("invalid")
-	assert.Error(t, err)
-
-	_, _, err = BasicAuthDecode("YWxpY2U=") // "alice", no colon
-	assert.Error(t, err)
-}
-
 func TestVerifyTimeLimitCode(t *testing.T) {
 	defer test.MockVariableValue(&setting.InstallLock, true)()
 	initGeneralSecret := func(secret string) {
diff --git a/modules/cache/cache.go b/modules/cache/cache.go
index f7828e3cae..039caa9fbc 100644
--- a/modules/cache/cache.go
+++ b/modules/cache/cache.go
@@ -4,6 +4,8 @@
 package cache
 
 import (
+	"encoding/hex"
+	"errors"
 	"fmt"
 	"strconv"
 	"time"
@@ -22,7 +24,7 @@ func Init() error {
 		if err != nil {
 			return err
 		}
-		for i := 0; i < 10; i++ {
+		for range 10 {
 			if err = c.Ping(); err == nil {
 				break
 			}
@@ -48,10 +50,10 @@ const (
 // returns
 func Test() (time.Duration, error) {
 	if defaultCache == nil {
-		return 0, fmt.Errorf("default cache not initialized")
+		return 0, errors.New("default cache not initialized")
 	}
 
-	testData := fmt.Sprintf("%x", make([]byte, 500))
+	testData := hex.EncodeToString(make([]byte, 500))
 
 	start := time.Now()
 
@@ -63,10 +65,10 @@ func Test() (time.Duration, error) {
 	}
 	testVal, hit := defaultCache.Get(testCacheKey)
 	if !hit {
-		return 0, fmt.Errorf("expect cache hit but got none")
+		return 0, errors.New("expect cache hit but got none")
 	}
 	if testVal != testData {
-		return 0, fmt.Errorf("expect cache to return same value as stored but got other")
+		return 0, errors.New("expect cache to return same value as stored but got other")
 	}
 
 	return time.Since(start), nil
diff --git a/modules/cache/cache_redis.go b/modules/cache/cache_redis.go
index c5b52a2086..7473c938af 100644
--- a/modules/cache/cache_redis.go
+++ b/modules/cache/cache_redis.go
@@ -11,7 +11,7 @@ import (
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/nosql"
 
-	"gitea.com/go-chi/cache" //nolint:depguard
+	"gitea.com/go-chi/cache" //nolint:depguard // we wrap this package here
 	"github.com/redis/go-redis/v9"
 )
 
diff --git a/modules/cache/cache_test.go b/modules/cache/cache_test.go
index 5408020306..d6ea2032ee 100644
--- a/modules/cache/cache_test.go
+++ b/modules/cache/cache_test.go
@@ -4,7 +4,7 @@
 package cache
 
 import (
-	"fmt"
+	"errors"
 	"testing"
 	"time"
 
@@ -57,22 +57,22 @@ func TestGetString(t *testing.T) {
 	createTestCache()
 
 	data, err := GetString("key", func() (string, error) {
-		return "", fmt.Errorf("some error")
+		return "", errors.New("some error")
 	})
 	assert.Error(t, err)
-	assert.Equal(t, "", data)
+	assert.Empty(t, data)
 
 	data, err = GetString("key", func() (string, error) {
 		return "", nil
 	})
 	assert.NoError(t, err)
-	assert.Equal(t, "", data)
+	assert.Empty(t, data)
 
 	data, err = GetString("key", func() (string, error) {
 		return "some data", nil
 	})
 	assert.NoError(t, err)
-	assert.Equal(t, "", data)
+	assert.Empty(t, data)
 	Remove("key")
 
 	data, err = GetString("key", func() (string, error) {
@@ -82,7 +82,7 @@ func TestGetString(t *testing.T) {
 	assert.Equal(t, "some data", data)
 
 	data, err = GetString("key", func() (string, error) {
-		return "", fmt.Errorf("some error")
+		return "", errors.New("some error")
 	})
 	assert.NoError(t, err)
 	assert.Equal(t, "some data", data)
@@ -93,7 +93,7 @@ func TestGetInt64(t *testing.T) {
 	createTestCache()
 
 	data, err := GetInt64("key", func() (int64, error) {
-		return 0, fmt.Errorf("some error")
+		return 0, errors.New("some error")
 	})
 	assert.Error(t, err)
 	assert.EqualValues(t, 0, data)
@@ -118,7 +118,7 @@ func TestGetInt64(t *testing.T) {
 	assert.EqualValues(t, 100, data)
 
 	data, err = GetInt64("key", func() (int64, error) {
-		return 0, fmt.Errorf("some error")
+		return 0, errors.New("some error")
 	})
 	assert.NoError(t, err)
 	assert.EqualValues(t, 100, data)
diff --git a/modules/cache/cache_twoqueue.go b/modules/cache/cache_twoqueue.go
index 1eda2debc4..c8db686e57 100644
--- a/modules/cache/cache_twoqueue.go
+++ b/modules/cache/cache_twoqueue.go
@@ -10,7 +10,7 @@ import (
 
 	"code.gitea.io/gitea/modules/json"
 
-	mc "gitea.com/go-chi/cache" //nolint:depguard
+	mc "gitea.com/go-chi/cache" //nolint:depguard // we wrap this package here
 	lru "github.com/hashicorp/golang-lru/v2"
 )
 
diff --git a/modules/cache/context.go b/modules/cache/context.go
index 484cee659a..23f7c23a52 100644
--- a/modules/cache/context.go
+++ b/modules/cache/context.go
@@ -5,176 +5,39 @@ package cache
 
 import (
 	"context"
-	"sync"
 	"time"
-
-	"code.gitea.io/gitea/modules/log"
 )
 
-// cacheContext is a context that can be used to cache data in a request level context
-// This is useful for caching data that is expensive to calculate and is likely to be
-// used multiple times in a request.
-type cacheContext struct {
-	data    map[any]map[any]any
-	lock    sync.RWMutex
-	created time.Time
-	discard bool
-}
-
-func (cc *cacheContext) Get(tp, key any) any {
-	cc.lock.RLock()
-	defer cc.lock.RUnlock()
-	return cc.data[tp][key]
-}
-
-func (cc *cacheContext) Put(tp, key, value any) {
-	cc.lock.Lock()
-	defer cc.lock.Unlock()
-
-	if cc.discard {
-		return
-	}
-
-	d := cc.data[tp]
-	if d == nil {
-		d = make(map[any]any)
-		cc.data[tp] = d
-	}
-	d[key] = value
-}
-
-func (cc *cacheContext) Delete(tp, key any) {
-	cc.lock.Lock()
-	defer cc.lock.Unlock()
-	delete(cc.data[tp], key)
-}
-
-func (cc *cacheContext) Discard() {
-	cc.lock.Lock()
-	defer cc.lock.Unlock()
-	cc.data = nil
-	cc.discard = true
-}
-
-func (cc *cacheContext) isDiscard() bool {
-	cc.lock.RLock()
-	defer cc.lock.RUnlock()
-	return cc.discard
-}
-
-// cacheContextLifetime is the max lifetime of cacheContext.
-// Since cacheContext is used to cache data in a request level context, 5 minutes is enough.
-// If a cacheContext is used more than 5 minutes, it's probably misuse.
-const cacheContextLifetime = 5 * time.Minute
-
-var timeNow = time.Now
+type cacheContextKeyType struct{}
 
-func (cc *cacheContext) Expired() bool {
-	return timeNow().Sub(cc.created) > cacheContextLifetime
-}
-
-var cacheContextKey = struct{}{}
-
-/*
-Since there are both WithCacheContext and WithNoCacheContext,
-it may be confusing when there is nesting.
-
-Some cases to explain the design:
-
-When:
-- A, B or C means a cache context.
-- A', B' or C' means a discard cache context.
-- ctx means context.Backgrand().
-- A(ctx) means a cache context with ctx as the parent context.
-- B(A(ctx)) means a cache context with A(ctx) as the parent context.
-- With is alias of WithCacheContext.
-- WithNo is alias of WithNoCacheContext.
+var cacheContextKey = cacheContextKeyType{}
 
-So:
-- With(ctx) -> A(ctx)
-- With(With(ctx)) -> A(ctx), not B(A(ctx)), always reuse parent cache context if possible.
-- With(With(With(ctx))) -> A(ctx), not C(B(A(ctx))), ditto.
-- WithNo(ctx) -> ctx, not A'(ctx), don't create new cache context if we don't have to.
-- WithNo(With(ctx)) -> A'(ctx)
-- WithNo(WithNo(With(ctx))) -> A'(ctx), not B'(A'(ctx)), don't create new cache context if we don't have to.
-- With(WithNo(With(ctx))) -> B(A'(ctx)), not A(ctx), never reuse a discard cache context.
-- WithNo(With(WithNo(With(ctx)))) -> B'(A'(ctx))
-- With(WithNo(With(WithNo(With(ctx))))) -> C(B'(A'(ctx))), so there's always only one not-discard cache context.
-*/
+// contextCacheLifetime is the max lifetime of context cache.
+// Since context cache is used to cache data in a request level context, 5 minutes is enough.
+// If a context cache is used more than 5 minutes, it's probably abused.
+const contextCacheLifetime = 5 * time.Minute
 
 func WithCacheContext(ctx context.Context) context.Context {
-	if c, ok := ctx.Value(cacheContextKey).(*cacheContext); ok {
-		if !c.isDiscard() {
-			// reuse parent context
-			return ctx
-		}
-	}
-	// FIXME: review the use of this nolint directive
-	return context.WithValue(ctx, cacheContextKey, &cacheContext{ //nolint:staticcheck
-		data:    make(map[any]map[any]any),
-		created: timeNow(),
-	})
-}
-
-func WithNoCacheContext(ctx context.Context) context.Context {
-	if c, ok := ctx.Value(cacheContextKey).(*cacheContext); ok {
-		// The caller want to run long-life tasks, but the parent context is a cache context.
-		// So we should disable and clean the cache data, or it will be kept in memory for a long time.
-		c.Discard()
+	if c := GetContextCache(ctx); c != nil {
 		return ctx
 	}
-
-	return ctx
-}
-
-func GetContextData(ctx context.Context, tp, key any) any {
-	if c, ok := ctx.Value(cacheContextKey).(*cacheContext); ok {
-		if c.Expired() {
-			// The warning means that the cache context is misused for long-life task,
-			// it can be resolved with WithNoCacheContext(ctx).
-			log.Warn("cache context is expired, is highly likely to be misused for long-life tasks: %v", c)
-			return nil
-		}
-		return c.Get(tp, key)
-	}
-	return nil
+	return context.WithValue(ctx, cacheContextKey, NewEphemeralCache(contextCacheLifetime))
 }
 
-func SetContextData(ctx context.Context, tp, key, value any) {
-	if c, ok := ctx.Value(cacheContextKey).(*cacheContext); ok {
-		if c.Expired() {
-			// The warning means that the cache context is misused for long-life task,
-			// it can be resolved with WithNoCacheContext(ctx).
-			log.Warn("cache context is expired, is highly likely to be misused for long-life tasks: %v", c)
-			return
-		}
-		c.Put(tp, key, value)
-		return
-	}
-}
-
-func RemoveContextData(ctx context.Context, tp, key any) {
-	if c, ok := ctx.Value(cacheContextKey).(*cacheContext); ok {
-		if c.Expired() {
-			// The warning means that the cache context is misused for long-life task,
-			// it can be resolved with WithNoCacheContext(ctx).
-			log.Warn("cache context is expired, is highly likely to be misused for long-life tasks: %v", c)
-			return
-		}
-		c.Delete(tp, key)
-	}
+func GetContextCache(ctx context.Context) *EphemeralCache {
+	c, _ := ctx.Value(cacheContextKey).(*EphemeralCache)
+	return c
 }
 
 // GetWithContextCache returns the cache value of the given key in the given context.
-func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error) {
-	v := GetContextData(ctx, cacheGroupKey, cacheTargetID)
-	if vv, ok := v.(T); ok {
-		return vv, nil
-	}
-	t, err := f()
-	if err != nil {
-		return t, err
-	}
-	SetContextData(ctx, cacheGroupKey, cacheTargetID, t)
-	return t, nil
+// FIXME: in some cases, the "context cache" should not be used, because it has uncontrollable behaviors
+// For example, these calls:
+// * GetWithContextCache(TargetID) -> OtherCodeCreateModel(TargetID) -> GetWithContextCache(TargetID)
+// Will cause the second call is not able to get the correct created target.
+// UNLESS it is certain that the target won't be changed during the request, DO NOT use it.
+func GetWithContextCache[T, K any](ctx context.Context, groupKey string, targetKey K, f func(context.Context, K) (T, error)) (T, error) {
+	if c := GetContextCache(ctx); c != nil {
+		return GetWithEphemeralCache(ctx, c, groupKey, targetKey, f)
+	}
+	return f(ctx, targetKey)
 }
diff --git a/modules/cache/context_test.go b/modules/cache/context_test.go
index cfc186a7bd..8371c2b908 100644
--- a/modules/cache/context_test.go
+++ b/modules/cache/context_test.go
@@ -4,74 +4,47 @@
 package cache
 
 import (
+	"context"
 	"testing"
 	"time"
 
+	"code.gitea.io/gitea/modules/test"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func TestWithCacheContext(t *testing.T) {
 	ctx := WithCacheContext(t.Context())
-
-	v := GetContextData(ctx, "empty_field", "my_config1")
+	c := GetContextCache(ctx)
+	v, _ := c.Get("empty_field", "my_config1")
 	assert.Nil(t, v)
 
 	const field = "system_setting"
-	v = GetContextData(ctx, field, "my_config1")
+	v, _ = c.Get(field, "my_config1")
 	assert.Nil(t, v)
-	SetContextData(ctx, field, "my_config1", 1)
-	v = GetContextData(ctx, field, "my_config1")
+	c.Put(field, "my_config1", 1)
+	v, _ = c.Get(field, "my_config1")
 	assert.NotNil(t, v)
-	assert.EqualValues(t, 1, v.(int))
+	assert.Equal(t, 1, v.(int))
 
-	RemoveContextData(ctx, field, "my_config1")
-	RemoveContextData(ctx, field, "my_config2") // remove a non-exist key
+	c.Delete(field, "my_config1")
+	c.Delete(field, "my_config2") // remove a non-exist key
 
-	v = GetContextData(ctx, field, "my_config1")
+	v, _ = c.Get(field, "my_config1")
 	assert.Nil(t, v)
 
-	vInt, err := GetWithContextCache(ctx, field, "my_config1", func() (int, error) {
+	vInt, err := GetWithContextCache(ctx, field, "my_config1", func(context.Context, string) (int, error) {
 		return 1, nil
 	})
 	assert.NoError(t, err)
-	assert.EqualValues(t, 1, vInt)
+	assert.Equal(t, 1, vInt)
 
-	v = GetContextData(ctx, field, "my_config1")
+	v, _ = c.Get(field, "my_config1")
 	assert.EqualValues(t, 1, v)
 
-	now := timeNow
-	defer func() {
-		timeNow = now
-	}()
-	timeNow = func() time.Time {
-		return now().Add(5 * time.Minute)
-	}
-	v = GetContextData(ctx, field, "my_config1")
-	assert.Nil(t, v)
-}
-
-func TestWithNoCacheContext(t *testing.T) {
-	ctx := t.Context()
-
-	const field = "system_setting"
-
-	v := GetContextData(ctx, field, "my_config1")
-	assert.Nil(t, v)
-	SetContextData(ctx, field, "my_config1", 1)
-	v = GetContextData(ctx, field, "my_config1")
-	assert.Nil(t, v) // still no cache
-
-	ctx = WithCacheContext(ctx)
-	v = GetContextData(ctx, field, "my_config1")
-	assert.Nil(t, v)
-	SetContextData(ctx, field, "my_config1", 1)
-	v = GetContextData(ctx, field, "my_config1")
-	assert.NotNil(t, v)
-
-	ctx = WithNoCacheContext(ctx)
-	v = GetContextData(ctx, field, "my_config1")
+	defer test.MockVariableValue(&timeNow, func() time.Time {
+		return time.Now().Add(5 * time.Minute)
+	})()
+	v, _ = c.Get(field, "my_config1")
 	assert.Nil(t, v)
-	SetContextData(ctx, field, "my_config1", 1)
-	v = GetContextData(ctx, field, "my_config1")
-	assert.Nil(t, v) // still no cache
 }
diff --git a/modules/cache/ephemeral.go b/modules/cache/ephemeral.go
new file mode 100644
index 0000000000..6996010ac4
--- /dev/null
+++ b/modules/cache/ephemeral.go
@@ -0,0 +1,90 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cache
+
+import (
+	"context"
+	"sync"
+	"time"
+
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
+)
+
+// EphemeralCache is a cache that can be used to store data in a request level context
+// This is useful for caching data that is expensive to calculate and is likely to be
+// used multiple times in a request.
+type EphemeralCache struct {
+	data          map[any]map[any]any
+	lock          sync.RWMutex
+	created       time.Time
+	checkLifeTime time.Duration
+}
+
+var timeNow = time.Now
+
+func NewEphemeralCache(checkLifeTime ...time.Duration) *EphemeralCache {
+	return &EphemeralCache{
+		data:          make(map[any]map[any]any),
+		created:       timeNow(),
+		checkLifeTime: util.OptionalArg(checkLifeTime, 0),
+	}
+}
+
+func (cc *EphemeralCache) checkExceededLifeTime(tp, key any) bool {
+	if cc.checkLifeTime > 0 && timeNow().Sub(cc.created) > cc.checkLifeTime {
+		log.Warn("EphemeralCache is expired, is highly likely to be abused for long-life tasks: %v, %v", tp, key)
+		return true
+	}
+	return false
+}
+
+func (cc *EphemeralCache) Get(tp, key any) (any, bool) {
+	if cc.checkExceededLifeTime(tp, key) {
+		return nil, false
+	}
+	cc.lock.RLock()
+	defer cc.lock.RUnlock()
+	ret, ok := cc.data[tp][key]
+	return ret, ok
+}
+
+func (cc *EphemeralCache) Put(tp, key, value any) {
+	if cc.checkExceededLifeTime(tp, key) {
+		return
+	}
+
+	cc.lock.Lock()
+	defer cc.lock.Unlock()
+
+	d := cc.data[tp]
+	if d == nil {
+		d = make(map[any]any)
+		cc.data[tp] = d
+	}
+	d[key] = value
+}
+
+func (cc *EphemeralCache) Delete(tp, key any) {
+	if cc.checkExceededLifeTime(tp, key) {
+		return
+	}
+
+	cc.lock.Lock()
+	defer cc.lock.Unlock()
+	delete(cc.data[tp], key)
+}
+
+func GetWithEphemeralCache[T, K any](ctx context.Context, c *EphemeralCache, groupKey string, targetKey K, f func(context.Context, K) (T, error)) (T, error) {
+	v, has := c.Get(groupKey, targetKey)
+	if vv, ok := v.(T); has && ok {
+		return vv, nil
+	}
+	t, err := f(ctx, targetKey)
+	if err != nil {
+		return t, err
+	}
+	c.Put(groupKey, targetKey, t)
+	return t, nil
+}
diff --git a/modules/cache/string_cache.go b/modules/cache/string_cache.go
index 4f659616f5..3562b7a926 100644
--- a/modules/cache/string_cache.go
+++ b/modules/cache/string_cache.go
@@ -11,7 +11,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 
-	chi_cache "gitea.com/go-chi/cache" //nolint:depguard
+	chi_cache "gitea.com/go-chi/cache" //nolint:depguard // we wrap this package here
 )
 
 type GetJSONError struct {
diff --git a/modules/cachegroup/cachegroup.go b/modules/cachegroup/cachegroup.go
new file mode 100644
index 0000000000..06085f860f
--- /dev/null
+++ b/modules/cachegroup/cachegroup.go
@@ -0,0 +1,12 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cachegroup
+
+const (
+	User               = "user"
+	EmailAvatarLink    = "email_avatar_link"
+	UserEmailAddresses = "user_email_addresses"
+	GPGKeyWithSubKeys  = "gpg_key_with_subkeys"
+	RepoUserPermission = "repo_user_permission"
+)
diff --git a/modules/charset/ambiguous_gen_test.go b/modules/charset/ambiguous_gen_test.go
index 221c27d0e1..d3be0b1a13 100644
--- a/modules/charset/ambiguous_gen_test.go
+++ b/modules/charset/ambiguous_gen_test.go
@@ -14,7 +14,7 @@ import (
 func TestAmbiguousCharacters(t *testing.T) {
 	for locale, ambiguous := range AmbiguousCharacters {
 		assert.Equal(t, locale, ambiguous.Locale)
-		assert.Equal(t, len(ambiguous.Confusable), len(ambiguous.With))
+		assert.Len(t, ambiguous.With, len(ambiguous.Confusable))
 		assert.True(t, sort.SliceIsSorted(ambiguous.Confusable, func(i, j int) bool {
 			return ambiguous.Confusable[i] < ambiguous.Confusable[j]
 		}))
diff --git a/modules/charset/charset.go b/modules/charset/charset.go
index 1855446a98..597ce5120c 100644
--- a/modules/charset/charset.go
+++ b/modules/charset/charset.go
@@ -164,7 +164,7 @@ func DetectEncoding(content []byte) (string, error) {
 		}
 		times := 1024 / len(content)
 		detectContent = make([]byte, 0, times*len(content))
-		for i := 0; i < times; i++ {
+		for range times {
 			detectContent = append(detectContent, content...)
 		}
 	} else {
diff --git a/modules/charset/charset_test.go b/modules/charset/charset_test.go
index 19b1303365..cd2e3b9aaa 100644
--- a/modules/charset/charset_test.go
+++ b/modules/charset/charset_test.go
@@ -242,7 +242,7 @@ func stringMustEndWith(t *testing.T, expected, value string) {
 func TestToUTF8WithFallbackReader(t *testing.T) {
 	resetDefaultCharsetsOrder()
 
-	for testLen := 0; testLen < 2048; testLen++ {
+	for testLen := range 2048 {
 		pattern := "    test { () }\n"
 		input := ""
 		for len(input) < testLen {
@@ -252,7 +252,7 @@ func TestToUTF8WithFallbackReader(t *testing.T) {
 		input += "// Выключаем"
 		rd := ToUTF8WithFallbackReader(bytes.NewReader([]byte(input)), ConvertOpts{})
 		r, _ := io.ReadAll(rd)
-		assert.EqualValuesf(t, input, string(r), "testing string len=%d", testLen)
+		assert.Equalf(t, input, string(r), "testing string len=%d", testLen)
 	}
 
 	truncatedOneByteExtension := failFastBytes
diff --git a/modules/structs/commit_status.go b/modules/commitstatus/commit_status.go
index dc880ef5eb..a0ab4e7186 100644
--- a/modules/structs/commit_status.go
+++ b/modules/commitstatus/commit_status.go
@@ -1,11 +1,11 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package structs
+package commitstatus
 
 // CommitStatusState holds the state of a CommitStatus
-// It can be "pending", "success", "error" and "failure"
-type CommitStatusState string
+// swagger:enum CommitStatusState
+type CommitStatusState string //nolint:revive // export stutter
 
 const (
 	// CommitStatusPending is for when the CommitStatus is Pending
@@ -18,35 +18,14 @@ const (
 	CommitStatusFailure CommitStatusState = "failure"
 	// CommitStatusWarning is for when the CommitStatus is Warning
 	CommitStatusWarning CommitStatusState = "warning"
+	// CommitStatusSkipped is for when CommitStatus is Skipped
+	CommitStatusSkipped CommitStatusState = "skipped"
 )
 
-var commitStatusPriorities = map[CommitStatusState]int{
-	CommitStatusError:   0,
-	CommitStatusFailure: 1,
-	CommitStatusWarning: 2,
-	CommitStatusPending: 3,
-	CommitStatusSuccess: 4,
-}
-
 func (css CommitStatusState) String() string {
 	return string(css)
 }
 
-// NoBetterThan returns true if this State is no better than the given State
-// This function only handles the states defined in CommitStatusPriorities
-func (css CommitStatusState) NoBetterThan(css2 CommitStatusState) bool {
-	// NoBetterThan only handles the 5 states above
-	if _, exist := commitStatusPriorities[css]; !exist {
-		return false
-	}
-
-	if _, exist := commitStatusPriorities[css2]; !exist {
-		return false
-	}
-
-	return commitStatusPriorities[css] <= commitStatusPriorities[css2]
-}
-
 // IsPending represents if commit status state is pending
 func (css CommitStatusState) IsPending() bool {
 	return css == CommitStatusPending
@@ -71,3 +50,32 @@ func (css CommitStatusState) IsFailure() bool {
 func (css CommitStatusState) IsWarning() bool {
 	return css == CommitStatusWarning
 }
+
+// IsSkipped represents if commit status state is skipped
+func (css CommitStatusState) IsSkipped() bool {
+	return css == CommitStatusSkipped
+}
+
+type CommitStatusStates []CommitStatusState //nolint:revive // export stutter
+
+// According to https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#get-the-combined-status-for-a-specific-reference
+// > Additionally, a combined state is returned. The state is one of:
+// > failure if any of the contexts report as error or failure
+// > pending if there are no statuses or a context is pending
+// > success if the latest status for all contexts is success
+func (css CommitStatusStates) Combine() CommitStatusState {
+	successCnt := 0
+	for _, state := range css {
+		switch {
+		case state.IsError() || state.IsFailure():
+			return CommitStatusFailure
+		case state.IsPending():
+		case state.IsSuccess() || state.IsWarning() || state.IsSkipped():
+			successCnt++
+		}
+	}
+	if successCnt > 0 && successCnt == len(css) {
+		return CommitStatusSuccess
+	}
+	return CommitStatusPending
+}
diff --git a/modules/commitstatus/commit_status_test.go b/modules/commitstatus/commit_status_test.go
new file mode 100644
index 0000000000..10d8f20aa4
--- /dev/null
+++ b/modules/commitstatus/commit_status_test.go
@@ -0,0 +1,201 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package commitstatus
+
+import "testing"
+
+func TestCombine(t *testing.T) {
+	tests := []struct {
+		name     string
+		states   CommitStatusStates
+		expected CommitStatusState
+	}{
+		// 0 states
+		{
+			name:     "empty",
+			states:   CommitStatusStates{},
+			expected: CommitStatusPending,
+		},
+		// 1 state
+		{
+			name:     "pending",
+			states:   CommitStatusStates{CommitStatusPending},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "success",
+			states:   CommitStatusStates{CommitStatusSuccess},
+			expected: CommitStatusSuccess,
+		},
+		{
+			name:     "error",
+			states:   CommitStatusStates{CommitStatusError},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "failure",
+			states:   CommitStatusStates{CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "warning",
+			states:   CommitStatusStates{CommitStatusWarning},
+			expected: CommitStatusSuccess,
+		},
+		// 2 states
+		{
+			name:     "pending and success",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "pending and error",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusError},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending and failure",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending and warning",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusWarning},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "success and error",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusError},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success and failure",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success and warning",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusWarning},
+			expected: CommitStatusSuccess,
+		},
+		{
+			name:     "error and failure",
+			states:   CommitStatusStates{CommitStatusError, CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "error and warning",
+			states:   CommitStatusStates{CommitStatusError, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "failure and warning",
+			states:   CommitStatusStates{CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		// 3 states
+		{
+			name:     "pending, success and warning",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusWarning},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "pending, success and error",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusError},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending, success and failure",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending, error and failure",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusError, CommitStatusFailure},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success, error and warning",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusError, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success, failure and warning",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "error, failure and warning",
+			states:   CommitStatusStates{CommitStatusError, CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success, warning and skipped",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusWarning, CommitStatusSkipped},
+			expected: CommitStatusSuccess,
+		},
+		// All success
+		{
+			name:     "all success",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusSuccess, CommitStatusSuccess},
+			expected: CommitStatusSuccess,
+		},
+		// All pending
+		{
+			name:     "all pending",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusPending, CommitStatusPending},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "all skipped",
+			states:   CommitStatusStates{CommitStatusSkipped, CommitStatusSkipped, CommitStatusSkipped},
+			expected: CommitStatusSuccess,
+		},
+		// 4 states
+		{
+			name:     "pending, success, error and warning",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusError, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending, success, failure and warning",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "pending, error, failure and warning",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusError, CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "success, error, failure and warning",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusError, CommitStatusFailure, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "mixed states",
+			states:   CommitStatusStates{CommitStatusPending, CommitStatusSuccess, CommitStatusError, CommitStatusWarning},
+			expected: CommitStatusFailure,
+		},
+		{
+			name:     "mixed states with all success",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusSuccess, CommitStatusPending, CommitStatusWarning},
+			expected: CommitStatusPending,
+		},
+		{
+			name:     "all success with warning",
+			states:   CommitStatusStates{CommitStatusSuccess, CommitStatusSuccess, CommitStatusSuccess, CommitStatusWarning},
+			expected: CommitStatusSuccess,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := tt.states.Combine()
+			if result != tt.expected {
+				t.Errorf("expected %v, got %v", tt.expected, result)
+			}
+		})
+	}
+}
diff --git a/modules/csv/csv_test.go b/modules/csv/csv_test.go
index 25945113a7..be9fc5f823 100644
--- a/modules/csv/csv_test.go
+++ b/modules/csv/csv_test.go
@@ -99,10 +99,10 @@ j, ,\x20
 	for n, c := range cases {
 		rd, err := CreateReaderAndDetermineDelimiter(nil, strings.NewReader(decodeSlashes(t, c.csv)))
 		assert.NoError(t, err, "case %d: should not throw error: %v\n", n, err)
-		assert.EqualValues(t, c.expectedDelimiter, rd.Comma, "case %d: delimiter should be '%c', got '%c'", n, c.expectedDelimiter, rd.Comma)
+		assert.Equal(t, c.expectedDelimiter, rd.Comma, "case %d: delimiter should be '%c', got '%c'", n, c.expectedDelimiter, rd.Comma)
 		rows, err := rd.ReadAll()
 		assert.NoError(t, err, "case %d: should not throw error: %v\n", n, err)
-		assert.EqualValues(t, c.expectedRows, rows, "case %d: rows should be equal", n)
+		assert.Equal(t, c.expectedRows, rows, "case %d: rows should be equal", n)
 	}
 }
 
@@ -231,7 +231,7 @@ John Doe	john@doe.com	This,note,had,a,lot,of,commas,to,test,delimiters`,
 
 	for n, c := range cases {
 		delimiter := determineDelimiter(markup.NewRenderContext(t.Context()).WithRelativePath(c.filename), []byte(decodeSlashes(t, c.csv)))
-		assert.EqualValues(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
+		assert.Equal(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
 	}
 }
 
@@ -296,7 +296,7 @@ abc   | |123
 
 	for n, c := range cases {
 		modifiedText := removeQuotedString(decodeSlashes(t, c.text))
-		assert.EqualValues(t, c.expectedText, modifiedText, "case %d: modified text should be equal", n)
+		assert.Equal(t, c.expectedText, modifiedText, "case %d: modified text should be equal", n)
 	}
 }
 
@@ -451,7 +451,7 @@ jkl`,
 
 	for n, c := range cases {
 		delimiter := guessDelimiter([]byte(decodeSlashes(t, c.csv)))
-		assert.EqualValues(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
+		assert.Equal(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
 	}
 }
 
@@ -543,7 +543,7 @@ a|"he said, ""here I am"""`,
 
 	for n, c := range cases {
 		delimiter := guessFromBeforeAfterQuotes([]byte(decodeSlashes(t, c.csv)))
-		assert.EqualValues(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
+		assert.Equal(t, c.expectedDelimiter, delimiter, "case %d: delimiter should be equal, expected '%c' got '%c'", n, c.expectedDelimiter, delimiter)
 	}
 }
 
@@ -579,7 +579,7 @@ func TestFormatError(t *testing.T) {
 			assert.Error(t, err, "case %d: expected an error to be returned", n)
 		} else {
 			assert.NoError(t, err, "case %d: no error was expected, got error: %v", n, err)
-			assert.EqualValues(t, c.expectedMessage, message, "case %d: messages should be equal, expected '%s' got '%s'", n, c.expectedMessage, message)
+			assert.Equal(t, c.expectedMessage, message, "case %d: messages should be equal, expected '%s' got '%s'", n, c.expectedMessage, message)
 		}
 	}
 }
diff --git a/modules/dump/dumper_test.go b/modules/dump/dumper_test.go
index 2db3a598a4..8f06c1851d 100644
--- a/modules/dump/dumper_test.go
+++ b/modules/dump/dumper_test.go
@@ -103,11 +103,11 @@ func TestDumper(t *testing.T) {
 	d.GlobalExcludeAbsPath(filepath.Join(tmpDir, "include/exclude1"))
 	err := d.AddRecursiveExclude("include", filepath.Join(tmpDir, "include"), []string{filepath.Join(tmpDir, "include/exclude2")})
 	assert.NoError(t, err)
-	assert.EqualValues(t, sortStrings([]string{"include/a", "include/sub", "include/sub/b"}), sortStrings(tw.added))
+	assert.Equal(t, sortStrings([]string{"include/a", "include/sub", "include/sub/b"}), sortStrings(tw.added))
 
 	tw = &testWriter{}
 	d = &Dumper{Writer: tw}
 	err = d.AddRecursiveExclude("include", filepath.Join(tmpDir, "include"), nil)
 	assert.NoError(t, err)
-	assert.EqualValues(t, sortStrings([]string{"include/exclude2", "include/exclude2/a-2", "include/a", "include/sub", "include/sub/b", "include/exclude1", "include/exclude1/a-1"}), sortStrings(tw.added))
+	assert.Equal(t, sortStrings([]string{"include/exclude2", "include/exclude2/a-2", "include/a", "include/sub", "include/sub/b", "include/exclude1", "include/exclude1/a-1"}), sortStrings(tw.added))
 }
diff --git a/modules/fileicon/basic.go b/modules/fileicon/basic.go
index 040a8e87de..9c513ccbd9 100644
--- a/modules/fileicon/basic.go
+++ b/modules/fileicon/basic.go
@@ -6,22 +6,26 @@ package fileicon
 import (
 	"html/template"
 
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/svg"
+	"code.gitea.io/gitea/modules/util"
 )
 
-func BasicThemeIcon(entry *git.TreeEntry) template.HTML {
+func BasicEntryIconName(entry *EntryInfo) string {
 	svgName := "octicon-file"
 	switch {
-	case entry.IsLink():
+	case entry.EntryMode.IsLink():
 		svgName = "octicon-file-symlink-file"
-		if te, err := entry.FollowLink(); err == nil && te.IsDir() {
+		if entry.SymlinkToMode.IsDir() {
 			svgName = "octicon-file-directory-symlink"
 		}
-	case entry.IsDir():
-		svgName = "octicon-file-directory-fill"
-	case entry.IsSubModule():
+	case entry.EntryMode.IsDir():
+		svgName = util.Iif(entry.IsOpen, "octicon-file-directory-open-fill", "octicon-file-directory-fill")
+	case entry.EntryMode.IsSubModule():
 		svgName = "octicon-file-submodule"
 	}
-	return svg.RenderHTML(svgName)
+	return svgName
+}
+
+func BasicEntryIconHTML(entry *EntryInfo) template.HTML {
+	return svg.RenderHTML(BasicEntryIconName(entry))
 }
diff --git a/modules/fileicon/entry.go b/modules/fileicon/entry.go
new file mode 100644
index 0000000000..0326c2bfa8
--- /dev/null
+++ b/modules/fileicon/entry.go
@@ -0,0 +1,31 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package fileicon
+
+import "code.gitea.io/gitea/modules/git"
+
+type EntryInfo struct {
+	BaseName      string
+	EntryMode     git.EntryMode
+	SymlinkToMode git.EntryMode
+	IsOpen        bool
+}
+
+func EntryInfoFromGitTreeEntry(commit *git.Commit, fullPath string, gitEntry *git.TreeEntry) *EntryInfo {
+	ret := &EntryInfo{BaseName: gitEntry.Name(), EntryMode: gitEntry.Mode()}
+	if gitEntry.IsLink() {
+		if res, err := git.EntryFollowLink(commit, fullPath, gitEntry); err == nil && res.TargetEntry.IsDir() {
+			ret.SymlinkToMode = res.TargetEntry.Mode()
+		}
+	}
+	return ret
+}
+
+func EntryInfoFolder() *EntryInfo {
+	return &EntryInfo{EntryMode: git.EntryModeTree}
+}
+
+func EntryInfoFolderOpen() *EntryInfo {
+	return &EntryInfo{EntryMode: git.EntryModeTree, IsOpen: true}
+}
diff --git a/modules/fileicon/material.go b/modules/fileicon/material.go
index aa31cd8d7c..5361592d8a 100644
--- a/modules/fileicon/material.go
+++ b/modules/fileicon/material.go
@@ -5,16 +5,15 @@ package fileicon
 
 import (
 	"html/template"
-	"path"
 	"strings"
 	"sync"
 
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/options"
-	"code.gitea.io/gitea/modules/reqctx"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/svg"
+	"code.gitea.io/gitea/modules/util"
 )
 
 type materialIconRulesData struct {
@@ -62,13 +61,7 @@ func (m *MaterialIconProvider) loadData() {
 	log.Debug("Loaded material icon rules and SVG images")
 }
 
-func (m *MaterialIconProvider) renderFileIconSVG(ctx reqctx.RequestContext, name, svg, extraClass string) template.HTML {
-	data := ctx.GetData()
-	renderedSVGs, _ := data["_RenderedSVGs"].(map[string]bool)
-	if renderedSVGs == nil {
-		renderedSVGs = make(map[string]bool)
-		data["_RenderedSVGs"] = renderedSVGs
-	}
+func (m *MaterialIconProvider) renderFileIconSVG(p *RenderedIconPool, name, svg, extraClass string) template.HTML {
 	// This part is a bit hacky, but it works really well. It should be safe to do so because all SVG icons are generated by us.
 	// Will try to refactor this in the future.
 	if !strings.HasPrefix(svg, "<svg") {
@@ -76,46 +69,51 @@ func (m *MaterialIconProvider) renderFileIconSVG(ctx reqctx.RequestContext, name
 	}
 	svgID := "svg-mfi-" + name
 	svgCommonAttrs := `class="svg git-entry-icon ` + extraClass + `" width="16" height="16" aria-hidden="true"`
-	posOuterBefore := strings.IndexByte(svg, '>')
-	if renderedSVGs[svgID] && posOuterBefore != -1 {
-		return template.HTML(`<svg ` + svgCommonAttrs + `><use xlink:href="#` + svgID + `"></use></svg>`)
+	svgHTML := template.HTML(`<svg id="` + svgID + `" ` + svgCommonAttrs + svg[4:])
+	if p == nil {
+		return svgHTML
+	}
+	if p.IconSVGs[svgID] == "" {
+		p.IconSVGs[svgID] = svgHTML
 	}
-	svg = `<svg id="` + svgID + `" ` + svgCommonAttrs + svg[4:]
-	renderedSVGs[svgID] = true
-	return template.HTML(svg)
+	return template.HTML(`<svg ` + svgCommonAttrs + `><use xlink:href="#` + svgID + `"></use></svg>`)
 }
 
-func (m *MaterialIconProvider) FileIcon(ctx reqctx.RequestContext, entry *git.TreeEntry) template.HTML {
+func (m *MaterialIconProvider) EntryIconHTML(p *RenderedIconPool, entry *EntryInfo) template.HTML {
 	if m.rules == nil {
-		return BasicThemeIcon(entry)
+		return BasicEntryIconHTML(entry)
 	}
 
-	if entry.IsLink() {
-		if te, err := entry.FollowLink(); err == nil && te.IsDir() {
+	if entry.EntryMode.IsLink() {
+		if entry.SymlinkToMode.IsDir() {
 			// keep the old "octicon-xxx" class name to make some "theme plugin selector" could still work
 			return svg.RenderHTML("material-folder-symlink", 16, "octicon-file-directory-symlink")
 		}
 		return svg.RenderHTML("octicon-file-symlink-file") // TODO: find some better icons for them
 	}
 
-	name := m.findIconNameByGit(entry)
-	if name == "folder" {
-		// the material icon pack's "folder" icon doesn't look good, so use our built-in one
-		// keep the old "octicon-xxx" class name to make some "theme plugin selector" could still work
-		return svg.RenderHTML("material-folder-generic", 16, "octicon-file-directory-fill")
-	}
-	if iconSVG, ok := m.svgs[name]; ok && iconSVG != "" {
-		// keep the old "octicon-xxx" class name to make some "theme plugin selector" could still work
-		extraClass := "octicon-file"
-		switch {
-		case entry.IsDir():
-			extraClass = "octicon-file-directory-fill"
-		case entry.IsSubModule():
-			extraClass = "octicon-file-submodule"
+	name := m.FindIconName(entry)
+	iconSVG := m.svgs[name]
+	if iconSVG == "" {
+		name = "file"
+		if entry.EntryMode.IsDir() {
+			name = util.Iif(entry.IsOpen, "folder-open", "folder")
+		}
+		iconSVG = m.svgs[name]
+		if iconSVG == "" {
+			setting.PanicInDevOrTesting("missing file icon for %s", name)
 		}
-		return m.renderFileIconSVG(ctx, name, iconSVG, extraClass)
 	}
-	return svg.RenderHTML("octicon-file")
+
+	// keep the old "octicon-xxx" class name to make some "theme plugin selector" could still work
+	extraClass := "octicon-file"
+	switch {
+	case entry.EntryMode.IsDir():
+		extraClass = BasicEntryIconName(entry)
+	case entry.EntryMode.IsSubModule():
+		extraClass = "octicon-file-submodule"
+	}
+	return m.renderFileIconSVG(p, name, iconSVG, extraClass)
 }
 
 func (m *MaterialIconProvider) findIconNameWithLangID(s string) string {
@@ -130,13 +128,17 @@ func (m *MaterialIconProvider) findIconNameWithLangID(s string) string {
 	return ""
 }
 
-func (m *MaterialIconProvider) FindIconName(name string, isDir bool) string {
-	fileNameLower := strings.ToLower(path.Base(name))
-	if isDir {
+func (m *MaterialIconProvider) FindIconName(entry *EntryInfo) string {
+	if entry.EntryMode.IsSubModule() {
+		return "folder-git"
+	}
+
+	fileNameLower := strings.ToLower(entry.BaseName)
+	if entry.EntryMode.IsDir() {
 		if s, ok := m.rules.FolderNames[fileNameLower]; ok {
 			return s
 		}
-		return "folder"
+		return util.Iif(entry.IsOpen, "folder-open", "folder")
 	}
 
 	if s, ok := m.rules.FileNames[fileNameLower]; ok {
@@ -158,10 +160,3 @@ func (m *MaterialIconProvider) FindIconName(name string, isDir bool) string {
 
 	return "file"
 }
-
-func (m *MaterialIconProvider) findIconNameByGit(entry *git.TreeEntry) string {
-	if entry.IsSubModule() {
-		return "folder-git"
-	}
-	return m.FindIconName(entry.Name(), entry.IsDir())
-}
diff --git a/modules/fileicon/material_test.go b/modules/fileicon/material_test.go
index f36385aaf3..d2a769eaac 100644
--- a/modules/fileicon/material_test.go
+++ b/modules/fileicon/material_test.go
@@ -8,6 +8,7 @@ import (
 
 	"code.gitea.io/gitea/models/unittest"
 	"code.gitea.io/gitea/modules/fileicon"
+	"code.gitea.io/gitea/modules/git"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -19,8 +20,8 @@ func TestMain(m *testing.M) {
 func TestFindIconName(t *testing.T) {
 	unittest.PrepareTestEnv(t)
 	p := fileicon.DefaultMaterialIconProvider()
-	assert.Equal(t, "php", p.FindIconName("foo.php", false))
-	assert.Equal(t, "php", p.FindIconName("foo.PHP", false))
-	assert.Equal(t, "javascript", p.FindIconName("foo.js", false))
-	assert.Equal(t, "visualstudio", p.FindIconName("foo.vba", false))
+	assert.Equal(t, "php", p.FindIconName(&fileicon.EntryInfo{BaseName: "foo.php", EntryMode: git.EntryModeBlob}))
+	assert.Equal(t, "php", p.FindIconName(&fileicon.EntryInfo{BaseName: "foo.PHP", EntryMode: git.EntryModeBlob}))
+	assert.Equal(t, "javascript", p.FindIconName(&fileicon.EntryInfo{BaseName: "foo.js", EntryMode: git.EntryModeBlob}))
+	assert.Equal(t, "visualstudio", p.FindIconName(&fileicon.EntryInfo{BaseName: "foo.vba", EntryMode: git.EntryModeBlob}))
 }
diff --git a/modules/fileicon/render.go b/modules/fileicon/render.go
new file mode 100644
index 0000000000..8ed86b9ac0
--- /dev/null
+++ b/modules/fileicon/render.go
@@ -0,0 +1,41 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package fileicon
+
+import (
+	"html/template"
+	"strings"
+
+	"code.gitea.io/gitea/modules/setting"
+)
+
+type RenderedIconPool struct {
+	IconSVGs map[string]template.HTML
+}
+
+func NewRenderedIconPool() *RenderedIconPool {
+	return &RenderedIconPool{
+		IconSVGs: make(map[string]template.HTML),
+	}
+}
+
+func (p *RenderedIconPool) RenderToHTML() template.HTML {
+	if len(p.IconSVGs) == 0 {
+		return ""
+	}
+	sb := &strings.Builder{}
+	sb.WriteString(`<div class=tw-hidden>`)
+	for _, icon := range p.IconSVGs {
+		sb.WriteString(string(icon))
+	}
+	sb.WriteString(`</div>`)
+	return template.HTML(sb.String())
+}
+
+func RenderEntryIconHTML(renderedIconPool *RenderedIconPool, entry *EntryInfo) template.HTML {
+	if setting.UI.FileIconTheme == "material" {
+		return DefaultMaterialIconProvider().EntryIconHTML(renderedIconPool, entry)
+	}
+	return BasicEntryIconHTML(entry)
+}
diff --git a/modules/git/attribute.go b/modules/git/attribute.go
deleted file mode 100644
index 4dfa510369..0000000000
--- a/modules/git/attribute.go
+++ /dev/null
@@ -1,35 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package git
-
-import (
-	"code.gitea.io/gitea/modules/optional"
-)
-
-const (
-	AttributeLinguistVendored      = "linguist-vendored"
-	AttributeLinguistGenerated     = "linguist-generated"
-	AttributeLinguistDocumentation = "linguist-documentation"
-	AttributeLinguistDetectable    = "linguist-detectable"
-	AttributeLinguistLanguage      = "linguist-language"
-	AttributeGitlabLanguage        = "gitlab-language"
-)
-
-// true if "set"/"true", false if "unset"/"false", none otherwise
-func AttributeToBool(attr map[string]string, name string) optional.Option[bool] {
-	switch attr[name] {
-	case "set", "true":
-		return optional.Some(true)
-	case "unset", "false":
-		return optional.Some(false)
-	}
-	return optional.None[bool]()
-}
-
-func AttributeToString(attr map[string]string, name string) optional.Option[string] {
-	if value, has := attr[name]; has && value != "unspecified" {
-		return optional.Some(value)
-	}
-	return optional.None[string]()
-}
diff --git a/modules/git/attribute/attribute.go b/modules/git/attribute/attribute.go
new file mode 100644
index 0000000000..9c01cb339e
--- /dev/null
+++ b/modules/git/attribute/attribute.go
@@ -0,0 +1,115 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"strings"
+
+	"code.gitea.io/gitea/modules/optional"
+)
+
+type Attribute string
+
+const (
+	LinguistVendored      = "linguist-vendored"
+	LinguistGenerated     = "linguist-generated"
+	LinguistDocumentation = "linguist-documentation"
+	LinguistDetectable    = "linguist-detectable"
+	LinguistLanguage      = "linguist-language"
+	GitlabLanguage        = "gitlab-language"
+	Lockable              = "lockable"
+	Filter                = "filter"
+	Diff                  = "diff"
+)
+
+var LinguistAttributes = []string{
+	LinguistVendored,
+	LinguistGenerated,
+	LinguistDocumentation,
+	LinguistDetectable,
+	LinguistLanguage,
+	GitlabLanguage,
+}
+
+func (a Attribute) IsUnspecified() bool {
+	return a == "" || a == "unspecified"
+}
+
+func (a Attribute) ToString() optional.Option[string] {
+	if !a.IsUnspecified() {
+		return optional.Some(string(a))
+	}
+	return optional.None[string]()
+}
+
+// ToBool converts the attribute value to optional boolean: true if "set"/"true", false if "unset"/"false", none otherwise
+func (a Attribute) ToBool() optional.Option[bool] {
+	switch a {
+	case "set", "true":
+		return optional.Some(true)
+	case "unset", "false":
+		return optional.Some(false)
+	}
+	return optional.None[bool]()
+}
+
+type Attributes struct {
+	m map[string]Attribute
+}
+
+func NewAttributes() *Attributes {
+	return &Attributes{m: make(map[string]Attribute)}
+}
+
+func (attrs *Attributes) Get(name string) Attribute {
+	if value, has := attrs.m[name]; has {
+		return value
+	}
+	return ""
+}
+
+func (attrs *Attributes) GetVendored() optional.Option[bool] {
+	return attrs.Get(LinguistVendored).ToBool()
+}
+
+func (attrs *Attributes) GetGenerated() optional.Option[bool] {
+	return attrs.Get(LinguistGenerated).ToBool()
+}
+
+func (attrs *Attributes) GetDocumentation() optional.Option[bool] {
+	return attrs.Get(LinguistDocumentation).ToBool()
+}
+
+func (attrs *Attributes) GetDetectable() optional.Option[bool] {
+	return attrs.Get(LinguistDetectable).ToBool()
+}
+
+func (attrs *Attributes) GetLinguistLanguage() optional.Option[string] {
+	return attrs.Get(LinguistLanguage).ToString()
+}
+
+func (attrs *Attributes) GetGitlabLanguage() optional.Option[string] {
+	attrStr := attrs.Get(GitlabLanguage).ToString()
+	if attrStr.Has() {
+		raw := attrStr.Value()
+		// gitlab-language may have additional parameters after the language
+		// ignore them and just use the main language
+		// https://docs.gitlab.com/ee/user/project/highlighting.html#override-syntax-highlighting-for-a-file-type
+		if idx := strings.IndexByte(raw, '?'); idx >= 0 {
+			return optional.Some(raw[:idx])
+		}
+	}
+	return attrStr
+}
+
+func (attrs *Attributes) GetLanguage() optional.Option[string] {
+	// prefer linguist-language over gitlab-language
+	// if linguist-language is not set, use gitlab-language
+	// if both are not set, return none
+	language := attrs.GetLinguistLanguage()
+	if language.Value() == "" {
+		language = attrs.GetGitlabLanguage()
+	}
+	return language
+}
diff --git a/modules/git/attribute/attribute_test.go b/modules/git/attribute/attribute_test.go
new file mode 100644
index 0000000000..dadb5582a3
--- /dev/null
+++ b/modules/git/attribute/attribute_test.go
@@ -0,0 +1,37 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_Attribute(t *testing.T) {
+	assert.Empty(t, Attribute("").ToString().Value())
+	assert.Empty(t, Attribute("unspecified").ToString().Value())
+	assert.Equal(t, "python", Attribute("python").ToString().Value())
+	assert.Equal(t, "Java", Attribute("Java").ToString().Value())
+
+	attributes := Attributes{
+		m: map[string]Attribute{
+			LinguistGenerated:     "true",
+			LinguistDocumentation: "false",
+			LinguistDetectable:    "set",
+			LinguistLanguage:      "Python",
+			GitlabLanguage:        "Java",
+			"filter":              "unspecified",
+			"test":                "",
+		},
+	}
+
+	assert.Empty(t, attributes.Get("test").ToString().Value())
+	assert.Empty(t, attributes.Get("filter").ToString().Value())
+	assert.Equal(t, "Python", attributes.Get(LinguistLanguage).ToString().Value())
+	assert.Equal(t, "Java", attributes.Get(GitlabLanguage).ToString().Value())
+	assert.True(t, attributes.Get(LinguistGenerated).ToBool().Value())
+	assert.False(t, attributes.Get(LinguistDocumentation).ToBool().Value())
+	assert.True(t, attributes.Get(LinguistDetectable).ToBool().Value())
+}
diff --git a/modules/git/attribute/batch.go b/modules/git/attribute/batch.go
new file mode 100644
index 0000000000..4e31fda575
--- /dev/null
+++ b/modules/git/attribute/batch.go
@@ -0,0 +1,216 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"os"
+	"path/filepath"
+	"time"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+)
+
+// BatchChecker provides a reader for check-attribute content that can be long running
+type BatchChecker struct {
+	attributesNum int
+	repo          *git.Repository
+	stdinWriter   *os.File
+	stdOut        *nulSeparatedAttributeWriter
+	ctx           context.Context
+	cancel        context.CancelFunc
+	cmd           *git.Command
+}
+
+// NewBatchChecker creates a check attribute reader for the current repository and provided commit ID
+// If treeish is empty, then it will use current working directory, otherwise it will use the provided treeish on the bare repo
+func NewBatchChecker(repo *git.Repository, treeish string, attributes []string) (checker *BatchChecker, returnedErr error) {
+	ctx, cancel := context.WithCancel(repo.Ctx)
+	defer func() {
+		if returnedErr != nil {
+			cancel()
+		}
+	}()
+
+	cmd, envs, cleanup, err := checkAttrCommand(repo, treeish, nil, attributes)
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		if returnedErr != nil {
+			cleanup()
+		}
+	}()
+
+	cmd.AddArguments("--stdin")
+
+	checker = &BatchChecker{
+		attributesNum: len(attributes),
+		repo:          repo,
+		ctx:           ctx,
+		cmd:           cmd,
+		cancel: func() {
+			cancel()
+			cleanup()
+		},
+	}
+
+	stdinReader, stdinWriter, err := os.Pipe()
+	if err != nil {
+		return nil, err
+	}
+	checker.stdinWriter = stdinWriter
+
+	lw := new(nulSeparatedAttributeWriter)
+	lw.attributes = make(chan attributeTriple, len(attributes))
+	lw.closed = make(chan struct{})
+	checker.stdOut = lw
+
+	go func() {
+		defer func() {
+			_ = stdinReader.Close()
+			_ = lw.Close()
+		}()
+		stdErr := new(bytes.Buffer)
+		err := cmd.Run(ctx, &git.RunOpts{
+			Env:    envs,
+			Dir:    repo.Path,
+			Stdin:  stdinReader,
+			Stdout: lw,
+			Stderr: stdErr,
+		})
+
+		if err != nil && !git.IsErrCanceledOrKilled(err) {
+			log.Error("Attribute checker for commit %s exits with error: %v", treeish, err)
+		}
+		checker.cancel()
+	}()
+
+	return checker, nil
+}
+
+// CheckPath check attr for given path
+func (c *BatchChecker) CheckPath(path string) (rs *Attributes, err error) {
+	defer func() {
+		if err != nil && err != c.ctx.Err() {
+			log.Error("Unexpected error when checking path %s in %s, error: %v", path, filepath.Base(c.repo.Path), err)
+		}
+	}()
+
+	select {
+	case <-c.ctx.Done():
+		return nil, c.ctx.Err()
+	default:
+	}
+
+	if _, err = c.stdinWriter.Write([]byte(path + "\x00")); err != nil {
+		defer c.Close()
+		return nil, err
+	}
+
+	reportTimeout := func() error {
+		stdOutClosed := false
+		select {
+		case <-c.stdOut.closed:
+			stdOutClosed = true
+		default:
+		}
+		debugMsg := fmt.Sprintf("check path %q in repo %q", path, filepath.Base(c.repo.Path))
+		debugMsg += fmt.Sprintf(", stdOut: tmp=%q, pos=%d, closed=%v", string(c.stdOut.tmp), c.stdOut.pos, stdOutClosed)
+		if c.cmd != nil {
+			debugMsg += fmt.Sprintf(", process state: %q", c.cmd.ProcessState())
+		}
+		_ = c.Close()
+		return fmt.Errorf("CheckPath timeout: %s", debugMsg)
+	}
+
+	rs = NewAttributes()
+	for i := 0; i < c.attributesNum; i++ {
+		select {
+		case <-time.After(5 * time.Second):
+			// there is no "hang" problem now. This code is just used to catch other potential problems.
+			return nil, reportTimeout()
+		case attr, ok := <-c.stdOut.ReadAttribute():
+			if !ok {
+				return nil, c.ctx.Err()
+			}
+			rs.m[attr.Attribute] = Attribute(attr.Value)
+		case <-c.ctx.Done():
+			return nil, c.ctx.Err()
+		}
+	}
+	return rs, nil
+}
+
+func (c *BatchChecker) Close() error {
+	c.cancel()
+	err := c.stdinWriter.Close()
+	return err
+}
+
+type attributeTriple struct {
+	Filename  string
+	Attribute string
+	Value     string
+}
+
+type nulSeparatedAttributeWriter struct {
+	tmp        []byte
+	attributes chan attributeTriple
+	closed     chan struct{}
+	working    attributeTriple
+	pos        int
+}
+
+func (wr *nulSeparatedAttributeWriter) Write(p []byte) (n int, err error) {
+	l, read := len(p), 0
+
+	nulIdx := bytes.IndexByte(p, '\x00')
+	for nulIdx >= 0 {
+		wr.tmp = append(wr.tmp, p[:nulIdx]...)
+		switch wr.pos {
+		case 0:
+			wr.working = attributeTriple{
+				Filename: string(wr.tmp),
+			}
+		case 1:
+			wr.working.Attribute = string(wr.tmp)
+		case 2:
+			wr.working.Value = string(wr.tmp)
+		}
+		wr.tmp = wr.tmp[:0]
+		wr.pos++
+		if wr.pos > 2 {
+			wr.attributes <- wr.working
+			wr.pos = 0
+		}
+		read += nulIdx + 1
+		if l > read {
+			p = p[nulIdx+1:]
+			nulIdx = bytes.IndexByte(p, '\x00')
+		} else {
+			return l, nil
+		}
+	}
+	wr.tmp = append(wr.tmp, p...)
+	return l, nil
+}
+
+func (wr *nulSeparatedAttributeWriter) ReadAttribute() <-chan attributeTriple {
+	return wr.attributes
+}
+
+func (wr *nulSeparatedAttributeWriter) Close() error {
+	select {
+	case <-wr.closed:
+		return nil
+	default:
+	}
+	close(wr.attributes)
+	close(wr.closed)
+	return nil
+}
diff --git a/modules/git/attribute/batch_test.go b/modules/git/attribute/batch_test.go
new file mode 100644
index 0000000000..30a3d805fe
--- /dev/null
+++ b/modules/git/attribute/batch_test.go
@@ -0,0 +1,172 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"path/filepath"
+	"testing"
+	"time"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func Test_nulSeparatedAttributeWriter_ReadAttribute(t *testing.T) {
+	wr := &nulSeparatedAttributeWriter{
+		attributes: make(chan attributeTriple, 5),
+	}
+
+	testStr := ".gitignore\"\n\x00linguist-vendored\x00unspecified\x00"
+
+	n, err := wr.Write([]byte(testStr))
+
+	assert.Len(t, testStr, n)
+	assert.NoError(t, err)
+	select {
+	case attr := <-wr.ReadAttribute():
+		assert.Equal(t, ".gitignore\"\n", attr.Filename)
+		assert.Equal(t, LinguistVendored, attr.Attribute)
+		assert.Equal(t, "unspecified", attr.Value)
+	case <-time.After(100 * time.Millisecond):
+		assert.FailNow(t, "took too long to read an attribute from the list")
+	}
+	// Write a second attribute again
+	n, err = wr.Write([]byte(testStr))
+
+	assert.Len(t, testStr, n)
+	assert.NoError(t, err)
+
+	select {
+	case attr := <-wr.ReadAttribute():
+		assert.Equal(t, ".gitignore\"\n", attr.Filename)
+		assert.Equal(t, LinguistVendored, attr.Attribute)
+		assert.Equal(t, "unspecified", attr.Value)
+	case <-time.After(100 * time.Millisecond):
+		assert.FailNow(t, "took too long to read an attribute from the list")
+	}
+
+	// Write a partial attribute
+	_, err = wr.Write([]byte("incomplete-file"))
+	assert.NoError(t, err)
+	_, err = wr.Write([]byte("name\x00"))
+	assert.NoError(t, err)
+
+	select {
+	case <-wr.ReadAttribute():
+		assert.FailNow(t, "There should not be an attribute ready to read")
+	case <-time.After(100 * time.Millisecond):
+	}
+	_, err = wr.Write([]byte("attribute\x00"))
+	assert.NoError(t, err)
+	select {
+	case <-wr.ReadAttribute():
+		assert.FailNow(t, "There should not be an attribute ready to read")
+	case <-time.After(100 * time.Millisecond):
+	}
+
+	_, err = wr.Write([]byte("value\x00"))
+	assert.NoError(t, err)
+
+	attr := <-wr.ReadAttribute()
+	assert.Equal(t, "incomplete-filename", attr.Filename)
+	assert.Equal(t, "attribute", attr.Attribute)
+	assert.Equal(t, "value", attr.Value)
+
+	_, err = wr.Write([]byte("shouldbe.vendor\x00linguist-vendored\x00set\x00shouldbe.vendor\x00linguist-generated\x00unspecified\x00shouldbe.vendor\x00linguist-language\x00unspecified\x00"))
+	assert.NoError(t, err)
+	attr = <-wr.ReadAttribute()
+	assert.NoError(t, err)
+	assert.Equal(t, attributeTriple{
+		Filename:  "shouldbe.vendor",
+		Attribute: LinguistVendored,
+		Value:     "set",
+	}, attr)
+	attr = <-wr.ReadAttribute()
+	assert.NoError(t, err)
+	assert.Equal(t, attributeTriple{
+		Filename:  "shouldbe.vendor",
+		Attribute: LinguistGenerated,
+		Value:     "unspecified",
+	}, attr)
+	attr = <-wr.ReadAttribute()
+	assert.NoError(t, err)
+	assert.Equal(t, attributeTriple{
+		Filename:  "shouldbe.vendor",
+		Attribute: LinguistLanguage,
+		Value:     "unspecified",
+	}, attr)
+}
+
+func expectedAttrs() *Attributes {
+	return &Attributes{
+		m: map[string]Attribute{
+			LinguistGenerated:     "unspecified",
+			LinguistDetectable:    "unspecified",
+			LinguistDocumentation: "unspecified",
+			LinguistVendored:      "unspecified",
+			LinguistLanguage:      "Python",
+			GitlabLanguage:        "unspecified",
+		},
+	}
+}
+
+func Test_BatchChecker(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
+	repoPath := "../tests/repos/language_stats_repo"
+	gitRepo, err := git.OpenRepository(t.Context(), repoPath)
+	require.NoError(t, err)
+	defer gitRepo.Close()
+
+	commitID := "8fee858da5796dfb37704761701bb8e800ad9ef3"
+
+	t.Run("Create index file to run git check-attr", func(t *testing.T) {
+		defer test.MockVariableValue(&git.DefaultFeatures().SupportCheckAttrOnBare, false)()
+		checker, err := NewBatchChecker(gitRepo, commitID, LinguistAttributes)
+		assert.NoError(t, err)
+		defer checker.Close()
+		attributes, err := checker.CheckPath("i-am-a-python.p")
+		assert.NoError(t, err)
+		assert.Equal(t, expectedAttrs(), attributes)
+	})
+
+	// run git check-attr on work tree
+	t.Run("Run git check-attr on git work tree", func(t *testing.T) {
+		dir := filepath.Join(t.TempDir(), "test-repo")
+		err := git.Clone(t.Context(), repoPath, dir, git.CloneRepoOptions{
+			Shared: true,
+			Branch: "master",
+		})
+		assert.NoError(t, err)
+
+		tempRepo, err := git.OpenRepository(t.Context(), dir)
+		assert.NoError(t, err)
+		defer tempRepo.Close()
+
+		checker, err := NewBatchChecker(tempRepo, "", LinguistAttributes)
+		assert.NoError(t, err)
+		defer checker.Close()
+		attributes, err := checker.CheckPath("i-am-a-python.p")
+		assert.NoError(t, err)
+		assert.Equal(t, expectedAttrs(), attributes)
+	})
+
+	if !git.DefaultFeatures().SupportCheckAttrOnBare {
+		t.Skip("git version 2.40 is required to support run check-attr on bare repo")
+		return
+	}
+
+	t.Run("Run git check-attr in bare repository", func(t *testing.T) {
+		checker, err := NewBatchChecker(gitRepo, commitID, LinguistAttributes)
+		assert.NoError(t, err)
+		defer checker.Close()
+
+		attributes, err := checker.CheckPath("i-am-a-python.p")
+		assert.NoError(t, err)
+		assert.Equal(t, expectedAttrs(), attributes)
+	})
+}
diff --git a/modules/git/attribute/checker.go b/modules/git/attribute/checker.go
new file mode 100644
index 0000000000..167b31416e
--- /dev/null
+++ b/modules/git/attribute/checker.go
@@ -0,0 +1,101 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"fmt"
+	"os"
+
+	"code.gitea.io/gitea/modules/git"
+)
+
+func checkAttrCommand(gitRepo *git.Repository, treeish string, filenames, attributes []string) (*git.Command, []string, func(), error) {
+	cancel := func() {}
+	envs := []string{"GIT_FLUSH=1"}
+	cmd := git.NewCommand("check-attr", "-z")
+	if len(attributes) == 0 {
+		cmd.AddArguments("--all")
+	}
+
+	// there is treeish, read from bare repo or temp index created by "read-tree"
+	if treeish != "" {
+		if git.DefaultFeatures().SupportCheckAttrOnBare {
+			cmd.AddArguments("--source")
+			cmd.AddDynamicArguments(treeish)
+		} else {
+			indexFilename, worktree, deleteTemporaryFile, err := gitRepo.ReadTreeToTemporaryIndex(treeish)
+			if err != nil {
+				return nil, nil, nil, err
+			}
+
+			cmd.AddArguments("--cached")
+			envs = append(envs,
+				"GIT_INDEX_FILE="+indexFilename,
+				"GIT_WORK_TREE="+worktree,
+			)
+			cancel = deleteTemporaryFile
+		}
+	} else {
+		// Read from existing index, in cases where the repo is bare and has an index,
+		// or the work tree contains unstaged changes that shouldn't affect the attribute check.
+		// It is caller's responsibility to add changed ".gitattributes" into the index if they want to respect the new changes.
+		cmd.AddArguments("--cached")
+	}
+
+	cmd.AddDynamicArguments(attributes...)
+	if len(filenames) > 0 {
+		cmd.AddDashesAndList(filenames...)
+	}
+	return cmd, envs, cancel, nil
+}
+
+type CheckAttributeOpts struct {
+	Filenames  []string
+	Attributes []string
+}
+
+// CheckAttributes return the attributes of the given filenames and attributes in the given treeish.
+// If treeish is empty, then it will use current working directory, otherwise it will use the provided treeish on the bare repo
+func CheckAttributes(ctx context.Context, gitRepo *git.Repository, treeish string, opts CheckAttributeOpts) (map[string]*Attributes, error) {
+	cmd, envs, cancel, err := checkAttrCommand(gitRepo, treeish, opts.Filenames, opts.Attributes)
+	if err != nil {
+		return nil, err
+	}
+	defer cancel()
+
+	stdOut := new(bytes.Buffer)
+	stdErr := new(bytes.Buffer)
+
+	if err := cmd.Run(ctx, &git.RunOpts{
+		Env:    append(os.Environ(), envs...),
+		Dir:    gitRepo.Path,
+		Stdout: stdOut,
+		Stderr: stdErr,
+	}); err != nil {
+		return nil, fmt.Errorf("failed to run check-attr: %w\n%s\n%s", err, stdOut.String(), stdErr.String())
+	}
+
+	fields := bytes.Split(stdOut.Bytes(), []byte{'\000'})
+	if len(fields)%3 != 1 {
+		return nil, errors.New("wrong number of fields in return from check-attr")
+	}
+
+	attributesMap := make(map[string]*Attributes)
+	for i := 0; i < (len(fields) / 3); i++ {
+		filename := string(fields[3*i])
+		attribute := string(fields[3*i+1])
+		info := string(fields[3*i+2])
+		attribute2info, ok := attributesMap[filename]
+		if !ok {
+			attribute2info = NewAttributes()
+			attributesMap[filename] = attribute2info
+		}
+		attribute2info.m[attribute] = Attribute(info)
+	}
+
+	return attributesMap, nil
+}
diff --git a/modules/git/attribute/checker_test.go b/modules/git/attribute/checker_test.go
new file mode 100644
index 0000000000..67fbda8918
--- /dev/null
+++ b/modules/git/attribute/checker_test.go
@@ -0,0 +1,84 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"path/filepath"
+	"testing"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func Test_Checker(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
+	repoPath := "../tests/repos/language_stats_repo"
+	gitRepo, err := git.OpenRepository(t.Context(), repoPath)
+	require.NoError(t, err)
+	defer gitRepo.Close()
+
+	commitID := "8fee858da5796dfb37704761701bb8e800ad9ef3"
+
+	t.Run("Create index file to run git check-attr", func(t *testing.T) {
+		defer test.MockVariableValue(&git.DefaultFeatures().SupportCheckAttrOnBare, false)()
+		attrs, err := CheckAttributes(t.Context(), gitRepo, commitID, CheckAttributeOpts{
+			Filenames:  []string{"i-am-a-python.p"},
+			Attributes: LinguistAttributes,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, attrs, 1)
+		assert.Equal(t, expectedAttrs(), attrs["i-am-a-python.p"])
+	})
+
+	// run git check-attr on work tree
+	t.Run("Run git check-attr on git work tree", func(t *testing.T) {
+		dir := filepath.Join(t.TempDir(), "test-repo")
+		err := git.Clone(t.Context(), repoPath, dir, git.CloneRepoOptions{
+			Shared: true,
+			Branch: "master",
+		})
+		assert.NoError(t, err)
+
+		tempRepo, err := git.OpenRepository(t.Context(), dir)
+		assert.NoError(t, err)
+		defer tempRepo.Close()
+
+		attrs, err := CheckAttributes(t.Context(), tempRepo, "", CheckAttributeOpts{
+			Filenames:  []string{"i-am-a-python.p"},
+			Attributes: LinguistAttributes,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, attrs, 1)
+		assert.Equal(t, expectedAttrs(), attrs["i-am-a-python.p"])
+	})
+
+	t.Run("Run git check-attr in bare repository using index", func(t *testing.T) {
+		attrs, err := CheckAttributes(t.Context(), gitRepo, "", CheckAttributeOpts{
+			Filenames:  []string{"i-am-a-python.p"},
+			Attributes: LinguistAttributes,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, attrs, 1)
+		assert.Equal(t, expectedAttrs(), attrs["i-am-a-python.p"])
+	})
+
+	if !git.DefaultFeatures().SupportCheckAttrOnBare {
+		t.Skip("git version 2.40 is required to support run check-attr on bare repo without using index")
+		return
+	}
+
+	t.Run("Run git check-attr in bare repository", func(t *testing.T) {
+		attrs, err := CheckAttributes(t.Context(), gitRepo, commitID, CheckAttributeOpts{
+			Filenames:  []string{"i-am-a-python.p"},
+			Attributes: LinguistAttributes,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, attrs, 1)
+		assert.Equal(t, expectedAttrs(), attrs["i-am-a-python.p"])
+	})
+}
diff --git a/modules/git/attribute/main_test.go b/modules/git/attribute/main_test.go
new file mode 100644
index 0000000000..df8241bfb0
--- /dev/null
+++ b/modules/git/attribute/main_test.go
@@ -0,0 +1,41 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package attribute
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"testing"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+)
+
+func testRun(m *testing.M) error {
+	gitHomePath, err := os.MkdirTemp(os.TempDir(), "git-home")
+	if err != nil {
+		return fmt.Errorf("unable to create temp dir: %w", err)
+	}
+	defer util.RemoveAll(gitHomePath)
+	setting.Git.HomePath = gitHomePath
+
+	if err = git.InitFull(context.Background()); err != nil {
+		return fmt.Errorf("failed to call Init: %w", err)
+	}
+
+	exitCode := m.Run()
+	if exitCode != 0 {
+		return fmt.Errorf("run test failed, ExitCode=%d", exitCode)
+	}
+	return nil
+}
+
+func TestMain(m *testing.M) {
+	if err := testRun(m); err != nil {
+		_, _ = fmt.Fprintf(os.Stderr, "Test failed: %v", err)
+		os.Exit(1)
+	}
+}
diff --git a/modules/git/batch.go b/modules/git/batch.go
index 3ec4f1ddcc..f9e1748b54 100644
--- a/modules/git/batch.go
+++ b/modules/git/batch.go
@@ -14,25 +14,26 @@ type Batch struct {
 	Writer WriteCloserError
 }
 
-func (repo *Repository) NewBatch(ctx context.Context) (*Batch, error) {
+// NewBatch creates a new batch for the given repository, the Close must be invoked before release the batch
+func NewBatch(ctx context.Context, repoPath string) (*Batch, error) {
 	// Now because of some insanity with git cat-file not immediately failing if not run in a valid git directory we need to run git rev-parse first!
-	if err := ensureValidGitRepository(ctx, repo.Path); err != nil {
+	if err := ensureValidGitRepository(ctx, repoPath); err != nil {
 		return nil, err
 	}
 
 	var batch Batch
-	batch.Writer, batch.Reader, batch.cancel = catFileBatch(ctx, repo.Path)
+	batch.Writer, batch.Reader, batch.cancel = catFileBatch(ctx, repoPath)
 	return &batch, nil
 }
 
-func (repo *Repository) NewBatchCheck(ctx context.Context) (*Batch, error) {
+func NewBatchCheck(ctx context.Context, repoPath string) (*Batch, error) {
 	// Now because of some insanity with git cat-file not immediately failing if not run in a valid git directory we need to run git rev-parse first!
-	if err := ensureValidGitRepository(ctx, repo.Path); err != nil {
+	if err := ensureValidGitRepository(ctx, repoPath); err != nil {
 		return nil, err
 	}
 
 	var check Batch
-	check.Writer, check.Reader, check.cancel = catFileBatchCheck(ctx, repo.Path)
+	check.Writer, check.Reader, check.cancel = catFileBatchCheck(ctx, repoPath)
 	return &check, nil
 }
 
diff --git a/modules/git/blame.go b/modules/git/blame.go
index d1d732c716..659dec34a1 100644
--- a/modules/git/blame.go
+++ b/modules/git/blame.go
@@ -11,7 +11,7 @@ import (
 	"os"
 
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 // BlamePart represents block of blame - continuous lines with one sha
@@ -29,12 +29,13 @@ type BlameReader struct {
 	bufferedReader *bufio.Reader
 	done           chan error
 	lastSha        *string
-	ignoreRevsFile *string
+	ignoreRevsFile string
 	objectFormat   ObjectFormat
+	cleanupFuncs   []func()
 }
 
 func (r *BlameReader) UsesIgnoreRevs() bool {
-	return r.ignoreRevsFile != nil
+	return r.ignoreRevsFile != ""
 }
 
 // NextPart returns next part of blame (sequential code lines with the same commit)
@@ -122,36 +123,45 @@ func (r *BlameReader) Close() error {
 	r.bufferedReader = nil
 	_ = r.reader.Close()
 	_ = r.output.Close()
-	if r.ignoreRevsFile != nil {
-		_ = util.Remove(*r.ignoreRevsFile)
+	for _, cleanup := range r.cleanupFuncs {
+		if cleanup != nil {
+			cleanup()
+		}
 	}
 	return err
 }
 
 // CreateBlameReader creates reader for given repository, commit and file
-func CreateBlameReader(ctx context.Context, objectFormat ObjectFormat, repoPath string, commit *Commit, file string, bypassBlameIgnore bool) (*BlameReader, error) {
-	var ignoreRevsFile *string
-	if DefaultFeatures().CheckVersionAtLeast("2.23") && !bypassBlameIgnore {
-		ignoreRevsFile = tryCreateBlameIgnoreRevsFile(commit)
-	}
+func CreateBlameReader(ctx context.Context, objectFormat ObjectFormat, repoPath string, commit *Commit, file string, bypassBlameIgnore bool) (rd *BlameReader, err error) {
+	var ignoreRevsFileName string
+	var ignoreRevsFileCleanup func()
+	defer func() {
+		if err != nil && ignoreRevsFileCleanup != nil {
+			ignoreRevsFileCleanup()
+		}
+	}()
 
 	cmd := NewCommandNoGlobals("blame", "--porcelain")
-	if ignoreRevsFile != nil {
-		// Possible improvement: use --ignore-revs-file /dev/stdin on unix
-		// There is no equivalent on Windows. May be implemented if Gitea uses an external git backend.
-		cmd.AddOptionValues("--ignore-revs-file", *ignoreRevsFile)
+
+	if DefaultFeatures().CheckVersionAtLeast("2.23") && !bypassBlameIgnore {
+		ignoreRevsFileName, ignoreRevsFileCleanup, err = tryCreateBlameIgnoreRevsFile(commit)
+		if err != nil && !IsErrNotExist(err) {
+			return nil, err
+		}
+		if ignoreRevsFileName != "" {
+			// Possible improvement: use --ignore-revs-file /dev/stdin on unix
+			// There is no equivalent on Windows. May be implemented if Gitea uses an external git backend.
+			cmd.AddOptionValues("--ignore-revs-file", ignoreRevsFileName)
+		}
 	}
+
 	cmd.AddDynamicArguments(commit.ID.String()).AddDashesAndList(file)
+
+	done := make(chan error, 1)
 	reader, stdout, err := os.Pipe()
 	if err != nil {
-		if ignoreRevsFile != nil {
-			_ = util.Remove(*ignoreRevsFile)
-		}
 		return nil, err
 	}
-
-	done := make(chan error, 1)
-
 	go func() {
 		stderr := bytes.Buffer{}
 		// TODO: it doesn't work for directories (the directories shouldn't be "blamed"), and the "err" should be returned by "Read" but not by "Close"
@@ -169,40 +179,40 @@ func CreateBlameReader(ctx context.Context, objectFormat ObjectFormat, repoPath
 	}()
 
 	bufferedReader := bufio.NewReader(reader)
-
 	return &BlameReader{
 		output:         stdout,
 		reader:         reader,
 		bufferedReader: bufferedReader,
 		done:           done,
-		ignoreRevsFile: ignoreRevsFile,
+		ignoreRevsFile: ignoreRevsFileName,
 		objectFormat:   objectFormat,
+		cleanupFuncs:   []func(){ignoreRevsFileCleanup},
 	}, nil
 }
 
-func tryCreateBlameIgnoreRevsFile(commit *Commit) *string {
+func tryCreateBlameIgnoreRevsFile(commit *Commit) (string, func(), error) {
 	entry, err := commit.GetTreeEntryByPath(".git-blame-ignore-revs")
 	if err != nil {
-		return nil
+		return "", nil, err
 	}
 
 	r, err := entry.Blob().DataAsync()
 	if err != nil {
-		return nil
+		return "", nil, err
 	}
 	defer r.Close()
 
-	f, err := os.CreateTemp("", "gitea_git-blame-ignore-revs")
+	f, cleanup, err := setting.AppDataTempDir("git-repo-content").CreateTempFileRandom("git-blame-ignore-revs")
 	if err != nil {
-		return nil
+		return "", nil, err
 	}
-
+	filename := f.Name()
 	_, err = io.Copy(f, r)
 	_ = f.Close()
 	if err != nil {
-		_ = util.Remove(f.Name())
-		return nil
+		cleanup()
+		return "", nil, err
 	}
 
-	return util.ToPointer(f.Name())
+	return filename, cleanup, nil
 }
diff --git a/modules/git/blame_sha256_test.go b/modules/git/blame_sha256_test.go
index 99c23429e2..c0a97bed3b 100644
--- a/modules/git/blame_sha256_test.go
+++ b/modules/git/blame_sha256_test.go
@@ -7,10 +7,13 @@ import (
 	"context"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func TestReadingBlameOutputSha256(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
 	ctx, cancel := context.WithCancel(t.Context())
 	defer cancel()
 
diff --git a/modules/git/blame_test.go b/modules/git/blame_test.go
index 36b5fb9349..809d6fbcf7 100644
--- a/modules/git/blame_test.go
+++ b/modules/git/blame_test.go
@@ -7,10 +7,13 @@ import (
 	"context"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func TestReadingBlameOutput(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
 	ctx, cancel := context.WithCancel(t.Context())
 	defer cancel()
 
diff --git a/modules/git/blob.go b/modules/git/blob.go
index b7857dbbc6..40d8f44e79 100644
--- a/modules/git/blob.go
+++ b/modules/git/blob.go
@@ -9,6 +9,7 @@ import (
 	"encoding/base64"
 	"errors"
 	"io"
+	"strings"
 
 	"code.gitea.io/gitea/modules/typesniffer"
 	"code.gitea.io/gitea/modules/util"
@@ -21,17 +22,22 @@ func (b *Blob) Name() string {
 	return b.name
 }
 
-// GetBlobContent Gets the limited content of the blob as raw text
-func (b *Blob) GetBlobContent(limit int64) (string, error) {
+// GetBlobBytes Gets the limited content of the blob
+func (b *Blob) GetBlobBytes(limit int64) ([]byte, error) {
 	if limit <= 0 {
-		return "", nil
+		return nil, nil
 	}
 	dataRc, err := b.DataAsync()
 	if err != nil {
-		return "", err
+		return nil, err
 	}
 	defer dataRc.Close()
-	buf, err := util.ReadWithLimit(dataRc, int(limit))
+	return util.ReadWithLimit(dataRc, int(limit))
+}
+
+// GetBlobContent Gets the limited content of the blob as raw text
+func (b *Blob) GetBlobContent(limit int64) (string, error) {
+	buf, err := b.GetBlobBytes(limit)
 	return string(buf), err
 }
 
@@ -63,42 +69,44 @@ func (b *Blob) GetBlobLineCount(w io.Writer) (int, error) {
 	}
 }
 
-// GetBlobContentBase64 Reads the content of the blob with a base64 encode and returns the encoded string
-func (b *Blob) GetBlobContentBase64() (string, error) {
+// GetBlobContentBase64 Reads the content of the blob with a base64 encoding and returns the encoded string
+func (b *Blob) GetBlobContentBase64(originContent *strings.Builder) (string, error) {
 	dataRc, err := b.DataAsync()
 	if err != nil {
 		return "", err
 	}
 	defer dataRc.Close()
 
-	pr, pw := io.Pipe()
-	encoder := base64.NewEncoder(base64.StdEncoding, pw)
-
-	go func() {
-		_, err := io.Copy(encoder, dataRc)
-		_ = encoder.Close()
-
-		if err != nil {
-			_ = pw.CloseWithError(err)
-		} else {
-			_ = pw.Close()
+	base64buf := &strings.Builder{}
+	encoder := base64.NewEncoder(base64.StdEncoding, base64buf)
+	buf := make([]byte, 32*1024)
+loop:
+	for {
+		n, err := dataRc.Read(buf)
+		if n > 0 {
+			if originContent != nil {
+				_, _ = originContent.Write(buf[:n])
+			}
+			if _, err := encoder.Write(buf[:n]); err != nil {
+				return "", err
+			}
+		}
+		switch {
+		case errors.Is(err, io.EOF):
+			break loop
+		case err != nil:
+			return "", err
 		}
-	}()
-
-	out, err := io.ReadAll(pr)
-	if err != nil {
-		return "", err
 	}
-	return string(out), nil
+	_ = encoder.Close()
+	return base64buf.String(), nil
 }
 
 // GuessContentType guesses the content type of the blob.
 func (b *Blob) GuessContentType() (typesniffer.SniffedType, error) {
-	r, err := b.DataAsync()
+	buf, err := b.GetBlobBytes(typesniffer.SniffContentSize)
 	if err != nil {
 		return typesniffer.SniffedType{}, err
 	}
-	defer r.Close()
-
-	return typesniffer.DetectContentTypeFromReader(r)
+	return typesniffer.DetectContentType(buf), nil
 }
diff --git a/modules/git/cmdverb.go b/modules/git/cmdverb.go
new file mode 100644
index 0000000000..3d6f4ae0c6
--- /dev/null
+++ b/modules/git/cmdverb.go
@@ -0,0 +1,36 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+const (
+	CmdVerbUploadPack      = "git-upload-pack"
+	CmdVerbUploadArchive   = "git-upload-archive"
+	CmdVerbReceivePack     = "git-receive-pack"
+	CmdVerbLfsAuthenticate = "git-lfs-authenticate"
+	CmdVerbLfsTransfer     = "git-lfs-transfer"
+
+	CmdSubVerbLfsUpload   = "upload"
+	CmdSubVerbLfsDownload = "download"
+)
+
+func IsAllowedVerbForServe(verb string) bool {
+	switch verb {
+	case CmdVerbUploadPack,
+		CmdVerbUploadArchive,
+		CmdVerbReceivePack,
+		CmdVerbLfsAuthenticate,
+		CmdVerbLfsTransfer:
+		return true
+	}
+	return false
+}
+
+func IsAllowedVerbForServeLfs(verb string) bool {
+	switch verb {
+	case CmdVerbLfsAuthenticate,
+		CmdVerbLfsTransfer:
+		return true
+	}
+	return false
+}
diff --git a/modules/git/command.go b/modules/git/command.go
index d85a91804a..22f1d02339 100644
--- a/modules/git/command.go
+++ b/modules/git/command.go
@@ -47,6 +47,7 @@ type Command struct {
 	globalArgsLength int
 	brokenArgs       []string
 	cmd              *exec.Cmd // for debug purpose only
+	configArgs       []string
 }
 
 func logArgSanitize(arg string) string {
@@ -80,6 +81,13 @@ func (c *Command) LogString() string {
 	return strings.Join(a, " ")
 }
 
+func (c *Command) ProcessState() string {
+	if c.cmd == nil {
+		return ""
+	}
+	return c.cmd.ProcessState.String()
+}
+
 // NewCommand creates and returns a new Git Command based on given command and arguments.
 // Each argument should be safe to be trusted. User-provided arguments should be passed to AddDynamicArguments instead.
 func NewCommand(args ...internal.CmdArg) *Command {
@@ -189,6 +197,16 @@ func (c *Command) AddDashesAndList(list ...string) *Command {
 	return c
 }
 
+func (c *Command) AddConfig(key, value string) *Command {
+	kv := key + "=" + value
+	if !isSafeArgumentValue(kv) {
+		c.brokenArgs = append(c.brokenArgs, key)
+	} else {
+		c.configArgs = append(c.configArgs, "-c", kv)
+	}
+	return c
+}
+
 // ToTrustedCmdArgs converts a list of strings (trusted as argument) to TrustedCmdArgs
 // In most cases, it shouldn't be used. Use NewCommand().AddXxx() function instead
 func ToTrustedCmdArgs(args []string) TrustedCmdArgs {
@@ -314,7 +332,7 @@ func (c *Command) run(ctx context.Context, skip int, opts *RunOpts) error {
 
 	startTime := time.Now()
 
-	cmd := exec.CommandContext(ctx, c.prog, c.args...)
+	cmd := exec.CommandContext(ctx, c.prog, append(c.configArgs, c.args...)...)
 	c.cmd = cmd // for debug purpose only
 	if opts.Env == nil {
 		cmd.Env = os.Environ()
@@ -350,9 +368,10 @@ func (c *Command) run(ctx context.Context, skip int, opts *RunOpts) error {
 	// We need to check if the context is canceled by the program on Windows.
 	// This is because Windows does not have signal checking when terminating the process.
 	// It always returns exit code 1, unlike Linux, which has many exit codes for signals.
+	// `err.Error()` returns "exit status 1" when using the `git check-attr` command after the context is canceled.
 	if runtime.GOOS == "windows" &&
 		err != nil &&
-		err.Error() == "" &&
+		(err.Error() == "" || err.Error() == "exit status 1") &&
 		cmd.ProcessState.ExitCode() == 1 &&
 		ctx.Err() == context.Canceled {
 		return ctx.Err()
diff --git a/modules/git/command_test.go b/modules/git/command_test.go
index 005a760ed1..eb112707e7 100644
--- a/modules/git/command_test.go
+++ b/modules/git/command_test.go
@@ -54,8 +54,8 @@ func TestGitArgument(t *testing.T) {
 
 func TestCommandString(t *testing.T) {
 	cmd := NewCommandNoGlobals("a", "-m msg", "it's a test", `say "hello"`)
-	assert.EqualValues(t, cmd.prog+` a "-m msg" "it's a test" "say \"hello\""`, cmd.LogString())
+	assert.Equal(t, cmd.prog+` a "-m msg" "it's a test" "say \"hello\""`, cmd.LogString())
 
 	cmd = NewCommandNoGlobals("url: https://a:b@c/", "/root/dir-a/dir-b")
-	assert.EqualValues(t, cmd.prog+` "url: https://sanitized-credential@c/" .../dir-a/dir-b`, cmd.LogString())
+	assert.Equal(t, cmd.prog+` "url: https://sanitized-credential@c/" .../dir-a/dir-b`, cmd.LogString())
 }
diff --git a/modules/git/commit.go b/modules/git/commit.go
index 3e790e89d9..aae40c575b 100644
--- a/modules/git/commit.go
+++ b/modules/git/commit.go
@@ -20,10 +20,11 @@ import (
 
 // Commit represents a git commit.
 type Commit struct {
-	Tree
-	ID            ObjectID // The ID of this commit object
-	Author        *Signature
-	Committer     *Signature
+	Tree // FIXME: bad design, this field can be nil if the commit is from "last commit cache"
+
+	ID            ObjectID
+	Author        *Signature // never nil
+	Committer     *Signature // never nil
 	CommitMessage string
 	Signature     *CommitSignature
 
@@ -34,7 +35,7 @@ type Commit struct {
 // CommitSignature represents a git commit signature part.
 type CommitSignature struct {
 	Signature string
-	Payload   string // TODO check if can be reconstruct from the rest of commit information to not have duplicate data
+	Payload   string
 }
 
 // Message returns the commit message. Same as retrieving CommitMessage directly.
@@ -166,6 +167,8 @@ type CommitsCountOptions struct {
 	Not      string
 	Revision []string
 	RelPath  []string
+	Since    string
+	Until    string
 }
 
 // CommitsCount returns number of total commits of until given revision.
@@ -199,8 +202,8 @@ func (c *Commit) CommitsCount() (int64, error) {
 }
 
 // CommitsByRange returns the specific page commits before current revision, every page's number default by CommitsRangeSize
-func (c *Commit) CommitsByRange(page, pageSize int, not string) ([]*Commit, error) {
-	return c.repo.commitsByRange(c.ID, page, pageSize, not)
+func (c *Commit) CommitsByRange(page, pageSize int, not, since, until string) ([]*Commit, error) {
+	return c.repo.commitsByRangeWithTime(c.ID, page, pageSize, not, since, until)
 }
 
 // CommitsBefore returns all the commits before current revision
@@ -275,8 +278,8 @@ func NewSearchCommitsOptions(searchString string, forAllRefs bool) SearchCommits
 	var keywords, authors, committers []string
 	var after, before string
 
-	fields := strings.Fields(searchString)
-	for _, k := range fields {
+	fields := strings.FieldsSeq(searchString)
+	for k := range fields {
 		switch {
 		case strings.HasPrefix(k, "author:"):
 			authors = append(authors, strings.TrimPrefix(k, "author:"))
diff --git a/modules/git/commit_info.go b/modules/git/commit_info.go
index c046acbb50..4f76a28f31 100644
--- a/modules/git/commit_info.go
+++ b/modules/git/commit_info.go
@@ -9,3 +9,15 @@ type CommitInfo struct {
 	Commit        *Commit
 	SubmoduleFile *CommitSubmoduleFile
 }
+
+func GetCommitInfoSubmoduleFile(repoLink, fullPath string, commit *Commit, refCommitID ObjectID) (*CommitSubmoduleFile, error) {
+	submodule, err := commit.GetSubModule(fullPath)
+	if err != nil {
+		return nil, err
+	}
+	if submodule == nil {
+		// unable to find submodule from ".gitmodules" file
+		return NewCommitSubmoduleFile(repoLink, fullPath, "", refCommitID.String()), nil
+	}
+	return NewCommitSubmoduleFile(repoLink, fullPath, submodule.URL, refCommitID.String()), nil
+}
diff --git a/modules/git/commit_info_gogit.go b/modules/git/commit_info_gogit.go
index 314c2df728..73227347bc 100644
--- a/modules/git/commit_info_gogit.go
+++ b/modules/git/commit_info_gogit.go
@@ -16,7 +16,7 @@ import (
 )
 
 // GetCommitsInfo gets information of all commits that are corresponding to these entries
-func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath string) ([]CommitInfo, *Commit, error) {
+func (tes Entries) GetCommitsInfo(ctx context.Context, repoLink string, commit *Commit, treePath string) ([]CommitInfo, *Commit, error) {
 	entryPaths := make([]string, len(tes)+1)
 	// Get the commit for the treePath itself
 	entryPaths[0] = ""
@@ -71,22 +71,12 @@ func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath
 			commitsInfo[i].Commit = entryCommit
 		}
 
-		// If the entry is a submodule add a submodule file for this
+		// If the entry is a submodule, add a submodule file for this
 		if entry.IsSubModule() {
-			subModuleURL := ""
-			var fullPath string
-			if len(treePath) > 0 {
-				fullPath = treePath + "/" + entry.Name()
-			} else {
-				fullPath = entry.Name()
-			}
-			if subModule, err := commit.GetSubModule(fullPath); err != nil {
+			commitsInfo[i].SubmoduleFile, err = GetCommitInfoSubmoduleFile(repoLink, path.Join(treePath, entry.Name()), commit, entry.ID)
+			if err != nil {
 				return nil, nil, err
-			} else if subModule != nil {
-				subModuleURL = subModule.URL
 			}
-			subModuleFile := NewCommitSubmoduleFile(subModuleURL, entry.ID.String())
-			commitsInfo[i].SubmoduleFile = subModuleFile
 		}
 	}
 
diff --git a/modules/git/commit_info_nogogit.go b/modules/git/commit_info_nogogit.go
index 7a6af0410b..ed775332a9 100644
--- a/modules/git/commit_info_nogogit.go
+++ b/modules/git/commit_info_nogogit.go
@@ -7,8 +7,7 @@ package git
 
 import (
 	"context"
-	"fmt"
-	"io"
+	"maps"
 	"path"
 	"sort"
 
@@ -16,7 +15,7 @@ import (
 )
 
 // GetCommitsInfo gets information of all commits that are corresponding to these entries
-func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath string) ([]CommitInfo, *Commit, error) {
+func (tes Entries) GetCommitsInfo(ctx context.Context, repoLink string, commit *Commit, treePath string) ([]CommitInfo, *Commit, error) {
 	entryPaths := make([]string, len(tes)+1)
 	// Get the commit for the treePath itself
 	entryPaths[0] = ""
@@ -40,9 +39,7 @@ func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath
 				return nil, nil, err
 			}
 
-			for pth, found := range commits {
-				revs[pth] = found
-			}
+			maps.Copy(revs, commits)
 		}
 	} else {
 		sort.Strings(entryPaths)
@@ -65,22 +62,12 @@ func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath
 			log.Debug("missing commit for %s", entry.Name())
 		}
 
-		// If the entry is a submodule add a submodule file for this
+		// If the entry is a submodule, add a submodule file for this
 		if entry.IsSubModule() {
-			subModuleURL := ""
-			var fullPath string
-			if len(treePath) > 0 {
-				fullPath = treePath + "/" + entry.Name()
-			} else {
-				fullPath = entry.Name()
-			}
-			if subModule, err := commit.GetSubModule(fullPath); err != nil {
+			commitsInfo[i].SubmoduleFile, err = GetCommitInfoSubmoduleFile(repoLink, path.Join(treePath, entry.Name()), commit, entry.ID)
+			if err != nil {
 				return nil, nil, err
-			} else if subModule != nil {
-				subModuleURL = subModule.URL
 			}
-			subModuleFile := NewCommitSubmoduleFile(subModuleURL, entry.ID.String())
-			commitsInfo[i].SubmoduleFile = subModuleFile
 		}
 	}
 
@@ -124,48 +111,25 @@ func GetLastCommitForPaths(ctx context.Context, commit *Commit, treePath string,
 		return nil, err
 	}
 
-	batchStdinWriter, batchReader, cancel, err := commit.repo.CatFileBatch(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer cancel()
-
 	commitsMap := map[string]*Commit{}
 	commitsMap[commit.ID.String()] = commit
 
 	commitCommits := map[string]*Commit{}
 	for path, commitID := range revs {
-		c, ok := commitsMap[commitID]
-		if ok {
-			commitCommits[path] = c
+		if len(commitID) == 0 {
 			continue
 		}
 
-		if len(commitID) == 0 {
+		c, ok := commitsMap[commitID]
+		if ok {
+			commitCommits[path] = c
 			continue
 		}
 
-		_, err := batchStdinWriter.Write([]byte(commitID + "\n"))
-		if err != nil {
-			return nil, err
-		}
-		_, typ, size, err := ReadBatchLine(batchReader)
-		if err != nil {
-			return nil, err
-		}
-		if typ != "commit" {
-			if err := DiscardFull(batchReader, size+1); err != nil {
-				return nil, err
-			}
-			return nil, fmt.Errorf("unexpected type: %s for commit id: %s", typ, commitID)
-		}
-		c, err = CommitFromReader(commit.repo, MustIDFromString(commitID), io.LimitReader(batchReader, size))
+		c, err := commit.repo.GetCommit(commitID) // Ensure the commit exists in the repository
 		if err != nil {
 			return nil, err
 		}
-		if _, err := batchReader.Discard(1); err != nil {
-			return nil, err
-		}
 		commitCommits[path] = c
 	}
 
diff --git a/modules/git/commit_info_test.go b/modules/git/commit_info_test.go
index ba518ab245..078b6815d2 100644
--- a/modules/git/commit_info_test.go
+++ b/modules/git/commit_info_test.go
@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 const (
@@ -82,7 +83,7 @@ func testGetCommitsInfo(t *testing.T, repo1 *Repository) {
 		}
 
 		// FIXME: Context.TODO() - if graceful has started we should use its Shutdown context otherwise use install signals in TestMain.
-		commitsInfo, treeCommit, err := entries.GetCommitsInfo(t.Context(), commit, testCase.Path)
+		commitsInfo, treeCommit, err := entries.GetCommitsInfo(t.Context(), "/any/repo-link", commit, testCase.Path)
 		assert.NoError(t, err, "Unable to get commit information for entries of subtree: %s in commit: %s from testcase due to error: %v", testCase.Path, testCase.CommitID, err)
 		if err != nil {
 			t.FailNow()
@@ -120,6 +121,23 @@ func TestEntries_GetCommitsInfo(t *testing.T) {
 	defer clonedRepo1.Close()
 
 	testGetCommitsInfo(t, clonedRepo1)
+
+	t.Run("NonExistingSubmoduleAsNil", func(t *testing.T) {
+		commit, err := bareRepo1.GetCommit("HEAD")
+		require.NoError(t, err)
+		treeEntry, err := commit.GetTreeEntryByPath("file1.txt")
+		require.NoError(t, err)
+		cisf, err := GetCommitInfoSubmoduleFile("/any/repo-link", "file1.txt", commit, treeEntry.ID)
+		require.NoError(t, err)
+		assert.Equal(t, &CommitSubmoduleFile{
+			repoLink: "/any/repo-link",
+			fullPath: "file1.txt",
+			refURL:   "",
+			refID:    "e2129701f1a4d54dc44f03c93bca0a2aec7c5449",
+		}, cisf)
+		// since there is no refURL, it means that the submodule info doesn't exist, so it won't have a web link
+		assert.Nil(t, cisf.SubmoduleWebLinkTree(t.Context()))
+	})
 }
 
 func BenchmarkEntries_GetCommitsInfo(b *testing.B) {
@@ -159,7 +177,7 @@ func BenchmarkEntries_GetCommitsInfo(b *testing.B) {
 		b.ResetTimer()
 		b.Run(benchmark.name, func(b *testing.B) {
 			for b.Loop() {
-				_, _, err := entries.GetCommitsInfo(b.Context(), commit, "")
+				_, _, err := entries.GetCommitsInfo(b.Context(), "/any/repo-link", commit, "")
 				if err != nil {
 					b.Fatal(err)
 				}
diff --git a/modules/git/commit_reader.go b/modules/git/commit_reader.go
index 228bbaf314..eb8f4c6322 100644
--- a/modules/git/commit_reader.go
+++ b/modules/git/commit_reader.go
@@ -6,10 +6,44 @@ package git
 import (
 	"bufio"
 	"bytes"
+	"fmt"
 	"io"
-	"strings"
 )
 
+const (
+	commitHeaderGpgsig       = "gpgsig"
+	commitHeaderGpgsigSha256 = "gpgsig-sha256"
+)
+
+func assignCommitFields(gitRepo *Repository, commit *Commit, headerKey string, headerValue []byte) error {
+	if len(headerValue) > 0 && headerValue[len(headerValue)-1] == '\n' {
+		headerValue = headerValue[:len(headerValue)-1] // remove trailing newline
+	}
+	switch headerKey {
+	case "tree":
+		objID, err := NewIDFromString(string(headerValue))
+		if err != nil {
+			return fmt.Errorf("invalid tree ID %q: %w", string(headerValue), err)
+		}
+		commit.Tree = *NewTree(gitRepo, objID)
+	case "parent":
+		objID, err := NewIDFromString(string(headerValue))
+		if err != nil {
+			return fmt.Errorf("invalid parent ID %q: %w", string(headerValue), err)
+		}
+		commit.Parents = append(commit.Parents, objID)
+	case "author":
+		commit.Author.Decode(headerValue)
+	case "committer":
+		commit.Committer.Decode(headerValue)
+	case commitHeaderGpgsig, commitHeaderGpgsigSha256:
+		// if there are duplicate "gpgsig" and "gpgsig-sha256" headers, then the signature must have already been invalid
+		// so we don't need to handle duplicate headers here
+		commit.Signature = &CommitSignature{Signature: string(headerValue)}
+	}
+	return nil
+}
+
 // CommitFromReader will generate a Commit from a provided reader
 // We need this to interpret commits from cat-file or cat-file --batch
 //
@@ -21,90 +55,46 @@ func CommitFromReader(gitRepo *Repository, objectID ObjectID, reader io.Reader)
 		Committer: &Signature{},
 	}
 
-	payloadSB := new(strings.Builder)
-	signatureSB := new(strings.Builder)
-	messageSB := new(strings.Builder)
-	message := false
-	pgpsig := false
-
-	bufReader, ok := reader.(*bufio.Reader)
-	if !ok {
-		bufReader = bufio.NewReader(reader)
-	}
-
-readLoop:
+	bufReader := bufio.NewReader(reader)
+	inHeader := true
+	var payloadSB, messageSB bytes.Buffer
+	var headerKey string
+	var headerValue []byte
 	for {
 		line, err := bufReader.ReadBytes('\n')
-		if err != nil {
-			if err == io.EOF {
-				if message {
-					_, _ = messageSB.Write(line)
-				}
-				_, _ = payloadSB.Write(line)
-				break readLoop
-			}
-			return nil, err
+		if err != nil && err != io.EOF {
+			return nil, fmt.Errorf("unable to read commit %q: %w", objectID.String(), err)
 		}
-		if pgpsig {
-			if len(line) > 0 && line[0] == ' ' {
-				_, _ = signatureSB.Write(line[1:])
-				continue
-			}
-			pgpsig = false
+		if len(line) == 0 {
+			break
 		}
 
-		if !message {
-			// This is probably not correct but is copied from go-gits interpretation...
-			trimmed := bytes.TrimSpace(line)
-			if len(trimmed) == 0 {
-				message = true
-				_, _ = payloadSB.Write(line)
-				continue
-			}
-
-			split := bytes.SplitN(trimmed, []byte{' '}, 2)
-			var data []byte
-			if len(split) > 1 {
-				data = split[1]
+		if inHeader {
+			inHeader = !(len(line) == 1 && line[0] == '\n') // still in header if line is not just a newline
+			k, v, _ := bytes.Cut(line, []byte{' '})
+			if len(k) != 0 || !inHeader {
+				if headerKey != "" {
+					if err = assignCommitFields(gitRepo, commit, headerKey, headerValue); err != nil {
+						return nil, fmt.Errorf("unable to parse commit %q: %w", objectID.String(), err)
+					}
+				}
+				headerKey = string(k) // it also resets the headerValue to empty string if not inHeader
+				headerValue = v
+			} else {
+				headerValue = append(headerValue, v...)
 			}
-
-			switch string(split[0]) {
-			case "tree":
-				commit.Tree = *NewTree(gitRepo, MustIDFromString(string(data)))
+			if headerKey != commitHeaderGpgsig && headerKey != commitHeaderGpgsigSha256 {
 				_, _ = payloadSB.Write(line)
-			case "parent":
-				commit.Parents = append(commit.Parents, MustIDFromString(string(data)))
-				_, _ = payloadSB.Write(line)
-			case "author":
-				commit.Author = &Signature{}
-				commit.Author.Decode(data)
-				_, _ = payloadSB.Write(line)
-			case "committer":
-				commit.Committer = &Signature{}
-				commit.Committer.Decode(data)
-				_, _ = payloadSB.Write(line)
-			case "encoding":
-				_, _ = payloadSB.Write(line)
-			case "gpgsig":
-				fallthrough
-			case "gpgsig-sha256": // FIXME: no intertop, so only 1 exists at present.
-				_, _ = signatureSB.Write(data)
-				_ = signatureSB.WriteByte('\n')
-				pgpsig = true
 			}
 		} else {
 			_, _ = messageSB.Write(line)
 			_, _ = payloadSB.Write(line)
 		}
 	}
+
 	commit.CommitMessage = messageSB.String()
-	commit.Signature = &CommitSignature{
-		Signature: signatureSB.String(),
-		Payload:   payloadSB.String(),
-	}
-	if len(commit.Signature.Signature) == 0 {
-		commit.Signature = nil
+	if commit.Signature != nil {
+		commit.Signature.Payload = payloadSB.String()
 	}
-
 	return commit, nil
 }
diff --git a/modules/git/commit_sha256_test.go b/modules/git/commit_sha256_test.go
index f6ca83c9ed..97ccecdacc 100644
--- a/modules/git/commit_sha256_test.go
+++ b/modules/git/commit_sha256_test.go
@@ -60,8 +60,7 @@ func TestGetFullCommitIDErrorSha256(t *testing.T) {
 }
 
 func TestCommitFromReaderSha256(t *testing.T) {
-	commitString := `9433b2a62b964c17a4485ae180f45f595d3e69d31b786087775e28c6b6399df0 commit 1114
-tree e7f9e96dd79c09b078cac8b303a7d3b9d65ff9b734e86060a4d20409fd379f9e
+	commitString := `tree e7f9e96dd79c09b078cac8b303a7d3b9d65ff9b734e86060a4d20409fd379f9e
 parent 26e9ccc29fad747e9c5d9f4c9ddeb7eff61cc45ef6a8dc258cbeb181afc055e8
 author Adam Majer <amajer@suse.de> 1698676906 +0100
 committer Adam Majer <amajer@suse.de> 1698676906 +0100
@@ -97,7 +96,7 @@ signed commit`
 	assert.NoError(t, err)
 	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
-	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
+	assert.Equal(t, `-----BEGIN PGP SIGNATURE-----
 
 iQIrBAABCgAtFiEES+fB08xlgTrzSdQvhkUIsBsmec8FAmU/wKoPHGFtYWplckBz
 dXNlLmRlAAoJEIZFCLAbJnnP4s4PQIJATa++WPzR6/H4etT7bsOGoMyguEJYyWOd
@@ -112,21 +111,20 @@ VAEUo6ecdDxSpyt2naeg9pKus/BRi7P6g4B1hkk/zZstUX/QP4IQuAJbXjkvsC+X
 HKRr3NlRM/DygzTyj0gN74uoa0goCIbyAQhiT42nm0cuhM7uN/W0ayrlZjGF1cbR
 8NCJUL2Nwj0ywKIavC99Ipkb8AsFwpVT6U6effs6
 =xybZ
------END PGP SIGNATURE-----
-`, commitFromReader.Signature.Signature)
-	assert.EqualValues(t, `tree e7f9e96dd79c09b078cac8b303a7d3b9d65ff9b734e86060a4d20409fd379f9e
+-----END PGP SIGNATURE-----`, commitFromReader.Signature.Signature)
+	assert.Equal(t, `tree e7f9e96dd79c09b078cac8b303a7d3b9d65ff9b734e86060a4d20409fd379f9e
 parent 26e9ccc29fad747e9c5d9f4c9ddeb7eff61cc45ef6a8dc258cbeb181afc055e8
 author Adam Majer <amajer@suse.de> 1698676906 +0100
 committer Adam Majer <amajer@suse.de> 1698676906 +0100
 
 signed commit`, commitFromReader.Signature.Payload)
-	assert.EqualValues(t, "Adam Majer <amajer@suse.de>", commitFromReader.Author.String())
+	assert.Equal(t, "Adam Majer <amajer@suse.de>", commitFromReader.Author.String())
 
 	commitFromReader2, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString+"\n\n"))
 	assert.NoError(t, err)
 	commitFromReader.CommitMessage += "\n\n"
 	commitFromReader.Signature.Payload += "\n\n"
-	assert.EqualValues(t, commitFromReader, commitFromReader2)
+	assert.Equal(t, commitFromReader, commitFromReader2)
 }
 
 func TestHasPreviousCommitSha256(t *testing.T) {
diff --git a/modules/git/commit_submodule.go b/modules/git/commit_submodule.go
index 031fd4e5d0..ff253b7eca 100644
--- a/modules/git/commit_submodule.go
+++ b/modules/git/commit_submodule.go
@@ -35,7 +35,8 @@ func (c *Commit) GetSubModules() (*ObjectCache[*SubModule], error) {
 	return c.submoduleCache, nil
 }
 
-// GetSubModule get the submodule according entry name
+// GetSubModule gets the submodule by the entry name.
+// It returns "nil, nil" if the submodule does not exist, caller should always remember to check the "nil"
 func (c *Commit) GetSubModule(entryName string) (*SubModule, error) {
 	modules, err := c.GetSubModules()
 	if err != nil {
diff --git a/modules/git/commit_submodule_file.go b/modules/git/commit_submodule_file.go
index 729401f752..efcf53b07c 100644
--- a/modules/git/commit_submodule_file.go
+++ b/modules/git/commit_submodule_file.go
@@ -6,49 +6,64 @@ package git
 
 import (
 	"context"
+	"path"
+	"strings"
 
 	giturl "code.gitea.io/gitea/modules/git/url"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // CommitSubmoduleFile represents a file with submodule type.
 type CommitSubmoduleFile struct {
-	refURL    string
-	parsedURL *giturl.RepositoryURL
-	parsed    bool
-	refID     string
-	repoLink  string
+	repoLink string
+	fullPath string
+	refURL   string
+	refID    string
+
+	parsed           bool
+	parsedTargetLink string
 }
 
 // NewCommitSubmoduleFile create a new submodule file
-func NewCommitSubmoduleFile(refURL, refID string) *CommitSubmoduleFile {
-	return &CommitSubmoduleFile{refURL: refURL, refID: refID}
+func NewCommitSubmoduleFile(repoLink, fullPath, refURL, refID string) *CommitSubmoduleFile {
+	return &CommitSubmoduleFile{repoLink: repoLink, fullPath: fullPath, refURL: refURL, refID: refID}
 }
 
+// RefID returns the commit ID of the submodule, it returns empty string for nil receiver
 func (sf *CommitSubmoduleFile) RefID() string {
-	return sf.refID // this function is only used in templates
+	if sf == nil {
+		return ""
+	}
+	return sf.refID
 }
 
-// SubmoduleWebLink tries to make some web links for a submodule, it also works on "nil" receiver
-func (sf *CommitSubmoduleFile) SubmoduleWebLink(ctx context.Context, optCommitID ...string) *SubmoduleWebLink {
-	if sf == nil {
+func (sf *CommitSubmoduleFile) getWebLinkInTargetRepo(ctx context.Context, moreLinkPath string) *SubmoduleWebLink {
+	if sf == nil || sf.refURL == "" {
 		return nil
 	}
+	if strings.HasPrefix(sf.refURL, "../") {
+		targetLink := path.Join(sf.repoLink, sf.refURL)
+		return &SubmoduleWebLink{RepoWebLink: targetLink, CommitWebLink: targetLink + moreLinkPath}
+	}
 	if !sf.parsed {
 		sf.parsed = true
 		parsedURL, err := giturl.ParseRepositoryURL(ctx, sf.refURL)
 		if err != nil {
 			return nil
 		}
-		sf.parsedURL = parsedURL
-		sf.repoLink = giturl.MakeRepositoryWebLink(sf.parsedURL)
+		sf.parsedTargetLink = giturl.MakeRepositoryWebLink(parsedURL)
 	}
-	var commitLink string
-	if len(optCommitID) == 2 {
-		commitLink = sf.repoLink + "/compare/" + optCommitID[0] + "..." + optCommitID[1]
-	} else if len(optCommitID) == 1 {
-		commitLink = sf.repoLink + "/tree/" + optCommitID[0]
-	} else {
-		commitLink = sf.repoLink + "/tree/" + sf.refID
-	}
-	return &SubmoduleWebLink{RepoWebLink: sf.repoLink, CommitWebLink: commitLink}
+	return &SubmoduleWebLink{RepoWebLink: sf.parsedTargetLink, CommitWebLink: sf.parsedTargetLink + moreLinkPath}
+}
+
+// SubmoduleWebLinkTree tries to make the submodule's tree link in its own repo, it also works on "nil" receiver
+// It returns nil if the submodule does not have a valid URL or is nil
+func (sf *CommitSubmoduleFile) SubmoduleWebLinkTree(ctx context.Context, optCommitID ...string) *SubmoduleWebLink {
+	return sf.getWebLinkInTargetRepo(ctx, "/tree/"+util.OptionalArg(optCommitID, sf.RefID()))
+}
+
+// SubmoduleWebLinkCompare tries to make the submodule's compare link in its own repo, it also works on "nil" receiver
+// It returns nil if the submodule does not have a valid URL or is nil
+func (sf *CommitSubmoduleFile) SubmoduleWebLinkCompare(ctx context.Context, commitID1, commitID2 string) *SubmoduleWebLink {
+	return sf.getWebLinkInTargetRepo(ctx, "/compare/"+commitID1+"..."+commitID2)
 }
diff --git a/modules/git/commit_submodule_file_test.go b/modules/git/commit_submodule_file_test.go
index 6581fa8712..33fe146444 100644
--- a/modules/git/commit_submodule_file_test.go
+++ b/modules/git/commit_submodule_file_test.go
@@ -10,20 +10,31 @@ import (
 )
 
 func TestCommitSubmoduleLink(t *testing.T) {
-	sf := NewCommitSubmoduleFile("git@github.com:user/repo.git", "aaaa")
-
-	wl := sf.SubmoduleWebLink(t.Context())
-	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
-	assert.Equal(t, "https://github.com/user/repo/tree/aaaa", wl.CommitWebLink)
-
-	wl = sf.SubmoduleWebLink(t.Context(), "1111")
-	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
-	assert.Equal(t, "https://github.com/user/repo/tree/1111", wl.CommitWebLink)
-
-	wl = sf.SubmoduleWebLink(t.Context(), "1111", "2222")
-	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
-	assert.Equal(t, "https://github.com/user/repo/compare/1111...2222", wl.CommitWebLink)
-
-	wl = (*CommitSubmoduleFile)(nil).SubmoduleWebLink(t.Context())
-	assert.Nil(t, wl)
+	assert.Nil(t, (*CommitSubmoduleFile)(nil).SubmoduleWebLinkTree(t.Context()))
+	assert.Nil(t, (*CommitSubmoduleFile)(nil).SubmoduleWebLinkCompare(t.Context(), "", ""))
+	assert.Nil(t, (&CommitSubmoduleFile{}).SubmoduleWebLinkTree(t.Context()))
+	assert.Nil(t, (&CommitSubmoduleFile{}).SubmoduleWebLinkCompare(t.Context(), "", ""))
+
+	t.Run("GitHubRepo", func(t *testing.T) {
+		sf := NewCommitSubmoduleFile("/any/repo-link", "full-path", "git@github.com:user/repo.git", "aaaa")
+		wl := sf.SubmoduleWebLinkTree(t.Context())
+		assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
+		assert.Equal(t, "https://github.com/user/repo/tree/aaaa", wl.CommitWebLink)
+
+		wl = sf.SubmoduleWebLinkCompare(t.Context(), "1111", "2222")
+		assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
+		assert.Equal(t, "https://github.com/user/repo/compare/1111...2222", wl.CommitWebLink)
+	})
+
+	t.Run("RelativePath", func(t *testing.T) {
+		sf := NewCommitSubmoduleFile("/subpath/any/repo-home-link", "full-path", "../../user/repo", "aaaa")
+		wl := sf.SubmoduleWebLinkTree(t.Context())
+		assert.Equal(t, "/subpath/user/repo", wl.RepoWebLink)
+		assert.Equal(t, "/subpath/user/repo/tree/aaaa", wl.CommitWebLink)
+
+		sf = NewCommitSubmoduleFile("/subpath/any/repo-home-link", "dir/submodule", "../../user/repo", "aaaa")
+		wl = sf.SubmoduleWebLinkCompare(t.Context(), "1111", "2222")
+		assert.Equal(t, "/subpath/user/repo", wl.RepoWebLink)
+		assert.Equal(t, "/subpath/user/repo/compare/1111...2222", wl.CommitWebLink)
+	})
 }
diff --git a/modules/git/commit_test.go b/modules/git/commit_test.go
index 5319e09bb7..81fb91dfc6 100644
--- a/modules/git/commit_test.go
+++ b/modules/git/commit_test.go
@@ -59,8 +59,7 @@ func TestGetFullCommitIDError(t *testing.T) {
 }
 
 func TestCommitFromReader(t *testing.T) {
-	commitString := `feaf4ba6bc635fec442f46ddd4512416ec43c2c2 commit 1074
-tree f1a6cb52b2d16773290cefe49ad0684b50a4f930
+	commitString := `tree f1a6cb52b2d16773290cefe49ad0684b50a4f930
 parent 37991dec2c8e592043f47155ce4808d4580f9123
 author silverwind <me@silverwind.io> 1563741793 +0200
 committer silverwind <me@silverwind.io> 1563741793 +0200
@@ -93,7 +92,7 @@ empty commit`
 	assert.NoError(t, err)
 	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
-	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
+	assert.Equal(t, `-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEWPb2jX6FS2mqyJRQLmK0HJOGlEMFAl00zmEACgkQLmK0HJOG
 lEMDFBAAhQKKqLD1VICygJMEB8t1gBmNLgvziOLfpX4KPWdPtBk3v/QJ7OrfMrVK
@@ -108,26 +107,24 @@ sD53z/f0J+We4VZjY+pidvA9BGZPFVdR3wd3xGs8/oH6UWaLJAMGkLG6dDb3qDLm
 mfeFhT57UbE4qukTDIQ0Y0WM40UYRTakRaDY7ubhXgLgx09Cnp9XTVMsHgT6j9/i
 1pxsB104XLWjQHTjr1JtiaBQEwFh9r2OKTcpvaLcbNtYpo7CzOs=
 =FRsO
------END PGP SIGNATURE-----
-`, commitFromReader.Signature.Signature)
-	assert.EqualValues(t, `tree f1a6cb52b2d16773290cefe49ad0684b50a4f930
+-----END PGP SIGNATURE-----`, commitFromReader.Signature.Signature)
+	assert.Equal(t, `tree f1a6cb52b2d16773290cefe49ad0684b50a4f930
 parent 37991dec2c8e592043f47155ce4808d4580f9123
 author silverwind <me@silverwind.io> 1563741793 +0200
 committer silverwind <me@silverwind.io> 1563741793 +0200
 
 empty commit`, commitFromReader.Signature.Payload)
-	assert.EqualValues(t, "silverwind <me@silverwind.io>", commitFromReader.Author.String())
+	assert.Equal(t, "silverwind <me@silverwind.io>", commitFromReader.Author.String())
 
 	commitFromReader2, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString+"\n\n"))
 	assert.NoError(t, err)
 	commitFromReader.CommitMessage += "\n\n"
 	commitFromReader.Signature.Payload += "\n\n"
-	assert.EqualValues(t, commitFromReader, commitFromReader2)
+	assert.Equal(t, commitFromReader, commitFromReader2)
 }
 
 func TestCommitWithEncodingFromReader(t *testing.T) {
-	commitString := `feaf4ba6bc635fec442f46ddd4512416ec43c2c2 commit 1074
-tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5
+	commitString := `tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5
 parent 47b24e7ab977ed31c5a39989d570847d6d0052af
 author KN4CK3R <admin@oldschoolhack.me> 1711702962 +0100
 committer KN4CK3R <admin@oldschoolhack.me> 1711702962 +0100
@@ -159,7 +156,7 @@ ISO-8859-1`
 	assert.NoError(t, err)
 	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
-	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
+	assert.Equal(t, `-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEE9HRrbqvYxPT8PXbefPSEkrowAa8FAmYGg7IACgkQfPSEkrow
 Aa9olwv+P0HhtCM6CRvlUmPaqswRsDPNR4i66xyXGiSxdI9V5oJL7HLiQIM7KrFR
@@ -172,22 +169,21 @@ SONRzusmu5n3DgV956REL7x62h7JuqmBz/12HZkr0z0zgXkcZ04q08pSJATX5N1F
 yN+tWxTsWg+zhDk96d5Esdo9JMjcFvPv0eioo30GAERaz1hoD7zCMT4jgUFTQwgz
 jw4YcO5u
 =r3UU
------END PGP SIGNATURE-----
-`, commitFromReader.Signature.Signature)
-	assert.EqualValues(t, `tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5
+-----END PGP SIGNATURE-----`, commitFromReader.Signature.Signature)
+	assert.Equal(t, `tree ca3fad42080dd1a6d291b75acdfc46e5b9b307e5
 parent 47b24e7ab977ed31c5a39989d570847d6d0052af
 author KN4CK3R <admin@oldschoolhack.me> 1711702962 +0100
 committer KN4CK3R <admin@oldschoolhack.me> 1711702962 +0100
 encoding ISO-8859-1
 
 ISO-8859-1`, commitFromReader.Signature.Payload)
-	assert.EqualValues(t, "KN4CK3R <admin@oldschoolhack.me>", commitFromReader.Author.String())
+	assert.Equal(t, "KN4CK3R <admin@oldschoolhack.me>", commitFromReader.Author.String())
 
 	commitFromReader2, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString+"\n\n"))
 	assert.NoError(t, err)
 	commitFromReader.CommitMessage += "\n\n"
 	commitFromReader.Signature.Payload += "\n\n"
-	assert.EqualValues(t, commitFromReader, commitFromReader2)
+	assert.Equal(t, commitFromReader, commitFromReader2)
 }
 
 func TestHasPreviousCommit(t *testing.T) {
@@ -351,10 +347,10 @@ func Test_GetCommitBranchStart(t *testing.T) {
 	defer repo.Close()
 	commit, err := repo.GetBranchCommit("branch1")
 	assert.NoError(t, err)
-	assert.EqualValues(t, "2839944139e0de9737a044f78b0e4b40d989a9e3", commit.ID.String())
+	assert.Equal(t, "2839944139e0de9737a044f78b0e4b40d989a9e3", commit.ID.String())
 
 	startCommitID, err := repo.GetCommitBranchStart(os.Environ(), "branch1", commit.ID.String())
 	assert.NoError(t, err)
 	assert.NotEmpty(t, startCommitID)
-	assert.EqualValues(t, "95bb4d39648ee7e325106df01a621c530863a653", startCommitID)
+	assert.Equal(t, "95bb4d39648ee7e325106df01a621c530863a653", startCommitID)
 }
diff --git a/modules/git/diff.go b/modules/git/diff.go
index c4df6b8063..35d115be0e 100644
--- a/modules/git/diff.go
+++ b/modules/git/diff.go
@@ -99,9 +99,9 @@ func GetRepoRawDiffForFile(repo *Repository, startCommit, endCommit string, diff
 	return nil
 }
 
-// ParseDiffHunkString parse the diffhunk content and return
-func ParseDiffHunkString(diffhunk string) (leftLine, leftHunk, rightLine, righHunk int) {
-	ss := strings.Split(diffhunk, "@@")
+// ParseDiffHunkString parse the diff hunk content and return
+func ParseDiffHunkString(diffHunk string) (leftLine, leftHunk, rightLine, rightHunk int) {
+	ss := strings.Split(diffHunk, "@@")
 	ranges := strings.Split(ss[1][1:], " ")
 	leftRange := strings.Split(ranges[0], ",")
 	leftLine, _ = strconv.Atoi(leftRange[0][1:])
@@ -112,14 +112,19 @@ func ParseDiffHunkString(diffhunk string) (leftLine, leftHunk, rightLine, righHu
 		rightRange := strings.Split(ranges[1], ",")
 		rightLine, _ = strconv.Atoi(rightRange[0])
 		if len(rightRange) > 1 {
-			righHunk, _ = strconv.Atoi(rightRange[1])
+			rightHunk, _ = strconv.Atoi(rightRange[1])
 		}
 	} else {
-		log.Debug("Parse line number failed: %v", diffhunk)
+		log.Debug("Parse line number failed: %v", diffHunk)
 		rightLine = leftLine
-		righHunk = leftHunk
+		rightHunk = leftHunk
 	}
-	return leftLine, leftHunk, rightLine, righHunk
+	if rightLine == 0 {
+		// FIXME: GIT-DIFF-CUT-BUG search this tag to see details
+		// this is only a hacky patch, the rightLine&rightHunk might still be incorrect in some cases.
+		rightLine++
+	}
+	return leftLine, leftHunk, rightLine, rightHunk
 }
 
 // Example: @@ -1,8 +1,9 @@ => [..., 1, 8, 1, 9]
@@ -270,6 +275,12 @@ func CutDiffAroundLine(originalDiff io.Reader, line int64, old bool, numbersOfLi
 			oldNumOfLines++
 		}
 	}
+
+	// "git diff" outputs "@@ -1 +1,3 @@" for "OLD" => "A\nB\nC"
+	// FIXME: GIT-DIFF-CUT-BUG But there is a bug in CutDiffAroundLine, then the "Patch" stored in the comment model becomes "@@ -1,1 +0,4 @@"
+	// It may generate incorrect results for difference cases, for example: delete 2 line add 1 line, delete 2 line add 2 line etc, need to double check.
+	// For example: "L1\nL2" => "A\nB", then the patch shows "L2" as line 1 on the left (deleted part)
+
 	// construct the new hunk header
 	newHunk[headerLines] = fmt.Sprintf("@@ -%d,%d +%d,%d @@",
 		oldBegin, oldNumOfLines, newBegin, newNumOfLines)
diff --git a/modules/git/diff_test.go b/modules/git/diff_test.go
index 0f865c52a8..7671fffcc1 100644
--- a/modules/git/diff_test.go
+++ b/modules/git/diff_test.go
@@ -154,7 +154,7 @@ func TestCutDiffAroundLine(t *testing.T) {
 }
 
 func BenchmarkCutDiffAroundLine(b *testing.B) {
-	for n := 0; n < b.N; n++ {
+	for b.Loop() {
 		CutDiffAroundLine(strings.NewReader(exampleDiff), 3, true, 3)
 	}
 }
@@ -177,8 +177,8 @@ func ExampleCutDiffAroundLine() {
 
 func TestParseDiffHunkString(t *testing.T) {
 	leftLine, leftHunk, rightLine, rightHunk := ParseDiffHunkString("@@ -19,3 +19,5 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER")
-	assert.EqualValues(t, 19, leftLine)
-	assert.EqualValues(t, 3, leftHunk)
-	assert.EqualValues(t, 19, rightLine)
-	assert.EqualValues(t, 5, rightHunk)
+	assert.Equal(t, 19, leftLine)
+	assert.Equal(t, 3, leftHunk)
+	assert.Equal(t, 19, rightLine)
+	assert.Equal(t, 5, rightHunk)
 }
diff --git a/modules/git/error.go b/modules/git/error.go
index 10fb37be07..7d131345d0 100644
--- a/modules/git/error.go
+++ b/modules/git/error.go
@@ -32,22 +32,6 @@ func (err ErrNotExist) Unwrap() error {
 	return util.ErrNotExist
 }
 
-// ErrBadLink entry.FollowLink error
-type ErrBadLink struct {
-	Name    string
-	Message string
-}
-
-func (err ErrBadLink) Error() string {
-	return fmt.Sprintf("%s: %s", err.Name, err.Message)
-}
-
-// IsErrBadLink if some error is ErrBadLink
-func IsErrBadLink(err error) bool {
-	_, ok := err.(ErrBadLink)
-	return ok
-}
-
 // ErrBranchNotExist represents a "BranchNotExist" kind of error.
 type ErrBranchNotExist struct {
 	Name string
diff --git a/modules/git/foreachref/format.go b/modules/git/foreachref/format.go
index 97e8ee4724..d9573a55d6 100644
--- a/modules/git/foreachref/format.go
+++ b/modules/git/foreachref/format.go
@@ -76,7 +76,7 @@ func (f Format) Parser(r io.Reader) *Parser {
 // would turn into "%0a%00".
 func (f Format) hexEscaped(delim []byte) string {
 	escaped := ""
-	for i := 0; i < len(delim); i++ {
+	for i := range delim {
 		escaped += "%" + hex.EncodeToString([]byte{delim[i]})
 	}
 	return escaped
diff --git a/modules/git/git.go b/modules/git/git.go
index 2b593910a2..a2ffd6d289 100644
--- a/modules/git/git.go
+++ b/modules/git/git.go
@@ -30,6 +30,7 @@ type Features struct {
 	SupportProcReceive     bool           // >= 2.29
 	SupportHashSha256      bool           // >= 2.42, SHA-256 repositories no longer an ‘experimental curiosity’
 	SupportedObjectFormats []ObjectFormat // sha1, sha256
+	SupportCheckAttrOnBare bool           // >= 2.40
 }
 
 var (
@@ -77,6 +78,7 @@ func loadGitVersionFeatures() (*Features, error) {
 	if features.SupportHashSha256 {
 		features.SupportedObjectFormats = append(features.SupportedObjectFormats, Sha256ObjectFormat)
 	}
+	features.SupportCheckAttrOnBare = features.CheckVersionAtLeast("2.40")
 	return features, nil
 }
 
diff --git a/modules/git/git_test.go b/modules/git/git_test.go
index 5472842b76..58ba01cabc 100644
--- a/modules/git/git_test.go
+++ b/modules/git/git_test.go
@@ -10,18 +10,19 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/tempdir"
 
 	"github.com/hashicorp/go-version"
 	"github.com/stretchr/testify/assert"
 )
 
 func testRun(m *testing.M) error {
-	gitHomePath, err := os.MkdirTemp(os.TempDir(), "git-home")
+	gitHomePath, cleanup, err := tempdir.OsTempDir("gitea-test").MkdirTempRandom("git-home")
 	if err != nil {
 		return fmt.Errorf("unable to create temp dir: %w", err)
 	}
-	defer util.RemoveAll(gitHomePath)
+	defer cleanup()
+
 	setting.Git.HomePath = gitHomePath
 
 	if err = InitFull(context.Background()); err != nil {
diff --git a/modules/git/grep.go b/modules/git/grep.go
index 44ec6ca2be..66711650c9 100644
--- a/modules/git/grep.go
+++ b/modules/git/grep.go
@@ -61,14 +61,15 @@ func GrepSearch(ctx context.Context, repo *Repository, search string, opts GrepO
 	*/
 	var results []*GrepResult
 	cmd := NewCommand("grep", "--null", "--break", "--heading", "--line-number", "--full-name")
-	cmd.AddOptionValues("--context", fmt.Sprint(opts.ContextLineNumber))
-	if opts.GrepMode == GrepModeExact {
+	cmd.AddOptionValues("--context", strconv.Itoa(opts.ContextLineNumber))
+	switch opts.GrepMode {
+	case GrepModeExact:
 		cmd.AddArguments("--fixed-strings")
 		cmd.AddOptionValues("-e", strings.TrimLeft(search, "-"))
-	} else if opts.GrepMode == GrepModeRegexp {
+	case GrepModeRegexp:
 		cmd.AddArguments("--perl-regexp")
 		cmd.AddOptionValues("-e", strings.TrimLeft(search, "-"))
-	} else /* words */ {
+	default: /* words */
 		words := strings.Fields(search)
 		cmd.AddArguments("--fixed-strings", "--ignore-case")
 		for i, word := range words {
diff --git a/modules/git/hook.go b/modules/git/hook.go
index 46f93ce13e..548a59971d 100644
--- a/modules/git/hook.go
+++ b/modules/git/hook.go
@@ -7,11 +7,10 @@ package git
 import (
 	"errors"
 	"os"
-	"path"
 	"path/filepath"
+	"slices"
 	"strings"
 
-	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/util"
 )
 
@@ -27,12 +26,7 @@ var ErrNotValidHook = errors.New("not a valid Git hook")
 
 // IsValidHookName returns true if given name is a valid Git hook.
 func IsValidHookName(name string) bool {
-	for _, hn := range hookNames {
-		if hn == name {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(hookNames, name)
 }
 
 // Hook represents a Git hook.
@@ -51,17 +45,28 @@ func GetHook(repoPath, name string) (*Hook, error) {
 	}
 	h := &Hook{
 		name: name,
-		path: path.Join(repoPath, "hooks", name+".d", name),
+		path: filepath.Join(repoPath, "hooks", name+".d", name),
 	}
-	samplePath := filepath.Join(repoPath, "hooks", name+".sample")
-	if isFile(h.path) {
+	isFile, err := util.IsFile(h.path)
+	if err != nil {
+		return nil, err
+	}
+	if isFile {
 		data, err := os.ReadFile(h.path)
 		if err != nil {
 			return nil, err
 		}
 		h.IsActive = true
 		h.Content = string(data)
-	} else if isFile(samplePath) {
+		return h, nil
+	}
+
+	samplePath := filepath.Join(repoPath, "hooks", name+".sample")
+	isFile, err = util.IsFile(samplePath)
+	if err != nil {
+		return nil, err
+	}
+	if isFile {
 		data, err := os.ReadFile(samplePath)
 		if err != nil {
 			return nil, err
@@ -79,7 +84,11 @@ func (h *Hook) Name() string {
 // Update updates hook settings.
 func (h *Hook) Update() error {
 	if len(strings.TrimSpace(h.Content)) == 0 {
-		if isExist(h.path) {
+		exist, err := util.IsExist(h.path)
+		if err != nil {
+			return err
+		}
+		if exist {
 			err := util.Remove(h.path)
 			if err != nil {
 				return err
@@ -103,7 +112,10 @@ func (h *Hook) Update() error {
 
 // ListHooks returns a list of Git hooks of given repository.
 func ListHooks(repoPath string) (_ []*Hook, err error) {
-	if !isDir(path.Join(repoPath, "hooks")) {
+	exist, err := util.IsDir(filepath.Join(repoPath, "hooks"))
+	if err != nil {
+		return nil, err
+	} else if !exist {
 		return nil, errors.New("hooks path does not exist")
 	}
 
@@ -116,28 +128,3 @@ func ListHooks(repoPath string) (_ []*Hook, err error) {
 	}
 	return hooks, nil
 }
-
-const (
-	// HookPathUpdate hook update path
-	HookPathUpdate = "hooks/update"
-)
-
-// SetUpdateHook writes given content to update hook of the repository.
-func SetUpdateHook(repoPath, content string) (err error) {
-	log.Debug("Setting update hook: %s", repoPath)
-	hookPath := path.Join(repoPath, HookPathUpdate)
-	isExist, err := util.IsExist(hookPath)
-	if err != nil {
-		log.Debug("Unable to check if %s exists. Error: %v", hookPath, err)
-		return err
-	}
-	if isExist {
-		err = util.Remove(hookPath)
-	} else {
-		err = os.MkdirAll(path.Dir(hookPath), os.ModePerm)
-	}
-	if err != nil {
-		return err
-	}
-	return os.WriteFile(hookPath, []byte(content), 0o777)
-}
diff --git a/modules/git/key.go b/modules/git/key.go
new file mode 100644
index 0000000000..2513c048b7
--- /dev/null
+++ b/modules/git/key.go
@@ -0,0 +1,15 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+// Based on https://git-scm.com/docs/git-config#Documentation/git-config.txt-gpgformat
+const (
+	SigningKeyFormatOpenPGP = "openpgp" // for GPG keys, the expected default of git cli
+	SigningKeyFormatSSH     = "ssh"
+)
+
+type SigningKey struct {
+	KeyID  string
+	Format string
+}
diff --git a/modules/git/repo_language_stats.go b/modules/git/languagestats/language_stats.go
index 8551ea9d24..a71284c3e4 100644
--- a/modules/git/repo_language_stats.go
+++ b/modules/git/languagestats/language_stats.go
@@ -1,13 +1,15 @@
 // Copyright 2020 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package git
+package languagestats
 
 import (
+	"context"
 	"strings"
 	"unicode"
 
-	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 )
 
 const (
@@ -49,19 +51,15 @@ func mergeLanguageStats(stats map[string]int64) map[string]int64 {
 	return res
 }
 
-func TryReadLanguageAttribute(attrs map[string]string) optional.Option[string] {
-	language := AttributeToString(attrs, AttributeLinguistLanguage)
-	if language.Value() == "" {
-		language = AttributeToString(attrs, AttributeGitlabLanguage)
-		if language.Has() {
-			raw := language.Value()
-			// gitlab-language may have additional parameters after the language
-			// ignore them and just use the main language
-			// https://docs.gitlab.com/ee/user/project/highlighting.html#override-syntax-highlighting-for-a-file-type
-			if idx := strings.IndexByte(raw, '?'); idx >= 0 {
-				language = optional.Some(raw[:idx])
-			}
-		}
+// GetFileLanguage tries to get the (linguist) language of the file content
+func GetFileLanguage(ctx context.Context, gitRepo *git.Repository, treeish, treePath string) (string, error) {
+	attributesMap, err := attribute.CheckAttributes(ctx, gitRepo, treeish, attribute.CheckAttributeOpts{
+		Attributes: []string{attribute.LinguistLanguage, attribute.GitlabLanguage},
+		Filenames:  []string{treePath},
+	})
+	if err != nil {
+		return "", err
 	}
-	return language
+
+	return attributesMap[treePath].GetLanguage().Value(), nil
 }
diff --git a/modules/git/repo_language_stats_gogit.go b/modules/git/languagestats/language_stats_gogit.go
index a34c03c781..418c05b157 100644
--- a/modules/git/repo_language_stats_gogit.go
+++ b/modules/git/languagestats/language_stats_gogit.go
@@ -3,13 +3,15 @@
 
 //go:build gogit
 
-package git
+package languagestats
 
 import (
 	"bytes"
 	"io"
 
 	"code.gitea.io/gitea/modules/analyze"
+	git_module "code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/optional"
 
 	"github.com/go-enry/go-enry/v2"
@@ -19,7 +21,7 @@ import (
 )
 
 // GetLanguageStats calculates language stats for git repository at specified commit
-func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, error) {
+func GetLanguageStats(repo *git_module.Repository, commitID string) (map[string]int64, error) {
 	r, err := git.PlainOpen(repo.Path)
 	if err != nil {
 		return nil, err
@@ -40,8 +42,11 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 		return nil, err
 	}
 
-	checker, deferable := repo.CheckAttributeReader(commitID)
-	defer deferable()
+	checker, err := attribute.NewBatchChecker(repo, commitID, attribute.LinguistAttributes)
+	if err != nil {
+		return nil, err
+	}
+	defer checker.Close()
 
 	// sizes contains the current calculated size of all files by language
 	sizes := make(map[string]int64)
@@ -62,43 +67,41 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 		isDocumentation := optional.None[bool]()
 		isDetectable := optional.None[bool]()
 
-		if checker != nil {
-			attrs, err := checker.CheckPath(f.Name)
-			if err == nil {
-				isVendored = AttributeToBool(attrs, AttributeLinguistVendored)
-				if isVendored.ValueOrDefault(false) {
-					return nil
-				}
-
-				isGenerated = AttributeToBool(attrs, AttributeLinguistGenerated)
-				if isGenerated.ValueOrDefault(false) {
-					return nil
-				}
+		attrs, err := checker.CheckPath(f.Name)
+		if err == nil {
+			isVendored = attrs.GetVendored()
+			if isVendored.ValueOrDefault(false) {
+				return nil
+			}
 
-				isDocumentation = AttributeToBool(attrs, AttributeLinguistDocumentation)
-				if isDocumentation.ValueOrDefault(false) {
-					return nil
-				}
+			isGenerated = attrs.GetGenerated()
+			if isGenerated.ValueOrDefault(false) {
+				return nil
+			}
 
-				isDetectable = AttributeToBool(attrs, AttributeLinguistDetectable)
-				if !isDetectable.ValueOrDefault(true) {
-					return nil
-				}
+			isDocumentation = attrs.GetDocumentation()
+			if isDocumentation.ValueOrDefault(false) {
+				return nil
+			}
 
-				hasLanguage := TryReadLanguageAttribute(attrs)
-				if hasLanguage.Value() != "" {
-					language := hasLanguage.Value()
+			isDetectable = attrs.GetDetectable()
+			if !isDetectable.ValueOrDefault(true) {
+				return nil
+			}
 
-					// group languages, such as Pug -> HTML; SCSS -> CSS
-					group := enry.GetLanguageGroup(language)
-					if len(group) != 0 {
-						language = group
-					}
+			hasLanguage := attrs.GetLanguage()
+			if hasLanguage.Value() != "" {
+				language := hasLanguage.Value()
 
-					// this language will always be added to the size
-					sizes[language] += f.Size
-					return nil
+				// group languages, such as Pug -> HTML; SCSS -> CSS
+				group := enry.GetLanguageGroup(language)
+				if len(group) != 0 {
+					language = group
 				}
+
+				// this language will always be added to the size
+				sizes[language] += f.Size
+				return nil
 			}
 		}
 
diff --git a/modules/git/repo_language_stats_nogogit.go b/modules/git/languagestats/language_stats_nogogit.go
index de7707bd6c..94cf9fff8c 100644
--- a/modules/git/repo_language_stats_nogogit.go
+++ b/modules/git/languagestats/language_stats_nogogit.go
@@ -3,13 +3,15 @@
 
 //go:build !gogit
 
-package git
+package languagestats
 
 import (
 	"bytes"
 	"io"
 
 	"code.gitea.io/gitea/modules/analyze"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 
@@ -17,7 +19,7 @@ import (
 )
 
 // GetLanguageStats calculates language stats for git repository at specified commit
-func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, error) {
+func GetLanguageStats(repo *git.Repository, commitID string) (map[string]int64, error) {
 	// We will feed the commit IDs in order into cat-file --batch, followed by blobs as necessary.
 	// so let's create a batch stdin and stdout
 	batchStdinWriter, batchReader, cancel, err := repo.CatFileBatch(repo.Ctx)
@@ -34,19 +36,19 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 	if err := writeID(commitID); err != nil {
 		return nil, err
 	}
-	shaBytes, typ, size, err := ReadBatchLine(batchReader)
+	shaBytes, typ, size, err := git.ReadBatchLine(batchReader)
 	if typ != "commit" {
 		log.Debug("Unable to get commit for: %s. Err: %v", commitID, err)
-		return nil, ErrNotExist{commitID, ""}
+		return nil, git.ErrNotExist{ID: commitID}
 	}
 
-	sha, err := NewIDFromString(string(shaBytes))
+	sha, err := git.NewIDFromString(string(shaBytes))
 	if err != nil {
 		log.Debug("Unable to get commit for: %s. Err: %v", commitID, err)
-		return nil, ErrNotExist{commitID, ""}
+		return nil, git.ErrNotExist{ID: commitID}
 	}
 
-	commit, err := CommitFromReader(repo, sha, io.LimitReader(batchReader, size))
+	commit, err := git.CommitFromReader(repo, sha, io.LimitReader(batchReader, size))
 	if err != nil {
 		log.Debug("Unable to get commit for: %s. Err: %v", commitID, err)
 		return nil, err
@@ -62,8 +64,11 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 		return nil, err
 	}
 
-	checker, deferable := repo.CheckAttributeReader(commitID)
-	defer deferable()
+	checker, err := attribute.NewBatchChecker(repo, commitID, attribute.LinguistAttributes)
+	if err != nil {
+		return nil, err
+	}
+	defer checker.Close()
 
 	contentBuf := bytes.Buffer{}
 	var content []byte
@@ -92,47 +97,40 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 		}
 
 		isVendored := optional.None[bool]()
-		isGenerated := optional.None[bool]()
 		isDocumentation := optional.None[bool]()
 		isDetectable := optional.None[bool]()
 
-		if checker != nil {
-			attrs, err := checker.CheckPath(f.Name())
-			if err == nil {
-				isVendored = AttributeToBool(attrs, AttributeLinguistVendored)
-				if isVendored.ValueOrDefault(false) {
-					continue
-				}
-
-				isGenerated = AttributeToBool(attrs, AttributeLinguistGenerated)
-				if isGenerated.ValueOrDefault(false) {
-					continue
-				}
+		attrs, err := checker.CheckPath(f.Name())
+		attrLinguistGenerated := optional.None[bool]()
+		if err == nil {
+			if isVendored = attrs.GetVendored(); isVendored.ValueOrDefault(false) {
+				continue
+			}
 
-				isDocumentation = AttributeToBool(attrs, AttributeLinguistDocumentation)
-				if isDocumentation.ValueOrDefault(false) {
-					continue
-				}
+			if attrLinguistGenerated = attrs.GetGenerated(); attrLinguistGenerated.ValueOrDefault(false) {
+				continue
+			}
 
-				isDetectable = AttributeToBool(attrs, AttributeLinguistDetectable)
-				if !isDetectable.ValueOrDefault(true) {
-					continue
-				}
+			if isDocumentation = attrs.GetDocumentation(); isDocumentation.ValueOrDefault(false) {
+				continue
+			}
 
-				hasLanguage := TryReadLanguageAttribute(attrs)
-				if hasLanguage.Value() != "" {
-					language := hasLanguage.Value()
+			if isDetectable = attrs.GetDetectable(); !isDetectable.ValueOrDefault(true) {
+				continue
+			}
 
-					// group languages, such as Pug -> HTML; SCSS -> CSS
-					group := enry.GetLanguageGroup(language)
-					if len(group) != 0 {
-						language = group
-					}
+			if hasLanguage := attrs.GetLanguage(); hasLanguage.Value() != "" {
+				language := hasLanguage.Value()
 
-					// this language will always be added to the size
-					sizes[language] += f.Size()
-					continue
+				// group languages, such as Pug -> HTML; SCSS -> CSS
+				group := enry.GetLanguageGroup(language)
+				if len(group) != 0 {
+					language = group
 				}
+
+				// this language will always be added to the size
+				sizes[language] += f.Size()
+				continue
 			}
 		}
 
@@ -149,7 +147,7 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 			if err := writeID(f.ID.String()); err != nil {
 				return nil, err
 			}
-			_, _, size, err := ReadBatchLine(batchReader)
+			_, _, size, err := git.ReadBatchLine(batchReader)
 			if err != nil {
 				log.Debug("Error reading blob: %s Err: %v", f.ID.String(), err)
 				return nil, err
@@ -167,11 +165,19 @@ func (repo *Repository) GetLanguageStats(commitID string) (map[string]int64, err
 				return nil, err
 			}
 			content = contentBuf.Bytes()
-			if err := DiscardFull(batchReader, discard); err != nil {
+			if err := git.DiscardFull(batchReader, discard); err != nil {
 				return nil, err
 			}
 		}
-		if !isGenerated.Has() && enry.IsGenerated(f.Name(), content) {
+
+		// if "generated" attribute is set, use it, otherwise use enry.IsGenerated to guess
+		var isGenerated bool
+		if attrLinguistGenerated.Has() {
+			isGenerated = attrLinguistGenerated.Value()
+		} else {
+			isGenerated = enry.IsGenerated(f.Name(), content)
+		}
+		if isGenerated {
 			continue
 		}
 
diff --git a/modules/git/repo_language_stats_test.go b/modules/git/languagestats/language_stats_test.go
index 1ee5f4c3af..b908ae6413 100644
--- a/modules/git/repo_language_stats_test.go
+++ b/modules/git/languagestats/language_stats_test.go
@@ -3,34 +3,36 @@
 
 //go:build !gogit
 
-package git
+package languagestats
 
 import (
-	"path/filepath"
 	"testing"
 
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
 func TestRepository_GetLanguageStats(t *testing.T) {
-	repoPath := filepath.Join(testReposDir, "language_stats_repo")
-	gitRepo, err := openRepositoryWithDefaultContext(repoPath)
+	setting.AppDataPath = t.TempDir()
+	repoPath := "../tests/repos/language_stats_repo"
+	gitRepo, err := git.OpenRepository(t.Context(), repoPath)
 	require.NoError(t, err)
-
 	defer gitRepo.Close()
 
-	stats, err := gitRepo.GetLanguageStats("8fee858da5796dfb37704761701bb8e800ad9ef3")
+	stats, err := GetLanguageStats(gitRepo, "8fee858da5796dfb37704761701bb8e800ad9ef3")
 	require.NoError(t, err)
 
-	assert.EqualValues(t, map[string]int64{
+	assert.Equal(t, map[string]int64{
 		"Python": 134,
 		"Java":   112,
 	}, stats)
 }
 
 func TestMergeLanguageStats(t *testing.T) {
-	assert.EqualValues(t, map[string]int64{
+	assert.Equal(t, map[string]int64{
 		"PHP":    1,
 		"python": 10,
 		"JAVA":   700,
diff --git a/modules/git/languagestats/main_test.go b/modules/git/languagestats/main_test.go
new file mode 100644
index 0000000000..707d268c81
--- /dev/null
+++ b/modules/git/languagestats/main_test.go
@@ -0,0 +1,41 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package languagestats
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"testing"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+)
+
+func testRun(m *testing.M) error {
+	gitHomePath, err := os.MkdirTemp(os.TempDir(), "git-home")
+	if err != nil {
+		return fmt.Errorf("unable to create temp dir: %w", err)
+	}
+	defer util.RemoveAll(gitHomePath)
+	setting.Git.HomePath = gitHomePath
+
+	if err = git.InitFull(context.Background()); err != nil {
+		return fmt.Errorf("failed to call Init: %w", err)
+	}
+
+	exitCode := m.Run()
+	if exitCode != 0 {
+		return fmt.Errorf("run test failed, ExitCode=%d", exitCode)
+	}
+	return nil
+}
+
+func TestMain(m *testing.M) {
+	if err := testRun(m); err != nil {
+		_, _ = fmt.Fprintf(os.Stderr, "Test failed: %v", err)
+		os.Exit(1)
+	}
+}
diff --git a/modules/git/last_commit_cache.go b/modules/git/last_commit_cache.go
index cf9c10d7b4..cff2556083 100644
--- a/modules/git/last_commit_cache.go
+++ b/modules/git/last_commit_cache.go
@@ -13,7 +13,7 @@ import (
 )
 
 func getCacheKey(repoPath, commitID, entryPath string) string {
-	hashBytes := sha256.Sum256([]byte(fmt.Sprintf("%s:%s:%s", repoPath, commitID, entryPath)))
+	hashBytes := sha256.Sum256(fmt.Appendf(nil, "%s:%s:%s", repoPath, commitID, entryPath))
 	return fmt.Sprintf("last_commit:%x", hashBytes)
 }
 
diff --git a/modules/git/log_name_status.go b/modules/git/log_name_status.go
index 0e9e22f1dc..dfdef38ef9 100644
--- a/modules/git/log_name_status.go
+++ b/modules/git/log_name_status.go
@@ -118,11 +118,12 @@ func (g *LogNameStatusRepoParser) Next(treepath string, paths2ids map[string]int
 		g.buffull = false
 		g.next, err = g.rd.ReadSlice('\x00')
 		if err != nil {
-			if err == bufio.ErrBufferFull {
+			switch err {
+			case bufio.ErrBufferFull:
 				g.buffull = true
-			} else if err == io.EOF {
+			case io.EOF:
 				return nil, nil
-			} else {
+			default:
 				return nil, err
 			}
 		}
@@ -132,11 +133,12 @@ func (g *LogNameStatusRepoParser) Next(treepath string, paths2ids map[string]int
 	if bytes.Equal(g.next, []byte("commit\000")) {
 		g.next, err = g.rd.ReadSlice('\x00')
 		if err != nil {
-			if err == bufio.ErrBufferFull {
+			switch err {
+			case bufio.ErrBufferFull:
 				g.buffull = true
-			} else if err == io.EOF {
+			case io.EOF:
 				return nil, nil
-			} else {
+			default:
 				return nil, err
 			}
 		}
@@ -214,11 +216,12 @@ diffloop:
 		}
 		g.next, err = g.rd.ReadSlice('\x00')
 		if err != nil {
-			if err == bufio.ErrBufferFull {
+			switch err {
+			case bufio.ErrBufferFull:
 				g.buffull = true
-			} else if err == io.EOF {
+			case io.EOF:
 				return &ret, nil
-			} else {
+			default:
 				return nil, err
 			}
 		}
@@ -343,10 +346,7 @@ func WalkGitLog(ctx context.Context, repo *Repository, head *Commit, treepath st
 
 	results := make([]string, len(paths))
 	remaining := len(paths)
-	nextRestart := (len(paths) * 3) / 4
-	if nextRestart > 70 {
-		nextRestart = 70
-	}
+	nextRestart := min((len(paths)*3)/4, 70)
 	lastEmptyParent := head.ID.String()
 	commitSinceLastEmptyParent := uint64(0)
 	commitSinceNextRestart := uint64(0)
diff --git a/modules/git/object_id.go b/modules/git/object_id.go
index 82d30184df..25dfef3ec5 100644
--- a/modules/git/object_id.go
+++ b/modules/git/object_id.go
@@ -99,5 +99,5 @@ type ErrInvalidSHA struct {
 }
 
 func (err ErrInvalidSHA) Error() string {
-	return fmt.Sprintf("invalid sha: %s", err.SHA)
+	return "invalid sha: " + err.SHA
 }
diff --git a/modules/git/parse_nogogit_test.go b/modules/git/parse_nogogit_test.go
index a4436ce499..6594c84269 100644
--- a/modules/git/parse_nogogit_test.go
+++ b/modules/git/parse_nogogit_test.go
@@ -58,7 +58,7 @@ func TestParseTreeEntriesLong(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, entries, len(testCase.Expected))
 		for i, entry := range entries {
-			assert.EqualValues(t, testCase.Expected[i], entry)
+			assert.Equal(t, testCase.Expected[i], entry)
 		}
 	}
 }
@@ -91,7 +91,7 @@ func TestParseTreeEntriesShort(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Len(t, entries, len(testCase.Expected))
 		for i, entry := range entries {
-			assert.EqualValues(t, testCase.Expected[i], entry)
+			assert.Equal(t, testCase.Expected[i], entry)
 		}
 	}
 }
diff --git a/modules/git/ref.go b/modules/git/ref.go
index f20a175e42..56b2db858a 100644
--- a/modules/git/ref.go
+++ b/modules/git/ref.go
@@ -109,8 +109,8 @@ func (ref RefName) IsFor() bool {
 }
 
 func (ref RefName) nameWithoutPrefix(prefix string) string {
-	if strings.HasPrefix(string(ref), prefix) {
-		return strings.TrimPrefix(string(ref), prefix)
+	if after, ok := strings.CutPrefix(string(ref), prefix); ok {
+		return after
 	}
 	return ""
 }
diff --git a/modules/git/repo.go b/modules/git/repo.go
index 6459adf851..f1f6902773 100644
--- a/modules/git/repo.go
+++ b/modules/git/repo.go
@@ -18,6 +18,7 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/modules/proxy"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 // GPGSettings represents the default GPG settings for this repository
@@ -27,6 +28,7 @@ type GPGSettings struct {
 	Email            string
 	Name             string
 	PublicKeyContent string
+	Format           string
 }
 
 const prettyLogFormat = `--pretty=format:%H`
@@ -42,9 +44,9 @@ func (repo *Repository) parsePrettyFormatLogToList(logs []byte) ([]*Commit, erro
 		return commits, nil
 	}
 
-	parts := bytes.Split(logs, []byte{'\n'})
+	parts := bytes.SplitSeq(logs, []byte{'\n'})
 
-	for _, commitID := range parts {
+	for commitID := range parts {
 		commit, err := repo.GetCommit(string(commitID))
 		if err != nil {
 			return nil, err
@@ -266,11 +268,11 @@ func GetDivergingCommits(ctx context.Context, repoPath, baseBranch, targetBranch
 
 // CreateBundle create bundle content to the target path
 func (repo *Repository) CreateBundle(ctx context.Context, commit string, out io.Writer) error {
-	tmp, err := os.MkdirTemp(os.TempDir(), "gitea-bundle")
+	tmp, cleanup, err := setting.AppDataTempDir("git-repo-content").MkdirTempRandom("gitea-bundle")
 	if err != nil {
 		return err
 	}
-	defer os.RemoveAll(tmp)
+	defer cleanup()
 
 	env := append(os.Environ(), "GIT_OBJECT_DIRECTORY="+filepath.Join(repo.Path, "objects"))
 	_, _, err = NewCommand("init", "--bare").RunStdString(ctx, &RunOpts{Dir: tmp, Env: env})
diff --git a/modules/git/repo_attribute.go b/modules/git/repo_attribute.go
deleted file mode 100644
index 89101e5af3..0000000000
--- a/modules/git/repo_attribute.go
+++ /dev/null
@@ -1,340 +0,0 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package git
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"os"
-	"path/filepath"
-	"time"
-
-	"code.gitea.io/gitea/modules/log"
-)
-
-// CheckAttributeOpts represents the possible options to CheckAttribute
-type CheckAttributeOpts struct {
-	CachedOnly    bool
-	AllAttributes bool
-	Attributes    []string
-	Filenames     []string
-	IndexFile     string
-	WorkTree      string
-}
-
-// CheckAttribute return the Blame object of file
-func (repo *Repository) CheckAttribute(opts CheckAttributeOpts) (map[string]map[string]string, error) {
-	env := []string{}
-
-	if len(opts.IndexFile) > 0 {
-		env = append(env, "GIT_INDEX_FILE="+opts.IndexFile)
-	}
-	if len(opts.WorkTree) > 0 {
-		env = append(env, "GIT_WORK_TREE="+opts.WorkTree)
-	}
-
-	if len(env) > 0 {
-		env = append(os.Environ(), env...)
-	}
-
-	stdOut := new(bytes.Buffer)
-	stdErr := new(bytes.Buffer)
-
-	cmd := NewCommand("check-attr", "-z")
-
-	if opts.AllAttributes {
-		cmd.AddArguments("-a")
-	} else {
-		for _, attribute := range opts.Attributes {
-			if attribute != "" {
-				cmd.AddDynamicArguments(attribute)
-			}
-		}
-	}
-
-	if opts.CachedOnly {
-		cmd.AddArguments("--cached")
-	}
-
-	cmd.AddDashesAndList(opts.Filenames...)
-
-	if err := cmd.Run(repo.Ctx, &RunOpts{
-		Env:    env,
-		Dir:    repo.Path,
-		Stdout: stdOut,
-		Stderr: stdErr,
-	}); err != nil {
-		return nil, fmt.Errorf("failed to run check-attr: %w\n%s\n%s", err, stdOut.String(), stdErr.String())
-	}
-
-	// FIXME: This is incorrect on versions < 1.8.5
-	fields := bytes.Split(stdOut.Bytes(), []byte{'\000'})
-
-	if len(fields)%3 != 1 {
-		return nil, fmt.Errorf("wrong number of fields in return from check-attr")
-	}
-
-	name2attribute2info := make(map[string]map[string]string)
-
-	for i := 0; i < (len(fields) / 3); i++ {
-		filename := string(fields[3*i])
-		attribute := string(fields[3*i+1])
-		info := string(fields[3*i+2])
-		attribute2info := name2attribute2info[filename]
-		if attribute2info == nil {
-			attribute2info = make(map[string]string)
-		}
-		attribute2info[attribute] = info
-		name2attribute2info[filename] = attribute2info
-	}
-
-	return name2attribute2info, nil
-}
-
-// CheckAttributeReader provides a reader for check-attribute content that can be long running
-type CheckAttributeReader struct {
-	// params
-	Attributes []string
-	Repo       *Repository
-	IndexFile  string
-	WorkTree   string
-
-	stdinReader io.ReadCloser
-	stdinWriter *os.File
-	stdOut      *nulSeparatedAttributeWriter
-	cmd         *Command
-	env         []string
-	ctx         context.Context
-	cancel      context.CancelFunc
-}
-
-// Init initializes the CheckAttributeReader
-func (c *CheckAttributeReader) Init(ctx context.Context) error {
-	if len(c.Attributes) == 0 {
-		lw := new(nulSeparatedAttributeWriter)
-		lw.attributes = make(chan attributeTriple)
-		lw.closed = make(chan struct{})
-
-		c.stdOut = lw
-		c.stdOut.Close()
-		return fmt.Errorf("no provided Attributes to check")
-	}
-
-	c.ctx, c.cancel = context.WithCancel(ctx)
-	c.cmd = NewCommand("check-attr", "--stdin", "-z")
-
-	if len(c.IndexFile) > 0 {
-		c.cmd.AddArguments("--cached")
-		c.env = append(c.env, "GIT_INDEX_FILE="+c.IndexFile)
-	}
-
-	if len(c.WorkTree) > 0 {
-		c.env = append(c.env, "GIT_WORK_TREE="+c.WorkTree)
-	}
-
-	c.env = append(c.env, "GIT_FLUSH=1")
-
-	c.cmd.AddDynamicArguments(c.Attributes...)
-
-	var err error
-
-	c.stdinReader, c.stdinWriter, err = os.Pipe()
-	if err != nil {
-		c.cancel()
-		return err
-	}
-
-	lw := new(nulSeparatedAttributeWriter)
-	lw.attributes = make(chan attributeTriple, 5)
-	lw.closed = make(chan struct{})
-	c.stdOut = lw
-	return nil
-}
-
-func (c *CheckAttributeReader) Run() error {
-	defer func() {
-		_ = c.stdinReader.Close()
-		_ = c.stdOut.Close()
-	}()
-	stdErr := new(bytes.Buffer)
-	err := c.cmd.Run(c.ctx, &RunOpts{
-		Env:    c.env,
-		Dir:    c.Repo.Path,
-		Stdin:  c.stdinReader,
-		Stdout: c.stdOut,
-		Stderr: stdErr,
-	})
-	if err != nil && !IsErrCanceledOrKilled(err) {
-		return fmt.Errorf("failed to run attr-check. Error: %w\nStderr: %s", err, stdErr.String())
-	}
-	return nil
-}
-
-// CheckPath check attr for given path
-func (c *CheckAttributeReader) CheckPath(path string) (rs map[string]string, err error) {
-	defer func() {
-		if err != nil && err != c.ctx.Err() {
-			log.Error("Unexpected error when checking path %s in %s, error: %v", path, filepath.Base(c.Repo.Path), err)
-		}
-	}()
-
-	select {
-	case <-c.ctx.Done():
-		return nil, c.ctx.Err()
-	default:
-	}
-
-	if _, err = c.stdinWriter.Write([]byte(path + "\x00")); err != nil {
-		defer c.Close()
-		return nil, err
-	}
-
-	reportTimeout := func() error {
-		stdOutClosed := false
-		select {
-		case <-c.stdOut.closed:
-			stdOutClosed = true
-		default:
-		}
-		debugMsg := fmt.Sprintf("check path %q in repo %q", path, filepath.Base(c.Repo.Path))
-		debugMsg += fmt.Sprintf(", stdOut: tmp=%q, pos=%d, closed=%v", string(c.stdOut.tmp), c.stdOut.pos, stdOutClosed)
-		if c.cmd.cmd != nil {
-			debugMsg += fmt.Sprintf(", process state: %q", c.cmd.cmd.ProcessState.String())
-		}
-		_ = c.Close()
-		return fmt.Errorf("CheckPath timeout: %s", debugMsg)
-	}
-
-	rs = make(map[string]string)
-	for range c.Attributes {
-		select {
-		case <-time.After(5 * time.Second):
-			// There is a strange "hang" problem in gitdiff.GetDiff -> CheckPath
-			// So add a timeout here to mitigate the problem, and output more logs for debug purpose
-			// In real world, if CheckPath runs long than seconds, it blocks the end user's operation,
-			// and at the moment the CheckPath result is not so important, so we can just ignore it.
-			return nil, reportTimeout()
-		case attr, ok := <-c.stdOut.ReadAttribute():
-			if !ok {
-				return nil, c.ctx.Err()
-			}
-			rs[attr.Attribute] = attr.Value
-		case <-c.ctx.Done():
-			return nil, c.ctx.Err()
-		}
-	}
-	return rs, nil
-}
-
-func (c *CheckAttributeReader) Close() error {
-	c.cancel()
-	err := c.stdinWriter.Close()
-	return err
-}
-
-type attributeTriple struct {
-	Filename  string
-	Attribute string
-	Value     string
-}
-
-type nulSeparatedAttributeWriter struct {
-	tmp        []byte
-	attributes chan attributeTriple
-	closed     chan struct{}
-	working    attributeTriple
-	pos        int
-}
-
-func (wr *nulSeparatedAttributeWriter) Write(p []byte) (n int, err error) {
-	l, read := len(p), 0
-
-	nulIdx := bytes.IndexByte(p, '\x00')
-	for nulIdx >= 0 {
-		wr.tmp = append(wr.tmp, p[:nulIdx]...)
-		switch wr.pos {
-		case 0:
-			wr.working = attributeTriple{
-				Filename: string(wr.tmp),
-			}
-		case 1:
-			wr.working.Attribute = string(wr.tmp)
-		case 2:
-			wr.working.Value = string(wr.tmp)
-		}
-		wr.tmp = wr.tmp[:0]
-		wr.pos++
-		if wr.pos > 2 {
-			wr.attributes <- wr.working
-			wr.pos = 0
-		}
-		read += nulIdx + 1
-		if l > read {
-			p = p[nulIdx+1:]
-			nulIdx = bytes.IndexByte(p, '\x00')
-		} else {
-			return l, nil
-		}
-	}
-	wr.tmp = append(wr.tmp, p...)
-	return len(p), nil
-}
-
-func (wr *nulSeparatedAttributeWriter) ReadAttribute() <-chan attributeTriple {
-	return wr.attributes
-}
-
-func (wr *nulSeparatedAttributeWriter) Close() error {
-	select {
-	case <-wr.closed:
-		return nil
-	default:
-	}
-	close(wr.attributes)
-	close(wr.closed)
-	return nil
-}
-
-// CheckAttributeReader creates a check attribute reader for the current repository and provided commit ID
-func (repo *Repository) CheckAttributeReader(commitID string) (*CheckAttributeReader, context.CancelFunc) {
-	indexFilename, worktree, deleteTemporaryFile, err := repo.ReadTreeToTemporaryIndex(commitID)
-	if err != nil {
-		return nil, func() {}
-	}
-
-	checker := &CheckAttributeReader{
-		Attributes: []string{
-			AttributeLinguistVendored,
-			AttributeLinguistGenerated,
-			AttributeLinguistDocumentation,
-			AttributeLinguistDetectable,
-			AttributeLinguistLanguage,
-			AttributeGitlabLanguage,
-		},
-		Repo:      repo,
-		IndexFile: indexFilename,
-		WorkTree:  worktree,
-	}
-	ctx, cancel := context.WithCancel(repo.Ctx)
-	if err := checker.Init(ctx); err != nil {
-		log.Error("Unable to open attribute checker for commit %s, error: %v", commitID, err)
-	} else {
-		go func() {
-			err := checker.Run()
-			if err != nil && !IsErrCanceledOrKilled(err) {
-				log.Error("Attribute checker for commit %s exits with error: %v", commitID, err)
-			}
-			cancel()
-		}()
-	}
-	deferrable := func() {
-		_ = checker.Close()
-		cancel()
-		deleteTemporaryFile()
-	}
-
-	return checker, deferrable
-}
diff --git a/modules/git/repo_attribute_test.go b/modules/git/repo_attribute_test.go
deleted file mode 100644
index e0bde146f6..0000000000
--- a/modules/git/repo_attribute_test.go
+++ /dev/null
@@ -1,157 +0,0 @@
-// Copyright 2021 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package git
-
-import (
-	"context"
-	mathRand "math/rand/v2"
-	"path/filepath"
-	"slices"
-	"sync"
-	"testing"
-	"time"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func Test_nulSeparatedAttributeWriter_ReadAttribute(t *testing.T) {
-	wr := &nulSeparatedAttributeWriter{
-		attributes: make(chan attributeTriple, 5),
-	}
-
-	testStr := ".gitignore\"\n\x00linguist-vendored\x00unspecified\x00"
-
-	n, err := wr.Write([]byte(testStr))
-
-	assert.Len(t, testStr, n)
-	assert.NoError(t, err)
-	select {
-	case attr := <-wr.ReadAttribute():
-		assert.Equal(t, ".gitignore\"\n", attr.Filename)
-		assert.Equal(t, AttributeLinguistVendored, attr.Attribute)
-		assert.Equal(t, "unspecified", attr.Value)
-	case <-time.After(100 * time.Millisecond):
-		assert.FailNow(t, "took too long to read an attribute from the list")
-	}
-	// Write a second attribute again
-	n, err = wr.Write([]byte(testStr))
-
-	assert.Len(t, testStr, n)
-	assert.NoError(t, err)
-
-	select {
-	case attr := <-wr.ReadAttribute():
-		assert.Equal(t, ".gitignore\"\n", attr.Filename)
-		assert.Equal(t, AttributeLinguistVendored, attr.Attribute)
-		assert.Equal(t, "unspecified", attr.Value)
-	case <-time.After(100 * time.Millisecond):
-		assert.FailNow(t, "took too long to read an attribute from the list")
-	}
-
-	// Write a partial attribute
-	_, err = wr.Write([]byte("incomplete-file"))
-	assert.NoError(t, err)
-	_, err = wr.Write([]byte("name\x00"))
-	assert.NoError(t, err)
-
-	select {
-	case <-wr.ReadAttribute():
-		assert.FailNow(t, "There should not be an attribute ready to read")
-	case <-time.After(100 * time.Millisecond):
-	}
-	_, err = wr.Write([]byte("attribute\x00"))
-	assert.NoError(t, err)
-	select {
-	case <-wr.ReadAttribute():
-		assert.FailNow(t, "There should not be an attribute ready to read")
-	case <-time.After(100 * time.Millisecond):
-	}
-
-	_, err = wr.Write([]byte("value\x00"))
-	assert.NoError(t, err)
-
-	attr := <-wr.ReadAttribute()
-	assert.Equal(t, "incomplete-filename", attr.Filename)
-	assert.Equal(t, "attribute", attr.Attribute)
-	assert.Equal(t, "value", attr.Value)
-
-	_, err = wr.Write([]byte("shouldbe.vendor\x00linguist-vendored\x00set\x00shouldbe.vendor\x00linguist-generated\x00unspecified\x00shouldbe.vendor\x00linguist-language\x00unspecified\x00"))
-	assert.NoError(t, err)
-	attr = <-wr.ReadAttribute()
-	assert.NoError(t, err)
-	assert.EqualValues(t, attributeTriple{
-		Filename:  "shouldbe.vendor",
-		Attribute: AttributeLinguistVendored,
-		Value:     "set",
-	}, attr)
-	attr = <-wr.ReadAttribute()
-	assert.NoError(t, err)
-	assert.EqualValues(t, attributeTriple{
-		Filename:  "shouldbe.vendor",
-		Attribute: AttributeLinguistGenerated,
-		Value:     "unspecified",
-	}, attr)
-	attr = <-wr.ReadAttribute()
-	assert.NoError(t, err)
-	assert.EqualValues(t, attributeTriple{
-		Filename:  "shouldbe.vendor",
-		Attribute: AttributeLinguistLanguage,
-		Value:     "unspecified",
-	}, attr)
-}
-
-func TestAttributeReader(t *testing.T) {
-	t.Skip() // for debug purpose only, do not run in CI
-
-	ctx := t.Context()
-
-	timeout := 1 * time.Second
-	repoPath := filepath.Join(testReposDir, "language_stats_repo")
-	commitRef := "HEAD"
-
-	oneRound := func(t *testing.T, roundIdx int) {
-		ctx, cancel := context.WithTimeout(ctx, timeout)
-		_ = cancel
-		gitRepo, err := OpenRepository(ctx, repoPath)
-		require.NoError(t, err)
-		defer gitRepo.Close()
-
-		commit, err := gitRepo.GetCommit(commitRef)
-		require.NoError(t, err)
-
-		files, err := gitRepo.LsFiles()
-		require.NoError(t, err)
-
-		randomFiles := slices.Clone(files)
-		randomFiles = append(randomFiles, "any-file-1", "any-file-2")
-
-		t.Logf("Round %v with %d files", roundIdx, len(randomFiles))
-
-		attrReader, deferrable := gitRepo.CheckAttributeReader(commit.ID.String())
-		defer deferrable()
-
-		wg := sync.WaitGroup{}
-		wg.Add(1)
-
-		go func() {
-			for {
-				file := randomFiles[mathRand.IntN(len(randomFiles))]
-				_, err := attrReader.CheckPath(file)
-				if err != nil {
-					for i := 0; i < 10; i++ {
-						_, _ = attrReader.CheckPath(file)
-					}
-					break
-				}
-			}
-			wg.Done()
-		}()
-		wg.Wait()
-	}
-
-	for i := 0; i < 100; i++ {
-		oneRound(t, i)
-	}
-}
diff --git a/modules/git/repo_base_gogit.go b/modules/git/repo_base_gogit.go
index 0ca1ea79c2..293aca159c 100644
--- a/modules/git/repo_base_gogit.go
+++ b/modules/git/repo_base_gogit.go
@@ -49,7 +49,12 @@ func OpenRepository(ctx context.Context, repoPath string) (*Repository, error) {
 	repoPath, err := filepath.Abs(repoPath)
 	if err != nil {
 		return nil, err
-	} else if !isDir(repoPath) {
+	}
+	exist, err := util.IsDir(repoPath)
+	if err != nil {
+		return nil, err
+	}
+	if !exist {
 		return nil, util.NewNotExistErrorf("no such file or directory")
 	}
 
diff --git a/modules/git/repo_base_nogogit.go b/modules/git/repo_base_nogogit.go
index 477e3b8742..6f9bfd4b43 100644
--- a/modules/git/repo_base_nogogit.go
+++ b/modules/git/repo_base_nogogit.go
@@ -47,7 +47,12 @@ func OpenRepository(ctx context.Context, repoPath string) (*Repository, error) {
 	repoPath, err := filepath.Abs(repoPath)
 	if err != nil {
 		return nil, err
-	} else if !isDir(repoPath) {
+	}
+	exist, err := util.IsDir(repoPath)
+	if err != nil {
+		return nil, err
+	}
+	if !exist {
 		return nil, util.NewNotExistErrorf("no such file or directory")
 	}
 
@@ -62,7 +67,7 @@ func OpenRepository(ctx context.Context, repoPath string) (*Repository, error) {
 func (repo *Repository) CatFileBatch(ctx context.Context) (WriteCloserError, *bufio.Reader, func(), error) {
 	if repo.batch == nil {
 		var err error
-		repo.batch, err = repo.NewBatch(ctx)
+		repo.batch, err = NewBatch(ctx, repo.Path)
 		if err != nil {
 			return nil, nil, nil, err
 		}
@@ -76,7 +81,7 @@ func (repo *Repository) CatFileBatch(ctx context.Context) (WriteCloserError, *bu
 	}
 
 	log.Debug("Opening temporary cat file batch for: %s", repo.Path)
-	tempBatch, err := repo.NewBatch(ctx)
+	tempBatch, err := NewBatch(ctx, repo.Path)
 	if err != nil {
 		return nil, nil, nil, err
 	}
@@ -87,7 +92,7 @@ func (repo *Repository) CatFileBatch(ctx context.Context) (WriteCloserError, *bu
 func (repo *Repository) CatFileBatchCheck(ctx context.Context) (WriteCloserError, *bufio.Reader, func(), error) {
 	if repo.check == nil {
 		var err error
-		repo.check, err = repo.NewBatchCheck(ctx)
+		repo.check, err = NewBatchCheck(ctx, repo.Path)
 		if err != nil {
 			return nil, nil, nil, err
 		}
@@ -101,7 +106,7 @@ func (repo *Repository) CatFileBatchCheck(ctx context.Context) (WriteCloserError
 	}
 
 	log.Debug("Opening temporary cat file batch-check for: %s", repo.Path)
-	tempBatchCheck, err := repo.NewBatchCheck(ctx)
+	tempBatchCheck, err := NewBatchCheck(ctx, repo.Path)
 	if err != nil {
 		return nil, nil, nil, err
 	}
diff --git a/modules/git/repo_branch.go b/modules/git/repo_branch.go
index 916391f167..e7ecf53f51 100644
--- a/modules/git/repo_branch.go
+++ b/modules/git/repo_branch.go
@@ -7,7 +7,6 @@ package git
 import (
 	"context"
 	"errors"
-	"fmt"
 	"strings"
 )
 
@@ -25,36 +24,6 @@ func IsBranchExist(ctx context.Context, repoPath, name string) bool {
 	return IsReferenceExist(ctx, repoPath, BranchPrefix+name)
 }
 
-// Branch represents a Git branch.
-type Branch struct {
-	Name string
-	Path string
-
-	gitRepo *Repository
-}
-
-// GetHEADBranch returns corresponding branch of HEAD.
-func (repo *Repository) GetHEADBranch() (*Branch, error) {
-	if repo == nil {
-		return nil, fmt.Errorf("nil repo")
-	}
-	stdout, _, err := NewCommand("symbolic-ref", "HEAD").RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
-	if err != nil {
-		return nil, err
-	}
-	stdout = strings.TrimSpace(stdout)
-
-	if !strings.HasPrefix(stdout, BranchPrefix) {
-		return nil, fmt.Errorf("invalid HEAD branch: %v", stdout)
-	}
-
-	return &Branch{
-		Name:    stdout[len(BranchPrefix):],
-		Path:    stdout,
-		gitRepo: repo,
-	}, nil
-}
-
 func GetDefaultBranch(ctx context.Context, repoPath string) (string, error) {
 	stdout, _, err := NewCommand("symbolic-ref", "HEAD").RunStdString(ctx, &RunOpts{Dir: repoPath})
 	if err != nil {
@@ -67,37 +36,6 @@ func GetDefaultBranch(ctx context.Context, repoPath string) (string, error) {
 	return strings.TrimPrefix(stdout, BranchPrefix), nil
 }
 
-// GetBranch returns a branch by it's name
-func (repo *Repository) GetBranch(branch string) (*Branch, error) {
-	if !repo.IsBranchExist(branch) {
-		return nil, ErrBranchNotExist{branch}
-	}
-	return &Branch{
-		Path:    repo.Path,
-		Name:    branch,
-		gitRepo: repo,
-	}, nil
-}
-
-// GetBranches returns a slice of *git.Branch
-func (repo *Repository) GetBranches(skip, limit int) ([]*Branch, int, error) {
-	brs, countAll, err := repo.GetBranchNames(skip, limit)
-	if err != nil {
-		return nil, 0, err
-	}
-
-	branches := make([]*Branch, len(brs))
-	for i := range brs {
-		branches[i] = &Branch{
-			Path:    repo.Path,
-			Name:    brs[i],
-			gitRepo: repo,
-		}
-	}
-
-	return branches, countAll, nil
-}
-
 // DeleteBranchOptions Option(s) for delete branch
 type DeleteBranchOptions struct {
 	Force bool
@@ -147,11 +85,6 @@ func (repo *Repository) RemoveRemote(name string) error {
 	return err
 }
 
-// GetCommit returns the head commit of a branch
-func (branch *Branch) GetCommit() (*Commit, error) {
-	return branch.gitRepo.GetBranchCommit(branch.Name)
-}
-
 // RenameBranch rename a branch
 func (repo *Repository) RenameBranch(from, to string) error {
 	_, _, err := NewCommand("branch", "-m").AddDynamicArguments(from, to).RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
diff --git a/modules/git/repo_branch_test.go b/modules/git/repo_branch_test.go
index cda170d976..8e8ea16fcd 100644
--- a/modules/git/repo_branch_test.go
+++ b/modules/git/repo_branch_test.go
@@ -21,21 +21,21 @@ func TestRepository_GetBranches(t *testing.T) {
 
 	assert.NoError(t, err)
 	assert.Len(t, branches, 2)
-	assert.EqualValues(t, 3, countAll)
+	assert.Equal(t, 3, countAll)
 	assert.ElementsMatch(t, []string{"master", "branch2"}, branches)
 
 	branches, countAll, err = bareRepo1.GetBranchNames(0, 0)
 
 	assert.NoError(t, err)
 	assert.Len(t, branches, 3)
-	assert.EqualValues(t, 3, countAll)
+	assert.Equal(t, 3, countAll)
 	assert.ElementsMatch(t, []string{"master", "branch2", "branch1"}, branches)
 
 	branches, countAll, err = bareRepo1.GetBranchNames(5, 1)
 
 	assert.NoError(t, err)
 	assert.Empty(t, branches)
-	assert.EqualValues(t, 3, countAll)
+	assert.Equal(t, 3, countAll)
 	assert.ElementsMatch(t, []string{}, branches)
 }
 
@@ -71,15 +71,15 @@ func TestGetRefsBySha(t *testing.T) {
 	// refs/pull/1/head
 	branches, err = bareRepo5.GetRefsBySha("c83380d7056593c51a699d12b9c00627bd5743e9", PullPrefix)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"refs/pull/1/head"}, branches)
+	assert.Equal(t, []string{"refs/pull/1/head"}, branches)
 
 	branches, err = bareRepo5.GetRefsBySha("d8e0bbb45f200e67d9a784ce55bd90821af45ebd", BranchPrefix)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"refs/heads/master", "refs/heads/master-clone"}, branches)
+	assert.Equal(t, []string{"refs/heads/master", "refs/heads/master-clone"}, branches)
 
 	branches, err = bareRepo5.GetRefsBySha("58a4bcc53ac13e7ff76127e0fb518b5262bf09af", BranchPrefix)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []string{"refs/heads/test-patch-1"}, branches)
+	assert.Equal(t, []string{"refs/heads/test-patch-1"}, branches)
 }
 
 func BenchmarkGetRefsBySha(b *testing.B) {
diff --git a/modules/git/repo_commit.go b/modules/git/repo_commit.go
index 72f35711f0..4066a1ca7b 100644
--- a/modules/git/repo_commit.go
+++ b/modules/git/repo_commit.go
@@ -89,7 +89,8 @@ func (repo *Repository) GetCommitByPath(relpath string) (*Commit, error) {
 	return commits[0], nil
 }
 
-func (repo *Repository) commitsByRange(id ObjectID, page, pageSize int, not string) ([]*Commit, error) {
+// commitsByRangeWithTime returns the specific page commits before current revision, with not, since, until support
+func (repo *Repository) commitsByRangeWithTime(id ObjectID, page, pageSize int, not, since, until string) ([]*Commit, error) {
 	cmd := NewCommand("log").
 		AddOptionFormat("--skip=%d", (page-1)*pageSize).
 		AddOptionFormat("--max-count=%d", pageSize).
@@ -99,6 +100,12 @@ func (repo *Repository) commitsByRange(id ObjectID, page, pageSize int, not stri
 	if not != "" {
 		cmd.AddOptionValues("--not", not)
 	}
+	if since != "" {
+		cmd.AddOptionFormat("--since=%s", since)
+	}
+	if until != "" {
+		cmd.AddOptionFormat("--until=%s", until)
+	}
 
 	stdout, _, err := cmd.RunStdBytes(repo.Ctx, &RunOpts{Dir: repo.Path})
 	if err != nil {
@@ -212,6 +219,8 @@ type CommitsByFileAndRangeOptions struct {
 	File     string
 	Not      string
 	Page     int
+	Since    string
+	Until    string
 }
 
 // CommitsByFileAndRange return the commits according revision file and the page
@@ -231,6 +240,12 @@ func (repo *Repository) CommitsByFileAndRange(opts CommitsByFileAndRangeOptions)
 		if opts.Not != "" {
 			gitCmd.AddOptionValues("--not", opts.Not)
 		}
+		if opts.Since != "" {
+			gitCmd.AddOptionFormat("--since=%s", opts.Since)
+		}
+		if opts.Until != "" {
+			gitCmd.AddOptionFormat("--until=%s", opts.Until)
+		}
 
 		gitCmd.AddDashesAndList(opts.File)
 		err := gitCmd.Run(repo.Ctx, &RunOpts{
@@ -532,11 +547,11 @@ func (repo *Repository) GetCommitBranchStart(env []string, branch, endCommitID s
 		return "", runErr
 	}
 
-	parts := bytes.Split(bytes.TrimSpace(stdout), []byte{'\n'})
+	parts := bytes.SplitSeq(bytes.TrimSpace(stdout), []byte{'\n'})
 
 	// check the commits one by one until we find a commit contained by another branch
 	// and we think this commit is the divergence point
-	for _, commitID := range parts {
+	for commitID := range parts {
 		branches, err := repo.getBranches(env, string(commitID), 2)
 		if err != nil {
 			return "", err
diff --git a/modules/git/repo_commit_nogogit.go b/modules/git/repo_commit_nogogit.go
index 5aa0e9ec04..3ead3e2216 100644
--- a/modules/git/repo_commit_nogogit.go
+++ b/modules/git/repo_commit_nogogit.go
@@ -81,10 +81,10 @@ func (repo *Repository) getCommit(id ObjectID) (*Commit, error) {
 
 	_, _ = wr.Write([]byte(id.String() + "\n"))
 
-	return repo.getCommitFromBatchReader(rd, id)
+	return repo.getCommitFromBatchReader(wr, rd, id)
 }
 
-func (repo *Repository) getCommitFromBatchReader(rd *bufio.Reader, id ObjectID) (*Commit, error) {
+func (repo *Repository) getCommitFromBatchReader(wr WriteCloserError, rd *bufio.Reader, id ObjectID) (*Commit, error) {
 	_, typ, size, err := ReadBatchLine(rd)
 	if err != nil {
 		if errors.Is(err, io.EOF) || IsErrNotExist(err) {
@@ -112,7 +112,11 @@ func (repo *Repository) getCommitFromBatchReader(rd *bufio.Reader, id ObjectID)
 			return nil, err
 		}
 
-		commit, err := tag.Commit(repo)
+		if _, err := wr.Write([]byte(tag.Object.String() + "\n")); err != nil {
+			return nil, err
+		}
+
+		commit, err := repo.getCommitFromBatchReader(wr, rd, tag.Object)
 		if err != nil {
 			return nil, err
 		}
diff --git a/modules/git/repo_commitgraph_gogit.go b/modules/git/repo_commitgraph_gogit.go
index d3182f15c6..c0082b62c8 100644
--- a/modules/git/repo_commitgraph_gogit.go
+++ b/modules/git/repo_commitgraph_gogit.go
@@ -8,7 +8,7 @@ package git
 
 import (
 	"os"
-	"path"
+	"path/filepath"
 
 	gitealog "code.gitea.io/gitea/modules/log"
 
@@ -18,7 +18,7 @@ import (
 
 // CommitNodeIndex returns the index for walking commit graph
 func (r *Repository) CommitNodeIndex() (cgobject.CommitNodeIndex, *os.File) {
-	indexPath := path.Join(r.Path, "objects", "info", "commit-graph")
+	indexPath := filepath.Join(r.Path, "objects", "info", "commit-graph")
 
 	file, err := os.Open(indexPath)
 	if err == nil {
diff --git a/modules/git/repo_gpg.go b/modules/git/repo_gpg.go
index 8f91b4dce5..0021a7bda7 100644
--- a/modules/git/repo_gpg.go
+++ b/modules/git/repo_gpg.go
@@ -6,6 +6,7 @@ package git
 
 import (
 	"fmt"
+	"os"
 	"strings"
 
 	"code.gitea.io/gitea/modules/process"
@@ -13,6 +14,14 @@ import (
 
 // LoadPublicKeyContent will load the key from gpg
 func (gpgSettings *GPGSettings) LoadPublicKeyContent() error {
+	if gpgSettings.Format == SigningKeyFormatSSH {
+		content, err := os.ReadFile(gpgSettings.KeyID)
+		if err != nil {
+			return fmt.Errorf("unable to read SSH public key file: %s, %w", gpgSettings.KeyID, err)
+		}
+		gpgSettings.PublicKeyContent = string(content)
+		return nil
+	}
 	content, stderr, err := process.GetManager().Exec(
 		"gpg -a --export",
 		"gpg", "-a", "--export", gpgSettings.KeyID)
@@ -44,6 +53,9 @@ func (repo *Repository) GetDefaultPublicGPGKey(forceUpdate bool) (*GPGSettings,
 	signingKey, _, _ := NewCommand("config", "--get", "user.signingkey").RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
 	gpgSettings.KeyID = strings.TrimSpace(signingKey)
 
+	format, _, _ := NewCommand("config", "--default", SigningKeyFormatOpenPGP, "--get", "gpg.format").RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
+	gpgSettings.Format = strings.TrimSpace(format)
+
 	defaultEmail, _, _ := NewCommand("config", "--get", "user.email").RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
 	gpgSettings.Email = strings.TrimSpace(defaultEmail)
 
diff --git a/modules/git/repo_index.go b/modules/git/repo_index.go
index 1c7fcc063e..4879121a41 100644
--- a/modules/git/repo_index.go
+++ b/modules/git/repo_index.go
@@ -10,8 +10,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 // ReadTreeToIndex reads a treeish to the index
@@ -59,26 +58,18 @@ func (repo *Repository) ReadTreeToTemporaryIndex(treeish string) (tmpIndexFilena
 		}
 	}()
 
-	removeDirFn := func(dir string) func() { // it can't use the return value "tmpDir" directly because it is empty when error occurs
-		return func() {
-			if err := util.RemoveAll(dir); err != nil {
-				log.Error("failed to remove tmp index dir: %v", err)
-			}
-		}
-	}
-
-	tmpDir, err = os.MkdirTemp("", "index")
+	tmpDir, cancel, err = setting.AppDataTempDir("git-repo-content").MkdirTempRandom("index")
 	if err != nil {
 		return "", "", nil, err
 	}
 
 	tmpIndexFilename = filepath.Join(tmpDir, ".tmp-index")
-	cancel = removeDirFn(tmpDir)
+
 	err = repo.ReadTreeToIndex(treeish, tmpIndexFilename)
 	if err != nil {
 		return "", "", cancel, err
 	}
-	return tmpIndexFilename, tmpDir, cancel, err
+	return tmpIndexFilename, tmpDir, cancel, nil
 }
 
 // EmptyIndex empties the index
@@ -95,7 +86,7 @@ func (repo *Repository) LsFiles(filenames ...string) ([]string, error) {
 		return nil, err
 	}
 	filelist := make([]string, 0, len(filenames))
-	for _, line := range bytes.Split(res, []byte{'\000'}) {
+	for line := range bytes.SplitSeq(res, []byte{'\000'}) {
 		filelist = append(filelist, string(line))
 	}
 
diff --git a/modules/git/repo_object.go b/modules/git/repo_object.go
index 1d34305270..08e0413311 100644
--- a/modules/git/repo_object.go
+++ b/modules/git/repo_object.go
@@ -85,17 +85,3 @@ func (repo *Repository) hashObject(reader io.Reader, save bool) (string, error)
 	}
 	return strings.TrimSpace(stdout.String()), nil
 }
-
-// GetRefType gets the type of the ref based on the string
-func (repo *Repository) GetRefType(ref string) ObjectType {
-	if repo.IsTagExist(ref) {
-		return ObjectTag
-	} else if repo.IsBranchExist(ref) {
-		return ObjectBranch
-	} else if repo.IsCommitExist(ref) {
-		return ObjectCommit
-	} else if _, err := repo.GetBlob(ref); err == nil {
-		return ObjectBlob
-	}
-	return ObjectType("invalid")
-}
diff --git a/modules/git/repo_ref.go b/modules/git/repo_ref.go
index 739cfb972c..554f9f73e1 100644
--- a/modules/git/repo_ref.go
+++ b/modules/git/repo_ref.go
@@ -19,11 +19,12 @@ func (repo *Repository) GetRefs() ([]*Reference, error) {
 // refType should only be a literal "branch" or "tag" and nothing else
 func (repo *Repository) ListOccurrences(ctx context.Context, refType, commitSHA string) ([]string, error) {
 	cmd := NewCommand()
-	if refType == "branch" {
+	switch refType {
+	case "branch":
 		cmd.AddArguments("branch")
-	} else if refType == "tag" {
+	case "tag":
 		cmd.AddArguments("tag")
-	} else {
+	default:
 		return nil, util.NewInvalidArgumentErrorf(`can only use "branch" or "tag" for refType, but got %q`, refType)
 	}
 	stdout, _, err := cmd.AddArguments("--no-color", "--sort=-creatordate", "--contains").AddDynamicArguments(commitSHA).RunStdString(ctx, &RunOpts{Dir: repo.Path})
diff --git a/modules/git/repo_stats.go b/modules/git/repo_stats.go
index 76fe92bb34..8c6f31c38c 100644
--- a/modules/git/repo_stats.go
+++ b/modules/git/repo_stats.go
@@ -40,7 +40,9 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string)
 
 	since := fromTime.Format(time.RFC3339)
 
-	stdout, _, runErr := NewCommand("rev-list", "--count", "--no-merges", "--branches=*", "--date=iso").AddOptionFormat("--since='%s'", since).RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
+	stdout, _, runErr := NewCommand("rev-list", "--count", "--no-merges", "--branches=*", "--date=iso").
+		AddOptionFormat("--since=%s", since).
+		RunStdString(repo.Ctx, &RunOpts{Dir: repo.Path})
 	if runErr != nil {
 		return nil, runErr
 	}
@@ -60,7 +62,8 @@ func (repo *Repository) GetCodeActivityStats(fromTime time.Time, branch string)
 		_ = stdoutWriter.Close()
 	}()
 
-	gitCmd := NewCommand("log", "--numstat", "--no-merges", "--pretty=format:---%n%h%n%aN%n%aE%n", "--date=iso").AddOptionFormat("--since='%s'", since)
+	gitCmd := NewCommand("log", "--numstat", "--no-merges", "--pretty=format:---%n%h%n%aN%n%aE%n", "--date=iso").
+		AddOptionFormat("--since=%s", since)
 	if len(branch) == 0 {
 		gitCmd.AddArguments("--branches=*")
 	} else {
diff --git a/modules/git/repo_stats_test.go b/modules/git/repo_stats_test.go
index 3d032385ee..85d8807a6e 100644
--- a/modules/git/repo_stats_test.go
+++ b/modules/git/repo_stats_test.go
@@ -30,7 +30,7 @@ func TestRepository_GetCodeActivityStats(t *testing.T) {
 	assert.EqualValues(t, 10, code.Additions)
 	assert.EqualValues(t, 1, code.Deletions)
 	assert.Len(t, code.Authors, 3)
-	assert.EqualValues(t, "tris.git@shoddynet.org", code.Authors[1].Email)
+	assert.Equal(t, "tris.git@shoddynet.org", code.Authors[1].Email)
 	assert.EqualValues(t, 3, code.Authors[1].Commits)
 	assert.EqualValues(t, 5, code.Authors[0].Commits)
 }
diff --git a/modules/git/repo_tag.go b/modules/git/repo_tag.go
index c74618471a..c8d72eee02 100644
--- a/modules/git/repo_tag.go
+++ b/modules/git/repo_tag.go
@@ -39,8 +39,8 @@ func (repo *Repository) GetTagNameBySHA(sha string) (string, error) {
 		return "", err
 	}
 
-	tagRefs := strings.Split(stdout, "\n")
-	for _, tagRef := range tagRefs {
+	tagRefs := strings.SplitSeq(stdout, "\n")
+	for tagRef := range tagRefs {
 		if len(strings.TrimSpace(tagRef)) > 0 {
 			fields := strings.Fields(tagRef)
 			if strings.HasPrefix(fields[0], sha) && strings.HasPrefix(fields[1], TagPrefix) {
@@ -62,7 +62,7 @@ func (repo *Repository) GetTagID(name string) (string, error) {
 		return "", err
 	}
 	// Make sure exact match is used: "v1" != "release/v1"
-	for _, line := range strings.Split(stdout, "\n") {
+	for line := range strings.SplitSeq(stdout, "\n") {
 		fields := strings.Fields(line)
 		if len(fields) == 2 && fields[1] == "refs/tags/"+name {
 			return fields[0], nil
diff --git a/modules/git/repo_tag_nogogit.go b/modules/git/repo_tag_nogogit.go
index e0a3104249..3d2b4f52bd 100644
--- a/modules/git/repo_tag_nogogit.go
+++ b/modules/git/repo_tag_nogogit.go
@@ -41,8 +41,11 @@ func (repo *Repository) GetTagType(id ObjectID) (string, error) {
 		return "", err
 	}
 	_, typ, _, err := ReadBatchLine(rd)
-	if IsErrNotExist(err) {
-		return "", ErrNotExist{ID: id.String()}
+	if err != nil {
+		if IsErrNotExist(err) {
+			return "", ErrNotExist{ID: id.String()}
+		}
+		return "", err
 	}
 	return typ, nil
 }
diff --git a/modules/git/repo_tag_test.go b/modules/git/repo_tag_test.go
index f1f081680a..f1f5ff6664 100644
--- a/modules/git/repo_tag_test.go
+++ b/modules/git/repo_tag_test.go
@@ -27,12 +27,12 @@ func TestRepository_GetTags(t *testing.T) {
 	}
 	assert.Len(t, tags, 2)
 	assert.Len(t, tags, total)
-	assert.EqualValues(t, "signed-tag", tags[0].Name)
-	assert.EqualValues(t, "36f97d9a96457e2bab511db30fe2db03893ebc64", tags[0].ID.String())
-	assert.EqualValues(t, "tag", tags[0].Type)
-	assert.EqualValues(t, "test", tags[1].Name)
-	assert.EqualValues(t, "3ad28a9149a2864384548f3d17ed7f38014c9e8a", tags[1].ID.String())
-	assert.EqualValues(t, "tag", tags[1].Type)
+	assert.Equal(t, "signed-tag", tags[0].Name)
+	assert.Equal(t, "36f97d9a96457e2bab511db30fe2db03893ebc64", tags[0].ID.String())
+	assert.Equal(t, "tag", tags[0].Type)
+	assert.Equal(t, "test", tags[1].Name)
+	assert.Equal(t, "3ad28a9149a2864384548f3d17ed7f38014c9e8a", tags[1].ID.String())
+	assert.Equal(t, "tag", tags[1].Type)
 }
 
 func TestRepository_GetTag(t *testing.T) {
@@ -64,18 +64,13 @@ func TestRepository_GetTag(t *testing.T) {
 
 	// and try to get the Tag for lightweight tag
 	lTag, err := bareRepo1.GetTag(lTagName)
-	if err != nil {
-		assert.NoError(t, err)
-		return
-	}
-	if lTag == nil {
-		assert.NotNil(t, lTag)
-		assert.FailNow(t, "nil lTag: %s", lTagName)
-	}
-	assert.EqualValues(t, lTagName, lTag.Name)
-	assert.EqualValues(t, lTagCommitID, lTag.ID.String())
-	assert.EqualValues(t, lTagCommitID, lTag.Object.String())
-	assert.EqualValues(t, "commit", lTag.Type)
+	require.NoError(t, err)
+	require.NotNil(t, lTag, "nil lTag: %s", lTagName)
+
+	assert.Equal(t, lTagName, lTag.Name)
+	assert.Equal(t, lTagCommitID, lTag.ID.String())
+	assert.Equal(t, lTagCommitID, lTag.Object.String())
+	assert.Equal(t, "commit", lTag.Type)
 
 	// ANNOTATED TAGS
 	aTagCommitID := "8006ff9adbf0cb94da7dad9e537e53817f9fa5c0"
@@ -97,19 +92,14 @@ func TestRepository_GetTag(t *testing.T) {
 	}
 
 	aTag, err := bareRepo1.GetTag(aTagName)
-	if err != nil {
-		assert.NoError(t, err)
-		return
-	}
-	if aTag == nil {
-		assert.NotNil(t, aTag)
-		assert.FailNow(t, "nil aTag: %s", aTagName)
-	}
-	assert.EqualValues(t, aTagName, aTag.Name)
-	assert.EqualValues(t, aTagID, aTag.ID.String())
+	require.NoError(t, err)
+	require.NotNil(t, aTag, "nil aTag: %s", aTagName)
+
+	assert.Equal(t, aTagName, aTag.Name)
+	assert.Equal(t, aTagID, aTag.ID.String())
 	assert.NotEqual(t, aTagID, aTag.Object.String())
-	assert.EqualValues(t, aTagCommitID, aTag.Object.String())
-	assert.EqualValues(t, "tag", aTag.Type)
+	assert.Equal(t, aTagCommitID, aTag.Object.String())
+	assert.Equal(t, "tag", aTag.Type)
 
 	// RELEASE TAGS
 
@@ -127,14 +117,14 @@ func TestRepository_GetTag(t *testing.T) {
 		assert.NoError(t, err)
 		return
 	}
-	assert.EqualValues(t, rTagCommitID, rTagID)
+	assert.Equal(t, rTagCommitID, rTagID)
 
 	oTagID, err := bareRepo1.GetTagID(lTagName)
 	if err != nil {
 		assert.NoError(t, err)
 		return
 	}
-	assert.EqualValues(t, lTagCommitID, oTagID)
+	assert.Equal(t, lTagCommitID, oTagID)
 }
 
 func TestRepository_GetAnnotatedTag(t *testing.T) {
@@ -170,9 +160,9 @@ func TestRepository_GetAnnotatedTag(t *testing.T) {
 		return
 	}
 	assert.NotNil(t, tag)
-	assert.EqualValues(t, aTagName, tag.Name)
-	assert.EqualValues(t, aTagID, tag.ID.String())
-	assert.EqualValues(t, "tag", tag.Type)
+	assert.Equal(t, aTagName, tag.Name)
+	assert.Equal(t, aTagID, tag.ID.String())
+	assert.Equal(t, "tag", tag.Type)
 
 	// Annotated tag's Commit ID should fail
 	tag2, err := bareRepo1.GetAnnotatedTag(aTagCommitID)
diff --git a/modules/git/repo_tree.go b/modules/git/repo_tree.go
index 70e5aee023..309a73d759 100644
--- a/modules/git/repo_tree.go
+++ b/modules/git/repo_tree.go
@@ -15,7 +15,7 @@ import (
 type CommitTreeOpts struct {
 	Parents    []string
 	Message    string
-	KeyID      string
+	Key        *SigningKey
 	NoGPGSign  bool
 	AlwaysSign bool
 }
@@ -43,8 +43,13 @@ func (repo *Repository) CommitTree(author, committer *Signature, tree *Tree, opt
 	_, _ = messageBytes.WriteString(opts.Message)
 	_, _ = messageBytes.WriteString("\n")
 
-	if opts.KeyID != "" || opts.AlwaysSign {
-		cmd.AddOptionFormat("-S%s", opts.KeyID)
+	if opts.Key != nil {
+		if opts.Key.Format != "" {
+			cmd.AddConfig("gpg.format", opts.Key.Format)
+		}
+		cmd.AddOptionFormat("-S%s", opts.Key.KeyID)
+	} else if opts.AlwaysSign {
+		cmd.AddOptionFormat("-S")
 	}
 
 	if opts.NoGPGSign {
diff --git a/modules/git/repo_tree_nogogit.go b/modules/git/repo_tree_nogogit.go
index d74769ccb2..1954f85162 100644
--- a/modules/git/repo_tree_nogogit.go
+++ b/modules/git/repo_tree_nogogit.go
@@ -35,7 +35,11 @@ func (repo *Repository) getTree(id ObjectID) (*Tree, error) {
 		if err != nil {
 			return nil, err
 		}
-		commit, err := tag.Commit(repo)
+
+		if _, err := wr.Write([]byte(tag.Object.String() + "\n")); err != nil {
+			return nil, err
+		}
+		commit, err := repo.getCommitFromBatchReader(wr, rd, tag.Object)
 		if err != nil {
 			return nil, err
 		}
diff --git a/modules/git/signature_test.go b/modules/git/signature_test.go
index 92681feea9..b9b5aff61b 100644
--- a/modules/git/signature_test.go
+++ b/modules/git/signature_test.go
@@ -42,6 +42,6 @@ func TestParseSignatureFromCommitLine(t *testing.T) {
 	}
 	for _, test := range tests {
 		got := parseSignatureFromCommitLine(test.line)
-		assert.EqualValues(t, test.want, got)
+		assert.Equal(t, test.want, got)
 	}
 }
diff --git a/modules/git/submodule_test.go b/modules/git/submodule_test.go
index fbf8c32e1e..7893b95e3a 100644
--- a/modules/git/submodule_test.go
+++ b/modules/git/submodule_test.go
@@ -19,11 +19,11 @@ func TestGetTemplateSubmoduleCommits(t *testing.T) {
 
 	assert.Len(t, submodules, 2)
 
-	assert.EqualValues(t, "<°)))><", submodules[0].Path)
-	assert.EqualValues(t, "d2932de67963f23d43e1c7ecf20173e92ee6c43c", submodules[0].Commit)
+	assert.Equal(t, "<°)))><", submodules[0].Path)
+	assert.Equal(t, "d2932de67963f23d43e1c7ecf20173e92ee6c43c", submodules[0].Commit)
 
-	assert.EqualValues(t, "libtest", submodules[1].Path)
-	assert.EqualValues(t, "1234567890123456789012345678901234567890", submodules[1].Commit)
+	assert.Equal(t, "libtest", submodules[1].Path)
+	assert.Equal(t, "1234567890123456789012345678901234567890", submodules[1].Commit)
 }
 
 func TestAddTemplateSubmoduleIndexes(t *testing.T) {
@@ -42,6 +42,6 @@ func TestAddTemplateSubmoduleIndexes(t *testing.T) {
 	submodules, err := GetTemplateSubmoduleCommits(DefaultContext, tmpDir)
 	require.NoError(t, err)
 	assert.Len(t, submodules, 1)
-	assert.EqualValues(t, "new-dir", submodules[0].Path)
-	assert.EqualValues(t, "1234567890123456789012345678901234567890", submodules[0].Commit)
+	assert.Equal(t, "new-dir", submodules[0].Path)
+	assert.Equal(t, "1234567890123456789012345678901234567890", submodules[0].Commit)
 }
diff --git a/modules/git/tag.go b/modules/git/tag.go
index f7666aa89b..8bf3658d62 100644
--- a/modules/git/tag.go
+++ b/modules/git/tag.go
@@ -21,11 +21,6 @@ type Tag struct {
 	Signature *CommitSignature
 }
 
-// Commit return the commit of the tag reference
-func (tag *Tag) Commit(gitRepo *Repository) (*Commit, error) {
-	return gitRepo.getCommit(tag.Object)
-}
-
 func parsePayloadSignature(data []byte, messageStart int) (payload, msg, sign string) {
 	pos := messageStart
 	signStart, signEnd := -1, -1
diff --git a/modules/git/tests/repos/language_stats_repo/config b/modules/git/tests/repos/language_stats_repo/config
index 515f483629..a4ef456cbc 100644
--- a/modules/git/tests/repos/language_stats_repo/config
+++ b/modules/git/tests/repos/language_stats_repo/config
@@ -1,5 +1,5 @@
 [core]
 	repositoryformatversion = 0
 	filemode = true
-	bare = false
+	bare = true
 	logallrefupdates = true
diff --git a/modules/git/tests/repos/repo3_notes/config b/modules/git/tests/repos/repo3_notes/config
index d545cdabdb..5ed22e23d1 100644
--- a/modules/git/tests/repos/repo3_notes/config
+++ b/modules/git/tests/repos/repo3_notes/config
@@ -1,7 +1,7 @@
 [core]
 	repositoryformatversion = 0
 	filemode = false
-	bare = false
+	bare = true
 	logallrefupdates = true
 	symlinks = false
 	ignorecase = true
diff --git a/modules/git/tests/repos/repo4_commitsbetween/config b/modules/git/tests/repos/repo4_commitsbetween/config
index d545cdabdb..5ed22e23d1 100644
--- a/modules/git/tests/repos/repo4_commitsbetween/config
+++ b/modules/git/tests/repos/repo4_commitsbetween/config
@@ -1,7 +1,7 @@
 [core]
 	repositoryformatversion = 0
 	filemode = false
-	bare = false
+	bare = true
 	logallrefupdates = true
 	symlinks = false
 	ignorecase = true
diff --git a/modules/git/tree.go b/modules/git/tree.go
index f6fdff97d0..38fb45f3b1 100644
--- a/modules/git/tree.go
+++ b/modules/git/tree.go
@@ -56,7 +56,7 @@ func (repo *Repository) LsTree(ref string, filenames ...string) ([]string, error
 		return nil, err
 	}
 	filelist := make([]string, 0, len(filenames))
-	for _, line := range bytes.Split(res, []byte{'\000'}) {
+	for line := range bytes.SplitSeq(res, []byte{'\000'}) {
 		filelist = append(filelist, string(line))
 	}
 
diff --git a/modules/git/tree_blob_nogogit.go b/modules/git/tree_blob_nogogit.go
index b7bcf40edd..b18d0fa05e 100644
--- a/modules/git/tree_blob_nogogit.go
+++ b/modules/git/tree_blob_nogogit.go
@@ -11,7 +11,7 @@ import (
 )
 
 // GetTreeEntryByPath get the tree entries according the sub dir
-func (t *Tree) GetTreeEntryByPath(relpath string) (*TreeEntry, error) {
+func (t *Tree) GetTreeEntryByPath(relpath string) (_ *TreeEntry, err error) {
 	if len(relpath) == 0 {
 		return &TreeEntry{
 			ptree:     t,
@@ -21,27 +21,25 @@ func (t *Tree) GetTreeEntryByPath(relpath string) (*TreeEntry, error) {
 		}, nil
 	}
 
-	// FIXME: This should probably use git cat-file --batch to be a bit more efficient
 	relpath = path.Clean(relpath)
 	parts := strings.Split(relpath, "/")
-	var err error
+
 	tree := t
-	for i, name := range parts {
-		if i == len(parts)-1 {
-			entries, err := tree.ListEntries()
-			if err != nil {
-				return nil, err
-			}
-			for _, v := range entries {
-				if v.Name() == name {
-					return v, nil
-				}
-			}
-		} else {
-			tree, err = tree.SubTree(name)
-			if err != nil {
-				return nil, err
-			}
+	for _, name := range parts[:len(parts)-1] {
+		tree, err = tree.SubTree(name)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	name := parts[len(parts)-1]
+	entries, err := tree.ListEntries()
+	if err != nil {
+		return nil, err
+	}
+	for _, v := range entries {
+		if v.Name() == name {
+			return v, nil
 		}
 	}
 	return nil, ErrNotExist{"", relpath}
diff --git a/modules/git/tree_entry.go b/modules/git/tree_entry.go
index 9513121487..5099d8ee79 100644
--- a/modules/git/tree_entry.go
+++ b/modules/git/tree_entry.go
@@ -5,9 +5,11 @@
 package git
 
 import (
-	"io"
+	"path"
 	"sort"
 	"strings"
+
+	"code.gitea.io/gitea/modules/util"
 )
 
 // Type returns the type of the entry (commit, tree, blob)
@@ -22,83 +24,57 @@ func (te *TreeEntry) Type() string {
 	}
 }
 
-// FollowLink returns the entry pointed to by a symlink
-func (te *TreeEntry) FollowLink() (*TreeEntry, error) {
+type EntryFollowResult struct {
+	SymlinkContent string
+	TargetFullPath string
+	TargetEntry    *TreeEntry
+}
+
+func EntryFollowLink(commit *Commit, fullPath string, te *TreeEntry) (*EntryFollowResult, error) {
 	if !te.IsLink() {
-		return nil, ErrBadLink{te.Name(), "not a symlink"}
+		return nil, util.ErrorWrap(util.ErrUnprocessableContent, "%q is not a symlink", fullPath)
 	}
 
-	// read the link
-	r, err := te.Blob().DataAsync()
-	if err != nil {
-		return nil, err
+	// git's filename max length is 4096, hopefully a link won't be longer than multiple of that
+	const maxSymlinkSize = 20 * 4096
+	if te.Blob().Size() > maxSymlinkSize {
+		return nil, util.ErrorWrap(util.ErrUnprocessableContent, "%q content exceeds symlink limit", fullPath)
 	}
-	closed := false
-	defer func() {
-		if !closed {
-			_ = r.Close()
-		}
-	}()
-	buf := make([]byte, te.Size())
-	_, err = io.ReadFull(r, buf)
+
+	link, err := te.Blob().GetBlobContent(maxSymlinkSize)
 	if err != nil {
 		return nil, err
 	}
-	_ = r.Close()
-	closed = true
-
-	lnk := string(buf)
-	t := te.ptree
-
-	// traverse up directories
-	for ; t != nil && strings.HasPrefix(lnk, "../"); lnk = lnk[3:] {
-		t = t.ptree
+	if strings.HasPrefix(link, "/") {
+		// It's said that absolute path will be stored as is in Git
+		return &EntryFollowResult{SymlinkContent: link}, util.ErrorWrap(util.ErrUnprocessableContent, "%q is an absolute symlink", fullPath)
 	}
 
-	if t == nil {
-		return nil, ErrBadLink{te.Name(), "points outside of repo"}
-	}
-
-	target, err := t.GetTreeEntryByPath(lnk)
+	targetFullPath := path.Join(path.Dir(fullPath), link)
+	targetEntry, err := commit.GetTreeEntryByPath(targetFullPath)
 	if err != nil {
-		if IsErrNotExist(err) {
-			return nil, ErrBadLink{te.Name(), "broken link"}
-		}
-		return nil, err
+		return &EntryFollowResult{SymlinkContent: link}, err
 	}
-	return target, nil
+	return &EntryFollowResult{SymlinkContent: link, TargetFullPath: targetFullPath, TargetEntry: targetEntry}, nil
 }
 
-// FollowLinks returns the entry ultimately pointed to by a symlink
-func (te *TreeEntry) FollowLinks() (*TreeEntry, error) {
-	if !te.IsLink() {
-		return nil, ErrBadLink{te.Name(), "not a symlink"}
-	}
-	entry := te
-	for i := 0; i < 999; i++ {
-		if entry.IsLink() {
-			next, err := entry.FollowLink()
-			if err != nil {
-				return nil, err
-			}
-			if next.ID == entry.ID {
-				return nil, ErrBadLink{
-					entry.Name(),
-					"recursive link",
-				}
-			}
-			entry = next
-		} else {
+func EntryFollowLinks(commit *Commit, firstFullPath string, firstTreeEntry *TreeEntry, optLimit ...int) (res *EntryFollowResult, err error) {
+	limit := util.OptionalArg(optLimit, 10)
+	treeEntry, fullPath := firstTreeEntry, firstFullPath
+	for range limit {
+		res, err = EntryFollowLink(commit, fullPath, treeEntry)
+		if err != nil {
+			return res, err
+		}
+		treeEntry, fullPath = res.TargetEntry, res.TargetFullPath
+		if !treeEntry.IsLink() {
 			break
 		}
 	}
-	if entry.IsLink() {
-		return nil, ErrBadLink{
-			te.Name(),
-			"too many levels of symbolic links",
-		}
+	if treeEntry.IsLink() {
+		return res, util.ErrorWrap(util.ErrUnprocessableContent, "%q has too many links", firstFullPath)
 	}
-	return entry, nil
+	return res, nil
 }
 
 // returns the Tree pointed to by this TreeEntry, or nil if this is not a tree
diff --git a/modules/git/tree_entry_common_test.go b/modules/git/tree_entry_common_test.go
new file mode 100644
index 0000000000..8b63bbb993
--- /dev/null
+++ b/modules/git/tree_entry_common_test.go
@@ -0,0 +1,76 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/modules/util"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestFollowLink(t *testing.T) {
+	r, err := openRepositoryWithDefaultContext("tests/repos/repo1_bare")
+	require.NoError(t, err)
+	defer r.Close()
+
+	commit, err := r.GetCommit("37991dec2c8e592043f47155ce4808d4580f9123")
+	require.NoError(t, err)
+
+	// get the symlink
+	{
+		lnkFullPath := "foo/bar/link_to_hello"
+		lnk, err := commit.Tree.GetTreeEntryByPath("foo/bar/link_to_hello")
+		require.NoError(t, err)
+		assert.True(t, lnk.IsLink())
+
+		// should be able to dereference to target
+		res, err := EntryFollowLink(commit, lnkFullPath, lnk)
+		require.NoError(t, err)
+		assert.Equal(t, "hello", res.TargetEntry.Name())
+		assert.Equal(t, "foo/nar/hello", res.TargetFullPath)
+		assert.False(t, res.TargetEntry.IsLink())
+		assert.Equal(t, "b14df6442ea5a1b382985a6549b85d435376c351", res.TargetEntry.ID.String())
+	}
+
+	{
+		// should error when called on a normal file
+		entry, err := commit.Tree.GetTreeEntryByPath("file1.txt")
+		require.NoError(t, err)
+		res, err := EntryFollowLink(commit, "file1.txt", entry)
+		assert.ErrorIs(t, err, util.ErrUnprocessableContent)
+		assert.Nil(t, res)
+	}
+
+	{
+		// should error for broken links
+		entry, err := commit.Tree.GetTreeEntryByPath("foo/broken_link")
+		require.NoError(t, err)
+		assert.True(t, entry.IsLink())
+		res, err := EntryFollowLink(commit, "foo/broken_link", entry)
+		assert.ErrorIs(t, err, util.ErrNotExist)
+		assert.Equal(t, "nar/broken_link", res.SymlinkContent)
+	}
+
+	{
+		// should error for external links
+		entry, err := commit.Tree.GetTreeEntryByPath("foo/outside_repo")
+		require.NoError(t, err)
+		assert.True(t, entry.IsLink())
+		res, err := EntryFollowLink(commit, "foo/outside_repo", entry)
+		assert.ErrorIs(t, err, util.ErrNotExist)
+		assert.Equal(t, "../../outside_repo", res.SymlinkContent)
+	}
+
+	{
+		// testing fix for short link bug
+		entry, err := commit.Tree.GetTreeEntryByPath("foo/link_short")
+		require.NoError(t, err)
+		res, err := EntryFollowLink(commit, "foo/link_short", entry)
+		assert.ErrorIs(t, err, util.ErrNotExist)
+		assert.Equal(t, "a", res.SymlinkContent)
+	}
+}
diff --git a/modules/git/tree_entry_gogit.go b/modules/git/tree_entry_gogit.go
index eb9b012681..e6845f1c77 100644
--- a/modules/git/tree_entry_gogit.go
+++ b/modules/git/tree_entry_gogit.go
@@ -19,16 +19,12 @@ type TreeEntry struct {
 	gogitTreeEntry *object.TreeEntry
 	ptree          *Tree
 
-	size     int64
-	sized    bool
-	fullName string
+	size  int64
+	sized bool
 }
 
 // Name returns the name of the entry
 func (te *TreeEntry) Name() string {
-	if te.fullName != "" {
-		return te.fullName
-	}
 	return te.gogitTreeEntry.Name
 }
 
@@ -55,7 +51,7 @@ func (te *TreeEntry) Size() int64 {
 	return te.size
 }
 
-// IsSubModule if the entry is a sub module
+// IsSubModule if the entry is a submodule
 func (te *TreeEntry) IsSubModule() bool {
 	return te.gogitTreeEntry.Mode == filemode.Submodule
 }
diff --git a/modules/git/tree_entry_mode.go b/modules/git/tree_entry_mode.go
index ec4487549d..f36c07bc2a 100644
--- a/modules/git/tree_entry_mode.go
+++ b/modules/git/tree_entry_mode.go
@@ -15,18 +15,14 @@ type EntryMode int
 // one of these.
 const (
 	// EntryModeNoEntry is possible if the file was added or removed in a commit. In the case of
-	// added the base commit will not have the file in its tree so a mode of 0o000000 is used.
+	// when adding the base commit doesn't have the file in its tree, a mode of 0o000000 is used.
 	EntryModeNoEntry EntryMode = 0o000000
-	// EntryModeBlob
-	EntryModeBlob EntryMode = 0o100644
-	// EntryModeExec
-	EntryModeExec EntryMode = 0o100755
-	// EntryModeSymlink
+
+	EntryModeBlob    EntryMode = 0o100644
+	EntryModeExec    EntryMode = 0o100755
 	EntryModeSymlink EntryMode = 0o120000
-	// EntryModeCommit
-	EntryModeCommit EntryMode = 0o160000
-	// EntryModeTree
-	EntryModeTree EntryMode = 0o040000
+	EntryModeCommit  EntryMode = 0o160000
+	EntryModeTree    EntryMode = 0o040000
 )
 
 // String converts an EntryMode to a string
@@ -34,10 +30,29 @@ func (e EntryMode) String() string {
 	return strconv.FormatInt(int64(e), 8)
 }
 
-// ToEntryMode converts a string to an EntryMode
-func ToEntryMode(value string) EntryMode {
-	v, _ := strconv.ParseInt(value, 8, 32)
-	return EntryMode(v)
+// IsSubModule if the entry is a submodule
+func (e EntryMode) IsSubModule() bool {
+	return e == EntryModeCommit
+}
+
+// IsDir if the entry is a sub dir
+func (e EntryMode) IsDir() bool {
+	return e == EntryModeTree
+}
+
+// IsLink if the entry is a symlink
+func (e EntryMode) IsLink() bool {
+	return e == EntryModeSymlink
+}
+
+// IsRegular if the entry is a regular file
+func (e EntryMode) IsRegular() bool {
+	return e == EntryModeBlob
+}
+
+// IsExecutable if the entry is an executable file (not necessarily binary)
+func (e EntryMode) IsExecutable() bool {
+	return e == EntryModeExec
 }
 
 func ParseEntryMode(mode string) (EntryMode, error) {
diff --git a/modules/git/tree_entry_nogogit.go b/modules/git/tree_entry_nogogit.go
index 81fb638d56..8fad96cdf8 100644
--- a/modules/git/tree_entry_nogogit.go
+++ b/modules/git/tree_entry_nogogit.go
@@ -18,7 +18,7 @@ type TreeEntry struct {
 	sized     bool
 }
 
-// Name returns the name of the entry
+// Name returns the name of the entry (base name)
 func (te *TreeEntry) Name() string {
 	return te.name
 }
@@ -57,29 +57,29 @@ func (te *TreeEntry) Size() int64 {
 	return te.size
 }
 
-// IsSubModule if the entry is a sub module
+// IsSubModule if the entry is a submodule
 func (te *TreeEntry) IsSubModule() bool {
-	return te.entryMode == EntryModeCommit
+	return te.entryMode.IsSubModule()
 }
 
 // IsDir if the entry is a sub dir
 func (te *TreeEntry) IsDir() bool {
-	return te.entryMode == EntryModeTree
+	return te.entryMode.IsDir()
 }
 
 // IsLink if the entry is a symlink
 func (te *TreeEntry) IsLink() bool {
-	return te.entryMode == EntryModeSymlink
+	return te.entryMode.IsLink()
 }
 
 // IsRegular if the entry is a regular file
 func (te *TreeEntry) IsRegular() bool {
-	return te.entryMode == EntryModeBlob
+	return te.entryMode.IsRegular()
 }
 
 // IsExecutable if the entry is an executable file (not necessarily binary)
 func (te *TreeEntry) IsExecutable() bool {
-	return te.entryMode == EntryModeExec
+	return te.entryMode.IsExecutable()
 }
 
 // Blob returns the blob object the entry
diff --git a/modules/git/tree_entry_test.go b/modules/git/tree_entry_test.go
index 30eee13669..9ca82675e0 100644
--- a/modules/git/tree_entry_test.go
+++ b/modules/git/tree_entry_test.go
@@ -53,50 +53,3 @@ func TestEntriesCustomSort(t *testing.T) {
 	assert.Equal(t, "bcd", entries[6].Name())
 	assert.Equal(t, "abc", entries[7].Name())
 }
-
-func TestFollowLink(t *testing.T) {
-	r, err := openRepositoryWithDefaultContext("tests/repos/repo1_bare")
-	assert.NoError(t, err)
-	defer r.Close()
-
-	commit, err := r.GetCommit("37991dec2c8e592043f47155ce4808d4580f9123")
-	assert.NoError(t, err)
-
-	// get the symlink
-	lnk, err := commit.Tree.GetTreeEntryByPath("foo/bar/link_to_hello")
-	assert.NoError(t, err)
-	assert.True(t, lnk.IsLink())
-
-	// should be able to dereference to target
-	target, err := lnk.FollowLink()
-	assert.NoError(t, err)
-	assert.Equal(t, "hello", target.Name())
-	assert.False(t, target.IsLink())
-	assert.Equal(t, "b14df6442ea5a1b382985a6549b85d435376c351", target.ID.String())
-
-	// should error when called on normal file
-	target, err = commit.Tree.GetTreeEntryByPath("file1.txt")
-	assert.NoError(t, err)
-	_, err = target.FollowLink()
-	assert.EqualError(t, err, "file1.txt: not a symlink")
-
-	// should error for broken links
-	target, err = commit.Tree.GetTreeEntryByPath("foo/broken_link")
-	assert.NoError(t, err)
-	assert.True(t, target.IsLink())
-	_, err = target.FollowLink()
-	assert.EqualError(t, err, "broken_link: broken link")
-
-	// should error for external links
-	target, err = commit.Tree.GetTreeEntryByPath("foo/outside_repo")
-	assert.NoError(t, err)
-	assert.True(t, target.IsLink())
-	_, err = target.FollowLink()
-	assert.EqualError(t, err, "outside_repo: points outside of repo")
-
-	// testing fix for short link bug
-	target, err = commit.Tree.GetTreeEntryByPath("foo/link_short")
-	assert.NoError(t, err)
-	_, err = target.FollowLink()
-	assert.EqualError(t, err, "link_short: broken link")
-}
diff --git a/modules/git/tree_gogit.go b/modules/git/tree_gogit.go
index 421b0ecb0f..272b018ffd 100644
--- a/modules/git/tree_gogit.go
+++ b/modules/git/tree_gogit.go
@@ -69,7 +69,7 @@ func (t *Tree) ListEntriesRecursiveWithSize() (Entries, error) {
 	seen := map[plumbing.Hash]bool{}
 	walker := object.NewTreeWalker(t.gogitTree, true, seen)
 	for {
-		fullName, entry, err := walker.Next()
+		_, entry, err := walker.Next()
 		if err == io.EOF {
 			break
 		}
@@ -84,7 +84,6 @@ func (t *Tree) ListEntriesRecursiveWithSize() (Entries, error) {
 			ID:             ParseGogitHash(entry.Hash),
 			gogitTreeEntry: &entry,
 			ptree:          t,
-			fullName:       fullName,
 		}
 		entries = append(entries, convertedEntry)
 	}
diff --git a/modules/git/tree_test.go b/modules/git/tree_test.go
index 5fee64b038..cae11c4b1b 100644
--- a/modules/git/tree_test.go
+++ b/modules/git/tree_test.go
@@ -19,7 +19,7 @@ func TestSubTree_Issue29101(t *testing.T) {
 	assert.NoError(t, err)
 
 	// old code could produce a different error if called multiple times
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		_, err = commit.SubTree("file1.txt")
 		assert.Error(t, err)
 		assert.True(t, IsErrNotExist(err))
@@ -33,10 +33,10 @@ func Test_GetTreePathLatestCommit(t *testing.T) {
 
 	commitID, err := repo.GetBranchCommitID("master")
 	assert.NoError(t, err)
-	assert.EqualValues(t, "544d8f7a3b15927cddf2299b4b562d6ebd71b6a7", commitID)
+	assert.Equal(t, "544d8f7a3b15927cddf2299b4b562d6ebd71b6a7", commitID)
 
 	commit, err := repo.GetTreePathLatestCommit("master", "blame.txt")
 	assert.NoError(t, err)
 	assert.NotNil(t, commit)
-	assert.EqualValues(t, "45fb6cbc12f970b04eacd5cd4165edd11c8d7376", commit.ID.String())
+	assert.Equal(t, "45fb6cbc12f970b04eacd5cd4165edd11c8d7376", commit.ID.String())
 }
diff --git a/modules/git/url/url.go b/modules/git/url/url.go
index 1c5e8377a6..aa6fa31c5e 100644
--- a/modules/git/url/url.go
+++ b/modules/git/url/url.go
@@ -133,12 +133,13 @@ func ParseRepositoryURL(ctx context.Context, repoURL string) (*RepositoryURL, er
 		}
 	}
 
-	if parsed.URL.Scheme == "http" || parsed.URL.Scheme == "https" {
+	switch parsed.URL.Scheme {
+	case "http", "https":
 		if !httplib.IsCurrentGiteaSiteURL(ctx, repoURL) {
 			return ret, nil
 		}
 		fillPathParts(strings.TrimPrefix(parsed.URL.Path, setting.AppSubURL))
-	} else if parsed.URL.Scheme == "ssh" || parsed.URL.Scheme == "git+ssh" {
+	case "ssh", "git+ssh":
 		domainSSH := setting.SSH.Domain
 		domainCur := httplib.GuessCurrentHostDomain(ctx)
 		urlDomain, _, _ := net.SplitHostPort(parsed.URL.Host)
@@ -166,9 +167,10 @@ func MakeRepositoryWebLink(repoURL *RepositoryURL) string {
 	// now, let's guess, for example:
 	// * git@github.com:owner/submodule.git
 	// * https://github.com/example/submodule1.git
-	if repoURL.GitURL.Scheme == "http" || repoURL.GitURL.Scheme == "https" {
+	switch repoURL.GitURL.Scheme {
+	case "http", "https":
 		return strings.TrimSuffix(repoURL.GitURL.String(), ".git")
-	} else if repoURL.GitURL.Scheme == "ssh" || repoURL.GitURL.Scheme == "git+ssh" {
+	case "ssh", "git+ssh":
 		hostname, _, _ := net.SplitHostPort(repoURL.GitURL.Host)
 		hostname = util.IfZero(hostname, repoURL.GitURL.Host)
 		urlPath := strings.TrimSuffix(repoURL.GitURL.Path, ".git")
diff --git a/modules/git/url/url_test.go b/modules/git/url/url_test.go
index 681da564f9..6655c20be3 100644
--- a/modules/git/url/url_test.go
+++ b/modules/git/url/url_test.go
@@ -165,8 +165,8 @@ func TestParseGitURLs(t *testing.T) {
 		t.Run(kase.kase, func(t *testing.T) {
 			u, err := ParseGitURL(kase.kase)
 			assert.NoError(t, err)
-			assert.EqualValues(t, kase.expected.extraMark, u.extraMark)
-			assert.EqualValues(t, *kase.expected, *u)
+			assert.Equal(t, kase.expected.extraMark, u.extraMark)
+			assert.Equal(t, *kase.expected, *u)
 		})
 	}
 }
diff --git a/modules/git/utils.go b/modules/git/utils.go
index 56cba9087a..e2bdf7866b 100644
--- a/modules/git/utils.go
+++ b/modules/git/utils.go
@@ -8,10 +8,11 @@ import (
 	"encoding/hex"
 	"fmt"
 	"io"
-	"os"
 	"strconv"
 	"strings"
 	"sync"
+
+	"code.gitea.io/gitea/modules/util"
 )
 
 // ObjectCache provides thread-safe cache operations.
@@ -41,33 +42,6 @@ func (oc *ObjectCache[T]) Get(id string) (T, bool) {
 	return obj, has
 }
 
-// isDir returns true if given path is a directory,
-// or returns false when it's a file or does not exist.
-func isDir(dir string) bool {
-	f, e := os.Stat(dir)
-	if e != nil {
-		return false
-	}
-	return f.IsDir()
-}
-
-// isFile returns true if given path is a file,
-// or returns false when it's a directory or does not exist.
-func isFile(filePath string) bool {
-	f, e := os.Stat(filePath)
-	if e != nil {
-		return false
-	}
-	return !f.IsDir()
-}
-
-// isExist checks whether a file or directory exists.
-// It returns false when the file or directory does not exist.
-func isExist(path string) bool {
-	_, err := os.Stat(path)
-	return err == nil || os.IsExist(err)
-}
-
 // ConcatenateError concatenats an error with stderr string
 func ConcatenateError(err error, stderr string) error {
 	if len(stderr) == 0 {
@@ -134,3 +108,16 @@ func HashFilePathForWebUI(s string) string {
 	_, _ = h.Write([]byte(s))
 	return hex.EncodeToString(h.Sum(nil))
 }
+
+func SplitCommitTitleBody(commitMessage string, titleRuneLimit int) (title, body string) {
+	title, body, _ = strings.Cut(commitMessage, "\n")
+	title, title2 := util.EllipsisTruncateRunes(title, titleRuneLimit)
+	if title2 != "" {
+		if body == "" {
+			body = title2
+		} else {
+			body = title2 + "\n" + body
+		}
+	}
+	return title, body
+}
diff --git a/modules/git/utils_test.go b/modules/git/utils_test.go
index 1291cee637..f09a047136 100644
--- a/modules/git/utils_test.go
+++ b/modules/git/utils_test.go
@@ -15,3 +15,17 @@ func TestHashFilePathForWebUI(t *testing.T) {
 		HashFilePathForWebUI("foobar"),
 	)
 }
+
+func TestSplitCommitTitleBody(t *testing.T) {
+	title, body := SplitCommitTitleBody("å•Šbcdefg", 4)
+	assert.Equal(t, "啊…", title)
+	assert.Equal(t, "…bcdefg", body)
+
+	title, body = SplitCommitTitleBody("abcdefg\n1234567", 4)
+	assert.Equal(t, "a…", title)
+	assert.Equal(t, "…bcdefg\n1234567", body)
+
+	title, body = SplitCommitTitleBody("abcdefg\n1234567", 100)
+	assert.Equal(t, "abcdefg", title)
+	assert.Equal(t, "1234567", body)
+}
diff --git a/modules/gitrepo/branch.go b/modules/gitrepo/branch.go
index 25ea5abfca..d7857819e4 100644
--- a/modules/gitrepo/branch.go
+++ b/modules/gitrepo/branch.go
@@ -11,14 +11,14 @@ import (
 
 // GetBranchesByPath returns a branch by its path
 // if limit = 0 it will not limit
-func GetBranchesByPath(ctx context.Context, repo Repository, skip, limit int) ([]*git.Branch, int, error) {
+func GetBranchesByPath(ctx context.Context, repo Repository, skip, limit int) ([]string, int, error) {
 	gitRepo, err := OpenRepository(ctx, repo)
 	if err != nil {
 		return nil, 0, err
 	}
 	defer gitRepo.Close()
 
-	return gitRepo.GetBranches(skip, limit)
+	return gitRepo.GetBranchNames(skip, limit)
 }
 
 func GetBranchCommitID(ctx context.Context, repo Repository, branch string) (string, error) {
diff --git a/modules/globallock/globallock_test.go b/modules/globallock/globallock_test.go
index 0143fc6833..8d55d9f699 100644
--- a/modules/globallock/globallock_test.go
+++ b/modules/globallock/globallock_test.go
@@ -70,7 +70,7 @@ func testLockAndDo(t *testing.T) {
 	count := 0
 	wg := sync.WaitGroup{}
 	wg.Add(concurrency)
-	for i := 0; i < concurrency; i++ {
+	for range concurrency {
 		go func() {
 			defer wg.Done()
 			err := LockAndDo(ctx, "test", func(ctx context.Context) error {
diff --git a/modules/globallock/redis_locker.go b/modules/globallock/redis_locker.go
index 34ed9e389b..45dc769fd4 100644
--- a/modules/globallock/redis_locker.go
+++ b/modules/globallock/redis_locker.go
@@ -6,7 +6,6 @@ package globallock
 import (
 	"context"
 	"errors"
-	"fmt"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -78,7 +77,7 @@ func (l *redisLocker) Close() error {
 
 func (l *redisLocker) lock(ctx context.Context, key string, tries int) (ReleaseFunc, error) {
 	if l.closed.Load() {
-		return func() {}, fmt.Errorf("locker is closed")
+		return func() {}, errors.New("locker is closed")
 	}
 
 	options := []redsync.Option{
diff --git a/modules/graceful/manager_windows.go b/modules/graceful/manager_windows.go
index d776e0e9f9..457768d6ca 100644
--- a/modules/graceful/manager_windows.go
+++ b/modules/graceful/manager_windows.go
@@ -41,8 +41,7 @@ func (g *Manager) start() {
 	// Make SVC process
 	run := svc.Run
 
-	//lint:ignore SA1019 We use IsAnInteractiveSession because IsWindowsService has a different permissions profile
-	isAnInteractiveSession, err := svc.IsAnInteractiveSession() //nolint:staticcheck
+	isAnInteractiveSession, err := svc.IsAnInteractiveSession() //nolint:staticcheck // must use IsAnInteractiveSession because IsWindowsService has a different permissions profile
 	if err != nil {
 		log.Error("Unable to ascertain if running as an Windows Service: %v", err)
 		return
diff --git a/modules/graceful/releasereopen/releasereopen_test.go b/modules/graceful/releasereopen/releasereopen_test.go
index 0e8b48257d..46e67c2046 100644
--- a/modules/graceful/releasereopen/releasereopen_test.go
+++ b/modules/graceful/releasereopen/releasereopen_test.go
@@ -30,14 +30,14 @@ func TestManager(t *testing.T) {
 	_ = m.Register(t3)
 
 	assert.NoError(t, m.ReleaseReopen())
-	assert.EqualValues(t, 1, t1.count)
-	assert.EqualValues(t, 1, t2.count)
-	assert.EqualValues(t, 1, t3.count)
+	assert.Equal(t, 1, t1.count)
+	assert.Equal(t, 1, t2.count)
+	assert.Equal(t, 1, t3.count)
 
 	c2()
 
 	assert.NoError(t, m.ReleaseReopen())
-	assert.EqualValues(t, 2, t1.count)
-	assert.EqualValues(t, 1, t2.count)
-	assert.EqualValues(t, 2, t3.count)
+	assert.Equal(t, 2, t1.count)
+	assert.Equal(t, 1, t2.count)
+	assert.Equal(t, 2, t3.count)
 }
diff --git a/modules/gtprof/trace_builtin.go b/modules/gtprof/trace_builtin.go
index 41743a25e4..2590ed3a13 100644
--- a/modules/gtprof/trace_builtin.go
+++ b/modules/gtprof/trace_builtin.go
@@ -40,7 +40,7 @@ func (t *traceBuiltinSpan) toString(out *strings.Builder, indent int) {
 	if t.ts.endTime.IsZero() {
 		out.WriteString(" duration: (not ended)")
 	} else {
-		out.WriteString(fmt.Sprintf(" duration=%.4fs", t.ts.endTime.Sub(t.ts.startTime).Seconds()))
+		fmt.Fprintf(out, " duration=%.4fs", t.ts.endTime.Sub(t.ts.startTime).Seconds())
 	}
 	for _, a := range t.ts.attributes {
 		out.WriteString(" ")
diff --git a/modules/highlight/highlight_test.go b/modules/highlight/highlight_test.go
index 659688bd0f..b36de98c5c 100644
--- a/modules/highlight/highlight_test.go
+++ b/modules/highlight/highlight_test.go
@@ -114,7 +114,7 @@ c=2
 		t.Run(tt.name, func(t *testing.T) {
 			out, lexerName, err := File(tt.name, "", []byte(tt.code))
 			assert.NoError(t, err)
-			assert.EqualValues(t, tt.want, out)
+			assert.Equal(t, tt.want, out)
 			assert.Equal(t, tt.lexerName, lexerName)
 		})
 	}
@@ -177,7 +177,7 @@ c=2`),
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			out := PlainText([]byte(tt.code))
-			assert.EqualValues(t, tt.want, out)
+			assert.Equal(t, tt.want, out)
 		})
 	}
 }
diff --git a/modules/hostmatcher/hostmatcher.go b/modules/hostmatcher/hostmatcher.go
index 1069310316..15c6371422 100644
--- a/modules/hostmatcher/hostmatcher.go
+++ b/modules/hostmatcher/hostmatcher.go
@@ -6,6 +6,7 @@ package hostmatcher
 import (
 	"net"
 	"path/filepath"
+	"slices"
 	"strings"
 )
 
@@ -38,7 +39,7 @@ func isBuiltin(s string) bool {
 // ParseHostMatchList parses the host list HostMatchList
 func ParseHostMatchList(settingKeyHint, hostList string) *HostMatchList {
 	hl := &HostMatchList{SettingKeyHint: settingKeyHint, SettingValue: hostList}
-	for _, s := range strings.Split(hostList, ",") {
+	for s := range strings.SplitSeq(hostList, ",") {
 		s = strings.ToLower(strings.TrimSpace(s))
 		if s == "" {
 			continue
@@ -61,7 +62,7 @@ func ParseSimpleMatchList(settingKeyHint, matchList string) *HostMatchList {
 		SettingKeyHint: settingKeyHint,
 		SettingValue:   matchList,
 	}
-	for _, s := range strings.Split(matchList, ",") {
+	for s := range strings.SplitSeq(matchList, ",") {
 		s = strings.ToLower(strings.TrimSpace(s))
 		if s == "" {
 			continue
@@ -98,10 +99,8 @@ func (hl *HostMatchList) checkPattern(host string) bool {
 }
 
 func (hl *HostMatchList) checkIP(ip net.IP) bool {
-	for _, pattern := range hl.patterns {
-		if pattern == "*" {
-			return true
-		}
+	if slices.Contains(hl.patterns, "*") {
+		return true
 	}
 	for _, builtin := range hl.builtins {
 		switch builtin {
diff --git a/modules/htmlutil/html.go b/modules/htmlutil/html.go
index 0ab0e71689..efbc174b2e 100644
--- a/modules/htmlutil/html.go
+++ b/modules/htmlutil/html.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"html/template"
 	"slices"
+	"strings"
 )
 
 // ParseSizeAndClass get size and class from string with default values
@@ -31,6 +32,9 @@ func ParseSizeAndClass(defaultSize int, defaultClass string, others ...any) (int
 }
 
 func HTMLFormat(s template.HTML, rawArgs ...any) template.HTML {
+	if !strings.Contains(string(s), "%") || len(rawArgs) == 0 {
+		panic("HTMLFormat requires one or more arguments")
+	}
 	args := slices.Clone(rawArgs)
 	for i, v := range args {
 		switch v := v.(type) {
@@ -38,6 +42,8 @@ func HTMLFormat(s template.HTML, rawArgs ...any) template.HTML {
 			// for most basic types (including template.HTML which is safe), just do nothing and use it
 		case string:
 			args[i] = template.HTMLEscapeString(v)
+		case template.URL:
+			args[i] = template.HTMLEscapeString(string(v))
 		case fmt.Stringer:
 			args[i] = template.HTMLEscapeString(v.String())
 		default:
diff --git a/modules/htmlutil/html_test.go b/modules/htmlutil/html_test.go
index 5ff05d75b3..22258ce59d 100644
--- a/modules/htmlutil/html_test.go
+++ b/modules/htmlutil/html_test.go
@@ -10,6 +10,15 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
+type testStringer struct{}
+
+func (t testStringer) String() string {
+	return "&StringMethod"
+}
+
 func TestHTMLFormat(t *testing.T) {
 	assert.Equal(t, template.HTML("<a>&lt; < 1</a>"), HTMLFormat("<a>%s %s %d</a>", "<", template.HTML("<"), 1))
+	assert.Equal(t, template.HTML("%!s(<nil>)"), HTMLFormat("%s", nil))
+	assert.Equal(t, template.HTML("&lt;&gt;"), HTMLFormat("%s", template.URL("<>")))
+	assert.Equal(t, template.HTML("&amp;StringMethod &amp;StringMethod"), HTMLFormat("%s %s", testStringer{}, &testStringer{}))
 }
diff --git a/modules/httpcache/httpcache.go b/modules/httpcache/httpcache.go
index 045b00d944..dd3efab7a5 100644
--- a/modules/httpcache/httpcache.go
+++ b/modules/httpcache/httpcache.go
@@ -79,7 +79,7 @@ func HandleGenericETagCache(req *http.Request, w http.ResponseWriter, etag strin
 func checkIfNoneMatchIsValid(req *http.Request, etag string) bool {
 	ifNoneMatch := req.Header.Get("If-None-Match")
 	if len(ifNoneMatch) > 0 {
-		for _, item := range strings.Split(ifNoneMatch, ",") {
+		for item := range strings.SplitSeq(ifNoneMatch, ",") {
 			item = strings.TrimPrefix(strings.TrimSpace(item), "W/") // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag#directives
 			if item == etag {
 				return true
diff --git a/modules/httplib/request.go b/modules/httplib/request.go
index 5e40922896..49ea6f4b73 100644
--- a/modules/httplib/request.go
+++ b/modules/httplib/request.go
@@ -108,7 +108,7 @@ func (r *Request) Body(data any) *Request {
 	switch t := data.(type) {
 	case nil: // do nothing
 	case string:
-		bf := bytes.NewBufferString(t)
+		bf := strings.NewReader(t)
 		r.req.Body = io.NopCloser(bf)
 		r.req.ContentLength = int64(len(t))
 	case []byte:
@@ -143,13 +143,13 @@ func (r *Request) getResponse() (*http.Response, error) {
 		paramBody = paramBody[0 : len(paramBody)-1]
 	}
 
-	if r.req.Method == "GET" && len(paramBody) > 0 {
+	if r.req.Method == http.MethodGet && len(paramBody) > 0 {
 		if strings.Contains(r.url, "?") {
 			r.url += "&" + paramBody
 		} else {
 			r.url = r.url + "?" + paramBody
 		}
-	} else if r.req.Method == "POST" && r.req.Body == nil && len(paramBody) > 0 {
+	} else if r.req.Method == http.MethodPost && r.req.Body == nil && len(paramBody) > 0 {
 		r.Header("Content-Type", "application/x-www-form-urlencoded")
 		r.Body(paramBody) // string
 	}
diff --git a/modules/httplib/serve_test.go b/modules/httplib/serve_test.go
index 06c95bc594..78b88c9b5f 100644
--- a/modules/httplib/serve_test.go
+++ b/modules/httplib/serve_test.go
@@ -4,11 +4,11 @@
 package httplib
 
 import (
-	"fmt"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"os"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -23,14 +23,14 @@ func TestServeContentByReader(t *testing.T) {
 		_, rangeStr, _ := strings.Cut(t.Name(), "_range_")
 		r := &http.Request{Header: http.Header{}, Form: url.Values{}}
 		if rangeStr != "" {
-			r.Header.Set("Range", fmt.Sprintf("bytes=%s", rangeStr))
+			r.Header.Set("Range", "bytes="+rangeStr)
 		}
 		reader := strings.NewReader(data)
 		w := httptest.NewRecorder()
 		ServeContentByReader(r, w, int64(len(data)), reader, &ServeHeaderOptions{})
 		assert.Equal(t, expectedStatusCode, w.Code)
 		if expectedStatusCode == http.StatusPartialContent || expectedStatusCode == http.StatusOK {
-			assert.Equal(t, fmt.Sprint(len(expectedContent)), w.Header().Get("Content-Length"))
+			assert.Equal(t, strconv.Itoa(len(expectedContent)), w.Header().Get("Content-Length"))
 			assert.Equal(t, expectedContent, w.Body.String())
 		}
 	}
@@ -68,7 +68,7 @@ func TestServeContentByReadSeeker(t *testing.T) {
 		_, rangeStr, _ := strings.Cut(t.Name(), "_range_")
 		r := &http.Request{Header: http.Header{}, Form: url.Values{}}
 		if rangeStr != "" {
-			r.Header.Set("Range", fmt.Sprintf("bytes=%s", rangeStr))
+			r.Header.Set("Range", "bytes="+rangeStr)
 		}
 
 		seekReader, err := os.OpenFile(tmpFile, os.O_RDONLY, 0o644)
@@ -79,7 +79,7 @@ func TestServeContentByReadSeeker(t *testing.T) {
 		ServeContentByReadSeeker(r, w, nil, seekReader, &ServeHeaderOptions{})
 		assert.Equal(t, expectedStatusCode, w.Code)
 		if expectedStatusCode == http.StatusPartialContent || expectedStatusCode == http.StatusOK {
-			assert.Equal(t, fmt.Sprint(len(expectedContent)), w.Header().Get("Content-Length"))
+			assert.Equal(t, strconv.Itoa(len(expectedContent)), w.Header().Get("Content-Length"))
 			assert.Equal(t, expectedContent, w.Body.String())
 		}
 	}
diff --git a/modules/httplib/url.go b/modules/httplib/url.go
index 5d5b64dc0c..f51506ac3b 100644
--- a/modules/httplib/url.go
+++ b/modules/httplib/url.go
@@ -53,28 +53,34 @@ func getRequestScheme(req *http.Request) string {
 	return ""
 }
 
-// GuessCurrentAppURL tries to guess the current full app URL (with sub-path) by http headers. It always has a '/' suffix, exactly the same as setting.AppURL
+// GuessCurrentAppURL tries to guess the current full public URL (with sub-path) by http headers. It always has a '/' suffix, exactly the same as setting.AppURL
+// TODO: should rename it to GuessCurrentPublicURL in the future
 func GuessCurrentAppURL(ctx context.Context) string {
 	return GuessCurrentHostURL(ctx) + setting.AppSubURL + "/"
 }
 
 // GuessCurrentHostURL tries to guess the current full host URL (no sub-path) by http headers, there is no trailing slash.
 func GuessCurrentHostURL(ctx context.Context) string {
-	req, ok := ctx.Value(RequestContextKey).(*http.Request)
-	if !ok {
-		return strings.TrimSuffix(setting.AppURL, setting.AppSubURL+"/")
-	}
-	// If no scheme provided by reverse proxy, then do not guess the AppURL, use the configured one.
+	// Try the best guess to get the current host URL (will be used for public URL) by http headers.
 	// At the moment, if site admin doesn't configure the proxy headers correctly, then Gitea would guess wrong.
 	// There are some cases:
 	// 1. The reverse proxy is configured correctly, it passes "X-Forwarded-Proto/Host" headers. Perfect, Gitea can handle it correctly.
 	// 2. The reverse proxy is not configured correctly, doesn't pass "X-Forwarded-Proto/Host" headers, eg: only one "proxy_pass http://gitea:3000" in Nginx.
 	// 3. There is no reverse proxy.
-	// Without an extra config option, Gitea is impossible to distinguish between case 2 and case 3,
-	// then case 2 would result in wrong guess like guessed AppURL becomes "http://gitea:3000/", which is not accessible by end users.
-	// So in the future maybe it should introduce a new config option, to let site admin decide how to guess the AppURL.
+	// Without more information, Gitea is impossible to distinguish between case 2 and case 3, then case 2 would result in
+	// wrong guess like guessed public URL becomes "http://gitea:3000/" behind a "https" reverse proxy, which is not accessible by end users.
+	// So we introduced "PUBLIC_URL_DETECTION" option, to control the guessing behavior to satisfy different use cases.
+	req, ok := ctx.Value(RequestContextKey).(*http.Request)
+	if !ok {
+		return strings.TrimSuffix(setting.AppURL, setting.AppSubURL+"/")
+	}
 	reqScheme := getRequestScheme(req)
 	if reqScheme == "" {
+		// if no reverse proxy header, try to use "Host" header for absolute URL
+		if setting.PublicURLDetection == setting.PublicURLAuto && req.Host != "" {
+			return util.Iif(req.TLS == nil, "http://", "https://") + req.Host
+		}
+		// fall back to default AppURL
 		return strings.TrimSuffix(setting.AppURL, setting.AppSubURL+"/")
 	}
 	// X-Forwarded-Host has many problems: non-standard, not well-defined (X-Forwarded-Port or not), conflicts with Host header.
@@ -88,8 +94,8 @@ func GuessCurrentHostDomain(ctx context.Context) string {
 	return util.IfZero(domain, host)
 }
 
-// MakeAbsoluteURL tries to make a link to an absolute URL:
-// * If link is empty, it returns the current app URL.
+// MakeAbsoluteURL tries to make a link to an absolute public URL:
+// * If link is empty, it returns the current public URL.
 // * If link is absolute, it returns the link.
 // * Otherwise, it returns the current host URL + link, the link itself should have correct sub-path (AppSubURL) if needed.
 func MakeAbsoluteURL(ctx context.Context, link string) string {
diff --git a/modules/httplib/url_test.go b/modules/httplib/url_test.go
index d57653646b..0ffb0cac05 100644
--- a/modules/httplib/url_test.go
+++ b/modules/httplib/url_test.go
@@ -5,6 +5,7 @@ package httplib
 
 import (
 	"context"
+	"crypto/tls"
 	"net/http"
 	"testing"
 
@@ -39,6 +40,42 @@ func TestIsRelativeURL(t *testing.T) {
 	}
 }
 
+func TestGuessCurrentHostURL(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "http://cfg-host/sub/")()
+	defer test.MockVariableValue(&setting.AppSubURL, "/sub")()
+	headersWithProto := http.Header{"X-Forwarded-Proto": {"https"}}
+
+	t.Run("Legacy", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.PublicURLDetection, setting.PublicURLLegacy)()
+
+		assert.Equal(t, "http://cfg-host", GuessCurrentHostURL(t.Context()))
+
+		// legacy: "Host" is not used when there is no "X-Forwarded-Proto" header
+		ctx := context.WithValue(t.Context(), RequestContextKey, &http.Request{Host: "req-host:3000"})
+		assert.Equal(t, "http://cfg-host", GuessCurrentHostURL(ctx))
+
+		// if "X-Forwarded-Proto" exists, then use it and "Host" header
+		ctx = context.WithValue(t.Context(), RequestContextKey, &http.Request{Host: "req-host:3000", Header: headersWithProto})
+		assert.Equal(t, "https://req-host:3000", GuessCurrentHostURL(ctx))
+	})
+
+	t.Run("Auto", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.PublicURLDetection, setting.PublicURLAuto)()
+
+		assert.Equal(t, "http://cfg-host", GuessCurrentHostURL(t.Context()))
+
+		// auto: always use "Host" header, the scheme is determined by "X-Forwarded-Proto" header, or TLS config if no "X-Forwarded-Proto" header
+		ctx := context.WithValue(t.Context(), RequestContextKey, &http.Request{Host: "req-host:3000"})
+		assert.Equal(t, "http://req-host:3000", GuessCurrentHostURL(ctx))
+
+		ctx = context.WithValue(t.Context(), RequestContextKey, &http.Request{Host: "req-host", TLS: &tls.ConnectionState{}})
+		assert.Equal(t, "https://req-host", GuessCurrentHostURL(ctx))
+
+		ctx = context.WithValue(t.Context(), RequestContextKey, &http.Request{Host: "req-host:3000", Header: headersWithProto})
+		assert.Equal(t, "https://req-host:3000", GuessCurrentHostURL(ctx))
+	})
+}
+
 func TestMakeAbsoluteURL(t *testing.T) {
 	defer test.MockVariableValue(&setting.Protocol, "http")()
 	defer test.MockVariableValue(&setting.AppURL, "http://cfg-host/sub/")()
diff --git a/modules/indexer/code/bleve/bleve.go b/modules/indexer/code/bleve/bleve.go
index 130ee78a4b..70f0995a01 100644
--- a/modules/indexer/code/bleve/bleve.go
+++ b/modules/indexer/code/bleve/bleve.go
@@ -16,7 +16,6 @@ import (
 	"code.gitea.io/gitea/modules/analyze"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/indexer"
 	path_filter "code.gitea.io/gitea/modules/indexer/code/bleve/token/path"
 	"code.gitea.io/gitea/modules/indexer/code/internal"
@@ -30,7 +29,6 @@ import (
 	"github.com/blevesearch/bleve/v2"
 	analyzer_custom "github.com/blevesearch/bleve/v2/analysis/analyzer/custom"
 	analyzer_keyword "github.com/blevesearch/bleve/v2/analysis/analyzer/keyword"
-	"github.com/blevesearch/bleve/v2/analysis/token/camelcase"
 	"github.com/blevesearch/bleve/v2/analysis/token/lowercase"
 	"github.com/blevesearch/bleve/v2/analysis/token/unicodenorm"
 	"github.com/blevesearch/bleve/v2/analysis/tokenizer/letter"
@@ -72,7 +70,7 @@ const (
 	filenameIndexerAnalyzer  = "filenameIndexerAnalyzer"
 	filenameIndexerTokenizer = "filenameIndexerTokenizer"
 	repoIndexerDocType       = "repoIndexerDocType"
-	repoIndexerLatestVersion = 8
+	repoIndexerLatestVersion = 9
 )
 
 // generateBleveIndexMapping generates a bleve index mapping for the repo indexer
@@ -109,7 +107,7 @@ func generateBleveIndexMapping() (mapping.IndexMapping, error) {
 		"type":          analyzer_custom.Name,
 		"char_filters":  []string{},
 		"tokenizer":     letter.Name,
-		"token_filters": []string{unicodeNormalizeName, camelcase.Name, lowercase.Name},
+		"token_filters": []string{unicodeNormalizeName, lowercase.Name},
 	}); err != nil {
 		return nil, err
 	}
@@ -218,12 +216,7 @@ func (b *Indexer) addDelete(filename string, repo *repo_model.Repository, batch
 func (b *Indexer) Index(ctx context.Context, repo *repo_model.Repository, sha string, changes *internal.RepoChanges) error {
 	batch := inner_bleve.NewFlushingBatch(b.inner.Indexer, maxBatchSize)
 	if len(changes.Updates) > 0 {
-		r, err := gitrepo.OpenRepository(ctx, repo)
-		if err != nil {
-			return err
-		}
-		defer r.Close()
-		gitBatch, err := r.NewBatch(ctx)
+		gitBatch, err := git.NewBatch(ctx, repo.RepoPath())
 		if err != nil {
 			return err
 		}
diff --git a/modules/indexer/code/bleve/token/path/path.go b/modules/indexer/code/bleve/token/path/path.go
index 107e0da109..6dfc12f146 100644
--- a/modules/indexer/code/bleve/token/path/path.go
+++ b/modules/indexer/code/bleve/token/path/path.go
@@ -51,13 +51,13 @@ func generatePathTokens(input analysis.TokenStream, reversed bool) analysis.Toke
 		slices.Reverse(input)
 	}
 
-	for i := 0; i < len(input); i++ {
+	for i := range input {
 		var sb strings.Builder
-		sb.WriteString(string(input[0].Term))
+		sb.Write(input[0].Term)
 
 		for j := 1; j < i; j++ {
 			sb.WriteString("/")
-			sb.WriteString(string(input[j].Term))
+			sb.Write(input[j].Term)
 		}
 
 		term := sb.String()
@@ -97,5 +97,9 @@ func generatePathTokens(input analysis.TokenStream, reversed bool) analysis.Toke
 }
 
 func init() {
-	registry.RegisterTokenFilter(Name, TokenFilterConstructor)
+	// FIXME: move it to the bleve's init function, but do not call it in global init
+	err := registry.RegisterTokenFilter(Name, TokenFilterConstructor)
+	if err != nil {
+		panic(err)
+	}
 }
diff --git a/modules/indexer/code/elasticsearch/elasticsearch.go b/modules/indexer/code/elasticsearch/elasticsearch.go
index be8efad5fd..f925ce396a 100644
--- a/modules/indexer/code/elasticsearch/elasticsearch.go
+++ b/modules/indexer/code/elasticsearch/elasticsearch.go
@@ -15,7 +15,6 @@ import (
 	"code.gitea.io/gitea/modules/analyze"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/indexer"
 	"code.gitea.io/gitea/modules/indexer/code/internal"
 	indexer_internal "code.gitea.io/gitea/modules/indexer/internal"
@@ -209,12 +208,7 @@ func (b *Indexer) addDelete(filename string, repo *repo_model.Repository) elasti
 func (b *Indexer) Index(ctx context.Context, repo *repo_model.Repository, sha string, changes *internal.RepoChanges) error {
 	reqs := make([]elastic.BulkableRequest, 0)
 	if len(changes.Updates) > 0 {
-		r, err := gitrepo.OpenRepository(ctx, repo)
-		if err != nil {
-			return err
-		}
-		defer r.Close()
-		batch, err := r.NewBatch(ctx)
+		batch, err := git.NewBatch(ctx, repo.RepoPath())
 		if err != nil {
 			return err
 		}
diff --git a/modules/indexer/code/elasticsearch/elasticsearch_test.go b/modules/indexer/code/elasticsearch/elasticsearch_test.go
index a6d2af92b2..e8f1f202ce 100644
--- a/modules/indexer/code/elasticsearch/elasticsearch_test.go
+++ b/modules/indexer/code/elasticsearch/elasticsearch_test.go
@@ -11,6 +11,6 @@ import (
 
 func TestIndexPos(t *testing.T) {
 	startIdx, endIdx := contentMatchIndexPos("test index start and end", "start", "end")
-	assert.EqualValues(t, 11, startIdx)
-	assert.EqualValues(t, 15, endIdx)
+	assert.Equal(t, 11, startIdx)
+	assert.Equal(t, 15, endIdx)
 }
diff --git a/modules/indexer/code/git.go b/modules/indexer/code/git.go
index 0089dd259f..41bc74e6ec 100644
--- a/modules/indexer/code/git.go
+++ b/modules/indexer/code/git.go
@@ -129,8 +129,8 @@ func nonGenesisChanges(ctx context.Context, repo *repo_model.Repository, revisio
 		changes.Updates = append(changes.Updates, updates...)
 		return nil
 	}
-	lines := strings.Split(stdout, "\n")
-	for _, line := range lines {
+	lines := strings.SplitSeq(stdout, "\n")
+	for line := range lines {
 		line = strings.TrimSpace(line)
 		if len(line) == 0 {
 			continue
diff --git a/modules/indexer/code/gitgrep/gitgrep.go b/modules/indexer/code/gitgrep/gitgrep.go
index 093c189ba3..6f6e0b47b9 100644
--- a/modules/indexer/code/gitgrep/gitgrep.go
+++ b/modules/indexer/code/gitgrep/gitgrep.go
@@ -26,9 +26,10 @@ func indexSettingToGitGrepPathspecList() (list []string) {
 
 func PerformSearch(ctx context.Context, page int, repoID int64, gitRepo *git.Repository, ref git.RefName, keyword string, searchMode indexer.SearchModeType) (searchResults []*code_indexer.Result, total int, err error) {
 	grepMode := git.GrepModeWords
-	if searchMode == indexer.SearchModeExact {
+	switch searchMode {
+	case indexer.SearchModeExact:
 		grepMode = git.GrepModeExact
-	} else if searchMode == indexer.SearchModeRegexp {
+	case indexer.SearchModeRegexp:
 		grepMode = git.GrepModeRegexp
 	}
 	res, err := git.GrepSearch(ctx, gitRepo, keyword, git.GrepOptions{
diff --git a/modules/indexer/code/indexer_test.go b/modules/indexer/code/indexer_test.go
index 1d9bf99d40..78fea22f10 100644
--- a/modules/indexer/code/indexer_test.go
+++ b/modules/indexer/code/indexer_test.go
@@ -310,7 +310,7 @@ func TestESIndexAndSearch(t *testing.T) {
 		if indexer != nil {
 			indexer.Close()
 		}
-		assert.FailNow(t, "Unable to init ES indexer Error: %v", err)
+		require.NoError(t, err, "Unable to init ES indexer")
 	}
 
 	defer indexer.Close()
diff --git a/modules/indexer/code/internal/indexer.go b/modules/indexer/code/internal/indexer.go
index 6c9a8af635..d58b028124 100644
--- a/modules/indexer/code/internal/indexer.go
+++ b/modules/indexer/code/internal/indexer.go
@@ -5,7 +5,7 @@ package internal
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -48,13 +48,13 @@ func (d *dummyIndexer) SupportedSearchModes() []indexer.SearchMode {
 }
 
 func (d *dummyIndexer) Index(ctx context.Context, repo *repo_model.Repository, sha string, changes *RepoChanges) error {
-	return fmt.Errorf("indexer is not ready")
+	return errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Delete(ctx context.Context, repoID int64) error {
-	return fmt.Errorf("indexer is not ready")
+	return errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Search(ctx context.Context, opts *SearchOptions) (int64, []*SearchResult, []*SearchResultLanguages, error) {
-	return 0, nil, nil, fmt.Errorf("indexer is not ready")
+	return 0, nil, nil, errors.New("indexer is not ready")
 }
diff --git a/modules/indexer/code/search.go b/modules/indexer/code/search.go
index e37aff8e59..a7a5d7d2e3 100644
--- a/modules/indexer/code/search.go
+++ b/modules/indexer/code/search.go
@@ -77,7 +77,7 @@ func HighlightSearchResultCode(filename, language string, lineNums []int, code s
 
 	// The lineNums outputted by highlight.Code might not match the original lineNums, because "highlight" removes the last `\n`
 	lines := make([]*ResultLine, min(len(highlightedLines), len(lineNums)))
-	for i := 0; i < len(lines); i++ {
+	for i := range lines {
 		lines[i] = &ResultLine{
 			Num:              lineNums[i],
 			FormattedContent: template.HTML(highlightedLines[i]),
diff --git a/modules/indexer/internal/bleve/indexer.go b/modules/indexer/internal/bleve/indexer.go
index 01e53ca636..9d1e24a874 100644
--- a/modules/indexer/internal/bleve/indexer.go
+++ b/modules/indexer/internal/bleve/indexer.go
@@ -5,7 +5,7 @@ package bleve
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/modules/indexer/internal"
 	"code.gitea.io/gitea/modules/log"
@@ -39,11 +39,11 @@ func NewIndexer(indexDir string, version int, mappingGetter func() (mapping.Inde
 // Init initializes the indexer
 func (i *Indexer) Init(_ context.Context) (bool, error) {
 	if i == nil {
-		return false, fmt.Errorf("cannot init nil indexer")
+		return false, errors.New("cannot init nil indexer")
 	}
 
 	if i.Indexer != nil {
-		return false, fmt.Errorf("indexer is already initialized")
+		return false, errors.New("indexer is already initialized")
 	}
 
 	indexer, version, err := openIndexer(i.indexDir, i.version)
@@ -83,10 +83,10 @@ func (i *Indexer) Init(_ context.Context) (bool, error) {
 // Ping checks if the indexer is available
 func (i *Indexer) Ping(_ context.Context) error {
 	if i == nil {
-		return fmt.Errorf("cannot ping nil indexer")
+		return errors.New("cannot ping nil indexer")
 	}
 	if i.Indexer == nil {
-		return fmt.Errorf("indexer is not initialized")
+		return errors.New("indexer is not initialized")
 	}
 	return nil
 }
diff --git a/modules/indexer/internal/elasticsearch/indexer.go b/modules/indexer/internal/elasticsearch/indexer.go
index 395eea3bce..265ce26585 100644
--- a/modules/indexer/internal/elasticsearch/indexer.go
+++ b/modules/indexer/internal/elasticsearch/indexer.go
@@ -5,6 +5,7 @@ package elasticsearch
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/modules/indexer/internal"
@@ -36,10 +37,10 @@ func NewIndexer(url, indexName string, version int, mapping string) *Indexer {
 // Init initializes the indexer
 func (i *Indexer) Init(ctx context.Context) (bool, error) {
 	if i == nil {
-		return false, fmt.Errorf("cannot init nil indexer")
+		return false, errors.New("cannot init nil indexer")
 	}
 	if i.Client != nil {
-		return false, fmt.Errorf("indexer is already initialized")
+		return false, errors.New("indexer is already initialized")
 	}
 
 	client, err := i.initClient()
@@ -66,10 +67,10 @@ func (i *Indexer) Init(ctx context.Context) (bool, error) {
 // Ping checks if the indexer is available
 func (i *Indexer) Ping(ctx context.Context) error {
 	if i == nil {
-		return fmt.Errorf("cannot ping nil indexer")
+		return errors.New("cannot ping nil indexer")
 	}
 	if i.Client == nil {
-		return fmt.Errorf("indexer is not initialized")
+		return errors.New("indexer is not initialized")
 	}
 
 	resp, err := i.Client.ClusterHealth().Do(ctx)
diff --git a/modules/indexer/internal/indexer.go b/modules/indexer/internal/indexer.go
index c7f356da1e..3442bbaff2 100644
--- a/modules/indexer/internal/indexer.go
+++ b/modules/indexer/internal/indexer.go
@@ -5,7 +5,7 @@ package internal
 
 import (
 	"context"
-	"fmt"
+	"errors"
 )
 
 // Indexer defines an basic indexer interface
@@ -27,11 +27,11 @@ func NewDummyIndexer() Indexer {
 type dummyIndexer struct{}
 
 func (d *dummyIndexer) Init(ctx context.Context) (bool, error) {
-	return false, fmt.Errorf("indexer is not ready")
+	return false, errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Ping(ctx context.Context) error {
-	return fmt.Errorf("indexer is not ready")
+	return errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Close() {}
diff --git a/modules/indexer/internal/meilisearch/indexer.go b/modules/indexer/internal/meilisearch/indexer.go
index 01bb49bbfc..65db75bb55 100644
--- a/modules/indexer/internal/meilisearch/indexer.go
+++ b/modules/indexer/internal/meilisearch/indexer.go
@@ -5,6 +5,7 @@ package meilisearch
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"github.com/meilisearch/meilisearch-go"
@@ -33,11 +34,11 @@ func NewIndexer(url, apiKey, indexName string, version int, settings *meilisearc
 // Init initializes the indexer
 func (i *Indexer) Init(_ context.Context) (bool, error) {
 	if i == nil {
-		return false, fmt.Errorf("cannot init nil indexer")
+		return false, errors.New("cannot init nil indexer")
 	}
 
 	if i.Client != nil {
-		return false, fmt.Errorf("indexer is already initialized")
+		return false, errors.New("indexer is already initialized")
 	}
 
 	i.Client = meilisearch.New(i.url, meilisearch.WithAPIKey(i.apiKey))
@@ -62,10 +63,10 @@ func (i *Indexer) Init(_ context.Context) (bool, error) {
 // Ping checks if the indexer is available
 func (i *Indexer) Ping(ctx context.Context) error {
 	if i == nil {
-		return fmt.Errorf("cannot ping nil indexer")
+		return errors.New("cannot ping nil indexer")
 	}
 	if i.Client == nil {
-		return fmt.Errorf("indexer is not initialized")
+		return errors.New("indexer is not initialized")
 	}
 	resp, err := i.Client.Health()
 	if err != nil {
diff --git a/modules/indexer/issues/db/db.go b/modules/indexer/issues/db/db.go
index 6124ad2515..50951f9c88 100644
--- a/modules/indexer/issues/db/db.go
+++ b/modules/indexer/issues/db/db.go
@@ -6,6 +6,7 @@ package db
 import (
 	"context"
 	"strings"
+	"sync"
 
 	"code.gitea.io/gitea/models/db"
 	issue_model "code.gitea.io/gitea/models/issues"
@@ -18,7 +19,7 @@ import (
 	"xorm.io/builder"
 )
 
-var _ internal.Indexer = &Indexer{}
+var _ internal.Indexer = (*Indexer)(nil)
 
 // Indexer implements Indexer interface to use database's like search
 type Indexer struct {
@@ -29,11 +30,9 @@ func (i *Indexer) SupportedSearchModes() []indexer.SearchMode {
 	return indexer.SearchModesExactWords()
 }
 
-func NewIndexer() *Indexer {
-	return &Indexer{
-		Indexer: &inner_db.Indexer{},
-	}
-}
+var GetIndexer = sync.OnceValue(func() *Indexer {
+	return &Indexer{Indexer: &inner_db.Indexer{}}
+})
 
 // Index dummy function
 func (i *Indexer) Index(_ context.Context, _ ...*internal.IndexerData) error {
@@ -122,7 +121,11 @@ func (i *Indexer) Search(ctx context.Context, options *internal.SearchOptions) (
 		}, nil
 	}
 
-	ids, total, err := issue_model.IssueIDs(ctx, opt, cond)
+	return i.FindWithIssueOptions(ctx, opt, cond)
+}
+
+func (i *Indexer) FindWithIssueOptions(ctx context.Context, opt *issue_model.IssuesOptions, otherConds ...builder.Cond) (*internal.SearchResult, error) {
+	ids, total, err := issue_model.IssueIDs(ctx, opt, otherConds...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/modules/indexer/issues/db/options.go b/modules/indexer/issues/db/options.go
index 3b19d742ba..380a25dc23 100644
--- a/modules/indexer/issues/db/options.go
+++ b/modules/indexer/issues/db/options.go
@@ -6,6 +6,7 @@ package db
 import (
 	"context"
 	"fmt"
+	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	issue_model "code.gitea.io/gitea/models/issues"
@@ -34,7 +35,11 @@ func ToDBOptions(ctx context.Context, options *internal.SearchOptions) (*issue_m
 	case internal.SortByDeadlineAsc:
 		sortType = "nearduedate"
 	default:
-		sortType = "newest"
+		if strings.HasPrefix(string(options.SortBy), issue_model.ScopeSortPrefix) {
+			sortType = string(options.SortBy)
+		} else {
+			sortType = "newest"
+		}
 	}
 
 	// See the comment of issues_model.SearchOptions for the reason why we need to convert
@@ -68,7 +73,6 @@ func ToDBOptions(ctx context.Context, options *internal.SearchOptions) (*issue_m
 		ExcludedLabelNames: nil,
 		IncludeMilestones:  nil,
 		SortType:           sortType,
-		IssueIDs:           nil,
 		UpdatedAfterUnix:   options.UpdatedAfterUnix.Value(),
 		UpdatedBeforeUnix:  options.UpdatedBeforeUnix.Value(),
 		PriorityRepoID:     0,
diff --git a/modules/indexer/issues/dboptions.go b/modules/indexer/issues/dboptions.go
index 4e2dff572a..f17724664d 100644
--- a/modules/indexer/issues/dboptions.go
+++ b/modules/indexer/issues/dboptions.go
@@ -4,12 +4,19 @@
 package issues
 
 import (
+	"strings"
+
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/modules/indexer/issues/internal"
 	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 func ToSearchOptions(keyword string, opts *issues_model.IssuesOptions) *SearchOptions {
+	if opts.IssueIDs != nil {
+		setting.PanicInDevOrTesting("Indexer SearchOptions doesn't support IssueIDs")
+	}
 	searchOpt := &SearchOptions{
 		Keyword:    keyword,
 		RepoIDs:    opts.RepoIDs,
@@ -95,7 +102,11 @@ func ToSearchOptions(keyword string, opts *issues_model.IssuesOptions) *SearchOp
 		// Unsupported sort type for search
 		fallthrough
 	default:
-		searchOpt.SortBy = SortByUpdatedDesc
+		if strings.HasPrefix(opts.SortType, issues_model.ScopeSortPrefix) {
+			searchOpt.SortBy = internal.SortBy(opts.SortType)
+		} else {
+			searchOpt.SortBy = SortByUpdatedDesc
+		}
 	}
 
 	return searchOpt
diff --git a/modules/indexer/issues/elasticsearch/elasticsearch.go b/modules/indexer/issues/elasticsearch/elasticsearch.go
index e3b1b17059..9d627466ef 100644
--- a/modules/indexer/issues/elasticsearch/elasticsearch.go
+++ b/modules/indexer/issues/elasticsearch/elasticsearch.go
@@ -5,7 +5,6 @@ package elasticsearch
 
 import (
 	"context"
-	"fmt"
 	"strconv"
 	"strings"
 
@@ -96,7 +95,7 @@ func (b *Indexer) Index(ctx context.Context, issues ...*internal.IndexerData) er
 		issue := issues[0]
 		_, err := b.inner.Client.Index().
 			Index(b.inner.VersionedIndexName()).
-			Id(fmt.Sprintf("%d", issue.ID)).
+			Id(strconv.FormatInt(issue.ID, 10)).
 			BodyJson(issue).
 			Do(ctx)
 		return err
@@ -107,7 +106,7 @@ func (b *Indexer) Index(ctx context.Context, issues ...*internal.IndexerData) er
 		reqs = append(reqs,
 			elastic.NewBulkIndexRequest().
 				Index(b.inner.VersionedIndexName()).
-				Id(fmt.Sprintf("%d", issue.ID)).
+				Id(strconv.FormatInt(issue.ID, 10)).
 				Doc(issue),
 		)
 	}
@@ -126,7 +125,7 @@ func (b *Indexer) Delete(ctx context.Context, ids ...int64) error {
 	} else if len(ids) == 1 {
 		_, err := b.inner.Client.Delete().
 			Index(b.inner.VersionedIndexName()).
-			Id(fmt.Sprintf("%d", ids[0])).
+			Id(strconv.FormatInt(ids[0], 10)).
 			Do(ctx)
 		return err
 	}
@@ -136,7 +135,7 @@ func (b *Indexer) Delete(ctx context.Context, ids ...int64) error {
 		reqs = append(reqs,
 			elastic.NewBulkDeleteRequest().
 				Index(b.inner.VersionedIndexName()).
-				Id(fmt.Sprintf("%d", id)),
+				Id(strconv.FormatInt(id, 10)),
 		)
 	}
 
diff --git a/modules/indexer/issues/indexer.go b/modules/indexer/issues/indexer.go
index 4741235d47..8f25c84b76 100644
--- a/modules/indexer/issues/indexer.go
+++ b/modules/indexer/issues/indexer.go
@@ -103,7 +103,7 @@ func InitIssueIndexer(syncReindex bool) {
 				log.Fatal("Unable to issueIndexer.Init with connection %s Error: %v", setting.Indexer.IssueConnStr, err)
 			}
 		case "db":
-			issueIndexer = db.NewIndexer()
+			issueIndexer = db.GetIndexer()
 		case "meilisearch":
 			issueIndexer = meilisearch.NewIndexer(setting.Indexer.IssueConnStr, setting.Indexer.IssueConnAuth, setting.Indexer.IssueIndexerName)
 			existed, err = issueIndexer.Init(ctx)
@@ -217,7 +217,7 @@ func PopulateIssueIndexer(ctx context.Context) error {
 			return fmt.Errorf("shutdown before completion: %w", ctx.Err())
 		default:
 		}
-		repos, _, err := repo_model.SearchRepositoryByName(ctx, &repo_model.SearchRepoOptions{
+		repos, _, err := repo_model.SearchRepositoryByName(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db_model.ListOptions{Page: page, PageSize: repo_model.RepositoryListDefaultPageSize},
 			OrderBy:     db_model.SearchOrderByID,
 			Private:     true,
@@ -291,19 +291,22 @@ func SearchIssues(ctx context.Context, opts *SearchOptions) ([]int64, int64, err
 		// So if the user creates an issue and list issues immediately, the issue may not be listed because the indexer needs time to index the issue.
 		// Even worse, the external indexer like elastic search may not be available for a while,
 		// and the user may not be able to list issues completely until it is available again.
-		ix = db.NewIndexer()
+		ix = db.GetIndexer()
 	}
+
 	result, err := ix.Search(ctx, opts)
 	if err != nil {
 		return nil, 0, err
 	}
+	return SearchResultToIDSlice(result), result.Total, nil
+}
 
+func SearchResultToIDSlice(result *internal.SearchResult) []int64 {
 	ret := make([]int64, 0, len(result.Hits))
 	for _, hit := range result.Hits {
 		ret = append(ret, hit.ID)
 	}
-
-	return ret, result.Total, nil
+	return ret
 }
 
 // CountIssues counts issues by options. It is a shortcut of SearchIssues(ctx, opts) but only returns the total count.
diff --git a/modules/indexer/issues/internal/indexer.go b/modules/indexer/issues/internal/indexer.go
index 415f442d0c..59c6f48485 100644
--- a/modules/indexer/issues/internal/indexer.go
+++ b/modules/indexer/issues/internal/indexer.go
@@ -5,7 +5,7 @@ package internal
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/modules/indexer"
 	"code.gitea.io/gitea/modules/indexer/internal"
@@ -36,13 +36,13 @@ func (d *dummyIndexer) SupportedSearchModes() []indexer.SearchMode {
 }
 
 func (d *dummyIndexer) Index(_ context.Context, _ ...*IndexerData) error {
-	return fmt.Errorf("indexer is not ready")
+	return errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Delete(_ context.Context, _ ...int64) error {
-	return fmt.Errorf("indexer is not ready")
+	return errors.New("indexer is not ready")
 }
 
 func (d *dummyIndexer) Search(_ context.Context, _ *SearchOptions) (*SearchResult, error) {
-	return nil, fmt.Errorf("indexer is not ready")
+	return nil, errors.New("indexer is not ready")
 }
diff --git a/modules/indexer/issues/internal/tests/tests.go b/modules/indexer/issues/internal/tests/tests.go
index 6e92c7885c..7aebbbcd58 100644
--- a/modules/indexer/issues/internal/tests/tests.go
+++ b/modules/indexer/issues/internal/tests/tests.go
@@ -8,7 +8,6 @@
 package tests
 
 import (
-	"context"
 	"fmt"
 	"slices"
 	"testing"
@@ -40,7 +39,7 @@ func TestIndexer(t *testing.T, indexer internal.Indexer) {
 			data[v.ID] = v
 		}
 		require.NoError(t, indexer.Index(t.Context(), d...))
-		require.NoError(t, waitData(indexer, int64(len(data))))
+		waitData(t, indexer, int64(len(data)))
 	}
 
 	defer func() {
@@ -54,13 +53,13 @@ func TestIndexer(t *testing.T, indexer internal.Indexer) {
 				for _, v := range c.ExtraData {
 					data[v.ID] = v
 				}
-				require.NoError(t, waitData(indexer, int64(len(data))))
+				waitData(t, indexer, int64(len(data)))
 				defer func() {
 					for _, v := range c.ExtraData {
 						require.NoError(t, indexer.Delete(t.Context(), v.ID))
 						delete(data, v.ID)
 					}
-					require.NoError(t, waitData(indexer, int64(len(data))))
+					waitData(t, indexer, int64(len(data)))
 				}()
 			}
 
@@ -93,7 +92,7 @@ var cases = []*testIndexerCase{
 		Name:          "default",
 		SearchOptions: &internal.SearchOptions{},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 		},
 	},
@@ -526,7 +525,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByCreatedDesc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -542,7 +541,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByUpdatedDesc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -558,7 +557,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByCommentsDesc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -574,7 +573,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByDeadlineDesc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -590,7 +589,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByCreatedAsc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -606,7 +605,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByUpdatedAsc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -622,7 +621,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByCommentsAsc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -638,7 +637,7 @@ var cases = []*testIndexerCase{
 			SortBy:    internal.SortByDeadlineAsc,
 		},
 		Expected: func(t *testing.T, data map[int64]*internal.IndexerData, result *internal.SearchResult) {
-			assert.Equal(t, len(data), len(result.Hits))
+			assert.Len(t, result.Hits, len(data))
 			assert.Equal(t, len(data), int(result.Total))
 			for i, v := range result.Hits {
 				if i < len(result.Hits)-1 {
@@ -751,22 +750,10 @@ func countIndexerData(data map[int64]*internal.IndexerData, f func(v *internal.I
 
 // waitData waits for the indexer to index all data.
 // Some engines like Elasticsearch index data asynchronously, so we need to wait for a while.
-func waitData(indexer internal.Indexer, total int64) error {
-	var actual int64
-	for i := 0; i < 100; i++ {
-		result, err := indexer.Search(context.Background(), &internal.SearchOptions{
-			Paginator: &db.ListOptions{
-				PageSize: 0,
-			},
-		})
-		if err != nil {
-			return err
-		}
-		actual = result.Total
-		if actual == total {
-			return nil
-		}
-		time.Sleep(100 * time.Millisecond)
-	}
-	return fmt.Errorf("waitData: expected %d, actual %d", total, actual)
+func waitData(t *testing.T, indexer internal.Indexer, total int64) {
+	assert.Eventually(t, func() bool {
+		result, err := indexer.Search(t.Context(), &internal.SearchOptions{Paginator: &db.ListOptions{}})
+		require.NoError(t, err)
+		return result.Total == total
+	}, 10*time.Second, 100*time.Millisecond, "expected total=%d", total)
 }
diff --git a/modules/indexer/issues/meilisearch/meilisearch_test.go b/modules/indexer/issues/meilisearch/meilisearch_test.go
index a3a332554a..2fea4004cb 100644
--- a/modules/indexer/issues/meilisearch/meilisearch_test.go
+++ b/modules/indexer/issues/meilisearch/meilisearch_test.go
@@ -74,13 +74,13 @@ func TestConvertHits(t *testing.T) {
 	}
 	hits, err := convertHits(validResponse)
 	assert.NoError(t, err)
-	assert.EqualValues(t, []internal.Match{{ID: 11}, {ID: 22}, {ID: 33}}, hits)
+	assert.Equal(t, []internal.Match{{ID: 11}, {ID: 22}, {ID: 33}}, hits)
 }
 
 func TestDoubleQuoteKeyword(t *testing.T) {
-	assert.EqualValues(t, "", doubleQuoteKeyword(""))
-	assert.EqualValues(t, `"a" "b" "c"`, doubleQuoteKeyword("a b c"))
-	assert.EqualValues(t, `"a" "d" "g"`, doubleQuoteKeyword("a  d g"))
-	assert.EqualValues(t, `"a" "d" "g"`, doubleQuoteKeyword("a  d g"))
-	assert.EqualValues(t, `"a" "d" "g"`, doubleQuoteKeyword(`a  "" "d" """g`))
+	assert.Empty(t, doubleQuoteKeyword(""))
+	assert.Equal(t, `"a" "b" "c"`, doubleQuoteKeyword("a b c"))
+	assert.Equal(t, `"a" "d" "g"`, doubleQuoteKeyword("a  d g"))
+	assert.Equal(t, `"a" "d" "g"`, doubleQuoteKeyword("a  d g"))
+	assert.Equal(t, `"a" "d" "g"`, doubleQuoteKeyword(`a  "" "d" """g`))
 }
diff --git a/modules/indexer/stats/db.go b/modules/indexer/stats/db.go
index 067a6f609b..199d493e97 100644
--- a/modules/indexer/stats/db.go
+++ b/modules/indexer/stats/db.go
@@ -8,6 +8,7 @@ import (
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/languagestats"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
@@ -62,7 +63,7 @@ func (db *DBIndexer) Index(id int64) error {
 	}
 
 	// Calculate and save language statistics to database
-	stats, err := gitRepo.GetLanguageStats(commitID)
+	stats, err := languagestats.GetLanguageStats(gitRepo, commitID)
 	if err != nil {
 		if !setting.IsInTesting {
 			log.Error("Unable to get language stats for ID %s for default branch %s in %s. Error: %v", commitID, repo.DefaultBranch, repo.FullName(), err)
diff --git a/modules/indexer/stats/queue.go b/modules/indexer/stats/queue.go
index d002bd57cf..69cde321d8 100644
--- a/modules/indexer/stats/queue.go
+++ b/modules/indexer/stats/queue.go
@@ -4,7 +4,7 @@
 package stats
 
 import (
-	"fmt"
+	"errors"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/graceful"
@@ -31,7 +31,7 @@ func handler(items ...int64) []int64 {
 func initStatsQueue() error {
 	statsQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "repo_stats_update", handler)
 	if statsQueue == nil {
-		return fmt.Errorf("unable to create repo_stats_update queue")
+		return errors.New("unable to create repo_stats_update queue")
 	}
 	go graceful.GetManager().RunWithCancel(statsQueue)
 	return nil
diff --git a/modules/issue/template/template.go b/modules/issue/template/template.go
index a2b9d6b33e..192aaf8e01 100644
--- a/modules/issue/template/template.go
+++ b/modules/issue/template/template.go
@@ -4,9 +4,11 @@
 package template
 
 import (
+	"errors"
 	"fmt"
 	"net/url"
 	"regexp"
+	"slices"
 	"strconv"
 	"strings"
 
@@ -31,17 +33,17 @@ func Validate(template *api.IssueTemplate) error {
 
 func validateMetadata(template *api.IssueTemplate) error {
 	if strings.TrimSpace(template.Name) == "" {
-		return fmt.Errorf("'name' is required")
+		return errors.New("'name' is required")
 	}
 	if strings.TrimSpace(template.About) == "" {
-		return fmt.Errorf("'about' is required")
+		return errors.New("'about' is required")
 	}
 	return nil
 }
 
 func validateYaml(template *api.IssueTemplate) error {
 	if len(template.Fields) == 0 {
-		return fmt.Errorf("'body' is required")
+		return errors.New("'body' is required")
 	}
 	ids := make(container.Set[string])
 	for idx, field := range template.Fields {
@@ -401,7 +403,7 @@ func (f *valuedField) Render() string {
 }
 
 func (f *valuedField) Value() string {
-	return strings.TrimSpace(f.Get(fmt.Sprintf("form-field-%s", f.ID)))
+	return strings.TrimSpace(f.Get("form-field-" + f.ID))
 }
 
 func (f *valuedField) Options() []*valuedOption {
@@ -444,14 +446,9 @@ func (o *valuedOption) Label() string {
 func (o *valuedOption) IsChecked() bool {
 	switch o.field.Type {
 	case api.IssueFormFieldTypeDropdown:
-		checks := strings.Split(o.field.Get(fmt.Sprintf("form-field-%s", o.field.ID)), ",")
+		checks := strings.Split(o.field.Get("form-field-"+o.field.ID), ",")
 		idx := strconv.Itoa(o.index)
-		for _, v := range checks {
-			if v == idx {
-				return true
-			}
-		}
-		return false
+		return slices.Contains(checks, idx)
 	case api.IssueFormFieldTypeCheckboxes:
 		return o.field.Get(fmt.Sprintf("form-field-%s-%d", o.field.ID, o.index)) == "on"
 	}
diff --git a/modules/issue/template/template_test.go b/modules/issue/template/template_test.go
index 575e23def9..7fec9431b6 100644
--- a/modules/issue/template/template_test.go
+++ b/modules/issue/template/template_test.go
@@ -904,7 +904,7 @@ Option 1 of dropdown, Option 2 of dropdown
 				t.Fatal(err)
 			}
 			if got := RenderToMarkdown(template, tt.args.values); got != tt.want {
-				assert.EqualValues(t, tt.want, got)
+				assert.Equal(t, tt.want, got)
 			}
 		})
 	}
diff --git a/modules/json/json.go b/modules/json/json.go
index 34568c75c6..444dc8526a 100644
--- a/modules/json/json.go
+++ b/modules/json/json.go
@@ -3,11 +3,10 @@
 
 package json
 
-// Allow "encoding/json" import.
 import (
 	"bytes"
 	"encoding/binary"
-	"encoding/json" //nolint:depguard
+	"encoding/json" //nolint:depguard // this package wraps it
 	"io"
 
 	jsoniter "github.com/json-iterator/go"
@@ -145,6 +144,12 @@ func Valid(data []byte) bool {
 // UnmarshalHandleDoubleEncode - due to a bug in xorm (see https://gitea.com/xorm/xorm/pulls/1957) - it's
 // possible that a Blob may be double encoded or gain an unwanted prefix of 0xff 0xfe.
 func UnmarshalHandleDoubleEncode(bs []byte, v any) error {
+	if len(bs) == 0 {
+		// json.Unmarshal will report errors if input is empty (nil or zero-length)
+		// It seems that XORM ignores the nil but still passes zero-length string into this function
+		// To be consistent, we should treat all empty inputs as success
+		return nil
+	}
 	err := json.Unmarshal(bs, v)
 	if err != nil {
 		ok := true
diff --git a/modules/json/json_test.go b/modules/json/json_test.go
new file mode 100644
index 0000000000..ace7167913
--- /dev/null
+++ b/modules/json/json_test.go
@@ -0,0 +1,18 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package json
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGiteaDBJSONUnmarshal(t *testing.T) {
+	var m map[any]any
+	err := UnmarshalHandleDoubleEncode(nil, &m)
+	assert.NoError(t, err)
+	err = UnmarshalHandleDoubleEncode([]byte(""), &m)
+	assert.NoError(t, err)
+}
diff --git a/modules/label/label.go b/modules/label/label.go
index d3ef0e1dc9..3e68c4d26e 100644
--- a/modules/label/label.go
+++ b/modules/label/label.go
@@ -7,19 +7,24 @@ import (
 	"fmt"
 	"regexp"
 	"strings"
-)
+	"sync"
 
-// colorPattern is a regexp which can validate label color
-var colorPattern = regexp.MustCompile("^#?(?:[0-9a-fA-F]{6}|[0-9a-fA-F]{3})$")
+	"code.gitea.io/gitea/modules/util"
+)
 
 // Label represents label information loaded from template
 type Label struct {
-	Name        string `yaml:"name"`
-	Color       string `yaml:"color"`
-	Description string `yaml:"description,omitempty"`
-	Exclusive   bool   `yaml:"exclusive,omitempty"`
+	Name           string `yaml:"name"`
+	Color          string `yaml:"color"`
+	Description    string `yaml:"description,omitempty"`
+	Exclusive      bool   `yaml:"exclusive,omitempty"`
+	ExclusiveOrder int    `yaml:"exclusive_order,omitempty"`
 }
 
+var colorPattern = sync.OnceValue(func() *regexp.Regexp {
+	return regexp.MustCompile(`^#([\da-fA-F]{3}|[\da-fA-F]{6})$`)
+})
+
 // NormalizeColor normalizes a color string to a 6-character hex code
 func NormalizeColor(color string) (string, error) {
 	// normalize case
@@ -30,8 +35,8 @@ func NormalizeColor(color string) (string, error) {
 		color = "#" + color
 	}
 
-	if !colorPattern.MatchString(color) {
-		return "", fmt.Errorf("bad color code: %s", color)
+	if !colorPattern().MatchString(color) {
+		return "", util.NewInvalidArgumentErrorf("invalid color: %s", color)
 	}
 
 	// convert 3-character shorthand into 6-character version
diff --git a/modules/label/parser.go b/modules/label/parser.go
index 511bac823f..2a10152062 100644
--- a/modules/label/parser.go
+++ b/modules/label/parser.go
@@ -72,7 +72,7 @@ func parseYamlFormat(fileName string, data []byte) ([]*Label, error) {
 func parseLegacyFormat(fileName string, data []byte) ([]*Label, error) {
 	lines := strings.Split(string(data), "\n")
 	list := make([]*Label, 0, len(lines))
-	for i := 0; i < len(lines); i++ {
+	for i := range lines {
 		line := strings.TrimSpace(lines[i])
 		if len(line) == 0 {
 			continue
@@ -108,7 +108,7 @@ func LoadTemplateDescription(fileName string) (string, error) {
 		return "", err
 	}
 
-	for i := 0; i < len(list); i++ {
+	for i := range list {
 		if i > 0 {
 			buf.WriteString(", ")
 		}
diff --git a/modules/lfs/http_client.go b/modules/lfs/http_client.go
index 0a27fb0c86..4b51193846 100644
--- a/modules/lfs/http_client.go
+++ b/modules/lfs/http_client.go
@@ -70,7 +70,7 @@ func (c *HTTPClient) transferNames() []string {
 func (c *HTTPClient) batch(ctx context.Context, operation string, objects []Pointer) (*BatchResponse, error) {
 	log.Trace("BATCH operation with objects: %v", objects)
 
-	url := fmt.Sprintf("%s/objects/batch", c.endpoint)
+	url := c.endpoint + "/objects/batch"
 
 	// Original:  In some lfs server implementations, they require the ref attribute. #32838
 	// `ref` is an "optional object describing the server ref that the objects belong to"
diff --git a/modules/lfs/http_client_test.go b/modules/lfs/http_client_test.go
index 7869c0a21a..179bcdb29a 100644
--- a/modules/lfs/http_client_test.go
+++ b/modules/lfs/http_client_test.go
@@ -31,7 +31,7 @@ func (a *DummyTransferAdapter) Name() string {
 }
 
 func (a *DummyTransferAdapter) Download(ctx context.Context, l *Link) (io.ReadCloser, error) {
-	return io.NopCloser(bytes.NewBufferString("dummy")), nil
+	return io.NopCloser(strings.NewReader("dummy")), nil
 }
 
 func (a *DummyTransferAdapter) Upload(ctx context.Context, l *Link, p Pointer, r io.Reader) error {
@@ -49,7 +49,7 @@ func lfsTestRoundtripHandler(req *http.Request) *http.Response {
 	if strings.Contains(url, "status-not-ok") {
 		return &http.Response{StatusCode: http.StatusBadRequest}
 	} else if strings.Contains(url, "invalid-json-response") {
-		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBufferString("invalid json"))}
+		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(strings.NewReader("invalid json"))}
 	} else if strings.Contains(url, "valid-batch-request-download") {
 		batchResponse = &BatchResponse{
 			Transfer: "dummy",
diff --git a/modules/lfs/pointer.go b/modules/lfs/pointer.go
index ebde20f826..9c95613057 100644
--- a/modules/lfs/pointer.go
+++ b/modules/lfs/pointer.go
@@ -15,15 +15,13 @@ import (
 	"strings"
 )
 
+// spec: https://github.com/git-lfs/git-lfs/blob/master/docs/spec.md
 const (
-	blobSizeCutoff = 1024
+	MetaFileMaxSize = 1024 // spec says the maximum size of a pointer file must be smaller than 1024
 
-	// MetaFileIdentifier is the string appearing at the first line of LFS pointer files.
-	// https://github.com/git-lfs/git-lfs/blob/master/docs/spec.md
-	MetaFileIdentifier = "version https://git-lfs.github.com/spec/v1"
+	MetaFileIdentifier = "version https://git-lfs.github.com/spec/v1" // the first line of a pointer file
 
-	// MetaFileOidPrefix appears in LFS pointer files on a line before the sha256 hash.
-	MetaFileOidPrefix = "oid sha256:"
+	MetaFileOidPrefix = "oid sha256:" // spec says the only supported hash is sha256 at the moment
 )
 
 var (
@@ -39,7 +37,7 @@ var (
 
 // ReadPointer tries to read LFS pointer data from the reader
 func ReadPointer(reader io.Reader) (Pointer, error) {
-	buf := make([]byte, blobSizeCutoff)
+	buf := make([]byte, MetaFileMaxSize)
 	n, err := io.ReadFull(reader, buf)
 	if err != nil && err != io.ErrUnexpectedEOF {
 		return Pointer{}, err
@@ -65,6 +63,7 @@ func ReadPointerFromBuffer(buf []byte) (Pointer, error) {
 		return p, ErrInvalidStructure
 	}
 
+	// spec says "key/value pairs MUST be sorted alphabetically in ascending order (version is exception and must be the first)"
 	oid := strings.TrimPrefix(splitLines[1], MetaFileOidPrefix)
 	if len(oid) != 64 || !oidPattern.MatchString(oid) {
 		return p, ErrInvalidOIDFormat
diff --git a/modules/lfs/pointer_scanner_gogit.go b/modules/lfs/pointer_scanner_gogit.go
index f4302c23bc..e153b8e24e 100644
--- a/modules/lfs/pointer_scanner_gogit.go
+++ b/modules/lfs/pointer_scanner_gogit.go
@@ -31,7 +31,7 @@ func SearchPointerBlobs(ctx context.Context, repo *git.Repository, pointerChan c
 			default:
 			}
 
-			if blob.Size > blobSizeCutoff {
+			if blob.Size > MetaFileMaxSize {
 				return nil
 			}
 
diff --git a/modules/lfs/transferadapter_test.go b/modules/lfs/transferadapter_test.go
index 8bbd45771a..ef72d76db4 100644
--- a/modules/lfs/transferadapter_test.go
+++ b/modules/lfs/transferadapter_test.go
@@ -32,7 +32,7 @@ func TestBasicTransferAdapter(t *testing.T) {
 		if strings.Contains(url, "download-request") {
 			assert.Equal(t, "GET", req.Method)
 
-			return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBufferString("dummy"))}
+			return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(strings.NewReader("dummy"))}
 		} else if strings.Contains(url, "upload-request") {
 			assert.Equal(t, "PUT", req.Method)
 			assert.Equal(t, "application/octet-stream", req.Header.Get("Content-Type"))
@@ -126,7 +126,7 @@ func TestBasicTransferAdapter(t *testing.T) {
 		}
 
 		for n, c := range cases {
-			err := a.Upload(t.Context(), c.link, p, bytes.NewBufferString("dummy"))
+			err := a.Upload(t.Context(), c.link, p, strings.NewReader("dummy"))
 			if len(c.expectederror) > 0 {
 				assert.Contains(t, err.Error(), c.expectederror, "case %d: '%s' should contain '%s'", n, err.Error(), c.expectederror)
 			} else {
diff --git a/modules/lfstransfer/backend/backend.go b/modules/lfstransfer/backend/backend.go
index 1328d93a48..dd4108ea56 100644
--- a/modules/lfstransfer/backend/backend.go
+++ b/modules/lfstransfer/backend/backend.go
@@ -47,7 +47,7 @@ func New(ctx context.Context, repo, op, token string, logger transfer.Logger) (t
 		return nil, err
 	}
 	server = server.JoinPath("api/internal/repo", repo, "info/lfs")
-	return &GiteaBackend{ctx: ctx, server: server, op: op, authToken: token, internalAuth: fmt.Sprintf("Bearer %s", setting.InternalToken), logger: logger}, nil
+	return &GiteaBackend{ctx: ctx, server: server, op: op, authToken: token, internalAuth: "Bearer " + setting.InternalToken, logger: logger}, nil
 }
 
 // Batch implements transfer.Backend
diff --git a/modules/lfstransfer/backend/lock.go b/modules/lfstransfer/backend/lock.go
index 639f8b184e..2c3c16a9bb 100644
--- a/modules/lfstransfer/backend/lock.go
+++ b/modules/lfstransfer/backend/lock.go
@@ -5,6 +5,7 @@ package backend
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -74,7 +75,7 @@ func (g *giteaLockBackend) Create(path, refname string) (transfer.Lock, error) {
 
 	if respBody.Lock == nil {
 		g.logger.Log("api returned nil lock")
-		return nil, fmt.Errorf("api returned nil lock")
+		return nil, errors.New("api returned nil lock")
 	}
 	respLock := respBody.Lock
 	owner := userUnknown
@@ -263,7 +264,7 @@ func (g *giteaLock) CurrentUser() (string, error) {
 // AsLockSpec implements transfer.Lock
 func (g *giteaLock) AsLockSpec(ownerID bool) ([]string, error) {
 	msgs := []string{
-		fmt.Sprintf("lock %s", g.ID()),
+		"lock " + g.ID(),
 		fmt.Sprintf("path %s %s", g.ID(), g.Path()),
 		fmt.Sprintf("locked-at %s %s", g.ID(), g.FormattedTimestamp()),
 		fmt.Sprintf("ownername %s %s", g.ID(), g.OwnerName()),
@@ -285,9 +286,9 @@ func (g *giteaLock) AsLockSpec(ownerID bool) ([]string, error) {
 // AsArguments implements transfer.Lock
 func (g *giteaLock) AsArguments() []string {
 	return []string{
-		fmt.Sprintf("id=%s", g.ID()),
-		fmt.Sprintf("path=%s", g.Path()),
-		fmt.Sprintf("locked-at=%s", g.FormattedTimestamp()),
-		fmt.Sprintf("ownername=%s", g.OwnerName()),
+		"id=" + g.ID(),
+		"path=" + g.Path(),
+		"locked-at=" + g.FormattedTimestamp(),
+		"ownername=" + g.OwnerName(),
 	}
 }
diff --git a/modules/lfstransfer/backend/util.go b/modules/lfstransfer/backend/util.go
index 98ce0b1e62..afe02f799c 100644
--- a/modules/lfstransfer/backend/util.go
+++ b/modules/lfstransfer/backend/util.go
@@ -132,6 +132,7 @@ func newInternalRequestLFS(ctx context.Context, internalURL, method string, head
 		return nil
 	}
 	req := private.NewInternalRequest(ctx, internalURL, method)
+	req.SetReadWriteTimeout(0)
 	for k, v := range headers {
 		req.Header(k, v)
 	}
diff --git a/modules/log/event_format.go b/modules/log/event_format.go
index c23b3b411b..4cf471d223 100644
--- a/modules/log/event_format.go
+++ b/modules/log/event_format.go
@@ -212,7 +212,7 @@ func EventFormatTextMessage(mode *WriterMode, event *Event, msgFormat string, ms
 			}
 		}
 		if hasColorValue {
-			msg = []byte(fmt.Sprintf(msgFormat, msgArgs...))
+			msg = fmt.Appendf(nil, msgFormat, msgArgs...)
 		}
 	}
 	// try to re-use the pre-formatted simple text message
@@ -243,8 +243,8 @@ func EventFormatTextMessage(mode *WriterMode, event *Event, msgFormat string, ms
 	buf = append(buf, msg...)
 
 	if event.Stacktrace != "" && mode.StacktraceLevel <= event.Level {
-		lines := bytes.Split([]byte(event.Stacktrace), []byte("\n"))
-		for _, line := range lines {
+		lines := bytes.SplitSeq([]byte(event.Stacktrace), []byte("\n"))
+		for line := range lines {
 			buf = append(buf, "\n\t"...)
 			buf = append(buf, line...)
 		}
diff --git a/modules/log/event_writer_base.go b/modules/log/event_writer_base.go
index c327c48ca2..9189ca4e90 100644
--- a/modules/log/event_writer_base.go
+++ b/modules/log/event_writer_base.go
@@ -105,7 +105,7 @@ func (b *EventWriterBaseImpl) Run(ctx context.Context) {
 			case io.WriterTo:
 				_, err = msg.WriteTo(b.OutputWriteCloser)
 			default:
-				_, err = b.OutputWriteCloser.Write([]byte(fmt.Sprint(msg)))
+				_, err = fmt.Fprint(b.OutputWriteCloser, msg)
 			}
 			if err != nil {
 				FallbackErrorf("unable to write log message of %q (%v): %v", b.Name, err, event.Msg)
diff --git a/modules/log/flags.go b/modules/log/flags.go
index 8064c91745..f409261150 100644
--- a/modules/log/flags.go
+++ b/modules/log/flags.go
@@ -123,7 +123,7 @@ func FlagsFromString(from string, def ...uint32) Flags {
 		return Flags{defined: true, flags: def[0]}
 	}
 	flags := uint32(0)
-	for _, flag := range strings.Split(strings.ToLower(from), ",") {
+	for flag := range strings.SplitSeq(strings.ToLower(from), ",") {
 		flags |= flagFromString[strings.TrimSpace(flag)]
 	}
 	return Flags{defined: true, flags: flags}
diff --git a/modules/log/flags_test.go b/modules/log/flags_test.go
index 03972a9fb0..6eb65d8114 100644
--- a/modules/log/flags_test.go
+++ b/modules/log/flags_test.go
@@ -12,19 +12,19 @@ import (
 )
 
 func TestFlags(t *testing.T) {
-	assert.EqualValues(t, Ldefault, Flags{}.Bits())
+	assert.Equal(t, Ldefault, Flags{}.Bits())
 	assert.EqualValues(t, 0, FlagsFromString("").Bits())
-	assert.EqualValues(t, Lgopid, FlagsFromString("", Lgopid).Bits())
+	assert.Equal(t, Lgopid, FlagsFromString("", Lgopid).Bits())
 	assert.EqualValues(t, 0, FlagsFromString("none", Lgopid).Bits())
-	assert.EqualValues(t, Ldate|Ltime, FlagsFromString("date,time", Lgopid).Bits())
+	assert.Equal(t, Ldate|Ltime, FlagsFromString("date,time", Lgopid).Bits())
 
-	assert.EqualValues(t, "stdflags", FlagsFromString("stdflags").String())
-	assert.EqualValues(t, "medfile", FlagsFromString("medfile").String())
+	assert.Equal(t, "stdflags", FlagsFromString("stdflags").String())
+	assert.Equal(t, "medfile", FlagsFromString("medfile").String())
 
 	bs, err := json.Marshal(FlagsFromString("utc,level"))
 	assert.NoError(t, err)
-	assert.EqualValues(t, `"level,utc"`, string(bs))
+	assert.Equal(t, `"level,utc"`, string(bs))
 	var flags Flags
 	assert.NoError(t, json.Unmarshal(bs, &flags))
-	assert.EqualValues(t, LUTC|Llevel, flags.Bits())
+	assert.Equal(t, LUTC|Llevel, flags.Bits())
 }
diff --git a/modules/log/level_test.go b/modules/log/level_test.go
index cd18a807d8..0e59af6cb7 100644
--- a/modules/log/level_test.go
+++ b/modules/log/level_test.go
@@ -32,11 +32,11 @@ func TestLevelMarshalUnmarshalJSON(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, INFO, testLevel.Level)
 
-	err = json.Unmarshal([]byte(fmt.Sprintf(`{"level":%d}`, 2)), &testLevel)
+	err = json.Unmarshal(fmt.Appendf(nil, `{"level":%d}`, 2), &testLevel)
 	assert.NoError(t, err)
 	assert.Equal(t, INFO, testLevel.Level)
 
-	err = json.Unmarshal([]byte(fmt.Sprintf(`{"level":%d}`, 10012)), &testLevel)
+	err = json.Unmarshal(fmt.Appendf(nil, `{"level":%d}`, 10012), &testLevel)
 	assert.NoError(t, err)
 	assert.Equal(t, INFO, testLevel.Level)
 
@@ -51,5 +51,5 @@ func TestLevelMarshalUnmarshalJSON(t *testing.T) {
 }
 
 func makeTestLevelBytes(level string) []byte {
-	return []byte(fmt.Sprintf(`{"level":"%s"}`, level))
+	return fmt.Appendf(nil, `{"level":"%s"}`, level)
 }
diff --git a/modules/log/logger.go b/modules/log/logger.go
index 3fc524d55e..8b89e0eb5a 100644
--- a/modules/log/logger.go
+++ b/modules/log/logger.go
@@ -45,6 +45,6 @@ type Logger interface {
 	LevelLogger
 }
 
-type LogStringer interface { //nolint:revive
+type LogStringer interface { //nolint:revive // export stutter
 	LogString() string
 }
diff --git a/modules/log/logger_test.go b/modules/log/logger_test.go
index 9f604815f6..a74139dc51 100644
--- a/modules/log/logger_test.go
+++ b/modules/log/logger_test.go
@@ -57,16 +57,16 @@ func TestLogger(t *testing.T) {
 
 	dump := logger.DumpWriters()
 	assert.Empty(t, dump)
-	assert.EqualValues(t, NONE, logger.GetLevel())
+	assert.Equal(t, NONE, logger.GetLevel())
 	assert.False(t, logger.IsEnabled())
 
 	w1 := newDummyWriter("dummy-1", DEBUG, 0)
 	logger.AddWriters(w1)
-	assert.EqualValues(t, DEBUG, logger.GetLevel())
+	assert.Equal(t, DEBUG, logger.GetLevel())
 
 	w2 := newDummyWriter("dummy-2", WARN, 200*time.Millisecond)
 	logger.AddWriters(w2)
-	assert.EqualValues(t, DEBUG, logger.GetLevel())
+	assert.Equal(t, DEBUG, logger.GetLevel())
 
 	dump = logger.DumpWriters()
 	assert.Len(t, dump, 2)
diff --git a/modules/markup/common/footnote.go b/modules/markup/common/footnote.go
index 4406803694..1ece436c66 100644
--- a/modules/markup/common/footnote.go
+++ b/modules/markup/common/footnote.go
@@ -53,7 +53,7 @@ type FootnoteLink struct {
 // Dump implements Node.Dump.
 func (n *FootnoteLink) Dump(source []byte, level int) {
 	m := map[string]string{}
-	m["Index"] = fmt.Sprintf("%v", n.Index)
+	m["Index"] = strconv.Itoa(n.Index)
 	m["Name"] = fmt.Sprintf("%v", n.Name)
 	ast.DumpHelper(n, source, level, m, nil)
 }
@@ -85,7 +85,7 @@ type FootnoteBackLink struct {
 // Dump implements Node.Dump.
 func (n *FootnoteBackLink) Dump(source []byte, level int) {
 	m := map[string]string{}
-	m["Index"] = fmt.Sprintf("%v", n.Index)
+	m["Index"] = strconv.Itoa(n.Index)
 	m["Name"] = fmt.Sprintf("%v", n.Name)
 	ast.DumpHelper(n, source, level, m, nil)
 }
@@ -151,7 +151,7 @@ type FootnoteList struct {
 // Dump implements Node.Dump.
 func (n *FootnoteList) Dump(source []byte, level int) {
 	m := map[string]string{}
-	m["Count"] = fmt.Sprintf("%v", n.Count)
+	m["Count"] = strconv.Itoa(n.Count)
 	ast.DumpHelper(n, source, level, m, nil)
 }
 
@@ -197,7 +197,7 @@ func (b *footnoteBlockParser) Open(parent ast.Node, reader text.Reader, pc parse
 		return nil, parser.NoChildren
 	}
 	open := pos + 1
-	closure := util.FindClosure(line[pos+1:], '[', ']', false, false) //nolint
+	closure := util.FindClosure(line[pos+1:], '[', ']', false, false) //nolint:staticcheck // deprecated function
 	closes := pos + 1 + closure
 	next := closes + 1
 	if closure > -1 {
@@ -287,7 +287,7 @@ func (s *footnoteParser) Parse(parent ast.Node, block text.Reader, pc parser.Con
 		return nil
 	}
 	open := pos
-	closure := util.FindClosure(line[pos:], '[', ']', false, false) //nolint
+	closure := util.FindClosure(line[pos:], '[', ']', false, false) //nolint:staticcheck // deprecated function
 	if closure < 0 {
 		return nil
 	}
@@ -409,9 +409,9 @@ func (r *FootnoteHTMLRenderer) renderFootnoteLink(w util.BufWriter, source []byt
 		_, _ = w.Write(n.Name)
 		_, _ = w.WriteString(`"><a href="#fn:`)
 		_, _ = w.Write(n.Name)
-		_, _ = w.WriteString(`" class="footnote-ref" role="doc-noteref">`)
+		_, _ = w.WriteString(`" class="footnote-ref" role="doc-noteref">`) // FIXME: here and below, need to keep the classes
 		_, _ = w.WriteString(is)
-		_, _ = w.WriteString(`</a></sup>`)
+		_, _ = w.WriteString(` </a></sup>`) // the style doesn't work at the moment, so add a space to separate the names
 	}
 	return ast.WalkContinue, nil
 }
diff --git a/modules/markup/common/linkify.go b/modules/markup/common/linkify.go
index 52888958fa..3eecb97eac 100644
--- a/modules/markup/common/linkify.go
+++ b/modules/markup/common/linkify.go
@@ -85,9 +85,10 @@ func (s *linkifyParser) Parse(parent ast.Node, block text.Reader, pc parser.Cont
 		} else if lastChar == ')' {
 			closing := 0
 			for i := m[1] - 1; i >= m[0]; i-- {
-				if line[i] == ')' {
+				switch line[i] {
+				case ')':
 					closing++
-				} else if line[i] == '(' {
+				case '(':
 					closing--
 				}
 			}
diff --git a/modules/markup/console/console.go b/modules/markup/console/console.go
index 06f3acfa68..492579b0a5 100644
--- a/modules/markup/console/console.go
+++ b/modules/markup/console/console.go
@@ -6,13 +6,14 @@ package console
 import (
 	"bytes"
 	"io"
-	"path"
+	"unicode/utf8"
 
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/typesniffer"
+	"code.gitea.io/gitea/modules/util"
 
 	trend "github.com/buildkite/terminal-to-html/v3"
-	"github.com/go-enry/go-enry/v2"
 )
 
 func init() {
@@ -22,6 +23,8 @@ func init() {
 // Renderer implements markup.Renderer
 type Renderer struct{}
 
+var _ markup.RendererContentDetector = (*Renderer)(nil)
+
 // Name implements markup.Renderer
 func (Renderer) Name() string {
 	return "console"
@@ -40,15 +43,36 @@ func (Renderer) SanitizerRules() []setting.MarkupSanitizerRule {
 }
 
 // CanRender implements markup.RendererContentDetector
-func (Renderer) CanRender(filename string, input io.Reader) bool {
-	buf, err := io.ReadAll(input)
-	if err != nil {
+func (Renderer) CanRender(filename string, sniffedType typesniffer.SniffedType, prefetchBuf []byte) bool {
+	if !sniffedType.IsTextPlain() {
 		return false
 	}
-	if enry.GetLanguage(path.Base(filename), buf) != enry.OtherLanguage {
+
+	s := util.UnsafeBytesToString(prefetchBuf)
+	rs := []rune(s)
+	cnt := 0
+	firstErrPos := -1
+	isCtrlSep := func(p int) bool {
+		return p < len(rs) && (rs[p] == ';' || rs[p] == 'm')
+	}
+	for i, c := range rs {
+		if c == 0 {
+			return false
+		}
+		if c == '\x1b' {
+			match := i+1 < len(rs) && rs[i+1] == '['
+			if match && (isCtrlSep(i+2) || isCtrlSep(i+3) || isCtrlSep(i+4) || isCtrlSep(i+5)) {
+				cnt++
+			}
+		}
+		if c == utf8.RuneError && firstErrPos == -1 {
+			firstErrPos = i
+		}
+	}
+	if firstErrPos != -1 && firstErrPos != len(rs)-1 {
 		return false
 	}
-	return bytes.ContainsRune(buf, '\x1b')
+	return cnt >= 2 // only render it as console output if there are at least two escape sequences
 }
 
 // Render renders terminal colors to HTML with all specific handling stuff.
diff --git a/modules/markup/console/console_test.go b/modules/markup/console/console_test.go
index 040ec151f4..d1192bebc2 100644
--- a/modules/markup/console/console_test.go
+++ b/modules/markup/console/console_test.go
@@ -8,23 +8,39 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/typesniffer"
 
 	"github.com/stretchr/testify/assert"
 )
 
 func TestRenderConsole(t *testing.T) {
-	var render Renderer
-	kases := map[string]string{
-		"\x1b[37m\x1b[40mnpm\x1b[0m \x1b[0m\x1b[32minfo\x1b[0m \x1b[0m\x1b[35mit worked if it ends with\x1b[0m ok": "<span class=\"term-fg37 term-bg40\">npm</span> <span class=\"term-fg32\">info</span> <span class=\"term-fg35\">it worked if it ends with</span> ok",
+	cases := []struct {
+		input    string
+		expected string
+	}{
+		{"\x1b[37m\x1b[40mnpm\x1b[0m \x1b[0m\x1b[32minfo\x1b[0m \x1b[0m\x1b[35mit worked if it ends with\x1b[0m ok", `<span class="term-fg37 term-bg40">npm</span> <span class="term-fg32">info</span> <span class="term-fg35">it worked if it ends with</span> ok`},
+		{"\x1b[1;2m \x1b[123m å•Š", `<span class="term-fg2">  å•Š</span>`},
+		{"\x1b[1;2m \x1b[123m \xef", `<span class="term-fg2">  �</span>`},
+		{"\x1b[1;2m \x1b[123m \xef \xef", ``},
+		{"\x1b[12", ``},
+		{"\x1b[1", ``},
+		{"\x1b[FOO\x1b[", ``},
+		{"\x1b[mFOO\x1b[m", `FOO`},
 	}
 
-	for k, v := range kases {
+	var render Renderer
+	for i, c := range cases {
 		var buf strings.Builder
-		canRender := render.CanRender("test", strings.NewReader(k))
-		assert.True(t, canRender)
+		st := typesniffer.DetectContentType([]byte(c.input))
+		canRender := render.CanRender("test", st, []byte(c.input))
+		if c.expected == "" {
+			assert.False(t, canRender, "case %d: expected not to render", i)
+			continue
+		}
 
-		err := render.Render(markup.NewRenderContext(t.Context()), strings.NewReader(k), &buf)
+		assert.True(t, canRender)
+		err := render.Render(markup.NewRenderContext(t.Context()), strings.NewReader(c.input), &buf)
 		assert.NoError(t, err)
-		assert.EqualValues(t, v, buf.String())
+		assert.Equal(t, c.expected, buf.String())
 	}
 }
diff --git a/modules/markup/csv/csv_test.go b/modules/markup/csv/csv_test.go
index b0b18ab467..fff7f0baca 100644
--- a/modules/markup/csv/csv_test.go
+++ b/modules/markup/csv/csv_test.go
@@ -25,6 +25,6 @@ func TestRenderCSV(t *testing.T) {
 		var buf strings.Builder
 		err := render.Render(markup.NewRenderContext(t.Context()), strings.NewReader(k), &buf)
 		assert.NoError(t, err)
-		assert.EqualValues(t, v, buf.String())
+		assert.Equal(t, v, buf.String())
 	}
 }
diff --git a/modules/markup/external/external.go b/modules/markup/external/external.go
index 03242e569e..39861ade12 100644
--- a/modules/markup/external/external.go
+++ b/modules/markup/external/external.go
@@ -12,11 +12,9 @@ import (
 	"runtime"
 	"strings"
 
-	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
 )
 
 // RegisterRenderers registers all supported third part renderers according settings
@@ -77,27 +75,22 @@ func envMark(envName string) string {
 
 // Render renders the data of the document to HTML via the external tool.
 func (p *Renderer) Render(ctx *markup.RenderContext, input io.Reader, output io.Writer) error {
-	var (
-		command = strings.NewReplacer(
-			envMark("GITEA_PREFIX_SRC"), ctx.RenderHelper.ResolveLink("", markup.LinkTypeDefault),
-			envMark("GITEA_PREFIX_RAW"), ctx.RenderHelper.ResolveLink("", markup.LinkTypeRaw),
-		).Replace(p.Command)
-		commands = strings.Fields(command)
-		args     = commands[1:]
-	)
+	baseLinkSrc := ctx.RenderHelper.ResolveLink("", markup.LinkTypeDefault)
+	baseLinkRaw := ctx.RenderHelper.ResolveLink("", markup.LinkTypeRaw)
+	command := strings.NewReplacer(
+		envMark("GITEA_PREFIX_SRC"), baseLinkSrc,
+		envMark("GITEA_PREFIX_RAW"), baseLinkRaw,
+	).Replace(p.Command)
+	commands := strings.Fields(command)
+	args := commands[1:]
 
 	if p.IsInputFile {
 		// write to temp file
-		f, err := os.CreateTemp("", "gitea_input")
+		f, cleanup, err := setting.AppDataTempDir("git-repo-content").CreateTempFileRandom("gitea_input")
 		if err != nil {
 			return fmt.Errorf("%s create temp file when rendering %s failed: %w", p.Name(), p.Command, err)
 		}
-		tmpPath := f.Name()
-		defer func() {
-			if err := util.Remove(tmpPath); err != nil {
-				log.Warn("Unable to remove temporary file: %s: Error: %v", tmpPath, err)
-			}
-		}()
+		defer cleanup()
 
 		_, err = io.Copy(f, input)
 		if err != nil {
@@ -112,14 +105,14 @@ func (p *Renderer) Render(ctx *markup.RenderContext, input io.Reader, output io.
 		args = append(args, f.Name())
 	}
 
-	processCtx, _, finished := process.GetManager().AddContext(ctx, fmt.Sprintf("Render [%s] for %s", commands[0], ctx.RenderHelper.ResolveLink("", markup.LinkTypeDefault)))
+	processCtx, _, finished := process.GetManager().AddContext(ctx, fmt.Sprintf("Render [%s] for %s", commands[0], baseLinkSrc))
 	defer finished()
 
 	cmd := exec.CommandContext(processCtx, commands[0], args...)
 	cmd.Env = append(
 		os.Environ(),
-		"GITEA_PREFIX_SRC="+ctx.RenderHelper.ResolveLink("", markup.LinkTypeDefault),
-		"GITEA_PREFIX_RAW="+ctx.RenderHelper.ResolveLink("", markup.LinkTypeRaw),
+		"GITEA_PREFIX_SRC="+baseLinkSrc,
+		"GITEA_PREFIX_RAW="+baseLinkRaw,
 	)
 	if !p.IsInputFile {
 		cmd.Stdin = input
diff --git a/modules/markup/html.go b/modules/markup/html.go
index 3aaf669c63..51afd4be00 100644
--- a/modules/markup/html.go
+++ b/modules/markup/html.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"regexp"
+	"slices"
 	"strings"
 	"sync"
 
@@ -32,7 +33,6 @@ type globalVarsType struct {
 	comparePattern          *regexp.Regexp
 	fullURLPattern          *regexp.Regexp
 	emailRegex              *regexp.Regexp
-	blackfridayExtRegex     *regexp.Regexp
 	emojiShortCodeRegex     *regexp.Regexp
 	issueFullPattern        *regexp.Regexp
 	filesChangedFullPattern *regexp.Regexp
@@ -72,10 +72,8 @@ var globalVars = sync.OnceValue(func() *globalVarsType {
 	// it is still accepted by the CommonMark specification, as well as the HTML5 spec:
 	//   http://spec.commonmark.org/0.28/#email-address
 	//   https://html.spec.whatwg.org/multipage/input.html#e-mail-state-(type%3Demail)
-	v.emailRegex = regexp.MustCompile("(?:\\s|^|\\(|\\[)([a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9]{2,}(?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+)(?:\\s|$|\\)|\\]|;|,|\\?|!|\\.(\\s|$))")
-
-	// blackfridayExtRegex is for blackfriday extensions create IDs like fn:user-content-footnote
-	v.blackfridayExtRegex = regexp.MustCompile(`[^:]*:user-content-`)
+	// At the moment, we use stricter rule for rendering purpose: only allow the "name" part starting after the word boundary
+	v.emailRegex = regexp.MustCompile(`\b([-\w.!#$%&'*+/=?^{|}~]*@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9]{2,}(?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+)\b`)
 
 	// emojiShortCodeRegex find emoji by alias like :smile:
 	v.emojiShortCodeRegex = regexp.MustCompile(`:[-+\w]+:`)
@@ -89,22 +87,18 @@ var globalVars = sync.OnceValue(func() *globalVarsType {
 	// codePreviewPattern matches "http://domain/.../{owner}/{repo}/src/commit/{commit}/{filepath}#L10-L20"
 	v.codePreviewPattern = regexp.MustCompile(`https?://\S+/([^\s/]+)/([^\s/]+)/src/commit/([0-9a-f]{7,64})(/\S+)#(L\d+(-L\d+)?)`)
 
-	v.tagCleaner = regexp.MustCompile(`<((?:/?\w+/\w+)|(?:/[\w ]+/)|(/?[hH][tT][mM][lL]\b)|(/?[hH][eE][aA][dD]\b))`)
+	// cleans: "<foo/bar", "<any words/", ("<html", "<head", "<script", "<style", "<?", "<%")
+	v.tagCleaner = regexp.MustCompile(`(?i)<(/?\w+/\w+|/[\w ]+/|/?(html|head|script|style|%|\?)\b)`)
 	v.nulCleaner = strings.NewReplacer("\000", "")
 	return v
 })
 
-// IsFullURLBytes reports whether link fits valid format.
-func IsFullURLBytes(link []byte) bool {
-	return globalVars().fullURLPattern.Match(link)
-}
-
 func IsFullURLString(link string) bool {
 	return globalVars().fullURLPattern.MatchString(link)
 }
 
 func IsNonEmptyRelativePath(link string) bool {
-	return link != "" && !IsFullURLString(link) && link[0] != '/' && link[0] != '?' && link[0] != '#'
+	return link != "" && !IsFullURLString(link) && link[0] != '?' && link[0] != '#'
 }
 
 // CustomLinkURLSchemes allows for additional schemes to be detected when parsing links within text
@@ -116,13 +110,7 @@ func CustomLinkURLSchemes(schemes []string) {
 		if !validScheme.MatchString(s) {
 			continue
 		}
-		without := false
-		for _, sna := range xurls.SchemesNoAuthority {
-			if s == sna {
-				without = true
-				break
-			}
-		}
+		without := slices.Contains(xurls.SchemesNoAuthority, s)
 		if without {
 			s += ":"
 		} else {
@@ -260,7 +248,7 @@ func postProcess(ctx *RenderContext, procs []processor, input io.Reader, output
 	node, err := html.Parse(io.MultiReader(
 		// prepend "<html><body>"
 		strings.NewReader("<html><body>"),
-		// Strip out nuls - they're always invalid
+		// strip out NULLs (they're always invalid), and escape known tags
 		bytes.NewReader(globalVars().tagCleaner.ReplaceAll([]byte(globalVars().nulCleaner.Replace(string(rawHTML))), []byte("&lt;$1"))),
 		// close the tags
 		strings.NewReader("</body></html>"),
@@ -316,44 +304,39 @@ func isEmojiNode(node *html.Node) bool {
 }
 
 func visitNode(ctx *RenderContext, procs []processor, node *html.Node) *html.Node {
-	// Add user-content- to IDs and "#" links if they don't already have them
-	for idx, attr := range node.Attr {
-		val := strings.TrimPrefix(attr.Val, "#")
-		notHasPrefix := !(strings.HasPrefix(val, "user-content-") || globalVars().blackfridayExtRegex.MatchString(val))
-
-		if attr.Key == "id" && notHasPrefix {
-			node.Attr[idx].Val = "user-content-" + attr.Val
-		}
-
-		if attr.Key == "href" && strings.HasPrefix(attr.Val, "#") && notHasPrefix {
-			node.Attr[idx].Val = "#user-content-" + val
-		}
-	}
-
-	switch node.Type {
-	case html.TextNode:
+	if node.Type == html.TextNode {
 		for _, proc := range procs {
 			proc(ctx, node) // it might add siblings
 		}
+		return node.NextSibling
+	}
+	if node.Type != html.ElementNode {
+		return node.NextSibling
+	}
 
-	case html.ElementNode:
-		if isEmojiNode(node) {
-			// TextNode emoji will be converted to `<span class="emoji">`, then the next iteration will visit the "span"
-			// if we don't stop it, it will go into the TextNode again and create an infinite recursion
-			return node.NextSibling
-		} else if node.Data == "code" || node.Data == "pre" {
-			return node.NextSibling // ignore code and pre nodes
-		} else if node.Data == "img" {
-			return visitNodeImg(ctx, node)
-		} else if node.Data == "video" {
-			return visitNodeVideo(ctx, node)
-		} else if node.Data == "a" {
-			procs = emojiProcessors // Restrict text in links to emojis
-		}
-		for n := node.FirstChild; n != nil; {
-			n = visitNode(ctx, procs, n)
-		}
-	default:
+	processNodeAttrID(node)
+	processFootnoteNode(ctx, node) // FIXME: the footnote processing should be done in the "footnote.go" renderer directly
+
+	if isEmojiNode(node) {
+		// TextNode emoji will be converted to `<span class="emoji">`, then the next iteration will visit the "span"
+		// if we don't stop it, it will go into the TextNode again and create an infinite recursion
+		return node.NextSibling
+	} else if node.Data == "code" || node.Data == "pre" {
+		return node.NextSibling // ignore code and pre nodes
+	} else if node.Data == "img" {
+		return visitNodeImg(ctx, node)
+	} else if node.Data == "video" {
+		return visitNodeVideo(ctx, node)
+	}
+
+	if node.Data == "a" {
+		processNodeA(ctx, node)
+		// only use emoji processors for the content in the "A" tag,
+		// because the content there is not processable, for example: the content is a commit id or a full URL.
+		procs = emojiProcessors
+	}
+	for n := node.FirstChild; n != nil; {
+		n = visitNode(ctx, procs, n)
 	}
 	return node.NextSibling
 }
diff --git a/modules/markup/html_commit.go b/modules/markup/html_commit.go
index aa1b7d034a..fe7a034967 100644
--- a/modules/markup/html_commit.go
+++ b/modules/markup/html_commit.go
@@ -43,7 +43,6 @@ func createCodeLink(href, content, class string) *html.Node {
 	code := &html.Node{
 		Type: html.ElementNode,
 		Data: atom.Code.String(),
-		Attr: []html.Attribute{{Key: "class", Val: "nohighlight"}},
 	}
 
 	code.AppendChild(text)
@@ -63,7 +62,7 @@ func anyHashPatternExtract(s string) (ret anyHashPatternResult, ok bool) {
 		// if url ends in '.', it's very likely that it is not part of the actual url but used to finish a sentence.
 		ret.PosEnd--
 		ret.FullURL = ret.FullURL[:len(ret.FullURL)-1]
-		for i := 0; i < len(m); i++ {
+		for i := range m {
 			m[i] = min(m[i], ret.PosEnd)
 		}
 	}
@@ -189,7 +188,7 @@ func hashCurrentPatternProcessor(ctx *RenderContext, node *html.Node) {
 			continue
 		}
 
-		link := ctx.RenderHelper.ResolveLink(util.URLJoin(ctx.RenderOptions.Metas["user"], ctx.RenderOptions.Metas["repo"], "commit", hash), LinkTypeApp)
+		link := "/:root/" + util.URLJoin(ctx.RenderOptions.Metas["user"], ctx.RenderOptions.Metas["repo"], "commit", hash)
 		replaceContent(node, m[2], m[3], createCodeLink(link, base.ShortSha(hash), "commit"))
 		start = 0
 		node = node.NextSibling.NextSibling
@@ -205,9 +204,9 @@ func commitCrossReferencePatternProcessor(ctx *RenderContext, node *html.Node) {
 			return
 		}
 
-		reftext := ref.Owner + "/" + ref.Name + "@" + base.ShortSha(ref.CommitSha)
-		linkHref := ctx.RenderHelper.ResolveLink(util.URLJoin(ref.Owner, ref.Name, "commit", ref.CommitSha), LinkTypeApp)
-		link := createLink(ctx, linkHref, reftext, "commit")
+		refText := ref.Owner + "/" + ref.Name + "@" + base.ShortSha(ref.CommitSha)
+		linkHref := "/:root/" + util.URLJoin(ref.Owner, ref.Name, "commit", ref.CommitSha)
+		link := createLink(ctx, linkHref, refText, "commit")
 
 		replaceContent(node, ref.RefLocation.Start, ref.RefLocation.End, link)
 		node = node.NextSibling.NextSibling
diff --git a/modules/markup/html_email.go b/modules/markup/html_email.go
index cbfae8b829..cf18e99d98 100644
--- a/modules/markup/html_email.go
+++ b/modules/markup/html_email.go
@@ -3,7 +3,11 @@
 
 package markup
 
-import "golang.org/x/net/html"
+import (
+	"strings"
+
+	"golang.org/x/net/html"
+)
 
 // emailAddressProcessor replaces raw email addresses with a mailto: link.
 func emailAddressProcessor(ctx *RenderContext, node *html.Node) {
@@ -14,6 +18,14 @@ func emailAddressProcessor(ctx *RenderContext, node *html.Node) {
 			return
 		}
 
+		var nextByte byte
+		if len(node.Data) > m[3] {
+			nextByte = node.Data[m[3]]
+		}
+		if strings.IndexByte(":/", nextByte) != -1 {
+			// for cases: "git@gitea.com:owner/repo.git", "https://git@gitea.com/owner/repo.git"
+			return
+		}
 		mail := node.Data[m[2]:m[3]]
 		replaceContent(node, m[2], m[3], createLink(ctx, "mailto:"+mail, mail, "" /*mailto*/))
 		node = node.NextSibling.NextSibling
diff --git a/modules/markup/html_internal_test.go b/modules/markup/html_internal_test.go
index 159d712955..467cc509d0 100644
--- a/modules/markup/html_internal_test.go
+++ b/modules/markup/html_internal_test.go
@@ -107,7 +107,7 @@ func TestRender_IssueIndexPattern2(t *testing.T) {
 		isExternal := false
 		if marker == "!" {
 			path = "pulls"
-			prefix = "http://localhost:3000/someUser/someRepo/pulls/"
+			prefix = "/someUser/someRepo/pulls/"
 		} else {
 			path = "issues"
 			prefix = "https://someurl.com/someUser/someRepo/"
@@ -116,7 +116,7 @@ func TestRender_IssueIndexPattern2(t *testing.T) {
 
 		links := make([]any, len(indices))
 		for i, index := range indices {
-			links[i] = numericIssueLink(util.URLJoin(TestRepoURL, path), "ref-issue", index, marker)
+			links[i] = numericIssueLink(util.URLJoin("/test-owner/test-repo", path), "ref-issue", index, marker)
 		}
 		expectedNil := fmt.Sprintf(expectedFmt, links...)
 		testRenderIssueIndexPattern(t, s, expectedNil, NewTestRenderContext(TestAppURL, localMetas))
@@ -293,13 +293,13 @@ func TestRender_AutoLink(t *testing.T) {
 
 	// render valid commit URLs
 	tmp := util.URLJoin(TestRepoURL, "commit", "d8a994ef243349f321568f9e36d5c3f444b99cae")
-	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code class=\"nohighlight\">d8a994ef24</code></a>")
+	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code>d8a994ef24</code></a>")
 	tmp += "#diff-2"
-	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code class=\"nohighlight\">d8a994ef24 (diff-2)</code></a>")
+	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code>d8a994ef24 (diff-2)</code></a>")
 
 	// render other commit URLs
 	tmp = "https://external-link.gitea.io/go-gitea/gitea/commit/d8a994ef243349f321568f9e36d5c3f444b99cae#diff-2"
-	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code class=\"nohighlight\">d8a994ef24 (diff-2)</code></a>")
+	test(tmp, "<a href=\""+tmp+"\" class=\"commit\"><code>d8a994ef24 (diff-2)</code></a>")
 }
 
 func TestRender_FullIssueURLs(t *testing.T) {
@@ -405,10 +405,10 @@ func TestRegExp_anySHA1Pattern(t *testing.T) {
 		if v.CommitID == "" {
 			assert.False(t, ok)
 		} else {
-			assert.EqualValues(t, strings.TrimSuffix(k, "."), ret.FullURL)
-			assert.EqualValues(t, v.CommitID, ret.CommitID)
-			assert.EqualValues(t, v.SubPath, ret.SubPath)
-			assert.EqualValues(t, v.QueryHash, ret.QueryHash)
+			assert.Equal(t, strings.TrimSuffix(k, "."), ret.FullURL)
+			assert.Equal(t, v.CommitID, ret.CommitID)
+			assert.Equal(t, v.SubPath, ret.SubPath)
+			assert.Equal(t, v.QueryHash, ret.QueryHash)
 		}
 	}
 }
diff --git a/modules/markup/html_issue.go b/modules/markup/html_issue.go
index 7a6f33011a..85bec5db20 100644
--- a/modules/markup/html_issue.go
+++ b/modules/markup/html_issue.go
@@ -82,7 +82,7 @@ func createIssueLinkContentWithSummary(ctx *RenderContext, linkHref string, ref
 	h, err := DefaultRenderHelperFuncs.RenderRepoIssueIconTitle(ctx, RenderIssueIconTitleOptions{
 		OwnerName:  ref.Owner,
 		RepoName:   ref.Name,
-		LinkHref:   linkHref,
+		LinkHref:   ctx.RenderHelper.ResolveLink(linkHref, LinkTypeDefault),
 		IssueIndex: issueIndex,
 	})
 	if err != nil {
@@ -162,7 +162,7 @@ func issueIndexPatternProcessor(ctx *RenderContext, node *html.Node) {
 			issueOwner := util.Iif(ref.Owner == "", ctx.RenderOptions.Metas["user"], ref.Owner)
 			issueRepo := util.Iif(ref.Owner == "", ctx.RenderOptions.Metas["repo"], ref.Name)
 			issuePath := util.Iif(ref.IsPull, "pulls", "issues")
-			linkHref := ctx.RenderHelper.ResolveLink(util.URLJoin(issueOwner, issueRepo, issuePath, ref.Issue), LinkTypeApp)
+			linkHref := "/:root/" + util.URLJoin(issueOwner, issueRepo, issuePath, ref.Issue)
 
 			// at the moment, only render the issue index in a full line (or simple line) as icon+title
 			// otherwise it would be too noisy for "take #1 as an example" in a sentence
diff --git a/modules/markup/html_issue_test.go b/modules/markup/html_issue_test.go
index 8d189fbdf6..39cd9dcf6a 100644
--- a/modules/markup/html_issue_test.go
+++ b/modules/markup/html_issue_test.go
@@ -30,6 +30,7 @@ func TestRender_IssueList(t *testing.T) {
 		rctx := markup.NewTestRenderContext(markup.TestAppURL, map[string]string{
 			"user": "test-user", "repo": "test-repo",
 			"markupAllowShortIssuePattern": "true",
+			"footnoteContextId":            "12345",
 		})
 		out, err := markdown.RenderString(rctx, input)
 		require.NoError(t, err)
@@ -39,7 +40,7 @@ func TestRender_IssueList(t *testing.T) {
 	t.Run("NormalIssueRef", func(t *testing.T) {
 		test(
 			"#12345",
-			`<p><a href="http://localhost:3000/test-user/test-repo/issues/12345" class="ref-issue" rel="nofollow">#12345</a></p>`,
+			`<p><a href="/test-user/test-repo/issues/12345" class="ref-issue" rel="nofollow">#12345</a></p>`,
 		)
 	})
 
@@ -56,7 +57,7 @@ func TestRender_IssueList(t *testing.T) {
 		test(
 			"* foo #12345 bar",
 			`<ul>
-<li>foo <a href="http://localhost:3000/test-user/test-repo/issues/12345" class="ref-issue" rel="nofollow">#12345</a> bar</li>
+<li>foo <a href="/test-user/test-repo/issues/12345" class="ref-issue" rel="nofollow">#12345</a> bar</li>
 </ul>`,
 		)
 	})
@@ -69,4 +70,22 @@ func TestRender_IssueList(t *testing.T) {
 </ul>`,
 		)
 	})
+
+	t.Run("IssueFootnote", func(t *testing.T) {
+		test(
+			"foo[^1][^2]\n\n[^1]: bar\n[^2]: baz",
+			`<p>foo<sup id="fnref:user-content-1-12345"><a href="#fn:user-content-1-12345" rel="nofollow">1 </a></sup><sup id="fnref:user-content-2-12345"><a href="#fn:user-content-2-12345" rel="nofollow">2 </a></sup></p>
+<div>
+<hr/>
+<ol>
+<li id="fn:user-content-1-12345">
+<p>bar <a href="#fnref:user-content-1-12345" rel="nofollow">↩︎</a></p>
+</li>
+<li id="fn:user-content-2-12345">
+<p>baz <a href="#fnref:user-content-2-12345" rel="nofollow">↩︎</a></p>
+</li>
+</ol>
+</div>`,
+		)
+	})
 }
diff --git a/modules/markup/html_link.go b/modules/markup/html_link.go
index 0e7a988d36..43faef1681 100644
--- a/modules/markup/html_link.go
+++ b/modules/markup/html_link.go
@@ -31,8 +31,8 @@ func shortLinkProcessor(ctx *RenderContext, node *html.Node) {
 		// It makes page handling terrible, but we prefer GitHub syntax
 		// And fall back to MediaWiki only when it is obvious from the look
 		// Of text and link contents
-		sl := strings.Split(content, "|")
-		for _, v := range sl {
+		sl := strings.SplitSeq(content, "|")
+		for v := range sl {
 			if equalPos := strings.IndexByte(v, '='); equalPos == -1 {
 				// There is no equal in this argument; this is a mandatory arg
 				if props["name"] == "" {
@@ -125,7 +125,6 @@ func shortLinkProcessor(ctx *RenderContext, node *html.Node) {
 			}
 		}
 		if image {
-			link = ctx.RenderHelper.ResolveLink(link, LinkTypeMedia)
 			title := props["title"]
 			if title == "" {
 				title = props["alt"]
@@ -151,7 +150,6 @@ func shortLinkProcessor(ctx *RenderContext, node *html.Node) {
 				childNode.Attr = childNode.Attr[:2]
 			}
 		} else {
-			link = ctx.RenderHelper.ResolveLink(link, LinkTypeDefault)
 			childNode.Type = html.TextNode
 			childNode.Data = name
 		}
diff --git a/modules/markup/html_mention.go b/modules/markup/html_mention.go
index fffa12e7b7..f97c034cf3 100644
--- a/modules/markup/html_mention.go
+++ b/modules/markup/html_mention.go
@@ -33,7 +33,7 @@ func mentionProcessor(ctx *RenderContext, node *html.Node) {
 		if ok && strings.Contains(mention, "/") {
 			mentionOrgAndTeam := strings.Split(mention, "/")
 			if mentionOrgAndTeam[0][1:] == ctx.RenderOptions.Metas["org"] && strings.Contains(teams, ","+strings.ToLower(mentionOrgAndTeam[1])+",") {
-				link := ctx.RenderHelper.ResolveLink(util.URLJoin("org", ctx.RenderOptions.Metas["org"], "teams", mentionOrgAndTeam[1]), LinkTypeApp)
+				link := "/:root/" + util.URLJoin("org", ctx.RenderOptions.Metas["org"], "teams", mentionOrgAndTeam[1])
 				replaceContent(node, loc.Start, loc.End, createLink(ctx, link, mention, "" /*mention*/))
 				node = node.NextSibling.NextSibling
 				start = 0
@@ -45,7 +45,7 @@ func mentionProcessor(ctx *RenderContext, node *html.Node) {
 		mentionedUsername := mention[1:]
 
 		if DefaultRenderHelperFuncs != nil && DefaultRenderHelperFuncs.IsUsernameMentionable(ctx, mentionedUsername) {
-			link := ctx.RenderHelper.ResolveLink(mentionedUsername, LinkTypeApp)
+			link := "/:root/" + mentionedUsername
 			replaceContent(node, loc.Start, loc.End, createLink(ctx, link, mention, "" /*mention*/))
 			node = node.NextSibling.NextSibling
 			start = 0
diff --git a/modules/markup/html_node.go b/modules/markup/html_node.go
index 6e8ca67900..4eb78fdd2b 100644
--- a/modules/markup/html_node.go
+++ b/modules/markup/html_node.go
@@ -4,42 +4,105 @@
 package markup
 
 import (
+	"strings"
+
 	"golang.org/x/net/html"
 )
 
+func isAnchorIDUserContent(s string) bool {
+	// blackfridayExtRegex is for blackfriday extensions create IDs like fn:user-content-footnote
+	// old logic: blackfridayExtRegex = regexp.MustCompile(`[^:]*:user-content-`)
+	return strings.HasPrefix(s, "user-content-") || strings.Contains(s, ":user-content-")
+}
+
+func isAnchorIDFootnote(s string) bool {
+	return strings.HasPrefix(s, "fnref:user-content-") || strings.HasPrefix(s, "fn:user-content-")
+}
+
+func isAnchorHrefFootnote(s string) bool {
+	return strings.HasPrefix(s, "#fnref:user-content-") || strings.HasPrefix(s, "#fn:user-content-")
+}
+
+func processNodeAttrID(node *html.Node) {
+	// Add user-content- to IDs and "#" links if they don't already have them,
+	// and convert the link href to a relative link to the host root
+	for idx, attr := range node.Attr {
+		if attr.Key == "id" {
+			if !isAnchorIDUserContent(attr.Val) {
+				node.Attr[idx].Val = "user-content-" + attr.Val
+			}
+		}
+	}
+}
+
+func processFootnoteNode(ctx *RenderContext, node *html.Node) {
+	for idx, attr := range node.Attr {
+		if (attr.Key == "id" && isAnchorIDFootnote(attr.Val)) ||
+			(attr.Key == "href" && isAnchorHrefFootnote(attr.Val)) {
+			if footnoteContextID := ctx.RenderOptions.Metas["footnoteContextId"]; footnoteContextID != "" {
+				node.Attr[idx].Val = attr.Val + "-" + footnoteContextID
+			}
+			continue
+		}
+	}
+}
+
+func processNodeA(ctx *RenderContext, node *html.Node) {
+	for idx, attr := range node.Attr {
+		if attr.Key == "href" {
+			if anchorID, ok := strings.CutPrefix(attr.Val, "#"); ok {
+				if !isAnchorIDUserContent(attr.Val) {
+					node.Attr[idx].Val = "#user-content-" + anchorID
+				}
+			} else {
+				node.Attr[idx].Val = ctx.RenderHelper.ResolveLink(attr.Val, LinkTypeDefault)
+			}
+		}
+	}
+}
+
 func visitNodeImg(ctx *RenderContext, img *html.Node) (next *html.Node) {
 	next = img.NextSibling
-	for i, attr := range img.Attr {
-		if attr.Key != "src" {
+	attrSrc, hasLazy := "", false
+	for i, imgAttr := range img.Attr {
+		hasLazy = hasLazy || imgAttr.Key == "loading" && imgAttr.Val == "lazy"
+		if imgAttr.Key != "src" {
+			attrSrc = imgAttr.Val
 			continue
 		}
 
-		if IsNonEmptyRelativePath(attr.Val) {
-			attr.Val = ctx.RenderHelper.ResolveLink(attr.Val, LinkTypeMedia)
+		imgSrcOrigin := imgAttr.Val
+		isLinkable := imgSrcOrigin != "" && !strings.HasPrefix(imgSrcOrigin, "data:")
 
-			// By default, the "<img>" tag should also be clickable,
-			// because frontend use `<img>` to paste the re-scaled image into the markdown,
-			// so it must match the default markdown image behavior.
-			hasParentAnchor := false
-			for p := img.Parent; p != nil; p = p.Parent {
-				if hasParentAnchor = p.Type == html.ElementNode && p.Data == "a"; hasParentAnchor {
-					break
-				}
-			}
-			if !hasParentAnchor {
-				imgA := &html.Node{Type: html.ElementNode, Data: "a", Attr: []html.Attribute{
-					{Key: "href", Val: attr.Val},
-					{Key: "target", Val: "_blank"},
-				}}
-				parent := img.Parent
-				imgNext := img.NextSibling
-				parent.RemoveChild(img)
-				parent.InsertBefore(imgA, imgNext)
-				imgA.AppendChild(img)
+		// By default, the "<img>" tag should also be clickable,
+		// because frontend uses `<img>` to paste the re-scaled image into the Markdown,
+		// so it must match the default Markdown image behavior.
+		cnt := 0
+		for p := img.Parent; isLinkable && p != nil && cnt < 2; p = p.Parent {
+			if hasParentAnchor := p.Type == html.ElementNode && p.Data == "a"; hasParentAnchor {
+				isLinkable = false
+				break
 			}
+			cnt++
 		}
-		attr.Val = camoHandleLink(attr.Val)
-		img.Attr[i] = attr
+		if isLinkable {
+			wrapper := &html.Node{Type: html.ElementNode, Data: "a", Attr: []html.Attribute{
+				{Key: "href", Val: ctx.RenderHelper.ResolveLink(imgSrcOrigin, LinkTypeDefault)},
+				{Key: "target", Val: "_blank"},
+			}}
+			parent := img.Parent
+			imgNext := img.NextSibling
+			parent.RemoveChild(img)
+			parent.InsertBefore(wrapper, imgNext)
+			wrapper.AppendChild(img)
+		}
+
+		imgAttr.Val = ctx.RenderHelper.ResolveLink(imgSrcOrigin, LinkTypeMedia)
+		imgAttr.Val = camoHandleLink(imgAttr.Val)
+		img.Attr[i] = imgAttr
+	}
+	if !RenderBehaviorForTesting.DisableAdditionalAttributes && !hasLazy && !strings.HasPrefix(attrSrc, "data:") {
+		img.Attr = append(img.Attr, html.Attribute{Key: "loading", Val: "lazy"})
 	}
 	return next
 }
diff --git a/modules/markup/html_test.go b/modules/markup/html_test.go
index f0f062fa64..5fdbf43f7c 100644
--- a/modules/markup/html_test.go
+++ b/modules/markup/html_test.go
@@ -35,6 +35,7 @@ func TestRender_Commits(t *testing.T) {
 	sha := "65f1bf27bc3bf70f64657658635e66094edbcb4d"
 	repo := markup.TestAppURL + testRepoOwnerName + "/" + testRepoName + "/"
 	commit := util.URLJoin(repo, "commit", sha)
+	commitPath := "/user13/repo11/commit/" + sha
 	tree := util.URLJoin(repo, "tree", sha, "src")
 
 	file := util.URLJoin(repo, "commit", sha, "example.txt")
@@ -44,9 +45,9 @@ func TestRender_Commits(t *testing.T) {
 	commitCompare := util.URLJoin(repo, "compare", sha+"..."+sha)
 	commitCompareWithHash := commitCompare + "#L2"
 
-	test(sha, `<p><a href="`+commit+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
-	test(sha[:7], `<p><a href="`+commit[:len(commit)-(40-7)]+`" rel="nofollow"><code>65f1bf2</code></a></p>`)
-	test(sha[:39], `<p><a href="`+commit[:len(commit)-(40-39)]+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
+	test(sha, `<p><a href="`+commitPath+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
+	test(sha[:7], `<p><a href="`+commitPath[:len(commitPath)-(40-7)]+`" rel="nofollow"><code>65f1bf2</code></a></p>`)
+	test(sha[:39], `<p><a href="`+commitPath[:len(commitPath)-(40-39)]+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
 	test(commit, `<p><a href="`+commit+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
 	test(tree, `<p><a href="`+tree+`" rel="nofollow"><code>65f1bf27bc/src</code></a></p>`)
 
@@ -57,13 +58,13 @@ func TestRender_Commits(t *testing.T) {
 	test(commitCompare, `<p><a href="`+commitCompare+`" rel="nofollow"><code>65f1bf27bc...65f1bf27bc</code></a></p>`)
 	test(commitCompareWithHash, `<p><a href="`+commitCompareWithHash+`" rel="nofollow"><code>65f1bf27bc...65f1bf27bc (L2)</code></a></p>`)
 
-	test("commit "+sha, `<p>commit <a href="`+commit+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
+	test("commit "+sha, `<p>commit <a href="`+commitPath+`" rel="nofollow"><code>65f1bf27bc</code></a></p>`)
 	test("/home/gitea/"+sha, "<p>/home/gitea/"+sha+"</p>")
 	test("deadbeef", `<p>deadbeef</p>`)
 	test("d27ace93", `<p>d27ace93</p>`)
 	test(sha[:14]+".x", `<p>`+sha[:14]+`.x</p>`)
 
-	expected14 := `<a href="` + commit[:len(commit)-(40-14)] + `" rel="nofollow"><code>` + sha[:10] + `</code></a>`
+	expected14 := `<a href="` + commitPath[:len(commitPath)-(40-14)] + `" rel="nofollow"><code>` + sha[:10] + `</code></a>`
 	test(sha[:14]+".", `<p>`+expected14+`.</p>`)
 	test(sha[:14]+",", `<p>`+expected14+`,</p>`)
 	test("["+sha[:14]+"]", `<p>[`+expected14+`]</p>`)
@@ -80,10 +81,10 @@ func TestRender_CrossReferences(t *testing.T) {
 
 	test(
 		"test-owner/test-repo#12345",
-		`<p><a href="`+util.URLJoin(markup.TestAppURL, "test-owner", "test-repo", "issues", "12345")+`" class="ref-issue" rel="nofollow">test-owner/test-repo#12345</a></p>`)
+		`<p><a href="/test-owner/test-repo/issues/12345" class="ref-issue" rel="nofollow">test-owner/test-repo#12345</a></p>`)
 	test(
 		"go-gitea/gitea#12345",
-		`<p><a href="`+util.URLJoin(markup.TestAppURL, "go-gitea", "gitea", "issues", "12345")+`" class="ref-issue" rel="nofollow">go-gitea/gitea#12345</a></p>`)
+		`<p><a href="/go-gitea/gitea/issues/12345" class="ref-issue" rel="nofollow">go-gitea/gitea#12345</a></p>`)
 	test(
 		"/home/gitea/go-gitea/gitea#12345",
 		`<p>/home/gitea/go-gitea/gitea#12345</p>`)
@@ -224,10 +225,10 @@ func TestRender_email(t *testing.T) {
 	test := func(input, expected string) {
 		res, err := markup.RenderString(markup.NewTestRenderContext().WithRelativePath("a.md"), input)
 		assert.NoError(t, err)
-		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(res))
+		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(res), "input: %s", input)
 	}
-	// Text that should be turned into email link
 
+	// Text that should be turned into email link
 	test(
 		"info@gitea.com",
 		`<p><a href="mailto:info@gitea.com" rel="nofollow">info@gitea.com</a></p>`)
@@ -259,28 +260,48 @@ func TestRender_email(t *testing.T) {
 <a href="mailto:j.doe@example.com" rel="nofollow">j.doe@example.com</a>?
 <a href="mailto:j.doe@example.com" rel="nofollow">j.doe@example.com</a>!</p>`)
 
+	// match GitHub behavior
+	test("email@domain@domain.com", `<p>email@<a href="mailto:domain@domain.com" rel="nofollow">domain@domain.com</a></p>`)
+
+	// match GitHub behavior
+	test(`"info@gitea.com"`, `<p>&#34;<a href="mailto:info@gitea.com" rel="nofollow">info@gitea.com</a>&#34;</p>`)
+
 	// Test that should *not* be turned into email links
 	test(
-		"\"info@gitea.com\"",
-		`<p>&#34;info@gitea.com&#34;</p>`)
-	test(
 		"/home/gitea/mailstore/info@gitea/com",
 		`<p>/home/gitea/mailstore/info@gitea/com</p>`)
 	test(
 		"git@try.gitea.io:go-gitea/gitea.git",
 		`<p>git@try.gitea.io:go-gitea/gitea.git</p>`)
 	test(
+		"https://foo:bar@gitea.io",
+		`<p><a href="https://foo:bar@gitea.io" rel="nofollow">https://foo:bar@gitea.io</a></p>`)
+	test(
 		"gitea@3",
 		`<p>gitea@3</p>`)
 	test(
 		"gitea@gmail.c",
 		`<p>gitea@gmail.c</p>`)
 	test(
-		"email@domain@domain.com",
-		`<p>email@domain@domain.com</p>`)
-	test(
 		"email@domain..com",
 		`<p>email@domain..com</p>`)
+
+	cases := []struct {
+		input, expected string
+	}{
+		// match GitHub behavior
+		{"?a@d.zz", `<p>?<a href="mailto:a@d.zz" rel="nofollow">a@d.zz</a></p>`},
+		{"*a@d.zz", `<p>*<a href="mailto:a@d.zz" rel="nofollow">a@d.zz</a></p>`},
+		{"~a@d.zz", `<p>~<a href="mailto:a@d.zz" rel="nofollow">a@d.zz</a></p>`},
+
+		// the following cases don't match GitHub behavior, but they are valid email addresses ...
+		// maybe we should reduce the candidate characters for the "name" part in the future
+		{"a*a@d.zz", `<p><a href="mailto:a*a@d.zz" rel="nofollow">a*a@d.zz</a></p>`},
+		{"a~a@d.zz", `<p><a href="mailto:a~a@d.zz" rel="nofollow">a~a@d.zz</a></p>`},
+	}
+	for _, c := range cases {
+		test(c.input, c.expected)
+	}
 }
 
 func TestRender_emoji(t *testing.T) {
@@ -468,7 +489,7 @@ func Test_ParseClusterFuzz(t *testing.T) {
 	assert.NotContains(t, res.String(), "<html")
 }
 
-func TestPostProcess_RenderDocument(t *testing.T) {
+func TestPostProcess(t *testing.T) {
 	setting.StaticURLPrefix = markup.TestAppURL // can't run standalone
 	defer testModule.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
 
@@ -479,7 +500,7 @@ func TestPostProcess_RenderDocument(t *testing.T) {
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(res.String()))
 	}
 
-	// Issue index shouldn't be post processing in a document.
+	// Issue index shouldn't be post-processing in a document.
 	test(
 		"#1",
 		"#1")
@@ -487,9 +508,9 @@ func TestPostProcess_RenderDocument(t *testing.T) {
 	// But cross-referenced issue index should work.
 	test(
 		"go-gitea/gitea#12345",
-		`<a href="`+util.URLJoin(markup.TestAppURL, "go-gitea", "gitea", "issues", "12345")+`" class="ref-issue">go-gitea/gitea#12345</a>`)
+		`<a href="/go-gitea/gitea/issues/12345" class="ref-issue">go-gitea/gitea#12345</a>`)
 
-	// Test that other post processing still works.
+	// Test that other post-processing still works.
 	test(
 		":gitea:",
 		`<span class="emoji" aria-label="gitea"><img alt=":gitea:" src="`+setting.StaticURLPrefix+`/assets/img/emoji/gitea.png"/></span>`)
@@ -498,6 +519,16 @@ func TestPostProcess_RenderDocument(t *testing.T) {
 		`Some text with <span class="emoji" aria-label="grinning face with smiling eyes">😄</span> in the middle`)
 	test("http://localhost:3000/person/repo/issues/4#issuecomment-1234",
 		`<a href="http://localhost:3000/person/repo/issues/4#issuecomment-1234" class="ref-issue">person/repo#4 (comment)</a>`)
+
+	// special tags, GitHub's behavior, and for unclosed tags, output as text content as much as possible
+	test("<script>a", `&lt;script&gt;a`)
+	test("<script>a</script>", `&lt;script&gt;a&lt;/script&gt;`)
+	test("<STYLE>a", `&lt;STYLE&gt;a`)
+	test("<style>a</STYLE>", `&lt;style&gt;a&lt;/STYLE&gt;`)
+
+	// other special tags, our special behavior
+	test("<?php\nfoo", "&lt;?php\nfoo")
+	test("<%asp\nfoo", "&lt;%asp\nfoo")
 }
 
 func TestIssue16020(t *testing.T) {
@@ -543,7 +574,7 @@ func TestIssue18471(t *testing.T) {
 	err := markup.PostProcessDefault(markup.NewTestRenderContext(localMetas), strings.NewReader(data), &res)
 
 	assert.NoError(t, err)
-	assert.Equal(t, `<a href="http://domain/org/repo/compare/783b039...da951ce" class="compare"><code class="nohighlight">783b039...da951ce</code></a>`, res.String())
+	assert.Equal(t, `<a href="http://domain/org/repo/compare/783b039...da951ce" class="compare"><code>783b039...da951ce</code></a>`, res.String())
 }
 
 func TestIsFullURL(t *testing.T) {
diff --git a/modules/markup/internal/internal_test.go b/modules/markup/internal/internal_test.go
index 98ff3bc079..590bcbb67f 100644
--- a/modules/markup/internal/internal_test.go
+++ b/modules/markup/internal/internal_test.go
@@ -35,7 +35,7 @@ func TestRenderInternal(t *testing.T) {
 		assert.EqualValues(t, c.protected, protected)
 		_, _ = io.WriteString(in, string(protected))
 		_ = in.Close()
-		assert.EqualValues(t, c.recovered, out.String())
+		assert.Equal(t, c.recovered, out.String())
 	}
 
 	var r1, r2 RenderInternal
@@ -44,11 +44,11 @@ func TestRenderInternal(t *testing.T) {
 	_ = r1.init("sec", nil)
 	protected = r1.ProtectSafeAttrs(`<div class="test"></div>`)
 	assert.EqualValues(t, `<div data-attr-class="sec:test"></div>`, protected)
-	assert.EqualValues(t, "data-attr-class", r1.SafeAttr("class"))
-	assert.EqualValues(t, "sec:val", r1.SafeValue("val"))
+	assert.Equal(t, "data-attr-class", r1.SafeAttr("class"))
+	assert.Equal(t, "sec:val", r1.SafeValue("val"))
 	recovered, ok := r1.RecoverProtectedValue("sec:val")
 	assert.True(t, ok)
-	assert.EqualValues(t, "val", recovered)
+	assert.Equal(t, "val", recovered)
 	recovered, ok = r1.RecoverProtectedValue("other:val")
 	assert.False(t, ok)
 	assert.Empty(t, recovered)
@@ -57,5 +57,5 @@ func TestRenderInternal(t *testing.T) {
 	in2 := r2.init("sec-other", out2)
 	_, _ = io.WriteString(in2, string(protected))
 	_ = in2.Close()
-	assert.EqualValues(t, `<div data-attr-class="sec:test"></div>`, out2.String(), "different secureID should not recover the value")
+	assert.Equal(t, `<div data-attr-class="sec:test"></div>`, out2.String(), "different secureID should not recover the value")
 }
diff --git a/modules/markup/markdown/ast.go b/modules/markup/markdown/ast.go
index ca165b1ba0..f29f883734 100644
--- a/modules/markup/markdown/ast.go
+++ b/modules/markup/markdown/ast.go
@@ -4,6 +4,7 @@
 package markdown
 
 import (
+	"html/template"
 	"strconv"
 
 	"github.com/yuin/goldmark/ast"
@@ -29,9 +30,7 @@ func (n *Details) Kind() ast.NodeKind {
 
 // NewDetails returns a new Paragraph node.
 func NewDetails() *Details {
-	return &Details{
-		BaseBlock: ast.BaseBlock{},
-	}
+	return &Details{}
 }
 
 // Summary is a block that contains the summary of details block
@@ -54,9 +53,7 @@ func (n *Summary) Kind() ast.NodeKind {
 
 // NewSummary returns a new Summary node.
 func NewSummary() *Summary {
-	return &Summary{
-		BaseBlock: ast.BaseBlock{},
-	}
+	return &Summary{}
 }
 
 // TaskCheckBoxListItem is a block that represents a list item of a markdown block with a checkbox
@@ -95,29 +92,6 @@ type Icon struct {
 	Name []byte
 }
 
-// Dump implements Node.Dump .
-func (n *Icon) Dump(source []byte, level int) {
-	m := map[string]string{}
-	m["Name"] = string(n.Name)
-	ast.DumpHelper(n, source, level, m, nil)
-}
-
-// KindIcon is the NodeKind for Icon
-var KindIcon = ast.NewNodeKind("Icon")
-
-// Kind implements Node.Kind.
-func (n *Icon) Kind() ast.NodeKind {
-	return KindIcon
-}
-
-// NewIcon returns a new Paragraph node.
-func NewIcon(name string) *Icon {
-	return &Icon{
-		BaseInline: ast.BaseInline{},
-		Name:       []byte(name),
-	}
-}
-
 // ColorPreview is an inline for a color preview
 type ColorPreview struct {
 	ast.BaseInline
@@ -175,3 +149,24 @@ func NewAttention(attentionType string) *Attention {
 		AttentionType: attentionType,
 	}
 }
+
+var KindRawHTML = ast.NewNodeKind("RawHTML")
+
+type RawHTML struct {
+	ast.BaseBlock
+	rawHTML template.HTML
+}
+
+func (n *RawHTML) Dump(source []byte, level int) {
+	m := map[string]string{}
+	m["RawHTML"] = string(n.rawHTML)
+	ast.DumpHelper(n, source, level, m, nil)
+}
+
+func (n *RawHTML) Kind() ast.NodeKind {
+	return KindRawHTML
+}
+
+func NewRawHTML(rawHTML template.HTML) *RawHTML {
+	return &RawHTML{rawHTML: rawHTML}
+}
diff --git a/modules/markup/markdown/convertyaml.go b/modules/markup/markdown/convertyaml.go
index 1675b68be2..04664a9c1d 100644
--- a/modules/markup/markdown/convertyaml.go
+++ b/modules/markup/markdown/convertyaml.go
@@ -4,23 +4,22 @@
 package markdown
 
 import (
+	"strings"
+
+	"code.gitea.io/gitea/modules/htmlutil"
+	"code.gitea.io/gitea/modules/svg"
+
 	"github.com/yuin/goldmark/ast"
 	east "github.com/yuin/goldmark/extension/ast"
 	"gopkg.in/yaml.v3"
 )
 
 func nodeToTable(meta *yaml.Node) ast.Node {
-	for {
-		if meta == nil {
-			return nil
-		}
-		switch meta.Kind {
-		case yaml.DocumentNode:
-			meta = meta.Content[0]
-			continue
-		default:
-		}
-		break
+	for meta != nil && meta.Kind == yaml.DocumentNode {
+		meta = meta.Content[0]
+	}
+	if meta == nil {
+		return nil
 	}
 	switch meta.Kind {
 	case yaml.MappingNode:
@@ -72,12 +71,28 @@ func sequenceNodeToTable(meta *yaml.Node) ast.Node {
 	return table
 }
 
-func nodeToDetails(meta *yaml.Node, icon string) ast.Node {
+func nodeToDetails(g *ASTTransformer, meta *yaml.Node) ast.Node {
+	for meta != nil && meta.Kind == yaml.DocumentNode {
+		meta = meta.Content[0]
+	}
+	if meta == nil {
+		return nil
+	}
+	if meta.Kind != yaml.MappingNode {
+		return nil
+	}
+	var keys []string
+	for i := 0; i < len(meta.Content); i += 2 {
+		if meta.Content[i].Kind == yaml.ScalarNode {
+			keys = append(keys, meta.Content[i].Value)
+		}
+	}
 	details := NewDetails()
+	details.SetAttributeString(g.renderInternal.SafeAttr("class"), g.renderInternal.SafeValue("frontmatter-content"))
 	summary := NewSummary()
-	summary.AppendChild(summary, NewIcon(icon))
+	summaryInnerHTML := htmlutil.HTMLFormat("%s %s", svg.RenderHTML("octicon-table", 12), strings.Join(keys, ", "))
+	summary.AppendChild(summary, NewRawHTML(summaryInnerHTML))
 	details.AppendChild(details, summary)
 	details.AppendChild(details, nodeToTable(meta))
-
 	return details
 }
diff --git a/modules/markup/markdown/goldmark.go b/modules/markup/markdown/goldmark.go
index 69c2a96ff1..b28fa9824e 100644
--- a/modules/markup/markdown/goldmark.go
+++ b/modules/markup/markdown/goldmark.go
@@ -5,14 +5,10 @@ package markdown
 
 import (
 	"fmt"
-	"regexp"
-	"strings"
-	"sync"
 
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/markup/internal"
-	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/yuin/goldmark/ast"
 	east "github.com/yuin/goldmark/extension/ast"
@@ -51,7 +47,7 @@ func (g *ASTTransformer) Transform(node *ast.Document, reader text.Reader, pc pa
 
 	tocList := make([]Header, 0, 20)
 	if rc.yamlNode != nil {
-		metaNode := rc.toMetaNode()
+		metaNode := rc.toMetaNode(g)
 		if metaNode != nil {
 			node.InsertBefore(node, firstChild, metaNode)
 		}
@@ -68,23 +64,12 @@ func (g *ASTTransformer) Transform(node *ast.Document, reader text.Reader, pc pa
 			g.transformHeading(ctx, v, reader, &tocList)
 		case *ast.Paragraph:
 			g.applyElementDir(v)
-		case *ast.Image:
-			g.transformImage(ctx, v)
-		case *ast.Link:
-			g.transformLink(ctx, v)
 		case *ast.List:
 			g.transformList(ctx, v, rc)
 		case *ast.Text:
 			if v.SoftLineBreak() && !v.HardLineBreak() {
-				// TODO: this was a quite unclear part, old code: `if metas["mode"] != "document" { use comment link break setting }`
-				// many places render non-comment contents with no mode=document, then these contents also use comment's hard line break setting
-				// especially in many tests.
-				markdownLineBreakStyle := ctx.RenderOptions.Metas["markdownLineBreakStyle"]
-				if markdownLineBreakStyle == "comment" {
-					v.SetHardLineBreak(setting.Markdown.EnableHardLineBreakInComments)
-				} else if markdownLineBreakStyle == "document" {
-					v.SetHardLineBreak(setting.Markdown.EnableHardLineBreakInDocuments)
-				}
+				newLineHardBreak := ctx.RenderOptions.Metas["markdownNewLineHardBreak"] == "true"
+				v.SetHardLineBreak(newLineHardBreak)
 			}
 		case *ast.CodeSpan:
 			g.transformCodeSpan(ctx, v, reader)
@@ -111,11 +96,6 @@ func (g *ASTTransformer) Transform(node *ast.Document, reader text.Reader, pc pa
 	}
 }
 
-// it is copied from old code, which is quite doubtful whether it is correct
-var reValidIconName = sync.OnceValue(func() *regexp.Regexp {
-	return regexp.MustCompile(`^[-\w]+$`) // old: regexp.MustCompile("^[a-z ]+$")
-})
-
 // NewHTMLRenderer creates a HTMLRenderer to render in the gitea form.
 func NewHTMLRenderer(renderInternal *internal.RenderInternal, opts ...html.Option) renderer.NodeRenderer {
 	r := &HTMLRenderer{
@@ -140,11 +120,11 @@ func (r *HTMLRenderer) RegisterFuncs(reg renderer.NodeRendererFuncRegisterer) {
 	reg.Register(ast.KindDocument, r.renderDocument)
 	reg.Register(KindDetails, r.renderDetails)
 	reg.Register(KindSummary, r.renderSummary)
-	reg.Register(KindIcon, r.renderIcon)
 	reg.Register(ast.KindCodeSpan, r.renderCodeSpan)
 	reg.Register(KindAttention, r.renderAttention)
 	reg.Register(KindTaskCheckBoxListItem, r.renderTaskCheckBoxListItem)
 	reg.Register(east.KindTaskCheckBox, r.renderTaskCheckBox)
+	reg.Register(KindRawHTML, r.renderRawHTML)
 }
 
 func (r *HTMLRenderer) renderDocument(w util.BufWriter, source []byte, node ast.Node, entering bool) (ast.WalkStatus, error) {
@@ -155,7 +135,7 @@ func (r *HTMLRenderer) renderDocument(w util.BufWriter, source []byte, node ast.
 		if entering {
 			_, err = w.WriteString("<div")
 			if err == nil {
-				_, err = w.WriteString(fmt.Sprintf(` lang=%q`, val))
+				_, err = fmt.Fprintf(w, ` lang=%q`, val)
 			}
 			if err == nil {
 				_, err = w.WriteRune('>')
@@ -206,30 +186,14 @@ func (r *HTMLRenderer) renderSummary(w util.BufWriter, source []byte, node ast.N
 	return ast.WalkContinue, nil
 }
 
-func (r *HTMLRenderer) renderIcon(w util.BufWriter, source []byte, node ast.Node, entering bool) (ast.WalkStatus, error) {
+func (r *HTMLRenderer) renderRawHTML(w util.BufWriter, source []byte, node ast.Node, entering bool) (ast.WalkStatus, error) {
 	if !entering {
 		return ast.WalkContinue, nil
 	}
-
-	n := node.(*Icon)
-
-	name := strings.TrimSpace(strings.ToLower(string(n.Name)))
-
-	if len(name) == 0 {
-		// skip this
-		return ast.WalkContinue, nil
-	}
-
-	if !reValidIconName().MatchString(name) {
-		// skip this
-		return ast.WalkContinue, nil
-	}
-
-	// FIXME: the "icon xxx" is from Fomantic UI, it's really questionable whether it still works correctly
-	err := r.renderInternal.FormatWithSafeAttrs(w, `<i class="icon %s"></i>`, name)
+	n := node.(*RawHTML)
+	_, err := w.WriteString(string(r.renderInternal.ProtectSafeAttrs(n.rawHTML)))
 	if err != nil {
 		return ast.WalkStop, err
 	}
-
 	return ast.WalkContinue, nil
 }
diff --git a/modules/markup/markdown/markdown.go b/modules/markup/markdown/markdown.go
index ace31eb540..3b788432ba 100644
--- a/modules/markup/markdown/markdown.go
+++ b/modules/markup/markdown/markdown.go
@@ -5,7 +5,7 @@
 package markdown
 
 import (
-	"fmt"
+	"errors"
 	"html/template"
 	"io"
 	"strings"
@@ -48,7 +48,7 @@ func (l *limitWriter) Write(data []byte) (int, error) {
 		if err != nil {
 			return n, err
 		}
-		return n, fmt.Errorf("rendered content too large - truncating render")
+		return n, errors.New("rendered content too large - truncating render")
 	}
 	n, err := l.w.Write(data)
 	l.sum += int64(n)
@@ -86,20 +86,15 @@ func (r *GlodmarkRender) highlightingRenderer(w util.BufWriter, c highlighting.C
 			preClasses += " is-loading"
 		}
 
-		err := r.ctx.RenderInternal.FormatWithSafeAttrs(w, `<pre class="%s">`, preClasses)
-		if err != nil {
-			return
-		}
-
 		// include language-x class as part of commonmark spec, "chroma" class is used to highlight the code
 		// the "display" class is used by "js/markup/math.ts" to render the code element as a block
 		// the "math.ts" strictly depends on the structure: <pre class="code-block is-loading"><code class="language-math display">...</code></pre>
-		err = r.ctx.RenderInternal.FormatWithSafeAttrs(w, `<code class="chroma language-%s display">`, languageStr)
+		err := r.ctx.RenderInternal.FormatWithSafeAttrs(w, `<div class="code-block-container code-overflow-scroll"><pre class="%s"><code class="chroma language-%s display">`, preClasses, languageStr)
 		if err != nil {
 			return
 		}
 	} else {
-		_, err := w.WriteString("</code></pre>")
+		_, err := w.WriteString("</code></pre></div>")
 		if err != nil {
 			return
 		}
@@ -126,11 +121,11 @@ func SpecializedMarkdown(ctx *markup.RenderContext) *GlodmarkRender {
 				highlighting.WithWrapperRenderer(r.highlightingRenderer),
 			),
 			math.NewExtension(&ctx.RenderInternal, math.Options{
-				Enabled:           setting.Markdown.EnableMath,
-				ParseDollarInline: true,
-				ParseDollarBlock:  true,
-				ParseSquareBlock:  true, // TODO: this is a bad syntax "\[ ... \]", it conflicts with normal markdown escaping, it should be deprecated in the future (by some config options)
-				// ParseBracketInline: true, // TODO: this is also a bad syntax "\( ... \)", it also conflicts, it should be deprecated in the future
+				Enabled:                  setting.Markdown.EnableMath,
+				ParseInlineDollar:        setting.Markdown.MathCodeBlockOptions.ParseInlineDollar,
+				ParseInlineParentheses:   setting.Markdown.MathCodeBlockOptions.ParseInlineParentheses, // this is a bad syntax "\( ... \)", it conflicts with normal markdown escaping
+				ParseBlockDollar:         setting.Markdown.MathCodeBlockOptions.ParseBlockDollar,
+				ParseBlockSquareBrackets: setting.Markdown.MathCodeBlockOptions.ParseBlockSquareBrackets, //  this is a bad syntax "\[ ... \]", it conflicts with normal markdown escaping
 			}),
 			meta.Meta,
 		),
@@ -184,17 +179,10 @@ func render(ctx *markup.RenderContext, input io.Reader, output io.Writer) error
 	// Preserve original length.
 	bufWithMetadataLength := len(buf)
 
-	rc := &RenderConfig{
-		Meta: markup.RenderMetaAsDetails,
-		Icon: "table",
-		Lang: "",
-	}
+	rc := &RenderConfig{Meta: markup.RenderMetaAsDetails}
 	buf, _ = ExtractMetadataBytes(buf, rc)
 
-	metaLength := bufWithMetadataLength - len(buf)
-	if metaLength < 0 {
-		metaLength = 0
-	}
+	metaLength := max(bufWithMetadataLength-len(buf), 0)
 	rc.metaLength = metaLength
 
 	pc.Set(renderConfigKey, rc)
diff --git a/modules/markup/markdown/markdown_math_test.go b/modules/markup/markdown/markdown_math_test.go
index 813f050965..a75f18d36a 100644
--- a/modules/markup/markdown/markdown_math_test.go
+++ b/modules/markup/markdown/markdown_math_test.go
@@ -8,6 +8,8 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -15,6 +17,7 @@ import (
 const nl = "\n"
 
 func TestMathRender(t *testing.T) {
+	setting.Markdown.MathCodeBlockOptions = setting.MarkdownMathCodeBlockOptions{ParseInlineDollar: true, ParseInlineParentheses: true}
 	testcases := []struct {
 		testcase string
 		expected string
@@ -69,7 +72,7 @@ func TestMathRender(t *testing.T) {
 		},
 		{
 			"$$a$$",
-			`<code class="language-math display">a</code>` + nl,
+			`<p><code class="language-math">a</code></p>` + nl,
 		},
 		{
 			"$$a$$ test",
@@ -111,6 +114,7 @@ func TestMathRender(t *testing.T) {
 }
 
 func TestMathRenderBlockIndent(t *testing.T) {
+	setting.Markdown.MathCodeBlockOptions = setting.MarkdownMathCodeBlockOptions{ParseBlockDollar: true, ParseBlockSquareBrackets: true}
 	testcases := []struct {
 		name     string
 		testcase string
@@ -243,3 +247,64 @@ x
 		})
 	}
 }
+
+func TestMathRenderOptions(t *testing.T) {
+	setting.Markdown.MathCodeBlockOptions = setting.MarkdownMathCodeBlockOptions{}
+	defer test.MockVariableValue(&setting.Markdown.MathCodeBlockOptions)
+	test := func(t *testing.T, expected, input string) {
+		res, err := RenderString(markup.NewTestRenderContext(), input)
+		assert.NoError(t, err)
+		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(string(res)), "input: %s", input)
+	}
+
+	// default (non-conflict) inline syntax
+	test(t, `<p><code class="language-math">a</code></p>`, "$`a`$")
+
+	// ParseInlineDollar
+	test(t, `<p>$a$</p>`, `$a$`)
+	setting.Markdown.MathCodeBlockOptions.ParseInlineDollar = true
+	test(t, `<p><code class="language-math">a</code></p>`, `$a$`)
+
+	// ParseInlineParentheses
+	test(t, `<p>(a)</p>`, `\(a\)`)
+	setting.Markdown.MathCodeBlockOptions.ParseInlineParentheses = true
+	test(t, `<p><code class="language-math">a</code></p>`, `\(a\)`)
+
+	// ParseBlockDollar
+	test(t, `<p>$$
+a
+$$</p>
+`, `
+$$
+a
+$$
+`)
+	setting.Markdown.MathCodeBlockOptions.ParseBlockDollar = true
+	test(t, `<pre class="code-block is-loading"><code class="language-math display">
+a
+</code></pre>
+`, `
+$$
+a
+$$
+`)
+
+	// ParseBlockSquareBrackets
+	test(t, `<p>[
+a
+]</p>
+`, `
+\[
+a
+\]
+`)
+	setting.Markdown.MathCodeBlockOptions.ParseBlockSquareBrackets = true
+	test(t, `<pre class="code-block is-loading"><code class="language-math display">
+a
+</code></pre>
+`, `
+\[
+a
+\]
+`)
+}
diff --git a/modules/markup/markdown/markdown_test.go b/modules/markup/markdown/markdown_test.go
index 7a09be8665..4eb01bcc2d 100644
--- a/modules/markup/markdown/markdown_test.go
+++ b/modules/markup/markdown/markdown_test.go
@@ -47,7 +47,7 @@ func TestRender_StandardLinks(t *testing.T) {
 func TestRender_Images(t *testing.T) {
 	setting.AppURL = AppURL
 
-	test := func(input, expected string) {
+	render := func(input, expected string) {
 		buffer, err := markdown.RenderString(markup.NewTestRenderContext(FullURL), input)
 		assert.NoError(t, err)
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(string(buffer)))
@@ -59,27 +59,32 @@ func TestRender_Images(t *testing.T) {
 	result := util.URLJoin(FullURL, url)
 	// hint: With Markdown v2.5.2, there is a new syntax: [link](URL){:target="_blank"} , but we do not support it now
 
-	test(
+	render(
 		"!["+title+"]("+url+")",
 		`<p><a href="`+result+`" target="_blank" rel="nofollow noopener"><img src="`+result+`" alt="`+title+`"/></a></p>`)
 
-	test(
+	render(
 		"[["+title+"|"+url+"]]",
 		`<p><a href="`+result+`" rel="nofollow"><img src="`+result+`" title="`+title+`" alt="`+title+`"/></a></p>`)
-	test(
+	render(
 		"[!["+title+"]("+url+")]("+href+")",
 		`<p><a href="`+href+`" rel="nofollow"><img src="`+result+`" alt="`+title+`"/></a></p>`)
 
-	test(
+	render(
 		"!["+title+"]("+url+")",
 		`<p><a href="`+result+`" target="_blank" rel="nofollow noopener"><img src="`+result+`" alt="`+title+`"/></a></p>`)
 
-	test(
+	render(
 		"[["+title+"|"+url+"]]",
 		`<p><a href="`+result+`" rel="nofollow"><img src="`+result+`" title="`+title+`" alt="`+title+`"/></a></p>`)
-	test(
+	render(
 		"[!["+title+"]("+url+")]("+href+")",
 		`<p><a href="`+href+`" rel="nofollow"><img src="`+result+`" alt="`+title+`"/></a></p>`)
+
+	defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, false)()
+	render(
+		"<a><img src='a.jpg'></a>", // by the way, empty "a" tag will be removed
+		`<p dir="auto"><img src="http://localhost:3000/user13/repo11/a.jpg" loading="lazy"/></p>`)
 }
 
 func TestTotal_RenderString(t *testing.T) {
@@ -223,7 +228,7 @@ This PR has been generated by [Renovate Bot](https://github.com/renovatebot/reno
 <dd>This is another definition of the second term.</dd>
 </dl>
 <h3 id="user-content-footnotes">Footnotes</h3>
-<p>Here is a simple footnote,<sup id="fnref:user-content-1"><a href="#fn:user-content-1" rel="nofollow">1</a></sup> and here is a longer one.<sup id="fnref:user-content-bignote"><a href="#fn:user-content-bignote" rel="nofollow">2</a></sup></p>
+<p>Here is a simple footnote,<sup id="fnref:user-content-1"><a href="#fn:user-content-1" rel="nofollow">1 </a></sup> and here is a longer one.<sup id="fnref:user-content-bignote"><a href="#fn:user-content-bignote" rel="nofollow">2 </a></sup></p>
 <div>
 <hr/>
 <ol>
@@ -252,7 +257,7 @@ This PR has been generated by [Renovate Bot](https://github.com/renovatebot/reno
 			return username == "r-lyeh"
 		},
 	})
-	for i := 0; i < len(sameCases); i++ {
+	for i := range sameCases {
 		line, err := markdown.RenderString(markup.NewTestRenderContext(localMetas), sameCases[i])
 		assert.NoError(t, err)
 		assert.Equal(t, testAnswers[i], string(line))
@@ -308,12 +313,12 @@ func TestRenderSiblingImages_Issue12925(t *testing.T) {
 	testcase := `![image1](/image1)
 ![image2](/image2)
 `
-	expected := `<p><a href="/image1" target="_blank" rel="nofollow noopener"><img src="/image1" alt="image1"></a>
-<a href="/image2" target="_blank" rel="nofollow noopener"><img src="/image2" alt="image2"></a></p>
+	expected := `<p><a href="/image1" target="_blank" rel="nofollow noopener"><img src="/image1" alt="image1"/></a>
+<a href="/image2" target="_blank" rel="nofollow noopener"><img src="/image2" alt="image2"/></a></p>
 `
-	res, err := markdown.RenderRawString(markup.NewTestRenderContext(), testcase)
+	res, err := markdown.RenderString(markup.NewTestRenderContext(), testcase)
 	assert.NoError(t, err)
-	assert.Equal(t, expected, res)
+	assert.Equal(t, expected, string(res))
 }
 
 func TestRenderEmojiInLinks_Issue12331(t *testing.T) {
@@ -383,18 +388,74 @@ func TestColorPreview(t *testing.T) {
 	}
 }
 
-func TestTaskList(t *testing.T) {
+func TestMarkdownFrontmatter(t *testing.T) {
 	testcases := []struct {
-		testcase string
+		name     string
+		input    string
 		expected string
 	}{
 		{
+			"MapInFrontmatter",
+			`---
+key1: val1
+key2: val2
+---
+test
+`,
+			`<details class="frontmatter-content"><summary><span>octicon-table(12/)</span> key1, key2</summary><table>
+<thead>
+<tr>
+<th>key1</th>
+<th>key2</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>val1</td>
+<td>val2</td>
+</tr>
+</tbody>
+</table>
+</details><p>test</p>
+`,
+		},
+
+		{
+			"ListInFrontmatter",
+			`---
+- item1
+- item2
+---
+test
+`,
+			`- item1
+- item2
+
+<p>test</p>
+`,
+		},
+
+		{
+			"StringInFrontmatter",
+			`---
+anything
+---
+test
+`,
+			`anything
+
+<p>test</p>
+`,
+		},
+
+		{
 			// data-source-position should take into account YAML frontmatter.
+			"ListAfterFrontmatter",
 			`---
 foo: bar
 ---
 - [ ] task 1`,
-			`<details><summary><i class="icon table"></i></summary><table>
+			`<details class="frontmatter-content"><summary><span>octicon-table(12/)</span> foo</summary><table>
 <thead>
 <tr>
 <th>foo</th>
@@ -414,9 +475,9 @@ foo: bar
 	}
 
 	for _, test := range testcases {
-		res, err := markdown.RenderString(markup.NewTestRenderContext(), test.testcase)
-		assert.NoError(t, err, "Unexpected error in testcase: %q", test.testcase)
-		assert.Equal(t, template.HTML(test.expected), res, "Unexpected result in testcase %q", test.testcase)
+		res, err := markdown.RenderString(markup.NewTestRenderContext(), test.input)
+		assert.NoError(t, err, "Unexpected error in testcase: %q", test.name)
+		assert.Equal(t, test.expected, string(res), "Unexpected result in testcase %q", test.name)
 	}
 }
 
@@ -473,3 +534,16 @@ space</p>
 	assert.NoError(t, err)
 	assert.Equal(t, expected, string(result))
 }
+
+func TestMarkdownLink(t *testing.T) {
+	defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
+	input := `<a href=foo>link1</a>
+<a href='/foo'>link2</a>
+<a href="#foo">link3</a>`
+	result, err := markdown.RenderString(markup.NewTestRenderContext("/base", localMetas), input)
+	assert.NoError(t, err)
+	assert.Equal(t, `<p><a href="/base/foo" rel="nofollow">link1</a>
+<a href="/base/foo" rel="nofollow">link2</a>
+<a href="#user-content-foo" rel="nofollow">link3</a></p>
+`, string(result))
+}
diff --git a/modules/markup/markdown/math/block_renderer.go b/modules/markup/markdown/math/block_renderer.go
index 412e4d0dee..95a336a02c 100644
--- a/modules/markup/markdown/math/block_renderer.go
+++ b/modules/markup/markdown/math/block_renderer.go
@@ -42,7 +42,7 @@ func (r *BlockRenderer) RegisterFuncs(reg renderer.NodeRendererFuncRegisterer) {
 
 func (r *BlockRenderer) writeLines(w util.BufWriter, source []byte, n gast.Node) {
 	l := n.Lines().Len()
-	for i := 0; i < l; i++ {
+	for i := range l {
 		line := n.Lines().At(i)
 		_, _ = w.Write(util.EscapeHTML(line.Value(source)))
 	}
@@ -51,8 +51,8 @@ func (r *BlockRenderer) writeLines(w util.BufWriter, source []byte, n gast.Node)
 func (r *BlockRenderer) renderBlock(w util.BufWriter, source []byte, node gast.Node, entering bool) (gast.WalkStatus, error) {
 	n := node.(*Block)
 	if entering {
-		code := giteaUtil.Iif(n.Inline, "", `<pre class="code-block is-loading">`) + `<code class="language-math display">`
-		_ = r.renderInternal.FormatWithSafeAttrs(w, template.HTML(code))
+		codeHTML := giteaUtil.Iif[template.HTML](n.Inline, "", `<pre class="code-block is-loading">`) + `<code class="language-math display">`
+		_, _ = w.WriteString(string(r.renderInternal.ProtectSafeAttrs(codeHTML)))
 		r.writeLines(w, source, n)
 	} else {
 		_, _ = w.WriteString(`</code>` + giteaUtil.Iif(n.Inline, "", `</pre>`) + "\n")
diff --git a/modules/markup/markdown/math/inline_parser.go b/modules/markup/markdown/math/inline_parser.go
index a57abe9f9b..a711d1e1cd 100644
--- a/modules/markup/markdown/math/inline_parser.go
+++ b/modules/markup/markdown/math/inline_parser.go
@@ -15,26 +15,26 @@ type inlineParser struct {
 	trigger              []byte
 	endBytesSingleDollar []byte
 	endBytesDoubleDollar []byte
-	endBytesBracket      []byte
+	endBytesParentheses  []byte
+	enableInlineDollar   bool
 }
 
-var defaultInlineDollarParser = &inlineParser{
-	trigger:              []byte{'$'},
-	endBytesSingleDollar: []byte{'$'},
-	endBytesDoubleDollar: []byte{'$', '$'},
-}
-
-func NewInlineDollarParser() parser.InlineParser {
-	return defaultInlineDollarParser
+func NewInlineDollarParser(enableInlineDollar bool) parser.InlineParser {
+	return &inlineParser{
+		trigger:              []byte{'$'},
+		endBytesSingleDollar: []byte{'$'},
+		endBytesDoubleDollar: []byte{'$', '$'},
+		enableInlineDollar:   enableInlineDollar,
+	}
 }
 
-var defaultInlineBracketParser = &inlineParser{
-	trigger:         []byte{'\\', '('},
-	endBytesBracket: []byte{'\\', ')'},
+var defaultInlineParenthesesParser = &inlineParser{
+	trigger:             []byte{'\\', '('},
+	endBytesParentheses: []byte{'\\', ')'},
 }
 
-func NewInlineBracketParser() parser.InlineParser {
-	return defaultInlineBracketParser
+func NewInlineParenthesesParser() parser.InlineParser {
+	return defaultInlineParenthesesParser
 }
 
 // Trigger triggers this parser on $ or \
@@ -46,7 +46,7 @@ func isPunctuation(b byte) bool {
 	return b == '.' || b == '!' || b == '?' || b == ',' || b == ';' || b == ':'
 }
 
-func isBracket(b byte) bool {
+func isParenthesesClose(b byte) bool {
 	return b == ')'
 }
 
@@ -70,10 +70,11 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser.
 		startMarkLen = 1
 		stopMark = parser.endBytesSingleDollar
 		if len(line) > 1 {
-			if line[1] == '$' {
+			switch line[1] {
+			case '$':
 				startMarkLen = 2
 				stopMark = parser.endBytesDoubleDollar
-			} else if line[1] == '`' {
+			case '`':
 				pos := 1
 				for ; pos < len(line) && line[pos] == '`'; pos++ {
 				}
@@ -85,7 +86,11 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser.
 		}
 	} else {
 		startMarkLen = 2
-		stopMark = parser.endBytesBracket
+		stopMark = parser.endBytesParentheses
+	}
+
+	if line[0] == '$' && !parser.enableInlineDollar && (len(line) == 1 || line[1] != '`') {
+		return nil
 	}
 
 	if checkSurrounding {
@@ -109,7 +114,7 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser.
 				succeedingCharacter = line[i+len(stopMark)]
 			}
 			// check valid ending character
-			isValidEndingChar := isPunctuation(succeedingCharacter) || isBracket(succeedingCharacter) ||
+			isValidEndingChar := isPunctuation(succeedingCharacter) || isParenthesesClose(succeedingCharacter) ||
 				succeedingCharacter == ' ' || succeedingCharacter == '\n' || succeedingCharacter == 0
 			if checkSurrounding && !isValidEndingChar {
 				break
@@ -121,9 +126,10 @@ func (parser *inlineParser) Parse(parent ast.Node, block text.Reader, pc parser.
 			i++
 			continue
 		}
-		if line[i] == '{' {
+		switch line[i] {
+		case '{':
 			depth++
-		} else if line[i] == '}' {
+		case '}':
 			depth--
 		}
 	}
diff --git a/modules/markup/markdown/math/inline_renderer.go b/modules/markup/markdown/math/inline_renderer.go
index d000a7b317..eeeb60cc7e 100644
--- a/modules/markup/markdown/math/inline_renderer.go
+++ b/modules/markup/markdown/math/inline_renderer.go
@@ -28,7 +28,7 @@ func NewInlineRenderer(renderInternal *internal.RenderInternal) renderer.NodeRen
 
 func (r *InlineRenderer) renderInline(w util.BufWriter, source []byte, n ast.Node, entering bool) (ast.WalkStatus, error) {
 	if entering {
-		_ = r.renderInternal.FormatWithSafeAttrs(w, `<code class="language-math">`)
+		_, _ = w.WriteString(string(r.renderInternal.ProtectSafeAttrs(`<code class="language-math">`)))
 		for c := n.FirstChild(); c != nil; c = c.NextSibling() {
 			segment := c.(*ast.Text).Segment
 			value := util.EscapeHTML(segment.Value(source))
diff --git a/modules/markup/markdown/math/math.go b/modules/markup/markdown/math/math.go
index a6ff593d62..4b74db2d76 100644
--- a/modules/markup/markdown/math/math.go
+++ b/modules/markup/markdown/math/math.go
@@ -14,10 +14,11 @@ import (
 )
 
 type Options struct {
-	Enabled           bool
-	ParseDollarInline bool
-	ParseDollarBlock  bool
-	ParseSquareBlock  bool
+	Enabled                  bool
+	ParseInlineDollar        bool // inline $$ xxx $$ text
+	ParseInlineParentheses   bool // inline \( xxx \) text
+	ParseBlockDollar         bool // block $$ multiple-line $$ text
+	ParseBlockSquareBrackets bool // block \[ multiple-line \] text
 }
 
 // Extension is a math extension
@@ -42,16 +43,16 @@ func (e *Extension) Extend(m goldmark.Markdown) {
 		return
 	}
 
-	inlines := []util.PrioritizedValue{util.Prioritized(NewInlineBracketParser(), 501)}
-	if e.options.ParseDollarInline {
-		inlines = append(inlines, util.Prioritized(NewInlineDollarParser(), 502))
+	var inlines []util.PrioritizedValue
+	if e.options.ParseInlineParentheses {
+		inlines = append(inlines, util.Prioritized(NewInlineParenthesesParser(), 501))
 	}
-	m.Parser().AddOptions(parser.WithInlineParsers(inlines...))
+	inlines = append(inlines, util.Prioritized(NewInlineDollarParser(e.options.ParseInlineDollar), 502))
 
+	m.Parser().AddOptions(parser.WithInlineParsers(inlines...))
 	m.Parser().AddOptions(parser.WithBlockParsers(
-		util.Prioritized(NewBlockParser(e.options.ParseDollarBlock, e.options.ParseSquareBlock), 701),
+		util.Prioritized(NewBlockParser(e.options.ParseBlockDollar, e.options.ParseBlockSquareBrackets), 701),
 	))
-
 	m.Renderer().AddOptions(renderer.WithNodeRenderers(
 		util.Prioritized(NewBlockRenderer(e.renderInternal), 501),
 		util.Prioritized(NewInlineRenderer(e.renderInternal), 502),
diff --git a/modules/markup/markdown/meta_test.go b/modules/markup/markdown/meta_test.go
index 278c33f1d2..283d289d48 100644
--- a/modules/markup/markdown/meta_test.go
+++ b/modules/markup/markdown/meta_test.go
@@ -51,7 +51,7 @@ func TestExtractMetadata(t *testing.T) {
 		var meta IssueTemplate
 		body, err := ExtractMetadata(fmt.Sprintf("%s\n%s\n%s", sepTest, frontTest, sepTest), &meta)
 		assert.NoError(t, err)
-		assert.Equal(t, "", body)
+		assert.Empty(t, body)
 		assert.Equal(t, metaTest, meta)
 		assert.True(t, meta.Valid())
 	})
@@ -60,7 +60,7 @@ func TestExtractMetadata(t *testing.T) {
 func TestExtractMetadataBytes(t *testing.T) {
 	t.Run("ValidFrontAndBody", func(t *testing.T) {
 		var meta IssueTemplate
-		body, err := ExtractMetadataBytes([]byte(fmt.Sprintf("%s\n%s\n%s\n%s", sepTest, frontTest, sepTest, bodyTest)), &meta)
+		body, err := ExtractMetadataBytes(fmt.Appendf(nil, "%s\n%s\n%s\n%s", sepTest, frontTest, sepTest, bodyTest), &meta)
 		assert.NoError(t, err)
 		assert.Equal(t, bodyTest, string(body))
 		assert.Equal(t, metaTest, meta)
@@ -69,21 +69,21 @@ func TestExtractMetadataBytes(t *testing.T) {
 
 	t.Run("NoFirstSeparator", func(t *testing.T) {
 		var meta IssueTemplate
-		_, err := ExtractMetadataBytes([]byte(fmt.Sprintf("%s\n%s\n%s", frontTest, sepTest, bodyTest)), &meta)
+		_, err := ExtractMetadataBytes(fmt.Appendf(nil, "%s\n%s\n%s", frontTest, sepTest, bodyTest), &meta)
 		assert.Error(t, err)
 	})
 
 	t.Run("NoLastSeparator", func(t *testing.T) {
 		var meta IssueTemplate
-		_, err := ExtractMetadataBytes([]byte(fmt.Sprintf("%s\n%s\n%s", sepTest, frontTest, bodyTest)), &meta)
+		_, err := ExtractMetadataBytes(fmt.Appendf(nil, "%s\n%s\n%s", sepTest, frontTest, bodyTest), &meta)
 		assert.Error(t, err)
 	})
 
 	t.Run("NoBody", func(t *testing.T) {
 		var meta IssueTemplate
-		body, err := ExtractMetadataBytes([]byte(fmt.Sprintf("%s\n%s\n%s", sepTest, frontTest, sepTest)), &meta)
+		body, err := ExtractMetadataBytes(fmt.Appendf(nil, "%s\n%s\n%s", sepTest, frontTest, sepTest), &meta)
 		assert.NoError(t, err)
-		assert.Equal(t, "", string(body))
+		assert.Empty(t, string(body))
 		assert.Equal(t, metaTest, meta)
 		assert.True(t, meta.Valid())
 	})
diff --git a/modules/markup/markdown/renderconfig.go b/modules/markup/markdown/renderconfig.go
index f4c48d1b3d..d8b1b10ce6 100644
--- a/modules/markup/markdown/renderconfig.go
+++ b/modules/markup/markdown/renderconfig.go
@@ -16,7 +16,6 @@ import (
 // RenderConfig represents rendering configuration for this file
 type RenderConfig struct {
 	Meta     markup.RenderMetaMode
-	Icon     string
 	TOC      string // "false": hide,  "side"/empty: in sidebar,  "main"/"true": in main view
 	Lang     string
 	yamlNode *yaml.Node
@@ -74,7 +73,7 @@ func (rc *RenderConfig) UnmarshalYAML(value *yaml.Node) error {
 
 	type yamlRenderConfig struct {
 		Meta *string `yaml:"meta"`
-		Icon *string `yaml:"details_icon"`
+		Icon *string `yaml:"details_icon"` // deprecated, because there is no font icon, so no custom icon
 		TOC  *string `yaml:"include_toc"`
 		Lang *string `yaml:"lang"`
 	}
@@ -96,10 +95,6 @@ func (rc *RenderConfig) UnmarshalYAML(value *yaml.Node) error {
 		rc.Meta = renderMetaModeFromString(*cfg.Gitea.Meta)
 	}
 
-	if cfg.Gitea.Icon != nil {
-		rc.Icon = strings.TrimSpace(strings.ToLower(*cfg.Gitea.Icon))
-	}
-
 	if cfg.Gitea.Lang != nil && *cfg.Gitea.Lang != "" {
 		rc.Lang = *cfg.Gitea.Lang
 	}
@@ -111,7 +106,7 @@ func (rc *RenderConfig) UnmarshalYAML(value *yaml.Node) error {
 	return nil
 }
 
-func (rc *RenderConfig) toMetaNode() ast.Node {
+func (rc *RenderConfig) toMetaNode(g *ASTTransformer) ast.Node {
 	if rc.yamlNode == nil {
 		return nil
 	}
@@ -119,7 +114,7 @@ func (rc *RenderConfig) toMetaNode() ast.Node {
 	case markup.RenderMetaAsTable:
 		return nodeToTable(rc.yamlNode)
 	case markup.RenderMetaAsDetails:
-		return nodeToDetails(rc.yamlNode, rc.Icon)
+		return nodeToDetails(g, rc.yamlNode)
 	default:
 		return nil
 	}
diff --git a/modules/markup/markdown/renderconfig_test.go b/modules/markup/markdown/renderconfig_test.go
index 13346570fa..53c52177a7 100644
--- a/modules/markup/markdown/renderconfig_test.go
+++ b/modules/markup/markdown/renderconfig_test.go
@@ -21,42 +21,36 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 		{
 			"empty", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "",
 			}, "",
 		},
 		{
 			"lang", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "test",
 			}, "lang: test",
 		},
 		{
 			"metatable", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "",
 			}, "gitea: table",
 		},
 		{
 			"metanone", &RenderConfig{
 				Meta: "none",
-				Icon: "table",
 				Lang: "",
 			}, "gitea: none",
 		},
 		{
 			"metadetails", &RenderConfig{
 				Meta: "details",
-				Icon: "table",
 				Lang: "",
 			}, "gitea: details",
 		},
 		{
 			"metawrong", &RenderConfig{
 				Meta: "details",
-				Icon: "table",
 				Lang: "",
 			}, "gitea: wrong",
 		},
@@ -64,7 +58,6 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 			"toc", &RenderConfig{
 				TOC:  "true",
 				Meta: "table",
-				Icon: "table",
 				Lang: "",
 			}, "include_toc: true",
 		},
@@ -72,14 +65,12 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 			"tocfalse", &RenderConfig{
 				TOC:  "false",
 				Meta: "table",
-				Icon: "table",
 				Lang: "",
 			}, "include_toc: false",
 		},
 		{
 			"toclang", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				TOC:  "true",
 				Lang: "testlang",
 			}, `
@@ -90,7 +81,6 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 		{
 			"complexlang", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "testlang",
 			}, `
 				gitea:
@@ -100,7 +90,6 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 		{
 			"complexlang2", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "testlang",
 			}, `
 	lang: notright
@@ -111,7 +100,6 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 		{
 			"complexlang", &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "testlang",
 			}, `
 	gitea:
@@ -123,7 +111,6 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 				Lang: "two",
 				Meta: "table",
 				TOC:  "true",
-				Icon: "smiley",
 			}, `
 	lang: one
 	include_toc: true
@@ -139,14 +126,12 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			got := &RenderConfig{
 				Meta: "table",
-				Icon: "table",
 				Lang: "",
 			}
 			err := yaml.Unmarshal([]byte(strings.ReplaceAll(tt.args, "\t", "    ")), got)
 			require.NoError(t, err)
 
 			assert.Equal(t, tt.expected.Meta, got.Meta)
-			assert.Equal(t, tt.expected.Icon, got.Icon)
 			assert.Equal(t, tt.expected.Lang, got.Lang)
 			assert.Equal(t, tt.expected.TOC, got.TOC)
 		})
diff --git a/modules/markup/markdown/toc.go b/modules/markup/markdown/toc.go
index ea1af83a3e..a11b9d0390 100644
--- a/modules/markup/markdown/toc.go
+++ b/modules/markup/markdown/toc.go
@@ -4,7 +4,6 @@
 package markdown
 
 import (
-	"fmt"
 	"net/url"
 
 	"code.gitea.io/gitea/modules/translation"
@@ -50,7 +49,7 @@ func createTOCNode(toc []Header, lang string, detailsAttrs map[string]string) as
 		}
 		li := ast.NewListItem(currentLevel * 2)
 		a := ast.NewLink()
-		a.Destination = []byte(fmt.Sprintf("#%s", url.QueryEscape(header.ID)))
+		a.Destination = []byte("#" + url.QueryEscape(header.ID))
 		a.AppendChild(a, ast.NewString([]byte(header.Text)))
 		li.AppendChild(li, a)
 		ul.AppendChild(ul, li)
diff --git a/modules/markup/markdown/transform_blockquote.go b/modules/markup/markdown/transform_blockquote.go
index 3a8c6fa018..bf17f01681 100644
--- a/modules/markup/markdown/transform_blockquote.go
+++ b/modules/markup/markdown/transform_blockquote.go
@@ -46,7 +46,7 @@ func (g *ASTTransformer) extractBlockquoteAttentionEmphasis(firstParagraph ast.N
 	if !ok {
 		return "", nil
 	}
-	val1 := string(node1.Text(reader.Source())) //nolint:staticcheck
+	val1 := string(node1.Text(reader.Source())) //nolint:staticcheck // Text is deprecated
 	attentionType := strings.ToLower(val1)
 	if g.attentionTypes.Contains(attentionType) {
 		return attentionType, []ast.Node{node1}
diff --git a/modules/markup/markdown/transform_codespan.go b/modules/markup/markdown/transform_codespan.go
index bccc43aad2..c2e4295bc2 100644
--- a/modules/markup/markdown/transform_codespan.go
+++ b/modules/markup/markdown/transform_codespan.go
@@ -68,7 +68,7 @@ func cssColorHandler(value string) bool {
 }
 
 func (g *ASTTransformer) transformCodeSpan(_ *markup.RenderContext, v *ast.CodeSpan, reader text.Reader) {
-	colorContent := v.Text(reader.Source()) //nolint:staticcheck
+	colorContent := v.Text(reader.Source()) //nolint:staticcheck // Text is deprecated
 	if cssColorHandler(string(colorContent)) {
 		v.AppendChild(v, NewColorPreview(colorContent))
 	}
diff --git a/modules/markup/markdown/transform_heading.go b/modules/markup/markdown/transform_heading.go
index 5f8a12794d..a229a7b1a4 100644
--- a/modules/markup/markdown/transform_heading.go
+++ b/modules/markup/markdown/transform_heading.go
@@ -16,10 +16,10 @@ import (
 func (g *ASTTransformer) transformHeading(_ *markup.RenderContext, v *ast.Heading, reader text.Reader, tocList *[]Header) {
 	for _, attr := range v.Attributes() {
 		if _, ok := attr.Value.([]byte); !ok {
-			v.SetAttribute(attr.Name, []byte(fmt.Sprintf("%v", attr.Value)))
+			v.SetAttribute(attr.Name, fmt.Appendf(nil, "%v", attr.Value))
 		}
 	}
-	txt := v.Text(reader.Source()) //nolint:staticcheck
+	txt := v.Text(reader.Source()) //nolint:staticcheck // Text is deprecated
 	header := Header{
 		Text:  util.UnsafeBytesToString(txt),
 		Level: v.Level,
diff --git a/modules/markup/markdown/transform_image.go b/modules/markup/markdown/transform_image.go
deleted file mode 100644
index 36512e59a8..0000000000
--- a/modules/markup/markdown/transform_image.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package markdown
-
-import (
-	"code.gitea.io/gitea/modules/markup"
-
-	"github.com/yuin/goldmark/ast"
-)
-
-func (g *ASTTransformer) transformImage(ctx *markup.RenderContext, v *ast.Image) {
-	// Images need two things:
-	//
-	// 1. Their src needs to munged to be a real value
-	// 2. If they're not wrapped with a link they need a link wrapper
-
-	// Check if the destination is a real link
-	if len(v.Destination) > 0 && !markup.IsFullURLBytes(v.Destination) {
-		v.Destination = []byte(ctx.RenderHelper.ResolveLink(string(v.Destination), markup.LinkTypeMedia))
-	}
-
-	parent := v.Parent()
-	// Create a link around image only if parent is not already a link
-	if _, ok := parent.(*ast.Link); !ok && parent != nil {
-		next := v.NextSibling()
-
-		// Create a link wrapper
-		wrap := ast.NewLink()
-		wrap.Destination = v.Destination
-		wrap.Title = v.Title
-		wrap.SetAttributeString("target", []byte("_blank"))
-
-		// Duplicate the current image node
-		image := ast.NewImage(ast.NewLink())
-		image.Destination = v.Destination
-		image.Title = v.Title
-		for _, attr := range v.Attributes() {
-			image.SetAttribute(attr.Name, attr.Value)
-		}
-		for child := v.FirstChild(); child != nil; {
-			next := child.NextSibling()
-			image.AppendChild(image, child)
-			child = next
-		}
-
-		// Append our duplicate image to the wrapper link
-		wrap.AppendChild(wrap, image)
-
-		// Wire in the next sibling
-		wrap.SetNextSibling(next)
-
-		// Replace the current node with the wrapper link
-		parent.ReplaceChild(parent, v, wrap)
-
-		// But most importantly ensure the next sibling is still on the old image too
-		v.SetNextSibling(next)
-	}
-}
diff --git a/modules/markup/markdown/transform_link.go b/modules/markup/markdown/transform_link.go
deleted file mode 100644
index 51c2c915d8..0000000000
--- a/modules/markup/markdown/transform_link.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package markdown
-
-import (
-	"code.gitea.io/gitea/modules/markup"
-
-	"github.com/yuin/goldmark/ast"
-)
-
-func resolveLink(ctx *markup.RenderContext, link, userContentAnchorPrefix string) (result string, resolved bool) {
-	isAnchorFragment := link != "" && link[0] == '#'
-	if !isAnchorFragment && !markup.IsFullURLString(link) {
-		link, resolved = ctx.RenderHelper.ResolveLink(link, markup.LinkTypeDefault), true
-	}
-	if isAnchorFragment && userContentAnchorPrefix != "" {
-		link, resolved = userContentAnchorPrefix+link[1:], true
-	}
-	return link, resolved
-}
-
-func (g *ASTTransformer) transformLink(ctx *markup.RenderContext, v *ast.Link) {
-	if link, resolved := resolveLink(ctx, string(v.Destination), "#user-content-"); resolved {
-		v.Destination = []byte(link)
-	}
-}
diff --git a/modules/markup/mdstripper/mdstripper.go b/modules/markup/mdstripper/mdstripper.go
index fe0eabb473..5a6504416a 100644
--- a/modules/markup/mdstripper/mdstripper.go
+++ b/modules/markup/mdstripper/mdstripper.go
@@ -46,7 +46,7 @@ func (r *stripRenderer) Render(w io.Writer, source []byte, doc ast.Node) error {
 				coalesce := prevSibIsText
 				r.processString(
 					w,
-					v.Text(source), //nolint:staticcheck
+					v.Text(source), //nolint:staticcheck // Text is deprecated
 					coalesce)
 				if v.SoftLineBreak() {
 					r.doubleSpace(w)
@@ -91,8 +91,7 @@ func (r *stripRenderer) processAutoLink(w io.Writer, link []byte) {
 	}
 
 	// Note: we're not attempting to match the URL scheme (http/https)
-	host := strings.ToLower(u.Host)
-	if host != "" && host != strings.ToLower(r.localhost.Host) {
+	if u.Host != "" && !strings.EqualFold(u.Host, r.localhost.Host) {
 		// Process out of band
 		r.links = append(r.links, linkStr)
 		return
@@ -107,11 +106,12 @@ func (r *stripRenderer) processAutoLink(w io.Writer, link []byte) {
 	}
 
 	var sep string
-	if parts[3] == "issues" {
+	switch parts[3] {
+	case "issues":
 		sep = "#"
-	} else if parts[3] == "pulls" {
+	case "pulls":
 		sep = "!"
-	} else {
+	default:
 		// Process out of band
 		r.links = append(r.links, linkStr)
 		return
diff --git a/modules/markup/mdstripper/mdstripper_test.go b/modules/markup/mdstripper/mdstripper_test.go
index ea34df0a3b..7fb49c1e01 100644
--- a/modules/markup/mdstripper/mdstripper_test.go
+++ b/modules/markup/mdstripper/mdstripper_test.go
@@ -79,7 +79,7 @@ A HIDDEN ` + "`" + `GHOST` + "`" + ` IN THIS LINE.
 				lines = append(lines, line)
 			}
 		}
-		assert.EqualValues(t, test.expectedText, lines)
-		assert.EqualValues(t, test.expectedLinks, links)
+		assert.Equal(t, test.expectedText, lines)
+		assert.Equal(t, test.expectedLinks, links)
 	}
 }
diff --git a/modules/markup/orgmode/orgmode.go b/modules/markup/orgmode/orgmode.go
index 70d02c1321..93c335d244 100644
--- a/modules/markup/orgmode/orgmode.go
+++ b/modules/markup/orgmode/orgmode.go
@@ -1,7 +1,7 @@
 // Copyright 2017 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package markup
+package orgmode
 
 import (
 	"fmt"
@@ -125,27 +125,13 @@ type orgWriter struct {
 
 var _ org.Writer = (*orgWriter)(nil)
 
-func (r *orgWriter) resolveLink(kind, link string) string {
-	link = strings.TrimPrefix(link, "file:")
-	if !strings.HasPrefix(link, "#") && // not a URL fragment
-		!markup.IsFullURLString(link) {
-		if kind == "regular" {
-			// orgmode reports the link kind as "regular" for "[[ImageLink.svg][The Image Desc]]"
-			// so we need to try to guess the link kind again here
-			kind = org.RegularLink{URL: link}.Kind()
-		}
-		if kind == "image" || kind == "video" {
-			link = r.rctx.RenderHelper.ResolveLink(link, markup.LinkTypeMedia)
-		} else {
-			link = r.rctx.RenderHelper.ResolveLink(link, markup.LinkTypeDefault)
-		}
-	}
-	return link
+func (r *orgWriter) resolveLink(link string) string {
+	return strings.TrimPrefix(link, "file:")
 }
 
 // WriteRegularLink renders images, links or videos
 func (r *orgWriter) WriteRegularLink(l org.RegularLink) {
-	link := r.resolveLink(l.Kind(), l.URL)
+	link := r.resolveLink(l.URL)
 
 	printHTML := func(html template.HTML, a ...any) {
 		_, _ = fmt.Fprint(r, htmlutil.HTMLFormat(html, a...))
@@ -156,14 +142,14 @@ func (r *orgWriter) WriteRegularLink(l org.RegularLink) {
 		if l.Description == nil {
 			printHTML(`<img src="%s" alt="%s">`, link, link)
 		} else {
-			imageSrc := r.resolveLink(l.Kind(), org.String(l.Description...))
+			imageSrc := r.resolveLink(org.String(l.Description...))
 			printHTML(`<a href="%s"><img src="%s" alt="%s"></a>`, link, imageSrc, imageSrc)
 		}
 	case "video":
 		if l.Description == nil {
 			printHTML(`<video src="%s">%s</video>`, link, link)
 		} else {
-			videoSrc := r.resolveLink(l.Kind(), org.String(l.Description...))
+			videoSrc := r.resolveLink(org.String(l.Description...))
 			printHTML(`<a href="%s"><video src="%s">%s</video></a>`, link, videoSrc, videoSrc)
 		}
 	default:
diff --git a/modules/markup/orgmode/orgmode_test.go b/modules/markup/orgmode/orgmode_test.go
index de39bafebe..df4bb38ad1 100644
--- a/modules/markup/orgmode/orgmode_test.go
+++ b/modules/markup/orgmode/orgmode_test.go
@@ -1,7 +1,7 @@
 // Copyright 2017 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package markup
+package orgmode_test
 
 import (
 	"os"
@@ -9,6 +9,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/markup/orgmode"
 	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/stretchr/testify/assert"
@@ -22,7 +23,7 @@ func TestMain(m *testing.M) {
 
 func TestRender_StandardLinks(t *testing.T) {
 	test := func(input, expected string) {
-		buffer, err := RenderString(markup.NewTestRenderContext("/relative-path/media/branch/main/"), input)
+		buffer, err := orgmode.RenderString(markup.NewTestRenderContext(), input)
 		assert.NoError(t, err)
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(buffer))
 	}
@@ -30,37 +31,37 @@ func TestRender_StandardLinks(t *testing.T) {
 	test("[[https://google.com/]]",
 		`<p><a href="https://google.com/">https://google.com/</a></p>`)
 	test("[[ImageLink.svg][The Image Desc]]",
-		`<p><a href="/relative-path/media/branch/main/ImageLink.svg">The Image Desc</a></p>`)
+		`<p><a href="ImageLink.svg">The Image Desc</a></p>`)
 }
 
 func TestRender_InternalLinks(t *testing.T) {
 	test := func(input, expected string) {
-		buffer, err := RenderString(markup.NewTestRenderContext("/relative-path/src/branch/main"), input)
+		buffer, err := orgmode.RenderString(markup.NewTestRenderContext(), input)
 		assert.NoError(t, err)
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(buffer))
 	}
 
 	test("[[file:test.org][Test]]",
-		`<p><a href="/relative-path/src/branch/main/test.org">Test</a></p>`)
+		`<p><a href="test.org">Test</a></p>`)
 	test("[[./test.org][Test]]",
-		`<p><a href="/relative-path/src/branch/main/test.org">Test</a></p>`)
+		`<p><a href="./test.org">Test</a></p>`)
 	test("[[test.org][Test]]",
-		`<p><a href="/relative-path/src/branch/main/test.org">Test</a></p>`)
+		`<p><a href="test.org">Test</a></p>`)
 	test("[[path/to/test.org][Test]]",
-		`<p><a href="/relative-path/src/branch/main/path/to/test.org">Test</a></p>`)
+		`<p><a href="path/to/test.org">Test</a></p>`)
 }
 
 func TestRender_Media(t *testing.T) {
 	test := func(input, expected string) {
-		buffer, err := RenderString(markup.NewTestRenderContext("./relative-path"), input)
+		buffer, err := orgmode.RenderString(markup.NewTestRenderContext(), input)
 		assert.NoError(t, err)
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(buffer))
 	}
 
 	test("[[file:../../.images/src/02/train.jpg]]",
-		`<p><img src=".images/src/02/train.jpg" alt=".images/src/02/train.jpg"></p>`)
+		`<p><img src="../../.images/src/02/train.jpg" alt="../../.images/src/02/train.jpg"></p>`)
 	test("[[file:train.jpg]]",
-		`<p><img src="relative-path/train.jpg" alt="relative-path/train.jpg"></p>`)
+		`<p><img src="train.jpg" alt="train.jpg"></p>`)
 
 	// With description.
 	test("[[https://example.com][https://example.com/example.svg]]",
@@ -91,7 +92,7 @@ func TestRender_Media(t *testing.T) {
 
 func TestRender_Source(t *testing.T) {
 	test := func(input, expected string) {
-		buffer, err := RenderString(markup.NewTestRenderContext(), input)
+		buffer, err := orgmode.RenderString(markup.NewTestRenderContext(), input)
 		assert.NoError(t, err)
 		assert.Equal(t, strings.TrimSpace(expected), strings.TrimSpace(buffer))
 	}
diff --git a/modules/markup/render.go b/modules/markup/render.go
index 37a2a86687..79f1f473c2 100644
--- a/modules/markup/render.go
+++ b/modules/markup/render.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"net/url"
+	"strconv"
 	"strings"
 	"time"
 
@@ -46,7 +47,7 @@ type RenderOptions struct {
 	// user&repo, format&style&regexp (for external issue pattern), teams&org (for mention)
 	// RefTypeNameSubURL (for iframe&asciicast)
 	// markupAllowShortIssuePattern
-	// markdownLineBreakStyle (comment, document)
+	// markdownNewLineHardBreak
 	Metas map[string]string
 
 	// used by external render. the router "/org/repo/render/..." will output the rendered content in a standalone page
@@ -247,7 +248,8 @@ func Init(renderHelpFuncs *RenderHelperFuncs) {
 }
 
 func ComposeSimpleDocumentMetas() map[string]string {
-	return map[string]string{"markdownLineBreakStyle": "document"}
+	// TODO: there is no separate config option for "simple document" rendering, so temporarily use the same config as "repo file"
+	return map[string]string{"markdownNewLineHardBreak": strconv.FormatBool(setting.Markdown.RenderOptionsRepoFile.NewLineHardBreak)}
 }
 
 type TestRenderHelper struct {
@@ -261,8 +263,14 @@ func (r *TestRenderHelper) IsCommitIDExisting(commitID string) bool {
 	return strings.HasPrefix(commitID, "65f1bf2") //|| strings.HasPrefix(commitID, "88fc37a")
 }
 
-func (r *TestRenderHelper) ResolveLink(link string, likeType LinkType) string {
-	return r.ctx.ResolveLinkRelative(r.BaseLink, "", link)
+func (r *TestRenderHelper) ResolveLink(link, preferLinkType string) string {
+	linkType, link := ParseRenderedLink(link, preferLinkType)
+	switch linkType {
+	case LinkTypeRoot:
+		return r.ctx.ResolveLinkRoot(link)
+	default:
+		return r.ctx.ResolveLinkRelative(r.BaseLink, "", link)
+	}
 }
 
 var _ RenderHelper = (*TestRenderHelper)(nil)
diff --git a/modules/markup/render_helper.go b/modules/markup/render_helper.go
index 8ff0e7d6fb..b16f1189c5 100644
--- a/modules/markup/render_helper.go
+++ b/modules/markup/render_helper.go
@@ -10,13 +10,11 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 )
 
-type LinkType string
-
 const (
-	LinkTypeApp     LinkType = "app"     // the link is relative to the AppSubURL
-	LinkTypeDefault LinkType = "default" // the link is relative to the default base (eg: repo link, or current ref tree path)
-	LinkTypeMedia   LinkType = "media"   // the link should be used to access media files (images, videos)
-	LinkTypeRaw     LinkType = "raw"     // not really useful, mainly for environment GITEA_PREFIX_RAW for external renders
+	LinkTypeDefault = ""
+	LinkTypeRoot    = "/:root"  // the link is relative to the AppSubURL(ROOT_URL)
+	LinkTypeMedia   = "/:media" // the link should be used to access media files (images, videos)
+	LinkTypeRaw     = "/:raw"   // not really useful, mainly for environment GITEA_PREFIX_RAW for external renders
 )
 
 type RenderHelper interface {
@@ -27,7 +25,7 @@ type RenderHelper interface {
 	// but not make processors to guess "is it rendering a comment or a wiki?" or "does it need to check commit ID?"
 
 	IsCommitIDExisting(commitID string) bool
-	ResolveLink(link string, likeType LinkType) string
+	ResolveLink(link, preferLinkType string) string
 }
 
 // RenderHelperFuncs is used to decouple cycle-import
@@ -51,7 +49,8 @@ func (r *SimpleRenderHelper) IsCommitIDExisting(commitID string) bool {
 	return false
 }
 
-func (r *SimpleRenderHelper) ResolveLink(link string, likeType LinkType) string {
+func (r *SimpleRenderHelper) ResolveLink(link, preferLinkType string) string {
+	_, link = ParseRenderedLink(link, preferLinkType)
 	return resolveLinkRelative(context.Background(), setting.AppSubURL+"/", "", link, false)
 }
 
diff --git a/modules/markup/render_link.go b/modules/markup/render_link.go
index b2e0699681..046544ce81 100644
--- a/modules/markup/render_link.go
+++ b/modules/markup/render_link.go
@@ -33,10 +33,24 @@ func resolveLinkRelative(ctx context.Context, base, cur, link string, absolute b
 	return finalLink
 }
 
-func (ctx *RenderContext) ResolveLinkRelative(base, cur, link string) (finalLink string) {
+func (ctx *RenderContext) ResolveLinkRelative(base, cur, link string) string {
+	if strings.HasPrefix(link, "/:") {
+		setting.PanicInDevOrTesting("invalid link %q, forgot to cut?", link)
+	}
 	return resolveLinkRelative(ctx, base, cur, link, ctx.RenderOptions.UseAbsoluteLink)
 }
 
-func (ctx *RenderContext) ResolveLinkApp(link string) string {
+func (ctx *RenderContext) ResolveLinkRoot(link string) string {
 	return ctx.ResolveLinkRelative(setting.AppSubURL+"/", "", link)
 }
+
+func ParseRenderedLink(s, preferLinkType string) (linkType, link string) {
+	if strings.HasPrefix(s, "/:") {
+		p := strings.IndexByte(s[1:], '/')
+		if p == -1 {
+			return s, ""
+		}
+		return s[:p+1], s[p+2:]
+	}
+	return preferLinkType, s
+}
diff --git a/modules/markup/renderer.go b/modules/markup/renderer.go
index 35f90eb46c..b6e9c348b7 100644
--- a/modules/markup/renderer.go
+++ b/modules/markup/renderer.go
@@ -4,12 +4,12 @@
 package markup
 
 import (
-	"bytes"
 	"io"
 	"path"
 	"strings"
 
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/typesniffer"
 )
 
 // Renderer defines an interface for rendering markup file to HTML
@@ -37,7 +37,7 @@ type ExternalRenderer interface {
 // RendererContentDetector detects if the content can be rendered
 // by specified renderer
 type RendererContentDetector interface {
-	CanRender(filename string, input io.Reader) bool
+	CanRender(filename string, sniffedType typesniffer.SniffedType, prefetchBuf []byte) bool
 }
 
 var (
@@ -60,13 +60,9 @@ func GetRendererByFileName(filename string) Renderer {
 }
 
 // DetectRendererType detects the markup type of the content
-func DetectRendererType(filename string, input io.Reader) string {
-	buf, err := io.ReadAll(input)
-	if err != nil {
-		return ""
-	}
+func DetectRendererType(filename string, sniffedType typesniffer.SniffedType, prefetchBuf []byte) string {
 	for _, renderer := range renderers {
-		if detector, ok := renderer.(RendererContentDetector); ok && detector.CanRender(filename, bytes.NewReader(buf)) {
+		if detector, ok := renderer.(RendererContentDetector); ok && detector.CanRender(filename, sniffedType, prefetchBuf) {
 			return renderer.Name()
 		}
 	}
diff --git a/modules/markup/sanitizer_default.go b/modules/markup/sanitizer_default.go
index 14161eb533..0fbf0f0b24 100644
--- a/modules/markup/sanitizer_default.go
+++ b/modules/markup/sanitizer_default.go
@@ -4,6 +4,7 @@
 package markup
 
 import (
+	"html/template"
 	"io"
 	"net/url"
 	"regexp"
@@ -52,6 +53,8 @@ func (st *Sanitizer) createDefaultPolicy() *bluemonday.Policy {
 
 	policy.AllowAttrs("src", "autoplay", "controls").OnElements("video")
 
+	policy.AllowAttrs("loading").OnElements("img")
+
 	// Allow generally safe attributes (reference: https://github.com/jch/html-pipeline)
 	generalSafeAttrs := []string{
 		"abbr", "accept", "accept-charset",
@@ -90,9 +93,9 @@ func (st *Sanitizer) createDefaultPolicy() *bluemonday.Policy {
 	return policy
 }
 
-// Sanitize takes a string that contains a HTML fragment or document and applies policy whitelist.
-func Sanitize(s string) string {
-	return GetDefaultSanitizer().defaultPolicy.Sanitize(s)
+// Sanitize use default sanitizer policy to sanitize a string
+func Sanitize(s string) template.HTML {
+	return template.HTML(GetDefaultSanitizer().defaultPolicy.Sanitize(s))
 }
 
 // SanitizeReader sanitizes a Reader
diff --git a/modules/markup/sanitizer_default_test.go b/modules/markup/sanitizer_default_test.go
index 5282916944..e5ba018e1b 100644
--- a/modules/markup/sanitizer_default_test.go
+++ b/modules/markup/sanitizer_default_test.go
@@ -69,6 +69,6 @@ func TestSanitizer(t *testing.T) {
 	}
 
 	for i := 0; i < len(testCases); i += 2 {
-		assert.Equal(t, testCases[i+1], Sanitize(testCases[i]))
+		assert.Equal(t, testCases[i+1], string(Sanitize(testCases[i])))
 	}
 }
diff --git a/modules/metrics/collector.go b/modules/metrics/collector.go
index 230260ff94..4d2ec287a9 100755
--- a/modules/metrics/collector.go
+++ b/modules/metrics/collector.go
@@ -184,7 +184,7 @@ func NewCollector() Collector {
 		Users: prometheus.NewDesc(
 			namespace+"users",
 			"Number of Users",
-			nil, nil,
+			[]string{"state"}, nil,
 		),
 		Watches: prometheus.NewDesc(
 			namespace+"watches",
@@ -373,7 +373,14 @@ func (c Collector) Collect(ch chan<- prometheus.Metric) {
 	ch <- prometheus.MustNewConstMetric(
 		c.Users,
 		prometheus.GaugeValue,
-		float64(stats.Counter.User),
+		float64(stats.Counter.UsersActive),
+		"active", // state label
+	)
+	ch <- prometheus.MustNewConstMetric(
+		c.Users,
+		prometheus.GaugeValue,
+		float64(stats.Counter.UsersNotActive),
+		"inactive", // state label
 	)
 	ch <- prometheus.MustNewConstMetric(
 		c.Watches,
diff --git a/modules/migration/pullrequest.go b/modules/migration/pullrequest.go
index fbfdff0315..cccab3fd7e 100644
--- a/modules/migration/pullrequest.go
+++ b/modules/migration/pullrequest.go
@@ -49,8 +49,8 @@ func (p *PullRequest) IsForkPullRequest() bool {
 	return p.Head.RepoFullName() != p.Base.RepoFullName()
 }
 
-// GetGitRefName returns pull request relative path to head
-func (p PullRequest) GetGitRefName() string {
+// GetGitHeadRefName returns pull request relative path to head
+func (p PullRequest) GetGitHeadRefName() string {
 	return fmt.Sprintf("%s%d/head", git.PullPrefix, p.Number)
 }
 
diff --git a/modules/migration/schemas_bindata.go b/modules/migration/schemas_bindata.go
index c5db3b3461..695c2c1135 100644
--- a/modules/migration/schemas_bindata.go
+++ b/modules/migration/schemas_bindata.go
@@ -3,6 +3,28 @@
 
 //go:build bindata
 
+//go:generate go run ../../build/generate-bindata.go ../../modules/migration/schemas bindata.dat
+
 package migration
 
-//go:generate go run ../../build/generate-bindata.go ../../modules/migration/schemas migration bindata.go
+import (
+	"io"
+	"io/fs"
+	"path"
+	"sync"
+
+	_ "embed"
+
+	"code.gitea.io/gitea/modules/assetfs"
+)
+
+//go:embed bindata.dat
+var bindata []byte
+
+var BuiltinAssets = sync.OnceValue(func() fs.FS {
+	return assetfs.NewEmbeddedFS(bindata)
+})
+
+func openSchema(filename string) (io.ReadCloser, error) {
+	return BuiltinAssets().Open(path.Base(filename))
+}
diff --git a/modules/migration/schemas_static.go b/modules/migration/schemas_static.go
deleted file mode 100644
index 8a0c340a65..0000000000
--- a/modules/migration/schemas_static.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-//go:build bindata
-
-package migration
-
-import (
-	"io"
-	"path"
-)
-
-func openSchema(filename string) (io.ReadCloser, error) {
-	return Assets.Open(path.Base(filename))
-}
diff --git a/modules/optional/option.go b/modules/optional/option.go
index af9e5ac852..cbecf86987 100644
--- a/modules/optional/option.go
+++ b/modules/optional/option.go
@@ -3,6 +3,14 @@
 
 package optional
 
+import "strconv"
+
+// Option is a generic type that can hold a value of type T or be empty (None).
+//
+// It must use the slice type to work with "chi" form values binding:
+// * non-existing value are represented as an empty slice (None)
+// * existing value is represented as a slice with one element (Some)
+// * multiple values are represented as a slice with multiple elements (Some), the Value is the first element (not well-defined in this case)
 type Option[T any] []T
 
 func None[T any]() Option[T] {
@@ -20,6 +28,13 @@ func FromPtr[T any](v *T) Option[T] {
 	return Some(*v)
 }
 
+func FromMapLookup[K comparable, V any](m map[K]V, k K) Option[V] {
+	if v, ok := m[k]; ok {
+		return Some(v)
+	}
+	return None[V]()
+}
+
 func FromNonDefault[T comparable](v T) Option[T] {
 	var zero T
 	if v == zero {
@@ -43,3 +58,12 @@ func (o Option[T]) ValueOrDefault(v T) T {
 	}
 	return v
 }
+
+// ParseBool get the corresponding optional.Option[bool] of a string using strconv.ParseBool
+func ParseBool(s string) Option[bool] {
+	v, e := strconv.ParseBool(s)
+	if e != nil {
+		return None[bool]()
+	}
+	return Some(v)
+}
diff --git a/modules/optional/option_test.go b/modules/optional/option_test.go
index 203e9221e3..ea80a2e3cb 100644
--- a/modules/optional/option_test.go
+++ b/modules/optional/option_test.go
@@ -56,4 +56,23 @@ func TestOption(t *testing.T) {
 	opt3 := optional.FromNonDefault(1)
 	assert.True(t, opt3.Has())
 	assert.Equal(t, int(1), opt3.Value())
+
+	opt4 := optional.FromMapLookup(map[string]int{"a": 1}, "a")
+	assert.True(t, opt4.Has())
+	assert.Equal(t, 1, opt4.Value())
+	opt4 = optional.FromMapLookup(map[string]int{"a": 1}, "b")
+	assert.False(t, opt4.Has())
+}
+
+func Test_ParseBool(t *testing.T) {
+	assert.Equal(t, optional.None[bool](), optional.ParseBool(""))
+	assert.Equal(t, optional.None[bool](), optional.ParseBool("x"))
+
+	assert.Equal(t, optional.Some(false), optional.ParseBool("0"))
+	assert.Equal(t, optional.Some(false), optional.ParseBool("f"))
+	assert.Equal(t, optional.Some(false), optional.ParseBool("False"))
+
+	assert.Equal(t, optional.Some(true), optional.ParseBool("1"))
+	assert.Equal(t, optional.Some(true), optional.ParseBool("t"))
+	assert.Equal(t, optional.Some(true), optional.ParseBool("True"))
 }
diff --git a/modules/optional/serialization_test.go b/modules/optional/serialization_test.go
index 09a4bddea0..cf81a94cfc 100644
--- a/modules/optional/serialization_test.go
+++ b/modules/optional/serialization_test.go
@@ -4,7 +4,7 @@
 package optional_test
 
 import (
-	std_json "encoding/json" //nolint:depguard
+	std_json "encoding/json" //nolint:depguard // for testing purpose
 	"testing"
 
 	"code.gitea.io/gitea/modules/json"
@@ -51,11 +51,11 @@ func TestOptionalToJson(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			b, err := json.Marshal(tc.obj)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, string(b), "gitea json module returned unexpected")
+			assert.Equal(t, tc.want, string(b), "gitea json module returned unexpected")
 
 			b, err = std_json.Marshal(tc.obj)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, string(b), "std json module returned unexpected")
+			assert.Equal(t, tc.want, string(b), "std json module returned unexpected")
 		})
 	}
 }
@@ -89,12 +89,12 @@ func TestOptionalFromJson(t *testing.T) {
 			var obj1 testSerializationStruct
 			err := json.Unmarshal([]byte(tc.data), &obj1)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, obj1, "gitea json module returned unexpected")
+			assert.Equal(t, tc.want, obj1, "gitea json module returned unexpected")
 
 			var obj2 testSerializationStruct
 			err = std_json.Unmarshal([]byte(tc.data), &obj2)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, obj2, "std json module returned unexpected")
+			assert.Equal(t, tc.want, obj2, "std json module returned unexpected")
 		})
 	}
 }
@@ -135,7 +135,7 @@ optional_two_string: null
 		t.Run(tc.name, func(t *testing.T) {
 			b, err := yaml.Marshal(tc.obj)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, string(b), "yaml module returned unexpected")
+			assert.Equal(t, tc.want, string(b), "yaml module returned unexpected")
 		})
 	}
 }
@@ -184,7 +184,7 @@ optional_twostring: null
 			var obj testSerializationStruct
 			err := yaml.Unmarshal([]byte(tc.data), &obj)
 			assert.NoError(t, err)
-			assert.EqualValues(t, tc.want, obj, "yaml module returned unexpected")
+			assert.Equal(t, tc.want, obj, "yaml module returned unexpected")
 		})
 	}
 }
diff --git a/modules/options/options_bindata.go b/modules/options/options_bindata.go
index 29151cb3cb..b2321d7eb5 100644
--- a/modules/options/options_bindata.go
+++ b/modules/options/options_bindata.go
@@ -3,6 +3,21 @@
 
 //go:build bindata
 
+//go:generate go run ../../build/generate-bindata.go ../../options bindata.dat
+
 package options
 
-//go:generate go run ../../build/generate-bindata.go ../../options options bindata.go
+import (
+	"sync"
+
+	_ "embed"
+
+	"code.gitea.io/gitea/modules/assetfs"
+)
+
+//go:embed bindata.dat
+var bindata []byte
+
+var BuiltinAssets = sync.OnceValue(func() *assetfs.Layer {
+	return assetfs.Bindata("builtin(bindata)", assetfs.NewEmbeddedFS(bindata))
+})
diff --git a/modules/options/dynamic.go b/modules/options/options_dynamic.go
index 085492d11c..085492d11c 100644
--- a/modules/options/dynamic.go
+++ b/modules/options/options_dynamic.go
diff --git a/modules/options/static.go b/modules/options/static.go
deleted file mode 100644
index 72b28e990e..0000000000
--- a/modules/options/static.go
+++ /dev/null
@@ -1,14 +0,0 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-//go:build bindata
-
-package options
-
-import (
-	"code.gitea.io/gitea/modules/assetfs"
-)
-
-func BuiltinAssets() *assetfs.Layer {
-	return assetfs.Bindata("builtin(bindata)", Assets)
-}
diff --git a/models/packages/container/const.go b/modules/packages/container/const.go
index 0dfbda051d..6c7c9b46d1 100644
--- a/models/packages/container/const.go
+++ b/modules/packages/container/const.go
@@ -4,6 +4,8 @@
 package container
 
 const (
+	ContentTypeDockerDistributionManifestV2 = "application/vnd.docker.distribution.manifest.v2+json"
+
 	ManifestFilename = "manifest.json"
 	UploadVersion    = "_upload"
 )
diff --git a/modules/packages/container/metadata.go b/modules/packages/container/metadata.go
index 2a41fb9105..3ef0684d13 100644
--- a/modules/packages/container/metadata.go
+++ b/modules/packages/container/metadata.go
@@ -71,14 +71,34 @@ type Manifest struct {
 	Size     int64  `json:"size"`
 }
 
+func IsMediaTypeValid(mt string) bool {
+	return strings.HasPrefix(mt, "application/vnd.docker.") || strings.HasPrefix(mt, "application/vnd.oci.")
+}
+
+func IsMediaTypeImageManifest(mt string) bool {
+	return strings.EqualFold(mt, oci.MediaTypeImageManifest) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.v2+json")
+}
+
+func IsMediaTypeImageIndex(mt string) bool {
+	return strings.EqualFold(mt, oci.MediaTypeImageIndex) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.list.v2+json")
+}
+
 // ParseImageConfig parses the metadata of an image config
-func ParseImageConfig(mt string, r io.Reader) (*Metadata, error) {
-	if strings.EqualFold(mt, helm.ConfigMediaType) {
+func ParseImageConfig(mediaType string, r io.Reader) (*Metadata, error) {
+	if strings.EqualFold(mediaType, helm.ConfigMediaType) {
 		return parseHelmConfig(r)
 	}
 
 	// fallback to OCI Image Config
-	return parseOCIImageConfig(r)
+	// FIXME: this fallback is not right, we should strictly check the media type in the future
+	metadata, err := parseOCIImageConfig(r)
+	if err != nil {
+		if !IsMediaTypeImageManifest(mediaType) {
+			return &Metadata{Platform: "unknown/unknown"}, nil
+		}
+		return nil, err
+	}
+	return metadata, nil
 }
 
 func parseOCIImageConfig(r io.Reader) (*Metadata, error) {
diff --git a/modules/packages/container/metadata_test.go b/modules/packages/container/metadata_test.go
index 665499b2e6..0f2d702925 100644
--- a/modules/packages/container/metadata_test.go
+++ b/modules/packages/container/metadata_test.go
@@ -11,6 +11,7 @@ import (
 
 	oci "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestParseImageConfig(t *testing.T) {
@@ -58,4 +59,8 @@ func TestParseImageConfig(t *testing.T) {
 	assert.ElementsMatch(t, []string{author}, metadata.Authors)
 	assert.Equal(t, projectURL, metadata.ProjectURL)
 	assert.Equal(t, repositoryURL, metadata.RepositoryURL)
+
+	metadata, err = ParseImageConfig("anything-unknown", strings.NewReader(""))
+	require.NoError(t, err)
+	assert.Equal(t, &Metadata{Platform: "unknown/unknown"}, metadata)
 }
diff --git a/modules/packages/content_store.go b/modules/packages/content_store.go
index 37612556d7..57974515e2 100644
--- a/modules/packages/content_store.go
+++ b/modules/packages/content_store.go
@@ -28,8 +28,7 @@ func NewContentStore() *ContentStore {
 	return contentStore
 }
 
-// Get gets a package blob
-func (s *ContentStore) Get(key BlobHash256Key) (storage.Object, error) {
+func (s *ContentStore) OpenBlob(key BlobHash256Key) (storage.Object, error) {
 	return s.store.Open(KeyToRelativePath(key))
 }
 
@@ -37,8 +36,8 @@ func (s *ContentStore) ShouldServeDirect() bool {
 	return setting.Packages.Storage.ServeDirect()
 }
 
-func (s *ContentStore) GetServeDirectURL(key BlobHash256Key, filename string, reqParams url.Values) (*url.URL, error) {
-	return s.store.URL(KeyToRelativePath(key), filename, reqParams)
+func (s *ContentStore) GetServeDirectURL(key BlobHash256Key, filename, method string, reqParams url.Values) (*url.URL, error) {
+	return s.store.URL(KeyToRelativePath(key), filename, method, reqParams)
 }
 
 // FIXME: Workaround to be removed in v1.20
diff --git a/modules/packages/goproxy/metadata.go b/modules/packages/goproxy/metadata.go
index 40f7d20508..a67b149f4d 100644
--- a/modules/packages/goproxy/metadata.go
+++ b/modules/packages/goproxy/metadata.go
@@ -5,7 +5,6 @@ package goproxy
 
 import (
 	"archive/zip"
-	"fmt"
 	"io"
 	"path"
 	"strings"
@@ -88,7 +87,7 @@ func ParsePackage(r io.ReaderAt, size int64) (*Package, error) {
 		return nil, ErrInvalidStructure
 	}
 
-	p.GoMod = fmt.Sprintf("module %s", p.Name)
+	p.GoMod = "module " + p.Name
 
 	return p, nil
 }
diff --git a/modules/packages/hashed_buffer.go b/modules/packages/hashed_buffer.go
index 4ab45edcec..0cd657cd44 100644
--- a/modules/packages/hashed_buffer.go
+++ b/modules/packages/hashed_buffer.go
@@ -6,6 +6,7 @@ package packages
 import (
 	"io"
 
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util/filebuffer"
 )
 
@@ -34,11 +35,11 @@ func NewHashedBuffer() (*HashedBuffer, error) {
 
 // NewHashedBufferWithSize creates a hashed buffer with a specific memory size
 func NewHashedBufferWithSize(maxMemorySize int) (*HashedBuffer, error) {
-	b, err := filebuffer.New(maxMemorySize)
+	tempDir, err := setting.AppDataTempDir("package-hashed-buffer").MkdirAllSub("")
 	if err != nil {
 		return nil, err
 	}
-
+	b := filebuffer.New(maxMemorySize, tempDir)
 	hash := NewMultiHasher()
 
 	combinedWriter := io.MultiWriter(b, hash)
diff --git a/modules/packages/hashed_buffer_test.go b/modules/packages/hashed_buffer_test.go
index 564e782f18..5104c1fb25 100644
--- a/modules/packages/hashed_buffer_test.go
+++ b/modules/packages/hashed_buffer_test.go
@@ -9,10 +9,13 @@ import (
 	"strings"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func TestHashedBuffer(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
 	cases := []struct {
 		MaxMemorySize int
 		Data          string
diff --git a/modules/packages/npm/creator.go b/modules/packages/npm/creator.go
index 8ba4dbfba7..11b5123c27 100644
--- a/modules/packages/npm/creator.go
+++ b/modules/packages/npm/creator.go
@@ -58,7 +58,7 @@ type PackageMetadata struct {
 	Time           map[string]time.Time               `json:"time,omitempty"`
 	Homepage       string                             `json:"homepage,omitempty"`
 	Keywords       []string                           `json:"keywords,omitempty"`
-	Repository     Repository                         `json:"repository,omitempty"`
+	Repository     Repository                         `json:"repository"`
 	Author         User                               `json:"author"`
 	ReadmeFilename string                             `json:"readmeFilename,omitempty"`
 	Users          map[string]bool                    `json:"users,omitempty"`
@@ -75,7 +75,7 @@ type PackageMetadataVersion struct {
 	Author               User                `json:"author"`
 	Homepage             string              `json:"homepage,omitempty"`
 	License              string              `json:"license,omitempty"`
-	Repository           Repository          `json:"repository,omitempty"`
+	Repository           Repository          `json:"repository"`
 	Keywords             []string            `json:"keywords,omitempty"`
 	Dependencies         map[string]string   `json:"dependencies,omitempty"`
 	BundleDependencies   []string            `json:"bundleDependencies,omitempty"`
diff --git a/modules/packages/npm/metadata.go b/modules/packages/npm/metadata.go
index d1d0263387..362d0470d5 100644
--- a/modules/packages/npm/metadata.go
+++ b/modules/packages/npm/metadata.go
@@ -23,5 +23,5 @@ type Metadata struct {
 	OptionalDependencies    map[string]string `json:"optional_dependencies,omitempty"`
 	Bin                     map[string]string `json:"bin,omitempty"`
 	Readme                  string            `json:"readme,omitempty"`
-	Repository              Repository        `json:"repository,omitempty"`
+	Repository              Repository        `json:"repository"`
 }
diff --git a/modules/packages/nuget/metadata.go b/modules/packages/nuget/metadata.go
index 1e98ddffde..513b4dd2b9 100644
--- a/modules/packages/nuget/metadata.go
+++ b/modules/packages/nuget/metadata.go
@@ -57,14 +57,25 @@ type Package struct {
 
 // Metadata represents the metadata of a Nuget package
 type Metadata struct {
-	Description              string                  `json:"description,omitempty"`
-	ReleaseNotes             string                  `json:"release_notes,omitempty"`
-	Readme                   string                  `json:"readme,omitempty"`
-	Authors                  string                  `json:"authors,omitempty"`
-	ProjectURL               string                  `json:"project_url,omitempty"`
-	RepositoryURL            string                  `json:"repository_url,omitempty"`
-	RequireLicenseAcceptance bool                    `json:"require_license_acceptance"`
-	Dependencies             map[string][]Dependency `json:"dependencies,omitempty"`
+	Authors                  string `json:"authors,omitempty"`
+	Copyright                string `json:"copyright,omitempty"`
+	Description              string `json:"description,omitempty"`
+	DevelopmentDependency    bool   `json:"development_dependency,omitempty"`
+	IconURL                  string `json:"icon_url,omitempty"`
+	Language                 string `json:"language,omitempty"`
+	LicenseURL               string `json:"license_url,omitempty"`
+	MinClientVersion         string `json:"min_client_version,omitempty"`
+	Owners                   string `json:"owners,omitempty"`
+	ProjectURL               string `json:"project_url,omitempty"`
+	Readme                   string `json:"readme,omitempty"`
+	ReleaseNotes             string `json:"release_notes,omitempty"`
+	RepositoryURL            string `json:"repository_url,omitempty"`
+	RequireLicenseAcceptance bool   `json:"require_license_acceptance"`
+	Summary                  string `json:"summary,omitempty"`
+	Tags                     string `json:"tags,omitempty"`
+	Title                    string `json:"title,omitempty"`
+
+	Dependencies map[string][]Dependency `json:"dependencies,omitempty"`
 }
 
 // Dependency represents a dependency of a Nuget package
@@ -74,24 +85,31 @@ type Dependency struct {
 }
 
 // https://learn.microsoft.com/en-us/nuget/reference/nuspec
+// https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Core/NuGet.Packaging/compiler/resources/nuspec.xsd
 type nuspecPackage struct {
 	Metadata struct {
-		ID                       string `xml:"id"`
-		Version                  string `xml:"version"`
-		Authors                  string `xml:"authors"`
-		RequireLicenseAcceptance bool   `xml:"requireLicenseAcceptance"`
+		// required fields
+		Authors     string `xml:"authors"`
+		Description string `xml:"description"`
+		ID          string `xml:"id"`
+		Version     string `xml:"version"`
+
+		// optional fields
+		Copyright                string `xml:"copyright"`
+		DevelopmentDependency    bool   `xml:"developmentDependency"`
+		IconURL                  string `xml:"iconUrl"`
+		Language                 string `xml:"language"`
+		LicenseURL               string `xml:"licenseUrl"`
+		MinClientVersion         string `xml:"minClientVersion,attr"`
+		Owners                   string `xml:"owners"`
 		ProjectURL               string `xml:"projectUrl"`
-		Description              string `xml:"description"`
-		ReleaseNotes             string `xml:"releaseNotes"`
 		Readme                   string `xml:"readme"`
-		PackageTypes             struct {
-			PackageType []struct {
-				Name string `xml:"name,attr"`
-			} `xml:"packageType"`
-		} `xml:"packageTypes"`
-		Repository struct {
-			URL string `xml:"url,attr"`
-		} `xml:"repository"`
+		ReleaseNotes             string `xml:"releaseNotes"`
+		RequireLicenseAcceptance bool   `xml:"requireLicenseAcceptance"`
+		Summary                  string `xml:"summary"`
+		Tags                     string `xml:"tags"`
+		Title                    string `xml:"title"`
+
 		Dependencies struct {
 			Dependency []struct {
 				ID      string `xml:"id,attr"`
@@ -107,6 +125,14 @@ type nuspecPackage struct {
 				} `xml:"dependency"`
 			} `xml:"group"`
 		} `xml:"dependencies"`
+		PackageTypes struct {
+			PackageType []struct {
+				Name string `xml:"name,attr"`
+			} `xml:"packageType"`
+		} `xml:"packageTypes"`
+		Repository struct {
+			URL string `xml:"url,attr"`
+		} `xml:"repository"`
 	} `xml:"metadata"`
 }
 
@@ -167,13 +193,24 @@ func ParseNuspecMetaData(archive *zip.Reader, r io.Reader) (*Package, error) {
 	}
 
 	m := &Metadata{
-		Description:              p.Metadata.Description,
-		ReleaseNotes:             p.Metadata.ReleaseNotes,
 		Authors:                  p.Metadata.Authors,
+		Copyright:                p.Metadata.Copyright,
+		Description:              p.Metadata.Description,
+		DevelopmentDependency:    p.Metadata.DevelopmentDependency,
+		IconURL:                  p.Metadata.IconURL,
+		Language:                 p.Metadata.Language,
+		LicenseURL:               p.Metadata.LicenseURL,
+		MinClientVersion:         p.Metadata.MinClientVersion,
+		Owners:                   p.Metadata.Owners,
 		ProjectURL:               p.Metadata.ProjectURL,
+		ReleaseNotes:             p.Metadata.ReleaseNotes,
 		RepositoryURL:            p.Metadata.Repository.URL,
 		RequireLicenseAcceptance: p.Metadata.RequireLicenseAcceptance,
-		Dependencies:             make(map[string][]Dependency),
+		Summary:                  p.Metadata.Summary,
+		Tags:                     p.Metadata.Tags,
+		Title:                    p.Metadata.Title,
+
+		Dependencies: make(map[string][]Dependency),
 	}
 
 	if p.Metadata.Readme != "" {
@@ -227,13 +264,13 @@ func ParseNuspecMetaData(archive *zip.Reader, r io.Reader) (*Package, error) {
 func toNormalizedVersion(v *version.Version) string {
 	var buf bytes.Buffer
 	segments := v.Segments64()
-	fmt.Fprintf(&buf, "%d.%d.%d", segments[0], segments[1], segments[2])
+	_, _ = fmt.Fprintf(&buf, "%d.%d.%d", segments[0], segments[1], segments[2])
 	if len(segments) > 3 && segments[3] > 0 {
-		fmt.Fprintf(&buf, ".%d", segments[3])
+		_, _ = fmt.Fprintf(&buf, ".%d", segments[3])
 	}
 	pre := v.Prerelease()
 	if pre != "" {
-		fmt.Fprint(&buf, "-", pre)
+		_, _ = fmt.Fprint(&buf, "-", pre)
 	}
 	return buf.String()
 }
diff --git a/modules/packages/nuget/metadata_test.go b/modules/packages/nuget/metadata_test.go
index f466492f8a..90c3e8dfeb 100644
--- a/modules/packages/nuget/metadata_test.go
+++ b/modules/packages/nuget/metadata_test.go
@@ -12,44 +12,62 @@ import (
 )
 
 const (
-	id                = "System.Gitea"
-	semver            = "1.0.1"
-	authors           = "Gitea Authors"
-	projectURL        = "https://gitea.io"
-	description       = "Package Description"
-	releaseNotes      = "Package Release Notes"
-	readme            = "Readme"
-	repositoryURL     = "https://gitea.io/gitea/gitea"
-	targetFramework   = ".NETStandard2.1"
-	dependencyID      = "System.Text.Json"
-	dependencyVersion = "5.0.0"
+	authors                  = "Gitea Authors"
+	copyright                = "Package Copyright"
+	dependencyID             = "System.Text.Json"
+	dependencyVersion        = "5.0.0"
+	developmentDependency    = true
+	description              = "Package Description"
+	iconURL                  = "https://gitea.io/favicon.png"
+	id                       = "System.Gitea"
+	language                 = "Package Language"
+	licenseURL               = "https://gitea.io/license"
+	minClientVersion         = "1.0.0.0"
+	owners                   = "Package Owners"
+	projectURL               = "https://gitea.io"
+	readme                   = "Readme"
+	releaseNotes             = "Package Release Notes"
+	repositoryURL            = "https://gitea.io/gitea/gitea"
+	requireLicenseAcceptance = true
+	tags                     = "tag_1 tag_2 tag_3"
+	targetFramework          = ".NETStandard2.1"
+	title                    = "Package Title"
+	versionStr               = "1.0.1"
 )
 
 const nuspecContent = `<?xml version="1.0" encoding="utf-8"?>
 <package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
-  <metadata>
-    <id>` + id + `</id>
-    <version>` + semver + `</version>
-    <authors>` + authors + `</authors>
-    <requireLicenseAcceptance>true</requireLicenseAcceptance>
-    <projectUrl>` + projectURL + `</projectUrl>
-    <description>` + description + `</description>
-    <releaseNotes>` + releaseNotes + `</releaseNotes>
-    <repository url="` + repositoryURL + `" />
-    <readme>README.md</readme>
-    <dependencies>
-      <group targetFramework="` + targetFramework + `">
-        <dependency id="` + dependencyID + `" version="` + dependencyVersion + `" exclude="Build,Analyzers" />
-      </group>
-    </dependencies>
-  </metadata>
+	<metadata minClientVersion="` + minClientVersion + `">
+		<authors>` + authors + `</authors>
+		<copyright>` + copyright + `</copyright>
+		<description>` + description + `</description>
+		<developmentDependency>true</developmentDependency>
+		<iconUrl>` + iconURL + `</iconUrl>
+		<id>` + id + `</id>
+		<language>` + language + `</language>
+		<licenseUrl>` + licenseURL + `</licenseUrl>
+		<owners>` + owners + `</owners>
+		<projectUrl>` + projectURL + `</projectUrl>
+		<readme>README.md</readme>
+		<releaseNotes>` + releaseNotes + `</releaseNotes>
+		<repository url="` + repositoryURL + `" />
+		<requireLicenseAcceptance>true</requireLicenseAcceptance>
+		<tags>` + tags + `</tags>
+		<title>` + title + `</title>
+		<version>` + versionStr + `</version>
+		<dependencies>
+			<group targetFramework="` + targetFramework + `">
+				<dependency id="` + dependencyID + `" version="` + dependencyVersion + `" exclude="Build,Analyzers" />
+			</group>
+		</dependencies>
+	</metadata>
 </package>`
 
 const symbolsNuspecContent = `<?xml version="1.0" encoding="utf-8"?>
 <package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
   <metadata>
     <id>` + id + `</id>
-    <version>` + semver + `</version>
+    <version>` + versionStr + `</version>
     <description>` + description + `</description>
     <packageTypes>
       <packageType name="SymbolsPackage" />
@@ -140,14 +158,26 @@ func TestParsePackageMetaData(t *testing.T) {
 		assert.NotNil(t, np)
 		assert.Equal(t, DependencyPackage, np.PackageType)
 
-		assert.Equal(t, id, np.ID)
-		assert.Equal(t, semver, np.Version)
 		assert.Equal(t, authors, np.Metadata.Authors)
-		assert.Equal(t, projectURL, np.Metadata.ProjectURL)
 		assert.Equal(t, description, np.Metadata.Description)
-		assert.Equal(t, releaseNotes, np.Metadata.ReleaseNotes)
+		assert.Equal(t, id, np.ID)
+		assert.Equal(t, versionStr, np.Version)
+
+		assert.Equal(t, copyright, np.Metadata.Copyright)
+		assert.Equal(t, developmentDependency, np.Metadata.DevelopmentDependency)
+		assert.Equal(t, iconURL, np.Metadata.IconURL)
+		assert.Equal(t, language, np.Metadata.Language)
+		assert.Equal(t, licenseURL, np.Metadata.LicenseURL)
+		assert.Equal(t, minClientVersion, np.Metadata.MinClientVersion)
+		assert.Equal(t, owners, np.Metadata.Owners)
+		assert.Equal(t, projectURL, np.Metadata.ProjectURL)
 		assert.Equal(t, readme, np.Metadata.Readme)
+		assert.Equal(t, releaseNotes, np.Metadata.ReleaseNotes)
 		assert.Equal(t, repositoryURL, np.Metadata.RepositoryURL)
+		assert.Equal(t, requireLicenseAcceptance, np.Metadata.RequireLicenseAcceptance)
+		assert.Equal(t, tags, np.Metadata.Tags)
+		assert.Equal(t, title, np.Metadata.Title)
+
 		assert.Len(t, np.Metadata.Dependencies, 1)
 		assert.Contains(t, np.Metadata.Dependencies, targetFramework)
 		deps := np.Metadata.Dependencies[targetFramework]
@@ -180,7 +210,7 @@ func TestParsePackageMetaData(t *testing.T) {
 		assert.Equal(t, SymbolsPackage, np.PackageType)
 
 		assert.Equal(t, id, np.ID)
-		assert.Equal(t, semver, np.Version)
+		assert.Equal(t, versionStr, np.Version)
 		assert.Equal(t, description, np.Metadata.Description)
 		assert.Empty(t, np.Metadata.Dependencies)
 	})
diff --git a/modules/packages/nuget/symbol_extractor.go b/modules/packages/nuget/symbol_extractor.go
index 81bf0371a0..9c952e1f10 100644
--- a/modules/packages/nuget/symbol_extractor.go
+++ b/modules/packages/nuget/symbol_extractor.go
@@ -34,7 +34,7 @@ type PortablePdbList []*PortablePdb
 
 func (l PortablePdbList) Close() {
 	for _, pdb := range l {
-		pdb.Content.Close()
+		_ = pdb.Content.Close()
 	}
 }
 
@@ -65,7 +65,7 @@ func ExtractPortablePdb(r io.ReaderAt, size int64) (PortablePdbList, error) {
 
 				buf, err := packages.CreateHashedBufferFromReader(f)
 
-				f.Close()
+				_ = f.Close()
 
 				if err != nil {
 					return err
@@ -73,12 +73,12 @@ func ExtractPortablePdb(r io.ReaderAt, size int64) (PortablePdbList, error) {
 
 				id, err := ParseDebugHeaderID(buf)
 				if err != nil {
-					buf.Close()
+					_ = buf.Close()
 					return fmt.Errorf("Invalid PDB file: %w", err)
 				}
 
 				if _, err := buf.Seek(0, io.SeekStart); err != nil {
-					buf.Close()
+					_ = buf.Close()
 					return err
 				}
 
diff --git a/modules/packages/nuget/symbol_extractor_test.go b/modules/packages/nuget/symbol_extractor_test.go
index fa1b80ee82..e841e377d9 100644
--- a/modules/packages/nuget/symbol_extractor_test.go
+++ b/modules/packages/nuget/symbol_extractor_test.go
@@ -9,6 +9,8 @@ import (
 	"encoding/base64"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -17,18 +19,19 @@ fgAA3AEAAAQAAAAjU3RyaW5ncwAAAADgAQAABAAAACNVUwDkAQAAMAAAACNHVUlEAAAAFAIAACgB
 AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`
 
 func TestExtractPortablePdb(t *testing.T) {
+	setting.AppDataPath = t.TempDir()
 	createArchive := func(name string, content []byte) []byte {
 		var buf bytes.Buffer
 		archive := zip.NewWriter(&buf)
 		w, _ := archive.Create(name)
-		w.Write(content)
-		archive.Close()
+		_, _ = w.Write(content)
+		_ = archive.Close()
 		return buf.Bytes()
 	}
 
 	t.Run("MissingPdbFiles", func(t *testing.T) {
 		var buf bytes.Buffer
-		zip.NewWriter(&buf).Close()
+		_ = zip.NewWriter(&buf).Close()
 
 		pdbs, err := ExtractPortablePdb(bytes.NewReader(buf.Bytes()), int64(buf.Len()))
 		assert.ErrorIs(t, err, ErrMissingPdbFiles)
diff --git a/modules/packages/pub/metadata.go b/modules/packages/pub/metadata.go
index afb464e462..9b00472eb2 100644
--- a/modules/packages/pub/metadata.go
+++ b/modules/packages/pub/metadata.go
@@ -88,7 +88,7 @@ func ParsePackage(r io.Reader) (*Package, error) {
 			if err != nil {
 				return nil, err
 			}
-		} else if strings.ToLower(hd.Name) == "readme.md" {
+		} else if strings.EqualFold(hd.Name, "readme.md") {
 			data, err := io.ReadAll(tr)
 			if err != nil {
 				return nil, err
diff --git a/modules/packages/rubygems/marshal.go b/modules/packages/rubygems/marshal.go
index 4e6a5fc5f8..1505221acc 100644
--- a/modules/packages/rubygems/marshal.go
+++ b/modules/packages/rubygems/marshal.go
@@ -250,7 +250,7 @@ func (e *MarshalEncoder) marshalArray(arr reflect.Value) error {
 		return err
 	}
 
-	for i := 0; i < length; i++ {
+	for i := range length {
 		if err := e.marshal(arr.Index(i).Interface()); err != nil {
 			return err
 		}
diff --git a/modules/packages/swift/metadata.go b/modules/packages/swift/metadata.go
index 24c4262ab7..85beb57607 100644
--- a/modules/packages/swift/metadata.go
+++ b/modules/packages/swift/metadata.go
@@ -47,7 +47,7 @@ type Metadata struct {
 	Keywords      []string             `json:"keywords,omitempty"`
 	RepositoryURL string               `json:"repository_url,omitempty"`
 	License       string               `json:"license,omitempty"`
-	Author        Person               `json:"author,omitempty"`
+	Author        Person               `json:"author"`
 	Manifests     map[string]*Manifest `json:"manifests,omitempty"`
 }
 
diff --git a/modules/private/internal.go b/modules/private/internal.go
index 35eed1d608..e599c6eb8e 100644
--- a/modules/private/internal.go
+++ b/modules/private/internal.go
@@ -6,7 +6,6 @@ package private
 import (
 	"context"
 	"crypto/tls"
-	"fmt"
 	"net"
 	"net/http"
 	"os"
@@ -47,7 +46,7 @@ Ensure you are running in the correct environment or set the correct configurati
 	req := httplib.NewRequest(url, method).
 		SetContext(ctx).
 		Header("X-Real-IP", getClientIP()).
-		Header("X-Gitea-Internal-Auth", fmt.Sprintf("Bearer %s", setting.InternalToken)).
+		Header("X-Gitea-Internal-Auth", "Bearer "+setting.InternalToken).
 		SetTLSClientConfig(&tls.Config{
 			InsecureSkipVerify: true,
 			ServerName:         setting.Domain,
diff --git a/modules/private/serv.go b/modules/private/serv.go
index 2ccc6c1129..b1dafbd81b 100644
--- a/modules/private/serv.go
+++ b/modules/private/serv.go
@@ -46,18 +46,16 @@ type ServCommandResults struct {
 }
 
 // ServCommand preps for a serv call
-func ServCommand(ctx context.Context, keyID int64, ownerName, repoName string, mode perm.AccessMode, verbs ...string) (*ServCommandResults, ResponseExtra) {
+func ServCommand(ctx context.Context, keyID int64, ownerName, repoName string, mode perm.AccessMode, verb, lfsVerb string) (*ServCommandResults, ResponseExtra) {
 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/serv/command/%d/%s/%s?mode=%d",
 		keyID,
 		url.PathEscape(ownerName),
 		url.PathEscape(repoName),
 		mode,
 	)
-	for _, verb := range verbs {
-		if verb != "" {
-			reqURL += fmt.Sprintf("&verb=%s", url.QueryEscape(verb))
-		}
-	}
+	reqURL += "&verb=" + url.QueryEscape(verb)
+	// reqURL += "&lfs_verb=" + url.QueryEscape(lfsVerb) // TODO: actually there is no use of this parameter. In the future, the URL construction should be more flexible
+	_ = lfsVerb
 	req := newInternalRequestAPI(ctx, reqURL, "GET")
 	return requestJSONResp(req, &ServCommandResults{})
 }
diff --git a/modules/proxyprotocol/errors.go b/modules/proxyprotocol/errors.go
index 5439a86bd8..f76c82b7f6 100644
--- a/modules/proxyprotocol/errors.go
+++ b/modules/proxyprotocol/errors.go
@@ -20,7 +20,7 @@ type ErrBadAddressType struct {
 }
 
 func (e *ErrBadAddressType) Error() string {
-	return fmt.Sprintf("Unexpected proxy header address type: %s", e.Address)
+	return "Unexpected proxy header address type: " + e.Address
 }
 
 // ErrBadRemote is an error demonstrating a bad proxy header with bad Remote
diff --git a/modules/public/public.go b/modules/public/public.go
index 7f8ce29056..a7eace1538 100644
--- a/modules/public/public.go
+++ b/modules/public/public.go
@@ -44,7 +44,7 @@ func FileHandlerFunc() http.HandlerFunc {
 func parseAcceptEncoding(val string) container.Set[string] {
 	parts := strings.Split(val, ";")
 	types := make(container.Set[string])
-	for _, v := range strings.Split(parts[0], ",") {
+	for v := range strings.SplitSeq(parts[0], ",") {
 		types.Add(strings.TrimSpace(v))
 	}
 	return types
@@ -89,19 +89,16 @@ func handleRequest(w http.ResponseWriter, req *http.Request, fs http.FileSystem,
 	servePublicAsset(w, req, fi, fi.ModTime(), f)
 }
 
-type GzipBytesProvider interface {
-	GzipBytes() []byte
-}
-
 // servePublicAsset serve http content
 func servePublicAsset(w http.ResponseWriter, req *http.Request, fi os.FileInfo, modtime time.Time, content io.ReadSeeker) {
 	setWellKnownContentType(w, fi.Name())
 	httpcache.SetCacheControlInHeader(w.Header(), httpcache.CacheControlForPublicStatic())
 	encodings := parseAcceptEncoding(req.Header.Get("Accept-Encoding"))
-	if encodings.Contains("gzip") {
-		// try to provide gzip content directly from bindata (provided by vfsgenÛ°CompressedFileInfo)
-		if compressed, ok := fi.(GzipBytesProvider); ok {
-			rdGzip := bytes.NewReader(compressed.GzipBytes())
+	fiEmbedded, _ := fi.(assetfs.EmbeddedFileInfo)
+	if encodings.Contains("gzip") && fiEmbedded != nil {
+		// try to provide gzip content directly from bindata
+		if gzipBytes, ok := fiEmbedded.GetGzipContent(); ok {
+			rdGzip := bytes.NewReader(gzipBytes)
 			// all gzipped static files (from bindata) are managed by Gitea, so we can make sure every file has the correct ext name
 			// then we can get the correct Content-Type, we do not need to do http.DetectContentType on the decompressed data
 			if w.Header().Get("Content-Type") == "" {
@@ -113,5 +110,4 @@ func servePublicAsset(w http.ResponseWriter, req *http.Request, fi os.FileInfo,
 		}
 	}
 	http.ServeContent(w, req, fi.Name(), modtime, content)
-	return
 }
diff --git a/modules/public/public_bindata.go b/modules/public/public_bindata.go
index 4878f88ad1..2dcf3e72e4 100644
--- a/modules/public/public_bindata.go
+++ b/modules/public/public_bindata.go
@@ -5,4 +5,19 @@
 
 package public
 
-//go:generate go run ../../build/generate-bindata.go ../../public public bindata.go true
+//go:generate go run ../../build/generate-bindata.go ../../public bindata.dat
+
+import (
+	"sync"
+
+	_ "embed"
+
+	"code.gitea.io/gitea/modules/assetfs"
+)
+
+//go:embed bindata.dat
+var bindata []byte
+
+var BuiltinAssets = sync.OnceValue(func() *assetfs.Layer {
+	return assetfs.Bindata("builtin(bindata)", assetfs.NewEmbeddedFS(bindata))
+})
diff --git a/modules/public/serve_dynamic.go b/modules/public/public_dynamic.go
index a668b17c34..a668b17c34 100644
--- a/modules/public/serve_dynamic.go
+++ b/modules/public/public_dynamic.go
diff --git a/modules/public/serve_static.go b/modules/public/serve_static.go
deleted file mode 100644
index e79085021e..0000000000
--- a/modules/public/serve_static.go
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright 2016 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-//go:build bindata
-
-package public
-
-import (
-	"time"
-
-	"code.gitea.io/gitea/modules/assetfs"
-	"code.gitea.io/gitea/modules/timeutil"
-)
-
-var _ GzipBytesProvider = (*vfsgenÛ°CompressedFileInfo)(nil)
-
-// GlobalModTime provide a global mod time for embedded asset files
-func GlobalModTime(filename string) time.Time {
-	return timeutil.GetExecutableModTime()
-}
-
-func BuiltinAssets() *assetfs.Layer {
-	return assetfs.Bindata("builtin(bindata)", Assets)
-}
diff --git a/modules/queue/base_levelqueue_common.go b/modules/queue/base_levelqueue_common.go
index 78d3b85a8a..d37093b84d 100644
--- a/modules/queue/base_levelqueue_common.go
+++ b/modules/queue/base_levelqueue_common.go
@@ -83,7 +83,7 @@ func prepareLevelDB(cfg *BaseConfig) (conn string, db *leveldb.DB, err error) {
 		}
 		conn = cfg.ConnStr
 	}
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		if db, err = nosql.GetManager().GetLevelDB(conn); err == nil {
 			break
 		}
diff --git a/modules/queue/base_redis.go b/modules/queue/base_redis.go
index a1e234943d..bea0fd7a98 100644
--- a/modules/queue/base_redis.go
+++ b/modules/queue/base_redis.go
@@ -29,7 +29,7 @@ func newBaseRedisGeneric(cfg *BaseConfig, unique bool) (baseQueue, error) {
 	client := nosql.GetManager().GetRedisClient(cfg.ConnStr)
 
 	var err error
-	for i := 0; i < 10; i++ {
+	for range 10 {
 		err = client.Ping(graceful.GetManager().ShutdownContext()).Err()
 		if err == nil {
 			break
diff --git a/modules/queue/base_test.go b/modules/queue/base_test.go
index 73abf49091..8e7c18d740 100644
--- a/modules/queue/base_test.go
+++ b/modules/queue/base_test.go
@@ -21,7 +21,7 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 		_ = q.RemoveAll(ctx)
 		cnt, err := q.Len(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 0, cnt)
+		assert.Equal(t, 0, cnt)
 
 		// push the first item
 		err = q.PushItem(ctx, []byte("foo"))
@@ -29,7 +29,7 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 
 		cnt, err = q.Len(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 1, cnt)
+		assert.Equal(t, 1, cnt)
 
 		// push a duplicate item
 		err = q.PushItem(ctx, []byte("foo"))
@@ -45,10 +45,10 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 		has, err := q.HasItem(ctx, []byte("foo"))
 		assert.NoError(t, err)
 		if !isUnique {
-			assert.EqualValues(t, 2, cnt)
+			assert.Equal(t, 2, cnt)
 			assert.False(t, has) // non-unique queues don't check for duplicates
 		} else {
-			assert.EqualValues(t, 1, cnt)
+			assert.Equal(t, 1, cnt)
 			assert.True(t, has)
 		}
 
@@ -59,18 +59,18 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 		// pop the first item (and the duplicate if non-unique)
 		it, err := q.PopItem(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, "foo", string(it))
+		assert.Equal(t, "foo", string(it))
 
 		if !isUnique {
 			it, err = q.PopItem(ctx)
 			assert.NoError(t, err)
-			assert.EqualValues(t, "foo", string(it))
+			assert.Equal(t, "foo", string(it))
 		}
 
 		// pop another item
 		it, err = q.PopItem(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, "bar", string(it))
+		assert.Equal(t, "bar", string(it))
 
 		// pop an empty queue (timeout, cancel)
 		ctxTimed, cancel := context.WithTimeout(ctx, 10*time.Millisecond)
@@ -87,7 +87,7 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 
 		// test blocking push if queue is full
 		for i := 0; i < cfg.Length; i++ {
-			err = q.PushItem(ctx, []byte(fmt.Sprintf("item-%d", i)))
+			err = q.PushItem(ctx, fmt.Appendf(nil, "item-%d", i))
 			assert.NoError(t, err)
 		}
 		ctxTimed, cancel = context.WithTimeout(ctx, 10*time.Millisecond)
@@ -107,13 +107,13 @@ func testQueueBasic(t *testing.T, newFn func(cfg *BaseConfig) (baseQueue, error)
 		// remove all
 		cnt, err = q.Len(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, cfg.Length, cnt)
+		assert.Equal(t, cfg.Length, cnt)
 
 		_ = q.RemoveAll(ctx)
 
 		cnt, err = q.Len(ctx)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 0, cnt)
+		assert.Equal(t, 0, cnt)
 	})
 }
 
@@ -126,7 +126,7 @@ func TestBaseDummy(t *testing.T) {
 
 	cnt, err := q.Len(ctx)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 0, cnt)
+	assert.Equal(t, 0, cnt)
 
 	has, err := q.HasItem(ctx, []byte("foo"))
 	assert.NoError(t, err)
diff --git a/modules/queue/manager.go b/modules/queue/manager.go
index 079e2bee7a..ae6c51872d 100644
--- a/modules/queue/manager.go
+++ b/modules/queue/manager.go
@@ -6,6 +6,7 @@ package queue
 import (
 	"context"
 	"errors"
+	"maps"
 	"sync"
 	"time"
 
@@ -70,9 +71,7 @@ func (m *Manager) ManagedQueues() map[int64]ManagedWorkerPoolQueue {
 	defer m.mu.Unlock()
 
 	queues := make(map[int64]ManagedWorkerPoolQueue, len(m.Queues))
-	for k, v := range m.Queues {
-		queues[k] = v
-	}
+	maps.Copy(queues, m.Queues)
 	return queues
 }
 
diff --git a/modules/queue/manager_test.go b/modules/queue/manager_test.go
index f55ee85a22..fda498cc84 100644
--- a/modules/queue/manager_test.go
+++ b/modules/queue/manager_test.go
@@ -47,7 +47,7 @@ CONN_STR = redis://
 	assert.Equal(t, filepath.Join(setting.AppDataPath, "queues/common"), q.baseConfig.DataFullDir)
 	assert.Equal(t, 100000, q.baseConfig.Length)
 	assert.Equal(t, 20, q.batchLength)
-	assert.Equal(t, "", q.baseConfig.ConnStr)
+	assert.Empty(t, q.baseConfig.ConnStr)
 	assert.Equal(t, "default_queue", q.baseConfig.QueueFullName)
 	assert.Equal(t, "default_queue_unique", q.baseConfig.SetFullName)
 	assert.NotZero(t, q.GetWorkerMaxNumber())
@@ -101,7 +101,7 @@ MAX_WORKERS = 123
 	assert.Equal(t, filepath.Join(setting.AppDataPath, "queues/dir2"), q2.baseConfig.DataFullDir)
 	assert.Equal(t, 102, q2.baseConfig.Length)
 	assert.Equal(t, 22, q2.batchLength)
-	assert.Equal(t, "", q2.baseConfig.ConnStr)
+	assert.Empty(t, q2.baseConfig.ConnStr)
 	assert.Equal(t, "sub_q2", q2.baseConfig.QueueFullName)
 	assert.Equal(t, "sub_q2_u2", q2.baseConfig.SetFullName)
 	assert.Equal(t, 123, q2.GetWorkerMaxNumber())
diff --git a/modules/queue/workerqueue_test.go b/modules/queue/workerqueue_test.go
index 0ca2be1d21..a6c369d5f9 100644
--- a/modules/queue/workerqueue_test.go
+++ b/modules/queue/workerqueue_test.go
@@ -63,9 +63,9 @@ func TestWorkerPoolQueueUnhandled(t *testing.T) {
 		ok := true
 		for i := 0; i < queueSetting.Length; i++ {
 			if i%2 == 0 {
-				ok = ok && assert.EqualValues(t, 2, m[i], "test %s: item %d", t.Name(), i)
+				ok = ok && assert.Equal(t, 2, m[i], "test %s: item %d", t.Name(), i)
 			} else {
-				ok = ok && assert.EqualValues(t, 1, m[i], "test %s: item %d", t.Name(), i)
+				ok = ok && assert.Equal(t, 1, m[i], "test %s: item %d", t.Name(), i)
 			}
 		}
 		if !ok {
@@ -77,17 +77,17 @@ func TestWorkerPoolQueueUnhandled(t *testing.T) {
 
 	runCount := 2 // we can run these tests even hundreds times to see its stability
 	t.Run("1/1", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			test(t, setting.QueueSettings{BatchLength: 1, MaxWorkers: 1})
 		}
 	})
 	t.Run("3/1", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			test(t, setting.QueueSettings{BatchLength: 3, MaxWorkers: 1})
 		}
 	})
 	t.Run("4/5", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			test(t, setting.QueueSettings{BatchLength: 4, MaxWorkers: 5})
 		}
 	})
@@ -96,17 +96,17 @@ func TestWorkerPoolQueueUnhandled(t *testing.T) {
 func TestWorkerPoolQueuePersistence(t *testing.T) {
 	runCount := 2 // we can run these tests even hundreds times to see its stability
 	t.Run("1/1", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			testWorkerPoolQueuePersistence(t, setting.QueueSettings{BatchLength: 1, MaxWorkers: 1, Length: 100})
 		}
 	})
 	t.Run("3/1", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			testWorkerPoolQueuePersistence(t, setting.QueueSettings{BatchLength: 3, MaxWorkers: 1, Length: 100})
 		}
 	})
 	t.Run("4/5", func(t *testing.T) {
-		for i := 0; i < runCount; i++ {
+		for range runCount {
 			testWorkerPoolQueuePersistence(t, setting.QueueSettings{BatchLength: 4, MaxWorkers: 5, Length: 100})
 		}
 	})
@@ -141,7 +141,7 @@ func testWorkerPoolQueuePersistence(t *testing.T, queueSetting setting.QueueSett
 
 		q, _ := newWorkerPoolQueueForTest("pr_patch_checker_test", queueSetting, testHandler, true)
 		stop := runWorkerPoolQueue(q)
-		for i := 0; i < testCount; i++ {
+		for i := range testCount {
 			_ = q.Push("task-" + strconv.Itoa(i))
 		}
 		close(startWhenAllReady)
@@ -173,7 +173,7 @@ func testWorkerPoolQueuePersistence(t *testing.T, queueSetting setting.QueueSett
 
 	assert.NotEmpty(t, tasksQ1)
 	assert.NotEmpty(t, tasksQ2)
-	assert.EqualValues(t, testCount, len(tasksQ1)+len(tasksQ2))
+	assert.Equal(t, testCount, len(tasksQ1)+len(tasksQ2))
 }
 
 func TestWorkerPoolQueueActiveWorkers(t *testing.T) {
@@ -186,34 +186,34 @@ func TestWorkerPoolQueueActiveWorkers(t *testing.T) {
 
 	q, _ := newWorkerPoolQueueForTest("test-workpoolqueue", setting.QueueSettings{Type: "channel", BatchLength: 1, MaxWorkers: 1, Length: 100}, handler, false)
 	stop := runWorkerPoolQueue(q)
-	for i := 0; i < 5; i++ {
+	for i := range 5 {
 		assert.NoError(t, q.Push(i))
 	}
 
 	time.Sleep(50 * time.Millisecond)
-	assert.EqualValues(t, 1, q.GetWorkerNumber())
-	assert.EqualValues(t, 1, q.GetWorkerActiveNumber())
+	assert.Equal(t, 1, q.GetWorkerNumber())
+	assert.Equal(t, 1, q.GetWorkerActiveNumber())
 	time.Sleep(500 * time.Millisecond)
-	assert.EqualValues(t, 1, q.GetWorkerNumber())
-	assert.EqualValues(t, 0, q.GetWorkerActiveNumber())
+	assert.Equal(t, 1, q.GetWorkerNumber())
+	assert.Equal(t, 0, q.GetWorkerActiveNumber())
 	time.Sleep(workerIdleDuration)
-	assert.EqualValues(t, 1, q.GetWorkerNumber()) // there is at least one worker after the queue begins working
+	assert.Equal(t, 1, q.GetWorkerNumber()) // there is at least one worker after the queue begins working
 	stop()
 
 	q, _ = newWorkerPoolQueueForTest("test-workpoolqueue", setting.QueueSettings{Type: "channel", BatchLength: 1, MaxWorkers: 3, Length: 100}, handler, false)
 	stop = runWorkerPoolQueue(q)
-	for i := 0; i < 15; i++ {
+	for i := range 15 {
 		assert.NoError(t, q.Push(i))
 	}
 
 	time.Sleep(50 * time.Millisecond)
-	assert.EqualValues(t, 3, q.GetWorkerNumber())
-	assert.EqualValues(t, 3, q.GetWorkerActiveNumber())
+	assert.Equal(t, 3, q.GetWorkerNumber())
+	assert.Equal(t, 3, q.GetWorkerActiveNumber())
 	time.Sleep(500 * time.Millisecond)
-	assert.EqualValues(t, 3, q.GetWorkerNumber())
-	assert.EqualValues(t, 0, q.GetWorkerActiveNumber())
+	assert.Equal(t, 3, q.GetWorkerNumber())
+	assert.Equal(t, 0, q.GetWorkerActiveNumber())
 	time.Sleep(workerIdleDuration)
-	assert.EqualValues(t, 1, q.GetWorkerNumber()) // there is at least one worker after the queue begins working
+	assert.Equal(t, 1, q.GetWorkerNumber()) // there is at least one worker after the queue begins working
 	stop()
 }
 
@@ -240,13 +240,13 @@ func TestWorkerPoolQueueShutdown(t *testing.T) {
 	}
 	<-handlerCalled
 	time.Sleep(200 * time.Millisecond) // wait for a while to make sure all workers are active
-	assert.EqualValues(t, 4, q.GetWorkerActiveNumber())
+	assert.Equal(t, 4, q.GetWorkerActiveNumber())
 	stop() // stop triggers shutdown
-	assert.EqualValues(t, 0, q.GetWorkerActiveNumber())
+	assert.Equal(t, 0, q.GetWorkerActiveNumber())
 
 	// no item was ever handled, so we still get all of them again
 	q, _ = newWorkerPoolQueueForTest("test-workpoolqueue", qs, handler, false)
-	assert.EqualValues(t, 20, q.GetQueueItemNumber())
+	assert.Equal(t, 20, q.GetQueueItemNumber())
 }
 
 func TestWorkerPoolQueueWorkerIdleReset(t *testing.T) {
@@ -274,7 +274,7 @@ func TestWorkerPoolQueueWorkerIdleReset(t *testing.T) {
 	}
 	q, _ = newWorkerPoolQueueForTest("test-workpoolqueue", setting.QueueSettings{Type: "channel", BatchLength: 1, MaxWorkers: 2, Length: 100}, handler, false)
 	stop := runWorkerPoolQueue(q)
-	for i := 0; i < 100; i++ {
+	for i := range 100 {
 		assert.NoError(t, q.Push(i))
 	}
 	time.Sleep(500 * time.Millisecond)
diff --git a/modules/references/references.go b/modules/references/references.go
index a5b102b7f2..592bd4cbe4 100644
--- a/modules/references/references.go
+++ b/modules/references/references.go
@@ -462,11 +462,12 @@ func findAllIssueReferencesBytes(content []byte, links []string) []*rawReference
 				continue
 			}
 			var sep string
-			if parts[3] == "issues" {
+			switch parts[3] {
+			case "issues":
 				sep = "#"
-			} else if parts[3] == "pulls" {
+			case "pulls":
 				sep = "!"
-			} else {
+			default:
 				continue
 			}
 			// Note: closing/reopening keywords not supported with URLs
diff --git a/modules/references/references_test.go b/modules/references/references_test.go
index 1b6a968d6a..a15ae99f79 100644
--- a/modules/references/references_test.go
+++ b/modules/references/references_test.go
@@ -46,7 +46,7 @@ owner/repo!123456789
 	contentBytes := []byte(test)
 	convertFullHTMLReferencesToShortRefs(re, &contentBytes)
 	result := string(contentBytes)
-	assert.EqualValues(t, expect, result)
+	assert.Equal(t, expect, result)
 }
 
 func TestFindAllIssueReferences(t *testing.T) {
@@ -283,9 +283,9 @@ func testFixtures(t *testing.T, fixtures []testFixture, context string) {
 		}
 		expref := rawToIssueReferenceList(expraw)
 		refs := FindAllIssueReferencesMarkdown(fixture.input)
-		assert.EqualValues(t, expref, refs, "[%s] Failed to parse: {%s}", context, fixture.input)
+		assert.Equal(t, expref, refs, "[%s] Failed to parse: {%s}", context, fixture.input)
 		rawrefs := findAllIssueReferencesMarkdown(fixture.input)
-		assert.EqualValues(t, expraw, rawrefs, "[%s] Failed to parse: {%s}", context, fixture.input)
+		assert.Equal(t, expraw, rawrefs, "[%s] Failed to parse: {%s}", context, fixture.input)
 	}
 
 	// Restore for other tests that may rely on the original value
@@ -294,7 +294,7 @@ func testFixtures(t *testing.T, fixtures []testFixture, context string) {
 
 func TestFindAllMentions(t *testing.T) {
 	res := FindAllMentionsBytes([]byte("@tasha, @mike; @lucy: @john"))
-	assert.EqualValues(t, []RefSpan{
+	assert.Equal(t, []RefSpan{
 		{Start: 0, End: 6},
 		{Start: 8, End: 13},
 		{Start: 15, End: 20},
@@ -554,7 +554,7 @@ func TestParseCloseKeywords(t *testing.T) {
 			res := pat.FindAllStringSubmatch(test.match, -1)
 			assert.Len(t, res, 1)
 			assert.Len(t, res[0], 2)
-			assert.EqualValues(t, test.expected, res[0][1])
+			assert.Equal(t, test.expected, res[0][1])
 		}
 	}
 }
diff --git a/modules/regexplru/regexplru_test.go b/modules/regexplru/regexplru_test.go
index 9c24b23fa9..4b539c31e9 100644
--- a/modules/regexplru/regexplru_test.go
+++ b/modules/regexplru/regexplru_test.go
@@ -18,9 +18,9 @@ func TestRegexpLru(t *testing.T) {
 	assert.NoError(t, err)
 	assert.True(t, r.MatchString("a"))
 
-	assert.EqualValues(t, 1, lruCache.Len())
+	assert.Equal(t, 1, lruCache.Len())
 
 	_, err = GetCompiled("(")
 	assert.Error(t, err)
-	assert.EqualValues(t, 2, lruCache.Len())
+	assert.Equal(t, 2, lruCache.Len())
 }
diff --git a/modules/repository/branch.go b/modules/repository/branch.go
index 2bf9930f19..30aa0a6e85 100644
--- a/modules/repository/branch.go
+++ b/modules/repository/branch.go
@@ -41,11 +41,12 @@ func SyncRepoBranchesWithRepo(ctx context.Context, repo *repo_model.Repository,
 	if err != nil {
 		return 0, fmt.Errorf("GetObjectFormat: %w", err)
 	}
-	_, err = db.GetEngine(ctx).ID(repo.ID).Update(&repo_model.Repository{ObjectFormatName: objFmt.Name()})
-	if err != nil {
-		return 0, fmt.Errorf("UpdateRepository: %w", err)
+	if objFmt.Name() != repo.ObjectFormatName {
+		repo.ObjectFormatName = objFmt.Name()
+		if err = repo_model.UpdateRepositoryColsWithAutoTime(ctx, repo, "object_format_name"); err != nil {
+			return 0, fmt.Errorf("UpdateRepositoryColsWithAutoTime: %w", err)
+		}
 	}
-	repo.ObjectFormatName = objFmt.Name() // keep consistent with db
 
 	allBranches := container.Set[string]{}
 	{
diff --git a/modules/repository/branch_test.go b/modules/repository/branch_test.go
index acf75a1ac0..ead28aa141 100644
--- a/modules/repository/branch_test.go
+++ b/modules/repository/branch_test.go
@@ -27,5 +27,5 @@ func TestSyncRepoBranches(t *testing.T) {
 	assert.Equal(t, "sha1", repo.ObjectFormatName)
 	branch, err := git_model.GetBranch(db.DefaultContext, 1, "master")
 	assert.NoError(t, err)
-	assert.EqualValues(t, "master", branch.Name)
+	assert.Equal(t, "master", branch.Name)
 }
diff --git a/modules/repository/commits.go b/modules/repository/commits.go
index 16520fb28a..878fdc1603 100644
--- a/modules/repository/commits.go
+++ b/modules/repository/commits.go
@@ -13,6 +13,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/cachegroup"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -131,7 +132,7 @@ func (pc *PushCommits) ToAPIPayloadCommits(ctx context.Context, repo *repo_model
 func (pc *PushCommits) AvatarLink(ctx context.Context, email string) string {
 	size := avatars.DefaultAvatarPixelSize * setting.Avatar.RenderedSizeFactor
 
-	v, _ := cache.GetWithContextCache(ctx, "push_commits", email, func() (string, error) {
+	v, _ := cache.GetWithContextCache(ctx, cachegroup.EmailAvatarLink, email, func(ctx context.Context, email string) (string, error) {
 		u, err := user_model.GetUserByEmail(ctx, email)
 		if err != nil {
 			if !user_model.IsErrUserNotExist(err) {
diff --git a/modules/repository/commits_test.go b/modules/repository/commits_test.go
index e8dbf0b4e9..030cd7714d 100644
--- a/modules/repository/commits_test.go
+++ b/modules/repository/commits_test.go
@@ -62,9 +62,9 @@ func TestPushCommits_ToAPIPayloadCommits(t *testing.T) {
 	assert.Equal(t, "user2", payloadCommits[0].Committer.UserName)
 	assert.Equal(t, "User2", payloadCommits[0].Author.Name)
 	assert.Equal(t, "user2", payloadCommits[0].Author.UserName)
-	assert.EqualValues(t, []string{}, payloadCommits[0].Added)
-	assert.EqualValues(t, []string{}, payloadCommits[0].Removed)
-	assert.EqualValues(t, []string{"readme.md"}, payloadCommits[0].Modified)
+	assert.Equal(t, []string{}, payloadCommits[0].Added)
+	assert.Equal(t, []string{}, payloadCommits[0].Removed)
+	assert.Equal(t, []string{"readme.md"}, payloadCommits[0].Modified)
 
 	assert.Equal(t, "27566bd", payloadCommits[1].ID)
 	assert.Equal(t, "good signed commit (with not yet validated email)", payloadCommits[1].Message)
@@ -73,9 +73,9 @@ func TestPushCommits_ToAPIPayloadCommits(t *testing.T) {
 	assert.Equal(t, "user2", payloadCommits[1].Committer.UserName)
 	assert.Equal(t, "User2", payloadCommits[1].Author.Name)
 	assert.Equal(t, "user2", payloadCommits[1].Author.UserName)
-	assert.EqualValues(t, []string{}, payloadCommits[1].Added)
-	assert.EqualValues(t, []string{}, payloadCommits[1].Removed)
-	assert.EqualValues(t, []string{"readme.md"}, payloadCommits[1].Modified)
+	assert.Equal(t, []string{}, payloadCommits[1].Added)
+	assert.Equal(t, []string{}, payloadCommits[1].Removed)
+	assert.Equal(t, []string{"readme.md"}, payloadCommits[1].Modified)
 
 	assert.Equal(t, "5099b81", payloadCommits[2].ID)
 	assert.Equal(t, "good signed commit", payloadCommits[2].Message)
@@ -84,9 +84,9 @@ func TestPushCommits_ToAPIPayloadCommits(t *testing.T) {
 	assert.Equal(t, "user2", payloadCommits[2].Committer.UserName)
 	assert.Equal(t, "User2", payloadCommits[2].Author.Name)
 	assert.Equal(t, "user2", payloadCommits[2].Author.UserName)
-	assert.EqualValues(t, []string{"readme.md"}, payloadCommits[2].Added)
-	assert.EqualValues(t, []string{}, payloadCommits[2].Removed)
-	assert.EqualValues(t, []string{}, payloadCommits[2].Modified)
+	assert.Equal(t, []string{"readme.md"}, payloadCommits[2].Added)
+	assert.Equal(t, []string{}, payloadCommits[2].Removed)
+	assert.Equal(t, []string{}, payloadCommits[2].Modified)
 
 	assert.Equal(t, "69554a6", headCommit.ID)
 	assert.Equal(t, "not signed commit", headCommit.Message)
@@ -95,9 +95,9 @@ func TestPushCommits_ToAPIPayloadCommits(t *testing.T) {
 	assert.Equal(t, "user2", headCommit.Committer.UserName)
 	assert.Equal(t, "User2", headCommit.Author.Name)
 	assert.Equal(t, "user2", headCommit.Author.UserName)
-	assert.EqualValues(t, []string{}, headCommit.Added)
-	assert.EqualValues(t, []string{}, headCommit.Removed)
-	assert.EqualValues(t, []string{"readme.md"}, headCommit.Modified)
+	assert.Equal(t, []string{}, headCommit.Added)
+	assert.Equal(t, []string{}, headCommit.Removed)
+	assert.Equal(t, []string{"readme.md"}, headCommit.Modified)
 }
 
 func TestPushCommits_AvatarLink(t *testing.T) {
@@ -200,5 +200,3 @@ func TestListToPushCommits(t *testing.T) {
 		assert.Equal(t, now, pushCommits.Commits[1].Timestamp)
 	}
 }
-
-// TODO TestPushUpdate
diff --git a/modules/repository/create.go b/modules/repository/create.go
index b4f7033bd7..a75598a84b 100644
--- a/modules/repository/create.go
+++ b/modules/repository/create.go
@@ -7,19 +7,10 @@ import (
 	"context"
 	"fmt"
 	"os"
-	"path"
 	"path/filepath"
-	"strings"
 
-	activities_model "code.gitea.io/gitea/models/activities"
-	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
-	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
-	issue_indexer "code.gitea.io/gitea/modules/indexer/issues"
-	"code.gitea.io/gitea/modules/log"
-	api "code.gitea.io/gitea/modules/structs"
-	"code.gitea.io/gitea/modules/util"
 )
 
 const notRegularFileMode = os.ModeSymlink | os.ModeNamedPipe | os.ModeSocket | os.ModeDevice | os.ModeCharDevice | os.ModeIrregular
@@ -64,97 +55,3 @@ func UpdateRepoSize(ctx context.Context, repo *repo_model.Repository) error {
 
 	return repo_model.UpdateRepoSize(ctx, repo.ID, size, lfsSize)
 }
-
-// CheckDaemonExportOK creates/removes git-daemon-export-ok for git-daemon...
-func CheckDaemonExportOK(ctx context.Context, repo *repo_model.Repository) error {
-	if err := repo.LoadOwner(ctx); err != nil {
-		return err
-	}
-
-	// Create/Remove git-daemon-export-ok for git-daemon...
-	daemonExportFile := path.Join(repo.RepoPath(), `git-daemon-export-ok`)
-
-	isExist, err := util.IsExist(daemonExportFile)
-	if err != nil {
-		log.Error("Unable to check if %s exists. Error: %v", daemonExportFile, err)
-		return err
-	}
-
-	isPublic := !repo.IsPrivate && repo.Owner.Visibility == api.VisibleTypePublic
-	if !isPublic && isExist {
-		if err = util.Remove(daemonExportFile); err != nil {
-			log.Error("Failed to remove %s: %v", daemonExportFile, err)
-		}
-	} else if isPublic && !isExist {
-		if f, err := os.Create(daemonExportFile); err != nil {
-			log.Error("Failed to create %s: %v", daemonExportFile, err)
-		} else {
-			f.Close()
-		}
-	}
-
-	return nil
-}
-
-// UpdateRepository updates a repository with db context
-func UpdateRepository(ctx context.Context, repo *repo_model.Repository, visibilityChanged bool) (err error) {
-	repo.LowerName = strings.ToLower(repo.Name)
-
-	e := db.GetEngine(ctx)
-
-	if _, err = e.ID(repo.ID).AllCols().Update(repo); err != nil {
-		return fmt.Errorf("update: %w", err)
-	}
-
-	if err = UpdateRepoSize(ctx, repo); err != nil {
-		log.Error("Failed to update size for repository: %v", err)
-	}
-
-	if visibilityChanged {
-		if err = repo.LoadOwner(ctx); err != nil {
-			return fmt.Errorf("LoadOwner: %w", err)
-		}
-		if repo.Owner.IsOrganization() {
-			// Organization repository need to recalculate access table when visibility is changed.
-			if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
-				return fmt.Errorf("recalculateTeamAccesses: %w", err)
-			}
-		}
-
-		// If repo has become private, we need to set its actions to private.
-		if repo.IsPrivate {
-			_, err = e.Where("repo_id = ?", repo.ID).Cols("is_private").Update(&activities_model.Action{
-				IsPrivate: true,
-			})
-			if err != nil {
-				return err
-			}
-
-			if err = repo_model.ClearRepoStars(ctx, repo.ID); err != nil {
-				return err
-			}
-		}
-
-		// Create/Remove git-daemon-export-ok for git-daemon...
-		if err := CheckDaemonExportOK(ctx, repo); err != nil {
-			return err
-		}
-
-		forkRepos, err := repo_model.GetRepositoriesByForkID(ctx, repo.ID)
-		if err != nil {
-			return fmt.Errorf("getRepositoriesByForkID: %w", err)
-		}
-		for i := range forkRepos {
-			forkRepos[i].IsPrivate = repo.IsPrivate || repo.Owner.Visibility == api.VisibleTypePrivate
-			if err = UpdateRepository(ctx, forkRepos[i], true); err != nil {
-				return fmt.Errorf("updateRepository[%d]: %w", forkRepos[i].ID, err)
-			}
-		}
-
-		// If visibility is changed, we need to update the issue indexer.
-		// Since the data in the issue indexer have field to indicate if the repo is public or not.
-		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
-	}
-
-	return nil
-}
diff --git a/modules/repository/create_test.go b/modules/repository/create_test.go
index a9151482b4..b85a10adad 100644
--- a/modules/repository/create_test.go
+++ b/modules/repository/create_test.go
@@ -6,7 +6,6 @@ package repository
 import (
 	"testing"
 
-	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
@@ -14,26 +13,6 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func TestUpdateRepositoryVisibilityChanged(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-
-	// Get sample repo and change visibility
-	repo, err := repo_model.GetRepositoryByID(db.DefaultContext, 9)
-	assert.NoError(t, err)
-	repo.IsPrivate = true
-
-	// Update it
-	err = UpdateRepository(db.DefaultContext, repo, true)
-	assert.NoError(t, err)
-
-	// Check visibility of action has become private
-	act := activities_model.Action{}
-	_, err = db.GetEngine(db.DefaultContext).ID(3).Get(&act)
-
-	assert.NoError(t, err)
-	assert.True(t, act.IsPrivate)
-}
-
 func TestGetDirectorySize(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	repo, err := repo_model.GetRepositoryByID(db.DefaultContext, 1)
@@ -41,5 +20,5 @@ func TestGetDirectorySize(t *testing.T) {
 	size, err := getDirectorySize(repo.RepoPath())
 	assert.NoError(t, err)
 	repo.Size = 8165 // real size on the disk
-	assert.EqualValues(t, repo.Size, size)
+	assert.Equal(t, repo.Size, size)
 }
diff --git a/modules/repository/env.go b/modules/repository/env.go
index e4f32092fc..78e06f86fb 100644
--- a/modules/repository/env.go
+++ b/modules/repository/env.go
@@ -4,8 +4,8 @@
 package repository
 
 import (
-	"fmt"
 	"os"
+	"strconv"
 	"strings"
 
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -72,9 +72,9 @@ func FullPushingEnvironment(author, committer *user_model.User, repo *repo_model
 		EnvRepoUsername+"="+repo.OwnerName,
 		EnvRepoIsWiki+"="+isWiki,
 		EnvPusherName+"="+committer.Name,
-		EnvPusherID+"="+fmt.Sprintf("%d", committer.ID),
-		EnvRepoID+"="+fmt.Sprintf("%d", repo.ID),
-		EnvPRID+"="+fmt.Sprintf("%d", prID),
+		EnvPusherID+"="+strconv.FormatInt(committer.ID, 10),
+		EnvRepoID+"="+strconv.FormatInt(repo.ID, 10),
+		EnvPRID+"="+strconv.FormatInt(prID, 10),
 		EnvAppURL+"="+setting.AppURL,
 		"SSH_ORIGINAL_COMMAND=gitea-internal",
 	)
diff --git a/modules/repository/init.go b/modules/repository/init.go
index ace21254ba..12e9606c74 100644
--- a/modules/repository/init.go
+++ b/modules/repository/init.go
@@ -11,11 +11,7 @@ import (
 	"strings"
 
 	issues_model "code.gitea.io/gitea/models/issues"
-	repo_model "code.gitea.io/gitea/models/repo"
-	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/label"
-	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/options"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
@@ -121,29 +117,6 @@ func LoadRepoConfig() error {
 	return nil
 }
 
-func CheckInitRepository(ctx context.Context, repo *repo_model.Repository) (err error) {
-	// Somehow the directory could exist.
-	isExist, err := gitrepo.IsRepositoryExist(ctx, repo)
-	if err != nil {
-		log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
-		return err
-	}
-	if isExist {
-		return repo_model.ErrRepoFilesAlreadyExist{
-			Uname: repo.OwnerName,
-			Name:  repo.Name,
-		}
-	}
-
-	// Init git bare new repository.
-	if err = git.InitRepository(ctx, repo.RepoPath(), true, repo.ObjectFormatName); err != nil {
-		return fmt.Errorf("git.InitRepository: %w", err)
-	} else if err = gitrepo.CreateDelegateHooks(ctx, repo); err != nil {
-		return fmt.Errorf("createDelegateHooks: %w", err)
-	}
-	return nil
-}
-
 // InitializeLabels adds a label set to a repository using a template
 func InitializeLabels(ctx context.Context, id int64, labelTemplate string, isOrg bool) error {
 	list, err := LoadTemplateLabelsByDisplayName(labelTemplate)
@@ -152,12 +125,13 @@ func InitializeLabels(ctx context.Context, id int64, labelTemplate string, isOrg
 	}
 
 	labels := make([]*issues_model.Label, len(list))
-	for i := 0; i < len(list); i++ {
+	for i := range list {
 		labels[i] = &issues_model.Label{
-			Name:        list[i].Name,
-			Exclusive:   list[i].Exclusive,
-			Description: list[i].Description,
-			Color:       list[i].Color,
+			Name:           list[i].Name,
+			Exclusive:      list[i].Exclusive,
+			ExclusiveOrder: list[i].ExclusiveOrder,
+			Description:    list[i].Description,
+			Color:          list[i].Color,
 		}
 		if isOrg {
 			labels[i].OrgID = id
diff --git a/modules/repository/init_test.go b/modules/repository/init_test.go
index 227efdc1db..1fa928105c 100644
--- a/modules/repository/init_test.go
+++ b/modules/repository/init_test.go
@@ -14,17 +14,17 @@ func TestMergeCustomLabels(t *testing.T) {
 		all:    []string{"a", "a.yaml", "a.yml"},
 		custom: nil,
 	})
-	assert.EqualValues(t, []string{"a.yaml"}, files, "yaml file should win")
+	assert.Equal(t, []string{"a.yaml"}, files, "yaml file should win")
 
 	files = mergeCustomLabelFiles(optionFileList{
 		all:    []string{"a", "a.yaml"},
 		custom: []string{"a"},
 	})
-	assert.EqualValues(t, []string{"a"}, files, "custom file should win")
+	assert.Equal(t, []string{"a"}, files, "custom file should win")
 
 	files = mergeCustomLabelFiles(optionFileList{
 		all:    []string{"a", "a.yml", "a.yaml"},
 		custom: []string{"a", "a.yml"},
 	})
-	assert.EqualValues(t, []string{"a.yml"}, files, "custom yml file should win if no yaml")
+	assert.Equal(t, []string{"a.yml"}, files, "custom yml file should win if no yaml")
 }
diff --git a/modules/repository/repo.go b/modules/repository/repo.go
index 97b0343381..ad4a53b858 100644
--- a/modules/repository/repo.go
+++ b/modules/repository/repo.go
@@ -9,13 +9,10 @@ import (
 	"fmt"
 	"io"
 	"strings"
-	"time"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	repo_model "code.gitea.io/gitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/lfs"
@@ -59,118 +56,6 @@ func SyncRepoTags(ctx context.Context, repoID int64) error {
 	return SyncReleasesWithTags(ctx, repo, gitRepo)
 }
 
-// SyncReleasesWithTags synchronizes release table with repository tags
-func SyncReleasesWithTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository) error {
-	log.Debug("SyncReleasesWithTags: in Repo[%d:%s/%s]", repo.ID, repo.OwnerName, repo.Name)
-
-	// optimized procedure for pull-mirrors which saves a lot of time (in
-	// particular for repos with many tags).
-	if repo.IsMirror {
-		return pullMirrorReleaseSync(ctx, repo, gitRepo)
-	}
-
-	existingRelTags := make(container.Set[string])
-	opts := repo_model.FindReleasesOptions{
-		IncludeDrafts: true,
-		IncludeTags:   true,
-		ListOptions:   db.ListOptions{PageSize: 50},
-		RepoID:        repo.ID,
-	}
-	for page := 1; ; page++ {
-		opts.Page = page
-		rels, err := db.Find[repo_model.Release](gitRepo.Ctx, opts)
-		if err != nil {
-			return fmt.Errorf("unable to GetReleasesByRepoID in Repo[%d:%s/%s]: %w", repo.ID, repo.OwnerName, repo.Name, err)
-		}
-		if len(rels) == 0 {
-			break
-		}
-		for _, rel := range rels {
-			if rel.IsDraft {
-				continue
-			}
-			commitID, err := gitRepo.GetTagCommitID(rel.TagName)
-			if err != nil && !git.IsErrNotExist(err) {
-				return fmt.Errorf("unable to GetTagCommitID for %q in Repo[%d:%s/%s]: %w", rel.TagName, repo.ID, repo.OwnerName, repo.Name, err)
-			}
-			if git.IsErrNotExist(err) || commitID != rel.Sha1 {
-				if err := repo_model.PushUpdateDeleteTag(ctx, repo, rel.TagName); err != nil {
-					return fmt.Errorf("unable to PushUpdateDeleteTag: %q in Repo[%d:%s/%s]: %w", rel.TagName, repo.ID, repo.OwnerName, repo.Name, err)
-				}
-			} else {
-				existingRelTags.Add(strings.ToLower(rel.TagName))
-			}
-		}
-	}
-
-	_, err := gitRepo.WalkReferences(git.ObjectTag, 0, 0, func(sha1, refname string) error {
-		tagName := strings.TrimPrefix(refname, git.TagPrefix)
-		if existingRelTags.Contains(strings.ToLower(tagName)) {
-			return nil
-		}
-
-		if err := PushUpdateAddTag(ctx, repo, gitRepo, tagName, sha1, refname); err != nil {
-			// sometimes, some tags will be sync failed. i.e. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tag/?h=v2.6.11
-			// this is a tree object, not a tag object which created before git
-			log.Error("unable to PushUpdateAddTag: %q to Repo[%d:%s/%s]: %v", tagName, repo.ID, repo.OwnerName, repo.Name, err)
-		}
-
-		return nil
-	})
-	return err
-}
-
-// PushUpdateAddTag must be called for any push actions to add tag
-func PushUpdateAddTag(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, tagName, sha1, refname string) error {
-	tag, err := gitRepo.GetTagWithID(sha1, tagName)
-	if err != nil {
-		return fmt.Errorf("unable to GetTag: %w", err)
-	}
-	commit, err := tag.Commit(gitRepo)
-	if err != nil {
-		return fmt.Errorf("unable to get tag Commit: %w", err)
-	}
-
-	sig := tag.Tagger
-	if sig == nil {
-		sig = commit.Author
-	}
-	if sig == nil {
-		sig = commit.Committer
-	}
-
-	var author *user_model.User
-	createdAt := time.Unix(1, 0)
-
-	if sig != nil {
-		author, err = user_model.GetUserByEmail(ctx, sig.Email)
-		if err != nil && !user_model.IsErrUserNotExist(err) {
-			return fmt.Errorf("unable to GetUserByEmail for %q: %w", sig.Email, err)
-		}
-		createdAt = sig.When
-	}
-
-	commitsCount, err := commit.CommitsCount()
-	if err != nil {
-		return fmt.Errorf("unable to get CommitsCount: %w", err)
-	}
-
-	rel := repo_model.Release{
-		RepoID:       repo.ID,
-		TagName:      tagName,
-		LowerTagName: strings.ToLower(tagName),
-		Sha1:         commit.ID.String(),
-		NumCommits:   commitsCount,
-		CreatedUnix:  timeutil.TimeStamp(createdAt.Unix()),
-		IsTag:        true,
-	}
-	if author != nil {
-		rel.PublisherID = author.ID
-	}
-
-	return repo_model.SaveOrUpdateTag(ctx, repo, &rel)
-}
-
 // StoreMissingLfsObjectsInRepository downloads missing LFS objects
 func StoreMissingLfsObjectsInRepository(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, lfsClient lfs.Client) error {
 	contentStore := lfs.NewContentStore()
@@ -286,18 +171,19 @@ func (shortRelease) TableName() string {
 	return "release"
 }
 
-// pullMirrorReleaseSync is a pull-mirror specific tag<->release table
+// SyncReleasesWithTags is a tag<->release table
 // synchronization which overwrites all Releases from the repository tags. This
 // can be relied on since a pull-mirror is always identical to its
-// upstream. Hence, after each sync we want the pull-mirror release set to be
+// upstream. Hence, after each sync we want the release set to be
 // identical to the upstream tag set. This is much more efficient for
 // repositories like https://github.com/vim/vim (with over 13000 tags).
-func pullMirrorReleaseSync(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository) error {
-	log.Trace("pullMirrorReleaseSync: rebuilding releases for pull-mirror Repo[%d:%s/%s]", repo.ID, repo.OwnerName, repo.Name)
-	tags, numTags, err := gitRepo.GetTagInfos(0, 0)
+func SyncReleasesWithTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository) error {
+	log.Debug("SyncReleasesWithTags: in Repo[%d:%s/%s]", repo.ID, repo.OwnerName, repo.Name)
+	tags, _, err := gitRepo.GetTagInfos(0, 0)
 	if err != nil {
 		return fmt.Errorf("unable to GetTagInfos in pull-mirror Repo[%d:%s/%s]: %w", repo.ID, repo.OwnerName, repo.Name, err)
 	}
+	var added, deleted, updated int
 	err = db.WithTx(ctx, func(ctx context.Context) error {
 		dbReleases, err := db.Find[shortRelease](ctx, repo_model.FindReleasesOptions{
 			RepoID:        repo.ID,
@@ -318,9 +204,7 @@ func pullMirrorReleaseSync(ctx context.Context, repo *repo_model.Repository, git
 				TagName:      tag.Name,
 				LowerTagName: strings.ToLower(tag.Name),
 				Sha1:         tag.Object.String(),
-				// NOTE: ignored, since NumCommits are unused
-				// for pull-mirrors (only relevant when
-				// displaying releases, IsTag: false)
+				// NOTE: ignored, The NumCommits value is calculated and cached on demand when the UI requires it.
 				NumCommits:  -1,
 				CreatedUnix: timeutil.TimeStamp(tag.Tagger.When.Unix()),
 				IsTag:       true,
@@ -349,13 +233,14 @@ func pullMirrorReleaseSync(ctx context.Context, repo *repo_model.Repository, git
 				return fmt.Errorf("unable to update tag %s for pull-mirror Repo[%d:%s/%s]: %w", tag.Name, repo.ID, repo.OwnerName, repo.Name, err)
 			}
 		}
+		added, deleted, updated = len(deletes), len(updates), len(inserts)
 		return nil
 	})
 	if err != nil {
 		return fmt.Errorf("unable to rebuild release table for pull-mirror Repo[%d:%s/%s]: %w", repo.ID, repo.OwnerName, repo.Name, err)
 	}
 
-	log.Trace("pullMirrorReleaseSync: done rebuilding %d releases", numTags)
+	log.Trace("SyncReleasesWithTags: %d tags added, %d tags deleted, %d tags updated", added, deleted, updated)
 	return nil
 }
 
diff --git a/modules/repository/repo_test.go b/modules/repository/repo_test.go
index f3e7be6d7d..f79a79ccbd 100644
--- a/modules/repository/repo_test.go
+++ b/modules/repository/repo_test.go
@@ -63,7 +63,7 @@ func Test_calcSync(t *testing.T) {
 
 	inserts, deletes, updates := calcSync(gitTags, dbReleases)
 	if assert.Len(t, inserts, 1, "inserts") {
-		assert.EqualValues(t, *gitTags[2], *inserts[0], "inserts equal")
+		assert.Equal(t, *gitTags[2], *inserts[0], "inserts equal")
 	}
 
 	if assert.Len(t, deletes, 1, "deletes") {
@@ -71,6 +71,6 @@ func Test_calcSync(t *testing.T) {
 	}
 
 	if assert.Len(t, updates, 1, "updates") {
-		assert.EqualValues(t, *gitTags[1], *updates[0], "updates equal")
+		assert.Equal(t, *gitTags[1], *updates[0], "updates equal")
 	}
 }
diff --git a/modules/repository/temp.go b/modules/repository/temp.go
index 04faa9db3d..d7253d9e02 100644
--- a/modules/repository/temp.go
+++ b/modules/repository/temp.go
@@ -4,42 +4,19 @@
 package repository
 
 import (
+	"context"
 	"fmt"
-	"os"
-	"path"
-	"path/filepath"
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
 )
 
-// LocalCopyPath returns the local repository temporary copy path.
-func LocalCopyPath() string {
-	if filepath.IsAbs(setting.Repository.Local.LocalCopyPath) {
-		return setting.Repository.Local.LocalCopyPath
-	}
-	return path.Join(setting.AppDataPath, setting.Repository.Local.LocalCopyPath)
-}
-
 // CreateTemporaryPath creates a temporary path
-func CreateTemporaryPath(prefix string) (string, error) {
-	if err := os.MkdirAll(LocalCopyPath(), os.ModePerm); err != nil {
-		log.Error("Unable to create localcopypath directory: %s (%v)", LocalCopyPath(), err)
-		return "", fmt.Errorf("Failed to create localcopypath directory %s: %w", LocalCopyPath(), err)
-	}
-	basePath, err := os.MkdirTemp(LocalCopyPath(), prefix+".git")
+func CreateTemporaryPath(prefix string) (string, context.CancelFunc, error) {
+	basePath, cleanup, err := setting.AppDataTempDir("local-repo").MkdirTempRandom(prefix + ".git")
 	if err != nil {
 		log.Error("Unable to create temporary directory: %s-*.git (%v)", prefix, err)
-		return "", fmt.Errorf("Failed to create dir %s-*.git: %w", prefix, err)
-	}
-	return basePath, nil
-}
-
-// RemoveTemporaryPath removes the temporary path
-func RemoveTemporaryPath(basePath string) error {
-	if _, err := os.Stat(basePath); !os.IsNotExist(err) {
-		return util.RemoveAll(basePath)
+		return "", nil, fmt.Errorf("failed to create dir %s-*.git: %w", prefix, err)
 	}
-	return nil
+	return basePath, cleanup, nil
 }
diff --git a/modules/reqctx/datastore.go b/modules/reqctx/datastore.go
index d025dad7f3..1d4bee613f 100644
--- a/modules/reqctx/datastore.go
+++ b/modules/reqctx/datastore.go
@@ -6,6 +6,7 @@ package reqctx
 import (
 	"context"
 	"io"
+	"maps"
 	"sync"
 
 	"code.gitea.io/gitea/modules/process"
@@ -22,9 +23,7 @@ func (ds ContextData) GetData() ContextData {
 }
 
 func (ds ContextData) MergeFrom(other ContextData) ContextData {
-	for k, v := range other {
-		ds[k] = v
-	}
+	maps.Copy(ds, other)
 	return ds
 }
 
diff --git a/modules/session/key.go b/modules/session/key.go
new file mode 100644
index 0000000000..c3da997c67
--- /dev/null
+++ b/modules/session/key.go
@@ -0,0 +1,11 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package session
+
+const (
+	KeyUID   = "uid"
+	KeyUname = "uname"
+
+	KeyUserHasTwoFactorAuth = "userHasTwoFactorAuth"
+)
diff --git a/modules/session/mem.go b/modules/session/mem.go
new file mode 100644
index 0000000000..bb807bc91a
--- /dev/null
+++ b/modules/session/mem.go
@@ -0,0 +1,68 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package session
+
+import (
+	"bytes"
+	"encoding/gob"
+	"net/http"
+
+	"gitea.com/go-chi/session"
+)
+
+type mockMemRawStore struct {
+	s *session.MemStore
+}
+
+var _ session.RawStore = (*mockMemRawStore)(nil)
+
+func (m *mockMemRawStore) Set(k, v any) error {
+	// We need to use gob to encode the value, to make it have the same behavior as other stores and catch abuses.
+	// Because gob needs to "Register" the type before it can encode it, and it's unable to decode a struct to "any" so use a map to help to decode the value.
+	var buf bytes.Buffer
+	if err := gob.NewEncoder(&buf).Encode(map[string]any{"v": v}); err != nil {
+		return err
+	}
+	return m.s.Set(k, buf.Bytes())
+}
+
+func (m *mockMemRawStore) Get(k any) (ret any) {
+	v, ok := m.s.Get(k).([]byte)
+	if !ok {
+		return nil
+	}
+	var w map[string]any
+	_ = gob.NewDecoder(bytes.NewBuffer(v)).Decode(&w)
+	return w["v"]
+}
+
+func (m *mockMemRawStore) Delete(k any) error {
+	return m.s.Delete(k)
+}
+
+func (m *mockMemRawStore) ID() string {
+	return m.s.ID()
+}
+
+func (m *mockMemRawStore) Release() error {
+	return m.s.Release()
+}
+
+func (m *mockMemRawStore) Flush() error {
+	return m.s.Flush()
+}
+
+type mockMemStore struct {
+	*mockMemRawStore
+}
+
+var _ Store = (*mockMemStore)(nil)
+
+func (m mockMemStore) Destroy(writer http.ResponseWriter, request *http.Request) error {
+	return nil
+}
+
+func NewMockMemStore(sid string) Store {
+	return &mockMemStore{&mockMemRawStore{session.NewMemStore(sid)}}
+}
diff --git a/modules/session/mock.go b/modules/session/mock.go
deleted file mode 100644
index 95231a3655..0000000000
--- a/modules/session/mock.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package session
-
-import (
-	"net/http"
-
-	"gitea.com/go-chi/session"
-)
-
-type MockStore struct {
-	*session.MemStore
-}
-
-func (m *MockStore) Destroy(writer http.ResponseWriter, request *http.Request) error {
-	return nil
-}
-
-type mockStoreContextKeyStruct struct{}
-
-var MockStoreContextKey = mockStoreContextKeyStruct{}
-
-func NewMockStore(sid string) *MockStore {
-	return &MockStore{session.NewMemStore(sid)}
-}
diff --git a/modules/session/store.go b/modules/session/store.go
index 09d1ef44dd..0217ed97ac 100644
--- a/modules/session/store.go
+++ b/modules/session/store.go
@@ -11,25 +11,25 @@ import (
 	"gitea.com/go-chi/session"
 )
 
-// Store represents a session store
+type RawStore = session.RawStore
+
 type Store interface {
-	Get(any) any
-	Set(any, any) error
-	Delete(any) error
-	ID() string
-	Release() error
-	Flush() error
+	RawStore
 	Destroy(http.ResponseWriter, *http.Request) error
 }
 
+type mockStoreContextKeyStruct struct{}
+
+var MockStoreContextKey = mockStoreContextKeyStruct{}
+
 // RegenerateSession regenerates the underlying session and returns the new store
 func RegenerateSession(resp http.ResponseWriter, req *http.Request) (Store, error) {
 	for _, f := range BeforeRegenerateSession {
 		f(resp, req)
 	}
 	if setting.IsInTesting {
-		if store, ok := req.Context().Value(MockStoreContextKey).(*MockStore); ok {
-			return store, nil
+		if store := req.Context().Value(MockStoreContextKey); store != nil {
+			return store.(Store), nil
 		}
 	}
 	return session.RegenerateSession(resp, req)
@@ -37,8 +37,8 @@ func RegenerateSession(resp http.ResponseWriter, req *http.Request) (Store, erro
 
 func GetContextSession(req *http.Request) Store {
 	if setting.IsInTesting {
-		if store, ok := req.Context().Value(MockStoreContextKey).(*MockStore); ok {
-			return store
+		if store := req.Context().Value(MockStoreContextKey); store != nil {
+			return store.(Store)
 		}
 	}
 	return session.GetSession(req)
diff --git a/modules/session/virtual.go b/modules/session/virtual.go
index 80352b6e72..2e29b5fc6f 100644
--- a/modules/session/virtual.go
+++ b/modules/session/virtual.go
@@ -22,8 +22,8 @@ type VirtualSessionProvider struct {
 	provider session.Provider
 }
 
-// Init initializes the cookie session provider with given root path.
-func (o *VirtualSessionProvider) Init(gclifetime int64, config string) error {
+// Init initializes the cookie session provider with the given config.
+func (o *VirtualSessionProvider) Init(gcLifetime int64, config string) error {
 	var opts session.Options
 	if err := json.Unmarshal([]byte(config), &opts); err != nil {
 		return err
@@ -52,7 +52,7 @@ func (o *VirtualSessionProvider) Init(gclifetime int64, config string) error {
 	default:
 		return fmt.Errorf("VirtualSessionProvider: Unknown Provider: %s", opts.Provider)
 	}
-	return o.provider.Init(gclifetime, opts.ProviderConfig)
+	return o.provider.Init(gcLifetime, opts.ProviderConfig)
 }
 
 // Read returns raw session store by session ID.
diff --git a/modules/setting/actions.go b/modules/setting/actions.go
index 913872eaf2..8bace1f750 100644
--- a/modules/setting/actions.go
+++ b/modules/setting/actions.go
@@ -62,11 +62,11 @@ func (c logCompression) IsValid() bool {
 }
 
 func (c logCompression) IsNone() bool {
-	return strings.ToLower(string(c)) == "none"
+	return string(c) == "none"
 }
 
 func (c logCompression) IsZstd() bool {
-	return c == "" || strings.ToLower(string(c)) == "zstd"
+	return c == "" || string(c) == "zstd"
 }
 
 func loadActionsFrom(rootCfg ConfigProvider) error {
diff --git a/modules/setting/actions_test.go b/modules/setting/actions_test.go
index 3645a3f5da..353cc657fa 100644
--- a/modules/setting/actions_test.go
+++ b/modules/setting/actions_test.go
@@ -21,9 +21,9 @@ func Test_getStorageInheritNameSectionTypeForActions(t *testing.T) {
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "minio", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
 	assert.EqualValues(t, "minio", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
 
 	iniStr = `
 [storage.actions_log]
@@ -34,9 +34,9 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "minio", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
 	assert.EqualValues(t, "local", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
+	assert.Equal(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
 
 	iniStr = `
 [storage.actions_log]
@@ -50,9 +50,9 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "minio", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
 	assert.EqualValues(t, "local", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
+	assert.Equal(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
 
 	iniStr = `
 [storage.actions_artifacts]
@@ -66,9 +66,9 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "local", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
+	assert.Equal(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
 	assert.EqualValues(t, "minio", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
 
 	iniStr = `
 [storage.actions_artifacts]
@@ -82,9 +82,9 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "local", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
+	assert.Equal(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
 	assert.EqualValues(t, "minio", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
+	assert.Equal(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
 
 	iniStr = ``
 	cfg, err = NewConfigProviderFromData(iniStr)
@@ -92,9 +92,9 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadActionsFrom(cfg))
 
 	assert.EqualValues(t, "local", Actions.LogStorage.Type)
-	assert.EqualValues(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
+	assert.Equal(t, "actions_log", filepath.Base(Actions.LogStorage.Path))
 	assert.EqualValues(t, "local", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
+	assert.Equal(t, "actions_artifacts", filepath.Base(Actions.ArtifactStorage.Path))
 }
 
 func Test_getDefaultActionsURLForActions(t *testing.T) {
@@ -175,7 +175,7 @@ DEFAULT_ACTIONS_URL = gitea
 			if !tt.wantErr(t, loadActionsFrom(cfg)) {
 				return
 			}
-			assert.EqualValues(t, tt.wantURL, Actions.DefaultActionsURL.URL())
+			assert.Equal(t, tt.wantURL, Actions.DefaultActionsURL.URL())
 		})
 	}
 }
diff --git a/modules/setting/api.go b/modules/setting/api.go
index c36f05cfd1..cdad474cb9 100644
--- a/modules/setting/api.go
+++ b/modules/setting/api.go
@@ -18,6 +18,7 @@ var API = struct {
 	DefaultPagingNum       int
 	DefaultGitTreesPerPage int
 	DefaultMaxBlobSize     int64
+	DefaultMaxResponseSize int64
 }{
 	EnableSwagger:          true,
 	SwaggerURL:             "",
@@ -25,6 +26,7 @@ var API = struct {
 	DefaultPagingNum:       30,
 	DefaultGitTreesPerPage: 1000,
 	DefaultMaxBlobSize:     10485760,
+	DefaultMaxResponseSize: 104857600,
 }
 
 func loadAPIFrom(rootCfg ConfigProvider) {
diff --git a/modules/setting/attachment_test.go b/modules/setting/attachment_test.go
index 3e8d2da4d9..c566dfa60c 100644
--- a/modules/setting/attachment_test.go
+++ b/modules/setting/attachment_test.go
@@ -25,9 +25,9 @@ MINIO_ENDPOINT = my_minio:9000
 	assert.NoError(t, loadAttachmentFrom(cfg))
 
 	assert.EqualValues(t, "minio", Attachment.Storage.Type)
-	assert.EqualValues(t, "my_minio:9000", Attachment.Storage.MinioConfig.Endpoint)
-	assert.EqualValues(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "my_minio:9000", Attachment.Storage.MinioConfig.Endpoint)
+	assert.Equal(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageTypeSectionOverridesStorageSection(t *testing.T) {
@@ -47,8 +47,8 @@ MINIO_BUCKET = gitea
 	assert.NoError(t, loadAttachmentFrom(cfg))
 
 	assert.EqualValues(t, "minio", Attachment.Storage.Type)
-	assert.EqualValues(t, "gitea-minio", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-minio", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageSpecificOverridesStorage(t *testing.T) {
@@ -69,8 +69,8 @@ STORAGE_TYPE = local
 	assert.NoError(t, loadAttachmentFrom(cfg))
 
 	assert.EqualValues(t, "minio", Attachment.Storage.Type)
-	assert.EqualValues(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageGetDefaults(t *testing.T) {
@@ -80,7 +80,7 @@ func Test_getStorageGetDefaults(t *testing.T) {
 	assert.NoError(t, loadAttachmentFrom(cfg))
 
 	// default storage is local, so bucket is empty
-	assert.EqualValues(t, "", Attachment.Storage.MinioConfig.Bucket)
+	assert.Empty(t, Attachment.Storage.MinioConfig.Bucket)
 }
 
 func Test_getStorageInheritNameSectionType(t *testing.T) {
@@ -115,7 +115,7 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := Attachment.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
 }
 
 func Test_AttachmentStorage1(t *testing.T) {
@@ -128,6 +128,6 @@ STORAGE_TYPE = minio
 
 	assert.NoError(t, loadAttachmentFrom(cfg))
 	assert.EqualValues(t, "minio", Attachment.Storage.Type)
-	assert.EqualValues(t, "gitea", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 }
diff --git a/modules/setting/config_env.go b/modules/setting/config_env.go
index 5d94a9641f..409588dc44 100644
--- a/modules/setting/config_env.go
+++ b/modules/setting/config_env.go
@@ -97,7 +97,7 @@ func decodeEnvSectionKey(encoded string) (ok bool, section, key string) {
 
 // decodeEnvironmentKey decode the environment key to section and key
 // The environment key is in the form of GITEA__SECTION__KEY or GITEA__SECTION__KEY__FILE
-func decodeEnvironmentKey(prefixGitea, suffixFile, envKey string) (ok bool, section, key string, useFileValue bool) { //nolint:unparam
+func decodeEnvironmentKey(prefixGitea, suffixFile, envKey string) (ok bool, section, key string, useFileValue bool) {
 	if !strings.HasPrefix(envKey, prefixGitea) {
 		return false, "", "", false
 	}
diff --git a/modules/setting/config_env_test.go b/modules/setting/config_env_test.go
index 7d07c479a1..7d270ac21a 100644
--- a/modules/setting/config_env_test.go
+++ b/modules/setting/config_env_test.go
@@ -28,8 +28,8 @@ func TestDecodeEnvSectionKey(t *testing.T) {
 
 	ok, section, key = decodeEnvSectionKey("SEC")
 	assert.False(t, ok)
-	assert.Equal(t, "", section)
-	assert.Equal(t, "", key)
+	assert.Empty(t, section)
+	assert.Empty(t, key)
 }
 
 func TestDecodeEnvironmentKey(t *testing.T) {
@@ -38,19 +38,19 @@ func TestDecodeEnvironmentKey(t *testing.T) {
 
 	ok, section, key, file := decodeEnvironmentKey(prefix, suffix, "SEC__KEY")
 	assert.False(t, ok)
-	assert.Equal(t, "", section)
-	assert.Equal(t, "", key)
+	assert.Empty(t, section)
+	assert.Empty(t, key)
 	assert.False(t, file)
 
 	ok, section, key, file = decodeEnvironmentKey(prefix, suffix, "GITEA__SEC")
 	assert.False(t, ok)
-	assert.Equal(t, "", section)
-	assert.Equal(t, "", key)
+	assert.Empty(t, section)
+	assert.Empty(t, key)
 	assert.False(t, file)
 
 	ok, section, key, file = decodeEnvironmentKey(prefix, suffix, "GITEA____KEY")
 	assert.True(t, ok)
-	assert.Equal(t, "", section)
+	assert.Empty(t, section)
 	assert.Equal(t, "KEY", key)
 	assert.False(t, file)
 
@@ -64,8 +64,8 @@ func TestDecodeEnvironmentKey(t *testing.T) {
 	// but it could be fixed in the future by adding a new suffix like "__VALUE" (no such key VALUE is used in Gitea either)
 	ok, section, key, file = decodeEnvironmentKey(prefix, suffix, "GITEA__SEC__FILE")
 	assert.False(t, ok)
-	assert.Equal(t, "", section)
-	assert.Equal(t, "", key)
+	assert.Empty(t, section)
+	assert.Empty(t, key)
 	assert.True(t, file)
 
 	ok, section, key, file = decodeEnvironmentKey(prefix, suffix, "GITEA__SEC__KEY__FILE")
@@ -73,6 +73,9 @@ func TestDecodeEnvironmentKey(t *testing.T) {
 	assert.Equal(t, "sec", section)
 	assert.Equal(t, "KEY", key)
 	assert.True(t, file)
+
+	ok, _, _, _ = decodeEnvironmentKey("PREFIX__", "", "PREFIX__SEC__KEY")
+	assert.True(t, ok)
 }
 
 func TestEnvironmentToConfig(t *testing.T) {
diff --git a/modules/setting/config_provider.go b/modules/setting/config_provider.go
index 3138f8a63e..09eaaefdaf 100644
--- a/modules/setting/config_provider.go
+++ b/modules/setting/config_provider.go
@@ -15,7 +15,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/util"
 
-	"gopkg.in/ini.v1" //nolint:depguard
+	"gopkg.in/ini.v1" //nolint:depguard // wrapper for this package
 )
 
 type ConfigKey interface {
@@ -26,6 +26,7 @@ type ConfigKey interface {
 	In(defaultVal string, candidates []string) string
 	String() string
 	Strings(delim string) []string
+	Bool() (bool, error)
 
 	MustString(defaultVal string) string
 	MustBool(defaultVal ...bool) bool
@@ -257,7 +258,7 @@ func (p *iniConfigProvider) Save() error {
 	}
 	filename := p.file
 	if filename == "" {
-		return fmt.Errorf("config file path must not be empty")
+		return errors.New("config file path must not be empty")
 	}
 	if p.loadedFromEmpty {
 		if err := os.MkdirAll(filepath.Dir(filename), os.ModePerm); err != nil {
diff --git a/modules/setting/config_provider_test.go b/modules/setting/config_provider_test.go
index a666d124c7..63121f0074 100644
--- a/modules/setting/config_provider_test.go
+++ b/modules/setting/config_provider_test.go
@@ -62,17 +62,17 @@ key = 123
 
 	// test default behavior
 	assert.Equal(t, "123", ConfigSectionKeyString(sec, "key"))
-	assert.Equal(t, "", ConfigSectionKeyString(secSub, "key"))
+	assert.Empty(t, ConfigSectionKeyString(secSub, "key"))
 	assert.Equal(t, "def", ConfigSectionKeyString(secSub, "key", "def"))
 
 	assert.Equal(t, "123", ConfigInheritedKeyString(secSub, "key"))
 
 	// Workaround for ini package's BuggyKeyOverwritten behavior
-	assert.Equal(t, "", ConfigSectionKeyString(sec, "empty"))
-	assert.Equal(t, "", ConfigSectionKeyString(secSub, "empty"))
+	assert.Empty(t, ConfigSectionKeyString(sec, "empty"))
+	assert.Empty(t, ConfigSectionKeyString(secSub, "empty"))
 	assert.Equal(t, "def", ConfigInheritedKey(secSub, "empty").MustString("def"))
 	assert.Equal(t, "def", ConfigInheritedKey(secSub, "empty").MustString("xyz"))
-	assert.Equal(t, "", ConfigSectionKeyString(sec, "empty"))
+	assert.Empty(t, ConfigSectionKeyString(sec, "empty"))
 	assert.Equal(t, "def", ConfigSectionKeyString(secSub, "empty"))
 }
 
diff --git a/modules/setting/cron_test.go b/modules/setting/cron_test.go
index 55244d7075..39a228068a 100644
--- a/modules/setting/cron_test.go
+++ b/modules/setting/cron_test.go
@@ -38,6 +38,6 @@ EXTEND = true
 	_, err = getCronSettings(cfg, "test", extended)
 	assert.NoError(t, err)
 	assert.True(t, extended.Base)
-	assert.EqualValues(t, "white rabbit", extended.Second)
+	assert.Equal(t, "white rabbit", extended.Second)
 	assert.True(t, extended.Extend)
 }
diff --git a/modules/setting/git_test.go b/modules/setting/git_test.go
index 441c514d8c..0d7f634abf 100644
--- a/modules/setting/git_test.go
+++ b/modules/setting/git_test.go
@@ -6,6 +6,8 @@ package setting
 import (
 	"testing"
 
+	"code.gitea.io/gitea/modules/test"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -23,8 +25,8 @@ a.b = 1
 `)
 	assert.NoError(t, err)
 	loadGitFrom(cfg)
-	assert.EqualValues(t, "1", GitConfig.Options["a.b"])
-	assert.EqualValues(t, "histogram", GitConfig.Options["diff.algorithm"])
+	assert.Equal(t, "1", GitConfig.Options["a.b"])
+	assert.Equal(t, "histogram", GitConfig.Options["diff.algorithm"])
 
 	cfg, err = NewConfigProviderFromData(`
 [git.config]
@@ -32,24 +34,20 @@ diff.algorithm = other
 `)
 	assert.NoError(t, err)
 	loadGitFrom(cfg)
-	assert.EqualValues(t, "other", GitConfig.Options["diff.algorithm"])
+	assert.Equal(t, "other", GitConfig.Options["diff.algorithm"])
 }
 
 func TestGitReflog(t *testing.T) {
-	oldGit := Git
-	oldGitConfig := GitConfig
-	defer func() {
-		Git = oldGit
-		GitConfig = oldGitConfig
-	}()
+	defer test.MockVariableValue(&Git)
+	defer test.MockVariableValue(&GitConfig)
 
 	// default reflog config without legacy options
 	cfg, err := NewConfigProviderFromData(``)
 	assert.NoError(t, err)
 	loadGitFrom(cfg)
 
-	assert.EqualValues(t, "true", GitConfig.GetOption("core.logAllRefUpdates"))
-	assert.EqualValues(t, "90", GitConfig.GetOption("gc.reflogExpire"))
+	assert.Equal(t, "true", GitConfig.GetOption("core.logAllRefUpdates"))
+	assert.Equal(t, "90", GitConfig.GetOption("gc.reflogExpire"))
 
 	// custom reflog config by legacy options
 	cfg, err = NewConfigProviderFromData(`
@@ -60,6 +58,6 @@ EXPIRATION = 123
 	assert.NoError(t, err)
 	loadGitFrom(cfg)
 
-	assert.EqualValues(t, "false", GitConfig.GetOption("core.logAllRefUpdates"))
-	assert.EqualValues(t, "123", GitConfig.GetOption("gc.reflogExpire"))
+	assert.Equal(t, "false", GitConfig.GetOption("core.logAllRefUpdates"))
+	assert.Equal(t, "123", GitConfig.GetOption("gc.reflogExpire"))
 }
diff --git a/modules/setting/global_lock_test.go b/modules/setting/global_lock_test.go
index 5eeb275523..5e15eb3483 100644
--- a/modules/setting/global_lock_test.go
+++ b/modules/setting/global_lock_test.go
@@ -16,7 +16,7 @@ func TestLoadGlobalLockConfig(t *testing.T) {
 		assert.NoError(t, err)
 
 		loadGlobalLockFrom(cfg)
-		assert.EqualValues(t, "memory", GlobalLock.ServiceType)
+		assert.Equal(t, "memory", GlobalLock.ServiceType)
 	})
 
 	t.Run("RedisGlobalLockConfig", func(t *testing.T) {
@@ -29,7 +29,7 @@ SERVICE_CONN_STR = addrs=127.0.0.1:6379 db=0
 		assert.NoError(t, err)
 
 		loadGlobalLockFrom(cfg)
-		assert.EqualValues(t, "redis", GlobalLock.ServiceType)
-		assert.EqualValues(t, "addrs=127.0.0.1:6379 db=0", GlobalLock.ServiceConnStr)
+		assert.Equal(t, "redis", GlobalLock.ServiceType)
+		assert.Equal(t, "addrs=127.0.0.1:6379 db=0", GlobalLock.ServiceConnStr)
 	})
 }
diff --git a/modules/setting/incoming_email.go b/modules/setting/incoming_email.go
index bf81f292a2..4e433dde60 100644
--- a/modules/setting/incoming_email.go
+++ b/modules/setting/incoming_email.go
@@ -4,6 +4,7 @@
 package setting
 
 import (
+	"errors"
 	"fmt"
 	"net/mail"
 	"strings"
@@ -50,7 +51,7 @@ func checkReplyToAddress() error {
 	}
 
 	if parsed.Name != "" {
-		return fmt.Errorf("name must not be set")
+		return errors.New("name must not be set")
 	}
 
 	c := strings.Count(IncomingEmail.ReplyToAddress, IncomingEmail.TokenPlaceholder)
diff --git a/modules/setting/indexer.go b/modules/setting/indexer.go
index e34baae012..ace7eec70e 100644
--- a/modules/setting/indexer.go
+++ b/modules/setting/indexer.go
@@ -96,7 +96,7 @@ func loadIndexerFrom(rootCfg ConfigProvider) {
 // IndexerGlobFromString parses a comma separated list of patterns and returns a glob.Glob slice suited for repo indexing
 func IndexerGlobFromString(globstr string) []*GlobMatcher {
 	extarr := make([]*GlobMatcher, 0, 10)
-	for _, expr := range strings.Split(strings.ToLower(globstr), ",") {
+	for expr := range strings.SplitSeq(strings.ToLower(globstr), ",") {
 		expr = strings.TrimSpace(expr)
 		if expr != "" {
 			if g, err := GlobMatcherCompile(expr, '.', '/'); err != nil {
diff --git a/modules/setting/lfs_test.go b/modules/setting/lfs_test.go
index d27dd7c5bf..1b829d8839 100644
--- a/modules/setting/lfs_test.go
+++ b/modules/setting/lfs_test.go
@@ -19,7 +19,7 @@ func Test_getStorageInheritNameSectionTypeForLFS(t *testing.T) {
 	assert.NoError(t, loadLFSFrom(cfg))
 
 	assert.EqualValues(t, "minio", LFS.Storage.Type)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 
 	iniStr = `
 [server]
@@ -54,7 +54,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadLFSFrom(cfg))
 
 	assert.EqualValues(t, "minio", LFS.Storage.Type)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 
 	iniStr = `
 [lfs]
@@ -68,7 +68,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadLFSFrom(cfg))
 
 	assert.EqualValues(t, "minio", LFS.Storage.Type)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 
 	iniStr = `
 [lfs]
@@ -83,7 +83,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadLFSFrom(cfg))
 
 	assert.EqualValues(t, "minio", LFS.Storage.Type)
-	assert.EqualValues(t, "my_lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "my_lfs/", LFS.Storage.MinioConfig.BasePath)
 }
 
 func Test_LFSStorage1(t *testing.T) {
@@ -96,8 +96,8 @@ STORAGE_TYPE = minio
 
 	assert.NoError(t, loadLFSFrom(cfg))
 	assert.EqualValues(t, "minio", LFS.Storage.Type)
-	assert.EqualValues(t, "gitea", LFS.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", LFS.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 }
 
 func Test_LFSClientServerConfigs(t *testing.T) {
@@ -112,9 +112,9 @@ BATCH_SIZE = 0
 	assert.NoError(t, err)
 
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, 100, LFS.MaxBatchSize)
-	assert.EqualValues(t, 20, LFSClient.BatchSize)
-	assert.EqualValues(t, 8, LFSClient.BatchOperationConcurrency)
+	assert.Equal(t, 100, LFS.MaxBatchSize)
+	assert.Equal(t, 20, LFSClient.BatchSize)
+	assert.Equal(t, 8, LFSClient.BatchOperationConcurrency)
 
 	iniStr = `
 [lfs_client]
@@ -125,6 +125,6 @@ BATCH_OPERATION_CONCURRENCY = 10
 	assert.NoError(t, err)
 
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, 50, LFSClient.BatchSize)
-	assert.EqualValues(t, 10, LFSClient.BatchOperationConcurrency)
+	assert.Equal(t, 50, LFSClient.BatchSize)
+	assert.Equal(t, 10, LFSClient.BatchOperationConcurrency)
 }
diff --git a/modules/setting/log.go b/modules/setting/log.go
index 50c5779994..59866c7605 100644
--- a/modules/setting/log.go
+++ b/modules/setting/log.go
@@ -7,7 +7,6 @@ import (
 	"fmt"
 	golog "log"
 	"os"
-	"path"
 	"path/filepath"
 	"strings"
 
@@ -41,7 +40,7 @@ func loadLogGlobalFrom(rootCfg ConfigProvider) {
 	Log.BufferLen = sec.Key("BUFFER_LEN").MustInt(10000)
 	Log.Mode = sec.Key("MODE").MustString("console")
 
-	Log.RootPath = sec.Key("ROOT_PATH").MustString(path.Join(AppWorkPath, "log"))
+	Log.RootPath = sec.Key("ROOT_PATH").MustString(filepath.Join(AppWorkPath, "log"))
 	if !filepath.IsAbs(Log.RootPath) {
 		Log.RootPath = filepath.Join(AppWorkPath, Log.RootPath)
 	}
@@ -228,8 +227,8 @@ func initLoggerByName(manager *log.LoggerManager, rootCfg ConfigProvider, logger
 	}
 
 	var eventWriters []log.EventWriter
-	modes := strings.Split(modeVal, ",")
-	for _, modeName := range modes {
+	modes := strings.SplitSeq(modeVal, ",")
+	for modeName := range modes {
 		modeName = strings.TrimSpace(modeName)
 		if modeName == "" {
 			continue
diff --git a/modules/setting/mailer_test.go b/modules/setting/mailer_test.go
index fbabf11378..ceef35b051 100644
--- a/modules/setting/mailer_test.go
+++ b/modules/setting/mailer_test.go
@@ -34,8 +34,8 @@ func Test_loadMailerFrom(t *testing.T) {
 			// Check mailer setting
 			loadMailerFrom(cfg)
 
-			assert.EqualValues(t, kase.SMTPAddr, MailService.SMTPAddr)
-			assert.EqualValues(t, kase.SMTPPort, MailService.SMTPPort)
+			assert.Equal(t, kase.SMTPAddr, MailService.SMTPAddr)
+			assert.Equal(t, kase.SMTPPort, MailService.SMTPPort)
 		})
 	}
 }
diff --git a/modules/setting/markup.go b/modules/setting/markup.go
index dfce8afa77..057b0650c3 100644
--- a/modules/setting/markup.go
+++ b/modules/setting/markup.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // ExternalMarkupRenderers represents the external markup renderers
@@ -23,18 +24,33 @@ const (
 	RenderContentModeIframe      = "iframe"
 )
 
+type MarkdownRenderOptions struct {
+	NewLineHardBreak  bool
+	ShortIssuePattern bool // Actually it is a "markup" option because it is used in "post processor"
+}
+
+type MarkdownMathCodeBlockOptions struct {
+	ParseInlineDollar        bool
+	ParseInlineParentheses   bool
+	ParseBlockDollar         bool
+	ParseBlockSquareBrackets bool
+}
+
 // Markdown settings
 var Markdown = struct {
-	EnableHardLineBreakInComments  bool
-	EnableHardLineBreakInDocuments bool
-	CustomURLSchemes               []string `ini:"CUSTOM_URL_SCHEMES"`
-	FileExtensions                 []string
-	EnableMath                     bool
+	RenderOptionsComment  MarkdownRenderOptions `ini:"-"`
+	RenderOptionsWiki     MarkdownRenderOptions `ini:"-"`
+	RenderOptionsRepoFile MarkdownRenderOptions `ini:"-"`
+
+	CustomURLSchemes []string `ini:"CUSTOM_URL_SCHEMES"` // Actually it is a "markup" option because it is used in "post processor"
+	FileExtensions   []string
+
+	EnableMath             bool
+	MathCodeBlockDetection []string
+	MathCodeBlockOptions   MarkdownMathCodeBlockOptions `ini:"-"`
 }{
-	EnableHardLineBreakInComments:  true,
-	EnableHardLineBreakInDocuments: false,
-	FileExtensions:                 strings.Split(".md,.markdown,.mdown,.mkd,.livemd", ","),
-	EnableMath:                     true,
+	FileExtensions: strings.Split(".md,.markdown,.mdown,.mkd,.livemd", ","),
+	EnableMath:     true,
 }
 
 // MarkupRenderer defines the external parser configured in ini
@@ -60,8 +76,58 @@ type MarkupSanitizerRule struct {
 
 func loadMarkupFrom(rootCfg ConfigProvider) {
 	mustMapSetting(rootCfg, "markdown", &Markdown)
+	const none = "none"
+
+	const renderOptionShortIssuePattern = "short-issue-pattern"
+	const renderOptionNewLineHardBreak = "new-line-hard-break"
+	cfgMarkdown := rootCfg.Section("markdown")
+	parseMarkdownRenderOptions := func(key string, defaults []string) (ret MarkdownRenderOptions) {
+		options := cfgMarkdown.Key(key).Strings(",")
+		options = util.IfEmpty(options, defaults)
+		for _, opt := range options {
+			switch opt {
+			case renderOptionShortIssuePattern:
+				ret.ShortIssuePattern = true
+			case renderOptionNewLineHardBreak:
+				ret.NewLineHardBreak = true
+			case none:
+				ret = MarkdownRenderOptions{}
+			case "":
+			default:
+				log.Error("Unknown markdown render option in %s: %s", key, opt)
+			}
+		}
+		return ret
+	}
+	Markdown.RenderOptionsComment = parseMarkdownRenderOptions("RENDER_OPTIONS_COMMENT", []string{renderOptionShortIssuePattern, renderOptionNewLineHardBreak})
+	Markdown.RenderOptionsWiki = parseMarkdownRenderOptions("RENDER_OPTIONS_WIKI", []string{renderOptionShortIssuePattern})
+	Markdown.RenderOptionsRepoFile = parseMarkdownRenderOptions("RENDER_OPTIONS_REPO_FILE", nil)
+
+	const mathCodeInlineDollar = "inline-dollar"
+	const mathCodeInlineParentheses = "inline-parentheses"
+	const mathCodeBlockDollar = "block-dollar"
+	const mathCodeBlockSquareBrackets = "block-square-brackets"
+	Markdown.MathCodeBlockDetection = util.IfEmpty(Markdown.MathCodeBlockDetection, []string{mathCodeInlineDollar, mathCodeBlockDollar})
+	Markdown.MathCodeBlockOptions = MarkdownMathCodeBlockOptions{}
+	for _, s := range Markdown.MathCodeBlockDetection {
+		switch s {
+		case mathCodeInlineDollar:
+			Markdown.MathCodeBlockOptions.ParseInlineDollar = true
+		case mathCodeInlineParentheses:
+			Markdown.MathCodeBlockOptions.ParseInlineParentheses = true
+		case mathCodeBlockDollar:
+			Markdown.MathCodeBlockOptions.ParseBlockDollar = true
+		case mathCodeBlockSquareBrackets:
+			Markdown.MathCodeBlockOptions.ParseBlockSquareBrackets = true
+		case none:
+			Markdown.MathCodeBlockOptions = MarkdownMathCodeBlockOptions{}
+		case "":
+		default:
+			log.Error("Unknown math code block detection option: %s", s)
+		}
+	}
 
-	MermaidMaxSourceCharacters = rootCfg.Section("markup").Key("MERMAID_MAX_SOURCE_CHARACTERS").MustInt(5000)
+	MermaidMaxSourceCharacters = rootCfg.Section("markup").Key("MERMAID_MAX_SOURCE_CHARACTERS").MustInt(50000)
 	ExternalMarkupRenderers = make([]*MarkupRenderer, 0, 10)
 	ExternalSanitizerRules = make([]MarkupSanitizerRule, 0, 10)
 
@@ -83,8 +149,8 @@ func loadMarkupFrom(rootCfg ConfigProvider) {
 func newMarkupSanitizer(name string, sec ConfigSection) {
 	rule, ok := createMarkupSanitizerRule(name, sec)
 	if ok {
-		if strings.HasPrefix(name, "sanitizer.") {
-			names := strings.SplitN(strings.TrimPrefix(name, "sanitizer."), ".", 2)
+		if after, found := strings.CutPrefix(name, "sanitizer."); found {
+			names := strings.SplitN(after, ".", 2)
 			name = names[0]
 		}
 		for _, renderer := range ExternalMarkupRenderers {
diff --git a/modules/setting/markup_test.go b/modules/setting/markup_test.go
new file mode 100644
index 0000000000..c47a38ce15
--- /dev/null
+++ b/modules/setting/markup_test.go
@@ -0,0 +1,51 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestLoadMarkup(t *testing.T) {
+	cfg, _ := NewConfigProviderFromData(``)
+	loadMarkupFrom(cfg)
+	assert.Equal(t, MarkdownMathCodeBlockOptions{ParseInlineDollar: true, ParseBlockDollar: true}, Markdown.MathCodeBlockOptions)
+	assert.Equal(t, MarkdownRenderOptions{NewLineHardBreak: true, ShortIssuePattern: true}, Markdown.RenderOptionsComment)
+	assert.Equal(t, MarkdownRenderOptions{ShortIssuePattern: true}, Markdown.RenderOptionsWiki)
+	assert.Equal(t, MarkdownRenderOptions{}, Markdown.RenderOptionsRepoFile)
+
+	t.Run("Math", func(t *testing.T) {
+		cfg, _ = NewConfigProviderFromData(`
+[markdown]
+MATH_CODE_BLOCK_DETECTION = none
+`)
+		loadMarkupFrom(cfg)
+		assert.Equal(t, MarkdownMathCodeBlockOptions{}, Markdown.MathCodeBlockOptions)
+
+		cfg, _ = NewConfigProviderFromData(`
+[markdown]
+MATH_CODE_BLOCK_DETECTION = inline-dollar, inline-parentheses, block-dollar, block-square-brackets
+`)
+		loadMarkupFrom(cfg)
+		assert.Equal(t, MarkdownMathCodeBlockOptions{ParseInlineDollar: true, ParseInlineParentheses: true, ParseBlockDollar: true, ParseBlockSquareBrackets: true}, Markdown.MathCodeBlockOptions)
+	})
+
+	t.Run("Render", func(t *testing.T) {
+		cfg, _ = NewConfigProviderFromData(`
+[markdown]
+RENDER_OPTIONS_COMMENT = none
+`)
+		loadMarkupFrom(cfg)
+		assert.Equal(t, MarkdownRenderOptions{}, Markdown.RenderOptionsComment)
+
+		cfg, _ = NewConfigProviderFromData(`
+[markdown]
+RENDER_OPTIONS_REPO_FILE = short-issue-pattern, new-line-hard-break
+`)
+		loadMarkupFrom(cfg)
+		assert.Equal(t, MarkdownRenderOptions{NewLineHardBreak: true, ShortIssuePattern: true}, Markdown.RenderOptionsRepoFile)
+	})
+}
diff --git a/modules/setting/mirror.go b/modules/setting/mirror.go
index 3aa530a1f4..300711789d 100644
--- a/modules/setting/mirror.go
+++ b/modules/setting/mirror.go
@@ -48,11 +48,7 @@ func loadMirrorFrom(rootCfg ConfigProvider) {
 		Mirror.MinInterval = 1 * time.Minute
 	}
 	if Mirror.DefaultInterval < Mirror.MinInterval {
-		if time.Hour*8 < Mirror.MinInterval {
-			Mirror.DefaultInterval = Mirror.MinInterval
-		} else {
-			Mirror.DefaultInterval = time.Hour * 8
-		}
+		Mirror.DefaultInterval = max(time.Hour*8, Mirror.MinInterval)
 		log.Warn("Mirror.DefaultInterval is less than Mirror.MinInterval, set to %s", Mirror.DefaultInterval.String())
 	}
 }
diff --git a/modules/setting/oauth2.go b/modules/setting/oauth2.go
index 0d3e63e0b4..1a88f3cb08 100644
--- a/modules/setting/oauth2.go
+++ b/modules/setting/oauth2.go
@@ -12,7 +12,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 )
 
-// OAuth2UsernameType is enum describing the way gitea 'name' should be generated from oauth2 data
+// OAuth2UsernameType is enum describing the way gitea generates its 'username' from oauth2 data
 type OAuth2UsernameType string
 
 const (
diff --git a/modules/setting/oauth2_test.go b/modules/setting/oauth2_test.go
index d0e5ccf13d..c6e66cad02 100644
--- a/modules/setting/oauth2_test.go
+++ b/modules/setting/oauth2_test.go
@@ -31,7 +31,7 @@ JWT_SECRET = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
 	actual := GetGeneralTokenSigningSecret()
 	expected, _ := generate.DecodeJwtSecretBase64("BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB")
 	assert.Len(t, actual, 32)
-	assert.EqualValues(t, expected, actual)
+	assert.Equal(t, expected, actual)
 }
 
 func TestGetGeneralSigningSecretSave(t *testing.T) {
diff --git a/modules/setting/packages.go b/modules/setting/packages.go
index 3f618cfd64..b598424064 100644
--- a/modules/setting/packages.go
+++ b/modules/setting/packages.go
@@ -6,8 +6,6 @@ package setting
 import (
 	"fmt"
 	"math"
-	"os"
-	"path/filepath"
 
 	"github.com/dustin/go-humanize"
 )
@@ -15,9 +13,8 @@ import (
 // Package registry settings
 var (
 	Packages = struct {
-		Storage           *Storage
-		Enabled           bool
-		ChunkedUploadPath string
+		Storage *Storage
+		Enabled bool
 
 		LimitTotalOwnerCount int64
 		LimitTotalOwnerSize  int64
@@ -67,17 +64,6 @@ func loadPackagesFrom(rootCfg ConfigProvider) (err error) {
 		return err
 	}
 
-	Packages.ChunkedUploadPath = filepath.ToSlash(sec.Key("CHUNKED_UPLOAD_PATH").MustString("tmp/package-upload"))
-	if !filepath.IsAbs(Packages.ChunkedUploadPath) {
-		Packages.ChunkedUploadPath = filepath.ToSlash(filepath.Join(AppDataPath, Packages.ChunkedUploadPath))
-	}
-
-	if HasInstallLock(rootCfg) {
-		if err := os.MkdirAll(Packages.ChunkedUploadPath, os.ModePerm); err != nil {
-			return fmt.Errorf("unable to create chunked upload directory: %s (%v)", Packages.ChunkedUploadPath, err)
-		}
-	}
-
 	Packages.LimitTotalOwnerSize = mustBytes(sec, "LIMIT_TOTAL_OWNER_SIZE")
 	Packages.LimitSizeAlpine = mustBytes(sec, "LIMIT_SIZE_ALPINE")
 	Packages.LimitSizeArch = mustBytes(sec, "LIMIT_SIZE_ARCH")
diff --git a/modules/setting/packages_test.go b/modules/setting/packages_test.go
index 87de276041..47378f35ad 100644
--- a/modules/setting/packages_test.go
+++ b/modules/setting/packages_test.go
@@ -41,7 +41,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadPackagesFrom(cfg))
 
 	assert.EqualValues(t, "minio", Packages.Storage.Type)
-	assert.EqualValues(t, "packages/", Packages.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "packages/", Packages.Storage.MinioConfig.BasePath)
 
 	// we can also configure packages storage directly
 	iniStr = `
@@ -53,7 +53,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadPackagesFrom(cfg))
 
 	assert.EqualValues(t, "minio", Packages.Storage.Type)
-	assert.EqualValues(t, "packages/", Packages.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "packages/", Packages.Storage.MinioConfig.BasePath)
 
 	// or we can indicate the storage type in the packages section
 	iniStr = `
@@ -68,7 +68,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadPackagesFrom(cfg))
 
 	assert.EqualValues(t, "minio", Packages.Storage.Type)
-	assert.EqualValues(t, "packages/", Packages.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "packages/", Packages.Storage.MinioConfig.BasePath)
 
 	// or we can indicate the storage type  and minio base path in the packages section
 	iniStr = `
@@ -84,7 +84,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadPackagesFrom(cfg))
 
 	assert.EqualValues(t, "minio", Packages.Storage.Type)
-	assert.EqualValues(t, "my_packages/", Packages.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "my_packages/", Packages.Storage.MinioConfig.BasePath)
 }
 
 func Test_PackageStorage1(t *testing.T) {
@@ -109,8 +109,8 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := Packages.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "packages/", storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "packages/", storage.MinioConfig.BasePath)
 	assert.True(t, storage.MinioConfig.ServeDirect)
 }
 
@@ -136,8 +136,8 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := Packages.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "packages/", storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "packages/", storage.MinioConfig.BasePath)
 	assert.True(t, storage.MinioConfig.ServeDirect)
 }
 
@@ -164,8 +164,8 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := Packages.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "my_packages/", storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "my_packages/", storage.MinioConfig.BasePath)
 	assert.True(t, storage.MinioConfig.ServeDirect)
 }
 
@@ -192,7 +192,7 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := Packages.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "my_packages/", storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "my_packages/", storage.MinioConfig.BasePath)
 	assert.True(t, storage.MinioConfig.ServeDirect)
 }
diff --git a/modules/setting/path.go b/modules/setting/path.go
index 0fdc305aa1..f51457a620 100644
--- a/modules/setting/path.go
+++ b/modules/setting/path.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/tempdir"
 )
 
 var (
@@ -196,3 +197,18 @@ func InitWorkPathAndCfgProvider(getEnvFn func(name string) string, args ArgWorkP
 	CustomPath = tmpCustomPath.Value
 	CustomConf = tmpCustomConf.Value
 }
+
+// AppDataTempDir returns a managed temporary directory for the application data.
+// Using empty sub will get the managed base temp directory, and it's safe to delete it.
+// Gitea only creates subdirectories under it, but not the APP_TEMP_PATH directory itself.
+// * When APP_TEMP_PATH="/tmp": the managed temp directory is "/tmp/gitea-tmp"
+// * When APP_TEMP_PATH is not set: the managed temp directory is "/{APP_DATA_PATH}/tmp"
+func AppDataTempDir(sub string) *tempdir.TempDir {
+	if appTempPathInternal != "" {
+		return tempdir.New(appTempPathInternal, "gitea-tmp/"+sub)
+	}
+	if AppDataPath == "" {
+		panic("setting.AppDataPath is not set")
+	}
+	return tempdir.New(AppDataPath, "tmp/"+sub)
+}
diff --git a/modules/setting/repository.go b/modules/setting/repository.go
index c5619d0f04..318cf41108 100644
--- a/modules/setting/repository.go
+++ b/modules/setting/repository.go
@@ -5,7 +5,6 @@ package setting
 
 import (
 	"os/exec"
-	"path"
 	"path/filepath"
 	"strings"
 
@@ -63,17 +62,11 @@ var (
 		// Repository upload settings
 		Upload struct {
 			Enabled      bool
-			TempPath     string
 			AllowedTypes string
 			FileMaxSize  int64
 			MaxFiles     int
 		} `ini:"-"`
 
-		// Repository local settings
-		Local struct {
-			LocalCopyPath string
-		} `ini:"-"`
-
 		// Pull request settings
 		PullRequest struct {
 			WorkInProgressPrefixes                   []string
@@ -89,6 +82,7 @@ var (
 			AddCoCommitterTrailers                   bool
 			TestConflictingPatchesWithGitApply       bool
 			RetargetChildrenOnMerge                  bool
+			DelayCheckForInactiveDays                int
 		} `ini:"repository.pull-request"`
 
 		// Issue Setting
@@ -106,11 +100,13 @@ var (
 			SigningKey        string
 			SigningName       string
 			SigningEmail      string
+			SigningFormat     string
 			InitialCommit     []string
 			CRUDActions       []string `ini:"CRUD_ACTIONS"`
 			Merges            []string
 			Wiki              []string
 			DefaultTrustModel string
+			TrustedSSHKeys    []string `ini:"TRUSTED_SSH_KEYS"`
 		} `ini:"repository.signing"`
 	}{
 		DetectedCharsetsOrder: []string{
@@ -182,25 +178,16 @@ var (
 		// Repository upload settings
 		Upload: struct {
 			Enabled      bool
-			TempPath     string
 			AllowedTypes string
 			FileMaxSize  int64
 			MaxFiles     int
 		}{
 			Enabled:      true,
-			TempPath:     "data/tmp/uploads",
 			AllowedTypes: "",
 			FileMaxSize:  50,
 			MaxFiles:     5,
 		},
 
-		// Repository local settings
-		Local: struct {
-			LocalCopyPath string
-		}{
-			LocalCopyPath: "tmp/local-repo",
-		},
-
 		// Pull request settings
 		PullRequest: struct {
 			WorkInProgressPrefixes                   []string
@@ -216,6 +203,7 @@ var (
 			AddCoCommitterTrailers                   bool
 			TestConflictingPatchesWithGitApply       bool
 			RetargetChildrenOnMerge                  bool
+			DelayCheckForInactiveDays                int
 		}{
 			WorkInProgressPrefixes: []string{"WIP:", "[WIP]"},
 			// Same as GitHub. See
@@ -231,6 +219,7 @@ var (
 			PopulateSquashCommentWithCommitMessages:  false,
 			AddCoCommitterTrailers:                   true,
 			RetargetChildrenOnMerge:                  true,
+			DelayCheckForInactiveDays:                7,
 		},
 
 		// Issue settings
@@ -255,20 +244,24 @@ var (
 			SigningKey        string
 			SigningName       string
 			SigningEmail      string
+			SigningFormat     string
 			InitialCommit     []string
 			CRUDActions       []string `ini:"CRUD_ACTIONS"`
 			Merges            []string
 			Wiki              []string
 			DefaultTrustModel string
+			TrustedSSHKeys    []string `ini:"TRUSTED_SSH_KEYS"`
 		}{
 			SigningKey:        "default",
 			SigningName:       "",
 			SigningEmail:      "",
+			SigningFormat:     "openpgp", // git.SigningKeyFormatOpenPGP
 			InitialCommit:     []string{"always"},
 			CRUDActions:       []string{"pubkey", "twofa", "parentsigned"},
 			Merges:            []string{"pubkey", "twofa", "basesigned", "commitssigned"},
 			Wiki:              []string{"never"},
 			DefaultTrustModel: "collaborator",
+			TrustedSSHKeys:    []string{},
 		},
 	}
 	RepoRootPath string
@@ -284,7 +277,7 @@ func loadRepositoryFrom(rootCfg ConfigProvider) {
 	Repository.GoGetCloneURLProtocol = sec.Key("GO_GET_CLONE_URL_PROTOCOL").MustString("https")
 	Repository.MaxCreationLimit = sec.Key("MAX_CREATION_LIMIT").MustInt(-1)
 	Repository.DefaultBranch = sec.Key("DEFAULT_BRANCH").MustString(Repository.DefaultBranch)
-	RepoRootPath = sec.Key("ROOT").MustString(path.Join(AppDataPath, "gitea-repositories"))
+	RepoRootPath = sec.Key("ROOT").MustString(filepath.Join(AppDataPath, "gitea-repositories"))
 	if !filepath.IsAbs(RepoRootPath) {
 		RepoRootPath = filepath.Join(AppWorkPath, RepoRootPath)
 	} else {
@@ -309,8 +302,6 @@ func loadRepositoryFrom(rootCfg ConfigProvider) {
 		log.Fatal("Failed to map Repository.Editor settings: %v", err)
 	} else if err = rootCfg.Section("repository.upload").MapTo(&Repository.Upload); err != nil {
 		log.Fatal("Failed to map Repository.Upload settings: %v", err)
-	} else if err = rootCfg.Section("repository.local").MapTo(&Repository.Local); err != nil {
-		log.Fatal("Failed to map Repository.Local settings: %v", err)
 	} else if err = rootCfg.Section("repository.pull-request").MapTo(&Repository.PullRequest); err != nil {
 		log.Fatal("Failed to map Repository.PullRequest settings: %v", err)
 	}
@@ -362,10 +353,6 @@ func loadRepositoryFrom(rootCfg ConfigProvider) {
 		}
 	}
 
-	if !filepath.IsAbs(Repository.Upload.TempPath) {
-		Repository.Upload.TempPath = path.Join(AppWorkPath, Repository.Upload.TempPath)
-	}
-
 	if err := loadRepoArchiveFrom(rootCfg); err != nil {
 		log.Fatal("loadRepoArchiveFrom: %v", err)
 	}
diff --git a/modules/setting/repository_archive_test.go b/modules/setting/repository_archive_test.go
index a0f91f0da1..d5b95272d6 100644
--- a/modules/setting/repository_archive_test.go
+++ b/modules/setting/repository_archive_test.go
@@ -20,7 +20,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 
 	assert.EqualValues(t, "minio", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	// we can also configure packages storage directly
 	iniStr = `
@@ -32,7 +32,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 
 	assert.EqualValues(t, "minio", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	// or we can indicate the storage type in the packages section
 	iniStr = `
@@ -47,7 +47,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 
 	assert.EqualValues(t, "minio", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	// or we can indicate the storage type  and minio base path in the packages section
 	iniStr = `
@@ -63,7 +63,7 @@ STORAGE_TYPE = minio
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 
 	assert.EqualValues(t, "minio", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "my_archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "my_archive/", RepoArchive.Storage.MinioConfig.BasePath)
 }
 
 func Test_RepoArchiveStorage(t *testing.T) {
@@ -85,7 +85,7 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage := RepoArchive.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
 
 	iniStr = `
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -107,5 +107,5 @@ MINIO_SECRET_ACCESS_KEY = correct_key
 	storage = RepoArchive.Storage
 
 	assert.EqualValues(t, "minio", storage.Type)
-	assert.EqualValues(t, "gitea", storage.MinioConfig.Bucket)
+	assert.Equal(t, "gitea", storage.MinioConfig.Bucket)
 }
diff --git a/modules/setting/security.go b/modules/setting/security.go
index 2f798b75c7..153b6bc944 100644
--- a/modules/setting/security.go
+++ b/modules/setting/security.go
@@ -39,6 +39,7 @@ var (
 	CSRFCookieName                     = "_csrf"
 	CSRFCookieHTTPOnly                 = true
 	RecordUserSignupMetadata           = false
+	TwoFactorAuthEnforced              = false
 )
 
 // loadSecret load the secret from ini by uriKey or verbatimKey, only one of them could be set
@@ -110,7 +111,7 @@ func loadSecurityFrom(rootCfg ConfigProvider) {
 	if SecretKey == "" {
 		// FIXME: https://github.com/go-gitea/gitea/issues/16832
 		// Until it supports rotating an existing secret key, we shouldn't move users off of the widely used default value
-		SecretKey = "!#@FDEWREWR&*(" //nolint:gosec
+		SecretKey = "!#@FDEWREWR&*("
 	}
 
 	CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible")
@@ -142,6 +143,15 @@ func loadSecurityFrom(rootCfg ConfigProvider) {
 	PasswordCheckPwn = sec.Key("PASSWORD_CHECK_PWN").MustBool(false)
 	SuccessfulTokensCacheSize = sec.Key("SUCCESSFUL_TOKENS_CACHE_SIZE").MustInt(20)
 
+	twoFactorAuth := sec.Key("TWO_FACTOR_AUTH").String()
+	switch twoFactorAuth {
+	case "":
+	case "enforced":
+		TwoFactorAuthEnforced = true
+	default:
+		log.Fatal("Invalid two-factor auth option: %s", twoFactorAuth)
+	}
+
 	InternalToken = loadSecret(sec, "INTERNAL_TOKEN_URI", "INTERNAL_TOKEN")
 	if InstallLock && InternalToken == "" {
 		// if Gitea has been installed but the InternalToken hasn't been generated (upgrade from an old release), we should generate
diff --git a/modules/setting/server.go b/modules/setting/server.go
index e15b790906..38e166e02a 100644
--- a/modules/setting/server.go
+++ b/modules/setting/server.go
@@ -7,6 +7,7 @@ import (
 	"encoding/base64"
 	"net"
 	"net/url"
+	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
@@ -40,28 +41,47 @@ const (
 	LandingPageLogin         LandingPage = "/user/login"
 )
 
+const (
+	PublicURLAuto   = "auto"
+	PublicURLLegacy = "legacy"
+)
+
 // Server settings
 var (
 	// AppURL is the Application ROOT_URL. It always has a '/' suffix
 	// It maps to ini:"ROOT_URL"
 	AppURL string
-	// AppSubURL represents the sub-url mounting point for gitea. It is either "" or starts with '/' and ends without '/', such as '/{subpath}'.
+
+	// PublicURLDetection controls how to use the HTTP request headers to detect public URL
+	PublicURLDetection string
+
+	// AppSubURL represents the sub-url mounting point for gitea, parsed from "ROOT_URL"
+	// It is either "" or starts with '/' and ends without '/', such as '/{sub-path}'.
 	// This value is empty if site does not have sub-url.
 	AppSubURL string
-	// UseSubURLPath makes Gitea handle requests with sub-path like "/sub-path/owner/repo/...", to make it easier to debug sub-path related problems without a reverse proxy.
+
+	// UseSubURLPath makes Gitea handle requests with sub-path like "/sub-path/owner/repo/...",
+	// to make it easier to debug sub-path related problems without a reverse proxy.
 	UseSubURLPath bool
+
 	// AppDataPath is the default path for storing data.
 	// It maps to ini:"APP_DATA_PATH" in [server] and defaults to AppWorkPath + "/data"
 	AppDataPath string
+
 	// LocalURL is the url for locally running applications to contact Gitea. It always has a '/' suffix
 	// It maps to ini:"LOCAL_ROOT_URL" in [server]
 	LocalURL string
-	// AssetVersion holds a opaque value that is used for cache-busting assets
+
+	// AssetVersion holds an opaque value that is used for cache-busting assets
 	AssetVersion string
 
+	// appTempPathInternal is the temporary path for the app, it is only an internal variable
+	// DO NOT use it directly, always use AppDataTempDir
+	appTempPathInternal string
+
 	Protocol                   Scheme
-	UseProxyProtocol           bool // `ini:"USE_PROXY_PROTOCOL"`
-	ProxyProtocolTLSBridging   bool //`ini:"PROXY_PROTOCOL_TLS_BRIDGING"`
+	UseProxyProtocol           bool
+	ProxyProtocolTLSBridging   bool
 	ProxyProtocolHeaderTimeout time.Duration
 	ProxyProtocolAcceptUnknown bool
 	Domain                     string
@@ -178,13 +198,14 @@ func loadServerFrom(rootCfg ConfigProvider) {
 		EnableAcme = sec.Key("ENABLE_LETSENCRYPT").MustBool(false)
 	}
 
-	Protocol = HTTP
 	protocolCfg := sec.Key("PROTOCOL").String()
 	if protocolCfg != "https" && EnableAcme {
 		log.Fatal("ACME could only be used with HTTPS protocol")
 	}
 
 	switch protocolCfg {
+	case "", "http":
+		Protocol = HTTP
 	case "https":
 		Protocol = HTTPS
 		if EnableAcme {
@@ -240,7 +261,7 @@ func loadServerFrom(rootCfg ConfigProvider) {
 		case "unix":
 			log.Warn("unix PROTOCOL value is deprecated, please use http+unix")
 			fallthrough
-		case "http+unix":
+		default: // "http+unix"
 			Protocol = HTTPUnix
 		}
 		UnixSocketPermissionRaw := sec.Key("UNIX_SOCKET_PERMISSION").MustString("666")
@@ -253,6 +274,8 @@ func loadServerFrom(rootCfg ConfigProvider) {
 		if !filepath.IsAbs(HTTPAddr) {
 			HTTPAddr = filepath.Join(AppWorkPath, HTTPAddr)
 		}
+	default:
+		log.Fatal("Invalid PROTOCOL %q", protocolCfg)
 	}
 	UseProxyProtocol = sec.Key("USE_PROXY_PROTOCOL").MustBool(false)
 	ProxyProtocolTLSBridging = sec.Key("PROXY_PROTOCOL_TLS_BRIDGING").MustBool(false)
@@ -266,11 +289,15 @@ func loadServerFrom(rootCfg ConfigProvider) {
 
 	defaultAppURL := string(Protocol) + "://" + Domain + ":" + HTTPPort
 	AppURL = sec.Key("ROOT_URL").MustString(defaultAppURL)
+	PublicURLDetection = sec.Key("PUBLIC_URL_DETECTION").MustString(PublicURLLegacy)
+	if PublicURLDetection != PublicURLAuto && PublicURLDetection != PublicURLLegacy {
+		log.Fatal("Invalid PUBLIC_URL_DETECTION value: %s", PublicURLDetection)
+	}
 
 	// Check validity of AppURL
 	appURL, err := url.Parse(AppURL)
 	if err != nil {
-		log.Fatal("Invalid ROOT_URL '%s': %s", AppURL, err)
+		log.Fatal("Invalid ROOT_URL %q: %s", AppURL, err)
 	}
 	// Remove default ports from AppURL.
 	// (scheme-based URL normalization, RFC 3986 section 6.2.3)
@@ -306,13 +333,15 @@ func loadServerFrom(rootCfg ConfigProvider) {
 		defaultLocalURL = AppURL
 	case FCGIUnix:
 		defaultLocalURL = AppURL
-	default:
+	case HTTP, HTTPS:
 		defaultLocalURL = string(Protocol) + "://"
 		if HTTPAddr == "0.0.0.0" {
 			defaultLocalURL += net.JoinHostPort("localhost", HTTPPort) + "/"
 		} else {
 			defaultLocalURL += net.JoinHostPort(HTTPAddr, HTTPPort) + "/"
 		}
+	default:
+		log.Fatal("Invalid PROTOCOL %q", Protocol)
 	}
 	LocalURL = sec.Key("LOCAL_ROOT_URL").MustString(defaultLocalURL)
 	LocalURL = strings.TrimRight(LocalURL, "/") + "/"
@@ -330,6 +359,19 @@ func loadServerFrom(rootCfg ConfigProvider) {
 	if !filepath.IsAbs(AppDataPath) {
 		AppDataPath = filepath.ToSlash(filepath.Join(AppWorkPath, AppDataPath))
 	}
+	if IsInTesting && HasInstallLock(rootCfg) {
+		// FIXME: in testing, the "app data" directory is not correctly initialized before loading settings
+		if _, err := os.Stat(AppDataPath); err != nil {
+			_ = os.MkdirAll(AppDataPath, os.ModePerm)
+		}
+	}
+
+	appTempPathInternal = sec.Key("APP_TEMP_PATH").String()
+	if appTempPathInternal != "" {
+		if _, err := os.Stat(appTempPathInternal); err != nil {
+			log.Fatal("APP_TEMP_PATH %q is not accessible: %v", appTempPathInternal, err)
+		}
+	}
 
 	EnableGzip = sec.Key("ENABLE_GZIP").MustBool()
 	EnablePprof = sec.Key("ENABLE_PPROF").MustBool(false)
diff --git a/modules/setting/service.go b/modules/setting/service.go
index 8c1843eeb7..b1b9fedd62 100644
--- a/modules/setting/service.go
+++ b/modules/setting/service.go
@@ -5,6 +5,7 @@ package setting
 
 import (
 	"regexp"
+	"runtime"
 	"strings"
 	"time"
 
@@ -43,7 +44,8 @@ var Service = struct {
 	ShowRegistrationButton                  bool
 	EnablePasswordSignInForm                bool
 	ShowMilestonesDashboardPage             bool
-	RequireSignInView                       bool
+	RequireSignInViewStrict                 bool
+	BlockAnonymousAccessExpensive           bool
 	EnableNotifyMail                        bool
 	EnableBasicAuth                         bool
 	EnablePasskeyAuth                       bool
@@ -97,6 +99,13 @@ var Service = struct {
 		DisableOrganizationsPage bool `ini:"DISABLE_ORGANIZATIONS_PAGE"`
 		DisableCodePage          bool `ini:"DISABLE_CODE_PAGE"`
 	} `ini:"service.explore"`
+
+	QoS struct {
+		Enabled             bool
+		MaxInFlightRequests int
+		MaxWaitingRequests  int
+		TargetWaitTime      time.Duration
+	}
 }{
 	AllowedUserVisibilityModesSlice: []bool{true, true, true},
 }
@@ -159,7 +168,18 @@ func loadServiceFrom(rootCfg ConfigProvider) {
 	Service.EmailDomainBlockList = CompileEmailGlobList(sec, "EMAIL_DOMAIN_BLOCKLIST")
 	Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!(Service.DisableRegistration || Service.AllowOnlyExternalRegistration))
 	Service.ShowMilestonesDashboardPage = sec.Key("SHOW_MILESTONES_DASHBOARD_PAGE").MustBool(true)
-	Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
+
+	// boolean values are considered as "strict"
+	var err error
+	Service.RequireSignInViewStrict, err = sec.Key("REQUIRE_SIGNIN_VIEW").Bool()
+	if s := sec.Key("REQUIRE_SIGNIN_VIEW").String(); err != nil && s != "" {
+		// non-boolean value only supports "expensive" at the moment
+		Service.BlockAnonymousAccessExpensive = s == "expensive"
+		if !Service.BlockAnonymousAccessExpensive {
+			log.Fatal("Invalid config option: REQUIRE_SIGNIN_VIEW = %s", s)
+		}
+	}
+
 	Service.EnableBasicAuth = sec.Key("ENABLE_BASIC_AUTHENTICATION").MustBool(true)
 	Service.EnablePasswordSignInForm = sec.Key("ENABLE_PASSWORD_SIGNIN_FORM").MustBool(true)
 	Service.EnablePasskeyAuth = sec.Key("ENABLE_PASSKEY_AUTHENTICATION").MustBool(true)
@@ -243,6 +263,7 @@ func loadServiceFrom(rootCfg ConfigProvider) {
 	mustMapSetting(rootCfg, "service.explore", &Service.Explore)
 
 	loadOpenIDSetting(rootCfg)
+	loadQosSetting(rootCfg)
 }
 
 func loadOpenIDSetting(rootCfg ConfigProvider) {
@@ -264,3 +285,11 @@ func loadOpenIDSetting(rootCfg ConfigProvider) {
 		}
 	}
 }
+
+func loadQosSetting(rootCfg ConfigProvider) {
+	sec := rootCfg.Section("qos")
+	Service.QoS.Enabled = sec.Key("ENABLED").MustBool(false)
+	Service.QoS.MaxInFlightRequests = sec.Key("MAX_INFLIGHT").MustInt(4 * runtime.NumCPU())
+	Service.QoS.MaxWaitingRequests = sec.Key("MAX_WAITING").MustInt(100)
+	Service.QoS.TargetWaitTime = sec.Key("TARGET_WAIT_TIME").MustDuration(250 * time.Millisecond)
+}
diff --git a/modules/setting/service_test.go b/modules/setting/service_test.go
index 1647bcec16..73736b793a 100644
--- a/modules/setting/service_test.go
+++ b/modules/setting/service_test.go
@@ -7,16 +7,14 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/gobwas/glob"
 	"github.com/stretchr/testify/assert"
 )
 
 func TestLoadServices(t *testing.T) {
-	oldService := Service
-	defer func() {
-		Service = oldService
-	}()
+	defer test.MockVariableValue(&Service)()
 
 	cfg, err := NewConfigProviderFromData(`
 [service]
@@ -48,10 +46,7 @@ EMAIL_DOMAIN_BLOCKLIST = d3, *.b
 }
 
 func TestLoadServiceVisibilityModes(t *testing.T) {
-	oldService := Service
-	defer func() {
-		Service = oldService
-	}()
+	defer test.MockVariableValue(&Service)()
 
 	kases := map[string]func(){
 		`
@@ -130,3 +125,33 @@ ALLOWED_USER_VISIBILITY_MODES = public, limit, privated
 		})
 	}
 }
+
+func TestLoadServiceRequireSignInView(t *testing.T) {
+	defer test.MockVariableValue(&Service)()
+
+	cfg, err := NewConfigProviderFromData(`
+[service]
+`)
+	assert.NoError(t, err)
+	loadServiceFrom(cfg)
+	assert.False(t, Service.RequireSignInViewStrict)
+	assert.False(t, Service.BlockAnonymousAccessExpensive)
+
+	cfg, err = NewConfigProviderFromData(`
+[service]
+REQUIRE_SIGNIN_VIEW = true
+`)
+	assert.NoError(t, err)
+	loadServiceFrom(cfg)
+	assert.True(t, Service.RequireSignInViewStrict)
+	assert.False(t, Service.BlockAnonymousAccessExpensive)
+
+	cfg, err = NewConfigProviderFromData(`
+[service]
+REQUIRE_SIGNIN_VIEW = expensive
+`)
+	assert.NoError(t, err)
+	loadServiceFrom(cfg)
+	assert.False(t, Service.RequireSignInViewStrict)
+	assert.True(t, Service.BlockAnonymousAccessExpensive)
+}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 20da796b58..e14997801f 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -12,8 +12,8 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/user"
-	"code.gitea.io/gitea/modules/util"
 )
 
 // settings
@@ -159,7 +159,7 @@ func loadRunModeFrom(rootCfg ConfigProvider) {
 	// The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches.
 	// Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly.
 	unsafeAllowRunAsRoot := ConfigSectionKeyBool(rootSec, "I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")
-	unsafeAllowRunAsRoot = unsafeAllowRunAsRoot || util.OptionalBoolParse(os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")).Value()
+	unsafeAllowRunAsRoot = unsafeAllowRunAsRoot || optional.ParseBool(os.Getenv("GITEA_I_AM_BEING_UNSAFE_RUNNING_AS_ROOT")).Value()
 	RunMode = os.Getenv("GITEA_RUN_MODE")
 	if RunMode == "" {
 		RunMode = rootSec.Key("RUN_MODE").MustString("prod")
diff --git a/modules/setting/ssh.go b/modules/setting/ssh.go
index ea387e521f..900fc6ade2 100644
--- a/modules/setting/ssh.go
+++ b/modules/setting/ssh.go
@@ -4,8 +4,6 @@
 package setting
 
 import (
-	"os"
-	"path"
 	"path/filepath"
 	"strings"
 	"text/template"
@@ -32,8 +30,6 @@ var SSH = struct {
 	ServerKeyExchanges                    []string           `ini:"SSH_SERVER_KEY_EXCHANGES"`
 	ServerMACs                            []string           `ini:"SSH_SERVER_MACS"`
 	ServerHostKeys                        []string           `ini:"SSH_SERVER_HOST_KEYS"`
-	KeyTestPath                           string             `ini:"SSH_KEY_TEST_PATH"`
-	KeygenPath                            string             `ini:"SSH_KEYGEN_PATH"`
 	AuthorizedKeysBackup                  bool               `ini:"SSH_AUTHORIZED_KEYS_BACKUP"`
 	AuthorizedPrincipalsBackup            bool               `ini:"SSH_AUTHORIZED_PRINCIPALS_BACKUP"`
 	AuthorizedKeysCommandTemplate         string             `ini:"SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE"`
@@ -55,10 +51,6 @@ var SSH = struct {
 	StartBuiltinServer:            false,
 	Domain:                        "",
 	Port:                          22,
-	ServerCiphers:                 []string{"chacha20-poly1305@openssh.com", "aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-gcm@openssh.com", "aes256-gcm@openssh.com"},
-	ServerKeyExchanges:            []string{"curve25519-sha256", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521", "diffie-hellman-group14-sha256", "diffie-hellman-group14-sha1"},
-	ServerMACs:                    []string{"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1"},
-	KeygenPath:                    "",
 	MinimumKeySizeCheck:           true,
 	MinimumKeySizes:               map[string]int{"ed25519": 256, "ed25519-sk": 256, "ecdsa": 256, "ecdsa-sk": 256, "rsa": 3071},
 	ServerHostKeys:                []string{"ssh/gitea.rsa", "ssh/gogs.rsa"},
@@ -111,30 +103,27 @@ func loadSSHFrom(rootCfg ConfigProvider) {
 	}
 	homeDir = strings.ReplaceAll(homeDir, "\\", "/")
 
-	SSH.RootPath = path.Join(homeDir, ".ssh")
-	serverCiphers := sec.Key("SSH_SERVER_CIPHERS").Strings(",")
-	if len(serverCiphers) > 0 {
-		SSH.ServerCiphers = serverCiphers
-	}
-	serverKeyExchanges := sec.Key("SSH_SERVER_KEY_EXCHANGES").Strings(",")
-	if len(serverKeyExchanges) > 0 {
-		SSH.ServerKeyExchanges = serverKeyExchanges
-	}
-	serverMACs := sec.Key("SSH_SERVER_MACS").Strings(",")
-	if len(serverMACs) > 0 {
-		SSH.ServerMACs = serverMACs
-	}
-	SSH.KeyTestPath = os.TempDir()
+	SSH.RootPath = filepath.Join(homeDir, ".ssh")
+
 	if err = sec.MapTo(&SSH); err != nil {
 		log.Fatal("Failed to map SSH settings: %v", err)
 	}
+
+	serverCiphers := sec.Key("SSH_SERVER_CIPHERS").Strings(",")
+	SSH.ServerCiphers = util.Iif(len(serverCiphers) > 0, serverCiphers, nil)
+
+	serverKeyExchanges := sec.Key("SSH_SERVER_KEY_EXCHANGES").Strings(",")
+	SSH.ServerKeyExchanges = util.Iif(len(serverKeyExchanges) > 0, serverKeyExchanges, nil)
+
+	serverMACs := sec.Key("SSH_SERVER_MACS").Strings(",")
+	SSH.ServerMACs = util.Iif(len(serverMACs) > 0, serverMACs, nil)
+
 	for i, key := range SSH.ServerHostKeys {
 		if !filepath.IsAbs(key) {
 			SSH.ServerHostKeys[i] = filepath.Join(AppDataPath, key)
 		}
 	}
 
-	SSH.KeygenPath = sec.Key("SSH_KEYGEN_PATH").String()
 	SSH.Port = sec.Key("SSH_PORT").MustInt(22)
 	SSH.ListenPort = sec.Key("SSH_LISTEN_PORT").MustInt(SSH.Port)
 	SSH.UseProxyProtocol = sec.Key("SSH_SERVER_USE_PROXY_PROTOCOL").MustBool(false)
diff --git a/modules/setting/storage.go b/modules/setting/storage.go
index d3d1fb9f30..ee246158d9 100644
--- a/modules/setting/storage.go
+++ b/modules/setting/storage.go
@@ -7,6 +7,7 @@ import (
 	"errors"
 	"fmt"
 	"path/filepath"
+	"slices"
 	"strings"
 )
 
@@ -30,12 +31,7 @@ var storageTypes = []StorageType{
 
 // IsValidStorageType returns true if the given storage type is valid
 func IsValidStorageType(storageType StorageType) bool {
-	for _, t := range storageTypes {
-		if t == storageType {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(storageTypes, storageType)
 }
 
 // MinioStorageConfig represents the configuration for a minio storage
@@ -162,7 +158,7 @@ const (
 	targetSecIsSec                                  // target section is from the name seciont [name]
 )
 
-func getStorageSectionByType(rootCfg ConfigProvider, typ string) (ConfigSection, targetSecType, error) { //nolint:unparam
+func getStorageSectionByType(rootCfg ConfigProvider, typ string) (ConfigSection, targetSecType, error) { //nolint:unparam // FIXME: targetSecType is always 0, wrong design?
 	targetSec, err := rootCfg.GetSection(storageSectionName + "." + typ)
 	if err != nil {
 		if !IsValidStorageType(StorageType(typ)) {
@@ -210,8 +206,8 @@ func getStorageTargetSection(rootCfg ConfigProvider, name, typ string, sec Confi
 	targetSec, _ := rootCfg.GetSection(storageSectionName + "." + name)
 	if targetSec != nil {
 		targetType := targetSec.Key("STORAGE_TYPE").String()
-		switch {
-		case targetType == "":
+		switch targetType {
+		case "":
 			if targetSec.Key("PATH").String() == "" { // both storage type and path are empty, use default
 				return getDefaultStorageSection(rootCfg), targetSecIsDefault, nil
 			}
@@ -287,7 +283,7 @@ func getStorageForLocal(targetSec, overrideSec ConfigSection, tp targetSecType,
 	return &storage, nil
 }
 
-func getStorageForMinio(targetSec, overrideSec ConfigSection, tp targetSecType, name string) (*Storage, error) { //nolint:dupl
+func getStorageForMinio(targetSec, overrideSec ConfigSection, tp targetSecType, name string) (*Storage, error) { //nolint:dupl // duplicates azure setup
 	var storage Storage
 	storage.Type = StorageType(targetSec.Key("STORAGE_TYPE").String())
 	if err := targetSec.MapTo(&storage.MinioConfig); err != nil {
@@ -316,7 +312,7 @@ func getStorageForMinio(targetSec, overrideSec ConfigSection, tp targetSecType,
 	return &storage, nil
 }
 
-func getStorageForAzureBlob(targetSec, overrideSec ConfigSection, tp targetSecType, name string) (*Storage, error) { //nolint:dupl
+func getStorageForAzureBlob(targetSec, overrideSec ConfigSection, tp targetSecType, name string) (*Storage, error) { //nolint:dupl // duplicates minio setup
 	var storage Storage
 	storage.Type = StorageType(targetSec.Key("STORAGE_TYPE").String())
 	if err := targetSec.MapTo(&storage.AzureBlobConfig); err != nil {
diff --git a/modules/setting/storage_test.go b/modules/setting/storage_test.go
index afff85537e..6f5a54c41c 100644
--- a/modules/setting/storage_test.go
+++ b/modules/setting/storage_test.go
@@ -26,16 +26,16 @@ MINIO_BUCKET = gitea-storage
 	assert.NoError(t, err)
 
 	assert.NoError(t, loadAttachmentFrom(cfg))
-	assert.EqualValues(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-attachment", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "gitea-lfs", LFS.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-lfs", LFS.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadAvatarsFrom(cfg))
-	assert.EqualValues(t, "gitea-storage", Avatar.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "avatars/", Avatar.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-storage", Avatar.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "avatars/", Avatar.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageUseOtherNameAsType(t *testing.T) {
@@ -51,12 +51,12 @@ MINIO_BUCKET = gitea-storage
 	assert.NoError(t, err)
 
 	assert.NoError(t, loadAttachmentFrom(cfg))
-	assert.EqualValues(t, "gitea-storage", Attachment.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-storage", Attachment.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "attachments/", Attachment.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "gitea-storage", LFS.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea-storage", LFS.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "lfs/", LFS.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageInheritStorageType(t *testing.T) {
@@ -69,32 +69,32 @@ STORAGE_TYPE = minio
 
 	assert.NoError(t, loadPackagesFrom(cfg))
 	assert.EqualValues(t, "minio", Packages.Storage.Type)
-	assert.EqualValues(t, "gitea", Packages.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "packages/", Packages.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", Packages.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "packages/", Packages.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 	assert.EqualValues(t, "minio", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "gitea", RepoArchive.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", RepoArchive.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadActionsFrom(cfg))
 	assert.EqualValues(t, "minio", Actions.LogStorage.Type)
-	assert.EqualValues(t, "gitea", Actions.LogStorage.MinioConfig.Bucket)
-	assert.EqualValues(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", Actions.LogStorage.MinioConfig.Bucket)
+	assert.Equal(t, "actions_log/", Actions.LogStorage.MinioConfig.BasePath)
 
 	assert.EqualValues(t, "minio", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "gitea", Actions.ArtifactStorage.MinioConfig.Bucket)
-	assert.EqualValues(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", Actions.ArtifactStorage.MinioConfig.Bucket)
+	assert.Equal(t, "actions_artifacts/", Actions.ArtifactStorage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadAvatarsFrom(cfg))
 	assert.EqualValues(t, "minio", Avatar.Storage.Type)
-	assert.EqualValues(t, "gitea", Avatar.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "avatars/", Avatar.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", Avatar.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "avatars/", Avatar.Storage.MinioConfig.BasePath)
 
 	assert.NoError(t, loadRepoAvatarFrom(cfg))
 	assert.EqualValues(t, "minio", RepoAvatar.Storage.Type)
-	assert.EqualValues(t, "gitea", RepoAvatar.Storage.MinioConfig.Bucket)
-	assert.EqualValues(t, "repo-avatars/", RepoAvatar.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "gitea", RepoAvatar.Storage.MinioConfig.Bucket)
+	assert.Equal(t, "repo-avatars/", RepoAvatar.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageInheritStorageTypeAzureBlob(t *testing.T) {
@@ -107,32 +107,32 @@ STORAGE_TYPE = azureblob
 
 	assert.NoError(t, loadPackagesFrom(cfg))
 	assert.EqualValues(t, "azureblob", Packages.Storage.Type)
-	assert.EqualValues(t, "gitea", Packages.Storage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "packages/", Packages.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", Packages.Storage.AzureBlobConfig.Container)
+	assert.Equal(t, "packages/", Packages.Storage.AzureBlobConfig.BasePath)
 
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 	assert.EqualValues(t, "azureblob", RepoArchive.Storage.Type)
-	assert.EqualValues(t, "gitea", RepoArchive.Storage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", RepoArchive.Storage.AzureBlobConfig.Container)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
 
 	assert.NoError(t, loadActionsFrom(cfg))
 	assert.EqualValues(t, "azureblob", Actions.LogStorage.Type)
-	assert.EqualValues(t, "gitea", Actions.LogStorage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "actions_log/", Actions.LogStorage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", Actions.LogStorage.AzureBlobConfig.Container)
+	assert.Equal(t, "actions_log/", Actions.LogStorage.AzureBlobConfig.BasePath)
 
 	assert.EqualValues(t, "azureblob", Actions.ArtifactStorage.Type)
-	assert.EqualValues(t, "gitea", Actions.ArtifactStorage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "actions_artifacts/", Actions.ArtifactStorage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", Actions.ArtifactStorage.AzureBlobConfig.Container)
+	assert.Equal(t, "actions_artifacts/", Actions.ArtifactStorage.AzureBlobConfig.BasePath)
 
 	assert.NoError(t, loadAvatarsFrom(cfg))
 	assert.EqualValues(t, "azureblob", Avatar.Storage.Type)
-	assert.EqualValues(t, "gitea", Avatar.Storage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "avatars/", Avatar.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", Avatar.Storage.AzureBlobConfig.Container)
+	assert.Equal(t, "avatars/", Avatar.Storage.AzureBlobConfig.BasePath)
 
 	assert.NoError(t, loadRepoAvatarFrom(cfg))
 	assert.EqualValues(t, "azureblob", RepoAvatar.Storage.Type)
-	assert.EqualValues(t, "gitea", RepoAvatar.Storage.AzureBlobConfig.Container)
-	assert.EqualValues(t, "repo-avatars/", RepoAvatar.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "gitea", RepoAvatar.Storage.AzureBlobConfig.Container)
+	assert.Equal(t, "repo-avatars/", RepoAvatar.Storage.AzureBlobConfig.BasePath)
 }
 
 type testLocalStoragePathCase struct {
@@ -151,7 +151,7 @@ func testLocalStoragePath(t *testing.T, appDataPath, iniStr string, cases []test
 
 		assert.EqualValues(t, "local", storage.Type)
 		assert.True(t, filepath.IsAbs(storage.Path))
-		assert.EqualValues(t, filepath.Clean(c.expectedPath), filepath.Clean(storage.Path))
+		assert.Equal(t, filepath.Clean(c.expectedPath), filepath.Clean(storage.Path))
 	}
 }
 
@@ -389,8 +389,8 @@ MINIO_SECRET_ACCESS_KEY = my_secret_key
 
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
 	cp := RepoArchive.Storage.ToShadowCopy()
-	assert.EqualValues(t, "******", cp.MinioConfig.AccessKeyID)
-	assert.EqualValues(t, "******", cp.MinioConfig.SecretAccessKey)
+	assert.Equal(t, "******", cp.MinioConfig.AccessKeyID)
+	assert.Equal(t, "******", cp.MinioConfig.SecretAccessKey)
 }
 
 func Test_getStorageConfiguration24(t *testing.T) {
@@ -445,10 +445,10 @@ MINIO_USE_SSL = true
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
-	assert.EqualValues(t, "my_access_key", RepoArchive.Storage.MinioConfig.AccessKeyID)
-	assert.EqualValues(t, "my_secret_key", RepoArchive.Storage.MinioConfig.SecretAccessKey)
+	assert.Equal(t, "my_access_key", RepoArchive.Storage.MinioConfig.AccessKeyID)
+	assert.Equal(t, "my_secret_key", RepoArchive.Storage.MinioConfig.SecretAccessKey)
 	assert.True(t, RepoArchive.Storage.MinioConfig.UseSSL)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageConfiguration28(t *testing.T) {
@@ -462,10 +462,10 @@ MINIO_BASE_PATH = /prefix
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
-	assert.EqualValues(t, "my_access_key", RepoArchive.Storage.MinioConfig.AccessKeyID)
-	assert.EqualValues(t, "my_secret_key", RepoArchive.Storage.MinioConfig.SecretAccessKey)
+	assert.Equal(t, "my_access_key", RepoArchive.Storage.MinioConfig.AccessKeyID)
+	assert.Equal(t, "my_secret_key", RepoArchive.Storage.MinioConfig.SecretAccessKey)
 	assert.True(t, RepoArchive.Storage.MinioConfig.UseSSL)
-	assert.EqualValues(t, "/prefix/repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "/prefix/repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	cfg, err = NewConfigProviderFromData(`
 [storage]
@@ -476,9 +476,9 @@ MINIO_BASE_PATH = /prefix
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
-	assert.EqualValues(t, "127.0.0.1", RepoArchive.Storage.MinioConfig.IamEndpoint)
+	assert.Equal(t, "127.0.0.1", RepoArchive.Storage.MinioConfig.IamEndpoint)
 	assert.True(t, RepoArchive.Storage.MinioConfig.UseSSL)
-	assert.EqualValues(t, "/prefix/repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "/prefix/repo-archive/", RepoArchive.Storage.MinioConfig.BasePath)
 
 	cfg, err = NewConfigProviderFromData(`
 [storage]
@@ -493,10 +493,10 @@ MINIO_BASE_PATH = /lfs
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "my_access_key", LFS.Storage.MinioConfig.AccessKeyID)
-	assert.EqualValues(t, "my_secret_key", LFS.Storage.MinioConfig.SecretAccessKey)
+	assert.Equal(t, "my_access_key", LFS.Storage.MinioConfig.AccessKeyID)
+	assert.Equal(t, "my_secret_key", LFS.Storage.MinioConfig.SecretAccessKey)
 	assert.True(t, LFS.Storage.MinioConfig.UseSSL)
-	assert.EqualValues(t, "/lfs", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "/lfs", LFS.Storage.MinioConfig.BasePath)
 
 	cfg, err = NewConfigProviderFromData(`
 [storage]
@@ -511,10 +511,10 @@ MINIO_BASE_PATH = /lfs
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "my_access_key", LFS.Storage.MinioConfig.AccessKeyID)
-	assert.EqualValues(t, "my_secret_key", LFS.Storage.MinioConfig.SecretAccessKey)
+	assert.Equal(t, "my_access_key", LFS.Storage.MinioConfig.AccessKeyID)
+	assert.Equal(t, "my_secret_key", LFS.Storage.MinioConfig.SecretAccessKey)
 	assert.True(t, LFS.Storage.MinioConfig.UseSSL)
-	assert.EqualValues(t, "/lfs", LFS.Storage.MinioConfig.BasePath)
+	assert.Equal(t, "/lfs", LFS.Storage.MinioConfig.BasePath)
 }
 
 func Test_getStorageConfiguration29(t *testing.T) {
@@ -539,9 +539,9 @@ AZURE_BLOB_ACCOUNT_KEY = my_account_key
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
-	assert.EqualValues(t, "my_account_name", RepoArchive.Storage.AzureBlobConfig.AccountName)
-	assert.EqualValues(t, "my_account_key", RepoArchive.Storage.AzureBlobConfig.AccountKey)
-	assert.EqualValues(t, "repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "my_account_name", RepoArchive.Storage.AzureBlobConfig.AccountName)
+	assert.Equal(t, "my_account_key", RepoArchive.Storage.AzureBlobConfig.AccountKey)
+	assert.Equal(t, "repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
 }
 
 func Test_getStorageConfiguration31(t *testing.T) {
@@ -554,9 +554,9 @@ AZURE_BLOB_BASE_PATH = /prefix
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadRepoArchiveFrom(cfg))
-	assert.EqualValues(t, "my_account_name", RepoArchive.Storage.AzureBlobConfig.AccountName)
-	assert.EqualValues(t, "my_account_key", RepoArchive.Storage.AzureBlobConfig.AccountKey)
-	assert.EqualValues(t, "/prefix/repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "my_account_name", RepoArchive.Storage.AzureBlobConfig.AccountName)
+	assert.Equal(t, "my_account_key", RepoArchive.Storage.AzureBlobConfig.AccountKey)
+	assert.Equal(t, "/prefix/repo-archive/", RepoArchive.Storage.AzureBlobConfig.BasePath)
 
 	cfg, err = NewConfigProviderFromData(`
 [storage]
@@ -570,9 +570,9 @@ AZURE_BLOB_BASE_PATH = /lfs
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "my_account_name", LFS.Storage.AzureBlobConfig.AccountName)
-	assert.EqualValues(t, "my_account_key", LFS.Storage.AzureBlobConfig.AccountKey)
-	assert.EqualValues(t, "/lfs", LFS.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "my_account_name", LFS.Storage.AzureBlobConfig.AccountName)
+	assert.Equal(t, "my_account_key", LFS.Storage.AzureBlobConfig.AccountKey)
+	assert.Equal(t, "/lfs", LFS.Storage.AzureBlobConfig.BasePath)
 
 	cfg, err = NewConfigProviderFromData(`
 [storage]
@@ -586,7 +586,7 @@ AZURE_BLOB_BASE_PATH = /lfs
 `)
 	assert.NoError(t, err)
 	assert.NoError(t, loadLFSFrom(cfg))
-	assert.EqualValues(t, "my_account_name", LFS.Storage.AzureBlobConfig.AccountName)
-	assert.EqualValues(t, "my_account_key", LFS.Storage.AzureBlobConfig.AccountKey)
-	assert.EqualValues(t, "/lfs", LFS.Storage.AzureBlobConfig.BasePath)
+	assert.Equal(t, "my_account_name", LFS.Storage.AzureBlobConfig.AccountName)
+	assert.Equal(t, "my_account_key", LFS.Storage.AzureBlobConfig.AccountKey)
+	assert.Equal(t, "/lfs", LFS.Storage.AzureBlobConfig.BasePath)
 }
diff --git a/modules/ssh/init.go b/modules/ssh/init.go
index 21d4f89936..cfb0d5693a 100644
--- a/modules/ssh/init.go
+++ b/modules/ssh/init.go
@@ -13,6 +13,7 @@ import (
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 )
 
 func Init() error {
@@ -23,20 +24,17 @@ func Init() error {
 
 	if setting.SSH.StartBuiltinServer {
 		Listen(setting.SSH.ListenHost, setting.SSH.ListenPort, setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs)
-		log.Info("SSH server started on %s. Cipher list (%v), key exchange algorithms (%v), MACs (%v)",
+		log.Info("SSH server started on %q. Ciphers: %v, key exchange algorithms: %v, MACs: %v",
 			net.JoinHostPort(setting.SSH.ListenHost, strconv.Itoa(setting.SSH.ListenPort)),
-			setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs,
+			util.Iif[any](setting.SSH.ServerCiphers == nil, "default", setting.SSH.ServerCiphers),
+			util.Iif[any](setting.SSH.ServerKeyExchanges == nil, "default", setting.SSH.ServerKeyExchanges),
+			util.Iif[any](setting.SSH.ServerMACs == nil, "default", setting.SSH.ServerMACs),
 		)
 		return nil
 	}
 
 	builtinUnused()
 
-	// FIXME: why 0o644 for a directory .....
-	if err := os.MkdirAll(setting.SSH.KeyTestPath, 0o644); err != nil {
-		return fmt.Errorf("failed to create directory %q for ssh key test: %w", setting.SSH.KeyTestPath, err)
-	}
-
 	if len(setting.SSH.TrustedUserCAKeys) > 0 && setting.SSH.AuthorizedPrincipalsEnabled {
 		caKeysFileName := setting.SSH.TrustedUserCAKeysFile
 		caKeysFileDir := filepath.Dir(caKeysFileName)
diff --git a/modules/ssh/ssh.go b/modules/ssh/ssh.go
index 7479cfbd95..3fea4851c7 100644
--- a/modules/ssh/ssh.go
+++ b/modules/ssh/ssh.go
@@ -11,7 +11,6 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"errors"
-	"fmt"
 	"io"
 	"net"
 	"os"
@@ -216,7 +215,7 @@ func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {
 	ctx.Permissions().Permissions = &gossh.Permissions{}
 	setPermExt := func(keyID int64) {
 		ctx.Permissions().Permissions.Extensions = map[string]string{
-			giteaPermissionExtensionKeyID: fmt.Sprint(keyID),
+			giteaPermissionExtensionKeyID: strconv.FormatInt(keyID, 10),
 		}
 	}
 
@@ -334,7 +333,7 @@ func sshConnectionFailed(conn net.Conn, err error) {
 	log.Warn("Failed authentication attempt from %s", conn.RemoteAddr())
 }
 
-// Listen starts a SSH server listens on given port.
+// Listen starts an SSH server listening on given port.
 func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
 	srv := ssh.Server{
 		Addr:             net.JoinHostPort(host, strconv.Itoa(port)),
diff --git a/modules/storage/azureblob.go b/modules/storage/azureblob.go
index 837afd0ba6..6860d81131 100644
--- a/modules/storage/azureblob.go
+++ b/modules/storage/azureblob.go
@@ -247,7 +247,7 @@ func (a *AzureBlobStorage) Delete(path string) error {
 }
 
 // URL gets the redirect URL to a file. The presigned link is valid for 5 minutes.
-func (a *AzureBlobStorage) URL(path, name string, reqParams url.Values) (*url.URL, error) {
+func (a *AzureBlobStorage) URL(path, name, _ string, reqParams url.Values) (*url.URL, error) {
 	blobClient := a.getBlobClient(path)
 
 	startTime := time.Now()
diff --git a/modules/storage/azureblob_test.go b/modules/storage/azureblob_test.go
index 6905db5008..b3791b4916 100644
--- a/modules/storage/azureblob_test.go
+++ b/modules/storage/azureblob_test.go
@@ -4,9 +4,9 @@
 package storage
 
 import (
-	"bytes"
 	"io"
 	"os"
+	"strings"
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
@@ -33,14 +33,14 @@ func TestAzureBlobStorageIterator(t *testing.T) {
 
 func TestAzureBlobStoragePath(t *testing.T) {
 	m := &AzureBlobStorage{cfg: &setting.AzureBlobStorageConfig{BasePath: ""}}
-	assert.Equal(t, "", m.buildAzureBlobPath("/"))
-	assert.Equal(t, "", m.buildAzureBlobPath("."))
+	assert.Empty(t, m.buildAzureBlobPath("/"))
+	assert.Empty(t, m.buildAzureBlobPath("."))
 	assert.Equal(t, "a", m.buildAzureBlobPath("/a"))
 	assert.Equal(t, "a/b", m.buildAzureBlobPath("/a/b/"))
 
 	m = &AzureBlobStorage{cfg: &setting.AzureBlobStorageConfig{BasePath: "/"}}
-	assert.Equal(t, "", m.buildAzureBlobPath("/"))
-	assert.Equal(t, "", m.buildAzureBlobPath("."))
+	assert.Empty(t, m.buildAzureBlobPath("/"))
+	assert.Empty(t, m.buildAzureBlobPath("."))
 	assert.Equal(t, "a", m.buildAzureBlobPath("/a"))
 	assert.Equal(t, "a/b", m.buildAzureBlobPath("/a/b/"))
 
@@ -76,7 +76,7 @@ func Test_azureBlobObject(t *testing.T) {
 	assert.NoError(t, err)
 
 	data := "Q2xTckt6Y1hDOWh0"
-	_, err = s.Save("test.txt", bytes.NewBufferString(data), int64(len(data)))
+	_, err = s.Save("test.txt", strings.NewReader(data), int64(len(data)))
 	assert.NoError(t, err)
 	obj, err := s.Open("test.txt")
 	assert.NoError(t, err)
@@ -86,7 +86,7 @@ func Test_azureBlobObject(t *testing.T) {
 	buf1 := make([]byte, 3)
 	read, err := obj.Read(buf1)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 3, read)
+	assert.Equal(t, 3, read)
 	assert.Equal(t, data[2:5], string(buf1))
 	offset, err = obj.Seek(-5, io.SeekEnd)
 	assert.NoError(t, err)
@@ -94,7 +94,7 @@ func Test_azureBlobObject(t *testing.T) {
 	buf2 := make([]byte, 4)
 	read, err = obj.Read(buf2)
 	assert.NoError(t, err)
-	assert.EqualValues(t, 4, read)
+	assert.Equal(t, 4, read)
 	assert.Equal(t, data[11:15], string(buf2))
 	assert.NoError(t, obj.Close())
 	assert.NoError(t, s.Delete("test.txt"))
diff --git a/modules/storage/helper.go b/modules/storage/helper.go
index 9e6cceb537..f6c3d5eebb 100644
--- a/modules/storage/helper.go
+++ b/modules/storage/helper.go
@@ -30,7 +30,7 @@ func (s discardStorage) Delete(_ string) error {
 	return fmt.Errorf("%s", s)
 }
 
-func (s discardStorage) URL(_, _ string, _ url.Values) (*url.URL, error) {
+func (s discardStorage) URL(_, _, _ string, _ url.Values) (*url.URL, error) {
 	return nil, fmt.Errorf("%s", s)
 }
 
diff --git a/modules/storage/helper_test.go b/modules/storage/helper_test.go
index 62ebd8753c..3cba1e13c0 100644
--- a/modules/storage/helper_test.go
+++ b/modules/storage/helper_test.go
@@ -37,7 +37,7 @@ func Test_discardStorage(t *testing.T) {
 				assert.Error(t, err, string(tt))
 			}
 			{
-				got, err := tt.URL("path", "name", nil)
+				got, err := tt.URL("path", "name", "GET", nil)
 				assert.Nil(t, got)
 				assert.Errorf(t, err, string(tt))
 			}
diff --git a/modules/storage/local.go b/modules/storage/local.go
index 00c7f668aa..8a1776f606 100644
--- a/modules/storage/local.go
+++ b/modules/storage/local.go
@@ -114,7 +114,7 @@ func (l *LocalStorage) Delete(path string) error {
 }
 
 // URL gets the redirect URL to a file
-func (l *LocalStorage) URL(path, name string, reqParams url.Values) (*url.URL, error) {
+func (l *LocalStorage) URL(path, name, _ string, reqParams url.Values) (*url.URL, error) {
 	return nil, ErrURLNotSupported
 }
 
diff --git a/modules/storage/local_test.go b/modules/storage/local_test.go
index 540ced1655..0592fd716b 100644
--- a/modules/storage/local_test.go
+++ b/modules/storage/local_test.go
@@ -48,7 +48,7 @@ func TestBuildLocalPath(t *testing.T) {
 		t.Run(k.path, func(t *testing.T) {
 			l := LocalStorage{dir: k.localDir}
 
-			assert.EqualValues(t, k.expected, l.buildLocalPath(k.path))
+			assert.Equal(t, k.expected, l.buildLocalPath(k.path))
 		})
 	}
 }
diff --git a/modules/storage/minio.go b/modules/storage/minio.go
index 6b92be61fb..01f2c16267 100644
--- a/modules/storage/minio.go
+++ b/modules/storage/minio.go
@@ -86,13 +86,14 @@ func NewMinioStorage(ctx context.Context, cfg *setting.Storage) (ObjectStorage,
 	log.Info("Creating Minio storage at %s:%s with base path %s", config.Endpoint, config.Bucket, config.BasePath)
 
 	var lookup minio.BucketLookupType
-	if config.BucketLookUpType == "auto" || config.BucketLookUpType == "" {
+	switch config.BucketLookUpType {
+	case "auto", "":
 		lookup = minio.BucketLookupAuto
-	} else if config.BucketLookUpType == "dns" {
+	case "dns":
 		lookup = minio.BucketLookupDNS
-	} else if config.BucketLookUpType == "path" {
+	case "path":
 		lookup = minio.BucketLookupPath
-	} else {
+	default:
 		return nil, fmt.Errorf("invalid minio bucket lookup type: %s", config.BucketLookUpType)
 	}
 
@@ -278,7 +279,7 @@ func (m *MinioStorage) Delete(path string) error {
 }
 
 // URL gets the redirect URL to a file. The presigned link is valid for 5 minutes.
-func (m *MinioStorage) URL(path, name string, serveDirectReqParams url.Values) (*url.URL, error) {
+func (m *MinioStorage) URL(path, name, method string, serveDirectReqParams url.Values) (*url.URL, error) {
 	// copy serveDirectReqParams
 	reqParams, err := url.ParseQuery(serveDirectReqParams.Encode())
 	if err != nil {
@@ -286,7 +287,12 @@ func (m *MinioStorage) URL(path, name string, serveDirectReqParams url.Values) (
 	}
 	// TODO it may be good to embed images with 'inline' like ServeData does, but we don't want to have to read the file, do we?
 	reqParams.Set("response-content-disposition", "attachment; filename=\""+quoteEscaper.Replace(name)+"\"")
-	u, err := m.client.PresignedGetObject(m.ctx, m.bucket, m.buildMinioPath(path), 5*time.Minute, reqParams)
+	expires := 5 * time.Minute
+	if method == http.MethodHead {
+		u, err := m.client.PresignedHeadObject(m.ctx, m.bucket, m.buildMinioPath(path), expires, reqParams)
+		return u, convertMinioErr(err)
+	}
+	u, err := m.client.PresignedGetObject(m.ctx, m.bucket, m.buildMinioPath(path), expires, reqParams)
 	return u, convertMinioErr(err)
 }
 
diff --git a/modules/storage/minio_test.go b/modules/storage/minio_test.go
index 395da051e8..2726d765dd 100644
--- a/modules/storage/minio_test.go
+++ b/modules/storage/minio_test.go
@@ -34,19 +34,19 @@ func TestMinioStorageIterator(t *testing.T) {
 
 func TestMinioStoragePath(t *testing.T) {
 	m := &MinioStorage{basePath: ""}
-	assert.Equal(t, "", m.buildMinioPath("/"))
-	assert.Equal(t, "", m.buildMinioPath("."))
+	assert.Empty(t, m.buildMinioPath("/"))
+	assert.Empty(t, m.buildMinioPath("."))
 	assert.Equal(t, "a", m.buildMinioPath("/a"))
 	assert.Equal(t, "a/b", m.buildMinioPath("/a/b/"))
-	assert.Equal(t, "", m.buildMinioDirPrefix(""))
+	assert.Empty(t, m.buildMinioDirPrefix(""))
 	assert.Equal(t, "a/", m.buildMinioDirPrefix("/a/"))
 
 	m = &MinioStorage{basePath: "/"}
-	assert.Equal(t, "", m.buildMinioPath("/"))
-	assert.Equal(t, "", m.buildMinioPath("."))
+	assert.Empty(t, m.buildMinioPath("/"))
+	assert.Empty(t, m.buildMinioPath("."))
 	assert.Equal(t, "a", m.buildMinioPath("/a"))
 	assert.Equal(t, "a/b", m.buildMinioPath("/a/b/"))
-	assert.Equal(t, "", m.buildMinioDirPrefix(""))
+	assert.Empty(t, m.buildMinioDirPrefix(""))
 	assert.Equal(t, "a/", m.buildMinioDirPrefix("/a/"))
 
 	m = &MinioStorage{basePath: "/base"}
diff --git a/modules/storage/storage.go b/modules/storage/storage.go
index b0529941e7..1868817c05 100644
--- a/modules/storage/storage.go
+++ b/modules/storage/storage.go
@@ -59,11 +59,15 @@ type Object interface {
 // ObjectStorage represents an object storage to handle a bucket and files
 type ObjectStorage interface {
 	Open(path string) (Object, error)
-	// Save store a object, if size is unknown set -1
+
+	// Save store an object, if size is unknown set -1
+	// NOTICE: Some storage SDK will close the Reader after saving if it is also a Closer,
+	// DO NOT use the reader anymore after Save, or wrap it to a non-Closer reader.
 	Save(path string, r io.Reader, size int64) (int64, error)
+
 	Stat(path string) (os.FileInfo, error)
 	Delete(path string) error
-	URL(path, name string, reqParams url.Values) (*url.URL, error)
+	URL(path, name, method string, reqParams url.Values) (*url.URL, error)
 	IterateObjects(path string, iterator func(path string, obj Object) error) error
 }
 
diff --git a/modules/storage/storage_test.go b/modules/storage/storage_test.go
index 7edde558f3..08f274e74b 100644
--- a/modules/storage/storage_test.go
+++ b/modules/storage/storage_test.go
@@ -4,7 +4,7 @@
 package storage
 
 import (
-	"bytes"
+	"strings"
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
@@ -26,7 +26,7 @@ func testStorageIterator(t *testing.T, typStr Type, cfg *setting.Storage) {
 		{"b/x 4.txt", "bx4"},
 	}
 	for _, f := range testFiles {
-		_, err = l.Save(f[0], bytes.NewBufferString(f[1]), -1)
+		_, err = l.Save(f[0], strings.NewReader(f[1]), -1)
 		assert.NoError(t, err)
 	}
 
diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index f7c6d10ba0..c68b59a897 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -8,8 +8,11 @@ import "time"
 
 // CreateUserOption create user options
 type CreateUserOption struct {
-	SourceID  int64  `json:"source_id"`
+	SourceID int64 `json:"source_id"`
+	// identifier of the user, provided by the external authenticator (if configured)
+	// default: empty
 	LoginName string `json:"login_name"`
+	// username of the user
 	// required: true
 	Username string `json:"username" binding:"Required;Username;MaxSize(40)"`
 	FullName string `json:"full_name" binding:"MaxSize(100)"`
@@ -32,6 +35,8 @@ type CreateUserOption struct {
 type EditUserOption struct {
 	// required: true
 	SourceID int64 `json:"source_id"`
+	// identifier of the user, provided by the external authenticator (if configured)
+	// default: empty
 	// required: true
 	LoginName string `json:"login_name" binding:"Required"`
 	// swagger:strfmt email
diff --git a/modules/structs/commit_status_test.go b/modules/structs/commit_status_test.go
deleted file mode 100644
index 88e09aadc1..0000000000
--- a/modules/structs/commit_status_test.go
+++ /dev/null
@@ -1,174 +0,0 @@
-// Copyright 2023 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package structs
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestNoBetterThan(t *testing.T) {
-	type args struct {
-		css  CommitStatusState
-		css2 CommitStatusState
-	}
-	var unExpectedState CommitStatusState
-	tests := []struct {
-		name string
-		args args
-		want bool
-	}{
-		{
-			name: "success is no better than success",
-			args: args{
-				css:  CommitStatusSuccess,
-				css2: CommitStatusSuccess,
-			},
-			want: true,
-		},
-		{
-			name: "success is no better than pending",
-			args: args{
-				css:  CommitStatusSuccess,
-				css2: CommitStatusPending,
-			},
-			want: false,
-		},
-		{
-			name: "success is no better than failure",
-			args: args{
-				css:  CommitStatusSuccess,
-				css2: CommitStatusFailure,
-			},
-			want: false,
-		},
-		{
-			name: "success is no better than error",
-			args: args{
-				css:  CommitStatusSuccess,
-				css2: CommitStatusError,
-			},
-			want: false,
-		},
-		{
-			name: "pending is no better than success",
-			args: args{
-				css:  CommitStatusPending,
-				css2: CommitStatusSuccess,
-			},
-			want: true,
-		},
-		{
-			name: "pending is no better than pending",
-			args: args{
-				css:  CommitStatusPending,
-				css2: CommitStatusPending,
-			},
-			want: true,
-		},
-		{
-			name: "pending is no better than failure",
-			args: args{
-				css:  CommitStatusPending,
-				css2: CommitStatusFailure,
-			},
-			want: false,
-		},
-		{
-			name: "pending is no better than error",
-			args: args{
-				css:  CommitStatusPending,
-				css2: CommitStatusError,
-			},
-			want: false,
-		},
-		{
-			name: "failure is no better than success",
-			args: args{
-				css:  CommitStatusFailure,
-				css2: CommitStatusSuccess,
-			},
-			want: true,
-		},
-		{
-			name: "failure is no better than pending",
-			args: args{
-				css:  CommitStatusFailure,
-				css2: CommitStatusPending,
-			},
-			want: true,
-		},
-		{
-			name: "failure is no better than failure",
-			args: args{
-				css:  CommitStatusFailure,
-				css2: CommitStatusFailure,
-			},
-			want: true,
-		},
-		{
-			name: "failure is no better than error",
-			args: args{
-				css:  CommitStatusFailure,
-				css2: CommitStatusError,
-			},
-			want: false,
-		},
-		{
-			name: "error is no better than success",
-			args: args{
-				css:  CommitStatusError,
-				css2: CommitStatusSuccess,
-			},
-			want: true,
-		},
-		{
-			name: "error is no better than pending",
-			args: args{
-				css:  CommitStatusError,
-				css2: CommitStatusPending,
-			},
-			want: true,
-		},
-		{
-			name: "error is no better than failure",
-			args: args{
-				css:  CommitStatusError,
-				css2: CommitStatusFailure,
-			},
-			want: true,
-		},
-		{
-			name: "error is no better than error",
-			args: args{
-				css:  CommitStatusError,
-				css2: CommitStatusError,
-			},
-			want: true,
-		},
-		{
-			name: "unExpectedState is no better than success",
-			args: args{
-				css:  unExpectedState,
-				css2: CommitStatusSuccess,
-			},
-			want: false,
-		},
-		{
-			name: "unExpectedState is no better than unExpectedState",
-			args: args{
-				css:  unExpectedState,
-				css2: unExpectedState,
-			},
-			want: false,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			result := tt.args.css.NoBetterThan(tt.args.css2)
-			assert.Equal(t, tt.want, result)
-		})
-	}
-}
diff --git a/modules/structs/git_blob.go b/modules/structs/git_blob.go
index 96c7a271a9..643b69ed37 100644
--- a/modules/structs/git_blob.go
+++ b/modules/structs/git_blob.go
@@ -5,9 +5,12 @@ package structs
 
 // GitBlobResponse represents a git blob
 type GitBlobResponse struct {
-	Content  string `json:"content"`
-	Encoding string `json:"encoding"`
-	URL      string `json:"url"`
-	SHA      string `json:"sha"`
-	Size     int64  `json:"size"`
+	Content  *string `json:"content"`
+	Encoding *string `json:"encoding"`
+	URL      string  `json:"url"`
+	SHA      string  `json:"sha"`
+	Size     int64   `json:"size"`
+
+	LfsOid  *string `json:"lfs_oid,omitempty"`
+	LfsSize *int64  `json:"lfs_size,omitempty"`
 }
diff --git a/modules/structs/hook.go b/modules/structs/hook.go
index aaa9fbc9d3..ac779a5740 100644
--- a/modules/structs/hook.go
+++ b/modules/structs/hook.go
@@ -71,7 +71,8 @@ type PayloadUser struct {
 	// Full name of the commit author
 	Name string `json:"name"`
 	// swagger:strfmt email
-	Email    string `json:"email"`
+	Email string `json:"email"`
+	// username of the user
 	UserName string `json:"username"`
 }
 
@@ -286,6 +287,8 @@ const (
 	HookIssueReOpened HookIssueAction = "reopened"
 	// HookIssueEdited edited
 	HookIssueEdited HookIssueAction = "edited"
+	// HookIssueDeleted is an issue action for deleting an issue
+	HookIssueDeleted HookIssueAction = "deleted"
 	// HookIssueAssigned assigned
 	HookIssueAssigned HookIssueAction = "assigned"
 	// HookIssueUnassigned unassigned
@@ -470,6 +473,22 @@ func (p *CommitStatusPayload) JSONPayload() ([]byte, error) {
 	return json.MarshalIndent(p, "", "  ")
 }
 
+// WorkflowRunPayload represents a payload information of workflow run event.
+type WorkflowRunPayload struct {
+	Action       string             `json:"action"`
+	Workflow     *ActionWorkflow    `json:"workflow"`
+	WorkflowRun  *ActionWorkflowRun `json:"workflow_run"`
+	PullRequest  *PullRequest       `json:"pull_request,omitempty"`
+	Organization *Organization      `json:"organization,omitempty"`
+	Repo         *Repository        `json:"repository"`
+	Sender       *User              `json:"sender"`
+}
+
+// JSONPayload implements Payload
+func (p *WorkflowRunPayload) JSONPayload() ([]byte, error) {
+	return json.MarshalIndent(p, "", "  ")
+}
+
 // WorkflowJobPayload represents a payload information of workflow job event.
 type WorkflowJobPayload struct {
 	Action       string             `json:"action"`
diff --git a/modules/structs/issue.go b/modules/structs/issue.go
index 3682191be5..322ac1e4ca 100644
--- a/modules/structs/issue.go
+++ b/modules/structs/issue.go
@@ -203,7 +203,7 @@ func (l *IssueTemplateStringSlice) UnmarshalYAML(value *yaml.Node) error {
 		if err != nil {
 			return err
 		}
-		for _, v := range strings.Split(str, ",") {
+		for v := range strings.SplitSeq(str, ",") {
 			if v = strings.TrimSpace(v); v == "" {
 				continue
 			}
@@ -262,7 +262,13 @@ func (it IssueTemplate) Type() IssueTemplateType {
 // IssueMeta basic issue information
 // swagger:model
 type IssueMeta struct {
-	Index int64  `json:"index"`
+	Index int64 `json:"index"`
+	// owner of the issue's repo
 	Owner string `json:"owner"`
 	Name  string `json:"repo"`
 }
+
+// LockIssueOption options to lock an issue
+type LockIssueOption struct {
+	Reason string `json:"lock_reason"`
+}
diff --git a/modules/structs/issue_tracked_time.go b/modules/structs/issue_tracked_time.go
index a3904af80e..befcfb323d 100644
--- a/modules/structs/issue_tracked_time.go
+++ b/modules/structs/issue_tracked_time.go
@@ -14,7 +14,7 @@ type AddTimeOption struct {
 	Time int64 `json:"time" binding:"Required"`
 	// swagger:strfmt date-time
 	Created time.Time `json:"created"`
-	// User who spent the time (optional)
+	// username of the user who spent the time working on the issue (optional)
 	User string `json:"user_name"`
 }
 
@@ -26,7 +26,8 @@ type TrackedTime struct {
 	// Time in seconds
 	Time int64 `json:"time"`
 	// deprecated (only for backwards compatibility)
-	UserID   int64  `json:"user_id"`
+	UserID int64 `json:"user_id"`
+	// username of the user
 	UserName string `json:"user_name"`
 	// deprecated (only for backwards compatibility)
 	IssueID int64  `json:"issue_id"`
diff --git a/modules/structs/org.go b/modules/structs/org.go
index f93b3b6493..33b45c6344 100644
--- a/modules/structs/org.go
+++ b/modules/structs/org.go
@@ -15,6 +15,7 @@ type Organization struct {
 	Location                  string `json:"location"`
 	Visibility                string `json:"visibility"`
 	RepoAdminChangeTeamAccess bool   `json:"repo_admin_change_team_access"`
+	// username of the organization
 	// deprecated
 	UserName string `json:"username"`
 }
@@ -30,6 +31,7 @@ type OrganizationPermissions struct {
 
 // CreateOrgOption options for creating an organization
 type CreateOrgOption struct {
+	// username of the organization
 	// required: true
 	UserName    string `json:"username" binding:"Required;Username;MaxSize(40)"`
 	FullName    string `json:"full_name" binding:"MaxSize(100)"`
diff --git a/modules/structs/package.go b/modules/structs/package.go
index a9a9429de2..1973f925a5 100644
--- a/modules/structs/package.go
+++ b/modules/structs/package.go
@@ -23,8 +23,8 @@ type Package struct {
 
 // PackageFile represents a package file
 type PackageFile struct {
-	ID         int64 `json:"id"`
-	Size       int64
+	ID         int64  `json:"id"`
+	Size       int64  `json:"size"`
 	Name       string `json:"name"`
 	HashMD5    string `json:"md5"`
 	HashSHA1   string `json:"sha1"`
diff --git a/modules/structs/release.go b/modules/structs/release.go
index c7378645c2..fac86ca7a2 100644
--- a/modules/structs/release.go
+++ b/modules/structs/release.go
@@ -33,6 +33,7 @@ type Release struct {
 type CreateReleaseOption struct {
 	// required: true
 	TagName      string `json:"tag_name" binding:"Required"`
+	TagMessage   string `json:"tag_message"`
 	Target       string `json:"target_commitish"`
 	Title        string `json:"name"`
 	Note         string `json:"body"`
diff --git a/modules/structs/repo.go b/modules/structs/repo.go
index fb784bd8b3..f2e11b1542 100644
--- a/modules/structs/repo.go
+++ b/modules/structs/repo.go
@@ -48,16 +48,17 @@ type ExternalWiki struct {
 
 // Repository represents a repository
 type Repository struct {
-	ID            int64       `json:"id"`
-	Owner         *User       `json:"owner"`
-	Name          string      `json:"name"`
-	FullName      string      `json:"full_name"`
-	Description   string      `json:"description"`
-	Empty         bool        `json:"empty"`
-	Private       bool        `json:"private"`
-	Fork          bool        `json:"fork"`
-	Template      bool        `json:"template"`
-	Parent        *Repository `json:"parent"`
+	ID          int64  `json:"id"`
+	Owner       *User  `json:"owner"`
+	Name        string `json:"name"`
+	FullName    string `json:"full_name"`
+	Description string `json:"description"`
+	Empty       bool   `json:"empty"`
+	Private     bool   `json:"private"`
+	Fork        bool   `json:"fork"`
+	Template    bool   `json:"template"`
+	// the original repository if this repository is a fork, otherwise null
+	Parent        *Repository `json:"parent,omitempty"`
 	Mirror        bool        `json:"mirror"`
 	Size          int         `json:"size"`
 	Language      string      `json:"language"`
@@ -101,6 +102,8 @@ type Repository struct {
 	AllowSquash                   bool             `json:"allow_squash_merge"`
 	AllowFastForwardOnly          bool             `json:"allow_fast_forward_only_merge"`
 	AllowRebaseUpdate             bool             `json:"allow_rebase_update"`
+	AllowManualMerge              bool             `json:"allow_manual_merge"`
+	AutodetectManualMerge         bool             `json:"autodetect_manual_merge"`
 	DefaultDeleteBranchAfterMerge bool             `json:"default_delete_branch_after_merge"`
 	DefaultMergeStyle             string           `json:"default_merge_style"`
 	DefaultAllowMaintainerEdit    bool             `json:"default_allow_maintainer_edit"`
@@ -111,8 +114,8 @@ type Repository struct {
 	// enum: sha1,sha256
 	ObjectFormatName string `json:"object_format_name"`
 	// swagger:strfmt date-time
-	MirrorUpdated time.Time     `json:"mirror_updated,omitempty"`
-	RepoTransfer  *RepoTransfer `json:"repo_transfer"`
+	MirrorUpdated time.Time     `json:"mirror_updated"`
+	RepoTransfer  *RepoTransfer `json:"repo_transfer,omitempty"`
 	Topics        []string      `json:"topics"`
 	Licenses      []string      `json:"licenses"`
 }
@@ -223,15 +226,13 @@ type EditRepoOption struct {
 	EnablePrune *bool `json:"enable_prune,omitempty"`
 }
 
-// GenerateRepoOption options when creating repository using a template
+// GenerateRepoOption options when creating a repository using a template
 // swagger:model
 type GenerateRepoOption struct {
-	// The organization or person who will own the new repository
+	// the organization's name or individual user's name who will own the new repository
 	//
 	// required: true
 	Owner string `json:"owner"`
-	// Name of the repository to create
-	//
 	// required: true
 	// unique: true
 	Name string `json:"name" binding:"Required;AlphaDashDot;MaxSize(100)"`
@@ -350,14 +351,14 @@ func (gt GitServiceType) Title() string {
 type MigrateRepoOptions struct {
 	// required: true
 	CloneAddr string `json:"clone_addr" binding:"Required"`
-	// deprecated (only for backwards compatibility)
+	// deprecated (only for backwards compatibility, use repo_owner instead)
 	RepoOwnerID int64 `json:"uid"`
-	// Name of User or Organisation who will own Repo after migration
+	// the organization's name or individual user's name who will own the migrated repository
 	RepoOwner string `json:"repo_owner"`
 	// required: true
 	RepoName string `json:"repo_name" binding:"Required;AlphaDashDot;MaxSize(100)"`
 
-	// enum: git,github,gitea,gitlab,gogs,onedev,gitbucket,codebase
+	// enum: git,github,gitea,gitlab,gogs,onedev,gitbucket,codebase,codecommit
 	Service      string `json:"service"`
 	AuthUsername string `json:"auth_username"`
 	AuthPassword string `json:"auth_password"`
diff --git a/modules/structs/repo_actions.go b/modules/structs/repo_actions.go
index 22409b4aff..ac1c288270 100644
--- a/modules/structs/repo_actions.go
+++ b/modules/structs/repo_actions.go
@@ -57,7 +57,7 @@ type ActionWorkflow struct {
 	HTMLURL   string    `json:"html_url"`
 	BadgeURL  string    `json:"badge_url"`
 	// swagger:strfmt date-time
-	DeletedAt time.Time `json:"deleted_at,omitempty"`
+	DeletedAt time.Time `json:"deleted_at"`
 }
 
 // ActionWorkflowResponse returns a ActionWorkflow
@@ -86,9 +86,39 @@ type ActionArtifact struct {
 
 // ActionWorkflowRun represents a WorkflowRun
 type ActionWorkflowRun struct {
-	ID           int64  `json:"id"`
-	RepositoryID int64  `json:"repository_id"`
-	HeadSha      string `json:"head_sha"`
+	ID             int64       `json:"id"`
+	URL            string      `json:"url"`
+	HTMLURL        string      `json:"html_url"`
+	DisplayTitle   string      `json:"display_title"`
+	Path           string      `json:"path"`
+	Event          string      `json:"event"`
+	RunAttempt     int64       `json:"run_attempt"`
+	RunNumber      int64       `json:"run_number"`
+	RepositoryID   int64       `json:"repository_id,omitempty"`
+	HeadSha        string      `json:"head_sha"`
+	HeadBranch     string      `json:"head_branch,omitempty"`
+	Status         string      `json:"status"`
+	Actor          *User       `json:"actor,omitempty"`
+	TriggerActor   *User       `json:"trigger_actor,omitempty"`
+	Repository     *Repository `json:"repository,omitempty"`
+	HeadRepository *Repository `json:"head_repository,omitempty"`
+	Conclusion     string      `json:"conclusion,omitempty"`
+	// swagger:strfmt date-time
+	StartedAt time.Time `json:"started_at"`
+	// swagger:strfmt date-time
+	CompletedAt time.Time `json:"completed_at"`
+}
+
+// ActionWorkflowRunsResponse returns ActionWorkflowRuns
+type ActionWorkflowRunsResponse struct {
+	Entries    []*ActionWorkflowRun `json:"workflow_runs"`
+	TotalCount int64                `json:"total_count"`
+}
+
+// ActionWorkflowJobsResponse returns ActionWorkflowJobs
+type ActionWorkflowJobsResponse struct {
+	Entries    []*ActionWorkflowJob `json:"jobs"`
+	TotalCount int64                `json:"total_count"`
 }
 
 // ActionArtifactsResponse returns ActionArtifacts
@@ -104,9 +134,9 @@ type ActionWorkflowStep struct {
 	Status     string `json:"status"`
 	Conclusion string `json:"conclusion,omitempty"`
 	// swagger:strfmt date-time
-	StartedAt time.Time `json:"started_at,omitempty"`
+	StartedAt time.Time `json:"started_at"`
 	// swagger:strfmt date-time
-	CompletedAt time.Time `json:"completed_at,omitempty"`
+	CompletedAt time.Time `json:"completed_at"`
 }
 
 // ActionWorkflowJob represents a WorkflowJob
@@ -129,7 +159,30 @@ type ActionWorkflowJob struct {
 	// swagger:strfmt date-time
 	CreatedAt time.Time `json:"created_at"`
 	// swagger:strfmt date-time
-	StartedAt time.Time `json:"started_at,omitempty"`
+	StartedAt time.Time `json:"started_at"`
 	// swagger:strfmt date-time
-	CompletedAt time.Time `json:"completed_at,omitempty"`
+	CompletedAt time.Time `json:"completed_at"`
+}
+
+// ActionRunnerLabel represents a Runner Label
+type ActionRunnerLabel struct {
+	ID   int64  `json:"id"`
+	Name string `json:"name"`
+	Type string `json:"type"`
+}
+
+// ActionRunner represents a Runner
+type ActionRunner struct {
+	ID        int64                `json:"id"`
+	Name      string               `json:"name"`
+	Status    string               `json:"status"`
+	Busy      bool                 `json:"busy"`
+	Ephemeral bool                 `json:"ephemeral"`
+	Labels    []*ActionRunnerLabel `json:"labels"`
+}
+
+// ActionRunnersResponse returns Runners
+type ActionRunnersResponse struct {
+	Entries    []*ActionRunner `json:"runners"`
+	TotalCount int64           `json:"total_count"`
 }
diff --git a/modules/structs/repo_branch.go b/modules/structs/repo_branch.go
index 55c98d60b9..5416f43b0d 100644
--- a/modules/structs/repo_branch.go
+++ b/modules/structs/repo_branch.go
@@ -136,6 +136,7 @@ type UpdateBranchProtectionPriories struct {
 
 type MergeUpstreamRequest struct {
 	Branch string `json:"branch"`
+	FfOnly bool   `json:"ff_only"`
 }
 
 type MergeUpstreamResponse struct {
diff --git a/modules/structs/repo_file.go b/modules/structs/repo_file.go
index 82bde96ab6..5a86db868b 100644
--- a/modules/structs/repo_file.go
+++ b/modules/structs/repo_file.go
@@ -4,6 +4,8 @@
 
 package structs
 
+import "time"
+
 // FileOptions options for all file APIs
 type FileOptions struct {
 	// message (optional) for the commit of this file. if not supplied, a default message will be used
@@ -20,6 +22,23 @@ type FileOptions struct {
 	Signoff bool `json:"signoff"`
 }
 
+type FileOptionsWithSHA struct {
+	FileOptions
+	// the blob ID (SHA) for the file that already exists, it is required for changing existing files
+	// required: true
+	SHA string `json:"sha" binding:"Required"`
+}
+
+func (f *FileOptions) GetFileOptions() *FileOptions {
+	return f
+}
+
+type FileOptionsInterface interface {
+	GetFileOptions() *FileOptions
+}
+
+var _ FileOptionsInterface = (*FileOptions)(nil)
+
 // CreateFileOptions options for creating files
 // Note: `author` and `committer` are optional (if only one is given, it will be used for the other, otherwise the authenticated user will be used)
 type CreateFileOptions struct {
@@ -29,29 +48,16 @@ type CreateFileOptions struct {
 	ContentBase64 string `json:"content"`
 }
 
-// Branch returns branch name
-func (o *CreateFileOptions) Branch() string {
-	return o.FileOptions.BranchName
-}
-
 // DeleteFileOptions options for deleting files (used for other File structs below)
 // Note: `author` and `committer` are optional (if only one is given, it will be used for the other, otherwise the authenticated user will be used)
 type DeleteFileOptions struct {
-	FileOptions
-	// sha is the SHA for the file that already exists
-	// required: true
-	SHA string `json:"sha" binding:"Required"`
-}
-
-// Branch returns branch name
-func (o *DeleteFileOptions) Branch() string {
-	return o.FileOptions.BranchName
+	FileOptionsWithSHA
 }
 
 // UpdateFileOptions options for updating files
 // Note: `author` and `committer` are optional (if only one is given, it will be used for the other, otherwise the authenticated user will be used)
 type UpdateFileOptions struct {
-	DeleteFileOptions
+	FileOptionsWithSHA
 	// content must be base64 encoded
 	// required: true
 	ContentBase64 string `json:"content"`
@@ -59,23 +65,21 @@ type UpdateFileOptions struct {
 	FromPath string `json:"from_path" binding:"MaxSize(500)"`
 }
 
-// Branch returns branch name
-func (o *UpdateFileOptions) Branch() string {
-	return o.FileOptions.BranchName
-}
+// FIXME: there is no LastCommitID in FileOptions, actually it should be an alternative to the SHA in ChangeFileOperation
 
 // ChangeFileOperation for creating, updating or deleting a file
 type ChangeFileOperation struct {
-	// indicates what to do with the file
+	// indicates what to do with the file: "create" for creating a new file, "update" for updating an existing file,
+	// "upload" for creating or updating a file, "rename" for renaming a file, and "delete" for deleting an existing file.
 	// required: true
-	// enum: create,update,delete
+	// enum: create,update,upload,rename,delete
 	Operation string `json:"operation" binding:"Required"`
 	// path to the existing or new file
 	// required: true
 	Path string `json:"path" binding:"Required;MaxSize(500)"`
-	// new or updated file content, must be base64 encoded
+	// new or updated file content, it must be base64 encoded
 	ContentBase64 string `json:"content"`
-	// sha is the SHA for the file that already exists, required for update or delete
+	// the blob ID (SHA) for the file that already exists, required for changing existing files
 	SHA string `json:"sha"`
 	// old path of the file to move
 	FromPath string `json:"from_path"`
@@ -90,20 +94,10 @@ type ChangeFilesOptions struct {
 	Files []*ChangeFileOperation `json:"files" binding:"Required"`
 }
 
-// Branch returns branch name
-func (o *ChangeFilesOptions) Branch() string {
-	return o.FileOptions.BranchName
-}
-
-// FileOptionInterface provides a unified interface for the different file options
-type FileOptionInterface interface {
-	Branch() string
-}
-
 // ApplyDiffPatchFileOptions options for applying a diff patch
 // Note: `author` and `committer` are optional (if only one is given, it will be used for the other, otherwise the authenticated user will be used)
 type ApplyDiffPatchFileOptions struct {
-	DeleteFileOptions
+	FileOptions
 	// required: true
 	Content string `json:"content"`
 }
@@ -115,12 +109,24 @@ type FileLinksResponse struct {
 	HTMLURL *string `json:"html"`
 }
 
+type ContentsExtResponse struct {
+	FileContents *ContentsResponse   `json:"file_contents,omitempty"`
+	DirContents  []*ContentsResponse `json:"dir_contents,omitempty"`
+}
+
 // ContentsResponse contains information about a repo's entry's (dir, file, symlink, submodule) metadata and content
 type ContentsResponse struct {
-	Name          string `json:"name"`
-	Path          string `json:"path"`
-	SHA           string `json:"sha"`
-	LastCommitSHA string `json:"last_commit_sha"`
+	Name string `json:"name"`
+	Path string `json:"path"`
+	SHA  string `json:"sha"`
+
+	LastCommitSHA *string `json:"last_commit_sha,omitempty"`
+	// swagger:strfmt date-time
+	LastCommitterDate *time.Time `json:"last_committer_date,omitempty"`
+	// swagger:strfmt date-time
+	LastAuthorDate    *time.Time `json:"last_author_date,omitempty"`
+	LastCommitMessage *string    `json:"last_commit_message,omitempty"`
+
 	// `type` will be `file`, `dir`, `symlink`, or `submodule`
 	Type string `json:"type"`
 	Size int64  `json:"size"`
@@ -137,6 +143,9 @@ type ContentsResponse struct {
 	// `submodule_git_url` is populated when `type` is `submodule`, otherwise null
 	SubmoduleGitURL *string            `json:"submodule_git_url"`
 	Links           *FileLinksResponse `json:"_links"`
+
+	LfsOid  *string `json:"lfs_oid,omitempty"`
+	LfsSize *int64  `json:"lfs_size,omitempty"`
 }
 
 // FileCommitResponse contains information generated from a Git commit for a repo's file.
@@ -170,3 +179,8 @@ type FileDeleteResponse struct {
 	Commit       *FileCommitResponse        `json:"commit"`
 	Verification *PayloadCommitVerification `json:"verification"`
 }
+
+// GetFilesOptions options for retrieving metadate and content of multiple files
+type GetFilesOptions struct {
+	Files []string `json:"files" binding:"Required"`
+}
diff --git a/modules/structs/repo_tag.go b/modules/structs/repo_tag.go
index 5722513f4f..bb8bfd10cb 100644
--- a/modules/structs/repo_tag.go
+++ b/modules/structs/repo_tag.go
@@ -11,8 +11,8 @@ type Tag struct {
 	Message    string      `json:"message"`
 	ID         string      `json:"id"`
 	Commit     *CommitMeta `json:"commit"`
-	ZipballURL string      `json:"zipball_url"`
-	TarballURL string      `json:"tarball_url"`
+	ZipballURL string      `json:"zipball_url,omitempty"`
+	TarballURL string      `json:"tarball_url,omitempty"`
 }
 
 // AnnotatedTag represents an annotated tag
diff --git a/modules/structs/settings.go b/modules/structs/settings.go
index e48b1a493d..59176210e6 100644
--- a/modules/structs/settings.go
+++ b/modules/structs/settings.go
@@ -26,6 +26,7 @@ type GeneralAPISettings struct {
 	DefaultPagingNum       int   `json:"default_paging_num"`
 	DefaultGitTreesPerPage int   `json:"default_git_trees_per_page"`
 	DefaultMaxBlobSize     int64 `json:"default_max_blob_size"`
+	DefaultMaxResponseSize int64 `json:"default_max_response_size"`
 }
 
 // GeneralAttachmentSettings contains global Attachment settings exposed by API
diff --git a/modules/structs/status.go b/modules/structs/status.go
index c1d8b902ec..a9779541ff 100644
--- a/modules/structs/status.go
+++ b/modules/structs/status.go
@@ -5,17 +5,19 @@ package structs
 
 import (
 	"time"
+
+	"code.gitea.io/gitea/modules/commitstatus"
 )
 
 // CommitStatus holds a single status of a single Commit
 type CommitStatus struct {
-	ID          int64             `json:"id"`
-	State       CommitStatusState `json:"status"`
-	TargetURL   string            `json:"target_url"`
-	Description string            `json:"description"`
-	URL         string            `json:"url"`
-	Context     string            `json:"context"`
-	Creator     *User             `json:"creator"`
+	ID          int64                          `json:"id"`
+	State       commitstatus.CommitStatusState `json:"status"`
+	TargetURL   string                         `json:"target_url"`
+	Description string                         `json:"description"`
+	URL         string                         `json:"url"`
+	Context     string                         `json:"context"`
+	Creator     *User                          `json:"creator"`
 	// swagger:strfmt date-time
 	Created time.Time `json:"created_at"`
 	// swagger:strfmt date-time
@@ -24,19 +26,19 @@ type CommitStatus struct {
 
 // CombinedStatus holds the combined state of several statuses for a single commit
 type CombinedStatus struct {
-	State      CommitStatusState `json:"state"`
-	SHA        string            `json:"sha"`
-	TotalCount int               `json:"total_count"`
-	Statuses   []*CommitStatus   `json:"statuses"`
-	Repository *Repository       `json:"repository"`
-	CommitURL  string            `json:"commit_url"`
-	URL        string            `json:"url"`
+	State      commitstatus.CommitStatusState `json:"state"`
+	SHA        string                         `json:"sha"`
+	TotalCount int                            `json:"total_count"`
+	Statuses   []*CommitStatus                `json:"statuses"`
+	Repository *Repository                    `json:"repository"`
+	CommitURL  string                         `json:"commit_url"`
+	URL        string                         `json:"url"`
 }
 
 // CreateStatusOption holds the information needed to create a new CommitStatus for a Commit
 type CreateStatusOption struct {
-	State       CommitStatusState `json:"state"`
-	TargetURL   string            `json:"target_url"`
-	Description string            `json:"description"`
-	Context     string            `json:"context"`
+	State       commitstatus.CommitStatusState `json:"state"`
+	TargetURL   string                         `json:"target_url"`
+	Description string                         `json:"description"`
+	Context     string                         `json:"context"`
 }
diff --git a/modules/structs/user.go b/modules/structs/user.go
index 5ed677f239..89349cda2c 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -15,9 +15,9 @@ import (
 type User struct {
 	// the user's id
 	ID int64 `json:"id"`
-	// the user's username
+	// login of the user, same as `username`
 	UserName string `json:"login"`
-	// the user's authentication sign-in name.
+	// identifier of the user, provided by the external authenticator (if configured)
 	// default: empty
 	LoginName string `json:"login_name"`
 	// The ID of the user's Authentication Source
@@ -35,9 +35,9 @@ type User struct {
 	// Is the user an administrator
 	IsAdmin bool `json:"is_admin"`
 	// swagger:strfmt date-time
-	LastLogin time.Time `json:"last_login,omitempty"`
+	LastLogin time.Time `json:"last_login"`
 	// swagger:strfmt date-time
-	Created time.Time `json:"created,omitempty"`
+	Created time.Time `json:"created"`
 	// Is user restricted
 	Restricted bool `json:"restricted"`
 	// Is user active
diff --git a/modules/structs/user_app.go b/modules/structs/user_app.go
index a7d2e28b41..15811ceb66 100644
--- a/modules/structs/user_app.go
+++ b/modules/structs/user_app.go
@@ -11,11 +11,13 @@ import (
 // AccessToken represents an API access token.
 // swagger:response AccessToken
 type AccessToken struct {
-	ID             int64    `json:"id"`
-	Name           string   `json:"name"`
-	Token          string   `json:"sha1"`
-	TokenLastEight string   `json:"token_last_eight"`
-	Scopes         []string `json:"scopes"`
+	ID             int64     `json:"id"`
+	Name           string    `json:"name"`
+	Token          string    `json:"sha1"`
+	TokenLastEight string    `json:"token_last_eight"`
+	Scopes         []string  `json:"scopes"`
+	Created        time.Time `json:"created_at"`
+	Updated        time.Time `json:"last_used_at"`
 }
 
 // AccessTokenList represents a list of API access token.
@@ -23,9 +25,11 @@ type AccessToken struct {
 type AccessTokenList []*AccessToken
 
 // CreateAccessTokenOption options when create access token
+// swagger:model CreateAccessTokenOption
 type CreateAccessTokenOption struct {
 	// required: true
-	Name   string   `json:"name" binding:"Required"`
+	Name string `json:"name" binding:"Required"`
+	// example: ["all", "read:activitypub","read:issue", "write:misc", "read:notification", "read:organization", "read:package", "read:repository", "read:user"]
 	Scopes []string `json:"scopes"`
 }
 
diff --git a/modules/structs/user_email.go b/modules/structs/user_email.go
index 9319667e8f..01895a0058 100644
--- a/modules/structs/user_email.go
+++ b/modules/structs/user_email.go
@@ -11,6 +11,7 @@ type Email struct {
 	Verified bool   `json:"verified"`
 	Primary  bool   `json:"primary"`
 	UserID   int64  `json:"user_id"`
+	// username of the user
 	UserName string `json:"username"`
 }
 
diff --git a/modules/structs/user_gpgkey.go b/modules/structs/user_gpgkey.go
index ff9b0aea1d..deae70de33 100644
--- a/modules/structs/user_gpgkey.go
+++ b/modules/structs/user_gpgkey.go
@@ -21,9 +21,9 @@ type GPGKey struct {
 	CanCertify        bool           `json:"can_certify"`
 	Verified          bool           `json:"verified"`
 	// swagger:strfmt date-time
-	Created time.Time `json:"created_at,omitempty"`
+	Created time.Time `json:"created_at"`
 	// swagger:strfmt date-time
-	Expires time.Time `json:"expires_at,omitempty"`
+	Expires time.Time `json:"expires_at"`
 }
 
 // GPGKeyEmail an email attached to a GPGKey
diff --git a/modules/structs/user_key.go b/modules/structs/user_key.go
index 08eed59a89..16225a852a 100644
--- a/modules/structs/user_key.go
+++ b/modules/structs/user_key.go
@@ -15,7 +15,8 @@ type PublicKey struct {
 	Title       string `json:"title,omitempty"`
 	Fingerprint string `json:"fingerprint,omitempty"`
 	// swagger:strfmt date-time
-	Created  time.Time `json:"created_at,omitempty"`
+	Created  time.Time `json:"created_at"`
+	Updated  time.Time `json:"last_used_at"`
 	Owner    *User     `json:"user,omitempty"`
 	ReadOnly bool      `json:"read_only,omitempty"`
 	KeyType  string    `json:"key_type,omitempty"`
diff --git a/modules/system/appstate_test.go b/modules/system/appstate_test.go
index 911319d00a..b5c057cf88 100644
--- a/modules/system/appstate_test.go
+++ b/modules/system/appstate_test.go
@@ -38,8 +38,8 @@ func TestAppStateDB(t *testing.T) {
 
 	item1 := new(testItem1)
 	assert.NoError(t, as.Get(db.DefaultContext, item1))
-	assert.Equal(t, "", item1.Val1)
-	assert.EqualValues(t, 0, item1.Val2)
+	assert.Empty(t, item1.Val1)
+	assert.Equal(t, 0, item1.Val2)
 
 	item1 = new(testItem1)
 	item1.Val1 = "a"
@@ -53,7 +53,7 @@ func TestAppStateDB(t *testing.T) {
 	item1 = new(testItem1)
 	assert.NoError(t, as.Get(db.DefaultContext, item1))
 	assert.Equal(t, "a", item1.Val1)
-	assert.EqualValues(t, 2, item1.Val2)
+	assert.Equal(t, 2, item1.Val2)
 
 	item2 = new(testItem2)
 	assert.NoError(t, as.Get(db.DefaultContext, item2))
diff --git a/modules/tempdir/tempdir.go b/modules/tempdir/tempdir.go
new file mode 100644
index 0000000000..22c2e4ea16
--- /dev/null
+++ b/modules/tempdir/tempdir.go
@@ -0,0 +1,112 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package tempdir
+
+import (
+	"os"
+	"path/filepath"
+	"time"
+
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
+)
+
+type TempDir struct {
+	// base is the base directory for temporary files, it must exist before accessing and won't be created automatically.
+	// for example: base="/system-tmpdir", sub="gitea-tmp"
+	base, sub string
+}
+
+func (td *TempDir) JoinPath(elems ...string) string {
+	return filepath.Join(append([]string{td.base, td.sub}, elems...)...)
+}
+
+// MkdirAllSub works like os.MkdirAll, but the base directory must exist
+func (td *TempDir) MkdirAllSub(dir string) (string, error) {
+	if _, err := os.Stat(td.base); err != nil {
+		return "", err
+	}
+	full := filepath.Join(td.base, td.sub, dir)
+	if err := os.MkdirAll(full, os.ModePerm); err != nil {
+		return "", err
+	}
+	return full, nil
+}
+
+func (td *TempDir) prepareDirWithPattern(elems ...string) (dir, pattern string, err error) {
+	if _, err = os.Stat(td.base); err != nil {
+		return "", "", err
+	}
+	dir, pattern = filepath.Split(filepath.Join(append([]string{td.base, td.sub}, elems...)...))
+	if err = os.MkdirAll(dir, os.ModePerm); err != nil {
+		return "", "", err
+	}
+	return dir, pattern, nil
+}
+
+// MkdirTempRandom works like os.MkdirTemp, the last path field is the "pattern"
+func (td *TempDir) MkdirTempRandom(elems ...string) (string, func(), error) {
+	dir, pattern, err := td.prepareDirWithPattern(elems...)
+	if err != nil {
+		return "", nil, err
+	}
+	dir, err = os.MkdirTemp(dir, pattern)
+	if err != nil {
+		return "", nil, err
+	}
+	return dir, func() {
+		if err := util.RemoveAll(dir); err != nil {
+			log.Error("Failed to remove temp directory %s: %v", dir, err)
+		}
+	}, nil
+}
+
+// CreateTempFileRandom works like os.CreateTemp, the last path field is the "pattern"
+func (td *TempDir) CreateTempFileRandom(elems ...string) (*os.File, func(), error) {
+	dir, pattern, err := td.prepareDirWithPattern(elems...)
+	if err != nil {
+		return nil, nil, err
+	}
+	f, err := os.CreateTemp(dir, pattern)
+	if err != nil {
+		return nil, nil, err
+	}
+	filename := f.Name()
+	return f, func() {
+		_ = f.Close()
+		if err := util.Remove(filename); err != nil {
+			log.Error("Unable to remove temporary file: %s: Error: %v", filename, err)
+		}
+	}, err
+}
+
+func (td *TempDir) RemoveOutdated(d time.Duration) {
+	var remove func(path string)
+	remove = func(path string) {
+		entries, _ := os.ReadDir(path)
+		for _, entry := range entries {
+			full := filepath.Join(path, entry.Name())
+			if entry.IsDir() {
+				remove(full)
+				_ = os.Remove(full)
+				continue
+			}
+			info, err := entry.Info()
+			if err == nil && time.Since(info.ModTime()) > d {
+				_ = os.Remove(full)
+			}
+		}
+	}
+	remove(td.JoinPath(""))
+}
+
+// New create a new TempDir instance, "base" must be an existing directory,
+// "sub" could be a multi-level directory and will be created if not exist
+func New(base, sub string) *TempDir {
+	return &TempDir{base: base, sub: sub}
+}
+
+func OsTempDir(sub string) *TempDir {
+	return New(os.TempDir(), sub)
+}
diff --git a/modules/tempdir/tempdir_test.go b/modules/tempdir/tempdir_test.go
new file mode 100644
index 0000000000..d6afcb7bed
--- /dev/null
+++ b/modules/tempdir/tempdir_test.go
@@ -0,0 +1,75 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package tempdir
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestTempDir(t *testing.T) {
+	base := t.TempDir()
+
+	t.Run("Create", func(t *testing.T) {
+		td := New(base, "sub1/sub2") // make sure the sub dir supports "/" in the path
+		assert.Equal(t, filepath.Join(base, "sub1", "sub2"), td.JoinPath())
+		assert.Equal(t, filepath.Join(base, "sub1", "sub2/test"), td.JoinPath("test"))
+
+		t.Run("MkdirTempRandom", func(t *testing.T) {
+			s, cleanup, err := td.MkdirTempRandom("foo")
+			assert.NoError(t, err)
+			assert.True(t, strings.HasPrefix(s, filepath.Join(base, "sub1/sub2", "foo")))
+
+			_, err = os.Stat(s)
+			assert.NoError(t, err)
+			cleanup()
+			_, err = os.Stat(s)
+			assert.ErrorIs(t, err, os.ErrNotExist)
+		})
+
+		t.Run("CreateTempFileRandom", func(t *testing.T) {
+			f, cleanup, err := td.CreateTempFileRandom("foo", "bar")
+			filename := f.Name()
+			assert.NoError(t, err)
+			assert.True(t, strings.HasPrefix(filename, filepath.Join(base, "sub1/sub2", "foo", "bar")))
+			_, err = os.Stat(filename)
+			assert.NoError(t, err)
+			cleanup()
+			_, err = os.Stat(filename)
+			assert.ErrorIs(t, err, os.ErrNotExist)
+		})
+
+		t.Run("RemoveOutDated", func(t *testing.T) {
+			fa1, _, err := td.CreateTempFileRandom("dir-a", "f1")
+			assert.NoError(t, err)
+			fa2, _, err := td.CreateTempFileRandom("dir-a", "f2")
+			assert.NoError(t, err)
+			_ = os.Chtimes(fa2.Name(), time.Now().Add(-time.Hour), time.Now().Add(-time.Hour))
+			fb1, _, err := td.CreateTempFileRandom("dir-b", "f1")
+			assert.NoError(t, err)
+			_ = os.Chtimes(fb1.Name(), time.Now().Add(-time.Hour), time.Now().Add(-time.Hour))
+			_, _, _ = fa1.Close(), fa2.Close(), fb1.Close()
+
+			td.RemoveOutdated(time.Minute)
+
+			_, err = os.Stat(fa1.Name())
+			assert.NoError(t, err)
+			_, err = os.Stat(fa2.Name())
+			assert.ErrorIs(t, err, os.ErrNotExist)
+			_, err = os.Stat(fb1.Name())
+			assert.ErrorIs(t, err, os.ErrNotExist)
+		})
+	})
+
+	t.Run("BaseNotExist", func(t *testing.T) {
+		td := New(filepath.Join(base, "not-exist"), "sub")
+		_, _, err := td.MkdirTempRandom("foo")
+		assert.ErrorIs(t, err, os.ErrNotExist)
+	})
+}
diff --git a/modules/templates/eval/eval_test.go b/modules/templates/eval/eval_test.go
index c9e514b5eb..f956f6cbdf 100644
--- a/modules/templates/eval/eval_test.go
+++ b/modules/templates/eval/eval_test.go
@@ -12,7 +12,7 @@ import (
 )
 
 func tokens(s string) (a []any) {
-	for _, v := range strings.Fields(s) {
+	for v := range strings.FieldsSeq(s) {
 		a = append(a, v)
 	}
 	return a
diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index 3237f8b295..e454bce4bd 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -6,9 +6,9 @@ package templates
 
 import (
 	"fmt"
-	"html"
 	"html/template"
 	"net/url"
+	"strconv"
 	"strings"
 	"time"
 
@@ -37,12 +37,9 @@ func NewFuncMap() template.FuncMap {
 		"dict":         dict, // it's lowercase because this name has been widely used. Our other functions should have uppercase names.
 		"Iif":          iif,
 		"Eval":         evalTokens,
-		"SafeHTML":     safeHTML,
 		"HTMLFormat":   htmlFormat,
-		"HTMLEscape":   htmlEscape,
 		"QueryEscape":  queryEscape,
 		"QueryBuild":   QueryBuild,
-		"JSEscape":     jsEscapeSafe,
 		"SanitizeHTML": SanitizeHTML,
 		"URLJoin":      util.URLJoin,
 		"DotEscape":    dotEscape,
@@ -73,7 +70,7 @@ func NewFuncMap() template.FuncMap {
 		"TimeEstimateString": timeEstimateString,
 
 		"LoadTimes": func(startTime time.Time) string {
-			return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms"
+			return strconv.FormatInt(time.Since(startTime).Nanoseconds()/1e6, 10) + "ms"
 		},
 
 		// -----------------------------------------------------------------
@@ -161,49 +158,12 @@ func NewFuncMap() template.FuncMap {
 
 		"FilenameIsImage": filenameIsImage,
 		"TabSizeClass":    tabSizeClass,
-
-		// for backward compatibility only, do not use them anymore
-		"TimeSince":     timeSinceLegacy,
-		"TimeSinceUnix": timeSinceLegacy,
-		"DateTime":      dateTimeLegacy,
-
-		"RenderEmoji":      renderEmojiLegacy,
-		"RenderLabel":      renderLabelLegacy,
-		"RenderLabels":     renderLabelsLegacy,
-		"RenderIssueTitle": renderIssueTitleLegacy,
-
-		"RenderMarkdownToHtml": renderMarkdownToHtmlLegacy,
-
-		"RenderCommitMessage":            renderCommitMessageLegacy,
-		"RenderCommitMessageLinkSubject": renderCommitMessageLinkSubjectLegacy,
-		"RenderCommitBody":               renderCommitBodyLegacy,
 	}
 }
 
-// safeHTML render raw as HTML
-func safeHTML(s any) template.HTML {
-	switch v := s.(type) {
-	case string:
-		return template.HTML(v)
-	case template.HTML:
-		return v
-	}
-	panic(fmt.Sprintf("unexpected type %T", s))
-}
-
-// SanitizeHTML sanitizes the input by pre-defined markdown rules
+// SanitizeHTML sanitizes the input by default sanitization rules.
 func SanitizeHTML(s string) template.HTML {
-	return template.HTML(markup.Sanitize(s))
-}
-
-func htmlEscape(s any) template.HTML {
-	switch v := s.(type) {
-	case string:
-		return template.HTML(html.EscapeString(v))
-	case template.HTML:
-		return v
-	}
-	panic(fmt.Sprintf("unexpected type %T", s))
+	return markup.Sanitize(s)
 }
 
 func htmlFormat(s any, args ...any) template.HTML {
@@ -220,10 +180,6 @@ func htmlFormat(s any, args ...any) template.HTML {
 	panic(fmt.Sprintf("unexpected type %T", s))
 }
 
-func jsEscapeSafe(s string) template.HTML {
-	return template.HTML(template.JSEscapeString(s))
-}
-
 func queryEscape(s string) template.URL {
 	return template.URL(url.QueryEscape(s))
 }
@@ -366,7 +322,3 @@ func QueryBuild(a ...any) template.URL {
 	}
 	return template.URL(s)
 }
-
-func panicIfDevOrTesting() {
-	setting.PanicInDevOrTesting("legacy template functions are for backward compatibility only, do not use them in new code")
-}
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go
index 5d7bc93622..7e3a952e7b 100644
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -15,7 +15,7 @@ import (
 
 func TestSubjectBodySeparator(t *testing.T) {
 	test := func(input, subject, body string) {
-		loc := mailSubjectSplit.FindIndex([]byte(input))
+		loc := mailSubjectSplit.FindStringIndex(input)
 		if loc == nil {
 			assert.Empty(t, subject, "no subject found, but one expected")
 			assert.Equal(t, body, input)
@@ -57,10 +57,6 @@ func TestSubjectBodySeparator(t *testing.T) {
 		"Insufficient\n--\nSeparators")
 }
 
-func TestJSEscapeSafe(t *testing.T) {
-	assert.EqualValues(t, `\u0026\u003C\u003E\'\"`, jsEscapeSafe(`&<>'"`))
-}
-
 func TestSanitizeHTML(t *testing.T) {
 	assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
 }
@@ -120,8 +116,8 @@ func TestTemplateEscape(t *testing.T) {
 
 func TestQueryBuild(t *testing.T) {
 	t.Run("construct", func(t *testing.T) {
-		assert.Equal(t, "", string(QueryBuild()))
-		assert.Equal(t, "", string(QueryBuild("a", nil, "b", false, "c", 0, "d", "")))
+		assert.Empty(t, string(QueryBuild()))
+		assert.Empty(t, string(QueryBuild("a", nil, "b", false, "c", 0, "d", "")))
 		assert.Equal(t, "a=1&b=true", string(QueryBuild("a", 1, "b", "true")))
 
 		// path with query parameters
@@ -136,9 +132,9 @@ func TestQueryBuild(t *testing.T) {
 
 		// only query parameters
 		assert.Equal(t, "&k=1", string(QueryBuild("&", "k", 1)))
-		assert.Equal(t, "", string(QueryBuild("&", "k", 0)))
-		assert.Equal(t, "", string(QueryBuild("&k=a", "k", 0)))
-		assert.Equal(t, "", string(QueryBuild("k=a&", "k", 0)))
+		assert.Empty(t, string(QueryBuild("&", "k", 0)))
+		assert.Empty(t, string(QueryBuild("&k=a", "k", 0)))
+		assert.Empty(t, string(QueryBuild("k=a&", "k", 0)))
 		assert.Equal(t, "a=1&b=2", string(QueryBuild("a=1", "b", 2)))
 		assert.Equal(t, "&a=1&b=2", string(QueryBuild("&a=1", "b", 2)))
 		assert.Equal(t, "a=1&b=2&", string(QueryBuild("a=1&", "b", 2)))
diff --git a/modules/templates/htmlrenderer.go b/modules/templates/htmlrenderer.go
index 529284f7e8..8073a6e5f5 100644
--- a/modules/templates/htmlrenderer.go
+++ b/modules/templates/htmlrenderer.go
@@ -42,7 +42,7 @@ var (
 
 var ErrTemplateNotInitialized = errors.New("template system is not initialized, check your log for errors")
 
-func (h *HTMLRender) HTML(w io.Writer, status int, tplName TplName, data any, ctx context.Context) error { //nolint:revive
+func (h *HTMLRender) HTML(w io.Writer, status int, tplName TplName, data any, ctx context.Context) error { //nolint:revive // we don't use ctx, only pass it to the template executor
 	name := string(tplName)
 	if respWriter, ok := w.(http.ResponseWriter); ok {
 		if respWriter.Header().Get("Content-Type") == "" {
@@ -57,7 +57,7 @@ func (h *HTMLRender) HTML(w io.Writer, status int, tplName TplName, data any, ct
 	return t.Execute(w, data)
 }
 
-func (h *HTMLRender) TemplateLookup(name string, ctx context.Context) (TemplateExecutor, error) { //nolint:revive
+func (h *HTMLRender) TemplateLookup(name string, ctx context.Context) (TemplateExecutor, error) { //nolint:revive // we don't use ctx, only pass it to the template executor
 	tmpls := h.templates.Load()
 	if tmpls == nil {
 		return nil, ErrTemplateNotInitialized
@@ -251,7 +251,7 @@ func extractErrorLine(code []byte, lineNum, posNum int, target string) string {
 	b := bufio.NewReader(bytes.NewReader(code))
 	var line []byte
 	var err error
-	for i := 0; i < lineNum; i++ {
+	for i := range lineNum {
 		if line, err = b.ReadBytes('\n'); err != nil {
 			if i == lineNum-1 && errors.Is(err, io.EOF) {
 				err = nil
diff --git a/modules/templates/htmlrenderer_test.go b/modules/templates/htmlrenderer_test.go
index 2a74b74c23..e8b01c30fe 100644
--- a/modules/templates/htmlrenderer_test.go
+++ b/modules/templates/htmlrenderer_test.go
@@ -65,7 +65,7 @@ func TestHandleError(t *testing.T) {
 		_, err = tmpl.Parse(s)
 		assert.Error(t, err)
 		msg := h(err)
-		assert.EqualValues(t, strings.TrimSpace(expect), strings.TrimSpace(msg))
+		assert.Equal(t, strings.TrimSpace(expect), strings.TrimSpace(msg))
 	}
 
 	test("{{", p.handleGenericTemplateError, `
@@ -102,5 +102,5 @@ god knows XXX
 ----------------------------------------------------------------------
 `
 	actualMsg := p.handleExpectedEndError(errors.New("template: test:1: expected end; found XXX"))
-	assert.EqualValues(t, strings.TrimSpace(expectedMsg), strings.TrimSpace(actualMsg))
+	assert.Equal(t, strings.TrimSpace(expectedMsg), strings.TrimSpace(actualMsg))
 }
diff --git a/modules/templates/mailer.go b/modules/templates/mailer.go
index 310d645328..c43b760777 100644
--- a/modules/templates/mailer.go
+++ b/modules/templates/mailer.go
@@ -9,6 +9,7 @@ import (
 	"html/template"
 	"regexp"
 	"strings"
+	"sync/atomic"
 	texttmpl "text/template"
 
 	"code.gitea.io/gitea/modules/log"
@@ -16,6 +17,12 @@ import (
 	"code.gitea.io/gitea/modules/util"
 )
 
+type MailTemplates struct {
+	TemplateNames    []string
+	BodyTemplates    *template.Template
+	SubjectTemplates *texttmpl.Template
+}
+
 var mailSubjectSplit = regexp.MustCompile(`(?m)^-{3,}\s*$`)
 
 // mailSubjectTextFuncMap returns functions for injecting to text templates, it's only used for mail subject
@@ -52,16 +59,17 @@ func buildSubjectBodyTemplate(stpl *texttmpl.Template, btpl *template.Template,
 	return nil
 }
 
-// Mailer provides the templates required for sending notification mails.
-func Mailer(ctx context.Context) (*texttmpl.Template, *template.Template) {
-	subjectTemplates := texttmpl.New("")
-	bodyTemplates := template.New("")
-
-	subjectTemplates.Funcs(mailSubjectTextFuncMap())
-	bodyTemplates.Funcs(NewFuncMap())
-
+// LoadMailTemplates provides the templates required for sending notification mails.
+func LoadMailTemplates(ctx context.Context, loadedTemplates *atomic.Pointer[MailTemplates]) {
 	assetFS := AssetFS()
 	refreshTemplates := func(firstRun bool) {
+		var templateNames []string
+		subjectTemplates := texttmpl.New("")
+		bodyTemplates := template.New("")
+
+		subjectTemplates.Funcs(mailSubjectTextFuncMap())
+		bodyTemplates.Funcs(NewFuncMap())
+
 		if !firstRun {
 			log.Trace("Reloading mail templates")
 		}
@@ -81,6 +89,7 @@ func Mailer(ctx context.Context) (*texttmpl.Template, *template.Template) {
 			if firstRun {
 				log.Trace("Adding mail template %s: %s by %s", tmplName, assetPath, layerName)
 			}
+			templateNames = append(templateNames, tmplName)
 			if err = buildSubjectBodyTemplate(subjectTemplates, bodyTemplates, tmplName, content); err != nil {
 				if firstRun {
 					log.Fatal("Failed to parse mail template, err: %v", err)
@@ -88,6 +97,12 @@ func Mailer(ctx context.Context) (*texttmpl.Template, *template.Template) {
 				log.Error("Failed to parse mail template, err: %v", err)
 			}
 		}
+		loaded := &MailTemplates{
+			TemplateNames:    templateNames,
+			BodyTemplates:    bodyTemplates,
+			SubjectTemplates: subjectTemplates,
+		}
+		loadedTemplates.Store(loaded)
 	}
 
 	refreshTemplates(true)
@@ -99,6 +114,4 @@ func Mailer(ctx context.Context) (*texttmpl.Template, *template.Template) {
 			refreshTemplates(false)
 		})
 	}
-
-	return subjectTemplates, bodyTemplates
 }
diff --git a/modules/templates/scopedtmpl/scopedtmpl.go b/modules/templates/scopedtmpl/scopedtmpl.go
index 2722ba97a2..34e8b9ad70 100644
--- a/modules/templates/scopedtmpl/scopedtmpl.go
+++ b/modules/templates/scopedtmpl/scopedtmpl.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"html/template"
 	"io"
+	"maps"
 	"reflect"
 	"sync"
 	texttemplate "text/template"
@@ -40,9 +41,7 @@ func (t *ScopedTemplate) Funcs(funcMap template.FuncMap) {
 		panic("cannot add new functions to frozen template set")
 	}
 	t.all.Funcs(funcMap)
-	for k, v := range funcMap {
-		t.parseFuncs[k] = v
-	}
+	maps.Copy(t.parseFuncs, funcMap)
 }
 
 func (t *ScopedTemplate) New(name string) *template.Template {
@@ -103,31 +102,28 @@ func escapeTemplate(t *template.Template) error {
 	return nil
 }
 
-//nolint:unused
 type htmlTemplate struct {
-	escapeErr error
-	text      *texttemplate.Template
+	_/*escapeErr*/ error
+	text *texttemplate.Template
 }
 
-//nolint:unused
 type textTemplateCommon struct {
-	tmpl   map[string]*template.Template // Map from name to defined templates.
-	muTmpl sync.RWMutex                  // protects tmpl
-	option struct {
+	_/*tmpl*/ map[string]*template.Template
+	_/*muTmpl*/ sync.RWMutex
+	_/*option*/ struct {
 		missingKey int
 	}
-	muFuncs    sync.RWMutex // protects parseFuncs and execFuncs
-	parseFuncs texttemplate.FuncMap
-	execFuncs  map[string]reflect.Value
+	muFuncs sync.RWMutex
+	_/*parseFuncs*/ texttemplate.FuncMap
+	execFuncs map[string]reflect.Value
 }
 
-//nolint:unused
 type textTemplate struct {
-	name string
+	_/*name*/ string
 	*parse.Tree
 	*textTemplateCommon
-	leftDelim  string
-	rightDelim string
+	_/*leftDelim*/ string
+	_/*rightDelim*/ string
 }
 
 func ptr[T, P any](ptr *P) *T {
@@ -159,9 +155,7 @@ func newScopedTemplateSet(all *template.Template, name string) (*scopedTemplateS
 
 	textTmplPtr.muFuncs.Lock()
 	ts.execFuncs = map[string]reflect.Value{}
-	for k, v := range textTmplPtr.execFuncs {
-		ts.execFuncs[k] = v
-	}
+	maps.Copy(ts.execFuncs, textTmplPtr.execFuncs)
 	textTmplPtr.muFuncs.Unlock()
 
 	var collectTemplates func(nodes []parse.Node)
@@ -220,9 +214,7 @@ func (ts *scopedTemplateSet) newExecutor(funcMap map[string]any) TemplateExecuto
 	tmpl := texttemplate.New("")
 	tmplPtr := ptr[textTemplate](tmpl)
 	tmplPtr.execFuncs = map[string]reflect.Value{}
-	for k, v := range ts.execFuncs {
-		tmplPtr.execFuncs[k] = v
-	}
+	maps.Copy(tmplPtr.execFuncs, ts.execFuncs)
 	if funcMap != nil {
 		tmpl.Funcs(funcMap)
 	}
diff --git a/modules/templates/static.go b/modules/templates/static.go
deleted file mode 100644
index b5a7e561ec..0000000000
--- a/modules/templates/static.go
+++ /dev/null
@@ -1,22 +0,0 @@
-// Copyright 2016 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-//go:build bindata
-
-package templates
-
-import (
-	"time"
-
-	"code.gitea.io/gitea/modules/assetfs"
-	"code.gitea.io/gitea/modules/timeutil"
-)
-
-// GlobalModTime provide a global mod time for embedded asset files
-func GlobalModTime(filename string) time.Time {
-	return timeutil.GetExecutableModTime()
-}
-
-func BuiltinAssets() *assetfs.Layer {
-	return assetfs.Bindata("builtin(bindata)", Assets)
-}
diff --git a/modules/templates/templates_bindata.go b/modules/templates/templates_bindata.go
index 6f1d3cf539..a919591ecf 100644
--- a/modules/templates/templates_bindata.go
+++ b/modules/templates/templates_bindata.go
@@ -3,6 +3,21 @@
 
 //go:build bindata
 
+//go:generate go run ../../build/generate-bindata.go ../../templates bindata.dat
+
 package templates
 
-//go:generate go run ../../build/generate-bindata.go ../../templates templates bindata.go true
+import (
+	"sync"
+
+	_ "embed"
+
+	"code.gitea.io/gitea/modules/assetfs"
+)
+
+//go:embed bindata.dat
+var bindata []byte
+
+var BuiltinAssets = sync.OnceValue(func() *assetfs.Layer {
+	return assetfs.Bindata("builtin(bindata)", assetfs.NewEmbeddedFS(bindata))
+})
diff --git a/modules/templates/dynamic.go b/modules/templates/templates_dynamic.go
index e1babd83c9..e1babd83c9 100644
--- a/modules/templates/dynamic.go
+++ b/modules/templates/templates_dynamic.go
diff --git a/modules/templates/util_avatar.go b/modules/templates/util_avatar.go
index f7dd408ee2..ee9994ab0b 100644
--- a/modules/templates/util_avatar.go
+++ b/modules/templates/util_avatar.go
@@ -5,9 +5,9 @@ package templates
 
 import (
 	"context"
-	"fmt"
 	"html"
 	"html/template"
+	"strconv"
 
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/avatars"
@@ -28,13 +28,14 @@ func NewAvatarUtils(ctx context.Context) *AvatarUtils {
 
 // AvatarHTML creates the HTML for an avatar
 func AvatarHTML(src string, size int, class, name string) template.HTML {
-	sizeStr := fmt.Sprintf(`%d`, size)
+	sizeStr := strconv.Itoa(size)
 
 	if name == "" {
 		name = "avatar"
 	}
 
-	return template.HTML(`<img loading="lazy" class="` + class + `" src="` + src + `" title="` + html.EscapeString(name) + `" width="` + sizeStr + `" height="` + sizeStr + `"/>`)
+	// use empty alt, otherwise if the image fails to load, the width will follow the "alt" text's width
+	return template.HTML(`<img loading="lazy" alt class="` + class + `" src="` + src + `" title="` + html.EscapeString(name) + `" width="` + sizeStr + `" height="` + sizeStr + `"/>`)
 }
 
 // Avatar renders user avatars. args: user, size (int), class (string)
diff --git a/modules/templates/util_date.go b/modules/templates/util_date.go
index 658691ee40..fc3f3f2339 100644
--- a/modules/templates/util_date.go
+++ b/modules/templates/util_date.go
@@ -99,7 +99,7 @@ func dateTimeFormat(format string, datetime any) template.HTML {
 		attrs = append(attrs, `format="datetime"`, `month="short"`, `day="numeric"`, `hour="numeric"`, `minute="numeric"`, `second="numeric"`, `data-tooltip-content`, `data-tooltip-interactive="true"`)
 		return template.HTML(fmt.Sprintf(`<relative-time %s datetime="%s">%s</relative-time>`, strings.Join(attrs, " "), datetimeEscaped, textEscaped))
 	default:
-		panic(fmt.Sprintf("Unsupported format %s", format))
+		panic("Unsupported format " + format)
 	}
 }
 
diff --git a/modules/templates/util_date_legacy.go b/modules/templates/util_date_legacy.go
deleted file mode 100644
index ceefb00447..0000000000
--- a/modules/templates/util_date_legacy.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package templates
-
-import (
-	"html/template"
-
-	"code.gitea.io/gitea/modules/translation"
-)
-
-func dateTimeLegacy(format string, datetime any, _ ...string) template.HTML {
-	panicIfDevOrTesting()
-	if s, ok := datetime.(string); ok {
-		datetime = parseLegacy(s)
-	}
-	return dateTimeFormat(format, datetime)
-}
-
-func timeSinceLegacy(time any, _ translation.Locale) template.HTML {
-	panicIfDevOrTesting()
-	return TimeSince(time)
-}
diff --git a/modules/templates/util_date_test.go b/modules/templates/util_date_test.go
index f3a2409a9f..2c1f2d242e 100644
--- a/modules/templates/util_date_test.go
+++ b/modules/templates/util_date_test.go
@@ -17,12 +17,12 @@ import (
 func TestDateTime(t *testing.T) {
 	testTz, _ := time.LoadLocation("America/New_York")
 	defer test.MockVariableValue(&setting.DefaultUILocation, testTz)()
+	defer test.MockVariableValue(&setting.IsProd, true)()
 	defer test.MockVariableValue(&setting.IsInTesting, false)()
 
 	du := NewDateUtils()
 
 	refTimeStr := "2018-01-01T00:00:00Z"
-	refDateStr := "2018-01-01"
 	refTime, _ := time.Parse(time.RFC3339, refTimeStr)
 	refTimeStamp := timeutil.TimeStamp(refTime.Unix())
 
@@ -31,18 +31,9 @@ func TestDateTime(t *testing.T) {
 	assert.EqualValues(t, "-", du.AbsoluteShort(time.Time{}))
 	assert.EqualValues(t, "-", du.AbsoluteShort(timeutil.TimeStamp(0)))
 
-	actual := dateTimeLegacy("short", "invalid")
-	assert.EqualValues(t, `-`, actual)
-
-	actual = dateTimeLegacy("short", refTimeStr)
-	assert.EqualValues(t, `<absolute-date weekday="" year="numeric" month="short" day="numeric" date="2018-01-01T00:00:00Z">2018-01-01</absolute-date>`, actual)
-
-	actual = du.AbsoluteShort(refTime)
+	actual := du.AbsoluteShort(refTime)
 	assert.EqualValues(t, `<absolute-date weekday="" year="numeric" month="short" day="numeric" date="2018-01-01T00:00:00Z">2018-01-01</absolute-date>`, actual)
 
-	actual = dateTimeLegacy("short", refDateStr)
-	assert.EqualValues(t, `<absolute-date weekday="" year="numeric" month="short" day="numeric" date="2018-01-01T00:00:00-05:00">2018-01-01</absolute-date>`, actual)
-
 	actual = du.AbsoluteShort(refTimeStamp)
 	assert.EqualValues(t, `<absolute-date weekday="" year="numeric" month="short" day="numeric" date="2017-12-31T19:00:00-05:00">2017-12-31</absolute-date>`, actual)
 
@@ -53,6 +44,7 @@ func TestDateTime(t *testing.T) {
 func TestTimeSince(t *testing.T) {
 	testTz, _ := time.LoadLocation("America/New_York")
 	defer test.MockVariableValue(&setting.DefaultUILocation, testTz)()
+	defer test.MockVariableValue(&setting.IsProd, true)()
 	defer test.MockVariableValue(&setting.IsInTesting, false)()
 
 	du := NewDateUtils()
@@ -67,6 +59,6 @@ func TestTimeSince(t *testing.T) {
 	actual = timeSinceTo(&refTime, time.Time{})
 	assert.EqualValues(t, `<relative-time prefix="" tense="future" datetime="2018-01-01T00:00:00Z" data-tooltip-content data-tooltip-interactive="true">2018-01-01 00:00:00 +00:00</relative-time>`, actual)
 
-	actual = timeSinceLegacy(timeutil.TimeStampNano(refTime.UnixNano()), nil)
+	actual = du.TimeSince(timeutil.TimeStampNano(refTime.UnixNano()))
 	assert.EqualValues(t, `<relative-time prefix="" tense="past" datetime="2017-12-31T19:00:00-05:00" data-tooltip-content data-tooltip-interactive="true">2017-12-31 19:00:00 -05:00</relative-time>`, actual)
 }
diff --git a/modules/templates/util_dict.go b/modules/templates/util_dict.go
index 8d6376b522..cc3018a71c 100644
--- a/modules/templates/util_dict.go
+++ b/modules/templates/util_dict.go
@@ -4,6 +4,7 @@
 package templates
 
 import (
+	"errors"
 	"fmt"
 	"html"
 	"html/template"
@@ -33,7 +34,7 @@ func dictMerge(base map[string]any, arg any) bool {
 // The dot syntax is highly discouraged because it might cause unclear key conflicts. It's always good to use explicit keys.
 func dict(args ...any) (map[string]any, error) {
 	if len(args)%2 != 0 {
-		return nil, fmt.Errorf("invalid dict constructor syntax: must have key-value pairs")
+		return nil, errors.New("invalid dict constructor syntax: must have key-value pairs")
 	}
 	m := make(map[string]any, len(args)/2)
 	for i := 0; i < len(args); i += 2 {
diff --git a/modules/templates/util_format.go b/modules/templates/util_format.go
index bee6fb7b75..3485e3251e 100644
--- a/modules/templates/util_format.go
+++ b/modules/templates/util_format.go
@@ -5,6 +5,7 @@ package templates
 
 import (
 	"fmt"
+	"strconv"
 
 	"code.gitea.io/gitea/modules/util"
 )
@@ -24,7 +25,7 @@ func countFmt(data any) string {
 		return ""
 	}
 	if num < 1000 {
-		return fmt.Sprintf("%d", num)
+		return strconv.FormatInt(num, 10)
 	} else if num < 1_000_000 {
 		num2 := float32(num) / 1000.0
 		return fmt.Sprintf("%.1fk", num2)
diff --git a/modules/templates/util_format_test.go b/modules/templates/util_format_test.go
index 8d466faff0..13a57c24e2 100644
--- a/modules/templates/util_format_test.go
+++ b/modules/templates/util_format_test.go
@@ -14,5 +14,5 @@ func TestCountFmt(t *testing.T) {
 	assert.Equal(t, "1.3k", countFmt(int64(1317)))
 	assert.Equal(t, "21.3M", countFmt(21317675))
 	assert.Equal(t, "45.7G", countFmt(45721317675))
-	assert.Equal(t, "", countFmt("test"))
+	assert.Empty(t, countFmt("test"))
 }
diff --git a/modules/templates/util_json.go b/modules/templates/util_json.go
index 71a4e23d36..29a04290fa 100644
--- a/modules/templates/util_json.go
+++ b/modules/templates/util_json.go
@@ -9,11 +9,11 @@ import (
 	"code.gitea.io/gitea/modules/json"
 )
 
-type JsonUtils struct{} //nolint:revive
+type JsonUtils struct{} //nolint:revive // variable naming triggers on Json, wants JSON
 
 var jsonUtils = JsonUtils{}
 
-func NewJsonUtils() *JsonUtils { //nolint:revive
+func NewJsonUtils() *JsonUtils { //nolint:revive // variable naming triggers on Json, wants JSON
 	return &jsonUtils
 }
 
diff --git a/modules/templates/util_misc.go b/modules/templates/util_misc.go
index 2d42bc76b5..cc5bf67b42 100644
--- a/modules/templates/util_misc.go
+++ b/modules/templates/util_misc.go
@@ -38,10 +38,11 @@ func sortArrow(normSort, revSort, urlSort string, isDefault bool) template.HTML
 	} else {
 		// if sort arg is in url test if it correlates with column header sort arguments
 		// the direction of the arrow should indicate the "current sort order", up means ASC(normal), down means DESC(rev)
-		if urlSort == normSort {
+		switch urlSort {
+		case normSort:
 			// the table is sorted with this header normal
 			return svg.RenderHTML("octicon-triangle-up", 16)
-		} else if urlSort == revSort {
+		case revSort:
 			// the table is sorted with this header reverse
 			return svg.RenderHTML("octicon-triangle-down", 16)
 		}
diff --git a/modules/templates/util_render.go b/modules/templates/util_render.go
index 27316bbfec..1056c42643 100644
--- a/modules/templates/util_render.go
+++ b/modules/templates/util_render.go
@@ -14,9 +14,9 @@ import (
 	"unicode"
 
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/models/renderhelper"
+	"code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/emoji"
-	"code.gitea.io/gitea/modules/fileicon"
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/htmlutil"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
@@ -36,25 +36,25 @@ func NewRenderUtils(ctx reqctx.RequestContext) *RenderUtils {
 }
 
 // RenderCommitMessage renders commit message with XSS-safe and special links.
-func (ut *RenderUtils) RenderCommitMessage(msg string, metas map[string]string) template.HTML {
+func (ut *RenderUtils) RenderCommitMessage(msg string, repo *repo.Repository) template.HTML {
 	cleanMsg := template.HTMLEscapeString(msg)
-	// we can safely assume that it will not return any error, since there
-	// shouldn't be any special HTML.
-	fullMessage, err := markup.PostProcessCommitMessage(markup.NewRenderContext(ut.ctx).WithMetas(metas), cleanMsg)
+	// we can safely assume that it will not return any error, since there shouldn't be any special HTML.
+	// "repo" can be nil when rendering commit messages for deleted repositories in a user's dashboard feed.
+	fullMessage, err := markup.PostProcessCommitMessage(renderhelper.NewRenderContextRepoComment(ut.ctx, repo), cleanMsg)
 	if err != nil {
 		log.Error("PostProcessCommitMessage: %v", err)
 		return ""
 	}
 	msgLines := strings.Split(strings.TrimSpace(fullMessage), "\n")
 	if len(msgLines) == 0 {
-		return template.HTML("")
+		return ""
 	}
 	return renderCodeBlock(template.HTML(msgLines[0]))
 }
 
 // RenderCommitMessageLinkSubject renders commit message as a XSS-safe link to
 // the provided default url, handling for special links without email to links.
-func (ut *RenderUtils) RenderCommitMessageLinkSubject(msg, urlDefault string, metas map[string]string) template.HTML {
+func (ut *RenderUtils) RenderCommitMessageLinkSubject(msg, urlDefault string, repo *repo.Repository) template.HTML {
 	msgLine := strings.TrimLeftFunc(msg, unicode.IsSpace)
 	lineEnd := strings.IndexByte(msgLine, '\n')
 	if lineEnd > 0 {
@@ -65,9 +65,8 @@ func (ut *RenderUtils) RenderCommitMessageLinkSubject(msg, urlDefault string, me
 		return ""
 	}
 
-	// we can safely assume that it will not return any error, since there
-	// shouldn't be any special HTML.
-	renderedMessage, err := markup.PostProcessCommitMessageSubject(markup.NewRenderContext(ut.ctx).WithMetas(metas), urlDefault, template.HTMLEscapeString(msgLine))
+	// we can safely assume that it will not return any error, since there shouldn't be any special HTML.
+	renderedMessage, err := markup.PostProcessCommitMessageSubject(renderhelper.NewRenderContextRepoComment(ut.ctx, repo), urlDefault, template.HTMLEscapeString(msgLine))
 	if err != nil {
 		log.Error("PostProcessCommitMessageSubject: %v", err)
 		return ""
@@ -76,7 +75,7 @@ func (ut *RenderUtils) RenderCommitMessageLinkSubject(msg, urlDefault string, me
 }
 
 // RenderCommitBody extracts the body of a commit message without its title.
-func (ut *RenderUtils) RenderCommitBody(msg string, metas map[string]string) template.HTML {
+func (ut *RenderUtils) RenderCommitBody(msg string, repo *repo.Repository) template.HTML {
 	msgLine := strings.TrimSpace(msg)
 	lineEnd := strings.IndexByte(msgLine, '\n')
 	if lineEnd > 0 {
@@ -89,7 +88,7 @@ func (ut *RenderUtils) RenderCommitBody(msg string, metas map[string]string) tem
 		return ""
 	}
 
-	renderedMessage, err := markup.PostProcessCommitMessage(markup.NewRenderContext(ut.ctx).WithMetas(metas), template.HTMLEscapeString(msgLine))
+	renderedMessage, err := markup.PostProcessCommitMessage(renderhelper.NewRenderContextRepoComment(ut.ctx, repo), template.HTMLEscapeString(msgLine))
 	if err != nil {
 		log.Error("PostProcessCommitMessage: %v", err)
 		return ""
@@ -107,8 +106,8 @@ func renderCodeBlock(htmlEscapedTextToRender template.HTML) template.HTML {
 }
 
 // RenderIssueTitle renders issue/pull title with defined post processors
-func (ut *RenderUtils) RenderIssueTitle(text string, metas map[string]string) template.HTML {
-	renderedText, err := markup.PostProcessIssueTitle(markup.NewRenderContext(ut.ctx).WithMetas(metas), template.HTMLEscapeString(text))
+func (ut *RenderUtils) RenderIssueTitle(text string, repo *repo.Repository) template.HTML {
+	renderedText, err := markup.PostProcessIssueTitle(renderhelper.NewRenderContextRepoComment(ut.ctx, repo), template.HTMLEscapeString(text))
 	if err != nil {
 		log.Error("PostProcessIssueTitle: %v", err)
 		return ""
@@ -123,8 +122,23 @@ func (ut *RenderUtils) RenderIssueSimpleTitle(text string) template.HTML {
 	return ret
 }
 
-// RenderLabel renders a label
+func (ut *RenderUtils) RenderLabelWithLink(label *issues_model.Label, link any) template.HTML {
+	var attrHref template.HTML
+	switch link.(type) {
+	case template.URL, string:
+		attrHref = htmlutil.HTMLFormat(`href="%s"`, link)
+	default:
+		panic(fmt.Sprintf("unexpected type %T for link", link))
+	}
+	return ut.renderLabelWithTag(label, "a", attrHref)
+}
+
 func (ut *RenderUtils) RenderLabel(label *issues_model.Label) template.HTML {
+	return ut.renderLabelWithTag(label, "span", "")
+}
+
+// RenderLabel renders a label
+func (ut *RenderUtils) renderLabelWithTag(label *issues_model.Label, tagName, tagAttrs template.HTML) template.HTML {
 	locale := ut.ctx.Value(translation.ContextKey).(translation.Locale)
 	var extraCSSClasses string
 	textColor := util.ContrastColor(label.Color)
@@ -138,8 +152,8 @@ func (ut *RenderUtils) RenderLabel(label *issues_model.Label) template.HTML {
 
 	if labelScope == "" {
 		// Regular label
-		return htmlutil.HTMLFormat(`<div class="ui label %s" style="color: %s !important; background-color: %s !important;" data-tooltip-content title="%s">%s</div>`,
-			extraCSSClasses, textColor, label.Color, descriptionText, ut.RenderEmoji(label.Name))
+		return htmlutil.HTMLFormat(`<%s %s class="ui label %s" style="color: %s !important; background-color: %s !important;" data-tooltip-content title="%s"><span class="gt-ellipsis">%s</span></%s>`,
+			tagName, tagAttrs, extraCSSClasses, textColor, label.Color, descriptionText, ut.RenderEmoji(label.Name), tagName)
 	}
 
 	// Scoped label
@@ -153,7 +167,7 @@ func (ut *RenderUtils) RenderLabel(label *issues_model.Label) template.HTML {
 	// Ensure we add the same amount of contrast also near 0 and 1.
 	darken := contrast + math.Max(luminance+contrast-1.0, 0.0)
 	lighten := contrast + math.Max(contrast-luminance, 0.0)
-	// Compute factor to keep RGB values proportional.
+	// Compute the factor to keep RGB values proportional.
 	darkenFactor := math.Max(luminance-darken, 0.0) / math.Max(luminance, 1.0/255.0)
 	lightenFactor := math.Min(luminance+lighten, 1.0) / math.Max(luminance, 1.0/255.0)
 
@@ -172,20 +186,31 @@ func (ut *RenderUtils) RenderLabel(label *issues_model.Label) template.HTML {
 	itemColor := "#" + hex.EncodeToString(itemBytes)
 	scopeColor := "#" + hex.EncodeToString(scopeBytes)
 
-	return htmlutil.HTMLFormat(`<span class="ui label %s scope-parent" data-tooltip-content title="%s">`+
+	if label.ExclusiveOrder > 0 {
+		// <scope> | <label> | <order>
+		return htmlutil.HTMLFormat(`<%s %s class="ui label %s scope-parent" data-tooltip-content title="%s">`+
+			`<div class="ui label scope-left" style="color: %s !important; background-color: %s !important">%s</div>`+
+			`<div class="ui label scope-middle" style="color: %s !important; background-color: %s !important">%s</div>`+
+			`<div class="ui label scope-right">%d</div>`+
+			`</%s>`,
+			tagName, tagAttrs,
+			extraCSSClasses, descriptionText,
+			textColor, scopeColor, scopeHTML,
+			textColor, itemColor, itemHTML,
+			label.ExclusiveOrder,
+			tagName)
+	}
+
+	// <scope> | <label>
+	return htmlutil.HTMLFormat(`<%s %s class="ui label %s scope-parent" data-tooltip-content title="%s">`+
 		`<div class="ui label scope-left" style="color: %s !important; background-color: %s !important">%s</div>`+
 		`<div class="ui label scope-right" style="color: %s !important; background-color: %s !important">%s</div>`+
-		`</span>`,
+		`</%s>`,
+		tagName, tagAttrs,
 		extraCSSClasses, descriptionText,
 		textColor, scopeColor, scopeHTML,
-		textColor, itemColor, itemHTML)
-}
-
-func (ut *RenderUtils) RenderFileIcon(entry *git.TreeEntry) template.HTML {
-	if setting.UI.FileIconTheme == "material" {
-		return fileicon.DefaultMaterialIconProvider().FileIcon(ut.ctx, entry)
-	}
-	return fileicon.BasicThemeIcon(entry)
+		textColor, itemColor, itemHTML,
+		tagName)
 }
 
 // RenderEmoji renders html text with emoji post processors
@@ -211,7 +236,7 @@ func reactionToEmoji(reaction string) template.HTML {
 	return template.HTML(fmt.Sprintf(`<img alt=":%s:" src="%s/assets/img/emoji/%s.png"></img>`, reaction, setting.StaticURLPrefix, url.PathEscape(reaction)))
 }
 
-func (ut *RenderUtils) MarkdownToHtml(input string) template.HTML { //nolint:revive
+func (ut *RenderUtils) MarkdownToHtml(input string) template.HTML { //nolint:revive // variable naming triggers on Html, wants HTML
 	output, err := markdown.RenderString(markup.NewRenderContext(ut.ctx).WithMetas(markup.ComposeSimpleDocumentMetas()), input)
 	if err != nil {
 		log.Error("RenderString: %v", err)
@@ -228,7 +253,8 @@ func (ut *RenderUtils) RenderLabels(labels []*issues_model.Label, repoLink strin
 		if label == nil {
 			continue
 		}
-		htmlCode += fmt.Sprintf(`<a href="%s?labels=%d">%s</a>`, baseLink, label.ID, ut.RenderLabel(label))
+		link := fmt.Sprintf("%s?labels=%d", baseLink, label.ID)
+		htmlCode += string(ut.RenderLabelWithLink(label, template.URL(link)))
 	}
 	htmlCode += "</span>"
 	return template.HTML(htmlCode)
diff --git a/modules/templates/util_render_legacy.go b/modules/templates/util_render_legacy.go
deleted file mode 100644
index 8f7b84c83d..0000000000
--- a/modules/templates/util_render_legacy.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2024 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package templates
-
-import (
-	"context"
-	"html/template"
-
-	issues_model "code.gitea.io/gitea/models/issues"
-	"code.gitea.io/gitea/modules/reqctx"
-	"code.gitea.io/gitea/modules/translation"
-)
-
-func renderEmojiLegacy(ctx context.Context, text string) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderEmoji(text)
-}
-
-func renderLabelLegacy(ctx context.Context, locale translation.Locale, label *issues_model.Label) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderLabel(label)
-}
-
-func renderLabelsLegacy(ctx context.Context, locale translation.Locale, labels []*issues_model.Label, repoLink string, issue *issues_model.Issue) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderLabels(labels, repoLink, issue)
-}
-
-func renderMarkdownToHtmlLegacy(ctx context.Context, input string) template.HTML { //nolint:revive
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).MarkdownToHtml(input)
-}
-
-func renderCommitMessageLegacy(ctx context.Context, msg string, metas map[string]string) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderCommitMessage(msg, metas)
-}
-
-func renderCommitMessageLinkSubjectLegacy(ctx context.Context, msg, urlDefault string, metas map[string]string) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderCommitMessageLinkSubject(msg, urlDefault, metas)
-}
-
-func renderIssueTitleLegacy(ctx context.Context, text string, metas map[string]string) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderIssueTitle(text, metas)
-}
-
-func renderCommitBodyLegacy(ctx context.Context, msg string, metas map[string]string) template.HTML {
-	panicIfDevOrTesting()
-	return NewRenderUtils(reqctx.FromContext(ctx)).RenderCommitBody(msg, metas)
-}
diff --git a/modules/templates/util_render_test.go b/modules/templates/util_render_test.go
index 617021e510..5c37f084df 100644
--- a/modules/templates/util_render_test.go
+++ b/modules/templates/util_render_test.go
@@ -11,11 +11,11 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models/issues"
-	"code.gitea.io/gitea/models/unittest"
-	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/reqctx"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/translation"
 
@@ -47,19 +47,8 @@ mail@domain.com
 	return strings.ReplaceAll(s, "<SPACE>", " ")
 }
 
-var testMetas = map[string]string{
-	"user":                         "user13",
-	"repo":                         "repo11",
-	"repoPath":                     "../../tests/gitea-repositories-meta/user13/repo11.git/",
-	"markdownLineBreakStyle":       "comment",
-	"markupAllowShortIssuePattern": "true",
-}
-
 func TestMain(m *testing.M) {
-	unittest.InitSettings()
-	if err := git.InitSimple(context.Background()); err != nil {
-		log.Fatal("git init failed, err: %v", err)
-	}
+	setting.Markdown.RenderOptionsComment.ShortIssuePattern = true
 	markup.Init(&markup.RenderHelperFuncs{
 		IsUsernameMentionable: func(ctx context.Context, username string) bool {
 			return username == "mention-user"
@@ -74,46 +63,52 @@ func newTestRenderUtils(t *testing.T) *RenderUtils {
 	return NewRenderUtils(ctx)
 }
 
-func TestRenderCommitBody(t *testing.T) {
-	defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
-	type args struct {
-		msg string
+func TestRenderRepoComment(t *testing.T) {
+	mockRepo := &repo.Repository{
+		ID: 1, OwnerName: "user13", Name: "repo11",
+		Owner: &user_model.User{ID: 13, Name: "user13"},
+		Units: []*repo.RepoUnit{},
 	}
-	tests := []struct {
-		name string
-		args args
-		want template.HTML
-	}{
-		{
-			name: "multiple lines",
-			args: args{
-				msg: "first line\nsecond line",
+	t.Run("RenderCommitBody", func(t *testing.T) {
+		defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
+		type args struct {
+			msg string
+		}
+		tests := []struct {
+			name string
+			args args
+			want template.HTML
+		}{
+			{
+				name: "multiple lines",
+				args: args{
+					msg: "first line\nsecond line",
+				},
+				want: "second line",
 			},
-			want: "second line",
-		},
-		{
-			name: "multiple lines with leading newlines",
-			args: args{
-				msg: "\n\n\n\nfirst line\nsecond line",
+			{
+				name: "multiple lines with leading newlines",
+				args: args{
+					msg: "\n\n\n\nfirst line\nsecond line",
+				},
+				want: "second line",
 			},
-			want: "second line",
-		},
-		{
-			name: "multiple lines with trailing newlines",
-			args: args{
-				msg: "first line\nsecond line\n\n\n",
+			{
+				name: "multiple lines with trailing newlines",
+				args: args{
+					msg: "first line\nsecond line\n\n\n",
+				},
+				want: "second line",
 			},
-			want: "second line",
-		},
-	}
-	ut := newTestRenderUtils(t)
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			assert.Equalf(t, tt.want, ut.RenderCommitBody(tt.args.msg, nil), "RenderCommitBody(%v, %v)", tt.args.msg, nil)
-		})
-	}
-
-	expected := `/just/a/path.bin
+		}
+		ut := newTestRenderUtils(t)
+		for _, tt := range tests {
+			t.Run(tt.name, func(t *testing.T) {
+				assert.Equalf(t, tt.want, ut.RenderCommitBody(tt.args.msg, mockRepo), "RenderCommitBody(%v, %v)", tt.args.msg, nil)
+			})
+		}
+
+		expected := `/just/a/path.bin
 <a href="https://example.com/file.bin">https://example.com/file.bin</a>
 [local link](file.bin)
 [remote link](<a href="https://example.com">https://example.com</a>)
@@ -123,31 +118,31 @@ func TestRenderCommitBody(t *testing.T) {
 ![remote image](<a href="https://example.com/image.jpg">https://example.com/image.jpg</a>)
 [[local image|image.jpg]]
 [[remote link|<a href="https://example.com/image.jpg">https://example.com/image.jpg</a>]]
-<a href="https://example.com/user/repo/compare/88fc37a3c0a4dda553bdcfc80c178a58247f42fb...12fc37a3c0a4dda553bdcfc80c178a58247f42fb#hash" class="compare"><code class="nohighlight">88fc37a3c0...12fc37a3c0 (hash)</code></a>
+<a href="https://example.com/user/repo/compare/88fc37a3c0a4dda553bdcfc80c178a58247f42fb...12fc37a3c0a4dda553bdcfc80c178a58247f42fb#hash" class="compare"><code>88fc37a3c0...12fc37a3c0 (hash)</code></a>
 com 88fc37a3c0a4dda553bdcfc80c178a58247f42fb...12fc37a3c0a4dda553bdcfc80c178a58247f42fb pare
-<a href="https://example.com/user/repo/commit/88fc37a3c0a4dda553bdcfc80c178a58247f42fb" class="commit"><code class="nohighlight">88fc37a3c0</code></a>
+<a href="https://example.com/user/repo/commit/88fc37a3c0a4dda553bdcfc80c178a58247f42fb" class="commit"><code>88fc37a3c0</code></a>
 com 88fc37a3c0a4dda553bdcfc80c178a58247f42fb mit
 <span class="emoji" aria-label="thumbs up">�</span>
 <a href="mailto:mail@domain.com">mail@domain.com</a>
 <a href="/mention-user">@mention-user</a> test
 <a href="/user13/repo11/issues/123" class="ref-issue">#123</a>
   space`
-	assert.EqualValues(t, expected, string(newTestRenderUtils(t).RenderCommitBody(testInput(), testMetas)))
-}
+		assert.Equal(t, expected, string(newTestRenderUtils(t).RenderCommitBody(testInput(), mockRepo)))
+	})
 
-func TestRenderCommitMessage(t *testing.T) {
-	expected := `space <a href="/mention-user" data-markdown-generated-content="">@mention-user</a>  `
-	assert.EqualValues(t, expected, newTestRenderUtils(t).RenderCommitMessage(testInput(), testMetas))
-}
+	t.Run("RenderCommitMessage", func(t *testing.T) {
+		expected := `space <a href="/mention-user" data-markdown-generated-content="">@mention-user</a>  `
+		assert.EqualValues(t, expected, newTestRenderUtils(t).RenderCommitMessage(testInput(), mockRepo))
+	})
 
-func TestRenderCommitMessageLinkSubject(t *testing.T) {
-	expected := `<a href="https://example.com/link" class="muted">space </a><a href="/mention-user" data-markdown-generated-content="">@mention-user</a>`
-	assert.EqualValues(t, expected, newTestRenderUtils(t).RenderCommitMessageLinkSubject(testInput(), "https://example.com/link", testMetas))
-}
+	t.Run("RenderCommitMessageLinkSubject", func(t *testing.T) {
+		expected := `<a href="https://example.com/link" class="muted">space </a><a href="/mention-user" data-markdown-generated-content="">@mention-user</a>`
+		assert.EqualValues(t, expected, newTestRenderUtils(t).RenderCommitMessageLinkSubject(testInput(), "https://example.com/link", mockRepo))
+	})
 
-func TestRenderIssueTitle(t *testing.T) {
-	defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
-	expected := `  space @mention-user<SPACE><SPACE>
+	t.Run("RenderIssueTitle", func(t *testing.T) {
+		defer test.MockVariableValue(&markup.RenderBehaviorForTesting.DisableAdditionalAttributes, true)()
+		expected := `  space @mention-user<SPACE><SPACE>
 /just/a/path.bin
 https://example.com/file.bin
 [local link](file.bin)
@@ -168,8 +163,9 @@ mail@domain.com
 <a href="/user13/repo11/issues/123" class="ref-issue">#123</a>
   space<SPACE><SPACE>
 `
-	expected = strings.ReplaceAll(expected, "<SPACE>", " ")
-	assert.EqualValues(t, expected, string(newTestRenderUtils(t).RenderIssueTitle(testInput(), testMetas)))
+		expected = strings.ReplaceAll(expected, "<SPACE>", " ")
+		assert.Equal(t, expected, string(newTestRenderUtils(t).RenderIssueTitle(testInput(), mockRepo)))
+	})
 }
 
 func TestRenderMarkdownToHtml(t *testing.T) {
@@ -209,10 +205,21 @@ func TestRenderLabels(t *testing.T) {
 	issue = &issues.Issue{IsPull: true}
 	expected = `/owner/repo/pulls?labels=123`
 	assert.Contains(t, ut.RenderLabels([]*issues.Label{label}, "/owner/repo", issue), expected)
+
+	expectedLabel := `<a href="&lt;&gt;" class="ui label " style="color: #fff !important; background-color: label-color !important;" data-tooltip-content title=""><span class="gt-ellipsis">label-name</span></a>`
+	assert.Equal(t, expectedLabel, string(ut.RenderLabelWithLink(label, "<>")))
+	assert.Equal(t, expectedLabel, string(ut.RenderLabelWithLink(label, template.URL("<>"))))
+
+	label = &issues.Label{ID: 123, Name: "</>", Exclusive: true}
+	expectedLabel = `<a href="" class="ui label  scope-parent" data-tooltip-content title=""><div class="ui label scope-left" style="color: #fff !important; background-color: #000000 !important">&lt;</div><div class="ui label scope-right" style="color: #fff !important; background-color: #000000 !important">&gt;</div></a>`
+	assert.Equal(t, expectedLabel, string(ut.RenderLabelWithLink(label, "")))
+	label = &issues.Label{ID: 123, Name: "</>", Exclusive: true, ExclusiveOrder: 1}
+	expectedLabel = `<a href="" class="ui label  scope-parent" data-tooltip-content title=""><div class="ui label scope-left" style="color: #fff !important; background-color: #000000 !important">&lt;</div><div class="ui label scope-middle" style="color: #fff !important; background-color: #000000 !important">&gt;</div><div class="ui label scope-right">1</div></a>`
+	assert.Equal(t, expectedLabel, string(ut.RenderLabelWithLink(label, "")))
 }
 
 func TestUserMention(t *testing.T) {
 	markup.RenderBehaviorForTesting.DisableAdditionalAttributes = true
 	rendered := newTestRenderUtils(t).MarkdownToHtml("@no-such-user @mention-user @mention-user")
-	assert.EqualValues(t, `<p>@no-such-user <a href="/mention-user" rel="nofollow">@mention-user</a> <a href="/mention-user" rel="nofollow">@mention-user</a></p>`, strings.TrimSpace(string(rendered)))
+	assert.Equal(t, `<p>@no-such-user <a href="/mention-user" rel="nofollow">@mention-user</a> <a href="/mention-user" rel="nofollow">@mention-user</a></p>`, strings.TrimSpace(string(rendered)))
 }
diff --git a/modules/templates/util_test.go b/modules/templates/util_test.go
index febaf7fa88..a6448a6ff2 100644
--- a/modules/templates/util_test.go
+++ b/modules/templates/util_test.go
@@ -28,7 +28,7 @@ func TestDict(t *testing.T) {
 	for _, c := range cases {
 		got, err := dict(c.args...)
 		if assert.NoError(t, err) {
-			assert.EqualValues(t, c.want, got)
+			assert.Equal(t, c.want, got)
 		}
 	}
 
diff --git a/modules/templates/vars/vars.go b/modules/templates/vars/vars.go
index cc9d0e976f..500078d4b8 100644
--- a/modules/templates/vars/vars.go
+++ b/modules/templates/vars/vars.go
@@ -16,7 +16,7 @@ type ErrWrongSyntax struct {
 }
 
 func (err ErrWrongSyntax) Error() string {
-	return fmt.Sprintf("wrong syntax found in %s", err.Template)
+	return "wrong syntax found in " + err.Template
 }
 
 // ErrVarMissing represents an error that no matched variable
diff --git a/modules/templates/vars/vars_test.go b/modules/templates/vars/vars_test.go
index 8f421d9e4b..9b48167237 100644
--- a/modules/templates/vars/vars_test.go
+++ b/modules/templates/vars/vars_test.go
@@ -60,7 +60,7 @@ func TestExpandVars(t *testing.T) {
 	for _, kase := range kases {
 		t.Run(kase.tmpl, func(t *testing.T) {
 			res, err := Expand(kase.tmpl, kase.data)
-			assert.EqualValues(t, kase.out, res)
+			assert.Equal(t, kase.out, res)
 			if kase.error {
 				assert.Error(t, err)
 			} else {
diff --git a/modules/test/logchecker.go b/modules/test/logchecker.go
index 7bf234f560..829f735c7c 100644
--- a/modules/test/logchecker.go
+++ b/modules/test/logchecker.go
@@ -5,7 +5,7 @@ package test
 
 import (
 	"context"
-	"fmt"
+	"strconv"
 	"strings"
 	"sync"
 	"sync/atomic"
@@ -58,7 +58,7 @@ var checkerIndex int64
 func NewLogChecker(namePrefix string) (logChecker *LogChecker, cancel func()) {
 	logger := log.GetManager().GetLogger(namePrefix)
 	newCheckerIndex := atomic.AddInt64(&checkerIndex, 1)
-	writerName := namePrefix + "-" + fmt.Sprint(newCheckerIndex)
+	writerName := namePrefix + "-" + strconv.FormatInt(newCheckerIndex, 10)
 
 	lc := &LogChecker{}
 	lc.EventWriterBaseImpl = log.NewEventWriterBase(writerName, "test-log-checker", log.WriterMode{})
diff --git a/modules/test/utils.go b/modules/test/utils.go
index ec4c976388..53c6a3ed52 100644
--- a/modules/test/utils.go
+++ b/modules/test/utils.go
@@ -4,7 +4,6 @@
 package test
 
 import (
-	"fmt"
 	"net/http"
 	"net/http/httptest"
 	"os"
@@ -18,6 +17,7 @@ import (
 
 // RedirectURL returns the redirect URL of a http response.
 // It also works for JSONRedirect: `{"redirect": "..."}`
+// FIXME: it should separate the logic of checking from header and JSON body
 func RedirectURL(resp http.ResponseWriter) string {
 	loc := resp.Header().Get("Location")
 	if loc != "" {
@@ -35,6 +35,15 @@ func RedirectURL(resp http.ResponseWriter) string {
 	return ""
 }
 
+func ParseJSONError(buf []byte) (ret struct {
+	ErrorMessage string `json:"errorMessage"`
+	RenderFormat string `json:"renderFormat"`
+},
+) {
+	_ = json.Unmarshal(buf, &ret)
+	return ret
+}
+
 func IsNormalPageCompleted(s string) bool {
 	return strings.Contains(s, `<footer class="page-footer"`) && strings.Contains(s, `</html>`)
 }
@@ -57,7 +66,7 @@ func SetupGiteaRoot() string {
 	giteaRoot = filepath.Dir(filepath.Dir(filepath.Dir(filename)))
 	fixturesDir := filepath.Join(giteaRoot, "models", "fixtures")
 	if exist, _ := util.IsDir(fixturesDir); !exist {
-		panic(fmt.Sprintf("fixtures directory not found: %s", fixturesDir))
+		panic("fixtures directory not found: " + fixturesDir)
 	}
 	_ = os.Setenv("GITEA_ROOT", giteaRoot)
 	return giteaRoot
diff --git a/modules/testlogger/testlogger.go b/modules/testlogger/testlogger.go
index 8e970aa2be..60e281d403 100644
--- a/modules/testlogger/testlogger.go
+++ b/modules/testlogger/testlogger.go
@@ -92,7 +92,7 @@ func (w *testLoggerWriterCloser) Reset() {
 // Printf takes a format and args and prints the string to os.Stdout
 func Printf(format string, args ...any) {
 	if !log.CanColorStdout {
-		for i := 0; i < len(args); i++ {
+		for i := range args {
 			if c, ok := args[i].(*log.ColoredValue); ok {
 				args[i] = c.Value()
 			}
diff --git a/modules/timeutil/executable.go b/modules/timeutil/executable.go
deleted file mode 100644
index 57ae8b2a9d..0000000000
--- a/modules/timeutil/executable.go
+++ /dev/null
@@ -1,50 +0,0 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package timeutil
-
-import (
-	"os"
-	"path/filepath"
-	"sync"
-	"time"
-
-	"code.gitea.io/gitea/modules/log"
-)
-
-var (
-	executablModTime     = time.Now()
-	executablModTimeOnce sync.Once
-)
-
-// GetExecutableModTime get executable file modified time of current process.
-func GetExecutableModTime() time.Time {
-	executablModTimeOnce.Do(func() {
-		exePath, err := os.Executable()
-		if err != nil {
-			log.Error("os.Executable: %v", err)
-			return
-		}
-
-		exePath, err = filepath.Abs(exePath)
-		if err != nil {
-			log.Error("filepath.Abs: %v", err)
-			return
-		}
-
-		exePath, err = filepath.EvalSymlinks(exePath)
-		if err != nil {
-			log.Error("filepath.EvalSymlinks: %v", err)
-			return
-		}
-
-		st, err := os.Stat(exePath)
-		if err != nil {
-			log.Error("os.Stat: %v", err)
-			return
-		}
-
-		executablModTime = st.ModTime()
-	})
-	return executablModTime
-}
diff --git a/modules/translation/translation_test.go b/modules/translation/translation_test.go
index 464aa32661..87df9eb825 100644
--- a/modules/translation/translation_test.go
+++ b/modules/translation/translation_test.go
@@ -20,13 +20,13 @@ func TestPrettyNumber(t *testing.T) {
 	allLangMap["id-ID"] = &LangType{Lang: "id-ID", Name: "Bahasa Indonesia"}
 
 	l := NewLocale("id-ID")
-	assert.EqualValues(t, "1.000.000", l.PrettyNumber(1000000))
-	assert.EqualValues(t, "1.000.000,1", l.PrettyNumber(1000000.1))
-	assert.EqualValues(t, "1.000.000", l.PrettyNumber("1000000"))
-	assert.EqualValues(t, "1.000.000", l.PrettyNumber("1000000.0"))
-	assert.EqualValues(t, "1.000.000,1", l.PrettyNumber("1000000.1"))
+	assert.Equal(t, "1.000.000", l.PrettyNumber(1000000))
+	assert.Equal(t, "1.000.000,1", l.PrettyNumber(1000000.1))
+	assert.Equal(t, "1.000.000", l.PrettyNumber("1000000"))
+	assert.Equal(t, "1.000.000", l.PrettyNumber("1000000.0"))
+	assert.Equal(t, "1.000.000,1", l.PrettyNumber("1000000.1"))
 
 	l = NewLocale("nosuch")
-	assert.EqualValues(t, "1,000,000", l.PrettyNumber(1000000))
-	assert.EqualValues(t, "1,000,000.1", l.PrettyNumber(1000000.1))
+	assert.Equal(t, "1,000,000", l.PrettyNumber(1000000))
+	assert.Equal(t, "1,000,000.1", l.PrettyNumber(1000000.1))
 }
diff --git a/modules/typesniffer/typesniffer.go b/modules/typesniffer/typesniffer.go
index 8cb3d278ce..2e8d9c4a1e 100644
--- a/modules/typesniffer/typesniffer.go
+++ b/modules/typesniffer/typesniffer.go
@@ -6,18 +6,14 @@ package typesniffer
 import (
 	"bytes"
 	"encoding/binary"
-	"fmt"
-	"io"
 	"net/http"
 	"regexp"
 	"slices"
 	"strings"
-
-	"code.gitea.io/gitea/modules/util"
+	"sync"
 )
 
-// Use at most this many bytes to determine Content Type.
-const sniffLen = 1024
+const SniffContentSize = 1024
 
 const (
 	MimeTypeImageSvg  = "image/svg+xml"
@@ -26,22 +22,30 @@ const (
 	MimeTypeApplicationOctetStream = "application/octet-stream"
 )
 
-var (
-	svgComment       = regexp.MustCompile(`(?s)<!--.*?-->`)
-	svgTagRegex      = regexp.MustCompile(`(?si)\A\s*(?:(<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg\b`)
-	svgTagInXMLRegex = regexp.MustCompile(`(?si)\A<\?xml\b.*?\?>\s*(?:(<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg\b`)
-)
-
-// SniffedType contains information about a blobs type.
+var globalVars = sync.OnceValue(func() (ret struct {
+	svgComment, svgTagRegex, svgTagInXMLRegex *regexp.Regexp
+},
+) {
+	ret.svgComment = regexp.MustCompile(`(?s)<!--.*?-->`)
+	ret.svgTagRegex = regexp.MustCompile(`(?si)\A\s*(?:(<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg\b`)
+	ret.svgTagInXMLRegex = regexp.MustCompile(`(?si)\A<\?xml\b.*?\?>\s*(?:(<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg\b`)
+	return ret
+})
+
+// SniffedType contains information about a blob's type.
 type SniffedType struct {
 	contentType string
 }
 
-// IsText etects if content format is plain text.
+// IsText detects if the content format is text family, including text/plain, text/html, text/css, etc.
 func (ct SniffedType) IsText() bool {
 	return strings.Contains(ct.contentType, "text/")
 }
 
+func (ct SniffedType) IsTextPlain() bool {
+	return strings.Contains(ct.contentType, "text/plain")
+}
+
 // IsImage detects if data is an image format
 func (ct SniffedType) IsImage() bool {
 	return strings.Contains(ct.contentType, "image/")
@@ -57,12 +61,12 @@ func (ct SniffedType) IsPDF() bool {
 	return strings.Contains(ct.contentType, "application/pdf")
 }
 
-// IsVideo detects if data is an video format
+// IsVideo detects if data is a video format
 func (ct SniffedType) IsVideo() bool {
 	return strings.Contains(ct.contentType, "video/")
 }
 
-// IsAudio detects if data is an video format
+// IsAudio detects if data is a video format
 func (ct SniffedType) IsAudio() bool {
 	return strings.Contains(ct.contentType, "audio/")
 }
@@ -103,33 +107,34 @@ func detectFileTypeBox(data []byte) (brands []string, found bool) {
 	return brands, true
 }
 
-// DetectContentType extends http.DetectContentType with more content types. Defaults to text/unknown if input is empty.
+// DetectContentType extends http.DetectContentType with more content types. Defaults to text/plain if input is empty.
 func DetectContentType(data []byte) SniffedType {
 	if len(data) == 0 {
-		return SniffedType{"text/unknown"}
+		return SniffedType{"text/plain"}
 	}
 
 	ct := http.DetectContentType(data)
 
-	if len(data) > sniffLen {
-		data = data[:sniffLen]
+	if len(data) > SniffContentSize {
+		data = data[:SniffContentSize]
 	}
 
+	vars := globalVars()
 	// SVG is unsupported by http.DetectContentType, https://github.com/golang/go/issues/15888
 	detectByHTML := strings.Contains(ct, "text/plain") || strings.Contains(ct, "text/html")
 	detectByXML := strings.Contains(ct, "text/xml")
 	if detectByHTML || detectByXML {
-		dataProcessed := svgComment.ReplaceAll(data, nil)
+		dataProcessed := vars.svgComment.ReplaceAll(data, nil)
 		dataProcessed = bytes.TrimSpace(dataProcessed)
-		if detectByHTML && svgTagRegex.Match(dataProcessed) ||
-			detectByXML && svgTagInXMLRegex.Match(dataProcessed) {
+		if detectByHTML && vars.svgTagRegex.Match(dataProcessed) ||
+			detectByXML && vars.svgTagInXMLRegex.Match(dataProcessed) {
 			ct = MimeTypeImageSvg
 		}
 	}
 
 	if strings.HasPrefix(ct, "audio/") && bytes.HasPrefix(data, []byte("ID3")) {
 		// The MP3 detection is quite inaccurate, any content with "ID3" prefix will result in "audio/mpeg".
-		// So remove the "ID3" prefix and detect again, if result is text, then it must be text content.
+		// So remove the "ID3" prefix and detect again, then if the result is "text", it must be text content.
 		// This works especially because audio files contain many unprintable/invalid characters like `0x00`
 		ct2 := http.DetectContentType(data[3:])
 		if strings.HasPrefix(ct2, "text/") {
@@ -155,15 +160,3 @@ func DetectContentType(data []byte) SniffedType {
 	}
 	return SniffedType{ct}
 }
-
-// DetectContentTypeFromReader guesses the content type contained in the reader.
-func DetectContentTypeFromReader(r io.Reader) (SniffedType, error) {
-	buf := make([]byte, sniffLen)
-	n, err := util.ReadAtMost(r, buf)
-	if err != nil {
-		return SniffedType{}, fmt.Errorf("DetectContentTypeFromReader io error: %w", err)
-	}
-	buf = buf[:n]
-
-	return DetectContentType(buf), nil
-}
diff --git a/modules/typesniffer/typesniffer_test.go b/modules/typesniffer/typesniffer_test.go
index 3e5db3308b..a0c824b912 100644
--- a/modules/typesniffer/typesniffer_test.go
+++ b/modules/typesniffer/typesniffer_test.go
@@ -4,7 +4,6 @@
 package typesniffer
 
 import (
-	"bytes"
 	"encoding/base64"
 	"encoding/hex"
 	"strings"
@@ -17,7 +16,7 @@ func TestDetectContentTypeLongerThanSniffLen(t *testing.T) {
 	// Pre-condition: Shorter than sniffLen detects SVG.
 	assert.Equal(t, "image/svg+xml", DetectContentType([]byte(`<!-- Comment --><svg></svg>`)).contentType)
 	// Longer than sniffLen detects something else.
-	assert.NotEqual(t, "image/svg+xml", DetectContentType([]byte(`<!-- `+strings.Repeat("x", sniffLen)+` --><svg></svg>`)).contentType)
+	assert.NotEqual(t, "image/svg+xml", DetectContentType([]byte(`<!-- `+strings.Repeat("x", SniffContentSize)+` --><svg></svg>`)).contentType)
 }
 
 func TestIsTextFile(t *testing.T) {
@@ -116,22 +115,13 @@ func TestIsAudio(t *testing.T) {
 	assert.True(t, DetectContentType([]byte("ID3Toy\n====\t* hi 🌞, ..."+"🌛"[0:2])).IsText()) // test ID3 tag with incomplete UTF8 char
 }
 
-func TestDetectContentTypeFromReader(t *testing.T) {
-	mp3, _ := base64.StdEncoding.DecodeString("SUQzBAAAAAABAFRYWFgAAAASAAADbWFqb3JfYnJhbmQAbXA0MgBUWFhYAAAAEQAAA21pbm9yX3Zl")
-	st, err := DetectContentTypeFromReader(bytes.NewReader(mp3))
-	assert.NoError(t, err)
-	assert.True(t, st.IsAudio())
-}
-
 func TestDetectContentTypeOgg(t *testing.T) {
 	oggAudio, _ := hex.DecodeString("4f67675300020000000000000000352f0000000000007dc39163011e01766f72626973000000000244ac0000000000000071020000000000b8014f6767530000")
-	st, err := DetectContentTypeFromReader(bytes.NewReader(oggAudio))
-	assert.NoError(t, err)
+	st := DetectContentType(oggAudio)
 	assert.True(t, st.IsAudio())
 
 	oggVideo, _ := hex.DecodeString("4f676753000200000000000000007d9747ef000000009b59daf3012a807468656f7261030201001e00110001e000010e00020000001e00000001000001000001")
-	st, err = DetectContentTypeFromReader(bytes.NewReader(oggVideo))
-	assert.NoError(t, err)
+	st = DetectContentType(oggVideo)
 	assert.True(t, st.IsVideo())
 }
 
diff --git a/modules/updatechecker/update_checker.go b/modules/updatechecker/update_checker.go
index 3c1e05d060..f0686c0f78 100644
--- a/modules/updatechecker/update_checker.go
+++ b/modules/updatechecker/update_checker.go
@@ -34,7 +34,7 @@ func GiteaUpdateChecker(httpEndpoint string) error {
 		},
 	}
 
-	req, err := http.NewRequest("GET", httpEndpoint, nil)
+	req, err := http.NewRequest(http.MethodGet, httpEndpoint, nil)
 	if err != nil {
 		return err
 	}
diff --git a/modules/util/error.go b/modules/util/error.go
index 8e67d5a82f..6b2721618e 100644
--- a/modules/util/error.go
+++ b/modules/util/error.go
@@ -17,8 +17,8 @@ var (
 	ErrNotExist         = errors.New("resource does not exist") // also implies HTTP 404
 	ErrAlreadyExist     = errors.New("resource already exists") // also implies HTTP 409
 
-	// ErrUnprocessableContent implies HTTP 422, syntax of the request content was correct,
-	// but server was unable to process the contained instructions
+	// ErrUnprocessableContent implies HTTP 422, the syntax of the request content is correct,
+	// but the server is unable to process the contained instructions
 	ErrUnprocessableContent = errors.New("unprocessable content")
 )
 
diff --git a/modules/util/filebuffer/file_backed_buffer.go b/modules/util/filebuffer/file_backed_buffer.go
index 739543e297..0731ba30c8 100644
--- a/modules/util/filebuffer/file_backed_buffer.go
+++ b/modules/util/filebuffer/file_backed_buffer.go
@@ -7,16 +7,10 @@ import (
 	"bytes"
 	"errors"
 	"io"
-	"math"
 	"os"
 )
 
-var (
-	// ErrInvalidMemorySize occurs if the memory size is not in a valid range
-	ErrInvalidMemorySize = errors.New("Memory size must be greater 0 and lower math.MaxInt32")
-	// ErrWriteAfterRead occurs if Write is called after a read operation
-	ErrWriteAfterRead = errors.New("Write is unsupported after a read operation")
-)
+var ErrWriteAfterRead = errors.New("write is unsupported after a read operation") // occurs if Write is called after a read operation
 
 type readAtSeeker interface {
 	io.ReadSeeker
@@ -30,34 +24,17 @@ type FileBackedBuffer struct {
 	maxMemorySize int64
 	size          int64
 	buffer        bytes.Buffer
+	tempDir       string
 	file          *os.File
 	reader        readAtSeeker
 }
 
 // New creates a file backed buffer with a specific maximum memory size
-func New(maxMemorySize int) (*FileBackedBuffer, error) {
-	if maxMemorySize < 0 || maxMemorySize > math.MaxInt32 {
-		return nil, ErrInvalidMemorySize
-	}
-
+func New(maxMemorySize int, tempDir string) *FileBackedBuffer {
 	return &FileBackedBuffer{
 		maxMemorySize: int64(maxMemorySize),
-	}, nil
-}
-
-// CreateFromReader creates a file backed buffer and copies the provided reader data into it.
-func CreateFromReader(r io.Reader, maxMemorySize int) (*FileBackedBuffer, error) {
-	b, err := New(maxMemorySize)
-	if err != nil {
-		return nil, err
+		tempDir:       tempDir,
 	}
-
-	_, err = io.Copy(b, r)
-	if err != nil {
-		return nil, err
-	}
-
-	return b, nil
 }
 
 // Write implements io.Writer
@@ -73,7 +50,7 @@ func (b *FileBackedBuffer) Write(p []byte) (int, error) {
 		n, err = b.file.Write(p)
 	} else {
 		if b.size+int64(len(p)) > b.maxMemorySize {
-			b.file, err = os.CreateTemp("", "gitea-buffer-")
+			b.file, err = os.CreateTemp(b.tempDir, "gitea-buffer-")
 			if err != nil {
 				return 0, err
 			}
@@ -148,7 +125,7 @@ func (b *FileBackedBuffer) Seek(offset int64, whence int) (int64, error) {
 func (b *FileBackedBuffer) Close() error {
 	if b.file != nil {
 		err := b.file.Close()
-		os.Remove(b.file.Name())
+		_ = os.Remove(b.file.Name())
 		b.file = nil
 		return err
 	}
diff --git a/modules/util/filebuffer/file_backed_buffer_test.go b/modules/util/filebuffer/file_backed_buffer_test.go
index 16d5a1965f..3f13c6ac7b 100644
--- a/modules/util/filebuffer/file_backed_buffer_test.go
+++ b/modules/util/filebuffer/file_backed_buffer_test.go
@@ -21,7 +21,8 @@ func TestFileBackedBuffer(t *testing.T) {
 	}
 
 	for _, c := range cases {
-		buf, err := CreateFromReader(strings.NewReader(c.Data), c.MaxMemorySize)
+		buf := New(c.MaxMemorySize, t.TempDir())
+		_, err := io.Copy(buf, strings.NewReader(c.Data))
 		assert.NoError(t, err)
 
 		assert.EqualValues(t, len(c.Data), buf.Size())
diff --git a/modules/util/map.go b/modules/util/map.go
new file mode 100644
index 0000000000..f307faad1f
--- /dev/null
+++ b/modules/util/map.go
@@ -0,0 +1,13 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package util
+
+func GetMapValueOrDefault[T any](m map[string]any, key string, defaultValue T) T {
+	if value, ok := m[key]; ok {
+		if v, ok := value.(T); ok {
+			return v
+		}
+	}
+	return defaultValue
+}
diff --git a/modules/util/map_test.go b/modules/util/map_test.go
new file mode 100644
index 0000000000..1a141cec88
--- /dev/null
+++ b/modules/util/map_test.go
@@ -0,0 +1,26 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package util
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetMapValueOrDefault(t *testing.T) {
+	testMap := map[string]any{
+		"key1": "value1",
+		"key2": 42,
+		"key3": nil,
+	}
+
+	assert.Equal(t, "value1", GetMapValueOrDefault(testMap, "key1", "default"))
+	assert.Equal(t, 42, GetMapValueOrDefault(testMap, "key2", 0))
+
+	assert.Equal(t, "default", GetMapValueOrDefault(testMap, "key4", "default"))
+	assert.Equal(t, 100, GetMapValueOrDefault(testMap, "key5", 100))
+
+	assert.Equal(t, "default", GetMapValueOrDefault(testMap, "key3", "default"))
+}
diff --git a/modules/util/paginate_test.go b/modules/util/paginate_test.go
index 6e69dd19cc..3dc5095071 100644
--- a/modules/util/paginate_test.go
+++ b/modules/util/paginate_test.go
@@ -13,23 +13,23 @@ func TestPaginateSlice(t *testing.T) {
 	stringSlice := []string{"a", "b", "c", "d", "e"}
 	result, ok := PaginateSlice(stringSlice, 1, 2).([]string)
 	assert.True(t, ok)
-	assert.EqualValues(t, []string{"a", "b"}, result)
+	assert.Equal(t, []string{"a", "b"}, result)
 
 	result, ok = PaginateSlice(stringSlice, 100, 2).([]string)
 	assert.True(t, ok)
-	assert.EqualValues(t, []string{}, result)
+	assert.Equal(t, []string{}, result)
 
 	result, ok = PaginateSlice(stringSlice, 3, 2).([]string)
 	assert.True(t, ok)
-	assert.EqualValues(t, []string{"e"}, result)
+	assert.Equal(t, []string{"e"}, result)
 
 	result, ok = PaginateSlice(stringSlice, 1, 0).([]string)
 	assert.True(t, ok)
-	assert.EqualValues(t, []string{"a", "b", "c", "d", "e"}, result)
+	assert.Equal(t, []string{"a", "b", "c", "d", "e"}, result)
 
 	result, ok = PaginateSlice(stringSlice, 1, -1).([]string)
 	assert.True(t, ok)
-	assert.EqualValues(t, []string{"a", "b", "c", "d", "e"}, result)
+	assert.Equal(t, []string{"a", "b", "c", "d", "e"}, result)
 
 	type Test struct {
 		Val int
@@ -38,9 +38,9 @@ func TestPaginateSlice(t *testing.T) {
 	testVar := []*Test{{Val: 2}, {Val: 3}, {Val: 4}}
 	testVar, ok = PaginateSlice(testVar, 1, 50).([]*Test)
 	assert.True(t, ok)
-	assert.EqualValues(t, []*Test{{Val: 2}, {Val: 3}, {Val: 4}}, testVar)
+	assert.Equal(t, []*Test{{Val: 2}, {Val: 3}, {Val: 4}}, testVar)
 
 	testVar, ok = PaginateSlice(testVar, 2, 2).([]*Test)
 	assert.True(t, ok)
-	assert.EqualValues(t, []*Test{{Val: 4}}, testVar)
+	assert.Equal(t, []*Test{{Val: 4}}, testVar)
 }
diff --git a/modules/util/path.go b/modules/util/path.go
index d9f17bd124..0e56348978 100644
--- a/modules/util/path.go
+++ b/modules/util/path.go
@@ -36,9 +36,10 @@ func PathJoinRel(elem ...string) string {
 		elems[i] = path.Clean("/" + e)
 	}
 	p := path.Join(elems...)
-	if p == "" {
+	switch p {
+	case "":
 		return ""
-	} else if p == "/" {
+	case "/":
 		return "."
 	}
 	return p[1:]
diff --git a/modules/util/remove.go b/modules/util/remove.go
index d1e38faf5f..3db0b5a796 100644
--- a/modules/util/remove.go
+++ b/modules/util/remove.go
@@ -15,7 +15,7 @@ const windowsSharingViolationError syscall.Errno = 32
 // Remove removes the named file or (empty) directory with at most 5 attempts.
 func Remove(name string) error {
 	var err error
-	for i := 0; i < 5; i++ {
+	for range 5 {
 		err = os.Remove(name)
 		if err == nil {
 			break
@@ -44,7 +44,7 @@ func Remove(name string) error {
 // RemoveAll removes the named file or (empty) directory with at most 5 attempts.
 func RemoveAll(name string) error {
 	var err error
-	for i := 0; i < 5; i++ {
+	for range 5 {
 		err = os.RemoveAll(name)
 		if err == nil {
 			break
@@ -73,7 +73,7 @@ func RemoveAll(name string) error {
 // Rename renames (moves) oldpath to newpath with at most 5 attempts.
 func Rename(oldpath, newpath string) error {
 	var err error
-	for i := 0; i < 5; i++ {
+	for i := range 5 {
 		err = os.Rename(oldpath, newpath)
 		if err == nil {
 			break
diff --git a/modules/util/rotatingfilewriter/writer_test.go b/modules/util/rotatingfilewriter/writer_test.go
index 88392797b3..f6ea1d50ae 100644
--- a/modules/util/rotatingfilewriter/writer_test.go
+++ b/modules/util/rotatingfilewriter/writer_test.go
@@ -23,7 +23,7 @@ func TestCompressOldFile(t *testing.T) {
 	ng, err := os.OpenFile(nonGzip, os.O_CREATE|os.O_WRONLY, 0o660)
 	assert.NoError(t, err)
 
-	for i := 0; i < 999; i++ {
+	for range 999 {
 		f.WriteString("This is a test file\n")
 		ng.WriteString("This is a test file\n")
 	}
diff --git a/modules/util/sec_to_time_test.go b/modules/util/sec_to_time_test.go
index b67926bbcf..84e767c6e0 100644
--- a/modules/util/sec_to_time_test.go
+++ b/modules/util/sec_to_time_test.go
@@ -24,5 +24,5 @@ func TestSecToHours(t *testing.T) {
 	assert.Equal(t, "672 hours", SecToHours(4*7*day))
 	assert.Equal(t, "1 second", SecToHours(1))
 	assert.Equal(t, "2 seconds", SecToHours(2))
-	assert.Equal(t, "", SecToHours(nil)) // old behavior, empty means no output
+	assert.Empty(t, SecToHours(nil)) // old behavior, empty means no output
 }
diff --git a/modules/util/slice.go b/modules/util/slice.go
index da6886491e..aaa729c1c9 100644
--- a/modules/util/slice.go
+++ b/modules/util/slice.go
@@ -12,8 +12,7 @@ import (
 // SliceContainsString sequential searches if string exists in slice.
 func SliceContainsString(slice []string, target string, insensitive ...bool) bool {
 	if len(insensitive) != 0 && insensitive[0] {
-		target = strings.ToLower(target)
-		return slices.ContainsFunc(slice, func(t string) bool { return strings.ToLower(t) == target })
+		return slices.ContainsFunc(slice, func(t string) bool { return strings.EqualFold(t, target) })
 	}
 
 	return slices.Contains(slice, target)
diff --git a/modules/util/string.go b/modules/util/string.go
index 19cf75b8b3..b9b59df3ef 100644
--- a/modules/util/string.go
+++ b/modules/util/string.go
@@ -103,10 +103,31 @@ func UnsafeStringToBytes(s string) []byte {
 func SplitTrimSpace(input, sep string) []string {
 	input = strings.TrimSpace(input)
 	var stringList []string
-	for _, s := range strings.Split(input, sep) {
+	for s := range strings.SplitSeq(input, sep) {
 		if s = strings.TrimSpace(s); s != "" {
 			stringList = append(stringList, s)
 		}
 	}
 	return stringList
 }
+
+func asciiLower(b byte) byte {
+	if 'A' <= b && b <= 'Z' {
+		return b + ('a' - 'A')
+	}
+	return b
+}
+
+// AsciiEqualFold is from Golang https://cs.opensource.google/go/go/+/refs/tags/go1.24.4:src/net/http/internal/ascii/print.go
+// ASCII only. In most cases for protocols, we should only use this but not [strings.EqualFold]
+func AsciiEqualFold(s, t string) bool { //nolint:revive // PascalCase
+	if len(s) != len(t) {
+		return false
+	}
+	for i := 0; i < len(s); i++ {
+		if asciiLower(s[i]) != asciiLower(t[i]) {
+			return false
+		}
+	}
+	return true
+}
diff --git a/modules/util/time_str.go b/modules/util/time_str.go
index 0fccfe82cc..81b132c3db 100644
--- a/modules/util/time_str.go
+++ b/modules/util/time_str.go
@@ -59,7 +59,7 @@ func TimeEstimateParse(timeStr string) (int64, error) {
 		unit := timeStr[match[4]:match[5]]
 		found := false
 		for _, u := range timeStrGlobalVars().units {
-			if strings.ToLower(unit) == u.name {
+			if strings.EqualFold(unit, u.name) {
 				total += amount * u.num
 				found = true
 				break
diff --git a/modules/util/truncate.go b/modules/util/truncate.go
index 2bce248281..52534d3cac 100644
--- a/modules/util/truncate.go
+++ b/modules/util/truncate.go
@@ -19,7 +19,7 @@ func IsLikelyEllipsisLeftPart(s string) bool {
 	return strings.HasSuffix(s, utf8Ellipsis) || strings.HasSuffix(s, asciiEllipsis)
 }
 
-func ellipsisGuessDisplayWidth(r rune) int {
+func ellipsisDisplayGuessWidth(r rune) int {
 	// To make the truncated string as long as possible,
 	// CJK/emoji chars are considered as 2-ASCII width but not 3-4 bytes width.
 	// Here we only make the best guess (better than counting them in bytes),
@@ -48,13 +48,17 @@ func ellipsisGuessDisplayWidth(r rune) int {
 // It appends "…" or "..." at the end of truncated string.
 // It guarantees the length of the returned runes doesn't exceed the limit.
 func EllipsisDisplayString(str string, limit int) string {
-	s, _, _, _ := ellipsisDisplayString(str, limit)
+	s, _, _, _ := ellipsisDisplayString(str, limit, ellipsisDisplayGuessWidth)
 	return s
 }
 
 // EllipsisDisplayStringX works like EllipsisDisplayString while it also returns the right part
 func EllipsisDisplayStringX(str string, limit int) (left, right string) {
-	left, offset, truncated, encounterInvalid := ellipsisDisplayString(str, limit)
+	return ellipsisDisplayStringX(str, limit, ellipsisDisplayGuessWidth)
+}
+
+func ellipsisDisplayStringX(str string, limit int, widthGuess func(rune) int) (left, right string) {
+	left, offset, truncated, encounterInvalid := ellipsisDisplayString(str, limit, widthGuess)
 	if truncated {
 		right = str[offset:]
 		r, _ := utf8.DecodeRune(UnsafeStringToBytes(right))
@@ -68,7 +72,7 @@ func EllipsisDisplayStringX(str string, limit int) (left, right string) {
 	return left, right
 }
 
-func ellipsisDisplayString(str string, limit int) (res string, offset int, truncated, encounterInvalid bool) {
+func ellipsisDisplayString(str string, limit int, widthGuess func(rune) int) (res string, offset int, truncated, encounterInvalid bool) {
 	if len(str) <= limit {
 		return str, len(str), false, false
 	}
@@ -81,7 +85,7 @@ func ellipsisDisplayString(str string, limit int) (res string, offset int, trunc
 	for i, r := range str {
 		encounterInvalid = encounterInvalid || r == utf8.RuneError
 		pos = i
-		runeWidth := ellipsisGuessDisplayWidth(r)
+		runeWidth := widthGuess(r)
 		if used+runeWidth+3 > limit {
 			break
 		}
@@ -96,7 +100,7 @@ func ellipsisDisplayString(str string, limit int) (res string, offset int, trunc
 			if nextCnt >= 4 {
 				break
 			}
-			nextWidth += ellipsisGuessDisplayWidth(r)
+			nextWidth += widthGuess(r)
 			nextCnt++
 		}
 		if nextCnt <= 3 && used+nextWidth <= limit {
@@ -114,6 +118,10 @@ func ellipsisDisplayString(str string, limit int) (res string, offset int, trunc
 	return str[:offset] + ellipsis, offset, true, encounterInvalid
 }
 
+func EllipsisTruncateRunes(str string, limit int) (left, right string) {
+	return ellipsisDisplayStringX(str, limit, func(r rune) int { return 1 })
+}
+
 // TruncateRunes returns a truncated string with given rune limit,
 // it returns input string if its rune length doesn't exceed the limit.
 func TruncateRunes(str string, limit int) string {
diff --git a/modules/util/truncate_test.go b/modules/util/truncate_test.go
index 8789c824f5..6d71f38c0c 100644
--- a/modules/util/truncate_test.go
+++ b/modules/util/truncate_test.go
@@ -5,6 +5,7 @@ package util
 
 import (
 	"fmt"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -28,7 +29,7 @@ func TestEllipsisGuessDisplayWidth(t *testing.T) {
 		t.Run(c.r, func(t *testing.T) {
 			w := 0
 			for _, r := range c.r {
-				w += ellipsisGuessDisplayWidth(r)
+				w += ellipsisDisplayGuessWidth(r)
 			}
 			assert.Equal(t, c.want, w, "hex=% x", []byte(c.r))
 		})
@@ -100,7 +101,7 @@ func TestEllipsisString(t *testing.T) {
 			{limit: 7, left: "\xef\x03\xfe\xef\x03\xfe", right: ""},
 		}
 		for _, c := range invalidCases {
-			t.Run(fmt.Sprintf("%d", c.limit), func(t *testing.T) {
+			t.Run(strconv.Itoa(c.limit), func(t *testing.T) {
 				left, right := EllipsisDisplayStringX("\xef\x03\xfe\xef\x03\xfe", c.limit)
 				assert.Equal(t, c.left, left, "left")
 				assert.Equal(t, c.right, right, "right")
@@ -115,15 +116,15 @@ func TestEllipsisString(t *testing.T) {
 }
 
 func TestTruncateRunes(t *testing.T) {
-	assert.Equal(t, "", TruncateRunes("", 0))
-	assert.Equal(t, "", TruncateRunes("", 1))
+	assert.Empty(t, TruncateRunes("", 0))
+	assert.Empty(t, TruncateRunes("", 1))
 
-	assert.Equal(t, "", TruncateRunes("ab", 0))
+	assert.Empty(t, TruncateRunes("ab", 0))
 	assert.Equal(t, "a", TruncateRunes("ab", 1))
 	assert.Equal(t, "ab", TruncateRunes("ab", 2))
 	assert.Equal(t, "ab", TruncateRunes("ab", 3))
 
-	assert.Equal(t, "", TruncateRunes("测试", 0))
+	assert.Empty(t, TruncateRunes("测试", 0))
 	assert.Equal(t, "测", TruncateRunes("测试", 1))
 	assert.Equal(t, "测试", TruncateRunes("测试", 2))
 	assert.Equal(t, "测试", TruncateRunes("测试", 3))
diff --git a/modules/util/util.go b/modules/util/util.go
index 1fb4cb21cb..dd8e073888 100644
--- a/modules/util/util.go
+++ b/modules/util/util.go
@@ -11,21 +11,10 @@ import (
 	"strconv"
 	"strings"
 
-	"code.gitea.io/gitea/modules/optional"
-
 	"golang.org/x/text/cases"
 	"golang.org/x/text/language"
 )
 
-// OptionalBoolParse get the corresponding optional.Option[bool] of a string using strconv.ParseBool
-func OptionalBoolParse(s string) optional.Option[bool] {
-	v, e := strconv.ParseBool(s)
-	if e != nil {
-		return optional.None[bool]()
-	}
-	return optional.Some(v)
-}
-
 // IsEmptyString checks if the provided string is empty
 func IsEmptyString(s string) bool {
 	return len(strings.TrimSpace(s)) == 0
@@ -230,6 +219,13 @@ func IfZero[T comparable](v, def T) T {
 	return v
 }
 
+func IfEmpty[T any](v, def []T) []T {
+	if len(v) == 0 {
+		return def
+	}
+	return v
+}
+
 // OptionalArg helps the "optional argument" in Golang:
 //
 //	func foo(optArg ...int) { return OptionalArg(optArg) }
diff --git a/modules/util/util_test.go b/modules/util/util_test.go
index effbc6da1e..fe4125cdb5 100644
--- a/modules/util/util_test.go
+++ b/modules/util/util_test.go
@@ -8,8 +8,6 @@ import (
 	"strings"
 	"testing"
 
-	"code.gitea.io/gitea/modules/optional"
-
 	"github.com/stretchr/testify/assert"
 )
 
@@ -175,19 +173,6 @@ func Test_RandomBytes(t *testing.T) {
 	assert.NotEqual(t, bytes3, bytes4)
 }
 
-func TestOptionalBoolParse(t *testing.T) {
-	assert.Equal(t, optional.None[bool](), OptionalBoolParse(""))
-	assert.Equal(t, optional.None[bool](), OptionalBoolParse("x"))
-
-	assert.Equal(t, optional.Some(false), OptionalBoolParse("0"))
-	assert.Equal(t, optional.Some(false), OptionalBoolParse("f"))
-	assert.Equal(t, optional.Some(false), OptionalBoolParse("False"))
-
-	assert.Equal(t, optional.Some(true), OptionalBoolParse("1"))
-	assert.Equal(t, optional.Some(true), OptionalBoolParse("t"))
-	assert.Equal(t, optional.Some(true), OptionalBoolParse("True"))
-}
-
 // Test case for any function which accepts and returns a single string.
 type StringTest struct {
 	in, out string
diff --git a/modules/validation/binding_test.go b/modules/validation/binding_test.go
index 28d0f57b5c..0cd328f312 100644
--- a/modules/validation/binding_test.go
+++ b/modules/validation/binding_test.go
@@ -47,7 +47,7 @@ func performValidationTest(t *testing.T, testCase validationTestCase) {
 		assert.Equal(t, testCase.expectedErrors, actual)
 	})
 
-	req, err := http.NewRequest("POST", testRoute, nil)
+	req, err := http.NewRequest(http.MethodPost, testRoute, nil)
 	if err != nil {
 		panic(err)
 	}
diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go
index 9f6cf5201a..ba383ba195 100644
--- a/modules/validation/helpers.go
+++ b/modules/validation/helpers.go
@@ -7,6 +7,7 @@ import (
 	"net"
 	"net/url"
 	"regexp"
+	"slices"
 	"strings"
 	"sync"
 
@@ -55,12 +56,7 @@ func IsValidSiteURL(uri string) bool {
 		return false
 	}
 
-	for _, scheme := range setting.Service.ValidSiteURLSchemes {
-		if scheme == u.Scheme {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(setting.Service.ValidSiteURLSchemes, u.Scheme)
 }
 
 // IsEmailDomainListed checks whether the domain of an email address
diff --git a/modules/validation/helpers_test.go b/modules/validation/helpers_test.go
index 52f383f698..6a982965f6 100644
--- a/modules/validation/helpers_test.go
+++ b/modules/validation/helpers_test.go
@@ -7,6 +7,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -47,7 +48,7 @@ func Test_IsValidURL(t *testing.T) {
 }
 
 func Test_IsValidExternalURL(t *testing.T) {
-	setting.AppURL = "https://try.gitea.io/"
+	defer test.MockVariableValue(&setting.AppURL, "https://try.gitea.io/")()
 
 	cases := []struct {
 		description string
@@ -89,7 +90,7 @@ func Test_IsValidExternalURL(t *testing.T) {
 }
 
 func Test_IsValidExternalTrackerURLFormat(t *testing.T) {
-	setting.AppURL = "https://try.gitea.io/"
+	defer test.MockVariableValue(&setting.AppURL, "https://try.gitea.io/")()
 
 	cases := []struct {
 		description string
diff --git a/modules/web/middleware/binding.go b/modules/web/middleware/binding.go
index 03e188f509..ee4eca976e 100644
--- a/modules/web/middleware/binding.go
+++ b/modules/web/middleware/binding.go
@@ -50,7 +50,7 @@ func AssignForm(form any, data map[string]any) {
 }
 
 func getRuleBody(field reflect.StructField, prefix string) string {
-	for _, rule := range strings.Split(field.Tag.Get("binding"), ";") {
+	for rule := range strings.SplitSeq(field.Tag.Get("binding"), ";") {
 		if strings.HasPrefix(rule, prefix) {
 			return rule[len(prefix) : len(rule)-1]
 		}
diff --git a/modules/web/routemock_test.go b/modules/web/routemock_test.go
index 89cfaacdd1..a0949bf622 100644
--- a/modules/web/routemock_test.go
+++ b/modules/web/routemock_test.go
@@ -30,13 +30,13 @@ func TestRouteMock(t *testing.T) {
 
 	// normal request
 	recorder := httptest.NewRecorder()
-	req, err := http.NewRequest("GET", "http://localhost:8000/foo", nil)
+	req, err := http.NewRequest(http.MethodGet, "http://localhost:8000/foo", nil)
 	assert.NoError(t, err)
 	r.ServeHTTP(recorder, req)
 	assert.Len(t, recorder.Header(), 3)
-	assert.EqualValues(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
-	assert.EqualValues(t, "m2", recorder.Header().Get("X-Test-Middleware2"))
-	assert.EqualValues(t, "h", recorder.Header().Get("X-Test-Handler"))
+	assert.Equal(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
+	assert.Equal(t, "m2", recorder.Header().Get("X-Test-Middleware2"))
+	assert.Equal(t, "h", recorder.Header().Get("X-Test-Handler"))
 	RouteMockReset()
 
 	// mock at "mock-point"
@@ -45,12 +45,12 @@ func TestRouteMock(t *testing.T) {
 		resp.WriteHeader(http.StatusOK)
 	})
 	recorder = httptest.NewRecorder()
-	req, err = http.NewRequest("GET", "http://localhost:8000/foo", nil)
+	req, err = http.NewRequest(http.MethodGet, "http://localhost:8000/foo", nil)
 	assert.NoError(t, err)
 	r.ServeHTTP(recorder, req)
 	assert.Len(t, recorder.Header(), 2)
-	assert.EqualValues(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
-	assert.EqualValues(t, "a", recorder.Header().Get("X-Test-MockPoint"))
+	assert.Equal(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
+	assert.Equal(t, "a", recorder.Header().Get("X-Test-MockPoint"))
 	RouteMockReset()
 
 	// mock at MockAfterMiddlewares
@@ -59,12 +59,12 @@ func TestRouteMock(t *testing.T) {
 		resp.WriteHeader(http.StatusOK)
 	})
 	recorder = httptest.NewRecorder()
-	req, err = http.NewRequest("GET", "http://localhost:8000/foo", nil)
+	req, err = http.NewRequest(http.MethodGet, "http://localhost:8000/foo", nil)
 	assert.NoError(t, err)
 	r.ServeHTTP(recorder, req)
 	assert.Len(t, recorder.Header(), 3)
-	assert.EqualValues(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
-	assert.EqualValues(t, "m2", recorder.Header().Get("X-Test-Middleware2"))
-	assert.EqualValues(t, "b", recorder.Header().Get("X-Test-MockPoint"))
+	assert.Equal(t, "m1", recorder.Header().Get("X-Test-Middleware1"))
+	assert.Equal(t, "m2", recorder.Header().Get("X-Test-Middleware2"))
+	assert.Equal(t, "b", recorder.Header().Get("X-Test-MockPoint"))
 	RouteMockReset()
 }
diff --git a/modules/web/router.go b/modules/web/router.go
index da06b955b1..5812ff69d4 100644
--- a/modules/web/router.go
+++ b/modules/web/router.go
@@ -125,8 +125,8 @@ func (r *Router) Methods(methods, pattern string, h ...any) {
 	middlewares, handlerFunc := wrapMiddlewareAndHandler(r.curMiddlewares, h)
 	fullPattern := r.getPattern(pattern)
 	if strings.Contains(methods, ",") {
-		methods := strings.Split(methods, ",")
-		for _, method := range methods {
+		methods := strings.SplitSeq(methods, ",")
+		for method := range methods {
 			r.chiRouter.With(middlewares...).Method(strings.TrimSpace(method), fullPattern, handlerFunc)
 		}
 	} else {
diff --git a/modules/web/router_path.go b/modules/web/router_path.go
index b59948581a..64154c34a5 100644
--- a/modules/web/router_path.go
+++ b/modules/web/router_path.go
@@ -4,9 +4,9 @@
 package web
 
 import (
-	"fmt"
 	"net/http"
 	"regexp"
+	"slices"
 	"strings"
 
 	"code.gitea.io/gitea/modules/container"
@@ -26,6 +26,7 @@ func (g *RouterPathGroup) ServeHTTP(resp http.ResponseWriter, req *http.Request)
 	path := chiCtx.URLParam(g.pathParam)
 	for _, m := range g.matchers {
 		if m.matchPath(chiCtx, path) {
+			chiCtx.RoutePatterns = append(chiCtx.RoutePatterns, m.pattern)
 			handler := m.handlerFunc
 			for i := len(m.middlewares) - 1; i >= 0; i-- {
 				handler = m.middlewares[i](handler).ServeHTTP
@@ -37,11 +38,22 @@ func (g *RouterPathGroup) ServeHTTP(resp http.ResponseWriter, req *http.Request)
 	g.r.chiRouter.NotFoundHandler().ServeHTTP(resp, req)
 }
 
+type RouterPathGroupPattern struct {
+	pattern     string
+	re          *regexp.Regexp
+	params      []routerPathParam
+	middlewares []any
+}
+
 // MatchPath matches the request method, and uses regexp to match the path.
-// The pattern uses "<...>" to define path parameters, for example: "/<name>" (different from chi router)
-// It is only designed to resolve some special cases which chi router can't handle.
+// The pattern uses "<...>" to define path parameters, for example, "/<name>" (different from chi router)
+// It is only designed to resolve some special cases that chi router can't handle.
 // For most cases, it shouldn't be used because it needs to iterate all rules to find the matched one (inefficient).
 func (g *RouterPathGroup) MatchPath(methods, pattern string, h ...any) {
+	g.MatchPattern(methods, g.PatternRegexp(pattern), h...)
+}
+
+func (g *RouterPathGroup) MatchPattern(methods string, pattern *RouterPathGroupPattern, h ...any) {
 	g.matchers = append(g.matchers, newRouterPathMatcher(methods, pattern, h...))
 }
 
@@ -52,6 +64,7 @@ type routerPathParam struct {
 
 type routerPathMatcher struct {
 	methods     container.Set[string]
+	pattern     string
 	re          *regexp.Regexp
 	params      []routerPathParam
 	middlewares []func(http.Handler) http.Handler
@@ -97,29 +110,35 @@ func isValidMethod(name string) bool {
 	return false
 }
 
-func newRouterPathMatcher(methods, pattern string, h ...any) *routerPathMatcher {
-	middlewares, handlerFunc := wrapMiddlewareAndHandler(nil, h)
+func newRouterPathMatcher(methods string, patternRegexp *RouterPathGroupPattern, h ...any) *routerPathMatcher {
+	middlewares, handlerFunc := wrapMiddlewareAndHandler(patternRegexp.middlewares, h)
 	p := &routerPathMatcher{methods: make(container.Set[string]), middlewares: middlewares, handlerFunc: handlerFunc}
-	for _, method := range strings.Split(methods, ",") {
+	for method := range strings.SplitSeq(methods, ",") {
 		method = strings.TrimSpace(method)
 		if !isValidMethod(method) {
-			panic(fmt.Sprintf("invalid HTTP method: %s", method))
+			panic("invalid HTTP method: " + method)
 		}
 		p.methods.Add(method)
 	}
+	p.pattern, p.re, p.params = patternRegexp.pattern, patternRegexp.re, patternRegexp.params
+	return p
+}
+
+func patternRegexp(pattern string, h ...any) *RouterPathGroupPattern {
+	p := &RouterPathGroupPattern{middlewares: slices.Clone(h)}
 	re := []byte{'^'}
 	lastEnd := 0
 	for lastEnd < len(pattern) {
 		start := strings.IndexByte(pattern[lastEnd:], '<')
 		if start == -1 {
-			re = append(re, pattern[lastEnd:]...)
+			re = append(re, regexp.QuoteMeta(pattern[lastEnd:])...)
 			break
 		}
 		end := strings.IndexByte(pattern[lastEnd+start:], '>')
 		if end == -1 {
-			panic(fmt.Sprintf("invalid pattern: %s", pattern))
+			panic("invalid pattern: " + pattern)
 		}
-		re = append(re, pattern[lastEnd:lastEnd+start]...)
+		re = append(re, regexp.QuoteMeta(pattern[lastEnd:lastEnd+start])...)
 		partName, partExp, _ := strings.Cut(pattern[lastEnd+start+1:lastEnd+start+end], ":")
 		lastEnd += start + end + 1
 
@@ -141,7 +160,10 @@ func newRouterPathMatcher(methods, pattern string, h ...any) *routerPathMatcher
 		p.params = append(p.params, param)
 	}
 	re = append(re, '$')
-	reStr := string(re)
-	p.re = regexp.MustCompile(reStr)
+	p.pattern, p.re = pattern, regexp.MustCompile(string(re))
 	return p
 }
+
+func (g *RouterPathGroup) PatternRegexp(pattern string, h ...any) *RouterPathGroupPattern {
+	return patternRegexp(pattern, h...)
+}
diff --git a/modules/web/router_test.go b/modules/web/router_test.go
index 582980a27a..f216aa6180 100644
--- a/modules/web/router_test.go
+++ b/modules/web/router_test.go
@@ -34,7 +34,7 @@ func TestPathProcessor(t *testing.T) {
 	testProcess := func(pattern, uri string, expectedPathParams map[string]string) {
 		chiCtx := chi.NewRouteContext()
 		chiCtx.RouteMethod = "GET"
-		p := newRouterPathMatcher("GET", pattern, http.NotFound)
+		p := newRouterPathMatcher("GET", patternRegexp(pattern), http.NotFound)
 		assert.True(t, p.matchPath(chiCtx, uri), "use pattern %s to process uri %s", pattern, uri)
 		assert.Equal(t, expectedPathParams, chiURLParamsToMap(chiCtx), "use pattern %s to process uri %s", pattern, uri)
 	}
@@ -51,23 +51,28 @@ func TestPathProcessor(t *testing.T) {
 }
 
 func TestRouter(t *testing.T) {
-	buff := bytes.NewBufferString("")
+	buff := &bytes.Buffer{}
 	recorder := httptest.NewRecorder()
 	recorder.Body = buff
 
 	type resultStruct struct {
-		method      string
-		pathParams  map[string]string
-		handlerMark string
+		method          string
+		pathParams      map[string]string
+		handlerMarks    []string
+		chiRoutePattern *string
 	}
-	var res resultStruct
 
+	var res resultStruct
 	h := func(optMark ...string) func(resp http.ResponseWriter, req *http.Request) {
 		mark := util.OptionalArg(optMark, "")
 		return func(resp http.ResponseWriter, req *http.Request) {
+			chiCtx := chi.RouteContext(req.Context())
 			res.method = req.Method
-			res.pathParams = chiURLParamsToMap(chi.RouteContext(req.Context()))
-			res.handlerMark = mark
+			res.pathParams = chiURLParamsToMap(chiCtx)
+			res.chiRoutePattern = util.ToPointer(chiCtx.RoutePattern())
+			if mark != "" {
+				res.handlerMarks = append(res.handlerMarks, mark)
+			}
 		}
 	}
 
@@ -77,6 +82,8 @@ func TestRouter(t *testing.T) {
 			if stop := req.FormValue("stop"); stop != "" && (mark == "" || mark == stop) {
 				h(stop)(resp, req)
 				resp.WriteHeader(http.StatusOK)
+			} else if mark != "" {
+				res.handlerMarks = append(res.handlerMarks, mark)
 			}
 		}
 	}
@@ -108,7 +115,7 @@ func TestRouter(t *testing.T) {
 					m.Delete("", h())
 				})
 				m.PathGroup("/*", func(g *RouterPathGroup) {
-					g.MatchPath("GET", `/<dir:*>/<file:[a-z]{1,2}>`, stopMark("s2"), h("match-path"))
+					g.MatchPattern("GET", g.PatternRegexp(`/<dir:*>/<file:[a-z]{1,2}>`, stopMark("s2")), stopMark("s3"), h("match-path"))
 				}, stopMark("s1"))
 			})
 		})
@@ -121,36 +128,47 @@ func TestRouter(t *testing.T) {
 			req, err := http.NewRequest(methodPathFields[0], methodPathFields[1], nil)
 			assert.NoError(t, err)
 			r.ServeHTTP(recorder, req)
-			assert.EqualValues(t, expected, res)
+			if expected.chiRoutePattern == nil {
+				res.chiRoutePattern = nil
+			}
+			assert.Equal(t, expected, res)
 		})
 	}
 
 	t.Run("RootRouter", func(t *testing.T) {
-		testRoute(t, "GET /the-user/the-repo/other", resultStruct{method: "GET", handlerMark: "not-found:/"})
+		testRoute(t, "GET /the-user/the-repo/other", resultStruct{
+			method:          "GET",
+			handlerMarks:    []string{"not-found:/"},
+			chiRoutePattern: util.ToPointer(""),
+		})
 		testRoute(t, "GET /the-user/the-repo/pulls", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "type": "pulls"},
-			handlerMark: "list-issues-b",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "type": "pulls"},
+			handlerMarks: []string{"list-issues-b"},
 		})
 		testRoute(t, "GET /the-user/the-repo/issues/123", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "type": "issues", "index": "123"},
-			handlerMark: "view-issue",
+			method:          "GET",
+			pathParams:      map[string]string{"username": "the-user", "reponame": "the-repo", "type": "issues", "index": "123"},
+			handlerMarks:    []string{"view-issue"},
+			chiRoutePattern: util.ToPointer("/{username}/{reponame}/{type:issues|pulls}/{index}"),
 		})
 		testRoute(t, "GET /the-user/the-repo/issues/123?stop=hijack", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "type": "issues", "index": "123"},
-			handlerMark: "hijack",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "type": "issues", "index": "123"},
+			handlerMarks: []string{"hijack"},
 		})
 		testRoute(t, "POST /the-user/the-repo/issues/123/update", resultStruct{
-			method:      "POST",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "index": "123"},
-			handlerMark: "update-issue",
+			method:       "POST",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "index": "123"},
+			handlerMarks: []string{"update-issue"},
 		})
 	})
 
 	t.Run("Sub Router", func(t *testing.T) {
-		testRoute(t, "GET /api/v1/other", resultStruct{method: "GET", handlerMark: "not-found:/api/v1"})
+		testRoute(t, "GET /api/v1/other", resultStruct{
+			method:       "GET",
+			handlerMarks: []string{"not-found:/api/v1"},
+		})
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches", resultStruct{
 			method:     "GET",
 			pathParams: map[string]string{"username": "the-user", "reponame": "the-repo"},
@@ -179,31 +197,38 @@ func TestRouter(t *testing.T) {
 
 	t.Run("MatchPath", func(t *testing.T) {
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/fn", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
-			handlerMark: "match-path",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
+			handlerMarks: []string{"s1", "s2", "s3", "match-path"},
 		})
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1%2fd2/fn", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1%2fd2/fn", "dir": "d1%2fd2", "file": "fn"},
-			handlerMark: "match-path",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1%2fd2/fn", "dir": "d1%2fd2", "file": "fn"},
+			handlerMarks: []string{"s1", "s2", "s3", "match-path"},
 		})
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/000", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"reponame": "the-repo", "username": "the-user", "*": "d1/d2/000"},
-			handlerMark: "not-found:/api/v1",
+			method:       "GET",
+			pathParams:   map[string]string{"reponame": "the-repo", "username": "the-user", "*": "d1/d2/000"},
+			handlerMarks: []string{"s1", "not-found:/api/v1"},
 		})
 
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/fn?stop=s1", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn"},
-			handlerMark: "s1",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn"},
+			handlerMarks: []string{"s1"},
 		})
 
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/fn?stop=s2", resultStruct{
-			method:      "GET",
-			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
-			handlerMark: "s2",
+			method:       "GET",
+			pathParams:   map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
+			handlerMarks: []string{"s1", "s2"},
+		})
+
+		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/fn?stop=s3", resultStruct{
+			method:          "GET",
+			pathParams:      map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
+			handlerMarks:    []string{"s1", "s2", "s3"},
+			chiRoutePattern: util.ToPointer("/api/v1/repos/{username}/{reponame}/branches/<dir:*>/<file:[a-z]{1,2}>"),
 		})
 	})
 }
@@ -224,7 +249,7 @@ func TestRouteNormalizePath(t *testing.T) {
 			actualPaths.Path = req.URL.Path
 		})
 
-		req, err := http.NewRequest("GET", reqPath, nil)
+		req, err := http.NewRequest(http.MethodGet, reqPath, nil)
 		assert.NoError(t, err)
 		r.ServeHTTP(recorder, req)
 		assert.Equal(t, expectedPaths, actualPaths, "req path = %q", reqPath)
diff --git a/modules/web/routing/logger.go b/modules/web/routing/logger.go
index e3843b1402..3bca9b3420 100644
--- a/modules/web/routing/logger.go
+++ b/modules/web/routing/logger.go
@@ -103,7 +103,10 @@ func logPrinter(logger log.Logger) func(trigger Event, record *requestRecord) {
 			status = v.WrittenStatus()
 		}
 		logf := logInfo
-		if strings.HasPrefix(req.RequestURI, "/assets/") {
+		// lower the log level for some specific requests, in most cases these logs are not useful
+		if strings.HasPrefix(req.RequestURI, "/assets/") /* static assets */ ||
+			req.RequestURI == "/user/events" /* Server-Sent Events (SSE) handler */ ||
+			req.RequestURI == "/api/actions/runner.v1.RunnerService/FetchTask" /* Actions Runner polling */ {
 			logf = logTrace
 		}
 		message := completedMessage
diff --git a/modules/webhook/type.go b/modules/webhook/type.go
index 72ffde26a1..89c6a4bfe5 100644
--- a/modules/webhook/type.go
+++ b/modules/webhook/type.go
@@ -38,6 +38,7 @@ const (
 	HookEventPullRequestReview HookEventType = "pull_request_review"
 	// Actions event only
 	HookEventSchedule    HookEventType = "schedule"
+	HookEventWorkflowRun HookEventType = "workflow_run"
 	HookEventWorkflowJob HookEventType = "workflow_job"
 )
 
@@ -67,6 +68,7 @@ func AllEvents() []HookEventType {
 		HookEventRelease,
 		HookEventPackage,
 		HookEventStatus,
+		HookEventWorkflowRun,
 		HookEventWorkflowJob,
 	}
 }
diff --git a/modules/zstd/zstd_test.go b/modules/zstd/zstd_test.go
index c3ca8e78f7..7fd30484ca 100644
--- a/modules/zstd/zstd_test.go
+++ b/modules/zstd/zstd_test.go
@@ -16,7 +16,7 @@ import (
 )
 
 func TestWriterReader(t *testing.T) {
-	testData := prepareTestData(t, 20_000_000)
+	testData := prepareTestData(t, 1_000_000)
 
 	result := bytes.NewBuffer(nil)
 
@@ -64,7 +64,7 @@ func TestWriterReader(t *testing.T) {
 }
 
 func TestSeekableWriterReader(t *testing.T) {
-	testData := prepareTestData(t, 20_000_000)
+	testData := prepareTestData(t, 2_000_000)
 
 	result := bytes.NewBuffer(nil)
 
@@ -109,7 +109,7 @@ func TestSeekableWriterReader(t *testing.T) {
 		reader, err := NewSeekableReader(assertReader)
 		require.NoError(t, err)
 
-		_, err = reader.Seek(10_000_000, io.SeekStart)
+		_, err = reader.Seek(1_000_000, io.SeekStart)
 		require.NoError(t, err)
 
 		data := make([]byte, 1000)
@@ -117,7 +117,7 @@ func TestSeekableWriterReader(t *testing.T) {
 		require.NoError(t, err)
 		require.NoError(t, reader.Close())
 
-		assert.Equal(t, testData[10_000_000:10_000_000+1000], data)
+		assert.Equal(t, testData[1_000_000:1_000_000+1000], data)
 
 		// Should seek 3 times,
 		// the first two times are for getting the index,
diff --git a/options/fileicon/material-icon-rules.json b/options/fileicon/material-icon-rules.json
index fd058c82dc..caa068ff44 100644
--- a/options/fileicon/material-icon-rules.json
+++ b/options/fileicon/material-icon-rules.json
@@ -716,6 +716,14 @@
     ".designs": "folder-theme",
     "_designs": "folder-theme",
     "__designs__": "folder-theme",
+    "palette": "folder-theme",
+    ".palette": "folder-theme",
+    "_palette": "folder-theme",
+    "__palette__": "folder-theme",
+    "palettes": "folder-theme",
+    ".palettes": "folder-theme",
+    "_palettes": "folder-theme",
+    "__palettes__": "folder-theme",
     "webpack": "folder-webpack",
     ".webpack": "folder-webpack",
     "_webpack": "folder-webpack",
@@ -884,6 +892,14 @@
     ".music": "folder-audio",
     "_music": "folder-audio",
     "__music__": "folder-audio",
+    "song": "folder-audio",
+    ".song": "folder-audio",
+    "_song": "folder-audio",
+    "__song__": "folder-audio",
+    "songs": "folder-audio",
+    ".songs": "folder-audio",
+    "_songs": "folder-audio",
+    "__songs__": "folder-audio",
     "sound": "folder-audio",
     ".sound": "folder-audio",
     "_sound": "folder-audio",
@@ -1112,6 +1128,18 @@
     ".routers": "folder-routes",
     "_routers": "folder-routes",
     "__routers__": "folder-routes",
+    "navigation": "folder-routes",
+    ".navigation": "folder-routes",
+    "_navigation": "folder-routes",
+    "__navigation__": "folder-routes",
+    "navigations": "folder-routes",
+    ".navigations": "folder-routes",
+    "_navigations": "folder-routes",
+    "__navigations__": "folder-routes",
+    "routing": "folder-routes",
+    ".routing": "folder-routes",
+    "_routing": "folder-routes",
+    "__routing__": "folder-routes",
     "ci": "folder-ci",
     ".ci": "folder-ci",
     "_ci": "folder-ci",
@@ -1124,10 +1152,18 @@
     ".benchmarks": "folder-benchmark",
     "_benchmarks": "folder-benchmark",
     "__benchmarks__": "folder-benchmark",
+    "bench": "folder-benchmark",
+    ".bench": "folder-benchmark",
+    "_bench": "folder-benchmark",
+    "__bench__": "folder-benchmark",
     "performance": "folder-benchmark",
     ".performance": "folder-benchmark",
     "_performance": "folder-benchmark",
     "__performance__": "folder-benchmark",
+    "perf": "folder-benchmark",
+    ".perf": "folder-benchmark",
+    "_perf": "folder-benchmark",
+    "__perf__": "folder-benchmark",
     "profiling": "folder-benchmark",
     ".profiling": "folder-benchmark",
     "_profiling": "folder-benchmark",
@@ -1224,10 +1260,18 @@
     ".sandbox": "folder-sandbox",
     "_sandbox": "folder-sandbox",
     "__sandbox__": "folder-sandbox",
+    "sandboxes": "folder-sandbox",
+    ".sandboxes": "folder-sandbox",
+    "_sandboxes": "folder-sandbox",
+    "__sandboxes__": "folder-sandbox",
     "playground": "folder-sandbox",
     ".playground": "folder-sandbox",
     "_playground": "folder-sandbox",
     "__playground__": "folder-sandbox",
+    "playgrounds": "folder-sandbox",
+    ".playgrounds": "folder-sandbox",
+    "_playgrounds": "folder-sandbox",
+    "__playgrounds__": "folder-sandbox",
     "scons": "folder-scons",
     ".scons": "folder-scons",
     "_scons": "folder-scons",
@@ -1572,46 +1616,46 @@
     ".archival": "folder-archive",
     "_archival": "folder-archive",
     "__archival__": "folder-archive",
-    "bkp": "folder-archive",
-    ".bkp": "folder-archive",
-    "_bkp": "folder-archive",
-    "__bkp__": "folder-archive",
-    "bkps": "folder-archive",
-    ".bkps": "folder-archive",
-    "_bkps": "folder-archive",
-    "__bkps__": "folder-archive",
-    "bak": "folder-archive",
-    ".bak": "folder-archive",
-    "_bak": "folder-archive",
-    "__bak__": "folder-archive",
-    "baks": "folder-archive",
-    ".baks": "folder-archive",
-    "_baks": "folder-archive",
-    "__baks__": "folder-archive",
-    "backup": "folder-archive",
-    ".backup": "folder-archive",
-    "_backup": "folder-archive",
-    "__backup__": "folder-archive",
-    "backups": "folder-archive",
-    ".backups": "folder-archive",
-    "_backups": "folder-archive",
-    "__backups__": "folder-archive",
-    "back-up": "folder-archive",
-    ".back-up": "folder-archive",
-    "_back-up": "folder-archive",
-    "__back-up__": "folder-archive",
-    "back-ups": "folder-archive",
-    ".back-ups": "folder-archive",
-    "_back-ups": "folder-archive",
-    "__back-ups__": "folder-archive",
-    "history": "folder-archive",
-    ".history": "folder-archive",
-    "_history": "folder-archive",
-    "__history__": "folder-archive",
-    "histories": "folder-archive",
-    ".histories": "folder-archive",
-    "_histories": "folder-archive",
-    "__histories__": "folder-archive",
+    "bkp": "folder-backup",
+    ".bkp": "folder-backup",
+    "_bkp": "folder-backup",
+    "__bkp__": "folder-backup",
+    "bkps": "folder-backup",
+    ".bkps": "folder-backup",
+    "_bkps": "folder-backup",
+    "__bkps__": "folder-backup",
+    "bak": "folder-backup",
+    ".bak": "folder-backup",
+    "_bak": "folder-backup",
+    "__bak__": "folder-backup",
+    "baks": "folder-backup",
+    ".baks": "folder-backup",
+    "_baks": "folder-backup",
+    "__baks__": "folder-backup",
+    "backup": "folder-backup",
+    ".backup": "folder-backup",
+    "_backup": "folder-backup",
+    "__backup__": "folder-backup",
+    "backups": "folder-backup",
+    ".backups": "folder-backup",
+    "_backups": "folder-backup",
+    "__backups__": "folder-backup",
+    "back-up": "folder-backup",
+    ".back-up": "folder-backup",
+    "_back-up": "folder-backup",
+    "__back-up__": "folder-backup",
+    "back-ups": "folder-backup",
+    ".back-ups": "folder-backup",
+    "_back-ups": "folder-backup",
+    "__back-ups__": "folder-backup",
+    "history": "folder-backup",
+    ".history": "folder-backup",
+    "_history": "folder-backup",
+    "__history__": "folder-backup",
+    "histories": "folder-backup",
+    ".histories": "folder-backup",
+    "_histories": "folder-backup",
+    "__histories__": "folder-backup",
     "batch": "folder-batch",
     ".batch": "folder-batch",
     "_batch": "folder-batch",
@@ -1668,6 +1712,14 @@
     ".constants": "folder-constant",
     "_constants": "folder-constant",
     "__constants__": "folder-constant",
+    "const": "folder-constant",
+    ".const": "folder-constant",
+    "_const": "folder-constant",
+    "__const__": "folder-constant",
+    "consts": "folder-constant",
+    ".consts": "folder-constant",
+    "_consts": "folder-constant",
+    "__consts__": "folder-constant",
     "container": "folder-container",
     ".container": "folder-container",
     "_container": "folder-container",
@@ -1856,14 +1908,14 @@
     ".hooks": "folder-hook",
     "_hooks": "folder-hook",
     "__hooks__": "folder-hook",
-    "trigger": "folder-hook",
-    ".trigger": "folder-hook",
-    "_trigger": "folder-hook",
-    "__trigger__": "folder-hook",
-    "triggers": "folder-hook",
-    ".triggers": "folder-hook",
-    "_triggers": "folder-hook",
-    "__triggers__": "folder-hook",
+    "trigger": "folder-trigger",
+    ".trigger": "folder-trigger",
+    "_trigger": "folder-trigger",
+    "__trigger__": "folder-trigger",
+    "triggers": "folder-trigger",
+    ".triggers": "folder-trigger",
+    "_triggers": "folder-trigger",
+    "__triggers__": "folder-trigger",
     "job": "folder-job",
     ".job": "folder-job",
     "_job": "folder-job",
@@ -2092,6 +2144,34 @@
     ".DS_Store": "folder-macos",
     "_DS_Store": "folder-macos",
     "__DS_Store__": "folder-macos",
+    "iPhone": "folder-macos",
+    ".iPhone": "folder-macos",
+    "_iPhone": "folder-macos",
+    "__iPhone__": "folder-macos",
+    "iPad": "folder-macos",
+    ".iPad": "folder-macos",
+    "_iPad": "folder-macos",
+    "__iPad__": "folder-macos",
+    "iPod": "folder-macos",
+    ".iPod": "folder-macos",
+    "_iPod": "folder-macos",
+    "__iPod__": "folder-macos",
+    "macbook": "folder-macos",
+    ".macbook": "folder-macos",
+    "_macbook": "folder-macos",
+    "__macbook__": "folder-macos",
+    "macbook-air": "folder-macos",
+    ".macbook-air": "folder-macos",
+    "_macbook-air": "folder-macos",
+    "__macbook-air__": "folder-macos",
+    "macosx": "folder-macos",
+    ".macosx": "folder-macos",
+    "_macosx": "folder-macos",
+    "__macosx__": "folder-macos",
+    "apple": "folder-macos",
+    ".apple": "folder-macos",
+    "_apple": "folder-macos",
+    "__apple__": "folder-macos",
     "error": "folder-error",
     ".error": "folder-error",
     "_error": "folder-error",
@@ -2428,6 +2508,34 @@
     ".firebase": "folder-firebase",
     "_firebase": "folder-firebase",
     "__firebase__": "folder-firebase",
+    "firestore": "folder-firestore",
+    ".firestore": "folder-firestore",
+    "_firestore": "folder-firestore",
+    "__firestore__": "folder-firestore",
+    "cloud-firestore": "folder-firestore",
+    ".cloud-firestore": "folder-firestore",
+    "_cloud-firestore": "folder-firestore",
+    "__cloud-firestore__": "folder-firestore",
+    "firebase-firestore": "folder-firestore",
+    ".firebase-firestore": "folder-firestore",
+    "_firebase-firestore": "folder-firestore",
+    "__firebase-firestore__": "folder-firestore",
+    "cloud-functions": "folder-cloud-functions",
+    ".cloud-functions": "folder-cloud-functions",
+    "_cloud-functions": "folder-cloud-functions",
+    "__cloud-functions__": "folder-cloud-functions",
+    "cloudfunctions": "folder-cloud-functions",
+    ".cloudfunctions": "folder-cloud-functions",
+    "_cloudfunctions": "folder-cloud-functions",
+    "__cloudfunctions__": "folder-cloud-functions",
+    "firebase-cloud-functions": "folder-cloud-functions",
+    ".firebase-cloud-functions": "folder-cloud-functions",
+    "_firebase-cloud-functions": "folder-cloud-functions",
+    "__firebase-cloud-functions__": "folder-cloud-functions",
+    "firebase-cloudfunctions": "folder-cloud-functions",
+    ".firebase-cloudfunctions": "folder-cloud-functions",
+    "_firebase-cloudfunctions": "folder-cloud-functions",
+    "__firebase-cloudfunctions__": "folder-cloud-functions",
     "svelte": "folder-svelte",
     ".svelte": "folder-svelte",
     "_svelte": "folder-svelte",
@@ -2975,6 +3083,82 @@
     ".zeabur": "folder-zeabur",
     "_zeabur": "folder-zeabur",
     "__zeabur__": "folder-zeabur",
+    "kusto": "folder-kusto",
+    ".kusto": "folder-kusto",
+    "_kusto": "folder-kusto",
+    "__kusto__": "folder-kusto",
+    "kql": "folder-kusto",
+    ".kql": "folder-kusto",
+    "_kql": "folder-kusto",
+    "__kql__": "folder-kusto",
+    "policy": "folder-policy",
+    ".policy": "folder-policy",
+    "_policy": "folder-policy",
+    "__policy__": "folder-policy",
+    "policies": "folder-policy",
+    ".policies": "folder-policy",
+    "_policies": "folder-policy",
+    "__policies__": "folder-policy",
+    "attachment": "folder-attachment",
+    ".attachment": "folder-attachment",
+    "_attachment": "folder-attachment",
+    "__attachment__": "folder-attachment",
+    "attachments": "folder-attachment",
+    ".attachments": "folder-attachment",
+    "_attachments": "folder-attachment",
+    "__attachments__": "folder-attachment",
+    "bibliography": "folder-bibliography",
+    ".bibliography": "folder-bibliography",
+    "_bibliography": "folder-bibliography",
+    "__bibliography__": "folder-bibliography",
+    "bibliographies": "folder-bibliography",
+    ".bibliographies": "folder-bibliography",
+    "_bibliographies": "folder-bibliography",
+    "__bibliographies__": "folder-bibliography",
+    "book": "folder-bibliography",
+    ".book": "folder-bibliography",
+    "_book": "folder-bibliography",
+    "__book__": "folder-bibliography",
+    "books": "folder-bibliography",
+    ".books": "folder-bibliography",
+    "_books": "folder-bibliography",
+    "__books__": "folder-bibliography",
+    "link": "folder-link",
+    ".link": "folder-link",
+    "_link": "folder-link",
+    "__link__": "folder-link",
+    "links": "folder-link",
+    ".links": "folder-link",
+    "_links": "folder-link",
+    "__links__": "folder-link",
+    "pytorch": "folder-pytorch",
+    ".pytorch": "folder-pytorch",
+    "_pytorch": "folder-pytorch",
+    "__pytorch__": "folder-pytorch",
+    "torch": "folder-pytorch",
+    ".torch": "folder-pytorch",
+    "_torch": "folder-pytorch",
+    "__torch__": "folder-pytorch",
+    "blender": "folder-blender",
+    ".blender": "folder-blender",
+    "_blender": "folder-blender",
+    "__blender__": "folder-blender",
+    "blender-assets": "folder-blender",
+    ".blender-assets": "folder-blender",
+    "_blender-assets": "folder-blender",
+    "__blender-assets__": "folder-blender",
+    "blender-files": "folder-blender",
+    ".blender-files": "folder-blender",
+    "_blender-files": "folder-blender",
+    "__blender-files__": "folder-blender",
+    "blender-project": "folder-blender",
+    ".blender-project": "folder-blender",
+    "_blender-project": "folder-blender",
+    "__blender-project__": "folder-blender",
+    "blender-models": "folder-blender",
+    ".blender-models": "folder-blender",
+    "_blender-models": "folder-blender",
+    "__blender-models__": "folder-blender",
     "meta-inf": "folder-config",
     ".meta-inf": "folder-config",
     "_meta-inf": "folder-config",
@@ -2990,7 +3174,19 @@
     "ds_store": "folder-macos",
     ".ds_store": "folder-macos",
     "_ds_store": "folder-macos",
-    "__ds_store__": "folder-macos"
+    "__ds_store__": "folder-macos",
+    "iphone": "folder-macos",
+    ".iphone": "folder-macos",
+    "_iphone": "folder-macos",
+    "__iphone__": "folder-macos",
+    "ipad": "folder-macos",
+    ".ipad": "folder-macos",
+    "_ipad": "folder-macos",
+    "__ipad__": "folder-macos",
+    "ipod": "folder-macos",
+    ".ipod": "folder-macos",
+    "_ipod": "folder-macos",
+    "__ipod__": "folder-macos"
   },
   "folderNamesExpanded": {
     "rust": "folder-rust-open",
@@ -3709,6 +3905,14 @@
     ".designs": "folder-theme-open",
     "_designs": "folder-theme-open",
     "__designs__": "folder-theme-open",
+    "palette": "folder-theme-open",
+    ".palette": "folder-theme-open",
+    "_palette": "folder-theme-open",
+    "__palette__": "folder-theme-open",
+    "palettes": "folder-theme-open",
+    ".palettes": "folder-theme-open",
+    "_palettes": "folder-theme-open",
+    "__palettes__": "folder-theme-open",
     "webpack": "folder-webpack-open",
     ".webpack": "folder-webpack-open",
     "_webpack": "folder-webpack-open",
@@ -3877,6 +4081,14 @@
     ".music": "folder-audio-open",
     "_music": "folder-audio-open",
     "__music__": "folder-audio-open",
+    "song": "folder-audio-open",
+    ".song": "folder-audio-open",
+    "_song": "folder-audio-open",
+    "__song__": "folder-audio-open",
+    "songs": "folder-audio-open",
+    ".songs": "folder-audio-open",
+    "_songs": "folder-audio-open",
+    "__songs__": "folder-audio-open",
     "sound": "folder-audio-open",
     ".sound": "folder-audio-open",
     "_sound": "folder-audio-open",
@@ -4105,6 +4317,18 @@
     ".routers": "folder-routes-open",
     "_routers": "folder-routes-open",
     "__routers__": "folder-routes-open",
+    "navigation": "folder-routes-open",
+    ".navigation": "folder-routes-open",
+    "_navigation": "folder-routes-open",
+    "__navigation__": "folder-routes-open",
+    "navigations": "folder-routes-open",
+    ".navigations": "folder-routes-open",
+    "_navigations": "folder-routes-open",
+    "__navigations__": "folder-routes-open",
+    "routing": "folder-routes-open",
+    ".routing": "folder-routes-open",
+    "_routing": "folder-routes-open",
+    "__routing__": "folder-routes-open",
     "ci": "folder-ci-open",
     ".ci": "folder-ci-open",
     "_ci": "folder-ci-open",
@@ -4117,10 +4341,18 @@
     ".benchmarks": "folder-benchmark-open",
     "_benchmarks": "folder-benchmark-open",
     "__benchmarks__": "folder-benchmark-open",
+    "bench": "folder-benchmark-open",
+    ".bench": "folder-benchmark-open",
+    "_bench": "folder-benchmark-open",
+    "__bench__": "folder-benchmark-open",
     "performance": "folder-benchmark-open",
     ".performance": "folder-benchmark-open",
     "_performance": "folder-benchmark-open",
     "__performance__": "folder-benchmark-open",
+    "perf": "folder-benchmark-open",
+    ".perf": "folder-benchmark-open",
+    "_perf": "folder-benchmark-open",
+    "__perf__": "folder-benchmark-open",
     "profiling": "folder-benchmark-open",
     ".profiling": "folder-benchmark-open",
     "_profiling": "folder-benchmark-open",
@@ -4217,10 +4449,18 @@
     ".sandbox": "folder-sandbox-open",
     "_sandbox": "folder-sandbox-open",
     "__sandbox__": "folder-sandbox-open",
+    "sandboxes": "folder-sandbox-open",
+    ".sandboxes": "folder-sandbox-open",
+    "_sandboxes": "folder-sandbox-open",
+    "__sandboxes__": "folder-sandbox-open",
     "playground": "folder-sandbox-open",
     ".playground": "folder-sandbox-open",
     "_playground": "folder-sandbox-open",
     "__playground__": "folder-sandbox-open",
+    "playgrounds": "folder-sandbox-open",
+    ".playgrounds": "folder-sandbox-open",
+    "_playgrounds": "folder-sandbox-open",
+    "__playgrounds__": "folder-sandbox-open",
     "scons": "folder-scons-open",
     ".scons": "folder-scons-open",
     "_scons": "folder-scons-open",
@@ -4565,46 +4805,46 @@
     ".archival": "folder-archive-open",
     "_archival": "folder-archive-open",
     "__archival__": "folder-archive-open",
-    "bkp": "folder-archive-open",
-    ".bkp": "folder-archive-open",
-    "_bkp": "folder-archive-open",
-    "__bkp__": "folder-archive-open",
-    "bkps": "folder-archive-open",
-    ".bkps": "folder-archive-open",
-    "_bkps": "folder-archive-open",
-    "__bkps__": "folder-archive-open",
-    "bak": "folder-archive-open",
-    ".bak": "folder-archive-open",
-    "_bak": "folder-archive-open",
-    "__bak__": "folder-archive-open",
-    "baks": "folder-archive-open",
-    ".baks": "folder-archive-open",
-    "_baks": "folder-archive-open",
-    "__baks__": "folder-archive-open",
-    "backup": "folder-archive-open",
-    ".backup": "folder-archive-open",
-    "_backup": "folder-archive-open",
-    "__backup__": "folder-archive-open",
-    "backups": "folder-archive-open",
-    ".backups": "folder-archive-open",
-    "_backups": "folder-archive-open",
-    "__backups__": "folder-archive-open",
-    "back-up": "folder-archive-open",
-    ".back-up": "folder-archive-open",
-    "_back-up": "folder-archive-open",
-    "__back-up__": "folder-archive-open",
-    "back-ups": "folder-archive-open",
-    ".back-ups": "folder-archive-open",
-    "_back-ups": "folder-archive-open",
-    "__back-ups__": "folder-archive-open",
-    "history": "folder-archive-open",
-    ".history": "folder-archive-open",
-    "_history": "folder-archive-open",
-    "__history__": "folder-archive-open",
-    "histories": "folder-archive-open",
-    ".histories": "folder-archive-open",
-    "_histories": "folder-archive-open",
-    "__histories__": "folder-archive-open",
+    "bkp": "folder-backup-open",
+    ".bkp": "folder-backup-open",
+    "_bkp": "folder-backup-open",
+    "__bkp__": "folder-backup-open",
+    "bkps": "folder-backup-open",
+    ".bkps": "folder-backup-open",
+    "_bkps": "folder-backup-open",
+    "__bkps__": "folder-backup-open",
+    "bak": "folder-backup-open",
+    ".bak": "folder-backup-open",
+    "_bak": "folder-backup-open",
+    "__bak__": "folder-backup-open",
+    "baks": "folder-backup-open",
+    ".baks": "folder-backup-open",
+    "_baks": "folder-backup-open",
+    "__baks__": "folder-backup-open",
+    "backup": "folder-backup-open",
+    ".backup": "folder-backup-open",
+    "_backup": "folder-backup-open",
+    "__backup__": "folder-backup-open",
+    "backups": "folder-backup-open",
+    ".backups": "folder-backup-open",
+    "_backups": "folder-backup-open",
+    "__backups__": "folder-backup-open",
+    "back-up": "folder-backup-open",
+    ".back-up": "folder-backup-open",
+    "_back-up": "folder-backup-open",
+    "__back-up__": "folder-backup-open",
+    "back-ups": "folder-backup-open",
+    ".back-ups": "folder-backup-open",
+    "_back-ups": "folder-backup-open",
+    "__back-ups__": "folder-backup-open",
+    "history": "folder-backup-open",
+    ".history": "folder-backup-open",
+    "_history": "folder-backup-open",
+    "__history__": "folder-backup-open",
+    "histories": "folder-backup-open",
+    ".histories": "folder-backup-open",
+    "_histories": "folder-backup-open",
+    "__histories__": "folder-backup-open",
     "batch": "folder-batch-open",
     ".batch": "folder-batch-open",
     "_batch": "folder-batch-open",
@@ -4661,6 +4901,14 @@
     ".constants": "folder-constant-open",
     "_constants": "folder-constant-open",
     "__constants__": "folder-constant-open",
+    "const": "folder-constant-open",
+    ".const": "folder-constant-open",
+    "_const": "folder-constant-open",
+    "__const__": "folder-constant-open",
+    "consts": "folder-constant-open",
+    ".consts": "folder-constant-open",
+    "_consts": "folder-constant-open",
+    "__consts__": "folder-constant-open",
     "container": "folder-container-open",
     ".container": "folder-container-open",
     "_container": "folder-container-open",
@@ -4849,14 +5097,14 @@
     ".hooks": "folder-hook-open",
     "_hooks": "folder-hook-open",
     "__hooks__": "folder-hook-open",
-    "trigger": "folder-hook-open",
-    ".trigger": "folder-hook-open",
-    "_trigger": "folder-hook-open",
-    "__trigger__": "folder-hook-open",
-    "triggers": "folder-hook-open",
-    ".triggers": "folder-hook-open",
-    "_triggers": "folder-hook-open",
-    "__triggers__": "folder-hook-open",
+    "trigger": "folder-trigger-open",
+    ".trigger": "folder-trigger-open",
+    "_trigger": "folder-trigger-open",
+    "__trigger__": "folder-trigger-open",
+    "triggers": "folder-trigger-open",
+    ".triggers": "folder-trigger-open",
+    "_triggers": "folder-trigger-open",
+    "__triggers__": "folder-trigger-open",
     "job": "folder-job-open",
     ".job": "folder-job-open",
     "_job": "folder-job-open",
@@ -5085,6 +5333,34 @@
     ".DS_Store": "folder-macos-open",
     "_DS_Store": "folder-macos-open",
     "__DS_Store__": "folder-macos-open",
+    "iPhone": "folder-macos-open",
+    ".iPhone": "folder-macos-open",
+    "_iPhone": "folder-macos-open",
+    "__iPhone__": "folder-macos-open",
+    "iPad": "folder-macos-open",
+    ".iPad": "folder-macos-open",
+    "_iPad": "folder-macos-open",
+    "__iPad__": "folder-macos-open",
+    "iPod": "folder-macos-open",
+    ".iPod": "folder-macos-open",
+    "_iPod": "folder-macos-open",
+    "__iPod__": "folder-macos-open",
+    "macbook": "folder-macos-open",
+    ".macbook": "folder-macos-open",
+    "_macbook": "folder-macos-open",
+    "__macbook__": "folder-macos-open",
+    "macbook-air": "folder-macos-open",
+    ".macbook-air": "folder-macos-open",
+    "_macbook-air": "folder-macos-open",
+    "__macbook-air__": "folder-macos-open",
+    "macosx": "folder-macos-open",
+    ".macosx": "folder-macos-open",
+    "_macosx": "folder-macos-open",
+    "__macosx__": "folder-macos-open",
+    "apple": "folder-macos-open",
+    ".apple": "folder-macos-open",
+    "_apple": "folder-macos-open",
+    "__apple__": "folder-macos-open",
     "error": "folder-error-open",
     ".error": "folder-error-open",
     "_error": "folder-error-open",
@@ -5421,6 +5697,34 @@
     ".firebase": "folder-firebase-open",
     "_firebase": "folder-firebase-open",
     "__firebase__": "folder-firebase-open",
+    "firestore": "folder-firestore-open",
+    ".firestore": "folder-firestore-open",
+    "_firestore": "folder-firestore-open",
+    "__firestore__": "folder-firestore-open",
+    "cloud-firestore": "folder-firestore-open",
+    ".cloud-firestore": "folder-firestore-open",
+    "_cloud-firestore": "folder-firestore-open",
+    "__cloud-firestore__": "folder-firestore-open",
+    "firebase-firestore": "folder-firestore-open",
+    ".firebase-firestore": "folder-firestore-open",
+    "_firebase-firestore": "folder-firestore-open",
+    "__firebase-firestore__": "folder-firestore-open",
+    "cloud-functions": "folder-cloud-functions-open",
+    ".cloud-functions": "folder-cloud-functions-open",
+    "_cloud-functions": "folder-cloud-functions-open",
+    "__cloud-functions__": "folder-cloud-functions-open",
+    "cloudfunctions": "folder-cloud-functions-open",
+    ".cloudfunctions": "folder-cloud-functions-open",
+    "_cloudfunctions": "folder-cloud-functions-open",
+    "__cloudfunctions__": "folder-cloud-functions-open",
+    "firebase-cloud-functions": "folder-cloud-functions-open",
+    ".firebase-cloud-functions": "folder-cloud-functions-open",
+    "_firebase-cloud-functions": "folder-cloud-functions-open",
+    "__firebase-cloud-functions__": "folder-cloud-functions-open",
+    "firebase-cloudfunctions": "folder-cloud-functions-open",
+    ".firebase-cloudfunctions": "folder-cloud-functions-open",
+    "_firebase-cloudfunctions": "folder-cloud-functions-open",
+    "__firebase-cloudfunctions__": "folder-cloud-functions-open",
     "svelte": "folder-svelte-open",
     ".svelte": "folder-svelte-open",
     "_svelte": "folder-svelte-open",
@@ -5967,7 +6271,83 @@
     "zeabur": "folder-zeabur-open",
     ".zeabur": "folder-zeabur-open",
     "_zeabur": "folder-zeabur-open",
-    "__zeabur__": "folder-zeabur-open"
+    "__zeabur__": "folder-zeabur-open",
+    "kusto": "folder-kusto-open",
+    ".kusto": "folder-kusto-open",
+    "_kusto": "folder-kusto-open",
+    "__kusto__": "folder-kusto-open",
+    "kql": "folder-kusto-open",
+    ".kql": "folder-kusto-open",
+    "_kql": "folder-kusto-open",
+    "__kql__": "folder-kusto-open",
+    "policy": "folder-policy-open",
+    ".policy": "folder-policy-open",
+    "_policy": "folder-policy-open",
+    "__policy__": "folder-policy-open",
+    "policies": "folder-policy-open",
+    ".policies": "folder-policy-open",
+    "_policies": "folder-policy-open",
+    "__policies__": "folder-policy-open",
+    "attachment": "folder-attachment-open",
+    ".attachment": "folder-attachment-open",
+    "_attachment": "folder-attachment-open",
+    "__attachment__": "folder-attachment-open",
+    "attachments": "folder-attachment-open",
+    ".attachments": "folder-attachment-open",
+    "_attachments": "folder-attachment-open",
+    "__attachments__": "folder-attachment-open",
+    "bibliography": "folder-bibliography-open",
+    ".bibliography": "folder-bibliography-open",
+    "_bibliography": "folder-bibliography-open",
+    "__bibliography__": "folder-bibliography-open",
+    "bibliographies": "folder-bibliography-open",
+    ".bibliographies": "folder-bibliography-open",
+    "_bibliographies": "folder-bibliography-open",
+    "__bibliographies__": "folder-bibliography-open",
+    "book": "folder-bibliography-open",
+    ".book": "folder-bibliography-open",
+    "_book": "folder-bibliography-open",
+    "__book__": "folder-bibliography-open",
+    "books": "folder-bibliography-open",
+    ".books": "folder-bibliography-open",
+    "_books": "folder-bibliography-open",
+    "__books__": "folder-bibliography-open",
+    "link": "folder-link-open",
+    ".link": "folder-link-open",
+    "_link": "folder-link-open",
+    "__link__": "folder-link-open",
+    "links": "folder-link-open",
+    ".links": "folder-link-open",
+    "_links": "folder-link-open",
+    "__links__": "folder-link-open",
+    "pytorch": "folder-pytorch-open",
+    ".pytorch": "folder-pytorch-open",
+    "_pytorch": "folder-pytorch-open",
+    "__pytorch__": "folder-pytorch-open",
+    "torch": "folder-pytorch-open",
+    ".torch": "folder-pytorch-open",
+    "_torch": "folder-pytorch-open",
+    "__torch__": "folder-pytorch-open",
+    "blender": "folder-blender-open",
+    ".blender": "folder-blender-open",
+    "_blender": "folder-blender-open",
+    "__blender__": "folder-blender-open",
+    "blender-assets": "folder-blender-open",
+    ".blender-assets": "folder-blender-open",
+    "_blender-assets": "folder-blender-open",
+    "__blender-assets__": "folder-blender-open",
+    "blender-files": "folder-blender-open",
+    ".blender-files": "folder-blender-open",
+    "_blender-files": "folder-blender-open",
+    "__blender-files__": "folder-blender-open",
+    "blender-project": "folder-blender-open",
+    ".blender-project": "folder-blender-open",
+    "_blender-project": "folder-blender-open",
+    "__blender-project__": "folder-blender-open",
+    "blender-models": "folder-blender-open",
+    ".blender-models": "folder-blender-open",
+    "_blender-models": "folder-blender-open",
+    "__blender-models__": "folder-blender-open"
   },
   "rootFolderNames": {},
   "rootFolderNamesExpanded": {},
@@ -6032,8 +6412,6 @@
     "ico": "image",
     "tif": "image",
     "tiff": "image",
-    "psd": "image",
-    "psb": "image",
     "ami": "image",
     "apx": "image",
     "avif": "image",
@@ -6128,6 +6506,10 @@
     "routing.tsx": "routing",
     "routing.js": "routing",
     "routing.jsx": "routing",
+    "route.ts": "routing",
+    "route.tsx": "routing",
+    "route.js": "routing",
+    "route.jsx": "routing",
     "routes.ts": "routing",
     "routes.tsx": "routing",
     "routes.js": "routing",
@@ -6150,6 +6532,7 @@
     "d.ts": "typescript-def",
     "d.cts": "typescript-def",
     "d.mts": "typescript-def",
+    "d.ets": "typescript-def",
     "mdoc": "markdoc",
     "markdoc": "markdoc",
     "markdoc.md": "markdoc",
@@ -6288,6 +6671,7 @@
     "py": "python",
     "pyc": "python-misc",
     "whl": "python-misc",
+    "egg": "python-misc",
     "url": "url",
     "sh": "console",
     "ksh": "console",
@@ -6301,12 +6685,16 @@
     "fish": "console",
     "exp": "console",
     "nu": "console",
+    "xsh": "console",
     "ps1": "powershell",
     "psm1": "powershell",
     "psd1": "powershell",
     "ps1xml": "powershell",
     "psc1": "powershell",
     "pssc": "powershell",
+    "excalidraw.json": "excalidraw",
+    "excalidraw.svg": "excalidraw",
+    "excalidraw.png": "excalidraw",
     "gradle": "gradle",
     "doc": "word",
     "docx": "word",
@@ -6341,8 +6729,9 @@
     "ntf": "font",
     "mrf": "font",
     "lib": "lib",
-    "bib": "lib",
     "a": "lib",
+    "bib": "bibliography",
+    "bst": "bibtex-style",
     "dll": "dll",
     "ilk": "dll",
     "so": "dll",
@@ -6363,10 +6752,13 @@
     "containerfile": "docker",
     "compose.yaml": "docker",
     "compose.yml": "docker",
+    "bbx": "bbx",
+    "cbx": "cbx",
+    "lbx": "lbx",
     "tex": "tex",
-    "sty": "tex",
-    "dtx": "tex",
-    "ltx": "tex",
+    "sty": "sty",
+    "ltx": "ltx",
+    "dtx": "dtx",
     "pptx": "powerpoint",
     "ppt": "powerpoint",
     "pptm": "powerpoint",
@@ -6763,10 +7155,10 @@
     "fast": "lisp",
     "stl": "3d",
     "stp": "3d",
+    "step": "3d",
     "obj": "3d",
     "o": "3d",
     "ac": "3d",
-    "blend": "3d",
     "dxf": "3d",
     "fbx": "3d",
     "mesh": "3d",
@@ -6779,7 +7171,18 @@
     "vox": "3d",
     "gltf": "3d",
     "glb": "3d",
+    "3ds": "3d",
+    "dae": "3d",
+    "ply": "3d",
+    "wrl": "3d",
+    "usd": "3d",
+    "usdz": "3d",
     "svg": "svg",
+    "ai": "adobe-illustrator",
+    "ait": "adobe-illustrator",
+    "psd": "adobe-photoshop",
+    "psb": "adobe-photoshop",
+    "psdt": "adobe-photoshop",
     "svelte": "svelte",
     "svelte.js": "svelte_js",
     "svelte.ts": "svelte_ts",
@@ -7031,11 +7434,22 @@
     "dfxp": "subtitles",
     "vtt": "subtitles",
     "sub": "subtitles",
+    "ass": "subtitles",
     "beancount": "beancount",
     "bean": "beancount",
     "epub": "epub",
     "reg": "regedit",
     "gnu": "gnuplot",
+    "smk": "snakemake",
+    "snakemake": "snakemake",
+    "cpn": "coloredpetrinets",
+    "pnml": "coloredpetrinets",
+    "pt": "pytorch",
+    "pth": "pytorch",
+    "pwf": "pytorch",
+    "blend": "blender",
+    "blend1": "blender",
+    "blend2": "blender",
     "yaml-tmlanguage": "yaml",
     "tmlanguage": "xml",
     "cljx": "clojure",
@@ -7103,8 +7517,6 @@
     "babelrc": "jsonc",
     "jmd": "juliamarkdown",
     "cls": "tex",
-    "bbx": "tex",
-    "cbx": "tex",
     "ctx": "latex",
     "mak": "makefile",
     "mkd": "markdown",
@@ -7201,7 +7613,6 @@
     "opml": "xml",
     "owl": "xml",
     "proj": "xml",
-    "pt": "xml",
     "publishsettings": "xml",
     "pubxml": "xml",
     "pubxml.user": "xml",
@@ -7272,6 +7683,10 @@
     "router.jsx": "routing",
     "router.ts": "routing",
     "router.tsx": "routing",
+    "route.js": "routing",
+    "route.jsx": "routing",
+    "route.ts": "routing",
+    "route.tsx": "routing",
     "routes.js": "routing",
     "routes.jsx": "routing",
     "routes.ts": "routing",
@@ -7310,6 +7725,11 @@
     ".pylintrc": "python-misc",
     "pyproject.toml": "python-misc",
     "py.typed": "python-misc",
+    ".coveragerc": "python-misc",
+    ".coverage": "python-misc",
+    ".scrapy": "python-misc",
+    "celerybeat-schedule": "python-misc",
+    "celerybeat.pid": "python-misc",
     "ruff.toml": "ruff",
     ".ruff.toml": "ruff",
     "uv.toml": "uv",
@@ -7321,6 +7741,9 @@
     "pre-commit": "console",
     "pre-push": "console",
     "post-merge": "console",
+    "excalidraw.json": "excalidraw",
+    "excalidraw.svg": "excalidraw",
+    "excalidraw.png": "excalidraw",
     "gradle.properties": "gradle",
     "gradlew": "gradle",
     "gradle-wrapper.properties": "gradle",
@@ -7462,6 +7885,8 @@
     "compose.ci.yml": "docker",
     "compose.web.yml": "docker",
     "compose.worker.yml": "docker",
+    ".latexmkrc": "latexmk",
+    "latexmkrc": "latexmk",
     ".mailmap": "email",
     ".graphqlrc": "graphql",
     ".graphqlrc.json": "graphql",
@@ -7525,6 +7950,7 @@
     ".pubignore": "dart",
     "cmakelists.txt": "cmake",
     "cmakecache.txt": "cmake",
+    "CMakePresets.json": "cmake",
     "semgrep.yml": "semgrep",
     ".semgrepignore": "semgrep",
     "vue.config.js": "vue-config",
@@ -7923,6 +8349,7 @@
     ".vars": "tune",
     ".dev.vars": "tune",
     "turbo.json": "turborepo",
+    "turbo.jsonc": "turborepo",
     ".babelrc": "babel",
     ".babelrc.json": "babel",
     ".babelrc.jsonc": "babel",
@@ -8132,6 +8559,7 @@
     ".mocharc.yml": "mocha",
     ".mocharc.yaml": "mocha",
     ".mocharc.js": "mocha",
+    ".mocharc.cjs": "mocha",
     ".mocharc.json": "mocha",
     ".mocharc.jsonc": "mocha",
     "jenkinsfile": "jenkins",
@@ -8380,11 +8808,13 @@
     "azure-pipelines-main.yaml": "azure-pipelines",
     "vagrantfile": "vagrant",
     "prisma.yml": "prisma",
+    "prisma.config.ts": "prisma",
     ".nycrc": "istanbul",
     ".nycrc.json": "istanbul",
     ".nycrc.yaml": "istanbul",
     ".nycrc.yml": "istanbul",
     "nyc.config.js": "istanbul",
+    "nyc.config.cjs": "istanbul",
     ".istanbul.yml": "istanbul",
     "tailwind.js": "tailwindcss",
     "tailwind.ts": "tailwindcss",
@@ -8691,6 +9121,7 @@
     "serverless.js": "serverless",
     "serverless.ts": "serverless",
     "supabase.js": "supabase",
+    "supabase.ts": "supabase",
     "supabase.py": "supabase",
     ".ember-cli": "ember",
     ".ember-cli.js": "ember",
@@ -9102,7 +9533,22 @@
     "wrangler.json": "wrangler",
     "wrangler.jsonc": "wrangler",
     ".clinerules": "cline",
+    ".packshiprc": "packship",
+    ".packshiprc.json": "packship",
+    ".packshiprc.js": "packship",
+    ".packshiprc.ts": "packship",
+    "packship.config.js": "packship",
+    "packship.config.ts": "packship",
+    "packship.config.mjs": "packship",
+    "packship.config.mts": "packship",
+    "packship.config.json": "packship",
+    "Snakefile": "snakemake",
+    ".hadolint.yaml": "hadolint",
+    ".hadolint.yml": "hadolint",
+    "hadolint.yaml": "hadolint",
+    "hadolint.yml": "hadolint",
     ".rhistory": "r",
+    "cmakepresets.json": "cmake",
     "cname": "http",
     "sonarqube.analysis.xml": "sonarcloud",
     "owners": "codeowners",
@@ -9110,6 +9556,7 @@
     "pklproject": "pkl",
     "pklproject.deps.json": "pkl",
     ".github/funding.yml": "github-sponsors",
+    "snakefile": "snakemake",
     "language-configuration.json": "jsonc",
     "icon-theme.json": "jsonc",
     "color-theme.json": "jsonc",
@@ -9146,6 +9593,7 @@
     "mojo": "mojo",
     "javascript": "javascript",
     "typescript": "typescript",
+    "ets": "typescript",
     "scala": "scala",
     "handlebars": "handlebars",
     "perl": "perl",
@@ -9212,13 +9660,20 @@
     "reason_lisp": "reason",
     "sml": "sml",
     "tex": "tex",
-    "doctex": "tex",
-    "latex": "tex",
-    "latex-expl3": "tex",
+    "latex": "latex",
+    "latex-expl3": "latex",
+    "latex-class": "latex-class",
+    "latex-package": "latex-package",
+    "context": "context",
+    "doctex": "doctex",
+    "doctex-installer": "doctex-installer",
+    "bibtex": "bibliography",
+    "bibtex-style": "bibtex-style",
     "apex": "salesforce",
     "sas": "sas",
     "dockerfile": "docker",
     "dockercompose": "docker",
+    "dockerbake": "docker",
     "csv": "table",
     "tsv": "table",
     "psv": "table",
@@ -9245,8 +9700,6 @@
     "vue-postcss": "vue",
     "vue-html": "vue",
     "lua": "lua",
-    "bibtex": "lib",
-    "bibtex-style": "lib",
     "log": "log",
     "jupyter": "jupyter",
     "plaintext": "document",
@@ -9317,6 +9770,11 @@
       "drone.yml": "drone_light",
       ".wakatime-project": "wakatime_light",
       "hcl": "hcl_light",
+      "ai": "adobe-illustrator_light",
+      "ait": "adobe-illustrator_light",
+      "psd": "adobe-photoshop_light",
+      "psb": "adobe-photoshop_light",
+      "psdt": "adobe-photoshop_light",
       "iuml": "uml_light",
       "pu": "uml_light",
       "puml": "uml_light",
@@ -9352,6 +9810,7 @@
       "remix.config.js": "remix_light",
       "remix.config.ts": "remix_light",
       "turbo.json": "turborepo_light",
+      "turbo.jsonc": "turborepo_light",
       ".autorc": "auto_light",
       "auto.config.js": "auto_light",
       "auto.config.ts": "auto_light",
diff --git a/options/fileicon/material-icon-svgs.json b/options/fileicon/material-icon-svgs.json
index dbda90665b..326e0a1b91 100644
--- a/options/fileicon/material-icon-svgs.json
+++ b/options/fileicon/material-icon-svgs.json
@@ -4,38 +4,42 @@
   "abc": "<svg viewBox='0 0 24 24'><path fill='#ff5722' d='M13.295 11.033V7.65l2.126-2.136c.774-.763.919-1.981.377-2.929a2.38 2.38 0 0 0-2.068-1.217c-.203 0-.435.029-.619.087-1.044.28-1.749 1.246-1.749 2.33v3.13L8.327 9.98a5.75 5.75 0 0 0-1.208 6.214 5.62 5.62 0 0 0 4.243 3.432v.59a.5.5 0 0 1-.483.482h-1.45v1.934h1.45a2.43 2.43 0 0 0 2.416-2.417v-.483c1.962 0 4.02-1.856 4.02-4.591 0-2.223-1.855-4.108-4.02-4.108m0-7.249c0-.222.106-.396.31-.454a.47.47 0 0 1 .54.222.48.48 0 0 1-.077.59l-.773.83V3.785m-1.933 7.732c-.938.619-1.643 1.682-1.894 2.668l1.894.503v2.948a3.73 3.73 0 0 1-2.484-2.185 3.8 3.8 0 0 1 .802-4.098l1.682-1.769zm1.933 6.283v-4.89c1.13 0 2.107 1.062 2.107 2.232 0 1.691-1.227 2.658-2.107 2.658'/></svg>",
   "actionscript": "<svg viewBox='0 -960 960 960'><path fill='#f44336' d='M560-160v-80h120q17 0 28.5-11.5T720-280v-80q0-38 22-69t58-44v-14q-36-13-58-44t-22-69v-80q0-17-11.5-28.5T680-720H560v-80h120q50 0 85 35t35 85v80q0 17 11.5 28.5T840-560h40v160h-40q-17 0-28.5 11.5T800-360v80q0 50-35 85t-85 35zm-280 0q-50 0-85-35t-35-85v-80q0-17-11.5-28.5T120-400H80v-160h40q17 0 28.5-11.5T160-600v-80q0-50 35-85t85-35h120v80H280q-17 0-28.5 11.5T240-680v80q0 38-22 69t-58 44v14q36 13 58 44t22 69v80q0 17 11.5 28.5T280-240h120v80z'/><path fill='#f44336' d='M360-600h80v40h-80zm80 240h40v-200h-40v80h-80v-80h-40v200h40v-80h80zm200-200v-40H530a10 10 0 0 0-10 10v100a10 10 0 0 0 10 10h70v80h-80v40h110a10 10 0 0 0 10-10v-140a10 10 0 0 0-10-10h-70v-40z'/></svg>",
   "ada": "<svg viewBox='0 0 24 24'><path fill='#0277bd' d='m2 12 2.9-1.07c.25-1.1.87-1.73.87-1.73a3.996 3.996 0 0 1 5.65 0l1.41 1.41 6.31-6.7c.95 3.81 0 7.62-2.33 10.69L22 19.62s-8.47 1.9-13.4-1.95c-2.63-2.06-3.22-3.26-3.59-4.52zm5.04.21c.37.37.98.37 1.35 0s.37-.97 0-1.34a.96.96 0 0 0-1.35 0c-.37.37-.37.97 0 1.34'/></svg>",
+  "adobe-illustrator": "<svg viewBox='0 0 32 32'><rect width='28' height='28' x='2' y='2' fill='#5d4037' rx='4'/><path fill='#ffb74d' d='M20.988 9.999a.96.96 0 0 1-.687-.269 1 1 0 0 1-.263-.704.9.9 0 0 1 .278-.681 1 1 0 0 1 .687-.268.93.93 0 0 1 .703.268 1.046 1.046 0 0 1-.015 1.385.9.9 0 0 1-.703.268M20 12h2v10h-2zm-5.63-1.98-.01-.02h-2.08a.12.12 0 0 0-.1.13 4.5 4.5 0 0 1-.06.74c-.05.13-.08.26-.12.37l-.27.78L8 22h2.14l.75-2h5.24l.79 2h2.16zM11.64 18l1.8-4.84.01.04.02.04L14.95 17l.39 1z'/></svg>",
+  "adobe-illustrator_light": "<svg viewBox='0 0 32 32'><rect width='28' height='28' x='2' y='2' fill='#795548' rx='4'/><path fill='#ffb74d' d='M20.988 9.999a.96.96 0 0 1-.687-.269 1 1 0 0 1-.263-.704.9.9 0 0 1 .278-.681 1 1 0 0 1 .687-.268.93.93 0 0 1 .703.268 1.046 1.046 0 0 1-.015 1.385.9.9 0 0 1-.703.268M20 12h2v10h-2zm-5.63-1.98-.01-.02h-2.08a.12.12 0 0 0-.1.13 4.5 4.5 0 0 1-.06.74c-.05.13-.08.26-.12.37l-.27.78L8 22h2.14l.75-2h5.24l.79 2h2.16zM11.64 18l1.8-4.84.01.04.02.04L14.95 17l.39 1z'/></svg>",
+  "adobe-photoshop": "<svg viewBox='0 0 32 32'><rect width='28' height='28' x='2' y='2' fill='#37474f' rx='4'/><path fill='#64b5f6' d='M23.744 14.716a3.7 3.7 0 0 0-1.066-.408 5.4 5.4 0 0 0-1.245-.157 2.1 2.1 0 0 0-.666.085.57.57 0 0 0-.345.24.7.7 0 0 0-.089.324.56.56 0 0 0 .111.313 1.3 1.3 0 0 0 .378.324q.386.217.79.397a7.8 7.8 0 0 1 1.71.877 2.7 2.7 0 0 1 .878.998 2.8 2.8 0 0 1 .256 1.238 2.96 2.96 0 0 1-.434 1.599 2.83 2.83 0 0 1-1.244 1.07 4.75 4.75 0 0 1-2.011.384 7 7 0 0 1-1.511-.156 4.2 4.2 0 0 1-1.134-.385.24.24 0 0 1-.122-.228v-2.092a.14.14 0 0 1 .044-.108c.034-.024.067-.012.1.012a4.6 4.6 0 0 0 1.378.59 4.8 4.8 0 0 0 1.311.18 2 2 0 0 0 .923-.169.56.56 0 0 0 .3-.505.65.65 0 0 0-.267-.48 4.6 4.6 0 0 0-1.089-.565 6.6 6.6 0 0 1-1.578-.866 3 3 0 0 1-.844-1.021 2.76 2.76 0 0 1-.256-1.226 3 3 0 0 1 .378-1.455 2.8 2.8 0 0 1 1.167-1.105A4 4 0 0 1 21.533 12a9 9 0 0 1 1.378.108 3.7 3.7 0 0 1 .956.277.2.2 0 0 1 .11.108.7.7 0 0 1 .023.144v1.96a.15.15 0 0 1-.056.12.28.28 0 0 1-.2 0M12.38 10H9.99v-.03h-2v12h2V18h2.39A3.62 3.62 0 0 0 16 14.38v-.76A3.62 3.62 0 0 0 12.38 10M14 14.38A1.626 1.626 0 0 1 12.38 16H9.99v-4h2.39A1.626 1.626 0 0 1 14 13.62Z'/></svg>",
+  "adobe-photoshop_light": "<svg viewBox='0 0 32 32'><rect width='28' height='28' x='2' y='2' fill='#455a64' rx='4'/><path fill='#64b5f6' d='M23.744 14.716a3.7 3.7 0 0 0-1.066-.408 5.4 5.4 0 0 0-1.245-.157 2.1 2.1 0 0 0-.666.085.57.57 0 0 0-.345.24.7.7 0 0 0-.089.324.56.56 0 0 0 .111.313 1.3 1.3 0 0 0 .378.324q.386.217.79.397a7.8 7.8 0 0 1 1.71.877 2.7 2.7 0 0 1 .878.998 2.8 2.8 0 0 1 .256 1.238 2.96 2.96 0 0 1-.434 1.599 2.83 2.83 0 0 1-1.244 1.07 4.75 4.75 0 0 1-2.011.384 7 7 0 0 1-1.511-.156 4.2 4.2 0 0 1-1.134-.385.24.24 0 0 1-.122-.228v-2.092a.14.14 0 0 1 .044-.108c.034-.024.067-.012.1.012a4.6 4.6 0 0 0 1.378.59 4.8 4.8 0 0 0 1.311.18 2 2 0 0 0 .923-.169.56.56 0 0 0 .3-.505.65.65 0 0 0-.267-.48 4.6 4.6 0 0 0-1.089-.565 6.6 6.6 0 0 1-1.578-.866 3 3 0 0 1-.844-1.021 2.76 2.76 0 0 1-.256-1.226 3 3 0 0 1 .378-1.455 2.8 2.8 0 0 1 1.167-1.105A4 4 0 0 1 21.533 12a9 9 0 0 1 1.378.108 3.7 3.7 0 0 1 .956.277.2.2 0 0 1 .11.108.7.7 0 0 1 .023.144v1.96a.15.15 0 0 1-.056.12.28.28 0 0 1-.2 0M12.38 10H9.99v-.03h-2v12h2V18h2.39A3.62 3.62 0 0 0 16 14.38v-.76A3.62 3.62 0 0 0 12.38 10M14 14.38A1.626 1.626 0 0 1 12.38 16H9.99v-4h2.39A1.626 1.626 0 0 1 14 13.62Z'/></svg>",
   "adobe-swc": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M4 5v22a1 1 0 0 0 1 1h22a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H5a1 1 0 0 0-1 1m20 7c-2.926 0-4.21.722-5.012 2H22v4h-4.582C16.34 20.857 14.393 24 8 24v-4c4.559 0 5.14-1.744 6.103-4.632C15.139 12.258 16.559 8 24 8Z'/></svg>",
   "adonis": "<svg viewBox='0 0 180 180'><path fill='#7c4dff' d='m79.579 25.741-66.481 115.15h63.305l11.218-19.433H47.613L79.804 65.7l20.005 34.649 11.423-19.783zm42.118 50.221-45.203 78.297h90.408z' paint-order='fill markers stroke'/></svg>",
-  "advpl-include.clone": "<svg viewBox='0 0 16 16'><path fill='#00BCD4' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
-  "advpl-ptm.clone": "<svg viewBox='0 0 16 16'><path fill='#EF5350' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
-  "advpl-tlpp.clone": "<svg viewBox='0 0 16 16'><path fill='#FBC02D' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
+  "advpl-include.clone": "<svg viewBox='0 0 16 16'><path fill='#00bcd4' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
+  "advpl-ptm.clone": "<svg viewBox='0 0 16 16'><path fill='#ef5350' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
+  "advpl-tlpp.clone": "<svg viewBox='0 0 16 16'><path fill='#fbc02d' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
   "advpl": "<svg viewBox='0 0 16 16'><path fill='#7986cb' fill-rule='evenodd' d='M6.752 1.158C2.234 1.96-.271 6.943 1.758 11.09c2.537 5.185 10.047 5.142 12.511-.07C16.69 5.9 12.321.17 6.752 1.159m.587 2.335c2.576.517 5.233 1.323 5.326 1.615.26.808.256 4.849-.004 5.34-.066.125-1.209-.012-2.08-.247l-.351-.094-.001-.437c-.005-1.308-.138-2.547-.29-2.7-.176-.176-1.312-.545-3.052-.99L5.78 5.697l-.014-.267c-.033-.6.117-1.95.232-2.093.063-.079.315-.05 1.34.157M4.029 5.39c.5.066 1.083.178 1.492.289l.178.048.03.984c.058 1.844.117 2.13.475 2.29.448.2 2.083.679 3.62 1.061l.34.084-.01.653c-.012.735-.083 1.393-.175 1.617l-.062.15-.261-.03c-.976-.113-4.175-.896-5.567-1.362-.611-.205-.759-.284-.811-.435-.23-.66-.23-4.905 0-5.337.054-.1.08-.1.75-.012'/></svg>",
-  "ahk2.clone": "<svg viewBox='0 0 32 32'><path fill='#AFB42B' d='M25.333 4H6.667A2.657 2.657 0 0 0 4 6.667v18.666A2.667 2.667 0 0 0 6.667 28h18.666A2.667 2.667 0 0 0 28 25.333V6.667A2.667 2.667 0 0 0 25.333 4m-2.495 6.22a4 4 0 0 0-.163 1.01q0 .266-.058.83a9 9 0 0 0-.04.719c0 .584-.031 1.443-.092 2.55q-.074 1.253-.088 2.502c0 .412.032 1.057.097 1.91.067.865.1 1.534.1 1.988a1.62 1.62 0 0 1-.505 1.197 1.65 1.65 0 0 1-1.225.475 1.92 1.92 0 0 1-1.233-.466 1.51 1.51 0 0 1-.554-1.19q0-.644-.06-1.934-.047-.99-.056-1.979 0-.198.003-.376c-.805.065-1.766.198-2.867.398q-1.522.277-3.045.562-.032.61-.11 1.65a30 30 0 0 0-.087 2.017 1.62 1.62 0 0 1-.506 1.192 1.73 1.73 0 0 1-1.224.474l-.048.001a1.7 1.7 0 0 1-1.157-.479 1.62 1.62 0 0 1-.502-1.2c0-.615.05-1.513.155-2.738.104-1.182.157-2.077.157-2.661q0-1.15.057-3.46.054-2.302.053-3.442a1.62 1.62 0 0 1 .508-1.196 1.68 1.68 0 0 1 1.222-.478 1.7 1.7 0 0 1 1.206.484 1.63 1.63 0 0 1 .5 1.19q0 .687-.055 2.07-.036 1.01-.044 2.023.001.23-.065.905a7 7 0 0 0-.022.251l2.825-.532a28 28 0 0 1 3.086-.395q.037-.83.095-2.76a4.8 4.8 0 0 1 .466-1.778c.421-.926.957-1.395 1.591-1.395a1.75 1.75 0 0 1 1.166.434l.003.002a1.58 1.58 0 0 1 .566 1.228 1.5 1.5 0 0 1-.05.397'/></svg>",
+  "ahk2.clone": "<svg viewBox='0 0 32 32'><path fill='#afb42b' d='M25.333 4H6.667A2.657 2.657 0 0 0 4 6.667v18.666A2.667 2.667 0 0 0 6.667 28h18.666A2.667 2.667 0 0 0 28 25.333V6.667A2.667 2.667 0 0 0 25.333 4m-2.495 6.22a4 4 0 0 0-.163 1.01q0 .266-.058.83a9 9 0 0 0-.04.719c0 .584-.031 1.443-.092 2.55q-.074 1.253-.088 2.502c0 .412.032 1.057.097 1.91.067.865.1 1.534.1 1.988a1.62 1.62 0 0 1-.505 1.197 1.65 1.65 0 0 1-1.225.475 1.92 1.92 0 0 1-1.233-.466 1.51 1.51 0 0 1-.554-1.19q0-.644-.06-1.934-.047-.99-.056-1.979 0-.198.003-.376c-.805.065-1.766.198-2.867.398q-1.522.277-3.045.562-.032.61-.11 1.65a30 30 0 0 0-.087 2.017 1.62 1.62 0 0 1-.506 1.192 1.73 1.73 0 0 1-1.224.474l-.048.001a1.7 1.7 0 0 1-1.157-.479 1.62 1.62 0 0 1-.502-1.2c0-.615.05-1.513.155-2.738.104-1.182.157-2.077.157-2.661q0-1.15.057-3.46.054-2.302.053-3.442a1.62 1.62 0 0 1 .508-1.196 1.68 1.68 0 0 1 1.222-.478 1.7 1.7 0 0 1 1.206.484 1.63 1.63 0 0 1 .5 1.19q0 .687-.055 2.07-.036 1.01-.044 2.023.001.23-.065.905a7 7 0 0 0-.022.251l2.825-.532a28 28 0 0 1 3.086-.395q.037-.83.095-2.76a4.8 4.8 0 0 1 .466-1.778c.421-.926.957-1.395 1.591-1.395a1.75 1.75 0 0 1 1.166.434l.003.002a1.58 1.58 0 0 1 .566 1.228 1.5 1.5 0 0 1-.05.397'/></svg>",
   "amplify": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='M14 10 5 28h12l-2-4h-4l3-6 5 10h4zm1-2 2-4 12 24h-4l-8-16z'/></svg>",
   "android": "<svg viewBox='0 0 32 32'><rect width='4' height='10' x='2' y='12' fill='#8bc34a' rx='2'/><rect width='4' height='10' x='26' y='12' fill='#8bc34a' rx='2'/><path fill='#8bc34a' d='M8 12h16v12H8zm2 12h4v4a2 2 0 0 1-2 2 2 2 0 0 1-2-2zm8 0h4v4a2 2 0 0 1-2 2 2 2 0 0 1-2-2zm3.545-19.759 2.12-2.12A1 1 0 0 0 22.251.707l-2.326 2.326a7.97 7.97 0 0 0-7.85 0L9.75.707a1 1 0 1 0-1.414 1.414l2.12 2.12A7.97 7.97 0 0 0 8 10h16a7.97 7.97 0 0 0-2.455-5.759M14 8h-2V6h2Zm6 0h-2V6h2Z'/></svg>",
-  "angular-component.clone": "<svg viewBox='0 0 24 24'><path fill='#1976D2' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-directive.clone": "<svg viewBox='0 0 24 24'><path fill='#AB47BC' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-guard.clone": "<svg viewBox='0 0 24 24'><path fill='#43A047' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-interceptor.clone": "<svg viewBox='0 0 24 24'><path fill='#FF9800' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-pipe.clone": "<svg viewBox='0 0 24 24'><path fill='#00897B' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-resolver.clone": "<svg viewBox='0 0 24 24'><path fill='#43A047' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
-  "angular-service.clone": "<svg viewBox='0 0 24 24'><path fill='#FFCA28' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-component.clone": "<svg viewBox='0 0 24 24'><path fill='#1976d2' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-directive.clone": "<svg viewBox='0 0 24 24'><path fill='#ab47bc' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-guard.clone": "<svg viewBox='0 0 24 24'><path fill='#43a047' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-interceptor.clone": "<svg viewBox='0 0 24 24'><path fill='#ff9800' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-pipe.clone": "<svg viewBox='0 0 24 24'><path fill='#00897b' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-resolver.clone": "<svg viewBox='0 0 24 24'><path fill='#43a047' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
+  "angular-service.clone": "<svg viewBox='0 0 24 24'><path fill='#ffca28' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
   "angular": "<svg viewBox='0 0 24 24'><path fill='#e53935' d='M9.87 2.5 3.022 5.666l.645 10.178zm4.26 0 6.202 13.344.645-10.178zM12 7.563l-2.451 5.964h4.906zm-3.73 8.959-.954 2.308L12 21.5l4.683-2.67-.953-2.308z'/></svg>",
   "antlr": "<svg viewBox='0 0 24 24'><path fill='#f44336' d='M10.355 1.614a10.469 10.483 0 0 1 11.813 7.792 10.327 10.34 0 0 1-1.565 8.673 10.583 10.597 0 0 1-14.819 2.428 10.416 10.43 0 0 1-4.222-7.14 10.641 10.656 0 0 1 .999-5.994 10.498 10.512 0 0 1 7.795-5.76m.27 3.825c-.949 2.08-1.9 4.16-2.83 6.25-.479 1.345-1.127 2.615-1.716 3.915-.174.408-.468.853-.287 1.312a1.088 1.09 0 0 0 1.575.556c.458-.261.566-.828.778-1.272.952-2.405 2.13-4.708 3.11-7.104a7.356 7.366 0 0 1 .776-1.6c.568 1.406 1.186 2.791 1.773 4.19a14.819 14.839 0 0 1 .969 2.197c-1.51-.015-3.02-.004-4.531-.01 2.073 1.233 4.202 2.379 6.305 3.562a1.094 1.094 0 0 0 1.698-1.036c-.425-1.15-1.014-2.237-1.5-3.364-.917-2.393-2.076-4.685-3.097-7.036a2.685 2.689 0 0 0-.738-1.163 1.564 1.566 0 0 0-2.285.602z'/></svg>",
   "apiblueprint": "<svg viewBox='0 0 32 32'><rect width='12' height='12' x='10' y='2' fill='#42a5f5' rx='6'/><rect width='12' height='12' x='18' y='18' fill='#42a5f5' rx='6'/><rect width='12' height='12' x='2' y='18' fill='#42a5f5' rx='6'/><path fill='none' stroke='#42a5f5' stroke-miterlimit='10' stroke-width='3' d='m16 8 8 16M16 8 8 24'/></svg>",
   "apollo": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M31.93 14.457a.51.51 0 0 0-.506-.457h-2.01a.497.497 0 0 0-.491.559l.014.134c.616 6.284-4.097 12.817-10.29 14.044A13.009 13.009 0 1 1 24.3 6h4.19a16.013 16.013 0 1 0 3.44 8.457'/><circle cx='24.533' cy='4.267' r='4.267' fill='#7e57c2'/><path fill='#7e57c2' d='M17 8h-3L8 24h3z'/><path fill='#7e57c2' d='M15 8h3l6 16h-3zm2.88 13H12v-3h4.75z'/></svg>",
   "applescript": "<svg viewBox='0 0 32 32'><path fill='#78909c' d='M25.425 26.498c-1.162 1.736-2.394 3.43-4.27 3.458-1.875.042-2.477-1.106-4.605-1.106-2.142 0-2.8 1.078-4.578 1.148-1.834.07-3.22-1.848-4.396-3.542C5.183 23 3.35 16.63 5.813 12.346a6.84 6.84 0 0 1 5.767-3.514c1.792-.028 3.5 1.217 4.606 1.217 1.092 0 3.164-1.497 5.334-1.273a6.5 6.5 0 0 1 5.095 2.771 6.38 6.38 0 0 0-3.01 5.334 6.18 6.18 0 0 0 3.752 5.656 15.5 15.5 0 0 1-1.932 3.961M17.432 4.1A6.36 6.36 0 0 1 21.548 2a6.13 6.13 0 0 1-1.456 4.466 5.11 5.11 0 0 1-4.13 1.988 5.98 5.98 0 0 1 1.47-4.354'/></svg>",
   "apps-script": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M6.053 20.055H21.21a3.01 3.01 0 0 1 3.049 2.966 3.01 3.01 0 0 1-3.049 2.966H6.053a3.01 3.01 0 0 1-3.049-2.966 3.01 3.01 0 0 1 3.049-2.966'/><path fill='#ffc107' d='M19.44 25.433 7.179 16.765a2.914 2.914 0 0 1-.674-4.143 3.104 3.104 0 0 1 4.258-.656l12.263 8.668a2.914 2.914 0 0 1 .674 4.143 3.104 3.104 0 0 1-4.258.656Z'/><path fill='#43a047' d='m19.489 8.05 4.683 14.026a2.95 2.95 0 0 1-1.957 3.737 3.067 3.067 0 0 1-3.841-1.904L13.69 9.884a2.95 2.95 0 0 1 1.957-3.738 3.067 3.067 0 0 1 3.842 1.905Z'/><path fill='#448aff' d='M18.363 22.076 23.047 8.05a3.067 3.067 0 0 1 3.841-1.904 2.95 2.95 0 0 1 1.958 3.737L24.162 23.91a3.067 3.067 0 0 1-3.842 1.904 2.95 2.95 0 0 1-1.957-3.737Z'/></svg>",
-  "appveyor": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 256 256'><path fill='#00B8D4' fill-rule='evenodd' d='M127.646 17.356c61.588 0 110.999 49.414 110.999 110.29a110.64 110.64 0 0 1-110.999 110.999c-60.873 0-110.29-49.414-110.29-110.999 0-60.873 49.414-110.29 110.29-110.29m27.213 131.77c-12.174 15.756-34.375 18.62-49.414 6.446-15.039-11.459-17.187-33.66-5.013-49.414 12.891-15.039 35.091-17.904 50.131-6.445 15.039 12.174 17.187 34.375 4.297 49.414zm-58.723 72.331 42.252-40.82c-15.756 3.58-32.227.716-45.117-10.026-15.039-11.459-21.484-30.795-19.336-48.699L35.98 163.45s-5.013-9.31-6.446-26.498l66.602-52.278c20.052-14.323 47.266-15.04 66.602 0 21.484 17.187 25.781 48.698 10.027 72.33l-48.699 69.466c-7.161 0-21.484-2.149-27.93-5.013'/></svg>",
-  "architecture": "<svg fill='none' viewBox='0 0 24 24'><path fill='#66BB6A' d='M6.278 22 6 19.556l3.167-8.723a4.37 4.37 0 0 0 1.944 1.056l-3.055 8.389zm11.666 0-1.777-1.722-3.056-8.39q.556-.138 1.042-.402a4.4 4.4 0 0 0 .903-.653l3.166 8.723zm-5.833-11.111q-1.389 0-2.361-.972-.972-.973-.972-2.361 0-1.084.624-1.932.626-.846 1.598-1.18V2h2.222v2.444a3.27 3.27 0 0 1 1.598 1.18q.624.849.624 1.932 0 1.389-.972 2.36-.972.973-2.36.973Zm0-2.222q.473 0 .792-.32t.32-.791q0-.473-.32-.793a1.08 1.08 0 0 0-.792-.319q-.472 0-.791.32t-.32.792.32.79q.319.32.791.32Z'/></svg>",
-  "arduino": "<svg viewBox='0 0 32 32'><path fill='#0097A7' d='M2 14h10v2H2zm22-4h2v10h-2z'/><path fill='#0097A7' d='M20 14h10v2H20z'/><path fill='none' stroke='#0097A7' stroke-width='2' d='M2 5h4a10 10 0 0 1 10 10 10 10 0 0 0 10 10h4'/><path fill='#0097A7' d='M11.644 22A8.95 8.95 0 0 1 6 24H2v2h4a10.98 10.98 0 0 0 8.479-4ZM26 4a10.98 10.98 0 0 0-8.479 4h2.835A8.95 8.95 0 0 1 26 6h4V4Z'/></svg>",
+  "appveyor": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 256 256'><path fill='#00b8d4' fill-rule='evenodd' d='M127.646 17.356c61.588 0 110.999 49.414 110.999 110.29a110.64 110.64 0 0 1-110.999 110.999c-60.873 0-110.29-49.414-110.29-110.999 0-60.873 49.414-110.29 110.29-110.29m27.213 131.77c-12.174 15.756-34.375 18.62-49.414 6.446-15.039-11.459-17.187-33.66-5.013-49.414 12.891-15.039 35.091-17.904 50.131-6.445 15.039 12.174 17.187 34.375 4.297 49.414zm-58.723 72.331 42.252-40.82c-15.756 3.58-32.227.716-45.117-10.026-15.039-11.459-21.484-30.795-19.336-48.699L35.98 163.45s-5.013-9.31-6.446-26.498l66.602-52.278c20.052-14.323 47.266-15.04 66.602 0 21.484 17.187 25.781 48.698 10.027 72.33l-48.699 69.466c-7.161 0-21.484-2.149-27.93-5.013'/></svg>",
+  "architecture": "<svg fill='none' viewBox='0 0 24 24'><path fill='#66bb6a' d='M6.278 22 6 19.556l3.167-8.723a4.37 4.37 0 0 0 1.944 1.056l-3.055 8.389zm11.666 0-1.777-1.722-3.056-8.39q.556-.138 1.042-.402a4.4 4.4 0 0 0 .903-.653l3.166 8.723zm-5.833-11.111q-1.389 0-2.361-.972-.972-.973-.972-2.361 0-1.084.624-1.932.626-.846 1.598-1.18V2h2.222v2.444a3.27 3.27 0 0 1 1.598 1.18q.624.849.624 1.932 0 1.389-.972 2.36-.972.973-2.36.973Zm0-2.222q.473 0 .792-.32t.32-.791q0-.473-.32-.793a1.08 1.08 0 0 0-.792-.319q-.472 0-.791.32t-.32.792.32.79q.319.32.791.32Z'/></svg>",
+  "arduino": "<svg viewBox='0 0 32 32'><path fill='#0097a7' d='M2 14h10v2H2zm22-4h2v10h-2z'/><path fill='#0097a7' d='M20 14h10v2H20z'/><path fill='none' stroke='#0097a7' stroke-width='2' d='M2 5h4a10 10 0 0 1 10 10 10 10 0 0 0 10 10h4'/><path fill='#0097a7' d='M11.644 22A8.95 8.95 0 0 1 6 24H2v2h4a10.98 10.98 0 0 0 8.479-4ZM26 4a10.98 10.98 0 0 0-8.479 4h2.835A8.95 8.95 0 0 1 26 6h4V4Z'/></svg>",
   "asciidoc": "<svg viewBox='0 0 32 32'><path fill='#0097a7' d='M4 18V8l5.39 10Zm0 4v3.67A2.33 2.33 0 0 0 6.33 28h8.9l-3.496-6Zm12.444 0 3.177 5.444A11.88 11.88 0 0 0 26.448 22Zm11.419-4A15 15 0 0 0 28 16 12 12 0 0 0 16 4L6 3.995q-.08 0-.158.005L14 18Z'/></svg>",
   "assembly": "<svg viewBox='0 0 32 32'><path fill='#ff6e40' d='M8 6V2H4a2 2 0 0 0-2 2v24a2 2 0 0 0 2 2h4v-4H4V6Zm16-4v4h4v20h-4v4h4a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2Zm-4 4h-2a2 2 0 0 0-2 2v4a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2V8a2 2 0 0 0-2-2m-2 6V8h2v4Zm-4 6h-2a2 2 0 0 0-2 2v4a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2v-4a2 2 0 0 0-2-2m-2 6v-4h2v4Zm0-18c0 2 0 2-2 2v2h2v4h2V6Zm8 12c0 2 0 2-2 2v2h2v4h2v-8Z'/></svg>",
   "astro-config": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M15 2H6a2.006 2.006 0 0 0-2 2v22a2.006 2.006 0 0 0 2 2h6v-4H6v-2h6v-2H6v-2h6v-2H6v-2h6v-2h2V4l8 8h2v-1Z'/><path fill='#7c4dff' d='M12 12v18h18V12Zm10 16c-.9 0-2.025-1.267-2.025-3.005-.914 0-.975.464-.975 1.005-.881-.213-1-1.15-1-2h6c0 1.919-2 1.787-2 4m2.542-6a2.5 2.5 0 0 1-2.308-1.641l-.946-2.42a.305.305 0 0 0-.576 0l-.946 2.42A2.5 2.5 0 0 1 17.458 22H16l2.965-7.59a.63.63 0 0 1 .577-.41h2.916a.63.63 0 0 1 .577.41L26 22Z'/></svg>",
   "astro": "<svg viewBox='0 0 32 32'><path fill='#7c4dff' d='M12.106 25.849c-1.262-1.156-1.63-3.586-1.105-5.346a5.18 5.18 0 0 0 3.484 1.66 9.68 9.68 0 0 0 5.882-.734c.215-.106.413-.247.648-.39a3.5 3.5 0 0 1 .16 1.555 4.26 4.26 0 0 1-1.798 3.021c-.404.3-.832.569-1.25.852a2.613 2.613 0 0 0-1.15 3.372l.048.161a3.4 3.4 0 0 1-1.5-1.285 3.6 3.6 0 0 1-.578-1.962 9 9 0 0 0-.05-1.037c-.114-.831-.504-1.204-1.238-1.225a1.45 1.45 0 0 0-1.507 1.18c-.012.056-.028.112-.046.178M4.901 20a17.75 17.75 0 0 1 7.4-2l2.913-8.38a.765.765 0 0 1 1.527 0L19.7 18a14.24 14.24 0 0 1 7.399 2S20.704 2.877 20.692 2.842C20.51 2.33 20.202 2 19.787 2h-7.619c-.415 0-.71.33-.904.842z'/></svg>",
   "astyle": "<svg viewBox='0 0 24 24'><path fill='#ef5350' d='M8.203 5.447 5.83 6.777l1.329-2.374-1.33-2.374 2.374 1.33 2.374-1.33-1.33 2.374 1.33 2.374zm11.394 9.305 2.374-1.329-1.33 2.374 1.33 2.373-2.374-1.329-2.374 1.33 1.33-2.374-1.33-2.374zm2.374-12.724-1.33 2.374 1.33 2.374-2.374-1.33-2.374 1.33 1.33-2.374-1.33-2.374 2.374 1.33zm-8.223 10.236 2.317-2.316-2.013-2.013-2.317 2.317zm.978-5.212 2.222 2.222c.37.35.37.968 0 1.338L5.867 21.694c-.37.37-.987.37-1.339 0l-2.222-2.221c-.37-.352-.37-.969 0-1.34l11.081-11.08c.37-.37.988-.37 1.34 0z'/></svg>",
   "audio": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M16 2a14 14 0 1 0 14 14A14 14 0 0 0 16 2m6 10h-4v8a4 4 0 1 1-4-4 3.96 3.96 0 0 1 2 .555V8h6Z'/></svg>",
-  "aurelia": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 24 24'><defs><linearGradient xlink:href='#a' id='i' x1='-31.824' x2='19.682' y1='-11.741' y2='35.548' gradientTransform='scale(.95818 1.0436)' gradientUnits='userSpaceOnUse'/><linearGradient id='a' x1='-3.881' x2='2.377' y1='-1.442' y2='4.304'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient xlink:href='#b' id='j' x1='12.022' x2='-15.716' y1='13.922' y2='-23.952' gradientTransform='scale(.96226 1.0392)' gradientUnits='userSpaceOnUse'/><linearGradient id='b' x1='.729' x2='-.971' y1='.844' y2='-1.477'><stop offset='0' stop-color='#5E35B1'/><stop offset='.14' stop-color='#8E24AA'/><stop offset='.29' stop-color='#AD1457'/><stop offset='.84' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient><linearGradient xlink:href='#c' id='k' x1='-23.39' x2='23.931' y1='-57.289' y2='8.573' gradientTransform='scale(1.0429 .95884)' gradientUnits='userSpaceOnUse'/><linearGradient id='c' x1='-2.839' x2='2.875' y1='-6.936' y2='1.017'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient xlink:href='#d' id='l' x1='-53.331' x2='6.771' y1='-30.517' y2='18.785' gradientTransform='scale(.99898 1.001)' gradientUnits='userSpaceOnUse'/><linearGradient id='d' x1='-8.212' x2='1.02' y1='-4.691' y2='2.882'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient xlink:href='#e' id='m' x1='-14.029' x2='41.998' y1='-23.111' y2='26.259' gradientTransform='scale(1.0003 .99965)' gradientUnits='userSpaceOnUse'/><linearGradient id='e' x1='-1.404' x2='4.19' y1='-2.309' y2='2.62'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient xlink:href='#f' id='n' x1='31.177' x2='3.37' y1='41.442' y2='3.402' gradientTransform='scale(.96254 1.0389)' gradientUnits='userSpaceOnUse'/><linearGradient id='f' x1='1.911' x2='.204' y1='2.539' y2='.204'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#7B1FA2'/><stop offset='.29' stop-color='#AD1457'/><stop offset='.84' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient><linearGradient xlink:href='#g' id='o' x1='-31.905' x2='19.599' y1='-14.258' y2='42.767' gradientTransform='scale(.95823 1.0436)' gradientUnits='userSpaceOnUse'/><linearGradient id='g' x1='-3.881' x2='2.377' y1='-1.738' y2='5.19'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient xlink:href='#h' id='p' x1='4.301' x2='34.534' y1='34.41' y2='4.514' gradientTransform='scale(1.002 .99796)' gradientUnits='userSpaceOnUse'/><linearGradient id='h' x1='.112' x2='.901' y1='.897' y2='.116'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#8E24AA'/><stop offset='.53' stop-color='#C2185B'/><stop offset='.79' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient></defs><g stroke-linejoin='round' stroke-miterlimit='1.414' clip-rule='evenodd'><path fill='url(#i)' d='M8.002 6.127 4.117 8.719.116 2.723 4 .13z' transform='translate(11.282 3.07)scale(.47102)'/><path fill='url(#j)' d='m9.179 1.887 6.637 9.946-7.906 5.276-6.637-9.946L.115 5.43 8.02.153z' transform='translate(12.215 13.552)scale(.47102)'/><path fill='url(#k)' d='m7.3 1.88 1.462 2.189-6.018 4.015L.124 4.16l1.315-.877L6.143.144z' transform='translate(8.41 16.686)scale(.47102)'/><path fill='url(#l)' d='M2.328 1.146 4.016.02l2.619 3.925L2.75 6.537l-1.46-2.19 2.197-1.466zm-1.04 3.201L.132 2.612l2.197-1.466 1.158 1.735z' transform='translate(16.99 11.686)scale(.47102)'/><path fill='url(#m)' d='m5.346 9.155-1.315.877L.03 4.035 6.047.019l2.805 4.204L4.15 7.36l4.703-3.138 1.197 1.793z' transform='translate(2.738 8.18)scale(.47102)'/><path fill='url(#n)' d='m14.533 9.934 1.197 1.793-7.907 5.276-1.196-1.793L.052 5.358 7.958.082z' transform='translate(4.753 2.36)scale(.47102)'/><path fill='url(#o)' d='M6.235 7.177 4.038 8.643 2.84 6.849.036 2.646 3.92.053 7.923 6.05z' transform='translate(11.32 3.106)scale(.47102)'/><path fill='#673AB7' d='m9.632 19.05-.545-.818 2.215-1.478.546.817zm7.965-5.315-.545-.817 1.035-.691.545.817z'/><path fill='#7E57C2' d='m5.256 12.492-.564-.845 2.216-1.478.563.845zm7.965-5.315-.564-.845 1.035-.69.564.844z'/><path fill='#880E4F' d='m16.538 14.441-3.724 2.485-.545-.817 3.724-2.485z'/><path fill='#AD1457' d='m11.598 7.039.564.844-3.724 2.485-.564-.844z'/><path fill='#AB47BC' d='m4.2 6.363.703 1.054-1.053.702-.703-1.053z'/><path fill='#7E57C2' d='m7.996 18.99.703 1.054-1.054.703-.702-1.054z'/><path fill='url(#p)' d='M8.372 38.294.017 29.876 29.749.08l8.636 8.201z' transform='rotate(11.282 -5.61 25.53)scale(.47102)'/></g></svg>",
+  "aurelia": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 24 24'><defs><linearGradient xlink:href='#a' id='i' x1='-31.824' x2='19.682' y1='-11.741' y2='35.548' gradientTransform='scale(.95818 1.0436)' gradientUnits='userSpaceOnUse'/><linearGradient id='a' x1='-3.881' x2='2.377' y1='-1.442' y2='4.304'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient xlink:href='#b' id='j' x1='12.022' x2='-15.716' y1='13.922' y2='-23.952' gradientTransform='scale(.96226 1.0392)' gradientUnits='userSpaceOnUse'/><linearGradient id='b' x1='.729' x2='-.971' y1='.844' y2='-1.477'><stop offset='0' stop-color='#5e35b1'/><stop offset='.14' stop-color='#8e24aa'/><stop offset='.29' stop-color='#ad1457'/><stop offset='.84' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient><linearGradient xlink:href='#c' id='k' x1='-23.39' x2='23.931' y1='-57.289' y2='8.573' gradientTransform='scale(1.0429 .95884)' gradientUnits='userSpaceOnUse'/><linearGradient id='c' x1='-2.839' x2='2.875' y1='-6.936' y2='1.017'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient xlink:href='#d' id='l' x1='-53.331' x2='6.771' y1='-30.517' y2='18.785' gradientTransform='scale(.99898 1.001)' gradientUnits='userSpaceOnUse'/><linearGradient id='d' x1='-8.212' x2='1.02' y1='-4.691' y2='2.882'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient xlink:href='#e' id='m' x1='-14.029' x2='41.998' y1='-23.111' y2='26.259' gradientTransform='scale(1.0003 .99965)' gradientUnits='userSpaceOnUse'/><linearGradient id='e' x1='-1.404' x2='4.19' y1='-2.309' y2='2.62'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient xlink:href='#f' id='n' x1='31.177' x2='3.37' y1='41.442' y2='3.402' gradientTransform='scale(.96254 1.0389)' gradientUnits='userSpaceOnUse'/><linearGradient id='f' x1='1.911' x2='.204' y1='2.539' y2='.204'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#7b1fa2'/><stop offset='.29' stop-color='#ad1457'/><stop offset='.84' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient><linearGradient xlink:href='#g' id='o' x1='-31.905' x2='19.599' y1='-14.258' y2='42.767' gradientTransform='scale(.95823 1.0436)' gradientUnits='userSpaceOnUse'/><linearGradient id='g' x1='-3.881' x2='2.377' y1='-1.738' y2='5.19'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient xlink:href='#h' id='p' x1='4.301' x2='34.534' y1='34.41' y2='4.514' gradientTransform='scale(1.002 .99796)' gradientUnits='userSpaceOnUse'/><linearGradient id='h' x1='.112' x2='.901' y1='.897' y2='.116'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#8e24aa'/><stop offset='.53' stop-color='#c2185b'/><stop offset='.79' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient></defs><g stroke-linejoin='round' stroke-miterlimit='1.414' clip-rule='evenodd'><path fill='url(#i)' d='M8.002 6.127 4.117 8.719.116 2.723 4 .13z' transform='translate(11.282 3.07)scale(.47102)'/><path fill='url(#j)' d='m9.179 1.887 6.637 9.946-7.906 5.276-6.637-9.946L.115 5.43 8.02.153z' transform='translate(12.215 13.552)scale(.47102)'/><path fill='url(#k)' d='m7.3 1.88 1.462 2.189-6.018 4.015L.124 4.16l1.315-.877L6.143.144z' transform='translate(8.41 16.686)scale(.47102)'/><path fill='url(#l)' d='M2.328 1.146 4.016.02l2.619 3.925L2.75 6.537l-1.46-2.19 2.197-1.466zm-1.04 3.201L.132 2.612l2.197-1.466 1.158 1.735z' transform='translate(16.99 11.686)scale(.47102)'/><path fill='url(#m)' d='m5.346 9.155-1.315.877L.03 4.035 6.047.019l2.805 4.204L4.15 7.36l4.703-3.138 1.197 1.793z' transform='translate(2.738 8.18)scale(.47102)'/><path fill='url(#n)' d='m14.533 9.934 1.197 1.793-7.907 5.276-1.196-1.793L.052 5.358 7.958.082z' transform='translate(4.753 2.36)scale(.47102)'/><path fill='url(#o)' d='M6.235 7.177 4.038 8.643 2.84 6.849.036 2.646 3.92.053 7.923 6.05z' transform='translate(11.32 3.106)scale(.47102)'/><path fill='#673ab7' d='m9.632 19.05-.545-.818 2.215-1.478.546.817zm7.965-5.315-.545-.817 1.035-.691.545.817z'/><path fill='#7e57c2' d='m5.256 12.492-.564-.845 2.216-1.478.563.845zm7.965-5.315-.564-.845 1.035-.69.564.844z'/><path fill='#880e4f' d='m16.538 14.441-3.724 2.485-.545-.817 3.724-2.485z'/><path fill='#ad1457' d='m11.598 7.039.564.844-3.724 2.485-.564-.844z'/><path fill='#ab47bc' d='m4.2 6.363.703 1.054-1.053.702-.703-1.053z'/><path fill='#7e57c2' d='m7.996 18.99.703 1.054-1.054.703-.702-1.054z'/><path fill='url(#p)' d='M8.372 38.294.017 29.876 29.749.08l8.636 8.201z' transform='rotate(11.282 -5.61 25.53)scale(.47102)'/></g></svg>",
   "authors": "<svg viewBox='0 0 24 24'><path fill='#f44336' d='M15.787 13.71c-.275 0-.587 0-.918.047 1.098.796 1.865 1.847 1.865 3.267v2.367h5.68v-2.367c0-2.206-4.42-3.314-6.627-3.314m-7.575 0c-2.206 0-6.628 1.108-6.628 3.314v2.367H14.84v-2.367c0-2.206-4.421-3.314-6.628-3.314m0-1.894a2.84 2.84 0 0 0 2.841-2.84 2.84 2.84 0 0 0-2.84-2.84 2.84 2.84 0 0 0-2.841 2.84 2.84 2.84 0 0 0 2.84 2.84m7.575 0a2.84 2.84 0 0 0 2.84-2.84 2.84 2.84 0 0 0-2.84-2.84 2.84 2.84 0 0 0-2.84 2.84 2.84 2.84 0 0 0 2.84 2.84'/></svg>",
   "auto": "<svg viewBox='0 0 24 24'><path fill='#ffc400' d='M8.48 4.17c.334.574 1.047.798 1.696.636A7.5 7.5 0 0 1 12 4.583c.62 0 1.223.075 1.799.217.647.159 1.357-.065 1.691-.64.39-.668.116-1.532-.63-1.751A10.1 10.1 0 0 0 12 2c-1.006 0-1.977.146-2.894.419-.743.22-1.015 1.083-.627 1.75Z'/><path fill='#ad1457' d='M5.039 4.772c.564-.535 1.458-.34 1.848.331.333.572.176 1.292-.284 1.769a7.4 7.4 0 0 0-1.456 2.17c-.242.552-.762.958-1.367.958-.854 0-1.496-.781-1.191-1.572a10 10 0 0 1 2.45-3.656'/><path fill='#cfd8dc' d='M3.197 12c.718 0 1.32.583 1.444 1.286.613 3.483 3.675 6.13 7.359 6.13s6.746-2.647 7.359-6.13c.124-.703.726-1.286 1.444-1.286.719 0 1.279.581 1.187 1.289C21.353 18.203 17.123 22 12 22s-9.353-3.797-9.99-8.711C1.918 12.58 2.478 12 3.197 12'/><path fill='#ff5252' d='M20.203 9.958c.857 0 1.5-.786 1.19-1.578a10 10 0 0 0-2.458-3.632c-.564-.533-1.455-.336-1.845.333-.333.573-.174 1.295.289 1.772a7.4 7.4 0 0 1 1.459 2.155c.243.548.762.95 1.365.95'/><path fill='#cfd8dc' d='M7.133 9.32c-.442-.488.053-1.262.657-1.027l4.912 1.91c1.114.434 1.538 1.84.862 2.855a1.785 1.785 0 0 1-2.83.222l-3.6-3.96Z'/></svg>",
   "auto_light": "<svg viewBox='0 0 24 24'><path fill='#ffc400' d='M8.48 4.17c.334.574 1.047.798 1.696.636A7.5 7.5 0 0 1 12 4.583c.62 0 1.223.075 1.799.217.647.159 1.357-.065 1.691-.64.39-.668.116-1.532-.63-1.751A10.1 10.1 0 0 0 12 2c-1.006 0-1.977.146-2.894.419-.743.22-1.015 1.083-.627 1.75Z'/><path fill='#ad1457' d='M5.039 4.772c.564-.535 1.458-.34 1.848.331.333.572.176 1.292-.284 1.769a7.4 7.4 0 0 0-1.456 2.17c-.242.552-.762.958-1.367.958-.854 0-1.496-.781-1.191-1.572a10 10 0 0 1 2.45-3.656'/><path fill='#546e7a' d='M3.197 12c.718 0 1.32.583 1.444 1.286.613 3.483 3.675 6.13 7.359 6.13s6.746-2.647 7.359-6.13c.124-.703.726-1.286 1.444-1.286.719 0 1.279.581 1.187 1.289C21.353 18.203 17.123 22 12 22s-9.353-3.797-9.99-8.711C1.918 12.58 2.478 12 3.197 12'/><path fill='#ff5252' d='M20.203 9.958c.857 0 1.5-.786 1.19-1.578a10 10 0 0 0-2.458-3.632c-.564-.533-1.455-.336-1.845.333-.333.573-.174 1.295.289 1.772a7.4 7.4 0 0 1 1.459 2.155c.243.548.762.95 1.365.95'/><path fill='#546e7a' d='M7.133 9.32c-.442-.488.053-1.262.657-1.027l4.912 1.91c1.114.434 1.538 1.84.862 2.855a1.785 1.785 0 0 1-2.83.222l-3.6-3.96Z'/></svg>",
@@ -46,18 +50,22 @@
   "babel": "<svg viewBox='0 0 24 24'><path fill='#fdd835' d='M18.23 11.21q-.045-.24-1.32-1.65c-.02-.19.29-.45.9-.8l1.74-1.55c.39-.5.62-1.28.69-2.38l-.02-.26c-.07-.78-.63-1.4-1.69-1.89-.63-.42-1.76-.65-3.38-.68-1.35.11-3.11.59-5.28 1.43-.6.43-1.28.86-2.04 1.28l.01.14.21-.08c.08-.01.13.03.14.11l.13-.07.07-.01.01.06c0 .07-.47.44-1.76 1.35l-.06.12c-.31.02-.61.25-.91.67l.08.12.25-.09.18.24c.32-.33.66-.62 1.03-.87.19.05.29.11.44.16 1.02-.75 2.03-1.3 3.04-1.64l.01.14c-.2.27-.32.42-.38.42l.1.23c.01.19-2.55 7-6.66 14.44l.08.19c.35-.08.58-.17.75-.26l.01.13.4-.03-.67 1.76.14.06c.57-.64 1-1.29 1.3-1.88 1.67-.49 2.94-.97 3.82-1.44.88-.08 1.56-.31 2.02-.7l.92-.47c1.27-.98 2.22-1.67 2.87-2.08 1.33-.98 2.2-1.93 2.6-2.85zm-3.46 2.31L13 14.91c-1.29.85-2 1.3-2.09 1.3-2.07 1.13-3.36 1.72-3.86 1.76l-.05.01c.04-.23.96-2.12 2.75-5.67.78-.06 2.02-.43 3.71-1.1l.41-.03c.85-.08 1.49.09 1.91.49l.03.26c-.31.9-.67 1.44-1.04 1.59m1.09-5.78q-.27.33-1.5 1.11c-.27.03-1.27.42-3.01 1.18l-.28-.05-.01-.12c-.02-.25.09-.57.34-.95.13-.7.28-1.12.44-1.2l1.45-3.28c-.02-.22.29-.35.93-.46l.21-.02.01.18 1.16-.16c1.15-.1 1.75.14 1.8.7l.13-.02-.03-.32.15-.02c.35.19.52.4.54.68.02.18-.08.41-.29.68-.09.01-.14-.06-.15-.18l-.14.01-.03.4c-.58.87-1.01 1.31-1.27 1.34z'/></svg>",
   "ballerina": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='m14 12-6-2V2h6Zm-6 0 4 2.058L8 16Zm0 18V18l6-2v4l-2 10Zm10-18 6-2V2h-6Zm6 0-4 2.058L24 16Zm0 18V18l-6-2v4l2 10Z'/></svg>",
   "bazel": "<svg viewBox='0 0 512 512'><path fill='#81c784' d='m153.491 50.983 102.508 102.508-102.508 102.508L50.983 153.491z'/><path fill='#43a047' d='M50.983 153.491v102.508l102.508 102.508V255.999z'/><path fill='#81c784' d='m358.507 50.983 102.508 102.508-102.508 102.508-102.508-102.508z'/><path fill='#43a047' d='M461.015 153.491v102.508L358.507 358.507V255.999zm-205.016 0 102.508 102.508-102.508 102.508-102.508-102.508z'/><path fill='#2e7d32' d='M255.999 358.507v102.508L153.491 358.507V255.999z'/><path fill='#1b5e20' d='m255.999 358.507 102.508-102.508v102.508L255.999 461.015z'/></svg>",
+  "bbx": "<svg viewBox='0 0 1024 1024'><path fill='#c62828' d='M128 704v128c0 70.692 57.308 128 128 128h608c17.728 0 32-14.272 32-32V704z'/><path fill='#ffe082' d='M704 704v192h128V704z'/><path fill='#fff8e1' d='M192 704v96c0 53.184 42.816 96 96 96h544a96 96 0 0 1-96-96 96 96 0 0 1 96-96z'/><path fill='#ff1744' d='M320 832h192v192l-96-96-96 96z'/><path fill='#f44336' d='M256 64c-70.692 0-128 57.308-128 128v640c0 11.088 1.557 21.787 4.207 32.047C146.767 807.565 197.672 768.07 256 768h608c17.728 0 32-14.272 32-32V96c0-17.728-14.272-32-32-32z'/><path fill='#ffeb3b' d='M256 192c-70.912 0-128 57.088-128 128v64c0-70.912 57.088-128 128-128h448v320H256c-70.912 0-128 57.088-128 128v64c0-70.912 57.088-128 128-128h512V192z'/></svg>",
   "beancount": "<svg viewBox='0 0 32 32'><path fill='#e64a19' d='M26.471 5.736c7.383 3.577 2.04 13.636-5.547 17.984-5.998 3.44-18.128 5.76-18.877-2.22-.738-7.863 7.61-6.698 11.575-8.67 4.032-2.003 6.854-9.998 12.85-7.093zm-11.684 8.89c-1.167.438-3.695.194-3.479 2.094.215 1.932 3.483.908 5.243.097 1.788-.82 3.415-2.475 2.27-3.496-1.424-1.268-2.421.698-4.034 1.305'/></svg>",
   "bench-js": "<svg viewBox='0 0 16 16'><path fill='#ffca28' d='M6.915 9.906q.42.413 1.084.404t.98-.472l3.92-5.775-5.88 3.85q-.472.309-.498.945t.394 1.048M7.999 2q1.033 0 1.987.284.953.283 1.793.85l-1.33.825q-.577-.292-1.198-.438-.622-.146-1.252-.146-2.327 0-3.963 1.607T2.4 8.875q0 .722.201 1.427.201.704.569 1.323h9.659q.402-.653.586-1.358t.184-1.46q0-.62-.149-1.204t-.446-1.134l.84-1.307q.525.808.831 1.72.306.91.324 1.89.017.98-.228 1.873-.245.894-.717 1.702-.193.31-.525.481-.333.172-.7.172h-9.66q-.367 0-.7-.172t-.524-.481q-.455-.774-.7-1.642T1 8.875q0-1.427.551-2.673T3.056 4.02q.954-.937 2.231-1.479Q6.565 2 8 2zm.123 5.38'/></svg>",
   "bench-jsx": "<svg viewBox='0 0 16 16'><path fill='#00bcd4' d='M6.915 9.906q.42.413 1.084.404t.98-.472l3.92-5.775-5.88 3.85q-.472.309-.498.945t.394 1.048M7.999 2q1.033 0 1.987.284.953.283 1.793.85l-1.33.825q-.577-.292-1.198-.438-.622-.146-1.252-.146-2.327 0-3.963 1.607T2.4 8.875q0 .722.201 1.427.201.704.569 1.323h9.659q.402-.653.586-1.358t.184-1.46q0-.62-.149-1.204t-.446-1.134l.84-1.307q.525.808.831 1.72.306.91.324 1.89.017.98-.228 1.873-.245.894-.717 1.702-.193.31-.525.481-.333.172-.7.172h-9.66q-.367 0-.7-.172t-.524-.481q-.455-.774-.7-1.642T1 8.875q0-1.427.551-2.673T3.056 4.02q.954-.937 2.231-1.479Q6.565 2 8 2zm.123 5.38'/></svg>",
   "bench-ts": "<svg viewBox='0 0 16 16'><path fill='#0288d1' d='M6.915 9.906q.42.413 1.084.404t.98-.472l3.92-5.775-5.88 3.85q-.472.309-.498.945t.394 1.048M7.999 2q1.033 0 1.987.284.953.283 1.793.85l-1.33.825q-.577-.292-1.198-.438-.622-.146-1.252-.146-2.327 0-3.963 1.607T2.4 8.875q0 .722.201 1.427.201.704.569 1.323h9.659q.402-.653.586-1.358t.184-1.46q0-.62-.149-1.204t-.446-1.134l.84-1.307q.525.808.831 1.72.306.91.324 1.89.017.98-.228 1.873-.245.894-.717 1.702-.193.31-.525.481-.333.172-.7.172h-9.66q-.367 0-.7-.172t-.524-.481q-.455-.774-.7-1.642T1 8.875q0-1.427.551-2.673T3.056 4.02q.954-.937 2.231-1.479Q6.565 2 8 2zm.123 5.38'/></svg>",
+  "bibliography": "<svg viewBox='0 0 1024 1024'><path fill='#795548' d='M96 832h832c17.728 0 32 14.272 32 32v64c0 17.728-14.272 32-32 32H96c-17.728 0-32-14.272-32-32v-64c0-17.728 14.272-32 32-32'/><path fill='#4caf50' d='M160 192h64c17.728 0 32 14.272 32 32v512c0 17.728-14.272 32-32 32h-64c-17.728 0-32-14.272-32-32V224c0-17.728 14.272-32 32-32'/><path fill='#f44336' d='M512 96c0-17.728-14.272-32-32-32H352c-17.728 0-32 14.272-32 32v640c0 17.728 14.272 32 32 32h128c17.728 0 32-14.272 32-32z'/><path fill='#2196f3' d='m530.161 158.902 57.333-27.693a31.804 31.804 0 0 1 42.634 14.936l262.693 548.17c7.66 15.984.977 35.057-14.982 42.766l-57.333 27.693a31.804 31.804 0 0 1-42.634-14.936L515.18 201.668c-7.66-15.983-.977-35.057 14.982-42.766z'/><path fill='#ffeb3b' d='M320 192v64h192v-64zm0 384v64h192v-64z'/></svg>",
+  "bibtex-style": "<svg viewBox='0 0 1024 1024'><path fill='#795548' d='M96 832h832c17.728 0 32 14.272 32 32v64c0 17.728-14.272 32-32 32H96c-17.728 0-32-14.272-32-32v-64c0-17.728 14.272-32 32-32'/><path fill='#4caf50' d='M160 192h64c17.728 0 32 14.272 32 32v512c0 17.728-14.272 32-32 32h-64c-17.728 0-32-14.272-32-32V224c0-17.728 14.272-32 32-32'/><path fill='#f44336' d='M512 96c0-17.728-14.272-32-32-32H352c-17.728 0-32 14.272-32 32v640c0 17.728 14.272 32 32 32h128c17.728 0 32-14.272 32-32z'/><path fill='#ffeb3b' d='M320 192v64h192v-64zm0 384v64h192v-64z'/><path fill='#bbdefb' d='M608 320h256c17.728 0 32 14.272 32 32v384c0 17.728-14.272 32-32 32H608c-17.728 0-32-14.272-32-32V352c0-17.728 14.272-32 32-32'/><path fill='#2196f3' d='M608 320c-17.673 0-32 14.327-32 32v352c35.346 0 64-28.654 64-64v-32a32 32 0 0 1 32-32c17.673 0 32-14.327 32-32v-64a32 32 0 0 1 32-32c17.673 0 32-14.327 32-32v-96z'/><path d='M745.606 339.205 924.74 473.693a15.965 15.965 0 0 1 3.19 22.401 15.965 15.965 0 0 1-22.403 3.19l-179.133-134.49a15.965 15.965 0 0 1-3.19-22.401 15.965 15.965 0 0 1 22.402-3.19z'/></svg>",
   "bicep": "<svg viewBox='0 0 24 24'><path fill='#fbc02d' d='M3 18S4.15 6.885 7 3l5 1-1 3H9v7h1c1.9-2.915 5.783-3.98 8.157-2.915 4.475 1.915 2.998 5.967.148 7.905C16.025 20.548 10.113 23.05 3 18'/></svg>",
-  "biome": "<svg viewBox='0 0 74 74'><path fill='#42A5F5' d='M37 9 22.745 33.69a32.2 32.2 0 0 1 16.869-.584l4.818 1.137-4.533 19.22-4.825-1.137c-5.93-1.399-11.628 1.716-14.036 6.685l-4.46-2.158c3.404-7.029 11.425-11.285 19.637-9.347l2.259-9.58A27.23 27.23 0 0 0 5 64.424l64 .001z'/></svg>",
+  "biome": "<svg viewBox='0 0 74 74'><path fill='#42a5f5' d='M37 9 22.745 33.69a32.2 32.2 0 0 1 16.869-.584l4.818 1.137-4.533 19.22-4.825-1.137c-5.93-1.399-11.628 1.716-14.036 6.685l-4.46-2.158c3.404-7.029 11.425-11.285 19.637-9.347l2.259-9.58A27.23 27.23 0 0 0 5 64.424l64 .001z'/></svg>",
   "bitbucket": "<svg viewBox='0 0 24 24'><defs><linearGradient id='a' x1='64.01' x2='32.99' y1='65.26' y2='89.48' gradientUnits='userSpaceOnUse'><stop offset='.18' stop-color='#1565c0'/><stop offset='1' stop-color='#1e88e5'/></linearGradient></defs><path fill='#1e88e5' d='M2.985 3.333a.618.618 0 0 0-.617.716l2.621 15.914a.84.84 0 0 0 .822.701h12.576a.62.62 0 0 0 .618-.519l2.627-16.09a.618.618 0 0 0-.617-.716zm11.039 11.501H10.01L8.923 9.16h6.074z'/><path fill='url(#a)' d='M59.67 60.12H40.9L37.75 78.5h-13L9.4 96.73a2.7 2.7 0 0 0 1.75.66h40.74a2 2 0 0 0 2-1.68z' transform='translate(2.368 -9.404)scale(.30877)'/></svg>",
   "bithound": "<svg fill-opacity='.05' viewBox='0 0 400 400'><g fill='#e53935' fill-opacity='1'><path d='M350.738 186.163c-1.32-13.024-4.224-26.312-8.36-38.72-11.88-35.464-33.968-71.808-61.864-96.888-1.232-1.056-5.896-3.872-7.656-2.904-4.576 2.552 4.048 20.064 5.104 23.232 6.512 19.36 10.648 39.864 5.984 60.104-6.248 26.752-26.752 45.496-54.12 47.784-15.048 1.232-30.184-.44-45.232 1.32-22.528 2.64-45.496 10.384-59.84 28.864-1.672 2.112-3.168 4.488-4.576 6.952h-.352c-5.544.616-11.088-1.76-13.816-3.256-.704-.44-1.408-.792-1.936-1.056-16.72-9.24-29.04-29.92-36.608-46.992-3.432-7.92-6.336-16.192-8.184-24.552-.88-3.784-.968-7.744-1.144-11.616-.088-2.376.264-5.72-1.056-7.832-2.904-4.576-6.6-.176-7.216 3.52-.968 6.072-1.848 12.056-1.584 18.216.44 10.384 3.344 20.68 7.04 30.36 5.456 14.256 13.112 27.368 23.056 39.072 4.136 4.84 8.536 9.328 13.288 13.464 4.224 3.784 9.592 6.776 12.76 11.616 3.696 5.544 4.312 12.408 3.96 18.832-.88 16.984-1.408 32.912 3.432 49.456 4.224 14.696 9.504 29.744 18.304 42.328 4.4 6.248 9.856 12.848 15.84 17.512 4.048 3.168 11.704 3.52 7.304-8.096-9.768-25.784-10.648-52.536 4.576-76.648 12.76-20.064 35.288-37.928 60.72-34.76 37.4 4.664 63.448 38.984 61.6 75.68-.528 10.296-.88 19.096-4.136 28.776-1.32 3.872-2.288 8.8-1.32 12.848 1.584 6.864 9.24 4.312 12.584-.176 9.064-12.32 18.568-24.288 27.104-36.96 27.808-41.536 41.36-89.584 36.344-139.48'/><path d='M141.21 85.051c.616 2.024 1.232 4.224 1.672 6.6.088.968.352 2.024.88 2.992 2.288 5.984 7.832 9.24 13.024 12.32 3.168 1.936 8.888 3.784 12.408 5.192 4.576 1.848 14.432-.528 19.096-.88 10.736-.88 20.68-4.664 30.536 1.056-50.512 59.224-2.816 72.424 34.144 43.912 42.24-32.56 2.464-109.384 2.464-109.384s-.88-5.984-16.896-9.504a52 52 0 0 0-4.488-2.112c-15.84-7.304-30.096 4.664-41.536 14.432-3.344 2.816-6.6 5.632-10.12 8.272-4.752 3.52-9.856 6.424-15.224 8.976-5.632 2.64-12.32 5.632-18.568 5.896-.88 0-2.552.176-4.312.528-2.728.264-4.136.968-4.752 2.2-1.056.88-1.76 2.112-1.584 3.696.176 2.2 1.232 4.048 2.376 5.456.352.088.616.264.88.352'/></g></svg>",
+  "blender": "<svg viewBox='0 0 32 32'><g fill='#ff9800' fill-rule='evenodd'><path d='M14.004 19a5 5 0 0 1 4.993-5.001 5 5 0 0 1 5.008 4.985A5 5 0 0 1 19.028 24a5 5 0 0 1-5.024-4.97z' paint-order='stroke fill markers'/><path d='m23.148 7.152-4.355-4.451s-1.488-1.534-3.022-.046-.046 3.022-.046 3.022l.165.264c.693.69 1.412 1.368 2.105 2.058h-12s-2 0-2 2 2 2 2 2h4l-6 6-1.332 1.41s-1.503 1.503 0 3.007c1.503 1.503 3.006 0 3.006 0l2.327-2.417.063.19q.06.555.173 1.09a11.02 11.02 0 0 0 8.599 8.508 11 11 0 0 0 2.216.213c6.068-.028 10.967-4.965 10.949-11.034 0-5.452-4-8.967-6.848-11.815zm-4.162 4.847a7 7 0 1 1-6.99 7.044V19a7 7 0 0 1 6.99-7'/></g></svg>",
   "blink": "<svg viewBox='0 0 256 256'><path fill='#f9a825' d='M130.974 23.383c57.809 1.624 103.262 49.782 101.638 107.591s-49.782 103.262-107.59 101.639C67.303 230.989 21.85 183.01 23.383 125.293c1.533-57.81 49.602-103.443 107.41-101.91zm-.541 10.823c-51.766-1.353-94.875 39.59-96.137 91.447-1.353 51.766 39.59 94.875 91.357 96.137 51.766 1.353 94.875-39.59 96.137-91.357 1.443-51.856-39.5-94.875-91.357-96.227.09 0 0 0 0 0'/><path fill='#f9a825' d='M137.9 93.403c-4.149 3.968-2.525 12.806 3.878 19.57s15.241 8.838 19.209 4.78 2.706-12.987-3.788-19.751-15.422-8.748-19.57-4.78zm52.217-25.162c8.207 8.568 14.43 18.758 18.398 29.851 0 0 2.706 7.395-5.862 7.395H181.73s-6.674-.54-6.944 5.14c-.451 7.035-.27 12.988-.27 12.988.27 4.058 1.803 8.026 4.328 11.183l21.554 22.727a9.184 9.184 0 0 1 1.082 12.355c-10.912 18.578-28.408 32.286-49.06 38.509-6.314 1.894-6.945-3.247-6.765-6.764 0-2.255 2.616-52.397 2.616-52.397.721-5.411-.992-10.912-4.78-14.881-6.764-7.215-11.003-11.814-11.003-11.814s-4.78-4.78-11.634-11.904c-3.788-3.878-9.018-5.862-14.43-5.501H54.027c-3.427 0-8.658-.812-6.403-7.035 7.305-20.292 21.915-37.066 41.124-46.896 3.878-2.705 9.199-1.984 12.265 1.714l21.554 22.727c3.066 2.705 6.944 4.329 11.003 4.78 0 0 5.862.45 12.987.36 5.591 0 5.501-6.764 5.501-6.764s.902-13.888 1.173-20.923c-.27-2.976 1.894-5.591 4.78-5.862.991-.09 1.893.09 2.795.451 11.003 4.69 21.013 11.634 29.22 20.292z'/></svg>",
   "blink_light": "<svg viewBox='0 0 256 256'><circle cx='128' cy='128' r='97.4' fill='#37474f'/><path fill='#f9a825' d='M130.974 23.383c57.809 1.624 103.262 49.782 101.638 107.591s-49.782 103.262-107.59 101.639C67.303 230.989 21.85 183.01 23.383 125.293c1.533-57.81 49.602-103.443 107.41-101.91zm-.541 10.823c-51.766-1.353-94.875 39.59-96.137 91.447-1.353 51.766 39.59 94.875 91.357 96.137 51.766 1.353 94.875-39.59 96.137-91.357 1.443-51.856-39.5-94.875-91.357-96.227.09 0 0 0 0 0'/><path fill='#f9a825' d='M137.9 93.403c-4.149 3.968-2.525 12.806 3.878 19.57s15.241 8.838 19.209 4.78 2.706-12.987-3.788-19.751-15.422-8.748-19.57-4.78zm52.217-25.162c8.207 8.568 14.43 18.758 18.398 29.851 0 0 2.706 7.395-5.862 7.395H181.73s-6.674-.54-6.944 5.14c-.451 7.035-.27 12.988-.27 12.988.27 4.058 1.803 8.026 4.328 11.183l21.554 22.727a9.184 9.184 0 0 1 1.082 12.355c-10.912 18.578-28.408 32.286-49.06 38.509-6.314 1.894-6.945-3.247-6.765-6.764 0-2.255 2.616-52.397 2.616-52.397.721-5.411-.992-10.912-4.78-14.881-6.764-7.215-11.003-11.814-11.003-11.814s-4.78-4.78-11.634-11.904c-3.788-3.878-9.018-5.862-14.43-5.501H54.027c-3.427 0-8.658-.812-6.403-7.035 7.305-20.292 21.915-37.066 41.124-46.896 3.878-2.705 9.199-1.984 12.265 1.714l21.554 22.727c3.066 2.705 6.944 4.329 11.003 4.78 0 0 5.862.45 12.987.36 5.591 0 5.501-6.764 5.501-6.764s.902-13.888 1.173-20.923c-.27-2.976 1.894-5.591 4.78-5.862.991-.09 1.893.09 2.795.451 11.003 4.69 21.013 11.634 29.22 20.292z'/></svg>",
   "blitz": "<svg viewBox='0 0 24 24'><path fill='#7c4dff' d='M8.613 11.997c1.333 0 2.588.621 3.389 1.677l3.454 4.552a.28.28 0 0 1 .025.297l-1.991 3.825a.284.284 0 0 1-.477.04l-7.901-10.39zm2.375-10.385 7.9 10.39h-3.5a4.25 4.25 0 0 1-3.39-1.676L8.546 5.774a.28.28 0 0 1-.025-.297l1.99-3.825a.284.284 0 0 1 .478-.04z'/></svg>",
-  "bower": "<svg viewBox='0 0 400 400'><path fill='#5D4037' d='M376.834 196.261c-18.912-18.172-113.486-29.517-143.327-32.819a88 88 0 0 0 3.692-10.58c4.068-1.78 8.46-3.438 13-4.822.553 1.632 3.159 7.885 4.644 10.853 60.004 1.655 63.085-44.591 65.525-57.26 2.387-12.389 2.265-24.359 22.847-46.241-30.663-8.936-74.759 13.85-89.53 47.762-5.55-2.08-11.114-3.615-16.615-4.565-3.943-15.905-24.474-60.215-78.352-60.215-68.215 0-142.567 56.276-142.567 151.542 0 80.078 54.672 150.258 85.559 150.258 13.49 0 25.094-10.103 27.818-19.158 2.284 6.209 9.292 25.51 11.593 30.424 3.402 7.267 19.134 13.554 26.018 6.014 8.852 4.917 25.095 7.88 33.947-5.235 17.049 3.606 32.12-6.56 32.45-18.691 8.365-.447 12.469-12.193 10.642-21.547-1.346-6.887-15.732-31.599-21.343-40.13 11.108 9.035 39.243 11.593 42.66.006 17.909 14.057 45.817 6.679 48.03-4.753 21.761 5.654 46.72-6.764 42.621-21.803 34.958-2.418 30.483-39.611 20.675-49.037z'/><path fill='#03A9F4' d='M279.494 116.935c7.529-14.938 16.99-31.25 28.94-41.34-13.153 5.3-26.139 21.146-33.817 38.083a118 118 0 0 0-11.893-6.646c10.71-22.862 35.598-41.955 63.025-43.447-18.37 16.662-11.85 51.29-26.954 69.623-4.322-4.342-14.247-12.72-19.301-16.273m-11.876 24.326c.008-.572.222-4.981.624-6.994-1.054-.248-7.601-1.529-11.015-1.449-.249 4.288 1.802 11.581 3.828 15.972 13.956-.292 24.036-4.472 29.969-8.314-5.051-2.354-13.67-4.448-20.224-5.7-.732 1.513-2.531 5.368-3.182 6.485'/><g stroke-width='.973' transform='translate(10.989 32.73)scale(.81733)'><path fill='#4CAF50' d='M250.54 277.39c.004.024.015.057.018.082-2.165-4.657-4.463-10.314-7.208-17.708 10.688 15.557 44.184 7.533 42.427-6.407 16.395 12.336 50.143-2.055 42.471-19.353 16.423 7.653 35.168-7.745 30.964-14.455 28 5.4 54.832 10.783 63.256 12.938-5.595 9.123-18.339 15.566-37.549 11.089 10.38 14.14-9.773 31.105-37.844 21.76 6.18 13.883-18.814 26.38-47.22 11.91.361 13.889-35.24 15.488-49.315.143zm55.543-70.194c32.497 2.495 86.238 7.34 119.51 11.997-2.102-10.828-7.844-13.921-25.905-18.772-19.425 2.072-68.706 6.913-93.604 6.776z'/><path fill='#FFCA28' d='M285.78 253.36c16.395 12.336 50.143-2.055 42.471-19.353 16.423 7.653 35.168-7.745 30.964-14.455-33.103-6.383-67.84-12.788-75.719-13.908 4.78.254 12.702.797 22.59 1.556 24.899.137 74.18-4.704 93.604-6.775-31.452-7.975-95.666-19.613-140.01-22.48-2.055 3.003-5.833 8.097-12.413 13.51-19.403 41.053-54.557 68.34-93.454 68.34-11.335 0-24.018-1.912-38.233-6.456-8.865 9.497-46.661 16.694-77.329 1.641 24.326 56.961 80.74 94.984 143.19 94.984 52.591 0 75.912-53.704 70.808-67.914-1.238-3.45-6.145-14.889-8.891-22.283 10.689 15.556 44.185 7.532 42.429-6.408z'/><path fill='#E0E0E0' d='M253.91 145.27c4.644-2.526 20.69-12.253 35.981-15.908a68 68 0 0 1-.536-5.12c-10.032 2.403-28.945 10.51-39.784-.661 22.866 6.9 34.283-6.149 51.09-6.149 10.014 0 24.305 2.798 35.57 7.22-9.061-8.37-38.772-33.63-75.558-33.717-8.213 9.957-17.09 31.526-6.764 54.334z'/><path fill='#F4511E' d='M115.58 253.33c14.215 4.544 26.898 6.457 38.233 6.457 38.896 0 74.05-27.29 93.454-68.341-14.351 11.978-39.291 22.228-78.241 22.228 34.694-7.866 64.56-25.156 79.753-50.427-10.68-16.998-22.263-54.603 7.07-84.33-4.512-14.497-26.475-52.766-75.095-52.766-84.85 0-155.17 71.001-155.17 166.15 0 22.525 4.547 43.65 12.67 62.664 30.666 15.054 68.462 7.858 77.327-1.64z'/><path fill='#FFCA28' d='M141.03 108.45c0 21.644 17.546 39.191 39.19 39.191s39.192-17.548 39.192-39.191-17.548-39.191-39.192-39.191-39.19 17.547-39.19 39.191'/><path fill='#5D4037' d='M156.76 108.45c0 12.958 10.507 23.463 23.463 23.463 12.96 0 23.464-10.506 23.464-23.463 0-12.959-10.504-23.464-23.464-23.464-12.957 0-23.463 10.506-23.463 23.464'/><ellipse cx='180.22' cy='98.044' fill='#FAFAFA' rx='13.673' ry='8.501'/></g></svg>",
+  "bower": "<svg viewBox='0 0 400 400'><path fill='#5d4037' d='M376.834 196.261c-18.912-18.172-113.486-29.517-143.327-32.819a88 88 0 0 0 3.692-10.58c4.068-1.78 8.46-3.438 13-4.822.553 1.632 3.159 7.885 4.644 10.853 60.004 1.655 63.085-44.591 65.525-57.26 2.387-12.389 2.265-24.359 22.847-46.241-30.663-8.936-74.759 13.85-89.53 47.762-5.55-2.08-11.114-3.615-16.615-4.565-3.943-15.905-24.474-60.215-78.352-60.215-68.215 0-142.567 56.276-142.567 151.542 0 80.078 54.672 150.258 85.559 150.258 13.49 0 25.094-10.103 27.818-19.158 2.284 6.209 9.292 25.51 11.593 30.424 3.402 7.267 19.134 13.554 26.018 6.014 8.852 4.917 25.095 7.88 33.947-5.235 17.049 3.606 32.12-6.56 32.45-18.691 8.365-.447 12.469-12.193 10.642-21.547-1.346-6.887-15.732-31.599-21.343-40.13 11.108 9.035 39.243 11.593 42.66.006 17.909 14.057 45.817 6.679 48.03-4.753 21.761 5.654 46.72-6.764 42.621-21.803 34.958-2.418 30.483-39.611 20.675-49.037z'/><path fill='#03a9f4' d='M279.494 116.935c7.529-14.938 16.99-31.25 28.94-41.34-13.153 5.3-26.139 21.146-33.817 38.083a118 118 0 0 0-11.893-6.646c10.71-22.862 35.598-41.955 63.025-43.447-18.37 16.662-11.85 51.29-26.954 69.623-4.322-4.342-14.247-12.72-19.301-16.273m-11.876 24.326c.008-.572.222-4.981.624-6.994-1.054-.248-7.601-1.529-11.015-1.449-.249 4.288 1.802 11.581 3.828 15.972 13.956-.292 24.036-4.472 29.969-8.314-5.051-2.354-13.67-4.448-20.224-5.7-.732 1.513-2.531 5.368-3.182 6.485'/><g stroke-width='.973' transform='translate(10.989 32.73)scale(.81733)'><path fill='#4caf50' d='M250.54 277.39c.004.024.015.057.018.082-2.165-4.657-4.463-10.314-7.208-17.708 10.688 15.557 44.184 7.533 42.427-6.407 16.395 12.336 50.143-2.055 42.471-19.353 16.423 7.653 35.168-7.745 30.964-14.455 28 5.4 54.832 10.783 63.256 12.938-5.595 9.123-18.339 15.566-37.549 11.089 10.38 14.14-9.773 31.105-37.844 21.76 6.18 13.883-18.814 26.38-47.22 11.91.361 13.889-35.24 15.488-49.315.143zm55.543-70.194c32.497 2.495 86.238 7.34 119.51 11.997-2.102-10.828-7.844-13.921-25.905-18.772-19.425 2.072-68.706 6.913-93.604 6.776z'/><path fill='#ffca28' d='M285.78 253.36c16.395 12.336 50.143-2.055 42.471-19.353 16.423 7.653 35.168-7.745 30.964-14.455-33.103-6.383-67.84-12.788-75.719-13.908 4.78.254 12.702.797 22.59 1.556 24.899.137 74.18-4.704 93.604-6.775-31.452-7.975-95.666-19.613-140.01-22.48-2.055 3.003-5.833 8.097-12.413 13.51-19.403 41.053-54.557 68.34-93.454 68.34-11.335 0-24.018-1.912-38.233-6.456-8.865 9.497-46.661 16.694-77.329 1.641 24.326 56.961 80.74 94.984 143.19 94.984 52.591 0 75.912-53.704 70.808-67.914-1.238-3.45-6.145-14.889-8.891-22.283 10.689 15.556 44.185 7.532 42.429-6.408z'/><path fill='#e0e0e0' d='M253.91 145.27c4.644-2.526 20.69-12.253 35.981-15.908a68 68 0 0 1-.536-5.12c-10.032 2.403-28.945 10.51-39.784-.661 22.866 6.9 34.283-6.149 51.09-6.149 10.014 0 24.305 2.798 35.57 7.22-9.061-8.37-38.772-33.63-75.558-33.717-8.213 9.957-17.09 31.526-6.764 54.334z'/><path fill='#f4511e' d='M115.58 253.33c14.215 4.544 26.898 6.457 38.233 6.457 38.896 0 74.05-27.29 93.454-68.341-14.351 11.978-39.291 22.228-78.241 22.228 34.694-7.866 64.56-25.156 79.753-50.427-10.68-16.998-22.263-54.603 7.07-84.33-4.512-14.497-26.475-52.766-75.095-52.766-84.85 0-155.17 71.001-155.17 166.15 0 22.525 4.547 43.65 12.67 62.664 30.666 15.054 68.462 7.858 77.327-1.64z'/><path fill='#ffca28' d='M141.03 108.45c0 21.644 17.546 39.191 39.19 39.191s39.192-17.548 39.192-39.191-17.548-39.191-39.192-39.191-39.19 17.547-39.19 39.191'/><path fill='#5d4037' d='M156.76 108.45c0 12.958 10.507 23.463 23.463 23.463 12.96 0 23.464-10.506 23.464-23.463 0-12.959-10.504-23.464-23.464-23.464-12.957 0-23.463 10.506-23.463 23.464'/><ellipse cx='180.22' cy='98.044' fill='#fafafa' rx='13.673' ry='8.501'/></g></svg>",
   "brainfuck": "<svg viewBox='0 0 24 24'><path fill='#ff4081' d='M21.085 13.343a4.35 4.35 0 0 1-1.812 3.788l.738 1.429c.22.431.25.94.058 1.39a1.68 1.68 0 0 1-1.017.959l-.758.24a1.62 1.62 0 0 1-1.784-.527l-2.032-2.398a5.1 5.1 0 0 1-2.34-1.055 5 5 0 0 1-1.438.22 4.2 4.2 0 0 1-2.398-.757 5 5 0 0 1-1.553.211 5.6 5.6 0 0 1-2.206-.431 3.94 3.94 0 0 1-2.33-3.462c-.077-.69.038-1.39.336-2.024a3.3 3.3 0 0 1-.068-2.234 4.3 4.3 0 0 1 1.86-2.148c.557-1.62 2.12-2.704 3.837-2.589a4.404 4.404 0 0 1 5.59-.355 5 5 0 0 1 1.247-.163A4.16 4.16 0 0 1 18.37 5.01a4.61 4.61 0 0 1 3.433 4.286 5.05 5.05 0 0 1-.825 3.002c.067.345.106.69.106 1.045m-4.795-1.352c.547.067.978.48.978 1.026a.96.96 0 0 1-.959.959h-.604a4.97 4.97 0 0 1-1.553 2.196c.24.086.489.134.738.201 4.92-.067 4.344-3.068 4.344-3.116a2.486 2.486 0 0 0-2.58-2.388.96.96 0 0 1-.958-.959.96.96 0 0 1 .958-.959c1.18.029 2.312.47 3.194 1.247a5 5 0 0 0 .076-.854c-.057-1.189-.594-2.224-2.752-2.426-1.198-2.838-4.22-1.266-4.22-.383-.028.22.202.69.24.719a.96.96 0 0 1 .96.959.96.96 0 0 1-.96.959 2.25 2.25 0 0 1-1.37-.537c-.461.297-.988.48-1.535.537-.547.048-.997-.336-1.026-.863a.93.93 0 0 1 .844-1.055c.153-.02.901-.134.901-.739 0-.632.24-1.237.652-1.716-.882-.24-1.831.077-2.79 1.237-1.765-.278-2.484-.038-3.011 1.832-.911.45-1.39.767-1.602 1.726a5.65 5.65 0 0 1 3.088.24.97.97 0 0 1 .566 1.236.96.96 0 0 1-1.237.566 2.93 2.93 0 0 0-2.206-.057c-.307.259-.307.796-.307 1.218 0 .71.355 1.37.96 1.754a3.5 3.5 0 0 0 1.64.384 6 6 0 0 1-.375-.777.995.995 0 0 1 1.88-.652c.383 1.093 1.361 1.841 2.512 1.966a3.59 3.59 0 0 0 3.06-2.043c.22-1.323 1.284-1.438 2.454-1.438m1.918 7.163-.595-1.246-.68.153.958 1.199zm-4.46-8.256a.96.96 0 0 0-.872-.988 2.56 2.56 0 0 0-1.85.643 2.85 2.85 0 0 0-.806 2.1.96.96 0 0 0 .959.959.95.95 0 0 0 .959-.96c0-.258.067-.517.22-.728a.64.64 0 0 1 .413-.144c.527.029.978-.364.978-.882z'/></svg>",
   "browserlist": "<svg viewBox='0 0 140 140'><path fill='#ffca28' d='M70 10.172A59.83 59.83 0 0 0 10.172 70 59.83 59.83 0 0 0 70 129.828 59.83 59.83 0 0 0 129.828 70 59.83 59.83 0 0 0 70 10.172m-4.836 8.785C65.66 23 66.516 26.28 67.736 29.18c4.779-4.287 10.265-7.546 16.041-9.02-.981 3.938-1.357 7.295-1.261 10.43 6.026-2.314 12.349-3.404 18.3-2.706-3.182 2.413-5.482 4.717-7.128 7.015-2.201 12.074 6.858 20.43 14.779 24.551a5.13 5.13 0 0 1 5.183-3.888 5.128 5.128 0 0 1 3.7 8.435V64c-.487 1.055-2.002 2.343-3.496 3.219-4.076 2.39-11.173 5.736-20.915 7.39.045 1.214.077 2.453.077 3.747 0 4.817-.485 8.291-1.385 10.699-3.3 13.313-12.648 26.76-24.695 31.95.357-4.082.197-7.484-.402-10.591-5.582 3.219-11.646 5.278-17.623 5.52h-.002c1.785-3.662 2.855-6.878 3.412-9.976-6.347.996-12.727.742-18.377-1.17 2.93-2.732 5.054-5.314 6.673-7.96-6.292-1.344-12.169-3.87-16.766-7.686 3.822-1.544 6.795-3.239 9.3-5.197-5.426-3.517-10.034-7.998-12.972-13.23 4.012-.07 7.321-.568 10.3-1.453-3.786-5.215-6.468-11.032-7.333-16.951 3.861 1.405 7.196 2.133 10.36 2.355-1.662-6.22-2.081-12.605-.768-18.436 3.03 2.634 5.824 4.48 8.63 5.815.677-6.406 2.576-12.52 5.893-17.496 1.926 3.622 3.914 6.392 6.111 8.672 2.93-5.754 6.9-10.798 11.791-14.262zM91.63 38.514c-2.395 5.514-1.665 11.297-.555 18.732a2.138 2.138 0 0 0 .28-4.178 3.419 3.419 0 1 1 .092 6.704c.574 3.882 1.157 8.18 1.421 13.125a67 67 0 0 0 3.25-.649c6.616-1.487 12.258-3.801 16.871-6.506.45-.264.884-.563 1.276-.867.366-.557.333-.957.035-1.285-4.831-1.245-10.891-4.53-15.258-8.795-4.764-4.653-7.427-10.164-7.412-16.281'/></svg>",
   "browserlist_light": "<svg viewBox='0 0 140 140'><g stroke-width='.855' transform='translate(10.508 10.205)'><circle cx='59.492' cy='59.795' r='59.828' fill='#ffca28'/><path fill='#37474f' d='M54.656 8.752c-4.89 3.464-8.862 8.508-11.791 14.262-2.198-2.28-4.185-5.05-6.111-8.672-3.318 4.976-5.216 11.09-5.893 17.496-2.807-1.335-5.6-3.18-8.63-5.814-1.314 5.83-.895 12.216.767 18.436-3.164-.223-6.498-.95-10.36-2.356.865 5.92 3.548 11.737 7.333 16.951-2.978.885-6.287 1.383-10.3 1.453 2.939 5.233 7.547 9.714 12.972 13.23-2.505 1.959-5.478 3.654-9.299 5.198 4.596 3.815 10.474 6.341 16.766 7.685-1.62 2.647-3.743 5.228-6.674 7.96 5.65 1.912 12.03 2.166 18.377 1.17-.556 3.098-1.626 6.314-3.412 9.975h.002c5.977-.24 12.042-2.3 17.623-5.52.6 3.108.76 6.51.402 10.593 12.047-5.19 21.395-18.638 24.695-31.951.9-2.408 1.385-5.881 1.385-10.7 0-1.293-.031-2.531-.076-3.745 9.742-1.655 16.839-5.001 20.914-7.39 1.494-.877 3.01-2.165 3.496-3.22v-.002a5.128 5.128 0 0 0-3.7-8.435 5.13 5.13 0 0 0-5.183 3.889c-7.92-4.122-16.98-12.477-14.779-24.551 1.646-2.299 3.947-4.603 7.13-7.016-5.952-.698-12.276.392-18.302 2.707-.095-3.135.28-6.492 1.262-10.43-5.776 1.473-11.262 4.733-16.041 9.02-1.22-2.902-2.076-6.18-2.572-10.223zm26.465 19.557c-.015 6.117 2.648 11.628 7.412 16.281 4.366 4.265 10.426 7.55 15.258 8.795.298.328.331.728-.035 1.285-.392.304-.825.603-1.276.867-4.612 2.704-10.256 5.019-16.87 6.506q-1.607.361-3.25.649c-.265-4.945-.848-9.243-1.422-13.125a3.419 3.419 0 1 0-.092-6.703 2.138 2.138 0 0 1-.28 4.177c-1.11-7.435-1.84-13.218.555-18.732' data-mit-no-recolor='true'/></g></svg>",
@@ -65,17 +73,18 @@
   "buck": "<svg viewBox='0 0 24 24'><g fill='#0277bd'><path d='M7.488 2.94h-1.51v4.273L7.82 9.054H5.61L3.197 6.642V2.94H1.595v4.383l3.278 3.278h4.42l1.584 1.584H6.64l3.573 3.683-5.23 5.194h2.062l5.23-5.267-1.989-1.99H20.86v.664l-4.567 2.725-3.831 3.868h2.173l2.615-2.652 5.157-3.094v-3.13h-4.862l-1.658-1.658 1.879-1.879V4.45H16.2v3.5l-1.528 1.51-1.363-1.428V4.45h-1.473v4.273l3.445 3.462h-2.102L7.488 6.55z'/><path d='M15.48 14.763h-2.062l.995 1.068z'/></g></svg>",
   "bucklescript": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M12 18h4v2h-4z'/><path fill='#26a69a' d='M4 4v24h24V4Zm14 15.5a.5.5 0 0 1-.5.5H16v2h1.5a.5.5 0 0 1 .5.5v1a.5.5 0 0 1-.5.5H16v1.5a.5.5 0 0 1-.5.5h-5a.5.5 0 0 1-.5-.5v-9a.5.5 0 0 1 .5-.5h5a.5.5 0 0 1 .5.5V18h1.5a.5.5 0 0 1 .5.5Zm8-2a.5.5 0 0 1-.5.5H22v2h2a2 2 0 0 1 2 2v2a2 2 0 0 1-2 2h-3.5a.5.5 0 0 1-.5-.5v-1a.5.5 0 0 1 .5-.5H24v-2h-2a2 2 0 0 1-2-2v-2a2 2 0 0 1 2-2h3.5a.5.5 0 0 1 .5.5Z'/><path fill='#26a69a' d='M12 22h4v2h-4z'/></svg>",
   "buildkite": "<svg viewBox='0 0 32 32'><path fill='#00e676' d='m12 22-8-4V8l8 4zm8-14v10h4l4-4'/><path fill='#00c853' d='m12 22 8-4V8l-8 4zm8 6 8-4V14l-8 4z'/></svg>",
-  "bun": "<svg viewBox='0 0 32 32'><path fill='#FFF8E1' d='M30 17.045a9.8 9.8 0 0 0-.32-2.306l-.004.034a11.2 11.2 0 0 0-5.762-6.786c-3.495-1.89-5.243-3.326-6.8-3.811h.003c-1.95-.695-3.949.82-5.825 1.927-4.52 2.481-9.573 5.45-9.28 11.417.008-.029.017-.052.026-.08a9.97 9.97 0 0 0 3.934 7.257l-.01-.006C13.747 31.473 30.05 27.292 30 17.045'/><path fill='#37474f' d='M19.855 20.236A.8.8 0 0 0 19.26 20h-6.514a.8.8 0 0 0-.596.236.51.51 0 0 0-.137.463 4.37 4.37 0 0 0 1.641 2.339 4.2 4.2 0 0 0 2.349.926 4.2 4.2 0 0 0 2.343-.926 4.37 4.37 0 0 0 1.642-2.339.5.5 0 0 0-.132-.463Z'/><ellipse cx='22.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><ellipse cx='9.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><circle cx='10' cy='16' r='2' fill='#37474f'/><circle cx='22' cy='16' r='2' fill='#37474f'/><path fill='#455a64' d='M9.996 18A2 2 0 1 0 8 15.996V16a2 2 0 0 0 1.996 2'/><circle cx='9' cy='15' r='1' fill='#FAFAFA'/><circle cx='21' cy='15' r='1' fill='#FAFAFA'/></svg>",
-  "bun_light": "<svg viewBox='0 0 32 32'><path fill='#FFF8E1' d='M15.696 27.002a13.73 13.73 0 0 1-9.071-3.062 8.86 8.86 0 0 1-3.6-6.505c-.252-5.091 3.813-7.747 8.748-10.455.28-.165.537-.322.793-.48a7.8 7.8 0 0 1 3.52-1.5 2 2 0 0 1 .695.118 14.8 14.8 0 0 1 2.95 1.576c.972.6 2.182 1.348 3.707 2.173a10.14 10.14 0 0 1 5.274 6.147A8.8 8.8 0 0 1 29 17.035a8.15 8.15 0 0 1-2.525 5.959 15.6 15.6 0 0 1-10.778 4.008Z'/><path fill='#37474f' d='M16.087 6a1 1 0 0 1 .358.06l.038.013.037.012a14.5 14.5 0 0 1 2.684 1.46 72 72 0 0 0 3.767 2.205 9.17 9.17 0 0 1 4.767 5.493A8 8 0 0 1 28 17.055a7.18 7.18 0 0 1-2.234 5.233 14.6 14.6 0 0 1-10.07 3.714 12.74 12.74 0 0 1-8.415-2.816l-.027-.024-.029-.023a7.98 7.98 0 0 1-3.202-5.758c-.223-4.516 3.431-6.89 8.231-9.525l.027-.015.027-.015q.389-.231.783-.474A7.4 7.4 0 0 1 16.087 6m0-2c-1.618 0-3.248 1.19-4.795 2.103-4.52 2.481-9.56 5.41-9.267 11.376a9.9 9.9 0 0 0 3.942 7.215 14.77 14.77 0 0 0 9.73 3.308c7.122 0 14.335-4.134 14.303-10.957a9.6 9.6 0 0 0-.322-2.29 11.16 11.16 0 0 0-5.764-6.768c-3.495-1.89-5.242-3.326-6.798-3.811A3 3 0 0 0 16.086 4Z'/><path fill='#37474f' d='M19.855 20.236A.8.8 0 0 0 19.26 20h-6.514a.8.8 0 0 0-.596.236.51.51 0 0 0-.137.463 4.37 4.37 0 0 0 1.641 2.339 4.2 4.2 0 0 0 2.349.926 4.2 4.2 0 0 0 2.343-.926 4.37 4.37 0 0 0 1.642-2.339.5.5 0 0 0-.132-.463Z'/><ellipse cx='22.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><ellipse cx='9.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><circle cx='10' cy='16' r='2' fill='#37474f'/><circle cx='22' cy='16' r='2' fill='#37474f'/><path fill='#455a64' d='M9.996 18A2 2 0 1 0 8 15.996V16a2 2 0 0 0 1.996 2'/><circle cx='9' cy='15' r='1' fill='#FAFAFA'/><circle cx='21' cy='15' r='1' fill='#FAFAFA'/></svg>",
+  "bun": "<svg viewBox='0 0 32 32'><path fill='#fff8e1' d='M30 17.045a9.8 9.8 0 0 0-.32-2.306l-.004.034a11.2 11.2 0 0 0-5.762-6.786c-3.495-1.89-5.243-3.326-6.8-3.811h.003c-1.95-.695-3.949.82-5.825 1.927-4.52 2.481-9.573 5.45-9.28 11.417.008-.029.017-.052.026-.08a9.97 9.97 0 0 0 3.934 7.257l-.01-.006C13.747 31.473 30.05 27.292 30 17.045'/><path fill='#37474f' d='M19.855 20.236A.8.8 0 0 0 19.26 20h-6.514a.8.8 0 0 0-.596.236.51.51 0 0 0-.137.463 4.37 4.37 0 0 0 1.641 2.339 4.2 4.2 0 0 0 2.349.926 4.2 4.2 0 0 0 2.343-.926 4.37 4.37 0 0 0 1.642-2.339.5.5 0 0 0-.132-.463Z'/><ellipse cx='22.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><ellipse cx='9.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><circle cx='10' cy='16' r='2' fill='#37474f'/><circle cx='22' cy='16' r='2' fill='#37474f'/><path fill='#455a64' d='M9.996 18A2 2 0 1 0 8 15.996V16a2 2 0 0 0 1.996 2'/><circle cx='9' cy='15' r='1' fill='#fafafa'/><circle cx='21' cy='15' r='1' fill='#fafafa'/></svg>",
+  "bun_light": "<svg viewBox='0 0 32 32'><path fill='#fff8e1' d='M15.696 27.002a13.73 13.73 0 0 1-9.071-3.062 8.86 8.86 0 0 1-3.6-6.505c-.252-5.091 3.813-7.747 8.748-10.455.28-.165.537-.322.793-.48a7.8 7.8 0 0 1 3.52-1.5 2 2 0 0 1 .695.118 14.8 14.8 0 0 1 2.95 1.576c.972.6 2.182 1.348 3.707 2.173a10.14 10.14 0 0 1 5.274 6.147A8.8 8.8 0 0 1 29 17.035a8.15 8.15 0 0 1-2.525 5.959 15.6 15.6 0 0 1-10.778 4.008Z'/><path fill='#37474f' d='M16.087 6a1 1 0 0 1 .358.06l.038.013.037.012a14.5 14.5 0 0 1 2.684 1.46 72 72 0 0 0 3.767 2.205 9.17 9.17 0 0 1 4.767 5.493A8 8 0 0 1 28 17.055a7.18 7.18 0 0 1-2.234 5.233 14.6 14.6 0 0 1-10.07 3.714 12.74 12.74 0 0 1-8.415-2.816l-.027-.024-.029-.023a7.98 7.98 0 0 1-3.202-5.758c-.223-4.516 3.431-6.89 8.231-9.525l.027-.015.027-.015q.389-.231.783-.474A7.4 7.4 0 0 1 16.087 6m0-2c-1.618 0-3.248 1.19-4.795 2.103-4.52 2.481-9.56 5.41-9.267 11.376a9.9 9.9 0 0 0 3.942 7.215 14.77 14.77 0 0 0 9.73 3.308c7.122 0 14.335-4.134 14.303-10.957a9.6 9.6 0 0 0-.322-2.29 11.16 11.16 0 0 0-5.764-6.768c-3.495-1.89-5.242-3.326-6.798-3.811A3 3 0 0 0 16.086 4Z'/><path fill='#37474f' d='M19.855 20.236A.8.8 0 0 0 19.26 20h-6.514a.8.8 0 0 0-.596.236.51.51 0 0 0-.137.463 4.37 4.37 0 0 0 1.641 2.339 4.2 4.2 0 0 0 2.349.926 4.2 4.2 0 0 0 2.343-.926 4.37 4.37 0 0 0 1.642-2.339.5.5 0 0 0-.132-.463Z'/><ellipse cx='22.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><ellipse cx='9.5' cy='18.5' fill='#f8bbd0' rx='2.5' ry='1.5'/><circle cx='10' cy='16' r='2' fill='#37474f'/><circle cx='22' cy='16' r='2' fill='#37474f'/><path fill='#455a64' d='M9.996 18A2 2 0 1 0 8 15.996V16a2 2 0 0 0 1.996 2'/><circle cx='9' cy='15' r='1' fill='#fafafa'/><circle cx='21' cy='15' r='1' fill='#fafafa'/></svg>",
   "c": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M19.563 22A5.57 5.57 0 0 1 14 16.437v-2.873A5.57 5.57 0 0 1 19.563 8H24V2h-4.437A11.563 11.563 0 0 0 8 13.563v2.873A11.564 11.564 0 0 0 19.563 28H24v-6Z'/></svg>",
   "c3": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M11.563 22A5.57 5.57 0 0 1 6 16.437v-2.873A5.57 5.57 0 0 1 11.563 8H14V2h-2.437A11.563 11.563 0 0 0 0 13.563v2.873A11.564 11.564 0 0 0 11.563 28H14v-6Zm20.129-4.131A5.17 5.17 0 0 0 28 14c3.39-.894 4.268-5.241 2.792-8.108-3.305-6.304-14.028-4.545-15.407 2.381l4.89 1.255a3.17 3.17 0 0 1 3.04-2.754 3 3 0 0 1 1.814.702c1.19.911 1.249 3.785-.353 4.232A9 9 0 0 1 22 12h-2v4h2c1.7.107 3.362.577 4.23 2.313a3.4 3.4 0 0 1 .377 1.636 3.25 3.25 0 0 1-.297 1.464c-.919 1.985-3.984 2.166-5.407.749a4.43 4.43 0 0 1-1.285-2.143l-4.89 1.429c2.447 10.449 19.993 7.76 16.964-3.58'/></svg>",
-  "cabal": "<svg viewBox='0 0 300 300'><g transform='translate(0 -822.52)'><rect width='107.25' height='156.59' x='405.55' y='967.22' fill='#0097A7' rx='12.306' ry='12.31' transform='matrix(-.98339 .18149 .60192 .79856 0 0)'/><rect width='108.34' height='123.15' x='-1156.5' y='1461.9' fill='#3F51B5' rx='10.69' ry='12.31' transform='matrix(-.98528 .17093 -.59175 .80612 0 0)'/><path fill='#3F51B5' d='M52.112 965.158c-1.343 3.515-26.292 23.248-25.744 27.277.548 4.03 29.812 16.023 32.04 19.027s10.545 41.668 13.603 42.5 18.828-31.274 21.548-32.932 32.808 2.503 34.15-1.01c1.343-3.515-18.174-35.352-18.721-39.381s9.732-40.12 7.502-43.125-30.06 9.427-33.118 8.594-26.793-27.3-29.514-25.643-.405 41.177-1.747 44.693z'/></g></svg>",
+  "cabal": "<svg viewBox='0 0 300 300'><g transform='translate(0 -822.52)'><rect width='107.25' height='156.59' x='405.55' y='967.22' fill='#0097a7' rx='12.306' ry='12.31' transform='matrix(-.98339 .18149 .60192 .79856 0 0)'/><rect width='108.34' height='123.15' x='-1156.5' y='1461.9' fill='#3f51b5' rx='10.69' ry='12.31' transform='matrix(-.98528 .17093 -.59175 .80612 0 0)'/><path fill='#3f51b5' d='M52.112 965.158c-1.343 3.515-26.292 23.248-25.744 27.277.548 4.03 29.812 16.023 32.04 19.027s10.545 41.668 13.603 42.5 18.828-31.274 21.548-32.932 32.808 2.503 34.15-1.01c1.343-3.515-18.174-35.352-18.721-39.381s9.732-40.12 7.502-43.125-30.06 9.427-33.118 8.594-26.793-27.3-29.514-25.643-.405 41.177-1.747 44.693z'/></g></svg>",
   "caddy": "<svg viewBox='0 0 32 32'><path fill='#4fc3f7' d='M20 22v-3.53q-.008-.155-.011-.31-.003-.436-.041-.87a5.3 5.3 0 0 0-.18-.994 2.9 2.9 0 0 0-1.026-1.563A4.42 4.42 0 0 0 16.017 14a4.5 4.5 0 0 0-2.762.74 2.9 2.9 0 0 0-1.05 1.57 5 5 0 0 0-.186 1.073q-.029.448-.014.897l.004.191v3.53Z'/><path fill='#4fc3f7' d='M29 19c0-7.409-5.268-13-13-13S3 11.591 3 19c-.003 2.317 0 5 1 7.026v-.84c.001-1.673 2.264-3.002 4-3.186v-4.438C8 12.38 10.388 9.931 16 10c5.612-.07 8 2.38 8 7.562V22c1.736.184 3.999 1.513 4 3.187v.839C29 24 29.003 21.317 29 19'/></svg>",
   "cadence": "<svg viewBox='0 0 32 32'><path fill='#00e676' d='M14 12h6v-1a1 1 0 0 1 1-1h7V4h-6a8 8 0 0 0-8 8m6 0h6v6h-6zm-6 6v2.65A1.35 1.35 0 0 1 12.65 22h-1.3A1.35 1.35 0 0 1 10 20.65v-1.3A1.35 1.35 0 0 1 11.35 18zv-6h-2.65A7.35 7.35 0 0 0 4 19.35v1.3A7.35 7.35 0 0 0 11.35 28h1.3A7.35 7.35 0 0 0 20 20.65V18Z'/></svg>",
-  "cairo": "<svg viewBox='0 0 24 24'><path fill='#F44336' d='M13.15 7.455a1.94 1.94 0 0 1-1.938-1.94c0-1.07.87-1.94 1.939-1.94 1.07 0 1.94.87 1.94 1.94s-.87 1.94-1.94 1.94M12 2C6.477 2 2 6.477 2 12c0 2.348.811 4.506 2.166 6.212 1.092-1.532 2.258-2.977 3.721-4.18.042-.035.143-.11.272-.203a2.92 2.92 0 0 0 1.15-1.876v-.012c.37-2.438 1.371-3.279 4.152-3.279q.37.001.786.02c1.423.067 2.243.473 2.34.685a.57.57 0 0 1 .027.363l-.111-.015c-.878-.109-2.231.16-2.419 1.117-.105.544.02 1.143.072 1.693.054.567.104 1.139.099 1.711-.003.044-.035.266-.005.29-1.514-1.449-5.014.37-6.116 1.17q.17-.058.34-.122c1.05-.357 4.24-1.314 5.47-.256 1.043 1.277.104 3.634-.673 4.802a9.7 9.7 0 0 1-1.64 1.87q.184.009.369.01c5.523 0 10-4.477 10-10S17.523 2 12 2'/></svg>",
+  "cairo": "<svg viewBox='0 0 24 24'><path fill='#f44336' d='M13.15 7.455a1.94 1.94 0 0 1-1.938-1.94c0-1.07.87-1.94 1.939-1.94 1.07 0 1.94.87 1.94 1.94s-.87 1.94-1.94 1.94M12 2C6.477 2 2 6.477 2 12c0 2.348.811 4.506 2.166 6.212 1.092-1.532 2.258-2.977 3.721-4.18.042-.035.143-.11.272-.203a2.92 2.92 0 0 0 1.15-1.876v-.012c.37-2.438 1.371-3.279 4.152-3.279q.37.001.786.02c1.423.067 2.243.473 2.34.685a.57.57 0 0 1 .027.363l-.111-.015c-.878-.109-2.231.16-2.419 1.117-.105.544.02 1.143.072 1.693.054.567.104 1.139.099 1.711-.003.044-.035.266-.005.29-1.514-1.449-5.014.37-6.116 1.17q.17-.058.34-.122c1.05-.357 4.24-1.314 5.47-.256 1.043 1.277.104 3.634-.673 4.802a9.7 9.7 0 0 1-1.64 1.87q.184.009.369.01c5.523 0 10-4.477 10-10S17.523 2 12 2'/></svg>",
   "cake": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M16 10a2.847 2.847 0 0 0 3-2.663v-.003a2.32 2.32 0 0 0-.435-1.372L16 2l-2.565 3.96A2.33 2.33 0 0 0 13 7.331 2.847 2.847 0 0 0 15.998 10zm6.134 13.376L20.708 22l-1.44 1.375a4.917 4.917 0 0 1-6.52 0L11.334 22l-1.466 1.375A4.79 4.79 0 0 1 4 23.871V29a1 1 0 0 0 1 1h22a1 1 0 0 0 1-1v-5.129a4.79 4.79 0 0 1-5.866-.497M24 14h-6.667v-2h-2.666v2H8a4.145 4.145 0 0 0-4 4.09v1.415A2.56 2.56 0 0 0 6.614 22a2.53 2.53 0 0 0 1.84-.726l2.88-2.71 2.813 2.71a2.764 2.764 0 0 0 3.693 0l2.826-2.71 2.868 2.71A2.649 2.649 0 0 0 28 19.505V18.09A4.145 4.145 0 0 0 24 14'/></svg>",
   "capacitor": "<svg viewBox='0 0 24 24'><path fill='#4fc3f7' d='m19.081 2.35-4.795 4.795L9.62 2.482 7.05 5.05l4.664 4.665 2.57 2.57 4.705 4.705 2.57-2.57-4.705-4.705 4.795-4.797zM5.052 7.05l-2.57 2.57 4.665 4.664L2.35 19.08l2.57 2.57 4.796-4.796 4.704 4.705 2.57-2.57-7.274-7.274z' paint-order='fill markers stroke'/></svg>",
   "capnp": "<svg viewBox='0 0 24 24'><path fill='#c62828' d='M17 3V2h4v8h-4c-.085-2.088-.445-4.042-3-4-2.917 0-5 2.51-5 5 0 3 .495 6.981 4.67 6.981 2.906-.26 2.99-2.705 3.33-4.981h4c0 5.806-3.314 9.052-9 9-6.154-.073-8.915-4.685-9-10-.128-6.14 4.568-9.2 10.414-9.65 1.301-.028 2.466 0 3.586.65'/></svg>",
+  "cbx": "<svg viewBox='0 0 1024 1024'><path fill='#1565c0' d='M128 704v128c0 70.692 57.308 128 128 128h608c17.728 0 32-14.272 32-32V704z'/><path fill='#ffe082' d='M704 704v192h128V704z'/><path fill='#fff8e1' d='M192 704v96c0 53.184 42.816 96 96 96h544a96 96 0 0 1-96-96 96 96 0 0 1 96-96z'/><path fill='#ff1744' d='M320 832h192v192l-96-96-96 96z'/><path fill='#2196f3' d='M256 64c-70.692 0-128 57.308-128 128v640c0 11.088 1.557 21.787 4.207 32.047C146.767 807.565 197.672 768.07 256 768h608c17.728 0 32-14.272 32-32V96c0-17.728-14.272-32-32-32z'/><path fill='#e3f2fd' d='M384 192c-70.692 0-128 57.308-128 128 .171 67.295 52.422 122.965 119.57 127.396L256 640h80l156.748-252.488h-.146A128 128 0 0 0 512 320c0-70.692-57.308-128-128-128m320 0c-70.692 0-128 57.308-128 128 .171 67.295 52.422 122.965 119.57 127.396L576 640h80l156.748-252.488h-.146A128 128 0 0 0 832 320c0-70.692-57.308-128-128-128'/></svg>",
   "cds": "<svg viewBox='0 0 16 16'><g fill='#0288d1'><rect width='4' height='1' x='7' y='9' ry='.5'/><rect width='3' height='1' x='8' y='11' ry='.5'/><rect width='4' height='1' x='7' y='13' ry='.5'/><path d='m5 9-1 1 1.5 1.5L4 13l1 1 2.5-2.5z'/><path d='M6 2a3 3 0 0 0-2.598 1.5 3 3 0 0 0-.187 2.607 3 3 0 0 0-1.514.965 3 3 0 0 0-.42 3.196A3 3 0 0 0 4 12v-1a2 2 0 0 1-2-2 2 2 0 0 1 2-2 2 2 0 0 1 .515.076l.159-.591A2 2 0 0 1 4 5a2 2 0 0 1 2-2 2 2 0 0 1 2 2l.594.594A2 2 0 0 1 10 5a2 2 0 0 1 2 2 2 2 0 0 1 2 2 2 2 0 0 1-2 2v1a3 3 0 0 0 2.898-2.223A3 3 0 0 0 13.5 6.402a3 3 0 0 0-.63-.267 3 3 0 0 0-1.722-1.906 3 3 0 0 0-2.252-.014 3 3 0 0 0-2.119-2.113A3 3 0 0 0 6 2'/></g></svg>",
   "certificate": "<svg viewBox='0 0 32 32'><path fill='#ff5722' d='M4 6v14a2 2 0 0 0 2 2h12v6l3-2 3 2v-6h4a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2H6a2 2 0 0 0-2 2m2 0h8v2H6Zm0 4h6v2H6Zm0 4h8v2H6Zm10 6H6v-2h10Zm8-6v4l-3-2-3 2v-4l-4-2 4-2V6l3 2 3-2v4.2l4 1.8Z'/></svg>",
   "changelog": "<svg fill='none' viewBox='0 0 24 24'><path d='M0 0h24v24H0z'/><path fill='#8bc34a' d='M13 3a9 9 0 0 0-9 9H1l4 4 4-4H6c0-3.87 3.13-7 7-7s7 3.13 7 7-3.13 7-7 7c-1.93 0-3.68-.79-4.94-2.06l-1.42 1.42A8.95 8.95 0 0 0 13 21a9 9 0 0 0 0-18m-1 5v5l4.25 2.52.77-1.28-3.52-2.09V8z'/></svg>",
@@ -84,7 +93,7 @@
   "chrome": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M16 2a14 14 0 1 0 14 14A14 14 0 0 0 16 2m0 3a11 11 0 0 1 9.208 5H16a6 6 0 0 0-5.74 4.253L7.27 9.334A10.98 10.98 0 0 1 16 5m4 11a4 4 0 1 1-4-4 4.005 4.005 0 0 1 4 4M5 16a10.9 10.9 0 0 1 1.094-4.75l4.838 7.959.003-.002a5.96 5.96 0 0 0 6.16 2.689l-2.996 4.928A11.01 11.01 0 0 1 5 16m11.343 10.983 4.878-8.026-.003-.002A5.97 5.97 0 0 0 20.463 12h5.773a10.966 10.966 0 0 1-9.893 14.983'/></svg>",
   "circleci": "<svg viewBox='0 0 32 32'><circle cx='16' cy='16' r='4' fill='#fafafa'/><path fill='#fafafa' d='M17.73 2.104a14 14 0 0 0-14.927 9.234.504.504 0 0 0 .48.662h5.525a.49.49 0 0 0 .416-.235 8 8 0 1 1 0 8.47A.49.49 0 0 0 8.81 20H3.28a.503.503 0 0 0-.479.66 14 14 0 1 0 14.93-18.556Z'/></svg>",
   "circleci_light": "<svg viewBox='0 0 32 32'><circle cx='16' cy='16' r='4' fill='#424242'/><path fill='#424242' d='M17.73 2.104a14 14 0 0 0-14.927 9.234.504.504 0 0 0 .48.662h5.525a.49.49 0 0 0 .416-.235 8 8 0 1 1 0 8.47A.49.49 0 0 0 8.81 20H3.28a.503.503 0 0 0-.479.66 14 14 0 1 0 14.93-18.556Z'/></svg>",
-  "citation": "<svg viewBox='0 0 16 16'><g fill='none' fill-rule='evenodd'><path fill='#1E88E5' fill-rule='nonzero' d='M10 13h3l2-4V3H9v6h3M2 13h3l2-4V3H1v6h3z'/><path d='M0 0h16v16H0z'/></g></svg>",
+  "citation": "<svg viewBox='0 0 1024 1024'><path fill='#1e88e5' d='M256 192c-106.039 0-192 85.961-192 192 .189 103.43 82.273 188.122 185.646 191.545L128 832h128l173.473-365.715C441.746 440.412 447.323 412.44 448 384c0-106.039-85.961-192-192-192m512 0c-106.039 0-192 85.961-192 192 .189 103.43 82.273 188.122 185.646 191.545L640 832h128l173.473-365.715C953.746 440.412 959.323 412.44 960 384c0-106.039-85.961-192-192-192'/></svg>",
   "clangd": "<svg viewBox='0 0 16 16'><path fill='#4caf50' d='M10 4H7.5C4.75 4 2 5.379 2 9.5c0 4.12 2.75 5.51 5.53 5.5H10v-3H7.667C7.665 11.973 5 12.289 5 9.478 5 6.672 7.395 7.028 7.52 7H10z'/><path fill='#2979ff' d='M10 1v6H7.52C7.452 7.03 5 6.659 5 9.478 5 12.295 7.618 11.97 7.668 12H13V1h-2.725z'/></svg>",
   "cline": "<svg viewBox='0 0 16 16'><path fill='#42a5f5' d='M8 1a2 2 0 0 0-2 2H5C3.338 3 2 4.338 2 6v1L1 9l1 2v1c0 1.662 1.338 3 3 3h6c1.662 0 3-1.338 3-3v-1l1-2-1-2V6c0-1.662-1.338-3-3-3h-1a2 2 0 0 0-2-2M6 7c.554 0 1 .446 1 1v2c0 .554-.446 1-1 1s-1-.446-1-1V8c0-.554.446-1 1-1m4 0c.554 0 1 .446 1 1v2c0 .554-.446 1-1 1s-1-.446-1-1V8c0-.554.446-1 1-1'/></svg>",
   "clojure": "<svg viewBox='0 0 256 256'><path fill='#64dd17' d='M123.456 129.975a507 507 0 0 0-3.54 7.846c-4.406 9.981-9.284 22.127-11.066 29.908-.64 2.77-1.037 6.205-1.03 10.013 0 1.506.081 3.09.21 4.702a58.1 58.1 0 0 0 19.98 3.559 58.2 58.2 0 0 0 18.29-2.98c-1.352-1.237-2.642-2.554-3.816-4.038-7.796-9.942-12.146-24.512-19.028-49.01m-28.784-49.39C79.782 91.08 70.039 108.387 70.002 128c.037 19.32 9.487 36.403 24.002 46.94 3.56-14.83 12.485-28.41 25.868-55.63a219 219 0 0 0-2.714-7.083c-3.708-9.3-9.059-20.102-13.834-24.993-2.435-2.555-5.389-4.763-8.652-6.648'/><path fill='#7cb342' d='M178.532 194.535c-7.683-.963-14.023-2.124-19.57-4.081a69.4 69.4 0 0 1-30.958 7.249c-38.491 0-69.693-31.198-69.698-69.7 0-20.891 9.203-39.62 23.764-52.392-3.895-.94-7.956-1.49-12.104-1.482-20.45.193-42.037 11.51-51.025 42.075-.84 4.45-.64 7.813-.64 11.8 0 60.591 49.12 109.715 109.705 109.715 37.104 0 69.882-18.437 89.732-46.633-10.736 2.675-21.06 3.955-29.902 3.982-3.314 0-6.425-.177-9.305-.53'/><path fill='#29b6f6' d='M157.922 173.271c.678.336 2.213.884 4.35 1.49 14.375-10.553 23.717-27.552 23.754-46.764h-.005c-.055-32.03-25.974-57.945-58.011-58.009a58.2 58.2 0 0 0-18.213 2.961c11.779 13.426 17.443 32.613 22.922 53.6l.01.025c.01.017 1.752 5.828 4.743 13.538 2.97 7.7 7.203 17.231 11.818 24.178 3.03 4.655 6.363 8 8.632 8.981'/><path fill='#1e88e5' d='M128.009 18.29c-36.746 0-69.25 18.089-89.16 45.826 10.361-6.49 20.941-8.83 30.174-8.747 12.753.037 22.779 3.991 27.589 6.696a51 51 0 0 1 3.345 2.131 69.4 69.4 0 0 1 28.049-5.894c38.496.004 69.703 31.202 69.709 69.698h-.006c0 19.409-7.938 36.957-20.736 49.594 3.142.352 6.492.571 9.912.554 12.15.006 25.284-2.675 35.13-10.956 6.42-5.408 11.798-13.327 14.78-25.199.584-4.586.92-9.247.92-13.991 0-60.588-49.116-109.715-109.705-109.715'/></svg>",
@@ -97,9 +106,10 @@
   "code-climate_light": "<svg viewBox='0 0 300 300'><path fill='#455a64' d='m196.19 75.562-51.846 51.561 30.766 30.766 21.08-21.08 59.252 59.537 30.481-30.766zm-61.246 60.961-30.481-30.481-78.053 78.053-11.964 11.964 30.766 30.766 11.964-12.249 39.596-39.312 7.691-7.691 30.481 30.48 28.772 28.773 30.766-30.766-28.772-28.772z'/></svg>",
   "codecov": "<svg viewBox='0 0 24 24'><path fill='#ec407a' d='M12.006 2.375c-5.528.004-10.028 4.471-10.032 9.959v.025l1.706.995.023-.016a4.9 4.9 0 0 1 3.641-.773 4.75 4.75 0 0 1 2.398 1.193l.293.273.166-.363c.16-.35.346-.68.55-.98a8 8 0 0 1 .278-.372l.172-.215-.211-.176a7 7 0 0 0-3.249-1.516 7.16 7.16 0 0 0-3.359.196c.812-3.556 3.939-6.036 7.631-6.039a7.78 7.78 0 0 1 5.516 2.267 7.7 7.7 0 0 1 2.095 3.759 7.2 7.2 0 0 0-2.09-.317h-.127a7 7 0 0 0-.829.061l-.034.005a6 6 0 0 0-.327.05 7 7 0 0 0-.47.101l-.115.03q-.202.055-.403.12l-.025.008a7 7 0 0 0-.878.367l-.023.012a7 7 0 0 0-.392.214l-.03.018a6.8 6.8 0 0 0-1.77 1.516l-.063.076a7 7 0 0 0-.557.799l-.05.087a7 7 0 0 0-.195.36l-.014.025a7 7 0 0 0-.367.888l-.015.044a6.9 6.9 0 0 0-.343 2.264l.001.094a10 10 0 0 0 .018.33l.014.155.021.19.005.034.011.086q.022.158.052.316c.202 1.057.706 2.115 1.458 3.058l.034.042.035-.041c.3-.355 1.044-1.479 1.107-2.154l.001-.012-.006-.011a4.7 4.7 0 0 1-.535-2.169c0-2.52 1.982-4.613 4.51-4.764l.165-.006a4.96 4.96 0 0 1 2.9.856l.023.016 1.684-.979.022-.013v-.025a9.84 9.84 0 0 0-2.934-7.039 10 10 0 0 0-7.087-2.91'/></svg>",
   "codeowners": "<svg viewBox='0 0 24 24'><path fill='#afb42b' d='m20.35 12.25 1.4 1.41-6.53 6.59-3.47-3.5 1.4-1.41 2.07 2.08zm-11.1 4.5 3 3h-10v-2c0-2.21 3.58-4 8-4l1.89.11zm1-13a4 4 0 0 1 4 4 4 4 0 0 1-4 4 4 4 0 0 1-4-4 4 4 0 0 1 4-4'/></svg>",
-  "coderabbit-ai": "<svg viewBox='0 0 16 16'><path fill='#F4511E' d='M15 8.913A6.85 6.85 0 0 1 12.74 14h-1.68c.035-.162-.052-.274-.165-.35-.236-.162-.385-.431-.35-.71.093-.735.545-1.674 2.194-2.536 1.115-.588 1.32-1.8 1.398-1.978.113-.294.082-.543-.154-.781-.427-.431-.889-.822-1.449-1.075-.786-.365-1.588-.345-2.384-.051-.139.05-.108-.056-.118-.101a5.3 5.3 0 0 0-.545-1.481c-.519-.923-1.243-1.603-2.322-1.831-.16-.036-.324-.046-.488-.066-.077-.01-.118.01-.098.101.144.68.345 1.334.781 1.892.2.259.473.431.74.609.283.192.58.37.848.588.252.213.457.461.555.817C9.467 7.01 9.45 7 9.44 6.986c-.822-1.289-2.43-1.857-4.048-1.39-.15.04-.129.091-.057.198.468.71 1.11 1.217 1.87 1.608.565.289 1.151.527 1.788.608.288.036.15.228.195.457.062.355.211.466.16.436-.977-.386-1.788-.538-2.461-.538-2.78 0-3.232 2.617-3.211 2.648-.041-.016-.71-.259-.858.4-.154.67.755 1.106.755 1.106.118-.791.837-.964.925-.984-.072.04-.54.31-.684 1.045-.123.65.396 1.222.591 1.42h-1.15A6.87 6.87 0 0 1 1 8.913C1 5.093 4.129 2 7.997 2 11.867 2 15 5.094 15 8.913M9.914 14h-.74a.27.27 0 0 0 .072-.142c.062-.355-.247-.426-.247-.426H7.294s.678-.03 1.3-.284c.616-.259 1.114-.71 1.202-.832a1.93 1.93 0 0 0-.031 1.517.32.32 0 0 0 .149.167'/></svg>",
+  "coderabbit-ai": "<svg viewBox='0 0 16 16'><path fill='#f4511e' d='M15 8.913A6.85 6.85 0 0 1 12.74 14h-1.68c.035-.162-.052-.274-.165-.35-.236-.162-.385-.431-.35-.71.093-.735.545-1.674 2.194-2.536 1.115-.588 1.32-1.8 1.398-1.978.113-.294.082-.543-.154-.781-.427-.431-.889-.822-1.449-1.075-.786-.365-1.588-.345-2.384-.051-.139.05-.108-.056-.118-.101a5.3 5.3 0 0 0-.545-1.481c-.519-.923-1.243-1.603-2.322-1.831-.16-.036-.324-.046-.488-.066-.077-.01-.118.01-.098.101.144.68.345 1.334.781 1.892.2.259.473.431.74.609.283.192.58.37.848.588.252.213.457.461.555.817C9.467 7.01 9.45 7 9.44 6.986c-.822-1.289-2.43-1.857-4.048-1.39-.15.04-.129.091-.057.198.468.71 1.11 1.217 1.87 1.608.565.289 1.151.527 1.788.608.288.036.15.228.195.457.062.355.211.466.16.436-.977-.386-1.788-.538-2.461-.538-2.78 0-3.232 2.617-3.211 2.648-.041-.016-.71-.259-.858.4-.154.67.755 1.106.755 1.106.118-.791.837-.964.925-.984-.072.04-.54.31-.684 1.045-.123.65.396 1.222.591 1.42h-1.15A6.87 6.87 0 0 1 1 8.913C1 5.093 4.129 2 7.997 2 11.867 2 15 5.094 15 8.913M9.914 14h-.74a.27.27 0 0 0 .072-.142c.062-.355-.247-.426-.247-.426H7.294s.678-.03 1.3-.284c.616-.259 1.114-.71 1.202-.832a1.93 1.93 0 0 0-.031 1.517.32.32 0 0 0 .149.167'/></svg>",
   "coffee": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M4 26h24v2H4zM28 4H7a1 1 0 0 0-1 1v13a4 4 0 0 0 4 4h10a4 4 0 0 0 4-4v-4h4a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2m0 8h-4V6h4Z'/></svg>",
   "coldfusion": "<svg viewBox='0 0 32 32'><path fill='#0d3858' stroke='#4dd0e1' stroke-width='2' d='M3.009 3.009h25.983v25.983H3.009z'/><path fill='#4dd0e1' d='M24 9.5v-1a.5.5 0 0 0-.5-.5H22a2 2 0 0 0-2 2v2h-1.5a.5.5 0 0 0-.5.5v1a.5.5 0 0 0 .5.5H20v7.5a.5.5 0 0 0 .5.5h1a.5.5 0 0 0 .5-.5V14h1.5a.5.5 0 0 0 .5-.5v-1a.5.5 0 0 0-.5-.5H22v-2h1.5a.5.5 0 0 0 .5-.5M12 20a2 2 0 0 1-2-2v-4a2 2 0 0 1 2-2h3.5a.5.5 0 0 0 .5-.5v-1a.5.5 0 0 0-.5-.5H12a4 4 0 0 0-4 4v4a4 4 0 0 0 4 4h3.5a.5.5 0 0 0 .5-.5v-1a.5.5 0 0 0-.5-.5Z'/></svg>",
+  "coloredpetrinets": "<svg viewBox='0 0 16 16'><rect width='3' height='1' x='9' y='7.5' fill='#b0bec5' rx='0' ry='.032'/><rect width='3' height='1' x='4' y='7.5' fill='#b0bec5' rx='0' ry='.032'/><circle cx='3' cy='8' r='2' fill='#4caf50'/><circle cx='13' cy='8' r='2' fill='#ff9800'/><rect width='4' height='4' x='6' y='6' fill='#00bcd4' rx='.59'/></svg>",
   "command": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='M24 18h-3v-4h3a6 6 0 1 0-6-6v3h-4V8a6 6 0 1 0-6 6h3v4H8a6 6 0 1 0 6 6v-3h4v3a6 6 0 1 0 6-6M21 8a3 3 0 1 1 3 3h-3ZM11 24a3 3 0 1 1-3-3h3Zm0-13H8a3 3 0 1 1 3-3Zm7 7h-4v-4h4Zm6 9a3.003 3.003 0 0 1-3-3v-3h3a3 3 0 0 1 0 6'/></svg>",
   "commitizen": "<svg viewBox='0 0 32 32'><path fill='#64b5f6' d='M29.422 17.4 17.4 29.422a1.986 1.986 0 0 1-2.8 0L2.578 17.4a1.986 1.986 0 0 1 0-2.8L14.6 2.578a1.986 1.986 0 0 1 2.8 0l8.01 8.012L23 13a2 2 0 0 0-.74-.14A2.13 2.13 0 0 0 20.37 14H12a2.08 2.08 0 0 0-1.86-1.14 2.14 2.14 0 0 0 0 4.28A2.08 2.08 0 0 0 12 16h8l-3.82 3.83h-.01a1.9 1.9 0 0 0-.63-.1 2.135 2.135 0 1 0 2.14 2.13 1.8 1.8 0 0 0-.1-.61l4.17-4.17a2 2 0 0 0 .51.06A2.14 2.14 0 0 0 24.4 15a2 2 0 0 0-.06-.51l2.49-2.48 2.592 2.59a1.986 1.986 0 0 1 0 2.8'/></svg>",
   "commitlint": "<svg viewBox='0 0 24 24'><path fill='#009688' d='M2.47 2.922V8.37h1.813V2.922zm12.708 1.816a7.27 7.27 0 0 0-6.946 5.127L6.1 12l2.133 2.133c.916 2.969 3.677 5.13 6.945 5.13 4.013 0 7.262-3.25 7.262-7.263s-3.25-7.262-7.262-7.262m2.942 3.703 1.342 1.63-5.49 5.488-3.179-3.467 1.34-1.34 1.838 1.838zM3.377 10.184c-.998 0-1.816.817-1.816 1.816a1.817 1.817 0 1 0 1.816-1.816M2.47 15.63v5.448h1.814V15.63z'/></svg>",
@@ -107,7 +117,8 @@
   "conduct": "<svg viewBox='0 0 24 24'><path fill='#cddc39' d='m10 17-4-4 1.41-1.41L10 14.17l6.59-6.59L18 9m-6-6a1 1 0 0 1 1 1 1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1m7 0h-4.18C14.4 1.84 13.3 1 12 1s-2.4.84-2.82 2H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V5a2 2 0 0 0-2-2'/></svg>",
   "console": "<svg viewBox='0 0 24 24'><path fill='#ff7043' d='M20 19V7H4v12zm0-16a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2zm-7 14v-2h5v2zm-3.42-4L5.57 9H8.4l3.3 3.3c.39.39.39 1.03 0 1.42L8.42 17H5.59z'/></svg>",
   "container.clone": "<svg viewBox='0 0 24 24'><path fill='#00b0ff' d='M21 16.5c0 .38-.21.71-.53.88l-7.9 4.44c-.16.12-.36.18-.57.18s-.41-.06-.57-.18l-7.9-4.44A.99.99 0 0 1 3 16.5v-9c0-.38.21-.71.53-.88l7.9-4.44c.16-.12.36-.18.57-.18s.41.06.57.18l7.9 4.44c.32.17.53.5.53.88zM12 4.15 6.04 7.5 12 10.85l5.96-3.35zM5 15.91l6 3.38v-6.71L5 9.21zm14 0v-6.7l-6 3.37v6.71z'/></svg>",
-  "contentlayer": "<svg fill='none' viewBox='0 0 16 16'><path fill='#651FFF' fill-rule='evenodd' stroke='#651FFF' stroke-width='1.073' d='M-2.482.404A1.93 1.93 0 0 1-.16.427l6.967 5.356a1.93 1.93 0 0 1 0 3.058L4.15 10.883l2.7 2.171c.983.79.956 2.294-.053 3.048l-7.152 5.344a1.93 1.93 0 0 1-2.439-.106l-5.596-4.996-.782-.672c-3.492-3-3.062-8.526.845-10.951zm5.6 9.65L-.13 7.444a1.93 1.93 0 0 0-2.384-.026l-2.403 1.848a1.93 1.93 0 0 0 0 3.058l2.42 1.86a1.93 1.93 0 0 0 2.352 0l3.246-2.494 2.944 2.366a.643.643 0 0 1-.018 1.016l-7.152 5.344a.64.64 0 0 1-.813-.035l-5.6-5-.796-.684c-2.839-2.439-2.482-6.935.705-8.896l.023-.014 5.888-4.349a.64.64 0 0 1 .774.008l6.967 5.356a.643.643 0 0 1 0 1.02zm-1.049.807-2.998 2.304a.64.64 0 0 1-.783 0l-2.421-1.86a.643.643 0 0 1 0-1.02l2.403-1.848a.64.64 0 0 1 .795.009z' clip-rule='evenodd' transform='matrix(.5949 0 0 .61208 9.182 1.311)'/></svg>",
+  "contentlayer": "<svg fill='none' viewBox='0 0 16 16'><path fill='#651fff' fill-rule='evenodd' stroke='#651fff' stroke-width='1.073' d='M-2.482.404A1.93 1.93 0 0 1-.16.427l6.967 5.356a1.93 1.93 0 0 1 0 3.058L4.15 10.883l2.7 2.171c.983.79.956 2.294-.053 3.048l-7.152 5.344a1.93 1.93 0 0 1-2.439-.106l-5.596-4.996-.782-.672c-3.492-3-3.062-8.526.845-10.951zm5.6 9.65L-.13 7.444a1.93 1.93 0 0 0-2.384-.026l-2.403 1.848a1.93 1.93 0 0 0 0 3.058l2.42 1.86a1.93 1.93 0 0 0 2.352 0l3.246-2.494 2.944 2.366a.643.643 0 0 1-.018 1.016l-7.152 5.344a.64.64 0 0 1-.813-.035l-5.6-5-.796-.684c-2.839-2.439-2.482-6.935.705-8.896l.023-.014 5.888-4.349a.64.64 0 0 1 .774.008l6.967 5.356a.643.643 0 0 1 0 1.02zm-1.049.807-2.998 2.304a.64.64 0 0 1-.783 0l-2.421-1.86a.643.643 0 0 1 0-1.02l2.403-1.848a.64.64 0 0 1 .795.009z' clip-rule='evenodd' transform='matrix(.5949 0 0 .61208 9.182 1.311)'/></svg>",
+  "context": "<svg viewBox='0 0 16 16'><path fill='#ffd600' d='M7 6h2c.554 0 1 .446 1 1v2c0 .554-.446 1-1 1H7c-.554 0-1-.446-1-1V7c0-.554.446-1 1-1'/><path fill='#aeea00' d='M7 0h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1H7c-.554 0-1-.446-1-1V1c0-.554.446-1 1-1'/><path fill='#f57f17' d='M12 3h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1h-2c-.554 0-1-.446-1-1V4c0-.554.446-1 1-1'/><path fill='#8e24aa' d='M12 9h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1h-2c-.554 0-1-.446-1-1v-3c0-.554.446-1 1-1'/><path fill='#4db6ac' d='M7 11h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1H7c-.554 0-1-.446-1-1v-3c0-.554.446-1 1-1'/><path fill='#e53935' d='M2 9h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1H2c-.554 0-1-.446-1-1v-3c0-.554.446-1 1-1'/><path fill='#1565c0' d='M2 3h2c.554 0 1 .446 1 1v3c0 .554-.446 1-1 1H2c-.554 0-1-.446-1-1V4c0-.554.446-1 1-1'/></svg>",
   "contributing": "<svg viewBox='0 0 24 24'><path fill='#ffca28' d='M17 9H7V7h10m0 6H7v-2h10m-3 6H7v-2h7M12 3a1 1 0 0 1 1 1 1 1 0 0 1-1 1 1 1 0 0 1-1-1 1 1 0 0 1 1-1m7 0h-4.18C14.4 1.84 13.3 1 12 1s-2.4.84-2.82 2H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V5a2 2 0 0 0-2-2'/></svg>",
   "controller": "<svg viewBox='0 0 16 16'><path fill='#ffc107' d='M8.002 10.45A2.45 2.45 0 0 1 5.552 8a2.45 2.45 0 0 1 2.45-2.45A2.45 2.45 0 0 1 10.452 8a2.45 2.45 0 0 1-2.45 2.45m5.2-1.771c.029-.224.05-.448.05-.679a6 6 0 0 0-.05-.7l1.478-1.141a.35.35 0 0 0 .084-.448l-1.4-2.422a.344.344 0 0 0-.427-.154l-1.743.7a5 5 0 0 0-1.183-.686l-.26-1.855A.354.354 0 0 0 9.402 1h-2.8a.354.354 0 0 0-.35.294l-.258 1.855a5 5 0 0 0-1.183.686l-1.743-.7a.344.344 0 0 0-.427.154l-1.4 2.422a.345.345 0 0 0 .084.448L2.8 7.3a6 6 0 0 0-.05.7c0 .231.022.455.05.679L1.324 9.841a.345.345 0 0 0-.084.448l1.4 2.422c.084.154.273.21.427.154l1.743-.707c.364.28.742.518 1.183.693l.259 1.855a.354.354 0 0 0 .35.294h2.8a.354.354 0 0 0 .35-.294l.259-1.855a5 5 0 0 0 1.183-.693l1.743.707c.154.056.343 0 .427-.154l1.4-2.422a.35.35 0 0 0-.084-.448z'/></svg>",
   "copilot": "<svg viewBox='0 0 16 16'><path fill='#fafafa' d='M7.998 14C4.006 14 1.11 11.457 1 10.728v-1.7c.074-.549.592-1.472 1.39-1.803l.031-.19a4 4 0 0 1 .11-.534c-.176-.444-.222-.946-.222-1.446 0-.759.112-1.544.606-2.168.507-.64 1.308-.98 2.384-1.1 1.055-.117 1.98.03 2.576.667q.066.07.121.144a2 2 0 0 1 .126-.144c.596-.638 1.52-.784 2.576-.667 1.076.12 1.877.46 2.383 1.1.495.624.607 1.41.607 2.168 0 .5-.047 1.002-.223 1.446.058.199.086.374.11.534l.033.19c.808.336 1.332 1.284 1.392 1.829v1.634C15 11.356 12.068 14 7.998 14m0-1.296c1.995 0 4.011-.969 4.377-1.25V7.738l-.02-.1c-.429.182-.94.253-1.511.253-1.003 0-1.802-.285-2.371-.865A2.82 2.812 0 0 1 8 6.38a2.835 2.828 0 0 1-.476.648c-.569.58-1.368.865-2.371.865-.57 0-1.082-.07-1.511-.254l-.02.101v3.714c.366.282 2.381 1.25 4.376 1.25M6.917 3.347c-.17-.18-.558-.36-1.472-.259-.892.099-1.294.353-1.499.611-.216.272-.323.689-.323 1.356 0 .693.113 1.022.27 1.197.142.158.454.33 1.262.33.746 0 1.171-.204 1.433-.47.275-.282.46-.722.54-1.356.102-.816-.033-1.218-.211-1.409m3.635-.259c-.913-.101-1.302.08-1.47.26-.179.19-.315.592-.212 1.408.08.634.265 1.074.54 1.356.262.266.687.47 1.434.47.807 0 1.12-.172 1.262-.33.156-.175.269-.504.269-1.197 0-.667-.108-1.084-.324-1.356-.204-.258-.606-.512-1.499-.61Z'/><path fill='#fafafa' d='M6.469 8.765a.656.655 0 0 1 .656.654v1.31a.656.655 0 0 1-1.313 0V9.42a.656.655 0 0 1 .657-.654Zm3.718.654v1.31a.656.655 0 0 1-1.312 0V9.42a.656.655 0 0 1 1.313 0z'/></svg>",
@@ -118,13 +129,13 @@
   "crystal": "<svg viewBox='0 0 200 200'><path fill='#cfd8dc' d='m179.363 121.67-57.623 57.507c-.23.23-.576.346-.806.23l-78.713-21.09c-.346-.115-.577-.345-.577-.576L20.44 79.144c-.115-.345 0-.576.23-.806L78.294 20.83c.23-.23.576-.346.807-.23l78.713 21.09c.345.114.576.345.576.575l21.09 78.597c.23.346.115.577-.115.807zm-77.215-62.58-77.33 20.63c-.115 0-.23.23-.115.345l56.586 56.47c.115.115.346.115.346-.115l20.744-77.215c.115 0-.115-.23-.23-.116z'/></svg>",
   "crystal_light": "<svg viewBox='0 0 200 200'><path fill='#37474f' d='m179.363 121.67-57.623 57.507c-.23.23-.576.346-.806.23l-78.713-21.09c-.346-.115-.577-.345-.577-.576L20.44 79.144c-.115-.345 0-.576.23-.806L78.294 20.83c.23-.23.576-.346.807-.23l78.713 21.09c.345.114.576.345.576.575l21.09 78.597c.23.346.115.577-.115.807zm-77.215-62.58-77.33 20.63c-.115 0-.23.23-.115.345l56.586 56.47c.115.115.346.115.346-.115l20.744-77.215c.115 0-.115-.23-.23-.116z'/></svg>",
   "csharp": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M30 14v-2h-2V8h-2v4h-2V8h-2v4h-2v2h2v2h-2v2h2v4h2v-4h2v4h2v-4h2v-2h-2v-2Zm-4 2h-2v-2h2Zm-12.437 6A5.57 5.57 0 0 1 8 16.437v-2.873A5.57 5.57 0 0 1 13.563 8H18V2h-4.437A11.563 11.563 0 0 0 2 13.563v2.873A11.564 11.564 0 0 0 13.563 28H18v-6Z'/></svg>",
-  "css-map": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m7.19 4.01-.79 4L19.73 8l-.49 2-13.23.01-.79 4 13.3-.01-.84 3.99L12 19.31 8 18l.46-1.99H4.83L4 20l8 2.57 8.75-2.21 1.31-6.57.26-1.32L24 4z'/><path fill='#42a5f5' d='M24 10v2h2v14H12v-2h-2v4h18V10z'/></svg>",
-  "css": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m29.18 4-3.57 18.36-.33 1.64-4.74 1.57-3.28 1.09L13.21 28 2.87 24.05 4.05 18h4.2l-.44 2.85 6.34 2.42.78-.26 6.52-2.16.17-.83.79-4.02H4.44l.74-3.76.05-.24h17.96l.78-4H6l.78-4z'/></svg>",
+  "css-map": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M26 11.998v2h2v14H14v-2h-2v4L30 30V11.998Z'/><path fill='#7e57c2' d='M16 14h-2v-2h-2v2c0 .193 0 .703 1.254 1.033A3.345 3.345 0 0 1 16 18h2v2h2v-2c0-.388-.562-.851-1.254-1.034C16.356 16.34 16 14.84 16 14m-3.254 2.966C10.356 16.34 10 14.84 10 14H8v-2H6v8h2v-2h4v2h2v-2c0-.388-.562-.851-1.254-1.034'/><path fill='#7e57c2' d='M2 2v21.998h22V2Zm20 12h-2v-2h-2v2c0 .193 0 .703 1.254 1.033A3.345 3.345 0 0 1 22 18v2a2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2 2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2 2 2 0 0 1-2 2H6a2 2 0 0 1-2-2v-8a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2 2 2 0 0 1 2-2h2a2 2 0 0 1 2 2 2 2 0 0 1 2-2h2a2 2 0 0 1 2 2Z'/></svg>",
+  "css": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M20 18h-2v-2h-2v2c0 .193 0 .703 1.254 1.033A3.345 3.345 0 0 1 20 22h2v2h2v-2c0-.388-.562-.851-1.254-1.034C20.356 20.34 20 18.84 20 18m-3.254 2.966C14.356 20.34 14 18.84 14 18h-2v-2h-2v8h2v-2h4v2h2v-2c0-.388-.562-.851-1.254-1.034'/><path fill='#7e57c2' d='M24 4H4v20a4 4 0 0 0 4 4h16.16A3.84 3.84 0 0 0 28 24.16V8a4 4 0 0 0-4-4m2 14h-2v-2h-2v2c0 .193 0 .703 1.254 1.033A3.345 3.345 0 0 1 26 22v2a2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2 2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2 2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2v-8a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2 2 2 0 0 1 2-2h2a2 2 0 0 1 2 2 2 2 0 0 1 2-2h2a2 2 0 0 1 2 2Z'/></svg>",
   "cucumber": "<svg fill-rule='evenodd' viewBox='0 0 33 33'><path fill='#4caf50' d='M16.633 2.088c-7.028 0-12.714 5.686-12.714 12.714 0 6.187 4.435 11.327 10.288 12.471v3.64c7.609-1.148 14.346-7.187 14.848-15.117.303-4.772-2.076-9.644-6.09-12.01a10.6 10.6 0 0 0-1.455-.728l-.243-.097c-.223-.083-.448-.175-.68-.243a12.6 12.6 0 0 0-3.954-.63m2.62 4.707a1.39 1.39 0 0 0-1.213.485c-.233.31-.379.611-.534.922-.466 1.087-.31 2.252.388 3.106 1.087-.233 2.01-.927 2.475-2.014a2.45 2.45 0 0 0 .243-1.02c.048-.824-.634-1.405-1.359-1.48zm-5.654.073c-.708.067-1.382.63-1.382 1.407 0 .31.087.708.243 1.019.466 1.087 1.46 1.78 2.546 2.014.621-.854.782-2.019.316-3.106-.155-.31-.3-.616-.534-.85a1.36 1.36 0 0 0-1.188-.484zM9.79 10.603c-1.224.063-1.77 1.602-.752 2.402.31.233.612.403.922.558 1.087.466 2.344.306 3.275-.315-.233-1.01-1.023-1.936-2.11-2.402-.388-.155-.703-.243-1.092-.243-.087-.01-.161-.004-.243 0m11.961 4.707a3.55 3.55 0 0 0-2.013.583c.233 1.009 1.023 1.935 2.11 2.401.389.155.705.243 1.093.243 1.397.078 2.08-1.65.994-2.426-.31-.233-.611-.379-.922-.534a3.4 3.4 0 0 0-1.262-.267m-10.603.073a3.4 3.4 0 0 0-1.261.267c-.389.155-.69.325-.923.558-1.009.854-.33 2.48 1.068 2.402a2.5 2.5 0 0 0 1.092-.243c1.087-.466 1.859-1.392 2.014-2.401a3.47 3.47 0 0 0-1.99-.583m3.931 2.378c-1.087.233-2.009.927-2.475 2.014-.155.31-.243.684-.243.994-.077 1.32 1.724 2.03 2.5 1.02.233-.31.378-.612.534-.923.466-1.009.306-2.174-.316-3.105m2.887.073c-.621.854-.781 2.018-.315 3.105.155.311.3.616.534.85.854.93 2.65.242 2.572-.923 0-.31-.088-.708-.243-1.019-.466-1.087-1.46-1.78-2.547-2.013z'/></svg>",
-  "cuda": "<svg viewBox='0 0 32 32'><path fill='#7CB342' d='M12.496 10.16c-.184 0-.314.01-.496.022V12a7 7 0 0 1 .991-.062 7.34 7.34 0 0 1 5.335 2.457l-2.72 2.156c-1.213-1.922-1.568-2.767-3.606-3v5.468a4.8 4.8 0 0 0 1.486.234c3.969 0 7.667-4.847 7.667-4.847s-3.427-4.402-8.657-4.246m-9.222 4.468A12.46 12.46 0 0 1 12 10.184V8.715c-6.407.489-12 5.602-12 5.602s3.202 8.56 12 9.337v-1.641c-6.454-.756-8.726-7.385-8.726-7.385'/><path fill='#7CB342' d='M12 13.54V12a11.17 11.17 0 0 0-6.3 2.828s1.424 4.791 6.3 5.614v-1.423a6.48 6.48 0 0 1-3.72-3.913A5.04 5.04 0 0 1 12 13.54m0-7.566v2.74l.496-.032c7.267-.234 12.014 5.624 12.014 5.624s-5.442 6.247-11.107 6.247A8.4 8.4 0 0 1 12 20.431V22a11 11 0 0 0 1.19.108c5.276 0 9.058-2.478 12.757-5.479.612.467 3.12 1.59 3.64 2.079-3.51 2.779-11.696 5.013-16.337 5.013a12 12 0 0 1-1.25-.066V26h20V6Z'/></svg>",
+  "cuda": "<svg viewBox='0 0 32 32'><path fill='#7cb342' d='M12.496 10.16c-.184 0-.314.01-.496.022V12a7 7 0 0 1 .991-.062 7.34 7.34 0 0 1 5.335 2.457l-2.72 2.156c-1.213-1.922-1.568-2.767-3.606-3v5.468a4.8 4.8 0 0 0 1.486.234c3.969 0 7.667-4.847 7.667-4.847s-3.427-4.402-8.657-4.246m-9.222 4.468A12.46 12.46 0 0 1 12 10.184V8.715c-6.407.489-12 5.602-12 5.602s3.202 8.56 12 9.337v-1.641c-6.454-.756-8.726-7.385-8.726-7.385'/><path fill='#7cb342' d='M12 13.54V12a11.17 11.17 0 0 0-6.3 2.828s1.424 4.791 6.3 5.614v-1.423a6.48 6.48 0 0 1-3.72-3.913A5.04 5.04 0 0 1 12 13.54m0-7.566v2.74l.496-.032c7.267-.234 12.014 5.624 12.014 5.624s-5.442 6.247-11.107 6.247A8.4 8.4 0 0 1 12 20.431V22a11 11 0 0 0 1.19.108c5.276 0 9.058-2.478 12.757-5.479.612.467 3.12 1.59 3.64 2.079-3.51 2.779-11.696 5.013-16.337 5.013a12 12 0 0 1-1.25-.066V26h20V6Z'/></svg>",
   "cypress": "<svg viewBox='0 0 24 24'><path fill='#00bfa5' d='M11.998 2A9.993 9.993 0 0 0 2 12a9.993 9.993 0 0 0 10 10c5.528 0 10-4.473 10-10-.001-5.527-4.51-10-10.002-10m-4.69 12.146c.327.436.763.618 1.381.618.292 0 .583-.037.837-.146.255-.108.546-.255.908-.473l1.019 1.454c-.836.692-1.782 1.018-2.873 1.018-.873 0-1.6-.182-2.254-.545a3.66 3.66 0 0 1-1.454-1.599c-.327-.691-.509-1.491-.509-2.437 0-.908.182-1.745.508-2.436a3.85 3.85 0 0 1 1.457-1.672c.617-.4 1.38-.582 2.217-.582.583 0 1.128.072 1.564.254.49.19.944.46 1.345.8l-1.018 1.382a4 4 0 0 0-.836-.474c-.254-.108-.582-.145-.873-.145-1.236 0-1.854.945-1.854 2.872-.036.983.146 1.673.437 2.11zm10 2.254c-.363 1.128-.909 1.964-1.673 2.582-.763.619-1.782.946-3.054 1.055l-.254-1.708c.836-.11 1.454-.292 1.854-.583.145-.108.437-.436.437-.436l-3.019-9.673h2.508l1.746 7.236 1.855-7.236h2.436z'/></svg>",
   "d": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M21.805 8.063a5 5 0 0 0-3.502.727A10.95 10.95 0 0 0 11 6H2.5a.5.5 0 0 0-.5.5v21a.5.5 0 0 0 .5.5H11a10.995 10.995 0 0 0 10.954-10.096 4.998 4.998 0 0 0-.149-9.841M11 24H6V10h5a7 7 0 0 1 0 14'/><circle cx='28' cy='7' r='1.5' fill='#f44336'/></svg>",
-  "dart": "<svg viewBox='0 0 32 32'><path fill='#4FC3F7' d='M16.83 2a1.3 1.3 0 0 0-.916.377l-.013.01L7.323 7.34l8.556 8.55v.005l10.283 10.277 1.96-3.529-7.068-16.96-3.299-3.297A1.3 1.3 0 0 0 16.828 2Z'/><path fill='#01579B' d='m7.343 7.32-4.955 8.565-.01.013a1.297 1.297 0 0 0 .004 1.835l.005.005 4.106 4.107 16.064 6.314 3.632-2.015-.098-.098-.025.002L15.995 15.97h-.012z'/><path fill='#01579B' d='m7.321 7.324 8.753 8.755h.013L26.16 26.156l3.835-.73L30 14.089l-4.049-3.965a6.5 6.5 0 0 0-3.618-1.612l.002-.043L7.323 7.325Z'/><path fill='#64B5F6' d='m7.332 7.335 8.758 8.75v.013l10.079 10.071L25.436 30H14.09l-3.967-4.048a6.5 6.5 0 0 1-1.611-3.618l-.045.004Z'/></svg>",
+  "dart": "<svg viewBox='0 0 32 32'><path fill='#4fc3f7' d='M16.83 2a1.3 1.3 0 0 0-.916.377l-.013.01L7.323 7.34l8.556 8.55v.005l10.283 10.277 1.96-3.529-7.068-16.96-3.299-3.297A1.3 1.3 0 0 0 16.828 2Z'/><path fill='#01579b' d='m7.343 7.32-4.955 8.565-.01.013a1.297 1.297 0 0 0 .004 1.835l.005.005 4.106 4.107 16.064 6.314 3.632-2.015-.098-.098-.025.002L15.995 15.97h-.012z'/><path fill='#01579b' d='m7.321 7.324 8.753 8.755h.013L26.16 26.156l3.835-.73L30 14.089l-4.049-3.965a6.5 6.5 0 0 0-3.618-1.612l.002-.043L7.323 7.325Z'/><path fill='#64b5f6' d='m7.332 7.335 8.758 8.75v.013l10.079 10.071L25.436 30H14.09l-3.967-4.048a6.5 6.5 0 0 1-1.611-3.618l-.045.004Z'/></svg>",
   "dart_generated": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='M16.83 2a1.3 1.3 0 0 0-.916.377l-.013.01L7.323 7.34l8.556 8.55v.005l10.283 10.277 1.96-3.529-7.068-16.96-3.299-3.297A1.3 1.3 0 0 0 16.828 2Z'/><path fill='#455a64' d='m7.343 7.32-4.955 8.565-.01.013a1.297 1.297 0 0 0 .004 1.835l.005.005 4.106 4.107 16.064 6.314 3.632-2.015-.098-.098-.025.002L15.995 15.97h-.012z'/><path fill='#455a64' d='m7.321 7.324 8.753 8.755h.013L26.16 26.156l3.835-.73L30 14.089l-4.049-3.965a6.5 6.5 0 0 0-3.618-1.612l.002-.043L7.323 7.325Z'/><path fill='#90a4ae' d='m7.332 7.335 8.758 8.75v.013l10.079 10.071L25.436 30H14.09l-3.967-4.048a6.5 6.5 0 0 1-1.611-3.618l-.045.004Z'/></svg>",
   "database": "<svg viewBox='0 0 32 32'><path fill='#ffca28' d='M16 24c-5.525 0-10-.9-10-2v4c0 1.1 4.475 2 10 2s10-.9 10-2v-4c0 1.1-4.475 2-10 2m0-8c-5.525 0-10-.9-10-2v4c0 1.1 4.475 2 10 2s10-.9 10-2v-4c0 1.1-4.475 2-10 2m0-12C10.477 4 6 4.895 6 6v4c0 1.1 4.475 2 10 2s10-.9 10-2V6c0-1.105-4.477-2-10-2'/></svg>",
   "deepsource": "<svg viewBox='0 0 16 16'><path fill='#1de9b6' d='M2 2h9a1 1 0 0 1 1 .992A1 1 0 0 1 11 4H2z'/><path fill='#f44336' d='M2 12h11a1 1 0 0 1 1 1 1 1 0 0 1-1 1H2z'/><path fill='#ffb300' d='M2 9h7a1 1 0 0 0 1-1 1 1 0 0 0-1-1H2z'/></svg>",
@@ -139,32 +150,36 @@
   "disc": "<svg viewBox='0 0 32 32'><path fill='#b0bec5' d='M16 12a4 4 0 1 1-4 4 4.005 4.005 0 0 1 4-4m0-10a14 14 0 1 0 14 14A14 14 0 0 0 16 2'/></svg>",
   "django": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M22 2h4v4h-4zm0 8v12.13A3.88 3.88 0 0 1 18.13 26H18v4h.13A7.866 7.866 0 0 0 26 22.13V10Zm-8-8h4v20h-4z'/><path fill='#43a047' d='M11.838 12A2.165 2.165 0 0 1 14 14.162v4.955l-.77.257a5.03 5.03 0 0 1-2.812.108A3.19 3.19 0 0 1 8 16.384v-.547A3.84 3.84 0 0 1 11.838 12m0-4A7.84 7.84 0 0 0 4 15.837v.547a7.19 7.19 0 0 0 5.448 6.978 9.03 9.03 0 0 0 5.047-.194L18 22v-7.838A6.16 6.16 0 0 0 11.838 8'/></svg>",
   "dll": "<svg viewBox='0 0 24 24'><path fill='#42a5f5' d='M6 2a2 2 0 0 0-2 2v16c0 1.11.89 2 2 2h6v-2H6V4h7v5h5v3h2V8l-6-6m4 12a.26.26 0 0 0-.26.21l-.19 1.32c-.3.13-.59.29-.85.47l-1.24-.5c-.11 0-.24 0-.31.13l-1 1.73c-.06.11-.04.24.06.32l1.06.82a4.2 4.2 0 0 0 0 1l-1.06.82a.26.26 0 0 0-.06.32l1 1.73c.06.13.19.13.31.13l1.24-.5c.26.18.54.35.85.47l.19 1.32c.02.12.12.21.26.21h2c.11 0 .22-.09.24-.21l.19-1.32c.3-.13.57-.29.84-.47l1.23.5c.13 0 .26 0 .33-.13l1-1.73a.26.26 0 0 0-.06-.32l-1.07-.82c.02-.17.04-.33.04-.5s-.01-.33-.04-.5l1.06-.82a.26.26 0 0 0 .06-.32l-1-1.73c-.06-.13-.19-.13-.32-.13l-1.23.5c-.27-.18-.54-.35-.85-.47l-.19-1.32A.236.236 0 0 0 20 14m-1 3.5c.83 0 1.5.67 1.5 1.5s-.67 1.5-1.5 1.5c-.84 0-1.5-.67-1.5-1.5s.67-1.5 1.5-1.5'/></svg>",
-  "docker": "<svg viewBox='0 0 24 24'><path fill='#0288D1' d='M21.81 10.25c-.06-.04-.56-.43-1.64-.43-.28 0-.56.03-.84.08-.21-1.4-1.38-2.11-1.43-2.14l-.29-.17-.18.27c-.24.36-.43.77-.51 1.19-.2.8-.08 1.56.33 2.21-.49.28-1.29.35-1.46.35H2.62c-.34 0-.62.28-.62.63 0 1.15.18 2.3.58 3.38.45 1.19 1.13 2.07 2 2.61.98.6 2.59.94 4.42.94.79 0 1.61-.07 2.42-.22 1.12-.2 2.2-.59 3.19-1.16A8.3 8.3 0 0 0 16.78 16c1.05-1.17 1.67-2.5 2.12-3.65h.19c1.14 0 1.85-.46 2.24-.85.26-.24.45-.53.59-.87l.08-.24zm-17.96.99h1.76c.08 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16H3.85c-.09 0-.16.07-.16.16v1.58c.01.09.07.16.16.16m2.43 0h1.76c.08 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16H6.28c-.09 0-.16.07-.16.16v1.58c.01.09.07.16.16.16m2.47 0h1.75c.1 0 .17-.07.17-.16V9.5c0-.08-.06-.16-.17-.16H8.75c-.08 0-.15.07-.15.16v1.58c0 .09.06.16.15.16m2.44 0h1.77c.08 0 .15-.07.15-.16V9.5c0-.08-.06-.16-.15-.16h-1.77c-.08 0-.15.07-.15.16v1.58c0 .09.07.16.15.16M6.28 9h1.76c.08 0 .16-.09.16-.18V7.25c0-.09-.07-.16-.16-.16H6.28c-.09 0-.16.06-.16.16v1.57c.01.09.07.18.16.18m2.47 0h1.75c.1 0 .17-.09.17-.18V7.25c0-.09-.06-.16-.17-.16H8.75c-.08 0-.15.06-.15.16v1.57c0 .09.06.18.15.18m2.44 0h1.77c.08 0 .15-.09.15-.18V7.25c0-.09-.07-.16-.15-.16h-1.77c-.08 0-.15.06-.15.16v1.57c0 .09.07.18.15.18m0-2.28h1.77c.08 0 .15-.07.15-.16V5c0-.1-.07-.17-.15-.17h-1.77c-.08 0-.15.06-.15.17v1.56c0 .08.07.16.15.16m2.46 4.52h1.76c.09 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16h-1.76c-.08 0-.15.07-.15.16v1.58c0 .09.07.16.15.16'/></svg>",
+  "docker": "<svg viewBox='0 0 24 24'><path fill='#0288d1' d='M21.81 10.25c-.06-.04-.56-.43-1.64-.43-.28 0-.56.03-.84.08-.21-1.4-1.38-2.11-1.43-2.14l-.29-.17-.18.27c-.24.36-.43.77-.51 1.19-.2.8-.08 1.56.33 2.21-.49.28-1.29.35-1.46.35H2.62c-.34 0-.62.28-.62.63 0 1.15.18 2.3.58 3.38.45 1.19 1.13 2.07 2 2.61.98.6 2.59.94 4.42.94.79 0 1.61-.07 2.42-.22 1.12-.2 2.2-.59 3.19-1.16A8.3 8.3 0 0 0 16.78 16c1.05-1.17 1.67-2.5 2.12-3.65h.19c1.14 0 1.85-.46 2.24-.85.26-.24.45-.53.59-.87l.08-.24zm-17.96.99h1.76c.08 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16H3.85c-.09 0-.16.07-.16.16v1.58c.01.09.07.16.16.16m2.43 0h1.76c.08 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16H6.28c-.09 0-.16.07-.16.16v1.58c.01.09.07.16.16.16m2.47 0h1.75c.1 0 .17-.07.17-.16V9.5c0-.08-.06-.16-.17-.16H8.75c-.08 0-.15.07-.15.16v1.58c0 .09.06.16.15.16m2.44 0h1.77c.08 0 .15-.07.15-.16V9.5c0-.08-.06-.16-.15-.16h-1.77c-.08 0-.15.07-.15.16v1.58c0 .09.07.16.15.16M6.28 9h1.76c.08 0 .16-.09.16-.18V7.25c0-.09-.07-.16-.16-.16H6.28c-.09 0-.16.06-.16.16v1.57c.01.09.07.18.16.18m2.47 0h1.75c.1 0 .17-.09.17-.18V7.25c0-.09-.06-.16-.17-.16H8.75c-.08 0-.15.06-.15.16v1.57c0 .09.06.18.15.18m2.44 0h1.77c.08 0 .15-.09.15-.18V7.25c0-.09-.07-.16-.15-.16h-1.77c-.08 0-.15.06-.15.16v1.57c0 .09.07.18.15.18m0-2.28h1.77c.08 0 .15-.07.15-.16V5c0-.1-.07-.17-.15-.17h-1.77c-.08 0-.15.06-.15.17v1.56c0 .08.07.16.15.16m2.46 4.52h1.76c.09 0 .16-.07.16-.16V9.5c0-.08-.07-.16-.16-.16h-1.76c-.08 0-.15.07-.15.16v1.58c0 .09.07.16.15.16'/></svg>",
+  "doctex-installer": "<svg viewBox='0 0 16 16'><path fill='#f57f17' d='M1.25 3 1 5h.5c.25-1.25.25-1.5.988-1.5h.262a.25.25 0 0 1 .25.25v5.5c0 .138 0 .25-.5.25H2v.5h3v-.5h-.5c-.5 0-.5-.112-.5-.25v-5.5a.25.25 0 0 1 .25-.25h.25c.75 0 .75.25 1 1.5H6l-.25-2zM6 12v2h9v-2h-.5v.5c0 .5-.112.5-.25.5h-7.5c-.138 0-.25 0-.25-.5V12zm4-10v8c-.5-.75-2-1.75-2.75-2L7 8.5c1.5.5 2.75 2 3.5 3.5.75-1.5 2-3 3.5-3.5l-.25-.5C13 8.25 11.5 9.25 11 10V2z'/></svg>",
+  "doctex.clone": "<svg viewBox='0 0 1024 1024'><path fill='#f57f17' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
   "document": "<svg fill='none' viewBox='0 0 24 24'><path d='M0 0h24v24H0z'/><path fill='#42a5f5' d='M8 16h8v2H8zm0-4h8v2H8zm6-10H6c-1.1 0-2 .9-2 2v16c0 1.1.89 2 1.99 2H18c1.1 0 2-.9 2-2V8zm4 18H6V4h7v5h5z'/></svg>",
   "dotjs": "<svg viewBox='0 0 400 400'><g fill='#2196f3' fill-opacity='.604' transform='translate(-6.66 100.49)'><ellipse cx='37.18' cy='-256.97' rx='110.14' ry='139.47' transform='matrix(-.3005 .95378 -.96071 -.27755 0 0)'/><ellipse cx='38.835' cy='-197.03' rx='110.14' ry='139.47' transform='matrix(-.3005 .95378 -.96071 -.27755 0 0)'/><ellipse cx='-224.78' cy='-5.066' rx='110.14' ry='139.47' transform='matrix(-.95378 -.3005 .27755 -.96071 0 0)'/><ellipse cx='-228.55' cy='-60.291' rx='110.14' ry='139.47' transform='matrix(-.95378 -.3005 .27755 -.96071 0 0)'/></g></svg>",
   "drawio": "<svg viewBox='0 0 32 32'><path fill='#fb8c00' d='m25.329 20-7.001-8H20V4h-8v8h1.672l-7.001 8H4v8h8v-8H9.328L16 12.376 22.672 20H20v8h8v-8z'/></svg>",
   "drizzle": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='m5.22 23.118 3.647-6.593a1.712 1.712 0 1 0-2.996-1.657L2.224 21.46a1.712 1.712 0 0 0 2.996 1.658m12.02 0 3.648-6.593a1.712 1.712 0 1 0-2.996-1.657l-3.648 6.592a1.712 1.712 0 0 0 2.996 1.658m-3.378-5.96 3.88-6.588a1.706 1.706 0 0 0-2.94-1.73l-3.88 6.588a1.706 1.706 0 0 0 2.94 1.73m12.028 0 3.88-6.588a1.706 1.706 0 0 0-2.94-1.73l-3.88 6.588a1.706 1.706 0 0 0 2.94 1.73'/></svg>",
   "drone": "<svg viewBox='0 0 230 230'><path fill='#cfd8dc' d='m57.01 36.707-.835.834 34.036 34.035c-4.813 7.514-7.584 16.742-7.584 27.239 0 29.18 21.422 48.557 48.557 48.557 10.14 0 19.48-2.706 27.205-7.618l34.21 34.21c-17.726 23.411-45.89 38.151-77.601 38.151-53.627 0-97.114-42.154-97.114-97.114 0-32.685 15.38-60.84 39.125-78.293zm16.188-9.611c12.66-5.927 26.836-9.21 41.799-9.21 53.626 0 97.114 42.155 97.114 97.114 0 15.117-3.29 29.265-9.176 41.833l-30.78-30.78c4.812-7.514 7.584-16.742 7.584-27.239 0-29.18-21.422-48.557-48.557-48.557-10.14 0-19.48 2.706-27.205 7.617zm57.985 100.853c-16.281 0-29.134-11.626-29.134-29.135 0-17.508 12.853-29.134 29.134-29.134s29.134 11.626 29.134 29.134-12.853 29.135-29.134 29.135'/></svg>",
   "drone_light": "<svg viewBox='0 0 230 230'><path fill='#546e7a' d='m57.011 36.707-.834.834 34.036 34.035c-4.813 7.514-7.584 16.742-7.584 27.239 0 29.18 21.422 48.557 48.557 48.557 10.14 0 19.48-2.706 27.205-7.618l34.21 34.21c-17.726 23.411-45.89 38.151-77.601 38.151-53.627 0-97.114-42.154-97.114-97.114 0-32.685 15.38-60.84 39.125-78.293zm16.19-9.611c12.66-5.927 26.835-9.21 41.798-9.21 53.626 0 97.114 42.155 97.114 97.114 0 15.117-3.29 29.265-9.176 41.833l-30.78-30.78c4.813-7.514 7.584-16.742 7.584-27.239 0-29.18-21.422-48.557-48.557-48.557-10.14 0-19.48 2.706-27.205 7.617zm57.984 100.853c-16.281 0-29.134-11.626-29.134-29.135s12.853-29.134 29.134-29.134 29.134 11.626 29.134 29.134-12.853 29.135-29.134 29.135'/></svg>",
-  "duc": "<svg viewBox='0 0 16 16'><path fill='#FF5252' d='M12.564 8.49c.06-.232.124-.46.156-.696.096-.719-.02-1.408-.268-2.08a1 1 0 0 0-.077-.162c-.124-.193-.343-.2-.47-.01a1.3 1.3 0 0 0-.128.277c-.238.653-.553 1.26-1.049 1.758a4.6 4.6 0 0 1-.863.678c.057-.23.161-.42.248-.605.34-.721.513-1.483.619-2.264.088-.658.102-1.32-.072-1.964-.317-1.174-1.01-2.022-2.23-2.32-1.232-.301-2.266.07-3.093 1.026-.227.262-.436.541-.663.804-.377.44-.842.758-1.382.97-.163.065-.328.058-.494.06-.144 0-.29.001-.425.057-.411.168-.503.68-.172 1.03.316.334.732.465 1.176.536.54.088 1.041-.087 1.55-.216.48-.123.96-.253 1.439-.38.086-.022.197-.062.25.008.047.062-.023.158-.062.231-.117.218-.301.369-.502.504-.511.344-1.056.639-1.535 1.031-.914.751-1.528 1.684-1.673 2.877-.169 1.384.26 2.593 1.173 3.627.6.68 1.332 1.196 2.202 1.467 1.677.523 3.243.282 4.656-.784 1.448-1.092 2.2-2.583 2.438-4.356a3.5 3.5 0 0 0 .016-.934c-.051-.381-.274-.478-.585-.255q-.065.046-.134.088c-.008.005-.021-.001-.046-.004Z'/></svg>",
+  "dtx.clone": "<svg viewBox='0 0 1024 1024'><path fill='#f57f17' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
+  "duc": "<svg viewBox='0 0 16 16'><path fill='#ff5252' d='M12.564 8.49c.06-.232.124-.46.156-.696.096-.719-.02-1.408-.268-2.08a1 1 0 0 0-.077-.162c-.124-.193-.343-.2-.47-.01a1.3 1.3 0 0 0-.128.277c-.238.653-.553 1.26-1.049 1.758a4.6 4.6 0 0 1-.863.678c.057-.23.161-.42.248-.605.34-.721.513-1.483.619-2.264.088-.658.102-1.32-.072-1.964-.317-1.174-1.01-2.022-2.23-2.32-1.232-.301-2.266.07-3.093 1.026-.227.262-.436.541-.663.804-.377.44-.842.758-1.382.97-.163.065-.328.058-.494.06-.144 0-.29.001-.425.057-.411.168-.503.68-.172 1.03.316.334.732.465 1.176.536.54.088 1.041-.087 1.55-.216.48-.123.96-.253 1.439-.38.086-.022.197-.062.25.008.047.062-.023.158-.062.231-.117.218-.301.369-.502.504-.511.344-1.056.639-1.535 1.031-.914.751-1.528 1.684-1.673 2.877-.169 1.384.26 2.593 1.173 3.627.6.68 1.332 1.196 2.202 1.467 1.677.523 3.243.282 4.656-.784 1.448-1.092 2.2-2.583 2.438-4.356a3.5 3.5 0 0 0 .016-.934c-.051-.381-.274-.478-.585-.255q-.065.046-.134.088c-.008.005-.021-.001-.046-.004Z'/></svg>",
   "dune": "<svg viewBox='0 0 24 24'><path fill='#f57c00' d='m14 6-3.75 5 2.85 3.8-1.6 1.2C9.81 13.75 7 10 7 10l-6 8h22z'/></svg>",
   "edge": "<svg viewBox='0 0 24 24'><path fill='#ef6c00' d='M12 15c.81 0 1.5-.3 2.11-.89.59-.61.89-1.3.89-2.11s-.3-1.5-.89-2.11C13.5 9.3 12.81 9 12 9s-1.5.3-2.11.89C9.3 10.5 9 11.19 9 12s.3 1.5.89 2.11c.61.59 1.3.89 2.11.89m0-13c2.75 0 5.1 1 7.05 2.95S22 9.25 22 12v1.45c0 1-.35 1.85-1 2.55-.7.67-1.5 1-2.5 1-1.2 0-2.19-.5-2.94-1.5-1 1-2.18 1.5-3.56 1.5-1.37 0-2.55-.5-3.54-1.46C7.5 14.55 7 13.38 7 12c0-1.37.5-2.55 1.46-3.54C9.45 7.5 10.63 7 12 7c1.38 0 2.55.5 3.54 1.46C16.5 9.45 17 10.63 17 12v1.45c0 .41.16.77.46 1.08s.65.47 1.04.47c.42 0 .77-.16 1.07-.47s.43-.67.43-1.08V12c0-2.19-.77-4.07-2.35-5.65S14.19 4 12 4s-4.07.77-5.65 2.35S4 9.81 4 12s.77 4.07 2.35 5.65S9.81 20 12 20h5v2h-5c-2.75 0-5.1-1-7.05-2.95S2 14.75 2 12s1-5.1 2.95-7.05S9.25 2 12 2'/></svg>",
-  "editorconfig": "<svg clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 3473 3473'><path fill='#EDE7F6' d='M989.342 1977.409c41.146-26.835 75.137-93.922 54.564-141.33-56.353 24.151-53.67 79.61-54.564 141.33m636.877 153.851c44.724-14.311 87.66-64.402 63.509-116.283-34.886 24.151-57.248 57.247-63.51 116.284z'/><g fill='#FAFAFA'><path d='M374.827 2871.899c0 56.352 14.312 117.178 53.67 138.645 144.907 81.4 652.977 17.89 825.614-20.573 90.343-20.573 163.692-87.66 248.668-124.334 191.421-83.187 330.067-150.274 483.025-262.085 110.916-81.399 287.131-310.388 305.915-447.245l-151.169-33.991c-3.578 153.852-38.463 188.737-175.32 224.517-92.132 25.046-271.925 30.413-365.846 14.312-124.334-20.574-180.687-85.871-237.04-160.114-109.128-144.907 24.151-245.985-148.485-255.824-181.582 222.728-501.81 62.614-642.244 40.252-59.93 86.765-200.366 650.294-198.577 779.1 86.766-29.517 141.33 2.684 219.15 33.097 275.503 106.444 34.885 200.366-75.137 172.636-75.137-17.89-98.394-67.086-142.224-98.393m360.48-1285.383c111.81 21.468 211.1 67.982 305.915 115.39 154.747 76.926 182.476 66.192 196.788 173.53 1.789 19.68-1.789 30.413 54.564 48.303 94.816 29.518-54.564-23.257 199.471-22.362 151.169.894 497.337 61.72 609.148 132.384 46.513 29.519 37.568 67.087 194.999 62.615-1.79-185.16-50.986-461.557-123.44-631.51-88.554-205.733-205.733-237.04-444.561-313.966-139.54-44.725-549.217-93.922-676.235-15.207-118.967 74.243-141.33 162.798-252.246 318.439-32.202 45.619-43.83 80.504-64.403 132.384'/><path d='M1720.14 1966.675c89.45 36.674-4.472 273.714-128.806 216.466-40.252-113.6 55.458-178.003 81.398-228.99-53.67-8.05-206.627-32.2-252.246-15.206-59.036 22.363-72.454 148.486-42.041 207.522 143.118 280.87 775.523 220.94 708.436 2.684-26.835-88.555-51.88-102.867-142.224-133.28-72.454-24.15-144.907-49.196-224.517-49.196m-1124.374-31.307c71.56 68.875 233.462 79.61 338.117 84.976 13.418-138.646 25.046-242.407 135.963-234.356 54.564 74.242 25.94 161.902-31.307 218.255 97.5-.894 153.852-74.242 139.54-180.687-82.293-59.036-331.856-177.109-457.084-194.104-34.885 37.569-120.756 243.301-125.229 305.916'/></g><path d='M427.602 2820.913c59.036-5.367 212.889 39.357 225.412 89.449-95.71 11.628-217.361 2.683-225.412-89.45zm-52.775 50.986c43.83 31.307 67.087 80.504 142.224 98.393 110.022 27.73 350.64-66.192 75.137-172.636-77.82-30.413-132.384-62.614-219.15-33.096-1.789-128.807 138.646-692.336 198.577-779.101 140.435 22.362 460.662 182.476 642.244-40.252 172.636 9.84 39.357 110.917 148.485 255.824 56.353 74.243 112.706 139.54 237.04 160.114 93.921 16.1 273.714 10.734 365.846-14.312 136.857-35.78 171.742-70.665 175.32-224.517l151.17 33.99c-18.785 136.858-195 365.847-305.916 447.246-152.958 111.81-291.604 178.898-483.025 262.085-84.976 36.674-158.325 103.761-248.668 124.334-172.637 38.463-680.707 101.972-825.614 20.574-39.358-21.468-53.67-82.294-53.67-138.646M1626.22 2131.26c6.261-59.037 28.623-92.133 63.508-116.284 24.152 51.88-18.784 101.972-63.508 116.284m93.921-164.586c79.61 0 152.063 25.045 224.517 49.197 90.344 30.412 115.39 44.724 142.224 133.279 67.087 218.255-565.318 278.186-708.436-2.684-30.413-59.036-16.995-185.16 42.041-207.522 45.619-16.995 198.577 7.156 252.246 15.207-25.94 50.986-121.65 115.389-81.398 228.99 124.334 57.247 218.255-179.793 128.806-216.467m-730.798 10.734c.894-61.72-1.79-117.179 54.564-141.33 20.573 47.408-13.418 114.495-54.564 141.33m-393.576-42.041c4.473-62.615 90.344-268.347 125.229-305.916 125.228 16.995 374.791 135.068 457.084 194.104 14.312 106.445-42.04 179.793-139.54 180.687 57.247-56.353 85.87-144.013 31.307-218.255-110.917-8.05-122.545 95.71-135.963 234.356-104.655-5.367-266.558-16.1-338.117-84.976m-89.449-71.56c-33.096-91.238-33.096-233.462 107.339-245.09l-71.56 199.471c-18.783 42.936-18.783 33.096-35.779 45.62zm228.99-277.292c20.573-51.88 32.201-86.765 64.403-132.384 110.917-155.641 133.279-244.196 252.246-318.439 127.018-78.715 536.694-29.518 676.235 15.207 238.828 76.926 356.007 108.233 444.561 313.966 72.454 169.953 121.65 446.35 123.44 631.51-157.43 4.472-148.486-33.096-195-62.615-111.81-70.664-457.978-131.49-609.147-132.384-254.035-.895-104.655 51.88-199.471 22.362-56.353-17.89-52.775-28.624-54.564-48.302-14.312-107.34-42.041-96.605-196.788-173.531-94.816-47.408-194.104-93.922-305.915-115.39m1583.247-43.83c-16.995-56.352 14.312-52.775 68.876-91.238 31.307-22.362 56.353-45.619 94.816-67.086 144.013-80.504 412.36-93.922 526.854 1.789 46.514 38.463 122.545 113.6 110.917 211.994-24.151 195.893-158.325 303.232-268.347 392.68-111.811 91.239-297.865 185.16-490.18 122.546-16.101-39.358-3.578-288.92-22.363-381.053-16.995-82.293-8.05-91.238 39.358-140.435 139.54-144.907 441.878-250.457 613.62-126.123 72.454 53.67 51.88 74.243 89.449 115.39 46.513-50.092-40.252-218.256-360.48-207.522-217.36 7.156-311.282 177.109-402.52 169.058m-1302.377-508.964c4.472-124.335 118.967-381.948 233.461-471.397 138.646-107.338 283.554-208.416 496.442-87.66 52.775 29.519 50.092 44.725 55.459 118.073 4.472 70.665-1.79 96.605-19.679 153.852-141.33 456.19-259.402 194.105-712.014 302.338 16.995-148.485 145.802-280.87 217.361-349.746 122.545-118.967 211.1-195.893 395.365-170.847 50.986 84.976 56.352 138.646-5.367 237.934-82.293 132.385-102.867 124.334-90.344 214.678 64.403-16.101 84.082-78.715 113.6-141.33 179.793-375.686-81.398-421.305-241.512-352.429-107.339 45.62-298.76 256.719-361.374 383.736-12.523 25.046-25.94 57.248-37.568 84.977zm708.436 18.784c18.784-111.811 129.7-139.54 129.7-483.92 0-148.485-182.475-281.764-421.304-182.475-204.838 84.082-236.145 148.485-345.273 313.071-102.867 155.642-99.289 326.49-187.843 470.502-25.94 41.147-49.197 55.458-77.82 96.605-20.574 30.413-35.78 68.876-56.354 104.655-42.04 68.876-84.976 118.968-118.967 201.26-107.339 2.684-197.682 4.473-208.416 115.39-14.312 152.063 57.247 189.632 57.247 246.879-.894 61.72-251.351 684.285-181.581 1055.498 19.679 101.972 86.765 102.867 194.104 115.39 258.508 31.307 593.942 20.573 825.614-72.454l420.41-201.26c106.445-59.931 285.343-173.532 364.953-256.72 56.353-58.141 85.87-107.338 134.173-176.214 66.192-96.605 67.981-94.816 82.293-226.306 87.66 16.101 251.352 54.564 305.916 101.972-6.262 61.72-36.674 32.202-36.674 87.66 34.885.895 93.027-42.935 107.339-91.238-36.675-53.67-75.138-44.724-127.913-87.66 42.042-33.096 118.073-48.302 176.215-72.453 125.229-51.88 339.012-209.311 391.787-352.43 42.04-115.389 10.734-307.704-57.248-382.841-71.559-78.715-237.934-118.967-373.897-118.967-161.902 0-329.172 116.283-459.767 166.375-50.092-43.83-53.67-93.922-90.344-142.224-42.04-57.248-315.755-200.366-446.35-228.095'/><path fill='#EFEBE9' d='M2318.554 1542.686c91.238 8.05 185.16-161.902 402.52-169.058 320.228-10.734 406.993 157.43 360.48 207.521-37.569-41.146-16.995-61.72-89.45-115.389-171.741-124.334-474.079-18.784-613.62 126.123-47.407 49.197-56.352 58.142-39.357 140.435 18.785 92.133 6.262 341.695 22.362 381.053 192.316 62.614 378.37-31.307 490.181-122.545 110.022-89.45 244.196-196.788 268.347-392.681 11.628-98.394-64.403-173.531-110.917-211.994-114.494-95.71-382.841-82.293-526.854-1.79-38.463 21.468-63.51 44.725-94.816 67.087-54.564 38.464-85.871 34.886-68.876 91.238m-1302.377-508.964 43.83-77.821c11.628-27.73 25.045-59.93 37.568-84.977 62.614-127.017 254.035-338.117 361.374-383.736 160.114-68.876 421.305-23.257 241.512 352.43-29.518 62.614-49.197 125.228-113.6 141.329-12.523-90.344 8.05-82.293 90.344-214.678 61.72-99.288 56.353-152.958 5.367-237.934-184.265-25.046-272.82 51.88-395.365 170.847-71.56 68.876-200.366 201.26-217.361 349.746 452.612-108.233 570.685 153.852 712.014-302.338 17.89-57.247 24.151-83.187 19.679-153.852-5.367-73.348-2.684-88.554-55.459-118.073-212.888-120.756-357.796-19.678-496.442 87.66-114.494 89.45-228.989 347.062-233.461 471.397'/><path fill='#EEE' d='M506.317 1863.808c16.996-12.523 16.996-2.683 35.78-45.619l71.559-199.47c-140.435 11.627-140.435 153.851-107.339 245.09z'/><path fill='#EFEBE9' d='M653.014 2910.362c-12.523-50.092-166.376-94.816-225.412-89.45 8.05 92.133 129.701 101.078 225.412 89.45'/></svg>",
+  "editorconfig": "<svg clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 3473 3473'><path fill='#ede7f6' d='M989.342 1977.409c41.146-26.835 75.137-93.922 54.564-141.33-56.353 24.151-53.67 79.61-54.564 141.33m636.877 153.851c44.724-14.311 87.66-64.402 63.509-116.283-34.886 24.151-57.248 57.247-63.51 116.284z'/><g fill='#fafafa'><path d='M374.827 2871.899c0 56.352 14.312 117.178 53.67 138.645 144.907 81.4 652.977 17.89 825.614-20.573 90.343-20.573 163.692-87.66 248.668-124.334 191.421-83.187 330.067-150.274 483.025-262.085 110.916-81.399 287.131-310.388 305.915-447.245l-151.169-33.991c-3.578 153.852-38.463 188.737-175.32 224.517-92.132 25.046-271.925 30.413-365.846 14.312-124.334-20.574-180.687-85.871-237.04-160.114-109.128-144.907 24.151-245.985-148.485-255.824-181.582 222.728-501.81 62.614-642.244 40.252-59.93 86.765-200.366 650.294-198.577 779.1 86.766-29.517 141.33 2.684 219.15 33.097 275.503 106.444 34.885 200.366-75.137 172.636-75.137-17.89-98.394-67.086-142.224-98.393m360.48-1285.383c111.81 21.468 211.1 67.982 305.915 115.39 154.747 76.926 182.476 66.192 196.788 173.53 1.789 19.68-1.789 30.413 54.564 48.303 94.816 29.518-54.564-23.257 199.471-22.362 151.169.894 497.337 61.72 609.148 132.384 46.513 29.519 37.568 67.087 194.999 62.615-1.79-185.16-50.986-461.557-123.44-631.51-88.554-205.733-205.733-237.04-444.561-313.966-139.54-44.725-549.217-93.922-676.235-15.207-118.967 74.243-141.33 162.798-252.246 318.439-32.202 45.619-43.83 80.504-64.403 132.384'/><path d='M1720.14 1966.675c89.45 36.674-4.472 273.714-128.806 216.466-40.252-113.6 55.458-178.003 81.398-228.99-53.67-8.05-206.627-32.2-252.246-15.206-59.036 22.363-72.454 148.486-42.041 207.522 143.118 280.87 775.523 220.94 708.436 2.684-26.835-88.555-51.88-102.867-142.224-133.28-72.454-24.15-144.907-49.196-224.517-49.196m-1124.374-31.307c71.56 68.875 233.462 79.61 338.117 84.976 13.418-138.646 25.046-242.407 135.963-234.356 54.564 74.242 25.94 161.902-31.307 218.255 97.5-.894 153.852-74.242 139.54-180.687-82.293-59.036-331.856-177.109-457.084-194.104-34.885 37.569-120.756 243.301-125.229 305.916'/></g><path d='M427.602 2820.913c59.036-5.367 212.889 39.357 225.412 89.449-95.71 11.628-217.361 2.683-225.412-89.45zm-52.775 50.986c43.83 31.307 67.087 80.504 142.224 98.393 110.022 27.73 350.64-66.192 75.137-172.636-77.82-30.413-132.384-62.614-219.15-33.096-1.789-128.807 138.646-692.336 198.577-779.101 140.435 22.362 460.662 182.476 642.244-40.252 172.636 9.84 39.357 110.917 148.485 255.824 56.353 74.243 112.706 139.54 237.04 160.114 93.921 16.1 273.714 10.734 365.846-14.312 136.857-35.78 171.742-70.665 175.32-224.517l151.17 33.99c-18.785 136.858-195 365.847-305.916 447.246-152.958 111.81-291.604 178.898-483.025 262.085-84.976 36.674-158.325 103.761-248.668 124.334-172.637 38.463-680.707 101.972-825.614 20.574-39.358-21.468-53.67-82.294-53.67-138.646M1626.22 2131.26c6.261-59.037 28.623-92.133 63.508-116.284 24.152 51.88-18.784 101.972-63.508 116.284m93.921-164.586c79.61 0 152.063 25.045 224.517 49.197 90.344 30.412 115.39 44.724 142.224 133.279 67.087 218.255-565.318 278.186-708.436-2.684-30.413-59.036-16.995-185.16 42.041-207.522 45.619-16.995 198.577 7.156 252.246 15.207-25.94 50.986-121.65 115.389-81.398 228.99 124.334 57.247 218.255-179.793 128.806-216.467m-730.798 10.734c.894-61.72-1.79-117.179 54.564-141.33 20.573 47.408-13.418 114.495-54.564 141.33m-393.576-42.041c4.473-62.615 90.344-268.347 125.229-305.916 125.228 16.995 374.791 135.068 457.084 194.104 14.312 106.445-42.04 179.793-139.54 180.687 57.247-56.353 85.87-144.013 31.307-218.255-110.917-8.05-122.545 95.71-135.963 234.356-104.655-5.367-266.558-16.1-338.117-84.976m-89.449-71.56c-33.096-91.238-33.096-233.462 107.339-245.09l-71.56 199.471c-18.783 42.936-18.783 33.096-35.779 45.62zm228.99-277.292c20.573-51.88 32.201-86.765 64.403-132.384 110.917-155.641 133.279-244.196 252.246-318.439 127.018-78.715 536.694-29.518 676.235 15.207 238.828 76.926 356.007 108.233 444.561 313.966 72.454 169.953 121.65 446.35 123.44 631.51-157.43 4.472-148.486-33.096-195-62.615-111.81-70.664-457.978-131.49-609.147-132.384-254.035-.895-104.655 51.88-199.471 22.362-56.353-17.89-52.775-28.624-54.564-48.302-14.312-107.34-42.041-96.605-196.788-173.531-94.816-47.408-194.104-93.922-305.915-115.39m1583.247-43.83c-16.995-56.352 14.312-52.775 68.876-91.238 31.307-22.362 56.353-45.619 94.816-67.086 144.013-80.504 412.36-93.922 526.854 1.789 46.514 38.463 122.545 113.6 110.917 211.994-24.151 195.893-158.325 303.232-268.347 392.68-111.811 91.239-297.865 185.16-490.18 122.546-16.101-39.358-3.578-288.92-22.363-381.053-16.995-82.293-8.05-91.238 39.358-140.435 139.54-144.907 441.878-250.457 613.62-126.123 72.454 53.67 51.88 74.243 89.449 115.39 46.513-50.092-40.252-218.256-360.48-207.522-217.36 7.156-311.282 177.109-402.52 169.058m-1302.377-508.964c4.472-124.335 118.967-381.948 233.461-471.397 138.646-107.338 283.554-208.416 496.442-87.66 52.775 29.519 50.092 44.725 55.459 118.073 4.472 70.665-1.79 96.605-19.679 153.852-141.33 456.19-259.402 194.105-712.014 302.338 16.995-148.485 145.802-280.87 217.361-349.746 122.545-118.967 211.1-195.893 395.365-170.847 50.986 84.976 56.352 138.646-5.367 237.934-82.293 132.385-102.867 124.334-90.344 214.678 64.403-16.101 84.082-78.715 113.6-141.33 179.793-375.686-81.398-421.305-241.512-352.429-107.339 45.62-298.76 256.719-361.374 383.736-12.523 25.046-25.94 57.248-37.568 84.977zm708.436 18.784c18.784-111.811 129.7-139.54 129.7-483.92 0-148.485-182.475-281.764-421.304-182.475-204.838 84.082-236.145 148.485-345.273 313.071-102.867 155.642-99.289 326.49-187.843 470.502-25.94 41.147-49.197 55.458-77.82 96.605-20.574 30.413-35.78 68.876-56.354 104.655-42.04 68.876-84.976 118.968-118.967 201.26-107.339 2.684-197.682 4.473-208.416 115.39-14.312 152.063 57.247 189.632 57.247 246.879-.894 61.72-251.351 684.285-181.581 1055.498 19.679 101.972 86.765 102.867 194.104 115.39 258.508 31.307 593.942 20.573 825.614-72.454l420.41-201.26c106.445-59.931 285.343-173.532 364.953-256.72 56.353-58.141 85.87-107.338 134.173-176.214 66.192-96.605 67.981-94.816 82.293-226.306 87.66 16.101 251.352 54.564 305.916 101.972-6.262 61.72-36.674 32.202-36.674 87.66 34.885.895 93.027-42.935 107.339-91.238-36.675-53.67-75.138-44.724-127.913-87.66 42.042-33.096 118.073-48.302 176.215-72.453 125.229-51.88 339.012-209.311 391.787-352.43 42.04-115.389 10.734-307.704-57.248-382.841-71.559-78.715-237.934-118.967-373.897-118.967-161.902 0-329.172 116.283-459.767 166.375-50.092-43.83-53.67-93.922-90.344-142.224-42.04-57.248-315.755-200.366-446.35-228.095'/><path fill='#efebe9' d='M2318.554 1542.686c91.238 8.05 185.16-161.902 402.52-169.058 320.228-10.734 406.993 157.43 360.48 207.521-37.569-41.146-16.995-61.72-89.45-115.389-171.741-124.334-474.079-18.784-613.62 126.123-47.407 49.197-56.352 58.142-39.357 140.435 18.785 92.133 6.262 341.695 22.362 381.053 192.316 62.614 378.37-31.307 490.181-122.545 110.022-89.45 244.196-196.788 268.347-392.681 11.628-98.394-64.403-173.531-110.917-211.994-114.494-95.71-382.841-82.293-526.854-1.79-38.463 21.468-63.51 44.725-94.816 67.087-54.564 38.464-85.871 34.886-68.876 91.238m-1302.377-508.964 43.83-77.821c11.628-27.73 25.045-59.93 37.568-84.977 62.614-127.017 254.035-338.117 361.374-383.736 160.114-68.876 421.305-23.257 241.512 352.43-29.518 62.614-49.197 125.228-113.6 141.329-12.523-90.344 8.05-82.293 90.344-214.678 61.72-99.288 56.353-152.958 5.367-237.934-184.265-25.046-272.82 51.88-395.365 170.847-71.56 68.876-200.366 201.26-217.361 349.746 452.612-108.233 570.685 153.852 712.014-302.338 17.89-57.247 24.151-83.187 19.679-153.852-5.367-73.348-2.684-88.554-55.459-118.073-212.888-120.756-357.796-19.678-496.442 87.66-114.494 89.45-228.989 347.062-233.461 471.397'/><path fill='#eee' d='M506.317 1863.808c16.996-12.523 16.996-2.683 35.78-45.619l71.559-199.47c-140.435 11.627-140.435 153.851-107.339 245.09z'/><path fill='#efebe9' d='M653.014 2910.362c-12.523-50.092-166.376-94.816-225.412-89.45 8.05 92.133 129.701 101.078 225.412 89.45'/></svg>",
   "ejs": "<svg fill='none' viewBox='0 0 24 24'><path fill='#ffca28' d='M8.046 4.862.908 12l7.138 7.138 2.71-2.691L6.308 12l4.446-4.447z'/><ellipse cx='14.543' cy='7.812' stroke='#ffca28' stroke-width='1.455' rx='2.101' ry='2.798'/><path fill='#ffca28' d='m20.616 4.152 1.47.69-7.783 15.005-1.47-.69z'/><ellipse cx='20.35' cy='16.198' stroke='#ffca28' stroke-width='1.455' rx='2.101' ry='2.798'/></svg>",
   "elixir": "<svg viewBox='0 0 24 24'><path fill='#9575cd' d='M12.173 22.681c-3.86 0-6.99-3.64-6.99-8.13 0-3.678 2.773-8.172 4.916-10.91 1.014-1.296 2.93-2.322 2.93-2.322s-.982 5.239 1.683 7.319c2.366 1.847 4.106 4.25 4.106 6.363 0 4.232-2.784 7.68-6.645 7.68'/></svg>",
-  "elm": "<svg viewBox='0 0 323 323'><path fill='#FFB300' d='m106.716 99.763 54.785 54.782 54.779-54.782z'/><path fill='#64DD17' d='M96.881 89.93H216.83l-55.18-55.184H41.7zm131.546 11.593 59.705 59.704L228.16 221.2l-59.705-59.704z'/><path fill='#00B8D4' d='m175.552 34.746 112.703 112.695V34.746z'/><path fill='#455A64' d='m34.746 281.3 119.8-119.8-119.8-119.8z'/><path fill='#FFB300' d='m288.255 175.01-53.148 53.149 53.148 53.14z'/><path fill='#00B8D4' d='M281.3 288.254 161.5 168.455l-119.8 119.8z'/></svg>",
+  "elm": "<svg viewBox='0 0 323 323'><path fill='#ffb300' d='m106.716 99.763 54.785 54.782 54.779-54.782z'/><path fill='#64dd17' d='M96.881 89.93H216.83l-55.18-55.184H41.7zm131.546 11.593 59.705 59.704L228.16 221.2l-59.705-59.704z'/><path fill='#00b8d4' d='m175.552 34.746 112.703 112.695V34.746z'/><path fill='#455a64' d='m34.746 281.3 119.8-119.8-119.8-119.8z'/><path fill='#ffb300' d='m288.255 175.01-53.148 53.149 53.148 53.14z'/><path fill='#00b8d4' d='M281.3 288.254 161.5 168.455l-119.8 119.8z'/></svg>",
   "email": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M28 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V8a2 2 0 0 0-2-2m0 6-12 6-12-6V8l12 6 12-6Z'/></svg>",
-  "ember": "<svg viewBox='0 0 24 24'><path fill='#FF5722' d='M12.78 4c1.79-.03 3.18.35 4.12 1.99 2.36 5.88-6.08 8.92-6.42 9.04h-.01s-.25 1.6 2.17 1.54c2.98 0 6.1-2.31 7.3-3.3.29-.23.71-.21.97.06l.89.93c.25.27.26.69.02.97-.77.87-2.59 2.65-5.33 3.79 0 0-4.57 2.13-7.65.12-1.83-1.2-2.34-2.64-2.55-4.13 0 0-2.23-.12-3.66-.67-1.44-.57.01-2.26.01-2.26s.44-.71 1.28 0c.83.71 2.4.39 2.4.39.14-1.11.37-2.57 1.06-4.11C8.81 5.14 11 4.04 12.78 4m1.05 3.24c-.94-.91-3.67.91-3.78 5.09 0 0 .81.24 2.58-.98 1.79-1.23 2.13-3.19 1.19-4.11z'/></svg>",
+  "ember": "<svg viewBox='0 0 24 24'><path fill='#ff5722' d='M12.78 4c1.79-.03 3.18.35 4.12 1.99 2.36 5.88-6.08 8.92-6.42 9.04h-.01s-.25 1.6 2.17 1.54c2.98 0 6.1-2.31 7.3-3.3.29-.23.71-.21.97.06l.89.93c.25.27.26.69.02.97-.77.87-2.59 2.65-5.33 3.79 0 0-4.57 2.13-7.65.12-1.83-1.2-2.34-2.64-2.55-4.13 0 0-2.23-.12-3.66-.67-1.44-.57.01-2.26.01-2.26s.44-.71 1.28 0c.83.71 2.4.39 2.4.39.14-1.11.37-2.57 1.06-4.11C8.81 5.14 11 4.04 12.78 4m1.05 3.24c-.94-.91-3.67.91-3.78 5.09 0 0 .81.24 2.58-.98 1.79-1.23 2.13-3.19 1.19-4.11z'/></svg>",
   "epub": "<svg viewBox='0 0 16 16'><path fill='#8bc34a' d='M8 12.401 3.601 8 8 3.601l1.468 1.466L6.534 8 8 9.467l4.4-4.4-3.833-3.832a.8.8 0 0 0-1.133 0L1.235 7.434a.8.8 0 0 0 0 1.133l6.199 6.199a.8.8 0 0 0 1.133 0l6.199-6.199a.803.803 0 0 0 0-1.133l-.9-.899z'/></svg>",
   "erlang": "<svg viewBox='0 0 30 30'><path fill='#f44336' d='M5.207 4.33q-.072.075-.143.153Q1.5 8.476 1.5 15.33c0 4.418 1.155 7.862 3.459 10.34h19.415c2.553-1.152 4.127-3.43 4.127-3.43l-3.147-2.52L23.9 21.1c-.867.773-.845.931-2.315 1.78-1.495.674-3.04.966-4.634.966-2.515 0-4.423-.909-5.723-2.059-1.286-1.15-1.985-4.511-2.096-6.68l17.458.067-.183-1.472s-.847-7.129-2.541-9.372zm8.76.846c1.565 0 3.22.535 3.961 1.471.74.937.931 1.667.973 3.524H9.11c.112-1.955.436-2.81 1.373-3.698.936-.887 2.03-1.297 3.484-1.297'/></svg>",
   "esbuild": "<svg viewBox='0 0 24 24'><path fill='#ffca28' d='M12 2.042A9.957 9.957 0 0 0 2.043 12 9.957 9.957 0 0 0 12 21.957 9.957 9.957 0 0 0 21.957 12 9.957 9.957 0 0 0 12 2.043zM7.617 6.425 13.192 12l-5.575 5.575-1.69-1.69L9.814 12 5.926 8.115zm5.975 0L19.166 12l-5.574 5.575-1.69-1.69L15.787 12l-3.885-3.885z'/></svg>",
   "eslint": "<svg viewBox='0 0 32 32'><path fill='#3f51b5' d='M22.713 4H9.287a.5.5 0 0 0-.432.248l-6.708 11.5a.5.5 0 0 0 0 .504l6.708 11.5a.5.5 0 0 0 .432.248h13.426a.5.5 0 0 0 .432-.248l6.708-11.5a.5.5 0 0 0 0-.504l-6.708-11.5A.5.5 0 0 0 22.713 4m-6.937 20.888-7.5-3.75A.5.5 0 0 1 8 20.691v-9.382a.5.5 0 0 1 .276-.447l7.5-3.75a.5.5 0 0 1 .448 0l7.5 3.75a.5.5 0 0 1 .276.447v9.382a.5.5 0 0 1-.276.447l-7.5 3.75a.5.5 0 0 1-.448 0'/><path fill='#7986cb' d='M22 19.441v-6.882a.5.5 0 0 0-.276-.447l-5.5-2.75a.5.5 0 0 0-.448 0l-5.5 2.75a.5.5 0 0 0-.276.447v6.882a.5.5 0 0 0 .276.447l5.5 2.75a.5.5 0 0 0 .448 0l5.5-2.75a.5.5 0 0 0 .276-.447'/></svg>",
+  "excalidraw": "<svg viewBox='0 0 16 16'><path fill='#5c6bc0' d='m15 1-5 1-9 10 3 3 10-9zm-4 3h1v1h-1zm1 5-3 3 4 3 2-2zM7 4 4 7 2 5 1 1l4 1z'/></svg>",
   "exe": "<svg viewBox='0 0 32 32'><path fill='#e64a19' d='M28 4H4a2 2 0 0 0-2 2v20a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2m0 22H4V10h24Z'/></svg>",
-  "fastlane": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 300 300'><path fill='#2979FF' d='M242.745 89.48c-11.223 0-21.398 4.463-28.867 11.7l-47.366-33.917c.295-1.238.469-2.524.469-3.854 0-9.167-7.432-16.6-16.6-16.6s-16.601 7.433-16.601 16.6c0 9.169 7.433 16.6 16.6 16.6 3.21 0 6.197-.927 8.738-2.504L217.1 119.7c4.52-9.428 14.49-16.77 25.645-16.77 15.492 0 28.051 12.558 28.051 28.05 0 12.38-8.02 22.887-19.148 26.608l3.806 12.91c16.703-5.368 28.79-21.03 28.79-39.518 0-22.92-18.579-41.5-41.5-41.5'/><path fill='#E64A19' d='M109.689 49.166c-3.389 10.669-2.22 21.69 2.405 30.977l-46.546 34.784a16.6 16.6 0 0 0-3.523-1.609c-8.716-2.768-18.026 2.053-20.794 10.768s2.053 18.026 10.767 20.794c8.716 2.769 18.026-2.052 20.795-10.767a16.46 16.46 0 0 0 .257-9.062l57.623-42.379c-7.598-7.144-11.567-18.84-8.2-29.444 4.68-14.727 20.411-22.874 35.139-18.195 11.768 3.738 19.334 14.535 19.513 26.238l13.421.28c-.059-17.5-11.299-33.721-28.873-39.304-21.788-6.921-45.063 5.13-51.984 26.92'/><path fill='#00bcd4' d='M32.81 161.347a41.37 41.37 0 0 0 30.043 7.612l18.362 54.878a16.3 16.3 0 0 0-2.621 2.8c-5.338 7.316-3.686 17.611 3.692 22.994 7.377 5.383 17.685 3.815 23.023-3.501 5.34-7.316 3.687-17.61-3.69-22.994a16.53 16.53 0 0 0-8.489-3.13l-22.086-67.718c-9.128 4.87-21.425 4.875-30.402-1.674-12.465-9.097-15.258-26.492-6.237-38.855 7.21-9.88 19.78-13.556 30.9-9.993l4.456-12.536c-16.566-5.525-35.414-.121-46.179 14.631-13.346 18.291-9.214 44.029 9.229 57.486'/><path fill='#8BC34A' d='M245.283 225.838c-3.42-10.583-10.75-18.811-19.884-23.64l17.72-55.05a16.6 16.6 0 0 0 3.796-.739c8.69-2.808 13.47-12.093 10.679-20.737-2.793-8.646-12.102-13.378-20.793-10.57-8.69 2.806-13.472 12.09-10.679 20.736a16.3 16.3 0 0 0 5.036 7.472l-22.334 67.6c10.315 1.374 20.312 8.527 23.71 19.046 4.72 14.61-3.36 30.298-18.044 35.042-11.735 3.791-24.138-.554-31.055-9.908l-11.078 7.543c10.176 14.106 28.706 20.71 46.23 15.048 21.726-7.019 33.678-30.23 26.696-51.843'/><path fill='#A0F' d='M116.724 270.244c9.003-6.587 14.547-16.139 16.291-26.33l57.906-.59a16.5 16.5 0 0 0 1.887 3.366c5.382 7.355 15.706 8.955 23.061 3.574s8.955-15.705 3.575-23.06c-5.382-7.356-15.706-8.956-23.061-3.575a16.4 16.4 0 0 0-5.54 7.137l-71.283.182c1.908 10.217-1.78 21.958-10.73 28.506-12.428 9.093-29.875 6.39-38.968-6.039-7.266-9.932-6.999-23.068-.257-32.585l-10.631-8.123c-10.249 14.11-10.752 33.77.098 48.601 13.453 18.389 39.265 22.389 57.652 8.936'/></svg>",
+  "fastlane": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 300 300'><path fill='#2979ff' d='M242.745 89.48c-11.223 0-21.398 4.463-28.867 11.7l-47.366-33.917c.295-1.238.469-2.524.469-3.854 0-9.167-7.432-16.6-16.6-16.6s-16.601 7.433-16.601 16.6c0 9.169 7.433 16.6 16.6 16.6 3.21 0 6.197-.927 8.738-2.504L217.1 119.7c4.52-9.428 14.49-16.77 25.645-16.77 15.492 0 28.051 12.558 28.051 28.05 0 12.38-8.02 22.887-19.148 26.608l3.806 12.91c16.703-5.368 28.79-21.03 28.79-39.518 0-22.92-18.579-41.5-41.5-41.5'/><path fill='#e64a19' d='M109.689 49.166c-3.389 10.669-2.22 21.69 2.405 30.977l-46.546 34.784a16.6 16.6 0 0 0-3.523-1.609c-8.716-2.768-18.026 2.053-20.794 10.768s2.053 18.026 10.767 20.794c8.716 2.769 18.026-2.052 20.795-10.767a16.46 16.46 0 0 0 .257-9.062l57.623-42.379c-7.598-7.144-11.567-18.84-8.2-29.444 4.68-14.727 20.411-22.874 35.139-18.195 11.768 3.738 19.334 14.535 19.513 26.238l13.421.28c-.059-17.5-11.299-33.721-28.873-39.304-21.788-6.921-45.063 5.13-51.984 26.92'/><path fill='#00bcd4' d='M32.81 161.347a41.37 41.37 0 0 0 30.043 7.612l18.362 54.878a16.3 16.3 0 0 0-2.621 2.8c-5.338 7.316-3.686 17.611 3.692 22.994 7.377 5.383 17.685 3.815 23.023-3.501 5.34-7.316 3.687-17.61-3.69-22.994a16.53 16.53 0 0 0-8.489-3.13l-22.086-67.718c-9.128 4.87-21.425 4.875-30.402-1.674-12.465-9.097-15.258-26.492-6.237-38.855 7.21-9.88 19.78-13.556 30.9-9.993l4.456-12.536c-16.566-5.525-35.414-.121-46.179 14.631-13.346 18.291-9.214 44.029 9.229 57.486'/><path fill='#8bc34a' d='M245.283 225.838c-3.42-10.583-10.75-18.811-19.884-23.64l17.72-55.05a16.6 16.6 0 0 0 3.796-.739c8.69-2.808 13.47-12.093 10.679-20.737-2.793-8.646-12.102-13.378-20.793-10.57-8.69 2.806-13.472 12.09-10.679 20.736a16.3 16.3 0 0 0 5.036 7.472l-22.334 67.6c10.315 1.374 20.312 8.527 23.71 19.046 4.72 14.61-3.36 30.298-18.044 35.042-11.735 3.791-24.138-.554-31.055-9.908l-11.078 7.543c10.176 14.106 28.706 20.71 46.23 15.048 21.726-7.019 33.678-30.23 26.696-51.843'/><path fill='#a0f' d='M116.724 270.244c9.003-6.587 14.547-16.139 16.291-26.33l57.906-.59a16.5 16.5 0 0 0 1.887 3.366c5.382 7.355 15.706 8.955 23.061 3.574s8.955-15.705 3.575-23.06c-5.382-7.356-15.706-8.956-23.061-3.575a16.4 16.4 0 0 0-5.54 7.137l-71.283.182c1.908 10.217-1.78 21.958-10.73 28.506-12.428 9.093-29.875 6.39-38.968-6.039-7.266-9.932-6.999-23.068-.257-32.585l-10.631-8.123c-10.249 14.11-10.752 33.77.098 48.601 13.453 18.389 39.265 22.389 57.652 8.936'/></svg>",
   "favicon": "<svg viewBox='0 0 32 32'><path fill='#ffd54f' d='m16 24 10 6-4-10 8-8-10-.032L16 2l-4 10H2l8 8-4 10Z'/></svg>",
   "figma": "<svg viewBox='0 0 32 32'><path fill='#f4511e' d='M12 4h4v8h-4a4 4 0 0 1-4-4 4 4 0 0 1 4-4'/><path fill='#ff8a65' d='M20 12h-4V4h4a4 4 0 0 1 4 4 4 4 0 0 1-4 4'/><rect width='8' height='8' x='16' y='12' fill='#29b6f6' rx='4' transform='rotate(180 20 16)'/><path fill='#7c4dff' d='M12 12h4v8h-4a4 4 0 0 1-4-4 4 4 0 0 1 4-4'/><path fill='#00e676' d='M12 20h4v4a4 4 0 0 1-4 4 4 4 0 0 1-4-4 4 4 0 0 1 4-4'/></svg>",
-  "file": "<svg viewBox='0 0 24 24'><path fill='#90a4ae' d='M13 9h5.5L13 3.5zM6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4c0-1.11.89-2 2-2m5 2H6v16h12v-9h-7z'/></svg>",
-  "firebase": "<svg viewBox='0 0 24 24'><path fill='#fbc02d' d='m19.389 18.237-6.742 3.74q-.693.36-1.386 0l-6.65-3.74L16.664 6.092 16.988 6c.277 0 .434.12.461.37zM9.553 6.277 5.35 13.248 7.105 2.212c.028-.25.185-.37.462-.37.185 0 .305.056.37.232l1.985 3.648-.37.554M13.71 7.44l-8.82 8.857 6.696-11.36c.092-.185.23-.268.415-.268s.305.083.37.268z'/></svg>",
+  "file": "<svg viewBox='0 0 16 16'><path fill='#90a4ae' d='M8.668 6h3.664L8.668 2.332zM4 1.332h5.332l4 4v8c0 .738-.594 1.336-1.332 1.336H4a1.33 1.33 0 0 1-1.332-1.336V2.668A1.33 1.33 0 0 1 4 1.332m3.332 1.336H4v10.664h8v-6H7.332z'/></svg>",
+  "firebase": "<svg viewBox='0 0 24 24'><path fill='#ff9100' d='M18.217 8.974c-.45-.623-1.482-1.904-3.07-3.808-.689-.825-1.28-1.526-1.57-1.87l-.408-.48-.173-.205-.094-.11-.018-.027-.008-.004-.4-.47-.509.407a11.1 11.1 0 0 0-3.069 3.866 9.5 9.5 0 0 0-.87 2.647q-.06.303-.1.615a9 9 0 0 0-.577-.03 6.2 6.2 0 0 0-1.901.229l-.265.074-.136.238a8 8 0 0 0-1.044 3.68 8 8 0 0 0 5.006 7.697l.197.079.06.02h.002a8 8 0 0 0 2.452.473q.143.005.286.005a7.9 7.9 0 0 0 3.076-.618l.007.003.261-.12a7.99 7.99 0 0 0 4.643-6.981 8.5 8.5 0 0 0-1.778-5.31M9.837 19.82l-.192-.074-.051-.02a6.31 6.31 0 0 1-3.897-6.048 6.2 6.2 0 0 1 .697-2.667 4.6 4.6 0 0 1 .759-.103l.065-.002a8 8 0 0 1 .378 0c.108.005.215.021.322.034a13 13 0 0 0 .918 4.007 10.1 10.1 0 0 0 2.474 3.61 6.4 6.4 0 0 1-1.473 1.263m.351-5.486a11.4 11.4 0 0 1-.767-3.125 4.6 4.6 0 0 1 .95.461 4.73 4.73 0 0 1 1.94 2.884 5 5 0 0 1 .12.649 4.2 4.2 0 0 1-.288 2.023 8.3 8.3 0 0 1-1.955-2.892m1.741 5.858a8 8 0 0 0 .553-.62c.233.177.485.332.73.495a6.3 6.3 0 0 1-1.283.125m5.432-2.97a6.34 6.34 0 0 1-2.212 2.138 12.4 12.4 0 0 1-1.851-1.15 5.84 5.84 0 0 0 .309-3.998 6.02 6.02 0 0 0-2.504-3.664 6.1 6.1 0 0 0-1.679-.74 8 8 0 0 1 .064-.496 9 9 0 0 1 .465-1.598q.117-.298.253-.584l.004-.007c.14-.282.296-.567.481-.872l.073-.12h-.002a9.2 9.2 0 0 1 1.534-1.824l.227.269c.53.628 1.03 1.222 1.483 1.765 1.02 1.223 2.342 2.828 2.852 3.536a6.8 6.8 0 0 1 1.446 4.242 6.3 6.3 0 0 1-.943 3.104'/></svg>",
   "flash": "<svg viewBox='0 0 24 24'><path fill='#e53935' d='M20.314 2c-2.957 0-5.341 1.104-7.122 3.252-1.427 1.752-2.354 3.93-3.164 6.034-1.663 4.283-2.781 6.741-6.342 6.741V22c2.958 0 5.342-1.03 7.122-3.194 1.133-1.383 1.957-3.135 2.634-4.827h4.665v-3.973h-3.061c1.207-2.575 2.546-3.973 5.268-3.973z'/></svg>",
   "flow": "<svg viewBox='0 0 300 300'><path fill='#fbc02d' fill-opacity='.976' d='m38.75 33.427 77.461 77.47H54.436l61.145 61.16H38.437l93.462 93.478v-77.158l.01-.01v-77.47h-.01V66.982h46.691l20.394 20.393H153.57v76.531h22.05l24.474 24.473h-15.806l-.01-.01v.01h-31.665l-.01-.01v.01h-.313l.313.313v77.148h109.149l-39.2-39.2v-15.806l8.465 8.466v-77.37h-15.682l.017-38.191 30.09 30.086V56.362h-64.874l-22.94-22.934H113.71z'/></svg>",
   "folder-admin-open": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#cfd8dc' d='m25 10-7 3.273v4.908c0 4.542 2.986 8.788 7 9.819 4.014-1.031 7-5.277 7-9.82v-4.907zm0 3.273a2.457 2.457 0 1 1-2.333 2.454A2.396 2.396 0 0 1 25 13.273m3.99 9.817A7.6 7.6 0 0 1 25 26.298a7.6 7.6 0 0 1-3.99-3.208 8.4 8.4 0 0 1-.677-1.25c0-1.352 2.108-2.456 4.667-2.456s4.666 1.08 4.666 2.455a8.3 8.3 0 0 1-.676 1.251'/></svg>",
@@ -175,38 +190,46 @@
   "folder-angular": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='m22 12-6 2v10Zm4 0 6 12V14Zm-.408 8L24 16.034 22.408 20zm-4.789 4L20 26l4 2 4-2-.803-2z'/></svg>",
   "folder-animation-open": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#f8bbd0' d='M25 14a7 7 0 0 0-2 .29 7.04 7.04 0 0 0-4 0 7 7 0 0 0-2-.29 7 7 0 0 0 0 14 7 7 0 0 0 2-.29 7.04 7.04 0 0 0 4 0 7 7 0 0 0 2 .29 7 7 0 0 0 0-14m-13 7a5 5 0 0 1 4.01-4.9 6.98 6.98 0 0 0 0 9.8A5 5 0 0 1 12 21m8.01 4.9a4.999 4.999 0 0 1 0-9.8 6.98 6.98 0 0 0 0 9.8M23 16.41a5.011 5.011 0 0 1 0 9.18 5.011 5.011 0 0 1 0-9.18m2.99 9.49a6.98 6.98 0 0 0 0-9.8 4.999 4.999 0 0 1 0 9.8'/></svg>",
   "folder-animation": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f8bbd0' d='M25 14a7 7 0 0 0-2 .29 7.04 7.04 0 0 0-4 0 7 7 0 0 0-2-.29 7 7 0 0 0 0 14 7 7 0 0 0 2-.29 7.04 7.04 0 0 0 4 0 7 7 0 0 0 2 .29 7 7 0 0 0 0-14m-13 7a5 5 0 0 1 4.01-4.9 6.98 6.98 0 0 0 0 9.8A5 5 0 0 1 12 21m8.01 4.9a4.999 4.999 0 0 1 0-9.8 6.98 6.98 0 0 0 0 9.8M23 16.41a5.011 5.011 0 0 1 0 9.18 5.011 5.011 0 0 1 0-9.18m2.99 9.49a6.98 6.98 0 0 0 0-9.8 4.999 4.999 0 0 1 0 9.8'/></svg>",
-  "folder-ansible-open": "<svg viewBox='0 0 32 32'><path fill='#616161' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#9e9e9e' d='M32 21a9 9 0 1 1-9-9 9.043 9.043 0 0 1 9 9'/><path fill='#FAFAFA' d='m27.929 24.628-4-10a1 1 0 0 0-.93-.628h-.006a1 1 0 0 0-.927.641L18 26h2l1.24-3.638 5.205 3.47a1 1 0 0 0 1.484-1.204m-5.954-4.18 1.043-2.71 1.858 4.644Z'/></svg>",
-  "folder-ansible": "<svg viewBox='0 0 32 32'><path fill='#616161' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#9e9e9e' d='M32 21a9 9 0 1 1-9-9 9.043 9.043 0 0 1 9 9'/><path fill='#FAFAFA' d='m27.929 24.628-4-10a1 1 0 0 0-.93-.628h-.006a1 1 0 0 0-.927.641L18 26h2l1.24-3.638 5.205 3.47a1 1 0 0 0 1.484-1.204m-5.954-4.18 1.043-2.71 1.858 4.644Z'/></svg>",
+  "folder-ansible-open": "<svg viewBox='0 0 32 32'><path fill='#616161' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#9e9e9e' d='M32 21a9 9 0 1 1-9-9 9.043 9.043 0 0 1 9 9'/><path fill='#fafafa' d='m27.929 24.628-4-10a1 1 0 0 0-.93-.628h-.006a1 1 0 0 0-.927.641L18 26h2l1.24-3.638 5.205 3.47a1 1 0 0 0 1.484-1.204m-5.954-4.18 1.043-2.71 1.858 4.644Z'/></svg>",
+  "folder-ansible": "<svg viewBox='0 0 32 32'><path fill='#616161' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#9e9e9e' d='M32 21a9 9 0 1 1-9-9 9.043 9.043 0 0 1 9 9'/><path fill='#fafafa' d='m27.929 24.628-4-10a1 1 0 0 0-.93-.628h-.006a1 1 0 0 0-.927.641L18 26h2l1.24-3.638 5.205 3.47a1 1 0 0 0 1.484-1.204m-5.954-4.18 1.043-2.71 1.858 4.644Z'/></svg>",
   "folder-api-open": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fffde7' d='M20 18h-4v2h6v-6h-2zm8 0v-4h-2v6h6v-2zm-12 8h4v4h2v-6h-6zm10 0v4h2v-4h4v-2h-6z'/></svg>",
   "folder-api": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fffde7' d='M20 18h-4v2h6v-6h-2zm8 0v-4h-2v6h6v-2zm-12 8h4v4h2v-6h-6zm10 0v4h2v-4h4v-2h-6z'/></svg>",
   "folder-apollo-open": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#d1c4e9' d='M25 28h3l-4-12h-4l-4 12h3l.667-2h3.01L22 24h-1.667L22 19z'/><path fill='#d1c4e9' d='M28 12a2 2 0 0 0-.416.045 10.996 10.996 0 0 0-17.102 13.473 1.003 1.003 0 0 0 1.72-1.034A8.986 8.986 0 0 1 26.1 13.406 2 2 0 0 0 26 14a2 2 0 1 0 2-2'/></svg>",
   "folder-apollo": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#d1c4e9' d='M25 28h3l-4-12h-4l-4 12h3l.667-2h3.01L22 24h-1.667L22 19z'/><path fill='#d1c4e9' d='M28 12a2 2 0 0 0-.416.045 10.996 10.996 0 0 0-17.102 13.473 1.003 1.003 0 0 0 1.72-1.034A8.986 8.986 0 0 1 26.1 13.406 2 2 0 0 0 26 14a2 2 0 1 0 2-2'/></svg>",
   "folder-app-open": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M16 12h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4zm-12 6h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4zm-12 6h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4z'/></svg>",
   "folder-app": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M16 12h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4zm-12 6h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4zm-12 6h4v4h-4zm6 0h4v4h-4zm6 0h4v4h-4z'/></svg>",
-  "folder-archive-open": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#d7ccc8' d='M25.375 24.781 20 20.48V14h2v5.52l4.625 3.699z'/><path fill='#d7ccc8' d='M22 30a10 10 0 1 1 10-10 10.01 10.01 0 0 1-10 10m0-18a8 8 0 1 0 8 8 8.01 8.01 0 0 0-8-8'/></svg>",
-  "folder-archive": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#d7ccc8' d='M25.375 24.781 20 20.48V14h2v5.52l4.625 3.699z'/><path fill='#d7ccc8' d='M22 30a10 10 0 1 1 10-10 10.01 10.01 0 0 1-10 10m0-18a8 8 0 1 0 8 8 8.01 8.01 0 0 0-8-8'/></svg>",
+  "folder-archive-open": "<svg viewBox='0 0 1024 1024'><path fill='#ffa726' d='M926.912 384H302.144a64 64 0 0 0-60.736 43.776L128 768V320h768a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848l-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.792-358.784A64 64 0 0 0 926.912 384'/><path fill='#ffe0b2' d='M512 320c-35.456 0-64 28.544-64 64v64c0 35.456 28.544 64 64 64v320c0 35.456 28.544 64 64 64h320c35.456 0 64-28.544 64-64V512c35.456 0 64-28.544 64-64v-64c0-35.456-28.544-64-64-64zm0 64h448v64H512zm128 128h192v64H640z'/></svg>",
+  "folder-archive": "<svg viewBox='0 0 1024 1024'><path fill='#ffa726' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#ffe0b2' d='M512 320c-35.456 0-64 28.544-64 64v64c0 35.456 28.544 64 64 64v320c0 35.456 28.544 64 64 64h320c35.456 0 64-28.544 64-64V512c35.456 0 64-28.544 64-64v-64c0-35.456-28.544-64-64-64zm0 64h448v64H512zm128 128h192v64H640z'/></svg>",
   "folder-astro-open": "<svg viewBox='0 0 32 32'><path fill='#7c4dff' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.367L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#d1c4e9' d='M19.333 27c0-.81.082-1.508 1.3-1.508 0 2.608 1.5 4.508 2.7 4.508 0-3.319 2.667-3.122 2.667-6h-8c0 1.275.158 2.681 1.333 3m5.923-16.385L30 22h-2.333a4 4 0 0 1-3.693-2.462l-1.512-3.63a.5.5 0 0 0-.924 0l-1.512 3.63A4 4 0 0 1 16.333 22H14l4.744-11.385a1 1 0 0 1 .923-.615h4.666a1 1 0 0 1 .923.615'/></svg>",
   "folder-astro": "<svg viewBox='0 0 32 32'><path fill='#7c4dff' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#d1c4e9' d='M19.333 27c0-.81.082-1.508 1.3-1.508 0 2.608 1.5 4.508 2.7 4.508 0-3.319 2.667-3.122 2.667-6h-8c0 1.275.158 2.681 1.333 3m5.923-16.385L30 22h-2.333a4 4 0 0 1-3.693-2.462l-1.512-3.63a.5.5 0 0 0-.924 0l-1.512 3.63A4 4 0 0 1 16.333 22H14l4.744-11.385a1 1 0 0 1 .923-.615h4.666a1 1 0 0 1 .923.615'/></svg>",
+  "folder-attachment-open": "<svg viewBox='0 0 1024 1024'><path fill='#9c27b0' d='M128 192a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.791-358.783A64 64 0 0 0 926.912 384H302.145a64 64 0 0 0-60.737 43.775L128 768V320h768a64 64 0 0 0-64-64H483.969a64 64 0 0 1-40.961-14.848l-41.215-34.304A64 64 0 0 0 360.832 192z'/><path fill='#e1bee7' d='M990.922 446.852c.156 8.69-1.383 17.621-5.131 26.365l-26.271 61.287c.306 3.125.48 6.29.48 9.496 0 53.02-42.98 96-96 96H544c-17.673 0-32-14.327-32-32s14.327-32 32-32h320v-64H544c-53.02 0-96 42.98-96 96s42.98 96 96 96h320c88.366 0 160-71.634 160-160 0-36.586-12.416-70.195-33.078-97.148'/></svg>",
+  "folder-attachment": "<svg viewBox='0 0 1024 1024'><path fill='#9c27b0' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#e1bee7' d='M960 416.219V544c0 53.02-42.98 96-96 96H544c-17.673 0-32-14.327-32-32s14.327-32 32-32h320v-64H544c-53.02 0-96 42.98-96 96s42.98 96 96 96h320c88.366 0 160-71.634 160-160 0-52.295-25.203-98.585-64-127.781'/></svg>",
   "folder-audio-open": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M31.5 12h-5a.5.5 0 0 0-.5.5v8.055a3.9 3.9 0 0 0-3.232-.357 3.999 3.999 0 0 0 1.856 7.755A4.1 4.1 0 0 0 28 23.847V16h3.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/></svg>",
   "folder-audio": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M31.5 12h-5a.5.5 0 0 0-.5.5v8.055a3.9 3.9 0 0 0-3.232-.357 3.999 3.999 0 0 0 1.856 7.755A4.1 4.1 0 0 0 28 23.847V16h3.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/></svg>",
-  "folder-aurelia-open": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><linearGradient id='a' x1='1997.25' x2='2067.763' y1='2029.643' y2='2094.383' gradientTransform='matrix(.3031 0 0 .33012 -592.7 -666.868)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient id='b' x1='2037.862' x2='1999.816' y1='2094.543' y2='2042.593' gradientTransform='matrix(.30439 0 0 .32873 -592.019 -659.828)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#7B1FA2'/><stop offset='.29' stop-color='#AD1457'/><stop offset='.84' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient><linearGradient xlink:href='#a' id='c' x1='1810.238' x2='1876.912' y1='2182.482' y2='2275.279' gradientTransform='matrix(.3299 0 0 .30331 -593.502 -657.724)'/><linearGradient xlink:href='#a' id='d' x1='1884.666' x2='1966.686' y1='2101.188' y2='2168.469' gradientTransform='matrix(.31601 0 0 .31665 -588.323 -661.081)'/><linearGradient xlink:href='#a' id='e' x1='1908.618' x2='1985.086' y1='2130.411' y2='2197.794' gradientTransform='matrix(.31642 0 0 .31622 -597.877 -663.436)'/><linearGradient xlink:href='#b' id='f' x1='2058.454' x2='2020.313' y1='2123.223' y2='2071.047' gradientTransform='matrix(.30448 0 0 .32864 -597.026 -667.345)'/><linearGradient xlink:href='#a' id='g' x1='1999.965' x2='2070.546' y1='2025.692' y2='2103.839' gradientTransform='matrix(.30312 0 0 .33012 -592.673 -666.844)'/><linearGradient id='h' x1='2320.079' x2='2361.512' y1='1768.801' y2='1727.83' gradientTransform='matrix(.31084 .06202 -.06177 .30959 -596.669 -665.256)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#7B1FA2'/><stop offset='.53' stop-color='#AD1457'/><stop offset='.79' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient></defs><path fill='#f06292' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='url(#a)' d='m25.787 15.333-1.671 1.144-1.72-2.646 1.67-1.144Z'/><path fill='url(#b)' d='M27.145 23.283 30 27.672 26.6 30l-2.855-4.389-.498-.765 3.4-2.328Z'/><path fill='url(#c)' d='m22.864 26.215.628.966-2.588 1.772-1.127-1.732.566-.387 2.023-1.385Z'/><path fill='url(#d)' d='m28.56 21.208.727-.497 1.126 1.732-1.671 1.144-.628-.967.945-.647Zm-.447 1.412-.497-.765.945-.647.498.765Z'/><path fill='url(#e)' d='m16.844 21.457-.565.387-1.72-2.647 2.587-1.772 1.206 1.855-2.022 1.385 2.023-1.385.515.791Z'/><path fill='url(#f)' d='m22.635 16.348.515.79-3.4 2.329-.515-.791-2.828-4.348 3.4-2.328Z'/><path fill='url(#g)' d='m25.062 15.83-.945.647-.515-.792-1.206-1.855 1.67-1.144 1.722 2.646Z'/><path fill='#673AB7' d='m20.84 27.6-.497-.765 2.023-1.386.497.766Zm7.273-4.98-.498-.764.945-.647.498.765Z'/><path fill='#AB47BC' d='m16.844 21.457-.515-.791 2.023-1.385.515.79Z'/><path fill='#7E57C2' d='m24.117 16.477-.514-.791.945-.648.514.791Z'/><path fill='#880E4F' d='m27.145 23.283-3.4 2.328-.497-.766 3.399-2.328Z'/><path fill='#AD1457' d='m22.635 16.347.515.792-3.4 2.329-.515-.793Z'/><path fill='#AB47BC' d='m15.88 15.715.642.986-.962.659-.642-.987Z'/><path fill='#7E57C2' d='m19.346 27.545.642.987-.962.659-.641-.988Z'/><path fill='url(#h)' d='M16.815 28.539 14 24.175l15.048-10.328L32 18.142Z'/></svg>",
-  "folder-aurelia": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><linearGradient id='a' x1='1900.681' x2='1971.195' y1='2029.643' y2='2094.383' gradientTransform='matrix(.3031 0 0 .33012 -563.43 -666.868)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#7E57C2'/></linearGradient><linearGradient id='b' x1='1941.881' x2='1903.835' y1='2094.543' y2='2042.593' gradientTransform='matrix(.30439 0 0 .32873 -562.803 -659.828)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#7B1FA2'/><stop offset='.29' stop-color='#AD1457'/><stop offset='.84' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient><linearGradient xlink:href='#a' id='c' x1='1724.927' x2='1791.601' y1='2182.482' y2='2275.279' gradientTransform='matrix(.3299 0 0 .30331 -565.358 -657.724)'/><linearGradient xlink:href='#a' id='d' x1='1793.759' x2='1875.779' y1='2101.188' y2='2168.469' gradientTransform='matrix(.31601 0 0 .31665 -559.595 -661.081)'/><linearGradient xlink:href='#a' id='e' x1='1817.883' x2='1894.351' y1='2130.411' y2='2197.794' gradientTransform='matrix(.31642 0 0 .31622 -569.167 -663.436)'/><linearGradient xlink:href='#b' id='f' x1='1962.514' x2='1924.373' y1='2123.223' y2='2071.047' gradientTransform='matrix(.30448 0 0 .32864 -567.814 -667.345)'/><linearGradient xlink:href='#a' id='g' x1='1903.406' x2='1973.987' y1='2025.692' y2='2103.839' gradientTransform='matrix(.30312 0 0 .33012 -563.404 -666.844)'/><linearGradient id='h' x1='2232.134' x2='2273.567' y1='1794.832' y2='1753.862' gradientTransform='matrix(.31084 .06202 -.06177 .30959 -567.724 -667.861)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7E57C2'/><stop offset='.14' stop-color='#7B1FA2'/><stop offset='.53' stop-color='#AD1457'/><stop offset='.79' stop-color='#C2185B'/><stop offset='1' stop-color='#EC407A'/></linearGradient></defs><path fill='#f06292' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='url(#a)' d='m25.787 15.333-1.671 1.144-1.72-2.646 1.67-1.144Z'/><path fill='url(#b)' d='M27.145 23.283 30 27.672 26.6 30l-2.855-4.389-.498-.765 3.4-2.328Z'/><path fill='url(#c)' d='m22.864 26.215.628.966-2.588 1.772-1.127-1.732.566-.387 2.023-1.385Z'/><path fill='url(#d)' d='m28.56 21.208.727-.497 1.126 1.732-1.671 1.144-.628-.967.945-.647Zm-.447 1.412-.497-.765.945-.647.498.765Z'/><path fill='url(#e)' d='m16.844 21.457-.565.387-1.72-2.647 2.587-1.772 1.206 1.855-2.022 1.385 2.023-1.385.515.791Z'/><path fill='url(#f)' d='m22.635 16.348.515.79-3.4 2.329-.515-.791-2.828-4.348 3.4-2.328Z'/><path fill='url(#g)' d='m25.062 15.83-.945.647-.515-.792-1.206-1.855 1.67-1.144 1.722 2.646Z'/><path fill='#673AB7' d='m20.84 27.6-.497-.765 2.023-1.386.497.766Zm7.273-4.98-.498-.764.945-.647.498.765Z'/><path fill='#AB47BC' d='m16.844 21.457-.515-.791 2.023-1.385.515.79Z'/><path fill='#7E57C2' d='m24.117 16.477-.514-.791.945-.648.514.791Z'/><path fill='#880E4F' d='m27.145 23.283-3.4 2.328-.497-.766 3.399-2.328Z'/><path fill='#AD1457' d='m22.635 16.347.515.792-3.4 2.329-.515-.793Z'/><path fill='#AB47BC' d='m15.88 15.715.642.986-.962.659-.642-.987Z'/><path fill='#7E57C2' d='m19.346 27.545.642.987-.962.659-.641-.988Z'/><path fill='url(#h)' d='M16.815 28.539 14 24.175l15.048-10.328L32 18.142Z'/></svg>",
+  "folder-aurelia-open": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><linearGradient id='a' x1='1997.25' x2='2067.763' y1='2029.643' y2='2094.383' gradientTransform='matrix(.3031 0 0 .33012 -592.7 -666.868)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient id='b' x1='2037.862' x2='1999.816' y1='2094.543' y2='2042.593' gradientTransform='matrix(.30439 0 0 .32873 -592.019 -659.828)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#7b1fa2'/><stop offset='.29' stop-color='#ad1457'/><stop offset='.84' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient><linearGradient xlink:href='#a' id='c' x1='1810.238' x2='1876.912' y1='2182.482' y2='2275.279' gradientTransform='matrix(.3299 0 0 .30331 -593.502 -657.724)'/><linearGradient xlink:href='#a' id='d' x1='1884.666' x2='1966.686' y1='2101.188' y2='2168.469' gradientTransform='matrix(.31601 0 0 .31665 -588.323 -661.081)'/><linearGradient xlink:href='#a' id='e' x1='1908.618' x2='1985.086' y1='2130.411' y2='2197.794' gradientTransform='matrix(.31642 0 0 .31622 -597.877 -663.436)'/><linearGradient xlink:href='#b' id='f' x1='2058.454' x2='2020.313' y1='2123.223' y2='2071.047' gradientTransform='matrix(.30448 0 0 .32864 -597.026 -667.345)'/><linearGradient xlink:href='#a' id='g' x1='1999.965' x2='2070.546' y1='2025.692' y2='2103.839' gradientTransform='matrix(.30312 0 0 .33012 -592.673 -666.844)'/><linearGradient id='h' x1='2320.079' x2='2361.512' y1='1768.801' y2='1727.83' gradientTransform='rotate(11.284 3068.743 -3352.564)scale(.31697 .3157)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#7b1fa2'/><stop offset='.53' stop-color='#ad1457'/><stop offset='.79' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient></defs><path fill='#f06292' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='url(#a)' d='m25.787 15.333-1.671 1.144-1.72-2.646 1.67-1.144Z'/><path fill='url(#b)' d='M27.145 23.283 30 27.672 26.6 30l-2.855-4.389-.498-.765 3.4-2.328Z'/><path fill='url(#c)' d='m22.864 26.215.628.966-2.588 1.772-1.127-1.732.566-.387 2.023-1.385Z'/><path fill='url(#d)' d='m28.56 21.208.727-.497 1.126 1.732-1.671 1.144-.628-.967.945-.647Zm-.447 1.412-.497-.765.945-.647.498.765Z'/><path fill='url(#e)' d='m16.844 21.457-.565.387-1.72-2.647 2.587-1.772 1.206 1.855-2.022 1.385 2.023-1.385.515.791Z'/><path fill='url(#f)' d='m22.635 16.348.515.79-3.4 2.329-.515-.791-2.828-4.348 3.4-2.328Z'/><path fill='url(#g)' d='m25.062 15.83-.945.647-.515-.792-1.206-1.855 1.67-1.144 1.722 2.646Z'/><path fill='#673ab7' d='m20.84 27.6-.497-.765 2.023-1.386.497.766Zm7.273-4.98-.498-.764.945-.647.498.765Z'/><path fill='#ab47bc' d='m16.844 21.457-.515-.791 2.023-1.385.515.79Z'/><path fill='#7e57c2' d='m24.117 16.477-.514-.791.945-.648.514.791Z'/><path fill='#880e4f' d='m27.145 23.283-3.4 2.328-.497-.766 3.399-2.328Z'/><path fill='#ad1457' d='m22.635 16.347.515.792-3.4 2.329-.515-.793Z'/><path fill='#ab47bc' d='m15.88 15.715.642.986-.962.659-.642-.987Z'/><path fill='#7e57c2' d='m19.346 27.545.642.987-.962.659-.641-.988Z'/><path fill='url(#h)' d='M16.815 28.539 14 24.175l15.048-10.328L32 18.142Z'/></svg>",
+  "folder-aurelia": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><linearGradient id='a' x1='1900.681' x2='1971.195' y1='2029.643' y2='2094.383' gradientTransform='matrix(.3031 0 0 .33012 -563.43 -666.868)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#7e57c2'/></linearGradient><linearGradient id='b' x1='1941.881' x2='1903.835' y1='2094.543' y2='2042.593' gradientTransform='matrix(.30439 0 0 .32873 -562.803 -659.828)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#7b1fa2'/><stop offset='.29' stop-color='#ad1457'/><stop offset='.84' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient><linearGradient xlink:href='#a' id='c' x1='1724.927' x2='1791.601' y1='2182.482' y2='2275.279' gradientTransform='matrix(.3299 0 0 .30331 -565.358 -657.724)'/><linearGradient xlink:href='#a' id='d' x1='1793.759' x2='1875.779' y1='2101.188' y2='2168.469' gradientTransform='matrix(.31601 0 0 .31665 -559.595 -661.081)'/><linearGradient xlink:href='#a' id='e' x1='1817.883' x2='1894.351' y1='2130.411' y2='2197.794' gradientTransform='matrix(.31642 0 0 .31622 -569.167 -663.436)'/><linearGradient xlink:href='#b' id='f' x1='1962.514' x2='1924.373' y1='2123.223' y2='2071.047' gradientTransform='matrix(.30448 0 0 .32864 -567.814 -667.345)'/><linearGradient xlink:href='#a' id='g' x1='1903.406' x2='1973.987' y1='2025.692' y2='2103.839' gradientTransform='matrix(.30312 0 0 .33012 -563.404 -666.844)'/><linearGradient id='h' x1='2232.134' x2='2273.567' y1='1794.832' y2='1753.862' gradientTransform='rotate(11.284 3096.4 -3207.367)scale(.31697 .3157)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7e57c2'/><stop offset='.14' stop-color='#7b1fa2'/><stop offset='.53' stop-color='#ad1457'/><stop offset='.79' stop-color='#c2185b'/><stop offset='1' stop-color='#ec407a'/></linearGradient></defs><path fill='#f06292' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='url(#a)' d='m25.787 15.333-1.671 1.144-1.72-2.646 1.67-1.144Z'/><path fill='url(#b)' d='M27.145 23.283 30 27.672 26.6 30l-2.855-4.389-.498-.765 3.4-2.328Z'/><path fill='url(#c)' d='m22.864 26.215.628.966-2.588 1.772-1.127-1.732.566-.387 2.023-1.385Z'/><path fill='url(#d)' d='m28.56 21.208.727-.497 1.126 1.732-1.671 1.144-.628-.967.945-.647Zm-.447 1.412-.497-.765.945-.647.498.765Z'/><path fill='url(#e)' d='m16.844 21.457-.565.387-1.72-2.647 2.587-1.772 1.206 1.855-2.022 1.385 2.023-1.385.515.791Z'/><path fill='url(#f)' d='m22.635 16.348.515.79-3.4 2.329-.515-.791-2.828-4.348 3.4-2.328Z'/><path fill='url(#g)' d='m25.062 15.83-.945.647-.515-.792-1.206-1.855 1.67-1.144 1.722 2.646Z'/><path fill='#673ab7' d='m20.84 27.6-.497-.765 2.023-1.386.497.766Zm7.273-4.98-.498-.764.945-.647.498.765Z'/><path fill='#ab47bc' d='m16.844 21.457-.515-.791 2.023-1.385.515.79Z'/><path fill='#7e57c2' d='m24.117 16.477-.514-.791.945-.648.514.791Z'/><path fill='#880e4f' d='m27.145 23.283-3.4 2.328-.497-.766 3.399-2.328Z'/><path fill='#ad1457' d='m22.635 16.347.515.792-3.4 2.329-.515-.793Z'/><path fill='#ab47bc' d='m15.88 15.715.642.986-.962.659-.642-.987Z'/><path fill='#7e57c2' d='m19.346 27.545.642.987-.962.659-.641-.988Z'/><path fill='url(#h)' d='M16.815 28.539 14 24.175l15.048-10.328L32 18.142Z'/></svg>",
   "folder-aws-open": "<svg viewBox='0 0 32 32'><path fill='#ffb300' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffecb3' d='M27.881 19.23a6.591 6.591 0 0 0-12.308-1.76 5.278 5.278 0 0 0 .572 10.525h11.428a4.388 4.388 0 0 0 .308-8.766Z'/></svg>",
   "folder-aws": "<svg viewBox='0 0 32 32'><path fill='#ffb300' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffecb3' d='M27.881 19.23a6.591 6.591 0 0 0-12.308-1.76 5.278 5.278 0 0 0 .572 10.525h11.428a4.388 4.388 0 0 0 .308-8.766Z'/></svg>",
   "folder-azure-pipelines-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='m28 22 3.724-1.862a.5.5 0 0 0 .276-.447V12.5a.5.5 0 0 0-.5-.5h-7.191a.5.5 0 0 0-.447.276L22 16h-5.5a.5.5 0 0 0-.5.5V20l1.172 1.172 1.414-1.415L20 21.172l-1.414 1.414 2.828 2.828L22.828 24l1.415 1.414-1.415 1.414L24 28h3.5a.5.5 0 0 0 .5-.5Zm0-4a2 2 0 1 1 2-2 2 2 0 0 1-2 2M16 28v-4h-2v6h6v-2z'/></svg>",
   "folder-azure-pipelines": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='m28 22 3.724-1.862a.5.5 0 0 0 .276-.447V12.5a.5.5 0 0 0-.5-.5h-7.191a.5.5 0 0 0-.447.276L22 16h-5.5a.5.5 0 0 0-.5.5V20l1.172 1.172 1.414-1.415L20 21.172l-1.414 1.414 2.828 2.828L22.828 24l1.415 1.414-1.415 1.414L24 28h3.5a.5.5 0 0 0 .5-.5Zm0-4a2 2 0 1 1 2-2 2 2 0 0 1-2 2M16 28v-4h-2v6h6v-2z'/></svg>",
+  "folder-backup-open": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#d7ccc8' d='M25.375 24.781 20 20.48V14h2v5.52l4.625 3.699z'/><path fill='#d7ccc8' d='M22 30a10 10 0 1 1 10-10 10.01 10.01 0 0 1-10 10m0-18a8 8 0 1 0 8 8 8.01 8.01 0 0 0-8-8'/></svg>",
+  "folder-backup": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#d7ccc8' d='M25.375 24.781 20 20.48V14h2v5.52l4.625 3.699z'/><path fill='#d7ccc8' d='M22 30a10 10 0 1 1 10-10 10.01 10.01 0 0 1-10 10m0-18a8 8 0 1 0 8 8 8.01 8.01 0 0 0-8-8'/></svg>",
   "folder-base-open": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><rect width='18' height='6' x='14' y='22' fill='#d7ccc8' rx='1'/></svg>",
   "folder-base": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><rect width='18' height='6' x='14' y='22' fill='#d7ccc8' rx='1'/></svg>",
   "folder-batch-open": "<svg viewBox='0 0 32 32'><path fill='#616161' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bdbdbd' d='M16 14h12v2H16zm0 4h12v2H16zm0 4h8v2h-8zm10 0v6l6-3z'/></svg>",
   "folder-batch": "<svg viewBox='0 0 32 32'><path fill='#616161' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bdbdbd' d='M16 14h12v2H16zm0 4h12v2H16zm0 4h8v2h-8zm10 0v6l6-3z'/></svg>",
   "folder-benchmark-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M20 12a9.99 9.99 0 0 0-7.99 16h2.71A7.993 7.993 0 0 1 20 14a8 8 0 0 1 1.69.18c.73-.44 1.51-.9 2.28-1.35A9.8 9.8 0 0 0 20 12m9.12 5.92c-.41.73-.86 1.52-1.32 2.33A7.8 7.8 0 0 1 28 22a7.97 7.97 0 0 1-2.72 6h2.71A9.93 9.93 0 0 0 30 22a9.8 9.8 0 0 0-.88-4.08'/><path fill='#bbdefb' d='M17.172 19.172c1.562-1.563 11.313-5.657 11.313-5.657s-4.094 9.751-5.657 11.313a4 4 0 0 1-5.656-5.656'/></svg>",
   "folder-benchmark": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M20 12a9.99 9.99 0 0 0-7.99 16h2.71A7.993 7.993 0 0 1 20 14a8 8 0 0 1 1.69.18c.73-.44 1.51-.9 2.28-1.35A9.8 9.8 0 0 0 20 12m9.12 5.92c-.41.73-.86 1.52-1.32 2.33A7.8 7.8 0 0 1 28 22a7.97 7.97 0 0 1-2.72 6h2.71A9.93 9.93 0 0 0 30 22a9.8 9.8 0 0 0-.88-4.08'/><path fill='#bbdefb' d='M17.172 19.172c1.562-1.563 11.313-5.657 11.313-5.657s-4.094 9.751-5.657 11.313a4 4 0 0 1-5.656-5.656'/></svg>",
+  "folder-bibliography-open": "<svg viewBox='0 0 1024 1024'><path fill='#a1887f' d='M926.912 384H302.144a64 64 0 0 0-60.736 43.776L128 768V320h768a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848l-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.792-358.784A64 64 0 0 0 926.912 384'/><path fill='#8d6e63' d='M576 704v128c0 35.456 28.544 64 64 64h352c17.728 0 32-14.272 32-32V704z'/><path fill='#ffe082' d='M896 768v64h64v-64z'/><path fill='#fff8e1' d='M640 768c0 35.456 28.544 64 64 64h256c-35.346 0-64-28.654-64-64z'/><path fill='#ff1744' d='M704 800h64v160h-64z'/><path fill='#d7ccc8' d='M640 320c-35.456 0-64 28.544-64 64v448c0-35.346 28.654-64 64-64h352c17.728 0 32-14.272 32-32V352c0-17.728-14.272-32-32-32z'/><path fill='#5d4037' d='M640 384v32h32c32 0 32 7.163 32 16v224c0 8.837 0 16-32 16h-32v32h192c70.692 0 128-39.399 128-88-.014-40.302-39.848-75.446-96.688-85.305C884.346 514.563 895.986 493.665 896 472c0-48.601-57.308-88-128-88zm143.873 33.736C811.541 423.914 832 445.866 832 472c0 30.928-28.654 56-64 56v-96c0-8.837 7.266-16.186 15.873-14.264M768 560h64c35.346 0 64 25.072 64 56s-28.654 56-64 56h-48a16 16 0 0 1-16-16z'/></svg>",
+  "folder-bibliography": "<svg viewBox='0 0 1024 1024'><path fill='#a1887f' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#8d6e63' d='M576 704v128c0 35.456 28.544 64 64 64h352c17.728 0 32-14.272 32-32V704z'/><path fill='#ffe082' d='M896 768v64h64v-64z'/><path fill='#fff8e1' d='M640 768c0 35.456 28.544 64 64 64h256c-35.346 0-64-28.654-64-64z'/><path fill='#ff1744' d='M704 800h64v160h-64z'/><path fill='#d7ccc8' d='M640 320c-35.456 0-64 28.544-64 64v448c0-35.346 28.654-64 64-64h352c17.728 0 32-14.272 32-32V352c0-17.728-14.272-32-32-32z'/><path fill='#5d4037' d='M640 384v32h32c32 0 32 7.163 32 16v224c0 8.837 0 16-32 16h-32v32h192c70.692 0 128-39.399 128-88-.014-40.302-39.848-75.446-96.688-85.305C884.346 514.563 895.986 493.665 896 472c0-48.601-57.308-88-128-88zm143.873 33.736C811.541 423.914 832 445.866 832 472c0 30.928-28.654 56-64 56v-96c0-8.837 7.266-16.186 15.873-14.264M768 560h64c35.346 0 64 25.072 64 56s-28.654 56-64 56h-48a16 16 0 0 1-16-16z'/></svg>",
   "folder-bicep-open": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fff9c4' d='M15 25s1.15-11.115 4-15l4 1-1 3h-2v7h2c1.9-2.915 5.381-4.255 7.755-3.19 3.134 1.453 2.85 5.831 0 7.769C27.475 27.137 20.699 28.885 15 25'/></svg>",
   "folder-bicep": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fff9c4' d='M15 25s1.15-11.115 4-15l4 1-1 3h-2v7h2c1.9-2.915 5.381-4.255 7.755-3.19 3.134 1.453 2.85 5.831 0 7.769C27.475 27.137 20.699 28.885 15 25'/></svg>",
-  "folder-bloc-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#26A69A' d='M29 12H9.4c-.9 0-1.6.6-1.9 1.4L4 24V10h24c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.2-1.3-.5l-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h22l4.8-11.2c.4-1 0-2.2-1-2.6-.3-.1-.6-.2-.8-.2'/><path fill='#B2DFDB' d='m25 12 7 4.198v8.103L25 28.5l-7-4.212V16.21z'/></svg>",
-  "folder-bloc": "<svg fill='none' viewBox='0 0 32 32'><path fill='#26A69A' d='m13.8 7.5-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h24c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.1-1.3-.5'/><path fill='#B2DFDB' d='m25 12 7 4.198v8.103L25 28.5l-7-4.212V16.21z'/></svg>",
-  "folder-bower-open": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#5d4037' d='M31.598 20.789c-1.028-1.012-6.166-1.644-7.786-1.827a5 5 0 0 0 .2-.589 6 6 0 0 1 .707-.269c.03.092.171.439.251.605a3.165 3.165 0 0 0 3.533-2.78 3 3 0 0 0 .027-.407 4 4 0 0 1 1.241-2.574c-1.666-.498-4.062.77-4.864 2.657a5 5 0 0 0-.902-.253A4.396 4.396 0 0 0 19.75 12a8.07 8.07 0 0 0-7.746 8.364l.002.07c0 4.46 2.97 8.365 4.647 8.365a1.65 1.65 0 0 0 1.511-1.067c.124.346.505 1.42.63 1.694.184.404 1.04.755 1.414.335a1.355 1.355 0 0 0 1.843-.292 1.36 1.36 0 0 0 1.724-.89 1 1 0 0 0 .039-.149c.454-.026.678-.68.578-1.2a13 13 0 0 0-1.159-2.234c.604.503 2.132.645 2.317 0 .973.782 2.488.372 2.61-.264 1.18.314 2.536-.376 2.314-1.213a1.63 1.63 0 0 0 1.525-1.719 1.66 1.66 0 0 0-.401-1.011'/><path fill='#03a9f4' d='M26.252 16.374a7.4 7.4 0 0 1 1.57-2.302 4.14 4.14 0 0 0-1.836 2.12 6 6 0 0 0-.646-.37 4.2 4.2 0 0 1 3.424-2.419c-.999.928-.644 2.855-1.464 3.876a11 11 0 0 0-1.048-.906Zm-.646 1.354a4 4 0 0 1 .035-.39 3.4 3.4 0 0 0-.6-.082 2.4 2.4 0 0 0 .208.889 3.05 3.05 0 0 0 1.629-.462 5.5 5.5 0 0 0-1.099-.318c-.04.085-.137.3-.173.362Z'/><path fill='#4caf50' d='M22.847 24.304v.003a11 11 0 0 1-.32-.805c.475.708 1.962.343 1.884-.292.728.562 2.226-.093 1.885-.88.73.348 1.561-.352 1.375-.657 1.243.245 2.434.49 2.808.588a1.43 1.43 0 0 1-1.667.505c.46.643-.434 1.414-1.68.99.274.63-.835 1.2-2.096.541.016.632-1.565.705-2.19.007Zm2.465-3.193c1.443.113 3.828.334 5.305.545-.093-.492-.348-.633-1.15-.854-.862.095-3.05.315-4.155.309'/><path fill='#ffca28' d='M24.41 23.21c.729.562 2.227-.093 1.886-.88.73.348 1.561-.352 1.375-.657-1.47-.29-3.012-.582-3.361-.633a53 53 0 0 1 1.002.07c1.106.007 3.293-.213 4.156-.307a41 41 0 0 0-6.216-1.023 3 3 0 0 1-.55.615 4.82 4.82 0 0 1-4.15 3.108 5.5 5.5 0 0 1-1.697-.293 3.54 3.54 0 0 1-3.432.074 6.94 6.94 0 0 0 6.356 4.321c2.335 0 3.37-2.443 3.143-3.09-.055-.156-.272-.677-.394-1.013.474.708 1.961.343 1.883-.291Z'/><path fill='#e0e0e0' d='M22.996 18.294a6.7 6.7 0 0 1 1.597-.724q-.016-.116-.023-.233c-.446.11-1.285.478-1.766-.03 1.015.314 1.521-.28 2.268-.28a4.7 4.7 0 0 1 1.579.329 5.27 5.27 0 0 0-3.355-1.534 2.45 2.45 0 0 0-.3 2.472'/><path fill='#f4511e' d='M16.855 23.21a5.5 5.5 0 0 0 1.698.293 4.82 4.82 0 0 0 4.148-3.109 5.25 5.25 0 0 1-3.473 1.011 5.42 5.42 0 0 0 3.54-2.294 3.14 3.14 0 0 1 .314-3.836 3.52 3.52 0 0 0-3.333-2.4 7.174 7.174 0 0 0-6.893 7.431l.004.127a7.4 7.4 0 0 0 .563 2.85 3.54 3.54 0 0 0 3.432-.074Z'/><path fill='#ffca28' d='M17.985 16.619a1.74 1.74 0 1 0 1.74-1.783 1.76 1.76 0 0 0-1.74 1.783'/><path fill='#5d4037' d='M18.683 16.619a1.042 1.042 0 1 0 1.042-1.068 1.055 1.055 0 0 0-1.042 1.068'/><ellipse cx='19.725' cy='16.145' fill='#FAFAFA' rx='.607' ry='.387'/></svg>",
-  "folder-bower": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#5d4037' d='M31.598 20.789c-1.028-1.012-6.166-1.644-7.786-1.827a5 5 0 0 0 .2-.589 6 6 0 0 1 .707-.269c.03.092.171.439.251.605a3.165 3.165 0 0 0 3.533-2.78 3 3 0 0 0 .027-.407 4 4 0 0 1 1.241-2.574c-1.666-.498-4.062.77-4.864 2.657a5 5 0 0 0-.902-.253A4.396 4.396 0 0 0 19.75 12a8.07 8.07 0 0 0-7.746 8.364l.002.07c0 4.46 2.97 8.365 4.647 8.365a1.65 1.65 0 0 0 1.511-1.067c.124.346.505 1.42.63 1.694.184.404 1.04.755 1.414.335a1.355 1.355 0 0 0 1.843-.292 1.36 1.36 0 0 0 1.724-.89 1 1 0 0 0 .039-.149c.454-.026.678-.68.578-1.2a13 13 0 0 0-1.159-2.234c.604.503 2.132.645 2.317 0 .973.782 2.488.372 2.61-.264 1.18.314 2.536-.376 2.314-1.213a1.63 1.63 0 0 0 1.525-1.719 1.66 1.66 0 0 0-.401-1.011'/><path fill='#03a9f4' d='M26.252 16.374a7.4 7.4 0 0 1 1.57-2.302 4.14 4.14 0 0 0-1.836 2.12 6 6 0 0 0-.646-.37 4.2 4.2 0 0 1 3.424-2.419c-.999.928-.644 2.855-1.464 3.876a11 11 0 0 0-1.048-.906Zm-.646 1.354a4 4 0 0 1 .035-.39 3.4 3.4 0 0 0-.6-.082 2.4 2.4 0 0 0 .208.889 3.05 3.05 0 0 0 1.629-.462 5.5 5.5 0 0 0-1.099-.318c-.04.085-.137.3-.173.362Z'/><path fill='#4caf50' d='M22.847 24.304v.003a11 11 0 0 1-.32-.805c.475.708 1.962.343 1.884-.292.728.562 2.226-.093 1.885-.88.73.348 1.561-.352 1.375-.657 1.243.245 2.434.49 2.808.588a1.43 1.43 0 0 1-1.667.505c.46.643-.434 1.414-1.68.99.274.63-.835 1.2-2.096.541.016.632-1.565.705-2.19.007Zm2.465-3.193c1.443.113 3.828.334 5.305.545-.093-.492-.348-.633-1.15-.854-.862.095-3.05.315-4.155.309'/><path fill='#ffca28' d='M24.41 23.21c.729.562 2.227-.093 1.886-.88.73.348 1.561-.352 1.375-.657-1.47-.29-3.012-.582-3.361-.633a53 53 0 0 1 1.002.07c1.106.007 3.293-.213 4.156-.307a41 41 0 0 0-6.216-1.023 3 3 0 0 1-.55.615 4.82 4.82 0 0 1-4.15 3.108 5.5 5.5 0 0 1-1.697-.293 3.54 3.54 0 0 1-3.432.074 6.94 6.94 0 0 0 6.356 4.321c2.335 0 3.37-2.443 3.143-3.09-.055-.156-.272-.677-.394-1.013.474.708 1.961.343 1.883-.291Z'/><path fill='#e0e0e0' d='M22.996 18.294a6.7 6.7 0 0 1 1.597-.724q-.016-.116-.023-.233c-.446.11-1.285.478-1.766-.03 1.015.314 1.521-.28 2.268-.28a4.7 4.7 0 0 1 1.579.329 5.27 5.27 0 0 0-3.355-1.534 2.45 2.45 0 0 0-.3 2.472'/><path fill='#f4511e' d='M16.855 23.21a5.5 5.5 0 0 0 1.698.293 4.82 4.82 0 0 0 4.148-3.109 5.25 5.25 0 0 1-3.473 1.011 5.42 5.42 0 0 0 3.54-2.294 3.14 3.14 0 0 1 .314-3.836 3.52 3.52 0 0 0-3.333-2.4 7.174 7.174 0 0 0-6.893 7.431l.004.127a7.4 7.4 0 0 0 .563 2.85 3.54 3.54 0 0 0 3.432-.074Z'/><path fill='#ffca28' d='M17.985 16.619a1.74 1.74 0 1 0 1.74-1.783 1.76 1.76 0 0 0-1.74 1.783'/><path fill='#5d4037' d='M18.683 16.619a1.042 1.042 0 1 0 1.042-1.068 1.055 1.055 0 0 0-1.042 1.068'/><ellipse cx='19.725' cy='16.145' fill='#FAFAFA' rx='.607' ry='.387'/></svg>",
+  "folder-blender-open": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><g fill='#ffe0b2' fill-rule='evenodd'><path d='M19.716 20.926a3.215 3.215 0 0 1 3.21-3.216 3.215 3.215 0 0 1 3.22 3.206 3.215 3.215 0 0 1-3.2 3.224 3.215 3.215 0 0 1-3.23-3.195z' paint-order='stroke fill markers'/><path d='m25.595 13.309-2.8-2.862s-.957-.987-1.943-.03-.03 1.943-.03 1.943l.107.17c.445.444.907.88 1.353 1.324h-7.715s-1.286 0-1.286 1.285c0 1.286 1.286 1.286 1.286 1.286h2.572l-3.858 3.858-.857.907s-.967.966 0 1.933c.966.966 1.933 0 1.933 0l1.496-1.554.04.122q.039.357.112.701a7.08 7.08 0 0 0 5.528 5.47q.692.14 1.425.137a7.073 7.073 0 0 0 7.04-7.094c0-3.505-2.572-5.766-4.403-7.597zm-2.676 3.116a4.5 4.5 0 1 1-4.494 4.529v-.028a4.5 4.5 0 0 1 4.494-4.5'/></g></svg>",
+  "folder-blender": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g fill='#ffe0b2' fill-rule='evenodd'><path d='M19.716 20.926a3.215 3.215 0 0 1 3.21-3.216 3.215 3.215 0 0 1 3.22 3.206 3.215 3.215 0 0 1-3.2 3.224 3.215 3.215 0 0 1-3.23-3.195z' paint-order='stroke fill markers'/><path d='m25.595 13.309-2.8-2.862s-.957-.987-1.943-.03-.03 1.943-.03 1.943l.107.17c.445.444.907.88 1.353 1.324h-7.715s-1.286 0-1.286 1.285c0 1.286 1.286 1.286 1.286 1.286h2.572l-3.858 3.858-.857.907s-.967.966 0 1.933c.966.966 1.933 0 1.933 0l1.496-1.554.04.122q.039.357.112.701a7.08 7.08 0 0 0 5.528 5.47q.692.14 1.425.137a7.073 7.073 0 0 0 7.04-7.094c0-3.505-2.572-5.766-4.403-7.597zm-2.676 3.116a4.5 4.5 0 1 1-4.494 4.529v-.028a4.5 4.5 0 0 1 4.494-4.5'/></g></svg>",
+  "folder-bloc-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#26a69a' d='M29 12H9.4c-.9 0-1.6.6-1.9 1.4L4 24V10h24c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.2-1.3-.5l-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h22l4.8-11.2c.4-1 0-2.2-1-2.6-.3-.1-.6-.2-.8-.2'/><path fill='#b2dfdb' d='m25 12 7 4.198v8.103L25 28.5l-7-4.212V16.21z'/></svg>",
+  "folder-bloc": "<svg fill='none' viewBox='0 0 32 32'><path fill='#26a69a' d='m13.8 7.5-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h24c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.1-1.3-.5'/><path fill='#b2dfdb' d='m25 12 7 4.198v8.103L25 28.5l-7-4.212V16.21z'/></svg>",
+  "folder-bower-open": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#5d4037' d='M31.598 20.789c-1.028-1.012-6.166-1.644-7.786-1.827a5 5 0 0 0 .2-.589 6 6 0 0 1 .707-.269c.03.092.171.439.251.605a3.165 3.165 0 0 0 3.533-2.78 3 3 0 0 0 .027-.407 4 4 0 0 1 1.241-2.574c-1.666-.498-4.062.77-4.864 2.657a5 5 0 0 0-.902-.253A4.396 4.396 0 0 0 19.75 12a8.07 8.07 0 0 0-7.746 8.364l.002.07c0 4.46 2.97 8.365 4.647 8.365a1.65 1.65 0 0 0 1.511-1.067c.124.346.505 1.42.63 1.694.184.404 1.04.755 1.414.335a1.355 1.355 0 0 0 1.843-.292 1.36 1.36 0 0 0 1.724-.89 1 1 0 0 0 .039-.149c.454-.026.678-.68.578-1.2a13 13 0 0 0-1.159-2.234c.604.503 2.132.645 2.317 0 .973.782 2.488.372 2.61-.264 1.18.314 2.536-.376 2.314-1.213a1.63 1.63 0 0 0 1.525-1.719 1.66 1.66 0 0 0-.401-1.011'/><path fill='#03a9f4' d='M26.252 16.374a7.4 7.4 0 0 1 1.57-2.302 4.14 4.14 0 0 0-1.836 2.12 6 6 0 0 0-.646-.37 4.2 4.2 0 0 1 3.424-2.419c-.999.928-.644 2.855-1.464 3.876a11 11 0 0 0-1.048-.906Zm-.646 1.354a4 4 0 0 1 .035-.39 3.4 3.4 0 0 0-.6-.082 2.4 2.4 0 0 0 .208.889 3.05 3.05 0 0 0 1.629-.462 5.5 5.5 0 0 0-1.099-.318c-.04.085-.137.3-.173.362Z'/><path fill='#4caf50' d='M22.847 24.304v.003a11 11 0 0 1-.32-.805c.475.708 1.962.343 1.884-.292.728.562 2.226-.093 1.885-.88.73.348 1.561-.352 1.375-.657 1.243.245 2.434.49 2.808.588a1.43 1.43 0 0 1-1.667.505c.46.643-.434 1.414-1.68.99.274.63-.835 1.2-2.096.541.016.632-1.565.705-2.19.007Zm2.465-3.193c1.443.113 3.828.334 5.305.545-.093-.492-.348-.633-1.15-.854-.862.095-3.05.315-4.155.309'/><path fill='#ffca28' d='M24.41 23.21c.729.562 2.227-.093 1.886-.88.73.348 1.561-.352 1.375-.657-1.47-.29-3.012-.582-3.361-.633a53 53 0 0 1 1.002.07c1.106.007 3.293-.213 4.156-.307a41 41 0 0 0-6.216-1.023 3 3 0 0 1-.55.615 4.82 4.82 0 0 1-4.15 3.108 5.5 5.5 0 0 1-1.697-.293 3.54 3.54 0 0 1-3.432.074 6.94 6.94 0 0 0 6.356 4.321c2.335 0 3.37-2.443 3.143-3.09-.055-.156-.272-.677-.394-1.013.474.708 1.961.343 1.883-.291Z'/><path fill='#e0e0e0' d='M22.996 18.294a6.7 6.7 0 0 1 1.597-.724q-.016-.116-.023-.233c-.446.11-1.285.478-1.766-.03 1.015.314 1.521-.28 2.268-.28a4.7 4.7 0 0 1 1.579.329 5.27 5.27 0 0 0-3.355-1.534 2.45 2.45 0 0 0-.3 2.472'/><path fill='#f4511e' d='M16.855 23.21a5.5 5.5 0 0 0 1.698.293 4.82 4.82 0 0 0 4.148-3.109 5.25 5.25 0 0 1-3.473 1.011 5.42 5.42 0 0 0 3.54-2.294 3.14 3.14 0 0 1 .314-3.836 3.52 3.52 0 0 0-3.333-2.4 7.174 7.174 0 0 0-6.893 7.431l.004.127a7.4 7.4 0 0 0 .563 2.85 3.54 3.54 0 0 0 3.432-.074Z'/><path fill='#ffca28' d='M17.985 16.619a1.74 1.74 0 1 0 1.74-1.783 1.76 1.76 0 0 0-1.74 1.783'/><path fill='#5d4037' d='M18.683 16.619a1.042 1.042 0 1 0 1.042-1.068 1.055 1.055 0 0 0-1.042 1.068'/><ellipse cx='19.725' cy='16.145' fill='#fafafa' rx='.607' ry='.387'/></svg>",
+  "folder-bower": "<svg viewBox='0 0 32 32'><path fill='#8d6e63' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#5d4037' d='M31.598 20.789c-1.028-1.012-6.166-1.644-7.786-1.827a5 5 0 0 0 .2-.589 6 6 0 0 1 .707-.269c.03.092.171.439.251.605a3.165 3.165 0 0 0 3.533-2.78 3 3 0 0 0 .027-.407 4 4 0 0 1 1.241-2.574c-1.666-.498-4.062.77-4.864 2.657a5 5 0 0 0-.902-.253A4.396 4.396 0 0 0 19.75 12a8.07 8.07 0 0 0-7.746 8.364l.002.07c0 4.46 2.97 8.365 4.647 8.365a1.65 1.65 0 0 0 1.511-1.067c.124.346.505 1.42.63 1.694.184.404 1.04.755 1.414.335a1.355 1.355 0 0 0 1.843-.292 1.36 1.36 0 0 0 1.724-.89 1 1 0 0 0 .039-.149c.454-.026.678-.68.578-1.2a13 13 0 0 0-1.159-2.234c.604.503 2.132.645 2.317 0 .973.782 2.488.372 2.61-.264 1.18.314 2.536-.376 2.314-1.213a1.63 1.63 0 0 0 1.525-1.719 1.66 1.66 0 0 0-.401-1.011'/><path fill='#03a9f4' d='M26.252 16.374a7.4 7.4 0 0 1 1.57-2.302 4.14 4.14 0 0 0-1.836 2.12 6 6 0 0 0-.646-.37 4.2 4.2 0 0 1 3.424-2.419c-.999.928-.644 2.855-1.464 3.876a11 11 0 0 0-1.048-.906Zm-.646 1.354a4 4 0 0 1 .035-.39 3.4 3.4 0 0 0-.6-.082 2.4 2.4 0 0 0 .208.889 3.05 3.05 0 0 0 1.629-.462 5.5 5.5 0 0 0-1.099-.318c-.04.085-.137.3-.173.362Z'/><path fill='#4caf50' d='M22.847 24.304v.003a11 11 0 0 1-.32-.805c.475.708 1.962.343 1.884-.292.728.562 2.226-.093 1.885-.88.73.348 1.561-.352 1.375-.657 1.243.245 2.434.49 2.808.588a1.43 1.43 0 0 1-1.667.505c.46.643-.434 1.414-1.68.99.274.63-.835 1.2-2.096.541.016.632-1.565.705-2.19.007Zm2.465-3.193c1.443.113 3.828.334 5.305.545-.093-.492-.348-.633-1.15-.854-.862.095-3.05.315-4.155.309'/><path fill='#ffca28' d='M24.41 23.21c.729.562 2.227-.093 1.886-.88.73.348 1.561-.352 1.375-.657-1.47-.29-3.012-.582-3.361-.633a53 53 0 0 1 1.002.07c1.106.007 3.293-.213 4.156-.307a41 41 0 0 0-6.216-1.023 3 3 0 0 1-.55.615 4.82 4.82 0 0 1-4.15 3.108 5.5 5.5 0 0 1-1.697-.293 3.54 3.54 0 0 1-3.432.074 6.94 6.94 0 0 0 6.356 4.321c2.335 0 3.37-2.443 3.143-3.09-.055-.156-.272-.677-.394-1.013.474.708 1.961.343 1.883-.291Z'/><path fill='#e0e0e0' d='M22.996 18.294a6.7 6.7 0 0 1 1.597-.724q-.016-.116-.023-.233c-.446.11-1.285.478-1.766-.03 1.015.314 1.521-.28 2.268-.28a4.7 4.7 0 0 1 1.579.329 5.27 5.27 0 0 0-3.355-1.534 2.45 2.45 0 0 0-.3 2.472'/><path fill='#f4511e' d='M16.855 23.21a5.5 5.5 0 0 0 1.698.293 4.82 4.82 0 0 0 4.148-3.109 5.25 5.25 0 0 1-3.473 1.011 5.42 5.42 0 0 0 3.54-2.294 3.14 3.14 0 0 1 .314-3.836 3.52 3.52 0 0 0-3.333-2.4 7.174 7.174 0 0 0-6.893 7.431l.004.127a7.4 7.4 0 0 0 .563 2.85 3.54 3.54 0 0 0 3.432-.074Z'/><path fill='#ffca28' d='M17.985 16.619a1.74 1.74 0 1 0 1.74-1.783 1.76 1.76 0 0 0-1.74 1.783'/><path fill='#5d4037' d='M18.683 16.619a1.042 1.042 0 1 0 1.042-1.068 1.055 1.055 0 0 0-1.042 1.068'/><ellipse cx='19.725' cy='16.145' fill='#fafafa' rx='.607' ry='.387'/></svg>",
   "folder-buildkite-open": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c8e6c9' d='m20 24-6-2v-6l6 2zm10-2h-4v-6l6 4z'/><path fill='#a5d6a7' d='m20 24 6-2v-6l-6 2zm6 4 6-2v-6l-6 2z'/></svg>",
   "folder-buildkite": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#c8e6c9' d='m20 24-6-2v-6l6 2zm10-2h-4v-6l6 4z'/><path fill='#a5d6a7' d='m20 24 6-2v-6l-6 2zm6 4 6-2v-6l-6 2z'/></svg>",
   "folder-cart-open": "<svg viewBox='0 0 32 32'><path fill='#009688' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><circle cx='20' cy='26' r='2' fill='#b2dfdb'/><circle cx='28' cy='26' r='2' fill='#b2dfdb'/><path fill='#b2dfdb' d='M30.613 12H18.22l-.4-2H14v2h2.18l1.84 9.196A1 1 0 0 0 19 22h11v-2H19.82l-.4-2H30l1.561-4.684A1 1 0 0 0 30.613 12'/></svg>",
@@ -223,8 +246,10 @@
   "folder-client": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M15 12a1 1 0 0 0-1 1v10.994h-4v4h12v-4h-6V14h14v-2.006Z'/><path fill='#b3e5fc' d='M31 16h-6a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h6a1 1 0 0 0 1-1V17a1 1 0 0 0-1-1m-1 8h-4v-6h4Z'/></svg>",
   "folder-cline-open": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M23 12a2 2 0 0 0-2 2h-1c-2.216 0-4 1.784-4 4l-2 3 2 3c0 2.216 1.784 4 4 4h6c2.216 0 4-1.784 4-4l2-3-2-3c0-2.216-1.784-4-4-4h-1a2 2 0 0 0-2-2m-2 6c.554 0 1 .446 1 1v4c0 .554-.446 1-1 1s-1-.446-1-1v-4c0-.554.446-1 1-1m4 0c.554 0 1 .446 1 1v4c0 .554-.446 1-1 1s-1-.446-1-1v-4c0-.554.446-1 1-1'/></svg>",
   "folder-cline": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M23 12a2 2 0 0 0-2 2h-1c-2.216 0-4 1.784-4 4l-2 3 2 3c0 2.216 1.784 4 4 4h6c2.216 0 4-1.784 4-4l2-3-2-3c0-2.216-1.784-4-4-4h-1a2 2 0 0 0-2-2m-2 6c.554 0 1 .446 1 1v4c0 .554-.446 1-1 1s-1-.446-1-1v-4c0-.554.446-1 1-1m4 0c.554 0 1 .446 1 1v4c0 .554-.446 1-1 1s-1-.446-1-1v-4c0-.554.446-1 1-1'/></svg>",
-  "folder-cloudflare-open": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#EFEBE9' d='M27.881 19.229a6.591 6.591 0 0 0-12.308-1.759 5.278 5.278 0 0 0 .572 10.524h11.428a4.388 4.388 0 0 0 .308-8.765'/></svg>",
-  "folder-cloudflare": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#EFEBE9' d='M27.881 19.229a6.591 6.591 0 0 0-12.308-1.759 5.278 5.278 0 0 0 .572 10.524h11.428a4.388 4.388 0 0 0 .308-8.765'/></svg>",
+  "folder-cloud-functions-open": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 32 32'><defs><path id='a' fill='#bbdefb' d='m26 14 2-2 4 4-2 2z'/></defs><path fill='#2196f3' fill-rule='nonzero' d='M28.967 12H9.442c-.859 0-1.627.553-1.898 1.368L4 24V10h24c0-1.097-.903-2-2-2H15.124c-.468 0-.921-.164-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4c-1.097 0-2 .903-2 2v16c0 1.097.903 2 2 2h22l4.805-11.212c.107-.249.162-.517.162-.788 0-1.097-.903-2-2-2'/><path fill='#bbdefb' d='M21.982 17.988h2.037v1.996h-2.037zm-2.983.021h2.037v1.996h-2.037zm5.998 0h1.996v1.996h-1.996zM29 14h3v10h-3z'/><use xlink:href='#a' transform='translate(0 -2)'/><use xlink:href='#a' transform='matrix(1 0 0 -1 0 40)'/><path fill='#bbdefb' d='M14 14h3v10h-3z'/><use xlink:href='#a' transform='matrix(-1 0 0 1 46 -2)'/><use xlink:href='#a' transform='rotate(180 23 20)'/></svg>",
+  "folder-cloud-functions": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 32 32'><defs><path id='a' fill='#bbdefb' d='m26 14 2-2 4 4-2 2z'/></defs><path fill='#2196f3' fill-rule='nonzero' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4c-1.097 0-2 .903-2 2v16c0 1.097.903 2 2 2h24c1.097 0 2-.903 2-2V10c0-1.097-.903-2-2-2H15.124c-.468 0-.921-.164-1.28-.464'/><path fill='#bbdefb' d='M21.982 17.988h2.037v1.996h-2.037zm-2.983.021h2.037v1.996h-2.037zm5.998 0h1.996v1.996h-1.996zM29 14h3v10h-3z'/><use xlink:href='#a' transform='translate(0 -2)'/><use xlink:href='#a' transform='matrix(1 0 0 -1 0 40)'/><path fill='#bbdefb' d='M14 14h3v10h-3z'/><use xlink:href='#a' transform='matrix(-1 0 0 1 46 -2)'/><use xlink:href='#a' transform='rotate(180 23 20)'/></svg>",
+  "folder-cloudflare-open": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#efebe9' d='M27.881 19.229a6.591 6.591 0 0 0-12.308-1.759 5.278 5.278 0 0 0 .572 10.524h11.428a4.388 4.388 0 0 0 .308-8.765'/></svg>",
+  "folder-cloudflare": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#efebe9' d='M27.881 19.229a6.591 6.591 0 0 0-12.308-1.759 5.278 5.278 0 0 0 .572 10.524h11.428a4.388 4.388 0 0 0 .308-8.765'/></svg>",
   "folder-cluster-open": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><circle cx='21' cy='15' r='3' fill='#b2dfdb'/><circle cx='17' cy='23' r='3' fill='#b2dfdb'/><circle cx='27' cy='27' r='3' fill='#b2dfdb'/></svg>",
   "folder-cluster": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><circle cx='21' cy='15' r='3' fill='#b2dfdb'/><circle cx='17' cy='23' r='3' fill='#b2dfdb'/><circle cx='27' cy='27' r='3' fill='#b2dfdb'/></svg>",
   "folder-cobol-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M23.448 10.106a10 10 0 0 0-2.896 0l-.634 1.653a8.5 8.5 0 0 0-2.273.942l-1.618-.72a10 10 0 0 0-2.047 2.046l.721 1.618a8.5 8.5 0 0 0-.942 2.273l-1.653.634a10 10 0 0 0 0 2.896l1.653.634a8.5 8.5 0 0 0 .942 2.273l-.72 1.618a10 10 0 0 0 2.046 2.047l1.618-.721a8.5 8.5 0 0 0 2.273.942l.634 1.653a10 10 0 0 0 2.896 0l.634-1.653a8.5 8.5 0 0 0 2.273-.942l1.618.72a10 10 0 0 0 2.047-2.046l-.721-1.618a8.5 8.5 0 0 0 .942-2.273l1.653-.634a10 10 0 0 0 0-2.896l-1.653-.634a8.5 8.5 0 0 0-.942-2.273l.72-1.618a10 10 0 0 0-2.046-2.047l-1.618.721a8.5 8.5 0 0 0-2.273-.942ZM22 13.592A6.408 6.408 0 1 1 15.592 20 6.41 6.41 0 0 1 22 13.592'/><path fill='#b3e5fc' d='M24.607 22.602a3.62 3.62 0 1 1-.006-5.118l.006.006-1.28 1.278a1.81 1.81 0 1 0-.004 2.56l.004-.004Z'/></svg>",
@@ -255,8 +280,8 @@
   "folder-core": "<svg viewBox='0 0 32 32'><path fill='#1976d2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M18 14v10h10V14Zm8 8h-6v-6h6ZM14 12h2v-2a2 2 0 0 0-2 2m4-2h2v2h-2zm4 0h2v2h-2zm4 0h2v2h-2zm4 0v2h2a2 2 0 0 0-2-2m0 4h2v2h-2zm0 4h2v2h-2zm0 4h2v2h-2zm0 6a2 2 0 0 0 2-2h-2Zm-4-2h2v2h-2zm-4 0h2v2h-2zm-4 0h2v2h-2zm-2 2v-2h-2a2 2 0 0 0 2 2m-2-6h2v2h-2zm0-4h2v2h-2zm0-4h2v2h-2z'/></svg>",
   "folder-coverage-open": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b2dfdb' d='m23.444 23.265-3.11-3.156 1.095-1.112 2.015 2.035 5.127-5.2 1.096 1.12M25 10l-7 4v4.53A9.8 9.8 0 0 0 25 28a9.8 9.8 0 0 0 7-9.47V14Z'/></svg>",
   "folder-coverage": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b2dfdb' d='m23.444 23.265-3.11-3.156 1.095-1.112 2.015 2.035 5.127-5.2 1.096 1.12M25 10l-7 4v4.53A9.8 9.8 0 0 0 25 28a9.8 9.8 0 0 0 7-9.47V14Z'/></svg>",
-  "folder-css-open": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='m13.19 10-.79 4h15.33l-.49 2H12.01l-.79 4h15.3l-.84 3.99L18 26.36l-4-2.37.46-1.99h-3.63L10 26.2l8 3.8 10.75-3.64 1.31-6.57.26-1.32L32 10z'/></svg>",
-  "folder-css": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='m13.19 9.95-.79 4h15.33l-.49 2H12.01l-.79 4h15.3l-.84 3.99L18 26.31l-4-2.37.46-1.99h-3.63l-.83 4.2 8 3.8 10.75-3.64 1.31-6.57.26-1.32L32 9.95z'/></svg>",
+  "folder-css-open": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><path id='a' fill='#d1c4e9' d='M14 20v-2h-2v8h2v-2h2v2a2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2v-8a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2v2Zm10 0v-2a2 2 0 0 0-2-2h-2a2 2 0 0 0-2 2v2c0 .839.357 2.34 2.746 2.966C21.437 23.15 22 23.612 22 24v2h-2v-2h-2v2a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2v-2a3.345 3.345 0 0 0-2.746-2.967C20 20.703 20 20.193 20 20v-2h2v2Zm8 0v-2a2 2 0 0 0-2-2h-2a2 2 0 0 0-2 2v2c0 .839.357 2.34 2.746 2.966C29.437 23.15 30 23.612 30 24v2h-2v-2h-2v2a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2v-2a3.345 3.345 0 0 0-2.746-2.967C28 20.703 28 20.193 28 20v-2h2v2Z'/></defs><path fill='#7e57c2' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><use xlink:href='#a'/><use xlink:href='#a'/></svg>",
+  "folder-css": "<svg xmlns:xlink='http://www.w3.org/1999/xlink' viewBox='0 0 32 32'><defs><path id='a' fill='#d1c4e9' d='M14 20v-2h-2v8h2v-2h2v2a2 2 0 0 1-2 2h-2a2 2 0 0 1-2-2v-8a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2v2Zm10 0v-2a2 2 0 0 0-2-2h-2a2 2 0 0 0-2 2v2c0 .839.357 2.34 2.746 2.966C21.438 23.15 22 23.612 22 24v2h-2v-2h-2v2a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2v-2a3.345 3.345 0 0 0-2.746-2.967C20 20.703 20 20.193 20 20v-2h2v2Zm8 0v-2a2 2 0 0 0-2-2h-2a2 2 0 0 0-2 2v2c0 .839.357 2.34 2.746 2.966C29.438 23.15 30 23.612 30 24v2h-2v-2h-2v2a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2v-2a3.345 3.345 0 0 0-2.746-2.967C28 20.703 28 20.193 28 20v-2h2v2Z'/></defs><path fill='#7e57c2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><use xlink:href='#a'/><use xlink:href='#a'/></svg>",
   "folder-custom-open": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' d='M26.017 24 22 28h10v-4zm-2.724-9.293L14 24v4h4l9.293-9.293a1 1 0 0 0 0-1.414l-2.586-2.586a1 1 0 0 0-1.414 0'/></svg>",
   "folder-custom": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' d='M26.017 24 22 28h10v-4zm-2.724-9.293L14 24v4h4l9.293-9.293a1 1 0 0 0 0-1.414l-2.586-2.586a1 1 0 0 0-1.414 0'/></svg>",
   "folder-cypress-open": "<svg viewBox='0 0 32 32'><path fill='#009688' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b2dfdb' d='M22.999 10A8.994 8.994 0 0 0 14 18.99V19a8.994 8.994 0 0 0 8.988 9H23a8.994 8.994 0 0 0 9-8.988V19a9.017 9.017 0 0 0-9.001-9m-4.222 10.931a1.41 1.41 0 0 0 1.242.557 1.9 1.9 0 0 0 .755-.133 6.4 6.4 0 0 0 .817-.425l.916 1.31a3.9 3.9 0 0 1-2.585.916 4.05 4.05 0 0 1-2.028-.49 3.3 3.3 0 0 1-1.31-1.44 5.04 5.04 0 0 1-.457-2.194 5.2 5.2 0 0 1 .456-2.193 3.46 3.46 0 0 1 1.312-1.503 3.6 3.6 0 0 1 1.996-.525 3.7 3.7 0 0 1 1.407.23 4.2 4.2 0 0 1 1.21.72l-.915 1.243a3.6 3.6 0 0 0-.754-.427 2.1 2.1 0 0 0-.785-.131c-1.112 0-1.669.852-1.669 2.585a3.24 3.24 0 0 0 .393 1.899Zm9 2.03a4.7 4.7 0 0 1-1.505 2.323 4.9 4.9 0 0 1-2.75.95l-.228-1.537a3.74 3.74 0 0 0 1.67-.526 4 4 0 0 0 .391-.391l-2.716-8.707h2.257l1.572 6.513 1.67-6.513h2.193Z'/></svg>",
@@ -273,8 +298,8 @@
   "folder-delta": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f8bbd0' d='M23 17.699 28.337 26H17.663zM23 14l-9 14h18z'/></svg>",
   "folder-desktop-open": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M30 12H14a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h6v2h-2v2h8v-2h-2v-2h6a2 2 0 0 0 2-2V14a2 2 0 0 0-2-2m0 12H14V14h16Z'/></svg>",
   "folder-desktop": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M30 12H14a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h6v2h-2v2h8v-2h-2v-2h6a2 2 0 0 0 2-2V14a2 2 0 0 0-2-2m0 12H14V14h16Z'/></svg>",
-  "folder-development-open.clone": "<svg viewBox='0 0 32 32'><path fill='#0288D1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#CFD8DC' d='M18.473 30a1 1 0 0 1-.238-.028 1.137 1.137 0 0 1-.828-1.323L20.5 12.905a1.13 1.13 0 0 1 .507-.744 1.06 1.06 0 0 1 .8-.134 1.14 1.14 0 0 1 .828 1.324l-3.101 15.744a1.12 1.12 0 0 1-.504.743 1.06 1.06 0 0 1-.557.162m6.2-2h-.077a1.08 1.08 0 0 1-.762-.412 1.164 1.164 0 0 1 .113-1.548l5.319-4.967-5.296-4.623a1.165 1.165 0 0 1-.162-1.544 1.08 1.08 0 0 1 .754-.437 1.06 1.06 0 0 1 .81.258l6.244 5.455a1.156 1.156 0 0 1 .003 1.723l-6.218 5.808a1.07 1.07 0 0 1-.729.289Zm-9.31 0a1.07 1.07 0 0 1-.728-.292l-6.226-5.811a1.16 1.16 0 0 1-.01-1.692l.02-.018 6.246-5.454a1.03 1.03 0 0 1 .8-.26 1.08 1.08 0 0 1 .76.436 1.165 1.165 0 0 1-.16 1.547l-5.294 4.62 5.32 4.964a1.156 1.156 0 0 1 .112 1.548 1.07 1.07 0 0 1-.762.412Z'/></svg>",
-  "folder-development.clone": "<svg viewBox='0 0 32 32'><path fill='#0288D1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#CFD8DC' d='M18.435 30a1 1 0 0 1-.238-.028 1.137 1.137 0 0 1-.828-1.323l3.093-15.744a1.13 1.13 0 0 1 .507-.744 1.06 1.06 0 0 1 .8-.134 1.14 1.14 0 0 1 .828 1.324l-3.1 15.744a1.12 1.12 0 0 1-.505.743 1.06 1.06 0 0 1-.557.162m6.2-2h-.077a1.08 1.08 0 0 1-.762-.412 1.164 1.164 0 0 1 .113-1.548l5.32-4.967-5.297-4.623a1.165 1.165 0 0 1-.162-1.544 1.08 1.08 0 0 1 .754-.437 1.06 1.06 0 0 1 .81.258l6.244 5.455a1.156 1.156 0 0 1 .004 1.723l-6.22 5.808a1.07 1.07 0 0 1-.728.289Zm-9.31 0a1.07 1.07 0 0 1-.728-.292l-6.225-5.811a1.16 1.16 0 0 1-.01-1.692l.02-.018 6.246-5.454a1.03 1.03 0 0 1 .8-.26 1.08 1.08 0 0 1 .758.436 1.165 1.165 0 0 1-.16 1.547l-5.293 4.62 5.32 4.964a1.156 1.156 0 0 1 .112 1.548 1.07 1.07 0 0 1-.762.412Z'/></svg>",
+  "folder-development-open.clone": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M18.473 30a1 1 0 0 1-.238-.028 1.137 1.137 0 0 1-.828-1.323L20.5 12.905a1.13 1.13 0 0 1 .507-.744 1.06 1.06 0 0 1 .8-.134 1.14 1.14 0 0 1 .828 1.324l-3.101 15.744a1.12 1.12 0 0 1-.504.743 1.06 1.06 0 0 1-.557.162m6.2-2h-.077a1.08 1.08 0 0 1-.762-.412 1.164 1.164 0 0 1 .113-1.548l5.319-4.967-5.296-4.623a1.165 1.165 0 0 1-.162-1.544 1.08 1.08 0 0 1 .754-.437 1.06 1.06 0 0 1 .81.258l6.244 5.455a1.156 1.156 0 0 1 .003 1.723l-6.218 5.808a1.07 1.07 0 0 1-.729.289Zm-9.31 0a1.07 1.07 0 0 1-.728-.292l-6.226-5.811a1.16 1.16 0 0 1-.01-1.692l.02-.018 6.246-5.454a1.03 1.03 0 0 1 .8-.26 1.08 1.08 0 0 1 .76.436 1.165 1.165 0 0 1-.16 1.547l-5.294 4.62 5.32 4.964a1.156 1.156 0 0 1 .112 1.548 1.07 1.07 0 0 1-.762.412Z'/></svg>",
+  "folder-development.clone": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M18.435 30a1 1 0 0 1-.238-.028 1.137 1.137 0 0 1-.828-1.323l3.093-15.744a1.13 1.13 0 0 1 .507-.744 1.06 1.06 0 0 1 .8-.134 1.14 1.14 0 0 1 .828 1.324l-3.1 15.744a1.12 1.12 0 0 1-.505.743 1.06 1.06 0 0 1-.557.162m6.2-2h-.077a1.08 1.08 0 0 1-.762-.412 1.164 1.164 0 0 1 .113-1.548l5.32-4.967-5.297-4.623a1.165 1.165 0 0 1-.162-1.544 1.08 1.08 0 0 1 .754-.437 1.06 1.06 0 0 1 .81.258l6.244 5.455a1.156 1.156 0 0 1 .004 1.723l-6.22 5.808a1.07 1.07 0 0 1-.728.289Zm-9.31 0a1.07 1.07 0 0 1-.728-.292l-6.225-5.811a1.16 1.16 0 0 1-.01-1.692l.02-.018 6.246-5.454a1.03 1.03 0 0 1 .8-.26 1.08 1.08 0 0 1 .758.436 1.165 1.165 0 0 1-.16 1.547l-5.293 4.62 5.32 4.964a1.156 1.156 0 0 1 .112 1.548 1.07 1.07 0 0 1-.762.412Z'/></svg>",
   "folder-directive-open": "<svg viewBox='0 0 16 16'><path fill='#f44336' d='M14.484 6H4.72a1 1 0 0 0-.949.684L2 12V5h12a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232l-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h11l2.403-5.606A1 1 0 0 0 14.483 6'/><g fill='#ffcdd2'><path d='m11.5 6.001-1.5 2h3z'/><path d='M11 7v2h1V7zm-1 3H8v1.001h2z'/><path d='m9 9-2 1.5L9 12zm2 3h1v2h-1Z'/><path d='m10 13 1.5 2 1.5-2Zm2.715-3v1.001H15v-1Z'/><path d='m14 9 2 1.5-2 1.5Z'/></g></svg>",
   "folder-directive": "<svg viewBox='0 0 16 16'><path fill='#f44336' d='m6.922 3.768-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232'/><g fill='#ffcdd2'><path d='m11.5 6.001-1.5 2h3z'/><path d='M11 7v2h1V7zm-1 3H8v1.001h2z'/><path d='m9 9-2 1.5L9 12zm2 3h1v2h-1Z'/><path d='m10 13 1.5 2 1.5-2Zm3-3v1.001h2v-1Z'/><path d='m14 9 2 1.5-2 1.5Z'/></g></svg>",
   "folder-dist-open": "<svg viewBox='0 0 32 32'><path fill='#e57373' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M30 14h-4v-2l-2-2h-4l-2 2v2h-4a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2V16a2 2 0 0 0-2-2m-10 0v-2h4v2Z'/></svg>",
@@ -303,22 +328,24 @@
   "folder-examples": "<svg viewBox='0 0 32 32'><path fill='#009688' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b2dfdb' d='M16 14v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V14a2 2 0 0 0-2-2H18a2 2 0 0 0-2 2m2 0h2a2 2 0 0 1-2 2Zm0 4a4 4 0 0 0 4-4h2a6.005 6.005 0 0 1-6 6Zm0 8 4-4 1.6 1.6L26 20l4 6Z'/></svg>",
   "folder-expo-open": "<svg viewBox='0 0 32 32'><path fill='#1976d2' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M25.182 13.148c-.663-1.013-.82-1.148-2.17-1.148h-.032c-1.35 0-1.499.135-2.17 1.148C20.187 14.1 14 25.473 14 25.79a2.5 2.5 0 0 0 .545 1.513c.434.626 1.183.974 1.728.42.37-.373 4.34-7.24 6.257-9.837a.575.575 0 0 1 .94 0c1.916 2.597 5.887 9.464 6.257 9.837.545.554 1.294.204 1.728-.42A2.5 2.5 0 0 0 32 25.79c-.008-.317-6.195-11.699-6.818-12.642'/></svg>",
   "folder-expo": "<svg viewBox='0 0 32 32'><path fill='#1976d2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M25.182 13.148c-.663-1.013-.82-1.148-2.17-1.148h-.032c-1.35 0-1.499.135-2.17 1.148C20.187 14.1 14 25.473 14 25.79a2.5 2.5 0 0 0 .545 1.513c.434.626 1.183.974 1.728.42.37-.373 4.34-7.24 6.257-9.837a.575.575 0 0 1 .94 0c1.916 2.597 5.887 9.464 6.257 9.837.545.554 1.294.204 1.728-.42A2.5 2.5 0 0 0 32 25.79c-.008-.317-6.195-11.699-6.818-12.642'/></svg>",
-  "folder-export-open": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#EFEBE9' fill-opacity='.949' d='M25 14a7 7 0 1 0 7 7 7 7 0 0 0-7-7m-5 8v-2h10v2Z'/></svg>",
-  "folder-export": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#EFEBE9' fill-opacity='.949' d='M25 14a7 7 0 1 0 7 7 7 7 0 0 0-7-7m-5 8v-2h10v2Z'/></svg>",
+  "folder-export-open": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#efebe9' fill-opacity='.949' d='M25 14a7 7 0 1 0 7 7 7 7 0 0 0-7-7m-5 8v-2h10v2Z'/></svg>",
+  "folder-export": "<svg viewBox='0 0 32 32'><path fill='#ff8a65' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#efebe9' fill-opacity='.949' d='M25 14a7 7 0 1 0 7 7 7 7 0 0 0-7-7m-5 8v-2h10v2Z'/></svg>",
   "folder-fastlane-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#e3f2fd' d='m15.508 21.618 1.272 3.936a1.456 1.456 0 0 0-.06 1.922 1.35 1.35 0 0 0 .937.486l.1.003a1.33 1.33 0 0 0 .894-.346 1.4 1.4 0 0 0 .207-.231 1.446 1.446 0 0 0-.307-1.972 1.36 1.36 0 0 0-.597-.256l-1.586-5.037a.16.16 0 0 0-.092-.101.15.15 0 0 0-.134.007 1.92 1.92 0 0 1-2.059-.113 1.995 1.995 0 0 1-.423-2.72 1.84 1.84 0 0 1 2.088-.697.16.16 0 0 0 .199-.102l.325-.95a.17.17 0 0 0-.007-.128.16.16 0 0 0-.093-.084 3 3 0 0 0-.978-.167h-.039A3.215 3.215 0 0 0 12 18.296a3.3 3.3 0 0 0 1.321 2.698 3.08 3.08 0 0 0 2.187.624'/><path fill='#e3f2fd' d='M15.802 17.146a1.35 1.35 0 0 0-1.787.535 1.45 1.45 0 0 0-.157 1.074 1.4 1.4 0 0 0 .622.875 1.33 1.33 0 0 0 .706.203 1.36 1.36 0 0 0 1.176-.685 1.47 1.47 0 0 0 .177-.971l4.14-3.149a.17.17 0 0 0 .065-.122.17.17 0 0 0-.05-.13 2.09 2.09 0 0 1-.556-2.063 1.883 1.883 0 0 1 2.383-1.262 1.95 1.95 0 0 1 1.31 1.823.16.16 0 0 0 .155.161l.983.02a.2.2 0 0 0 .114-.047.17.17 0 0 0 .048-.117 3.34 3.34 0 0 0-.945-2.333A3.12 3.12 0 0 0 21.939 10a4 4 0 0 0-.293.014 3.14 3.14 0 0 0-2.162 1.182 3.4 3.4 0 0 0-.457 3.457Zm10.842 10.755a1.4 1.4 0 0 0 .736-.77 1.45 1.45 0 0 0-.005-1.083 1.38 1.38 0 0 0-.744-.763 1.3 1.3 0 0 0-1.047.005 1.4 1.4 0 0 0-.693.672l-5.12.014a.16.16 0 0 0-.123.06.17.17 0 0 0-.033.135 2.08 2.08 0 0 1-.724 2 1.82 1.82 0 0 1-1.4.355 1.86 1.86 0 0 1-1.233-.773 2 2 0 0 1-.016-2.286.17.17 0 0 0-.033-.226l-.778-.613a.15.15 0 0 0-.12-.032.16.16 0 0 0-.105.065 3.36 3.36 0 0 0-.575 2.45 3.3 3.3 0 0 0 1.266 2.153 3.1 3.1 0 0 0 1.874.634 3.15 3.15 0 0 0 2.572-1.349 3.4 3.4 0 0 0 .545-1.264l4.01-.04a1.35 1.35 0 0 0 1.746.656'/><path fill='#e3f2fd' d='m27.718 23.882 1.228-3.945a1.34 1.34 0 0 0 .824-.473 1.44 1.44 0 0 0 .328-1.026 1.366 1.366 0 0 0-2.729-.013 1.5 1.5 0 0 0 .06.553 1.4 1.4 0 0 0 .336.564l-1.603 5.027a.17.17 0 0 0 .016.14.16.16 0 0 0 .115.075 1.952 1.952 0 0 1 .385 3.782 1.84 1.84 0 0 1-2.097-.692.156.156 0 0 0-.217-.037l-.811.572a.16.16 0 0 0-.067.108.17.17 0 0 0 .028.124A3.15 3.15 0 0 0 26.097 30a3.1 3.1 0 0 0 1.871-.63 3.36 3.36 0 0 0 1.165-3.667 3.23 3.23 0 0 0-1.415-1.82Z'/><path fill='#e3f2fd' d='M31.845 17.545a3.15 3.15 0 0 0-5.177-1.459l-3.28-2.432a1.46 1.46 0 0 0-.193-.969 1.37 1.37 0 0 0-.857-.637 1.3 1.3 0 0 0-.308-.038h-.004a1.425 1.425 0 0 0-.003 2.847h.005a1.3 1.3 0 0 0 .631-.16l4.165 3.137a.16.16 0 0 0 .133.027.16.16 0 0 0 .104-.089 1.98 1.98 0 0 1 1.735-1.178h.001a1.933 1.933 0 0 1 1.897 1.963 1.96 1.96 0 0 1-1.296 1.863.166.166 0 0 0-.102.203l.28.98a.16.16 0 0 0 .079.098.15.15 0 0 0 .123.011 3.2 3.2 0 0 0 1.867-1.64 3.4 3.4 0 0 0 .2-2.527'/></svg>",
   "folder-fastlane": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e3f2fd' d='m15.508 21.618 1.272 3.936a1.456 1.456 0 0 0-.06 1.922 1.35 1.35 0 0 0 .937.486l.1.003a1.33 1.33 0 0 0 .894-.346 1.4 1.4 0 0 0 .207-.231 1.446 1.446 0 0 0-.307-1.972 1.36 1.36 0 0 0-.597-.256l-1.586-5.037a.16.16 0 0 0-.092-.101.15.15 0 0 0-.134.007 1.92 1.92 0 0 1-2.059-.113 1.995 1.995 0 0 1-.423-2.72 1.84 1.84 0 0 1 2.088-.697.16.16 0 0 0 .199-.102l.325-.95a.17.17 0 0 0-.007-.128.16.16 0 0 0-.093-.084 3 3 0 0 0-.978-.167h-.039A3.215 3.215 0 0 0 12 18.296a3.3 3.3 0 0 0 1.321 2.698 3.08 3.08 0 0 0 2.187.624'/><path fill='#e3f2fd' d='M15.802 17.146a1.35 1.35 0 0 0-1.787.535 1.45 1.45 0 0 0-.157 1.074 1.4 1.4 0 0 0 .622.875 1.33 1.33 0 0 0 .706.203 1.36 1.36 0 0 0 1.176-.685 1.47 1.47 0 0 0 .177-.971l4.14-3.149a.17.17 0 0 0 .065-.122.17.17 0 0 0-.05-.13 2.09 2.09 0 0 1-.556-2.063 1.883 1.883 0 0 1 2.383-1.262 1.95 1.95 0 0 1 1.31 1.823.16.16 0 0 0 .155.161l.983.02a.2.2 0 0 0 .114-.047.17.17 0 0 0 .048-.117 3.34 3.34 0 0 0-.945-2.333A3.12 3.12 0 0 0 21.939 10a4 4 0 0 0-.293.014 3.14 3.14 0 0 0-2.162 1.182 3.4 3.4 0 0 0-.457 3.457Zm10.842 10.755a1.4 1.4 0 0 0 .736-.77 1.45 1.45 0 0 0-.005-1.083 1.38 1.38 0 0 0-.744-.763 1.3 1.3 0 0 0-1.047.005 1.4 1.4 0 0 0-.693.672l-5.12.014a.16.16 0 0 0-.123.06.17.17 0 0 0-.033.135 2.08 2.08 0 0 1-.724 2 1.82 1.82 0 0 1-1.4.355 1.86 1.86 0 0 1-1.233-.773 2 2 0 0 1-.016-2.286.17.17 0 0 0-.033-.226l-.778-.613a.15.15 0 0 0-.12-.032.16.16 0 0 0-.105.065 3.36 3.36 0 0 0-.575 2.45 3.3 3.3 0 0 0 1.266 2.153 3.1 3.1 0 0 0 1.874.634 3.15 3.15 0 0 0 2.572-1.349 3.4 3.4 0 0 0 .545-1.264l4.01-.04a1.35 1.35 0 0 0 1.746.656'/><path fill='#e3f2fd' d='m27.718 23.882 1.228-3.945a1.34 1.34 0 0 0 .824-.473 1.44 1.44 0 0 0 .328-1.026 1.366 1.366 0 0 0-2.729-.013 1.5 1.5 0 0 0 .06.553 1.4 1.4 0 0 0 .336.564l-1.603 5.027a.17.17 0 0 0 .016.14.16.16 0 0 0 .115.075 1.952 1.952 0 0 1 .385 3.782 1.84 1.84 0 0 1-2.097-.692.156.156 0 0 0-.217-.037l-.811.572a.16.16 0 0 0-.067.108.17.17 0 0 0 .028.124A3.15 3.15 0 0 0 26.097 30a3.1 3.1 0 0 0 1.871-.63 3.36 3.36 0 0 0 1.165-3.667 3.23 3.23 0 0 0-1.415-1.82Z'/><path fill='#e3f2fd' d='M31.845 17.545a3.15 3.15 0 0 0-5.177-1.459l-3.28-2.432a1.46 1.46 0 0 0-.193-.969 1.37 1.37 0 0 0-.857-.637 1.3 1.3 0 0 0-.308-.038h-.004a1.425 1.425 0 0 0-.003 2.847h.005a1.3 1.3 0 0 0 .631-.16l4.165 3.137a.16.16 0 0 0 .133.027.16.16 0 0 0 .104-.089 1.98 1.98 0 0 1 1.735-1.178h.001a1.933 1.933 0 0 1 1.897 1.963 1.96 1.96 0 0 1-1.296 1.863.166.166 0 0 0-.102.203l.28.98a.16.16 0 0 0 .079.098.15.15 0 0 0 .123.011 3.2 3.2 0 0 0 1.867-1.64 3.4 3.4 0 0 0 .2-2.527'/></svg>",
   "folder-favicon-open": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124c-.468 0-.921-.164-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fffde7' d='m24 24 6 4-2-6 4-4h-6l-1.999-6L22 18h-6l4 4-2 6z'/></svg>",
   "folder-favicon": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fffde7' d='m24 24 6 4-2-6 4-4h-6l-1.999-6L22 18h-6l4 4-2 6z'/></svg>",
-  "folder-firebase-open": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fff9c4' d='m32 24.526-6.387 3.314a1.43 1.43 0 0 1-1.313 0L18 24.526l11.419-10.76.307-.08c.261 0 .41.106.437.326zM22.68 13.93l-3.98 6.178 1.662-9.778c.026-.22.175-.327.438-.327a.32.32 0 0 1 .35.205l1.882 3.232-.35.491m3.937 1.03-8.356 7.848 6.343-10.066a.42.42 0 0 1 .395-.237.335.335 0 0 1 .35.237Z'/></svg>",
-  "folder-firebase": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fff9c4' d='m32 24.526-6.387 3.314a1.43 1.43 0 0 1-1.313 0L18 24.526l11.419-10.76.307-.08c.261 0 .41.106.437.326zM22.68 13.93l-3.98 6.178 1.662-9.778c.026-.22.175-.327.438-.327a.32.32 0 0 1 .35.205l1.882 3.232-.35.491m3.937 1.03-8.356 7.848 6.343-10.066a.42.42 0 0 1 .395-.237.335.335 0 0 1 .35.237Z'/></svg>",
+  "folder-firebase-open": "<svg viewBox='0 0 32 32'><path fill='#ff9100' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffe0b2' d='M24 28.014s-4.584.213-7-4.014c-.66-1.156-1.006-2.805-1-4 .012-2.264.962-3.881 1.038-4 .117-.181 2.954-.867 4.962 0s3.979 3.215 4 6-2.275 4.565-2.691 4.881.691 1.133.691 1.133M22 25.5c2.051-1.646 1.875-2.063 2-3.5s-1.007-3.071-2-4-2.934-.65-3.5-.5c-2.418 5.405 3.5 8 3.5 8'/><path fill='#ffe0b2' d='m24 28.014 2.527-.941s-1.988-1.265-2.909-2.168C21.381 22.71 20.021 20.085 20 16s4-8 4-8 8.063 6.276 8 12c-.644 8.183-8 8.014-8 8.014m4-3.023c1.044-1.135 1.95-2.042 2-4.991.075-4.381-6-9.5-6-9.5s-1.856 2.393-2 5.5c-.338 7.273 6 8.991 6 8.991'/><path fill='#ffe0b2' d='M22.34 25.64s3.453-.086 5.66-.649c3.451-.879-1.022 2.191-1.022 2.191L24 28.015l-1.313-.536z'/></svg>",
+  "folder-firebase": "<svg fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 32 32'><path fill='#ff9100' fill-rule='nonzero' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4c-1.097 0-2 .903-2 2v16c0 1.097.903 2 2 2h24c1.097 0 2-.903 2-2V10c0-1.097-.903-2-2-2H15.124c-.468 0-.921-.164-1.28-.464'/><path fill='#ffe0b2' d='M24 28.014s-4.584.213-7-4.014c-.66-1.156-1.006-2.805-1-4 .012-2.264.962-3.881 1.038-4 .117-.181 2.954-.867 4.962 0s3.979 3.215 4 6-2.275 4.565-2.691 4.881.691 1.133.691 1.133M22 25.5c2.051-1.646 1.875-2.063 2-3.5s-1.007-3.071-2-4-2.934-.65-3.5-.5c-2.418 5.405 3.5 8 3.5 8'/><path fill='#ffe0b2' d='m24 28.014 2.527-.941s-1.988-1.265-2.909-2.168C21.381 22.71 20.021 20.085 20 16s4-8 4-8 8.063 6.276 8 12c-.644 8.183-8 8.014-8 8.014m4-3.023c1.044-1.135 1.95-2.042 2-4.991.075-4.381-6-9.5-6-9.5s-1.856 2.393-2 5.5c-.338 7.273 6 8.991 6 8.991'/><path fill='#ffe0b2' d='M22.34 25.64s3.453-.086 5.66-.649c3.451-.879-1.022 2.191-1.022 2.191L24 28.015l-1.313-.536z'/></svg>",
+  "folder-firestore-open": "<svg fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 32 32'><path fill='#2196f3' fill-rule='nonzero' d='M28.967 12H9.442c-.859 0-1.627.553-1.898 1.368L4 24V10h24c0-1.097-.903-2-2-2H15.124c-.468 0-.921-.164-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4c-1.097 0-2 .903-2 2v16c0 1.097.903 2 2 2h22l4.805-11.212c.107-.249.162-.517.162-.788 0-1.097-.903-2-2-2'/><path fill='#bbdefb' d='m24 10-8 4v4l8-4 8 4v-4z'/><path fill='#bbdefb' d='M16 20v4l8-4 8 4v-4l-8-4z'/><path fill='#bbdefb' d='m24 24 3-1 4 2-7 3z'/></svg>",
+  "folder-firestore": "<svg fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 32 32'><path fill='#2196f3' fill-rule='nonzero' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4c-1.097 0-2 .903-2 2v16c0 1.097.903 2 2 2h24c1.097 0 2-.903 2-2V10c0-1.097-.903-2-2-2H15.124c-.468 0-.921-.164-1.28-.464'/><path fill='#bbdefb' d='m24 10-8 4v4l8-4 8 4v-4z'/><path fill='#bbdefb' d='M16 20v4l8-4 8 4v-4l-8-4z'/><path fill='#bbdefb' d='m24 24 3-1 4 2-7 3z'/></svg>",
   "folder-flow-open": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fbc02d' fill-opacity='.976' d='m12 10 6.71 6h-4.725l4.672 4h-6.676L20 28.025V12h3.548l1.584 2H22v6h1.98l1.979 2h-3.984l.025.025V28h10l-4-3.033v-1.221l.657.655L28 18h-2v-2.01l4 1.997v-5.99l-6-.999L21.923 10Z'/></svg>",
   "folder-flow": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fbc02d' fill-opacity='.976' d='m12 10 6.71 6h-4.725l4.672 4h-6.676L20 28.025V12h3.548l1.584 2H22v6h1.98l1.979 2h-3.984l.025.025V28h10l-4-3.033v-1.221l.657.655L28 18h-2v-2.01l4 1.997v-5.99l-6-.999L21.923 10Z'/></svg>",
   "folder-flutter-open": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='M29 12H9.4a2 2 0 0 0-1.9 1.4L4 24V10h24a2 2 0 0 0-2-2H15.1a2 2 0 0 1-1.3-.5l-1.2-1a2 2 0 0 0-1.3-.5H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.8-11.2A2 2 0 0 0 29 12'/><path fill='#b3e5fc' d='m20 10-8 8 4 4 12-12zm4 8-6 6 6 6h8l-6-6 6-6z'/></svg>",
   "folder-flutter": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='m13.8 7.5-1.2-1a2 2 0 0 0-1.3-.5H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.1a2 2 0 0 1-1.3-.5'/><path fill='#b3e5fc' d='m20 10-8 8 4 4 12-12zm4 8-6 6 6 6h8l-6-6 6-6z'/></svg>",
   "folder-font-open": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M24.077 12h-2.154L16 28h2.423L20 24h6l1.577 4H30Zm-3.64 10L23 14.764 25.552 22Z'/></svg>",
   "folder-font": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M24.077 12h-2.154L16 28h2.423L20 24h6l1.577 4H30Zm-3.64 10L23 14.764 25.552 22Z'/></svg>",
-  "folder-forgejo-open": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><g fill='none' transform='translate(14.53 10.455)scale(.08531)'><path stroke='#FF6D00' stroke-width='25' d='M58 168V70a50 50 0 0 1 50-50h20' class='prefix__prefix__orange'/><path stroke='#D50000' stroke-width='25' d='M58 168v-30a50 50 0 0 1 50-50h20' class='prefix__prefix__red'/><circle cx='142' cy='20' r='18' stroke='#FF6D00' stroke-width='15' class='prefix__prefix__orange'/><circle cx='142' cy='88' r='18' stroke='#D50000' stroke-width='15' class='prefix__prefix__red'/><circle cx='58' cy='180' r='18' stroke='#D50000' stroke-width='15' class='prefix__prefix__red'/></g></svg>",
-  "folder-forgejo": "<svg viewBox='0 0 32 32'><path fill='#757575' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g fill='none' transform='translate(14.53 10.455)scale(.08531)'><path stroke='#FF6D00' stroke-width='25' d='M58 168V70a50 50 0 0 1 50-50h20' class='prefix__prefix__orange'/><path stroke='#D50000' stroke-width='25' d='M58 168v-30a50 50 0 0 1 50-50h20' class='prefix__prefix__red'/><circle cx='142' cy='20' r='18' stroke='#FF6D00' stroke-width='15' class='prefix__prefix__orange'/><circle cx='142' cy='88' r='18' stroke='#D50000' stroke-width='15' class='prefix__prefix__red'/><circle cx='58' cy='180' r='18' stroke='#D50000' stroke-width='15' class='prefix__prefix__red'/></g></svg>",
+  "folder-forgejo-open": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><g fill='none' transform='translate(14.53 10.455)scale(.08531)'><path stroke='#ff6d00' stroke-width='25' d='M58 168V70a50 50 0 0 1 50-50h20' class='prefix__prefix__orange'/><path stroke='#d50000' stroke-width='25' d='M58 168v-30a50 50 0 0 1 50-50h20' class='prefix__prefix__red'/><circle cx='142' cy='20' r='18' stroke='#ff6d00' stroke-width='15' class='prefix__prefix__orange'/><circle cx='142' cy='88' r='18' stroke='#d50000' stroke-width='15' class='prefix__prefix__red'/><circle cx='58' cy='180' r='18' stroke='#d50000' stroke-width='15' class='prefix__prefix__red'/></g></svg>",
+  "folder-forgejo": "<svg viewBox='0 0 32 32'><path fill='#757575' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g fill='none' transform='translate(14.53 10.455)scale(.08531)'><path stroke='#ff6d00' stroke-width='25' d='M58 168V70a50 50 0 0 1 50-50h20' class='prefix__prefix__orange'/><path stroke='#d50000' stroke-width='25' d='M58 168v-30a50 50 0 0 1 50-50h20' class='prefix__prefix__red'/><circle cx='142' cy='20' r='18' stroke='#ff6d00' stroke-width='15' class='prefix__prefix__orange'/><circle cx='142' cy='88' r='18' stroke='#d50000' stroke-width='15' class='prefix__prefix__red'/><circle cx='58' cy='180' r='18' stroke='#d50000' stroke-width='15' class='prefix__prefix__red'/></g></svg>",
   "folder-functions-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M24 16h-2.982l.14-1.676.002-.01a1.945 1.945 0 0 1 3.848-.485l1.475-1.687a3.9 3.9 0 0 0-3.01-2.126 4.143 4.143 0 0 0-4.263 4.105L19.048 16H16v2h2.87l-.529 5.874a2.05 2.05 0 0 1-1.348 1.776l-.026.009a1.92 1.92 0 0 1-2.451-1.465l-1.477 1.687a3.91 3.91 0 0 0 2.99 2.1 4.13 4.13 0 0 0 4.274-4.08L20.839 18H24Zm8 4.929-1.414-1.414-2.829 2.828-2.828-2.828-1.414 1.414 2.828 2.828-2.828 2.829L24.929 28l2.828-2.828L30.586 28 32 26.586l-2.828-2.829z'/></svg>",
   "folder-functions": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M24 16h-2.982l.14-1.676.002-.01a1.945 1.945 0 0 1 3.848-.485l1.475-1.687a3.9 3.9 0 0 0-3.01-2.126 4.143 4.143 0 0 0-4.263 4.105L19.048 16H16v2h2.87l-.529 5.874a2.05 2.05 0 0 1-1.348 1.776l-.026.009a1.92 1.92 0 0 1-2.451-1.465l-1.477 1.687a3.91 3.91 0 0 0 2.99 2.1 4.13 4.13 0 0 0 4.274-4.08L20.839 18H24Zm8 4.929-1.414-1.414-2.829 2.828-2.828-2.828-1.414 1.414 2.828 2.828-2.828 2.829L24.929 28l2.828-2.828L30.586 28 32 26.586l-2.828-2.829z'/></svg>",
   "folder-gamemaker-open": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b2dfdb' d='m32 20-9.03-9.03L13.942 20l9.03 9.03 3.765-3.766.007-5.264Zm-9.513 2.526L19.96 20l3.01-3.01L25.98 20h-3.494Z'/></svg>",
@@ -353,8 +380,8 @@
   "folder-helper": "<svg viewBox='0 0 32 32'><path fill='#afb42b' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f0f4c3' d='M28.178 12a1.57 1.57 0 0 0-1.138.467l-4.62 4.691 4.493 4.555 4.628-4.684a1.646 1.646 0 0 0 0-2.28l-2.259-2.282A1.54 1.54 0 0 0 28.178 12m-6.521 5.924-4.739 4.803a1.635 1.635 0 0 0 .008 2.291l.008.008C15.963 26.017 14.978 27.01 14 28h4.5l.684-.693a1.58 1.58 0 0 0 2.234-.016l4.732-4.803'/></svg>",
   "folder-home-open": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M20 12 8 22h4v8h6v-6h4v6h6v-8h4z'/></svg>",
   "folder-home": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M20 12 8 22h4v8h6v-6h4v6h6v-8h4z'/></svg>",
-  "folder-hook-open": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#d1c4e9' d='M23 16c-4.97 0-9 2.24-9 5 0 2.18 2.5 4.03 6 4.71V28l4-3-4-3v1.67c-2.48-.58-4-1.79-4-2.67 0-1.19 2.79-3 7-3s7 1.81 7 3c0 .88-1.52 2.09-4 2.67v2.04c3.5-.68 6-2.53 6-4.71 0-2.76-4.03-5-9-5'/></svg>",
-  "folder-hook": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#d1c4e9' d='M23 16c-4.97 0-9 2.24-9 5 0 2.18 2.5 4.03 6 4.71V28l4-3-4-3v1.67c-2.48-.58-4-1.79-4-2.67 0-1.19 2.79-3 7-3s7 1.81 7 3c0 .88-1.52 2.09-4 2.67v2.04c3.5-.68 6-2.53 6-4.71 0-2.76-4.03-5-9-5'/></svg>",
+  "folder-hook-open": "<svg viewBox='0 0 1024 1024'><path fill='#7e57c2' d='M926.944 384h-624.8a64 64 0 0 0-60.736 43.776L128 768V320h768a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848l-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.76-358.784A64 64 0 0 0 926.944 384'/><path fill='#d1c4e9' d='M800 320c-53.02 0-96 42.98-96 96 .104 40.593 25.729 76.733 64 90.264V768c0 35.346-28.654 64-64 64s-64-28.654-64-64v-64h64L576 576v192c0 70.692 57.308 128 128 128s128-57.308 128-128V506.264c38.271-13.531 63.896-49.671 64-90.264 0-53.02-42.98-96-96-96m0 64c17.673 0 32 14.327 32 32s-14.327 32-32 32-32-14.327-32-32 14.327-32 32-32'/></svg>",
+  "folder-hook": "<svg viewBox='0 0 1024 1024'><path fill='#7e57c2' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#d1c4e9' d='M800 320c-53.02 0-96 42.98-96 96 .104 40.593 25.729 76.733 64 90.264V768c0 35.346-28.654 64-64 64s-64-28.654-64-64v-64h64L576 576v192c0 70.692 57.308 128 128 128s128-57.308 128-128V506.264c38.271-13.531 63.896-49.671 64-90.264 0-53.02-42.98-96-96-96m0 64c17.673 0 32 14.327 32 32s-14.327 32-32 32-32-14.327-32-32 14.327-32 32-32'/></svg>",
   "folder-husky-open": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#cfd8dc' d='M24.942 12.076c.872.35 1.217 1.731.761 3.095-.452 1.357-1.518 2.184-2.395 1.84-.869-.34-1.22-1.725-.771-3.093.444-1.36 1.523-2.179 2.405-1.842m4.879 2.832c.738.602.566 1.947-.371 3.023-.961 1.07-2.321 1.46-3.057.87-.74-.595-.561-1.937.388-3.005.948-1.078 2.308-1.468 3.04-.888m-10.343-1.795c.97.116 1.68 1.34 1.62 2.724-.104 1.386-.935 2.421-1.9 2.31-.963-.111-1.668-1.326-1.588-2.716s.928-2.425 1.868-2.319m12.285 7.131c.561.765.094 2.021-1.064 2.785s-2.555.76-3.133-.026c-.578-.782-.102-2.024 1.04-2.808 1.163-.742 2.571-.738 3.157.05m-5.388 6.733a2.14 2.14 0 0 1-1.984 1.017c-1.545-.147-2.323-2.153-3.68-2.94-1.358-.79-3.515-.422-4.367-1.731a2.41 2.41 0 0 1 .065-2.586c.711-.952 2.249-.792 3.4-1.12 1.519-.409 3.245-1.831 4.617-1.033 1.366.79 1.06 3 1.41 4.53.277 1.278 1.134 2.718.539 3.863'/></svg>",
   "folder-husky": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#cfd8dc' d='M24.942 12.076c.872.35 1.217 1.731.761 3.095-.452 1.357-1.518 2.184-2.395 1.84-.869-.34-1.22-1.725-.771-3.093.444-1.36 1.523-2.179 2.405-1.842m4.879 2.832c.738.602.566 1.947-.371 3.023-.961 1.07-2.321 1.46-3.057.87-.74-.595-.561-1.937.388-3.005.948-1.078 2.308-1.468 3.04-.888m-10.343-1.795c.97.116 1.68 1.34 1.62 2.724-.104 1.386-.935 2.421-1.9 2.31-.963-.111-1.668-1.326-1.588-2.716s.928-2.425 1.868-2.319m12.285 7.131c.561.765.094 2.021-1.064 2.785s-2.555.76-3.133-.026c-.578-.782-.102-2.024 1.04-2.808 1.163-.742 2.571-.738 3.157.05m-5.388 6.733a2.14 2.14 0 0 1-1.984 1.017c-1.545-.147-2.323-2.153-3.68-2.94-1.358-.79-3.515-.422-4.367-1.731a2.41 2.41 0 0 1 .065-2.586c.711-.952 2.249-.792 3.4-1.12 1.519-.409 3.245-1.831 4.617-1.033 1.366.79 1.06 3 1.41 4.53.277 1.278 1.134 2.718.539 3.863'/></svg>",
   "folder-i18n-open": "<svg viewBox='0 0 32 32'><path fill='#5c6bc0' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c5cae9' d='m22.79 23.762-2.308-2.259.027-.026a15.7 15.7 0 0 0 3.373-5.877h2.663v-1.8h-6.363V12h-1.819v1.8H12v1.8h10.155a14.2 14.2 0 0 1-2.882 4.814 14 14 0 0 1-2.1-3.014h-1.819a15.8 15.8 0 0 0 2.71 4.103l-4.629 4.518 1.292 1.278 4.545-4.5 2.828 2.799zm5.12-4.562h-1.82L22 30h1.818l1.017-2.7h4.32l1.025 2.699H32zm-2.384 6.3L27 21.602l1.473 3.897Z'/></svg>",
@@ -385,12 +412,14 @@
   "folder-job": "<svg viewBox='0 0 32 32'><path fill='#ffa000' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffecb3' d='M30 14h-4v-2l-2-2h-4l-2 2v2h-4a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2V16a2 2 0 0 0-2-2m-10-2h4v2h-4Zm6 10-7.023 4-1.014-1.725 5.558-3.27-5.558-3.269 1.014-1.724L26 20Z'/></svg>",
   "folder-json-open": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fffde7' d='M24 28v-2h3q.425 0 .713-.288Q28 25.425 28 25v-2q0-.95.55-1.725t1.45-1.1v-.35q-.9-.325-1.45-1.1T28 17v-2q0-.425-.287-.712Q27.424 14 27 14h-3v-2h3q1.25 0 2.125.875T30 15v2q0 .425.287.712.288.288.713.288h1v4h-1q-.425 0-.713.288Q30 22.575 30 23v2q0 1.25-.875 2.125T27 28zm-7 0q-1.25 0-2.125-.875T14 25v-2q0-.425-.287-.712Q13.425 22 13 22h-1v-4h1q.425 0 .713-.288Q14 17.425 14 17v-2q0-1.25.875-2.125T17 12h3v2h-3q-.425 0-.713.288Q16 14.575 16 15v2q0 .95-.55 1.725t-1.45 1.1v.35q.9.325 1.45 1.1T16 23v2q0 .425.287.712.288.288.713.288h3v2z'/></svg>",
   "folder-json": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fffde7' d='M24 28v-2h3q.425 0 .713-.287T28 25v-2q0-.95.55-1.725t1.45-1.1v-.35q-.9-.325-1.45-1.1T28 17v-2q0-.425-.287-.713T27 14h-3v-2h3q1.25 0 2.125.875T30 15v2q0 .425.287.712T31 18h1v4h-1q-.425 0-.713.287T30 23v2q0 1.25-.875 2.125T27 28zm-7 0q-1.25 0-2.125-.875T14 25v-2q0-.425-.287-.713T13 22h-1v-4h1q.425 0 .713-.287T14 17v-2q0-1.25.875-2.125T17 12h3v2h-3q-.425 0-.713.287T16 15v2q0 .95-.55 1.725t-1.45 1.1v.35q.9.325 1.45 1.1T16 23v2q0 .425.287.713T17 26h3v2z'/></svg>",
-  "folder-jupyter-open": "<svg viewBox='0 0 32 32'><path fill='#FF9800' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><g fill='#FFE0B2' data-mit-no-recolor='true' transform='matrix(.7 0 0 .7 10 10)'><path d='M6.2 18a22.7 22.7 0 0 0 9.8 2 22.7 22.7 0 0 0 9.8-2 10.002 10.002 0 0 1-19.6 0m0-4a22.7 22.7 0 0 1 9.8-2 22.7 22.7 0 0 1 9.8 2 10.002 10.002 0 0 0-19.6 0'/><circle cx='27' cy='5' r='3'/><circle cx='5' cy='27' r='3'/><circle cx='5' cy='5' r='3'/></g></svg>",
-  "folder-jupyter": "<svg viewBox='0 0 32 32'><path fill='#FF9800' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g fill='#FFE0B2' data-mit-no-recolor='true' transform='matrix(.7 0 0 .7 10 10)'><path d='M6.2 18a22.7 22.7 0 0 0 9.8 2 22.7 22.7 0 0 0 9.8-2 10.002 10.002 0 0 1-19.6 0m0-4a22.7 22.7 0 0 1 9.8-2 22.7 22.7 0 0 1 9.8 2 10.002 10.002 0 0 0-19.6 0'/><circle cx='27' cy='5' r='3'/><circle cx='5' cy='27' r='3'/><circle cx='5' cy='5' r='3'/></g></svg>",
+  "folder-jupyter-open": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><g fill='#ffe0b2' data-mit-no-recolor='true' transform='matrix(.7 0 0 .7 10 10)'><path d='M6.2 18a22.7 22.7 0 0 0 9.8 2 22.7 22.7 0 0 0 9.8-2 10.002 10.002 0 0 1-19.6 0m0-4a22.7 22.7 0 0 1 9.8-2 22.7 22.7 0 0 1 9.8 2 10.002 10.002 0 0 0-19.6 0'/><circle cx='27' cy='5' r='3'/><circle cx='5' cy='27' r='3'/><circle cx='5' cy='5' r='3'/></g></svg>",
+  "folder-jupyter": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g fill='#ffe0b2' data-mit-no-recolor='true' transform='matrix(.7 0 0 .7 10 10)'><path d='M6.2 18a22.7 22.7 0 0 0 9.8 2 22.7 22.7 0 0 0 9.8-2 10.002 10.002 0 0 1-19.6 0m0-4a22.7 22.7 0 0 1 9.8-2 22.7 22.7 0 0 1 9.8 2 10.002 10.002 0 0 0-19.6 0'/><circle cx='27' cy='5' r='3'/><circle cx='5' cy='27' r='3'/><circle cx='5' cy='5' r='3'/></g></svg>",
   "folder-keys-open": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b2dfdb' d='M21.651 20a6 6 0 1 0 0 4H26v4h4v-4h2v-4ZM16 24a2 2 0 1 1 2-2 2 2 0 0 1-2 2'/></svg>",
   "folder-keys": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b2dfdb' d='M21.651 20a6 6 0 1 0 0 4H26v4h4v-4h2v-4ZM16 24a2 2 0 1 1 2-2 2 2 0 0 1-2 2'/></svg>",
   "folder-kubernetes-open": "<svg viewBox='0 0 32 32'><path fill='#448aff' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M22.069 10.463a.6.6 0 0 0-.116.003.59.59 0 0 0-.517.635v.16a3.6 3.6 0 0 0 .08.543 5.2 5.2 0 0 1 .065 1.018.6.6 0 0 1-.186.305l-.013.238a7 7 0 0 0-1.031.157 7.27 7.27 0 0 0-3.706 2.117l-.196-.145a.52.52 0 0 1-.346-.039 5.4 5.4 0 0 1-.765-.69 5 5 0 0 0-.372-.395l-.12-.093a.75.75 0 0 0-.397-.158.6.6 0 0 0-.463.197.61.61 0 0 0 .148.834l.013.013c.026.027.079.067.106.093a4 4 0 0 0 .475.277 5.4 5.4 0 0 1 .848.597.6.6 0 0 1 .106.33l.183.158a7.22 7.22 0 0 0-1.137 5.121l-.25.065a.8.8 0 0 1-.254.253 4.4 4.4 0 0 1-1.018.158 2 2 0 0 0-.543.051l-.144.029h-.013v.013c-.04 0-.08.013-.106.013a.57.57 0 1 0 .339 1.086l.004-.001a1 1 0 0 0 .174-.041 2.7 2.7 0 0 0 .488-.197 7 7 0 0 1 1.018-.292.5.5 0 0 1 .305.119l.263-.039a7.43 7.43 0 0 0 3.27 4.088l-.094.238a.7.7 0 0 1 .042.33 4.2 4.2 0 0 1-.517.913c-.106.159-.199.304-.318.462a.17.17 0 0 1-.052.148c-.013.04-.04.066-.054.106a.57.57 0 0 0 1.072.382c.027-.04.051-.132.078-.132a5 5 0 0 0 .16-.53 5 5 0 0 1 .437-1.017.45.45 0 0 1 .25-.12l.132-.237a7.4 7.4 0 0 0 5.254.013l.105.212a.5.5 0 0 1 .277.183 6 6 0 0 1 .398.954c.04.172.094.344.16.542.027 0 .051.08.078.12.013.039.028.065.041.105a.568.568 0 0 0 .984-.569l-.007-.012a1 1 0 0 1-.052-.16c-.106-.146-.212-.305-.318-.45a7.4 7.4 0 0 1-.501-.9.44.44 0 0 1 .039-.343 1 1 0 0 1-.093-.225 7.44 7.44 0 0 0 3.268-4.113c.08.013.158.025.251.038a.33.33 0 0 1 .305-.106 4.7 4.7 0 0 1 1.018.28 2.6 2.6 0 0 0 .475.196.7.7 0 0 0 .187.028v.013c0 .013.053.013.093.026a.585.585 0 0 0 .635-.491.57.57 0 0 0-.483-.645l-.008-.001a.34.34 0 0 1-.157-.067h-.543a6.6 6.6 0 0 1-1.018-.186.55.55 0 0 1-.253-.238l-.251-.064a7.2 7.2 0 0 0-1.165-5.109l.211-.184a.4.4 0 0 1 .106-.317 5 5 0 0 1 .848-.597 3.3 3.3 0 0 0 .462-.277 1 1 0 0 0 .12-.093c.039-.026.08-.053.08-.08a.556.556 0 0 0-.78-.793c-.04 0-.093.054-.133.08a10 10 0 0 0-.372.395 4.8 4.8 0 0 1-.767.69.5.5 0 0 1-.344.039l-.212.158a7.37 7.37 0 0 0-4.708-2.274l-.013-.253a.45.45 0 0 1-.186-.29 5.2 5.2 0 0 1 .065-1.018 3.6 3.6 0 0 0 .08-.543v-.292a.57.57 0 0 0-.504-.506m-.778 4.408-.16 2.977h-.013a.5.5 0 0 1-.106.28.5.5 0 0 1-.687.118h-.013l-2.434-1.734a5.75 5.75 0 0 1 2.803-1.535c.212-.04.412-.08.61-.106m1.427 0a5.9 5.9 0 0 1 3.4 1.641l-2.421 1.734h-.013a.6.6 0 0 1-.277.067.494.494 0 0 1-.516-.47v-.008Zm-5.727 2.713 2.223 2.024v.013a.34.34 0 0 1 .144.253.483.483 0 0 1-.323.602l-.02.005v.013l-2.858.822a5.9 5.9 0 0 1 .834-3.732m10.013.04a6.18 6.18 0 0 1 .86 3.679l-2.87-.822-.013-.013a.47.47 0 0 1-.238-.157.49.49 0 0 1 .042-.694l.01-.01-.013-.038Zm-5.462 2.144h.912l.568.7-.199.886-.819.398-.819-.398-.212-.886Zm-2.132 2.447h.106a.55.55 0 0 1 .504.382.5.5 0 0 1-.052.28v.038l-1.127 2.74a5.84 5.84 0 0 1-2.366-2.952Zm4.87 0h.319l2.948.475a5.85 5.85 0 0 1-2.367 2.977l-1.14-2.79a.53.53 0 0 1 .24-.662m-2.327 1.199a.51.51 0 0 1 .488.256h.013l1.442 2.607a5 5 0 0 1-.569.157 5.9 5.9 0 0 1-3.214-.157l1.442-2.607h.012c.04-.093.107-.133.2-.2a.5.5 0 0 1 .186-.056'/></svg>",
   "folder-kubernetes": "<svg viewBox='0 0 32 32'><path fill='#448aff' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M22.069 10.463a.6.6 0 0 0-.116.003.59.59 0 0 0-.517.635v.16a3.6 3.6 0 0 0 .08.543 5.2 5.2 0 0 1 .065 1.018.6.6 0 0 1-.186.305l-.013.238a7 7 0 0 0-1.031.157 7.27 7.27 0 0 0-3.706 2.117l-.196-.145a.52.52 0 0 1-.346-.039 5.4 5.4 0 0 1-.765-.69 5 5 0 0 0-.372-.395l-.12-.093a.75.75 0 0 0-.397-.158.6.6 0 0 0-.463.197.61.61 0 0 0 .148.834l.013.013c.026.027.079.067.106.093a4 4 0 0 0 .475.277 5.4 5.4 0 0 1 .848.597.6.6 0 0 1 .106.33l.183.158a7.22 7.22 0 0 0-1.137 5.121l-.25.065a.8.8 0 0 1-.254.253 4.4 4.4 0 0 1-1.018.158 2 2 0 0 0-.543.051l-.144.029h-.013v.013c-.04 0-.08.013-.106.013a.57.57 0 1 0 .339 1.086l.004-.001a1 1 0 0 0 .174-.041 2.7 2.7 0 0 0 .488-.197 7 7 0 0 1 1.018-.292.5.5 0 0 1 .305.119l.263-.039a7.43 7.43 0 0 0 3.27 4.088l-.094.238a.7.7 0 0 1 .042.33 4.2 4.2 0 0 1-.517.913c-.106.159-.199.304-.318.462a.17.17 0 0 1-.052.148c-.013.04-.04.066-.054.106a.57.57 0 0 0 1.072.382c.027-.04.051-.132.078-.132a5 5 0 0 0 .16-.53 5 5 0 0 1 .437-1.017.45.45 0 0 1 .25-.12l.132-.237a7.4 7.4 0 0 0 5.254.013l.105.212a.5.5 0 0 1 .277.183 6 6 0 0 1 .398.954c.04.172.094.344.16.542.027 0 .051.08.078.12.013.039.028.065.041.105a.568.568 0 0 0 .984-.569l-.007-.012a1 1 0 0 1-.052-.16c-.106-.146-.212-.305-.318-.45a7.4 7.4 0 0 1-.501-.9.44.44 0 0 1 .039-.343 1 1 0 0 1-.093-.225 7.44 7.44 0 0 0 3.268-4.113c.08.013.158.025.251.038a.33.33 0 0 1 .305-.106 4.7 4.7 0 0 1 1.018.28 2.6 2.6 0 0 0 .475.196.7.7 0 0 0 .187.028v.013c0 .013.053.013.093.026a.585.585 0 0 0 .635-.491.57.57 0 0 0-.483-.645l-.008-.001a.34.34 0 0 1-.157-.067h-.543a6.6 6.6 0 0 1-1.018-.186.55.55 0 0 1-.253-.238l-.251-.064a7.2 7.2 0 0 0-1.165-5.109l.211-.184a.4.4 0 0 1 .106-.317 5 5 0 0 1 .848-.597 3.3 3.3 0 0 0 .462-.277 1 1 0 0 0 .12-.093c.039-.026.08-.053.08-.08a.556.556 0 0 0-.78-.793c-.04 0-.093.054-.133.08a10 10 0 0 0-.372.395 4.8 4.8 0 0 1-.767.69.5.5 0 0 1-.344.039l-.212.158a7.37 7.37 0 0 0-4.708-2.274l-.013-.253a.45.45 0 0 1-.186-.29 5.2 5.2 0 0 1 .065-1.018 3.6 3.6 0 0 0 .08-.543v-.292a.57.57 0 0 0-.504-.506m-.778 4.408-.16 2.977h-.013a.5.5 0 0 1-.106.28.5.5 0 0 1-.687.118h-.013l-2.434-1.734a5.75 5.75 0 0 1 2.803-1.535c.212-.04.412-.08.61-.106m1.427 0a5.9 5.9 0 0 1 3.4 1.641l-2.421 1.734h-.013a.6.6 0 0 1-.277.067.494.494 0 0 1-.516-.47v-.008Zm-5.727 2.713 2.223 2.024v.013a.34.34 0 0 1 .144.253.483.483 0 0 1-.323.602l-.02.005v.013l-2.858.822a5.9 5.9 0 0 1 .834-3.732m10.013.04a6.18 6.18 0 0 1 .86 3.679l-2.87-.822-.013-.013a.47.47 0 0 1-.238-.157.49.49 0 0 1 .042-.694l.01-.01-.013-.038Zm-5.462 2.144h.912l.568.7-.199.886-.819.398-.819-.398-.212-.886Zm-2.132 2.447h.106a.55.55 0 0 1 .504.382.5.5 0 0 1-.052.28v.038l-1.127 2.74a5.84 5.84 0 0 1-2.366-2.952Zm4.87 0h.319l2.948.475a5.85 5.85 0 0 1-2.367 2.977l-1.14-2.79a.53.53 0 0 1 .24-.662m-2.327 1.199a.51.51 0 0 1 .488.256h.013l1.442 2.607a5 5 0 0 1-.569.157 5.9 5.9 0 0 1-3.214-.157l1.442-2.607h.012c.04-.093.107-.133.2-.2a.5.5 0 0 1 .186-.056'/></svg>",
+  "folder-kusto-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M25 10c-3.878 0-7 3.122-7 7v7h7c3.878 0 7-3.122 7-7s-3.122-7-7-7m3 4h2v6h-2zm-8 2h2v4h-2zm4 2h2v2h-2zm-8 2-3.996.02v2.322L12 24h4zm-4 6v4h4v-4zm6 0v4h4v-4z'/></svg>",
+  "folder-kusto": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M25 10c-3.878 0-7 3.122-7 7v7h7c3.878 0 7-3.122 7-7s-3.122-7-7-7m3 4h2v6h-2zm-8 2h2v4h-2zm4 2h2v2h-2zm-8 2-3.996.02v2.322L12 24h4zm-4 6v4h4v-4zm6 0v4h4v-4z'/></svg>",
   "folder-layout-open": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M10 16h6v14h-6zm8 8h6v6h-6zm8 0h6v6h-6zm-8-8h14v6H18z'/></svg>",
   "folder-layout": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M10 16h6v14h-6zm8 8h6v6h-6zm8 0h6v6h-6zm-8-8h14v6H18z'/></svg>",
   "folder-lefthook-open": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='M28.97 11.998H9.444a2 2 0 0 0-1.898 1.368L4.001 24V9.998h24.003a2 2 0 0 0-2-2H15.125a2 2 0 0 1-1.28-.464L12.557 6.46a2 2 0 0 0-1.28-.464H4.002a2 2 0 0 0-2.001 2V24A2 2 0 0 0 4 26h22.003l4.806-11.214a2 2 0 0 0-1.838-2.788z'/><path fill='#f44336' d='M14 20v6h-4zm4.026-5.342-2.385.795a1.494 1.494 0 0 0-.867 2.094l.534 1.068 4.696-1.624c.014-.293-.004-.602-.004-.91a1.496 1.496 0 0 0-1.974-1.423m12.886 5.502-5.546-5.18C24.272 13.999 23.85 14 22 14v3.012a3.36 3.36 0 0 1-1.301 2.787L24 24l5.876 1.676c.606-.698.85-1.005 1.38-1.595a2.583 2.583 0 0 0-.344-3.921'/><path fill='#b71c1c' d='m10 26 4-2 4 2-4 2zm10.699-6.2a20 20 0 0 1-2.463 1.314 3.5 3.5 0 0 1-2.236.302v1.339l8.98 4.888a3.22 3.22 0 0 0 4.054-1c.333-.384.505-.582.842-.967zm-5.127-1.89 3.756-1.408a.5.5 0 0 1 .675.492 1.48 1.48 0 0 1-.832 1.42l-1.83.915c-1.399.7-2.717-1.063-1.769-1.419'/></svg>",
@@ -399,6 +428,8 @@
   "folder-less": "<svg viewBox='0 0 32 32'><path fill='#0277bd' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M20 21a1 1 0 0 0-1-1 1 1 0 0 0 1-1v-5h2v-2h-2a2 2 0 0 0-2 2v4a1 1 0 0 1-1 1h-1v2h1a1 1 0 0 1 1 1v4a2 2 0 0 0 2 2h2v-2h-2Zm11-2a1 1 0 0 1-1-1v-4a2 2 0 0 0-2-2h-2v2h2v5a1 1 0 0 0 1 1 1 1 0 0 0-1 1v5h-2v2h2a2 2 0 0 0 2-2v-4a1 1 0 0 1 1-1h1v-2Z'/></svg>",
   "folder-lib-open": "<svg viewBox='0 0 32 32'><path fill='#c0ca33' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#f0f4c3' d='M23 16a3 3 0 0 0 .003-6H23a3 3 0 0 0-3 2.999V13a3 3 0 0 0 2.999 3zm0 3.973c-2.225-2.078-5.955-3.978-9-3.973v10c3.19 0 6.85 2.004 9 4 2.225-2.078 5.955-4.005 9-4V16c-3.045-.005-6.775 1.895-9 3.973'/></svg>",
   "folder-lib": "<svg viewBox='0 0 32 32'><path fill='#c0ca33' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f0f4c3' d='M22.931 16a3 3 0 0 0 .003-6h-.003a3 3 0 0 0-3 2.999V13a3 3 0 0 0 2.999 3zm0 3.973c-2.225-2.078-5.955-3.978-9-3.973v10c3.19 0 6.85 2.004 9 4 2.226-2.078 5.955-4.005 9-4V16c-3.044-.005-6.774 1.895-9 3.973'/></svg>",
+  "folder-link-open": "<svg viewBox='0 0 1024 1024'><path fill='#7e57c2' d='M926.912 384H302.144a64 64 0 0 0-60.736 43.776L128 768V320h768a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848l-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.792-358.784A64 64 0 0 0 926.912 384'/><path fill='#d1c4e9' d='M736 320c-53.02 0-96 42.98-96 96 .104 40.593 25.729 76.733 64 90.264V576h-32c-17.673 0-32 14.327-32 32s14.327 32 32 32h32v190.547C595.489 821.653 512 768.467 512 704h64L448 576v128c0 106.039 128.942 192 288 192s288-85.961 288-192V576L896 704h64c0 64.467-83.489 117.653-192 126.547V640h32c17.673 0 32-14.327 32-32s-14.327-32-32-32h-32v-69.736c38.271-13.531 63.896-49.671 64-90.264 0-53.02-42.98-96-96-96m0 64c17.673 0 32 14.327 32 32s-14.327 32-32 32-32-14.327-32-32 14.327-32 32-32'/></svg>",
+  "folder-link": "<svg viewBox='0 0 1024 1024'><path fill='#7e57c2' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#d1c4e9' d='M736 320c-53.02 0-96 42.98-96 96 .104 40.593 25.729 76.733 64 90.264V576h-32c-17.673 0-32 14.327-32 32s14.327 32 32 32h32v190.547C595.489 821.653 512 768.467 512 704h64L448 576v128c0 106.039 128.942 192 288 192s288-85.961 288-192V576L896 704h64c0 64.467-83.489 117.653-192 126.547V640h32c17.673 0 32-14.327 32-32s-14.327-32-32-32h-32v-69.736c38.271-13.531 63.896-49.671 64-90.264 0-53.02-42.98-96-96-96m0 64c17.673 0 32 14.327 32 32s-14.327 32-32 32-32-14.327-32-32 14.327-32 32-32'/></svg>",
   "folder-linux-open": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffecb3' d='M24.62 16.35c-.42.28-1.75 1.04-1.95 1.19a.825.825 0 0 1-1.14-.01c-.2-.16-1.53-.92-1.95-1.19-.48-.309-.45-.699.08-.919a6.16 6.16 0 0 1 4.91.03c.49.21.51.6.05.9Zm7.218 7.279A19.1 19.1 0 0 0 28 17.971a4.3 4.3 0 0 1-1.06-1.88c-.1-.33-.17-.67-.24-1.01a11.3 11.3 0 0 0-.7-2.609 4.06 4.06 0 0 0-3.839-2.47 4.2 4.2 0 0 0-3.95 2.4 6 6 0 0 0-.46 1.34c-.17.76-.32 1.55-.5 2.319a3.4 3.4 0 0 1-.959 1.71 19.5 19.5 0 0 0-3.88 5.348 6 6 0 0 0-.37.88c-.19.66.29 1.12.99.96.44-.09.88-.18 1.3-.31.41-.15.57-.05.67.35a6.73 6.73 0 0 0 4.24 4.498c4.119 1.56 8.928-.66 9.968-4.578.07-.27.17-.37.47-.27.46.14.93.24 1.4.35a.724.724 0 0 0 .92-.64 1.44 1.44 0 0 0-.16-.73Z'/></svg>",
   "folder-linux": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffecb3' d='M24.62 16.35c-.42.28-1.75 1.04-1.95 1.19a.825.825 0 0 1-1.14-.01c-.2-.16-1.53-.92-1.95-1.19-.48-.309-.45-.699.08-.919a6.16 6.16 0 0 1 4.91.03c.49.21.51.6.05.9Zm7.218 7.279A19.1 19.1 0 0 0 28 17.971a4.3 4.3 0 0 1-1.06-1.88c-.1-.33-.17-.67-.24-1.01a11.3 11.3 0 0 0-.7-2.609 4.06 4.06 0 0 0-3.839-2.47 4.2 4.2 0 0 0-3.95 2.4 6 6 0 0 0-.46 1.34c-.17.76-.32 1.55-.5 2.319a3.4 3.4 0 0 1-.959 1.71 19.5 19.5 0 0 0-3.88 5.348 6 6 0 0 0-.37.88c-.19.66.29 1.12.99.96.44-.09.88-.18 1.3-.31.41-.15.57-.05.67.35a6.73 6.73 0 0 0 4.24 4.498c4.119 1.56 8.928-.66 9.968-4.578.07-.27.17-.37.47-.27.46.14.93.24 1.4.35a.724.724 0 0 0 .92-.64 1.44 1.44 0 0 0-.16-.73Z'/></svg>",
   "folder-liquibase-open": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M23 12c-3.865 0-6.998 1.343-6.998 3s3.133 3 6.999 3S30 16.657 30 15s-3.134-3-7-3m7 5c-.222.2-.438.417-.703.582-.84.466-1.767.724-2.7.957-1.64.41-3.07.673-5.645 1.363-1.232.33-3.29 1.07-4.304 2.494-.686.961-.644 2.116-.646 2.604.438-.29.91-.82 3.26-1.51a61 61 0 0 1 3.145-.777c.785-.175 1.57-.329 2.354-.516 2.853-.697 3.631-1.07 4.325-1.539.608-.413.916-.91.914-1.658 0 0-.024-1.342 0-2m0 4.453c-1.39.78-2.246 1.215-4.325 1.682-1.767.4-3.53.81-5.295 1.22-1.188.282-3.555.975-4.18 2.145-.286.536-.295 1.164.169 1.643.05.05.56.524.738.586 0 0 .218-.106.836-.393 1.16-.536 2.396-.858 3.64-1.162 1.824-.425 3.659-.818 5.448-1.383.82-.252 1.605-.582 2.26-1.13C29.755 24.271 30 24 30 23Zm0 4.147s-.505.507-2.014 1.076C24.213 27.979 22.03 28 19.027 29.15c-.15.058-.388.147-.532.211.124.05.717.236.711.229.96.243 2.365.416 3.795.41.534-.013 4.286.128 6.163-1.39.384-.34.833-.61.836-1.61Z'/></svg>",
@@ -409,8 +440,8 @@
   "folder-lottie": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#a7ffeb' d='M28 10H18a4 4 0 0 0-4 4v10a4 4 0 0 0 4 4h10a4 4 0 0 0 4-4V14a4 4 0 0 0-4-4m0 5.563a.48.48 0 0 1-.437.464c-1.541.201-2.457 1.49-3.715 3.503-1.233 1.971-2.619 4.19-5.323 4.446a.495.495 0 0 1-.525-.501v-1.038a.48.48 0 0 1 .437-.465c1.541-.2 2.457-1.489 3.715-3.502 1.233-1.971 2.619-4.19 5.323-4.446a.495.495 0 0 1 .525.501Z'/></svg>",
   "folder-lua-open": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><circle cx='29' cy='13' r='3' fill='#b3e5fc'/><path fill='#b3e5fc' d='M19.703 14.594a7.703 7.703 0 1 0 7.703 7.703 7.703 7.703 0 0 0-7.703-7.703M21 24a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/></svg>",
   "folder-lua": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><circle cx='29' cy='13' r='3' fill='#b3e5fc'/><path fill='#b3e5fc' d='M19.703 14.594a7.703 7.703 0 1 0 7.703 7.703 7.703 7.703 0 0 0-7.703-7.703M21 24a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/></svg>",
-  "folder-luau-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#42A5F5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#B3E5FC' fill-rule='evenodd' d='M18.381 12 31 15.381 27.619 28 15 24.619zm8.095 3.86 2.524.676-.676 2.524-2.524-.677z' clip-rule='evenodd'/></svg>",
-  "folder-luau": "<svg fill='none' viewBox='0 0 32 32'><path fill='#42A5F5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#B3E5FC' fill-rule='evenodd' d='M18.381 12 31 15.381 27.619 28 15 24.619zm8.095 3.86 2.524.676-.676 2.524-2.524-.677z' clip-rule='evenodd'/></svg>",
+  "folder-luau-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#42a5f5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' fill-rule='evenodd' d='M18.381 12 31 15.381 27.619 28 15 24.619zm8.095 3.86 2.524.676-.676 2.524-2.524-.677z' clip-rule='evenodd'/></svg>",
+  "folder-luau": "<svg fill='none' viewBox='0 0 32 32'><path fill='#42a5f5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' fill-rule='evenodd' d='M18.381 12 31 15.381 27.619 28 15 24.619zm8.095 3.86 2.524.676-.676 2.524-2.524-.677z' clip-rule='evenodd'/></svg>",
   "folder-macos-open": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#cfd8dc' d='M30.64 27.499c-.82 1.24-1.687 2.45-3.008 2.47-1.322.03-1.746-.79-3.245-.79-1.508 0-1.972.77-3.224.82-1.292.05-2.268-1.32-3.096-2.53-1.687-2.47-2.979-7.02-1.243-10.08a4.81 4.81 0 0 1 4.063-2.51c1.262-.02 2.465.87 3.244.87.77 0 2.229-1.07 3.757-.91a4.56 4.56 0 0 1 3.59 1.98 4.57 4.57 0 0 0-2.12 3.81A4.41 4.41 0 0 0 32 24.67a11.1 11.1 0 0 1-1.36 2.83Zm-5.632-16a4.46 4.46 0 0 1 2.9-1.499 4.42 4.42 0 0 1-1.026 3.19 3.58 3.58 0 0 1-2.91 1.42 4.3 4.3 0 0 1 1.036-3.11Z'/></svg>",
   "folder-macos": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#cfd8dc' d='M30.64 27.499c-.82 1.24-1.687 2.45-3.008 2.47-1.322.03-1.746-.79-3.245-.79-1.508 0-1.972.77-3.224.82-1.292.05-2.268-1.32-3.096-2.53-1.687-2.47-2.979-7.02-1.243-10.08a4.81 4.81 0 0 1 4.063-2.51c1.262-.02 2.465.87 3.244.87.77 0 2.229-1.07 3.757-.91a4.56 4.56 0 0 1 3.59 1.98 4.57 4.57 0 0 0-2.12 3.81A4.41 4.41 0 0 0 32 24.67a11.1 11.1 0 0 1-1.36 2.83Zm-5.632-16a4.46 4.46 0 0 1 2.9-1.499 4.42 4.42 0 0 1-1.026 3.19 3.58 3.58 0 0 1-2.91 1.42 4.3 4.3 0 0 1 1.036-3.11Z'/></svg>",
   "folder-mail-open": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M14 16v10a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V16a2 2 0 0 0-2-2H16a2 2 0 0 0-2 2m16 2-7 4-7-4v-2l7 4 7-4Z'/></svg>",
@@ -441,27 +472,27 @@
   "folder-netlify": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#a7ffeb' d='M22 16h-4v6h2v-4h1.5a.5.5 0 0 1 .5.5V22h2v-4a2 2 0 0 0-2-2'/><rect width='6' height='2' x='26' y='18' fill='#a7ffeb' rx='.5'/><rect width='2' height='6' x='20' y='8' fill='#a7ffeb' rx='.5'/><rect width='6' height='2' x='10' y='18' fill='#a7ffeb' rx='.5'/><rect width='2' height='6' x='20' y='24' fill='#a7ffeb' rx='.5'/><path fill='#a7ffeb' d='m13 12.172 1.414-1.414 2.828 2.828L15.828 15zM15.828 23l1.414 1.414-2.828 2.828L13 25.828z'/></svg>",
   "folder-next-open": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#cfd8dc' d='M24 12a8 8 0 1 0 3.969 14.94L22 19v4.5a.5.5 0 0 1-.5.5h-1a.5.5 0 0 1-.5-.5v-7a.5.5 0 0 1 .5-.5h1.232a.5.5 0 0 1 .416.223l6.736 10.103A7.993 7.993 0 0 0 24 12m4 8h-2v-3.5a.5.5 0 0 1 .5-.5h1a.5.5 0 0 1 .5.5Z'/></svg>",
   "folder-next": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#cfd8dc' d='M24 12a8 8 0 1 0 3.969 14.94L22 19v4.5a.5.5 0 0 1-.5.5h-1a.5.5 0 0 1-.5-.5v-7a.5.5 0 0 1 .5-.5h1.232a.5.5 0 0 1 .416.223l6.736 10.103A7.993 7.993 0 0 0 24 12m4 8h-2v-3.5a.5.5 0 0 1 .5-.5h1a.5.5 0 0 1 .5.5Z'/></svg>",
-  "folder-ngrx-actions-open.clone": "<svg viewBox='0 0 32 32'><path fill='#AB47BC' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#E1BEE7' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-actions.clone": "<svg viewBox='0 0 32 32'><path fill='#AB47BC' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#E1BEE7' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-effects-open.clone": "<svg viewBox='0 0 32 32'><path fill='#00BCD4' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#E0F7FA' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-effects.clone": "<svg viewBox='0 0 32 32'><path fill='#00BCD4' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#E0F7FA' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-entities-open.clone": "<svg viewBox='0 0 32 32'><path fill='#FBC02D' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#FFF3E0' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-entities.clone": "<svg viewBox='0 0 32 32'><path fill='#FBC02D' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#FFF3E0' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-reducer-open.clone": "<svg viewBox='0 0 32 32'><path fill='#EF5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#FFCDD2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-reducer.clone": "<svg viewBox='0 0 32 32'><path fill='#EF5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#FFCDD2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-selectors-open.clone": "<svg viewBox='0 0 32 32'><path fill='#FF6E40' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#FFCCBC' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-selectors.clone": "<svg viewBox='0 0 32 32'><path fill='#FF6E40' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#FFCCBC' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-state-open.clone": "<svg viewBox='0 0 32 32'><path fill='#9E9D24' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#F0F4C3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
-  "folder-ngrx-state.clone": "<svg viewBox='0 0 32 32'><path fill='#9E9D24' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#F0F4C3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-actions-open.clone": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#e1bee7' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-actions.clone": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e1bee7' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-effects-open.clone": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b2ebf2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-effects.clone": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b2ebf2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-entities-open.clone": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffecb3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-entities.clone": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffecb3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-reducer-open.clone": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-reducer.clone": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-selectors-open.clone": "<svg viewBox='0 0 32 32'><path fill='#ff6e40' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-selectors.clone": "<svg viewBox='0 0 32 32'><path fill='#ff6e40' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-state-open.clone": "<svg viewBox='0 0 32 32'><path fill='#9e9d24' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#f0f4c3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
+  "folder-ngrx-state.clone": "<svg viewBox='0 0 32 32'><path fill='#9e9d24' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f0f4c3' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
   "folder-ngrx-store-open": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#dcedc8' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
   "folder-ngrx-store": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#dcedc8' d='m23 9-9 3 1 12 8 4 8-4 1-12Zm-1.869 2.785a2.3 2.3 0 0 1 1.124.324 5.3 5.3 0 0 0 1.214.305 6.63 6.63 0 0 1 4.433 2.834c.448.875.356 1.348-.33 1.7-.59.303-1.799.157-3.554-.432l-1.481-.497-.527.199a3.53 3.53 0 0 0-1.84 1.73 2.9 2.9 0 0 0-.218 1.622 2.9 2.9 0 0 0 .41 1.645c.35.613 1.15 1.395 1.287 1.259.038-.038-.044-.287-.182-.553a1.1 1.1 0 0 1-.178-.595c.038-.061.4.165.802.504a5.6 5.6 0 0 0 2.898 1.333c.787.081.967-.064.377-.307a1.8 1.8 0 0 1-.547-.363c-.23-.252-.243-.244.738-.462a4.6 4.6 0 0 0 1.887-.996c.023-.073-.173-.102-.495-.077-.292.023-.53-.006-.53-.067a3 3 0 0 1 .53-.656 4.93 4.93 0 0 0 1.585-3.596l.08-1.114.258.53a3.2 3.2 0 0 1 .133 2.148c-.168.605-.056.672.253.152.382-.644.505-.543.438.364a3.95 3.95 0 0 1-1.183 2.561c-.627.68-.551.803.207.34.731-.449.83-.379.453.325a6.08 6.08 0 0 1-3.782 2.831 6.2 6.2 0 0 1-2.487.16 7.33 7.33 0 0 1-5.44-3.849 13 13 0 0 0-.836-1.437c-.403-.542-.436-.785-.166-1.197a.92.92 0 0 0 .111-.73c-.257-1.451-.248-1.496.337-2.088.512-.513.543-.581.543-1.182 0-.52.052-.69.29-.925a1 1 0 0 1 .561-.291 2.88 2.88 0 0 0 1.624-.865 1.67 1.67 0 0 1 1.203-.587'/></svg>",
   "folder-node-open": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#dcedc8' d='m25 12-7 4.072v7.854L25 28l7-4.074v-7.854Z'/></svg>",
   "folder-node": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#dcedc8' d='m25 12-7 4.072v7.854L25 28l7-4.074v-7.854Z'/></svg>",
   "folder-nuxt-open": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#00e676' d='M22.498 27.998h6.927a1.56 1.56 0 0 0 1.127-.617 1.3 1.3 0 0 0 .188-.631 1.26 1.26 0 0 0-.188-.618l-4.685-8.053a1.14 1.14 0 0 0-.443-.443 1.5 1.5 0 0 0-.67-.188 1.29 1.29 0 0 0-1.074.63l-1.182 2.054-2.376-3.986a1.3 1.3 0 0 0-.43-.497 1.52 1.52 0 0 0-1.247 0 1.5 1.5 0 0 0-.51.497l-5.799 9.986a1.2 1.2 0 0 0-.134.618 1.24 1.24 0 0 0 .134.63 1.3 1.3 0 0 0 .497.43 1.3 1.3 0 0 0 .63.188h4.363a4.26 4.26 0 0 0 3.88-2.241l2.12-3.692 1.114-1.933 3.436 5.866h-4.564Zm-4.9-2h-3.04l4.533-7.8 2.28 3.893-1.52 2.667a2.34 2.34 0 0 1-2.267 1.24Z'/></svg>",
   "folder-nuxt": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#00e676' d='M22.498 27.998h6.927a1.56 1.56 0 0 0 1.127-.617 1.3 1.3 0 0 0 .188-.631 1.26 1.26 0 0 0-.188-.618l-4.685-8.053a1.14 1.14 0 0 0-.443-.443 1.5 1.5 0 0 0-.67-.188 1.29 1.29 0 0 0-1.074.63l-1.182 2.054-2.376-3.986a1.3 1.3 0 0 0-.43-.497 1.52 1.52 0 0 0-1.247 0 1.5 1.5 0 0 0-.51.497l-5.799 9.986a1.2 1.2 0 0 0-.134.618 1.24 1.24 0 0 0 .134.63 1.3 1.3 0 0 0 .497.43 1.3 1.3 0 0 0 .63.188h4.363a4.26 4.26 0 0 0 3.88-2.241l2.12-3.692 1.114-1.933 3.436 5.866h-4.564Zm-4.9-2h-3.04l4.533-7.8 2.28 3.893-1.52 2.667a2.34 2.34 0 0 1-2.267 1.24Z'/></svg>",
-  "folder-obsidian-open": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#673AB7' d='M463.47 192H151.06c-13.77 0-26 8.82-30.35 21.89L64 384V160h384c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42l-20.6-17.15c-5.75-4.8-13-7.43-20.48-7.43H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h352l76.88-179.39c1.7-3.98 2.59-8.28 2.59-12.61 0-17.67-14.33-32-32-32'/><g fill='#D1C4E9'><path d='M336.2 318.24c8.07-1.51 12.6-2.02 21.66-2.02-34.18-89.72 48.95-139.27 18.63-155.11-17-8.88-52.32 37.77-72.93 56.26l-10.67 37.41c19.77 16.2 36.25 39.63 43.31 63.46m75.04 128.91c13.05 3.85 26.66-5.92 28.52-19.42 1.35-9.81 3.51-20.65 8.24-30.94-2.66-7.51-25.72-71.18-104.74-56.39 7.6 31.4-4.15 64.54-22.83 91.02 33.14.31 59.29 6.45 90.81 15.73'/><path d='M478.76 346.86c7.02-12.43-16.61-22.28-28.74-50.78-10.52-24.69 4.93-53.82-8.18-66.23l-40.17-38.02c-14.09 38.27-40.29 56.91-17.12 123.38 37.13 6.98 67.48 27.2 77.55 58.42 0 0 13.67-21.49 16.66-26.77m-221.26 5.78c-8.21 18.67 17.96 36.81 43.46 63.29 29-40.73 24.17-88.95-15.12-127.91z'/></g></svg>",
-  "folder-obsidian": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#673AB7' d='m221.5 120.58-20.6-17.16A32 32 0 0 0 180.42 96H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32V160c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42'/><g fill='#D1C4E9'><path d='M336.2 318.24c8.07-1.51 12.6-2.02 21.66-2.02-34.18-89.72 48.95-139.27 18.63-155.11-17-8.88-52.32 37.77-72.93 56.26l-10.67 37.41c19.77 16.2 36.25 39.63 43.31 63.46m75.04 128.91c13.05 3.85 26.66-5.92 28.52-19.42 1.35-9.81 3.51-20.65 8.24-30.94-2.66-7.51-25.72-71.18-104.74-56.39 7.6 31.4-4.15 64.54-22.83 91.02 33.14.31 59.29 6.45 90.81 15.73'/><path d='M478.76 346.86c7.02-12.43-16.61-22.28-28.74-50.78-10.52-24.69 4.93-53.82-8.18-66.23l-40.17-38.02c-14.09 38.27-40.29 56.91-17.12 123.38 37.13 6.98 67.48 27.2 77.55 58.42 0 0 13.67-21.49 16.66-26.77m-221.26 5.78c-8.21 18.67 17.96 36.81 43.46 63.29 29-40.73 24.17-88.95-15.12-127.91z'/></g></svg>",
-  "folder-open": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/></svg>",
+  "folder-obsidian-open": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#673ab7' d='M463.47 192H151.06c-13.77 0-26 8.82-30.35 21.89L64 384V160h384c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42l-20.6-17.15c-5.75-4.8-13-7.43-20.48-7.43H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h352l76.88-179.39c1.7-3.98 2.59-8.28 2.59-12.61 0-17.67-14.33-32-32-32'/><g fill='#d1c4e9'><path d='M336.2 318.24c8.07-1.51 12.6-2.02 21.66-2.02-34.18-89.72 48.95-139.27 18.63-155.11-17-8.88-52.32 37.77-72.93 56.26l-10.67 37.41c19.77 16.2 36.25 39.63 43.31 63.46m75.04 128.91c13.05 3.85 26.66-5.92 28.52-19.42 1.35-9.81 3.51-20.65 8.24-30.94-2.66-7.51-25.72-71.18-104.74-56.39 7.6 31.4-4.15 64.54-22.83 91.02 33.14.31 59.29 6.45 90.81 15.73'/><path d='M478.76 346.86c7.02-12.43-16.61-22.28-28.74-50.78-10.52-24.69 4.93-53.82-8.18-66.23l-40.17-38.02c-14.09 38.27-40.29 56.91-17.12 123.38 37.13 6.98 67.48 27.2 77.55 58.42 0 0 13.67-21.49 16.66-26.77m-221.26 5.78c-8.21 18.67 17.96 36.81 43.46 63.29 29-40.73 24.17-88.95-15.12-127.91z'/></g></svg>",
+  "folder-obsidian": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#673ab7' d='m221.5 120.58-20.6-17.16A32 32 0 0 0 180.42 96H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32V160c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42'/><g fill='#d1c4e9'><path d='M336.2 318.24c8.07-1.51 12.6-2.02 21.66-2.02-34.18-89.72 48.95-139.27 18.63-155.11-17-8.88-52.32 37.77-72.93 56.26l-10.67 37.41c19.77 16.2 36.25 39.63 43.31 63.46m75.04 128.91c13.05 3.85 26.66-5.92 28.52-19.42 1.35-9.81 3.51-20.65 8.24-30.94-2.66-7.51-25.72-71.18-104.74-56.39 7.6 31.4-4.15 64.54-22.83 91.02 33.14.31 59.29 6.45 90.81 15.73'/><path d='M478.76 346.86c7.02-12.43-16.61-22.28-28.74-50.78-10.52-24.69 4.93-53.82-8.18-66.23l-40.17-38.02c-14.09 38.27-40.29 56.91-17.12 123.38 37.13 6.98 67.48 27.2 77.55 58.42 0 0 13.67-21.49 16.66-26.77m-221.26 5.78c-8.21 18.67 17.96 36.81 43.46 63.29 29-40.73 24.17-88.95-15.12-127.91z'/></g></svg>",
+  "folder-open": "<svg viewBox='0 0 16 16'><path fill='#90a4ae' d='M14.483 6H4.721a1 1 0 0 0-.949.684L2 12V5h12a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232l-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h11l2.403-5.606A1 1 0 0 0 14.483 6'/></svg>",
   "folder-other-open": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' d='M22 10a10 10 0 1 0 10 10 10 10 0 0 0-10-10m-6 12.125a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6 0a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6 0a2 2 0 1 1 2-2 2 2 0 0 1-2 2'/></svg>",
   "folder-other": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' d='M22 10a10 10 0 1 0 10 10 10 10 0 0 0-10-10m-6 12.125a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6 0a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6 0a2 2 0 1 1 2-2 2 2 0 0 1-2 2'/></svg>",
   "folder-packages-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M31.2 12.933 29.6 10.8A2 2 0 0 0 28 10h-8a2 2 0 0 0-1.6.8l-1.6 2.133a4 4 0 0 0-.8 2.4V26a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V15.333a4 4 0 0 0-.8-2.4M20 12h8l1.5 2h-11Zm6 10v4h-4v-4h-4l6-6 6 6Z'/></svg>",
@@ -480,6 +511,8 @@
   "folder-plastic": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fffde7' d='m30.973 14.255-6.955-3.984a2.05 2.05 0 0 0-2.033 0l-6.955 3.984A2.05 2.05 0 0 0 14 16.032v7.94a1.93 1.93 0 0 0 1.016 1.708l.984.56v-9.306a1.7 1.7 0 0 1 .14-.58 1.64 1.64 0 0 1 .689-.798l5.398-3.092a1.59 1.59 0 0 1 1.576 0l5.398 3.092a1.6 1.6 0 0 1 .749.983 1.6 1.6 0 0 1 .05.395v6.138a1.58 1.58 0 0 1-.797 1.375l-5.406 3.096a1.6 1.6 0 0 1-.797.21v2.246a2.06 2.06 0 0 0 1.02-.27l6.95-3.982A2.05 2.05 0 0 0 32 23.97v-7.938a2 2 0 0 0-.076-.548 2.03 2.03 0 0 0-.95-1.229Z'/><path fill='#fffde7' d='m23.539 25.412 3.89-2.228a1.14 1.14 0 0 0 .57-.985v-4.402a1.14 1.14 0 0 0-.572-.988l-3.862-2.211a1.14 1.14 0 0 0-1.13 0l-3.862 2.211a1.15 1.15 0 0 0-.512.618 1.2 1.2 0 0 0-.061.37l-.014 9.578L20 28.505v-4.468l2.402 1.375a1.15 1.15 0 0 0 1.137 0m-3.2-3.5a.68.68 0 0 1-.339-.585v-2.649a.7.7 0 0 1 .04-.232.68.68 0 0 1 .304-.36l2.321-1.329a.68.68 0 0 1 .671 0l2.322 1.33a.68.68 0 0 1 .328.45 1 1 0 0 1 .014.141v2.65a.68.68 0 0 1-.34.585l-2.322 1.329a.7.7 0 0 1-.339.09.7.7 0 0 1-.339-.089Z'/></svg>",
   "folder-plugin-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M30.107 20H32v-4a2 2 0 0 0-2-2h-4v-2a2 2 0 0 0-4 0v2h-4a2 2 0 0 0-2 2v4h-2a2 2 0 0 0 0 4h2v4a2 2 0 0 0 2 2h4v-1.893a2.074 2.074 0 0 1 1.664-2.08A2 2 0 0 1 26 28v2h4a2 2 0 0 0 2-2v-4h-2a2 2 0 0 1-1.973-2.336A2.074 2.074 0 0 1 30.107 20'/></svg>",
   "folder-plugin": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M30.107 20H32v-4a2 2 0 0 0-2-2h-4v-2a2 2 0 0 0-4 0v2h-4a2 2 0 0 0-2 2v4h-2a2 2 0 0 0 0 4h2v4a2 2 0 0 0 2 2h4v-1.893a2.074 2.074 0 0 1 1.664-2.08A2 2 0 0 1 26 28v2h4a2 2 0 0 0 2-2v-4h-2a2 2 0 0 1-1.973-2.336A2.074 2.074 0 0 1 30.107 20'/></svg>",
+  "folder-policy-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#90caf9' d='m21.972 21.668.697.696a1.004 1.004 0 0 0 1.414 0l5.626-5.623a1.003 1.003 0 0 0 0-1.413l-.697-.707a1.004 1.004 0 0 0-1.414 0l-.707.707-1.404-1.404a1.003 1.003 0 0 0 0-1.413.99.99 0 0 0-1.404 0l-1.414-1.423.707-.687a.99.99 0 0 0 0-1.403l-.707-.707a.99.99 0 0 0-1.404 0l-5.636 5.633a.99.99 0 0 0 0 1.404l.707.706a.99.99 0 0 0 1.404 0l.717-.706 1.394 1.413-9.56 9.555a1.003 1.003 0 0 0 0 1.413.99.99 0 0 0 1.404 0l9.57-9.565 1.404 1.404-.697.706a.985.985 0 0 0 0 1.414M24 26h6a2 2 0 0 1 2 2v2H22v-2a2 2 0 0 1 2-2'/></svg>",
+  "folder-policy": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#90caf9' d='m21.972 21.668.697.696a1.004 1.004 0 0 0 1.414 0l5.626-5.623a1.003 1.003 0 0 0 0-1.413l-.697-.707a1.004 1.004 0 0 0-1.414 0l-.707.707-1.404-1.404a1.003 1.003 0 0 0 0-1.413.99.99 0 0 0-1.404 0l-1.414-1.423.707-.687a.99.99 0 0 0 0-1.403l-.707-.707a.99.99 0 0 0-1.404 0l-5.636 5.633a.99.99 0 0 0 0 1.404l.707.706a.99.99 0 0 0 1.404 0l.717-.706 1.394 1.413-9.56 9.555a1.003 1.003 0 0 0 0 1.413.99.99 0 0 0 1.404 0l9.57-9.565 1.404 1.404-.697.706a.985.985 0 0 0 0 1.414M24 26h6a2 2 0 0 1 2 2v2H22v-2a2 2 0 0 1 2-2'/></svg>",
   "folder-powershell-open": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M31.25 14.034a1 1 0 0 0-.285-.034H14.496a1.03 1.03 0 0 0-.996.731l-3.461 12A1.007 1.007 0 0 0 11.035 28h16.469a1.03 1.03 0 0 0 .996-.731l3.461-12a1.007 1.007 0 0 0-.71-1.235ZM15.001 26a1 1 0 0 1-.556-1.832l4.986-3.323-3.138-3.138a1 1 0 0 1 1.414-1.414l4 4a1 1 0 0 1-.152 1.54l-6 4A1 1 0 0 1 15 26ZM26 26h-4a1 1 0 0 1 0-2h4a1 1 0 0 1 0 2'/></svg>",
   "folder-powershell": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M31.25 14.034a1 1 0 0 0-.285-.034H14.496a1.03 1.03 0 0 0-.996.731l-3.461 12A1.007 1.007 0 0 0 11.035 28h16.469a1.03 1.03 0 0 0 .996-.731l3.461-12a1.007 1.007 0 0 0-.71-1.235ZM15.001 26a1 1 0 0 1-.556-1.832l4.986-3.323-3.138-3.138a1 1 0 0 1 1.414-1.414l4 4a1 1 0 0 1-.152 1.54l-6 4A1 1 0 0 1 15 26ZM26 26h-4a1 1 0 0 1 0-2h4a1 1 0 0 1 0 2'/></svg>",
   "folder-prisma-open": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#a7ffeb' d='m30.209 26.275-9.76 2.39a.42.42 0 0 1-.51-.224.3.3 0 0 1-.012-.165l3.486-13.827a.35.35 0 0 1 .412-.21.34.34 0 0 1 .221.15l6.457 11.352a.362.362 0 0 1-.218.51zm1.672-.564-7.475-13.144a1.335 1.335 0 0 0-1.647-.453 1.2 1.2 0 0 0-.468.357l-8.106 10.873a.87.87 0 0 0 .014 1.092l3.964 5.083a1.41 1.41 0 0 0 1.432.435l11.503-2.816a1.22 1.22 0 0 0 .79-.567.86.86 0 0 0-.007-.86'/></svg>",
@@ -494,20 +527,22 @@
   "folder-public": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M22 10a10 10 0 1 0 10 10 10 10 0 0 0-10-10m6.918 6H25.96a15.8 15.8 0 0 0-1.342-3.54 8.04 8.04 0 0 1 4.3 3.54M22 12a14.1 14.1 0 0 1 1.89 4h-3.78A14.1 14.1 0 0 1 22 12m-2.618.46A15.8 15.8 0 0 0 18.04 16h-2.958a8.04 8.04 0 0 1 4.3-3.54M14.263 22a7.7 7.7 0 0 1 0-4h3.407a15.5 15.5 0 0 0 0 4Zm.82 2h2.957a15.8 15.8 0 0 0 1.342 3.54 8.04 8.04 0 0 1-4.3-3.54ZM22 28a14.1 14.1 0 0 1-1.89-4h3.78A14.1 14.1 0 0 1 22 28m2.31-6h-4.62a13.4 13.4 0 0 1 0-4h4.62a13.4 13.4 0 0 1 0 4m.308 5.54A15.8 15.8 0 0 0 25.96 24h2.958a8.04 8.04 0 0 1-4.3 3.54M29.737 22H26.33a15.5 15.5 0 0 0 0-4h3.407a7.7 7.7 0 0 1 0 4'/></svg>",
   "folder-python-open": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#0277bd' d='M21.123 10a2.574 2.574 0 0 0-2.574 2.574v1.512h3.86c.352 0 .64.513.64.864h-6.426a2.574 2.574 0 0 0-2.574 2.574v3.404A2.57 2.57 0 0 0 16.62 23.5h1.065v-2.412a2.565 2.565 0 0 1 2.556-2.574h4.734a2.565 2.565 0 0 0 2.574-2.556v-3.384A2.574 2.574 0 0 0 24.975 10zm-.648 1.449c.36 0 .648.109.648.64s-.288.8-.648.8c-.351 0-.64-.27-.64-.8s.289-.64.64-.64'/><path fill='#fdd835' d='M28.412 14.5v2.412a2.565 2.565 0 0 1-2.556 2.574h-4.733a2.565 2.565 0 0 0-2.574 2.556v3.382A2.574 2.574 0 0 0 21.12 28h3.854a2.574 2.574 0 0 0 2.574-2.574v-1.513h-3.862c-.351 0-.638-.512-.638-.863h6.426a2.574 2.574 0 0 0 2.574-2.574v-3.403a2.574 2.574 0 0 0-2.574-2.573Zm-8.675 4.063-.004.003q.017-.003.034-.003Zm5.886 6.547c.35 0 .639.27.639.801a.64.64 0 0 1-.64.64c-.36 0-.647-.109-.647-.64s.288-.8.648-.8Z'/></svg>",
   "folder-python": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#0277bd' d='M21.123 10a2.574 2.574 0 0 0-2.574 2.574v1.512h3.86c.352 0 .64.513.64.864h-6.426a2.574 2.574 0 0 0-2.574 2.574v3.404A2.57 2.57 0 0 0 16.62 23.5h1.065v-2.412a2.565 2.565 0 0 1 2.556-2.574h4.734a2.565 2.565 0 0 0 2.574-2.556v-3.384A2.574 2.574 0 0 0 24.975 10zm-.648 1.449c.36 0 .648.109.648.64s-.288.8-.648.8c-.351 0-.64-.27-.64-.8s.289-.64.64-.64'/><path fill='#fdd835' d='M28.412 14.5v2.412a2.565 2.565 0 0 1-2.556 2.574h-4.733a2.565 2.565 0 0 0-2.574 2.556v3.382A2.574 2.574 0 0 0 21.12 28h3.854a2.574 2.574 0 0 0 2.574-2.574v-1.513h-3.862c-.351 0-.638-.512-.638-.863h6.426a2.574 2.574 0 0 0 2.574-2.574v-3.403a2.574 2.574 0 0 0-2.574-2.573Zm-8.675 4.063-.004.003q.017-.003.034-.003Zm5.886 6.547c.35 0 .639.27.639.801a.64.64 0 0 1-.64.64c-.36 0-.647-.109-.647-.64s.288-.8.648-.8Z'/></svg>",
+  "folder-pytorch-open": "<svg viewBox='0 0 32 32'><path fill='#f4511e' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffab91' d='M23.334 14.011a1.334 1.334 0 0 1 1.333-1.335 1.335 1.335 0 1 1-1.333 1.335m6.497 5.29a7.5 7.5 0 0 0-1.449-3.066 8 8 0 0 0-.734-.814l-1.883 1.892a6 6 0 0 1 .498.543 4.9 4.9 0 0 1 .961 2.01 5 5 0 0 1 .11.822 5.334 5.334 0 0 1-10.667.016v-.016a3.86 3.86 0 0 1 .463-1.845 5 5 0 0 1 .852-1.267c.12-.12 1.209-1.166 2.493-2.394l1.537-1.473L22 10l-3.372 3.255a337 337 0 0 0-2.584 2.486 7.7 7.7 0 0 0-1.327 1.965A6.54 6.54 0 0 0 14 20.688a8 8 0 1 0 16-.02 8 8 0 0 0-.17-1.366'/></svg>",
+  "folder-pytorch": "<svg viewBox='0 0 32 32'><path fill='#f4511e' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffab91' d='M23.334 14.011a1.334 1.334 0 0 1 1.333-1.335 1.335 1.335 0 1 1-1.333 1.335m6.497 5.29a7.5 7.5 0 0 0-1.449-3.066 8 8 0 0 0-.734-.814l-1.883 1.892a6 6 0 0 1 .498.543 4.9 4.9 0 0 1 .961 2.01 5 5 0 0 1 .11.822 5.334 5.334 0 0 1-10.667.016v-.016a3.86 3.86 0 0 1 .463-1.845 5 5 0 0 1 .852-1.267c.12-.12 1.209-1.166 2.493-2.394l1.537-1.473L22 10l-3.372 3.255a337 337 0 0 0-2.584 2.486 7.7 7.7 0 0 0-1.327 1.965A6.54 6.54 0 0 0 14 20.688a8 8 0 1 0 16-.02 8 8 0 0 0-.17-1.366'/></svg>",
   "folder-quasar-open": "<svg viewBox='0 0 32 32'><path fill='#1976d2' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M24.026 20A2.028 2.028 0 1 1 22 18.048 1.99 1.99 0 0 1 24.026 20m6.967-5.002a10 10 0 0 0-1.59-2.002L27.06 14.3a7.9 7.9 0 0 0-2.445-1.365 9.3 9.3 0 0 0-1.893 2.6 11.74 11.74 0 0 1 7.8 2.618l1.473-.819A9.8 9.8 0 0 0 30.993 15Zm0 10.002A9.8 9.8 0 0 0 32 22.67l-2.342-1.303a7.2 7.2 0 0 0 .005-2.72 10 10 0 0 0-3.285-.278 10.7 10.7 0 0 1 1.545 7.812l1.473.82A10 10 0 0 0 30.993 25m-8.992 5a10.8 10.8 0 0 0 2.597-.326v-2.603a7.9 7.9 0 0 0 2.451-1.357 9.1 9.1 0 0 0-1.392-2.88 11.36 11.36 0 0 1-6.255 5.196v1.64a10.8 10.8 0 0 0 2.599.33m-8.994-5a10 10 0 0 0 1.592 2.004L16.94 25.7a7.8 7.8 0 0 0 2.447 1.365 9.3 9.3 0 0 0 1.891-2.6 11.75 11.75 0 0 1-7.8-2.618l-1.471.819a9.8 9.8 0 0 0 1 2.333Zm0-10A9.8 9.8 0 0 0 12 17.33l2.343 1.303a7.2 7.2 0 0 0-.005 2.72 10 10 0 0 0 3.286.278 10.7 10.7 0 0 1-1.545-7.814l-1.475-.82a10 10 0 0 0-1.597 2.005Zm8.992-5a10.8 10.8 0 0 0-2.597.326v2.603a7.9 7.9 0 0 0-2.45 1.357 9.1 9.1 0 0 0 1.393 2.88A11.35 11.35 0 0 1 24.6 11.97v-1.64A10.8 10.8 0 0 0 22 10Z'/></svg>",
   "folder-quasar": "<svg viewBox='0 0 32 32'><path fill='#1976d2' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M24.026 20A2.028 2.028 0 1 1 22 18.048 1.99 1.99 0 0 1 24.026 20m6.967-5.002a10 10 0 0 0-1.59-2.002L27.06 14.3a7.9 7.9 0 0 0-2.445-1.365 9.3 9.3 0 0 0-1.893 2.6 11.74 11.74 0 0 1 7.8 2.618l1.473-.819A9.8 9.8 0 0 0 30.993 15Zm0 10.002A9.8 9.8 0 0 0 32 22.67l-2.342-1.303a7.2 7.2 0 0 0 .005-2.72 10 10 0 0 0-3.285-.278 10.7 10.7 0 0 1 1.545 7.812l1.473.82A10 10 0 0 0 30.993 25m-8.992 5a10.8 10.8 0 0 0 2.597-.326v-2.603a7.9 7.9 0 0 0 2.451-1.357 9.1 9.1 0 0 0-1.392-2.88 11.36 11.36 0 0 1-6.255 5.196v1.64a10.8 10.8 0 0 0 2.599.33m-8.994-5a10 10 0 0 0 1.592 2.004L16.94 25.7a7.8 7.8 0 0 0 2.447 1.365 9.3 9.3 0 0 0 1.891-2.6 11.75 11.75 0 0 1-7.8-2.618l-1.471.819a9.8 9.8 0 0 0 1 2.333Zm0-10A9.8 9.8 0 0 0 12 17.33l2.343 1.303a7.2 7.2 0 0 0-.005 2.72 10 10 0 0 0 3.286.278 10.7 10.7 0 0 1-1.545-7.814l-1.475-.82a10 10 0 0 0-1.597 2.005Zm8.992-5a10.8 10.8 0 0 0-2.597.326v2.603a7.9 7.9 0 0 0-2.45 1.357 9.1 9.1 0 0 0 1.393 2.88A11.35 11.35 0 0 1 24.6 11.97v-1.64A10.8 10.8 0 0 0 22 10Z'/></svg>",
   "folder-queue-open": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M24 16v-2h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3v-2h-2v-8Zm8-2v-2h-5a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h5v-2h-4V14Zm-16 2h2v8h-2z'/></svg>",
   "folder-queue": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M24 16v-2h-3a1 1 0 0 0-1 1v10a1 1 0 0 0 1 1h3v-2h-2v-8Zm8-2v-2h-5a1 1 0 0 0-1 1v14a1 1 0 0 0 1 1h5v-2h-4V14Zm-16 2h2v8h-2z'/></svg>",
-  "folder-react-components-open": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='M24.645 27.333H4.665A2.665 2.665 0 0 1 2 24.667v-16A2.656 2.656 0 0 1 4.646 6h8.01l2.665 2.667h9.324a2.68 2.68 0 0 1 2.664 2.666H4.664v13.334L7.514 14h22.739l-3.037 11.333a2.67 2.67 0 0 1-2.571 2'/><path fill='#b2ebf2' d='M21 18.035a1.923 1.923 0 1 1-.004 0zm-4.738 10.284c.645.395 2.057-.208 3.685-1.768q-.82-.948-1.545-1.977a23 23 0 0 1-2.456-.373c-.522 2.224-.328 3.754.316 4.116m.727-5.966-.297-.532a8 8 0 0 0-.296.894c.277.062.583.116.9.168l-.307-.532m6.692-.79L24.51 20l-.83-1.559c-.305-.55-.633-1.039-.93-1.528-.554-.032-1.137-.032-1.749-.032-.614 0-1.199 0-1.75.032-.298.489-.624.978-.932 1.528L17.49 20l.83 1.56c.307.55.633 1.04.93 1.528.554.031 1.137.031 1.75.031s1.198 0 1.75-.03c.297-.49.623-.978.93-1.53M21 14.573c-.194.23-.4.467-.603.749h1.206c-.204-.282-.408-.52-.603-.75m0 10.856c.194-.228.4-.468.603-.748h-1.206c.204.282.408.519.603.748m4.728-13.746c-.635-.395-2.047.208-3.675 1.768a25 25 0 0 1 1.545 1.975 23 23 0 0 1 2.456.375c.523-2.225.328-3.753-.326-4.116m-.717 5.967.297.53a8 8 0 0 0 .296-.895 16 16 0 0 0-.9-.165zm1.483-7.33c1.505.873 1.668 3.17 1.035 5.854C30.128 16.955 32 18.245 32 20c0 1.758-1.872 3.047-4.473 3.828.635 2.682.472 4.98-1.033 5.854-1.493.873-3.53-.126-5.493-2.029-1.966 1.903-4.002 2.902-5.507 2.029-1.493-.874-1.656-3.172-1.023-5.854C11.874 23.048 10 21.758 10 20s1.874-3.045 4.473-3.825c-.635-2.683-.472-4.981 1.023-5.855 1.503-.873 3.54.125 5.504 2.029 1.964-1.904 4-2.902 5.494-2.029M26.198 20a23 23 0 0 1 .911 2.352c2.149-.656 3.355-1.592 3.355-2.352 0-.758-1.206-1.693-3.355-2.35a24 24 0 0 1-.91 2.35m-10.397 0a24 24 0 0 1-.911-2.35c-2.148.657-3.355 1.592-3.355 2.35 0 .76 1.207 1.696 3.355 2.352a24 24 0 0 1 .91-2.352m9.21 2.352-.306.53c.316-.052.624-.104.899-.168a9 9 0 0 0-.296-.894zm-2.958 4.2c1.628 1.559 3.04 2.162 3.675 1.768.655-.364.85-1.892.326-4.118a23 23 0 0 1-2.455.375 25 25 0 0 1-1.544 1.975m-5.066-8.901.306-.53a14 14 0 0 0-.899.167 9 9 0 0 0 .296.894zm2.958-4.2c-1.628-1.56-3.04-2.162-3.685-1.768-.644.364-.84 1.892-.316 4.117a23 23 0 0 1 2.455-.375 25 25 0 0 1 1.544-1.975Z'/></svg>",
-  "folder-react-components": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='M12.656 6H4.664A2.656 2.656 0 0 0 2 8.648v16.019a2.68 2.68 0 0 0 2.664 2.666h21.313a2.68 2.68 0 0 0 2.664-2.666V11.333a2.665 2.665 0 0 0-2.664-2.666H15.321Z'/><path fill='#b2ebf2' d='M21 18.035a1.923 1.923 0 1 1-.004 0zm-4.738 10.284c.645.395 2.057-.208 3.685-1.768q-.82-.948-1.545-1.977a23 23 0 0 1-2.456-.373c-.522 2.224-.328 3.754.316 4.116m.727-5.966-.297-.532a8 8 0 0 0-.296.894c.277.062.583.116.9.168l-.307-.532m6.692-.79L24.51 20l-.83-1.559c-.305-.55-.633-1.039-.93-1.528-.554-.032-1.137-.032-1.749-.032-.614 0-1.199 0-1.75.032-.298.489-.624.978-.932 1.528L17.49 20l.83 1.56c.307.55.633 1.04.93 1.528.554.031 1.137.031 1.75.031s1.198 0 1.75-.03c.297-.49.623-.978.93-1.53M21 14.573c-.194.23-.4.467-.603.749h1.206c-.204-.282-.408-.52-.603-.75m0 10.856c.194-.228.4-.468.603-.748h-1.206c.204.282.408.519.603.748m4.728-13.746c-.635-.395-2.047.208-3.675 1.768a25 25 0 0 1 1.545 1.975 23 23 0 0 1 2.456.375c.523-2.225.328-3.753-.326-4.116m-.717 5.967.297.53a8 8 0 0 0 .296-.895 16 16 0 0 0-.9-.165zm1.483-7.33c1.505.873 1.668 3.17 1.035 5.854C30.128 16.955 32 18.245 32 20c0 1.758-1.872 3.047-4.473 3.828.635 2.682.472 4.98-1.033 5.854-1.493.873-3.53-.126-5.493-2.029-1.966 1.903-4.002 2.902-5.507 2.029-1.493-.874-1.656-3.172-1.023-5.854C11.874 23.048 10 21.758 10 20s1.874-3.045 4.473-3.825c-.635-2.683-.472-4.981 1.023-5.855 1.503-.873 3.54.125 5.504 2.029 1.964-1.904 4-2.902 5.494-2.029M26.198 20a23 23 0 0 1 .911 2.352c2.149-.656 3.355-1.592 3.355-2.352 0-.758-1.206-1.693-3.355-2.35a24 24 0 0 1-.91 2.35m-10.397 0a24 24 0 0 1-.911-2.35c-2.148.657-3.355 1.592-3.355 2.35 0 .76 1.207 1.696 3.355 2.352a24 24 0 0 1 .91-2.352m9.21 2.352-.306.53c.316-.052.624-.104.899-.168a9 9 0 0 0-.296-.894zm-2.958 4.2c1.628 1.559 3.04 2.162 3.675 1.768.655-.364.85-1.892.326-4.118a23 23 0 0 1-2.455.375 25 25 0 0 1-1.544 1.975m-5.066-8.901.306-.53a14 14 0 0 0-.899.167 9 9 0 0 0 .296.894zm2.958-4.2c-1.628-1.56-3.04-2.162-3.685-1.768-.644.364-.84 1.892-.316 4.117a23 23 0 0 1 2.455-.375 25 25 0 0 1 1.544-1.975Z'/></svg>",
-  "folder-redux-actions-open.clone": "<svg viewBox='0 0 32 32'><path fill='#AB47BC' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
-  "folder-redux-actions.clone": "<svg viewBox='0 0 32 32'><path fill='#AB47BC' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#E1BEE7' stroke='#E1BEE7' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-react-components-open": "<svg viewBox='0 0 16 16'><path fill='#00bcd4' d='M14.484 6H4.72a1 1 0 0 0-.949.684L2 12V5h13a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232l-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h11l2.403-5.606A1 1 0 0 0 14.483 6'/><g fill='#b2ebf2'><path d='M10.5 8.399c2.924 0 4.714 1.037 4.714 1.6s-1.79 1.602-4.714 1.602S5.785 10.564 5.785 10s1.79-1.601 4.715-1.601m0-.8c-3.038 0-5.5 1.075-5.5 2.4s2.462 2.402 5.5 2.402S16 11.326 16 10s-2.463-2.401-5.5-2.401'/><path d='M10.5 9.2a.786.8 0 1 0 .785.8.786.8 0 0 0-.785-.8'/><path d='M8.322 5.8c.793 0 2.333 1.272 3.538 3.4 1.463 2.58 1.476 4.677.997 4.959a.354.36 0 0 1-.18.04c-.792 0-2.333-1.271-3.538-3.399-1.463-2.58-1.476-4.677-.997-4.96a.354.36 0 0 1 .18-.04m0-.8a1.128 1.149 0 0 0-.572.147c-1.128.663-.81 3.374.708 6.054C9.748 13.478 11.491 15 12.678 15a1.128 1.149 0 0 0 .572-.148c1.127-.663.81-3.373-.71-6.053C11.25 6.522 9.509 5 8.323 5Z'/><path d='M12.677 5.8a.354.36 0 0 1 .18.04c.48.283.466 2.38-.997 4.96-1.206 2.128-2.746 3.4-3.538 3.4a.354.36 0 0 1-.18-.04c-.48-.284-.466-2.38.997-4.96 1.206-2.128 2.746-3.4 3.538-3.4m0-.8c-1.186 0-2.929 1.522-4.22 3.8-1.517 2.68-1.835 5.39-.707 6.052a1.128 1.149 0 0 0 .572.148c1.186 0 2.929-1.523 4.22-3.8 1.517-2.68 1.835-5.39.708-6.052A1.128 1.149 0 0 0 12.677 5'/></g></svg>",
+  "folder-react-components": "<svg viewBox='0 0 16 16'><path fill='#00bcd4' d='m6.922 3.768-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232'/><g fill='#b2ebf2'><path d='M10.5 8.399c2.924 0 4.714 1.037 4.714 1.6s-1.79 1.602-4.714 1.602S5.785 10.564 5.785 10s1.79-1.601 4.715-1.601m0-.8c-3.038 0-5.5 1.075-5.5 2.4s2.462 2.402 5.5 2.402S16 11.326 16 10s-2.463-2.401-5.5-2.401'/><path d='M10.5 9.2a.786.8 0 1 0 .785.8.786.8 0 0 0-.785-.8'/><path d='M8.322 5.8c.793 0 2.333 1.272 3.538 3.4 1.463 2.58 1.476 4.677.997 4.959a.354.36 0 0 1-.18.04c-.792 0-2.333-1.271-3.538-3.399-1.463-2.58-1.476-4.677-.997-4.96a.354.36 0 0 1 .18-.04m0-.8a1.128 1.149 0 0 0-.572.147c-1.128.663-.81 3.374.708 6.054C9.748 13.478 11.491 15 12.678 15a1.128 1.149 0 0 0 .572-.148c1.127-.663.81-3.373-.71-6.053C11.25 6.522 9.509 5 8.323 5Z'/><path d='M12.677 5.8a.354.36 0 0 1 .18.04c.48.283.466 2.38-.997 4.96-1.206 2.128-2.746 3.4-3.538 3.4a.354.36 0 0 1-.18-.04c-.48-.284-.466-2.38.997-4.96 1.206-2.128 2.746-3.4 3.538-3.4m0-.8c-1.186 0-2.929 1.522-4.22 3.8-1.517 2.68-1.835 5.39-.707 6.052a1.128 1.149 0 0 0 .572.148c1.186 0 2.929-1.523 4.22-3.8 1.517-2.68 1.835-5.39.708-6.052A1.128 1.149 0 0 0 12.677 5'/></g></svg>",
+  "folder-redux-actions-open.clone": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-redux-actions.clone": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#f3e5f5' stroke='#f3e5f5' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
   "folder-redux-reducer-open": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
   "folder-redux-reducer": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#ffcdd2' stroke='#ffcdd2' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
-  "folder-redux-selector-open.clone": "<svg viewBox='0 0 32 32'><path fill='#FF6E40' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
-  "folder-redux-selector.clone": "<svg viewBox='0 0 32 32'><path fill='#FF6E40' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#FFCCBC' stroke='#FFCCBC' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
-  "folder-redux-store-open.clone": "<svg viewBox='0 0 32 32'><path fill='#8BC34A' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
-  "folder-redux-store.clone": "<svg viewBox='0 0 32 32'><path fill='#8BC34A' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#DCEDC8' stroke='#DCEDC8' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-redux-selector-open.clone": "<svg viewBox='0 0 32 32'><path fill='#ff6e40' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-redux-selector.clone": "<svg viewBox='0 0 32 32'><path fill='#ff6e40' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#ffccbc' stroke='#ffccbc' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-redux-store-open.clone": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
+  "folder-redux-store.clone": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='M25.948 24.114a1.65 1.65 0 0 0 .97-.6 1.8 1.8 0 0 0 .381-1.274 1.72 1.72 0 0 0-1.69-1.596h-.06a1.724 1.724 0 0 0-1.61 1.814 1.85 1.85 0 0 0 .34.985 8.85 8.85 0 0 1-3.863 3.799 6.15 6.15 0 0 1-3.876.771 3.13 3.13 0 0 1-2.32-1.411 3.67 3.67 0 0 1-.18-3.738 5.8 5.8 0 0 1 1.605-1.986.3.3 0 0 0 .098-.313 14 14 0 0 1-.315-1.298.29.29 0 0 0-.172-.213.28.28 0 0 0-.272.036c-3.731 2.836-3.326 6.763-2.188 8.579a5.36 5.36 0 0 0 4.294 2.229q.125 0 .24-.005h.04a6 6 0 0 0 1.5-.188 9.88 9.88 0 0 0 7.078-5.591Z'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='M30.327 20.428a10.12 10.12 0 0 0-7.774-3.69q-.133 0-.265.003h-.234a1.61 1.61 0 0 0-1.377-.78h-.053a1.62 1.62 0 0 0-1.175.535 1.806 1.806 0 0 0 .039 2.466 1.67 1.67 0 0 0 1.19.494h.064a1.68 1.68 0 0 0 1.375-.886h.27a8.83 8.83 0 0 1 5.126 1.646 6.6 6.6 0 0 1 2.522 3.202 3.48 3.48 0 0 1-.046 2.831 3.39 3.39 0 0 1-3.137 1.97 5.8 5.8 0 0 1-2.32-.522.27.27 0 0 0-.304.054 14 14 0 0 1-1.088.912.294.294 0 0 0 .039.495 7.7 7.7 0 0 0 3.313.84l.192.002a5.66 5.66 0 0 0 4.886-2.948 6.39 6.39 0 0 0-1.243-6.624Z'/><path fill='#dcedc8' stroke='#dcedc8' stroke-linejoin='round' stroke-width='.293' d='m17.249 24.295.123-.01-.123.02a1.705 1.705 0 0 0 1.67 1.682h.053a1.715 1.715 0 0 0 1.64-1.778 1.78 1.78 0 0 0-.507-1.224 1.6 1.6 0 0 0-1.187-.493h-.076a9.6 9.6 0 0 1-1.154-5.448 6.83 6.83 0 0 1 1.39-3.853 3.97 3.97 0 0 1 2.842-1.363h.055c2.438 0 3.415 3.34 3.477 4.491a.29.29 0 0 0 .216.265c.299.073.822.246 1.213.384a.27.27 0 0 0 .266-.048.3.3 0 0 0 .105-.247C26.928 12.088 24.204 10 21.804 10a5.96 5.96 0 0 0-5.36 4.39 11.38 11.38 0 0 0 .936 9.155 1.5 1.5 0 0 0-.131.75Z'/></svg>",
   "folder-repository-open": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c8e6c9' d='M20 10a2 2 0 0 0-1.6.8l-1.6 2.134a4 4 0 0 0-.8 2.398V26a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V15.332a4 4 0 0 0-.8-2.398L29.6 10.8A2 2 0 0 0 28 10zm0 2h8l1.5 2h-11zm2 4h4v4h4l-6 6-6-6h4z'/></svg>",
   "folder-repository": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#c8e6c9' d='M20 10a2 2 0 0 0-1.6.8l-1.6 2.134a4 4 0 0 0-.8 2.398V26a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V15.332a4 4 0 0 0-.8-2.398L29.6 10.8A2 2 0 0 0 28 10zm0 2h8l1.5 2h-11zm2 4h4v4h4l-6 6-6-6h4z'/></svg>",
   "folder-resolver-open": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c8e6c9' d='M29.216 14 20.6 22.159l-3.816-3.614L14 21.183 20.6 28 32 17.205Z'/></svg>",
@@ -518,14 +553,14 @@
   "folder-review": "<svg viewBox='0 0 32 32'><path fill='#2196f3' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><circle cx='21' cy='21' r='3' fill='#bbdefb'/><path fill='#bbdefb' d='M21 14c-4.66 0-9.35 2.91-11 7 1.65 4.09 6.34 7 11 7s9.35-2.91 11-7c-1.65-4.09-6.34-7-11-7m0 12a5 5 0 1 1 5-5 5 5 0 0 1-5 5'/></svg>",
   "folder-robot-open": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M10.5 26H12v-6h-1.5a.5.5 0 0 0-.5.5v5a.5.5 0 0 0 .5.5M30 20v6h1.5a.5.5 0 0 0 .5-.5v-5a.5.5 0 0 0-.5-.5Zm-8.5-8h-1a.5.5 0 0 0-.5.5V16h-5.5a.5.5 0 0 0-.5.5v11a.5.5 0 0 0 .5.5h13a.5.5 0 0 0 .5-.5v-11a.5.5 0 0 0-.5-.5H22v-3.5a.5.5 0 0 0-.5-.5M18 18a2 2 0 1 1-2 2 2 2 0 0 1 2-2m8 8H16v-2h10Zm-2-8a2 2 0 1 1-2 2 2 2 0 0 1 2-2'/></svg>",
   "folder-robot": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M10.5 26H12v-6h-1.5a.5.5 0 0 0-.5.5v5a.5.5 0 0 0 .5.5M30 20v6h1.5a.5.5 0 0 0 .5-.5v-5a.5.5 0 0 0-.5-.5Zm-8.5-8h-1a.5.5 0 0 0-.5.5V16h-5.5a.5.5 0 0 0-.5.5v11a.5.5 0 0 0 .5.5h13a.5.5 0 0 0 .5-.5v-11a.5.5 0 0 0-.5-.5H22v-3.5a.5.5 0 0 0-.5-.5M18 18a2 2 0 1 1-2 2 2 2 0 0 1 2-2m8 8H16v-2h10Zm-2-8a2 2 0 1 1-2 2 2 2 0 0 1 2-2'/></svg>",
-  "folder-root-open": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='M16 5A11 11 0 1 1 5 16 11.01 11.01 0 0 1 16 5m0-3a14 14 0 1 0 14 14A14 14 0 0 0 16 2'/></svg>",
-  "folder-root": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='M16 5A11 11 0 1 1 5 16 11.01 11.01 0 0 1 16 5m0-3a14 14 0 1 0 14 14A14 14 0 0 0 16 2m0 8a6 6 0 1 0 6 6 6 6 0 0 0-6-6'/></svg>",
+  "folder-root-open": "<svg viewBox='0 0 16 16'><circle cx='8' cy='8' r='6' fill='none' stroke='#90a4ae' stroke-width='2'/></svg>",
+  "folder-root": "<svg viewBox='0 0 16 16'><circle cx='8' cy='8' r='6' fill='none' stroke='#90a4ae' stroke-width='2'/><circle cx='8' cy='8' r='3' fill='#90a4ae'/></svg>",
   "folder-routes-open": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c8e6c9' d='M17.414 14.586 20 12h-8v8l2.586-2.586 4.91 4.91A1.7 1.7 0 0 1 20 23.541V28h4v-4.459a5.68 5.68 0 0 0-1.676-4.045ZM29.36 12l-5.61 4.93.57.57a5.6 5.6 0 0 1 1.56 2.89L32 15.01Z'/></svg>",
   "folder-routes": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#c8e6c9' d='M17.414 14.586 20 12h-8v8l2.586-2.586 4.91 4.91A1.7 1.7 0 0 1 20 23.541V28h4v-4.459a5.68 5.68 0 0 0-1.676-4.045ZM29.36 12l-5.61 4.93.57.57a5.6 5.6 0 0 1 1.56 2.89L32 15.01Z'/></svg>",
   "folder-rules-open": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M30 14h-2a3 3 0 0 0-6 0h-2a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V16a2 2 0 0 0-2-2m-5-1a1 1 0 1 1-1 1 1.003 1.003 0 0 1 1-1m-1.547 11.597-3.093-3.093 1.09-1.09 2.003 1.995 5.096-5.096 1.091 1.099Z'/></svg>",
   "folder-rules": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffcdd2' d='M30 14h-2a3 3 0 0 0-6 0h-2a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V16a2 2 0 0 0-2-2m-5-1a1 1 0 1 1-1 1 1.003 1.003 0 0 1 1-1m-1.547 11.597-3.093-3.093 1.09-1.09 2.003 1.995 5.096-5.096 1.091 1.099Z'/></svg>",
-  "folder-rust-open": "<svg viewBox='0 0 32 32'><path fill='#FF7043' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' d='M30 24v1a1 1 0 0 1-2 0v-1a2 2 0 0 0-2-2 3 3 0 0 0 2.996-3.16A3.115 3.114 0 0 0 25.83 16H14v2h2v8h-2v2h8v-2h-2v-2h4c.82.819.297 2.308 1.179 3.37a1.89 1.89 0 0 0 1.46.63H32v-4zm-6-4h-4v-2h4a1 1 0 0 1 0 2'/></svg>",
-  "folder-rust": "<svg viewBox='0 0 32 32'><path fill='#FF7043' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' d='M30 24v1a1 1 0 0 1-2 0v-1a2 2 0 0 0-2-2 3 3 0 0 0 2.996-3.16A3.115 3.114 0 0 0 25.83 16H14v2h2v8h-2v2h8v-2h-2v-2h4c.82.819.297 2.308 1.179 3.37a1.89 1.89 0 0 0 1.46.63H32v-4zm-6-4h-4v-2h4a1 1 0 0 1 0 2'/></svg>",
+  "folder-rust-open": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffccbc' d='M30 24v1a1 1 0 0 1-2 0v-1a2 2 0 0 0-2-2 3 3 0 0 0 2.996-3.16A3.115 3.114 0 0 0 25.83 16H14v2h2v8h-2v2h8v-2h-2v-2h4c.82.819.297 2.308 1.179 3.37a1.89 1.89 0 0 0 1.46.63H32v-4zm-6-4h-4v-2h4a1 1 0 0 1 0 2'/></svg>",
+  "folder-rust": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#ffccbc' d='M30 24v1a1 1 0 0 1-2 0v-1a2 2 0 0 0-2-2 3 3 0 0 0 2.996-3.16A3.115 3.114 0 0 0 25.83 16H14v2h2v8h-2v2h8v-2h-2v-2h4c.82.819.297 2.308 1.179 3.37a1.89 1.89 0 0 0 1.46.63H32v-4zm-6-4h-4v-2h4a1 1 0 0 1 0 2'/></svg>",
   "folder-sandbox-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.965 12.001H9.44a2 2 0 0 0-1.898 1.368L3.998 24.001v-14h24a2 2 0 0 0-2-2H15.122a2 2 0 0 1-1.28-.464l-1.288-1.072a2 2 0 0 0-1.28-.464H3.998a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212a2 2 0 0 0-1.838-2.788'/><path fill='#bbdefb' d='M21 20h-6a1 1 0 0 1-1-1v-6a1 1 0 0 1 1-1h6a1 1 0 0 1 1 1v6a1 1 0 0 1-1 1m7-8a4 4 0 1 0 4 4 4 4 0 0 0-4-4m.707 17.707 3-3a1 1 0 0 0 0-1.414l-3-3a1 1 0 0 0-1.414 0l-3 3a1 1 0 0 0 0 1.414l3 3a1 1 0 0 0 1.414 0m-11.581-7.193-2.999 6A1 1 0 0 0 15.001 30H21a1 1 0 0 0 .874-1.486l-2.999-6a1 1 0 0 0-1.748 0'/></svg>",
   "folder-sandbox": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M21 20h-6a1 1 0 0 1-1-1v-6a1 1 0 0 1 1-1h6a1 1 0 0 1 1 1v6a1 1 0 0 1-1 1m7-8a4 4 0 1 0 4 4 4 4 0 0 0-4-4m.707 17.707 3-3a1 1 0 0 0 0-1.414l-3-3a1 1 0 0 0-1.414 0l-3 3a1 1 0 0 0 0 1.414l3 3a1 1 0 0 0 1.414 0m-11.581-7.193-2.999 6A1 1 0 0 0 15.001 30H21a1 1 0 0 0 .874-1.486l-2.999-6a1 1 0 0 0-1.748 0'/></svg>",
   "folder-sass-open": "<svg viewBox='0 0 32 32'><path fill='#f06292' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fce4ec' d='M31.897 12.592a3 3 0 0 0-1.53-1.912 7.95 7.95 0 0 0-6.348-.05 17.4 17.4 0 0 0-5.864 3.557c-1.83 1.81-2.288 3.496-2.124 4.39.346 1.89 2.181 3.227 3.658 4.3.314.23.618.45.876.657-.92.513-2.916 1.749-3.483 3.074a2.9 2.9 0 0 0-.074 2.347 1.57 1.57 0 0 0 .874.903 3.5 3.5 0 0 0 .986.142 4.14 4.14 0 0 0 3.438-2.025 5.03 5.03 0 0 0 .55-3.886 4.5 4.5 0 0 1 1.46-.034 2.64 2.64 0 0 1 1.927.96 1.44 1.44 0 0 1 .304.968 1.2 1.2 0 0 1-.55.805c-.159.104-.356.233-.31.504.028.151.13.393.532.313a1.99 1.99 0 0 0 1.392-1.841 2.9 2.9 0 0 0-.801-2.051 3.9 3.9 0 0 0-2.897-1.135 6.5 6.5 0 0 0-1.813.226 13 13 0 0 0-1.498-1.346c-1.165-.947-2.265-1.842-2.2-3.125.085-1.654 1.672-3.306 4.716-4.909 2.7-1.422 4.894-1.47 6.04-1.041a1.44 1.44 0 0 1 .858.674 2.23 2.23 0 0 1-.257 1.866 6.57 6.57 0 0 1-5.023 3.105 2.56 2.56 0 0 1-2.225-.565c-.189-.219-.37-.423-.65-.263-.332.196-.175.625-.123.768a2.6 2.6 0 0 0 1.578 1.342 7.32 7.32 0 0 0 4.752-.482c2.631-1.078 4.384-3.933 3.83-6.236ZM21.301 26.118a3 3 0 0 1-.13.345 3.4 3.4 0 0 1-.517.795c-.648.743-1.499.978-1.776.808a.27.27 0 0 1-.088-.187 2.5 2.5 0 0 1 .742-1.704 7.8 7.8 0 0 1 1.865-1.445 3.05 3.05 0 0 1-.096 1.388'/></svg>",
@@ -539,7 +574,7 @@
   "folder-secure-open": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fff9c4' d='M28 16v-3.828a4.116 4.116 0 0 0-3.607-4.153A4 4 0 0 0 20 12v4h-2a2 2 0 0 0-2 2v8a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2v-8a2 2 0 0 0-2-2Zm-4 8a2 2 0 1 1 2-2 2 2 0 0 1-2 2m2-8h-4v-4a2 2 0 0 1 4 0Z'/></svg>",
   "folder-secure": "<svg viewBox='0 0 32 32'><path fill='#f9a825' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fff9c4' d='M28 16v-3.828a4.116 4.116 0 0 0-3.607-4.153A4 4 0 0 0 20 12v4h-2a2 2 0 0 0-2 2v8a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2v-8a2 2 0 0 0-2-2Zm-4 8a2 2 0 1 1 2-2 2 2 0 0 1-2 2m2-8h-4v-4a2 2 0 0 1 4 0Z'/></svg>",
   "folder-seeders-open": "<svg clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 3200 3200'><path fill='#43a047' d='M2340.5 1199.5c-18.05 5.55-36.72 11.21-56 17a565 565 0 0 0-62 21q-441.75 165.75-603 609c-2.04 4.44-3.7 9.11-5 14-1.4 3.2-2.4 6.53-3 10-3.64 7.59-6.31 15.59-8 24-2.11 4-3.44 8.34-4 13-.61.89-.94 1.89-1 3-1.78 3-2.78 6.34-3 10-.67 2.67-1.33 5.33-2 8-1.57 1.6-2.24 3.6-2 6-.92 2.92-1.58 5.92-2 9-1.9 2.2-2.9 4.86-3 8-.33 2-.67 4-1 6-1.42 2.01-2.09 4.35-2 7v1c-.62.11-1.12.44-1.5 1a103 103 0 0 0-3.5 17c-21.96 92.4-35.63 186.07-41 281a821 821 0 0 0-4 73v2c-1.16 46.16-1.33 92.5-.5 139 .89 16.16 1.73 32.16 2.5 48v11c.18 7.19.85 14.19 2 21 .47 13.68 1.13 27.34 2 41-386.33.17-772.67 0-1159-.5q-122.657-16.17-169.5-130.5a230.2 230.2 0 0 1-11-49c-.667-546.67-.667-1093.3 0-1640 9.834-76.145 49.334-130.64 118.5-163.5q29.688-12.892 62-16 387.03-1.49 774 1c40.68 5.845 76.34 22.178 107 49 45.37 38.377 91.04 76.377 137 114 33.84 22.572 71.17 34.238 112 35l1108 1q101.4 12.037 154.5 98.5c17.74 31.305 26.58 64.972 26.5 101h-2400c-.167 465.67 0 931.33.5 1397l357-1071c28.15-65.48 76.984-106.31 146.5-122.5a307 307 0 0 1 20-3c472.33-.5 944.67-.67 1417-.5' opacity='.999'/><path fill='#a5d6a7' d='M3071.5 1301.5c-1.15 5.48-1.32 11.15-.5 17 .28.92.78 1.58 1.5 2v4c-.17 6.34 0 12.68.5 19q.345 1.86 1.5 3v5c-.32 9.22.34 18.22 2 27v10c.15 12.67.49 25.34 1 38-.17 19 0 38 .5 57 .28-.92.78-1.58 1.5-2q.585 196.035-43.5 387c-27.87 114.37-71.2 222.37-130 324-21.76 34.53-44.76 68.2-69 101a1351 1351 0 0 1-82.5 92.5c-16.67 15-33.33 30-50 45a2628 2628 0 0 1-49 38.5c-73.84 51.95-153.18 95.28-238 130-60.65 24.38-122.99 43.88-187 58.5-113.01 24.48-227.35 38.15-343 41-68.76 1.79-137.42.13-206-5-45.06-3.26-90.06-7.1-135-11.5-3.11-27.6-5.45-55.26-7-83-.87-13.66-1.53-27.32-2-41 .24-7.23-.43-14.23-2-21v-11c-1.58-62.32-2.25-124.66-2-187v-2c.82-2.47 1.32-5.14 1.5-8 1.01-21.66 1.84-43.33 2.5-65 5.37-94.93 19.04-188.6 41-281 1.96-5.81 3.62-11.81 5-18v-1c1.42-2.01 2.09-4.35 2-7 .33-2 .67-4 1-6 1.6-2.35 2.6-5.01 3-8 .42-3.08 1.08-6.08 2-9 1.57-1.6 2.24-3.6 2-6 .67-2.67 1.33-5.33 2-8 1.78-3 2.78-6.34 3-10 .06-1.11.39-2.11 1-3 2.11-4 3.44-8.34 4-13a169 169 0 0 0 8-24c.6-3.47 1.6-6.8 3-10 2.82-4.13 4.49-8.8 5-14q161.25-443.25 603-609c20.86-6.62 41.53-13.62 62-21 19.28-5.79 37.95-11.45 56-17 29.89-8.48 60.22-15.65 91-21.5 191.75-33.99 384.08-37.66 577-11 14.64 2.55 29.3 4.88 44 7 1.2.9 2.03 2.07 2.5 3.5 6.67 41.19 12.17 82.52 16.5 124'/><path fill='#43a047' d='M3071.5 1303.5c19.44 34.7 27.61 72.03 24.5 112-1.77 22.43-7.27 43.77-16.5 64 .23-17.69-.1-35.35-1-53 .06-12.86-.61-25.53-2-38v-10c-.22-9.18-.88-18.18-2-27v-5c-.13-7.53-.79-14.86-2-22v-4c-.26-5.67-.59-11.34-1-17m-398 192h1c17.51-.33 34.84 0 52 1-1.33.67-2.67 1.33-4 2-3.65.77-6.98 2.1-10 4a950 950 0 0 0-105 50.5c-121.59 68.07-232.26 150.91-332 248.5a178.3 178.3 0 0 0-23 22c-96.64 96.09-181.81 201.09-255.5 315a2166 2166 0 0 0-119.5 210c-1.41.47-2.07 1.47-2 3v1q-1.17-19.245 0-39v-2c1.45-5.77 2.11-11.77 2-18 .24-7.06.91-14.06 2-21 1.75-6.43 2.75-13.09 3-20v-1c2.07-8.76 3.4-17.76 4-27v-2c1.72-3.34 2.38-7.01 2-11 2.57-6.3 3.9-12.97 4-20 .03-4.14.7-8.14 2-12 1.42-2.01 2.09-4.35 2-7v-2c2.54-3.85 3.54-8.19 3-13 17.15-76.63 42.32-150.3 75.5-221 51.76-109.33 124.93-201.83 219.5-277.5 91.03-69.67 193.03-116.5 306-140.5 4.81.54 9.15-.46 13-3 9.03-.41 17.7-2.07 26-5 8.58-.59 16.91-1.92 25-4 6.91-.25 13.57-1.25 20-3 6.26-1.24 12.59-1.91 19-2 14.8-1.38 29.47-2.72 44-4h2c8.18-.28 16.18-.94 24-2'/></svg>",
-  "folder-seeders": "<svg clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 3200 3200'><path fill='#43a047' d='M2999.5 1165.5c-30.43-3.18-61.1-6.35-92-9.5-167.75-14.9-334.08-5.57-499 28a1455 1455 0 0 0-207 61c-79.51 31.74-154.18 71.74-224 120a896 896 0 0 0-55 43c-1 .33-2 .67-3 1-46.92 39.92-90.09 83.42-129.5 130.5a1986 1986 0 0 1-45 60c-61.77 91.89-109.44 190.89-143 297a1660.6 1660.6 0 0 0-53 246c-14.98 118.89-19.98 238.22-15 358 1.34 33.03 3.17 66.03 5.5 99-386.33.17-772.67 0-1159-.5q-122.657-16.17-169.5-130.5a230.2 230.2 0 0 1-11-49c-.667-546.67-.667-1093.3 0-1640 9.834-76.145 49.334-130.64 118.5-163.5q29.688-12.892 62-16c255.33-.667 510.67-.667 766 0 43.68 4.875 82.01 21.541 115 50 45.37 38.377 91.04 76.377 137 114 28.54 18.847 59.87 30.181 94 34q662.985 1.986 1326 2c77.31 10.044 132.48 50.211 165.5 120.5a220.4 220.4 0 0 1 15 60c.5 61.67.67 123.33.5 185'/><path fill='#A5D6A7' d='M2999.5 1165.5c17.69 2.74 35.36 5.91 53 9.5 1.08.67 1.75 1.67 2 3 28.18 168.19 32.68 337.02 13.5 506.5-11.97 104.19-34.8 205.86-68.5 305-33.03 92.41-76.87 179.07-131.5 260a1694 1694 0 0 1-77 97 2240 2240 0 0 1-80.5 78.5c-46.48 38.13-95.48 72.8-147 104a1457 1457 0 0 1-145 70.5c-24.7 9.85-49.7 19.01-75 27.5-149 44.89-301.33 68.89-457 72-64.06 1.52-128.06.19-192-4-49.39-3.53-98.73-7.7-148-12.5a1745 1745 0 0 1-7-83 3304 3304 0 0 1-5.5-99c-4.98-119.78.02-239.11 15-358a1660.6 1660.6 0 0 1 53-246c33.56-106.11 81.23-205.11 143-297q23.07-29.58 45-60c39.41-47.08 82.58-90.58 129.5-130.5 1-.33 2-.67 3-1a896 896 0 0 1 55-43c69.82-48.26 144.49-88.26 224-120a1455 1455 0 0 1 207-61c164.92-33.57 331.25-42.9 499-28 30.9 3.15 61.57 6.32 92 9.5' opacity='.999'/><path fill='#43a047' d='M2709.5 1494.5c7.67-.17 15.34 0 23 .5a825 825 0 0 0-130 61c-97.27 54.78-187.6 119.12-271 193-15.7 14.7-31.7 29.04-48 43a4541 4541 0 0 0-111.5 115.5 2730 2730 0 0 1-57 68c-93.1 116.73-172.93 242.4-239.5 377-.5 1.02-1.17 1.19-2 .5 6.63-168.23 50.47-326.06 131.5-473.5 116.36-197.54 287.53-319.37 513.5-365.5 24.5-4.98 49.17-8.98 74-12q58.635-5.25 117-7.5'/><path fill='#43a047' d='M2999.5 1989.5c.17 143 0 286-.5 429-8.62 70.79-43.78 123.62-105.5 158.5q-31.365 15.615-66 21c-136.31 1.48-272.65 1.98-409 1.5 49.63-20.82 97.96-44.32 145-70.5 51.52-31.2 100.52-65.87 147-104a2240 2240 0 0 0 80.5-78.5c26.87-31.42 52.54-63.76 77-97 54.63-80.93 98.47-167.59 131.5-260' opacity='.999'/></svg>",
+  "folder-seeders": "<svg clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 3200 3200'><path fill='#43a047' d='M2999.5 1165.5c-30.43-3.18-61.1-6.35-92-9.5-167.75-14.9-334.08-5.57-499 28a1455 1455 0 0 0-207 61c-79.51 31.74-154.18 71.74-224 120a896 896 0 0 0-55 43c-1 .33-2 .67-3 1-46.92 39.92-90.09 83.42-129.5 130.5a1986 1986 0 0 1-45 60c-61.77 91.89-109.44 190.89-143 297a1660.6 1660.6 0 0 0-53 246c-14.98 118.89-19.98 238.22-15 358 1.34 33.03 3.17 66.03 5.5 99-386.33.17-772.67 0-1159-.5q-122.657-16.17-169.5-130.5a230.2 230.2 0 0 1-11-49c-.667-546.67-.667-1093.3 0-1640 9.834-76.145 49.334-130.64 118.5-163.5q29.688-12.892 62-16c255.33-.667 510.67-.667 766 0 43.68 4.875 82.01 21.541 115 50 45.37 38.377 91.04 76.377 137 114 28.54 18.847 59.87 30.181 94 34q662.985 1.986 1326 2c77.31 10.044 132.48 50.211 165.5 120.5a220.4 220.4 0 0 1 15 60c.5 61.67.67 123.33.5 185'/><path fill='#a5d6a7' d='M2999.5 1165.5c17.69 2.74 35.36 5.91 53 9.5 1.08.67 1.75 1.67 2 3 28.18 168.19 32.68 337.02 13.5 506.5-11.97 104.19-34.8 205.86-68.5 305-33.03 92.41-76.87 179.07-131.5 260a1694 1694 0 0 1-77 97 2240 2240 0 0 1-80.5 78.5c-46.48 38.13-95.48 72.8-147 104a1457 1457 0 0 1-145 70.5c-24.7 9.85-49.7 19.01-75 27.5-149 44.89-301.33 68.89-457 72-64.06 1.52-128.06.19-192-4-49.39-3.53-98.73-7.7-148-12.5a1745 1745 0 0 1-7-83 3304 3304 0 0 1-5.5-99c-4.98-119.78.02-239.11 15-358a1660.6 1660.6 0 0 1 53-246c33.56-106.11 81.23-205.11 143-297q23.07-29.58 45-60c39.41-47.08 82.58-90.58 129.5-130.5 1-.33 2-.67 3-1a896 896 0 0 1 55-43c69.82-48.26 144.49-88.26 224-120a1455 1455 0 0 1 207-61c164.92-33.57 331.25-42.9 499-28 30.9 3.15 61.57 6.32 92 9.5' opacity='.999'/><path fill='#43a047' d='M2709.5 1494.5c7.67-.17 15.34 0 23 .5a825 825 0 0 0-130 61c-97.27 54.78-187.6 119.12-271 193-15.7 14.7-31.7 29.04-48 43a4541 4541 0 0 0-111.5 115.5 2730 2730 0 0 1-57 68c-93.1 116.73-172.93 242.4-239.5 377-.5 1.02-1.17 1.19-2 .5 6.63-168.23 50.47-326.06 131.5-473.5 116.36-197.54 287.53-319.37 513.5-365.5 24.5-4.98 49.17-8.98 74-12q58.635-5.25 117-7.5'/><path fill='#43a047' d='M2999.5 1989.5c.17 143 0 286-.5 429-8.62 70.79-43.78 123.62-105.5 158.5q-31.365 15.615-66 21c-136.31 1.48-272.65 1.98-409 1.5 49.63-20.82 97.96-44.32 145-70.5 51.52-31.2 100.52-65.87 147-104a2240 2240 0 0 0 80.5-78.5c26.87-31.42 52.54-63.76 77-97 54.63-80.93 98.47-167.59 131.5-260' opacity='.999'/></svg>",
   "folder-server-open": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fffde7' d='M14 15v4a1 1 0 0 0 1 1h16a1 1 0 0 0 1-1v-4a1 1 0 0 0-1-1H15a1 1 0 0 0-1 1m6 3h-4v-2h4Zm4 0h-2v-2h2Zm-10 5v4a1 1 0 0 0 1 1h16a1 1 0 0 0 1-1v-4a1 1 0 0 0-1-1H15a1 1 0 0 0-1 1m6 3h-4v-2h4Zm4 0h-2v-2h2Z'/></svg>",
   "folder-server": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fffde7' d='M14 15v4a1 1 0 0 0 1 1h16a1 1 0 0 0 1-1v-4a1 1 0 0 0-1-1H15a1 1 0 0 0-1 1m6 3h-4v-2h4Zm4 0h-2v-2h2Zm-10 5v4a1 1 0 0 0 1 1h16a1 1 0 0 0 1-1v-4a1 1 0 0 0-1-1H15a1 1 0 0 0-1 1m6 3h-4v-2h4Zm4 0h-2v-2h2Z'/></svg>",
   "folder-serverless-open": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#ffcdd2' d='M14 14h6l-.8 3H14zm18 0v3h-9.8l.8-3zm-18 6h4.4l-.8 3H14zm18 0v3H20.6l.8-3zm-18 6h2.8l-.8 3h-2zm18 0v3H19l.8-3z'/></svg>",
@@ -548,8 +583,8 @@
   "folder-shader": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e1bee7' d='M21.58 25.999A3.9 3.9 0 0 1 17.79 30a4.007 4.007 0 0 1 0-8.003A3.9 3.9 0 0 1 21.58 26Zm4.704-9.47a3.966 3.966 0 0 0-3.257-4.494 3.833 3.833 0 0 0-4.255 3.439 4.026 4.026 0 0 0 2.457 4.285c2.905 1.205 3.59 2.423 3.226 5.71a3.967 3.967 0 0 0 3.254 4.495 3.83 3.83 0 0 0 4.257-3.435 4.03 4.03 0 0 0-2.456-4.288c-2.905-1.207-3.59-2.427-3.225-5.713Z'/></svg>",
   "folder-shared-open": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#e1bee7' d='M28 26a2 2 0 0 0 2-2v-6a2 2 0 0 0-2-2H18a2 2 0 0 0-2 2v6a2 2 0 0 0 2 2h-4v2h18v-2Zm-5-6v-2l4 2.798L23 24v-2a4.12 4.12 0 0 0-4 2c.448-2.003.888-3.595 4-4'/></svg>",
   "folder-shared": "<svg viewBox='0 0 32 32'><path fill='#ab47bc' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e1bee7' d='M28 26a2 2 0 0 0 2-2v-6a2 2 0 0 0-2-2H18a2 2 0 0 0-2 2v6a2 2 0 0 0 2 2h-4v2h18v-2Zm-5-6v-2l4 2.798L23 24v-2a4.12 4.12 0 0 0-4 2c.448-2.003.888-3.595 4-4'/></svg>",
-  "folder-snapcraft-open": "<svg viewBox='0 0 16 16'><path fill='#66bb6a' d='M14.033 6H4.597a.97.97 0 0 0-.918.684L2 12V5h11.566c0-.552-.433-1-.967-1H7.343a.95.95 0 0 1-.619-.232l-.622-.536A.95.95 0 0 0 5.483 3H1.967C1.433 3 1 3.448 1 4v8c0 .552.433 1 .967 1h10.632l2.323-5.606c.273-.66-.195-1.394-.889-1.394'/><path fill='#DCEDC8' d='m12.538 7.077 2.077 1.038-2.077 2.077zM8.385 14l3.807-3.462-1.73-1.73zM7 5l5.192 5.192V7.077zm8.654 2.077-3.116-.346L16 8.46z'/></svg>",
-  "folder-snapcraft": "<svg viewBox='0 0 16 16'><path fill='#66BB6A' d='m6.922 3.768-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232'/><path fill='#DCEDC8' d='m12.538 7.077 2.077 1.038-2.077 2.077zM8.385 14l3.807-3.462-1.73-1.73zM7 5l5.192 5.192V7.077zm8.654 2.077-3.116-.346L16 8.46z'/></svg>",
+  "folder-snapcraft-open": "<svg viewBox='0 0 16 16'><path fill='#66bb6a' d='M14.033 6H4.597a.97.97 0 0 0-.918.684L2 12V5h11.566c0-.552-.433-1-.967-1H7.343a.95.95 0 0 1-.619-.232l-.622-.536A.95.95 0 0 0 5.483 3H1.967C1.433 3 1 3.448 1 4v8c0 .552.433 1 .967 1h10.632l2.323-5.606c.273-.66-.195-1.394-.889-1.394'/><path fill='#dcedc8' d='m12.538 7.077 2.077 1.038-2.077 2.077zM8.385 14l3.807-3.462-1.73-1.73zM7 5l5.192 5.192V7.077zm8.654 2.077-3.116-.346L16 8.46z'/></svg>",
+  "folder-snapcraft": "<svg viewBox='0 0 16 16'><path fill='#66bb6a' d='m6.922 3.768-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232'/><path fill='#dcedc8' d='m12.538 7.077 2.077 1.038-2.077 2.077zM8.385 14l3.807-3.462-1.73-1.73zM7 5l5.192 5.192V7.077zm8.654 2.077-3.116-.346L16 8.46z'/></svg>",
   "folder-snippet-open": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='M29 12H9.4a2 2 0 0 0-1.9 1.4L4 24V10h24a2 2 0 0 0-2-2H15.1a2 2 0 0 1-1.3-.5l-1.2-1a2 2 0 0 0-1.3-.5H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.8-11.2A2 2 0 0 0 29 12'/><path fill='#ffe0b2' d='M20 10s-2 1.86-2 4 6 8 6 8l-.89.88a3 3 0 0 0-5.1 2A3.01 3.01 0 0 0 20.87 28a3.02 3.02 0 0 0 3.11-3.24L26 23.5l.25.31A3.02 3.02 0 0 0 28.88 28 3.01 3.01 0 0 0 32 25.12a3.01 3.01 0 0 0-4.38-2.78zm10 0-4 8 2 2s4-3.94 4-6-2-4-2-4m-9.06 14h.1c.51.02.9.4.95.89v.2a.98.98 0 0 1-1.03.91.99.99 0 0 1-.96-1.04.98.98 0 0 1 .94-.96m8 0h.1c.56.02.98.48.96 1.04a.98.98 0 0 1-1.04.96.98.98 0 0 1-.96-1.04.98.98 0 0 1 .94-.96' style='-inkscape-stroke:none'/></svg>",
   "folder-snippet": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='m13.84 7.54-1.28-1.08A2 2 0 0 0 11.28 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.12a2 2 0 0 1-1.28-.46'/><path fill='#ffe0b2' d='M20 10s-2 1.86-2 4 6 8 6 8l-.89.88a3 3 0 0 0-5.1 2A3.01 3.01 0 0 0 20.87 28a3.02 3.02 0 0 0 3.11-3.24L26 23.5l.25.31A3.02 3.02 0 0 0 28.88 28 3.01 3.01 0 0 0 32 25.12a3.01 3.01 0 0 0-4.38-2.78zm10 0-4 8 2 2s4-3.94 4-6-2-4-2-4m-9.06 14h.1c.51.02.9.4.95.89v.2a.98.98 0 0 1-1.03.91.99.99 0 0 1-.96-1.04.98.98 0 0 1 .94-.96m8 0h.1c.56.02.98.48.96 1.04a.98.98 0 0 1-1.04.96.98.98 0 0 1-.96-1.04.98.98 0 0 1 .94-.96' style='-inkscape-stroke:none'/></svg>",
   "folder-src-open": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#c8e6c9' d='M18.473 30a1 1 0 0 1-.238-.028 1.137 1.137 0 0 1-.828-1.323L20.5 12.905a1.13 1.13 0 0 1 .507-.744 1.06 1.06 0 0 1 .8-.134 1.14 1.14 0 0 1 .828 1.324l-3.101 15.744a1.12 1.12 0 0 1-.504.743 1.06 1.06 0 0 1-.557.162m6.2-2h-.077a1.08 1.08 0 0 1-.762-.412 1.164 1.164 0 0 1 .113-1.548l5.319-4.967-5.296-4.623a1.165 1.165 0 0 1-.162-1.544 1.08 1.08 0 0 1 .754-.437 1.06 1.06 0 0 1 .81.258l6.244 5.455a1.156 1.156 0 0 1 .003 1.723l-6.218 5.808a1.07 1.07 0 0 1-.729.289Zm-9.31 0a1.07 1.07 0 0 1-.728-.292l-6.226-5.811a1.16 1.16 0 0 1-.01-1.692l.02-.018 6.246-5.454a1.03 1.03 0 0 1 .8-.26 1.08 1.08 0 0 1 .76.436 1.165 1.165 0 0 1-.16 1.547l-5.294 4.62 5.32 4.964a1.156 1.156 0 0 1 .112 1.548 1.07 1.07 0 0 1-.762.412Z'/></svg>",
@@ -596,8 +631,10 @@
   "folder-theme": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M21.998 10C16 10 12 14 12 20a10 10 0 0 0 10 10c.92 0 2 0 2-2 0-.436-.569-.785-.964-1.18A2.37 2.37 0 0 1 22 25c0-1 1-1 2-1h4c4 0 4-4 4-6 0-4-4-8-10.002-8M16 20a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6-4a2 2 0 1 1 2-2 2 2 0 0 1-2 2m6 4a2 2 0 1 1 2-2 2 2 0 0 1-2 2'/></svg>",
   "folder-tools-open": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#bbdefb' d='M24.363 19.012 13.364 30 12 28.638l10.988-11zm4.365-2.815.574-.576-.77-.77.624-.623-1.384-1.383-.623.624-.77-.77-.574.575A20.5 20.5 0 0 0 20.155 10l-.81 1.744a24.5 24.5 0 0 1 4.736 3.253l-.488.488 2.923 2.923.488-.488a24.5 24.5 0 0 1 3.252 4.736L32 21.848a20.5 20.5 0 0 0-3.272-5.651'/></svg>",
   "folder-tools": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#bbdefb' d='M24.363 19.012 13.364 30 12 28.638l10.988-11zm4.365-2.815.574-.576-.77-.77.624-.623-1.384-1.383-.623.624-.77-.77-.574.575A20.5 20.5 0 0 0 20.155 10l-.81 1.744a24.5 24.5 0 0 1 4.736 3.253l-.488.488 2.923 2.923.488-.488a24.5 24.5 0 0 1 3.252 4.736L32 21.848a20.5 20.5 0 0 0-3.272-5.651'/></svg>",
-  "folder-trash-open": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#F44336' d='M463.47 192H151.06c-13.77 0-26 8.82-30.35 21.89L64 384V160h384c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42l-20.6-17.15c-5.75-4.8-13-7.43-20.48-7.43H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h352l76.88-179.39c1.7-3.98 2.59-8.28 2.59-12.61 0-17.67-14.33-32-32-32'/><path fill='#FFCDD2' d='M320 160v32h-96v32h32v192c0 17.63 14.38 32 32 32h160c17.63 0 32-14.37 32-32V224h32v-32h-96v-32zm0 96v128h32V256zm64 0v128h32V256z'/></svg>",
-  "folder-trash": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#F44336' d='m221.5 120.58-20.6-17.16A32 32 0 0 0 180.42 96H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32V160c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42'/><path fill='#FFCDD2' d='M320 160v32h-96v32h32v192c0 17.63 14.38 32 32 32h160c17.63 0 32-14.37 32-32V224h32v-32h-96v-32zm0 96v128h32V256zm64 0v128h32V256z'/></svg>",
+  "folder-trash-open": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#f44336' d='M463.47 192H151.06c-13.77 0-26 8.82-30.35 21.89L64 384V160h384c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42l-20.6-17.15c-5.75-4.8-13-7.43-20.48-7.43H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h352l76.88-179.39c1.7-3.98 2.59-8.28 2.59-12.61 0-17.67-14.33-32-32-32'/><path fill='#ffcdd2' d='M320 160v32h-96v32h32v192c0 17.63 14.38 32 32 32h160c17.63 0 32-14.37 32-32V224h32v-32h-96v-32zm0 96v128h32V256zm64 0v128h32V256z'/></svg>",
+  "folder-trash": "<svg fill-rule='evenodd' clip-rule='evenodd' image-rendering='optimizeQuality' shape-rendering='geometricPrecision' text-rendering='geometricPrecision' viewBox='0 0 512 512'><path fill='#f44336' d='m221.5 120.58-20.6-17.16A32 32 0 0 0 180.42 96H64c-17.67 0-32 14.33-32 32v256c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32V160c0-17.67-14.33-32-32-32H241.98a32 32 0 0 1-20.48-7.42'/><path fill='#ffcdd2' d='M320 160v32h-96v32h32v192c0 17.63 14.38 32 32 32h160c17.63 0 32-14.37 32-32V224h32v-32h-96v-32zm0 96v128h32V256zm64 0v128h32V256z'/></svg>",
+  "folder-trigger-open": "<svg viewBox='0 0 1024 1024'><path fill='#ffc107' d='M926.944 384h-624.8a64 64 0 0 0-60.736 43.776L128 768V320h768a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848l-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h704l153.76-358.784A64 64 0 0 0 926.944 384'/><path fill='#ffecb3' d='m640 896 64-256h-64a28.252 32.205 0 0 1-20.876-53.906L832 320l-64 256h64a28.252 32.205 0 0 1 20.876 53.906z'/></svg>",
+  "folder-trigger": "<svg viewBox='0 0 1024 1024'><path fill='#ffc107' d='m443.008 241.152-41.216-34.304A64 64 0 0 0 360.832 192H128a64 64 0 0 0-64 64v512a64 64 0 0 0 64 64h768a64 64 0 0 0 64-64V320a64 64 0 0 0-64-64H483.968a64 64 0 0 1-40.96-14.848'/><path fill='#ffecb3' d='m640 896 64-256h-64a28.252 32.205 0 0 1-20.876-53.906L832 320l-64 256h64a28.252 32.205 0 0 1 20.876 53.906z'/></svg>",
   "folder-turborepo-open": "<svg viewBox='0 0 32 32'><defs><linearGradient id='a' x1='30.58' x2='17.816' y1='13.808' y2='26.573' gradientUnits='userSpaceOnUse'><stop offset='.15' stop-color='#2196f3'/><stop offset='.85' stop-color='#f50057'/></linearGradient></defs><path fill='#546e7a' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#cfd8dc' d='M23 16a3 3 0 1 1-3 3 3 3 0 0 1 3-3m0-2a5 5 0 1 0 5 5 5 5 0 0 0-5-5'/><path fill='url(#a)' d='M16 20a7.1 7.1 0 0 0 1.5 3.41l-1.421 1.426A9.05 9.05 0 0 1 14 20Zm15.944-2.003A9.015 9.015 0 0 0 24 10v2a7.085 7.085 0 0 1 0 14v2a9.03 9.03 0 0 0 7.944-10.003m-14.414 8.23A9.07 9.07 0 0 0 22 28v-2a7.1 7.1 0 0 1-3.03-1.218Z'/></svg>",
   "folder-turborepo": "<svg viewBox='0 0 32 32'><defs><linearGradient id='a' x1='30.58' x2='17.816' y1='13.808' y2='26.573' gradientUnits='userSpaceOnUse'><stop offset='.15' stop-color='#2196f3'/><stop offset='.85' stop-color='#f50057'/></linearGradient></defs><path fill='#546e7a' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#cfd8dc' d='M23 16a3 3 0 1 1-3 3 3 3 0 0 1 3-3m0-2a5 5 0 1 0 5 5 5 5 0 0 0-5-5'/><path fill='url(#a)' d='M16 20a7.1 7.1 0 0 0 1.5 3.41l-1.421 1.426A9.05 9.05 0 0 1 14 20Zm15.944-2.003A9.015 9.015 0 0 0 24 10v2a7.085 7.085 0 0 1 0 14v2a9.03 9.03 0 0 0 7.944-10.003m-14.414 8.23A9.07 9.07 0 0 0 22 28v-2a7.1 7.1 0 0 1-3.03-1.218Z'/></svg>",
   "folder-typescript-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#90caf9' d='M24 19.06a1.33 1.33 0 0 0 .3 1.04 2.5 2.5 0 0 0 .61.28c.54.18 1.33.37 2.09.62 2.64.88 2.96 2.32 2.99 3.49.01.16.01.31.01.46V25c0 1.06-.46 2.79-3.44 2.98-.13.01-.25.01-.37.01A1 1 0 0 1 26 28h-4v-1.76l.24-.24H26a2 2 0 0 0 .25-.01h.17c.18-.01.33-.03.47-.04a2 2 0 0 0 .27-.06c.07-.02.13-.04.19-.06a.04.04 0 0 0 .03-.01c.49-.18.59-.45.61-.66A1 1 0 0 0 28 25c0-.32-.68-1.23-3-2-2.74-.91-2.98-2.42-2.99-3.61a.6.6 0 0 1-.01-.13V19a2.85 2.85 0 0 1 .45-1.59c.04-.06.07-.11.11-.16.01-.01.01-.02.02-.03a1 1 0 0 1 .18-.2A4.3 4.3 0 0 1 25.91 16H30v2h-4c-.13 0-.26 0-.39.01-1.18.06-1.49.4-1.58.7a.13.13 0 0 0-.01.06A1 1 0 0 0 24 19ZM18 28h-2V18h-4v-2h10v2h-4Z'/></svg>",
@@ -634,30 +671,30 @@
   "folder-vuex-store": "<svg viewBox='0 0 32 32'><path fill='#009688' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><g data-mit-no-recolor='true'><path fill='#41b883' d='m14 29.989 7.2-14.38 1.8 3.508v3.688l-3.577 7.184ZM32 30l-7.2-14.38-1.8 3.508v3.688L26.566 30Z'/><path fill='#35495e' d='m14 12 4.5 9 2.7-5.391L19.4 12Zm18 0-4.5 9-2.7-5.391L26.6 12Z'/></g></svg>",
   "folder-wakatime-open": "<svg viewBox='0 0 32 32'><path fill='#455a64' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#f5f5f5' d='M31.578 14.516A1.62 1.62 0 0 0 30.442 14a1.5 1.5 0 0 0-1.273.728l-6.255 8.823-.82-1.324a1.54 1.54 0 0 0-1.31-.756 1.52 1.52 0 0 0-1.331.827l-.783 1.253-3.795-5.52a1.54 1.54 0 0 0-1.352-.8 1.6 1.6 0 0 0-1.521 1.644 1.67 1.67 0 0 0 .366 1.066l5.026 7.205a1.506 1.506 0 0 0 2.686.058l.717-1.136.698 1.103a2 2 0 0 0 .178.266 2 2 0 0 0 .13.141l.106.092a2 2 0 0 0 .227.15l.1.05a1.4 1.4 0 0 0 .455.122l.123.008h.029a1.53 1.53 0 0 0 1.204-.617l7.61-10.702a1.7 1.7 0 0 0 .341-1.007 1.6 1.6 0 0 0-.42-1.158m-9.212 12.82'/></svg>",
   "folder-wakatime": "<svg viewBox='0 0 32 32'><path fill='#455a64' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#f5f5f5' d='M31.578 14.516A1.62 1.62 0 0 0 30.442 14a1.5 1.5 0 0 0-1.273.728l-6.255 8.823-.82-1.324a1.54 1.54 0 0 0-1.31-.756 1.52 1.52 0 0 0-1.331.827l-.783 1.253-3.795-5.52a1.54 1.54 0 0 0-1.352-.8 1.6 1.6 0 0 0-1.521 1.644 1.67 1.67 0 0 0 .366 1.066l5.026 7.205a1.506 1.506 0 0 0 2.686.058l.717-1.136.698 1.103a2 2 0 0 0 .178.266 2 2 0 0 0 .13.141l.106.092a2 2 0 0 0 .227.15l.1.05a1.4 1.4 0 0 0 .455.122l.123.008h.029a1.53 1.53 0 0 0 1.204-.617l7.61-10.702a1.7 1.7 0 0 0 .341-1.007 1.6 1.6 0 0 0-.42-1.158m-9.212 12.82'/></svg>",
-  "folder-webpack-open": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#FAFAFA' d='m30.992 14.263-7-4a2 2 0 0 0-1.984 0l-7 4A2 2 0 0 0 14 16v8.65a2 2 0 0 0 1.025 1.746l6 3.35A2 2 0 0 0 23 29.73a2 2 0 0 0 1.975.016l6-3.35A2 2 0 0 0 32 24.65V16a2 2 0 0 0-1.008-1.737'/><path fill='#0277bd' d='M30 24.65 24 28v-6l6-3.35zM23 12l-7 4 7 4 7-4zm-7 12.65L22 28v-6l-6-3.35z'/></svg>",
-  "folder-webpack": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#FAFAFA' d='m30.992 14.263-7-4a2 2 0 0 0-1.984 0l-7 4A2 2 0 0 0 14 16v8.65a2 2 0 0 0 1.025 1.746l6 3.35A2 2 0 0 0 23 29.73a2 2 0 0 0 1.975.016l6-3.35A2 2 0 0 0 32 24.65V16a2 2 0 0 0-1.008-1.737'/><path fill='#0277bd' d='M30 24.65 24 28v-6l6-3.35zM23 12l-7 4 7 4 7-4zm-7 12.65L22 28v-6l-6-3.35z'/></svg>",
+  "folder-webpack-open": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#fafafa' d='m30.992 14.263-7-4a2 2 0 0 0-1.984 0l-7 4A2 2 0 0 0 14 16v8.65a2 2 0 0 0 1.025 1.746l6 3.35A2 2 0 0 0 23 29.73a2 2 0 0 0 1.975.016l6-3.35A2 2 0 0 0 32 24.65V16a2 2 0 0 0-1.008-1.737'/><path fill='#0277bd' d='M30 24.65 24 28v-6l6-3.35zM23 12l-7 4 7 4 7-4zm-7 12.65L22 28v-6l-6-3.35z'/></svg>",
+  "folder-webpack": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#fafafa' d='m30.992 14.263-7-4a2 2 0 0 0-1.984 0l-7 4A2 2 0 0 0 14 16v8.65a2 2 0 0 0 1.025 1.746l6 3.35A2 2 0 0 0 23 29.73a2 2 0 0 0 1.975.016l6-3.35A2 2 0 0 0 32 24.65V16a2 2 0 0 0-1.008-1.737'/><path fill='#0277bd' d='M30 24.65 24 28v-6l6-3.35zM23 12l-7 4 7 4 7-4zm-7 12.65L22 28v-6l-6-3.35z'/></svg>",
   "folder-windows-open": "<svg viewBox='0 0 32 32'><path fill='#2196f3' d='M24.667 27.333h-20A2.667 2.667 0 0 1 2 24.667v-16A2.657 2.657 0 0 1 4.648 6h8.019l2.666 2.667h9.334a2.68 2.68 0 0 1 2.666 2.666H4.667v13.334L7.52 14h22.76l-3.04 11.333a2.67 2.67 0 0 1-2.573 2'/><path fill='#bbdefb' d='M14 12h8v8h-8zm10 0h8v8h-8zm0 10h8v8h-8zm-10 0h8v8h-8z'/></svg>",
   "folder-windows": "<svg viewBox='0 0 32 32'><path fill='#2196f3' d='M12.667 6h-8A2.657 2.657 0 0 0 2 8.648v16.019a2.68 2.68 0 0 0 2.667 2.666H26a2.68 2.68 0 0 0 2.667-2.666V11.333A2.667 2.667 0 0 0 26 8.667H15.333z'/><path fill='#bbdefb' d='M14 12h8v8h-8zm10 0h8v8h-8zm0 10h8v8h-8zm-10 0h8v8h-8z'/></svg>",
-  "folder-wordpress-open": "<svg viewBox='0 0 32 32'><path fill='#0277BD' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#e1f5fe' d='M22 8a10 10 0 0 0-8.356 4.51l.642.013c1.049 0 2.669-.125 2.669-.125a.413.413 0 0 1 .07.824l-1.155.119 3.648 10.803 2.188-6.56-1.559-4.243-1.061-.12a.414.414 0 0 1 .07-.823l2.632.125c1.049 0 2.67-.125 2.67-.125a.413.413 0 0 1 .062.824l-1.143.119 3.612 10.72 1.002-3.332a12.7 12.7 0 0 0 .757-3.228 5.2 5.2 0 0 0-.83-2.764 4.67 4.67 0 0 1-.978-2.34 1.73 1.73 0 0 1 1.681-1.771h.127A10 10 0 0 0 22.001 8Zm8.777 5.201.07 1.037a9.5 9.5 0 0 1-.771 3.576l-3.053 8.822a10 10 0 0 0 3.754-13.435m-17.916.724A10.2 10.2 0 0 0 12 18.003 9.98 9.98 0 0 0 17.64 27Zm9.315 4.952-2.996 8.72a10.06 10.06 0 0 0 6.144-.164l-.073-.142Z'/></svg>",
-  "folder-wordpress": "<svg viewBox='0 0 32 32'><path fill='#0277BD' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e1f5fe' d='M22 8a10 10 0 0 0-8.356 4.51l.642.013c1.049 0 2.669-.125 2.669-.125a.413.413 0 0 1 .07.824l-1.155.119 3.648 10.803 2.188-6.56-1.559-4.243-1.061-.12a.414.414 0 0 1 .07-.823l2.632.125c1.049 0 2.67-.125 2.67-.125a.413.413 0 0 1 .062.824l-1.143.119 3.612 10.72 1.002-3.332a12.7 12.7 0 0 0 .757-3.228 5.2 5.2 0 0 0-.83-2.764 4.67 4.67 0 0 1-.978-2.34 1.73 1.73 0 0 1 1.681-1.771h.127A10 10 0 0 0 22.001 8Zm8.777 5.201.07 1.037a9.5 9.5 0 0 1-.771 3.576l-3.053 8.822a10 10 0 0 0 3.754-13.435m-17.916.724A10.2 10.2 0 0 0 12 18.003 9.98 9.98 0 0 0 17.64 27Zm9.315 4.952-2.996 8.72a10.06 10.06 0 0 0 6.144-.164l-.073-.142Z'/></svg>",
+  "folder-wordpress-open": "<svg viewBox='0 0 32 32'><path fill='#0277bd' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#e1f5fe' d='M22 8a10 10 0 0 0-8.356 4.51l.642.013c1.049 0 2.669-.125 2.669-.125a.413.413 0 0 1 .07.824l-1.155.119 3.648 10.803 2.188-6.56-1.559-4.243-1.061-.12a.414.414 0 0 1 .07-.823l2.632.125c1.049 0 2.67-.125 2.67-.125a.413.413 0 0 1 .062.824l-1.143.119 3.612 10.72 1.002-3.332a12.7 12.7 0 0 0 .757-3.228 5.2 5.2 0 0 0-.83-2.764 4.67 4.67 0 0 1-.978-2.34 1.73 1.73 0 0 1 1.681-1.771h.127A10 10 0 0 0 22.001 8Zm8.777 5.201.07 1.037a9.5 9.5 0 0 1-.771 3.576l-3.053 8.822a10 10 0 0 0 3.754-13.435m-17.916.724A10.2 10.2 0 0 0 12 18.003 9.98 9.98 0 0 0 17.64 27Zm9.315 4.952-2.996 8.72a10.06 10.06 0 0 0 6.144-.164l-.073-.142Z'/></svg>",
+  "folder-wordpress": "<svg viewBox='0 0 32 32'><path fill='#0277bd' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#e1f5fe' d='M22 8a10 10 0 0 0-8.356 4.51l.642.013c1.049 0 2.669-.125 2.669-.125a.413.413 0 0 1 .07.824l-1.155.119 3.648 10.803 2.188-6.56-1.559-4.243-1.061-.12a.414.414 0 0 1 .07-.823l2.632.125c1.049 0 2.67-.125 2.67-.125a.413.413 0 0 1 .062.824l-1.143.119 3.612 10.72 1.002-3.332a12.7 12.7 0 0 0 .757-3.228 5.2 5.2 0 0 0-.83-2.764 4.67 4.67 0 0 1-.978-2.34 1.73 1.73 0 0 1 1.681-1.771h.127A10 10 0 0 0 22.001 8Zm8.777 5.201.07 1.037a9.5 9.5 0 0 1-.771 3.576l-3.053 8.822a10 10 0 0 0 3.754-13.435m-17.916.724A10.2 10.2 0 0 0 12 18.003 9.98 9.98 0 0 0 17.64 27Zm9.315 4.952-2.996 8.72a10.06 10.06 0 0 0 6.144-.164l-.073-.142Z'/></svg>",
   "folder-yarn-open": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28.967 12H9.442a2 2 0 0 0-1.898 1.368L4 24V10h24a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464l-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h22l4.805-11.212A2 2 0 0 0 28.967 12'/><path fill='#b3e5fc' d='M31.445 24.006a7.2 7.2 0 0 0-2.736 1.301 16.2 16.2 0 0 1-4.038 1.886 1.1 1.1 0 0 1-.68.394 42 42 0 0 1-4.455.413c-.805.006-1.296-.212-1.434-.554a1.14 1.14 0 0 1 .58-1.474l.02-.008a2.5 2.5 0 0 1-.357-.27c-.118-.122-.243-.368-.28-.277-.156.392-.237 1.352-.654 1.784a2.04 2.04 0 0 1-2.3.052c-.704-.386.05-1.295.05-1.295a.497.497 0 0 1-.679-.23l-.007-.015a3.56 3.56 0 0 1-.46-2.106 3.92 3.92 0 0 1 1.221-2.08 6.85 6.85 0 0 1 .455-3.144 7.4 7.4 0 0 1 2.187-2.614s-1.34-1.527-.84-2.912c.322-.903.453-.895.56-.935a2.5 2.5 0 0 0 1.003-.61 3.58 3.58 0 0 1 3.046-1.213s.8-2.53 1.546-2.035a13.3 13.3 0 0 1 1.06 2.062s.885-.535.985-.336a8.35 8.35 0 0 1 .361 4.382 10.1 10.1 0 0 1-1.795 3.863 7.9 7.9 0 0 1 1.808 2.778 8.4 8.4 0 0 1 .181 3.722l.024.044a4.44 4.44 0 0 0 2.343-.934 5.77 5.77 0 0 1 2.954-1.147.75.75 0 0 1 .873.62.775.775 0 0 1-.542.888'/></svg>",
   "folder-yarn": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/><path fill='#b3e5fc' d='M31.445 24.006a7.2 7.2 0 0 0-2.736 1.301 16.2 16.2 0 0 1-4.038 1.886 1.1 1.1 0 0 1-.68.394 42 42 0 0 1-4.455.413c-.805.006-1.296-.212-1.434-.554a1.14 1.14 0 0 1 .58-1.474l.02-.008a2.5 2.5 0 0 1-.357-.27c-.118-.122-.243-.368-.28-.277-.156.392-.237 1.352-.654 1.784a2.04 2.04 0 0 1-2.3.052c-.704-.386.05-1.295.05-1.295a.497.497 0 0 1-.679-.23l-.007-.015a3.56 3.56 0 0 1-.46-2.106 3.92 3.92 0 0 1 1.221-2.08 6.85 6.85 0 0 1 .455-3.144 7.4 7.4 0 0 1 2.187-2.614s-1.34-1.527-.84-2.912c.322-.903.453-.895.56-.935a2.5 2.5 0 0 0 1.003-.61 3.58 3.58 0 0 1 3.046-1.213s.8-2.53 1.546-2.035a13.3 13.3 0 0 1 1.06 2.062s.885-.535.985-.336a8.35 8.35 0 0 1 .361 4.382 10.1 10.1 0 0 1-1.795 3.863 7.9 7.9 0 0 1 1.808 2.778 8.4 8.4 0 0 1 .181 3.722l.024.044a4.44 4.44 0 0 0 2.343-.934 5.77 5.77 0 0 1 2.954-1.147.75.75 0 0 1 .873.62.775.775 0 0 1-.542.888'/></svg>",
-  "folder-zeabur-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#7E57C2' d='M29 12H9.4c-.9 0-1.6.6-1.9 1.4L4 24V10h24c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.2-1.3-.5l-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h22l4.8-11.2c.4-1 0-2.2-1-2.6-.3-.1-.6-.2-.8-.2'/><g fill='#D1C4E9' clip-path='url(#a)'><path d='M20 24h12v6H12v-6h6l8-4H12v-6h20v6z'/><path d='M26 14H12v6h14zm6 10H20v6h12z'/></g><defs><clipPath id='a'><path d='M12 14h20v16H12z'/></clipPath></defs></svg>",
-  "folder-zeabur": "<svg fill='none' viewBox='0 0 32 32'><path fill='#7E57C2' d='m13.8 7.5-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h24c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.1-1.3-.5'/><g fill='#D1C4E9' clip-path='url(#a)'><path d='M20 24h12v6H12v-6h6l8-4H12v-6h20v6z'/><path d='M26 14H12v6h14zm6 10H20v6h12z'/></g><defs><clipPath id='a'><path d='M12 14h20v16H12z'/></clipPath></defs></svg>",
-  "folder": "<svg viewBox='0 0 32 32'><path fill='#90a4ae' d='m13.844 7.536-1.288-1.072A2 2 0 0 0 11.276 6H4a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2H15.124a2 2 0 0 1-1.28-.464'/></svg>",
+  "folder-zeabur-open": "<svg fill='none' viewBox='0 0 32 32'><path fill='#7e57c2' d='M29 12H9.4c-.9 0-1.6.6-1.9 1.4L4 24V10h24c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.2-1.3-.5l-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h22l4.8-11.2c.4-1 0-2.2-1-2.6-.3-.1-.6-.2-.8-.2'/><g fill='#d1c4e9' clip-path='url(#a)'><path d='M20 24h12v6H12v-6h6l8-4H12v-6h20v6z'/><path d='M26 14H12v6h14zm6 10H20v6h12z'/></g><defs><clipPath id='a'><path d='M12 14h20v16H12z'/></clipPath></defs></svg>",
+  "folder-zeabur": "<svg fill='none' viewBox='0 0 32 32'><path fill='#7e57c2' d='m13.8 7.5-1.3-1.1c-.3-.2-.8-.4-1.2-.4H4c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h24c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2H15.1c-.5 0-.9-.1-1.3-.5'/><g fill='#d1c4e9' clip-path='url(#a)'><path d='M20 24h12v6H12v-6h6l8-4H12v-6h20v6z'/><path d='M26 14H12v6h14zm6 10H20v6h12z'/></g><defs><clipPath id='a'><path d='M12 14h20v16H12z'/></clipPath></defs></svg>",
+  "folder": "<svg viewBox='0 0 16 16'><path fill='#90a4ae' d='m6.922 3.768-.644-.536A1 1 0 0 0 5.638 3H2a1 1 0 0 0-1 1v8a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H7.562a1 1 0 0 1-.64-.232'/></svg>",
   "font": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M24 28h4L18 4h-4L4 28h4l8-19.422'/><path fill='#f44336' d='M8 20h16v4H8z'/></svg>",
   "forth": "<svg viewBox='0 0 67.733 67.733'><path fill='#ef5350' d='M10.321 12.006c-.21 0-.38.173-.38.39v12.63c0 .215.17.389.38.389h16.925c.21 0 .38-.174.38-.39v-12.63a.384.384 0 0 0-.38-.389zm30.167 0c-.21 0-.38.173-.38.39v12.63c0 .215.17.389.38.389h16.925c.21 0 .38-.174.38-.39v-12.63a.384.384 0 0 0-.38-.389zM10.321 34.328c-.21 0-.38.173-.38.39v12.63c0 .215.17.389.38.389h16.925c.21 0 .38-.174.38-.39v-12.63a.384.384 0 0 0-.38-.389zm30.167 0c-.21 0-.38.173-.38.39v12.63c0 .215.17.389.38.389h4.053v4.351H40.51a.374.374 0 0 0-.375.375v2.89c0 .207.167.374.375.374h8.303a.373.373 0 0 0 .374-.374v-4.135h3.798a.374.374 0 0 0 .374-.375v-3.106h4.054c.21 0 .38-.174.38-.39v-12.63a.384.384 0 0 0-.38-.389z'/></svg>",
   "fortran": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M6 4v2h3a1 1 0 0 1 1 1v18a1 1 0 0 1-1 1H6v2h12v-2h-3a1 1 0 0 1-1-1v-9h4a2 2 0 0 1 2 2v2h2V10h-2v2a2 2 0 0 1-2 2h-4V6h6a4 4 0 0 1 4 4h2V4Z'/></svg>",
   "foxpro": "<svg viewBox='0 0 300 300'><path fill='#fbc02d' d='M110.978 292.583c1.71-.48 4.858-.93 6.994-.996l3.886-.123v-5.072c0-9.684-6.355-24.885-13.844-33.115-1.22-1.34-5.476-4.083-9.459-6.096-7.06-3.568-7.46-3.643-16.061-3.032-4.85.345-11.618 1.392-15.038 2.325-21.15 5.777-53.825-10.127-53.871-26.223-.017-5.957 2.584-8.327 11.094-10.108 10.248-2.144 17.288-5.479 18.06-8.554 1.18-4.697-.304-19.367-2.339-23.14-1.434-2.66-1.925-5.792-1.94-12.369-.018-8.404.16-9.092 3.878-15.025 2.143-3.42 6.093-8.94 8.779-12.265 4.553-5.639 4.908-6.515 5.266-12.953.414-7.455-2.387-20.66-6.188-29.184-4.29-9.62-3.664-35.68 1.334-55.392C56.631 21.138 66.772 4.993 73.058 6.99c2.083.66 2.215 1.013 9.388 24.968 2.121 7.084 2.404 7.46 8.731 11.62 10.456 6.875 20.048 18.022 29.738 34.563l2.684 4.582 10.203 1.289c17.3 2.184 37.568 10.032 48.636 18.83 2.26 1.796 4.824 3.043 5.7 2.771.875-.271 6.923-2.912 13.438-5.867 14.079-6.386 28.26-11.15 47.56-15.972 20.388-5.097 31.764-7.167 34.968-6.363 2.781.699 2.796.75 2.153 7.662-.73 7.857-5.042 21.461-9.758 30.793-7.233 14.308-25.004 34-41.889 46.417-7.607 5.594-7.995 6.08-8.621 10.787-5.233 39.421-15.87 61.176-43.496 88.956-12.947 13.02-13.966 13.797-25.405 19.401-15.592 7.64-23.663 9.762-44.04 11.572-4.036.36-4.494.268-2.072-.414zm-80.394-56.332a167 167 0 0 1-2.505-1.814c-1.917-1.406-1.965-1.384-.65.294.783.997 1.91 1.813 2.504 1.813s.888-.132.65-.293z'/><path fill='#ff9800' d='M110.978 292.583c1.71-.48 4.858-.93 6.994-.996l3.886-.123-.012-4.922c-.015-5.735-1.855-13.217-5.005-20.336-1.63-3.684-1.805-4.689-.653-3.733 2.945 2.445 2.772.137-.327-4.355-3.607-5.228-8.862-9.639-16.88-14.163-3.157-1.782-6.76-4.412-8.006-5.844-1.367-1.574-3.365-2.604-5.048-2.604-2.704 0-2.657.1 1.547 3.33 2.383 1.832 4.333 3.63 4.333 3.992s-4.08.951-9.067 1.305c-4.987.353-11.864 1.407-15.284 2.34-21.15 5.777-53.825-10.127-53.871-26.223-.018-5.957 2.584-8.327 11.094-10.107 10.282-2.151 17.288-5.477 18.066-8.578 1.24-4.94-.43-20.227-2.787-25.52-1.773-3.981-2.17-6.518-1.862-11.917.432-7.593 3.474-13.514 13.02-25.34 4.553-5.639 4.91-6.514 5.267-12.953.413-7.454-2.387-20.66-6.188-29.184-4.29-9.618-3.664-35.68 1.334-55.392C56.631 21.138 66.772 4.992 73.058 6.988c2.083.661 2.215 1.014 9.388 24.968 2.121 7.085 2.404 7.46 8.731 11.62 10.456 6.876 20.048 18.022 29.738 34.563l2.684 4.583 10.203 1.289c17.3 2.184 37.568 10.032 48.636 18.83 2.26 1.796 4.824 3.043 5.7 2.771.875-.271 6.922-2.912 13.438-5.867 14.079-6.386 28.26-11.15 47.56-15.972 20.388-5.097 31.764-7.167 34.968-6.363 2.781.699 2.795.75 2.153 7.662-.73 7.857-5.042 21.461-9.758 30.793-7.233 14.308-25.004 34-41.889 46.417-7.608 5.594-7.995 6.08-8.621 10.787-5.233 39.421-15.87 61.176-43.496 88.956-12.947 13.02-13.966 13.797-25.405 19.401-15.592 7.64-23.663 9.762-44.04 11.572-4.036.36-4.494.267-2.072-.414zm28.487-17.757c15.214-5.868 29.597-17.34 38.77-30.924 10.817-16.02 18.632-40.542 21.438-67.272l1.34-12.765 7.065-6.263c7.63-6.765 16.248-18.903 22.119-31.154 4.509-9.41 4.622-12.622.517-14.743-6.472-3.347-27.43-1.059-46.262 5.05-12.977 4.211-14.76 4.4-19.647 2.08l-3.479-1.65-7.558 5.011c-4.158 2.756-12.657 10.028-18.889 16.158-11.187 11.007-14.057 12.906-14.057 9.305 0-2.563 14.333-18.344 24.633-27.122 6.74-5.744 9.286-7.307 11.917-7.32 2.425-.011 2.932-.277 1.846-.964-.823-.52-3.643-.694-6.265-.383-4.02.477-5.899.003-11.973-3.008-3.964-1.966-12.103-5.63-18.087-8.143-9.855-4.14-11.67-5.35-19.27-12.867C99.007 83.29 92.3 75.125 88.715 69.711c-7.619-11.512-9.882-14.176-13.738-16.182-6.709-3.49-11.336 2.036-14.805 17.687-2.129 9.603-1.636 29.433 1.083 43.55 2.508 13.023 1.12 18.641-7.308 29.553-9.286 12.025-10.76 19.67-6.29 32.617 3.345 9.682 4.876 19.774 3.542 23.34-2.335 6.24-12.264 13.471-18.5 13.471-3.035 0-3.19.184-2.564 3.04.794 3.61-2.412 13.54-4.373 13.54-1.97 0-1.581 1.74.91 4.06 3.543 3.301 11.06 6.389 16.814 6.907 4.561.412 4.949.314 2.725-.687a979 979 0 0 1-5.699-2.599l-3.109-1.433 4.145.762c6.893 1.266 21.308.708 29.22-1.132 4.101-.953 10.03-1.733 13.172-1.733 10.801 0 24.919 7.327 33.195 17.229 4.183 5.005 10.903 18.998 10.926 22.751.026 4.412.858 4.44 11.402.374zm-5.69-42.91c-34.094-5.987-38.188-6.821-39.716-8.089-2.84-2.356 2.65-2.362 31.777-.034 15.761 1.26 28.936 1.963 29.277 1.563.34-.401 1.119-5.78 1.728-11.953.61-6.174 1.39-11.504 1.733-11.847 1.709-1.709 2.777 2.714 3.803 15.74 1.267 16.085 1.015 16.916-5.357 17.66-1.957.229-12.417-1.14-23.245-3.04m-52.977-29.777c-.839-1.356 2.065-3.717 11.39-9.264 9.722-5.78 21.588-9.929 32.597-11.395 13.411-1.786 17.117.44 6.12 3.676-4.205 1.238-6 2.454-8.009 5.428-3.307 4.9-9.59 9.453-14.248 10.327-2.002.375-6.759.093-10.572-.626-6.389-1.205-7.31-1.14-11.762.83-3.246 1.436-5.054 1.771-5.515 1.025zM61.8 181.891c-4.124-5.852-5.081-11.666-2.813-17.094 1.092-2.615 1.411-5.572 1.014-9.413-.62-6.007.614-8.12 3.393-5.814.85.706 3.211 4.26 5.244 7.896 4.35 7.777 4.959 15.03 2.008 23.912-2.29 6.894-4.267 7.008-8.846.513'/><path fill='#263238' d='M110.978 292.583c1.71-.48 4.858-.93 6.994-.996 2.347-.075 3.89-.637 3.897-1.418.004-.73 5.324-3.067 12.175-5.35 15.388-5.127 25.225-9.652 34.145-15.702 29.01-19.678 47.927-56.35 47.958-92.981.01-10.453.32-10.95 10.844-17.31 8.456-5.11 30.613-27.397 30.613-30.793 0-.536 1.457-3.175 3.238-5.863 3.99-6.023 10.38-23.325 10.995-29.775.435-4.56.323-4.8-2.485-5.336-10.334-1.974-40.272 5.589-66.668 16.842-19.344 8.248-18.662 8.18-28.102 2.792-15.56-8.878-31.568-15.114-45.666-17.789-4.657-.883-8.536-1.716-8.618-1.852-1.217-1.964-13.342-18.003-16.245-21.488-2.138-2.565-7.377-7.672-11.643-11.352-8.3-7.155-11.524-12.045-15.023-22.776-2.646-8.118-4.738-11.482-7.106-11.42-.985.026-3.746 2.288-6.138 5.024-4.88 5.587-7.616 14.008-9.749 30-1.675 12.57-.592 40.068 2.189 55.6 3.13 17.474 1.72 23.614-7.368 32.123l-4.426 4.145 4.343-5.33c6.243-7.661 7.43-10.45 7.434-17.466.004-6.504-3.948-23.123-6.818-28.673-2.286-4.42-3.133-24.55-1.54-36.61 3.76-28.47 16.268-54.564 24.849-51.842 2.083.662 2.216 1.014 9.388 24.969 2.122 7.084 2.404 7.46 8.732 11.62 10.456 6.875 20.048 18.022 29.738 34.563l2.684 4.582 10.161 1.284c17.57 2.218 38.61 10.584 50.486 20.072l2.808 2.243 9.398-4.367c5.169-2.402 13.464-5.935 18.435-7.852 18.978-7.321 63.593-18.103 69.142-16.71 2.872.72 2.875.729 2.228 7.681-.73 7.856-5.041 21.46-9.758 30.793-7.232 14.308-25.004 34-41.889 46.417-7.607 5.593-7.995 6.08-8.62 10.787-5.233 39.421-15.871 61.176-43.497 88.956-12.947 13.02-13.966 13.797-25.405 19.401-15.592 7.64-23.663 9.76-44.04 11.572-4.036.358-4.494.267-2.072-.415zm-65.8-46.306c-8.26-2.214-20.64-8.61-24.89-12.861-7.241-7.241-9.021-15.757-4.205-20.116 1.073-.972 5.017-2.408 8.763-3.191 8.78-1.837 14.8-4.553 19.146-8.637 1.913-1.798 4.127-3.27 4.922-3.27 5.032 0-6.224 11.61-13.063 13.474-2.565.699-5.241 1.434-5.947 1.634-.94.266-1.012 1.077-.266 3.039 1.193 3.138-.806 8.86-4.458 12.76l-2.282 2.437 3.109 2.521c11.045 8.96 23.647 10.678 44.586 6.077 12.895-2.833 13.257-2.856 16.62-1.046 6.163 3.32 5.233 4.346-4.562 5.039-4.937.349-11.542 1.342-14.677 2.207-7.077 1.954-15.352 1.93-22.797-.067zm103.622-13.43c-.855-.19-11.94-2.02-24.634-4.066-24.527-3.953-26.442-4.385-25.583-5.776.577-.932 1.04-.91 34.537 1.674 11.609.897 21.688 1.405 22.398 1.133.84-.321 1.55-4.145 2.031-10.932.721-10.171 2.027-14.003 3.137-9.206.302 1.305.987 7.236 1.523 13.18 1.229 13.66.8 14.62-6.452 14.461-2.973-.066-6.103-.277-6.958-.468zm-62.842-35.035c9.795-8.936 32.919-17.021 46.583-16.29 2.632.141 1.297 1.805-2.125 2.647-1.572.387-5.686 3.662-9.142 7.277-7.841 8.202-11.972 9.648-21.914 7.672-5.395-1.073-7.267-1.07-9.948.007-6.85 2.753-7.6 2.468-3.454-1.313m-23.513-17.967c-4.163-6.559-4.619-9.794-2.197-15.588 1.148-2.75 1.403-5.397.904-9.395-.626-5.014-.51-5.53 1.183-5.204 1.033.2 3.52 3.16 5.527 6.578 4.576 7.796 5.448 15.96 2.535 23.746-1.048 2.802-2.411 5.265-3.03 5.47-.62.207-2.834-2.317-4.922-5.607m59.413-32.9c0-2.015 12.835-16.484 20.322-22.909 9.177-7.875 12.004-9.768 14.593-9.768 4.217 0 2.596 2.78-4.605 7.892-3.848 2.73-11.858 9.766-17.803 15.634-5.944 5.869-11.19 10.67-11.657 10.67s-.85-.684-.85-1.52z'/></svg>",
   "freemarker": "<svg viewBox='0 0 16 16'><path fill='#2196f3' d='m12.5 11 .75.5L15 8l-1.75-3.5-.75.5L14 8zM6 4h1v2h2V4h1v2h1.5v1H10v2h1.5v1H10v2H9v-2H7v2H6v-2H4.5V9H6V7H4.5V6H6zm1 5h2V7H7zM3.5 5l-.75-.5L1 8l1.75 3.5.75-.5L2 8z'/></svg>",
-  "fsharp": "<svg viewBox='0 0 500 500'><path fill='#0288D1' d='m236.249 36.066-213.94 213.94 213.94 213.94v-84.36l-129.7-129.7 129.7-129.7z'/><path fill='#0288D1' d='m236.249 156.017-93.622 93.62 93.622 93.622z'/><path fill='#00B8D4' d='m263.759 36.047 213.94 213.94-213.94 213.94v-84.36l129.7-129.7-129.7-129.7z'/></svg>",
-  "fusebox": "<svg viewBox='0 0 152.99 160.01'><g data-name='Layer 2'><g data-name='Fuse Box'><path fill='#FAFAFA' d='m76.995 12.087 64.783 21.76-6.72 76.61-57.094 37.236-60.916-38.345-4.975-75.178z' data-mit-no-recolor='true'/><path fill='#424242' d='m77.982 149.831-62.688-39.444-5.124-77.518 66.817-22.694 66.729 22.406-6.93 78.906zM18.794 108.31l59.153 37.235 55.382-36.127 6.52-74.306-62.845-21.105-63.028 21.437z' data-mit-no-recolor='true'/><path fill='#0277BD' d='M76.856 140.055V64.012l58.42-26.028-5.229 68.754z'/><path fill='#424242' d='M76.856 140.055 24.179 107.42l-5.603-69.487 58.28 26.08z' data-mit-no-recolor='true'/><path fill='#FAFAFA' d='m32.498 56.2.47 13.905L65.57 85.973l.105 12.822-32.296-15.894 1.432 32.383-12.71-7.856-4.407-70.308 59.17 26.901v13.494z' data-mit-no-recolor='true'/><path fill='#FAFAFA' d='M128.799 89.404c-.07 11.451-5.525 23.209-14.638 28.908l-37.358 24.38V64.038L113.7 47.594c4.504-2.103 8.3-1.248 10.823 2.715 1.658 2.618 2.523 6.31 2.496 10.657a31.15 31.15 0 0 1-3.954 15.546c3.745 1.745 5.814 5.717 5.735 12.892zm-11.268-23.576c0-4.05-1.746-6.049-4.295-4.757L87.923 73.71l-.07 15.022 25.697-13.608c2.182-1.152 3.98-5.159 3.98-9.296zm1.876 28.14c0-4.983-2.112-7.192-5.717-5.175l-25.836 14.463v17.09l25.61-15.24c3.866-2.304 5.926-6.345 5.943-11.137z' data-mit-no-recolor='true'/><path fill='#424242' d='m76.856 17.874-58.21 20.031 95.812 2.078-73.337 8.039 35.735 15.99 18.12-8.073-24.204-1.196 43.45-7.385 21.054-9.374z' data-mit-no-recolor='true'/></g></g></svg>",
+  "fsharp": "<svg viewBox='0 0 500 500'><path fill='#0288d1' d='m236.249 36.066-213.94 213.94 213.94 213.94v-84.36l-129.7-129.7 129.7-129.7z'/><path fill='#0288d1' d='m236.249 156.017-93.622 93.62 93.622 93.622z'/><path fill='#00b8d4' d='m263.759 36.047 213.94 213.94-213.94 213.94v-84.36l129.7-129.7-129.7-129.7z'/></svg>",
+  "fusebox": "<svg viewBox='0 0 152.99 160.01'><g data-name='Layer 2'><g data-name='Fuse Box'><path fill='#fafafa' d='m76.995 12.087 64.783 21.76-6.72 76.61-57.094 37.236-60.916-38.345-4.975-75.178z' data-mit-no-recolor='true'/><path fill='#424242' d='m77.982 149.831-62.688-39.444-5.124-77.518 66.817-22.694 66.729 22.406-6.93 78.906zM18.794 108.31l59.153 37.235 55.382-36.127 6.52-74.306-62.845-21.105-63.028 21.437z' data-mit-no-recolor='true'/><path fill='#0277bd' d='M76.856 140.055V64.012l58.42-26.028-5.229 68.754z'/><path fill='#424242' d='M76.856 140.055 24.179 107.42l-5.603-69.487 58.28 26.08z' data-mit-no-recolor='true'/><path fill='#fafafa' d='m32.498 56.2.47 13.905L65.57 85.973l.105 12.822-32.296-15.894 1.432 32.383-12.71-7.856-4.407-70.308 59.17 26.901v13.494z' data-mit-no-recolor='true'/><path fill='#fafafa' d='M128.799 89.404c-.07 11.451-5.525 23.209-14.638 28.908l-37.358 24.38V64.038L113.7 47.594c4.504-2.103 8.3-1.248 10.823 2.715 1.658 2.618 2.523 6.31 2.496 10.657a31.15 31.15 0 0 1-3.954 15.546c3.745 1.745 5.814 5.717 5.735 12.892zm-11.268-23.576c0-4.05-1.746-6.049-4.295-4.757L87.923 73.71l-.07 15.022 25.697-13.608c2.182-1.152 3.98-5.159 3.98-9.296zm1.876 28.14c0-4.983-2.112-7.192-5.717-5.175l-25.836 14.463v17.09l25.61-15.24c3.866-2.304 5.926-6.345 5.943-11.137z' data-mit-no-recolor='true'/><path fill='#424242' d='m76.856 17.874-58.21 20.031 95.812 2.078-73.337 8.039 35.735 15.99 18.12-8.073-24.204-1.196 43.45-7.385 21.054-9.374z' data-mit-no-recolor='true'/></g></g></svg>",
   "gamemaker": "<svg viewBox='0 0 16 16'><path fill='#26a69a' d='M8 1.422 14.578 8h-3.759v3.853c-.94.846-1.88 1.785-2.819 2.725L1.422 8zM5.275 8 8 10.725V8h2.725A37 37 0 0 0 8 5.275 37 37 0 0 0 5.275 8'/></svg>",
   "garden": "<svg viewBox='0 0 16 16'><g stroke-width='.752'><path fill='#80cbc4' d='M14 14V2h-1.716v12z'/><path fill='#80deea' d='M10.58 14V2H8.865v12z'/><path fill='#26a69a' d='M10.58 8.98V2H8.865v6.98z'/><path fill='#ff80ab' d='M10.608 10.034v-1.65H8.844v1.65z'/><path fill='#1565c0' d='M7.145 14V6.377H5.452V14z'/><path fill='#43a047' d='M5.451 14V2H3.716v12z'/><path fill='#4db6ac' d='M3.716 14V2H2v12z'/><path fill='#0288d1' d='M7.148 6.477V2H5.45v4.477z'/><path fill='#ff80ab' d='M7.145 8.162V6.504H5.452v1.658z'/><path fill='#4caf50' d='M12.296 14V2h-1.715v12z'/><path fill='#00bfa5' d='M8.864 14V2H7.148v12z'/></g></svg>",
-  "gatsby": "<svg viewBox='0 0 28 28'><path fill='#FAFAFA' d='M23.835 14h-6.259v1.788h4.292c-.626 2.682-2.593 4.918-5.186 5.812L6.4 11.318c1.073-3.13 4.113-5.365 7.6-5.365 2.682 0 5.096 1.342 6.616 3.398l1.341-1.162C20.17 5.775 17.308 4.165 14 4.165c-4.65 0-8.583 3.308-9.566 7.69l11.801 11.801c4.292-1.073 7.6-5.007 7.6-9.656m-19.67.09c0 2.503.984 4.917 2.861 6.794s4.381 2.861 6.795 2.861z'/><path fill='#6A1B9A' d='M14 1.483C7.116 1.483 1.483 7.116 1.483 14S7.116 26.517 14 26.517 26.517 20.884 26.517 14 20.884 1.483 14 1.483m-6.974 19.49c-1.877-1.877-2.86-4.38-2.86-6.794l9.745 9.656c-2.504-.09-5.007-.984-6.885-2.861zm9.12 2.594L4.433 11.854C5.417 7.474 9.351 4.165 14 4.165c3.308 0 6.17 1.61 7.957 4.024l-1.34 1.162C19.096 7.294 16.681 5.953 14 5.953c-3.487 0-6.437 2.236-7.6 5.365L16.682 21.6c2.593-.894 4.56-3.13 5.186-5.812h-4.292V14h6.259c0 4.65-3.308 8.583-7.69 9.567z'/></svg>",
+  "gatsby": "<svg viewBox='0 0 28 28'><path fill='#fafafa' d='M23.835 14h-6.259v1.788h4.292c-.626 2.682-2.593 4.918-5.186 5.812L6.4 11.318c1.073-3.13 4.113-5.365 7.6-5.365 2.682 0 5.096 1.342 6.616 3.398l1.341-1.162C20.17 5.775 17.308 4.165 14 4.165c-4.65 0-8.583 3.308-9.566 7.69l11.801 11.801c4.292-1.073 7.6-5.007 7.6-9.656m-19.67.09c0 2.503.984 4.917 2.861 6.794s4.381 2.861 6.795 2.861z'/><path fill='#6a1b9a' d='M14 1.483C7.116 1.483 1.483 7.116 1.483 14S7.116 26.517 14 26.517 26.517 20.884 26.517 14 20.884 1.483 14 1.483m-6.974 19.49c-1.877-1.877-2.86-4.38-2.86-6.794l9.745 9.656c-2.504-.09-5.007-.984-6.885-2.861zm9.12 2.594L4.433 11.854C5.417 7.474 9.351 4.165 14 4.165c3.308 0 6.17 1.61 7.957 4.024l-1.34 1.162C19.096 7.294 16.681 5.953 14 5.953c-3.487 0-6.437 2.236-7.6 5.365L16.682 21.6c2.593-.894 4.56-3.13 5.186-5.812h-4.292V14h6.259c0 4.65-3.308 8.583-7.69 9.567z'/></svg>",
   "gcp": "<svg viewBox='0 0 300 300'><path fill='#f44336' d='M184.351 103.816h7.786l22.191-22.191 1.09-9.421a99.743 99.743 0 0 0-162.266 48.664 12.07 12.07 0 0 1 7.786-.467l44.382-7.32s2.258-3.737 3.426-3.503a55.36 55.36 0 0 1 75.76-5.762z'/><path fill='#448aff' d='M245.94 120.868a100 100 0 0 0-30.132-48.587l-31.146 31.146a55.36 55.36 0 0 1 20.323 43.914v5.529a27.72 27.72 0 1 1 0 55.438h-55.439l-5.528 5.606v33.248l5.528 5.528h55.439a72.101 72.101 0 0 0 40.956-131.822z'/><path fill='#43a047' d='M94.03 252.379h55.438v-44.382H94.03a27.6 27.6 0 0 1-11.446-2.492l-7.786 2.414-22.347 22.19-1.947 7.787a71.7 71.7 0 0 0 43.526 14.483'/><path fill='#ffc107' d='M94.03 108.41a72.101 72.101 0 0 0-43.526 129.252l32.158-32.157a27.72 27.72 0 1 1 36.673-36.673l32.158-32.158A72.02 72.02 0 0 0 94.03 108.41'/></svg>",
   "gemfile": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M21.184 10.016V10H10.881l.016.033-.016-.017L8 14l8.032 10L24 14z'/><path fill='#e53935' d='m16 3.455 11 6.286v12.518l-11 6.286-11-6.286V9.741zM16 0 2 8v16l14 8 14-8V8z'/></svg>",
-  "gemini-ai": "<svg viewBox='0 0 16 16'><path fill='#448AFF' d='M15 8.014A7.457 7.457 0 0 0 8.014 15h-.028A7.456 7.456 0 0 0 1 8.014v-.028A7.456 7.456 0 0 0 7.986 1h.028A7.457 7.457 0 0 0 15 7.986z'/></svg>",
+  "gemini-ai": "<svg viewBox='0 0 16 16'><path fill='#448aff' d='M15 8.014A7.457 7.457 0 0 0 8.014 15h-.028A7.456 7.456 0 0 0 1 8.014v-.028A7.456 7.456 0 0 0 7.986 1h.028A7.457 7.457 0 0 0 15 7.986z'/></svg>",
   "gemini": "<svg viewBox='0 0 32 32'><path fill='#81c784' d='M16 2a14 14 0 1 0 14 14A14 14 0 0 0 16 2m11.3 10h-5.64a22.5 22.5 0 0 0-2.705-7.616A12.03 12.03 0 0 1 27.3 12M20 16c0 .693-.037 1.357-.094 2h-7.811A22 22 0 0 1 12 16c0-.693.037-1.357.094-2h7.811c.058.643.095 1.307.095 2m-4 12c-.115 0-.226-.014-.34-.017A20.4 20.4 0 0 1 12.368 20h7.264a20.4 20.4 0 0 1-3.292 7.983c-.114.003-.225.017-.34.017m-3.632-16a20.4 20.4 0 0 1 3.292-7.983c.114-.003.225-.017.34-.017s.226.014.34.017A20.4 20.4 0 0 1 19.632 12Zm.683-7.618A22.4 22.4 0 0 0 10.339 12H4.7a12.03 12.03 0 0 1 8.35-7.618ZM4.18 14h5.91c-.052.647-.091 1.307-.091 2s.039 1.353.091 2H4.18a11.2 11.2 0 0 1 0-4m.52 6h5.638a22.4 22.4 0 0 0 2.712 7.618A12.03 12.03 0 0 1 4.7 20m14.255 7.616A22.5 22.5 0 0 0 21.661 20H27.3a12.03 12.03 0 0 1-8.344 7.616ZM27.819 18h-5.91c.052-.647.091-1.307.091-2s-.039-1.353-.091-2h5.91a11.2 11.2 0 0 1 0 4'/></svg>",
   "git": "<svg viewBox='0 0 32 32'><path fill='#e64a19' d='M13.172 2.828 11.78 4.22l1.91 1.91 2 2A2.986 2.986 0 0 1 20 10.81a3.25 3.25 0 0 1-.31 1.31l2.06 2a2.68 2.68 0 0 1 3.37.57 2.86 2.86 0 0 1 .88 2.117 3.02 3.02 0 0 1-.856 2.109A2.9 2.9 0 0 1 23 19.81a2.93 2.93 0 0 1-2.13-.87 2.694 2.694 0 0 1-.56-3.38l-2-2.06a3 3 0 0 1-.31.12V20a3 3 0 0 1 1.44 1.09 2.92 2.92 0 0 1 .56 1.72 2.88 2.88 0 0 1-.878 2.128 2.98 2.98 0 0 1-2.048.871 2.981 2.981 0 0 1-2.514-4.719A3 3 0 0 1 16 20v-6.38a2.96 2.96 0 0 1-1.44-1.09 2.9 2.9 0 0 1-.56-1.72 2.9 2.9 0 0 1 .31-1.31l-3.9-3.9-7.579 7.572a4 4 0 0 0-.001 5.658l10.342 10.342a4 4 0 0 0 5.656 0l10.344-10.344a4 4 0 0 0 0-5.656L18.828 2.828a4 4 0 0 0-5.656 0'/></svg>",
   "github-actions-workflow": "<svg viewBox='0 0 32 32'><path fill='#78909c' d='M26 18h-6a2 2 0 0 0-2 2v2h-6a2 2 0 0 1-2-2v-6h2a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2H6a2 2 0 0 0-2 2v6a2 2 0 0 0 2 2h2v6a4 4 0 0 0 4 4h6v2a2 2 0 0 0 2 2h6a2 2 0 0 0 2-2v-6a2 2 0 0 0-2-2M6.5 12a.5.5 0 0 1-.5-.5v-5a.5.5 0 0 1 .5-.5h5a.5.5 0 0 1 .5.5v5a.5.5 0 0 1-.5.5ZM26 25.5a.5.5 0 0 1-.5.5h-5a.5.5 0 0 1-.5-.5v-5a.5.5 0 0 1 .5-.5h5a.5.5 0 0 1 .5.5Z'/></svg>",
@@ -665,33 +702,34 @@
   "gitlab": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='m29.532 13.083-.037-.105-3.811-10.322a1 1 0 0 0-.392-.49.985.985 0 0 0-1.39.316 1 1 0 0 0-.122.28L21.208 10H10.792L8.22 2.762a1.004 1.004 0 0 0-1.246-.721 1 1 0 0 0-.266.124 1 1 0 0 0-.392.491L2.507 12.98l-.04.103a7.52 7.52 0 0 0 2.348 8.491l.015.012.032.026 5.797 4.511 2.876 2.257 1.747 1.372a1.146 1.146 0 0 0 1.424 0l1.747-1.372 2.876-2.257 5.838-4.537.016-.013a7.52 7.52 0 0 0 2.35-8.49Z'/><path fill='#ef6c00' d='m29.532 13.083-.037-.105a12.6 12.6 0 0 0-5.123 2.394l-8.367 6.57 5.327 4.181 5.839-4.537.016-.013a7.52 7.52 0 0 0 2.345-8.49'/><path fill='#f9a825' d='m10.659 26.123 2.876 2.257 1.747 1.372a1.146 1.146 0 0 0 1.424 0l1.747-1.372 2.876-2.257L16 21.943Z'/><path fill='#ef6c00' d='M7.628 15.371a12.6 12.6 0 0 0-5.12-2.39l-.04.102a7.52 7.52 0 0 0 2.347 8.491l.015.012.032.026 5.797 4.511 5.331-4.18Z'/></svg>",
   "gitpod": "<svg viewBox='0 0 32 32'><path fill='#ffa726' d='M18.258 4.156a2.6 2.6 0 0 1-.951 3.538l-.016.01-7.757 4.428a.66.66 0 0 0-.331.57v6.953a.66.66 0 0 0 .331.57l6.14 3.507a.66.66 0 0 0 .652 0l6.14-3.506a.66.66 0 0 0 .331-.571v-4.323l-5.52 3.11a2.6 2.6 0 0 1-2.57-4.518l.014-.009 7.898-4.452A3.61 3.61 0 0 1 28 12.603v7.58a4.95 4.95 0 0 1-2.495 4.295l-7.048 4.024a4.95 4.95 0 0 1-4.914 0l-7.048-4.024A4.95 4.95 0 0 1 4 20.182v-8.007A4.95 4.95 0 0 1 6.495 7.88l8.214-4.692a2.603 2.603 0 0 1 3.55.968Z'/></svg>",
   "gleam": "<svg viewBox='0 0 24 24'><path fill='#ea80fc' d='m12.717 2.53-.027.005-.438.092-.22.334.04.41-.187.307.041.052s.063.077.031.196c-.016.06-.114.318-.205.543s-.176.43-.176.43l-.017.042.021.038a.55.55 0 0 0 .026.517c.057.1.035.2-.006.287a.6.6 0 0 1-.1.147l-.013.015-.147.432-.023.182.029.066-.057.045-.304.945-.036.283-.097.399-.196.56-.05.293-.082.342-.118.27-.084.156-.152.46-.111.49.492.349.85-.123.584-.766.28-.771.182-.852.112-.63.066-.339.174-.806.053-.473.127-.39.021-.329.082-.576.037-.476.084-.274.055-.625-.031-.146.119-.368-.078-.093.03-.17-.144-.31zM2.059 5.442l-.04.018-.575.227-.258.283.893 1.142.326.032.267.453.457.172.069.16.357.285.932.678.664.433 1.312 1.055.112.209.365.201.467.399.588.517.101.223.625.043.656-.85-.006-.605-1.738-1.395-1.27-.922-1.245-.838-.954-.515-.056-.14-1.065-.628-.406-.324zm17.912 5.528-.152.134-.233-.062-.959.14-.47-.109.02.131c-.116-.065-.24-.049-.343-.035-.105.014-.187.019-.232-.006-.124-.069-.261-.034-.361.004-.07.026-.09.043-.12.06l-.263-.15-.373.166-.4-.04-.42-.018-.45.08-.252-.063-.617.067-.326-.084-.04.048s-.027.036-.062.063a.2.2 0 0 1-.047.025c-.01.003-.004.002-.004.002-.087-.05-.178-.04-.253-.031-.075.008-.135.021-.135.021l-.008.004-.248.118-.795.132-.021.028s-.12.143-.227.304a1.5 1.5 0 0 0-.133.246.4.4 0 0 0-.031.124.17.17 0 0 0 .053.132c-.002-.001.01.02.011.065a1 1 0 0 1-.021.164 2 2 0 0 1-.068.226l-.026.063.461.367.47.063.29-.094.95-.174.185-.076.107.037.588-.053.19.106.124-.108.116.037.918-.138.402.125-.027-.147c.04.018.076.027.12.03q.08.004.182-.002c.134-.008.293-.028.448-.05.295-.04.548-.089.57-.093l.19.066.853-.127.527-.156.363.117.407-.058.224-.215.54.135-.018-.135s-.003-.062.027-.106c.015-.021.034-.04.084-.054a.6.6 0 0 1 .25.01c.276.058.45.023.557-.043a.3.3 0 0 0 .107-.106.3.3 0 0 0 .03-.066l.01-.043-.122-.158.053-.19-.338-.45-.576-.11-.358.005-.039-.062-.047-.002s-.247-.022-.449.045c-.107.036-.234-.072-.234-.072l-.139.127zM9.03 13.117l-.033.018-.658.35-.23.22-.173.356.203.572.319.295.306.465-3.802 3.158-.12.17-.798.615-.328.334-.559.422-.09.135-.152.445.385.531.459-.31.207.093.166-.199.101.047.729-.572.238-.133.287-.068.344-.266-.04-.05.206-.07.416-.359.273-.076.328-.224.141-.268.031-.021.112.048.52-.546.54-.292 1.102-.923.457 1.283.252.375.146.629.213.082-.012.033.112.75.193.18-.08.326.316.164a.25.25 0 0 0 .016.156c.026.067.072.147.148.254.164.23.369.29.522.277a.6.6 0 0 0 .262-.09l.023-.015.186-.445-.256-1.391-.225-1.092-.275-.592-.194-.552v-.002c0-.002-.051-.155-.105-.336a4 4 0 0 1-.12-.487 1.1 1.1 0 0 0-.103-.373l-.002-.003-.142-.301.19-.178.558-.648.08-.729-.688-.762-.484.196-.379.406-.582-.867z'/></svg>",
-  "gnuplot": "<svg viewBox='0 -16 16 16'><path fill='#1E88E5' d='M2-1c-.5 0-1-.5-1-1v-12c0-.5.5-1 1-1h12c.5 0 1 .5 1 1v12c0 .5-.5 1-1 1zm0-2v1h12v-7L9-4 6-7zm0-2 4-4 3 3 5-5v-3H2z'/></svg>",
+  "gnuplot": "<svg viewBox='0 -16 16 16'><path fill='#1e88e5' d='M2-1c-.5 0-1-.5-1-1v-12c0-.5.5-1 1-1h12c.5 0 1 .5 1 1v12c0 .5-.5 1-1 1zm0-2v1h12v-7L9-4 6-7zm0-2 4-4 3 3 5-5v-3H2z'/></svg>",
   "go-mod": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='M2 12h4v2H2zm-2 4h6v2H0zm4 4h2v2H4zm16.954-5H14v3h3.239a4.42 4.42 0 0 1-3.531 2 2.65 2.65 0 0 1-2.053-.858 2.86 2.86 0 0 1-.628-2.28A4.515 4.515 0 0 1 15.292 13a2.73 2.73 0 0 1 1.749.584l2.962-1.185A5.6 5.6 0 0 0 15.292 10a7.526 7.526 0 0 0-7.243 6.5 5.614 5.614 0 0 0 5.659 6.5 7.526 7.526 0 0 0 7.243-6.5 6.4 6.4 0 0 0 .003-1.5'/><path fill='#ec407a' d='M26.292 10a7.526 7.526 0 0 0-7.243 6.5 5.614 5.614 0 0 0 5.659 6.5 7.526 7.526 0 0 0 7.243-6.5 5.614 5.614 0 0 0-5.659-6.5m2.681 6.137A4.515 4.515 0 0 1 24.708 20a2.65 2.65 0 0 1-2.053-.858 2.86 2.86 0 0 1-.628-2.28A4.515 4.515 0 0 1 26.292 13a2.65 2.65 0 0 1 2.053.858 2.86 2.86 0 0 1 .628 2.28Z'/></svg>",
   "go": "<svg viewBox='0 0 32 32'><path fill='#00acc1' d='M2 12h4v2H2zm-2 4h6v2H0zm4 4h2v2H4zm16.954-5H14v3h3.239a4.42 4.42 0 0 1-3.531 2 2.65 2.65 0 0 1-2.053-.858 2.86 2.86 0 0 1-.628-2.28A4.515 4.515 0 0 1 15.292 13a2.73 2.73 0 0 1 1.749.584l2.962-1.185A5.6 5.6 0 0 0 15.292 10a7.526 7.526 0 0 0-7.243 6.5 5.614 5.614 0 0 0 5.659 6.5 7.526 7.526 0 0 0 7.243-6.5 6.4 6.4 0 0 0 .003-1.5'/><path fill='#00acc1' d='M26.292 10a7.526 7.526 0 0 0-7.243 6.5 5.614 5.614 0 0 0 5.659 6.5 7.526 7.526 0 0 0 7.243-6.5 5.614 5.614 0 0 0-5.659-6.5m2.681 6.137A4.515 4.515 0 0 1 24.708 20a2.65 2.65 0 0 1-2.053-.858 2.86 2.86 0 0 1-.628-2.28A4.515 4.515 0 0 1 26.292 13a2.65 2.65 0 0 1 2.053.858 2.86 2.86 0 0 1 .628 2.28Z'/></svg>",
-  "go_gopher": "<svg viewBox='0 0 24 24'><g fill='#4DD0E1'><path d='M10.575 1.695c-2.634 0-4.756 2.453-4.756 5.502v4.6l-.027-.003v4.71c0 3.05 2.122 5.502 4.756 5.502h2.287c2.634 0 4.756-2.453 4.756-5.502v-4.6l.027.003v-4.71c0-3.049-2.122-5.502-4.756-5.502z'/><rect width='2.289' height='3.335' x='-1.177' y='6.093' ry='1.125' transform='matrix(.48489 -.87457 .85979 .51065 0 0)'/><rect width='2.297' height='3.39' x='10.261' y='-15.076' ry='1.143' transform='matrix(.44646 .8948 -.89204 .45195 0 0)'/></g><g data-mit-no-recolor='true' transform='translate(.282 -.134)'><circle cx='9.267' cy='5.13' r='2.054' fill='#FAFAFA' stroke='#616161' stroke-width='.1'/><circle cx='14.214' cy='5.116' r='2.054' fill='#FAFAFA' stroke='#616161' stroke-width='.1'/><ellipse cx='8.039' cy='5.051' fill='#212121' rx='.792' ry='.901'/><path fill='#FAFAFA' stroke='#FAFAFA' stroke-width='.155' d='m11.792 9.556.763.138a.403.689 0 0 1 .008.138.403.689 0 0 1-.403.69.403.689 0 0 1-.403-.69.403.689 0 0 1 .035-.276z'/><ellipse cx='8.51' cy='5.365' fill='#FAFAFA' rx='.138' ry='.166'/><ellipse cx='12.945' cy='5.189' fill='#212121' rx='.792' ry='.901'/><ellipse cx='13.414' cy='5.446' fill='#FAFAFA' rx='.138' ry='.166'/><ellipse cx='-12.982' cy='-3.409' fill='#FFE0B2' rx='.708' ry='1.026' transform='rotate(-129.403)'/><path fill='#FAFAFA' stroke='#FAFAFA' stroke-width='.153' d='m11.772 9.553-.757.135a.4.672 0 0 0-.008.134.4.672 0 0 0 .4.673.4.672 0 0 0 .4-.672.4.672 0 0 0-.035-.27z'/><g fill='#FFE0B2'><ellipse cx='1.841' cy='-21.563' rx='.707' ry='1.026' transform='scale(1 -1)rotate(50.597)'/><ellipse cx='-17.281' cy='-21.784' rx='.864' ry='1.27' transform='matrix(.3054 -.95222 -.97065 -.24051 0 0)'/><ellipse cx='22.885' cy='2.587' rx='.864' ry='1.27' transform='matrix(.22652 .97401 .95652 -.29167 0 0)'/><path stroke='#546E7A' stroke-width='.1' d='M10.708 8.392a.594.594 0 0 0-.594.597v.115c0 .331.265.598.594.598h.386a.973.772 0 0 1 .697-.235.973.772 0 0 1 .698.235h.334c.33 0 .595-.267.595-.598V8.99a.595.595 0 0 0-.595-.597h-2.115z'/></g><ellipse cx='11.734' cy='8.203' fill='#212121' stroke='#FAFAFA' stroke-width='.162' rx='1.208' ry='.68'/></g></svg>",
+  "go_gopher": "<svg viewBox='0 0 24 24'><g fill='#4dd0e1'><path d='M10.575 1.695c-2.634 0-4.756 2.453-4.756 5.502v4.6l-.027-.003v4.71c0 3.05 2.122 5.502 4.756 5.502h2.287c2.634 0 4.756-2.453 4.756-5.502v-4.6l.027.003v-4.71c0-3.049-2.122-5.502-4.756-5.502z'/><rect width='2.289' height='3.335' x='-1.177' y='6.093' ry='1.125' transform='matrix(.48489 -.87457 .85979 .51065 0 0)'/><rect width='2.297' height='3.39' x='10.261' y='-15.076' ry='1.143' transform='matrix(.44646 .8948 -.89204 .45195 0 0)'/></g><g data-mit-no-recolor='true' transform='translate(.282 -.134)'><circle cx='9.267' cy='5.13' r='2.054' fill='#fafafa' stroke='#616161' stroke-width='.1'/><circle cx='14.214' cy='5.116' r='2.054' fill='#fafafa' stroke='#616161' stroke-width='.1'/><ellipse cx='8.039' cy='5.051' fill='#212121' rx='.792' ry='.901'/><path fill='#fafafa' stroke='#fafafa' stroke-width='.155' d='m11.792 9.556.763.138a.403.689 0 0 1 .008.138.403.689 0 0 1-.403.69.403.689 0 0 1-.403-.69.403.689 0 0 1 .035-.276z'/><ellipse cx='8.51' cy='5.365' fill='#fafafa' rx='.138' ry='.166'/><ellipse cx='12.945' cy='5.189' fill='#212121' rx='.792' ry='.901'/><ellipse cx='13.414' cy='5.446' fill='#fafafa' rx='.138' ry='.166'/><ellipse cx='-12.982' cy='-3.409' fill='#ffe0b2' rx='.708' ry='1.026' transform='rotate(-129.403)'/><path fill='#fafafa' stroke='#fafafa' stroke-width='.153' d='m11.772 9.553-.757.135a.4.672 0 0 0-.008.134.4.672 0 0 0 .4.673.4.672 0 0 0 .4-.672.4.672 0 0 0-.035-.27z'/><g fill='#ffe0b2'><ellipse cx='1.841' cy='-21.563' rx='.707' ry='1.026' transform='rotate(-50.597)scale(1 -1)'/><ellipse cx='-17.281' cy='-21.784' rx='.864' ry='1.27' transform='matrix(.3054 -.95222 -.97065 -.24051 0 0)'/><ellipse cx='22.885' cy='2.587' rx='.864' ry='1.27' transform='matrix(.22652 .97401 .95652 -.29167 0 0)'/><path stroke='#546e7a' stroke-width='.1' d='M10.708 8.392a.594.594 0 0 0-.594.597v.115c0 .331.265.598.594.598h.386a.973.772 0 0 1 .697-.235.973.772 0 0 1 .698.235h.334c.33 0 .595-.267.595-.598V8.99a.595.595 0 0 0-.595-.597h-2.115z'/></g><ellipse cx='11.734' cy='8.203' fill='#212121' stroke='#fafafa' stroke-width='.162' rx='1.208' ry='.68'/></g></svg>",
   "godot-assets": "<svg viewBox='0 0 32 32'><path fill='#66bb6a' d='m31.75 10.745-2.5-4.33a.5.5 0 0 0-.683-.183l-2.793 1.612A10 10 0 0 0 24 6.838V2.5a.5.5 0 0 0-.5-.5h-5a.5.5 0 0 0-.5.5V6h-4V2.5a.5.5 0 0 0-.5-.5h-5a.5.5 0 0 0-.5.5v4.338a10 10 0 0 0-1.725.97l-2.73-1.576a.5.5 0 0 0-.683.183l-2.5 4.33a.5.5 0 0 0 .183.683L2.6 12.614A10 10 0 0 0 2 16v3l5 1 1 4h4l1-4h6l1 4h4l1-4 5-1v-3a10 10 0 0 0-.58-3.332l2.147-1.24a.5.5 0 0 0 .183-.683M9 18a3 3 0 1 1 3-3 3 3 0 0 1-3 3m9-2h-4v-2h4Zm5 2a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/><path fill='#66bb6a' d='m26 22-1 4h-6l-1-4h-4l-1 4H7l-1-4-4-1v3a4 4 0 0 0 4 4h20a4 4 0 0 0 4-4v-3Z'/></svg>",
   "godot": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m26 22-1 4h-6l-1-4h-4l-1 4H7l-1-4-4-1v3a4 4 0 0 0 4 4h20a4 4 0 0 0 4-4v-3Z'/><path fill='#42a5f5' d='m31.75 10.745-2.5-4.33a.5.5 0 0 0-.683-.183l-2.793 1.612A10 10 0 0 0 24 6.838V2.5a.5.5 0 0 0-.5-.5h-5a.5.5 0 0 0-.5.5V6h-4V2.5a.5.5 0 0 0-.5-.5h-5a.5.5 0 0 0-.5.5v4.338a10 10 0 0 0-1.725.97l-2.73-1.576a.5.5 0 0 0-.683.183l-2.5 4.33a.5.5 0 0 0 .183.683L2.6 12.614A10 10 0 0 0 2 16v3l5 1 1 4h4l1-4h6l1 4h4l1-4 5-1v-3a10 10 0 0 0-.58-3.332l2.147-1.24a.5.5 0 0 0 .183-.683M9 18a3 3 0 1 1 3-3 3 3 0 0 1-3 3m9-2h-4v-2h4Zm5 2a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/></svg>",
   "gradle": "<svg viewBox='0 0 32 32'><path fill='#0097a7' d='M16 10v2h6c-2 0-3-2-6-2'/><path fill='#0097a7' d='M26 4h-2a4 4 0 0 0-4 4h4a1 1 0 0 1 2 0v4H16v-2h-5.317A2.683 2.683 0 0 0 8 12.683v2.634A2.683 2.683 0 0 0 10.683 18H16v2h-5.98A4.02 4.02 0 0 1 6 16v-2c-2 0-4 4-4 8 0 5 1 6 2 6h4v-4h4v4h4v-4h4v4h4v-6a2 2 0 0 0 2-2v-2a4 4 0 0 0 4-4V8a4 4 0 0 0-4-4m-4 12h-2a2 2 0 0 1-2-2h6a2 2 0 0 1-2 2'/></svg>",
-  "grafana-alloy": "<svg viewBox='0 0 24 24'><path fill='#FF6F00' d='M20.173 8.483a14.7 14.7 0 0 0-3.287-3.92l-.025-.02a13 13 0 0 0-.784-.603C14.28 2.67 12.317 2 10.394 2 7.953 2 5.741 3.302 4.167 5.668 1.952 8.994 1.48 13.656 2.99 17.269c1.134 2.712 4.077 4.47 7.873 4.706q.415.024.833.025c1.757 0 3.531-.338 5.073-.975 1.962-.81 3.463-2.048 4.342-3.583 1.304-2.28.945-5.712-.938-8.96zm-8.871.508c.863 0 1.723.354 2.341 1.048.558.625.839 1.43.79 2.266a3.1 3.1 0 0 1-1.007 2.128l-.072.064a3.14 3.14 0 0 1-3.725.28 4.4 4.4 0 0 1-.745-.67 3 3 0 0 1-.17-.214 3.1 3.1 0 0 1-.416-.874l-.016-.057-.002-.007c-.277-1.08.04-2.339.905-3.138l.066-.061a3.12 3.12 0 0 1 2.05-.764zm-.908-5.84c1.683 0 3.418.598 5.018 1.73q.367.26.72.553l.386.348c2.95 2.744 3.873 5.42 3.642 8.189-.151 1.818-1.31 3.27-2.97 4.394-1.58 1.07-4 1.377-5.727 1.192-1.697-.182-3.456-.866-4.592-2.404-.939-1.273-1.218-2.64-1.091-4.107.127-1.459.712-2.823 1.662-3.772.533-.533 1.442-1.202 2.894-1.324-.68.156-1.33.48-1.887.976a4.29 4.29 0 0 0-1.378 3.869c.093.636.33 1.248.713 1.778a4.3 4.3 0 0 0 1.252 1.191c1.66 1.121 3.728 1.033 5.747-.306 1.1-.73 1.844-1.994 2.04-3.471.238-1.788-.336-3.623-1.575-5.033-1.347-1.533-3.212-2.44-5.116-2.49-1.77-.046-3.409.652-4.737 2.017-.407.417-.777.87-1.107 1.349q.358-.801.838-1.523C6.48 4.272 8.35 3.152 10.394 3.152z'/></svg>",
+  "grafana-alloy": "<svg viewBox='0 0 24 24'><path fill='#ff6f00' d='M20.173 8.483a14.7 14.7 0 0 0-3.287-3.92l-.025-.02a13 13 0 0 0-.784-.603C14.28 2.67 12.317 2 10.394 2 7.953 2 5.741 3.302 4.167 5.668 1.952 8.994 1.48 13.656 2.99 17.269c1.134 2.712 4.077 4.47 7.873 4.706q.415.024.833.025c1.757 0 3.531-.338 5.073-.975 1.962-.81 3.463-2.048 4.342-3.583 1.304-2.28.945-5.712-.938-8.96zm-8.871.508c.863 0 1.723.354 2.341 1.048.558.625.839 1.43.79 2.266a3.1 3.1 0 0 1-1.007 2.128l-.072.064a3.14 3.14 0 0 1-3.725.28 4.4 4.4 0 0 1-.745-.67 3 3 0 0 1-.17-.214 3.1 3.1 0 0 1-.416-.874l-.016-.057-.002-.007c-.277-1.08.04-2.339.905-3.138l.066-.061a3.12 3.12 0 0 1 2.05-.764zm-.908-5.84c1.683 0 3.418.598 5.018 1.73q.367.26.72.553l.386.348c2.95 2.744 3.873 5.42 3.642 8.189-.151 1.818-1.31 3.27-2.97 4.394-1.58 1.07-4 1.377-5.727 1.192-1.697-.182-3.456-.866-4.592-2.404-.939-1.273-1.218-2.64-1.091-4.107.127-1.459.712-2.823 1.662-3.772.533-.533 1.442-1.202 2.894-1.324-.68.156-1.33.48-1.887.976a4.29 4.29 0 0 0-1.378 3.869c.093.636.33 1.248.713 1.778a4.3 4.3 0 0 0 1.252 1.191c1.66 1.121 3.728 1.033 5.747-.306 1.1-.73 1.844-1.994 2.04-3.471.238-1.788-.336-3.623-1.575-5.033-1.347-1.533-3.212-2.44-5.116-2.49-1.77-.046-3.409.652-4.737 2.017-.407.417-.777.87-1.107 1.349q.358-.801.838-1.523C6.48 4.272 8.35 3.152 10.394 3.152z'/></svg>",
   "grain": "<svg viewBox='0 0 32 32'><path fill='#ffa726' d='m16 2-4.97 9.782L16 16l5.094-4.218Z'/><path fill='#f57f17' d='M2 6.848V18.64L16 30l7.228-5.844Z'/><path fill='#f57c00' d='M30 18.645V6.71L17.334 17.235l7.284 5.808Z'/></svg>",
-  "graphcool": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 300 300'><path fill='#4CAF50' stroke='#4CAF50' stroke-width='7.884' d='M246.886 107.727c-12.237-6.892-27.616 2.1-30.081 3.646l-52.834 29.965c-7.8-6.196-18.914-5.933-26.412.625-7.499 6.558-9.24 17.537-4.14 26.094 5.102 8.556 15.588 12.246 24.923 8.768s14.852-13.129 13.111-22.937l52.688-29.9.321-.196c3.464-2.188 11.5-5.462 15.256-3.34 2.706 1.524 4.252 6.629 4.376 14.148h-.066v66.092a17.31 17.31 0 0 1-8.635 14.95l-75.739 43.755a17.31 17.31 0 0 1-17.261 0l-75.74-43.756a17.31 17.31 0 0 1-8.634-14.95V113.22c.01-6.165 3.3-11.86 8.634-14.95l68.549-39.562c6.522 7.482 17.451 9.25 26 4.206s12.283-15.468 8.886-24.794-12.962-14.904-22.751-13.27c-9.79 1.636-17.022 10.02-17.204 19.944L59.397 85.632a31.93 31.93 0 0 0-15.978 27.588v87.454a31.93 31.93 0 0 0 15.927 27.602l75.74 43.755a31.93 31.93 0 0 0 31.846 0l75.74-43.755a31.93 31.93 0 0 0 15.927-27.58V137.12h.05c.373-14.913-3.616-24.794-11.762-29.389z'/></svg>",
+  "graphcool": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 300 300'><path fill='#4caf50' stroke='#4caf50' stroke-width='7.884' d='M246.886 107.727c-12.237-6.892-27.616 2.1-30.081 3.646l-52.834 29.965c-7.8-6.196-18.914-5.933-26.412.625-7.499 6.558-9.24 17.537-4.14 26.094 5.102 8.556 15.588 12.246 24.923 8.768s14.852-13.129 13.111-22.937l52.688-29.9.321-.196c3.464-2.188 11.5-5.462 15.256-3.34 2.706 1.524 4.252 6.629 4.376 14.148h-.066v66.092a17.31 17.31 0 0 1-8.635 14.95l-75.739 43.755a17.31 17.31 0 0 1-17.261 0l-75.74-43.756a17.31 17.31 0 0 1-8.634-14.95V113.22c.01-6.165 3.3-11.86 8.634-14.95l68.549-39.562c6.522 7.482 17.451 9.25 26 4.206s12.283-15.468 8.886-24.794-12.962-14.904-22.751-13.27c-9.79 1.636-17.022 10.02-17.204 19.944L59.397 85.632a31.93 31.93 0 0 0-15.978 27.588v87.454a31.93 31.93 0 0 0 15.927 27.602l75.74 43.755a31.93 31.93 0 0 0 31.846 0l75.74-43.755a31.93 31.93 0 0 0 15.927-27.58V137.12h.05c.373-14.913-3.616-24.794-11.762-29.389z'/></svg>",
   "graphql": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='M6 20h20v2H6z'/><circle cx='7' cy='21' r='3' fill='#ec407a'/><circle cx='16' cy='27' r='3' fill='#ec407a'/><circle cx='25' cy='21' r='3' fill='#ec407a'/><path fill='#ec407a' d='M6 10h20v2H6z'/><circle cx='7' cy='11' r='3' fill='#ec407a'/><circle cx='16' cy='5' r='3' fill='#ec407a'/><circle cx='25' cy='11' r='3' fill='#ec407a'/><path fill='#ec407a' d='M6 12h2v10H6zm18-2h2v12h-2z'/><path fill='#ec407a' d='m5.014 19.41 11.674 6.866L15.674 28 4 21.134z'/><path fill='#ec407a' d='M26.688 21.724 15.014 28.59 14 26.866 25.674 20zM5.124 10.382l11.415-7.29 1.077 1.686L6.2 12.068z'/><path fill='#ec407a' d='m25.798 12.067-11.415-7.29 1.077-1.685 11.415 7.29zM6.2 19.932l11.416 7.29-1.077 1.686-11.415-7.29z'/><path fill='#ec407a' d='m26.875 21.619-11.415 7.29-1.077-1.687 11.415-7.289zM5.877 22.6 16.04 3.686l1.762.946L7.638 23.546z'/><path fill='#ec407a' d='M24.361 23.545 14.197 4.633l1.761-.947 10.165 18.913z'/></svg>",
   "gridsome": "<svg viewBox='0 0 32 32'><circle cx='16' cy='16' r='2' fill='#00bfa5'/><path fill='#00bfa5' d='M27.96 14H22v4h3.798A9.998 9.998 0 1 1 18 6.202V2.159A13.994 13.994 0 1 0 30 16v-.02A2.02 2.02 0 0 0 27.96 14'/></svg>",
   "groovy": "<svg viewBox='0 0 32 32'><path fill='#26c6da' d='M19.322 2a6.5 6.5 0 0 1 4.352 1.419 4.55 4.55 0 0 1 1.685 3.662 5.82 5.82 0 0 1-1.886 4.275 6.04 6.04 0 0 1-4.34 1.846 4.15 4.15 0 0 1-2.385-.649 1.91 1.91 0 0 1-.936-1.603 1.6 1.6 0 0 1 .356-1.024 1.1 1.1 0 0 1 .861-.447q.469 0 .468.504a.79.79 0 0 0 .358.693 1.43 1.43 0 0 0 .826.245 3.1 3.1 0 0 0 2.39-1.573 5.66 5.66 0 0 0 1.154-3.39 2.64 2.64 0 0 0-.891-2.064 3.28 3.28 0 0 0-2.293-.812 6.18 6.18 0 0 0-4.086 1.736 12.9 12.9 0 0 0-3.215 4.557 13.4 13.4 0 0 0-1.233 5.36 5.86 5.86 0 0 0 1.091 3.723 3.53 3.53 0 0 0 2.905 1.372q3.058 0 5.848-4.002l2.935-.388q.546-.07.545.246a8 8 0 0 1-.423 1.24q-.421 1.097-1.152 3.668A12.7 12.7 0 0 0 26 17.72v1.66a14.2 14.2 0 0 1-4.055 2.57 10.38 10.38 0 0 1-2.764 5.931 6.7 6.7 0 0 1-4.806 2.11 3.3 3.3 0 0 1-2.012-.55 1.8 1.8 0 0 1-.718-1.514q0-2.685 5.634-5.212.532-1.766 1.152-3.507a8.6 8.6 0 0 1-2.853 2.323 7.4 7.4 0 0 1-3.48 1.01 5.46 5.46 0 0 1-4.366-2.093A8.1 8.1 0 0 1 6 15.122a11.6 11.6 0 0 1 1.966-6.426 14.7 14.7 0 0 1 5.162-4.862A12.44 12.44 0 0 1 19.322 2m-2.407 22.17q-4.055 1.875-4.054 3.695a.87.87 0 0 0 .999.97q1.964 0 3.055-4.665'/></svg>",
-  "grunt": "<svg viewBox='0 0 300 300'><path fill='#F9A825' d='M61.045 79.22s4.718 18.193 5.39 24.259c.675 6.064-12.128 19.54-12.128 26.279s2.691 18.87 17.518 24.935 16.847 21.563 16.847 31c0 9.433-5.39 27.626-5.39 27.626s-3.368 45.148 14.825 53.234 14.151 8.086 18.192 8.086c4.037 0 33.688 12.136 51.21 7.416 17.523-4.711 22.234-10.105 22.234-10.105s17.523 1.348 22.908-14.151c5.394-15.492 8.757-47.84 6.735-62.665s-4.72-34.362 7.408-41.105c12.129-6.734 24.931-14.825 22.908-21.56S236.9 116.297 236.9 116.297s-2.697-16.84-.683-20.885c2.023-4.038 14.151-14.152 7.409-21.56-6.734-7.409-18.871-7.409-18.871-7.409l-15.491 1.34s-26.27-23.59-60.641-22.242c-34.346 1.348-55.914 22.234-55.914 22.234s-11.454-4.044-21.562 0c-10.114 4.045-12.128 0-10.106 11.454z'/><g fill='#e78724'><path d='M122.623 179.552s-13.345 20.404-23.133 34.884c-1.514 2.24 9.788 2.395 9.788 2.395l13.346-37.28zm6.353-42.303s-4.022 10.035-6.226 15.355c-2.392 5.783-11.511 8.66-11.511 8.66s4.728-4.958 4.728-17.519c0-5.262 6.802-7.359 6.802-7.359l6.208.872z'/><path d='M124.909 142.92s-8.242 9.81-23.544 4.317c-15.306-5.493-16.874-25.117-16.874-30.611s29.04 5.494 32.964 7.849 11.378 11.772 7.454 18.445M67.104 38.09s14.126-2.75 23.544 4.707c9.422 7.456 12.165 13.344 12.165 13.344L86.939 68.724s-7.67-3.557-10.026-13.761c-2.353-10.203-.783-14.911-9.81-16.873z'/><path d='M120.79 114.585c-6.084-8.634-16.107-12.4-24.11-13.025-13.646-1.066-20.125 3.758-20.125 3.758s22.349.946 28.79 9.407c11.992 15.746 29.487 17.025 32.284 13.567-3.235.161-6.793-1.442-10.602-5.043-2.38-2.253-4.309-5.924-6.239-8.664zm-37.73 30.528s-24.795-8.525-20.084-17.156c4.71-8.635.962-13.34.962-13.34s-13.847 10.337-10.32 21.324c2.17 6.742 5.808 11.626 25.783 20.984 9.58 17.793 1.978 49.829 2.434 49.977.759.246 13.452-6.274 12.585-36.246-.263-9.209-.995-21.765-11.355-25.555zm32.495-91.666c-10.398 5.283-24.642 12.638-24.642 12.638l5.606 2.804c-.534.868-.793 1.385-.793 1.385l5.748 2.616s14.044 10.176 22.653 16.717c-2.87-8.835-11.298-22.717-11.298-22.717s-2.393-6.378 2.713-13.444zm34.54 215.317c-31.958 0-42.783-16.223-42.783-16.223l4.995 12.161c1.888 5.263 22.027 21.634 37.74 21.634'/><path d='M110.815 241.575s2.94 17.97 14.713 17.97c10.004 0 12.952-15.179 12.952-18.316l-27.666.346zm-19.593-27.1c1.046-2.88 4.709-14.522 5.885-25.116 1.406-12.69.897-31.249.897-31.249s-3.141 12.166-5.896 14.132c-2.746 1.96-7.853 15.302-7.853 15.302s-2.738 19.862-4.037 26.538c3.602.722 6.628-1.4 10.986.393zm-28.43-78.732s6.668-2.356 8.634-16.874c1.96-14.521-2.357-27.079-2.357-27.079s.392 20.014-1.961 23.94c-2.357 3.922-4.317 5.1-7.065 10.204-2.749 5.103 1.176 8.239 2.749 9.81z'/></g><path fill='#FFCC80' d='m70.755 41.524-1.361-.864c-4.015.137 1.362.864 1.362.864z'/><path fill='#F9A825' d='M120.987 49.146s-6.278-1.046-9.419-5.754c-3.14-4.71-12.034-14.13-26.213-14.235-14.176-.107-28.204 3.768-28.204 3.768l12.244 7.73c1.296-.042 3.56-.025 7.305.098 15.366.51 17.732 15.705 17.732 15.705l54.162-7.457'/><path fill='#FAFAFA' d='M126.216 133.094s-7.326 7.326-18.576 4.97c-11.251-2.354-18.055-7.325-18.578-15.96-.523-8.634 2.357-12.034 2.357-12.034s12.564 3.93 18.583 9.16c6.019 5.238 10.467 13.608 16.223 13.871z'/><path fill='#BDBDBD' d='M117.352 130.48s-6.353 2.902-13.455.537c-9.297-3.1-9.917-12.77-9.917-12.77s-5.702 16.737 10.287 19.959c12.825 2.583 20.41-4.848 20.41-4.848z'/><g fill='#4E342E'><path d='M121.866 45.596c-.684-14.354 11.083-25.787 15.16-26.272.225 2.432-.227 11.919 3.848 14.836 1.187-7.746 5.2-16.29 21.045-21.889-3.394 9-.453 16.54.947 20.034 10.82-9.82 18.11-8.198 18.11-8.198s-7.518 12.973-4.577 21.486c-21.721-1.704-54.427 2.307-54.533.003M75.817 67.459c-5.182-4.3-1.32-8.29-1.729-13.175-.222-2.599-.427-5.052-1.285-6.406-4.77-7.53-16.018-9.815-16.133-9.839l-5.279-1.034 3.495-4.09c.452-.53 14.809-14.225 37.026-7.055 15.541 5.013 27.044 22.007 27.472 22.695l-7.787 3.663c-.09-.145-9.184-16.119-22.513-20.417-10.772-3.478-20.705-.17-24.964 1.998 4.522 1.806 10.434 5.094 14.003 10.72 1.686 2.655 1.965 6.002 2.237 9.24.361 4.288.698 8.336 3.856 10.957l-8.387 2.743zm-13.842 62.765s6.53-8.097 8.464-23.852c.76-6.206-.59-18.446-2.749-23.155.392 11.578-2.55 23.155-2.55 23.155s-1.982 21.497-3.158 23.852z'/><path d='M96.41 59.281c-.004-.016-2.096-9.158-7.894-13.773-8.182-6.507-18.17-3.045-18.267-3.015l-1.447-4.481c.485-.156 11.906-3.754 22.423 3.642 10.582 7.439 11.857 14.181 11.964 14.926l-6.776 2.701zm-13.923 65.136s-3.426-4.904-2.81-10.297c.307-2.664 1.541-5.397 3.745-6.367 4.094-1.793 5.912 2.845 5.912 2.845s-5.764 1.422-6.842 13.822z'/><path d='M120.099 131.893c.143.268.216.417.216.417s-10.685 8.019-21.634-.118c-5.863-4.358-5.308-15.138-3.513-19.71 4.67 1.061 8.63 2.969 11.941 5.197-4.183-3.733-7.846-6.48-7.836-6.545l-4.755-1.349-9.242-3.165c-.119.707-3.49 16.51 6.24 27.274 4.314 4.777 24.533 15.467 34.133-2.812l-5.55.83z'/><path d='M119.095 133.07c6.016 9.155 21.194 3.923 20.933-5.757 0 0-10.142 5.598-19.101-4.708-5.232-6.01-21.996-22.604-44.727-17.086 15.698 3.453 36.48 17.793 42.895 27.562z'/><path d='M74.077 158.905c1.447.836 6.55 6.121 6.553 14.027 0 3.964-.395 23.879-2.357 36.044 2.952 1.918 5.008 2.325 7.946 4.28 1.472-14.09 2.526-34.512 2.034-42.756-.559-9.398-5.591-15.705-10.253-18.394a187 187 0 0 0-4.523-2.498c-7.992-4.318-16.256-8.786-16.256-16.414 0-5.967 2.319-7.833 4.777-9.812l.264-.214c1.628-1.317 3.478-2.81 4.571-5.262 2.985-6.704 3.47-23.78 0-28.116-1.726-2.162-6.364-9.43-5.032-14.307.51-1.866 1.686-3.248 3.593-4.226 2.023-1.036 4.753-1.563 8.116-1.563 6.603 0 13.93 2.007 17.703 3.207 13.502 4.276 29.79 16.61 34.461 20.294l.23.172 2.985 2.08-1.866-3.132c-.115-.198-11.948-19.66-33.113-26.798-4.12-1.39-12.202-3.716-20.153-3.716-4.728 0-8.75.822-11.931 2.45-3.873 1.982-6.496 5.147-7.59 9.144-2.672 9.8 6.036 20.712 6.332 21.066 1.02 1.809 1.447 14.965-.897 20.236-.32.723-1.2 1.439-2.327 2.343-.345.28-.74.576-1.159.888-3.305 2.492-8.305 6.266-8.305 14.957 0 11.89 12.063 18.345 21.749 23.525 1.595.855 3.108 1.66 4.481 2.45z'/><path d='M75.817 67.459c-5.182-4.3-1.32-8.29-1.729-13.175-.222-2.599-.427-5.052-1.285-6.406-4.77-7.53-16.018-9.815-16.133-9.839l-5.279-1.034 3.495-4.09c.452-.53 14.809-14.225 37.026-7.055 15.541 5.013 27.044 22.007 27.472 22.695l-7.787 3.663c-.09-.145-9.184-16.119-22.513-20.417-10.772-3.478-20.705-.17-24.964 1.998 4.522 1.806 10.434 5.094 14.003 10.72 1.686 2.655 1.965 6.002 2.237 9.24.361 4.288.698 8.336 3.856 10.957l-8.387 2.743z'/><path d='m75.649 68.34-.335-.278c-3.843-3.182-3.161-6.331-2.501-9.365.3-1.398.617-2.854.488-4.342-.21-2.5-.41-4.86-1.164-6.052-4.539-7.17-15.516-9.464-15.623-9.489l-6.595-1.299 4.375-5.106c.082-.09 9.3-9.398 24.906-9.398 4.26 0 8.617.707 12.95 2.113 16.216 5.23 27.793 22.85 27.9 23.023l.469.748-9.218 4.342-.37-.584c-.987-1.686-9.727-16.1-22.094-20.088-3.034-.987-6.233-1.48-9.505-1.48-5.92 0-10.723 1.62-13.28 2.697 4.276 1.924 9.448 5.164 12.729 10.336 1.784 2.82 2.072 6.257 2.351 9.58.346 4.135.675 8.025 3.577 10.434l1.094.904-10.147 3.33z'/><path d='M96.41 59.281c-.004-.016-2.096-9.158-7.894-13.773-8.182-6.507-18.17-3.045-18.267-3.015l-1.447-4.481c.485-.156 11.906-3.754 22.423 3.642 10.582 7.439 11.857 14.181 11.964 14.926l-6.776 2.701z'/><path d='m95.842 60.35-.204-.9c-.021-.087-2.072-8.916-7.62-13.326-3.16-2.516-6.972-3.79-11.322-3.79-3.396 0-5.92.814-6.195.904l-.75.255-1.94-5.978.747-.238c.338-.107 3.364-1.053 7.656-1.053 5.657 0 11.002 1.661 15.466 4.802 10.854 7.63 12.178 14.678 12.293 15.459l.099.616-8.206 3.273zM76.696 40.762c4.648 0 8.905 1.43 12.301 4.131 4.926 3.923 7.242 10.846 7.943 13.33l5.337-2.128c-.483-1.885-2.61-7.54-11.512-13.798-4.257-2.993-9.156-4.509-14.562-4.509-2.967 0-5.27.472-6.41.76l.962 2.977a23.3 23.3 0 0 1 5.941-.763m48.339 214.47c-2.32 0-4.686-.84-6.326-2.26-1.256-1.083-5.501-4.984-7.374-9.761-.699-1.787-.543-3.215.472-4.245.699-.704 2.15-1.547 5.094-1.547l2.095-.003c2.5-.003 6.701-.003 10.295-.003h3.445c2.245 0 3.848.485 4.769 1.43 1.184 1.218.806 2.772.477 3.586-.576 1.43-2.96 6.085-7.006 10.402-1.447 1.554-3.552 2.409-5.928 2.409zm2.43-121.628-8.371-.539s2.14 3.773 3.526 8.652c1.565 5.517-1.431 13.584-1.431 13.584s11.162-12.638 6.276-21.7zm-10.452 143.73c-29.797-2.29-40.28-30.446-40.28-36.31l7.781.003h-3.89 3.89c.04 2.54 7.958 26.625 33.096 28.557l-.596 7.762z'/></g><path fill='#FAFAFA' d='M108.644 226.897c-.465-2.691-.513-5.243.055-7.751-2.265-1.702-6.328-2.335-9.377-3.33-2.5-1.579-15.253 1.611-24.512-9.588-11.602-14.028-9.16-22.406-9.16-22.406-2.976 3.305-5.854 2.039-10.393 17.448s2.13 26.148 14.562 36.928c5.87 5.09 14.176 7.186 21.313 7.992-2.393-2.401 4.087-2.648 8.551-4.317-.361-3.61.239-7.104 2.928-9.925 1.62-1.702 3.708-2.713 5.87-3.527.124-.28.223-.535.338-.806a7 7 0 0 1-.19-.756z'/><path fill='#BDBDBD' d='M99.632 241.805c-.257-.757-.452-1.53-.643-2.305-.206-.847-1.234-3.25.033-.507a10.2 10.2 0 0 1-.696-2.155c-20.129-.026-37.643-13.846-34.255-42.905-2.632-3.499-6.324 7.055-6.324 7.055S47.675 230.25 73.7 241.59c8.675 3.782 16.339 6.494 18.148 5.4 3.765.765 7.17-1.86 8.444-3.588-.238-.53-.452-1.06-.641-1.599z'/><path fill='#4E342E' d='M108.283 222.68c.03-2.454.532-4.83 1.718-7.196.082-.164.179-.32.267-.478-7.745-.066-16.667-.809-24.264-3.848-8.346-3.341-18.79-14.768-20.59-28.194 0 0-15.721 12.135-11.1 38.108 4.333 24.39 24.741 32.342 48.02 33.687.016-.158-2.615-5.592-1.785-8.918-13.213.962-27.998-4.144-35.127-15.886-6.528-10.738-4.695-29.083-2.014-31.772 6.553 20.664 30.111 24.865 44.887 24.504z'/><path fill='#4E342E' d='M110.717 207.887c-4.189 12.292-12.745 22.24-12.745 22.24s11.77-.543 12.419-2.624c.481-1.537 10.627-25.284 14.521-53.11-3.663 6.02-13.837 32.43-14.195 33.483z'/><g fill='#e78724'><path d='M177.394 179.552s13.34 20.404 23.132 34.884c1.515 2.24-9.791 2.395-9.791 2.395zm-6.356-42.303s4.024 10.035 6.224 15.355c2.393 5.783 11.512 8.66 11.512 8.66s-4.728-4.958-4.728-17.519c0-5.262-6.802-7.359-6.802-7.359l-6.2.872z'/><path d='M175.1 142.92s8.241 9.81 23.547 4.317 16.875-25.117 16.875-30.611-29.04 5.494-32.965 7.849-11.38 11.772-7.457 18.445m57.804-104.83s-14.126-2.75-23.546 4.707c-9.423 7.456-12.17 13.344-12.17 13.344l15.87 12.582s7.672-3.556 10.024-13.76c2.351-10.203.78-14.911 9.81-16.873z'/><path d='M179.227 114.585c6.083-8.634 16.103-12.4 24.109-13.025 13.647-1.066 20.122 3.758 20.122 3.758s-22.349.946-28.791 9.407c-11.993 15.746-29.481 17.025-32.279 13.567 3.232.161 6.792-1.442 10.6-5.043 2.375-2.253 4.308-5.924 6.232-8.664zm37.727 30.528s24.795-8.525 20.086-17.157c-4.709-8.642-.964-13.345-.964-13.345s13.85 10.336 10.318 21.321c-2.169 6.743-5.806 11.627-25.782 20.984-9.587 17.794-1.981 49.83-2.433 49.977-.765.247-13.453-6.273-12.59-36.245.264-9.2.996-21.765 11.356-25.556zm-32.492-91.666a5329 5329 0 0 1 24.64 12.638l-5.6 2.804c.535.868.798 1.385.798 1.385l-5.747 2.616S184.509 83.066 175.9 89.607c2.87-8.835 11.29-22.717 11.29-22.717s2.392-6.378-2.714-13.444zm-34.54 215.317c31.953 0 42.778-16.223 42.778-16.223l-4.991 12.161c-1.888 5.263-22.028 21.634-37.739 21.634'/><path d='M189.201 241.575s-2.943 17.97-14.713 17.97c-10.003 0-12.95-15.179-12.95-18.316zm19.592-27.1c-1.046-2.88-4.708-14.522-5.887-25.116-1.411-12.69-.894-31.249-.894-31.249s3.141 12.166 5.884 14.132c2.75 1.96 7.85 15.302 7.85 15.302s2.733 19.862 4.033 26.538c-3.599.722-6.627-1.4-10.985.393zm28.434-78.732s-6.673-2.356-8.634-16.874c-1.962-14.521 2.355-27.079 2.355-27.079s-.394 20.014 1.957 23.94c2.352 3.924 4.317 5.1 7.063 10.204 2.747 5.102-1.184 8.239-2.746 9.81z'/></g><path fill='#FFCC80' d='m229.254 41.524 1.365-.864c4.015.137-1.365.864-1.365.864'/><path fill='#F9A825' d='M179.03 49.146s6.28-1.046 9.418-5.754c3.141-4.71 12.038-14.13 26.216-14.235 14.178-.107 28.204 3.768 28.204 3.768l-12.244 7.73c-1.296-.042-3.56-.025-7.308.098-15.364.51-17.73 15.705-17.73 15.705l-54.154-7.457'/><path fill='#FAFAFA' d='M173.8 133.094s7.327 7.326 18.575 4.97c11.252-2.354 18.055-7.325 18.578-15.96.522-8.634-2.354-12.034-2.354-12.034s-12.56 3.93-18.577 9.16-10.464 13.608-16.222 13.871z'/><path fill='#BDBDBD' d='M182.664 130.48s6.356 2.902 13.456.537c9.3-3.1 9.918-12.77 9.918-12.77s5.7 16.737-10.29 19.959c-12.822 2.583-20.408-4.848-20.408-4.848z'/><g fill='#4E342E'><path d='M224.197 67.459c5.182-4.3 1.322-8.29 1.731-13.175.22-2.599.425-5.052 1.283-6.406 4.77-7.53 16.02-9.815 16.135-9.839l5.28-1.034-3.495-4.09c-.453-.53-14.81-14.225-37.027-7.055-15.54 5.013-27.044 22.007-27.471 22.695l7.786 3.663c.09-.145 9.185-16.119 22.522-20.417 10.772-3.478 20.705-.17 24.956 1.998-4.523 1.806-10.435 5.094-14.003 10.72-1.686 2.655-1.966 6.002-2.237 9.24-.362 4.288-.707 8.336-3.865 10.957l8.38 2.743zm13.838 62.765s-6.526-8.097-8.46-23.852c-.76-6.206.587-18.446 2.746-23.155-.393 11.578 2.553 23.155 2.553 23.155s1.985 21.497 3.161 23.852'/><path d='M203.607 59.281c.004-.016 2.097-9.158 7.896-13.773 8.18-6.507 18.17-3.045 18.263-3.015l1.455-4.481c-.485-.156-11.901-3.754-22.426 3.642-10.59 7.439-11.857 14.181-11.972 14.926l6.775 2.701zm13.924 65.136s3.425-4.904 2.806-10.297c-.304-2.664-1.538-5.397-3.741-6.367-4.095-1.793-5.91 2.845-5.91 2.845s5.763 1.422 6.845 13.822z'/><path d='M179.918 131.893c-.142.268-.216.417-.216.417s10.68 8.019 21.63-.118c5.866-4.358 5.313-15.138 3.512-19.71-4.666 1.061-8.626 2.969-11.94 5.197 4.186-3.733 7.848-6.48 7.835-6.545l4.759-1.349 9.234-3.165c.115.707 3.486 16.51-6.25 27.274-4.316 4.777-24.536 15.467-34.132-2.812l5.55.83z'/><path d='M180.913 133.07c-6.016 9.155-21.19 3.923-20.927-5.757 0 0 10.139 5.598 19.098-4.708 5.231-6.01 21.997-22.604 44.729-17.086-15.697 3.453-36.482 17.793-42.9 27.562z'/><path d='M225.94 158.905c-1.447.836-6.554 6.121-6.554 14.027-.003 3.964.393 23.879 2.357 36.044-2.952 1.918-5.008 2.325-7.946 4.28-1.472-14.09-2.53-34.512-2.035-42.756.562-9.398 5.592-15.705 10.257-18.394 1.461-.84 2.99-1.667 4.531-2.498 7.992-4.318 16.256-8.786 16.256-16.414 0-5.967-2.322-7.833-4.777-9.812l-.263-.214c-1.628-1.317-3.477-2.81-4.566-5.262-2.985-6.704-3.479-23.78-.009-28.116 1.727-2.162 6.365-9.43 5.033-14.307-.51-1.866-1.686-3.248-3.594-4.226-2.022-1.036-4.752-1.563-8.115-1.563-6.603 0-13.93 2.007-17.704 3.207-13.501 4.276-29.79 16.61-34.469 20.294-.131.098-.214.164-.23.172l-2.993 2.08 1.866-3.132c.116-.198 11.948-19.66 33.113-26.798 4.12-1.39 12.202-3.716 20.153-3.716 4.728 0 8.741.822 11.923 2.45 3.873 1.982 6.496 5.147 7.59 9.144 2.672 9.8-6.027 20.712-6.332 21.066-1.02 1.809-1.447 14.965.897 20.236.32.723 1.208 1.439 2.327 2.343q.53.42 1.159.888c3.305 2.492 8.305 6.266 8.305 14.957 0 11.89-12.055 18.345-21.74 23.525-1.588.855-3.109 1.66-4.474 2.45z'/><path d='M211.559 66.06c-1.918-3.249-6.822-9.52-18.125-15.032-12.613-6.147-27.212-9.267-43.396-9.275v-.003h-.058v.008c-16.182.008-30.785 3.133-43.399 9.275-11.297 5.518-16.198 11.783-18.122 15.031l-.822 1.094 9.677 2.153.31-.386.163-.357c.148-.642 1.447-4.095 12.238-9.357 11.536-5.626 24.989-8.478 39.987-8.486 14.998.006 28.45 2.859 39.986 8.486 10.788 5.262 12.095 8.715 12.243 9.355l.157.356.304.387 9.678-2.155-.822-1.088z'/><path d='M224.197 67.459c5.182-4.3 1.322-8.29 1.731-13.175.22-2.599.425-5.052 1.283-6.406 4.77-7.53 16.02-9.815 16.135-9.839l5.28-1.034-3.495-4.09c-.453-.53-14.81-14.225-37.027-7.055-15.54 5.013-27.044 22.007-27.471 22.695l7.786 3.663c.09-.145 9.185-16.119 22.522-20.417 10.772-3.478 20.705-.17 24.956 1.998-4.523 1.806-10.435 5.094-14.003 10.72-1.686 2.655-1.966 6.002-2.237 9.24-.362 4.288-.707 8.336-3.865 10.957l8.38 2.743z'/><path d='m214.223 65.017 1.09-.908c2.903-2.408 3.228-6.296 3.578-10.43.282-3.33.572-6.767 2.354-9.587 3.274-5.172 8.458-8.404 12.728-10.336-2.557-1.086-7.36-2.697-13.284-2.697-3.273 0-6.465.493-9.502 1.472-12.367 3.988-21.104 18.394-22.094 20.087l-.37.584-9.218-4.333.469-.748c.11-.173 11.676-17.794 27.895-23.024 4.342-1.406 8.7-2.113 12.959-2.113 15.615 0 24.832 9.308 24.906 9.399l4.375 5.114-6.595 1.291c-.107.017-11.084 2.319-15.623 9.489-.748 1.192-.946 3.552-1.16 6.052-.123 1.488.19 2.935.494 4.341.658 3.034 1.34 6.184-2.5 9.366l-.329.271-10.146-3.33z'/><path d='M203.607 59.281c.004-.016 2.097-9.158 7.896-13.773 8.18-6.507 18.17-3.045 18.263-3.015l1.455-4.481c-.485-.156-11.901-3.754-22.426 3.642-10.59 7.439-11.857 14.181-11.972 14.926l6.775 2.701z'/><path d='m195.968 57.08.09-.615c.116-.778 1.442-7.828 12.29-15.454 4.465-3.136 9.818-4.795 15.467-4.795 4.292 0 7.318.946 7.655 1.053l.749.246-1.94 5.978-.75-.247c-.279-.09-2.803-.904-6.19-.904-4.35 0-8.158 1.283-11.315 3.799-5.542 4.415-7.598 13.238-7.614 13.329l-.198.904-8.206-3.273zm33.294-15.557.966-2.975c-1.14-.29-3.447-.76-6.414-.76-5.405 0-10.305 1.518-14.562 4.51-8.903 6.257-11.03 11.912-11.513 13.797l5.342 2.127c.699-2.483 3.013-9.408 7.94-13.329 3.404-2.702 7.655-4.13 12.3-4.13 2.673 0 4.827.46 5.946.76zm-60.209 211.304c-4.043-4.323-6.435-8.975-7.013-10.404-.33-.814-.708-2.365.479-3.585.924-.943 2.526-1.427 4.766-1.427h3.453c3.594 0 7.795 0 10.295.008l2.097.008c2.943 0 4.399.847 5.09 1.546 1.02 1.028 1.175 2.459.476 4.251-1.874 4.777-6.117 8.683-7.375 9.76-1.645 1.423-4.005 2.262-6.323 2.262-2.377 0-4.482-.856-5.929-2.401zm3.5-119.227 8.367-.539s-2.138 3.773-3.523 8.652c-1.57 5.517 1.43 13.584 1.43 13.584s-11.166-12.639-6.281-21.7z'/></g><path fill='#e78724' d='M150.004 103.715c-5.336 0-12.293-.146-17.512-3.898 0 0 6.834 11.982 17.503 11.982l.008-1.516.01 1.516c10.67 0 17.504-11.98 17.504-11.98-5.22 3.75-12.182 3.897-17.513 3.897z'/><path fill='#4E342E' d='M164.698 103.657c-5.353 3.24-10.132 4.362-14.691 4.462-4.56-.1-9.339-1.222-14.692-4.461 0 0 7.795 9.513 14.653 9.587v.009h.038c.012 0 .024.008.038.008 6.858-.074 14.661-9.58 14.661-9.58zm18.3 173.686-.598-7.758c25.137-1.932 33.055-26.019 33.096-28.554h7.787c.008 5.863-10.484 34.022-40.274 36.311z'/><path fill='#FAFAFA' d='M191.372 226.897c.467-2.691.512-5.243-.055-7.751 2.268-1.702 6.328-2.335 9.377-3.33 2.493-1.579 15.255 1.611 24.512-9.588 11.596-14.028 9.151-22.406 9.151-22.406 2.977 3.305 5.856 2.039 10.392 17.448 4.539 15.41-2.134 26.148-14.564 36.928-5.87 5.09-14.174 7.186-21.314 7.992 2.392-2.401-4.079-2.648-8.544-4.317.362-3.61-.238-7.104-2.927-9.925-1.612-1.702-3.7-2.713-5.863-3.527-.123-.28-.222-.535-.337-.806.074-.247.14-.493.19-.756z'/><path fill='#BDBDBD' d='M200.376 241.805c.261-.757.452-1.53.644-2.305.21-.847 1.238-3.25-.03-.507a10.2 10.2 0 0 0 .695-2.155c20.13-.026 37.643-13.846 34.257-42.905 2.635-3.499 6.328 7.055 6.328 7.055s10.078 29.262-15.95 40.603c-8.672 3.782-16.335 6.494-18.144 5.4-3.77.765-7.17-1.86-8.442-3.588.238-.53.46-1.06.65-1.599z'/><g fill='#4E342E'><path d='M191.734 222.68c-.028-2.454-.532-4.83-1.715-7.196-.083-.164-.18-.32-.268-.478 7.746-.066 16.668-.809 24.265-3.848 8.35-3.341 18.795-14.768 20.59-28.194 0 0 15.726 12.135 11.105 38.108-4.341 24.39-24.747 32.342-48.023 33.687-.013-.158 2.619-5.592 1.787-8.918 13.213.962 27.998-4.144 35.135-15.886 6.529-10.738 4.695-29.083 2.014-31.772-6.545 20.664-30.11 24.865-44.887 24.504z'/><path d='M201.132 228.797c-2.78-3.006-7.893-6.59-19.682-6.59l-31.394-.019h-.074c-9.045.007-31.402.02-31.402.02-11.783 0-16.898 3.584-19.677 6.589-4.054 4.374-4.687 10.461-1.883 18.069 7.45 20.249 17.925 40.821 52.97 40.85v.003h.041c.017 0 .025.008.041.008 35.045-.024 45.52-20.597 52.97-40.85 2.804-7.606 2.171-13.69-1.883-18.065zm-5.456 16.649c-3.55 10.168-13.09 34.78-45.669 34.823-32.58-.043-42.117-24.654-45.668-34.823-1.963-5.64-1.814-9.816.46-12.41 1.555-1.772 5.123-3.889 13.255-3.889l8.497-.002c6.268-.006 14.138-.013 23.459-.017 9.316.004 17.19.01 23.457.017l8.493.003c8.135 0 11.703 2.113 13.257 3.88 2.272 2.591 2.423 6.768.459 12.409z'/><path d='M189.292 207.887c4.188 12.292 12.743 22.24 12.743 22.24s-11.766-.543-12.416-2.624c-.477-1.537-10.624-25.284-14.513-53.11 3.667 6.02 13.839 32.43 14.2 33.483z'/></g></svg>",
+  "grunt": "<svg viewBox='0 0 300 300'><path fill='#f9a825' d='M61.045 79.22s4.718 18.193 5.39 24.259c.675 6.064-12.128 19.54-12.128 26.279s2.691 18.87 17.518 24.935 16.847 21.563 16.847 31c0 9.433-5.39 27.626-5.39 27.626s-3.368 45.148 14.825 53.234 14.151 8.086 18.192 8.086c4.037 0 33.688 12.136 51.21 7.416 17.523-4.711 22.234-10.105 22.234-10.105s17.523 1.348 22.908-14.151c5.394-15.492 8.757-47.84 6.735-62.665s-4.72-34.362 7.408-41.105c12.129-6.734 24.931-14.825 22.908-21.56S236.9 116.297 236.9 116.297s-2.697-16.84-.683-20.885c2.023-4.038 14.151-14.152 7.409-21.56-6.734-7.409-18.871-7.409-18.871-7.409l-15.491 1.34s-26.27-23.59-60.641-22.242c-34.346 1.348-55.914 22.234-55.914 22.234s-11.454-4.044-21.562 0c-10.114 4.045-12.128 0-10.106 11.454z'/><g fill='#e78724'><path d='M122.623 179.552s-13.345 20.404-23.133 34.884c-1.514 2.24 9.788 2.395 9.788 2.395l13.346-37.28zm6.353-42.303s-4.022 10.035-6.226 15.355c-2.392 5.783-11.511 8.66-11.511 8.66s4.728-4.958 4.728-17.519c0-5.262 6.802-7.359 6.802-7.359l6.208.872z'/><path d='M124.909 142.92s-8.242 9.81-23.544 4.317c-15.306-5.493-16.874-25.117-16.874-30.611s29.04 5.494 32.964 7.849 11.378 11.772 7.454 18.445M67.104 38.09s14.126-2.75 23.544 4.707c9.422 7.456 12.165 13.344 12.165 13.344L86.939 68.724s-7.67-3.557-10.026-13.761c-2.353-10.203-.783-14.911-9.81-16.873z'/><path d='M120.79 114.585c-6.084-8.634-16.107-12.4-24.11-13.025-13.646-1.066-20.125 3.758-20.125 3.758s22.349.946 28.79 9.407c11.992 15.746 29.487 17.025 32.284 13.567-3.235.161-6.793-1.442-10.602-5.043-2.38-2.253-4.309-5.924-6.239-8.664zm-37.73 30.528s-24.795-8.525-20.084-17.156c4.71-8.635.962-13.34.962-13.34s-13.847 10.337-10.32 21.324c2.17 6.742 5.808 11.626 25.783 20.984 9.58 17.793 1.978 49.829 2.434 49.977.759.246 13.452-6.274 12.585-36.246-.263-9.209-.995-21.765-11.355-25.555zm32.495-91.666c-10.398 5.283-24.642 12.638-24.642 12.638l5.606 2.804c-.534.868-.793 1.385-.793 1.385l5.748 2.616s14.044 10.176 22.653 16.717c-2.87-8.835-11.298-22.717-11.298-22.717s-2.393-6.378 2.713-13.444zm34.54 215.317c-31.958 0-42.783-16.223-42.783-16.223l4.995 12.161c1.888 5.263 22.027 21.634 37.74 21.634'/><path d='M110.815 241.575s2.94 17.97 14.713 17.97c10.004 0 12.952-15.179 12.952-18.316l-27.666.346zm-19.593-27.1c1.046-2.88 4.709-14.522 5.885-25.116 1.406-12.69.897-31.249.897-31.249s-3.141 12.166-5.896 14.132c-2.746 1.96-7.853 15.302-7.853 15.302s-2.738 19.862-4.037 26.538c3.602.722 6.628-1.4 10.986.393zm-28.43-78.732s6.668-2.356 8.634-16.874c1.96-14.521-2.357-27.079-2.357-27.079s.392 20.014-1.961 23.94c-2.357 3.922-4.317 5.1-7.065 10.204-2.749 5.103 1.176 8.239 2.749 9.81z'/></g><path fill='#ffcc80' d='m70.755 41.524-1.361-.864c-4.015.137 1.362.864 1.362.864z'/><path fill='#f9a825' d='M120.987 49.146s-6.278-1.046-9.419-5.754c-3.14-4.71-12.034-14.13-26.213-14.235-14.176-.107-28.204 3.768-28.204 3.768l12.244 7.73c1.296-.042 3.56-.025 7.305.098 15.366.51 17.732 15.705 17.732 15.705l54.162-7.457'/><path fill='#fafafa' d='M126.216 133.094s-7.326 7.326-18.576 4.97c-11.251-2.354-18.055-7.325-18.578-15.96-.523-8.634 2.357-12.034 2.357-12.034s12.564 3.93 18.583 9.16c6.019 5.238 10.467 13.608 16.223 13.871z'/><path fill='#bdbdbd' d='M117.352 130.48s-6.353 2.902-13.455.537c-9.297-3.1-9.917-12.77-9.917-12.77s-5.702 16.737 10.287 19.959c12.825 2.583 20.41-4.848 20.41-4.848z'/><g fill='#4e342e'><path d='M121.866 45.596c-.684-14.354 11.083-25.787 15.16-26.272.225 2.432-.227 11.919 3.848 14.836 1.187-7.746 5.2-16.29 21.045-21.889-3.394 9-.453 16.54.947 20.034 10.82-9.82 18.11-8.198 18.11-8.198s-7.518 12.973-4.577 21.486c-21.721-1.704-54.427 2.307-54.533.003M75.817 67.459c-5.182-4.3-1.32-8.29-1.729-13.175-.222-2.599-.427-5.052-1.285-6.406-4.77-7.53-16.018-9.815-16.133-9.839l-5.279-1.034 3.495-4.09c.452-.53 14.809-14.225 37.026-7.055 15.541 5.013 27.044 22.007 27.472 22.695l-7.787 3.663c-.09-.145-9.184-16.119-22.513-20.417-10.772-3.478-20.705-.17-24.964 1.998 4.522 1.806 10.434 5.094 14.003 10.72 1.686 2.655 1.965 6.002 2.237 9.24.361 4.288.698 8.336 3.856 10.957l-8.387 2.743zm-13.842 62.765s6.53-8.097 8.464-23.852c.76-6.206-.59-18.446-2.749-23.155.392 11.578-2.55 23.155-2.55 23.155s-1.982 21.497-3.158 23.852z'/><path d='M96.41 59.281c-.004-.016-2.096-9.158-7.894-13.773-8.182-6.507-18.17-3.045-18.267-3.015l-1.447-4.481c.485-.156 11.906-3.754 22.423 3.642 10.582 7.439 11.857 14.181 11.964 14.926l-6.776 2.701zm-13.923 65.136s-3.426-4.904-2.81-10.297c.307-2.664 1.541-5.397 3.745-6.367 4.094-1.793 5.912 2.845 5.912 2.845s-5.764 1.422-6.842 13.822z'/><path d='M120.099 131.893c.143.268.216.417.216.417s-10.685 8.019-21.634-.118c-5.863-4.358-5.308-15.138-3.513-19.71 4.67 1.061 8.63 2.969 11.941 5.197-4.183-3.733-7.846-6.48-7.836-6.545l-4.755-1.349-9.242-3.165c-.119.707-3.49 16.51 6.24 27.274 4.314 4.777 24.533 15.467 34.133-2.812l-5.55.83z'/><path d='M119.095 133.07c6.016 9.155 21.194 3.923 20.933-5.757 0 0-10.142 5.598-19.101-4.708-5.232-6.01-21.996-22.604-44.727-17.086 15.698 3.453 36.48 17.793 42.895 27.562z'/><path d='M74.077 158.905c1.447.836 6.55 6.121 6.553 14.027 0 3.964-.395 23.879-2.357 36.044 2.952 1.918 5.008 2.325 7.946 4.28 1.472-14.09 2.526-34.512 2.034-42.756-.559-9.398-5.591-15.705-10.253-18.394a187 187 0 0 0-4.523-2.498c-7.992-4.318-16.256-8.786-16.256-16.414 0-5.967 2.319-7.833 4.777-9.812l.264-.214c1.628-1.317 3.478-2.81 4.571-5.262 2.985-6.704 3.47-23.78 0-28.116-1.726-2.162-6.364-9.43-5.032-14.307.51-1.866 1.686-3.248 3.593-4.226 2.023-1.036 4.753-1.563 8.116-1.563 6.603 0 13.93 2.007 17.703 3.207 13.502 4.276 29.79 16.61 34.461 20.294l.23.172 2.985 2.08-1.866-3.132c-.115-.198-11.948-19.66-33.113-26.798-4.12-1.39-12.202-3.716-20.153-3.716-4.728 0-8.75.822-11.931 2.45-3.873 1.982-6.496 5.147-7.59 9.144-2.672 9.8 6.036 20.712 6.332 21.066 1.02 1.809 1.447 14.965-.897 20.236-.32.723-1.2 1.439-2.327 2.343-.345.28-.74.576-1.159.888-3.305 2.492-8.305 6.266-8.305 14.957 0 11.89 12.063 18.345 21.749 23.525 1.595.855 3.108 1.66 4.481 2.45z'/><path d='M75.817 67.459c-5.182-4.3-1.32-8.29-1.729-13.175-.222-2.599-.427-5.052-1.285-6.406-4.77-7.53-16.018-9.815-16.133-9.839l-5.279-1.034 3.495-4.09c.452-.53 14.809-14.225 37.026-7.055 15.541 5.013 27.044 22.007 27.472 22.695l-7.787 3.663c-.09-.145-9.184-16.119-22.513-20.417-10.772-3.478-20.705-.17-24.964 1.998 4.522 1.806 10.434 5.094 14.003 10.72 1.686 2.655 1.965 6.002 2.237 9.24.361 4.288.698 8.336 3.856 10.957l-8.387 2.743z'/><path d='m75.649 68.34-.335-.278c-3.843-3.182-3.161-6.331-2.501-9.365.3-1.398.617-2.854.488-4.342-.21-2.5-.41-4.86-1.164-6.052-4.539-7.17-15.516-9.464-15.623-9.489l-6.595-1.299 4.375-5.106c.082-.09 9.3-9.398 24.906-9.398 4.26 0 8.617.707 12.95 2.113 16.216 5.23 27.793 22.85 27.9 23.023l.469.748-9.218 4.342-.37-.584c-.987-1.686-9.727-16.1-22.094-20.088-3.034-.987-6.233-1.48-9.505-1.48-5.92 0-10.723 1.62-13.28 2.697 4.276 1.924 9.448 5.164 12.729 10.336 1.784 2.82 2.072 6.257 2.351 9.58.346 4.135.675 8.025 3.577 10.434l1.094.904-10.147 3.33z'/><path d='M96.41 59.281c-.004-.016-2.096-9.158-7.894-13.773-8.182-6.507-18.17-3.045-18.267-3.015l-1.447-4.481c.485-.156 11.906-3.754 22.423 3.642 10.582 7.439 11.857 14.181 11.964 14.926l-6.776 2.701z'/><path d='m95.842 60.35-.204-.9c-.021-.087-2.072-8.916-7.62-13.326-3.16-2.516-6.972-3.79-11.322-3.79-3.396 0-5.92.814-6.195.904l-.75.255-1.94-5.978.747-.238c.338-.107 3.364-1.053 7.656-1.053 5.657 0 11.002 1.661 15.466 4.802 10.854 7.63 12.178 14.678 12.293 15.459l.099.616-8.206 3.273zM76.696 40.762c4.648 0 8.905 1.43 12.301 4.131 4.926 3.923 7.242 10.846 7.943 13.33l5.337-2.128c-.483-1.885-2.61-7.54-11.512-13.798-4.257-2.993-9.156-4.509-14.562-4.509-2.967 0-5.27.472-6.41.76l.962 2.977a23.3 23.3 0 0 1 5.941-.763m48.339 214.47c-2.32 0-4.686-.84-6.326-2.26-1.256-1.083-5.501-4.984-7.374-9.761-.699-1.787-.543-3.215.472-4.245.699-.704 2.15-1.547 5.094-1.547l2.095-.003c2.5-.003 6.701-.003 10.295-.003h3.445c2.245 0 3.848.485 4.769 1.43 1.184 1.218.806 2.772.477 3.586-.576 1.43-2.96 6.085-7.006 10.402-1.447 1.554-3.552 2.409-5.928 2.409zm2.43-121.628-8.371-.539s2.14 3.773 3.526 8.652c1.565 5.517-1.431 13.584-1.431 13.584s11.162-12.638 6.276-21.7zm-10.452 143.73c-29.797-2.29-40.28-30.446-40.28-36.31l7.781.003h-3.89 3.89c.04 2.54 7.958 26.625 33.096 28.557l-.596 7.762z'/></g><path fill='#fafafa' d='M108.644 226.897c-.465-2.691-.513-5.243.055-7.751-2.265-1.702-6.328-2.335-9.377-3.33-2.5-1.579-15.253 1.611-24.512-9.588-11.602-14.028-9.16-22.406-9.16-22.406-2.976 3.305-5.854 2.039-10.393 17.448s2.13 26.148 14.562 36.928c5.87 5.09 14.176 7.186 21.313 7.992-2.393-2.401 4.087-2.648 8.551-4.317-.361-3.61.239-7.104 2.928-9.925 1.62-1.702 3.708-2.713 5.87-3.527.124-.28.223-.535.338-.806a7 7 0 0 1-.19-.756z'/><path fill='#bdbdbd' d='M99.632 241.805c-.257-.757-.452-1.53-.643-2.305-.206-.847-1.234-3.25.033-.507a10.2 10.2 0 0 1-.696-2.155c-20.129-.026-37.643-13.846-34.255-42.905-2.632-3.499-6.324 7.055-6.324 7.055S47.675 230.25 73.7 241.59c8.675 3.782 16.339 6.494 18.148 5.4 3.765.765 7.17-1.86 8.444-3.588-.238-.53-.452-1.06-.641-1.599z'/><path fill='#4e342e' d='M108.283 222.68c.03-2.454.532-4.83 1.718-7.196.082-.164.179-.32.267-.478-7.745-.066-16.667-.809-24.264-3.848-8.346-3.341-18.79-14.768-20.59-28.194 0 0-15.721 12.135-11.1 38.108 4.333 24.39 24.741 32.342 48.02 33.687.016-.158-2.615-5.592-1.785-8.918-13.213.962-27.998-4.144-35.127-15.886-6.528-10.738-4.695-29.083-2.014-31.772 6.553 20.664 30.111 24.865 44.887 24.504z'/><path fill='#4e342e' d='M110.717 207.887c-4.189 12.292-12.745 22.24-12.745 22.24s11.77-.543 12.419-2.624c.481-1.537 10.627-25.284 14.521-53.11-3.663 6.02-13.837 32.43-14.195 33.483z'/><g fill='#e78724'><path d='M177.394 179.552s13.34 20.404 23.132 34.884c1.515 2.24-9.791 2.395-9.791 2.395zm-6.356-42.303s4.024 10.035 6.224 15.355c2.393 5.783 11.512 8.66 11.512 8.66s-4.728-4.958-4.728-17.519c0-5.262-6.802-7.359-6.802-7.359l-6.2.872z'/><path d='M175.1 142.92s8.241 9.81 23.547 4.317 16.875-25.117 16.875-30.611-29.04 5.494-32.965 7.849-11.38 11.772-7.457 18.445m57.804-104.83s-14.126-2.75-23.546 4.707c-9.423 7.456-12.17 13.344-12.17 13.344l15.87 12.582s7.672-3.556 10.024-13.76c2.351-10.203.78-14.911 9.81-16.873z'/><path d='M179.227 114.585c6.083-8.634 16.103-12.4 24.109-13.025 13.647-1.066 20.122 3.758 20.122 3.758s-22.349.946-28.791 9.407c-11.993 15.746-29.481 17.025-32.279 13.567 3.232.161 6.792-1.442 10.6-5.043 2.375-2.253 4.308-5.924 6.232-8.664zm37.727 30.528s24.795-8.525 20.086-17.157c-4.709-8.642-.964-13.345-.964-13.345s13.85 10.336 10.318 21.321c-2.169 6.743-5.806 11.627-25.782 20.984-9.587 17.794-1.981 49.83-2.433 49.977-.765.247-13.453-6.273-12.59-36.245.264-9.2.996-21.765 11.356-25.556zm-32.492-91.666a5329 5329 0 0 1 24.64 12.638l-5.6 2.804c.535.868.798 1.385.798 1.385l-5.747 2.616S184.509 83.066 175.9 89.607c2.87-8.835 11.29-22.717 11.29-22.717s2.392-6.378-2.714-13.444zm-34.54 215.317c31.953 0 42.778-16.223 42.778-16.223l-4.991 12.161c-1.888 5.263-22.028 21.634-37.739 21.634'/><path d='M189.201 241.575s-2.943 17.97-14.713 17.97c-10.003 0-12.95-15.179-12.95-18.316zm19.592-27.1c-1.046-2.88-4.708-14.522-5.887-25.116-1.411-12.69-.894-31.249-.894-31.249s3.141 12.166 5.884 14.132c2.75 1.96 7.85 15.302 7.85 15.302s2.733 19.862 4.033 26.538c-3.599.722-6.627-1.4-10.985.393zm28.434-78.732s-6.673-2.356-8.634-16.874c-1.962-14.521 2.355-27.079 2.355-27.079s-.394 20.014 1.957 23.94c2.352 3.924 4.317 5.1 7.063 10.204 2.747 5.102-1.184 8.239-2.746 9.81z'/></g><path fill='#ffcc80' d='m229.254 41.524 1.365-.864c4.015.137-1.365.864-1.365.864'/><path fill='#f9a825' d='M179.03 49.146s6.28-1.046 9.418-5.754c3.141-4.71 12.038-14.13 26.216-14.235 14.178-.107 28.204 3.768 28.204 3.768l-12.244 7.73c-1.296-.042-3.56-.025-7.308.098-15.364.51-17.73 15.705-17.73 15.705l-54.154-7.457'/><path fill='#fafafa' d='M173.8 133.094s7.327 7.326 18.575 4.97c11.252-2.354 18.055-7.325 18.578-15.96.522-8.634-2.354-12.034-2.354-12.034s-12.56 3.93-18.577 9.16-10.464 13.608-16.222 13.871z'/><path fill='#bdbdbd' d='M182.664 130.48s6.356 2.902 13.456.537c9.3-3.1 9.918-12.77 9.918-12.77s5.7 16.737-10.29 19.959c-12.822 2.583-20.408-4.848-20.408-4.848z'/><g fill='#4e342e'><path d='M224.197 67.459c5.182-4.3 1.322-8.29 1.731-13.175.22-2.599.425-5.052 1.283-6.406 4.77-7.53 16.02-9.815 16.135-9.839l5.28-1.034-3.495-4.09c-.453-.53-14.81-14.225-37.027-7.055-15.54 5.013-27.044 22.007-27.471 22.695l7.786 3.663c.09-.145 9.185-16.119 22.522-20.417 10.772-3.478 20.705-.17 24.956 1.998-4.523 1.806-10.435 5.094-14.003 10.72-1.686 2.655-1.966 6.002-2.237 9.24-.362 4.288-.707 8.336-3.865 10.957l8.38 2.743zm13.838 62.765s-6.526-8.097-8.46-23.852c-.76-6.206.587-18.446 2.746-23.155-.393 11.578 2.553 23.155 2.553 23.155s1.985 21.497 3.161 23.852'/><path d='M203.607 59.281c.004-.016 2.097-9.158 7.896-13.773 8.18-6.507 18.17-3.045 18.263-3.015l1.455-4.481c-.485-.156-11.901-3.754-22.426 3.642-10.59 7.439-11.857 14.181-11.972 14.926l6.775 2.701zm13.924 65.136s3.425-4.904 2.806-10.297c-.304-2.664-1.538-5.397-3.741-6.367-4.095-1.793-5.91 2.845-5.91 2.845s5.763 1.422 6.845 13.822z'/><path d='M179.918 131.893c-.142.268-.216.417-.216.417s10.68 8.019 21.63-.118c5.866-4.358 5.313-15.138 3.512-19.71-4.666 1.061-8.626 2.969-11.94 5.197 4.186-3.733 7.848-6.48 7.835-6.545l4.759-1.349 9.234-3.165c.115.707 3.486 16.51-6.25 27.274-4.316 4.777-24.536 15.467-34.132-2.812l5.55.83z'/><path d='M180.913 133.07c-6.016 9.155-21.19 3.923-20.927-5.757 0 0 10.139 5.598 19.098-4.708 5.231-6.01 21.997-22.604 44.729-17.086-15.697 3.453-36.482 17.793-42.9 27.562z'/><path d='M225.94 158.905c-1.447.836-6.554 6.121-6.554 14.027-.003 3.964.393 23.879 2.357 36.044-2.952 1.918-5.008 2.325-7.946 4.28-1.472-14.09-2.53-34.512-2.035-42.756.562-9.398 5.592-15.705 10.257-18.394 1.461-.84 2.99-1.667 4.531-2.498 7.992-4.318 16.256-8.786 16.256-16.414 0-5.967-2.322-7.833-4.777-9.812l-.263-.214c-1.628-1.317-3.477-2.81-4.566-5.262-2.985-6.704-3.479-23.78-.009-28.116 1.727-2.162 6.365-9.43 5.033-14.307-.51-1.866-1.686-3.248-3.594-4.226-2.022-1.036-4.752-1.563-8.115-1.563-6.603 0-13.93 2.007-17.704 3.207-13.501 4.276-29.79 16.61-34.469 20.294-.131.098-.214.164-.23.172l-2.993 2.08 1.866-3.132c.116-.198 11.948-19.66 33.113-26.798 4.12-1.39 12.202-3.716 20.153-3.716 4.728 0 8.741.822 11.923 2.45 3.873 1.982 6.496 5.147 7.59 9.144 2.672 9.8-6.027 20.712-6.332 21.066-1.02 1.809-1.447 14.965.897 20.236.32.723 1.208 1.439 2.327 2.343q.53.42 1.159.888c3.305 2.492 8.305 6.266 8.305 14.957 0 11.89-12.055 18.345-21.74 23.525-1.588.855-3.109 1.66-4.474 2.45z'/><path d='M211.559 66.06c-1.918-3.249-6.822-9.52-18.125-15.032-12.613-6.147-27.212-9.267-43.396-9.275v-.003h-.058v.008c-16.182.008-30.785 3.133-43.399 9.275-11.297 5.518-16.198 11.783-18.122 15.031l-.822 1.094 9.677 2.153.31-.386.163-.357c.148-.642 1.447-4.095 12.238-9.357 11.536-5.626 24.989-8.478 39.987-8.486 14.998.006 28.45 2.859 39.986 8.486 10.788 5.262 12.095 8.715 12.243 9.355l.157.356.304.387 9.678-2.155-.822-1.088z'/><path d='M224.197 67.459c5.182-4.3 1.322-8.29 1.731-13.175.22-2.599.425-5.052 1.283-6.406 4.77-7.53 16.02-9.815 16.135-9.839l5.28-1.034-3.495-4.09c-.453-.53-14.81-14.225-37.027-7.055-15.54 5.013-27.044 22.007-27.471 22.695l7.786 3.663c.09-.145 9.185-16.119 22.522-20.417 10.772-3.478 20.705-.17 24.956 1.998-4.523 1.806-10.435 5.094-14.003 10.72-1.686 2.655-1.966 6.002-2.237 9.24-.362 4.288-.707 8.336-3.865 10.957l8.38 2.743z'/><path d='m214.223 65.017 1.09-.908c2.903-2.408 3.228-6.296 3.578-10.43.282-3.33.572-6.767 2.354-9.587 3.274-5.172 8.458-8.404 12.728-10.336-2.557-1.086-7.36-2.697-13.284-2.697-3.273 0-6.465.493-9.502 1.472-12.367 3.988-21.104 18.394-22.094 20.087l-.37.584-9.218-4.333.469-.748c.11-.173 11.676-17.794 27.895-23.024 4.342-1.406 8.7-2.113 12.959-2.113 15.615 0 24.832 9.308 24.906 9.399l4.375 5.114-6.595 1.291c-.107.017-11.084 2.319-15.623 9.489-.748 1.192-.946 3.552-1.16 6.052-.123 1.488.19 2.935.494 4.341.658 3.034 1.34 6.184-2.5 9.366l-.329.271-10.146-3.33z'/><path d='M203.607 59.281c.004-.016 2.097-9.158 7.896-13.773 8.18-6.507 18.17-3.045 18.263-3.015l1.455-4.481c-.485-.156-11.901-3.754-22.426 3.642-10.59 7.439-11.857 14.181-11.972 14.926l6.775 2.701z'/><path d='m195.968 57.08.09-.615c.116-.778 1.442-7.828 12.29-15.454 4.465-3.136 9.818-4.795 15.467-4.795 4.292 0 7.318.946 7.655 1.053l.749.246-1.94 5.978-.75-.247c-.279-.09-2.803-.904-6.19-.904-4.35 0-8.158 1.283-11.315 3.799-5.542 4.415-7.598 13.238-7.614 13.329l-.198.904-8.206-3.273zm33.294-15.557.966-2.975c-1.14-.29-3.447-.76-6.414-.76-5.405 0-10.305 1.518-14.562 4.51-8.903 6.257-11.03 11.912-11.513 13.797l5.342 2.127c.699-2.483 3.013-9.408 7.94-13.329 3.404-2.702 7.655-4.13 12.3-4.13 2.673 0 4.827.46 5.946.76zm-60.209 211.304c-4.043-4.323-6.435-8.975-7.013-10.404-.33-.814-.708-2.365.479-3.585.924-.943 2.526-1.427 4.766-1.427h3.453c3.594 0 7.795 0 10.295.008l2.097.008c2.943 0 4.399.847 5.09 1.546 1.02 1.028 1.175 2.459.476 4.251-1.874 4.777-6.117 8.683-7.375 9.76-1.645 1.423-4.005 2.262-6.323 2.262-2.377 0-4.482-.856-5.929-2.401zm3.5-119.227 8.367-.539s-2.138 3.773-3.523 8.652c-1.57 5.517 1.43 13.584 1.43 13.584s-11.166-12.639-6.281-21.7z'/></g><path fill='#e78724' d='M150.004 103.715c-5.336 0-12.293-.146-17.512-3.898 0 0 6.834 11.982 17.503 11.982l.008-1.516.01 1.516c10.67 0 17.504-11.98 17.504-11.98-5.22 3.75-12.182 3.897-17.513 3.897z'/><path fill='#4e342e' d='M164.698 103.657c-5.353 3.24-10.132 4.362-14.691 4.462-4.56-.1-9.339-1.222-14.692-4.461 0 0 7.795 9.513 14.653 9.587v.009h.038c.012 0 .024.008.038.008 6.858-.074 14.661-9.58 14.661-9.58zm18.3 173.686-.598-7.758c25.137-1.932 33.055-26.019 33.096-28.554h7.787c.008 5.863-10.484 34.022-40.274 36.311z'/><path fill='#fafafa' d='M191.372 226.897c.467-2.691.512-5.243-.055-7.751 2.268-1.702 6.328-2.335 9.377-3.33 2.493-1.579 15.255 1.611 24.512-9.588 11.596-14.028 9.151-22.406 9.151-22.406 2.977 3.305 5.856 2.039 10.392 17.448 4.539 15.41-2.134 26.148-14.564 36.928-5.87 5.09-14.174 7.186-21.314 7.992 2.392-2.401-4.079-2.648-8.544-4.317.362-3.61-.238-7.104-2.927-9.925-1.612-1.702-3.7-2.713-5.863-3.527-.123-.28-.222-.535-.337-.806.074-.247.14-.493.19-.756z'/><path fill='#bdbdbd' d='M200.376 241.805c.261-.757.452-1.53.644-2.305.21-.847 1.238-3.25-.03-.507a10.2 10.2 0 0 0 .695-2.155c20.13-.026 37.643-13.846 34.257-42.905 2.635-3.499 6.328 7.055 6.328 7.055s10.078 29.262-15.95 40.603c-8.672 3.782-16.335 6.494-18.144 5.4-3.77.765-7.17-1.86-8.442-3.588.238-.53.46-1.06.65-1.599z'/><g fill='#4e342e'><path d='M191.734 222.68c-.028-2.454-.532-4.83-1.715-7.196-.083-.164-.18-.32-.268-.478 7.746-.066 16.668-.809 24.265-3.848 8.35-3.341 18.795-14.768 20.59-28.194 0 0 15.726 12.135 11.105 38.108-4.341 24.39-24.747 32.342-48.023 33.687-.013-.158 2.619-5.592 1.787-8.918 13.213.962 27.998-4.144 35.135-15.886 6.529-10.738 4.695-29.083 2.014-31.772-6.545 20.664-30.11 24.865-44.887 24.504z'/><path d='M201.132 228.797c-2.78-3.006-7.893-6.59-19.682-6.59l-31.394-.019h-.074c-9.045.007-31.402.02-31.402.02-11.783 0-16.898 3.584-19.677 6.589-4.054 4.374-4.687 10.461-1.883 18.069 7.45 20.249 17.925 40.821 52.97 40.85v.003h.041c.017 0 .025.008.041.008 35.045-.024 45.52-20.597 52.97-40.85 2.804-7.606 2.171-13.69-1.883-18.065zm-5.456 16.649c-3.55 10.168-13.09 34.78-45.669 34.823-32.58-.043-42.117-24.654-45.668-34.823-1.963-5.64-1.814-9.816.46-12.41 1.555-1.772 5.123-3.889 13.255-3.889l8.497-.002c6.268-.006 14.138-.013 23.459-.017 9.316.004 17.19.01 23.457.017l8.493.003c8.135 0 11.703 2.113 13.257 3.88 2.272 2.591 2.423 6.768.459 12.409z'/><path d='M189.292 207.887c4.188 12.292 12.743 22.24 12.743 22.24s-11.766-.543-12.416-2.624c-.477-1.537-10.624-25.284-14.513-53.11 3.667 6.02 13.839 32.43 14.2 33.483z'/></g></svg>",
   "gulp": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M17.5 12V7.75l3.4-2.55a1.5 1.5 0 0 0-1.8-2.4l-4.6 3.45V12H8v2h2l1.38 16h9.255L22 14h2v-2Z'/></svg>",
   "h": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M18.5 11a5.49 5.49 0 0 0-4.5 2.344V4H8v24h6V17a2 2 0 0 1 4 0v11h6V16.5a5.5 5.5 0 0 0-5.5-5.5'/></svg>",
   "hack": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='m14 9-8 8V9l8-8zm12 12L16 31v-8l10-10z'/><path fill='#ffa000' d='m6 20 8-8v8'/><path fill='#607d8b' d='m6 30 8-8H6'/><path fill='#eceff1' d='m16 20 10-10H16'/></svg>",
+  "hadolint": "<svg viewBox='0 0 1024 1024'><path fill='#1976d2' d='M128 704h768c35.456 0 64 28.544 64 64v128c0 35.456-28.544 64-64 64H128c-35.456 0-64-28.544-64-64V768c0-35.456 28.544-64 64-64'/><path fill='#e0e0e0' d='M160 768h704c17.728 0 32 14.272 32 32s-14.272 32-32 32H160c-17.728 0-32-14.272-32-32s14.272-32 32-32'/><path fill='#1a237e' d='M160 64c-53.02 0-96 42.98-96 96v320c0 160 128 352 288 352h320c160 0 288-256 288-512V128c0-35.346-28.654-64-64-64s-64 28.654-64 64 28.654 64 64 64v128h-64c-64-64-128-128-192-128v-32c0-53.02-42.98-96-96-96s-96 42.98-96 96v32H256v-32c0-53.02-42.98-96-96-96'/><path fill='#fafafa' d='M224 320c-53.02 0-96 42.98-96 96s42.98 96 96 96 96-42.98 96-96-42.98-96-96-96m256 0c-53.02 0-96 42.98-96 96s42.98 96 96 96 96-42.98 96-96-42.98-96-96-96'/><path d='M224 384a32 32 0 0 0-32 32 32 32 0 0 0 32 32 32 32 0 0 0 32-32 32 32 0 0 0-32-32m256 0a32 32 0 0 0-32 32 32 32 0 0 0 32 32 32 32 0 0 0 32-32 32 32 0 0 0-32-32'/><path fill='#ad1457' d='M320 512h64c17.728 0 32 14.272 32 32s-14.272 32-32 32h-64c-17.728 0-32-14.272-32-32s14.272-32 32-32'/><path fill='#757575' d='M352 592c-8.864 0-16 7.136-16 16v6.762l-61.281 35.383A15.964 15.964 0 0 0 268.86 672a15.966 15.966 0 0 0 21.858 5.855L352 642.475l61.281 35.38A15.966 15.966 0 0 0 435.14 672a15.964 15.964 0 0 0-5.858-21.855L368 614.762V608c0-8.864-7.136-16-16-16m-80.422-368.008c-2.578.07-5.18.768-7.578 2.153A15.964 15.964 0 0 0 258.145 248l32 55.426A15.964 15.964 0 0 0 312 309.28a15.964 15.964 0 0 0 5.855-21.855l-32-55.426a15.96 15.96 0 0 0-14.277-8.008zm160.844 0A15.96 15.96 0 0 0 418.145 232l-32 55.426A15.964 15.964 0 0 0 392 309.28a15.964 15.964 0 0 0 21.855-5.855l32-55.426A15.964 15.964 0 0 0 440 226.145a16 16 0 0 0-7.578-2.153M160 128c-17.728 0-32 14.272-32 32v64c0 17.728 14.272 32 32 32s32-14.272 32-32v-64c0-17.728-14.272-32-32-32m384 0c-17.728 0-32 14.272-32 32v64c0 17.728 14.272 32 32 32s32-14.272 32-32v-64c0-17.728-14.272-32-32-32'/></svg>",
   "haml": "<svg viewBox='0 0 300 300'><path fill='#f4511e' d='M75.766 33.97c-12.149-.304-27.153 6.049-27.153 6.049l49.613 100.64-26.308 112.47c24.012 20.305 50.496 10.593 50.496 10.593l12.187-87.03c1.54 1.458 3.172 2.794 4.818 4.028 5.289 3.746 11.018 6.609 16.746 8.813 5.73 2.203 11.68 3.966 17.63 5.288 3.967.882 7.711 1.543 11.677 1.984-1.763 3.966-2.864 8.152-2.643 12.78 0 .44.22.88.661 1.1h.22c4.186 2.204 8.593 3.97 13.44 5.071 4.628.881 9.697 1.323 14.545.662 5.068-.661 10.136-2.645 14.103-5.95s6.831-7.714 8.594-12.34l.22-.221v-.219l.663-5.949v-.222c2.203-1.322 4.406-2.644 6.61-4.406 2.644-2.204 5.068-4.629 6.83-7.714 1.764-3.085 2.865-6.831 2.644-10.577-.22-3.525-1.544-7.049-3.086-10.134-1.543-3.085-3.525-5.951-5.728-8.596-4.408-5.068-9.696-9.253-15.425-12.559-5.51-3.525-11.68-6.392-17.85-8.375l-2.424-.662-1.98-.66c-1.322-.44-2.426-1.101-3.527-1.542-2.204-1.322-3.748-2.645-4.85-4.408-2.203-3.305-2.423-8.371-1.321-13.66.22-1.322.662-2.645 1.103-3.967s.88-2.645 1.321-4.188a27 27 0 0 0 .603-4.44l29.451-25.77c-2.295-8.474-27.722-17.303-27.722-17.303l-75.57 64.269-43.61-82.277c-1.566-.353-3.245-.532-4.98-.575zm108.6 73.763c-.452 2.355-.652 4.836-.652 7.32.22 3.746 1.323 7.936 3.746 11.462s5.728 6.169 9.034 7.711a30 30 0 0 0 5.07 1.984l2.645.66 2.202.44c5.73 1.543 11.237 3.746 16.305 6.611s9.916 6.39 13.883 10.357 7.052 9.035 7.493 14.103c.22 3.526-.222 6.17-1.324 8.373-1.101 2.424-2.864 4.627-4.847 6.61-.881.882-1.983 1.762-2.864 2.423q0-2.974-.66-5.948c-.22-1.102-.442-1.983-.882-3.085-.44-.881-.88-1.982-1.982-2.643-.22 0-.443-.001-.443.219-1.322 3.305-3.525 6.171-5.948 8.154s-5.51 2.864-8.594 3.085c-3.085.22-6.392-.44-9.697-1.322-3.306-.881-6.609-1.985-9.914-3.086l-.443-.221c-.661-.22-1.539.002-1.98.443-1.762 2.204-3.086 4.184-4.628 6.388a59 59 0 0 0-2.864 5.07c-3.967-1.543-7.715-2.866-11.68-4.408-5.51-2.204-11.02-4.406-16.087-7.05-5.289-2.424-10.354-5.29-14.761-8.596-3.178-2.383-6.114-4.886-8.255-7.747l2.424-17.318z'/></svg>",
   "handlebars": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M12.023 12a4 4 0 0 0-3.94 3.182 1 1 0 0 1-.972.818H5.229C4.446 16 4 15.552 4 15v-1H3a1 1 0 0 0-1 1v1c0 3.866 3.134 6 7 6 3.425 0 6.275-1.675 6.881-4.745.545-2.764-1.041-5.24-3.858-5.255'/><path fill='#ff7043' d='M29 14h-1v1c0 .552-.446 1-1.229 1H24.89a1 1 0 0 1-.973-.818A4 4 0 0 0 19.977 12c-2.817.016-4.403 2.491-3.858 5.255C16.725 20.325 19.575 22 23 22c3.866 0 7-2.134 7-6v-1a1 1 0 0 0-1-1'/></svg>",
-  "hardhat": "<svg viewBox='0 0 24 24'><path fill='#FFD600' d='M9.87 12.15 9 6.46a9.9 9.9 0 0 1 6 0l-.87 5.69c-.07.49-.5.85-1 .85h-2.27a1 1 0 0 1-.99-.85M22 16c0-.79-.47-1.5-1.2-1.83A9.08 9.08 0 0 0 17 8.5l-1.76 4.84c-.14.4-.52.66-.94.66H9.7c-.42 0-.8-.26-.94-.66L7 8.5a9.1 9.1 0 0 0-3.8 5.66C2.47 14.5 2 15.2 2 16l6.45 1.84c.36.1.73.16 1.1.16h4.88c.37 0 .74-.06 1.1-.16z'/></svg>",
+  "hardhat": "<svg viewBox='0 0 24 24'><path fill='#ffd600' d='M9.87 12.15 9 6.46a9.9 9.9 0 0 1 6 0l-.87 5.69c-.07.49-.5.85-1 .85h-2.27a1 1 0 0 1-.99-.85M22 16c0-.79-.47-1.5-1.2-1.83A9.08 9.08 0 0 0 17 8.5l-1.76 4.84c-.14.4-.52.66-.94.66H9.7c-.42 0-.8-.26-.94-.66L7 8.5a9.1 9.1 0 0 0-3.8 5.66C2.47 14.5 2 15.2 2 16l6.45 1.84c.36.1.73.16 1.1.16h4.88c.37 0 .74-.06 1.1-.16z'/></svg>",
   "harmonix": "<svg viewBox='0 0 32 32'><path fill='#536dfe' d='M27 13 16 2 5 13l8 8-6 6 3 3 6-6 6 6 3-3-6-6zm-17 0 6-6 6 6-6 6z'/></svg>",
   "haskell": "<svg viewBox='0 0 300 300'><g stroke-width='2.422'><path fill='#ef5350' d='m23.928 240.5 59.94-89.852-59.94-89.855h44.955l59.94 89.855-59.94 89.852z'/><path fill='#ffa726' d='m83.869 240.5 59.94-89.852-59.94-89.855h44.955l119.88 179.71h-44.95l-37.46-56.156-37.468 56.156z'/><path fill='#ffee58' d='m228.72 188.08-19.98-29.953h69.93v29.956h-49.95zm-29.97-44.924-19.98-29.953h99.901v29.953z'/></g></svg>",
-  "haxe": "<svg viewBox='0 0 210 210'><path fill='#FB8C00' d='m41.559 104.988 63.43-63.43 63.432 63.43-63.431 63.431z'/><path fill='#FFB300' d='M41.578 105.037 29.973 61.726 18.368 18.415l43.31 11.605 43.312 11.605-31.706 31.706z'/><path fill='#FFCA28' d='M104.735 41.555 61.545 30.01 18.367 18.413l22.927.185 23.228.294 20.263 11.36z'/><path fill='#FFEA00' d='m18.368 18.417 11.597 43.177 11.544 43.19-11.303-19.948-11.36-20.263-.294-23.229z'/><path fill='#EF6C00' d='m104.999 41.579 43.31-11.605 43.312-11.605-11.605 43.311-11.605 43.311-31.706-31.706z'/><path fill='#E64A19' d='m168.49 104.735 11.545-43.19 11.598-43.177-.185 22.927-.294 23.228-11.36 20.264z'/><path fill='#FFCA28' d='m191.628 18.365-43.176 11.597-43.19 11.544 19.948-11.303 20.263-11.36 23.228-.293z'/><path fill='#EF6C00' d='m168.419 104.987 11.605 43.311 11.605 43.311-43.311-11.605-43.311-11.605 31.706-31.706z'/><path fill='#FB8C00' d='m105.261 168.47 43.19 11.544 43.177 11.597-22.927-.185-23.229-.294-20.263-11.36z'/><path fill='#E64A19' d='m191.631 191.617-11.597-43.177-11.545-43.19 11.304 19.948 11.36 20.263.293 23.229z'/><path fill='#FFA000' d='m104.99 168.422-43.31 11.605-43.311 11.605 11.605-43.311 11.605-43.311 31.706 31.706z'/><path fill='#FFEA00' d='m41.51 105.27-11.545 43.19-11.597 43.176.185-22.927.294-23.228 11.36-20.264z'/><path fill='#EF6C00' d='m18.368 191.63 43.176-11.598 43.19-11.544-19.947 11.303-20.264 11.36-23.228.293z'/></svg>",
+  "haxe": "<svg viewBox='0 0 210 210'><path fill='#fb8c00' d='m41.559 104.988 63.43-63.43 63.432 63.43-63.431 63.431z'/><path fill='#ffb300' d='M41.578 105.037 29.973 61.726 18.368 18.415l43.31 11.605 43.312 11.605-31.706 31.706z'/><path fill='#ffca28' d='M104.735 41.555 61.545 30.01 18.367 18.413l22.927.185 23.228.294 20.263 11.36z'/><path fill='#ffea00' d='m18.368 18.417 11.597 43.177 11.544 43.19-11.303-19.948-11.36-20.263-.294-23.229z'/><path fill='#ef6c00' d='m104.999 41.579 43.31-11.605 43.312-11.605-11.605 43.311-11.605 43.311-31.706-31.706z'/><path fill='#e64a19' d='m168.49 104.735 11.545-43.19 11.598-43.177-.185 22.927-.294 23.228-11.36 20.264z'/><path fill='#ffca28' d='m191.628 18.365-43.176 11.597-43.19 11.544 19.948-11.303 20.263-11.36 23.228-.293z'/><path fill='#ef6c00' d='m168.419 104.987 11.605 43.311 11.605 43.311-43.311-11.605-43.311-11.605 31.706-31.706z'/><path fill='#fb8c00' d='m105.261 168.47 43.19 11.544 43.177 11.597-22.927-.185-23.229-.294-20.263-11.36z'/><path fill='#e64a19' d='m191.631 191.617-11.597-43.177-11.545-43.19 11.304 19.948 11.36 20.263.293 23.229z'/><path fill='#ffa000' d='m104.99 168.422-43.31 11.605-43.311 11.605 11.605-43.311 11.605-43.311 31.706 31.706z'/><path fill='#ffea00' d='m41.51 105.27-11.545 43.19-11.597 43.176.185-22.927.294-23.228 11.36-20.264z'/><path fill='#ef6c00' d='m18.368 191.63 43.176-11.598 43.19-11.544-19.947 11.303-20.264 11.36-23.228.293z'/></svg>",
   "hcl": "<svg viewBox='0 0 32 32'><path fill='#eceff1' d='M18 1.2V14h-4v-4l-4 2v16.37l4 2.43V18h4v4l4-2V3.63z'/><path fill='#eceff1' d='M14 1.2 2 8.49v15.02l4 2.43v-15.2l8-4.86zm12 4.86v15.2l-8 4.86v4.68l12-7.29V8.49z'/></svg>",
   "hcl_light": "<svg viewBox='0 0 32 32'><path fill='#455a64' d='M18 1.2V14h-4v-4l-4 2v16.37l4 2.43V18h4v4l4-2V3.63z'/><path fill='#455a64' d='M14 1.2 2 8.49v15.02l4 2.43v-15.2l8-4.86zm12 4.86v15.2l-8 4.86v4.68l12-7.29V8.49z'/></svg>",
   "helm": "<svg data-name='Layer 1' viewBox='0 0 300 300'><path fill='#00acc1' d='M148.014 286.552c-1.986-1.376-4.331-5.94-5.67-11.019-1.19-4.517-1.64-16.429-.845-22.27.297-2.175.467-4.026.374-4.116-.088-.092-1.934-.38-4.102-.64-12.481-1.506-25.802-5.747-35.943-11.447-2.15-1.21-4.167-2.199-4.477-2.199-.312 0-1.407 1.62-2.436 3.6-4.777 9.198-13.122 18.332-19.465 21.305-2.315 1.086-5.402 1.35-6.829.585-2.152-1.152-2.79-5.72-1.503-10.777.879-3.463 4.416-10.749 7.283-15.005 1.267-1.88 3.768-5.068 5.562-7.086l3.254-3.667-1.697-1.623c-4.472-4.273-12.874-14.16-12.874-15.152 0-.354 11.463-8.317 12.298-8.543.424-.114 1.451.901 2.843 2.814 3.012 4.14 11.067 12.105 15.807 15.627 36.132 26.861 87.06 20.116 114.48-15.165 1.456-1.873 2.874-3.408 3.15-3.408.55 0 11.897 7.695 12.29 8.332.356.574-4.603 7-8.838 11.459-2.011 2.117-3.656 4.021-3.651 4.23 0 .211 1.582 2.045 3.508 4.078 6.121 6.453 12.145 16.528 13.818 23.109 1.284 5.056.646 9.625-1.504 10.777-.466.25-1.697.45-2.74.448-6.595-.015-17.532-10.605-24.022-23.26-1.253-2.44-2.46-4.437-2.687-4.437s-1.5.7-2.83 1.55c-9.43 6.044-23.51 11.257-35.69 13.213-2.59.418-4.922.924-5.182 1.124-.336.261-.294 1.482.15 4.22.791 4.893.486 16.505-.556 21.201-1.078 4.848-2.73 8.605-4.771 10.834-2.344 2.564-4.166 2.93-6.508 1.308zm-129.646-98.84c-.116-.308-.163-16.387-.099-35.734l.112-35.176h18.437l.116 12.949c.088 9.689.255 13.037.66 13.294.299.19 4.914.348 10.256.352 7.565.004 9.82-.123 10.199-.58.323-.392.525-4.815.602-13.301l.114-12.714h18.437v71.231H58.766l-.117-13.593c-.077-9.135-.275-13.785-.602-14.18-.379-.458-2.645-.587-10.256-.587s-9.876.13-10.256.587c-.326.395-.524 5.045-.603 14.18l-.116 13.593-9.12.119c-7.057.092-9.167-.007-9.33-.44zm74.624-.004c-.117-.306-.16-16.383-.097-35.73l.112-35.176h45.654l.121 7.798.119 7.798-13.508.116-13.51.117-.123 5.241c-.092 3.898.02 5.334.44 5.6.308.198 5.556.36 11.656.365l11.094.006-.119 7.805-.12 7.805-11.413.22-11.412.22v12.311l14.046.22 14.048.22v15.39l-23.39.111c-18.476.09-23.431 0-23.598-.44zm61.457 0c-.117-.306-.16-16.383-.097-35.73l.112-35.176h18.437l.22 27.7.22 27.702 13.388.22 13.39.22v15.39l-22.729.113c-17.95.088-22.776-.004-22.94-.44zm58.38-.005c-.114-.303-.158-16.378-.096-35.725l.114-35.176 9.658-.11c5.312-.057 9.876.042 10.142.22.65.442 10.399 26.997 12.551 34.186 2.236 7.48 2.062 7.036 2.57 6.53.238-.238 1.275-3.188 2.307-6.56 2.273-7.425 11.26-33.167 11.854-33.945.325-.427 2.69-.528 10.13-.44l9.707.119v71.231l-8.22.121-8.22.119-.29-1.165c-.607-2.417.206-27.862 1.12-35.132 1.44-11.435 1.223-11.613-2.172-1.76-3.671 10.661-10.968 30.259-11.665 31.33-.598.923-.958.989-5.188.989-3.115 0-4.68-.172-4.975-.55-.543-.695-9.505-25.085-11.954-32.531-1.728-5.255-2.666-7.145-2.636-5.307.007.44.411 4.06.897 8.05.908 7.476 1.713 32.53 1.12 34.9l-.29 1.154h-8.127c-6.098 0-8.178-.137-8.336-.55zm5.807-81.212c-1.728-2.933-6.079-8.407-9.761-12.281-11.855-12.477-26.13-20.363-43.656-24.118-5.02-1.075-6.351-1.176-15.585-1.196-10.872-.024-13.266.247-21.686 2.452-11.397 2.985-21.79 8.282-30.992 15.796-4.424 3.612-11.47 11.043-14.48 15.27-1.853 2.604-2.787 3.567-3.275 3.382-1.599-.607-12.312-7.811-12.308-8.273.016-1.042 7.233-10.091 12.13-15.211l5.063-5.294-3.349-3.632c-6.12-6.64-11.988-16.529-13.624-22.961-1.284-5.057-.646-9.625 1.506-10.78.464-.248 1.697-.45 2.74-.448 6.595.015 17.53 10.608 24.023 23.262 1.25 2.44 2.429 4.435 2.616 4.435.191 0 1.906-.89 3.814-1.979 9.805-5.595 25.545-10.584 36.26-11.487 1.849-.156 3.595-.427 3.878-.603.39-.241.33-1.42-.235-4.808-1.042-6.243-.717-18.472.624-23.552 2.126-8.051 5.54-12.56 9.014-11.907 3.243.609 6.387 5.898 8.025 13.498 1.066 4.958 1.092 18.903.044 23.472-.387 1.692-.576 3.214-.418 3.38.158.168 2.264.617 4.676.995 13.991 2.198 24.601 6.105 37.603 13.837.886.528 1.717.78 1.851.565s1.333-2.574 2.665-5.241c5.144-10.294 13.426-19.648 20.215-22.832 2.317-1.086 5.402-1.35 6.829-.584 2.154 1.154 2.792 5.72 1.506 10.777-.94 3.693-4.549 10.983-7.783 15.719-1.51 2.212-4.577 5.872-6.815 8.134l-4.068 4.112 4.002 4.256c4.047 4.302 11.194 13.426 12.503 15.961.593 1.145.613 1.466.123 1.917-1.005.926-11.8 7.264-12.371 7.264-.297 0-.884-.583-1.304-1.297'/></svg>",
-  "heroku": "<svg viewBox='0 0 32 32'><path fill='#7E57C2' d='M28 2H6a2 2 0 0 0-2 2v24a2 2 0 0 0 2 2h22a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2M10 26v-6l4 3Zm14 0h-4v-6.45a2.55 2.55 0 0 0-.95-1.987 2.75 2.75 0 0 0-2.278-.478L10 18.44V6h4v7.56l2.16-.43A6.558 6.558 0 0 1 24 19.55Zm0-16h-4V6h4Z'/></svg>",
+  "heroku": "<svg viewBox='0 0 32 32'><path fill='#7e57c2' d='M28 2H6a2 2 0 0 0-2 2v24a2 2 0 0 0 2 2h22a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2M10 26v-6l4 3Zm14 0h-4v-6.45a2.55 2.55 0 0 0-.95-1.987 2.75 2.75 0 0 0-2.278-.478L10 18.44V6h4v7.56l2.16-.43A6.558 6.558 0 0 1 24 19.55Zm0-16h-4V6h4Z'/></svg>",
   "hex": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M4 8v16a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2V8a2 2 0 0 0-2-2H6a2 2 0 0 0-2 2m4 14V10h4v12Zm11.999-6L18 18.001 21 21l-3 3.001L19.999 26l3.003-3 3 2.999L28 24l-3-2.999 3-3L26.001 16l-3 3z'/></svg>",
   "histoire": "<svg clip-rule='evenodd' viewBox='0 0 16 16'><path fill='#1de9b6' d='M8.814 1.004a.19.19 0 0 0-.162.09l-5.61 7.529A.247.247 0 0 0 3.25 9H7v5.817c-.001.204.266.25.373.076l5.592-7.567c.087-.14.025-.326-.14-.326H9V1.194a.19.19 0 0 0-.185-.19z'/></svg>",
   "hjson": "<svg viewBox='0 0 24 24'><path fill='#78909c' d='M11.652 3.92a1.1 1.1 0 0 0-.626-.014 1.11 1.11 0 0 0-.786 1.359 1.11 1.11 0 0 0 1.362.788 1.11 1.11 0 0 0 .786-1.363 1.11 1.11 0 0 0-.736-.771zm-3.6-.229a1 1 0 0 0-.246-.027h-.002a418 418 0 0 1-3.02-.096.84.84 0 0 0-.38.089.69.69 0 0 0-.339.506v.001a.68.68 0 0 0 .168.553.9.9 0 0 0 .41.235l.002.001c1.275.388 2.552.766 3.923 1.179l.496.15-.133-.5c-.16-.6-.314-1.098-.423-1.592a.67.67 0 0 0-.292-.434.6.6 0 0 0-.164-.065m2.613 3.73a.56.56 0 0 0-.274.003l-.362.097a.554.554 0 0 0-.392.678l1.105 4.123a.55.55 0 0 0 .677.39l.364-.098a.55.55 0 0 0 .392-.676L11.07 7.816a.55.55 0 0 0-.404-.396z'/><path fill='#8bc34a' d='m21.578 9.77-2.203.59.59 2.203-5.508 1.476a2.28 2.28 0 0 0-1.612 2.793 2.28 2.28 0 0 0-2.79-1.61l-5.508 1.475-.59-2.205-2.203.59.59 2.205A2.28 2.28 0 0 0 5.138 18.9l4.406-1.18a2.28 2.28 0 0 1 2.792 1.61l.295 1.102 2.203-.59-.295-1.103a2.28 2.28 0 0 1 1.613-2.79l4.405-1.18a2.28 2.28 0 0 0 1.612-2.794v-.002z'/></svg>",
@@ -699,7 +737,7 @@
   "hosts": "<svg viewBox='0 0 16 16'><path fill='#cfd8dc' d='m14 6-3-3v2H7v2h4v2M5 7l-3 3 3 3v-2h4V9H5z'/></svg>",
   "hosts_light": "<svg viewBox='0 0 16 16'><path fill='#455a64' d='m14 6-3-3v2H7v2h4v2M5 7l-3 3 3 3v-2h4V9H5z'/></svg>",
   "hpp": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28 6V2h-2v4h-6V2h-2v4h-4v2h4v4h2V8h6v4h2V8h4V6zm-15.5 5A5.49 5.49 0 0 0 8 13.344V4H2v24h6V17a2 2 0 0 1 4 0v11h6V16.5a5.5 5.5 0 0 0-5.5-5.5'/></svg>",
-  "html": "<svg viewBox='0 0 32 32'><path fill='#E65100' d='m4 4 2 22 10 2 10-2 2-22Zm19.72 7H11.28l.29 3h11.86l-.802 9.335L15.99 25l-6.635-1.646L8.93 19h3.02l.19 2 3.86.77 3.84-.77.29-4H8.84L8 8h16Z'/></svg>",
+  "html": "<svg viewBox='0 0 32 32'><path fill='#e65100' d='m4 4 2 22 10 2 10-2 2-22Zm19.72 7H11.28l.29 3h11.86l-.802 9.335L15.99 25l-6.635-1.646L8.93 19h3.02l.19 2 3.86.77 3.84-.77.29-4H8.84L8 8h16Z'/></svg>",
   "http": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M16 2a14 14 0 1 0 14 14A14 14 0 0 0 16 2m11.3 10h-5.64a22.5 22.5 0 0 0-2.705-7.616A12.03 12.03 0 0 1 27.3 12M20 16c0 .693-.037 1.357-.094 2h-7.811A22 22 0 0 1 12 16c0-.693.037-1.357.094-2h7.811c.058.643.095 1.307.095 2m-4 12c-.115 0-.226-.014-.34-.017A20.4 20.4 0 0 1 12.368 20h7.264a20.4 20.4 0 0 1-3.292 7.983c-.114.003-.225.017-.34.017m-3.632-16a20.4 20.4 0 0 1 3.292-7.983c.114-.003.225-.017.34-.017s.226.014.34.017A20.4 20.4 0 0 1 19.632 12Zm.683-7.618A22.4 22.4 0 0 0 10.339 12H4.7a12.03 12.03 0 0 1 8.35-7.618ZM4.18 14h5.91c-.052.647-.091 1.307-.091 2s.039 1.353.091 2H4.18a11.2 11.2 0 0 1 0-4m.52 6h5.638a22.4 22.4 0 0 0 2.712 7.618A12.03 12.03 0 0 1 4.7 20m14.255 7.616A22.5 22.5 0 0 0 21.661 20H27.3a12.03 12.03 0 0 1-8.344 7.616ZM27.819 18h-5.91c.052-.647.091-1.307.091-2s-.039-1.353-.091-2h5.91a11.2 11.2 0 0 1 0 4'/></svg>",
   "huff": "<svg viewBox='0 0 32 32'><rect width='16' height='2' x='8' y='28' fill='#cfd8dc' rx='.5'/><path fill='#cfd8dc' d='M12 23v1h-1a1 1 0 0 0-1 1v1h12v-1a1 1 0 0 0-1-1h-1v-1a1 1 0 0 0-1-1h-6a1 1 0 0 0-1 1m11.916-11.126L20 6V4h2a9.24 9.24 0 0 0-6.176-1.999 8.063 8.063 0 0 0-7.822 8.2 12.3 12.3 0 0 0 .63 3.696L10 18v1a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-.586a1 1 0 0 0-.293-.707L16 12h2l2.874 1.916a.5.5 0 0 0 .277.084H23.5a.5.5 0 0 0 .5-.5v-1.349a.5.5 0 0 0-.084-.277M20 10h-1a1 1 0 0 1-1-1V8h1a1 1 0 0 1 1 1Z'/></svg>",
   "huff_light": "<svg viewBox='0 0 32 32'><rect width='16' height='2' x='8' y='28' fill='#607d8b' rx='.5'/><path fill='#607d8b' d='M12 23v1h-1a1 1 0 0 0-1 1v1h12v-1a1 1 0 0 0-1-1h-1v-1a1 1 0 0 0-1-1h-6a1 1 0 0 0-1 1m11.916-11.126L20 6V4h2a9.24 9.24 0 0 0-6.176-1.999 8.063 8.063 0 0 0-7.822 8.2 12.3 12.3 0 0 0 .63 3.696L10 18v1a1 1 0 0 0 1 1h10a1 1 0 0 0 1-1v-.586a1 1 0 0 0-.293-.707L16 12h2l2.874 1.916a.5.5 0 0 0 .277.084H23.5a.5.5 0 0 0 .5-.5v-1.349a.5.5 0 0 0-.084-.277M20 10h-1a1 1 0 0 1-1-1V8h1a1 1 0 0 1 1 1Z'/></svg>",
@@ -711,14 +749,14 @@
   "image": "<svg viewBox='0 0 16 16'><path fill='#26a69a' d='M8.5 6h4l-4-4zM3.875 1H9.5l4 4v8.6c0 .773-.616 1.4-1.375 1.4h-8.25c-.76 0-1.375-.627-1.375-1.4V2.4c0-.777.612-1.4 1.375-1.4M4 13.6h8V8l-2.625 2.8L8 9.4zm1.25-7.7c-.76 0-1.375.627-1.375 1.4s.616 1.4 1.375 1.4c.76 0 1.375-.627 1.375-1.4S6.009 5.9 5.25 5.9'/></svg>",
   "imba": "<svg stroke-linejoin='round' stroke-miterlimit='1.414' clip-rule='evenodd' viewBox='0 0 201 201'><path fill='#ffc400' d='M161.96 61.952c-3.043 13.905-32.633 79.576-36.431 94.457-2.698 10.575 11.229 23.851 13.555 15.159 6.84-25.548 37.32-86.251 39.023-98.893 1.468-10.897-14.66-17.516-16.147-10.723m-37.128 48.192a4.97 4.97 0 0 1 5.726 6.91c.023.012.021.015.021.016a19.04 19.04 0 0 1-13.667 10.676c-3.4.645-7.236 1.182-11.504 1.588-15.316 1.453-31.743-17.007-20.624-16.49 16.552.77 29.747-.447 40.047-2.7zm16.256-17.347a13.36 13.36 0 0 1-9.677 8.152c-20.232 4.242-49.32 2.59-63.662-.888-13.94-3.38-23.102-23.665-14.05-20.64 21.019 7.024 60.118 9.347 82.248 6.838a4.808 4.808 0 0 1 5.133 6.523c.011.004.011.004.008.015m8.398-23.8a11.39 11.39 0 0 1-9.973 8.037c-40.633 2.924-92.83-6.466-107.91-22.019C20.273 43.326 21 20.85 27.442 27.992c24.417 27.072 84.437 34.865 117.12 34.521a5.022 5.022 0 0 1 4.92 6.481q.003.002.001.003z'/></svg>",
   "installation": "<svg viewBox='0 0 16 16'><path fill='#ff5722' d='M12 7h-2V2H6v5H4l4 4zm-9 5.5V14h10v-1.5z'/></svg>",
-  "ionic": "<svg viewBox='0 0 512 512'><g fill='#448AFF'><path d='M423.59 132.8a31.86 31.86 0 0 0 5.408-17.804c0-17.675-14.33-32-32-32a31.85 31.85 0 0 0-17.805 5.409c-34.486-25.394-77.085-40.409-123.2-40.409-114.88 0-208 93.125-208 208 0 114.88 93.125 208 208 208 114.87 0 208-93.123 208-208 0-46.111-15.016-88.71-40.408-123.2zm-31.762 259.03c-17.646 17.646-38.191 31.499-61.064 41.174-23.672 10.012-48.826 15.089-74.766 15.089s-51.095-5.077-74.767-15.089c-22.873-9.675-43.417-23.527-61.064-41.174s-31.5-38.191-41.174-61.064c-10.013-23.672-15.09-48.828-15.09-74.768s5.077-51.095 15.089-74.767c9.674-22.873 23.527-43.417 41.174-61.064s38.191-31.5 61.064-41.174c23.673-10.013 48.828-15.09 74.768-15.09s51.094 5.077 74.766 15.089a191.2 191.2 0 0 1 37.802 21.327 31.85 31.85 0 0 0-3.568 14.679c0 17.675 14.327 32 32 32 5.293 0 10.28-1.293 14.678-3.568a191 191 0 0 1 21.327 37.801c10.013 23.672 15.09 48.827 15.09 74.767s-5.077 51.096-15.09 74.768c-9.675 22.873-23.527 43.418-41.175 61.064'/><circle cx='256' cy='256' r='96'/></g></svg>",
+  "ionic": "<svg viewBox='0 0 512 512'><g fill='#448aff'><path d='M423.59 132.8a31.86 31.86 0 0 0 5.408-17.804c0-17.675-14.33-32-32-32a31.85 31.85 0 0 0-17.805 5.409c-34.486-25.394-77.085-40.409-123.2-40.409-114.88 0-208 93.125-208 208 0 114.88 93.125 208 208 208 114.87 0 208-93.123 208-208 0-46.111-15.016-88.71-40.408-123.2zm-31.762 259.03c-17.646 17.646-38.191 31.499-61.064 41.174-23.672 10.012-48.826 15.089-74.766 15.089s-51.095-5.077-74.767-15.089c-22.873-9.675-43.417-23.527-61.064-41.174s-31.5-38.191-41.174-61.064c-10.013-23.672-15.09-48.828-15.09-74.768s5.077-51.095 15.089-74.767c9.674-22.873 23.527-43.417 41.174-61.064s38.191-31.5 61.064-41.174c23.673-10.013 48.828-15.09 74.768-15.09s51.094 5.077 74.766 15.089a191.2 191.2 0 0 1 37.802 21.327 31.85 31.85 0 0 0-3.568 14.679c0 17.675 14.327 32 32 32 5.293 0 10.28-1.293 14.678-3.568a191 191 0 0 1 21.327 37.801c10.013 23.672 15.09 48.827 15.09 74.767s-5.077 51.096-15.09 74.768c-9.675 22.873-23.527 43.418-41.175 61.064'/><circle cx='256' cy='256' r='96'/></g></svg>",
   "istanbul": "<svg viewBox='0 0 32 32'><path fill='#fdd835' d='M30 13v-3h-2v3h-1v.5a.5.5 0 0 0 .5.5h.5v10h-1v-2h-1v-8h-1v6h-2v-3h-1v1h-1v-1h1a6.35 6.35 0 0 0-6-4 6.35 6.35 0 0 0-6 4h1v1h-1v-1H9v3H7v-6H6v8H5v2H4V14h.5a.5.5 0 0 0 .5-.5V13H4v-3H2v3H1v.5a.5.5 0 0 0 .5.5H2v12h8v-6h2v6h8v-6h2v6h8V14h.5a.5.5 0 0 0 .5-.5V13ZM14 24h-1v-2h1Zm3 0h-2v-2a1 1 0 0 1 2 0Zm2 0h-1v-2h1Zm-1-7v1h-1v-1Zm-3 0v1h-1v-1Zm-3 0h1v1h-1Zm7 1v-1h1v1ZM3 6 2 9h2zm26 0-1 3h2z'/><path fill='#fdd835' d='m16 10-1 2h2zm9.5 1-.5 2h1zm-19 0L6 13h1z'/></svg>",
   "jar": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M22 10h2v4h-2z'/><path fill='#f44336' d='M28 2H4a2 2 0 0 0-2 2v24a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2m-2 12a2 2 0 0 1-2 2h-2v4a4 4 0 0 1-4 4h-8a4 4 0 0 1-4-4V8h18a2 2 0 0 1 2 2Z'/></svg>",
   "java": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M4 26h24v2H4zM28 4H7a1 1 0 0 0-1 1v13a4 4 0 0 0 4 4h10a4 4 0 0 0 4-4v-4h4a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2m0 8h-4V6h4Z'/></svg>",
   "javaclass": "<svg viewBox='0 0 32 32'><path fill='#1e88e5' d='M4 26h24v2H4zM28 4H7a1 1 0 0 0-1 1v13a4 4 0 0 0 4 4h10a4 4 0 0 0 4-4v-4h4a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2m0 8h-4V6h4Z'/></svg>",
   "javascript-map": "<svg viewBox='0 0 16 16'><g fill='#ffca28'><path d='M12 5v1h1v7H6v-1H5l-.069 2 9.069.001V5z'/><path d='M2 2v9h9V2zm3 3h1v4a1.003 1.003 0 0 1-1 1H4a1.003 1.003 0 0 1-1-1V8h1v1h1zm3 0h2v1H8v1h1a1.003 1.003 0 0 1 1 1v1a1.003 1.003 0 0 1-1 1H7V9h2V8H8a1.003 1.003 0 0 1-1-1V6a1.003 1.003 0 0 1 1-1'/></g></svg>",
   "javascript": "<svg viewBox='0 0 16 16'><path fill='#ffca28' d='M2 2v12h12V2zm6 6h1v4a1.003 1.003 0 0 1-1 1H7a1.003 1.003 0 0 1-1-1v-1h1v1h1zm3 0h2v1h-2v1h1a1.003 1.003 0 0 1 1 1v1a1.003 1.003 0 0 1-1 1h-2v-1h2v-1h-1a1.003 1.003 0 0 1-1-1V9a1.003 1.003 0 0 1 1-1'/></svg>",
-  "jenkins": "<svg viewBox='0 0 180 180'><defs><clipPath id='a'><path fill='#37474f' d='M.899 144.42h144.42V0H.899z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.0691 0 0 -1.0691 9.4 166.143)'><g fill-rule='evenodd'><path fill='#f0d6b7' d='m107.96 30.661-12.506-1.876-16.883-1.876-10.943-.312-10.629.312-8.13 2.502-7.19 7.815-5.628 15.945-1.25 3.44-7.504 2.5-4.377 7.191-3.126 10.317 3.44 9.067 8.128 2.814 6.565-3.127 3.127-6.878 3.752.626 1.25 1.563-1.25 7.19-.313 9.068 1.876 12.505-.074 7.143 5.701 9.114 10.005 7.19 17.508 7.504 19.383-2.814 16.883-12.193 7.817-12.505 5.002-9.067 1.25-22.51-3.752-19.384-6.877-17.195-6.566-9.066'/><path fill='#335061' d='m97.334-23.425-44.709-1.876v-7.503l3.752-26.262-1.876-2.19-31.264 10.63-2.19 3.752-3.126 35.328-7.19 21.26-1.563 5.002 25.01 17.195 7.818 3.127 6.877-8.441 5.94-5.315 6.88-2.188 3.125-.938L68.57 1.899l2.814-3.44 7.19 2.502-5.002-9.693 27.2-12.818-3.439-1.876'/><path fill='#6d6b6d' d='m23.238 85.687 8.128 2.814 6.566-3.127 3.127-6.878 3.751.626.938 3.751-1.876 7.19 1.876 17.197-1.563 9.379 5.627 6.565 12.193 9.692-3.44 4.69-17.194-8.442-7.191-5.627-4.064-8.754-6.253-8.442-1.876-10.005z'/><path fill='#dcd9d8' d='M36.055 115.07s4.69 11.567 23.448 17.195c18.759 5.628.938 4.065.938 4.065l-20.321-7.817-7.817-7.816-3.438-6.253zm-9.379-27.195s-6.566 21.886 18.446 25.012l-.938 3.752-17.195-4.065-5.003-16.257 1.251-10.63z'/></g><g fill='#f7e4cd'><path fill-rule='evenodd' d='m36.681 58.799 4.094 3.966s1.847-.214 2.16-2.402c.312-2.19 1.25-21.886 14.693-32.516 1.227-.97-10.004 1.564-10.004 1.564L37.62 45.042m56.589 19.697s.729 9.477 3.28 8.748c2.553-.729 2.553-3.28 2.553-3.28s-6.198-4.01-5.833-5.468'/><path d='M120.16 99.442s-5.153-1.088-5.628-5.628c-.474-4.54 5.628-.938 6.566-.625m-38.771 5.94s-6.879-.938-6.879-5.314c0-4.378 7.817-4.065 10.005-2.19'/><g fill-rule='evenodd'><path d='M39.807 78.808s-11.881 7.191-13.131.312c-1.25-6.877-4.065-11.88 1.876-19.07l-4.064 1.25-3.752 9.691-1.25 9.38 7.19 7.504 8.129-.626 4.69-3.751zm5.628 19.696s5.315 27.512 32.203 32.827c22.136 4.375 33.765-.938 38.142-5.94 0 0-19.696 23.447-38.455 16.257-18.759-7.191-32.514-20.322-32.202-28.762.532-14.377.313-14.382.313-14.382m72.534 23.766s-9.066.312-9.38-7.817c0 0 0-1.25.625-2.5 0 0 7.192 8.129 11.568 3.751'/><path d='M78.268 111.1s-1.56 12.477-12.199 5.223c-6.878-4.69-6.252-11.255-5.002-12.505s.91-3.77 1.862-2.04c.952 1.728.638 7.356 4.078 8.918 3.439 1.564 9.077 3.31 11.26.404'/></g></g><path fill='#49728b' fill-rule='evenodd' d='M48.874 26.597 19.486 13.466s12.193-48.46 5.94-63.467l-4.377 1.563-.313 18.446-8.128 35.015-3.44 9.692 30.639 20.633 9.067-8.753M51.896-.206l4.17-5.087v-18.76h-5.003s-.625 13.132-.625 14.696c0 1.563.624 7.19.624 7.19M52-26.866l-14.069-.625 4.065-2.813L52-31.868'/><g fill-rule='evenodd'><path fill='#335061' d='m100.15-23.739 11.567.313 2.814-28.764-11.881-1.563z'/><path fill='#335061' d='m103.27-23.739 17.508.938s7.19 18.133 7.19 19.07c0 .939 6.253 26.263 6.253 26.263l-14.069 14.694-2.813 2.501-7.504-7.503V3.148z'/><path fill='#49728b' d='m111.09-21.55-10.942-2.188 1.563-8.755c4.064-1.876 10.943 3.127 10.943 3.127M111.4 33.162l21.885-16.257.626 7.503-16.57 15.32-5.94-6.566'/><path fill='#FAFAFA' d='m62.85-85.332-6.473 26.266-3.22 19.38-.531 14.385 29.296 1.56 18.226.003-1.658-32.83 2.814-25.324-.312-4.69-23.76-1.876z'/><path fill='#dcd9d8' d='M96.083-23.426s-1.563-32.515 3.127-55.65c0 0-9.38-5.94-23.136-7.503l26.262.938 3.126 1.875-3.752 51.273-.938 10.944'/><path fill='#FAFAFA' d='m115.06-49.691 12.193 3.44 23.135 1.25 3.44 10.629-6.254 18.446-7.19.938-10.005-3.127-9.599-4.686-5.095.935-3.972-1.56'/><path fill='#dcd9d8' d='M114.84-43.435s8.128 3.751 9.38 3.438L120.78-22.8l4.065 1.563s2.814-16.257 2.814-18.133c0 0 17.507-.938 19.07-.938 0 0 3.752 7.191 2.814 14.694l3.44-10.005.312-5.628-5.002-7.503-5.627-1.25-9.38.312-3.126 4.064-10.943-1.563-3.44-1.25'/></g><path fill='#FAFAFA' d='M102.56-21.241 95.682-3.733l-7.19 10.317s1.562 4.377 3.75 4.377h7.192l6.878-2.501-.625-11.568-3.127-18.134'/><path fill='#dcd9d8' fill-rule='evenodd' d='M103.9-15.297S95.145 1.585 95.145 4.086c0 0 1.563 3.752 3.752 2.814s6.879-3.439 6.879-3.439v5.94l-10.63 2.19-7.19-.939 12.193-28.763 2.5-.313'/><path fill='#FAFAFA' d='m65.664 25.968-8.661.942-8.13 2.501v-2.814l3.972-4.38 12.506-5.627'/><path fill='#dcd9d8' fill-rule='evenodd' d='M51.689 25.031s9.693-4.065 12.819-3.127l.311-3.748-8.752 1.872-5.316 3.752z'/><path fill='#d33833' fill-rule='evenodd' d='M115.03 9.897c-5.305.156-10.098.786-14.294 1.97.285 1.72-.249 3.408.18 4.647 1.17.843 3.13.83 4.898 1.027-1.529.752-3.677 1.049-5.44.615-.042 1.194-.578 1.934-.902 2.868 2.982 1.064 10.024 8.044 13.984 5.732 1.887-1.099 2.689-7.377 2.835-10.43.122-2.533-.23-5.088-1.261-6.43'/><path fill='none' stroke='#d33833' stroke-width='2' d='M115.03 9.897c-5.305.156-10.098.786-14.294 1.97.285 1.72-.249 3.408.18 4.647 1.17.843 3.13.83 4.898 1.027-1.529.752-3.677 1.049-5.44.615-.042 1.194-.578 1.934-.902 2.868 2.982 1.064 10.024 8.044 13.984 5.732 1.887-1.099 2.689-7.377 2.835-10.43.122-2.533-.23-5.088-1.261-6.43z'/><path fill='#d33833' fill-rule='evenodd' d='M89.66 18.569q-.021-.603-.047-1.21c-1.656-1.089-4.33-1.076-6.148-1.99 2.68-.117 4.79-.763 6.614-1.672l-.118-3.033c-3.036-2.078-5.81-5.173-9.384-7.122-1.69-.922-7.622-3.294-9.42-2.875-1.017.236-1.109 1.499-1.516 2.689-.866 2.548-2.861 6.605-3.035 10.44-.222 4.846-.71 12.967 4.51 11.969 4.213-.804 9.113-2.745 12.375-4.527 1.993-1.09 3.146-2.436 6.17-2.669'/><path fill='none' stroke='#d33833' stroke-width='2' d='M89.66 18.569q-.021-.603-.047-1.21c-1.656-1.089-4.33-1.076-6.148-1.99 2.68-.117 4.79-.763 6.614-1.672l-.118-3.033c-3.036-2.078-5.81-5.173-9.384-7.122-1.69-.922-7.622-3.294-9.42-2.875-1.017.236-1.109 1.499-1.516 2.689-.866 2.548-2.861 6.605-3.035 10.44-.222 4.846-.71 12.967 4.51 11.969 4.213-.804 9.113-2.745 12.375-4.527 1.993-1.09 3.146-2.436 6.17-2.669z'/><path fill='#d33833' fill-rule='evenodd' d='M92.675 12.788c-.463 2.64-.999 3.393-.792 5.695 7.04 4.693 8.361-8.061.792-5.695'/><path fill='none' stroke='#d33833' stroke-width='2' d='M92.675 12.788c-.463 2.64-.999 3.393-.792 5.695 7.04 4.693 8.361-8.061.792-5.695z'/><g fill-rule='evenodd'><path fill='#ef3d3a' d='M102.87 10.649s-2.19 3.127-.626 4.065 3.127 0 4.065 1.563 0 2.501.313 4.377 1.877 2.189 3.44 2.501c1.562.313 5.94.938 6.565-.625l-1.876 5.627-3.752 1.25-11.88-6.877-.626-3.44v-6.877M70.041.331c-.376 4.88-.773 9.752-1.215 14.626-.662 7.279 1.748 6.009 8.057 6.009.964 0 5.933-1.15 6.289-1.876 1.705-3.483-2.851-2.709 1.964-5.335 4.065-2.216 11.246 1.346 9.603 6.273-.919 1.095-4.789.341-6.176 1.06l-7.327 3.8c-3.108 1.612-10.29 3.962-13.603 1.709-8.395-5.71.53-19.974 3.524-25.93'/><path fill='#231f20' d='M78.268 111.1c-8.521 1.985-12.755-3.566-15.338-9.323-2.306.559-1.389 3.695-.806 5.294 1.525 4.194 7.672 9.778 12.694 9.02 2.161-.325 5.086-2.301 3.45-4.99m41.522-9.701.404-.016c1.926-4 3.593-8.238 6.022-11.769-1.628-3.79-12.322-7.144-12.157-.338 2.313 1.01 6.305.206 8.356 1.497-1.186 3.254-2.897 6.024-2.625 10.626m-37.16-.11c1.827-3.35 2.422-6.868 5.019-9.4 1.17-1.14 3.444-2.529 2.316-5.698-.263-.747-2.189-2.414-3.3-2.741-4.06-1.2-13.521-.248-10.317 4.814 3.358-.157 7.871-2.18 10.38.257-1.927 3.081-5.363 9.177-4.098 12.768m35.63-34.037c-6.113-3.927-12.93-8.197-22.947-7.207-2.14 1.86-2.956 6.002-.877 8.737 1.082-1.861.402-5.284 3.419-5.799 5.684-.972 12.299 3.477 16.387 5.032 2.535 4.275-.219 5.847-2.503 8.597-4.675 5.636-10.947 12.622-10.72 21.06 1.89 1.37 2.053-2.092 2.325-2.722 2.44-5.714 8.585-13.021 13.07-17.912 1.1-1.205 2.914-2.36 3.115-3.157.582-2.315-1.513-5.09-1.27-6.63m-80.591 4.135c-1.916 1.094-2.372 5.91-4.622 6.048-3.215.195-2.629-6.25-2.616-10.018-2.213 2.009-2.602 8.194-.976 11.37-1.853.91-2.68-1.003-3.708-1.677 1.32 9.595 14.036 4.45 11.922-5.723m84.482-8.13c-2.846-5.417-6.871-11.382-15.222-11.555-.17 1.75-.3 4.411.009 5.464 6.384.614 10.325 3.863 15.212 6.091m-40-3.512c5.326-2.8 15.114-3.102 22.353-2.89.388-1.586.379-3.545.394-5.48-9.305-.463-20.307 1.84-22.747 8.37m-1.013-5.222c3.683-9.247 16.341-8.182 27.016-7.927-.47-1.2-1.489-2.62-2.755-3.132-3.42-1.392-12.855-2.448-17.604.074-3.011 1.601-4.946 5.219-6.596 7.34-.797 1.024-4.765 3.64-.06 3.645'/><path fill='#81b0c4' d='M117.82 3.516c-4.322-7.402-8.457-15.005-13.585-21.534 2.15 6.32 3.07 16.9 3.394 24.965 4.498 2.105 8.349-.474 10.191-3.43'/><path fill='#231f20' d='M141.07-23.089c-4.839-.969-8.239-5.671-12.959-5.37 2.594 3.658 7.14 5.2 12.959 5.37m2.14-7.572c-3.944-.417-8.576-1.055-12.577-.726 1.894 2.892 9.19 1.894 12.577.726m1.37-6.529c-4.433-.096-9.942-.008-14.155.346 2.492 2.677 11.28.993 14.155-.346'/><path fill='#dcd9d8' d='M109.48-55.057c.636-5.567 2.843-11.207 2.566-17.304-2.45-.827-3.858-1.55-7.142-1.545-.232 5.181-.925 13.102-.718 18.041 1.615-.107 3.997 1.154 5.294.808'/><path fill='#f0d6b7' d='M102.33 26.985c-2.226-1.453-4.121-3.267-6.259-4.818-4.74-.235-7.327.328-10.81 3.05.057.219.407.121.42.39 5.075-2.262 11.524.92 16.648 1.378'/><path fill='#81b0c4' d='M75.694-7.603c1.394 6.04 6.857 9.17 11.817 12.497 5.12-6.498 8.234-14.855 11.663-22.92-8.102 2.443-16.38 6.406-23.481 10.423'/><path fill='#231f20' d='M104.18-55.865c-.207-4.94.486-12.86.718-18.041 3.283-.004 4.691.718 7.142 1.545.276 6.096-1.93 11.737-2.566 17.304-1.298.346-3.679-.914-5.294-.808m-51.13 28.09c2.165-19.906 5.301-36.639 11.054-54.266 12.766-3.876 28.157-4.214 39.441-.716-2.072 9.948-1.167 22.06-2.378 32.677-.912 7.98-.447 16.009-1.698 24.15-13.673 2.844-33 .665-46.418-1.845zm49.651 1.72c-.115-8.549.383-16.982 1.036-25.542 3.282.493 5.51.822 8.56 1.49-.99 8.241-.869 17.514-2.886 24.804-2.332-.023-4.385.027-6.71-.752m16.653 1.378c-1.558.357-3.372.014-4.86-.015.7-6.969 2.397-14.659 2.995-21.974 2.342-.073 3.593 1.032 5.52 1.403.102 6.421-.562 15.268-3.655 20.586m25.215-23.038c4.882 1.186 7.952 7.165 6.586 13.305-.916 4.127-2.548 11.898-4.295 14.538-1.29 1.953-4.79 4.51-7.584 2.72-4.545-2.91-12.552-3.755-15.867-7.278 1.662-5.534 2.178-13.135 2.864-20.146 5.678-.354 12.665 1.562 17.387-.471-3.297-1.068-7.575-1.077-10.423-2.633 2.328-1.125 7.778-.897 11.332-.035M99.17-18.025c-3.43 8.063-6.543 16.42-11.663 22.918-4.96-3.327-10.423-6.456-11.817-12.497 7.1-4.017 15.379-7.98 23.481-10.422zm8.453 24.971c-.325-8.065-1.245-18.644-3.395-24.965 5.128 6.53 9.263 14.132 13.585 21.534-1.842 2.957-5.693 5.536-10.19 3.431m-9.582 3.405c-1.943.21-3.592-2.233-6.117-1.177-.58-.64-1.105-1.333-1.695-1.958 5.579-6.723 8.114-16.262 12.423-24.163 2.312 7.59 2.045 15.904 2.555 24.188-3.177-.201-4.94 2.873-7.166 3.11m-6.161 8.132c-.208-2.303.328-3.056.791-5.695 7.57-2.367 6.248 10.388-.791 5.695m-8.394 2.755c-3.261 1.782-8.161 3.723-12.374 4.527-5.222.999-4.732-7.123-4.51-11.968.173-3.836 2.168-7.893 3.035-10.441.406-1.19.498-2.453 1.515-2.69 1.798-.418 7.73 1.954 9.42 2.875 3.575 1.95 6.348 5.045 9.384 7.123l.119 3.032c-1.826.91-3.935 1.555-6.615 1.673 1.818.914 4.492.901 6.148 1.989q.025.609.047 1.21c-3.024.234-4.176 1.58-6.17 2.67zm-31.152 5.659c-2.707-2.748 7.592-6.494 10.871-6.696-.018 1.739.991 3.378.788 4.626-3.895.684-9.013.232-11.66 2.07zm33.345-1.29c-.013-.27-.363-.172-.42-.39 3.482-2.722 6.07-3.285 10.81-3.05 2.137 1.551 4.033 3.365 6.259 4.818-5.124-.458-11.574-3.64-16.648-1.379zm30.606-9.282c-.146 3.053-.948 9.332-2.835 10.431-3.961 2.312-11.002-4.668-13.984-5.732.324-.934.86-1.674.901-2.868 1.764.434 3.912.137 5.44-.615-1.767-.198-3.727-.185-4.897-1.027-.429-1.239.105-2.927-.18-4.647 4.196-1.184 8.989-1.814 14.294-1.97 1.032 1.341 1.383 3.896 1.261 6.429zM47.777 24.24c-.85.606-6.6 8.087-7.388 7.777-10.405-4.103-20.134-11.199-28.828-17.91 8.29-17.787 11.635-39.579 12.227-60.582 9.496-4.441 17.836-10.844 30.722-11.512-1.491 10.55-2.852 19.962-3.699 29.895-3.237 1.365-7.882-.062-10.913.423-.025 3.651 4.628 1.6 5.015 4.054.292 1.858-2.56 1.998-1.631 4.923 2.368-.861 3.612-2.763 6.138-3.477 2.309 5.05-.032 13.985.3 18.205.064.792.397 4.39 2.172 3.759 1.57-.559-.09-9.569.082-13.563.157-3.68-.444-7.242 1.046-9.552a356 356 0 0 0 38.576 3.16c-2.964 1.272-6.485 2.475-10.345 4.651-2.093 1.18-8.69 3.635-9.293 5.622-.964 3.167 2.528 4.855 3.125 7.57-6.285-3.428-7.511 3.286-8.998 8.042-1.347 4.308-2.114 7.526-2.445 10.01-5.414 2.581-11.203 5.195-15.863 8.505m63.009 6.872c8.67 4.204 10.232-15.711 6.834-22.127.525-1.914 2.331-2.646 3.069-4.366-4.838-8.667-10.211-16.756-15.148-25.32 3.672 2.286 8.917.409 13.238 2.12 1.58.624 2.722 4.24 3.918 7.133 3.29 7.958 6.743 17.99 8.28 25.586.346 1.73 1.292 5.5 1.08 7.04-.378 2.758-4.12 4.803-6.022 6.508-3.506 3.15-5.714 5.921-9.371 8.866-1.483-2.189-4.666-3.66-5.878-5.44M27.95 107.99c-4.13-4.545-3.266-13.062-2.766-19.121 7.467 4.697 17.377-.372 17.284-8.36 3.565.094 1.332 4.452.687 7.259-2.107 9.169 3.55 19.13.256 27.516-6.395-.485-11.649-3.097-15.46-7.294zm29.558 26.38c-9.352-2.65-21.337-9.446-25.18-17.847 2.976.432 5.041 1.933 7.977 2.119 1.11.072 2.563-.466 3.838-.148 2.54.63 4.685 6.327 6.602 8.447 1.868 2.07 4.114 2.954 5.651 4.841.988.477 2.448.444 2.504 1.927-.428.457-.879.806-1.392.66zm48.681-2.493c-9.707 5.477-26.136 9.596-36.462 4.449-8.331-4.155-19.593-11.027-23.433-19.737 3.587-8.405-1.062-16.106-1.36-24.64-.157-4.54 2.139-8.504 2.315-13.446-1.228-2.025-4.978-2.275-7.574-2.136-.873 4.372-2.403 9.287-6.906 9.78-6.371.697-11.03-4.576-11.319-10.085-.342-6.48 4.978-17.22 12.517-16.475 2.913.287 3.629 3.207 6.802 3.177 1.72-3.432-2.653-4.51-3.103-6.964-.117-.634.363-3.112.642-4.274 1.37-5.658 4.422-12.982 7.427-17.29 3.814-5.464 11.307-6.288 19.37-6.823 1.44 3.101 6.743 2.846 10.2 2.035-4.143 1.64-7.993 5.617-11.185 9.137-3.665 4.039-7.378 8.371-7.566 13.65 6.927-9.61 12.65-18.003 25.246-22.23 9.53-3.196 20.662 1.465 27.986 6.608 3.039 2.137 4.853 5.529 7.013 8.634 8.082 11.626 11.854 28.219 11.024 44.303-.342 6.633-.327 13.244-2.552 17.706-2.326 4.666-10.193 8.84-14.8 4.62-.853 4.537 3.83 7.344 9.331 5.71-3.922 5.063-8.039 11.145-13.614 14.29zm18.084-149.66c7.585 3.77 21.757 10.149 26.512-.014 1.755-3.746 3.814-10.079 4.723-13.946 1.284-5.456-1.392-16.923-7-18.754-4.953-1.617-10.733-1.518-16.7-.32-.702.585-1.484 1.603-2.03 2.665-4.261.165-8.25-.229-11.615-1.98.319-3.15-1.812-3.656-3.81-4.305-1.48-5.872 2.963-13.541 1.9-18.896-.76-3.815-5.453-4.405-8.902-5.118-.113-2.12.15-3.89.386-5.683-.789-2.907-4.327-4.561-7.679-4.967-11.029-1.326-27.775-1.922-38.384 1.893-2.96 7.261-5.292 16.093-7.758 24.384-10.346-1.105-18.715 4.464-26.603 8.113-2.731 1.266-6.51 1.964-7.53 4.138-.99 2.105-.584 6.14-.83 9.95-.625 9.733-1.16 19.12-3.73 29.086-1.154 4.472-3.165 8.418-4.568 12.727C9.358 5.184 7.092 10.12 6.5 14.1c-.877 5.903 4.681 6.232 8.235 8.79 5.494 3.954 9.806 6.142 15.756 9.711 1.762 1.057 7.077 3.733 7.681 4.966 1.202 2.443-2.062 5.888-2.935 7.803-1.38 3.03-2.1 5.602-2.298 8.59-4.992.789-8.775 3.76-11.06 7.109-3.781 5.543-6.403 15.798-3.132 23.599.257.614 1.536 1.822 1.725 2.765.372 1.858-.7 4.329-.768 6.305-.343 10.14 1.716 18.875 8.541 21.932 2.771 11.038 12.688 14.71 22.032 20.195 3.493 2.05 7.343 3.36 11.32 4.824 14.263 5.25 36.15 4.261 47.987-4.692 5.02-3.797 13.044-11.813 15.914-17.617 7.58-15.323 7.042-40.931 1.74-59.571-.712-2.503-1.746-6.181-3.19-9.187-1.006-2.1-4.134-6.3-3.754-8.153.391-1.916 7.132-7.034 8.577-8.428 2.603-2.51 7.548-5.843 7.948-9.012.43-3.372-1.485-7.984-2.456-11.238-3.245-10.858-6.412-20.895-10.091-30.576'/><path fill='#f7e4cd' d='M73.674 57.38c.411.548 2.674 1.38 5.84-.144 0 0-3.752-.626-3.44-6.881l-1.564.313s-1.615 5.672-.836 6.712'/><path fill='#1d1919' d='M101.09 3.617a1.72 1.72 0 1 0-3.44.001 1.72 1.72 0 0 0 3.44-.001m1.72-7.972a1.72 1.72 0 1 0-3.44 0 1.72 1.72 0 0 0 3.44 0'/></g></g></svg>",
+  "jenkins": "<svg viewBox='0 0 180 180'><defs><clipPath id='a'><path fill='#37474f' d='M.899 144.42h144.42V0H.899z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.0691 0 0 -1.0691 9.4 166.143)'><g fill-rule='evenodd'><path fill='#f0d6b7' d='m107.96 30.661-12.506-1.876-16.883-1.876-10.943-.312-10.629.312-8.13 2.502-7.19 7.815-5.628 15.945-1.25 3.44-7.504 2.5-4.377 7.191-3.126 10.317 3.44 9.067 8.128 2.814 6.565-3.127 3.127-6.878 3.752.626 1.25 1.563-1.25 7.19-.313 9.068 1.876 12.505-.074 7.143 5.701 9.114 10.005 7.19 17.508 7.504 19.383-2.814 16.883-12.193 7.817-12.505 5.002-9.067 1.25-22.51-3.752-19.384-6.877-17.195-6.566-9.066'/><path fill='#335061' d='m97.334-23.425-44.709-1.876v-7.503l3.752-26.262-1.876-2.19-31.264 10.63-2.19 3.752-3.126 35.328-7.19 21.26-1.563 5.002 25.01 17.195 7.818 3.127 6.877-8.441 5.94-5.315 6.88-2.188 3.125-.938L68.57 1.899l2.814-3.44 7.19 2.502-5.002-9.693 27.2-12.818-3.439-1.876'/><path fill='#6d6b6d' d='m23.238 85.687 8.128 2.814 6.566-3.127 3.127-6.878 3.751.626.938 3.751-1.876 7.19 1.876 17.197-1.563 9.379 5.627 6.565 12.193 9.692-3.44 4.69-17.194-8.442-7.191-5.627-4.064-8.754-6.253-8.442-1.876-10.005z'/><path fill='#dcd9d8' d='M36.055 115.07s4.69 11.567 23.448 17.195c18.759 5.628.938 4.065.938 4.065l-20.321-7.817-7.817-7.816-3.438-6.253zm-9.379-27.195s-6.566 21.886 18.446 25.012l-.938 3.752-17.195-4.065-5.003-16.257 1.251-10.63z'/></g><g fill='#f7e4cd'><path fill-rule='evenodd' d='m36.681 58.799 4.094 3.966s1.847-.214 2.16-2.402c.312-2.19 1.25-21.886 14.693-32.516 1.227-.97-10.004 1.564-10.004 1.564L37.62 45.042m56.589 19.697s.729 9.477 3.28 8.748c2.553-.729 2.553-3.28 2.553-3.28s-6.198-4.01-5.833-5.468'/><path d='M120.16 99.442s-5.153-1.088-5.628-5.628c-.474-4.54 5.628-.938 6.566-.625m-38.771 5.94s-6.879-.938-6.879-5.314c0-4.378 7.817-4.065 10.005-2.19'/><g fill-rule='evenodd'><path d='M39.807 78.808s-11.881 7.191-13.131.312c-1.25-6.877-4.065-11.88 1.876-19.07l-4.064 1.25-3.752 9.691-1.25 9.38 7.19 7.504 8.129-.626 4.69-3.751zm5.628 19.696s5.315 27.512 32.203 32.827c22.136 4.375 33.765-.938 38.142-5.94 0 0-19.696 23.447-38.455 16.257-18.759-7.191-32.514-20.322-32.202-28.762.532-14.377.313-14.382.313-14.382m72.534 23.766s-9.066.312-9.38-7.817c0 0 0-1.25.625-2.5 0 0 7.192 8.129 11.568 3.751'/><path d='M78.268 111.1s-1.56 12.477-12.199 5.223c-6.878-4.69-6.252-11.255-5.002-12.505s.91-3.77 1.862-2.04c.952 1.728.638 7.356 4.078 8.918 3.439 1.564 9.077 3.31 11.26.404'/></g></g><path fill='#49728b' fill-rule='evenodd' d='M48.874 26.597 19.486 13.466s12.193-48.46 5.94-63.467l-4.377 1.563-.313 18.446-8.128 35.015-3.44 9.692 30.639 20.633 9.067-8.753M51.896-.206l4.17-5.087v-18.76h-5.003s-.625 13.132-.625 14.696c0 1.563.624 7.19.624 7.19M52-26.866l-14.069-.625 4.065-2.813L52-31.868'/><g fill-rule='evenodd'><path fill='#335061' d='m100.15-23.739 11.567.313 2.814-28.764-11.881-1.563z'/><path fill='#335061' d='m103.27-23.739 17.508.938s7.19 18.133 7.19 19.07c0 .939 6.253 26.263 6.253 26.263l-14.069 14.694-2.813 2.501-7.504-7.503V3.148z'/><path fill='#49728b' d='m111.09-21.55-10.942-2.188 1.563-8.755c4.064-1.876 10.943 3.127 10.943 3.127M111.4 33.162l21.885-16.257.626 7.503-16.57 15.32-5.94-6.566'/><path fill='#fafafa' d='m62.85-85.332-6.473 26.266-3.22 19.38-.531 14.385 29.296 1.56 18.226.003-1.658-32.83 2.814-25.324-.312-4.69-23.76-1.876z'/><path fill='#dcd9d8' d='M96.083-23.426s-1.563-32.515 3.127-55.65c0 0-9.38-5.94-23.136-7.503l26.262.938 3.126 1.875-3.752 51.273-.938 10.944'/><path fill='#fafafa' d='m115.06-49.691 12.193 3.44 23.135 1.25 3.44 10.629-6.254 18.446-7.19.938-10.005-3.127-9.599-4.686-5.095.935-3.972-1.56'/><path fill='#dcd9d8' d='M114.84-43.435s8.128 3.751 9.38 3.438L120.78-22.8l4.065 1.563s2.814-16.257 2.814-18.133c0 0 17.507-.938 19.07-.938 0 0 3.752 7.191 2.814 14.694l3.44-10.005.312-5.628-5.002-7.503-5.627-1.25-9.38.312-3.126 4.064-10.943-1.563-3.44-1.25'/></g><path fill='#fafafa' d='M102.56-21.241 95.682-3.733l-7.19 10.317s1.562 4.377 3.75 4.377h7.192l6.878-2.501-.625-11.568-3.127-18.134'/><path fill='#dcd9d8' fill-rule='evenodd' d='M103.9-15.297S95.145 1.585 95.145 4.086c0 0 1.563 3.752 3.752 2.814s6.879-3.439 6.879-3.439v5.94l-10.63 2.19-7.19-.939 12.193-28.763 2.5-.313'/><path fill='#fafafa' d='m65.664 25.968-8.661.942-8.13 2.501v-2.814l3.972-4.38 12.506-5.627'/><path fill='#dcd9d8' fill-rule='evenodd' d='M51.689 25.031s9.693-4.065 12.819-3.127l.311-3.748-8.752 1.872-5.316 3.752z'/><path fill='#d33833' fill-rule='evenodd' d='M115.03 9.897c-5.305.156-10.098.786-14.294 1.97.285 1.72-.249 3.408.18 4.647 1.17.843 3.13.83 4.898 1.027-1.529.752-3.677 1.049-5.44.615-.042 1.194-.578 1.934-.902 2.868 2.982 1.064 10.024 8.044 13.984 5.732 1.887-1.099 2.689-7.377 2.835-10.43.122-2.533-.23-5.088-1.261-6.43'/><path fill='none' stroke='#d33833' stroke-width='2' d='M115.03 9.897c-5.305.156-10.098.786-14.294 1.97.285 1.72-.249 3.408.18 4.647 1.17.843 3.13.83 4.898 1.027-1.529.752-3.677 1.049-5.44.615-.042 1.194-.578 1.934-.902 2.868 2.982 1.064 10.024 8.044 13.984 5.732 1.887-1.099 2.689-7.377 2.835-10.43.122-2.533-.23-5.088-1.261-6.43z'/><path fill='#d33833' fill-rule='evenodd' d='M89.66 18.569q-.021-.603-.047-1.21c-1.656-1.089-4.33-1.076-6.148-1.99 2.68-.117 4.79-.763 6.614-1.672l-.118-3.033c-3.036-2.078-5.81-5.173-9.384-7.122-1.69-.922-7.622-3.294-9.42-2.875-1.017.236-1.109 1.499-1.516 2.689-.866 2.548-2.861 6.605-3.035 10.44-.222 4.846-.71 12.967 4.51 11.969 4.213-.804 9.113-2.745 12.375-4.527 1.993-1.09 3.146-2.436 6.17-2.669'/><path fill='none' stroke='#d33833' stroke-width='2' d='M89.66 18.569q-.021-.603-.047-1.21c-1.656-1.089-4.33-1.076-6.148-1.99 2.68-.117 4.79-.763 6.614-1.672l-.118-3.033c-3.036-2.078-5.81-5.173-9.384-7.122-1.69-.922-7.622-3.294-9.42-2.875-1.017.236-1.109 1.499-1.516 2.689-.866 2.548-2.861 6.605-3.035 10.44-.222 4.846-.71 12.967 4.51 11.969 4.213-.804 9.113-2.745 12.375-4.527 1.993-1.09 3.146-2.436 6.17-2.669z'/><path fill='#d33833' fill-rule='evenodd' d='M92.675 12.788c-.463 2.64-.999 3.393-.792 5.695 7.04 4.693 8.361-8.061.792-5.695'/><path fill='none' stroke='#d33833' stroke-width='2' d='M92.675 12.788c-.463 2.64-.999 3.393-.792 5.695 7.04 4.693 8.361-8.061.792-5.695z'/><g fill-rule='evenodd'><path fill='#ef3d3a' d='M102.87 10.649s-2.19 3.127-.626 4.065 3.127 0 4.065 1.563 0 2.501.313 4.377 1.877 2.189 3.44 2.501c1.562.313 5.94.938 6.565-.625l-1.876 5.627-3.752 1.25-11.88-6.877-.626-3.44v-6.877M70.041.331c-.376 4.88-.773 9.752-1.215 14.626-.662 7.279 1.748 6.009 8.057 6.009.964 0 5.933-1.15 6.289-1.876 1.705-3.483-2.851-2.709 1.964-5.335 4.065-2.216 11.246 1.346 9.603 6.273-.919 1.095-4.789.341-6.176 1.06l-7.327 3.8c-3.108 1.612-10.29 3.962-13.603 1.709-8.395-5.71.53-19.974 3.524-25.93'/><path fill='#231f20' d='M78.268 111.1c-8.521 1.985-12.755-3.566-15.338-9.323-2.306.559-1.389 3.695-.806 5.294 1.525 4.194 7.672 9.778 12.694 9.02 2.161-.325 5.086-2.301 3.45-4.99m41.522-9.701.404-.016c1.926-4 3.593-8.238 6.022-11.769-1.628-3.79-12.322-7.144-12.157-.338 2.313 1.01 6.305.206 8.356 1.497-1.186 3.254-2.897 6.024-2.625 10.626m-37.16-.11c1.827-3.35 2.422-6.868 5.019-9.4 1.17-1.14 3.444-2.529 2.316-5.698-.263-.747-2.189-2.414-3.3-2.741-4.06-1.2-13.521-.248-10.317 4.814 3.358-.157 7.871-2.18 10.38.257-1.927 3.081-5.363 9.177-4.098 12.768m35.63-34.037c-6.113-3.927-12.93-8.197-22.947-7.207-2.14 1.86-2.956 6.002-.877 8.737 1.082-1.861.402-5.284 3.419-5.799 5.684-.972 12.299 3.477 16.387 5.032 2.535 4.275-.219 5.847-2.503 8.597-4.675 5.636-10.947 12.622-10.72 21.06 1.89 1.37 2.053-2.092 2.325-2.722 2.44-5.714 8.585-13.021 13.07-17.912 1.1-1.205 2.914-2.36 3.115-3.157.582-2.315-1.513-5.09-1.27-6.63m-80.591 4.135c-1.916 1.094-2.372 5.91-4.622 6.048-3.215.195-2.629-6.25-2.616-10.018-2.213 2.009-2.602 8.194-.976 11.37-1.853.91-2.68-1.003-3.708-1.677 1.32 9.595 14.036 4.45 11.922-5.723m84.482-8.13c-2.846-5.417-6.871-11.382-15.222-11.555-.17 1.75-.3 4.411.009 5.464 6.384.614 10.325 3.863 15.212 6.091m-40-3.512c5.326-2.8 15.114-3.102 22.353-2.89.388-1.586.379-3.545.394-5.48-9.305-.463-20.307 1.84-22.747 8.37m-1.013-5.222c3.683-9.247 16.341-8.182 27.016-7.927-.47-1.2-1.489-2.62-2.755-3.132-3.42-1.392-12.855-2.448-17.604.074-3.011 1.601-4.946 5.219-6.596 7.34-.797 1.024-4.765 3.64-.06 3.645'/><path fill='#81b0c4' d='M117.82 3.516c-4.322-7.402-8.457-15.005-13.585-21.534 2.15 6.32 3.07 16.9 3.394 24.965 4.498 2.105 8.349-.474 10.191-3.43'/><path fill='#231f20' d='M141.07-23.089c-4.839-.969-8.239-5.671-12.959-5.37 2.594 3.658 7.14 5.2 12.959 5.37m2.14-7.572c-3.944-.417-8.576-1.055-12.577-.726 1.894 2.892 9.19 1.894 12.577.726m1.37-6.529c-4.433-.096-9.942-.008-14.155.346 2.492 2.677 11.28.993 14.155-.346'/><path fill='#dcd9d8' d='M109.48-55.057c.636-5.567 2.843-11.207 2.566-17.304-2.45-.827-3.858-1.55-7.142-1.545-.232 5.181-.925 13.102-.718 18.041 1.615-.107 3.997 1.154 5.294.808'/><path fill='#f0d6b7' d='M102.33 26.985c-2.226-1.453-4.121-3.267-6.259-4.818-4.74-.235-7.327.328-10.81 3.05.057.219.407.121.42.39 5.075-2.262 11.524.92 16.648 1.378'/><path fill='#81b0c4' d='M75.694-7.603c1.394 6.04 6.857 9.17 11.817 12.497 5.12-6.498 8.234-14.855 11.663-22.92-8.102 2.443-16.38 6.406-23.481 10.423'/><path fill='#231f20' d='M104.18-55.865c-.207-4.94.486-12.86.718-18.041 3.283-.004 4.691.718 7.142 1.545.276 6.096-1.93 11.737-2.566 17.304-1.298.346-3.679-.914-5.294-.808m-51.13 28.09c2.165-19.906 5.301-36.639 11.054-54.266 12.766-3.876 28.157-4.214 39.441-.716-2.072 9.948-1.167 22.06-2.378 32.677-.912 7.98-.447 16.009-1.698 24.15-13.673 2.844-33 .665-46.418-1.845zm49.651 1.72c-.115-8.549.383-16.982 1.036-25.542 3.282.493 5.51.822 8.56 1.49-.99 8.241-.869 17.514-2.886 24.804-2.332-.023-4.385.027-6.71-.752m16.653 1.378c-1.558.357-3.372.014-4.86-.015.7-6.969 2.397-14.659 2.995-21.974 2.342-.073 3.593 1.032 5.52 1.403.102 6.421-.562 15.268-3.655 20.586m25.215-23.038c4.882 1.186 7.952 7.165 6.586 13.305-.916 4.127-2.548 11.898-4.295 14.538-1.29 1.953-4.79 4.51-7.584 2.72-4.545-2.91-12.552-3.755-15.867-7.278 1.662-5.534 2.178-13.135 2.864-20.146 5.678-.354 12.665 1.562 17.387-.471-3.297-1.068-7.575-1.077-10.423-2.633 2.328-1.125 7.778-.897 11.332-.035M99.17-18.025c-3.43 8.063-6.543 16.42-11.663 22.918-4.96-3.327-10.423-6.456-11.817-12.497 7.1-4.017 15.379-7.98 23.481-10.422zm8.453 24.971c-.325-8.065-1.245-18.644-3.395-24.965 5.128 6.53 9.263 14.132 13.585 21.534-1.842 2.957-5.693 5.536-10.19 3.431m-9.582 3.405c-1.943.21-3.592-2.233-6.117-1.177-.58-.64-1.105-1.333-1.695-1.958 5.579-6.723 8.114-16.262 12.423-24.163 2.312 7.59 2.045 15.904 2.555 24.188-3.177-.201-4.94 2.873-7.166 3.11m-6.161 8.132c-.208-2.303.328-3.056.791-5.695 7.57-2.367 6.248 10.388-.791 5.695m-8.394 2.755c-3.261 1.782-8.161 3.723-12.374 4.527-5.222.999-4.732-7.123-4.51-11.968.173-3.836 2.168-7.893 3.035-10.441.406-1.19.498-2.453 1.515-2.69 1.798-.418 7.73 1.954 9.42 2.875 3.575 1.95 6.348 5.045 9.384 7.123l.119 3.032c-1.826.91-3.935 1.555-6.615 1.673 1.818.914 4.492.901 6.148 1.989q.025.609.047 1.21c-3.024.234-4.176 1.58-6.17 2.67zm-31.152 5.659c-2.707-2.748 7.592-6.494 10.871-6.696-.018 1.739.991 3.378.788 4.626-3.895.684-9.013.232-11.66 2.07zm33.345-1.29c-.013-.27-.363-.172-.42-.39 3.482-2.722 6.07-3.285 10.81-3.05 2.137 1.551 4.033 3.365 6.259 4.818-5.124-.458-11.574-3.64-16.648-1.379zm30.606-9.282c-.146 3.053-.948 9.332-2.835 10.431-3.961 2.312-11.002-4.668-13.984-5.732.324-.934.86-1.674.901-2.868 1.764.434 3.912.137 5.44-.615-1.767-.198-3.727-.185-4.897-1.027-.429-1.239.105-2.927-.18-4.647 4.196-1.184 8.989-1.814 14.294-1.97 1.032 1.341 1.383 3.896 1.261 6.429zM47.777 24.24c-.85.606-6.6 8.087-7.388 7.777-10.405-4.103-20.134-11.199-28.828-17.91 8.29-17.787 11.635-39.579 12.227-60.582 9.496-4.441 17.836-10.844 30.722-11.512-1.491 10.55-2.852 19.962-3.699 29.895-3.237 1.365-7.882-.062-10.913.423-.025 3.651 4.628 1.6 5.015 4.054.292 1.858-2.56 1.998-1.631 4.923 2.368-.861 3.612-2.763 6.138-3.477 2.309 5.05-.032 13.985.3 18.205.064.792.397 4.39 2.172 3.759 1.57-.559-.09-9.569.082-13.563.157-3.68-.444-7.242 1.046-9.552a356 356 0 0 0 38.576 3.16c-2.964 1.272-6.485 2.475-10.345 4.651-2.093 1.18-8.69 3.635-9.293 5.622-.964 3.167 2.528 4.855 3.125 7.57-6.285-3.428-7.511 3.286-8.998 8.042-1.347 4.308-2.114 7.526-2.445 10.01-5.414 2.581-11.203 5.195-15.863 8.505m63.009 6.872c8.67 4.204 10.232-15.711 6.834-22.127.525-1.914 2.331-2.646 3.069-4.366-4.838-8.667-10.211-16.756-15.148-25.32 3.672 2.286 8.917.409 13.238 2.12 1.58.624 2.722 4.24 3.918 7.133 3.29 7.958 6.743 17.99 8.28 25.586.346 1.73 1.292 5.5 1.08 7.04-.378 2.758-4.12 4.803-6.022 6.508-3.506 3.15-5.714 5.921-9.371 8.866-1.483-2.189-4.666-3.66-5.878-5.44M27.95 107.99c-4.13-4.545-3.266-13.062-2.766-19.121 7.467 4.697 17.377-.372 17.284-8.36 3.565.094 1.332 4.452.687 7.259-2.107 9.169 3.55 19.13.256 27.516-6.395-.485-11.649-3.097-15.46-7.294zm29.558 26.38c-9.352-2.65-21.337-9.446-25.18-17.847 2.976.432 5.041 1.933 7.977 2.119 1.11.072 2.563-.466 3.838-.148 2.54.63 4.685 6.327 6.602 8.447 1.868 2.07 4.114 2.954 5.651 4.841.988.477 2.448.444 2.504 1.927-.428.457-.879.806-1.392.66zm48.681-2.493c-9.707 5.477-26.136 9.596-36.462 4.449-8.331-4.155-19.593-11.027-23.433-19.737 3.587-8.405-1.062-16.106-1.36-24.64-.157-4.54 2.139-8.504 2.315-13.446-1.228-2.025-4.978-2.275-7.574-2.136-.873 4.372-2.403 9.287-6.906 9.78-6.371.697-11.03-4.576-11.319-10.085-.342-6.48 4.978-17.22 12.517-16.475 2.913.287 3.629 3.207 6.802 3.177 1.72-3.432-2.653-4.51-3.103-6.964-.117-.634.363-3.112.642-4.274 1.37-5.658 4.422-12.982 7.427-17.29 3.814-5.464 11.307-6.288 19.37-6.823 1.44 3.101 6.743 2.846 10.2 2.035-4.143 1.64-7.993 5.617-11.185 9.137-3.665 4.039-7.378 8.371-7.566 13.65 6.927-9.61 12.65-18.003 25.246-22.23 9.53-3.196 20.662 1.465 27.986 6.608 3.039 2.137 4.853 5.529 7.013 8.634 8.082 11.626 11.854 28.219 11.024 44.303-.342 6.633-.327 13.244-2.552 17.706-2.326 4.666-10.193 8.84-14.8 4.62-.853 4.537 3.83 7.344 9.331 5.71-3.922 5.063-8.039 11.145-13.614 14.29zm18.084-149.66c7.585 3.77 21.757 10.149 26.512-.014 1.755-3.746 3.814-10.079 4.723-13.946 1.284-5.456-1.392-16.923-7-18.754-4.953-1.617-10.733-1.518-16.7-.32-.702.585-1.484 1.603-2.03 2.665-4.261.165-8.25-.229-11.615-1.98.319-3.15-1.812-3.656-3.81-4.305-1.48-5.872 2.963-13.541 1.9-18.896-.76-3.815-5.453-4.405-8.902-5.118-.113-2.12.15-3.89.386-5.683-.789-2.907-4.327-4.561-7.679-4.967-11.029-1.326-27.775-1.922-38.384 1.893-2.96 7.261-5.292 16.093-7.758 24.384-10.346-1.105-18.715 4.464-26.603 8.113-2.731 1.266-6.51 1.964-7.53 4.138-.99 2.105-.584 6.14-.83 9.95-.625 9.733-1.16 19.12-3.73 29.086-1.154 4.472-3.165 8.418-4.568 12.727C9.358 5.184 7.092 10.12 6.5 14.1c-.877 5.903 4.681 6.232 8.235 8.79 5.494 3.954 9.806 6.142 15.756 9.711 1.762 1.057 7.077 3.733 7.681 4.966 1.202 2.443-2.062 5.888-2.935 7.803-1.38 3.03-2.1 5.602-2.298 8.59-4.992.789-8.775 3.76-11.06 7.109-3.781 5.543-6.403 15.798-3.132 23.599.257.614 1.536 1.822 1.725 2.765.372 1.858-.7 4.329-.768 6.305-.343 10.14 1.716 18.875 8.541 21.932 2.771 11.038 12.688 14.71 22.032 20.195 3.493 2.05 7.343 3.36 11.32 4.824 14.263 5.25 36.15 4.261 47.987-4.692 5.02-3.797 13.044-11.813 15.914-17.617 7.58-15.323 7.042-40.931 1.74-59.571-.712-2.503-1.746-6.181-3.19-9.187-1.006-2.1-4.134-6.3-3.754-8.153.391-1.916 7.132-7.034 8.577-8.428 2.603-2.51 7.548-5.843 7.948-9.012.43-3.372-1.485-7.984-2.456-11.238-3.245-10.858-6.412-20.895-10.091-30.576'/><path fill='#f7e4cd' d='M73.674 57.38c.411.548 2.674 1.38 5.84-.144 0 0-3.752-.626-3.44-6.881l-1.564.313s-1.615 5.672-.836 6.712'/><path fill='#1d1919' d='M101.09 3.617a1.72 1.72 0 1 0-3.44.001 1.72 1.72 0 0 0 3.44-.001m1.72-7.972a1.72 1.72 0 1 0-3.44 0 1.72 1.72 0 0 0 3.44 0'/></g></g></svg>",
   "jest": "<svg viewBox='0 0 32 32'><path fill='#f4511e' d='m21.032 8-1.878 4L20 13.998h2L22.928 12z'/><path fill='#f4511e' d='m14 2 2 8h2l3.032-6L24 10h2l2-8zm14 18h-2a4.34 4.34 0 0 1-4-4h-2a4.17 4.17 0 0 1-4.23 3.87c-1.522 2.38-5.155 4.283-7.77 5.148A4.724 4.724 0 0 1 5 20H4c-4.718 7.978 3.064 13.219 10.955 7.895C18.85 24.497 29.658 27.487 28 20'/><circle cx='7' cy='15' r='3' fill='#f4511e'/><circle cx='27' cy='15' r='3' fill='#f4511e'/><circle cx='16' cy='16' r='2' fill='#f4511e'/></svg>",
   "jinja": "<svg viewBox='0 0 32 32'><path fill='#bdbdbd' d='M30 8V4a94.4 94.4 0 0 1-14 1A94.4 94.4 0 0 1 2 4v4s1.482.247 3.95.495L5.4 14H2v2h3.2L4 28h6V16h12v12h6l-1.2-12H30v-2h-3.4l-.55-5.505C28.517 8.247 30 8 30 8m-20 6V8.817c1.235.074 2.576.13 4 .16V14Zm12 0h-4V8.977a104 104 0 0 0 4-.16Z'/></svg>",
   "jinja_light": "<svg viewBox='0 0 32 32'><path fill='#616161' d='M30 8V4a94.4 94.4 0 0 1-14 1A94.4 94.4 0 0 1 2 4v4s1.482.247 3.95.495L5.4 14H2v2h3.2L4 28h6V16h12v12h6l-1.2-12H30v-2h-3.4l-.55-5.505C28.517 8.247 30 8 30 8m-20 6V8.817c1.235.074 2.576.13 4 .16V14Zm12 0h-4V8.977a104 104 0 0 0 4-.16Z'/></svg>",
@@ -726,37 +764,43 @@
   "json": "<svg viewBox='0 -960 960 960'><path fill='#f9a825' d='M560-160v-80h120q17 0 28.5-11.5T720-280v-80q0-38 22-69t58-44v-14q-36-13-58-44t-22-69v-80q0-17-11.5-28.5T680-720H560v-80h120q50 0 85 35t35 85v80q0 17 11.5 28.5T840-560h40v160h-40q-17 0-28.5 11.5T800-360v80q0 50-35 85t-85 35zm-280 0q-50 0-85-35t-35-85v-80q0-17-11.5-28.5T120-400H80v-160h40q17 0 28.5-11.5T160-600v-80q0-50 35-85t85-35h120v80H280q-17 0-28.5 11.5T240-680v80q0 38-22 69t-58 44v14q36 13 58 44t22 69v80q0 17 11.5 28.5T280-240h120v80z'/></svg>",
   "jsr": "<svg viewBox='0 0 16 16'><path fill='#fdd835' d='M2 7h1v2h1V5h1v5H2m4-5h4v1H7v1.5h3V11H6v-1h3V8.5H6M11 6h3v2.5h-1V7h-1v4h-1'/></svg>",
   "jsr_light": "<svg viewBox='0 0 16 16'><path fill='#37474f' d='M1 6h2V4h8v1h4v5h-2v2H5v-1H1'/><path fill='#fdd835' d='M2 7h1v2h1V5h1v5H2m4-5h4v1H7v1.5h3V11H6v-1h3V8.5H6M11 6h3v2.5h-1V7h-1v4h-1'/></svg>",
-  "julia": "<svg viewBox='0 0 50 50'><g transform='translate(.21 -247.01)'><circle cx='13.497' cy='281.63' r='9.555' fill='#C62828'/><circle cx='36.081' cy='281.63' r='9.555' fill='#7E57C2'/><circle cx='24.722' cy='262.39' r='9.555' fill='#388E3C'/></g></svg>",
+  "julia": "<svg viewBox='0 0 50 50'><g transform='translate(.21 -247.01)'><circle cx='13.497' cy='281.63' r='9.555' fill='#c62828'/><circle cx='36.081' cy='281.63' r='9.555' fill='#7e57c2'/><circle cx='24.722' cy='262.39' r='9.555' fill='#388e3c'/></g></svg>",
   "jupyter": "<svg viewBox='0 0 32 32'><path fill='#f57c00' d='M6.2 18a22.7 22.7 0 0 0 9.8 2 22.7 22.7 0 0 0 9.8-2 10.002 10.002 0 0 1-19.6 0m19.6-4a22.7 22.7 0 0 0-9.8-2 22.7 22.7 0 0 0-9.8 2 10.002 10.002 0 0 1 19.6 0'/><circle cx='27' cy='5' r='3' fill='#757575'/><circle cx='5' cy='27' r='3' fill='#9e9e9e'/><circle cx='5' cy='5' r='3' fill='#616161'/></svg>",
   "just": "<svg fill='none' viewBox='0 0 16 16'><path fill='#ef5350' d='M8 1a7 7 0 0 0-7 7 7 7 0 0 0 7 7 7 7 0 0 0 7-7 7 7 0 0 0-7-7m0 1a2 2 0 0 1 2 2 2 2 0 0 1-2 2 2 2 0 0 1-2-2 2 2 0 0 1 2-2m0 8a2 2 0 0 1 2 2 2 2 0 0 1-2 2 2 2 0 0 1-2-2 2 2 0 0 1 2-2'/></svg>",
-  "karma": "<svg viewBox='0 0 64 64'><path fill='#009688' d='m37.275 55.618-20.29-26.686 9.53-7.247 20.29 26.686h.003l5.527 7.247z'/><path fill='#4DB6AC' d='M34.4 8.378 23.638 22.533V8.403H11.665V22.22l7.84 33.234h4.132V42.308l.003.003 20.29-26.686-.008-.006 5.504-7.24H34.558v.12z'/></svg>",
+  "karma": "<svg viewBox='0 0 64 64'><path fill='#009688' d='m37.275 55.618-20.29-26.686 9.53-7.247 20.29 26.686h.003l5.527 7.247z'/><path fill='#4db6ac' d='M34.4 8.378 23.638 22.533V8.403H11.665V22.22l7.84 33.234h4.132V42.308l.003.003 20.29-26.686-.008-.006 5.504-7.24H34.558v.12z'/></svg>",
   "kcl": "<svg viewBox='0 0 24 24'><g stroke-width='.948'><path fill='#9ccc65' d='m2 3 5.087 1.007L9 12l-5-1Z'/><path fill='#e91e63' d='m3.957 11.996 5.087 1.007 1.912 7.993-5-1z'/><path fill='#26c6da' d='m10 13 5-2 7 5-5 2z'/><path fill='#ffcc80' d='m10 12 7-3 1-5-7 3z'/></g></svg>",
   "key": "<svg viewBox='0 0 32 32'><path fill='#26a69a' d='M30 14H17.738a8 8 0 1 0 0 4H24v4h4v-4h2Zm-20 5a3 3 0 1 1 3-3 3.003 3.003 0 0 1-3 3'/></svg>",
   "keystatic": "<svg viewBox='0 0 32 32'><defs><linearGradient id='a' x1='385.222' x2='405.918' y1='482.514' y2='477.914' gradientTransform='matrix(.75 0 0 .75 -284.775 -343.25)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#78909c' stop-opacity='.2'/><stop offset='1' stop-color='#78909c'/></linearGradient></defs><path fill='#78909c' d='m17.714 9-3.428 14-1.715 7L28 14ZM4 18 19.429 2l-1.715 7Z'/><path fill='url(#a)' d='M17.714 9 4 18l10.286 5Z'/></svg>",
   "kivy": "<svg viewBox='0 0 24 24'><path fill='#90a4ae' d='M1.123 4.881v8.456l3.643-3.643a.825.825 0 0 0 0-1.17zm4.45 14.066v-8.456L1.93 14.134a.825.825 0 0 0 0 1.17zM22.952 8.25 12.848 9.316l-.033.034 4.518 4.518zM6.595 4.64s.044 6.245-.006 8.414c-.037 1.619.703 2.106 1.41 2.848 1.018 1.067 3.022 2.968 3.022 2.968.396.39 1.025.393 1.418 0l3.485-3.485a1 1 0 0 0 0-1.417z'/></svg>",
   "kl": "<svg viewBox='0 0 24 24'><path fill='#29b6f6' d='M12 1.703c-.25-.002-.5.11-.729.338a5356 5356 0 0 0-9.226 9.235c-.144.144-.229.347-.341.522v.41c.16.223.294.474.485.666a3260 3260 0 0 0 8.936 8.937c.193.192.443.325.666.486h.41c.205-.142.436-.256.609-.429q4.569-4.56 9.133-9.126c.47-.47.472-1.005.006-1.472L12.73 2.052c-.23-.23-.48-.346-.731-.349zM10.938 6.25l1.386.832q1.052.635 2.109 1.262l.04.026.016.013.017.013c.061.056.089.122.088.224a510 510 0 0 0 0 3.793.5.5 0 0 1-.007.094c-.015.07-.054.104-.142.11l-.044.001-.136-.003c-.323-.005-.648 0-.998 0v-2.543l.004-.668c0-.146-.039-.23-.17-.307-.893-.528-1.78-1.067-2.67-1.6-.051-.03-.101-.065-.173-.112l.001-.002-.001-.001zm.362 3.39c.068-.003.119.042.173.138q.128.22.264.439l.015.025q.145.231.292.47l-1.915 1.176c-.337.208-.673.418-1.014.618-.113.066-.154.143-.154.277.01.977.01 1.954.014 2.932v.253H7.664c-.004-.054-.014-.112-.014-.17-.005-1.25-.006-2.502-.015-3.752 0-.14.045-.22.164-.293a467 467 0 0 0 3.353-2.055l.016-.009.032-.018.016-.007.033-.013.012-.004.028-.005.01-.002zm5.677 3.125.314.54.346.595v.001c-.158.094-.298.177-.438.258l-3.097 1.798c-.106.062-.189.072-.3.01l-.893-.495-1.524-.843-.895-.493c-.035-.02-.068-.044-.129-.085h.001v-.001l.137-.25.495-.902 1.446.795c.442.244.886.484 1.323.735.121.069.212.071.334 0 .894-.526 1.792-1.044 2.689-1.563.057-.034.118-.062.191-.1'/></svg>",
-  "knip": "<svg viewBox='0 0 24 24'><path fill='#EF6C00' d='m18.957 2.998-5.985 5.984 1.995 1.995 6.983-6.982v-.998m-9.975 9.477a.5.5 0 1 1 0-.998.5.5 0 0 1 0 .998M5.99 19.955a1.995 1.995 0 1 1 0-3.99 1.995 1.995 0 0 1 0 3.99m0-11.97a1.995 1.995 0 1 1 0-3.99 1.995 1.995 0 0 1 0 3.99m3.63-.36a3.9 3.9 0 0 0 .36-1.635 3.99 3.99 0 1 0-3.99 3.99c.589 0 1.137-.13 1.636-.36l2.354 2.355-2.354 2.354a3.9 3.9 0 0 0-1.636-.359 3.99 3.99 0 1 0 3.99 3.99c0-.588-.13-1.137-.36-1.636l2.355-2.354 6.982 6.982h2.993v-.997z'/></svg>",
-  "kotlin": "<svg viewBox='0 0 24 24'><defs><linearGradient id='a' x1='1.725' x2='22.185' y1='22.67' y2='1.982' gradientTransform='translate(1.306 1.129)scale(.89324)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7C4DFF'/><stop offset='.5' stop-color='#D500F9'/><stop offset='1' stop-color='#EF5350'/></linearGradient></defs><path fill='url(#a)' d='M2.975 2.976v18.048h18.05v-.03l-4.478-4.511-4.48-4.515 4.48-4.515 4.443-4.477z'/></svg>",
+  "knip": "<svg viewBox='0 0 24 24'><path fill='#ef6c00' d='m18.957 2.998-5.985 5.984 1.995 1.995 6.983-6.982v-.998m-9.975 9.477a.5.5 0 1 1 0-.998.5.5 0 0 1 0 .998M5.99 19.955a1.995 1.995 0 1 1 0-3.99 1.995 1.995 0 0 1 0 3.99m0-11.97a1.995 1.995 0 1 1 0-3.99 1.995 1.995 0 0 1 0 3.99m3.63-.36a3.9 3.9 0 0 0 .36-1.635 3.99 3.99 0 1 0-3.99 3.99c.589 0 1.137-.13 1.636-.36l2.354 2.355-2.354 2.354a3.9 3.9 0 0 0-1.636-.359 3.99 3.99 0 1 0 3.99 3.99c0-.588-.13-1.137-.36-1.636l2.355-2.354 6.982 6.982h2.993v-.997z'/></svg>",
+  "kotlin": "<svg viewBox='0 0 24 24'><defs><linearGradient id='a' x1='1.725' x2='22.185' y1='22.67' y2='1.982' gradientTransform='translate(1.306 1.129)scale(.89324)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#7c4dff'/><stop offset='.5' stop-color='#d500f9'/><stop offset='1' stop-color='#ef5350'/></linearGradient></defs><path fill='url(#a)' d='M2.975 2.976v18.048h18.05v-.03l-4.478-4.511-4.48-4.515 4.48-4.515 4.443-4.477z'/></svg>",
   "kubernetes": "<svg viewBox='0 0 24 24'><path fill='#448aff' d='M12.074 1.424a.638.638 0 0 0-.686.691v.173c.015.2.044.402.087.588.058.358.085.73.07 1.102a.65.65 0 0 1-.201.33l-.014.258a7 7 0 0 0-1.117.17 7.9 7.9 0 0 0-4.012 2.292l-.213-.157a.56.56 0 0 1-.374-.042 6 6 0 0 1-.829-.747c-.129-.143-.26-.299-.403-.428l-.128-.1a.8.8 0 0 0-.431-.171c-.2 0-.372.07-.501.212-.2.301-.127.675.16.904l.013.014c.03.029.087.072.115.1q.258.172.515.3c.33.186.631.403.918.647a.63.63 0 0 1 .114.358l.2.17a7.82 7.82 0 0 0-1.232 5.546l-.271.07a.84.84 0 0 1-.275.274c-.358.086-.73.17-1.102.17-.186 0-.387 0-.588.057l-.156.03h-.014v.015c-.043 0-.086.014-.115.014a.62.62 0 0 0-.4.789.625.625 0 0 0 .772.386 1 1 0 0 0 .188-.045c.186-.057.37-.127.528-.213a7.4 7.4 0 0 1 1.103-.316c.114 0 .244.057.33.129l.285-.042a8.04 8.04 0 0 0 3.54 4.426l-.1.258a.8.8 0 0 1 .044.358c-.143.344-.33.687-.56.987-.114.172-.215.33-.344.501 0 .043.001.117-.056.16-.014.043-.044.072-.059.114a.615.615 0 0 0 .372.787.62.62 0 0 0 .79-.372c.028-.043.055-.143.083-.143.072-.2.131-.387.174-.574a5.4 5.4 0 0 1 .473-1.102.5.5 0 0 1 .271-.129l.143-.257c1.82.702 3.84.701 5.688.014l.115.23a.53.53 0 0 1 .3.198c.186.33.301.674.43 1.032.043.187.102.373.174.588.028 0 .055.086.084.129.014.043.03.071.044.114a.61.61 0 0 0 .845.216.614.614 0 0 0 .213-.845c-.014-.057-.056-.13-.056-.174-.115-.157-.23-.329-.344-.486-.215-.316-.371-.63-.543-.974a.48.48 0 0 1 .042-.372 1.2 1.2 0 0 1-.1-.244c1.661-1.002 2.951-2.577 3.539-4.454.086.014.17.028.271.042.086-.115.201-.115.33-.115.387.057.73.16 1.103.302q.235.128.514.213c.058.014.116.03.202.03v.015c0 .014.058.013.1.028.344.043.617-.202.689-.532a.617.617 0 0 0-.532-.7c-.057-.014-.127-.03-.17-.072h-.588a7 7 0 0 1-1.102-.202.6.6 0 0 1-.274-.257l-.272-.07a7.8 7.8 0 0 0-1.262-5.531l.23-.2a.44.44 0 0 1 .114-.343c.273-.244.589-.46.918-.647a3.6 3.6 0 0 0 .5-.3 1 1 0 0 0 .13-.1c.043-.028.086-.058.086-.087.258-.243.273-.63 0-.859-.214-.257-.601-.257-.845 0-.043 0-.1.059-.142.087a11 11 0 0 0-.403.428c-.244.272-.53.532-.831.747a.55.55 0 0 1-.372.042l-.23.171a7.98 7.98 0 0 0-5.098-2.462l-.014-.274a.5.5 0 0 1-.201-.314 5.6 5.6 0 0 1 .07-1.102 4 4 0 0 0 .087-.588v-.316a.62.62 0 0 0-.546-.548m-.842 4.773-.174 3.223h-.014a.56.56 0 0 1-.114.302.543.543 0 0 1-.745.13h-.014L7.536 7.973a6.23 6.23 0 0 1 3.035-1.662c.23-.043.446-.086.66-.115zm1.544 0a6.38 6.38 0 0 1 3.682 1.777L13.837 9.85h-.014a.66.66 0 0 1-.3.073.535.535 0 0 1-.56-.518zm-6.2 2.938 2.406 2.19v.015c.086.071.157.16.157.274a.523.523 0 0 1-.372.657v.014l-3.095.89a6.4 6.4 0 0 1 .904-4.04m10.842.042c.73 1.189 1.032 2.595.932 3.984l-3.109-.89-.014-.014a.5.5 0 0 1-.257-.17.53.53 0 0 1 .056-.761l-.014-.042zm-5.915 2.322h.988l.615.758-.215.96-.887.431-.887-.43-.23-.96zm-2.308 2.65h.115c.243 0 .46.17.545.414 0 .1.001.23-.056.302v.042l-1.22 2.966a6.33 6.33 0 0 1-2.563-3.195zm5.274 0h.344l3.193.515a6.34 6.34 0 0 1-2.563 3.223l-1.234-3.022c-.115-.258.002-.558.26-.716m-2.521 1.298a.55.55 0 0 1 .529.277h.014l1.561 2.823a5 5 0 0 1-.615.171 6.4 6.4 0 0 1-3.481-.17l1.561-2.824h.014c.043-.1.115-.144.216-.215a.5.5 0 0 1 .201-.062'/></svg>",
-  "kusto": "<svg viewBox='0 0 318 315'><path fill='#1e88e5' d='M39.778 280.589c-4.91-2.139-4.99-2.852-4.99-34.058v-28.118H97.36v63.364H69.876c-21.702-.08-28.118-.317-30.098-1.188m69.462-30.494v-31.682h62.573v63.364H109.24zm-.791-89.027c0-51.72.158-54.414 4.435-67.958 4.119-13.068 11.802-25.424 21.94-35.246 16.079-15.603 35.009-23.682 57.582-24.553 16.633-.634 29.702 2.217 43.959 9.504 52.117 26.93 62.968 98.531 21.306 140.272-14.653 14.653-33.187 23.128-54.572 25.03-4.753.395-28.039.791-51.642.791H108.45zm61.78-15.92v-35.246H140.13v70.492h30.098zm40.394 10.297v-24.95h-30.098v49.9h30.098zm40.395-20.198V90.102H220.92v90.293h30.098zm-216.23 40.791V143.96H97.36v64.156H34.788z'/></svg>",
+  "kusto": "<svg viewBox='0 0 16 16'><path fill='#1e88e5' d='M10 1C7.23 1 5 3.23 5 6v5h5c2.77 0 5-2.23 5-5s-2.23-5-5-5m1.5 3H13v5h-1.5zm-5 1H8v4H6.5zM9 6h1.5v3H9zM1 8v3h3V8zm0 4v2.498a.5.5 0 0 0 .502.502H4v-3zm4 0v3h3v-3z'/></svg>",
   "label": "<svg viewBox='0 0 16 16'><path fill='#ffb300' d='m14.709 8.558-7.27-7.247a1 1 0 0 0-.893-.297l-4 .731c-.399.074-.714.38-.8.777l-.732 4.024c-.055.328.057.662.297.892l7.247 7.27c.393.39 1.025.39 1.417 0l4.734-4.733a1.006 1.006 0 0 0 0-1.417m-8.981-2.8c-1.434 1.554-3.65-.764-2.117-2.214 1.411-1.378 3.467.704 2.15 2.178z'/></svg>",
   "laravel": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M31.963 9.12c-.008-.03-.023-.056-.034-.085a1 1 0 0 0-.07-.156 2 2 0 0 0-.162-.205 1 1 0 0 0-.088-.072 1 1 0 0 0-.083-.068l-.044-.02-.035-.024-6-3a1 1 0 0 0-.894 0l-6 3-.035.024-.044.02a1 1 0 0 0-.083.068.7.7 0 0 0-.187.191 1 1 0 0 0-.064.086 1 1 0 0 0-.069.156c-.01.029-.026.055-.034.085a1 1 0 0 0-.037.265v5.382l-4 2V5.385a1 1 0 0 0-.037-.265c-.008-.03-.023-.056-.034-.085a1 1 0 0 0-.07-.156 1 1 0 0 0-.063-.086.7.7 0 0 0-.187-.191 1 1 0 0 0-.083-.068l-.044-.02-.035-.024-6-3a1 1 0 0 0-.894 0l-6 3-.035.024-.044.02a1 1 0 0 0-.083.068 1 1 0 0 0-.088.072 1 1 0 0 0-.1.119 1 1 0 0 0-.063.086 1 1 0 0 0-.069.156c-.01.029-.026.055-.034.085A1 1 0 0 0 0 5.385v19a1 1 0 0 0 .553.894l6 3 6 3c.014.007.03.005.046.011a.9.9 0 0 0 .802 0c.015-.006.032-.004.046-.01l12-6a1 1 0 0 0 .553-.895v-5.382l5.447-2.724a1 1 0 0 0 .553-.894v-6a1 1 0 0 0-.037-.265M9.236 21.385l4.211-2.106h.001L19 16.503l3.764 1.882L13 23.267ZM24 13.003v3.764l-4-2v-3.764Zm1-5.5 3.764 1.882L25 11.267l-3.764-1.882ZM8 19.767V9.003l4-2v10.764ZM7 3.503l3.764 1.882L7 7.267 3.236 5.385Zm-5 3.5 4 2v16.764l-4-2Zm6 16 4 2v3.764l-4-2Zm16 .764-10 5v-3.764l10-5Zm6-9-4 2v-3.764l4-2Z'/></svg>",
+  "latex-class.clone": "<svg viewBox='0 0 1024 1024'><path fill='#e040fb' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
+  "latex-package.clone": "<svg viewBox='0 0 1024 1024'><path fill='#b388ff' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
+  "latex.clone": "<svg viewBox='0 0 1024 1024'><path fill='#00bfa5' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
+  "latexmk": "<svg viewBox='0 0 1024 1024'><path fill='#00bfa5' d='M1024 128q-384 0-576 384L256 896l64-64 64-96c64 0 192-64 224-160-64 16-96-32-96-64 224 0 272-96 352-224 37.924-60.678 80-128 160-160M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128z'/></svg>",
+  "lbx": "<svg viewBox='0 0 1024 1024'><path fill='#2e7d32' d='M128 704v128c0 70.692 57.308 128 128 128h608c17.728 0 32-14.272 32-32V704z'/><path fill='#ffe082' d='M704 704v192h128V704z'/><path fill='#fff8e1' d='M192 704v96c0 53.184 42.816 96 96 96h544a96 96 0 0 1-96-96 96 96 0 0 1 96-96z'/><path fill='#ff1744' d='M320 832h192v192l-96-96-96 96z'/><path fill='#4caf50' d='M256 64c-70.692 0-128 57.308-128 128v640c0 11.088 1.557 21.787 4.207 32.047C146.767 807.565 197.672 768.07 256 768h608c17.728 0 32-14.272 32-32V96c0-17.728-14.272-32-32-32z'/><path fill='#e8f5e9' d='M448 128v64H256v64h256c0 33.778-26.676 86.11-73.947 144.959-7.257 9.034-15.068 18.276-23.123 27.611-4.479-5.242-8.838-10.461-13.002-15.634C370.55 373.95 352 336 352 320h-64c0 48 29.45 90.049 64.072 133.064 6.302 7.83 12.933 15.627 19.68 23.39-35.13 37.553-74.249 76.79-114.379 116.919l45.254 45.254c38.924-38.924 77.278-77.307 112.568-114.883 17.182 17.87 34.328 35.033 50.178 50.883l45.254-45.254c-16.799-16.799-34.744-34.801-52.309-53.17 10.301-11.813 20.31-23.56 29.63-35.162C538.675 377.889 576 318.222 576 256h128v-64H512v-64zm192 192L512 704h64l21.334-64h149.332L768 704h64L704 320zm32 96 53.334 160H618.666z'/></svg>",
   "lefthook": "<svg viewBox='0 0 32 32'><path fill='#f44336' d='M6 16v6H2zm5.106-6.537-3.317 1.775a2.22 2.22 0 0 0-.895 2.873l.333.71L14 11.571v-.193a2.006 2.006 0 0 0-2.894-1.915m18.82 7.545a2 2 0 0 0-.393-.744l-7.89-8.883a2.76 2.76 0 0 0-3.138-.384L16 8v4.559a3.97 3.97 0 0 1-1.566 3.18L16 20l8.457 2.204 4.624-2.979a2 2 0 0 0 .845-2.217'/><path fill='#b71c1c' fill-rule='evenodd' d='m2 22 4-2 4 2-4 2zm12.434-6.262a6 6 0 0 1-1.194.695l-2.544 1.136A6.55 6.55 0 0 1 8 18v.764l9.71 4.855a4.05 4.05 0 0 0 2.343.366 7.8 7.8 0 0 0 2.667-.82 24 24 0 0 0 1.737-.96zm-6.97-1.635 5.829-2.937a.5.5 0 0 1 .712.475c.007.417-.005.871-.005 1.153a2.1 2.1 0 0 1-1.367 2.03l-2.987 1.067c-1.629.581-3.103-1.324-2.182-1.788'/></svg>",
   "lerna": "<svg viewBox='0 0 24 24'><path fill='#448aff' d='M7.57 8.21c-.41.08-.99.06-1.26.06-.4 0-1.27-.48-1.75-.98-.25-.26-.71-.82-1.01-1.25-.31-.43-.62-.78-.71-.78-.17 0-.28.6-.29 1.6 0 .12-.01.22-.01.31l.01.03-.14 8.47c.27.07.54.13.82.19.58.12 1.06.22 1.08.23.01.02-.19.34-.45.71-.95 1.35-1.14 2-.6 2 .17 0 .53-.07.82-.17.33-.1.93-.16 1.58-.16 1.34 0 2.68.33 4.37 1.08 1.61.71 2.14.88 4 1.25.85.18 1.59.37 1.64.41.05.05-.07.22-.28.38s-.38.33-.38.37.22.04.51-.01c.27-.04.89-.14 1.36-.19 1.43-.18 2.45-.82 2.47-1.56.04-.94-.25-3.03-.43-3.14-.02-.01-.38.11-.46.24-.07.13-.16.33-.25.56-.18.46-.15.56-1.57.66-1.03.05-2.02-.19-2.82-.65-.67-.39-1.66-.74-2.18-1.54-.42-.65-.86-1.72-.78-1.87.03-.04.17-.03.32.02.39.15.96.38 2.73.15 1.54-.2 3-.04 3.39.16s.92.47.94.99c.01.52.33.63.36.63.17-.03.59-1.42.83-1.83.2-.32.31-.5 1.1-1.04.62-.43 1.13-.83 1.11-.9-.01-.06-.36-.47-.77-.92-.65-.7-.83-.82-1.42-1.02-2.05-.67-4.23-2.12-5.36-3.54-1.25-1.58-1.6-1.94-2.5-2.53-1.01-.67-2.32-1.24-3.3-1.43-1-.19-.72.13-.29.8 1.53 1.75 1.49 1.81 1.49 2.97-.16.9-1 1.03-1.92 1.24m3.17 1.03c.17 0 .58.11 1.29.35 1.74.58 1.84.85 2.41 1.85.13.22.22.41.21.42s-.17.05-.35.09c-.45.09-1.16.09-1.58 0-.76-.16-.72-.19-1.11-.57-.16-.16-.35-.42-.41-.56-.04-.1-.03-.12.19-.3.05-.04.1-.11.1-.15 0-.07-.22-.37-.34-.47-.13-.11-.49-.54-.49-.59 0-.03.03-.05.1-.05z'/></svg>",
   "less": "<svg viewBox='0 0 24 24'><path fill='#0277bd' d='M8 3a2 2 0 0 0-2 2v4a2 2 0 0 1-2 2H3v2h1a2 2 0 0 1 2 2v4a2 2 0 0 0 2 2h2v-2H8v-5a2 2 0 0 0-2-2 2 2 0 0 0 2-2V5h2V3m6 0a2 2 0 0 1 2 2v4a2 2 0 0 0 2 2h1v2h-1a2 2 0 0 0-2 2v4a2 2 0 0 1-2 2h-2v-2h2v-5a2 2 0 0 1 2-2 2 2 0 0 1-2-2V5h-2V3z'/></svg>",
-  "liara": "<svg viewBox='0 0 16 16'><defs><linearGradient id='a' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15939 0 0 .16254 -.134 -.857)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69F0AE'/><stop offset='1' stop-color='#4FC3F7'/></linearGradient><linearGradient id='b' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15939 0 0 .16253 .195 -.856)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69F0AE'/><stop offset='1' stop-color='#4FC3F7'/></linearGradient><linearGradient id='c' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15784 0 0 .16493 .15 -.355)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69F0AE'/><stop offset='1' stop-color='#4FC3F7'/></linearGradient></defs><path fill='url(#a)' d='M8.5 8.811c0-.53.368-1.174.82-1.44l3.86-2.257c.452-.265.82-.052.82.479v4.596c0 .527-.368 1.17-.82 1.436l-3.86 2.261c-.452.265-.82.051-.82-.479zm0 0'/><path fill='url(#b)' d='M2 5.593c0-.53.368-.745.82-.479l3.86 2.258c.452.264.82.909.82 1.44v4.595c0 .53-.368.744-.82.48l-3.86-2.262c-.452-.264-.82-.909-.82-1.44zm0 0'/><path fill='url(#c)' d='M3.336 4.467c-.448-.27-.448-.706 0-.972l3.821-2.293c.447-.27 1.173-.27 1.62 0l3.888 2.332c.447.268.447.702 0 .971L8.843 6.799c-.447.268-1.173.268-1.624 0zm0 0'/></svg>",
+  "liara": "<svg viewBox='0 0 16 16'><defs><linearGradient id='a' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15939 0 0 .16254 -.134 -.857)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69f0ae'/><stop offset='1' stop-color='#4fc3f7'/></linearGradient><linearGradient id='b' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15939 0 0 .16253 .195 -.856)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69f0ae'/><stop offset='1' stop-color='#4fc3f7'/></linearGradient><linearGradient id='c' x1='11.328' x2='90.301' y1='8.203' y2='10.761' gradientTransform='matrix(.15784 0 0 .16493 .15 -.355)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#69f0ae'/><stop offset='1' stop-color='#4fc3f7'/></linearGradient></defs><path fill='url(#a)' d='M8.5 8.811c0-.53.368-1.174.82-1.44l3.86-2.257c.452-.265.82-.052.82.479v4.596c0 .527-.368 1.17-.82 1.436l-3.86 2.261c-.452.265-.82.051-.82-.479zm0 0'/><path fill='url(#b)' d='M2 5.593c0-.53.368-.745.82-.479l3.86 2.258c.452.264.82.909.82 1.44v4.595c0 .53-.368.744-.82.48l-3.86-2.262c-.452-.264-.82-.909-.82-1.44zm0 0'/><path fill='url(#c)' d='M3.336 4.467c-.448-.27-.448-.706 0-.972l3.821-2.293c.447-.27 1.173-.27 1.62 0l3.888 2.332c.447.268.447.702 0 .971L8.843 6.799c-.447.268-1.173.268-1.624 0zm0 0'/></svg>",
   "lib": "<svg fill='none' viewBox='0 0 24 24'><path d='M0 0h24v24H0z'/><path fill='#8bc34a' d='M4 6H2v14c0 1.1.9 2 2 2h14v-2H4zm16-4H8c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2m0 14H8V4h12zM10 9h8v2h-8zm0 3h4v2h-4zm0-6h8v2h-8z'/></svg>",
-  "lighthouse": "<svg viewBox='0 0 24 24'><path fill='#F4511E' d='M8.852 10.182V8.364h.851V4.727h-.851v-.909L12.258 2l3.407 1.818v.91h-.852v3.636h.852v1.818h-1.073L9.226 13.49l.477-3.31h-.851zm4.258-1.818V4.727h-1.703v3.637zM8 22l.034-.218L15.792 17l.443 3.073L13.11 22zm.894-6.21L15.077 12l.443 3.064-7.154 4.409z'/></svg>",
+  "lighthouse": "<svg viewBox='0 0 24 24'><path fill='#f4511e' d='M8.852 10.182V8.364h.851V4.727h-.851v-.909L12.258 2l3.407 1.818v.91h-.852v3.636h.852v1.818h-1.073L9.226 13.49l.477-3.31h-.851zm4.258-1.818V4.727h-1.703v3.637zM8 22l.034-.218L15.792 17l.443 3.073L13.11 22zm.894-6.21L15.077 12l.443 3.064-7.154 4.409z'/></svg>",
   "lilypond": "<svg viewBox='0 0 32 32'><path fill='#66bb6a' d='M10 8v11.023A4.986 4.986 0 1 0 11.9 24h.1V11.6l16-3.2v8.623A4.986 4.986 0 1 0 29.9 22h.1V4Z'/></svg>",
   "liquid": "<svg viewBox='0 0 24 24'><path fill='#29b6f6' d='M12 21.669a6.927 6.927 0 0 1-6.927-6.927C5.073 10.124 12 2.33 12 2.33s6.927 7.793 6.927 12.41A6.927 6.927 0 0 1 12 21.67z'/></svg>",
   "lisp": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M16 2a14 14 0 1 0 14 14A14.003 14.003 0 0 0 16 2m8.93 20.43a11 11 0 0 1-7.19 4.43 6.094 6.094 0 0 1-4.79-5.9v-.05a5 5 0 0 1 .04-.66 7.95 7.95 0 0 1 2.3-4.95 5.99 5.99 0 0 0-2.23-9.9 11.004 11.004 0 0 1 11.87 17.03'/></svg>",
-  "livescript": "<svg viewBox='0 0 32 32'><path fill='#0277BD' d='M4 2h4v28H4z'/><path fill='#0277BD' d='M2 24h28v4H2zm8-20h2v18h-2zm2 16h16v2H12zm2-4h14v2H14zm0-12h2v12h-2zm4 8h10v2H18zm0-8h2v8h-2zm4 4h6v2h-6zm0-4h2v4h-2z'/><path fill='#0277BD' d='M6 24.586 23.271 7.315l1.414 1.414L7.415 26z'/></svg>",
+  "livescript": "<svg viewBox='0 0 32 32'><path fill='#0277bd' d='M4 2h4v28H4z'/><path fill='#0277bd' d='M2 24h28v4H2zm8-20h2v18h-2zm2 16h16v2H12zm2-4h14v2H14zm0-12h2v12h-2zm4 8h10v2H18zm0-8h2v8h-2zm4 4h6v2h-6zm0-4h2v4h-2z'/><path fill='#0277bd' d='M6 24.586 23.271 7.315l1.414 1.414L7.415 26z'/></svg>",
   "lock": "<svg viewBox='0 0 32 32'><path fill='#ffd54f' d='M25 12h-3V8a6 6 0 0 0-12 0v4H7a1 1 0 0 0-1 1v16a1 1 0 0 0 1 1h18a1 1 0 0 0 1-1V13a1 1 0 0 0-1-1M14 8a2 2 0 0 1 4 0v4h-4Zm2 17a4 4 0 1 1 4-4 4 4 0 0 1-4 4'/></svg>",
   "log": "<svg fill='none' viewBox='0 0 24 24'><path d='M0 0h24v24H0z'/><path fill='#afb42b' d='M19 5v9h-5v5H5V5zm0-2H5c-1.1 0-2 .9-2 2v14c0 1.1.9 2 2 2h10l6-6V5c0-1.1-.9-2-2-2m-7 11H7v-2h5zm5-4H7V8h10z'/></svg>",
   "lolcode": "<svg viewBox='0 0 24 24'><path fill='#ef5350' d='m12 7.687-1.35.091c-.872-1.035-3.318-3.643-5.754-3.643 0 0-1.999 3.004-.04 7.013-.559.842-.904 1.278-.975 2.283l-1.958.294.213.995 1.786-.264.142.72-1.593.954.477.904 1.471-.904c1.167 2.477 4.12 3.735 7.581 3.735 3.46 0 6.414-1.258 7.58-3.735l1.472.904.477-.904-1.593-.953.142-.721 1.786.264.213-.995-1.958-.294c-.071-1.005-.416-1.441-.975-2.283 1.959-4.009-.04-7.013-.04-7.013-2.436 0-4.881 2.608-5.754 3.643zm-3.044 3.044a1.015 1.015 0 0 1 1.014 1.015 1.015 1.015 0 0 1-1.014 1.015 1.015 1.015 0 0 1-1.015-1.015 1.015 1.015 0 0 1 1.015-1.015m6.089 0a1.015 1.015 0 0 1 1.014 1.015 1.015 1.015 0 0 1-1.014 1.015 1.015 1.015 0 0 1-1.015-1.015 1.015 1.015 0 0 1 1.015-1.015m-4.06 3.045h2.03l-.71 1.41c.203.65.77 1.127 1.471 1.127a1.52 1.52 0 0 0 1.522-1.522h.508a2.03 2.03 0 0 1-2.03 2.03c-.761 0-1.42-.416-1.776-1.015a2.07 2.07 0 0 1-1.776 1.015 2.03 2.03 0 0 1-2.03-2.03h.508a1.52 1.52 0 0 0 1.522 1.522c.7 0 1.268-.477 1.471-1.126z'/></svg>",
   "lottie": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='M2 4v24a2 2 0 0 0 2 2h24a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2H4a2 2 0 0 0-2 2m20.237 8.11c-2.974.426-3.518 2.058-4.34 4.523-.92 2.764-2.145 6.436-7.635 7.217a1.996 1.996 0 1 1-.499-3.96c2.974-.426 3.518-2.058 4.34-4.523.92-2.764 2.145-6.436 7.635-7.217a1.996 1.996 0 1 1 .499 3.96'/></svg>",
+  "ltx.clone": "<svg viewBox='0 0 1024 1024'><path fill='#00bfa5' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
   "lua": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M30 6a3.86 3.86 0 0 1-1.167 2.833 4.024 4.024 0 0 1-5.666 0A3.86 3.86 0 0 1 22 6a3.86 3.86 0 0 1 1.167-2.833 4.024 4.024 0 0 1 5.666 0A3.86 3.86 0 0 1 30 6m-9.208 5.208A10.6 10.6 0 0 0 13 8a10.6 10.6 0 0 0-7.792 3.208A10.6 10.6 0 0 0 2 19a10.6 10.6 0 0 0 3.208 7.792A10.6 10.6 0 0 0 13 30a10.6 10.6 0 0 0 7.792-3.208A10.6 10.6 0 0 0 24 19a10.6 10.6 0 0 0-3.208-7.792m-1.959 7.625a4.024 4.024 0 0 1-5.666 0 4.024 4.024 0 0 1 0-5.666 4.024 4.024 0 0 1 5.666 0 4.024 4.024 0 0 1 0 5.666'/></svg>",
-  "luau": "<svg fill='none' viewBox='0 0 24 24'><path fill='#03A9F4' d='M22.495 6.331 6.33 2 2 18.164l16.164 4.33z'/><path fill='#FAFAFA' d='M19.933 7.81 16.7 6.944l-.866 3.233 3.233.866z'/></svg>",
+  "luau": "<svg fill='none' viewBox='0 0 24 24'><path fill='#03a9f4' d='M22.495 6.331 6.33 2 2 18.164l16.164 4.33z'/><path fill='#fafafa' d='M19.933 7.81 16.7 6.944l-.866 3.233 3.233.866z'/></svg>",
   "lyric": "<svg viewBox='0 0 32 32'><path fill='#50c5ef' d='M26 7.7c0-.1-.1-.2-.2-.3l-5.2-5.2c-.1-.1-.3-.2-.4-.2h-.1q-.15 0 0 0H7.7c-1 .1-1.7.8-1.7 1.8v24.5c0 1 .8 1.7 1.7 1.7h16.6c1 0 1.7-.8 1.7-1.7zq0 .15 0 0M22 12h-4v8c0 2.2-1.8 4-4 4s-4-1.8-4-4 1.8-4 4-4c.7 0 1.4.2 2 .6V8h6z'/></svg>",
   "makefile": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='m29.5 24.02-1.6-.92a4.4 4.4 0 0 0 .09-.9A1.3 1.3 0 0 0 28 22a5.6 5.6 0 0 0-.1-1.1l1.6-.92a.493.493 0 0 0 .18-.68l-1.5-2.6a.45.45 0 0 0-.18-.18V6.01a2.006 2.006 0 0 0-2-2H4a2.006 2.006 0 0 0-2 2V22a2.006 2.006 0 0 0 2 2h10.53l-.03.02a.493.493 0 0 0-.18.68l1.5 2.6a.493.493 0 0 0 .68.18l1.6-.92a5.9 5.9 0 0 0 1.9 1.09v1.85a.495.495 0 0 0 .5.5h3a.495.495 0 0 0 .5-.5v-1.85a5.9 5.9 0 0 0 1.9-1.09l1.6.92a.493.493 0 0 0 .68-.18l1.5-2.6a.493.493 0 0 0-.18-.68M24 22.01a1.99 1.99 0 0 1-.88 1.65l-.18.11a2.04 2.04 0 0 1-1.88 0l-.18-.11a1.99 1.99 0 0 1-.88-1.65V22a2 2 0 0 1 .88-1.66l.18-.11a2.04 2.04 0 0 1 1.88 0l.18.11A2 2 0 0 1 24 22Zm2-4.63-.1.06a5.9 5.9 0 0 0-1.9-1.09V14.5a.495.495 0 0 0-.5-.5h-3a.495.495 0 0 0-.5.5v1.85a5.9 5.9 0 0 0-1.9 1.09l-1.6-.92a.493.493 0 0 0-.68.18l-1.5 2.6a.493.493 0 0 0 .18.68l1.6.92A5.6 5.6 0 0 0 16 22v.01L4 22V10.01h22Z'/></svg>",
   "markdoc-config": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M15 2H6a2.006 2.006 0 0 0-2 2v22a2.006 2.006 0 0 0 2 2h6v-4H6v-2h6v-2H6v-2h6v-2H6v-2h6v-2h2V4l8 8h2v-1Z'/><path fill='#ffb300' d='M12 12v18h18V12Zm10 14h-2v-6l-2 2-2-2v6h-2V16h2l2 2 2-2h2Zm6 2h-4V14h4Z'/></svg>",
@@ -776,7 +820,7 @@
   "minecraft-fabric": "<svg fill-rule='evenodd' stroke-linejoin='round' stroke-miterlimit='1.414' clip-rule='evenodd' viewBox='0 0 16 16'><path fill='#38342a' d='M8 1v1H7v2H6v1H5v1H4v1H3v1H2v1H1v2h1v1h1v1h1v1h1v1h2v-1h1v-2h1v-1h1v-1h1V9h2V8h1V6h-1V5h-1V4h-1V3h-1V2H9V1z'/><path fill='#dbd0b4' d='M8 2v1h1v1h1v1h1v1h1V5h-1V4h-1V3H9V2zM7 4v2H5v1H4v1H3v2h1v1h1v1h2v-2H6V9h2v1h1V8H8V7h2V6H9V5H8V4z'/><path fill='#38342a' d='M8 4v1h1v1h1v1h1V6h-1V5H9V4z'/><path fill='#bcb29c' d='M9 4v1h1V4zm1 1v1h1V5zm1 1v1h1V6zm0 1h-1v1H9v2h1V9h1zm-2 3H7v2h1v-1h1zm-2 2H6v1h1z'/><path fill='#807a6d' d='M12 7v1h1V7z'/><path fill='#aea694' d='M2 9v1h1v1h1v1h1v1h1v-1H5v-1H4v-1H3V9z'/><path fill='#9a927e' d='M2 10v1h1v-1zm1 1v1h1v-1zm1 1v1h1v-1zm1 1v1h1v-1z'/><path fill='#c6bca5' d='M8 3v1h1V3zM6 5v1h1V5zm1 1v1h1V6zm1 1v1h2V7zM5 8v1h1V8zm1 1v1h2V9z'/></svg>",
   "minecraft": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M4 4v24h24V4Zm20 10h-6v2h4v8h-4v-4h-4v4h-4v-8h4v-2H8V8h6v6h4V8h6Z'/></svg>",
   "mint": "<svg viewBox='0 0 256 256'><path fill='#43a047' d='M128 18.753c-2.84 10.841-27.094 17.766-28.772 31.512l-2.738-8.22C82.21 60.232 83.473 69.446 83.473 69.446l-1.2-6.593c-10.422 17.426-8.215 25.963-7.012 28.566l.505.892s-.225-.287-.505-.892l-2.748-4.846c-10.824 29.941-1.371 39.133-1.371 39.133l-5.822-6.764c-2.573 22.94 4.11 32.368 4.11 32.368l-4.196-3.94c-.534 15.582 9.677 24.833 9.677 24.833l-6.73-4.615c12.951 56.58 38.666 58.104 41.982 58.061l-10.25.331c6.836 7.318 15.562 10.156 21.464 11.267 3.218-17.067 6.176-58.395 6.623-166.69.447 108.29 3.407 149.62 6.625 166.69 5.903-1.112 14.629-3.951 21.464-11.267l-10.248-.33c3.32.042 29.03-1.488 41.98-58.062l-6.73 4.616s10.211-9.25 9.677-24.833l-4.196 3.94s6.683-9.427 4.11-32.368l-5.822 6.764s9.453-9.192-1.371-39.133l-2.746 4.84c-.281.609-.508.895-.508.895l.508-.894c1.204-2.609 3.403-11.145-7.015-28.561l-1.199 6.593s1.264-9.215-13.017-27.402l-2.74 8.221c-1.677-13.745-25.93-20.67-28.771-31.51z'/></svg>",
-  "mist.clone": "<svg viewBox='0 0 24 24'><path fill='#2196F3' d='M12 21.669a6.927 6.927 0 0 1-6.927-6.927C5.073 10.124 12 2.33 12 2.33s6.927 7.793 6.927 12.41A6.927 6.927 0 0 1 12 21.67z'/></svg>",
+  "mist.clone": "<svg viewBox='0 0 24 24'><path fill='#2196f3' d='M12 21.669a6.927 6.927 0 0 1-6.927-6.927C5.073 10.124 12 2.33 12 2.33s6.927 7.793 6.927 12.41A6.927 6.927 0 0 1 12 21.67z'/></svg>",
   "mjml": "<svg viewBox='0 0 120 120'><g transform='translate(9.943 14.253)scale(.8026)'><path fill='#ff5722' d='M14.5 0h57.3c8 0 14.5 6.5 14.5 14.5S79.8 29 71.8 29H14.5C6.5 29 0 22.5 0 14.5S6.5 0 14.5 0'/><ellipse cx='109.2' cy='14.5' fill='#ff5722' rx='14.8' ry='14.5'/><path fill='#ff5722' d='M52.6 43.3h56.6c8-.6 14.9 5.5 15.5 13.5s-5.5 14.9-13.5 15.5H52.6c-8 .6-14.9-5.5-15.5-13.5s5.5-14.9 13.5-15.5H52z'/><path fill='#ff1744' d='M14.8 43c8.2 0 14.8 6.6 14.8 14.8S23 72.6 14.8 72.6C6.6 72.5 0 65.9 0 57.8 0 49.6 6.6 43 14.8 43'/><path fill='#ff5722' d='M14.5 85h57.3c8 0 14.5 6.5 14.5 14.5S79.8 114 71.8 114H14.5C6.5 114 0 107.5 0 99.5S6.5 85 14.5 85'/><ellipse cx='109.2' cy='99.5' fill='#ff5722' rx='14.8' ry='14.5'/></g></svg>",
   "mocha": "<svg viewBox='0 0 32 32'><path fill='#a1887f' d='M22 14c-.002 7.41-.07 10.857-2.486 14h-7.028C10.07 24.857 10.002 21.41 10 14zm.823-2H9.177A1.266 1.266 0 0 0 8 13.342C8 22 8 26 11.546 30h8.908C24 26 24 22 24 13.342A1.266 1.266 0 0 0 22.823 12m-4.82-9.998c1.15.46 2 2.075 2 3.998 0 1.925-.851 3.54-2.003 4V7.998c-1.15-.46-2-2.074-2-3.998s.851-3.54 2.003-4ZM13 6.004A2.11 2.11 0 0 1 14 8a2.1 2.1 0 0 1-1 2V9a2.11 2.11 0 0 1-1-1.998 2.1 2.1 0 0 1 1-1.998Z'/><path fill='#a1887f' d='M16 20h-3c0 2 1 4 1 6h4c0-2 1-4 1-6Z'/></svg>",
   "modernizr": "<svg viewBox='0 0 32 32'><path fill='#e91e63' d='M10 10v4H6v4H2v4h12V10zm8 0v12h12a12 12 0 0 0-12-12'/></svg>",
@@ -787,18 +831,18 @@
   "nano-staged": "<svg viewBox='0 0 24 24'><path fill='#b0bec5' d='M12 1.481A10.495 10.495 0 0 0 1.48 11.999c0 5.828 4.69 10.52 10.518 10.52S22.52 17.826 22.52 12A10.496 10.496 0 0 0 12 1.481M7.952 6.899a.2.2 0 0 1 .11.028l5.661 3.27a.21.21 0 0 0 .212 0l2.002-1.157a.21.21 0 0 1 .317.18v7.67a.21.21 0 0 1-.317.183l-5.662-3.27a.21.21 0 0 0-.21 0l-2.004 1.159a.21.21 0 0 1-.314-.183V7.11c0-.121.097-.208.205-.21z'/></svg>",
   "nano-staged_light": "<svg viewBox='0 0 24 24'><path fill='#546e7a' d='M11.999 1.481A10.495 10.495 0 0 0 1.48 11.999c0 5.828 4.69 10.52 10.518 10.52 5.827 0 10.52-4.693 10.52-10.52a10.496 10.496 0 0 0-10.52-10.518zM7.953 6.899a.2.2 0 0 1 .109.028l5.662 3.27a.21.21 0 0 0 .212 0l2.002-1.157a.21.21 0 0 1 .317.18v7.67a.21.21 0 0 1-.317.183l-5.662-3.27a.21.21 0 0 0-.21 0l-2.004 1.16a.21.21 0 0 1-.315-.184V7.11a.21.21 0 0 1 .206-.21z'/></svg>",
   "ndst": "<svg viewBox='0 0 32 32'><path fill='#0097a7' d='M8.2 12.2c-.8-.1-1.3.3-1.4 1-.1.9.3 1.3 1.1 1.4s1.2-.3 1.4-1c.1-.7-.3-1.3-1.1-1.4'/><path fill='#0097a7' d='M16 2c-1.4 0-2.8.2-4.1.6.2.7.5 1.3.9 1.9.9 1.5 2.3 2.2 4 2.3.8.1 1.6.1 2.4.1 2.1 0 3.8 2.4 2.9 4.6-.5 1.2-1.1 1.9-2.4 2.1-1.6.2-2.8-.3-3.6-1.7-.1-.3-.3-.6-.4-.9-.2-.6-.4-1.3-.7-1.9-.8-2.3-3.4-3.6-5.7-3.1-.8.1-1.8-.1-2.5-.5C3.8 8.1 2 11.8 2 16c0 7.7 6.3 14 14 14s14-6.3 14-14S23.7 2 16 2m5.8 21.3c-.5 1.2-1.1 1.9-2.4 2.1-1.6.2-2.8-.3-3.6-1.7-.1-.3-.3-.6-.4-.9-.2-.6-.4-1.3-.7-1.9-.9-2.4-3.5-3.6-5.8-3.2-1.3.2-3.2-.5-3.8-1.6-.8-1.3-.7-3.1.1-4.1.5-.6 1.3-1 2.1-1.2h.9c1.5.2 2.4.9 2.9 2.4.3 1.1.7 2.1 1.3 3.1.9 1.5 2.3 2.2 4 2.3.8.1 1.6.1 2.4.1 2.1 0 3.8 2.5 3 4.6'/><path fill='#0097a7' d='M18.4 21.8c-.6.1-.8.6-.8 1.1s.4 1 .7 1.3c.5.3 1.1.3 1.5-.3.1-.1.4-1 .2-1.3-.2-.5-1.4-.8-1.6-.8m1.7-9.7c.1-.1.4-1 .2-1.3-.2-.4-1.4-.7-1.6-.7-.6.1-.8.6-.8 1.1s.4 1 .7 1.3c.5.3 1.2.3 1.5-.4'/></svg>",
-  "nest-controller.clone": "<svg viewBox='0 0 300 300'><path fill='#0288D1' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-decorator.clone": "<svg viewBox='0 0 300 300'><path fill='#AB47BC' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-filter.clone": "<svg viewBox='0 0 300 300'><path fill='#FF7043' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-gateway.clone": "<svg viewBox='0 0 300 300'><path fill='#AFB42B' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-guard.clone": "<svg viewBox='0 0 300 300'><path fill='#43A047' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-interceptor.clone": "<svg viewBox='0 0 300 300'><path fill='#FF9800' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-middleware.clone": "<svg viewBox='0 0 300 300'><path fill='#5C6BC0' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-module.clone": "<svg viewBox='0 0 300 300'><path fill='#E53935' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-pipe.clone": "<svg viewBox='0 0 300 300'><path fill='#00897B' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-resolver.clone": "<svg viewBox='0 0 300 300'><path fill='#EC407A' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest-service.clone": "<svg viewBox='0 0 300 300'><path fill='#FFCA28' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
-  "nest": "<svg viewBox='0 0 300 300'><path fill='#FF1744' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-controller.clone": "<svg viewBox='0 0 300 300'><path fill='#0288d1' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-decorator.clone": "<svg viewBox='0 0 300 300'><path fill='#ab47bc' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-filter.clone": "<svg viewBox='0 0 300 300'><path fill='#ff7043' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-gateway.clone": "<svg viewBox='0 0 300 300'><path fill='#afb42b' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-guard.clone": "<svg viewBox='0 0 300 300'><path fill='#43a047' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-interceptor.clone": "<svg viewBox='0 0 300 300'><path fill='#ff9800' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-middleware.clone": "<svg viewBox='0 0 300 300'><path fill='#5c6bc0' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-module.clone": "<svg viewBox='0 0 300 300'><path fill='#e53935' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-pipe.clone": "<svg viewBox='0 0 300 300'><path fill='#00897b' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-resolver.clone": "<svg viewBox='0 0 300 300'><path fill='#ec407a' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest-service.clone": "<svg viewBox='0 0 300 300'><path fill='#ffca28' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
+  "nest": "<svg viewBox='0 0 300 300'><path fill='#ff1744' d='M172.382 24.41c-1.793 0-3.5.426-5.036.938 3.329 2.22 5.121 5.121 6.06 8.45.085.427.17.768.256 1.195s.17.768.17 1.195c.257 5.719-1.536 6.401-2.73 9.815-1.878 4.353-1.366 9.048.938 12.803.17.427.427.94.768 1.451-2.475-16.473 11.267-18.948 13.827-24.07.171-4.523-3.499-7.51-6.401-9.558-2.987-1.708-5.548-2.22-7.852-2.22zm20.655 3.67c-.256 1.536-.086 1.11-.17 1.877-.086.512-.086 1.195-.172 1.707-.17.512-.256 1.024-.426 1.537l-.512 1.536c-.257.512-.427.939-.683 1.536l-.512.768c-.171.171-.256.427-.427.598-.342.427-.683.939-.939 1.28-.427.427-.683.854-1.195 1.195v.085c-.427.342-.768.683-1.195 1.025-1.366 1.024-2.902 1.792-4.353 2.816-.427.342-.939.598-1.28.94-.427.34-.854.682-1.195 1.023l-1.195 1.195c-.341.427-.683.854-.939 1.28-.341.427-.683.94-.939 1.366-.256.512-.426.94-.683 1.537-.17.512-.426.938-.512 1.536-.17.597-.341 1.11-.426 1.622-.086.256-.086.597-.171.853s-.085.512-.17.768c0 .512-.086 1.11-.086 1.622 0 .427 0 .768.085 1.195 0 .512.086 1.024.17 1.622.086.512.172 1.024.342 1.536l.512 1.536c.171.342.342.683.427.94l-14.936-5.805c-2.561-.683-5.036-1.365-7.511-1.963-1.366-.341-2.732-.683-4.097-.939a137 137 0 0 0-11.864-1.792c-.17 0-.17-.086-.342-.086-3.926-.426-7.767-.597-11.608-.597-2.901 0-5.718.17-8.535.341-3.926.256-7.937.769-11.864 1.451-.939.171-1.963.342-2.902.513-2.048.426-3.926.853-5.889 1.28-.939.256-1.963.512-2.902.768-.939.427-1.878.854-2.816 1.195a23 23 0 0 1-2.134.939c-.171.085-.256.085-.342.17a34 34 0 0 0-1.792.94c-.17.085-.341.17-.427.17-.683.341-1.45.683-2.048 1.024-.427.171-.94.427-1.28.683-.171.17-.427.256-.598.342-.597.34-1.195.682-1.707.938-.598.342-1.11.683-1.536.94-.427.34-.94.597-1.28.938-.086.085-.171.085-.171.17a6.5 6.5 0 0 0-1.195.94l-.171.17c-.341.256-.683.513-.939.769-.17.085-.256.17-.427.256-.341.256-.682.597-.939.853-.085.17-.17.17-.256.256-.426.427-.768.683-1.195 1.11-.085 0-.085.085-.17.17-.427.342-.768.683-1.195 1.11-.085.085-.085.17-.17.17-.342.342-.684.684-.94 1.025-.17.17-.341.256-.426.427-.342.427-.683.768-1.11 1.195-.085.17-.17.17-.256.341-.512.512-.939 1.024-1.536 1.536l-.171.171c-1.024 1.11-2.134 2.22-3.329 3.158-1.195 1.024-2.39 2.049-3.67 2.902-1.28.939-2.56 1.707-3.926 2.475-1.28.683-2.646 1.366-4.097 1.963a36 36 0 0 1-4.268 1.537c-2.731.597-5.548 1.707-7.937 1.878-.513 0-1.11.17-1.622.17-.598.17-1.11.256-1.622.427s-1.024.427-1.536.597-1.024.427-1.536.683c-.427.342-.94.598-1.451.94-.427.34-.94.682-1.28 1.109-.428.341-.94.768-1.281 1.195-.427.426-.768.853-1.11 1.28-.341.512-.682.939-.938 1.536-.342.427-.683.94-.94 1.537s-.511 1.11-.682 1.707c-.17.512-.427 1.11-.598 1.707-.17.512-.256 1.024-.341 1.536 0 .085-.085.17-.085.17-.171.598-.171 1.366-.171 1.793-.085.427-.17.854-.17 1.28 0 .256 0 .598.085.854.085.427.17.853.256 1.195.17.427.256.768.426 1.195v.085c.171.427.427.768.683 1.195s.512.768.854 1.195c.341.341.683.683 1.11 1.024.426.427.767.683 1.194 1.024 1.537 1.366 1.963 1.793 3.926 2.902l1.025.512c.085 0 .17.086.17.086 0 .17 0 .17.086.341.085.512.17 1.024.341 1.537q.256.896.512 1.536c.256.64.342.768.512 1.195.086.17.171.256.171.341.256.512.512.94.768 1.451.342.427.683.94.94 1.366.34.427.682.853 1.109 1.195.426.427.768.683 1.195 1.11 0 0 .085.085.17.085.427.341.768.683 1.195.939.427.341.94.597 1.451.853.427.256.94.512 1.537.683.426.17.853.341 1.28.427.085.085.17.085.256.17.256.086.597.171.853.171-.17 3.5-.256 6.828.256 8.023.598 1.28 3.415-2.646 6.316-7.255-.426 4.524-.682 9.73 0 11.352s4.61-3.414 8.024-9.047c46.09-10.67 88.168 21.167 92.606 66.233-.853-6.999-9.474-10.925-13.485-9.986-1.963 4.78-5.292 11.01-10.584 14.851.427-4.268.256-8.706-.683-12.974-1.45 5.975-4.267 11.608-8.023 16.388-6.145.427-12.376-2.56-15.62-6.999-.255-.17-.34-.597-.511-.853-.17-.427-.427-.94-.512-1.366-.171-.427-.342-.939-.427-1.366s-.085-.938-.085-1.45v-.94c.085-.426.17-.938.341-1.365s.256-.939.427-1.366c.256-.426.426-.939.768-1.365 1.11-3.158 1.11-5.634-.939-7.17-.427-.256-.768-.427-1.195-.683-.256-.085-.597-.17-.853-.256-.171-.085-.342-.17-.513-.17-.426-.171-.938-.257-1.365-.342-.427-.17-.939-.17-1.366-.17-.427-.086-.939-.171-1.45-.171-.342 0-.684.085-.94.085-.512 0-.939.085-1.45.17-.427.086-.94.171-1.366.257-.427.17-.94.256-1.366.427s-.853.426-1.28.597-.768.427-1.195.683c-15.193 9.9-6.145 33.031 4.267 39.689-3.926.682-7.852 1.536-8.961 2.39l-.171.17a56 56 0 0 0 8.791 4.353c4.182 1.366 8.62 2.56 10.498 3.158v.085c5.378 1.11 10.84 1.537 16.388 1.195 28.764-2.048 52.406-23.898 56.674-52.833.17.598.256 1.11.426 1.708.171 1.194.427 2.39.598 3.67v.085c.17.597.17 1.195.256 1.707v.256c.085.598.17 1.195.17 1.707.086.683.171 1.451.171 2.134v1.024c0 .342.086.683.086 1.024 0 .427-.086.769-.086 1.195v.94c0 .426-.085.853-.085 1.28 0 .256 0 .512-.085.853 0 .427-.086.939-.086 1.451-.085.17-.085.427-.085.597-.085.513-.17.94-.17 1.537 0 .17 0 .427-.086.597-.085.683-.17 1.195-.256 1.878v.17c-.17.598-.256 1.196-.427 1.793v.17c-.17.598-.256 1.196-.427 1.793 0 .086-.085.17-.085.256-.17.598-.256 1.195-.427 1.793v.17c-.17.683-.427 1.195-.512 1.793-.085.085-.085.17-.085.17-.17.683-.427 1.28-.598 1.964-.256.682-.426 1.194-.683 1.877s-.426 1.28-.682 1.878c-.256.683-.512 1.195-.768 1.878h-.086c-.256.597-.512 1.195-.853 1.792-.086.17-.171.342-.171.427-.085.085-.085.17-.17.17-4.268 8.536-10.5 15.961-18.266 21.85-.512.342-1.024.684-1.536 1.11-.171.171-.342.171-.427.342a8.5 8.5 0 0 1-1.451.939l.17.426h.086c.939-.17 1.792-.256 2.731-.426h.085c1.708-.256 3.415-.598 5.036-.94.427-.085.94-.17 1.451-.34.342-.086.598-.171.94-.171.426-.086.938-.171 1.365-.256.427-.171.768-.171 1.195-.342 6.486-1.536 12.802-3.67 18.862-6.23-10.327 14.082-24.154 25.52-40.371 32.945a109 109 0 0 0 22.191-3.84c26.204-7.768 48.224-25.35 61.454-49.078-2.646 15.022-8.62 29.361-17.497 41.823 6.316-4.183 12.12-8.962 17.326-14.425 14.595-15.193 24.155-34.568 27.398-55.308 2.22 10.242 2.902 20.911 1.878 31.324 46.944-65.465 3.926-133.405-14.083-151.244-.085-.17-.17-.17-.17-.341-.086.085-.086.085-.086.17 0-.085 0-.085-.086-.17 0 .768-.085 1.536-.17 2.304-.17 1.537-.427 2.902-.683 4.353-.341 1.451-.683 2.902-1.11 4.268s-.938 2.817-1.536 4.182c-.597 1.28-1.195 2.646-1.963 3.926a53 53 0 0 1-2.305 3.67c-.853 1.196-1.792 2.39-2.645 3.5-.94 1.195-2.049 2.22-3.073 3.243-.683.598-1.195 1.11-1.878 1.622-.512.427-.939.854-1.536 1.28-1.195.94-2.305 1.793-3.67 2.56-1.195.77-2.56 1.537-3.841 2.22-1.366.683-2.731 1.195-4.097 1.792-1.366.513-2.817.94-4.268 1.366s-2.902.683-4.353.939a42 42 0 0 1-4.438.512c-1.024.085-2.048.17-3.158.17-1.536 0-2.987-.17-4.438-.255-1.537-.171-2.988-.342-4.439-.683-1.536-.256-2.902-.683-4.353-1.11h-.085c1.451-.17 2.902-.256 4.268-.512 1.536-.256 2.902-.597 4.353-.939 1.45-.426 2.902-.853 4.267-1.365 1.451-.512 2.817-1.195 4.097-1.793 1.366-.682 2.56-1.365 3.926-2.133 1.195-.854 2.476-1.707 3.67-2.561 1.195-.939 2.305-1.878 3.33-2.902 1.109-.939 2.048-2.048 3.072-3.158.939-1.195 1.878-2.305 2.731-3.5.17-.17.256-.426.427-.682a39 39 0 0 0 1.878-3.158c.682-1.28 1.365-2.56 1.963-3.926s1.11-2.732 1.536-4.183c.427-1.365.768-2.816 1.11-4.267.256-1.537.512-2.902.682-4.353.171-1.537.257-2.988.257-4.439 0-1.024-.086-2.048-.171-3.158-.17-1.536-.342-2.902-.512-4.353-.256-1.536-.598-2.902-.94-4.352-.426-1.366-.938-2.817-1.45-4.183s-1.195-2.731-1.793-4.011c-.682-1.28-1.45-2.56-2.219-3.841l-2.56-3.585c-.94-1.11-1.963-2.22-2.988-3.329-.512-.512-1.11-1.11-1.707-1.621-2.902-2.305-5.974-4.439-9.047-6.402-.427-.256-.853-.426-1.28-.683-2.049-1.536-4.012-2.219-6.06-2.902z'/></svg>",
   "netlify": "<svg viewBox='0 0 24 24'><path fill='#00bfa5' d='m11.25 2.232-.127.127v4.567l.127.129h1.526l.126-.13V2.36l-.126-.127H11.25zM6.69 5.455 5.643 6.5v.21l1.6 1.6h1.108l.148-.148V7.055l-1.6-1.6zM1.026 11.11l-.127.127v1.528l.127.127h6.09l.127-.127v-1.528l-.127-.127zm15.858 0-.127.127v1.528l.127.127h6.09l.127-.127v-1.528l-.127-.127zm-9.64 4.58-1.6 1.6v.21l1.045 1.046h.21l1.6-1.6v-1.109l-.148-.146zm4.005 1.256-.127.13v4.566l.127.127h1.526l.126-.127v-4.567l-.126-.129z'/><path fill='#cfd8dc' d='M14.855 15.172h-1.523l-.127-.127V11.48c0-.634-.249-1.125-1.013-1.142-.394-.01-.844 0-1.325.019l-.072.074v4.61l-.127.128H9.146l-.128-.127V8.956l.128-.127h3.425a2.41 2.41 0 0 1 2.41 2.41v3.806z'/></svg>",
   "netlify_light": "<svg viewBox='0 0 24 24'><path fill='#00bfa5' d='m11.25 2.232-.127.127v4.567l.127.129h1.526l.126-.13V2.36l-.126-.127H11.25zM6.69 5.455 5.643 6.5v.21l1.6 1.6h1.108l.148-.148V7.055l-1.6-1.6zM1.026 11.11l-.127.127v1.528l.127.127h6.09l.127-.127v-1.528l-.127-.127zm15.858 0-.127.127v1.528l.127.127h6.09l.127-.127v-1.528l-.127-.127zm-9.64 4.58-1.6 1.6v.21l1.045 1.046h.21l1.6-1.6v-1.109l-.148-.146zm4.005 1.256-.127.13v4.566l.127.127h1.526l.126-.127v-4.567l-.126-.129z'/><path fill='#00897b' d='M14.855 15.172h-1.523l-.127-.127V11.48c0-.634-.249-1.125-1.013-1.142-.394-.01-.844 0-1.325.019l-.072.074v4.61l-.127.128H9.146l-.128-.127V8.956l.128-.127h3.425a2.41 2.41 0 0 1 2.41 2.41v3.806z'/></svg>",
   "next": "<svg viewBox='0 0 32 32'><path fill='#cfd8dc' d='M16 2a14 14 0 1 0 5.816 26.723L12 14v9a1 1 0 0 1-1 1H9a1 1 0 0 1-1-1V9a1 1 0 0 1 1-1h2.434a1 1 0 0 1 .857.486l11.491 19.15A14 14 0 0 0 16 2m8 16h-4V9a1 1 0 0 1 1-1h2a1 1 0 0 1 1 1Z'/></svg>",
@@ -811,11 +855,11 @@
   "ngrx-selectors": "<svg viewBox='0 0 300 300'><path fill='#ff6e40' d='M150 27.324 35.85 68.006l17.303 151.09 96.843 53.586 96.843-53.586 17.303-151.09zm-23.719 38.349c4.346-.075 9.04 1.316 14.265 4.131 2.3 1.24 9.235 2.994 15.407 3.889 21.936 3.18 47.975 19.934 56.21 36.186 5.667 11.183 4.508 17.209-4.18 21.702-7.492 3.874-22.822 2-45.08-5.517l-18.785-6.343-6.683 2.552c-9.683 3.698-19.366 12.877-23.33 22.09-2.858 6.645-3.293 9.768-2.77 20.705.523 10.955 1.315 14.12 5.2 20.997 4.423 7.829 14.576 17.818 16.331 16.064.473-.473-.574-3.648-2.308-7.048-1.735-3.4-2.744-6.825-2.26-7.606.482-.781 5.054 2.123 10.157 6.44 11.35 9.6 24.608 15.74 36.77 17.01 9.985 1.045 12.266-.814 4.787-3.912-2.41-.998-5.544-3.088-6.95-4.641-2.907-3.212-3.072-3.12 9.356-5.906 7.736-1.733 23.026-9.849 23.937-12.71.29-.91-2.195-1.296-6.27-.972-3.706.295-6.732-.087-6.732-.85 0-.76 3.032-4.523 6.732-8.385 13.883-14.489 18.62-25.32 20.098-45.906l1.02-14.217 3.257 6.756c3.601 7.452 4.265 18.202 1.701 27.437-2.141 7.711-.712 8.564 3.208 1.92 4.845-8.212 6.39-6.905 5.54 4.666-.924 12.587-5.243 22.017-14.993 32.686-7.95 8.699-7.001 10.254 2.624 4.326 9.273-5.711 10.511-4.815 5.736 4.155-9.031 16.964-28.122 31.35-47.948 36.161-12.016 2.917-20.537 3.461-31.544 2.018-28.78-3.775-56.001-23.157-68.993-49.114-3.378-6.748-8.154-14.994-10.62-18.348-5.092-6.924-5.529-10.038-2.09-15.286 1.715-2.618 2.116-5.307 1.41-9.308-3.273-18.531-3.167-19.11 4.276-26.659 6.468-6.56 6.878-7.44 6.878-15.092 0-6.637.671-8.813 3.67-11.811 2.02-2.02 5.23-3.7 7.12-3.718 5.49-.05 14.97-5.135 20.584-11.033 4.687-4.927 9.674-7.417 15.262-7.51z'/></svg>",
   "ngrx-state": "<svg viewBox='0 0 300 300'><path fill='#9ccc65' d='M150 27.324 35.85 68.006l17.303 151.09 96.843 53.586 96.843-53.586 17.303-151.09zm-23.719 38.349c4.346-.075 9.04 1.316 14.265 4.131 2.3 1.24 9.235 2.994 15.407 3.889 21.936 3.18 47.975 19.934 56.21 36.186 5.667 11.183 4.508 17.209-4.18 21.702-7.492 3.874-22.822 2-45.08-5.517l-18.785-6.343-6.683 2.552c-9.683 3.698-19.366 12.877-23.33 22.09-2.858 6.645-3.293 9.768-2.77 20.705.523 10.955 1.315 14.12 5.2 20.997 4.423 7.829 14.576 17.818 16.331 16.064.473-.473-.574-3.648-2.308-7.048-1.735-3.4-2.744-6.825-2.26-7.606.482-.781 5.054 2.123 10.157 6.44 11.35 9.6 24.608 15.74 36.77 17.01 9.985 1.045 12.266-.814 4.787-3.912-2.41-.998-5.544-3.088-6.95-4.641-2.907-3.212-3.072-3.12 9.356-5.906 7.736-1.733 23.026-9.849 23.937-12.71.29-.91-2.195-1.296-6.27-.972-3.706.295-6.732-.087-6.732-.85 0-.76 3.032-4.523 6.732-8.385 13.883-14.489 18.62-25.32 20.098-45.906l1.02-14.217 3.257 6.756c3.601 7.452 4.265 18.202 1.701 27.437-2.141 7.711-.712 8.564 3.208 1.92 4.845-8.212 6.39-6.905 5.54 4.666-.924 12.587-5.243 22.017-14.993 32.686-7.95 8.699-7.001 10.254 2.624 4.326 9.273-5.711 10.511-4.815 5.736 4.155-9.031 16.964-28.122 31.35-47.948 36.161-12.016 2.917-20.537 3.461-31.544 2.018-28.78-3.775-56.001-23.157-68.993-49.114-3.378-6.748-8.154-14.994-10.62-18.348-5.092-6.924-5.529-10.038-2.09-15.286 1.715-2.618 2.116-5.307 1.41-9.308-3.273-18.531-3.167-19.11 4.276-26.659 6.468-6.56 6.878-7.44 6.878-15.092 0-6.637.671-8.813 3.67-11.811 2.02-2.02 5.23-3.7 7.12-3.718 5.49-.05 14.97-5.135 20.584-11.033 4.687-4.927 9.674-7.417 15.262-7.51z'/></svg>",
   "nim": "<svg viewBox='0 0 32 32'><path fill='#ffca28' d='M6 24h20v2a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2zM30 6l-9 9-5-11-5 11-9-9 4 14h20z'/></svg>",
-  "nix": "<svg viewBox='0 0 500 500'><g stroke-width='.395'><path fill='#1976D2' d='M133.347 451.499c0-.295-2.752-5.283-6.116-11.084s-6.116-10.776-6.116-11.055 9.514-16.889 21.143-36.912c11.629-20.022 21.323-36.798 21.542-37.279.346-.76-1.608-4.363-14.896-27.466-8.412-14.625-15.294-26.785-15.294-27.023 0-.5 24.46-43.501 25.206-44.31.414-.45.592-.384 1.078.395.32.513 16.876 29.256 36.791 63.87 62.62 108.85 74.852 130.01 75.41 130.46.3.242.544.554.544.694s-11.836.21-26.302.154c-23.023-.09-26.313-.175-26.393-.694-.11-.714-27.662-48.825-28.86-50.392-.746-.978-.906-1.035-1.426-.51-.688.696-28.954 49.323-29.49 50.733l-.364.96h-13.23c-10.895 0-13.228-.095-13.228-.538zm167.58-125.61c-.134-.216 1.189-2.863 2.939-5.882 6.924-11.944 84.29-145.75 96.49-166.88 7.143-12.371 13.143-22.465 13.334-22.433.362.062 25.86 43.105 25.86 43.655 0 .174-6.761 11.952-15.025 26.173-8.46 14.557-14.932 26.104-14.81 26.421.185.483 4.563.564 30.213.564h29.996l.957 1.48c.527.814 3.296 5.547 6.155 10.518s5.45 9.29 5.757 9.597c.705.705.703.724-.16 1.572-.396.388-3.36 5.323-6.588 10.965-3.228 5.643-6.056 10.387-6.285 10.543s-19.695.171-43.256.034l-42.84-.249-.803 1.15c-.442.632-7.505 12.736-15.696 26.897l-14.892 25.747h-15.486c-8.518 0-20.015.116-25.551.259-6.55.168-10.15.121-10.308-.135zm-133.75-157.86c-56.373-.055-102.5-.182-102.5-.282s5.617-10.132 12.481-22.294L89.64 123.34h30.332c27.113 0 30.332-.065 30.332-.611 0-.336-6.659-12.228-14.797-26.427s-14.797-25.917-14.797-26.04 2.682-4.853 5.96-10.51 6.003-10.578 6.056-10.934c.086-.586 1.375-.648 13.572-.648 7.412 0 13.463.143 13.446.317-.018.174.22.707.53 1.184.31.476 9.763 16.937 21.007 36.578 11.244 19.64 20.71 36.022 21.036 36.4.554.647 2.549.691 31.428.691h30.837l12.896 22.145c7.093 12.18 12.8 22.301 12.682 22.492-.117.19-4.776.303-10.352.249-5.575-.054-56.26-.143-112.63-.198z'/><path fill='#64B5F6' d='M23.046 238.939c-6.098 10.563-6.69 11.711-6.224 12.078.282.224 3.18 5.044 6.44 10.712s6.016 10.355 6.123 10.417c.106.061 13.585.153 29.95.204 16.367.052 29.994.23 30.285.399.473.273-1.08 3.094-14.637 26.574l-15.166 26.269 12.907 21.865c7.1 12.026 12.982 21.906 13.068 21.956s23.257-39.831 51.492-88.624c11.352-19.617 21.214-36.64 30.37-52.442 23.308-40.452 30.68-53.468 30.73-54.132-1.096-.11-6.141-.187-13.006-.216-3.945-.01-7.82-.02-12.75-.002l-25.341.092-15.42 26.706c-14.256 24.693-15.445 26.663-16.278 26.86l-.023.037c-.012.003-1.622-.001-1.826 0-4.29.062-20.453.063-40.226-.01-22.632-.082-41.615-.125-42.183-.096-.567.03-1.147-.03-1.29-.132-.141-.102-3.29 5.066-6.996 11.485zm205.16-190.3c-.123.149 5.62 10.392 12.761 22.763 12.2 21.131 89.393 155.03 96.276 167 1.503 2.613 2.92 4.803 3.443 5.348.9-1.249 3.532-5.63 7.954-13.219a1343 1343 0 0 1 10.05-17.76l6.606-11.443c.691-1.403.753-1.818.652-2.117-.161-.48-6.903-12.332-14.982-26.337-8.078-14.005-14.824-25.849-14.99-26.32a.73.73 0 0 1-.01-.366l-.426-.913 21.636-36.976c3.69-6.307 6.425-11.042 9.471-16.29 9.158-15.948 12.036-21.189 11.895-21.55-.126-.324-2.7-4.83-5.72-10.017-3.021-5.185-5.845-10.148-6.275-11.026-.483-.987-.734-1.364-1.1-1.456-.054.014-.083.018-.144.035-.42.112-5.455.195-11.19.185s-11.22.024-12.187.073l-1.76.089-14.998 25.978c-12.824 22.212-15.084 25.964-15.595 25.883-.024-.004-.15-.189-.235-.301-.109.066-.2.09-.271.05-.256-.148-7.144-11.902-15.306-26.119L279.4 48.817c-.116-.186-.444-.744-.458-.752-.476-.275-50.502.287-50.737.57zm-18.646 283.09c-.047.109-.026.262.043.48.328 1.05 25.338 43.735 25.772 43.985.206.119 14.178.239 31.05.266 26.65.044 30.749.152 31.234.832.307.43 9.987 17.214 21.513 37.296s21.152 36.627 21.394 36.767 5.926.243 12.633.23c6.705-.013 12.4.099 12.657.246.131.076.381-.141.851-.795l6.008-10.406c5.234-9.065 6.62-11.684 6.294-11.888-.575-.36-15.597-26.643-23.859-41.482-3.09-5.45-5.37-9.516-5.44-9.774-.196-.712-.066-.822 1.155-.98 1.956-.252 57.397-.057 58.071.205.237.092.79-.569 2.593-3.497 1.866-3.067 5.03-8.524 11.001-18.866 7.22-12.505 13.043-22.784 12.941-22.843s-.77-.051-1.489.016l-.046.001c-4.451.204-33.918.203-149.74.025-38.96-.06-69.786-.09-71.912-.072-1.12.01-2.095.076-2.66.172a.3.3 0 0 0-.062.083z'/></g></svg>",
+  "nix": "<svg viewBox='0 0 500 500'><g stroke-width='.395'><path fill='#1976d2' d='M133.347 451.499c0-.295-2.752-5.283-6.116-11.084s-6.116-10.776-6.116-11.055 9.514-16.889 21.143-36.912c11.629-20.022 21.323-36.798 21.542-37.279.346-.76-1.608-4.363-14.896-27.466-8.412-14.625-15.294-26.785-15.294-27.023 0-.5 24.46-43.501 25.206-44.31.414-.45.592-.384 1.078.395.32.513 16.876 29.256 36.791 63.87 62.62 108.85 74.852 130.01 75.41 130.46.3.242.544.554.544.694s-11.836.21-26.302.154c-23.023-.09-26.313-.175-26.393-.694-.11-.714-27.662-48.825-28.86-50.392-.746-.978-.906-1.035-1.426-.51-.688.696-28.954 49.323-29.49 50.733l-.364.96h-13.23c-10.895 0-13.228-.095-13.228-.538zm167.58-125.61c-.134-.216 1.189-2.863 2.939-5.882 6.924-11.944 84.29-145.75 96.49-166.88 7.143-12.371 13.143-22.465 13.334-22.433.362.062 25.86 43.105 25.86 43.655 0 .174-6.761 11.952-15.025 26.173-8.46 14.557-14.932 26.104-14.81 26.421.185.483 4.563.564 30.213.564h29.996l.957 1.48c.527.814 3.296 5.547 6.155 10.518s5.45 9.29 5.757 9.597c.705.705.703.724-.16 1.572-.396.388-3.36 5.323-6.588 10.965-3.228 5.643-6.056 10.387-6.285 10.543s-19.695.171-43.256.034l-42.84-.249-.803 1.15c-.442.632-7.505 12.736-15.696 26.897l-14.892 25.747h-15.486c-8.518 0-20.015.116-25.551.259-6.55.168-10.15.121-10.308-.135zm-133.75-157.86c-56.373-.055-102.5-.182-102.5-.282s5.617-10.132 12.481-22.294L89.64 123.34h30.332c27.113 0 30.332-.065 30.332-.611 0-.336-6.659-12.228-14.797-26.427s-14.797-25.917-14.797-26.04 2.682-4.853 5.96-10.51 6.003-10.578 6.056-10.934c.086-.586 1.375-.648 13.572-.648 7.412 0 13.463.143 13.446.317-.018.174.22.707.53 1.184.31.476 9.763 16.937 21.007 36.578 11.244 19.64 20.71 36.022 21.036 36.4.554.647 2.549.691 31.428.691h30.837l12.896 22.145c7.093 12.18 12.8 22.301 12.682 22.492-.117.19-4.776.303-10.352.249-5.575-.054-56.26-.143-112.63-.198z'/><path fill='#64b5f6' d='M23.046 238.939c-6.098 10.563-6.69 11.711-6.224 12.078.282.224 3.18 5.044 6.44 10.712s6.016 10.355 6.123 10.417c.106.061 13.585.153 29.95.204 16.367.052 29.994.23 30.285.399.473.273-1.08 3.094-14.637 26.574l-15.166 26.269 12.907 21.865c7.1 12.026 12.982 21.906 13.068 21.956s23.257-39.831 51.492-88.624c11.352-19.617 21.214-36.64 30.37-52.442 23.308-40.452 30.68-53.468 30.73-54.132-1.096-.11-6.141-.187-13.006-.216-3.945-.01-7.82-.02-12.75-.002l-25.341.092-15.42 26.706c-14.256 24.693-15.445 26.663-16.278 26.86l-.023.037c-.012.003-1.622-.001-1.826 0-4.29.062-20.453.063-40.226-.01-22.632-.082-41.615-.125-42.183-.096-.567.03-1.147-.03-1.29-.132-.141-.102-3.29 5.066-6.996 11.485zm205.16-190.3c-.123.149 5.62 10.392 12.761 22.763 12.2 21.131 89.393 155.03 96.276 167 1.503 2.613 2.92 4.803 3.443 5.348.9-1.249 3.532-5.63 7.954-13.219a1343 1343 0 0 1 10.05-17.76l6.606-11.443c.691-1.403.753-1.818.652-2.117-.161-.48-6.903-12.332-14.982-26.337-8.078-14.005-14.824-25.849-14.99-26.32a.73.73 0 0 1-.01-.366l-.426-.913 21.636-36.976c3.69-6.307 6.425-11.042 9.471-16.29 9.158-15.948 12.036-21.189 11.895-21.55-.126-.324-2.7-4.83-5.72-10.017-3.021-5.185-5.845-10.148-6.275-11.026-.483-.987-.734-1.364-1.1-1.456-.054.014-.083.018-.144.035-.42.112-5.455.195-11.19.185s-11.22.024-12.187.073l-1.76.089-14.998 25.978c-12.824 22.212-15.084 25.964-15.595 25.883-.024-.004-.15-.189-.235-.301-.109.066-.2.09-.271.05-.256-.148-7.144-11.902-15.306-26.119L279.4 48.817c-.116-.186-.444-.744-.458-.752-.476-.275-50.502.287-50.737.57zm-18.646 283.09c-.047.109-.026.262.043.48.328 1.05 25.338 43.735 25.772 43.985.206.119 14.178.239 31.05.266 26.65.044 30.749.152 31.234.832.307.43 9.987 17.214 21.513 37.296s21.152 36.627 21.394 36.767 5.926.243 12.633.23c6.705-.013 12.4.099 12.657.246.131.076.381-.141.851-.795l6.008-10.406c5.234-9.065 6.62-11.684 6.294-11.888-.575-.36-15.597-26.643-23.859-41.482-3.09-5.45-5.37-9.516-5.44-9.774-.196-.712-.066-.822 1.155-.98 1.956-.252 57.397-.057 58.071.205.237.092.79-.569 2.593-3.497 1.866-3.067 5.03-8.524 11.001-18.866 7.22-12.505 13.043-22.784 12.941-22.843s-.77-.051-1.489.016l-.046.001c-4.451.204-33.918.203-149.74.025-38.96-.06-69.786-.09-71.912-.072-1.12.01-2.095.076-2.66.172a.3.3 0 0 0-.062.083z'/></g></svg>",
   "nodejs": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='M16 20.003v2h4a2 2 0 0 0 2-2v-2a2 2 0 0 0-2-2h-2v-2h4v-2h-4a2 2 0 0 0-2 2v2a2 2 0 0 0 2 2h2v2Z'/><path fill='#8bc34a' d='m16 3.003-12 7v14l4 2h6v-13.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v11.5H8l-2-1.034V11.15l10-5.833 10 5.833v11.703l-10 5.833-1.745-1.022L13 29.253l3 1.75 12-7v-14Z'/></svg>",
   "nodejs_alt": "<svg viewBox='0 0 32 32'><path fill='#388e3c' d='M15.354 2.831 4.647 8.861A1.25 1.25 0 0 0 4 9.953V22.03a1.26 1.26 0 0 0 .646 1.095l10.709 6.039a1.32 1.32 0 0 0 1.294 0l10.705-6.038A1.26 1.26 0 0 0 28 22.03V9.96a1.25 1.25 0 0 0-.647-1.093L16.65 2.836a1.32 1.32 0 0 0-1.294 0Z'/><path fill='#4caf50' d='M4.305 22.784a1.3 1.3 0 0 0 .381.328l9.185 5.18 1.53.862a1.3 1.3 0 0 0 .745.166 1.4 1.4 0 0 0 .254-.046L27.693 9.082a1.3 1.3 0 0 0-.294-.234L20.38 4.894l-3.705-2.082a1.3 1.3 0 0 0-.335-.13Z'/><path fill='#66bb6a' d='M27.693 22.784a1.3 1.3 0 0 1-.38.328l-9.185 5.18-1.53.862a1.3 1.3 0 0 1-.745.166 1.4 1.4 0 0 1-.254-.046L4.305 9.08a1.3 1.3 0 0 1 .295-.234l7.018-3.952 3.705-2.082a1.3 1.3 0 0 1 .335-.13Z'/></svg>",
   "nodemon": "<svg viewBox='0 0 32 32'><path fill='#8bc34a' d='m27.354 8.517-10.708-6.34A1.27 1.27 0 0 0 15.999 2a1.27 1.27 0 0 0-.647.178L4.647 8.516A1.33 1.33 0 0 0 4 9.664v12.678a1.33 1.33 0 0 0 .647 1.147l10.705 6.333a1.26 1.26 0 0 0 1.293 0l10.708-6.333A1.33 1.33 0 0 0 28 22.341V9.664a1.33 1.33 0 0 0-.646-1.147M24 23.307a.5.5 0 0 1-.658.474l-5-1.667A.5.5 0 0 1 18 21.64V15.6a.5.5 0 0 0-.223-.415l-1.5-1a.5.5 0 0 0-.554 0l-1.5 1A.5.5 0 0 0 14 15.6v6.039a.5.5 0 0 1-.342.474l-5 1.667A.5.5 0 0 1 8 23.306V12.31a.5.5 0 0 1 .276-.447l1.942-.971A2 2 0 0 1 10 10V6l3.333 3.333 2.443-1.221a.5.5 0 0 1 .448 0l2.443 1.221L22 6v4a2 2 0 0 1-.218.89l1.942.972a.5.5 0 0 1 .276.447Z'/></svg>",
-  "npm": "<svg viewBox='0 0 32 32'><path fill='#E53935' d='M4 4v24h24V4Zm20 20h-4V12h-4v12H8V8h16Z'/></svg>",
+  "npm": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M4 4v24h24V4Zm20 20h-4V12h-4v12H8V8h16Z'/></svg>",
   "nuget": "<svg viewBox='0 0 32 32'><circle cx='5' cy='5' r='3' fill='#0288d1'/><path fill='#0288d1' d='M8 14v10a6 6 0 0 0 6 6h10a6 6 0 0 0 6-6V14a6 6 0 0 0-6-6H14a6 6 0 0 0-6 6m7 4a3 3 0 1 1 3-3 3 3 0 0 1-3 3m7 8a4 4 0 1 1 4-4 4 4 0 0 1-4 4'/></svg>",
   "nunjucks": "<svg viewBox='0 0 32 32'><path fill='#388e3c' d='M12 4v12L8 4H4v24h4V18l4 10h4V4zm12 6v14h-2v-4h-4v6a2 2 0 0 0 2 2h6a2 2 0 0 0 2-2V10Z'/></svg>",
   "nuxt": "<svg viewBox='0 0 32 32'><path fill='#00e676' d='m30.27 23-6.93-12a1.98 1.98 0 0 0-1.73-1 1.96 1.96 0 0 0-1.73 1l-2.27 3.93-3.88-6.71a1.996 1.996 0 0 0-3.46 0L1.73 23a2 2 0 0 0 1.73 3h8.915a6 6 0 0 0 5.197-3.001L21.61 16l3.46 6h-2.31l-2.31 4h8.09a2 2 0 0 0 1.73-3m-17.896-1H6.93L12 13.22l3.3 5.71-1.193 2.069A2 2 0 0 1 12.374 22'/></svg>",
@@ -824,27 +868,28 @@
   "objective-cpp": "<svg viewBox='0 0 32 32'><path fill='#ffab40' d='M28 14v-4h-2v4h-6v-4h-2v4h-4v2h4v4h2v-4h6v4h2v-4h4v-2z'/><path fill='#ffab40' d='M13.563 22A5.57 5.57 0 0 1 8 16.437v-2.873A5.57 5.57 0 0 1 13.563 8H18V2h-4.437A11.563 11.563 0 0 0 2 13.563v2.873A11.564 11.564 0 0 0 13.563 28H18v-6Z'/></svg>",
   "ocaml": "<svg viewBox='0 0 24 24'><path d='m12.019 15.021.003-.008c-.005-.021-.006-.026-.003.008'/><path fill='#ff9800' d='M4.51 3.273a2.523 2.523 0 0 0-2.524 2.523V11.3c.361-.13.88-.898 1.043-1.085.285-.327.337-.743.478-1.006C3.83 8.612 3.886 8.2 4.62 8.2c.342 0 .478.08.71.39.16.216.438.615.568.882.15.307.396.724.503.808q.122.095.233.137c.119.044.218-.037.297-.1.102-.082.145-.247.24-.467.135-.317.283-.697.367-.83.146-.23.195-.501.352-.633.232-.195.535-.208.618-.225.466-.092.677.225.907.43.15.133.355.403.5.765.114.283.26.544.32.707.059.158.203.41.289.713.077.275.286.486.365.616 0 0 .121.34.858.65.16.067.482.176.674.246.32.116.63.101 1.025.054.281 0 .434-.408.562-.734.075-.193.148-.745.197-.902.048-.153-.064-.27.031-.405.112-.156.178-.164.242-.368.138-.436.936-.458 1.384-.458.374 0 .327.363.96.239.364-.072.714.046 1.1.149.324.086.63.184.812.398.119.139.412.834.113.863.029.035.05.099.104.134-.067.262-.357.075-.518.041-.217-.045-.37.007-.583.101-.363.162-.894.143-1.21.407-.27.223-.269.721-.394 1 0 0-.348.895-1.106 1.443-.194.14-.574.477-1.4.605a5.3 5.3 0 0 1-1.1.043c-.186-.009-.362-.018-.549-.02-.11-.002-.48-.013-.461.022l-.041.103.024.138c.015.083.019.149.022.225.006.157-.013.32-.005.478.017.328.138.627.154.958.017.368.199.758.375 1.059.067.114.169.128.213.269.052.161.003.333.028.505.1.668.292 1.366.592 1.97l.008.014c.371-.062.743-.196 1.226-.267.885-.132 2.115-.064 2.906-.138 2-.188 3.085.82 4.882.407V5.796a2.523 2.523 0 0 0-2.523-2.523zm-.907 11.144q-.022 0-.046.003c-.159.025-.313.08-.412.24-.08.13-.108.355-.164.505-.064.175-.176.338-.274.505-.18.305-.504.581-.644.879-.028.06-.053.13-.076.2v3.402c.163.028.333.062.524.113 1.407.375 1.75.407 3.13.25l.13-.018c.105-.22.187-.968.255-1.2.054-.178.127-.32.155-.5.026-.173-.003-.337-.017-.493-.04-.393.285-.533.44-.87.14-.304.22-.651.336-.963.11-.298.284-.721.579-.872-.036-.041-.617-.06-.772-.076a5 5 0 0 1-.5-.07c-.314-.064-.656-.126-.965-.2a10 10 0 0 1-.947-.328c-.298-.138-.503-.497-.732-.507m5.737.83c-.74.149-.97.876-1.32 1.451-.192.319-.396.59-.548.928-.14.312-.128.657-.368.924a2.55 2.55 0 0 0-.528.922c-.023.067-.088.776-.158.943l1.101-.078c1.026.07.73.464 2.332.378l2.529-.078a7 7 0 0 0-.228-.588c-.07-.147-.16-.434-.218-.56a3.5 3.5 0 0 0-.309-.526c-.184-.215-.227-.23-.28-.503-.095-.473-.344-1.33-.637-1.923-.151-.306-.403-.562-.634-.784-.2-.195-.655-.522-.734-.505z'/></svg>",
   "odin": "<svg stroke-linejoin='round' stroke-miterlimit='2' clip-rule='evenodd' viewBox='0 0 260 260'><path fill='#448aff' d='M73.123 212.264a99 99 0 0 1-6.865-5.18l98.605-170.789s4.059 1.506 7.412 3.113c4.226 2.026 7.726 4 7.726 4 47.796 27.596 64.198 88.805 36.602 136.6-27.595 47.798-88.804 64.198-136.6 36.603 0 0-3.347-1.924-6.879-4.346zm98.545-154.422L88.336 202.177c39.831 22.997 90.838 9.329 113.834-30.5 22.995-39.832 9.33-90.838-30.5-113.835zM47.944 187.19c-3.35-4.852-4.543-7.18-4.543-7.18-17.227-29.922-18.49-67.972 0-100s52.075-49.958 86.603-50c0 0 4.661-.011 8.543.36 5.847.56 9.735 1.315 9.735 1.315L53.986 195.011s-2.237-2.316-6.04-7.82zm72.084-139.903c-25.13 3.054-48.573 17.467-62.193 41.058-13.62 23.589-14.378 51.098-4.459 74.39z'/></svg>",
-  "opa": "<svg viewBox='0 0 32 32'><path fill='#bdbdbd' d='M29.12 10.065c0-2.5-4.686-8.122-4.998-8.434 1.124 5.057.984 4.302 1.172 5.917a2.44 2.44 0 0 1-.1 1.261c-.78 1.802-3.572 2.817-3.572 2.817l4.373 3.749s3.125-3.124 3.125-5.31m-26.24 0c0-2.5 4.686-8.122 4.998-8.434-1.124 5.057-.984 4.302-1.172 5.917a2.44 2.44 0 0 0 .1 1.261c.78 1.802 3.572 2.817 3.572 2.817l-4.373 3.749S2.88 12.25 2.88 10.065'/><path fill='#546e7a' d='M16 8c4.897 0 8.452 3.007 9.996 7.375V22s-3.124 2.122-4.998 3.371A31.7 31.7 0 0 0 16.312 30H16Z'/><path fill='#78909c' d='M16 8c-4.897 0-8.452 3.007-9.996 7.375V22s3.124 2.122 4.998 3.371A31.7 31.7 0 0 1 15.688 30H16Z'/><circle cx='16' cy='16' r='2' fill='#FAFAFA'/></svg>",
+  "opa": "<svg viewBox='0 0 32 32'><path fill='#bdbdbd' d='M29.12 10.065c0-2.5-4.686-8.122-4.998-8.434 1.124 5.057.984 4.302 1.172 5.917a2.44 2.44 0 0 1-.1 1.261c-.78 1.802-3.572 2.817-3.572 2.817l4.373 3.749s3.125-3.124 3.125-5.31m-26.24 0c0-2.5 4.686-8.122 4.998-8.434-1.124 5.057-.984 4.302-1.172 5.917a2.44 2.44 0 0 0 .1 1.261c.78 1.802 3.572 2.817 3.572 2.817l-4.373 3.749S2.88 12.25 2.88 10.065'/><path fill='#546e7a' d='M16 8c4.897 0 8.452 3.007 9.996 7.375V22s-3.124 2.122-4.998 3.371A31.7 31.7 0 0 0 16.312 30H16Z'/><path fill='#78909c' d='M16 8c-4.897 0-8.452 3.007-9.996 7.375V22s3.124 2.122 4.998 3.371A31.7 31.7 0 0 1 15.688 30H16Z'/><circle cx='16' cy='16' r='2' fill='#fafafa'/></svg>",
   "opam": "<svg viewBox='0 0 24 24'><path fill='#ff9800' d='M2.222 3.198v5.667c.255-.092.621-.635.736-.766.2-.231.237-.525.337-.71.228-.422.267-.712.786-.712.241 0 .337.055.5.275.114.152.31.434.402.622.106.217.279.511.355.57a.6.6 0 0 0 .164.097c.084.032.154-.026.21-.07.072-.058.103-.175.169-.33.096-.224.2-.492.26-.586.102-.162.137-.354.248-.447.164-.137.377-.147.436-.158.329-.065.478.158.64.303.106.094.25.285.354.54.08.2.182.384.225.5.041.11.143.289.204.502.055.194.202.343.258.435 0 0 .085.24.605.459.113.047.34.124.476.174.226.082.445.071.723.038.199 0 .307-.288.397-.518.053-.136.105-.526.14-.637.033-.108-.046-.191.021-.286.079-.11.126-.116.171-.26.098-.307.66-.323.977-.323.264 0 .23.256.678.169.256-.05.503.033.776.105.229.06.444.13.573.281.084.098.291.588.08.61.02.024.035.069.073.093-.047.185-.252.053-.366.03-.153-.032-.261.005-.41.07-.257.115-.632.102-.856.288-.19.157-.189.51-.277.706 0 0-.246.632-.781 1.018-.137.1-.405.337-.989.427a3.7 3.7 0 0 1-.775.031c-.132-.006-.256-.013-.388-.015-.077 0-.338-.009-.325.016l-.03.073.017.097c.011.059.014.105.016.16.004.11-.009.225-.003.337.011.231.097.442.108.676.012.26.14.535.265.747.047.081.12.09.15.19.037.114.003.235.02.357a4.7 4.7 0 0 0 .423 1.4c.263-.044.525-.138.866-.189.624-.092 1.493-.045 2.05-.097 1.413-.133 2.179.58 3.447.288V3.198zm1.141 7.866-.033.002c-.112.018-.22.056-.29.17-.057.091-.076.25-.116.356-.046.123-.124.239-.194.356-.127.216-.355.41-.454.62q-.03.067-.054.142v2.401c.115.02.235.044.37.08.993.265 1.236.287 2.21.176l.091-.012c.075-.155.132-.684.18-.847.038-.126.09-.226.11-.354.018-.121-.002-.237-.013-.348-.027-.276.202-.375.311-.613.099-.215.156-.46.237-.68.078-.21.2-.509.409-.615-.025-.03-.435-.043-.544-.054a4 4 0 0 1-.354-.05c-.221-.045-.463-.088-.68-.14a7 7 0 0 1-.67-.233c-.21-.097-.354-.35-.516-.357m4.05.586c-.523.105-.686.618-.932 1.024-.136.225-.28.416-.387.655-.1.22-.09.464-.26.652a1.8 1.8 0 0 0-.372.65c-.016.048-.062.549-.112.667l.777-.055c.724.05.515.327 1.646.266l1.785-.055a5 5 0 0 0-.161-.415c-.05-.103-.113-.306-.154-.395a2.4 2.4 0 0 0-.218-.37c-.13-.153-.16-.164-.198-.356a6.4 6.4 0 0 0-.449-1.358c-.107-.215-.285-.397-.447-.553-.142-.137-.463-.368-.518-.357m10.365-4.848v2h2v10h-10v-2h-2v4h14v-14z'/></svg>",
   "openapi": "<svg viewBox='0 0 24 24'><path fill='#8bc34a' d='M10.86 4.29h-.36a9 9 0 0 0-1.11.12h-.03l-.24.05-.09.02-.15.03h-.03a9 9 0 0 0-2.12.8l-.13.07-.16.09-.11.06h-.01l-.03.03.09.15 2.63 4.36.15-.09a4 4 0 0 1 .16-.08 3.6 3.6 0 0 1 1.18-.33 4 4 0 0 1 .36-.02V4.3zM5.98 5.75 5.61 6a9 9 0 0 0-.76.63l3.74 3.74.12-.1-.01-.02zm8.47 7.4-.01.17-.01.18a3.57 3.57 0 0 1-.8 1.92l-.11.13c-.04.04-.08.1-.13.13l3.73 3.73.24-.26a9 9 0 0 0 .76-.94l.03-.03.15-.23.03-.06a8.83 8.83 0 0 0 1.37-4.39v-.18l.01-.18h-5.26zM2 13.5v.08l.01.15.02.23V14l.02.19v.02l.03.2c.06.42.15.84.27 1.25l.07.2v.01l.06.19.02.04.05.15.03.07.04.12.04.1.04.09.05.12.04.07.06.14.1.2.01.03.1.17.02.04 4.5-2.71.03-.01a3.6 3.6 0 0 1-.33-1.18zM7.78 15l-4.51 2.7.21.34.01.01.01.02.02.03.24.34h.01v.01l.11.15.02.02.12.14.02.03.11.13.05.06.1.1.05.06.02.02.07.08.03.03.12.13 3.73-3.73a4 4 0 0 1-.13-.13l-.11-.13-.1-.13-.1-.14-.1-.15zm4.93 1.22-.16.08a3.6 3.6 0 0 1-1.7.43 3.6 3.6 0 0 1-1.03-.15l-.16-.05a3 3 0 0 1-.17-.07L7.62 21l-.07.18-.07.15h.02l.01.01.14.05.17.07c.03 0 .05.02.08.03a9 9 0 0 0 1.8.43l.16.02.14.02h.04a9 9 0 0 0 .38.03h.44a9 9 0 0 0 1.47-.11h.02l.15-.04.1-.01.23-.05a9 9 0 0 0 2.15-.8l.14-.08.15-.08.1-.06h.01l.01-.01.04-.02-.1-.15-.09-.16z'/><path fill='#689f38' d='M11.21 4.3v5.27a3.7 3.7 0 0 1 .8.17l3.89-3.88a9 9 0 0 0-.44-.29h-.02l-.14-.1-.09-.04-.08-.05-.14-.07-.02-.02a9 9 0 0 0-.95-.42l-.03-.01-.21-.08A9 9 0 0 0 12 4.36l-.08-.01h-.07l-.14-.02h-.05l-.17-.02h-.06l-.15-.01zM4.6 6.87 4.47 7l-.12.13a9 9 0 0 0-.75.93l-.04.05a6 6 0 0 0-.15.23l-.03.04a8.83 8.83 0 0 0-1.37 4.4v.17l-.01.18h5.26l.01-.18.01-.17a3.57 3.57 0 0 1 .8-1.92c.03-.05.08-.09.12-.13.04-.05.07-.1.12-.14L4.6 6.88zM18.14 8.1l-3.89 3.89c.1.26.15.52.18.8h5.28v-.08l-.02-.14v-.07l-.01-.17v-.04l-.03-.2v-.01l-.03-.21a9 9 0 0 0-.27-1.24v-.01l-.06-.2-.07-.19-.01-.04a6 6 0 0 0-.08-.22l-.05-.12-.08-.2-.05-.11-.1-.21-.02-.04-.08-.17V9.1l-.1-.17v-.01a9 9 0 0 0-.5-.82zm-5.01 7.82-.13.1.01.01 2.72 4.5.37-.25a9 9 0 0 0 .76-.63l-3.72-3.71zm-4.55 0-.01.02-3.72 3.71.16.16c.02 0 .04.02.06.04l.13.1.03.03.15.12.01.02.16.12a9 9 0 0 0 .7.47l.03.02a9 9 0 0 0 .45.25l.02.01a8 8 0 0 0 .4.2l.14-.32 1.87-4.54v-.02a3.6 3.6 0 0 1-.58-.39'/><path fill='#e0e0e0' d='M19.53 2a2.46 2.46 0 0 0-1.74.72 2.47 2.47 0 0 0-.47 2.84l-5.37 5.37a2.47 2.47 0 1 0 1.12 1.12l5.37-5.37a2.47 2.47 0 0 0 2.84-3.96A2.46 2.46 0 0 0 19.53 2'/></svg>",
   "openapi_light": "<svg viewBox='0 0 24 24'><path fill='#8bc34a' d='M10.86 4.29h-.36a9 9 0 0 0-1.11.12h-.03l-.24.05-.09.02-.15.03h-.03a9 9 0 0 0-2.12.8l-.13.07-.16.09-.11.06h-.01l-.03.03.09.15 2.63 4.36.15-.09a4 4 0 0 1 .16-.08 3.6 3.6 0 0 1 1.18-.33 4 4 0 0 1 .36-.02V4.3zM5.98 5.75 5.61 6a9 9 0 0 0-.76.63l3.72 3.72.02.02.12-.1-.01-.02zm8.47 7.4-.01.17-.01.18a3.57 3.57 0 0 1-.8 1.92l-.11.13c-.04.04-.08.1-.13.13l3.73 3.73.12-.13.12-.13a9 9 0 0 0 .76-.94l.03-.03.15-.23.03-.06a8.83 8.83 0 0 0 1.37-4.39v-.18l.01-.18h-5.26zM2 13.5v.08l.01.15.02.23V14l.02.19v.02l.03.2c.06.42.15.84.27 1.25l.07.2v.01l.06.19.02.04.05.15.03.07.04.12.04.1.04.09.05.12.04.07.06.14.02.04.08.16.01.03.1.17.02.04 4.5-2.71.03-.01a3.6 3.6 0 0 1-.33-1.18zM7.78 15l-4.51 2.7.21.34.01.01.01.02.02.03.24.34h.01v.01l.11.15.02.02.12.14.02.03.11.13.05.06.1.1.05.06.02.02.07.08.03.03.12.13 3.73-3.73a4 4 0 0 1-.13-.13l-.11-.13-.1-.13-.1-.14-.1-.15zm4.93 1.22-.16.08a3.6 3.6 0 0 1-1.7.43 3.6 3.6 0 0 1-1.03-.15l-.16-.05a3 3 0 0 1-.17-.07L7.62 21l-.07.18-.07.15h.02l.01.01.14.05.17.07c.03 0 .05.02.08.03a9 9 0 0 0 1.8.43l.08.01.08.01.14.02h.04a9 9 0 0 0 .38.03h.44a9 9 0 0 0 1.47-.11h.02l.15-.04.1-.01.23-.05a9 9 0 0 0 2.15-.8l.14-.08.15-.08.1-.06h.01l.01-.01.04-.02-.1-.15-.09-.16z'/><path fill='#689f38' d='M11.21 4.3v5.27a3.7 3.7 0 0 1 .8.17l3.89-3.88a9 9 0 0 0-.44-.29h-.02l-.14-.1-.09-.04-.08-.05-.14-.07-.02-.02a9 9 0 0 0-.95-.42l-.03-.01-.21-.08A9 9 0 0 0 12 4.36l-.08-.01h-.07l-.14-.02h-.05l-.17-.02h-.06l-.15-.01zM4.6 6.87 4.47 7l-.12.13a9 9 0 0 0-.75.93l-.04.05a6 6 0 0 0-.15.23l-.03.04a8.83 8.83 0 0 0-1.37 4.4v.17l-.01.18h5.26l.01-.18.01-.17a3.57 3.57 0 0 1 .8-1.92c.03-.05.08-.09.12-.13.04-.05.07-.1.12-.14L4.6 6.88zM18.14 8.1l-3.89 3.89c.1.26.15.52.18.8h5.28v-.08l-.02-.14v-.07l-.01-.17v-.04l-.03-.2v-.01l-.03-.21a9 9 0 0 0-.27-1.24v-.01l-.06-.2-.07-.19-.01-.04a6 6 0 0 0-.08-.22l-.05-.12-.04-.1-.04-.1-.05-.11-.1-.21-.02-.04-.08-.17V9.1l-.1-.17v-.01a9 9 0 0 0-.5-.82zm-5.01 7.82-.13.1.01.01 2.72 4.5.37-.25a9 9 0 0 0 .76-.63l-3.72-3.71zm-4.55 0-.01.02-3.72 3.71.06.06.1.1c.02 0 .04.02.06.04l.13.1.03.03.15.12.01.02.16.12a9 9 0 0 0 .7.47l.03.02a9 9 0 0 0 .45.25l.02.01a8 8 0 0 0 .4.2l.14-.32 1.87-4.54v-.02a3.6 3.6 0 0 1-.58-.39'/><path fill='#424242' d='M19.53 2a2.46 2.46 0 0 0-1.74.72 2.47 2.47 0 0 0-.47 2.84l-5.37 5.37a2.47 2.47 0 1 0 1.12 1.12l5.37-5.37a2.47 2.47 0 0 0 2.84-3.96A2.46 2.46 0 0 0 19.53 2' data-mit-no-recolor='true'/></svg>",
   "otne": "<svg viewBox='0 0 1024 1024'><g fill='#00c853'><path d='M512 254.16A257.84 257.84 0 0 0 254.16 512 257.84 257.84 0 0 0 512 769.841a257.84 257.84 0 0 0 257.841-257.84 257.84 257.84 0 0 0-257.84-257.842zM941.74 512A429.74 429.74 0 0 1 512 941.74 429.74 429.74 0 0 1 82.262 512 429.74 429.74 0 0 1 512 82.262 429.74 429.74 0 0 1 941.74 512'/><path d='M695.945 450.836h-92.08l-.005 122.318h92.084zm-122.854-122.78H450.92v367.89h122.17zm-152.942 122.78h-92.084v122.318h92.08z'/></g></svg>",
+  "packship": "<svg viewBox='0 0 16 16'><path fill='#9575cd' d='M2.997 14.967c-.344-.086-.654-.345-.765-.64-.136-.36-.157-.283 1.119-4.186s1.181-3.58 1.01-3.467c-.741.491-1.703.082-1.95-.83-.175-.648.027-1.006.899-1.587 1.274-.85 1.979-1.476 2.603-2.312.492-.659.682-.798 1.194-.873.623-.09 1.204.138 1.418.56.075.147.02.153.417-.053 4.991-2.592 6.93 4.168 2.114 7.369-1.361.904-3.966 1.598-4.84 1.29l-.128-.045-.144.439c-.08.241-.378 1.16-.663 2.042-.622 1.929-.645 1.972-1.152 2.21-.228.106-.854.153-1.132.083m.729-.772c.272-.068.224.052 1.27-3.18 1.267-3.918 1.463-4.385 2.38-5.681 2.03-2.868 4.835-3.397 4.577-.864-.218 2.145-2.177 3.72-5 4.02-.493.052-.577.117-.647.496-.1.542.18.631 1.35.431 3.043-.52 5.106-2.398 5.391-4.906.365-3.207-3.167-3.65-5.56-.698-.289.356-.294.418.059-.698.392-1.241.389-1.266-.198-1.266-.306 0-.397.047-.604.31-.072.09-.243.31-.38.486-.58.745-1.443 1.49-2.632 2.275-.652.43-.708.542-.468.922.157.247.337.32.56.226.238-.099 1.576-1.11 2.002-1.51.124-.118.226-.205.226-.193s-.7 2.17-1.555 4.795a462 462 0 0 0-1.556 4.82c0 .198.407.31.785.215m3.962-6.61c2.008-.431 3.407-1.742 3.486-3.266.031-.597-.03-.691-.436-.666-1.12.068-3.05 2.1-3.756 3.956l-.034.087.218-.022a6 6 0 0 0 .522-.088'/></svg>",
   "palette": "<svg viewBox='0 0 16 16'><path fill='#4fc3f7' d='M12.278 8a1.167 1.167 0 0 1-1.167-1.167 1.167 1.167 0 0 1 1.167-1.166 1.167 1.167 0 0 1 1.166 1.166A1.167 1.167 0 0 1 12.278 8M9.944 4.889a1.167 1.167 0 0 1-1.166-1.167 1.167 1.167 0 0 1 1.166-1.166 1.167 1.167 0 0 1 1.167 1.166A1.167 1.167 0 0 1 9.944 4.89m-3.888 0a1.167 1.167 0 0 1-1.167-1.167 1.167 1.167 0 0 1 1.167-1.166 1.167 1.167 0 0 1 1.166 1.166A1.167 1.167 0 0 1 6.056 4.89M3.722 8a1.167 1.167 0 0 1-1.166-1.167 1.167 1.167 0 0 1 1.166-1.166A1.167 1.167 0 0 1 4.89 6.833 1.167 1.167 0 0 1 3.722 8M8 1a7 7 0 0 0-7 7 7 7 0 0 0 7 7 1.167 1.167 0 0 0 1.167-1.167c0-.303-.117-.575-.304-.777a1.2 1.2 0 0 1-.295-.778 1.167 1.167 0 0 1 1.166-1.167h1.377A3.89 3.89 0 0 0 15 7.222C15 3.784 11.866 1 8 1'/></svg>",
   "panda": "<svg viewBox='0 0 24 24'><path fill='#ffd740' d='M4.524 20.862c-.258-.317-.958-2.683-1.319-4.451-1.238-6.075.1-10.397 3.824-12.354 1.596-.838 2.918-1.114 5.37-1.118 3.212-.007 5.102.617 6.808 2.244 2.52 2.403 2.735 6.732.459 9.222-1.267 1.387-4.598 2.82-6.551 2.82h-.593l-.408-1.239c-.224-.68-.456-1.502-.516-1.825l-.108-.586.656.088c.777.104 1.89-.27 2.365-.798.998-1.102.824-3.595-.302-4.333-1.063-.697-3.124-.653-4.166.089-1.888 1.345-1.382 6.248 1.172 11.343.248.495.406.944.351.999-.054.055-1.624.1-3.49.1-2.519 0-3.431-.052-3.552-.2z'/></svg>",
   "parcel": "<svg viewBox='0 0 24 24'><path fill='#ffb74d' d='M2.007 10.96a.985.985 0 0 1-.37-1.37L3.137 7c.11-.2.28-.34.47-.42l7.83-4.4c.16-.12.36-.18.57-.18s.41.06.57.18l7.9 4.44c.19.1.35.26.44.46l1.45 2.52c.28.48.11 1.09-.36 1.36l-1 .58v4.96c0 .38-.21.71-.53.88l-7.9 4.44c-.16.12-.36.18-.57.18s-.41-.06-.57-.18l-7.9-4.44a.99.99 0 0 1-.53-.88v-5.54c-.3.17-.68.18-1 0m10-6.81v6.7l5.96-3.35zm-7 11.76 6 3.38v-6.71l-6-3.37zm14 0v-3.22l-5 2.9c-.33.18-.7.17-1 .01v3.69zm-5.15-2.55 6.28-3.63-.58-1.01-6.28 3.63z'/></svg>",
   "pascal": "<svg viewBox='0 0 24 24'><path fill='#0288d1' d='m8.863 14.765-1.158 6.597H3.937L7.191 2.637l6.559.013q3.035 0 4.77 1.685 1.737 1.685 1.518 4.398-.205 2.752-2.302 4.398-2.083 1.646-5.324 1.646zm.527-3.125 3.138.026q1.517 0 2.52-.785 1.003-.784 1.196-2.122t-.437-2.135q-.617-.797-1.839-.848l-3.55-.013z' aria-label='P'/></svg>",
   "pawn": "<svg viewBox='0 0 32 32'><path fill='#ef6c00' d='M6 28h20v2H6zm8-18h4l4 14H10z'/><path fill='#ef6c00' d='M10 12h12v2H10z'/><circle cx='16' cy='7' r='4' fill='#ef6c00'/></svg>",
-  "payload": "<svg viewBox='0 0 24 24'><path fill='#CFD8DC' d='m11.617 2 9.163 5.508v10.455l-6.9 3.991V11.5L4.706 6zm-.703 11.216v8.159L4 17.215z'/></svg>",
-  "payload_light": "<svg viewBox='0 0 24 24'><path fill='#455A64' d='m11.617 2 9.163 5.508v10.455l-6.9 3.991V11.5L4.706 6zm-.703 11.216v8.159L4 17.215z'/></svg>",
+  "payload": "<svg viewBox='0 0 24 24'><path fill='#cfd8dc' d='m11.617 2 9.163 5.508v10.455l-6.9 3.991V11.5L4.706 6zm-.703 11.216v8.159L4 17.215z'/></svg>",
+  "payload_light": "<svg viewBox='0 0 24 24'><path fill='#455a64' d='m11.617 2 9.163 5.508v10.455l-6.9 3.991V11.5L4.706 6zm-.703 11.216v8.159L4 17.215z'/></svg>",
   "pdf": "<svg viewBox='0 0 24 24'><path fill='#ef5350' d='M13 9h5.5L13 3.5zM6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2m4.93 10.44c.41.9.93 1.64 1.53 2.15l.41.32c-.87.16-2.07.44-3.34.93l-.11.04.5-1.04c.45-.87.78-1.66 1.01-2.4m6.48 3.81c.18-.18.27-.41.28-.66.03-.2-.02-.39-.12-.55-.29-.47-1.04-.69-2.28-.69l-1.29.07-.87-.58c-.63-.52-1.2-1.43-1.6-2.56l.04-.14c.33-1.33.64-2.94-.02-3.6a.85.85 0 0 0-.61-.24h-.24c-.37 0-.7.39-.79.77-.37 1.33-.15 2.06.22 3.27v.01c-.25.88-.57 1.9-1.08 2.93l-.96 1.8-.89.49c-1.2.75-1.77 1.59-1.88 2.12-.04.19-.02.36.05.54l.03.05.48.31.44.11c.81 0 1.73-.95 2.97-3.07l.18-.07c1.03-.33 2.31-.56 4.03-.75 1.03.51 2.24.74 3 .74.44 0 .74-.11.91-.3m-.41-.71.09.11c-.01.1-.04.11-.09.13h-.04l-.19.02c-.46 0-1.17-.19-1.9-.51.09-.1.13-.1.23-.1 1.4 0 1.8.25 1.9.35M7.83 17c-.65 1.19-1.24 1.85-1.69 2 .05-.38.5-1.04 1.21-1.69zm3.02-6.91c-.23-.9-.24-1.63-.07-2.05l.07-.12.15.05c.17.24.19.56.09 1.1l-.03.16-.16.82z'/></svg>",
   "pdm": "<svg viewBox='0 0 24 24'><path fill='#9575cd' d='m16.145 6.113 2.757 1.59a.54.54 0 0 1 .27.469v7.656a.54.54 0 0 1-.27.469l-1.675.965-.239-.137-.843-.488ZM5.973 13.25l9.101 5.254-2.804 1.621a.53.53 0 0 1-.54 0l-6.632-3.828a.54.54 0 0 1-.27-.469v-1.914l.067-.039Zm2.156-1.242 5.863-3.387v6.774Zm5.863-5.871-9.164 5.289V8.172a.54.54 0 0 1 .27-.469l6.632-3.828a.53.53 0 0 1 .54 0l1.722.996Zm-3.34-4.125a2.68 2.68 0 0 1 2.696 0L19.98 5.84a2.69 2.69 0 0 1 1.344 2.332v7.656c0 .961-.512 1.852-1.344 2.332l-6.632 3.828a2.68 2.68 0 0 1-2.696 0L4.02 18.16a2.69 2.69 0 0 1-1.344-2.332V8.172c0-.965.511-1.852 1.344-2.332Zm0 0'/></svg>",
   "percy": "<svg viewBox='0 0 24 24'><path fill='#ba68c8' d='M22.847 7.51a.74.74 0 0 0-.706-.527.8.8 0 0 0-.288.051 3.2 3.2 0 0 1-1.064.21c-.914-.672-3.131-2.293-4.448-3.204 0 0 .178.531.418 1.521 0 0-2.086-1.193-3.473-2.106 0 0 .506 1.05.543 1.388 0 0-1.663-.309-4.092-.864 0 0 1.796 1.017 2.232 1.62 0 0-2.18-.182-4.747-.369 0 0 1.291.664 1.918 1.193 0 0-2.336.294-4.112.348 0 0 1.298 1.025 1.82 1.519 0 0-2.23.814-4.904 2.266 0 0 1.394.09 2.394.42 0 0-1.232 1.022-3.441 3.376 0 0 1.392-.026 2.517-.155 0 0-.902 1.31-2.038 3.672 0 0 .758-.449 1.487-.604 0 0 .03 2.674 1.533 3.128l.002-.002a.7.7 0 0 0 .205.034 1 1 0 0 0 .23-.029c.481-.124.852-.575 1.282-1.098.142-.173.288-.35.443-.523.171-.226.394-.461.66-.666.549-.423 1.305-.734 2.218-.575.99.12 1.589 1.093 2.072 1.878.37.6.662 1.074 1.08 1.126q.046.006.088.006c.641.011.88-.71 1.181-1.621l.062-.186.009.018c.224-.74.649-1.535 1.164-2.25.698-.968 1.59-1.828 2.438-2.22l.003.005c.46-.248.945-.481 1.422-.711h.001c1.483-.715 2.884-1.39 3.599-2.438.358-.524.542-1.171.548-1.924a6 6 0 0 0-.256-1.706zm-6.19 7.882c-.428.378-.848.85-1.218 1.364-.61.846-1.064 1.776-1.208 2.552.403.668.77 1 1.117 1.011h.011q.481.008.637-.606c.077-.305.1-.725.127-1.211.048-.886.11-2.027.534-3.11m-9.87 3.82-.005-.013a3.1 3.1 0 0 1 .697-.751c.442-.34 1.022-.588 1.716-.516a18 18 0 0 1-.274.647c-.342.763-.748 1.55-1.173 1.607l-.076.005c-.331-.006-.621-.326-.885-.98zm8.512-12.44-1.831-1.18L16.5 6.697zm-5.1.437 2.919.776 1.286-.389zm5.203 1.512.634-.448-2.43.352zm-4.15-.071-1.015.633-2.775-.304zm3.103 1.678 1.027-.533-3.79.33zm-2.813.564-.73 1.116-3.563.779zm-4.447.618-2.768 1.124 3.414-2.283zm-1.527 1.378-.13 1.17-1.611 1.887z' clip-rule='evenodd'/></svg>",
   "perl": "<svg viewBox='0 0 24 24'><path fill='#ba68c8' d='M11.057 2.981c.537.735.028 1.653.141 2.472a3.42 3.42 0 0 1-1.03 2.415c-1.414 1.625-3.165 3.038-4.097 5.03a5.28 5.28 0 0 0 1.412 5.847c.706.735 1.54 1.342 2.472 1.738.17.805-1.088.184-1.455 0A6.7 6.7 0 0 1 4.361 16.4a5.44 5.44 0 0 1 .904-5.368c1.272-1.61 3.136-2.543 4.662-3.857.565-.55 1.003-1.3.932-2.119.156-.678-.254-1.469.212-2.09zm-.07 18.929c-.17.198-.467.325-.495.24-.042-.085.212-.127.381-.325.17-.183.127-.522.24-.522.1 0 .043.395-.14.607zm2.16 0c.17.198.453.31.495.24.028-.085-.212-.141-.395-.339-.156-.184-.113-.523-.24-.523-.085 0-.029.41.14.608zm-1.03.48c-.1 0-.071-.296-.071-.65 0-.367-.028-.663.07-.663.085 0 .057.296.057.663 0 .354.014.65-.057.65m-.495-20.765c.34.24.254 2.077.254 3.136 0 1.653.184 3.376-.805 4.916-.96 1.497-2.048 3.108-1.95 4.972.1 1.837.99 3.504 2.148 5.043.664.876-.353.509-.876.085a7.2 7.2 0 0 1-2.755-5.664c.142-1.907 1.597-3.348 2.628-4.803.805-1.13 1.186-1.879 1.215-3.645.028-1.412-.142-3.531.042-3.983.014-.043.07-.1.099-.057m.537 2.232c-.085 0-.043.396.028.72.424 2.26-.198 4.52-.749 6.682a12.77 12.77 0 0 0 .283 7.826c.607 1.568 1.71.791 2.161 1.568.34.593 1.272.198 1.978-.141 2.232-1.102 4.012-3.108 4.11-5.566.029-.494 0-.989-.07-1.497-.283-1.837-1.78-3.065-3.15-4.083-1.215-.89-2.74-1.483-3.659-2.613-.523-.65-.297-1.638-.381-2.458-.043-.452-.255-.042-.382-.268-.084-.127-.14-.17-.17-.17zm.72 3.616c.057 0 .17.071.325.226a20 20 0 0 0 2.161 1.921c1.272.961 2.43 2.091 2.967 3.504.339.875.339 1.836.226 2.74-.184 1.384-1.187 2.444-2.119 3.404-.339.354-1.06.791-1.074.678-.084-.367.763-1.172 1.159-1.695A5.93 5.93 0 0 0 16 10.962c-1.102-1.214-2.317-1.907-2.995-3.08-.14-.253-.183-.409-.113-.409z'/></svg>",
   "php-cs-fixer": "<svg viewBox='0 0 24 24'><path fill='#ff7043' d='M22 2c-2.023.139-16.234 1.492-17.227 11.234a43 43 0 0 0-.234 3.135l4.313-4.308a1.5 1.5 0 0 1-.952.339 1.5 1.5 0 0 1-1.5-1.5 1.5 1.5 0 0 1 1.5-1.5 1.5 1.5 0 0 1 1.5 1.5 1.5 1.5 0 0 1-.349.963l2.476-2.474a.625.625 0 1 1 .885.884l-2.525 2.522A1.5 1.5 0 0 1 10.9 12.4a1.5 1.5 0 0 1 1.5 1.5 1.5 1.5 0 0 1-1.5 1.5 1.5 1.5 0 0 1-1.5-1.5 1.5 1.5 0 0 1 .379-.998L2.275 20.4a.937.937 0 1 0 1.327 1.325l2.232-2.229a44 44 0 0 0 4.92-.287c2.089-.213 3.791-1.033 5.18-2.207h-3.946l5.735-1.91a15.5 15.5 0 0 0 1.189-1.84h-3.17l4.162-2.078C21.543 7.191 21.929 3.025 22 2'/></svg>",
-  "php": "<svg viewBox='0 0 24 24'><path fill='#1E88E5' d='M12 18.08c-6.63 0-12-2.72-12-6.08s5.37-6.08 12-6.08S24 8.64 24 12s-5.37 6.08-12 6.08m-5.19-7.95c.54 0 .91.1 1.09.31.18.2.22.56.13 1.03-.1.53-.29.87-.58 1.09q-.42.33-1.29.33h-.87l.53-2.76zm-3.5 5.55h1.44l.34-1.75h1.23c.54 0 .98-.06 1.33-.17.35-.12.67-.31.96-.58.24-.22.43-.46.58-.73.15-.26.26-.56.31-.88.16-.78.05-1.39-.33-1.82-.39-.44-.99-.65-1.82-.65H4.59zm7.25-8.33-1.28 6.58h1.42l.74-3.77h1.14c.36 0 .6.06.71.18s.13.34.07.66l-.57 2.93h1.45l.59-3.07c.13-.62.03-1.07-.27-1.36-.3-.27-.85-.4-1.65-.4h-1.27L12 7.35zM18 10.13c.55 0 .91.1 1.09.31.18.2.22.56.13 1.03-.1.53-.29.87-.57 1.09-.29.22-.72.33-1.3.33h-.85l.5-2.76zm-3.5 5.55h1.44l.34-1.75h1.22c.55 0 1-.06 1.35-.17.35-.12.65-.31.95-.58.24-.22.44-.46.58-.73.15-.26.26-.56.32-.88.15-.78.04-1.39-.34-1.82-.36-.44-.99-.65-1.82-.65h-2.75z'/></svg>",
+  "php": "<svg viewBox='0 0 24 24'><path fill='#1e88e5' d='M12 18.08c-6.63 0-12-2.72-12-6.08s5.37-6.08 12-6.08S24 8.64 24 12s-5.37 6.08-12 6.08m-5.19-7.95c.54 0 .91.1 1.09.31.18.2.22.56.13 1.03-.1.53-.29.87-.58 1.09q-.42.33-1.29.33h-.87l.53-2.76zm-3.5 5.55h1.44l.34-1.75h1.23c.54 0 .98-.06 1.33-.17.35-.12.67-.31.96-.58.24-.22.43-.46.58-.73.15-.26.26-.56.31-.88.16-.78.05-1.39-.33-1.82-.39-.44-.99-.65-1.82-.65H4.59zm7.25-8.33-1.28 6.58h1.42l.74-3.77h1.14c.36 0 .6.06.71.18s.13.34.07.66l-.57 2.93h1.45l.59-3.07c.13-.62.03-1.07-.27-1.36-.3-.27-.85-.4-1.65-.4h-1.27L12 7.35zM18 10.13c.55 0 .91.1 1.09.31.18.2.22.56.13 1.03-.1.53-.29.87-.57 1.09-.29.22-.72.33-1.3.33h-.85l.5-2.76zm-3.5 5.55h1.44l.34-1.75h1.22c.55 0 1-.06 1.35-.17.35-.12.65-.31.95-.58.24-.22.44-.46.58-.73.15-.26.26-.56.32-.88.15-.78.04-1.39-.34-1.82-.36-.44-.99-.65-1.82-.65h-2.75z'/></svg>",
   "php_elephant": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M28 10a4 4 0 0 0-4-4h-6v6a6 6 0 0 1-6 6h-2v2h2v6h4v-6h8v6h4V16h2v-4a2 2 0 0 0-2-2'/><path fill='#0288d1' d='M12 4H8v2a6 6 0 0 0-6 6v6a2 2 0 0 0 2 2v2H2.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2-2v-8h4a4 4 0 0 0 4-4V8a4 4 0 0 0-4-4M6 14H4v-2h2Z'/></svg>",
   "php_elephant_pink": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='M28 10a4 4 0 0 0-4-4h-6v6a6 6 0 0 1-6 6h-2v2h2v6h4v-6h8v6h4V16h2v-4a2 2 0 0 0-2-2'/><path fill='#ec407a' d='M12 4H8v2a6 6 0 0 0-6 6v6a2 2 0 0 0 2 2v2H2.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2-2v-8h4a4 4 0 0 0 4-4V8a4 4 0 0 0-4-4M6 14H4v-2h2Z'/></svg>",
-  "phpstan": "<svg viewBox='0 0 32 32'><path fill='#263238' d='M6.405 24.174 5.77 25.68c-.135.532.019 1.045.547 1.269.597.255 1.146-.02 1.316-.348l.218-.52z'/><path fill='#5C6BC0' d='M16.08 4.6s2.434-.1 4.47 1.499a.41.41 0 0 0 .536 0 .384.384 0 0 0 .029-.538c-.102-.124-.55-.574-.904-.593 0 0 .703-.962 2.531-.962 2.323 0 7.258 3.375 7.258 9.696 0 6.074-3.977 7.383-5.058 7.383-1.645 0-3.35-1.697-3.35-2.782a4.9 4.9 0 0 0 1.542-1.4 4.9 4.9 0 0 0 .82-1.92s.088-2.59 0-4.786a.46.46 0 0 0-.399-.374.41.41 0 0 0-.42.408c0 .245.108 1.763.027 4.486-.044 1.466-1.432 2.612-2.085 2.87q.319-.897.528-1.827c.05-.238 0-.405-.16-.472a.35.35 0 0 0-.477.203c-.106.215-3.885 12.498-9.11 12.498-4.416 0-6.961-6.3-6.961-7.745s.921-2.127 1.734-2.127 1.922.817 2.057 1.077-.582.883-.582.883l-.625-.505a.385.385 0 0 0-.489.015.363.363 0 0 0-.01.51c.16.16 4.933 4.006 4.933 4.006a.445.445 0 0 0 .568.037.376.376 0 0 0 .017-.529l-1.344-1.083 1.431-4.03s-2.197-.982-3.632.102c0 0-.757-1.261-2.26-1.261a2.5 2.5 0 0 0-1.738.665 2.54 2.54 0 0 0-.808 1.687S2 17.6 2 13.735C2 9.358 5.467 4 9.487 4a3.92 3.92 0 0 1 2.488.89l-.888.674a.407.407 0 0 0-.03.557.38.38 0 0 0 .508.052c.14-.103 1.571-1.574 4.515-1.574'/><path fill='#263238' d='m9.853 21.495 1.273-2.884q.765.143 1.543.16c1.97 0 5.76-1.602 5.76-5.94 0-4.337-3.687-6.043-5.95-6.043-3.059 0-6.045 2.304-6.045 5.85 0 3.694 2.695 5.14 2.695 5.14l-1.023 2.309zm9.907-8.49a.32.32 0 0 1-.269-.15.32.32 0 0 1-.018-.309c.018-.035.414-.849 1.244-.849s1.225.77 1.241.801a.33.33 0 0 1-.035.36.318.318 0 0 1-.531-.068c-.01-.018-.242-.452-.675-.452s-.666.48-.67.48a.32.32 0 0 1-.286.187'/><path fill='#D7CCC8' d='M12.425 16.696c2.117 0 3.833-1.728 3.833-3.86s-1.716-3.86-3.833-3.86-3.832 1.729-3.832 3.86c0 2.132 1.716 3.86 3.832 3.86'/><path fill='#263238' d='M12.425 14.828a1.985 1.985 0 0 0 1.978-1.992c0-1.1-.886-1.991-1.978-1.991a1.985 1.985 0 0 0-1.977 1.991c0 1.1.885 1.992 1.977 1.992'/></svg>",
+  "phpstan": "<svg viewBox='0 0 32 32'><path fill='#263238' d='M6.405 24.174 5.77 25.68c-.135.532.019 1.045.547 1.269.597.255 1.146-.02 1.316-.348l.218-.52z'/><path fill='#5c6bc0' d='M16.08 4.6s2.434-.1 4.47 1.499a.41.41 0 0 0 .536 0 .384.384 0 0 0 .029-.538c-.102-.124-.55-.574-.904-.593 0 0 .703-.962 2.531-.962 2.323 0 7.258 3.375 7.258 9.696 0 6.074-3.977 7.383-5.058 7.383-1.645 0-3.35-1.697-3.35-2.782a4.9 4.9 0 0 0 1.542-1.4 4.9 4.9 0 0 0 .82-1.92s.088-2.59 0-4.786a.46.46 0 0 0-.399-.374.41.41 0 0 0-.42.408c0 .245.108 1.763.027 4.486-.044 1.466-1.432 2.612-2.085 2.87q.319-.897.528-1.827c.05-.238 0-.405-.16-.472a.35.35 0 0 0-.477.203c-.106.215-3.885 12.498-9.11 12.498-4.416 0-6.961-6.3-6.961-7.745s.921-2.127 1.734-2.127 1.922.817 2.057 1.077-.582.883-.582.883l-.625-.505a.385.385 0 0 0-.489.015.363.363 0 0 0-.01.51c.16.16 4.933 4.006 4.933 4.006a.445.445 0 0 0 .568.037.376.376 0 0 0 .017-.529l-1.344-1.083 1.431-4.03s-2.197-.982-3.632.102c0 0-.757-1.261-2.26-1.261a2.5 2.5 0 0 0-1.738.665 2.54 2.54 0 0 0-.808 1.687S2 17.6 2 13.735C2 9.358 5.467 4 9.487 4a3.92 3.92 0 0 1 2.488.89l-.888.674a.407.407 0 0 0-.03.557.38.38 0 0 0 .508.052c.14-.103 1.571-1.574 4.515-1.574'/><path fill='#263238' d='m9.853 21.495 1.273-2.884q.765.143 1.543.16c1.97 0 5.76-1.602 5.76-5.94 0-4.337-3.687-6.043-5.95-6.043-3.059 0-6.045 2.304-6.045 5.85 0 3.694 2.695 5.14 2.695 5.14l-1.023 2.309zm9.907-8.49a.32.32 0 0 1-.269-.15.32.32 0 0 1-.018-.309c.018-.035.414-.849 1.244-.849s1.225.77 1.241.801a.33.33 0 0 1-.035.36.318.318 0 0 1-.531-.068c-.01-.018-.242-.452-.675-.452s-.666.48-.67.48a.32.32 0 0 1-.286.187'/><path fill='#d7ccc8' d='M12.425 16.696c2.117 0 3.833-1.728 3.833-3.86s-1.716-3.86-3.833-3.86-3.832 1.729-3.832 3.86c0 2.132 1.716 3.86 3.832 3.86'/><path fill='#263238' d='M12.425 14.828a1.985 1.985 0 0 0 1.978-1.992c0-1.1-.886-1.991-1.978-1.991a1.985 1.985 0 0 0-1.977 1.991c0 1.1.885 1.992 1.977 1.992'/></svg>",
   "phpunit": "<svg viewBox='0 0 24 24'><path fill='#5c6bc0' d='M21.46 10.086c-.224.59-1.012.848-1.541.269-1.668-1.925-4.936-1.945-5.845.963-.694 2.092 1.035 4.28 4.093 4.003.671-.053 1.145.548.934 1.21l-1.521 4.157c-.386 1.023-1.376 1.574-2.547 1.191L3.384 17.631c-1.049-.37-1.624-1.513-1.28-2.54L6.419 3.298c.465-1.052 1.268-1.528 2.547-1.191l11.649 4.246c1.051.373 1.625 1.515 1.281 2.541zm-2.223 2.074c0-1.571-1.713-2.559-3.075-1.773s-1.363 2.76 0 3.546 3.075-.202 3.075-1.773'/></svg>",
   "pinejs": "<svg viewBox='0 0 24 24'><path fill='#66bb6a' d='M12.038 3.115c-.134.002-.271.083-.426.24-.467.478-6.764 9.388-6.764 9.572 0 .264.458.677.75.677.154 0 .724-.24 1.268-.535.712-.386 1.012-.635 1.075-.892.254-1.04.873-1.57 1.827-1.57.73 0 1.494.723 1.6 1.517.073.542.174.66 1.259 1.463.649.48 1.244.874 1.323.874.08 0 .328-.096.553-.214.545-.284.886-.27 1.482.063.273.152.556.28.627.285.22.014 2.389-1.307 2.463-1.5.038-.1 0-.311-.083-.47-.119-.22-5.243-7.495-6.42-9.114-.195-.267-.362-.397-.534-.396'/><path fill='#388e3c' d='m8.392 13.584-3.472 1.97-1.534 2.13c-1.614 2.241-1.82 2.643-1.534 2.988.153.184 1.488.212 10.068.212 5.44 0 9.994-.039 10.118-.086.124-.048.226-.23.226-.407 0-.341-3.33-5.189-3.648-5.31-.383-.148-1.491.674-1.841 1.364-.392.773-.883 1.085-1.674 1.064-.698-.018-1.306-.55-1.574-1.378-.154-.478-.397-.725-1.457-1.485-.862-.618-1.345-.88-1.499-.811-.502.223-1.274.217-1.72-.014z'/></svg>",
   "pipeline": "<svg viewBox='0 0 32 32'><path fill='#f57f17' d='M20 24h-8.1a5 5 0 0 0-.732-1.754l11.078-11.078A4.997 4.997 0 1 0 20.1 6h-8.202a5 5 0 1 0 0 2H20.1a5 5 0 0 0 .73 1.754L9.755 20.832A4.997 4.997 0 1 0 11.9 26H20v4h10V20H20ZM7 10a3 3 0 1 1 3-3 3.003 3.003 0 0 1-3 3m18-6a3 3 0 1 1-3 3 3.003 3.003 0 0 1 3-3M7 28a3 3 0 1 1 3-3 3.003 3.003 0 0 1-3 3m15-6h6v6h-6Z'/></svg>",
@@ -858,30 +903,31 @@
   "poetry": "<svg viewBox='0 0 32 32'><path fill='#3f51b5' d='M20.137 17.834A18.52 18.52 0 0 1 6 24l5 6a25.1 25.1 0 0 0 13-8Z'/><path fill='#1976d2' d='M6 2v22a18.52 18.52 0 0 0 14.137-6.166Z'/><path fill='#29b6f6' d='m6 2 14.137 15.834A23.7 23.7 0 0 0 26 2Z'/></svg>",
   "postcss": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M20 12v8h-8v-8zm2-2H10v12h12z'/><path fill='#e53935' d='M16 5.488 26.159 20H5.84zM16 2 2 22h28z'/><path fill='#e53935' d='M16 13a3 3 0 1 1-3 3 3.003 3.003 0 0 1 3-3m0-2a5 5 0 1 0 5 5 5 5 0 0 0-5-5'/><path fill='#e53935' d='M16 4A12 12 0 1 1 4 16 12.014 12.014 0 0 1 16 4m0-2a14 14 0 1 0 14 14A14 14 0 0 0 16 2'/></svg>",
   "posthtml": "<svg viewBox='0 0 24 24'><g fill='#f57f17'><path d='M6.176 16.747c1.271 0 2.471-.494 3.327-1.35l6.203-5.506a2.97 2.97 0 0 1 2.118-.873c1.65 0 3 1.332 3 2.982s-1.35 2.982-3 2.982a3 3 0 0 1-2.153-.908l-.997-.883-1.35 1.183 1.129.979c.9.9 2.1 1.394 3.37 1.394 2.63 0 4.765-2.135 4.765-4.747s-2.135-4.747-4.764-4.747c-1.271 0-2.471.494-3.327 1.35l-6.203 5.506a2.97 2.97 0 0 1-2.117.873c-1.65 0-3-1.332-3-2.982s1.35-2.982 3-2.982c.794 0 1.552.308 2.152.908l1.024.892 1.323-1.183-1.129-.988a4.75 4.75 0 0 0-3.37-1.385c-2.63 0-4.765 2.126-4.765 4.738a4.74 4.74 0 0 0 4.764 4.747' style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-east-asian:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;font-variation-settings:normal;inline-size:0;isolation:auto;mix-blend-mode:normal;shape-margin:0;shape-padding:0;solid-color:#000;text-decoration-color:#000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/><path d='M17.824 6.963c-1.345 0-2.619.52-3.531 1.432l-.002.001-6.197 5.5-.006.006a2.67 2.67 0 0 1-1.912.79c-1.494 0-2.71-1.2-2.71-2.692s1.216-2.691 2.71-2.691c.718 0 1.398.275 1.947.824l.008.006 1.224 1.066 1.76-1.572-1.363-1.194H9.75a5.05 5.05 0 0 0-3.574-1.468C3.389 6.97 1.12 9.229 1.12 12c0 2.803 2.27 5.037 5.055 5.037 1.345 0 2.618-.52 3.53-1.432l6.2-5.502.006-.006a2.67 2.67 0 0 1 1.912-.789c1.493 0 2.709 1.2 2.709 2.692s-1.216 2.691-2.709 2.691c-.728 0-1.398-.274-1.947-.824l-.008-.006-1.195-1.058-1.793 1.572 1.367 1.183a5.03 5.03 0 0 0 3.576 1.479c2.787 0 5.055-2.267 5.055-5.037s-2.268-5.037-5.055-5.037zm0 .58c2.472 0 4.473 2.004 4.473 4.457s-2.001 4.457-4.473 4.457a4.45 4.45 0 0 1-3.166-1.31l-.006-.006-.887-.768.907-.795.793.701.002.002a3.3 3.3 0 0 0 2.357.992c1.807 0 3.291-1.464 3.291-3.273s-1.484-3.273-3.291-3.273c-.877 0-1.704.34-2.322.957l-.002.002-6.198 5.5-.005.006c-.8.799-1.926 1.265-3.122 1.265A4.444 4.444 0 0 1 1.703 12c0-2.453 2-4.447 4.472-4.447 1.205 0 2.32.462 3.166 1.3l.008.006.887.778-.887.793-.814-.71a3.32 3.32 0 0 0-2.36-.993c-1.806 0-3.29 1.464-3.29 3.273s1.484 3.273 3.29 3.273a3.27 3.27 0 0 0 2.323-.957l6.199-5.502.006-.005c.8-.8 1.926-1.266 3.12-1.266z' style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-east-asian:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;font-variation-settings:normal;inline-size:0;isolation:auto;mix-blend-mode:normal;shape-margin:0;shape-padding:0;solid-color:#000;text-decoration-color:#000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/></g></svg>",
-  "powerpoint": "<svg viewBox='0 0 24 24'><path fill='#E64A19' d='M6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2m7 1.5V9h5.5zM8 11v2h1v6H8v1h4v-1h-1v-2h2a3 3 0 0 0 3-3 3 3 0 0 0-3-3zm5 2a1 1 0 0 1 1 1 1 1 0 0 1-1 1h-2v-2z'/></svg>",
+  "powerpoint": "<svg viewBox='0 0 24 24'><path fill='#e64a19' d='M6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2m7 1.5V9h5.5zM8 11v2h1v6H8v1h4v-1h-1v-2h2a3 3 0 0 0 3-3 3 3 0 0 0-3-3zm5 2a1 1 0 0 1 1 1 1 1 0 0 1-1 1h-2v-2z'/></svg>",
   "powershell": "<svg viewBox='0 0 32 32'><path fill='#03a9f4' d='M29.07 6H7.677A1.535 1.535 0 0 0 6.24 7.113l-4.2 17.774A.852.852 0 0 0 2.93 26h21.393a1.535 1.535 0 0 0 1.436-1.113L29.96 7.112A.852.852 0 0 0 29.07 6M8.626 23.797a1.4 1.4 0 0 1-1.814-.31l-.007-.009a1.075 1.075 0 0 1 .315-1.599l9.6-6.061-6.102-5.852-.01-.01a1.068 1.068 0 0 1 .084-1.625l.037-.03a1.38 1.38 0 0 1 1.8.07l7.233 6.957a1.1 1.1 0 0 1 .236.739 1.08 1.08 0 0 1-.412.79c-.074.04-.146.119-10.951 6.935ZM24 22.94A1.135 1.135 0 0 1 22.803 24h-5.634a1.061 1.061 0 1 1 .001-2.112h5.633A1.134 1.134 0 0 1 24 22.938Z'/></svg>",
-  "pre-commit": "<svg viewBox='0 0 2000 2000'><defs><clipPath id='a' clipPathUnits='userSpaceOnUse'><path d='M0 1500h1500V0H0z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.33333 0 0 -1.33333 0 2000)'><path fill='#FFB74D' d='M665.147 130.852 130.853 665.147c-46.863 46.862-46.863 122.842 0 169.705l534.294 534.295c46.863 46.864 122.843 46.864 169.706 0l534.294-534.294c46.863-46.863 46.863-122.843 0-169.706L834.853 130.852c-46.863-46.862-122.843-46.862-169.706 0'/><path fill='none' stroke='#212121' stroke-miterlimit='10' stroke-width='34' d='M687.774 233.226 233.225 687.775c-34.366 34.366-34.366 90.085 0 124.45l454.55 454.55c34.365 34.366 90.084 34.366 124.45 0l454.55-454.55c34.365-34.365 34.365-90.084 0-124.45l-454.55-454.55c-34.366-34.365-90.085-34.365-124.45 0z'/><path fill='#212121' d='M784.672 763.286c12.096 0 23.74.893 34.943 2.688 11.194 1.785 21.053 5.26 29.569 10.416 8.504 5.145 15.34 12.432 20.496 21.84 5.144 9.408 7.726 21.724 7.726 36.96 0 15.225-2.582 27.552-7.726 36.96-5.156 9.408-11.992 16.684-20.496 21.84-8.516 5.145-18.375 8.62-29.57 10.416-11.202 1.785-22.846 2.688-34.942 2.688h-81.985V763.286zm28.895 225.792q45.013 0 76.609-13.104c21.05-8.736 38.187-20.275 51.406-34.608 13.209-14.343 22.85-30.692 28.897-49.056 6.048-18.375 9.072-37.412 9.072-57.12 0-19.268-3.024-38.2-9.072-56.784-6.047-18.596-15.688-35.06-28.897-49.392-13.22-14.343-30.355-25.872-51.406-34.608q-31.596-13.104-76.61-13.104h-110.88V509.27H597.184v479.808z'/></g></svg>",
-  "prettier": "<svg viewBox='0 0 16 16'><path fill='#F44336' d='M2 8h4v1H2zm0 6h4v1H2zm9-10h3v1h-3zM2 2h3v1H2z'/><path fill='#F9A825' d='M9 2h3v1H9zm1 4h4v1h-4zm-5 6h1v1H5zm-3-2h6v1H2z'/><path fill='#26A69A' d='M2 12h3v1H2zm7-4h5v1H9zM2 4h4v1H2zm3-2h4v1H5z'/><path fill='#BA68C8' d='M2 6h3v1H2zm7-2h2v1H9zm-1 6h4v1H8z'/></svg>",
+  "pre-commit": "<svg viewBox='0 0 2000 2000'><defs><clipPath id='a' clipPathUnits='userSpaceOnUse'><path d='M0 1500h1500V0H0z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.33333 0 0 -1.33333 0 2000)'><path fill='#ffb74d' d='M665.147 130.852 130.853 665.147c-46.863 46.862-46.863 122.842 0 169.705l534.294 534.295c46.863 46.864 122.843 46.864 169.706 0l534.294-534.294c46.863-46.863 46.863-122.843 0-169.706L834.853 130.852c-46.863-46.862-122.843-46.862-169.706 0'/><path fill='none' stroke='#212121' stroke-miterlimit='10' stroke-width='34' d='M687.774 233.226 233.225 687.775c-34.366 34.366-34.366 90.085 0 124.45l454.55 454.55c34.365 34.366 90.084 34.366 124.45 0l454.55-454.55c34.365-34.365 34.365-90.084 0-124.45l-454.55-454.55c-34.366-34.365-90.085-34.365-124.45 0z'/><path fill='#212121' d='M784.672 763.286c12.096 0 23.74.893 34.943 2.688 11.194 1.785 21.053 5.26 29.569 10.416 8.504 5.145 15.34 12.432 20.496 21.84 5.144 9.408 7.726 21.724 7.726 36.96 0 15.225-2.582 27.552-7.726 36.96-5.156 9.408-11.992 16.684-20.496 21.84-8.516 5.145-18.375 8.62-29.57 10.416-11.202 1.785-22.846 2.688-34.942 2.688h-81.985V763.286zm28.895 225.792q45.013 0 76.609-13.104c21.05-8.736 38.187-20.275 51.406-34.608 13.209-14.343 22.85-30.692 28.897-49.056 6.048-18.375 9.072-37.412 9.072-57.12 0-19.268-3.024-38.2-9.072-56.784-6.047-18.596-15.688-35.06-28.897-49.392-13.22-14.343-30.355-25.872-51.406-34.608q-31.596-13.104-76.61-13.104h-110.88V509.27H597.184v479.808z'/></g></svg>",
+  "prettier": "<svg viewBox='0 0 16 16'><path fill='#f44336' d='M2 8h4v1H2zm0 6h4v1H2zm9-10h3v1h-3zM2 2h3v1H2z'/><path fill='#f9a825' d='M9 2h3v1H9zm1 4h4v1h-4zm-5 6h1v1H5zm-3-2h6v1H2z'/><path fill='#26a69a' d='M2 12h3v1H2zm7-4h5v1H9zM2 4h4v1H2zm3-2h4v1H5z'/><path fill='#ba68c8' d='M2 6h3v1H2zm7-2h2v1H9zm-1 6h4v1H8z'/></svg>",
   "prisma": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='m27.777 22.617-.459-.946L18.43 3.26a2.25 2.25 0 0 0-1.914-1.256A2 2 0 0 0 16.379 2a2.23 2.23 0 0 0-1.891 1.042L4.348 19.056a2.2 2.2 0 0 0 .025 2.417l4.957 7.488A2.34 2.34 0 0 0 11.29 30a2.4 2.4 0 0 0 .655-.092l14.387-4.149a2.32 2.32 0 0 0 1.458-1.234 2.21 2.21 0 0 0-.013-1.908m-3.538.604-11.268 3.25 4.075-19.033 7.568 15.671-.376.098Z'/></svg>",
   "processing": "<svg fill='none' viewBox='0 0 32 32'><path stroke='#536dfe' stroke-width='8' d='M10 26c16 0 16-20 0-20'/></svg>",
   "prolog": "<svg viewBox='0 0 24 24'><path fill='#ef5350' d='M12 15.385a5.1 5.1 0 0 0 1.862 1.693L12 18.94l-1.862-1.862A5.04 5.04 0 0 0 12 15.385m4.232-4.063a1.693 1.693 0 0 0-1.693 1.693 1.693 1.693 0 0 0 1.693 1.693 1.693 1.693 0 0 0 1.693-1.693c0-.94-.762-1.693-1.693-1.693m-8.464 0a1.693 1.693 0 0 0-1.693 1.693 1.693 1.693 0 0 0 1.693 1.693 1.693 1.693 0 0 0 1.693-1.693c0-.94-.762-1.693-1.693-1.693m8.464-2.116a3.385 3.385 0 0 1 3.385 3.386 3.385 3.385 0 0 1-3.385 3.385 3.385 3.385 0 0 1-3.386-3.385 3.385 3.385 0 0 1 3.386-3.386m-8.464 0a3.385 3.385 0 0 1 3.386 3.386 3.385 3.385 0 0 1-3.386 3.385 3.385 3.385 0 0 1-3.385-3.385 3.385 3.385 0 0 1 3.385-3.386M3.74 2.69c1.49 3.132.415 5.468-.584 7.787a5.1 5.1 0 0 0-.465 2.116 5.08 5.08 0 0 0 5.078 5.078 6 6 0 0 0 .533-.042l2.506 2.505L12 21.31l1.194-1.177 2.505-2.505c.178.025.355.034.533.042a5.08 5.08 0 0 0 5.078-5.078 5.1 5.1 0 0 0-.465-2.116c-.999-2.319-2.074-4.655-.584-7.787-2.235 1.744-5.417 3.123-8.26 3.132-2.845-.008-6.027-1.388-8.261-3.132z'/></svg>",
   "proto": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='M16 27 2 19v-5l14 8z'/><path fill='#ffeb3b' d='m30 14-14 8v5l14-8z'/><path fill='#ff5722' d='M16 6 2 14v5l14-8z'/><path fill='#00e676' d='m30 19-14-8V6l14 8z'/><path fill='#03a9f4' d='M16 27 2 19v-5l14 8z'/></svg>",
-  "protractor": "<svg viewBox='0 0 80 80'><defs><clipPath id='a'><path fill='#424242' d='M-2.983 69.251h69.412V2.143H-2.983z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.1304 0 0 -1.1304 5.714 82.137)'><g stroke-width='.1'><path fill='#e53935' d='M61.216 37.276C61.216 20.217 47.39 6.39 30.33 6.39S-.554 20.218-.554 37.276 13.27 68.161 30.33 68.161c17.059 0 30.885-13.827 30.885-30.885'/><path fill='#D32F2F' d='m46.274 52.172-10.504.096-6.142 6.142-7.21-4.789 1.245-1.243-2.92.026-9.913-16.682H6.94l2.44-2.44-2.458-4.137L29.67 6.398q.33-.007.66-.008c17.042 0 30.858 13.806 30.885 30.841L46.273 52.173'/><path fill='#f5f5f5' d='M15.114 35.02c0 8.404 6.813 15.214 15.217 15.214s15.214-6.81 15.214-15.215zm34.206-.702v1.404h4.401a23.3 23.3 0 0 1-6.353 15.342l-3.289-3.29-.992.995 3.287 3.289a23.3 23.3 0 0 1-15.34 6.352l-.002-4.4h-1.404v4.4a23.3 23.3 0 0 1-15.34-6.352l3.288-3.29-.995-.991-3.288 3.287A23.32 23.32 0 0 1 6.94 35.722h4.4V34.32H6.921v-5.151H53.74v5.15h-4.42'/></g></g></svg>",
-  "pug": "<svg viewBox='0 0 128 128'><g transform='translate(-.25 -1.71)'><path fill='#FFE0B2' d='M107.4 50.9c-.2-4.4.4-8.3-1.6-11.6-4.8-8.2-16.8-13-40.8-13v.7h-.5.5v-.7c-24 0-36.6 4.8-41.4 13.1-1.9 3.4-1.7 7.2-2 11.6-.2 3.5-1.8 7.2-1.1 11.2.8 5.2 1.1 10.4 1.9 15.2.6 3.9 6 7.2 6.5 10.9 1.4 10.2 12 14.9 36 14.9v.8h-.6.7v-.8c24 0 34.2-4.7 35.5-14.9.5-3.8 5.5-7 6.1-10.9.8-4.8 1.1-10 1.9-15.2.7-4-.9-7.8-1.1-11.3'/><path fill='#FFE0B2' d='M64.6 54.5c4.3.1 7.3 2.8 10.1 5.3 3.3 2.9 8.9 4.9 11.2 7.4s5.3 5 6.4 8.9 1.4 8.9 1.4 10.2.7 1 2.7 0c4.7-2.3 9.9-8.5 9.9-8.5-.6 3.9-5.7 7.4-6.2 11.1C98.9 99.1 89 104 64.5 104h-.1.6'/><path fill='#FFE0B2' d='M80.4 46.7c.9 3.1 4.1 13.6-2.1 10.1 0 0 2.6 1.5 4.2 7.2 1.7 5.7 5.8 6.4 5.8 6.4s6.7 1.3 11.7-3c4.2-3.6 4.9-10 3.1-14.9-1.8-4.8-5-6.3-9.7-7.3-4.7-1.1-14.1-2-13 1.5'/><circle cx='92.3' cy='58.1' r='8.8'/><circle cx='90' cy='54.2' r='2.3' fill='#FAFAFA'/><path fill='#FFE0B2' d='M78.9 57.7s7.9 5.4 12.2 10.7 4.2 6.3 4.2 6.3l-3.1 1.4s-4.4-8.3-9.8-11.4c-5.5-3.1-6.1-5.7-6.1-5.7zm-14-3.2c-4.3.1-7.5 2.8-10.4 5.3-3.3 2.9-9.1 4.9-11.4 7.4s-5.4 5-6.5 8.9-1.5 8.9-1.5 10.2.2 1.4-2.7 0c-4.7-2.2-9.9-8.5-9.9-8.5.6 3.9 5.7 7.4 6.2 11.1C30.1 99.1 40 104 64.5 104h.5'/><path fill='#4E342E' d='M88.1 71.4C83.3 65.5 75.6 60 64.9 60h-.1c-10.7 0-18.4 5.5-23.2 11.4-5 6.1-4.6 8.5-4.6 14.3 0 21 7.4 15 12.3 17.6 5 2.5 10.2 1.7 15.5 1.7h.1c5.4 0 10.5.7 15.5-1.8 4.9-2.5 12.3 3.7 12.3-17.3.1-5.8.4-8.4-4.6-14.5'/><path fill='#3E2723' d='M64.4 65.2s-.7 9.7-2.1 11.6l2.6-.6z'/><path fill='#3E2723' d='M65.1 65.2s.7 9.7 2.1 11.6l-2.6-.6z'/><path fill='#4E342E' d='M56.7 62.9c-1-2.3 2.6-6 8.3-6.1 5.7 0 9.3 3.7 8.3 6.1S68.7 66 65 66.1c-3.6-.1-7.3-.8-8.3-3.2'/><path d='M65 65.2c0-.4 3.4-.5 5.2-1.7 0 0-3.7 1.2-4.5.7-.8-.4-1-1.6-1-1.6s-.3 1.2-.9 1.6c-.7.4-4.9-.7-4.9-.7s5.6 1.4 5.6 1.7-.1 1.3-.1 2c0 2.5 0 8.7.4 9.2.6.9.4-6.7.4-9.2-.1-.8-.1-1.6-.2-2'/><path fill='#795548' d='M65.2 78.6c1.7 0 4.7 1.2 7.4 3.1-2.6-2.9-5.7-4.9-7.4-4.9-1.8 0-5.6 2.2-8.3 5.4 2.8-2.2 6.4-3.6 8.3-3.6'/><g fill='#3E2723'><path d='M64.5 96.3c-3.8 0-7.5-1.2-10.9-2.1-.7-.2-1.4.3-2.1.1-6.3-2-11.4-5.4-14.5-9.7v1c0 21 7.4 15.1 12.3 17.6 5 2.5 10.2 1.7 15.5 1.7h.1c5.4 0 10.5.7 15.5-1.8 4.9-2.5 12.3 3.6 12.3-17.4 0-.8 0-1.6.1-2.3-2.9 4.7-8.2 8.4-14.8 10.6-.6.2-2-.3-2.6-.2-3.6 1.2-6.8 2.5-10.9 2.5'/><path d='M55 85s-2.5 7.5-.8 10.8l-2.3-1s1.7-7.6 3.1-9.8m19.8 0s2.5 7.5.8 10.8l2.3-1s-1.8-7.6-3.1-9.8'/></g><path fill='#FFE0B2' d='M48.6 46.7c-.9 3.1-4.1 13.6 2.1 10.1 0 0-2.6 1.5-4.2 7.2s-5.8 6.4-5.8 6.4-6.7 1.3-11.7-3c-4.2-3.6-4.9-10-3.1-14.9s5-6.3 9.7-7.3c4.7-1.1 14-2 13 1.5'/><path d='M64.9 76.8c2.7 0 11.1 5.8 11.2 12.9v-.4c0-7.4-6.8-13.3-11.2-13.3s-11.2 6-11.2 13.3v.4c.1-7.1 8.5-12.9 11.2-12.9'/><g fill='#3E2723'><ellipse cx='66.7' cy='61.5' rx='.8' ry='1.5' transform='rotate(-14.465 66.71 61.469)'/><ellipse cx='62.4' cy='61.5' rx='.8' ry='1.5' transform='rotate(17.235 62.372 61.463)'/></g><circle cx='37.2' cy='58.1' r='8.8'/><circle cx='39.5' cy='54.2' r='2.3' fill='#FAFAFA'/><path fill='#795548' d='M67.5 58.2c0-.1-2.3 1-2.9 1.1-.6-.1-2.9-1.2-2.9-1.1z'/><path fill='#FFE0B2' d='M50 57.7s-7.9 5.4-12.2 10.7-4.2 6.3-4.2 6.3l3.1 1.4s4.4-8.3 9.8-11.4 6.1-5.7 6.1-5.7z'/><path fill='#FFE0B2' d='M32.7 41.7S30 49.1 24 52.2c0 0 9.4-1.1 8.7-10.5m63.1 0s2.7 7.4 8.7 10.5c0 0-9.4-1.1-8.7-10.5M78.7 55.5s-5.9-6.2-13.8-6.4h.2c-8 .2-13.8 6.4-13.8 6.4 6.9-4.8 12.8-4.7 13.8-4.7-.1 0 6.7-.1 13.6 4.7m-6.9-13s-3-4.2-7-4.3h.2c-3 .1-6.9 4.3-6.9 4.3 3.4-3.3 6.9-3.2 6.9-3.2s3.3-.1 6.8 3.2M37.2 73.2s-4.7 2.3-8.1.9H29c-3-1.7-4.5-6.8-4.5-6.8s3 9 12.7 5.9m54.8 0s4.7 2.3 8.1.9c4-1.7 4.6-6.8 4.6-6.8s-3 9-12.7 5.9'/><path fill='#FFE0B2' d='M42.6 41.2c2.6-.5 6.9-.6 10.3.5 4.3 1.5.8 7 1.7 7.3s2.1-3.8 10.1-3.4c8.1.4 9 4 10.1 3.4s-1.1-10 11-7.8c0 0-12.7-3.4-12.1 5.8 0 0-7.3-5.6-17.5-.6.1 0 2.7-8.6-13.6-5.2m44.3 0c.2 0 .3.1.4.1s-.1-.1-.4-.1M39.1 28.9S28.3 42.5 26.7 47.7c-1.6 5.3-2.8 27-4.2 30.1l-5-21.4 9.2-22.3zm50.8 0s10.8 13.6 12.4 18.8c1.6 5.3 2.8 27 4.2 30.1l5-21.4-9.2-22.3z'/><path fill='#4E342E' d='M89.4 28.9s11.6 9.7 15 20.9 2 24.8 4.6 26.5c3.7 2.4 7.9-11.9 9.3-13.4 2.2-2.4 9.5-8.5 10-9.6s-14.8-17.8-21.5-21.1c-8.1-3.8-18.1-4.1-17.4-3.3'/><path fill='#3E2723' d='M99.3 34.9s13.7 17.5 13.5 39.3l5.5-11.2c-.1 0-4.9-14.3-19-28.1'/><path fill='#4E342E' d='M39.1 28.9s-11.6 9.7-15 20.9-2 24.8-4.6 26.5c-3.7 2.4-7.9-11.9-9.3-13.4C8 60.5.7 54.4.2 53.3S15 35.5 21.7 32.2c8.1-3.8 18.1-4.1 17.4-3.3'/><path fill='#3E2723' d='M29.2 34.9S15.5 52.4 15.7 74.2L10.3 63s4.8-14.3 18.9-28.1'/><path fill='#FFE0B2' d='M21.8 74.6s1 5.4 2.6 7.1.5-1.3.5-1.3-1.7-.9-1.4-7.8-1.7 2-1.7 2m85.3 0s-1 5.4-2.6 7.1-.5-1.3-.5-1.3 1.7-.9 1.4-7.8 1.7 2 1.7 2'/><g fill='#3E2723'><circle cx='54.5' cy='70.5' r='.8'/><circle cx='49.9' cy='75.3' r='.8'/><circle cx='48.4' cy='70.5' r='.8'/></g><g fill='#3E2723'><circle cx='74' cy='70.5' r='.8'/><circle cx='78.6' cy='75.3' r='.8'/><circle cx='80.1' cy='70.5' r='.8'/></g></g></svg>",
+  "protractor": "<svg viewBox='0 0 80 80'><defs><clipPath id='a'><path fill='#424242' d='M-2.983 69.251h69.412V2.143H-2.983z'/></clipPath></defs><g clip-path='url(#a)' transform='matrix(1.1304 0 0 -1.1304 5.714 82.137)'><g stroke-width='.1'><path fill='#e53935' d='M61.216 37.276C61.216 20.217 47.39 6.39 30.33 6.39S-.554 20.218-.554 37.276 13.27 68.161 30.33 68.161c17.059 0 30.885-13.827 30.885-30.885'/><path fill='#d32f2f' d='m46.274 52.172-10.504.096-6.142 6.142-7.21-4.789 1.245-1.243-2.92.026-9.913-16.682H6.94l2.44-2.44-2.458-4.137L29.67 6.398q.33-.007.66-.008c17.042 0 30.858 13.806 30.885 30.841L46.273 52.173'/><path fill='#f5f5f5' d='M15.114 35.02c0 8.404 6.813 15.214 15.217 15.214s15.214-6.81 15.214-15.215zm34.206-.702v1.404h4.401a23.3 23.3 0 0 1-6.353 15.342l-3.289-3.29-.992.995 3.287 3.289a23.3 23.3 0 0 1-15.34 6.352l-.002-4.4h-1.404v4.4a23.3 23.3 0 0 1-15.34-6.352l3.288-3.29-.995-.991-3.288 3.287A23.32 23.32 0 0 1 6.94 35.722h4.4V34.32H6.921v-5.151H53.74v5.15h-4.42'/></g></g></svg>",
+  "pug": "<svg viewBox='0 0 128 128'><g transform='translate(-.25 -1.71)'><path fill='#ffe0b2' d='M107.4 50.9c-.2-4.4.4-8.3-1.6-11.6-4.8-8.2-16.8-13-40.8-13v.7h-.5.5v-.7c-24 0-36.6 4.8-41.4 13.1-1.9 3.4-1.7 7.2-2 11.6-.2 3.5-1.8 7.2-1.1 11.2.8 5.2 1.1 10.4 1.9 15.2.6 3.9 6 7.2 6.5 10.9 1.4 10.2 12 14.9 36 14.9v.8h-.6.7v-.8c24 0 34.2-4.7 35.5-14.9.5-3.8 5.5-7 6.1-10.9.8-4.8 1.1-10 1.9-15.2.7-4-.9-7.8-1.1-11.3'/><path fill='#ffe0b2' d='M64.6 54.5c4.3.1 7.3 2.8 10.1 5.3 3.3 2.9 8.9 4.9 11.2 7.4s5.3 5 6.4 8.9 1.4 8.9 1.4 10.2.7 1 2.7 0c4.7-2.3 9.9-8.5 9.9-8.5-.6 3.9-5.7 7.4-6.2 11.1C98.9 99.1 89 104 64.5 104h-.1.6'/><path fill='#ffe0b2' d='M80.4 46.7c.9 3.1 4.1 13.6-2.1 10.1 0 0 2.6 1.5 4.2 7.2 1.7 5.7 5.8 6.4 5.8 6.4s6.7 1.3 11.7-3c4.2-3.6 4.9-10 3.1-14.9-1.8-4.8-5-6.3-9.7-7.3-4.7-1.1-14.1-2-13 1.5'/><circle cx='92.3' cy='58.1' r='8.8'/><circle cx='90' cy='54.2' r='2.3' fill='#fafafa'/><path fill='#ffe0b2' d='M78.9 57.7s7.9 5.4 12.2 10.7 4.2 6.3 4.2 6.3l-3.1 1.4s-4.4-8.3-9.8-11.4c-5.5-3.1-6.1-5.7-6.1-5.7zm-14-3.2c-4.3.1-7.5 2.8-10.4 5.3-3.3 2.9-9.1 4.9-11.4 7.4s-5.4 5-6.5 8.9-1.5 8.9-1.5 10.2.2 1.4-2.7 0c-4.7-2.2-9.9-8.5-9.9-8.5.6 3.9 5.7 7.4 6.2 11.1C30.1 99.1 40 104 64.5 104h.5'/><path fill='#4e342e' d='M88.1 71.4C83.3 65.5 75.6 60 64.9 60h-.1c-10.7 0-18.4 5.5-23.2 11.4-5 6.1-4.6 8.5-4.6 14.3 0 21 7.4 15 12.3 17.6 5 2.5 10.2 1.7 15.5 1.7h.1c5.4 0 10.5.7 15.5-1.8 4.9-2.5 12.3 3.7 12.3-17.3.1-5.8.4-8.4-4.6-14.5'/><path fill='#3e2723' d='M64.4 65.2s-.7 9.7-2.1 11.6l2.6-.6z'/><path fill='#3e2723' d='M65.1 65.2s.7 9.7 2.1 11.6l-2.6-.6z'/><path fill='#4e342e' d='M56.7 62.9c-1-2.3 2.6-6 8.3-6.1 5.7 0 9.3 3.7 8.3 6.1S68.7 66 65 66.1c-3.6-.1-7.3-.8-8.3-3.2'/><path d='M65 65.2c0-.4 3.4-.5 5.2-1.7 0 0-3.7 1.2-4.5.7-.8-.4-1-1.6-1-1.6s-.3 1.2-.9 1.6c-.7.4-4.9-.7-4.9-.7s5.6 1.4 5.6 1.7-.1 1.3-.1 2c0 2.5 0 8.7.4 9.2.6.9.4-6.7.4-9.2-.1-.8-.1-1.6-.2-2'/><path fill='#795548' d='M65.2 78.6c1.7 0 4.7 1.2 7.4 3.1-2.6-2.9-5.7-4.9-7.4-4.9-1.8 0-5.6 2.2-8.3 5.4 2.8-2.2 6.4-3.6 8.3-3.6'/><g fill='#3e2723'><path d='M64.5 96.3c-3.8 0-7.5-1.2-10.9-2.1-.7-.2-1.4.3-2.1.1-6.3-2-11.4-5.4-14.5-9.7v1c0 21 7.4 15.1 12.3 17.6 5 2.5 10.2 1.7 15.5 1.7h.1c5.4 0 10.5.7 15.5-1.8 4.9-2.5 12.3 3.6 12.3-17.4 0-.8 0-1.6.1-2.3-2.9 4.7-8.2 8.4-14.8 10.6-.6.2-2-.3-2.6-.2-3.6 1.2-6.8 2.5-10.9 2.5'/><path d='M55 85s-2.5 7.5-.8 10.8l-2.3-1s1.7-7.6 3.1-9.8m19.8 0s2.5 7.5.8 10.8l2.3-1s-1.8-7.6-3.1-9.8'/></g><path fill='#ffe0b2' d='M48.6 46.7c-.9 3.1-4.1 13.6 2.1 10.1 0 0-2.6 1.5-4.2 7.2s-5.8 6.4-5.8 6.4-6.7 1.3-11.7-3c-4.2-3.6-4.9-10-3.1-14.9s5-6.3 9.7-7.3c4.7-1.1 14-2 13 1.5'/><path d='M64.9 76.8c2.7 0 11.1 5.8 11.2 12.9v-.4c0-7.4-6.8-13.3-11.2-13.3s-11.2 6-11.2 13.3v.4c.1-7.1 8.5-12.9 11.2-12.9'/><g fill='#3e2723'><ellipse cx='66.7' cy='61.5' rx='.8' ry='1.5' transform='rotate(-14.465 66.71 61.469)'/><ellipse cx='62.4' cy='61.5' rx='.8' ry='1.5' transform='rotate(17.235 62.372 61.463)'/></g><circle cx='37.2' cy='58.1' r='8.8'/><circle cx='39.5' cy='54.2' r='2.3' fill='#fafafa'/><path fill='#795548' d='M67.5 58.2c0-.1-2.3 1-2.9 1.1-.6-.1-2.9-1.2-2.9-1.1z'/><path fill='#ffe0b2' d='M50 57.7s-7.9 5.4-12.2 10.7-4.2 6.3-4.2 6.3l3.1 1.4s4.4-8.3 9.8-11.4 6.1-5.7 6.1-5.7z'/><path fill='#ffe0b2' d='M32.7 41.7S30 49.1 24 52.2c0 0 9.4-1.1 8.7-10.5m63.1 0s2.7 7.4 8.7 10.5c0 0-9.4-1.1-8.7-10.5M78.7 55.5s-5.9-6.2-13.8-6.4h.2c-8 .2-13.8 6.4-13.8 6.4 6.9-4.8 12.8-4.7 13.8-4.7-.1 0 6.7-.1 13.6 4.7m-6.9-13s-3-4.2-7-4.3h.2c-3 .1-6.9 4.3-6.9 4.3 3.4-3.3 6.9-3.2 6.9-3.2s3.3-.1 6.8 3.2M37.2 73.2s-4.7 2.3-8.1.9H29c-3-1.7-4.5-6.8-4.5-6.8s3 9 12.7 5.9m54.8 0s4.7 2.3 8.1.9c4-1.7 4.6-6.8 4.6-6.8s-3 9-12.7 5.9'/><path fill='#ffe0b2' d='M42.6 41.2c2.6-.5 6.9-.6 10.3.5 4.3 1.5.8 7 1.7 7.3s2.1-3.8 10.1-3.4c8.1.4 9 4 10.1 3.4s-1.1-10 11-7.8c0 0-12.7-3.4-12.1 5.8 0 0-7.3-5.6-17.5-.6.1 0 2.7-8.6-13.6-5.2m44.3 0c.2 0 .3.1.4.1s-.1-.1-.4-.1M39.1 28.9S28.3 42.5 26.7 47.7c-1.6 5.3-2.8 27-4.2 30.1l-5-21.4 9.2-22.3zm50.8 0s10.8 13.6 12.4 18.8c1.6 5.3 2.8 27 4.2 30.1l5-21.4-9.2-22.3z'/><path fill='#4e342e' d='M89.4 28.9s11.6 9.7 15 20.9 2 24.8 4.6 26.5c3.7 2.4 7.9-11.9 9.3-13.4 2.2-2.4 9.5-8.5 10-9.6s-14.8-17.8-21.5-21.1c-8.1-3.8-18.1-4.1-17.4-3.3'/><path fill='#3e2723' d='M99.3 34.9s13.7 17.5 13.5 39.3l5.5-11.2c-.1 0-4.9-14.3-19-28.1'/><path fill='#4e342e' d='M39.1 28.9s-11.6 9.7-15 20.9-2 24.8-4.6 26.5c-3.7 2.4-7.9-11.9-9.3-13.4C8 60.5.7 54.4.2 53.3S15 35.5 21.7 32.2c8.1-3.8 18.1-4.1 17.4-3.3'/><path fill='#3e2723' d='M29.2 34.9S15.5 52.4 15.7 74.2L10.3 63s4.8-14.3 18.9-28.1'/><path fill='#ffe0b2' d='M21.8 74.6s1 5.4 2.6 7.1.5-1.3.5-1.3-1.7-.9-1.4-7.8-1.7 2-1.7 2m85.3 0s-1 5.4-2.6 7.1-.5-1.3-.5-1.3 1.7-.9 1.4-7.8 1.7 2 1.7 2'/><g fill='#3e2723'><circle cx='54.5' cy='70.5' r='.8'/><circle cx='49.9' cy='75.3' r='.8'/><circle cx='48.4' cy='70.5' r='.8'/></g><g fill='#3e2723'><circle cx='74' cy='70.5' r='.8'/><circle cx='78.6' cy='75.3' r='.8'/><circle cx='80.1' cy='70.5' r='.8'/></g></g></svg>",
   "puppet": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M6 2h8v8H6zm12 10h8v8h-8zM6 22h8v8H6z'/><path fill='#fbc02d' d='m7.888 6.192 1.92-2.305 14.304 11.921-1.92 2.305z'/><path fill='#fbc02d' d='m7.888 25.808 14.303-11.92 1.921 2.304-14.303 11.92z'/></svg>",
   "puppeteer": "<svg viewBox='0 0 24 24'><path fill='#00bfa5' d='M2.822 19.073q-.159 0-.159-.292l-.013-2.138q0-.16.013-.173.066-.2 3.307-2.298 3.24-2.085 3.254-2.152-.173-.239-3.413-2.35-3.148-2.033-3.148-2.232V5.233q0-.305.213-.305h1.912q.252 0 3.56 2.497 3.32 2.497 3.586 2.497.292 0 3.639-2.484t3.546-2.484h2.045q.186 0 .186.36 0 .37-.026 1.115t-.027 1.115q0 .067-.61.492-1.966 1.248-5.871 3.772-.093.066-.2.226.094.186 3.414 2.297 3.267 2.085 3.267 2.271v2.099q0 .345-.186.345h-2.045q-.332 0-3.626-2.484-3.294-2.47-3.466-2.47-.213 0-3.613 2.484-3.387 2.497-3.626 2.497z' aria-label='X'/></svg>",
   "purescript": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m31.447 12.569-6.035-6.038-1.627 1.628 5.22 5.223-5.22 5.223 1.627 1.628 6.035-6.036a1.15 1.15 0 0 0 0-1.628M8.216 13.928l-1.628-1.629L.55 18.335a1.155 1.155 0 0 0 0 1.628L6.588 26l1.628-1.628-5.223-5.222ZM10 22h12l2 2H12z'/><path fill='#42a5f5' d='M22 18H10l2-2h12zm0-6H10l-2-2h12z'/></svg>",
   "python-misc": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M15 2H6a2.006 2.006 0 0 0-2 2v22a2.006 2.006 0 0 0 2 2h16a2 2 0 0 0 2-2V11Zm3 22H6v-2h12Zm0-4H6v-2h12Zm0-4H6v-2h12Zm-4-4V4l8 8Z'/><path fill='#fbc02d' d='M30.714 16H28v5h-9v7.714A1.286 1.286 0 0 0 20.286 30h6.428A1.286 1.286 0 0 0 28 28.714V26h-6v-1h8.714A1.286 1.286 0 0 0 32 23.714v-6.428A1.286 1.286 0 0 0 30.714 16M24 28h3v1h-3Z' style='isolation:isolate'/><path fill='#0288d1' d='M25.714 12h-6.428A1.286 1.286 0 0 0 18 13.286V16h6v1h-8.714A1.286 1.286 0 0 0 14 18.286v6.428A1.286 1.286 0 0 0 15.286 26H18v-6h9v-6.714A1.286 1.286 0 0 0 25.714 12M22 14h-3v-1h3Z' style='isolation:isolate'/></svg>",
-  "python": "<svg viewBox='0 0 24 24'><path fill='#0288D1' d='M9.86 2A2.86 2.86 0 0 0 7 4.86v1.68h4.29c.39 0 .71.57.71.96H4.86A2.86 2.86 0 0 0 2 10.36v3.781a2.86 2.86 0 0 0 2.86 2.86h1.18v-2.68a2.85 2.85 0 0 1 2.85-2.86h5.25c1.58 0 2.86-1.271 2.86-2.851V4.86A2.86 2.86 0 0 0 14.14 2zm-.72 1.61c.4 0 .72.12.72.71s-.32.891-.72.891c-.39 0-.71-.3-.71-.89s.32-.711.71-.711'/><path fill='#fdd835' d='M17.959 7v2.68a2.85 2.85 0 0 1-2.85 2.859H9.86A2.85 2.85 0 0 0 7 15.389v3.75a2.86 2.86 0 0 0 2.86 2.86h4.28A2.86 2.86 0 0 0 17 19.14v-1.68h-4.291c-.39 0-.709-.57-.709-.96h7.14A2.86 2.86 0 0 0 22 13.64V9.86A2.86 2.86 0 0 0 19.14 7zM8.32 11.513l-.004.004.038-.004zm6.54 7.276c.39 0 .71.3.71.89a.71.71 0 0 1-.71.71c-.4 0-.72-.12-.72-.71s.32-.89.72-.89'/></svg>",
+  "python": "<svg viewBox='0 0 24 24'><path fill='#0288d1' d='M9.86 2A2.86 2.86 0 0 0 7 4.86v1.68h4.29c.39 0 .71.57.71.96H4.86A2.86 2.86 0 0 0 2 10.36v3.781a2.86 2.86 0 0 0 2.86 2.86h1.18v-2.68a2.85 2.85 0 0 1 2.85-2.86h5.25c1.58 0 2.86-1.271 2.86-2.851V4.86A2.86 2.86 0 0 0 14.14 2zm-.72 1.61c.4 0 .72.12.72.71s-.32.891-.72.891c-.39 0-.71-.3-.71-.89s.32-.711.71-.711'/><path fill='#fdd835' d='M17.959 7v2.68a2.85 2.85 0 0 1-2.85 2.859H9.86A2.85 2.85 0 0 0 7 15.389v3.75a2.86 2.86 0 0 0 2.86 2.86h4.28A2.86 2.86 0 0 0 17 19.14v-1.68h-4.291c-.39 0-.709-.57-.709-.96h7.14A2.86 2.86 0 0 0 22 13.64V9.86A2.86 2.86 0 0 0 19.14 7zM8.32 11.513l-.004.004.038-.004zm6.54 7.276c.39 0 .71.3.71.89a.71.71 0 0 1-.71.71c-.4 0-.72-.12-.72-.71s.32-.89.72-.89'/></svg>",
+  "pytorch": "<svg viewBox='0 0 32 32'><circle cx='20' cy='8' r='2' fill='#f4511e'/><path fill='#f4511e' d='M25.573 11.335a11.4 11.4 0 0 0-1.1-1.219l-2.825 2.832a9 9 0 0 1 .746.812 7.36 7.36 0 0 1 1.443 3.011 8 8 0 0 1 .164 1.23A8 8 0 0 1 8 18a5.76 5.76 0 0 1 .695-2.762 7.4 7.4 0 0 1 1.277-1.896c.18-.18 1.814-1.746 3.74-3.584L16 7.553V2l-5.057 4.873c-1.112 1.06-3.713 3.545-3.877 3.722a11.5 11.5 0 0 0-1.99 2.942A9.8 9.8 0 0 0 4 18a12 12 0 1 0 24 0 12.6 12.6 0 0 0-.254-2.074 11.26 11.26 0 0 0-2.173-4.591'/></svg>",
   "qsharp": "<svg viewBox='0 0 24 24'><path fill='#fbc02d' d='M11.938 16.414c.9-1.101 1.468-2.936 1.468-4.735 0-1.963-.697-3.854-1.872-5.12-1.156-1.248-2.66-1.853-4.57-1.853s-3.413.605-4.569 1.853C1.22 7.825.523 9.716.523 11.716s.697 3.89 1.872 5.157c1.156 1.248 2.68 1.853 4.57 1.853 1.376 0 2.404-.275 3.468-.917l1.578 1.486 1.395-1.486zm-3.395-3.212-1.396 1.487 1.413 1.34c-.422.22-1.027.348-1.615.348-2.202 0-3.67-1.853-3.67-4.66 0-2.809 1.468-4.662 3.689-4.662 2.239 0 3.689 1.835 3.689 4.68 0 1.1-.202 2.092-.606 2.9z' aria-label='Q'/><path fill='#fbc02d' d='m17.589 4.728-.611 4h-1.5l-.34 2h1.5l-.32 2h-1.5l-.34 2h1.5l-.61 4h2l.61-4h1l-.61 4h2l.61-4h1.5l.34-2h-1.5l.32-2h1.5l.34-2h-1.5l.611-4h-2l-.611 4h-1l.611-4zm1.049 6h1l-.32 2h-1z'/></svg>",
   "quasar": "<svg viewBox='0 0 50.843 50.843'><path fill='#1976d2' d='M29.585 25.422a4.16 4.16 0 0 1-4.16 4.159 4.16 4.16 0 0 1-4.159-4.16 4.16 4.16 0 0 1 4.16-4.159 4.16 4.16 0 0 1 4.159 4.16M43.888 14.76a21.3 21.3 0 0 0-3.267-4.272l-4.808 2.776a16 16 0 0 0-5.02-2.91c-1.642 1.664-2.946 3.523-3.886 5.545 5.352-.364 10.88 1.573 16.012 5.582l3.026-1.747a21.3 21.3 0 0 0-2.057-4.974m.001 21.32a21.3 21.3 0 0 0 2.066-4.966l-4.808-2.776c.359-1.938.356-3.904.01-5.803-2.262-.59-4.524-.79-6.745-.593 2.992 4.454 4.078 10.21 3.172 16.659l3.026 1.747a21.3 21.3 0 0 0 3.28-4.269zM25.427 46.74a21.3 21.3 0 0 0 5.333-.694v-5.552a16 16 0 0 0 5.03-2.893c-.62-2.253-1.578-4.312-2.859-6.137-2.36 4.817-6.802 8.636-12.84 11.076v3.494a21.3 21.3 0 0 0 5.336.706M6.963 36.082a21.3 21.3 0 0 0 3.267 4.272l4.809-2.777a16 16 0 0 0 5.02 2.91c1.642-1.664 2.946-3.523 3.886-5.544-5.353.364-10.88-1.573-16.012-5.583l-3.027 1.747a21.3 21.3 0 0 0 2.057 4.975m-.001-21.32a21.3 21.3 0 0 0-2.066 4.966l4.809 2.776a16 16 0 0 0-.01 5.802c2.262.59 4.524.79 6.744.593-2.991-4.453-4.078-10.209-3.171-16.658l-3.026-1.747a21.3 21.3 0 0 0-3.28 4.269zm18.462-10.66a21.3 21.3 0 0 0-5.333.694v5.552a16 16 0 0 0-5.03 2.893c.62 2.253 1.578 4.312 2.86 6.137 2.36-4.818 6.802-8.636 12.84-11.076V4.808a21.3 21.3 0 0 0-5.337-.706'/></svg>",
-  "quokka": "<svg viewBox='0 0 16 16'><path fill='#FF6D00' d='M8 2v6H2v6h12V2z' paint-order='fill markers stroke'/></svg>",
+  "quokka": "<svg viewBox='0 0 16 16'><path fill='#ff6d00' d='M8 2v6H2v6h12V2z' paint-order='fill markers stroke'/></svg>",
   "qwik": "<svg viewBox='0 0 24 24'><path fill='#29b6f6' d='m19.26 22.182-3.657-3.636-.056.008v-.04l-7.776-7.678 1.916-1.85-1.126-6.46-5.341 6.62c-.91.917-1.078 2.408-.423 3.508l3.337 5.534a2.8 2.8 0 0 0 2.435 1.356l1.653-.016z'/><path fill='#b388ff' d='m21.255 9.018-.734-1.356-.383-.693-.152-.272-.016.016-2.012-3.484a2.82 2.82 0 0 0-2.467-1.411l-1.765.047-5.261.016A2.82 2.82 0 0 0 6.054 3.27L2.852 9.616 8.577 2.51l7.505 8.245-1.334 1.347.799 6.451.008-.016v.016h-.016l.016.016.623.606 3.025 2.958c.128.12.336-.024.248-.175l-1.868-3.676 3.257-6.02.104-.12c.04-.048.08-.096.112-.143.638-.87.726-2.034.2-2.983z'/><path fill='#eceff1' d='M16.106 10.724 8.576 2.52l1.07 6.427-1.916 1.858 7.8 7.742-.702-6.426z'/></svg>",
   "r": "<svg viewBox='0 0 24 24'><path fill='#1976d2' d='M11.956 4.05c-5.694 0-10.354 3.106-10.354 6.947 0 3.396 3.686 6.212 8.531 6.813v2.205h3.53V17.82c.88-.093 1.699-.259 2.475-.497l1.43 2.692h3.996l-2.402-4.048c1.936-1.263 3.147-3.034 3.147-4.97 0-3.841-4.659-6.947-10.354-6.947m1.584 2.712c4.349 0 7.558 1.45 7.558 4.753 0 1.77-.952 3.013-2.505 3.779a1 1 0 0 1-.228-.156c-.373-.165-.994-.352-.994-.352s3.085-.227 3.085-3.302-3.23-3.127-3.23-3.127h-7.092v7.413c-2.64-.766-4.462-2.392-4.462-4.255 0-2.63 3.52-4.753 7.868-4.753m.156 4.12h2.143s.983-.05.983.974c0 1.004-.983 1.004-.983 1.004h-2.143v-1.977m-.031 4.566h.952c.186 0 .28.052.445.207.135.103.28.3.404.476-.57.073-1.17.104-1.801.104z'/></svg>",
   "racket": "<svg viewBox='0 0 511.875 511.824'><path fill='#0288d1' d='M416.17 381.6c27.189-34.614 43.405-78.256 43.405-125.685 0-112.466-91.168-203.634-203.634-203.634-24.464 0-47.92 4.319-69.65 12.228 82.671 43.366 192.023 184.854 229.88 317.097z'/><path fill='#e53935' d='M226.77 182.174c-31.766-34.221-67.34-61.4-105.015-79.425-42.569 37.324-69.453 92.102-69.453 153.162 0 51.344 19.009 98.24 50.365 134.06 27.641-83.049 79.607-163.09 124.108-207.8zm37.526 46.176c-44.085 47.512-88.014 130.681-103.913 207.415 28.498 15.172 61.02 23.783 95.561 23.783 35.508 0 68.888-9.097 97.951-25.074-16.752-77.405-48.375-148.294-89.591-206.127z'/></svg>",
   "raml": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M6 18.087a2 2 0 0 0-2-2 2 2 0 0 0 2-2v-6h4v-4H6a2 2 0 0 0-2 2v8H2v4h1.5a.5.5 0 0 1 .5.5v7.5a2 2 0 0 0 2 2h4v-4H6Zm22-3.999v-8a2 2 0 0 0-2-2h-4v4h4v6a2 2 0 0 0 2 2 2 2 0 0 0-2 2v6h-4v4h4a2 2 0 0 0 2-2v-8h2v-4Z'/><rect width='4' height='4' x='10' y='14.088' fill='#42a5f5' rx='.5'/><rect width='4' height='4' x='18' y='14.088' fill='#42a5f5' rx='.5'/></svg>",
   "razor": "<svg viewBox='0 0 24 24'><path fill='#42a5f5' d='M12 15c.81 0 1.5-.3 2.11-.89.59-.61.89-1.3.89-2.11s-.3-1.5-.89-2.11C13.5 9.3 12.81 9 12 9s-1.5.3-2.11.89C9.3 10.5 9 11.19 9 12s.3 1.5.89 2.11c.61.59 1.3.89 2.11.89m0-13c2.75 0 5.1 1 7.05 2.95S22 9.25 22 12v1.45c0 1-.35 1.85-1 2.55-.7.67-1.5 1-2.5 1-1.2 0-2.19-.5-2.94-1.5-1 1-2.18 1.5-3.56 1.5-1.37 0-2.55-.5-3.54-1.46C7.5 14.55 7 13.38 7 12c0-1.37.5-2.55 1.46-3.54C9.45 7.5 10.63 7 12 7c1.38 0 2.55.5 3.54 1.46C16.5 9.45 17 10.63 17 12v1.45c0 .41.16.77.46 1.08s.65.47 1.04.47c.42 0 .77-.16 1.07-.47s.43-.67.43-1.08V12c0-2.19-.77-4.07-2.35-5.65S14.19 4 12 4s-4.07.77-5.65 2.35S4 9.81 4 12s.77 4.07 2.35 5.65S9.81 20 12 20h5v2h-5c-2.75 0-5.1-1-7.05-2.95S2 14.75 2 12s1-5.1 2.95-7.05S9.25 2 12 2'/></svg>",
-  "rbxmk": "<svg fill='none' viewBox='0 0 24 24'><path fill='#00C853' fill-rule='evenodd' d='m6.331 2 16.164 4.331-2.454 9.158-2.25-.603.94-3.508-.002-.001-1.35-.362-2.129-.57-1.354-.363-.364 1.356-.577 2.153-2.125-.57.94-3.509-1.354-.362-2.128-.57-1.35-.363-.94 3.507-2.118-.568-.364 1.357 2.118.568 1.35.362h.001l.94-3.509 2.128.57-.577 2.155-.363 1.354 1.354.363 2.125.57 1.355.363.94-3.507 2.13.57-.578 2.152-.363 1.355 1.353.362 2.249.603-1.514 5.65L2 18.165z' clip-rule='evenodd'/></svg>",
+  "rbxmk": "<svg fill='none' viewBox='0 0 24 24'><path fill='#00c853' fill-rule='evenodd' d='m6.331 2 16.164 4.331-2.454 9.158-2.25-.603.94-3.508-.002-.001-1.35-.362-2.129-.57-1.354-.363-.364 1.356-.577 2.153-2.125-.57.94-3.509-1.354-.362-2.128-.57-1.35-.363-.94 3.507-2.118-.568-.364 1.357 2.118.568 1.35.362h.001l.94-3.509 2.128.57-.577 2.155-.363 1.354 1.354.363 2.125.57 1.355.363.94-3.507 2.13.57-.578 2.152-.363 1.355 1.353.362 2.249.603-1.514 5.65L2 18.165z' clip-rule='evenodd'/></svg>",
   "rc": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M4 28V8H2v21.5a.5.5 0 0 0 .5.5H24v-2Z'/><path fill='#0288d1' d='M29.5 2h-21a.5.5 0 0 0-.5.5v21a.5.5 0 0 0 .5.5h21a.5.5 0 0 0 .5-.5v-21a.5.5 0 0 0-.5-.5M26 8.04a3.4 3.4 0 0 0-.56-.04H21a5 5 0 0 0 0 10h4.44a3.4 3.4 0 0 0 .56-.04V22h-5a9 9 0 0 1 0-18h5Z'/></svg>",
   "react": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='M16 12c7.444 0 12 2.59 12 4s-4.556 4-12 4-12-2.59-12-4 4.556-4 12-4m0-2c-7.732 0-14 2.686-14 6s6.268 6 14 6 14-2.686 14-6-6.268-6-14-6'/><path fill='#00bcd4' d='M16 14a2 2 0 1 0 2 2 2 2 0 0 0-2-2'/><path fill='#00bcd4' d='M10.458 5.507c2.017 0 5.937 3.177 9.006 8.493 3.722 6.447 3.757 11.687 2.536 12.392a.9.9 0 0 1-.457.1c-2.017 0-5.938-3.176-9.007-8.492C8.814 11.553 8.779 6.313 10 5.608a.9.9 0 0 1 .458-.1m-.001-2A2.87 2.87 0 0 0 9 3.875C6.13 5.532 6.938 12.304 10.804 19c3.284 5.69 7.72 9.493 10.74 9.493A2.87 2.87 0 0 0 23 28.124c2.87-1.656 2.062-8.428-1.804-15.124-3.284-5.69-7.72-9.493-10.74-9.493Z'/><path fill='#00bcd4' d='M21.543 5.507a.9.9 0 0 1 .457.1c1.221.706 1.186 5.946-2.536 12.393-3.07 5.316-6.99 8.493-9.007 8.493a.9.9 0 0 1-.457-.1C8.779 25.686 8.814 20.446 12.536 14c3.07-5.316 6.99-8.493 9.007-8.493m0-2c-3.02 0-7.455 3.804-10.74 9.493C6.939 19.696 6.13 26.468 9 28.124a2.87 2.87 0 0 0 1.457.369c3.02 0 7.455-3.804 10.74-9.493C25.061 12.304 25.87 5.532 23 3.876a2.87 2.87 0 0 0-1.457-.369'/></svg>",
   "react_ts": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M16 12c7.444 0 12 2.59 12 4s-4.556 4-12 4-12-2.59-12-4 4.556-4 12-4m0-2c-7.732 0-14 2.686-14 6s6.268 6 14 6 14-2.686 14-6-6.268-6-14-6'/><path fill='#0288d1' d='M16 14a2 2 0 1 0 2 2 2 2 0 0 0-2-2'/><path fill='#0288d1' d='M10.458 5.507c2.017 0 5.937 3.177 9.006 8.493 3.722 6.447 3.757 11.687 2.536 12.392a.9.9 0 0 1-.457.1c-2.017 0-5.938-3.176-9.007-8.492C8.814 11.553 8.779 6.313 10 5.608a.9.9 0 0 1 .458-.1m-.001-2A2.87 2.87 0 0 0 9 3.875C6.13 5.532 6.938 12.304 10.804 19c3.284 5.69 7.72 9.493 10.74 9.493A2.87 2.87 0 0 0 23 28.124c2.87-1.656 2.062-8.428-1.804-15.124-3.284-5.69-7.72-9.493-10.74-9.493Z'/><path fill='#0288d1' d='M21.543 5.507a.9.9 0 0 1 .457.1c1.221.706 1.186 5.946-2.536 12.393-3.07 5.316-6.99 8.493-9.007 8.493a.9.9 0 0 1-.457-.1C8.779 25.686 8.814 20.446 12.536 14c3.07-5.316 6.99-8.493 9.007-8.493m0-2c-3.02 0-7.455 3.804-10.74 9.493C6.939 19.696 6.13 26.468 9 28.124a2.87 2.87 0 0 0 1.457.369c3.02 0 7.455-3.804 10.74-9.493C25.061 12.304 25.87 5.532 23 3.876a2.87 2.87 0 0 0-1.457-.369'/></svg>",
@@ -900,25 +946,25 @@
   "replit": "<svg viewBox='0 0 32 32'><path fill='#ff6d00' d='M8 4h8v8H8a2 2 0 0 1-2-2V6a2 2 0 0 1 2-2m8 8h8a2 2 0 0 1 2 2v4a2 2 0 0 1-2 2h-8zm-8 8h8v8H8a2 2 0 0 1-2-2v-4a2 2 0 0 1 2-2'/></svg>",
   "rescript-interface": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M16 21.862A2.14 2.14 0 0 1 13.862 24h-1.724A2.14 2.14 0 0 1 10 21.862V10.138A2.14 2.14 0 0 1 12.138 8H16ZM21 14a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/><path fill='#ef5350' d='M24 4a4.005 4.005 0 0 1 4 4v16a4.005 4.005 0 0 1-4 4H8a4.005 4.005 0 0 1-4-4V8a4.005 4.005 0 0 1 4-4zm0-2H8a6 6 0 0 0-6 6v16a6 6 0 0 0 6 6h16a6 6 0 0 0 6-6V8a6 6 0 0 0-6-6'/></svg>",
   "rescript": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M24 2H8a6 6 0 0 0-6 6v16a6 6 0 0 0 6 6h16a6 6 0 0 0 6-6V8a6 6 0 0 0-6-6m-8 19.862A2.14 2.14 0 0 1 13.862 24h-1.724A2.14 2.14 0 0 1 10 21.862V10.138A2.14 2.14 0 0 1 12.138 8H16ZM21 14a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/></svg>",
-  "restql": "<svg viewBox='0 0 300 300'><path fill='#64FFDA' d='M266.377 94.665c-1.327-8.361-6.357-15.836-13.806-20.138L164.349 23.59c-4.303-2.483-9.203-3.795-14.169-3.795s-9.865 1.312-14.166 3.793L47.793 74.524c-8.742 5.05-14.171 14.452-14.171 24.542v101.866c0 10.09 5.429 19.493 14.168 24.54l88.221 50.935c4.305 2.485 9.205 3.796 14.17 3.796s9.863-1.311 14.166-3.795l88.22-50.933c7.453-4.306 12.485-11.78 13.81-20.142zm-22.465 115.817-88.219 50.931a11.02 11.02 0 0 1-11.028 0l-88.219-50.931a11.03 11.03 0 0 1-5.513-9.55V99.066a11.03 11.03 0 0 1 5.513-9.55l88.219-50.934c1.705-.986 3.61-1.477 5.514-1.477s3.808.491 5.514 1.477l88.219 50.934a11.03 11.03 0 0 1 5.513 9.55v101.866a11.03 11.03 0 0 1-5.513 9.55'/><path fill='#1A237E' d='M249.429 99.066a11.03 11.03 0 0 0-5.513-9.55l-88.219-50.934c-1.705-.986-3.61-1.477-5.514-1.477s-3.809.491-5.514 1.477L56.45 89.516a11.03 11.03 0 0 0-5.513 9.55v101.866a11.03 11.03 0 0 0 5.513 9.55l88.219 50.931a11.02 11.02 0 0 0 11.028 0l88.219-50.931a11.03 11.03 0 0 0 5.513-9.55zm-63.612 43.093q.245-.14.497-.203c.06-.016.12-.013.178-.024.104-.017.207-.04.31-.04l.02.002c.028.001.052.006.08.008q.19.011.372.054.067.019.136.041.156.051.304.13.058.026.114.058c.128.077.25.166.358.27q.013.018.028.033.143.146.256.32.035.06.068.122.08.146.135.312.024.066.043.134c.038.157.067.319.067.491v22.048l-4.459 2.575a2.1 2.1 0 0 0-.922 1.129 2.1 2.1 0 0 0-.134.699v5.148l-19.094 11.023-.014.006q-.238.133-.481.198c-.061.017-.123.015-.184.025-.1.016-.204.04-.306.04l-.019-.002-.08-.008a2 2 0 0 1-.371-.056q-.069-.018-.136-.041a2 2 0 0 1-.304-.128c-.04-.02-.077-.037-.114-.06a2 2 0 0 1-.358-.269c-.012-.01-.02-.026-.031-.037a2 2 0 0 1-.252-.315c-.026-.04-.046-.082-.07-.123a2 2 0 0 1-.132-.311 2 2 0 0 1-.045-.138 2 2 0 0 1-.066-.487v-27.278a1.97 1.97 0 0 1 .988-1.707zm-36.622-80.724a1.97 1.97 0 0 1 1.975 0l62.217 35.923c1.316.759 1.316 2.658 0 3.417l-23.62 13.639a1.98 1.98 0 0 1-1.976 0l-21.07-12.165 2.35-1.354c1.407-.814 1.407-2.845 0-3.657l-17.834-10.296c-.325-.19-.69-.282-1.054-.282s-.728.093-1.054.282l-4.459 2.574-19.094-11.023c-1.316-.76-1.316-2.657 0-3.418zm-37.61 22.02c.342 0 .682.089.988.264l21.069 12.163-2.35 1.356c-1.406.812-1.406 2.843 0 3.657l2.35 1.354-21.067 12.165a1.98 1.98 0 0 1-1.975 0l-23.621-13.64c-1.317-.758-1.317-2.657 0-3.416l23.62-13.639c.307-.175.647-.264.987-.264zM98.583 209.04a2 2 0 0 1-.984-.267l-23.62-13.637a1.97 1.97 0 0 1-.988-1.708v-71.843c0-1.153.944-1.977 1.975-1.977.33 0 .667.084.985.268l23.621 13.636c.611.354.988 1.004.988 1.71v24.328l-2.35-1.356c-.34-.197-.7-.285-1.05-.285a2.11 2.11 0 0 0-2.114 2.113v20.592c0 .755.4 1.452 1.054 1.829l4.458 2.576v22.047c.002 1.15-.944 1.974-1.975 1.974m40.572 20.306a1.975 1.975 0 0 1-2.96 1.71l-23.62-13.637a1.98 1.98 0 0 1-.988-1.71v-24.327l2.348 1.355c.34.197.7.287 1.051.287 1.103 0 2.114-.882 2.114-2.116v-2.71l21.068 12.163c.61.353.987 1.003.987 1.71zm0-44.57c0 .172-.027.334-.066.489q-.02.07-.044.137-.053.165-.134.312c-.024.04-.044.083-.068.122q-.114.174-.256.32c-.011.01-.02.024-.029.034a2 2 0 0 1-.359.27c-.035.022-.075.039-.111.06a2.2 2.2 0 0 1-.441.168q-.185.047-.378.056c-.025 0-.05.008-.075.008l-.02.001c-.105 0-.211-.024-.317-.04-.059-.01-.115-.008-.17-.024a2 2 0 0 1-.498-.203l-19.09-11.023v-5.147a2.1 2.1 0 0 0-1.056-1.827l-4.456-2.573v-22.043c0-.173.027-.335.067-.491q.02-.069.043-.136a2 2 0 0 1 .135-.312c.023-.04.043-.084.07-.124q.11-.172.253-.318c.011-.01.02-.024.029-.034q.163-.155.358-.27.056-.032.114-.059a2 2 0 0 1 .818-.226c.025 0 .048-.007.074-.007l.02-.001c.107 0 .214.025.322.04.054.01.11.008.166.024q.252.063.498.203l23.614 13.633a1.98 1.98 0 0 1 .988 1.712zm-13.58-61.717a1.97 1.97 0 0 1-.74-.748 2 2 0 0 1 0-1.922 1.96 1.96 0 0 1 .74-.748l19.095-11.023 4.457 2.573a2.12 2.12 0 0 0 2.11 0l4.458-2.575 19.095 11.025c1.317.759 1.317 2.658 0 3.418l-23.62 13.637a1.97 1.97 0 0 1-1.975 0zm101.8 70.367a1.97 1.97 0 0 1-.987 1.709l-62.217 35.921a1.95 1.95 0 0 1-.985.267c-1.03 0-1.976-.825-1.976-1.977V202.07c0-.706.377-1.356.989-1.71l21.066-12.161v2.71c0 1.232 1.011 2.115 2.113 2.115.353 0 .711-.09 1.053-.286l17.832-10.297a2.11 2.11 0 0 0 1.055-1.828v-5.147l19.095-11.024c.318-.184.655-.267.985-.267 1.03 0 1.976.824 1.976 1.976v27.275zm0-44.565c0 .706-.375 1.356-.987 1.708l-21.068 12.164v-2.71c0-1.233-1.012-2.114-2.114-2.114a2.07 2.07 0 0 0-1.052.285l-2.349 1.355v-24.327c0-.706.377-1.356.99-1.71l23.62-13.636a1.96 1.96 0 0 1 .984-.268c1.031 0 1.976.824 1.976 1.977z'/><path fill='#64FFDA' d='m138.166 200.367-21.069-12.163v2.711c0 1.233-1.01 2.115-2.113 2.115-.353 0-.712-.09-1.052-.287l-2.347-1.354v24.327c0 .706.375 1.356.987 1.71l23.62 13.637c.318.184.656.267.986.267a1.975 1.975 0 0 0 1.975-1.977v-27.276a1.98 1.98 0 0 0-.987-1.71m23.617-44.247a2 2 0 0 1 .412-.316l23.62-13.637-23.62 13.637a2 2 0 0 0-.412.316m-48.219-14.226-.02.001c.112-.001.226.02.34.04-.107-.017-.214-.041-.32-.041m22.624 44.599-19.09-11.031zm.985.259.02-.002c-.111.002-.226-.021-.337-.04.106.017.212.042.317.042m49.632-44.86c-.102 0-.205.025-.31.04.11-.02.22-.04.329-.038zm38.589-22.284c-.328 0-.665.084-.985.268l-23.62 13.636a1.98 1.98 0 0 0-.989 1.71v24.327l2.35-1.355c.34-.197.7-.287 1.05-.285 1.103 0 2.115.88 2.115 2.113v2.711l21.068-12.164c.61-.352.987-1.002.987-1.708v-27.276a1.975 1.975 0 0 0-1.976-1.977m-62.212 67.144c.101 0 .204-.025.306-.04-.108.018-.216.038-.323.038zm62.212-22.58a2 2 0 0 0-.985.267l-19.094 11.024v5.147a2.11 2.11 0 0 1-1.056 1.829l-17.832 10.296c-.342.196-.7.286-1.053.286a2.113 2.113 0 0 1-2.112-2.115v-2.71l-21.067 12.162a1.98 1.98 0 0 0-.989 1.71v27.276c0 1.152.945 1.976 1.976 1.976.33 0 .667-.084.985-.267l62.217-35.921c.61-.352.988-1.004.988-1.709v-27.276c-.002-1.149-.947-1.975-1.978-1.975M125.57 75.074c-1.315.76-1.315 2.658 0 3.418l19.095 11.023 4.458-2.575c.327-.189.691-.281 1.055-.281s.729.092 1.054.281l17.833 10.297c1.408.812 1.408 2.843 0 3.656l-2.349 1.355 21.07 12.164a1.98 1.98 0 0 0 1.975 0l23.62-13.639c1.316-.759 1.316-2.657 0-3.416l-62.216-35.923a1.97 1.97 0 0 0-1.975 0zM86.976 97.358c-1.317.759-1.317 2.658 0 3.417l23.621 13.639a1.98 1.98 0 0 0 1.975 0l21.067-12.165-2.35-1.354c-1.406-.814-1.406-2.845 0-3.657l2.35-1.356L112.57 83.72a1.98 1.98 0 0 0-1.974 0zm13.58 109.702v-22.048l-4.459-2.576a2.11 2.11 0 0 1-1.054-1.828v-20.592a2.11 2.11 0 0 1 2.114-2.114c.352 0 .711.088 1.051.286l2.35 1.356v-24.329c0-.706-.376-1.356-.988-1.71l-23.621-13.634a1.95 1.95 0 0 0-.985-.268 1.975 1.975 0 0 0-1.975 1.976v71.842c0 .704.375 1.356.987 1.708l23.62 13.638c.319.183.656.266.985.266 1.03.001 1.975-.823 1.975-1.974zm88.221-41.147-4.458 2.575zv-22.047zm-.245-22.983'/><path fill='#F44336' d='M161.783 156.12a1.97 1.97 0 0 0-.577 1.391v27.277l.001.002c0 .172.028.332.066.487q.02.068.045.138.053.162.133.311c.023.04.043.083.07.123q.11.172.25.315c.013.012.021.027.032.037q.164.156.358.27.055.031.114.059a2 2 0 0 0 .81.224l.081.009c.108 0 .215-.022.324-.039.061-.009.122-.008.183-.024q.244-.064.482-.199l.014-.005 19.094-11.023v-5.148c0-.245.054-.477.133-.7a2.1 2.1 0 0 1 .923-1.129l4.458-2.574v-22.048c0-.173-.028-.334-.066-.49q-.02-.068-.044-.136a1.7 1.7 0 0 0-.135-.311q-.032-.063-.068-.122a2 2 0 0 0-.255-.32l-.029-.033a2 2 0 0 0-.358-.27q-.055-.032-.114-.059a2 2 0 0 0-.44-.17 2 2 0 0 0-.37-.054l-.08-.009c-.11 0-.22.02-.33.039-.058.01-.118.008-.178.024a2 2 0 0 0-.497.203l-23.62 13.637a2 2 0 0 0-.41.317m-23.619-.326L114.55 142.16a2 2 0 0 0-.498-.202c-.056-.017-.112-.014-.166-.024-.114-.02-.228-.04-.341-.039-.026 0-.05.007-.075.007q-.195.011-.378.056c-.047.012-.089.027-.135.04a2 2 0 0 0-.305.13q-.058.027-.114.058a2 2 0 0 0-.358.27l-.028.035a2 2 0 0 0-.255.318q-.036.061-.069.124-.08.15-.135.311a2 2 0 0 0-.11.627v22.044l4.456 2.573a2.1 2.1 0 0 1 1.056 1.827v5.147l19.09 11.023q.245.139.498.203c.056.016.112.013.17.023.112.019.226.04.337.04.026 0 .05-.007.075-.009q.195-.01.378-.056c.047-.01.089-.025.135-.039q.157-.052.306-.13c.037-.02.076-.036.112-.058a2 2 0 0 0 .359-.27l.028-.034q.143-.146.256-.32l.068-.122q.08-.148.135-.312a2 2 0 0 0 .11-.627v-27.268a1.98 1.98 0 0 0-.988-1.712m13.002-19.098 23.62-13.637c1.317-.76 1.317-2.66 0-3.418l-19.094-11.025-4.459 2.575a2.12 2.12 0 0 1-2.11 0l-4.457-2.573-19.095 11.023a1.96 1.96 0 0 0-.74.748 2 2 0 0 0 0 1.922c.165.296.413.558.74.748l23.622 13.637a1.97 1.97 0 0 0 1.973 0'/></svg>",
+  "restql": "<svg viewBox='0 0 300 300'><path fill='#64ffda' d='M266.377 94.665c-1.327-8.361-6.357-15.836-13.806-20.138L164.349 23.59c-4.303-2.483-9.203-3.795-14.169-3.795s-9.865 1.312-14.166 3.793L47.793 74.524c-8.742 5.05-14.171 14.452-14.171 24.542v101.866c0 10.09 5.429 19.493 14.168 24.54l88.221 50.935c4.305 2.485 9.205 3.796 14.17 3.796s9.863-1.311 14.166-3.795l88.22-50.933c7.453-4.306 12.485-11.78 13.81-20.142zm-22.465 115.817-88.219 50.931a11.02 11.02 0 0 1-11.028 0l-88.219-50.931a11.03 11.03 0 0 1-5.513-9.55V99.066a11.03 11.03 0 0 1 5.513-9.55l88.219-50.934c1.705-.986 3.61-1.477 5.514-1.477s3.808.491 5.514 1.477l88.219 50.934a11.03 11.03 0 0 1 5.513 9.55v101.866a11.03 11.03 0 0 1-5.513 9.55'/><path fill='#1a237e' d='M249.429 99.066a11.03 11.03 0 0 0-5.513-9.55l-88.219-50.934c-1.705-.986-3.61-1.477-5.514-1.477s-3.809.491-5.514 1.477L56.45 89.516a11.03 11.03 0 0 0-5.513 9.55v101.866a11.03 11.03 0 0 0 5.513 9.55l88.219 50.931a11.02 11.02 0 0 0 11.028 0l88.219-50.931a11.03 11.03 0 0 0 5.513-9.55zm-63.612 43.093q.245-.14.497-.203c.06-.016.12-.013.178-.024.104-.017.207-.04.31-.04l.02.002c.028.001.052.006.08.008q.19.011.372.054.067.019.136.041.156.051.304.13.058.026.114.058c.128.077.25.166.358.27q.013.018.028.033.143.146.256.32.035.06.068.122.08.146.135.312.024.066.043.134c.038.157.067.319.067.491v22.048l-4.459 2.575a2.1 2.1 0 0 0-.922 1.129 2.1 2.1 0 0 0-.134.699v5.148l-19.094 11.023-.014.006q-.238.133-.481.198c-.061.017-.123.015-.184.025-.1.016-.204.04-.306.04l-.019-.002-.08-.008a2 2 0 0 1-.371-.056q-.069-.018-.136-.041a2 2 0 0 1-.304-.128c-.04-.02-.077-.037-.114-.06a2 2 0 0 1-.358-.269c-.012-.01-.02-.026-.031-.037a2 2 0 0 1-.252-.315c-.026-.04-.046-.082-.07-.123a2 2 0 0 1-.132-.311 2 2 0 0 1-.045-.138 2 2 0 0 1-.066-.487v-27.278a1.97 1.97 0 0 1 .988-1.707zm-36.622-80.724a1.97 1.97 0 0 1 1.975 0l62.217 35.923c1.316.759 1.316 2.658 0 3.417l-23.62 13.639a1.98 1.98 0 0 1-1.976 0l-21.07-12.165 2.35-1.354c1.407-.814 1.407-2.845 0-3.657l-17.834-10.296c-.325-.19-.69-.282-1.054-.282s-.728.093-1.054.282l-4.459 2.574-19.094-11.023c-1.316-.76-1.316-2.657 0-3.418zm-37.61 22.02c.342 0 .682.089.988.264l21.069 12.163-2.35 1.356c-1.406.812-1.406 2.843 0 3.657l2.35 1.354-21.067 12.165a1.98 1.98 0 0 1-1.975 0l-23.621-13.64c-1.317-.758-1.317-2.657 0-3.416l23.62-13.639c.307-.175.647-.264.987-.264zM98.583 209.04a2 2 0 0 1-.984-.267l-23.62-13.637a1.97 1.97 0 0 1-.988-1.708v-71.843c0-1.153.944-1.977 1.975-1.977.33 0 .667.084.985.268l23.621 13.636c.611.354.988 1.004.988 1.71v24.328l-2.35-1.356c-.34-.197-.7-.285-1.05-.285a2.11 2.11 0 0 0-2.114 2.113v20.592c0 .755.4 1.452 1.054 1.829l4.458 2.576v22.047c.002 1.15-.944 1.974-1.975 1.974m40.572 20.306a1.975 1.975 0 0 1-2.96 1.71l-23.62-13.637a1.98 1.98 0 0 1-.988-1.71v-24.327l2.348 1.355c.34.197.7.287 1.051.287 1.103 0 2.114-.882 2.114-2.116v-2.71l21.068 12.163c.61.353.987 1.003.987 1.71zm0-44.57c0 .172-.027.334-.066.489q-.02.07-.044.137-.053.165-.134.312c-.024.04-.044.083-.068.122q-.114.174-.256.32c-.011.01-.02.024-.029.034a2 2 0 0 1-.359.27c-.035.022-.075.039-.111.06a2.2 2.2 0 0 1-.441.168q-.185.047-.378.056c-.025 0-.05.008-.075.008l-.02.001c-.105 0-.211-.024-.317-.04-.059-.01-.115-.008-.17-.024a2 2 0 0 1-.498-.203l-19.09-11.023v-5.147a2.1 2.1 0 0 0-1.056-1.827l-4.456-2.573v-22.043c0-.173.027-.335.067-.491q.02-.069.043-.136a2 2 0 0 1 .135-.312c.023-.04.043-.084.07-.124q.11-.172.253-.318c.011-.01.02-.024.029-.034q.163-.155.358-.27.056-.032.114-.059a2 2 0 0 1 .818-.226c.025 0 .048-.007.074-.007l.02-.001c.107 0 .214.025.322.04.054.01.11.008.166.024q.252.063.498.203l23.614 13.633a1.98 1.98 0 0 1 .988 1.712zm-13.58-61.717a1.97 1.97 0 0 1-.74-.748 2 2 0 0 1 0-1.922 1.96 1.96 0 0 1 .74-.748l19.095-11.023 4.457 2.573a2.12 2.12 0 0 0 2.11 0l4.458-2.575 19.095 11.025c1.317.759 1.317 2.658 0 3.418l-23.62 13.637a1.97 1.97 0 0 1-1.975 0zm101.8 70.367a1.97 1.97 0 0 1-.987 1.709l-62.217 35.921a1.95 1.95 0 0 1-.985.267c-1.03 0-1.976-.825-1.976-1.977V202.07c0-.706.377-1.356.989-1.71l21.066-12.161v2.71c0 1.232 1.011 2.115 2.113 2.115.353 0 .711-.09 1.053-.286l17.832-10.297a2.11 2.11 0 0 0 1.055-1.828v-5.147l19.095-11.024c.318-.184.655-.267.985-.267 1.03 0 1.976.824 1.976 1.976v27.275zm0-44.565c0 .706-.375 1.356-.987 1.708l-21.068 12.164v-2.71c0-1.233-1.012-2.114-2.114-2.114a2.07 2.07 0 0 0-1.052.285l-2.349 1.355v-24.327c0-.706.377-1.356.99-1.71l23.62-13.636a1.96 1.96 0 0 1 .984-.268c1.031 0 1.976.824 1.976 1.977z'/><path fill='#64ffda' d='m138.166 200.367-21.069-12.163v2.711c0 1.233-1.01 2.115-2.113 2.115-.353 0-.712-.09-1.052-.287l-2.347-1.354v24.327c0 .706.375 1.356.987 1.71l23.62 13.637c.318.184.656.267.986.267a1.975 1.975 0 0 0 1.975-1.977v-27.276a1.98 1.98 0 0 0-.987-1.71m23.617-44.247a2 2 0 0 1 .412-.316l23.62-13.637-23.62 13.637a2 2 0 0 0-.412.316m-48.219-14.226-.02.001c.112-.001.226.02.34.04-.107-.017-.214-.041-.32-.041m22.624 44.599-19.09-11.031zm.985.259.02-.002c-.111.002-.226-.021-.337-.04.106.017.212.042.317.042m49.632-44.86c-.102 0-.205.025-.31.04.11-.02.22-.04.329-.038zm38.589-22.284c-.328 0-.665.084-.985.268l-23.62 13.636a1.98 1.98 0 0 0-.989 1.71v24.327l2.35-1.355c.34-.197.7-.287 1.05-.285 1.103 0 2.115.88 2.115 2.113v2.711l21.068-12.164c.61-.352.987-1.002.987-1.708v-27.276a1.975 1.975 0 0 0-1.976-1.977m-62.212 67.144c.101 0 .204-.025.306-.04-.108.018-.216.038-.323.038zm62.212-22.58a2 2 0 0 0-.985.267l-19.094 11.024v5.147a2.11 2.11 0 0 1-1.056 1.829l-17.832 10.296c-.342.196-.7.286-1.053.286a2.113 2.113 0 0 1-2.112-2.115v-2.71l-21.067 12.162a1.98 1.98 0 0 0-.989 1.71v27.276c0 1.152.945 1.976 1.976 1.976.33 0 .667-.084.985-.267l62.217-35.921c.61-.352.988-1.004.988-1.709v-27.276c-.002-1.149-.947-1.975-1.978-1.975M125.57 75.074c-1.315.76-1.315 2.658 0 3.418l19.095 11.023 4.458-2.575c.327-.189.691-.281 1.055-.281s.729.092 1.054.281l17.833 10.297c1.408.812 1.408 2.843 0 3.656l-2.349 1.355 21.07 12.164a1.98 1.98 0 0 0 1.975 0l23.62-13.639c1.316-.759 1.316-2.657 0-3.416l-62.216-35.923a1.97 1.97 0 0 0-1.975 0zM86.976 97.358c-1.317.759-1.317 2.658 0 3.417l23.621 13.639a1.98 1.98 0 0 0 1.975 0l21.067-12.165-2.35-1.354c-1.406-.814-1.406-2.845 0-3.657l2.35-1.356L112.57 83.72a1.98 1.98 0 0 0-1.974 0zm13.58 109.702v-22.048l-4.459-2.576a2.11 2.11 0 0 1-1.054-1.828v-20.592a2.11 2.11 0 0 1 2.114-2.114c.352 0 .711.088 1.051.286l2.35 1.356v-24.329c0-.706-.376-1.356-.988-1.71l-23.621-13.634a1.95 1.95 0 0 0-.985-.268 1.975 1.975 0 0 0-1.975 1.976v71.842c0 .704.375 1.356.987 1.708l23.62 13.638c.319.183.656.266.985.266 1.03.001 1.975-.823 1.975-1.974zm88.221-41.147-4.458 2.575zv-22.047zm-.245-22.983'/><path fill='#f44336' d='M161.783 156.12a1.97 1.97 0 0 0-.577 1.391v27.277l.001.002c0 .172.028.332.066.487q.02.068.045.138.053.162.133.311c.023.04.043.083.07.123q.11.172.25.315c.013.012.021.027.032.037q.164.156.358.27.055.031.114.059a2 2 0 0 0 .81.224l.081.009c.108 0 .215-.022.324-.039.061-.009.122-.008.183-.024q.244-.064.482-.199l.014-.005 19.094-11.023v-5.148c0-.245.054-.477.133-.7a2.1 2.1 0 0 1 .923-1.129l4.458-2.574v-22.048c0-.173-.028-.334-.066-.49q-.02-.068-.044-.136a1.7 1.7 0 0 0-.135-.311q-.032-.063-.068-.122a2 2 0 0 0-.255-.32l-.029-.033a2 2 0 0 0-.358-.27q-.055-.032-.114-.059a2 2 0 0 0-.44-.17 2 2 0 0 0-.37-.054l-.08-.009c-.11 0-.22.02-.33.039-.058.01-.118.008-.178.024a2 2 0 0 0-.497.203l-23.62 13.637a2 2 0 0 0-.41.317m-23.619-.326L114.55 142.16a2 2 0 0 0-.498-.202c-.056-.017-.112-.014-.166-.024-.114-.02-.228-.04-.341-.039-.026 0-.05.007-.075.007q-.195.011-.378.056c-.047.012-.089.027-.135.04a2 2 0 0 0-.305.13q-.058.027-.114.058a2 2 0 0 0-.358.27l-.028.035a2 2 0 0 0-.255.318q-.036.061-.069.124-.08.15-.135.311a2 2 0 0 0-.11.627v22.044l4.456 2.573a2.1 2.1 0 0 1 1.056 1.827v5.147l19.09 11.023q.245.139.498.203c.056.016.112.013.17.023.112.019.226.04.337.04.026 0 .05-.007.075-.009q.195-.01.378-.056c.047-.01.089-.025.135-.039q.157-.052.306-.13c.037-.02.076-.036.112-.058a2 2 0 0 0 .359-.27l.028-.034q.143-.146.256-.32l.068-.122q.08-.148.135-.312a2 2 0 0 0 .11-.627v-27.268a1.98 1.98 0 0 0-.988-1.712m13.002-19.098 23.62-13.637c1.317-.76 1.317-2.66 0-3.418l-19.094-11.025-4.459 2.575a2.12 2.12 0 0 1-2.11 0l-4.457-2.573-19.095 11.023a1.96 1.96 0 0 0-.74.748 2 2 0 0 0 0 1.922c.165.296.413.558.74.748l23.622 13.637a1.97 1.97 0 0 0 1.973 0'/></svg>",
   "riot": "<svg viewBox='0 0 32 32'><path fill='#e53935' d='M20 4H4.5a.5.5 0 0 0-.5.5V22a6 6 0 0 0 6 6V10.5a.5.5 0 0 1 .5-.5H20a2 2 0 0 1 2 2v1.5a.5.5 0 0 0 .5.5h5a.5.5 0 0 0 .5-.5V12a8 8 0 0 0-8-8'/><path fill='#e53935' d='M24 16H14a6 6 0 0 0 6 6h1a1 1 0 0 1 1 1v5h2a4 4 0 0 0 4-4v-4a4 4 0 0 0-4-4'/></svg>",
   "roadmap": "<svg viewBox='0 0 24 24'><path fill='#26a69a' d='M2 2h2v18h18v2H2zm5 8h10v3H7zm4 5h10v3H11zM6 4h16v4h-2V6H8v2H6z'/></svg>",
   "roblox": "<svg viewBox='0 0 500 500'><path fill='#42a5f5' d='m127.87 38.084 334.05 89.432-36.055 135.03-199.37-53.377-10.251 38.177-134.68-36.056zm244.26 423.83L38.08 372.482l36.056-135.03 199.01 53.377 10.251-38.176 135.03 36.055z' clip-rule='evenodd'/></svg>",
   "robot": "<svg viewBox='0 0 32 32'><path fill='#00bfa5' d='M25.172 6 28 8.828v14.344L25.172 26H6.828L4 23.172V8.828L6.828 6zM26 4H6L2 8v16l4 4h20l4-4V8z'/><path fill='#00bfa5' d='M8 20h16v2H8zm0-6v2h2v-2a2 2 0 0 1 2-2 2 2 0 0 1 2 2v2h2v-2a4 4 0 0 0-4-4 4 4 0 0 0-4 4m9.876.268 5.196-3 1 1.732-5.196 3z'/></svg>",
   "robots": "<svg viewBox='0 0 32 32'><path fill='#ff5252' d='M28.586 18H28a8 8 0 0 0-8-8h-2V8.445a4 4 0 1 0-4 0V10h-2a8 8 0 0 0-8 8h-.586A1.414 1.414 0 0 0 2 19.414v3.172A1.414 1.414 0 0 0 3.414 24H4v1a3 3 0 0 0 3 3h18a3 3 0 0 0 3-3v-1h.586A1.414 1.414 0 0 0 30 22.586v-3.172A1.414 1.414 0 0 0 28.586 18M11 22a3 3 0 1 1 3-3 3 3 0 0 1-3 3m10 0a3 3 0 1 1 3-3 3 3 0 0 1-3 3'/></svg>",
   "rocket": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M12 26c-1.71 1.905-7.64 2.149-7.93 1.937l-.004.003-.002-.005-.005-.002.004-.003C3.85 27.64 4.1 21.715 6 20ZM29.64 7.908c-.655 2.69-1.681 5.64-5.64 10.092l-.789 4.749a4 4 0 0 1-1.116 2.171l-4.863 4.868A.72.72 0 0 1 16 29.277v-6.23L9 16H2.723a.721.721 0 0 1-.511-1.232L7.08 9.905A4 4 0 0 1 9.25 8.79L14 8c4.453-3.959 7.402-4.985 10.092-5.64a11.1 11.1 0 0 1 3.642-.329 3.1 3.1 0 0 1 1.72.515 3.1 3.1 0 0 1 .515 1.72 11.1 11.1 0 0 1-.33 3.642ZM26 10a4 4 0 1 0-4 4 4 4 0 0 0 4-4'/></svg>",
-  "rojo": "<svg fill='none' viewBox='0 0 24 24'><path fill='#E53935' d='M9.586 2h.077l-.077.135v.29c.598-.116.908-.27.908-.425l.425.058A36 36 0 0 1 12.869 2h.077c.927 0 2.009.502 3.284 1.526.27.444.424.83.502 1.197v.695c-.155.966-.425 1.7-.773 2.183q-.319.26-1.39 1.738h-.078v-.135l.194-.29h-.116a17.6 17.6 0 0 1-5.601 3.226 6.2 6.2 0 0 1-1.545.212c.656.772 1.873 1.796 3.63 3.07.174.097 1.295.812 3.361 2.183 1.719 1.062 3.766 2.221 6.161 3.496v.077h-.29c-.463-.174-.695-.309-.695-.367l-.135.077h-.135c-.058 0-.078-.019-.078-.077-.173.039-.309.213-.424.502.29.078.424.174.424.27-.115.097-.193.155-.27.155l-.348-.077v.077c0 .078.058.135.194.135v.213h-.058c-.097 0-1.16-.618-3.148-1.835-1.41-.715-3.149-1.815-5.176-3.283-.676-.31-1.912-1.217-3.728-2.723h-.193c-.27.405-.618 1.41-1.062 3.013-.097.367-.56.907-1.39 1.602h-.155l-.135-.212v-.077c0-.097.077-.31.212-.618v-.077h-.077c0 .135-.29.347-.83.637H3v-.135c1.642-4.867 2.781-8.035 3.438-9.522q1.68-3.852 1.68-4.403c-.251 0-.811.309-1.68.965h-.135l.058-.135v-.135c-.252 0-.831.406-1.739 1.255h-.077v-.077l.908-1.043.154-.212v-.077h-.154l-.83.695c-.097 0-.136-.039-.136-.116A11.1 11.1 0 0 1 7.693 3.12c1.178-.309 1.758-.656 1.758-1.062zm6.373 1.95v.078c0 .077.058.135.135.135v-.077c0-.077-.038-.135-.135-.135M7.77 10.673h.058c.85-.174 1.275-.31 1.275-.425-.058-.097-.077-.155-.077-.213C10.803 9.436 12 8.837 12.599 8.22c.058 0 .425-.386 1.12-1.198h.077V7.1c-.096.154-.154.27-.154.347h.077c.599-.463.908-.965.908-1.525v-.425c-.136 0-.213-.058-.213-.155q.348-.057.348-.347 0-.348-1.39-.696c-.754-.193-1.565-.27-2.453-.27-.445 0-.889.811-1.333 2.453-.193.193-.792 1.583-1.816 4.19m.83-5.949V4.8c.078 0 .136-.077.213-.212v-.077c-.058 0-.135.077-.212.212m.078 1.333h.077c.136-.058.213-.193.213-.425-.077 0-.174.135-.29.425m6.586.27v.155c.058 0 .135-.078.193-.213v-.077H15.4c-.096.02-.135.058-.135.135m-7.57 4.693v.078h.134a.5.5 0 0 1 .213-.078v.078c1.14-.213 1.815-.445 2.047-.696h-.077c-1.024.232-1.796.444-2.318.618m-.271.696h.058l1.274-.27-.077-.136c-.83.097-1.255.251-1.255.406m2.78 4.345v.135c.735.56 1.179.85 1.334.85-.174-.135-.27-.251-.27-.348zm2.048 1.545c.039.174.174.27.406.27h.077v-.077c-.116 0-.251-.058-.425-.193zm4.539 2.51q.55.495 1.68.986l.077-.135c-.58-.348-1.12-.638-1.603-.85zm3.862 1.121h.213c.077.02.135.058.135.135-.097 0-.135.078-.135.213h-.155l.078-.136v-.077h-.136z'/></svg>",
+  "rojo": "<svg fill='none' viewBox='0 0 24 24'><path fill='#e53935' d='M9.586 2h.077l-.077.135v.29c.598-.116.908-.27.908-.425l.425.058A36 36 0 0 1 12.869 2h.077c.927 0 2.009.502 3.284 1.526.27.444.424.83.502 1.197v.695c-.155.966-.425 1.7-.773 2.183q-.319.26-1.39 1.738h-.078v-.135l.194-.29h-.116a17.6 17.6 0 0 1-5.601 3.226 6.2 6.2 0 0 1-1.545.212c.656.772 1.873 1.796 3.63 3.07.174.097 1.295.812 3.361 2.183 1.719 1.062 3.766 2.221 6.161 3.496v.077h-.29c-.463-.174-.695-.309-.695-.367l-.135.077h-.135c-.058 0-.078-.019-.078-.077-.173.039-.309.213-.424.502.29.078.424.174.424.27-.115.097-.193.155-.27.155l-.348-.077v.077c0 .078.058.135.194.135v.213h-.058c-.097 0-1.16-.618-3.148-1.835-1.41-.715-3.149-1.815-5.176-3.283-.676-.31-1.912-1.217-3.728-2.723h-.193c-.27.405-.618 1.41-1.062 3.013-.097.367-.56.907-1.39 1.602h-.155l-.135-.212v-.077c0-.097.077-.31.212-.618v-.077h-.077c0 .135-.29.347-.83.637H3v-.135c1.642-4.867 2.781-8.035 3.438-9.522q1.68-3.852 1.68-4.403c-.251 0-.811.309-1.68.965h-.135l.058-.135v-.135c-.252 0-.831.406-1.739 1.255h-.077v-.077l.908-1.043.154-.212v-.077h-.154l-.83.695c-.097 0-.136-.039-.136-.116A11.1 11.1 0 0 1 7.693 3.12c1.178-.309 1.758-.656 1.758-1.062zm6.373 1.95v.078c0 .077.058.135.135.135v-.077c0-.077-.038-.135-.135-.135M7.77 10.673h.058c.85-.174 1.275-.31 1.275-.425-.058-.097-.077-.155-.077-.213C10.803 9.436 12 8.837 12.599 8.22c.058 0 .425-.386 1.12-1.198h.077V7.1c-.096.154-.154.27-.154.347h.077c.599-.463.908-.965.908-1.525v-.425c-.136 0-.213-.058-.213-.155q.348-.057.348-.347 0-.348-1.39-.696c-.754-.193-1.565-.27-2.453-.27-.445 0-.889.811-1.333 2.453-.193.193-.792 1.583-1.816 4.19m.83-5.949V4.8c.078 0 .136-.077.213-.212v-.077c-.058 0-.135.077-.212.212m.078 1.333h.077c.136-.058.213-.193.213-.425-.077 0-.174.135-.29.425m6.586.27v.155c.058 0 .135-.078.193-.213v-.077H15.4c-.096.02-.135.058-.135.135m-7.57 4.693v.078h.134a.5.5 0 0 1 .213-.078v.078c1.14-.213 1.815-.445 2.047-.696h-.077c-1.024.232-1.796.444-2.318.618m-.271.696h.058l1.274-.27-.077-.136c-.83.097-1.255.251-1.255.406m2.78 4.345v.135c.735.56 1.179.85 1.334.85-.174-.135-.27-.251-.27-.348zm2.048 1.545c.039.174.174.27.406.27h.077v-.077c-.116 0-.251-.058-.425-.193zm4.539 2.51q.55.495 1.68.986l.077-.135c-.58-.348-1.12-.638-1.603-.85zm3.862 1.121h.213c.077.02.135.058.135.135-.097 0-.135.078-.135.213h-.155l.078-.136v-.077h-.136z'/></svg>",
   "rollup": "<svg viewBox='100 100 800 800'><path fill='#f44336' d='M733.79 394.71c0 77.407-42.308 144.79-104.67 180.51-3.76 3.134-5.954 8.148-3.76 12.849l106.87 211.22c2.82 6.581-1.568 14.103-8.776 14.103h-408.35l2.194-1.254c15.356-8.774 121.91-219.06 225.95-318.72 104.05-99.658 117.21-66.439 59.857-174.87 0 0 44.188 86.182 6.581 92.763-29.459 5.328-97.15-60.17-72.08-119.09 25.071-57.664 123.79-46.695 169.23.314 17.236 30.085 26.952 64.872 26.952 102.17m-385.47 140.71c-41.367 76.154-67.692 131.62-82.108 170.48v-509.57c0-5.328 4.388-9.715 9.715-9.715h252.91c73.333 1.253 137.58 40.114 173.62 98.718-26.325-32.906-67.692-51.71-108.43-51.71-77.407 0-96.837 28.206-245.7 301.79z'/></svg>",
   "rome": "<svg viewBox='0 0 32 32'><path fill='#546e7a' d='M9.875 5.409A14.02 14.02 0 0 0 2.01 17.48a.51.51 0 0 0 .508.519H5.52a.495.495 0 0 0 .491-.481 10.01 10.01 0 0 1 5.273-8.337.494.494 0 0 0 .243-.592l-.958-2.882a.505.505 0 0 0-.694-.3Zm11.556.299-.958 2.882a.494.494 0 0 0 .243.592 10.01 10.01 0 0 1 5.273 8.337.495.495 0 0 0 .49.481h3.004a.51.51 0 0 0 .508-.519A14.02 14.02 0 0 0 22.125 5.41a.505.505 0 0 0-.694.299ZM26 20.5v9a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5v-9a.5.5 0 0 0-.5-.5h-3a.5.5 0 0 0-.5.5m-24 0v9a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5v-9a.5.5 0 0 0-.5-.5h-3a.5.5 0 0 0-.5.5'/><path fill='#ffc400' d='M16.13 10h-.26A7.87 7.87 0 0 0 8 17.87V29.5a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5V17.87A3.88 3.88 0 0 1 15.87 14h.26A3.88 3.88 0 0 1 20 17.87V29.5a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5V17.87A7.87 7.87 0 0 0 16.13 10m1.51-2h-3.28a.5.5 0 0 1-.474-.342l-1.667-5A.5.5 0 0 1 12.694 2h6.612a.5.5 0 0 1 .475.658l-1.667 5A.5.5 0 0 1 17.64 8'/></svg>",
   "routing": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M18 14v-2h8l2-3-2-3h-8V4l-2-2-2 2v6H6l-2 3 2 3h8v10a4 4 0 0 0-4 4h12a4 4 0 0 0-4-4v-6h8l2-3-2-3Z'/></svg>",
-  "rspec": "<svg viewBox='0 0 128 128'><path fill='#FF1744' d='M50.633 39.468h-2.267L33.824 54.661l.423 1.03 8.624 1.563-8.624-1.563 3.05 7.437 26.265 31.47 26.262-31.47 3.051-7.437-8.625 1.563-.096-.53-12.888.016 12.887-.017L76.49 39.5v-.032H54.147l1.71 17.27v.002h-.001v-.002l-1.709-17.27zm12.93 55.13L46.738 64.322 63.562 94.6Zm0 0L52.256 64.752l-.172-.457.172.457 11.305 29.847ZM84.18 57.267l-3.533 7.186zm-3.535 7.186-.13.262zm-5.61-.157-.171.457.172-.457ZM71.05 57.43l-3.638 9.198-.192-.024.192.025zm-11.34 9.2-2.316-5.858 2.315 5.856.196-.025-.196.026Zm3.852 27.97 3.655-27.997-3.654 27.996Zm-20.62-37.334 3.532 7.187zm35.813-17.797 14.543 15.193-.423 1.03-8.625 1.563-.095-.53L76.489 39.5v-.032zM56.073 56.74l7.49.012z' clip-rule='evenodd'/><path fill='#80DEEA' d='M120 64a55.9 55.9 0 0 1-3.96 20.723l-.013-.005-8.327 1.656-5.206-7.77A41 41 0 0 0 105.16 64c0-21.382-16.301-38.955-37.155-40.968l.005-.061 5.632-7.6-4.258-7.115C97.787 10.963 120 34.89 120 64'/><path fill='#4DD0E1' d='m106.557 89.43 8.141-1.618C105.749 106.834 86.412 120 64 120c-22.475 0-41.858-13.239-50.773-32.347l.012-.005 4.506-7.198 9.225 1.543h.003C33.646 95.71 47.72 105.16 64 105.16c16.457 0 30.657-9.658 37.243-23.613l.049.023'/><path fill='#26C6DA' d='M64.808 22.84v.009q-.402-.01-.808-.01c-22.732 0-41.16 18.428-41.16 41.161 0 5.317 1.01 10.395 2.843 15.062l-.049.02-9.33-1.56-4.407 7.037A55.8 55.8 0 0 1 8 64C8 33.072 33.072 8 64 8q1.014 0 2.019.035l4.36 7.289'/></svg>",
-  "rubocop": "<svg viewBox='0 0 32 32'><path fill='#b0bec5' d='M22 24a2 2 0 0 1-2 2h-2l-1-2h-2l-1 2h-2a2 2 0 0 1-2-2v-2H8v2a4 4 0 0 0 4 4h8a4 4 0 0 0 4-4v-2h-2Z'/><path fill='#b0bec5' d='M20 24v-2h-8v2h1v-1h6v1zm6.5-10H26a2 2 0 0 0-2-2H8a2 2 0 0 0-2 2h-.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2h.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/><path fill='#E53935' d='M8 15h16v2H8z' data-mit-no-recolor='true'/><path fill='#b0bec5' d='M23.738 10a7.99 7.99 0 0 0-15.476 0Z'/></svg>",
-  "rubocop_light": "<svg viewBox='0 0 32 32'><path fill='#455a64' d='M22 24a2 2 0 0 1-2 2h-2l-1-2h-2l-1 2h-2a2 2 0 0 1-2-2v-2H8v2a4 4 0 0 0 4 4h8a4 4 0 0 0 4-4v-2h-2Z'/><path fill='#455a64' d='M20 24v-2h-8v2h1v-1h6v1zm6.5-10H26a2 2 0 0 0-2-2H8a2 2 0 0 0-2 2h-.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2h.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/><path fill='#E53935' d='M8 15h16v2H8z' data-mit-no-recolor='true'/><path fill='#455a64' d='M23.738 10a7.99 7.99 0 0 0-15.476 0Z'/></svg>",
+  "rspec": "<svg viewBox='0 0 128 128'><path fill='#ff1744' d='M50.633 39.468h-2.267L33.824 54.661l.423 1.03 8.624 1.563-8.624-1.563 3.05 7.437 26.265 31.47 26.262-31.47 3.051-7.437-8.625 1.563-.096-.53-12.888.016 12.887-.017L76.49 39.5v-.032H54.147l1.71 17.27v.002h-.001v-.002l-1.709-17.27zm12.93 55.13L46.738 64.322 63.562 94.6Zm0 0L52.256 64.752l-.172-.457.172.457 11.305 29.847ZM84.18 57.267l-3.533 7.186zm-3.535 7.186-.13.262zm-5.61-.157-.171.457.172-.457ZM71.05 57.43l-3.638 9.198-.192-.024.192.025zm-11.34 9.2-2.316-5.858 2.315 5.856.196-.025-.196.026Zm3.852 27.97 3.655-27.997-3.654 27.996Zm-20.62-37.334 3.532 7.187zm35.813-17.797 14.543 15.193-.423 1.03-8.625 1.563-.095-.53L76.489 39.5v-.032zM56.073 56.74l7.49.012z' clip-rule='evenodd'/><path fill='#80deea' d='M120 64a55.9 55.9 0 0 1-3.96 20.723l-.013-.005-8.327 1.656-5.206-7.77A41 41 0 0 0 105.16 64c0-21.382-16.301-38.955-37.155-40.968l.005-.061 5.632-7.6-4.258-7.115C97.787 10.963 120 34.89 120 64'/><path fill='#4dd0e1' d='m106.557 89.43 8.141-1.618C105.749 106.834 86.412 120 64 120c-22.475 0-41.858-13.239-50.773-32.347l.012-.005 4.506-7.198 9.225 1.543h.003C33.646 95.71 47.72 105.16 64 105.16c16.457 0 30.657-9.658 37.243-23.613l.049.023'/><path fill='#26c6da' d='M64.808 22.84v.009q-.402-.01-.808-.01c-22.732 0-41.16 18.428-41.16 41.161 0 5.317 1.01 10.395 2.843 15.062l-.049.02-9.33-1.56-4.407 7.037A55.8 55.8 0 0 1 8 64C8 33.072 33.072 8 64 8q1.014 0 2.019.035l4.36 7.289'/></svg>",
+  "rubocop": "<svg viewBox='0 0 32 32'><path fill='#b0bec5' d='M22 24a2 2 0 0 1-2 2h-2l-1-2h-2l-1 2h-2a2 2 0 0 1-2-2v-2H8v2a4 4 0 0 0 4 4h8a4 4 0 0 0 4-4v-2h-2Z'/><path fill='#b0bec5' d='M20 24v-2h-8v2h1v-1h6v1zm6.5-10H26a2 2 0 0 0-2-2H8a2 2 0 0 0-2 2h-.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2h.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/><path fill='#e53935' d='M8 15h16v2H8z' data-mit-no-recolor='true'/><path fill='#b0bec5' d='M23.738 10a7.99 7.99 0 0 0-15.476 0Z'/></svg>",
+  "rubocop_light": "<svg viewBox='0 0 32 32'><path fill='#455a64' d='M22 24a2 2 0 0 1-2 2h-2l-1-2h-2l-1 2h-2a2 2 0 0 1-2-2v-2H8v2a4 4 0 0 0 4 4h8a4 4 0 0 0 4-4v-2h-2Z'/><path fill='#455a64' d='M20 24v-2h-8v2h1v-1h6v1zm6.5-10H26a2 2 0 0 0-2-2H8a2 2 0 0 0-2 2h-.5a.5.5 0 0 0-.5.5v3a.5.5 0 0 0 .5.5H6a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2h.5a.5.5 0 0 0 .5-.5v-3a.5.5 0 0 0-.5-.5'/><path fill='#e53935' d='M8 15h16v2H8z' data-mit-no-recolor='true'/><path fill='#455a64' d='M23.738 10a7.99 7.99 0 0 0-15.476 0Z'/></svg>",
   "ruby": "<svg viewBox='0 0 24 24'><path fill='#f44336' d='M18.041 3.177c2.24.382 2.879 1.919 2.843 3.527V6.67l-1.013 13.266-13.132.897h.008c-1.093-.044-3.518-.151-3.634-3.545l1.217-2.222 2.462 5.74 2.097-6.77-.045.009.018-.018 6.85 2.186L13.945 9.3l6.53-.409-5.144-4.212 2.71-1.51v.009M3.113 17.252v.017zM6.916 6.874c2.63-2.622 6.033-4.168 7.34-2.844 1.297 1.306-.072 4.523-2.702 7.135-2.666 2.613-6.015 4.248-7.322 2.933-1.306-1.324.036-4.612 2.675-7.224z'/></svg>",
   "ruff": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M26 16a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2H4v24h10v-8h2v8h12V18h-6v-2Zm-8-2h-6v-2h6Z'/></svg>",
   "rust": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='m30 12-4-2V6h-4l-2-4-4 2-4-2-2 4H6v4l-4 2 2 4-2 4 4 2v4h4l2 4 4-2 4 2 2-4h4v-4l4-2-2-4ZM6 16a9.9 9.9 0 0 1 .842-4H10v8H6.842A9.9 9.9 0 0 1 6 16m10 10a9.98 9.98 0 0 1-7.978-4H16v-2h-2v-2h4c.819.819.297 2.308 1.179 3.37a1.89 1.89 0 0 0 1.46.63h3.34A9.98 9.98 0 0 1 16 26m-2-12v-2h4a1 1 0 0 1 0 2Zm11.158 6H24a2.006 2.006 0 0 1-2-2 2 2 0 0 0-2-2 3 3 0 0 0 3-3q0-.08-.004-.161A3.115 3.115 0 0 0 19.83 10H8.022a9.986 9.986 0 0 1 17.136 10'/></svg>",
   "salesforce": "<svg viewBox='0 0 24 24'><path fill='#039be5' d='M18.206 6.522c-.681 0-1.275.204-1.858.399-.681-1.177-1.956-1.956-3.328-1.956-1.07 0-2.043.487-2.734 1.168-.779-.973-1.956-1.664-3.318-1.664-2.267 0-4.213 1.858-4.213 4.126 0 .574.204 1.157.399 1.741a3.58 3.58 0 0 0-1.859 3.124c0 1.946 1.567 3.62 3.523 3.62.292 0 .583 0 .778-.098.39 1.469 1.858 2.55 3.62 2.55 1.654 0 3.026-.984 3.512-2.356.496.205.983.4 1.47.4 1.274 0 2.442-.71 3.025-1.762.302.078.613.078.886.078 2.54 0 4.592-2.034 4.592-4.67.098-2.627-1.946-4.7-4.495-4.7'/></svg>",
-  "san": "<svg viewBox='0 0 32 32'><path fill='#01579B' d='M28 17.898 4 23.316V30l24-5.418Zm0-10.623L4 12.694v6.683l24-5.418Z'/><path fill='#B3E5FC' d='M28 13.926 4 8.684V2l24 5.242Zm0 10.623L4 19.307v-6.684l24 5.242Z'/></svg>",
+  "san": "<svg viewBox='0 0 32 32'><path fill='#01579b' d='M28 17.898 4 23.316V30l24-5.418Zm0-10.623L4 12.694v6.683l24-5.418Z'/><path fill='#b3e5fc' d='M28 13.926 4 8.684V2l24 5.242Zm0 10.623L4 19.307v-6.684l24 5.242Z'/></svg>",
   "sas": "<svg viewBox='0 0 6.35 6.35'><path fill='#039be5' d='M3.16.546a1.9 1.9 0 0 0-.667.13c-.378.157-.678.4-.846.74-.255.452-.296 1.032.04 1.536.31.474.72.908 1.148 1.407.382.139.572-.272.515-.42-.276-.35-.57-.695-.804-1.06a1.1 1.1 0 0 1-.07-.906c.075-.198.503-.84 1.372-.836.345.04.658.059 1.086.53a1.6 1.6 0 0 0-.536-.753A2.05 2.05 0 0 0 3.159.546zm.245 1.4c-.277.002-.406.227-.348.437.253.365.578.748.869 1.122.316.609.092 1.077-.512 1.472-.82.458-1.576.116-2.026-.298.234.489.423.636.471.679.31.27.81.527 1.62.423.456-.102 1.06-.256 1.396-1.097.093-.265.125-.54.03-.843-.09-.338-.274-.58-.466-.829-.3-.351-.77-.979-.906-1.053a.6.6 0 0 0-.128-.013'/></svg>",
   "sass": "<svg viewBox='0 0 32 32'><path fill='#ec407a' d='M27.837 5.673a4.33 4.33 0 0 0-2.293-2.701c-2.362-1.261-6.11-1.298-9.548-.092a26.3 26.3 0 0 0-8.76 4.966c-2.752 2.542-3.438 4.925-3.189 6.194.523 2.668 3.274 4.539 5.485 6.042.418.284.822.559 1.175.816-1.429.76-4.261 2.444-5.088 4.248a3.88 3.88 0 0 0-.118 3.332A2.37 2.37 0 0 0 6.869 29.8a5.6 5.6 0 0 0 1.49.2 6.35 6.35 0 0 0 5.19-2.856 6.74 6.74 0 0 0 .864-5.382 7.3 7.3 0 0 1 2.044-.03 3.92 3.92 0 0 1 2.816 1.311 1.82 1.82 0 0 1 .423 1.262 1.55 1.55 0 0 1-.772 1.05c-.234.14-.586.355-.504.803.036.194.198.633.894.512a2.93 2.93 0 0 0 2.145-2.651 4 4 0 0 0-1.197-2.904 5.94 5.94 0 0 0-4.396-1.626 10.6 10.6 0 0 0-2.672.304 20 20 0 0 0-2.203-1.846c-1.712-1.3-3.33-2.529-3.235-4.26.125-2.263 2.468-4.532 6.964-6.744 4.016-1.976 7.254-2.037 8.944-1.438a2 2 0 0 1 1.204.883 2.77 2.77 0 0 1-.36 2.47 9.71 9.71 0 0 1-7.425 4.304 3.86 3.86 0 0 1-3.238-.757c-.278-.302-.593-.645-1.074-.383q-.565.31-.225 1.189a3.9 3.9 0 0 0 2.407 1.92 11.7 11.7 0 0 0 7.128-.671c3.527-1.35 6.681-5.202 5.756-8.787M11.895 24.475a4 4 0 0 1-.192.468 4.5 4.5 0 0 1-.753 1.081 2.83 2.83 0 0 1-2.533 1.107c-.056-.032-.078-.146-.085-.193a3.28 3.28 0 0 1 1.076-2.284 11.3 11.3 0 0 1 2.644-1.933 3.85 3.85 0 0 1-.157 1.754'/></svg>",
   "sbt": "<svg viewBox='0 0 300 300'><path fill='#0277bd' d='M105.46 209.517c-7.875 0-13.452-7.521-13.452-15.37v-.327c0-7.848 5.578-13.735 13.452-13.735h164.05c1.476-4.905 2.625-11.446 3.281-17.986h-137.81c-7.875 0-14.273-6.05-14.273-13.898s6.398-13.898 14.273-13.898h137.31c-.82-6.54-1.969-13.081-3.773-17.986h-104.01c-7.875 0-14.273-6.05-14.273-13.898s6.398-13.898 14.273-13.898h91.87c-21.327-37.607-60.864-61.315-106.14-61.315-67.918 0-123.04 54.448-123.04 122.3 0 67.856 55.122 123.28 123.04 123.28 46.59 0 87.112-25.507 107.95-63.114h-152.73z'/></svg>",
@@ -932,7 +978,7 @@
   "semantic-release_light": "<svg viewBox='0 0 300 300'><path fill='#455a64' d='M93.656 252.93c-30.929-17.946-57.303-33.656-58.608-34.91-2.197-2.111-2.372-7.168-2.352-68.012.01-36.152.469-66.413 1.017-67.248.84-1.278 114.93-68.32 116.26-68.32 1.335 0 115.42 67.042 116.26 68.32 1.697 2.584 1.253 132.52-.461 134.58-1.178 1.42-50.022 30.2-110.42 65.063l-5.466 3.155zm74.879 11.529c9.928-5.689 19.12-11.554 20.425-13.033 5.167-5.855 2.22-22.428-7.921-44.553-3.434-7.491-5.89-13.974-5.458-14.406 2.166-2.165 30 21.345 35.714 30.166 8.795 13.576 5.942 13.273 24.626 2.61 9.088-5.185 17.723-10.52 19.191-11.854 2.44-2.22 2.668-4.272 2.668-24.017 0-24.644.382-23.74-12.846-30.433-7.331-3.71-27.076-7.453-39.62-7.51-3.127-.015-6.045-.611-6.486-1.326-1.018-1.646 3.35-3.864 20.305-10.314 10.685-4.064 16.148-5.32 25.765-5.926l12.204-.768V87.052l-16.926-9.863c-9.31-5.425-18.078-9.863-19.485-9.863-4.587 0-18.396 9.537-24.283 16.77-3.164 3.888-8.499 11.144-11.855 16.125-3.357 4.982-6.648 9.076-7.314 9.1-1.699.06.055-16.855 3.282-31.654 1.676-7.688 4.235-14.848 6.755-18.906 2.231-3.592 4.057-7.32 4.057-8.283 0-1.574-38.81-25.189-41.396-25.189-1.803 0-38.26 21.675-40.016 23.79-1.114 1.343-1.456 5.6-1.056 13.167.52 9.845 1.444 13.13 7.728 27.456 3.926 8.95 7.463 17.035 7.86 17.968 1.606 3.762-2.84 1.171-15.601-9.094-15.36-12.355-19.89-17.167-24.644-26.181-1.863-3.533-4-6.376-4.746-6.318-.747.057-9.292 4.806-18.987 10.552l-17.63 10.448v47.348l7.44 4.445c9.78 5.844 13.866 6.917 33.242 8.725 8.95.835 16.8 1.982 17.445 2.548 1.506 1.321-3.334 3.76-20.158 10.16-10.685 4.064-16.148 5.32-25.765 5.926l-12.204.769-.372 21.952c-.44 25.928-2.375 22.64 21.282 36.139l16.252 9.273 7.144-3.85c9.02-4.859 15.585-11.571 25.982-26.562 4.526-6.526 8.717-11.865 9.314-11.865 1.68 0 1.312 5.155-1.614 22.579-2.03 12.092-3.88 18.4-7.474 25.496-4.046 7.985-4.493 9.712-2.918 11.287 1.926 1.926 37.46 23.046 39.11 23.245.513.062 9.056-4.542 18.985-10.231zm-28.054-89.313c-7.395-2.593-15.058-11.41-16.73-19.25-4.594-21.54 17.346-39.532 37.071-30.4 17.296 8.008 21.43 29.242 8.34 42.832-8.106 8.416-17.651 10.686-28.68 6.818zm16.04-7.965c2.435-1.017 6.077-3.81 8.093-6.206 7.074-8.407 3.726-22.934-6.392-27.735-12.968-6.154-26.556 2.647-26.556 17.2 0 7.107 4.494 13.649 11.459 16.683 5.324 2.319 7.957 2.33 13.396.058'/></svg>",
   "semgrep": "<svg viewBox='0 0 24 24'><path fill='#00bfa5' d='M5.918 8.101a3.898 3.898 0 1 0 3.041 6.336l.004-.005.002.001q.055-.069.107-.142a2.7 2.7 0 0 0 .36-.602l.029-.064.03-.067h.13a2 2 0 0 1-.117.348 7 7 0 0 1-.38.705l-.007.01A3.9 3.9 0 0 0 12 15.898a3.9 3.9 0 0 0 2.883-1.277l-.006-.01a7 7 0 0 1-.383-.705 2 2 0 0 1-.117-.348h.13q.035.079.071.155a2.7 2.7 0 0 0 .348.578l.023.03.008.01q.038.052.078.1v.003l.002.002a3.898 3.898 0 1 0 .149-5.047c.238.385.416.677.537.974h-.137c-.238-.388-.319-.543-.545-.802a3.89 3.89 0 0 0-3.04-1.46 3.89 3.89 0 0 0-3.042 1.46c-.226.26-.309.414-.547.802h-.135c.121-.297.297-.589.536-.974a3.9 3.9 0 0 0-2.895-1.287zm0 1.715a2.184 2.184 0 1 1 0 4.368 2.184 2.184 0 0 1 0-4.368m6.082 0a2.184 2.184 0 1 1 0 4.368 2.184 2.184 0 0 1 0-4.368m6.082 0c1.206 0 2.182.978 2.182 2.184a2.182 2.182 0 1 1-4.366 0c0-1.206.978-2.184 2.184-2.184'/></svg>",
   "sentry": "<svg viewBox='0 0 200 200'><path fill='#f06292' d='M181.58 148.3c3.8 6.649 4.206 13.637 1.018 19.2s-9.43 8.684-17.03 8.684h-14.45c.203-2.714.271-5.428.271-8.141 0-3.053-.136-6.106-.34-9.091h9.499c2.307 0 4.206-1.9 4.206-4.207 0-.678-.203-1.424-.475-2.035L103.694 47.35c-.746-1.357-2.17-2.171-3.663-2.171s-2.85.746-3.596 2.035l-9.634 16.69c29.241 22.05 48.848 56.175 51.561 94.914.204 2.985.34 6.038.34 9.091 0 2.714-.136 5.428-.272 8.142H91.278q.407-4.071.407-8.142c0-3.053-.203-6.106-.542-9.09-2.307-21.304-12.755-40.232-28.155-53.53l-6.65 11.533c11.602 10.787 19.54 25.51 21.71 42.063.408 2.985.611 6.038.611 9.091 0 2.782-.203 5.496-.475 8.142H34.425c-7.666 0-13.908-3.189-17.029-8.684-3.188-5.496-2.781-12.551 1.018-19.2l8.956-15.401a52.4 52.4 0 0 1 13.704 10.652l-5.36 9.09c-.34.611-.475 1.29-.543 2.036 0 2.307 1.9 4.206 4.206 4.206h21.235a52.26 52.26 0 0 0-13.162-26.595c-3.934-4.274-8.616-7.87-13.704-10.65L57.424 80.39c5.02 2.782 9.838 6.038 14.247 9.702 20.421 16.554 34.193 41.046 36.704 68.726h12.687c-2.578-32.362-18.86-60.924-43.013-79.852-4.545-3.528-9.362-6.784-14.383-9.566l20.217-35.143c3.8-6.649 9.702-10.448 16.011-10.448 6.378 0 12.212 3.8 16.011 10.448z'/></svg>",
-  "sequelize": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 250 250'><g stroke-width='.725'><path fill='#01579b' d='M190.945 86.173v77.236l-65.63 38.829-.593.54v28.867l.593.56 92.43-53.39V71.194l-.873-.215-26.058 14.568.132.629'/><path fill='#0288d1' d='m59.477 164.043 65.84 38.196v29.966l-93.063-53.601v-107.2l.955-.144 25.983 15.106.285.865v76.814'/><path fill='#4fc3f7' d='M59.477 87.223 32.254 71.396l92.852-53.601 92.64 53.39-26.8 14.983-65.84-37.563-65.63 38.618'/><path fill='#283593' d='m124.186 155.203-.713-.727v-29.002l.713-.369.173-.715 24.864-14.504.76.17v29.884l-25.798 15.263'/><path fill='#0277BD' d='M97.959 140.873v-31.029l.72-.035 25.292 14.718.216.58v30.098z'/><path fill='#29B6F6' d='m123.756 94.583-25.798 15.264 26.228 15.263 25.798-15.049z'/><path fill='#01579b' d='m92.083 174.123-.713-.727v-29.003l.713-.368.173-.715 24.863-14.504.761.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M65.855 159.793v-31.03l.72-.036 25.292 14.72.215.58v30.098z'/><path fill='#4fc3f7' d='m91.653 113.503-25.799 15.263 26.229 15.264 25.798-15.049-26.228-15.479'/><path fill='#01579b' d='m158.585 174.843-.712-.727v-29.003l.713-.368.173-.715 24.864-14.504.76.17v29.882z'/><path fill='#0288d1' d='M132.356 160.513v-31.03l.72-.035 25.292 14.72.216.58v30.097z'/><path fill='#4fc3f7' d='m158.155 114.213-25.798 15.263 26.228 15.264 25.798-15.049z'/><path fill='#01579b' d='m126.476 193.763-.713-.727v-29.003l.713-.368.173-.716 24.864-14.503.76.17V178.5l-25.798 15.264'/><path fill='#0288d1' d='M100.256 179.433v-31.03l.72-.035 25.293 14.718.214.58v30.099l-26.228-14.332'/><path fill='#4fc3f7' d='m126.046 133.133-25.799 15.264 26.229 15.264 25.798-15.049z'/><path fill='#01579b' d='m124.186 114.073-.713-.728V84.343l.713-.368.173-.715 24.864-14.503.76.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M97.959 99.743v-31.03l.72-.035 25.292 14.718.216.58v30.099z'/><path fill='#4fc3f7' d='M123.756 53.443 97.958 68.707l26.228 15.264 25.798-15.049z'/><path fill='#01579b' d='m92.083 132.993-.713-.727v-29.002l.713-.369.173-.715 24.863-14.504.761.17v29.884l-25.798 15.263'/><path fill='#0288d1' d='M65.855 118.663V87.634l.72-.036 25.292 14.72.215.58v30.097z'/><path fill='#4fc3f7' d='m91.653 72.363-25.8 15.264 26.229 15.263 25.798-15.049z'/><path fill='#01579b' d='m158.585 133.713-.712-.727v-29.002l.713-.369.173-.715 24.864-14.504.76.17v29.884z'/><path fill='#0288d1' d='M132.356 119.373V88.344l.72-.035 25.292 14.718.216.58v30.098z'/><path fill='#4fc3f7' d='m158.155 73.083-25.798 15.264 26.228 15.263 25.798-15.049z'/><path fill='#01579b' d='m126.476 152.623-.713-.727v-29.003l.713-.368.173-.715 24.864-14.504.76.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M100.256 138.293v-31.03l.72-.036 25.293 14.72.214.58v30.098l-26.228-14.332'/><path fill='#4fc3f7' d='m126.046 92.003-25.799 15.264 26.229 15.264 25.798-15.049z'/></g></svg>",
+  "sequelize": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 250 250'><g stroke-width='.725'><path fill='#01579b' d='M190.945 86.173v77.236l-65.63 38.829-.593.54v28.867l.593.56 92.43-53.39V71.194l-.873-.215-26.058 14.568.132.629'/><path fill='#0288d1' d='m59.477 164.043 65.84 38.196v29.966l-93.063-53.601v-107.2l.955-.144 25.983 15.106.285.865v76.814'/><path fill='#4fc3f7' d='M59.477 87.223 32.254 71.396l92.852-53.601 92.64 53.39-26.8 14.983-65.84-37.563-65.63 38.618'/><path fill='#283593' d='m124.186 155.203-.713-.727v-29.002l.713-.369.173-.715 24.864-14.504.76.17v29.884l-25.798 15.263'/><path fill='#0277bd' d='M97.959 140.873v-31.029l.72-.035 25.292 14.718.216.58v30.098z'/><path fill='#29b6f6' d='m123.756 94.583-25.798 15.264 26.228 15.263 25.798-15.049z'/><path fill='#01579b' d='m92.083 174.123-.713-.727v-29.003l.713-.368.173-.715 24.863-14.504.761.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M65.855 159.793v-31.03l.72-.036 25.292 14.72.215.58v30.098z'/><path fill='#4fc3f7' d='m91.653 113.503-25.799 15.263 26.229 15.264 25.798-15.049-26.228-15.479'/><path fill='#01579b' d='m158.585 174.843-.712-.727v-29.003l.713-.368.173-.715 24.864-14.504.76.17v29.882z'/><path fill='#0288d1' d='M132.356 160.513v-31.03l.72-.035 25.292 14.72.216.58v30.097z'/><path fill='#4fc3f7' d='m158.155 114.213-25.798 15.263 26.228 15.264 25.798-15.049z'/><path fill='#01579b' d='m126.476 193.763-.713-.727v-29.003l.713-.368.173-.716 24.864-14.503.76.17V178.5l-25.798 15.264'/><path fill='#0288d1' d='M100.256 179.433v-31.03l.72-.035 25.293 14.718.214.58v30.099l-26.228-14.332'/><path fill='#4fc3f7' d='m126.046 133.133-25.799 15.264 26.229 15.264 25.798-15.049z'/><path fill='#01579b' d='m124.186 114.073-.713-.728V84.343l.713-.368.173-.715 24.864-14.503.76.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M97.959 99.743v-31.03l.72-.035 25.292 14.718.216.58v30.099z'/><path fill='#4fc3f7' d='M123.756 53.443 97.958 68.707l26.228 15.264 25.798-15.049z'/><path fill='#01579b' d='m92.083 132.993-.713-.727v-29.002l.713-.369.173-.715 24.863-14.504.761.17v29.884l-25.798 15.263'/><path fill='#0288d1' d='M65.855 118.663V87.634l.72-.036 25.292 14.72.215.58v30.097z'/><path fill='#4fc3f7' d='m91.653 72.363-25.8 15.264 26.229 15.263 25.798-15.049z'/><path fill='#01579b' d='m158.585 133.713-.712-.727v-29.002l.713-.369.173-.715 24.864-14.504.76.17v29.884z'/><path fill='#0288d1' d='M132.356 119.373V88.344l.72-.035 25.292 14.718.216.58v30.098z'/><path fill='#4fc3f7' d='m158.155 73.083-25.798 15.264 26.228 15.263 25.798-15.049z'/><path fill='#01579b' d='m126.476 152.623-.713-.727v-29.003l.713-.368.173-.715 24.864-14.504.76.17v29.882l-25.798 15.264'/><path fill='#0288d1' d='M100.256 138.293v-31.03l.72-.036 25.293 14.72.214.58v30.098l-26.228-14.332'/><path fill='#4fc3f7' d='m126.046 92.003-25.799 15.264 26.229 15.264 25.798-15.049z'/></g></svg>",
   "serverless": "<svg viewBox='0 0 32 32'><path fill='#ef5350' d='M12.897 6H2v4h9.613zm4.201 0-1.284 4H30V6zm-2.568 8-1.283 4H30v-4zm-4.2 0H2v4h7.046zm1.633 8-1.283 4H30v-4zm-4.201 0H2v4h4.479z'/></svg>",
   "settings": "<svg fill='none' viewBox='0 0 24 24'><path d='M0 0h24v24H0z'/><path fill='#42a5f5' d='M19.43 12.98c.04-.32.07-.64.07-.98s-.03-.66-.07-.98l2.11-1.65c.19-.15.24-.42.12-.64l-2-3.46a.5.5 0 0 0-.61-.22l-2.49 1c-.52-.4-1.08-.73-1.69-.98l-.38-2.65A.49.49 0 0 0 14 2h-4c-.25 0-.46.18-.49.42l-.38 2.65c-.61.25-1.17.59-1.69.98l-2.49-1a.6.6 0 0 0-.18-.03c-.17 0-.34.09-.43.25l-2 3.46c-.13.22-.07.49.12.64l2.11 1.65c-.04.32-.07.65-.07.98s.03.66.07.98l-2.11 1.65c-.19.15-.24.42-.12.64l2 3.46a.5.5 0 0 0 .61.22l2.49-1c.52.4 1.08.73 1.69.98l.38 2.65c.03.24.24.42.49.42h4c.25 0 .46-.18.49-.42l.38-2.65c.61-.25 1.17-.59 1.69-.98l2.49 1q.09.03.18.03c.17 0 .34-.09.43-.25l2-3.46c.12-.22.07-.49-.12-.64zm-1.98-1.71c.04.31.05.52.05.73s-.02.43-.05.73l-.14 1.13.89.7 1.08.84-.7 1.21-1.27-.51-1.04-.42-.9.68c-.43.32-.84.56-1.25.73l-1.06.43-.16 1.13-.2 1.35h-1.4l-.19-1.35-.16-1.13-1.06-.43c-.43-.18-.83-.41-1.23-.71l-.91-.7-1.06.43-1.27.51-.7-1.21 1.08-.84.89-.7-.14-1.13c-.03-.31-.05-.54-.05-.74s.02-.43.05-.73l.14-1.13-.89-.7-1.08-.84.7-1.21 1.27.51 1.04.42.9-.68c.43-.32.84-.56 1.25-.73l1.06-.43.16-1.13.2-1.35h1.39l.19 1.35.16 1.13 1.06.43c.43.18.83.41 1.23.71l.91.7 1.06-.43 1.27-.51.7 1.21-1.07.85-.89.7zM12 8c-2.21 0-4 1.79-4 4s1.79 4 4 4 4-1.79 4-4-1.79-4-4-4m0 6c-1.1 0-2-.9-2-2s.9-2 2-2 2 .9 2 2-.9 2-2 2'/></svg>",
   "shader": "<svg viewBox='0 0 24 24'><path fill='#ab47bc' d='M10.469 17.102a4.083 4.083 0 1 1-8.166 0 4.083 4.083 0 0 1 8.166 0m5.069-9.666a4.083 4.083 0 1 0-5.446 3.296c3.13 1.231 3.867 2.474 3.475 5.828a4.083 4.083 0 1 0 5.446-3.295c-3.13-1.232-3.869-2.475-3.475-5.829'/></svg>",
@@ -943,12 +989,13 @@
   "slim": "<svg viewBox='0 0 32 32'><path fill='#f57f17' d='M23 2H9a7 7 0 0 0-7 7v14a7 7 0 0 0 7 7h14a7 7 0 0 0 7-7V9a7 7 0 0 0-7-7m-5 14-4-6v6H6a10 10 0 0 1 20 0Z'/></svg>",
   "slint": "<svg viewBox='0 0 16 16'><path fill='#2979ff' d='M12 1 3 7l5 2-2-2Z'/><path fill='#2979ff' d='m4 15 9-6-5-2 2 2Z'/></svg>",
   "slug": "<svg viewBox='0 0 24 24'><path fill='#f9a825' d='m9.164 21.221-.983-.056c-3.402-.19-5.654-.714-6.125-1.427-.136-.205-.146-.515-.022-.681.115-.154.377-.28.744-.355l.313-.064.373.122c1.568.517 2.903.589 4.875.263.82-.135 1.26-.29 1.736-.613.183-.124.26-.152.413-.152.62-.002 1.581-.168 2.066-.357 1.392-.544 2.655-2.023 2.979-3.49.159-.717.072-1.83-.211-2.693l-.13-.397.028-.747c.023-.606.047-.818.126-1.123.29-1.108.991-1.878 1.957-2.145.374-.103 1.17-.093 1.589.02a3.34 3.34 0 0 1 1.595.941c.505.548.707 1.025.735 1.738.021.55-.034.809-.283 1.316-.211.43-.542.833-.909 1.107-.15.113-.302.23-.336.26-.052.046-.067.192-.087.837-.014.43-.053.986-.086 1.235-.458 3.354-2.234 5.421-5.307 6.174-1.023.25-1.37.283-3.183.292-.908.005-1.748.002-1.867-.005m-3.967-2.877-.45-.07-.3-.322c-1.514-1.613-2.085-4.002-1.43-5.98.646-1.953 2.32-3.39 4.496-3.86.557-.121 1.912-.133 2.437-.023a6.7 6.7 0 0 1 1.631.56c1.828.904 2.982 2.495 3.205 4.421.111.955-.13 1.793-.763 2.651-.712.966-1.618 1.525-2.681 1.654l-.233.028.267-.277c.475-.495.596-.93.596-2.15 0-.683-.011-.831-.087-1.134-.182-.721-.476-1.239-.967-1.705-.643-.611-1.44-.923-2.349-.92-1.295.005-2.196.828-2.196 2.006 0 .398.069.695.24 1.033.135.269.446.62.68.769.368.233.984.35 1.195.225a.387.387 0 0 0 .096-.61c-.09-.101-.15-.126-.364-.154-.337-.043-.437-.086-.642-.275-.26-.239-.395-.57-.397-.964-.002-.269.014-.348.11-.543.133-.27.396-.497.703-.603.327-.114.98-.096 1.386.038.854.281 1.456.918 1.699 1.797.054.196.07.401.07.903 0 .57-.011.683-.092.941-.103.327-.31.758-.488 1.019-.295.429-.853.927-1.283 1.144-.691.348-2.98.573-4.09.4zM19.199 6.578l-.244-.078.14-.4c.537-1.544 1.334-2.521 2.057-2.521.567 0 1.043.588.862 1.067-.045.12-.244.345-.37.419-.044.025-.31.054-.597.065-.497.019-.524.024-.688.139-.221.154-.503.575-.69 1.03-.081.2-.166.361-.188.36a3 3 0 0 1-.282-.081m-2.185-.06c-.068-.115-.127-.837-.126-1.545.001-.639.015-.863.07-1.08.194-.765.529-1.121 1.055-1.121.588 0 .932.42.782.957-.072.258-.183.365-.591.568-.312.155-.394.216-.496.369-.176.262-.228.59-.2 1.253l.023.538-.165.027c-.09.014-.202.035-.249.047s-.092.006-.103-.012z'/></svg>",
-  "smarty": "<svg viewBox='0 0 32 32'><path fill='#FFCA28' d='M16 5a7 7 0 0 1 4.198 12.601l-1.198.9V21h-6v-2.498l-1.198-.9a7 7 0 0 1 3.362-12.554A7 7 0 0 1 16 5m0-3a10 10 0 0 0-1.176.067A10 10 0 0 0 10 20.001V22a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2v-2a10 10 0 0 0-6-18m-4 24h8v2a2 2 0 0 1-2 2h-4a2 2 0 0 1-2-2z'/></svg>",
+  "smarty": "<svg viewBox='0 0 32 32'><path fill='#ffca28' d='M16 5a7 7 0 0 1 4.198 12.601l-1.198.9V21h-6v-2.498l-1.198-.9a7 7 0 0 1 3.362-12.554A7 7 0 0 1 16 5m0-3a10 10 0 0 0-1.176.067A10 10 0 0 0 10 20.001V22a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2v-2a10 10 0 0 0-6-18m-4 24h8v2a2 2 0 0 1-2 2h-4a2 2 0 0 1-2-2z'/></svg>",
   "sml": "<svg viewBox='0 0 24 24'><path fill='#f44336' d='M4.747 6.562h6.437c1.202 0 2.176.974 2.176 2.176v8.702h-2.176V8.738H9.008v7.614H6.833V8.738H4.746v8.702H2.481V8.738a2.176 2.176 0 0 1 2.266-2.176m10.244 0h2.176v8.702h4.352v2.176H14.99z'/></svg>",
+  "snakemake": "<svg viewBox='0 0 16 16'><path fill='#00897b' d='M6.635 11.014c1.237 0 2.473-.006 3.71.002 1.273.009 2.127 1.282 1.76 2.608-.208.754-.864 1.353-1.586 1.36-1.711.019-3.426.07-5.133-.02-1.558-.084-2.674-1.028-3.369-2.538-.313-.681.121-1.403.828-1.408 1.263-.008 2.527-.002 3.79-.002z'/><path fill='#00897b' d='M8.19 6.022c.744 0 1.489-.003 2.233 0 2.266.01 4.026 1.934 4.061 4.41.018 1.236-.35 2.298-1.118 3.198-.061.072-.157.11-.236.163-.013-.097-.047-.196-.036-.29.217-1.871-1.058-3.473-2.82-3.498-1.506-.022-3.013-.002-4.52-.01-.88-.004-1.587-.639-1.771-1.569-.243-1.227.607-2.392 1.759-2.402.816-.007 1.632-.001 2.448-.002'/><path fill='#00897b' d='M11.242 3.292c.296-.006.518-.264.507-.589-.011-.312-.237-.536-.532-.525-.282.01-.512.27-.504.567.007.29.261.553.529.547m-8.3 5.473c-.457-.45-.784-1.005-1.007-1.627-.9-2.52.466-5.374 2.874-5.996a4 4 0 0 1 .985-.114c1.534-.012 3.067-.02 4.6-.001 1.697.02 2.933.888 3.721 2.516.342.706-.071 1.449-.806 1.456-1.058.011-2.116.003-3.174.003-1.417 0-2.833-.006-4.25.001-1.442.008-2.65 1.145-2.85 2.691-.034.257.008.525.01.788.002.088-.01.177-.017.266z'/></svg>",
   "snapcraft": "<svg viewBox='0 0 1.28 1.28'><path fill='#81c784' d='M.76.36 1 .48.76.72zm-.48.8.44-.4-.2-.2zM.12.12l.6.6V.36z'/><path fill='#ff6e40' d='M1.12.36.76.32l.4.2z'/></svg>",
   "snowpack": "<svg viewBox='-30 -94 700 700'><path fill='#cfd8dc' d='M600.53 440.27 344.04 41.29a28.5 28.5 0 0 0-48.092 0L39.458 440.27a28.499 28.499 0 0 0 24.046 43.639h512.98a28.499 28.499 0 0 0 24.046-43.639M320 108.97l75.7 118.45H320l-56.998 56.998-33.842-33.842z'/></svg>",
   "snowpack_light": "<svg viewBox='-30 -94 700 700'><path fill='#607d8b' d='M600.53 440.27 344.04 41.29a28.5 28.5 0 0 0-48.092 0L39.458 440.27a28.499 28.499 0 0 0 24.046 43.639h512.98a28.499 28.499 0 0 0 24.046-43.639M320 108.97l75.7 118.45H320l-56.998 56.998-33.842-33.842z'/></svg>",
-  "snyk": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='M25.338 20.622c-.337-.62.142-2.09.142-2.09-2.745-2.478-3.432-7.645-3.432-7.645-.512 1.628-1.626 6.428-1.626 6.428a16 16 0 0 0-4.38-.674h-.017q-.192 0-.38.007v11.351h10.323c.034-2.228-.63-7.377-.63-7.377M21.288 24h-3.205a4.2 4.2 0 0 1 2.926-1.409c1.695 0 .428 1.265.278 1.409Z'/><path fill='#90a4ae' d='M11.666 17.316s-1.115-4.8-1.627-6.43c0 .004-.687 5.169-3.432 7.646 0 0 .48 1.47.142 2.09 0 0-.665 5.15-.63 7.377H16V16.64a15.3 15.3 0 0 0-4.334.676M10.77 24c-.149-.144-1.416-1.409.278-1.409A4.2 4.2 0 0 1 13.975 24Z'/><path fill='#455a64' d='M21.555 25.209H18v.033a2.196 2.196 0 0 0 2.333 1.977 2.196 2.196 0 0 0 2.333-1.977v-.033Z'/><path fill='#FAFAFA' d='M18.888 25.209v.033a1.344 1.344 0 0 0 2.667 0v-.033Z'/><path fill='#37474f' d='M20.633 25.209h-.625l-.016.003c.077.015.12.17.103.272a.346.346 0 0 1-.351.27.56.56 0 0 0 .494.401.58.58 0 0 0 .668-.439c.033-.209-.081-.507-.273-.507'/><path fill='#455a64' d='M12.972 25.209H9.417v.033a2.196 2.196 0 0 0 2.333 1.977 2.196 2.196 0 0 0 2.334-1.977v-.033Z'/><path fill='#FAFAFA' d='M10.306 25.209v.033a1.26 1.26 0 0 0 1.333 1.176 1.26 1.26 0 0 0 1.333-1.176v-.033Z'/><path fill='#37474f' d='M12.051 25.209h-.626l-.016.003c.077.015.12.17.104.272a.346.346 0 0 1-.352.27.565.565 0 0 0 .494.401.58.58 0 0 0 .668-.439c.033-.209-.08-.507-.272-.507'/><path fill='#607d8b' d='m9.775 4-1.3 2.098C8.017 6.846 4 13.468 4 15.86V16l1.84 4.31A54.4 54.4 0 0 0 5.288 28h1.775a56 56 0 0 1 .588-7.7l.024-.184-.333-.788a10.7 10.7 0 0 0 2.5-3.887l.053.337 1.817 2.624.71-.268a11.8 11.8 0 0 1 3.603-.687 12.1 12.1 0 0 1 3.623.688l.708.266 1.814-2.624.072-.438a10.9 10.9 0 0 0 2.498 3.95l-.349.826.024.185a56.5 56.5 0 0 1 .593 7.7h1.757a55 55 0 0 0-.572-7.688L28 16.001v-.14c0-2.393-3.986-9.015-4.441-9.763L22.284 4 20.46 15.237l-.843 1.22a13.3 13.3 0 0 0-3.592-.575 13.2 13.2 0 0 0-3.578.575l-.842-1.22-.641-3.939.002-.019-.005-.001Zm-.98 5.013.374 2.29a14.9 14.9 0 0 1-2.538 6.335l-.805-1.905c.101-1.241 1.569-4.215 2.97-6.72Zm14.476 0c1.4 2.505 2.869 5.479 2.97 6.72l-.786 1.86a15.3 15.3 0 0 1-2.528-6.468Z'/></svg>",
+  "snyk": "<svg viewBox='0 0 32 32'><path fill='#607d8b' d='M25.338 20.622c-.337-.62.142-2.09.142-2.09-2.745-2.478-3.432-7.645-3.432-7.645-.512 1.628-1.626 6.428-1.626 6.428a16 16 0 0 0-4.38-.674h-.017q-.192 0-.38.007v11.351h10.323c.034-2.228-.63-7.377-.63-7.377M21.288 24h-3.205a4.2 4.2 0 0 1 2.926-1.409c1.695 0 .428 1.265.278 1.409Z'/><path fill='#90a4ae' d='M11.666 17.316s-1.115-4.8-1.627-6.43c0 .004-.687 5.169-3.432 7.646 0 0 .48 1.47.142 2.09 0 0-.665 5.15-.63 7.377H16V16.64a15.3 15.3 0 0 0-4.334.676M10.77 24c-.149-.144-1.416-1.409.278-1.409A4.2 4.2 0 0 1 13.975 24Z'/><path fill='#455a64' d='M21.555 25.209H18v.033a2.196 2.196 0 0 0 2.333 1.977 2.196 2.196 0 0 0 2.333-1.977v-.033Z'/><path fill='#fafafa' d='M18.888 25.209v.033a1.344 1.344 0 0 0 2.667 0v-.033Z'/><path fill='#37474f' d='M20.633 25.209h-.625l-.016.003c.077.015.12.17.103.272a.346.346 0 0 1-.351.27.56.56 0 0 0 .494.401.58.58 0 0 0 .668-.439c.033-.209-.081-.507-.273-.507'/><path fill='#455a64' d='M12.972 25.209H9.417v.033a2.196 2.196 0 0 0 2.333 1.977 2.196 2.196 0 0 0 2.334-1.977v-.033Z'/><path fill='#fafafa' d='M10.306 25.209v.033a1.26 1.26 0 0 0 1.333 1.176 1.26 1.26 0 0 0 1.333-1.176v-.033Z'/><path fill='#37474f' d='M12.051 25.209h-.626l-.016.003c.077.015.12.17.104.272a.346.346 0 0 1-.352.27.565.565 0 0 0 .494.401.58.58 0 0 0 .668-.439c.033-.209-.08-.507-.272-.507'/><path fill='#607d8b' d='m9.775 4-1.3 2.098C8.017 6.846 4 13.468 4 15.86V16l1.84 4.31A54.4 54.4 0 0 0 5.288 28h1.775a56 56 0 0 1 .588-7.7l.024-.184-.333-.788a10.7 10.7 0 0 0 2.5-3.887l.053.337 1.817 2.624.71-.268a11.8 11.8 0 0 1 3.603-.687 12.1 12.1 0 0 1 3.623.688l.708.266 1.814-2.624.072-.438a10.9 10.9 0 0 0 2.498 3.95l-.349.826.024.185a56.5 56.5 0 0 1 .593 7.7h1.757a55 55 0 0 0-.572-7.688L28 16.001v-.14c0-2.393-3.986-9.015-4.441-9.763L22.284 4 20.46 15.237l-.843 1.22a13.3 13.3 0 0 0-3.592-.575 13.2 13.2 0 0 0-3.578.575l-.842-1.22-.641-3.939.002-.019-.005-.001Zm-.98 5.013.374 2.29a14.9 14.9 0 0 1-2.538 6.335l-.805-1.905c.101-1.241 1.569-4.215 2.97-6.72Zm14.476 0c1.4 2.505 2.869 5.479 2.97 6.72l-.786 1.86a15.3 15.3 0 0 1-2.528-6.468Z'/></svg>",
   "solidity": "<svg viewBox='0 0 24 24'><g fill='#0288d1'><path d='m5.747 14.046 6.254 8.61 6.252-8.61-6.254 3.807z'/><path d='M11.999 1.343 5.747 11.83l6.252 3.807 6.253-3.807z'/></g></svg>",
   "sonarcloud": "<svg viewBox='0 0 24 24'><path fill='#ef6c00' d='M11.985 2.949c-3.269 0-5.909 2.745-5.936 6.12-2.332.834-4.022 3.116-4.022 5.813 0 3.392 2.663 6.169 5.948 6.169 1.513-.003 2.943-.625 4.025-1.675 1.081 1.052 2.513 1.673 4.026 1.675 3.278 0 5.947-2.77 5.947-6.17v-.001c0-1.145-.314-2.26-.891-3.237a8.3 8.3 0 0 0-1.192-1.379l-.089-.081a5 5 0 0 0-.163-.14l-.02-.016-.037-.03a5.7 5.7 0 0 0-1.666-.945c-.036-3.36-2.669-6.103-5.93-6.103m.007 1.937c2.242 0 4.072 1.894 4.072 4.238v.002a4.32 4.32 0 0 1-1.717 3.46h-.002a.985.985 0 0 0-.218 1.33l.002.002c.179.262.47.41.766.41a.9.9 0 0 0 .546-.182c1.04-.78 1.769-1.882 2.16-3.115a4.24 4.24 0 0 1 2.51 3.855c-.006 2.337-1.836 4.234-4.085 4.234-2.24 0-4.07-1.895-4.071-4.238v-.002a.954.954 0 0 0-.932-.964h-.007a.95.95 0 0 0-.936.966v.002c0 1.08.317 2.077.788 2.961a3.97 3.97 0 0 1-2.894 1.28c-2.242 0-4.075-1.897-4.075-4.24 0-2.341 1.833-4.238 4.075-4.238.487 0 .957.09 1.412.258l.007.004.016.004.005.002.008.004c.07.025.154.061.23.098.08.04.156.09.155.09a.913.913 0 0 0 1.32-.11.98.98 0 0 0-.102-1.347l-.002-.002c-.362-.318-.864-.504-.994-.552h-.002a5.8 5.8 0 0 0-2.047-.374h-.01c.206-2.15 1.91-3.836 4.023-3.836z'/></svg>",
   "spwn": "<svg viewBox='0 0 24 24'><g transform='translate(13.512 10.42)scale(.06153)'><circle cx='30.125' cy='-29' r='110.12' fill='#e040fb'/><circle cx='-79.266' cy='80.375' r='110.12' fill='#00bfa5'/><path fill='#f5f5f5' d='m30.875-29.75-55.437-.001-55.437.001 27.624 27.624-57.45 57.45 56.063 56.063 57.45-57.45 27.188 27.188V25.686z' data-mit-no-recolor='true'/></g></svg>",
@@ -958,8 +1005,9 @@
   "stencil": "<svg viewBox='0 0 32 32'><path fill='#448aff' d='m8 12-6 8h22l6-8zm6.5-8L10 10h11l4.5-6zm3 24 4.5-6H11l-4.5 6z'/></svg>",
   "stitches": "<svg viewBox='0 0 64 64'><g fill='#cfd8dc' clip-rule='evenodd'><path d='M32 8.812C19.193 8.812 8.81 19.193 8.81 32S19.193 55.189 32 55.189 55.188 44.807 55.188 32 44.807 8.812 32 8.812M5.27 32C5.27 17.238 17.239 5.27 32 5.27S58.73 17.239 58.73 32 46.761 58.73 32 58.73 5.27 46.761 5.27 32'/><path d='M57.179 37.624 24.384 56.558l-.886-1.533L56.294 36.09zM40.826 9.3 8.031 28.236l-.885-1.533L39.941 7.767zm6.527 25.024a.887.887 0 0 1-.324 1.21L17.214 52.747a.885.885 0 0 1-.885-1.534L46.143 34a.885.885 0 0 1 1.21.324m.967-22.422c.245.424.1.965-.323 1.21L18.183 30.325a.885.885 0 0 1-.886-1.534l29.814-17.213a.885.885 0 0 1 1.21.324z'/><path d='M23.944 25.844a.885.885 0 0 1 1.239-.184L41.15 37.499a.885.885 0 1 1-1.054 1.422L24.128 27.08a.885.885 0 0 1-.184-1.238zm5.963-3.442a.885.885 0 0 1 1.238-.184l15.967 11.838a.885.885 0 0 1-1.054 1.422L30.09 23.64a.885.885 0 0 1-.183-1.239zM17.02 29.043a.885.885 0 0 1 1.235-.205l16.92 12.094a.885.885 0 1 1-1.03 1.44l-16.92-12.094a.885.885 0 0 1-.205-1.235'/></g></svg>",
   "stitches_light": "<svg viewBox='0 0 64 64'><g fill='#546e7a' clip-rule='evenodd'><path d='M32 8.812C19.193 8.812 8.81 19.193 8.81 32S19.193 55.189 32 55.189 55.188 44.807 55.188 32 44.807 8.812 32 8.812M5.27 32C5.27 17.238 17.239 5.27 32 5.27S58.73 17.239 58.73 32 46.761 58.73 32 58.73 5.27 46.761 5.27 32'/><path d='M57.179 37.624 24.384 56.558l-.886-1.533L56.294 36.09zM40.826 9.3 8.031 28.236l-.885-1.533L39.941 7.767zm6.527 25.024a.887.887 0 0 1-.324 1.21L17.214 52.747a.885.885 0 0 1-.885-1.534L46.143 34a.885.885 0 0 1 1.21.324m.967-22.422c.245.424.1.965-.323 1.21L18.183 30.325a.885.885 0 0 1-.886-1.534l29.814-17.213a.885.885 0 0 1 1.21.324z'/><path d='M23.944 25.844a.885.885 0 0 1 1.239-.184L41.15 37.499a.885.885 0 1 1-1.054 1.422L24.128 27.08a.885.885 0 0 1-.184-1.238zm5.963-3.442a.885.885 0 0 1 1.238-.184l15.967 11.838a.885.885 0 0 1-1.054 1.422L30.09 23.64a.885.885 0 0 1-.183-1.239zM17.02 29.043a.885.885 0 0 1 1.235-.205l16.92 12.094a.885.885 0 1 1-1.03 1.44l-16.92-12.094a.885.885 0 0 1-.205-1.235'/></g></svg>",
-  "storybook": "<svg viewBox='0 0 32 32'><path fill='#ff4081' d='m24.95 28.948-18-.9a1 1 0 0 1-.95-1V6.906a1 1 0 0 1 .9-.995l18-1.905A1 1 0 0 1 26 5v22.949a1 1 0 0 1-1.05.998Z'/><path fill='#FAFAFA' d='m20 8.52.19-4.242 3.649-.275.16 4.37a.28.28 0 0 1-.276.283.3.3 0 0 1-.188-.063L22.123 7.52l-1.668 1.23a.29.29 0 0 1-.398-.055A.27.27 0 0 1 20 8.52m-2.128 6.647c0 .487 3.448.25 3.912-.094 0-3.324-1.87-5.073-5.298-5.073-3.421 0-5.345 1.774-5.345 4.436 0 4.642 6.561 4.735 6.561 7.266a1.022 1.022 0 0 1-1.164 1.13c-1.047 0-1.459-.512-1.413-2.242 0-.375-3.984-.494-4.101 0-.308 4.198 2.426 5.41 5.56 5.41C19.619 26 22 24.45 22 21.658c0-4.973-6.653-4.842-6.653-7.31a1.08 1.08 0 0 1 1.243-1.13c.478 0 1.354.08 1.282 1.949'/></svg>",
+  "storybook": "<svg viewBox='0 0 32 32'><path fill='#ff4081' d='m24.95 28.948-18-.9a1 1 0 0 1-.95-1V6.906a1 1 0 0 1 .9-.995l18-1.905A1 1 0 0 1 26 5v22.949a1 1 0 0 1-1.05.998Z'/><path fill='#fafafa' d='m20 8.52.19-4.242 3.649-.275.16 4.37a.28.28 0 0 1-.276.283.3.3 0 0 1-.188-.063L22.123 7.52l-1.668 1.23a.29.29 0 0 1-.398-.055A.27.27 0 0 1 20 8.52m-2.128 6.647c0 .487 3.448.25 3.912-.094 0-3.324-1.87-5.073-5.298-5.073-3.421 0-5.345 1.774-5.345 4.436 0 4.642 6.561 4.735 6.561 7.266a1.022 1.022 0 0 1-1.164 1.13c-1.047 0-1.459-.512-1.413-2.242 0-.375-3.984-.494-4.101 0-.308 4.198 2.426 5.41 5.56 5.41C19.619 26 22 24.45 22 21.658c0-4.973-6.653-4.842-6.653-7.31a1.08 1.08 0 0 1 1.243-1.13c.478 0 1.354.08 1.282 1.949'/></svg>",
   "stryker": "<svg viewBox='0 0 24 24'><g fill='#ef5350'><path d='M11.095 2.498v1.404a8.14 8.14 0 0 0-7.194 7.193H2.499v1.81h1.404a8.14 8.14 0 0 0 7.193 7.194v1.403h1.81v-1.403a8.14 8.14 0 0 0 7.193-7.194h1.404v-1.81h-1.404a8.14 8.14 0 0 0-7.193-7.193V2.498zm0 3.231v1.294h1.81V5.729a6.315 6.315 0 0 1 5.366 5.366h-1.294v1.81h1.294a6.315 6.315 0 0 1-5.366 5.366v-1.294h-1.81v1.294a6.315 6.315 0 0 1-5.366-5.366h1.294v-1.81H5.729a6.315 6.315 0 0 1 5.366-5.366' style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-east-asian:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;font-variation-settings:normal;inline-size:0;isolation:auto;mix-blend-mode:normal;shape-margin:0;shape-padding:0;text-decoration-color:#000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/><path d='M10.945 2.348V3.79a8.26 8.26 0 0 0-7.154 7.154H2.347v2.11h1.444a8.26 8.26 0 0 0 7.154 7.154v1.443h2.11V20.21a8.26 8.26 0 0 0 7.154-7.154h1.443v-2.11H20.21a8.26 8.26 0 0 0-7.155-7.154V2.348zm.299.3h1.512v1.39l.132.013a7.99 7.99 0 0 1 7.06 7.06l.015.133h1.388v1.512h-1.388l-.014.133a7.99 7.99 0 0 1-7.06 7.06l-.133.014v1.389h-1.512v-1.39l-.133-.013a7.99 7.99 0 0 1-7.06-7.06l-.014-.133H2.648v-1.512h1.389l.014-.133a7.99 7.99 0 0 1 7.06-7.06l.133-.014zm0 2.909-.17.023a6.466 6.466 0 0 0-5.494 5.494l-.024.17h1.317v1.512H5.556l.024.17a6.466 6.466 0 0 0 5.494 5.494l.17.023v-1.316h1.512v1.316l.17-.023a6.466 6.466 0 0 0 5.494-5.494l.023-.17h-1.316v-1.512h1.316l-.023-.17a6.466 6.466 0 0 0-5.495-5.494l-.17-.023v1.316h-1.511zm-.299.373v1.244h2.11V5.93a6.13 6.13 0 0 1 5.015 5.015h-1.244v2.11h1.244a6.13 6.13 0 0 1-5.016 5.015v-1.244h-2.109v1.244a6.13 6.13 0 0 1-5.016-5.015h1.244v-2.11H5.93a6.13 6.13 0 0 1 5.016-5.015z'/></g></svg>",
+  "sty.clone": "<svg viewBox='0 0 1024 1024'><path fill='#b388ff' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
   "stylable": "<svg viewBox='0 0 30 30'><g stroke-width='.247'><path fill='#66bb6a' d='M10.942 3.615c-1.944.827-6.386 5.085-6.401 8.44.026 3.467 4.457 7.612 6.401 8.439.446.19 1.137.451 1.868.451.666 0 1.23-.328 1.803-1.019.965-1.16.85-2.828-.436-3.775-1.539-1.133-2.798-2.149-2.824-4.097.026-1.947 1.285-3.307 2.824-4.44 1.285-.946 1.536-2.382.571-3.543-.574-.69-1.272-.908-1.938-.908-.73 0-1.422.262-1.868.452'/><path fill='#01579b' d='M12.711 8.934q-.532.61-.984 1.23c-.502.64-.934 1.314-1.284 1.992l-.004.004-.015.032-.026.052c-.44.874-.746 1.754-.892 2.582l-.002.01c-.568 2.648.237 4.923 2.625 6.025.944.329 1.753-.052 2.49-.89.853-.97.958-2.896-.38-3.82-1.878-1.296-2.836-2.532-2.825-4.116.011-1.57.887-2.627 1.297-3.101'/><path fill='#ff1744' d='M17.23 26.837c-.663 0-1.358-.218-1.929-.908-.96-1.16-.709-2.595.57-3.541 1.531-1.132 2.783-2.49 2.809-4.437-.026-1.947-1.28-3.24-2.809-4.377-1.13-.84-1.53-2.442-.57-3.602.571-.69 1.266-.908 1.93-.908.726 0 1.414.262 1.858.452 1.934.826 6.336 4.958 6.37 8.435-.01 3.277-4.436 7.608-6.37 8.435-.444.189-1.132.451-1.859.451'/><path fill='#b71c1c' d='M17.219 9.02c-.717-.011-1.419.324-1.975.953-.857.97-.713 2.711.633 3.636 1.887 1.296 2.787 2.782 2.776 4.366-.013 1.795-1.161 2.919-1.448 3.269a8.7 8.7 0 0 0 1.7-1.656 1.3 1.3 0 0 1-.106.172 8.3 8.3 0 0 0 1.248-2.026c.026-.056.058-.128.09-.207l.025-.06a9.3 9.3 0 0 0 .516-1.75c.135-.655.207-1.352.119-1.936q-.007-.089-.016-.176c-.158-1.946-1.09-3.65-2.845-4.457a2.3 2.3 0 0 0-.717-.128' style='mix-blend-mode:multiply'/></g></svg>",
   "stylelint": "<svg viewBox='0 0 412 395'><g fill='#cfd8dc' transform='translate(31.478 29.499)scale(.84775)'><path d='M208.8 393.05c45.057-161.12 43.75-161.85 76.32-276.73l7.832 4.523c4.255 2.458 7.738.448 7.738-4.455V61.602c8.643-30.27 15.416-53.66 17.4-60.693h35.287l58.618 54.304-38.498 33.27 29.11 31.473-191.86 273.09c-.938 1.542-2.244 1.19-1.947 0zm20.96-347.28c1.733 0 3.148.958 3.148 2.147v28.077c0 1.186-1.415 2.15-3.147 2.15h-47.396c-1.742 0-3.153-.96-3.153-2.15V47.917c0-1.185 1.41-2.147 3.153-2.147h47.396z'/><path d='m288.26 14.688-52.14 30.1c.605.92.973 1.98.973 3.136v28.078c0 1.457-.565 2.77-1.496 3.83l52.663 30.402c3.59 2.073 6.535.377 6.535-3.764V18.456c0-4.145-2.944-5.836-6.535-3.768M175.02 76V47.923c0-1.15.368-2.21.966-3.13l-52.14-30.105c-3.588-2.068-6.53-.376-6.53 3.768v88.013c0 4.14 2.938 5.84 6.53 3.76l52.66-30.405c-.926-1.06-1.487-2.37-1.487-3.827z'/><path d='M201.25 393.05h1.947c-45.05-161.12-43.753-161.85-76.32-276.73l-7.833 4.523c-4.253 2.458-7.737.448-7.737-4.455V61.602C102.662 31.332 95.892 7.942 93.902.909H58.619L.002 55.213l38.494 33.27-29.11 31.473z'/><circle cx='204.57' cy='122.54' r='14.231'/><circle cx='204.57' cy='207.16' r='14.231'/><circle cx='204.57' cy='291.78' r='14.23'/></g></svg>",
   "stylelint_light": "<svg viewBox='0 0 412 395'><g fill='#546e7a' transform='translate(31.478 29.499)scale(.84775)'><path d='M208.8 393.05c45.057-161.12 43.75-161.85 76.32-276.73l7.832 4.523c4.255 2.458 7.738.448 7.738-4.455V61.602c8.643-30.27 15.416-53.66 17.4-60.693h35.287l58.618 54.304-38.498 33.27 29.11 31.473-191.86 273.09c-.938 1.542-2.244 1.19-1.947 0zm20.96-347.28c1.733 0 3.148.958 3.148 2.147v28.077c0 1.186-1.415 2.15-3.147 2.15h-47.396c-1.742 0-3.153-.96-3.153-2.15V47.917c0-1.185 1.41-2.147 3.153-2.147h47.396z'/><path d='m288.26 14.688-52.14 30.1c.605.92.973 1.98.973 3.136v28.078c0 1.457-.565 2.77-1.496 3.83l52.663 30.402c3.59 2.073 6.535.377 6.535-3.764V18.456c0-4.145-2.944-5.836-6.535-3.768M175.02 76V47.923c0-1.15.368-2.21.966-3.13l-52.14-30.105c-3.588-2.068-6.53-.376-6.53 3.768v88.013c0 4.14 2.938 5.84 6.53 3.76l52.66-30.405c-.926-1.06-1.487-2.37-1.487-3.827z'/><path d='M201.25 393.05h1.947c-45.05-161.12-43.753-161.85-76.32-276.73l-7.833 4.523c-4.253 2.458-7.737.448-7.737-4.455V61.602C102.662 31.332 95.892 7.942 93.902.909H58.619L.002 55.213l38.494 33.27-29.11 31.473z'/><circle cx='204.57' cy='122.54' r='14.231'/><circle cx='204.57' cy='207.16' r='14.231'/><circle cx='204.57' cy='291.78' r='14.23'/></g></svg>",
@@ -968,24 +1016,24 @@
   "subtitles": "<svg fill='#ff9800' viewBox='0 0 32 32'><path d='M4.625 26q-1.083 0-1.854-.735C2 24.53 2 24.187 2 23.5V8.49q0-1.032.771-1.76A2.6 2.6 0 0 1 4.625 6h22.75q1.083 0 1.854.735C30 7.47 30 7.813 30 8.5v15.01q0 1.032-.771 1.76a2.6 2.6 0 0 1-1.854.73zM6 22h13v-4H6zm15 0h5v-4h-5zM6 16h5v-4H6zm7 0h13v-4H13z'/></svg>",
   "supabase": "<svg viewBox='0 0 32 32'><path fill='#66bb6a' d='M29.92 12H16V2.85a1 1 0 0 0-1.78-.624L1.3 18.376A1 1 0 0 0 2.08 20H16v9.15a1 1 0 0 0 1.78.624l12.92-16.15A1 1 0 0 0 29.92 12'/></svg>",
   "svelte": "<svg viewBox='0 0 300 300'><path fill='#ff5722' d='M175.94 24.328c-13.037.252-26.009 3.872-37.471 11.174L79.912 72.818a67.13 67.13 0 0 0-30.355 44.906 70.8 70.8 0 0 0 6.959 45.445 67.2 67.2 0 0 0-10.035 25.102 71.54 71.54 0 0 0 12.236 54.156c23.351 33.41 69.468 43.311 102.81 22.07l58.559-37.158a67.36 67.36 0 0 0 30.355-44.906 70.77 70.77 0 0 0-6.982-45.422 67.65 67.65 0 0 0 10.059-25.102 71.63 71.63 0 0 0-12.236-54.156v-.18c-15.324-21.925-40.453-33.727-65.342-33.246zm5.137 28.68a46.5 46.5 0 0 1 36.09 19.969 42.98 42.98 0 0 1 7.365 32.557 45 45 0 0 1-1.393 5.455l-1.123 3.37-2.986-2.247a75.9 75.9 0 0 0-22.902-11.45l-2.244-.651.201-2.246a13.16 13.16 0 0 0-2.379-8.711 13.99 13.99 0 0 0-14.953-5.412 12.8 12.8 0 0 0-3.594 1.572l-58.578 37.25a12.24 12.24 0 0 0-5.502 8.15 13.1 13.1 0 0 0 2.246 9.834 14.03 14.03 0 0 0 14.93 5.569 13.5 13.5 0 0 0 3.594-1.573l22.453-14.234a41.8 41.8 0 0 1 11.898-5.232 46.48 46.48 0 0 1 49.914 18.502 43.02 43.02 0 0 1 7.363 32.557 40.42 40.42 0 0 1-18.254 27.078l-58.58 37.316a43 43 0 0 1-11.898 5.23A46.545 46.545 0 0 1 82.81 227.14a42.98 42.98 0 0 1-7.341-32.557 38 38 0 0 1 1.39-5.41l1.102-3.37 3.008 2.246a75.9 75.9 0 0 0 22.836 11.361l2.244.65-.201 2.247a13.25 13.25 0 0 0 2.447 8.644 14.03 14.03 0 0 0 15.043 5.569 13.1 13.1 0 0 0 3.592-1.573l58.467-37.316a12.17 12.17 0 0 0 5.502-8.173 12.96 12.96 0 0 0-2.246-9.811 14.03 14.03 0 0 0-15.043-5.568 12.8 12.8 0 0 0-3.592 1.57l-22.453 14.258a42.9 42.9 0 0 1-11.877 5.209 46.52 46.52 0 0 1-49.846-18.5 43.02 43.02 0 0 1-7.297-32.557A40.42 40.42 0 0 1 96.798 96.98l58.646-37.316a42.8 42.8 0 0 1 11.811-5.21 46.5 46.5 0 0 1 13.822-1.444z'/></svg>",
-  "svelte_js.clone": "<svg viewBox='0 0 300 300'><path fill='#FFCA28' d='M175.94 24.328c-13.037.252-26.009 3.872-37.471 11.174L79.912 72.818a67.13 67.13 0 0 0-30.355 44.906 70.8 70.8 0 0 0 6.959 45.445 67.2 67.2 0 0 0-10.035 25.102 71.54 71.54 0 0 0 12.236 54.156c23.351 33.41 69.468 43.311 102.81 22.07l58.559-37.158a67.36 67.36 0 0 0 30.355-44.906 70.77 70.77 0 0 0-6.982-45.422 67.65 67.65 0 0 0 10.059-25.102 71.63 71.63 0 0 0-12.236-54.156v-.18c-15.324-21.925-40.453-33.727-65.342-33.246zm5.137 28.68a46.5 46.5 0 0 1 36.09 19.969 42.98 42.98 0 0 1 7.365 32.557 45 45 0 0 1-1.393 5.455l-1.123 3.37-2.986-2.247a75.9 75.9 0 0 0-22.902-11.45l-2.244-.651.201-2.246a13.16 13.16 0 0 0-2.379-8.711 13.99 13.99 0 0 0-14.953-5.412 12.8 12.8 0 0 0-3.594 1.572l-58.578 37.25a12.24 12.24 0 0 0-5.502 8.15 13.1 13.1 0 0 0 2.246 9.834 14.03 14.03 0 0 0 14.93 5.569 13.5 13.5 0 0 0 3.594-1.573l22.453-14.234a41.8 41.8 0 0 1 11.898-5.232 46.48 46.48 0 0 1 49.914 18.502 43.02 43.02 0 0 1 7.363 32.557 40.42 40.42 0 0 1-18.254 27.078l-58.58 37.316a43 43 0 0 1-11.898 5.23A46.545 46.545 0 0 1 82.81 227.14a42.98 42.98 0 0 1-7.341-32.557 38 38 0 0 1 1.39-5.41l1.102-3.37 3.008 2.246a75.9 75.9 0 0 0 22.836 11.361l2.244.65-.201 2.247a13.25 13.25 0 0 0 2.447 8.644 14.03 14.03 0 0 0 15.043 5.569 13.1 13.1 0 0 0 3.592-1.573l58.467-37.316a12.17 12.17 0 0 0 5.502-8.173 12.96 12.96 0 0 0-2.246-9.811 14.03 14.03 0 0 0-15.043-5.568 12.8 12.8 0 0 0-3.592 1.57l-22.453 14.258a42.9 42.9 0 0 1-11.877 5.209 46.52 46.52 0 0 1-49.846-18.5 43.02 43.02 0 0 1-7.297-32.557A40.42 40.42 0 0 1 96.798 96.98l58.646-37.316a42.8 42.8 0 0 1 11.811-5.21 46.5 46.5 0 0 1 13.822-1.444z'/></svg>",
-  "svelte_ts.clone": "<svg viewBox='0 0 300 300'><path fill='#0288D1' d='M175.94 24.328c-13.037.252-26.009 3.872-37.471 11.174L79.912 72.818a67.13 67.13 0 0 0-30.355 44.906 70.8 70.8 0 0 0 6.959 45.445 67.2 67.2 0 0 0-10.035 25.102 71.54 71.54 0 0 0 12.236 54.156c23.351 33.41 69.468 43.311 102.81 22.07l58.559-37.158a67.36 67.36 0 0 0 30.355-44.906 70.77 70.77 0 0 0-6.982-45.422 67.65 67.65 0 0 0 10.059-25.102 71.63 71.63 0 0 0-12.236-54.156v-.18c-15.324-21.925-40.453-33.727-65.342-33.246zm5.137 28.68a46.5 46.5 0 0 1 36.09 19.969 42.98 42.98 0 0 1 7.365 32.557 45 45 0 0 1-1.393 5.455l-1.123 3.37-2.986-2.247a75.9 75.9 0 0 0-22.902-11.45l-2.244-.651.201-2.246a13.16 13.16 0 0 0-2.379-8.711 13.99 13.99 0 0 0-14.953-5.412 12.8 12.8 0 0 0-3.594 1.572l-58.578 37.25a12.24 12.24 0 0 0-5.502 8.15 13.1 13.1 0 0 0 2.246 9.834 14.03 14.03 0 0 0 14.93 5.569 13.5 13.5 0 0 0 3.594-1.573l22.453-14.234a41.8 41.8 0 0 1 11.898-5.232 46.48 46.48 0 0 1 49.914 18.502 43.02 43.02 0 0 1 7.363 32.557 40.42 40.42 0 0 1-18.254 27.078l-58.58 37.316a43 43 0 0 1-11.898 5.23A46.545 46.545 0 0 1 82.81 227.14a42.98 42.98 0 0 1-7.341-32.557 38 38 0 0 1 1.39-5.41l1.102-3.37 3.008 2.246a75.9 75.9 0 0 0 22.836 11.361l2.244.65-.201 2.247a13.25 13.25 0 0 0 2.447 8.644 14.03 14.03 0 0 0 15.043 5.569 13.1 13.1 0 0 0 3.592-1.573l58.467-37.316a12.17 12.17 0 0 0 5.502-8.173 12.96 12.96 0 0 0-2.246-9.811 14.03 14.03 0 0 0-15.043-5.568 12.8 12.8 0 0 0-3.592 1.57l-22.453 14.258a42.9 42.9 0 0 1-11.877 5.209 46.52 46.52 0 0 1-49.846-18.5 43.02 43.02 0 0 1-7.297-32.557A40.42 40.42 0 0 1 96.798 96.98l58.646-37.316a42.8 42.8 0 0 1 11.811-5.21 46.5 46.5 0 0 1 13.822-1.444z'/></svg>",
+  "svelte_js.clone": "<svg viewBox='0 0 300 300'><path fill='#ffca28' d='M175.94 24.328c-13.037.252-26.009 3.872-37.471 11.174L79.912 72.818a67.13 67.13 0 0 0-30.355 44.906 70.8 70.8 0 0 0 6.959 45.445 67.2 67.2 0 0 0-10.035 25.102 71.54 71.54 0 0 0 12.236 54.156c23.351 33.41 69.468 43.311 102.81 22.07l58.559-37.158a67.36 67.36 0 0 0 30.355-44.906 70.77 70.77 0 0 0-6.982-45.422 67.65 67.65 0 0 0 10.059-25.102 71.63 71.63 0 0 0-12.236-54.156v-.18c-15.324-21.925-40.453-33.727-65.342-33.246zm5.137 28.68a46.5 46.5 0 0 1 36.09 19.969 42.98 42.98 0 0 1 7.365 32.557 45 45 0 0 1-1.393 5.455l-1.123 3.37-2.986-2.247a75.9 75.9 0 0 0-22.902-11.45l-2.244-.651.201-2.246a13.16 13.16 0 0 0-2.379-8.711 13.99 13.99 0 0 0-14.953-5.412 12.8 12.8 0 0 0-3.594 1.572l-58.578 37.25a12.24 12.24 0 0 0-5.502 8.15 13.1 13.1 0 0 0 2.246 9.834 14.03 14.03 0 0 0 14.93 5.569 13.5 13.5 0 0 0 3.594-1.573l22.453-14.234a41.8 41.8 0 0 1 11.898-5.232 46.48 46.48 0 0 1 49.914 18.502 43.02 43.02 0 0 1 7.363 32.557 40.42 40.42 0 0 1-18.254 27.078l-58.58 37.316a43 43 0 0 1-11.898 5.23A46.545 46.545 0 0 1 82.81 227.14a42.98 42.98 0 0 1-7.341-32.557 38 38 0 0 1 1.39-5.41l1.102-3.37 3.008 2.246a75.9 75.9 0 0 0 22.836 11.361l2.244.65-.201 2.247a13.25 13.25 0 0 0 2.447 8.644 14.03 14.03 0 0 0 15.043 5.569 13.1 13.1 0 0 0 3.592-1.573l58.467-37.316a12.17 12.17 0 0 0 5.502-8.173 12.96 12.96 0 0 0-2.246-9.811 14.03 14.03 0 0 0-15.043-5.568 12.8 12.8 0 0 0-3.592 1.57l-22.453 14.258a42.9 42.9 0 0 1-11.877 5.209 46.52 46.52 0 0 1-49.846-18.5 43.02 43.02 0 0 1-7.297-32.557A40.42 40.42 0 0 1 96.798 96.98l58.646-37.316a42.8 42.8 0 0 1 11.811-5.21 46.5 46.5 0 0 1 13.822-1.444z'/></svg>",
+  "svelte_ts.clone": "<svg viewBox='0 0 300 300'><path fill='#0288d1' d='M175.94 24.328c-13.037.252-26.009 3.872-37.471 11.174L79.912 72.818a67.13 67.13 0 0 0-30.355 44.906 70.8 70.8 0 0 0 6.959 45.445 67.2 67.2 0 0 0-10.035 25.102 71.54 71.54 0 0 0 12.236 54.156c23.351 33.41 69.468 43.311 102.81 22.07l58.559-37.158a67.36 67.36 0 0 0 30.355-44.906 70.77 70.77 0 0 0-6.982-45.422 67.65 67.65 0 0 0 10.059-25.102 71.63 71.63 0 0 0-12.236-54.156v-.18c-15.324-21.925-40.453-33.727-65.342-33.246zm5.137 28.68a46.5 46.5 0 0 1 36.09 19.969 42.98 42.98 0 0 1 7.365 32.557 45 45 0 0 1-1.393 5.455l-1.123 3.37-2.986-2.247a75.9 75.9 0 0 0-22.902-11.45l-2.244-.651.201-2.246a13.16 13.16 0 0 0-2.379-8.711 13.99 13.99 0 0 0-14.953-5.412 12.8 12.8 0 0 0-3.594 1.572l-58.578 37.25a12.24 12.24 0 0 0-5.502 8.15 13.1 13.1 0 0 0 2.246 9.834 14.03 14.03 0 0 0 14.93 5.569 13.5 13.5 0 0 0 3.594-1.573l22.453-14.234a41.8 41.8 0 0 1 11.898-5.232 46.48 46.48 0 0 1 49.914 18.502 43.02 43.02 0 0 1 7.363 32.557 40.42 40.42 0 0 1-18.254 27.078l-58.58 37.316a43 43 0 0 1-11.898 5.23A46.545 46.545 0 0 1 82.81 227.14a42.98 42.98 0 0 1-7.341-32.557 38 38 0 0 1 1.39-5.41l1.102-3.37 3.008 2.246a75.9 75.9 0 0 0 22.836 11.361l2.244.65-.201 2.247a13.25 13.25 0 0 0 2.447 8.644 14.03 14.03 0 0 0 15.043 5.569 13.1 13.1 0 0 0 3.592-1.573l58.467-37.316a12.17 12.17 0 0 0 5.502-8.173 12.96 12.96 0 0 0-2.246-9.811 14.03 14.03 0 0 0-15.043-5.568 12.8 12.8 0 0 0-3.592 1.57l-22.453 14.258a42.9 42.9 0 0 1-11.877 5.209 46.52 46.52 0 0 1-49.846-18.5 43.02 43.02 0 0 1-7.297-32.557A40.42 40.42 0 0 1 96.798 96.98l58.646-37.316a42.8 42.8 0 0 1 11.811-5.21 46.5 46.5 0 0 1 13.822-1.444z'/></svg>",
   "svg": "<svg viewBox='0 0 32 32'><path fill='#ffb300' d='M29.168 14.03a2.7 2.7 0 0 0-1.968-.83 2.51 2.51 0 0 0-1.929.8h-4.443l3.078-3.078a2.835 2.835 0 0 0 2.857-2.842 2.6 2.6 0 0 0-.831-1.969 2.82 2.82 0 0 0-2.014-.788 2.67 2.67 0 0 0-1.968.788 2.36 2.36 0 0 0-.812 1.922L18 11.17V6.726a2.51 2.51 0 0 0 .8-1.929 2.7 2.7 0 0 0-.832-1.968 2.745 2.745 0 0 0-3.936 0 2.7 2.7 0 0 0-.832 1.968 2.51 2.51 0 0 0 .8 1.93v4.443l-3.138-3.138a2.36 2.36 0 0 0-.812-1.922 2.66 2.66 0 0 0-1.968-.788 2.83 2.83 0 0 0-2.014.788 2.6 2.6 0 0 0-.831 1.969 2.74 2.74 0 0 0 .831 2.013 2.8 2.8 0 0 0 2.026.829l3.078 3.078H6.729a2.51 2.51 0 0 0-1.929-.8 2.7 2.7 0 0 0-1.968.831 2.745 2.745 0 0 0 0 3.937 2.7 2.7 0 0 0 1.968.832 2.51 2.51 0 0 0 1.929-.8h4.443l-3.078 3.077a2.835 2.835 0 0 0-2.857 2.842 2.6 2.6 0 0 0 .831 1.969 2.82 2.82 0 0 0 2.014.788 2.67 2.67 0 0 0 1.968-.788 2.36 2.36 0 0 0 .812-1.922L14 20.827v4.444a2.51 2.51 0 0 0-.8 1.929 2.784 2.784 0 0 0 4.768 1.968A2.7 2.7 0 0 0 18.8 27.2a2.51 2.51 0 0 0-.8-1.929v-4.444l3.138 3.138a2.36 2.36 0 0 0 .812 1.922 2.66 2.66 0 0 0 1.968.788 2.83 2.83 0 0 0 2.014-.788 2.6 2.6 0 0 0 .831-1.969 2.74 2.74 0 0 0-.831-2.013 2.8 2.8 0 0 0-2.026-.829L20.828 18h4.443a2.51 2.51 0 0 0 1.93.8 2.784 2.784 0 0 0 1.967-4.769Z'/></svg>",
   "svgo": "<svg viewBox='0 0 100 100'><path fill='#0288d1' d='M42.951 7.647c-.659 2.54-1.157 5.016-1.581 7.52a36.3 36.3 0 0 0-10.041 3.98c-2.023-1.43-4.084-2.814-6.268-4.084l-9.994 9.928a83 83 0 0 0 3.84 5.929 36.5 36.5 0 0 0-4.668 10.568c-2.202.395-4.385.847-6.587 1.43v14.107c2.051.546 4.084.97 6.135 1.336a36.4 36.4 0 0 0 4.527 11.5 70 70 0 0 0-3.237 5.091l9.985 9.985c1.693-.978 3.303-2.032 4.874-3.115a36.2 36.2 0 0 0 11.792 4.913 74 74 0 0 0 1.233 5.618h14.173c.499-1.92.904-3.84 1.261-5.75a36.5 36.5 0 0 0 11.443-4.988c1.694 1.148 3.388 2.259 5.138 3.303l9.976-9.994a82.09 82.081 0 0 0-3.548-5.486 36.5 36.5 0 0 0 4.235-11.011c2.24-.414 4.47-.857 6.71-1.45V42.908c-2.362-.63-4.725-1.11-7.143-1.515a36.8 36.8 0 0 0-4.357-10.069 86 86 0 0 0 4.14-6.342l-10.013-9.966c-2.268 1.336-4.423 2.776-6.53 4.281a36 36 0 0 0-9.76-4.027c-.423-2.541-.931-5.082-1.609-7.623zm6.7 16.544h.076a26.4 26.4 0 0 1 9.137 1.619c.669.244 1.318.508 1.967.846a26.8 26.8 0 0 1 12.855 12.545c.254.518.49 1.045.716 1.572a26.6 26.6 0 0 1 .498 18.925c-.103.301-.207.593-.32.847a26.85 26.85 0 0 1-13.947 14.653l-.178.122a26.73 26.73 0 0 1-20.986.198.1.1 0 0 0 0-.047A26.83 26.83 0 0 1 24.9 60.517l-.132-.358a26.66 26.66 0 0 1 .527-19.913c.15-.357.31-.715.49-1.063a26.9 26.9 0 0 1 13.456-12.846 26 26 0 0 1 1.779-.687 26.7 26.7 0 0 1 8.63-1.459zm8.686 6.474a3.68 3.68 0 0 0-3.52 4.894 3.6 3.6 0 0 0 .914 1.402l-3.388 5.873a7.44 7.44 0 0 0-3.341-.612 7.33 7.33 0 0 0-6.098 3.943l-7.265-2.851v-.076a3.388 3.388 0 1 0-.64 1.657l7.265 2.851a7.34 7.34 0 0 0 2.475 7.491l-3.388 5.289a4.4 4.4 0 0 0-1.92-.32 4.517 4.517 0 1 0 3.388 1.233l3.388-5.27a7.34 7.34 0 0 0 8.526-1.544l4.235 3.162a5.364 5.364 0 1 0 10.004 1.402 5.364 5.364 0 0 0-9.006-2.757L55.74 53.29a7.31 7.31 0 0 0-1.929-9.57l3.388-5.873a3.68 3.68 0 1 0 1.148-7.18z'/></svg>",
   "svgr": "<svg viewBox='0 0 32 32'><path fill='#ffb300' d='M16 12c7.444 0 12 2.59 12 4s-4.556 4-12 4-12-2.59-12-4 4.556-4 12-4m0-2c-7.732 0-14 2.686-14 6s6.268 6 14 6 14-2.686 14-6-6.268-6-14-6'/><path fill='#ffb300' d='M16 14a2 2 0 1 0 2 2 2 2 0 0 0-2-2'/><path fill='#ffb300' d='M10.458 5.507c2.017 0 5.937 3.177 9.006 8.493 3.722 6.447 3.757 11.687 2.536 12.392a.9.9 0 0 1-.457.1c-2.017 0-5.938-3.176-9.007-8.492C8.814 11.553 8.779 6.313 10 5.608a.9.9 0 0 1 .458-.1m-.001-2A2.87 2.87 0 0 0 9 3.875C6.13 5.532 6.938 12.304 10.804 19c3.284 5.69 7.72 9.493 10.74 9.493A2.87 2.87 0 0 0 23 28.124c2.87-1.656 2.062-8.428-1.804-15.124-3.284-5.69-7.72-9.493-10.74-9.493Z'/><path fill='#ffb300' d='M21.543 5.507a.9.9 0 0 1 .457.1c1.221.706 1.186 5.946-2.536 12.393-3.07 5.316-6.99 8.493-9.007 8.493a.9.9 0 0 1-.457-.1C8.779 25.686 8.814 20.446 12.536 14c3.07-5.316 6.99-8.493 9.007-8.493m0-2c-3.02 0-7.455 3.804-10.74 9.493C6.939 19.696 6.13 26.468 9 28.124a2.87 2.87 0 0 0 1.457.369c3.02 0 7.455-3.804 10.74-9.493C25.061 12.304 25.87 5.532 23 3.876a2.87 2.87 0 0 0-1.457-.369'/></svg>",
   "swagger": "<svg preserveAspectRatio='xMidYMid' viewBox='0 0 256 256'><path fill='#43a047' d='M128.963 17.002a112 112 0 0 0-11.422.51 110 110 0 0 0-11.09 1.642 110 110 0 0 0-25.906 8.668 111.6 111.6 0 0 0-14.024 8.022 113 113 0 0 0-16.535 13.564A113.3 113.3 0 0 0 33.41 70.29a112 112 0 0 0-7.43 14.26 110 110 0 0 0-5.318 15.305 108.7 108.7 0 0 0-3.66 27.277 112 112 0 0 0 .521 11.53 109.3 109.3 0 0 0 8.21 32.204A111.3 111.3 0 0 0 42.546 198.4a113 113 0 0 0 15.129 15.073c2.747 2.264 5.6 4.398 8.547 6.394a113 113 0 0 0 13.867 8.022 110.7 110.7 0 0 0 20.101 7.486 108.6 108.6 0 0 0 16.004 2.984c3.626.398 7.294.614 10.99.639a110 110 0 0 0 22.471-2.162c3.636-.733 7.21-1.646 10.713-2.729a111 111 0 0 0 24.781-11.146 113 113 0 0 0 21.174-16.555 113 113 0 0 0 7.252-7.924 112 112 0 0 0 12.086-17.744 110 110 0 0 0 4.717-9.697 108 108 0 0 0 3.75-10.166 106.8 106.8 0 0 0 4.37-21.498 107 107 0 0 0 .498-11.207 107.6 107.6 0 0 0-2.115-22.271 107.5 107.5 0 0 0-6.42-20.772 110 110 0 0 0-7.344-14.328c-1.854-3.048-3.853-6-5.985-8.85a113 113 0 0 0-18.336-19.263 113 113 0 0 0-17.631-12.008 112 112 0 0 0-9.635-4.713 110.5 110.5 0 0 0-15.302-5.305 109 109 0 0 0-27.266-3.658zm-39.49 45.004c1.55.014 3.15.049 4.847.049v14.09c-1.397.099-2.677.301-3.949.263-8.58-.263-9.024 2.661-9.65 9.764-.391 4.454.15 8.984-.155 13.453-.317 4.447-.912 8.87-1.78 13.244-1.239 6.339-5.135 11.054-10.536 15.055 10.484 6.822 11.677 17.423 12.357 28.187.367 5.785.199 11.61.786 17.366.457 4.467 2.195 5.608 6.808 5.744 1.902.056 3.806.013 6 .013v13.787c-13.635 2.306-24.867-1.566-27.623-13.091a76.5 76.5 0 0 1-1.736-12.887c-.293-4.592.215-9.235-.135-13.818-.97-12.612-2.604-16.918-14.707-17.514v-15.695a23 23 0 0 1 2.633-.454c6.635-.326 9.432-2.36 10.916-8.896a74.6 74.6 0 0 0 1.193-11.123c.526-7.217.34-14.55 1.543-21.65 1.738-10.268 8.112-15.257 18.64-15.815 1.499-.08 2.998-.086 4.548-.072m81.525.088c11.709.34 19.4 6.373 20.26 19.207.444 6.633.378 13.297.803 19.93a55 55 0 0 0 1.613 10.693c1.458 5.447 4.297 7.361 10.031 7.623.94.043 1.874.203 3.162.346v15.691q-1.046.344-2.137.512c-7.684.478-11.186 3.631-11.962 11.336-.496 4.918-.455 9.892-.795 14.828a126 126 0 0 1-1.477 16.18c-1.96 9.703-8.02 14.543-18.03 15.134-3.221.19-6.465.03-9.939.03v-14.026c1.87-.116 3.52-.275 5.174-.314 5.98-.143 8.096-2.072 8.389-8.012.324-6.525.464-13.057.756-19.584.423-9.434 3.008-17.862 11.797-23.746-5.03-3.585-9.068-7.928-10.114-13.783-1.265-7.098-1.672-14.35-2.353-21.547-.337-3.598-.32-7.228-.672-10.822-.379-3.881-3.044-5.224-6.576-5.311-2.024-.049-4.056-.01-6.643-.01V62.754c3.096-.514 6.011-.739 8.713-.66m-73.96 56.695h.161a9.08 9.08 0 0 1 8.928 9.227 8.884 8.884 0 0 1-9.396 8.852 9.045 9.045 0 1 1 .307-18.078zm31.235 0c5.483-.042 9.124 3.51 9.153 8.93.03 5.565-3.423 9.127-8.87 9.15-5.539.025-9.186-3.48-9.216-8.867a8.67 8.67 0 0 1 8.934-9.213zm31.807 0c5.045.025 9.52 4.29 9.248 9.168-.284 5.29-4.906 9.683-9.46 8.916h-.07a9.134 9.134 0 0 1-9.146-9.123 9.277 9.277 0 0 1 9.428-8.96z'/></svg>",
   "sway": "<svg viewBox='0 0 32 32'><path fill='#00e676' d='M4 6v22h19a2.4 2.4 157.5 0 0 1.707-.707l2.586-2.586A2.4 2.4 112.5 0 0 28 23V4H6a2 2 135 0 0-2 2'/><path fill='#263238' d='m18 8-6.69 7.244c-.171.186-.44.506-.656.633-.224.131-.457.157-.681.06-.23-.1-.432-.47-.517-.708-.602-1.696-1.04-3.489-1.415-5.268C7.814 8.88 8.543 8 9.647 8zm-8 15.436c-.8.855-1.997.755-2-.416V19c-.019-.47.53-.987 1-1h6zM16.045 16h-2.82L20 8.765c.373-.42 1.438-.76 2-.765h2l-6.486 7.33a2 2 0 0 1-1.469.67'/></svg>",
-  "swc": "<svg fill='none' viewBox='0 0 16 16'><path fill='#FFCA28' d='m2.327 5.5-.07.01a1 1 0 0 0-.15.023 1 1 0 0 0-.158.044l-.098.04a1.4 1.4 0 0 0-.564.456l-.07.096c-.052.07-.164.348-.185.461-.038.2-.042.421-.012.569.05.246.123.411.263.602.035.048.288.316.563.595.358.365.503.523.52.559a.266.266 0 0 1-.134.346c-.041.018-.14.022-.367.023-.145 0-.288.006-.317.012a.58.58 0 0 0-.453.552.6.6 0 0 0 .259.514c.117.082.202.097.55.097.26 0 .41-.007.52-.032l.064-.013c.106-.02.414-.165.465-.22a1.6 1.6 0 0 0 .318-.323 1.6 1.6 0 0 0 .264-.683c.01-.084.01-.298.001-.347-.003-.017-.011-.064-.02-.106a1.5 1.5 0 0 0-.266-.592c-.037-.048-.29-.314-.563-.593-.542-.554-.543-.554-.53-.673.022-.184.198-.29.359-.215.038.016.466.448 1.721 1.726.918.938 1.689 1.72 1.711 1.738q.065.052.134.098c.494.33 1.132.31 1.614-.046.076-.056.223-.206.282-.285l.041-.056.135.136c.119.119.15.149.206.194.007.005.045.033.087.06.467.316 1.124.31 1.593-.017.082-.057.11-.08.197-.166a1.5 1.5 0 0 0 .398-.778c.018-.091.02-.408.005-.485a1.6 1.6 0 0 0-.262-.618 12 12 0 0 0-.553-.588 20 20 0 0 1-.519-.54.3.3 0 0 1-.02-.23.3.3 0 0 1 .116-.14c.033-.019.078-.021.388-.025l.35-.003-.01.064c-.011.075-.01.358 0 .416l.014.078c.016.082.058.21.101.304.108.236.094.22 1.29 1.442a53 53 0 0 0 1.204 1.21c.201.16.384.243.634.289a1.6 1.6 0 0 0 .388.012 1.42 1.42 0 0 0 1.233-1.26c.029-.281-.042-.476-.222-.62a.56.56 0 0 0-.635-.04.6.6 0 0 0-.29.495c-.009.18-.144.286-.31.244-.056-.013-.098-.055-1.13-1.105-.59-.6-1.086-1.115-1.103-1.142a.27.27 0 0 1 .047-.315c.064-.062.103-.07.355-.07.283 0 .365-.017.487-.102a.592.592 0 0 0-.06-1.014c-.12-.063-.104-.062-1.425-.063-1.31 0-1.376.002-1.526.043l-.065.016a2 2 0 0 0-.223.09c-.156.08-.366.255-.478.396-.077.1-.18.297-.225.429-.146.433-.086.888.165 1.271.06.092.165.206.588.64.283.29.524.542.535.562.042.084.02.214-.05.291-.058.065-.095.079-.2.079-.077 0-.103-.005-.135-.026a167 167 0 0 1-1.826-1.845c-1.345-1.371-1.803-1.83-1.854-1.862a.58.58 0 0 0-.432-.067.61.61 0 0 0-.429.455.63.63 0 0 0 .092.449c.017.026.573.6 1.235 1.275 1.096 1.12 1.205 1.232 1.218 1.281a.28.28 0 0 1-.049.254c-.058.082-.212.114-.31.062-.022-.013-.803-.8-1.735-1.748-1.344-1.37-1.712-1.738-1.785-1.787a1.4 1.4 0 0 0-.775-.257c-.063 0-.116-.002-.117 0z'/></svg>",
-  "swift": "<svg viewBox='0 0 24 24'><path fill='#FF6E40' d='M17.087 19.721c-2.36 1.36-5.59 1.5-8.86.1a13.8 13.8 0 0 1-6.23-5.32c.67.55 1.46 1 2.3 1.4 3.37 1.57 6.73 1.46 9.1 0-3.37-2.59-6.24-5.96-8.37-8.71-.45-.45-.78-1.01-1.12-1.51 8.28 6.05 7.92 7.59 2.41-1.01 4.89 4.94 9.43 7.74 9.43 7.74.16.09.25.16.36.22.1-.25.19-.51.26-.78.79-2.85-.11-6.12-2.08-8.81 4.55 2.75 7.25 7.91 6.12 12.24-.03.11-.06.22-.05.39 2.24 2.83 1.64 5.78 1.35 5.22-1.21-2.39-3.48-1.65-4.62-1.17'/></svg>",
+  "swc": "<svg fill='none' viewBox='0 0 16 16'><path fill='#ffca28' d='m2.327 5.5-.07.01a1 1 0 0 0-.15.023 1 1 0 0 0-.158.044l-.098.04a1.4 1.4 0 0 0-.564.456l-.07.096c-.052.07-.164.348-.185.461-.038.2-.042.421-.012.569.05.246.123.411.263.602.035.048.288.316.563.595.358.365.503.523.52.559a.266.266 0 0 1-.134.346c-.041.018-.14.022-.367.023-.145 0-.288.006-.317.012a.58.58 0 0 0-.453.552.6.6 0 0 0 .259.514c.117.082.202.097.55.097.26 0 .41-.007.52-.032l.064-.013c.106-.02.414-.165.465-.22a1.6 1.6 0 0 0 .318-.323 1.6 1.6 0 0 0 .264-.683c.01-.084.01-.298.001-.347-.003-.017-.011-.064-.02-.106a1.5 1.5 0 0 0-.266-.592c-.037-.048-.29-.314-.563-.593-.542-.554-.543-.554-.53-.673.022-.184.198-.29.359-.215.038.016.466.448 1.721 1.726.918.938 1.689 1.72 1.711 1.738q.065.052.134.098c.494.33 1.132.31 1.614-.046.076-.056.223-.206.282-.285l.041-.056.135.136c.119.119.15.149.206.194.007.005.045.033.087.06.467.316 1.124.31 1.593-.017.082-.057.11-.08.197-.166a1.5 1.5 0 0 0 .398-.778c.018-.091.02-.408.005-.485a1.6 1.6 0 0 0-.262-.618 12 12 0 0 0-.553-.588 20 20 0 0 1-.519-.54.3.3 0 0 1-.02-.23.3.3 0 0 1 .116-.14c.033-.019.078-.021.388-.025l.35-.003-.01.064c-.011.075-.01.358 0 .416l.014.078c.016.082.058.21.101.304.108.236.094.22 1.29 1.442a53 53 0 0 0 1.204 1.21c.201.16.384.243.634.289a1.6 1.6 0 0 0 .388.012 1.42 1.42 0 0 0 1.233-1.26c.029-.281-.042-.476-.222-.62a.56.56 0 0 0-.635-.04.6.6 0 0 0-.29.495c-.009.18-.144.286-.31.244-.056-.013-.098-.055-1.13-1.105-.59-.6-1.086-1.115-1.103-1.142a.27.27 0 0 1 .047-.315c.064-.062.103-.07.355-.07.283 0 .365-.017.487-.102a.592.592 0 0 0-.06-1.014c-.12-.063-.104-.062-1.425-.063-1.31 0-1.376.002-1.526.043l-.065.016a2 2 0 0 0-.223.09c-.156.08-.366.255-.478.396-.077.1-.18.297-.225.429-.146.433-.086.888.165 1.271.06.092.165.206.588.64.283.29.524.542.535.562.042.084.02.214-.05.291-.058.065-.095.079-.2.079-.077 0-.103-.005-.135-.026a167 167 0 0 1-1.826-1.845c-1.345-1.371-1.803-1.83-1.854-1.862a.58.58 0 0 0-.432-.067.61.61 0 0 0-.429.455.63.63 0 0 0 .092.449c.017.026.573.6 1.235 1.275 1.096 1.12 1.205 1.232 1.218 1.281a.28.28 0 0 1-.049.254c-.058.082-.212.114-.31.062-.022-.013-.803-.8-1.735-1.748-1.344-1.37-1.712-1.738-1.785-1.787a1.4 1.4 0 0 0-.775-.257c-.063 0-.116-.002-.117 0z'/></svg>",
+  "swift": "<svg viewBox='0 0 24 24'><path fill='#ff6e40' d='M17.087 19.721c-2.36 1.36-5.59 1.5-8.86.1a13.8 13.8 0 0 1-6.23-5.32c.67.55 1.46 1 2.3 1.4 3.37 1.57 6.73 1.46 9.1 0-3.37-2.59-6.24-5.96-8.37-8.71-.45-.45-.78-1.01-1.12-1.51 8.28 6.05 7.92 7.59 2.41-1.01 4.89 4.94 9.43 7.74 9.43 7.74.16.09.25.16.36.22.1-.25.19-.51.26-.78.79-2.85-.11-6.12-2.08-8.81 4.55 2.75 7.25 7.91 6.12 12.24-.03.11-.06.22-.05.39 2.24 2.83 1.64 5.78 1.35 5.22-1.21-2.39-3.48-1.65-4.62-1.17'/></svg>",
   "syncpack": "<svg viewBox='0 0 100 100'><path fill='#8bc34a' d='M46.677 7.772a38.8 38.8 0 0 1 10.83.571 45 45 0 0 1 7.226 2.046 53 53 0 0 1 4.89 2.263c3.022 1.662 5.888 3.666 8.338 6.106a51 51 0 0 1 3.572 3.893 47 47 0 0 1 3.354 4.953 38.2 38.2 0 0 1 3.935 9.47 20 20 0 0 1 .862 5.18c-.478-.353-.852-.82-1.257-1.256-2.523-2.845-4.942-5.794-7.413-8.701-1.111-1.267-2.18-2.596-3.395-3.769-.956.83-1.662 1.89-2.482 2.845-2.326 2.783-4.651 5.565-7.008 8.317a10.2 10.2 0 0 0-1.392-2.866 22.4 22.4 0 0 0-3.177-3.883 18.75 18.75 0 0 0-12.21-5.244 18.9 18.9 0 0 0-5.607.468 16.9 16.9 0 0 0-4.496 1.599 18.2 18.2 0 0 0-6.822 5.939 15.3 15.3 0 0 0-2.284 4.506c3.24.01 6.48-.02 9.719 0-.924 1.318-1.994 2.523-3.011 3.769-2.607 3.115-5.275 6.209-7.891 9.345a100 100 0 0 1-3.136 3.81c-1.734 2.18-3.572 4.278-5.4 6.375a9 9 0 0 1-.83-.727c-1.267-1.266-2.44-2.616-3.624-3.955-3.83-4.413-7.538-8.93-11.286-13.405-1.017-1.204-2.014-2.43-3.084-3.572-.415-.467-.81-.945-1.142-1.474 2.856 0 5.71-.042 8.556-.083a36.1 36.1 0 0 1 3.956-11.889 42 42 0 0 1 5.243-7.527 39.3 39.3 0 0 1 6.126-5.514 40.6 40.6 0 0 1 20.35-7.58z'/><path fill='#2e7d32' d='M77.567 36.502c.727.55 1.318 1.246 1.952 1.89 2.544 2.762 4.953 5.648 7.372 8.514 2.637 3.136 5.243 6.302 7.89 9.428.904 1.11 1.974 2.087 2.763 3.291-2.856.02-5.71.042-8.566.093a36.3 36.3 0 0 1-5.752 14.827c-.758 1.163-1.558 2.305-2.44 3.385A40.48 40.48 0 0 1 48.13 92.342a45 45 0 0 1-7.715-1.142 50 50 0 0 1-5.534-1.745 45 45 0 0 1-6.157-3.063 35 35 0 0 1-6.956-5.42c-1.143-1.142-2.254-2.325-3.281-3.582a47 47 0 0 1-3.354-4.932 38.3 38.3 0 0 1-3.998-9.635c-.446-1.661-.83-3.343-.861-5.067.415.239.706.633 1.038.976 2.73 3.053 5.316 6.23 7.995 9.345.997 1.142 1.941 2.346 3.052 3.385.841-.727 1.485-1.62 2.18-2.471a829 829 0 0 1 7.31-8.691c.291 1.11.893 2.108 1.506 3.063a19.74 19.74 0 0 0 7.278 6.749 18 18 0 0 0 4.89 1.734c1.911.405 3.884.612 5.826.436 1.35-.104 2.689-.384 3.997-.685a19.1 19.1 0 0 0 7.912-4.569 20.4 20.4 0 0 0 3.188-4.08c.591-.997 1.1-2.046 1.412-3.157H58.14c.665-.976 1.433-1.869 2.18-2.762 2.617-3.167 5.296-6.271 7.933-9.417 1.205-1.391 2.285-2.887 3.52-4.267.976-1.163 1.91-2.378 2.907-3.53.956-1.122 1.942-2.212 2.908-3.323z'/></svg>",
   "systemd": "<svg viewBox='0 0 16 16'><path fill='#00e676' d='m9 8 3-2v4z'/><circle cx='6' cy='8' r='2' fill='#00e676'/><path fill='#eceff1' d='M3 5H1v6h2v-1H2V6h1zm10 0h2v6h-2v-1h1V6h-1z'/></svg>",
   "systemd_light": "<svg viewBox='0 0 16 16'><path fill='#00c853' d='m9 8 3-2v4z'/><circle cx='6' cy='8' r='2' fill='#00c853'/><path fill='#455a64' d='M3 5H1v6h2v-1H2V6h1zm10 0h2v6h-2v-1h1V6h-1z'/></svg>",
   "table": "<svg viewBox='0 0 24 24'><path fill='#8bc34a' d='M6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2m7 1.5V9h5.5zm4 7.5h-4v2h1l-2 1.67L10 13h1v-2H7v2h1l3 2.5L8 18H7v2h4v-2h-1l2-1.67L14 18h-1v2h4v-2h-1l-3-2.5 3-2.5h1z'/></svg>",
   "tailwindcss": "<svg viewBox='0 0 32 32'><path fill='#4db6ac' d='M23.5 12H8c.89-2.3 4.02-4 7.75-4s6.86 1.7 7.75 4M14 12h15.5c-.89 2.3-4.02 4-7.75 4s-6.86-1.7-7.75-4m3.5 8H2c.89-2.3 4.02-4 7.75-4s6.86 1.7 7.75 4M8 20h15.5c-.89 2.3-4.02 4-7.75 4S8.89 22.3 8 20'/></svg>",
-  "tape.clone": "<svg viewBox='0 0 32 32'><path fill='#BA68C8' d='m24 6 2 6h-4l-2-6h-3l2 6h-4l-2-6h-3l2 6H8L6 6H5a3 3 0 0 0-3 3v14a3 3 0 0 0 3 3h22a3 3 0 0 0 3-3V6Z'/></svg>",
+  "tape.clone": "<svg viewBox='0 0 32 32'><path fill='#ba68c8' d='m24 6 2 6h-4l-2-6h-3l2 6h-4l-2-6h-3l2 6H8L6 6H5a3 3 0 0 0-3 3v14a3 3 0 0 0 3 3h22a3 3 0 0 0 3-3V6Z'/></svg>",
   "taskfile": "<svg viewBox='0 0 32 32'><path fill='#4db6ac' d='M4 9v14l12 6V15z'/><path fill='#b2dfdb' d='M16 3 4 9l12 6 12-6z'/><path fill='#80cbc4' d='M16 15v14l12-6V9z'/></svg>",
   "tauri": "<svg viewBox='0 0 256 256'><path fill='#ffca28' d='M165.09 99.183a20.153 20.153 0 0 1-34.401 14.25 20.152 20.152 0 1 1 34.4-14.25z'/><path fill='#26c6da' d='M111.04 136.74c-11.13 0-20.152 9.022-20.152 20.151 0 11.13 9.022 20.152 20.152 20.152 11.129 0 20.152-9.022 20.152-20.152 0-11.129-9.023-20.15-20.152-20.15z'/><path fill='#ffca28' d='M186.7 163.76a77 77 0 0 1-26.564 10.81 54.04 54.04 0 0 0 2.657-24.366 54.05 54.05 0 0 0 33.856-35.246 54.04 54.04 0 0 0-27.73-64.21 54.044 54.044 0 0 0-67.863 16.927 89.8 89.8 0 0 0-29.495 8.61 76.94 76.94 0 0 1 86.49-53.058 76.94 76.94 0 0 1 63.888 78.829 76.94 76.94 0 0 1-35.24 61.706zM72.48 90.298l18.869 2.29a54 54 0 0 1 2.381-10.717 77 77 0 0 0-21.25 8.427' clip-rule='evenodd'/><path fill='#26c6da' d='M69.182 92.314a76.9 76.9 0 0 1 26.747-10.9 53.95 53.95 0 0 0-3.023 24.457 54.05 54.05 0 0 0-33.64 35.358 54.04 54.04 0 0 0 52.354 69.6 54.04 54.04 0 0 0 43.298-22.52 89.8 89.8 0 0 0 29.495-8.518 76.94 76.94 0 0 1-50.002 50.423 76.94 76.94 0 0 1-69.992-11.992A76.944 76.944 0 0 1 69.18 92.315zm114.22 73.462-.366.183z' clip-rule='evenodd'/></svg>",
-  "taze": "<svg viewBox='0 0 16 16'><path fill='#00C853' d='M9.196 10.555a.465.465 0 0 0-.654-.14l-2.417 1.62 1.038-2.108a.5.5 0 0 0-.195-.657.47.47 0 0 0-.643.209l-1.049 2.123-.165-2.95a.477.477 0 0 0-.497-.454.48.48 0 0 0-.444.508l.093 1.665c.039.698-.103 1.4-.41 2.023l-.473.962a.66.66 0 0 0 .283.877l1.355.698c.312.16.697.035.858-.29l.473-.961a3.9 3.9 0 0 1 1.345-1.54l1.365-.917a.484.484 0 0 0 .137-.668'/><path fill='#00695C' d='M12.9 6.175c.454-1.85-.385-3.832-2.12-4.73-1.735-.892-3.792-.398-4.977 1.072a3.066 3.066 0 0 0-3.47 1.654c-.77 1.56-.157 3.459 1.37 4.246a3.05 3.05 0 0 0 1.666.324 1.96 1.96 0 0 0 1.048 1.575 1.88 1.88 0 0 0 1.857-.075c.288.489.712.902 1.248 1.176 1.526.788 3.383.16 4.153-1.4a3.234 3.234 0 0 0-.775-3.842'/></svg>",
+  "taze": "<svg viewBox='0 0 16 16'><path fill='#00c853' d='M9.196 10.555a.465.465 0 0 0-.654-.14l-2.417 1.62 1.038-2.108a.5.5 0 0 0-.195-.657.47.47 0 0 0-.643.209l-1.049 2.123-.165-2.95a.477.477 0 0 0-.497-.454.48.48 0 0 0-.444.508l.093 1.665c.039.698-.103 1.4-.41 2.023l-.473.962a.66.66 0 0 0 .283.877l1.355.698c.312.16.697.035.858-.29l.473-.961a3.9 3.9 0 0 1 1.345-1.54l1.365-.917a.484.484 0 0 0 .137-.668'/><path fill='#00695c' d='M12.9 6.175c.454-1.85-.385-3.832-2.12-4.73-1.735-.892-3.792-.398-4.977 1.072a3.066 3.066 0 0 0-3.47 1.654c-.77 1.56-.157 3.459 1.37 4.246a3.05 3.05 0 0 0 1.666.324 1.96 1.96 0 0 0 1.048 1.575 1.88 1.88 0 0 0 1.857-.075c.288.489.712.902 1.248 1.176 1.526.788 3.383.16 4.153-1.4a3.234 3.234 0 0 0-.775-3.842'/></svg>",
   "tcl": "<svg viewBox='0 0 24 24'><path fill='#ef5350' d='M21.492 2.51S14.24 2.157 8.526 9.988c-4.385 6.008-6.018 11.504-6.018 11.504l1.842-.95c1.366-2.372 2.078-3.35 3.417-4.745 2.401.702 4.907.617 7.08-1.899-1.898-.53-3.416-.408-5.657-.18C11.706 12 13.424 11.62 15.797 12l.949-1.898c-1.709-.323-2.848-.352-4.537.038 1.87-1.32 3.17-2.06 5.486-1.937l1.148-1.832c-1.48-.104-2.372.057-4.072.475C16.3 5.46 17.695 4.834 19.726 4.71c0 0 .997-1.793 1.766-2.202z'/></svg>",
   "teal": "<svg viewBox='0 0 32 32'><path fill='#00acc1' d='M16 2a14 14 0 1 0 14 14A14 14 0 0 0 16 2m8 14h-8V8h8Z'/></svg>",
   "templ": "<svg viewBox='0 0 32 32'><path fill='#ffd54f' d='M8.125 24.313 1 16l7.125-8.313 3 2.625L6.25 16l4.875 5.688ZM24 7.687 31.125 16 24 24.313l-3-2.625L25.875 16 21 10.312ZM16 4l-4 24h4l4-24z'/></svg>",
@@ -994,7 +1042,7 @@
   "test-js": "<svg viewBox='0 0 32 32'><path fill='#ffca28' d='M20 4v2h-2v4.531l.264.461 7.473 13.078a2 2 0 0 1 .263.992V26a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2v-.938a2 2 0 0 1 .264-.992l7.473-13.078.263-.46V6h-2V4zm0-2h-8a2 2 0 0 0-2 2v2a2 2 0 0 0 2 2v2L4.527 23.078A4 4 0 0 0 4 25.062V26a4 4 0 0 0 4 4h16a4 4 0 0 0 4-4v-.938a4 4 0 0 0-.527-1.984L20 10V8a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2'/><circle cx='17' cy='17' r='1' fill='#ffca28'/><path fill='#ffca28' d='M19.72 20.715a1 1 0 0 0-1.134-.318 5 5 0 0 1-1.18.262 3.95 3.95 0 0 1-1.862-.292 2.74 2.74 0 0 0-3.371.489 2 2 0 0 0-.237.35L10 24h12Z'/></svg>",
   "test-jsx": "<svg viewBox='0 0 32 32'><path fill='#00bcd4' d='M20 4v2h-2v4.531l.264.461 7.473 13.078a2 2 0 0 1 .263.992V26a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2v-.938a2 2 0 0 1 .264-.992l7.473-13.078.263-.46V6h-2V4zm0-2h-8a2 2 0 0 0-2 2v2a2 2 0 0 0 2 2v2L4.527 23.078A4 4 0 0 0 4 25.062V26a4 4 0 0 0 4 4h16a4 4 0 0 0 4-4v-.938a4 4 0 0 0-.527-1.984L20 10V8a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2'/><circle cx='17' cy='17' r='1' fill='#00bcd4'/><path fill='#00bcd4' d='M19.72 20.715a1 1 0 0 0-1.134-.318 5 5 0 0 1-1.18.262 3.95 3.95 0 0 1-1.862-.292 2.74 2.74 0 0 0-3.371.489 2 2 0 0 0-.237.35L10 24h12Z'/></svg>",
   "test-ts": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M20 4v2h-2v4.531l.264.461 7.473 13.078a2 2 0 0 1 .263.992V26a2 2 0 0 1-2 2H8a2 2 0 0 1-2-2v-.938a2 2 0 0 1 .264-.992l7.473-13.078.263-.46V6h-2V4zm0-2h-8a2 2 0 0 0-2 2v2a2 2 0 0 0 2 2v2L4.527 23.078A4 4 0 0 0 4 25.062V26a4 4 0 0 0 4 4h16a4 4 0 0 0 4-4v-.938a4 4 0 0 0-.527-1.984L20 10V8a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2'/><circle cx='17' cy='17' r='1' fill='#0288d1'/><path fill='#0288d1' d='M19.72 20.715a1 1 0 0 0-1.134-.318 5 5 0 0 1-1.18.262 3.95 3.95 0 0 1-1.862-.292 2.74 2.74 0 0 0-3.371.489 2 2 0 0 0-.237.35L10 24h12Z'/></svg>",
-  "tex": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M2 8h10v2H2zm4 2h2v10H6zm6 4h6v2h-6zm0 2h2v12h-2z'/><path fill='#42a5f5' d='M13.5 26H18v2h-4.5zm.5-6h4v2h-4zm8 0h-2l8-12h2z'/><path fill='#42a5f5' d='M27 20h3L23 8h-3z'/></svg>",
+  "tex": "<svg viewBox='0 0 1024 1024'><path fill='#2196f3' d='M80 192 64 320h32c16-80 16-96 63.242-96H176c8.837 0 16 7.163 16 16v352c0 8.837 0 16-32 16h-32v32h192v-32h-32c-32 0-32-7.163-32-16V240c0-8.837 7.163-16 16-16h16c48 0 48 16 64 96h32l-16-128zm560 0v32c16 0 45.713 0 52.57 16L776 434.666 708.57 592c-6.857 16-52.57 16-68.57 16v32h128v-32s-34.285 0-27.428-16L792 472l51.428 120c3.103 7.24-1.52 16-11.428 16v32h128v-32c-16 0-45.713 0-52.57-16L824 397.334 891.43 240c6.857-16 52.57-16 68.57-16v-32H832v32s34.285 0 27.428 16L808 360l-51.428-120c-3.103-7.24 1.52-16 11.428-16v-32zM320 384v32h32c32 0 32 7.163 32 16v352c0 8.837 0 16-32 16h-32v32h304l16-128h-32c-16 80-16 96-64 96h-64c-32 0-32-7.163-32-16V624h80c8.837 0 16 0 16 32v16h32V544h-32v16c0 32-7.163 32-16 32h-80V432c0-8.837 0-16 32-16h64c48 0 48 16 64 96h32l-16-128z'/></svg>",
   "textlint": "<svg viewBox='0 0 32 32'><path fill='#f06292' d='M10 22V8H4v20h24v-6z'/><path fill='#00e5ff' d='M14 8h4v20h-4z'/><path fill='#00e5ff' d='M4 4h24v6H4z'/></svg>",
   "tilt": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M14 5v22a1 1 0 0 0 1 1h6a1 1 0 0 0 1-1V13a1 1 0 0 1 1-1h4a1 1 0 0 0 1-1V5a1 1 0 0 0-1-1H15a1 1 0 0 0-1 1M4.47 7.706l5.694-3.559A1.2 1.2 0 0 1 12 5.165V11a1 1 0 0 1-1 1H5a1 1 0 0 1-1-1V8.554a1 1 0 0 1 .47-.848'/></svg>",
   "tldraw": "<svg viewBox='0 0 24 24'><path fill='#b0bec5' d='M14.69 5.75q0 1.058-.808 1.796c-.808.738-1.194.738-1.966.738q-1.195 0-2.002-.738-.808-.737-.808-1.797 0-1.058.808-1.796c.808-.738 1.206-.738 2.002-.738q1.159 0 1.966.738.808.738.808 1.796zm-5.619 8.883q0-1.059.808-1.797.842-.77 2.037-.77a2.82 2.82 0 0 1 1.966.77q.843.738.984 1.668.28 1.733-.703 3.434-.948 1.7-2.74 2.598-.982.514-1.615-.032-.596-.513.352-1.219.525-.353.878-.898.351-.546.456-1.123.036-.257-.246-.257-.702-.032-1.44-.706a2.17 2.17 0 0 1-.737-1.668'/></svg>",
@@ -1006,13 +1054,13 @@
   "toml_light": "<svg viewBox='0 0 16 16'><path fill='#455a64' d='M4 6V4h8v2H9v7H7V6z'/><path fill='#ef5350' d='M4 1v1H2v12h2v1H1V1zm8 0v1h2v12h-2v1h3V1z'/></svg>",
   "travis": "<svg viewBox='0 0 200 200'><path fill='#cb3349' d='M53.341 89.17s-27.564 19.4-28.641 26.791l2.068-.425S59.776 93.66 85.942 90.991l.592-3.321zm43.27-2.773-21.712 15.4 1.174.941c.885-.714 38.567-12.222 38.567-12.222l7.944-4.981c-5.33.664-25.973.862-25.973.862m18.869 18.627c15.417 0 38.527-15.1 38.527-15.1l-7.47-1.422c-.37.37-12.047-.409-12.047-.409l-5.544-1.54-13.243 15.091-1.078 2.619c.952-.387.854.76.854.76zm50.313 48.152-4.763 1.34-22.006-.475-13.766-10.705-16.64 4.163-19.244-1.665-10.777 11.776-20.22 6.04-10.097-3.13-.509-.438 4.532 11.097s10.265 11.005 15.999 12.299c5.733 1.294 16.09-.093 23.859-1.296 7.767-1.202 13.963-3.976 16.46-8.506 2.496-4.533 2.866-5.827 2.866-5.827s7.4 10.45 13.78 11.653c6.38 1.202 25.338-5.273 25.338-5.273s11.56-3.143 13.593-7.12c2.035-3.976 7.4-17.015 7.4-17.015zM50.4 162.216l-.32-.147c-.758-.655-1.378-1.19-1.783-1.538z'/><path fill='#f4edae' d='M184.483 74.565a43 43 0 0 0-.186-1.78 24 24 0 0 0-.19-1.26c-1.588-1.337-3.394-2.526-5.273-3.607-2.036-1.19-4.166-2.255-6.341-3.244-2.16-1.02-4.378-1.941-6.609-2.841q-1.672-.68-3.364-1.309c-1.124-.438-2.259-.846-3.397-1.26 2.389.395 4.753.937 7.1 1.541 1.526.395 3.044.837 4.552 1.309-10.728-28.04-36.38-46.301-64.386-46.301-28.01 0-53.659 18.26-64.385 46.3a97 97 0 0 1 4.55-1.308c2.35-.604 4.716-1.146 7.103-1.542-1.142.415-2.274.823-3.402 1.261q-1.685.63-3.364 1.309c-2.231.9-4.443 1.822-6.608 2.84-2.17.99-4.302 2.056-6.339 3.245-1.879 1.08-3.682 2.27-5.277 3.606-.066.405-.133.843-.186 1.262-.071.59-.137 1.185-.186 1.78a46 46 0 0 0-.156 3.597 52.5 52.5 0 0 0 .443 7.183c.327 2.385.765 4.754 1.412 7.043.32 1.147.68 2.279 1.099 3.373a29 29 0 0 0 1.042 2.374l.153.291c.176.09.361.18.537.266l1.067.509c.594.27 1.417.66 2.097.966a2 2 0 0 0 .11-.101l-1.98-7.541c.42-.115 4.179-1.085 10.658-2.318a32 32 0 0 1-5.91-1.723c-.7-.295-1.388-.618-2.045-.988-.657-.377-1.304-.804-1.804-1.371 7.118 2.322 21.826 1.27 34.9-.08 11.957-1.233 23.942-2.032 35.99-2.056 12.048.024 24.037.823 35.99 2.055 13.08 1.351 27.787 2.403 34.904.08-.5.568-1.145.996-1.802 1.372a20 20 0 0 1-2.045.988 32 32 0 0 1-4.34 1.385q-.328.077-.657.147c7.104 1.318 11.24 2.39 11.682 2.508l-1.894 7.184c.38-.172.765-.338 1.142-.509l1.065-.51q.266-.129.538-.265l.147-.29q.194-.372.371-.766c.24-.523.468-1.062.677-1.608a37 37 0 0 0 1.1-3.373c.647-2.29 1.084-4.659 1.412-7.043.306-2.379.466-4.782.444-7.184-.01-1.201-.053-2.4-.159-3.596'/><path fill='#e6ccad' d='M114.47 174.284c-.943.142-1.885.262-2.823.332-.604.03-1.243.09-1.823.09l-.215.005a516 516 0 0 0 1.7-3.844c.853.957 1.938 2.141 3.16 3.417zm2.046 2.091c2.926 2.898 6.553 4.558 10.544 4.853-6.704 2.723-13.023 3.774-17.89 4.101-4.853.325-9.772-.247-14.593-1.568.404-.073.7-.125 1.057-.168.396-.048 9.04-1.175 12.937-6.97l.366.009.957-.008c.647 0 1.235-.053 1.854-.077a39 39 0 0 0 4.321-.623q.22.226.447.45z'/><path fill='#656c67' d='M124.807 89.611c-.28.366-.595.77-.928 1.19-1.713 2.165-4.088 4.934-6.904 7.642a327 327 0 0 0-10.102-.157c-5.722 0-11.21.152-16.42.405 7.362-3.055 16.206-6.04 25.785-7.832 2.797-.53 5.66-.953 8.569-1.248m-43.085 3.297c-2.627 1.846-5.595 4.202-8.473 7.06a319 319 0 0 0-19.104 2.49c8.155-3.75 17.462-7.2 27.577-9.55m90.05 15.216-2.998 20.975-14.36 10.058-37.454-4.258-5.639-18.567a1.23 1.23 0 0 0-.981-.86c-1.388-.225-2.616-.339-3.639-.339-1.027 0-2.25.114-3.645.339a1.24 1.24 0 0 0-.98.86l-5.5 18.114-37.245 8.289-14.759-10.34-2.908-23.537q.95-.537 1.927-1.07 1.372-.296 3.079-.624l2.74 22.21c.043.347.234.656.52.856l10.152 7.115a1.26 1.26 0 0 0 .976.188l30.622-6.813a1.23 1.23 0 0 0 .909-.842l5.514-18.158c1.479-.38 5.268-1.266 8.597-1.266 3.321 0 7.113.885 8.593 1.266l5.514 18.157c.143.472.553.808 1.042.866l30.622 3.478c.297.033.6-.044.844-.214l10.159-7.109c.274-.195.46-.501.507-.838l2.713-18.974c2.038.393 3.741.75 5.078 1.038m3.782-13.155-2.636 10c-5.39-1.188-17.234-3.52-33.354-5.09 5.267-2.246 10.63-5.063 15.53-8.584 9.592 1.356 16.635 2.807 20.46 3.674'/><path fill='#e5caa3' d='M67.567 126.256c2.088-1.128 4.448-.96 8.14-.956.397.01.805.005 1.232-.004.363-.004.728-.01 1.114-.02 3.806-.037 6.97.325 6.915-5.652-.058-5.975-2.712-10.805-6.514-10.767-3.806.033-7.489 4.929-7.261 10.9.062 1.556.29 2.679.657 3.488-3.317.831-4.231 2.883-4.283 3.011m45.758-24.58a41 41 0 0 1-4.65 3.288l-5.4 3.26a46 46 0 0 0-6.494 1.3 1.25 1.25 0 0 0-.838.827l-5.5 18.123-29.395 6.537-9.259-6.485-2.693-21.82c5.258-.966 12.29-2.084 20.736-3.03a50 50 0 0 0-2.617 3.415l-5.029 7.218 7.322-4.881c.11-.076 4.772-3.144 12.4-6.875a334 334 0 0 1 31.417-.877m32.192 22.135c-.037-.141-.837-2.545-4.378-2.123.409-.888.59-2.087.462-3.73-.468-5.961-3.936-10.7-7.738-10.568-3.802.135-6.238 5.077-6.028 11.053.21 5.972 3.402 5.93 7.204 5.796 5.11-.095 7.918-1.665 10.478-.428m18.761-17.17-2.65 18.551-9.336 6.537-29.356-3.336-5.477-18.038a1.25 1.25 0 0 0-.837-.827c-.182-.053-3.816-1.09-7.67-1.424l.704-.047c.609-.043 10.734-1.285 22.825-5.453 13.388 1.028 24.322 2.675 31.797 4.036z'/><path fill='#c7b39a' d='M67.567 126.256c2.088-1.128 4.448-.96 8.14-.956.397.01.805.005 1.232-.004.363-.004.728-.01 1.114-.02 3.806-.037 6.97.325 6.915-5.652-.058-5.975-2.712-10.805-6.514-10.767-3.806.033-7.489 4.929-7.261 10.9.062 1.556.29 2.679.657 3.488-3.317.831-4.231 2.883-4.283 3.011m45.758-24.58a41 41 0 0 1-4.65 3.288l-5.4 3.26a46 46 0 0 0-6.494 1.3 1.25 1.25 0 0 0-.838.827l-5.5 18.123-29.395 6.537-9.259-6.485-2.693-21.82c5.258-.966 12.29-2.084 20.736-3.03a50 50 0 0 0-2.617 3.415l-5.029 7.218 7.322-4.881c.11-.076 4.772-3.144 12.4-6.875a334 334 0 0 1 31.417-.877m32.192 22.135c-.037-.141-.837-2.545-4.378-2.123.409-.888.59-2.087.462-3.73-.468-5.961-3.936-10.7-7.738-10.568-3.802.135-6.238 5.077-6.028 11.053.21 5.972 3.402 5.93 7.204 5.796 5.11-.095 7.918-1.665 10.478-.428m18.761-17.17-2.65 18.551-9.336 6.537-29.356-3.336-5.477-18.038a1.25 1.25 0 0 0-.837-.827c-.182-.053-3.816-1.09-7.67-1.424l.704-.047c.609-.043 10.734-1.285 22.825-5.453 13.388 1.028 24.322 2.675 31.797 4.036z'/><g fill='#e6ccad'><path d='M177.087 114.794c.45.371.807 1.332.404 5.809-.495 5.481-2.8 15.102-4.226 16.653-1.575.305-4.877-.057-6.89-.527.348-1.381.447-2.043.728-3.455l3.521-2.463c.28-.195.466-.501.514-.834l2.46-17.243c1.494.808 3.03 1.683 3.489 2.06M47.279 137.302q.265.938.553 1.86c-1.895.557-5.754 1.09-7.499.785-1.446-1.457-4.144-11.485-4.734-16.81-.481-4.315-.144-5.248.295-5.611.51-.428 2.416-1.513 4.068-2.398l2.232 18.114c.042.348.227.656.519.856zm71.23.248-.134 1.156s-4.058 3.763-10.59 4.605c-6.533.842-11.667-3.173-11.667-3.173.214.698.519 2.274 1.998 3.62a47 47 0 0 0-5.592-.348c-.712 0-1.432.02-2.127.054-4.02.21-9.676 6.289-13.654 12.413-1.951.618-8.05 2.554-15.111 4.64-6.59-9.132-9.831-18.463-10.16-19.428l.005-.005c-.133-.372-.267-.744-.39-1.124l1.694 1.186v.004l4.186 2.931 1.4.975c.209.148.456.224.703.224q.135 0 .27-.027l38.475-8.566c.431-.094.78-.419.908-.841l5.486-18.062a19 19 0 0 1 2.493-.195c.71 0 1.547.067 2.494.195l5.646 18.6c.143.47.552.814 1.037.865z'/><path d='m162.427 136.558 1.242-.872a77 77 0 0 1-.662 2.566c-1.726 5.534-3.765 10.43-6.028 14.754-.5.034-1.028.054-1.594.054-1.747 0-3.531-.148-5.506-.33-3.426-.314-8.864-.936-10.581-1.136-1.48-1.18-6.542-5.202-10.754-8.517-.166-.133-.308-.257-.447-.372-.742-.627-1.585-1.34-3.293-1.34-1.55 0-3.816.565-9.29 2.222 2.844-2.127 2.863-4.872 2.863-4.872l.134-1.156 36.094 4.1c.294.034.599-.042.846-.213l3.627-2.54z'/></g><path fill='#ebd599' d='M135.862 60.616c.11 3.21.029 9.03-1.466 14.478a1.2 1.2 0 0 0 0 .624 234 234 0 0 0-5.71-.524c2.136-4.477 2.602-9.244 2.703-10.923 1.64-1.167 3.274-2.566 4.473-3.655M81.4 64.27c.098 1.68.564 6.437 2.697 10.91q-2.856.228-5.705.528a1.2 1.2 0 0 0 0-.615c-1.494-5.438-1.57-11.262-1.465-14.478 1.198 1.09 2.825 2.489 4.472 3.655z'/><path fill='#2d3136' d='M145.517 123.811c-2.56-1.236-5.367.334-10.477.43-3.802.133-6.995.174-7.204-5.797-.21-5.976 2.226-10.918 6.028-11.053 3.802-.133 7.27 4.606 7.738 10.569.128 1.642-.054 2.84-.462 3.729 3.54-.423 4.34 1.98 4.377 2.122m-11.948-8.75a1.95 1.95 0 0 0 1.908-1.98 1.937 1.937 0 0 0-1.98-1.906 1.944 1.944 0 0 0 .072 3.887z'/><circle cx='131.439' cy='115.529' r='1.943' fill='#edf6fa' transform='rotate(-1.049)'/><path fill='#2d3136' d='M84.967 119.622c.056 5.976-3.108 5.615-6.914 5.652-.386.01-.752.014-1.115.02q-.64.017-1.231.003c-3.692-.004-6.053-.172-8.14.956.05-.128.965-2.18 4.282-3.012-.366-.81-.596-1.932-.657-3.487-.228-5.971 3.455-10.868 7.261-10.9 3.802-.038 6.457 4.792 6.514 10.767zm-5.876-3.126a1.944 1.944 0 1 0-.109-3.887 1.944 1.944 0 0 0 .109 3.887'/><circle cx='76.07' cy='116.551' r='1.944' fill='#edf6fa' transform='rotate(-1.473)'/><path fill='#ebd599' fill-opacity='.8' d='M55.92 79.056s.59-7.7 1.797-10.65c.622-1.52 4.426-2.489 7.331-3.18 2.904-.692 7.537-2.075 8.437 2.005s2.35 7.053 3.318 8.367l-1.244-16.803-19.985 4.84-1.315 14.869.623 1.175 1.037-.623m101.131 0s-.59-7.7-1.797-10.65c-.623-1.52-4.427-2.489-7.33-3.18-2.906-.692-7.538-2.075-8.438 2.005-.898 4.08-2.351 7.053-3.32 8.367l1.246-16.803 19.985 4.84 1.314 14.869-.623 1.175z' opacity='.8'/><path fill='#ebd599' fill-opacity='.75' d='M128.793 28.763s-.53 40.295-9.942 40.295H94.379c-9.413 0-10.173-40.277-10.173-40.277l-4.624 13.675.076 18.764 3.283 2.61 1.493 8.058 2.088 4.7 40.288.075 1.864-3.358 1.567-5.67.225-3.58 4.45-12.704zm29.647 37.572s1.938 13.9 7.064 16.407l-7.178-2.165zm-104.1 0s-1.938 13.9-7.065 16.407l7.179-2.165z' opacity='.75'/><path fill='#2d3136' d='M159.823 80.513c2.44.8 4.894 1.646 7.118 2.946-1.19-.472-2.418-.809-3.655-1.114a62 62 0 0 0-3.721-.818 116 116 0 0 0-7.528-1.176 169 169 0 0 0-7.57-.818c-2.531-.214-5.057-.428-7.594-.576-10.139-.624-20.306-.78-30.48-.79-10.172.005-20.34.196-30.48.795-2.535.147-5.062.362-7.593.576s-5.058.486-7.57.818c-2.522.305-5.03.705-7.527 1.175q-1.871.35-3.726.814c-1.232.305-2.465.642-3.655 1.114 2.223-1.299 4.677-2.15 7.123-2.95.205-.067.414-.124.623-.19-.014-.053-.029-.1-.038-.157-.043-.281-.947-6.962.628-16.516.076-.457.404-.828.852-.952l2.584-.736c.561-20.042 8.815-29.467 9.073-29.758-7.375 11.867-7.308 25.942-7.18 29.22l16.057-4.565.038-.008q.1-.022.2-.029c.018 0 .043-.005.066-.005.082-.004.173.005.263.024.014 0 .028.01.047.014.067.014.129.037.199.066.029.015.047.03.076.044q.078.044.157.1c.014.009.03.013.043.028l.028.029c.015.014.033.024.048.039.01.014.438.436 1.118 1.07-.161-5.29.09-20.469 7.319-33.049-.153.441-5.887 17.21-3.911 36.004a30 30 0 0 0 1.974 1.46c.318.22.514.58.518.966.006.062.143 6.053 2.789 11.149q.054.115.09.237c6.58-.447 13.18-.628 19.764-.632 6.587.004 13.18.194 19.76.647.024-.086.053-.17.096-.252 2.645-5.096 2.784-11.087 2.784-11.15.009-.385.204-.746.523-.965a32 32 0 0 0 1.97-1.46c1.979-18.794-3.756-35.563-3.907-36.004 7.222 12.58 7.48 27.758 7.318 33.05a55 55 0 0 0 1.117-1.071c.014-.015.035-.024.047-.04.01-.008.016-.018.03-.028.014-.014.029-.02.043-.029l.157-.104.071-.039c.072-.029.138-.052.21-.07.014 0 .029-.01.043-.01.085-.019.177-.028.262-.024.024 0 .043.005.062.005.066.005.138.014.205.029.01.005.024.005.037.009l16.058 4.563c.13-3.277.196-17.353-7.178-29.219.256.29 8.512 9.717 9.068 29.758l2.588.736c.442.124.775.495.852.952 1.574 9.554.666 16.235.627 16.516q-.015.085-.037.161c.212.062.417.123.627.19m-2.92-.857c.123-1.07.698-6.917-.524-14.882l-18.177-5.167c.163 3.078.235 9.754-1.512 16.12a1.4 1.4 0 0 1-.09.229c.18.019.362.033.537.057 5.11.585 10.197 1.403 15.226 2.507 1.517.352 3.035.729 4.539 1.136zm-22.508-4.563c1.495-5.447 1.576-11.267 1.466-14.478-1.199 1.09-2.832 2.488-4.473 3.654-.1 1.68-.567 6.447-2.703 10.923 1.903.154 3.807.325 5.71.524a1.2 1.2 0 0 1 0-.623m-50.296.087c-2.133-4.473-2.599-9.232-2.698-10.91-1.646-1.166-3.274-2.565-4.473-3.654-.105 3.216-.028 9.04 1.466 14.478.057.21.051.42 0 .615q2.85-.301 5.705-.529m-7.913.765a1.5 1.5 0 0 1-.087-.218c-1.75-6.367-1.673-13.042-1.516-16.121l-18.171 5.167c-1.223 7.956-.652 13.803-.53 14.879 1.51-.41 3.022-.786 4.546-1.138 2.511-.556 5.043-1.022 7.579-1.45 2.541-.424 5.09-.747 7.64-1.057.182-.024.358-.037.54-.062z'/><path fill='#2d3136' d='M125.542 29.29v15.081h-10.69v-4.406h-2.41v20.357h3.64v11.382H97.385V60.322h3.625V39.966h-2.401v4.406H87.925V29.29zm-3.212 11.877v-8.671h-31.2v8.671h4.266v-4.406h8.826v26.773h-3.632V68.5h12.282v-4.966h-3.632V36.761h8.826v4.406z'/><path fill='#cb3349' d='M104.22 36.761h-8.823v4.406h-4.266v-8.672h31.205v8.672h-4.27v-4.406h-8.823v26.773h3.632V68.5H100.59v-4.966h3.632z'/><path fill='#656c67' d='M38.206 94.969c1.558-.354 3.663-.804 6.246-1.302a93 93 0 0 0-5.512 4.072z'/><g fill='#c7b39a'><path d='M95.266 136.301s.436 2.804-3.488 4.003c-3.922 1.2-28.773 8.606-31.607 8.205s-10.026-5.203-10.026-5.203l-1.745-6.204 10.644 6.636zm22.26-.541s-.314 2.82 3.659 3.85c3.972 1.028 29.12 7.347 31.933 6.824s9.79-5.635 9.79-5.635l1.474-6.275-9.784 5.836z'/><path d='M36.184 131.146s3.443 6.887 9.005 4.502l3.973 1.457-.397 2.915-8.343 1.058-2.25-1.323zm140.965-1.896s-5.628 7.188-11.19 4.805l-1.788 1.153.397 2.913 8.343 1.06 2.25-1.324zM90.1 183.355s20.4 10.285 43.498-3.71l-7.417-.506s-16.186 6.406-29 2.866z'/></g><path fill='#2d3136' d='m110.785 164.408 1.412 1.682c.032.04 3.168 3.773 7.003 7.575 2.55 2.527 5.63 3.806 9.162 3.806a16 16 0 0 0 3.751-.463c1.187-.289 2.477-.596 3.797-.912 4.77-1.14 10.171-2.435 12.79-3.169a35 35 0 0 1 1.705-.418c3.485-.805 8.263-1.916 10.795-6.988 1.904-3.806 4.47-8.746 6.375-12.367-1.65.761-3.38 1.586-4.609 2.233-1.894.994-4.374 1.476-7.58 1.476-1.907 0-3.78-.16-5.851-.344-4.141-.381-11.149-1.206-11.22-1.216l-.537-.06-.424-.338c-.063-.046-6.203-4.939-11.166-8.842q-.302-.247-.55-.454c-.523-.446-.523-.446-.835-.446-1.591 0-6.218 1.435-16.353 4.577l-.623.198-.61-.23c-.07-.023-6.72-2.49-14.688-2.49-.652 0-1.302.017-1.935.05-.798.041-5.278 2.169-11.006 11.232l-.371.582-.657.21c-.095.034-9.954 3.216-20.41 6.206l-.679.193-.642-.298c-.068-.028-4.16-1.926-8.053-3.716 2.123 3.137 4.838 7.05 7.227 10.118 4.173 5.374 9.433 10.34 19.518 10.34 1.265 0 2.609-.077 3.989-.234 10.258-1.16 12.9-1.627 14.321-1.875.481-.082.862-.152 1.349-.21.077-.01 8.478-1.097 10.835-6.384 2.43-5.433 2.921-6.728 2.94-6.777l.857-2.288s.106-.593.28-.777q-.001.005.005.004l.017.014c.27.194.67.8.67.8zM46.895 61.832c-2.23.898-4.444 1.825-6.609 2.842-2.169.992-4.301 2.056-6.337 3.242-1.88 1.083-3.683 2.27-5.274 3.611a34 34 0 0 0-.187 1.26 46 46 0 0 0-.344 5.376 53 53 0 0 0 .445 7.185c.33 2.385.765 4.756 1.412 7.044a37 37 0 0 0 1.1 3.37c.207.551.436 1.087.676 1.61.118.26.242.518.365.765l.153.29c.178.091.362.182.536.265l1.068.508c.596.276 1.417.666 2.096.968.04-.032.078-.069.11-.1l-1.977-7.54c.418-.114 4.179-1.086 10.658-2.32a30 30 0 0 1-1.572-.335 32.5 32.5 0 0 1-4.339-1.385 20 20 0 0 1-2.045-.99c-.656-.377-1.303-.803-1.803-1.371 7.118 2.324 21.824 1.27 34.9-.078 11.958-1.234 23.94-2.031 35.988-2.06 12.046.028 24.038.825 35.99 2.06 13.083 1.348 27.79 2.403 34.905.078-.5.568-1.145.994-1.801 1.37-.655.372-1.348.693-2.046.991a33 33 0 0 1-4.343 1.385q-.325.076-.656.147c7.104 1.316 11.24 2.389 11.68 2.508l-1.894 7.182c.381-.17.766-.334 1.141-.509l1.07-.508a21 21 0 0 0 .536-.266l.147-.289a18 18 0 0 0 .371-.765q.361-.785.68-1.61c.417-1.09.778-2.224 1.095-3.37.647-2.288 1.087-4.66 1.412-7.044.307-2.38.468-4.783.445-7.186a47 47 0 0 0-.156-3.595 46 46 0 0 0-.188-1.78 26 26 0 0 0-.19-1.26c-1.591-1.34-3.393-2.527-5.273-3.61-2.037-1.188-4.167-2.251-6.342-3.243-2.16-1.017-4.378-1.944-6.608-2.842a126 126 0 0 0-3.367-1.308c-1.122-.435-2.26-.846-3.397-1.26 2.388.394 4.756.939 7.098 1.54 1.527.395 3.05.84 4.554 1.312-10.727-28.043-36.38-46.302-64.384-46.302-28.011 0-53.658 18.26-64.384 46.302a96 96 0 0 1 4.549-1.312c2.348-.6 4.714-1.146 7.104-1.54-1.143.413-2.275.825-3.403 1.26-1.123.417-2.246.857-3.365 1.307m141.223 16.224c.129 2.581.06 5.167-.229 7.736a49 49 0 0 1-1.434 7.622 40 40 0 0 1-1.244 3.719 34 34 0 0 1-.788 1.834c-.143.302-.293.6-.463.908l-.252.454a8 8 0 0 1-.308.508l-.26.405-.409.21c-.436.225-.793.394-1.189.578l-1.15.519c-.77.33-1.545.64-2.32.943-.541.212-1.019.405-1.472.597l-1.28 4.86a94 94 0 0 0-1.136-.279l-.07.509c1.413.738 4.187 2.234 5.132 3.014 1.903 1.572 2.037 4.063 1.615 8.717-.216 2.39-1.009 7.039-2.109 11.31-1.9 7.35-2.908 8.213-4.21 8.546-.66.17-1.678.34-2.665.34-2.007 0-4.741.055-6.58-.39-.472 1.673-1.82 6.035-4.49 11.483.134-.065.266-.12.386-.184 3.292-1.729 9.62-4.485 9.887-4.605l4.999-2.172-2.56 4.814c-.06.105-5.549 10.429-8.91 17.17-3.34 6.677-9.598 8.13-13.345 8.992-.564.133-1.1.257-1.535.376-2.689.756-8.132 2.054-12.932 3.21-.057.013-.115.028-.174.036a56.7 56.7 0 0 1-9.704 4.793c-12.905 4.888-26.506 4.614-38.837.082-2.003.258-4.637.573-8.144.972a40 40 0 0 1-4.415.257c-11.75 0-17.977-5.966-22.522-11.808-4.865-6.256-10.817-15.542-11.07-15.931l-3.45-5.383 5.832 2.623c2.792 1.257 11.094 5.1 13.469 6.2q.287-.082.569-.165c-3.948-5.63-7.186-12.05-9.474-19.163-1.944.586-4.94 1.04-7.269 1.04-.851 0-1.614-.063-2.2-.201-1.303-.298-2.789-1.554-4.811-8.676-1.174-4.135-2.05-8.65-2.306-10.973-.505-4.536-.413-6.966 1.472-8.535 1.137-.95 4.97-2.963 5.764-3.374l-.17-1.4c-12.18 7.157-19.48 13.482-19.626 13.611l-8.71 7.644 6.205-9.786c4.91-7.755 10.583-14.024 15.802-18.853-.216-.087-.417-.174-.629-.26l-1.15-.519a31 31 0 0 1-1.187-.578l-.409-.21-.261-.405c-.147-.22-.21-.344-.307-.508l-.257-.454c-.16-.307-.317-.606-.46-.908q-.433-.914-.787-1.834a40 40 0 0 1-1.244-3.719 48.5 48.5 0 0 1-1.435-7.622 48.4 48.4 0 0 1-.23-7.736q.105-1.935.372-3.857c.092-.642.188-1.284.317-1.922.133-.65.262-1.256.459-1.967l.137-.5.358-.28c2.032-1.597 4.223-2.802 6.452-3.87a70 70 0 0 1 5.59-2.318C43.622 48.733 52.674 35.78 64.57 26.75c12.3-9.332 26.762-14.266 41.827-14.266s29.527 4.934 41.825 14.267c11.897 9.029 20.949 21.984 26.21 36.59a69 69 0 0 1 5.594 2.32c2.228 1.069 4.42 2.274 6.451 3.87l.358.281.138.5c.201.711.33 1.317.458 1.967.13.638.23 1.28.317 1.922.18 1.278.308 2.566.37 3.855m-10.626 42.546c.404-4.475.052-5.438-.403-5.805-.454-.381-1.99-1.251-3.485-2.063l-2.462 17.24a1.23 1.23 0 0 1-.514.835l-3.522 2.464c-.28 1.41-.38 2.077-.724 3.457 2.013.468 5.314.83 6.887.527 1.428-1.548 3.733-11.17 4.223-16.655m-4.571-15.633 2.637-10c-3.825-.867-10.869-2.317-20.462-3.674-4.899 3.521-10.26 6.337-15.528 8.584 16.12 1.569 27.965 3.903 33.353 5.09m-4.146 24.127 2.999-20.972c-1.334-.289-3.04-.646-5.077-1.036l-2.71 18.976c-.05.335-.234.642-.509.835l-10.162 7.107a1.23 1.23 0 0 1-.839.215l-30.623-3.48a1.23 1.23 0 0 1-1.042-.862l-5.516-18.159c-1.477-.382-5.27-1.267-8.589-1.267-3.334 0-7.122.885-8.599 1.267l-5.517 18.16a1.23 1.23 0 0 1-.908.838l-30.624 6.814a1.3 1.3 0 0 1-.27.029c-.248 0-.496-.074-.702-.222l-10.158-7.112a1.24 1.24 0 0 1-.518-.857l-2.738-22.21c-1.137.221-2.164.432-3.082.624q-.976.537-1.925 1.074l2.906 23.534 14.763 10.342 37.245-8.286 5.498-18.114a1.23 1.23 0 0 1 .982-.863c1.394-.224 2.613-.339 3.646-.339 1.02 0 2.246.115 3.636.339.467.073.847.408.981.863l5.64 18.563 37.453 4.259zm-7.148-3.907 2.65-18.556c-7.475-1.36-18.407-3.006-31.797-4.034-12.089 4.17-22.214 5.41-22.824 5.452l-.706.05c3.856.332 7.489 1.368 7.671 1.422.4.12.712.426.836.827l5.48 18.04 29.354 3.334zm2.04 10.492-1.244.87-3.347 2.35-3.628 2.54c-.247.17-.55.248-.845.215l-36.092-4.104-2.628-.299a1.23 1.23 0 0 1-1.037-.865l-5.649-18.6a19 19 0 0 0-2.489-.194q-1.076 0-2.495.194l-5.485 18.063a1.23 1.23 0 0 1-.908.838l-38.475 8.568a1.4 1.4 0 0 1-.27.026c-.247 0-.495-.073-.707-.224l-1.397-.973-4.187-2.929v-.01l-1.692-1.182c.12.38.256.752.391 1.123l-.005.005c.326.967 3.568 10.295 10.157 19.424a774 774 0 0 0 15.11-4.636c3.975-6.127 9.634-12.203 13.657-12.413a45 45 0 0 1 2.127-.054c1.968 0 3.848.141 5.59.348-1.48-1.344-1.784-2.922-1.999-3.619 0 0 5.132 4.013 11.666 3.175 6.536-.844 10.594-4.61 10.594-4.61s-.02 2.748-2.867 4.875c5.476-1.656 7.741-2.224 9.291-2.224 1.71 0 2.554.715 3.293 1.345.142.114.285.237.449.371 4.21 3.315 9.272 7.337 10.754 8.516 1.715.201 7.153.82 10.58 1.137 1.975.178 3.76.33 5.506.33.565 0 1.093-.024 1.592-.057 2.266-4.322 4.303-9.222 6.03-14.75.232-.851.458-1.709.659-2.57M150.35 89.98q-.014-.009-.028-.01a489 489 0 0 0-8.704-.577 803 803 0 0 0-12.106-.592 65 65 0 0 1-1.394 1.97c-2.196 2.973-6.553 8.425-12.14 13.048 7.908-1.417 21.622-4.925 33.487-13.203.297-.21.592-.43.885-.636m-26.464.82c.334-.417.645-.82.924-1.187a99 99 0 0 0-8.565 1.247c-9.58 1.793-18.426 4.774-25.786 7.828a340 340 0 0 1 16.423-.403c3.462 0 6.828.06 10.101.156 2.816-2.707 5.192-5.476 6.903-7.64zm3.177 90.423c-3.989-.294-7.616-1.953-10.544-4.852l-.444-.453a39 39 0 0 1-4.324.623c-.618.023-1.206.077-1.852.077l-.96.01-.365-.01c-3.894 5.793-12.542 6.921-12.937 6.972-.357.04-.65.09-1.055.164 4.82 1.321 9.74 1.894 14.592 1.568 4.865-.325 11.185-1.38 17.889-4.1zm-15.413-6.61a40 40 0 0 0 2.82-.334 123 123 0 0 1-3.16-3.417c-.417.959-.97 2.22-1.7 3.844h.214c.583 0 1.221-.063 1.826-.092zm-2.97-69.651a42 42 0 0 0 4.649-3.289c-2.115-.036-4.26-.063-6.447-.063-8.98 0-17.367.367-24.97.94-7.627 3.728-12.29 6.795-12.4 6.873l-7.323 4.885 5.03-7.219a47 47 0 0 1 2.619-3.416c-8.447.944-15.481 2.063-20.737 3.03l2.691 21.82 9.26 6.485 29.394-6.536 5.502-18.127a1.24 1.24 0 0 1 .556-.702 1 1 0 0 1 .279-.124c.17-.046 3.109-.885 6.498-1.298zm3.38-16.643q-3.072-.048-6.142-.055h-.004q-4.505.007-9.025.097l-5.553 2.631c-.005.005-.037.02-.078.043-.835.407-8.127 4.086-14.987 10.648 6.15-3.233 15.188-7.456 25.823-10.731a128 128 0 0 1 9.966-2.633M73.248 99.962c2.88-2.857 5.85-5.214 8.474-7.057-10.111 2.348-19.42 5.796-27.573 9.547a320 320 0 0 1 19.099-2.49m1.912-8.813a132 132 0 0 1 10.464-2.476c-5.136.187-10.275.426-15.406.715-2.982.165-5.949.367-8.916.591a138 138 0 0 0-4.435.394c-.422.041-.835.087-1.256.142-3.87 2.315-18.715 11.634-28.905 23.818 9.903-6.881 27.153-17.222 48.454-23.184m-27.327 48.008a61 61 0 0 1-.55-1.862l-4.572-3.2a1.23 1.23 0 0 1-.52-.858l-2.228-18.114c-1.651.885-3.558 1.971-4.068 2.398-.44.363-.775 1.294-.297 5.61.592 5.323 3.288 15.353 4.737 16.81 1.743.308 5.605-.228 7.498-.784m-3.379-45.495c-2.582.5-4.688.949-6.246 1.302l.735 2.77a92 92 0 0 1 5.511-4.072'/></svg>",
   "tree": "<svg viewBox='0 0 32 32'><path fill='#7cb342' d='M4 4h10v6H4zm16 10h10v6H20zm0 8h10v6H20zm-4-4v-2h-6v-4H8v14h8v-2h-6v-6z'/></svg>",
-  "trigger": "<svg fill='none' viewBox='0 0 32 32'><path fill='#4CAF50' fill-rule='evenodd' d='M11.158 13.51 16 5l12 21.09H4l4.842-8.51 3.425 2.007-1.416 2.49h10.298L16 13.027l-1.417 2.49z' clip-rule='evenodd'/></svg>",
+  "trigger": "<svg fill='none' viewBox='0 0 32 32'><path fill='#4caf50' fill-rule='evenodd' d='M11.158 13.51 16 5l12 21.09H4l4.842-8.51 3.425 2.007-1.416 2.49h10.298L16 13.027l-1.417 2.49z' clip-rule='evenodd'/></svg>",
   "tsconfig": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M15 2H6a2.006 2.006 0 0 0-2 2v22a2.006 2.006 0 0 0 2 2h6v-4H6v-2h6v-2H6v-2h6v-2H6v-2h6v-2h2V4l8 8h2v-1Z' data-mit-no-recolor='true'/><path fill='#0288d1' d='M12 12v18h18V12Zm8 6h-2v8h-2v-8h-2v-2h6Zm8 0h-4v2h2a2.006 2.006 0 0 1 2 2v2a2.006 2.006 0 0 1-2 2h-4v-2h4v-2h-2a2.006 2.006 0 0 1-2-2v-2a2.006 2.006 0 0 1 2-2h4Z'/></svg>",
   "tsil": "<svg viewBox='0 0 16 16'><path fill='#795548' d='M14 13.3a.7.7 0 0 1-.7.7H8V8h6z'/><path fill='#ffe57f' d='M14 8H8V2h5.3a.7.7 0 0 1 .7.7z'/><path fill='#ffab40' d='M8 8H2V2.7a.7.7 0 0 1 .7-.7H8z'/><path fill='#212121' d='M8 14H2.7a.7.7 0 0 1-.7-.7V8h6z'/></svg>",
   "tune": "<svg viewBox='0 0 32 32'><path fill='#fbc02d' d='M12 10h10v2H12z'/><path fill='#fbc02d' d='M16 4h2v8h-2zm4 18h10v2H20zm4 2h2v4h-2zm0-20h2v14h-2zM2 18h10v2H2z'/><path fill='#fbc02d' d='M6 18h2v10H6zM6 4h2v10H6zm10 12h2v12h-2z'/></svg>",
   "turborepo": "<svg viewBox='0 0 32 32'><defs><linearGradient id='a' x1='27.349' x2='7.613' y1='26.455' y2='6.719' gradientTransform='matrix(1 0 0 -1 0 34)' gradientUnits='userSpaceOnUse'><stop offset='.15' stop-color='#2196f3'/><stop offset='.85' stop-color='#f50057'/></linearGradient></defs><path fill='#cfd8dc' d='M16 8a8 8 0 1 0 8 8 8 8 0 0 0-8-8m0 12a4 4 0 1 1 4-4 4 4 0 0 1-4 4'/><path fill='url(#a)' d='M4.281 23.647A13.9 13.9 0 0 1 2 16h4a9.95 9.95 0 0 0 1.192 4.736ZM14 29.84v-4.042a9.9 9.9 0 0 1-3.892-1.732l-2.854 2.855A13.9 13.9 0 0 0 14 29.84M16 2v4a10 10 0 0 1 2 19.8v4.04A13.992 13.992 0 0 0 16 2'/></svg>",
   "turborepo_light": "<svg viewBox='0 0 32 32'><defs><linearGradient id='a' x1='27.349' x2='7.613' y1='26.455' y2='6.719' gradientTransform='matrix(1 0 0 -1 0 34)' gradientUnits='userSpaceOnUse'><stop offset='.15' stop-color='#2196f3'/><stop offset='.85' stop-color='#f50057'/></linearGradient></defs><path fill='#455a64' d='M16 8a8 8 0 1 0 8 8 8 8 0 0 0-8-8m0 12a4 4 0 1 1 4-4 4 4 0 0 1-4 4'/><path fill='url(#a)' d='M4.281 23.647A13.9 13.9 0 0 1 2 16h4a9.95 9.95 0 0 0 1.192 4.736ZM14 29.84v-4.042a9.9 9.9 0 0 1-3.892-1.732l-2.854 2.855A13.9 13.9 0 0 0 14 29.84M16 2v4a10 10 0 0 1 2 19.8v4.04A13.992 13.992 0 0 0 16 2'/></svg>",
-  "twig": "<svg viewBox='0 0 50 50'><path fill='#8BC34A' d='M9.727 47.556c-.125-.223-.297-2.168-.183-2.087.034.025.171.267.304.537s.282.487.332.482c.123-.011.075-1.196-.1-2.454-.331-2.397-1.176-4.434-2.358-5.69-.2-.212-.344-.4-.319-.418.093-.067 1.327.842 1.842 1.358.293.293.735.825.981 1.182.328.474.465.618.51.533.078-.147-.21-9.903-.376-12.7-.074-1.256.063-1.023.61 1.034 1.064 4.007 1.858 7.922 2.342 11.55.086.637.173 1.173.195 1.19s.092.002.157-.033c.888-.484 1.524-.667 2.55-.736.727-.049.945.062.35.177-1.15.223-1.99 1.013-2.344 2.201-.315 1.061-.327 2.707-.024 3.435.152.365.037.425-1.067.56-.716.088-.977.095-1.202.037-.356-.093-1.118-.098-1.195-.009-.031.037-.243.066-.47.066-.38 0-.423-.017-.534-.215zm1.974-3.232c.152-.205.072-.412-.204-.522-.225-.091-.263-.089-.437.024-.21.137-.252.43-.08.554.18.13.607.096.72-.056zm1.248.085a.8.8 0 0 0 .214-.202c.241-.33-.352-.622-.745-.366-.406.264.08.785.531.568m2.288 3.094c-.033-.038.117-.387.334-.774.216-.388.411-.666.433-.619.07.153-.201 1.28-.33 1.373-.15.107-.354.116-.437.02m-7.036-.41c-.29-.344-.221-.434.14-.183.176.124.321.264.321.311 0 .164-.279.086-.46-.129zm8.649-.146c0-.053.102-.18.227-.282.25-.204.312-.113.143.208-.095.18-.37.235-.37.074m8.065-.827c-.243-.025-.48-.088-.527-.14-.11-.125-.114-3.044-.004-3.044.045 0 .132.15.193.331q.189.57.31.124c.094-.337.065-3.471-.039-4.296-.449-3.55-1.865-6.124-4.342-7.89-1.086-.774-2.653-1.437-4.047-1.712-.764-.15-.522-.224.598-.182 2.364.09 4.167.707 5.847 2.002a11 11 0 0 1 2.32 2.501c.453.682.64.854.64.584 0-.07.063-.882.139-1.805.679-8.26 2.396-15.1 4.984-19.86 1.86-3.422 5.108-6.817 7.885-8.244 1.397-.717 2.539-.988 4.02-.952.933.023 1.01.036 1.77.308a6.8 6.8 0 0 1 1.363.661c.612.407 1.309 1.004 1.234 1.058-.025.018-.342-.165-.704-.407-2.657-1.771-5.062-1.52-7.12.742-1.108 1.22-2.652 3.53-3.634 5.443-2.828 5.503-4.541 11.464-5.291 18.413-.163 1.509-.282 3.76-.195 3.703.032-.022.266-.52.518-1.108 1.597-3.723 3.578-6.428 5.79-7.908.672-.45 1.612-.904 1.714-.83.023.016-.17.22-.43.453-1.958 1.755-3.25 3.76-4.233 6.573-.938 2.68-1.366 5.588-1.369 9.299 0 1.742.189 4.385.367 5.102.125.505.08.546-.585.546-.55 0-2.306.138-3.417.27-.413.05-.816.04-1.608-.036-.58-.056-1.13-.119-1.219-.14-.164-.037-.18-.014-.198.302-.012.186-.1.203-.73.139m2.507-6.725c.294-.11.375-.22.375-.517 0-.63-1.309-.706-1.524-.088-.074.212.13.51.42.616.297.109.413.107.73-.011zm2.369-.052c.277-.222.318-.364.174-.611-.4-.69-1.755-.307-1.428.405.121.265.299.35.738.353.227.001.387-.044.516-.147m3.011 6.681c-.027-.05.088-.267.256-.483.879-1.135 1.22-1.545 1.285-1.545.039 0 .055.037.035.083l-.423.963c-.213.484-.445.925-.519.977-.169.122-.57.125-.634.005m2.446-.596c0-.12.853-.683.896-.59.018.04-.056.21-.166.377-.168.258-.238.304-.464.304-.164 0-.266-.035-.266-.09zm-13.04-.124c-.176-.159-.493-.656-.461-.725.018-.038.248.1.512.309s.456.405.428.438c-.076.088-.372.074-.479-.022'/></svg>",
+  "twig": "<svg viewBox='0 0 50 50'><path fill='#8bc34a' d='M9.727 47.556c-.125-.223-.297-2.168-.183-2.087.034.025.171.267.304.537s.282.487.332.482c.123-.011.075-1.196-.1-2.454-.331-2.397-1.176-4.434-2.358-5.69-.2-.212-.344-.4-.319-.418.093-.067 1.327.842 1.842 1.358.293.293.735.825.981 1.182.328.474.465.618.51.533.078-.147-.21-9.903-.376-12.7-.074-1.256.063-1.023.61 1.034 1.064 4.007 1.858 7.922 2.342 11.55.086.637.173 1.173.195 1.19s.092.002.157-.033c.888-.484 1.524-.667 2.55-.736.727-.049.945.062.35.177-1.15.223-1.99 1.013-2.344 2.201-.315 1.061-.327 2.707-.024 3.435.152.365.037.425-1.067.56-.716.088-.977.095-1.202.037-.356-.093-1.118-.098-1.195-.009-.031.037-.243.066-.47.066-.38 0-.423-.017-.534-.215zm1.974-3.232c.152-.205.072-.412-.204-.522-.225-.091-.263-.089-.437.024-.21.137-.252.43-.08.554.18.13.607.096.72-.056zm1.248.085a.8.8 0 0 0 .214-.202c.241-.33-.352-.622-.745-.366-.406.264.08.785.531.568m2.288 3.094c-.033-.038.117-.387.334-.774.216-.388.411-.666.433-.619.07.153-.201 1.28-.33 1.373-.15.107-.354.116-.437.02m-7.036-.41c-.29-.344-.221-.434.14-.183.176.124.321.264.321.311 0 .164-.279.086-.46-.129zm8.649-.146c0-.053.102-.18.227-.282.25-.204.312-.113.143.208-.095.18-.37.235-.37.074m8.065-.827c-.243-.025-.48-.088-.527-.14-.11-.125-.114-3.044-.004-3.044.045 0 .132.15.193.331q.189.57.31.124c.094-.337.065-3.471-.039-4.296-.449-3.55-1.865-6.124-4.342-7.89-1.086-.774-2.653-1.437-4.047-1.712-.764-.15-.522-.224.598-.182 2.364.09 4.167.707 5.847 2.002a11 11 0 0 1 2.32 2.501c.453.682.64.854.64.584 0-.07.063-.882.139-1.805.679-8.26 2.396-15.1 4.984-19.86 1.86-3.422 5.108-6.817 7.885-8.244 1.397-.717 2.539-.988 4.02-.952.933.023 1.01.036 1.77.308a6.8 6.8 0 0 1 1.363.661c.612.407 1.309 1.004 1.234 1.058-.025.018-.342-.165-.704-.407-2.657-1.771-5.062-1.52-7.12.742-1.108 1.22-2.652 3.53-3.634 5.443-2.828 5.503-4.541 11.464-5.291 18.413-.163 1.509-.282 3.76-.195 3.703.032-.022.266-.52.518-1.108 1.597-3.723 3.578-6.428 5.79-7.908.672-.45 1.612-.904 1.714-.83.023.016-.17.22-.43.453-1.958 1.755-3.25 3.76-4.233 6.573-.938 2.68-1.366 5.588-1.369 9.299 0 1.742.189 4.385.367 5.102.125.505.08.546-.585.546-.55 0-2.306.138-3.417.27-.413.05-.816.04-1.608-.036-.58-.056-1.13-.119-1.219-.14-.164-.037-.18-.014-.198.302-.012.186-.1.203-.73.139m2.507-6.725c.294-.11.375-.22.375-.517 0-.63-1.309-.706-1.524-.088-.074.212.13.51.42.616.297.109.413.107.73-.011zm2.369-.052c.277-.222.318-.364.174-.611-.4-.69-1.755-.307-1.428.405.121.265.299.35.738.353.227.001.387-.044.516-.147m3.011 6.681c-.027-.05.088-.267.256-.483.879-1.135 1.22-1.545 1.285-1.545.039 0 .055.037.035.083l-.423.963c-.213.484-.445.925-.519.977-.169.122-.57.125-.634.005m2.446-.596c0-.12.853-.683.896-.59.018.04-.056.21-.166.377-.168.258-.238.304-.464.304-.164 0-.266-.035-.266-.09zm-13.04-.124c-.176-.159-.493-.656-.461-.725.018-.038.248.1.512.309s.456.405.428.438c-.076.088-.372.074-.479-.022'/></svg>",
   "twine": "<svg viewBox='0 0 24 24'><path fill='#1e88e5' d='M4.229 3.119h6.657v17.755H4.23z'/><path fill='#69f0ae' d='M4.229 17.545c0-12.207 15.535-12.207 15.535-12.207v6.658s-8.877 0-8.877 5.549v3.329H4.229z'/></svg>",
   "typescript-def": "<svg viewBox='0 0 16 16'><g fill='#0288d1'><path d='M2 2v12h12V2zm1 1h10v10H3z'/><path d='M5 7v1h1v4h1V8h1V7zm5 0a1.003 1.003 0 0 0-1 1v1a1.003 1.003 0 0 0 1 1h1v1H9v1h2a1.003 1.003 0 0 0 1-1v-1a1.003 1.003 0 0 0-1-1h-1V8h2V7z'/></g></svg>",
   "typescript": "<svg viewBox='0 0 16 16'><path fill='#0288d1' d='M2 2v12h12V2zm4 6h3v1H8v4H7V9H6zm5 0h2v1h-2v1h1a1.003 1.003 0 0 1 1 1v1a1.003 1.003 0 0 1-1 1h-2v-1h2v-1h-1a1.003 1.003 0 0 1-1-1V9a1.003 1.003 0 0 1 1-1'/></svg>",
@@ -1023,9 +1071,9 @@
   "unity": "<svg viewBox='0 0 16 16'><path fill='#42a5f5' d='M8 6.5 5 5l2-1V2L2 5v5l2-1V6.5L7 8v4.5L4 11l-2 1 6 3 6-3-2-1-3 1.5V8l3-1.5V9l2 1V5L9 2v2l2 1Z'/></svg>",
   "unocss": "<svg viewBox='0 0 32 32'><circle cx='24' cy='24' r='6' fill='#78909c'/><path fill='#546e7a' d='M2 18v6a6 6 0 0 0 12 0v-6Z'/><path fill='#b0bec5' d='M30 14V8a6 6 0 0 0-12 0v6Z'/></svg>",
   "url": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='M10 14h12v4H10z'/><path fill='#42a5f5' d='M12 22H9.562A5.57 5.57 0 0 1 4 16.438v-.876A5.57 5.57 0 0 1 9.562 10H12V6H9.562A9.56 9.56 0 0 0 0 15.562v.876A9.56 9.56 0 0 0 9.562 26H12ZM22.438 6H20v4h2.438A5.57 5.57 0 0 1 28 15.562v.876A5.57 5.57 0 0 1 22.438 22H20v4h2.438A9.56 9.56 0 0 0 32 16.438v-.876A9.56 9.56 0 0 0 22.438 6'/></svg>",
-  "uv": "<svg viewBox='0 0 16 16'><path fill='#E040FB' d='M2 2v11c0 .5.5 1 1 1h8c.5 0 1-.5 1-1h1v1h1V2H8v8H7V2z'/></svg>",
+  "uv": "<svg viewBox='0 0 16 16'><path fill='#e040fb' d='M2 2v11c0 .5.5 1 1 1h8c.5 0 1-.5 1-1h1v1h1V2H8v8H7V2z'/></svg>",
   "vagrant": "<svg viewBox='0 0 140.625 140.625'><path fill='#1565c0' d='m70.315 132.051 23.269-13.42 36.445-89.24V18.084l-27.142 15.791v9.539L81.16 90.26l-10.846 7.494zM59.449 92.32l10.866-5.365V73.322L54.028 35.326v-10.75l-.112-.064-16.174 9.362v9.539z'/><path fill='#2979ff' d='M86.597 24.463v10.862L70.312 73.32v12.697l-10.862 6.3-21.708-48.904V33.86l16.285-9.38L26.88 8.577l-16.286 9.506v11.644l36.654 89.018 23.064 13.302V98.615l10.847-6.3-.128-.08 21.852-48.824v-9.554l27.148-15.775-16.286-9.507-27.131 15.886z'/></svg>",
-  "vala": "<svg viewBox='0 0 64 64'><defs><linearGradient id='c' x1='25.058' x2='25.058' y1='47.028' y2='39.999' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121' stop-opacity='0'/><stop offset='.5' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></linearGradient><linearGradient id='e' x1='24' x2='24' y1='5' y2='43' gradientTransform='matrix(1.4324 0 0 1.4363 134.03 -5.86)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#FAFAFA'/><stop offset='.063' stop-color='#FAFAFA' stop-opacity='.235'/><stop offset='.951' stop-color='#FAFAFA' stop-opacity='.157'/><stop offset='1' stop-color='#FAFAFA' stop-opacity='.392'/></linearGradient><linearGradient id='d' x1='31.293' x2='31.293' y1='5.008' y2='59.329' gradientTransform='translate(136.41 -3.39)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#BA68C8'/><stop offset='1' stop-color='#673AB7'/></linearGradient><radialGradient id='a' cx='4.993' cy='43.5' r='2.5' gradientTransform='matrix(2.0038 0 0 1.4 27.988 -17.4)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></radialGradient><radialGradient id='b' cx='4.993' cy='43.5' r='2.5' gradientTransform='matrix(2.0038 0 0 1.4 -20.012 -104.4)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></radialGradient></defs><g opacity='.6'><path fill='url(#a)' d='M38 40h5v7h-5z' transform='matrix(1.579 0 0 .71429 130.515 24.54)'/><path fill='url(#b)' d='M-10-47h5v7h-5z' transform='matrix(-1.579 0 0 -.71429 130.515 24.54)'/><path fill='url(#c)' d='M10 40h28v7H10z' transform='matrix(1.579 0 0 .71429 130.515 24.54)'/></g><rect width='55' height='55' x='140.91' y='1.11' fill='url(#d)' rx='3' ry='3'/><rect width='53' height='53.142' x='141.91' y='2.039' stroke='url(#e)' stroke-linecap='round' stroke-linejoin='round' opacity='.3' rx='2' ry='2'/><rect width='55' height='55' x='140.91' y='1.11' stroke='#4A148C' stroke-linecap='round' stroke-linejoin='round' opacity='.5' rx='3' ry='3'/><path fill='#9575cd' d='m26.357 57.882-1.111-47.15q-4.854 1.82-7.583 5.694-2.698 3.877-2.698 9.64 0 1.314.136 2.157.167.809.336 1.314.169.472.305.742.167.27.167.472-1.786 0-3.167-.336-1.383-.372-2.327-1.147-.91-.773-1.415-2.055-.473-1.28-.473-3.167 0-2.292.976-4.516 1.011-2.223 2.73-4.213 1.753-1.987 4.08-3.673 2.36-1.685 5.021-2.899 2.695-1.247 5.594-1.92 2.932-.71 5.831-.71.775 0 1.416.034.673.033 1.346.1l.608 42.465L50.654 6.45h4.819L36.298 57.883h-9.943z'/></svg>",
+  "vala": "<svg viewBox='0 0 64 64'><defs><linearGradient id='c' x1='25.058' x2='25.058' y1='47.028' y2='39.999' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121' stop-opacity='0'/><stop offset='.5' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></linearGradient><linearGradient id='e' x1='24' x2='24' y1='5' y2='43' gradientTransform='matrix(1.4324 0 0 1.4363 134.03 -5.86)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#fafafa'/><stop offset='.063' stop-color='#fafafa' stop-opacity='.235'/><stop offset='.951' stop-color='#fafafa' stop-opacity='.157'/><stop offset='1' stop-color='#fafafa' stop-opacity='.392'/></linearGradient><linearGradient id='d' x1='31.293' x2='31.293' y1='5.008' y2='59.329' gradientTransform='translate(136.41 -3.39)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#ba68c8'/><stop offset='1' stop-color='#673ab7'/></linearGradient><radialGradient id='a' cx='4.993' cy='43.5' r='2.5' gradientTransform='matrix(2.0038 0 0 1.4 27.988 -17.4)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></radialGradient><radialGradient id='b' cx='4.993' cy='43.5' r='2.5' gradientTransform='matrix(2.0038 0 0 1.4 -20.012 -104.4)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#212121'/><stop offset='1' stop-color='#212121' stop-opacity='0'/></radialGradient></defs><g opacity='.6'><path fill='url(#a)' d='M38 40h5v7h-5z' transform='matrix(1.579 0 0 .71429 130.515 24.54)'/><path fill='url(#b)' d='M-10-47h5v7h-5z' transform='matrix(-1.579 0 0 -.71429 130.515 24.54)'/><path fill='url(#c)' d='M10 40h28v7H10z' transform='matrix(1.579 0 0 .71429 130.515 24.54)'/></g><rect width='55' height='55' x='140.91' y='1.11' fill='url(#d)' rx='3' ry='3'/><rect width='53' height='53.142' x='141.91' y='2.039' stroke='url(#e)' stroke-linecap='round' stroke-linejoin='round' opacity='.3' rx='2' ry='2'/><rect width='55' height='55' x='140.91' y='1.11' stroke='#4a148c' stroke-linecap='round' stroke-linejoin='round' opacity='.5' rx='3' ry='3'/><path fill='#9575cd' d='m26.357 57.882-1.111-47.15q-4.854 1.82-7.583 5.694-2.698 3.877-2.698 9.64 0 1.314.136 2.157.167.809.336 1.314.169.472.305.742.167.27.167.472-1.786 0-3.167-.336-1.383-.372-2.327-1.147-.91-.773-1.415-2.055-.473-1.28-.473-3.167 0-2.292.976-4.516 1.011-2.223 2.73-4.213 1.753-1.987 4.08-3.673 2.36-1.685 5.021-2.899 2.695-1.247 5.594-1.92 2.932-.71 5.831-.71.775 0 1.416.034.673.033 1.346.1l.608 42.465L50.654 6.45h4.819L36.298 57.883h-9.943z'/></svg>",
   "vedic": "<svg viewBox='0 0 288 288'><svg viewBox='0 -15 356 400'><path fill='#ff3d00' d='M90.457 353.95c-38.66-13.815-66.73-48.192-77.845-95.332-5.044-21.395-6.47-56.748-2.288-56.748 1.389 0 5.1 9.7 8.245 21.557 6.884 25.945 18.625 50.342 29.967 62.267 18.839 19.808 65.5 27.566 92.385 15.36 20.943-9.509 29.436-32.108 20.329-54.095-7.038-16.99-23.003-22.67-52.742-18.767 0 0-18.225-19.618-24.032-54.457l18.681 1.694c22.5 2.04 39.488-2.933 48.305-14.142 8.286-10.533 8.107-14.607-1.114-25.325-13.304-15.468-37.193-11.55-85.561 14.033l-24.405-40.91 10.231-7.804c25.64-19.557 70.16-29.334 95.497-20.972 23.078 7.617 40.017 37.839 35.492 63.324-3.059 17.23-16.874 41.362-27.548 48.12l-9.205 5.829 12.715 5.733c21.606 9.743 34.797 2.295 50.556-28.547 21.81-42.681 35.954-53.73 68.847-53.777 15.315-.023 20.766 1.584 31.936 9.412 27.88 19.537 43.06 59.994 39.725 105.87-4.223 58.101-31.744 93.343-72.894 93.343-22.583 0-37.14-7.92-48.727-26.514-10.177-16.333-14.764-48.68-8.919-62.908 2.804-6.827 3.31-7.058 3.494-1.597.337 10.04 11.76 26.358 22.246 31.781 25.73 13.306 62.667-3.411 77.28-34.975 11.095-23.964 5.143-70.186-10.087-78.337-3.186-1.706-11.06-3.101-17.497-3.101-13.682 0-24.427 9.837-39.491 36.153-5.209 9.098-13.974 20.854-19.478 26.123-8.944 8.562-12.137 9.581-30.024 9.581h-20.017l6.47 14.372c9.261 20.57 8.823 53.993-.974 74.34-8.657 17.979-28.674 36.18-44.676 40.626-15.578 4.328-40.946 3.768-54.877-1.21m75.377-278.026c-8.855-15.11-14.304-43.318-8.369-43.318 6.973 15.126 21.265 28.621 36.57 38.037 27.486 13.306 55.358 7.936 85.807-16.535 6.704-5.387 12.64-9.195 13.192-8.462 7.436 11.538 20.297 20.967 24.548 34.375 0 5.658-24.353 21.94-43.57 29.13-47.63 13.72-80.046 8.292-108.178-33.227m24.002-34.927 31.01-34.383 34.46 31.9c-11.787 9.709-20.296 24.775-33.762 32.416-10.64-7.844-26.52-17.092-31.708-29.933' class='colorff4500 svgShape'/></svg></svg>",
   "velite": "<svg fill='none' viewBox='0 0 16 16'><path fill='#43a047' d='m5.767 7.155.918 2.46L5 13 1 3.014c.444 0 .866.107 1.267.221 1.433.408 2.594 1.594 3.5 3.92'/><path fill='#26a69a' d='M15 3.014c-1.357-.423-2.581.024-3.602.943L6.75 8.285C4.833 10.077 3.69 9.871 3 8l2 5z'/></svg>",
   "velocity": "<svg viewBox='0 0 300 300'><path fill='#0288d1' d='M150 61.553A88.446 88.446 0 0 0 61.553 150 88.446 88.446 0 0 0 150 238.446 88.446 88.446 0 0 0 238.446 150 88.446 88.446 0 0 0 150 61.553m.011 25.082a63.353 63.353 0 0 1 63.353 63.353 63.353 63.353 0 0 1-63.353 63.353 63.353 63.353 0 0 1-63.353-63.353 63.353 63.353 0 0 1 63.353-63.353' paint-order='fill markers stroke'/><path fill='#0288d1' d='M45.008 193.096 12.213 225.89l32.795 32.795V238.44h104.99v-25.098H45.008zM74.088 12.21 41.293 45.006h20.246v104.99h25.098V45.007h20.246zm180.901 29.093V61.55h-104.99v25.097h104.99v20.246L287.784 74.1zM213.32 149.998V254.99h-20.245l32.794 32.795 32.795-32.795h-20.246V150z'/></svg>",
@@ -1034,7 +1082,7 @@
   "verdaccio": "<svg viewBox='0 0 24 24'><path fill='#00897b' d='M18.2 10.237h-4.448l-1.827 3.654-4.812-9.624H2.665l7.96 15.92h2.6z' clip-rule='evenodd'/><path fill='#e57373' d='M14.845 3.813v.7h1.767l-.416.825h-2.773v.7h2.42l-.546 1.085h-3.264v.7h3.526l3.766.017 2.01-4.018-1.1-.003v-.006z'/></svg>",
   "verified": "<svg viewBox='0 0 24 24'><path fill='#8bc34a' d='M9 3 8 6H4l1 4-3 2 3 2-1 4h4l1 3 3-2 3 2 1-3h4l-1-4 3-2-3-2 1-4h-4l-1-3-3 2zm7 5 1 1-7 7-3-3 1-1 2 2z'/></svg>",
   "verilog": "<svg viewBox='0 0 32 32'><path fill='#ff7043' d='M21.833 8A2.17 2.17 0 0 1 24 10.167v11.666A2.17 2.17 0 0 1 21.833 24H10.167A2.17 2.17 0 0 1 8 21.833V10.167A2.17 2.17 0 0 1 10.167 8zm0-2H10.167A4.167 4.167 0 0 0 6 10.167v11.666A4.167 4.167 0 0 0 10.167 26h11.666A4.167 4.167 0 0 0 26 21.833V10.167A4.167 4.167 0 0 0 21.833 6'/><path fill='#ff7043' d='M18 14v4h-4v-4zm2-2h-8v8h8zM2 12h4v2H2zm0 6h4v2H2zm24-6h4v2h-4zm0 6h4v2h-4zm-8 8h2v4h-2zm-6 0h2v4h-2zm6-24h2v4h-2zm-6 0h2v4h-2z'/></svg>",
-  "vfl": "<svg viewBox='0 0 24 24'><defs><radialGradient id='a' cx='205.45' cy='208.29' r='225.35' gradientTransform='matrix(.04556 0 0 .0456 2.888 2.88)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#FFD600'/><stop offset='.35' stop-color='#F9A825'/><stop offset='1' stop-color='#F4511E'/></radialGradient></defs><g stroke-width='.046'><path fill='#F4511E' d='M19.97 3H4.03A1.03 1.03 0 0 0 3 4.03v4.136c1.548-1.19 3.563-1.958 5.948-1.958 5.107.004 8.35 3.575 8.348 8.082 0 3.13-1.46 5.485-3.745 6.71h6.419A1.03 1.03 0 0 0 21 19.967V4.031a1.03 1.03 0 0 0-1.03-1.03z'/><path fill='url(#a)' d='M3 17.722v2.247A1.03 1.03 0 0 0 4.03 21h1.837C4.474 20.21 3.49 19 3 17.722'/><path fill='#F4511E' d='M8.948 8.23C6.362 8.142 4.35 9.09 3 10.496v3.162c.918-2.653 3.447-3.87 5.565-3.849 2.647.027 4.689 2.025 4.7 4.284.012 2.158-.892 3.748-3.33 4.14-1.33.213-3.41-.568-3.318-2.578.046-1.037.854-1.622 1.777-1.58-.904 1.213.293 2.102 1.139 1.92 1.048-.223 1.475-1.155 1.475-1.877 0-.762-.717-1.994-2.498-1.952-2.204.053-3.59 1.64-3.638 3.603-.056 2.468 2.254 4.091 4.623 4.12 3.478.046 5.542-2.24 5.538-5.585-.005-3.03-2.434-5.946-6.085-6.072z'/></g></svg>",
+  "vfl": "<svg viewBox='0 0 24 24'><defs><radialGradient id='a' cx='205.45' cy='208.29' r='225.35' gradientTransform='matrix(.04556 0 0 .0456 2.888 2.88)' gradientUnits='userSpaceOnUse'><stop offset='0' stop-color='#ffd600'/><stop offset='.35' stop-color='#f9a825'/><stop offset='1' stop-color='#f4511e'/></radialGradient></defs><g stroke-width='.046'><path fill='#f4511e' d='M19.97 3H4.03A1.03 1.03 0 0 0 3 4.03v4.136c1.548-1.19 3.563-1.958 5.948-1.958 5.107.004 8.35 3.575 8.348 8.082 0 3.13-1.46 5.485-3.745 6.71h6.419A1.03 1.03 0 0 0 21 19.967V4.031a1.03 1.03 0 0 0-1.03-1.03z'/><path fill='url(#a)' d='M3 17.722v2.247A1.03 1.03 0 0 0 4.03 21h1.837C4.474 20.21 3.49 19 3 17.722'/><path fill='#f4511e' d='M8.948 8.23C6.362 8.142 4.35 9.09 3 10.496v3.162c.918-2.653 3.447-3.87 5.565-3.849 2.647.027 4.689 2.025 4.7 4.284.012 2.158-.892 3.748-3.33 4.14-1.33.213-3.41-.568-3.318-2.578.046-1.037.854-1.622 1.777-1.58-.904 1.213.293 2.102 1.139 1.92 1.048-.223 1.475-1.155 1.475-1.877 0-.762-.717-1.994-2.498-1.952-2.204.053-3.59 1.64-3.638 3.603-.056 2.468 2.254 4.091 4.623 4.12 3.478.046 5.542-2.24 5.538-5.585-.005-3.03-2.434-5.946-6.085-6.072z'/></g></svg>",
   "video": "<svg viewBox='0 0 32 32'><path fill='#ff9800' d='m24 6 2 6h-4l-2-6h-3l2 6h-4l-2-6h-3l2 6H8L6 6H5a3 3 0 0 0-3 3v14a3 3 0 0 0 3 3h22a3 3 0 0 0 3-3V6Z'/></svg>",
   "vim": "<svg viewBox='0 0 32 32'><path fill='#43a047' d='M22.19 4H16v4h2.19L12 14.19V8h2V4H2v4h2v20h4v-.01l.01.01L28 8V4z'/></svg>",
   "virtual": "<svg viewBox='0 0 32 32'><path fill='#039be5' d='M28 24V6H4v18H2v2h28v-2Zm-8 0h-8v-2h8Zm6-4H6V8h20Z'/></svg>",
@@ -1042,7 +1090,7 @@
   "vite": "<svg viewBox='0 0 32 32'><path fill='#ffab00' d='M10 2v16h4v12l9-16h-6l5-12Z'/></svg>",
   "vitest": "<svg viewBox='0 0 32 32'><path fill='#689f38' d='M16.094 30.074a1.4 1.4 0 0 1-1.003-.416l-6.622-6.622a1.42 1.42 0 0 1 2.006-2.006l5.62 5.618 12.24-12.24a1.419 1.419 0 0 1 2.007 2.006L17.098 29.658a1.4 1.4 0 0 1-1.004.416'/><path fill='#689f38' fill-opacity='.502' d='M16.089 30.074a1.4 1.4 0 0 0 1.003-.416l6.622-6.622a1.42 1.42 0 0 0-2.006-2.006l-5.62 5.618-12.24-12.24a1.42 1.42 0 0 0-2.007 2.006l13.244 13.244a1.4 1.4 0 0 0 1.004.416'/><path fill='#ffca28' d='M24 10h-6V2l-8 12h6v8z'/></svg>",
   "vlang": "<svg style='isolation:isolate' viewBox='0 0 500 500'><path fill='#546e7a' d='m311.64 433.372 130.885-363.97c2.22-6.173-1.28-10.674-7.809-10.044l-102.93 9.915c-6.529.63-13.582 6.17-15.739 12.363L194.901 429.48c-2.158 6.194 1.416 11.223 7.975 11.223h100.191c3.28 0 6.843-2.505 7.953-5.592z'/><path fill='#039be5' d='m65.278 59.359 102.93 9.915c6.529.63 13.59 6.167 15.757 12.358l123.714 353.456c1.083 3.097-.7 5.608-3.98 5.608H202.877c-6.56 0-13.688-5.01-15.907-11.183L57.472 69.398c-2.22-6.173 1.28-10.674 7.809-10.044z'/></svg>",
-  "vscode": "<svg viewBox='0 0 32 32'><path fill='#2196f3' d='M24.003 2 12 13.303 4.84 8 2 10l6.772 6L2 22l2.84 2L12 18.702 24.003 30 30 27.087V4.913ZM24 9.434v13.132L15.289 16Z'/></svg>",
+  "vscode": "<svg viewBox='0 0 16 16'><path fill='#2196f3' d='M11.5 11.19V4.8L7.3 7.99M1.17 6.07a.6.6 0 0 1-.01-.81L2 4.48c.14-.13.48-.18.73 0l2.39 1.83 5.55-5.09c.22-.22.61-.32 1.05-.08l2.8 1.34c.25.15.49.38.49.81v9.49c0 .28-.2.58-.42.7l-3.08 1.48c-.22.09-.64 0-.79-.14L5.11 9.69l-2.38 1.83c-.27.18-.6.13-.74 0l-.84-.77c-.22-.23-.2-.61.04-.84l2.1-1.9'/></svg>",
   "vue-config": "<svg viewBox='0 0 32 32'><path fill='#757575' d='M15 2H6a2.006 2.006 0 0 0-2 2v22a2.006 2.006 0 0 0 2 2h16a2 2 0 0 0 2-2V11Zm3 22H6v-2h12Zm0-4H6v-2h12Zm0-4H6v-2h12Zm-4-4V4l8 8Z' data-mit-no-recolor='true'/><path fill='#41b883' d='m14 16 8 14.093 8-14.024V16h-3.11l-4.843 8.49L17.225 16Z'/><path fill='#35495e' d='m17.225 16 4.821 8.492 4.844-8.491h-2.918l-1.906 3.342-1.9-3.343Z'/></svg>",
   "vue": "<svg viewBox='0 0 24 24'><path fill='#41b883' d='M1.791 3.851 12 21.471 22.209 3.936V3.85H18.24l-6.18 10.616L5.906 3.851z'/><path fill='#35495e' d='m5.907 3.851 6.152 10.617L18.24 3.851h-3.723L12.084 8.03 9.66 3.85z'/></svg>",
   "vuex-store": "<svg viewBox='0 0 16 16'><path fill='#41b883' d='M1.646 14.41 6.729 4.157l1.27 2.501v2.63l-2.525 5.124zm12.708.009L9.27 4.164 8 6.665v2.63l2.517 5.124z'/><path fill='#35495e' d='M1.646 1.582 4.823 8l1.906-3.844-1.27-2.574zm12.708 0L11.177 8 9.27 4.156l1.27-2.574z'/></svg>",
@@ -1050,21 +1098,21 @@
   "wakatime_light": "<svg fill='none' viewBox='0 0 340 340'><path stroke='#455a64' stroke-width='33.39' d='M170 44.788c-69.154 0-125.212 56.058-125.212 125.212s56.058 125.213 125.213 125.213S295.212 239.155 295.212 170 239.155 44.788 170 44.788z'/><path fill='#455a64' d='M186.846 206.343c-1.205 1.588-3.011 2.61-5.035 2.61a6 6 0 0 1-.591-.034 7 7 0 0 1-.7-.109 6.7 6.7 0 0 1-1.15-.385 8 8 0 0 1-.547-.28 6.6 6.6 0 0 1-.856-.591 7 7 0 0 1-.42-.367 8 8 0 0 1-.586-.64 7.5 7.5 0 0 1-.754-1.144l-7.378-11.854-7.374 11.854c-1.157 2.107-3.249 3.55-5.652 3.55-2.412 0-4.514-1.454-5.636-3.607l-32.252-46.985c-1.06-1.278-1.712-2.973-1.712-4.844 0-3.96 2.911-7.173 6.501-7.173 2.324 0 4.358 1.35 5.508 3.375l27.224 40.228 7.663-12.477c1.104-2.224 3.248-3.734 5.71-3.734 2.252 0 4.238 1.266 5.404 3.188l7.903 12.972 42.712-61.15c1.16-1.967 3.164-3.269 5.45-3.269 3.59 0 6.5 3.212 6.5 7.172 0 1.73-.553 3.317-1.478 4.555z'/></svg>",
   "wallaby": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M16 2v14H2v14h28V2z'/></svg>",
   "wally": "<svg viewBox='0 0 32 32'><path fill='#e65100' d='M8.454 3.084c-.897-.112-1.438.473-2.502 2.43-1.457 2.682-3.888 1.135-1.765 5.275a4.7 4.7 0 0 0 .759 1.122l5.749-9.219c-.84-.614-1.513.448-2.241.392'/><path fill='#ffcc80' d='m28.565 29.985-5.982-8.28a1.67 1.67 0 0 0-.57-1.362c-1.794-1.789-2.69-3.51-1.905-6.975a3.94 3.94 0 0 0-1.326-3.766 29 29 0 0 0 .206-3.22s-.673-2.907-2.354-3.13c0 0-4.426-2.236-7.956.279S7.95 5.71 5.82 8.897a4.5 4.5 0 0 0-.444.867 7 7 0 0 0-1.237.307c-1.4.56-1.344 2.07.56 3.635a1 1 0 0 0 .29.148 8.2 8.2 0 0 1-.29 2.198c-.595 1.674.853 3.91 3.024 1.789a7 7 0 0 0 1.648.942 8.1 8.1 0 0 1 .707 2.522l-.558 8.68Z'/><path fill='#3e2723' d='M8.651 9.017a.803.803 0 0 1-.807-.805v-1.88a.807.807 0 0 1 1.615 0v1.88a.803.803 0 0 1-.808.805m5.314 0a.814.814 0 0 1-.813-.811V6.339a.814.814 0 0 1 1.627 0v1.948a.8.8 0 0 1-.814.73'/><path fill='#e65100' d='M17.082 14.15a6.06 6.06 0 0 1-4.818 4.528 4.75 4.75 0 0 1-5.828-3.13 3.8 3.8 0 0 0 2.999 3.679c.84 1.302.355 3.547.307 4.874a5.4 5.4 0 0 1-.061.84l-1.08 5.044 5.421.015c-.724-.397-1.02-2.476-1.14-3.901l-.079-1.405a1.415 1.415 0 0 1 .974-1.432c2.796-1.81-.672-1.789-.672-2.292a3.6 3.6 0 0 1 1.068-2.195c2.535-1.273 3.114-4.013 2.91-4.624'/><path fill='#e65100' d='M20.518 17.614c.588-.523 1.012-2.457 1.492-3.362.785-1.48 4.797-2.989 3.136-5.446-1.55-2.292-2.24-1.658-3.136-3.28-.84-1.452-1.073-1.763-3.154-1.763a7.7 7.7 0 0 1-2.296-1.124A3.07 3.07 0 0 0 14.531 2c-3.98 0-4.9-.091-5.853 1.195 0 0 4.429-1.841 8.025.533 1.213 1.634 2.441 4.61 1.612 9.64a8.8 8.8 0 0 0 .093 3.228 1.5 1.5 0 0 0 .096.466s4.621 9.882 9.222 12.922H29s-5.867-7.368-8.482-12.371M5.035 16.05a2.496 2.496 0 0 0-1.176-3.24 3 3 0 0 1 .56 3.185c-.56 1.118 0 3.242 2.073 2.627 0 0-2.41.112-1.457-2.571'/><path fill='#b71c1c' d='M9.736 23.933a9.63 9.63 0 0 0 8.41-.28c3.195-1.733 3.788-3.732 3.451-4.123a2.42 2.42 0 0 1 2.053 1.036c.56.839-.46 3.645-5.167 5.602-4.427 1.788-7.848.974-8.632.191-.729-.782-.115-2.426-.115-2.426m-6.55-13.192c-.616.615.393 2.46 1.625 3.018 1.401.615 3.418-1.788 3.026-2.459-.448-.894-3.362-1.844-4.65-.559'/></svg>",
-  "watchman": "<svg viewBox='0 0 420 419'><circle cx='210' cy='209.5' r='188.15' fill='#FAFAFA' paint-order='stroke fill markers'/><path fill='#304FFE' d='M191.07 397.1c-35.512-4.049-66.779-16.485-95.318-37.913-22.723-17.061-44.027-43.274-56.077-68.997l-3.932-8.393 25.692-26.37c14.13-14.505 27.522-28.059 29.758-30.12l4.067-3.748 12.5 11.364c16.495 14.996 26.818 23.219 41.05 32.697 14.94 9.95 23.867 14.578 35.877 18.597 22.823 7.637 42.099 5.991 66.082-5.642 17.83-8.65 44.399-28.24 66.179-48.797l8.878-8.38 29.147 29.137c16.03 16.025 29.147 29.84 29.147 30.7s-1.6 4.912-3.554 9.005c-18.398 38.533-49.46 69.834-87.797 88.466-17.732 8.619-33.936 13.787-53.563 17.084-10.16 1.708-38.005 2.465-48.137 1.31zm6.3-123.69c-17.457-3.809-39.276-16.397-63.835-36.829-13.001-10.816-26.615-23.771-26.615-25.327 0-1.265 16.792-17.101 29.7-28.009 20.328-17.179 36.936-27.484 53.753-33.355 6.275-2.19 8.25-2.443 19.147-2.443 10.892 0 12.873.253 19.136 2.44 22.614 7.894 50.68 27.157 79.189 54.35 3.836 3.659 6.975 7.021 6.975 7.472 0 1.1-21.726 20.758-32.4 29.316-19.403 15.557-41.794 28.276-56.169 31.907-8.267 2.088-20.566 2.29-28.881.477zm37.472-20.429c14.201-7.184 18.451-9.747 19.779-11.925 1.556-2.552 1.692-4.934 1.692-29.774 0-24.91-.132-27.216-1.705-29.795-1.34-2.2-5.607-4.783-20.022-12.124-18.175-9.256-18.368-9.329-24.812-9.355-6.44-.026-6.632.044-22.95 8.376-10.12 5.168-17.582 9.58-19.38 11.462l-2.925 3.06.003 27.237c.003 25.164.134 27.452 1.712 30.04 1.301 2.134 5.186 4.602 16.288 10.35 20.15 10.433 22.925 11.538 29.04 11.571 4.82.026 6.487-.627 23.28-9.123m-40.872-12.388c-7.315-3.808-13.914-7.538-14.665-8.29-1.181-1.181-1.28-4.249-.736-22.667l.63-21.3 13.888-7.202c8.096-4.199 14.986-7.202 16.52-7.202 2.953 0 28.618 12.505 31.424 15.311 1.68 1.682 1.788 3.033 1.788 22.477v20.69l-3.46 2.183c-1.902 1.202-8.376 4.65-14.386 7.662-8.03 4.025-11.825 5.448-14.315 5.37-2.329-.075-7.546-2.273-16.688-7.032M29.5 263.432c-1.475-3.866-4.192-15.727-5.967-26.05-2.405-13.986-2.19-43.337.424-58.05 2.41-13.562 4.216-20.627 5.613-21.959.772-.736 7.977 6.088 27.938 26.459 14.794 15.098 26.902 27.655 26.906 27.906s-12.122 12.581-26.948 27.4L30.51 266.082zm333.59-24.851c-14.17-14.479-25.763-26.679-25.763-27.11 0-1.574 51.776-53.76 53.1-53.521 1.493.27 3.338 6.773 5.975 21.06 2.353 12.751 2.343 48.232-.017 61.072-2.37 12.886-5.358 24.1-6.527 24.49-.553.184-12.599-11.512-26.768-25.991M64.75 170.903c-26.893-26.902-29.95-30.252-29.354-32.175 1.335-4.308 8.33-18.529 12.565-25.546 28.808-47.732 75.832-79.809 131.42-89.647 15.231-2.696 45.201-2.944 59.361-.492 41.827 7.244 76.236 24.833 104.91 53.625 15.582 15.647 27.713 32.758 36.971 52.151 6.183 12.95 8.732 8.549-24.429 42.185-15.984 16.213-29.386 29.61-29.782 29.768-.396.16-5.695-4.244-11.775-9.786-32.548-29.67-61.86-48.734-85.116-55.361-7.771-2.215-9.327-2.357-22.05-2.009-12.468.34-14.427.627-21.965 3.212-23.775 8.152-49.675 26.108-80.457 55.78-4.75 4.579-9.006 8.325-9.457 8.325s-14.329-13.513-30.839-30.029z'/></svg>",
+  "watchman": "<svg viewBox='0 0 420 419'><circle cx='210' cy='209.5' r='188.15' fill='#fafafa' paint-order='stroke fill markers'/><path fill='#304ffe' d='M191.07 397.1c-35.512-4.049-66.779-16.485-95.318-37.913-22.723-17.061-44.027-43.274-56.077-68.997l-3.932-8.393 25.692-26.37c14.13-14.505 27.522-28.059 29.758-30.12l4.067-3.748 12.5 11.364c16.495 14.996 26.818 23.219 41.05 32.697 14.94 9.95 23.867 14.578 35.877 18.597 22.823 7.637 42.099 5.991 66.082-5.642 17.83-8.65 44.399-28.24 66.179-48.797l8.878-8.38 29.147 29.137c16.03 16.025 29.147 29.84 29.147 30.7s-1.6 4.912-3.554 9.005c-18.398 38.533-49.46 69.834-87.797 88.466-17.732 8.619-33.936 13.787-53.563 17.084-10.16 1.708-38.005 2.465-48.137 1.31zm6.3-123.69c-17.457-3.809-39.276-16.397-63.835-36.829-13.001-10.816-26.615-23.771-26.615-25.327 0-1.265 16.792-17.101 29.7-28.009 20.328-17.179 36.936-27.484 53.753-33.355 6.275-2.19 8.25-2.443 19.147-2.443 10.892 0 12.873.253 19.136 2.44 22.614 7.894 50.68 27.157 79.189 54.35 3.836 3.659 6.975 7.021 6.975 7.472 0 1.1-21.726 20.758-32.4 29.316-19.403 15.557-41.794 28.276-56.169 31.907-8.267 2.088-20.566 2.29-28.881.477zm37.472-20.429c14.201-7.184 18.451-9.747 19.779-11.925 1.556-2.552 1.692-4.934 1.692-29.774 0-24.91-.132-27.216-1.705-29.795-1.34-2.2-5.607-4.783-20.022-12.124-18.175-9.256-18.368-9.329-24.812-9.355-6.44-.026-6.632.044-22.95 8.376-10.12 5.168-17.582 9.58-19.38 11.462l-2.925 3.06.003 27.237c.003 25.164.134 27.452 1.712 30.04 1.301 2.134 5.186 4.602 16.288 10.35 20.15 10.433 22.925 11.538 29.04 11.571 4.82.026 6.487-.627 23.28-9.123m-40.872-12.388c-7.315-3.808-13.914-7.538-14.665-8.29-1.181-1.181-1.28-4.249-.736-22.667l.63-21.3 13.888-7.202c8.096-4.199 14.986-7.202 16.52-7.202 2.953 0 28.618 12.505 31.424 15.311 1.68 1.682 1.788 3.033 1.788 22.477v20.69l-3.46 2.183c-1.902 1.202-8.376 4.65-14.386 7.662-8.03 4.025-11.825 5.448-14.315 5.37-2.329-.075-7.546-2.273-16.688-7.032M29.5 263.432c-1.475-3.866-4.192-15.727-5.967-26.05-2.405-13.986-2.19-43.337.424-58.05 2.41-13.562 4.216-20.627 5.613-21.959.772-.736 7.977 6.088 27.938 26.459 14.794 15.098 26.902 27.655 26.906 27.906s-12.122 12.581-26.948 27.4L30.51 266.082zm333.59-24.851c-14.17-14.479-25.763-26.679-25.763-27.11 0-1.574 51.776-53.76 53.1-53.521 1.493.27 3.338 6.773 5.975 21.06 2.353 12.751 2.343 48.232-.017 61.072-2.37 12.886-5.358 24.1-6.527 24.49-.553.184-12.599-11.512-26.768-25.991M64.75 170.903c-26.893-26.902-29.95-30.252-29.354-32.175 1.335-4.308 8.33-18.529 12.565-25.546 28.808-47.732 75.832-79.809 131.42-89.647 15.231-2.696 45.201-2.944 59.361-.492 41.827 7.244 76.236 24.833 104.91 53.625 15.582 15.647 27.713 32.758 36.971 52.151 6.183 12.95 8.732 8.549-24.429 42.185-15.984 16.213-29.386 29.61-29.782 29.768-.396.16-5.695-4.244-11.775-9.786-32.548-29.67-61.86-48.734-85.116-55.361-7.771-2.215-9.327-2.357-22.05-2.009-12.468.34-14.427.627-21.965 3.212-23.775 8.152-49.675 26.108-80.457 55.78-4.75 4.579-9.006 8.325-9.457 8.325s-14.329-13.513-30.839-30.029z'/></svg>",
   "webassembly": "<svg viewBox='0 0 32 32'><path fill='#7c4dff' d='M22 18h4v4h-4z'/><path fill='#7c4dff' d='M20 2a4 4 0 0 1-8 0H2v28h28V2Zm-2 24h-2v2h-4v-2h-2v2H6v-2H4V16h2v10h4V16h2v10h4V16h2Zm10 2h-2v-4h-4v4h-2V18h2v-2h4v2h2Z'/></svg>",
   "webhint": "<svg viewBox='0 0 120 120'><path fill='#1e88e5' d='M115.45 23.033S97.961 33.27 97.534 33.412c-.427.284-.852.57-1.137.854-1.422 1.421-1.848 3.41-1.422 5.26.285.852.711 1.849 1.422 2.56.711.71 1.564 1.137 2.559 1.422 1.848.426 3.84 0 5.262-1.422q.638-.64.851-1.28l.143-.427 2.56-4.692zm-39.102 9.242c-27.441 0-31.99 13.08-31.99 29.29 0 3.838.569 7.962-1.99 11.942-3.84 5.972-8.957 5.828-10.236 5.828-1.706 0-7.962-.993-8.246-2.841h.994c6.682 0 11.658-5.404 11.658-12.655v-2.56h-5.686c-4.123 0-7.82 1.849-10.238 5.12-2.417-3.271-6.113-5.12-10.236-5.12h-5.83v2.56c0 7.11 5.688 12.795 12.797 12.795h1.848c0 4.124 5.687 20.332 47.63 20.332 16.352 0 40.665-2.843 40.665-33.697 0-5.829-1.848-11.23-4.691-15.78-.996.284-1.992.568-3.13.568a8.92 8.92 0 0 1-8.956-8.957q0-1.493.425-2.986c-4.265-2.702-8.53-3.838-14.787-3.838z'/></svg>",
-  "webpack": "<svg viewBox='0 0 24 24'><path fill='#FAFAFA' fill-opacity='.785' d='m19.376 15.988-7.708 4.45-7.709-4.45v-8.9l7.709-4.451 7.708 4.45z'/><path fill='#90CAF9' d='M12.286 1.98c-.21 0-.41.059-.57.179l-7.9 4.44c-.32.17-.53.5-.53.88v9c0 .38.21.711.53.881l7.9 4.44c.16.12.36.18.57.18s.41-.06.57-.18l7.9-4.44c.32-.17.53-.5.53-.88v-9c0-.38-.21-.712-.53-.882l-7.9-4.44a.95.95 0 0 0-.57-.179zm0 2.15 7 3.94v2.103h-.016v5.177h.016v.54l-7 3.939-7-3.94V8.07zm0 2.08-4.9 2.83 4.9 2.83 4.9-2.83zm-5 5.08v3.58l4 2.309v-3.58l-4-2.31zm10 0-4 2.308v3.58l4-2.308z'/><path fill='#0277BD' d='m12.286 6.21-4.9 2.83 4.9 2.83 4.9-2.83zm-5 5.08v3.58l4 2.309v-3.58l-4-2.31zm10 0-4 2.308v3.58l4-2.308z'/></svg>",
+  "webpack": "<svg viewBox='0 0 24 24'><path fill='#fafafa' fill-opacity='.785' d='m19.376 15.988-7.708 4.45-7.709-4.45v-8.9l7.709-4.451 7.708 4.45z'/><path fill='#90caf9' d='M12.286 1.98c-.21 0-.41.059-.57.179l-7.9 4.44c-.32.17-.53.5-.53.88v9c0 .38.21.711.53.881l7.9 4.44c.16.12.36.18.57.18s.41-.06.57-.18l7.9-4.44c.32-.17.53-.5.53-.88v-9c0-.38-.21-.712-.53-.882l-7.9-4.44a.95.95 0 0 0-.57-.179zm0 2.15 7 3.94v2.103h-.016v5.177h.016v.54l-7 3.939-7-3.94V8.07zm0 2.08-4.9 2.83 4.9 2.83 4.9-2.83zm-5 5.08v3.58l4 2.309v-3.58l-4-2.31zm10 0-4 2.308v3.58l4-2.308z'/><path fill='#0277bd' d='m12.286 6.21-4.9 2.83 4.9 2.83 4.9-2.83zm-5 5.08v3.58l4 2.309v-3.58l-4-2.31zm10 0-4 2.308v3.58l4-2.308z'/></svg>",
   "wepy": "<svg viewBox='0 0 32 32'><path fill='#4caf50' d='M16 2A14 14 0 0 0 2 16v12a2 2 0 0 0 2 2h12a14 14 0 0 0 0-28m0 24a10 10 0 1 1 10-10 10.01 10.01 0 0 1-10 10'/></svg>",
   "werf": "<svg viewBox='0 0 100 111'><path fill='#1e88e5' d='m74.849 59.509 3.307 9.697 5.768-9.697zm-.601-20.967v17.932h9.788zm-3.095 10.125V34.182h-4.938zm-10.77-31.582 4.795 14.06h5.032l-8.166-14.959-1.236.668-.425.228zm-6.74 78.095h7.34l-2.77-5.008-.917.976a71.108 69.794 0 0 1-3.653 4.031zm-3.594-4.567.125-29.212a48.51 47.615 0 0 0-3.263 2.064c.125 3.608.715 15.891 3.137 27.147zm-8.374-23.137c.112 2.31.811 10.604 5.165 19.634-1.57-8.843-2.14-17.601-2.34-21.906a62.074 60.926 0 0 0-2.825 2.272m-2.68 27.704h7.64l-.584-.672a69.587 68.302 0 0 1-4.088-4.69l-2.967 5.36zm-2.442-22.688c.275 1.63 2.424 7.773 7.763 15.086-3.516-7.485-4.631-14.336-4.98-17.987a46.725 45.861 0 0 0-2.784 2.901zm3.86-15.062v6.948a46.951 46.083 0 0 1 3.884-2.96c3.425-2.488 4.818-3 5.698-3.055h-.006v-.933zm-24.358 2.08 6.167 10.364 4.244-10.364zm11.154-16.456L16.532 56.473h10.677zm3.097-3.889v10.974l7.509-18.34-1.004-.812-6.507 8.178zM80.198 71.8h6.218l1.548 1.52v23.377l-1.548 1.522H13.563L12.016 96.7V73.32l1.547-1.52h6.22l-7.76-13.04.115-1.701 23.21-29.167 2.11-.229.038-.052 10.428 7.677-1.857 2.431-5.638-4.153L24.199 73.2l12.145 20.407 3.595-6.496c-6.09-8.683-6.534-14.664-6.556-15l.363-1.07a62.861 61.699 0 0 1 3.57-3.827v-11.3l1.55-1.519h22.247l1.548 1.52V66.86a62.175 61.026 0 0 1 3.932 4.182l.361 1.067c-.019.343-.473 6.45-6.756 15.288l3.438 6.21 12.444-20.91-18.45-54.12-5.06 2.74-1.493-2.66 10.841-5.872 2.113.614 23.954 43.878'/></svg>",
   "windicss": "<svg fill='none' viewBox='0 0 32 32'><path stroke='#42a5f5' stroke-miterlimit='3.339' stroke-width='4' d='M22 12a4 4 0 1 1 4 4H2m14 10a4 4 0 1 0 4-4H10M8 6a4 4 0 1 1 4 4H2'/><path fill='#42a5f5' d='M2 20h4v4H2z'/></svg>",
-  "wolframlanguage": "<svg viewBox='0 0 24 24'><g transform='translate(-.009 -.001)scale(.12121)'><circle cx='99.197' cy='98.946' r='83.28' fill='#212121'/><path fill='#e53935' d='M182.53 98.828a83.4 83.4 0 0 1-39.14 70.722.06.06 0 0 1-.037.019l-28.62-35.664 23.71 2.611s11.385 1.178 13.979 0c2.373-.938 15.174-18.963 15.174-18.963s-36.75-23.23-49.312-36.032c1.435-21.575-1.655-50.269-1.655-50.03-9.252 9.234-10.43 10.668-19.681 19.202-4.028-13.04-5.923-17.546-9.95-30.587-12.104 9.95-21.337 26.799-27.977 46.48a79 79 0 0 0-4.23 5.095 110 110 0 0 0-2.668 3.66 115 115 0 0 0-5.131 8 173 173 0 0 0-3.403 6.052c-7.707 14.476-14.034 31.067-19.515 46.002a1 1 0 0 1-.092-.184C8.993 104.299 14.48 67.36 37.804 42.138c23.325-25.223 59.722-33.574 91.71-21.045 31.988 12.53 53.029 43.382 53.017 77.736z'/><path fill='#FAFAFA' d='M101.45 69.178s-1.416-8.295-2.373-11.367c6.401-6.18 7.357-7.118 13.52-13.041.477 11.845.238 18.007-.479 32.482-3.55-3.568-10.668-8.075-10.668-8.075zm-27.737 40.778s-6.64-4.028-11.624-4.727c1.435-3.33 5.224-7.597 6.18-8.774-1.913.7-15.652 6.861-17.087 12.084a75 75 0 0 1 11.385 3.79 36 36 0 0 0-8.773 20.158s21.814-3.329 38.184-1.195c.283.168.608.25.938.239l8.534.239 27.11 45.137.222.35c-.037.018-.056.036-.074.036-51.133 18.485-88.085-15.542-95.975-27.442q.05-.153.074-.312c7.1-30.018 15.855-65.94 29.999-76.552 7.357-12.82 9.49-31.783 22.752-41.734 3.329 9.95 8.553 30.588 12.103 40.538 15.653 15.653 39.36 35.094 55.234 43.15 1.655.956 3.789 7.596 3.789 7.596l-6.401 8.056-68.275-6.879a55 55 0 0 0-4.58-.184 87 87 0 0 0-14.144 1.361c3.31-8.295 10.429-14.935 10.429-14.935m22.053-8.774c3.789-.46 7.817.957 12.323 3.569 4.267-1.196 4.745-1.435 9.013-2.612-5.463-4.028-11.385-8.295-19.442-7.118a47 47 0 0 0-1.895 6.161z'/></g></svg>",
+  "wolframlanguage": "<svg viewBox='0 0 24 24'><g transform='translate(-.009 -.001)scale(.12121)'><circle cx='99.197' cy='98.946' r='83.28' fill='#212121'/><path fill='#e53935' d='M182.53 98.828a83.4 83.4 0 0 1-39.14 70.722.06.06 0 0 1-.037.019l-28.62-35.664 23.71 2.611s11.385 1.178 13.979 0c2.373-.938 15.174-18.963 15.174-18.963s-36.75-23.23-49.312-36.032c1.435-21.575-1.655-50.269-1.655-50.03-9.252 9.234-10.43 10.668-19.681 19.202-4.028-13.04-5.923-17.546-9.95-30.587-12.104 9.95-21.337 26.799-27.977 46.48a79 79 0 0 0-4.23 5.095 110 110 0 0 0-2.668 3.66 115 115 0 0 0-5.131 8 173 173 0 0 0-3.403 6.052c-7.707 14.476-14.034 31.067-19.515 46.002a1 1 0 0 1-.092-.184C8.993 104.299 14.48 67.36 37.804 42.138c23.325-25.223 59.722-33.574 91.71-21.045 31.988 12.53 53.029 43.382 53.017 77.736z'/><path fill='#fafafa' d='M101.45 69.178s-1.416-8.295-2.373-11.367c6.401-6.18 7.357-7.118 13.52-13.041.477 11.845.238 18.007-.479 32.482-3.55-3.568-10.668-8.075-10.668-8.075zm-27.737 40.778s-6.64-4.028-11.624-4.727c1.435-3.33 5.224-7.597 6.18-8.774-1.913.7-15.652 6.861-17.087 12.084a75 75 0 0 1 11.385 3.79 36 36 0 0 0-8.773 20.158s21.814-3.329 38.184-1.195c.283.168.608.25.938.239l8.534.239 27.11 45.137.222.35c-.037.018-.056.036-.074.036-51.133 18.485-88.085-15.542-95.975-27.442q.05-.153.074-.312c7.1-30.018 15.855-65.94 29.999-76.552 7.357-12.82 9.49-31.783 22.752-41.734 3.329 9.95 8.553 30.588 12.103 40.538 15.653 15.653 39.36 35.094 55.234 43.15 1.655.956 3.789 7.596 3.789 7.596l-6.401 8.056-68.275-6.879a55 55 0 0 0-4.58-.184 87 87 0 0 0-14.144 1.361c3.31-8.295 10.429-14.935 10.429-14.935m22.053-8.774c3.789-.46 7.817.957 12.323 3.569 4.267-1.196 4.745-1.435 9.013-2.612-5.463-4.028-11.385-8.295-19.442-7.118a47 47 0 0 0-1.895 6.161z'/></g></svg>",
   "word": "<svg viewBox='0 0 24 24'><path fill='#01579b' d='M6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2m7 1.5V9h5.5zM7 13l1.5 7h2l1.5-3 1.5 3h2l1.5-7h1v-2h-4v2h1l-.9 4.2L13 15h-2l-1.1 2.2L9 13h1v-2H6v2z'/></svg>",
   "wrangler": "<svg viewBox='0 0 32 32'><path fill='#f57f17' d='M22 20H10.5a.5.5 0 0 1-.5-.5v-1a.5.5 0 0 1 .5-.5H22v-6.449A5.95 5.95 0 0 0 18 10h-2a5.98 5.98 0 0 0-4.463 2H10a4 4 0 0 0-4 4 4 4 0 0 0-4 4v1.5a.5.5 0 0 0 .5.5H22Z'/><path fill='#ffab40' d='M24 14v4h1.5a.5.5 0 0 1 .5.5v1a.5.5 0 0 1-.5.5H24v2h5.5a.5.5 0 0 0 .5-.5V20a6 6 0 0 0-6-6'/></svg>",
   "wxt": "<svg viewBox='0 0 16 16'><path fill='#00c853' d='M14 8.9c.117 1.136-.854 2.043-2 2.1v2c0 .663-.337 1-1 1H8v-1c0-1.52-2-1.34-2 0v1H3c-.663 0-1-.337-1-1v-3h1s1-.1 1-1-1-1-1-1H2V5c0-.663.337-1 1-1h2c.025-1.06.885-1.995 2-2 1.123-.005 1.996.93 2 2h2c.663 0 1 .337 1 1v2c1.082.067 2.117.798 2 2m-3 1h1c.497 0 1-.503 1-1s-.503-1-1-1h-1V5H8V4c0-.497-.503-1-1-1s-1 .503-1 1v1H3v2c1.148.341 1.98.744 2 2 .02 1.226-.707 1.666-2 2v2h2c.156-1.452 1.055-1.948 2-2 1-.056 2.098.695 2 2h2z'/></svg>",
   "xaml": "<svg viewBox='0 0 32 32'><path fill='#42a5f5' d='m32 16-5.387 9.333L24.307 24l4.613-8-4.613-8 2.306-1.333z'/><path fill='#42a5f5' d='m25.24 16-4.627 8h-9.226L6.76 16l4.627-8h9.226z'/><path fill='#42a5f5' d='m0 16 5.387-9.333L7.693 8 3.08 16l4.613 8-2.306 1.333z'/></svg>",
   "xmake": "<svg viewBox='0 0 16 16'><circle cx='8' cy='8' r='7' fill='#e0f2f1'/><path fill='#e0f2f1' d='M11.759 2.944a6.3 6.3 0 0 0-8.932 1.462l3.281 2.023z'/><path fill='#8bc34a' d='M1.796 9.088 6.107 6.43l-3.28-2.025A6.27 6.27 0 0 0 1.7 8a6.4 6.4 0 0 0 .096 1.088'/><path fill='#4db6ac' d='M13.536 11.01a6.3 6.3 0 0 0-1.777-8.066l-5.65 3.485z'/><path fill='#009688' d='M1.796 9.088a6.3 6.3 0 0 0 11.74 1.922L6.108 6.428z'/></svg>",
   "xml": "<svg viewBox='0 0 24 24'><path fill='#8bc34a' d='M13 9h5.5L13 3.5zM6 2h8l6 6v12a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V4c0-1.11.89-2 2-2m.12 13.5 3.74 3.74 1.42-1.41-2.33-2.33 2.33-2.33-1.42-1.41zm11.16 0-3.74-3.74-1.42 1.41 2.33 2.33-2.33 2.33 1.42 1.41z'/></svg>",
-  "yaml": "<svg viewBox='0 0 24 24'><path fill='#FF5252' d='M13 9h5.5L13 3.5zM6 2h8l6 6v12c0 1.1-.9 2-2 2H6c-1.1 0-2-.9-2-2V4c0-1.1.9-2 2-2m12 16v-2H9v2zm-4-4v-2H6v2z'/></svg>",
+  "yaml": "<svg viewBox='0 0 24 24'><path fill='#ff5252' d='M13 9h5.5L13 3.5zM6 2h8l6 6v12c0 1.1-.9 2-2 2H6c-1.1 0-2-.9-2-2V4c0-1.1.9-2 2-2m12 16v-2H9v2zm-4-4v-2H6v2z'/></svg>",
   "yang": "<svg viewBox='0 0 24 24'><path fill='#42a5f5' d='M12 2a10 10 0 0 1 10 10 10 10 0 0 1-10 10A10 10 0 0 1 2 12 10 10 0 0 1 12 2m0 2a8 8 0 0 0-8 8 8 8 0 0 0 8 8 4 4 0 0 1-4-4 4 4 0 0 1 4-4 4 4 0 0 0 4-4 4 4 0 0 0-4-4m0 2.5A1.5 1.5 0 0 1 13.5 8 1.5 1.5 0 0 1 12 9.5 1.5 1.5 0 0 1 10.5 8 1.5 1.5 0 0 1 12 6.5m0 8a1.5 1.5 0 0 0-1.5 1.5 1.5 1.5 0 0 0 1.5 1.5 1.5 1.5 0 0 0 1.5-1.5 1.5 1.5 0 0 0-1.5-1.5'/></svg>",
   "yarn": "<svg viewBox='0 0 32 32'><path fill='#0288d1' d='M27.575 23.967a9.9 9.9 0 0 0-3.751 1.726 22.6 22.6 0 0 1-5.537 2.504 1.55 1.55 0 0 1-.931.52 59 59 0 0 1-6.11.548c-1.102.008-1.777-.282-1.965-.735a1.49 1.49 0 0 1 .82-1.965 3.6 3.6 0 0 1-.486-.359c-.163-.162-.334-.487-.385-.367-.213.52-.324 1.794-.897 2.366-.786.795-2.273.53-3.153.069-.965-.513.069-1.718.069-1.718a.69.69 0 0 1-.94-.324 4.6 4.6 0 0 1-.632-2.794 5.2 5.2 0 0 1 1.674-2.76 8.84 8.84 0 0 1 .624-4.17 9.9 9.9 0 0 1 3-3.469S7.136 11.015 7.82 9.177c.444-1.196.623-1.187.769-1.239a3.44 3.44 0 0 0 1.375-.811 4.99 4.99 0 0 1 4.178-1.607s1.094-3.357 2.12-2.7a17.4 17.4 0 0 1 1.452 2.735s1.213-.71 1.35-.445a10.74 10.74 0 0 1 .495 5.81 13.3 13.3 0 0 1-2.46 5.127c-.129.214 1.47.889 2.477 3.683.932 2.554.103 4.699.248 4.938.026.043.034.06.034.06s1.068.085 3.213-1.24a8.05 8.05 0 0 1 4.05-1.52 1.026 1.026 0 0 1 .453 2Z'/></svg>",
   "zeabur": "<svg viewBox='0 0 32 32'><path fill='#cfd8dc' d='m14 20 4 4-4 4H2v-8h8l10-8-6-4 6-4h10v8Z'/><path fill='#651fff' d='M20 4H2v8h18Z'/><path fill='#ff3d00' d='M30 20H14v8h16Z'/></svg>",
diff --git a/options/gitignore/Processing b/options/gitignore/Processing
index 942ebbccb5..2d243c96bd 100644
--- a/options/gitignore/Processing
+++ b/options/gitignore/Processing
@@ -2,6 +2,7 @@
 applet
 application.linux-arm64
 application.linux-armv6hf
+application.linux-riscv64
 application.linux32
 application.linux64
 application.windows32
diff --git a/options/label/Advanced.yaml b/options/label/Advanced.yaml
index b1ecdd6d93..860645d5d5 100644
--- a/options/label/Advanced.yaml
+++ b/options/label/Advanced.yaml
@@ -22,49 +22,60 @@ labels:
     description: Breaking change that won't be backward compatible
   - name: "Reviewed/Duplicate"
     exclusive: true
+    exclusive_order: 2
     color: 616161
     description: This issue or pull request already exists
   - name: "Reviewed/Invalid"
     exclusive: true
+    exclusive_order: 3
     color: 546e7a
     description: Invalid issue
   - name: "Reviewed/Confirmed"
     exclusive: true
+    exclusive_order: 1
     color: 795548
     description: Issue has been confirmed
   - name: "Reviewed/Won't Fix"
     exclusive: true
+    exclusive_order: 3
     color: eeeeee
     description: This issue won't be fixed
   - name: "Status/Need More Info"
     exclusive: true
+    exclusive_order: 2
     color: 424242
     description: Feedback is required to reproduce issue or to continue work
   - name: "Status/Blocked"
     exclusive: true
+    exclusive_order: 1
     color: 880e4f
     description: Something is blocking this issue or pull request
   - name: "Status/Abandoned"
     exclusive: true
+    exclusive_order: 3
     color: "222222"
     description: Somebody has started to work on this but abandoned work
   - name: "Priority/Critical"
     exclusive: true
+    exclusive_order: 1
     color: b71c1c
     description: The priority is critical
     priority: critical
   - name: "Priority/High"
     exclusive: true
+    exclusive_order: 2
     color: d32f2f
     description: The priority is high
     priority: high
   - name: "Priority/Medium"
     exclusive: true
+    exclusive_order: 3
     color: e64a19
     description: The priority is medium
     priority: medium
   - name: "Priority/Low"
     exclusive: true
+    exclusive_order: 4
     color: 4caf50
     description: The priority is low
     priority: low
diff --git a/options/locale/TRANSLATORS b/options/locale/TRANSLATORS
index e67255f2fb..4eee2b26c1 100644
--- a/options/locale/TRANSLATORS
+++ b/options/locale/TRANSLATORS
@@ -66,6 +66,7 @@ Piotr Orzechowski <piotr AT orzechowski DOT tech>
 Richard Bukovansky <richard DOT bukovansky AT gmail DOT com>
 Robert Nuske <robert DOT nuske AT web DOT de>
 Robin Hübner <profan AT prfn DOT se>
+Ryo Hanafusa <ryo7gumi AT gmail DOT com>
 SeongJae Park <sj38 DOT park AT gmail DOT com>
 Thiago Avelino <thiago AT avelino DOT xxx>
 Thomas Fanninger <gogs DOT thomas AT fanninger DOT at>
diff --git a/options/locale/locale_cs-CZ.ini b/options/locale/locale_cs-CZ.ini
index 57d7e8e076..1eea0616a9 100644
--- a/options/locale/locale_cs-CZ.ini
+++ b/options/locale/locale_cs-CZ.ini
@@ -44,7 +44,6 @@ webauthn_use_twofa=Použít dvoufaktorový kód z vašeho telefonu
 webauthn_error=Nepodařilo se pře�íst váš zabezpe�ovací klí�.
 webauthn_unsupported_browser=Váš prohlíže� momentálně nepodporuje WebAuthn.
 webauthn_error_unknown=Došlo k neznámé chybě. Opakujte akci.
-webauthn_error_insecure=`WebAuthn podporuje pouze zabezpe�ená připojení. Pro testování přes HTTP můžete použít výchozí "localhost" nebo "127.0.0.1"`
 webauthn_error_unable_to_process=Server nemohl zpracovat váš požadavek.
 webauthn_error_duplicated=Zabezpe�ovací klí� není pro tento požadavek povolen. Prosím ujistěte se, zda klí� není již registrován.
 webauthn_error_empty=Musíte nastavit název tohoto klí�e.
@@ -128,7 +127,6 @@ pin=Připnout
 unpin=Odepnout
 
 artifacts=Artefakty
-confirm_delete_artifact=Jste si jisti, že chcete odstranit artefakt „%s“?
 
 archived=Archivováno
 
@@ -165,29 +163,14 @@ no_results_found=Nebyly nalezeny žádné výsledky.
 internal_error_skipped=Došlo k vnitřní chybě, ale je přesko�ena: %s
 
 [search]
-search=Hledat...
 type_tooltip=Druh vyhledávání
 fuzzy=Fuzzy
-fuzzy_tooltip=Zahrnout výsledky, které také úzce odpovídají hledanému výrazu
 exact=Přesně
 exact_tooltip=Zahrnout pouze výsledky, které přesně odpovídají hledanému výrazu
-repo_kind=Hledat repozitáře...
-user_kind=Hledat uživatele...
-org_kind=Hledat organizace...
-team_kind=Hledat týmy...
-code_kind=Hledat kód...
 code_search_unavailable=Vyhledávání kódu není momentálně dostupné. Obraťte se na správce webu.
 code_search_by_git_grep=Aktuální výsledky vyhledávání kódu jsou poskytovány pomocí „git grep“. Pokud správce webu povolí index repozitáře, mohou být výsledky lepší.
-package_kind=Hledat balí�ky...
-project_kind=Hledat projekty...
-branch_kind=Hledat větve...
-tag_kind=Prohledat zna�ky...
 tag_tooltip=Hledat odpovídající zna�ky. Použijte „%“ pro vyhledání libovolné posloupnosti �íslic.
-commit_kind=Hledat commity...
-runner_kind=Hledat runnery...
 no_results=Nebyly nalezeny žádné odpovídající výsledky.
-issue_kind=Hledat úkoly...
-pull_kind=Hledat pull request...
 keyword_search_unavailable=Hledání podle klí�ového slova není momentálně dostupné. Obraťte se na správce webu.
 
 [aria]
@@ -223,8 +206,6 @@ buttons.enable_monospace_font=Zapnout monospace font
 buttons.disable_monospace_font=Vypnout monospace font
 
 [filter]
-string.asc=A – Z
-string.desc=Z – A
 
 [error]
 occurred=Došlo k chybě
@@ -245,7 +226,6 @@ license_desc=VÅ¡e je na <a target="_blank" rel="noopener noreferrer" href="%[1]s
 
 [install]
 install=Instalace
-installing_desc=Probíhá instalace, �ekejte prosím...
 title=Výchozí konfigurace
 docker_helper=Pokud spouštíte Gitea v Dockeru, pře�těte si <a target="_blank" rel="noopener noreferrer" href="%s">dokumentaci</a>, než budete měnit jakákoliv nastavení.
 require_db_desc=Gitea requires MySQL, PostgreSQL, MSSQL, SQLite3 or TiDB (MySQL protocol).
@@ -262,16 +242,10 @@ path=Cesta
 sqlite_helper=Cesta k souboru SQLite3 databáze.<br>Pokud spouštíte Gitea jako službu, zadejte absolutní cestu.
 reinstall_error=Pokoušíte se nainstalovat do existující databáze Gitea
 reinstall_confirm_message=Přeinstalování s existující databází Gitea může způsobit více problémů. Ve většině případů byste měli použít existující „app.ini“ pro spuštění Gitea. Pokud víte, co děláte, potvr�te následující:
-reinstall_confirm_check_1=Data šifrovaná pomocí SECRET_KEY v souboru api.ini mohou být ztracena: uživatelé nemusí být schopni se přihlásit s 2FA/OTP a zrcadla nemusí fungovat správně. Zaškrtnutím tohoto polí�ka potvrdíte, že aktuální soubor app.ini obsahuje správný SECRET_KEY.
-reinstall_confirm_check_2=Může být nutné znovu synchronizovat repozitáře a nastavení. Zaškrtnutím tohoto polí�ka potvrzujete, že budete há�ky pro repozitáře a soubor authorized_keys znovu synchronizovat ru�ně. Potvrzujete, že zajistíte správnost nastavení repozitáře a zrcadla.
 reinstall_confirm_check_3=Potvrzujete, že jste si naprosto jisti, že tato Gitea je spuštěna se správným umístěním souboru app.ini a že jste si jisti, že musíte provést novou instalaci. Potvrzujete, že berete na vědomí výše uvedená rizika.
 err_empty_db_path=Cesta k SQLite3 databázi nemůže být prázdná.
 no_admin_and_disable_registration=Nemůžete vypnout registraci ú�tů bez vytvoření ú�tu správce.
 err_empty_admin_password=Heslo administrátora nemůže být prázdné.
-err_empty_admin_email=Email administrátora nemůže být prázdný.
-err_admin_name_is_reserved=Uživatelské jméno administrátora není platné, uživatelské jméno je rezervované
-err_admin_name_pattern_not_allowed=Uživatelské jméno administrátora je neplatné, uživatelské jméno odpovídá vyhrazenému vzoru
-err_admin_name_is_invalid=Uživatelské jméno administrátora není platné
 
 general_title=Obecná nastavení
 app_name=Název stránky
@@ -287,7 +261,6 @@ domain_helper=Adresa domény, nebo hostitele serveru.
 ssh_port=Port SSH serveru
 ssh_port_helper=Číslo portu, na kterém SSH server naslouchá. Když ponecháte prázdné, SSH server zakážete.
 http_port=Port, na kterém Gitea naslouchá HTTP protokolu
-http_port_helper=Číslo portu, na kterém bude naslouchat webový server Gitea.
 app_url=Základní URL Gitea
 app_url_helper=Základní adresa pro HTTP(S) URL adresy pro klonování a e-mailová oznámení.
 log_root_path=Adresář logů
@@ -351,7 +324,6 @@ no_reply_address=Skrytá e-mailová doména
 no_reply_address_helper=Název domény pro uživatele se skrytou e-mailovou adresou. Příklad: Pokud je název skryté e-mailové domény nastaven na „noreply.example.org“, uživatelské jméno „joe“ bude zaznamenáno v Gitu jako „joe@noreply.example.org“.
 password_algorithm=Hash algoritmus hesla
 invalid_password_algorithm=Neplatný algoritmus hash hesla
-password_algorithm_helper=Nastavte algoritmus hashování hesla. Algoritmy mají odlišné požadavky a sílu. Algoritmus argon2 je poměrně bezpe�ný, ale používá spoustu paměti a může být nevhodný pro malé systémy.
 enable_update_checker=Povolit kontrolu aktualizací
 enable_update_checker_helper=Kontroluje vydání nových verzí pravidelně připojením ke gitea.io.
 env_config_keys=Konfigurace prostředí
@@ -416,8 +388,6 @@ allow_password_change=Vyžádat od uživatele změnu hesla (doporu�eno)
 reset_password_mail_sent_prompt=Na adresu <b>%s</b> byl zaslán potvrzovací e-mail. Zkontrolujte prosím vaši doru�enou poštu během následujících %s, abyste dokon�ili proces obnovení ú�tu.
 active_your_account=Aktivujte si váš ú�et
 account_activated=Ú�et byl aktivován
-prohibit_login=Přihlášení zakázáno
-prohibit_login_desc=Vašemu ú�tu je zakázáno se přihlásit, kontaktujte prosím správce webu.
 resent_limit_prompt=Omlouváme se, ale před chvílí jste požádal o zaslání aktiva�ního e-mailu. Po�kejte prosím 3 minuty a pak to zkuste znovu.
 has_unconfirmed_mail=Zdravím, %s, máte nepotvrzenou e-mailovou adresu (<b>%s</b>). Pokud jste nedostali e-mail pro potvrzení nebo potřebujete zaslat nový, klikněte prosím na tla�ítku níže.
 change_unconfirmed_mail_address=Pokud je Vaše registra�ní e-mailová adresa nesprávná, můžete ji zde změnit a znovu odeslat nový potvrzovací e-mail.
@@ -448,24 +418,19 @@ oauth_signin_title=Přihlaste se pro ověření propojeného ú�tu
 oauth_signin_submit=Propojit ú�et
 oauth.signin.error.access_denied=Žádost o autorizaci byla zamítnuta.
 oauth.signin.error.temporarily_unavailable=Autorizace se nezdařila, protože ověřovací server je do�asně nedostupný. Opakujte akci později.
-oauth_callback_unable_auto_reg=Automatická registrace je povolena, ale OAuth2 poskytovatel %[1]s vrátil chybějící pole: %[2]s, nelze vytvořit ú�et automaticky, vytvořte ú�et nebo se připojte k ú�tu, nebo kontaktujte správce webu.
 openid_connect_submit=Připojit
 openid_connect_title=Připojení k existujícímu ú�tu
 openid_connect_desc=Zvolené OpenID URI není známé. Přidružte nový ú�et zde.
 openid_register_title=Vytvořit nový ú�et
 openid_register_desc=Zvolené OpenID URI není známé. Přidružte nový ú�et zde.
 openid_signin_desc=Zadejte vaši OpenID URI. Například: alice.openid.example.org nebo https://openid.example.org/alice.
-disable_forgot_password_mail=Obnovení ú�tu je zakázáno, protože není nastaven žádný e-mail. Obraťte se na správce webu.
-disable_forgot_password_mail_admin=Obnovení ú�tu je dostupné pouze po nastavení e-mailu. Pro povolení obnovy ú�tu nastavte prosím e-mail.
 email_domain_blacklisted=Nemůžete se registrovat s vaší e-mailovou adresou.
 authorize_application=Autorizovat aplikaci
 authorize_redirect_notice=Budete přesměrováni na %s, pokud autorizujete tuto aplikaci.
 authorize_application_created_by=Tuto aplikaci vytvořil %s.
-authorize_application_description=Pokud povolíte přístup, bude moci přistupovat a zapisovat do všech vašich informací o ú�tu v�etně soukromých repozitářů a organizací.
 authorize_application_with_scopes=S rozsahy působnosti: %s
 authorize_title=Autorizovat „%s“ pro přístup k vašemu ú�tu?
 authorization_failed=Autorizace selhala
-authorization_failed_desc=Autorizace selhala, protože jsme detekovali neplatný požadavek. Kontaktujte prosím správce aplikace, kterou jste se pokoušeli autorizovat.
 sspi_auth_failed=SSPI autentizace selhala
 password_pwned=Heslo, které jste zvolili, je na <a target="_blank" rel="noopener noreferrer" href="%s">seznamu odcizených hesel</a> dříve odhalených při narušení veřejných dat. Zkuste to prosím znovu s jiným heslem a zvažte změnu tohoto hesla i jinde.
 password_pwned_err=Nelze dokon�it požadavek na HaveIBeenPwned
@@ -490,8 +455,6 @@ activate_email.text=Pro aktivaci vašeho ú�tu do <b>%s</b> klikněte na násle
 
 register_notify=Vítejte v %s
 register_notify.title=%[1]s vítejte v %[2]s
-register_notify.text_1=toto je váš potvrzovací e-mail pro %s!
-register_notify.text_2=Nyní se můžete přihlásit přes uživatelské jméno: %s.
 register_notify.text_3=Pokud pro vás byl vytvořen tento ú�et, nejprve <a href="%s">nastavte své heslo</a>.
 
 reset_password=Obnovit váš ú�et
@@ -529,7 +492,6 @@ release.download.targz=Zdrojový kód (TAR.GZ)
 repo.transfer.subject_to=%s by chtěl převést „%s“ pro %s
 repo.transfer.subject_to_you=%s by Vám chtěl převést „%s“
 repo.transfer.to_you=vám
-repo.transfer.body=Chcete-li ji přijmout nebo odmítnout, navštivte %s nebo ji prostě ignorujte.
 
 repo.collaborator.added.subject=%s vás přidal do %s
 repo.collaborator.added.text=Byl jste přidán jako spolupracovník repozitáře:
@@ -581,7 +543,6 @@ url_error=`„%s“ není platná adresa URL.`
 include_error=` musí obsahovat substring „%s“.`
 glob_pattern_error=`zástupný vzor je neplatný: %s.`
 regex_pattern_error=` regex vzor je neplatný: %s.`
-username_error=` může obsahovat pouze alfanumerické znaky („0-9“, „a-z“, „A-Z“), poml�ku („-“), podtržítka („_“) a te�ka („.“). Nemůže za�ínat nebo kon�it nealfanumerickými znaky a po sobě jdoucí nealfanumerické znaky jsou také zakázány.`
 invalid_group_team_map_error=` mapování je neplatné: %s`
 unknown_error=Neznámá chyba:
 captcha_incorrect=CAPTCHA kód není správný.
@@ -596,17 +557,14 @@ username_has_not_been_changed=Uživatelské jméno nebylo změněno
 repo_name_been_taken=Název repozitáře je již použit.
 repository_force_private=Vynucené soukromí je povoleno: soukromé repozitáře nelze zveřejnit.
 repository_files_already_exist=Soubory pro tento repozitář již existují. Obraťte se na správce systému.
-repository_files_already_exist.adopt=Soubory pro tento repozitář již existují a mohou být pouze přijaty.
 repository_files_already_exist.delete=Soubory pro tento repozitář již existují. Musíte je odstranit.
 repository_files_already_exist.adopt_or_delete=Soubory pro tento repozitář již existují. Přijměte je, nebo je odstraňte.
 visit_rate_limit=Dosaženo limitu rychlosti dotazů při vzdáleném přístupu.
-2fa_auth_required=Vzdálený přístup vyžaduje dvoufaktorové ověřování.
 org_name_been_taken=Název organizace je již použit.
 team_name_been_taken=Název týmu je již použit.
 team_no_units_error=Povolit přístup alespoň do jedné sekce repozitáře.
 email_been_used=Tato e-mailová adresa je již používána.
 email_invalid=Emailová adresa je neplatná.
-email_domain_is_not_allowed=Doména uživatelského e-mailu <b>%s</b> je v rozporu s EMAIL_DOMAIN_ALLOWLIST nebo EMAIL_DOMAIN_BLOCKLIST. Ujistěte se, že je Vaše operace o�ekávána.
 openid_been_used=OpenID addresa „%s“ je již použita.
 username_password_incorrect=Uživatelské jméno nebo heslo není správné.
 password_complexity=Heslo nesplňuje požadavky na složitost:
@@ -631,14 +589,8 @@ invalid_ssh_key=Nelze ověřit váš SSH klí�: %s
 invalid_gpg_key=Nelze ověřit váš GPG klí�: %s
 invalid_ssh_principal=Neplatný SSH Principal certifikát: %s
 must_use_public_key=Zadaný klí� je soukromý klí�. Nenahrávejte svůj soukromý klí� nikde. Místo toho použijte váš veřejný klí�.
-unable_verify_ssh_key=Nelze ověřit váš SSH klí�.
 auth_failed=Ověření selhalo: %v
 
-still_own_repo=Váš ú�et vlastní jeden nebo více repozitářů. Nejprve je smažte nebo převe�te.
-still_has_org=Váš ú�et je �lenem jedné nebo více organizací. Nejdříve je musíte opustit.
-still_own_packages=Váš ú�et vlastní jeden nebo více balí�ků. Nejprve je musíte odstranit.
-org_still_own_repo=Organizace stále vlastní jeden nebo více repozitářů. Nejdříve je smažte nebo převe�te.
-org_still_own_packages=Organizace stále vlastní jeden nebo více balí�ků. Nejdříve je smažte.
 
 target_branch_not_exist=Cílová větev neexistuje.
 target_ref_not_exist=Cílové reference neexistuje %s
@@ -669,11 +621,9 @@ settings=Uživatelská nastavení
 
 form.name_reserved=Uživatelské jméno „%s“ je rezervováno.
 form.name_pattern_not_allowed=Vzor „%s“ není povolen v uživatelském jméně.
-form.name_chars_not_allowed=Uživatelské jméno „%s“ obsahuje neplatné znaky.
 
 block.block=Blokovat
 block.block.user=Zablokovat Uživatele
-block.block.org=Blokovat uživatele pro organizaci
 block.block.failure=Nepodařilo se zablokovat uživatele: %s
 block.unblock=Odblokovat
 block.unblock.failure=Nepodařilo se odblokovat uživatele: %s
@@ -686,7 +636,6 @@ block.info_3=pošle vám oznámení pomocí @zmínění vašeho uživatelského
 block.info_4=pozváním vás jako spolupracovníka do jejich repozitářů
 block.info_5=oblíbení, rozštěpení nebo sledování repozitářů
 block.info_6=otevření a komentování úkolů nebo pull requestů
-block.info_7=reagovat na své komentáře v úkolech nebo pull requestů
 block.user_to_block=Uživatel k blokování
 block.note=Poznámka
 block.note.title=Volitelná poznámka:
@@ -717,9 +666,6 @@ webauthn=Dvoufaktorové ověření (Bezpe�nostní klí�e)
 public_profile=Veřejný profil
 biography_placeholder=Řekněte nám něco o sobě! (Můžete použít Markdown)
 location_placeholder=Sdílejte svou přibližnou polohu s ostatními
-profile_desc=Nastavte, jak bude váš profil zobrazen ostatním uživatelům. Vaše hlavní e-mailová adresa bude použita pro oznámení, obnovení hesla a operace Git.
-password_username_disabled=Nemáte oprávnění měnit jejich uživatelské jméno. Pro více informací kontaktujte svého administrátora.
-password_full_name_disabled=Nemáte oprávnění měnit jejich celé jméno. Pro více informací kontaktujte správce webu.
 full_name=Celé jméno
 website=Web
 location=Místo
@@ -737,7 +683,6 @@ cancel=Zrušit
 language=Jazyk
 ui=Motiv vzhledu
 hidden_comment_types=Skryté typy komentářů
-hidden_comment_types_description=Zde zaškrtnuté typy komentářů nebudou zobrazeny na stránkách úkolů. Zaškrtnutím položky „Štítek“ například odstraní všechny komentáře „{uživatel} přidal/odstranil {štítek}“.
 hidden_comment_types.ref_tooltip=Komentáře, na které se odkazovalo z jiného úkolu/commitu/…
 hidden_comment_types.issue_ref_tooltip=Komentáře, kde uživatel změní větev/zna�ku spojenou s úkolem
 comment_type_group_reference=Reference
@@ -785,18 +730,14 @@ manage_themes=Vyberte výchozí motiv vzhledu
 manage_openid=Správa OpenID adres
 email_desc=Vaše hlavní e-mailová adresa bude použita pro oznámení, obnovení hesla, a pokud není skrytá, pro operace Gitu.
 theme_desc=Toto bude váš výchozí motiv vzhledu napří� stránkou.
-theme_colorblindness_help=Podpora Å¡ablony pro barvoslepost
-theme_colorblindness_prompt=Gitea právě získala některé motivy se základní podporou barvosleposti, které mají pouze několik barev. Práce stále probíhá. Další vylepšení by bylo možné provést definováním více barev v CSS souborů.
 primary=Hlavní
 activated=Aktivován
 requires_activation=Vyžaduje aktivaci
 primary_email=Nastavit jako hlavní
 activate_email=Odeslat aktivaci
 activations_pending=Čekající aktivace
-can_not_add_email_activations_pending=Existuje �ekající aktivace, zkuste to znovu za pár minut, pokud chcete přidat nový e-mail.
 delete_email=Smazat
 email_deletion=Odstranit e-mailovou adresu
-email_deletion_desc=E-mailová adresa a přidružené informace budou z vašeho ú�tu odstraněny. Commity Gitu s touto e-mailovou adresou zůstanou nezměněny. Pokra�ovat?
 email_deletion_success=E-mailová adresa byla odstraněna.
 theme_update_success=Váš motiv vzhledu byl aktualizován.
 theme_update_error=Vybraný motiv vzhledu neexistuje.
@@ -839,7 +780,6 @@ gpg_key_matched_identities_long=Vložené identity do tohoto klíÄ�e odpovídajÃ
 gpg_key_verified=Ověřený klí�
 gpg_key_verified_long=Klí� byl ověřen pomocí tokenu a může být použit k ověření commitů shodujících se s libovolnou vaší aktivovanou e-mailovou adresou pro tohoto uživatele navíc k jakékoli odpovídající identitě tohoto klí�e.
 gpg_key_verify=Ověřit
-gpg_invalid_token_signature=Zadaný GPG klí�, podpis a token se neshodují nebo je token zastaralý.
 gpg_token_required=Musíte zadat podpis pro níže uvedený token
 gpg_token=Token
 gpg_token_help=Podpis můžete vygenerovat pomocí:
@@ -849,7 +789,6 @@ verify_gpg_key_success=GPG klí� „%s“ byl ověřen.
 ssh_key_verified=Ověřený klí�
 ssh_key_verified_long=Klí� byl ověřen pomocí tokenu a může být použit k ověření commitů shodujících se s libovolnou vaší aktivovanou e-mailovou adresou pro tohoto uživatele.
 ssh_key_verify=Ověřit
-ssh_invalid_token_signature=Zadaný SSH klí�, podpis nebo token se neshodují nebo je token zastaralý.
 ssh_token_required=Musíte zadat podpis pro níže uvedený token
 ssh_token=Token
 ssh_token_help=Podpis můžete vygenerovat pomocí:
@@ -870,7 +809,6 @@ gpg_key_deletion=Odstraňte GPG klí�
 ssh_principal_deletion=Odstranit SSH Principal certifikát
 ssh_key_deletion_desc=Odstranění SSH klí�e zruší jeho přístup k vašemu ú�tu. Pokra�ovat?
 gpg_key_deletion_desc=Odstranění GPG klí�e zneplatníte ověření commitů, které jsou jím podepsány. Pokra�ovat?
-ssh_principal_deletion_desc=Odstranění SSH Principal certifikátu zruší jeho přístup k vašemu ú�tu. Pokra�ovat?
 ssh_key_deletion_success=SSH klí� byl odstraněn.
 gpg_key_deletion_success=GPG klí� byl odstraněn.
 ssh_principal_deletion_success=SSH Principal certifikát byl odstraněn.
@@ -929,7 +867,6 @@ create_oauth2_application_button=Vytvořit aplikaci
 create_oauth2_application_success=Úspěšně jste vytvořili novou OAuth2 aplikaci.
 update_oauth2_application_success=Úspěšně jste aktualizovali OAuth2 aplikaci.
 oauth2_application_name=Název aplikace
-oauth2_confidential_client=Důvěrný klient. Vyberte aplikace, které zachovávají důvěrnosti v utajení, jako jsou webové aplikace. Nevybírejte pro nativní aplikace v�etně stolních a mobilních aplikací.
 oauth2_skip_secondary_authorization=Přesko�it autorizaci pro veřejné klienty po udělení přístupu. <strong>Může představovat bezpe�nostní riziko.</strong>
 oauth2_redirect_uris=Přesměrování URI. Použijte nový řádek pro každou URI.
 save_application=Uložit
@@ -944,10 +881,8 @@ oauth2_application_remove_description=Odebráním OAuth2 aplikace zabrání pÅ™Ã
 oauth2_application_locked=Gitea předregistruje některé OAuth2 aplikace při spuštění, pokud je to povoleno v konfiguraci. Aby se zabránilo neo�ekávanému chování, nelze je upravovat ani odstranit. Více informací naleznete v dokumentaci OAuth2.
 
 authorized_oauth2_applications=Autorizovat OAuth2 aplikaci
-authorized_oauth2_applications_description=Úspěšně jste povolili přístup k vašemu osobnímu ú�tu této aplikaci třetí strany. Zrušte prosím přístup aplikacím, které již nadále nepotřebujete.
 revoke_key=Zrušit
 revoke_oauth2_grant=Zrušit přístup
-revoke_oauth2_grant_description=Zrušením přístupu této aplikaci třetí strany ji zabráníte v přístupu k vašim datům. Jste si jisti?
 revoke_oauth2_grant_success=Přístup byl úspěšně zrušen.
 
 twofa_desc=Chcete-li svůj ú�et ochránit před krádeží hesla, můžete použít chytrý telefon nebo jiné zařízení pro příjem jednorázových �asových hesel („TOTP“).
@@ -957,7 +892,6 @@ twofa_not_enrolled=Váš úÄ�et aktuálnÄ› nepoužívá dvoufaktorové ověřovÃ
 twofa_disable=Zakázat dvoufaktorové ověřování
 twofa_scratch_token_regenerate=Obnovit jednorázový obnovovací klí�
 twofa_scratch_token_regenerated=Váš jednorázový obnovovací klí� je nyní %s. Uložte jej na bezpe�ném místě, protože se znovu nezobrazí.
-twofa_enroll=Povolit dvoufaktorové ověřování
 twofa_disable_note=Dvoufaktorové ověřování můžete zakázat, když bude potřeba.
 twofa_disable_desc=Zakážete-li dvoufaktorové ověřování, bude váš ú�et méně zabezpe�ený. Pokra�ovat?
 regenerate_scratch_token_desc=Jestli jste někam založili váš záložní klí� nebo jste jej již použili k přihlášení, můžete jej resetovat zde.
@@ -973,13 +907,11 @@ webauthn_desc=Bezpe�nostní klí�e jsou hardwarová zařízení obsahující k
 webauthn_register_key=Přidat bezpe�nostní klí�
 webauthn_nickname=Přezdívka
 webauthn_delete_key=Odstranit bezpe�nostní klí�
-webauthn_delete_key_desc=Pokud odstraníte bezpe�nostní klí�, již se s ním nebudete moci přihlásit. Pokra�ovat?
 webauthn_key_loss_warning=Pokud ztratíte své bezpe�nostní klí�e, ztratíte přístup k vašemu ú�tu.
 webauthn_alternative_tip=Možná budete chtít nakonfigurovat další metodu ověřování.
 
 manage_account_links=Správa propojených ú�tů
 manage_account_links_desc=Tyto externí ú�ty jsou propojeny s vaším Gitea ú�tem.
-account_links_not_available=K vašemu Gitea ú�tu nejsou aktuálně připojené žádné externí ú�ty.
 link_account=Propojit ú�et
 remove_account_link=Odstranit propojený ú�et
 remove_account_link_desc=Odstraněním propojeného ú�tu zrušíte jeho přístup k vašemu Gitea ú�tu. Pokra�ovat?
@@ -1016,8 +948,6 @@ new_repo_helper=Repozitář obsahuje všechny projektové soubory, v�etně hist
 owner=Vlastník
 owner_helper=Některé organizace se nemusejí v seznamu zobrazit kvůli maximálnímu dosaženému po�tu repozitářů.
 repo_name=Název repozitáře
-repo_name_profile_public_hint=.profile je speciální repozitář, který můžete použít k přidání souboru README.md do svého veřejného profilu organizace, který je viditelný pro každého. Ujistěte se, že je veřejný, a pro za�átek jej inicializujte pomocí README v adresáři profilu.
-repo_name_profile_private_hint=.profile-private je speciální repozitář, který můžete použít k přidání souboru README.md do profilu �lena organizace, který je viditelný pouze pro �leny organizace. Ujistěte se, že je soukromý, a pro za�átek jej inicializujte pomocí README v adresáři profilu.
 repo_name_helper=Dobrá jména repozitářů používají krátká, zapamatovatelná a unikátní klí�ová slova. Repozitář s názvem „.profile“ nebo „.profile-private“ lze použít k přidání README.md pro uživatelský/organiza�ní profil.
 repo_size=Velikost repozitáře
 template=Å ablona
@@ -1039,7 +969,6 @@ fork_branch=Větev, která má být klonována pro fork
 all_branches=Všechny větve
 view_all_branches=Zobrazit všechny větve
 view_all_tags=Zobrazit všechny zna�ky
-fork_no_valid_owners=Tento repozitář nemůže být rozštěpen, protože neexistují žádní platní vlastníci.
 fork.blocked_user=Nelze rozštěpit repozitář, protože jste blokováni majitelem repozitáře.
 use_template=Použít tuto šablonu
 open_with_editor=Otevřít pomocí %s
@@ -1083,12 +1012,10 @@ mirror_sync=synchronizováno
 mirror_sync_on_commit=Synchronizovat při nahrávání revizí
 mirror_address=Klonovat z URL
 mirror_address_desc=Zadejte požadované přístupové údaje do sekce Ověření.
-mirror_address_url_invalid=Poskytnutá URL je neplatná. Všechny �ásti musíte správně nahradit escape sekvencí.
 mirror_address_protocol_invalid=Zadaná URL je neplatná. Mohou být zrcadleny pouze umístění http(s):// nebo git://.
 mirror_lfs=Úložiště velkých souborů (LFS)
 mirror_lfs_desc=Aktivovat zrcadlení dat LFS.
 mirror_lfs_endpoint=Koncový bod LFS
-mirror_lfs_endpoint_desc=Synchronizace se pokusí použít URL pro klonování k <a target="_blank" rel="noopener noreferrer" href="%s">ur�ení LFS serveru</a>. Můžete také zadat vlastní koncový bod, pokud jsou data LFS repozitáře uložena někde jinde.
 mirror_last_synced=Poslední synchronizace
 mirror_password_placeholder=(Nezměněno)
 mirror_password_blank_placeholder=(Nenastaveno)
@@ -1101,7 +1028,6 @@ stars=Oblíbené
 reactions_more=a %d dalších
 unit_disabled=Správce webu zakázal tuto sekci repozitáře.
 language_other=Jiný
-adopt_search=Zadejte uživatelské jméno pro hledání nepřijatých repozitářů... (ponechte prázdné pro nalezení všech)
 adopt_preexisting_label=Přijmout soubory
 adopt_preexisting=Přijmout již existující soubory
 adopt_preexisting_content=Vytvořit repozitář z %s
@@ -1142,8 +1068,6 @@ template.issue_labels=Štítky úkolů
 template.one_item=Musíte vybrat alespoň jednu položku šablony
 template.invalid=Musíte vybrat repositář šablony
 
-archive.title=Tento repozitář je archivovaný. Můžete prohlížet soubory, klonovat, ale nemůžete nahrávat a vytvářet nové úkoly nebo pull requesty.
-archive.title_date=Tento repositář byl archivován %s. Můžete zobrazit soubory a klonovat je, ale nemůžete nahrávat ani otevírat úkoly nebo pull requesty.
 archive.issue.nocomment=Tento repozitář je archivovaný. Nemůžete komentovat úkoly.
 archive.pull.nocomment=Tento repozitář je archivovaný. Nemůžete komentovat pull requesty.
 
@@ -1160,7 +1084,6 @@ migrate_options_lfs=Migrovat LFS soubory
 migrate_options_lfs_endpoint.label=Koncový bod LFS
 migrate_options_lfs_endpoint.description=Migrace se pokusí použít váš vzdálený Git pro <a target="_blank" rel="noopener noreferrer" href="%s">ur�ení LFS serveru</a>. Můžete také zadat vlastní koncový bod, pokud jsou data LFS repozitáře uložena někde jinde.
 migrate_options_lfs_endpoint.description.local=Podporována je také cesta k lokálnímu serveru.
-migrate_options_lfs_endpoint.placeholder=Ponecháte-li prázdné, koncový bod bude odvozen z adresy URL klonu
 migrate_items=Položky pro migrování
 migrate_items_wiki=Wiki
 migrate_items_milestones=Milníky
@@ -1172,10 +1095,8 @@ migrate_items_releases=Vydání
 migrate_repo=Migrovat repozitář
 migrate.clone_address=Migrovat / klonovat z URL
 migrate.clone_address_desc=HTTP(S) nebo URL pro klonování existujícího repozitáře
-migrate.github_token_desc=Můžete sem vložit jeden nebo více tokenů oddělených �árkou, abyste urychlili migraci kvůli omezení rychlosti rozhraní GitHub API. VAROV�N�: Zneužití této funkce může vést k porušení zásad poskytovatele služeb a zablokování ú�tu.
 migrate.clone_local_path=nebo místní cesta serveru
 migrate.permission_denied=Není dovoleno importovat místní repozitáře.
-migrate.permission_denied_blocked=Nelze importovat z nepovolených hostitelů, prosím požádejte správce, aby zkontroloval nastavení ALLOWED_DOMAINS/ALLOW_LOCALETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_local_path=Místní cesta je neplatná, bu� neexistuje nebo není adresářem.
 migrate.invalid_lfs_endpoint=Koncový bod LFS není platný.
 migrate.failed=Přenesení selhalo: %v
@@ -1183,7 +1104,6 @@ migrate.migrate_items_options=Pro migraci dalších položek je vyžadován pÅ™Ã
 migrated_from=Migrováno z <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrováno z %[1]s
 migrate.migrate=Migrovat z %s
-migrate.migrating=Probíhá migrace z <b>%s</b> ...
 migrate.migrating_failed=Migrace z <b>%s</b> se nezdařila.
 migrate.migrating_failed.error=Nepodařilo se migrovat: %s
 migrate.migrating_failed_no_addr=Migrace se nezdařila.
@@ -1231,9 +1151,7 @@ clone_this_repo=Naklonovat tento repozitář
 cite_this_repo=Citovat tento repozitář
 create_new_repo_command=Vytvořit nový repozitář na příkazové řádce
 push_exist_repo=Nahrání existujícího repozitáře z příkazové řádky
-empty_message=Tento repozitář nemá žádný obsah.
 broken_message=Data gitu, která jsou základem tohoto repozitáře, nelze �íst. Kontaktujte správce této instance nebo smažte tento repositář.
-no_branch=Tento repozitář nemá žádné větve.
 
 code=Zdrojový kód
 code.desc=Přístup ke zdrojovým kódům, souborům, commitům a větvím.
@@ -1250,7 +1168,6 @@ projects=Projekty
 packages=Balí�ky
 actions=Akce
 labels=Štítky
-org_labels_desc=Štítky na úrovni organizace, které mohou být použity se <strong>všemi repozitáři</strong> v rámci této organizace
 org_labels_desc_manage=spravovat
 
 milestone=Milník
@@ -1287,7 +1204,6 @@ file_copy_permalink=Kopírovat trvalý odkaz
 view_git_blame=Zobrazit Git Blame
 video_not_supported_in_browser=Váš prohlíže� nepodporuje zna�ku pro HTML5 video.
 audio_not_supported_in_browser=Váš prohlíže� nepodporuje zna�ku pro HTML5 audio.
-stored_lfs=Uloženo pomocí Git LFS
 symbolic_link=Symbolický odkaz
 executable_file=Spustitelný soubor
 vendored=Vendorováno
@@ -1333,7 +1249,6 @@ editor.update=Aktualizovat %s
 editor.delete=Odstranit %s
 editor.patch=Použít záplatu
 editor.patching=Záplatování:
-editor.fail_to_apply_patch=Nelze použít záplatu „%s“
 editor.new_patch=Nová záplata
 editor.commit_message_desc=Přidat volitelný rozšířený popis…
 editor.signoff_desc=Přidat Signed-off-by podpis přispěvatele na konec zprávy o commitu.
@@ -1349,19 +1264,13 @@ editor.filename_is_invalid=Název souboru je neplatný: „%s“.
 editor.branch_does_not_exist=Větev „%s“ v tomto repozitáři neexistuje.
 editor.branch_already_exists=Větev „%s“ již existuje v tomto repozitáři.
 editor.directory_is_a_file=Jméno adresáře „%s“ je již použito jako jméno souboru v tomto repozitáři.
-editor.file_is_a_symlink=`„%s“ je symbolický odkaz. Symbolické odkazy nemohou být upravovány ve webovém editoru`
 editor.filename_is_a_directory=Jméno souboru „%s“ je již použito jako jméno adresáře v tomto repozitáři.
-editor.file_editing_no_longer_exists=Upravovaný soubor „%s“ již není sou�ástí tohoto repozitáře.
-editor.file_deleting_no_longer_exists=Odstraňovaný soubor „%s“ již není sou�ástí tohoto repozitáře.
 editor.file_changed_while_editing=Obsah souboru byl změněn od doby, kdy jste za�aly s úpravou. <a target="_blank" rel="noopener noreferrer" href="%s">Klikněte zde</a>, abyste je zobrazili, nebo <strong>potvr�te změny ještě jednou</strong> pro jejich přepsání.
 editor.file_already_exists=Soubor „%s“ již existuje v tomto repozitáři.
-editor.commit_id_not_matching=ID commitu se neshoduje s ID, když jsi za�al/a s úpravami. Odevzdat do záplatové větve a poté slou�it.
 editor.push_out_of_date=Nahrání se zdá být zastaralé.
 editor.commit_empty_file_header=Odevzdat prázdný soubor
 editor.commit_empty_file_text=Soubor, který se chystáte odevzdat, je prázdný. Pokra�ovat?
 editor.no_changes_to_show=Žádné změny k zobrazení.
-editor.fail_to_update_file=Nepodařilo se aktualizovat/vytvořit soubor „%s“.
-editor.fail_to_update_file_summary=Chybové hlášení:
 editor.push_rejected_no_message=Změna byla serverem zamítnuta bez zprávy. Prosím, zkontrolujte há�ky Gitu.
 editor.push_rejected=Změna byla serverem zamítnuta. Prosím, zkontrolujte há�ky Gitu.
 editor.push_rejected_summary=Úplná zpráva o odmítnutí:
@@ -1376,6 +1285,7 @@ editor.require_signed_commit=Větev vyžaduje podepsaný commit
 editor.cherry_pick=Cherry-pick %s na:
 editor.revert=Vrátit %s na:
 
+
 commits.desc=Procházet historii změn zdrojového kódu.
 commits.commits=Commity
 commits.no_commits=Žádné spole�né commity. „%s“ a „%s“ mají zcela odlišnou historii.
@@ -1473,7 +1383,6 @@ issues.new.clear_assignees=Smazat zpracovatele
 issues.new.no_assignees=Bez zpracovatelů
 issues.new.no_reviewers=Žádní posuzovatelé
 issues.new.blocked_user=Nemůžete vytvořit úkol, protože jste zablokováni zadavatelem příspěvku nebo vlastníkem repozitáře.
-issues.edit.already_changed=Nelze uložit změny v úkolu. Zdá se, že obsah byl již změněn jiným uživatelem. Aktualizujte stránku a zkuste ji znovu problém upravit, abyste se vyhnuli přepsání jejich změn
 issues.edit.blocked_user=Nemůžete upravovat obsah, protože jste zablokováni zadavatelem příspěvku nebo vlastníkem repozitáře.
 issues.choose.get_started=Za�ínáme
 issues.choose.open_external_link=Otevřít
@@ -1529,7 +1438,6 @@ issues.filter_project=Projekt
 issues.filter_project_all=VÅ¡echny projekty
 issues.filter_project_none=Žádný projekt
 issues.filter_assignee=Zpracovatel
-issues.filter_assginee_no_assignee=Bez zpracovatele
 issues.filter_poster=Autor
 issues.filter_user_placeholder=Hledat uživatele
 issues.filter_user_no_select=Všichni uživatelé
@@ -1543,7 +1451,6 @@ issues.filter_type.reviewed_by_you=Zkontrolováno vámi
 issues.filter_sort=Seřadit
 issues.filter_sort.latest=Nejnovější
 issues.filter_sort.oldest=Nejstarší
-issues.filter_sort.recentupdate=Nedávno aktualizované
 issues.filter_sort.leastupdate=Dlouho neaktualizované
 issues.filter_sort.mostcomment=Nejvíce komentované
 issues.filter_sort.leastcomment=Nejméně komentované
@@ -1655,7 +1562,6 @@ issues.pin_comment=připnuto %s
 issues.unpin_comment=odepnul/a tento %s
 issues.lock=Uzamknout konverzaci
 issues.unlock=Odemknout konverzaci
-issues.lock.unknown_reason=Úkol nelze z neznámého důvodu uzamknout.
 issues.lock_duplicate=Úkol nemůže být uzam�ený dvakrát.
 issues.unlock_error=Nelze odemknout úkol, který je uzam�ený.
 issues.lock_with_reason=uzamkl/a jako <strong>%s</strong> a omezil/a konverzaci na spolupracovníky %s
@@ -1663,7 +1569,6 @@ issues.lock_no_reason=uzamkl/a a omezil/a konverzaci na spolupracovníky %s
 issues.unlock_comment=odemkl/a tuto konverzaci %s
 issues.lock_confirm=Uzamknout
 issues.unlock_confirm=Odemknout
-issues.lock.notice_1=- Další uživatelé nemohou komentovat tento úkol.
 issues.lock.notice_2=- Vy a ostatní spolupracovníci s přístupem k tomuto repozitáři můžete stále přidávat komentáře, které ostatní uvidí.
 issues.lock.notice_3=- V budoucnu budete moci vždy znovu tento úkol odemknout.
 issues.unlock.notice_1=- Všichni budou moci znovu komentovat tento úkol.
@@ -1714,7 +1619,6 @@ issues.due_date_form=rrrr-mm-dd
 issues.due_date_form_add=Přidat termín dokon�ení
 issues.due_date_form_edit=Upravit
 issues.due_date_form_remove=Odstranit
-issues.due_date_not_writer=Potřebujete přístup k zápisu do tohoto repozitáře, abyste mohli aktualizovat datum dokon�ení úkolu.
 issues.due_date_not_set=Žádný termín dokon�ení.
 issues.due_date_added=přidal/a termín dokon�ení %s %s
 issues.due_date_modified=upravil/a termín termínu z %[2]s na %[1]s %[3]s
@@ -1737,9 +1641,7 @@ issues.dependency.pr_closing_blockedby=Uzavření tohoto pull requestu je blokov
 issues.dependency.issue_closing_blockedby=Uzavření tohoto úkolu je blokováno následujícími úkoly
 issues.dependency.issue_close_blocks=Tento úkol blokuje uzavření následujících úkolů
 issues.dependency.pr_close_blocks=Tento pull request blokuje uzavření následujících úkolů
-issues.dependency.issue_close_blocked=Musíte zavřít všechny úkoly, které blokují tento úkol, aby jej bylo možné zavřít.
 issues.dependency.issue_batch_close_blocked=Nelze uzavřít úkoly, které jste vybrali, protože úkol #%d má stále otevřené závislosti
-issues.dependency.pr_close_blocked=Musíte zavřít všechny úkoly, které blokují tento pull request, aby jej bylo možné slou�it.
 issues.dependency.blocks_short=Blokuje
 issues.dependency.blocked_by_short=Závisí na
 issues.dependency.remove_header=Odstranit závislost
@@ -1750,13 +1652,11 @@ issues.dependency.add_error_same_issue=Úkol nemůže záviset sám na sobě.
 issues.dependency.add_error_dep_issue_not_exist=Související úkol neexistuje.
 issues.dependency.add_error_dep_not_exist=Závislost neexistuje.
 issues.dependency.add_error_dep_exists=Závislost již existuje.
-issues.dependency.add_error_cannot_create_circular=Nemůžete vytvořit závislost dvou úkolů, které se vzájemně blokují.
 issues.dependency.add_error_dep_not_same_repo=Oba úkoly musí být ve stejném repozitáři.
 issues.review.self.approval=Nemůžete schválit svůj pull request.
 issues.review.self.rejection=Nemůžete požadovat změny ve svém vlastním pull requestu.
 issues.review.approve=schválil tyto změny %s
 issues.review.comment=posoudil/a %s
-issues.review.dismissed=zamítl/a posouzení od %s %s
 issues.review.dismissed_label=Zamítnuto
 issues.review.left_comment=zanechal komentář
 issues.review.content.empty=Je potřeba zanechat poznámku s uvedením požadované změny (požadovaných změn).
@@ -1764,7 +1664,6 @@ issues.review.reject=požadované změny %s
 issues.review.wait=byl požádán o posouzení %s
 issues.review.add_review_request=vyžádal posouzení od %s %s
 issues.review.remove_review_request=odstranil/a žádost o posouzení na %s %s
-issues.review.remove_review_request_self=odmítl posoudit %s
 issues.review.pending=Čekající
 issues.review.pending.tooltip=Tento komentář není momentálně viditelný pro ostatní uživatele. Chcete-li odeslat Vaše �ekající komentáře, vyberte „%s“ → „%s/%s/%s“ v horní �ásti stránky.
 issues.review.review=Posouzení
@@ -1786,7 +1685,6 @@ issues.review.requested=Čeká na posouzení
 issues.review.rejected=Požadovány změny
 issues.review.stale=Aktualizováno od schválení
 issues.review.unofficial=Nezapo�tené schválení
-issues.assignee.error=Ne všichni zpracovatelé byli přidáni z důvodu neo�ekávané chyby.
 issues.reference_issue.body=Tělo zprávy
 issues.content_history.deleted=vymazáno
 issues.content_history.edited=upraveno
@@ -1803,7 +1701,6 @@ pulls.desc=Povolit pull requesty a posuzování kódu.
 pulls.new=Nový pull request
 pulls.new.blocked_user=Nemůžete vytvořit pull request, protože jste zablokování vlastníkem repozitáře.
 pulls.new.must_collaborator=Musíte být spolupracovníkem pro vytvoření pull requestu.
-pulls.edit.already_changed=Nelze uložit změny v pull requestu. Zdá se, že obsah byl již změněn jiným uživatelem. Aktualizujte stránku a zkuste znovu komentář upravit, abyste se vyhnuli přepsání jejich změn
 pulls.view=Zobrazit pull request
 pulls.compare_changes=Nový pull request
 pulls.allow_edits_from_maintainers=Povolit úpravy od správců
@@ -1824,11 +1721,9 @@ pulls.show_all_commits=Zobrazit všechny commity
 pulls.show_changes_since_your_last_review=Zobrazit změny od vašeho posledního posouzení
 pulls.showing_only_single_commit=Zobrazuji pouze změny commitu %[1]s
 pulls.showing_specified_commit_range=Zobrazují se pouze změny mezi %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Vyberte commit. Podržte klávesu shift + klepněte pro výběr rozsahu
 pulls.review_only_possible_for_full_diff=Posouzení je možné pouze při zobrazení plného rozlišení
 pulls.filter_changes_by_commit=Filtrovat podle commitu
 pulls.nothing_to_compare=Tyto větve jsou stejné. Není potřeba vytvářet pull request.
-pulls.nothing_to_compare_have_tag=Vybraná větev/zna�ka je stejná.
 pulls.nothing_to_compare_and_allow_empty_pr=Tyto větve jsou stejné. Tento pull request bude prázdný.
 pulls.has_pull_request=`Pull request mezi těmito větvemi již existuje: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=Vytvořit pull request
@@ -1853,7 +1748,6 @@ pulls.add_prefix=Přidat prefix <strong>%s</strong>
 pulls.remove_prefix=Odstranit prefix <strong>%s</strong>
 pulls.data_broken=Tento pull request je rozbitý kvůli chybějícím informacím o rozštěpení.
 pulls.files_conflicted=Tento pull request obsahuje změny, které kolidují s cílovou větví.
-pulls.is_checking=Právě probíhá kontrola konfliktů při slou�ení. Zkuste to za chvíli.
 pulls.is_ancestor=Tato větev je již sou�ástí cílové větve. Není co slou�it.
 pulls.is_empty=Změny na této větvi jsou již na cílové větvi. Toto bude prázdný commit.
 pulls.required_status_check_failed=Některé požadované kontroly nebyly úspěšné.
@@ -1877,16 +1771,12 @@ pulls.reject_count_1=%d žádost o změnu
 pulls.reject_count_n=%d žádosti o změnu
 pulls.waiting_count_1=%d �ekající posouzení
 pulls.waiting_count_n=%d �ekající posouzení
-pulls.wrong_commit_id=ID commitu musí být ID commitu v cílové větvi
 
 pulls.no_merge_desc=Tento pull request nemůže být slou�en, protože všechny možnosti repozitáře na slou�ení jsou zakázány.
 pulls.no_merge_helper=Povolte možnosti slou�ení v nastavení repozitáře nebo prove�te slou�ení pull requestu ru�ně.
 pulls.no_merge_wip=Pull request nemůže být slou�en protože je ozna�en jako nedokon�ený.
-pulls.no_merge_not_ready=Tento pull request není připraven na slou�ení, zkontrolujte stav posouzení a kontrolu stavu.
 pulls.no_merge_access=Nemáte oprávnění slou�it tento pull request.
 pulls.merge_pull_request=Vytvořit slu�ovací commit
-pulls.rebase_merge_pull_request=Rebase pak fast-forward
-pulls.rebase_merge_commit_pull_request=Rebase a poté vytvořit slu�ovací commit
 pulls.squash_merge_pull_request=Vytvořit squash commit
 pulls.fast_forward_only_merge_pull_request=Pouze fast-forward
 pulls.merge_manually=Slou�eno ru�ně
@@ -1894,17 +1784,10 @@ pulls.merge_commit_id=ID slu�ovacího commitu
 pulls.require_signed_wont_sign=Větev vyžaduje podepsané commity, ale toto slou�ení nebude podepsáno
 
 pulls.invalid_merge_option=Nemůžete použít tuto možnost slou�ení pro tento pull request.
-pulls.merge_conflict=Slou�ení selhalo: Došlo ke konfliktu při slou�ení. Tip: Zkuste jinou strategii
 pulls.merge_conflict_summary=Chybové hlášení
-pulls.rebase_conflict=Slou�ení selhalo: Došlo ke konfliktu při rebase commitu: %[1]s. Tip: Zkuste jinou strategii
 pulls.rebase_conflict_summary=Chybové hlášení
-pulls.unrelated_histories=Slou�ení selhalo: Hlavní a základní revize nesdílí spole�nou historii. Tip: Zkuste jinou strategii
-pulls.merge_out_of_date=Slou�ení selhalo: Základ byl aktualizován při generování slou�ení. Tip: Zkuste to znovu.
-pulls.head_out_of_date=Slou�ení selhalo: Hlavní revize byla aktualizován při generování slou�ení. Tip: Zkuste to znovu.
-pulls.has_merged=Chyba: Pull request byl slou�en, nelze znovu slou�it nebo změnit cílovou větev.
 pulls.push_rejected=Nahrání se nezdařilo: Nahrání bylo zamítnuto. Zkontrolujte há�ky Gitu pro tento repozitář.
 pulls.push_rejected_summary=Úplná zpráva o odmítnutí
-pulls.push_rejected_no_message=Nahrání se nezdařilo: Nahrání bylo odmítnuto, ale nebyla nalezena žádná vzdálená zpráva. Zkontrolujte há�ky gitu pro tento repozitář
 pulls.open_unmerged_pull_exists=`Nemůžete provést operaci znovuotevření protože je tu �ekající pull request (#%d) s identickými vlastnostmi.`
 pulls.status_checking=Některé kontroly jsou nedořešeny
 pulls.status_checks_success=Všechny kontroly byly úspěšné
@@ -1927,9 +1810,7 @@ pulls.cmd_instruction_checkout_title=Checkout
 pulls.cmd_instruction_checkout_desc=Z vašeho repositáře projektu se podívejte na novou větev a vyzkoušejte změny.
 pulls.cmd_instruction_merge_title=Slou�it
 pulls.cmd_instruction_merge_desc=Slu�te změny a aktualizujte je na Gitea.
-pulls.cmd_instruction_merge_warning=Varování: Tato operace nemůže slou�it požadavek na natažení, protože „autodetekce manuálních slou�ení“ nebyla povolena
 pulls.clear_merge_message=Vymazat zprávu o slou�ení
-pulls.clear_merge_message_hint=Vymazání zprávy o slou�ení odstraní pouze obsah zprávy a ponechá generované přídavky gitu jako "Co-AuthoreBy …".
 
 pulls.auto_merge_button_when_succeed=(Když kontroly uspějí)
 pulls.auto_merge_when_succeed=Automaticky slou�it, když všechny kontroly uspějí
@@ -1990,12 +1871,10 @@ milestones.filter_sort.most_issues=Nejvíce úkolů
 milestones.filter_sort.least_issues=Nejméně úkolů
 
 signing.will_sign=Tento commit bude podepsána klí�em „%s“.
-signing.wont_sign.error=Došlo k chybě při kontrole, zda může být commit podepsán.
 signing.wont_sign.nokey=K podpisu tohoto commitu není k dispozici žádný klí�.
 signing.wont_sign.never=Commity nejsou nikdy podepsány.
 signing.wont_sign.always=Commity jsou vždy podepsány.
 signing.wont_sign.pubkey=Commit nebude podepsán, protože nemáte veřejný klí� spojený s vaším ú�tem.
-signing.wont_sign.twofa=Pro podepsání commitů musíte mít povoleno dvoufaktorové ověření.
 signing.wont_sign.parentsigned=Commit nebude podepsán, protože nadřazený commit není podepsán.
 signing.wont_sign.basesigned=Slou�ení nebude podepsáno, protože základní commit není podepsaný.
 signing.wont_sign.headsigned=Slou�ení nebude podepsáno, protože hlavní revize není podepsána.
@@ -2081,7 +1960,6 @@ activity.title.releases_1=%d Vydání
 activity.title.releases_n=%d Vydání
 activity.title.releases_published_by=%s publikoval %s
 activity.published_release_label=Publikováno
-activity.no_git_activity=V tomto období nebyla žádná aktivita při odevzdání.
 activity.git_stats_exclude_merges=Při vylou�ení slu�ování,
 activity.git_stats_author_1=%d autor
 activity.git_stats_author_n=%d autoři
@@ -2109,7 +1987,6 @@ contributors.contribution_type.additions=Přidání
 contributors.contribution_type.deletions=Odstranění
 
 settings=Nastavení
-settings.desc=Nastavení je místo, kde můžete měnit nastavení repozitáře
 settings.options=Repozitář
 settings.collaboration=Spolupracovníci
 settings.collaboration.admin=Správce
@@ -2126,7 +2003,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Nastavte váš p
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Nastavte svůj projekt pro automatické natažení commitů, zna�ek a větví z jiného repozitáře.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Právě te� to lze provést pouze v menu "Nová migrace". Pro více informací prosím konzultujte:
 settings.mirror_settings.docs.disabled_push_mirror.info=Push zrcadla byla zakázána administrátorem vašeho webu.
-settings.mirror_settings.docs.no_new_mirrors=Váš repozitář zrcadlí změny do nebo z jiného repozitáře. Mějte prosím na paměti, že v tuto chvíli nemůžete vytvořit žádná nová zrcadla.
 settings.mirror_settings.docs.can_still_use=I když nemůžete upravit stávající zrcadla nebo vytvořit nová, stále můžete použít své stávající zrcadlo.
 settings.mirror_settings.docs.pull_mirror_instructions=Chcete-li nastavit zrcadlo pro natažení, konzultujte prosím:
 settings.mirror_settings.docs.more_information_if_disabled=Více informací o zrcadlech pro nahrání a natažení naleznete zde:
@@ -2157,7 +2033,6 @@ settings.advanced_settings=Pokro�ilá nastavení
 settings.wiki_desc=Povolit Wiki repozitáře
 settings.use_internal_wiki=Používat vestavěnou Wiki
 settings.default_wiki_branch_name=Výchozí název větve Wiki
-settings.default_permission_everyone_access=Výchozí přístupová práva pro všechny přihlášené uživatele:
 settings.failed_to_change_default_wiki_branch=Změna výchozí větve wiki se nezdařila.
 settings.use_external_wiki=Používat externí Wiki
 settings.external_wiki_url=URL externí Wiki
@@ -2202,7 +2077,6 @@ settings.admin_indexer_commit_sha=Poslední indexovaná SHA
 settings.admin_indexer_unindexed=Neindexováno
 settings.reindex_button=Přidat do fronty reindexace
 settings.reindex_requested=Požadováno reindexování
-settings.admin_enable_close_issues_via_commit_in_any_branch=Zavřít úkol pomocí commitu v jiné než výchozí větvi
 settings.danger_zone=Nebezpe�ná zóna
 settings.new_owner_has_same_repo=Nový vlastník již repozitář se stejným názvem má. Vyberte prosím jiné jméno.
 settings.convert=Převést na běžný repozitář
@@ -2224,7 +2098,6 @@ settings.transfer_abort_invalid=Nemůžete zrušit neexistující převod repozi
 settings.transfer_abort_success=Převod repozitáře do %s byl úspěšně zrušen.
 settings.transfer_desc=Předat tento repozitář uživateli nebo organizaci, ve které máte administrátorská práva.
 settings.transfer_form_title=Zadejte jméno repozitáře pro potvrzení:
-settings.transfer_in_progress=V sou�asné době probíhá převod. Zrušte jej, pokud chcete převést tento repozitář jinému uživateli.
 settings.transfer_notices_1=- Ztratíte přístup k repozitáři, pokud jej převedete na uživatele.
 settings.transfer_notices_2=- Zůstane vám přístup k repozitáři, pokud jej převedete na organizaci kterou (spolu)vlastníte.
 settings.transfer_notices_3=- Pokud je repozitář soukromý a je předán jednotlivému uživateli, tato akce se ujistí, že uživatel má alespoň oprávnění ke �tení (a v případě potřeby změní oprávnění).
@@ -2239,13 +2112,9 @@ settings.trust_model.default=Výchozí model důvěry
 settings.trust_model.default.desc=Použít výchozí model důvěry pro tuto instalaci.
 settings.trust_model.collaborator=Spolupracovník
 settings.trust_model.collaborator.long=Spolupracovník: Důvěřovat podpisům spolupracovníků
-settings.trust_model.collaborator.desc=Platné podpisy spolupracovníků tohoto repozitáře budou ozna�eny jako „důvěryhodné“ - (ať se shodují s autorem, �i nikoli). V opa�ném případě budou platné podpisy ozna�eny jako „nedůvěryhodné“, pokud se podpis shoduje s přispěvatelem a „neodpovídající“, pokud ne.
 settings.trust_model.committer=Přispěvatel
-settings.trust_model.committer.long=Přispěvatel: Důvěřovat podpisům, které odpovídají autorům (což odpovídá GitHub a přinutí Giteu nastavit jako tvůrce pro Giteou podepsané revize)
-settings.trust_model.committer.desc=Platné podpisy budou ozna�eny pouze jako „důvěryhodné“, pokud se shodují s přispěvatelem, jinak budou ozna�eny jako „neodpovídající“. To přinutí Giteu, aby byla přispěvatelem podepsaných commitů se skute�ným přispěvatelem ozna�eným jako Co-authored-by: a Co-committed-by: na konci commitu. Výchozí klí� Gitea musí odpovídat uživateli v databázi.
 settings.trust_model.collaboratorcommitter=Spolupracovník+Přispěvatel
 settings.trust_model.collaboratorcommitter.long=Spolupracovník+Přispěvatel: Důvěřovat podpisům od spolupracovníků, které odpovídají tvůrci revize
-settings.trust_model.collaboratorcommitter.desc=Platné podpisy spolupracovníků tohoto repozitáře budou ozna�eny jako „důvěryhodné“, pokud se shodují s přispěvatelem. V opa�ném případě budou platné podpisy ozna�eny jako "nedůvěryhodné", pokud se podpis shoduje s přispěvatelem a „neodpovídajícím“ v opa�ném případě. To přinutí Giteu, aby byla ozna�ena jako přispěvatel podepsaných commitů se skute�ným přispěvatelem ozna�eným jako Co-Authored-By: a Co-Committed-By: na konci commitu. Výchozí klí� Gitea musí odpovídat uživateli v databázi.
 settings.wiki_delete=Odstranit data Wiki
 settings.wiki_delete_desc=Smazání Wiki dat repozitáře je trvalé a nemůže být vráceno zpět.
 settings.wiki_delete_notices_1=- Natrvalo odstraní a zakáže wiki repozitáře pro %s.
@@ -2254,7 +2123,6 @@ settings.wiki_deletion_success=Wiki data repozitáře byla odstraněna.
 settings.delete=Smazat tento repozitář
 settings.delete_desc=Smazání repozitáře je trvalé a nemůže být vráceno zpět.
 settings.delete_notices_1=- Tuto operaci <strong>nelze</strong> zvrátit.
-settings.delete_notices_2=- Tato operace trvale smaže repozitář <strong>%s</strong> v�etně kódu, úkolů, komentářů, Wiki dat a nastavení spolupracovníků.
 settings.delete_notices_fork_1=- Rozštěpení repozitáře bude nezávislé po smazání.
 settings.deletion_success=Repozitář byl odstraněn.
 settings.update_settings_success=Nastavení repozitáře bylo aktualizováno.
@@ -2276,8 +2144,6 @@ settings.team_not_in_organization=Tým není ve stejné organizaci jako repozitÃ
 settings.teams=Týmy
 settings.add_team=Přidat tým
 settings.add_team_duplicate=Tým již má repozitář
-settings.add_team_success=Tým má nyní přístup k repozitáři.
-settings.change_team_permission_tip=Oprávnění týmu je nastaveno na stránce nastavení týmu a nelze je změnit pro každý repozitář
 settings.delete_team_tip=Tento tým má přístup ke všem repositářům a nemůže být odstraněn
 settings.remove_team_success=Přístup týmu k repozitáři byl odstraněn.
 settings.add_webhook=Přidat webový há�ek
@@ -2286,8 +2152,6 @@ settings.hooks_desc=Webové há�ky automaticky vytvářejí dotazy HTTP POST na
 settings.webhook_deletion=Odstranit webový há�ek
 settings.webhook_deletion_desc=Odstranění webového há�ku smaže jeho nastavení a historii doru�ení. Pokra�ovat?
 settings.webhook_deletion_success=Webový há�ek byl smazán.
-settings.webhook.test_delivery=Test doru�itelnosti
-settings.webhook.test_delivery_desc=Vyzkoušet tento webový há�ek pomocí falešné události.
 settings.webhook.test_delivery_desc_disabled=Chcete-li tento webový há�ek otestovat s falešnou událostí, aktivujte ho.
 settings.webhook.request=Požadavek
 settings.webhook.response=Odpově�
@@ -2334,7 +2198,6 @@ settings.event_repository=Repozitář
 settings.event_repository_desc=Repozitář vytvořen nebo smazán.
 settings.event_header_issue=Události úkolů
 settings.event_issues=Úkoly
-settings.event_issues_desc=Úkol otevřen, uzavřen, znovu otevřen nebo upraven.
 settings.event_issue_assign=Úkol přiřazen
 settings.event_issue_assign_desc=Úkol přiřazen nebo nepřiřazen.
 settings.event_issue_label=Úkol oštítkován
@@ -2345,7 +2208,6 @@ settings.event_issue_comment=Komentář k úkolu
 settings.event_issue_comment_desc=Komentář úkolu přidán, upraven nebo smazán.
 settings.event_header_pull_request=Události pull requestu
 settings.event_pull_request=Pull request
-settings.event_pull_request_desc=Pull request otevřen, uzavřen, znovu otevřen nebo upraven.
 settings.event_pull_request_assign=Pull request přiřazen
 settings.event_pull_request_assign_desc=Pull request přiřazen nebo nepřiřazen.
 settings.event_pull_request_label=Pull request oštítkován
@@ -2485,7 +2347,6 @@ settings.block_on_official_review_requests_desc=Slu�ování nebude možné, pok
 settings.block_outdated_branch=Blokovat slou�ení, pokud je pull request zastaralý
 settings.block_outdated_branch_desc=Slu�ování nebude možné, pokud je hlavní větev za základní větví.
 settings.block_admin_merge_override=Pravidla pro ochranu větví se vztahují i na administrátory
-settings.block_admin_merge_override_desc=Pravidla pro ochranu větví se vztahují i na administrátory a nesmějí je obcházet.
 settings.default_branch_desc=Vybrat výchozí větev repozitáře pro pull requesty a revize kódu:
 settings.merge_style_desc=Slou�it styly
 settings.default_merge_style_desc=Výchozí styl slou�ení
@@ -2512,10 +2373,7 @@ settings.matrix.homeserver_url=URL adresa Homeserveru
 settings.matrix.room_id=ID místnosti
 settings.matrix.message_type=Typ zprávy
 settings.visibility.private.button=Nastavit jako soukromé
-settings.visibility.private.text=Změna viditelnosti na soukromou nejen zviditelní repozitář pouze pro povolené �leny, ale může odstranit vztah mezi ním a rozštěpením, sledujícími a oblíbeností.
 settings.visibility.private.bullet_title=<strong>Změna viditelnosti na soukromou způsobí:</strong>
-settings.visibility.private.bullet_one=Zviditelnit repozitář pouze pro povolené �leny.
-settings.visibility.private.bullet_two=Může odstranit vztah mezi ním a <strong>rozštěpeními</strong>, <strong>sledujícími</strong>a <strong>oblíbeností</strong>.
 settings.visibility.public.button=Nastavit jako veřejné
 settings.visibility.public.text=Změna viditelnosti na veřejné u�iní repozitář viditelným pro kohokoliv.
 settings.visibility.public.bullet_title=<strong>Změna viditelnosti na veřejnou způsobí:</strong>
@@ -2534,7 +2392,6 @@ settings.archive.tagsettings_unavailable=Nastavení zna�ek není k dispozici, p
 settings.archive.mirrors_unavailable=Zrcadla nejsou k dispozici, pokud je repozitář archivován.
 settings.unarchive.button=Obnovit repozitář
 settings.unarchive.header=Obnovit tento repozitář
-settings.unarchive.text=Obnovení repozitáře vrátí možnost přijímání commitů a nahrávání. Stejně tak se obnoví i možnost zadávání nových úkolů a pull requestů.
 settings.unarchive.success=Repozitář byl úspěšně obnoven.
 settings.unarchive.error=Nastala chyba při obnovování repozitáře. Prohlédněte si záznam pro více detailů.
 settings.update_avatar_success=Avatar repozitáře byl aktualizován.
@@ -2552,11 +2409,9 @@ settings.lfs_invalid_locking_path=Neplatná cesta: %s
 settings.lfs_invalid_lock_directory=Adresář nelze uzamknout: %s
 settings.lfs_lock_already_exists=Zámek již existuje: %s
 settings.lfs_lock=Zámek
-settings.lfs_lock_path=Umístění souboru k zam�ení...
 settings.lfs_locks_no_locks=Žádné zámky
 settings.lfs_lock_file_no_exist=Uzam�ený soubor neexistuje ve výchozí větvi
 settings.lfs_force_unlock=Vynutit odemknutí
-settings.lfs_pointers.found=Nalezeno %d blob ukazatel(ů) - %d přiřazeno, %d není přiřazeno (%d chybí v úložišti)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=V repozitáři
@@ -2735,7 +2590,6 @@ error.csv.invalid_field_count=Soubor nelze vykreslit, protože má nesprávný p
 error.broken_git_hook=Git há�ky tohoto repozitáře se zdají být rozbité. Postupujte prosím podle <a target="_blank" rel="noreferrer" href="%s">dokumentace</a>, abyste je opravili, a poté nahrajte nějaké commity pro obnovení stavu.
 
 [graphs]
-component_loading=Na�ítání %s...
 component_loading_failed=Nelze na�íst %s
 component_loading_info=Může to chvíli trvat…
 component_failed_to_load=Došlo k neo�ekávané chybě.
@@ -2773,7 +2627,6 @@ form.create_org_not_allowed=Nemáte oprávnění vytvářet nové organizace.
 settings=Nastavení
 settings.options=Organizace
 settings.full_name=Celé jméno
-settings.email=Kontaktní e-mail
 settings.website=Webové stránky
 settings.location=Umístění
 settings.permission=Oprávnění
@@ -2787,15 +2640,13 @@ settings.visibility.private_shortname=Soukromý
 
 settings.update_settings=Upravit nastavení
 settings.update_setting_success=Nastavení organizace bylo upraveno.
-settings.change_orgname_prompt=Poznámka: Změna názvu organizace také změní adresu URL vaší organizace a uvolní staré jméno této organizace.
-settings.change_orgname_redirect_prompt=Staré jméno bude přesměrovávat, dokud nebude znovu obsazeno.
+
+
 settings.update_avatar_success=Avatar organizace byl aktualizován.
 settings.delete=Smazat organizaci
 settings.delete_account=Smazat tuto organizaci
 settings.delete_prompt=Organizace bude trvale odstraněna. Tato změna <strong>NEMŮŽE</strong> být vrácena!
 settings.confirm_delete_account=Potvrdit smazání
-settings.delete_org_title=Smazat organizaci
-settings.delete_org_desc=Tato organizace bude trvale smazána. Pokra�ovat?
 settings.hooks_desc=Přidat webové há�ky, které budou spouštěny pro <strong>všechny repozitáře</strong> v této organizaci.
 
 settings.labels_desc=Přidejte štítky, které mohou být použity pro úkoly <strong>všech repositářů</strong> v rámci této organizace.
@@ -2851,7 +2702,6 @@ teams.remove_all_repos_title=Odstranit všechny repozitáře týmu
 teams.remove_all_repos_desc=Tímto odeberete všechny repozitáře z týmu.
 teams.add_all_repos_title=Přidat všechny repozitáře
 teams.add_all_repos_desc=Tímto přidáte do týmu všechny repozitáře organizace.
-teams.add_nonexistent_repo=Repositář, který se snažíte přidat, neexistuje. Nejdříve jej vytvořte, prosím.
 teams.add_duplicate_users=Uživatel je již �lenem týmu.
 teams.repos.none=Tento tým nemůže přistoupit k žádným repozitářům.
 teams.members.none=Žádní �lenové v tomto týmu.
@@ -2884,7 +2734,6 @@ repositories=Repozitáře
 hooks=Webové há�ky
 integrations=Integrace
 authentication=Zdroje ověření
-emails=Uživatelské e-maily
 config=Nastavení
 config_summary=Souhrn
 config_settings=Nastavení
@@ -2916,11 +2765,8 @@ dashboard.cron.cancelled=Naplánovaná úloha: %[1]s zrušena: %[3]s
 dashboard.cron.error=Chyba v naplánované úloze: %s: %[3]s
 dashboard.cron.finished=Naplánovaná úloha: %[1]s skon�ila
 dashboard.delete_inactive_accounts=Smazat všechny neaktivované ú�ty
-dashboard.delete_inactive_accounts.started=Spuštěna úloha mazání všech neaktivovaných ú�tů.
 dashboard.delete_repo_archives=Odstranit všechny archivy repozitáře (ZIP, TAR.GZ, atd.)
-dashboard.delete_repo_archives.started=Spuštěna úloha smazání všech archivovaných repozitářů.
 dashboard.delete_missing_repos=Smazat všechny repozitáře, které nemají Git soubory
-dashboard.delete_missing_repos.started=Spuštěna úloha mazání všech repozitářů, které nemají Git soubory.
 dashboard.delete_generated_repository_avatars=Odstranit vygenerované avatary repozitářů
 dashboard.sync_repo_branches=Synchronizovat chybějící větve z git dat do databází
 dashboard.sync_repo_tags=Synchronizovat zna�ky z git dat do databáze
@@ -2928,17 +2774,9 @@ dashboard.update_mirrors=Aktualizovat zrcadla
 dashboard.repo_health_check=Kontrola stavu všech repozitářů
 dashboard.check_repo_stats=Zkontrolovat všechny statistiky repositáře
 dashboard.archive_cleanup=Smazat staré archivy repozitářů
-dashboard.deleted_branches_cleanup=Vy�istit odstraněné větve
 dashboard.update_migration_poster_id=Aktualizovat ID autora migrace
-dashboard.git_gc_repos=Provést úklid všech repozitářů
-dashboard.resync_all_sshkeys=Aktualizovat soubor „.ssh/authorized_keys“ pomocí SSH klí�ů Gitea.
-dashboard.resync_all_sshprincipals=Aktualizovat soubor '.ssh/authorized_principals' pomocí Gitea SSH Principal certifikátů.
-dashboard.resync_all_hooks=Znovu synchronizovat há�ky před přijetím, aktualizace a po přijetí všech repozitářů.
 dashboard.reinit_missing_repos=Znovu inicializovat všechny chybějící repozitáře, pro které existují záznamy
 dashboard.sync_external_users=Synchronizovat externí uživatelská data
-dashboard.cleanup_hook_task_table=Vy�istit tabulku hook_task
-dashboard.cleanup_packages=Vy�istit prošlé balí�ky
-dashboard.cleanup_actions=Vy�ištění prostředků akcí, jejichž platnost vypršela
 dashboard.server_uptime=Doba provozu serveru
 dashboard.current_goroutine=Aktuální Goroutines
 dashboard.current_memory_usage=Aktuální využití paměti
@@ -2969,10 +2807,8 @@ dashboard.total_gc_pause=Celková pauza GC
 dashboard.last_gc_pause=Poslední pauza GC
 dashboard.gc_times=ÄŒasy GC
 dashboard.delete_old_actions=Odstranit všechny staré aktivity z databáze
-dashboard.delete_old_actions.started=Za�alo odstraňování všech starých aktivit z databáze.
 dashboard.update_checker=Kontrola aktualizací
 dashboard.delete_old_system_notices=Odstranit všechna stará systémová upozornění z databáze
-dashboard.gc_lfs=Úklid LFS meta objektů
 dashboard.stop_zombie_tasks=Zastavit zombie úlohy akcí
 dashboard.stop_endless_tasks=Zastavit nekone�né úlohy akcí
 dashboard.cancel_abandoned_jobs=Zrušit opuštěné úlohy akcí
@@ -2996,7 +2832,6 @@ users.2fa=2FA
 users.repos=Repozitáře
 users.created=Vytvořen
 users.last_login=Poslední přihlášení
-users.never_login=Nikdy nepřihlášen
 users.send_register_notify=Odeslat upozornění při registraci uživatele
 users.new_success=Uživatelský ú�et „%s“ byl vytvořen.
 users.edit=Upravit
@@ -3023,7 +2858,6 @@ users.still_own_repo=Tento uživatel stále vlastní jeden nebo více repozitáÅ
 users.still_has_org=Uživatel je �len organizace. Nejprve odstraňte uživatele ze všech organizací.
 users.purge=Vymazat uživatele
 users.purge_help=Vynuceně smazat uživatele a všechny repositáře, organizace a balí�ky vlastněné uživatelem. Všechny komentáře budou také smazány.
-users.still_own_packages=Tento uživatel stále vlastní jeden nebo více balí�ků, nejprve odstraňte tyto balí�ky.
 users.deletion_success=Uživatelský ú�et byl smazán.
 users.reset_2fa=Resetovat 2FA
 users.list_status_filter.menu_text=Filtr
@@ -3043,11 +2877,7 @@ users.details=Detaily uživatele
 emails.email_manage_panel=Správa e-mailů uživatele
 emails.primary=Hlavní
 emails.activated=Aktivován
-emails.filter_sort.email=E-mail
-emails.filter_sort.email_reverse=E-mail (naopak)
 emails.filter_sort.name=Uživatelské jméno
-emails.filter_sort.name_reverse=Uživatelské jméno (naopak)
-emails.updated=E-mail aktualizován
 emails.not_updated=Aktualizace požadované e-mailové adresy se nezdařila: %v
 emails.duplicate_active=Tato e-mailová adresa je již aktivní pro jiného uživatele.
 emails.change_email_header=Aktualizovat vlastnosti e-mailu
@@ -3055,7 +2885,6 @@ emails.change_email_text=Opravdu chcete aktualizovat tuto e-mailovou adresu?
 emails.delete=Odstranit e-mail
 emails.delete_desc=Opravdu chcete odstranit tuto e-mailovou adresu?
 emails.deletion_success=E-mailová adresa byla odstraněna.
-emails.delete_primary_email_error=Primární e-mail nelze odstranit.
 
 orgs.org_manage_panel=Správa organizací
 orgs.name=Název
@@ -3169,27 +2998,19 @@ auths.oauth2_required_claim_name_helper=Nastavte toto jméno pro omezení přihl
 auths.oauth2_required_claim_value=Požadovaná hodnota tvrzení
 auths.oauth2_required_claim_value_helper=Nastavte tuto hodnotu pro omezení přihlášení z tohoto zdroje pro uživatele s tvrzením s tímto jménem a hodnotou
 auths.oauth2_group_claim_name=Název tvrzení poskytující názvy skupin pro tento zdroj. (nepovinné)
-auths.oauth2_admin_group=Hodnota tvrzení pro skupinu uživatelů administrátorů. (Volitelné - vyžaduje název tvrzení výše)
-auths.oauth2_restricted_group=Hodnota tvrzení pro skupinu omezených uživatelů. (Volitelné - vyžaduje název tvrzení výše)
-auths.oauth2_map_group_to_team=Mapa uváděných skupin do organiza�ních týmů. (Volitelné - vyžaduje výše uvedené jméno)
 auths.oauth2_map_group_to_team_removal=Odebrat uživatele z synchronizovaných týmů, pokud uživatel nepatří do odpovídající skupiny.
 auths.enable_auto_register=Povolit zaregistrování se
 auths.sspi_auto_create_users=Automaticky vytvářet uživatele
-auths.sspi_auto_create_users_helper=Povolit SSPI autentiza�ní metodě automaticky vytvářet nové ú�ty pro uživatele, kteří se poprvé přihlásili
 auths.sspi_auto_activate_users=Automaticky aktivovat uživatele
 auths.sspi_auto_activate_users_helper=Povolit SSPI autentiza�ní metodě automaticky aktivovat nové uživatele
 auths.sspi_strip_domain_names=Odstranit názvy domén z uživatelských jmen
-auths.sspi_strip_domain_names_helper=Je-li zaškrtnuto, doménová jména budou odstraněna z přihlašovacích jmen (např. „DOMAIN\user“ a „user@example.org“ se stanou jen „user“).
 auths.sspi_separator_replacement=Oddělova� použitý místo \, / a @
-auths.sspi_separator_replacement_helper=Znak k nahrazení oddělova�e jmen na nižší úrovni (např. „DOMAIN\user“) a uživatelská jména (např. @ v „user@example.org“).
 auths.sspi_default_language=Výchozí jazyk uživatele
-auths.sspi_default_language_helper=Výchozí jazyk pro uživatele automaticky vytvořené pomocí SSPI auth metody. Pokud dáváte přednost automatickému zjištění jazyka, ponechte prázdné.
 auths.tips=Tipy
 auths.tips.oauth2.general=Ověřování OAuth2
 auths.tips.oauth2.general.tip=Při registraci nové OAuth2 autentizace by URL callbacku/přesměrování měla být:
 auths.tip.oauth2_provider=Poskytovatel OAuth2
 auths.tip.bitbucket=Vytvořte nového OAuth konzumenta na %s a přidejte oprávnění „Account“ - „Read“
-auths.tip.nextcloud=Zaregistrujte nového OAuth konzumenta na vaší instanci pomocí následujícího menu „Nastavení -> Zabezpe�ení -> OAuth 2.0 klient“
 auths.tip.dropbox=Vytvořte novou aplikaci na %s
 auths.tip.facebook=Registrujte novou aplikaci na %s a přidejte produkt „Facebook Login“
 auths.tip.github=Registrujte novou OAuth aplikaci na %s
@@ -3242,8 +3063,6 @@ config.ssh_domain=Doména SSH serveru
 config.ssh_port=Port
 config.ssh_listen_port=Port pro naslouchání
 config.ssh_root_path=Kořenová cesta
-config.ssh_key_test_path=Cesta testu klí�ů
-config.ssh_keygen_path=Cesta ke generátoru klí�ů ('ssh-keygen')
 config.ssh_minimum_key_size_check=Kontrola minimální velikosti klí�ů
 config.ssh_minimum_key_sizes=Minimální velikost klí�ů
 
@@ -3301,7 +3120,6 @@ config.mailer_sendmail_path=Cesta k Sendmail
 config.mailer_sendmail_args=Dodate�né argumenty pro Sendmail
 config.mailer_sendmail_timeout=Časový limit Sandmail
 config.mailer_use_dummy=Fiktivní
-config.test_email_placeholder=E-mail (napÅ™.: test@example.com)
 config.send_test_mail=Odeslat zkušební e-mail
 config.send_test_mail_submit=Odeslat
 config.test_mail_failed=Odeslání testovacího e-mailu na „%s“ selhalo: %v
@@ -3375,7 +3193,6 @@ monitor.start=Čas zahájení
 monitor.execute_time=Doba provádění
 monitor.last_execution_result=Výsledek
 monitor.process.cancel=Zrušit proces
-monitor.process.cancel_desc=Zrušení procesu může způsobit ztrátu dat
 monitor.process.children=Potomek
 
 monitor.queues=Fronty
@@ -3390,7 +3207,6 @@ monitor.queue.numberinqueue=Číslo ve frontě
 monitor.queue.review_add=Posoudit / přidat workery
 monitor.queue.settings.title=Nastavení fondu
 monitor.queue.settings.desc=Fondy se dynamicky zvětšují v závislosti na blokování jejich pracovních front.
-monitor.queue.settings.maxnumberworkers=Maximální po�et workerů
 monitor.queue.settings.maxnumberworkers.placeholder=V sou�asné době %[1]d
 monitor.queue.settings.maxnumberworkers.error=Maximální po�et workerů musí být �íslo
 monitor.queue.settings.submit=Aktualizovat nastavení
@@ -3416,10 +3232,6 @@ notices.delete_success=Systémové upozornění bylo smazáno.
 self_check.no_problem_found=Zatím nebyl nalezen žádný problém.
 self_check.startup_warnings=Upozornění při spuštění:
 self_check.database_collation_mismatch=O�ekávejte, že databáze použije collation: %s
-self_check.database_collation_case_insensitive=Databáze používá collation %s, což je collation nerozlišující velká a malá písmena. A�koli s ní Gitea může pracovat, mohou se vyskytnout vzácné případy, kdy nebude fungovat podle o�ekávání.
-self_check.database_inconsistent_collation_columns=Databáze používá collation %s, ale tyto sloupce používají chybné collation. To může způsobit neo�ekávané problémy.
-self_check.database_fix_mysql=Pro uživatele MySQL/MariaDB můžete použít příkaz "gitea doctor convert", který opraví problémy s collation, nebo můžete také problém vyřešit příkazem "ALTER ... COLLATE ..." SQL ru�ně.
-self_check.database_fix_mssql=Uživatelé MSSQL mohou problém vyřešit pouze pomocí příkazu "ALTER ... COLLATE ..." SQL ru�ně.
 self_check.location_origin_mismatch=Aktuální URL (%[1]s) se neshoduje s URL viditelnou pro Gitea (%[2]s). Pokud používáte reverzní proxy, ujistěte se, že hlavi�ky „Host“ a „X-Forwarded-Proto“ jsou nastaveny správně.
 
 [action]
@@ -3503,8 +3315,6 @@ error.no_committer_account=Žádný ú�et není propojen s e-mailovou adresou p
 error.no_gpg_keys_found=V databázi nebyl nalezen žádný známý klí� pro tento podpis
 error.not_signed_commit=Nepodepsaná revize
 error.failed_retrieval_gpg_keys=Nelze získat žádný klí� propojený s ú�tem přispěvatele
-error.probable_bad_signature=VAROV�N�! Přestože v databázi existuje klí� s tímto ID, tuto revizi neověřuje! Tato revize je PODEZŘEL�.
-error.probable_bad_default_signature=VAROV�N�! A�koli výchozí klí� má toto ID, neověřuje tuto revizi! Tato revize je PODEZŘEL�.
 
 [units]
 unit=Jednotka
@@ -3543,7 +3353,6 @@ versions.view_all=Zobrazit všechny
 dependency.id=ID
 dependency.version=Verze
 search_in_external_registry=Hledat v %s
-alpine.registry=Nastavte tento registr přidáním URL do <code>/etc/apk/repositories</code>:
 alpine.registry.key=Stáhněte si veřejný RSA klí� registru do složky <code>/etc/apk/keys/</code> pro ověření podpisu indexu:
 alpine.registry.info=Vyberte $branch a $repository ze seznamu níže.
 alpine.install=Pro instalaci balí�ku spusťte následující příkaz:
@@ -3556,18 +3365,13 @@ arch.install=Synchronizovat balí�ek s pacman:
 arch.repository=Informace o repozitáři
 arch.repository.repositories=Repozitáře
 arch.repository.architectures=Architektury
-cargo.registry=Nastavte tento registr v konfigura�ním souboru Cargo (například <code>~/.cargo/config.toml</code>):
 cargo.install=Chcete-li nainstalovat balí�ek pomocí Cargo, spusťte následující příkaz:
-chef.registry=Nastavit tento registr v souboru <code>~/.chef/config.rb</code>:
 chef.install=Pro instalaci balí�ku spusťte následující příkaz:
-composer.registry=Nastavit tento registr v souboru <code>~/.composer/config.json</code>:
 composer.install=Pro instalaci balí�ku pomocí Compposer spusťte následující příkaz:
 composer.dependencies=Závislosti
 composer.dependencies.development=Vývojové závislosti
 conan.details.repository=Repozitář
-conan.registry=Nastavte tento registr z příkazového řádku:
 conan.install=Pro instalaci balí�ku pomocí Conan spusťte následující příkaz:
-conda.registry=Nastavte tento registr jako Conda repozitář ve vašem <code>.condarc</code>:
 conda.install=Pro instalaci balí�ku pomocí Conda spusťte následující příkaz:
 container.details.type=Typ obrazu
 container.details.platform=Platforma
@@ -3579,9 +3383,7 @@ container.layers=Vrstvy obrazů
 container.labels=Štítky
 container.labels.key=Klí�
 container.labels.value=Hodnota
-cran.registry=Nastavte tento registr v souboru <code>Rprofile.site</code>:
 cran.install=Pro instalaci balí�ku spusťte následující příkaz:
-debian.registry=Nastavte tento registr z příkazového řádku:
 debian.registry.info=Vyberte $distribution a $component ze seznamu níže.
 debian.install=Pro instalaci balí�ku spusťte následující příkaz:
 debian.repository=Informace o repozitáři
@@ -3590,16 +3392,11 @@ debian.repository.components=Komponenty
 debian.repository.architectures=Architektury
 generic.download=Stáhnout balí�ek z příkazové řádky:
 go.install=Nainstalujte balí�ek z příkazové řádky:
-helm.registry=Nastavte tento registr z příkazového řádku:
 helm.install=Pro instalaci balí�ku spusťte následující příkaz:
-maven.registry=Nastavte tento registr ve vašem projektu <code>pom.xml</code> souboru:
-maven.install=Pro použití balí�ku uve�te následující v bloku <code>dependencies</code> v souboru <code>pom.xml</code>:
 maven.install2=Spustit pomocí příkazové řádky:
 maven.download=Chcete-li stáhnout závislost, spusťte přes příkazový řádek:
-nuget.registry=Nastavte tento registr z příkazového řádku:
 nuget.install=Chcete-li nainstalovat balí�ek pomocí NuGet, spusťte následující příkaz:
 nuget.dependency.framework=Cílový Framework
-npm.registry=Nastavte tento registr ve vašem projektu v souboru <code>.npmrc</code>:
 npm.install=Pro instalaci balí�ku pomocí npm spusťte následující příkaz:
 npm.install2=nebo ho přidejte do souboru package.json:
 npm.dependencies=Závislosti
@@ -3611,7 +3408,6 @@ npm.details.tag=Zna�ka
 pub.install=Chcete-li nainstalovat balí�ek pomocí Dart, spusťte následující příkaz:
 pypi.requires=Vyžaduje Python
 pypi.install=Pro instalaci balí�ku pomocí pip spusťte následující příkaz:
-rpm.registry=Nastavte tento registr z příkazového řádku:
 rpm.distros.redhat=na distribuce založené na RedHat
 rpm.distros.suse=na distribuce založené na SUSE
 rpm.install=Pro instalaci balí�ku spusťte následující příkaz:
@@ -3624,7 +3420,6 @@ rubygems.dependencies.runtime=Běhové závislosti
 rubygems.dependencies.development=Vývojové závislosti
 rubygems.required.ruby=Vyžaduje verzi Ruby
 rubygems.required.rubygems=Vyžaduje verzi RubyGem
-swift.registry=Nastavte tento registr z příkazového řádku:
 swift.install=Přidejte balí�ek do svého <code>Package.swift</code> souboru:
 swift.install2=a spustit následující příkaz:
 vagrant.install=Pro přidání Vagrant box spusťte následující příkaz:
@@ -3647,7 +3442,6 @@ owner.settings.cargo.initialize.success=Index Cargo byl úspěšně vytvořen.
 owner.settings.cargo.rebuild=Znovu vytvořit Index
 owner.settings.cargo.rebuild.description=Obnova může být užite�ná, pokud index není synchronizován s uloženými balí�ky Cargo.
 owner.settings.cargo.rebuild.error=Obnovení Cargo indexu se nezdařilo: %v
-owner.settings.cargo.rebuild.success=Cargo Index byl úspěšně obnoven.
 owner.settings.cleanuprules.title=Spravovat pravidla pro �ištění
 owner.settings.cleanuprules.add=Přidat pravidlo pro �ištění
 owner.settings.cleanuprules.edit=Upravit pravidlo pro �ištění
@@ -3676,12 +3470,13 @@ owner.settings.chef.keypair.description=Pro autentizaci do registru Chef je zapo
 secrets=Tajné klí�e
 description=Tejné klí�e budou předány ur�itým akcím a nelze je pře�íst jinak.
 none=Zatím zde nejsou žádné tajné klí�e.
-creation=Přidat tajný klí�
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Popis
 creation.name_placeholder=nerozlišovat velká a malá písmena, pouze alfanumerické znaky nebo podtržítka, nemohou za�ínat na GITEA_ nebo GITHUB_
 creation.value_placeholder=Vložte jakýkoliv obsah. Mezery na za�átku a konci budou vynechány.
-creation.success=Tajný klí� „%s“ byl přidán.
-creation.failed=Nepodařilo se přidat tajný klí�.
+
+
 deletion=Odstranit tajný klí�
 deletion.description=Odstranění tajného klí�e je trvalé a nelze ho vrátit zpět. Pokra�ovat?
 deletion.success=Tajný klí� byl odstraněn.
@@ -3729,7 +3524,6 @@ runners.delete_runner=Odstranit tento runner
 runners.delete_runner_success=Runner byl úspěšně odstraněn
 runners.delete_runner_failed=Odstranění runneru selhalo
 runners.delete_runner_header=Potvrdit odstranění tohoto runneru
-runners.delete_runner_notice=Pokud na tomto runneru běží úloha, bude ukon�ena a ozna�ena jako neúspěšná. Může dojít k přerušení vytváření pracovního postupu.
 runners.none=Žádné runnery nejsou k dispozici
 runners.status.unspecified=Neznámý
 runners.status.idle=Ne�inný
diff --git a/options/locale/locale_de-DE.ini b/options/locale/locale_de-DE.ini
index 0b0544b89c..6d86a0c8fd 100644
--- a/options/locale/locale_de-DE.ini
+++ b/options/locale/locale_de-DE.ini
@@ -44,7 +44,6 @@ webauthn_use_twofa=Zwei-Faktor-Authentifizierung via Handy verwenden
 webauthn_error=Dein Sicherheitsschlüssel konnte nicht gelesen werden.
 webauthn_unsupported_browser=Dein Browser unterstützt derzeit keinen WebAuthn.
 webauthn_error_unknown=Ein unbekannter Fehler ist aufgetreten. Bitte versuche es erneut.
-webauthn_error_insecure=WebAuthn unterstützt nur sichere Verbindungen. Zum Testen über HTTP kannst Du "localhost" oder "127.0.0.1" als Host verwenden
 webauthn_error_unable_to_process=Der Server konnte deine Anfrage nicht bearbeiten.
 webauthn_error_duplicated=Für diese Anfrage ist der Sicherheitsschlüssel nicht erlaubt. Bitte stell sicher, dass er nicht bereits registriert ist.
 webauthn_error_empty=Du musst einen Namen für diesen Schlüssel festlegen.
@@ -113,6 +112,7 @@ copy_type_unsupported=Dieser Dateityp kann nicht kopiert werden
 write=Verfassen
 preview=Vorschau
 loading=Laden…
+files=Dateien
 
 error=Fehler
 error404=Die Seite, die Du versuchst aufzurufen, <strong>existiert nicht</strong> oder <strong>Du bist nicht berechtigt</strong>, diese anzusehen.
@@ -128,7 +128,7 @@ pin=Anheften
 unpin=Loslösen
 
 artifacts=Artefakte
-confirm_delete_artifact=Bist du sicher, dass du das Artefakt '%s' löschen möchtest?
+expired=Abgelaufen
 
 archived=Archiviert
 
@@ -165,29 +165,18 @@ no_results_found=Es wurden keine Ergebnisse gefunden.
 internal_error_skipped=Ein interner Fehler ist aufgetreten, wurde aber übersprungen: %s
 
 [search]
-search=Suche ...
 type_tooltip=Suchmodus
 fuzzy=Ähnlich
-fuzzy_tooltip=Ergebnisse einbeziehen, die dem Suchbegriff ähnlich sind
+words=Wörter
+words_tooltip=Nur Suchbegriffe einbeziehen, die den Suchbegriffen exakt entsprechen
+regexp=Regexp
+regexp_tooltip=Nur Suchbegriffe einbeziehen, die dem Regexp exakt entsprechen
 exact=Exakt
 exact_tooltip=Nur Suchbegriffe einbeziehen, die dem exakten Suchbegriff entsprechen
-repo_kind=Repositories durchsuchen ...
-user_kind=Benutzer durchsuchen ...
-org_kind=Organisationen durchsuchen ...
-team_kind=Teams durchsuchen ...
-code_kind=Code durchsuchen ...
 code_search_unavailable=Zurzeit ist die Code-Suche nicht verfügbar. Bitte wende dich an den Website-Administrator.
 code_search_by_git_grep=Aktuelle Code-Suchergebnisse werden von "git grep" bereitgestellt. Es könnte bessere Ergebnisse geben, wenn der Website-Administrator den Repository-Indexer aktiviert.
-package_kind=Pakete durchsuchen ...
-project_kind=Projekte durchsuchen ...
-branch_kind=Branches durchsuchen ...
-tag_kind=Tags durchsuchen...
 tag_tooltip=Suche nach passenden Tags. Benutze '%', um jede Sequenz von Zahlen zu treffen.
-commit_kind=Commits durchsuchen ...
-runner_kind=Runner durchsuchen ...
 no_results=Es wurden keine passenden Ergebnisse gefunden.
-issue_kind=Issues durchsuchen ...
-pull_kind=Pull-Requests durchsuchen...
 keyword_search_unavailable=Zurzeit ist die Stichwort-Suche nicht verfügbar. Bitte wende dich an den Website-Administrator.
 
 [aria]
@@ -223,8 +212,6 @@ buttons.enable_monospace_font=Monospace-Schrift aktivieren
 buttons.disable_monospace_font=Monospace-Schrift deaktivieren
 
 [filter]
-string.asc=A–Z
-string.desc=Z–A
 
 [error]
 occurred=Ein Fehler ist aufgetreten
@@ -245,7 +232,6 @@ license_desc=Hol dir den Code unter <a target="_blank" rel="noopener noreferrer"
 
 [install]
 install=Installation
-installing_desc=Wird jetzt installiert, bitte warten...
 title=Erstkonfiguration
 docker_helper=Wenn du Gitea in einem Docker-Container nutzt, lies bitte die <a target="_blank" rel="noopener noreferrer" href="%s">Dokumentation</a>, bevor du irgendwelche Einstellungen veränderst.
 require_db_desc=Gitea benötigt MySQL, PostgreSQL, MSSQL, SQLite3 oder TiDB (MySQL-Protokoll).
@@ -262,16 +248,10 @@ path=Pfad
 sqlite_helper=Dateipfad zur SQLite3 Datenbank.<br>Gebe einen absoluten Pfad an, wenn Gitea als Service gestartet wird.
 reinstall_error=Du versuchst, in eine bereits existierende Gitea Datenbank zu installieren
 reinstall_confirm_message=Eine Neuinstallation mit einer bestehenden Gitea-Datenbank kann mehrere Probleme verursachen. In den meisten Fällen solltest du deine vorhandene "app.ini" verwenden, um Gitea auszuführen. Wenn du weist, was du tust, bestätigen die folgenden Angaben:
-reinstall_confirm_check_1=Die von der SECRET_KEY in app.ini verschlüsselten Daten können verloren gehen: Benutzer können sich unter Umständen nicht mit 2FA/OTP einloggen & Spiegelungen könnten nicht mehr richtig funktionieren. Durch Ankreuzung dieses Kästchens bestätigst du, dass die aktuelle app.ini Datei den korrekten SECRET_KEY enthält.
-reinstall_confirm_check_2=Die Repositories und Einstellungen müssen eventuell neu synchronisiert werden. Durch das Ankreuzen dieses Kästchens bestätigst Du, dass Du die Hooks für die Repositories und die authorized_keys Datei manuell neu synchronisierst. Du bestätigst, dass Du sicherstellst, dass die Repository- und Spiegel-Einstellungen korrekt sind.
 reinstall_confirm_check_3=Du bestätigst, dass du absolut sicher bist, dass diese Gitea mit der richtigen app.ini läuft, und du sicher bist, dass du neu installieren musst. Du bestätigst, dass du die oben genannten Risiken anerkennst.
 err_empty_db_path=Der SQLite3 Datenbankpfad darf nicht leer sein.
 no_admin_and_disable_registration=Du kannst Selbst-Registrierungen nicht deaktivieren, ohne ein Administratorkonto zu erstellen.
 err_empty_admin_password=Das Administrator-Passwort darf nicht leer sein.
-err_empty_admin_email=Die Administrator-E-Mail darf nicht leer sein.
-err_admin_name_is_reserved=Administratornutzername ist ungültig, der Nutzername ist reserviert
-err_admin_name_pattern_not_allowed=Administrator-Benutzername ist ungültig, der Benutzername entspricht einem reservierten Muster
-err_admin_name_is_invalid=Administratornutzername ist ungültig
 
 general_title=Allgemeine Einstellungen
 app_name=Seitentitel
@@ -287,7 +267,6 @@ domain_helper=Domain oder Host-Adresse für den Server.
 ssh_port=SSH-Server-Port
 ssh_port_helper=Der Port deines SSH-Servers. Leer lassen, um SSH zu deaktivieren.
 http_port=Gitea-HTTP-Listen-Port
-http_port_helper=Port, unter dem der Gitea-Webserver laufen soll.
 app_url=Gitea-Basis-URL
 app_url_helper=Adresse für HTTP(S)-Klon-URLs und E-Mail-Benachrichtigungen.
 log_root_path=Logdateipfad
@@ -351,7 +330,6 @@ no_reply_address=Versteckte E-Mail-Domain
 no_reply_address_helper=Domain-Name für Benutzer mit einer versteckten Emailadresse. Zum Beispiel wird der Benutzername „Joe“ in Git als „joe@noreply.example.org“ protokolliert, wenn die versteckte E-Mail-Domain „noreply.example.org“ festgelegt ist.
 password_algorithm=Passwort Hashing Algorithmus
 invalid_password_algorithm=Ungültiger Passwort-Hash-Algorithmus
-password_algorithm_helper=Lege einen Passwort-Hashing-Algorithmus fest. Algorithmen haben unterschiedliche Anforderungen und Stärken. Der argon2-Algorithmus ist ziemlich sicher, aber er verbraucht viel Speicher und kann für kleine Systeme ungeeignet sein.
 enable_update_checker=Aktualisierungsprüfung aktivieren
 enable_update_checker_helper=Stellt regelmäßig eine Verbindung zu gitea.io her, um nach neuen Versionen zu prüfen.
 env_config_keys=Umgebungskonfiguration
@@ -422,8 +400,6 @@ allow_password_change=Verlange vom Benutzer das Passwort zu ändern (empfohlen)
 reset_password_mail_sent_prompt=Eine Bestätigungs-E-Mail wurde an <b>%s</b> gesendet. Bitte überprüfe dein Postfach innerhalb von %s, um den Wiederherstellungsprozess abzuschließen.
 active_your_account=Aktiviere dein Konto
 account_activated=Konto wurde aktiviert
-prohibit_login=Anmelden verboten
-prohibit_login_desc=Die Anmeldung mit diesem Konto ist nicht gestattet. Bitte kontaktiere den Administrator.
 resent_limit_prompt=Du hast bereits eine Aktivierungs-E-Mail angefordert. Bitte warte 3 Minuten und probiere es dann nochmal.
 has_unconfirmed_mail=Hallo %s, du hast eine unbestätigte E-Mail-Adresse (<b>%s</b>). Wenn du keine Bestätigungs-E-Mail erhalten hast oder eine neue senden möchtest, klicke bitte auf den folgenden Button.
 change_unconfirmed_mail_address=Wenn deine Registrierungs-E-Mail-Adresse falsch ist, kannst du sie hier ändern und eine neue Bestätigungs-E-Mail senden.
@@ -452,26 +428,22 @@ oauth_signup_submit=Konto vervollständigen
 oauth_signin_tab=Mit existierendem Konto verbinden
 oauth_signin_title=Anmelden um verbundenes Konto zu autorisieren
 oauth_signin_submit=Konto verbinden
+oauth.signin.error.general=Beim Verarbeiten der Autorisierungsanfrage ist ein Fehler aufgetreten: %s. Wenn dieser Fehler weiterhin besteht, wende dich bitte an den Administrator.
 oauth.signin.error.access_denied=Die Autorisierungsanfrage wurde abgelehnt.
 oauth.signin.error.temporarily_unavailable=Autorisierung fehlgeschlagen, da der Authentifizierungsserver vorübergehend nicht verfügbar ist. Bitte versuch es später erneut.
-oauth_callback_unable_auto_reg=Automatische Registrierung ist aktiviert, aber der OAuth2-Provider %[1]s hat fehlende Felder zurückgegeben: %[2]s, kann den Account nicht automatisch erstellen. Bitte erstelle oder verbinde einen Account oder kontaktieren den Administrator.
 openid_connect_submit=Verbinden
 openid_connect_title=Mit bestehendem Konto verbinden
 openid_connect_desc=Die gewählte OpenID-URI ist unbekannt. Ordne sie hier einem neuen Account zu.
 openid_register_title=Neues Konto einrichten
 openid_register_desc=Die gewählte OpenID-URI ist unbekannt. Ordne sie hier einem neuen Account zu.
 openid_signin_desc=Gib deine OpenID-URI ein, zum Beispiel alice.openid.example.org oder https://openid.example.org/alice.
-disable_forgot_password_mail=Die Kontowiederherstellung ist deaktiviert, da keine E-Mail eingerichtet ist. Bitte kontaktiere den zuständigen Administrator.
-disable_forgot_password_mail_admin=Die Kontowiederherstellung ist nur verfügbar, wenn eine E-Mail eingerichtet wurde. Bitte richte eine E-Mail Adresse ein, um die Kontowiederherstellung freizuschalten.
 email_domain_blacklisted=Du kannst dich nicht mit deiner E-Mail-Adresse registrieren.
 authorize_application=Anwendung autorisieren
 authorize_redirect_notice=Du wirst zu %s weitergeleitet, wenn du diese Anwendung autorisierst.
 authorize_application_created_by=Diese Anwendung wurde von %s erstellt.
-authorize_application_description=Wenn du diese Anwendung autorisierst, wird sie die Berechtigung erhalten, alle Informationen zu deinem Account zu bearbeiten oder zu lesen. Dies beinhaltet auch private Repositories und Organisationen.
 authorize_application_with_scopes=Mit Bereichen: %s
 authorize_title=`"%s" den Zugriff auf deinen Account gestatten?`
 authorization_failed=Autorisierung fehlgeschlagen
-authorization_failed_desc=Die Autorisierung ist fehlgeschlagen, da wir eine ungültige Anfrage erkannt haben. Bitte kontaktiere den Betreuer der App, die du zu autorisieren versucht hast.
 sspi_auth_failed=SSPI-Authentifizierung fehlgeschlagen
 password_pwned=Das von dir gewählte Passwort befindet sich auf einer <a target="_blank" rel="noopener noreferrer" href="%s">Liste gestohlener Passwörter</a>, die öffentlich verfügbar sind. Bitte versuche es erneut mit einem anderen Passwort und ziehe in Erwägung, auch anderswo deine Passwörter zu ändern.
 password_pwned_err=Anfrage an HaveIBeenPwned konnte nicht abgeschlossen werden
@@ -496,8 +468,6 @@ activate_email.text=Bitte klicke innerhalb von <b>%s</b> auf folgenden Link, um
 
 register_notify=Willkommen bei %s
 register_notify.title=%[1]s, willkommen bei %[2]s
-register_notify.text_1=dies ist deine Bestätigungs-E-Mail für %s!
-register_notify.text_2=Du kannst dich jetzt mit dem Benutzernamen "%s" anmelden.
 register_notify.text_3=Wenn dieser Account von dir erstellt wurde, musst du zuerst <a href="%s">dein Passwort setzen</a>.
 
 reset_password=Stelle dein Konto wieder her
@@ -535,7 +505,6 @@ release.download.targz=Quellcode (TAR.GZ Datei)
 repo.transfer.subject_to=%s möchte "%s" an %s übertragen
 repo.transfer.subject_to_you=%s möchte dir "%s" übertragen
 repo.transfer.to_you=dir
-repo.transfer.body=Um es anzunehmen oder abzulehnen, öffne %s, oder ignoriere es einfach.
 
 repo.collaborator.added.subject=%s hat dich zu %s hinzugefügt
 repo.collaborator.added.text=Du wurdest als Mitarbeiter für folgendes Repository hinzugefügt:
@@ -587,7 +556,6 @@ url_error=`"%s" ist keine gültige URL.`
 include_error=` muss den Text "%s" enthalten.`
 glob_pattern_error=` Der Glob Pattern ist ungültig: %s.`
 regex_pattern_error=` regex ist ungültig: %s.`
-username_error=` darf nur alphanumerische Zeichen ('0-9','a-z','A-Z'), Bindestriche ('-'), Unterstriche ('_') und Punkte ('.') enthalten. Es kann nicht mit nicht-alphanumerischen Zeichen beginnen oder enden und aufeinanderfolgende nicht-alphanumerische Zeichen sind ebenfalls verboten.`
 invalid_group_team_map_error=` Zuordnung ist ungültig: %s`
 unknown_error=Unbekannter Fehler:
 captcha_incorrect=Der eingegebene CAPTCHA-Code ist falsch.
@@ -602,17 +570,14 @@ username_has_not_been_changed=Benutzername wurde nicht geändert
 repo_name_been_taken=Der Repository-Name wird schon verwendet.
 repository_force_private=Privat erzwingen ist aktiviert: Private Repositories können nicht veröffentlicht werden.
 repository_files_already_exist=Dateien für dieses Repository sind bereits vorhanden. Kontaktiere den Systemadministrator.
-repository_files_already_exist.adopt=Dateien für dieses Repository existieren bereits und können nur übernommen werden.
 repository_files_already_exist.delete=Dateien für dieses Repository sind bereits vorhanden. Du must sie löschen.
 repository_files_already_exist.adopt_or_delete=Dateien für dieses Repository existieren bereits. Du musst sie entweder übernehmen oder löschen.
 visit_rate_limit=Das Rate-Limit bei der Gegenseite wurde erreicht.
-2fa_auth_required=Die Gegenseite benötigt Zweifaktorauthentifikation.
 org_name_been_taken=Der Organisationsname ist bereits vergeben.
 team_name_been_taken=Der Teamname ist bereits vergeben.
 team_no_units_error=Das Team muss auf mindestens einen Bereich Zugriff haben.
 email_been_used=Die E-Mail-Adresse wird bereits verwendet.
 email_invalid=Die E-Mail-Adresse ist ungültig.
-email_domain_is_not_allowed=Die Domain der Benutzer-E-Mail <b>%s</b> steht im Widerspruch zu EMAIL_DOMAIN_ALLOWLIST oder EMAIL_DOMAIN_BLOCKLIST. Bitte stelle sicher, dass deine Operation erwartet ist.
 openid_been_used=Die OpenID-Adresse "%s" wird bereits verwendet.
 username_password_incorrect=Benutzername oder Passwort ist falsch.
 password_complexity=Das Passwort erfüllt nicht die Komplexitätsanforderungen:
@@ -637,14 +602,8 @@ invalid_ssh_key=Dein SSH-Key kann nicht überprüft werden: %s
 invalid_gpg_key=Dein GPG-Key kann nicht überprüft werden: %s
 invalid_ssh_principal=Ungültige Identität: %s
 must_use_public_key=Der von Dir bereitgestellte Key ist ein privater Key. Bitte lade Deinen privaten Key nirgendwo hoch. Verwende stattdessen Deinen öffentlichen Key.
-unable_verify_ssh_key=Der SSH-Key kann nicht verifiziert werden, überprüfe ihn auf Fehler.
 auth_failed=Authentifizierung fehlgeschlagen: %v
 
-still_own_repo=Dein Konto besitzt ein oder mehrere Repositories. Diese müssen erst gelöscht oder übertragen werden.
-still_has_org=Dein Konto ist Mitglied einer oder mehrerer Organisationen, verlasse diese zuerst.
-still_own_packages=Dein Konto besitzt ein oder mehrere Pakete, lösche diese zuerst.
-org_still_own_repo=Diese Organisation besitzt noch ein oder mehrere Repositories. Diese müssen zuerst gelöscht oder übertragen werden.
-org_still_own_packages=Diese Organisation besitzt noch ein oder mehrere Pakete, lösche diese zuerst.
 
 target_branch_not_exist=Der Ziel-Branch existiert nicht.
 target_ref_not_exist=Zielreferenz existiert nicht %s
@@ -675,11 +634,9 @@ settings=Benutzereinstellungen
 
 form.name_reserved=Der Benutzername "%s" ist reserviert.
 form.name_pattern_not_allowed=Das Muster "%s" ist nicht in einem Benutzernamen erlaubt.
-form.name_chars_not_allowed=Benutzername "%s" enthält ungültige Zeichen.
 
 block.block=Sperren
 block.block.user=Benutzer sperren
-block.block.org=Benutzer für Organisation sperren
 block.block.failure=Fehler beim Sperren des Benutzers: %s
 block.unblock=Entsperren
 block.unblock.failure=Fehler beim Entsperren des Benutzers: %s
@@ -692,7 +649,6 @@ block.info_3=dir Benachrichtigungen durch @Erwähnung deines Benutzernamens send
 block.info_4=dich als Mitarbeiter in deren Repositories einladen
 block.info_5=Repositories favorisieren, forken oder beobachten
 block.info_6=Issues oder Pull Requests öffnen und kommentieren
-block.info_7=auf deine Kommentare in Issues oder Pull Requests reagieren
 block.user_to_block=Zu sperrender Benutzer
 block.note=Anmerkung
 block.note.title=Optionale Anmerkung:
@@ -723,7 +679,6 @@ webauthn=Zwei-Faktor-Authentifizierung (Hardware-Sicherheitsschlüssel)
 public_profile=Öffentliches Profil
 biography_placeholder=Erzähle uns ein wenig über Dich selbst! (Du kannst Markdown verwenden)
 location_placeholder=Teile Deinen ungefähren Standort mit anderen
-profile_desc=Lege fest, wie dein Profil anderen Benutzern angezeigt wird. Deine primäre E-Mail-Adresse wird für Benachrichtigungen, Passwort-Wiederherstellung und webbasierte Git-Operationen verwendet.
 password_username_disabled=Du bist nicht berechtigt, den Benutzernamen zu ändern. Bitte kontaktiere Deinen Seitenadministrator für weitere Details.
 password_full_name_disabled=Du bist nicht berechtigt, den vollständigen Namen zu ändern. Bitte kontaktiere Deinen Seitenadministrator für weitere Details.
 full_name=Vollständiger Name
@@ -743,7 +698,6 @@ cancel=Abbrechen
 language=Sprache
 ui=Theme
 hidden_comment_types=Ausgeblendeter Kommentartypen
-hidden_comment_types_description=Die hier markierten Kommentartypen werden nicht innerhalb der Issue-Seiten angezeigt. Beispielsweise entfernt das Markieren von "Label" alle "{user} hat {label} hinzugefügt/entfernt"-Kommentare.
 hidden_comment_types.ref_tooltip=Kommentare, in denen dieses Issue von einem anderen Issue/Commit referenziert wurde
 hidden_comment_types.issue_ref_tooltip=Kommentare, bei denen der Benutzer den Branch/Tag des Issues ändert
 comment_type_group_reference=Verweis auf Mitglieder
@@ -791,18 +745,14 @@ manage_themes=Standard-Theme auswählen
 manage_openid=OpenID-Adressen verwalten
 email_desc=Deine primäre E-Mail-Adresse wird für Benachrichtigungen, Passwort-Wiederherstellung und, sofern sie nicht versteckt ist, web-basierte Git-Operationen verwendet.
 theme_desc=Dies wird dein Standard-Theme auf der Seite sein.
-theme_colorblindness_help=Hilfe zum Theme für Farbenblinde
-theme_colorblindness_prompt=Gitea erhält aktuell einfache Unterstützung für Farbenblinde durch einige Themes, die nur wenige Farben definiert haben. Die Arbeit ist noch im Gange. Weitere Verbesserungen können durch die Definition von mehr Farben in den CSS-Theme-Dateien vorgenommen werden.
 primary=Primär
 activated=Aktiviert
 requires_activation=Erfordert Aktivierung
 primary_email=Als primäre E-Mail-Adresse verwenden
 activate_email=Aktivierung senden
 activations_pending=Aktivierung ausstehend
-can_not_add_email_activations_pending=Es gibt eine ausstehende Aktivierung, versuche es in ein paar Minuten erneut, wenn du eine neue E-Mail hinzufügen möchtest.
 delete_email=Löschen
 email_deletion=E-Mail-Adresse löschen
-email_deletion_desc=Die E-Mail-Adresse und die damit verbundenen Informationen werden von deinem Konto entfernt. Git-Commits von dieser E-Mail-Addresse bleiben unverändert. Fortfahren?
 email_deletion_success=Die E-Mail-Adresse wurde entfernt.
 theme_update_success=Deine Theme-Auswahl wurde gespeichert.
 theme_update_error=Das ausgewählte Theme existiert nicht.
@@ -845,7 +795,6 @@ gpg_key_matched_identities_long=Die eingebetteten Identitäten in diesem Schlüs
 gpg_key_verified=Verifizierter Schlüssel
 gpg_key_verified_long=Der Schlüssel wurde mit einem Token verifiziert. Er kann verwendet werden, um Commits zu verifizieren, die mit irgendeiner für diesen Nutzer aktivierten E-Mail-Adresse und irgendeiner Identität dieses Schlüssels übereinstimmen.
 gpg_key_verify=Verifizieren
-gpg_invalid_token_signature=Der GPG Key, die Signatur, und das Token stimmen nicht überein, oder das Token ist veraltet.
 gpg_token_required=Du musst eine Signatur für das folgende Token angeben
 gpg_token=Token
 gpg_token_help=Du kannst eine Signatur wie folgt generieren:
@@ -855,7 +804,6 @@ verify_gpg_key_success=GPG-Schlüssel "%s" wurde verifiziert.
 ssh_key_verified=Verifizierter Schlüssel
 ssh_key_verified_long=Der Schlüssel wurde mit einem Token verifiziert. Er kann verwendet werden, um Commits zu verifizieren, die mit irgendeiner für diesen Nutzer aktivierten E-Mail-Adresse und irgendeiner Identität dieses Schlüssels übereinstimmen.
 ssh_key_verify=Verifizieren
-ssh_invalid_token_signature=Der gegebene SSH-Schlüssel, Signatur oder Token stimmen nicht überein oder der Token ist veraltet.
 ssh_token_required=Du musst eine Signatur für den Token unten angeben
 ssh_token=Token
 ssh_token_help=Du kannst eine Signatur wie folgt generieren:
@@ -876,7 +824,6 @@ gpg_key_deletion=GPG-Schlüssel entfernen
 ssh_principal_deletion=SSH-Zertifik-Identität entfernen
 ssh_key_deletion_desc=Wenn du einen SSH-Key entfernst, hast du mit diesem Key keinen Zugriff mehr. Fortfahren?
 gpg_key_deletion_desc=Wenn du einen GPG-Schlüssel entfernst, können damit unterschriebene Commits nicht mehr verifiziert werden. Fortfahren?
-ssh_principal_deletion_desc=Das Entfernen einer SSH-Zertifikat-Identität entzieht den Zugriff auf dein Konto. Fortfahren?
 ssh_key_deletion_success=Der SSH-Schlüssel wurde entfernt.
 gpg_key_deletion_success=Der GPG-Schlüssel wurde entfernt.
 ssh_principal_deletion_success=Die Identität wurde entfernt.
@@ -920,6 +867,9 @@ permission_not_set=Nicht festgelegt
 permission_no_access=Kein Zugriff
 permission_read=Lesen
 permission_write=Lesen und Schreiben
+permission_anonymous_read=Anonymes Lesen
+permission_everyone_read=Alle lesen
+permission_everyone_write=Alle schreiben
 access_token_desc=Ausgewählte Token-Berechtigungen beschränken die Authentifizierung auf die entsprechenden <a %s>API</a>-Routen. Lies die <a %s>Dokumentation</a> für mehr Informationen.
 at_least_one_permission=Du musst mindestens eine Berechtigung auswählen, um ein Token zu erstellen
 permissions_list=Berechtigungen:
@@ -935,7 +885,6 @@ create_oauth2_application_button=Anwendung erstellen
 create_oauth2_application_success=Du hast erfolgreich eine neue OAuth2-Anwendung erstellt.
 update_oauth2_application_success=Du hast die OAuth2-Anwendung erfolgreich aktualisiert.
 oauth2_application_name=Name der Anwendung
-oauth2_confidential_client=Vertraulicher Client. Für Anwendungen aktivieren, die das Geheimnis sicher speichern, z. B. Webanwendungen. Wähle diese Option nicht für native Anwendungen für PCs und Mobilgeräte.
 oauth2_skip_secondary_authorization=Autorisierung für öffentliche Clients nach einmaliger Gewährung des Zugriffs überspringen. <strong>Dies kann ein Sicherheitsrisiko darstellen.</strong>
 oauth2_redirect_uris=URIs für die Weiterleitung. Bitte verwende eine neue Zeile für jede URI.
 save_application=Speichern
@@ -950,10 +899,8 @@ oauth2_application_remove_description=Das Entfernen einer OAuth2-Anwendung hat z
 oauth2_application_locked=Wenn es in der Konfiguration aktiviert ist, registriert Gitea einige OAuth2-Anwendungen beim Starten vor. Um unerwartetes Verhalten zu verhindern, können diese weder bearbeitet noch entfernt werden. Weitere Informationen findest Du in der OAuth2-Dokumentation.
 
 authorized_oauth2_applications=Autorisierte OAuth2-Anwendungen
-authorized_oauth2_applications_description=Den folgenden Drittanbieter-Apps hast Du Zugriff auf Deinen persönlichen Gitea-Account gewährt. Bitte widerrufe die Autorisierung für Apps, die Du nicht mehr nutzt.
 revoke_key=Widerrufen
 revoke_oauth2_grant=Autorisierung widerrufen
-revoke_oauth2_grant_description=Wenn du die Autorisierung widerrufst, kann die Anwendung nicht mehr auf deine Daten zugreifen. Bist du dir sicher?
 revoke_oauth2_grant_success=Zugriff erfolgreich widerrufen.
 
 twofa_desc=Um dein Konto vor Passwortdiebstahl zu schützen, kannst du ein Smartphone oder ein anderes Gerät verwenden, um zeitbasierte Einmalpasswörter ("TOTP") zu erhalten.
@@ -963,7 +910,6 @@ twofa_not_enrolled=Für dein Konto ist die Zwei-Faktor-Authentifizierung momenta
 twofa_disable=Zwei-Faktor-Authentifizierung deaktivieren
 twofa_scratch_token_regenerate=Einweg-Wiederherstellungsschlüssel neu generieren
 twofa_scratch_token_regenerated=Dein Einweg-Wiederherstellungsschlüssel ist jetzt %s. Speichere ihn an einem sicheren Ort, er wird nie wieder angezeigt.
-twofa_enroll=Zwei-Faktor-Authentifizierung aktivieren
 twofa_disable_note=Du kannst die Zwei-Faktor-Authentifizierung auch wieder deaktivieren.
 twofa_disable_desc=Wenn du die Zwei-Faktor-Authentifizierung deaktivierst, wird die Sicherheit deines Kontos verringert. Fortfahren?
 regenerate_scratch_token_desc=Wenn du deinen Wiederherstellungsschlüssel verlegt oder bereits benutzt hast, kannst du ihn hier zurücksetzen.
@@ -979,13 +925,11 @@ webauthn_desc=Sicherheitsschlüssel sind Geräte, die kryptografische Schlüssel
 webauthn_register_key=Sicherheitsschlüssel hinzufügen
 webauthn_nickname=Nickname
 webauthn_delete_key=Sicherheitsschlüssel entfernen
-webauthn_delete_key_desc=Wenn du einen Sicherheitsschlüssel entfernst, kannst du dich nicht mehr mit ihm anmelden. Fortfahren?
 webauthn_key_loss_warning=Wenn du deine Sicherheitsschlüssel verlierst, verlierst du den Zugriff auf dein Konto.
 webauthn_alternative_tip=Möglicherweise möchtest du eine zusätzliche Authentifizierungsmethode konfigurieren.
 
 manage_account_links=Verknüpfte Accounts verwalten
 manage_account_links_desc=Diese externen Accounts sind mit deinem Gitea-Account verknüpft.
-account_links_not_available=Es sind keine externen Accounts mit diesem Gitea-Account verknüpft.
 link_account=Account verbinden
 remove_account_link=Verknüpften Account entfernen
 remove_account_link_desc=Wenn du den verknüpften Account entfernst, wirst du darüber nicht mehr auf deinen Gitea-Account zugreifen können. Fortfahren?
@@ -1022,6 +966,7 @@ new_repo_helper=Ein Repository enthält alle Projektdateien, einschließlich des
 owner=Besitzer
 owner_helper=Einige Organisationen könnten in der Dropdown-Liste nicht angezeigt werden, da die Anzahl an Repositories begrenzt ist.
 repo_name=Repository-Name
+repo_name_helper=Ein guter Repository-Name besteht normalerweise aus kurzen, unvergesslichen und einzigartigen Schlagwörtern. Ein Repository namens ".profile" or ".profile-private" kann verwendet werden, um die README.md auf dem Benutzer- oder Organisationsprofil anzuzeigen.
 repo_size=Repository-Größe
 template=Template
 template_select=Vorlage auswählen
@@ -1042,7 +987,6 @@ fork_branch=Branch, der zum Fork geklont werden soll
 all_branches=Alle Branches
 view_all_branches=Alle Branches anzeigen
 view_all_tags=Alle Tags anzeigen
-fork_no_valid_owners=Dieses Repository kann nicht geforkt werden, da keine gültigen Besitzer vorhanden sind.
 fork.blocked_user=Das Repository kann nicht geforkt werden, da du vom Repository-Eigentümer blockiert wurdest.
 use_template=Dieses Template verwenden
 open_with_editor=Mit %s öffnen
@@ -1086,12 +1030,10 @@ mirror_sync=synchronisiert
 mirror_sync_on_commit=Synchronisieren, wenn Commits gepusht wurden
 mirror_address=Klonen via URL
 mirror_address_desc=Gib alle erforderlichen Anmeldedaten im Abschnitt "Authentifizierung" ein.
-mirror_address_url_invalid=Die angegebene URL ist ungültig. Achte darauf, alle URL-Komponenten korrekt zu maskieren.
 mirror_address_protocol_invalid=Die angegebene URL ist ungültig. Nur URLs beginnend mit http(s):// oder git:// sind möglich.
 mirror_lfs=Großdatei-Speicher (LFS)
 mirror_lfs_desc=Mirroring von LFS-Dateien aktivieren.
 mirror_lfs_endpoint=LFS-Endpunkt
-mirror_lfs_endpoint_desc=Sync wird versuchen, die Klon-URL zu verwenden, um <a target="_blank" rel="noopener noreferrer" href="%s">den LFS-Server zu bestimmen</a>. Du kannst auch einen eigenen Endpunkt angeben, wenn die LFS-Dateien woanders gespeichert werden.
 mirror_last_synced=Zuletzt synchronisiert
 mirror_password_placeholder=(unverändert)
 mirror_password_blank_placeholder=(Nicht gesetzt)
@@ -1104,7 +1046,6 @@ stars=Favoriten
 reactions_more=und %d weitere
 unit_disabled=Der Administrator hat diesen Repository-Bereich deaktiviert.
 language_other=Andere
-adopt_search=Geben einen Benutzernamen ein, um nach nicht angenommenen Repositories zu suchen... (leer lassen um alle zu finden)
 adopt_preexisting_label=Dateien übernehmen
 adopt_preexisting=Vorhandene Dateien übernehmen
 adopt_preexisting_content=Repository aus %s erstellen
@@ -1118,6 +1059,7 @@ blame.ignore_revs=Revisionen in <a href="%s">.git-blame-ignore-revs</a> werden i
 blame.ignore_revs.failed=Fehler beim Ignorieren der Revisionen in <a href="%s">.git-blame-ignore-revs</a>.
 user_search_tooltip=Zeigt maximal 30 Benutzer
 
+tree_path_not_found=Pfad %[1]s existiert nicht in %[2]s
 
 transfer.accept=Ãœbertragung Akzeptieren
 transfer.accept_desc=`Ãœbertragung nach "%s"`
@@ -1128,6 +1070,7 @@ transfer.no_permission_to_reject=Du hast keine Berechtigung, diesen Transfer abz
 
 desc.private=Privat
 desc.public=Öffentlich
+desc.public_access=Öffentlicher Zugriff
 desc.template=Template
 desc.internal=Intern
 desc.archived=Archiviert
@@ -1144,8 +1087,6 @@ template.issue_labels=Issue Label
 template.one_item=Es muss mindestens ein Template ausgewählt werden
 template.invalid=Es muss ein Template-Repository ausgewählt werden
 
-archive.title=Dieses Repository ist archiviert. Du kannst Dateien ansehen und es klonen, kannst aber nicht pushen oder Issues/Pull-Requests öffnen.
-archive.title_date=Dieses Repository wurde am %s archiviert. Du kannst Dateien ansehen und es klonen, aber nicht pushen oder Issues/Pull-Requests öffnen.
 archive.issue.nocomment=Dieses Repo ist archiviert. Du kannst Issues nicht kommentieren.
 archive.pull.nocomment=Dieses Repo ist archiviert. Du kannst Pull-Requests nicht kommentieren.
 
@@ -1162,7 +1103,6 @@ migrate_options_lfs=LFS-Dateien migrieren
 migrate_options_lfs_endpoint.label=LFS-Endpunkt
 migrate_options_lfs_endpoint.description=Migration wird versuchen, über den entfernten Git-Server <a target="_blank" rel="noopener noreferrer" href="%s">den LFS-Server zu bestimmen</a>. Du kannst auch einen eigenen Endpunkt angeben, wenn die LFS-Dateien woanders gespeichert werden.
 migrate_options_lfs_endpoint.description.local=Ein lokaler Serverpfad wird ebenfalls unterstützt.
-migrate_options_lfs_endpoint.placeholder=Wenn leer gelassen, wird der Endpunkt von der Clone-URL abgeleitet
 migrate_items=Migrationselemente
 migrate_items_wiki=Wiki
 migrate_items_milestones=Meilensteine
@@ -1174,10 +1114,8 @@ migrate_items_releases=Releases
 migrate_repo=Repository migrieren
 migrate.clone_address=Migrations- / Klon-URL
 migrate.clone_address_desc=Die HTTP(S)- oder „git clone“-URL eines bereits existierenden Repositories
-migrate.github_token_desc=Du kannst hier ein oder mehrere Token durch Komma getrennt eintippen, um die Migration aufgrund der Github API Ratenlimitierung zu beschleunigen. WARNUNG: Der Missbrauch dieser Funktion kann gegen die Richtlinien des Diensteanbieters verstoßen und zur Kontosperrung führen.
 migrate.clone_local_path=oder ein lokaler Serverpfad
 migrate.permission_denied=Du hast keine Berechtigung zum Importieren lokaler Repositories.
-migrate.permission_denied_blocked=Du kannst von keinen nicht erlaubten Hosts importieren. Bitte fragen deinen Administrator, die Einstellungen ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS zu überprüfen.
 migrate.invalid_local_path=Der lokale Pfad ist ungültig. Er existiert nicht oder ist kein Verzeichnis.
 migrate.invalid_lfs_endpoint=Ungültiger LFS Endpunkt.
 migrate.failed=Fehler bei der Migration: %v
@@ -1185,7 +1123,6 @@ migrate.migrate_items_options=Zugangs-Token wird benötigt, um zusätzliche Elem
 migrated_from=Migriert von <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migriert von %[1]s
 migrate.migrate=Migrieren von %s
-migrate.migrating=Migriere von <b>%s</b> ...
 migrate.migrating_failed=Migrieren von <b>%s</b> fehlgeschlagen.
 migrate.migrating_failed.error=Migration fehlgeschlagen: %s
 migrate.migrating_failed_no_addr=Migration fehlgeschlagen.
@@ -1233,7 +1170,6 @@ clone_this_repo=Dieses Repository klonen
 cite_this_repo=Dieses Repository zitieren
 create_new_repo_command=Erstelle ein neues Repository von der Kommandozeile aus
 push_exist_repo=Bestehendes Repository via Kommandozeile pushen
-empty_message=Dieses Repository hat keinen Inhalt.
 broken_message=Die Git-Daten, die diesem Repository zugrunde liegen, können nicht gelesen werden. Kontaktiere den Administrator deiner Instanz oder lösche dieses Repository.
 
 code=Code
@@ -1251,7 +1187,6 @@ projects=Projekte
 packages=Pakete
 actions=Actions
 labels=Label
-org_labels_desc=Labels der Organisationsebene, die mit <strong>allen Repositories</strong> in dieser Organisation verwendet werden können
 org_labels_desc_manage=verwalten
 
 milestone=Meilenstein
@@ -1288,7 +1223,6 @@ file_copy_permalink=Permalink kopieren
 view_git_blame=Git Blame ansehen
 video_not_supported_in_browser=Dein Browser unterstützt das HTML5 'video'-Tag nicht.
 audio_not_supported_in_browser=Dein Browser unterstützt den HTML5 'audio'-Tag nicht.
-stored_lfs=Gespeichert mit Git LFS
 symbolic_link=Softlink
 executable_file=Ausführbare Datei
 vendored=Vendor
@@ -1334,7 +1268,6 @@ editor.update=%s aktualisiert
 editor.delete=%s gelöscht
 editor.patch=Patch anwenden
 editor.patching=Patche:
-editor.fail_to_apply_patch=Patch "%s" nicht anwendbar
 editor.new_patch=Neuer Patch
 editor.commit_message_desc=Eine ausführlichere (optionale) Beschreibung hinzufügen…
 editor.signoff_desc=Am Ende der Commit Nachricht einen Signed-off-by Anhang vom Committer hinzufügen.
@@ -1350,19 +1283,13 @@ editor.filename_is_invalid=Ungültiger Dateiname: "%s".
 editor.branch_does_not_exist=Branch "%s" existiert nicht in diesem Repository.
 editor.branch_already_exists=Branch "%s" existiert bereits in diesem Repository.
 editor.directory_is_a_file=Der Verzeichnisname "%s" wird bereits als Dateiname in diesem Repository verwendet.
-editor.file_is_a_symlink=`"%s" ist ein symbolischer Link. Symbolische Links können mit dem Web-Editor nicht bearbeitet werden`
 editor.filename_is_a_directory=Der Dateiname "%s" wird bereits als Verzeichnisname in diesem Repository verwendet.
-editor.file_editing_no_longer_exists=Die bearbeitete Datei "%s" existiert nicht mehr in diesem Repository.
-editor.file_deleting_no_longer_exists=Die zu löschende Datei "%s" existiert nicht mehr in diesem Repository.
 editor.file_changed_while_editing=Der Inhalt der Datei hat sich seit dem Beginn der Bearbeitung geändert. <a target="_blank" rel="noopener noreferrer" href="%s">Hier klicken</a>, um die Änderungen anzusehen, oder <strong>Änderungen erneut comitten</strong>, um sie zu überschreiben.
 editor.file_already_exists=Eine Datei mit dem Namen '%s' existiert bereits in diesem Repository.
-editor.commit_id_not_matching=Die Commit-ID stimmt nicht mit der ID überein, bei welcher du mit der Bearbeitung begonnen hast. Commite in einen Patch-Branch und merge daraufhin.
 editor.push_out_of_date=Der Push scheint veraltet zu sein.
 editor.commit_empty_file_header=Leere Datei committen
 editor.commit_empty_file_text=Die Datei, die du commiten willst, ist leer. Fortfahren?
 editor.no_changes_to_show=Keine Änderungen vorhanden.
-editor.fail_to_update_file=Fehler beim Aktualisieren/Erstellen der Datei "%s".
-editor.fail_to_update_file_summary=Fehlermeldung:
 editor.push_rejected_no_message=Die Änderung wurde vom Server ohne Nachricht abgelehnt. Bitte überprüfe die Git Hooks.
 editor.push_rejected=Die Änderung wurde vom Server abgelehnt. Bitte überprüfe die Git Hooks.
 editor.push_rejected_summary=Vollständige Ablehnungsmeldung:
@@ -1377,6 +1304,7 @@ editor.require_signed_commit=Branch erfordert einen signierten Commit
 editor.cherry_pick=Cherry-Picke %s von:
 editor.revert=%s zurücksetzen auf:
 
+
 commits.desc=Durchsuche die Quellcode-Änderungshistorie.
 commits.commits=Commits
 commits.no_commits=Keine gemeinsamen Commits. "%s" und "%s" haben vollständig unterschiedliche Historien.
@@ -1395,6 +1323,7 @@ commits.signed_by_untrusted_user_unmatched=Signiert von nicht vertrauenswürdige
 commits.gpg_key_id=GPG-Schlüssel-ID
 commits.ssh_key_fingerprint=SSH-Key-Fingerabdruck
 commits.view_path=An diesem Punkt im Verlauf anzeigen
+commits.view_file_diff=Änderungen an dieser Datei in diesem Commit anzeigen
 
 commit.operations=Operationen
 commit.revert=Zurücksetzen
@@ -1455,6 +1384,8 @@ issues.filter_milestones=Meilenstein filtern
 issues.filter_projects=Projekt filtern
 issues.filter_labels=Label filtern
 issues.filter_reviewers=Reviewer filtern
+issues.filter_no_results=Keine Ergebnisse
+issues.filter_no_results_placeholder=Versuche, deine Suchfilter anzupassen.
 issues.new=Neues Issue
 issues.new.title_empty=Der Titel kann nicht leer sein
 issues.new.labels=Label
@@ -1474,7 +1405,6 @@ issues.new.clear_assignees=Zuständige entfernen
 issues.new.no_assignees=Niemand zuständig
 issues.new.no_reviewers=Keine Reviewer
 issues.new.blocked_user=Das Issue kann nicht erstellt werden, da du vom Repository-Eigentümer blockiert wurdest.
-issues.edit.already_changed=Änderungen zum Issue konnten nicht gespeichert werden. Es scheint, dass der Inhalt bereits von einem anderen Benutzer geändert wurde. Bitte aktualisiere die Seite und bearbeite diese erneut, um zu verhindern, dass die Änderungen des anderen Benutzers überschrieben werden
 issues.edit.blocked_user=Der Inhalt kann nicht bearbeitet werden, da du vom Repository-Eigentümer blockiert wurdest.
 issues.choose.get_started=Los geht's
 issues.choose.open_external_link=Öffnen
@@ -1530,12 +1460,14 @@ issues.filter_project=Projekt
 issues.filter_project_all=Alle Projekte
 issues.filter_project_none=Kein Projekt
 issues.filter_assignee=Zuständig
-issues.filter_assginee_no_assignee=Niemand zuständig
+issues.filter_assignee_no_assignee=Niemandem zugewiesen
+issues.filter_assignee_any_assignee=Jemandem zugewiesen
 issues.filter_poster=Autor
 issues.filter_user_placeholder=Benutzer suchen
 issues.filter_user_no_select=Alle Benutzer
 issues.filter_type=Typ
 issues.filter_type.all_issues=Alle Issues
+issues.filter_type.all_pull_requests=Alle Pull-Requests
 issues.filter_type.assigned_to_you=Dir zugewiesen
 issues.filter_type.created_by_you=Von dir erstellt
 issues.filter_type.mentioning_you=Hat dich erwähnt
@@ -1544,7 +1476,6 @@ issues.filter_type.reviewed_by_you=Bewertet von dir
 issues.filter_sort=Sortieren
 issues.filter_sort.latest=Neueste
 issues.filter_sort.oldest=Älteste
-issues.filter_sort.recentupdate=Kürzlich aktualisiert
 issues.filter_sort.leastupdate=Am Längsten nicht aktualisiert
 issues.filter_sort.mostcomment=Am meisten kommentiert
 issues.filter_sort.leastcomment=Am wenigsten kommentiert
@@ -1627,12 +1558,15 @@ issues.save=Speichern
 issues.label_title=Labelname
 issues.label_description=Labelbeschreibung
 issues.label_color=Labelfarbe
+issues.label_color_invalid=Ungültige Farbe
 issues.label_exclusive=Exklusiv
 issues.label_archive=Label archivieren
 issues.label_archived_filter=Archivierte Labels anzeigen
 issues.label_archive_tooltip=Archivierte Labels werden bei der Suche nach Label standardmäßig von den Vorschlägen ausgeschlossen.
 issues.label_exclusive_desc=Nenne das Label <code>Bereich/Element</code> um es gegenseitig ausschließend mit anderen <code>Bereich/</code> Labels zu machen.
 issues.label_exclusive_warning=Alle im Konflikt stehenden Labels werden beim Bearbeiten der Labels eines Issues oder eines Pull-Requests entfernt.
+issues.label_exclusive_order=Sortierreihenfolge
+issues.label_exclusive_order_tooltip=Exklusive Labels im gleichen Bereich werden nach dieser numerischen Reihenfolge sortiert.
 issues.label_count=%d Label
 issues.label_open_issues=%d offene Issues
 issues.label_edit=Bearbeiten
@@ -1656,7 +1590,6 @@ issues.pin_comment=hat das %s angeheftet
 issues.unpin_comment=hat das %s abgeheftet
 issues.lock=Diskussion sperren
 issues.unlock=Diskussion entsperren
-issues.lock.unknown_reason=Es ist nicht möglich, einen Issue mit unbekanntem Grund zu sperren.
 issues.lock_duplicate=Eine Diskussion kann nicht mehrfach gesperrt werden.
 issues.unlock_error=Es ist nicht möglich, einen nicht gesperrten Issue zu entsperren.
 issues.lock_with_reason=gesperrt als <strong>%s</strong> und Diskussion auf Mitarbeiter beschränkt %s
@@ -1664,7 +1597,6 @@ issues.lock_no_reason=gesperrt und Diskussion auf Mitarbeiter beschränkt %s
 issues.unlock_comment=hat diese Diskussion %s entsperrt
 issues.lock_confirm=Sperren
 issues.unlock_confirm=Entsperren
-issues.lock.notice_1=- Andere Nutzer können keine neuen Kommentare beisteuern.
 issues.lock.notice_2=- Du und andere Mitarbeiter mit Zugriff auf dieses Repository können weiterhin für andere sichtbare Kommentare hinterlassen.
 issues.lock.notice_3=- Du kannst die Diskussion jederzeit wieder entsperren.
 issues.unlock.notice_1=- Jeder wird wieder in der Lage sein, zu diesem Issue zu kommentieren.
@@ -1685,14 +1617,18 @@ issues.timetracker_timer_manually_add=Zeit hinzufügen
 
 issues.time_estimate_set=Geschätzte Zeit festlegen
 issues.time_estimate_display=Schätzung: %s
+issues.change_time_estimate_at=Zeitschätzung geändert zu <b>%[1]s</b> %[2]s
 issues.remove_time_estimate_at=Zeitschätzung %s entfernt
 issues.time_estimate_invalid=Format der Zeitschätzung ist ungültig
 issues.start_tracking_history=hat die Zeiterfassung %s gestartet
 issues.tracker_auto_close=Der Timer wird automatisch gestoppt, wenn dieser Issue geschlossen wird
 issues.tracking_already_started=`Du hast die Zeiterfassung bereits in <a href="%s">diesem Issue</a> gestartet!`
+issues.stop_tracking=Timer stoppen
+issues.stop_tracking_history=hat für <b>%[1]s</b> %[2]s gearbeitet
 issues.cancel_tracking=Verwerfen
 issues.cancel_tracking_history=`hat die Zeiterfassung %s abgebrochen`
 issues.del_time=Diese Zeiterfassung löschen
+issues.add_time_history=hat <b>%[1]s</b> %[2]s gearbeitete Zeit hinzugefügt
 issues.del_time_history=`hat %s gearbeitete Zeit gelöscht`
 issues.add_time_manually=Zeit manuell hinzufügen
 issues.add_time_hours=Stunden
@@ -1713,7 +1649,6 @@ issues.due_date_form=JJJJ-MM-TT
 issues.due_date_form_add=Fälligkeitsdatum hinzufügen
 issues.due_date_form_edit=Bearbeiten
 issues.due_date_form_remove=Entfernen
-issues.due_date_not_writer=Du musst Schreibrechte für dieses Repository haben, um das Fälligkeitsdatum zu ändern.
 issues.due_date_not_set=Kein Fälligkeitsdatum gesetzt.
 issues.due_date_added=hat %[2]s das Fälligkeitsdatum %[1]s hinzugefügt
 issues.due_date_modified=ändert das Abgabedatum von %[2]s auf %[1]s %[3]s s
@@ -1736,9 +1671,7 @@ issues.dependency.pr_closing_blockedby=Das Schließen dieses Pull-Requests wird
 issues.dependency.issue_closing_blockedby=Das Schließen dieses Issues wird von den folgenden Issues blockiert
 issues.dependency.issue_close_blocks=Dieses Issue blockiert die Schließung der folgenden Issues
 issues.dependency.pr_close_blocks=Dieser Pull-Request blockiert die Schließung der folgenden Issues
-issues.dependency.issue_close_blocked=Du musst alle Issues, die dieses Issue blockieren, schließen, bevor du es schließen kannst.
 issues.dependency.issue_batch_close_blocked=Das Schließen der ausgewählten Issues ist nicht möglich, da das Issue #%d noch offene Abhängigkeiten hat
-issues.dependency.pr_close_blocked=Du musst alle Issues, die diesen Pull-Request blockieren, schließen, bevor du ihn mergen kannst.
 issues.dependency.blocks_short=Blockiert
 issues.dependency.blocked_by_short=Abhängig von
 issues.dependency.remove_header=Abhängigkeit löschen
@@ -1749,13 +1682,11 @@ issues.dependency.add_error_same_issue=Du kannst ein Issue nicht von sich selbst
 issues.dependency.add_error_dep_issue_not_exist=Abhängiges Issue existiert nicht.
 issues.dependency.add_error_dep_not_exist=Abhängigkeit existiert nicht.
 issues.dependency.add_error_dep_exists=Abhängigkeit existiert bereits.
-issues.dependency.add_error_cannot_create_circular=Du kannst keine Abhängigkeit erstellen, bei welcher sich zwei Issues gegenseitig blockieren.
 issues.dependency.add_error_dep_not_same_repo=Beide Issues müssen sich im selben Repository befinden.
 issues.review.self.approval=Du kannst nicht dein eigenen Pull-Request genehmigen.
 issues.review.self.rejection=Du kannst keine Änderungen an deinem eigenen Pull-Request anfragen.
 issues.review.approve=hat die Änderungen %s genehmigt
 issues.review.comment=hat %s überprüft
-issues.review.dismissed=verwarf %ss Review %s
 issues.review.dismissed_label=Verworfen
 issues.review.left_comment=hat einen Kommentar hinterlassen
 issues.review.content.empty=Du musst einen Kommentar hinterlassen, der die gewünschte(n) Änderung(en) beschreibt.
@@ -1763,7 +1694,6 @@ issues.review.reject=hat %s Änderungen angefragt
 issues.review.wait=wurde für ein Review %s angefragt
 issues.review.add_review_request=hat ein Review von %s %s angefragt
 issues.review.remove_review_request=hat die Aufforderung zum Review an %s %s entfernt
-issues.review.remove_review_request_self=hat das Review verweigert %s
 issues.review.pending=Ausstehend
 issues.review.pending.tooltip=Dieser Kommentar ist derzeit nicht für andere Benutzer sichtbar. Um deine ausstehenden Kommentare einzureichen, wähle "%s" -> "%s/%s/%s" oben auf der Seite.
 issues.review.review=Review
@@ -1785,7 +1715,6 @@ issues.review.requested=Prüfung ausstehend
 issues.review.rejected=Änderungen angefordert
 issues.review.stale=Aktualisiert seit der Genehmigung
 issues.review.unofficial=Ungezählte Genehmigung
-issues.assignee.error=Aufgrund eines unerwarteten Fehlers konnten nicht alle Beauftragten hinzugefügt werden.
 issues.reference_issue.body=Beschreibung
 issues.content_history.deleted=gelöscht
 issues.content_history.edited=bearbeitet
@@ -1802,7 +1731,6 @@ pulls.desc=Pull-Requests und Code-Reviews aktivieren.
 pulls.new=Neuer Pull-Request
 pulls.new.blocked_user=Der Pull Request kann nicht erstellt werden, da du vom Repository-Eigentümer blockiert wurdest.
 pulls.new.must_collaborator=Du musst Mitarbeiter sein, um Pull-Requests zu erstellen.
-pulls.edit.already_changed=Änderungen zum Pull-Request konnten nicht gespeichert werden. Es scheint, dass der Inhalt bereits von einem anderen Benutzer geändert wurde. Bitte aktualisieren die Seite und bearbeite diesen erneut, um zu verhindern, dass die Änderungen des anderen Benutzers überschrieben werden
 pulls.view=Pull-Request ansehen
 pulls.compare_changes=Neuer Pull-Request
 pulls.allow_edits_from_maintainers=Änderungen von Maintainern erlauben
@@ -1823,11 +1751,9 @@ pulls.show_all_commits=Alle Commits anzeigen
 pulls.show_changes_since_your_last_review=Zeige Änderungen seit deinem letzten Review
 pulls.showing_only_single_commit=Nur Änderungen aus Commit %[1]s werden angezeigt
 pulls.showing_specified_commit_range=Zeige nur die Änderungen zwischen %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Commit auswählen. Halte Shift + klicke, um eine Reihe auszuwählen
 pulls.review_only_possible_for_full_diff=Ein Review ist nur möglich, wenn das vollständige Diff angezeigt wird
 pulls.filter_changes_by_commit=Nach Commit filtern
 pulls.nothing_to_compare=Diese Branches sind identisch. Es muss kein Pull-Request erstellt werden.
-pulls.nothing_to_compare_have_tag=Der ausgewählte Branch und Tag sind gleich.
 pulls.nothing_to_compare_and_allow_empty_pr=Diese Branches sind gleich. Der Pull-Request wird leer sein.
 pulls.has_pull_request=`Es existiert bereits ein Pull-Request zwischen diesen beiden Branches: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=Pull-Request erstellen
@@ -1852,7 +1778,6 @@ pulls.add_prefix=<strong>%s</strong> Präfix hinzufügen
 pulls.remove_prefix=<strong>%s</strong> Präfix entfernen
 pulls.data_broken=Dieser Pull-Requests ist kaputt, da Fork-Informationen gelöscht wurden.
 pulls.files_conflicted=Dieser Pull-Request hat Änderungen, die im Widerspruch zum Ziel-Branch stehen.
-pulls.is_checking=Die Konfliktprüfung läuft noch. Bitte aktualisiere die Seite in wenigen Augenblicken.
 pulls.is_ancestor=Dieser Branch ist bereits im Zielbranch enthalten. Es gibt nichts zu mergen.
 pulls.is_empty=Die Änderungen an diesem Branch sind bereits auf dem Zielbranch. Dies wird ein leerer Commit sein.
 pulls.required_status_check_failed=Einige erforderliche Prüfungen waren nicht erfolgreich.
@@ -1876,16 +1801,12 @@ pulls.reject_count_1=%d Änderungsanfrage
 pulls.reject_count_n=%d Änderungsanfragen
 pulls.waiting_count_1=%d wartendes Review
 pulls.waiting_count_n=%d wartende Reviews
-pulls.wrong_commit_id=die Commit ID muss eine Commit ID auf dem Zielbranch sein
 
 pulls.no_merge_desc=Dieser Pull-Request kann nicht gemerged werden, da keine Mergeoptionen aktiviert sind.
 pulls.no_merge_helper=Aktiviere Mergeoptionen in den Repositoryeinstellungen oder merge den Pull-Request manuell.
 pulls.no_merge_wip=Dieser Pull Request kann nicht gemergt werden, da er als Work In Progress gekennzeichnet ist.
-pulls.no_merge_not_ready=Dieser Pull-Request kann nicht gemergt werden, überprüfe den Reviewstatus und die Statusprüfungen.
 pulls.no_merge_access=Du bist nicht berechtigt, diesen Pull-Request zu mergen.
 pulls.merge_pull_request=Merge Commit erstellen
-pulls.rebase_merge_pull_request=Rebasen und dann fast-forwarden
-pulls.rebase_merge_commit_pull_request=Rebasen und dann mergen
 pulls.squash_merge_pull_request=Squash Commit erstellen
 pulls.fast_forward_only_merge_pull_request=Nur Fast-forward
 pulls.merge_manually=Manuell mergen
@@ -1893,17 +1814,10 @@ pulls.merge_commit_id=Der Mergecommit ID
 pulls.require_signed_wont_sign=Der Branch erfordert einen signierten Commit, aber dieser Merge wird nicht signiert
 
 pulls.invalid_merge_option=Du kannst diese Mergeoption auf diesen Pull-Request nicht anwenden.
-pulls.merge_conflict=Merge fehlgeschlagen: Beim Mergen gab es einen Konflikt. Hinweis: Probiere eine andere Strategie
 pulls.merge_conflict_summary=Fehlermeldung
-pulls.rebase_conflict=Merge fehlgeschlagen: Es gab einen Konflikt beim Rebasen des Commits: %[1]s. Hinweis: Versuche eine andere Strategie
 pulls.rebase_conflict_summary=Fehlermeldung
-pulls.unrelated_histories=Merge fehlgeschlagen: Der Head des Merges und die Basis haben keinen gemeinsamen Verlauf. Hinweis: Versuche eine andere Strategie
-pulls.merge_out_of_date=Merge fehlgeschlagen: Während des Mergens wurde die Basis aktualisiert. Hinweis: Versuche es erneut.
-pulls.head_out_of_date=Mergen fehlgeschlagen: Der Head wurde aktualisiert während der Merge erstellt wurde. Tipp: Versuche es erneut.
-pulls.has_merged=Fehler: Der Pull-Request wurde gemerged, du kannst den Zielbranch nicht wieder mergen oder ändern.
 pulls.push_rejected=Push fehlgeschlagen: Der Push wurde abgelehnt. Überprüfe die Git Hooks für dieses Repository.
 pulls.push_rejected_summary=Vollständige Ablehnungsmeldung
-pulls.push_rejected_no_message=Push fehlgeschlagen: Der Push wurde abgelehnt, aber es gab keine Fehlermeldung. Überprüfe die Git Hooks für dieses Repository
 pulls.open_unmerged_pull_exists=`Du kannst diesen Pull-Request nicht erneut öffnen, da noch ein anderer (#%d) mit identischen Eigenschaften offen ist.`
 pulls.status_checking=Einige Prüfungen sind noch ausstehend
 pulls.status_checks_success=Alle Prüfungen waren erfolgreich
@@ -1922,13 +1836,12 @@ pulls.outdated_with_base_branch=Dieser Branch enthält nicht die neusten Commits
 pulls.close=Pull-Request schließen
 pulls.closed_at=`hat diesen Pull-Request <a id="%[1]s" href="#%[1]s">%[2]s</a> geschlossen`
 pulls.reopened_at=`hat diesen Pull-Request <a id="%[1]s" href="#%[1]s">%[2]s</a> wieder geöffnet`
+pulls.cmd_instruction_hint=Zeige Kommandozeilenanweisungen
 pulls.cmd_instruction_checkout_title=Checkout
 pulls.cmd_instruction_checkout_desc=Wechsle auf einen neuen Branch in deinem lokalen Repository und teste die Änderungen.
 pulls.cmd_instruction_merge_title=Mergen
 pulls.cmd_instruction_merge_desc=Die Änderungen mergen und auf Gitea aktualisieren.
-pulls.cmd_instruction_merge_warning=Warnung: Dieser Vorgang kann den Pull-Request nicht mergen, da "manueller Merge" nicht aktiviert wurde
 pulls.clear_merge_message=Merge-Nachricht löschen
-pulls.clear_merge_message_hint=Das Löschen der Merge-Nachricht wird nur den Inhalt der Commit-Nachricht entfernen und generierte Git-Trailer wie "Co-Authored-By …" erhalten.
 
 pulls.auto_merge_button_when_succeed=(Wenn die Checks erfolgreich sind)
 pulls.auto_merge_when_succeed=Automergen, sobald alle Checks erfüllt sind
@@ -1950,6 +1863,7 @@ pulls.upstream_diverging_prompt_behind_1=Dieser Branch ist %[1]d Commit hinter %
 pulls.upstream_diverging_prompt_behind_n=Dieser Branch ist %[1]d Commits hinter %[2]s
 pulls.upstream_diverging_prompt_base_newer=Der Basis-Branch %s hat neue Änderungen
 pulls.upstream_diverging_merge=Fork synchronisieren
+pulls.upstream_diverging_merge_confirm=Möchtest du „%[1]s“ in „%[2]s“ mergen?
 
 pull.deleted_branch=(gelöscht):%s
 pull.agit_documentation=Dokumentation zu AGit durchschauen
@@ -1988,12 +1902,10 @@ milestones.filter_sort.most_issues=Meiste Issues
 milestones.filter_sort.least_issues=Wenigste Issues
 
 signing.will_sign=Dieser Commit wird mit dem Key "%s" signiert werden.
-signing.wont_sign.error=Es gab einen Fehler bei der Prüfung, ob der Commit signiert werden kann.
 signing.wont_sign.nokey=Es ist kein Schlüssel zum Signieren dieses Commits verfügbar.
 signing.wont_sign.never=Commits werden nie signiert.
 signing.wont_sign.always=Commits werden immer signiert.
 signing.wont_sign.pubkey=Der Commit wird nicht signiert, da du keinen öffentlichen Schlüssel mit deinem Account verknüpft hast.
-signing.wont_sign.twofa=Du musst Zwei-Faktor-Authentifizierung aktivieren, damit Commits signiert werden.
 signing.wont_sign.parentsigned=Der Commit wird nicht signiert werden, da der vorherige Commit nicht signiert ist.
 signing.wont_sign.basesigned=Der Merge Commit wird nicht signiert werden, da der Basis-Commit nicht signiert ist.
 signing.wont_sign.headsigned=Der Merge Commit wird nicht signiert werden, da der Head-Commit nicht signiert ist.
@@ -2079,7 +1991,6 @@ activity.title.releases_1=%d Release
 activity.title.releases_n=%d Releases
 activity.title.releases_published_by=%s von %s veröffentlicht
 activity.published_release_label=Veröffentlicht
-activity.no_git_activity=In diesem Zeitraum sind keine Commit-Aktivität vorhanden.
 activity.git_stats_exclude_merges=Merges ausgenommen,
 activity.git_stats_author_1=%d Autor
 activity.git_stats_author_n=%d Autoren
@@ -2107,8 +2018,12 @@ contributors.contribution_type.additions=Ergänzungen
 contributors.contribution_type.deletions=Löschungen
 
 settings=Einstellungen
-settings.desc=In den Einstellungen kannst du die Einstellungen des Repositories anpassen
 settings.options=Repository
+settings.public_access=Öffentlicher Zugriff
+settings.public_access_desc=Konfiguriere die Zugriffsrechte öffentlicher Besucher, um die Standardwerte dieses Repositorys zu überschreiben.
+settings.public_access.docs.not_set=Nicht gesetzt: keine zusätzliche öffentliche Zugriffsberechtigung. Die Berechtigung der Besucher folgt den Sichtbarkeits- und Mitgliedsberechtigungen des Repositorys.
+settings.public_access.docs.anonymous_read=Anonymes Lesen: Nicht angemeldete Benutzer können mit Leseberechtigung auf die Einheit zugreifen.
+settings.public_access.docs.everyone_write=Alle Schreiben: Alle angemeldeten Benutzer haben Schreibrechte auf die Einheit. Nur die Wiki-Einheit unterstützt diese Berechtigung.
 settings.collaboration=Mitarbeiter
 settings.collaboration.admin=Administrator
 settings.collaboration.write=Schreibrechte
@@ -2124,7 +2039,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Richte Dein Proj
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Richte Dein Repository so ein, dass es automatisch Commits, Tags und Branches aus einem anderen Repository pullen kann.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Im Moment ist dies nur im Menü "Neue Migration" möglich. Für weitere Informationen konsultiere bitte:
 settings.mirror_settings.docs.disabled_push_mirror.info=Push-Mirrors wurden von Ihrem Administrator deaktiviert.
-settings.mirror_settings.docs.no_new_mirrors=Dein Repository spiegelt Änderungen von oder zu einem anderen Repository. Bitte beachte, dass du gerade keine neuen Mirror anlegen kannst.
 settings.mirror_settings.docs.can_still_use=Obwohl du existierende Mirrors gerade nicht bearbeiten oder neu anlegen kannst, sind bestehende Mirrors weiterhin nutzbar.
 settings.mirror_settings.docs.pull_mirror_instructions=Um einen Pull-Mirror einzurichten, konsultiere bitte:
 settings.mirror_settings.docs.more_information_if_disabled=Hier kannst du mehr über Push- und Pull-Mirrors erfahren:
@@ -2199,7 +2113,6 @@ settings.admin_indexer_commit_sha=Zuletzt indexierter SHA
 settings.admin_indexer_unindexed=Unindiziert
 settings.reindex_button=Zur Warteschlange für erneutes Indexieren hinzufügen
 settings.reindex_requested=Erneutes Indexieren angefordert
-settings.admin_enable_close_issues_via_commit_in_any_branch=Einen Issue mit einem Commit auf einem nicht-Standard-Branch schließen
 settings.danger_zone=Gefahrenzone
 settings.new_owner_has_same_repo=Der neue Eigentümer hat bereits ein Repository mit dem gleichen Namen. Bitte wähle einen anderen Namen.
 settings.convert=In ein normales Repository umwandeln
@@ -2221,7 +2134,6 @@ settings.transfer_abort_invalid=Du kannst nur eingeleitete Repository-Ãœbertragu
 settings.transfer_abort_success=Die Repository-Ãœbertragung zu %s wurde abgebrochen.
 settings.transfer_desc=Ãœbertrage dieses Repository auf einen anderen Benutzer oder eine Organisation, in der du Admin-Rechte hast.
 settings.transfer_form_title=Gib den Repository-Namen zur Bestätigung ein:
-settings.transfer_in_progress=Es gibt derzeit eine laufende Übertragung. Bitte brich diese ab, wenn du dieses Repository an einen anderen Benutzer übertragen möchtest.
 settings.transfer_notices_1=– Du wirst keinen Zugriff mehr haben, wenn der neue Besitzer ein individueller Benutzer ist.
 settings.transfer_notices_2=– Du wirst weiterhin Zugriff haben, wenn der neue Besitzer eine Organisation ist und du einer der Besitzer bist.
 settings.transfer_notices_3=- Wenn das Repository privat ist und an einen einzelnen Benutzer übertragen wird, wird sichergestellt, dass der Benutzer mindestens Leserechte hat (und die Berechtigungen werden gegebenenfalls ändert).
@@ -2236,13 +2148,9 @@ settings.trust_model.default=Standardvertrauensmodell
 settings.trust_model.default.desc=Verwende das Standardvertrauensmodell für diese Installation.
 settings.trust_model.collaborator=Mitarbeiter
 settings.trust_model.collaborator.long=Mitarbeiter: Vertraue Signaturen von Mitarbeitern
-settings.trust_model.collaborator.desc=Gültige Signaturen von Mitarbeitern dieses Projekts werden als "vertrauenswürdig" markiert - ( egal ob sie mit dem Committer übereinstimmen oder nicht). Andernfalls werden gültige Signaturen als "nicht vertrauenswürdig" markiert, unabhängig ob die Signatur mit dem Committer übereinstimmt oder nicht.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: Vertraue Signaturen, die zu Committern passen (Dies stimmt mit GitHub überein und zwingt signierte Commits von Gitea dazu, Gitea als Committer zu haben)
-settings.trust_model.committer.desc=Gültige Signaturen von Mitwirkenden werden als "vertrauenswürdig" gekennzeichnet, wenn sie mit ihrem Committer übereinstimmen. Ansonsten werden sie als "nicht übereinstimmend" markiert. Das führt dazu, dass Gitea auf signierten Commits, bei denen der echte Committer als Co-authored-by: oder Co-committed-by in der Beschreibung eingetragen wurde, als Committer gilt. Der Gitea Standard-Key muss auf einen User in der Datenbank zeigen.
 settings.trust_model.collaboratorcommitter=Mitarbeiter+Committer
 settings.trust_model.collaboratorcommitter.long=Mitarbeiter+Committer: Signaturen der Mitarbeiter vertrauen die mit dem Committer übereinstimmen
-settings.trust_model.collaboratorcommitter.desc=Gültige Signaturen von Mitarbeitern dieses Projekts werden als "vertrauenswürdig" markiert, wenn sie mit dem Committer übereinstimmen. Andernfalls werden gültige Signaturen als "nicht vertrauenswürdig" markiert, wenn die Signatur mit dem Committer übereinstimmt als "nicht übereinstimmend". Dies zwingt Gitea als Committer bei signierten Commits mit dem tatsächlichen Committer als Co-Authored-By: und Co-Committed-By: Trailer im Commit. Der Standard-Gitea-Schlüssel muss mit einem Benutzer in der Datenbank übereinstimmen.
 settings.wiki_delete=Wiki-Daten löschen
 settings.wiki_delete_desc=Das Löschen von Wiki-Daten kann nicht rückgängig gemacht werden. Bitte sei vorsichtig.
 settings.wiki_delete_notices_1=– Dies löscht und deaktiviert das Wiki für %s.
@@ -2251,7 +2159,6 @@ settings.wiki_deletion_success=Repository-Wiki-Daten wurden gelöscht.
 settings.delete=Dieses Repository löschen
 settings.delete_desc=Wenn dieses Repository gelöscht wurde, gibt es keinen Weg zurück. Bitte sei vorsichtig.
 settings.delete_notices_1=– Diese Operation <strong>KANN NICHT</strong> rückgängig gemacht werden.
-settings.delete_notices_2=– Die Operation wird das <strong>%s</strong>-Repository dauerhaft löschen, inklusive der Dateien, Issues, Kommentare und Zugriffseinstellungen.
 settings.delete_notices_fork_1=- Forks dieses Repositories werden nach dem Löschen unabhängig.
 settings.deletion_success=Das Repository wurde gelöscht.
 settings.update_settings_success=Repository-Einstellungen wurden aktualisiert.
@@ -2273,8 +2180,6 @@ settings.team_not_in_organization=Das Team ist nicht in der gleichen Organisatio
 settings.teams=Teams
 settings.add_team=Team hinzufügen
 settings.add_team_duplicate=Das Team ist dem Repository schon zugeordnet
-settings.add_team_success=Das Team hat nun Zugriff auf das Repository.
-settings.change_team_permission_tip=Die Team-Berechtigung ist auf der Team-Einstellungsseite festgelegt und kann nicht für ein Repository geändert werden
 settings.delete_team_tip=Dieses Team hat Zugriff auf alle Repositories und kann nicht entfernt werden
 settings.remove_team_success=Der Zugriff des Teams auf das Repository wurde zurückgezogen.
 settings.add_webhook=Webhook hinzufügen
@@ -2283,8 +2188,6 @@ settings.hooks_desc=Webhooks senden bei bestimmten Gitea-Events automatisch „H
 settings.webhook_deletion=Webhook löschen
 settings.webhook_deletion_desc=Das Entfernen eines Webhooks löscht seine Einstellungen und Zustellungsverlauf. Fortfahren?
 settings.webhook_deletion_success=Webhook wurde entfernt.
-settings.webhook.test_delivery=Senden testen
-settings.webhook.test_delivery_desc=Teste diesen Webhook mit einem Fake-Event.
 settings.webhook.test_delivery_desc_disabled=Um diesen Webhook mit einem Fake-Event zu testen, aktiviere ihn.
 settings.webhook.request=Anfrage
 settings.webhook.response=Antwort
@@ -2322,6 +2225,8 @@ settings.event_fork=Fork
 settings.event_fork_desc=Repository geforkt.
 settings.event_wiki=Wiki
 settings.event_wiki_desc=Wiki-Seite erstellt, umbenannt, bearbeitet oder gelöscht.
+settings.event_statuses=Status
+settings.event_statuses_desc=Commit-Status von der API aktualisiert.
 settings.event_release=Release
 settings.event_release_desc=Release in einem Repository veröffentlicht, aktualisiert oder gelöscht.
 settings.event_push=Push
@@ -2331,7 +2236,6 @@ settings.event_repository=Repository
 settings.event_repository_desc=Repository erstellt oder gelöscht.
 settings.event_header_issue=Issue Ereignisse
 settings.event_issues=Issues
-settings.event_issues_desc=Issue geöffnet, geschlossen, wieder geöffnet oder bearbeitet.
 settings.event_issue_assign=Issue zugewiesen
 settings.event_issue_assign_desc=Issue zugewiesen oder Zuweisung entfernt.
 settings.event_issue_label=Issue mit Label versehen
@@ -2342,7 +2246,6 @@ settings.event_issue_comment=Issue-Kommentar
 settings.event_issue_comment_desc=Issue-Kommentar angelegt, geändert oder gelöscht.
 settings.event_header_pull_request=Pull-Request-Ereignisse
 settings.event_pull_request=Pull-Request
-settings.event_pull_request_desc=Pull-Request geöffnet, geschlossen, wieder geöffnet oder bearbeitet.
 settings.event_pull_request_assign=Pull-Request zugewiesen
 settings.event_pull_request_assign_desc=Pull-Request zugewiesen oder Zuweisung entfernt.
 settings.event_pull_request_label=Pull-Request mit Label versehen
@@ -2359,6 +2262,9 @@ settings.event_pull_request_review_request=Überprüfung des Pull-Requests angef
 settings.event_pull_request_review_request_desc=Überprüfung des Pull-Requests angefragt oder die Anfrage entfernt.
 settings.event_pull_request_approvals=Zustimmungen zum Pull-Request
 settings.event_pull_request_merge=Pull-Request-Merge
+settings.event_header_workflow=Workflow-Ereignisse
+settings.event_workflow_job=Workflow-Jobs
+settings.event_workflow_job_desc=Gitea Actions Workflow Job in Warteschlange, wartend, in Bearbeitung oder abgeschlossen.
 settings.event_package=Paket
 settings.event_package_desc=Paket wurde in einem Repository erstellt oder gelöscht.
 settings.branch_filter=Branch-Filter
@@ -2482,7 +2388,6 @@ settings.block_on_official_review_requests_desc=Mergen ist nicht möglich wenn o
 settings.block_outdated_branch=Merge blockieren, wenn der Pull-Request veraltet ist
 settings.block_outdated_branch_desc=Mergen ist nicht möglich, wenn der Head-Branch hinter dem Basis-Branch ist.
 settings.block_admin_merge_override=Administratoren müssen die Schutzregeln für Branches befolgen
-settings.block_admin_merge_override_desc=Administratoren müssen die Schutzregeln für Branches befolgen und können sie nicht umgehen.
 settings.default_branch_desc=Wähle einen Standardbranch für Pull-Requests und Code-Commits:
 settings.merge_style_desc=Merge-Styles
 settings.default_merge_style_desc=Standard-Mergeverhalten für Pull-Requests
@@ -2509,10 +2414,7 @@ settings.matrix.homeserver_url=Homeserver-URL
 settings.matrix.room_id=Raum-ID
 settings.matrix.message_type=Nachrichtentyp
 settings.visibility.private.button=Auf privat setzen
-settings.visibility.private.text=Das Ändern der Sichtbarkeit auf privat wird das Repository nicht nur für erlaubte Mitglieder sichtbar machen, sondern kann auch die Beziehung zwischen ihm und Forks, Beobachtern und Sternen entfernen.
 settings.visibility.private.bullet_title=<strong>Das Ändern der Sichtbarkeit auf privat wird:</strong>
-settings.visibility.private.bullet_one=Das Repository nur für zugelassene Mitglieder sichtbar machen.
-settings.visibility.private.bullet_two=Kann die Beziehung zwischen ihm und <strong>Forks</strong>, <strong>Beobachtern</strong>und <strong>Sternen</strong> entfernen.
 settings.visibility.public.button=Auf öffentlich setzen
 settings.visibility.public.text=Das Ändern der Sichtbarkeit auf öffentlich macht das Repository für jeden sichtbar.
 settings.visibility.public.bullet_title=<strong>Das Ändern der Sichtbarkeit auf öffentlich wird:</strong>
@@ -2531,7 +2433,6 @@ settings.archive.tagsettings_unavailable=Tag Einstellungen sind nicht verfügbar
 settings.archive.mirrors_unavailable=Mirrors sind nicht verfügbar, wenn das Repository archiviert ist.
 settings.unarchive.button=Archivieren rückgängig machen
 settings.unarchive.header=Archivieren dieses Repositories rückgängig machen
-settings.unarchive.text=Durch das Aufheben der Archivierung kann das Repo wieder Commits und Pushes sowie neue Issues und Pull-Requests empfangen.
 settings.unarchive.success=Die Archivierung des Repos wurde erfolgreich wieder rückgängig gemacht.
 settings.unarchive.error=Beim Versuch, die Archivierung des Repos aufzuheben, ist ein Fehler aufgetreten. Weitere Details finden sich im Log.
 settings.update_avatar_success=Der Repository-Avatar wurde aktualisiert.
@@ -2549,11 +2450,9 @@ settings.lfs_invalid_locking_path=Ungültiger Pfad: %s
 settings.lfs_invalid_lock_directory=Verzeichnis kann nicht gesperrt werden: %s
 settings.lfs_lock_already_exists=Sperre existiert bereits: %s
 settings.lfs_lock=Sperren
-settings.lfs_lock_path=Zu sperrender Dateipfad...
 settings.lfs_locks_no_locks=Keine Sperren
 settings.lfs_lock_file_no_exist=Gesperrte Datei existiert nicht im Standard-Branch
 settings.lfs_force_unlock=Freigabe erzwingen
-settings.lfs_pointers.found=%d Blob-Zeiger gefunden - %d assoziiert, %d nicht assoziiert (%d fehlend im Speicher)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Im Repo
@@ -2621,6 +2520,9 @@ diff.image.overlay=Ãœberlagert
 diff.has_escaped=Diese Zeile enthält versteckte Unicode-Zeichen
 diff.show_file_tree=Dateibaum anzeigen
 diff.hide_file_tree=Dateibaum ausblenden
+diff.submodule_added=Submodul %[1]s hinzugefügt bei %[2]s
+diff.submodule_deleted=Submodul %[1]s gelöscht von %[2]s
+diff.submodule_updated=Submodul %[1]s aktualisiert: %[2]s
 
 releases.desc=Behalte den Überblick über Versionen und Downloads.
 release.releases=Releases
@@ -2691,6 +2593,7 @@ branch.restore_success=Branch "%s" wurde wiederhergestellt.
 branch.restore_failed=Wiederherstellung vom Branch "%s" gescheitert.
 branch.protected_deletion_failed=Branch "%s" ist geschützt und kann nicht gelöscht werden.
 branch.default_deletion_failed=Branch "%s" kann nicht gelöscht werden, da dieser Branch der Standard-Branch ist.
+branch.default_branch_not_exist=Standardzweig „%s“ existiert nicht.
 branch.restore=Branch "%s" wiederherstellen
 branch.download=Branch "%s" herunterladen
 branch.rename=Branch "%s" umbenennen
@@ -2705,6 +2608,8 @@ branch.create_branch_operation=Branch erstellen
 branch.new_branch=Neue Branch erstellen
 branch.new_branch_from=Neuen Branch von "%s" erstellen
 branch.renamed=Branch %s wurde in %s umbenannt.
+branch.rename_default_or_protected_branch_error=Nur Administratoren können Standard- oder geschützte Branches umbenennen.
+branch.rename_protected_branch_failed=Dieser Branch ist durch globale Schutzregeln geschützt.
 
 tag.create_tag=Tag %s erstellen
 tag.create_tag_operation=Tag erstellen
@@ -2727,7 +2632,6 @@ error.csv.invalid_field_count=Diese Datei kann nicht gerendert werden, da sie ei
 error.broken_git_hook=Git-Hooks dieses Repositories scheinen defekt zu sein. Bitte folge der <a target="_blank" rel="noreferrer" href="%s">Dokumentation</a>, um dies zu beheben, pushe dann ein paar Commits und den Status zu aktualisieren.
 
 [graphs]
-component_loading=%s werden geladen ...
 component_loading_failed=%s konnten nicht geladen werden
 component_loading_info=Dies kann ein wenig dauern …
 component_failed_to_load=Ein unerwarteter Fehler ist aufgetreten.
@@ -2765,7 +2669,6 @@ form.create_org_not_allowed=Du bist nicht berechtigt, eine Organisation zu erste
 settings=Einstellungen
 settings.options=Organisation
 settings.full_name=Vollständiger Name
-settings.email=Kontakt-E-Mail-Adresse
 settings.website=Webseite
 settings.location=Standort
 settings.permission=Berechtigungen
@@ -2779,15 +2682,13 @@ settings.visibility.private_shortname=Privat
 
 settings.update_settings=Einstellungen speichern
 settings.update_setting_success=Organisationseinstellungen wurden aktualisiert.
-settings.change_orgname_prompt=Hinweis: Das Ändern des Organisationsnamens wird auch die URL deiner Organisation ändern und den alten Namen freigeben.
-settings.change_orgname_redirect_prompt=Der alte Name wird weiterleiten, bis er wieder beansprucht wird.
+
+
 settings.update_avatar_success=Der Organisationsavatar wurde aktualisiert.
 settings.delete=Organisation löschen
 settings.delete_account=Diese Organisation löschen
 settings.delete_prompt=Die Organisation wird dauerhaft gelöscht. Dies <strong>KANN NICHT</strong> rückgängig gemacht werden!
 settings.confirm_delete_account=Löschen bestätigen
-settings.delete_org_title=Organisation löschen
-settings.delete_org_desc=Diese Organisation wird dauerhaft gelöscht. Fortfahren?
 settings.hooks_desc=Webhooks hinzufügen, die für <strong>alle</strong> Repositories dieser Organisation ausgelöst werden.
 
 settings.labels_desc=Labels hinzufügen, die für <strong>alle Repositories</strong> dieser Organisation genutzt werden können.
@@ -2843,7 +2744,6 @@ teams.remove_all_repos_title=Alle Team-Repositories entfernen
 teams.remove_all_repos_desc=Dies entfernt alle Repositories von dem Team.
 teams.add_all_repos_title=Alle Repositories hinzufügen
 teams.add_all_repos_desc=Dadurch werden alle Repositories der Organisation dem Team hinzugefügt.
-teams.add_nonexistent_repo=Das Repository, das du hinzufügen möchtest, existiert nicht. Bitte erstelle es zuerst.
 teams.add_duplicate_users=Dieser Benutzer ist bereits ein Teammitglied.
 teams.repos.none=Dieses Team hat Zugang zu keinem Repository.
 teams.members.none=Keine Mitglieder in diesem Team.
@@ -2859,7 +2759,11 @@ teams.invite.title=Du wurdest eingeladen, dem Team <strong>%s</strong> in der Or
 teams.invite.by=Von %s eingeladen
 teams.invite.description=Bitte klicke auf die folgende Schaltfläche, um dem Team beizutreten.
 
+view_as_role=Ansehen als: %s
+view_as_public_hint=Du siehst die README als ein öffentlicher Benutzer.
+view_as_member_hint=Du siehst die README als ein Mitglied dieser Organisation.
 
+worktime=Arbeitszeit
 worktime.date_range_start=Startdatum
 worktime.date_range_end=Enddatum
 worktime.query=Abfrage
@@ -2880,7 +2784,6 @@ repositories=Repositories
 hooks=Webhooks
 integrations=Integrationen
 authentication=Authentifizierungsquellen
-emails=Benutzer E-Mails
 config=Konfiguration
 config_summary=Ãœbersicht
 config_settings=Einstellungen
@@ -2912,11 +2815,8 @@ dashboard.cron.cancelled=Cron: %[1]s abgebrochen: %[3]s
 dashboard.cron.error=Fehler in Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s ist beendet
 dashboard.delete_inactive_accounts=Alle nicht aktivierten Konten löschen
-dashboard.delete_inactive_accounts.started=Löschen aller nicht aktivierten Account-Aufgabe gestartet.
 dashboard.delete_repo_archives=Lösche alle Repository-Archive (ZIP, TAR.GZ, …)
-dashboard.delete_repo_archives.started=Löschen aller Repository-Archive gestartet.
 dashboard.delete_missing_repos=Alle Repository-Datensätze mit verloren gegangenen Git-Dateien löschen
-dashboard.delete_missing_repos.started=Alle Repositories löschen, die den Git-File-Task nicht gestartet haben.
 dashboard.delete_generated_repository_avatars=Generierte Repository-Avatare löschen
 dashboard.sync_repo_branches=Fehlende Branches aus den Git-Daten in die Datenbank synchronisieren
 dashboard.sync_repo_tags=Tags von Git-Daten in die Datenbank synchronisieren
@@ -2924,17 +2824,9 @@ dashboard.update_mirrors=Mirrors aktualisieren
 dashboard.repo_health_check=Healthchecks für alle Repositories ausführen
 dashboard.check_repo_stats=Überprüfe alle Repository-Statistiken
 dashboard.archive_cleanup=Alte Repository-Archive löschen
-dashboard.deleted_branches_cleanup=Gelöschte Branches bereinigen
 dashboard.update_migration_poster_id=Migration Poster-IDs updaten
-dashboard.git_gc_repos=Garbage-Collection für alle Repositories ausführen
-dashboard.resync_all_sshkeys=Die Datei '.ssh/authorized_keys' mit Gitea SSH-Schlüsseln aktualisieren.
-dashboard.resync_all_sshprincipals=Aktualisiere die Datei '.ssh/authorized_principals' mit Gitea SSH Identitäten.
-dashboard.resync_all_hooks=Die „pre-receive“-, „update“- und „post-receive“-Hooks für alle Repositories erneut synchronisieren.
 dashboard.reinit_missing_repos=Alle Git-Repositories neu einlesen, für die Einträge existieren
 dashboard.sync_external_users=Externe Benutzerdaten synchronisieren
-dashboard.cleanup_hook_task_table=Hook-Task-Tabelle bereinigen
-dashboard.cleanup_packages=Veraltete Pakete löschen
-dashboard.cleanup_actions=Abgelaufene Ressourcen von Actions bereinigen
 dashboard.server_uptime=Server-Uptime
 dashboard.current_goroutine=Aktuelle Goroutinen
 dashboard.current_memory_usage=Aktuelle Speichernutzung
@@ -2965,10 +2857,8 @@ dashboard.total_gc_pause=Gesamte GC-Pause
 dashboard.last_gc_pause=Letzte GC-Pause
 dashboard.gc_times=Anzahl GC
 dashboard.delete_old_actions=Alle alten Aktionen aus der Datenbank löschen
-dashboard.delete_old_actions.started=Löschen aller alten Aktionen in der Datenbank gestartet.
 dashboard.update_checker=Update-Checker
 dashboard.delete_old_system_notices=Alle alten Systemmeldungen aus der Datenbank löschen
-dashboard.gc_lfs=Garbage-Collection für LFS Meta-Objekte ausführen
 dashboard.stop_zombie_tasks=Zombie-Aufgaben stoppen
 dashboard.stop_endless_tasks=Endlose Aktionen stoppen
 dashboard.cancel_abandoned_jobs=Aufgegebene Jobs abbrechen
@@ -2992,7 +2882,6 @@ users.2fa=2FA
 users.repos=Repos
 users.created=Registriert am
 users.last_login=Letzte Anmeldung
-users.never_login=Hat sich noch nie eingeloggt
 users.send_register_notify=Benutzer-Registrierungsbenachrichtigung senden
 users.new_success=Der Account "%s" wurde erstellt.
 users.edit=Bearbeiten
@@ -3019,7 +2908,6 @@ users.still_own_repo=Dieser Benutzer besitzt noch mindestens ein Repository. Bit
 users.still_has_org=Dieser Nutzer ist Mitglied einer Organisation. Du musst ihn zuerst aus allen Organisationen entfernen.
 users.purge=Benutzer löschen
 users.purge_help=Erzwinge das Löschen des Benutzers inklusive aller seiner Repositories, Organisationen, Pakete und Kommentare.
-users.still_own_packages=Dieser Benutzer besitzt noch ein oder mehrere Pakete, lösche diese Pakete zuerst.
 users.deletion_success=Der Account wurde gelöscht.
 users.reset_2fa=2FA zurücksetzen
 users.list_status_filter.menu_text=Filter
@@ -3039,11 +2927,7 @@ users.details=Benutzerdetails
 emails.email_manage_panel=Benutzer-E-Mail-Verwaltung
 emails.primary=Primär
 emails.activated=Aktiviert
-emails.filter_sort.email=E-Mail
-emails.filter_sort.email_reverse=E-Mail (umgekehrt)
 emails.filter_sort.name=Benutzername
-emails.filter_sort.name_reverse=Benutzername (umgekehrt)
-emails.updated=E-Mail aktualisiert
 emails.not_updated=Fehler beim Aktualisieren der angeforderten E-Mail-Adresse: %v
 emails.duplicate_active=Diese E-Mail-Adresse wird bereits von einem Nutzer verwendet.
 emails.change_email_header=E-Mail-Eigenschaften aktualisieren
@@ -3051,7 +2935,6 @@ emails.change_email_text=Bist du dir sicher, dass du diese E-Mail-Adresse aktual
 emails.delete=E-Mail löschen
 emails.delete_desc=Willst du diese E-Mail-Adresse wirklich löschen?
 emails.deletion_success=Die E-Mail-Adresse wurde gelöscht.
-emails.delete_primary_email_error=Du kannst die primäre E-Mail-Adresse nicht löschen.
 
 orgs.org_manage_panel=Organisationsverwaltung
 orgs.name=Name
@@ -3165,27 +3048,19 @@ auths.oauth2_required_claim_name_helper=Setze diesen Namen, damit Nutzer aus die
 auths.oauth2_required_claim_value=Benötigter Claim-Wert
 auths.oauth2_required_claim_value_helper=Setze diesen Wert, damit Nutzer aus dieser Quelle sich nur anmelden dürfen, wenn sie einen Claim mit diesem Namen und Wert besitzen
 auths.oauth2_group_claim_name=Claim-Name, der Gruppennamen für diese Quelle angibt. (Optional)
-auths.oauth2_admin_group=Gruppen-Claim-Wert für Administratoren. (Optional - erfordert Claim-Namen oben)
-auths.oauth2_restricted_group=Gruppen-Claim-Wert für eingeschränkte User. (Optional - erfordert Claim-Namen oben)
-auths.oauth2_map_group_to_team=Gruppen aus OAuth-Claims den Organisationsteams zuordnen. (Optional - oben muss der Name des Claims angegeben werden)
 auths.oauth2_map_group_to_team_removal=Benutzer aus synchronisierten Teams entfernen, wenn der Benutzer nicht zur entsprechenden Gruppe gehört.
 auths.enable_auto_register=Automatische Registrierung aktivieren
 auths.sspi_auto_create_users=Benutzer automatisch anlegen
-auths.sspi_auto_create_users_helper=Erlaube der SSPI Authentifikationsmethode, automatisch neue Konten für unbekannte Benutzer anzulegen
 auths.sspi_auto_activate_users=Benutzer automatisch aktivieren
 auths.sspi_auto_activate_users_helper=Erlaube der SSPI Authentifikationsmethode, automatisch neue Benutzerkonten zu aktivieren
 auths.sspi_strip_domain_names=Domain vom Nutzernamen entfernen
-auths.sspi_strip_domain_names_helper=Falls aktiviert werden Domainnamen bei Loginnamen entfernt (z.B. "DOMAIN\nutzer" und "nutzer@example.ort" werden beide nur "nutzer").
 auths.sspi_separator_replacement=Trennzeichen als Ersatz für \, / und @
-auths.sspi_separator_replacement_helper=Das zu verwendende Trennzeichen um Logon-Namen (zB. \ in "DOMAIN\user") und die Hauptnamen von Benutzern (z. B. das @ in "user@example.org") zu separieren.
 auths.sspi_default_language=Standardsprache für Benutzer
-auths.sspi_default_language_helper=Standardsprache für Benutzer, die automatisch mit der SSPI Authentifizierungsmethode erstellt wurden. Leer lassen, wenn du es bevorzugst, dass eine Sprache automatisch erkannt wird.
 auths.tips=Tipps
 auths.tips.oauth2.general=OAuth2-Authentifizierung
 auths.tips.oauth2.general.tip=Beim Registrieren einer OAuth2-Anwendung sollte die Callback-URL folgendermaßen lauten:
 auths.tip.oauth2_provider=OAuth2-Anbieter
 auths.tip.bitbucket=Registriere einen neuen OAuth-Consumer unter %s und füge die Berechtigung 'Account' - 'Read' hinzu
-auths.tip.nextcloud=Registriere über das "Settings -> Security -> OAuth 2.0 client"-Menü einen neuen "OAuth consumer" auf der Nextcloud-Instanz
 auths.tip.dropbox=Erstelle eine neue App auf %s
 auths.tip.facebook=Erstelle eine neue Anwendung auf %s und füge das Produkt „Facebook Login“ hinzu
 auths.tip.github=Erstelle unter %s eine neue OAuth-Anwendung
@@ -3238,8 +3113,6 @@ config.ssh_domain=SSH-Server-Domain
 config.ssh_port=Port
 config.ssh_listen_port=Listen-Port
 config.ssh_root_path=Wurzelverzeichnis
-config.ssh_key_test_path=Schlüssel-Test-Pfad
-config.ssh_keygen_path=Keygen-Pfad („ssh-keygen“)
 config.ssh_minimum_key_size_check=Prüfung der Mindestschlüssellänge
 config.ssh_minimum_key_sizes=Mindestschlüssellängen
 
@@ -3297,7 +3170,6 @@ config.mailer_sendmail_path=Sendmail-Pfad
 config.mailer_sendmail_args=Zusätzliche Argumente für Sendmail
 config.mailer_sendmail_timeout=Sendmail Timeout
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=E-Mail (z.B. test@example.com)
 config.send_test_mail=Test-E-Mail senden
 config.send_test_mail_submit=Senden
 config.test_mail_failed=Das Senden der Test-E-Mail an '%s' ist fehlgeschlagen: %v
@@ -3362,6 +3234,8 @@ monitor.previous=Letzte Ausführung
 monitor.execute_times=Ausführungen
 monitor.process=Laufende Prozesse
 monitor.stacktrace=Stacktraces
+monitor.trace=Ablaufverfolgung
+monitor.performance_logs=Leistungsprotokolle
 monitor.processes_count=%d Prozesse
 monitor.download_diagnosis_report=Diagnosebericht herunterladen
 monitor.desc=Beschreibung
@@ -3369,7 +3243,6 @@ monitor.start=Startzeit
 monitor.execute_time=Ausführungszeit
 monitor.last_execution_result=Ergebnis
 monitor.process.cancel=Prozess abbrechen
-monitor.process.cancel_desc=Abbrechen eines Prozesses kann Datenverlust verursachen
 monitor.process.children=Subprozesse
 
 monitor.queues=Warteschlangen
@@ -3384,7 +3257,6 @@ monitor.queue.numberinqueue=Nummer in der Warteschlange
 monitor.queue.review_add=Worker hinzufügen / prüfen
 monitor.queue.settings.title=Pool-Einstellungen
 monitor.queue.settings.desc=Pools wachsen dynamisch basierend auf der Blockierung der Arbeitswarteschlange.
-monitor.queue.settings.maxnumberworkers=Maximale Anzahl an Workern
 monitor.queue.settings.maxnumberworkers.placeholder=Derzeit %[1]d
 monitor.queue.settings.maxnumberworkers.error=Die Anzahl der Worker muss eine Zahl sein
 monitor.queue.settings.submit=Einstellungen aktualisieren
@@ -3410,10 +3282,6 @@ notices.delete_success=Diese Systemmeldung wurde gelöscht.
 self_check.no_problem_found=Bisher wurde kein Problem festgestellt.
 self_check.startup_warnings=Warnungen beim Start:
 self_check.database_collation_mismatch=Erwarte Datenbank-Kollation: %s
-self_check.database_collation_case_insensitive=Die Datenbank verwendet die Kollation %s, was eine unsensible Kollation ist. Obwohl Gitea damit arbeiten könnte, gibt es vielleicht einige seltene Fälle, die nicht wie erwartet funktionieren.
-self_check.database_inconsistent_collation_columns=Die Datenbank verwendet die Kollation %s, aber diese Spalten verwenden unzutreffende Kollationen. Dies könnte zu unerwarteten Problemen führen.
-self_check.database_fix_mysql=Für MySQL/MariaDB-Benutzer kann man den Befehl "gitea doctor convert" oder manuell auch "ALTER ... COLLATE ..."-SQLs verwenden, um die Sortierprobleme zu beheben.
-self_check.database_fix_mssql=Für MSSQL-Benutzer kann das Problem im Moment nur durch "ALTER ... COLLATE ..." SQLs manuell behoben werden.
 self_check.location_origin_mismatch=Aktuelle URL (%[1]s) stimmt nicht mit der URL überein, die Gitea (%[2]s) sieht. Wenn du einen Reverse-Proxy verwendest, stelle bitte sicher, dass die Header "Host" und "X-Forwarded-Proto" korrekt gesetzt sind.
 
 [action]
@@ -3497,8 +3365,6 @@ error.no_committer_account=Es ist kein Account mit der E-Mail-Adresse des Commit
 error.no_gpg_keys_found=Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
 error.not_signed_commit=Kein signierter Commit
 error.failed_retrieval_gpg_keys=Fehler beim Abrufen eines Keys des Commiter-Kontos
-error.probable_bad_signature=WARNHINWEIS! Obwohl es einen Schlüssel mit dieser ID in der Datenbank gibt, wird dieser Commit nicht verifiziert! Dieser Commit ist nicht vertrauenswürdig.
-error.probable_bad_default_signature=WARNHINWEIS! Obwohl der Standardschlüssel diese ID hat, wird der Commit nicht verifiziert! Dieser Commit ist NICHT vertrauenswürdig.
 
 [units]
 unit=Einheit
@@ -3536,7 +3402,7 @@ versions=Versionen
 versions.view_all=Alle anzeigen
 dependency.id=ID
 dependency.version=Version
-alpine.registry=Richte diese Registry ein, indem Du die URL in die <code>/etc/apk/repositories</code>-Datei hinzufügst:
+search_in_external_registry=In %s suchen
 alpine.registry.key=Lade den öffentlichen RSA-Key der Registry in den <code>/etc/apk/keys/</code>-Ordner, um die Signatur zu überprüfen:
 alpine.registry.info=Wähle $branch und $repository aus der Liste unten.
 alpine.install=Nutze folgenden Befehl, um das Paket zu installieren:
@@ -3549,30 +3415,25 @@ arch.install=Paket mit pacman synchronisieren:
 arch.repository=Repository-Informationen
 arch.repository.repositories=Repositories
 arch.repository.architectures=Architekturen
-cargo.registry=Richte diese Registry in der Cargo-Konfigurationsdatei ein (z.B. <code>~/.cargo/config.toml</code>):
 cargo.install=Um das Paket mit Cargo zu installieren, führe den folgenden Befehl aus:
-chef.registry=Richte diese Registry in deiner <code>~/.chef/config.rb</code> Datei ein:
 chef.install=Nutze folgenden Befehl, um das Paket zu installieren:
-composer.registry=Setze diese Paketverwaltung in deiner <code>~/.composer/config.json</code> Datei auf:
 composer.install=Nutze folgenden Befehl, um das Paket mit Composer zu installieren:
 composer.dependencies=Abhängigkeiten
 composer.dependencies.development=Entwicklungsabhängigkeiten
 conan.details.repository=Repository
-conan.registry=Diese Registry über die Kommandozeile einrichten:
 conan.install=Um das Paket mit Conan zu installieren, führe den folgenden Befehl aus:
-conda.registry=Richte diese Registry als Conda-Repository in deiner <code>.condarc</code> Datei ein:
 conda.install=Um das Paket mit Conda zu installieren, führe den folgenden Befehl aus:
 container.details.type=Container-Image Typ
 container.details.platform=Plattform
 container.pull=Downloade das Container-Image aus der Kommandozeile:
+container.images=Images
+container.digest=Digest
 container.multi_arch=Betriebsystem / Architektur
 container.layers=Container-Image Ebenen
 container.labels=Labels
 container.labels.key=Schlüssel
 container.labels.value=Wert
-cran.registry=Richte diese Registry in deiner <code>Rprofile.site</code> Datei ein:
 cran.install=Nutze folgenden Befehl, um das Paket zu installieren:
-debian.registry=Diese Registry über die Kommandozeile einrichten:
 debian.registry.info=Wähle $distribution und $component aus der Liste unten.
 debian.install=Nutze folgenden Befehl, um das Paket zu installieren:
 debian.repository=Repository-Informationen
@@ -3581,16 +3442,11 @@ debian.repository.components=Komponenten
 debian.repository.architectures=Architekturen
 generic.download=Downloade das Paket aus der Kommandozeile:
 go.install=Installiere das Paket über die Kommandozeile:
-helm.registry=Diese Paketverwaltung über die Kommandozeile einrichten:
 helm.install=Nutze folgenden Befehl, um das Paket zu installieren:
-maven.registry=Setze diese Paketverwaltung in der <code>pom.xml</code> deines Projektes auf:
-maven.install=Nimm Folgendes in den <code>dependencies</code> deiner <code>pom.xml</code> auf, um das Paket zu installieren:
 maven.install2=Über die Kommandozeile ausführen:
 maven.download=Nutze folgendes Kommando, um die Dependency herunterzuladen:
-nuget.registry=Diese Registry über die Kommandozeile einrichten:
 nuget.install=Um das Paket mit NuGet zu installieren, führe den folgenden Befehl aus:
 nuget.dependency.framework=Zielframework
-npm.registry=Setze diese Paketverwaltung in der <code>.npmrc</code> deines Projektes auf:
 npm.install=Um das Paket mit npm zu installieren, führe den folgenden Befehl aus:
 npm.install2=oder füge es zur package.json-Datei hinzu:
 npm.dependencies=Abhängigkeiten
@@ -3602,7 +3458,6 @@ npm.details.tag=Tag
 pub.install=Um das Paket mit Dart zu installieren, führe den folgenden Befehl aus:
 pypi.requires=Erfordert Python
 pypi.install=Nutze folgenden Befehl, um das Paket mit pip zu installieren:
-rpm.registry=Diese Registry über die Kommandozeile einrichten:
 rpm.distros.redhat=auf RedHat-basierten Distributionen
 rpm.distros.suse=auf SUSE-basierten Distributionen
 rpm.install=Nutze folgenden Befehl, um das Paket zu installieren:
@@ -3615,7 +3470,6 @@ rubygems.dependencies.runtime=Laufzeitabhängigkeiten
 rubygems.dependencies.development=Entwicklungsabhängigkeiten
 rubygems.required.ruby=Benötigt Ruby Version
 rubygems.required.rubygems=Benötigt RubyGem Version
-swift.registry=Diese Registry über die Kommandozeile einrichten:
 swift.install=Füge das Paket deiner <code>Package.swift</code> Datei hinzu:
 swift.install2=und führe den folgenden Befehl aus:
 vagrant.install=Um eine Vagrant-Box hinzuzufügen, führe den folgenden Befehl aus:
@@ -3638,7 +3492,6 @@ owner.settings.cargo.initialize.success=Der Cargo-Index wurde erfolgreich erstel
 owner.settings.cargo.rebuild=Index neu erstellen
 owner.settings.cargo.rebuild.description=Neubauen kann hilfreich sein, wenn der Index nicht mit den gespeicherten Cargo-Paketen synchronisiert ist.
 owner.settings.cargo.rebuild.error=Cargo-Index konnte nicht neu erstellt werden: %v
-owner.settings.cargo.rebuild.success=Der Cargo-Index wurde erfolgreich neu erstellt.
 owner.settings.cleanuprules.title=Bereinigungsregeln verwalten
 owner.settings.cleanuprules.add=Bereinigungsregel hinzufügen
 owner.settings.cleanuprules.edit=Bereinigungsregel bearbeiten
@@ -3667,12 +3520,18 @@ owner.settings.chef.keypair.description=Ein Schlüsselpaar ist notwendig, um mit
 secrets=Secrets
 description=Secrets werden an bestimmte Aktionen weitergegeben und können nicht anderweitig ausgelesen werden.
 none=Noch keine Secrets vorhanden.
-creation=Secret hinzufügen
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Beschreibung
 creation.name_placeholder=Groß-/Kleinschreibung wird ignoriert, nur alphanumerische Zeichen oder Unterstriche, darf nicht mit GITEA_ oder GITHUB_ beginnen
 creation.value_placeholder=Beliebigen Inhalt eingeben. Leerzeichen am Anfang und Ende werden weggelassen.
-creation.success=Das Secret "%s" wurde hinzugefügt.
-creation.failed=Secret konnte nicht hinzugefügt werden.
+creation.description_placeholder=Gib eine Kurzbeschreibung ein (optional).
+
+save_success=Das Secret "%s" wurde gespeichert.
+save_failed=Secret konnte nicht gespeichert werden.
+
+add_secret=Secret hinzufügen
+edit_secret=Secret bearbeiten
 deletion=Secret entfernen
 deletion.description=Das Entfernen eines Secrets kann nicht rückgängig gemacht werden. Fortfahren?
 deletion.success=Das Secret wurde entfernt.
@@ -3720,7 +3579,6 @@ runners.delete_runner=Diesen Runner löschen
 runners.delete_runner_success=Runner erfolgreich gelöscht
 runners.delete_runner_failed=Der Runner konnte nicht gelöscht werden
 runners.delete_runner_header=Bestätigen, um diesen Runner zu löschen
-runners.delete_runner_notice=Wenn eine Aufgabe auf diesem Runner ausgeführt wird, wird sie beendet und als fehlgeschlagen markiert. Dies könnte Workflows zerstören.
 runners.none=Keine Runner verfügbar
 runners.status.unspecified=Unbekannt
 runners.status.idle=Leerlauf
@@ -3750,6 +3608,10 @@ runs.no_workflows.documentation=Weitere Informationen zu Gitea Actions findest d
 runs.no_runs=Der Workflow hat noch keine Ausführungen.
 runs.empty_commit_message=(leere Commit-Nachricht)
 runs.expire_log_message=Protokolle wurden geleert, weil sie zu alt waren.
+runs.delete=Workflow-Ausführung löschen
+runs.delete.description=Bist du sicher, dass du diese Workflow-Ausführung dauerhaft löschen möchtest? Diese Aktion kann nicht rückgängig gemacht werden.
+runs.not_done=Diese Workflow-Ausführung ist noch nicht abgeschlossen.
+runs.view_workflow_file=Workflow-Datei anzeigen
 
 workflow.disable=Workflow deaktivieren
 workflow.disable_success=Workflow '%s' erfolgreich deaktiviert.
@@ -3761,6 +3623,7 @@ workflow.not_found=Workflow '%s' wurde nicht gefunden.
 workflow.run_success=Workflow '%s' erfolgreich ausgeführt.
 workflow.from_ref=Nutze Workflow von
 workflow.has_workflow_dispatch=Dieser Workflow hat einen workflow_dispatch Event-Trigger.
+workflow.has_no_workflow_dispatch=Der Workflow '%s' hat keinen workflow_dispatch Event-Trigger.
 
 need_approval_desc=Um Workflows für den Pull-Request eines Forks auszuführen, ist eine Genehmigung erforderlich.
 
@@ -3788,6 +3651,8 @@ deleted.display_name=Gelöschtes Projekt
 type-1.display_name=Individuelles Projekt
 type-2.display_name=Repository-Projekt
 type-3.display_name=Organisationsprojekt
+enter_fullscreen=Vollbild
+exit_fullscreen=Vollbild verlassen
 
 [git.filemode]
 changed_filemode=%[1]s → %[2]s
diff --git a/options/locale/locale_el-GR.ini b/options/locale/locale_el-GR.ini
index f430c0506c..4b34b15738 100644
--- a/options/locale/locale_el-GR.ini
+++ b/options/locale/locale_el-GR.ini
@@ -43,7 +43,6 @@ webauthn_use_twofa=ΧÏ�ησιμοποιήστε έναν κωδικό δÏ�ο Ï€Î
 webauthn_error=Αδ�νατη η ανάγνωση του κλειδιο� ασφαλείας.
 webauthn_unsupported_browser=Το π�όγ�αμμα πε�ιήγησής σας δεν υποστη�ίζει επί του πα�όντος WebAuthn.
 webauthn_error_unknown=Πα�ουσιάστηκε ένα άγνωστο σφάλμα. Πα�ακαλώ π�οσπαθήστε ξανά.
-webauthn_error_insecure=`Το WebAuthn υποστη�ίζει μόνο ασφαλείς συνδέσεις. Για δοκιμές πάνω από HTTP, μπο�είτε να χ�ησιμοποιήσετε την π�οέλευση "localhost" ή "127.0.0.1"`
 webauthn_error_unable_to_process=Ο διακομιστής δεν μπό�εσε να επεξε�γαστεί το αίτημά σας.
 webauthn_error_duplicated=Το κλειδί ασφαλείας δεν επιτ�έπεται για αυτό το αίτημα. Βεβαιωθείτε ότι το κλειδί δεν έχει ήδη καταχω�ηθεί.
 webauthn_error_empty=Π�έπει να ο�ίσετε ένα όνομα για αυτό το κλειδί.
@@ -181,8 +180,6 @@ buttons.enable_monospace_font=Ενε�γοποίηση σταθε�ής γ�αμ
 buttons.disable_monospace_font=Απενε�γοποίηση σταθε�ής γ�αμματοσει�άς
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Πα�ουσιάστηκε ένα σφάλμα
@@ -215,16 +212,10 @@ path=Διαδ�ομή
 sqlite_helper=Διαδ�ομή α�χείου για τη βάση δεδομένων SQLite3.<br>Εισάγετε μια απόλυτη διαδ�ομή αν εκτελείτε το Gitea ως υπη�εσία.
 reinstall_error=Π�οσπαθείτε να εγκαταστήσετε σε μια υπά�χουσα βάση δεδομένων Gitea
 reinstall_confirm_message=Η επανεγκατάσταση με μια υπά�χουσα βάση δεδομένων Gitea μπο�εί να π�οκαλέσει πολλαπλά π�οβλήματα. Στις πε�ισσότε�ες πε�ιπτώσεις, θα π�έπει να χ�ησιμοποιήσετε το υπά�χον "app.ini" για να εκτελέσετε το Gitea. Αν γνω�ίζετε τι κάνετε, επιβεβαιώστε τα εξής:
-reinstall_confirm_check_1=Τα δεδομένα που κ�υπτογ�αφο�νται από το SECRET_KEY στο app.ini μπο�εί να χαθο�ν: οι χ�ήστες ενδέχεται να μην μπο�ο�ν να συνδεθο�ν μέσω 2FA/OTP και η αντιγ�αφή αποθετη�ίων να μην λειτου�γεί σωστά. Επιλέγοντας αυτό το κουτί επιβεβαιώνετε ότι το τ�έχον α�χείο app.ini πε�ιέχει το σωστό SECRET_KEY.
-reinstall_confirm_check_2=Τα αποθετή�ια και οι �υθμίσεις μπο�εί να χ�ειαστεί να επανασυγχ�ονιστο�ν. Επιλέγοντας αυτό το κουτί επιβεβαιώνετε ότι θα επανασυγχ�ονίσετε τα άγκιστ�α αποθετη�ίων και το α�χείο authorized_keys χει�οκίνητα. Επιβεβαιώνετε ότι θα βεβαιωθείτε ότι το αποθετή�ιο και οι �υθμίσεις κατόπτ�ου είναι σωστές.
 reinstall_confirm_check_3=Επιβεβαιώνετε ότι είστε απολ�τως σίγου�οι ότι αυτό το Gitea τ�έχει στη σωστή τοποθεσία στο app.ini και ότι είστε σίγου�οι ότι θα π�έπει να επανεγκαταστήσετε. Επιβεβαιώνετε ότι αναγνω�ίζετε τους πα�απάνω κινδ�νους.
 err_empty_db_path=Η διαδ�ομή της βάσης δεδομένων SQLite3 δεν μπο�εί να είναι κενή.
 no_admin_and_disable_registration=Δεν μπο�είτε να απενε�γοποιήσετε την ιδιο-εγγ�αφή χ�ήστη χω�ίς να έχετε δημιου�γήσει διαχει�ιστικό λογα�ιασμό.
 err_empty_admin_password=Ο κωδικός π�όσβασης του διαχει�ιστή δεν μπο�εί να είναι κενός.
-err_empty_admin_email=Το email του διαχει�ιστή δεν μπο�εί να είναι κενό.
-err_admin_name_is_reserved=Το Όνομα χ�ήστη του Διαχει�ιστή δεν είναι έγκυ�ο, είναι δεσμευμένο
-err_admin_name_pattern_not_allowed=Το Όνομα χ�ήστη του Διαχει�ιστή δεν είναι έγκυ�ο, ται�ιάζει σε μια δεσμευμένη μο�φή
-err_admin_name_is_invalid=Το Όνομα Χ�ήστη του Διαχει�ιστή δεν είναι έγκυ�ο
 
 general_title=Γενικές Ρυθμίσεις
 app_name=Τίτλος Ιστοτόπου
@@ -240,7 +231,6 @@ domain_helper=Όνομα domain διακομιστή ή η διε�θυνση τ
 ssh_port=Θ��α της υπη�εσίας SSH
 ssh_port_helper=Α�ιθμός θ��ας που ακο�ει η υπη�εσία SSH. Αφήστε κενό για να το απενε�γοποιήσετε.
 http_port=Η HTTP θ��α που ακο�ει το Gitea
-http_port_helper=Α�ιθμός θ��ας που θα ακο�ει η υπη�εσία web του Gitea.
 app_url=Βασικό URL του Gitea
 app_url_helper=Βασική Διε�θυνση για τα URL κλωνοποίησης μέσω HTTP(S) και για τις ειδοποιήσεις μέσω email.
 log_root_path=Διαδ�ομή Α�χείων Καταγ�αφής
@@ -303,7 +293,6 @@ no_reply_address=Κ�υφό Όνομα Τομέα Email
 no_reply_address_helper=Όνομα τομέα για χ�ήστες με μια κ�υφή διε�θυνση email. Για πα�άδειγμα, το όνομα χ�ήστη 'nikos' θα συνδεθεί στο Git ως 'nikos@noreply.example.org' αν ο κ�υφός τομέας email έχει ο�ιστεί ως 'noreply.example.org'.
 password_algorithm=Αλγό�ιθμος Hash Κωδικο� Π�όσβασης
 invalid_password_algorithm=Μη έγκυ�ος αλγό�ιθμος κωδικο� π�όσβασης
-password_algorithm_helper=Ο�ίστε τον αλγό�ιθμο κατακε�ματισμο� για το κωδικό π�όσβασης. Οι αλγό�ιθμοι διαφέ�ουν σε απαιτήσεις και αντοχή. Ο αλγό�ιθμος argon2 είναι α�κετά ασφαλής, αλλά χ�ησιμοποιεί πολλή μνήμη και μπο�εί να είναι ακατάλληλος για μικ�ά συστήματα.
 enable_update_checker=Ενε�γοποίηση Ελεγκτή Ενημε�ώσεων
 enable_update_checker_helper=Ελέγχει πε�ιοδικά για νέες εκδόσεις κάνοντας σ�νδεση στο gitea.io.
 env_config_keys=Ρυθμίσεις Πε�ιβάλλοντος
@@ -361,8 +350,6 @@ allow_password_change=Απαιτείται από το χÏ�ήστη να αλλÎ
 reset_password_mail_sent_prompt=Ένα email επιβεβαίωσης έχει σταλεί στο <b>%s</b>. Πα�ακαλώ ελέγξτε τα εισε�χόμενα σας στις επόμενες %s για να ολοκλη�ώσετε τη διαδικασία ανάκτησης λογα�ιασμο�.
 active_your_account=Ενε�γοποιήστε Το Λογα�ιασμό Σας
 account_activated=Ο λογα�ιασμός έχει ενε�γοποιηθεί
-prohibit_login=Απαγο�ε�εται η Σ�νδεση
-prohibit_login_desc=Ο λογα�ιασμός σας δεν επιτ�έπεται να συνδεθεί, πα�ακαλο�με επικοινωνήστε με το διαχει�ιστή σας.
 resent_limit_prompt=Έχετε ήδη ζητήσει ένα email ενε�γοποίησης π�όσφατα. Πα�ακαλώ πε�ιμένετε 3 λεπτά και π�οσπαθήστε ξανά.
 has_unconfirmed_mail=Γεια σας %s, έχετε μια ανεπιβεβαίωτη διε�θυνση ηλεκτ�ονικο� ταχυδ�ομείου (<b>%s</b>). Εάν δεν έχετε λάβει email επιβεβαίωσης ή χ�ειάζεται να αποστείλετε εκ νέου ένα νέο, πα�ακαλώ κάντε κλικ στο πα�ακάτω κουμπί.
 resend_mail=Κάντε κλικ εδώ για να στείλετε ξανά το email ενε�γοποίησης
@@ -398,16 +385,12 @@ openid_connect_desc=Το επιλεγμένο OpenID URI είναι άγνωστ
 openid_register_title=Δημιου�γία νέου λογα�ιασμο�
 openid_register_desc=Το επιλεγμένο OpenID URI είναι άγνωστο. Συνδέστε το με ένα νέο λογα�ιασμό εδώ.
 openid_signin_desc=Εισάγετε το OpenID URI σας. Για πα�άδειγμα: alice.openid.example.org ή https://openid.example.org/alice.
-disable_forgot_password_mail=Η ανάκτηση λογα�ιασμο� είναι απενε�γοποιημένη επειδή δεν έχει ο�ιστεί email. Πα�ακαλο�με επικοινωνήστε με το διαχει�ιστή.
-disable_forgot_password_mail_admin=Η ανάκτηση λογα�ιασμο� είναι διαθέσιμη μόνο όταν έχει ο�ιστεί το email. Πα�ακαλο�με ο�ίστει το email σας για να ενε�γοποιήσετε την ανάκτηση λογα�ιασμο�.
 email_domain_blacklisted=Δεν μπο�είτε να εγγ�αφείτε με τη διε�θυνση email σας.
 authorize_application=Εξουσιοδότηση Εφα�μογής
 authorize_redirect_notice=Θα μεταφε�θείτε στο %s εάν εξουσιοδοτήσετε αυτήν την εφα�μογή.
 authorize_application_created_by=Αυτή η εφα�μογή δημιου�γήθηκε από %s.
-authorize_application_description=Εάν πα�αχω�ήσετε την π�όσβαση, θα μπο�εί να έχει π�όσβαση και να γ�άφει σε όλες τις πλη�οφο�ίες του λογα�ιασμο� σας, συμπε�ιλαμβανομένων των ιδιωτικών αποθετη�ίων και ο�γανισμών.
 authorize_title=Εξουσιοδότηση του "%s" για έχει π�όσβαση στο λογα�ιασμό σας;
 authorization_failed=Αποτυχία εξουσιοδότησης
-authorization_failed_desc=Η εξουσιοδότηση απέτυχε επειδή εντοπίστηκε μια μη έγκυ�η αίτηση. Πα�ακαλο�με επικοινωνήστε με το συντη�ητή της εφα�μογής που π�οσπαθήσατε να εξουσιοδοτήσετε.
 sspi_auth_failed=Αποτυχία ταυτοποίησης SSPI
 password_pwned_err=Δεν ήταν δυνατή η ολοκλή�ωση του αιτήματος π�ος το HaveIBeenPwned
 
@@ -427,8 +410,6 @@ activate_email.title=%s, πα�ακαλώ επαληθε�στε τη διε�θ
 activate_email.text=Πα�ακαλώ κάντε κλικ στον πα�ακάτω σ�νδεσμο για να επαληθε�σετε τη διε�θυνση email σας στο <b>%s</b>:
 
 register_notify.title=%[1]s, καλώς ή�θατε στο %[2]s
-register_notify.text_1=αυτό είναι το email επιβεβαίωσης εγγ�αφής για το %s!
-register_notify.text_2=Τώ�α μπο�είτε να συνδεθείτε μέσω του ονόματος χ�ήστη: %s.
 register_notify.text_3=Εάν αυτός ο λογα�ιασμός έχει δημιου�γηθεί για εσάς, πα�ακαλώ <a href="%s">ο�ίστε π�ώτα τον κωδικό π�όσβασής σας</a>.
 
 reset_password=Ανάκτηση του λογα�ιασμο� σας
@@ -466,7 +447,6 @@ release.download.targz=Πηγαίος Κώδικας (TAR.GZ)
 repo.transfer.subject_to=%s θα ήθελε να μεταφέ�ει το "%s" σε %s
 repo.transfer.subject_to_you=`%s θα ήθελε να σας μεταφέ�ει το "%s"`
 repo.transfer.to_you=εσάς
-repo.transfer.body=Για να το αποδεχτείτε ή να το απο��ίψετε, επισκεφθείτε το %s ή απλά αγνοήστε το.
 
 repo.collaborator.added.subject=%s σας π�όσθεσε στο %s
 repo.collaborator.added.text=Έχετε π�οστεθεί ως συνε�γάτης του αποθετη�ίου:
@@ -518,7 +498,6 @@ url_error=`Το "%s" δεν είναι ένα έγκυ�ο URL.`
 include_error=` π�έπει να πε�ιέχει το μέ�ος "%s".`
 glob_pattern_error=` το μοτίβο ται�ιάσματος (glob) δεν είναι έγκυ�ο: %s.`
 regex_pattern_error=` το μοτίβο regex δεν είναι έγκυ�ο: %s.`
-username_error=` μπο�εί να πε�ιέχει μόνο αλφα�ιθμητικο�ς χα�ακτή�ες ('0-9','a-z','A-Z'), πα�λα ('-'), κάτω πα�λα ('_') και τελεία ('.'). Δεν μπο�εί να ξεκινά ή να τελειώνει με μη αλφα�ιθμητικο�ς χα�ακτή�ες, επίσης απαγο�ε�ονται οι διαδοχικοί μη αλφα�ιθμητικοί χα�ακτή�ες.`
 invalid_group_team_map_error=` η αντιστοίχιση δεν είναι έγκυ�η: %s`
 unknown_error=Άγνωστο σφάλμα:
 captcha_incorrect=Ο κωδικός CAPTCHA είναι λάθος.
@@ -531,11 +510,9 @@ username_has_not_been_changed=Το όνομα χ�ήστη δεν άλλαξε
 repo_name_been_taken=Το όνομα του αποθετη�ίου χ�ησιμοποιείται ήδη.
 repository_force_private=Η επιλογή Μόνο Ιδιωτικά είναι ενε�γοποιημένη: τα ιδιωτικά αποθετή�ια δεν μπο�ο�ν να δημοσιευθο�ν.
 repository_files_already_exist=Α�χεία υπά�χουν ήδη για αυτό το αποθετή�ιο. Επικοινωνήστε με το διαχει�ιστή του συστήματος.
-repository_files_already_exist.adopt=Α�χεία υπά�χουν ήδη για αυτό το αποθετή�ιο και μπο�ο�ν να Υιοθετηθο�ν μόνο.
 repository_files_already_exist.delete=Τα α�χεία υπά�χουν ήδη για αυτόν το αποθετή�ιο. Π�έπει να τα διαγ�άψετε.
 repository_files_already_exist.adopt_or_delete=Τα α�χεία υπά�χουν ήδη για αυτόν το αποθετή�ιο. Είτε υιοθετήστε τα είτε διαγ�άψτε τα.
 visit_rate_limit=Συναντήθηκε το ό�ιο �υθμο� κατά την απομακ�υσμένη π�όσβαση.
-2fa_auth_required=Απαιτήθηκε ταυτοποίηση δ�ο πα�αγόντων κατά την απομακ�υσμένη π�όσβαση.
 org_name_been_taken=Το όνομα του ο�γανισμο� χ�ησιμοποιείται ήδη.
 team_name_been_taken=Το όνομα της ομάδας χ�ησιμοποιείται ήδη.
 team_no_units_error=�α επιτ�έπεται η π�όσβαση σε τουλάχιστον μία ενότητα αποθετη�ίου.
@@ -563,14 +540,8 @@ invalid_ssh_key=Δεν είναι δυνατή η επαλήθευση του SS
 invalid_gpg_key=Δεν είναι δυνατή η επαλήθευση του GPG κλειδιο� σας: %s
 invalid_ssh_principal=Μη έγκυ�η α�χή: %s
 must_use_public_key=Το κλειδί που δώσατε είναι ένα ιδιωτικό κλειδί. Πα�ακαλώ μην ανεβάζετε το ιδιωτικό σας κλειδί οπουδήποτε. Χ�ησιμοποιήστε το δημόσιο κλειδί αντί αυτο�.
-unable_verify_ssh_key=Αδυναμία επαλήθευσης του κλειδιο� SSH, ελέγξτε το ξανά για λάθη.
 auth_failed=Αποτυχία ταυτοποίησης: %v
 
-still_own_repo=Ο λογα�ιασμός σας κατέχει ένα ή πε�ισσότε�α αποθετή�ια, διαγ�άψτε ή μεταφέ�ετε τα π�ώτα.
-still_has_org=Ο λογα�ιασμός σας είναι μέλος σε ένα ή πε�ισσότε�ους ο�γανισμο�ς, φ�γετε από αυτο�ς π�ώτα.
-still_own_packages=Ο λογα�ιασμός σας κατέχει ένα ή πε�ισσότε�α πακέτα, διαγ�άψτε τα π�ώτα.
-org_still_own_repo=Αυτός ο ο�γανισμός κατέχει ακόμα ένα ή πε�ισσότε�α αποθετή�ια, διαγ�άψτε τα ή μεταφέ�ετε τα π�ώτα.
-org_still_own_packages=Αυτός ο ο�γανισμός κατέχει ακόμα ένα ή πε�ισσότε�α πακέτα, διαγ�άψτε τα π�ώτα.
 
 target_branch_not_exist=Ο κλάδος π�οο�ισμο� δεν υπά�χει.
 
@@ -599,7 +570,6 @@ settings=Ρυθμίσεις Χ�ήστη
 
 form.name_reserved=Το όνομα χ�ήστη "%s" είναι δεσμευμένο.
 form.name_pattern_not_allowed=Το μοτίβο "%s" δεν επιτ�έπεται μέσα σε ένα όνομα χ�ήστη.
-form.name_chars_not_allowed=Το όνομα χ�ήστη "%s" πε�ιέχει μη έγκυ�ους χα�ακτή�ες.
 
 
 [settings]
@@ -622,7 +592,6 @@ uid=UID
 public_profile=Δημόσιο Π�οφίλ
 biography_placeholder=Πείτε μας λίγο για τον εαυτό σας! (Μπο�είτε να γ�άψετε με Markdown)
 location_placeholder=Μοι�αστείτε την κατά π�οσέγγιση τοποθεσία σας με άλλους
-profile_desc=Ελέγξτε πώς εμφανίζεται το π�οφίλ σας σε άλλους χ�ήστες. Η κ��ια διε�θυνση email σας θα χ�ησιμοποιηθεί για ειδοποιήσεις, ανάκτηση κωδικο� π�όσβασης και λειτου�γίες Git που βασίζονται στο web.
 full_name=Πλή�ες Όνομα
 website=Ιστοσελίδα
 location=Τοποθεσία
@@ -692,10 +661,8 @@ requires_activation=Απαιτείται ενε�γοποίηση
 primary_email=Αλλαγή κυ�ιότητας
 activate_email=Αποστολή Ενε�γοποίησης
 activations_pending=Εκκ�εμο�ν Ενε�γοποιήσεις
-can_not_add_email_activations_pending=Εκκ�εμεί μια ενε�γοποίηση, δοκιμάστε ξανά σε λίγα λεπτά αν θέλετε να π�οσθέσετε ένα νέο email.
 delete_email=Αφαί�εση
 email_deletion=Αφαί�εση Διε�θυνσης Email
-email_deletion_desc=Η διε�θυνση ηλεκτ�ονικο� ταχυδ�ομείου και οι σχετικές πλη�οφο�ίες θα αφαι�εθο�ν από τον λογα�ιασμό σας. Οι υποβολές Git από αυτή τη διε�θυνση email θα πα�αμείνουν αμετάβλητες. Συνέχεια;
 email_deletion_success=Η διε�θυνση email σας έχει κατα�γηθεί.
 theme_update_success=Το θέμα διεπαφής σας ενημε�ώθηκε.
 theme_update_error=Το επιλεγμένο θέμα διεπαφής δεν υπά�χει.
@@ -738,7 +705,6 @@ gpg_key_matched_identities_long=Οι ενσωματωμένες ταυτότητ
 gpg_key_verified=Επαληθευμένο Κλειδί
 gpg_key_verified_long=Το κλειδί έχει επαληθευτεί με ένα διακ�ιτικό (token) και μπο�εί να χ�ησιμοποιηθεί για να επαληθε�σει τις υποβολές που ται�ιάζουν με οποιεσδήποτε ενε�γοποιημένες διευθ�νσεις email για αυτόν το χ�ήστη εκτός από οποιαδήποτε αντιστοιχισμένη ταυτότητα για αυτό το κλειδί.
 gpg_key_verify=Επαλήθευση
-gpg_invalid_token_signature=Το κλειδί GPG, η υπογ�αφή και το διακ�ιτικό (token) δεν ται�ιάζουν ή το διακ�ιτικό (token) είναι πα�ωχημένο.
 gpg_token_required=Π�έπει να δώσετε μια υπογ�αφή για το πα�ακάτω διακ�ιτικό
 gpg_token=Διακ�ιτικό
 gpg_token_help=Μπο�είτε να δημιου�γήσετε μια υπογ�αφή χ�ησιμοποιώντας:
@@ -748,7 +714,6 @@ verify_gpg_key_success=Το κλειδί GPG "%s" επαληθε�τηκε.
 ssh_key_verified=Επαληθευμένο Κλειδί
 ssh_key_verified_long=Το κλειδί έχει επαληθευτεί με ένα διακ�ιτικό και μπο�εί να χ�ησιμοποιηθεί για να επαληθε�σει τα commits που ται�ιάζουν με οποιεσδήποτε ενε�γοποιημένες διευθ�νσεις ηλεκτ�ονικο� ταχυδ�ομείου για αυτόν το χ�ήστη.
 ssh_key_verify=Επαλήθευση
-ssh_invalid_token_signature=Το πα�εχόμενο κλειδί SSH, υπογ�αφή ή διακ�ιτικό δεν ται�ιάζει ή το διακ�ιτικό έληξε.
 ssh_token_required=Π�έπει να δώσετε μια υπογ�αφή για το πα�ακάτω διακ�ιτικό
 ssh_token=Διακ�ιτικό
 ssh_token_help=Μπο�είτε να δημιου�γήσετε μια υπογ�αφή χ�ησιμοποιώντας:
@@ -769,7 +734,6 @@ gpg_key_deletion=Διαγ�αφή Κλειδιο� GPG
 ssh_principal_deletion=Διαγ�αφή Α�χών Πιστοποιητικο� SSH
 ssh_key_deletion_desc=Η διαγ�αφή ενός κλειδιο� SSH ανακαλεί την π�όσβασή του στο λογα�ιασμό σας. Συνέχεια;
 gpg_key_deletion_desc=Η διαγ�αφή ενός κλειδιο� GPG απο-επαληθε�ει τις υποβολές που έχουν υπογ�αφεί από αυτό. Συνέχεια;
-ssh_principal_deletion_desc=Η διαγ�αφή μιας α�χής πιστοποιητικο� SSH ανακαλεί την π�όσβασή της στο λογα�ιασμό σας. Συνέχεια;
 ssh_key_deletion_success=Το SSH κλειδί έχει διαγ�αφεί.
 gpg_key_deletion_success=Το κλειδί GPG έχει διαγ�αφεί.
 ssh_principal_deletion_success=Η α�χή πιστοποιητικο� έχει διαγ�αφεί.
@@ -827,7 +791,6 @@ create_oauth2_application_button=Δημιου�γία Εφα�μογής
 create_oauth2_application_success=Έχετε δημιου�γήσει με επιτυχία μια νέα εφα�μογή OAuth2.
 update_oauth2_application_success=Έχετε ενημε�ώσει με επιτυχία την εφα�μογή OAuth2.
 oauth2_application_name=Όνομα Εφα�μογής
-oauth2_confidential_client=Εμπιστευτικός Πελάτης. Επιλέξτε το για εφα�μογές που διατη�ο�ν το μυστικό κωδικό κ�υφό, όπως πχ οι εφα�μογές ιστο�. Μην επιλέγετε για εγγενείς εφα�μογές, συμπε�ιλαμβανομένων εφα�μογών επιφάνειας ε�γασίας και εφα�μογών για κινητά.
 oauth2_redirect_uris=URI Ανακατε�θυνσης. Χ�ησιμοποιήστε μια νέα γ�αμμή για κάθε URI.
 save_application=Αποθήκευση
 oauth2_client_id=Ταυτότητα Πελάτη
@@ -841,10 +804,8 @@ oauth2_application_remove_description=Αφαι�ώντας μια εφα�μογ
 oauth2_application_locked=Το Gitea κάνει π�οεγγ�αφή σε με�ικές εφα�μογές OAuth2 κατά την εκκίνηση αν είναι ενε�γοποιημένες στις �υθμίσεις. Για την αποφυγή απ�οσδόκητης συμπε�ιφο�άς, αυτές δεν μπο�ο�ν ο�τε να επεξε�γαστο�ν ο�τε να κατα�γηθο�ν. Πα�ακαλο�με ανατ�έξτε στην τεκμη�ίωση OAuth2 για πε�ισσότε�ες πλη�οφο�ίες.
 
 authorized_oauth2_applications=Εξουσιοδοτημένες Εφα�μογές OAuth2
-authorized_oauth2_applications_description=Έχετε χο�ηγήσει π�όσβαση στον π�οσωπικό σας λογα�ιασμό σε αυτές τις εφα�μογές τ�ίτων. Ανακαλέστε την π�όσβαση για εφα�μογές που δεν χ�ειάζεστε πλέον.
 revoke_key=Ανάκληση
 revoke_oauth2_grant=Ανάκληση Π�όσβασης
-revoke_oauth2_grant_description=Η ανάκληση π�όσβασης για αυτή την εξωτε�ική εφα�μογή θα αποτ�έψει αυτή την εφα�μογή από την π�όσβαση στα δεδομένα σας. Σίγου�α;
 revoke_oauth2_grant_success=Η π�όσβαση ανακλήθηκε επιτυχώς.
 
 twofa_recovery_tip=Αν χάσετε τη συσκευή σας, θα είστε σε θέση να χ�ησιμοποιήσετε ένα κλειδί ανάκτησης μιας χ�ήσης για να ανακτήσετε την π�όσβαση στο λογα�ιασμό σας.
@@ -852,7 +813,6 @@ twofa_is_enrolled=Ο λογα�ιασμός σας είναι <strong>εγγεγ
 twofa_not_enrolled=Ο λογα�ιασμός σας δεν είναι εγγεγ�αμμένος σε έλεγχο ταυτότητας δ�ο πα�αγόντων.
 twofa_disable=Απενε�γοποίηση Ταυτοποίησης Δ�ο Πα�αμέτ�ων
 twofa_scratch_token_regenerated=Το κλειδί ανάκτησης μιας χ�ήσης είναι τώ�α %s. Αποθηκε�στε το σε ασφαλές μέ�ος, καθώς δε θα εμφανιστεί ξανά.
-twofa_enroll=Εγγ�αφή στην ταυτοποίηση δ�ο πα�αγόντων
 twofa_disable_note=Μπο�είτε να απενε�γοποιήσετε την ταυτοποίηση δ�ο πα�αγόντων αν χ�ειαστεί.
 twofa_disable_desc=Η απενε�γοποίηση της ταυτοποίησης δ�ο πα�αγόντων θα καταστήσει τον λογα�ιασμό σας λιγότε�ο ασφαλή. Συνέχεια;
 twofa_disabled=Η ταυτοποίηση δ�ο πα�αγόντων έχει απενε�γοποιηθεί.
@@ -865,13 +825,11 @@ twofa_failed_get_secret=Αποτυχία λήψης μυστικο�.
 webauthn_register_key=Π�οσθήκη Κλειδιο� Ασφαλείας
 webauthn_nickname=Ψευδώνυμο
 webauthn_delete_key=Αφαί�εση Κλειδιο� Ασφαλείας
-webauthn_delete_key_desc=Αν αφαι�έσετε ένα κλειδί ασφαλείας δεν μπο�είτε πλέον να συνδεθείτε με αυτό. Συνέχεια;
 webauthn_key_loss_warning=Αν χάσετε τα κλειδιά ασφαλείας σας, θα χάσετε την π�όσβαση στο λογα�ιασμό σας.
 webauthn_alternative_tip=Μπο�εί να θέλετε να �υθμίσετε μια π�όσθετη μέθοδο ταυτοποίησης.
 
 manage_account_links=Διαχεί�ιση Συνδεδεμένων Λογα�ιασμών
 manage_account_links_desc=Αυτοί οι εξωτε�ικοί λογα�ιασμοί είναι συνδεδεμένοι στον Gitea λογα�ιασμό σας.
-account_links_not_available=Π�ος το πα�όν δεν υπά�χουν εξωτε�ικοί λογα�ιασμοί συνδεδεμένοι με τον λογα�ιασμό σας στο Gitea.
 link_account=Σ�νδεση Λογα�ιασμο�
 remove_account_link=Αφαί�εση Συνδεδεμένου Λογα�ιασμο�
 remove_account_link_desc=Η κατά�γηση ενός συνδεδεμένου λογα�ιασμο� θα ανακαλέσει την π�όσβασή του στο λογα�ιασμό σας στο Gitea. Συνέχεια;
@@ -926,7 +884,6 @@ fork_to_different_account=Fork σε διαφο�ετικό λογα�ιασμό
 fork_visibility_helper=Η ο�ατότητα ενός fork αποθετη�ίου δεν μπο�εί να αλλάξει.
 fork_branch=Κλάδος που θα κλωνοποιηθεί στο fork
 all_branches=Όλοι οι κλάδοι
-fork_no_valid_owners=Αυτό το αποθετή�ιο δεν μπο�εί να γίνει fork επειδή δεν υπά�χουν έγκυ�οι ιδιοκτήτες.
 use_template=Χ�ήση αυτο� του π�ότυπου
 download_zip=Λήψη ZIP
 download_tar=Λήψη TAR.GZ
@@ -962,12 +919,10 @@ mirror_interval_invalid=Το χ�ονικό διάστημα του ειδώλο
 mirror_sync_on_commit=Συγχ�ονισμός κατά την ώθηση
 mirror_address=Κλωνοποίηση Από Το URL
 mirror_address_desc=Τοποθετήστε όλα τα απαιτο�μενα διαπιστευτή�ια στην ενότητα Εξουσιοδότηση.
-mirror_address_url_invalid=Η διε�θυνση URL που δόθηκε δεν είναι έγκυ�η. Π�έπει να κάνετε escape όλα τα στοιχεία του url σωστά.
 mirror_address_protocol_invalid=Η πα�εχόμενη διε�θυνση URL δεν είναι έγκυ�η. Μόνο οι τοποθεσίες http(s):// ή git:// μπο�ο�ν να χ�ησιμοποιηθο�ν για τη δημιου�γία ειδώλου.
 mirror_lfs=Large File Storage (LFS)
 mirror_lfs_desc=Ενε�γοποίηση αντικατοπτ�ισμο� δεδομένων LFS.
 mirror_lfs_endpoint=Άκ�ο LFS
-mirror_lfs_endpoint_desc=Ο συγχ�ονισμός θα π�οσπαθήσει να χ�ησιμοποιήσει το url κλωνοποίησης για να <a target="_blank" rel="noopener noreferrer" href="%s">καθο�ίσει τον διακομιστή LFS</a>. Μπο�είτε επίσης να καθο�ίσετε μια άλλη διε�θυνση αν τα δεδομένα LFS του αποθετη�ίου αποθηκε�ονται κάπου αλλο�.
 mirror_last_synced=Τελευταίος Συγχ�ονισμός
 mirror_password_placeholder=(Χω�ίς αλλαγή)
 mirror_password_blank_placeholder=(Μη ο�ισμένο)
@@ -979,7 +934,6 @@ forks=Forks
 reactions_more=και %d πε�ισσότε�α
 unit_disabled=Ο διαχει�ιστής του ιστότοπου έχει απενε�γοποιήσει αυτήν την ενότητα αποθετη�ίου.
 language_other=Άλλο
-adopt_search=Εισάγετε όνομα χ�ήστη για αναζήτηση μη υιοθετημένων αποθετη�ίων... (αφήστε κενό για να β�είτε όλα)
 adopt_preexisting_label=Υιοθέτηση Α�χείων
 adopt_preexisting=Υιοθετήστε τα π�οϋπά�χοντα α�χεία
 adopt_preexisting_content=Δημιου�γία αποθετη�ίου από %s
@@ -1015,8 +969,6 @@ template.issue_labels=Σήματα Ζητήματος
 template.one_item=Π�έπει να επιλέξετε τουλάχιστον ένα αντικείμενο στο π�ότυπο
 template.invalid=Π�έπει να επιλέξετε ένα π�ότυπο αποθετή�ιο
 
-archive.title=Αυτό το αποθετή�ειο α�χειοθετήθηκε. Μπο�είτε να π�οβάλετε α�χεία και να τα κλωνοποιήσετε, αλλά δεν μπο�είτε να ωθήσετε ή να ανοίξετε ζητήματα ή pull requests.
-archive.title_date=Αυτό το αποθετή�ιο έχει α�χειοθετηθεί στο %s. Μπο�είτε να π�οβάλετε α�χεία και να κλωνοποιήσετε, αλλά δεν μπο�είτε να ωθήσετε ή να ανοίξετε ζητήματα ή pull requests.
 archive.issue.nocomment=Αυτό το αποθετή�ιο α�χειοθετήθηκε. Δεν μπο�είτε να σχολιάσετε σε ζητήματα.
 archive.pull.nocomment=Αυτό το repo α�χειοθετήθηκε. Δεν μπο�είτε να σχολιάσετε στα pull requests.
 
@@ -1033,7 +985,6 @@ migrate_options_lfs=Μεταφο�ά α�χείων LFS
 migrate_options_lfs_endpoint.label=Άκ�ο LFS
 migrate_options_lfs_endpoint.description=Η μεταφο�ά θα π�οσπαθήσει να χ�ησιμοποιήσει το Git remote για να <a target="_blank" rel="noopener noreferrer" href="%s">καθο�ίσει τον διακομιστή LFS</a>. Μπο�είτε επίσης να καθο�ίσετε ένα δικό σας endpoint αν τα δεδομένα LFS του αποθετη�ίου αποθηκε�ονται κάπου αλλο�.
 migrate_options_lfs_endpoint.description.local=Μια διαδ�ομή στο τοπικό διακομιστή επίσης υποστη�ίζεται.
-migrate_options_lfs_endpoint.placeholder=Αν αφεθεί κενό, το άκ�ο θα π�οκ�ψει από το URL του κλώνου
 migrate_items=Στοιχεία Μεταφο�άς
 migrate_items_wiki=Wiki
 migrate_items_milestones=Ο�όσημα
@@ -1045,10 +996,8 @@ migrate_items_releases=Κυκλοφο�ίες
 migrate_repo=Μεταφο�ά Αποθετη�ίου
 migrate.clone_address=Μεταφο�ά / Κλωνοποίηση Από Το URL
 migrate.clone_address_desc=Το HTTP(S) ή Git URL 'κλωνοποίησης' ενός υπά�χοντος αποθετη�ίου
-migrate.github_token_desc=Μπο�είτε να βάλετε ένα ή πε�ισσότε�α διακ�ιτικά εδώ, χω�ισμένα με κόμμα, για να κάνετε τη μετεγκατάσταση πιο γ�ήγο�α, λόγω του ο�ίου �υθμο� του GitHub API. ΠΡΟΣΟΧΗ: Η κατάχ�ηση αυτής της δυνατότητας μπο�εί να πα�αβιάσει την πολιτική του πα�όχου υπη�εσιών και να οδηγήσει σε αποκλεισμό του λογα�ιασμο� σας.
 migrate.clone_local_path=ή μια διαδ�ομή τοπικο� διακομιστή
 migrate.permission_denied=Δεν επιτ�έπεται η εισαγωγή τοπικών αποθετη�ίων.
-migrate.permission_denied_blocked=Δεν μπο�είτε να εισαγάγετε από μη επιτ�επόμενους υπολογιστές, πα�ακαλο�με ζητήστε από τον διαχει�ιστή να ελέγξει τις �υθμίσεις ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_local_path=Η τοπική διαδ�ομή δεν είναι έγκυ�η. Δεν υπά�χει ή δεν είναι φάκελος.
 migrate.invalid_lfs_endpoint=Η διε�θυνση LFS δεν είναι έγκυ�ο.
 migrate.failed=Η μεταφο�ά απέτυχε: %v
@@ -1056,7 +1005,6 @@ migrate.migrate_items_options=Το ΔιακÏ�ιτικό ΠÏ�όσβασης απÎ
 migrated_from=Μεταφέ�θηκε από <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Μεταφέ�θηκε από %[1]s
 migrate.migrate=Μεταφο�ά Από %s
-migrate.migrating=Γίνεται μεταφο�ά από <b>%s</b>...
 migrate.migrating_failed=Η μετεγ�ατάσταση από <b>%s</b> απέτυχε.
 migrate.migrating_failed.error=Αποτυχία μεταφο�άς: %s
 migrate.migrating_failed_no_addr=Η μεταφο�ά απέτυχε.
@@ -1098,7 +1046,6 @@ clone_this_repo=Κλωνοποίηση αυτο� του αποθετη�ίου
 cite_this_repo=Αναφο�ά σε αυτό το αποθετή�ιο
 create_new_repo_command=Δημιου�γία νέου αποθετη�ίου στη γ�αμμή εντολών
 push_exist_repo=Π�οώθηση ενός υπά�χοντος αποθετη�ίου από τη γ�αμμή εντολών
-empty_message=Αυτό το αποθετή�ιο δεν πε�ιέχει τίποτα.
 broken_message=Τα δεδομένα Git που διέπουν αυτό το αποθετή�ιο δεν μπο�ο�ν να διαβαστο�ν. Επικοινωνήστε με το διαχει�ιστή ή διαγ�άψτε αυτό το αποθετή�ιο.
 
 code=Κώδικας
@@ -1116,7 +1063,6 @@ projects=Έ�γα
 packages=Πακέτα
 actions=Δ�άσεις
 labels=Σήματα
-org_labels_desc=Τα σήματα στο επίπεδο ο�γανισμο�, που μπο�ο�ν να χ�ησιμοποιηθο�ν με <strong>όλα τα αποθετή�ια</strong> κάτω από αυτόν τον ο�γανισμό
 org_labels_desc_manage=διαχεί�ιση
 
 milestone=Ο�όσημο
@@ -1148,7 +1094,6 @@ file_copy_permalink=Αντιγ�αφή Permalink
 view_git_blame=Π�οβολή Git Blame
 video_not_supported_in_browser=Το π�όγ�αμμα πε�ιήγησής σας δεν υποστη�ίζει την ετικέτα HTML5 'video'.
 audio_not_supported_in_browser=Το π�όγ�αμμα πε�ιήγησής σας δεν υποστη�ίζει την ετικέτα HTML5 'audio'.
-stored_lfs=Αποθηκε�τηκε με το Git LFS
 symbolic_link=Symbolic link
 executable_file=Εκτελέσιμο Α�χείο
 commit_graph=Γ�άφημα Υποβολών
@@ -1191,7 +1136,6 @@ editor.update=Ενημέ�ωση %s
 editor.delete=Διαγ�αφή %s
 editor.patch=Εφα�μογή Διό�θωσης
 editor.patching=Επιδιό�θωση:
-editor.fail_to_apply_patch=`Αδυναμία εφα�μογής της επιδιό�θωσης "%s"`
 editor.new_patch=�έα Διό�θωση
 editor.commit_message_desc=Π�οσθήκη π�οαι�ετικής εκτενο�ς πε�ιγ�αφής…
 editor.signoff_desc=Π�οσθέστε ένα π�όσθετο Signed-off-by στο τέλος του μην�ματος καταγ�αφής της υποβολής.
@@ -1207,17 +1151,12 @@ editor.filename_is_invalid=Το όνομα α�χείου δεν είναι έγ
 editor.branch_does_not_exist=Ο κλάδος "%s" δεν υπά�χει σε αυτό το αποθετή�ιο.
 editor.branch_already_exists=Ο κλάδος "%s" υπά�χει ήδη σε αυτό το αποθετή�ιο.
 editor.directory_is_a_file=Το όνομα φακέλου "%s" χ�ησιμοποιείται ήδη ως όνομα α�χείου σε αυτό το αποθετή�ιο.
-editor.file_is_a_symlink=`Το "%s" είναι συμβολικός σ�νδεσμος. Οι συμβολικοί σ�νδεσμοι δεν μπο�ο�ν να επεξε�γαστο�ν στην ενσωματωμένη εφα�μογή`
 editor.filename_is_a_directory=Το όνομα α�χείου "%s" χ�ησιμοποιείται ήδη ως όνομα φακέλου σε αυτό το αποθετή�ιο.
-editor.file_editing_no_longer_exists=Το α�χείο "%s" που επεξε�γάζεται, δεν υπά�χει πλέον σε αυτό το αποθετή�ιο.
-editor.file_deleting_no_longer_exists=Το α�χείο "%s" που διαγ�άφεται, δεν υπά�χει πλέον σε αυτό το αποθετή�ιο.
 editor.file_changed_while_editing=Τα πε�ιεχόμενα του α�χείου άλλαξαν από τότε που ξεκίνησε η επεξε�γασία. <a target="_blank" rel="noopener noreferrer" href="%s">Κάντε κλικ εδώ</a> για να τα δείτε ή <strong>Υποβολή Αλλαγών ξανά</strong> για να τα αντικαταστήσετε.
 editor.file_already_exists=Ένα α�χείο με το όνομα "%s" υπά�χει ήδη σε αυτό το αποθετή�ιο.
 editor.commit_empty_file_header=Υποβολή ενός κενο� α�χείου
 editor.commit_empty_file_text=Το α�χείο που π�όκειται να υποβληθεί είναι κενό. Συνέχεια;
 editor.no_changes_to_show=Δεν υπά�χουν αλλαγές για εμφάνιση.
-editor.fail_to_update_file=Αποτυχία ενημέ�ωσης/δημιου�γίας του α�χείου "%s".
-editor.fail_to_update_file_summary=Μήνυμα Σφάλματος:
 editor.push_rejected_no_message=Η αλλαγή απο��ίφθηκε από το διακομιστή χω�ίς κάποιο μήνυμα. Πα�ακαλώ ελέγξτε τα Άγκιστ�α Git.
 editor.push_rejected=Η αλλαγή απο��ίφθηκε από τον διακομιστή. Πα�ακαλώ ελέγξτε τα Άγκιστ�α Git.
 editor.push_rejected_summary=Μήνυμα Πλή�ους Από��ιψης:
@@ -1232,6 +1171,7 @@ editor.require_signed_commit=Ο κλάδος απαιτεί υπογεγ�αμμ
 editor.cherry_pick=Ανθολόγηση (cherry-pic) του %s στο:
 editor.revert=Απόσυ�ση του %s στο:
 
+
 commits.desc=Δείτε το ιστο�ικό αλλαγών του πηγαίου κώδικα.
 commits.commits=Υποβολές
 commits.no_commits=Δεν υπά�χουν κοινές υποβολές. Τα "%s" και "%s" έχουν εντελώς διαφο�ετικές ιστο�ίες.
@@ -1377,7 +1317,6 @@ issues.filter_project=Έ�γο
 issues.filter_project_all=Όλα τα έ�γα
 issues.filter_project_none=Χω�ίς έ�γα
 issues.filter_assignee=Αποδέκτης
-issues.filter_assginee_no_assignee=Κανένας Αποδέκτης
 issues.filter_poster=Συγγ�αφέας
 issues.filter_type=Τ�πος
 issues.filter_type.all_issues=Όλα τα ζητήματα
@@ -1389,7 +1328,6 @@ issues.filter_type.reviewed_by_you=Ελέγχθηκε από εσάς
 issues.filter_sort=Ταξινόμηση
 issues.filter_sort.latest=�εότε�α
 issues.filter_sort.oldest=Παλαιότε�α
-issues.filter_sort.recentupdate=Ενημε�ώθηκαν π�όσφατα
 issues.filter_sort.leastupdate=Ενημε�ώθηκαν παλαιότε�α
 issues.filter_sort.mostcomment=Πε�ισσότε�ο σχολιασμένα
 issues.filter_sort.leastcomment=Λιγότε�ο σχολιασμένα
@@ -1498,7 +1436,6 @@ issues.pin_comment=διατή�ησε αυτό %s
 issues.unpin_comment=άφησε αυτό %s
 issues.lock=Κλείδωμα συνομιλίας
 issues.unlock=Ξεκλείδωμα συνομιλίας
-issues.lock.unknown_reason=Αδυναμία κλειδώματος ενός ζητήματος με άγνωστο λόγο.
 issues.lock_duplicate=Ένα ζήτημα δεν μπο�εί να κλειδωθεί δ�ο φο�ές.
 issues.unlock_error=Δεν είναι δυνατό να ξεκλειδώσετε ένα ζήτημα που δεν είναι κλειδωμένο.
 issues.lock_with_reason=κλειδωμένο ως <strong>%s</strong> και πε�ιο�ισμένη συνομιλία με συνε�γάτες %s
@@ -1506,7 +1443,6 @@ issues.lock_no_reason=κλειδωμένη και πεÏ�ιοÏ�ισμένη συÎ
 issues.unlock_comment=ξεκλείδωσε αυτή τη συνομιλία %s
 issues.lock_confirm=Κλείδωμα
 issues.unlock_confirm=Ξεκλείδωμα
-issues.lock.notice_1=- Άλλοι χ�ήστες δεν μπο�ο�ν να π�οσθέσουν νέα σχόλια σε αυτό το ζήτημα.
 issues.lock.notice_2=- Εσείς και άλλοι συνε�γάτες με π�όσβαση σε αυτό το αποθετή�ιο μπο�ο�ν ακόμα να αφήσουν σχόλια που μπο�ο�ν να δουν άλλοι.
 issues.lock.notice_3=- Μπο�είτε πάντα να ξεκλειδώσετε αυτό το ζήτημα ξανά στο μέλλον.
 issues.unlock.notice_1=- Όλοι θα ήταν σε θέση να σχολιάσουν αυτό το ζήτημα για άλλη μια φο�ά.
@@ -1544,7 +1480,6 @@ issues.due_date_form=εεεε-μμ-ηη
 issues.due_date_form_add=Π�οσθήκη ημε�ομηνίας πα�άδοσης
 issues.due_date_form_edit=Επεξε�γασία
 issues.due_date_form_remove=Διαγ�αφή
-issues.due_date_not_writer=Χ�ειάζεστε π�όσβαση εγγ�αφής στο αποθετή�ιο για να ενημε�ώσετε την ημε�ομηνία λήξης ενός π�οβλήματος.
 issues.due_date_not_set=Δεν ο�ίστηκε ημε�ομηνία πα�άδοσης.
 issues.due_date_added=π�όσθεσε την ημε�ομηνία πα�άδοσης %s %s
 issues.due_date_modified=τ�οποποίησε την ημε�ομηνία πα�άδοσης από %[2]s σε %[1]s %[3]s
@@ -1567,9 +1502,7 @@ issues.dependency.pr_closing_blockedby=Το κλείσιμο αυτο� pull req
 issues.dependency.issue_closing_blockedby=Το κλείσιμο αυτο� του ζητήματος εμποδίζεται από τα ακόλουθα ζητήματα
 issues.dependency.issue_close_blocks=Αυτό το ζήτημα εμποδίζει το κλείσιμο των ακόλουθων ζητημάτων
 issues.dependency.pr_close_blocks=Αυτό το pull request εμποδίζει το κλείσιμο των ακόλουθων ζητημάτων
-issues.dependency.issue_close_blocked=Π�έπει να κλείσετε όλα τα ζητήματα που εμποδίζουν αυτό το ζήτημα π�ιν το κλείσετε.
 issues.dependency.issue_batch_close_blocked=Δεν είναι δυνατό το ομαδικό κλείσιμο ζητημάτων που επιλέξατε, επειδή το ζήτημα #%d ακόμα έχει ανοιχτές εξα�τήσεις
-issues.dependency.pr_close_blocked=Π�έπει να κλείσετε όλα τα ζητήματα που εμποδίζουν αυτό το pull request για να μπο�έσετε να το συγχωνε�σετε.
 issues.dependency.blocks_short=Μπλοκά�ει
 issues.dependency.blocked_by_short=Εξα�τάται από
 issues.dependency.remove_header=Αφαί�εση Εξά�τησης
@@ -1580,12 +1513,10 @@ issues.dependency.add_error_same_issue=Δεν μπο�είτε να εξα�τά
 issues.dependency.add_error_dep_issue_not_exist=Εξα�τώμενο ζήτημα δεν υπά�χει.
 issues.dependency.add_error_dep_not_exist=Δεν υπά�χει η Εξά�τηση.
 issues.dependency.add_error_dep_exists=Η Εξά�τηση υπά�χει ήδη.
-issues.dependency.add_error_cannot_create_circular=Δεν μπο�είτε να δημιου�γήσετε μια εξά�τηση με δ�ο ζητήματα που μπλοκά�ουν το ένα το άλλο.
 issues.dependency.add_error_dep_not_same_repo=Και τα δ�ο ζητήματα π�έπει να β�ίσκονται στο ίδιο αποθετή�ιο.
 issues.review.self.approval=Δεν μπο�είτε να εγκ�ίνετε το δικό σας pull request.
 issues.review.self.rejection=Δεν μπο�είτε να ζητήσετε αλλαγές στο δικό σας pull request.
 issues.review.approve=ενέκ�ινε αυτές τις αλλαγές %s
-issues.review.dismissed=απέ��ιψε την αξιολόγηση %s %s
 issues.review.dismissed_label=Απο��ίφθηκε
 issues.review.left_comment=άφησε ένα σχόλιο
 issues.review.content.empty=Θα π�έπει να αφήσετε ένα σχόλιο υποδεικν�οντας την ζητο�μενη αλλαγή(ές).
@@ -1593,7 +1524,6 @@ issues.review.reject=ζήτησε αλλαγές %s
 issues.review.wait=ζητήθηκε για αναθεώ�ηση %s
 issues.review.add_review_request=ζητήθηκε αναθεώ�ηση από %s %s
 issues.review.remove_review_request=αφαι�έθηκε αίτηση αναθεώ�ησης για %s %s
-issues.review.remove_review_request_self=α�νήθηκε να αναθεω�ήσει %s
 issues.review.pending=Εκκ�εμεί
 issues.review.pending.tooltip=Αυτό το σχόλιο π�ος το πα�όν δεν είναι ο�ατό από άλλους χ�ήστες. Για να υποβάλετε τα σχόλιά σας, επιλέξτε "%s" -> "%s/%s/%s" στη κο�υφή της σελίδας.
 issues.review.review=Αξιολόγηση
@@ -1610,7 +1540,6 @@ issues.review.resolve_conversation=Επίλυση συνομιλίας
 issues.review.un_resolve_conversation=Ανεπίλυτη συνομιλία
 issues.review.resolved_by=σημείωση αυτή την συνομιλία ως επιλυμένη
 issues.review.commented=Σχόλιο
-issues.assignee.error=Δεν π�οστέθηκαν όλοι οι πα�αλήπτες λόγω απ�οσδόκητου σφάλματος.
 issues.reference_issue.body=Σώμα
 issues.content_history.deleted=διαγ�άφηκε
 issues.content_history.edited=επεξε�γάστηκε
@@ -1645,7 +1574,6 @@ pulls.show_all_commits=Εμφάνιση όλων των υποβολών
 pulls.show_changes_since_your_last_review=Εμφάνιση αλλαγών από την τελευταία αξιολόγηση
 pulls.showing_only_single_commit=Εμφάνιση μόνο αλλαγών της υποβολής %[1]s
 pulls.showing_specified_commit_range=Εμφάνιση μόνο των αλλαγών μεταξ� %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Επιλέξτε υποβολή. Κ�ατήστε πατημένο το shift + κάντε κλικ για να επιλέξετε ένα ε��ος
 pulls.review_only_possible_for_full_diff=Η αξιολόγηση είναι δυνατή μόνο κατά την π�οβολή της πλή�ης διαφο�άς
 pulls.filter_changes_by_commit=Φιλτ�ά�ισμα κατά υποβολή
 pulls.nothing_to_compare=Αυτοί οι κλάδοι είναι όμοιοι. Δεν υπά�χει ανάγκη να δημιου�γήσετε ένα pull request.
@@ -1673,7 +1601,6 @@ pulls.add_prefix=Π�οσθήκη <strong>%s</strong> π�οθέματος
 pulls.remove_prefix=Αφαί�εση <strong>%s</strong> π�οθέματος
 pulls.data_broken=Αυτό το pull request είναι κατεστ�αμμένο λόγω των πλη�οφο�ιών του fork που λείπουν.
 pulls.files_conflicted=Αυτό το pull request πε�ιέχει αλλαγές που συγκ�ο�ονται με το κλάδο π�οο�ισμο�.
-pulls.is_checking=Ο έλεγχος συγκ�ο�σεων κατά την συγχώνευση είναι σε εξέλιξη. Δοκιμάστε ξανά σε λίγα λεπτά.
 pulls.is_ancestor=Αυτός ο κλάδος πε�ιλαμβάνεται ήδη στον κλάδο π�οο�ισμο�. Δεν υπά�χει τίποτα για συγχώνευση.
 pulls.is_empty=Οι αλλαγές σε αυτόν τον κλάδο είναι ήδη στον κλάδο π�οο�ισμο�. Θα είναι μια κενή υποβολή.
 pulls.required_status_check_failed=Ο�ισμένοι απαιτο�μενοι έλεγχοι δεν ήταν επιτυχείς.
@@ -1695,30 +1622,20 @@ pulls.reject_count_1=%d αίτημα αλλαγής
 pulls.reject_count_n=%d αιτήματα αλλαγής
 pulls.waiting_count_1=%d αναμονή αναθεώ�ησης
 pulls.waiting_count_n=%d αναμονή αναθεω�ήσεων
-pulls.wrong_commit_id=Το id υποβολής π�έπει να είναι ένα id υποβολής στον κλάδο π�οο�ισμο�
 
 pulls.no_merge_desc=Αυτό το pull request δεν μπο�εί να συγχωνευθεί επειδή όλες οι επιλογές συγχώνευσης αποθετη�ίων είναι απενε�γοποιημένες.
 pulls.no_merge_helper=Ενε�γοποιήστε τις επιλογές συγχώνευσης στις �υθμίσεις αποθετη�ίου ή συγχωνε�στε το pull request χει�οκίνητα.
 pulls.no_merge_wip=Αυτό το pull request δεν μπο�εί να συγχωνευθεί, επειδή έχει επισημανθεί ως μια ε�γασία σε εξέλιξη.
-pulls.no_merge_not_ready=Αυτό το pull request δεν είναι έτοιμο για συγχώνευση, ελέγξτε την κατάσταση εξέτασης και τους ελέγχους κατάστασης.
 pulls.no_merge_access=Δεν είστε εξουσιοδοτημένοι να συγχωνε�σετε αυτό το pull request.
 pulls.merge_pull_request=Δημιου�γία υποβολής συγχώνευσης
-pulls.rebase_merge_pull_request=Αλλαγή βάσης και μετά γ�ήγο�α-μπ�οστά
-pulls.rebase_merge_commit_pull_request=Αλλαγής βάσης και δημιου�γία υποβολής συγχώνευσης
 pulls.squash_merge_pull_request=Δημιου�γία υποβολής squash
 pulls.merge_manually=Συγχωνε�τηκαν χει�οκίνητα
 pulls.merge_commit_id=Το ID της υποβολής συγχώνευσης
 pulls.require_signed_wont_sign=Ο κλάδος απαιτεί υπογεγ�αμμένες υποβολές αλλά αυτή η συγχώνευση δεν θα υπογ�αφεί
 
 pulls.invalid_merge_option=Δεν μπο�είτε να χ�ησιμοποιήσετε αυτήν την επιλογή συγχώνευσης για αυτό το pull request.
-pulls.merge_conflict=Η Συγχώνευση Απέτυχε: Υπή�ξε μια διένεξη κατά τη συγχώνευση. Υπόδειξη: Δοκιμάστε μια διαφο�ετική στ�ατηγική
 pulls.merge_conflict_summary=Μήνυμα Σφάλματος
-pulls.rebase_conflict=Η Συγχώνευση Απέτυχε: Υπή�ξε μια σ�γκ�ουση κατά την αλλαγή βάσης της υποβολής: %[1]s. Υπόδειξη: Δοκιμάστε μια διαφο�ετική στ�ατηγική
 pulls.rebase_conflict_summary=Μήνυμα Σφάλματος
-pulls.unrelated_histories=H Συγχώνευση Απέτυχε: Η κεφαλή και η βάση της συγχώνευσης δεν μοι�άζονται μια κοινή ιστο�ία. Συμβουλή: Δοκιμάστε μια διαφο�ετική στ�ατηγική
-pulls.merge_out_of_date=Η συγχώνευση απέτυχε: Κατά τη δημιου�γία της συγχώνευσης, η βάση ενημε�ώθηκε. Συμβουλή: Δοκιμάστε ξανά.
-pulls.head_out_of_date=Η συγχώνευση απέτυχε: Κατά τη δημιου�γία της συγχώνευσης, το HEAD ενημε�ώθηκε. Συμβουλή: Δοκιμάστε ξανά.
-pulls.has_merged=Αποτυχία: Το pull request έχει συγχωνευθεί, δεν είναι δυνατή η συγχώνευση ξανά ή να αλλάξει ο κλάδος π�οο�ισμο�.
 pulls.push_rejected_summary=Μήνυμα Πλή�ους Από��ιψης
 pulls.open_unmerged_pull_exists=`Δεν μπο�είτε να ανοίξετε εκ νέου, επειδή υπά�χει ένα εκκ�εμές pull request (#%d) με πανομοιότυπες ιδιότητες.`
 pulls.status_checking=Με�ικοί έλεγχοι εκκ�εμο�ν
@@ -1743,7 +1660,6 @@ pulls.cmd_instruction_checkout_desc=Από το αποθετή�ιο του έ�
 pulls.cmd_instruction_merge_title=Συγχώνευση
 pulls.cmd_instruction_merge_desc=Συγχώνευση των αλλαγών και ενημέ�ωση στο Gitea.
 pulls.clear_merge_message=Εκκαθά�ιση μην�ματος συγχώνευσης
-pulls.clear_merge_message_hint=Η εκκαθά�ιση του μην�ματος συγχώνευσης θα αφαι�έσει μόνο το πε�ιεχόμενο του μην�ματος υποβολής και θα διατη�ήσει τα πα�αγόμενα git trailers όπως "Co-Authored-By …".
 
 pulls.auto_merge_button_when_succeed=(Όταν οι έλεγχοι πετ�χουν)
 pulls.auto_merge_when_succeed=Αυτόματη συγχώνευση όταν όλοι οι έλεγχοι πετ�χουν
@@ -1796,12 +1712,10 @@ milestones.filter_sort.most_issues=Πε�ισσότε�α ζητήματα
 milestones.filter_sort.least_issues=Λιγότε�α ζητήματα
 
 signing.will_sign=Αυτή η υποβολή θα υπογ�αφεί με το κλειδί "%s".
-signing.wont_sign.error=Πα�ουσιάστηκε σφάλμα κατά τον έλεγχο για το αν η υποβολή μπο�εί να υπογ�αφεί.
 signing.wont_sign.nokey=Δεν υπά�χει διαθέσιμο κλειδί για να υπογ�αφεί αυτή η υποβολή.
 signing.wont_sign.never=Οι υποβολές δεν υπογ�άφονται ποτέ.
 signing.wont_sign.always=Οι υποβολές υπογ�άφονται πάντα.
 signing.wont_sign.pubkey=Η υποβολή δε θα υπογ�αφεί επειδή δεν υπά�χει δημόσιο κλειδί που να συνδέεται με το λογα�ιασμό σας.
-signing.wont_sign.twofa=Π�έπει να έχετε ενε�γοποιημένη την ταυτοποίηση δ�ο πα�αγόντων για να υπογ�άφεται υποβολές.
 signing.wont_sign.parentsigned=Η υποβολή δε θα υπογ�αφεί καθώς η γονική υποβολή δεν έχει υπογ�αφεί.
 signing.wont_sign.basesigned=Η συγχώνευση δε θα υπογ�αφεί καθώς η βασική υποβολή δεν έχει υπογ�αφή της βάσης.
 signing.wont_sign.headsigned=Η συγχώνευση δε θα υπογ�αφεί καθώς δεν έχει υπογ�αφή η υποβολή της κεφαλής.
@@ -1883,7 +1797,6 @@ activity.title.releases_1=%d Κυκλοφο�ία
 activity.title.releases_n=%d Εκδόσεις
 activity.title.releases_published_by=%s δημοσιε�τηκε από %s
 activity.published_release_label=Δημοσιε�θηκε
-activity.no_git_activity=Δεν έχει υπά�ξει καμία δ�αστη�ιότητα υποβολών σε αυτήν την πε�ίοδο.
 activity.git_stats_exclude_merges=Εκτός τις συγχωνε�σεις,
 activity.git_stats_author_1=%d συγγ�αφέας
 activity.git_stats_author_n=%d συγγ�αφείς
@@ -1908,7 +1821,6 @@ activity.git_stats_deletion_n=%d διαγ�αφές
 contributors.contribution_type.commits=Υποβολές
 
 settings=Ρυθμίσεις
-settings.desc=Στις Ρυθμίσεις μπο�είτε να διαχει�ιστείτε τις �υθμίσεις για το αποθετή�ιο
 settings.options=Αποθετή�ιο
 settings.collaboration=Συνε�γάτες
 settings.collaboration.admin=Διαχει�ιστής
@@ -1925,7 +1837,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Ρυθμίστε
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Ρυθμίστε το έ�γο σας να τ�αβά αυτόματα υποβολές, ετικέτες και κλάδους από ένα άλλο αποθετή�ιο.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Αυτή τη στιγμή, αυτό μπο�εί να γίνει μόνο στο μενο� "�έα Μεταφο�ά". Για πε�ισσότε�ες πλη�οφο�ίες, συμβουλευτείτε το:
 settings.mirror_settings.docs.disabled_push_mirror.info=Τα είδωλα ώθησης έχουν απενε�γοποιηθεί από το διαχει�ιστή σας.
-settings.mirror_settings.docs.no_new_mirrors=Το αποθετή�ιο σας αντιγ�άφει τις αλλαγές π�ος ή από ένα άλλο αποθετή�ιο. Λάβετε υπόψη ότι δεν μπο�είτε να δημιου�γήσετε νέα είδωλα αυτή τη στιγμή.
 settings.mirror_settings.docs.can_still_use=Αν και δεν μπο�είτε να τ�οποποιήσετε τα υπά�χοντα είδωλα ή να δημιου�γήσετε νέα, μπο�είτε να χ�ησιμοποιείται ακόμα το υπά�χων είδωλο.
 settings.mirror_settings.docs.pull_mirror_instructions=Για να ο�ίσετε έναν είδωλο έλξης, πα�ακαλο�με συμβουλευθείτε:
 settings.mirror_settings.docs.more_information_if_disabled=Μπο�είτε να μάθετε πε�ισσότε�α για τα είδωλα ώθησης και έλξης εδώ:
@@ -1993,7 +1904,6 @@ settings.admin_indexer_commit_sha=Τελευταίο Indexed SHA
 settings.admin_indexer_unindexed=Unindexed
 settings.reindex_button=Π�οσθήκη στην Ου�ά Reindex
 settings.reindex_requested=Αιτήθηκε Reindex
-settings.admin_enable_close_issues_via_commit_in_any_branch=Κλείσιμο ενός ζητήματος μέσω μιας υποβολής που έγινε σε έναν μη π�οεπιλεγμένο κλάδο
 settings.danger_zone=Επικίνδυνη Πε�ιοχή
 settings.new_owner_has_same_repo=Ο νέος ιδιοκτήτης έχει ήδη ένα αποθετή�ιο με το ίδιο όνομα. Πα�ακαλώ επιλέξτε ένα άλλο όνομα.
 settings.convert=Μετατ�οπή σε Κανονικό Αποθετή�ιο
@@ -2014,7 +1924,6 @@ settings.transfer_abort_invalid=Δεν μπο�είτε να ακυ�ώσετε
 settings.transfer_abort_success=Η μεταφο�ά αποθετη�ίου στο %s ακυ�ώθηκε με επιτυχία.
 settings.transfer_desc=Μεταβιβάστε αυτό το αποθετή�ιο σε έναν χ�ήστη ή σε έναν ο�γανισμό για τον οποίο έχετε δικαιώματα διαχει�ιστή.
 settings.transfer_form_title=Εισάγετε το όνομα του αποθετη�ίου ως επιβεβαίωση:
-settings.transfer_in_progress=Αυτή τη στιγμή υπά�χει μια εν εξελίξει μεταβίβαση. Πα�ακαλο�με ακυ�ώστε την αν θέλετε να μεταβιβάσετε αυτό το αποθετή�ιο σε άλλο χ�ήστη.
 settings.transfer_notices_1=- Θα χάσετε την π�όσβαση στο αποθετή�ιο αν το μεταβιβάσετε σε έναν μεμονωμένο χ�ήστη.
 settings.transfer_notices_2=- Θα διατη�ήσετε την π�όσβαση στο αποθετή�ιο αν το μεταβιβάσετε σε έναν ο�γανισμό που είστε (συν)ιδιοκτήτης.
 settings.transfer_notices_3=- Εάν το αποθετή�ιο είναι ιδιωτικό και μεταβιβάζεται σε μεμονωμένο χ�ήστη, αυτή η ενέ�γεια εξασφαλίζει ότι ο χ�ήστης έχει τουλάχιστον άδεια ανάγνωσης (και αλλάζει τα δικαιώματα εάν είναι απα�αίτητο).
@@ -2028,13 +1937,9 @@ settings.trust_model.default=ΠÏ�οεπιλεγμένο Μοντέλο ΕμπιÏ
 settings.trust_model.default.desc=Χ�ησιμοποιήστε το π�οεπιλεγμένο μοντέλο εμπιστοσ�νης αποθετη�ίου για αυτήν την εγκατάσταση.
 settings.trust_model.collaborator=Συνε�γάτης
 settings.trust_model.collaborator.long=Συνε�γάτης: Εμπιστοσ�νη υπογ�αφών από συνε�γάτες
-settings.trust_model.collaborator.desc=Οι έγκυ�ες υπογ�αφές από συνε�γάτες αυτο� του αποθετη�ίου θα επισημαίνονται ως "αξιόπιστη" - (είτε ται�ιάζουν με τον υποβολέα είτε όχι). Διαφο�ετικά, οι έγκυ�ες υπογ�αφές θα επισημανθο�ν "μη αξιόπιστη" αν η υπογ�αφή ται�ιάζει με τον υποβολέα και "δεν ται�ιάζει" αν όχι.
 settings.trust_model.committer=Υποβολέας
-settings.trust_model.committer.long=Υποβολέας: Οι υπογ�αφές εμπιστοσ�νης που ται�ιάζουν σε υποβολείς (Αυτό ται�ιάζει με το GitHub και θα αναγκάσει τις υπογεγ�αμμένες υποβολές από το Gitea να το έχουν ως υποβολέα)
-settings.trust_model.committer.desc=Οι έγκυ�ες υπογ�αφές θα σημαίνονται ώς "αξιόπιστη" μόνο εάν ται�ιάζουν με τον υποβολέα, διαφο�ετικά θα σημαίνωνται ως "δεν ται�ιάζει". Αυτό αναγκάζει το Gitea να είναι ο υποβολέας στις υπογεγ�αμμένες υποβολές με τον π�αγματικό υποβολέα να αναφέ�εται στην σημείωση Co-authored-by: και Co-committed-by: στην υποβολή. Το π�οεπιλεγμένο κλειδί Gitea π�έπει να ται�ιάζει σε ένα Χ�ήστη στη βάση δεδομένων.
 settings.trust_model.collaboratorcommitter=Συνε�γάτης+Υποβολέας
 settings.trust_model.collaboratorcommitter.long=Συνε�γάτης+Υποβολέας: Εμπιστοσ�νη υπογ�αφών από συνε�γάτες που ται�ιάζουν με τον υποβολέα
-settings.trust_model.collaboratorcommitter.desc=Έγκυ�ες υπογ�αφές από συνε�γάτες αυτο� του αποθετη�ίου θα επισημανθο�ν ως "αξιόπιστες" αν ται�ιάζουν με τον υποβολέα. Διαφο�ετικά, οι έγκυ�ες υπογ�αφές θα φέ�ουν την ένδειξη "μη αξιόπιστη" αν η υπογ�αφή ται�ιάζει με τον υποβολέα και "δεν ται�ιάζει" διαφο�ετικά. Αυτό θα αναγκάσει το Gitea να επισημανθεί ως ο υποβολέας στις υπογεγ�αμμένες υποβολές με τον π�αγματικό υποβολέα να σημειώνεται ως Co-Authored-By: και Co-Committed-By: στο τέλος της υποβολής. Το π�οεπιλεγμένο κλειδί Gitea π�έπει να ται�ιάζει με έναν χ�ήστη στη βάση δεδομένων.
 settings.wiki_delete=Διαγ�αφή Δεδομένων Wiki
 settings.wiki_delete_desc=Η διαγ�αφή των δεδομένων του wiki του αποθετη�ίου είναι μόνιμη και δεν μπο�εί να αναι�εθεί.
 settings.wiki_delete_notices_1=- Αυτό θα διαγ�άψει μόνιμα και θα απενε�γοποιήσει το wiki του αποθετη�ίου για %s.
@@ -2043,7 +1948,6 @@ settings.wiki_deletion_success=Τα δεδομένα wiki του αποθετηÏ
 settings.delete=Διαγ�αφή Αυτο� Του Αποθετη�ίου
 settings.delete_desc=Η διαγ�αφή ενός αποθετη�ίου είναι μόνιμη και δεν μπο�εί να αναι�εθεί.
 settings.delete_notices_1=- Αυτή η ενέ�γεια <strong>ΔΕ� ΜΠΟΡΕΙ</strong> να αναι�εθεί.
-settings.delete_notices_2=- Αυτή η ενέ�γεια θα διαγ�άψει μόνιμα το αποθετή�ιο <strong>%s</strong> συμπε�ιλαμβανομένου του κώδικα, των π�οβλημάτων, σχολίων, δεδομένων wiki και των �υθμίσεων συνε�γατών.
 settings.delete_notices_fork_1=- Τα Forks αυτο� του αποθετη�ίου θα γίνουν ανεξά�τητα μετά τη διαγ�αφή.
 settings.deletion_success=Το αποθετή�ιο έχει διαγ�αφεί.
 settings.update_settings_success=Οι �υθμίσεις του αποθετη�ίου έχουν ενημε�ωθεί.
@@ -2064,8 +1968,6 @@ settings.team_not_in_organization=Η ομάδα δεν είναι στον ίδÎ
 settings.teams=Ομάδες
 settings.add_team=Π�οσθήκη Ομάδας
 settings.add_team_duplicate=Η ομάδα έχει ήδη το αποθετή�ιο
-settings.add_team_success=Η ομάδα έχει πλέον π�όσβαση στο αποθετή�ιο.
-settings.change_team_permission_tip=Τα δικαιώματα της ομάδας έχουν ο�ιστεί στη σελίδα �υθμίσεων της ομάδας και δεν μπο�ο�ν να αλλάξουν ανά αποθετή�ιο
 settings.delete_team_tip=Αυτή η ομάδα έχει π�όσβαση σε όλα τα αποθετή�ια και δεν μπο�εί να αφαι�εθεί
 settings.remove_team_success=Έχει αφαι�εθεί η π�όσβαση της ομάδας στο αποθετή�ιο.
 settings.add_webhook=Π�οσθήκη Webhook
@@ -2074,8 +1976,6 @@ settings.hooks_desc=Τα Webhooks κάνουν αυτόματα αιτήσεις
 settings.webhook_deletion=Αφαί�εση Webhook
 settings.webhook_deletion_desc=Η αφαί�εση ενός webhook διαγ�άφει τις �υθμίσεις και το ιστο�ικό πα�αδόσεων. Συνέχεια;
 settings.webhook_deletion_success=Το webhook έχει αφαι�εθεί.
-settings.webhook.test_delivery=Δοκιμή Πα�άδοσης
-settings.webhook.test_delivery_desc=Δοκιμάστε αυτό το webhook με ένα ψε�τικο συμβάν.
 settings.webhook.test_delivery_desc_disabled=Για να δοκιμάσετε αυτό το webhook με μια ψε�τικη κλήση, ενε�γοποιήστε το.
 settings.webhook.request=Αίτημα
 settings.webhook.response=Απάντηση
@@ -2121,7 +2021,6 @@ settings.event_repository=Αποθετή�ιο
 settings.event_repository_desc=Το αποθετή�ιο δημιου�γήθηκε ή διαγ�άφηκε.
 settings.event_header_issue=Γεγονότα Ζητήματος
 settings.event_issues=Ζητήματα
-settings.event_issues_desc=Το ζήτημα άνοιξε, έκλεισε, ανοίχθηκε εκ νέου ή επεξε�γάστηκε.
 settings.event_issue_assign=Ζήτημα Ανατέθηκε
 settings.event_issue_assign_desc=Ζήτημα εκχω�ημένο ή μη εκχω�ημένο.
 settings.event_issue_label=Σήμανση Ζητήματος
@@ -2132,7 +2031,6 @@ settings.event_issue_comment=Σχόλιο Ζητήματος
 settings.event_issue_comment_desc=Το σχόλιο στο ζήτημα δημιου�γήθηκε, επεξε�γάστηκε ή διαγ�άφηκε.
 settings.event_header_pull_request=Γεγονότα Pull Requests
 settings.event_pull_request=Pull Request
-settings.event_pull_request_desc=Το pull request άνοιξε, έκλεισε, άνοιξε εκ νέου ή επεξε�γάστηκε.
 settings.event_pull_request_assign=Το Pull Request Ανατέθηκε
 settings.event_pull_request_assign_desc=Το pull request ανατέθηκε ή έγινε αδιάθετο.
 settings.event_pull_request_label=Σήμανση Pull Request
@@ -2271,7 +2169,6 @@ settings.archive.branchsettings_unavailable=Οι Ï�υθμίσεις του κλÎ
 settings.archive.tagsettings_unavailable=Οι �υθμίσεις της ετικέτας δεν είναι διαθέσιμες αν το αποθετή�ιο είναι α�χειοθετημένο.
 settings.unarchive.button=Απο-Α�χειοθέτηση αποθετη�ίου
 settings.unarchive.header=Απο-Α�χειοθέτηση του αποθετη�ίου
-settings.unarchive.text=Η απο-α�χειοθέτηση του αποθετη�ίου θα αποκαταστήσει την ικανότητά του να λαμβάνει υποβολές και ωθήσεις, καθώς και νέα ζητήματα και pull-requests.
 settings.unarchive.success=Το αποθετή�ιο απο-α�χειοθετήθηκε με επιτυχία.
 settings.unarchive.error=Πα�ουσιάστηκε σφάλμα κατά την π�οσπάθεια απο-α�χειοθέτησης του αποθετη�ίου. Δείτε τις καταγ�αφές για πε�ισσότε�ες λεπτομέ�ειες.
 settings.update_avatar_success=Η εικόνα του αποθετη�ίου έχει ενημε�ωθεί.
@@ -2289,11 +2186,9 @@ settings.lfs_invalid_locking_path=Μη έγκυ�η διαδ�ομή: %s
 settings.lfs_invalid_lock_directory=Αδυναμία κλειδώματος φακέλου: %s
 settings.lfs_lock_already_exists=Το κλείδωμα υπά�χει ήδη: %s
 settings.lfs_lock=Κλείδωμα
-settings.lfs_lock_path=Διαδ�ομή α�χείου για να κλειδωθεί...
 settings.lfs_locks_no_locks=Χω�ίς Κλειδώματα
 settings.lfs_lock_file_no_exist=Το κλειδωμένο α�χείο δεν υπά�χει στον π�οεπιλεγμένο κλάδο
 settings.lfs_force_unlock=Εξαναγκασμός Ξεκλειδώματος
-settings.lfs_pointers.found=Β�έθηκαν %d δείκτης(ες) blob - %d συσχετίστηκαν, %d δεν συσχετίστηκαν (%d λείπουν από το χώ�ο αποθήκευσης)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Στο Αποθετή�ιο
@@ -2495,7 +2390,6 @@ form.create_org_not_allowed=Δεν επιτÏ�έπεται να δημιουÏ�γÎ
 settings=Ρυθμίσεις
 settings.options=Ο�γανισμός
 settings.full_name=Πλή�ες Όνομα
-settings.email=Email Επικοινωνίας
 settings.website=Ιστοσελίδα
 settings.location=Τοποθεσία
 settings.permission=Δικαιώματα
@@ -2509,15 +2403,13 @@ settings.visibility.private_shortname=Ιδιωτικός
 
 settings.update_settings=Ενημέ�ωση Ρυθμίσεων
 settings.update_setting_success=Οι �υθμίσεις του ο�γανισμο� έχουν ενημε�ωθεί.
-settings.change_orgname_prompt=Σημείωση: Η αλλαγή του ονόματος του ο�γανισμο� θα αλλάξει επίσης τη διε�θυνση URL του ο�γανισμο� σας και θα απελευθε�ώσει το παλιό όνομα.
-settings.change_orgname_redirect_prompt=Το παλιό όνομα θα ανακατευθ�νει μέχ�ι να διεκδικηθεί.
+
+
 settings.update_avatar_success=Η εικόνα του ο�γανισμο� έχει ενημε�ωθεί.
 settings.delete=Διαγ�αφή Ο�γανισμο�
 settings.delete_account=Διαγ�αφή Αυτο� Του Ο�γανισμο�
 settings.delete_prompt=Ο ο�γανισμός θα αφαι�εθεί ο�ιστικά. Αυτό το <strong>ΔΕ� ΜΠΟΡΕΙ</strong> να αναι�εθεί!
 settings.confirm_delete_account=Επιβεβαίωση Διαγ�αφής
-settings.delete_org_title=Διαγ�αφή Ο�γανισμο�
-settings.delete_org_desc=Αυτός ο ο�γανισμός θα διαγ�αφεί ο�ιστικά. Συνέχεια;
 settings.hooks_desc=Π�οσθήκη webhooks που θα ενε�γοποιο�νται για <strong>όλα τα αποθετή�ια</strong> κάτω από αυτό τον ο�γανισμό.
 
 settings.labels_desc=Π�οσθήκη σημάτων που μπο�ο�ν να χ�ησιμοποιηθο�ν σε ζητήματα για <strong>όλα τα αποθετή�ια</strong> κάτω από αυτό τον ο�γανισμό.
@@ -2572,7 +2464,6 @@ teams.remove_all_repos_title=Αφαί�εση όλων των αποθετη�ί
 teams.remove_all_repos_desc=Αυτό θα αφαι�έσει όλα τα αποθετή�ια από την ομάδα.
 teams.add_all_repos_title=Π�οσθήκη όλων των αποθετη�ίων
 teams.add_all_repos_desc=Αυτό θα π�οσθέσει όλα τα αποθετή�ια του ο�γανισμο� στην ομάδα.
-teams.add_nonexistent_repo=Το αποθετή�ιο που π�οσπαθείτε να π�οσθέσετε δεν υπά�χει, πα�ακαλώ δημιου�γήστε το π�ώτα.
 teams.add_duplicate_users=Ο χ�ήστης είναι ήδη μέλος της ομάδας.
 teams.repos.none=Δεν ήταν δυνατή η π�όσβαση στα αποθετή�ια από αυτήν την ομάδα.
 teams.members.none=Δεν υπά�χουν μέλη σε αυτήν την ομάδα.
@@ -2599,7 +2490,6 @@ repositories=Αποθετή�ια
 hooks=Webhooks
 integrations=Ενσωματώσεις
 authentication=Πηγές Ταυτοποίησης
-emails=Email Χ�ήστη
 config=Διαμό�φωση
 config_summary=Πε�ίληψη
 config_settings=Ρυθμίσεις
@@ -2629,27 +2519,17 @@ dashboard.cron.cancelled=Π�ογ�αμματισμένη ε�γασία: %[1]s
 dashboard.cron.error=Σφάλμα στη Π�ογ�αμματισμένη Ε�γασία: %s: %[3]s
 dashboard.cron.finished=Π�ογ�αμματισμένη Ε�γασία: %[1]s τελείωσε
 dashboard.delete_inactive_accounts=Διαγ�αφή όλων των μη ενε�γοποιημένων λογα�ιασμών
-dashboard.delete_inactive_accounts.started=Η διαγ�αφή όλων των μη ενε�γοποιημένων λογα�ιασμών ξεκίνησε.
 dashboard.delete_repo_archives=Διαγ�αφή όλων των α�χείων λήψης του αποθετη�ίου (ZIP, TAR.GZ, κλπ..)
-dashboard.delete_repo_archives.started=Η διαγ�αφή όλων των α�χείων λήψης του αποθετη�ίου ξεκίνησε.
 dashboard.delete_missing_repos=Διαγ�αφή όλων των αποθετη�ίων που δεν έχουν τα α�χεία Git τους
-dashboard.delete_missing_repos.started=Η διαγ�αφή όλων των αποθετη�ίων που δεν έχουν α�χεία Git τους, ξεκίνησε.
 dashboard.delete_generated_repository_avatars=Διαγ�αφή δημιου�γημένων εικόνων αποθετη�ίων
 dashboard.sync_repo_branches=Συγχ�ονισμός κλάδων που λείπουν, από τα δεδομένα git στις βάσεις δεδομένων
 dashboard.update_mirrors=Ενημέ�ωση Ειδώλων
 dashboard.repo_health_check=Έλεγχος υγείας σε όλα τα αποθετή�ια
 dashboard.check_repo_stats=Έλεγχος όλων των στατιστικών αποθετη�ίων
 dashboard.archive_cleanup=Διαγ�αφή παλαιών α�χείων λήψης αποθετη�ίων
-dashboard.deleted_branches_cleanup=Εκκαθά�ιση διαγ�αμμένων κλάδων
 dashboard.update_migration_poster_id=Ενημέ�ωση των ID συντακτών στη μεταγκατάσταση
-dashboard.git_gc_repos=Garbage collect όλων των αποθετη�ίων
-dashboard.resync_all_sshkeys=Ενημέ�ωση του α�χείου '.ssh/authorized_keys' με τα κλειδιά SSH του Gitea.
-dashboard.resync_all_sshprincipals=Ενημέ�ωση του α�χείου '.ssh/authorized_principals' με τις α�χές SSH του Gitea.
-dashboard.resync_all_hooks=Επανασυγχ�ονισμός των hook pre-receive, update και post-receive όλων των αποθετη�ίων.
 dashboard.reinit_missing_repos=Επανεκκινήστε όλα τα αποθετή�ια Git που λείπουν και για τα οποία υπά�χουν εγγ�αφές
 dashboard.sync_external_users=Συγχ�ονισμός δεδομένων εξωτε�ικών χ�ηστών
-dashboard.cleanup_hook_task_table=Εκκαθά�ιση πίνακα hook_task
-dashboard.cleanup_packages=Εκκαθά�ιση ληγμένων πακέτων
 dashboard.server_uptime=Διά�κεια Διακομιστή
 dashboard.current_goroutine=Τ�έχουσες Goroutines
 dashboard.current_memory_usage=Τ�έχουσα Χ�ήση Μνήμης
@@ -2681,7 +2561,6 @@ dashboard.last_gc_pause=Τελευταία Πα�ση GC
 dashboard.gc_times=Πλήθος GC
 dashboard.update_checker=Ελεγκτής ενημε�ώσεων
 dashboard.delete_old_system_notices=Διαγ�αφή όλων των παλιών ειδοποιήσεων συστήματος από τη βάση δεδομένων
-dashboard.gc_lfs=Συλλογή απο��ιμάτων στα μετα-αντικείμενα LFS
 dashboard.sync_branch.started=Ο Συγχ�ονισμός των Κλάδων ξεκίνησε
 dashboard.rebuild_issue_indexer=Αναδόμηση ευ�ετη�ίου ζητημάτων
 
@@ -2699,7 +2578,6 @@ users.2fa=2FA
 users.repos=Αποθετή�ια
 users.created=Δημιου�γήθηκε
 users.last_login=Τελευταία Σ�νδεση
-users.never_login=Καμία Σ�νδεση
 users.send_register_notify=Αποστολή Ειδοποίησης Εγγ�αφής Χ�ήστη
 users.new_success=Ο λογα�ιασμός χ�ήστη "%s" δημιου�γήθηκε.
 users.edit=Επεξε�γασία
@@ -2726,7 +2604,6 @@ users.still_own_repo=Αυτός ο χ�ήστης εξακολουθεί να κ
 users.still_has_org=Αυτός ο χ�ήστης είναι μέλος ενός ο�γανισμο�. Αφαι�έστε π�ώτα τον χ�ήστη από οποιονδήποτε ο�γανισμό.
 users.purge=Εκκαθά�ιση Χ�ήστη
 users.purge_help=Αναγκαστική διαγ�αφή χ�ήστη και των αποθετη�ίων, ο�γανισμών και πακέτων που του ανήκουν. Όλα τα σχόλια επίσης θα διαγ�αφο�ν.
-users.still_own_packages=Αυτός ο χ�ήστης εξακολουθεί να κατέχει ένα ή πε�ισσότε�α πακέτα, διαγ�άψτε αυτά τα πακέτα π�ώτα.
 users.deletion_success=Ο λογα�ιασμός χ�ήστη έχει διαγ�αφεί.
 users.reset_2fa=Επαναφο�ά 2FA
 users.list_status_filter.menu_text=Φίλτ�ο
@@ -2746,11 +2623,7 @@ users.details=Λεπτομέ�ειες Χ�ήστη
 emails.email_manage_panel=Διαχεί�ιση Email Χ�ήστη
 emails.primary=Κ��ιο
 emails.activated=Ενε�γοποιήθηκε
-emails.filter_sort.email=Email
-emails.filter_sort.email_reverse=Email (αντίστ�οφη)
 emails.filter_sort.name=Όνομα Χ�ήστη
-emails.filter_sort.name_reverse=Όνομα Χ�ήστη (αντίστ�οφα)
-emails.updated=Το email ενημε�ώθηκε
 emails.not_updated=Αποτυχία ενημέ�ωσης της ζητο�μενης διε�θυνσης email: %v
 emails.duplicate_active=Αυτή η διε�θυνση email είναι ήδη ενε�γή σε διαφο�ετικό χ�ήστη.
 emails.change_email_header=Ενημέ�ωση Ιδιοτήτων Email
@@ -2866,26 +2739,18 @@ auths.oauth2_required_claim_name_helper=Ο�ίστε αυτό το όνομα γ
 auths.oauth2_required_claim_value=Απαιτο�μενη Τιμή Claim
 auths.oauth2_required_claim_value_helper=Ο�ίστε αυτήν την τιμή για να πε�ιο�ίσετε τη σ�νδεση από αυτή την πηγή στους χ�ήστες με ένα claim με αυτό το όνομα και την τιμή
 auths.oauth2_group_claim_name=Όνομα claim που πα�έχει ονόματα ομάδων για αυτήν την πηγή. (Π�οαι�ετικό)
-auths.oauth2_admin_group=Τιμή Group Claim για διαχει�ιστές. (Π�οαι�ετικό - απαιτεί όνομα claim πα�απάνω)
-auths.oauth2_restricted_group=Τιμή Group Claim για πε�ιο�ισμένους χ�ήστες (Π�οαι�ετικό - απαιτεί όνομα claim πα�απάνω)
-auths.oauth2_map_group_to_team=Αντιστοίχιση των απαιτο�μενων ομάδων σε ομάδες Ο�γανισμο�. (Π�οαι�ετικό - απαιτείται το όνομα της απαίτησης πα�απάνω)
 auths.oauth2_map_group_to_team_removal=Αφαί�εση χ�ηστών από τις συγχ�ονισμένες ομάδες, εάν ένας χ�ήστης δεν ανήκει στην αντίστοιχη ομάδα.
 auths.enable_auto_register=Ενε�γοποίηση Αυτόματης Εγγ�αφής
 auths.sspi_auto_create_users=Αυτόματη δημιου�γία χ�ηστών
-auths.sspi_auto_create_users_helper=Επιτ�έψτε στη μέθοδο πιστοποίησης SSPI να δημιου�γεί αυτόματα νέους λογα�ιασμο�ς για χ�ήστες που συνδέονται για π�ώτη φο�ά
 auths.sspi_auto_activate_users=Αυτόματη ενε�γοποίηση χ�ηστών
 auths.sspi_auto_activate_users_helper=Επιτ�έψτε στη μέθοδο πιστοποίησης SSPI να ενε�γοποιεί αυτόματα νέους χ�ήστες
 auths.sspi_strip_domain_names=Αφαί�εση του ονόματος domain από το ονόμα χ�ήστη
-auths.sspi_strip_domain_names_helper=Αν επιλεχθεί, τα ονόματα τομέα θα αφαι�εθο�ν από τα ονόματα σ�νδεσης (π.χ. "DOMAIN\user" και "user@example.org" θα γίνουν μόνο "user").
 auths.sspi_separator_replacement=Διαχω�ιστικό για χ�ήση αντί του \, / και του @
-auths.sspi_separator_replacement_helper=Ο χα�ακτή�ας που θα χ�ησιμοποιηθεί για να αντικαταστήσει τους διαχω�ιστές των ονομάτων σ�νδεσης (π.χ. το \ στο "DOMAIN\user") και κ��ια ονόματα χ�ηστών (π.χ. το @ στο "user@example.org").
 auths.sspi_default_language=Π�οεπιλεγμένη γλώσσα χ�ήστη
-auths.sspi_default_language_helper=Π�οεπιλεγμένη γλώσσα για τους χ�ήστες που δημιου�γο�νται αυτόματα με τη μέθοδο ταυτοποίησης SSPI. Αφήστε κενό αν π�οτιμάτε η γλώσσα να εντοπιστεί αυτόματα.
 auths.tips=Συμβουλές
 auths.tips.oauth2.general=Ταυτοποίηση OAuth2
 auths.tips.oauth2.general.tip=Κατά την εγγ�αφή μιας νέας ταυτοποίησης OAuth2, το URL κλήσης/ανακατε�θυνσης π�έπει να είναι:
 auths.tip.oauth2_provider=Πά�οχος OAuth2
-auths.tip.nextcloud=`Καταχω�ήστε ένα νέο καταναλωτή OAuth στην υπη�εσία σας χ�ησιμοποιώντας το πα�ακάτω μενο� "Settings -> Security -> OAuth 2.0 client"`
 auths.tip.mastodon=Εισαγάγετε ένα π�οσα�μομένο URL για την υπη�εσία mastodon με την οποία θέλετε να πιστοποιήσετε (ή να χ�ησιμοποιήσετε την π�οεπιλεγμένη)
 auths.edit=Επεξε�γασία Πηγής Ταυτοποίησης
 auths.activated=Αυτή η Πηγή Ταυτοποίησης είναι Ενε�γοποιημένη
@@ -2928,8 +2793,6 @@ config.ssh_domain=Domain Διακομιστή SSH
 config.ssh_port=Θ��α
 config.ssh_listen_port=Θ��α Ακ�όασης
 config.ssh_root_path=Ριζική Διαδ�ομή
-config.ssh_key_test_path=Διαδ�ομή Δοκιμής Κλειδιο�
-config.ssh_keygen_path=Διαδ�ομή Keygen ('ssh-keygen')
 config.ssh_minimum_key_size_check=Έλεγχος Ελάχιστου Μεγέθους Κλειδιο�
 config.ssh_minimum_key_sizes=Ελάχιστα Μεγέθη Κλειδιών
 
@@ -2987,7 +2850,6 @@ config.mailer_sendmail_path=Διαδ�ομή Sendmail
 config.mailer_sendmail_args=Επιπλέον πα�άμετ�οι για το Sendmail
 config.mailer_sendmail_timeout=Χ�ονικό Ό�ιο Sendmail
 config.mailer_use_dummy=Ψε�τικο
-config.test_email_placeholder=Email (π.χ. test@example.com)
 config.send_test_mail=Αποστολή Δοκιμαστικο� Email
 config.send_test_mail_submit=Αποστολή
 config.test_mail_failed=Αποτυχία αποστολής ενός δοκιμαστικο� email στο"%s": %v
@@ -3067,7 +2929,6 @@ monitor.queue.numberinqueue=Πλήθος Ου�άς
 monitor.queue.review_add=Εξέταση / Π�οσθήκη Ε�γατών
 monitor.queue.settings.title=Ρυθμίσεις Δεξαμενής
 monitor.queue.settings.desc=Οι δεξαμενές αυξάνονται δυναμικά όταν υπά�χει φ�αγή της ου�άς των ε�γατών τους.
-monitor.queue.settings.maxnumberworkers=Μέγιστος Α�ιθμός Ε�γατών
 monitor.queue.settings.maxnumberworkers.placeholder=Αυτή τη στιγμή %[1]d
 monitor.queue.settings.maxnumberworkers.error=Ο μέγιστος α�ιθμός ε�γατών π�έπει να είναι α�ιθμός
 monitor.queue.settings.submit=Ενημέ�ωση Ρυθμίσεων
@@ -3170,8 +3031,6 @@ error.no_committer_account=Δεν υπά�χει λογα�ιασμός συνδ
 error.no_gpg_keys_found=Δεν β�έθηκε γνωστό κλειδί για αυτήν την υπογ�αφή στη βάση δεδομένων
 error.not_signed_commit=Δεν είναι υπογεγ�αμμένη υποβολή
 error.failed_retrieval_gpg_keys=Αποτυχία ανάκτησης ενός κλειδιο� που είναι συνδεδεμένο στο λογα�ιασμό του υποβολέα
-error.probable_bad_signature=ΠΡΟΣΟΧΗ! Αν και υπά�χει ένα κλειδί με αυτό το ID στη βάση δεδομένων δεν επαληθε�ει αυτή την υποβολή! Αυτή η υποβολή είναι ΥΠΟΠΤΗ.
-error.probable_bad_default_signature=ΠΡΟΣΟΧΗ! Αν και το π�οεπιλεγμένο κλειδί έχει αυτό το ID, δεν επαληθε�ει αυτή την υποβολή! Αυτή η υποβολή είναι ΥΠΟΠΤΗ.
 
 [units]
 unit=Μονάδα
@@ -3208,7 +3067,6 @@ versions=Εκδόσεις
 versions.view_all=Π�οβολή όλων
 dependency.id=ID
 dependency.version=Έκδοση
-alpine.registry=Ρυθμίστε αυτό το μητ�ώο π�οσθέτοντας το url στο α�χείο <code>/etc/apk/repositories</code>:
 alpine.registry.key=Αποθηκε�στε το δημόσιο κλειδί RSA του μητ�ώου στο φάκελο <code>/etc/apk/keys/</code> για να επαληθε�σετε την υπογ�αφή ευ�ετη�ίου:
 alpine.registry.info=Επιλέξτε $branch και $repository από την πα�ακάτω λίστα.
 alpine.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
@@ -3219,18 +3077,13 @@ alpine.repository.architectures=Α�χιτεκτονικές
 arch.repository=Πλη�οφο�ίες Αποθετη�ίου
 arch.repository.repositories=Αποθετή�ια
 arch.repository.architectures=Α�χιτεκτονικές
-cargo.registry=Ρυθμίστε αυτό το μητ�ώο στις �υθμίσεις του Cargo (για πα�άδειγμα <code>~/.cargo/config.toml</code>):
 cargo.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το Cargo, εκτελέστε την ακόλουθη εντολή:
-chef.registry=Ρυθμίστε αυτό το μητ�ώο στο α�χείο <code>~/.chef/config.rb</code>:
 chef.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
-composer.registry=Ρυθμίστε αυτό το μητ�ώο στο α�χείο <code>~/.composer/config.json</code>:
 composer.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το Composer, εκτελέστε την ακόλουθη εντολή:
 composer.dependencies=Εξα�τήσεις
 composer.dependencies.development=Εξα�τήσεις Ανάπτυξης
 conan.details.repository=Αποθετή�ιο
-conan.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 conan.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το Conan, εκτελέστε την ακόλουθη εντολή:
-conda.registry=Ρυθμίστε αυτό το μητ�ώο ως αποθετή�ιο Conda στο α�χείο <code>.condarc</code>:
 conda.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το Conda, εκτελέστε την ακόλουθη εντολή:
 container.details.type=Τ�πος Εικόνας
 container.details.platform=Πλατφό�μα
@@ -3240,9 +3093,7 @@ container.layers=Στ�ώματα Εικόνας
 container.labels=Ετικέτες
 container.labels.key=Κλειδί
 container.labels.value=Τιμή
-cran.registry=Ρυθμίστε αυτό το μητ�ώο στο α�χείο <code>Rprofile.site</code>:
 cran.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
-debian.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 debian.registry.info=Επιλέξτε $distribution και $component από την πα�ακάτω λίστα.
 debian.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
 debian.repository=Πλη�οφο�ίες Αποθετη�ίου
@@ -3251,16 +3102,11 @@ debian.repository.components=Συστατικά
 debian.repository.architectures=Α�χιτεκτονικές
 generic.download=Λήψη πακέτου από τη γ�αμμή εντολών:
 go.install=Εγκαταστήστε το πακέτο από τη γ�αμμή εντολών:
-helm.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 helm.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
-maven.registry=Ρυθμίστε αυτό το μητ�ώο στο α�χείο <code>pom.xml</code> του έ�γου σας:
-maven.install=Για να χ�ησιμοποιήσετε το πακέτο, συμπε�ιλάβετε τα ακόλουθα στη πε�ιοχή <code>dependencies</code> στο α�χείο <code>pom.xml</code>:
 maven.install2=Εκτέλεση μέσω γ�αμμής εντολών:
 maven.download=Για να κατεβάσετε την εξά�τηση, εκτελέστε μέσω της γ�αμμής εντολών:
-nuget.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 nuget.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το NuGet, εκτελέστε την ακόλουθη εντολή:
 nuget.dependency.framework=Πλαίσιο Ανάπτυξης
-npm.registry=Ρυθμίστε αυτό το μητ�ώο στο α�χείο <code>.npmrc</code> του έ�γου σας:
 npm.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας npm, εκτελέστε την ακόλουθη εντολή:
 npm.install2=ή π�οσθέστε το στο α�χείο package.json:
 npm.dependencies=Εξα�τήσεις
@@ -3271,7 +3117,6 @@ npm.details.tag=Σήμανση
 pub.install=Για να εγκαταστήσετε το πακέτο μέσω του Dart, εκτελέστε την ακόλουθη εντολή:
 pypi.requires=Απαιτεί Python
 pypi.install=Για να εγκαταστήσετε το πακέτο χ�ησιμοποιώντας το pip, εκτελέστε την ακόλουθη εντολή:
-rpm.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 rpm.distros.redhat=σε διανομές βασισμένες στο RedHat
 rpm.distros.suse=σε διανομές με βάση το SUSE
 rpm.install=Για να εγκαταστήσετε το πακέτο, εκτελέστε την ακόλουθη εντολή:
@@ -3283,7 +3128,6 @@ rubygems.dependencies.runtime=Εξα�τήσεις Εκτέλεσης
 rubygems.dependencies.development=Εξα�τήσεις Ανάπτυξης
 rubygems.required.ruby=Απαιτεί την έκδοση Ruby
 rubygems.required.rubygems=Απαιτεί έκδοση RubyGem
-swift.registry=Ρυθμίστε αυτό το μητ�ώο από τη γ�αμμή εντολών:
 swift.install=Π�οσθέστε το πακέτο στο α�χείο <code>Package.swift</code>:
 swift.install2=και εκτελέστε την ακόλουθη εντολή:
 vagrant.install=Για π�οσθήκη ενός κυτίου Vagrant, εκτελέστε την ακόλουθη εντολή:
@@ -3306,7 +3150,6 @@ owner.settings.cargo.initialize.success=Ο ευ�ετή�ιο Cargo δημιου
 owner.settings.cargo.rebuild=Αναδημιου�γία Ευ�ετη�ίου
 owner.settings.cargo.rebuild.description=Η ανοικοδόμηση μπο�εί να είναι χ�ήσιμη εάν ο δείκτης δεν είναι συγχ�ονισμένος με τα αποθηκευμένα πακέτα Cargo.
 owner.settings.cargo.rebuild.error=Αποτυχία αναδόμησης του ευ�ετη�ίου Cargo: %v
-owner.settings.cargo.rebuild.success=Το ευ�ετή�ιο Cargo αναδομήθηκε με επιτυχία.
 owner.settings.cleanuprules.title=Διαχεί�ιση Κανόνων Εκκαθά�ισης
 owner.settings.cleanuprules.add=Π�οσθήκη Κανόνα Εκκαθά�ισης
 owner.settings.cleanuprules.edit=Επεξε�γασία Κανόνα Εκκαθά�ισης
@@ -3335,12 +3178,13 @@ owner.settings.chef.keypair.description=Ένα ζεÏ�γος κλειδιών εÎ
 secrets=Μυστικά
 description=Τα μυστικά θα πε�άσουν σε ο�ισμένες δ�άσεις και δεν μπο�ο�ν να αναγνωστο�ν αλλο�.
 none=Δεν υπά�χουν ακόμα μυστικά.
-creation=Π�οσθήκη Μυστικο�
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Πε�ιγ�αφή
 creation.name_placeholder=αλφα�ιθμητικοί χα�ακτή�ες ή κάτω πα�λες μόνο, δεν μπο�ο�ν να ξεκινο�ν με GITEA_ ή GITHUB_
 creation.value_placeholder=Εισάγετε οποιοδήποτε πε�ιεχόμενο. Τα κενά στην α�χή πα�αλείπονται.
-creation.success=Το μυστικό "%s" π�οστέθηκε.
-creation.failed=Αποτυχία δημιου�γίας μυστικο�.
+
+
 deletion=Αφαί�εση μυστικο�
 deletion.description=Η αφαί�εση ενός μυστικο� είναι μόνιμη και δεν μπο�εί να αναι�εθεί. Συνέχεια;
 deletion.success=Το μυστικό έχει αφαι�εθεί.
@@ -3388,7 +3232,6 @@ runners.delete_runner=Διαγ�αφή του εκτελεστή
 runners.delete_runner_success=Ο εκτελεστής διαγ�άφηκε επιτυχώς
 runners.delete_runner_failed=Αποτυχία διαγ�αφής εκτελεστή
 runners.delete_runner_header=Επιβεβαιώστε για τη διαγ�αφή του εκτελεστή
-runners.delete_runner_notice=Αν μια ε�γασία εκτελείται σε αυτόν τον εκτελεστή, θα τε�ματιστεί και θα επισημανθεί ως αποτυχημένη. Μπο�εί να σπάσει το χτίσιμο της �οής ε�γασίας.
 runners.none=Δεν υπά�χουν διαθέσιμοι εκτελεστές
 runners.status.unspecified=Άγνωστη
 runners.status.idle=Αδ�ανής
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index b2e079c696..d7e73a0cfb 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -44,7 +44,7 @@ webauthn_use_twofa = Use a two-factor code from your phone
 webauthn_error = Could not read your security key.
 webauthn_unsupported_browser = Your browser does not currently support WebAuthn.
 webauthn_error_unknown = An unknown error occurred. Please retry.
-webauthn_error_insecure = WebAuthn only supports secure connections. For testing over HTTP, you can use the origin "localhost" or "127.0.0.1"
+webauthn_error_insecure = WebAuthn only supports secure connections. For testing over HTTP, you can use the origin "localhost" or "127.0.0.1".
 webauthn_error_unable_to_process = The server could not process your request.
 webauthn_error_duplicated = The security key is not permitted for this request. Please make sure that the key is not already registered.
 webauthn_error_empty = You must set a name for this key.
@@ -117,6 +117,7 @@ files = Files
 
 error = Error
 error404 = The page you are trying to reach either <strong>does not exist</strong> or <strong>you are not authorized</strong> to view it.
+error503 = The server could not complete your request. Please try again later.
 go_back = Go Back
 invalid_data = Invalid data: %v
 
@@ -129,7 +130,8 @@ pin = Pin
 unpin = Unpin
 
 artifacts = Artifacts
-confirm_delete_artifact = Are you sure you want to delete the artifact '%s' ?
+expired = Expired
+confirm_delete_artifact = Are you sure you want to delete the artifact '%s'?
 
 archived = Archived
 
@@ -166,33 +168,33 @@ no_results_found = No results found.
 internal_error_skipped = Internal error occurred but is skipped: %s
 
 [search]
-search = Search...
+search = Search…
 type_tooltip = Search type
 fuzzy = Fuzzy
-fuzzy_tooltip = Include results that also match the search term closely
+fuzzy_tooltip = Include results that closely match the search term
 words = Words
 words_tooltip = Include only results that match the search term words
 regexp = Regexp
 regexp_tooltip = Include only results that match the regexp search term
 exact = Exact
 exact_tooltip = Include only results that match the exact search term
-repo_kind = Search repos...
-user_kind = Search users...
-org_kind = Search orgs...
-team_kind = Search teams...
-code_kind = Search code...
+repo_kind = Search repos…
+user_kind = Search users…
+org_kind = Search orgs…
+team_kind = Search teams…
+code_kind = Search code…
 code_search_unavailable = Code search is currently not available. Please contact the site administrator.
 code_search_by_git_grep = Current code search results are provided by "git grep". There might be better results if site administrator enables Repository Indexer.
-package_kind = Search packages...
-project_kind = Search projects...
-branch_kind = Search branches...
-tag_kind = Search tags...
+package_kind = Search packages…
+project_kind = Search projects…
+branch_kind = Search branches…
+tag_kind = Search tags…
 tag_tooltip = Search for matching tags. Use '%' to match any sequence of numbers.
-commit_kind = Search commits...
-runner_kind = Search runners...
+commit_kind = Search commits…
+runner_kind = Search runners…
 no_results = No matching results found.
-issue_kind = Search issues...
-pull_kind = Search pulls...
+issue_kind = Search issues…
+pull_kind = Search pull requests…
 keyword_search_unavailable = Searching by keyword is currently not available. Please contact the site administrator.
 
 [aria]
@@ -228,8 +230,8 @@ buttons.enable_monospace_font = Enable monospace font
 buttons.disable_monospace_font = Disable monospace font
 
 [filter]
-string.asc = A - Z
-string.desc = Z - A
+string.asc = A–Z
+string.desc = Z–A
 
 [error]
 occurred = An error occurred
@@ -250,7 +252,7 @@ license_desc = Go get <a target="_blank" rel="noopener noreferrer" href="%[1]s">
 
 [install]
 install = Installation
-installing_desc = Installing now, please wait...
+installing_desc = Installing now, please wait…
 title = Initial Configuration
 docker_helper = If you run Gitea inside Docker, please read the <a target="_blank" rel="noopener noreferrer" href="%s">documentation</a> before changing any settings.
 require_db_desc = Gitea requires MySQL, PostgreSQL, MSSQL, SQLite3 or TiDB (MySQL protocol).
@@ -267,16 +269,16 @@ path = Path
 sqlite_helper = File path for the SQLite3 database.<br>Enter an absolute path if you run Gitea as a service.
 reinstall_error = You are trying to install into an existing Gitea database
 reinstall_confirm_message = Re-installing with an existing Gitea database can cause multiple problems. In most cases, you should use your existing "app.ini" to run Gitea. If you know what you are doing, confirm the following:
-reinstall_confirm_check_1 = The data encrypted by the SECRET_KEY in app.ini may be lost: users may not be able to log in with 2FA/OTP & mirrors may not function correctly. By checking this box you confirm that the current app.ini file contains the correct the SECRET_KEY.
-reinstall_confirm_check_2 = The repositories and settings may need to be re-synchronized. By checking this box you confirm that you will resynchronize the hooks for the repositories and authorized_keys file manually. You confirm that you will ensure that repository and mirror settings are correct.
+reinstall_confirm_check_1 = The data encrypted by the SECRET_KEY in app.ini may be lost: users may not be able to log in with 2FA/OTP and mirrors may not function correctly. By checking this box, you confirm that the current app.ini file contains the correct SECRET_KEY.
+reinstall_confirm_check_2 = The repositories and settings may need to be resynchronized. By checking this box, you confirm that you will resynchronize the hooks for the repositories and authorized_keys file manually. You confirm that you will ensure that repository and mirror settings are correct.
 reinstall_confirm_check_3 = You confirm that you are absolutely sure that this Gitea is running with the correct app.ini location and that you are sure that you have to re-install. You confirm that you acknowledge the above risks.
 err_empty_db_path = The SQLite3 database path cannot be empty.
 no_admin_and_disable_registration = You cannot disable user self-registration without creating an administrator account.
 err_empty_admin_password = The administrator password cannot be empty.
-err_empty_admin_email = The administrator email cannot be empty.
-err_admin_name_is_reserved = Administrator Username is invalid, username is reserved
-err_admin_name_pattern_not_allowed = Administrator username is invalid, the username matches a reserved pattern
-err_admin_name_is_invalid = Administrator Username is invalid
+err_empty_admin_email = The administrator email address cannot be empty.
+err_admin_name_is_reserved = Administrator username is invalid. Username is reserved.
+err_admin_name_pattern_not_allowed = Administrator username is invalid. The username matches a reserved pattern.
+err_admin_name_is_invalid = Administrator username is invalid
 
 general_title = General Settings
 app_name = Site Title
@@ -292,7 +294,7 @@ domain_helper = Domain or host address for the server.
 ssh_port = SSH Server Port
 ssh_port_helper = Port number your SSH server listens on. Leave empty to disable.
 http_port = Gitea HTTP Listen Port
-http_port_helper = Port number the Giteas web server will listen on.
+http_port_helper = Port number the Gitea web server will listen on.
 app_url = Gitea Base URL
 app_url_helper = Base address for HTTP(S) clone URLs and email notifications.
 log_root_path = Log Path
@@ -356,7 +358,7 @@ no_reply_address = Hidden Email Domain
 no_reply_address_helper = Domain name for users with a hidden email address. For example, the username 'joe' will be logged in Git as 'joe@noreply.example.org' if the hidden email domain is set to 'noreply.example.org'.
 password_algorithm = Password Hash Algorithm
 invalid_password_algorithm = Invalid password hash algorithm
-password_algorithm_helper = Set the password hashing algorithm. Algorithms have differing requirements and strength. The argon2 algorithm is rather secure but uses a lot of memory and may be inappropriate for small systems.
+password_algorithm_helper = Set the password hashing algorithm. Algorithms have differing requirements and strengths. The argon2 algorithm is rather secure but uses a lot of memory and may be inappropriate for small systems.
 enable_update_checker = Enable Update Checker
 enable_update_checker_helper = Checks for new version releases periodically by connecting to gitea.io.
 env_config_keys = Environment Configuration
@@ -419,6 +421,7 @@ remember_me.compromised = The login token is not valid anymore which may indicat
 forgot_password_title= Forgot Password
 forgot_password = Forgot password?
 need_account = Need an account?
+sign_up_tip = You are registering the first account in the system, which has administrator privileges. Please carefully remember your username and password. If you forget the username or password, please refer to the Gitea documentation to recover the account.
 sign_up_now = Register now.
 sign_up_successful = Account was successfully created. Welcome!
 confirmation_mail_sent_prompt_ex = A new confirmation email has been sent to <b>%s</b>. Please check your inbox within the next %s to complete the registration process. If your registration email address is incorrect, you can sign in again and change it.
@@ -427,8 +430,8 @@ allow_password_change = Require user to change password (recommended)
 reset_password_mail_sent_prompt = A confirmation email has been sent to <b>%s</b>. Please check your inbox within the next %s to complete the account recovery process.
 active_your_account = Activate Your Account
 account_activated = Account has been activated
-prohibit_login = Sign In Prohibited
-prohibit_login_desc = Your account is prohibited from signing in, please contact your site administrator.
+prohibit_login = Sign-In Prohibited
+prohibit_login_desc = Your account is prohibited from signing in. Please contact your site administrator.
 resent_limit_prompt = You have already requested an activation email recently. Please wait 3 minutes and try again.
 has_unconfirmed_mail = Hi %s, you have an unconfirmed email address (<b>%s</b>). If you haven't received a confirmation email or need to resend a new one, please click on the button below.
 change_unconfirmed_mail_address = If your registration email address is incorrect, you can change it here and resend a new confirmation email.
@@ -449,6 +452,7 @@ use_scratch_code = Use a scratch code
 twofa_scratch_used = You have used your scratch code. You have been redirected to the two-factor settings page so you may remove your device enrollment or generate a new scratch code.
 twofa_passcode_incorrect = Your passcode is incorrect. If you misplaced your device, use your scratch code to sign in.
 twofa_scratch_token_incorrect = Your scratch code is incorrect.
+twofa_required = You must set up two-factor authentication to get access to repositories, or try to log in again.
 login_userpass = Sign In
 login_openid = OpenID
 oauth_signup_tab = Register New Account
@@ -460,24 +464,24 @@ oauth_signin_submit = Link Account
 oauth.signin.error.general = There was an error processing the authorization request: %s. If this error persists, please contact the site administrator.
 oauth.signin.error.access_denied = The authorization request was denied.
 oauth.signin.error.temporarily_unavailable = Authorization failed because the authentication server is temporarily unavailable. Please try again later.
-oauth_callback_unable_auto_reg = Auto Registration is enabled, but OAuth2 Provider %[1]s returned missing fields: %[2]s, unable to create an account automatically, please create or link to an account, or contact the site administrator.
+oauth_callback_unable_auto_reg = Auto Registration is enabled, but OAuth2 Provider %[1]s returned missing fields: %[2]s, unable to create an account automatically. Please create or link to an account, or contact the site administrator.
 openid_connect_submit = Connect
 openid_connect_title = Connect to an existing account
 openid_connect_desc = The chosen OpenID URI is unknown. Associate it with a new account here.
 openid_register_title = Create new account
 openid_register_desc = The chosen OpenID URI is unknown. Associate it with a new account here.
 openid_signin_desc = Enter your OpenID URI. For example: alice.openid.example.org or https://openid.example.org/alice.
-disable_forgot_password_mail = Account recovery is disabled because no email is set up. Please contact your site administrator.
-disable_forgot_password_mail_admin = Account recovery is only available when email is set up. Please set up email to enable account recovery.
+disable_forgot_password_mail = Account recovery is disabled because no email address is set up. Please contact your site administrator.
+disable_forgot_password_mail_admin = Account recovery is only available when an email address is set up.
 email_domain_blacklisted = You cannot register with your email address.
 authorize_application = Authorize Application
 authorize_redirect_notice = You will be redirected to %s if you authorize this application.
 authorize_application_created_by = This application was created by %s.
-authorize_application_description = If you grant the access, it will be able to access and write to all your account information, including private repos and organisations.
+authorize_application_description = If you grant access, it will be able to access and write to all your account information, including private repos and organizations.
 authorize_application_with_scopes = With scopes: %s
 authorize_title = Authorize "%s" to access your account?
 authorization_failed = Authorization failed
-authorization_failed_desc = The authorization failed because we detected an invalid request. Please contact the maintainer of the app you have tried to authorize.
+authorization_failed_desc = The authorization failed because we detected an invalid request. Please contact the maintainer of the app you tried to authorize.
 sspi_auth_failed = SSPI authentication failed
 password_pwned = The password you chose is on a <a target="_blank" rel="noopener noreferrer" href="%s">list of stolen passwords</a> previously exposed in public data breaches. Please try again with a different password and consider changing this password elsewhere too.
 password_pwned_err = Could not complete request to HaveIBeenPwned
@@ -502,8 +506,8 @@ activate_email.text = Please click the following link to verify your email addre
 
 register_notify = Welcome to %s
 register_notify.title = %[1]s, welcome to %[2]s
-register_notify.text_1 = this is your registration confirmation email for %s!
-register_notify.text_2 = You can now login via username: %s.
+register_notify.text_1 = This is your registration confirmation email for %s!
+register_notify.text_2 = You can now log in via username: %s.
 register_notify.text_3 = If this account has been created for you, please <a href="%s">set your password</a> first.
 
 reset_password = Recover your account
@@ -541,7 +545,7 @@ release.download.targz = Source Code (TAR.GZ)
 repo.transfer.subject_to = %s would like to transfer "%s" to %s
 repo.transfer.subject_to_you = %s would like to transfer "%s" to you
 repo.transfer.to_you = you
-repo.transfer.body = To accept or reject it visit %s or just ignore it.
+repo.transfer.body = To accept or reject it, visit %s or just ignore it.
 
 repo.collaborator.added.subject = %s added you to %s
 repo.collaborator.added.text = You have been added as a collaborator of repository:
@@ -593,7 +597,7 @@ url_error = `"%s" is not a valid URL.`
 include_error = ` must contain substring "%s".`
 glob_pattern_error = ` glob pattern is invalid: %s.`
 regex_pattern_error = ` regex pattern is invalid: %s.`
-username_error = ` can only contain alphanumeric chars ('0-9','a-z','A-Z'), dash ('-'), underscore ('_') and dot ('.'). It cannot begin or end with non-alphanumeric chars, and consecutive non-alphanumeric chars are also forbidden.`
+username_error = ` can only contain alphanumeric characters ('0-9','a-z','A-Z'), dash ('-'), underscore ('_') and dot ('.'). It cannot begin or end with non-alphanumeric characters, and consecutive non-alphanumeric characters are also forbidden.`
 invalid_group_team_map_error = ` mapping is invalid: %s`
 unknown_error = Unknown error:
 captcha_incorrect = The CAPTCHA code is incorrect.
@@ -608,17 +612,17 @@ username_has_not_been_changed = Username has not been changed
 repo_name_been_taken = The repository name is already used.
 repository_force_private = Force Private is enabled: private repositories cannot be made public.
 repository_files_already_exist = Files already exist for this repository. Contact the system administrator.
-repository_files_already_exist.adopt = Files already exist for this repository and can only be Adopted.
+repository_files_already_exist.adopt = Files already exist for this repository and can only be adopted.
 repository_files_already_exist.delete = Files already exist for this repository. You must delete them.
 repository_files_already_exist.adopt_or_delete = Files already exist for this repository. Either adopt them or delete them.
 visit_rate_limit = Remote visit addressed rate limitation.
-2fa_auth_required = Remote visit required two factors authentication.
+2fa_auth_required = Remote visit required two-factor authentication.
 org_name_been_taken = The organization name is already taken.
 team_name_been_taken = The team name is already taken.
 team_no_units_error = Allow access to at least one repository section.
 email_been_used = The email address is already used.
 email_invalid = The email address is invalid.
-email_domain_is_not_allowed = The domain of user email <b>%s</b> conflicts with EMAIL_DOMAIN_ALLOWLIST or EMAIL_DOMAIN_BLOCKLIST. Please ensure your operation is expected.
+email_domain_is_not_allowed = The domain of user email address <b>%s</b> conflicts with EMAIL_DOMAIN_ALLOWLIST or EMAIL_DOMAIN_BLOCKLIST. Please ensure your operation is expected.
 openid_been_used = The OpenID address "%s" is already used.
 username_password_incorrect = Username or password is incorrect.
 password_complexity = Password does not pass complexity requirements:
@@ -643,14 +647,14 @@ invalid_ssh_key = Cannot verify your SSH key: %s
 invalid_gpg_key = Cannot verify your GPG key: %s
 invalid_ssh_principal = Invalid principal: %s
 must_use_public_key = The key you provided is a private key. Please do not upload your private key anywhere. Use your public key instead.
-unable_verify_ssh_key = "Cannot verify the SSH key, double-check it for mistakes."
+unable_verify_ssh_key = "Cannot verify the SSH key. Double-check it for mistakes."
 auth_failed = Authentication failed: %v
 
-still_own_repo = "Your account owns one or more repositories, delete or transfer them first."
-still_has_org = "Your account is a member of one or more organizations, leave them first."
-still_own_packages = "Your account owns one or more packages, delete them first."
-org_still_own_repo = "This organization still owns one or more repositories, delete or transfer them first."
-org_still_own_packages = "This organization still owns one or more packages, delete them first."
+still_own_repo = "Your account owns one or more repositories. Delete or transfer them first."
+still_has_org = "Your account is a member of one or more organizations. Leave them first."
+still_own_packages = "Your account owns one or more packages. Delete them first."
+org_still_own_repo = "This organization still owns one or more repositories. Delete or transfer them first."
+org_still_own_packages = "This organization still owns one or more packages. Delete them first."
 
 target_branch_not_exist = Target branch does not exist.
 target_ref_not_exist = Target ref does not exist %s
@@ -681,11 +685,11 @@ settings = User Settings
 
 form.name_reserved = The username "%s" is reserved.
 form.name_pattern_not_allowed = The pattern "%s" is not allowed in a username.
-form.name_chars_not_allowed = User name "%s" contains invalid characters.
+form.name_chars_not_allowed = Username "%s" contains invalid characters.
 
 block.block = Block
 block.block.user = Block user
-block.block.org = Block user for organization
+block.block.org = Block user from organization
 block.block.failure = Failed to block user: %s
 block.unblock = Unblock
 block.unblock.failure = Failed to unblock user: %s
@@ -698,7 +702,7 @@ block.info_3 = send you notifications by @mentioning your username
 block.info_4 = inviting you as a collaborator to their repositories
 block.info_5 = starring, forking or watching on repositories
 block.info_6 = opening and commenting on issues or pull requests
-block.info_7 = reacting on your comments in issues or pull requests
+block.info_7 = reacting to your comments in issues or pull requests
 block.user_to_block = User to block
 block.note = Note
 block.note.title = Optional note:
@@ -729,9 +733,9 @@ webauthn = Two-Factor Authentication (Security Keys)
 public_profile = Public Profile
 biography_placeholder = Tell us a little bit about yourself! (You can use Markdown)
 location_placeholder = Share your approximate location with others
-profile_desc = Control how your profile is show to other users. Your primary email address will be used for notifications, password recovery and web-based Git operations.
-password_username_disabled = You are not allowed to change their username. Please contact your site administrator for more details.
-password_full_name_disabled = You are not allowed to change their full name. Please contact your site administrator for more details.
+profile_desc = Control how your profile is shown to other users. Your primary email address will be used for notifications, password recovery and web-based Git operations.
+password_username_disabled = You are not allowed to change your username. Please contact your site administrator for more details.
+password_full_name_disabled = You are not allowed to change your full name. Please contact your site administrator for more details.
 full_name = Full Name
 website = Website
 location = Location
@@ -749,7 +753,7 @@ cancel = Cancel
 language = Language
 ui = Theme
 hidden_comment_types = Hidden comment types
-hidden_comment_types_description = Comment types checked here will not be shown inside issue pages. Checking "Label" for example removes all "{user} added/removed {label}" comments.
+hidden_comment_types_description = Comment types checked here will not be shown on issue pages. Checking "Label", for example, removes all "{user} added/removed {label}" comments.
 hidden_comment_types.ref_tooltip = Comments where this issue was referenced from another issue/commit/…
 hidden_comment_types.issue_ref_tooltip = Comments where the user changes the branch/tag associated with the issue
 comment_type_group_reference = Reference
@@ -797,18 +801,18 @@ manage_themes = Select default theme
 manage_openid = Manage OpenID Addresses
 email_desc = Your primary email address will be used for notifications, password recovery and, provided that it is not hidden, web-based Git operations.
 theme_desc = This will be your default theme across the site.
-theme_colorblindness_help = Colorblindness Theme Support
-theme_colorblindness_prompt = Gitea just gets some themes with basic colorblindness support, which only have a few colors defined. The work is still in progress. More improvements could be done by defining more colors in the theme CSS files.
+theme_colorblindness_help = Color blindness Theme Support
+theme_colorblindness_prompt = Gitea only has a few themes with basic color blindness support, which only have a few colors defined. The work is still in progress. More improvements could be made by defining more colors in the theme CSS files.
 primary = Primary
 activated = Activated
 requires_activation = Requires activation
 primary_email = Make Primary
 activate_email = Send Activation
 activations_pending = Activations Pending
-can_not_add_email_activations_pending = There is a pending activation, try again in a few minutes if you want to add a new email.
+can_not_add_email_activations_pending = There is a pending activation. Try again in a few minutes if you want to add a new email address.
 delete_email = Remove
 email_deletion = Remove Email Address
-email_deletion_desc = The email address and related information will be removed from your account. Git commits by this email address will remain unchanged. Continue?
+email_deletion_desc = This email address and related information will be removed from your account. Git commits by this email address will remain unchanged. Continue?
 email_deletion_success = The email address has been removed.
 theme_update_success = Your theme was updated.
 theme_update_error = The selected theme does not exist.
@@ -851,7 +855,7 @@ gpg_key_matched_identities_long=The embedded identities in this key match the fo
 gpg_key_verified=Verified Key
 gpg_key_verified_long=Key has been verified with a token and can be used to verify commits matching any activated email addresses for this user in addition to any matched identities for this key.
 gpg_key_verify=Verify
-gpg_invalid_token_signature = The provided GPG key, signature and token do not match or token is out-of-date.
+gpg_invalid_token_signature = The provided GPG key, signature and token do not match, or the token is out-of-date.
 gpg_token_required = You must provide a signature for the below token
 gpg_token = Token
 gpg_token_help = You can generate a signature using:
@@ -861,7 +865,7 @@ verify_gpg_key_success = GPG key "%s" has been verified.
 ssh_key_verified=Verified Key
 ssh_key_verified_long=Key has been verified with a token and can be used to verify commits matching any activated email addresses for this user.
 ssh_key_verify=Verify
-ssh_invalid_token_signature = The provided SSH key, signature or token do not match or token is out-of-date.
+ssh_invalid_token_signature = The provided SSH key, signature or token do not match, or the token is out-of-date.
 ssh_token_required = You must provide a signature for the below token
 ssh_token = Token
 ssh_token_help = You can generate a signature using:
@@ -882,7 +886,7 @@ gpg_key_deletion = Remove GPG Key
 ssh_principal_deletion = Remove SSH Certificate Principal
 ssh_key_deletion_desc = Removing an SSH key revokes its access to your account. Continue?
 gpg_key_deletion_desc = Removing a GPG key un-verifies commits signed by it. Continue?
-ssh_principal_deletion_desc = Removing a SSH Certificate Principal revokes its access to your account. Continue?
+ssh_principal_deletion_desc = Removing an SSH Certificate Principal revokes its access to your account. Continue?
 ssh_key_deletion_success = The SSH key has been removed.
 gpg_key_deletion_success = The GPG key has been removed.
 ssh_principal_deletion_success = The principal has been removed.
@@ -926,6 +930,9 @@ permission_not_set = Not set
 permission_no_access = No Access
 permission_read = Read
 permission_write = Read and Write
+permission_anonymous_read = Anonymous Read
+permission_everyone_read = Everyone Read
+permission_everyone_write = Everyone Write
 access_token_desc = Selected token permissions limit authorization only to the corresponding <a %s>API</a> routes. Read the <a %s>documentation</a> for more information.
 at_least_one_permission = You must select at least one permission to create a token
 permissions_list = Permissions:
@@ -941,7 +948,7 @@ create_oauth2_application_button = Create Application
 create_oauth2_application_success = You have successfully created a new OAuth2 application.
 update_oauth2_application_success = You have successfully updated the OAuth2 application.
 oauth2_application_name = Application Name
-oauth2_confidential_client = Confidential Client. Select for apps that keep the secret confidential, such as web apps. Do not select for native apps including desktop and mobile apps.
+oauth2_confidential_client = Confidential Client. Select for apps that keep the secret confidential, such as web apps. Do not select for native apps, including desktop and mobile apps.
 oauth2_skip_secondary_authorization = Skip authorization for public clients after granting access once. <strong>May pose a security risk.</strong>
 oauth2_redirect_uris = Redirect URIs. Please use a new line for every URI.
 save_application = Save
@@ -956,10 +963,10 @@ oauth2_application_remove_description = Removing an OAuth2 application will prev
 oauth2_application_locked = Gitea pre-registers some OAuth2 applications on startup if enabled in config. To prevent unexpected behavior, these can neither be edited nor removed. Please refer to the OAuth2 documentation for more information.
 
 authorized_oauth2_applications = Authorized OAuth2 Applications
-authorized_oauth2_applications_description = You have granted access to your personal Gitea account to these third party applications. Please revoke access for applications you no longer need.
+authorized_oauth2_applications_description = You have granted access to your personal Gitea account to these third-party applications. Please revoke access for applications you no longer need.
 revoke_key = Revoke
 revoke_oauth2_grant = Revoke Access
-revoke_oauth2_grant_description = Revoking access for this third party application will prevent this application from accessing your data. Are you sure?
+revoke_oauth2_grant_description = Revoking access for this third-party application will prevent this application from accessing your data. Are you sure?
 revoke_oauth2_grant_success = Access revoked successfully.
 
 twofa_desc = To protect your account against password theft, you can use a smartphone or another device for receiving time-based one-time passwords ("TOTP").
@@ -969,7 +976,7 @@ twofa_not_enrolled = Your account is not currently enrolled in two-factor authen
 twofa_disable = Disable Two-Factor Authentication
 twofa_scratch_token_regenerate = Regenerate Single-Use Recovery Key
 twofa_scratch_token_regenerated = Your single-use recovery key is now %s. Store it in a safe place, as it will not be shown again.
-twofa_enroll = Enroll into Two-Factor Authentication
+twofa_enroll = Enroll in Two-Factor Authentication
 twofa_disable_note = You can disable two-factor authentication if needed.
 twofa_disable_desc = Disabling two-factor authentication will make your account less secure. Continue?
 regenerate_scratch_token_desc = If you misplaced your recovery key or have already used it to sign in, you can reset it here.
@@ -985,13 +992,13 @@ webauthn_desc = Security keys are hardware devices containing cryptographic keys
 webauthn_register_key = Add Security Key
 webauthn_nickname = Nickname
 webauthn_delete_key = Remove Security Key
-webauthn_delete_key_desc = If you remove a security key you can no longer sign in with it. Continue?
+webauthn_delete_key_desc = If you remove a security key, you can no longer sign in with it. Continue?
 webauthn_key_loss_warning = If you lose your security keys, you will lose access to your account.
 webauthn_alternative_tip = You may want to configure an additional authentication method.
 
 manage_account_links = Manage Linked Accounts
 manage_account_links_desc = These external accounts are linked to your Gitea account.
-account_links_not_available = There are currently no external accounts linked to your Gitea account.
+account_links_not_available = No external accounts are currently linked to your Gitea account.
 link_account = Link Account
 remove_account_link = Remove Linked Account
 remove_account_link_desc = Removing a linked account will revoke its access to your Gitea account. Continue?
@@ -1014,6 +1021,8 @@ email_notifications.onmention = Only Email on Mention
 email_notifications.disable = Disable Email Notifications
 email_notifications.submit = Set Email Preference
 email_notifications.andyourown = And Your Own Notifications
+email_notifications.actions.desc = Notifications for workflow runs on repositories set up with <a target="_blank" href="%s">Gitea Actions</a>.
+email_notifications.actions.failure_only = Only notify for failed workflow runs
 
 visibility = User visibility
 visibility.public = Public
@@ -1028,8 +1037,8 @@ new_repo_helper = A repository contains all project files, including revision hi
 owner = Owner
 owner_helper = Some organizations may not show up in the dropdown due to a maximum repository count limit.
 repo_name = Repository Name
-repo_name_profile_public_hint= .profile is a special repository that you can use to add README.md to your public organization profile, visible to anyone. Make sure it’s public and initialize it with a README in the profile directory to get started.
-repo_name_profile_private_hint = .profile-private is a special repository that you can use to add a README.md to your organization member profile, visible only to organization members. Make sure it’s private and initialize it with a README in the profile directory to get started.
+repo_name_profile_public_hint= .profile is a special repository that you can use to add README.md to your public organization profile, visible to anyone. Make sure it's public and initialize it with a README in the profile directory to get started.
+repo_name_profile_private_hint = .profile-private is a special repository that you can use to add a README.md to your organization member profile, visible only to organization members. Make sure it's private and initialize it with a README in the profile directory to get started.
 repo_name_helper = Good repository names use short, memorable and unique keywords. A repository named ".profile" or ".profile-private" could be used to add a README.md for the user/organization profile.
 repo_size = Repository Size
 template = Template
@@ -1051,7 +1060,7 @@ fork_branch = Branch to be cloned to the fork
 all_branches = All branches
 view_all_branches = View all branches
 view_all_tags = View all tags
-fork_no_valid_owners = This repository can not be forked because there are no valid owners.
+fork_no_valid_owners = This repository cannot be forked because there are no valid owners.
 fork.blocked_user = Cannot fork the repository because you are blocked by the repository owner.
 use_template = Use this template
 open_with_editor = Open with %s
@@ -1095,12 +1104,12 @@ mirror_sync = synced
 mirror_sync_on_commit = Sync when commits are pushed
 mirror_address = Clone From URL
 mirror_address_desc = Put any required credentials in the Authorization section.
-mirror_address_url_invalid = The provided URL is invalid. You must escape all components of the url correctly.
+mirror_address_url_invalid = The provided URL is invalid. Make sure all components of the URL are escaped correctly.
 mirror_address_protocol_invalid = The provided URL is invalid. Only http(s):// or git:// locations can be used for mirroring.
 mirror_lfs = Large File Storage (LFS)
 mirror_lfs_desc = Activate mirroring of LFS data.
 mirror_lfs_endpoint = LFS Endpoint
-mirror_lfs_endpoint_desc = Sync will attempt to use the clone url to <a target="_blank" rel="noopener noreferrer" href="%s">determine the LFS server</a>. You can also specify a custom endpoint if the repository LFS data is stored somewhere else.
+mirror_lfs_endpoint_desc = Sync will attempt to use the clone URL to <a target="_blank" rel="noopener noreferrer" href="%s">determine the LFS server</a>. You can also specify a custom endpoint if the repository LFS data is stored somewhere else.
 mirror_last_synced = Last Synchronized
 mirror_password_placeholder = (Unchanged)
 mirror_password_blank_placeholder = (Unset)
@@ -1113,7 +1122,7 @@ stars = Stars
 reactions_more = and %d more
 unit_disabled = The site administrator has disabled this repository section.
 language_other = Other
-adopt_search = Enter username to search for unadopted repositories... (leave blank to find all)
+adopt_search = Enter username to search for unadopted repositories… (leave blank to find all)
 adopt_preexisting_label = Adopt Files
 adopt_preexisting = Adopt pre-existing files
 adopt_preexisting_content = Create repository from %s
@@ -1138,6 +1147,7 @@ transfer.no_permission_to_reject = You do not have permission to reject this tra
 
 desc.private = Private
 desc.public = Public
+desc.public_access = Public Access
 desc.template = Template
 desc.internal = Internal
 desc.archived = Archived
@@ -1154,8 +1164,8 @@ template.issue_labels = Issue Labels
 template.one_item = Must select at least one template item
 template.invalid = Must select a template repository
 
-archive.title = This repo is archived. You can view files and clone it, but cannot push or open issues or pull requests.
-archive.title_date = This repository has been archived on %s. You can view files and clone it, but cannot push or open issues or pull requests.
+archive.title = This repo is archived. You can view files and clone it. You cannot open issues or pull requests or push a commit.
+archive.title_date = This repository has been archived on %s. You can view files and clone it. You cannot open issues or pull requests or push a commit.
 archive.issue.nocomment = This repo is archived. You cannot comment on issues.
 archive.pull.nocomment = This repo is archived. You cannot comment on pull requests.
 
@@ -1172,7 +1182,7 @@ migrate_options_lfs = Migrate LFS files
 migrate_options_lfs_endpoint.label = LFS Endpoint
 migrate_options_lfs_endpoint.description = Migration will attempt to use your Git remote to <a target="_blank" rel="noopener noreferrer" href="%s">determine the LFS server</a>. You can also specify a custom endpoint if the repository LFS data is stored somewhere else.
 migrate_options_lfs_endpoint.description.local = A local server path is supported too.
-migrate_options_lfs_endpoint.placeholder = If left blank, the endpoint will be derived from the clone URL
+migrate_options_lfs_endpoint.placeholder = If left blank, the endpoint will be derived from the clone URL.
 migrate_items = Migration Items
 migrate_items_wiki = Wiki
 migrate_items_milestones = Milestones
@@ -1184,10 +1194,10 @@ migrate_items_releases = Releases
 migrate_repo = Migrate Repository
 migrate.clone_address = Migrate / Clone From URL
 migrate.clone_address_desc = The HTTP(S) or Git 'clone' URL of an existing repository
-migrate.github_token_desc = You can put one or more tokens with comma separated here to make migrating faster because of GitHub API rate limit. WARN: Abusing this feature may violate the service provider's policy and lead to account blocking.
+migrate.github_token_desc = You can put one or more tokens here, separated by commas, to make migrating faster by circumventing the GitHub API rate limit. WARNING: Abusing this feature may violate the service provider's policy and may lead to getting your account(s) blocked.
 migrate.clone_local_path = or a local server path
 migrate.permission_denied = You are not allowed to import local repositories.
-migrate.permission_denied_blocked = You cannot import from disallowed hosts, please ask the admin to check ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS settings.
+migrate.permission_denied_blocked = You cannot import from disallowed hosts. Please ask the admin to check ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS settings.
 migrate.invalid_local_path = "The local path is invalid. It doesn't exist or is not a directory."
 migrate.invalid_lfs_endpoint = The LFS endpoint is not valid.
 migrate.failed = Migration failed: %v
@@ -1195,7 +1205,7 @@ migrate.migrate_items_options = Access Token is required to migrate additional i
 migrated_from = Migrated from <a href="%[1]s">%[2]s</a>
 migrated_from_fake = Migrated From %[1]s
 migrate.migrate = Migrate From %s
-migrate.migrating = Migrating from <b>%s</b> ...
+migrate.migrating = Migrating from <b>%s</b>…
 migrate.migrating_failed = Migrating from <b>%s</b> failed.
 migrate.migrating_failed.error = Failed to migrate: %s
 migrate.migrating_failed_no_addr = Migration failed.
@@ -1221,6 +1231,7 @@ migrate.migrating_issues = Migrating Issues
 migrate.migrating_pulls = Migrating Pull Requests
 migrate.cancel_migrating_title = Cancel Migration
 migrate.cancel_migrating_confirm = Do you want to cancel this migration?
+migration_status = Migration status
 
 mirror_from = mirror of
 forked_from = forked from
@@ -1243,9 +1254,9 @@ clone_this_repo = Clone this repository
 cite_this_repo = Cite this repository
 create_new_repo_command = Creating a new repository on the command line
 push_exist_repo = Pushing an existing repository from the command line
-empty_message = This repository does not contain any content.
+empty_message = This repository does not have any content.
 broken_message = The Git data underlying this repository cannot be read. Contact the administrator of this instance or delete this repository.
-no_branch = This repository doesn’t have any branches.
+no_branch = This repository doesn't have any branches.
 
 code = Code
 code.desc = Access source code, files, commits and branches.
@@ -1262,7 +1273,7 @@ projects = Projects
 packages = Packages
 actions = Actions
 labels = Labels
-org_labels_desc = Organization level labels that can be used with <strong>all repositories</strong> under this organization
+org_labels_desc = Organization-level labels that can be used with <strong>all repositories</strong> under this organization
 org_labels_desc_manage = manage
 
 milestone = Milestone
@@ -1299,7 +1310,6 @@ file_copy_permalink = Copy Permalink
 view_git_blame = View Git Blame
 video_not_supported_in_browser = Your browser does not support the HTML5 'video' tag.
 audio_not_supported_in_browser = Your browser does not support the HTML5 'audio' tag.
-stored_lfs = Stored with Git LFS
 symbolic_link = Symbolic link
 executable_file = Executable File
 vendored = Vendored
@@ -1312,6 +1322,7 @@ commit_graph.color = Color
 commit.contained_in = This commit is contained in:
 commit.contained_in_default_branch = This commit is part of the default branch
 commit.load_referencing_branches_and_tags = Load branches and tags referencing this commit
+commit.merged_in_pr = This commit was merged in pull request %s.
 blame = Blame
 download_file = Download file
 normal_view = Normal View
@@ -1325,7 +1336,9 @@ editor.upload_file = Upload File
 editor.edit_file = Edit File
 editor.preview_changes = Preview Changes
 editor.cannot_edit_lfs_files = LFS files cannot be edited in the web interface.
+editor.cannot_edit_too_large_file = The file is too large to be edited.
 editor.cannot_edit_non_text_files = Binary files cannot be edited in the web interface.
+editor.file_not_editable_hint = But you can still rename or move it.
 editor.edit_this_file = Edit File
 editor.this_file_locked = File is locked
 editor.must_be_on_a_branch = You must be on a branch to make or propose changes to this file.
@@ -1345,7 +1358,7 @@ editor.update = Update %s
 editor.delete = Delete %s
 editor.patch = Apply Patch
 editor.patching = Patching:
-editor.fail_to_apply_patch = Unable to apply patch "%s"
+editor.fail_to_apply_patch = Unable to apply patch
 editor.new_patch = New Patch
 editor.commit_message_desc = Add an optional extended description…
 editor.signoff_desc = Add a Signed-off-by trailer by the committer at the end of the commit log message.
@@ -1358,24 +1371,21 @@ editor.new_branch_name_desc = New branch name…
 editor.cancel = Cancel
 editor.filename_cannot_be_empty = The filename cannot be empty.
 editor.filename_is_invalid = The filename is invalid: "%s".
-editor.commit_email = Commit email
-editor.invalid_commit_email = The email for the commit is invalid.
+editor.commit_email = Commit email address
+editor.invalid_commit_email = The email address for the commit is invalid.
 editor.branch_does_not_exist = Branch "%s" does not exist in this repository.
 editor.branch_already_exists = Branch "%s" already exists in this repository.
 editor.directory_is_a_file = Directory name "%s" is already used as a filename in this repository.
-editor.file_is_a_symlink = `"%s" is a symbolic link. Symbolic links cannot be edited in the web editor`
+editor.file_is_a_symlink = `"%s" is a symbolic link. Symbolic links cannot be edited in the web editor.`
 editor.filename_is_a_directory = Filename "%s" is already used as a directory name in this repository.
-editor.file_editing_no_longer_exists = The file being edited, "%s", no longer exists in this repository.
-editor.file_deleting_no_longer_exists = The file being deleted, "%s", no longer exists in this repository.
+editor.file_modifying_no_longer_exists = The file being modified, "%s", no longer exists in this repository.
 editor.file_changed_while_editing = The file contents have changed since you started editing. <a target="_blank" rel="noopener noreferrer" href="%s">Click here</a> to see them or <strong>Commit Changes again</strong> to overwrite them.
 editor.file_already_exists = A file named "%s" already exists in this repository.
-editor.commit_id_not_matching = The Commit ID does not match the ID when you began editing.  Commit into a patch branch and then merge.
+editor.commit_id_not_matching = The Commit ID does not match the ID when you began editing. Commit into a patch branch and then merge.
 editor.push_out_of_date = The push appears to be out of date.
 editor.commit_empty_file_header = Commit an empty file
 editor.commit_empty_file_text = The file you're about to commit is empty. Proceed?
 editor.no_changes_to_show = There are no changes to show.
-editor.fail_to_update_file = Failed to update/create file "%s".
-editor.fail_to_update_file_summary = Error Message:
 editor.push_rejected_no_message = The change was rejected by the server without a message. Please check Git Hooks.
 editor.push_rejected = The change was rejected by the server. Please check Git Hooks.
 editor.push_rejected_summary = Full Rejection Message:
@@ -1389,6 +1399,15 @@ editor.user_no_push_to_branch = User cannot push to branch
 editor.require_signed_commit = Branch requires a signed commit
 editor.cherry_pick = Cherry-pick %s onto:
 editor.revert = Revert %s onto:
+editor.failed_to_commit = Failed to commit changes.
+editor.failed_to_commit_summary = Error Message:
+
+editor.fork_create = Fork Repository to Propose Changes
+editor.fork_create_description = You cannot edit this repository directly. Instead you can create a fork, make edits and create a pull request.
+editor.fork_edit_description = You cannot edit this repository directly. The changes will be written to your fork <b>%s</b>, so you can create a pull request.
+editor.fork_not_editable = You have forked this repository but your fork is not editable.
+editor.fork_failed_to_push_branch = Failed to push branch %s to your repository.
+editor.fork_branch_exists = Branch "%s" already exists in your fork. Please choose a new branch name.
 
 commits.desc = Browse source code change history.
 commits.commits = Commits
@@ -1426,7 +1445,6 @@ commitstatus.success = Success
 ext_issues = Access to External Issues
 ext_issues.desc = Link to an external issue tracker.
 
-projects = Projects
 projects.desc = Manage issues and pulls in projects.
 projects.description = Description (optional)
 projects.description_placeholder = Description
@@ -1491,7 +1509,7 @@ issues.new.clear_assignees = Clear assignees
 issues.new.no_assignees = No Assignees
 issues.new.no_reviewers = No Reviewers
 issues.new.blocked_user = Cannot create issue because you are blocked by the repository owner.
-issues.edit.already_changed = Unable to save changes to the issue. It appears the content has already been changed by another user. Please refresh the page and try editing again to avoid overwriting their changes
+issues.edit.already_changed = Unable to save changes to the issue. It appears the content has already been changed by another user. Please refresh the page and try editing again to avoid overwriting their changes.
 issues.edit.blocked_user = Cannot edit content because you are blocked by the poster or repository owner.
 issues.choose.get_started = Get Started
 issues.choose.open_external_link = Open
@@ -1547,13 +1565,14 @@ issues.filter_project = Project
 issues.filter_project_all = All projects
 issues.filter_project_none = No project
 issues.filter_assignee = Assignee
-issues.filter_assginee_no_assignee = Assigned to nobody
+issues.filter_assignee_no_assignee = Assigned to nobody
 issues.filter_assignee_any_assignee = Assigned to anybody
 issues.filter_poster = Author
 issues.filter_user_placeholder = Search users
 issues.filter_user_no_select = All users
 issues.filter_type = Type
 issues.filter_type.all_issues = All issues
+issues.filter_type.all_pull_requests = All pull requests
 issues.filter_type.assigned_to_you = Assigned to you
 issues.filter_type.created_by_you = Created by you
 issues.filter_type.mentioning_you = Mentioning you
@@ -1562,7 +1581,7 @@ issues.filter_type.reviewed_by_you = Reviewed by you
 issues.filter_sort = Sort
 issues.filter_sort.latest = Newest
 issues.filter_sort.oldest = Oldest
-issues.filter_sort.recentupdate = Recently updated
+issues.filter_sort.recentupdate = Most recently updated
 issues.filter_sort.leastupdate = Least recently updated
 issues.filter_sort.mostcomment = Most commented
 issues.filter_sort.leastcomment = Least commented
@@ -1645,12 +1664,15 @@ issues.save = Save
 issues.label_title = Name
 issues.label_description = Description
 issues.label_color = Color
+issues.label_color_invalid = Invalid color
 issues.label_exclusive = Exclusive
 issues.label_archive = Archive Label
 issues.label_archived_filter = Show archived labels
 issues.label_archive_tooltip = Archived labels are excluded by default from the suggestions when searching by label.
 issues.label_exclusive_desc = Name the label <code>scope/item</code> to make it mutually exclusive with other <code>scope/</code> labels.
 issues.label_exclusive_warning = Any conflicting scoped labels will be removed when editing the labels of an issue or pull request.
+issues.label_exclusive_order = Sort Order
+issues.label_exclusive_order_tooltip = Exclusive labels in the same scope will be sorted according to this numeric order.
 issues.label_count = %d labels
 issues.label_open_issues = %d open issues/pull requests
 issues.label_edit = Edit
@@ -1674,7 +1696,6 @@ issues.pin_comment = "pinned this %s"
 issues.unpin_comment = "unpinned this %s"
 issues.lock = Lock conversation
 issues.unlock = Unlock conversation
-issues.lock.unknown_reason = Cannot lock an issue with an unknown reason.
 issues.lock_duplicate = An issue cannot be locked twice.
 issues.unlock_error = Cannot unlock an issue that is not locked.
 issues.lock_with_reason = "locked as <strong>%s</strong> and limited conversation to collaborators %s"
@@ -1682,7 +1703,7 @@ issues.lock_no_reason = "locked and limited conversation to collaborators %s"
 issues.unlock_comment = "unlocked this conversation %s"
 issues.lock_confirm = Lock
 issues.unlock_confirm = Unlock
-issues.lock.notice_1 = - Other users can’t add new comments to this issue.
+issues.lock.notice_1 = - Other users cannot add new comments to this issue.
 issues.lock.notice_2 = - You and other collaborators with access to this repository can still leave comments that others can see.
 issues.lock.notice_3 = - You can always unlock this issue again in the future.
 issues.unlock.notice_1 = - Everyone would be able to comment on this issue once more.
@@ -1708,6 +1729,8 @@ issues.remove_time_estimate_at = removed time estimate %s
 issues.time_estimate_invalid = Time estimate format is invalid
 issues.start_tracking_history = started working %s
 issues.tracker_auto_close = Timer will be stopped automatically when this issue gets closed
+issues.stopwatch_already_stopped = The timer for this issue is already stopped
+issues.stopwatch_already_created = The timer for this issue already exists
 issues.tracking_already_started = `You have already started time tracking on <a href="%s">another issue</a>!`
 issues.stop_tracking = Stop Timer
 issues.stop_tracking_history = worked for <b>%[1]s</b> %[2]s
@@ -1735,7 +1758,7 @@ issues.due_date_form = "yyyy-mm-dd"
 issues.due_date_form_add = "Add due date"
 issues.due_date_form_edit = "Edit"
 issues.due_date_form_remove = "Remove"
-issues.due_date_not_writer = "You need write access to this repository in order to update the due date of an issue."
+issues.due_date_not_writer = "You need write access to this repository to update the due date of an issue."
 issues.due_date_not_set = "No due date set."
 issues.due_date_added = "added the due date %s %s"
 issues.due_date_modified = "modified the due date from %[2]s to %[1]s %[3]s"
@@ -1758,9 +1781,9 @@ issues.dependency.pr_closing_blockedby = Closing this pull request is blocked by
 issues.dependency.issue_closing_blockedby = Closing this issue is blocked by the following issues
 issues.dependency.issue_close_blocks = This issue blocks closing of the following issues
 issues.dependency.pr_close_blocks = This pull request blocks closing of the following issues
-issues.dependency.issue_close_blocked = You need to close all issues blocking this issue before you can close it.
+issues.dependency.issue_close_blocked = You need to close all issues that are blocking this issue before you can close it.
 issues.dependency.issue_batch_close_blocked = "Cannot batch close issues that you choose, because issue #%d still has open dependencies"
-issues.dependency.pr_close_blocked = You need to close all issues blocking this pull request before you can merge it.
+issues.dependency.pr_close_blocked = You need to close all issues that are blocking this pull request before you can merge it.
 issues.dependency.blocks_short = Blocks
 issues.dependency.blocked_by_short = Depends on
 issues.dependency.remove_header = Remove Dependency
@@ -1771,13 +1794,13 @@ issues.dependency.add_error_same_issue = You cannot make an issue depend on itse
 issues.dependency.add_error_dep_issue_not_exist = Dependent issue does not exist.
 issues.dependency.add_error_dep_not_exist = Dependency does not exist.
 issues.dependency.add_error_dep_exists = Dependency already exists.
-issues.dependency.add_error_cannot_create_circular = You cannot create a dependency with two issues blocking each other.
+issues.dependency.add_error_cannot_create_circular = You cannot create a dependency with two issues that block each other.
 issues.dependency.add_error_dep_not_same_repo = Both issues must be in the same repository.
 issues.review.self.approval = You cannot approve your own pull request.
 issues.review.self.rejection = You cannot request changes on your own pull request.
 issues.review.approve = "approved these changes %s"
 issues.review.comment = "reviewed %s"
-issues.review.dismissed = "dismissed %s’s review %s"
+issues.review.dismissed = "dismissed %s's review %s"
 issues.review.dismissed_label = Dismissed
 issues.review.left_comment = left a comment
 issues.review.content.empty = You need to leave a comment indicating the requested change(s).
@@ -1785,7 +1808,7 @@ issues.review.reject = "requested changes %s"
 issues.review.wait = "was requested for review %s"
 issues.review.add_review_request = "requested review from %s %s"
 issues.review.remove_review_request = "removed review request for %s %s"
-issues.review.remove_review_request_self = "refused to review %s"
+issues.review.remove_review_request_self = "declined to review %s"
 issues.review.pending = Pending
 issues.review.pending.tooltip = This comment is not currently visible to other users. To submit your pending comments, select "%s" -> "%s/%s/%s" at the top of the page.
 issues.review.review = Review
@@ -1807,7 +1830,7 @@ issues.review.requested = Review pending
 issues.review.rejected = Changes requested
 issues.review.stale = Updated since approval
 issues.review.unofficial = Uncounted approval
-issues.assignee.error = Not all assignees was added due to an unexpected error.
+issues.assignee.error = Not all assignees were added, due to an unexpected error.
 issues.reference_issue.body = Body
 issues.content_history.deleted = deleted
 issues.content_history.edited = edited
@@ -1824,7 +1847,7 @@ pulls.desc = Enable pull requests and code reviews.
 pulls.new = New Pull Request
 pulls.new.blocked_user = Cannot create pull request because you are blocked by the repository owner.
 pulls.new.must_collaborator = You must be a collaborator to create pull request.
-pulls.edit.already_changed = Unable to save changes to the pull request. It appears the content has already been changed by another user. Please refresh the page and try editing again to avoid overwriting their changes
+pulls.edit.already_changed = Unable to save changes to the pull request. It appears the content has already been changed by another user. Please refresh the page and try editing again to avoid overwriting their changes.
 pulls.view = View Pull Request
 pulls.compare_changes = New Pull Request
 pulls.allow_edits_from_maintainers = Allow edits from maintainers
@@ -1845,11 +1868,11 @@ pulls.show_all_commits = Show all commits
 pulls.show_changes_since_your_last_review = Show changes since your last review
 pulls.showing_only_single_commit = Showing only changes of commit %[1]s
 pulls.showing_specified_commit_range = Showing only changes between %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range = Select commit. Hold shift + click to select a range
+pulls.select_commit_hold_shift_for_range = Select commit. Hold Shift and click to select a range.
 pulls.review_only_possible_for_full_diff = Review is only possible when viewing the full diff
 pulls.filter_changes_by_commit = Filter by commit
 pulls.nothing_to_compare = These branches are equal. There is no need to create a pull request.
-pulls.nothing_to_compare_have_tag = The selected branch/tag are equal.
+pulls.nothing_to_compare_have_tag = The selected branches/tags are equal.
 pulls.nothing_to_compare_and_allow_empty_pr = These branches are equal. This PR will be empty.
 pulls.has_pull_request = `A pull request between these branches already exists: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create = Create Pull Request
@@ -1874,7 +1897,7 @@ pulls.add_prefix = Add <strong>%s</strong> prefix
 pulls.remove_prefix = Remove <strong>%s</strong> prefix
 pulls.data_broken = This pull request is broken due to missing fork information.
 pulls.files_conflicted = This pull request has changes conflicting with the target branch.
-pulls.is_checking = "Merge conflict checking is in progress. Try again in few moments."
+pulls.is_checking = Checking for merge conflicts…
 pulls.is_ancestor = "This branch is already included in the target branch. There is nothing to merge."
 pulls.is_empty = "The changes on this branch are already on the target branch. This will be an empty commit."
 pulls.required_status_check_failed = Some required checks were not successful.
@@ -1898,16 +1921,16 @@ pulls.reject_count_1 = "%d change request"
 pulls.reject_count_n = "%d change requests"
 pulls.waiting_count_1 = "%d waiting review"
 pulls.waiting_count_n = "%d waiting reviews"
-pulls.wrong_commit_id = "commit id must be a commit id on the target branch"
+pulls.wrong_commit_id = "commit ID must be a commit ID on the target branch"
 
 pulls.no_merge_desc = This pull request cannot be merged because all repository merge options are disabled.
 pulls.no_merge_helper = Enable merge options in the repository settings or merge the pull request manually.
 pulls.no_merge_wip = This pull request cannot be merged because it is marked as being a work in progress.
-pulls.no_merge_not_ready = This pull request is not ready to be merged, check review status and status checks.
+pulls.no_merge_not_ready = This pull request is not ready to be merged. Check review status and status checks.
 pulls.no_merge_access = You are not authorized to merge this pull request.
 pulls.merge_pull_request = Create merge commit
-pulls.rebase_merge_pull_request = Rebase then fast-forward
-pulls.rebase_merge_commit_pull_request = Rebase then create merge commit
+pulls.rebase_merge_pull_request = Rebase, then fast-forward
+pulls.rebase_merge_commit_pull_request = Rebase, then create merge commit
 pulls.squash_merge_pull_request = Create squash commit
 pulls.fast_forward_only_merge_pull_request = Fast-forward only
 pulls.merge_manually = Manually merged
@@ -1915,17 +1938,17 @@ pulls.merge_commit_id = The merge commit ID
 pulls.require_signed_wont_sign = The branch requires signed commits but this merge will not be signed
 
 pulls.invalid_merge_option = You cannot use this merge option for this pull request.
-pulls.merge_conflict = Merge Failed: There was a conflict whilst merging. Hint: Try a different strategy
+pulls.merge_conflict = Merge Failed: There was a conflict while merging. Hint: Try a different strategy.
 pulls.merge_conflict_summary = Error Message
-pulls.rebase_conflict = Merge Failed: There was a conflict whilst rebasing commit: %[1]s. Hint: Try a different strategy
+pulls.rebase_conflict = Merge Failed: There was a conflict while rebasing commit: %[1]s. Hint: Try a different strategy.
 pulls.rebase_conflict_summary = Error Message
-pulls.unrelated_histories = Merge Failed: The merge head and base do not share a common history. Hint: Try a different strategy
-pulls.merge_out_of_date = Merge Failed: Whilst generating the merge, the base was updated. Hint: Try again.
-pulls.head_out_of_date = Merge Failed: Whilst generating the merge, the head was updated. Hint: Try again.
-pulls.has_merged = Failed: The pull request has been merged, you cannot merge again or change the target branch.
+pulls.unrelated_histories = Merge Failed: The merge head and base do not share a common history. Hint: Try a different strategy.
+pulls.merge_out_of_date = Merge Failed: While generating the merge, the base was updated. Hint: Try again.
+pulls.head_out_of_date = Merge Failed: While generating the merge, the head was updated. Hint: Try again.
+pulls.has_merged = Failed: The pull request has been merged. You cannot merge again or change the target branch.
 pulls.push_rejected = Push Failed: The push was rejected. Review the Git Hooks for this repository.
 pulls.push_rejected_summary = Full Rejection Message
-pulls.push_rejected_no_message = Push Failed: The push was rejected but there was no remote message. Review the Git Hooks for this repository
+pulls.push_rejected_no_message = Push Failed: The push was rejected but there was no remote message. Review the Git Hooks for this repository.
 pulls.open_unmerged_pull_exists = `You cannot perform a reopen operation because there is a pending pull request (#%d) with identical properties.`
 pulls.status_checking = Some checks are pending
 pulls.status_checks_success = All checks were successful
@@ -1949,9 +1972,9 @@ pulls.cmd_instruction_checkout_title = Checkout
 pulls.cmd_instruction_checkout_desc = From your project repository, check out a new branch and test the changes.
 pulls.cmd_instruction_merge_title = Merge
 pulls.cmd_instruction_merge_desc = Merge the changes and update on Gitea.
-pulls.cmd_instruction_merge_warning = Warning: This operation can not merge pull request because "autodetect manual merge" was not enable
+pulls.cmd_instruction_merge_warning = Warning: This operation cannot merge pull request because "autodetect manual merge" is not enabled.
 pulls.clear_merge_message = Clear merge message
-pulls.clear_merge_message_hint = Clearing the merge message will only remove the commit message content and keep generated git trailers such as "Co-Authored-By …".
+pulls.clear_merge_message_hint = Clearing the merge message will only remove the commit message content and keep generated git trailers such as "Co-Authored-By…".
 
 pulls.auto_merge_button_when_succeed = (When checks succeed)
 pulls.auto_merge_when_succeed = Auto merge when all checks succeed
@@ -2012,12 +2035,12 @@ milestones.filter_sort.most_issues = Most issues
 milestones.filter_sort.least_issues = Least issues
 
 signing.will_sign = This commit will be signed with key "%s".
-signing.wont_sign.error = There was an error whilst checking if the commit could be signed.
+signing.wont_sign.error = There was an error while checking if the commit could be signed.
 signing.wont_sign.nokey = There is no key available to sign this commit.
 signing.wont_sign.never = Commits are never signed.
 signing.wont_sign.always = Commits are always signed.
 signing.wont_sign.pubkey = The commit will not be signed because you do not have a public key associated with your account.
-signing.wont_sign.twofa = You must have two factor authentication enabled to have commits signed.
+signing.wont_sign.twofa = You must have two-factor authentication enabled to have commits signed.
 signing.wont_sign.parentsigned = The commit will not be signed as the parent commit is not signed.
 signing.wont_sign.basesigned = The merge will not be signed as the base commit is not signed.
 signing.wont_sign.headsigned = The merge will not be signed as the head commit is not signed.
@@ -2103,7 +2126,7 @@ activity.title.releases_1 = %d Release
 activity.title.releases_n = %d Releases
 activity.title.releases_published_by = %s published by %s
 activity.published_release_label = Published
-activity.no_git_activity = There has not been any commit activity in this period.
+activity.no_git_activity = There has been no commit activity in this period.
 activity.git_stats_exclude_merges = Excluding merges,
 activity.git_stats_author_1 = %d author
 activity.git_stats_author_n = %d authors
@@ -2131,14 +2154,21 @@ contributors.contribution_type.additions = Additions
 contributors.contribution_type.deletions = Deletions
 
 settings = Settings
-settings.desc = Settings is where you can manage the settings for the repository
+settings.desc = Settings is where you can manage the settings for the repository.
 settings.options = Repository
+settings.public_access = Public Access
+settings.public_access_desc = Configure public visitor's access permissions to override the defaults of this repository.
+settings.public_access.docs.not_set = Not Set: no extra public access permission. The visitor's permission follows the repository's visibility and member permissions.
+settings.public_access.docs.anonymous_read = Anonymous Read: users who are not logged in can access the unit with read permission.
+settings.public_access.docs.everyone_read = Everyone Read: all logged-in users can access the unit with read permission. Read permission of issue/pull-request units also means users can create new issues/pull requests.
+settings.public_access.docs.everyone_write = Everyone Write: all logged-in users have write permission to the unit. Only Wiki unit supports this permission.
 settings.collaboration = Collaborators
 settings.collaboration.admin = Administrator
 settings.collaboration.write = Write
 settings.collaboration.read = Read
 settings.collaboration.owner = Owner
 settings.collaboration.undefined = Undefined
+settings.collaboration.per_unit = Unit Permissions
 settings.hooks = Webhooks
 settings.githooks = Git Hooks
 settings.basic_settings = Basic Settings
@@ -2148,7 +2178,7 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions = Set up your pr
 settings.mirror_settings.docs.disabled_push_mirror.instructions = Set up your project to automatically pull commits, tags and branches from another repository.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning = Right now, this can only be done in the "New Migration" menu. For more information, please consult:
 settings.mirror_settings.docs.disabled_push_mirror.info = Push mirrors have been disabled by your site administrator.
-settings.mirror_settings.docs.no_new_mirrors = Your repository is mirroring changes to or from another repository. Please keep in mind that you can't create any new mirrors at this time.
+settings.mirror_settings.docs.no_new_mirrors = Your repository is mirroring changes to or from another repository. Please keep in mind that you currently can't create any new mirrors.
 settings.mirror_settings.docs.can_still_use = Although you can't modify existing mirrors or create new ones, you may still use your existing mirror.
 settings.mirror_settings.docs.pull_mirror_instructions = To set up a pull mirror, please consult:
 settings.mirror_settings.docs.more_information_if_disabled = You can find out more about push and pull mirrors here:
@@ -2179,7 +2209,6 @@ settings.advanced_settings = Advanced Settings
 settings.wiki_desc = Enable Repository Wiki
 settings.use_internal_wiki = Use Built-In Wiki
 settings.default_wiki_branch_name = Default Wiki Branch Name
-settings.default_permission_everyone_access = Default access permission for all signed-in users:
 settings.failed_to_change_default_wiki_branch = Failed to change the default wiki branch.
 settings.use_external_wiki = Use External Wiki
 settings.external_wiki_url = External Wiki URL
@@ -2224,7 +2253,7 @@ settings.admin_indexer_commit_sha = Last Indexed SHA
 settings.admin_indexer_unindexed = Unindexed
 settings.reindex_button = Add to Reindex Queue
 settings.reindex_requested=Reindex Requested
-settings.admin_enable_close_issues_via_commit_in_any_branch = Close an issue via a commit made in a non default branch
+settings.admin_enable_close_issues_via_commit_in_any_branch = Close an issue via a commit made in a non-default branch
 settings.danger_zone = Danger Zone
 settings.new_owner_has_same_repo = The new owner already has a repository with same name. Please choose another name.
 settings.convert = Convert to Regular Repository
@@ -2246,7 +2275,7 @@ settings.transfer_abort_invalid = You cannot cancel a non existent repository tr
 settings.transfer_abort_success = The repository transfer to %s was successfully canceled.
 settings.transfer_desc = Transfer this repository to a user or to an organization for which you have administrator rights.
 settings.transfer_form_title = Enter the repository name as confirmation:
-settings.transfer_in_progress = There is currently an ongoing transfer. Please cancel it if you will like to transfer this repository to another user.
+settings.transfer_in_progress = There is currently an ongoing transfer. Please cancel it if you would like to transfer this repository to another user.
 settings.transfer_notices_1 = - You will lose access to the repository if you transfer it to an individual user.
 settings.transfer_notices_2 = - You will keep access to the repository if you transfer it to an organization that you (co-)own.
 settings.transfer_notices_3 = - If the repository is private and is transferred to an individual user, this action makes sure that the user does have at least read permission (and changes permissions if necessary).
@@ -2261,13 +2290,13 @@ settings.trust_model.default = Default Trust Model
 settings.trust_model.default.desc= Use the default repository trust model for this installation.
 settings.trust_model.collaborator = Collaborator
 settings.trust_model.collaborator.long = Collaborator: Trust signatures by collaborators
-settings.trust_model.collaborator.desc = Valid signatures by collaborators of this repository will be marked "trusted" - (whether they match the committer or not). Otherwise, valid signatures will be marked "untrusted" if the signature matches the committer and "unmatched" if not.
+settings.trust_model.collaborator.desc = Valid signatures by collaborators of this repository will be marked "trusted", whether they match the committer or not. Otherwise, valid signatures will be marked "untrusted" if the signature matches the committer and "unmatched" if not.
 settings.trust_model.committer = Committer
-settings.trust_model.committer.long = Committer: Trust signatures that match committers (This matches GitHub and will force Gitea signed commits to have Gitea as the committer)
-settings.trust_model.committer.desc = Valid signatures will only be marked "trusted" if they match the committer, otherwise they will be marked "unmatched". This forces Gitea to be the committer on signed commits with the actual committer marked as Co-authored-by: and Co-committed-by: trailer in the commit. The default Gitea key must match a User in the database.
+settings.trust_model.committer.long = Committer: Trust signatures that match committers. This matches GitHub's behavior and will force commits signed by Gitea to have Gitea as the committer.
+settings.trust_model.committer.desc = Valid signatures will only be marked "trusted" if they match the committer, otherwise they will be marked "unmatched". This forces Gitea to be the committer on signed commits, with the actual committer marked as Co-authored-by: and Co-committed-by: trailer in the commit. The default Gitea key must match a user in the database.
 settings.trust_model.collaboratorcommitter = Collaborator+Committer
 settings.trust_model.collaboratorcommitter.long = Collaborator+Committer: Trust signatures by collaborators which match the committer
-settings.trust_model.collaboratorcommitter.desc = Valid signatures by collaborators of this repository will be marked "trusted" if they match the committer. Otherwise, valid signatures will be marked "untrusted" if the signature matches the committer and "unmatched" otherwise. This will force Gitea to be marked as the committer on signed commits with the actual committer marked as Co-Authored-By: and Co-Committed-By: trailer in the commit. The default Gitea key must match a User in the database.
+settings.trust_model.collaboratorcommitter.desc = Valid signatures by collaborators of this repository will be marked "trusted" if they match the committer. Otherwise, valid signatures will be marked "untrusted" if the signature matches the committer and "unmatched" otherwise. This will force Gitea to be marked as the committer on signed commits, with the actual committer marked as Co-Authored-By: and Co-Committed-By: trailer in the commit. The default Gitea key must match a user in the database.
 settings.wiki_delete = Delete Wiki Data
 settings.wiki_delete_desc = Deleting repository wiki data is permanent and cannot be undone.
 settings.wiki_delete_notices_1 = - This will permanently delete and disable the repository wiki for %s.
@@ -2276,7 +2305,7 @@ settings.wiki_deletion_success = The repository wiki data has been deleted.
 settings.delete = Delete This Repository
 settings.delete_desc = Deleting a repository is permanent and cannot be undone.
 settings.delete_notices_1 = - This operation <strong>CANNOT</strong> be undone.
-settings.delete_notices_2 = - This operation will permanently delete the <strong>%s</strong> repository including code, issues, comments, wiki data and collaborator settings.
+settings.delete_notices_2 = - This operation will permanently delete the <strong>%s</strong> repository, including code, issues, comments, wiki data and collaborator settings.
 settings.delete_notices_fork_1 = - Forks of this repository will become independent after deletion.
 settings.deletion_success = The repository has been deleted.
 settings.update_settings_success = The repository settings have been updated.
@@ -2298,8 +2327,8 @@ settings.team_not_in_organization = The team is not in the same organization as
 settings.teams = Teams
 settings.add_team = Add Team
 settings.add_team_duplicate = Team already has the repository
-settings.add_team_success = The team now have access to the repository.
-settings.change_team_permission_tip = Team's permission is set on the team setting page and can't be changed per repository
+settings.add_team_success = The team now has access to the repository.
+settings.change_team_permission_tip = Team's permission is set on the team settings page and can't be changed per repository
 settings.delete_team_tip = This team has access to all repositories and can't be removed
 settings.remove_team_success = The team's access to the repository has been removed.
 settings.add_webhook = Add Webhook
@@ -2308,8 +2337,8 @@ settings.hooks_desc = Webhooks automatically make HTTP POST requests to a server
 settings.webhook_deletion = Remove Webhook
 settings.webhook_deletion_desc = Removing a webhook deletes its settings and delivery history. Continue?
 settings.webhook_deletion_success = The webhook has been removed.
-settings.webhook.test_delivery = Test Delivery
-settings.webhook.test_delivery_desc = Test this webhook with a fake event.
+settings.webhook.test_delivery = Test Push Event
+settings.webhook.test_delivery_desc = Test this webhook with a fake push event.
 settings.webhook.test_delivery_desc_disabled = To test this webhook with a fake event, activate it.
 settings.webhook.request = Request
 settings.webhook.response = Response
@@ -2329,6 +2358,7 @@ settings.payload_url = Target URL
 settings.http_method = HTTP Method
 settings.content_type = POST Content Type
 settings.secret = Secret
+settings.webhook_secret_desc = If the webhook server supports using secret, you can follow the webhook's manual and fill in a secret here.
 settings.slack_username = Username
 settings.slack_icon_url = Icon URL
 settings.slack_color = Color
@@ -2358,7 +2388,7 @@ settings.event_repository = Repository
 settings.event_repository_desc = Repository created or deleted.
 settings.event_header_issue = Issue Events
 settings.event_issues = Issues
-settings.event_issues_desc = Issue opened, closed, reopened, or edited.
+settings.event_issues_desc = Issue opened, closed, reopened, edited or deleted.
 settings.event_issue_assign = Issue Assigned
 settings.event_issue_assign_desc = Issue assigned or unassigned.
 settings.event_issue_label = Issue Labeled
@@ -2369,7 +2399,7 @@ settings.event_issue_comment = Issue Comment
 settings.event_issue_comment_desc = Issue comment created, edited, or deleted.
 settings.event_header_pull_request = Pull Request Events
 settings.event_pull_request = Pull Request
-settings.event_pull_request_desc = Pull request opened, closed, reopened, or edited.
+settings.event_pull_request_desc = Pull request opened, closed, reopened, edited or deleted.
 settings.event_pull_request_assign = Pull Request Assigned
 settings.event_pull_request_assign_desc = Pull request assigned or unassigned.
 settings.event_pull_request_label = Pull Request Labeled
@@ -2387,6 +2417,8 @@ settings.event_pull_request_review_request_desc = Pull request review requested
 settings.event_pull_request_approvals = Pull Request Approvals
 settings.event_pull_request_merge = Pull Request Merge
 settings.event_header_workflow = Workflow Events
+settings.event_workflow_run = Workflow Run
+settings.event_workflow_run_desc = Gitea Actions Workflow run queued, waiting, in progress, or completed.
 settings.event_workflow_job = Workflow Jobs
 settings.event_workflow_job_desc = Gitea Actions Workflow job queued, waiting, in progress, or completed.
 settings.event_package = Package
@@ -2512,7 +2544,7 @@ settings.block_on_official_review_requests_desc = Merging will not be possible w
 settings.block_outdated_branch = Block merge if pull request is outdated
 settings.block_outdated_branch_desc = Merging will not be possible when head branch is behind base branch.
 settings.block_admin_merge_override = Administrators must follow branch protection rules
-settings.block_admin_merge_override_desc = Administrators must follow branch protection rules and can not circumvent it.
+settings.block_admin_merge_override_desc = Administrators must follow branch protection rules and cannot circumvent it.
 settings.default_branch_desc = Select a default repository branch for pull requests and code commits:
 settings.merge_style_desc = Merge Styles
 settings.default_merge_style_desc = Default Merge Style
@@ -2539,10 +2571,10 @@ settings.matrix.homeserver_url = Homeserver URL
 settings.matrix.room_id = Room ID
 settings.matrix.message_type = Message Type
 settings.visibility.private.button = Make Private
-settings.visibility.private.text = Changing the visibility to private will not only make the repo visible to only allowed members but may remove the relation between it and forks, watchers, and stars.
+settings.visibility.private.text = Changing the visibility to private will make the repo visible only to allowed members and may remove the relationship between it and existing forks, watchers, and stars.
 settings.visibility.private.bullet_title = <strong>Changing the visibility to private will:</strong>
-settings.visibility.private.bullet_one = Make the repo visible to only allowed members.
-settings.visibility.private.bullet_two = May remove the relation between it and <strong>forks</strong>, <strong>watchers</strong>, and <strong>stars</strong>.
+settings.visibility.private.bullet_one = Make the repo visible only to allowed members.
+settings.visibility.private.bullet_two = May remove the relationship between it and <strong>forks</strong>, <strong>watchers</strong>, and <strong>stars</strong>.
 settings.visibility.public.button = Make Public
 settings.visibility.public.text = Changing the visibility to public will make the repo visible to anyone.
 settings.visibility.public.bullet_title= <strong>Changing the visibility to public will:</strong>
@@ -2561,7 +2593,7 @@ settings.archive.tagsettings_unavailable = Tag settings are not available if the
 settings.archive.mirrors_unavailable = Mirrors are not available if the repo is archived.
 settings.unarchive.button = Unarchive repo
 settings.unarchive.header = Unarchive this repo
-settings.unarchive.text = Unarchiving the repo will restore its ability to receive commits and pushes, as well as new issues and pull-requests.
+settings.unarchive.text = Unarchiving the repo will restore its ability to receive commits and pushes, as well as new issues and pull requests.
 settings.unarchive.success = The repo was successfully unarchived.
 settings.unarchive.error = An error occurred while trying to unarchive the repo. See the log for more details.
 settings.update_avatar_success = The repository avatar has been updated.
@@ -2579,11 +2611,11 @@ settings.lfs_invalid_locking_path=Invalid path: %s
 settings.lfs_invalid_lock_directory=Cannot lock directory: %s
 settings.lfs_lock_already_exists=Lock already exists: %s
 settings.lfs_lock=Lock
-settings.lfs_lock_path=Filepath to lock...
+settings.lfs_lock_path=Filepath to lock…
 settings.lfs_locks_no_locks=No Locks
 settings.lfs_lock_file_no_exist=Locked file does not exist in default branch
 settings.lfs_force_unlock=Force Unlock
-settings.lfs_pointers.found=Found %d blob pointer(s) - %d associated, %d unassociated (%d missing from store)
+settings.lfs_pointers.found=Found %d blob pointer(s) — %d associated, %d unassociated (%d missing from store)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=In Repo
@@ -2724,6 +2756,7 @@ branch.restore_success = Branch "%s" has been restored.
 branch.restore_failed = Failed to restore branch "%s".
 branch.protected_deletion_failed = Branch "%s" is protected. It cannot be deleted.
 branch.default_deletion_failed = Branch "%s" is the default branch. It cannot be deleted.
+branch.default_branch_not_exist = Default branch "%s" does not exist.
 branch.restore = Restore Branch "%s"
 branch.download = Download Branch "%s"
 branch.rename = Rename Branch "%s"
@@ -2740,6 +2773,8 @@ branch.new_branch_from = Create new branch from "%s"
 branch.renamed = Branch %s was renamed to %s.
 branch.rename_default_or_protected_branch_error = Only admins can rename default or protected branches.
 branch.rename_protected_branch_failed = This branch is protected by glob-based protection rules.
+branch.commits_divergence_from = Commit divergence: %[1]d behind and %[2]d ahead of %[3]s
+branch.commits_no_divergence = The same as branch %[1]s
 
 tag.create_tag = Create tag %s
 tag.create_tag_operation = Create tag
@@ -2753,6 +2788,7 @@ topic.done = Done
 topic.count_prompt = You cannot select more than 25 topics
 topic.format_prompt = Topics must start with a letter or number, can include dashes ('-') and dots ('.'), can be up to 35 characters long. Letters must be lowercase.
 
+find_file.follow_symlink= Follow this symlink to where it is pointing at
 find_file.go_to_file = Go to file
 find_file.no_matching = No matching file found
 
@@ -2762,7 +2798,7 @@ error.csv.invalid_field_count = Can't render this file because it has a wrong nu
 error.broken_git_hook = Git hooks of this repository seem to be broken. Please follow the <a target="_blank" rel="noreferrer" href="%s">documentation</a> to fix them, then push some commits to refresh the status.
 
 [graphs]
-component_loading = Loading %s...
+component_loading = Loading %s…
 component_loading_failed = Could not load %s
 component_loading_info = This might take a bit…
 component_failed_to_load = An unexpected error happened.
@@ -2793,6 +2829,7 @@ team_permission_desc = Permission
 team_unit_desc = Allow Access to Repository Sections
 team_unit_disabled = (Disabled)
 
+form.name_been_taken = The organization name "%s" has already been taken.
 form.name_reserved = The organization name "%s" is reserved.
 form.name_pattern_not_allowed = The pattern "%s" is not allowed in an organization name.
 form.create_org_not_allowed = You are not allowed to create an organization.
@@ -2800,7 +2837,7 @@ form.create_org_not_allowed = You are not allowed to create an organization.
 settings = Settings
 settings.options = Organization
 settings.full_name = Full Name
-settings.email = Contact Email
+settings.email = Contact Email Address
 settings.website = Website
 settings.location = Location
 settings.permission = Permissions
@@ -2814,15 +2851,28 @@ settings.visibility.private_shortname = Private
 
 settings.update_settings = Update Settings
 settings.update_setting_success = Organization settings have been updated.
-settings.change_orgname_prompt = Note: Changing the organization name will also change your organization's URL and free the old name.
-settings.change_orgname_redirect_prompt = The old name will redirect until it is claimed.
+
+settings.rename = Rename Organization
+settings.rename_desc = Changing the organization name will also change your organization's URL and free the old name.
+settings.rename_success = Organization %[1]s has been renamed to %[2]s successfully.
+settings.rename_no_change = Organization name is not changed.
+settings.rename_new_org_name = New Organization Name
+settings.rename_failed = Renaming organization failed because of an internal error
+settings.rename_notices_1 = This operation <strong>CANNOT</strong> be undone.
+settings.rename_notices_2 = The old name will redirect until it is claimed.
+
 settings.update_avatar_success = The organization's avatar has been updated.
 settings.delete = Delete Organization
 settings.delete_account = Delete This Organization
 settings.delete_prompt = The organization will be permanently removed. This <strong>CANNOT</strong> be undone!
+settings.name_confirm = Enter the organization name as confirmation:
+settings.delete_notices_1 = This operation <strong>CANNOT</strong> be undone.
+settings.delete_notices_2 = This operation will permanently delete all the <strong>repositories</strong> of <strong>%s</strong>, including code, issues, comments, wiki data and collaborator settings.
+settings.delete_notices_3 = This operation will permanently delete all the <strong>packages</strong> of <strong>%s</strong>.
+settings.delete_notices_4 = This operation will permanently delete all the <strong>projects</strong> of <strong>%s</strong>.
 settings.confirm_delete_account = Confirm Deletion
-settings.delete_org_title = Delete Organization
-settings.delete_org_desc = This organization will be deleted permanently. Continue?
+settings.delete_failed = Deleting organization failed due to an internal error
+settings.delete_successful = Organization <b>%s</b> has been deleted successfully.
 settings.hooks_desc = Add webhooks which will be triggered for <strong>all repositories</strong> under this organization.
 
 settings.labels_desc = Add labels which can be used on issues for <strong>all repositories</strong> under this organization.
@@ -2878,7 +2928,7 @@ teams.remove_all_repos_title = Remove all team repositories
 teams.remove_all_repos_desc = This will remove all repositories from the team.
 teams.add_all_repos_title = Add all repositories
 teams.add_all_repos_desc = This will add all the organization's repositories to the team.
-teams.add_nonexistent_repo = "The repository you're trying to add doesn't exist, please create it first."
+teams.add_nonexistent_repo = "The repository you're trying to add doesn't exist. Please create it first."
 teams.add_duplicate_users = User is already a team member.
 teams.repos.none = No repositories could be accessed by this team.
 teams.members.none = No members on this team.
@@ -2919,7 +2969,7 @@ repositories = Repositories
 hooks = Webhooks
 integrations = Integrations
 authentication = Authentication Sources
-emails = User Emails
+emails = User Email Addresses
 config = Configuration
 config_summary = Summary
 config_settings = Settings
@@ -2951,11 +3001,11 @@ dashboard.cron.cancelled=Cron: %[1]s canceled: %[3]s
 dashboard.cron.error=Error in Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s has finished
 dashboard.delete_inactive_accounts = Delete all unactivated accounts
-dashboard.delete_inactive_accounts.started = Delete all unactivated accounts task started.
+dashboard.delete_inactive_accounts.started = Task to delete all unactivated accounts started
 dashboard.delete_repo_archives = "Delete all repositories' archives (ZIP, TAR.GZ, etc..)"
-dashboard.delete_repo_archives.started = Delete all repository archives task started.
+dashboard.delete_repo_archives.started = Task to delete all repository archives started
 dashboard.delete_missing_repos = Delete all repositories missing their Git files
-dashboard.delete_missing_repos.started = Delete all repositories missing their Git files task started.
+dashboard.delete_missing_repos.started = Task to delete all repositories missing their Git files started
 dashboard.delete_generated_repository_avatars = Delete generated repository avatars
 dashboard.sync_repo_branches = Sync missed branches from git data to databases
 dashboard.sync_repo_tags = Sync tags from git data to database
@@ -2963,17 +3013,17 @@ dashboard.update_mirrors = Update Mirrors
 dashboard.repo_health_check = Health check all repositories
 dashboard.check_repo_stats = Check all repository statistics
 dashboard.archive_cleanup = Delete old repository archives
-dashboard.deleted_branches_cleanup = Clean-up deleted branches
+dashboard.deleted_branches_cleanup = Clean up deleted branches
 dashboard.update_migration_poster_id = Update migration poster IDs
-dashboard.git_gc_repos = Garbage collect all repositories
-dashboard.resync_all_sshkeys = Update the '.ssh/authorized_keys' file with Gitea SSH keys.
-dashboard.resync_all_sshprincipals = Update the '.ssh/authorized_principals' file with Gitea SSH principals.
-dashboard.resync_all_hooks = Resynchronize pre-receive, update and post-receive hooks of all repositories.
+dashboard.git_gc_repos = Garbage-collect all repositories
+dashboard.resync_all_sshkeys = Update the '.ssh/authorized_keys' file with Gitea SSH keys
+dashboard.resync_all_sshprincipals = Update the '.ssh/authorized_principals' file with Gitea SSH principals
+dashboard.resync_all_hooks = Resynchronize pre-receive, update and post-receive hooks of all repositories
 dashboard.reinit_missing_repos = Reinitialize all missing Git repositories for which records exist
 dashboard.sync_external_users = Synchronize external user data
-dashboard.cleanup_hook_task_table = Cleanup hook_task table
-dashboard.cleanup_packages = Cleanup expired packages
-dashboard.cleanup_actions = Cleanup expired actions resources
+dashboard.cleanup_hook_task_table = Clean up hook_task table
+dashboard.cleanup_packages = Clean up expired packages
+dashboard.cleanup_actions = Clean up expired actions' resources
 dashboard.server_uptime = Server Uptime
 dashboard.current_goroutine = Current Goroutines
 dashboard.current_memory_usage = Current Memory Usage
@@ -3004,10 +3054,10 @@ dashboard.total_gc_pause = Total GC Pause
 dashboard.last_gc_pause = Last GC Pause
 dashboard.gc_times = GC Times
 dashboard.delete_old_actions = Delete all old activities from database
-dashboard.delete_old_actions.started = Delete all old activities from database started.
+dashboard.delete_old_actions.started = Deletion of all old activities from database started
 dashboard.update_checker = Update checker
 dashboard.delete_old_system_notices = Delete all old system notices from database
-dashboard.gc_lfs = Garbage collect LFS meta objects
+dashboard.gc_lfs = Garbage-collect LFS meta objects
 dashboard.stop_zombie_tasks = Stop actions zombie tasks
 dashboard.stop_endless_tasks = Stop actions endless tasks
 dashboard.cancel_abandoned_jobs = Cancel actions abandoned jobs
@@ -3031,7 +3081,7 @@ users.2fa = 2FA
 users.repos = Repos
 users.created = Created
 users.last_login = Last Sign-In
-users.never_login = Never Signed-In
+users.never_login = Never Signed In
 users.send_register_notify = Send User Registration Notification
 users.new_success = The user account "%s" has been created.
 users.edit = Edit
@@ -3058,7 +3108,7 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.purge = Purge User
 users.purge_help = Forcibly delete user and any repositories, organizations, and packages owned by the user. All comments will be deleted too.
-users.still_own_packages = This user still owns one or more packages, delete these packages first.
+users.still_own_packages = This user still owns one or more packages. Delete these packages first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
 users.list_status_filter.menu_text = Filter
@@ -3078,11 +3128,11 @@ users.details = User Details
 emails.email_manage_panel = User Email Management
 emails.primary = Primary
 emails.activated = Activated
-emails.filter_sort.email = Email
-emails.filter_sort.email_reverse = Email (reverse)
-emails.filter_sort.name = User Name
-emails.filter_sort.name_reverse = User Name (reverse)
-emails.updated = Email updated
+emails.filter_sort.email = Email address
+emails.filter_sort.email_reverse = Email address (reverse)
+emails.filter_sort.name = Username
+emails.filter_sort.name_reverse = Username (reverse)
+emails.updated = Email address updated
 emails.not_updated = Failed to update the requested email address: %v
 emails.duplicate_active = This email address is already active for a different user.
 emails.change_email_header = Update Email Properties
@@ -3090,7 +3140,7 @@ emails.change_email_text = Are you sure you want to update this email address?
 emails.delete = Delete Email
 emails.delete_desc = Are you sure you want to delete this email address?
 emails.deletion_success = The email address has been deleted.
-emails.delete_primary_email_error = You can not delete the primary email.
+emails.delete_primary_email_error = You cannot delete the primary email address.
 
 orgs.org_manage_panel = Organization Management
 orgs.name = Name
@@ -3204,27 +3254,29 @@ auths.oauth2_required_claim_name_helper = Set this name to restrict login from t
 auths.oauth2_required_claim_value = Required Claim Value
 auths.oauth2_required_claim_value_helper = Set this value to restrict login from this source to users with a claim with this name and value
 auths.oauth2_group_claim_name = Claim name providing group names for this source. (Optional)
-auths.oauth2_admin_group = Group Claim value for administrator users. (Optional - requires claim name above)
-auths.oauth2_restricted_group = Group Claim value for restricted users. (Optional - requires claim name above)
-auths.oauth2_map_group_to_team = Map claimed groups to Organization teams. (Optional - requires claim name above)
+auths.oauth2_full_name_claim_name = Full Name Claim Name. (Optional — if set, the user's full name will always be synchronized with this claim)
+auths.oauth2_ssh_public_key_claim_name = SSH Public Key Claim Name
+auths.oauth2_admin_group = Group Claim value for administrator users. (Optional — requires claim name above)
+auths.oauth2_restricted_group = Group Claim value for restricted users. (Optional — requires claim name above)
+auths.oauth2_map_group_to_team = Map claimed groups to Organization teams. (Optional — requires claim name above)
 auths.oauth2_map_group_to_team_removal = Remove users from synchronized teams if user does not belong to corresponding group.
 auths.enable_auto_register = Enable Auto Registration
 auths.sspi_auto_create_users = Automatically create users
-auths.sspi_auto_create_users_helper = Allow SSPI auth method to automatically create new accounts for users that login for the first time
+auths.sspi_auto_create_users_helper = Allow SSPI auth method to automatically create new accounts for users that log in for the first time
 auths.sspi_auto_activate_users = Automatically activate users
 auths.sspi_auto_activate_users_helper = Allow SSPI auth method to automatically activate new users
 auths.sspi_strip_domain_names = Remove domain names from usernames
-auths.sspi_strip_domain_names_helper = If checked, domain names will be removed from logon names (eg. "DOMAIN\user" and "user@example.org" both will become just "user").
+auths.sspi_strip_domain_names_helper = If checked, domain names will be removed from logon names (e.g. "DOMAIN\user" and "user@example.org" both will become just "user").
 auths.sspi_separator_replacement = Separator to use instead of \, / and @
-auths.sspi_separator_replacement_helper = The character to use to replace the separators of down-level logon names (eg. the \ in "DOMAIN\user") and user principal names (eg. the @ in "user@example.org").
+auths.sspi_separator_replacement_helper = The character to use to replace the separators of down-level logon names (e.g. the \ in "DOMAIN\user") and user principal names (e.g. the @ in "user@example.org").
 auths.sspi_default_language = Default user language
-auths.sspi_default_language_helper = Default language for users automatically created by SSPI auth method. Leave empty if you prefer language to be automatically detected.
+auths.sspi_default_language_helper = Default language for users automatically created by SSPI auth method. Leave empty if you prefer the language to be automatically detected.
 auths.tips = Tips
 auths.tips.oauth2.general = OAuth2 Authentication
 auths.tips.oauth2.general.tip = When registering a new OAuth2 authentication, the callback/redirect URL should be:
 auths.tip.oauth2_provider = OAuth2 Provider
 auths.tip.bitbucket = Register a new OAuth consumer on %s and add the permission 'Account' - 'Read'
-auths.tip.nextcloud = Register a new OAuth consumer on your instance using the following menu "Settings -> Security -> OAuth 2.0 client"
+auths.tip.nextcloud = Register a new OAuth consumer on your instance by selecting "Settings -> Security -> OAuth 2.0 client" in the menu
 auths.tip.dropbox = Create a new application at %s
 auths.tip.facebook = Register a new application at %s and add the product "Facebook Login"
 auths.tip.github = Register a new OAuth application on %s
@@ -3277,8 +3329,6 @@ config.ssh_domain = SSH Server Domain
 config.ssh_port = Port
 config.ssh_listen_port = Listen Port
 config.ssh_root_path = Root Path
-config.ssh_key_test_path = Key Test Path
-config.ssh_keygen_path = Keygen ('ssh-keygen') Path
 config.ssh_minimum_key_size_check = Minimum Key Size Check
 config.ssh_minimum_key_sizes = Minimum Key Sizes
 
@@ -3336,7 +3386,7 @@ config.mailer_sendmail_path = Sendmail Path
 config.mailer_sendmail_args = Extra Arguments to Sendmail
 config.mailer_sendmail_timeout = Sendmail Timeout
 config.mailer_use_dummy = Dummy
-config.test_email_placeholder = Email (e.g. test@example.com)
+config.test_email_placeholder = Email Address (e.g. test@example.com)
 config.send_test_mail = Send Testing Email
 config.send_test_mail_submit = Send
 config.test_mail_failed = Failed to send a testing email to "%s": %v
@@ -3410,7 +3460,7 @@ monitor.start = Start Time
 monitor.execute_time = Execution Time
 monitor.last_execution_result = Result
 monitor.process.cancel = Cancel process
-monitor.process.cancel_desc = Cancelling a process may cause data loss
+monitor.process.cancel_desc = Canceling a process may cause data loss
 monitor.process.children = Children
 
 monitor.queues = Queues
@@ -3425,7 +3475,7 @@ monitor.queue.numberinqueue = Number in Queue
 monitor.queue.review_add = Review / Add Workers
 monitor.queue.settings.title = Pool Settings
 monitor.queue.settings.desc = Pools dynamically grow in response to their worker queue blocking.
-monitor.queue.settings.maxnumberworkers = Max Number of workers
+monitor.queue.settings.maxnumberworkers = Max number of workers
 monitor.queue.settings.maxnumberworkers.placeholder = Currently %[1]d
 monitor.queue.settings.maxnumberworkers.error = Max number of workers must be a number
 monitor.queue.settings.submit = Update Settings
@@ -3451,10 +3501,10 @@ notices.delete_success = The system notices have been deleted.
 self_check.no_problem_found = No problem found yet.
 self_check.startup_warnings = Startup warnings:
 self_check.database_collation_mismatch = Expect database to use collation: %s
-self_check.database_collation_case_insensitive = Database is using a collation %s, which is an insensitive collation. Although Gitea could work with it, there might be some rare cases which don't work as expected.
-self_check.database_inconsistent_collation_columns = Database is using collation %s, but these columns are using mismatched collations. It might cause some unexpected problems.
-self_check.database_fix_mysql = For MySQL/MariaDB users, you could use the "gitea doctor convert" command to fix the collation problems, or you could also fix the problem by "ALTER ... COLLATE ..." SQLs manually.
-self_check.database_fix_mssql = For MSSQL users, you could only fix the problem by "ALTER ... COLLATE ..." SQLs manually at the moment.
+self_check.database_collation_case_insensitive = Database is using collation %s, which is a case-insensitive collation. Although Gitea could work with it, there might be some rare cases which don't work as expected.
+self_check.database_inconsistent_collation_columns = Database is using collation %s, but these columns are using mismatched collations. This might cause some unexpected problems.
+self_check.database_fix_mysql = For MySQL/MariaDB users, you could use the "gitea doctor convert" command to fix the collation problems, or you could also fix the problem manually with "ALTER ... COLLATE ..." SQL queries.
+self_check.database_fix_mssql = For MSSQL users, you could only fix the problem manually with "ALTER ... COLLATE ..." SQL queries at the moment.
 self_check.location_origin_mismatch = Current URL (%[1]s) doesn't match the URL seen by Gitea (%[2]s). If you are using a reverse proxy, please make sure the "Host" and "X-Forwarded-Proto" headers are set correctly.
 
 [action]
@@ -3538,8 +3588,8 @@ error.no_committer_account = No account linked to committer's email address
 error.no_gpg_keys_found = "No known key found for this signature in database"
 error.not_signed_commit = "Not a signed commit"
 error.failed_retrieval_gpg_keys = "Failed to retrieve any key attached to the committer's account"
-error.probable_bad_signature = "WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS."
-error.probable_bad_default_signature = "WARNING! Although the default key has this ID it does not verify this commit! This commit is SUSPICIOUS."
+error.probable_bad_signature = "WARNING! Although there is a key with this ID in the database, it does not verify this commit! This commit is SUSPICIOUS."
+error.probable_bad_default_signature = "WARNING! Although the default key has this ID, it does not verify this commit! This commit is SUSPICIOUS."
 
 [units]
 unit = Unit
@@ -3578,7 +3628,7 @@ versions.view_all = View all
 dependency.id = ID
 dependency.version = Version
 search_in_external_registry = Search in %s
-alpine.registry = Setup this registry by adding the url in your <code>/etc/apk/repositories</code> file:
+alpine.registry = Set up this registry by adding the URL in your <code>/etc/apk/repositories</code> file:
 alpine.registry.key = Download the registry public RSA key into the <code>/etc/apk/keys/</code> folder to verify the index signature:
 alpine.registry.info = Choose $branch and $repository from the list below.
 alpine.install = To install the package, run the following command:
@@ -3591,18 +3641,18 @@ arch.install = Sync package with pacman:
 arch.repository = Repository Info
 arch.repository.repositories = Repositories
 arch.repository.architectures = Architectures
-cargo.registry = Setup this registry in the Cargo configuration file (for example <code>~/.cargo/config.toml</code>):
+cargo.registry = Set up this registry in the Cargo configuration file (for example <code>~/.cargo/config.toml</code>):
 cargo.install = To install the package using Cargo, run the following command:
-chef.registry = Setup this registry in your <code>~/.chef/config.rb</code> file:
+chef.registry = Set up this registry in your <code>~/.chef/config.rb</code> file:
 chef.install = To install the package, run the following command:
-composer.registry = Setup this registry in your <code>~/.composer/config.json</code> file:
+composer.registry = Set up this registry in your <code>~/.composer/config.json</code> file:
 composer.install = To install the package using Composer, run the following command:
 composer.dependencies = Dependencies
 composer.dependencies.development = Development Dependencies
 conan.details.repository = Repository
-conan.registry = Setup this registry from the command line:
+conan.registry = Set up this registry from the command line:
 conan.install = To install the package using Conan, run the following command:
-conda.registry = Setup this registry as a Conda repository in your <code>.condarc</code> file:
+conda.registry = Set up this registry as a Conda repository in your <code>.condarc</code> file:
 conda.install = To install the package using Conda, run the following command:
 container.details.type = Image Type
 container.details.platform = Platform
@@ -3614,9 +3664,9 @@ container.layers = Image Layers
 container.labels = Labels
 container.labels.key = Key
 container.labels.value = Value
-cran.registry = Setup this registry in your <code>Rprofile.site</code> file:
+cran.registry = Set up this registry in your <code>Rprofile.site</code> file:
 cran.install = To install the package, run the following command:
-debian.registry = Setup this registry from the command line:
+debian.registry = Set up this registry from the command line:
 debian.registry.info = Choose $distribution and $component from the list below.
 debian.install = To install the package, run the following command:
 debian.repository = Repository Info
@@ -3625,16 +3675,16 @@ debian.repository.components = Components
 debian.repository.architectures = Architectures
 generic.download = Download package from the command line:
 go.install = Install the package from the command line:
-helm.registry = Setup this registry from the command line:
+helm.registry = Set up this registry from the command line:
 helm.install = To install the package, run the following command:
-maven.registry = Setup this registry in your project <code>pom.xml</code> file:
-maven.install = To use the package include the following in the <code>dependencies</code> block in the <code>pom.xml</code> file:
+maven.registry = Set up this registry in your project <code>pom.xml</code> file:
+maven.install = To use the package, include the following in the <code>dependencies</code> block in the <code>pom.xml</code> file:
 maven.install2 = Run via command line:
 maven.download = To download the dependency, run via command line:
-nuget.registry = Setup this registry from the command line:
+nuget.registry = Set up this registry from the command line:
 nuget.install = To install the package using NuGet, run the following command:
 nuget.dependency.framework = Target Framework
-npm.registry = Setup this registry in your project <code>.npmrc</code> file:
+npm.registry = Set up this registry in your project <code>.npmrc</code> file:
 npm.install = To install the package using npm, run the following command:
 npm.install2 = or add it to the package.json file:
 npm.dependencies = Dependencies
@@ -3646,7 +3696,7 @@ npm.details.tag = Tag
 pub.install = To install the package using Dart, run the following command:
 pypi.requires = Requires Python
 pypi.install = To install the package using pip, run the following command:
-rpm.registry = Setup this registry from the command line:
+rpm.registry = Set up this registry from the command line:
 rpm.distros.redhat = on RedHat based distributions
 rpm.distros.suse = on SUSE based distributions
 rpm.install = To install the package, run the following command:
@@ -3659,7 +3709,7 @@ rubygems.dependencies.runtime = Runtime Dependencies
 rubygems.dependencies.development = Development Dependencies
 rubygems.required.ruby = Requires Ruby version
 rubygems.required.rubygems = Requires RubyGem version
-swift.registry = Setup this registry from the command line:
+swift.registry = Set up this registry from the command line:
 swift.install = Add the package in your <code>Package.swift</code> file:
 swift.install2 = and run the following command:
 vagrant.install = To add a Vagrant box, run the following command:
@@ -3682,7 +3732,7 @@ owner.settings.cargo.initialize.success = The Cargo index was successfully creat
 owner.settings.cargo.rebuild = Rebuild Index
 owner.settings.cargo.rebuild.description = Rebuilding can be useful if the index is not synchronized with the stored Cargo packages.
 owner.settings.cargo.rebuild.error = Failed to rebuild Cargo index: %v
-owner.settings.cargo.rebuild.success = The Cargo index was successfully rebuild.
+owner.settings.cargo.rebuild.success = The Cargo index was successfully rebuilt.
 owner.settings.cleanuprules.title = Manage Cleanup Rules
 owner.settings.cleanuprules.add = Add Cleanup Rule
 owner.settings.cleanuprules.edit = Edit Cleanup Rule
@@ -3711,13 +3761,18 @@ owner.settings.chef.keypair.description = A key pair is necessary to authenticat
 secrets = Secrets
 description = Secrets will be passed to certain actions and cannot be read otherwise.
 none = There are no secrets yet.
-creation = Add Secret
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description = Description
 creation.name_placeholder = case-insensitive, alphanumeric characters or underscores only, cannot start with GITEA_ or GITHUB_
 creation.value_placeholder = Input any content. Whitespace at the start and end will be omitted.
 creation.description_placeholder = Enter short description (optional).
-creation.success = The secret "%s" has been added.
-creation.failed = Failed to add secret.
+
+save_success = The secret "%s" has been saved.
+save_failed = Failed to save secret.
+
+add_secret = Add secret
+edit_secret = Edit secret
 deletion = Remove secret
 deletion.description = Removing a secret is permanent and cannot be undone. Continue?
 deletion.success = The secret has been removed.
@@ -3765,7 +3820,7 @@ runners.delete_runner = Delete this runner
 runners.delete_runner_success = Runner deleted successfully
 runners.delete_runner_failed = Failed to delete runner
 runners.delete_runner_header = Confirm to delete this runner
-runners.delete_runner_notice = If a task is running on this runner, it will be terminated and mark as failed. It may break building workflow.
+runners.delete_runner_notice = If a task is running on this runner, it will be terminated and marked as failed. It may break building workflow.
 runners.none = No runners available
 runners.status.unspecified = Unknown
 runners.status.idle = Idle
@@ -3795,6 +3850,11 @@ runs.no_workflows.documentation = For more information on Gitea Actions, see <a
 runs.no_runs = The workflow has no runs yet.
 runs.empty_commit_message = (empty commit message)
 runs.expire_log_message = Logs have been purged because they were too old.
+runs.delete = Delete workflow run
+runs.cancel = Cancel workflow run
+runs.delete.description = Are you sure you want to permanently delete this workflow run? This action cannot be undone.
+runs.not_done = This workflow run is not done.
+runs.view_workflow_file = View workflow file
 
 workflow.disable = Disable Workflow
 workflow.disable_success = Workflow '%s' disabled successfully.
@@ -3834,6 +3894,8 @@ deleted.display_name = Deleted Project
 type-1.display_name = Individual Project
 type-2.display_name = Repository Project
 type-3.display_name = Organization Project
+enter_fullscreen = Fullscreen
+exit_fullscreen = Exit Fullscreen
 
 [git.filemode]
 changed_filemode = %[1]s → %[2]s
diff --git a/options/locale/locale_es-ES.ini b/options/locale/locale_es-ES.ini
index debf9a6f5d..0f24e6227f 100644
--- a/options/locale/locale_es-ES.ini
+++ b/options/locale/locale_es-ES.ini
@@ -42,7 +42,6 @@ webauthn_use_twofa=Utilice un código de doble factor desde su teléfono móvil
 webauthn_error=No se pudo leer su llave de seguridad.
 webauthn_unsupported_browser=Su navegador no soporta actualmente WebAuthn.
 webauthn_error_unknown=Ha ocurrido un error desconocido. Por favor, inténtelo de nuevo.
-webauthn_error_insecure=`WebAuthn sólo soporta conexiones seguras. Para probar sobre HTTP, puede utilizar el origen "localhost" o "127.0.0.1"`
 webauthn_error_unable_to_process=El servidor no pudo procesar su solicitud.
 webauthn_error_duplicated=La clave de seguridad no está permitida para esta solicitud. Por favor, asegúrese de que la clave no está ya registrada.
 webauthn_error_empty=Debe establecer un nombre para esta clave.
@@ -179,8 +178,6 @@ buttons.enable_monospace_font=Activar fuente monoespaciada
 buttons.disable_monospace_font=Desactivar fuente monoespaciada
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Ha ocurrido un error
@@ -213,16 +210,10 @@ path=Ruta
 sqlite_helper=Ruta del archivo de la base de datos SQLite3.<br>Escriba una ruta de acceso absoluta si ejecuta Gitea como servicio.
 reinstall_error=Usted está intentando instalar en una base de datos de Gitea existente
 reinstall_confirm_message=Reinstalar con una base de datos de Gitea existente puede causar múltiples problemas. En la mayoría de los casos, debería utilizar su actual "app.ini" para ejecutar Gitea. Si sabe lo que está haciendo, confirme lo siguiente:
-reinstall_confirm_check_1=Los datos cifrados por el SECRET_KEY en el app.ini puede perderse: es posible que los usuarios no puedan iniciar sesión con 2FA/OTP & réplicas no funcionen correctamente. Marcando esta casilla confirma que el archivo app.ini actual contiene el SECRET_KEY.
-reinstall_confirm_check_2=Es posible que los repositorios y configuraciones tengan que volver a sincronizarse. Al marcar esta casilla confirma que resincronizará manualmente los ganchos de los repositorios y el archivo authorized_keys. Confirma que se asegurará de que la configuración del repositorio y la réplica son correctas.
 reinstall_confirm_check_3=Confirma que está absolutamente seguro de que este Gitea se está ejecutando con el app.ini correcto y que está seguro de que tiene que volver a instalar. Confirma que reconoce los riesgos anteriores.
 err_empty_db_path=La ruta a la base de datos SQLite3 no puede estar vacía.
 no_admin_and_disable_registration=No puede deshabilitar el auto-registro sin crear una cuenta de administrador.
 err_empty_admin_password=La contraseña del administrador no puede estar vacía.
-err_empty_admin_email=El correo electrónico del administrador no puede estar vacío.
-err_admin_name_is_reserved=Nombre de usuario del administrador no es válido, el nombre de usuario está reservado
-err_admin_name_pattern_not_allowed=El nombre de usuario del administrador no es válido, el nombre de usuario coincide con un patrón reservado
-err_admin_name_is_invalid=Nombre de usuario del administrador no es válido
 
 general_title=Configuración general
 app_name=Título del sitio
@@ -238,7 +229,6 @@ domain_helper=Dominio o dirección de host para el servidor.
 ssh_port=Puerto de servidor SSH
 ssh_port_helper=Número de puerto en el que está escuchando su servidor SSH. Déjelo vacío para deshabilitarlo.
 http_port=Puerto de escucha HTTP de Gitea
-http_port_helper=Número de puerto en el que escuchará el servidor web de Gitea.
 app_url=URL base de Gitea
 app_url_helper=Dirección base para URLs de clonación HTTP(S) y notificaciones de correo electrónico.
 log_root_path=Ruta del registro
@@ -301,7 +291,6 @@ no_reply_address=Dominio de correos electrónicos ocultos
 no_reply_address_helper=Nombre de dominio para usuarios con dirección de correo electrónico oculta. Por ejemplo, el usuario 'joe' quedará registrado en Git como 'joe@noreply.example.org' si el dominio de correo electrónico oculto se establece a 'noreply.example.org'.
 password_algorithm=Algoritmo Hash de Contraseña
 invalid_password_algorithm=Algoritmo hash de contraseña no válido
-password_algorithm_helper=Establece el algoritmo de hashing de contraseña. Los algoritmos tienen diferentes requisitos y fuerza. El algoritmo argon2 es bastante seguro, pero usa mucha memoria y puede ser inapropiado para sistemas pequeños.
 enable_update_checker=Activar comprobador de actualizaciones
 enable_update_checker_helper=Comprueba el lanzamiento de nuevas versiones periódicamente en gitea.io.
 env_config_keys=Configuración del entorno
@@ -358,8 +347,6 @@ allow_password_change=Obligar al usuario a cambiar la contraseña (recomendado)
 reset_password_mail_sent_prompt=Un correo de confirmación se ha enviado a <b>%s</b>. Compruebe su bandeja de entrada en las siguientes %s para completar el proceso de recuperación de la cuenta.
 active_your_account=Activa tu cuenta
 account_activated=La cuenta ha sido activada
-prohibit_login=Ingreso prohibido
-prohibit_login_desc=Su cuenta no puede iniciar sesión, póngase en contacto con el administrador de su sitio.
 resent_limit_prompt=Ya ha solicitado recientemente un correo de activación. Por favor, espere 3 minutos y vuelva a intentarlo.
 has_unconfirmed_mail=Hola %s, su correo electrónico (<b>%s</b>) no está confirmado. Si no ha recibido un correo de confirmación o necesita que lo enviemos de nuevo, por favor, haga click en el siguiente botón.
 resend_mail=Haga click aquí para reenviar su correo electrónico de activación
@@ -395,16 +382,12 @@ openid_connect_desc=La URI OpenID elegida es desconocida. Asóciela a una nueva
 openid_register_title=Crear una nueva cuenta
 openid_register_desc=La URI OpenID elegida es desconocida. Asóciela a una nueva cuenta aquí.
 openid_signin_desc=Introduzca su URI de OpenID. Por ejemplo: alice.openid.example.org o https://openid.example.org/alice.
-disable_forgot_password_mail=La recuperación de cuentas está desactivada porque no hay correo electrónico configurado. Por favor, contacte con el administrador del sitio.
-disable_forgot_password_mail_admin=La recuperación de cuentas solo está disponible cuando se configura el correo electrónico configurado. Por favor, configure el correo electrónico para permitir la recuperación de cuentas.
 email_domain_blacklisted=No puede registrarse con su correo electrónico.
 authorize_application=Autorizar aplicación
 authorize_redirect_notice=Será redirigido a %s si autoriza esta aplicación.
 authorize_application_created_by=Esta aplicación fue creada por %s.
-authorize_application_description=Si concede el acceso, podrá acceder y escribir a toda la información de su cuenta, incluyendo repositorios privado y organizaciones.
 authorize_title=¿Autorizar a "%s" a acceder a su cuenta?
 authorization_failed=Autorización fallida
-authorization_failed_desc=La autorización ha fallado porque hemos detectado una solicitud no válida. Por favor, póngase en contacto con el responsable de la aplicación que ha intentado autorizar.
 sspi_auth_failed=Fallo en la autenticación SSPI
 password_pwned_err=No se pudo completar la solicitud a HaveIBeenPwned
 
@@ -424,8 +407,6 @@ activate_email.title=%s, por favor verifique su dirección de correo electrónic
 activate_email.text=Por favor, haga clic en el siguiente enlace para verificar su dirección de correo electrónico dentro de <b>%s</b>:
 
 register_notify.title=%[1]s, bienvenido a %[2]s
-register_notify.text_1=este es tu correo de confirmación de registro para %s!
-register_notify.text_2=Ahora puede iniciar sesión vía nombre de usuario: %s.
 register_notify.text_3=Si esta cuenta ha sido creada para usted, por favor <a href="%s">establezca su contraseña</a> primero.
 
 reset_password=Recupere su cuenta
@@ -463,7 +444,6 @@ release.download.targz=Código fuente (TAR.GZ)
 repo.transfer.subject_to=%s desea transferir "%s" a %s
 repo.transfer.subject_to_you=%s desea transferir "%s" a usted
 repo.transfer.to_you=usted
-repo.transfer.body=Para aceptarlo o rechazarlo, visita %s o simplemente ignórelo.
 
 repo.collaborator.added.subject=%s le añadió en %s
 repo.collaborator.added.text=Has sido añadido como colaborador del repositorio:
@@ -515,7 +495,6 @@ url_error=`"%s" no es una URL válida.`
 include_error=` debe contener la subcadena "%s".`
 glob_pattern_error=` el patrón globo no es válido: %s.`
 regex_pattern_error=` el patrón de regex no es válido: %s.`
-username_error=` sólo puede contener caracteres alfanuméricos ('0-9','a-z','A-Z'), guión ('-'), guión bajo ('_') y punto ('.'). No puede comenzar o terminar con caracteres no alfanuméricos, y los caracteres no alfanuméricos consecutivos también están prohibidos.`
 invalid_group_team_map_error=` la asignación no es válida: %s`
 unknown_error=Error desconocido:
 captcha_incorrect=El código CAPTCHA no es correcto.
@@ -528,11 +507,9 @@ username_has_not_been_changed=El nombre de usuario no ha sido cambiado
 repo_name_been_taken=El nombre del repositorio ya está usado.
 repository_force_private=Forzar Privado está habilitado: los repositorios privados no pueden hacerse públicos.
 repository_files_already_exist=Ya existen archivos para este repositorio. Póngase en contacto con el administrador del sistema.
-repository_files_already_exist.adopt=Los archivos ya existen para este repositorio y sólo pueden ser aprobados.
 repository_files_already_exist.delete=Ya existen archivos para este repositorio. Debe eliminarlos.
 repository_files_already_exist.adopt_or_delete=Ya existen archivos para este repositorio. Adoptarlos o eliminarlos.
 visit_rate_limit=Remoto tiene limitación de tasa de acceso.
-2fa_auth_required=Requerir autenticación de doble factor a visitas remotas.
 org_name_been_taken=Ya existe una organización con este nombre.
 team_name_been_taken=Ya existe un equipo con este nombre.
 team_no_units_error=Permitir el acceso a por lo menos una sección del repositorio.
@@ -560,14 +537,8 @@ invalid_ssh_key=No se puede verificar su clave SSH: %s
 invalid_gpg_key=No se puede verificar su clave GPG: %s
 invalid_ssh_principal=Principal no válido: %s
 must_use_public_key=La clave que proporcionó es una clave privada. No cargue su clave privada en ningún sitio. Utilice su clave pública en su lugar.
-unable_verify_ssh_key=No se puede verificar la clave SSH, comprueba si hay errores.
 auth_failed=Autenticación fallo: %v
 
-still_own_repo=Su cuenta posee uno o más repositorios, elimínalos o transfiérelos primero.
-still_has_org=Tu cuenta es miembro de una o más organizaciones, déjalas primero.
-still_own_packages=Su cuenta posee uno o más paquetes, elimínalos primero.
-org_still_own_repo=Esta organización todavía posee uno o más repositorios, elimínalos o transfiérelos primero.
-org_still_own_packages=Esta organización todavía posee uno o más paquetes, elimínalos primero.
 
 target_branch_not_exist=La rama de destino no existe
 
@@ -596,7 +567,6 @@ settings=Ajustes del usuario
 
 form.name_reserved=El nombre de usuario "%s" está reservado.
 form.name_pattern_not_allowed=El patrón "%s" no está permitido en un nombre de usuario.
-form.name_chars_not_allowed=El nombre de usuario "%s" contiene caracteres no válidos.
 
 
 [settings]
@@ -619,7 +589,6 @@ uid=UID
 public_profile=Perfil público
 biography_placeholder=¡Cuéntanos un poco sobre ti mismo! (Puedes usar Markdown)
 location_placeholder=Comparte tu ubicación aproximada con otros
-profile_desc=Controla cómo se muestra su perfil a otros usuarios. Tu dirección de correo electrónico principal se utilizará para notificaciones, recuperación de contraseña y operaciones de Git basadas en la web.
 full_name=Nombre completo
 website=Página web
 location=Localización
@@ -689,10 +658,8 @@ requires_activation=Requiere activación
 primary_email=Hacer primaria
 activate_email=Enviar email de activación
 activations_pending=Activaciones pendientes
-can_not_add_email_activations_pending=Hay una activación pendiente, inténtelo de nuevo en unos minutos si desea agregar un nuevo correo electrónico.
 delete_email=Eliminar
 email_deletion=Eliminar dirección de correo electrónico
-email_deletion_desc=La dirección de correo electrónico e información relacionada se eliminará de su cuenta. Los commits de Git hechos por esta dirección de correo electrónico permanecerán inalterados. ¿Continuar?
 email_deletion_success=La dirección de correo electrónico ha sido eliminada.
 theme_update_success=Su tema fue actualizado.
 theme_update_error=El tema seleccionado no existe.
@@ -734,7 +701,6 @@ gpg_key_matched_identities_long=Las identidades incrustadas en esta clave coinci
 gpg_key_verified=Clave verificada
 gpg_key_verified_long=La clave ha sido verificada con un token y puede ser usada para verificar confirmaciones que coincidan con cualquier dirección de correo electrónico activada para este usuario, además de cualquier identidad coincidente para esta clave.
 gpg_key_verify=Verificar
-gpg_invalid_token_signature=La clave GPG proporcionada, la firma y el token no coinciden o el token está desactualizado.
 gpg_token_required=Debe proporcionar una firma para el token de abajo
 gpg_token=Token
 gpg_token_help=Puede generar una firma de la siguiente manera:
@@ -744,7 +710,6 @@ verify_gpg_key_success=La clave GPG "%s" ha sido verificada.
 ssh_key_verified=Clave verificada
 ssh_key_verified_long=La clave ha sido verificada con un token y puede ser usada para verificar confirmaciones que coincidan con cualquier dirección de correo electrónico activada para este usuario.
 ssh_key_verify=Verificar
-ssh_invalid_token_signature=La clave SSH proporcionada, la firma o el token no coinciden o el token está desactualizado.
 ssh_token_required=Debe proporcionar una firma para el token de abajo
 ssh_token=Token
 ssh_token_help=Puede generar una firma de la siguiente manera:
@@ -765,7 +730,6 @@ gpg_key_deletion=Eliminar clave GPG
 ssh_principal_deletion=Eliminar principal de certificado SSH
 ssh_key_deletion_desc=Eliminando una clave SSH se revoca su acceso a su cuenta. ¿Continuar?
 gpg_key_deletion_desc=Eliminando una clave GPG se des-verifican los commits firmados con ella. ¿Continuar?
-ssh_principal_deletion_desc=Eliminar un principal de certificado SSH revoca su acceso a su cuenta. ¿Continuar?
 ssh_key_deletion_success=La clave SSH ha sido eliminada.
 gpg_key_deletion_success=La clave GPG ha sido eliminada.
 ssh_principal_deletion_success=El principal ha sido eliminado.
@@ -823,7 +787,6 @@ create_oauth2_application_button=Crear Aplicación
 create_oauth2_application_success=Ha creado con éxito una nueva aplicación de OAuth2.
 update_oauth2_application_success=Ha actualizado correctamente la aplicación de OAuth2.
 oauth2_application_name=Nombre de la Aplicación
-oauth2_confidential_client=Cliente confidencial. Seleccione para aplicaciones que mantengan el secreto confidencial, tales como aplicaciones web. No seleccione para aplicaciones nativas, incluyendo aplicaciones de escritorio y móviles.
 oauth2_redirect_uris=Redirigir URIs. Por favor, usa una nueva línea para cada URI.
 save_application=Guardar
 oauth2_client_id=ID de cliente
@@ -836,16 +799,13 @@ oauth2_application_create_description=Las aplicaciones OAuth2 le dan acceso a su
 oauth2_application_remove_description=Eliminar una aplicación de OAuth2 evitará que acceda a cuentas de usuario autorizadas en esta instancia. ¿Continuar?
 
 authorized_oauth2_applications=Aplicaciones OAuth2 autorizadas
-authorized_oauth2_applications_description=Has concedido acceso a tu cuenta personal de Gitea a estas aplicaciones de terceros. Por favor, revoca el acceso para las aplicaciones que ya no necesitas.
 revoke_key=Revocar
 revoke_oauth2_grant=Revocar acceso
-revoke_oauth2_grant_description=Revocar el acceso a esta aplicación impedirá que esta aplicación acceda a sus datos. ¿Está seguro?
 revoke_oauth2_grant_success=Acceso revocado correctamente.
 
 twofa_is_enrolled=Su cuenta actualmente está <strong>registrada</strong> en la autenticación de doble factor.
 twofa_not_enrolled=Tu cuenta no está actualmente inscrita en la autenticación de doble factor.
 twofa_disable=Deshabilitar autenticación de doble factor
-twofa_enroll=Inscribirse en la autenticación de doble factor
 twofa_disable_note=Puede deshabilitar la autenticación de doble factor si lo necesita.
 twofa_disable_desc=Deshabilitar la autenticación de doble factor hará su cuenta menos segura. ¿Continuar?
 twofa_disabled=La autenticación de doble factor ha sido deshabilitada.
@@ -858,11 +818,9 @@ twofa_failed_get_secret=No se pudo obtener el secreto.
 webauthn_register_key=Añadir clave de seguridad
 webauthn_nickname=Apodo
 webauthn_delete_key=Eliminar clave de seguridad
-webauthn_delete_key_desc=Si elimina una llave de seguridad ya no podrá utilizarla para iniciar sesión con ella. ¿Continuar?
 
 manage_account_links=Administrar cuentas vinculadas
 manage_account_links_desc=Estas cuentas externas están vinculadas a su cuenta de Gitea.
-account_links_not_available=Actualmente no hay cuentas externas vinculadas a su cuenta de Gitea.
 link_account=Enlazar cuenta
 remove_account_link=Eliminar cuenta vinculada
 remove_account_link_desc=Eliminar una cuenta vinculada revocará su acceso a su cuenta de Gitea. ¿Continuar?
@@ -916,7 +874,6 @@ fork_to_different_account=Forkear a una cuenta diferente
 fork_visibility_helper=La visibilidad de un repositorio del cual se ha hecho fork no puede ser cambiada.
 fork_branch=Rama a clonar en la bifurcación
 all_branches=Todas las ramas
-fork_no_valid_owners=Este repositorio no puede ser bifurcado porque no hay propietarios válidos.
 use_template=Utilizar esta plantilla
 download_zip=Descargar ZIP
 download_tar=Descargar TAR.GZ
@@ -952,12 +909,10 @@ mirror_interval_invalid=El intervalo de réplica no es válido.
 mirror_sync_on_commit=Sincronizar cuando los commits sean subidos
 mirror_address=Clonar desde URL
 mirror_address_desc=Ponga cualquier credencial requerida en la sección de Autorización.
-mirror_address_url_invalid=La URL proporcionada no es válida. Debe escapar todos los componentes de la url correctamente.
 mirror_address_protocol_invalid=La URL proporcionada no es válida. Sólo http(s):// o git:// se puede utilizar para ser replicadas.
 mirror_lfs=Almacenamiento de archivos grande (LFS)
 mirror_lfs_desc=Activar la reproducción de datos LFS.
 mirror_lfs_endpoint=Punto final de LFS
-mirror_lfs_endpoint_desc=Sync intentará usar la url del clon para <a target="_blank" rel="noopener noreferrer" href="%s">determinar el servidor LFS</a>. También puede especificar un punto final personalizado si los datos LFS del repositorio se almacenan en otro lugar.
 mirror_last_synced=Sincronizado por última vez
 mirror_password_placeholder=(Sin cambios)
 mirror_password_blank_placeholder=(Indefinido)
@@ -969,7 +924,6 @@ forks=Forks
 reactions_more=y %d más
 unit_disabled=El administrador del sitio ha deshabilitado esta sección del repositorio.
 language_other=Otros
-adopt_search=Introduzca el nombre de usuario para buscar repositorios no adoptados... (déjelo en blanco para encontrar todos)
 adopt_preexisting_label=Adoptar archivos
 adopt_preexisting=Adoptar archivos preexistentes
 adopt_preexisting_content=Crear repositorio desde %s
@@ -1005,8 +959,6 @@ template.issue_labels=Etiquetas de incidencia
 template.one_item=Debe seleccionar al menos un elemento de plantilla
 template.invalid=Debe seleccionar una plantilla de repositorio
 
-archive.title=Este repositorio está archivado. Usted puede ver los archivos y clonarlos, pero no puede hace push o abrir incidencias o pull requests.
-archive.title_date=Este repositorio ha sido archivado en %s. Puedes ver archivos y clonarlo, pero no puedes hacer push o abrir incidencias o pull request.
 archive.issue.nocomment=Este repositorio está archivado. No se puede comentar en las incidencias.
 archive.pull.nocomment=Este repositorio está archivado. No se puede comentar en los pull requests.
 
@@ -1023,7 +975,6 @@ migrate_options_lfs=Migrar archivos LFS
 migrate_options_lfs_endpoint.label=Punto final de LFS
 migrate_options_lfs_endpoint.description=Migración intentará usar su mando Git para <a target="_blank" rel="noopener noreferrer" href="%s">determinar el servidor LFS</a>. También puede especificar un punto final personalizado si los datos LFS del repositorio se almacenan en otro lugar.
 migrate_options_lfs_endpoint.description.local=También se admite una ruta del servidor local.
-migrate_options_lfs_endpoint.placeholder=Si se deja en blanco, el punto final se derivará de la URL de clonación
 migrate_items=Objetos de migración
 migrate_items_wiki=Wiki
 migrate_items_milestones=Hitos
@@ -1035,10 +986,8 @@ migrate_items_releases=Lanzamientos
 migrate_repo=Migrar Repositorio
 migrate.clone_address=Migrar / Clonar desde URL
 migrate.clone_address_desc=La URL HTTP(S) o de Git 'clone' de un repositorio existente
-migrate.github_token_desc=Puedes poner uno o más tokens con comas separadas aquí para hacer migrar más rápido debido al límite de velocidad de GitHub API. PRECAUCIÓN: Abusar esta característica puede violar la política del proveedor de servicios y llevar a bloquear la cuenta.
 migrate.clone_local_path=o una ruta local del servidor
 migrate.permission_denied=No te está permitido importar repositorios locales.
-migrate.permission_denied_blocked=No puede importar desde hosts no permitidos, por favor pida al administrador que marque ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS configuración.
 migrate.invalid_local_path=La ruta local no es válida. No existe o no es un directorio.
 migrate.invalid_lfs_endpoint=El punto final de LFS no es válido.
 migrate.failed=Migración fallida: %v
@@ -1046,7 +995,6 @@ migrate.migrate_items_options=Un token de acceso es necesario para migrar elemen
 migrated_from=Migrado desde <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrado desde %[1]s
 migrate.migrate=Migrar desde %s
-migrate.migrating=Migrando desde <b>%s</b>...
 migrate.migrating_failed=La migración desde <b>%s</b> ha fallado.
 migrate.migrating_failed.error=Error al migrar: %s
 migrate.migrating_failed_no_addr=Migración fallida.
@@ -1088,7 +1036,6 @@ clone_this_repo=Clonar este repositorio
 cite_this_repo=Citar este repositorio
 create_new_repo_command=Crear un nuevo repositorio desde línea de comandos
 push_exist_repo=Hacer push de un repositorio existente desde línea de comandos
-empty_message=Este repositorio no contiene ningún contenido.
 broken_message=Los datos de Git subyacentes a este repositorio no pueden ser leídos. Contacte con el administrador de esta instancia o elimine este repositorio.
 
 code=Código
@@ -1106,7 +1053,6 @@ projects=Proyectos
 packages=Paquetes
 actions=Acciones
 labels=Etiquetas
-org_labels_desc=Etiquetas de nivel de la organización que pueden ser utilizadas con <strong>todos los repositorios</strong> bajo esta organización
 org_labels_desc_manage=gestionar
 
 milestone=Hito
@@ -1138,7 +1084,6 @@ file_copy_permalink=Copiar Permalink
 view_git_blame=Ver la culpa de Git
 video_not_supported_in_browser=Su navegador no soporta el tag video de HTML5.
 audio_not_supported_in_browser=Su navegador no soporta el tag audio de HTML5.
-stored_lfs=Almacenados con Git LFS
 symbolic_link=Enlace simbólico
 executable_file=Archivo Ejecutable
 commit_graph=Gráfico de commits
@@ -1181,7 +1126,6 @@ editor.update=Actualizar %s
 editor.delete=Eliminar %s
 editor.patch=Aplicar parche
 editor.patching=Parcheando:
-editor.fail_to_apply_patch=`No se puede aplicar el parche "%s"`
 editor.new_patch=Nuevo parche
 editor.commit_message_desc=Añadir una descripción extendida opcional…
 editor.signoff_desc=Añadir un trailer firmado por el committer al final del mensaje de registro de confirmación.
@@ -1197,17 +1141,12 @@ editor.filename_is_invalid=El nombre de archivo no es válido: "%s".
 editor.branch_does_not_exist=La rama "%s" no existe en este repositorio.
 editor.branch_already_exists=La rama "%s" ya existe en este repositorio.
 editor.directory_is_a_file=Nombre del directorio "%s" ya se utiliza como nombre de archivo en este repositorio.
-editor.file_is_a_symlink=`"%s" es un enlace simbólico. Los enlaces simbólicos no se pueden editar en el editor web`
 editor.filename_is_a_directory=Nombre de archivo "%s" ya se utiliza como nombre de directorio en este repositorio.
-editor.file_editing_no_longer_exists=El archivo que se está editando, "%s", ya no existe en este repositorio.
-editor.file_deleting_no_longer_exists=El archivo que se está eliminando, "%s", ya no existe en este repositorio.
 editor.file_changed_while_editing=Desde que comenzó a editar, el contenido del archivo ha sido cambiado. <a target="_blank" rel="noopener noreferrer" href="%s">Haga clic aquí</a> para ver qué ha cambiado o <strong>presione confirmar de nuevo</strong> para sobrescribir los cambios.
 editor.file_already_exists=Ya existe un archivo llamado "%s" en este repositorio.
 editor.commit_empty_file_header=Commit un archivo vacío
 editor.commit_empty_file_text=El archivo que estás tratando de commit está vacío. ¿Proceder?
 editor.no_changes_to_show=No existen cambios para mostrar.
-editor.fail_to_update_file=Error al actualizar/crear el archivo "%s".
-editor.fail_to_update_file_summary=Mensaje de error
 editor.push_rejected_no_message=El cambio fue rechazado por el servidor sin un mensaje. Por favor, compruebe Git Hooks.
 editor.push_rejected=El cambio fue rechazado por el servidor. Por favor, comprueba los Git Hooks.
 editor.push_rejected_summary=Mensaje completo de rechazo
@@ -1222,6 +1161,7 @@ editor.require_signed_commit=Esta rama requiere un commit firmado
 editor.cherry_pick=Hacer Cherry-pick %s en:
 editor.revert=Revertir %s en:
 
+
 commits.desc=Ver el historial de cambios de código fuente.
 commits.commits=Commits
 commits.no_commits=No hay commits en común. "%s" y "%s" tienen historias totalmente diferentes.
@@ -1367,7 +1307,6 @@ issues.filter_project=Proyecto
 issues.filter_project_all=Todos los proyectos
 issues.filter_project_none=Ningún proyecto
 issues.filter_assignee=Asignada a
-issues.filter_assginee_no_assignee=Sin asignado
 issues.filter_poster=Autor
 issues.filter_type=Tipo
 issues.filter_type.all_issues=Todas las incidencias
@@ -1379,7 +1318,6 @@ issues.filter_type.reviewed_by_you=Revisado por ti
 issues.filter_sort=Ordenar
 issues.filter_sort.latest=Más recientes
 issues.filter_sort.oldest=Más antiguas
-issues.filter_sort.recentupdate=Actualizada recientemente
 issues.filter_sort.leastupdate=Actualizada menos recientemente
 issues.filter_sort.mostcomment=Más comentadas
 issues.filter_sort.leastcomment=Menos comentadas
@@ -1488,7 +1426,6 @@ issues.pin_comment=anclado este %s
 issues.unpin_comment=desanclado este %s
 issues.lock=Bloquear conversación
 issues.unlock=Desbloquear conversación
-issues.lock.unknown_reason=No se puede bloquear una incidencia con una razón desconocida.
 issues.lock_duplicate=Una incidencia no puede ser bloqueada dos veces.
 issues.unlock_error=No puede desbloquear una incidencia que no esta bloqueada.
 issues.lock_with_reason=bloqueado como <strong>%s</strong> y conversación limitada a colaboradores %s
@@ -1496,7 +1433,6 @@ issues.lock_no_reason=conversación limitada y bloqueada a los colaboradores %s
 issues.unlock_comment=desbloqueó esta conversación %s
 issues.lock_confirm=Bloquear
 issues.unlock_confirm=Desbloquear
-issues.lock.notice_1=- Otros usuarios no pueden añadir nuevos comentarios a esta incidencia.
 issues.lock.notice_2=- Usted y otros colaboradores con acceso a este repositorio todavía pueden dejar comentarios que otros pueden ver.
 issues.lock.notice_3=- Siempre puede desbloquear esta incidencia de nuevo en el futuro.
 issues.unlock.notice_1=- Todos podrían comentar esta incidencia de nuevo.
@@ -1534,7 +1470,6 @@ issues.due_date_form=aaaa-mm-dd
 issues.due_date_form_add=Añadir fecha de vencimiento
 issues.due_date_form_edit=Editar
 issues.due_date_form_remove=Eliminar
-issues.due_date_not_writer=Necesita acceso de escritura a este repositorio para actualizar la fecha límite de de una incidencia.
 issues.due_date_not_set=Sin fecha de vencimiento.
 issues.due_date_added=añadió la fecha de vencimiento %s %s
 issues.due_date_modified=modificó la fecha de vencimiento de %[2]s a %[1]s %[3]s
@@ -1557,9 +1492,7 @@ issues.dependency.pr_closing_blockedby=Cerrando este pull request es bloqueado p
 issues.dependency.issue_closing_blockedby=Cerrando esta incidencia esta bloqueado por las siguientes incidencias
 issues.dependency.issue_close_blocks=Esta incidencia bloquea el cierre de las siguientes incidencias
 issues.dependency.pr_close_blocks=Este pull request bloquea el cierre de las siguientes incidencias
-issues.dependency.issue_close_blocked=Necesita cerrar todos las incidencias que bloquean esta incidencia antes de que se puede cerrar.
 issues.dependency.issue_batch_close_blocked=No se pueden cerrar por lotes las incidencias que has seleccionado, ya que la incidencia #%d todavía tiene dependencias abiertas
-issues.dependency.pr_close_blocked=Necesita cerrar todos las incidencias que bloquean este pull request antes de poder fusionarse.
 issues.dependency.blocks_short=Bloquea
 issues.dependency.blocked_by_short=Depende de
 issues.dependency.remove_header=Eliminar dependencia
@@ -1570,12 +1503,10 @@ issues.dependency.add_error_same_issue=No se puede hacer que una incidencia depe
 issues.dependency.add_error_dep_issue_not_exist=Incidencia dependiente no existe.
 issues.dependency.add_error_dep_not_exist=La dependencia no existe.
 issues.dependency.add_error_dep_exists=La dependencia ya existe.
-issues.dependency.add_error_cannot_create_circular=No puede crear una depenciena con dos issues que se estan bloqueando mutuamente.
 issues.dependency.add_error_dep_not_same_repo=Ambas incidencias deben estar en el mismo repositorio.
 issues.review.self.approval=No puede aprobar su propio pull request.
 issues.review.self.rejection=No puede sugerir cambios en su propio pull request.
 issues.review.approve=aprobado estos cambios %s
-issues.review.dismissed=descartó la revisión de %s %s
 issues.review.dismissed_label=Descartado
 issues.review.left_comment=dejó un comentario
 issues.review.content.empty=Es necesario dejar un comentario indicando los cambios solicitados.
@@ -1583,7 +1514,6 @@ issues.review.reject=cambios solicitados %s
 issues.review.wait=se solicitó para revisión %s
 issues.review.add_review_request=solicitud de revisión de %s %s
 issues.review.remove_review_request=solicitud de revisión eliminada para %s %s
-issues.review.remove_review_request_self=rechazó revisar %s
 issues.review.pending=Pendiente
 issues.review.pending.tooltip=Este comentario no es visible actualmente para otros usuarios. Para enviar sus comentarios pendientes, seleccione "%s" -> "%s/%s/%s" en la parte superior de la página.
 issues.review.review=Revisar
@@ -1600,7 +1530,6 @@ issues.review.resolve_conversation=Resolver conversación
 issues.review.un_resolve_conversation=Marcar conversación sin resolver
 issues.review.resolved_by=ha marcado esta conversación como resuelta
 issues.review.commented=Comentario
-issues.assignee.error=No todos los asignados fueron añadidos debido a un error inesperado.
 issues.reference_issue.body=Cuerpo
 issues.content_history.deleted=borrado
 issues.content_history.edited=editado
@@ -1635,7 +1564,6 @@ pulls.show_all_commits=Mostrar todos los commits
 pulls.show_changes_since_your_last_review=Mostrar cambios desde tu última revisión
 pulls.showing_only_single_commit=Mostrando solo los cambios del commit %[1]s
 pulls.showing_specified_commit_range=Mostrando solo cambios entre %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Seleccionar commit. Mantener pulsado shift + clic para seleccionar un rango
 pulls.review_only_possible_for_full_diff=La revisión solo es posible cuando se ve la diff completa
 pulls.filter_changes_by_commit=Filtrar por commit
 pulls.nothing_to_compare=Estas ramas son iguales. No hay necesidad para crear un pull request.
@@ -1663,7 +1591,6 @@ pulls.add_prefix=Añadir prefijo <strong>%s</strong>
 pulls.remove_prefix=Eliminar prefijo <strong>%s</strong>
 pulls.data_broken=Este pull request está rota debido a que falta información del fork.
 pulls.files_conflicted=Este pull request tiene cambios en conflicto con la rama de destino.
-pulls.is_checking=La comprobación de conflicto de fusión está en progreso. Inténtalo de nuevo en unos momentos.
 pulls.is_ancestor=Esta rama ya está incluida en la rama de destino. No hay nada que fusionar.
 pulls.is_empty=Los cambios en esta rama ya están en la rama de destino. Esto será un commit vacío.
 pulls.required_status_check_failed=Algunos controles requeridos no han tenido éxito.
@@ -1685,30 +1612,20 @@ pulls.reject_count_1=%d solicitud de cambio
 pulls.reject_count_n=%d solicitudes de cambio
 pulls.waiting_count_1=%d esperando revisión
 pulls.waiting_count_n=%d esperando revisiónes
-pulls.wrong_commit_id=la identificación de commit debe ser para un commit en la rama de destino
 
 pulls.no_merge_desc=Este pull request no se puede combinar porque todas las opciones de combinación del repositorio están deshabilitadas.
 pulls.no_merge_helper=Habilite las opciones de combinación en la configuración del repositorio o fusione el pull request manualmente.
 pulls.no_merge_wip=Este pull request no se puede combinar porque está marcada como un trabajo en progreso.
-pulls.no_merge_not_ready=Este pull request no está listo para ser fusionado, compruebe el estado de revisión y las comprobaciones de estado.
 pulls.no_merge_access=No está autorizado para fusionar de este pull request.
 pulls.merge_pull_request=Crear commit fusionado
-pulls.rebase_merge_pull_request=Rebase y luego fast-forward
-pulls.rebase_merge_commit_pull_request=Rebase y luego crear commit fusionado
 pulls.squash_merge_pull_request=Crear commit squash
 pulls.merge_manually=Fusionado manualmente
 pulls.merge_commit_id=La identificación del commit fusionado
 pulls.require_signed_wont_sign=Esta rama requiere commits firmados pero esta fusión no será firmada
 
 pulls.invalid_merge_option=No puede utilizar esta opción de combinación para esta solicitud de extracción.
-pulls.merge_conflict=Fusión fallida: Hubo un conflicto mientras se fusionaba. Pista: Pruebe una estrategia diferente
 pulls.merge_conflict_summary=Mensaje de error
-pulls.rebase_conflict=Fusión fallida: Hubo un conflicto mientras se rebasaba el commit: %[1]s. Pista: Prueba una estrategia diferente
 pulls.rebase_conflict_summary=Mensaje de error
-pulls.unrelated_histories=Fusionar Fallidos: El jefe de fusión y la base no comparten un historial común. Pista: Prueba una estrategia diferente
-pulls.merge_out_of_date=Fusión fallida: Mientras se generaba la fusión, la base fue actualizada. Pista: Inténtelo de nuevo.
-pulls.head_out_of_date=Fusión fallida: Mientras se generaba la fusión, la cabeza fue actualizada. Pista: Inténtelo de nuevo.
-pulls.has_merged=Error: La pull request ha sido fusionada, no puedes fusionarla de nuevo ni cambiar la rama objetivo.
 pulls.push_rejected_summary=Mensaje completo de rechazo
 pulls.open_unmerged_pull_exists=`No puede realizar la reapertura porque hay un pull request pendiente (#%d) con propiedades idénticas.`
 pulls.status_checking=Algunas comprobaciones están pendientes
@@ -1727,7 +1644,6 @@ pulls.close=Cerrar Pull Request
 pulls.closed_at=`cerró este pull request <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 pulls.reopened_at=`reabrió este pull request <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 pulls.clear_merge_message=Borrar mensaje de fusión
-pulls.clear_merge_message_hint=Limpiar el mensaje de fusión solo eliminará el contenido del mensaje de commit y mantendrá frases generadas como "Co-Autorizado por …".
 
 pulls.auto_merge_button_when_succeed=(cuando las comprobaciones tengan éxito)
 pulls.auto_merge_when_succeed=Fusionar automática cuando todas las comprobaciones tengan éxito
@@ -1780,12 +1696,10 @@ milestones.filter_sort.most_issues=Mayoría de los problemas
 milestones.filter_sort.least_issues=Menos problemas
 
 signing.will_sign=Este commit se firmará con la clave "%s".
-signing.wont_sign.error=Hubo un error mientras se comprobaba si la confirmación podía ser firmada.
 signing.wont_sign.nokey=No hay ninguna clave disponible para firmar este commit.
 signing.wont_sign.never=Nunca se firman los commits.
 signing.wont_sign.always=Siempre se firman los commits.
 signing.wont_sign.pubkey=El commit no se firmará porque no tiene una clave pública asociada a su cuenta.
-signing.wont_sign.twofa=Debe tener habilitada la autenticación de doble factor para tener los commits firmados.
 signing.wont_sign.parentsigned=El commit no será firmado ya que el commit padre no está firmado.
 signing.wont_sign.basesigned=La fusión no se firmará ya que el commit base no está firmado.
 signing.wont_sign.headsigned=La fusión no se firmará ya que el commit principal no está firmado.
@@ -1867,7 +1781,6 @@ activity.title.releases_1=%d Lanzamiento
 activity.title.releases_n=%d Lanzamientos
 activity.title.releases_published_by=%s publicado por %s
 activity.published_release_label=Publicado
-activity.no_git_activity=No ha habido ningún commit en este período.
 activity.git_stats_exclude_merges=Excluyendo fusiones,
 activity.git_stats_author_1=%d autor
 activity.git_stats_author_n=%d autores
@@ -1892,7 +1805,6 @@ activity.git_stats_deletion_n=%d eliminaciones
 contributors.contribution_type.commits=Commits
 
 settings=Configuración
-settings.desc=La configuración es donde puede administrar la configuración del repositorio
 settings.options=Repositorio
 settings.collaboration=Colaboradores
 settings.collaboration.admin=Administrador
@@ -1909,7 +1821,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Configure su pro
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Configure su proyecto para extraer automáticamente commits, etiquetas y ramas de otro repositorio.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Ahora mismo, esto solo se puede hacer en el menú "Nueva Migración". Para más información, por favor consulta:
 settings.mirror_settings.docs.disabled_push_mirror.info=Las réplicas push han sido desactivadas por el administrador del sitio.
-settings.mirror_settings.docs.no_new_mirrors=Su repositorio está reproduciendo los cambios en o desde otro repositorio. Por favor, tenga en cuenta que no puede crear nuevas réplicas en este momento.
 settings.mirror_settings.docs.can_still_use=Aunque no puede modificar las réplicas existentes o crear otras nuevas, puede usar su réplica existente.
 settings.mirror_settings.docs.pull_mirror_instructions=Para crear un pull mirror, consulte por favor:
 settings.mirror_settings.docs.more_information_if_disabled=Puedes encontrar más información sobre push y pull mirrors aquí:
@@ -1977,7 +1888,6 @@ settings.admin_indexer_commit_sha=Último SHA indexado
 settings.admin_indexer_unindexed=Sin indexar
 settings.reindex_button=Añadir a la cola de reindexación
 settings.reindex_requested=Reindexar Solicitado
-settings.admin_enable_close_issues_via_commit_in_any_branch=Cerrar una incidencia a través de un commit realizado en una rama no principal
 settings.danger_zone=Zona de Peligro
 settings.new_owner_has_same_repo=El nuevo propietario tiene un repositorio con el mismo nombre.
 settings.convert=Convertir en repositorio normal
@@ -1998,7 +1908,6 @@ settings.transfer_abort_invalid=No puede cancelar una transferencia de repositor
 settings.transfer_abort_success=La transferencia del repositorio a %s fue cancelada.
 settings.transfer_desc=Transferir este repositorio a un usuario o una organizacion de la cual disponga de privilegios administrativos.
 settings.transfer_form_title=Escriba el nombre del repositorio como confirmación:
-settings.transfer_in_progress=Actualmente hay una transferencia en curso. Por favor, cancela si quieres transferir este repositorio a otro usuario.
 settings.transfer_notices_1=- Perderá el acceso al repositorio si lo transfiere a un usuario individual.
 settings.transfer_notices_2=- Mantendrá el acceso al repositorio si lo transfiere a una organización que usted (co-)posee.
 settings.transfer_notices_3=- Si el repositorio es privado y se transfiere a un usuario individual, esta acción se asegura de que el usuario tenga al menos permisos de lectura (y cambie los permisos si es necesario).
@@ -2012,13 +1921,9 @@ settings.trust_model.default=Modelo de confianza por defecto
 settings.trust_model.default.desc=Utilice el modelo de confianza de repositorio por defecto para esta instalación.
 settings.trust_model.collaborator=Colaborador
 settings.trust_model.collaborator.long=Colaborador: Confiar en firmas de colaboradores
-settings.trust_model.collaborator.desc=Las firmas válidas de los colaboradores de este repositorio serán marcadas como "confiables" - (coincidan o no con el committer). De lo contrario, las firmas válidas serán marcadas como "no confiables" si la firma coincide con el committer y "no coincidente" si no lo es.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: Firmas de confianza que coinciden con los committers (Esto coincide con GitHub y obligará a Gitea a firmar los commits a tener a Gitea como el committer)
-settings.trust_model.committer.desc=Las firmas válidas sólo se marcarán como "confiables" si coinciden con el committer, de lo contrario se marcarán como "no confiable". Esto obliga a Gitea a ser el committer en commits firmados con el commit real marcado como Co-autorizado por: y Co-commited por: en el tráiler. La clave de Gitea por defecto debe coincidir con un usuario en la base de datos.
 settings.trust_model.collaboratorcommitter=Colaborador+Comitter
 settings.trust_model.collaboratorcommitter.long=Colaborador+Comitter: Confiar en firmas de colaboradores que coincidan con el committer
-settings.trust_model.collaboratorcommitter.desc=Las firmas válidas de los colaboradores de este repositorio se marcarán como "de confianza" si coinciden con el confirmador. De lo contrario, las firmas válidas se marcarán como "no confiables" si la firma coincide con el autor de la confirmación y como "no coincidentes" en caso contrario. Esto obligará a Gitea a ser marcado como el confirmador en los compromisos firmados con el confirmador real marcado como Coautor por: y Cocommitido por: tráiler en el compromiso. La clave Gitea predeterminada debe coincidir con un usuario en la base de datos.
 settings.wiki_delete=Eliminar datos de Wiki
 settings.wiki_delete_desc=Eliminar los datos del wiki del repositorio es permanente y no se puede deshacer.
 settings.wiki_delete_notices_1=- Esto eliminará y desactivará permanentemente el wiki del repositorio para %s.
@@ -2027,7 +1932,6 @@ settings.wiki_deletion_success=La wiki del repositorio ha sido eliminada.
 settings.delete=Eliminar este repositorio
 settings.delete_desc=Eliminar un repositorio es permanente y no se puede deshacer.
 settings.delete_notices_1=- Esta operación <strong>NO PUEDE</strong> revertirse.
-settings.delete_notices_2=- Esta operación eliminará permanentemente todo en el repositorio de <strong>%s</strong>, incluidas asociaciones de código, problemas, comentarios, wiki y colaboradores.
 settings.delete_notices_fork_1=Los forks de este repositorio serán independientes después de eliminarlo.
 settings.deletion_success=El repositorio ha sido eliminado.
 settings.update_settings_success=Las opciones del repositorio han sido actualizadas.
@@ -2048,8 +1952,6 @@ settings.team_not_in_organization=El equipo no pertenece a la misma organizació
 settings.teams=Equipos
 settings.add_team=Añadir equipo
 settings.add_team_duplicate=El equipo ya tiene acceso al repositorio
-settings.add_team_success=Ahora el equipo ya tiene acceso al repositorio.
-settings.change_team_permission_tip=El permiso del equipo está establecido en la página de configuración del equipo y no puede ser cambiado por repositorio
 settings.delete_team_tip=Este equipo tiene acceso a todos los repositorios y no puede ser eliminado
 settings.remove_team_success=Se ha eliminado el acceso del equipo al repositorio.
 settings.add_webhook=Añadir Webhook
@@ -2058,8 +1960,6 @@ settings.hooks_desc=Los webhooks automáticamente hacen peticiones HTTP POST a u
 settings.webhook_deletion=Eliminar Webhook
 settings.webhook_deletion_desc=Eliminar un webhook borra sus ajustes e historial de entrega. ¿Continuar?
 settings.webhook_deletion_success=El webhook ha sido eliminado.
-settings.webhook.test_delivery=Test de entrega
-settings.webhook.test_delivery_desc=Prueba este webhook con un evento falso.
 settings.webhook.test_delivery_desc_disabled=Para probar este webhook con un evento falso, actívalo.
 settings.webhook.request=Petición
 settings.webhook.response=Respuesta
@@ -2105,7 +2005,6 @@ settings.event_repository=Repositorio
 settings.event_repository_desc=Repositorio creado o eliminado.
 settings.event_header_issue=Eventos de incidencias
 settings.event_issues=Incidencias
-settings.event_issues_desc=Incidencia abierta, cerrada, reabierta o editada.
 settings.event_issue_assign=Incidencia asignada
 settings.event_issue_assign_desc=Incidencia asignada o no asignada.
 settings.event_issue_label=Incidencia etiquetada
@@ -2116,7 +2015,6 @@ settings.event_issue_comment=Comentario de incidencia
 settings.event_issue_comment_desc=Comentario de incidencias creado, editado o borrado.
 settings.event_header_pull_request=Eventos de Pull Requests
 settings.event_pull_request=Pull Request
-settings.event_pull_request_desc=Pull request abierto, cerrado, reabierto o editado.
 settings.event_pull_request_assign=Pull Request asignado
 settings.event_pull_request_assign_desc=Pull Request asignado o no asignado.
 settings.event_pull_request_label=Pull Request Etiquetado
@@ -2253,7 +2151,6 @@ settings.archive.branchsettings_unavailable=Los ajustes de rama no están dispon
 settings.archive.tagsettings_unavailable=Los ajustes de las etiquetas no están disponibles si el repositorio está archivado.
 settings.unarchive.button=Desarchivar repositorio
 settings.unarchive.header=Desarchivar este repositorio
-settings.unarchive.text=La desarchivación del repositorio restablecerá su capacidad de recibir commits y pushes, así como nuevas incidencias y pull requests.
 settings.unarchive.success=El repositorio se ha desarchivado correctamente.
 settings.unarchive.error=Ocurrió un error mientras se trataba de des-archivar el repositorio. Revisa el registro para más detalles.
 settings.update_avatar_success=El avatar del repositorio ha sido actualizado.
@@ -2271,11 +2168,9 @@ settings.lfs_invalid_locking_path=Ruta no válida: %s
 settings.lfs_invalid_lock_directory=No se puede bloquear el directorio: %s
 settings.lfs_lock_already_exists=El bloqueo ya existe: %s
 settings.lfs_lock=Bloquear
-settings.lfs_lock_path=Ruta del archivo a bloquear...
 settings.lfs_locks_no_locks=Sin bloqueos
 settings.lfs_lock_file_no_exist=El archivo bloqueado no existe en la rama por defecto
 settings.lfs_force_unlock=Forzar desbloqueo
-settings.lfs_pointers.found=Encontrados %d punteros - %d asociados, %d no asociados (%d falta en el almacén)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=En repositorio
@@ -2477,7 +2372,6 @@ form.create_org_not_allowed=No tiene permisos para crear organizaciones.
 settings=Configuración
 settings.options=Organización
 settings.full_name=Nombre completo
-settings.email=Email de contacto
 settings.website=Página web
 settings.location=Localización
 settings.permission=Permisos
@@ -2491,15 +2385,13 @@ settings.visibility.private_shortname=Privado
 
 settings.update_settings=Actualizar configuración
 settings.update_setting_success=Configuración de la organización se han actualizado.
-settings.change_orgname_prompt=Nota: Cambiar el nombre de la organización también cambiará la URL de su organización y liberará el nombre antiguo.
-settings.change_orgname_redirect_prompt=El nombre antiguo se redirigirá hasta que se reclame.
+
+
 settings.update_avatar_success=Se ha actualizado el avatar de la organización.
 settings.delete=Eliminar organización
 settings.delete_account=Eliminar esta organización
 settings.delete_prompt=La organización será eliminada permanentemente. ¡Esta acción <strong>NO PUEDE</strong> deshacerse!
 settings.confirm_delete_account=Confirmar eliminación
-settings.delete_org_title=Eliminar organización
-settings.delete_org_desc=Esta organización se eliminará permanentemente. ¿Continuar?
 settings.hooks_desc=Añadir webhooks que serán ejecutados para <strong>todos los repositorios</strong> de esta organización.
 
 settings.labels_desc=Añadir etiquetas que pueden ser utilizadas en problemas para <strong>todos los repositorios</strong> bajo esta organización.
@@ -2554,7 +2446,6 @@ teams.remove_all_repos_title=Eliminar todos los repositorios del equipo
 teams.remove_all_repos_desc=Esto eliminará todos los repositorios del equipo.
 teams.add_all_repos_title=Añadir todos los repositorios
 teams.add_all_repos_desc=Esto añadirá todos los repositorios de la organización al equipo.
-teams.add_nonexistent_repo=El repositorio que estás intentando añadir no existe, por favor créalo primero.
 teams.add_duplicate_users=El usuario ya es miembro del equipo.
 teams.repos.none=Este equipo no tiene repositorios accesibles.
 teams.members.none=No hay miembros en este equipo.
@@ -2581,7 +2472,6 @@ repositories=Repositorios
 hooks=Webhooks
 integrations=Integraciones
 authentication=Orígenes de autenticación
-emails=Correos de usuario
 config=Configuración
 config_summary=Resumen
 config_settings=Configuración
@@ -2611,27 +2501,17 @@ dashboard.cron.cancelled=Cron: %[1]s cancelada: %[3]s
 dashboard.cron.error=Error en Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s ha finalizado
 dashboard.delete_inactive_accounts=Eliminar todas las cuentas inactivas
-dashboard.delete_inactive_accounts.started=Se ha iniciado la tarea: "Eliminar todas las cuentas inactivas".
 dashboard.delete_repo_archives=Eliminar todos los archivos del repositorio (ZIP, TAR.GZ, etc.)
-dashboard.delete_repo_archives.started=Se ha iniciado la tarea: "Eliminar todos los archivos del repositorios".
 dashboard.delete_missing_repos=Eliminar todos los repositorios que faltan sus archivos Git
-dashboard.delete_missing_repos.started=Se ha iniciado la tarea: "Eliminar todos los repositorios que faltan sus archivos Git".
 dashboard.delete_generated_repository_avatars=Eliminar avatares generados del repositorio
 dashboard.sync_repo_branches=Sincronizar ramas perdidas de datos git a bases de datos
 dashboard.update_mirrors=Actualizar réplicas
 dashboard.repo_health_check=Chequear de estado de salud de todos los repositorios
 dashboard.check_repo_stats=Comprobar todas las estadísticas de todos los repositorios
 dashboard.archive_cleanup=Eliminar archivos antiguos de los repositorios
-dashboard.deleted_branches_cleanup=Limpiar ramas eliminadas
 dashboard.update_migration_poster_id=Actualizar ID de usuario en migraciones
-dashboard.git_gc_repos=Ejecutar la recolección de basura en los repositorios
-dashboard.resync_all_sshkeys=Actualizar el archivo '.ssh/authorized_keys' con claves SSH de Gitea.
-dashboard.resync_all_sshprincipals=Actualizar el archivo '.ssh/authorized_principals' con los principales de certificado SSH de Gitea.
-dashboard.resync_all_hooks=Resincronizar los hooks de pre-recepción, actualización y post-recepción de todos los repositorios.
 dashboard.reinit_missing_repos=Reiniciar todos los repositorios Git faltantes de los que existen registros
 dashboard.sync_external_users=Sincronizar datos de usuario externo
-dashboard.cleanup_hook_task_table=Limpiar tabla hook_task
-dashboard.cleanup_packages=Limpieza de paquetes caducados
 dashboard.server_uptime=Tiempo de actividad del servidor
 dashboard.current_goroutine=Gorutinas actuales
 dashboard.current_memory_usage=Uso de memoria actual
@@ -2663,7 +2543,6 @@ dashboard.last_gc_pause=Última Pausa por GC
 dashboard.gc_times=Ejecuciones GC
 dashboard.update_checker=Buscador de actualizaciones
 dashboard.delete_old_system_notices=Borrar todos los avisos antiguos del sistema de la base de datos
-dashboard.gc_lfs=Recoger basura meta-objetos LFS
 dashboard.sync_branch.started=Sincronización de ramas iniciada
 dashboard.rebuild_issue_indexer=Reconstruir indexador de incidencias
 
@@ -2681,7 +2560,6 @@ users.2fa=2FA
 users.repos=Repositorios
 users.created=Creado
 users.last_login=Último registro
-users.never_login=Nunca registrado
 users.send_register_notify=Enviar notificación de registro de usuario
 users.new_success=Se ha creado la cuenta de usuario "%s".
 users.edit=Editar
@@ -2708,7 +2586,6 @@ users.still_own_repo=Este usuario todavía posee uno o más depósitos. Eliminar
 users.still_has_org=Este usuario es un miembro de una organización. Primero retire el usuario de cualquier organización.
 users.purge=Borrar usuario
 users.purge_help=Borrar forzosamente el usuario y cualquier repositorio, organización y paquete propiedad del usuario. Todos los comentarios también serán borrados.
-users.still_own_packages=Este usuario todavía posee uno o más paquetes, elimina estos paquetes primero.
 users.deletion_success=La cuenta de usuario ha sido eliminada.
 users.reset_2fa=Reiniciar 2FA
 users.list_status_filter.menu_text=Filtro
@@ -2728,11 +2605,7 @@ users.details=Detalles del usuario
 emails.email_manage_panel=Gestion de Correo del Usuario
 emails.primary=Principal
 emails.activated=Activado
-emails.filter_sort.email=Correo electrónico
-emails.filter_sort.email_reverse=Email (invertir)
-emails.filter_sort.name=Nombre de Usuario
-emails.filter_sort.name_reverse=Nombre de usuario (invertir)
-emails.updated=Email actualizado
+emails.filter_sort.name=Nombre de usuario
 emails.not_updated=Error al actualizar la dirección de correo electrónico solicitada: %v
 emails.duplicate_active=Esta dirección de correo está asignada a un usuario diferente.
 emails.change_email_header=Actualizar Propiedades de Correo
@@ -2846,26 +2719,18 @@ auths.oauth2_required_claim_name_helper=Establecer este nombre para restringir e
 auths.oauth2_required_claim_value=Valor de notificación requerida
 auths.oauth2_required_claim_value_helper=Establecer este valor para restringir el inicio de sesión de esta fuente a usuarios con una notificación (OAuth2 claim) con este nombre y valor
 auths.oauth2_group_claim_name=Nombre de notificación (OAuth2 claim) que proporciona nombres de grupo para esta fuente. (Opcional)
-auths.oauth2_admin_group=Valor de notificación de grupo para los usuarios administradores. (Opcional - requiere nombre de notificación arriba)
-auths.oauth2_restricted_group=Valor de notificación de grupo para usuarios restringidos. (Opcional - requiere nombre de notificación arriba)
-auths.oauth2_map_group_to_team=Mapear grupos reclamados a equipos de la organización. (Opcional - requiere nombre de reclamación arriba)
 auths.oauth2_map_group_to_team_removal=Eliminar usuarios de equipos sincronizados si el usuario no pertenece al grupo correspondiente.
 auths.enable_auto_register=Hablilitar Auto-Registro
 auths.sspi_auto_create_users=Crear usuarios automáticamente
-auths.sspi_auto_create_users_helper=Permitir al método de autenticación SSPI crear automáticamente nuevas cuentas para los usuarios que se conectan por primera vez
 auths.sspi_auto_activate_users=Activar los usuarios automáticamente
 auths.sspi_auto_activate_users_helper=Permitir al método de autenticación SSPI activar automáticamente los nuevos usuarios
 auths.sspi_strip_domain_names=Eliminar los nombres de dominio de nombres de usuario
-auths.sspi_strip_domain_names_helper=Si está marcado, los nombres de dominio se eliminarán de los nombres de inicio de sesión (por ejemplo, "DOMINIO\usuario" y "usuario@ejemplo.org" se convertirán en sólo "usuario").
 auths.sspi_separator_replacement=Separador a usar en lugar de \, / y @
-auths.sspi_separator_replacement_helper=El carácter a usar para reemplazar los separadores de los nombres de inicio de sesión de nivel inferior (por ejemplo, la \ en "DOMINIO\usuario") y en los nombres principales del usuario (por ejemplo, la @ en "user@example.org").
 auths.sspi_default_language=Idioma predeterminado del usuario
-auths.sspi_default_language_helper=Idioma predeterminado para los usuarios creados automáticamente por el método de autenticación SSPI. Deje vacío si prefiere que el idioma sea detectado automáticamente.
 auths.tips=Consejos
 auths.tips.oauth2.general=Autenticación OAuth2
 auths.tips.oauth2.general.tip=Al registrar una nueva autenticación de OAuth2, la URL de devolución de llamada/redirección debe ser:
 auths.tip.oauth2_provider=Proveedor OAuth2
-auths.tip.nextcloud=`Registre un nuevo consumidor OAuth en su instancia usando el siguiente menú "Configuración-> Seguridad-> cliente OAuth 2.0"`
 auths.tip.mastodon=Introduzca una URL de instancia personalizada para la instancia mastodon con la que desea autenticarse (o utilice la predeterminada)
 auths.edit=Editar origen de autenticación
 auths.activated=Este origen de autenticación ha sido activado
@@ -2908,8 +2773,6 @@ config.ssh_domain=Dominio del servidor SSH
 config.ssh_port=Puerto
 config.ssh_listen_port=Puerto de escucha
 config.ssh_root_path=Ruta raíz
-config.ssh_key_test_path=Ruta de la clave de prueba
-config.ssh_keygen_path=Ruta del generador de claves ('ssh-keygen')
 config.ssh_minimum_key_size_check=Tamaño mínimo de la clave de verificación
 config.ssh_minimum_key_sizes=Tamaños de clave mínimos
 
@@ -2967,7 +2830,6 @@ config.mailer_sendmail_path=Ruta de Sendmail
 config.mailer_sendmail_args=Argumentos adicionales por Sendmail
 config.mailer_sendmail_timeout=Tiempo de espera de Sendmail
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=Correo electrónico (ej. test@ejemplo.com)
 config.send_test_mail=Enviar prueba de correo
 config.send_test_mail_submit=Enviar
 config.test_mail_failed=Fallo al enviar un correo electrónico de prueba a "%s": %v
@@ -3047,7 +2909,6 @@ monitor.queue.numberinqueue=Número en cola
 monitor.queue.review_add=Revisar / Añadir Trabajadores
 monitor.queue.settings.title=Ajustes del grupo
 monitor.queue.settings.desc=Los grupos de trabajadores crecen dinámicamente en respuesta al bloqueo de cola de sus trabajadores.
-monitor.queue.settings.maxnumberworkers=Número máximo de trabajadores
 monitor.queue.settings.maxnumberworkers.placeholder=Actualmente %[1]d
 monitor.queue.settings.maxnumberworkers.error=El número máximo de trabajadores debe ser un número
 monitor.queue.settings.submit=Actualizar ajustes
@@ -3150,8 +3011,6 @@ error.no_committer_account=Ninguna cuenta vinculada a la dirección de correo el
 error.no_gpg_keys_found=No se encontró ninguna clave conocida en la base de datos para esta firma
 error.not_signed_commit=No es un commit firmado
 error.failed_retrieval_gpg_keys=No se pudo recuperar cualquier clave adjunta a la cuenta del committer
-error.probable_bad_signature=¡ADVERTENCIA! ¡Hay una clave con este ID en la base de datos, pero esa clave no verifica este commit! Este commit es SOSPECHOSO.
-error.probable_bad_default_signature=¡ADVERTENCIA! ¡La clave por defecto tiene este ID pero esa clave no verifica este commit! Este commit es SOSPECHOSO.
 
 [units]
 unit=Unidad
@@ -3188,7 +3047,6 @@ versions=Versiones
 versions.view_all=Ver todo
 dependency.id=Id.
 dependency.version=Versión
-alpine.registry=Configura este registro agregando la url en tu archivo <code>./apk/repositories</code>:
 alpine.registry.key=Descargue la clave RSA pública del registro en la carpeta <code>./apk/keys/</code> para verificar la firma del índice:
 alpine.registry.info=Seleccione $branch y $repository de la siguiente lista.
 alpine.install=Para instalar el paquete, ejecute el siguiente comando:
@@ -3199,18 +3057,13 @@ alpine.repository.architectures=Arquitecturas
 arch.repository=Información del repositorio
 arch.repository.repositories=Repositorios
 arch.repository.architectures=Arquitecturas
-cargo.registry=Configurar este registro en el archivo de configuración de Cargo (por ejemplo <code>~/.cargo/config.toml</code>):
 cargo.install=Para instalar el paquete usando Cargo, ejecute el siguiente comando:
-chef.registry=Configura este registro en tu archivo <code>~/.chef/config.rb</code>:
 chef.install=Para instalar el paquete, ejecute el siguiente comando:
-composer.registry=Configura este registro en el archivo <code>~/.composer/config.json</code>:
 composer.install=Para instalar el paquete usando Composer, ejecute el siguiente comando:
 composer.dependencies=Dependencias
 composer.dependencies.development=Dependencias de desarrollo
 conan.details.repository=Repositorio
-conan.registry=Configurar este registro desde la línea de comandos:
 conan.install=Para instalar el paquete usando Conan, ejecuta el siguiente comando:
-conda.registry=Configura este registro como un repositorio Conda en tu archivo <code>.condarc</code>:
 conda.install=Para instalar el paquete usando Conda, ejecute el siguiente comando:
 container.details.type=Tipo de imagen
 container.details.platform=Plataforma
@@ -3220,9 +3073,7 @@ container.layers=Capas de imagen
 container.labels=Etiquetas
 container.labels.key=Clave
 container.labels.value=Valor
-cran.registry=Configurar este registro en su archivo <code>Rprofile.site</code>:
 cran.install=Para instalar el paquete, ejecute el siguiente comando:
-debian.registry=Configurar este registro desde la línea de comandos:
 debian.registry.info=Seleccione $distribution y $component de la siguiente lista.
 debian.install=Para instalar el paquete, ejecute el siguiente comando:
 debian.repository=Información del repositorio
@@ -3231,16 +3082,11 @@ debian.repository.components=Componentes
 debian.repository.architectures=Arquitecturas
 generic.download=Descargar paquete desde la línea de comandos:
 go.install=Instalar el paquete desde la línea de comandos:
-helm.registry=Configurar este registro desde la línea de comandos:
 helm.install=Para instalar el paquete, ejecute el siguiente comando:
-maven.registry=Configure este registro en su proyecto <code>pom.xml</code> archivo:
-maven.install=Para usar el paquete incluya lo siguiente en el bloque <code>dependencias</code> en el archivo <code>pom.xml</code>:
 maven.install2=Ejecutar vía línea de comandos:
 maven.download=Para descargar la dependencia, ejecute vía línea de comandos:
-nuget.registry=Configurar este registro desde la línea de comandos:
 nuget.install=Para instalar el paquete usando NuGet, ejecute el siguiente comando:
 nuget.dependency.framework=Marco de destino
-npm.registry=Configura este registro en tu proyecto <code>.npmrc</code> archivo:
 npm.install=Para instalar el paquete usando npm, ejecute el siguiente comando:
 npm.install2=o añádelo al archivo package.json:
 npm.dependencies=Dependencias
@@ -3251,7 +3097,6 @@ npm.details.tag=Etiqueta
 pub.install=Para instalar el paquete usando Dart, ejecute el siguiente comando:
 pypi.requires=Requiere Python
 pypi.install=Para instalar el paquete usando pip, ejecute el siguiente comando:
-rpm.registry=Configurar este registro desde la línea de comandos:
 rpm.distros.redhat=en distribuciones basadas en RedHat
 rpm.distros.suse=en distribuciones basadas en SUSE
 rpm.install=Para instalar el paquete, ejecute el siguiente comando:
@@ -3263,7 +3108,6 @@ rubygems.dependencies.runtime=Dependencias en tiempo de ejecución
 rubygems.dependencies.development=Dependencias de desarrollo
 rubygems.required.ruby=Requiere versión Ruby
 rubygems.required.rubygems=Requiere la versión de RubyGem
-swift.registry=Configurar este registro desde la línea de comandos:
 swift.install=Añade el paquete en tu archivo <code>Package.swift</code>:
 swift.install2=y ejecuta el siguiente comando:
 vagrant.install=Para añadir un paquete Vagrant, ejecuta el siguiente comando:
@@ -3286,7 +3130,6 @@ owner.settings.cargo.initialize.success=El índice de Cargo se ha creado correct
 owner.settings.cargo.rebuild=Reconstruir índice
 owner.settings.cargo.rebuild.description=Reconstruir puede ser útil si el índice no se sincroniza con los paquetes de Cargo almacenados.
 owner.settings.cargo.rebuild.error=Fallo al reconstruir el índice de Cargo: %v
-owner.settings.cargo.rebuild.success=El índice de Cargo se ha reconstruido correctamente.
 owner.settings.cleanuprules.title=Administrar reglas de limpieza
 owner.settings.cleanuprules.add=Añadir regla de limpieza
 owner.settings.cleanuprules.edit=Editar regla de limpieza
@@ -3315,12 +3158,13 @@ owner.settings.chef.keypair.description=Un par de claves es necesario para auten
 secrets=Secretos
 description=Los secretos pasarán a ciertas acciones y no se podrán leer de otro modo.
 none=Todavía no hay secretos.
-creation=Añadir secreto
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Descripción
 creation.name_placeholder=sin distinción de mayúsculas, solo carácteres alfanuméricos o guiones bajos, no puede empezar por GITEA_ o GITHUB_
 creation.value_placeholder=Introduce cualquier contenido. Se omitirá el espacio en blanco en el inicio y el final.
-creation.success=El secreto "%s" ha sido añadido.
-creation.failed=Error al añadir secreto.
+
+
 deletion=Eliminar secreto
 deletion.description=Eliminar un secreto es permanente y no se puede deshacer. ¿Continuar?
 deletion.success=El secreto ha sido eliminado.
@@ -3368,7 +3212,6 @@ runners.delete_runner=Eliminar este nodo
 runners.delete_runner_success=Nodo eliminado con éxito
 runners.delete_runner_failed=Fallo al eliminar el nodo
 runners.delete_runner_header=Confirma para eliminar el nodo
-runners.delete_runner_notice=Si una tarea se está ejecutando en este nodo, se terminará y marcará como fallida. Puede romper el flujo de trabajo en curso.
 runners.none=No hay nodos disponibles
 runners.status.unspecified=Desconocido
 runners.status.idle=Inactivo
diff --git a/options/locale/locale_fa-IR.ini b/options/locale/locale_fa-IR.ini
index 5c96cea8f6..023a3ed2ea 100644
--- a/options/locale/locale_fa-IR.ini
+++ b/options/locale/locale_fa-IR.ini
@@ -145,16 +145,10 @@ path=مسیر
 sqlite_helper=مسیر �ایل برای دیتابیس SQLite3. <br>اگر گیتی را به عنوان یک سرویس اجرا میکنید، یک مسیر کامل وارد کنید.
 reinstall_error=شما در حال تلاش هستید برای نصب روی یک پایگاه داده Gitea که موجود است
 reinstall_confirm_message=نصب مجدد با پایگاه داده Gitea موجود می تواند مشکلات متعددی ایجاد کند. در بیشتر موارد، باید از "app.ini" موجود خود برای اجرای Gitea است�اده کنید. اگر می دانید چه کاری انجام می دهید، موارد زیر را تأیید کنید:
-reinstall_confirm_check_1=ممکن است داده‌های رمزگذاری‌شده توسط SECRET_KEY در app.ini از بین بروند: کاربران ممکن است نتوانند با 2FA/OTP وارد سیستم شوند و mirror ها ممکن است به درستی کار نکنند. با علامت زدن این کادر تأیید می کنید که �ایل app.ini �علی حاوی SECRET_KEY صحیح است.
-reinstall_confirm_check_2=ممکن است لازم باشد مخازن و تنظیمات مجدداً همگام شوند. با علامت زدن این کادر تأیید می‌کنید که قلاب‌های مخازن و �ایل autorized_keys را به صورت دستی مجدداً همگام‌سازی می‌کنید. شما تأیید می کنید که از درست بودن تنظیمات مخزن و آینه اطمینان حاصل می کنید.
 reinstall_confirm_check_3=شما تأیید می کنید که کاملاً مطمئن هستید که این Gitea با مکان صحیح app.ini اجرا می شود و مطمئن هستید که باید دوباره نصب کنید. شما تأیید می کنید که خطرات �وق را تأیید می کنید.
 err_empty_db_path=مسیر دیتابیس SQLite3 نمیتواند خالی باشد.
 no_admin_and_disable_registration=شما بدون ایجاد حساب‌ کاربری مدیر نمی‌توانید عضویت را غیر �عال کنید.
 err_empty_admin_password=کلمه عبور حساب مدیر نمی تواند خالی باشد.
-err_empty_admin_email=رایانامه (ایمیل) مدیر نمی تواند خالی باشد.
-err_admin_name_is_reserved=نام کاربری مدیر اشتباه است. نام کاربری قبلا است�اده شده است
-err_admin_name_pattern_not_allowed=نام کاربری مدیر اشتباه است. نام کاربری قبلا است�اده شده است
-err_admin_name_is_invalid=نام کابری مدیر اشتباه است
 
 general_title=تنظیمات عمومی
 app_name=عنوان سایت
@@ -169,7 +163,6 @@ domain_helper=آدرس میزبان یا دامنه برای سرور.
 ssh_port=پورت SSH سرور
 ssh_port_helper=شماره درگاهی که سرور SSH گوش می دهد. برای غیر �عال کردن خالی بگذارید.
 http_port=پورت HTTP گیتی
-http_port_helper=پورت سرور وب گیتی.
 app_url=آدرس پایه گیتی
 app_url_helper=آدرس پایه برای URLهای اجماع HTTP(S) و هشدار های رایانامه (ایمیل).
 log_root_path=مسیر گزارش‌ها
@@ -276,7 +269,6 @@ allow_password_change=نیاز به کاربر برای تغییرگذرواژه
 reset_password_mail_sent_prompt=ایمیل تاییدیه جدیدی به <b>%s</b> ارسال شد. لط�ا صندوق ورودی خود را در %s آینده برای �رآیند بازیابی حساب کاربری خود بررسی کنید.
 active_your_account=حساب خود را �عال کنید
 account_activated=حساب �عال شده است
-prohibit_login=ورود به سیستم ممنوع است
 resent_limit_prompt=با عرض پوزش، شما به تازگی یک ایمیل �عالسازی را درخواست کرده اید. لط�ا سه دقیقه منتظر بمانید سپس درخواست خود را تکرار کنید.
 has_unconfirmed_mail=سلام %s, شما آدرس ایمیل (<b>%s</b>) را تایید نکرده اید. لط�ا اگر شما ایمیلی دریا�ت نکرداید و یا نیاز به ارسال دوباره دارید، بر روید دکمه زیر کلیک نمایید.
 resend_mail=برای ارسال نامه �عال سازی اینجا را کلیک کنید
@@ -306,13 +298,10 @@ openid_connect_title=اتصال به حساب های موجود
 openid_connect_desc=نشانی OpenID URI وارد شده شناخته نشد. آن را با یک حساب جدید متصل کنید.
 openid_register_title=ایجاد یک حساب جدید
 openid_register_desc=نشانی URI وارد شده شناخته نشد. آن را با یک حساب جدید متصل کنید.
-disable_forgot_password_mail=بازیابی حساب به دلیل عدم تعیین آدرس ایمیل غیر�عال شده است. لط�ا با مدیر سایت تماس بگیرید.
-disable_forgot_password_mail_admin=بازیابی حساب وقتی ممکن است که ایمیل تنظیم شده باشد. لط�ا ایمیل را ثبت کنید تا بازیابی حساب �عال شود.
 email_domain_blacklisted=شما نمیتوانید با ایمیل خود ثبت نام کنید.
 authorize_application=برنامه احراز هویت
 authorize_redirect_notice=اگر شما این برنامه را تایید کنید، به %s منتقل خواهید شد.
 authorize_application_created_by=این برنامه توسط %s ساخته شده است.
-authorize_application_description=اگر شما دسترسی داشته باشید. میتوانید تمامی �یلد های حساب کاربری خود را تغییر دهید. از جمله مخازن و سازمان های خصوصی.
 authorize_title=تاییدیه "%s" برای دسترسی به اکانت شما؟
 authorization_failed=احراز هویت انجام نشد
 sspi_auth_failed=SSPI عدم احراز هویت
@@ -332,8 +321,6 @@ activate_email=نشانی ایمیل خود را تایید کنید
 activate_email.text=لط�اً روی پیوند زیر کلیک کنید تا رایانامه‌ی خود را در <b>%s</b> تأیید کنید:
 
 register_notify.title=%[1]s، به %[2]s خوش‌آمدید
-register_notify.text_1=این رایانامه‌ی تأیید عضویت شما در %s است!
-register_notify.text_2=حالا شما می‌توانید با نام کاربری وارد شوید: %s.
 register_notify.text_3=اگر این حساب برای شما ایجاد شده، لط�اً ابتدا <a href="%s">گذرواژه‌ی خود را تنظیم کنید</a>.
 
 reset_password=حساب خود را دوباره �عال کنید
@@ -371,7 +358,6 @@ release.download.targz=کد منبع (TAR.GZ)
 repo.transfer.subject_to=%s می‌خواهد "%s" را به %s منتقل کند
 repo.transfer.subject_to_you=%s می‌خواهد %s را به شما منتقل کند
 repo.transfer.to_you=شما
-repo.transfer.body=برای تایید یا رد آن %s را ببینید یا �قط بیخیالش شوید.
 
 repo.collaborator.added.subject=%s شما را به پروژه %s اضا�ه کرد
 repo.collaborator.added.text=شما به عنوان مشارکت‌کننده در این مخزن اضا�ه شدید:
@@ -425,11 +411,9 @@ username_been_taken=این نام کاربری قبلا ثبت شده است.
 username_change_not_local_user=کاربران غیر بومی مجاز به تغییر نام‌کاربری نیستند.
 repo_name_been_taken=نام مخزن قبلا ثبت شده است.
 repository_files_already_exist=در حال حاضر این �ایل در این مخزن موجود است. با مدیر سیستم خود تماس بگیرید.
-repository_files_already_exist.adopt=این �ایل در این مخزن موجود است و �قط میتوان از آن است�اده کرد.
 repository_files_already_exist.delete=�ایل‌ها در این مخزن موجود است. ابتدا باید آن را پاک کنید.
 repository_files_already_exist.adopt_or_delete=این �ایل در این مخزن موجود است. یا از آن است�اده کرده یا آن را پاک کنید.
 visit_rate_limit=دسترسی نشانی ثبت شده دارای نرخ محدودیت است.
-2fa_auth_required=دسترسی از راه دور بازدید نیازمند دو روش احراز هویت است.
 org_name_been_taken=نام سازمان قبلا ثبت شده است.
 team_name_been_taken=نام تیم قبلا ثبت شده است.
 team_no_units_error=اجازه دسترسی به حداقل یک بخش مخزن.
@@ -541,7 +525,6 @@ activate_email=ارسال �عال‌سازی
 activations_pending=کد‌های �عال‌سازی در انتظار
 delete_email=حذ�
 email_deletion=حذ� نشانی ایمیل
-email_deletion_desc=نشانی ایمیل و اطلاعات مربوطه از حساب شما حذ� خواهد شد. تمامی کامیت ها توسط این نشانی ایمیل بدون تغییر باقی می ماند. ادامه می دهید؟
 email_deletion_success=آدرس ایمیل شما حذ� شده است.
 theme_update_success=پوسته شما آپدیت شد.
 theme_update_error=پوسته انتخاب شده موجود نیست.
@@ -582,7 +565,6 @@ gpg_key_matched_identities_long=هویت های جاسازی شده در این
 gpg_key_verified=کلید تأیید شده
 gpg_key_verified_long=کلید با یک ژتون تأیید شده است و می تواند برای تأیید کامیت‌هایی که مطابق با آدرس ایمیل �عال شده برای این کاربر است، علاوه بر هویت‌های منطبق با این کلید، است�اده شود.
 gpg_key_verify=اعتبارسنجی
-gpg_invalid_token_signature=کلید GPG ارائه شده، امضا و ژتون به هم نمی‌خورند یا ژتون تاریخ‌گذشته است.
 gpg_token_required=باید یک امضا برای ژتون زیر ارائه کنید
 gpg_token=توکن
 gpg_token_help=با این میتوانید یک امضاء بسازید:
@@ -604,7 +586,6 @@ gpg_key_deletion=حذ� کلید GPG
 ssh_principal_deletion=گواهی SSH اصلی را حذ� کنید
 ssh_key_deletion_desc=حذ� کلید SSH خود دسترسی به حساب خود را لغو می شود. ادامه می دهید؟
 gpg_key_deletion_desc=حذ� کلید GPG تمامی commit های که با این کلید زده‎اید را غیر معتبر میکند. آیا ادامه می‎دهید؟
-ssh_principal_deletion_desc=حذ� یک کلید SSH اصلی، تمامی دسترسی‌ها به حساب کاربری را می‌گیرد. ادامه می‌دهید؟
 ssh_key_deletion_success=کلید SSH حذ� شد.
 gpg_key_deletion_success=کلید GPG حذ� شد.
 ssh_principal_deletion_success=کلید SSH اصلی حذ� شد.
@@ -657,12 +638,10 @@ oauth2_application_create_description=برنامه‎های OAuth2 این امک
 authorized_oauth2_applications=برنامه OAuth2 تایید شد
 revoke_key=ابطال
 revoke_oauth2_grant=ابطال دسترسی
-revoke_oauth2_grant_description=لغو دسترسی برای این برنامه شخص ثالث از دسترسی این برنامه به داده های شما جلوگیری می کند. شما مطمئن هستید؟
 
 twofa_is_enrolled=احراز هویت دو مرحله ای برای حساب شما <strong>اجرا</strong>میشود.
 twofa_not_enrolled=حساب کاربری شما اکنون احراز هویت دو مرحله ای ندارد.
 twofa_disable=غیر�عال‌کردن احراز هویت دو مرحله ای
-twofa_enroll=�عال‌کردن احراز هویت دوگانه
 twofa_disable_note=در صورت لزوم، شما می توانید احراز هویت دو مرحله ای را غیر �عال کنید.
 twofa_disable_desc=غیر �عال کردن احراز هویت دو مرحله ای امنیت حساب کاربری شما را کمتر می‌کند. آیا ادامه می‌دهید؟
 twofa_disabled=احراز هویت دو مرحله ای غیر �عال گشت.
@@ -675,7 +654,6 @@ twofa_failed_get_secret=خطا در دریا�ت رمز.
 
 manage_account_links=مدیریت حساب های مرتبط شده
 manage_account_links_desc=این حساب های خارجی به حساب Gitea ارتباط دارد.
-account_links_not_available=اکنون دیگر هیچ پیوند حساب‌های کاربری خارجی به حساب کاربری شما وجود ندارد.
 link_account=پیوند به حساب
 remove_account_link=حذ� حساب پیوند خرده
 remove_account_link_desc=با حذ� پیوند خارجی حساب کاربری دسترسی شما به حساب کابریتان توسط آن از بین میرود. آیا ادامه می‌دهید؟
@@ -753,7 +731,6 @@ mirror_address_desc=هر گونه اعتبار مورد نیاز را در قسÙ
 mirror_lfs=ذخیره سازی �ایل های بزرگ(LFS)
 mirror_lfs_desc=انعکاس داده های LFS را �عال کنید.
 mirror_lfs_endpoint=نشانهای پایانی LFS
-mirror_lfs_endpoint_desc=همگام‌سازی سعی می‌کند از آدرس اینترنتی کلون برای <a target="_blank" rel="noopener noreferrer" href="%s">تعیین سرور LFS</a> است�اده کند. همچنین اگر داده های LFS مخزن در جای دیگری ذخیره شده باشد، می توانید یک نقطه پایانی س�ارشی را مشخص کنید.
 mirror_last_synced=آخرین همگام سازی
 mirror_password_placeholder=(بدون تغییر)
 mirror_password_blank_placeholder=(تنظیم نشده)
@@ -764,7 +741,6 @@ forks=انشعاب‌ها
 reactions_more=و %d بیشتر
 unit_disabled=مدیر سایت این قسمت مخزن را غیر�عال کرده است.
 language_other=دیگر
-adopt_search=نام کاربری را برای جستجو در مخازن بدون دسترسی وارد کنید... (برای جستجوی همه موارد خالی بگذارید)
 adopt_preexisting_label=�ایلهای پذیرش یا�ته
 adopt_preexisting=�ایلهای موجود برای پذیرش
 adopt_preexisting_content=ایجاد مخزن از %s
@@ -821,14 +797,12 @@ migrate.clone_address=انتقال / همسان‌سازی از نشانی
 migrate.clone_address_desc=HTTP(S) or Git 'همسان‌سازی' نشانی‌های موجود در این مخزن
 migrate.clone_local_path=یا مسیر سرویس دهنده محلی
 migrate.permission_denied=شما مجاز به واردات مخازن محلی نیستید.
-migrate.permission_denied_blocked=نمی‌توانید از میزبان‌های غیرمجاز وارد کنید، لط�اً از سرپرست بخواهید تنظیمات ALLOWED_DOMAINS / ALLOW_LOCALNETWORKS / BLOCKED_DOMAINS را بررسی کند.
 migrate.invalid_lfs_endpoint=نقطه پایانی LFS معتبر نیست
 migrate.failed=انتقال انجام نشد: %v
 migrate.migrate_items_options=نشانی دسترسی برای مهاجرت موارد اضا�ی مورد نیاز است
 migrated_from=مهاجرت از <a href="%[1]s">%[2]s</a>
 migrated_from_fake=مهاجرت از %[1]s
 migrate.migrate=مهاجرت از %s
-migrate.migrating=مهاجرت از <b>%s</b> ...
 migrate.migrating_failed=مهاجرت از <b>%s</b> نامو�ق بود.
 migrate.migrating_failed_no_addr=مهاجرت نامو�ق بود.
 migrate.git.description=کوچ یک مخزن �قط از یک سرویس Git.
@@ -864,7 +838,6 @@ quick_guide=راهنمای سریع
 clone_this_repo=همسان‌سازی این مخزن
 create_new_repo_command=ایجاد یک مخزن جدید در خط �رمان
 push_exist_repo=درج تغییرات مخزن موجود از خط �رمان
-empty_message=این مخزن هنوز هیچ محتوایی ندارد.
 
 code=کد
 code.desc=دسترسی به کدهای منبع، �ایل‎ها، کامیت های و شاخه ها.
@@ -879,7 +852,6 @@ issues=مسائل
 pulls=تقاضاهای واکشی
 projects=پروژه‌ها
 labels=برچسب‌ها
-org_labels_desc=برچسب های سطح سازمان که می توانند برای <strong>تمامی مخازن</strong> ذیل این سازمان است�اده شوند
 org_labels_desc_manage=مدیریت
 
 milestones=نقاط عط�
@@ -900,7 +872,6 @@ file_too_large=حجم این پرونده بیشتر از آن است Ú©Ù‡ قاØ
 file_copy_permalink=پرمالینک را کپی کنید
 video_not_supported_in_browser=مرورگر شما از تگ video که در HTML5 تعری� شده است، پشتیبانی نمی کند.
 audio_not_supported_in_browser=مرورگر شما از تگ audio که در HTML5 تعری� شده است، پشتیبانی نمی کند.
-stored_lfs=ذخیره شده با GIT LFS
 symbolic_link=پیوند نمادین
 commit_graph=نمودار کامیت
 commit_graph.select=انتخاب برنچها
@@ -944,13 +915,13 @@ editor.file_changed_while_editing=محتوای پرونده تغییر میکنØ
 editor.commit_empty_file_header=کامیت کردن یک پرونده خالی
 editor.commit_empty_file_text=�ایلی که درخواست ارسال دارید خالی است. ادامه بدم?
 editor.no_changes_to_show=تغییری برای نمایش وجود ندارد.
-editor.fail_to_update_file_summary=متن خطا:
 editor.push_rejected_summary=متن کامل پیام دلیل رد شدن:
 editor.add_subdir=ا�زودن پوشه…
 editor.no_commit_to_branch=نمی‌توان به طور مستقیم درمورد شاخه نطر داد زیرا:
 editor.user_no_push_to_branch=کاربر نمیتواند به شاخه ارسال کند
 editor.require_signed_commit=شاخه یک کامیت امضا شده لازم دارد
 
+
 commits.desc=تاریخچه تغییرات کد منبع را مرور کنید.
 commits.commits=کامیت‌ها
 commits.nothing_to_compare=این شاخه ها برابرند.
@@ -1059,7 +1030,6 @@ issues.filter_label_no_select=تمامی برچسب‎ها
 issues.filter_milestone=نقطه عط�
 issues.filter_project_none=هیچ پروژه ثبت نشده
 issues.filter_assignee=مسئول رسیدگی
-issues.filter_assginee_no_assignee=بدون مسئول رسیدگی
 issues.filter_type=نوع
 issues.filter_type.all_issues=همه مسائل
 issues.filter_type.assigned_to_you=به شما محول شده
@@ -1069,7 +1039,6 @@ issues.filter_type.review_requested=بررسی درخواست ها
 issues.filter_sort=مرتب‌سازی
 issues.filter_sort.latest=جدیدترین
 issues.filter_sort.oldest=قدیمی‌ترین
-issues.filter_sort.recentupdate=اخیراً به روز شده
 issues.filter_sort.leastupdate=به تازگی به‎روز شده
 issues.filter_sort.mostcomment=بیشترین دیدگاه‌ها
 issues.filter_sort.leastcomment=کمترین دیدگاه‌ها
@@ -1147,7 +1116,6 @@ issues.subscribe=مشترک شدن
 issues.unsubscribe=لغو اشتراک
 issues.lock=ق�ل کردن مکالمه
 issues.unlock=بازکردن مکالمه
-issues.lock.unknown_reason=نمیتوانید این موضوع را بدون دلیل ببندید.
 issues.lock_duplicate=یک مسئله دومرتبه نمی‎تواند بسته شود.
 issues.unlock_error=این مسئله نمی‎تواند باز شود لذا ق�ل نشده بود.
 issues.lock_with_reason=ق�ل شده با عنوان <strong>%s</strong> و مکالمه همکاران %s محدود شده است
@@ -1155,7 +1123,6 @@ issues.lock_no_reason=Ù‚Ù�Ù„ شده Ùˆ مکالمه برای همکاران %s Ù
 issues.unlock_comment=باز کردن این مکالمه %s
 issues.lock_confirm=ق�ل کردن
 issues.unlock_confirm=ر�ع انسداد
-issues.lock.notice_1=- دیگر کاربران نمی‎توانند یک مول�ه جدید به مسئله اضا�ه کنند.
 issues.lock.notice_2=- شما و سایر همکاران با دسترسی به این مخزن هنوز می‌توانید اظهار نظر کنید و سایرین آن را مشاهده می‌کنند.
 issues.lock.notice_3=- شما همیشه می‎توانید مجدداً در آینده این مسئله را باز کنید.
 issues.unlock.notice_1=- همه می توانند بار دیگر درباره این موضوع اظهارنظر کنند.
@@ -1206,8 +1173,6 @@ issues.dependency.pr_closing_blockedby=بستن این درخواست کشش بØ
 issues.dependency.issue_closing_blockedby=بستن این مورد توسط موارد زیر مسدود شده است
 issues.dependency.issue_close_blocks=این مسئله با توجه به موضوعات مطرح شده مسدود شده است
 issues.dependency.pr_close_blocks=این تقاضای واکشی با توجه به موضوعات مطرح شده مسدود شده است
-issues.dependency.issue_close_blocked=شما نیاز به بستن تمامی مسائل مسدود شده مسئله قبل بستن آن هستید.
-issues.dependency.pr_close_blocked=شما می بایستی تمامی مسائل این تقاضای واکشی را ببنید تا بتوانید آن را ادغام کنید.
 issues.dependency.blocks_short=بلوک‌ها
 issues.dependency.blocked_by_short=وابسته به
 issues.dependency.remove_header=حذ� وابستگی
@@ -1218,12 +1183,10 @@ issues.dependency.add_error_same_issue=شما نمی‌توانید این مسØ
 issues.dependency.add_error_dep_issue_not_exist=مسئله وابسته وجود ندارد.
 issues.dependency.add_error_dep_not_exist=وابستگی وجود ندارد.
 issues.dependency.add_error_dep_exists=این وابستگی پیش از این وجود داشته است.
-issues.dependency.add_error_cannot_create_circular=شما نمی‌توانید دو مسئله را که به دیگر مسائل وابسته می‌شوند را وابسته کنید.
 issues.dependency.add_error_dep_not_same_repo=هر دو موضوع باید از یک مخزن باشند.
 issues.review.self.approval=شما نمی‌توانید تقاضای واکشی خود را تایید کنید.
 issues.review.self.rejection=شما نمی‌توانید تقاضا تغییرات تقاضای واکشی خود را تغییر دهید.
 issues.review.approve=این تغییرات را تایید شدند %s
-issues.review.dismissed=بررسی %s %s را رد شده
 issues.review.dismissed_label=رها شده
 issues.review.left_comment=یک نظر ثبت کرد
 issues.review.content.empty=شما می‌بایستی در مورد تقاضای تغییرات اظهار نظر کنید.
@@ -1231,7 +1194,6 @@ issues.review.reject=تقاضا شد برای تغییر %s
 issues.review.wait=%s درخواست بازبینی کرده است
 issues.review.add_review_request=از %s %s درخواست بازبینی کرد
 issues.review.remove_review_request=برای %s %s درخواست بازبینی را حذ� کرد
-issues.review.remove_review_request_self=%s از بازبینی خودداری کرد
 issues.review.pending=در انتظار
 issues.review.review=بازبینی
 issues.review.reviewers=بازبینی‌کنندگان
@@ -1244,7 +1206,6 @@ issues.review.resolve_conversation=مکالمه را بعنوان حل شده ع
 issues.review.un_resolve_conversation=مکالمه را بعنوان حل نشده علامت گذاری کردن
 issues.review.resolved_by=علامت گذاری این مکالمه بعنوان حل شده
 issues.review.commented=دیدگاه
-issues.assignee.error=به دلیل خطای غیرمنتظره همه تکالی� اضا�ه نشد.
 issues.reference_issue.body=Body
 issues.content_history.deleted=حذ� شده
 issues.content_history.edited=ویرایش شده
@@ -1287,7 +1248,6 @@ pulls.add_prefix=اضا�ه کردن پیشوند <strong>%s</strong>
 pulls.remove_prefix=حذ� پیشوند <strong>%s</strong>
 pulls.data_broken=این تقاضای واکشی به دلیل از دست ر�تن اطلاعات انشعاب با شکست مواجه شد.
 pulls.files_conflicted=این تقاضای واکشی دارای تغییراتی است که با شاخه هد� تداخل دارد.
-pulls.is_checking=در حال پردازش تداخل در ادغام می‌باشد. لط�اً لحظاتی بعد امتحان کنید.
 pulls.required_status_check_failed=برخی بررسی های ضروری مو�قیت آمیز نبود.
 pulls.required_status_check_missing=برخی بررسی های موردنیاز از قلم ا�تاده است.
 pulls.required_status_check_administrator=مثل یک مدیر، ممکن است شما این تقاضای واکشی را مسکوت بگذارید.
@@ -1302,28 +1262,20 @@ pulls.reject_count_1=%d درخواست تغییر
 pulls.reject_count_n=%d درخواست تغییر
 pulls.waiting_count_1=%d منتظر بازبینی
 pulls.waiting_count_n=%d منتظر بازبینی
-pulls.wrong_commit_id=commit id باید یک شناسه commit در شاخه هد� باشد
 
 pulls.no_merge_desc=این تقاضای واکشی قابل ادغام نیست لذا تمامی گزینه های ادغام مخزن غیر �عال هستند.
 pulls.no_merge_helper=گزینه های ادغام را در تنظیمات مخزن �عال کنید یا از تقاضای واکشی به صورت دستی ادغام نمایید.
 pulls.no_merge_wip=این تقاضای واکشی قابل ادغام نیست لذا اکنون به این مخزن درحال پردازش علامت گذاری شده است.
-pulls.no_merge_not_ready=این درخواست واکشی آماده ادغام نیست، وضعیت بازبینی را چک کنید.
 pulls.no_merge_access=شما مجاز به ادغام این درخواست واکشی نیستید.
 pulls.merge_pull_request=ایجاد commit ادغام
-pulls.rebase_merge_pull_request=Rebase سپس به fast-forward
-pulls.rebase_merge_commit_pull_request=Rebase کنید سپس commit merge را ایجاد کنید
 pulls.squash_merge_pull_request=ایجاد commit اسکواش
 pulls.merge_manually=بصورت دستی ادغام شد
 pulls.merge_commit_id=شماره کامیت ادغام
 pulls.require_signed_wont_sign=انشعاب نیازمند تغییرات امضا شده است اما این ادغام امضا نخواهد شد
 
 pulls.invalid_merge_option=شما نمی‌توانید از این گزینه برای تقاضای واکشی است�اده کنید.
-pulls.merge_conflict=ادغام نامو�ق بود: در حین ادغام مغایرت وجود داشت. نکته: استراتژی مت�اوتی را امتحان کنید
 pulls.merge_conflict_summary=پیغام خطا
-pulls.rebase_conflict=ادغام نامو�ق بود: در حین تغییر پایه، یک مغایرت وجود داشت: %[1]s. نکته: استراتژی مت�اوتی را امتحان کنید
 pulls.rebase_conflict_summary=پیام خطا
-pulls.unrelated_histories=ادغام نامو�ق: سر و پایه ادغام یک تاریخ مشترک ندارند. نکته: یک استراتژی مت�اوت را امتحان کنید
-pulls.merge_out_of_date=ادغام نامو�ق: در حالی که ادغام را ایجاد می کند ، پایگاه به روز شد. نکته: دوباره امتحان کنید.
 pulls.push_rejected_summary=پیام رد کامل
 pulls.open_unmerged_pull_exists=`شما نمی‌توانید یک عملیات را انجام داده یا بازگشایی نمایید لذا (#%d)  مورد تقاضای واکشی با ویژگی منحصر به �رد هنوز رسیدگی نشده (معلق) است. `
 pulls.status_checking=برخی از بررسی‎ها در حال تعلیق هستند
@@ -1441,7 +1393,6 @@ activity.title.releases_1=%d انتشار
 activity.title.releases_n=%d انتشار
 activity.title.releases_published_by=%s منشتر شده توسط %s
 activity.published_release_label=منتشر شده
-activity.no_git_activity=در این دوره �عالیت کامیتی ارسال نشده است.
 activity.git_stats_exclude_merges=به استثنای ادغام‎ها ،
 activity.git_stats_author_1=%d بانی
 activity.git_stats_author_n=%d بانی
@@ -1466,7 +1417,6 @@ activity.git_stats_deletion_n=%d مذحو�
 contributors.contribution_type.commits=کامیت‌ها
 
 settings=تنظيمات
-settings.desc=تنظیمات جایی است که شما می‌توانید تنظیمات مخزن خود را مدیریت کنید
 settings.options=مخزن
 settings.collaboration=همكار
 settings.collaboration.admin=مدیر
@@ -1518,7 +1468,6 @@ settings.pulls.enable_autodetect_manual_merge=ادغام دستی تشخیص Ø®Ù
 settings.pulls.default_delete_branch_after_merge=پس از ادغام به طور پیش �رض شاخه درخواست pull را حذ� کنید
 settings.admin_settings=تنظیمات مدیران
 settings.admin_enable_health_check=�عال کردن بررسی سلامت مخزن (git fsck)
-settings.admin_enable_close_issues_via_commit_in_any_branch=اسنداد یک مسئله با کامیت آن شاخه را با غیر پیش �رض تبدیل می‌کند
 settings.danger_zone=منطقه خطرناک
 settings.new_owner_has_same_repo=مالک جدید مخزن با همین نام است. لط�اً نام دیگری را انتخاب کنید.
 settings.convert=تبدیل به یک مخزن عادی
@@ -1538,7 +1487,6 @@ settings.transfer_abort=لغو انتقال
 settings.transfer_abort_invalid=شما نمی توانید یک انتقال انبار موجود را لغو کنید.
 settings.transfer_desc=انتقال مالکیت این مخزن به کاربر بانی یا سازمانی که شما حق مدیریت در آن دارید.
 settings.transfer_form_title=نام مخزن را برای تایید عمل خورد اینجا وارد کنید:
-settings.transfer_in_progress=در حال حاضر یک انتقال در حال انجام است. اگر می خواهید این انبار را به کاربر دیگری منتقل کنید، لط�اً آن را لغو کنید.
 settings.transfer_notices_1=- شما دسترسی خود را نسبت مخزن را از دست میدهید اگر مالکیت آن را به یک کاربری م�رد انتقال دهید.
 settings.transfer_notices_2=- شما دسترسی خود را نسبت مخزن را ح�ظ میکنید. اگر مالکیت آن را به یک سازمانی که در آن مالکیت دارید انتقال دهید.
 settings.transfer_notices_3=- اگر انبار خصوصی است و به یک کاربر جداگانه منتقل می شود، این عمل مطمئن می شود که کاربر حداقل مجوز خواندن را دارد (و در صورت لزوم مجوزها را تغییر می دهد).
@@ -1552,12 +1500,9 @@ settings.trust_model.default=مدل اعتماد پیش‌�رض
 settings.trust_model.default.desc=برای این نصب از مدل اعتماد انبار پیش �رض است�اده کنید.
 settings.trust_model.collaborator=Collaborator
 settings.trust_model.collaborator.long=Collaborator: اعتماد توسط همکاران امضا میکند
-settings.trust_model.collaborator.desc=امضاهای معتبر توسط همکاران این انبار با علامت "trusted" مشخص می شوند (خواه با committer مطابقت داشته باشند یا نه). در غیر این صورت، امضاهای معتبر در صورتی که امضا با committer مطابقت داشته باشد "untrusted" و در غیر این صورت "unmatched" علامت گذاری می شوند.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: به امضاهایی اعتماد کنید که با committer ها مطابقت دارند (این با GitHub مطابقت دارد و commit های امضا شده Gitea را مجبور می کند که Gitea را به عنوان committer داشته باشند)
 settings.trust_model.collaboratorcommitter=Collaborator+Committer
 settings.trust_model.collaboratorcommitter.long=Collaborator+Committer: به امضاهای collaborator ها که با committer مطابقت دارند اعتماد کنید
-settings.trust_model.collaboratorcommitter.desc=امضاهای معتبر توسط همکاران این مخزن در صورتی که با committer مطابقت داشته باشند، علامت "trusted" خواهند بود. در غیر این صورت، امضاهای معتبر در صورتی که امضا با committer مطابقت داشته باشد "untrusted" و در غیر این صورت "unmatched" علامت گذاری می شوند. این باعث می‌شود که Gitea به عنوان committer در commit‌های امضا شده با committer واقعی که به‌عنوان Co-Authored-By: و Co-Committed-By: تریلر در commit علامت‌گذاری شده است، علامت‌گذاری شود. کلید پیش‌�رض Gitea باید با یک کاربر در پایگاه داده مطابقت داشته باشد.
 settings.wiki_delete=حذ� اطلاعات دانشنامه
 settings.wiki_delete_desc=حذ� اطلاعات دانشنامه مخزن همیشگی بوده و قابل بازگشت نخواهد بود.
 settings.wiki_delete_notices_1=- این به صورت کامل حذ� خواهد کرد و دانشنامه این برای محزن %s غیر �عال می‌کند.
@@ -1566,7 +1511,6 @@ settings.wiki_deletion_success=اطلاعات دانشنامه این محزن Ø
 settings.delete=حذ� این مخزن
 settings.delete_desc=حذ� مخزن همیشگی بوده و قابل بازگشت نخواهد بود.
 settings.delete_notices_1=این عملیات <strong>غیرقابل</strong> برگشت است.
-settings.delete_notices_2=این عملیات برای همیشه مخزن <strong>%s</strong> از بین می‌برد تیز مشمول کد و مسائل، دیدگاه‌ها، دانشنامه، همکاران و تنظیمات نیز می‌شود.
 settings.delete_notices_fork_1=- پس از حذ� مخازن منشعب شده به صورت مستقل تبدیل می‌شود.
 settings.deletion_success=مخزن مورد نظر حذ� شد.
 settings.update_settings_success=تنظیمات این مخزن به‌روز شد.
@@ -1585,8 +1529,6 @@ settings.team_not_in_organization=تیم همانند ارگان برای این
 settings.teams=تیم ها
 settings.add_team=ا�زودن تیم
 settings.add_team_duplicate=تیم پیش از این مخزن داشته
-settings.add_team_success=تیم هم‌اکنون به مخزن دسترسی دارد.
-settings.change_team_permission_tip=دسترسی تیم در ص�حه تنظیمات تیم انجام شده و برای هر مخزن نمی تواند تغییر یابد
 settings.delete_team_tip=این تیم به تمامی مخازن دسترسی دارد و نمی تواند حذ� شود
 settings.remove_team_success=دسترسی تیم به مخزن حذ� شد.
 settings.add_webhook=اضا�ه‌کردن Webhook
@@ -1595,8 +1537,6 @@ settings.hooks_desc=هوک تحت وب به صورت خودکار درخواست
 settings.webhook_deletion=حذ� Webhook
 settings.webhook_deletion_desc=حذ� هوک تحت وب موجب حذ� تنظیمات آن و تاریخچه تحویل آن می‌شود. همچنان ادامه می‌دهید؟
 settings.webhook_deletion_success=هوک تحت وب حذ� شد.
-settings.webhook.test_delivery=امتحان‌کردن تحویل
-settings.webhook.test_delivery_desc=Webhook را با رویداد جعلی امتحان کنید.
 settings.webhook.request=درخواست
 settings.webhook.response=پاسخ
 settings.webhook.headers=سربرگ‎ها
@@ -1636,7 +1576,6 @@ settings.event_repository=مخزن
 settings.event_repository_desc=مخزن ساخته یا حذ� شد.
 settings.event_header_issue=رویدادهای مساله
 settings.event_issues=مسائل
-settings.event_issues_desc=مساله باز شد، بسته شد، دوباره باز شد، یا ویرایش شد.
 settings.event_issue_assign=مساله تعیین شد
 settings.event_issue_assign_desc=مساله واگذار شده یا واگذار نشده است.
 settings.event_issue_label=مساله برجسب خورد
@@ -1647,7 +1586,6 @@ settings.event_issue_comment=دیدگاه های مسئله
 settings.event_issue_comment_desc=نظر در مسئله ایجاد شد، ویرایش شد یا حذ� شد.
 settings.event_header_pull_request=رویداد های درخواست pull
 settings.event_pull_request=تقاضای واکشی
-settings.event_pull_request_desc=درخواست pull باز شد، بسته شد، دوباره باز شد، یا ویرایش شد.
 settings.event_pull_request_assign=درخواست pull واگذار شد
 settings.event_pull_request_assign_desc=درخواست pull واگذاری شده یا واگذاری نشده.
 settings.event_pull_request_label=درخواست pull برچسب دار شد
@@ -1752,11 +1690,9 @@ settings.lfs_invalid_locking_path=مسیر ناصحیح: %s
 settings.lfs_invalid_lock_directory=نمیتوان این پوشه را ق�ل کرد: %s
 settings.lfs_lock_already_exists=ق�ل پیش از این بود: %s
 settings.lfs_lock=ق�ل
-settings.lfs_lock_path=مسر �ایل ق�ل...
 settings.lfs_locks_no_locks=بدون ق�ل
 settings.lfs_lock_file_no_exist=�ایل های ق�ل شده در شاخه پیش �رض وجود ندارد
 settings.lfs_force_unlock=ق�ل گشایی زوری
-settings.lfs_pointers.found=حباب اشاره گر %d پیدا شده - %d نسبت داده شده - %d نیست داده نشده ( %d از دست ر�ته از انبار)
 settings.lfs_pointers.sha=حباب SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=در خزن
@@ -1924,14 +1860,13 @@ settings.visibility.private_shortname=پوشیده
 
 settings.update_settings=به‌ روزرسانی تنظیمات
 settings.update_setting_success=تنظیمات این سازمان به‌روز شد.
-settings.change_orgname_redirect_prompt=نام قدیمی تا زمانی که ادعا شود تغییر مسیر می دهد.
+
+
 settings.update_avatar_success=آواتار این سازمان به‌روز شد.
 settings.delete=حذ� سازمان
 settings.delete_account=حذ� این سازمان
 settings.delete_prompt=سازمان برای همیشه حذ� خواهد شد. این قابل برگشت <strong>نخواهد بود</strong>!
 settings.confirm_delete_account=تاییدیه حذ�
-settings.delete_org_title=حذ� سازمان
-settings.delete_org_desc=سازمان برای همیشه حذ� خواهد شد. آیا همچنان ادامه می‌دهید؟
 settings.hooks_desc=ا�زودن webhook های که برای<strong> تمام مخازن</strong> این سازمان اجرا میشود.
 
 settings.labels_desc=تگ هایی را اضا�ه کنید که می‌توانند برای مشکلات <strong>همه مخازن</strong> تحت این سازمان است�اده شوند.
@@ -2000,7 +1935,6 @@ organizations=تشکیلات
 repositories=مخازن
 hooks=وب هوک ها
 authentication=منابع احراز هویت
-emails=ایمیل های کاربر
 config=پیکربندی
 config_summary=چکیده
 config_settings=تنظيمات
@@ -2027,25 +1961,16 @@ dashboard.cron.process=Cron: %[1]s
 dashboard.cron.error=خطا در Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s پایان یا�ته است
 dashboard.delete_inactive_accounts=حذ� تمام حساب های کاربری غیر�عال
-dashboard.delete_inactive_accounts.started=تسک حذ� تمام حساب های کاربری غیر�عال شروع شد.
 dashboard.delete_repo_archives=حذ� تمام انبار های آرشیو شده (ZIP, TAR.GZ, etc..)
-dashboard.delete_repo_archives.started=تسک حذ� تمام آرشیو های انبار شروع شد.
 dashboard.delete_missing_repos=حذ� تمامی مخازنی که پرونده‌های گیت آنها از بین ر�ته است
-dashboard.delete_missing_repos.started=تسک تمام انبار هایی که �ایل های گیتشان از دست ر�ته شروع شد.
 dashboard.delete_generated_repository_avatars=حذ� آواتار هایی که برای مخزن تولید شده اند
 dashboard.update_mirrors=میرور ها بروزرسانی شود
 dashboard.repo_health_check=سلامت تمام انبار ها چک شود
 dashboard.check_repo_stats=تمام آمار انبارها چک شود
 dashboard.archive_cleanup=آرشیوهای انبار قدیمی را حذ� کنید
-dashboard.deleted_branches_cleanup=شاخه های حذ� شده را پاک کنید
 dashboard.update_migration_poster_id=شناسه های پوستر مهاجرت را به روز کنید
-dashboard.git_gc_repos=متراکم کردن تمامی زباله‌های مخازن
-dashboard.resync_all_sshkeys=�ایل '.ssh/authorized_keys' را با کلیدهای Gitea SSH به روز کنید.
-dashboard.resync_all_sshprincipals=�ایل '.ssh/authorized_principals' را با اصول Gitea SSH به روز کنید.
-dashboard.resync_all_hooks=همگام سازی مجدد hook های pre-receive و update و post-receive برای تمامی مخازن.
 dashboard.reinit_missing_repos=تمامی مخازنی که سوابقشان وجود دارند مجدداً گیت آنها م�قود شده است مجدداً مقدمات آنها �راهم شود
 dashboard.sync_external_users=همگام سازی اطلاعات کاربر خارجی
-dashboard.cleanup_hook_task_table=جدول hook_task تمیز کردن
 dashboard.server_uptime=�عالیت بی‌وق�ه سرور
 dashboard.current_goroutine=Goroutine های �علی
 dashboard.current_memory_usage=میزان مصر� �علی از حا�ظه
@@ -2087,7 +2012,6 @@ users.2fa=2FA
 users.repos=مخازن
 users.created=ایجاد شده
 users.last_login=آخرین ورود
-users.never_login=هرگز وارد نشده
 users.send_register_notify=ارسال اعلان ثبت نام کاربر
 users.edit=ویرایش
 users.auth_source=منبع احراز هویت
@@ -2128,11 +2052,7 @@ users.list_status_filter.not_2fa_enabled=2FA غیر�عال است
 emails.email_manage_panel=مدیریت ایمیل کاربر
 emails.primary=اولیه
 emails.activated=�عال شده
-emails.filter_sort.email=ایمیل
-emails.filter_sort.email_reverse=ایمیل (معکوس)
-emails.filter_sort.name=نام کاربری
-emails.filter_sort.name_reverse=نام کاربری(معکوس)
-emails.updated=ایمیل به روز شد
+emails.filter_sort.name=نام‎کاربری
 emails.not_updated=آدرس ایمیل درخواستی به‌روزرسانی نشد: %v
 emails.duplicate_active=این آدرس ایمیل از قبل برای کاربر دیگری �عال است.
 emails.change_email_header=به روز رسانی ویژگی های ایمیل
@@ -2230,19 +2150,14 @@ auths.skip_local_two_fa_helper=تنظیم نشده به این معنی است Ú
 auths.oauth2_tenant=مستاجر
 auths.enable_auto_register=�عال سازی ثبت نام خودکار
 auths.sspi_auto_create_users=ساخت کاربر خودکار
-auths.sspi_auto_create_users_helper=به روش SSPI auth اجازه دهید تا برای اولین بار به طور خودکار حساب های جدیدی را برای کاربرانی ایجاد کند که وارد سایت شوند
 auths.sspi_auto_activate_users=�عال سازی خودکار کاربران
 auths.sspi_auto_activate_users_helper=به روش SSPI auth اجازه دهید تا کاربران جدید را به طور خودکار �عال کند
 auths.sspi_strip_domain_names=نام دامنه را از نام کاربری حذ� کنید
-auths.sspi_strip_domain_names_helper=اگر بررسی شود ، نام دامنه از نامهای ورود به سیستم حذ� می شود(eg. "DOMAIN\user" and "user@example.org" هر برای کاربر خواهند شد "user").
 auths.sspi_separator_replacement=جداکننده برای است�اده به جای \, / و @
-auths.sspi_separator_replacement_helper=کاراکتر مورد است�اده برای جایگزینی جداکنندگان نامهای ورود به سطح پایین (eg. the \ in "DOMAIN\user") و نامهای اصلی کاربر (eg. the @ in "user@example.org").
 auths.sspi_default_language=زبان پیش �رض کاربر
-auths.sspi_default_language_helper=زبان پیش �رض برای کاربران بطور خودکار با روش SSPI auth ایجاد شده است. اگر ترجیح می دهید زبان به طور خودکار شناسایی شود ، خالی بگذارید.
 auths.tips=ﻧﮑﺎﺕ
 auths.tips.oauth2.general=احراز هویت OAuth2
 auths.tip.oauth2_provider=تامین کننده OAuth2
-auths.tip.nextcloud=با است�اده از منوی زیر "تنظیمات -> امنیت -> مشتری OAuth 2.0" مصر� کننده OAuth جدیدی را در نمونه خود ثبت کنید
 auths.tip.mastodon=یک URL نمونه س�ارشی برای نمونه ماستودون که می خواهید با آن احراز هویت کنید وارد کنید (یا از یک پیش �رض است�اده کنید)
 auths.edit=ویرایش منبع احراز هویت
 auths.activated=این منبع احراز هویت �عال شده است
@@ -2280,8 +2195,6 @@ config.ssh_domain=دامنه سرور SSH
 config.ssh_port=درگاه (پورت)
 config.ssh_listen_port=گوش دادن به پورت
 config.ssh_root_path=مسیر ریشه
-config.ssh_key_test_path=مسیر کلید آزمایش
-config.ssh_keygen_path=مسیر �ایل ssh-keygen
 config.ssh_minimum_key_size_check=بررسی حداقل طول کلید
 config.ssh_minimum_key_sizes=حداقل اندازه‌ی کلید ها
 
@@ -2334,7 +2247,6 @@ config.mailer_use_sendmail=است�اده از ارسال رایانامه (ای
 config.mailer_sendmail_path=مسیر ارسال ایمیل مستقیم
 config.mailer_sendmail_args=برهان های اضا�ی برای ارسال مستقیم ایمیل
 config.mailer_sendmail_timeout=مهلت زمانی ارسال نامه
-config.test_email_placeholder=ایمیل (نمونه test@example.com)
 config.send_test_mail=ارسال ایمیل آزمایشی
 
 config.oauth_config=پیکربندی OAuth
@@ -2400,7 +2312,6 @@ monitor.queue.exemplar=نوع نمونه
 monitor.queue.numberworkers=تعداد کارگران
 monitor.queue.maxnumberworkers=بیشینه تعداد کارگران
 monitor.queue.settings.title=تنظیمات استخر
-monitor.queue.settings.maxnumberworkers=بیشینه تعداد کارگران
 monitor.queue.settings.maxnumberworkers.placeholder=در حال حاضر %[1]v
 monitor.queue.settings.maxnumberworkers.error=حداکثر تعداد کارگران باید یک عدد باشد
 monitor.queue.settings.submit=بالا بردن ساماندهی
@@ -2496,8 +2407,6 @@ error.no_committer_account=هیچ ایمیلی به حساب کاربری صاح
 error.no_gpg_keys_found=هیچ کلید شناخته شده ای برای این امضا در پایگاه داده ها یا�ت نشد
 error.not_signed_commit=هیچ کامیتی تکلی� نشده است
 error.failed_retrieval_gpg_keys=بازیابی هر کلیدی که به حساب کاربری کامیت دهنده پیوست شده بود نامو�ق بود
-error.probable_bad_signature=هشدار! اگرچه اینجا یک کلید با ID در پایگاه داده است این کامیت تایید نشده است! این کامیت مشـــکــــوک است.
-error.probable_bad_default_signature=هشدار! اگرچه اینجا یک کلید پیش �رض با ID است این اما کامیت تایید نشده است! این کامیت مشـــکــــوک است.
 
 [units]
 error.no_unit_allowed_repo=شما اجازه دسترسی به هیچ قسمت از این مخزن را ندارید.
@@ -2512,8 +2421,12 @@ conan.details.repository=مخزن
 owner.settings.cleanuprules.enabled=�عال شده
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=شرح
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_fi-FI.ini b/options/locale/locale_fi-FI.ini
index e853273375..cd4c06c013 100644
--- a/options/locale/locale_fi-FI.ini
+++ b/options/locale/locale_fi-FI.ini
@@ -39,7 +39,6 @@ webauthn_use_twofa=Käytä kaksivaihesta vahvistusta puhelimestasi
 webauthn_error=Turva-avainta ei voitu lukea.
 webauthn_unsupported_browser=Selaimesi ei tällä hetkellä tue WebAuthnia.
 webauthn_error_unknown=Tuntematon virhe. Yritä uudelleen.
-webauthn_error_insecure=`WebAuthn tukee vain suojattuja yhteyksiä. Testaukseen HTTP:n yli, voit käyttää osoitetta "localhost" tai "127.0.0.1"`
 webauthn_error_unable_to_process=Palvelin ei pystynyt toteuttamaan kutsua.
 webauthn_error_duplicated=Turva-avainta ei ole sallittu tässä pyynnössä. Varmista, ettei avainta ole jo rekisteröity.
 webauthn_error_empty=Sinun täytyy asettaa nimi tälle avaimelle.
@@ -163,15 +162,10 @@ path=Polku
 sqlite_helper=SQLite3-tietokannan tiedostopolku.<br>Syötä absoluuttinen polku, jos ajat Giteaa palveluna.
 reinstall_error=Yrität asentaa olemassa olevaan Gitea tietokantaan
 reinstall_confirm_message=Asentaminen uudelleen olemassa olevalla Gitea-tietokannalla voi aiheuttaa useita ongelmia. Useimmissa tapauksissa sinun pitäisi käyttää olemassa olevia "app.ini" asetuksia Gitean käyttöön. Jos tiedät mitä teet, vahvista seuraavat seikat:
-reinstall_confirm_check_1=Tiedot, jotka on salattu SECRET_KEY:llä app.ini:ssä saatetaan menettää: käyttäjät eivät ehkä voi kirjautua sisään 2FA/OTP:lla ja peilit eivät välttämättä toimi oikein. Ruksaamalla tämän vahvistat, että nykyinen app.ini -tiedosto sisältää oikean SECRET_KEY:n.
-reinstall_confirm_check_2=Repot ja asetukset saattaa olla tarpeen uudelleensynkronoida. Valitsemalla tämän vahvistat, että uudelleensynkronoit repojen koukut ja authorized_keys -tiedoston manuaalisesti. Varmistat, että repon ja peilin asetukset ovat oikeat.
 reinstall_confirm_check_3=Vahvistat, että olet täysin varma siitä, että tämä Gitea toimii oikealla app.ini sijainnilla ja että olet varma, että sinun täytyy asentaa uudelleen. Vahvistat, että tunnustat edellä mainitut riskit.
 err_empty_db_path=SQLite3-tietokannan polku ei voi olla tyhjä.
 no_admin_and_disable_registration=Et voi kytkeä rekisteröintiä pois luomatta sitä ennen ylläpitotiliä.
 err_empty_admin_password=Ylläpitäjän salasana ei voi olla tyhjä.
-err_empty_admin_email=Ylläpitäjän sähköpostiosoite ei voi olla tyhjä.
-err_admin_name_is_reserved=Ylläpitäjän käyttäjätunnus on virheellinen: käyttäjätunnus on varattu
-err_admin_name_is_invalid=Ylläpitäjän käyttäjätunnus on virheellinen
 
 general_title=Yleiset asetukset
 app_name=Sivuston otsikko
@@ -185,7 +179,6 @@ domain=Palvelimen verkkotunnus
 ssh_port=SSH-palvelimen portti
 ssh_port_helper=Porttinumero, jossa SSH-palvelimesi kuuntelee. Jätä tyhjäksi kytkeäksesi pois.
 http_port=Gitean HTTP-kuunteluportti
-http_port_helper=Portti, jossa Gitean web-palvelin kuuntelee.
 app_url=Gitean juuriosoite
 app_url_helper=Juuriosoite HTTP(S)-klooniosoitteille ja sähköpostimuistutuksille.
 log_root_path=Lokin polku
@@ -286,7 +279,6 @@ allow_password_change=Vaadi käyttäjää vaihtamaan salasanansa (suositeltava)
 reset_password_mail_sent_prompt=Varmistussähköposti on lähetetty osoitteeseen <b>%s</b>. Tarkista saapuneet seuraavan %s tunnin sisällä saadaksesi tilin palauttamisen valmiiksi.
 active_your_account=Aktivoi tilisi
 account_activated=Tili on aktivoitu
-prohibit_login=Kirjautuminen estetty
 resent_limit_prompt=Olet jo tilannut aktivointisähköpostin hetki sitten. Ole hyvä ja odota 3 minuuttia ja yritä sitten uudelleen.
 has_unconfirmed_mail=Hei %s, sinulla on varmistamaton sähköposti osoite (<b>%s</b>). Jos et ole saanut varmistus sähköpostia tai tarvitset uudelleenlähetyksen, ole hyvä ja klikkaa allaolevaa painiketta.
 resend_mail=Klikkaa tästä uudelleenlähettääksesi aktivointi sähköpostisi
@@ -321,7 +313,6 @@ email_domain_blacklisted=Et voi rekisteröityä sähköpostiosoittellasi.
 authorize_application=Valtuuta sovellus
 authorize_redirect_notice=Sinut uudelleen ohjataan osoitteeseen %s jos valtuutat tämän sovelluksen.
 authorize_application_created_by=Tämän sovelluksen on luonnut %s.
-authorize_application_description=Jos myönnät valtuuden, sovellus voi käyttää kaikkia tilitietojasi ja kirjoittaa niihin, mukaan lukien yksityiset repot ja organisaatiot.
 authorize_title=Valtuutatko "%s" pääsemään tilillesi?
 authorization_failed=Käyttöoikeuden varmistus epäonnistui
 sspi_auth_failed=SSPI todennus epäonnistui
@@ -335,7 +326,6 @@ activate_account=Ole hyvä ja aktivoi tilisi
 
 activate_email=Vahvista sähköpostiosoitteesi
 
-register_notify.text_2=Voit nyt kirjautua käyttäjätunnuksella: %s.
 
 reset_password=Palauta käyttäjätili
 reset_password.title=%s, olet pyytänyt tilisi palauttamista
@@ -513,7 +503,6 @@ activate_email=Lähetä aktivointi
 activations_pending=Odottaa aktivointia
 delete_email=Poista
 email_deletion=Poista sähköpostiosoite
-email_deletion_desc=Sähköpostiosoite ja siihen liittyvät tiedot poistetaan tililtäsi. Kyseisen sähköpostiosoitteen sisältävät commitit pysyvät muuttumattomia. Jatketaanko?
 email_deletion_success=Sähköpostiosoite on poistettu.
 theme_update_success=Teemasi on päivitetty.
 theme_update_error=Valittua teemaa ei löydy.
@@ -604,7 +593,6 @@ oauth2_application_edit=Muokkaa
 
 twofa_is_enrolled=Tilisi <strong>käyttää</strong> kaksivaiheista vahvistusta.
 twofa_not_enrolled=Tilisi ei tällä hetkellä käytä kaksivaiheista vahvistusta.
-twofa_enroll=Ota kaksivaiheinen vahvistus käyttöön
 twofa_disabled=Kaksivaiheinen todennus on otettu pois käytöstä.
 scan_this_image=Skannaa tämä kuva tunnistautumissovelluksellasi:
 or_enter_secret=Tai kirjoita salainen avain: %s
@@ -690,11 +678,9 @@ migrate_items_pullrequests=Vetopyynnöt
 migrate_items_releases=Julkaisut
 migrate_repo=Siirrä repo
 migrate.clone_address=Migraation / Kloonaa URL osoitteesta
-migrate.github_token_desc=Voit laittaa yhden tai useamman pääsymerkin pilkulla erotellen tähän nopeuttaaksesi migraatiota GitHub APIn vauhtirajojen takia. VAROITUS: Tämän ominaisuuden väärinkäyttö voi rikkoa palveluntarjoajan ehtoja ja johtaa tilin estämiseen.
 migrate.permission_denied=Sinun ei sallita tuovan paikallisia repoja.
 migrate.failed=Siirto epäonnistui: %v
 migrate.migrate_items_options=Pääsymerkki vaaditaan lisäkohteiden siirtämiseen
-migrate.migrating=Tuodaan kohteesta <b>%s</b> ...
 migrate.migrating_failed=Tuonti kohteesta <b>%s</b> epäonnistui.
 migrate.migrating_git=Tuodaan Git-tietoja
 
@@ -764,6 +750,7 @@ editor.no_changes_to_show=Ei muutoksia näytettäväksi.
 editor.add_subdir=Lisää hakemisto…
 editor.require_signed_commit=Haara vaatii vahvistetun commitin
 
+
 commits.commits=Commitit
 commits.nothing_to_compare=Nämä haarat vastaavat toisiaan.
 commits.search_all=Kaikki haarat
@@ -845,7 +832,6 @@ issues.filter_type.review_requested=Arvostelua pyydetty
 issues.filter_sort=Lajittele
 issues.filter_sort.latest=Uusin
 issues.filter_sort.oldest=Vanhin
-issues.filter_sort.recentupdate=Äskettäin päivitetty
 issues.filter_sort.leastupdate=Kauiten aikaa sitten päivitetty
 issues.filter_sort.mostcomment=Eniten kommentoidut
 issues.filter_sort.leastcomment=Vähiten kommentoidut
@@ -907,7 +893,6 @@ issues.unlock=Avaa keskustelu
 issues.unlock_comment=aukaisi tämän keskustelun uudelleen %s
 issues.lock_confirm=Lukitse
 issues.unlock_confirm=Avaa
-issues.lock.notice_1=- Muut käyttäjät eivät voi lisätä uusia kommentteja tähän ongelmaan.
 issues.lock.notice_3=- Voit aina myöhemmin avata tämän ongelman lukituksesta.
 issues.unlock.notice_2=- Voit aina myöhemmin lukita tämän ongelman uudelleen.
 issues.lock.reason=Lukitsemisen syy
@@ -1096,7 +1081,6 @@ settings.teams=Tiimit
 settings.add_team=Lisää tiimi
 settings.add_webhook=Lisää webkoukku
 settings.webhook_deletion=Poista webkoukku
-settings.webhook.test_delivery=Testitoimitus
 settings.webhook.request=Pyyntö
 settings.webhook.response=Vastaus
 settings.webhook.headers=Otsikot
@@ -1128,7 +1112,6 @@ settings.event_repository=Repo
 settings.event_repository_desc=Repo luotu tai poistettu.
 settings.event_header_issue=Ongelmien tapahtumat
 settings.event_issues=Ongelmat
-settings.event_issues_desc=Ongelma avattu, suljettu, avattu uudelleen tai muokattu.
 settings.event_issue_assign=Ongelma määritetty
 settings.event_issue_assign_desc=Ongelma osoitettu tai osoitus poistettu.
 settings.event_issue_label_desc=Ongelman tunnisteet päivitetty tai tyhjennetty.
@@ -1204,11 +1187,9 @@ settings.lfs_locks=Lukot
 settings.lfs_invalid_locking_path=Virheellinen polku: %s
 settings.lfs_invalid_lock_directory=Hakemistoa ei voida lukita: %s
 settings.lfs_lock_already_exists=Lukitus on jo olemassa: %s
-settings.lfs_lock_path=Lukittavan tiedostopolku...
 settings.lfs_locks_no_locks=Ei lukkoja
 settings.lfs_lock_file_no_exist=Lukittua tiedostoa ei ole olemassa oletushaarassa
 settings.lfs_force_unlock=Pakota lukituksen avaus
-settings.lfs_pointers.found=Löytyi %d blob osoitinta - %d yhdistettyö, %d yhdistämätöntä (%d puuttuu varastosta)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Repossa
@@ -1318,11 +1299,12 @@ settings.visibility.private=Yksityinen (näkyvä vain organisaation jäsenille)
 settings.visibility.private_shortname=Yksityinen
 
 settings.update_settings=Päivitä asetukset
+
+
 settings.delete=Poista organisaatio
 settings.delete_account=Poista tämä organisaatio
 settings.delete_prompt=Organisaatio poistetaan pysyvästi, ja tätä <strong>EI VOI</strong> peruuttaa myöhemmin!
 settings.confirm_delete_account=Vahvista poisto
-settings.delete_org_title=Poista organisaatio
 settings.hooks_desc=Lisää webkoukkuja, jotka suoritetaan <strong>kaikissa repoissa</strong> tässä organisaatiossa.
 
 
@@ -1371,7 +1353,6 @@ users=Käyttäjätilit
 organizations=Organisaatiot
 repositories=Repot
 authentication=Todennuslähteet
-emails=Käyttäjien sähköpostit
 config=Asetukset
 config_summary=Yhteenveto
 config_settings=Asetukset
@@ -1427,7 +1408,6 @@ users.2fa=2FA
 users.repos=Repot
 users.created=Luotu
 users.last_login=Viimeksi kirjautunut
-users.never_login=Ei koskaan kirjautunut
 users.edit=Muokkaa
 users.auth_source=Todennuslähde
 users.local=Paikallinen
@@ -1459,10 +1439,7 @@ users.list_status_filter.not_2fa_enabled=2FA ei käytössä
 emails.email_manage_panel=Käyttäjien sähköpostien hallinta
 emails.primary=Ensisijainen
 emails.activated=Aktivoitu
-emails.filter_sort.email=Sähköposti
-emails.filter_sort.email_reverse=Sähköposti (käänteinen)
-emails.filter_sort.name=Käyttäjänimi
-emails.filter_sort.name_reverse=Käyttäjänimi (käänteinen)
+emails.filter_sort.name=Käyttäjätunnus
 emails.duplicate_active=Tämä sähköpostiosoite on jo käytössä toisella käyttäjällä.
 
 orgs.org_manage_panel=Organisaatioiden hallinta
@@ -1538,8 +1515,6 @@ config.ssh_enabled=Käytössä
 config.ssh_port=Portti
 config.ssh_listen_port=Kuuntele porttia
 config.ssh_root_path=Juuren polku
-config.ssh_key_test_path=Polku jossa avaimet testataan
-config.ssh_keygen_path=Keygen ('ssh-keygen') polku
 config.ssh_minimum_key_size_check=Avaimen vähimmäiskoko tarkistus
 config.ssh_minimum_key_sizes=Avaimen vähimmäiskoot
 
@@ -1694,8 +1669,12 @@ conan.details.repository=Repo
 owner.settings.cleanuprules.enabled=Käytössä
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Kuvaus
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini
index c9b3345382..c9e074b659 100644
--- a/options/locale/locale_fr-FR.ini
+++ b/options/locale/locale_fr-FR.ini
@@ -44,7 +44,7 @@ webauthn_use_twofa=Utilisez l'authentification à deux facteurs avec votre télÃ
 webauthn_error=Impossible de lire votre clé de sécurité.
 webauthn_unsupported_browser=Votre navigateur ne prend actuellement pas en charge WebAuthn.
 webauthn_error_unknown=Une erreur indéterminée s'est produite. Veuillez réessayer.
-webauthn_error_insecure=`WebAuthn ne prend en charge que les connexions sécurisées. Pour les tests via HTTP, vous pouvez utiliser l'origine "localhost" ou "127.0.0.1"`
+webauthn_error_insecure=WebAuthn ne prend en charge que les connexions sécurisées. Pour des tests via HTTP, vous pouvez utiliser « localhost » ou « 127.0.0.1 ».
 webauthn_error_unable_to_process=Le serveur n'a pas pu traiter votre demande.
 webauthn_error_duplicated=La clé de sécurité n’est pas autorisée pour cette demande. Veuillez vous assurer que la clé n’est pas déjà enregistrée.
 webauthn_error_empty=Vous devez définir un nom pour cette clé.
@@ -117,6 +117,7 @@ files=Fichiers
 
 error=Erreur
 error404=La page que vous essayez d'atteindre <strong>n'existe pas</strong> ou <strong>vous n'êtes pas autorisé</strong> à la voir.
+error503=Le serveur n’a pas pu répondre à votre demande. Veuillez réessayer plus tard.
 go_back=Retour
 invalid_data=Données invalides : %v
 
@@ -129,7 +130,8 @@ pin=Épingler
 unpin=Désépingler
 
 artifacts=Artefacts
-confirm_delete_artifact=Êtes-vous sûr de vouloir supprimer l‘artefact « %s » ?
+expired=Expiré
+confirm_delete_artifact=Êtes-vous sûr de vouloir supprimer l’artefact « %s » ?
 
 archived=Archivé
 
@@ -228,8 +230,8 @@ buttons.enable_monospace_font=Activer la police à chasse fixe
 buttons.disable_monospace_font=Désactiver la police à chasse fixe
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
+string.asc=A–Z
+string.desc=Z–A
 
 [error]
 occurred=Une erreur s’est produite
@@ -267,16 +269,16 @@ path=Emplacement
 sqlite_helper=Chemin d'accès pour la base de données SQLite3.<br>Entrer un chemin absolu si vous exécutez Gitea en tant que service.
 reinstall_error=Vous essayez d'installer dans une base de données Gitea existante
 reinstall_confirm_message=La réinstallation avec une base de données Gitea existante peut causer plusieurs problèmes. Dans la plupart des cas, vous devriez utiliser votre "app.ini" existant pour exécuter Gitea. Si vous savez ce que vous faites, confirmez ce qui suit :
-reinstall_confirm_check_1=Les données chiffrées par la clé SECRET_KEY dans l'application peuvent être perdu : les utilisateurs pourrait ne pas pouvoir se connecter avec 2FA/OTP et les miroirs pourrait ne pas fonctionner correctement. En cochant cette case, vous confirmez que le fichier app.ini actuel contient la bonne SECRET_KEY.
+reinstall_confirm_check_1=Les données chiffrées par la valeur de SECRET_KEY dans app.ini peuvent être invalidés, empêchant les utilisateurs de se connecter via 2FA/OTP et les miroirs de se synchroniser. En cochant cette case, vous confirmez que le fichier app.ini actuel contient la bonne clé SECRET_KEY.
 reinstall_confirm_check_2=Les dépôts et les paramètres peuvent avoir besoin d'être re-synchronisés. En cochant cette case, vous confirmez que vous resynchroniserez manuellement les liens des dépôts et du fichier authorized_keys. Vous confirmez que vous allez vous assurer que les paramètres du dépôt et du miroir sont corrects.
 reinstall_confirm_check_3=Vous confirmez : vous êtes absolument certain que ce Gitea fonctionne avec le bon emplacement de app.ini et vous êtes certain de devoir réinstaller. Vous confirmez également que vous avez pris connaissance des risques exposés ci-dessus.
 err_empty_db_path=Le chemin de la base de données SQLite3 ne peut être vide.
 no_admin_and_disable_registration=Vous ne pouvez pas désactiver la création de nouveaux utilisateurs avant d'avoir créé un compte administrateur.
 err_empty_admin_password=Le mot de passe administrateur ne peut pas être vide.
-err_empty_admin_email=L’adresse courriel de l'administrateur ne peut être vide.
-err_admin_name_is_reserved=Le nom d'utilisateur de l'administrateur est invalide, le nom d'utilisateur est réservé
-err_admin_name_pattern_not_allowed=Le nom d'utilisateur de l'administrateur est invalide, le nom d'utilisateur est réservé
-err_admin_name_is_invalid=Le nom d'utilisateur de l'administrateur est invalide
+err_empty_admin_email=Le courriel de l’administrateur ne peut être vide.
+err_admin_name_is_reserved=Le nom de l’administrateur est invalide, ce nom d’utilisateur est réservé.
+err_admin_name_pattern_not_allowed=Le nom de l’administrateur est invalide, ce nom utilise un motif réservé.
+err_admin_name_is_invalid=Le nom de l’administrateur est invalide.
 
 general_title=Configuration générale
 app_name=Titre du site
@@ -292,7 +294,7 @@ domain_helper=Domaine ou adresse d'hôte pour le serveur.
 ssh_port=Port du serveur SSH
 ssh_port_helper=Port d'écoute du serveur SSH. Laissez le vide pour le désactiver.
 http_port=Port d'écoute HTTP de Gitea
-http_port_helper=Port sur lequel le serveur web Gitea attendra des requêtes.
+http_port_helper=Port d’écoute du serveur web Gitea.
 app_url=URL de base de Gitea
 app_url_helper=Adresse HTTP(S) de base pour les clones git et les notifications par courriel.
 log_root_path=Chemin des journaux
@@ -307,7 +309,7 @@ smtp_from_invalid=L’adresse « Envoyer le courriel sous » est invalide
 smtp_from_helper=Adresse courriel utilisée par Gitea. Utilisez directement votre adresse ou la forme « Nom <email@example.com> ».
 mailer_user=Utilisateur SMTP
 mailer_password=Mot de passe SMTP
-register_confirm=Exiger la confirmation du courriel lors de l'inscription
+register_confirm=Exiger la confirmation du courriel lors de l’inscription
 mail_notify=Activer les notifications par courriel
 server_service_title=Paramètres Serveur et Tierce Parties
 offline_mode=Activer le mode hors-ligne
@@ -347,7 +349,7 @@ save_config_failed=L'enregistrement de la configuration %v a échoué
 invalid_admin_setting=Paramètres du compte administrateur invalides : %v
 invalid_log_root_path=Le répertoire des fichiers de journalisation est invalide : %v
 default_keep_email_private=Masquer les adresses courriels par défaut
-default_keep_email_private_popup=Masquer par défaut les adresses courriels des nouveaux utilisateurs.
+default_keep_email_private_popup=Masquer par défaut les courriels des nouveaux utilisateurs.
 default_allow_create_organization=Autoriser la création d'organisations par défaut
 default_allow_create_organization_popup=Permettre aux nouveaux comptes utilisateurs de créer des organisations par défaut.
 default_enable_timetracking=Activer le suivi de temps par défaut
@@ -419,6 +421,7 @@ remember_me.compromised=Le jeton de connexion n’est plus valide, ce qui peut i
 forgot_password_title=Mot de passe oublié
 forgot_password=Mot de passe oublié ?
 need_account=Besoin d‘un compte ?
+sign_up_tip=Vous êtes en train d’enregistrer le premier compte du système, doté des privilèges administrateur. Veuillez conserver précieusement ses nom d’utilisateur et mot de passe. En cas d’oublie, consultez la documentation de Gitea pour en récupérer l’accès.
 sign_up_now=Inscrivez-vous dès maintenant !
 sign_up_successful=Le compte a été créé avec succès. Bienvenue !
 confirmation_mail_sent_prompt_ex=Un nouveau courriel de confirmation a été envoyé à <b>%s</b>. Veuillez vérifier votre boîte de réception dans la prochaine %s pour terminer le processus d’inscription. Si votre adresse courriel est incorrecte, vous pouvez vous reconnecter et la modifier.
@@ -428,11 +431,11 @@ reset_password_mail_sent_prompt=Un mail de confirmation a été envoyé à <b>%s
 active_your_account=Activer votre compte
 account_activated=Le compte a été activé
 prohibit_login=Connexion interdite
-prohibit_login_desc=Votre compte n'autorise pas la connexion, veuillez contacter l'administrateur de votre site.
-resent_limit_prompt=Désolé, vous avez récemment demandé un courriel d'activation. Veuillez réessayer dans 3 minutes.
-has_unconfirmed_mail=Bonjour %s, votre adresse courriel (<b>%s</b>) n’a pas été confirmée. Si vous n’avez reçu aucun mail de confirmation ou souhaitez renouveler l’envoi, cliquez sur le bouton ci-dessous.
-change_unconfirmed_mail_address=Si votre adresse courriel d’inscription est incorrecte, vous pouvez la modifier ici et renvoyer un nouvel courriel de confirmation.
-resend_mail=Cliquez ici pour renvoyer un mail de confirmation
+prohibit_login_desc=Votre compte n’autorise pas la connexion, veuillez contacter l’administrateur de votre site.
+resent_limit_prompt=Désolé, vous avez récemment demandé un courriel d’activation. Veuillez réessayer dans 3 minutes.
+has_unconfirmed_mail=Bonjour %s, votre adresse courriel <b>%s</b> n’a pas été confirmée. Si vous n’avez reçu aucun mail de confirmation ou souhaitez renouveler l’envoi, cliquez sur le bouton ci-dessous.
+change_unconfirmed_mail_address=Si votre adresse courriel d’inscription est incorrecte, vous pouvez la modifier ici et renvoyer un nouveau courriel de confirmation.
+resend_mail=Cliquez ici pour renvoyer un courriel de confirmation
 email_not_associate=L’adresse courriel n’est associée à aucun compte.
 send_reset_mail=Envoyer un courriel de récupération du compte
 reset_password=Récupération du compte
@@ -449,6 +452,7 @@ use_scratch_code=Utiliser un code de secours
 twofa_scratch_used=Vous avez utilisé votre code de secours. Vous avez été redirigé vers cette page de configuration afin de supprimer l'authentification à deux facteurs de votre appareil ou afin de générer un nouveau code de secours.
 twofa_passcode_incorrect=Votre code d’accès n’est pas correct. Si vous avez égaré votre appareil, utilisez votre code de secours pour vous connecter.
 twofa_scratch_token_incorrect=Votre code de secours est incorrect.
+twofa_required=Vous devez configurer l’authentification à deux facteurs pour avoir accès aux dépôts, ou essayer de vous reconnecter.
 login_userpass=Connexion
 login_openid=OpenID
 oauth_signup_tab=Créer un compte
@@ -457,6 +461,7 @@ oauth_signup_submit=Finaliser la création du compte
 oauth_signin_tab=Lier à un compte existant
 oauth_signin_title=Connectez-vous pour autoriser le compte lié
 oauth_signin_submit=Lier un compte
+oauth.signin.error.general=Une erreur s’est produite lors du traitement de la demande d’autorisation : %s. Si l’erreur persiste, veuillez contacter l’administrateur du site.
 oauth.signin.error.access_denied=La demande d'autorisation a été refusée.
 oauth.signin.error.temporarily_unavailable=L'autorisation a échoué car le serveur d'authentification est temporairement indisponible. Veuillez réessayer plus tard.
 oauth_callback_unable_auto_reg=L’inscription automatique est activée, mais le fournisseur OAuth2 %[1]s a signalé des champs manquants : %[2]s, impossible de créer un compte automatiquement, veuillez créer ou lier un compte, ou bien contacter l’administrateur du site.
@@ -466,17 +471,17 @@ openid_connect_desc=L'URI OpenID choisie est inconnue. Associez-le à un nouveau
 openid_register_title=Créer un nouveau compte
 openid_register_desc=L'URI OpenID choisie est inconnue. Associez-le à un nouveau compte ici.
 openid_signin_desc=Entrez l'URI de votre OpenID. Par exemple : alice.openid.example.org ou https://openid.example.org/alice.
-disable_forgot_password_mail=La récupération du compte est désactivée car aucune adresse courriel n’est configurée. Veuillez contacter l'administrateur de votre site.
-disable_forgot_password_mail_admin=La récupération du compte est disponible uniquement lorsque l’adresse courriel est configurée. Veuillez configurer l’adresse courriel pour activer la récupération du compte.
+disable_forgot_password_mail=La récupération du compte est désactivée car aucun courriel n’est configuré. Veuillez contacter l’administrateur de votre site.
+disable_forgot_password_mail_admin=La récupération du compte n’est possible que lorsqu’un courriel est configurée. Veuillez ajouter une adresse courriel à votre compte.
 email_domain_blacklisted=Vous ne pouvez pas vous enregistrer avec votre adresse courriel.
 authorize_application=Autoriser l'application
 authorize_redirect_notice=Vous serez redirigé vers %s si vous autorisez cette application.
 authorize_application_created_by=Cette application a été créée par %s.
-authorize_application_description=Si vous accordez l'accès, il sera en mesure d'accéder et d'écrire toutes les informations de votre compte, y compris les dépôts privés et les organisations.
+authorize_application_description=Si vous accordez l’accès, elle pourra accéder et modifier toutes les informations de votre compte, y compris vos dépôts privés et vos organisations.
 authorize_application_with_scopes=Avec des contextes : %s
 authorize_title=Autoriser "%s" à accéder à votre compte ?
 authorization_failed=L’autorisation a échoué
-authorization_failed_desc=L'autorisation a échoué car nous avons détecté une demande incorrecte. Veuillez contacter le responsable de l'application que vous avez essayé d'autoriser.
+authorization_failed_desc=L'autorisation a échoué en raison d’une requête invalide. Veuillez contacter le responsable de l'application que vous avez essayé d'autoriser.
 sspi_auth_failed=Échec de l'authentification SSPI
 password_pwned=Le mot de passe que vous avez choisi <a target="_blank" rel="noopener noreferrer" href="%s">fait partit des mots de passe ayant fuité</a> sur internet. Veuillez réessayer avec un mot de passe différent et considérez remplacer ce mot de passe si vous l’utilisez ailleurs.
 password_pwned_err=Impossible d'envoyer la demande à HaveIBeenPwned
@@ -497,12 +502,12 @@ activate_account.text_2=Veuillez cliquer sur ce lien pour activer votre compte c
 
 activate_email=Veuillez vérifier votre adresse courriel
 activate_email.title=%s, veuillez vérifier votre adresse courriel
-activate_email.text=Veuillez cliquer sur le lien suivant pour vérifier votre adresse courriel dans <b>%s</b>:
+activate_email.text=Veuillez cliquer sur le lien suivant pour vérifier votre adresse courriel dans <b>%s</b> :
 
 register_notify=Bienvenue sur %s
 register_notify.title=%[1]s, bienvenue à %[2]s
-register_notify.text_1=ceci est votre courriel de confirmation d'inscription pour %s!
-register_notify.text_2=Vous pouvez maintenant vous connecter avec le nom d'utilisateur : %s.
+register_notify.text_1=Voici votre courriel d’inscription pour %s !
+register_notify.text_2=Vous pouvez maintenant vous connecter avec le nom d’utilisateur : %s.
 register_notify.text_3=Si ce compte a été créé pour vous, veuillez <a href="%s">définir votre mot de passe</a> d'abord.
 
 reset_password=Récupérer votre compte
@@ -540,7 +545,7 @@ release.download.targz=Code source (TAR.GZ)
 repo.transfer.subject_to=%s aimerait transférer "%s" à %s
 repo.transfer.subject_to_you=`%s aimerait vous transférer "%s"`
 repo.transfer.to_you=vous
-repo.transfer.body=Pour l'accepter ou le rejeter, visitez %s ou ignorez-le.
+repo.transfer.body=Pour l’accepter ou le rejeter, visitez %s ou ignorez-le.
 
 repo.collaborator.added.subject=%s vous a ajouté à %s
 repo.collaborator.added.text=Vous avez été ajouté en tant que collaborateur du dépôt :
@@ -592,7 +597,7 @@ url_error=`« %s » n'est pas une URL valide.`
 include_error=` doit contenir "%s".`
 glob_pattern_error=` a un motif glob invalide : %s.`
 regex_pattern_error=` a un motif regex invalide : %s.`
-username_error=` ne peut contenir que des caractères alphanumériques, trait d'union « - », tiret bas « _ » et point « . », ne peux commencer que par des caractères alphanumériques et avoir des symboles consécutifs.`
+username_error=` ne peut contenir que des caractères alphanumériques « a-z, A-Z, 0-9 », des traits d'union « - », des tirets bas « _ » et des points « . » et ne peux ni commencer, ni finir par des symboles, ni contenir des symboles consécutifs.`
 invalid_group_team_map_error=` a une cartographie invalide : %s`
 unknown_error=Erreur inconnue :
 captcha_incorrect=Le code CAPTCHA est incorrect.
@@ -611,13 +616,13 @@ repository_files_already_exist.adopt=Des fichiers existent déjà dans ce dépô
 repository_files_already_exist.delete=Des fichiers existent déjà pour ce dépôt. Vous devez les supprimer.
 repository_files_already_exist.adopt_or_delete=Des fichiers existent déjà dans ce dépôt. Veuillez les adopter ou les supprimer.
 visit_rate_limit=Le taux d'appel à distance autorisé a été dépassé.
-2fa_auth_required=L'accès à distance requiert une authentification à deux facteurs.
+2fa_auth_required=L’accès à distance requiert une authentification à deux facteurs.
 org_name_been_taken=Ce nom d'organisation est déjà pris.
 team_name_been_taken=Le nom d'équipe est déjà pris.
 team_no_units_error=Autoriser l’accès à au moins une section du dépôt.
-email_been_used=Cette adresse courriel est déjà utilisée.
-email_invalid=Cette adresse courriel est invalide.
-email_domain_is_not_allowed=Le domaine <b>%s</b> du courriel utilisateur entre en conflit avec EMAIL_DOMAIN_ALLOWLIST ou EMAIL_DOMAIN_BLOCKLIST. Veuillez vous assurer que votre opération est attendue.
+email_been_used=Ce courriel est déjà utilisé.
+email_invalid=Ce courriel est invalide.
+email_domain_is_not_allowed=Le domaine du courriel <b>%s</b> est en conflit avec EMAIL_DOMAIN_ALLOWLIST ou EMAIL_DOMAIN_BLOCKLIST. Veuillez vous assurer que votre opération est attendue.
 openid_been_used=Adresse OpenID "%s" déjà utilisée.
 username_password_incorrect=Identifiant ou mot de passe invalide.
 password_complexity=Le mot de passe ne respecte pas les exigences de complexité:
@@ -674,17 +679,17 @@ unfollow=Ne plus suivre
 user_bio=Biographie
 disabled_public_activity=Cet utilisateur a désactivé la visibilité publique de l'activité.
 email_visibility.limited=Votre adresse courriel est visible pour tous les utilisateurs authentifiés
-email_visibility.private=Votre adresse courriel n'est visible que pour vous et les administrateurs
+email_visibility.private=Votre adresse courriel n’est visible que pour vous et les administrateurs
 show_on_map=Afficher ce lieu sur une carte
 settings=Paramètres utilisateur
 
 form.name_reserved=Le nom d’utilisateur "%s" est réservé.
 form.name_pattern_not_allowed=Le motif « %s » n’est pas autorisé dans un nom de d'utilisateur.
-form.name_chars_not_allowed=Le nom d'utilisateur "%s" contient des caractères non valides.
+form.name_chars_not_allowed=Le nom d’utilisateur « %s » contient des caractères interdits.
 
 block.block=Bloquer
 block.block.user=Bloquer l’utilisateur
-block.block.org=Bloquer l’utilisateur pour l’organisation
+block.block.org=Bloquer l’utilisateur de l’organisation
 block.block.failure=Impossible de bloquer l’utilisateur : %s
 block.unblock=Débloquer
 block.unblock.failure=Impossible de débloquer l’utilisateur : %s
@@ -729,8 +734,8 @@ public_profile=Profil public
 biography_placeholder=Parlez-nous un peu de vous ! (Vous pouvez utiliser Markdown)
 location_placeholder=Partagez votre position approximative avec d'autres personnes
 profile_desc=Contrôlez comment votre profil est affiché aux autres utilisateurs. Votre adresse courriel principale sera utilisée pour les notifications, la récupération de mot de passe et les opérations Git basées sur le Web.
-password_username_disabled=Vous n’êtes pas autorisé à modifier leur nom d’utilisateur. Veuillez contacter l’administrateur de votre site pour plus de détails.
-password_full_name_disabled=Vous n’êtes pas autorisé à modifier leur nom complet. Veuillez contacter l’administrateur du site pour plus de détails.
+password_username_disabled=Vous n’êtes pas autorisé à modifier votre nom d’utilisateur. Veuillez contacter l’administrateur de votre site pour plus de détails.
+password_full_name_disabled=Vous n’êtes pas autorisé à modifier votre nom complet. Veuillez contacter l’administrateur du site pour plus de détails.
 full_name=Nom complet
 website=Site Web
 location=Localisation
@@ -794,36 +799,36 @@ emails=Adresses courriels
 manage_emails=Gérer les adresses courriels
 manage_themes=Sélectionner le thème par défaut
 manage_openid=Gérer les adresses OpenID
-email_desc=Votre adresse courriel principale sera utilisée pour les notifications, la récupération de mot de passe et, à condition qu'elle ne soit pas cachée, les opérations Git basées sur le Web.
+email_desc=Votre courriel principal sera utilisé pour les notifications, la récupération de mot de passe et, à condition qu’il ne soit pas caché, les opérations Git basées sur le Web.
 theme_desc=Ce sera votre thème par défaut sur le site.
 theme_colorblindness_help=Support du thème daltonien
 theme_colorblindness_prompt=Gitea fournit depuis peu des thèmes daltonien basé sur un spectre coloré réduit. Encore en développement, de futures améliorations devraient enrichir les fichiers de thèmes CSS.
 primary=Principale
 activated=Activé
 requires_activation=Nécessite une activation
-primary_email=Faire de cette adresse votre adresse principale
+primary_email=Rendre Principal
 activate_email=Envoyer l’activation
 activations_pending=Activations en attente
-can_not_add_email_activations_pending=Il y a une activation en attente, réessayez dans quelques minutes si vous souhaitez ajouter un nouvel e-mail.
+can_not_add_email_activations_pending=Il y a une activation en attente, réessayez dans quelques minutes si vous souhaitez ajouter un nouveau courriel.
 delete_email=Exclure
-email_deletion=Supprimer l'adresse e-mail
-email_deletion_desc=L’adresse e-mail et les informations associées seront retirées de votre compte. Les révisions Git effectuées par cette adresse resteront inchangées. Continuer ?
-email_deletion_success=L'adresse e-mail a été supprimée.
+email_deletion=Supprimer l’adresse courriel
+email_deletion_desc=Le courriel et les informations associées seront retirées de votre compte. Les révisions Git effectuées par cette adresse resteront inchangées. Continuer ?
+email_deletion_success=L’adresse courriel a été supprimée.
 theme_update_success=Votre thème a été mis à jour.
 theme_update_error=Le thème sélectionné n'existe pas.
 openid_deletion=Supprimer l’adresse OpenID
 openid_deletion_desc=Supprimer cette adresse OpenID de votre compte vous empêchera de vous connecter avec. Continuer ?
 openid_deletion_success=L'adresse OpenID a été supprimée.
-add_new_email=Ajouter une nouvelle adresse e-mail
+add_new_email=Ajouter un nouveau courriel
 add_new_openid=Ajouter une nouvelle URI OpenID
-add_email=Ajouter une adresse e-mail
+add_email=Ajouter un courriel
 add_openid=Ajouter une URI OpenID
-add_email_confirmation_sent=Un e-mail de confirmation a été envoyé à "%s". Veuillez vérifier votre boîte de réception dans les %s suivants pour confirmer votre adresse e-mail.
-add_email_success=La nouvelle adresse e-mail a été ajoutée.
-email_preference_set_success=L'e-mail de préférence a été défini avec succès.
+add_email_confirmation_sent=Un courriel de confirmation a été envoyé à « %s ». Veuillez vérifier votre boîte de réception dans les %s suivants pour confirmer votre adresse.
+add_email_success=La nouvelle adresse a été ajoutée.
+email_preference_set_success=Le courriel de préférence a été défini avec succès.
 add_openid_success=La nouvelle adresse OpenID a été ajoutée.
-keep_email_private=Cacher l'adresse e-mail
-keep_email_private_popup=Ceci masquera votre adresse e-mail de votre profil, de vos demandes d’ajout et des fichiers modifiés depuis l'interface Web. Les révisions déjà soumises ne seront pas modifiés. Utilisez %s dans les révisions pour les associer à votre compte.
+keep_email_private=Cacher l’adresse e-mail
+keep_email_private_popup=Ceci masquera votre adresse courriel de votre profil, de vos demandes d’ajout et des fichiers modifiés depuis l’interface Web. Les révisions déjà soumises ne seront pas modifiés. Utilisez %s dans les révisions pour les associer à votre compte.
 openid_desc=OpenID vous permet de confier l'authentification à une tierce partie.
 
 manage_ssh_keys=Gérer les clés SSH
@@ -844,13 +849,13 @@ ssh_key_been_used=Cette clé SSH a déjà été ajoutée au serveur.
 ssh_key_name_used=Une clé SSH avec le même nom existe déjà sur votre compte.
 ssh_principal_been_used=Ce principal a déjà été ajouté au serveur.
 gpg_key_id_used=Une clé publique GPG avec le même ID existe déjà.
-gpg_no_key_email_found=Cette clé GPG ne correspond à aucune adresse e-mail activée associée à votre compte. Elle peut toujours être ajoutée si vous signez le jeton fourni.
+gpg_no_key_email_found=Cette clé GPG ne correspond à aucun courriel actif associé à votre compte. Elle peut toujours être ajoutée si vous signez le jeton fourni.
 gpg_key_matched_identities=Identités correspondantes :
-gpg_key_matched_identities_long=Les identités intégrées dans cette clé correspondent aux adresses e-mail activées suivantes pour cet utilisateur. Les révisions correspondant à ces adresses e-mail peuvent être vérifiés avec cette clé.
+gpg_key_matched_identities_long=Les identités intégrées dans cette clé correspondent aux courriels actifs suivants pour cet utilisateur. Les révisions correspondant à ces courriels peuvent être vérifiés avec cette clé.
 gpg_key_verified=Clé vérifiée
 gpg_key_verified_long=Cette clé a été vérifiée à l’aide d’un jeton et peut dorénavant être utilisée pour authentifier vos révisions lorsqu’elles contiennent l’un de vos courriels actifs ou des identités associées à cette clé.
 gpg_key_verify=Vérifier
-gpg_invalid_token_signature=La clé GPG, la signature et le jeton fournis ne correspondent pas ou le jeton n'est pas à jour.
+gpg_invalid_token_signature=La clé GPG, la signature et le jeton fournis ne correspondent pas ou le jeton est périmé.
 gpg_token_required=Vous devez fournir une signature pour le jeton ci-dessous
 gpg_token=Jeton
 gpg_token_help=Vous pouvez générer une signature en utilisant :
@@ -858,7 +863,7 @@ gpg_token_signature=Signature GPG renforcée
 key_signature_gpg_placeholder=Commence par '-----BEGIN PGP SIGNATURE-----'
 verify_gpg_key_success=La clé GPG "%s" a été vérifiée.
 ssh_key_verified=Clé vérifiée
-ssh_key_verified_long=La clé a été vérifiée avec un jeton et peut dorénavant être utilisée pour vérifier les révisions comportant l'une des adresses e-mails activées de cet utilisateur.
+ssh_key_verified_long=La clé a été vérifiée avec un jeton et peut dorénavant être utilisée pour vérifier les révisions comportant l’un des courriels actifs de cet utilisateur.
 ssh_key_verify=Vérifier
 ssh_invalid_token_signature=La clé SSH, la signature ou le jeton fournis ne correspondent pas ou le jeton est périmé.
 ssh_token_required=Vous devez fournir une signature pour le jeton ci-dessous
@@ -898,7 +903,7 @@ principal_state_desc=Ce Principal a été utilisé au cours des 7 derniers jours
 show_openid=Afficher sur le profil
 hide_openid=Masquer du profil
 ssh_disabled=SSH désactivé
-ssh_signonly=SSH étant désactivé, ces clés ne servent qu'à vérifier la signature des révisions.
+ssh_signonly=SSH étant désactivé, ces clés ne servent qu’à vérifier la signature des révisions.
 ssh_externally_managed=Cette clé SSH est gérée de manière externe pour cet utilisateur
 manage_social=Gérer les réseaux sociaux associés
 social_desc=Ces comptes sociaux peuvent être utilisés pour vous connecter à votre compte. Assurez-vous de les reconnaître tous.
@@ -925,6 +930,9 @@ permission_not_set=Non défini
 permission_no_access=Aucun accès
 permission_read=Lecture
 permission_write=Lecture et écriture
+permission_anonymous_read=Consultation anonyme
+permission_everyone_read=Consultation collective
+permission_everyone_write=Participation collective
 access_token_desc=Les autorisations des jetons sélectionnées se limitent aux <a %s>routes API</a> correspondantes. Lisez la <a %s>documentation</a> pour plus d’informations.
 at_least_one_permission=Vous devez sélectionner au moins une permission pour créer un jeton.
 permissions_list=Autorisations :
@@ -955,10 +963,10 @@ oauth2_application_remove_description=La suppression d'une application OAuth2 l'
 oauth2_application_locked=Gitea préinstalle des applications OAuth2 au démarrage si elles sont activées dans la configuration. Pour éviter des comportements inattendus, celles-ci ne peuvent être éditées ni supprimées. Veuillez vous référer à la documentation OAuth2 pour plus d'informations.
 
 authorized_oauth2_applications=Applications OAuth2 autorisées
-authorized_oauth2_applications_description=Vous avez autorisé l'accès à votre compte personnel Gitea à ces applications tierces. Veuillez révoquer l'accès aux applications dont vous n'avez plus besoin.
+authorized_oauth2_applications_description=Vous avez autorisé l’accès à votre compte personnel Gitea à ces applications tierces. Veuillez révoquer l’accès aux applications dont vous n’avez plus besoin.
 revoke_key=Révoquer
 revoke_oauth2_grant=Révoquer l'accès
-revoke_oauth2_grant_description=La révocation de l'accès à cette application tierce l'empêchera d'accéder à vos données. Vous êtes sûr ?
+revoke_oauth2_grant_description=Révoquer l’accès de cette application tierce l’empêchera d’accéder à vos données. Vous êtes sûr ?
 revoke_oauth2_grant_success=Accès révoqué avec succès.
 
 twofa_desc=Pour protéger votre compte contre les vols de mot de passes, vous pouvez utiliser un smartphone ou autres appareils pour recevoir un code temporaire à usage unique (TOTP).
@@ -968,7 +976,7 @@ twofa_not_enrolled=Votre compte n'est pas inscrit à l'authentification à deux
 twofa_disable=Désactiver l'authentification à deux facteurs
 twofa_scratch_token_regenerate=Régénérer une clé de secours à usage unique
 twofa_scratch_token_regenerated=Votre clé de secours à usage unique est désormais « %s ». Stockez-la dans un endroit sûr, elle ne sera plus jamais affichée.
-twofa_enroll=Activer l'authentification à deux facteurs
+twofa_enroll=Activer l‘authentification à deux facteurs
 twofa_disable_note=Vous pouvez désactiver l'authentification à deux facteurs si nécessaire.
 twofa_disable_desc=Désactiver l'authentification à deux facteurs rendra votre compte plus vulnérable. Confirmer ?
 regenerate_scratch_token_desc=Si vous avez égaré votre clé de secours ou avez dû l’utiliser pour vous authentifier, vous pouvez la régénérer.
@@ -984,13 +992,13 @@ webauthn_desc=Les clés de sécurité sont des dispositifs matériels contenant
 webauthn_register_key=Ajouter une clé de sécurité
 webauthn_nickname=Pseudonyme
 webauthn_delete_key=Retirer la clé de sécurité
-webauthn_delete_key_desc=Si vous retirez une clé de sécurité, vous ne pourrez plus l'utiliser pour vous connecter. Continuer ?
+webauthn_delete_key_desc=Si vous retirez une clé de sécurité, vous ne pourrez plus l’utiliser pour vous connecter. Continuer ?
 webauthn_key_loss_warning=Si vous perdez vos clés de sécurité, vous perdrez l’accès à votre compte.
 webauthn_alternative_tip=Vous devriez configurer une méthode d’authentification supplémentaire.
 
 manage_account_links=Gérer les comptes liés
 manage_account_links_desc=Ces comptes externes sont liés à votre compte Gitea.
-account_links_not_available=Il n'y a pour l'instant pas de compte externe connecté à votre compte Gitea.
+account_links_not_available=Il n’y a pour l’instant pas de compte externe connecté à votre compte Gitea.
 link_account=Lier un Compte
 remove_account_link=Supprimer un compte lié
 remove_account_link_desc=La suppression d'un compte lié révoquera son accès à votre compte Gitea. Continuer ?
@@ -1008,11 +1016,13 @@ confirm_delete_account=Confirmer la suppression
 delete_account_title=Supprimer cet utilisateur
 delete_account_desc=Êtes-vous sûr de vouloir supprimer définitivement ce compte d'utilisateur ?
 
-email_notifications.enable=Activer les notifications par e-mail
-email_notifications.onmention=N'envoyer un e-mail que si vous êtes mentionné
-email_notifications.disable=Désactiver les notifications par e-mail
-email_notifications.submit=Définir les préférences d'e-mail
-email_notifications.andyourown=Et vos propres notifications
+email_notifications.enable=Notifier par courriel
+email_notifications.onmention=Seulement sur Mention
+email_notifications.disable=Ne pas notifier
+email_notifications.submit=Définir les préférences de courriel
+email_notifications.andyourown=Inclure vos propres notifications
+email_notifications.actions.desc=Notification pour les executions de workflows sur les dépôts configurés avec les <a target="_blank" href="%s">Actions Gitea</a>.
+email_notifications.actions.failure_only=Ne notifier que pour les exécutions échouées
 
 visibility=Visibilité de l'utilisateur
 visibility.public=Public
@@ -1027,8 +1037,8 @@ new_repo_helper=Un dépôt contient tous les fichiers d’un projet, ainsi que l
 owner=Propriétaire
 owner_helper=Certaines organisations peuvent ne pas apparaître dans la liste déroulante en raison d'une limite maximale du nombre de dépôts.
 repo_name=Nom du dépôt
-repo_name_profile_public_hint=.profile est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil public d’organisation, visible à tout le monde. Assurez-vous qu’il soit public et initialisez-le avec un README dans le répertoire de profil pour commencer.
-repo_name_profile_private_hint=.profile-private est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil d’organisation, visible uniquement aux membres de l’organisation. Assurez-vous qu’il soit privé et initialisez-le avec un README dans le répertoire de profil pour commencer.
+repo_name_profile_public_hint=.profile est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil public d’organisation, visible par tous. Assurez-vous qu’il soit public et initialisez-le avec un README dans le répertoire de profil pour commencer.
+repo_name_profile_private_hint=.profile-private est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil d’organisation, visible uniquement à ses membres. Assurez-vous qu’il soit privé et initialisez-le avec un README dans le répertoire de profil pour commencer.
 repo_name_helper=Idéalement, le nom d’un dépôt devrait être court, mémorisable et unique. Vous pouvez personnaliser votre profil ou celui de votre organisation en créant un dépôt nommé « .profile » ou « .profile-private » et contenant un README.md.
 repo_size=Taille du dépôt
 template=Modèle
@@ -1050,7 +1060,7 @@ fork_branch=Branche à cloner sur la bifurcation
 all_branches=Toutes les branches
 view_all_branches=Voir toutes les branches
 view_all_tags=Voir toutes les étiquettes
-fork_no_valid_owners=Ce dépôt ne peut pas être bifurqué car il n’a pas de propriétaire valide.
+fork_no_valid_owners=Ce dépôt ne peut pas être bifurqué car il n'y a pas de propriétaire(s) valide(s).
 fork.blocked_user=Impossible de bifurquer le dépôt car vous êtes bloqué par son propriétaire.
 use_template=Utiliser ce modèle
 open_with_editor=Ouvrir avec %s
@@ -1079,13 +1089,13 @@ readme_helper_desc=Le README est l'endroit idéal pour décrire votre projet et
 auto_init=Initialiser le dépôt (avec un .gitignore, une Licence et un README.md)
 trust_model_helper=Choisissez, parmi les éléments suivants, les règles de confiance des signatures paraphant les révisions :
 trust_model_helper_collaborator=Collaborateur : ne se fier qu'aux signatures des collaborateurs du dépôt
-trust_model_helper_committer=Auteur : ne se fier qu'aux signatures des auteurs de révisions
+trust_model_helper_committer=Auteur : ne se fier qu’aux signatures des auteurs de révisions
 trust_model_helper_collaborator_committer=Collaborateur et Auteur : ne se fier qu'aux signatures des auteurs collaborant au dépôt
 trust_model_helper_default=Par défaut : valeur configurée par défaut pour cette instance Gitea
 create_repo=Créer un dépôt
 default_branch=Branche par défaut
 default_branch_label=défaut
-default_branch_helper=La branche par défaut est la branche de base pour les demandes d'ajout et les révisions de code.
+default_branch_helper=La branche par défaut est la branche de base pour les demandes d’ajout et les révisions de code.
 mirror_prune=Purger
 mirror_prune_desc=Supprimer les références externes obsolètes
 mirror_interval=Intervalle de synchronisation (les unités de temps valides sont 'h', 'm' et 's'). 0 pour désactiver la synchronisation automatique. (Intervalle minimum : %s)
@@ -1094,12 +1104,12 @@ mirror_sync=synchronisé
 mirror_sync_on_commit=Synchroniser quand les révisions sont soumis
 mirror_address=Cloner depuis une URL
 mirror_address_desc=Insérez tous les identifiants requis dans la section Autorisation.
-mirror_address_url_invalid=L’URL fournie est invalide. Vous devez échapper tous les composants de l'URL correctement.
+mirror_address_url_invalid=L’URL fournie est invalide. Vous devez échapper tous les composants de l’URL correctement.
 mirror_address_protocol_invalid=L'URL fournie est invalide. Seuls les protocoles http(s):// ou git:// peuvent référencer un miroir.
 mirror_lfs=Stockage de fichiers volumineux (LFS)
 mirror_lfs_desc=Activer la mise en miroir des données LFS.
 mirror_lfs_endpoint=Point d'accès LFS
-mirror_lfs_endpoint_desc=La synchronisation tentera d'utiliser l'url de clonage pour <a target="_blank" rel="noopener noreferrer" href="%s">déterminer le serveur LFS</a>. Vous pouvez également spécifier un point d'accès personnalisé si les données LFS du dépôt sont stockées ailleurs.
+mirror_lfs_endpoint_desc=La synchronisation tentera d’utiliser l’URL de clonage pour <a target="_blank" rel="noopener noreferrer" href="%s">identifier le serveur LFS</a>. Vous pouvez spécifier un point d’accès personnalisé si les données LFS du dépôt sont stockées ailleurs.
 mirror_last_synced=Dernière synchronisation
 mirror_password_placeholder=(Aucune modification)
 mirror_password_blank_placeholder=(Non défini)
@@ -1137,6 +1147,7 @@ transfer.no_permission_to_reject=Vous n’êtes pas autorisé à rejeter ce tran
 
 desc.private=Privé
 desc.public=Publique
+desc.public_access=Accès public
 desc.template=Modèle
 desc.internal=Interne
 desc.archived=Archivé
@@ -1153,8 +1164,8 @@ template.issue_labels=Labels de ticket
 template.one_item=Vous devez sélectionner au moins un élément du modèle
 template.invalid=Vous devez sélectionner un modèle de dépôt
 
-archive.title=Ce dépôt est archivé. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
-archive.title_date=Ce dépôt a été archivé le %s. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
+archive.title=Ce dépôt est archivé. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d’ajout, ni soumettre de changements.
+archive.title_date=Ce dépôt a été archivé le %s. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d’ajout, ni soumettre de changements.
 archive.issue.nocomment=Ce dépôt est archivé. Vous ne pouvez pas commenter de tickets.
 archive.pull.nocomment=Ce dépôt est archivé. Vous ne pouvez pas commenter de demande d'ajout.
 
@@ -1171,7 +1182,7 @@ migrate_options_lfs=Migrer les fichiers LFS
 migrate_options_lfs_endpoint.label=Point d'accès LFS
 migrate_options_lfs_endpoint.description=La migration va tenter d'utiliser votre dépôt Git distant pour <a target="_blank" rel="noopener noreferrer" href="%s">déterminer le serveur LFS</a>. Vous pouvez également spécifier un point d'accès personnalisé si les données LFS du dépôt sont stockées ailleurs.
 migrate_options_lfs_endpoint.description.local=Un chemin de serveur local est également pris en charge.
-migrate_options_lfs_endpoint.placeholder=Si laissé vide, le point de terminaison sera dérivé de l'URL du clone
+migrate_options_lfs_endpoint.placeholder=Si laissé vide, le point d’accès sera déterminé à partir de l’URL de clonage.
 migrate_items=Éléments à migrer
 migrate_items_wiki=Wiki
 migrate_items_milestones=Jalons
@@ -1186,7 +1197,7 @@ migrate.clone_address_desc=L'URL HTTP(S) ou Git "clone" d'un dépôt existant
 migrate.github_token_desc=Vous pouvez mettre un ou plusieurs jetons séparés par des virgules ici pour rendre la migration plus rapide et contourner la limite de débit de l’API GitHub. ATTENTION : Abuser de cette fonctionnalité peut enfreindre la politique du fournisseur de service et entraîner un blocage de votre compte.
 migrate.clone_local_path=ou un chemin serveur local
 migrate.permission_denied=Vous n'êtes pas autorisé à importer des dépôts locaux.
-migrate.permission_denied_blocked=Vous ne pouvez pas importer depuis des hôtes interdits, veuillez demander à l'administrateur de vérifier les paramètres ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
+migrate.permission_denied_blocked=Vous ne pouvez pas importer depuis des domaines bannis, veuillez demander à votre administrateur de vérifier les paramètres ALLOWED_DOMAINS, ALLOW_LOCALNETWORKS ou BLOCKED_DOMAINS.
 migrate.invalid_local_path=Le chemin local n’est pas valide, n’existe pas ou n’est pas un dossier.
 migrate.invalid_lfs_endpoint=Le point d'accès LFS n'est pas valide.
 migrate.failed=Echec de migration: %v
@@ -1194,7 +1205,7 @@ migrate.migrate_items_options=Un jeton d'accès est requis pour migrer des élé
 migrated_from=Migré de <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migré de %[1]s
 migrate.migrate=Migrer depuis %s
-migrate.migrating=Migration de <b>%s</b> ...
+migrate.migrating=Migration de <b>%s</b>…
 migrate.migrating_failed=La migration de <b>%s</b> a échoué.
 migrate.migrating_failed.error=Échec de la migration : %s
 migrate.migrating_failed_no_addr=Échec de la migration.
@@ -1220,6 +1231,7 @@ migrate.migrating_issues=Migration des tickets
 migrate.migrating_pulls=Migration des demandes d'ajout
 migrate.cancel_migrating_title=Annuler la migration
 migrate.cancel_migrating_confirm=Voulez-vous abandonner cette migration ?
+migration_status=Statut de la migration
 
 mirror_from=miroir de
 forked_from=bifurqué depuis
@@ -1242,7 +1254,7 @@ clone_this_repo=Cloner ce dépôt
 cite_this_repo=Citer ce dépôt
 create_new_repo_command=Création d'un nouveau dépôt en ligne de commande
 push_exist_repo=Soumission d'un dépôt existant par ligne de commande
-empty_message=Ce dépôt n'a pas de contenu.
+empty_message=Ce dépôt n’a pas de contenu.
 broken_message=Les données git de ce dépôt ne peuvent pas être lues. Contactez l'administrateur de cette instance ou supprimez ce dépôt.
 no_branch=Ce dépôt n’a aucune branche.
 
@@ -1298,19 +1310,19 @@ file_copy_permalink=Copier le lien permanent
 view_git_blame=Voir Git Blâme
 video_not_supported_in_browser=Votre navigateur ne supporte pas la balise « vidéo » HTML5.
 audio_not_supported_in_browser=Votre navigateur ne supporte pas la balise « audio » HTML5.
-stored_lfs=Stocké avec Git LFS
 symbolic_link=Lien symbolique
 executable_file=Fichiers exécutables
 vendored=Externe
 generated=Générée
 commit_graph=Graphe des révisions
 commit_graph.select=Sélectionner les branches
-commit_graph.hide_pr_refs=Masquer les demandes d'ajout
+commit_graph.hide_pr_refs=Masquer les demandes d’ajout
 commit_graph.monochrome=Monochrome
 commit_graph.color=Couleur
 commit.contained_in=Cette révision appartient à :
 commit.contained_in_default_branch=Cette révision appartient à la branche par défaut
 commit.load_referencing_branches_and_tags=Charger les branches et étiquettes référençant cette révision
+commit.merged_in_pr=Cette révision a été fusionnée dans la demande d’ajout %s.
 blame=Annotations
 download_file=Télécharger le fichier
 normal_view=Vue normale
@@ -1324,7 +1336,9 @@ editor.upload_file=Téléverser un fichier
 editor.edit_file=Modifier le fichier
 editor.preview_changes=Aperçu des modifications
 editor.cannot_edit_lfs_files=Les fichiers LFS ne peuvent pas être modifiés dans l'interface web.
+editor.cannot_edit_too_large_file=Le fichier est trop gros pour être édité.
 editor.cannot_edit_non_text_files=Les fichiers binaires ne peuvent pas être édités dans l'interface web.
+editor.file_not_editable_hint=Mais vous pouvez toujours le renommer ou le déplacer.
 editor.edit_this_file=Modifier le fichier
 editor.this_file_locked=Le fichier est verrouillé
 editor.must_be_on_a_branch=Vous devez être sur une branche pour appliquer ou proposer des modifications à ce fichier.
@@ -1336,7 +1350,7 @@ editor.name_your_file=Nommez votre fichier…
 editor.filename_help=Ajoutez un dossier en entrant son nom suivi d'une barre oblique ('/'). Supprimez un dossier avec un retour arrière au début du champ.
 editor.or=ou
 editor.cancel_lower=Annuler
-editor.commit_signed_changes=Réviser les changements (signé)
+editor.commit_signed_changes=Réviser les changements signés
 editor.commit_changes=Réviser les changements
 editor.add_tmpl=Ajouter {filename}
 editor.add=Ajouter %s
@@ -1344,7 +1358,7 @@ editor.update=Actualiser %s
 editor.delete=Supprimer %s
 editor.patch=Appliquer le correctif
 editor.patching=Correction:
-editor.fail_to_apply_patch=`Impossible d'appliquer le correctif "%s"`
+editor.fail_to_apply_patch=Impossible d’appliquer le correctif.
 editor.new_patch=Nouveau correctif
 editor.commit_message_desc=Ajouter une description détaillée facultative…
 editor.signoff_desc=Créditer l'auteur "Signed-off-by:" en pied de révision.
@@ -1358,14 +1372,13 @@ editor.cancel=Annuler
 editor.filename_cannot_be_empty=Le nom de fichier ne peut être vide.
 editor.filename_is_invalid=Le nom du fichier est invalide : "%s".
 editor.commit_email=Courriel de la révision
-editor.invalid_commit_email=Le courriel pour la révision n’est pas valide.
+editor.invalid_commit_email=Le courriel de la révision n’est pas valide.
 editor.branch_does_not_exist=La branche "%s" n'existe pas dans ce dépôt.
 editor.branch_already_exists=La branche "%s" existe déjà dans ce dépôt.
 editor.directory_is_a_file=Le nom de dossier "%s" est déjà utilisé comme nom de fichier dans ce dépôt.
-editor.file_is_a_symlink=`« %s » est un lien symbolique. Ce type de fichiers ne peut être modifié dans l'éditeur web.`
+editor.file_is_a_symlink=`« %s » est un lien symbolique. Ce type de fichiers ne peut être modifié dans l’éditeur web.`
 editor.filename_is_a_directory=« %s » est déjà utilisé comme nom de dossier dans ce dépôt.
-editor.file_editing_no_longer_exists=Impossible de modifier le fichier « %s » car il n’existe plus dans ce dépôt.
-editor.file_deleting_no_longer_exists=Impossible de supprimer le fichier « %s » car il n’existe plus dans ce dépôt.
+editor.file_modifying_no_longer_exists=Le fichier en cours d’édition, '%s', n’existe plus dans ce dépôt.
 editor.file_changed_while_editing=Le contenu du fichier a changé depuis que vous avez commencé à éditer. <a target="_blank" rel="noopener noreferrer" href="%s">Cliquez ici</a> pour voir les changements ou <strong>soumettez de nouveau</strong> pour les écraser.
 editor.file_already_exists=Un fichier nommé "%s" existe déjà dans ce dépôt.
 editor.commit_id_not_matching=L’ID de la révision ne correspond pas à l’ID lorsque vous avez commencé à éditer. Faites une révision dans une branche de correctif puis fusionnez.
@@ -1373,8 +1386,6 @@ editor.push_out_of_date=Cet envoi semble être obsolète.
 editor.commit_empty_file_header=Réviser un fichier vide
 editor.commit_empty_file_text=Le fichier que vous allez réviser est vide. Continuer ?
 editor.no_changes_to_show=Il n’y a aucune modification à afficher.
-editor.fail_to_update_file=Impossible de mettre à jour/créer le fichier "%s".
-editor.fail_to_update_file_summary=Message d'erreur :
 editor.push_rejected_no_message=La modification a été rejetée par le serveur sans message. Veuillez vérifier les Git Hooks.
 editor.push_rejected=La modification a été rejetée par le serveur. Veuillez vérifier vos Git Hooks.
 editor.push_rejected_summary=Message de rejet complet :
@@ -1388,6 +1399,15 @@ editor.user_no_push_to_branch=L'utilisateur ne peut pas pousser vers la branche
 editor.require_signed_commit=Cette branche nécessite une révision signée
 editor.cherry_pick=Picorer %s vers:
 editor.revert=Rétablir %s sur:
+editor.failed_to_commit=Impossible de réviser les modifications.
+editor.failed_to_commit_summary=Message d’erreur :
+
+editor.fork_create=Bifurquer le Dépôt pour proposer vos modifications
+editor.fork_create_description=Vous ne pouvez pas modifier ce dépôt directement. Cependant, vous pouvez bifurquer ce dépôt, et créer une demande d’ajout avec vos contributions.
+editor.fork_edit_description=Vous ne pouvez pas modifier ce dépôt directement. Les modifications seront écrites sur une bifurcation <b>%s</b>, vous permettant de faire une demande d’ajout.
+editor.fork_not_editable=Vous avez bifurqué ce dépôt mais votre copie n’est pas modifiable.
+editor.fork_failed_to_push_branch=Impossible de pousser la branche %s vers votre dépôt.
+editor.fork_branch_exists=La branche « %s » existe déjà dans votre bifurcation, veuillez choisir un nouveau nom.
 
 commits.desc=Naviguer dans l'historique des modifications.
 commits.commits=Révisions
@@ -1545,11 +1565,14 @@ issues.filter_project=Projet
 issues.filter_project_all=Tous les projets
 issues.filter_project_none=Aucun projet
 issues.filter_assignee=Assigné
+issues.filter_assignee_no_assignee=Non-assigné
+issues.filter_assignee_any_assignee=Assigné
 issues.filter_poster=Auteur
 issues.filter_user_placeholder=Rechercher des utilisateurs
 issues.filter_user_no_select=Tous les utilisateurs
 issues.filter_type=Type
 issues.filter_type.all_issues=Tous les tickets
+issues.filter_type.all_pull_requests=Toutes les demandes d’ajout
 issues.filter_type.assigned_to_you=Qui vous sont assignés
 issues.filter_type.created_by_you=Créés par vous
 issues.filter_type.mentioning_you=Vous mentionnant
@@ -1641,12 +1664,15 @@ issues.save=Enregistrer
 issues.label_title=Nom du label
 issues.label_description=Description du label
 issues.label_color=Couleur du label
+issues.label_color_invalid=Couleur invalide
 issues.label_exclusive=Exclusif
 issues.label_archive=Archivé
 issues.label_archived_filter=Afficher les labels archivés
 issues.label_archive_tooltip=Les labels archivés sont par défaut exclus des suggestions lors de la recherche par label.
 issues.label_exclusive_desc=Remarque : pour rendre des labels mutuellement exclusifs, préfixez leur nom d’une portée au format <code>portée/label</code>.
 issues.label_exclusive_warning=Tout label d'une portée en conflit sera retiré lors de la modification des labels d’un ticket ou d’une demande d’ajout.
+issues.label_exclusive_order=Ordre de tri
+issues.label_exclusive_order_tooltip=Les labels exclusifs partageant la même portée seront triées selon cet ordre numérique.
 issues.label_count=%d labels
 issues.label_open_issues=%d tickets ouverts
 issues.label_edit=Éditer
@@ -1670,7 +1696,6 @@ issues.pin_comment=a épinglé ça %s.
 issues.unpin_comment=a désépinglé ça %s.
 issues.lock=Verrouiller la conversation
 issues.unlock=Déverrouiller la conversation
-issues.lock.unknown_reason=Impossible de verrouiller un ticket avec une raison inconnue.
 issues.lock_duplicate=Un ticket ne peut pas être verrouillé à deux reprises.
 issues.unlock_error=Impossible de déverrouiller un ticket qui n'est pas verrouillé.
 issues.lock_with_reason=a verrouillé en tant que <strong>%s</strong> et limité la conversation aux collaborateurs %s
@@ -1704,13 +1729,15 @@ issues.remove_time_estimate_at=a supprimé le temps estimé %s
 issues.time_estimate_invalid=Le format du temps estimé est invalide
 issues.start_tracking_history=`a commencé son travail %s.`
 issues.tracker_auto_close=Le minuteur sera automatiquement arrêté quand le ticket sera fermé.
+issues.stopwatch_already_stopped=Le minuteur pour ce ticket est déjà arrêtée.
+issues.stopwatch_already_created=Le minuteur pour ce ticket existe déjà.
 issues.tracking_already_started=`Vous avez déjà un minuteur en cours sur <a href="%s">un autre ticket</a> !`
 issues.stop_tracking=Arrêter le minuteur
-issues.stop_tracking_history=a travaillé sur <b>%[1]s</b> %[2]s
+issues.stop_tracking_history=a travaillé <b>%[1]s</b> %[2]s
 issues.cancel_tracking=Abandonner
 issues.cancel_tracking_history=`a abandonné son minuteur %s.`
 issues.del_time=Supprimer ce minuteur du journal
-issues.add_time_history=a pointé du temps de travail sur <b>%[1]s</b>, %[2]s
+issues.add_time_history=a pointé <b>%[1]s</b> de travail %[2]s.
 issues.del_time_history=`a supprimé son temps de travail %s.`
 issues.add_time_manually=Temps pointé manuellement
 issues.add_time_hours=Heures
@@ -1754,9 +1781,9 @@ issues.dependency.pr_closing_blockedby=La fermeture de cette demande d’ajout e
 issues.dependency.issue_closing_blockedby=La fermeture de ce ticket est bloquée par les tickets suivants
 issues.dependency.issue_close_blocks=Ce ticket empêche la clôture des tickets suivants
 issues.dependency.pr_close_blocks=Cette demande d’ajout empêche la clôture des tickets suivants
-issues.dependency.issue_close_blocked=Vous devez fermer tous les tickets qui bloquent ce ticket avant de pouvoir le fermer.
+issues.dependency.issue_close_blocked=Vous devez fermer tous les tickets qui bloquent celui-ci avant de pouvoir le fermer.
 issues.dependency.issue_batch_close_blocked=Impossible de fermer tous les tickets que vous avez choisis, car le ticket #%d a toujours des dépendances ouvertes.
-issues.dependency.pr_close_blocked=Vous devez fermer tous les tickets qui bloquent cette demande d'ajout avant de pouvoir la fusionner.
+issues.dependency.pr_close_blocked=Vous devez fermer tous les tickets qui bloquent cette demande d’ajout avant de pouvoir la fusionner.
 issues.dependency.blocks_short=Bloque
 issues.dependency.blocked_by_short=Dépend de
 issues.dependency.remove_header=Supprimer cette dépendance
@@ -1767,7 +1794,7 @@ issues.dependency.add_error_same_issue=Vous ne pouvez pas faire dépendre un tic
 issues.dependency.add_error_dep_issue_not_exist=Le ticket dépendant n'existe pas.
 issues.dependency.add_error_dep_not_exist=La dépendance n'existe pas.
 issues.dependency.add_error_dep_exists=La dépendance existe déjà.
-issues.dependency.add_error_cannot_create_circular=Vous ne pouvez pas créer une dépendance avec deux tickets qui se bloquent l'un l'autre.
+issues.dependency.add_error_cannot_create_circular=Vous ne pouvez pas créer une dépendance si les deux tickets se bloquent mutuellement.
 issues.dependency.add_error_dep_not_same_repo=Les deux tickets doivent être dans le même dépôt.
 issues.review.self.approval=Vous ne pouvez approuver vos propres demandes d'ajout.
 issues.review.self.rejection=Vous ne pouvez demander de changements sur vos propres demandes de changement.
@@ -1781,7 +1808,7 @@ issues.review.reject=a requis les changements %s
 issues.review.wait=a été sollicité pour évaluer cette demande d’ajout %s.
 issues.review.add_review_request=a demandé à %s une évaluation %s.
 issues.review.remove_review_request=a retiré la demande d’évaluation pour %s %s.
-issues.review.remove_review_request_self=a refusé d’évaluer cette demande d’ajout %s.
+issues.review.remove_review_request_self=a décliné son invitation à évaluer %s.
 issues.review.pending=En attente
 issues.review.pending.tooltip=Ce commentaire n'est pas encore visible par les autres utilisateurs. Pour soumettre vos commentaires en attente, sélectionnez "%s" → "%s/%s/%s" en haut de la page.
 issues.review.review=Évaluation
@@ -1803,7 +1830,7 @@ issues.review.requested=Évaluation en attente
 issues.review.rejected=Changements demandées
 issues.review.stale=Modifiée depuis la dernière approbation
 issues.review.unofficial=Approbation non comptabilisée
-issues.assignee.error=Tous les assignés n'ont pas été ajoutés en raison d'une erreur inattendue.
+issues.assignee.error=Tous les assignés n’ont pas été ajoutés en raison d’une erreur inattendue.
 issues.reference_issue.body=Corps
 issues.content_history.deleted=a supprimé
 issues.content_history.edited=a édité
@@ -1841,7 +1868,7 @@ pulls.show_all_commits=Afficher toutes les révisions
 pulls.show_changes_since_your_last_review=Affiche les modifications depuis votre dernière évaluation.
 pulls.showing_only_single_commit=Affiche uniquement les changements de la révision %[1]s
 pulls.showing_specified_commit_range=Affichage des changements filtré entre %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Maintenir Maj et cliquer sur des révisions pour faire un intervalle
+pulls.select_commit_hold_shift_for_range=Maintenir Maj et cliquer sur des révisions pour sélectionner un ensemble de révisions.
 pulls.review_only_possible_for_full_diff=Une évaluation n'est possible que lorsque vous affichez le différentiel complet.
 pulls.filter_changes_by_commit=Filtrer par révision
 pulls.nothing_to_compare=Ces branches sont identiques. Il n’y a pas besoin de créer une demande d'ajout.
@@ -1870,7 +1897,7 @@ pulls.add_prefix=Ajouter le préfixe <strong>%s</strong>
 pulls.remove_prefix=Enlever le préfixe <strong>%s</strong>
 pulls.data_broken=Cette demande d’ajout est impossible par manque d'informations de bifurcation.
 pulls.files_conflicted=Cette demande d'ajout contient des modifications en conflit avec la branche ciblée.
-pulls.is_checking=Vérification des conflits de fusion en cours. Réessayez dans quelques instants.
+pulls.is_checking=Recherche de conflits de fusion…
 pulls.is_ancestor=Cette branche est déjà présente dans la branche ciblée. Il n'y a rien à fusionner.
 pulls.is_empty=Les changements sur cette branche sont déjà sur la branche cible. Cette révision sera vide.
 pulls.required_status_check_failed=Certains contrôles requis n'ont pas réussi.
@@ -1894,15 +1921,15 @@ pulls.reject_count_1=%d changement requis
 pulls.reject_count_n=%d changements requis
 pulls.waiting_count_1=%d évaluation en attente
 pulls.waiting_count_n=%d évaluations en attente
-pulls.wrong_commit_id=l'ID de la révision doit être un ID de révision sur la branche cible
+pulls.wrong_commit_id=l’ID de la révision doit être une ID de révision sur la branche cible
 
 pulls.no_merge_desc=Cette demande d’ajout ne peut être fusionnée car toutes les options de fusion du dépôt sont désactivées.
 pulls.no_merge_helper=Activez des options de fusion dans les paramètres du dépôt ou fusionnez la demande manuellement.
 pulls.no_merge_wip=Cette demande d’ajout ne peut pas être fusionnée car elle est marquée en chantier.
-pulls.no_merge_not_ready=Cette demande d’ajout n’est pas prête à être fusionnée, vérifiez les évaluations en cours et le contrôle qualité.
+pulls.no_merge_not_ready=Cette demande d’ajout n’est pas prête à être fusionnée, vérifiez les évaluations et le contrôle qualité.
 pulls.no_merge_access=Vous n'êtes pas autorisé⋅e à fusionner cette demande d'ajout.
 pulls.merge_pull_request=Créer une révision de fusion
-pulls.rebase_merge_pull_request=Rebaser puis avancer rapidement
+pulls.rebase_merge_pull_request=Rebaser puis rattraper
 pulls.rebase_merge_commit_pull_request=Rebaser puis créer une révision de fusion
 pulls.squash_merge_pull_request=Créer une révision de concaténation
 pulls.fast_forward_only_merge_pull_request=Avance rapide uniquement
@@ -1911,17 +1938,17 @@ pulls.merge_commit_id=L'ID de la révision de fusion
 pulls.require_signed_wont_sign=La branche nécessite des révisions signées mais cette fusion ne sera pas signée
 
 pulls.invalid_merge_option=Vous ne pouvez pas utiliser cette option de fusion pour cette demande.
-pulls.merge_conflict=Échec de la fusion : il y a eu un conflit lors de la fusion. Indice : Essayez une autre stratégie
+pulls.merge_conflict=Échec de la fusion : il y a eu un conflit lors de la fusion. Conseil : Essayez une stratégie différente.
 pulls.merge_conflict_summary=Message d'erreur
-pulls.rebase_conflict=Fusion échouée : il y a eu un conflit lors du rebasage de la révision %[1]s. Astuce : Essayez une stratégie différente
+pulls.rebase_conflict=Échec de la fusion : il y a eu un conflit lors du rebasage de la révision %[1]s. Conseil : Essayez une stratégie différente.
 pulls.rebase_conflict_summary=Message d'erreur
-pulls.unrelated_histories=Échec de la fusion: La tête de fusion et la base ne partagent pas d'historique commun. Indice : Essayez une stratégie différente
-pulls.merge_out_of_date=Échec de la fusion: La base a été mise à jour en cours de fusion. Indice : Réessayez.
+pulls.unrelated_histories=Échec de la fusion : La tête de fusion et la base ne partagent pas d’historique commun. Conseil : Essayez une stratégie différente.
+pulls.merge_out_of_date=Échec de la fusion : La base a été mise à jour pendant la fusion. Conseil : Réessayez.
 pulls.head_out_of_date=Échec de la fusion : L’en-tête a été mis à jour pendant la fusion. Conseil : réessayez.
 pulls.has_merged=Échec : La demande d’ajout est déjà fusionnée, vous ne pouvez plus la fusionner, ni modifier sa branche cible.
 pulls.push_rejected=Échec de la fusion : la soumission a été rejetée. Revoyez les déclencheurs Git pour ce dépôt.
 pulls.push_rejected_summary=Message de rejet complet
-pulls.push_rejected_no_message=Échec de la fusion : la soumission a été rejetée sans raison. Revoyez les déclencheurs Git pour ce dépôt.
+pulls.push_rejected_no_message=Échec de la fusion : la soumission a été rejetée sans raison. Contrôler les déclencheurs Git pour ce dépôt.
 pulls.open_unmerged_pull_exists=`Vous ne pouvez pas rouvrir ceci car la demande d’ajout #%d, en attente, a des propriétés identiques.`
 pulls.status_checking=Certains contrôles sont en attente
 pulls.status_checks_success=Tous les contrôles ont réussi
@@ -2013,7 +2040,7 @@ signing.wont_sign.nokey=Aucune clé n’est disponible pour signer cette révisi
 signing.wont_sign.never=Les révisions ne sont jamais signées.
 signing.wont_sign.always=Les révisions sont toujours signées.
 signing.wont_sign.pubkey=La révision ne sera pas signée car vous votre compte ne possède pas de clé publique.
-signing.wont_sign.twofa=Vous devez activer l'authentification à deux facteurs pour signer vos révisions.
+signing.wont_sign.twofa=Vous devez activer l’authentification à deux facteurs pour signer vos révisions.
 signing.wont_sign.parentsigned=Cette révision ne sera pas signée car son parent n’est pas signée.
 signing.wont_sign.basesigned=La fusion ne sera pas signée car la première révision n’est pas signée.
 signing.wont_sign.headsigned=La fusion ne sera pas signée car la dernière révision n’est pas signée.
@@ -2099,7 +2126,7 @@ activity.title.releases_1=%d publication
 activity.title.releases_n=%d publications
 activity.title.releases_published_by=%s publiée par %s
 activity.published_release_label=Publiée
-activity.no_git_activity=Il n'y a pas eu de nouvelle révision dans cette période.
+activity.no_git_activity=Il n’y a pas de révision durant cette période.
 activity.git_stats_exclude_merges=En excluant les fusions,
 activity.git_stats_author_1=%d auteur
 activity.git_stats_author_n=%d auteurs
@@ -2127,14 +2154,21 @@ contributors.contribution_type.additions=Ajouts
 contributors.contribution_type.deletions=Suppressions
 
 settings=Paramètres
-settings.desc=Les paramètres sont l'endroit où gérer les options du dépôt
+settings.desc=Les paramètres sont l’endroit où gérer les options du dépôt.
 settings.options=Dépôt
+settings.public_access=Accès public
+settings.public_access_desc=Configurer les permissions des visiteurs publics remplaçant les valeurs par défaut de ce dépôt.
+settings.public_access.docs.not_set=Non défini : ne donne aucune permission supplémentaire. Les règles du dépôt et les permissions des utilisateurs font foi.
+settings.public_access.docs.anonymous_read=Lecture anonyme : les utilisateurs qui ne sont pas connectés peuvent consulter la ressource.
+settings.public_access.docs.everyone_read=Consultation collective : tous les utilisateurs connectés peuvent consulter la ressource. Mettre les tickets et demandes d’ajouts en accès public signifie que les utilisateurs connectés peuvent en créer.
+settings.public_access.docs.everyone_write=Participation collective : tous les utilisateurs connectés ont la permission d’écrire sur la ressource. Seule le Wiki supporte cette autorisation.
 settings.collaboration=Collaborateurs
 settings.collaboration.admin=Administrateur
 settings.collaboration.write=Écriture
 settings.collaboration.read=Lecture
 settings.collaboration.owner=Propriétaire
 settings.collaboration.undefined=Indéfini
+settings.collaboration.per_unit=Permissions de ressource
 settings.hooks=Webhooks
 settings.githooks=Déclencheurs Git
 settings.basic_settings=Paramètres de base
@@ -2175,7 +2209,6 @@ settings.advanced_settings=Paramètres avancés
 settings.wiki_desc=Activer le wiki du dépôt
 settings.use_internal_wiki=Utiliser le wiki interne
 settings.default_wiki_branch_name=Nom de la branche du Wiki par défaut
-settings.default_permission_everyone_access=Autorisation d’accès par défaut pour tous les utilisateurs connectés :
 settings.failed_to_change_default_wiki_branch=Impossible de modifier la branche du wiki par défaut.
 settings.use_external_wiki=Utiliser un wiki externe
 settings.external_wiki_url=URL Wiki externe
@@ -2242,7 +2275,7 @@ settings.transfer_abort_invalid=Vous ne pouvez pas annuler un transfert de dépÃ
 settings.transfer_abort_success=Le transfert du dépôt vers %s a bien été stoppé.
 settings.transfer_desc=Transférer ce dépôt à un autre utilisateur ou une organisation dont vous possédez des droits d'administrateur.
 settings.transfer_form_title=Entrez le nom du dépôt pour confirmer :
-settings.transfer_in_progress=Il y a actuellement un transfert en cours. Veuillez l'annuler si vous souhaitez transférer ce dépôt à un autre utilisateur.
+settings.transfer_in_progress=Il y a actuellement un transfert en cours. Veuillez l’annuler si vous souhaitez transférer ce dépôt à un autre utilisateur.
 settings.transfer_notices_1=- Vous perdrez l'accès à ce dépôt si vous le transférez à un autre utilisateur.
 settings.transfer_notices_2=- Vous conserverez l'accès à ce dépôt si vous le transférez à une organisation dont vous êtes (co-)propriétaire.
 settings.transfer_notices_3=- Si le dépôt est privé et est transféré à un utilisateur individuel, cette action s'assure que l'utilisateur a au moins la permission de lire (et modifie les permissions si nécessaire).
@@ -2257,13 +2290,13 @@ settings.trust_model.default=Par défaut
 settings.trust_model.default.desc=Utiliser le niveau de confiance configuré par défaut pour cette instance Gitea.
 settings.trust_model.collaborator=Collaborateur
 settings.trust_model.collaborator.long=Collaborateur : ne se fier qu'aux signatures des collaborateurs du dépôt
-settings.trust_model.collaborator.desc=La signature d'une révision est dite « fiable » si elle correspond à un collaborateur du dépôt, indépendamment de son auteur. À défaut, si elle correspond à l'auteur de la révision, elle sera « dilettante », et « discordante » sinon.
+settings.trust_model.collaborator.desc=La signature d’une révision est dite « fiable » si elle correspond à un collaborateur du dépôt, indépendamment de son auteur. À défaut, si elle correspond à l’auteur de la révision, elle sera « dilettante », et « discordante » sinon.
 settings.trust_model.committer=Auteur
-settings.trust_model.committer.long=Auteur : ne se fier qu'aux signatures des auteurs des révisions (mimique GitHub en forçant Gitea à co-signer ses révisions)
-settings.trust_model.committer.desc=La signature d'une révision est dite « fiable » si elle corresponds à son auteur, autrement elle est « discordante ». Pour les révisions déléguées à Gitea, elles seront signées par Gitea et l'auteur original sera crédité "Co-authored-by:" et "Co-committed-by:" en pied de révision. Pour cela, la clé configurée par défaut de Gitea doit correspondre à celle d'un utilisateur.
+settings.trust_model.committer.long=Auteur : ne se fier qu’aux signatures des auteurs des révisions (mimique GitHub en forçant Gitea à co-signer ses révisions).
+settings.trust_model.committer.desc=La signature d’une révision est dite « fiable » si elle corresponds à son auteur, autrement elle est « discordante ». Pour les révisions déléguées à Gitea, elles seront signées par Gitea et l’auteur original sera crédité "Co-authored-by:" et "Co-committed-by:" en pied de révision. Pour cela, la clé configurée par défaut de Gitea doit correspondre à celle d’un utilisateur.
 settings.trust_model.collaboratorcommitter=Collaborateur et Auteur
 settings.trust_model.collaboratorcommitter.long=Collaborateur et Auteur : ne se fier qu'aux signatures des auteurs collaborant au dépôt
-settings.trust_model.collaboratorcommitter.desc=La signature d'une révision est dite « fiable » si elle correponds à l'auteur collaborant au dépôt. Elle est « dilettante » si elle ne correponds qu'à l'auteur, et autrement « discordante ». Pour les révisions déléguées à Gitea, elles seront signées par Gitea et l'auteur original sera crédité "Co-authored-by:" et "Co-committed-by:" en pied de révision. Pour cela, la clé configurée par défaut de Gitea doit correspondre à celle d'un utilisateur.
+settings.trust_model.collaboratorcommitter.desc=La signature d’une révision est dite « fiable » si elle correponds à l’auteur collaborant au dépôt. Elle est « dilettante » si elle ne correponds qu’à l'auteur, et autrement « discordante ». Pour les révisions déléguées à Gitea, elles seront signées par Gitea et l’auteur original sera crédité "Co-authored-by:" et "Co-committed-by:" en pied de révision. Pour cela, la clé configurée par défaut de Gitea doit correspondre à celle d’un utilisateur.
 settings.wiki_delete=Supprimer les données du Wiki
 settings.wiki_delete_desc=Supprimer les données du wiki d'un dépôt est permanent. Cette action est irréversible.
 settings.wiki_delete_notices_1=- Ceci supprimera de manière permanente et désactivera le wiki de dépôt pour %s.
@@ -2294,8 +2327,8 @@ settings.team_not_in_organization=L'équipe n'est pas dans la même organisation
 settings.teams=Équipes
 settings.add_team=Ajouter une équipe
 settings.add_team_duplicate=L'équipe a déjà le dépôt
-settings.add_team_success=L'équipe a maintenant accès au dépôt.
-settings.change_team_permission_tip=La permission de l'équipe est définie sur la page de configuration de l'équipe et ne peut pas être modifiée par dépôt
+settings.add_team_success=L’équipe a maintenant accès au dépôt.
+settings.change_team_permission_tip=Les permissions d’équipes sont à définir sur la page de configuration des équipes, et non celle des dépôts.
 settings.delete_team_tip=Cette équipe a accès à tous les dépôts et ne peut pas être supprimée
 settings.remove_team_success=L'accès de l'équipe au dépôt a été supprimé.
 settings.add_webhook=Ajouter un Webhook
@@ -2304,7 +2337,7 @@ settings.hooks_desc=Les Webhooks font automatiquement des requêtes HTTP POST à
 settings.webhook_deletion=Retirer le Webhook
 settings.webhook_deletion_desc=Supprimer un webhook supprime ses paramètres et son historique. Continuer ?
 settings.webhook_deletion_success=Le webhook a été supprimé.
-settings.webhook.test_delivery=Tester l'envoi
+settings.webhook.test_delivery=Tester l’envoi
 settings.webhook.test_delivery_desc=Testez ce webhook avec un faux événement.
 settings.webhook.test_delivery_desc_disabled=Pour tester ce webhook avec un faux événement, activez-le.
 settings.webhook.request=Requête
@@ -2325,6 +2358,7 @@ settings.payload_url=URL cible
 settings.http_method=Méthode HTTP
 settings.content_type=Type de contenu POST
 settings.secret=Secret
+settings.webhook_secret_desc=Si le serveur webhook supporte l’usage de secrets, vous pouvez indiquer un secret ici en vous basant sur leur documentation.
 settings.slack_username=Nom d'utilisateur
 settings.slack_icon_url=URL de l'icône
 settings.slack_color=Couleur
@@ -2354,7 +2388,7 @@ settings.event_repository=Dépôt
 settings.event_repository_desc=Dépôt créé ou supprimé.
 settings.event_header_issue=Événements de ticket
 settings.event_issues=Ticket
-settings.event_issues_desc=Ticket ouvert, rouvert, fermé ou modifié.
+settings.event_issues_desc=Ticket ouvert, rouvert, fermé, modifié ou supprimé.
 settings.event_issue_assign=Assignation
 settings.event_issue_assign_desc=Ticket assigné ou dé-assigné.
 settings.event_issue_label=Labellisation
@@ -2365,7 +2399,7 @@ settings.event_issue_comment=Commentaire
 settings.event_issue_comment_desc=Commentaire créé, modifié ou supprimé.
 settings.event_header_pull_request=Événements de demande d'ajout
 settings.event_pull_request=Demande d'ajout
-settings.event_pull_request_desc=Demande d’ajout ouverte, rouverte, fermée ou modifiée.
+settings.event_pull_request_desc=Demande d’ajout ouverte, rouverte, fermée, modifiée ou supprimée.
 settings.event_pull_request_assign=Assignation
 settings.event_pull_request_assign_desc=Demande d'ajout assignée ou non assignée.
 settings.event_pull_request_label=Labellisation
@@ -2383,8 +2417,10 @@ settings.event_pull_request_review_request_desc=Création ou suppresion de deman
 settings.event_pull_request_approvals=Approbations de demande d'ajout
 settings.event_pull_request_merge=Fusion de demande d'ajout
 settings.event_header_workflow=Événements du flux de travail
+settings.event_workflow_run=Exécution du flux de travail
+settings.event_workflow_run_desc=Tâche du flux de travail Gitea Actions ajoutée, en attente, en cours ou terminée.
 settings.event_workflow_job=Tâches du flux de travail
-settings.event_workflow_job_desc=Tâche du flux de travail Gitea Actions en file d’attente, en attente, en cours ou terminée.
+settings.event_workflow_job_desc=Travaux du flux de travail Gitea Actions en file d’attente, en attente, en cours ou terminée.
 settings.event_package=Paquet
 settings.event_package_desc=Paquet créé ou supprimé.
 settings.branch_filter=Filtre de branche
@@ -2537,8 +2573,8 @@ settings.matrix.message_type=Type de message
 settings.visibility.private.button=Rendre privé
 settings.visibility.private.text=Rendre le dépôt privé rendra non seulement le dépôt visible uniquement aux membres autorisés, mais peut également rompre la relation entre lui et ses bifurcations, observateurs, et favoris.
 settings.visibility.private.bullet_title=<strong>Changer la visibilité en privé :</strong>
-settings.visibility.private.bullet_one=Va rendre le dépôt visible uniquement par les membres autorisés
-settings.visibility.private.bullet_two=Peut supprimer la relation avec <strong>ses bifurcations</strong>, <strong>ses observateurs</strong> et <strong>ses favoris</strong>
+settings.visibility.private.bullet_one=Rendra le dépôt visible uniquement aux membres autorisés.
+settings.visibility.private.bullet_two=Peut supprimer la relation avec <strong>ses bifurcations</strong>, <strong>ses observateurs</strong> et <strong>ses favoris</strong>.
 settings.visibility.public.button=Rendre public
 settings.visibility.public.text=Rendre le dépôt public rendra le dépôt visible à tout le monde.
 settings.visibility.public.bullet_title=<strong>Changer la visibilité en public va :</strong>
@@ -2557,7 +2593,7 @@ settings.archive.tagsettings_unavailable=Le paramétrage des étiquettes n'est p
 settings.archive.mirrors_unavailable=Les miroirs ne sont pas disponibles lorsque le dépôt est archivé.
 settings.unarchive.button=Réhabiliter
 settings.unarchive.header=Réhabiliter ce dépôt
-settings.unarchive.text=Réhabiliter un dépôt dégèle les actions de révisions et de soumissions, la gestion des tickets et des demandes d'ajouts.
+settings.unarchive.text=Réhabiliter un dépôt dégèle les actions de révisions et de soumissions, la gestion des tickets et des demandes d’ajouts.
 settings.unarchive.success=Le dépôt a bien été réhabilité.
 settings.unarchive.error=Une erreur est survenue en essayant deréhabiliter ce dépôt. Voir le journal pour plus de détails.
 settings.update_avatar_success=L'avatar du dépôt a été mis à jour.
@@ -2575,11 +2611,11 @@ settings.lfs_invalid_locking_path=Chemin invalide : %s
 settings.lfs_invalid_lock_directory=Impossible de verrouiller le répertoire : %s
 settings.lfs_lock_already_exists=Verrou déjà existant : %s
 settings.lfs_lock=Verrou
-settings.lfs_lock_path=Chemin de fichier à verrouiller...
+settings.lfs_lock_path=Chemin de fichier à verrouiller…
 settings.lfs_locks_no_locks=Pas de verrous
 settings.lfs_lock_file_no_exist=Le fichier verrouillé n'existe pas dans la branche par défaut
 settings.lfs_force_unlock=Forcer le déverrouillage
-settings.lfs_pointers.found=%d pointeur(s) sur blob trouvés - %d associés, %d non associés (%d manquant dans le magasin)
+settings.lfs_pointers.found=%d pointeur(s) trouvés : %d associés, %d non associés (%d manquant dans le magasin)
 settings.lfs_pointers.sha=SHA du Blob
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Dans le dépôt
@@ -2720,6 +2756,7 @@ branch.restore_success=La branche "%s" a été restaurée.
 branch.restore_failed=Impossible de restaurer la branche "%s".
 branch.protected_deletion_failed=La branche "%s" est protégé. Elle ne peut pas être supprimée.
 branch.default_deletion_failed=La branche "%s" est la branche par défaut. Elle ne peut pas être supprimée.
+branch.default_branch_not_exist=La branche par défaut « %s » n‘existe pas.
 branch.restore=`Restaurer la branche "%s"`
 branch.download=`Télécharger la branche "%s"`
 branch.rename=`Renommer la branche "%s"`
@@ -2736,6 +2773,8 @@ branch.new_branch_from=`Créer une nouvelle branche à partir de "%s"`
 branch.renamed=La branche %s à été renommée en %s.
 branch.rename_default_or_protected_branch_error=Seuls les administrateurs peuvent renommer les branches par défaut ou protégées.
 branch.rename_protected_branch_failed=Cette branche est protégée par des règles de protection basées sur des globs.
+branch.commits_divergence_from=Divergence de révisions : %[1]d en retard et %[2]d en avance sur %[3]s
+branch.commits_no_divergence=Identique à la branche %[1]s
 
 tag.create_tag=Créer l'étiquette %s
 tag.create_tag_operation=Créer une étiquette
@@ -2749,6 +2788,7 @@ topic.done=Terminé
 topic.count_prompt=Vous ne pouvez pas sélectionner plus de 25 sujets
 topic.format_prompt=Les sujets doivent commencer par un caractère alphanumérique, peuvent inclure des traits d’union « - » et des points « . », et mesurer jusqu'à 35 caractères. Les lettres doivent être en minuscules.
 
+find_file.follow_symlink=Suivre ce lien symbolique vers sa cible
 find_file.go_to_file=Aller au fichier
 find_file.no_matching=Aucun fichier correspondant trouvé
 
@@ -2789,6 +2829,7 @@ team_permission_desc=Autorisation
 team_unit_desc=Permettre l’accès aux Sections du dépôt
 team_unit_disabled=(Désactivé)
 
+form.name_been_taken=Le nom d’organisation « %s » a déjà été utilisé.
 form.name_reserved=Le nom d'organisation "%s" est réservé.
 form.name_pattern_not_allowed=Le motif « %s » n'est pas autorisé dans un nom d'organisation.
 form.create_org_not_allowed=Vous n'êtes pas autorisé à créer une organisation.
@@ -2810,15 +2851,28 @@ settings.visibility.private_shortname=Privé
 
 settings.update_settings=Appliquer les paramètres
 settings.update_setting_success=Les paramètres de l'organisation ont été mis à jour.
-settings.change_orgname_prompt=Remarque : Changer le nom de l'organisation changera également l'URL de votre organisation et libèrera l'ancien nom.
-settings.change_orgname_redirect_prompt=L'ancien nom d'utilisateur redirigera jusqu'à ce qu'il soit réclamé.
+
+settings.rename=Renommer l’organisation
+settings.rename_desc=Changer le nom de l’organisation changera également l’URL de votre organisation et libèrera l’ancien nom.
+settings.rename_success=L’organisation %[1]s a bien été renommé en %[2]s.
+settings.rename_no_change=Le nom de l’organisation n’a pas été modifié.
+settings.rename_new_org_name=Nouveau nom d’organisation
+settings.rename_failed=Le renommage de l’organisation a échoué en raison d’une erreur interne.
+settings.rename_notices_1=Cette opération <strong>ne peut pas </strong> être annulée.
+settings.rename_notices_2=L’ancien nom redirigera jusqu'à ce qu'il soit réclamé.
+
 settings.update_avatar_success=L'avatar de l'organisation a été mis à jour.
 settings.delete=Supprimer l'organisation
 settings.delete_account=Supprimer cette organisation
 settings.delete_prompt=Cette organisation sera supprimée définitivement. Cette action est <strong>IRRÉVERSIBLE</strong> !
+settings.name_confirm=Entrez le nom de l’organisation pour confirmer :
+settings.delete_notices_1=Cette opération <strong>ne peut pas</strong> être annulée.
+settings.delete_notices_2=Cette opération supprimera définitivement <strong>tous les dépôts</strong> de <strong>%s</strong>, y compris le code, les tickets, les commentaires, les données de wiki et les accès des collaborateurs.
+settings.delete_notices_3=Cette opération supprimera définitivement <strong>tous les paquets</strong> de <strong>%s</strong>.
+settings.delete_notices_4=Cette opération supprimera définitivement <strong>tous les projets</strong> de <strong>%s</strong>.
 settings.confirm_delete_account=Confirmer la suppression
-settings.delete_org_title=Supprimer l'organisation
-settings.delete_org_desc=Cette organisation sera supprimée définitivement. Voulez-vous continuer ?
+settings.delete_failed=La suppression de l’organisation a échoué en raison d’une erreur interne.
+settings.delete_successful=L’organisation <b>%s</b> a été supprimée avec succès.
 settings.hooks_desc=Vous pouvez ajouter des webhooks qui seront activés pour <strong>tous les dépôts</strong> de cette organisation.
 
 settings.labels_desc=Ajoute des labels qui peuvent être utilisés sur les tickets pour <strong>tous les dépôts</strong> de cette organisation.
@@ -2874,7 +2928,7 @@ teams.remove_all_repos_title=Supprimer tous les dépôts de l'équipe
 teams.remove_all_repos_desc=Ceci supprimera tous les dépôts de l'équipe.
 teams.add_all_repos_title=Ajouter tous les dépôts
 teams.add_all_repos_desc=Ceci ajoutera tous les dépôts de l'organisation à l'équipe.
-teams.add_nonexistent_repo=Le dépôt que vous essayez d'ajouter n'existe pas, veuillez le créer d'abord.
+teams.add_nonexistent_repo=Le dépôt que vous essayez d’ajouter n’existe pas, veuillez le créer d’abord.
 teams.add_duplicate_users=L’utilisateur est déjà un membre de l’équipe.
 teams.repos.none=Aucun dépôt n'est accessible par cette équipe.
 teams.members.none=Aucun membre dans cette équipe.
@@ -2915,7 +2969,7 @@ repositories=Dépôts
 hooks=Déclencheurs web
 integrations=Intégrations
 authentication=Sources d'authentification
-emails=Emails de l'utilisateur
+emails=Courriels de l’utilisateur
 config=Configuration
 config_summary=Résumé
 config_settings=Paramètres
@@ -2947,11 +3001,11 @@ dashboard.cron.cancelled=Tâche récurrente %[1]s annulée : %[3]s
 dashboard.cron.error=Erreur dans la tâche récurrente %s : %[3]s
 dashboard.cron.finished=Tâche récurrente %[1]s terminée
 dashboard.delete_inactive_accounts=Supprimer tous les comptes non actifs
-dashboard.delete_inactive_accounts.started=Tâche de suppression de tous les comptes inactifs démarrée.
+dashboard.delete_inactive_accounts.started=Début de la suppression de tous les comptes inactifs.
 dashboard.delete_repo_archives=Supprimer toutes les archives des dépôts (ZIP, TAR.GZ, etc..)
-dashboard.delete_repo_archives.started=Tâche de suppression de toutes les archives de dépôts démarrée.
+dashboard.delete_repo_archives.started=Début de la suppression de toutes les archives de dépôts.
 dashboard.delete_missing_repos=Supprimer tous les dépôts dont les fichiers Git sont manquants
-dashboard.delete_missing_repos.started=Tâche de suppression de tous les dépôts sans fichiers Git démarrée.
+dashboard.delete_missing_repos.started=Début de la suppression de tous les dépôts dépourvus de Git.
 dashboard.delete_generated_repository_avatars=Supprimer les avatars de dépôt générés
 dashboard.sync_repo_branches=Synchroniser les branches manquantes depuis Git vers la base de donnée.
 dashboard.sync_repo_tags=Synchroniser les étiquettes git depuis les dépôts vers la base de données
@@ -3000,10 +3054,10 @@ dashboard.total_gc_pause=Pause GC
 dashboard.last_gc_pause=Dernière Pause GC
 dashboard.gc_times=Nombres de GC
 dashboard.delete_old_actions=Supprimer toutes les anciennes activités de la base de données
-dashboard.delete_old_actions.started=La suppression des anciennes activités de la base de données a démarré.
+dashboard.delete_old_actions.started=Début de la suppression des plus vielles activités de la base de données.
 dashboard.update_checker=Vérificateur de mise à jour
 dashboard.delete_old_system_notices=Supprimer toutes les anciennes observations de la base de données
-dashboard.gc_lfs=Épousseter les métaobjets LFS
+dashboard.gc_lfs=Purger les métaobjets LFS
 dashboard.stop_zombie_tasks=Arrêter les tâches zombies
 dashboard.stop_endless_tasks=Arrêter les tâches interminables
 dashboard.cancel_abandoned_jobs=Annuler les travaux abandonnés
@@ -3071,22 +3125,22 @@ users.list_status_filter.is_2fa_enabled=2FA Activé
 users.list_status_filter.not_2fa_enabled=2FA désactivé
 users.details=Informations de l’utilisateur
 
-emails.email_manage_panel=Gestion des emails des utilisateurs
+emails.email_manage_panel=Gestion des courriels des utilisateurs
 emails.primary=Principale
 emails.activated=Activée
 emails.filter_sort.email=Courriel
 emails.filter_sort.email_reverse=Courriel (inversé)
-emails.filter_sort.name=Nom d'utilisateur
-emails.filter_sort.name_reverse=Nom d'utilisateur (inverse)
+emails.filter_sort.name=Nom d’utilisateur
+emails.filter_sort.name_reverse=Nom d’utilisateur (inversé)
 emails.updated=Courriel mis à jour
-emails.not_updated=Impossible de mettre à jour l’adresse courriel demandée : %v
-emails.duplicate_active=Cette adresse courriel est déjà active pour un autre utilisateur.
+emails.not_updated=Impossible de mettre à jour le courriel demandé : %v
+emails.duplicate_active=Ce courriel est déjà attribué à un autre utilisateur.
 emails.change_email_header=Mettre à jour les propriétés du courriel
 emails.change_email_text=Êtes-vous sûr de vouloir mettre à jour cette adresse courriel ?
-emails.delete=Supprimer l’e-mail
-emails.delete_desc=Êtes-vous sûr de vouloir supprimer cette adresse e-mail ?
-emails.deletion_success=L’adresse e-mail a été supprimée.
-emails.delete_primary_email_error=Vous ne pouvez pas supprimer l’e-mail principal.
+emails.delete=Supprimer le courriel
+emails.delete_desc=Êtes-vous sûr de vouloir supprimer ce courriel ?
+emails.deletion_success=L’adresse courriel a été supprimée.
+emails.delete_primary_email_error=Vous ne pouvez pas supprimer le courriel principal.
 
 orgs.org_manage_panel=Gestion des organisations
 orgs.name=Nom
@@ -3149,7 +3203,7 @@ auths.attribute_username=Attribut nom d'utilisateur
 auths.attribute_username_placeholder=Laisser vide afin d'utiliser le nom d'utilisateur spécifié dans Gitea.
 auths.attribute_name=Attribut prénom
 auths.attribute_surname=Attribut nom de famille
-auths.attribute_mail=Attribut e-mail
+auths.attribute_mail=Attribut courriel
 auths.attribute_ssh_public_key=Attribut clé SSH publique
 auths.attribute_avatar=Attribut de l'avatar
 auths.attributes_in_bind=Aller chercher les attributs dans le contexte de liaison DN
@@ -3190,7 +3244,7 @@ auths.oauth2_use_custom_url=Utiliser des URLs personnalisées au lieu de l’URL
 auths.oauth2_tokenURL=URL du jeton
 auths.oauth2_authURL=URL d'autorisation
 auths.oauth2_profileURL=URL du profil
-auths.oauth2_emailURL=URL de l'e-mail
+auths.oauth2_emailURL=URL du courriel
 auths.skip_local_two_fa=Ignorer l’authentification à deux facteurs locale
 auths.skip_local_two_fa_helper=Laisser indéfini signifie que les utilisateurs locaux avec l’authentification à deux facteurs activée devront tout de même s’y soumettre pour se connecter
 auths.oauth2_tenant=Locataire
@@ -3200,27 +3254,29 @@ auths.oauth2_required_claim_name_helper=Définissez ce nom pour restreindre la c
 auths.oauth2_required_claim_value=Valeur de réclamation requise
 auths.oauth2_required_claim_value_helper=Restreindre la connexion depuis cette source aux utilisateurs ayant réclamé cette valeur.
 auths.oauth2_group_claim_name=Réclamer le nom fournissant les noms de groupe pour cette source. (facultatif)
+auths.oauth2_full_name_claim_name=Nom complet réclamé. (Optionnel. Si défini, le nom complet de l’utilisateur sera toujours synchronisé avec cette réclamation)
+auths.oauth2_ssh_public_key_claim_name=Nom réclamé de la clé publique SSH
 auths.oauth2_admin_group=Valeur de réclamation de groupe pour les administrateurs. (Optionnel, nécessite un nom de réclamation)
 auths.oauth2_restricted_group=Valeur de réclamation de groupe pour les utilisateurs restreints. (Optionnel, nécessite un nom de réclamation)
-auths.oauth2_map_group_to_team=Associe les groupes réclamés avec les équipes de l'organisation. (Optionnel, nécessite un nom de réclamation)
+auths.oauth2_map_group_to_team=Associe les groupes réclamés avec les équipes de l’organisation. (Optionnel, nécessite un nom de réclamation)
 auths.oauth2_map_group_to_team_removal=Supprimer les utilisateurs des équipes synchronisées si l'utilisateur n'appartient pas au groupe correspondant.
 auths.enable_auto_register=Connexion Automatique
 auths.sspi_auto_create_users=Créer automatiquement des utilisateurs
-auths.sspi_auto_create_users_helper=Autoriser la méthode d'authentification SSPI à créer automatiquement de nouveaux comptes pour les utilisateurs qui se connectent pour la première fois
+auths.sspi_auto_create_users_helper=Autoriser la méthode d’authentification SSPI à créer automatiquement de nouveaux comptes pour les utilisateurs qui se connectent pour la première fois.
 auths.sspi_auto_activate_users=Activer automatiquement les utilisateurs
 auths.sspi_auto_activate_users_helper=Autoriser la méthode d'authentification SSPI à activer automatiquement les nouveaux utilisateurs
 auths.sspi_strip_domain_names=Supprimer les noms de domaine des utilisateurs
-auths.sspi_strip_domain_names_helper=Si cette case est cochée, les noms de domaine seront supprimés des noms de connexion (par exemple "DOMAIN\user" et "user@example.org" ne deviendront que "user").
+auths.sspi_strip_domain_names_helper=Nettoie les domaines des noms d’utilisateur (ex. : « DOMAINE\utilisateur » et « utilisateur@exemple.org » ne deviendront que « utilisateur »).
 auths.sspi_separator_replacement=Séparateur à utiliser au lieu de \, / et @
-auths.sspi_separator_replacement_helper=Le caractère à utiliser pour remplacer les séparateurs des noms de connexion au niveau inférieur (par ex. le \ dans "DOMAIN\user") et les noms principaux de l'utilisateur (par exemple le @ dans "user@example.org").
+auths.sspi_separator_replacement_helper=Le caractère à utiliser pour remplacer les séparateurs dans le nom d’utilisateur (ex. : « \ » dans « DOMAINE\utilisateur », « @ » dans « utilisateur@exemple.org »).
 auths.sspi_default_language=Langue par défaut de l'utilisateur
-auths.sspi_default_language_helper=Langue par défaut pour les utilisateurs créés automatiquement par la méthode d'authentification SSPI. Laissez vide si vous préférez que la langue soit déterminée automatiquement.
+auths.sspi_default_language_helper=Langue par défaut pour les utilisateurs créés automatiquement par la méthode d’authentification SSPI. Laissez vide si vous préférez que la langue soit déterminée automatiquement.
 auths.tips=Conseils
 auths.tips.oauth2.general=Authentification OAuth2
 auths.tips.oauth2.general.tip=Lors de l'enregistrement d'une nouvelle authentification OAuth2, l'URL de rappel/redirection doit être :
 auths.tip.oauth2_provider=Fournisseur OAuth2
 auths.tip.bitbucket=Créez un nouveau jeton OAuth sur %s et ajoutez la permission « Compte » → « Lecture ».
-auths.tip.nextcloud=`Enregistrez un nouveau consommateur OAuth sur votre instance en utilisant le menu "Paramètres -> Sécurité -> Client OAuth 2.0"`
+auths.tip.nextcloud=Enregistrez un nouveau client OAuth sur votre instance en atteignant le réglage Paramètres → Sécurité → Client OAuth 2.0.
 auths.tip.dropbox=Créez une nouvelle application sur %s
 auths.tip.facebook=Enregistrez une nouvelle application sur%s et ajoutez le produit « Facebook Login ».
 auths.tip.github=Créez une nouvelle application OAuth sur %s
@@ -3230,7 +3286,7 @@ auths.tip.openid_connect=Utilisez l’URL de découverte OpenID « https://{ser
 auths.tip.twitter=Rendez-vous sur %s, créez une application et assurez-vous que l’option « Autoriser l’application à être utilisée avec Twitter Connect » est activée.
 auths.tip.discord=Enregistrer une nouvelle application sur %s
 auths.tip.gitea=Enregistrez une nouvelle application OAuth2. Le guide peut être trouvé sur %s.
-auths.tip.yandex=Créez une nouvelle application sur %s. Sélectionnez les autorisations suivantes dans la section « Yandex.Passport API » : « Accès à l’adresse e-mail », « Accès à l’avatar de l’utilisateur » et « Accès au nom d’utilisateur, prénom, surnom et genre ».
+auths.tip.yandex=Créez une nouvelle application sur %s. Sélectionnez les autorisations suivantes dans la section « Yandex.Passport API » : « Accès au courriel », « Accès à l’avatar de l’utilisateur » et « Accès au nom d’utilisateur, prénom, surnom et genre ».
 auths.tip.mastodon=Entrez une URL d'instance personnalisée pour l'instance mastodon avec laquelle vous voulez vous authentifier (ou utiliser celle par défaut)
 auths.edit=Mettre à jour la source d'authentification
 auths.activated=Cette source d'authentification est activée
@@ -3273,8 +3329,6 @@ config.ssh_domain=Domaine du serveur SSH
 config.ssh_port=Port
 config.ssh_listen_port=Port d'écoute
 config.ssh_root_path=Emplacement racine
-config.ssh_key_test_path=Chemin de test des clés
-config.ssh_keygen_path=Chemin vers le générateur de clés (« ssh-keygen »)
 config.ssh_minimum_key_size_check=Vérification de la longueur de clé minimale
 config.ssh_minimum_key_sizes=Tailles de clé minimales
 
@@ -3293,7 +3347,7 @@ config.db_ssl_mode=SSL
 config.db_path=Emplacement
 
 config.service_config=Configuration du service
-config.register_email_confirm=Exiger la confirmation de l'e-mail lors de l'inscription
+config.register_email_confirm=Exiger la confirmation du courriel lors de l’inscription
 config.disable_register=Désactiver le formulaire d'inscription
 config.allow_only_internal_registration=Autoriser l'inscription uniquement via Gitea lui-même
 config.allow_only_external_registration=N'autoriser l'inscription qu'à partir des services externes
@@ -3301,16 +3355,16 @@ config.enable_openid_signup=Activer l'inscription avec OpenID
 config.enable_openid_signin=Activer la connexion avec OpenID
 config.show_registration_button=Afficher le bouton d'enregistrement
 config.require_sign_in_view=Exiger la connexion pour afficher les pages
-config.mail_notify=Activer les notifications par e-mail
+config.mail_notify=Activer les notifications par courriel
 config.enable_captcha=Activer le CAPTCHA
 config.active_code_lives=Limites de Code Actif
 config.reset_password_code_lives=Durée d'expiration du code de récupération de compte
-config.default_keep_email_private=Masquer les adresses e-mail par défaut
+config.default_keep_email_private=Masquer les adresses courriels par défaut
 config.default_allow_create_organization=Autoriser la création d'organisations par défaut
 config.enable_timetracking=Activer le suivi du temps
 config.default_enable_timetracking=Activer le suivi de temps par défaut
 config.default_allow_only_contributors_to_track_time=Restreindre le suivi de temps aux contributeurs
-config.no_reply_address=Domaine pour les e-mails cachés
+config.no_reply_address=Domaine pour les courriels cachés
 config.default_visibility_organization=Visibilité par défaut des nouvelles organisations
 config.default_enable_dependencies=Activer les dépendances pour les tickets par défaut
 
@@ -3332,11 +3386,11 @@ config.mailer_sendmail_path=Chemin d’accès à Sendmail
 config.mailer_sendmail_args=Arguments supplémentaires pour Sendmail
 config.mailer_sendmail_timeout=Délai d’attente de Sendmail
 config.mailer_use_dummy=Factice
-config.test_email_placeholder=E-mail (ex: test@example.com)
-config.send_test_mail=Envoyer un e-mail de test
+config.test_email_placeholder=Courriel (ex : test@exemple.com)
+config.send_test_mail=Envoyer un courriel de test
 config.send_test_mail_submit=Envoyer
-config.test_mail_failed=Impossible d'envoyer un email de test à "%s" : %v
-config.test_mail_sent=Un e-mail de test a été envoyé à "%s".
+config.test_mail_failed=Impossible d’envoyer un courriel de test à « %s » : %v
+config.test_mail_sent=Un courriel de test a été envoyé à « %s ».
 
 config.oauth_config=Configuration OAuth
 config.oauth_enabled=Activé
@@ -3416,12 +3470,12 @@ monitor.queue.type=Type
 monitor.queue.exemplar=Type d'exemple
 monitor.queue.numberworkers=Nombre de processus
 monitor.queue.activeworkers=Processus actifs
-monitor.queue.maxnumberworkers=Nombre maximale de processus
+monitor.queue.maxnumberworkers=Nombre maximal de processus
 monitor.queue.numberinqueue=Position dans la queue
 monitor.queue.review_add=Examiner / ajouter des processus
 monitor.queue.settings.title=Paramètres du réservoir
 monitor.queue.settings.desc=Les bassins croissent proportionnellement au besoin de leurs exécuteurs.
-monitor.queue.settings.maxnumberworkers=Nombre maximale de processus
+monitor.queue.settings.maxnumberworkers=Nombre maximal de processus
 monitor.queue.settings.maxnumberworkers.placeholder=Actuellement %[1]d
 monitor.queue.settings.maxnumberworkers.error=Le nombre de processus doit être un nombre
 monitor.queue.settings.submit=Appliquer les paramètres
@@ -3530,15 +3584,15 @@ no_subscriptions=Pas d'abonnements
 default_key=Signé avec la clé par défaut
 error.extract_sign=Impossible d'extraire la signature
 error.generate_hash=Impossible de générer la chaine de hachage de la révision
-error.no_committer_account=Aucun compte lié à l'adresse e-mail de l'auteur
+error.no_committer_account=Aucun compte lié au courriel de l’auteur
 error.no_gpg_keys_found=Signature inconnue de Gitea
 error.not_signed_commit=Révision non signée
 error.failed_retrieval_gpg_keys=Impossible de récupérer la clé liée au compte de l'auteur
-error.probable_bad_signature=AVERTISSEMENT ! Bien qu'il y ait une clé avec cet ID dans la base de données, il ne vérifie pas cette livraison ! Cette livraison est SUSPECTE.
-error.probable_bad_default_signature=AVERTISSEMENT ! Bien que la clé par défaut ait cet ID, elle ne vérifie pas cette livraison ! Cette livraison est SUSPECTE.
+error.probable_bad_signature=AVERTISSEMENT ! Bien qu’il y ait une clé avec cet ID dans la base de données, elle ne vérifie pas cette révision ! Cette révision est SUSPECTE.
+error.probable_bad_default_signature=AVERTISSEMENT ! Bien que la clé par défaut ait cet ID, elle ne vérifie pas cette révision ! Cette révision est SUSPECTE.
 
 [units]
-unit=Unité
+unit=Ressource
 error.no_unit_allowed_repo=Vous n'êtes pas autorisé à accéder à n'importe quelle section de ce dépôt.
 error.unit_not_allowed=Vous n'êtes pas autorisé à accéder à cette section du dépôt.
 
@@ -3574,7 +3628,7 @@ versions.view_all=Voir tout
 dependency.id=ID
 dependency.version=Version
 search_in_external_registry=Rechercher dans %s
-alpine.registry=Configurez ce registre en ajoutant l’URL dans votre fichier <code>/etc/apk/repositories</code> :
+alpine.registry=Configurez ce registre en ajoutant l’URL dans votre fichier <code>/etc/apk/repositories</code> :
 alpine.registry.key=Téléchargez la clé RSA publique du registre dans le dossier <code>/etc/apk/keys/</code> pour vérifier la signature de l'index :
 alpine.registry.info=Choisissez $branch et $repository dans la liste ci-dessous.
 alpine.install=Pour installer le paquet, exécutez la commande suivante :
@@ -3587,18 +3641,18 @@ arch.install=Synchroniser le paquet avec pacman :
 arch.repository=Informations sur le Dépôt
 arch.repository.repositories=Dépôts
 arch.repository.architectures=Architectures
-cargo.registry=Configurez ce registre dans le fichier de configuration Cargo (par exemple <code>~/.cargo/config.toml</code>) :
+cargo.registry=Configurez ce registre dans le fichier de configuration Cargo (par exemple <code>~/.cargo/config.toml</code>) :
 cargo.install=Pour installer le paquet en utilisant Cargo, exécutez la commande suivante :
-chef.registry=Configurer ce registre dans votre fichier <code>~/.chef/config.rb</code>:
+chef.registry=Configurer ce registre dans votre fichier <code>~/.chef/config.rb</code> :
 chef.install=Pour installer le paquet, exécutez la commande suivante :
-composer.registry=Configurez ce registre dans votre fichier <code>~/.composer/config.json</code> :
+composer.registry=Configurez ce registre dans votre fichier <code>~/.composer/config.json</code> :
 composer.install=Pour installer le paquet en utilisant Composer, exécutez la commande suivante :
 composer.dependencies=Dépendances
 composer.dependencies.development=Dépendances de développement
 conan.details.repository=Dépôt
-conan.registry=Configurez ce registre à partir d'un terminal :
+conan.registry=Configurez ce registre à partir d'un terminal :
 conan.install=Pour installer le paquet en utilisant Conan, exécutez la commande suivante :
-conda.registry=Configurez ce registre en tant que dépôt Conda dans le fichier <code>.condarc</code> :
+conda.registry=Configurez ce registre en tant que dépôt Conda dans le fichier <code>.condarc</code> :
 conda.install=Pour installer le paquet en utilisant Conda, exécutez la commande suivante :
 container.details.type=Type d'image
 container.details.platform=Plateforme
@@ -3610,9 +3664,9 @@ container.layers=Calques d'image
 container.labels=Labels
 container.labels.key=Clé
 container.labels.value=Valeur
-cran.registry=Configurez ce registre dans le fichier <code>Rprofile.site</code> :
+cran.registry=Configurez ce registre dans le fichier <code>Rprofile.site</code> :
 cran.install=Pour installer le paquet, exécutez la commande suivante :
-debian.registry=Configurez ce registre à partir d'un terminal :
+debian.registry=Configurez ce registre à partir d'un terminal :
 debian.registry.info=Choisissez $distribution et $component dans la liste ci-dessous.
 debian.install=Pour installer le paquet, exécutez la commande suivante :
 debian.repository=Infos sur le Dépôt
@@ -3621,16 +3675,16 @@ debian.repository.components=Composants
 debian.repository.architectures=Architectures
 generic.download=Télécharger le paquet depuis un terminal :
 go.install=Installer le paquet à partir de la ligne de commande :
-helm.registry=Configurer ce registre à partir d'un terminal :
+helm.registry=Configurer ce registre à partir d'un terminal :
 helm.install=Pour installer le paquet, exécutez la commande suivante :
-maven.registry=Configurez ce registre dans le fichier <code>pom.xml</code> de votre projet :
-maven.install=Pour utiliser le paquet, inclure ce qui suit dans le bloc <code>dependencies</code> dans le fichier <code>pom.xml</code> :
+maven.registry=Configurez ce registre dans le fichier <code>pom.xml</code> de votre projet :
+maven.install=Pour utiliser le paquet, inclure ce qui suit dans le bloc <code>dependencies</code> dans le fichier <code>pom.xml</code> :
 maven.install2=Exécuter dans un terminal :
 maven.download=Pour télécharger la dépendance, exécutez dans un terminal :
-nuget.registry=Configurer ce registre à partir d'un terminal :
+nuget.registry=Configurer ce registre à partir d'un terminal :
 nuget.install=Pour installer le paquet en utilisant NuGet, exécutez la commande suivante :
 nuget.dependency.framework=Cadriciel cible
-npm.registry=Configurez ce registre dans le fichier <code>.npmrc</code> de votre projet :
+npm.registry=Configurez ce registre dans le fichier <code>.npmrc</code> de votre projet :
 npm.install=Pour installer le paquet en utilisant npm, exécutez la commande suivante :
 npm.install2=ou ajoutez-le au fichier package.json :
 npm.dependencies=Dépendances
@@ -3642,7 +3696,7 @@ npm.details.tag=Balise
 pub.install=Pour installer le paquet en utilisant Dart, exécutez la commande suivante :
 pypi.requires=Nécessite Python
 pypi.install=Pour installer le paquet en utilisant pip, exécutez la commande suivante :
-rpm.registry=Configurez ce registre à partir d'un terminal :
+rpm.registry=Configurez ce registre à partir d'un terminal :
 rpm.distros.redhat=sur les distributions basées sur RedHat
 rpm.distros.suse=sur les distributions basées sur SUSE
 rpm.install=Pour installer le paquet, exécutez la commande suivante :
@@ -3655,7 +3709,7 @@ rubygems.dependencies.runtime=Dépendances d'exécution
 rubygems.dependencies.development=Dépendances de développement
 rubygems.required.ruby=Nécessite Ruby en version
 rubygems.required.rubygems=Nécessite RubyGem en version
-swift.registry=Configurez ce registre à partir d'un terminal :
+swift.registry=Configurez ce registre à partir d'un terminal :
 swift.install=Ajoutez le paquet dans votre fichier <code>Package.swift</code>:
 swift.install2=et exécutez la commande suivante :
 vagrant.install=Pour ajouter une machine Vagrant, exécutez la commande suivante :
@@ -3678,7 +3732,7 @@ owner.settings.cargo.initialize.success=L'index Cargo a été créé avec succè
 owner.settings.cargo.rebuild=Reconstruire l'index
 owner.settings.cargo.rebuild.description=La reconstruction peut être utile si l'index n'est pas synchronisé avec les paquets Cargo stockés.
 owner.settings.cargo.rebuild.error=Impossible de reconstruire l'index Cargo : %v
-owner.settings.cargo.rebuild.success=L'index Cargo a été reconstruit avec succès.
+owner.settings.cargo.rebuild.success=L’index Cargo a été reconstruit avec succès.
 owner.settings.cleanuprules.title=Gérer les règles de nettoyage
 owner.settings.cleanuprules.add=Ajouter une règle de nettoyage
 owner.settings.cleanuprules.edit=Modifier la règle de nettoyage
@@ -3707,13 +3761,18 @@ owner.settings.chef.keypair.description=Une paire de clés est nécessaire pour
 secrets=Secrets
 description=Les secrets seront transmis à certaines actions et ne pourront pas être lus autrement.
 none=Il n'y a pas encore de secrets.
-creation=Ajouter un secret
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Description
 creation.name_placeholder=Caractères alphanumériques ou tirets bas uniquement, insensibles à la casse, ne peut commencer par GITEA_ ou GITHUB_.
 creation.value_placeholder=Entrez n’importe quoi. Les blancs cernant seront taillés.
 creation.description_placeholder=Décrire brièvement votre dépôt (optionnel).
-creation.success=Le secret "%s" a été ajouté.
-creation.failed=Impossible d'ajouter le secret.
+
+save_success=Le secret « %s » a été enregistré.
+save_failed=Impossible d’enregistrer le secret.
+
+add_secret=Ajouter un secret
+edit_secret=Modifier le secret
 deletion=Supprimer le secret
 deletion.description=La suppression d'un secret est permanente et irréversible. Continuer ?
 deletion.success=Le secret a été supprimé.
@@ -3791,6 +3850,11 @@ runs.no_workflows.documentation=Pour plus d’informations sur les actions Gitea
 runs.no_runs=Le flux de travail n'a pas encore d'exécution.
 runs.empty_commit_message=(message de révision vide)
 runs.expire_log_message=Les journaux ont été supprimés car ils étaient trop anciens.
+runs.delete=Supprimer cette exécution
+runs.cancel=Annuler l’exécution du flux
+runs.delete.description=Êtes-vous sûr de vouloir supprimer définitivement cette exécution ? Cette action ne peut pas être annulée.
+runs.not_done=Cette exécution du flux de travail n’est pas terminée.
+runs.view_workflow_file=Voir le fichier du flux de travail
 
 workflow.disable=Désactiver le flux de travail
 workflow.disable_success=Le flux de travail « %s » a bien été désactivé.
@@ -3830,6 +3894,8 @@ deleted.display_name=Projet supprimé
 type-1.display_name=Projet personnel
 type-2.display_name=Projet de dépôt
 type-3.display_name=Projet d’organisation
+enter_fullscreen=Plein écran
+exit_fullscreen=Quitter le plein écran
 
 [git.filemode]
 changed_filemode=%[1]s → %[2]s
diff --git a/options/locale/locale_ga-IE.ini b/options/locale/locale_ga-IE.ini
index 1245a8beed..cb0c2373ed 100644
--- a/options/locale/locale_ga-IE.ini
+++ b/options/locale/locale_ga-IE.ini
@@ -44,7 +44,7 @@ webauthn_use_twofa=Úsáid cód dhá fhachtóir ó do ghuthán
 webauthn_error=Ní fhéadfaí do eochair slándála a léamh.
 webauthn_unsupported_browser=Ní thacaíonn do bhrabhsálaí le WebAuthn faoi láthair.
 webauthn_error_unknown=Tharla earráid anaithnid. Déan iarracht arís.
-webauthn_error_insecure=Ní thacaíonn WebAuthn ach le naisc slán. Le haghaidh tástála thar HTTP, is féidir leat an bunús “localhost� nó "127.0.0.1" a úsáid
+webauthn_error_insecure=Ní thacaíonn WebAuthn ach le naisc shlána. Chun tástáil a dhéanamh thar HTTP, is féidir leat an bunús "localhost" nó "127.0.0.1" a úsáid.
 webauthn_error_unable_to_process=Ní fhéadfadh an freastalaí d'iarratas a phróiseáil.
 webauthn_error_duplicated=Ní cheadaítear an eochair slándála don iarratas seo. Déan cinnte le do thoil nach bhfuil an eochair cláraithe cheana féin.
 webauthn_error_empty=Ní mór duit ainm a shocrú don eochair seo.
@@ -117,6 +117,7 @@ files=Comhaid
 
 error=Earráid
 error404=Níl an leathanach atá tú ag iarraidh a bhaint amach <strong>ann</strong> nó <strong>níl tú údaraithe</strong> chun é a fheiceáil.
+error503=Níorbh fhéidir leis an bhfreastalaí d’iarratas a chomhlánú. Déan iarracht arís ar ball.
 go_back=Ar ais
 invalid_data=Sonraí neamhbhailí: %v
 
@@ -129,7 +130,8 @@ pin=Bioráin
 unpin=Díphoráil
 
 artifacts=Déantáin
-confirm_delete_artifact=An bhfuil tú cinnte gur mhaith leat an déantán '%s' a scriosadh?
+expired=Imithe in éag
+confirm_delete_artifact=An bhfuil tú cinnte gur mian leat an déantán '%s' a scriosadh?
 
 archived=Cartlann
 
@@ -166,33 +168,33 @@ no_results_found=Níor aimsíodh aon torthaí.
 internal_error_skipped=Tharla earráid inmheánach ach éirithe as: %s
 
 [search]
-search=Cuardaigh...
+search=Cuardaigh…
 type_tooltip=Cineál cuardaigh
 fuzzy=Doiléir
-fuzzy_tooltip=Cuir san áireamh torthaí a mheaitseálann an téarma cuardaigh go dlúth freisin
+fuzzy_tooltip=Cuir torthaí san áireamh a mheaitseálann go dlúth leis an téarma cuardaigh
 words=Focail
 words_tooltip=Ná cuir san áireamh ach torthaí a mheaitseálann na focail téarma cuardaigh
 regexp=Nathanna Rialta
 regexp_tooltip=Ná cuir ach torthaí a mheaitseálann an téarma cuardaigh nathanna rialta san áireamh
 exact=Beacht
 exact_tooltip=Ní chuir san áireamh ach torthaí a mheaitseálann leis an téarma
-repo_kind=Cuardaigh stórtha...
-user_kind=Cuardaigh úsáideoirí...
-org_kind=Cuardaigh eagraíochtaí...
-team_kind=Cuardaigh foirne...
-code_kind=Cód cuardaigh...
+repo_kind=Cuardaigh stórais…
+user_kind=Cuardaigh úsáideoirí…
+org_kind=Cuardaigh eagraíochtaí…
+team_kind=Cuardaigh foirne…
+code_kind=Cuardaigh cód…
 code_search_unavailable=Níl cuardach cód ar fáil faoi láthair. Déan teagmháil le riarthóir an láithreáin.
 code_search_by_git_grep=Soláthraíonn “git grep� torthaí cuardaigh cód reatha. D'fhéadfadh torthaí níos fearr a bheith ann má chuireann riarthóir an láithreáin ar chumas Innéacsaithe
-package_kind=Cuardaigh pacáistí...
-project_kind=Cuardaigh tionscadail...
-branch_kind=Cuardaigh brainsí...
-tag_kind=Cuardaigh clibeanna...
+package_kind=Cuardaigh pacáistí…
+project_kind=Cuardaigh tionscadail…
+branch_kind=Cuardaigh brainsí…
+tag_kind=Cuardaigh clibeanna…
 tag_tooltip=Cuardaigh clibeanna meaitseála. Úsáid '%' le haon seicheamh uimhreacha a mheaitseáil.
-commit_kind=Cuardaigh tiomáintí...
-runner_kind=Cuardaigh reathaithe...
+commit_kind=Cuardaigh tiomáintí…
+runner_kind=Cuardaigh reathaithe…
 no_results=Níl aon torthaí meaitseála le fáil.
-issue_kind=Saincheisteanna cuardaigh...
-pull_kind=Cuardaigh iarratais tarraingthe...
+issue_kind=Cuardaigh saincheisteanna…
+pull_kind=Cuardaigh iarratais tarraingthe…
 keyword_search_unavailable=Níl cuardach de réir eochairfhocal ar fáil faoi láthair. Déan teagmháil le riarthóir an láithreáin.
 
 [aria]
@@ -250,7 +252,7 @@ license_desc=Téigh go bhfaighidh <a target="_blank" rel="noopener noreferrer" h
 
 [install]
 install=Suiteáil
-installing_desc=Suiteáil anois, fan go fóill...
+installing_desc=Suiteáil anois, fan go fóill…
 title=Cumraíocht Tosaigh
 docker_helper=Má ritheann tú Gitea taobh istigh de Docker, léigh an <a target="_blank" rel="noopener noreferrer" href="%s">doiciméadúchán</a> roimh aon socruithe a athrú.
 require_db_desc=Éilíonn Gitea MySQL, PostgreSQL, MSSQL, SQLite3 nó TiDB (prótacal MySQL).
@@ -267,16 +269,16 @@ path=Cosán
 sqlite_helper=Conair comhad don bhunachar sonraí SQLite3. Cuir <br>isteach cosán iomlán má reáchtáil tú Gitea mar sheirbhís.
 reinstall_error=Tá tú ag iarraidh a shuiteáil i mbunachar sonraí Gitea atá ann cheana
 reinstall_confirm_message=Is féidir fadhbanna iolracha a bheith ina chúis le hathshuiteáil le bunachar sonraí Gitea I bhformhór na gcásanna, ba chóir duit an "app.ini" atá agat cheana a úsáid chun Gitea a reáchtáil. Má tá a fhios agat cad atá á dhéanamh agat, deimhnigh an méid seo a leanas:
-reinstall_confirm_check_1=Féadfaidh na sonraí criptithe ag an SECRET_KEY i app.ini a chailleadh: b'fhéidir nach mbeidh úsáideoirí in ann logáil isteach le 2FA/OTP & b'fhéidir nach bhfeidhmeoidh scátháin i gceart. Trí an bhosca seo a sheiceáil deimhníonn tú go bhfuil an ceart an SECRET_KEY sa chomhad reatha app.ini.
-reinstall_confirm_check_2=B'fhéidir go gcaithfear na stórais agus na socruithe a athshioncronú. Trí an bhosca seo a sheiceáil deimhníonn tú go ndéanfaidh tú na crúcaí do na stórálacha agus an chomhad authorized_keys a athshioncronú de láimh. Deimhníonn tú go gcinnteoidh tú go bhfuil socruithe stórais agus scátháin ceart.
+reinstall_confirm_check_1=D’fhéadfadh sé go gcaillfí na sonraí atá criptithe ag an SECRET_KEY in app.ini: b’fhéidir nach mbeidh úsáideoirí in ann logáil isteach le 2FA/OTP agus b’fhéidir nach bhfeidhmeoidh scátháin i gceart. Tríd an mbosca seo a sheiceáil, dearbhaíonn tú go bhfuil an SECRET_KEY ceart sa chomhad app.ini reatha.
+reinstall_confirm_check_2=B’fhéidir go mbeadh gá na stórtha agus na socruithe a athshioncrónú. Trí tic a chur sa bhosca seo, deimhníonn tú go ndéanfaidh tú na crúcaí do na stórtha agus don chomhad authorized_keys a athshioncrónú de láimh. Deimhníonn tú go gcinnteoidh tú go bhfuil socruithe an stórtha agus an scátháin ceart.
 reinstall_confirm_check_3=Deimhníonn tú go bhfuil tú cinnte go bhfuil an Gitea seo ag rith leis an suíomh ceart app.ini agus go bhfuil tú cinnte go gcaithfidh tú athshuiteáil. Deimhníonn tú go n-admhaíonn tú na rioscaí thuas.
 err_empty_db_path=Ní féidir cosán bunachar sonraí SQLite3 a bheith folamh.
 no_admin_and_disable_registration=Ní féidir leat féinchlárú úsáideora a dhíchumasú gan cuntas riarthóra a chruthú.
 err_empty_admin_password=Ní féidir le pasfhocal an riarthóra a bheith folamh.
-err_empty_admin_email=Ní féidir le ríomhphost an riarthóra a bheith folamh.
-err_admin_name_is_reserved=Riarthóir Tá an t-ainm úsáideora neamhbhailí, tá an t-ainm úsáideora curtha in áirithe
-err_admin_name_pattern_not_allowed=Tá ainm úsáideora an riarthóra neamhbhailí, meaitseálann an t-ainm úsáideora patrún in áirithe
-err_admin_name_is_invalid=Tá an t-ainm úsáideora Riarthóra neamhbhailí
+err_empty_admin_email=Ní féidir seoladh ríomhphoist an riarthóra a fhágáil folamh.
+err_admin_name_is_reserved=Tá ainm úsáideora an riarthóra neamhbhailí. Tá ainm úsáideora curtha in áirithe.
+err_admin_name_pattern_not_allowed=Tá ainm úsáideora an riarthóra neamhbhailí. Tá patrún atá curtha in áirithe ag teacht leis an ainm úsáideora.
+err_admin_name_is_invalid=Ainm úsáideora an riarthóra neamhbhailí
 
 general_title=Socruithe Ginearálta
 app_name=Teideal an tSuímh
@@ -292,7 +294,7 @@ domain_helper=Seoladh fearainn nó óstach don fhreastalaí.
 ssh_port=Port Freastalaí SSH
 ssh_port_helper=Uimhir chalafoirt éisteann do fhreastalaí SSH air. Fág folamh le díchumasú.
 http_port=Port Éisteachta HTTP Gitea
-http_port_helper=Uimhir chalafoirt a éistfidh an freastalaí gréasáin Gitea air.
+http_port_helper=Uimhir an phoirt a n-éistfidh freastalaí gréasáin Gitea leis.
 app_url=URL Bonn Gitea
 app_url_helper=Seoladh bonn le haghaidh URLanna clóin HTTP(S) agus fógraí ríomhphoist.
 log_root_path=Cosán Logála
@@ -356,7 +358,7 @@ no_reply_address=Fearann Ríomhphoist Folaite
 no_reply_address_helper=Ainm fearainn d'úsáideoirí a bhfuil seoladh ríomhphoist i bhfolach acu. Mar shampla, logálfar an t-ainm úsáideora 'joe' i Git mar 'joe@noreply.example.org' má tá an fearainn ríomhphoist i bhfolach socraithe go 'noreply.example.org'.
 password_algorithm=Algartam Hais Pasfhocal
 invalid_password_algorithm=Algartam hais pasfhocail neamhbhailí
-password_algorithm_helper=Socraigh an algartam hashing pasfhocal. Tá riachtanais agus neart éagsúla ag halgartaim. Tá an algartam argon2 sách slán ach úsáideann sé go leor cuimhne agus d'fhéadfadh sé a bheith míchuí do chórais bheaga.
+password_algorithm_helper=Socraigh an algartam haiseála pasfhocail. Bíonn riachtanais agus láidreachtaí difriúla ag halgartaim. Tá an algartam argon2 sách slán ach úsáideann sé go leor cuimhne agus d'fhéadfadh sé a bheith mí-oiriúnach do chórais bheaga.
 enable_update_checker=Cumasaigh Seiceoir Nuashonraithe
 enable_update_checker_helper=Seiceálacha ar eisiúintí leagan nua go tréimhsiúil trí nascadh le gitea.io.
 env_config_keys=Cumraíocht Comhshaoil
@@ -419,6 +421,7 @@ remember_me.compromised=Níl an comhartha logála isteach bailí níos mó a d'f
 forgot_password_title=Dearmad ar an bPasfhocal
 forgot_password=Dearmad ar an bPasfhocal?
 need_account=An bhfuil cuntas ag teastáil uait?
+sign_up_tip=Tá tú ag clárú an chéad chuntais sa chóras, a bhfuil pribhléidí riarthóra aige. Cuimhnigh go cúramach ar d’ainm úsáideora agus do phasfhocal. Má dhéanann tú dearmad ar an ainm úsáideora nó ar an pasfhocal, féach ar dhoiciméadacht Gitea le do thoil chun an cuntas a aisghabháil.
 sign_up_now=Cláraigh anois.
 sign_up_successful=Cruthaíodh cuntas go rathúil. Fáilte romhat!
 confirmation_mail_sent_prompt_ex=Tá ríomhphost dearbhaithe nua seolta chuig <b>%s</b>. Seiceáil do bhosca isteach laistigh den chéad %s eile chun an próiseas clárúcháin a chur i gcrích. Má tá do sheoladh ríomhphoist clárúcháin mícheart, is féidir leat síniú isteach arís agus é a athrú.
@@ -427,8 +430,8 @@ allow_password_change=A cheangal ar an úsáideoir pasfhocal a athrú (molta)
 reset_password_mail_sent_prompt=Seoladh ríomhphost deimhnithe chu <b>ig %s</b>. Seiceáil do bhosca isteach laistigh den chéad %s eile chun an próiseas aisghabhála cuntais a chríochnú.
 active_your_account=Gníomhachtaigh do chuntas
 account_activated=Cuireadh cuntas gníomhachtaithe
-prohibit_login=Sínigh isteach Toirmiscthe
-prohibit_login_desc=Tá cosc ar do chuntas síniú isteach, déan teagmháil le do riarthóir láithreáin le do thoil.
+prohibit_login=Toirmiscthe ar Shíniú Isteach
+prohibit_login_desc=Tá cosc ar logáil isteach i do chuntas. Téigh i dteagmháil le riarthóir do shuímh, le do thoil.
 resent_limit_prompt=D'iarr tú ríomhphost gníomhachtaithe cheana féin le déanaí. Fan 3 nóiméad le do thoil agus bain triail as arís.
 has_unconfirmed_mail=Dia duit %s, tá seoladh ríomhphoist neamhdheimhnithe agat (<b>%s</b>). Mura bhfuair tú ríomhphost dearbhaithe nó mura gcaithfidh tú ceann nua a athsheoladh, cliceáil ar an gcnaipe thíos le do thoil.
 change_unconfirmed_mail_address=Má tá do sheoladh ríomhphoist cláraithe mícheart, is féidir leat é a athrú anseo agus ríomhphost dearbhaithe nua a sheoladh arís.
@@ -449,6 +452,7 @@ use_scratch_code=Úsáid cód scratch
 twofa_scratch_used=D'úsáid tú do chód scratch. Tá tú atreoraithe chuig an leathanach socruithe dhá fhachtóir ionas gur féidir leat clárú do ghléas a bhaint nó cód scratch nua a ghiniúint.
 twofa_passcode_incorrect=Tá do phaschód mícheart. Má chuir tú do ghléas míchuir tú, bain úsáid as do chód scratch chun síniú isteach.
 twofa_scratch_token_incorrect=Tá do chód scratch mícheart.
+twofa_required=Ní mór duit fíordheimhniú dhá fhachtóir a shocrú chun rochtain a fháil ar stórtha, nó iarracht a dhéanamh logáil isteach arís.
 login_userpass=Sínigh isteach
 login_openid=OpenID
 oauth_signup_tab=Cláraigh Cuntas Nua
@@ -457,26 +461,27 @@ oauth_signup_submit=Cuntas Comhlánaigh
 oauth_signin_tab=Nasc leis an gCuntas Reatha
 oauth_signin_title=Sínigh isteach chun Cuntas Nasctha a Údarú
 oauth_signin_submit=Cuntas Nasc
+oauth.signin.error.general=Tharla earráid agus an t-iarratas údaraithe á phróiseáil: %s. Má leanann an earráid seo, téigh i dteagmháil le riarthóir an tsuímh.
 oauth.signin.error.access_denied=Diúltaíodh an t-iarratas ar údarú.
 oauth.signin.error.temporarily_unavailable=Theip ar údarú toisc nach bhfuil an fhreastalaí fíordheimhnithe ar fáil Bain triail as arís níos déanaí.
-oauth_callback_unable_auto_reg=Tá Clárú Uathoibríoch cumasaithe, ach sheol Soláthraí OAuth2 %[1]s réimsí in easnamh ar ais: %[2]s, ní raibh sé in ann cuntas a chruthú go huathoibríoch, cruthaigh nó nasc le cuntas, nó déan teagmháil le riarthóir an tsuímh.
+oauth_callback_unable_auto_reg=Tá Clárú Uathoibríoch cumasaithe, ach thug Soláthraí OAuth2 %[1]s réimsí ar iarraidh ar ais: %[2]s, ní féidir cuntas a chruthú go huathoibríoch. Cruthaigh cuntas nó déan nasc leis, nó déan teagmháil le riarthóir an tsuímh.
 openid_connect_submit=Ceangail
 openid_connect_title=Ceangail le cuntas atá ann cheana
 openid_connect_desc=Níl an URI OpenID roghnaithe ar eolas. Comhcheangail é le cuntas nua anseo.
 openid_register_title=Cruthaigh cuntas nua
 openid_register_desc=Níl an URI OpenID roghnaithe ar eolas. Comhcheangail é le cuntas nua anseo.
 openid_signin_desc=Cuir isteach do URI OpenID. Mar shampla: alice.openid.example.org nó https://openid.example.org/alice.
-disable_forgot_password_mail=Tá aisghabháil cuntas díchumasaithe toisc nach bhfuil aon ríomhphost ar bun. Téigh i dteagmháil le do riarthóir suíomh.
-disable_forgot_password_mail_admin=Níl aisghabháil cuntas ar fáil ach amháin nuair a bhíonn ríomhphost ar bun. Bunaigh ríomhphost le do thoil chun aisghabháil cuntas a chumasú
+disable_forgot_password_mail=Tá aisghabháil cuntais díchumasaithe mar nach bhfuil aon seoladh ríomhphoist socraithe. Téigh i dteagmháil le riarthóir do shuímh, le do thoil.
+disable_forgot_password_mail_admin=Ní féidir cuntais a aisghabháil ach amháin nuair a bhíonn seoladh ríomhphoist socraithe.
 email_domain_blacklisted=Ní féidir leat clárú le do sheoladh ríomhphoist.
 authorize_application=Údaraigh an Feidhmchlár
 authorize_redirect_notice=Déanfar tú a atreorú chuig %s má údaraíonn tú an feidhmchlár seo.
 authorize_application_created_by=Chruthaigh %s an feidhmchlár seo.
-authorize_application_description=Má dheonaíonn tú an rochtain, beidh sé in ann rochtain a fháil agus scríobh chuig faisnéis uile do chuntais, lena n-áirítear repos príobháideacha agus eagraíochtaí.
+authorize_application_description=Má dheonaíonn tú rochtain, beidh sé in ann rochtain a fháil ar fhaisnéis do chuntais go léir agus scríobh chuici, lena n-áirítear stórtha príobháideacha agus eagraíochtaí.
 authorize_application_with_scopes=Le scóip: %s
 authorize_title=Údaraigh "%s" chun rochtain a fháil ar do chuntas?
 authorization_failed=Theip ar údarú
-authorization_failed_desc=Theip ar an údarú toisc gur bhraitheamar iarratas neamhbhailí. Téigh i dteagmháil le cothabhálaí an aip a rinne tú iarracht a údarú.
+authorization_failed_desc=Theip ar an údarú mar gur aimsíodh iarratas neamhbhailí. Téigh i dteagmháil le cothabhálaí an aip a ndearna tú iarracht údarú a thabhairt di.
 sspi_auth_failed=Theip ar fhíordheimhniú SSPI
 password_pwned=Tá an pasfhocal a roghnaigh tú ar <a target="_blank" rel="noopener noreferrer" href="%s">liosta na bhfocal faire goidte</a> a nochtadh cheana i sáruithe sonraí poiblí. Bain triail eile as le pasfhocal eile agus smaoinigh ar an bpasfhocal seo a athrú áit eile freisin.
 password_pwned_err=Ní fhéadfaí iarratas a chomhlánú ar HaveIBeenPwned
@@ -501,8 +506,8 @@ activate_email.text=Cliceáil ar an nasc seo a leanas le do sheoladh ríomhphois
 
 register_notify=Fáilte go dtí %s
 register_notify.title=%[1]s, fáilte go %[2]s
-register_notify.text_1=is é seo do ríomhphost deimhnithe clárúcháin do %s!
-register_notify.text_2=Is féidir leat logáil isteach anois trí ainm úsáideora: %s.
+register_notify.text_1=Seo do ríomhphost deimhnithe clárúcháin le haghaidh %s!
+register_notify.text_2=Is féidir leat logáil isteach anois tríd an ainm úsáideora: %s.
 register_notify.text_3=Má cruthaíodh an cuntas seo duit, <a href="%s">socraigh do phasfhocal</a> ar dtús.
 
 reset_password=Aisghabháil do chuntas
@@ -540,7 +545,7 @@ release.download.targz=Cód Foinse (TAR.GZ)
 repo.transfer.subject_to=Ba mhaith le %s "%s" a aistriú go %s
 repo.transfer.subject_to_you=Ba mhaith le %s "%s" a aistriú chugat
 repo.transfer.to_you=tú
-repo.transfer.body=Chun glacadh leis nó a dhiúltú tabhair cuairt ar %s nó neamhaird a dhéanamh air.
+repo.transfer.body=Chun glacadh leis nó diúltú dó, tabhair cuairt ar %s nó déan neamhaird de.
 
 repo.collaborator.added.subject=Chuir %s le %s tú
 repo.collaborator.added.text=Cuireadh tú leis mar chomhoibritheoir stórais:
@@ -592,7 +597,7 @@ url_error=`ní URL bailí é "%s".`
 include_error=` ní mór fotheaghrán a bheith ann "%s".`
 glob_pattern_error=` tá patrún glob neamhbhailí: %s.`
 regex_pattern_error=`tá patrún regex neamhbhailí: %s.`
-username_error=` ní féidir ach carachtair alfa-uimhriúla ('0-9', 'a-z', 'A-Z'), dash ('-'), béim ('_') agus ponc ('.') a bheith ann. Ní féidir tús a chur leis ná deireadh a chur le carachtair neamh-alfamanacha, agus tá cosc ​​freisin ar charthanna neamh-alfanuimhriúla i ndiaidh a chéile.`
+username_error=Ní féidir ach carachtair alfa-uimhriúla ('0-9','a-z','A-Z'), fleasc ('-'), fo-líne ('_') agus ponc ('.') a bheith i `. Ní féidir é a thosú ná a chríochnú le carachtair neamh-alfa-uimhriúla, agus tá cosc ar charachtair neamh-alfa-uimhriúla as a chéile ach an oiread.`
 invalid_group_team_map_error=` tá mapáil neamhbhailí: %s`
 unknown_error=Earráid anaithnid:
 captcha_incorrect=Tá an cód CAPTCHA mícheart.
@@ -607,17 +612,17 @@ username_has_not_been_changed=Níor athraíodh ainm úsáideora
 repo_name_been_taken=Úsáidtear ainm an stór cheana féin.
 repository_force_private=Tá Force Private cumasaithe: ní féidir stórais phríobháideacha a dhéanamh poiblí.
 repository_files_already_exist=Tá comhaid ann cheana féin don stór seo. Déan teagmháil leis an riarthóir córais.
-repository_files_already_exist.adopt=Tá comhaid ann cheana don stór seo agus ní féidir iad a ghlacadh ach amháin.
+repository_files_already_exist.adopt=Tá comhaid ann cheana féin don stórlann seo agus ní féidir iad a ghlacadh ach amháin.
 repository_files_already_exist.delete=Tá comhaid ann cheana féin don stór seo. Ní mór duit iad a scriosadh.
 repository_files_already_exist.adopt_or_delete=Tá comhaid ann cheana féin don stór seo. Glac iad nó scrios iad.
 visit_rate_limit=Thug cuairt chianda aghaidh ar theorannú rátaí.
-2fa_auth_required=Bhí fíordheimhniú dhá thoisc ag teastáil ó chianchuairt.
+2fa_auth_required=Bhí fíordheimhniú dhá fhachtóir ag teastáil le haghaidh cuairte iargúlta.
 org_name_been_taken=Tá ainm na heagraíochta glactha cheana féin.
 team_name_been_taken=Tá ainm na foirne glactha cheana féin.
 team_no_units_error=Ceadaigh rochtain ar chuid stórais amháin ar a laghad.
 email_been_used=Úsáidtear an seoladh ríomhphoist cheana féin.
 email_invalid=Tá an seoladh ríomhphoist neamhbhailí.
-email_domain_is_not_allowed=Tá réimse ríomhphoist úsáideora <b>%s</b> ag teacht i gcoitinne le EMAIL_DOMAIN_ALLOWLIST nó EMAIL_DOMAIN_BLOCKLIST. Déan cinnte go bhfuil súil le d'oibríocht.
+email_domain_is_not_allowed=Tá coimhlint idir fearann seoladh ríomhphoist an úsáideora <b>%s</b> agus EMAIL_DOMAIN_ALLOWLIST nó EMAIL_DOMAIN_BLOCKLIST. Cinntigh le do thoil go bhfuiltear ag súil le d’oibríocht.
 openid_been_used=Úsáidtear an seoladh OpenID "%s" cheana féin.
 username_password_incorrect=Tá ainm úsáideora nó pasfhocal mícheart.
 password_complexity=Ní shásaíonn pasfhocal ceanglais castachta:
@@ -642,14 +647,14 @@ invalid_ssh_key=Ní féidir d'eochair SSH a fhíorú: %s
 invalid_gpg_key=Ní féidir d'eochair GPG a fhíorú: %s
 invalid_ssh_principal=Príomhoide neamhbhailí: %s
 must_use_public_key=Is eochair phríobháideach an eochair a sholáthraíonn tú. Ná uaslódáil d'eochair phríobháideach áit ar bith Úsáid d'eochair phoiblí ina ionad.
-unable_verify_ssh_key=Ní féidir an eochair SSH a fhíorú, seiceáil faoi dhó é le haghaidh botúin.
+unable_verify_ssh_key=Ní féidir an eochair SSH a fhíorú. Déan seiceáil dhúbailte uirthi le haghaidh earráidí.
 auth_failed=Theip ar fhíordheimhniú:%v
 
-still_own_repo=Tá stór amháin nó níos mó ag do chuntas, scriosadh nó aistrigh iad ar dtús.
-still_has_org=Is ball d'eagraíocht amháin nó níos mó é do chuntas, fág iad ar dtús.
-still_own_packages=Tá pacáiste amháin nó níos mó ag do chuntas, scrios iad ar dtús.
-org_still_own_repo=Tá stór amháin nó níos mó ag an eagraíocht seo fós, scriosadh nó aistrigh iad ar dtús.
-org_still_own_packages=Tá pacáiste amháin nó níos mó ag an eagraíocht seo fós, scrios iad ar dtús.
+still_own_repo=Tá stóras amháin nó níos mó i seilbh do chuntais. Scrios nó aistrigh iad ar dtús.
+still_has_org=Is ball d'eagraíocht amháin nó níos mó do chuntas. Fág iad ar dtús.
+still_own_packages=Tá pacáiste amháin nó níos mó i do chuntas. Scrios iad ar dtús.
+org_still_own_repo=Tá stóras amháin nó níos mó fós faoi úinéireacht na heagraíochta seo. Scrios nó aistrigh iad ar dtús.
+org_still_own_packages=Tá pacáiste amháin nó níos mó fós ag an eagraíocht seo. Scrios iad ar dtús.
 
 target_branch_not_exist=Níl spriocbhrainse ann.
 target_ref_not_exist=Níl an sprioctagartha %s ann
@@ -680,11 +685,11 @@ settings=Socruithe Úsáideora
 
 form.name_reserved=Tá an t-ainm úsáideora "%s" in áirithe.
 form.name_pattern_not_allowed=Ní cheadaítear an patrún "%s" in ainm úsáideora.
-form.name_chars_not_allowed=Tá carachtair neamhbhailí in ainm úsáideora "%s".
+form.name_chars_not_allowed=Tá carachtair neamhbhailí san ainm úsáideora "%s".
 
 block.block=Bloc
 block.block.user=Bloc úsáideoir
-block.block.org=Bloc úsáideoir don eagraíocht
+block.block.org=Bac úsáideoir ón eagraíocht
 block.block.failure=Theip ar an úsáideoir a bhac: %s
 block.unblock=Díbhlocáil
 block.unblock.failure=Theip ar an úsáideoir a díbhlocáil: %s
@@ -697,7 +702,7 @@ block.info_3=seol fógraí chugat ag @mentioning d'ainm úsáideora
 block.info_4=ag tabhairt cuireadh duit mar chomhoibritheoir chuig a stórtha
 block.info_5=ag réaladh, ag forcáil nó ag féachaint ar stórais
 block.info_6=ceisteanna nó iarrataí tarraingthe a oscailt agus trácht
-block.info_7=freagairt ar do chuid tuairimí i saincheisteanna nó iarratais tarraingthe
+block.info_7=ag freagairt do do thuairimí i saincheisteanna nó i n-iarratais tarraingthe
 block.user_to_block=Úsáideoir chun blocáil
 block.note=Nóta
 block.note.title=Nóta roghnach:
@@ -728,9 +733,9 @@ webauthn=Fíordheimhniú Dhá-Fachtóir (Eochracha Slándála)
 public_profile=Próifíl Phoiblí
 biography_placeholder=Inis dúinn beagán fút féin! (Is féidir leat Markdown a úsáid)
 location_placeholder=Comhroinn do shuíomh thart le daoine eile
-profile_desc=Rialú conas a thaispeánfar do phróifíl d'úsáideoirí eile. Úsáidfear do phríomhsheoladh ríomhphoist le haghaidh fógraí, aisghabháil pasfhocail agus oibríochtaí Git gréasán-bhunaithe.
-password_username_disabled=Níl cead agat a n-ainm úsáideora a athrú. Déan teagmháil le do riarthóir suímh le haghaidh tuilleadh sonraí.
-password_full_name_disabled=Níl cead agat a n-ainm iomlán a athrú. Déan teagmháil le do riarthóir suímh le haghaidh tuilleadh sonraí.
+profile_desc=Rialú conas a thaispeántar do phróifíl d'úsáideoirí eile. Úsáidfear do phríomhsheoladh ríomhphoist le haghaidh fógraí, aisghabháil pasfhocal agus oibríochtaí Git gréasánbhunaithe.
+password_username_disabled=Níl cead agat d'ainm úsáideora a athrú. Déan teagmháil le do riarthóir suímh le haghaidh tuilleadh sonraí.
+password_full_name_disabled=Níl cead agat d’ainm iomlán a athrú. Déan teagmháil le do riarthóir suímh le haghaidh tuilleadh sonraí.
 full_name=Ainm Iomlán
 website=Láithreán Gréasáin
 location=Suíomh
@@ -748,7 +753,7 @@ cancel=Cealaigh
 language=Teanga
 ui=Téama
 hidden_comment_types=Cineálacha tráchtaireachta ceilte
-hidden_comment_types_description=Ní thaispeánfar cineálacha tráchta a sheiceáiltear anseo taobh istigh de leathan Cuireann seiceáil “Lipéad� mar shampla baintear gach trácht “{user} cursaí/bainte {label}�.
+hidden_comment_types_description=Ní thaispeánfar cineálacha tráchta atá seiceáilte anseo ar leathanaigh saincheisteanna. Má sheiceálann tú "Lipéad", mar shampla, baintear na tráchtanna uile a dúirt "chuir {user} {label} leis/bhain sé iad".
 hidden_comment_types.ref_tooltip=Tuairimí ina dtagraíodh an tsaincheist seo ó shaincheiste/coiste eile...
 hidden_comment_types.issue_ref_tooltip=Tuairimí ina n-athraíonn an t-úsáideoir an brainse/clib a bhaineann leis an tsaincheist
 comment_type_group_reference=Tagairt
@@ -796,18 +801,18 @@ manage_themes=Roghnaigh téama réamhshocraithe
 manage_openid=Seoltaí OpenID a bhainistiú
 email_desc=Úsáidfear do phríomhsheoladh ríomhphoist le haghaidh fógraí, aisghabháil pasfhocal agus, ar choinníoll nach bhfuil sé i bhfolach, oibríochtaí Git bunaithe ar an ngréas
 theme_desc=Beidh sé seo do théama réamhshocraithe ar fud an láithreáin.
-theme_colorblindness_help=Tacaíocht Téama Dathdallacht
-theme_colorblindness_prompt=Ní fhaigheann Gitea ach roinnt téamaí le tacaíocht bhunúsach daille datha, nach bhfuil ach cúpla dathanna sainithe acu. Tá an obair fós ar siúl. D’fhéadfaí tuilleadh feabhsuithe a dhéanamh trí níos mó dathanna a shainiú sna comhaid CSS téamaí.
+theme_colorblindness_help=Tacaíocht Téama Daille Dathanna
+theme_colorblindness_prompt=Níl ach cúpla téama ag Gitea a thacaíonn le bun-dhall datha, agus níl ach cúpla dath sainmhínithe iontu. Tá an obair fós ar siúl. D’fhéadfaí feabhsuithe breise a dhéanamh trí níos mó dathanna a shainiú i gcomhaid CSS an téama.
 primary=Príomhúil
 activated=Gníomhachtaithe
 requires_activation=Éilíonn gníomhachtú
 primary_email=Déan príomhúil
 activate_email=Seol Gníomhachtaithe
 activations_pending=Gníomhartha ar Feitheamh
-can_not_add_email_activations_pending=Tá gníomhachtú ar feitheamh, déan iarracht arís i gceann cúpla nóiméad más mian leat ríomhphost nua a chur leis.
+can_not_add_email_activations_pending=Tá gníomhachtú ar feitheamh. Déan iarracht arís i gceann cúpla nóiméad más mian leat seoladh ríomhphoist nua a chur leis.
 delete_email=Bain
 email_deletion=Bain Seoladh R-phoist
-email_deletion_desc=Bainfear an seoladh ríomhphoist agus an fhaisnéis ghaolmhar as do chuntas. Ní bheidh na tiomáintí Git a bhaineann leis an seoladh ríomhphoist seo athraithe. Lean ar aghaidh?
+email_deletion_desc=Bainfear an seoladh ríomhphoist seo agus faisnéis ghaolmhar as do chuntas. Fanfaidh na gealltanais Git ón seoladh ríomhphoist seo gan athrú. Ar mhaith leat leanúint ar aghaidh?
 email_deletion_success=Tá an seoladh ríomhphoist bainte.
 theme_update_success=Nuashonraíodh do théama.
 theme_update_error=Níl an téama roghnaithe ann.
@@ -850,7 +855,7 @@ gpg_key_matched_identities_long=Meaitseálann na haitheantais leabaithe san eoch
 gpg_key_verified=Eochair Fhíoraithe
 gpg_key_verified_long=Fíoraíodh an eochair le heochairchomhartha agus is féidir í a úsáid chun a fhíorú go bhfuil geallta ag meaitseáil aon seoltaí ríomhphoist gníomhachtaithe don úsáideoir seo chomh maith le haon aitheantas comhoiriúnaithe don eochair seo.
 gpg_key_verify=Fíoraigh
-gpg_invalid_token_signature=Ní mheaitseálann an eochair, an síniú agus an comhartha GPG a sholáthraítear nó tá an comhartha as dáta.
+gpg_invalid_token_signature=Ní hionann an eochair GPG, an síniú agus an comhartha a cuireadh ar fáil, nó tá an comhartha as dáta.
 gpg_token_required=Ní mór duit síniú a sholáthar don chomhartha thíos
 gpg_token=Comhartha
 gpg_token_help=Is féidir leat síniú a ghiniúint ag úsáid:
@@ -860,7 +865,7 @@ verify_gpg_key_success=Tá eochair GPG “%s� fíoraithe.
 ssh_key_verified=Eochair Fhíoraithe
 ssh_key_verified_long=Fíoraíodh an eochair le heochairchomhartha agus is féidir í a úsáid chun a fhíorú go bhfuil geallta ag teacht le haon seoltaí ríomhphoist gníomhachtaithe don úsáideoir seo.
 ssh_key_verify=Fíoraigh
-ssh_invalid_token_signature=Ní mheaitseálann an eochair, an síniú nó an comhartha SSH a sholáthraítear nó tá an comhartha as dáta.
+ssh_invalid_token_signature=Ní hionann an eochair SSH, an síniú nó an comhartha a cuireadh ar fáil, nó tá an comhartha as dáta.
 ssh_token_required=Ní mór duit síniú a sholáthar don chomhartha thíos
 ssh_token=Comhartha
 ssh_token_help=Is féidir leat síniú a ghiniúint ag úsáid:
@@ -881,7 +886,7 @@ gpg_key_deletion=Bain Eochair GPG
 ssh_principal_deletion=Bain Príomhoide Teastas SSH
 ssh_key_deletion_desc=Ag baint eochair SSH, cuirtear a rochtain ar do chuntas a chúlghairm. Lean ar aghaidh?
 gpg_key_deletion_desc=Má bhaintear eochair GPG, ní fhíoraítear gealltanais a shínigh sé. An leanfaidh tú ar aghaidh?
-ssh_principal_deletion_desc=Cúlghairtear a rochtain ar do chuntas Príomhoide Teastas SSH. Lean ar aghaidh?
+ssh_principal_deletion_desc=Má bhaintear Príomhoide Teastais SSH, cuirtear a rochtain ar do chuntas ar ceal. Ar aghaidh?
 ssh_key_deletion_success=Tá an eochair SSH bainte.
 gpg_key_deletion_success=Tá an eochair GPG bainte amach.
 ssh_principal_deletion_success=Tá an príomhoide bainte.
@@ -925,6 +930,9 @@ permission_not_set=Níl leagtha
 permission_no_access=Gan rochtain
 permission_read=Léigh
 permission_write=Léigh agus Scríobh
+permission_anonymous_read=Léamh gan Ainm
+permission_everyone_read=Léigh gach duine
+permission_everyone_write=Scríobh gach duine
 access_token_desc=Ní chuireann ceadchomharthaí roghnaithe ach teorainn leis an údarú do na bealaí <a %s>API</a> comhfhreagracha. Léigh <a %s>doiciméadúchán</a> chun tuilleadh eolais a fháil.
 at_least_one_permission=Ní mór duit cead amháin ar a laghad a roghnú chun comhartha a chruthú
 permissions_list=Ceadanna:
@@ -940,7 +948,7 @@ create_oauth2_application_button=Cruthaigh Feidhmchlár
 create_oauth2_application_success=D'éirigh leat feidhmchlár nua OAuth2 a chruthú.
 update_oauth2_application_success=D'éirigh leat an feidhmchlár OAuth2 a nuashonrú.
 oauth2_application_name=Ainm Feidhmchláir
-oauth2_confidential_client=Cliant Rúnda. Roghnaigh le haghaidh aipeanna a choimeádann an rún faoi rún, mar aipeanna gréasáin. Ná roghnaigh le haghaidh aipeanna dúchasacha lena n-áirítear aipeanna deisce agus soghluaiste.
+oauth2_confidential_client=Cliant Rúnda. Roghnaigh le haghaidh aipeanna a choinníonn an rún faoi rún, amhail aipeanna gréasáin. Ná roghnaigh le haghaidh aipeanna dúchasacha, lena n-áirítear aipeanna deisce agus soghluaiste.
 oauth2_skip_secondary_authorization=Scipeáil údarú do chliaint poiblí tar éis rochtain a dheonú <strong>D'fhéadfadh sé go mbeadh riosca slándála</strong>
 oauth2_redirect_uris=URIs a atreorú. Úsáid líne nua do gach URI le do thoil.
 save_application=Sábháil
@@ -955,10 +963,10 @@ oauth2_application_remove_description=Cuirfear feidhmchlár OAuth2 a bhaint cosc
 oauth2_application_locked=Réamhchláraíonn Gitea roinnt feidhmchlár OAuth2 ar thosú má tá sé cumasaithe i gcumraíocht. Chun iompar gan choinne a chosc, ní féidir iad seo a chur in eagar ná a bhaint. Féach do thoil do dhoiciméadú OAuth2 le haghaidh tuilleadh faisnéise.
 
 authorized_oauth2_applications=Feidhmchláir Údaraithe OAuth2
-authorized_oauth2_applications_description=Tá rochtain tugtha agat ar do chuntas pearsanta Gitea ar na feidhmchláir tríú páirtí seo. Cúlghairm rochtain d'iarratais nach bhfuil uait a thuilleadh.
+authorized_oauth2_applications_description=Tá rochtain tugtha agat do na feidhmchláir tríú páirtí seo ar do chuntas pearsanta Gitea. Le do thoil, cuir rochtain ar ceal i gcás feidhmchlár nach bhfuil uait a thuilleadh.
 revoke_key=Cúlghairm
 revoke_oauth2_grant=Rochtain a chúlghairm
-revoke_oauth2_grant_description=Cuirfidh rochtain ar an bhfeidhmchlár tríú páirtí seo a chúlghairm cosc ar an bhfeidhmchlár seo rochtain An bhfuil tú cinnte?
+revoke_oauth2_grant_description=Má chúlghairtear rochtain don fheidhmchlár tríú páirtí seo, cuirfidh sé cosc ar an fheidhmchlár seo rochtain a fháil ar do shonraí. An bhfuil tú cinnte?
 revoke_oauth2_grant_success=Cúlghairtear rochtain go rathúil.
 
 twofa_desc=Chun do chuntas a chosaint ar goid pasfhocal, is féidir leat fón cliste nó gléas eile a úsáid chun pasfhocail aon-uaire bunaithe ar am (“TOTP�) a fháil.
@@ -968,7 +976,7 @@ twofa_not_enrolled=Níl do chuntas cláraithe faoi láthair i bhfíordheimhniú
 twofa_disable=Díchumasaigh Fíordheimhniú Dhá-Fachtóir
 twofa_scratch_token_regenerate=Athghin Eochair Aisghabhála Aonúsáide
 twofa_scratch_token_regenerated=Is é %s d'eochair aisghabhála aonúsáide anois. Stóráil é in áit shábháilte, mar ní thaispeánfar é arís.
-twofa_enroll=Cláraigh le Fíordheimhniú Dhá-Fachtóir
+twofa_enroll=Cláraigh i bhFíordheimhniú Dhá-Fachtóir
 twofa_disable_note=Is féidir leat fíordheimhniú dhá fhachtóir a dhíchumasú más gá.
 twofa_disable_desc=Má dhíchumasaítear fíordheimhniú dhá fhachtóir beidh do chuntas chomh slán. Lean ar aghaidh?
 regenerate_scratch_token_desc=Má chuir tú d'eochair aisghabhála míchuir tú nó má d'úsáid tú é cheana féin chun síniú isteach, is féidir leat é a athshocrú anseo.
@@ -984,7 +992,7 @@ webauthn_desc=Is feistí crua-earraí iad eochracha slándála ina bhfuil eochra
 webauthn_register_key=Cuir Eochair Slándála
 webauthn_nickname=Leasainm
 webauthn_delete_key=Bain Eochair Slándála
-webauthn_delete_key_desc=Má bhaineann tú eochair slándála ní féidir leat síniú leis a thuilleadh. Lean ar aghaidh?
+webauthn_delete_key_desc=Mura mbaintear eochair slándála uait, ní féidir leat síniú isteach léi a thuilleadh. Ar mhaith leat leanúint ar aghaidh?
 webauthn_key_loss_warning=Má chailleann tú d'eochracha slándála, caillfidh tú rochtain ar do chuntas.
 webauthn_alternative_tip=B'fhéidir gur mhaith leat modh fíordheimhnithe breise a chumrú.
 
@@ -1013,6 +1021,8 @@ email_notifications.onmention=Ríomhphost amháin ar luaigh
 email_notifications.disable=Díchumasaigh Fógraí Ríomhphoist
 email_notifications.submit=Socraigh rogha ríomhphoist
 email_notifications.andyourown=Agus Do Fógraí Féin
+email_notifications.actions.desc=Fógraí le haghaidh rith sreabha oibre ar stórtha atá socraithe le <a target="_blank" href="%s">Gníomhartha Gitea</a>.
+email_notifications.actions.failure_only=Fógra a thabhairt ach amháin i gcás ritheanna sreabha oibre nár éirigh leo
 
 visibility=Infheictheacht úsáideora
 visibility.public=Poiblí
@@ -1027,8 +1037,8 @@ new_repo_helper=Tá gach comhad tionscadail i stór, lena n-áirítear stair ath
 owner=Úinéir
 owner_helper=B'fhéidir nach dtaispeánfar roinnt eagraíochtaí sa anuas mar gheall ar theorainn uasta comhaireamh stórais.
 repo_name=Ainm Stórais
-repo_name_profile_public_hint=Is stóras speisialta é .profile is féidir leat a úsáid chun README.md a chur le do phróifíl eagraíochta poiblí, le feiceáil ag aon duine. Cinntigh go bhfuil sé poiblí agus tosaigh é le README san eolaire próifíle le tosú.
-repo_name_profile_private_hint=Is stóras speisialta é .profile-private is féidir leat a úsáid chun README.md a chur le do phróifíl bhall eagraíochta, nach féidir a fheiceáil ach ag baill eagraíochta. Cinntigh go bhfuil sé príobháideach agus tosaigh le README sa eolaire próifíle chun tús a chur leis.
+repo_name_profile_public_hint=Is stóras speisialta é .profile ar féidir leat a úsáid chun README.md a chur le do phróifíl eagraíochta poiblí, le feiceáil ag aon duine. Déan cinnte go bhfuil sé poiblí agus cuir README sa chomhadlann próifíle chun tús a chur leis.
+repo_name_profile_private_hint=Is stóras speisialta é .profile-private ar féidir leat a úsáid chun README.md a chur le próifíl bhall d'eagraíochta, nach mbeidh le feiceáil ach ag baill na heagraíochta. Déan cinnte go bhfuil sé príobháideach agus cuir README sa chomhadlann próifíle chun tús a chur leis.
 repo_name_helper=Úsáideann ainmneacha maith stóras focail eochair gairide, áithnid agus uathúla. D'fhéadfaí stóras darbh ainm '.profile' nó '.profile-private' a úsáid chun README.md a chur leis an bpróifíl úsáideora/eagraíochta.
 repo_size=Méid an Stóras
 template=Teimpléad
@@ -1050,7 +1060,7 @@ fork_branch=Brainse le clónú chuig an bhforc
 all_branches=Gach brainse
 view_all_branches=Féach ar gach brainse
 view_all_tags=Féach ar gach clib
-fork_no_valid_owners=Ní féidir an stór seo a fhorcáil toisc nach bhfuil úinéirí bailí ann.
+fork_no_valid_owners=Ní féidir an stóras seo a fhorcadh mar nach bhfuil aon úinéirí bailí ann.
 fork.blocked_user=Ní féidir an stór a fhorcáil toisc go bhfuil úinéir an stórais bac ort.
 use_template=Úsáid an teimpléad seo
 open_with_editor=Oscail le %s
@@ -1094,12 +1104,12 @@ mirror_sync=sioncronaithe
 mirror_sync_on_commit=Sioncrónaigh nuair a bhrúitear geallúintí
 mirror_address=Clón Ó URL
 mirror_address_desc=Cuir aon dhintiúir riachtanacha sa chuid Údaraithe.
-mirror_address_url_invalid=Tá an URL curtha ar fáil neamhbhailí. Caithfidh tú gach comhpháirt den url a éalú i gceart.
+mirror_address_url_invalid=Tá an URL a cuireadh ar fáil neamhbhailí. Cinntigh go bhfuil gach comhpháirt den URL escaped i gceart.
 mirror_address_protocol_invalid=Tá an URL curtha ar fáil neamhbhailí. Ní féidir ach suíomhanna http (s)://nó git://a úsáid le haghaidh scátháin.
 mirror_lfs=Stóráil Comhad Móra (LFS)
 mirror_lfs_desc=Gníomhachtaigh scáthú sonraí LFS.
 mirror_lfs_endpoint=Críochphointe LFS
-mirror_lfs_endpoint_desc=Déanfaidh Sync iarracht an url clónála a úsáid chun <a target="_blank" rel="noopener noreferrer" href="%s">an freastalaí LFS a chinneadh</a>. Is féidir leat críochphointe saincheaptha a shonrú freisin má tá na sonraí LFS stórtha stóráilte áit éigin eile.
+mirror_lfs_endpoint_desc=Déanfaidh Sync iarracht an URL clónála a úsáid chun <a target="_blank" rel="noopener noreferrer" href="%s">an freastalaí LFS a chinneadh</a>. Is féidir leat críochphointe saincheaptha a shonrú freisin má tá sonraí LFS an stórais stóráilte in áit eile.
 mirror_last_synced=Sincronaithe Deireanach
 mirror_password_placeholder=(Gan athrú)
 mirror_password_blank_placeholder=(Neamhshocraithe)
@@ -1112,7 +1122,7 @@ stars=Réaltaí
 reactions_more=agus %d níos mó
 unit_disabled=Tá an chuid stórais seo díchumasaithe ag riarthóir an láithreáin.
 language_other=Eile
-adopt_search=Iontráil ainm úsáideora chun stórais neamhghlactha a chuardach... (fág bán chun gach rud a fháil)
+adopt_search=Cuir isteach ainm úsáideora chun cuardach a dhéanamh ar stórtha neamhuchtaithe… (fág bán chun gach ceann a aimsiú)
 adopt_preexisting_label=Glacadh le Comhaid
 adopt_preexisting=Glac le comhaid atá ann cheana
 adopt_preexisting_content=Cruthaigh stór ó %s
@@ -1137,6 +1147,7 @@ transfer.no_permission_to_reject=Níl cead agat an aistriú seo a dhiúltú.
 
 desc.private=Príobháideach
 desc.public=Poiblí
+desc.public_access=Rochtain Phoiblí
 desc.template=Teimpléad
 desc.internal=Inmheánach
 desc.archived=Cartlannaithe
@@ -1153,8 +1164,8 @@ template.issue_labels=Lipéid Eisiúna
 template.one_item=Ní mór mír teimpléad amháin ar a laghad a roghnú
 template.invalid=Ní mór stór teimpléad a roghnú
 
-archive.title=Tá an stóras seo i gcartlann. Is féidir leat comhaid a fheiceáil agus iad a chlónáil, ach ní féidir leat ceisteanna a bhrú ná a oscailt ná iarratais a tharraingt.
-archive.title_date=Tá an stóras seo cartlannaithe ar %s. Is féidir leat comhaid a fheiceáil agus é a chlónú, ach ní féidir leat saincheisteanna a bhrú nó a oscailt ná iarratais a tharraingt.
+archive.title=Tá an stór seo cartlannaithe. Is féidir leat comhaid a fheiceáil agus é a chlónáil. Ní féidir leat saincheisteanna a oscailt ná iarratais a tharraingt ná tiomnú a bhrú.
+archive.title_date=Tá an stórlann seo cartlannaithe ar %s. Is féidir leat comhaid a fheiceáil agus é a chlónáil. Ní féidir leat saincheisteanna a oscailt ná iarratais a tharraingt ná tiomnú a bhrú.
 archive.issue.nocomment=Tá an stóras seo i gcartlann. Ní féidir leat trácht a dhéanamh ar shaincheisteanna.
 archive.pull.nocomment=Tá an stóras seo i gcartlann. Ní féidir leat trácht a dhéanamh ar iarratais tarraingthe.
 
@@ -1171,7 +1182,7 @@ migrate_options_lfs=Aimirce comhaid LFS
 migrate_options_lfs_endpoint.label=Críochphointe LFS
 migrate_options_lfs_endpoint.description=Déanfaidh imirce iarracht do chianda Git a úsáid chun <a target="_blank" rel="noopener noreferrer" href="%s">freastalaí LFS a chinneadh</a>. Is féidir leat críochphointe saincheaptha a shonrú freisin má tá na sonraí LFS stórtha stóráilte áit éigin eile.
 migrate_options_lfs_endpoint.description.local=Tacaítear le cosán freastalaí áitiúil freisin.
-migrate_options_lfs_endpoint.placeholder=Má fhágtar bán, díorthófar an críochphointe ón URL clóin
+migrate_options_lfs_endpoint.placeholder=Mura bhfágtar bán é, díorthófar an críochphointe ón URL clónála.
 migrate_items=Míreanna Imirce
 migrate_items_wiki=Wiki
 migrate_items_milestones=Clocha míle
@@ -1183,10 +1194,10 @@ migrate_items_releases=Eisiúintí
 migrate_repo=Stóras Imirc
 migrate.clone_address=Aimirce/ Clón Ó URL
 migrate.clone_address_desc=An URL 'clón' HTTP(S) nó Git de stóras atá ann cheana
-migrate.github_token_desc=Is féidir leat comhartha amháin nó níos mó a chur le camóg scartha anseo chun imirce a dhéanamh níos gasta mar gheall ar theorainn ráta API GitHub. RABHADH: D'fhéadfadh mí-úsáid na ngné seo beartas an sholáthraí seirbhíse a shárú agus blocáil cuntais a bheith mar thoradh air.
+migrate.github_token_desc=Is féidir leat comhartha amháin nó níos mó a chur anseo, scartha le camóga, chun an t-aistriú a dhéanamh níos tapúla trí theorainn ráta API GitHub a sheachaint. RABHADH: D’fhéadfadh mí-úsáid a bhaint as an ngné seo sárú a dhéanamh ar pholasaí an tsoláthraí seirbhíse agus d’fhéadfadh sé go gcuirfí bac ar do chuntas(í).
 migrate.clone_local_path=nó cosán freastalaí áitiúil
 migrate.permission_denied=Ní cheadaítear duit stórais áitiúla a iompórtáil.
-migrate.permission_denied_blocked=Ní féidir leat allmhairiú ó óstaigh neamh-cheadaithe, iarr ar an riarachán socruithe ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS a sheiceáil le do thoil.
+migrate.permission_denied_blocked=Ní féidir leat iompórtáil ó óstaigh neamhcheadaithe. Iarr ar an riarthóir socruithe ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS a sheiceáil.
 migrate.invalid_local_path=Tá an cosán áitiúil neamhbhailí. Níl sé ann nó ní eolaire é.
 migrate.invalid_lfs_endpoint=Níl an críochphointe LFS bailí.
 migrate.failed=Theip ar an imirce:% v
@@ -1194,7 +1205,7 @@ migrate.migrate_items_options=Teastaíonn Comhartha Rochtana chun míreanna brei
 migrated_from=Aistríodh ó <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Aistrithe ó %[1]s
 migrate.migrate=Aistrigh Ó %s
-migrate.migrating=Ag aistriú ó <b>%s</b> ...
+migrate.migrating=Ag aistriú ó <b>%s</b>…
 migrate.migrating_failed=Theip ar aistriú ó <b>%s</b>.
 migrate.migrating_failed.error=Theip ar aistriú: %s
 migrate.migrating_failed_no_addr=Theip ar an imirce.
@@ -1220,6 +1231,7 @@ migrate.migrating_issues=Saincheisteanna Imirce
 migrate.migrating_pulls=Iarratais Tarraingthe á n-Imirce
 migrate.cancel_migrating_title=Cealaigh Imirce
 migrate.cancel_migrating_confirm=Ar mhaith leat an imirce seo a chealú?
+migration_status=Stádas imirce
 
 mirror_from=scáthán de
 forked_from=forcailte ó
@@ -1242,9 +1254,9 @@ clone_this_repo=Clóin an stóras seo
 cite_this_repo=Luaigh an stóras seo
 create_new_repo_command=Stóras nua a chruthú ar an líne ordaithe
 push_exist_repo=Stóras atá ann cheana a bhrú ón líne ordaithe
-empty_message=Níl aon ábhar sa stóras seo.
+empty_message=Níl aon ábhar sa stórlann seo.
 broken_message=Ní féidir na sonraí Git atá mar bhunús leis an stóras seo a léamh. Déan teagmháil le riarthóir an chás seo nó scrios an stóras seo.
-no_branch=Níl aon bhrainsí ag an stóras seo.
+no_branch=Níl aon bhrainse ag an stóras seo.
 
 code=Cód
 code.desc=Rochtain ar chód foinse, comhaid, gealltanais agus brainsí.
@@ -1261,7 +1273,7 @@ projects=Tionscadail
 packages=Pacáistí
 actions=Gníomhartha
 labels=Lipéid
-org_labels_desc=Lipéid ar leibhéal eagraíochta is féidir a úsáid le <strong>gach stóras</strong> faoin eagraíocht seo
+org_labels_desc=Lipéid ar leibhéal na heagraíochta is féidir a úsáid le <strong>gach stórlann</strong> faoin eagraíocht seo
 org_labels_desc_manage=bainistigh
 
 milestone=Cloch Mhíle
@@ -1298,7 +1310,6 @@ file_copy_permalink=Cóipeáil Buan-nasc
 view_git_blame=Féach ar Git Blame
 video_not_supported_in_browser=Ní thacaíonn do bhrabhsálaí leis an gclib 'video' HTML5.
 audio_not_supported_in_browser=Ní thacaíonn do bhrabhsálaí leis an gclib 'audio' HTML5.
-stored_lfs=Stóráilte le Git LFS
 symbolic_link=Nasc siombalach
 executable_file=Comhad Infheidhmithe
 vendored=Díoltóra
@@ -1311,6 +1322,7 @@ commit_graph.color=Dath
 commit.contained_in=Tá an tiomantas seo le fáil i:
 commit.contained_in_default_branch=Tá an tiomantas seo mar chuid den bhrainse réamhshocraithe
 commit.load_referencing_branches_and_tags=Luchtaigh brainsí agus clibeanna a thagraíonn an tiomantas
+commit.merged_in_pr=Cuireadh an tiomantas seo le chéile san iarratas tarraingthe %s.
 blame=An milleán
 download_file=�oslódáil comhad
 normal_view=Amharc Gnáth
@@ -1324,7 +1336,9 @@ editor.upload_file=Uaslódáil Comhad
 editor.edit_file=Cuir Comhad in eagar
 editor.preview_changes=Athruithe Réamhamhar
 editor.cannot_edit_lfs_files=Ní féidir comhaid LFS a chur in eagar sa chomhéadan gréasáin.
+editor.cannot_edit_too_large_file=Tá an comhad rómhór le cur in eagar.
 editor.cannot_edit_non_text_files=Ní féidir comhaid dhénártha a chur in eagar sa chomhéadan gréasáin.
+editor.file_not_editable_hint=Ach is féidir leat é a athainmniú nó a bhogadh fós.
 editor.edit_this_file=Cuir Comhad in eagar
 editor.this_file_locked=Tá an comhad faoi ghlas
 editor.must_be_on_a_branch=Caithfidh tú a bheith ar bhrainse chun athruithe a dhéanamh nó a mholadh ar an gcomhad seo.
@@ -1344,7 +1358,7 @@ editor.update=Nuashonraigh %s
 editor.delete=Scrios %s
 editor.patch=Cuir paiste i bhfeidh
 editor.patching=Paisteáil:
-editor.fail_to_apply_patch=Ní féidir paiste "%s" a chur i bhfeidhm
+editor.fail_to_apply_patch=Ní féidir an paiste a chur i bhfeidhm
 editor.new_patch=Paiste Nua
 editor.commit_message_desc=Cuir cur síos leathnaithe roghnach leis…
 editor.signoff_desc=Cuir leantóir sínithe ag an gcoiteoir ag deireadh na teachtaireachta logála tiomanta.
@@ -1357,24 +1371,21 @@ editor.new_branch_name_desc=Ainm brainse nua…
 editor.cancel=Cealaigh
 editor.filename_cannot_be_empty=Ní féidir ainm an chomhaid a bheith folamh.
 editor.filename_is_invalid=Tá ainm an chomhaid neamhbhailí: "%s".
-editor.commit_email=Tiomantas ríomhphost
-editor.invalid_commit_email=Tá an ríomhphost don ghealltanas neamhbhailí.
+editor.commit_email=Seoladh ríomhphoist tiomanta
+editor.invalid_commit_email=Tá an seoladh ríomhphoist don tiomnú neamhbhailí.
 editor.branch_does_not_exist=Níl brainse "%s" ann sa stóras seo.
 editor.branch_already_exists=Tá brainse "%s" ann cheana féin sa stóras seo.
 editor.directory_is_a_file=Úsáidtear ainm eolaire "%s" cheana féin mar ainm comhaid sa stóras seo.
-editor.file_is_a_symlink=Is nasc siombalach é "%s". Ní féidir naisc shiombalacha a chur in eagar san eagarthóir gréasáin
+editor.file_is_a_symlink=Is nasc siombalach é `"%s". Ní féidir naisc shiombalacha a chur in eagar san eagarthóir gréasáin.`
 editor.filename_is_a_directory=Úsáidtear ainm comhaid "%s" cheana féin mar ainm eolaire sa stóras seo.
-editor.file_editing_no_longer_exists=Níl an comhad atá á chur in eagar, "%s", ann sa stóras seo a thuilleadh.
-editor.file_deleting_no_longer_exists=Níl an comhad atá á scriosadh, "%s", ann sa stóras seo a thuilleadh.
+editor.file_modifying_no_longer_exists=Níl an comhad atá á mhodhnú, "%s", sa stóras seo a thuilleadh.
 editor.file_changed_while_editing=Tá athrú tagtha ar ábhar an chomhad ó thosaigh tú ag eagarthóireacht <a target="_blank" rel="noopener noreferrer" href="%s">Cliceáil anseo</a> chun iad a fheiceáil nó Athru <strong>ithe a Tiomantas arís</strong> chun iad a fhorscríobh.
 editor.file_already_exists=Tá comhad darb ainm "%s" ann cheana féin sa stóras seo.
-editor.commit_id_not_matching=Ní mheaitseálann an ID Tiomanta leis an ID nuair a thosaigh tú ag eagarthóireacht. Tiomanta isteach i mbrainse paiste agus ansin cumaisc.
+editor.commit_id_not_matching=Ní hionann an ID Tiomnaithe agus an ID a bhí ann nuair a thosaigh tú ag eagarthóireacht. Cuir isteach i mbrainse paiste é agus ansin cumasc é.
 editor.push_out_of_date=Is cosúil go bhfuil an brú as dáta.
 editor.commit_empty_file_header=Tiomantas comhad folamh
 editor.commit_empty_file_text=Tá an comhad atá tú ar tí tiomantas folamh. Ar aghaidh?
 editor.no_changes_to_show=Níl aon athruithe le taispeáint.
-editor.fail_to_update_file=Theip ar nuashonrú/cruthú comhad "%s".
-editor.fail_to_update_file_summary=Teachtaireacht Earráide:
 editor.push_rejected_no_message=Dhiúltaigh an freastalaí an t-athrú gan teachtaireacht. Seiceáil Git Hooks le do thoil.
 editor.push_rejected=Dhiúltaigh an freastalaí an t-athrú. Seiceáil Git Hooks le do thoil.
 editor.push_rejected_summary=Teachtaireacht Diúltaithe Iomlán:
@@ -1388,6 +1399,15 @@ editor.user_no_push_to_branch=Ní féidir leis an úsáideoir brúigh go dtí an
 editor.require_signed_commit=Éilíonn an Brainse tiomantas sínithe
 editor.cherry_pick=Roghnaigh silíní %s ar:
 editor.revert=Fill %s ar:
+editor.failed_to_commit=Theip ar athruithe a chur i bhfeidhm.
+editor.failed_to_commit_summary=Teachtaireacht Earráide:
+
+editor.fork_create=Stóras Forc chun Athruithe a Mholadh
+editor.fork_create_description=Ní féidir leat an stórlann seo a chur in eagar go díreach. Ina áit sin, is féidir leat forc a chruthú, eagarthóireachtaí a dhéanamh agus iarratas tarraingthe a chruthú.
+editor.fork_edit_description=Ní féidir leat an stórlann seo a chur in eagar go díreach. Scríobhfar na hathruithe chuig do fhorc <b>%s</b>, ionas gur féidir leat iarratas tarraingthe a chruthú.
+editor.fork_not_editable=Tá forc déanta agat ar an stóras seo ach ní féidir do fhorc a chur in eagar.
+editor.fork_failed_to_push_branch=Theip ar bhrainse %s a bhrú chuig do stóras.
+editor.fork_branch_exists=Tá brainse "%s" ann cheana féin i do fhorc. Roghnaigh ainm brainse nua le do thoil.
 
 commits.desc=Brabhsáil stair athraithe cód foinse.
 commits.commits=Tiomáintí
@@ -1489,7 +1509,7 @@ issues.new.clear_assignees=Ceannaitheoirí soiléir
 issues.new.no_assignees=Gan aon Sannaitheoirí
 issues.new.no_reviewers=Gan Léirmheastóirí
 issues.new.blocked_user=Ní féidir saincheist a chruthú toisc go bhfuil úinéir an stórais bac ort.
-issues.edit.already_changed=Ní féidir athruithe a shábháil ar an tsaincheist. Dealraíonn sé gur athraigh úsáideoir eile an t-ábhar cheana féin. Athnuachan an leathanach agus déan iarracht eagarthóireacht arís chun a gcuid athruithe a sheachaint
+issues.edit.already_changed=Ní féidir athruithe ar an gceist a shábháil. Is cosúil gur athraigh úsáideoir eile an t-ábhar cheana féin. Athnuachan an leathanach agus déan iarracht eagarthóireacht arís le nach scríobhfar a gcuid athruithe thar a chéile.
 issues.edit.blocked_user=Ní féidir ábhar a chur in eagar toisc go bhfuil an póstaer nó úinéir an stórais bac ort.
 issues.choose.get_started=Faigh Tosaigh
 issues.choose.open_external_link=Oscailte
@@ -1545,13 +1565,14 @@ issues.filter_project=Tionscadal
 issues.filter_project_all=Gach tionscadal
 issues.filter_project_none=Gan aon tionscadal
 issues.filter_assignee=Sannaitheoir
-issues.filter_assginee_no_assignee=Sannta do dhuine ar bith
+issues.filter_assignee_no_assignee=Sannta do dhuine ar bith
 issues.filter_assignee_any_assignee=Sannta do dhuine ar bith
 issues.filter_poster=Údar
 issues.filter_user_placeholder=Cuardaigh úsáideoirí
 issues.filter_user_no_select=Gach úsáideoir
 issues.filter_type=Cineál
 issues.filter_type.all_issues=Gach saincheist
+issues.filter_type.all_pull_requests=Gach iarratas tarraingt
 issues.filter_type.assigned_to_you=Sannta duit
 issues.filter_type.created_by_you=Cruthaithe agat
 issues.filter_type.mentioning_you=Ag tagairt duit
@@ -1643,12 +1664,15 @@ issues.save=Sábháil
 issues.label_title=Ainm
 issues.label_description=Cur síos
 issues.label_color=Dath
+issues.label_color_invalid=Dath neamhbhailí
 issues.label_exclusive=Eisiach
 issues.label_archive=Lipéad Cartlann
 issues.label_archived_filter=Taispeáin lipéid cartlainne
 issues.label_archive_tooltip=Eisiatar lipéid chartlainne de réir réamhshocraithe ó na moltaí nuair a dhéantar cuardach de réir lipéid.
 issues.label_exclusive_desc=Ainmnigh an lipéad <code>scope/item</code> chun é a dhéanamh comheisiatach le lipéid <code>scope/</code> eile.
 issues.label_exclusive_warning=Bainfear aon lipéid scóipe contrártha le linn eagarthóireacht a dhéanamh ar lipéid iarratais eisiúna nó tarraingthe.
+issues.label_exclusive_order=Ordú Sórtála
+issues.label_exclusive_order_tooltip=Déanfar lipéid eisiacha sa raon feidhme céanna a shórtáil de réir an oird uimhriúil seo.
 issues.label_count=%d lipéid
 issues.label_open_issues=%d saincheisteanna oscailte/iarratais tarraing
 issues.label_edit=Cuir in eagar
@@ -1672,7 +1696,6 @@ issues.pin_comment=phionnáil an %s seo
 issues.unpin_comment=bain pionna an %s seo
 issues.lock=Cuir glas ar an gcomhrá
 issues.unlock=Díghlasáil comhrá
-issues.lock.unknown_reason=Ní féidir fadhb a ghlasáil le cúis anaithnid.
 issues.lock_duplicate=Ní féidir saincheist a ghlasáil faoi dhó.
 issues.unlock_error=Ní féidir saincheist nach bhfuil glasáilte a dhíghlasáil.
 issues.lock_with_reason=curtha ar ceal mar <strong>%s</strong> agus comhrá teoranta do chomhoibrithe %s
@@ -1706,6 +1729,8 @@ issues.remove_time_estimate_at=baineadh meastachán ama %s
 issues.time_estimate_invalid=Tá formáid meastachán ama neamhbhailí
 issues.start_tracking_history=thosaigh ag obair %s
 issues.tracker_auto_close=Stopfar ama go huathoibríoch nuair a dhúnfar an tsaincheist seo
+issues.stopwatch_already_stopped=Tá an lasc ama don cheist seo stoptha cheana féin
+issues.stopwatch_already_created=Tá an lasc ama don cheist seo ann cheana féin
 issues.tracking_already_started=`Tá tús curtha agat cheana féin ag rianú ama ar <a href="%s">eagrán eile</a>!`
 issues.stop_tracking=Stad uaineadóir
 issues.stop_tracking_history=d'oibrigh do <b>%[1]s</b> %[2]s
@@ -1733,7 +1758,7 @@ issues.due_date_form=bbbb-mm-ll
 issues.due_date_form_add=Cuir dáta dlite leis
 issues.due_date_form_edit=Cuir in eagar
 issues.due_date_form_remove=Bain
-issues.due_date_not_writer=Ní mór duit rochtain scríofa ar an stór seo d'fhonn dáta dlite eisiúna a nuashonrú.
+issues.due_date_not_writer=Ní mór duit rochtain scríbhneoireachta a fháil ar an stóras seo chun dáta dlite saincheiste a nuashonrú.
 issues.due_date_not_set=Níl aon dáta dlite socraithe.
 issues.due_date_added=cuireadh an dáta dlite %s %s
 issues.due_date_modified=d'athraigh an dáta dlite ó %[2]s go %[1]s %[3]s
@@ -1756,9 +1781,9 @@ issues.dependency.pr_closing_blockedby=Cuireann na saincheisteanna seo a leanas
 issues.dependency.issue_closing_blockedby=Tá na saincheisteanna seo a leanas bac ar dhúnadh an cheist seo
 issues.dependency.issue_close_blocks=Cuireann an tsaincheist seo bac ar dhúnadh na saincheisteanna
 issues.dependency.pr_close_blocks=Cuireann an iarratas tarraingthe seo bac ar dhúnadh na saincheisteanna
-issues.dependency.issue_close_blocked=Ní mór duit gach saincheist a chuireann bac ar an gceist seo a dhúnadh sular féidir leat é a dhúnadh.
+issues.dependency.issue_close_blocked=Ní mór duit gach saincheist atá ag cur bac ar an gceist seo a dhúnadh sula bhféadfaidh tú í a dhúnadh.
 issues.dependency.issue_batch_close_blocked=Ní féidir saincheisteanna a roghnaíonn tú a dhúnadh, toisc go bhfuil spleáchais oscailte fós ag eisiúint #%d
-issues.dependency.pr_close_blocked=Ní mór duit gach saincheist a bhlocálann an iarratas tarraingthe seo a dhúnadh sula féidir leat é a chumasc.
+issues.dependency.pr_close_blocked=Ní mór duit gach saincheist atá ag cur bac ar an iarratas tarraingthe seo a dhúnadh sula bhféadfaidh tú é a chumasc.
 issues.dependency.blocks_short=Bloic
 issues.dependency.blocked_by_short=Ag brath ar
 issues.dependency.remove_header=Bain spleáchas
@@ -1775,7 +1800,7 @@ issues.review.self.approval=Ní féidir leat d'iarratas tarraingthe féin a chea
 issues.review.self.rejection=Ní féidir leat athruithe a iarraidh ar d'iarratas tarraingthe féin.
 issues.review.approve=ceadaigh na hathruithe seo %s
 issues.review.comment=athbhreithnithe %s
-issues.review.dismissed=dhiúltaigh athbhreithniú %s ó %s
+issues.review.dismissed=léirmheas %s %s curtha ar ceal
 issues.review.dismissed_label=Dhiúltaigh
 issues.review.left_comment=d'fhág trácht
 issues.review.content.empty=Ní mór duit trácht a fhágáil a léiríonn an t-athrú (í) iarrtha.
@@ -1783,7 +1808,7 @@ issues.review.reject=athruithe iarrtha %s
 issues.review.wait=iarradh athbhreithniú %s
 issues.review.add_review_request=athbhreithniú iarrtha ó %s %s
 issues.review.remove_review_request=iarratas athbhreithnithe bainte le haghaidh %s %s
-issues.review.remove_review_request_self=dhiúltaigh %s a athbhreithniú
+issues.review.remove_review_request_self=dhiúltaigh athbhreithniú a dhéanamh ar %s
 issues.review.pending=Ar feitheamh
 issues.review.pending.tooltip=Níl an nóta tráchta seo le feiceáil ag úsáideoirí eile faoi láthair. Chun do thuairimí ar feitheamh a chur isteach, roghnaigh "%s" -> "%s/%s/%s" ag barr an leathanaigh.
 issues.review.review=Léirmheas
@@ -1805,7 +1830,7 @@ issues.review.requested=Athbhreithniú ar feitheamh
 issues.review.rejected=Athruithe iarrtha
 issues.review.stale=Nuashonraithe ó faomhadh
 issues.review.unofficial=Ceadú gan áireamh
-issues.assignee.error=Níor cuireadh gach sannaí leis mar gheall ar earráid gan choinne.
+issues.assignee.error=Níor cuireadh na sannaithe go léir leis, mar gheall ar earráid gan choinne.
 issues.reference_issue.body=Comhlacht
 issues.content_history.deleted=scriosta
 issues.content_history.edited=curtha in eagar
@@ -1822,7 +1847,7 @@ pulls.desc=Cumasaigh iarratais tarraingthe agus athbhreithnithe cód.
 pulls.new=Iarratas Tarraingthe Nua
 pulls.new.blocked_user=Ní féidir iarratas tarraingthe a chruthú toisc go bhfuil úinéir an stórais bac ort.
 pulls.new.must_collaborator=Caithfidh tú a bheith ina chomhoibritheoir chun iarratas tarraingthe a chruthú.
-pulls.edit.already_changed=Ní féidir athruithe a shábháil ar an iarratas tarraingthe. Dealraíonn sé gur athraigh úsáideoir eile an t-ábhar cheana féin. Athnuachan an leathanach agus déan iarracht eagarthóireacht arís chun a gcuid athruithe a sheachaint
+pulls.edit.already_changed=Ní féidir athruithe ar an iarratas tarraingthe a shábháil. Is cosúil gur athraigh úsáideoir eile an t-ábhar cheana féin. Athnuachan an leathanach agus déan iarracht eagarthóireacht arís le nach ndéanfar a gcuid athruithe a fhorscríobh.
 pulls.view=Féach ar Iarratas Tarraing
 pulls.compare_changes=Iarratas Tarraingthe Nua
 pulls.allow_edits_from_maintainers=Ceadaigh eagarthóirí ó chothabhálaí
@@ -1843,11 +1868,11 @@ pulls.show_all_commits=Taispeáin gach gealltanas
 pulls.show_changes_since_your_last_review=Taispeáin athruithe ón léirmheas deiridh
 pulls.showing_only_single_commit=Ag taispeáint athruithe tiomantais %[1]s amháin
 pulls.showing_specified_commit_range=Ag taispeáint athruithe idir %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Roghnaigh tiomantas. Coinnigh shift + cliceáil chun raon a roghnú
+pulls.select_commit_hold_shift_for_range=Roghnaigh tiomantas. Coinnigh síos Shift agus cliceáil chun raon a roghnú.
 pulls.review_only_possible_for_full_diff=Ní féidir athbhreithniú a dhéanamh ach amháin nuair a bhreathnaítear ar an difríocht iomlán
 pulls.filter_changes_by_commit=Scagaigh de réir tiomantas
 pulls.nothing_to_compare=Tá na brainsí seo cothrom. Ní gá iarratas tarraingthe a chruthú.
-pulls.nothing_to_compare_have_tag=Tá an brainse/clib roghnaithe cothrom.
+pulls.nothing_to_compare_have_tag=Tá na brainsí/clibeanna roghnaithe comhionann.
 pulls.nothing_to_compare_and_allow_empty_pr=Tá na brainsí seo cothrom. Beidh an PR seo folamh.
 pulls.has_pull_request=`Tá iarratas tarraingthe idir na brainsí seo ann cheana: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=Cruthaigh Iarratas Tarraing
@@ -1872,7 +1897,7 @@ pulls.add_prefix=Cuir réimír <strong>%s</strong> leis
 pulls.remove_prefix=Bain an réimír <strong>%s</strong>
 pulls.data_broken=Tá an t-iarratas tarraingthe seo briste mar gheall ar fhaisnéis forc a bheith in easnamh.
 pulls.files_conflicted=Tá athruithe ag an iarratas tarraingthe seo atá contrártha leis an spriocbhrainse.
-pulls.is_checking=Tá seiceáil coinbhleachta cumaisc ar siúl. Bain triail eile as i gceann cúpla nóiméad.
+pulls.is_checking=Ag seiceáil le haghaidh coinbhleachtaí cumaisc…
 pulls.is_ancestor=Tá an brainse seo san áireamh cheana féin sa spriocbhrainse. Níl aon rud le cumasc.
 pulls.is_empty=Tá na hathruithe ar an mbrainse seo ar an spriocbhrainse cheana féin. Is tiomantas folamh é seo.
 pulls.required_status_check_failed=Níor éirigh le roinnt seiceálacha riachtanacha.
@@ -1896,16 +1921,16 @@ pulls.reject_count_1=%d iarratas athraithe
 pulls.reject_count_n=%d iarratas ar athrú
 pulls.waiting_count_1=%d athbhreithniú feithimh
 pulls.waiting_count_n=%d athbhreithnithe feithimh
-pulls.wrong_commit_id=caithfidh comhad id a bheith ina id tiomanta ar an spriocbhrainse
+pulls.wrong_commit_id=ní mór don ID tiomantais a bheith ina ID tiomantais ar an mbrainse sprice
 
 pulls.no_merge_desc=Ní féidir an t-iarratas tarraingthe seo a chumasc toisc go bhfuil gach rogha cumaisc stór díchumasaithe.
 pulls.no_merge_helper=Cumasaigh roghanna cumaisc i socruithe an stór nó cumasc an t-iarratas tarraingthe de láimh.
 pulls.no_merge_wip=Ní féidir an t-iarratas tarraingthe seo a chumasc toisc go bhfuil sé marcáilte mar obair atá ar siúl é.
-pulls.no_merge_not_ready=Níl an t-iarratas tarraingthe seo réidh le cumasc, seiceáil stádas athbhreithnithe agus seiceálacha stádais.
+pulls.no_merge_not_ready=Níl an t-iarratas tarraingthe seo réidh le cumasc. Seiceáil stádas an athbhreithnithe agus na seiceálacha stádais.
 pulls.no_merge_access=Níl tú údaraithe chun an t-iarratas tarraingthe seo a chumasc.
 pulls.merge_pull_request=Cruthaigh tiomantas cumaisc
-pulls.rebase_merge_pull_request=Athbhunaigh ansin go tapa ar aghaidh
-pulls.rebase_merge_commit_pull_request=Rebase ansin cruthaigh tiomantas cumaisc
+pulls.rebase_merge_pull_request=Athbhunús, ansin luasghéarú ar aghaidh
+pulls.rebase_merge_commit_pull_request=Athbhunú, ansin cruthaigh tiomantas cumasc
 pulls.squash_merge_pull_request=Cruthaigh tiomantas scuaise
 pulls.fast_forward_only_merge_pull_request=Go tapa ar aghaidh amháin
 pulls.merge_manually=Cumaisc de láimh
@@ -1913,17 +1938,17 @@ pulls.merge_commit_id=ID an tiomantis cumaisc
 pulls.require_signed_wont_sign=Éilíonn an bhrainse tiomáintí shínithe, ach ní shínífear an cumasc seo
 
 pulls.invalid_merge_option=Ní féidir leat an rogha cumaisc seo a úsáid don iarratas tarraingthe seo.
-pulls.merge_conflict=Theip ar Cumaisc: Bhí coinbhleacht ann agus é ag cumasc. Leid: Bain triail as straitéis dhifriúil
+pulls.merge_conflict=Theip ar an gCumasc: Bhí coimhlint ann agus an cumasc á dhéanamh. Leid: Bain triail as straitéis dhifriúil.
 pulls.merge_conflict_summary=Teachtaireacht Earráide
-pulls.rebase_conflict=Theip ar Chumasc: Bhí coinbhleacht ann agus tiomantas á athbhunú: %[1]s. Leid: Bain triail as straitéis eile
+pulls.rebase_conflict=Theip ar an gCumasc: Bhí coimhlint ann agus an tiomnú á athbhunú: %[1]s. Leid: Bain triail as straitéis dhifriúil.
 pulls.rebase_conflict_summary=Teachtaireacht Earráide
-pulls.unrelated_histories=Theip ar Cumaisc: Ní roinneann an ceann cumaisc agus an bonn stair choiteann. Leid: Bain triail as straitéis dhifriúil
-pulls.merge_out_of_date=Theip ar Cumaisc: Agus an cumaisc á ghiniúint, nuashonraíodh an bonn. Leid: Bain triail as arís.
-pulls.head_out_of_date=Theip ar Cumaisc: Agus an cumaisc á ghiniúint, nuashonraíodh an ceann. Leid: Bain triail as arís.
-pulls.has_merged=Theip ar: Cumaisíodh an t-iarratas tarraingthe, ní féidir leat a chumasc arís nó an spriocbhrainse a athrú.
+pulls.unrelated_histories=Theip ar an gCumasc: Níl stair choiteann ag an gceann agus an bonn cumaisc. Leid: Bain triail as straitéis dhifriúil.
+pulls.merge_out_of_date=Theip ar an gCumasc: Nuashonraíodh an bonn agus an cumasc á ghiniúint. Leid: Bain triail eile as.
+pulls.head_out_of_date=Theip ar an gCumasc: Nuashonraíodh an ceannteideal agus an cumasc á ghiniúint. Leid: Bain triail eile as.
+pulls.has_merged=Theip air: Tá an t-iarratas tarraingthe cumasctha. Ní féidir leat cumasc arís ná an brainse sprice a athrú.
 pulls.push_rejected=Theip ar Brúigh: Diúltaíodh don bhrú. Déan athbhreithniú ar na Git Hooks don stór seo.
 pulls.push_rejected_summary=Teachtaireacht Diúltaithe Iomlán
-pulls.push_rejected_no_message=Theip ar Brúigh: Diúltaíodh don bhrú ach ní raibh aon teachtaireacht iargúlta ann. Déan athbhreithniú ar Git Hooks don stór seo
+pulls.push_rejected_no_message=Theip ar Bhrú: Diúltaíodh don bhrú ach ní raibh aon teachtaireacht iargúlta ann. Athbhreithnigh na Git Hooks don stór seo.
 pulls.open_unmerged_pull_exists=`Ní féidir leat oibríocht athoscailte a dhéanamh toisc go bhfuil iarratas tarraingthe ar feitheamh (#%d) le hairíonna comhionanna. `
 pulls.status_checking=Tá roinnt seiceála ar feitheamh
 pulls.status_checks_success=D'éirigh le gach seiceáil
@@ -1947,9 +1972,9 @@ pulls.cmd_instruction_checkout_title=Seiceáil
 pulls.cmd_instruction_checkout_desc=Ó stór tionscadail, seiceáil brainse nua agus déan tástáil ar na hathruithe.
 pulls.cmd_instruction_merge_title=Cumaisc
 pulls.cmd_instruction_merge_desc=Cumaisc na hathruithe agus nuashonrú ar Gitea.
-pulls.cmd_instruction_merge_warning=Rabhadh: Ní féidir leis an oibríocht seo an t-iarratas tarraingthe a chumasc toisc nach raibh "cumasc láimhe uathoibríoch" cumasaithe
+pulls.cmd_instruction_merge_warning=Rabhadh: Ní féidir iarratas tarraingthe cumaisc a dhéanamh leis an oibríocht seo mar nach bhfuil "autodetect manual merge" cumasaithe.
 pulls.clear_merge_message=Glan an teachtaireacht chumaisc
-pulls.clear_merge_message_hint=Má imrítear an teachtaireacht chumaisc ní bhainfear ach ábhar na teachtaireachta tiomanta agus coimeádfar leantóirí git ginte ar nós "Co-Authored-By …".
+pulls.clear_merge_message_hint=Má ghlanann tú an teachtaireacht chumasc, ní bhainfear ach ábhar na teachtaireachta tiomantais agus coinneofar leantóirí git ginte amhail "Comhúdaraithe ag…".
 
 pulls.auto_merge_button_when_succeed=(Nuair a éiríonn le seiceálacha)
 pulls.auto_merge_when_succeed=Cumaisc uathoibríoch nuair a éiríonn
@@ -2010,12 +2035,12 @@ milestones.filter_sort.most_issues=Saincheisteanna is mó
 milestones.filter_sort.least_issues=Saincheisteanna is lú
 
 signing.will_sign=Síneofar an gealltanas seo le heochair "%s".
-signing.wont_sign.error=Bhí earráid ann agus tú ag seiceáil an féidir an tiomantas a shíniú.
+signing.wont_sign.error=Tharla earráid agus seiceáil á dhéanamh an bhféadfaí an tiomnú a shíniú.
 signing.wont_sign.nokey=Níl aon eochair ar fáil chun an tiomantas seo a shíniú.
 signing.wont_sign.never=Ní shínítear tiomáintí riamh.
 signing.wont_sign.always=Sínítear tiomáintí i gcónaí.
 signing.wont_sign.pubkey=Ní shíníofar an tiomantas toisc nach bhfuil eochair phoiblí agat a bhaineann le do chuntas.
-signing.wont_sign.twofa=Caithfidh fíordheimhniú dhá-fhachtóir a bheith agat chun tiomáintí a shíniú.
+signing.wont_sign.twofa=Ní mór fíordheimhniú dhá fhachtóir a bheith cumasaithe agat le go síneofar gealltanais.
 signing.wont_sign.parentsigned=Ní shíníofar an tiomantas toisc nach bhfuil an tiomantas tuismitheora sínithe.
 signing.wont_sign.basesigned=Ní shínífear an cumasc toisc nach bhfuil an tiomantas bunaithe sínithe.
 signing.wont_sign.headsigned=Ní shínífear an cumasc toisc nach bhfuil an tiomantas ceann sínithe.
@@ -2101,7 +2126,7 @@ activity.title.releases_1=Scaoileadh %d
 activity.title.releases_n=Eisiúintí %d
 activity.title.releases_published_by=%s foilsithe ag %s
 activity.published_release_label=Foilsithe
-activity.no_git_activity=Níor rinneadh aon ghníomhaíocht tiomanta sa tréimhse seo.
+activity.no_git_activity=Ní raibh aon ghníomhaíocht tiomantais ann sa tréimhse seo.
 activity.git_stats_exclude_merges=Gan cumaisc a áireamh,
 activity.git_stats_author_1=%d údar
 activity.git_stats_author_n=%d údair
@@ -2129,14 +2154,21 @@ contributors.contribution_type.additions=Breiseanna
 contributors.contribution_type.deletions=Scriosadh
 
 settings=Socruithe
-settings.desc=Is é socruithe an áit ar féidir leat na socruithe don stóras a bhainistiú
+settings.desc=Is i socruithe is féidir leat na socruithe don stór a bhainistiú.
 settings.options=Stóras
+settings.public_access=Rochtain Phoiblí
+settings.public_access_desc=Cumraigh ceadanna rochtana an chuairteora phoiblí chun réamhshocruithe an stóras seo a shárú.
+settings.public_access.docs.not_set=Gan Socrú: níl cead rochtana poiblí breise ar bith. Leanann cead an chuairteora infheictheacht an stór agus ceadanna na mball.
+settings.public_access.docs.anonymous_read=Léamh gan Ainm: is féidir le húsáideoirí nach bhfuil logáilte isteach rochtain a fháil ar an aonad le cead léite.
+settings.public_access.docs.everyone_read=Léigh Gach Duine: is féidir le gach úsáideoir atá logáilte isteach rochtain a fháil ar an aonad le cead léite. Ciallaíonn cead léite na n-aonad saincheiste/iarratais tarraingthe freisin gur féidir le húsáideoirí saincheisteanna/iarratais tarraingthe nua a chruthú.
+settings.public_access.docs.everyone_write=Scríobh Gach Duine: tá cead scríofa ag gach úsáideoir logáilte isteach don aonad. Ní thacaíonn ach aonad Vicí leis an gcead seo.
 settings.collaboration=Comhoibritheoirí
 settings.collaboration.admin=Riarthóir
 settings.collaboration.write=Scríobh
 settings.collaboration.read=Léigh
 settings.collaboration.owner=Úinéir
 settings.collaboration.undefined=Neamhshainithe
+settings.collaboration.per_unit=Ceadanna Aonaid
 settings.hooks=Crúcaí Gréasán
 settings.githooks=Crúcanna Git
 settings.basic_settings=Socruithe Bunúsacha
@@ -2146,7 +2178,7 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Socraigh do thio
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Socraigh do thionscadal chun tiomáintí, clibeanna agus brainsí a tharraingt go huathoibríoch ó stóras eile.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Faoi láthair, ní féidir é seo a dhéanamh ach sa roghchlár "Imirce Nua". Le haghaidh tuilleadh eolais, téigh i gcomhairle le do thoil:
 settings.mirror_settings.docs.disabled_push_mirror.info=Chuir riarthóir do shuíomh faoi dhíchumasú scátháin bhrú.
-settings.mirror_settings.docs.no_new_mirrors=Tá do stóras ag teacht le hathruithe chuig nó ó stóras eile. Cuimhnigh le do thoil nach féidir leat scátháin nua a chruthú faoi láthair.
+settings.mirror_settings.docs.no_new_mirrors=Tá do stóras ag scáthánú athruithe chuig nó ó stór eile. Coinnigh i gcuimhne nach féidir leat aon scátháin nua a chruthú faoi láthair.
 settings.mirror_settings.docs.can_still_use=Cé nach féidir leat scátháin atá ann cheana a mhodhnú nó cinn nua a chruthú, féadfaidh tú do scáthán atá ann cheana a úsáid fós.
 settings.mirror_settings.docs.pull_mirror_instructions=Chun scáthán tarraingthe a shocrú, téigh i gcomhairle le do thoil:
 settings.mirror_settings.docs.more_information_if_disabled=Is féidir leat tuilleadh eolais a fháil faoi scátháin bhrú agus tarraingthe anseo:
@@ -2177,7 +2209,6 @@ settings.advanced_settings=Ardsocruithe
 settings.wiki_desc=Cumasaigh Stór Vicí
 settings.use_internal_wiki=Úsáid Vicí Insuite
 settings.default_wiki_branch_name=Ainm Brainse Réamhshocraithe Vicí
-settings.default_permission_everyone_access=Cead rochtana réamhshocraithe do gach úsáideoir sínithe isteach:
 settings.failed_to_change_default_wiki_branch=Theip ar an brainse réamhshocraithe vicí a athrú.
 settings.use_external_wiki=Úsáid Vicí Seachtrach
 settings.external_wiki_url=URL Vicí Seachtrach
@@ -2222,7 +2253,7 @@ settings.admin_indexer_commit_sha=SHA Innéacsaithe Deiridh
 settings.admin_indexer_unindexed=Neamh-innéacsaithe
 settings.reindex_button=Cuir le Scuaine Reindex
 settings.reindex_requested=Athinnéacsú Iarrtha
-settings.admin_enable_close_issues_via_commit_in_any_branch=Saincheist a dhúnadh trí ghealltanas a rinneadh i mbrainse neamh-mhainneachtana
+settings.admin_enable_close_issues_via_commit_in_any_branch=Dún saincheist trí thiomantas a rinneadh i mbrainse neamhréamhshocraithe
 settings.danger_zone=Crios Contúirte
 settings.new_owner_has_same_repo=Tá stóras leis an ainm céanna ag an úinéir nua cheana féin. Roghnaigh ainm eile le do thoil.
 settings.convert=Tiontaigh go Stóras Rialta
@@ -2244,7 +2275,7 @@ settings.transfer_abort_invalid=Ní féidir leat aistriú stóras nach bhfuil an
 settings.transfer_abort_success=Cuireadh an t-aistriú stóras chuig %s ar ceal go rathúil.
 settings.transfer_desc=Aistrigh an stóras seo chuig úsáideoir nó chuig eagraíocht a bhfuil cearta riarthóra agat ina leith.
 settings.transfer_form_title=Cuir isteach ainm an stóras mar dhearbhú:
-settings.transfer_in_progress=Tá aistriú leanúnach ann faoi láthair. Cealaigh é más mian leat an stóras seo a aistriú chuig úsáideoir eile.
+settings.transfer_in_progress=Tá aistriú ar siúl faoi láthair. Cealaigh é más mian leat an stóras seo a aistriú chuig úsáideoir eile.
 settings.transfer_notices_1=- Caillfidh tú rochtain ar an stóras má aistríonn tú é chuig úsáideoir aonair.
 settings.transfer_notices_2=- Coimeádfaidh tú rochtain ar an stóras má aistríonn tú é chuig eagraíocht a bhfuil (comh)úinéir agat.
 settings.transfer_notices_3=- Má tá an stóras príobháideach agus má aistrítear é chuig úsáideoir aonair, cinnteoidh an gníomh seo go bhfuil ar a laghad cead léite ag an úsáideoir (agus athraíonn sé ceadanna más gá).
@@ -2259,13 +2290,13 @@ settings.trust_model.default=Múnla Iontaobhais Réamhshocraithe
 settings.trust_model.default.desc=Úsáid an tsamhail iontaobhais stórais réamhshocraithe don suiteáil
 settings.trust_model.collaborator=Comhoibritheoir
 settings.trust_model.collaborator.long=Comhoibritheoir: Sínithe muinín ag comhoibrithe
-settings.trust_model.collaborator.desc=Déanfar sínithe bailí ó chomhoibritheoirí an stóras seo a mharcáil mar 'iontaofa' – (cibé acu a mheaitseálann siad an tiomnóir nó nach bhfuil). Seachas sin, marcálfar sínithe bailí mar 'neamhiontaofa' má mheaitseálann an síniú an tiomnóir agus mar 'neamh-mheaitseáilte' mura bhfuil.
+settings.trust_model.collaborator.desc=Déanfar sínithe bailí ó chomhoibritheoirí an stórais seo a mharcáil mar "iontaofa", cibé acu a mheaitseálann siad an tiomnóir nó nach meaitseálann. Seachas sin, déanfar sínithe bailí a mharcáil mar "neamhiontaofa" má mheaitseálann an síniú an tiomnóir agus "gan mheaitseáil" mura bhfuil.
 settings.trust_model.committer=Coimisitheoir
-settings.trust_model.committer.long=Gealltóir: Sínithe iontaobhais a mheaitseálann na coimitheoirí (Meaitseálann sé seo le GitHub agus cuirfidh sé iallach ar Gitea gealltanais sínithe Gitea a bheith mar an tiomnóir)
-settings.trust_model.committer.desc=Ní mharcálfar "muinín" ar shínithe bailí ach amháin má mheaitseálann siad leis an gcoiste, nó déanfar iad a mharcáil "gan mheaitseáil". Cuireann sé seo iachall ar Gitea a bheith mar an tiomnóir ar ghealltanais sínithe agus an fíor-chimisteoir marcáilte mar Comhúdar: agus Co-tiomanta ag: leantóir sa chimiú. Caithfidh an eochair réamhshocraithe Gitea a bheith ag teacht le hÚsáideoir sa bhunachar sonraí.
+settings.trust_model.committer.long=Tiomnaithe: Sínithe muiníne a mheaitseálann tiomnóirí. Meaitseálann sé seo iompar GitHub agus cuirfidh sé iallach ar thiomnóirí atá sínithe ag Gitea Gitea a bheith mar an tiomnóir.
+settings.trust_model.committer.desc=Ní mharcálfar sínithe bailí mar "iontaofa" ach amháin má mheaitseálann siad an tiomnaí, nó marcálfar iad mar "gan mheaitseáil". Cuireann sé seo iallach ar Gitea a bheith ina tiomnaí ar thiomnuithe sínithe, agus an tiomnaí iarbhír marcáilte mar Chomhúdaraithe ag: agus Co-thiomnaithe ag: leantóir sa tiomnú. Caithfidh eochair réamhshocraithe Gitea a bheith ag teacht le húsáideoir sa bhunachar sonraí.
 settings.trust_model.collaboratorcommitter=Comhoibritheo+Coimiteoir
 settings.trust_model.collaboratorcommitter.long=Comhoibrí+Coiste: sínithe muiníne ó chomhoibrithe a mheaitseálann an tiomnóir
-settings.trust_model.collaboratorcommitter.desc=Déanfar sínithe bailí ó chomhoibritheoirí ar an stór seo a mharcáil "muinín" má mheaitseálann siad leis an gcoiste. Seachas sin, marcálfar "neamhiontaofa" ar shínithe bailí má mheaitseálann an síniú leis an gcoiste agus "gan mheaitseáil" ar shlí eile. Cuirfidh sé seo iallach ar Gitea a mharcáil mar an tiomnóir ar ghealltanais shínithe agus an fíor-choiste a bheith marcáilte mar Comhúdaraithe Ag: agus Comhthiomanta Ag: leantóir sa ghealltanas. Caithfidh an eochair réamhshocraithe Gitea a bheith ag teacht le hÚsáideoir sa bhunachar sonraí.
+settings.trust_model.collaboratorcommitter.desc=Marcálfar sínithe bailí ó chomhoibritheoirí an stórais seo mar "iontaofa" má mheaitseálann siad an tiomnaí. Seachas sin, marcálfar sínithe bailí mar "neamhiontaofa" má mheaitseálann an síniú an tiomnaí agus "gan mheaitseáil" murach sin. Cuirfidh sé seo iallach ar Gitea a bheith marcáilte mar an tiomnaí ar thiomnuithe sínithe, agus an tiomnaí iarbhír marcáilte mar Chomhúdaraithe ag: agus Co-Tiomnaithe ag: leantóir sa tiomnú. Ní mór don eochair réamhshocraithe Gitea a bheith ag teacht le húsáideoir sa bhunachar sonraí.
 settings.wiki_delete=Scrios Sonraí Vicí
 settings.wiki_delete_desc=Tá sonraí wiki stóras a scriosadh buan agus ní féidir iad a chur ar ais.
 settings.wiki_delete_notices_1=- Scriosfaidh agus díchumasóidh sé seo an stóras vicí do %s go buan.
@@ -2274,7 +2305,7 @@ settings.wiki_deletion_success=Scriosadh sonraí vicí an stórais.
 settings.delete=Scrios an Stóras seo
 settings.delete_desc=Tá scriosadh stóras buan agus ní féidir é a chealú.
 settings.delete_notices_1=- <strong>N� FÉIDIR</strong> an oibríocht seo a chealú.
-settings.delete_notices_2=- Scriosfaidh an oibríocht seo stór <strong>%s</strong> go buan lena n-áirítear cód, ceisteanna, nótaí tráchta, sonraí vicí agus socruithe comhoibrithe.
+settings.delete_notices_2=- Scriosfaidh an oibríocht seo an stórlann <strong>%s</strong> go buan, lena n-áirítear cód, saincheisteanna, tuairimí, sonraí vicí agus socruithe comhoibrithe.
 settings.delete_notices_fork_1=- Beidh forcanna den stóras seo neamhspleách tar éis iad a scriosadh.
 settings.deletion_success=Tá an stóras scriosta.
 settings.update_settings_success=Nuashonraíodh na socruithe stóras.
@@ -2296,8 +2327,8 @@ settings.team_not_in_organization=Níl an fhoireann san eagraíocht chéanna lei
 settings.teams=Foirne
 settings.add_team=Cuir Foireann leis
 settings.add_team_duplicate=Tá an stóras ag an bhfoireann cheana féin
-settings.add_team_success=Tá rochtain ag an bhfoireann anois ar an stóras.
-settings.change_team_permission_tip=Tá cead na foirne socraithe ar leathanach socraithe foirne agus ní féidir é a athrú in aghaidh an stóras
+settings.add_team_success=Tá rochtain ag an bhfoireann ar an stóras anois.
+settings.change_team_permission_tip=Tá cead na foirne socraithe ar leathanach socruithe na foirne agus ní féidir é a athrú in aghaidh an stórais
 settings.delete_team_tip=Tá rochtain ag an bhfoireann seo ar gach stórais agus ní féidir í a bhaint
 settings.remove_team_success=Tá rochtain na foirne ar an stóras bainte amach.
 settings.add_webhook=Cuir Crúca Gréasán leis
@@ -2306,8 +2337,8 @@ settings.hooks_desc=Déanann Crúcaí Gréasán iarratais HTTP POST go huathoibr
 settings.webhook_deletion=Bain Crúca Gréasán
 settings.webhook_deletion_desc=Scriostar a shocruithe agus a stair seachadta a bhaineann le Crúca Gréasán a bhaint. Lean ar aghaidh?
 settings.webhook_deletion_success=Tá an Crúca Gréasán bainte amach.
-settings.webhook.test_delivery=Seachadadh Tástála
-settings.webhook.test_delivery_desc=Déan tástáil ar an Crúca Gréasán seo le himeacht bhréige.
+settings.webhook.test_delivery=Imeacht Brúigh Tástála
+settings.webhook.test_delivery_desc=Déan tástáil ar an webhook seo le teagmhas brú bréige.
 settings.webhook.test_delivery_desc_disabled=Chun an Crúca Gréasán seo a thástáil le himeacht bhréige, gníomhachtaigh é.
 settings.webhook.request=Iarratas
 settings.webhook.response=Freagra
@@ -2327,6 +2358,7 @@ settings.payload_url=URL spriocdhírithe
 settings.http_method=Modh HTTP
 settings.content_type=Cineál �bhar POST
 settings.secret=Rúnda
+settings.webhook_secret_desc=Más féidir le freastalaí an webhook rún a úsáid, is féidir leat lámhleabhar an webhook a leanúint agus rún a líonadh isteach anseo.
 settings.slack_username=Ainm úsáideora
 settings.slack_icon_url=URL deilbhín
 settings.slack_color=Dath
@@ -2356,7 +2388,7 @@ settings.event_repository=Stóras
 settings.event_repository_desc=Stóras a cruthaíodh nó a scriosadh.
 settings.event_header_issue=Imeachtaí Eisiúint
 settings.event_issues=Saincheisteanna
-settings.event_issues_desc=Osclaíodh, dúnadh, athosclaíodh nó cuireadh an cheist in eagar.
+settings.event_issues_desc=Ceist oscailte, dúnta, athoscailte, eagarthóireachta nó scriosta.
 settings.event_issue_assign=Saincheist Sannaithe
 settings.event_issue_assign_desc=Eisiúint sannta nó neamhshannta.
 settings.event_issue_label=Eisiúint Lipéadaithe
@@ -2367,7 +2399,7 @@ settings.event_issue_comment=Trácht Eisiúna
 settings.event_issue_comment_desc=Trácht eisiúna cruthaithe, curtha in eagar nó a scriosadh.
 settings.event_header_pull_request=Tarraingt Imeachtaí Iarratas
 settings.event_pull_request=Iarratas Tarraingthe
-settings.event_pull_request_desc=Iarratas tarraingthe oscailte, dúnta, athoscailte nó curtha in eagar.
+settings.event_pull_request_desc=Iarratas tarraingthe a osclaíodh, a dúnadh, a hathosclaíodh, a cuireadh in eagar nó a scriosadh.
 settings.event_pull_request_assign=Iarratas Tarraingthe Sannta
 settings.event_pull_request_assign_desc=Iarratas tarraingthe sannta nó neamhshannta.
 settings.event_pull_request_label=Iarratas Tarraingthe Lipéadaithe
@@ -2385,6 +2417,8 @@ settings.event_pull_request_review_request_desc=Tarraing athbhreithniú iarratai
 settings.event_pull_request_approvals=Ceaduithe Iarratais Tarraing
 settings.event_pull_request_merge=Cumaisc Iarratas Tarraing
 settings.event_header_workflow=Imeachtaí Sreabhadh Oibre
+settings.event_workflow_run=Rith Sreabhadh Oibre
+settings.event_workflow_run_desc=Tá rith Sreabhadh Oibre Gníomhartha Gitea sa scuaine, ag fanacht, ar siúl, nó críochnaithe.
 settings.event_workflow_job=Poist Sreabhadh Oibre
 settings.event_workflow_job_desc=Gitea Actions Sreabhadh oibre post ciúáilte, ag fanacht, ar siúl, nó críochnaithe.
 settings.event_package=Pacáiste
@@ -2510,7 +2544,7 @@ settings.block_on_official_review_requests_desc=Ní bheidh sé indéanta cumasc
 settings.block_outdated_branch=Cuir bac ar chumasc má tá an t-iarratas tarraingthe as dáta
 settings.block_outdated_branch_desc=Ní bheidh cumasc indéanta nuair a bhíonn ceannbhrainse taobh thiar de bhronnbhrainse.
 settings.block_admin_merge_override=Ní mór do riarthóirí rialacha cosanta brainse a leanúint
-settings.block_admin_merge_override_desc=Ní mór do riarthóirí rialacha cosanta brainse a leanúint agus ní féidir leo dul timpeall air.
+settings.block_admin_merge_override_desc=Ní mór do riarthóirí rialacha cosanta brainse a leanúint agus ní féidir leo iad a sheachaint.
 settings.default_branch_desc=Roghnaigh brainse stóras réamhshocraithe le haghaidh iarratas tarraingte agus geallann an cód:
 settings.merge_style_desc=Stíleanna Cumaisc
 settings.default_merge_style_desc=Stíl Cumaisc Réamhshocraithe
@@ -2537,10 +2571,10 @@ settings.matrix.homeserver_url=URL sheirbhíse baile
 settings.matrix.room_id=ID seomra
 settings.matrix.message_type=Cineál teachtaireachta
 settings.visibility.private.button=Déan Príobháideach
-settings.visibility.private.text=Ní amháin go gcuirfidh an infheictheacht a athrú go príobháideach an repo infheicthe amháin do bhaill cheadaithe ach féadfaidh sé an gaol idir é agus forcanna, féachadóirí agus réaltaí a bhaint.
+settings.visibility.private.text=Má athraítear an infheictheacht go príobháideach, ní bheidh an stór le feiceáil ach ag baill cheadaithe agus d’fhéadfadh sé go mbainfí an gaol idir é agus forcanna, faireoirí agus réaltaí atá ann cheana féin.
 settings.visibility.private.bullet_title=<strong>An infheictheacht a athrú go toil phríobháide</strong>
-settings.visibility.private.bullet_one=Déan an stóras infheicthe do chomhaltaí ceadaithe amháin.
-settings.visibility.private.bullet_two=B’fhéidir go mbainfear an gaol idir é agus <strong>forcanna</strong>, <strong>faireoirí</strong>, agus <strong>réaltaí</strong>.
+settings.visibility.private.bullet_one=Déan an stóras le feiceáil ag baill cheadaithe amháin.
+settings.visibility.private.bullet_two=D’fhéadfadh sé an gaol idir é agus <strong>forcanna</strong>, <strong>faireoirí</strong>, agus <strong>réaltaí</strong> a bhaint.
 settings.visibility.public.button=Déan Poiblí
 settings.visibility.public.text=Má athraíonn an infheictheacht don phobal, beidh an stóras le feiceáil do dhuine ar bith.
 settings.visibility.public.bullet_title=<strong>Athróidh an infheictheacht go poiblí:</strong>
@@ -2559,7 +2593,7 @@ settings.archive.tagsettings_unavailable=Níl socruithe clibeanna ar fáil má t
 settings.archive.mirrors_unavailable=Níl scátháin ar fáil má tá an stóras i gcartlann.
 settings.unarchive.button=Stóras gan cartlann
 settings.unarchive.header=Díchartlannaigh an stóras seo
-settings.unarchive.text=Beidh an stóras a dhícheangal ag athghairm a chumas chun tiomanta agus brúigh a fháil, chomh maith le fadhbanna nua agus iarratais tarraing.
+settings.unarchive.text=Má dhíchartlannaítear an stóras, athbhunófar a chumas chun gealltanais agus brúnna a fháil, chomh maith le saincheisteanna nua agus iarratais tarraingthe.
 settings.unarchive.success=Rinneadh an stóras a dhíchartlann go rathúil.
 settings.unarchive.error=Tharla earráid agus tú ag iarraidh an stóras a dhíchartlannú. Féach an logáil le haghaidh tuilleadh sonraí.
 settings.update_avatar_success=Nuashonraíodh avatar an stóras.
@@ -2577,11 +2611,11 @@ settings.lfs_invalid_locking_path=Cosan neamhbhailí: %s
 settings.lfs_invalid_lock_directory=Ní féidir eolaire a ghlasáil: %s
 settings.lfs_lock_already_exists=Tá an glas ann cheana féin: %s
 settings.lfs_lock=Glas
-settings.lfs_lock_path=Cosán comhad le haghaidh glasáil...
+settings.lfs_lock_path=Cosán comhaid le glasáil…
 settings.lfs_locks_no_locks=Gan Glais
 settings.lfs_lock_file_no_exist=Níl an comhad faoi ghlas sa bhrainse réamhshocraithe
 settings.lfs_force_unlock=Díghlasáil Fórsa
-settings.lfs_pointers.found=Aimsíodh %d pointeoir(í) blob - %d bainteach, %d neamhghaolmhar (%d in easnamh ón siopa)
+settings.lfs_pointers.found=Fuarthas %d pointeoir(í) bloba — %d gaolmhar, %d neamhghaolmhar (%d ar iarraidh ón stóras)
 settings.lfs_pointers.sha=SHA Blob
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=I Stóras
@@ -2722,6 +2756,7 @@ branch.restore_success=Tá brainse "%s" curtha ar ais.
 branch.restore_failed=Theip ar chur ar ais brainse "%s".
 branch.protected_deletion_failed=Tá brainse "%s" cosanta. Ní féidir é a scriosadh.
 branch.default_deletion_failed=Is é brainse "%s" an brainse réamhshocraithe. Ní féidir é a scriosadh.
+branch.default_branch_not_exist=Níl an brainse réamhshocraithe "%s" ann.
 branch.restore=`Athchóirigh Brainse "%s"`
 branch.download=`Brainse �osluchtaithe "%s"`
 branch.rename=`Athainmnigh Brainse "%s"`
@@ -2738,6 +2773,8 @@ branch.new_branch_from=`Cruthaigh brainse nua ó "%s"`
 branch.renamed=Ainmníodh brainse %s go %s.
 branch.rename_default_or_protected_branch_error=Ní féidir ach le riarthóirí brainsí réamhshocraithe nó cosanta a athainmniú.
 branch.rename_protected_branch_failed=Tá an brainse seo faoi chosaint ag rialacha cosanta domhanda.
+branch.commits_divergence_from=Difríocht tiomantais: %[1]d taobh thiar agus %[2]d chun tosaigh ar %[3]s
+branch.commits_no_divergence=Mar an gcéanna le brainse %[1]s
 
 tag.create_tag=Cruthaigh clib %s
 tag.create_tag_operation=Cruthaigh clib
@@ -2751,6 +2788,7 @@ topic.done=Déanta
 topic.count_prompt=Ní féidir leat níos mó ná 25 topaicí a roghnú
 topic.format_prompt=Ní mór do thopaicí tosú le litir nó uimhir, is féidir daiseanna ('-') agus poncanna ('.') a áireamh, a bheith suas le 35 carachtar ar fad. Ní mór litreacha a bheith i litreacha beaga.
 
+find_file.follow_symlink=Lean an nasc siombalach seo go dtí an áit a bhfuil sé ag pointeáil air
 find_file.go_to_file=Téigh go dtí an comhad
 find_file.no_matching=Níl aon chomhad meaitseála le fáil
 
@@ -2760,7 +2798,7 @@ error.csv.invalid_field_count=Ní féidir an comhad seo a rindreáil toisc go bh
 error.broken_git_hook=Is cosúil go bhfuil crúcaí git den stór seo briste. Lean an <a target="_blank" rel="noreferrer" href="%s">doiciméadúchán</a> chun iad a cheartú, ansin brúigh roinnt gealltanas chun an stádas a athnuachan.
 
 [graphs]
-component_loading=� lódáil %s...
+component_loading=Ag lódáil %s…
 component_loading_failed=Ní fhéadfaí %s a luchtú
 component_loading_info=Seans go dtógfaidh sé seo beagán…
 component_failed_to_load=Tharla earráid gan choinne.
@@ -2791,6 +2829,7 @@ team_permission_desc=Cead
 team_unit_desc=Ceadaigh Rochtain ar Rannóga Stóras
 team_unit_disabled=(Díchumasaithe)
 
+form.name_been_taken=Tá ainm na heagraíochta "%s" tógtha cheana féin.
 form.name_reserved=Tá an t-ainm eagraíochta "%s" curtha in áirithe.
 form.name_pattern_not_allowed=Ní cheadaítear an patrún "%s" in ainm eagraíochta.
 form.create_org_not_allowed=Níl cead agat eagraíocht a chruthú.
@@ -2798,7 +2837,7 @@ form.create_org_not_allowed=Níl cead agat eagraíocht a chruthú.
 settings=Socruithe
 settings.options=Eagraíocht
 settings.full_name=Ainm Iomlán
-settings.email=Ríomhphost Teagmhála
+settings.email=Seoladh Ríomhphoist Teagmhála
 settings.website=Láithreán Gréasáin
 settings.location=Suíomh
 settings.permission=Ceadanna
@@ -2812,15 +2851,28 @@ settings.visibility.private_shortname=Príobháideach
 
 settings.update_settings=Nuashonrú Socruithe
 settings.update_setting_success=Nuashonraíodh socruithe eagraíochta.
-settings.change_orgname_prompt=Nóta: Athróidh ainm na heagraíochta ag athrú URL d'eagraíochta agus saorfar an sean-ainm.
-settings.change_orgname_redirect_prompt=Déanfaidh an sean-ainm a atreorú go dtí go n-éilítear é.
+
+settings.rename=Athainmnigh an Eagraíocht
+settings.rename_desc=Má athraíonn tú ainm na heagraíochta, athrófar URL d’eagraíochta freisin agus saorfar an seanainm.
+settings.rename_success=Athainmníodh an eagraíocht %[1]s go %[2]s go rathúil.
+settings.rename_no_change=Níl ainm na heagraíochta athraithe.
+settings.rename_new_org_name=Ainm Nua na hEagraíochta
+settings.rename_failed=Theip ar athainmniú na heagraíochta mar gheall ar earráid inmheánach
+settings.rename_notices_1=N� <strong>FÉIDIR</strong> an oibríocht seo a chealú.
+settings.rename_notices_2=Déanfar an seanainm a atreorú go dtí go n-éileofar é.
+
 settings.update_avatar_success=Nuashonraíodh avatar na heagraíochta.
 settings.delete=Scrios Eagraíocht
 settings.delete_account=Scrios an Eagraíocht seo
 settings.delete_prompt=Bainfear an eagraíocht go buan. <strong>N� FÉIDIR</strong> é seo a chealú!
+settings.name_confirm=Cuir isteach ainm na heagraíochta mar dheimhniú:
+settings.delete_notices_1=N� <strong>FÉIDIR</strong> an oibríocht seo a chealú.
+settings.delete_notices_2=Scriosfaidh an oibríocht seo go buan gach <strong>stórais</strong> de chuid <strong>%s</strong>, lena n-áirítear cód, saincheisteanna, tuairimí, sonraí vicí agus socruithe comhoibritheora.
+settings.delete_notices_3=Scriosfaidh an oibríocht seo gach <strong>pacáiste</strong> de chuid <strong>%s</strong> go buan.
+settings.delete_notices_4=Scriosfaidh an oibríocht seo gach <strong>tionscadal</strong> de chuid <strong>%s</strong> go buan.
 settings.confirm_delete_account=Deimhnigh scriosadh
-settings.delete_org_title=Scrios Eagraíocht
-settings.delete_org_desc=Scriosfar an eagraíocht seo go buan. Lean ar aghaidh?
+settings.delete_failed=Theip ar an eagraíocht a scriosadh mar gheall ar earráid inmheánach
+settings.delete_successful=Scriosadh an eagraíocht <b>%s</b> go rathúil.
 settings.hooks_desc=Cuir crúcaí gréasán in leis a spreagfar do <strong>gach stóras</strong> faoin eagraíocht seo.
 
 settings.labels_desc=Cuir lipéid leis ar féidir iad a úsáid ar shaincheisteanna do <strong>gach stóras</strong> faoin eagraíocht seo.
@@ -2876,7 +2928,7 @@ teams.remove_all_repos_title=Bain gach stórais foirne
 teams.remove_all_repos_desc=Bainfidh sé seo gach stórais ón bhfoireann.
 teams.add_all_repos_title=Cuir gach stórais leis
 teams.add_all_repos_desc=Cuirfidh sé seo stórais uile na heagraíochta leis an bhfoireann.
-teams.add_nonexistent_repo=Níl an stóras atá tú ag iarraidh a chur leis ann, cruthaigh é ar dtús.
+teams.add_nonexistent_repo=Níl an stóras atá tú ag iarraidh a chur leis ann. Cruthaigh í ar dtús le do thoil.
 teams.add_duplicate_users=Is ball foirne é an úsáideoir cheana féin.
 teams.repos.none=Ní raibh rochtain ag an bhfoireann seo ar aon stóras.
 teams.members.none=Níl aon bhaill ar an bhfoireann seo.
@@ -2917,7 +2969,7 @@ repositories=Stórais
 hooks=Crúcaí Gréasán
 integrations=Comhtháthaithe
 authentication=Foinsí Fíordheimhnithe
-emails=Ríomhphoist Úsáideoirí
+emails=Seoltaí Ríomhphoist Úsáideoirí
 config=Cumraíocht
 config_summary=Achoimre
 config_settings=Socruithe
@@ -2949,11 +3001,11 @@ dashboard.cron.cancelled=Cron: %[1]s cealaithe: %[3]s
 dashboard.cron.error=Earráid i gCron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s críochnaithe
 dashboard.delete_inactive_accounts=Scrios gach cuntas neamhghníomhach
-dashboard.delete_inactive_accounts.started=Tasc scriostha gach cuntas neamhghníomhachtaithe tosaithe.
+dashboard.delete_inactive_accounts.started=Cuireadh tús leis an tasc chun na cuntais dhíghníomhachtaithe go léir a scriosadh
 dashboard.delete_repo_archives=Scrios gach cartlann stórais (ZIP, TAR.GZ, srl.)
-dashboard.delete_repo_archives.started=Scrios gach tasc cartlann stórais a thosaigh.
+dashboard.delete_repo_archives.started=Cuireadh tús leis an tasc chun gach cartlann stórtha a scriosadh
 dashboard.delete_missing_repos=Scrios gach stóras atá in easnamh ar a gcuid comhad Git
-dashboard.delete_missing_repos.started=Scrios gach stóras atá in easnamh ar a dtasc comhaid Git a thosaigh.
+dashboard.delete_missing_repos.started=Cuireadh tús leis an tasc chun na stórais uile a scriosadh nach bhfuil a gcomhaid Git iontu
 dashboard.delete_generated_repository_avatars=Scrios abhatáranna stórtha ginte
 dashboard.sync_repo_branches=Sync brainsí caillte ó shonraí git go bunachair sonraí
 dashboard.sync_repo_tags=Clibeanna sioncraigh ó shonraí git go bunachar sonraí
@@ -2961,17 +3013,17 @@ dashboard.update_mirrors=Scátháin a nuashonrú
 dashboard.repo_health_check=Seiceáil sláinte gach stóras
 dashboard.check_repo_stats=Seiceáil gach staitisticí stórais
 dashboard.archive_cleanup=Scrios sean-chartlanna stórais
-dashboard.deleted_branches_cleanup=Brainsí scriosta a ghlanadh
+dashboard.deleted_branches_cleanup=Glan suas brainsí scriosta
 dashboard.update_migration_poster_id=Nuashonraigh ID póstaer imir
-dashboard.git_gc_repos=Bailíonn truflais gach stórais
-dashboard.resync_all_sshkeys=Nuashonraigh an comhad '.ssh/authorized_keys' le heochracha Gitea SSH.
-dashboard.resync_all_sshprincipals=Nuashonraigh an comhad '.ssh/authorized_principals' le príomhphrionsabail Gitea SSH.
-dashboard.resync_all_hooks=Athshioncrónaigh crúcaí réamhfhála, nuashonraithe agus iar-fhála na stórtha go léir.
+dashboard.git_gc_repos=Bailitheoir bruscair gach stórais
+dashboard.resync_all_sshkeys=Nuashonraigh an comhad '.ssh/authorized_keys' le heochracha SSH Gitea
+dashboard.resync_all_sshprincipals=Nuashonraigh an comhad '.ssh/authorized_principals' le príomhoidí SSH Gitea
+dashboard.resync_all_hooks=Athshioncrónaigh crúcaí réamhghlactha, nuashonraithe agus iarghlactha na stórais uile
 dashboard.reinit_missing_repos=Aththosaigh gach stórais Git atá in easnamh a bhfuil taifid ann dóibh
 dashboard.sync_external_users=Sioncrónaigh sonraí úsáideoirí seachtracha
-dashboard.cleanup_hook_task_table=Tábla hook_task glantacháin
-dashboard.cleanup_packages=Pacáistí glanta in éag
-dashboard.cleanup_actions=Gníomhaíochtaí glanta in éag acmhainní
+dashboard.cleanup_hook_task_table=Glan suas an tábla hook_task
+dashboard.cleanup_packages=Glan suas pacáistí atá imithe in éag
+dashboard.cleanup_actions=Glan suas acmhainní gníomhartha atá imithe in éag
 dashboard.server_uptime=Aga fónaimh Freastalaí
 dashboard.current_goroutine=Goroutines Reatha
 dashboard.current_memory_usage=Úsáid Cuimhne Reatha
@@ -3002,10 +3054,10 @@ dashboard.total_gc_pause=Sos Iomlán GC
 dashboard.last_gc_pause=Sos GC Deireanach
 dashboard.gc_times=Amanna GC
 dashboard.delete_old_actions=Scrios gach sean-ghníomhaíocht ón mbunachar
-dashboard.delete_old_actions.started=Scrios na sean-ghníomhaíocht go léir ón mbunachar sonraí tosaithe.
+dashboard.delete_old_actions.started=Scriosadh na seanghníomhaíochtaí go léir ón mbunachar sonraí tosaithe
 dashboard.update_checker=Seiceoir nuashonraithe
 dashboard.delete_old_system_notices=Scrios gach seanfhógra córais ón mbunachar sonraí
-dashboard.gc_lfs=Bailigh truflais meta rudaí LFS
+dashboard.gc_lfs=Bailitheoir bruscair meitea-réada LFS
 dashboard.stop_zombie_tasks=Stad gníomhartha tascanna zombie
 dashboard.stop_endless_tasks=Stad gníomhartha tascanna gan deireadh
 dashboard.cancel_abandoned_jobs=Cealaigh gníomhartha poist tréigthe
@@ -3056,7 +3108,7 @@ users.still_own_repo=Tá stórais amháin nó níos mó fós ag an úsáideoir s
 users.still_has_org=Is ball d'eagraíocht é an t-úsáideoir seo. Bain an t-úsáideoir ó aon eagraíochtaí ar dtús.
 users.purge=Úsáideoir a Ghlanadh
 users.purge_help=Scrios go héigeantach úsáideoir agus aon stórais, eagraíochtaí agus pacáistí atá faoi úinéireacht an úsáideora. Scriosfar gach trácht freisin.
-users.still_own_packages=Tá pacáiste amháin nó níos mó fós ag an úsáideoir seo, scrios na pacáistí seo ar dtús.
+users.still_own_packages=Tá pacáiste amháin nó níos mó fós ag an úsáideoir seo. Scrios na pacáistí seo ar dtús.
 users.deletion_success=Scriosadh an cuntas úsáideora.
 users.reset_2fa=Athshocraigh 2FA
 users.list_status_filter.menu_text=Scagaire
@@ -3076,11 +3128,11 @@ users.details=Sonraí Úsáideora
 emails.email_manage_panel=Bainistíocht Ríomhphost Úsáideoir
 emails.primary=Bunscoile
 emails.activated=Gníomhachtaithe
-emails.filter_sort.email=Ríomhphost
-emails.filter_sort.email_reverse=Ríomhphost (droim ar ais)
-emails.filter_sort.name=Ainm Úsáideora
-emails.filter_sort.name_reverse=Ainm Úsáideora (droim ar ais)
-emails.updated=Nuashonraíodh an ríomhphost
+emails.filter_sort.email=Seoladh ríomhphoist
+emails.filter_sort.email_reverse=Seoladh ríomhphoist (droim ar ais)
+emails.filter_sort.name=Ainm úsáideora
+emails.filter_sort.name_reverse=Ainm úsáideora (droim ar ais)
+emails.updated=Seoladh ríomhphoist nuashonraithe
 emails.not_updated=Theip ar an seoladh ríomhphoist iarrtha a nuashonrú: %v
 emails.duplicate_active=Tá an seoladh ríomhphoist seo gníomhach cheana féin d'úsáideoir difriúil.
 emails.change_email_header=Nuashonraigh Airíonna Ríomhphoist
@@ -3088,7 +3140,7 @@ emails.change_email_text=An bhfuil tú cinnte gur mhaith leat an seoladh ríomhp
 emails.delete=Scrios Ríomhphost
 emails.delete_desc=An bhfuil tú cinnte gur mhaith leat an seoladh ríomhphoist seo a scriosadh?
 emails.deletion_success=Tá an seoladh ríomhphoist scriosta.
-emails.delete_primary_email_error=Ní féidir leat an ríomhphost príomhúil a scriosadh.
+emails.delete_primary_email_error=Ní féidir leat an príomhsheoladh ríomhphoist a scriosadh.
 
 orgs.org_manage_panel=Bainistíocht Eagraíochta
 orgs.name=Ainm
@@ -3202,27 +3254,29 @@ auths.oauth2_required_claim_name_helper=Socraigh an t-ainm seo chun logáil iste
 auths.oauth2_required_claim_value=Luach Éilimh Riachtanach
 auths.oauth2_required_claim_value_helper=Socraigh an luach seo chun logáil isteach ón bhfoinse seo a shrianadh chuig úsáideoirí a bhfuil éileamh acu leis an ainm agus an luach seo
 auths.oauth2_group_claim_name=Ainm éileamh ag soláthar ainmneacha grúpa don fhoinse seo (Roghnach)
-auths.oauth2_admin_group=Luach Éilimh Grúpa d'úsáideoirí riarthóra. (Roghnach - teastaíonn ainm éilimh thuas)
-auths.oauth2_restricted_group=Luach Éilimh Grúpa d'úsáideoirí srianta. (Roghnach - teastaíonn ainm éilimh thuas)
-auths.oauth2_map_group_to_team=Map mhaígh grúpaí chuig foirne Eagraíochta. (Roghnach - éilíonn ainm an éilimh thuas)
+auths.oauth2_full_name_claim_name=Ainm Iomlán Éilimh Ainm. (Roghnach — má shocraítear é, déanfar ainm iomlán an úsáideora a shioncrónú leis an éileamh seo i gcónaí)
+auths.oauth2_ssh_public_key_claim_name=Ainm Éilimh Eochrach Phoiblí SSH
+auths.oauth2_admin_group=Luach Éilimh Ghrúpa d'úsáideoirí riarthóra. (Roghnach — éilítear ainm an éilimh thuas)
+auths.oauth2_restricted_group=Luach Éilimh Ghrúpa d'úsáideoirí srianta. (Roghnach — éilítear ainm an éilimh thuas)
+auths.oauth2_map_group_to_team=Mapáil grúpaí éilithe chuig foirne Eagraíochta. (Roghnach — éilítear ainm an éilimh thuas)
 auths.oauth2_map_group_to_team_removal=Bain úsáideoirí ó fhoirne sioncronaithe mura mbaineann an t-úsáideoir leis an ngrúpa comhfhreagrach.
 auths.enable_auto_register=Cumasaigh Clárú Auto
 auths.sspi_auto_create_users=Cruthaigh úsáideoirí go huathoibríoch
-auths.sspi_auto_create_users_helper=Lig do mhodh auth SSPI cuntais nua a chruthú go huathoibríoch d'úsáideoirí a logálann isteach den chéad uair
+auths.sspi_auto_create_users_helper=Ceadaigh don mhodh údaraithe SSPI cuntais nua a chruthú go huathoibríoch d'úsáideoirí a logálann isteach den chéad uair
 auths.sspi_auto_activate_users=Gníomhachtaigh úsáideoirí go huathoibríoch
 auths.sspi_auto_activate_users_helper=Lig modh auth SSPI úsáideoirí nua a ghníomhachtú go huathoibríoch
 auths.sspi_strip_domain_names=Bain ainmneacha fearann ó ainm úsáideora
-auths.sspi_strip_domain_names_helper=Má dhéantar iad a sheiceáil, bainfear ainmneacha fearainn ó ainmneacha logála isteach (m.sh. Beidh “DOMAIN\ user� agus "user@example.org" araon ní bheidh ach “úsáideoir�).
+auths.sspi_strip_domain_names_helper=Má tá sé seo seiceáilte, bainfear ainmneacha fearainn as ainmneacha logála isteach (m.sh. ní bheidh ach "úsáideoir" i gceist le "DOMAIN\user" agus "user@example.org").
 auths.sspi_separator_replacement=Deighilteoir le húsáid in ionad\,/agus @
-auths.sspi_separator_replacement_helper=An carachtar a úsáidfear chun na deighilteoirí a chur in ionad na n-ainmneacha logála síos-leibhéil (m.sh. an \ i "DOMAIN\úsáideoir") agus ainmneacha príomhoidí úsáideora (m.sh. an @ in "user@example.org").
+auths.sspi_separator_replacement_helper=An carachtar le húsáid chun deighilteoirí ainmneacha logála isteach ar leibhéal níos ísle (m.sh. an \ i "DOMAIN\user") agus príomhainmneacha úsáideora (m.sh. an @ i "user@example.org") a athsholáthar.
 auths.sspi_default_language=Teanga úsáideora réamhshocraithe
-auths.sspi_default_language_helper=Teanga réamhshocraithe d'úsáideoirí cruthaithe go huathoibríoch ag modh auth SSPI. Fág folamh más fearr leat teanga a bhrath go huathoibríoch.
+auths.sspi_default_language_helper=Teanga réamhshocraithe d'úsáideoirí a chruthaítear go huathoibríoch ag modh údaraithe SSPI. Fág folamh más fearr leat go mbraithfí an teanga go huathoibríoch.
 auths.tips=Leideanna
 auths.tips.oauth2.general=OAuth2 Fíordheimhniú
 auths.tips.oauth2.general.tip=Agus fíordheimhniú OAuth2 nua á chlárú agat, ba chóir go mbeadh an URL glaonna ais/atreoraithe:
 auths.tip.oauth2_provider=Soláthraí OAuth2
 auths.tip.bitbucket=Cláraigh tomhaltóir OAuth nua ar %s agus cuir an cead 'Cuntas' - 'Léigh' leis
-auths.tip.nextcloud=`Cláraigh tomhaltóir OAuth nua ar do chás ag baint úsáide as an roghchlár seo a leanas "Socruithe -> Slándáil -> cliant OAuth 2.0"`
+auths.tip.nextcloud=Cláraigh tomhaltóir OAuth nua ar do chás trí "Socruithe -> Slándáil -> Cliant OAuth 2.0" a roghnú sa roghchlár
 auths.tip.dropbox=Cruthaigh feidhmchlár nua ag %s
 auths.tip.facebook=Cláraigh feidhmchlár nua ag %s agus cuir an táirge "Facebook Login" leis
 auths.tip.github=Cláraigh feidhmchlár OAuth nua ar %s
@@ -3275,8 +3329,6 @@ config.ssh_domain=Fearainn Freastalaí SSH
 config.ssh_port=Calafort
 config.ssh_listen_port=Éist Calafort
 config.ssh_root_path=Cosán Fréimhe
-config.ssh_key_test_path=Cosán Tástáil Eochair
-config.ssh_keygen_path=Keygen ('ssh-keygen') Cosán
 config.ssh_minimum_key_size_check=Seiceáil �osta Méid Eochair
 config.ssh_minimum_key_sizes=Méideanna �osta Eochrach
 
@@ -3334,7 +3386,7 @@ config.mailer_sendmail_path=Cosán Sendmail
 config.mailer_sendmail_args=Argóintí Breise chuig Sendmail
 config.mailer_sendmail_timeout=Teorainn Ama Sendmail
 config.mailer_use_dummy=Caochadán
-config.test_email_placeholder=Ríomhphost (m.sh. test@example.com)
+config.test_email_placeholder=Seoladh Ríomhphoist (m.sh. test@example.com)
 config.send_test_mail=Seol Ríomhphost Tástála
 config.send_test_mail_submit=Seol
 config.test_mail_failed=Theip ar ríomhphost tástála a sheoladh chuig "%s": %v
@@ -3408,7 +3460,7 @@ monitor.start=Am Tosaigh
 monitor.execute_time=Am Forghníomhaithe
 monitor.last_execution_result=Toradh
 monitor.process.cancel=Cealaigh próiseas
-monitor.process.cancel_desc=Má chuirtear próiseas ar ceal d'fhéadfadh go gcaillfí sonraí
+monitor.process.cancel_desc=D’fhéadfadh caillteanas sonraí a bheith mar thoradh ar phróiseas a chealú
 monitor.process.children=Leanaí
 
 monitor.queues=Scuaineanna
@@ -3423,7 +3475,7 @@ monitor.queue.numberinqueue=Uimhir i scuaine
 monitor.queue.review_add=Athbhreithniú / Cuir Oibrithe leis
 monitor.queue.settings.title=Socruithe Linn
 monitor.queue.settings.desc=Fásann linnte go dinimiciúil mar fhreagra ar a gcuid scuaine oibrithe a bhlocáil.
-monitor.queue.settings.maxnumberworkers=Uaslíon na n-oibrithe
+monitor.queue.settings.maxnumberworkers=Uasmhéid líon na n-oibrithe
 monitor.queue.settings.maxnumberworkers.placeholder=Faoi láthair %[1]d
 monitor.queue.settings.maxnumberworkers.error=Caithfidh uaslíon na n-oibrithe a bheith ina uimhir
 monitor.queue.settings.submit=Nuashonrú Socruithe
@@ -3449,10 +3501,10 @@ notices.delete_success=Scriosadh na fógraí córais.
 self_check.no_problem_found=Níor aimsíodh aon fhadhb fós.
 self_check.startup_warnings=Rabhadh tosaithe:
 self_check.database_collation_mismatch=Bí ag súil le comhthiomsú a úsáid sa bhunachar sonraí: %s
-self_check.database_collation_case_insensitive=Tá bunachar sonraí ag baint úsáide as comparáid %s, arb é comhdhlúthú neamhíogair. Cé go bhféadfadh Gitea oibriú leis, d'fhéadfadh go mbeadh roinnt cásanna annamh ann nach n-oibríonn mar a bhíothas ag súil leis.
-self_check.database_inconsistent_collation_columns=Tá comhthiomsú %s in úsáid ag an mbunachar sonraí, ach tá comhthiomsuithe mímheaitseála á n-úsáid ag na colúin seo. D'fhéadfadh sé a bheith ina chúis le roinnt fadhbanna gan choinne.
-self_check.database_fix_mysql=D'úsáideoirí MySQL/MariaDB, d'fhéadfá an t-ordú "gitea doctor convert" a úsáid chun na fadhbanna comhthiomsaithe a réiteach, nó d'fhéadfá an fhadhb a réiteach trí "ALTER ... COLLATE ..." SQLs de láimh freisin.
-self_check.database_fix_mssql=I gcás úsáideoirí MSSQL, ní fhéadfá an fhadhb a réiteach ach trí "ALTER ... COLLATE ..." SQLs de láimh faoi láthair.
+self_check.database_collation_case_insensitive=Tá an bunachar sonraí ag baint úsáide as an gcóimheas %s, arb é atá ann ná cóimheas neamhíogair ó thaobh cás de. Cé gur féidir le Gitea oibriú leis, d'fhéadfadh go mbeadh roinnt cásanna neamhchoitianta ann nach n-oibreoidh mar a bhíothas ag súil leis.
+self_check.database_inconsistent_collation_columns=Tá an bunachar sonraí ag úsáid an chóimheasa %s, ach tá na colúin seo ag úsáid chóimheasa mí-oiriúnacha. D’fhéadfadh sé seo roinnt fadhbanna gan choinne a chruthú.
+self_check.database_fix_mysql=I gcás úsáideoirí MySQL/MariaDB, d'fhéadfá an t-ordú "gitea doctor convert" a úsáid chun na fadhbanna cóimheasa a shocrú, nó d'fhéadfá an fhadhb a shocrú de láimh le fiosrúcháin SQL "ALTER ... COLLATE ...".
+self_check.database_fix_mssql=I gcás úsáideoirí MSSQL, ní fhéadfá an fhadhb a réiteach de láimh ach le fiosrúcháin SQL "ALTER ... COLLATE ..." faoi láthair.
 self_check.location_origin_mismatch=Ní mheaitseálann an URL reatha (%[1]s) an URL atá le feiceáil ag Gitea (%[2]s). Má tá seachfhreastalaí droim ar ais á úsáid agat, cinntigh le do thoil go bhfuil na ceanntásca "Óstríomhaire" agus "X-Forwarded-Proto" socraithe i gceart.
 
 [action]
@@ -3536,8 +3588,8 @@ error.no_committer_account=Níl aon chuntas nasctha le seoladh ríomhphoist an t
 error.no_gpg_keys_found=Níor aimsíodh aon eochair aithne don síniú seo sa bhunachar
 error.not_signed_commit=Ní tiomantas sínithe
 error.failed_retrieval_gpg_keys=Theip ar aisghabháil eochair ar bith a bhí ceangailte le cuntas an tiomnóra
-error.probable_bad_signature=RABHADH! Cé go bhfuil eochair leis an ID seo sa bhunachar sonraí ní fhíoraíonn sé an tiomantas seo! Tá an tiomantas seo AMHRASACH.
-error.probable_bad_default_signature=RABHADH! Cé go bhfuil an t-aitheantas seo ag an eochair réamhshocraithe ní fíoraíonn sé an tiomantas seo! Tá an tiomantas seo AMHRASACH.
+error.probable_bad_signature=RABHADH! Cé go bhfuil eochair leis an ID seo sa bhunachar sonraí, ní fhíoraíonn sé an tiomantas seo! Tá AMHRASACH ar an tiomantas seo.
+error.probable_bad_default_signature=RABHADH! Cé go bhfuil an ID seo ag an eochair réamhshocraithe, ní fhíoraíonn sé an tiomantas seo! Tá AMHRASACH ar an tiomantas seo.
 
 [units]
 unit=Aonad
@@ -3576,7 +3628,7 @@ versions.view_all=Féach ar gach
 dependency.id=ID
 dependency.version=Leagan
 search_in_external_registry=Cuardaigh i %s
-alpine.registry=Socraigh an chlár seo tríd an url a chur i do chomhad <code>/etc/apk/repositories</code>:
+alpine.registry=Socraigh an clárlann seo tríd an URL a chur i do chomhad <code>/etc/apk/repositories</code>:
 alpine.registry.key=�oslódáil eochair RSA poiblí na clárlainne isteach san fhillteán <code>/etc/apk/keys/</code> chun an síniú innéacs a fhíorú:
 alpine.registry.info=Roghnaigh $branch agus $repository ón liosta thíos.
 alpine.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas:
@@ -3589,7 +3641,7 @@ arch.install=Sioncronaigh pacáiste le pacman:
 arch.repository=Eolas Stórais
 arch.repository.repositories=Stórais
 arch.repository.architectures=Ailtireachtaí
-cargo.registry=Socraigh an clárlann seo sa chomhad cumraíochta lasta (mar shampla <code>~/.cargo/config.toml</code>):
+cargo.registry=Socraigh an clárlann seo i gcomhad cumraíochta Cargo (mar shampla <code>~/.cargo/config.toml</code>):
 cargo.install=Chun an pacáiste a shuiteáil ag baint úsáide as Cargo, reáchtáil an t-ordú seo a leanas:
 chef.registry=Socraigh an clárlann seo i do chomhad <code>~/.chef/config.rb</code>:
 chef.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas:
@@ -3600,7 +3652,7 @@ composer.dependencies.development=Spleithiúlachtaí Forbartha
 conan.details.repository=Stóras
 conan.registry=Socraigh an clárlann seo ón líne ordaithe:
 conan.install=Chun an pacáiste a shuiteáil ag úsáid Conan, reáchtáil an t-ordú seo a leanas:
-conda.registry=Socraigh an chlár seo mar stóras Conda i do chomhad <code>.condarc</code>:
+conda.registry=Socraigh an clárlann seo mar stóras Conda i do chomhad <code>.condarc</code>:
 conda.install=Chun an pacáiste a shuiteáil ag úsáid Conda, reáchtáil an t-ordú seo a leanas:
 container.details.type=Cineál �omhá
 container.details.platform=Ardán
@@ -3612,7 +3664,7 @@ container.layers=Sraitheanna �omhá
 container.labels=Lipéid
 container.labels.key=Eochair
 container.labels.value=Luach
-cran.registry=Cumraigh an chlárlann seo i do chomhad <code>Rprofile.site</code>:
+cran.registry=Socraigh an chlárlann seo i do chomhad <code>Rprofile.site</code>:
 cran.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas:
 debian.registry=Socraigh an clárlann seo ón líne ordaithe:
 debian.registry.info=Roghnaigh $distribution agus $component ón liosta thíos.
@@ -3626,7 +3678,7 @@ go.install=Suiteáil an pacáiste ón líne ordaithe:
 helm.registry=Socraigh an clárlann seo ón líne ordaithe:
 helm.install=Chun an pacáiste a shuiteáil, rith an t-ordú seo a leanas:
 maven.registry=Socraigh an clárlann seo i do chomhad <code>pom.xml</code> tionscadail:
-maven.install=Chun an pacáiste a úsáid cuir na nithe seo a leanas sa bhloc <code>spleáchais</code> sa chomhad <code>pom.xml</code>:
+maven.install=Chun an pacáiste a úsáid, cuir an méid seo a leanas san áireamh sa bhloc <code>dependencies</code> sa chomhad <code>pom.xml</code>:
 maven.install2=Rith tríd an líne ordaithe:
 maven.download=Chun an spleáchas a íoslódáil, rith tríd an líne ordaithe:
 nuget.registry=Socraigh an clárlann seo ón líne ordaithe:
@@ -3680,7 +3732,7 @@ owner.settings.cargo.initialize.success=Cruthaíodh an t-innéacs Cargo go rathÃ
 owner.settings.cargo.rebuild=Innéacs Atógáil
 owner.settings.cargo.rebuild.description=Is féidir atógáil a bheith úsáideach mura bhfuil an t-innéacs sioncronaithe leis na pacáistí Cargo stóráilte.
 owner.settings.cargo.rebuild.error=Níorbh fhéidir an t-innéacs Cargo a atógáil: %v
-owner.settings.cargo.rebuild.success=D'éirigh leis an innéacs Cargo a atógáil.
+owner.settings.cargo.rebuild.success=Rinneadh innéacs an Charga a atógáil go rathúil.
 owner.settings.cleanuprules.title=Bainistigh Rialacha Glanta
 owner.settings.cleanuprules.add=Cuir Riail Glantacháin leis
 owner.settings.cleanuprules.edit=Cuir Riail Glantacháin in eagar
@@ -3709,13 +3761,18 @@ owner.settings.chef.keypair.description=Tá eochairphéire riachtanach le fíord
 secrets=Rúin
 description=Cuirfear rúin ar aghaidh chuig gníomhartha áirithe agus ní féidir iad a léamh ar mhalairt.
 none=Níl aon rúin ann fós.
-creation=Cuir Rúnda leis
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Cur síos
 creation.name_placeholder=carachtair alfanumair nó íoslaghda amháin nach féidir a thosú le GITEA_ nó GITHUB_
 creation.value_placeholder=Ionchur ábhar ar bith. Fágfar spás bán ag tús agus ag deireadh ar lár.
 creation.description_placeholder=Cuir isteach cur síos gairid (roghnach).
-creation.success=Tá an rún "%s" curtha leis.
-creation.failed=Theip ar an rún a chur leis.
+
+save_success=Tá an rún "%s" sábháilte.
+save_failed=Theip ar an rún a shábháil.
+
+add_secret=Cuir rún leis
+edit_secret=Cuir rún in eagar
 deletion=Bain rún
 deletion.description=Is buan rún a bhaint agus ní féidir é a chealú. Lean ort?
 deletion.success=Tá an rún bainte.
@@ -3763,7 +3820,7 @@ runners.delete_runner=Scrios an reathaí seo
 runners.delete_runner_success=Scriosadh an reathaí go rathúil
 runners.delete_runner_failed=Theip ar an reathaí a scriosadh
 runners.delete_runner_header=Deimhnigh an reathaí seo a scriosadh
-runners.delete_runner_notice=Má tá tasc ar siúl ar an reathaí seo, cuirfear deireadh leis agus marcáil mar theip. Féadfaidh sé sreabhadh oibre tógála a bhriseadh.
+runners.delete_runner_notice=Má tá tasc á rith ar an rithóir seo, cuirfear deireadh leis agus marcálfar é mar theip air. D’fhéadfadh sé seo cur isteach ar shreabhadh oibre na tógála.
 runners.none=Níl aon reathaí ar fáil
 runners.status.unspecified=Anaithnid
 runners.status.idle=Díomhaoin
@@ -3793,6 +3850,11 @@ runs.no_workflows.documentation=Le haghaidh tuilleadh eolais ar Gitea Actions, f
 runs.no_runs=Níl aon rith ag an sreabhadh oibre fós.
 runs.empty_commit_message=(teachtaireacht tiomantas folamh)
 runs.expire_log_message=Glanadh logaí toisc go raibh siad ró-sean.
+runs.delete=Scrios rith sreabha oibre
+runs.cancel=Cealaigh rith an tsreabha oibre
+runs.delete.description=An bhfuil tú cinnte gur mian leat an rith sreabha oibre seo a scriosadh go buan? Ní féidir an gníomh seo a chealú.
+runs.not_done=Níl an rith sreabha oibre seo críochnaithe.
+runs.view_workflow_file=Féach ar chomhad sreabha oibre
 
 workflow.disable=Díchumasaigh sreabhadh oibre
 workflow.disable_success=D'éirigh le sreabhadh oibre '%s' a dhíchumasú.
@@ -3832,6 +3894,8 @@ deleted.display_name=Tionscadal scriosta
 type-1.display_name=Tionscadal Aonair
 type-2.display_name=Tionscadal Stórais
 type-3.display_name=Tionscadal Eagrúcháin
+enter_fullscreen=Lánscáileán
+exit_fullscreen=Scoir Lánscáileáin
 
 [git.filemode]
 changed_filemode=%[1]s → %[2]s
diff --git a/options/locale/locale_hu-HU.ini b/options/locale/locale_hu-HU.ini
index a57d6960dd..e86030e127 100644
--- a/options/locale/locale_hu-HU.ini
+++ b/options/locale/locale_hu-HU.ini
@@ -134,9 +134,6 @@ sqlite_helper=A SQLite3 adatbázis elérési útvonala.<br>Kérjük adjon meg eg
 err_empty_db_path=SQLite3 adatbázis elérési útvonala nem lehet üres.
 no_admin_and_disable_registration=Nem tilthatja le a regisztrációt, amíg nem hoz létre egy rendszergazdai fiókot.
 err_empty_admin_password=A rendszergazdai jelszó nem lehet üres.
-err_empty_admin_email=A rendszergazdai jelszó nem lehet üres.
-err_admin_name_is_reserved=Az rendszergazda felhasználóneve helytelen, vagy foglalt
-err_admin_name_is_invalid=Az rendszergazda felhasználói neve helytelen
 
 general_title=�ltalános beállítások
 app_name=Webhely címe
@@ -149,7 +146,6 @@ run_user=Futtatás mint
 ssh_port=SSH szerver port
 ssh_port_helper=SSH port amit az ön szervere használni fog. Hagyja üresen a kikapcsoláshoz.
 http_port=Gitea HTTP Figyelő Port
-http_port_helper=Port száma, amelyen a Gitea web szervere hallgatni fog.
 app_url=Az oldal alapértelmezett címe
 app_url_helper=Alapcím HTTP(S) klón címekhez és e-mail értesítésekhez.
 log_root_path=Naplófájl elérési útja
@@ -245,7 +241,6 @@ allow_password_change=A felhasználóknak meg kell változtatniuk a jelszavukat(
 reset_password_mail_sent_prompt=Megerősítő email lett küldve ide: <b>%s</b>. Ellenőrizze postafiókját az elkövetkező %s a jelszó visszaállítási folyamat befejezéséhez.
 active_your_account=Aktiválja a fiókját
 account_activated=A fiók aktiválva lett
-prohibit_login=Bejelentkezés letiltva
 resent_limit_prompt=Elnézést, de nemrég már kért aktivációs emailt. Kérem várjon 3 percet és utána próbálja újra.
 has_unconfirmed_mail=Tisztelt %s, az email címe (<b>%s</b>) nincsen megerősítve. Amennyiben nem kapta még meg a megerősítő email-t, vagy egy újra van szüksége, az alábbi gombra kattintson.
 resend_mail=Kattintson ide az aktivációs email újraküldéséhez
@@ -529,7 +524,6 @@ revoke_oauth2_grant=Hozzáférés megvonása
 twofa_is_enrolled=A fiókja jelenleg <strong>használ</strong> kétlépcsős hitelesítést.
 twofa_not_enrolled=A fiókja jelenleg nem használ kétlépcsős hitelesítést.
 twofa_disable=Kétlépcsős hitelesítés letiltása
-twofa_enroll=Kétlépcsős hitelesítés használata
 twofa_disable_note=A kétlépcsős azonosítás szükség esetén letiltható.
 twofa_disable_desc=A kétlépcsős hitelesítés letiltása a fiókot kevésbé biztonságossá teszi. Folytatható?
 twofa_disabled=Kétlépcsős hitelesítés letiltva.
@@ -651,7 +645,6 @@ quick_guide=Gyors útmutató
 clone_this_repo=Tároló klónozása
 create_new_repo_command=Egy új tároló létrehozása a parancssorból
 push_exist_repo=Meglévő tároló feltöltése parancssorból
-empty_message=A tároló nem tartalmaz semmit.
 
 code=Kód
 branch=�g
@@ -679,7 +672,6 @@ file_too_large=Ez a fájl túl nagy ahhoz, hogy megjelenítsük.
 
 video_not_supported_in_browser=A böngésző nem támogatja a HTML5 video tag-et.
 audio_not_supported_in_browser=A böngésző nem támogatja a HTML5 audio tag-et.
-stored_lfs=Git LFS-el eltárolva
 symbolic_link=Szimbolikus hivatkozás
 commit_graph=Commit gráf
 commit_graph.hide_pr_refs=Pull request-ek elrejtése
@@ -712,6 +704,7 @@ editor.commit_empty_file_header=Egy üres fájl commitolása
 editor.no_changes_to_show=Nincsen megjeleníthető változás.
 editor.add_subdir=Mappa hozzáadása…
 
+
 commits.commits=Commit-ok
 commits.search_all=Minden ág
 commits.author=Szerző
@@ -782,7 +775,6 @@ issues.filter_type.mentioning_you=Engem említ
 issues.filter_sort=Rendezés
 issues.filter_sort.latest=Legújabb
 issues.filter_sort.oldest=Legrégebbi
-issues.filter_sort.recentupdate=Nemrég frissített
 issues.filter_sort.leastupdate=Legrégebben frissített
 issues.filter_sort.mostcomment=Legtöbbet hozzászólt
 issues.filter_sort.leastcomment=Legkevesebbet hozzászólt
@@ -844,12 +836,10 @@ issues.subscribe=Feliratkozás
 issues.unsubscribe=Leiratkozás
 issues.lock=Beszélgetés lezárása
 issues.unlock=Beszélgetés feloldása
-issues.lock.unknown_reason=Egy hibajegy nem zárolható ismeretlen okból.
 issues.lock_duplicate=Egy hibajegy nem zárható be kétszer.
 issues.unlock_error=Nem nyithatsz meg egy hibajegyet ami nincs is lezárva.
 issues.lock_confirm=Lezárás
 issues.unlock_confirm=Feloldás
-issues.lock.notice_1=- Más felhasználók nem szólhatnak hozzá ehhez a hibajegyhez.
 issues.lock.reason=Zárolás oka
 issues.lock.title=Beszélgetés lezárása ezen a hibajegyen.
 issues.unlock.title=Hibajegy újranyitása.
@@ -898,7 +888,6 @@ issues.review.reviewers=Véleményezők
 issues.review.show_outdated=Elavultak mutatása
 issues.review.hide_outdated=Elavultak elrejtése
 issues.review.commented=Hozzászólás
-issues.assignee.error=Nem minden megbízott lett hozzáadva egy nem várt hiba miatt.
 
 
 pulls.new=Egyesítési kérés
@@ -1018,7 +1007,6 @@ activity.title.releases_1=%d Kiadás
 activity.title.releases_n=%d Kiadások
 activity.title.releases_published_by=%s publikálta %s
 activity.published_release_label=Publikálva
-activity.no_git_activity=Nem voltak commit-ok ebben az időszakban.
 activity.git_stats_commit_1=%d commit
 activity.git_stats_commit_n=%d commit
 activity.git_stats_file_n=%d fájl
@@ -1176,13 +1164,13 @@ settings.visibility.private_shortname=Privát
 
 settings.update_settings=Beállítások frissítése
 settings.update_setting_success=A szervezet beállításai frissültek.
+
+
 settings.update_avatar_success=A szervezet avatarja frissítve.
 settings.delete=Szervezet törlése
 settings.delete_account=A szervezet törlése
 settings.delete_prompt=A szervezet véglegesen el lesz távolítva. <strong>NEM</strong> vonható vissza!
 settings.confirm_delete_account=Törlés megerősítése
-settings.delete_org_title=Szervezet törlése
-settings.delete_org_desc=Ez a szervezet véglegesen törölve lesz. Folytatható?
 settings.hooks_desc=Webhook hozzáadása a szervezet <strong>összes tárolójához</strong>.
 
 
@@ -1291,7 +1279,6 @@ users.restricted=Korlátozott
 users.repos=Tárolók
 users.created=Létrehozva
 users.last_login=Utolsó bejelentkezés
-users.never_login=Sosem jelentkezett be
 users.send_register_notify=Felhasználó regisztráció értesítés küldése
 users.edit=Szerkesztés
 users.auth_source=Hitelesítési forrás
@@ -1309,7 +1296,6 @@ users.list_status_filter.is_restricted=Korlátozott
 
 emails.primary=Elsődleges
 emails.activated=Aktivált
-emails.filter_sort.email=Email
 emails.filter_sort.name=Felhasználónév
 
 orgs.org_manage_panel=Szervezetek Kezelése
@@ -1412,8 +1398,6 @@ config.ssh_start_builtin_server=Beépített szerver használata
 config.ssh_port=Port
 config.ssh_listen_port=Figyelő port
 config.ssh_root_path=Gyökérkönyvtár
-config.ssh_key_test_path=Kulcs ellenőrzés útvonala
-config.ssh_keygen_path=Kulcsgeneráló ('ssh-keygen') elérési útja
 config.ssh_minimum_key_size_check=Kulcsok minimum méretének ellenőrzése
 config.ssh_minimum_key_sizes=Minimális kulcsok méretek
 
@@ -1596,8 +1580,12 @@ conan.details.repository=Tároló
 owner.settings.cleanuprules.enabled=Engedélyezett
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Leírás
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_id-ID.ini b/options/locale/locale_id-ID.ini
index c54bfbb924..e6d383cff0 100644
--- a/options/locale/locale_id-ID.ini
+++ b/options/locale/locale_id-ID.ini
@@ -35,7 +35,6 @@ webauthn_use_twofa=Gunakan kode dua faktor dari telepon Anda
 webauthn_error=Tidak dapat membaca kunci keamanan Anda.
 webauthn_unsupported_browser=Browser Anda saat ini tidak mendukung WebAuthn.
 webauthn_error_unknown=Terdapat kesalahan yang tidak diketahui. Mohon coba lagi.
-webauthn_error_insecure=`WebAuthn hanya mendukung koneksi aman. Untuk pengujian melalui HTTP, Anda dapat menggunakan "localhost" atau "127.0.0.1"`
 webauthn_error_unable_to_process=Server tidak dapat memproses permintaan Anda.
 webauthn_error_duplicated=Kunci keamanan tidak diperbolehkan untuk permintaan ini. Pastikan bahwa kunci ini belum terdaftar sebelumnya.
 webauthn_error_empty=Anda harus menetapkan nama untuk kunci ini.
@@ -117,7 +116,6 @@ pin=Sematkan
 unpin=Lepas sematan
 
 artifacts=Artefak
-confirm_delete_artifact=Apakah Anda yakin ingin menghapus artefak '%s' ?
 
 archived=Diarsipkan
 
@@ -145,17 +143,9 @@ filter.private=Pribadi
 no_results_found=Hasil tidak ditemukan.
 
 [search]
-search=Cari...
 type_tooltip=Tipe pencarian
-fuzzy_tooltip=Termasuk juga hasil yang mendekati kata pencarian
 exact_tooltip=Hanya menampilkan hasil yang cocok dengan istilah pencarian
-repo_kind=Cari repo...
-user_kind=Telusuri pengguna...
-org_kind=Cari organisasi...
-team_kind=Cari tim...
-code_kind=Cari kode...
 code_search_unavailable=Pencarian kode saat ini tidak tersedia. Silahkan hubungi administrator.
-branch_kind=Cari cabang...
 
 [aria]
 navbar=Bar Navigasi
@@ -187,8 +177,6 @@ buttons.enable_monospace_font=Aktifkan font monospace
 buttons.disable_monospace_font=Non-Aktifkan font monospace
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Terjadi kesalahan
@@ -261,7 +249,6 @@ allow_password_change=Wajibkan pengguna untuk mengganti kata sandi (disarankan)
 reset_password_mail_sent_prompt=Surel konfirmasi berhasil dikirim ke <b>%s</b>. Silahkan cek akun email Anda dalam %s jam untuk menyelesaikan proses pemulihan akun.
 active_your_account=Aktifkan Akun Anda
 account_activated=Akun telah diaktifkan
-prohibit_login=Dilarang Masuk
 resent_limit_prompt=Anda telah meminta sebuah aktivasi surel beberapa saat lalu. Silakan tunggu 3 menit dan coba lagi.
 has_unconfirmed_mail=Hai %s, anda memiliki sebuah alamat surel yang belum dikonfirmasi (<b>%s</b>). Jika anda belum menerima surel konfirmasi atau perlu untuk mengirim ulang yang baru, silakan klik pada tombol di bawah.
 resend_mail=Klik di sini untuk mengirim ulang surel aktivasi anda
@@ -294,7 +281,6 @@ email_domain_blacklisted=Anda tidak dapat mendaftar dengan alamat email.
 authorize_application=Izinkan aplikasi
 authorize_redirect_notice=Anda akan dialihkan ke %s apabila Anda mengizinkan aplikasi ini.
 authorize_application_created_by=Aplikasi ini dibuat oleh %s.
-authorize_application_description=Jika Anda memberikan akses, itu akan bisa mengakses dan menulis semua informasi akun Anda, termasuk repositori pribadi dan organisasi.
 authorize_title=Izinkan "%s" untuk mengakses akun Anda?
 authorization_failed=Otorisasi gagal
 sspi_auth_failed=Autentikasi SSPI gagal
@@ -361,7 +347,6 @@ lang_select_error=Pilih bahasa dari daftar.
 username_been_taken=Nama pengguna sudah terambil.
 repo_name_been_taken=Nama repositori sudah digunakan.
 visit_rate_limit=Kunjungan remot mengatasi batasan laju.
-2fa_auth_required=Kunjungan remote memerlukan autentikasi dua faktor.
 org_name_been_taken=Nama organisasi sudah diambil.
 team_name_been_taken=Nama tim sudah diambil.
 team_no_units_error=Izinkan akses pada setidaknya satu bagian repositori.
@@ -456,7 +441,6 @@ activated=Diaktifkan
 primary_email=Buat Utama
 delete_email=Hapus
 email_deletion=Hapus Alamat Email
-email_deletion_desc=Alamat email dan informasi terkait akan dihapus dari akun. Git commit dengan alamat email ini akan tetap tidak berubah. Lanjutkan?
 email_deletion_success=Alamat email Anda telah dihapus.
 theme_update_success=Tema Anda diperbarui.
 theme_update_error=Thema yang dipilih tidak ada.
@@ -545,12 +529,10 @@ oauth2_application_create_description=Aplikasi OAuth2 memberikan aplikasi pihak
 authorized_oauth2_applications=Aplikasi OAuth2 Terotorisasi
 revoke_key=Cabut
 revoke_oauth2_grant=Cabut Akses
-revoke_oauth2_grant_description=Mencabut akses untuk aplikasi pihak ketiga ini akan mencegahnya mengakses data Anda. Lanjutkan?
 
 twofa_is_enrolled=Akun anda saat ini <strong>terdaftar</strong> dalam otentikasi dua-faktor.
 twofa_not_enrolled=Akun anda saat ini tidak terdaftar dalam otentikasi dua-faktor.
 twofa_disable=Matikan Autentikasi Dua Faktor
-twofa_enroll=Daftarkan ke Autentikasi Dua-Faktor
 twofa_disable_note=Anda bisa mematikan autentikasi dua-faktor bila diperlukan.
 twofa_disable_desc=Mematikan autentikasi dua-faktor akan membuat akun Anda kurang aman. Lanjutkan?
 twofa_disabled=Otentikasi dua-faktor telah dinonaktifkan.
@@ -561,7 +543,6 @@ passcode_invalid=Kode sandi salah. Coba lagi.
 
 manage_account_links=Kelola akun tertaut
 manage_account_links_desc=Semua akun eksternal ini sementara tertaut dengan akun Gitea Anda.
-account_links_not_available=Saat ini tidak ada akun eksternal yang tertaut ke akun Gitea ini.
 link_account=Tautan Akun
 remove_account_link=Hapus Akun Tertaut
 remove_account_link_desc=Menghapus akun tertaut akan membuat akun itu tidak bisa mengakses akun Gitea Anda. Lanjutkan?
@@ -645,7 +626,6 @@ migrate.permission_denied=Anda tidak diizinkan untuk mengimpor repositori lokal.
 migrate.failed=Migrasi gagal: %v
 migrated_from=Termigrasi dari <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Termigrasi Dari %[1]s
-migrate.migrating=Memigrasi dari <b>%s</b> ...
 migrate.migrating_failed=Migrasi dari <b>%s</b> gagal.
 
 mirror_from=duplikat dari
@@ -685,7 +665,6 @@ file_view_raw=Lihat Mentah
 file_permalink=Permalink
 file_too_large=Berkas terlalu besar untuk ditampilkan.
 
-stored_lfs=Tersimpan dengan GIT LFS
 commit_graph=Grafik Komit
 blame=Salahkan
 normal_view=Pandangan Normal
@@ -718,6 +697,7 @@ editor.new_branch_name_desc=Nama branch baru…
 editor.cancel=Membatalkan
 editor.no_changes_to_show=Tidak ada perubahan untuk ditampilkan.
 
+
 commits.commits=Melakukan
 commits.author=Penulis
 commits.message=Pesan
@@ -771,7 +751,6 @@ issues.filter_type.mentioning_you=Menyebutkan anda
 issues.filter_sort=Sortir
 issues.filter_sort.latest=Terbaru
 issues.filter_sort.oldest=Terlama
-issues.filter_sort.recentupdate=Baru saja diperbarui
 issues.filter_sort.leastupdate=Baru diperbarui
 issues.filter_sort.mostcomment=Komentar terbanyak
 issues.filter_sort.leastcomment=Komentar paling sedikit
@@ -928,7 +907,6 @@ activity.published_release_label=Dikeluarkan
 contributors.contribution_type.commits=Melakukan
 
 settings=Pengaturan
-settings.desc=Pengaturan dimana anda dapat mengelola pengaturan untuk repositori
 settings.options=Repositori
 settings.collaboration.write=Tulis
 settings.collaboration.read=Baca
@@ -956,7 +934,6 @@ settings.delete_notices_1=- Operasi ini <strong>TIDAK BISA</strong> dibatalkan.
 settings.delete_collaborator=Menghapus
 settings.teams=Tim
 settings.add_webhook=Tambahkan Webhook
-settings.webhook.test_delivery=Percobaan Pengiriman
 settings.webhook.request=Permintaan
 settings.webhook.response=Tanggapan
 settings.webhook.headers=Tajuk
@@ -1056,10 +1033,11 @@ settings.visibility.private_shortname=Pribadi
 
 settings.update_settings=Perbarui Setelan
 settings.update_setting_success=Pengaturan organisasi telah diperbarui.
+
+
 settings.delete=Menghapus Organisasi
 settings.delete_account=Menghapus Organisasi Ini
 settings.confirm_delete_account=Konfirmasi Penghapusan
-settings.delete_org_title=Menghapus Organisasi
 settings.hooks_desc=Tambahkan webhooks yang akan dipicu untuk <strong>semua repositori</strong> di bawah organisasi ini.
 
 
@@ -1219,8 +1197,6 @@ config.ssh_enabled=Aktif
 config.ssh_port=Port
 config.ssh_listen_port=Listen Port
 config.ssh_root_path=Path Induk
-config.ssh_key_test_path=Path Key Test
-config.ssh_keygen_path=Path Keygen ('ssh-keygen')
 config.ssh_minimum_key_size_check=Periksa ukuran kunci minimum
 config.ssh_minimum_key_sizes=Ukuran kunci minimum
 
@@ -1318,7 +1294,6 @@ monitor.queue.exemplar=Contoh Tipe
 monitor.queue.numberworkers=Jumlah Worker
 monitor.queue.maxnumberworkers=Jumlah Maks. Worker
 monitor.queue.settings.title=Pengaturan Kelompok
-monitor.queue.settings.maxnumberworkers=Jumlah Maks. Worker
 monitor.queue.settings.maxnumberworkers.error=Jumlah maks. worker haruslah sebuah angka
 monitor.queue.settings.submit=Perbarui Pengaturan
 monitor.queue.settings.changed=Pengaturan diperbarui
@@ -1397,8 +1372,12 @@ conan.details.repository=Repositori
 owner.settings.cleanuprules.enabled=Aktif
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Deskripsi
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_is-IS.ini b/options/locale/locale_is-IS.ini
index ee5eb4a7dd..1e4669e32b 100644
--- a/options/locale/locale_is-IS.ini
+++ b/options/locale/locale_is-IS.ini
@@ -39,7 +39,6 @@ webauthn_use_twofa=Notaðu tveggja-þátta kóða úr símanum þínum
 webauthn_error=Gat ekki lesið öryggislykilinn þinn.
 webauthn_unsupported_browser=Vafrinn þinn styður ekki WebAuthn eins og er.
 webauthn_error_unknown=Óþekkt villa kom upp. Vinsamlegast reyndu aftur.
-webauthn_error_insecure=WebAuthn styður aðeins öruggar tengingar. Til að prófa yfir HTTP geturðu notað upprunann „localhost“ eða „127.0.0.1“
 webauthn_error_unable_to_process=Netþjónninn gat ekki ráðið við beiðni þína.
 webauthn_error_duplicated=Öryggislykillinn er ekki leyfður fyrir þessa beiðni. Gakktu úr skugga um að lykillinn sé ekki þegar skráður.
 webauthn_error_empty=Þú verður að setja nafn fyrir þennan lykil.
@@ -160,16 +159,10 @@ path=Slóð
 sqlite_helper=Skráarslóð fyrir SQLite3 gagnagrunninn.<br>Sláðu inn algjöra slóð ef þú keyrir Gitea sem þjónustu.
 reinstall_error=Þú ert að reyna að setja upp í núverandi Gitea gagnagrunn
 reinstall_confirm_message=Enduruppsetning með núverandi Gitea gagnagrunni getur valdið mörgum vandamálum. � flestum tilfellum ættir þú að nota núverandi "app.ini" til að keyra Gitea. Ef þú veist hvað þú ert að gera skaltu staðfesta eftirfarandi:
-reinstall_confirm_check_1=Gögnin sem eru dulkóðuð með SECRET_KEY í app.ini gætu glatast: notendur gætu hugsanlega ekki skráð sig inn með 2FA/OTP og speglar virka kannski ekki rétt. Með því að haka við þennan reit staðfestirðu að núverandi app.ini skrá inniheldur réttan SECRET_KEY.
-reinstall_confirm_check_2=Hugbúnaðarsöfn og stillingar gætu þurft að endursamstilla. Með því að haka við þennan reit staðfestir þú að þú endursamstillir krókana fyrir hugbúnaðarsöfn og authorized_keys skrána handvirkt. Þú staðfestir að þú tryggir að hugbúnaðarsafns- og spegilstillingar séu réttar.
 reinstall_confirm_check_3=Þú staðfestir að þú sért alveg viss um að þetta Gitea sé í gangi með réttri app.ini staðsetningu og að þú sért viss um að þú þurfir að setja það upp aftur. Þú staðfestir að þú viðurkennir ofangreindar áhættur.
 err_empty_db_path=SQLite3 gagnagrunnsslóðin má ekki vera tóm.
 no_admin_and_disable_registration=Þú getur ekki slökkt á sjálfsskráningu notenda án þess að búa til stjórnandanotanda.
 err_empty_admin_password=Lykilorð stjórnanda má ekki vera tómt.
-err_empty_admin_email=Netfang stjórnanda má ekki vera tómt.
-err_admin_name_is_reserved=Notandanafn stjórnanda er ógilt. Notandanafnið er frátekið
-err_admin_name_pattern_not_allowed=Notandanafn stjórnanda er ógilt. Notandanafnið passar við frátekið mynstur
-err_admin_name_is_invalid=Notandanafn Stjórnanda er ógilt
 
 general_title=Almennar Stillingar
 app_name=Heiti vefsvæðis
@@ -184,7 +177,6 @@ domain_helper=Lén eða hýsilfang fyrir netþjóninn.
 ssh_port=SSH Netþjónsgátt
 ssh_port_helper=Gátt sem SSH þjónninn þinn hlustar á. Skildu eftir tómt til að slökkva á.
 http_port=Gitea HTTP Hlustunargátt
-http_port_helper=Gátt sem Gitea vefþjónninn mun hlusta á.
 app_url=Grunnvefslóð Gitea
 app_url_helper=Grunnvistfang fyrir HTTP(S) afrit slóð og tölvupósttilkynningar.
 log_root_path=Slóð Annáls
@@ -256,7 +248,6 @@ forgot_password=Gleymdirðu Lykilorðinu?
 must_change_password=Uppfærðu lykilorðið þitt
 active_your_account=Virkjaðu Aðganginn Þinn
 account_activated=Aðgangur hefur verið virkjaður
-prohibit_login=Nýskráningar Óheimilar
 has_unconfirmed_mail=Halló, %s, þú ert með óstaðfest netfang (<b>%s</b>). Ef þú hefur ekki fengið staðfestingarpóst eða þarft nýjan, vinsamlegast smelltu á hnappinn hér að neðan.
 resend_mail=Smelltu hér til að endursenda virkjunarpóstinn þinn
 send_reset_mail=Senda Tölvupóst Til að Endurheimta Reikning
@@ -275,8 +266,6 @@ oauth_signin_tab=Tengja Núverandi Reikning
 oauth_signin_submit=Tengja Notanda
 openid_connect_submit=Tengjast
 openid_register_title=Skrá nýjan notanda
-disable_forgot_password_mail=Endurheimting reiknings er óvirk vegna þess að enginn tölvupóstur er uppsettur. Vinsamlegast hafðu samband við síðustjórann þinn.
-disable_forgot_password_mail_admin=Endurheimting reiknings er aðeins virk þegar tölvupóstur er uppsettur. Vinsamlegast settu upp tölvupóst til að virkja endurheimting reikningar.
 authorize_application=Heimilda Forrit
 authorize_application_created_by=Þetta forrit var stofnað af %s.
 authorize_title=Veita „%s“ aðgang að reikningnum þínum?
@@ -298,8 +287,6 @@ activate_email=Staðfestu netfangið þitt
 activate_email.text=Vinsamlegast smelltu á eftirfarandi tengil til að staðfesta netfangið þitt innan <b>%s</b>:
 
 register_notify.title=%[1]s, velkomin(n) í %[2]s
-register_notify.text_1=þetta er staðfestingarpóstur þinn fyrir skráningu á %s!
-register_notify.text_2=Þú getur nú skráð þig inn með notandanafni: %s.
 register_notify.text_3=Ef þessi reikningur hefur verið búinn til fyrir þig, vinsamlegast <a href="%s">stilltu lykilorðið þitt</a> fyrst.
 
 reset_password=Endurheimta reikning þinn
@@ -334,7 +321,6 @@ release.download.targz=Frumkóði (TAR.GZ)
 repo.transfer.subject_to=%s langar að flytja „%s“ til %s
 repo.transfer.subject_to_you=%s langar að flytja „%s“ til þín
 repo.transfer.to_you=þig
-repo.transfer.body=Til að samþykkja eða hafna því skaltu fara á %s eða hunsa það bara.
 
 repo.collaborator.added.subject=%s bætti þér við í %s
 repo.collaborator.added.text=Þér hefur verið bætt við sem aðila hugbúnaðarsafns:
@@ -479,7 +465,6 @@ activate_email=Senda Virkjun
 activations_pending=Virkjanir í Bið
 delete_email=Fjarlægja
 email_deletion=Fjarlægja Netfang
-email_deletion_desc=Netfangið og tengdar upplýsingar verða fjarlægðar af reikningnum þínum. Git framlög með þessu netfangi verða óbreyttar. Halda áfram?
 email_deletion_success=Netfangið hefur verið fjarlægt.
 theme_update_success=Þeman þín var uppfærð.
 theme_update_error=Valin þema er ekki til.
@@ -667,7 +652,6 @@ file_view_source=Skoða Frumkóða
 file_view_rendered=Skoða Unnið
 
 file_copy_permalink=Afrita Varanlega Slóð
-stored_lfs=Geymt með Git LFS
 commit_graph.hide_pr_refs=Fela Sameiningarbeiðnir
 commit_graph.monochrome=Einlitað
 commit_graph.color=Litað
@@ -690,7 +674,7 @@ editor.create_new_branch=Búðu til <strong>nýja grein</strong> og sameiningarb
 editor.create_new_branch_np=Búðu til <strong>nýja grein</strong> fyrir þetta framlag.
 editor.new_branch_name_desc=Heiti nýjar greinar…
 editor.cancel=Hætta við
-editor.fail_to_update_file_summary=Villuskilaboð:
+
 
 commits.commits=Framlög
 commits.author=Höfundur
@@ -758,7 +742,6 @@ issues.filter_type.mentioning_you=Minnast á þig
 issues.filter_sort=Raða
 issues.filter_sort.latest=Nýjustu
 issues.filter_sort.oldest=Elstu
-issues.filter_sort.recentupdate=Nýlega uppfærð
 issues.filter_sort.leastupdate=Síðast uppfærð
 issues.filter_sort.mostcomment=Flest ummæli
 issues.filter_sort.leastcomment=Fæst ummæli
@@ -1003,7 +986,6 @@ settings.tracker_issue_style.numeric=Tölugildi
 settings.danger_zone=Hættusvæði
 settings.convert_notices_1=Þessi aðgerð mun breyta speglinum í venjulegt hugbúnaðarsafn og ekki er hægt að afturkalla hana.
 settings.transfer=Flytja Eignarhald
-settings.trust_model.collaboratorcommitter.desc=Gildar undirskriftir frá samstarfsaðilum hugbúnaðarsafnsins verða merktar „traust“ ef þær passa við framlagandan. Að öðrum kosti verða gildar undirskriftir merktar „ótraust“ ef undirskriftin passar við framlagandan og „ósamþykkt“ að öðru leyti. Þetta mun neyða Gitea til að vera merkt sem framlagandi á undirrituðum framlögum með raunverulega framlagandan merktan sem Co-Authored-By: og Co-Committed-By: í framlaginu. Sjálfgefinn Gitea lykill verður að passa við notanda í gagnagrunninum.
 settings.wiki_delete_desc=Að eyða handbókargögn er varanlegt og ekki er hægt að afturkalla það.
 settings.delete=Eyða Þetta Hugbúnaðarsafn
 settings.delete_desc=Að eyða hugbúnaðarsafni er varanlegt og ekki er hægt að afturkalla það.
@@ -1028,11 +1010,9 @@ settings.event_release=Útgáfa
 settings.event_push=Push
 settings.event_repository=Hugbúnaðarsafn
 settings.event_issues=Vandamál
-settings.event_issues_desc=Vandamál opið, lokað, enduropnað eða breytt.
 settings.event_issue_label=Vandamál Lýst
 settings.event_issue_comment=Ummæli um Vandamál
 settings.event_pull_request=Sameiningarbeiðni
-settings.event_pull_request_desc=Sameiningarbeiðni opnuð, lokuð, enduropnuð eða breytt.
 settings.active=Virkt
 settings.update_webhook=Uppfæra Vefkrók
 settings.slack_token=Táknlykill
@@ -1119,6 +1099,8 @@ settings.visibility.private_shortname=Einka
 settings.update_settings=Uppfæra Stillingar
 
 
+
+
 members.private=Faldir
 members.owner=Eigandi
 members.member=Meðlimur
@@ -1174,9 +1156,7 @@ users.list_status_filter.not_prohibit_login=Leyfa Innskráningu
 users.list_status_filter.not_2fa_enabled=Tvíþætt Auðkenning Óvirk
 
 emails.primary=Aðal
-emails.filter_sort.email=Tölvupóstur
 emails.filter_sort.name=Notandanafn
-emails.updated=Netfang uppfært
 
 orgs.name=Heiti
 orgs.teams=Lið
@@ -1326,8 +1306,12 @@ npm.details.tag=Merki
 pypi.requires=Þarfnast Python
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Lýsing
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_it-IT.ini b/options/locale/locale_it-IT.ini
index 3ce5a6770f..f6616418ad 100644
--- a/options/locale/locale_it-IT.ini
+++ b/options/locale/locale_it-IT.ini
@@ -40,7 +40,6 @@ webauthn_use_twofa=Usa un codice a due fattori dal tuo telefono
 webauthn_error=Impossibile leggere la tua chiave di sicurezza.
 webauthn_unsupported_browser=Il tuo browser al momento non supporta WebAuthn.
 webauthn_error_unknown=Si è verificato un errore sconosciuto. Riprova.
-webauthn_error_insecure=`WebAuthn supporta solo connessioni sicure. Per il test su HTTP, è possibile utilizzare l'origine "localhost" o "127.0.0.1"`
 webauthn_error_unable_to_process=Il server non può elaborare la richiesta.
 webauthn_error_duplicated=La chiave di sicurezza non è consentita per questa richiesta. Assicurati che la chiave non sia già registrata.
 webauthn_error_empty=Devi impostare un nome per questa chiave.
@@ -166,16 +165,10 @@ path=Percorso
 sqlite_helper=Percorso file del database SQLite3.<br>Inserisci un percorso assoluto se stai usando Gitea come servizio.
 reinstall_error=Stai cercando di installare in un database Gitea esistente
 reinstall_confirm_message=La reinstallazione con un database Gitea esistente può causare problemi multipli. Nella maggior parte dei casi, dovresti usare il tuo "app.ini" esistente per eseguire Gitea. Se sai cosa stai facendo, confermi quanto segue:
-reinstall_confirm_check_1=I dati crittografati da SECRET_KEY nell'app. ni potrebbe essere perso: gli utenti potrebbero non essere in grado di accedere con 2FA/OTP & mirror potrebbe non funzionare correttamente. Selezionando questa casella confermi che il file attuale app.ini contiene il corretto SECRET_KEY.
-reinstall_confirm_check_2=I repository e le impostazioni potrebbero avere bisogno di essere ri-sincronizzati. Selezionando questa casella confermi che potrai risincronizzare manualmente gli hook per i repository e il file authorized_keys. Confermi che assicurerai che le impostazioni del repository e del mirror siano corrette.
 reinstall_confirm_check_3=Confermi di essere assolutamente sicuro che questo Gitea è in esecuzione con l'app corretta. ni posizione e che sei sicuro di dover reinstallare. Confermi di aver riconosciuto i rischi di cui sopra.
 err_empty_db_path=Il percorso del database SQLite3 non può essere vuoto.
 no_admin_and_disable_registration=Non puoi disabilitare l'auto-registrazione degli utenti senza creare un account amministratore.
 err_empty_admin_password=La password dell'amministratore non può essere vuota.
-err_empty_admin_email=L'email dell'amministratore non può essere vuota.
-err_admin_name_is_reserved=Nome utente Administrator non valido, nome utente riservato
-err_admin_name_pattern_not_allowed=Nome utente dell'amministratore non valido. Il nome utente fornito corrisponde ad un pattern riservato
-err_admin_name_is_invalid=Il nome utente Administrator non è valido
 
 general_title=Impostazioni Generali
 app_name=Titolo del Sito
@@ -190,7 +183,6 @@ domain_helper=Dominio o indirizzo host per il server.
 ssh_port=Porta Server SSH
 ssh_port_helper=Numero di porta in ascolto sul server SSH. Lasciare vuoto per disattivare.
 http_port=Porta in ascolto HTTP Gitea
-http_port_helper=Numero della porta sul quale i server web Gitea ascolteranno.
 app_url=URL di base di Gitea
 app_url_helper=URL di base per gli HTTP(S) clone URLs e notifiche email.
 log_root_path=Percorso dei log
@@ -298,7 +290,6 @@ allow_password_change=Richiede all'utente di cambiare la password (scelta consig
 reset_password_mail_sent_prompt=Una email di conferma è stata inviata a <b>%s</b>. Per favore controlla la tua posta in arrivo nelle prossime %s per completare il processo di reset della password.
 active_your_account=Attiva il tuo Account
 account_activated=L'account è stato attivato
-prohibit_login=Accesso proibito
 resent_limit_prompt=Hai già richiesto un'e-mail d'attivazione recentemente. Si prega di attenere 3 minuti e poi riprovare.
 has_unconfirmed_mail=Ciao %s, hai un indirizzo di posta elettronica non confermato (<b>%s</b>). Se non hai ricevuto una e-mail di conferma o vuoi riceverla nuovamente, fare clic sul pulsante qui sotto.
 resend_mail=Clicca qui per inviare nuovamente l'e-mail di attivazione
@@ -330,13 +321,10 @@ openid_connect_title=Connetti a una conta esistente
 openid_connect_desc=L'URI OpenID scelto è sconosciuto. Qui puoi associarlo a un nuovo account.
 openid_register_title=Crea Nuovo Account
 openid_register_desc=L'URI OpenID scelto è sconosciuto. Qui puoi associarlo a un nuovo account.
-disable_forgot_password_mail=Il recupero dell'account è disabilitato perché non è stata impostata alcuna email. Contatta l'amministratore del sito.
-disable_forgot_password_mail_admin=Il recupero dell'account è disponibile solo quando l'email è impostata. Si prega di impostare un'email per abilitare il recupero dell'account.
 email_domain_blacklisted=Non è possibile registrarsi con il proprio indirizzo email.
 authorize_application=Autorizza applicazione
 authorize_redirect_notice=Verrai reindirizzato a %s se autorizzi questa applicazione.
 authorize_application_created_by=Questa applicazione è stata creata da %s.
-authorize_application_description=Se concedi l'accesso, l'app sarà in grado di accedere e modificare tutte le informazioni del tuo account, inclusi i repository privati e le organizzazioni.
 authorize_title=Vuoi autorizzare "%s" ad accedere al tuo account?
 authorization_failed=Autorizzazione fallita
 sspi_auth_failed=Autenticazione SSPI fallita
@@ -356,8 +344,6 @@ activate_email=Verifica il tuo indirizzo e-mail
 activate_email.text=Clicca sul seguente link per verificare il tuo indirizzo email entro <b>%s</b>:
 
 register_notify.title=%[1]s, benvenuto in %[2]s
-register_notify.text_1=questa è la tua email di conferma di registrazione per %s!
-register_notify.text_2=Ora è possibile accedere tramite nome utente: %s.
 register_notify.text_3=Se questo account è stato creato per te, per favore <a href="%s">imposta prima la tua password</a>.
 
 reset_password=Recupera il tuo account
@@ -395,7 +381,6 @@ release.download.targz=Codice Sorgente (Tar.Gz)
 repo.transfer.subject_to=%s vorrebbe trasferire "%s" a %s
 repo.transfer.subject_to_you=%s vorrebbe trasferire "%s" a te
 repo.transfer.to_you=tu
-repo.transfer.body=Per accettare o respingerla visita %s o semplicemente ignorarla.
 
 repo.collaborator.added.subject=%s ti ha aggiunto a %s
 repo.collaborator.added.text=Sei stato aggiunto come collaboratore del repository:
@@ -450,11 +435,9 @@ username_change_not_local_user=Gli utenti non locali non sono autorizzati a modi
 repo_name_been_taken=Il nome del repository esiste già.
 repository_force_private=Force Private è abilitato: i repository privati non possono essere resi pubblici.
 repository_files_already_exist=File già esistenti per questo repository. Contatta l'amministratore di sistema.
-repository_files_already_exist.adopt=I file esistono già per questo repository e possono essere solo Adottati.
 repository_files_already_exist.delete=I file esistono già per questo repository. È necessario eliminarli.
 repository_files_already_exist.adopt_or_delete=I file esistono già per questo repository. O li Adotti o li Elimini.
 visit_rate_limit=La visita remota ha segnalato un limite raggiunto.
-2fa_auth_required=La visita remota ha richiesto l'autenticazione a due fattori.
 org_name_been_taken=Il nome della organizzazione esiste già.
 team_name_been_taken=Il nome del team esiste già.
 team_no_units_error=Consenti l'accesso ad almeno una sezione del repository.
@@ -581,7 +564,6 @@ activate_email=Invia Attivazione
 activations_pending=Attivazioni in sospeso
 delete_email=Rimuovi
 email_deletion=Rimuovi indirizzo Email
-email_deletion_desc=L'indirizzo email e le relativa informazioni verranno rimosse dal tuo account. I Git commits di questa email rimarranno invariati. Continuare?
 email_deletion_success=L'indirizzo email è stato eliminato.
 theme_update_success=Il tema è stato aggiornato.
 theme_update_error=Il tema selezionato non esiste.
@@ -622,7 +604,6 @@ gpg_key_matched_identities_long=Le identità incorporate in questa chiave corris
 gpg_key_verified=Chiave Verificata
 gpg_key_verified_long=La chiave è stata verificata con un token e può essere utilizzata per verificare che i commit corrispondano a tutti gli indirizzi email attivati per questo utente oltre a qualsiasi identità corrispondente per questa chiave.
 gpg_key_verify=Verifica
-gpg_invalid_token_signature=La chiave GPG fornita, la firma e il token non corrispondono o il token è obsoleto.
 gpg_token_required=Devi fornire una firma per il token sottostante
 gpg_token=Token
 gpg_token_help=È possibile generare una firma utilizzando:
@@ -631,7 +612,6 @@ key_signature_gpg_placeholder=Comincia con '-----BEGIN PGP SIGNATURE-----'
 ssh_key_verified=Chiave Verificata
 ssh_key_verified_long=La chiave è stata verificata con un token e può essere utilizzata per verificare che i commit corrispondano a tutti gli indirizzi email attivati per questo utente.
 ssh_key_verify=Verifica
-ssh_invalid_token_signature=La chiave SSH fornita, la firma o il token non corrispondono o il token è obsoleto.
 ssh_token_required=Devi fornire una firma per il token sottostante
 ssh_token=Token
 ssh_token_help=È possibile generare una firma utilizzando:
@@ -648,7 +628,6 @@ gpg_key_deletion=Rimuovi chiave GPG
 ssh_principal_deletion=Rimuovi certificato SSH principale
 ssh_key_deletion_desc=Rimuovere una chiave SSH ne revoca l'accesso al tuo account. Continuare?
 gpg_key_deletion_desc=La rimozione di una chiave GPG invalida i commits firmati da essa. Continuare?
-ssh_principal_deletion_desc=Rimuovere un Certificato Utente SSH ne revoca l'accesso al tuo account. Continuare?
 ssh_key_deletion_success=La chiave SSH è stata rimossa.
 gpg_key_deletion_success=La chiave GPG è stata rimossa.
 ssh_principal_deletion_success=Il principale è stato rimosso.
@@ -703,12 +682,10 @@ oauth2_application_create_description=OAuth2 da l'accesso al tuo account di ques
 authorized_oauth2_applications=Applicazioni OAuth2 autorizzate
 revoke_key=Revoca
 revoke_oauth2_grant=Revoca accesso
-revoke_oauth2_grant_description=Revocando l'accesso a questa applicazione di terze parti impedirá l'accesso ai tuoi dati. Sei sicuro?
 
 twofa_is_enrolled=La verifica in due passaggi è attualmente <strong>abilitata</strong> sul tuo account.
 twofa_not_enrolled=La verifica in due passaggi al momento non è abilitata sul tuo account.
 twofa_disable=Disattiva la verifica in due passaggi
-twofa_enroll=Iscriviti alla verifica in due passaggi
 twofa_disable_note=Se necessario, è possibile disattivare la verifica in due passaggi.
 twofa_disable_desc=Disattivare la verifica in due passaggi renderà il tuo account meno sicuro. Continuare?
 twofa_disabled=L'autenticazione a due fattori è stata disattivata.
@@ -721,11 +698,9 @@ twofa_failed_get_secret=Impossibile ottenere il segreto.
 webauthn_register_key=Aggiungi Chiave Di Sicurezza
 webauthn_nickname=Soprannome
 webauthn_delete_key=Rimuovi Chiave Di Sicurezza
-webauthn_delete_key_desc=Se si rimuove una chiave di sicurezza non è più possibile accedere con esso. Continuare?
 
 manage_account_links=Gestisci gli account collegati
 manage_account_links_desc=Questi account esterni sono collegati al tuo account Gitea.
-account_links_not_available=Attualmente non è collegato alcun account esterno al tuo account Gitea.
 link_account=Collega Account
 remove_account_link=Rimuovi account collegato
 remove_account_link_desc=Rimuovere un account collegato ne revoca l'accesso al tuo account Gitea. Continuare?
@@ -808,7 +783,6 @@ mirror_address_desc=Metti tutte le credenziali richieste nella sezione Autorizza
 mirror_lfs=Large File Storage (LFS)
 mirror_lfs_desc=Attiva il mirroring dei dati LFS.
 mirror_lfs_endpoint=Punto d'accesso LFS
-mirror_lfs_endpoint_desc=La sincronizzazione tenterà di utilizzare l'url clone per <a target="_blank" rel="noopener noreferrer" href="%s">determinare il server LFS</a>. È inoltre possibile specificare un endpoint personalizzato se il repository dati LFS è memorizzato da qualche altra parte.
 mirror_last_synced=Ultima sincronizzazione
 mirror_password_placeholder=(Inmodificato)
 mirror_password_blank_placeholder=(Disattivato)
@@ -819,7 +793,6 @@ forks=Fork
 reactions_more=e %d più
 unit_disabled=L'amministratore ha disabilitato questa sezione del repository.
 language_other=Altro
-adopt_search=Inserisci il nome utente per cercare i repository non adottati... (lascia vuoto per trovare tutti)
 adopt_preexisting_label=Adotta File
 adopt_preexisting=Adottare file preesistenti
 adopt_preexisting_content=Crea repository da %s
@@ -876,17 +849,14 @@ migrate_items_releases=Rilasci
 migrate_repo=Migra Repository
 migrate.clone_address=Migra / Clona da URL
 migrate.clone_address_desc=URL HTTP (S) o Git 'clone' di un repository esistente
-migrate.github_token_desc=È possibile mettere uno o più token con virgola separati qui per rendere la migrazione più veloce a causa del limite di velocità API GitHub. ATTENZIONE: L'abuso di questa funzione potrebbe violare la politica del fornitore di servizi e portare al blocco dell'account.
 migrate.clone_local_path=o un percorso del server locale
 migrate.permission_denied=Non è consentito importare repository locali.
-migrate.permission_denied_blocked=Non è possibile importare da host non consentiti, si prega di chiedere all'amministratore di controllare ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS impostazioni.
 migrate.invalid_lfs_endpoint=Il punto d'accesso LFS non è valido.
 migrate.failed=Migrazione non riuscita: %v
 migrate.migrate_items_options=Il Token di accesso è richiesto per migrare elementi aggiuntivi
 migrated_from=Migrato da <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrato da %[1]s
 migrate.migrate=Migra da %s
-migrate.migrating=Migrazione da <b>%s</b>...
 migrate.migrating_failed=Migrazione da <b>%s</b> fallita.
 migrate.migrating_failed_no_addr=Migrazione non riuscita.
 migrate.github.description=Migrare i dati da github.com o da altre istanze di GitHub.
@@ -923,7 +893,6 @@ quick_guide=Guida rapida
 clone_this_repo=Clona questo repository
 create_new_repo_command=Creazione di un nuovo repository da riga di comando
 push_exist_repo=Push di un repository esistente da riga di comando
-empty_message=Questo repository non contiene alcun contenuto.
 broken_message=I dati Git sottostanti a questo repository non possono essere letti. Contattare l'amministratore di questa istanza o eliminare questo repository.
 
 code=Codice
@@ -940,7 +909,6 @@ pulls=Pull Requests
 projects=Progetti
 packages=Pacchetti
 labels=Etichette
-org_labels_desc=Etichette a livello di organizzazione che possono essere utilizzate con <strong>tutti i repository</strong> sotto questa organizzazione
 org_labels_desc_manage=gestisci
 
 milestone=Traguardo
@@ -967,7 +935,6 @@ file_copy_permalink=Copia Permalink
 view_git_blame=Visualizza Git Blame
 video_not_supported_in_browser=Il tuo browser non supporta i tag "video" di HTML5.
 audio_not_supported_in_browser=Il tuo browser non supporta il tag "video" di HTML5.
-stored_lfs=Memorizzati con Git LFS
 symbolic_link=Link Simbolico
 commit_graph=Grafico dei commit
 commit_graph.select=Seleziona rami
@@ -1015,7 +982,6 @@ editor.file_changed_while_editing=I contenuti di questo file hanno subito dei ca
 editor.commit_empty_file_header=Commit di un file vuoto
 editor.commit_empty_file_text=Il file che stai per effettuare il commit è vuoto. Procedere?
 editor.no_changes_to_show=Non ci sono cambiamenti da mostrare.
-editor.fail_to_update_file_summary=Messaggio d'errore:
 editor.push_rejected_no_message=La modifica è stata rifiutata dal server senza un messaggio. Controlla Git Hooks.
 editor.push_rejected=La modifica è stata rifiutata dal server. Controlla Git Hooks.
 editor.push_rejected_summary=Messaggio Di Rifiuto Completo:
@@ -1026,6 +992,7 @@ editor.require_signed_commit=Il branch richiede un commit firmato
 editor.cherry_pick=Cherry-pick %s suto:
 editor.revert=Ripristina %s su:
 
+
 commits.desc=Sfoglia la cronologia di modifiche del codice rogente.
 commits.commits=Commit
 commits.nothing_to_compare=Questi rami sono uguali.
@@ -1143,7 +1110,6 @@ issues.filter_milestone=Traguardo
 issues.filter_project=Progetto
 issues.filter_project_none=Nessun progetto
 issues.filter_assignee=Assegnatario
-issues.filter_assginee_no_assignee=Nessun assegnatario
 issues.filter_poster=Autore
 issues.filter_type=Tipo
 issues.filter_type.all_issues=Tutti i problemi
@@ -1154,7 +1120,6 @@ issues.filter_type.review_requested=Richiesta revisione
 issues.filter_sort=Ordina
 issues.filter_sort.latest=Più recenti
 issues.filter_sort.oldest=Più vecchi
-issues.filter_sort.recentupdate=Aggiornati di recente
 issues.filter_sort.leastupdate=Aggiornati tempo fa
 issues.filter_sort.mostcomment=I più commentati
 issues.filter_sort.leastcomment=I meno commentati
@@ -1192,7 +1157,7 @@ issues.context.edit=Modifica
 issues.context.delete=Elimina
 issues.reopen_issue=Riapri
 issues.create_comment=Commento
-issues.closed_at=`chiuso questo probleam <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.closed_at=`ha chiuso questo problema <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.reopened_at=`riaperto questo problema <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.commit_ref_at=`ha fatto riferimento a questa issue dal commit <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_issue_from=`<a href="%[3]s">ha fatto riferimento a questo problema %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
@@ -1237,7 +1202,6 @@ issues.subscribe=Iscriviti
 issues.unsubscribe=Annulla iscrizione
 issues.lock=Blocca conversazione
 issues.unlock=Sblocca conversazione
-issues.lock.unknown_reason=Impossibile bloccare un problema con un motivo sconosciuto.
 issues.lock_duplicate=Un issue non può essere bloccato due volte.
 issues.unlock_error=Impossibile sbloccare un problema che non è bloccato.
 issues.lock_with_reason=ha bloccato come <strong>%s</strong> e limitato la conversazione ai collaboratori %s
@@ -1245,7 +1209,6 @@ issues.lock_no_reason=ha bloccato e limitato la conversazione ai collaboratori %
 issues.unlock_comment=ha sbloccato questa conversazione %s
 issues.lock_confirm=Blocca
 issues.unlock_confirm=Sblocca
-issues.lock.notice_1=- Altri utenti non possono aggiungere nuovi commenti a questo problema.
 issues.lock.notice_2=- Tu e altri collaboratori con accesso a questo repository potete ancora lasciare commenti che altri possono vedere.
 issues.lock.notice_3=- Puoi sempre sbloccare questo problema in futuro.
 issues.unlock.notice_1=- Tutti potranno commentare nuovamente questo problema.
@@ -1301,8 +1264,6 @@ issues.dependency.pr_closing_blockedby=La chiusura di questa pull request è blo
 issues.dependency.issue_closing_blockedby=La chiusura di questo problema è bloccata dai seguenti problemi
 issues.dependency.issue_close_blocks=Questo problema impedisce la chiusura dei seguenti problemi
 issues.dependency.pr_close_blocks=Questa richiesta di pull impedisce la chiusura dei seguenti problemi
-issues.dependency.issue_close_blocked=Devi chiudere tutte le anomalie che bloiccano questo problema prima di chiudelo.
-issues.dependency.pr_close_blocked=Chiudere tutte le anomalie che bloccano la richiesta di pull prima di effettaure il merge.
 issues.dependency.blocks_short=Blocchi
 issues.dependency.blocked_by_short=Dipende da
 issues.dependency.remove_header=Rimuovi Dipendenza
@@ -1313,12 +1274,10 @@ issues.dependency.add_error_same_issue=Non si può fare dipendere un problema da
 issues.dependency.add_error_dep_issue_not_exist=Il problema dipendente non esiste.
 issues.dependency.add_error_dep_not_exist=La dipendenza non esiste.
 issues.dependency.add_error_dep_exists=La dipendenza esiste già.
-issues.dependency.add_error_cannot_create_circular=Non puoi creare una dipendenza con due problemi che si bloccano a vicenda.
 issues.dependency.add_error_dep_not_same_repo=Entrambi i problemi devono essere nello stesso repository.
 issues.review.self.approval=Non puoi approvare la tua pull request.
 issues.review.self.rejection=Non puoi richiedere modifiche sulla tua pull request.
 issues.review.approve=hanno approvato queste modifiche %s
-issues.review.dismissed=recensione %s di %s respinta
 issues.review.dismissed_label=Respinta
 issues.review.left_comment=lascia un commento
 issues.review.content.empty=Devi lasciare un commento che indichi la modifica richiesta.
@@ -1326,7 +1285,6 @@ issues.review.reject=richieste modifiche %s
 issues.review.wait=è stato richiesto per la revisione %s
 issues.review.add_review_request=recensione richiesta da %s %s
 issues.review.remove_review_request=ha rimosso la richiesta di revisione per %s %s
-issues.review.remove_review_request_self=ha rifiutato di rivedere %s
 issues.review.pending=In sospeso
 issues.review.review=Revisiona
 issues.review.reviewers=Revisori
@@ -1339,7 +1297,6 @@ issues.review.resolve_conversation=Risolvi la conversazione
 issues.review.un_resolve_conversation=Segnala la conversazione come non risolta
 issues.review.resolved_by=ha contrassegnato questa conversazione come risolta
 issues.review.commented=Commentare
-issues.assignee.error=Non tutte le assegnazioni sono state aggiunte a causa di un errore imprevisto.
 issues.reference_issue.body=Corpo
 issues.content_history.deleted=eliminato
 issues.content_history.edited=modificato
@@ -1390,7 +1347,6 @@ pulls.add_prefix=Aggiungi prefisso <strong>%s</strong>
 pulls.remove_prefix=Rimuovi il prefisso <strong>%s</strong>
 pulls.data_broken=Questa pull request è rovinata a causa di informazioni mancanti del fork.
 pulls.files_conflicted=Questa pull request ha modifiche in conflitto con il branch di destinazione.
-pulls.is_checking=Verifica dei conflitti di merge in corso. Riprova tra qualche istante.
 pulls.is_ancestor=Questo ramo è già incluso nel ramo di destinazione. Non c'è nulla da unire.
 pulls.is_empty=Le modifiche di questo ramo sono già nel ramo di destinazione. Questo sarà un commit vuoto.
 pulls.required_status_check_failed=Alcuni controlli richiesti non hanno avuto successo.
@@ -1407,29 +1363,20 @@ pulls.reject_count_1=%d richiesta di cambiamento
 pulls.reject_count_n=%d richieste di cambiamento
 pulls.waiting_count_1=%d in attesa di revisione
 pulls.waiting_count_n=%d in attesa di revisione
-pulls.wrong_commit_id=l'id del commit deve essere un id del commit nel branch di destinazione
 
 pulls.no_merge_desc=Questa pull request non può essere unita perché tutte le opzioni di merge del repository sono disattivate.
 pulls.no_merge_helper=Attiva le opzioni di merge nelle impostazioni del repository o unisci la pull request manualmente.
 pulls.no_merge_wip=Questa pull request non può essere unita perché è contrassegnata come un lavoro in corso.
-pulls.no_merge_not_ready=Questa pull request non è pronta per il merge, controlla lo stato della revisione e i controlli di stato.
 pulls.no_merge_access=Non sei autorizzato ad effettuare il merge su questa pull request.
 pulls.merge_pull_request=Crea commit unito
-pulls.rebase_merge_pull_request=Ricostruisci poi manda avanti
-pulls.rebase_merge_commit_pull_request=Ricostruisci quindi crea commit unito
 pulls.squash_merge_pull_request=Crea commit mescolato
 pulls.merge_manually=Unito manualmente
 pulls.merge_commit_id=L'ID del commit di merge
 pulls.require_signed_wont_sign=Il branch richiede commit firmati ma questo merge non verrà firmato
 
 pulls.invalid_merge_option=Non puoi utilizzare questa opzione di merge per questa pull request.
-pulls.merge_conflict=Unione non riuscita: C'è stato un conflitto durante l'operazione. Suggerimento: Prova una strategia diversa
 pulls.merge_conflict_summary=Messaggio d'errore
-pulls.rebase_conflict=Merge non riuscito: c'è stato un conflitto durante il rebase dell'commit: %[1]s. Suggerimento: Prova una strategia diversa
 pulls.rebase_conflict_summary=Messaggio d'Errore
-pulls.unrelated_histories=Unione fallita: gli Head del ramo da unire e la base non condividono una storia cronologica in comune. Suggerimento: prova una strategia diversa
-pulls.merge_out_of_date=Unione fallita: Durante la generazione del merge, la base è stata aggiornata. Suggerimento: Riprova.
-pulls.head_out_of_date=Unione non riuscita: durante la generazione della fusione, la testa è stata aggiornata. Suggerimento: Riprova.
 pulls.push_rejected_summary=Messaggio Di Rifiuto Completo
 pulls.open_unmerged_pull_exists=`Non è possibile riaprire questa pull request perché ne esiste un'altra (#%d) con proprietà identiche.`
 pulls.status_checking=Alcuni controlli sono in sospeso
@@ -1559,7 +1506,6 @@ activity.title.releases_1=%d Release
 activity.title.releases_n=%d Release
 activity.title.releases_published_by=%s pubblicata da %s
 activity.published_release_label=Pubblicata
-activity.no_git_activity=In questo periodo non c'è stata alcuna attività di commit.
 activity.git_stats_exclude_merges=Escludendo i merge,
 activity.git_stats_author_1=%d autore
 activity.git_stats_author_n=%d autori
@@ -1584,7 +1530,6 @@ activity.git_stats_deletion_n=%d cancellazioni
 contributors.contribution_type.commits=Commit
 
 settings=Impostazioni
-settings.desc=Impostazioni ti permette di gestire le impostazioni del repository
 settings.options=Repository
 settings.collaboration=Collaboratori
 settings.collaboration.admin=Amministratore
@@ -1647,7 +1592,6 @@ settings.admin_indexer_commit_sha=Hash SHA dell'ultimo commit indicizzato
 settings.admin_indexer_unindexed=Non indicizzato
 settings.reindex_button=Aggiungi alla coda di re-indicizzazione
 settings.reindex_requested=Re-indicizzazione richiesta
-settings.admin_enable_close_issues_via_commit_in_any_branch=Chiudi un issue tramite un commit eseguito in un branch non predefinito
 settings.danger_zone=Zona Pericolosa
 settings.new_owner_has_same_repo=Il nuovo proprietario ha già un repository con lo stesso nome. Per favore scegli un altro nome.
 settings.convert=Converti in un repository regolare
@@ -1667,7 +1611,6 @@ settings.transfer_abort=Annulla trasferimento
 settings.transfer_abort_invalid=Non è possibile annullare un trasferimento di repository non esistente.
 settings.transfer_desc=Trasferisci questo repository a un altro utente o a un'organizzazione nella quale hai diritti d'amministratore.
 settings.transfer_form_title=Inserisci il nome del repository come conferma:
-settings.transfer_in_progress=Al momento c'è un trasferimento in corso. Si prega di annullarlo se si desidera trasferire questo repository a un altro utente.
 settings.transfer_notices_1=-Si perderà l'accesso al repository se lo si trasferisce ad un utente singolo.
 settings.transfer_notices_2=-Si manterrà l'accesso al repository se si trasferisce in un'organizzazione che possiedi (o condividi con qualcun'altro).
 settings.transfer_notices_3=- Se il repository è privato e viene trasferito a un singolo utente, questa azione si assicura che l'utente abbia almeno i permessi di lettura (e le modifiche se necessario).
@@ -1681,12 +1624,9 @@ settings.trust_model.default=Modello Di Fiducia Predefinito
 settings.trust_model.default.desc=Usa il modello di trust del repository predefinito per questa installazione.
 settings.trust_model.collaborator=Collaboratore
 settings.trust_model.collaborator.long=Collaboratore: Firme di fiducia da parte dei collaboratori
-settings.trust_model.collaborator.desc=Le firme valide da parte dei collaboratori di questo repository saranno contrassegnate con "trusted" (sia che corrispondano al committer o meno). Altrimenti, le firme valide saranno contrassegnate con "untrusted" se la firma corrisponde al committer e "unmatched" se non.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: firme affidabili che corrispondono ai committer (questo corrisponde a GitHub e costringerà i commit firmati di Gitea ad avere Gitea come committer)
 settings.trust_model.collaboratorcommitter=Collaboratore+Committer
 settings.trust_model.collaboratorcommitter.long=Collaboratore+Committer: Firme di fiducia da parte dei collaboratori che corrispondono al committer
-settings.trust_model.collaboratorcommitter.desc=Le firme valide da parte dei collaboratori di questa repository saranno contrassegnate "fidate" se corrispondono al committer. Altrimenti le firme saranno contrassegnate con "untrusted" se la firma corrisponde al committer non corrisponde. Questo costringerà Gitea a essere contrassegnato come committer su impegni firmati con l'effettivo committer contrassegnato come Co-Authored-By: e Co-Committed-By: nel commit. La chiave Gitea predefinita deve corrispondere a un utente nel database.
 settings.wiki_delete=Elimina dati Wiki
 settings.wiki_delete_desc=L'eliminazione dei dati della wiki del repository è permanente e non può essere annullata.
 settings.wiki_delete_notices_1=-Questa operazione eliminerà permanentemente e disabiliterà la wiki repository per %s.
@@ -1695,7 +1635,6 @@ settings.wiki_deletion_success=I dati della repository wiki sono stati eliminati
 settings.delete=Elimina questo repository
 settings.delete_desc=L'eliminazione di un repository è un'operazione permanente e non può essere annullata.
 settings.delete_notices_1=-Questa operazione <strong>NON PUÃ’</strong> essere annullata.
-settings.delete_notices_2=-Questa operazione eliminerà definitivamente il repository <strong>%s</strong> inclusi codice, issue, commenti, dati wiki e impostazioni collaboratore.
 settings.delete_notices_fork_1=-I fork di questo repository diventeranno indipendenti dopo la cancellazione.
 settings.deletion_success=Il repository è stato eliminato.
 settings.update_settings_success=Le impostazioni del repository sono state aggiornate.
@@ -1714,8 +1653,6 @@ settings.team_not_in_organization=Il team non è nella stessa organizzazione del
 settings.teams=Gruppi
 settings.add_team=Aggiungi Squadra
 settings.add_team_duplicate=Il team ha già il repository
-settings.add_team_success=Il team ha ora accesso al repository.
-settings.change_team_permission_tip=Il permesso del team è impostato sulla pagina delle impostazioni del team e non può essere modificato per repository
 settings.delete_team_tip=Questo team ha accesso a tutte le repository e non può essere rimosso
 settings.remove_team_success=L'accesso del team al repository è stato rimosso.
 settings.add_webhook=Aggiungi Webhook
@@ -1724,8 +1661,6 @@ settings.hooks_desc=I Webhook effettuano automaticamente richieste HTTP POST ad
 settings.webhook_deletion=Rimuovi Webhook
 settings.webhook_deletion_desc=Rimuovere un webhook rimuove le sue impostazioni e la sua cronologia di consegna. Continuare?
 settings.webhook_deletion_success=Il webhook è stato rimosso.
-settings.webhook.test_delivery=Test di consegna
-settings.webhook.test_delivery_desc=Prova questo webhook con un evento falso.
 settings.webhook.request=Richiesta
 settings.webhook.response=Risposta
 settings.webhook.headers=Intestazioni
@@ -1768,7 +1703,6 @@ settings.event_repository=Repository
 settings.event_repository_desc=Repository creato o eliminato.
 settings.event_header_issue=Eventi dei Problemi
 settings.event_issues=Issues
-settings.event_issues_desc=Issue aperto, chiuso, riaperto o modificato.
 settings.event_issue_assign=Issue Assegnato
 settings.event_issue_assign_desc=Issue assegnata o non assegnata.
 settings.event_issue_label=Issue etichettato
@@ -1779,7 +1713,6 @@ settings.event_issue_comment=Commento Issue
 settings.event_issue_comment_desc=Commento issue creato, modificato o rimosso.
 settings.event_header_pull_request=Eventi di Pull Request
 settings.event_pull_request=Pull Request
-settings.event_pull_request_desc=Pull request aperta, chiusa, riaperta o modificata.
 settings.event_pull_request_assign=Pull Request assegnata
 settings.event_pull_request_assign_desc=Pull request assegnata o non assegnata.
 settings.event_pull_request_label=Pull Request etichettata
@@ -1903,11 +1836,9 @@ settings.lfs_invalid_locking_path=Percorso non valido: %s
 settings.lfs_invalid_lock_directory=Impossibile bloccare la cartella: %s
 settings.lfs_lock_already_exists=Il blocco esiste già: %s
 settings.lfs_lock=Blocca
-settings.lfs_lock_path=Percorso file da bloccare...
 settings.lfs_locks_no_locks=Nessun blocco
 settings.lfs_lock_file_no_exist=Il file bloccato non esiste nel ramo predefinito
 settings.lfs_force_unlock=Sblocco forzato
-settings.lfs_pointers.found=Trovati %d puntatori blob - %d associati, %d non associati (%d mancanti dalla memoria)
 settings.lfs_pointers.sha=SHA Blob
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Nel repo
@@ -2082,14 +2013,13 @@ settings.visibility.private_shortname=Privato
 
 settings.update_settings=Aggiorna Impostazioni
 settings.update_setting_success=Le impostazioni dell'organizzazione sono state aggiornate.
-settings.change_orgname_redirect_prompt=Il vecchio nome reindirizzerà fino a quando non sarà richiesto.
+
+
 settings.update_avatar_success=L'avatar dell'organizzazione è stato aggiornato.
 settings.delete=Elimina organizzazione
 settings.delete_account=Elimina questa organizzazione
 settings.delete_prompt=L'organizzazione verrà rimossa definitivamente. Questa operazione <strong>NON PUÒ</strong> essere annullata!
 settings.confirm_delete_account=Conferma Eliminazione
-settings.delete_org_title=Elimina organizzazione
-settings.delete_org_desc=Questa organizzazione verrà eliminata definitivamente. Continuare?
 settings.hooks_desc=Aggiungi i webhooks che verranno attivati per <strong>tutti i repository</strong> sotto questa organizzazione.
 
 settings.labels_desc=Aggiungi i webhooks che verranno attivati per <strong>tutti i repository</strong> sotto questa organizzazione.
@@ -2162,7 +2092,6 @@ organizations=Organizzazioni
 repositories=Repository
 hooks=Webhooks
 authentication=Fonti di autenticazione
-emails=Email Utente
 config=Configurazione
 config_summary=Riepilogo
 config_settings=Impostazioni
@@ -2189,26 +2118,16 @@ dashboard.cron.process=Cron: %[1]s
 dashboard.cron.error=Errore in Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s ha finito
 dashboard.delete_inactive_accounts=Elimina tutti gli account non attivati
-dashboard.delete_inactive_accounts.started=Attività di eliminazione degli account non attivati iniziata.
 dashboard.delete_repo_archives=Elimina tutti gli archivi dei repository (ZIP, TAR.GZ, etc..)
-dashboard.delete_repo_archives.started=Attività di eliminazione degli archivi del repository iniziata.
 dashboard.delete_missing_repos=Elimina tutti i repository mancanti dei loro file Git
-dashboard.delete_missing_repos.started=Elimina tutti i repository mancanti dei loro file Git.
 dashboard.delete_generated_repository_avatars=Elimina gli avatar generati nelle repository
 dashboard.update_mirrors=Aggiorna Mirror
 dashboard.repo_health_check=Controlla integrità di tutti i repository
 dashboard.check_repo_stats=Controlla tutte le statistiche del repository
 dashboard.archive_cleanup=Elimina vecchi archivi del repository
-dashboard.deleted_branches_cleanup=Pulisci branch eliminati
 dashboard.update_migration_poster_id=Aggiorna gli ID del poster di migrazione
-dashboard.git_gc_repos=Esegui la garbage collection su tutti i repository
-dashboard.resync_all_sshkeys=Aggiornare il file '.ssh/authorized_keys' con le chiavi SSH Gitea.
-dashboard.resync_all_sshprincipals=Aggiornare il file '.ssh/authorized_keys' con le chiavi SSH Gitea.
-dashboard.resync_all_hooks=Sincronizza nuovamente gli hook di pre-ricezione, di aggiornamento e di post-ricezione di tutti i repository.
 dashboard.reinit_missing_repos=Reinizializza tutti i repository Git mancanti per i quali esistono cambiamenti registrati esistenti
 dashboard.sync_external_users=Sincronizza dati utente esterno
-dashboard.cleanup_hook_task_table=Pulisci tabella hook_task
-dashboard.cleanup_packages=Pulizia pacchetti scaduti
 dashboard.server_uptime=Tempo in Attività del Server
 dashboard.current_goroutine=Goroutine Correnti
 dashboard.current_memory_usage=Utilizzo di Memoria Corrente
@@ -2252,7 +2171,6 @@ users.2fa=2FA
 users.repos=Repo
 users.created=Creato
 users.last_login=Ultimo accesso
-users.never_login=Mai effettuato l'accesso
 users.send_register_notify=Invia notifica di registrazione utente
 users.edit=Modifica
 users.auth_source=Fonte di autenticazione
@@ -2296,11 +2214,7 @@ users.list_status_filter.not_2fa_enabled=2FA Disabilitato
 emails.email_manage_panel=Gestione delle Email Utente
 emails.primary=Primario
 emails.activated=Attivato
-emails.filter_sort.email=Email
-emails.filter_sort.email_reverse=Email (inverso)
-emails.filter_sort.name=Nome Utente
-emails.filter_sort.name_reverse=Nome utente (inverso)
-emails.updated=Email aggiornata
+emails.filter_sort.name=Nome utente
 emails.not_updated=Impossibile aggiornare l'indirizzo email richiesto: %v
 emails.duplicate_active=Questo indirizzo email risulta già attivo per un altro utente.
 emails.change_email_header=Aggiorna proprietà email
@@ -2411,23 +2325,16 @@ auths.oauth2_required_claim_name_helper=Imposta questo nome per limitare il logi
 auths.oauth2_required_claim_value=Valore Richiesto
 auths.oauth2_required_claim_value_helper=Imposta questo valore per limitare il login da questa fonte agli utenti con un reclamo con questo nome e valore
 auths.oauth2_group_claim_name=Riscatta nome che fornisce nomi di gruppo per questa fonte (facoltativo)
-auths.oauth2_admin_group=Valore del reclamo di gruppo per gli utenti amministratori. (Opzionale - richiede il nome della richiesta sopra)
-auths.oauth2_restricted_group=Valore di reclamo di gruppo per utenti ristretti. (Facoltativo - richiede il nome di reclamo sopra)
 auths.enable_auto_register=Abilitare Registrazione Automatica
 auths.sspi_auto_create_users=Crea automaticamente gli utenti
-auths.sspi_auto_create_users_helper=Permetti al metodo di autenticazione SSPI di creare automaticamente nuovi account per gli utenti che accedono per la prima volta
 auths.sspi_auto_activate_users=Attiva automaticamente gli utenti
 auths.sspi_auto_activate_users_helper=Consenti al metodo di autenticazione SSPI di attivare automaticamente i nuovi utenti
 auths.sspi_strip_domain_names=Rimuovi nomi dominio dai nomi utente
-auths.sspi_strip_domain_names_helper=Se selezionato, i nomi di dominio verranno rimossi dai nomi di accesso (es. "DOMAIN\user" e "user@example.org" entrambi diventeranno solo "user").
 auths.sspi_separator_replacement=Separatore da utilizzare al posto di \, / e @
-auths.sspi_separator_replacement_helper=Il carattere da utilizzare per sostituire i separatori dei nomi di logon di livello inferiore (es. il \ in "DOMAIN\user") e i nomi dell'utente principale (es. il @ in "user@example.org").
 auths.sspi_default_language=Lingua predefinita dell'utente
-auths.sspi_default_language_helper=Lingua predefinita per gli utenti creati automaticamente dal metodo di autenticazione SSPI. Lascia vuoto se preferisci che la lingua venga rilevata automaticamente.
 auths.tips=Consigli
 auths.tips.oauth2.general=Autenticazione OAuth2
 auths.tip.oauth2_provider=OAuth2 Provider
-auths.tip.nextcloud=`Registra un nuovo OAuth sulla tua istanza utilizzando il seguente menu "Impostazioni -> Sicurezza -> OAuth 2.0 client"`
 auths.tip.mastodon=Inserisci un URL di istanza personalizzato per l'istanza mastodon con cui vuoi autenticarti (o usa quella predefinita)
 auths.edit=Modifica fonte di autenticazione
 auths.activated=Questa fonte di autenticazione è attiva
@@ -2465,8 +2372,6 @@ config.ssh_domain=Dominio Server Ssh
 config.ssh_port=Porta
 config.ssh_listen_port=Porta in ascolto
 config.ssh_root_path=Percorso Root
-config.ssh_key_test_path=Percorso chiave di test
-config.ssh_keygen_path=Percorso Keygen ('ssh-keygen')
 config.ssh_minimum_key_size_check=Verifica delle dimensioni minime della chiave
 config.ssh_minimum_key_sizes=Dimensioni minime della chiave
 
@@ -2524,7 +2429,6 @@ config.mailer_sendmail_path=Percorso Sendmail
 config.mailer_sendmail_args=Argomenti aggiuntivi per Sendmail
 config.mailer_sendmail_timeout=Timeout Sendmail
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=Email (es. test@example.com)
 config.send_test_mail=Invia email di prova
 
 config.oauth_config=Configurazione OAuth
@@ -2592,7 +2496,6 @@ monitor.queue.numberworkers=Numero di workers
 monitor.queue.maxnumberworkers=Massimo numero di Workers
 monitor.queue.numberinqueue=Numero in coda
 monitor.queue.settings.title=Impostazioni pool
-monitor.queue.settings.maxnumberworkers=Massimo numero di workers
 monitor.queue.settings.maxnumberworkers.placeholder=Attualmente %[1]d
 monitor.queue.settings.maxnumberworkers.error=Il numero massimo di lavoratori deve essere un numero
 monitor.queue.settings.submit=Aggiorna Impostazioni
@@ -2687,8 +2590,6 @@ error.no_committer_account=Nessun account collegato all'indirizzo email del comm
 error.no_gpg_keys_found=Non sono state trovate chiavi note per questa firma nel database
 error.not_signed_commit=Commit non firmato
 error.failed_retrieval_gpg_keys=Impossibile recuperare le chiavi associate all'account del committer
-error.probable_bad_signature=ATTENZIONE! Anche se esiste una chiave con questo ID nel database, essa non verifica questo commit! Questo commit è SOSPETTO.
-error.probable_bad_default_signature=ATTENZIONE! Anche se la chiave predefinita ha questo ID essa non verifica questo commit! Questo commit è SOSPETTO.
 
 [units]
 unit=Unità
@@ -2726,12 +2627,10 @@ alpine.repository.branches=Branches
 alpine.repository.repositories=Repository
 arch.repository.repositories=Repository
 chef.install=Per installare il pacchetto, eseguire il seguente comando:
-composer.registry=Imposta questo registro nel tuo file <code>~/.composer/config.json</code>:
 composer.install=Per installare il pacchetto utilizzando Composer, eseguire il seguente comando:
 composer.dependencies=Dipendenze
 composer.dependencies.development=Dipendenze Di Sviluppo
 conan.details.repository=Repository
-conan.registry=Configura questo registro dalla riga di comando:
 conan.install=Per installare il pacchetto usando Conan, eseguire il seguente comando:
 container.details.type=Tipo Immagine
 container.details.platform=Piattaforma
@@ -2742,19 +2641,13 @@ container.labels=Etichette
 container.labels.key=Chiave
 container.labels.value=Valore
 cran.install=Per installare il pacchetto, eseguire il seguente comando:
-debian.registry=Configura questo registro dalla riga di comando:
 debian.install=Per installare il pacchetto, eseguire il seguente comando:
 generic.download=Scarica il pacchetto dalla riga di comando:
-helm.registry=Configura questo registro dalla riga di comando:
 helm.install=Per installare il pacchetto, eseguire il seguente comando:
-maven.registry=Configura questo registro nel file <code>pom.xml</code> del tuo progetto:
-maven.install=Per utilizzare il pacchetto includere i seguenti nel blocco <code>dipendenze</code> nel file <code>pom.xml</code>:
 maven.install2=Esegui tramite riga di comando:
 maven.download=Per scaricare la dipendenza, eseguire tramite riga di comando:
-nuget.registry=Configura questo registro dalla riga di comando:
 nuget.install=Per installare il pacchetto utilizzando NuGet, eseguire il seguente comando:
 nuget.dependency.framework=Target Framework
-npm.registry=Impostare questo registro nel file del progetto <code>.npmrc</code>:
 npm.install=Per installare il pacchetto usando npm, eseguire il seguente comando:
 npm.install2=o aggiungerlo al file package.json:
 npm.dependencies=Dipendenze
@@ -2765,7 +2658,6 @@ npm.details.tag=Tag
 pub.install=Per installare il pacchetto utilizzando NuGet, eseguire il seguente comando:
 pypi.requires=Richiede Python
 pypi.install=Per installare il pacchetto usando pip, eseguire il seguente comando:
-rpm.registry=Configura questo registro dalla riga di comando:
 rpm.install=Per installare il pacchetto, eseguire il seguente comando:
 rubygems.install=Per installare il pacchetto usando gem, eseguire il seguente comando:
 rubygems.install2=o aggiungerlo al file Gem:
@@ -2773,7 +2665,6 @@ rubygems.dependencies.runtime=Dipendenze Runtime
 rubygems.dependencies.development=Dipendenze Di Sviluppo
 rubygems.required.ruby=Richiede la versione di Ruby
 rubygems.required.rubygems=Richiede la versione RubyGem
-swift.registry=Configura questo registro dalla riga di comando:
 settings.link=Collega questo pacchetto a un repository
 settings.link.description=Se si collega un pacchetto a un repository, il pacchetto è elencato nell'elenco dei pacchetti del repository.
 settings.link.select=Seleziona Repository
@@ -2788,8 +2679,12 @@ settings.delete.error=Impossibile eliminare il pacchetto.
 owner.settings.cleanuprules.enabled=Attivo
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Descrizione
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_ja-JP.ini b/options/locale/locale_ja-JP.ini
index 3a80e6e451..312e0dd4f1 100644
--- a/options/locale/locale_ja-JP.ini
+++ b/options/locale/locale_ja-JP.ini
@@ -113,9 +113,11 @@ copy_type_unsupported=��ファイルタイプ�コピー����ん
 write=書�込�
 preview=プレビュー
 loading=読�込�中…
+files=ファイル
 
 error=エラー
 error404=アクセス�よ����ページ�<strong>存在���</strong>��閲覧�<strong>許��れ����ん</strong>。
+error503=サー�ー�リクエストを完了����ん���。 後�も�一度�試�����。
 go_back=戻る
 invalid_data=無効�データ: %v
 
@@ -128,7 +130,8 @@ pin=ピン留�
 unpin=ピン留�解除
 
 artifacts=�果物
-confirm_delete_artifact=アーティファクト %s を削除��よ������？
+expired=期�切れ
+confirm_delete_artifact=アーティファクト '%s' を削除��よ������？
 
 archived=アーカイブ
 
@@ -168,30 +171,30 @@ internal_error_skipped=内部エラー�発生�����スキップ�れ
 search=検索…
 type_tooltip=検索タイプ
 fuzzy=����
-fuzzy_tooltip=検索語���よ�一致�る�果も����
+fuzzy_tooltip=検索語�近��果も����
 words=�語
 words_tooltip=検索語�一致�る�果��を����
 regexp=正�表�
 regexp_tooltip=正�表�検索パターン�一致�る�果��を����
 exact=完全一致
 exact_tooltip=検索語�完全�一致�る�果��を����
-repo_kind=リ�ジトリを検索...
-user_kind=ユーザーを検索...
-org_kind=組織を検索...
+repo_kind=リ�ジトリを検索…
+user_kind=ユーザーを検索…
+org_kind=組織を検索…
 team_kind=�ームを検索…
-code_kind=コードを検索...
+code_kind=コードを検索…
 code_search_unavailable=コード検索��在利用����ん。 サイト管�者�����������。
 code_search_by_git_grep=�在�コード検索� "git grep" �よ��行�れ����。 サイト管�者�リ�ジトリインデクサーを有効��れ��より優れ��果�得られる�能性��り��。
-package_kind=パッケージを検索...
-project_kind=プロジェクトを検索...
-branch_kind=ブラン�を検索...
-tag_kind=タグを検索...
+package_kind=パッケージを検索…
+project_kind=プロジェクトを検索…
+branch_kind=ブラン�を検索…
+tag_kind=タグを検索…
 tag_tooltip=一致�るタグを検索���。任��シーケンス�一致��る�� '%' を使用������。
-commit_kind=コミットを検索...
-runner_kind=ランナーを検索...
+commit_kind=コミットを検索…
+runner_kind=ランナーを検索…
 no_results=一致�る�果�見��り��ん���
-issue_kind=イシューを検索...
-pull_kind=プルリクエストを検索...
+issue_kind=イシューを検索…
+pull_kind=プルリクエストを検索…
 keyword_search_unavailable=キーワード検索��在利用����ん。 サイト管�者�����������。
 
 [aria]
@@ -227,8 +230,8 @@ buttons.enable_monospace_font=等幅フォントを有効��る
 buttons.disable_monospace_font=等幅フォントを無効��る
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
+string.asc=A–Z
+string.desc=Z–A
 
 [error]
 occurred=エラー�発生����
@@ -249,7 +252,7 @@ license_desc=Go get <a target="_blank" rel="noopener noreferrer" href="%[1]s">%[
 
 [install]
 install=インストール
-installing_desc=インストール中����待�����...
+installing_desc=インストール中����待�����…
 title=�期設定
 docker_helper=GiteaをDocker内�実行�る場���設定を変更�る��<a target="_blank" rel="noopener noreferrer" href="%s">ドキュメント</a>を読ん�����。
 require_db_desc=Gitea���MySQL�PostgreSQL�MSSQL�SQLite3����TiDB(MySQL プロトコル) �必���。
@@ -274,7 +277,7 @@ no_admin_and_disable_registration=管ç�†è€…アカウントを作æˆ�ã�›ã�šã�«ã€�ã
 err_empty_admin_password=管�者パスワード�空�����ん。
 err_empty_admin_email=管�者�メールアドレス�空�����ん。
 err_admin_name_is_reserved=管�者�ユーザー���正��。予約済��ユーザー���。
-err_admin_name_pattern_not_allowed=管�者�ユーザー���正��。 予約済��パターン�マッ������
+err_admin_name_pattern_not_allowed=管�者�ユーザー���正��。 予約済��パターン�マッ������。
 err_admin_name_is_invalid=管�者�ユーザー���正��
 
 general_title=基本設定
@@ -291,7 +294,7 @@ domain_helper=サー�ー�ドメイン���ホストアドレス。
 ssh_port=SSHサー�ー��ート
 ssh_port_helper=SSHサー�ー�使��ート番�。 空�場��SSHサー�ーを無効����。
 http_port=Gitea HTTP�ート
-http_port_helper=Gitea�Webサー�ー�使��ート番�。
+http_port_helper=Gitea�Webサー�ー�接続待��る�ート番�。
 app_url=Gitea�ベースURL
 app_url_helper=HTTP(S)�クローンURL�メール通知�使�ベースアドレス。
 log_root_path=ログ��存先パス
@@ -418,6 +421,7 @@ remember_me.compromised=ログイントークンã�¯ã‚‚ã�†æœ‰åŠ¹ã�§ã�¯ã�ªã��ã€�ã‚
 forgot_password_title=パスワードを忘れ�
 forgot_password=パスワードを�忘れ���？
 need_account=アカウント�必����？
+sign_up_tip=管�者権�を�����システム�最��アカウントを登録�よ�������。 ユーザー��パスワードをよ�覚���������。 ユーザー����パスワードを忘れ�場���Gitea�ドキュメントを�照��アカウントを復元������。
 sign_up_now=登録���ら。
 sign_up_successful=アカウント�無事�作��れ���。よ���!
 confirmation_mail_sent_prompt_ex=新��確�メールを <b>%s</b> ��信����。 %s以内�メールボックスを確���登録手続�を完了������。 登録メールアドレス�間����る場���も����サインイン�る�変更�る�������。
@@ -448,6 +452,7 @@ use_scratch_code=スクラッ�コードを使�
 twofa_scratch_used=����スクラッ�コードを使用����。 2�素�証�設定ページ�リダイレクト�������デ�イス�登録を解除�る��新��スクラッ�コードを生����ょ�。
 twofa_passcode_incorrect=パスコード�正���り��ん。デ�イスを紛失��場���スクラッ�コードを使��サインイン������。
 twofa_scratch_token_incorrect=スクラッ�コード�正���り��ん。
+twofa_required=リ�ジトリ�アクセス�る��2段階�証を設定�る���度ログイン������。
 login_userpass=サインイン
 login_openid=OpenID
 oauth_signup_tab=新�アカウント登録
@@ -456,17 +461,18 @@ oauth_signup_submit=アカウント登録完了
 oauth_signin_tab=既存アカウント�リンク
 oauth_signin_title=リンク先アカウント�����サインイン
 oauth_signin_submit=アカウント�リンク
+oauth.signin.error.general=��リクエスト�処�中�エラー�発生����: %s 。��エラー�解決���場���サイト管�者�����������。
 oauth.signin.error.access_denied=��リクエスト�拒��れ���。
 oauth.signin.error.temporarily_unavailable=�証サー�ー�一時的�利用����������失敗����。後�も�一度やり直������。
-oauth_callback_unable_auto_reg=自動登録�有効���������OAuth2プロ�イダー %[1]s �応答�フィールド %[2]s ��足���り�自動�アカウントを作��る�������ん。 アカウントを作����リンク�る��サイト管�者�����������。
+oauth_callback_unable_auto_reg=自動登録�有効���������OAuth2プロ�イダー %[1]s �応答�フィールド %[2]s ��足���り�自動�アカウントを作��る�������ん。 アカウント�作�や連�を行���サイト管�者�����������。
 openid_connect_submit=接続
 openid_connect_title=既存�アカウント�接続
 openid_connect_desc=�択��OpenID URI�未登録��。 ���新��アカウント�関連付���。
 openid_register_title=アカウント新�作�
 openid_register_desc=�択��OpenID URI�未登録��。 ���新��アカウント�関連付���。
 openid_signin_desc=OpenID URIを入力���。例: alice.openid.example.org ��� https://openid.example.org/alice
-disable_forgot_password_mail=メール�信設定�無���アカウント�回復�無効�������。 サイト管�者�����������。
-disable_forgot_password_mail_admin=アカウント�回復�メール�信�設定済��場���使用����。 アカウント�回復を有効��る��メール�信を設定������。
+disable_forgot_password_mail=メールアドレス�設定�れ������アカウント�回復�無効�������。 サイト管�者�����������。
+disable_forgot_password_mail_admin=アカウント�回復�メールアドレス�設定済��場���使用����。
 email_domain_blacklisted=����メールアドレス��登録�る�������ん。
 authorize_application=アプリケーションを許�
 authorize_redirect_notice=��アプリケーションを許��る� %s �リダイレクト���。
@@ -605,10 +611,10 @@ change_full_name_disabled=フル�ーム�変更�無効化�れ����
 username_has_not_been_changed=ユーザー��変更�れ����ん
 repo_name_been_taken=リ�ジトリ��既�使用�れ����。
 repository_force_private=強制プライベート�有効��。プライベートリ�ジトリ�パブリック�����ん。
-repository_files_already_exist=��リ�ジトリ�ファイル����存在���。システム管�者�����������。
-repository_files_already_exist.adopt=��リ�ジトリ�ファイル����存在���り��れらを登録�る��������ん。
-repository_files_already_exist.delete=��リ�ジトリ�ファイル����存在�����。 �れらを削除�る必���り��。
-repository_files_already_exist.adopt_or_delete=��リ�ジトリ�ファイル����存在�����。 �れらを登録�る�削除������。
+repository_files_already_exist=��リ�ジトリ��既�ファイル�存在�����。システム管�者�����������。
+repository_files_already_exist.adopt=��リ�ジトリ��既�ファイル�存在���り��れらを�り込む�������。
+repository_files_already_exist.delete=��リ�ジトリ��既�ファイル�存在�����。 �れらを削除�る必���り��。
+repository_files_already_exist.adopt_or_delete=��リ�ジトリ��既�ファイル�存在�����。 �れらを�り込む�削除������。
 visit_rate_limit=相手��アクセス数制��れ����。
 2fa_auth_required=相手���アクセス�2�素�証�必���。
 org_name_been_taken=組織��既�使用�れ����。
@@ -641,7 +647,7 @@ invalid_ssh_key=SSHキー�確�����ん: %s
 invalid_gpg_key=GPGキー�確�����ん: %s
 invalid_ssh_principal=無効�プリンシパル: %s
 must_use_public_key=�����供��キー�秘密���。秘密�を���もアップロード��������。代�り�公開�を使用������。
-unable_verify_ssh_key=SSHキー�確�����ん。間���無���よ�確�������。
+unable_verify_ssh_key=SSHキー�確�����ん。間���無��よ�確�������。
 auth_failed=�証�失敗����: %v
 
 still_own_repo=����アカウント�1�以上�リ�ジトリを所有�����。 先��れらを削除�る�移転������。
@@ -673,7 +679,7 @@ unfollow=フォロー解除
 user_bio=経歴
 disabled_public_activity=��ユーザー�アクティビティ表示を公開�����ん。
 email_visibility.limited=����メールアドレス������証済�ユーザー�表示�れ����
-email_visibility.private=����メールアドレス������管�者���表示�れ��
+email_visibility.private=����メールアドレス������管�者���表示�れ��
 show_on_map=地図上���場所を表示
 settings=ユーザー設定
 
@@ -806,7 +812,7 @@ activations_pending=アクティベーション待�
 can_not_add_email_activations_pending=�留中�アクティベーション��り��。新��メールを追加�る場���数分後�も�一度�試�����。
 delete_email=削除
 email_deletion=メールアドレス�削除
-email_deletion_desc=メールアドレス�関連情報をアカウント�ら削除���。 ��メールアドレスを使��Git�コミット�����残り��。 続行����？
+email_deletion_desc=��メールアドレス�関連情報をアカウント�ら削除���。 ��メールアドレスを使��Git�コミット�����残り��。 続行����？
 email_deletion_success=メールアドレスを削除����。
 theme_update_success=テーマを更新����。
 theme_update_error=�択�れ�テーマ�存在���ん。
@@ -924,6 +930,9 @@ permission_not_set=設定��
 permission_no_access=アクセス��
 permission_read=読��り
 permission_write=読��り�書�込�
+permission_anonymous_read=匿��読�込�
+permission_everyone_read=全員�読�込�
+permission_everyone_write=全員�書�込�
 access_token_desc=�択��トークン権��応���関連�る<a %s>API</a>ルート���許��制��れ��。 詳細�<a %s>ドキュメント</a>を�照������。
 at_least_one_permission=トークンを作��る���少���も����許�を�択�る必���り��
 permissions_list=許�:
@@ -957,7 +966,7 @@ authorized_oauth2_applications=許�済�OAuth2アプリケーション
 authorized_oauth2_applications_description=�れら�サードパーティ アプリケーション������Giteaアカウント��アクセスを許������。 ������アプリケーション�アクセス権を�り消�よ��������。
 revoke_key=�り消�
 revoke_oauth2_grant=アクセス権��り消�
-revoke_oauth2_grant_description=��サードパーティ アプリケーション�アクセス権を�り消��アプリケーション�����データ�アクセス�る��を防���。 続行����？
+revoke_oauth2_grant_description=��サードパーティ アプリケーション�アクセス権を�り消��アプリケーション�����データ�アクセス�る��を防���。 よ������？
 revoke_oauth2_grant_success=アクセス権を�り消����。
 
 twofa_desc=パスワード�盗難�らアカウントを守る����スマートフォンや他�デ�イスを使用���時間ベース�ワンタイムパスワード("TOTP")を���る�������。
@@ -1012,14 +1021,16 @@ email_notifications.onmention=メンション��メール通知
 email_notifications.disable=メール通知無効
 email_notifications.submit=メール設定を�存
 email_notifications.andyourown=自分�関�る通知も��る
+email_notifications.actions.desc=<a target="_blank" href="%s">Gitea Actions</a>�設定�れ�リ�ジトリ�ワークフロー実行�関�る通知。
+email_notifications.actions.failure_only=失敗��ワークフロー実行������通知
 
 visibility=ユーザー�公開範囲
 visibility.public=パブリック
 visibility.public_tooltip=全員�表示�れ��
 visibility.limited=�定
-visibility.limited_tooltip=�証�れ�ユーザー���表示�れ��
+visibility.limited_tooltip=�証�れ�ユーザー���表示�れ��
 visibility.private=プライベート
-visibility.private_tooltip=�����加��組織�メン�ー���表示�れ��
+visibility.private_tooltip=�����加��組織�メン�ー���表示�れ��
 
 [repo]
 new_repo_helper=リ�ジトリ���プロジェクト�����ファイル�リビジョン履歴�入り��。 ������場所�ホスト������？ <a href="%s">リ�ジトリを移行</a> も���。
@@ -1093,7 +1104,7 @@ mirror_sync=�回��期
 mirror_sync_on_commit=コミット�プッシュ�れ�����期
 mirror_address=クローン�るURL
 mirror_address_desc=必��資格情報�「�証�セクション�設定������。
-mirror_address_url_invalid=入力��URL�無効��。 URL�構��素����正��エスケープ�る必���り��。
+mirror_address_url_invalid=入力��URL�無効��。 URL�構��素����正��エスケープ������。
 mirror_address_protocol_invalid=入力��URL�無効��。 ミラー��る���http(s):// ��� git:// �ら����。
 mirror_lfs=Large File Storage (LFS)
 mirror_lfs_desc=LFS データ�ミラーリングを有効��る。
@@ -1111,7 +1122,7 @@ stars=スター
 reactions_more=�ら� %d 件
 unit_disabled=サイト管�者���リ�ジトリセクションを無効������。
 language_other=��他
-adopt_search=未登録リ�ジトリを探�ユーザー�を入力... (空����を探索)
+adopt_search=未登録リ�ジトリを探�ユーザー�を入力… (空����を探索)
 adopt_preexisting_label=ファイルを登録
 adopt_preexisting=既存ファイル�登録
 adopt_preexisting_content=%s �らリ�ジトリを作����
@@ -1136,6 +1147,7 @@ transfer.no_permission_to_reject=ã�“ã�®ç§»è»¢ã‚’æ‹’å�¦ã�™ã‚‹æ¨©é™�ã�Œã�‚ã‚Šã�¾ã�
 
 desc.private=プライベート
 desc.public=公開
+desc.public_access=公開アクセス
 desc.template=テンプレート
 desc.internal=内部
 desc.archived=アーカイブ
@@ -1152,8 +1164,8 @@ template.issue_labels=イシューラベル
 template.one_item=最低一��テンプレート項目を�択�る必���り��
 template.invalid=テンプレートリ�ジトリを�択�る必���り��
 
-archive.title=��リ�ジトリ�アーカイブ�れ����。 ファイル�閲覧�クローン��能����プッシュ�イシュー�作��プルリクエスト�����ん。
-archive.title_date=��リ�ジトリ�%s�アーカイブ�れ����。 ファイル�閲覧�クローン��能����プッシュ�イシュー�作��プルリクエスト�����ん。
+archive.title=��リ�ジトリ�アーカイブ�れ����。 ファイル�閲覧�クローン��能����イシュー�作��プルリクエスト�プッシュ�����ん。
+archive.title_date=��リ�ジトリ�%s�アーカイブ�れ����。 ファイル�閲覧�クローン��能����イシュー�作��プルリクエスト�プッシュ�����ん。
 archive.issue.nocomment=��リ�ジトリ�アーカイブ�れ����。 イシュー�コメントを追加�る�������ん。
 archive.pull.nocomment=��リ�ジトリ�アーカイブ�れ����。 プルリクエスト�コメントを追加�る�������ん。
 
@@ -1170,7 +1182,7 @@ migrate_options_lfs=LFS ファイル�マイグレート
 migrate_options_lfs_endpoint.label=LFS エンド�イント
 migrate_options_lfs_endpoint.description=マイグレーション���リモート��Gitをも��<a target="_blank" rel="noopener noreferrer" href="%s">LFSサー�ーを決定</a>�よ�����。 リ�ジトリ�LFSデータ����場所��存�れ��る場���独自�エンド�イントを指定�る�������。
 migrate_options_lfs_endpoint.description.local=ローカルサー�ー�パスもサ�ート�れ����。
-migrate_options_lfs_endpoint.placeholder=空��る�エンド�イント�クローン URL �ら決定�れ��
+migrate_options_lfs_endpoint.placeholder=空��る�エンド�イント�クローン URL �ら決定�れ��。
 migrate_items=移行�る項目
 migrate_items_wiki=Wiki
 migrate_items_milestones=マイルストーン
@@ -1182,7 +1194,7 @@ migrate_items_releases=リリース
 migrate_repo=リ�ジトリを移行
 migrate.clone_address=移行 / クローン�るURL
 migrate.clone_address_desc=既存リ�ジトリ��HTTP(S)���Git形��クローンURL
-migrate.github_token_desc=GitHub API��レート制���り��。移行をより速��る�������カンマ区切り�複数�トークンを入力�る�������。 警告: ��機能を悪用�る��サービスプロ�イダ��リシー�����アカウント�ブロック�れる�能性��り��。
+migrate.github_token_desc=GitHub API�レート制�を回���移行をより速��る����複数�トークンをカンマ区切り�入力����。 警告: ��機能を悪用�る��サービスプロ�イダ��リシー�����アカウント�ブロック�れる�能性��り��。
 migrate.clone_local_path=����ローカルサー�ー上�パス
 migrate.permission_denied=ローカルリ�ジトリをイン�ート�る権���り��ん。
 migrate.permission_denied_blocked=許��れ����ホスト�らイン�ート����ん。管�者��������ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS �設定を確�������。
@@ -1193,7 +1205,7 @@ migrate.migrate_items_options=追加ã�®é …目を移行ã�™ã‚‹ã�«ã�¯ã‚¢ã‚¯ã‚»ã‚¹ãƒ
 migrated_from=<a href="%[1]s">%[2]s</a>�ら移行
 migrated_from_fake=%[1]s�ら移行
 migrate.migrate=%s �ら�移行
-migrate.migrating=<b>%s</b> �ら移行����� ...
+migrate.migrating=<b>%s</b> �ら移行�����…
 migrate.migrating_failed=<b>%s</b> �ら�移行�失敗����。
 migrate.migrating_failed.error=移行�失敗����: %s
 migrate.migrating_failed_no_addr=移行�失敗����。
@@ -1219,6 +1231,7 @@ migrate.migrating_issues=イシュー移行中
 migrate.migrating_pulls=プルリクエスト移行中
 migrate.cancel_migrating_title=移行�キャンセル
 migrate.cancel_migrating_confirm=��移行をキャンセル����？
+migration_status=移行状�
 
 mirror_from=ミラー元
 forked_from=フォーク元
@@ -1297,7 +1310,6 @@ file_copy_permalink=パーマリンクをコピー
 view_git_blame=Git Blameを表示
 video_not_supported_in_browser=��ブラウザ�HTML5�videoタグをサ�ート�����ん。
 audio_not_supported_in_browser=��ブラウザー�HTML5�audioタグをサ�ート�����ん。
-stored_lfs=Git LFS��管�れ����
 symbolic_link=シンボリック リンク
 executable_file=実行ファイル
 vendored=ベンダーファイル
@@ -1323,7 +1335,9 @@ editor.upload_file=ファイルをアップロード
 editor.edit_file=ファイルを編集
 editor.preview_changes=変更をプレビュー
 editor.cannot_edit_lfs_files=LFS�ファイル�Webインターフェース�編集����ん。
+editor.cannot_edit_too_large_file=��ファイル�大���る���編集����ん。
 editor.cannot_edit_non_text_files=�イナリファイル�Webインターフェース�編集����ん。
+editor.file_not_editable_hint=���変更や移動��能��。
 editor.edit_this_file=ファイルを編集
 editor.this_file_locked=ファイル�ロック�れ����
 editor.must_be_on_a_branch=��ファイルを変更��り変更��案を�る���ブラン�上��る必���り��。
@@ -1343,7 +1357,7 @@ editor.update=%s ã‚’æ›´æ–°
 editor.delete=%s を削除
 editor.patch=パッ���用
 editor.patching=パッ�:
-editor.fail_to_apply_patch=`パッ�を�用����ん "%s"`
+editor.fail_to_apply_patch=パッ�を�用����ん
 editor.new_patch=新��パッ�
 editor.commit_message_desc=詳細�説明を追加…
 editor.signoff_desc=コミットログメッセージ�最後�コミッター� Signed-off-by 行を追加
@@ -1363,8 +1377,7 @@ editor.branch_already_exists=ブラン� "%s" ����リ�ジトリ�既
 editor.directory_is_a_file=ディレクトリ� "%s" ����リ�ジトリ内�ファイル�使用�れ����。
 editor.file_is_a_symlink=`"%s" �シンボリックリンク��。 シンボリックリンク�Webエディター�編集����ん。`
 editor.filename_is_a_directory=ファイル� "%s" ����リ�ジトリ上�ディレクトリ�������使用�れ����。
-editor.file_editing_no_longer_exists=編集中�ファイル "%s" ��も�リ�ジトリ内��り��ん。
-editor.file_deleting_no_longer_exists=削除�よ����ファイル "%s" �����リ�ジトリ内��り��ん。
+editor.file_modifying_no_longer_exists=修正中�ファイル "%s" �����リ�ジトリ内��り��ん。
 editor.file_changed_while_editing=����編集を開始�����ファイル�内容�変更�れ���。 <a target="_blank" rel="noopener noreferrer" href="%s">��をクリック</a>��何�変更�れ��確��る��<strong>も�一度"変更をコミット"をクリック</strong>��上書����。
 editor.file_already_exists=ファイル "%s" ����リ�ジトリ�既�存在���。
 editor.commit_id_not_matching=コミットID�編集を開始�����ID�一致���ん。 パッ�用�ブラン��コミット����マージ������。
@@ -1372,8 +1385,6 @@ editor.push_out_of_date=��プッシュ�最新����よ���。
 editor.commit_empty_file_header=空ファイル�コミット
 editor.commit_empty_file_text=コミット�よ�����るファイル�空��。 続行����？
 editor.no_changes_to_show=表示�る変更箇所��り��ん。
-editor.fail_to_update_file=ファイル "%s" を作����変更����ん���。
-editor.fail_to_update_file_summary=エラーメッセージ:
 editor.push_rejected_no_message=サー�ー�メッセージを出���変更を拒�����。 Git フックを確�������。
 editor.push_rejected=サー�ー�変更を拒�����。 Gitフックを確�������。
 editor.push_rejected_summary=拒�メッセージ全体:
@@ -1387,6 +1398,15 @@ editor.user_no_push_to_branch=ユーザーã�¯ãƒ–ランãƒ�ã�«ãƒ—ッシュã�§ã��ã�
 editor.require_signed_commit=ブラン���署��れ�コミット�必須��
 editor.cherry_pick=�ェリーピック %s:
 editor.revert=リ�ート %s:
+editor.failed_to_commit=変更�コミット�失敗����。
+editor.failed_to_commit_summary=エラーメッセージ：
+
+editor.fork_create=リ�ジトリをフォーク��変更を�案
+editor.fork_create_description=��リ�ジトリを直接編集�る�������ん。 代�り�フォークを作���編集を行��プルリクエストを作�������。
+editor.fork_edit_description=��リ�ジトリを直接編集�る�������ん。 変更�����フォーク <b>%s</b>�書�込�れる���プルリクエストを作�����。
+editor.fork_not_editable=��リ�ジトリ�フォーク�������フォーク��編集�能���り��ん。
+editor.fork_failed_to_push_branch=ブラン� %s をリ�ジトリ�プッシュ����ん���。
+editor.fork_branch_exists=ブラン� "%s" �既�フォーク�存在���。新��ブラン��を�択������。
 
 commits.desc=ソースコード�変更履歴を�照���。
 commits.commits=コミット
@@ -1406,6 +1426,7 @@ commits.signed_by_untrusted_user_unmatched=コミッターã�¨ä¸€è‡´ã�—ã�ªã�„ä¿¡é
 commits.gpg_key_id=GPGキーID
 commits.ssh_key_fingerprint=SSH��フィンガープリント
 commits.view_path=��時点を表示
+commits.view_file_diff=��ファイル����コミット��変更内容を表示
 
 commit.operations=�作
 commit.revert=リ�ート
@@ -1487,7 +1508,7 @@ issues.new.clear_assignees=担当者をクリア
 issues.new.no_assignees=担当者��
 issues.new.no_reviewers=レビューア��
 issues.new.blocked_user=リ�ジトリ�オーナー����をブロック���る���イシューを作�����ん。
-issues.edit.already_changed=イシュー�変更を�存����ん。 他�ユーザー�よ��内容����変更�れ��るよ���。 変更を上書����よ���る���ページを更新���らも�一度編集������
+issues.edit.already_changed=イシュー�変更を�存����ん。 他�ユーザー�よ��内容����変更�れ��るよ���。 変更を上書����よ���る���ページを更新���らも�一度編集������。
 issues.edit.blocked_user=投稿者���リ�ジトリ�オーナー����をブロック���る���内容を編集����ん。
 issues.choose.get_started=始�る
 issues.choose.open_external_link=オープン
@@ -1543,13 +1564,14 @@ issues.filter_project=プロジェクト
 issues.filter_project_all=����プロジェクト
 issues.filter_project_none=プロジェクト��
 issues.filter_assignee=担当者
-issues.filter_assginee_no_assignee=担当者��
+issues.filter_assignee_no_assignee=担当者��
 issues.filter_assignee_any_assignee=担当者�り
 issues.filter_poster=作�者
 issues.filter_user_placeholder=ユーザーを検索
 issues.filter_user_no_select=����ユーザー
 issues.filter_type=タイプ
 issues.filter_type.all_issues=����イシュー
+issues.filter_type.all_pull_requests=����プルリクエスト
 issues.filter_type.assigned_to_you=自分�担当
 issues.filter_type.created_by_you=自分�作�
 issues.filter_type.mentioning_you=自分�関係
@@ -1641,12 +1663,15 @@ issues.save=�存
 issues.label_title=��
 issues.label_description=説明
 issues.label_color=カラー
+issues.label_color_invalid=無効�色��
 issues.label_exclusive=排他
 issues.label_archive=アーカイブ ラベル
 issues.label_archived_filter=アーカイブ�れ�ラベルを表示
 issues.label_archive_tooltip=アーカイブ�れ�ラベル��ラベル�よる検索時�サジェスト�らデフォルト�除外�れ��。
 issues.label_exclusive_desc=ラベル�を <code>スコープ/アイテム</code> �形��る����他� <code>スコープ/</code> ラベル�排他的��り��。
 issues.label_exclusive_warning=イシューやプルリクエスト�ラベル編集���競��るスコープ付�ラベル�解除�れ��。
+issues.label_exclusive_order=ソート順
+issues.label_exclusive_order_tooltip=��スコープ内�排他的�ラベル����数値順�ソート�れ��。
 issues.label_count=ラベル %d件
 issues.label_open_issues=オープン中�イシュー %d件
 issues.label_edit=編集
@@ -1670,7 +1695,6 @@ issues.pin_comment=�ピン留� %s
 issues.unpin_comment=�ピン留�を解除 %s
 issues.lock=会話をロック
 issues.unlock=会話をアンロック
-issues.lock.unknown_reason=未定義��由��イシューをロック����ん。
 issues.lock_duplicate=イシュー�二��ロック����ん。
 issues.unlock_error=ロック�れ����イシューをアンロック����ん。
 issues.lock_with_reason=�<strong>%s</strong>���ロック�会話を共�作業者��定 %s
@@ -1704,6 +1728,8 @@ issues.remove_time_estimate_at=�見�時間を削除 %s
 issues.time_estimate_invalid=見�時間�フォーマット��正��
 issues.start_tracking_history=�作業を開始 %s
 issues.tracker_auto_close=タイマー����イシュー�クローズ�れる�自動的�終了���
+issues.stopwatch_already_stopped=��イシュー�タイマー�����止�����
+issues.stopwatch_already_created=��イシュー�タイマー�既�存在���
 issues.tracking_already_started=`<a href="%s">別�イシュー</a>�既�タイムトラッキングを開始������`
 issues.stop_tracking=タイマー終了
 issues.stop_tracking_history=� <b>%[1]s</b> �作業を終了 %[2]s
@@ -1754,9 +1780,9 @@ issues.dependency.pr_closing_blockedby=ã�“ã�®ãƒ—ルリクエストã�®ã‚¯ãƒ­ãƒ¼ã‚
 issues.dependency.issue_closing_blockedby=��イシュー�クローズ���れら�イシュー�よりブロック�れ����
 issues.dependency.issue_close_blocks=��イシュー���れら�イシュー�クローズをブロック�����
 issues.dependency.pr_close_blocks=��プルリクエスト���れら�イシュー�クローズをブロック�����
-issues.dependency.issue_close_blocked=��イシューをクローズ�る���ブロック���るイシューを���クローズ�る必���り��。
+issues.dependency.issue_close_blocked=��イシューをクローズ�る���ブロック���るイシューを���クローズ�る必���り��。
 issues.dependency.issue_batch_close_blocked=�択��イシュー�一括クローズ�����ん。 イシュー #%d ����オープン中��存関係��り��。
-issues.dependency.pr_close_blocked=��プルリクエストを�作�る���ブロック���るイシューを���クローズ�る必���り��。
+issues.dependency.pr_close_blocked=��プルリクエストをマージ�る���ブロック���るイシューを���クローズ�る必���り��。
 issues.dependency.blocks_short=ブロック対象
 issues.dependency.blocked_by_short=�存先
 issues.dependency.remove_header=�存関係�削除
@@ -1781,7 +1807,7 @@ issues.review.reject=�変更を�請 %s
 issues.review.wait=�レビュー�頼 %s
 issues.review.add_review_request=� %s �レビューを�頼 %s
 issues.review.remove_review_request=� %s ��レビュー�頼を�り消� %s
-issues.review.remove_review_request_self=�レビューを拒� %s
+issues.review.remove_review_request_self=�レビューを辞退 %s
 issues.review.pending=�留
 issues.review.pending.tooltip=��コメント��在他�ユーザー�表示�れ����ん。 �留中�コメントを�信�る�����ページ�上��る "%s" -> "%s/%s/%s" を�択������。
 issues.review.review=レビュー
@@ -1820,7 +1846,7 @@ pulls.desc=プルリクエスト�コードレビュー�有効化。
 pulls.new=新��プルリクエスト
 pulls.new.blocked_user=リ�ジトリ�オーナー����をブロック���る���プルリクエストを作�����ん。
 pulls.new.must_collaborator=プルリクエストを作��る���共�作業者��る必���り��。
-pulls.edit.already_changed=プルリクエスト�変更を�存����ん。 他�ユーザー�よ��内容����変更�れ��るよ���。 変更を上書����よ���る���ページを更新���らも�一度編集������
+pulls.edit.already_changed=プルリクエスト�変更を�存����ん。 他�ユーザー�よ��内容����変更�れ��るよ���。 変更を上書����よ���る���ページを更新���らも�一度編集������。
 pulls.view=プルリクエストを表示
 pulls.compare_changes=新�プルリクエスト
 pulls.allow_edits_from_maintainers=メンテナー�ら�編集を許��る
@@ -1841,7 +1867,7 @@ pulls.show_all_commits=����コミットを表示
 pulls.show_changes_since_your_last_review=�回�自分�レビュー�ら�変更を表示
 pulls.showing_only_single_commit=コミット %[1]s �変更��を表示�����
 pulls.showing_specified_commit_range=%[1]s..%[2]s �変更��を表示�����
-pulls.select_commit_hold_shift_for_range=コミットを�択。シフトを押���らクリック�範囲�択
+pulls.select_commit_hold_shift_for_range=コミットを�択。シフトを押���らクリック�範囲�択。
 pulls.review_only_possible_for_full_diff=����差分を表示���る����レビュー��能��
 pulls.filter_changes_by_commit=コミット�絞り込�
 pulls.nothing_to_compare=��ブラン��士���� プルリクエストを作��る必���り��ん。
@@ -1870,7 +1896,7 @@ pulls.add_prefix=先頭� <strong>%s</strong> を追加
 pulls.remove_prefix=先頭� <strong>%s</strong> を除去
 pulls.data_broken=��プルリクエスト��フォーク�情報�見��ら����壊れ����。
 pulls.files_conflicted=��プルリクエスト��ターゲットブラン��競��る変更を�ん����。
-pulls.is_checking=マージ�コンフリクトを確�中��。 少�待���らも�一度実行������。
+pulls.is_checking=マージ�コンフリクトを確�中…
 pulls.is_ancestor=��ブラン��既�ターゲットブラン����れ����。マージ�るも���り��ん。
 pulls.is_empty=��ブラン��変更�既�ターゲットブラン���り��。�れ�空�コミット��り��。
 pulls.required_status_check_failed=�����必��ステータス�ェック��功�����ん。
@@ -1911,17 +1937,17 @@ pulls.merge_commit_id=マージコミットID
 pulls.require_signed_wont_sign=ブラン���署��れ�コミット�必須������マージ��署���れ��ん
 
 pulls.invalid_merge_option=��プルリクエスト���指定��マージ方法�使���ん。
-pulls.merge_conflict=マージ失敗: マージ中�コンフリクト��り���。 ヒント: 別�ストラテジーを試��������
+pulls.merge_conflict=マージ失敗: マージ中�コンフリクト��り���。 ヒント: 別�ストラテジーを試��������。
 pulls.merge_conflict_summary=エラーメッセージ
-pulls.rebase_conflict=マージ失敗: コミット %[1]s �リベース中�コンフリクト��り���。 ヒント: 別�ストラテジーを試��������
+pulls.rebase_conflict=マージ失敗: コミット %[1]s �リベース中�コンフリクト��り���。 ヒント: 別�ストラテジーを試��������。
 pulls.rebase_conflict_summary=エラーメッセージ
-pulls.unrelated_histories=マージ失敗: マージHEAD�ベース��共通�る履歴��り��ん。 ヒント: 別�ストラテジーを試��������
-pulls.merge_out_of_date=マージ失敗: マージ�生�中�ベース�更新�れ���。 ヒント: も�一度試��������
-pulls.head_out_of_date=マージ失敗: マージ�生�中� head �更新�れ���。 ヒント: も�一度試��������
+pulls.unrelated_histories=マージ失敗: マージHEAD�ベース��共通�る履歴��り��ん。 ヒント: 別�ストラテジーを試��������。
+pulls.merge_out_of_date=マージ失敗: マージ�生�中�ベース�更新�れ���。 ヒント: も�一度試��������。
+pulls.head_out_of_date=マージ失敗: マージ�生�中�HEAD�更新�れ���。 ヒント: も�一度試��������。
 pulls.has_merged=失敗: プルリクエスト�マージ�れ�����。�度マージ��り�ターゲットブラン�を変更�る�������ん。
 pulls.push_rejected=プッシュ失敗: プッシュ�拒��れ���。 ��リ�ジトリ�Gitフックを見直������。
 pulls.push_rejected_summary=拒�メッセージ全体:
-pulls.push_rejected_no_message=プッシュ失敗: プッシュ�拒��れ�����リモート�ら�メッセージ��り��ん。��リ�ジトリ�Gitフックを見直������
+pulls.push_rejected_no_message=プッシュ失敗: プッシュ�拒��れ�����リモート�ら�メッセージ��り��ん。��リ�ジトリ�Gitフックを見直������。
 pulls.open_unmerged_pull_exists=`���件�プルリクエスト (#%d) �未処������オープン�����ん。`
 pulls.status_checking=�����ステータス�ェック�待機中��
 pulls.status_checks_success=ステータス�ェック�����功����
@@ -1945,9 +1971,9 @@ pulls.cmd_instruction_checkout_title=�ェックアウト
 pulls.cmd_instruction_checkout_desc=プロジェクトリ�ジトリ�ら新��ブラン�を�ェックアウト��変更内容をテスト���。
 pulls.cmd_instruction_merge_title=マージ
 pulls.cmd_instruction_merge_desc=変更内容をマージ���Gitea��映���。
-pulls.cmd_instruction_merge_warning=警告: 「手動マージ�自動検出��有効����������作��プルリクエストをマージ����ん
+pulls.cmd_instruction_merge_warning=警告: 「手動マージ�自動検出��有効����������作��プルリクエストをマージ����ん。
 pulls.clear_merge_message=マージメッセージをクリア
-pulls.clear_merge_message_hint=マージメッセージ�クリア��コミットメッセージ�除去��を行���。 生��れ�Gitトレーラー("Co-Authored-By …" 等)�����残り��。
+pulls.clear_merge_message_hint=マージメッセージ�クリア��コミットメッセージ�除去��を行���。 生��れ�Gitトレーラー("Co-Authored-By…" 等)�����残り��。
 
 pulls.auto_merge_button_when_succeed=(�ェック�����功��場�)
 pulls.auto_merge_when_succeed=�����ェック��功��ら自動マージ
@@ -2127,14 +2153,21 @@ contributors.contribution_type.additions=追加
 contributors.contribution_type.deletions=削除
 
 settings=設定
-settings.desc=設定���リ�ジトリ�設定を管��る�������。
+settings.desc=リ�ジトリ�設定を管���る場所��。
 settings.options=リ�ジトリ
+settings.public_access=公開アクセス
+settings.public_access_desc=外部�ら�訪�者�アクセス権��������リ�ジトリ�デフォルト設定を上書����。
+settings.public_access.docs.not_set=設定��: 公開アクセス権���り��ん。訪�者�権���リ�ジトリ�公開範囲�メン�ー�権��従���。
+settings.public_access.docs.anonymous_read=匿��読�込�: ログイン�����ユーザー�読��り権��ユニット�アクセス����。
+settings.public_access.docs.everyone_read=全員�読�込�: ����ログインユーザー�読��り権��ユニット�アクセス����。イシュー/プルリクエストユニット�読��り権���ユーザー�新��イシュー/プルリクエストを作���る��も�味���。
+settings.public_access.docs.everyone_write=全員�書�込�: ����ログインユーザー�書�込�権���り��。Wikiユニット�����権�をサ�ート���。
 settings.collaboration=共�作業者
 settings.collaboration.admin=管�者
 settings.collaboration.write=書�込�
 settings.collaboration.read=読��り
 settings.collaboration.owner=オーナー
 settings.collaboration.undefined=未定義
+settings.collaboration.per_unit=ユニット権�
 settings.hooks=Webhook
 settings.githooks=Gitフック
 settings.basic_settings=基本設定
@@ -2144,7 +2177,7 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=コミットã€�ã
 settings.mirror_settings.docs.disabled_push_mirror.instructions=コミット�タグ�ブラン�を他�リ�ジトリ�ら自動的�プル�るよ�����プロジェクトを設定���。
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=�在�「新��移行�メニュー���対応�����。 詳細�次を�照:
 settings.mirror_settings.docs.disabled_push_mirror.info=プッシュ方��ミラー�サイト管�者�より無効化�れ����。
-settings.mirror_settings.docs.no_new_mirrors=��リ�ジトリ�他�リ�ジトリ�変更をミラーリング�����。 �時点��新��ミラーを作��る����������留�������。
+settings.mirror_settings.docs.no_new_mirrors=��リ�ジトリ�他�リ�ジトリ�変更をミラーリング�����。 �在�新��ミラーを作��る�������ん���注�����。
 settings.mirror_settings.docs.can_still_use=既存ミラーを変更��りミラーを新��作��る�������ん��既存ミラーを利用�る����能��。
 settings.mirror_settings.docs.pull_mirror_instructions=プル方��ミラーを設定�る���次を�照:
 settings.mirror_settings.docs.more_information_if_disabled=プッシュミラー�プルミラー�詳細����らを�覧����:
@@ -2175,7 +2208,6 @@ settings.advanced_settings=拡張設定
 settings.wiki_desc=Wikiを有効��る
 settings.use_internal_wiki=ビルトイン�Wikiを使用�る
 settings.default_wiki_branch_name=デフォルト�Wikiブラン��
-settings.default_permission_everyone_access=����サインインユーザー�デフォルト�許��るアクセス権�:
 settings.failed_to_change_default_wiki_branch=デフォルト�Wikiブラン�を変更����ん���。
 settings.use_external_wiki=外部�Wikiを使用�る
 settings.external_wiki_url=外部Wiki�URL
@@ -2257,9 +2289,9 @@ settings.trust_model.default=デフォルト�トラストモデル
 settings.trust_model.default.desc=デフォルト�リ�ジトリトラストモデルを使用���。
 settings.trust_model.collaborator=共�作業者
 settings.trust_model.collaborator.long=共�作業者: 共�作業者�よる署�を信頼���
-settings.trust_model.collaborator.desc=��リ�ジトリ�共�作業者�よる正常�署���(署��コミッター�も���������ら�)「信頼済��������。 署��共�作業者����コミッター�も���れ�「信頼�����れ以外�「�一致���り��。
+settings.trust_model.collaborator.desc=��リ�ジトリ�共�作業者�よる正常�署���署��コミッター�も���������ら�「信頼済��������。 �れ以外�正常�署��コミッター�も���れ�「信頼���������れ�「�一致���り��。
 settings.trust_model.committer=コミッター
-settings.trust_model.committer.long=コミッター: コミッター�よる署�を信頼��� (�れ�GitHub方���り�Gitea�署��付��コミット�コミッター�Gitea自身��る���強制�れ��)
+settings.trust_model.committer.long=コミッター: コミッター�一致�る署�を信頼���。 �れ�GitHub方���り�Gitea�署��付��コミット�コミッター�Gitea��る���強制�れ��。
 settings.trust_model.committer.desc=正常�署���コミッター�一致�る場���「信頼済��������れ以外�「�一致���り��。 Gitea�署�付��コミット�る���強制�れ�本��コミッター�コミット�最後� Co-authored-by: � Co-committed-by: �追加�れ��。 Gitea�デフォルト��データベース内�ユーザー1人�マッ����れ��り��ん。
 settings.trust_model.collaboratorcommitter=共�作業者+コミッター
 settings.trust_model.collaboratorcommitter.long=共�作業者+コミッター: コミッター�一致�る共�作業者�よる署�を信頼���
@@ -2272,7 +2304,7 @@ settings.wiki_deletion_success=リ�ジトリ�Wikiデータを削除���
 settings.delete=��リ�ジトリを削除
 settings.delete_desc=リ�ジトリ�削除��久的�元�戻��������ん。
 settings.delete_notices_1=- ���作�<strong>元�戻���ん</strong> 。
-settings.delete_notices_2=- ���作��リ�ジトリ <strong>%s</strong> �コード�イシュー�コメント�Wiki�共�作業者�関連付���を�久的�削除���。
+settings.delete_notices_2=- ���作��リ�ジトリ <strong>%s</strong> を�コード�イシュー�コメント�Wiki�共�作業者�設定を����久的�削除���。
 settings.delete_notices_fork_1=- ��リ�ジトリ�フォーク����リ�ジトリを削除�る�独立��リ�ジトリ��り��。
 settings.deletion_success=リ�ジトリを削除����。
 settings.update_settings_success=リ�ジトリ�設定を更新����。
@@ -2289,7 +2321,7 @@ settings.collaborator_deletion=共�作業者�削除
 settings.collaborator_deletion_desc=共�作業者を削除����リ�ジトリ��アクセス権を�り消���。 続行����？
 settings.remove_collaborator_success=共�作業者を削除����。
 settings.org_not_allowed_to_be_collaborator=組織を共�作業者���追加�る�������ん。
-settings.change_team_access_not_allowed=リ�ジトリ�対�る�ームアクセス権�変更��組織�オーナー���制��れ����。
+settings.change_team_access_not_allowed=リ�ジトリ�対�る�ームアクセス権�変更��組織�オーナー���制��れ����。
 settings.team_not_in_organization=�ーム�リ�ジトリ���組織�属�����ん。
 settings.teams=�ーム
 settings.add_team=�ームを追加
@@ -2304,8 +2336,8 @@ settings.hooks_desc=Webhook��指定��Giteaイベント�発生���
 settings.webhook_deletion=Webhook�削除
 settings.webhook_deletion_desc=Webhook設定��信履歴�削除�れ��。 続行����？
 settings.webhook_deletion_success=Webhookを削除����。
-settings.webhook.test_delivery=テスト�信
-settings.webhook.test_delivery_desc=ダミー�イベント���Webhookをテスト���。
+settings.webhook.test_delivery=プッシュ・イベント�よるテスト
+settings.webhook.test_delivery_desc=ダミー�プッシュ・イベント���Webhookをテスト���。
 settings.webhook.test_delivery_desc_disabled=��Webhookをダミー�イベント�テスト�る���有効�������。
 settings.webhook.request=リクエスト
 settings.webhook.response=レス�ンス
@@ -2325,6 +2357,7 @@ settings.payload_url=ターゲットURL
 settings.http_method=HTTPメソッド
 settings.content_type=POST Content Type
 settings.secret=Secret
+settings.webhook_secret_desc=Webhookサー�ー�secret�使用をサ�ート���る場���webhook�マニュアル�従����secretを入力����。
 settings.slack_username=ユーザー�
 settings.slack_icon_url=アイコン�URL
 settings.slack_color=色
@@ -2354,7 +2387,7 @@ settings.event_repository=リ�ジトリ
 settings.event_repository_desc=リ�ジトリ�作�・削除�れ���。
 settings.event_header_issue=イシュー�イベント
 settings.event_issues=イシュー
-settings.event_issues_desc=イシュー�オープン・クローズ・�オープン・編集�れ���。
+settings.event_issues_desc=イシュー�オープン・クローズ・�オープン・編集・削除�れ���。
 settings.event_issue_assign=イシュー�アサイン
 settings.event_issue_assign_desc=イシュー�担当者�割り当�られ����解除�れ���。
 settings.event_issue_label=イシュー�ラベル
@@ -2365,7 +2398,7 @@ settings.event_issue_comment=イシュー��コメント
 settings.event_issue_comment_desc=イシュー��コメント�作�・編集・削除�れ���。
 settings.event_header_pull_request=プルリクエスト�イベント
 settings.event_pull_request=プルリクエスト
-settings.event_pull_request_desc=プルリクエスト�オープン・クローズ・�オープン・編集�れ���。
+settings.event_pull_request_desc=プルリクエスト�オープン・クローズ・�オープン・編集・削除�れ���。
 settings.event_pull_request_assign=プルリクエスト�アサイン
 settings.event_pull_request_assign_desc=プルリクエスト�担当者�割り当�・解除�れ���。
 settings.event_pull_request_label=プルリクエスト�ラベル
@@ -2383,6 +2416,8 @@ settings.event_pull_request_review_request_desc=プルリクエストã�®ãƒ¬ãƒ“ãƒ
 settings.event_pull_request_approvals=プルリクエスト�承�
 settings.event_pull_request_merge=プルリクエスト�マージ
 settings.event_header_workflow=ワークフローイベント
+settings.event_workflow_run=ワークフロー実行
+settings.event_workflow_run_desc=Gitea Actions �ワークフロー実行��キュー�追加�待機中�実行中�完了������。
 settings.event_workflow_job=ワークフロージョブ
 settings.event_workflow_job_desc=Gitea Actions �ワークフロージョブ��キュー�追加�待機中�実行中�完了������。
 settings.event_package=パッケージ
@@ -2535,9 +2570,9 @@ settings.matrix.homeserver_url=ホームサー�ー URL
 settings.matrix.room_id=ルーム ID
 settings.matrix.message_type=メッセージ種別
 settings.visibility.private.button=プライベート��る
-settings.visibility.private.text=プライベート�変更��場��リ�ジトリを許��れ�メン�ー���閲覧��るよ���る������フォーク�ウォッ�ャー�スター��関係を解除�る�能性も�り��。
+settings.visibility.private.text=プライベート�変更�る����リ�ジトリ�許��れ�メン�ー���表示�れるよ���り�既存�フォーク�ウォッ�ャー�スター��関係�解除�れる�能性��り��。
 settings.visibility.private.bullet_title=<strong>プライベート�変更�る�:</strong>
-settings.visibility.private.bullet_one=リ�ジトリを許��れ�メン�ー���閲覧��るよ�����。
+settings.visibility.private.bullet_one=許��れ�メン�ー���リ�ジトリを表示���。
 settings.visibility.private.bullet_two=<strong>フォーク</strong>�<strong>ウォッ�ャー</strong>�<strong>スター</strong>��関係を解除�る�能性��り��。
 settings.visibility.public.button=公開�る
 settings.visibility.public.text=公開�変更�る��リ�ジトリを誰�も閲覧��るよ�����。
@@ -2575,11 +2610,11 @@ settings.lfs_invalid_locking_path=�正�パス: %s
 settings.lfs_invalid_lock_directory=ディレクトリ�ロック����ん: %s
 settings.lfs_lock_already_exists=���ロック�れ����: %s
 settings.lfs_lock=ロック
-settings.lfs_lock_path=ロック�るファイルパス...
+settings.lfs_lock_path=ロック�るファイルパス…
 settings.lfs_locks_no_locks=ロック��
 settings.lfs_lock_file_no_exist=ロック��ファイル�デフォルトブラン���り��ん
 settings.lfs_force_unlock=強制ロック解除
-settings.lfs_pointers.found=%d件�blob�インタ - 登録済 %d件�未登録 %d件 (実体ファイル�� %d件)
+settings.lfs_pointers.found=%d件�blob�インタ — 登録済 %d件�未登録 %d件 (実体ファイル�� %d件)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Repo内
@@ -2720,6 +2755,7 @@ branch.restore_success=ブラン� "%s" を復元����。
 branch.restore_failed=ブラン� "%s" �復元�失敗����。
 branch.protected_deletion_failed=ブラン� "%s" ��護�れ����。 削除����ん。
 branch.default_deletion_failed=ブラン� "%s" �デフォルトブラン���。 削除����ん。
+branch.default_branch_not_exist=デフォルトブラン� "%s" ��り��ん。
 branch.restore=ブラン� "%s" �復元
 branch.download=ブラン� "%s" をダウンロード
 branch.rename=ブラン�� "%s" を変更
@@ -2736,6 +2772,8 @@ branch.new_branch_from=`"%s" �ら新��ブラン�を作�`
 branch.renamed=ブラン� %s � %s �リ�ーム�れ���。
 branch.rename_default_or_protected_branch_error=デフォルトブラン�や�護ブラン��リ�ーム��能���管�者����。
 branch.rename_protected_branch_failed=��ブラン��globベース��護ルール�従���護�れ����。
+branch.commits_divergence_from=コミット�乖離: %[3]s より %[1]d 件�れ %[2]d 件先行
+branch.commits_no_divergence=%[1]s ブラン��一致
 
 tag.create_tag=タグ %s を作�
 tag.create_tag_operation=タグ�作�
@@ -2749,6 +2787,7 @@ topic.done=完了
 topic.count_prompt=�択��る��25トピック����。
 topic.format_prompt=トピック��英字���数字�始��ダッシュ('-')やドット('.')を��る�������。最大35文字����。文字��文字���れ��り��ん。
 
+find_file.follow_symlink=シンボリックリンク�指�示�先を開�
 find_file.go_to_file=ファイル�移動
 find_file.no_matching=一致�るファイル�見��り��ん
 
@@ -2758,7 +2797,7 @@ error.csv.invalid_field_count=ã�“ã�®ãƒ•ã‚¡ã‚¤ãƒ«ã�¯ %d 行目ã�®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã
 error.broken_git_hook=��リ�ジトリ�Gitフック�壊れ��るよ���。 <a target="_blank" rel="noreferrer" href="%s">ドキュメント</a>�従��修正����後�����コミットをプッシュ��状態を最新�������。
 
 [graphs]
-component_loading=%sを読�込�中...
+component_loading=%sを読�込�中…
 component_loading_failed=%sを読�込���ん���
 component_loading_info=少�時間���る�も�れ��ん…
 component_failed_to_load=予期���エラー�発生����。
@@ -2789,6 +2828,7 @@ team_permission_desc=権�
 team_unit_desc=リ�ジトリ�セクション��アクセスを許�
 team_unit_disabled=(無効)
 
+form.name_been_taken=組織� "%s" �既�使用�れ����。
 form.name_reserved=組織� "%s" �予約�れ����。
 form.name_pattern_not_allowed=`"%s" �形��組織��使用����ん。`
 form.create_org_not_allowed=組織を作��る権���り��ん。
@@ -2810,15 +2850,28 @@ settings.visibility.private_shortname=プライベート
 
 settings.update_settings=設定�更新
 settings.update_setting_success=組織�設定を更新����。
-settings.change_orgname_prompt=注�: 組織�を変更�る�組織�URLも変更�れ������解放�れ��。
-settings.change_orgname_redirect_prompt=�������使用�れ�����りリダイレクト���。
+
+settings.rename=組織��変更
+settings.rename_desc=組織�を変更�る�組織�URLも変更�れ������解放�れ��。
+settings.rename_success=組織 %[1]s �正常� %[2]s �改��れ���。
+settings.rename_no_change=組織��変更�れ��ん。
+settings.rename_new_org_name=新��組織�
+settings.rename_failed=内部エラー���組織�を変更����ん���
+settings.rename_notices_1=���作�<strong>元�戻���ん</strong> 。
+settings.rename_notices_2=�������使用�れる���リダイレクト���。
+
 settings.update_avatar_success=組織�ア�ターを更新����。
 settings.delete=組織を削除
 settings.delete_account=��組織を削除
 settings.delete_prompt=組織��久的�削除�れ��。 元�戻����<strong>����ん</strong>�
+settings.name_confirm=確����組織�を入力：
+settings.delete_notices_1=���作�<strong>元�戻���ん</strong> 。
+settings.delete_notices_2=���作�より�<strong>%s</strong>�����<strong>リ�ジトリ</strong>��久的�削除�れ��。 コード�イシュー�コメント�Wikiデータ�共�作業者�設定も��れ��。
+settings.delete_notices_3=���作�より�<strong>%s</strong>�����<strong>パッケージ</strong>��久的�削除�れ��。
+settings.delete_notices_4=���作�より�<strong>%s</strong>�����<strong>プロジェクト</strong>��久的�削除�れ��。
 settings.confirm_delete_account=削除を確�
-settings.delete_org_title=組織�削除
-settings.delete_org_desc=組織を�久的�削除���。 続行����？
+settings.delete_failed=内部エラー���組織を削除����ん���
+settings.delete_successful=組織�<b>%s</b>�削除��功����。
 settings.hooks_desc=��組織�<strong>����リ�ジトリ</strong>�トリガー�れるWebhookを追加���。
 
 settings.labels_desc=��組織�<strong>����リ�ジトリ</strong>�使用�能�イシューラベルを追加���。
@@ -2949,9 +3002,9 @@ dashboard.cron.finished=Cron: %[1]s �完了
 dashboard.delete_inactive_accounts=アクティベート�れ����アカウントを���削除
 dashboard.delete_inactive_accounts.started=アクティベート�れ����アカウントを���削除�るタスクを開始����。
 dashboard.delete_repo_archives=リ�ジトリ�アーカイブ (ZIP, TAR.GZ, etc..) を���削除
-dashboard.delete_repo_archives.started=リ�ジトリアーカイブを���削除�るタスクを開始����。
+dashboard.delete_repo_archives.started=リ�ジトリアーカイブを���削除�るタスクを開始����
 dashboard.delete_missing_repos=Gitファイル�存在���リ�ジトリを���削除
-dashboard.delete_missing_repos.started=Gitファイル�存在���リ�ジトリを���削除�るタスクを開始����。
+dashboard.delete_missing_repos.started=Gitファイル�存在���リ�ジトリを���削除�るタスクを開始����
 dashboard.delete_generated_repository_avatars=自動生���リ�ジトリア�ターを削除
 dashboard.sync_repo_branches=Gitデータ�らデータベース��足���るブラン�を�期
 dashboard.sync_repo_tags=Gitデータ�らデータベース�タグを�期
@@ -2964,7 +3017,7 @@ dashboard.update_migration_poster_id=移行�る投稿者ID�更新
 dashboard.git_gc_repos=����リ�ジトリ�ガベージコレクションを実行
 dashboard.resync_all_sshkeys='.ssh/authorized_keys' ファイルをGitea上�SSHキー�更新
 dashboard.resync_all_sshprincipals='.ssh/authorized_principals' ファイルをGitea上�SSHプリンシパル�更新
-dashboard.resync_all_hooks=����リ�ジトリ� pre-receive, update, post-receive フックを更新�る。
+dashboard.resync_all_hooks=����リ�ジトリ� pre-receive, update, post-receive フックを��期�る
 dashboard.reinit_missing_repos=レコード�存在�る�見当�ら������Gitリ�ジトリを��期化�る
 dashboard.sync_external_users=外部ユーザーデータ��期
 dashboard.cleanup_hook_task_table=hook_taskテーブル�クリーンアップ
@@ -3078,7 +3131,7 @@ emails.filter_sort.email=メールアドレス
 emails.filter_sort.email_reverse=メールアドレス (逆順)
 emails.filter_sort.name=ユーザー�
 emails.filter_sort.name_reverse=ユーザー� (逆順)
-emails.updated=メール設定を更新����
+emails.updated=メールアドレス設定を更新����
 emails.not_updated=メール設定�更新�失敗����: %v
 emails.duplicate_active=メールアドレス�別�ユーザー�既�使用中��。
 emails.change_email_header=メール設定�更新
@@ -3200,9 +3253,11 @@ auths.oauth2_required_claim_name_helper=ã�“ã�®Claimå��を設定ã�™ã‚‹ã�¨ã€�ã�“ã�
 auths.oauth2_required_claim_value=必須Claim値
 auths.oauth2_required_claim_value_helper=��値を設定�る����ソース�ら�ログインを�指定��Claim��Claim値を��ユーザー��定���。
 auths.oauth2_group_claim_name=��ソース�グループ�を�供�るClaim� (オプション)
-auths.oauth2_admin_group=管�者ユーザー�グループClaim値 (オプション - 上�Claim��必�)
-auths.oauth2_restricted_group=制�付�ユーザー�グループClaim値 (オプション - 上�Claim��必�)
-auths.oauth2_map_group_to_team=見����グループを組織��ーム�マップ (オプション - 上�Claim��必�)
+auths.oauth2_full_name_claim_name=フル�ーム�Claim�。 (オプション — 設定�る��ユーザー�フル�ーム�常���Claim��期���)
+auths.oauth2_ssh_public_key_claim_name=SSH公開��Claim�
+auths.oauth2_admin_group=管�者ユーザー�グループClaim値 (オプション — 上�Claim��必�)
+auths.oauth2_restricted_group=制�付�ユーザー�グループClaim値 (オプション — 上�Claim��必�)
+auths.oauth2_map_group_to_team=見����グループを組織��ーム�マップ (オプション — 上�Claim��必�)
 auths.oauth2_map_group_to_team_removal=対応�るグループ�ユーザー���れ��場���期���る�ーム�らユーザーを削除�る
 auths.enable_auto_register=自動登録を有効��る
 auths.sspi_auto_create_users=自動的�ユーザーを作�
@@ -3214,13 +3269,13 @@ auths.sspi_strip_domain_names_helper=ãƒ�ェックを入れるã�¨ã€�ログオンå
 auths.sspi_separator_replacement=\�/�@�代�り�使用�るセパレーター
 auths.sspi_separator_replacement_helper=ダウンレベルログオン��セパレーター (例. "DOMAIN\user" � \ ) やユーザープリンシパル��セパレーター (例. "user@example.org" � @ ) を置���る���使用�る文字��。
 auths.sspi_default_language=ユーザー�デフォルト�言語
-auths.sspi_default_language_helper=SSPI�証処��よ��自動的�作��れるユーザー�デフォルト�言語��。 言語を自動検出�る方�良�場��空����������。
+auths.sspi_default_language_helper=SSPI�証処��よ��自動的�作��れるユーザー�デフォルト�言語��。 言語を自動検出�る���良�場��空����������。
 auths.tips=ヒント
 auths.tips.oauth2.general=OAuth2�証
 auths.tips.oauth2.general.tip=新��OAuth2�証を登録�る����コール�ック/リダイレクトURL�以下��り��:
 auths.tip.oauth2_provider=OAuth2プロ�イダー
 auths.tip.bitbucket=新��OAuthコンシューマーを %s �ら登録��"アカウント" � "読��り" 権�を追加������。
-auths.tip.nextcloud=新��OAuthコンシューマーを�インスタンス�メニュー "Settings -> Security -> OAuth 2.0 client" �ら登録������。
+auths.tip.nextcloud=����インスタンス上�メニュー "Settings -> Security -> OAuth 2.0 client" を�択��新��OAuthコンシューマーを登録���
 auths.tip.dropbox=新��アプリケーションを %s �ら登録������。
 auths.tip.facebook=新��アプリケーションを %s �登録��"Facebook Login"を追加������。
 auths.tip.github=新��OAuthアプリケーションを %s �ら登録������。
@@ -3273,8 +3328,6 @@ config.ssh_domain=SSHサー�ー�ドメイン
 config.ssh_port=�ート
 config.ssh_listen_port=待��ート
 config.ssh_root_path=ルートパス
-config.ssh_key_test_path=キーテストパス
-config.ssh_keygen_path=キージェ�レータ('ssh-keygen')パス
 config.ssh_minimum_key_size_check=最�キー長��ェック
 config.ssh_minimum_key_sizes=最�キー長
 
@@ -3332,7 +3385,7 @@ config.mailer_sendmail_path=Sendmail�パス
 config.mailer_sendmail_args=Sendmail�追加引数
 config.mailer_sendmail_timeout=Sendmail �タイムアウト
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=Email (例 test@example.com)
+config.test_email_placeholder=メールアドレス (例 test@example.com)
 config.send_test_mail=テストメールを�信
 config.send_test_mail_submit=�信
 config.test_mail_failed=`"%s" ��テストメール�信�失敗����: %v`
@@ -3534,7 +3587,7 @@ error.no_committer_account=コミッターã�®ãƒ¡ãƒ¼ãƒ«ã‚¢ãƒ‰ãƒ¬ã‚¹ã�«å¯¾å¿œã�™ã‚
 error.no_gpg_keys_found=��署��対応�る既知�キー�データベース�存在���ん
 error.not_signed_commit=署��れ�コミット���り��ん
 error.failed_retrieval_gpg_keys=コミッター�アカウント�登録�れ�キーを�得����ん���
-error.probable_bad_signature=警告! ��ID�該当�る��データベース��り����コミット�検証�通り��ん! �れ�疑���コミット��。
+error.probable_bad_signature=警告! ��ID���データベース�登録�れ����������コミット�検証�通り��ん! �れ�疑���コミット��。
 error.probable_bad_default_signature=警告! �れ�デフォルト��ID����デフォルト���コミット�検証�通り��ん! �れ�疑���コミット��。
 
 [units]
@@ -3624,7 +3677,7 @@ go.install=コマンドライン�パッケージをインストール:
 helm.registry=��レジストリをコマンドライン�らセットアップ���:
 helm.install=パッケージをインストール�る���次�コマンドを実行���:
 maven.registry=����プロジェクト� <code>pom.xml</code> ファイル����レジストリをセットアップ���:
-maven.install=パッケージを使用�る�� <code>pom.xml</code> ファイル内� <code>dependencies</code> ブロック�以下を����:
+maven.install=パッケージを使用�る��� <code>pom.xml</code> ファイル内� <code>dependencies</code> ブロック�以下を����:
 maven.install2=コマンドライン�実行���:
 maven.download=�存関係をダウンロード�る���コマンドライン��れを実行���:
 nuget.registry=��レジストリをコマンドライン�らセットアップ���:
@@ -3707,13 +3760,18 @@ owner.settings.chef.keypair.description=Chefレジストリ��証��キー
 secrets=シークレット
 description=シークレット�特定�Actions�渡�れ��。 �れ以外�読�出�れる����り��ん。
 none=シークレット����り��ん。
-creation=シークレットを追加
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=説明
 creation.name_placeholder=大文字�文字�区別���英数字�アンダースコア���GITEA_ や GITHUB_ �始�るも����
 creation.value_placeholder=内容を入力������。�後�空白�除去�れ��。
 creation.description_placeholder=簡��説明を入力������。 (オプション)
-creation.success=シークレット "%s" を追加����。
-creation.failed=シークレット�追加�失敗����。
+
+save_success=シークレット "%s" を�存����。
+save_failed=シークレット��存�失敗����。
+
+add_secret=シークレットを追加
+edit_secret=シークレットを編集
 deletion=シークレット�削除
 deletion.description=シークレット�削除��久的�元�戻��������ん。 続行����？
 deletion.success=シークレットを削除����。
@@ -3791,6 +3849,11 @@ runs.no_workflows.documentation=Gitea Actions �詳細������<a targ
 runs.no_runs=ワークフロー���実行�れ����ん。
 runs.empty_commit_message=(空�コミットメッセージ)
 runs.expire_log_message=ログ����る��消去�れ����。
+runs.delete=ワークフロー�実行を削除
+runs.cancel=ワークフロー�実行をキャンセル
+runs.delete.description=��ワークフローを完全�削除��もよ������？���作�元�戻���ん。
+runs.not_done=��ワークフロー�実行�完了�����ん。
+runs.view_workflow_file=ワークフローファイルを表示
 
 workflow.disable=ワークフローを無効��る
 workflow.disable_success=ワークフロー '%s' �無効��り���。
@@ -3830,6 +3893,8 @@ deleted.display_name=削除�れ�プロジェクト
 type-1.display_name=個人プロジェクト
 type-2.display_name=リ�ジトリ プロジェクト
 type-3.display_name=組織プロジェクト
+enter_fullscreen=フルスクリーン
+exit_fullscreen=フルスクリーンを終了
 
 [git.filemode]
 changed_filemode=%[1]s → %[2]s
diff --git a/options/locale/locale_ko-KR.ini b/options/locale/locale_ko-KR.ini
index 697371c2c9..e010d17331 100644
--- a/options/locale/locale_ko-KR.ini
+++ b/options/locale/locale_ko-KR.ini
@@ -125,9 +125,6 @@ sqlite_helper=SQLite3 ��터베�스� 대한 파� 경로입니다.<br>Gi
 err_empty_db_path=SQLite3 ��터베�스 경로는 필수 입력 값입니다.
 no_admin_and_disable_registration=관리� 계정� 만들지 않고 등�� 비활성화할 수 없습니다.
 err_empty_admin_password=관리� 비밀번호는 비어 있� 수 없습니다.
-err_empty_admin_email=관리� �메�� 비어 있� 수 없습니다.
-err_admin_name_is_reserved=관리� 사용� �름� 올바르지 않습니다, 제한� 사용� �름입니다
-err_admin_name_is_invalid=관리� 사용� �름� 올바르지 않습니다
 
 general_title=기본설정
 app_name=사�트 제목
@@ -140,7 +137,6 @@ run_user=실행 사용�명
 ssh_port=SSH 서버 �트
 ssh_port_helper=SSH 서버가 실행�고 있는 �트를 입력하세요. 비워둘 경우 SSH를 사용하지 않습니다.
 http_port=Gitea HTTP 수신 �트
-http_port_helper=Gitea 웹서버가 수신할 �트 번호
 app_url=Gitea 기본 URL
 app_url_helper=HTTP(S) clone URL � �메� 알림 기본 주소
 log_root_path=로그 경로
@@ -230,7 +226,6 @@ allow_password_change=사용��게 비밀번호 변경� 요청 (권장�)
 reset_password_mail_sent_prompt=확� 메�� <b>%s</b>로 전송�었습니다. 받� 편지함으로 �착한 메�� %s 안� 확�해서 비밀번호 찾기 절차를 완료하십시오.
 active_your_account=계정 활성화
 account_activated=계정� 활성화 �었습니다
-prohibit_login=로그�� 금지�
 resent_limit_prompt=활성화를 위한 �메�� �미 전송했습니다. 3분 내로 �메�� 받지 못한 경우 재시�해주세요.
 has_unconfirmed_mail=안녕하세요 %s, �메� 주소(<b>%s</b>)가 확��지 않았습니다. 확� 메�� 받으시지 못하겼거나 새로운 확� 메�� 필요하다면, 아래 버튼� �릭해 재발송하실 수 있습니다.
 resend_mail=여기를 눌러 확� 메� 재전송
@@ -416,7 +411,6 @@ activated=활성화�
 primary_email=프��머리로 만들기
 delete_email=삭제
 email_deletion=�메� 주소 삭제
-email_deletion_desc=계정� �메� 주소와 관련� 정보가 삭제�니다. �메� 주소로 �미 커밋� 내용들� 바뀌지 않고 남아있게 �니다. 계� 진행하시겠습니까?
 email_deletion_success=�메� 주소가 삭제�었습니다.
 theme_update_success=테마가 갱신�었습니다.
 theme_update_error=선�한 테마가 존재하지 않습니다.
@@ -497,7 +491,6 @@ revoke_oauth2_grant=접근 권한 제거
 twofa_is_enrolled=귀하� 계정� 현재 2단계 ��� <strong>등�</strong>�어 있습니다.
 twofa_not_enrolled=귀하� 계정� 현재 2단계 ��� 등��어 있지 않습니다.
 twofa_disable=2단계 �� 해제
-twofa_enroll=2단계 ��� 등�하기
 twofa_disable_note=필요한 경우 2단계 ��� 해제할 수 있습니다.
 twofa_disable_desc=2단계 ��� 해제하면 귀하� 계정� 보안� 취약해질 것 입니다. 계�하시겠습니까?
 twofa_disabled=2단계 ��� 해제�었습니다.
@@ -510,7 +503,6 @@ twofa_enrolled=당신ì�˜ 계정ì—� 2단계 ì�¸ì¦�ì�´ 설정ë�˜ì—ˆìŠµë‹ˆë‹¤. 스í
 
 manage_account_links=연결� 계정 관리
 manage_account_links_desc=Gitea 계정� 연결� 외부 계정입니다.
-account_links_not_available=현재 Gitea 계정� 연결� 외부 계정� 없습니다.
 link_account=계정 연결
 remove_account_link=연결� 계정 제거
 remove_account_link_desc=해당 계정� 연결해제 하는 경우 Gitea 계정� 대한 접근 권한� 사�지게 �니다. 계�하시겠습니까?
@@ -601,7 +593,6 @@ quick_guide=퀵 가�드
 clone_this_repo=� 저장소 복제
 create_new_repo_command=커맨드 ���서 새 레�리지터리 �성
 push_exist_repo=커맨드���서 기존 레�지터리 푸시
-empty_message=� 저장소는 아무런 내용� 가지고 있지 않습니다.
 
 code=코드
 code.desc=소스 코드 접근, 파�, 커밋 그리고 브랜치
@@ -626,7 +617,6 @@ file_too_large=보여주기�는 파�� 너무 �니다.
 
 video_not_supported_in_browser=당신� 브�우저가 HTML5 'video' 태그를 지�하지 않습니다.
 audio_not_supported_in_browser=당신� 브�우저가 HTML5 'audio' 태그를 지�하지 않습니다.
-stored_lfs=Git LFS� 저장�어 있습니다
 commit_graph=커밋 그래프
 
 editor.new_file=새 파�
@@ -649,6 +639,7 @@ editor.filename_cannot_be_empty=파�명� 빈칸입니다.
 editor.no_changes_to_show=표시할 변경사항� 없습니다.
 editor.add_subdir=경로 추가...
 
+
 commits.desc=소스 코드 변경 내역 �색
 commits.commits=커밋
 commits.search_all=모든 브랜치
@@ -707,7 +698,6 @@ issues.filter_label=레�블
 issues.filter_label_no_select=모든 레�블
 issues.filter_milestone=마�스톤
 issues.filter_assignee=담당�
-issues.filter_assginee_no_assignee=담당� 없�
 issues.filter_type=유형
 issues.filter_type.all_issues=모든 �슈
 issues.filter_type.assigned_to_you=나�게 할당�
@@ -716,7 +706,6 @@ issues.filter_type.mentioning_you=나를 언급함
 issues.filter_sort=ì •ë ¬
 issues.filter_sort.latest=최신
 issues.filter_sort.oldest=오래�
-issues.filter_sort.recentupdate=최근 업��트
 issues.filter_sort.leastupdate=가장 최근� 업��트
 issues.filter_sort.mostcomment=가장 많� 코멘트
 issues.filter_sort.leastcomment=가장 �� 코멘트
@@ -932,7 +921,6 @@ activity.published_release_label=배��
 contributors.contribution_type.commits=커밋
 
 settings=설정
-settings.desc=설정� 저장소 설정� 관리할 수 있습니다.
 settings.options=저장소
 settings.collaboration=공�작업�
 settings.collaboration.admin=관리�
@@ -994,8 +982,6 @@ settings.teams=팀
 settings.add_webhook=Webhook 추가
 settings.webhook_deletion=Webhook 삭제
 settings.webhook_deletion_success=Webhook� 삭제했습니다.
-settings.webhook.test_delivery=전달 시험
-settings.webhook.test_delivery_desc=� 웹훅� 가� �벤트로 테스트
 settings.webhook.request=요청
 settings.webhook.response=�답
 settings.webhook.headers=제목
@@ -1153,12 +1139,12 @@ settings.visibility.private_shortname=비공개
 
 settings.update_settings=설정 업��트
 settings.update_setting_success=조� 설정� 변경�었습니다.
+
+
 settings.update_avatar_success=조�� 아바타가 갱신�었습니다.
 settings.delete=조� 삭제
 settings.delete_account=� 조�� 삭제합니다.
 settings.confirm_delete_account=삭제 승�
-settings.delete_org_title=조� 삭제
-settings.delete_org_desc=� 조�� �구히 삭제�니다. 계� 하시겠습니까?
 
 
 members.membership_visibility=회� 표시:
@@ -1212,7 +1198,6 @@ dashboard.system_status=시스템 �태
 dashboard.operation_name=작업 명
 dashboard.operation_switch=스위치
 dashboard.operation_run=실행
-dashboard.git_gc_repos=모든 저장소 가비지 콜렉트
 dashboard.sync_external_users=외부 사용� ��터 �기화
 dashboard.server_uptime=서버를 켠 시간
 dashboard.current_goroutine=현재 Go루틴
@@ -1253,7 +1238,6 @@ users.admin=관리�
 users.repos=저장소
 users.created=작성�
 users.last_login=마지막 로그�
-users.never_login=로그� 한 �� 없습니다.
 users.send_register_notify=사용� 등� 알림 전송
 users.edit=수정하기
 users.auth_source=�� 소스
@@ -1276,6 +1260,7 @@ users.list_status_filter.is_active=사용
 users.list_status_filter.is_admin=관리�
 
 emails.activated=활성화�
+emails.filter_sort.name=사용�명
 
 orgs.org_manage_panel=조� 관리
 orgs.name=�름
@@ -1373,8 +1358,6 @@ config.ssh_start_builtin_server=빌트-� 서버 사용
 config.ssh_port=�트
 config.ssh_listen_port=수신 대기 �트
 config.ssh_root_path=최�위 경로
-config.ssh_key_test_path=주 테스트 경로
-config.ssh_keygen_path=키 �성 ('ssh-keygen') 경로
 config.ssh_minimum_key_size_check=최소 키 사�즈 검사
 config.ssh_minimum_key_sizes=최소 키 사�즈
 
@@ -1546,8 +1529,12 @@ conan.details.repository=저장소
 owner.settings.cleanuprules.enabled=활성화�
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=설명
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_lv-LV.ini b/options/locale/locale_lv-LV.ini
index 4439537fd7..3328a6f759 100644
--- a/options/locale/locale_lv-LV.ini
+++ b/options/locale/locale_lv-LV.ini
@@ -44,7 +44,6 @@ webauthn_use_twofa=Izmantot divfaktoru kodu no t�lruņa
 webauthn_error=Nevar nolasīt drošības atslēgu.
 webauthn_unsupported_browser=Jūsu p�rlūks neatbalsta WebAuthn standartu.
 webauthn_error_unknown=Notikusi nezin�ma kļūda. Atk�rtojiet darbību vēlreiz.
-webauthn_error_insecure=`WebAuthn atbalsta tikai drošus savienojumus. P�rbaudīšanai ar HTTP var izmantot izcelsmi "localhost" vai "127.0.0.1"`
 webauthn_error_unable_to_process=Serveris nevarēja apstr�d�t pieprasījumu.
 webauthn_error_duplicated=Drošības atslēga nav atļauta šim pieprasījumam. P�rliecinieties, ka šī atslēga jau nav reģistrēta.
 webauthn_error_empty=J�nor�da šīs atslēgas nosaukums.
@@ -184,8 +183,6 @@ buttons.enable_monospace_font=Izmantot vien�da izmēra fontu
 buttons.disable_monospace_font=Neizmantot vien�da izmēra fontu
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Radusies kļūda
@@ -218,16 +215,10 @@ path=Ceļš
 sqlite_helper=Faila ceļš SQLite3 datub�zei.<br>Ievadiet absolūto ceļu, ja Gitea tiek startēts k� serviss.
 reinstall_error=Nevar instalēt datub�zē, kura jau satur Gitea datus
 reinstall_confirm_message=Veicot Gitea datub�zēs atk�rtotu instalēšanu, tas var izraisīt vair�kas problēmas. Būtu j�izmanto esošais "app.ini", lai palaistu Gitea. Apstipriniet, ja patieš�m vēlaties to darīt:
-reinstall_confirm_check_1=Dati, kas šifrēti ar SECRET_KEY atslēgu, kas ir nor�dīta app.ini fail�, var tikt pazaudēti: lietotaji nev�rēs autorizēties ar divfaktoru autoriz�ciju, k� arī spoguļi var p�rst�t darboties. Atzīmējot šo pazīmi, apstipriniet, ka pašreizējais app.ini fails satur korektu SECRET_KEY vērtību.
-reinstall_confirm_check_2=Repozitorijus un iestatījumus iespējams nepieciešams p�rsinhronizēt. Atzīmējot, apstipriniet, ka vēlaties p�rsinhronizēt repozitorija �ķus un authorized_keys failu. P�rliecinieties, ka repozitorija un spoguļošanas iestatījumi ir pareizi.
 reinstall_confirm_check_3=Apstiprinat, ka esat p�rliecin�ts, ka Gitea izmanto pareizu app.ini faila atrašan�s vietu un patieš�m vēlaties veikt atk�rtotu instal�ciju, t�pat apstiprinat, ka tas var radīt augst�k minēt�s problēmas.
 err_empty_db_path=Nav nor�dīts SQLite3 datu b�zes ceļš.
 no_admin_and_disable_registration=Reģistr�ciju nevar atslēgt, kamēr nav izveidots administratora konts.
 err_empty_admin_password=Administratora kontam ir oblig�ti j�nor�da parole.
-err_empty_admin_email=Administratora e-pasta adrese nevar būt tukša.
-err_admin_name_is_reserved=Administratora lietot�jv�rds nav korekts, š�ds lietot�jv�rds ir rezervēts
-err_admin_name_pattern_not_allowed=Administratora lietot�jv�rds nav korekts, š�ds lietot�jv�rds nav atļauts
-err_admin_name_is_invalid=Administratora lietot�ja nav korekts
 
 general_title=Visp�rīgie iestatījumi
 app_name=Vietnes nosaukums
@@ -243,7 +234,6 @@ domain_helper=Domēns vai servera adrese.
 ssh_port=SSH servera ports
 ssh_port_helper=Porta numurs, kuru SSH serveris klausīsies. Atst�jiet tukšu, lai atspējotu.
 http_port=Gitea HTTP klausīšan�s ports
-http_port_helper=Porta numurs, kuru Gitea tīmekļa serveris klausīsies.
 app_url=Gitea pamata URL
 app_url_helper=Pamata adrese HTTP(S) klonēšanas URL un e-pastu paziņojumiem.
 log_root_path=Žurnalizēšanas ceļš
@@ -306,7 +296,6 @@ no_reply_address=Neatbildēt e-pasta adreses domēns
 no_reply_address_helper=Domēns lietot�ja e-pasta adresei git žurn�los, ja lietot�js izvēlas paturēt savu e-pasta adresi priv�tu. Piemēram, ja lietot�js ir 'janis' un domēns 'neatbildet.piemers.lv', tad e-pasta adrese būs 'janis@neatbildet.piemers.lv'.
 password_algorithm=Paroles jaucējsummas algoritms
 invalid_password_algorithm=Kļūdaina paroles jaucējfunkcija
-password_algorithm_helper=Nor�diet paroles jaucējalgoritmu. Algoritmi atšķir�s pēc prasīb�m pret resursiem un stipruma. Argon2 algoritms ir drošs, bet tam nepieciešams daudz operatīv�s atmiņas, līdz ar ko tas var nebūt piemērots sistēm�m ar maz pieejamajiem resursiem.
 enable_update_checker=Iespējot jaunu versiju paziņojumus
 enable_update_checker_helper=Periodiski p�rbaudīt jaunu version pieejamību, izgūstot datus no gitea.io.
 env_config_keys=Vides konfigur�cija
@@ -364,8 +353,6 @@ allow_password_change=Pieprasīt lietot�jam mainīt paroli (ieteicams)
 reset_password_mail_sent_prompt=Apstiprin�šanas e-pasts tika nosūtīts uz <b>%s</b>. P�rbaudiet savu e-pasta kontu tuv�ko %s laik�, lai pabeigtu paroles atjaunošanas procesu.
 active_your_account=Aktivizēt savu kontu
 account_activated=Konts ir aktivizēts
-prohibit_login=Pieteikšan�s liegta
-prohibit_login_desc=Jūsu konts ir bloķēts, sazinieties ar sistēmas administratoru.
 resent_limit_prompt=Jūs pieprasīj�t aktiviz�cijas e-pastu p�r�k bieži. Lūdzu, uzgaidiet 3 minūtes un mēģiniet vēlreiz.
 has_unconfirmed_mail=Sveiki %s, Jums ir neapstiprin�ta e-pasta adrese (<b>%s</b>). Ja neesat saņēmis apstiprin�šanas e-pastu vai Jums ir nepieciešams nosūtīt jaunu, lūdzu, nospiediet pogu, kas atrodas zem�k.
 resend_mail=Nospiediet šeit, lai vēlreiz nosūtītu aktiviz�cijas e-pastu
@@ -401,16 +388,12 @@ openid_connect_desc=IzvÄ“lÄ“tais OpenID konts sistÄ“mÄ� netika atpazÄ«ts, bet JÅ
 openid_register_title=Izveidot jaunu kontu
 openid_register_desc=Izvēlētais OpenID konts sistēm� netika atpazīts, bet Jūs to varat piesaistīt esošam kontam.
 openid_signin_desc=J�ievada OpenID URI. Piemēram, anna.openid.example.org vai https://openid.example.org/anna.
-disable_forgot_password_mail=Konta atjaunošana ir atspējota, jo nav uzst�dīti e-pasta servera iestatījumi. Sazinieties ar lapas administratoru.
-disable_forgot_password_mail_admin=Kontu atjaunošana ir pieejama tikai, ja ir veikta e-pasta servera iestatījumu konfigurēšana. Nor�diet e-pasta servera iestatījumus, lai iespējotu kontu atjaunošanu.
 email_domain_blacklisted=Nav atļauts reģistrēties ar š�du e-pasta adresi.
 authorize_application=Autorizēt lietotni
 authorize_redirect_notice=Jūs tiksiet nosūtīts uz %s, ja autorizēsiet šo lietotni.
 authorize_application_created_by=Å o lietotni izveidoja %s.
-authorize_application_description=Ja piešķirsiet tiesības, t� varēs piekļūt un mainīt Jūsu konta inform�ciju, ieskaitot priv�tos repozitorijus un organiz�cijas.
 authorize_title=Autorizēt "%s" piekļuvi jūsu kontam?
 authorization_failed=Autoriz�cija neizdev�s
-authorization_failed_desc=Autentifik�cija neizdev�s, jo tika veikts kļūdains pieprasījums. Sazinieties ar lietojumprogrammas, ar kuru mēģin�j�t autentificēties, uzturēt�ju.
 sspi_auth_failed=SSPI autentifik�cija neizdev�s
 password_pwned_err=Neizdev�s pabeigt pieprasījumu uz HaveIBeenPwned
 
@@ -430,8 +413,6 @@ activate_email.title=%s, apstipriniet savu e-pasta adresi
 activate_email.text=Nospiediet uz saites, lai apstiprin�tu savu e-pasta adresi lap� <b>%s</b>:
 
 register_notify.title=%[1]s, esat reģistrējies %[2]s
-register_notify.text_1=šis ir reģistr�cijas apstiprin�juma e-pasts lapai %s!
-register_notify.text_2=Tagad varat autorizēties ar lietot�ja v�rdu: %s.
 register_notify.text_3=Ja šis konts Jums tika izveidots, tad oblig�ti <a href="%s">nomainiet citu paroli</a>.
 
 reset_password=Atgūt kontu
@@ -469,7 +450,6 @@ release.download.targz=Izejas kods (TAR.GZ)
 repo.transfer.subject_to=%s vēlas p�rsūtīt repozitoriju "%s" organiz�cijai %s
 repo.transfer.subject_to_you=`%s vēlas Jums p�rsūtīt repozitoriju "%s"`
 repo.transfer.to_you=Jums
-repo.transfer.body=Ja vēlaties to noraidīt vai apstiprin�t, tad apmeklējiet saiti %s.
 
 repo.collaborator.added.subject=%s pievienoja JÅ«s repozitorijam %s
 repo.collaborator.added.text=Jūs tik�t pievienots k� līdzstr�dnieks repozitorijam:
@@ -521,7 +501,6 @@ url_error=`"%s" nav korekts URL.`
 include_error=` ir j�satur tekstu "%s".`
 glob_pattern_error=` glob Å¡ablons nav korekts: %s.`
 regex_pattern_error=` regul�r� izteiksme nav korekta: %s.`
-username_error=` drīkst saturēt tikai burtus un ciparus ('0-9','a-z','A-Z'), domuzīme ('-'), apakšsvītra ('_') un punkts ('.'). Nevar s�kties vai beigties ar simbolu, kas nav burts vai skaitlis, k� arī nevar būt vair�ki simboli pēc k�rtas, kas nav burti vai skaitļi.`
 invalid_group_team_map_error=` sasaiste nav korekta: %s`
 unknown_error=Nezin�ma kļūda:
 captcha_incorrect=Ievadīts nepareizs drošības kods.
@@ -534,11 +513,9 @@ username_has_not_been_changed=Lietot�jv�rds netika mainīts
 repo_name_been_taken=Jau eksistē repozitorijs ar š�du nosaukumu.
 repository_force_private=Ir ieslēgts piespiedu priv�tais režīms: repozitorijus nav iespējams padarīt publiskus.
 repository_files_already_exist=Šī repozitorija faili jau eksistē, sazinieties ar sistēmas administratoru.
-repository_files_already_exist.adopt=Šī repozitorija faili jau eksistē un var tikt tikai p�rņemti.
 repository_files_already_exist.delete=Šī repozitorija faili jau eksistē, nepieciešams tos dzēst.
 repository_files_already_exist.adopt_or_delete=Šī repozitorija faili jau eksistē, tie ir j�p�rņem vai j�dzēš.
 visit_rate_limit=Att�lin�t� piekļuve ir ierobežota ar �truma ierobežot�ju.
-2fa_auth_required=Att�lin�tai piekļuvei ir nepieciešama divu faktoru autentifik�cija.
 org_name_been_taken=Organiz�cijas nosaukums jau ir aizņemts.
 team_name_been_taken=Komandas nosaukums jau ir aizņemts.
 team_no_units_error=Komandai ir j�būt iespējotai vismaz vienai sadaļai.
@@ -566,14 +543,8 @@ invalid_ssh_key=Nav iespējams p�rbaudīt SSH atslēgu: %s
 invalid_gpg_key=Nav iespējams p�rbaudīt GPG atslēgu: %s
 invalid_ssh_principal=Kļūdaina identit�te: %s
 must_use_public_key=Atslēga, ko nor�dīj�t ir priv�t� atslēga. Nekad nenodotiet savu priv�tu atslēgu nevienam. Izmantojiet publisko atslēgu.
-unable_verify_ssh_key=SSH atslēgu nav iespējams p�rbaudīt, p�rliecinieties, ka taj� nav kļūdu.
 auth_failed=Autentifik�cija neizdev�s: %v
 
-still_own_repo=Šis konts ir vismaz viena repozitorija īpašnieks, tos s�kum� ir nepieciešams izdzēst vai mainīt to īpašnieku.
-still_has_org=Jūsu konts ir piesaistīts vismaz vienai organiz�cijai, s�kum� nepieciešams to pamest.
-still_own_packages=Jūsu kontam pieder viena vai vair�kas pakotnes, t�s nepieciešams izdzēst.
-org_still_own_repo=Organiz�cijai pieder repozitoriji, tos s�kum� ir nepieciešams izdzēst vai mainīt to īpašnieku.
-org_still_own_packages=Šai organiz�cijai pieder viena vai v�r�kas pakotnes, t�s nepieciešams izdzēst.
 
 target_branch_not_exist=Mērķa atzars neeksistē
 
@@ -602,7 +573,6 @@ settings=Lietot�ja iestatījumi
 
 form.name_reserved=Lietot�jv�rdu "%s" nedrīkst izmantot.
 form.name_pattern_not_allowed=Lietot�jv�rds "%s" nav atļauts.
-form.name_chars_not_allowed=Lietot�ja v�rds "%s" satur neatļautus simbolus.
 
 
 [settings]
@@ -625,7 +595,6 @@ uid=UID
 public_profile=Publiskais profils
 biography_placeholder=Past�sti mums mazliet par sevi! (Var izmantot Markdown)
 location_placeholder=Kopīgot savu aptuveno atrašan�s vietu ar citiem
-profile_desc=Nor�dīt, k� profils tiek attēlots citiem lietot�jiem. Prim�r� e-pasta adrese tiks izmantota paziņojumiem, paroles atjaunošanai un Git tīmekļa darbīb�m.
 full_name=Pilns v�rds
 website=M�jas lapa
 location=Atrašan�s vieta
@@ -643,7 +612,6 @@ cancel=Atcelt
 language=Valoda
 ui=Motīvs
 hidden_comment_types=Attēlojot paslēpt šauds koment�rus:
-hidden_comment_types_description=Koment�ru veidi, kas atzīmēti, netiks r�dīti problēmu lap�. Piemēram, atzīmējot "Iezīmes" netiks r�dīti koment�ri "{lietot�js} pievienoja/noņēma {iezīme} iezīmi".
 hidden_comment_types.ref_tooltip=Koment�ri, kad problēmai tiek pievienota atsauce uz citu probēmu, koment�ru, …
 hidden_comment_types.issue_ref_tooltip=Koment�ri par lietot�ja izmaiņ�m ar problēmas saistīto atzaru/tagu
 comment_type_group_reference=Atsauces
@@ -696,10 +664,8 @@ requires_activation=Nepieciešams aktivizēt
 primary_email=Uzst�dīt k� prim�ro
 activate_email=Nosūtīt aktiviz�cijas e-pastu
 activations_pending=Gaida aktiviz�ciju
-can_not_add_email_activations_pending=Ir nepabeigta aktiviz�cija. Pēc daž�m minūtēm mēģiniet vēlreiz, ja ir vēlme pievienot jaunu e-pasta adresi.
 delete_email=Noņemt
 email_deletion=Dzēst e-pasta adresi
-email_deletion_desc=E-pasta adrese un ar to saistīt� inform�cija tiks dzēsta no šī konta. Git revīzijas ar šo e-pasta adresi netiks mainītas. Vai turpin�t?
 email_deletion_success=E-pasta adrese ir veiksmīgi izdzēsta.
 theme_update_success=Jūsu motīvs tika nomainīts.
 theme_update_error=Izvēlētais motīvs neeksistē.
@@ -742,7 +708,6 @@ gpg_key_matched_identities_long=Iegult�s identit�tes š�j� atslēg� atbilst
 gpg_key_verified=P�rbaudīt� atslēga
 gpg_key_verified_long=Atslēga tika apliecin�ta ar pilnvaru un var tikt izmantota, lai p�rbaudītu revīzijas, kas atbilst jebkurai apstiprin�tai e-pasta adresei šim lietot�jam papildus šīs atslēgas atbilstošaj�m identit�tēm.
 gpg_key_verify=P�rbaudīt
-gpg_invalid_token_signature=Nor�dīt� GPG atslēga, paraksts un pilnvara neatbilst vai tai ir beidzies derīguma termiņš.
 gpg_token_required=J�nor�da paraksts zem�k esošajai pilnvarai
 gpg_token=Pilnvara
 gpg_token_help=Parakstu ir iespējams uzģenerēt izmantojot komandu:
@@ -752,7 +717,6 @@ verify_gpg_key_success=GPG atslēga "%s" veiksmīgi p�rbaudīta.
 ssh_key_verified=P�rbaudīta atslēga
 ssh_key_verified_long=Atslēga tika apliecin�ta ar parakstītu pilnvaru un var tikt izmantota, lai p�rbaudītu revīzijas, kas atbilst jebkurai apstiprin�tai lietot�ja e-pasta adresei.
 ssh_key_verify=P�rbaudīt
-ssh_invalid_token_signature=Nor�dīt� SSH atslēga, paraksts un pilnvara neatbilst vai tai ir beidzies derīguma termiņš.
 ssh_token_required=J�nor�da paraksts zem�k esošajai pilnvarai
 ssh_token=Pilnvara
 ssh_token_help=Parakstu ir iespējams uzģenerēt izmantojot komandu:
@@ -773,7 +737,6 @@ gpg_key_deletion=Noņemt GPG atslēgu
 ssh_principal_deletion=Noņemt SSH sertifik�ta identit�ti
 ssh_key_deletion_desc=Dzēšot šo SSH atslēgu, ar to vairs nebūs iespējams autorizēties Jūsu kont�. Vai turpin�t?
 gpg_key_deletion_desc=Noņemot GPG atslēgu, ar to parakstīt�s revīzijas vairs netiks attēlotas k� verificētas. Vai turpin�t?
-ssh_principal_deletion_desc=Noņemot SSH sertifik�ta identit�ti, ar to vairs nebūs iespējams piekļūt šim kontam. Vai turpin�t?
 ssh_key_deletion_success=SSH atslēga tika izdzēsta.
 gpg_key_deletion_success=GPG atslēga tika izdzēsta.
 ssh_principal_deletion_success=Identit�te tika noņemta.
@@ -831,7 +794,6 @@ create_oauth2_application_button=Izveidot lietotni
 create_oauth2_application_success=Ir veiksmīgi izveidota jauna OAuth2 lietotne.
 update_oauth2_application_success=Ir veiksmīgi atjaunota OAuth2 lietotne.
 oauth2_application_name=Lietotnes nosaukums
-oauth2_confidential_client=Konfidenci�ls klients. Nor�diet lietotēm, kas glab� noslēpumu slepenīb�, piemēram, tīmekļa lietotnēm. Nenor�diet instalējam�m lietotnēm, tai skait� darbavirsmas vai mobilaj�m lietotnēm.
 oauth2_redirect_uris=P�rsūtīšanas URI. Nor�diet katru URI sav� rind�.
 save_application=Saglab�t
 oauth2_client_id=Klienta ID
@@ -845,10 +807,8 @@ oauth2_application_remove_description=OAuth2 lietotnes noņemšana liegs tai pie
 oauth2_application_locked=Gitea s�knēšanas brīdī reģistrē dažas OAuth2 lietotnes, ja tas ir iespējots konfigur�cij�. Lai novērstu negaidītu uzvedību, t�s nevar ne labot, ne noņemt. Lūgums vērsties OAuth2 dokument�cij� pēc vair�k inform�cijas.
 
 authorized_oauth2_applications=Autorizēt�s OAuth2 lietotnes
-authorized_oauth2_applications_description=Ir ļauta piekļuve savam Gitea kontam šīm trešo pušu lietotnēm. Lūgums atsaukt piekļuvi lietotnēm, kas vairs nav nepieciešamas.
 revoke_key=Atsaukt
 revoke_oauth2_grant=Atsaukt piekļuvi
-revoke_oauth2_grant_description=Atsaucot piekļuvi šai trešas puses lietotnei tiks liegta piekļuve Jūsu datiem. Vai turpin�t?
 revoke_oauth2_grant_success=Piekļuve veiksmīgi atsaukta.
 
 twofa_recovery_tip=Ja ierīce tiek pazaudēta, iespējams izmantot vienreiz izmantojamo atkopšanas atslēgu, lai atgūtu piekļuvi savam kontam.
@@ -856,7 +816,6 @@ twofa_is_enrolled=Kontam ir <strong>ieslēgta</strong> divfaktoru autentifik�ci
 twofa_not_enrolled=Kontam šobrīd nav ieslēgta divfaktoru autentifik�cija.
 twofa_disable=Atslēgt divfaktoru autentifik�ciju
 twofa_scratch_token_regenerated=Vienreizēj� pilnvara tagad ir %s. T� ir j�glab� droš� viet�, t� vairs nekad netiks r�dīta.
-twofa_enroll=Ieslēgt divfaktoru autentifik�ciju
 twofa_disable_note=Nepieciešamības gadījum� divfaktoru autentifik�ciju ir iespējams atslēgt.
 twofa_disable_desc=Atslēdzot divfaktoru autentifik�ciju, konts vairs nebūs tik drošs. Vai turpin�t?
 regenerate_scratch_token_desc=Ja esat aizmirsis vienreizējo kodu vai esat to jau izmantojis, lai pieteiktos, atjaunojiet to šeit.
@@ -870,13 +829,11 @@ twofa_failed_get_secret=Neizdev�s iel�dēt noslēpumu.
 webauthn_register_key=Pievienot drošības atslēgu
 webauthn_nickname=Segv�rds
 webauthn_delete_key=Noņemt drošības atslēgu
-webauthn_delete_key_desc=Noņemot drošības atslēgu ar to vairs nebūs iespējams pieteikties. Vai turpin�t?
 webauthn_key_loss_warning=Ja tiek pazaudētas drošības atslēgas, tiks zaudēta piekļuve kontam.
 webauthn_alternative_tip=Ir vēlams uzst�dīt papildu autentifik�cijas veidu.
 
 manage_account_links=P�rvaldīt saistītos kontus
 manage_account_links_desc=Š�di �rējie konti ir piesaistīti Jūsu Gitea kontam.
-account_links_not_available=Pašlaik nav neviena �rēj� konta piesaistīta šim kontam.
 link_account=Sasaistīt kontu
 remove_account_link=Noņemt saistīto kontu
 remove_account_link_desc=Noņemot saistīto kontu, tam tiks liegta piekļuve Jūsu Gitea kontam. Vai turpin�t?
@@ -931,7 +888,6 @@ fork_to_different_account=Atdalīt uz citu kontu
 fork_visibility_helper=Atdalītam repozitorijam nav iespējams mainīt t� redzamību.
 fork_branch=Atzars, ko klonēt atdalītaj� repozitorij�
 all_branches=Visi atzari
-fork_no_valid_owners=Šim repozitorijam nevar izveidot atdalītu repozitoriju, jo tam nav spēk� esošu īpašnieku.
 use_template=Izmantot Å¡o sagatavi
 download_zip=Lejupiel�dēt ZIP
 download_tar=Lejupiel�dēt TAR.GZ
@@ -967,12 +923,10 @@ mirror_interval_invalid=Nekorekts spoguļošanas interv�ls.
 mirror_sync_on_commit=Sinhronizēt, kad revīzijas tiek iesūtītas
 mirror_address=Spoguļa adrese
 mirror_address_desc=Pieslēgšan�s rekvizītus nor�diet autoriz�cijas sadaļ�.
-mirror_address_url_invalid=Nor�dītais URL ir nederīgs. Visas URL daļas ir j�nor�da pareizi.
 mirror_address_protocol_invalid=Nor�dītais URL ir nederīgs. Var spoguļot tikai no http(s):// vai git:// adresēm.
 mirror_lfs=Lielu failu glab�tuve (LFS)
 mirror_lfs_desc=Aktivizēt LFS datu spoguļošanu.
 mirror_lfs_endpoint=LFS galapunkts
-mirror_lfs_endpoint_desc=Sinhroniz�cija mēģin�s izmantot klonēsanas URL, lai <a target="_blank" rel="noopener noreferrer" href="%s">noteiktu LFS serveri</a>. Var nor�dīt arī citu galapunktu, ja repozitorija LFS dati ir izvietoti cit� viet�.
 mirror_last_synced=Pēdējo reizi sinhronizēts
 mirror_password_placeholder=(bez izmaiņ�m)
 mirror_password_blank_placeholder=(nav uzst�dīts)
@@ -984,7 +938,6 @@ forks=Atdalītie repozitoriji
 reactions_more=un vēl %d
 unit_disabled=Administrators ir atspējojies šo repozitorija sadaļu.
 language_other=Citas
-adopt_search=Ievadiet lietot�ja v�rdu, lai meklētu nep�rņemtos repozitorijus... (atst�jiet tukšu, lai meklētu visus)
 adopt_preexisting_label=P�rņemt failus
 adopt_preexisting=P�rņemt jau eksistējošos failus
 adopt_preexisting_content=Izveidot repozitoriju no direktorijas %s
@@ -1021,8 +974,6 @@ template.issue_labels=Problēmu iezīmes
 template.one_item=Nor�diet vismaz vienu sagataves vienumu
 template.invalid=Nor�diet sagataves repozitoriju
 
-archive.title=Šis repozitorijs ir arhivēts. Ir iespējams aplūkot t� failus un to konēt, bet nav iespējams iesūtīt izmaiņas, k� arī izveidot jaunas problēmas vai izmaiņu pieprasījumus.
-archive.title_date=Šis repozitorijs tika arhivēts %s. Ir iespējams aplūkot t� failus un to konēt, bet nav iespējams iesūtīt izmaiņas, k� arī izveidot jaunas problēmas vai izmaiņu pieprasījumus.
 archive.issue.nocomment=Repozitorijs ir arhivēts. Problēm�m nevar pievienot jaunus koment�rus.
 archive.pull.nocomment=Repozitorijs ir arhivēts. Izmaiņu pieprasījumiem nevar pievienot jaunus koment�rus.
 
@@ -1039,7 +990,6 @@ migrate_options_lfs=Migrēt LFS failus
 migrate_options_lfs_endpoint.label=LFS galapunkts
 migrate_options_lfs_endpoint.description=Migr�cija mēģin�s izmantot att�lin�to URL, lai <a target="_blank" rel="noopener noreferrer" href="%s">noteiktu LFS serveri</a>. Var nor�dīt arī citu galapunktu, ja repozitorija LFS dati ir izvietoti cit� viet�.
 migrate_options_lfs_endpoint.description.local=Iespējams nor�dīt arī servera ceļu.
-migrate_options_lfs_endpoint.placeholder=Ja nav nor�dīts, galamērķis tiks atvasin�ts no klonēšanas URL
 migrate_items=Vienumi, ko p�rņemt
 migrate_items_wiki=Vikivietni
 migrate_items_milestones=Atskaites punktus
@@ -1051,10 +1001,8 @@ migrate_items_releases=Laidienus
 migrate_repo=Migrēt repozitoriju
 migrate.clone_address=Klonēšanas adrese
 migrate.clone_address_desc=T� var būt HTTP(S) adrese vai Git 'clone' URL eksistējošam repozitorijam
-migrate.github_token_desc=Ir iespējams izmantot vienu vai ar komantiem atdalītus vair�kas pilnvaras, lai veiktu �tr�ku migr�ciju, ja t� tiek ierobežota ar GitHub API ierobežojumiem. BRĪDINĀJUMS: Šīs iespējas ļaunpr�tīga izmantošana, var tikt uzskatīta par lietošanas noteikumu p�rk�pumu ar no t� izrietoš�m sek�m.
 migrate.clone_local_path=vai servera lok�lais ceļš
 migrate.permission_denied=Jums nav tiesību importēt lok�lu repozitoriju.
-migrate.permission_denied_blocked=Nav iespējams importēt no neatļaut�m adresēm, prasiet administratoram p�rskatīt ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS iestatījumus.
 migrate.invalid_local_path=Nederīgs lok�lais ceļš. Tas neeksistē vai nav direktorija.
 migrate.invalid_lfs_endpoint=LFS galapunkts nav korekts.
 migrate.failed=Migr�cija neizdev�s: %v
@@ -1062,7 +1010,6 @@ migrate.migrate_items_options=Piekļuves pilnvara ir nepieciešama, lai p�rņem
 migrated_from=Migrēts no <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrēts no %[1]s
 migrate.migrate=Migrēt no %s
-migrate.migrating=Migr�cija no <b>%s</b> ...
 migrate.migrating_failed=Migr�cija no <b>%s</b> neizdev�s.
 migrate.migrating_failed.error=Migr�cija neizdev�s: %s
 migrate.migrating_failed_no_addr=Migr�cija neizdev�s.
@@ -1104,7 +1051,6 @@ clone_this_repo=Klonēt šo repozitoriju
 cite_this_repo=Citēt šo repozitoriju
 create_new_repo_command=Izveidot jaunu repozitoriju komandrind�
 push_exist_repo=Nosūtīt izmaiņas no komandrindas eksistējošam repozitorijam
-empty_message=Repozitorijs ir tukšs.
 broken_message=Git repozitoriju nav iespējams nolasīt. Sazinieties ar šī servera administratoru vai izdzēsiet šo repozitoriju.
 
 code=Kods
@@ -1122,7 +1068,6 @@ projects=Projekti
 packages=Pakotnes
 actions=Darbības
 labels=Iezīmes
-org_labels_desc=Organiz�cijas līmeņa iezīmes var tikt izmantotas <strong>visiem repozitorijiem</strong> šaj� organiz�cij�
 org_labels_desc_manage=p�rvaldīt
 
 milestone=Atskaites punktus
@@ -1154,7 +1099,6 @@ file_copy_permalink=Kopēt saiti
 view_git_blame=Aplūkot Git vainīgos
 video_not_supported_in_browser=Jūsu p�rlūks neatbalsta HTML5 video.
 audio_not_supported_in_browser=Jūsu p�rlūks neatbalsta HTML5 audio.
-stored_lfs=Saglab�ts Git LFS
 symbolic_link=Simboliska saite
 executable_file=Izpild�mais fails
 commit_graph=Revīziju grafs
@@ -1197,7 +1141,6 @@ editor.update=Atjaunot %s
 editor.delete=Dzēst %s
 editor.patch=Pielietot iel�pu
 editor.patching=Pielieto iel�pu:
-editor.fail_to_apply_patch=`Neizdev�s pielietot iel�pu "%s"`
 editor.new_patch=Jauns iel�ps
 editor.commit_message_desc=Pievienot neoblig�tu paplašin�tu aprakstu…
 editor.signoff_desc=Pievienot revīzijas žurn�la ziņojuma beig�s Signed-off-by ar revīzijas autoru.
@@ -1213,17 +1156,12 @@ editor.filename_is_invalid=Faila nosaukums "%s" nav korekts.
 editor.branch_does_not_exist=Šaj� repozitorij� neeksistē atzars "%s".
 editor.branch_already_exists=Atzars "%s" šaj� repozitorij� jau eksistē.
 editor.directory_is_a_file=Direktorijas nosaukums "%s" vec�ka ceļ� ir fails nevis direktorija šaj� repozitorij�.
-editor.file_is_a_symlink=Fails "%s" ir nor�de, kuru nav iespējams labot no tīmekļa redaktora
 editor.filename_is_a_directory=Faila nosaukums "%s" sakrīt ar direktorijas nosaukumu šaj� repozitorij�.
-editor.file_editing_no_longer_exists=Fails "%s", ko labojat, vairs neeksistē šaj� repozitorij�.
-editor.file_deleting_no_longer_exists=Fails "%s", ko dzēšat, vairs neeksistē šaj� repozitorij�.
 editor.file_changed_while_editing=Faila saturs ir mainījies kopš s�k�t to labot. Noklikšķiniet <a target="_blank" rel="noopener noreferrer" href="%s">šeit</a>, lai apskatītu, vai <strong>Nosūtiet izmaiņas atk�rtoti</strong>, lai p�rrakstītu.
 editor.file_already_exists=Fails ar nosaukumu "%s" šaj� repozitorij� jau eksistē.
 editor.commit_empty_file_header=Iesūtīt tukšu failu
 editor.commit_empty_file_text=Fails, ko vēlaties iesūtīt, ir tukšs. Vai turpin�t?
 editor.no_changes_to_show=Nav izmaiņu, ko r�dīt.
-editor.fail_to_update_file=Neizdev�s atjaunot/izveidot failu "%s".
-editor.fail_to_update_file_summary=Kļūdas ziņojums:
 editor.push_rejected_no_message=Izmaiņu iesūtīšana tika noraidīta, bet serveris neatgrieza paziņojumu. P�rbaudiet git �ķus šim repozitorijam.
 editor.push_rejected=Serveris noraidīja šo izmaiņu. P�rbaudiet git �ķus.
 editor.push_rejected_summary=Pilns noraidīšanas ziņojums:
@@ -1238,6 +1176,7 @@ editor.require_signed_commit=Atzar� var iesūtīt tikai parakstītas revīzijas
 editor.cherry_pick=Izlasīt %s uz:
 editor.revert=Atgriezt %s uz:
 
+
 commits.desc=P�rlūkot pirmkoda izmaiņu vēsturi.
 commits.commits=Revīzijas
 commits.no_commits=Nav kopīgu revīziju. Atzariem "%s" un "%s" ir pilnīb� atšķirīga izmaiņu vēsture.
@@ -1383,7 +1322,6 @@ issues.filter_project=Projekts
 issues.filter_project_all=Visi projekti
 issues.filter_project_none=Nav projekta
 issues.filter_assignee=Atbildīgais
-issues.filter_assginee_no_assignee=Nav atbildīg�
 issues.filter_poster=Autors
 issues.filter_type=Veids
 issues.filter_type.all_issues=Visas problēmas
@@ -1395,7 +1333,6 @@ issues.filter_type.reviewed_by_you=Tavi recenzētie
 issues.filter_sort=K�rtot
 issues.filter_sort.latest=Jaun�kie
 issues.filter_sort.oldest=Vecakie
-issues.filter_sort.recentupdate=Nesen atjaunot�s
 issues.filter_sort.leastupdate=Vissen�k atjaunot�s
 issues.filter_sort.mostcomment=Visvair�k komentēt�s
 issues.filter_sort.leastcomment=Vismaz�k komentēt�s
@@ -1504,7 +1441,6 @@ issues.pin_comment=piesprauda Å¡o %s
 issues.unpin_comment=atsprauda Å¡o %s
 issues.lock=Slēgt komentēšanu
 issues.unlock=Atļaut komentēšanu
-issues.lock.unknown_reason=Neizdev�s slēgt problēmas komentēšanu.
 issues.lock_duplicate=Problēmas komentēšanu nevar slēgt vair�kas reizes.
 issues.unlock_error=Nevar atļaut komentēšanu, ja problēmai t� nav slēgta.
 issues.lock_with_reason=slēdza ar iemeslu <strong>%s</strong> un ierobežoja koment�ru pievienošanu tikai līdzstr�dniekiem %s
@@ -1512,7 +1448,6 @@ issues.lock_no_reason=slēdza un ierobežoja koment�ru pievienošanu tikai līd
 issues.unlock_comment=atļ�va komentēšanu %s
 issues.lock_confirm=Slēgt
 issues.unlock_confirm=Atļaut
-issues.lock.notice_1=- Citi lietot�ji nevar pievienot jaunus koment�rus šai problēmai.
 issues.lock.notice_2=- Jums un citiem līdzstr�dniekiem ar piekļuvi šim repozitorijam tiks saglab�ta iespēja pievienot koment�rus.
 issues.lock.notice_3=- Jūs vienmēr varat atkal atļaut komentēšanu.
 issues.unlock.notice_1=- Ikviens varēs atkal pievienot jaunus koment�rus.
@@ -1550,7 +1485,6 @@ issues.due_date_form=dd.mm.yyyy
 issues.due_date_form_add=Pievienot izpildes termiņu
 issues.due_date_form_edit=Labot
 issues.due_date_form_remove=Noņemt
-issues.due_date_not_writer=Ir nepieciešama rakstīšanas piekļuve šim repozitorijam, lai varētu mainīt problēmas pl�noto izpildes datumu.
 issues.due_date_not_set=Izpildes termiņš nav uzst�dīts.
 issues.due_date_added=pievienoja izpildes termiņu %s %s
 issues.due_date_modified=mainīja termiņa datumu no %[2]s uz %[1]s %[3]s
@@ -1573,9 +1507,7 @@ issues.dependency.pr_closing_blockedby=Šī izmaiņu pieprasījuma sapludin�ša
 issues.dependency.issue_closing_blockedby=Šīs problēmas aizvēršanu bloķē sekojošas problēmas
 issues.dependency.issue_close_blocks=Šī problēma bloķē sekojošu problēmu aizvēršanu
 issues.dependency.pr_close_blocks=Šis izmaiņu pieprasījums bloķē sekojošu problēmu aizvēršanu
-issues.dependency.issue_close_blocked=Nepieciešams aizvērt visas problēmas, kas bloķē šo problēmu, lai to varētu aizērt.
 issues.dependency.issue_batch_close_blocked=Nav iespējams aizvērt vair�kas atzīmēt�s problēmas, jo problēmai #%d ir atvērtas atkarības
-issues.dependency.pr_close_blocked=Nepieciešams aizvērt visas problēmas, kas bloķē šo izmaiņu pieprasījumu, lai to varētu sapludin�t.
 issues.dependency.blocks_short=BloÄ·Ä“
 issues.dependency.blocked_by_short=Atkarīgs no
 issues.dependency.remove_header=Noņemt atkarību
@@ -1586,12 +1518,10 @@ issues.dependency.add_error_same_issue=Nevar izveidot atkarību uz pašu problē
 issues.dependency.add_error_dep_issue_not_exist=Atkarīg� problēma neeksistē.
 issues.dependency.add_error_dep_not_exist=Atkarība neeksistē.
 issues.dependency.add_error_dep_exists=Atkarība jau ir pievienota.
-issues.dependency.add_error_cannot_create_circular=Nav iespējams veidot atkarību, kur divas problēmas bloķētu viena otru.
 issues.dependency.add_error_dep_not_same_repo=Ab�m problēm�m ir j�būt no viena repozitorija.
 issues.review.self.approval=Nevar apstiprin�t savu izmaiņu pieprasījumi.
 issues.review.self.rejection=Nevar pieprasīt izmaiņas savam izmaiņu pieprasījumam.
 issues.review.approve=apstiprin�ja izmaiņas %s
-issues.review.dismissed=atmeta %s recenziju %s
 issues.review.dismissed_label=Atmesta
 issues.review.left_comment=atst�ja koment�ru
 issues.review.content.empty=Nepieciešams nor�dīt koment�ru par prasītaj�m izmaiņ�m.
@@ -1599,7 +1529,6 @@ issues.review.reject=pieprasīja izmaiņas %s
 issues.review.wait=tika pieprasīta recenzija %s
 issues.review.add_review_request=pieprasīja recenziju no %s %s
 issues.review.remove_review_request=noņema recenzijas pieprasījumu no %s %s
-issues.review.remove_review_request_self=atteic�s recenzēt %s
 issues.review.pending=Nav iesūtīts
 issues.review.pending.tooltip=Šis koment�rs nav redzams citiem lietot�jiem. Lai padarītu neiesūtītos koment�rus pieejamus citiem, nospiediet "%s" -> "%s/%s/%s" lapas augšpusē.
 issues.review.review=Recenzija
@@ -1616,7 +1545,6 @@ issues.review.resolve_conversation=Atrisin�t sarunu
 issues.review.un_resolve_conversation=Atcelt sarunas atrisin�jumu
 issues.review.resolved_by=atzīmēja sarunu k� atrisin�tu
 issues.review.commented=Komentēt
-issues.assignee.error=Ne visi atbildīgie tika pievienoti, jo rad�s neparedzēta kļūda.
 issues.reference_issue.body=Saturs
 issues.content_history.deleted=dzēsts
 issues.content_history.edited=rediģēts
@@ -1651,7 +1579,6 @@ pulls.show_all_commits=R�dīt visas revīzijas
 pulls.show_changes_since_your_last_review=R�dīt izmaiņas kopš Tavas pēdēj�s recenzijas
 pulls.showing_only_single_commit=R�da tikai revīzijas %[1]s izmaiņas
 pulls.showing_specified_commit_range=R�da tikai izmaiņas starp %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Atlasīt revīziju. J�tur Shift + klikšķis, lai atlasītu vair�kas
 pulls.review_only_possible_for_full_diff=Recenzēšana ir iespējama tikai tad, kad tiek apskatīts pilns salīdzin�jums
 pulls.filter_changes_by_commit=Atlasīt pēc revīzijas
 pulls.nothing_to_compare=Nav ko salīdzin�t, jo b�zes un salīdzin�mie atzari ir vien�di.
@@ -1679,7 +1606,6 @@ pulls.add_prefix=Pievienot <strong>%s</strong> prefiksu
 pulls.remove_prefix=Noņemt <strong>%s</strong> prefiksu
 pulls.data_broken=Izmaiņu pieprasījums ir boj�ts, jo dzēsta inform�cija no atdalīt� repozitorija.
 pulls.files_conflicted=Šīs izmaiņu pieprasījuma izmaiņas konfliktē ar mērķa atzaru.
-pulls.is_checking=Notiek konfliktu p�rbaude, mirkli uzgaidiet un atjaunojiet lapu.
 pulls.is_ancestor=Atzars jau ir pilnīb� iekļauts mērķ� atzar�. Nav izmaiņu, ko sapludin�t.
 pulls.is_empty=Mērķa atzars jau satur šī atzara izmaiņas. Šī revīzija būs tukša.
 pulls.required_status_check_failed=Dažas no p�rbaudēm nebija veiksmīgas.
@@ -1701,30 +1627,20 @@ pulls.reject_count_1=%d izmaiņu pieprasījums
 pulls.reject_count_n=%d pieprasītas izmaiņas
 pulls.waiting_count_1=nepieciešama %d recenzija
 pulls.waiting_count_n=nepieciešamas %d recenzijas
-pulls.wrong_commit_id=revīzijas identifik�toram ir j�būt revīzijas identifikatoram no mērķa atzara
 
 pulls.no_merge_desc=Šo izmaiņu pieprasījumu nav iespējams sapludin�t, jo nav atļauts neviens sapludin�šanas veids.
 pulls.no_merge_helper=Lai sapludin�tu šo izmaiņu pieprasījumu, iespējojiet vismaz vienu sapludin�šanas veidu repozitorija iestatījumos vai sapludiniet to manu�li.
 pulls.no_merge_wip=Šo izmaiņu pieprasījumu nav iespējams sapludin�t, jo tas ir atzīmēts, ka darbs pie t� vēl nav pabeigts.
-pulls.no_merge_not_ready=Izmaiņu pieprasījumu nav iespējams sapludin�t, p�rbaudiet recenziju statusu un statusa p�rbaudes.
 pulls.no_merge_access=Jums nav tiesību sapludin�t šo izmaiņu pieprasījumu.
 pulls.merge_pull_request=Izveidot sapludin�šana revīziju
-pulls.rebase_merge_pull_request=P�rb�zēt un p�rtīt uz priekšu
-pulls.rebase_merge_commit_pull_request=P�rb�zēt un izveidot sapludin�šanas revīziju
 pulls.squash_merge_pull_request=Izveidot saspiešanas revīziju
 pulls.merge_manually=Manu�li sapludin�ts
 pulls.merge_commit_id=Sapludin�šanas revīzijas ID
 pulls.require_signed_wont_sign=Atzar� var iesūtīt tikai parakstītas revīzijas, bet sapludin�šanas revīzijas netiks parakstīta
 
 pulls.invalid_merge_option=Nav iespējams izmantot š�du sapludin�šanas veidu šim izmaiņu pieprasījumam.
-pulls.merge_conflict=Sapludin�šana neizdev�s: Veicot sapludin�šanu, rad�s konflikts. Mēģiniet izmantot citu sapludin�šanas stratēģiju
 pulls.merge_conflict_summary=Kļūdas paziņojums
-pulls.rebase_conflict=Sapludin�šana neizdev�s: Veicot p�rb�zēšanu uz revīziju %[1]s, rad�s konflikts. Mēģiniet izmantot citu sapludin�šanas stratēģiju
 pulls.rebase_conflict_summary=Kļūdas paziņojums
-pulls.unrelated_histories=Sapludin�šana neizdev�s: mērķa un b�zes atzariem nav kopējas vēstures. Ieteikums: izvēlieties citu sapludin�šanas stratēģiju
-pulls.merge_out_of_date=Sapludin�šana neizdev�s: sapludin�šanas laik�, b�zes atzar� tika iesūtītas izmaiņas. Ieteikums: mēģiniet atk�rtoti.
-pulls.head_out_of_date=Sapludin�šana neizdev�s: sapludin�šanas laik�, b�zes atzar� tika iesūtītas izmaiņas. Ieteikums: mēģiniet atk�rtoti.
-pulls.has_merged=Neizdev�s: izmaiņu pieprasījums jau ir sapludin�ts, nevar to darīt atk�rtoti vai mainīt mērķa atzaru.
 pulls.push_rejected_summary=Pilns noraidīšanas ziņojums
 pulls.open_unmerged_pull_exists=`Jūs nevarat veikt atk�rtotas atvēršanas darbību, jo jau eksistē izmaiņu pieprasījums (#%d) ar š�du sapludin�šanas inform�ciju.`
 pulls.status_checking=Dažas p�rbaudes vēl tiek veiktas
@@ -1749,7 +1665,6 @@ pulls.cmd_instruction_checkout_desc=Projekta repozitorij� j�izveido jauns atza
 pulls.cmd_instruction_merge_title=Sapludin�t
 pulls.cmd_instruction_merge_desc=Sapludin�t izmaiņas un atjaunot t�s Gitea.
 pulls.clear_merge_message=Notīrīt sapludin�šanas ziņojumu
-pulls.clear_merge_message_hint=Notīrot sapludin�šanas ziņojumu tiks noņemts tikai pats ziņojums, bet tiks paturēti ģenerētie git ziņojumu, k� "Co-Authored-By …".
 
 pulls.auto_merge_button_when_succeed=(Kad p�rbaudes veiksmīgas)
 pulls.auto_merge_when_succeed=Autom�tiski sapludin�t, kad visas p�rbaudes veiksmīgas
@@ -1802,12 +1717,10 @@ milestones.filter_sort.most_issues=Visvair�k problēmu
 milestones.filter_sort.least_issues=Vismaz�k problēmu
 
 signing.will_sign=Šī revīzija tiks parakstīta ar atslēgu "%s".
-signing.wont_sign.error=Notika kļūda p�rbaudot vai revīzija var tikt parakstīta.
 signing.wont_sign.nokey=Nav pieejamas atslēgas, ar ko parakstīt šo revīziju.
 signing.wont_sign.never=Revīzijas nekad netiek parakstītas.
 signing.wont_sign.always=Revīzijas vienmēr tiek parakstītas.
 signing.wont_sign.pubkey=Revīzija netiks parakstīta, jo kontam nav piesaistīta publisk� atslēga.
-signing.wont_sign.twofa=J�būt iespējotai divfaktoru autentifik�cijai, lai parakstītu revīzijas.
 signing.wont_sign.parentsigned=Revīzija netiks parakstīta, jo nav parakstīta vec�ka revīzija.
 signing.wont_sign.basesigned=Sapludin�šanas revīzija netiks parakstīta, jo pamata revīzija nav parakstīta.
 signing.wont_sign.headsigned=Sapludin�šanas revīzija netiks parakstīta, jo galven� revīzija nav parakstīta.
@@ -1889,7 +1802,6 @@ activity.title.releases_1=%d versiju
 activity.title.releases_n=%d versijas
 activity.title.releases_published_by=%s publicēja %s
 activity.published_release_label=Publicēts
-activity.no_git_activity=Šaj� laika period� nav notikušas nek�das izmaiņas.
 activity.git_stats_exclude_merges=Neskaitot sapludin�šanas revīzijas,
 activity.git_stats_author_1=%d autors
 activity.git_stats_author_n=%d autori
@@ -1914,7 +1826,6 @@ activity.git_stats_deletion_n=%d dzēšanas
 contributors.contribution_type.commits=Revīzijas
 
 settings=Iestatījumi
-settings.desc=Iestatījumi ir vieta, kur varat p�rvaldīt repozitorija iestatījumus
 settings.options=Repozitorijs
 settings.collaboration=Līdzstr�dnieks
 settings.collaboration.admin=Administrators
@@ -1931,7 +1842,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Iestatiet, ka vi
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Iestatiet, ka visas revīzijas, tagi un atzari tiks autom�tiski p�rņemti no cita repozitorija.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Pašlaik to var izdarīt tikai, izmantojot, sadaļu "Jauna migr�cija". Sīk�kai inform�cijai, skatieties:
 settings.mirror_settings.docs.disabled_push_mirror.info=Iesūtīšanas spoguļus administrators ir aizliedzis izmantot.
-settings.mirror_settings.docs.no_new_mirrors=Šis repozitorijs spoguļo izmaiņas uz vai no cita repozitorija. Pašlaik vair�k nav iespējams izveidot jaunus spoguļa repozitorijus.
 settings.mirror_settings.docs.can_still_use=Lai arī nav iespējams mainīt esošos vai izveidot jaunus spoguļa repozitorijus, esošie turpin�s str�d�t.
 settings.mirror_settings.docs.pull_mirror_instructions=Lai ietatītu atvilkšanas spoguli, sekojiet instrukcij�m:
 settings.mirror_settings.docs.more_information_if_disabled=Vair�k par pieg�d�šanas un saņemšanas spoguļiem var uzzin�t šeit:
@@ -1999,7 +1909,6 @@ settings.admin_indexer_commit_sha=Pēdēj� indeksēt� revīzija
 settings.admin_indexer_unindexed=Neindeksēts
 settings.reindex_button=Pievienot p�rindeksēšanas rindai
 settings.reindex_requested=Pieprasīta p�rindeksēšana
-settings.admin_enable_close_issues_via_commit_in_any_branch=Aizvērt problēmu ar izmaiņu koment�ru iesūtītu jebkur� atzar�
 settings.danger_zone=Bīstam� zona
 settings.new_owner_has_same_repo=Jaunajam īpašniekam jau ir repozitorijs ar š�du nosaukumu.
 settings.convert=Konvertēt uz parastu repozitoriju
@@ -2020,7 +1929,6 @@ settings.transfer_abort_invalid=Nevar atcelt neeksistējoša repozitorija īpaš
 settings.transfer_abort_success=Repozitorija īpašnieka maiņa uz %s tika veiksmīgi atcelta.
 settings.transfer_desc=Mainīt šī repozitorija īpašnieku uz citu lietot�ju vai organiz�ciju, kurai Jums ir administratora tiesības.
 settings.transfer_form_title=Ievadiet repozitorija nosaukumu, lai apstiprin�tu:
-settings.transfer_in_progress=Pašlaik jau tiek veikta repozitorija īpašnieka maiņa. Atceliet iepriekšējo īpašnieka maiņu, ja vēlaties mainīt uz citu.
 settings.transfer_notices_1=- Tiks zaudēta piekļuve repozitorijam, ja jaunais īpašnieks ir individu�ls lietot�js.
 settings.transfer_notices_2=- Tiks saglab�ta piekļuve, ja jaunais īpašnieks ir organiz�cija un esat viens no t�s īpašniekiem.
 settings.transfer_notices_3=- Ja repozitorijs ir priv�ts un tas tiks p�rsūtīts lietot�jam, tad p�rliecin�ties, ka lietot�jam ir vismaz skatīšan�s tiesības (veiciet nepieciešam�s izmaiņas, ja nepieciešams).
@@ -2034,13 +1942,9 @@ settings.trust_model.default=Noklusējuma uzticēšan�s modelis
 settings.trust_model.default.desc=Izmantot noklusēto repozitoriju uzticības modeli.
 settings.trust_model.collaborator=Līdzstr�dnieka
 settings.trust_model.collaborator.long=Līdzstr�dnieka: Uzticēties līdzstr�dnieku parakstiem
-settings.trust_model.collaborator.desc=Derīgi līdzstr�dnieku paraksti tiks atzīmēti k� "uzticami" (neatkarīgi no t� vai tie atbilst revīzijas iesūtīt�jam vai nē). Citos gadījumos derīgi paraksti tiks atzīmēti k� "neuzticami", ja paraksts atbilst revīzijas iesūtīt�jam vai "nesakrītošs", ja neatbilst.
 settings.trust_model.committer=Revīzijas iesūtīt�ja
-settings.trust_model.committer.long=Revīzijas iesūtīt�ja: Uzticēties parakstiem, kas atbilst revīzijas iesūtīt�jiem (Šis atbilst GitHub uzvedībai un piespiedīs Gitea parakstīt�m revīzij�m nor�dīt Gitea k� revīzijas iesūtīt�ju)
-settings.trust_model.committer.desc=Derīgi paraksti tiks atzīmēti k� "uzticami", ja tie atbilst revīzijas iesūtīt�jam, citos gadījumos tie tiks atzīmēti k� "nesakrītoši". Šis nozīmē, ka Gitea būs k� revīzijas iesūtīt�js parakstīt�m revīzij�m, kur īstais revīzijas iesūtīt�js tiks atīzmēts revīzijas koment�ra beig�s ar tekstu Co-authored-by: un Co-committed-by:. Noklusētajai Gitea atslēgai ir j�atbilst lietot�jam datub�zē.
 settings.trust_model.collaboratorcommitter=Līdzstr�dnieka un revīzijas iesūtīt�ja
 settings.trust_model.collaboratorcommitter.long=Līdzstr�dnieka un revīzijas iesūtīt�ja: Uzticēties līdzstr�dnieku parakstiem, kas atbilst revīzijas iesūtīt�jam
-settings.trust_model.collaboratorcommitter.desc=Derīgi līdzstr�dnieku paraksti tiks atzīmēti k� "uzticami", ja tie atbilst revīzijas iesūtīt�jam, citos gadījumos tie tiks atzīmēti k� "neuzticami", ja paraksts atbilst revīzijas iesūtītajam, vai "nesakrītoši", ja neatbilst. Šis nozīmē, ka Gitea būs k� revīzijas iesūtīt�js parakstīt�m revīzij�m, kur īstais revīzijas iesūtīt�js tiks atīzmēts revīzijas koment�ra beig�s ar tekstu Co-Authored-By: un Co-Committed-By:. Noklusētajai Gitea atslēgai ir j�atbilst lietot�jam datub�zē.
 settings.wiki_delete=Dzēst vikivietnes datus
 settings.wiki_delete_desc=Vikivietnes repozitorija dzēšana ir neatgriezeniska un nav atsaucama.
 settings.wiki_delete_notices_1=- Šī darbība dzēsīs un atspējos repozitorija %s vikivietni.
@@ -2049,7 +1953,6 @@ settings.wiki_deletion_success=Repozitorija vikivietnes dati tika izdzēsti.
 settings.delete=Dzēst šo repozitoriju
 settings.delete_desc=Repozitorija dzēšana ir neatgriezeniska un nav atsaucama.
 settings.delete_notices_1=- Šī darbība ir <strong>NEATGRIEZENISKA</strong>.
-settings.delete_notices_2=- Šī darbība neatgriezeniski izdzēsīs visu repozitorij� <strong>%s</strong>, tai skait� problēmas, koment�rus, vikivietni un līdzstr�dnieku piesaisti.
 settings.delete_notices_fork_1=- Visi atdalītie repozitoriju pēc dzēšanas kļūs neatkarīgi.
 settings.deletion_success=Repozitorijs tika izdzēsts.
 settings.update_settings_success=Repozitorija iestatījumi tika saglab�ti.
@@ -2070,8 +1973,6 @@ settings.team_not_in_organization=Komanda nav taj� paš� organiz�cij� k� re
 settings.teams=Komandas
 settings.add_team=Pievienot komandu
 settings.add_team_duplicate=Komandai jau ir piekļuve šim repozitorijam
-settings.add_team_success=Komandai tagad ir piekļuve šim repozitorijam.
-settings.change_team_permission_tip=Komandas tiesības tiek uzst�dītas komandas iestatījumu lap� un nevar tikt individu�li mainītas katram repozitorijam atsevišķi
 settings.delete_team_tip=Komandai ir piekļuve visiem repozitorijiem un t� nevar tikt noņemta individu�li
 settings.remove_team_success=Komandas piekļuve šim repozitorijam ir noņemta.
 settings.add_webhook=Pievienot tīmekļa �ķi
@@ -2080,8 +1981,6 @@ settings.hooks_desc=Tīmekļa �ķi ļauj paziņot �rējiem servisiem par notei
 settings.webhook_deletion=Noņemt tīmekļa �ķi
 settings.webhook_deletion_desc=Noņemot tīmekļa �ķi, tiks dzēsti visi t� iestatījumi un pieg�des vēsture. Vai turpin�t?
 settings.webhook_deletion_success=Tīmekļa �ķis tika noņemts.
-settings.webhook.test_delivery=Testa pieg�de
-settings.webhook.test_delivery_desc=Veikt viltus push-notikuma pieg�di, lai notestētu Jūsu tīmekļa �ķa iestatījumus.
 settings.webhook.test_delivery_desc_disabled=Lai p�rbaudītu šo tīmekļa �ķi ar neīstu notikumu, tas ir j�iespējo.
 settings.webhook.request=Pieprasījums
 settings.webhook.response=Atbilde
@@ -2127,7 +2026,6 @@ settings.event_repository=Repozitorijs
 settings.event_repository_desc=Repozitorijs izveidots vai dzēsts.
 settings.event_header_issue=Problēmu notikumi
 settings.event_issues=Problēmas
-settings.event_issues_desc=Problēma atvērta, aizvērta, atk�rtoti atvērta vai mainīta.
 settings.event_issue_assign=Problēmas atbildīgie
 settings.event_issue_assign_desc=Problēmai piešķirti vai noņemti atbildīgie.
 settings.event_issue_label=Problēmu iezīmes
@@ -2138,7 +2036,6 @@ settings.event_issue_comment=Problēmas koment�rs
 settings.event_issue_comment_desc=Problēmas koment�rs pievienots, labots vai dzēsts.
 settings.event_header_pull_request=Izmaiņu pieprasījuma notikumi
 settings.event_pull_request=Izmaiņu pieprasījums
-settings.event_pull_request_desc=Izmaiņu pieprasījums atvērts, aizvērts, atk�rtoti atvērts vai mainīts.
 settings.event_pull_request_assign=Izmaiņu pieprasījuma atbildīgie
 settings.event_pull_request_assign_desc=Izmaiņu pieprasījumam piešķirti vai noņemti atbildīgie.
 settings.event_pull_request_label=Izmaiņu pieprasījuma iezīmes
@@ -2271,7 +2168,6 @@ settings.archive.branchsettings_unavailable=Atzaru iestatījumi nav pieejami, ja
 settings.archive.tagsettings_unavailable=Tagu iestatījumi nav pieejami, ja repozitorijs ir arhivēts.
 settings.unarchive.button=Atcelt repozitorija arhivēšanu
 settings.unarchive.header=Atcelt šī repozitorija arhivēšanu
-settings.unarchive.text=Repozitorija arhivēšanas atcelšana atjaunos t� spēju saņemt izmaiņas, k� arī jaunus problēmu pieteikumus un izmaiņu pieprasījumus.
 settings.unarchive.success=Repozitorijam veiksmīgi atcelta arhiv�cija.
 settings.unarchive.error=Repozitorija arhivēšanas atcelšanas laik� atgadīj�s kļūda. Vair�k ir redzams žurn�l�.
 settings.update_avatar_success=Repozitorija attēls tika atjaunin�ts.
@@ -2289,11 +2185,9 @@ settings.lfs_invalid_locking_path=Nekorekts ceļš: %s
 settings.lfs_invalid_lock_directory=Nevar bloÄ·Ä“t direktoriju: %s
 settings.lfs_lock_already_exists=Fails vai direktorija jau ir bloÄ·Ä“ta: %s
 settings.lfs_lock=BloÄ·Ä“t
-settings.lfs_lock_path=Faila ceļš, ko bloķēt...
 settings.lfs_locks_no_locks=Nav bloÄ·Ä“ts neviens fails
 settings.lfs_lock_file_no_exist=Bloķējamais fails neeksistē noklusētaj� atzar�
 settings.lfs_force_unlock=Piespiedu atbloÄ·Ä“Å¡ana
-settings.lfs_pointers.found=Atrasta(s) %d bin�r� objekta nor�de(s) - %d saistītas, %d nesaistītas (%d trūkstošas glab�tuvē)
 settings.lfs_pointers.sha=Bin�r� objekta SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Repozitorij�
@@ -2464,7 +2358,6 @@ error.csv.unexpected=Nevar attēlot šo failu, jo tas satur neparedzētu simbolu
 error.csv.invalid_field_count=Nevar attēlot šo failu, jo tas satur nepareizu skaitu ar laukiem %d. līnij�.
 
 [graphs]
-component_loading=Iel�dē %s...
 component_loading_failed=Nevarēja iel�dēt %s
 component_loading_info=Šis var aizņemt k�du brīdi…
 component_failed_to_load=Atgadīj�s neparedzēta kļūda.
@@ -2499,7 +2392,6 @@ form.create_org_not_allowed=Jums nav tiesību veidot jauno organiz�ciju.
 settings=Iestatījumi
 settings.options=Organiz�cija
 settings.full_name=Pilns v�rds, uzv�rds
-settings.email=E-pasta adrese saziņai
 settings.website=M�jas lapa
 settings.location=Atrašan�s vieta
 settings.permission=Tiesības
@@ -2513,15 +2405,13 @@ settings.visibility.private_shortname=Priv�ta
 
 settings.update_settings=Mainīt iestatījumus
 settings.update_setting_success=Organiz�cijas iestatījumi tika saglab�ti.
-settings.change_orgname_prompt=Piezīme: organiz�cijas nosaukuma maiņa izmainīs arī organiz�cijas URL un atbrīvos veco nosaukumu.
-settings.change_orgname_redirect_prompt=Vecais v�rds p�rsūtīs uz jauno, kamēr vien tas nebūs izmantots.
+
+
 settings.update_avatar_success=Organiz�cijas attēls tika saglab�ts.
 settings.delete=Dzēst organiz�ciju
 settings.delete_account=Dzēst šo organiz�ciju
 settings.delete_prompt=Šī darbība pilnīb� dzēsīs šo organiz�ciju, k� arī t� ir <strong>NEATGRIEZENISKA</strong>!
 settings.confirm_delete_account=Apstiprin�t dzēšanu
-settings.delete_org_title=Dzēst organiz�ciju
-settings.delete_org_desc=Organiz�cija tiks dzēsta neatgriezeniski. Vai turpin�t?
 
 settings.labels_desc=Pievienojiet iezīmes, kas var tikt izmantotas <strong>visos</strong> šīs organiz�cijas repozitorijos.
 
@@ -2575,7 +2465,6 @@ teams.remove_all_repos_title=Noņemt visus komandas repozitorijus
 teams.remove_all_repos_desc=Šī darbība noņems visus repozitorijus no komandas.
 teams.add_all_repos_title=Pievienot visus repozitorijus
 teams.add_all_repos_desc=Šī darbība pievienos visus organiz�cijas repozitorijus šai komandai.
-teams.add_nonexistent_repo=Repozitorijs, kuru mēģinat pievienot neeksistē, s�kum� izveidojiet to.
 teams.add_duplicate_users=Lietot�js jau ir šaj� komand�.
 teams.repos.none=Šai komandai nav piekļuves nevienam repozitorijam.
 teams.members.none=Šaj� komand� nav pievienots neviens lietot�js.
@@ -2603,7 +2492,6 @@ repositories=Repozitoriji
 hooks=Tīmekļa �ķi
 integrations=Integr�cijas
 authentication=Autentificēšanas avoti
-emails=Lietot�ja e-pasts
 config=Konfigur�cija
 config_summary=Kopsavilkums
 config_settings=Iestatījumi
@@ -2633,27 +2521,17 @@ dashboard.cron.cancelled=Cron: %[1]s atcelts: %[3]s
 dashboard.cron.error=Kļūda Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s pabeigts
 dashboard.delete_inactive_accounts=Dzēst visus neaktivizētos kontus
-dashboard.delete_inactive_accounts.started=Uzdevums visu neaktivizēto kontu dzēšanai uzs�kts.
 dashboard.delete_repo_archives=Dzēst visu repozitoriju arhīvus (ZIP, TAR.GZ utt.)
-dashboard.delete_repo_archives.started=Uzdevums visu repozitoriju arhīvu dzēšanai uzs�kts.
 dashboard.delete_missing_repos=Dzēst visus repozitorijus, kam trūkst Git failu
-dashboard.delete_missing_repos.started=Uzdevums visu repozitoriju dzēšanai, kam trūkst git failu, uzs�kts.
 dashboard.delete_generated_repository_avatars=Dzēst ģenerētos repozitoriju attēlus
 dashboard.sync_repo_branches=Sinhroniz�cija ar dabub�zi izlaida atzarus no git datiem
 dashboard.update_mirrors=Atjaunot spoguļus
 dashboard.repo_health_check=P�rbaudīt visu repozitoriju veselību
 dashboard.check_repo_stats=P�rbaudīt visu repozitoriju statistiku
 dashboard.archive_cleanup=Dzēst repozitoriju vecos arhīvus
-dashboard.deleted_branches_cleanup=Notīrīt dzēstos atzarus
 dashboard.update_migration_poster_id=Atjaunot migr�cij�m autoru ID
-dashboard.git_gc_repos=Veikt atkritumu uzkopšanas darbus visiem repozitorijiem
-dashboard.resync_all_sshkeys=Atjaunot '.ssh/authorized_keys' failu ar Gitea SSH atslēg�m.
-dashboard.resync_all_sshprincipals=Atjaunot '.ssh/authorized_principals' failu ar Gitea SSH sertifik�tu identit�tēm.
-dashboard.resync_all_hooks=P�rsinhronizēt pirms-saņemšanas, atjaunošanas un pēc-saņemšanas �ķus visiem repozitorijiem.
 dashboard.reinit_missing_repos=Atk�rtoti inicializēt visus pazaudētos Git repozitorijus par kuriem eksistē ieraksti
 dashboard.sync_external_users=Sinhronizēt �rējo lietot�ju datus
-dashboard.cleanup_hook_task_table=Iztīrīt tīmekļa �ķu vēsturi
-dashboard.cleanup_packages=Notīrīt novecojuš�s pakotnes
 dashboard.server_uptime=Servera darbības laiks
 dashboard.current_goroutine=Izmantot�s Gorutīnas
 dashboard.current_memory_usage=Pašreiz izmantot� atmiņa
@@ -2685,7 +2563,6 @@ dashboard.last_gc_pause=Pedēj�s GC izpildes laiks
 dashboard.gc_times=GC reizes
 dashboard.update_checker=Atjaunin�jumu p�rbaudīt�js
 dashboard.delete_old_system_notices=Dzēst vecos sistēmas paziņojumus no datub�zes
-dashboard.gc_lfs=Veikt atkritumu uzkopšanas darbus LFS meta objektiem
 dashboard.rebuild_issue_indexer=P�rbūvēt problēmu indeksu
 
 users.user_manage_panel=Lietot�ju kontu p�rvaldība
@@ -2702,7 +2579,6 @@ users.2fa=2FA
 users.repos=Repozitoriji
 users.created=Izveidots
 users.last_login=Pēdēj� pieteikšan�s
-users.never_login=Pieteikšan�s nekad nav veikta
 users.send_register_notify=Nosūtīt lietot�jam reģistr�cijas paziņojumu
 users.new_success=Lietot�ja konts "%s" tika izveidots.
 users.edit=Labot
@@ -2729,7 +2605,6 @@ users.still_own_repo=Lietot�jam pieder repozitoriji, tos s�kum� ir nepiecieš
 users.still_has_org=Šis lietot�js ir vienas vai vair�ku organiz�ciju biedrs, lietot�ju s�kum� ir nepieciešams pamest šīs organiz�cijas vai viņu no t�m ir j�izdzēš.
 users.purge=Attīrīt lietotu
 users.purge_help=Piespiedu dzēst lietot�ju un visus t� repozitorijus, organiz�cijas un pakotnes. Arī visi lietot�ja koment�ri tiks dzēsti.
-users.still_own_packages=Šim lietot�jam pieder viena vai vair�kas pakotnes, t�s nepieciešams izdzēst.
 users.deletion_success=Lietot�ja konts veiksmīgi izdzēsts.
 users.reset_2fa=Noņemt 2FA
 users.list_status_filter.menu_text=Filtrs
@@ -2749,11 +2624,7 @@ users.details=Lietot�ja inform�cija
 emails.email_manage_panel=Lietot�ju e-pastu p�rvaldība
 emails.primary=Prim�rais
 emails.activated=Aktivizēts
-emails.filter_sort.email=E-pasts
-emails.filter_sort.email_reverse=E-pasta adrese (pretēji alfabētiski)
 emails.filter_sort.name=Lietot�jv�rds
-emails.filter_sort.name_reverse=Lietot�ja v�rds (pretēji alfabētiski)
-emails.updated=E-pasts atjaunots
 emails.not_updated=Neizdev�s atjaunot pieprasīto e-pasta adresi: %v
 emails.duplicate_active=E-pasta adrese jau ir aktīva citam lietot�jam.
 emails.change_email_header=Atjaunot e-pasta rekvizītus
@@ -2869,26 +2740,18 @@ auths.oauth2_required_claim_name_helper=Uzst�diet šo nosaukumu, lai ierobežot
 auths.oauth2_required_claim_value=Nepieciešam�s prasības vērtība
 auths.oauth2_required_claim_value_helper=Uzst�diet šo vērtību, lai ierobežotu, kas var autorizēties, izmantojot, šo avotu, ar nor�dīto prasības nosaukumu un vertību
 auths.oauth2_group_claim_name=Prasības nosaukums, kas nodrošina grupu nosaukumus šim avotam. (Neoblig�ts)
-auths.oauth2_admin_group=Grupas prasības vērtība administratoriem. (Neoblig�ta - nepieciešams prasības nosaukums augst�k)
-auths.oauth2_restricted_group=Grupas prasības vērtība ierobežotajiem lietot�jiem. (Neoblig�ta - nepieciešams prasības nosaukums augst�k)
-auths.oauth2_map_group_to_team=Sasaistīt prasības grupas ar organiz�cijas komand�m. (Neoblig�ts - nepieciešams prasības nosaukums augst�k)
 auths.oauth2_map_group_to_team_removal=Noņemt lietot�jus no sinhronizētaj�m komand�m, ja lietot�js nav piesaistīts attiecīgajai grupai.
 auths.enable_auto_register=Iespējot autom�tisko reģistr�ciju
 auths.sspi_auto_create_users=Autom�tiski izveidot lietot�jus
-auths.sspi_auto_create_users_helper=Ļauj SSPI autentifik�cijas metodei autom�tiski izveidot jaunus kontus lietot�jiem, kas autorizējas pirmo reizi
 auths.sspi_auto_activate_users=Autom�tiski aktivizēt lietot�jus
 auths.sspi_auto_activate_users_helper=Ļauj SSPI autentifik�cijas metodei autom�tiski aktivizēt jaunos lietot�jus
 auths.sspi_strip_domain_names=Noņemt domēna v�rdus no lietot�ju v�rdiem
-auths.sspi_strip_domain_names_helper=Ja atzīmēts, domēna v�rdi tiks noņemti no lietot�ja v�rdiem, piemēram, "DOMĒNS\lietot�js" un "lietot�js@domēns.lv" abi kļūs par tikai "lietot�js".
 auths.sspi_separator_replacement=Atdalīt�js, ko izmantot \, / vai @ viet�
-auths.sspi_separator_replacement_helper=Simbols, ko izmantot, k� atdalīt�ju, lai atdalītu lietot�ja v�rdu no domēna, piemēram "DOMĒNS\lietot�js", un lietot�ja identit�šu nosaukumos, piemēram, lietot�js@domēns.lv.
 auths.sspi_default_language=Noklusēt� lietot�ja valoda
-auths.sspi_default_language_helper=Noklusēt� valoda, ko uzst�dīt autom�tiski izveidotajiem lietot�jiem, kas izmanto SSPI autentifik�cijas veidu. Atst�jiet tukšu, ja vēlaties, lai valoda tiktu noteikta autom�tiski.
 auths.tips=Padomi
 auths.tips.oauth2.general=OAuth2 autentifik�cija
 auths.tips.oauth2.general.tip=Kad tiek reģistrēta jauna OAuth2 autentifik�cija, atzvanīšanas/p�rvirzīšanas URL vajadzētu būt:
 auths.tip.oauth2_provider=OAuth2 pakalpojuma sniedzējs
-auths.tip.nextcloud=`Reģistrējiet jaunu OAuth klientu jūsu instances sad�ļ� "Settings -> Security -> OAuth 2.0 client"`
 auths.tip.mastodon=Nor�diet piel�gotu mastodon instances URL, ar kuru vēlaties autorizēties (vai izmantojiet noklusēto)
 auths.edit=Labot autentifik�cijas avotu
 auths.activated=Autentifik�cijas avots ir atkivizēts
@@ -2931,8 +2794,6 @@ config.ssh_domain=SSH servera domēns
 config.ssh_port=Ports
 config.ssh_listen_port=Klausīšan�s ports
 config.ssh_root_path=Saknes ceļš
-config.ssh_key_test_path=Atslēgu p�rbaudes ceļš
-config.ssh_keygen_path=Keygen ('ssh-keygen') ceļš
 config.ssh_minimum_key_size_check=Minim�l� atslēgas lieluma p�rbaude
 config.ssh_minimum_key_sizes=Minim�lais atslēgas lielums
 
@@ -2990,7 +2851,6 @@ config.mailer_sendmail_path=Ceļš līdz sendmail programmai
 config.mailer_sendmail_args=Papildus Sendmail komandrindas argumenti
 config.mailer_sendmail_timeout=Sendmail noildze
 config.mailer_use_dummy=Tukšs
-config.test_email_placeholder=E-pasts (piemēram, test@example.com)
 config.send_test_mail=Nosūtīt p�rbaudes e-pastu
 config.send_test_mail_submit=Sūtīt
 config.test_mail_failed=Neizdev�s nosūtīt p�rbaudes e-pastu uz "%s": %v
@@ -3070,7 +2930,6 @@ monitor.queue.numberinqueue=Skaits rind�
 monitor.queue.review_add=P�rskatīt/pievienot str�dņus
 monitor.queue.settings.title=Pūla iestatījumi
 monitor.queue.settings.desc=Pūls dinamiski tiek palielin�ts atkarīb� no bloķētiem darbiem rind�.
-monitor.queue.settings.maxnumberworkers=Maksim�lais str�dņu skaits
 monitor.queue.settings.maxnumberworkers.placeholder=Pašalaik %[1]d
 monitor.queue.settings.maxnumberworkers.error=Maksim�lajam str�dņu skaitam ir j�būt skaitlim
 monitor.queue.settings.submit=Saglab�t iestatījumus
@@ -3174,8 +3033,6 @@ error.no_committer_account=Revīzijas autora e-pasta adrese nav piesaistīta nev
 error.no_gpg_keys_found=Šim parakstam datu b�zē netika atrasta zin�ma atslēga
 error.not_signed_commit=Nav parakstīta revīzija
 error.failed_retrieval_gpg_keys=Neizdev�s saņemt nevienu atslēgu, kas ir piesaistīta revīzijas autora kontam
-error.probable_bad_signature=BRĪDINĀJUMS! Lai arī datu b�zē eksistē atslēga ar š�du identifikatoru, nav iespējams verificēt šo revīziju! Šī revīzija ir ļoti AIZDOMĪGA.
-error.probable_bad_default_signature=BRĪDINĀJUMS! Lai arī šai atslēgai ir noklusēt�s atslēgas identifikators, ar to nav iespējams verificēt šo revīziju! Šī revīzija ir ļoti AIZDOMĪGA.
 
 [units]
 unit=Vienība
@@ -3212,7 +3069,6 @@ versions=Versijas
 versions.view_all=Par�dīt visas
 dependency.id=ID
 dependency.version=Versija
-alpine.registry=Iestaties šo reģistru pievienojot t� URL <code>/etc/apk/repositories</code> fail�:
 alpine.registry.key=Lejupiel�dējiet reģistra publisko RSA atslēgu direktorij� <code>/etc/apk/keys/</code>, lai p�rbaudītu indeksa parakstu:
 alpine.registry.info=Izvēlieties $branch un $repository no saraksta zem�k.
 alpine.install=Lai uzst�dītu pakotni, ir j�izpilda šī komanda:
@@ -3222,18 +3078,13 @@ alpine.repository.architectures=Arhitektūras
 arch.repository=Repozitorija inform�cija
 arch.repository.repositories=Repozitoriji
 arch.repository.architectures=Arhitektūras
-cargo.registry=Uzst�diet šo reģistru Cargo konfigur�cijas fail�, piemēram, <code>~/.cargo/config.toml</code>:
 cargo.install=Lai instalētu Cargo pakotni, izpildiet sekojošu komandu:
-chef.registry=Uzst�diet šo reģistru fail� <code>~/.chef/config.rb</code>:
 chef.install=Lai uzst�dītu pakotni, ir j�izpilda šī komanda:
-composer.registry=Pievienojiet šo reģistru sav� <code>~/.composer/config.json</code> fail�:
 composer.install=Lai instalētu Composer pakotni, izpildiet sekojošu komandu:
 composer.dependencies=Atkarības
 composer.dependencies.development=Izstr�des atkarības
 conan.details.repository=Repozitorijs
-conan.registry=Konfigurējiet šo reģistru no komandrindas:
 conan.install=Lai instalētu Conan pakotni, izpildiet sekojošu komandu:
-conda.registry=Uzst�diet šo reģistru k� Conda repozitoriju fail� <code>.condarc</code>:
 conda.install=Lai instalētu Conda pakotni, izpildiet sekojošu komandu:
 container.details.type=Attēla form�ts
 container.details.platform=Platforma
@@ -3243,9 +3094,7 @@ container.layers=Attēla sl�ņi
 container.labels=Iezīmes
 container.labels.key=Atslēga
 container.labels.value=Vērtība
-cran.registry=Iestaties šo reģistru sav� <code>Rprofile.site</code> fail�:
 cran.install=Lai uzst�dītu pakotni, ir j�izpilda šī komanda:
-debian.registry=Konfigurējiet šo reģistru no komandrindas:
 debian.registry.info=Izvēlieties $distribution un $component no saraksta zem�k.
 debian.install=Lai uzst�dītu pakotni, ir j�izpilda šī komanda:
 debian.repository=Repozitorija inform�cija
@@ -3254,16 +3103,11 @@ debian.repository.components=Komponentes
 debian.repository.architectures=Arhitektūras
 generic.download=Lejupiel�dēt pakotni, izmantojot, komandrindu:
 go.install=Instalēt pakotni no komandrindas:
-helm.registry=Konfigurējiet šo reģistru no komandrindas:
 helm.install=Lai instalētu pakotni, nepieciešams izpildīt sekojošu komandu:
-maven.registry=Konfigurējiet šo reģistru sava projekta <code>pom.xml</code> fail�:
-maven.install=Lai izmantotu pakotni, sadaļ� <code>dependencies</code> fail� <code>pom.xml</code> ievietojiet sekojošas rindas:
 maven.install2=Izpildiet no komandrindas:
 maven.download=Izpildiet no komandrindas, lai lejupiel�dētu šo atkarību:
-nuget.registry=Konfigurējiet šo reģistru no komandrindas:
 nuget.install=Lai instalētu NuGet pakotni, izpildiet sekojošu komandu:
 nuget.dependency.framework=MÄ“rÄ·a ietvars
-npm.registry=Konfigurējiet šo reģistru sava projekta <code>.npmrc</code> fail�:
 npm.install=Lai instalētu npm pakotni, izpildiet sekojošu komandu:
 npm.install2=vai pievienojiet fail� package.json sekojošas rindas:
 npm.dependencies=Atkarības
@@ -3274,7 +3118,6 @@ npm.details.tag=Tags
 pub.install=Lai instalētu Dart pakotni, izpildiet sekojošu komandu:
 pypi.requires=Nepieciešams Python
 pypi.install=Lai instalētu pip pakotni, izpildiet sekojošu komandu:
-rpm.registry=Konfigurējiet šo reģistru no komandrindas:
 rpm.distros.redhat=uz RedHat balstīt�s operēt�jsistēm�s
 rpm.distros.suse=uz SUSE balstīt�s operēt�jsistēm�s
 rpm.install=Lai uzst�dītu pakotni, ir j�izpilda šī komanda:
@@ -3286,7 +3129,6 @@ rubygems.dependencies.runtime=Izpildlaika atkarības
 rubygems.dependencies.development=Izstr�des atkarības
 rubygems.required.ruby=Nepieciešam� Ruby versija
 rubygems.required.rubygems=Nepieciešam� RubyGem versija
-swift.registry=Konfigurējiet šo reģistru no komandrindas:
 swift.install=Pievienojiet pakotni sav� <code>Package.swift</code> fail�:
 swift.install2=un izpildiet sekojošu komandu:
 vagrant.install=Lai pievienotu Vagrant kasti, izpildiet sekojošu komandu:
@@ -3309,7 +3151,6 @@ owner.settings.cargo.initialize.success=Cargo indekss tika veiksmÄ«gi inicializÄ
 owner.settings.cargo.rebuild=P�rbūvēt indeksu
 owner.settings.cargo.rebuild.description=P�rbūvēšana var būt noderīga, ja indekss nav sinhronizēts ar saglab�taj�m Cargo pakotnēm.
 owner.settings.cargo.rebuild.error=Neizdev�s p�rbūvēt Cargo indeksu: %v
-owner.settings.cargo.rebuild.success=Cargo indekss tika veiksmīgi p�rbūvēts.
 owner.settings.cleanuprules.title=P�rvaldīt notīrīšanas noteikumus
 owner.settings.cleanuprules.add=Pievienot notīrīšanas noteikumu
 owner.settings.cleanuprules.edit=Labot notīrīšanas noteikumu
@@ -3338,12 +3179,13 @@ owner.settings.chef.keypair.description=Atslēgu p�ris ir nepieciešams, lai au
 secrets=Noslēpumi
 description=Noslēpumi tiks padoti atsevišķ�m darbīb�m un cit�di nevar tikt nolasīti.
 none=Pagaid�m nav neviena noslēpuma.
-creation=Pievienot noslēpumu
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Apraksts
 creation.name_placeholder=reģistr-nejūtīgs, tikai burti, cipari un apakšsvītras, nevar s�kties ar GITEA_ vai GITHUB_
 creation.value_placeholder=Ievadiet jebk�du saturu. Atstarpes s�kum� un beig� tiks noņemtas.
-creation.success=Noslēpums "%s" tika pievienots.
-creation.failed=Neizdev�s pievienot noslēpumu.
+
+
 deletion=Dzēst noslēpumu
 deletion.description=Noslēpuma dzēšana ir neatgriezeniska. Vai turpin�t?
 deletion.success=Noslēpums tika izdzēsts.
@@ -3391,7 +3233,6 @@ runners.delete_runner=Dzēst izpildīt�ju
 runners.delete_runner_success=Izpildīt�js veiksmīgi izdzēsts
 runners.delete_runner_failed=Neizdev�s izdzēst izpildīt�ju
 runners.delete_runner_header=Apstiprin�t izpildīt�ja izdzēšanu
-runners.delete_runner_notice=Ja šis izpildīt�js veic k�dus uzdevumus, tad tie tiks apturēti un atzīmēti k� neizdevušies. Tas var saboj�t būvēšanas darbaplūsmas.
 runners.none=Nav pieejami izpildīt�ji
 runners.status.unspecified=Nezin�ms
 runners.status.idle=Dīkst�vē
diff --git a/options/locale/locale_nl-NL.ini b/options/locale/locale_nl-NL.ini
index 77bf2d2d59..c04d843ae5 100644
--- a/options/locale/locale_nl-NL.ini
+++ b/options/locale/locale_nl-NL.ini
@@ -40,7 +40,6 @@ webauthn_use_twofa=Gebruik een twee-factor code van uw telefoon
 webauthn_error=Kon uw beveiligingssleutel niet lezen.
 webauthn_unsupported_browser=Uw browser ondersteunt momenteel geen WebAuthn.
 webauthn_error_unknown=Er is een onbekende fout opgetreden. Probeer het opnieuw.
-webauthn_error_insecure=WebAuthn ondersteunt alleen beveiligde verbindingen. Om te testen via HTTP, kan je de oorsprong "localhost" of "127.0.0.1" gebruiken
 webauthn_error_unable_to_process=De server kon uw verzoek niet verwerken.
 webauthn_error_duplicated=De beveiligingssleutel is niet toegestaan voor dit verzoek. Zorg er alstublieft voor dat de sleutel niet al geregistreerd is.
 webauthn_error_empty=U moet een naam voor deze sleutel instellen.
@@ -165,16 +164,10 @@ path=Pad
 sqlite_helper=Bestandspad voor de SQLite3-database.<br>Vul een volledig pad in als je GItea als een service uitvoert.
 reinstall_error=U probeert te installeren in een bestaande Gitea database
 reinstall_confirm_message=Herinstalleren met een bestaande Gitea-database kan meerdere problemen veroorzaken. In de meeste gevallen kun je het bestaande "app.ini" gebruiken om Gitea te laten draaien. Als je weet wat je aan het doen bent, bevestig dan het volgende:
-reinstall_confirm_check_1=De gegevens versleuteld door de SECRET_KEY in de app.ini kan verloren gaan: gebruikers kunnen mogelijk niet meer inloggen met 2FA/OTP & spiegels werken mogelijk niet meer. Door dit vakje aan te vinken bevestigt u dat het huidige app.ini bestand de juiste SECRET_KEY bevat.
-reinstall_confirm_check_2=De repositories en instellingen moeten mogelijk opnieuw worden gesynchroniseerd. Door dit vakje aan te vinken, bevestigt u dat u de hooks voor de repositories en authorized_keys bestand handmatig zult hersynchroniseren. U bevestigt dat u ervoor zult zorgen dat de instellingen van de repository en mirror correct zijn.
 reinstall_confirm_check_3=Je bevestigt dat je er absoluut zeker van bent dat deze Gitea draait met de juiste app. Geen locatie en dat je zeker weet dat je opnieuw moet installeren. Je bevestigt dat je de hierbovenstaande risico's erkent.
 err_empty_db_path=SQLite3 database pad mag niet leeg zijn.
 no_admin_and_disable_registration=U kunt zelf-registratie van de gebruiker niet uitschakelen zonder het maken van een administrator-account.
 err_empty_admin_password=Het administrator-wachtwoord mag niet leeg zijn.
-err_empty_admin_email=Het e-mailadres van Het beheerder mag niet leeg zijn.
-err_admin_name_is_reserved=Gebruikersnaam van beheerder is ongeldig, gebruikersnaam is gereserveerd
-err_admin_name_pattern_not_allowed=Gebruikersnaam van beheerder is ongeldig, de gebruikersnaam is gereserveerd
-err_admin_name_is_invalid=Gebruikersnaam van beheerder is ongeldig
 
 general_title=Algemene Instellingen
 app_name=Naam site
@@ -189,7 +182,6 @@ domain_helper=Domein of hostadres voor de server.
 ssh_port=SSH server-poort
 ssh_port_helper=Nummer van de poort die uw SSH-server gebruikt. Laat dit veld leeg om de SSH functie uit te schakelen.
 http_port=Gitea HTTP-poort
-http_port_helper=De poort waar de web server van Gitea naar gaat luisteren.
 app_url=Gitea base URL
 app_url_helper=Basisadres voor HTTP(S) kloon URL's en e-mailmeldingen.
 log_root_path=Log-pad
@@ -297,7 +289,6 @@ allow_password_change=Verplicht de gebruiker om zijn/haar wachtwoord te wijzigen
 reset_password_mail_sent_prompt=Een bevestigingsmail is verstuurd naar <b>%s</b>. Controleer uw inbox in de volgende %s om het herstel van uw account te voltooien.
 active_your_account=Activeer uw account
 account_activated=Account is geactiveerd
-prohibit_login=Inloggen niet toegestaan
 resent_limit_prompt=Sorry, je hebt te snel na elkaar een aanvraag gedaan voor een activatiemail. Wacht drie minuten voor je volgende aanvraag.
 has_unconfirmed_mail=Beste %s, u heeft een onbevestigd e-mailadres (<b>%s</b>). Als u nog geen bevestiging heeft ontvangen, of u een nieuwe aanvraag wilt doen, klik dan op de onderstaande knop.
 resend_mail=Klik hier om uw activatie mail nog een keer te verzenden
@@ -329,13 +320,10 @@ openid_connect_title=Verbind met een bestaand account
 openid_connect_desc=De gekozen OpenID-URI is onbekend. Koppel het aan een nieuw account hier.
 openid_register_title=Nieuw account aanmaken
 openid_register_desc=De gekozen OpenID-URI is onbekend. Koppel het aan een nieuw account hier.
-disable_forgot_password_mail=Accountherstel is uitgeschakeld omdat er geen e-mailadres is ingesteld. Neem aub contact op met uw administrator.
-disable_forgot_password_mail_admin=Accountherstel is alleen beschikbaar wanneer een e-mailadres is ingesteld. Stel e-mailadres in om accountherstel te activeren.
 email_domain_blacklisted=Je kan je niet registreren met dit e-mailadres.
 authorize_application=Autoriseer applicatie
 authorize_redirect_notice=U wordt doorgestuurd naar %s als u deze toepassing toestaat.
 authorize_application_created_by=Deze applicatie is gemaakt door %s.
-authorize_application_description=Als u toegang verleent, zal de applicatie toegang hebben tot en kunnen schrijven naar al uw accountgegevens, met inbegrip van privérepo's en -organisaties.
 authorize_title=Autoriseer "%s" voor toegang tot uw account?
 authorization_failed=Autorisatie mislukt
 sspi_auth_failed=SSPI-authenticatie mislukt
@@ -355,8 +343,6 @@ activate_email=Verifieer uw e-mailadres
 activate_email.text=Klik op de volgende link om je e-mailadres te bevestigen in <b>%s</b>:
 
 register_notify.title=%[1]s, welkom bij %[2]s
-register_notify.text_1=dit is uw registratie bevestigingsemail voor %s!
-register_notify.text_2=U kunt nu inloggen via de gebruikersnaam: %s.
 register_notify.text_3=Als dit account voor u is aangemaakt, kunt u eerst <a href="%s">uw wachtwoord instellen</a>.
 
 reset_password=Account herstellen
@@ -394,7 +380,6 @@ release.download.targz=Broncode (TAR.GZ)
 repo.transfer.subject_to=%s zou "%s" willen overdragen aan %s
 repo.transfer.subject_to_you=%s wil "%s" aan jou overdragen
 repo.transfer.to_you=jij
-repo.transfer.body=Om het te accepteren of afwijzen, bezoek %s of negeer het gewoon.
 
 repo.collaborator.added.subject=%s heeft jou toegevoegd aan %s
 repo.collaborator.added.text=U bent toegevoegd als een medewerker van de repository:
@@ -449,11 +434,9 @@ username_change_not_local_user=Niet-lokale gebruikers mogen hun gebruikersnaam n
 repo_name_been_taken=De repository-naam wordt al gebruikt.
 repository_force_private=Forceer privé is ingeschakeld: privé repositories kunnen niet openbaar worden gemaakt.
 repository_files_already_exist=Er bestaan al bestanden voor deze repository. Neem contact op met de systeembeheerder.
-repository_files_already_exist.adopt=Bestanden bestaan al voor deze repository en kunnen alleen worden geadopteerd.
 repository_files_already_exist.delete=Er bestaan al bestanden voor deze repository. U moet deze verwijderen.
 repository_files_already_exist.adopt_or_delete=Er bestaan al bestanden voor deze repository. Adopteer of verwijder deze.
 visit_rate_limit=Bezoeklimiet op afstand gerichter.
-2fa_auth_required=Extern bezoek vereist twee-factor authenticatie.
 org_name_been_taken=Naam van de organisatie wordt al gebruikt.
 team_name_been_taken=De teamnaam is al in gebruik.
 team_no_units_error=Toegang verlenen tot ten minste één repository sectie.
@@ -580,7 +563,6 @@ activate_email=Stuur activatie
 activations_pending=Activaties in behandeling
 delete_email=Verwijder
 email_deletion=Verwijder e-mailadres
-email_deletion_desc=Het e-mailadres en verwante informatie worden verwijderd uit je account. Git commits van dit e-mailadres blijven ongewijzigd. Wil je doorgaan?
 email_deletion_success=Het e-mailadres is verwijderd.
 theme_update_success=Je thema is bijgewerkt.
 theme_update_error=Het geselecteerde thema bestaat niet.
@@ -621,7 +603,6 @@ gpg_key_matched_identities_long=De ingesloten identiteiten in deze sleutel komen
 gpg_key_verified=Geverifieerde sleutel
 gpg_key_verified_long=Sleutel is geverifieerd met een token en kan worden gebruikt om commits te verifiëren die overeenkomen met alle geactiveerde e-mailadressen voor deze gebruiker naast de bijbehorende identiteiten voor deze sleutel.
 gpg_key_verify=Verifiëren
-gpg_invalid_token_signature=De opgegeven GPG-sleutel, handtekening en token komen niet overeen of de token is verouderd.
 gpg_token_required=U moet een handtekening opgeven voor de onderstaande token
 gpg_token=Token
 gpg_token_help=U kunt een handtekening genereren met:
@@ -630,7 +611,6 @@ key_signature_gpg_placeholder=Begint met '-----BEGIN PGP SIGNATURE-----'
 ssh_key_verified=Geverifieerde sleutel
 ssh_key_verified_long=Sleutel is geverifieerd met een token en kan worden gebruikt om commits te verifiëren die overeenkomen met alle geactiveerde e-mailadressen voor deze gebruiker.
 ssh_key_verify=Verifiëren
-ssh_invalid_token_signature=De verstrekte SSH-sleutel, handtekening of token komen niet overeen of de token is verouderd.
 ssh_token_required=U moet een handtekening opgeven voor het onderstaande token
 ssh_token=Token
 ssh_token_help=U kunt een handtekening genereren door het volgende:
@@ -647,7 +627,6 @@ gpg_key_deletion=Verwijder GPG-sleutel
 ssh_principal_deletion=Verwijder de SSH-certificaat verantwoordelijke
 ssh_key_deletion_desc=Als je een SSH-sleutel verwijdert, heb er geen toegang meer mee. Doorgaan?
 gpg_key_deletion_desc=Als je een GPG-sleutel verwijdert, kunnen hiermee ondertekende commits niet meer geverifieerd worden. Doorgaan?
-ssh_principal_deletion_desc=Als je een SSH-certificaat verandtwoordelijke verwijdert, heeft deze geen toegang meer tot je account. Doorgaan?
 ssh_key_deletion_success=De SSH-sleutel is verwijderd.
 gpg_key_deletion_success=De GPG-sleutel is verwijderd.
 ssh_principal_deletion_success=De verantwoordelijke is verwijderd.
@@ -701,12 +680,10 @@ oauth2_application_create_description=OAuth2 applicaties geven je derde partij a
 authorized_oauth2_applications=Geautoriseerde OAuth2 applicaties
 revoke_key=Intrekken
 revoke_oauth2_grant=Toegang intrekken
-revoke_oauth2_grant_description=Het intrekken van toegang voor deze derde partij applicatie zal deze applicatie geen toegang tot uw gegevens geven. Weet u het zeker?
 
 twofa_is_enrolled=Je account is momenteel <strong>ingeschreven</strong> voor two-factor authenticatie.
 twofa_not_enrolled=Je account is momenteel niet ingeschreven voor two-factor authenticatie.
 twofa_disable=Schakel tweetrapsauthenticatie uit
-twofa_enroll=Two-factor authenticatie inschakelen
 twofa_disable_note=Je kan tweefactorauthenticatie indien nodig uitschakelen.
 twofa_disable_desc=Het uitschakelen van tweefactorauthenticatie maakt je account minder veilig. Doorgaan?
 twofa_disabled=Two-factor authenticatie is uitgeschakeld.
@@ -719,11 +696,9 @@ twofa_failed_get_secret=Kon geheim niet ophalen.
 webauthn_register_key=Voeg beveiligingssleutel toe
 webauthn_nickname=Bijnaam
 webauthn_delete_key=Verwijder beveiligingssleutel
-webauthn_delete_key_desc=Als u een beveiligingssleutel verwijdert, kunt u er niet meer mee inloggen. Doorgaan?
 
 manage_account_links=Gekoppelde accounts beheren
 manage_account_links_desc=Deze externe accounts zijn gekoppeld aan je Gitea-account.
-account_links_not_available=Er zijn momenteel geen externe accounts aan je Gitea-account gelinkt.
 link_account=Account koppelen
 remove_account_link=Gekoppeld account verwijderen
 remove_account_link_desc=Als je een gekoppeld account verwijdert, verliest dit account toegang tot je Gitea-account. Doorgaan?
@@ -806,7 +781,6 @@ mirror_address_desc=Voeg alle vereiste inloggegevens toe in de autorisatie secti
 mirror_lfs=Grote bestandsopslag (LFS)
 mirror_lfs_desc=Activeer spiegelen van LFS-gegevens.
 mirror_lfs_endpoint=LFS Eindpunt
-mirror_lfs_endpoint_desc=Synchronisatie zal proberen de kloon-url te gebruiken om <a target="_blank" rel="noopener noreferrer" href="%s">de LFS-server</a>te bepalen. Je kan ook een aangepast eindpunt opgeven als de LFS-gegevens ergens anders zijn opgeslagen.
 mirror_last_synced=Laatst gesynchroniseerd
 mirror_password_placeholder=(Ongewijzigd)
 mirror_password_blank_placeholder=(Niet ingesteld)
@@ -817,7 +791,6 @@ forks=Forks
 reactions_more=en %d meer
 unit_disabled=De sitebeheerder heeft deze repositorie sectie uitgeschakeld.
 language_other=Andere
-adopt_search=Voer gebruikersnaam in om te zoeken naar niet-geadopteerde repositories... (laat leeg om alles te vinden)
 adopt_preexisting_label=Bestanden adopteren
 adopt_preexisting=Bestaamde bestanden adopteren
 adopt_preexisting_content=Maak een repository van %s
@@ -874,17 +847,14 @@ migrate_items_releases=Releases
 migrate_repo=Migreer repository
 migrate.clone_address=Migreer / kloon van URL
 migrate.clone_address_desc=De HTTP(s)- of 'git clone'-URL van een bestaande repository
-migrate.github_token_desc=Je kunt hier een of meerdere tokens met komma gescheiden plaatsen om sneller te migreren door de GitHub API limiet te beperken. WAARSCHUWING: Het misbruik van deze functie kan in strijd zijn met het beleid van de serviceprovider en leiden tot het blokkeren van rekeningen.
 migrate.clone_local_path=of een lokaal pad
 migrate.permission_denied=U bent niet gemachtigd om deze lokale repositories te importeren.
-migrate.permission_denied_blocked=Je kunt niet importeren uit niet-toegestane hosts, vraag de beheerder om de instellingen ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS te controleren.
 migrate.invalid_lfs_endpoint=Het LFS-eindpunt is niet geldig.
 migrate.failed=Migratie is mislukt: %v
 migrate.migrate_items_options=Toegangstoken is vereist om extra items te migreren
 migrated_from=Gemigreerd van <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Gemigreerd van %[1]s
 migrate.migrate=Migreer van %s
-migrate.migrating=Migreren van <b>%s</b>...
 migrate.migrating_failed=Migreren van <b>%s</b> is mislukt.
 migrate.migrating_failed_no_addr=Migratie is mislukt.
 migrate.github.description=Gegevens overzetten van github.com of andere GitHub instanties.
@@ -921,7 +891,6 @@ quick_guide=Snelstart gids
 clone_this_repo=Kloon deze repository
 create_new_repo_command=Maak een nieuwe repository aan vanaf de console
 push_exist_repo=Push een bestaande repositorie vanaf de console
-empty_message=Deze repository bevat geen inhoud.
 broken_message=De Git gegevens die ten grondslag liggen aan deze repository kunnen niet worden gelezen. Neem contact op met de beheerder van deze instantie of verwijder deze repository.
 
 code=Code
@@ -938,7 +907,6 @@ pulls=Pull-aanvragen
 projects=Projecten
 packages=Paketten
 labels=Labels
-org_labels_desc=Organisatielabel dat gebruikt kan worden met <strong>alle repositories</strong> onder deze organisatie
 org_labels_desc_manage=beheren
 
 milestone=Mijlpaal
@@ -965,7 +933,6 @@ file_copy_permalink=Permalink kopiëren
 view_git_blame=Bekijk Git Blame
 video_not_supported_in_browser=Je browser ondersteunt de HTML5 'video'-tag niet.
 audio_not_supported_in_browser=Je browser ondersteunt de HTML5 'audio'-tag niet.
-stored_lfs=Opgeslagen met Git LFS
 symbolic_link=Symbolic link
 commit_graph=Commit grafiek
 commit_graph.select=Selecteer branches
@@ -1013,7 +980,6 @@ editor.file_changed_while_editing=De bestandsinhoud is veranderd sinds je bent b
 editor.commit_empty_file_header=Commit een leeg bestand
 editor.commit_empty_file_text=Het bestand dat u wilt committen is leeg. Doorgaan?
 editor.no_changes_to_show=Er zijn geen wijzigingen om weer te geven.
-editor.fail_to_update_file_summary=Foutmelding:
 editor.push_rejected_no_message=De wijziging is afgewezen door de server zonder bericht. Controleer de Git Hooks alsjeblieft.
 editor.push_rejected=De wijziging is afgewezen door de server. Controleer Controleer de Git Hooks alsjeblieft.
 editor.push_rejected_summary=Volledig afwijzingsbericht:
@@ -1024,6 +990,7 @@ editor.require_signed_commit=Branch vereist een ondertekende commit
 editor.cherry_pick=Cherry-pick %s op:
 editor.revert=%s ongedaan maken op:
 
+
 commits.desc=Bekijk de broncode-wijzigingsgeschiedenis.
 commits.commits=Commits
 commits.nothing_to_compare=Deze branches zijn gelijk.
@@ -1141,7 +1108,6 @@ issues.filter_milestone=Mijlpaal
 issues.filter_project=Project
 issues.filter_project_none=Geen project
 issues.filter_assignee=Aangewezene
-issues.filter_assginee_no_assignee=Geen verantwoordelijke
 issues.filter_poster=Auteur
 issues.filter_type=Type
 issues.filter_type.all_issues=Alle kwesties
@@ -1152,7 +1118,6 @@ issues.filter_type.review_requested=Review aangevraagd
 issues.filter_sort=Sorteer
 issues.filter_sort.latest=Nieuwste
 issues.filter_sort.oldest=Oudste
-issues.filter_sort.recentupdate=Recent bijgewerkt
 issues.filter_sort.leastupdate=Minst recent bijgewerkt
 issues.filter_sort.mostcomment=Meest besproken
 issues.filter_sort.leastcomment=Minst besproken
@@ -1234,7 +1199,6 @@ issues.subscribe=Abonneren
 issues.unsubscribe=Uitschrijven
 issues.lock=Gesprek vergrendelen
 issues.unlock=Gesprek ontgrendelen
-issues.lock.unknown_reason=Kan een probleem niet vergrendelen met een onbekende reden.
 issues.lock_duplicate=Een issue kan niet twee keer vergrendeld worden.
 issues.unlock_error=Kan een niet vergrendeld issue niet ontgrendelen.
 issues.lock_with_reason=vergrendeld als <strong>%s</strong> en beperkt gesprek tot medewerkers %s
@@ -1242,7 +1206,6 @@ issues.lock_no_reason=vergrendelde en beperkte conversatie voor medewerkers %s
 issues.unlock_comment=ontgrendelde deze conversatie %s
 issues.lock_confirm=Vergrendel
 issues.unlock_confirm=Ontgrendelen
-issues.lock.notice_1=- Andere gebruikers kunnen geen nieuwe reacties toevoegen aan dit probleem.
 issues.lock.notice_2=- U en andere medewerkers die toegang hebben tot deze repository kunnen nog steeds reacties achterlaten die anderen kunnen zien.
 issues.lock.notice_3=- U kunt dit probleem in de toekomst altijd weer ontgrendelen.
 issues.unlock.notice_1=- Iedereen zou nog eens commentaar op dit probleem kunnen geven.
@@ -1298,8 +1261,6 @@ issues.dependency.pr_closing_blockedby=Het sluiten van deze pull-aanvraag is geb
 issues.dependency.issue_closing_blockedby=Het sluiten van dit issue is geblokkeerd door de volgende problemen
 issues.dependency.issue_close_blocks=Deze kwestie blokkeert het sluiten van de volgende kwesties
 issues.dependency.pr_close_blocks=Deze pull-aanvraag blokkeert het sluiten van de volgende kwesties
-issues.dependency.issue_close_blocked=Je moet alle kwesties die deze kwestie blokkeren sluiten voordat je deze kan sluiten.
-issues.dependency.pr_close_blocked=Je moet alle kwesties die deze pull-aanvraag blokkeren sluiten voordat je deze kan sluiten.
 issues.dependency.blocks_short=Blokkeert
 issues.dependency.blocked_by_short=Afhankelijk van
 issues.dependency.remove_header=Verwijder afhankelijkheid
@@ -1310,12 +1271,10 @@ issues.dependency.add_error_same_issue=Je kan een kwestie niet afhankelijk maken
 issues.dependency.add_error_dep_issue_not_exist=De afhankelijke kwestie bestaat niet.
 issues.dependency.add_error_dep_not_exist=Afhankelijkheid bestaat niet.
 issues.dependency.add_error_dep_exists=Afhankelijkheid bestaat al.
-issues.dependency.add_error_cannot_create_circular=Je kan geen afhankelijkheid maken waarbij twee kwesties elkaar blokkeren.
 issues.dependency.add_error_dep_not_same_repo=Beide kwesties moeten in dezelfde repository zijn.
 issues.review.self.approval=Je kan je eigen pull-aanvraag niet goedkeuren.
 issues.review.self.rejection=Je kan geen wijzigingen aanvragen op je eigen pull-aanvraag.
 issues.review.approve=heeft deze veranderingen %s goedgekeurd
-issues.review.dismissed=%s's beoordeling afgewezen %s
 issues.review.dismissed_label=Afgewezen
 issues.review.left_comment=heeft een reactie achtergelaten
 issues.review.content.empty=Je moet een reactie achterlaten die de gewenste verandering(en) beschrijft.
@@ -1323,7 +1282,6 @@ issues.review.reject=aangevraagde wijzigingen %s
 issues.review.wait=is gevraagd voor review %s
 issues.review.add_review_request=heeft een review aangevraagd van %s %s
 issues.review.remove_review_request=beoordelingsaanvraag voor %s %s verwijderd
-issues.review.remove_review_request_self=beoordeling geweigerd %s
 issues.review.pending=In behandeling
 issues.review.review=Review
 issues.review.reviewers=Reviewers
@@ -1336,7 +1294,6 @@ issues.review.resolve_conversation=Gesprek oplossen
 issues.review.un_resolve_conversation=Gesprek niet oplossen
 issues.review.resolved_by=markeerde dit gesprek als opgelost
 issues.review.commented=Opmerking
-issues.assignee.error=Niet alle aangewezen personen zijn toegevoegd vanwege een onverwachte fout.
 issues.reference_issue.body=Inhoud
 issues.content_history.deleted=verwijderd
 issues.content_history.edited=bewerkt
@@ -1387,7 +1344,6 @@ pulls.add_prefix=Voeg <strong>%s</strong> prefix toe
 pulls.remove_prefix=Verwijder <strong>%s</strong> prefix
 pulls.data_broken=Deze pull-aanvraag is ongeldig wegens missende fork-informatie.
 pulls.files_conflicted=Dit pull request heeft wijzigingen die strijdig zijn met de doel branch.
-pulls.is_checking=Controle op samenvoegingsconflicten is nog bezig. Probeer later nog een keer.
 pulls.is_ancestor=Deze branch is al opgenomen in de toegewezen branch. Er is niets om samen te voegen.
 pulls.is_empty=De wijzigingen in deze branch bevinden zich al in de toegewezen branch. Dit zal een lege commit zijn.
 pulls.required_status_check_failed=Sommige vereiste controles waren niet succesvol.
@@ -1404,29 +1360,20 @@ pulls.reject_count_1=%d wijzigingsverzoek
 pulls.reject_count_n=%d wijzigingsverzoeken
 pulls.waiting_count_1=%d wachtende beoordeling
 pulls.waiting_count_n=%d wachtende beoordelingen
-pulls.wrong_commit_id=commit id moet een commit id zijn op de doelbranch
 
 pulls.no_merge_desc=Deze pull-aanvraag kan niet worden samengevoegd, omdat alle samenvoegingsopties zijn uitgeschakeld.
 pulls.no_merge_helper=Schakel samenvoegingsopties in in de repositoryinstellingen of voeg de pull-aanvraag handmatig samen.
 pulls.no_merge_wip=Deze pull-aanvraag kan niet worden samengevoegd omdat hij als "work in progress" is gemarkeerd.
-pulls.no_merge_not_ready=Deze pull-aanvraag is niet klaar om samen te voegen, controleer de status en status controles.
 pulls.no_merge_access=Je bent niet gemachtigd om deze pull-aanvraag samen te voegen.
 pulls.merge_pull_request=Maak samenvoeg-commit
-pulls.rebase_merge_pull_request=Herbaseren dan snel-voorwaarts
-pulls.rebase_merge_commit_pull_request=Herbaseren dan samenvoeg-commit maken
 pulls.squash_merge_pull_request=Maak samenvoeg-commit
 pulls.merge_manually=Handmatig samengevoegd
 pulls.merge_commit_id=De merge commit ID
 pulls.require_signed_wont_sign=De branch heeft ondertekende commits nodig, maar deze merge zal niet worden ondertekend
 
 pulls.invalid_merge_option=Je kan de samenvoegingsoptie niet gebruiken voor deze pull-aanvraag.
-pulls.merge_conflict=Samenvoegen mislukt: Er was een conflict tijdens het samenvoegen. Hint: Probeer een andere strategie
 pulls.merge_conflict_summary=Foutmelding
-pulls.rebase_conflict=Samenvoegen mislukt: Er was een conflict tijdens het rebasen van commit: %[1]s. Hint: Probeer een andere strategie
 pulls.rebase_conflict_summary=Foutmelding
-pulls.unrelated_histories=Samenvoegen mislukt: de HEAD en base delen geen gemeenschappelijke geschiedenis. Tip: Probeer een andere strategie
-pulls.merge_out_of_date=Samenvoegen mislukt: Tijdens het samenvoegen is de basis bijgewerkt. Tip: Probeer het opnieuw.
-pulls.head_out_of_date=Samenvoegen mislukt: tijdens het genereren van de samenvoeging is de kop bijgewerkt. Tip: Probeer het opnieuw.
 pulls.push_rejected_summary=Volledig afwijzingsbericht
 pulls.open_unmerged_pull_exists=`Je kan deze pull-aanvraag niet opnieuw openen omdat er een andere (#%d) met identieke eigenschappen open staat.`
 pulls.status_checking=Sommige controles zijn in behandeling
@@ -1554,7 +1501,6 @@ activity.title.releases_1=%d Release
 activity.title.releases_n=%d Releases
 activity.title.releases_published_by=%s gepubliceerd door %s
 activity.published_release_label=Gepubliceerd
-activity.no_git_activity=Er is in deze periode geen sprake geweest van een commit activiteit.
 activity.git_stats_exclude_merges=Exclusief merges,
 activity.git_stats_author_1=%d auteur
 activity.git_stats_author_n=%d auteurs
@@ -1579,7 +1525,6 @@ activity.git_stats_deletion_n=%d verwijderingen
 contributors.contribution_type.commits=Commits
 
 settings=Instellingen
-settings.desc=In de instellingen kan je de instellingen van de repository aanpassen
 settings.options=Repository
 settings.collaboration=Medewerkers
 settings.collaboration.admin=Beheerder
@@ -1630,7 +1575,6 @@ settings.pulls_desc=Repository-pull-aanvragen inschakelen
 settings.pulls.ignore_whitespace=Witruimte negeren voor conflicten
 settings.trust_model.collaborator.long=Medewerker: Vertrouw handtekeningen door medewerkers
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: Vertrouw handtekeningen die overeenkomen met committers (Dit komt overeen met GitHub en zal Gitea ondertekende commits dwingen om Gitea als de committer te hebben)
 settings.trust_model.collaboratorcommitter=Medewerker+Committer
 settings.trust_model.collaboratorcommitter.long=Medewerker+Committer: Vertrouw handtekeningen door medewerkers die overeenkomen met de committer
 settings.wiki_delete=Wiki-gegevens verwijderen
@@ -1641,7 +1585,6 @@ settings.wiki_deletion_success=De repository wiki gegevens zijn verwijderd.
 settings.delete=Verwijder deze repository
 settings.delete_desc=Het verwijderen van een repository is permanent en kan niet ongedaan worden gemaakt.
 settings.delete_notices_1=- Deze bewerking kan <strong>NIET</strong> ongedaan gemaakt worden.
-settings.delete_notices_2=- Deze bewerking zal permanent de <strong>%s</strong> repository verwijderen, inclusief code, issues, opmerkingen, wikigegevens en instellingen voor medewerkers.
 settings.delete_notices_fork_1=- Forks van deze repository zullen onafhankelijk worden na verwijdering.
 settings.deletion_success=De repository is verwijderd.
 settings.update_settings_success=De repository-instellingen zijn bijgewerkt.
@@ -1660,8 +1603,6 @@ settings.team_not_in_organization=Het team zit niet in dezelfde organisatie als
 settings.teams=Teams
 settings.add_team=Team toevoegen
 settings.add_team_duplicate=Team heeft al de repository
-settings.add_team_success=Het team heeft nu toegang tot de repository.
-settings.change_team_permission_tip=Teammachtiging is ingesteld op de team-instellingspagina en kan niet per repository worden gewijzigd
 settings.delete_team_tip=Dit team heeft toegang tot alle repositories en kan niet verwijderd worden
 settings.remove_team_success=De toegang van het team tot de repository is verwijderd.
 settings.add_webhook=Webhook toevoegen
@@ -1670,8 +1611,6 @@ settings.hooks_desc=Webhooks maken automatisch een HTTP POST verzoek naar een se
 settings.webhook_deletion=Verwijder webhook
 settings.webhook_deletion_desc=Verwijderen van een webhook verwijdert de instellingen en de geschiedenis van afleveringen. Doorgaan?
 settings.webhook_deletion_success=Webhook is verwijderd.
-settings.webhook.test_delivery=Test-bezorging
-settings.webhook.test_delivery_desc=Test deze webhook met een nep-gebeurtenis.
 settings.webhook.request=Verzoek
 settings.webhook.response=Antwoord
 settings.webhook.headers=Headers
@@ -1711,7 +1650,6 @@ settings.event_repository=Repository
 settings.event_repository_desc=Repository gemaakt of verwijderd.
 settings.event_header_issue=Issue gebeurtenissen
 settings.event_issues=Kwesties
-settings.event_issues_desc=Issue geopend, gesloten, heropend of bewerkt.
 settings.event_issue_assign=Probleem toegekend
 settings.event_issue_assign_desc=Issue toegewezen of niet-toegewezen.
 settings.event_issue_label=Issue gelabeld
@@ -1722,7 +1660,6 @@ settings.event_issue_comment=Issue commentaar
 settings.event_issue_comment_desc=Issue reactie aangemaakt, bewerkt of verwijderd.
 settings.event_header_pull_request=Pull Request Events
 settings.event_pull_request=Pull request
-settings.event_pull_request_desc=Pull request geopend, gesloten, heropend of bewerkt.
 settings.event_pull_request_assign=Pull request toegewezen
 settings.event_pull_request_assign_desc=Pull request toegewezen of niet-toegewezen.
 settings.event_pull_request_label=Pull-aanvraag gelabeld
@@ -1838,11 +1775,9 @@ settings.lfs_invalid_locking_path=Ongeldig pad: %s
 settings.lfs_invalid_lock_directory=Kan map %s niet vergrendelen
 settings.lfs_lock_already_exists=Vergrendeling bestaat al: %s
 settings.lfs_lock=Vergrendel
-settings.lfs_lock_path=Bestandspad om te vergrendelen...
 settings.lfs_locks_no_locks=Geen Locks
 settings.lfs_lock_file_no_exist=Vergrendeld bestand bestaat niet in de standaard branch
 settings.lfs_force_unlock=Forceer ontgrendelen
-settings.lfs_pointers.found=%d blob-pointer(s) gevonden - %d gekoppeld, %d niet-gekoppeld (%d ontbreekt in de winkel)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=In Repo
@@ -1993,13 +1928,13 @@ settings.visibility.private=Privé (alleen zichtbaar voor organisatieleden)
 settings.visibility.private_shortname=Privé
 
 settings.update_settings=Instellingen bijwerken
+
+
 settings.update_avatar_success=De avatar van de organisatie is aangepast.
 settings.delete=Verwijder organisatie
 settings.delete_account=Verwijder deze organisatie
 settings.delete_prompt=Deze organisatie zal permanent worden verwijderd. U kunt dit <strong>NIET</strong> ongedaan maken!
 settings.confirm_delete_account=Bevestig verwijdering
-settings.delete_org_title=Verwijder organisatie
-settings.delete_org_desc=Deze organisatie zal permanent verwijderd worden. Doorgaan?
 settings.hooks_desc=Een webhook toevoegen die door <strong>alle repositories</strong> in deze organisatie getriggerd kan worden.
 
 settings.labels_desc=Voeg labels toe die kunnen worden gebruikt bij problemen voor <strong>alle repositories</strong> in deze organisatie.
@@ -2062,7 +1997,6 @@ users=Gebruikersacount
 organizations=Organisaties
 repositories=Repositories
 authentication=Authenticatie bronnen
-emails=Gebruikeremails
 config=Configuratie
 config_summary=Overzicht
 config_settings=Instellingen
@@ -2089,21 +2023,13 @@ dashboard.cron.process=Cron: %[1]s
 dashboard.cron.error=Fout in cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s is klaar
 dashboard.delete_inactive_accounts=Verwijder alle niet geactiveerde accounts
-dashboard.delete_inactive_accounts.started=Verwijder alle niet geactiveerde accounts taak gestart.
-dashboard.delete_repo_archives.started=Verwijder alle repositoryarchieven taak gestart.
 dashboard.delete_missing_repos=Verwijder alle repositories waarvan hun Git bestanden missen
-dashboard.delete_missing_repos.started=Verwijder alle repositories die hun Git bestanden missen taak gestart.
 dashboard.delete_generated_repository_avatars=Verwijder gegenereerde repository avatars
 dashboard.update_mirrors=Mirrors bijwerken
 dashboard.repo_health_check=Controleer alle repositories
 dashboard.check_repo_stats=Bekijk alle repository statistieken
 dashboard.archive_cleanup=Verwijder oude repositories archieven
-dashboard.deleted_branches_cleanup=Verwijderde branches opschonen
 dashboard.update_migration_poster_id=Werk migratie-poster IDs bij
-dashboard.git_gc_repos=Voer garbage collectie uit voor alle repositories
-dashboard.resync_all_sshkeys=Werk de '.ssh/authorized_keys' bestand bij met Gitea SSH sleutels.
-dashboard.resync_all_sshprincipals=Update het '.ssh/authorized_principals' bestand met Gitea SSH verantwoordelijken.
-dashboard.resync_all_hooks=Opnieuw synchroniseren van pre-ontvangst, bewerk en post-ontvangst hooks voor alle repositories.
 dashboard.reinit_missing_repos=Herinitialiseer alle ontbrekende Git repositories waarvoor records bestaan
 dashboard.sync_external_users=Externe gebruikersgegevens synchroniseren
 dashboard.server_uptime=Uptime server
@@ -2148,7 +2074,6 @@ users.2fa=2FA
 users.repos=Repos
 users.created=Aangemaakt
 users.last_login=Laatste keer ingelogd
-users.never_login=Nooit ingelogd
 users.send_register_notify=Stuur gebruikersregistratie notificatie
 users.edit=Bewerken
 users.auth_source=Authenticatiebron
@@ -2181,11 +2106,7 @@ users.list_status_filter.is_restricted=Beperkt
 emails.email_manage_panel=Gebruikers e-mail beheer
 emails.primary=Primair
 emails.activated=Geactiveerd
-emails.filter_sort.email=E-mail
-emails.filter_sort.email_reverse=E-mail (omgekeerd)
 emails.filter_sort.name=Gebruikersnaam
-emails.filter_sort.name_reverse=Gebruikersnaam (omgekeerd)
-emails.updated=E-mailadres bijgewerkt
 emails.not_updated=Bijwerken van het gevraagde e-mailadres is mislukt: %v
 emails.duplicate_active=Dit e-mailadres is al actief voor een andere gebruiker.
 emails.change_email_header=Update E-mail Eigenschappen
@@ -2267,18 +2188,14 @@ auths.oauth2_profileURL=Profiel URL
 auths.oauth2_emailURL=E-mail URL
 auths.enable_auto_register=Activeer automatische registratie
 auths.sspi_auto_create_users=Automatisch gebruikers maken
-auths.sspi_auto_create_users_helper=Toestaan dat de SSPI authenticatiemethode automatisch nieuwe accounts aanmaakt voor gebruikers die voor de eerste keer inloggen
 auths.sspi_auto_activate_users=Gebruikers automatisch activeren
 auths.sspi_auto_activate_users_helper=SSPI authenticatie methode toestaan om automatisch nieuwe gebruikers te activeren
 auths.sspi_strip_domain_names=Verwijder domeinnamen uit gebruikersnamen
 auths.sspi_separator_replacement=Scheidingsteken voor gebruik in plaats van \, / en @
-auths.sspi_separator_replacement_helper=Het karakter dat moet worden gebruikt om de scheidingstekens van namen op downniveau logon te vervangen (bijv. de \ in "DOMAIN\user") en gebruikersverantwoordelijken (bijv. de @ in "user@example.org").
 auths.sspi_default_language=Standaard gebruikerstaal
-auths.sspi_default_language_helper=Standaardtaal voor gebruikers wordt automatisch gemaakt met SSPI authenticatiemethode. Laat leeg als u de taal automatisch wilt detecteren.
 auths.tips=Tips
 auths.tips.oauth2.general=OAuth2 authenticatie
 auths.tip.oauth2_provider=OAuth2 Provider
-auths.tip.nextcloud=`Registreer een nieuwe OAuth consument op je installatie met behulp van het volgende menu "Instellingen -> Security -> OAuth 2.0 client"`
 auths.edit=Authenticatiebron bewerken
 auths.activated=Deze authenticatiebron is geactiveerd
 auths.update_success=De authenticatie-bron is bijgewerkt.
@@ -2311,8 +2228,6 @@ config.ssh_start_builtin_server=Gebruik de ingebouwde server
 config.ssh_port=Poort
 config.ssh_listen_port=Luister op poort
 config.ssh_root_path=Root-pad
-config.ssh_key_test_path=Pad voor key-tests
-config.ssh_keygen_path=Pad van keygen ('ssh-keygen')
 config.ssh_minimum_key_size_check=Controleer minimale key-lengte
 config.ssh_minimum_key_sizes=Minimale key-lengtes
 
@@ -2365,7 +2280,6 @@ config.mailer_sendmail_path=Sendmail pad
 config.mailer_sendmail_args=Extra argumenten voor Sendmail
 config.mailer_sendmail_timeout=Sendmail time-out
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=E-mailadres (bijv. test@example.com)
 config.send_test_mail=Test e-mail verzenden
 
 config.oauth_config=OAuth-configuratie
@@ -2430,7 +2344,6 @@ monitor.queue.exemplar=Type voorbeeld
 monitor.queue.numberworkers=Aantal workers
 monitor.queue.maxnumberworkers=Maximum aantal workers
 monitor.queue.settings.title=Pool instellingen
-monitor.queue.settings.maxnumberworkers=Maximum aantal workers
 monitor.queue.settings.maxnumberworkers.placeholder=Momenteel %[1]d
 monitor.queue.settings.maxnumberworkers.error=Maximaal aantal workers moet een nummer zijn
 monitor.queue.settings.submit=Instellingen bijwerken
@@ -2503,7 +2416,6 @@ error.generate_hash=Genereren van commit hash mislukt
 error.no_committer_account=Geen account gekoppeld aan het e-mailadres van de committer
 error.no_gpg_keys_found=Geen bekende sleutel gevonden voor deze handtekening in de database
 error.not_signed_commit=Geen ondertekende commit
-error.probable_bad_default_signature=WAARSCHUWING! Hoewel de standaard sleutel dit ID heeft, is deze commit niet geverifieerd! Deze commit is VERDACHT.
 
 [units]
 error.no_unit_allowed_repo=U heeft geen toegang tot een enkele sectie van deze repository.
@@ -2521,8 +2433,12 @@ settings.link.button=Repository link bijwerken
 owner.settings.cleanuprules.enabled=Ingeschakeld
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Omschrijving
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_pl-PL.ini b/options/locale/locale_pl-PL.ini
index f64b8771ac..a6f1143236 100644
--- a/options/locale/locale_pl-PL.ini
+++ b/options/locale/locale_pl-PL.ini
@@ -39,7 +39,6 @@ webauthn_use_twofa=Użyj kodu uwierzytelniania dwuskładnikowego ze swojego tele
 webauthn_error=Nie można odczytać Twojego klucza bezpieczeństwa.
 webauthn_unsupported_browser=Twoja przeglądarka nie obsługuje obecnie WebAuthn.
 webauthn_error_unknown=Wystąpił nieznany błąd. Spróbuj ponownie.
-webauthn_error_insecure=`WebAuthn obsługuje tylko bezpieczne połączenia. Do testowania przez HTTP można użyć "localhost" lub "127.0.0.1"`
 webauthn_error_unable_to_process=Serwer nie mógł obsłużyć Twojego żądania.
 webauthn_error_duplicated=Klucz bezpieczeństwa nie jest dozwolony dla tego żądania. Upewnij się, że klucz nie jest już zarejestrowany.
 webauthn_error_empty=Musisz ustawić nazwę dla tego klucza.
@@ -161,16 +160,10 @@ path=Ścieżka
 sqlite_helper=Ścieżka pliku dla bazy danych SQLite3.<br>Wpisz ścieżkę bezwzględną, jeśli Gitea jest uruchomiona jako usługa.
 reinstall_error=Próbujesz zainstalować w istniejącej już bazie danych Gitea
 reinstall_confirm_message=Ponowna instalacja z istniejącą bazą danych Gitea może powodować wiele problemów. W większości przypadków powinieneś użyć swojego istniejącego "app.ini" do uruchomienia Gitea. Jeśli wiesz, co robisz, potwierdź następujące działania:
-reinstall_confirm_check_1=Dane zaszyfrowane przez SECRET_KEY w app.ini mogą zostać utracone: użytkownicy mogą nie być w stanie zalogować się za pomocą 2FA/OTP, a serwery lustrzane mogą nie działać poprawnie. Zaznaczając to pole potwierdzasz, że aktualny plik app.ini zawiera poprawny klucz SECRET_KEY.
-reinstall_confirm_check_2=Repozytoria i ustawienia mogą wymagać ponownej synchronizacji. Zaznaczając to pole, potwierdzasz ponowną synchronizację hooks dla pliku repozytoriów i authorized_keys ręcznie. Potwierdzasz, że upewnisz się, że ustawienia repozytorium i kopii lustrzanej są poprawne.
 reinstall_confirm_check_3=Potwierdzasz, że jesteś całkowicie pewien, że ta Gitea działa z app.ini w poprawnej lokalizacji i że jesteś pewien, że musisz ponownie zainstalować. Potwierdzasz powyższe ryzyko.
 err_empty_db_path=Ścieżka do bazy danych SQLite3 nie może być pusta.
 no_admin_and_disable_registration=Nie możesz wyłączyć możliwości samodzielnej rejestracji kont użytkowników bez stworzenia konta administratora.
 err_empty_admin_password=Hasło administratora nie może być puste.
-err_empty_admin_email=Pole adresu e-mail administratora nie może być puste.
-err_admin_name_is_reserved=Nazwa użytkownika administratora jest nieprawidłowa, pseudonim jest zastrzeżony
-err_admin_name_pattern_not_allowed=Nazwa użytkownika administratora jest nieprawidłowa, pseudonim zawiera zastrzeżone znaki
-err_admin_name_is_invalid=Nazwa użytkownika administratora jest nieprawidłowa
 
 general_title=Ustawienia ogólne
 app_name=Tytuł witryny
@@ -185,7 +178,6 @@ domain_helper=Adres domeny lub hosta serwera.
 ssh_port=Port serwera SSH
 ssh_port_helper=Numer portu, na którym nasłuchuje Twój serwer SSH. Pozostaw puste, aby wyłączyć.
 http_port=Port nasłuchiwania HTTP Gitea
-http_port_helper=Numer portu nasłuchiwania serwera Gitea.
 app_url=Podstawowy adres URL Gitea
 app_url_helper=Podstawowy adres dla klonowania adresów URL HTTP(S) oraz powiadomień e-mail.
 log_root_path=Ścieżka dla logów
@@ -292,7 +284,6 @@ allow_password_change=Użytkownik musi zmienić hasło (zalecane)
 reset_password_mail_sent_prompt=E-mail potwierdzający został wysłany na adres <b>%s</b>. Sprawdź swoją skrzynkę odbiorczą w przeciągu %s, aby ukończyć proces odzyskiwania konta.
 active_your_account=Aktywuj swoje konto
 account_activated=Konto zostało aktywowane
-prohibit_login=Logowanie zabronione
 resent_limit_prompt=Zażądano już wiadomości aktywacyjnej. Zaczekaj 3 minuty i spróbuj ponownie.
 has_unconfirmed_mail=Witaj, %s, masz niepotwierdzony adres e-mail (<b>%s</b>). Jeśli nie otrzymałeś wiadomości e-mail z potwierdzeniem lub potrzebujesz wysłać nową, kliknij na poniższy przycisk.
 resend_mail=Kliknij tutaj, aby wysłać e-mail aktywacyjny
@@ -322,13 +313,10 @@ openid_connect_title=Połącz z istniejącym kontem
 openid_connect_desc=Wybrany URI OpenID jest nieznany. Powiąż go z nowym kontem w tym miejscu.
 openid_register_title=Stwórz nowe konto
 openid_register_desc=Wybrany URI OpenID jest nieznany. Powiąż go z nowym kontem w tym miejscu.
-disable_forgot_password_mail=Odzyskiwanie konta jest wyłączone, ponieważ e-mail nie jest skonfigurowany. Skontaktuj się z administratorem strony.
-disable_forgot_password_mail_admin=Odzyskiwanie konta jest dostępne tylko wtedy, gdy adres e-mail jest skonfigurowany. Proszę skonfigurować adres e-mail, aby włączyć odzyskiwanie konta.
 email_domain_blacklisted=Nie możesz zarejestrować się za pomocą tego adresu e-mail.
 authorize_application=Autoryzuj aplikacjÄ™
 authorize_redirect_notice=Zostaniesz przekierowany(-a) do %s, jeśli autoryzujesz tę aplikację.
 authorize_application_created_by=Ta aplikacja została stworzona przez %s.
-authorize_application_description=Jeżeli udzielisz dostępu, aplikacja uzyska dostęp z zapisem do wszystkich informacji o Twoim koncie, wraz z prywatnymi repozytoriami i organizacjami.
 authorize_title=Zezwolić "%s" na dostęp do Twojego konta?
 authorization_failed=Autoryzacja nie powiodła się
 sspi_auth_failed=Uwierzytelnianie SSPI nie powiodło się
@@ -348,8 +336,6 @@ activate_email=Potwierdź swój adres e-mail
 activate_email.text=Aby zweryfikować swój adres e-mail, w ciągu następnych <b>%s</b> kliknij poniższy link:
 
 register_notify.title=%[1]s, witaj w %[2]s
-register_notify.text_1=to jest Twój e-mail z potwierdzeniem rejestracji dla %s!
-register_notify.text_2=Możesz teraz zalogować się za pomocą nazwy użytkownika: %s.
 register_notify.text_3=Jeśli to konto zostało utworzone dla Ciebie, <a href="%s">ustaw swoje hasło</a>.
 
 reset_password=Odzyskaj swoje konto
@@ -381,7 +367,6 @@ release.download.targz=Kod źródłowy (TAR.GZ)
 repo.transfer.subject_to=%s chciałby przenieść "%s" do %s
 repo.transfer.subject_to_you=%s chciałby przenieść "%s" do ciebie
 repo.transfer.to_you=ciebie
-repo.transfer.body=Aby zaakceptować lub odrzucić go, odwiedź %s lub po prostu go zignoruj.
 
 repo.collaborator.added.subject=%s dodał Cię do %s
 repo.collaborator.added.text=Zostałeś dodany jako współtwórca repozytorium:
@@ -435,11 +420,9 @@ username_been_taken=Ta nazwa użytkownika jest już zajęta.
 username_change_not_local_user=Użytkownicy nielokalni nie mogą zmieniać swojej nazwy użytkownika.
 repo_name_been_taken=Nazwa repozytorium jest już zajęta.
 repository_files_already_exist=Pliki już istnieją dla tego repozytorium. Skontaktuj się z administratorem systemu.
-repository_files_already_exist.adopt=Już istnieją pliki dla tego repozytorium i mogą być tylko przyjęte.
 repository_files_already_exist.delete=Pliki już istnieją dla tego repozytorium. Musisz je usunąć.
 repository_files_already_exist.adopt_or_delete=Pliki już istnieją dla tego repozytorium. Przyjmij, lub usuń je.
 visit_rate_limit=Zdalny punkt końcowy przesłał informację o ograniczeniu ilości żądań.
-2fa_auth_required=Zdalny punkt końcowy zażądał weryfikacji dwuskładnikowej.
 org_name_been_taken=Nazwa organizacji jest już zajęta.
 team_name_been_taken=Nazwa zespołu jest już zajęta.
 team_no_units_error=Zezwól na dostęp do co najmniej jednej sekcji repozytorium.
@@ -547,7 +530,6 @@ activate_email=Wyślij aktywację
 activations_pending=Aktywacje oczekujÄ…ce
 delete_email=Usuń
 email_deletion=Usuń adres email
-email_deletion_desc=Adres e-mail i powiązane informacje zostaną usunięte z Twojego konta. Commity za pomocą tego adresu e-mail pozostaną niezmienione. Kontynuować?
 email_deletion_success=Adres e-mail został usunięty.
 theme_update_success=Twój motyw został zaktualizowany.
 theme_update_error=Wybrany motyw nie istnieje.
@@ -584,7 +566,6 @@ gpg_key_matched_identities_long=Osadzone tożsamości w tym kluczu pasują do na
 gpg_key_verified=Zweryfikowany klucz
 gpg_key_verified_long=Klucz został zweryfikowany tokenem i może być użyty do weryfikacji commitów pasujących do wszystkich aktywowanych adresów e-mail dla tego użytkownika oprócz wszelkich dopasowanych tożsamości dla tego klucza.
 gpg_key_verify=Potwierdź
-gpg_invalid_token_signature=Podany klucz GPG, podpis i token nie pasujÄ… lub token jest nieaktualny.
 gpg_token_required=Musisz podać podpis poniższego tokenu
 gpg_token=Token
 gpg_token_help=Możesz wygenerować podpis za pomocą:
@@ -609,7 +590,6 @@ gpg_key_deletion=Usuń klucz GPG
 ssh_principal_deletion=Usuń główny certyfikat SSH
 ssh_key_deletion_desc=Usunięcie klucza SSH unieważni jego dostęp do Twojego konta. Kontynuować?
 gpg_key_deletion_desc=Usunięcie klucza GPG usunie weryfikację z commitów podpisanych przez niego. Kontynuować?
-ssh_principal_deletion_desc=Usunięcie klucza SSH unieważni jego dostęp do Twojego konta. Chcesz kontynuować?
 ssh_key_deletion_success=Klucz SSH został usunięty.
 gpg_key_deletion_success=Klucz GPG został usunięty.
 ssh_principal_deletion_success=Klucz SSH został usunięty.
@@ -661,12 +641,10 @@ oauth2_application_create_description=Aplikacje OAuth2 umożliwiają Twojej apli
 authorized_oauth2_applications=Autoryzowane aplikacje OAuth2
 revoke_key=Odwołaj
 revoke_oauth2_grant=Odwołaj dostęp
-revoke_oauth2_grant_description=Odwołanie dostępu dla tej aplikacji uniemożliwi jej korzystanie z Twoich danych. Czy jesteś pewny(-a)?
 
 twofa_is_enrolled=Twoje konto ma obecnie <strong>włączoną</strong> autoryzację dwuetapową.
 twofa_not_enrolled=Twoje konto obecnie nie ma włączonej autoryzacji dwuetapowej.
 twofa_disable=Wyłącz weryfikację dwuetapową
-twofa_enroll=Włącz weryfikację dwuskładnikową
 twofa_disable_note=W każdej chwili możesz wyłączyć weryfikację dwuskładnikową.
 twofa_disable_desc=Wyłączenie weryfikacji dwuetapowej sprawi, że Twoje konto będzie mniej bezpieczne. Kontynuować?
 twofa_disabled=Dwuetapowa autoryzacja została wyłączona.
@@ -678,11 +656,9 @@ twofa_failed_get_secret=Nie udało się uzyskać sekretu.
 
 webauthn_register_key=Dodaj klucz bezpieczeństwa
 webauthn_delete_key=Usuń klucz bezpieczeństwa
-webauthn_delete_key_desc=Jeżeli usuniesz klucz bezpieczeństwa, utracisz możliwość zalogowania się z jego użyciem. Kontynuować?
 
 manage_account_links=ZarzÄ…dzaj powiÄ…zanymi kontami
 manage_account_links_desc=Te konta zewnętrzne są powiązane z Twoim kontem Gitea.
-account_links_not_available=Obecnie nie ma żadnych zewnętrznych kont powiązanych z tym kontem Gitea.
 link_account=Powiąż konto
 remove_account_link=Usuń powiązane konto
 remove_account_link_desc=Usunięcie powiązanego konta unieważni jego dostęp do Twojego konta Gitea. Kontynuować?
@@ -753,7 +729,6 @@ mirror_interval_invalid=Interwał lustrzanej kopii jest niepoprawny.
 mirror_address=Sklonuj z adresu URL
 mirror_lfs=Duże przechowywanie plików (LFS)
 mirror_lfs_endpoint=Punkt końcowy LFS
-mirror_lfs_endpoint_desc=Synchronizacja spróbuje użyć adresu URL klonowania, aby <a target="_blank" rel="noopener noreferrer" href="%s">określić serwer LFS</a>. Możesz również określić niestandardowy punkt końcowy, jeśli dane repozytorium LFS są przechowywane gdzieś indziej.
 mirror_last_synced=Ostatnio zsynchronizowano
 mirror_password_placeholder=(Nie zmieniono)
 mirror_password_blank_placeholder=(Nie ustawiono)
@@ -764,7 +739,6 @@ forks=Forki
 reactions_more=i %d więcej
 unit_disabled=Administrator witryny wyłączył tę sekcję repozytorium.
 language_other=Pozostałe
-adopt_search=Wprowadź nazwę użytkownika, aby wyszukać nieprzyjęte repozytoria... (pozostaw puste, aby znaleźć wszystko)
 adopt_preexisting_label=Przyjmij pliki
 adopt_preexisting=Przyjmij istniejÄ…ce pliki
 adopt_preexisting_content=Stwórz repozytorium z %s
@@ -820,14 +794,12 @@ migrate.clone_address=Migruj/klonuj z adresu URL
 migrate.clone_address_desc=Adres HTTP(S) lub "klona" Gita istniejÄ…cego repozytorium
 migrate.clone_local_path=lub ścieżka lokalnego serwera
 migrate.permission_denied=Nie możesz importować lokalnych repozytoriów.
-migrate.permission_denied_blocked=Nie możesz importować z niedozwolonych hostów, poproś administratora o sprawdzenie ustawień ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_lfs_endpoint=Punkt końcowy LFS jest nieprawidłowy.
 migrate.failed=Migracja nie powiodła się: %v
 migrate.migrate_items_options=Token dostępu jest wymagany, aby zmigrować dodatkowe elementy
 migrated_from=Zmigrowane z <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Zmigrowane z %[1]s
 migrate.migrate=Migracja z %s
-migrate.migrating=Migrowanie z <b>%s</b>...
 migrate.migrating_failed=Migrowanie z <b>%s</b> nie powiodło się.
 migrate.migrating_failed_no_addr=Migracja nie powiodła się.
 migrate.github.description=Migracja danych z github.com lub innych instancji GitHub.
@@ -864,7 +836,6 @@ quick_guide=Skrócona instrukcja
 clone_this_repo=Klonuj repozytorium
 create_new_repo_command=Tworzenie nowego repozytorium z linii poleceń
 push_exist_repo=Wypychanie istniejącego repozytorium z linii poleceń
-empty_message=To repozytorium nie zawiera żadnej zawartości.
 
 code=Kod
 code.desc=Uzyskaj dostęp do kodu źródłowego, plików, commitów i gałęzi.
@@ -879,7 +850,6 @@ issues=Zgłoszenia
 pulls=OczekujÄ…ce zmiany
 projects=Projekty
 labels=Etykiety
-org_labels_desc=Etykiety organizacji, które mogą być używane z <strong>wszystkimi repozytoriami</strong> w tej organizacji
 org_labels_desc_manage=zarzÄ…dzaj
 
 milestones=Kamienie milowe
@@ -900,7 +870,6 @@ file_too_large=Ten plik jest zbyt duży, aby go wyświetlić.
 file_copy_permalink=Kopiuj bezpośredni odnośnik
 video_not_supported_in_browser=Twoja przeglądarka nie obsługuje znacznika HTML5 "video".
 audio_not_supported_in_browser=Twoja przeglądarka nie obsługuje znacznika HTML5 "audio".
-stored_lfs=Przechowane za pomocÄ… Git LFS
 symbolic_link=DowiÄ…zanie symboliczne
 commit_graph=Wykres commitów
 commit_graph.select=Wybierz gałęzie
@@ -943,13 +912,13 @@ editor.file_changed_while_editing=Zawartość pliku zmieniła się, odkąd rozpo
 editor.commit_empty_file_header=Commituj pusty plik
 editor.commit_empty_file_text=Plik, który zamierzasz commitować, jest pusty. Kontynuować?
 editor.no_changes_to_show=Brak zmian do pokazania.
-editor.fail_to_update_file_summary=Komunikat błędu:
 editor.push_rejected_summary=Pełny komunikat odrzucenia:
 editor.add_subdir=Dodaj katalog…
 editor.no_commit_to_branch=Zatwierdzanie bezpośrednio do tej gałęzi nie jest możliwe, ponieważ:
 editor.user_no_push_to_branch=Użytkownik nie może wypychać do gałęzi
 editor.require_signed_commit=Gałąź wymaga podpisanych commitów
 
+
 commits.desc=Przeglądaj historię zmian kodu źródłowego.
 commits.commits=Commity
 commits.search_all=Wszystkie gałęzie
@@ -1054,7 +1023,6 @@ issues.filter_label_no_select=Wszystkie etykiety
 issues.filter_milestone=Kamień milowy
 issues.filter_project_none=Brak projektu
 issues.filter_assignee=Przypisany
-issues.filter_assginee_no_assignee=Brak przypisania
 issues.filter_type=Typ
 issues.filter_type.all_issues=Wszystkie zgłoszenia
 issues.filter_type.assigned_to_you=Przypisane do Ciebie
@@ -1063,7 +1031,6 @@ issues.filter_type.mentioning_you=WspominajÄ…ce Ciebie
 issues.filter_sort=Sortuj
 issues.filter_sort.latest=Najnowsze
 issues.filter_sort.oldest=Najstarsze
-issues.filter_sort.recentupdate=Ostatnio aktualizowane
 issues.filter_sort.leastupdate=Najdawniej aktualizowane
 issues.filter_sort.mostcomment=Najczęściej komentowane
 issues.filter_sort.leastcomment=Najrzadziej komentowane
@@ -1136,7 +1103,6 @@ issues.subscribe=Subskrybuj
 issues.unsubscribe=Anuluj subskrypcjÄ™
 issues.lock=Zablokuj konwersacjÄ™
 issues.unlock=Odblokuj konwersacjÄ™
-issues.lock.unknown_reason=Nie można zablokować zagadnienia bez żadnego powodu.
 issues.lock_duplicate=Zagadnienie nie może być zablokowane ponownie.
 issues.unlock_error=Nie można odblokować zagadnienia, które nie jest zablokowane.
 issues.lock_with_reason=zablokowano jako <strong>%s</strong> i ograniczono konwersację do współtwórców %s
@@ -1144,7 +1110,6 @@ issues.lock_no_reason=zablokowano i ograniczono konwersację do współtwórców
 issues.unlock_comment=odblokowano tÄ™ konwersacjÄ™ %s
 issues.lock_confirm=Zablokuj
 issues.unlock_confirm=Odblokuj
-issues.lock.notice_1=- Inni użytkownicy nie mogą dodawać nowych komentarzy do tego zagadnienia.
 issues.lock.notice_2=- Ty i inni współtwórcy z dostępem do tego repozytorium możecie dalej pozostawiać komentarze dla innych.
 issues.lock.notice_3=- Możesz zawsze odblokować to zagadnienie w przyszłości.
 issues.unlock.notice_1=- Wszyscy będą mogli ponownie umieszczać komentarze w tym zagadnieniu.
@@ -1191,8 +1156,6 @@ issues.dependency.added_dependency=`dodał nową zależność %s`
 issues.dependency.removed_dependency=`usunął zależność %s`
 issues.dependency.issue_close_blocks=To zgłoszenie blokuje zamknięcie następujących zgłoszeń
 issues.dependency.pr_close_blocks=Ten Pull Request blokuje zamknięcie następujących zgłoszeń
-issues.dependency.issue_close_blocked=Musisz zamknąć wszystkie zgłoszenia blokujące to zgłoszenie zanim je zamkniesz.
-issues.dependency.pr_close_blocked=Musisz zamknąć wszystkie zgłoszenia blokujące ten Pull Request zanim go scalisz.
 issues.dependency.blocks_short=Blokuje
 issues.dependency.blocked_by_short=Zależy od
 issues.dependency.remove_header=Usuń zależność
@@ -1203,7 +1166,6 @@ issues.dependency.add_error_same_issue=Zgłoszenie nie może być zależne od si
 issues.dependency.add_error_dep_issue_not_exist=Zgłoszenie zależne nie istnieje.
 issues.dependency.add_error_dep_not_exist=Zależność nie istnieje.
 issues.dependency.add_error_dep_exists=Zależność już istnieje.
-issues.dependency.add_error_cannot_create_circular=Nie możesz stworzyć zależności z dwoma zgłoszeniami blokującymi siebie wzajemnie.
 issues.dependency.add_error_dep_not_same_repo=Oba zgłoszenia muszą być w tym samym repozytorium.
 issues.review.self.approval=Nie możesz zatwierdzić swojego własnego Pull Requesta.
 issues.review.self.rejection=Nie możesz zażądać zmian w swoim własnym Pull Requeście.
@@ -1215,7 +1177,6 @@ issues.review.reject=zażądał(-a) zmian %s
 issues.review.wait=został poproszony o recenzję %s
 issues.review.add_review_request=poprosił o recenzję %s %s
 issues.review.remove_review_request=usunięto prośbę o recenzję %s %s
-issues.review.remove_review_request_self=odmówił recenzji %s
 issues.review.pending=OczekujÄ…ca
 issues.review.review=Recenzja
 issues.review.reviewers=Recenzenci
@@ -1228,7 +1189,6 @@ issues.review.resolve_conversation=Rozwiąż dyskusję
 issues.review.un_resolve_conversation=Oznacz dyskusję jako nierozstrzygniętą
 issues.review.resolved_by=oznaczył(-a) tę rozmowę jako rozwiązaną
 issues.review.commented=Skomentuj
-issues.assignee.error=Nie udało się dodać wszystkich wybranych osób do przypisanych przez nieoczekiwany błąd.
 issues.reference_issue.body=Treść
 issues.content_history.edited=edytowano
 issues.content_history.delete_from_history=Usuń z historii
@@ -1263,7 +1223,6 @@ pulls.add_prefix=Dodaj <strong>%s</strong> prefiks
 pulls.remove_prefix=Usuń <strong>%s</strong> prefiks
 pulls.data_broken=Ten Pull Request jest uszkodzony ze względu na brakujące informacje o forku.
 pulls.files_conflicted=Ten Pull Request zawiera zmiany konfliktujące z docelową gałęzią.
-pulls.is_checking=Sprawdzanie konfliktów ze scalaniem w toku. Spróbuj ponownie za chwilę.
 pulls.required_status_check_failed=Niektóre kontrole stanów nie były pomyślne.
 pulls.required_status_check_missing=Brakuje pewnych wymaganych etapów.
 pulls.required_status_check_administrator=Jako administrator, możesz wciąż scalić ten Pull Request.
@@ -1282,18 +1241,13 @@ pulls.waiting_count_n=%d oczekujÄ…cych recenzji
 pulls.no_merge_desc=Ten Pull Request nie może zostać scalony, ponieważ wszystkie opcje scalania dla tego repozytorium są wyłączone.
 pulls.no_merge_helper=Włącz opcje scalania w ustawieniach repozytorium, lub scal ten Pull Request ręcznie.
 pulls.no_merge_wip=Ten pull request nie może być automatycznie scalony, ponieważ jest oznaczony jako praca w toku.
-pulls.no_merge_not_ready=Ten Pull Request nie jest gotowy do scalenia, sprawdź status recenzji i kontrolki stanu.
 pulls.no_merge_access=Nie masz uprawnień, aby scalić ten Pull Request.
 pulls.merge_manually=Ręcznie scalone
 pulls.require_signed_wont_sign=Ta gałąź wymaga podpisanych commitów, ale to scalenie nie będzie podpisane
 
 pulls.invalid_merge_option=Nie możesz użyć tej opcji scalania dla tego pull request'a.
-pulls.merge_conflict=Scalenie nie powiodło się: Wystąpił konflikt przy scalaniu. Porada: Wypróbuj innej strategii
 pulls.merge_conflict_summary=Komunikat o błędzie
-pulls.rebase_conflict=Scalanie nie powiodło się: Wystąpił konflikt podczas przebazowania commit'a: %[1]s. Wskazówka: Spróbuj innej strategii
 pulls.rebase_conflict_summary=Komunikat o błędzie
-pulls.unrelated_histories=Scalenie nie powiodło się: Head scalenia i baza nie mają wspólnej historii. Porada: Spróbuj innej strategii scalania
-pulls.merge_out_of_date=Scalenie nie powiodło się: Przy generowaniu scalenia, baza została zaktualizowana. Porada: Spróbuj ponownie.
 pulls.push_rejected_summary=Komunikat o całkowitym odrzuceniu
 pulls.open_unmerged_pull_exists=`Nie możesz wykonać operacji ponownego otwarcia, ponieważ jest już oczekujący pull request (#%d) z identycznymi właściwościami.`
 pulls.status_checking=Niektóre etapy są w toku
@@ -1409,7 +1363,6 @@ activity.title.releases_1=%d Wydanie
 activity.title.releases_n=%d Wydań
 activity.title.releases_published_by=%s opublikowane przez %s
 activity.published_release_label=Opublikowane
-activity.no_git_activity=Nie było żadnej aktywności w tym okresie czasu.
 activity.git_stats_exclude_merges=WykluczajÄ…c scalenia,
 activity.git_stats_author_1=%d autor
 activity.git_stats_author_n=%d autorzy
@@ -1434,7 +1387,6 @@ activity.git_stats_deletion_n=%d usunięć
 contributors.contribution_type.commits=Commity
 
 settings=Ustawienia
-settings.desc=Ustawienia to miejsce, w którym możesz zmieniać parametry repozytorium
 settings.options=Repozytorium
 settings.collaboration=Współpracownicy
 settings.collaboration.admin=Administrator
@@ -1483,7 +1435,6 @@ settings.pulls_desc=WÅ‚Ä…cz Pull Requesty w repozytorium
 settings.pulls.ignore_whitespace=Ignoruj znaki białe w konfliktach
 settings.admin_settings=Ustawienia administratora
 settings.admin_enable_health_check=Włącz sprawdzanie stanu zdrowia repozytoriów (git fsck)
-settings.admin_enable_close_issues_via_commit_in_any_branch=Zamknij zgłoszenie poprzez commit wprowadzony do nie-domyślnej gałęzi
 settings.danger_zone=Strefa niebezpieczeństwa
 settings.new_owner_has_same_repo=Nowy właściciel już posiada repozytorium o tej samej nazwie.
 settings.convert=Konwertuj na zwykłe repozytorium
@@ -1503,7 +1454,6 @@ settings.transfer_abort=Anuluj transfer
 settings.transfer_abort_invalid=Nie możesz anulować nieistniejącego transferu repozytorium.
 settings.transfer_desc=Przenieś to repozytorium do innego użytkownika lub organizacji, w której posiadasz uprawnienia administratora.
 settings.transfer_form_title=Wpisz nazwÄ™ repozytorium w celu potwierdzenia:
-settings.transfer_in_progress=Obecnie trwa transfer. Anuluj go, jeśli chcesz przenieść to repozytorium do innego użytkownika.
 settings.transfer_notices_1=- Stracisz dostęp do tego repozytorium, jeśli przeniesiesz je do innego użytkownika.
 settings.transfer_notices_2=- Utrzymasz dostęp do tego repozytorium, jeśli przeniesiesz je do organizacji, której jesteś (współ-)właścicielem.
 settings.transfer_notices_3=- Jeśli repozytorium jest prywatne i jest przenoszone do indywidualnego użytkownika, ta czynność upewnia się, że użytkownik ma co najmniej uprawnienia do odczytu (i w razie potrzeby zmienia uprawnienia).
@@ -1517,9 +1467,7 @@ settings.trust_model.default=Domyślny model zaufania
 settings.trust_model.default.desc=Użyj domyślnego modelu zaufania repozytorium dla tej instalacji.
 settings.trust_model.collaborator=Współpracownik
 settings.trust_model.collaborator.long=Współpracownik: Zaufaj podpisom współpracowników
-settings.trust_model.collaborator.desc=Prawidłowe podpisy współpracowników tego repozytorium zostaną oznaczone jako "zaufane" (niezależnie od tego, czy pasują one do autora czy nie). W przeciwnym razie poprawne podpisy zostaną oznaczone jako "niezaufane", jeśli podpis pasuje do autora i "niedopasowane", jeśli nie.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: Ufaj podpisom zgodnym z committer'ami (To pasuje do GitHub'a i zmusi podpisane commit'y przez Gitea do posiadania Gitea jako committer'a)
 settings.wiki_delete=Usuń dane Wiki
 settings.wiki_delete_desc=Usunięcie danych wiki jest nieodwracalne.
 settings.wiki_delete_notices_1=- Ta operacja usunie i wyłączy wiki repozytorium %s.
@@ -1528,7 +1476,6 @@ settings.wiki_deletion_success=Dane wiki repozytorium zostały usunięte.
 settings.delete=Usuń to repozytorium
 settings.delete_desc=Usunięcie repozytorium jest trwałe i nieodwracalne.
 settings.delete_notices_1=- Ta operacja <strong>NIE MOŻE</strong> zostać cofnięta.
-settings.delete_notices_2=- Ta operacja trwale usunie repozytorium <strong>%s</strong>, w tym kod źródłowy, zgłoszenia, komentarze, dane wiki i dostęp dla współpracowników.
 settings.delete_notices_fork_1=- Forki tego repozytorium będą niezależne po jego usunięciu.
 settings.deletion_success=Repozytorium zostało usunięte.
 settings.update_settings_success=Ustawienia repozytorium zostały zaktualizowane.
@@ -1547,8 +1494,6 @@ settings.team_not_in_organization=Zespół nie jest w tej samej organizacji co r
 settings.teams=Zespoły
 settings.add_team=Dodaj zespół
 settings.add_team_duplicate=Zespół już posiada repozytorium
-settings.add_team_success=Zespół ma teraz dostęp do repozytorium.
-settings.change_team_permission_tip=Uprawnienia zespołu ustawione są konfigurowane na stronie ustawień zespołu i nie mogą być zmieniane dla pojedynczych repozytoriów
 settings.delete_team_tip=Ten zespół ma dostęp do wszystkich repozytoriów i nie może zostać usunięty
 settings.remove_team_success=Dostęp zespołu do repozytorium został usunięty.
 settings.add_webhook=Dodaj webhooka
@@ -1557,8 +1502,6 @@ settings.hooks_desc=Webhooki automatycznie tworzÄ… zapytania HTTP POST do serwer
 settings.webhook_deletion=Usuń Webhooka
 settings.webhook_deletion_desc=Usunięcie Webhooka wykasuje jego ustawienia i historię dostaw. Kontynuować?
 settings.webhook_deletion_success=Webhook został usunięty.
-settings.webhook.test_delivery=Testuj dostawÄ™
-settings.webhook.test_delivery_desc=Sprawdź tego Webhooka przy pomocy testowego zdarzenia.
 settings.webhook.request=Żądanie
 settings.webhook.response=Odpowiedź
 settings.webhook.headers=Nagłówki
@@ -1598,7 +1541,6 @@ settings.event_repository=Repozytorium
 settings.event_repository_desc=Repozytorium stworzone lub usunięte.
 settings.event_header_issue=Zdarzenia zgłoszeń
 settings.event_issues=Zgłoszenia
-settings.event_issues_desc=Zgłoszenie otwarte, zamknięte, ponownie otwarte lub zmodyfikowane.
 settings.event_issue_assign=Zgłoszenie przypisane
 settings.event_issue_assign_desc=Zgłoszenie przypisane bądź nieprzypisane.
 settings.event_issue_label=Zgłoszenie oznaczone
@@ -1609,7 +1551,6 @@ settings.event_issue_comment=Komentarz w zgłoszeniu
 settings.event_issue_comment_desc=Komentarz w zgłoszeniu stworzony, edytowany lub usunięty.
 settings.event_header_pull_request=Zdarzenia Pull Requestów
 settings.event_pull_request=Pull Request
-settings.event_pull_request_desc=Pull request otwarty, zamknięty, ponownie otwarty lub zmodyfikowany.
 settings.event_pull_request_assign=Pull Request przypisany
 settings.event_pull_request_assign_desc=Pull Request przypisany bÄ…dz nieprzypisany.
 settings.event_pull_request_label=Pull Request zaetykietowany
@@ -1707,11 +1648,9 @@ settings.lfs_invalid_locking_path=Nieprawidłowa ścieżka: %s
 settings.lfs_invalid_lock_directory=Nie można zablokować katalogu: %s
 settings.lfs_lock_already_exists=Blokada już istnieje: %s
 settings.lfs_lock=Zablokuj
-settings.lfs_lock_path=Ścieżka pliku do zablokowania...
 settings.lfs_locks_no_locks=Brak blokad
 settings.lfs_lock_file_no_exist=Zablokowany plik nie istnieje w domyślnej gałęzi
 settings.lfs_force_unlock=WymuÅ› odblokowanie
-settings.lfs_pointers.found=Znaleziono %d wskaźników blob - %d powiązanych, %d niepowiązanych (%d brakujących w magazynie danych)
 settings.lfs_pointers.sha=SHA bloba
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=W repozytorium
@@ -1866,14 +1805,13 @@ settings.visibility.private_shortname=Prywatny
 
 settings.update_settings=Aktualizuj ustawienia
 settings.update_setting_success=Ustawienia organizacji zostały zaktualizowane.
-settings.change_orgname_redirect_prompt=Stara nazwa będzie przekierowywała dopóki ktoś jej nie zajmie.
+
+
 settings.update_avatar_success=Awatar organizacji został zaktualizowany.
 settings.delete=Usuń organizację
 settings.delete_account=Usuń tą organizację
 settings.delete_prompt=Organizacja zostanie trwale usunięta. Tej akcji <strong>NIE MOŻNA</strong> cofnąć!
 settings.confirm_delete_account=Potwierdź usunięcie
-settings.delete_org_title=Usuń organizację
-settings.delete_org_desc=Ta organizacja zostanie trwale usunięta. Kontynuować?
 settings.hooks_desc=Dodaj webhooki, uruchamiane dla <strong>wszystkich repozytoriów</strong> w tej organizacji.
 
 settings.labels_desc=Dodaj etykiety, które mogą być używane w zgłoszeniach dla <strong>wszystkich repozytoriów</strong> w tej organizacji.
@@ -1941,7 +1879,6 @@ organizations=Organizacje
 repositories=Repozytoria
 hooks=Weebhook'i
 authentication=Źródła uwierzytelniania
-emails=Emaile użytkowników
 config=Konfiguracja
 config_summary=Podsumowanie
 config_settings=Ustawienia
@@ -1968,24 +1905,15 @@ dashboard.cron.process=Cron: %[1]s
 dashboard.cron.error=BÅ‚Ä…d w Cronie: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s zakończony
 dashboard.delete_inactive_accounts=Usuń wszystkie nieaktywowane konta
-dashboard.delete_inactive_accounts.started=Zadanie usuwania nieaktywowanych kont zostało rozpoczęte.
 dashboard.delete_repo_archives=Usuń wszystkie archiwa repozytoriów (ZIP, TAR.GZ, itp..)
-dashboard.delete_repo_archives.started=Zadanie usuwania archiwów repozytoriów zostało rozpoczęte.
 dashboard.delete_missing_repos=Usuń wszystkie repozytoria, które nie mają plików Gita
-dashboard.delete_missing_repos.started=Zadanie usuwania repozytoriów, które nie mają plików Gita, zostało rozpoczęte.
 dashboard.delete_generated_repository_avatars=Usuń wygenerowane awatary repozytoriów
 dashboard.update_mirrors=Aktualizuj kopie lustrzane
 dashboard.repo_health_check=Sprawdź stan wszystkich repozytoriów
 dashboard.check_repo_stats=Sprawdź statystyki wszystkich repozytoriów
 dashboard.archive_cleanup=Usuń stare archiwa repozytoriów
-dashboard.deleted_branches_cleanup=Wyczyść usunięte galęzie
-dashboard.git_gc_repos=Wykonaj zbieranie śmieci ze wszystkich repozytoriów
-dashboard.resync_all_sshkeys=Zaktualizuj plik '.ssh/authorized_keys' z kluczami SSH Gitea.
-dashboard.resync_all_sshprincipals=Zaktualizuj plik '.ssh/authorized_keys' z kluczami SSH Gitea.
-dashboard.resync_all_hooks=Ponownie synchronizuj hooki pre-receive, update i post-receive we wszystkich repozytoriach.
 dashboard.reinit_missing_repos=Ponownie zainicjalizuj wszystkie brakujące repozytoria Git, dla których istnieją rekordy
 dashboard.sync_external_users=Synchronizuj zewnętrzne dane użytkownika
-dashboard.cleanup_hook_task_table=Oczyść tabelę hook_task
 dashboard.server_uptime=Uptime serwera
 dashboard.current_goroutine=Bieżące Goroutines
 dashboard.current_memory_usage=Bieżące użycie pamięci
@@ -2027,7 +1955,6 @@ users.2fa=2FA
 users.repos=Repozytoria
 users.created=Utworzony
 users.last_login=Ostatnie logowanie
-users.never_login=Nigdy nie zalogował(-a) się
 users.send_register_notify=Wyślij użytkownikowi powiadomienie o rejestracji
 users.edit=Edytuj
 users.auth_source=Źródło uwierzytelniania
@@ -2059,11 +1986,7 @@ users.list_status_filter.is_restricted=Ograniczone
 emails.email_manage_panel=ZarzÄ…dzanie adresami email
 emails.primary=Podstawowy
 emails.activated=Aktywowany
-emails.filter_sort.email=E-mail
-emails.filter_sort.email_reverse=E-mail (odwrotnie)
 emails.filter_sort.name=Nazwa użytkownika
-emails.filter_sort.name_reverse=Nazwa użytkownika (odwrotnie)
-emails.updated=E-mail zaktualizowany
 emails.not_updated=Nie udało się zaktualizować żądanego adresu e-mail: %v
 emails.duplicate_active=Ten e-mail jest już aktywny dla innego użytkownika.
 emails.change_email_header=Aktualizuj właściwości adresu e-mail
@@ -2151,19 +2074,14 @@ auths.oauth2_emailURL=URL adresu e-mail
 auths.skip_local_two_fa=Pomiń lokalne 2FA
 auths.enable_auto_register=WÅ‚Ä…cz automatycznÄ… rejestracjÄ™
 auths.sspi_auto_create_users=Automatycznie twórz użytkowników
-auths.sspi_auto_create_users_helper=Zezwól metodzie uwierzytelniania SSPI na automatyczne tworzenie nowych kont dla użytkowników, którzy logują się po raz pierwszy
 auths.sspi_auto_activate_users=Automatycznie aktywuj użytkowników
 auths.sspi_auto_activate_users_helper=Zezwól metodzie uwierzytelnienia SSPI na automatyczne aktywowanie nowych kont użytkowników
 auths.sspi_strip_domain_names=Usuwaj nazwy domen z nazw użytkowników
-auths.sspi_strip_domain_names_helper=Gdy zaznaczone, nazwy domen będą usuwane z nazw logowania (np. zamiast "DOMENA\osoba", "czy osoba@example.org" będą po prostu "osoba").
 auths.sspi_separator_replacement=Używany separator zamiast \, / oraz @
-auths.sspi_separator_replacement_helper=Znak używany do zastępowania separatorów nazw logowania niskiego poziomu (np. znak \ w "DOMENA\osoba") i nazw głównych użytkowników (np. @ w "osoba@example.org").
 auths.sspi_default_language=Domyślny język użytkownika
-auths.sspi_default_language_helper=Domyślny język dla użytkowników automatycznie stworzonych przy pomocy metody uwierzytelnienia SSPI. Pozostaw puste, jeśli język ma zostać wykryty automatycznie.
 auths.tips=Wskazówki
 auths.tips.oauth2.general=Uwierzytelnianie OAuth2
 auths.tip.oauth2_provider=Dostawca OAuth2
-auths.tip.nextcloud=`Zarejestruj nowego klienta OAuth w swojej instancji za pomocą menu "Ustawienia -> Bezpieczeństwo -> Klient OAuth 2.0"`
 auths.tip.mastodon=Wprowadź niestandardowy adres URL instancji mastodona, którą chcesz uwierzytelnić (lub użyj domyślnego)
 auths.edit=Edytuj źródło uwierzytelniania
 auths.activated=To źródło uwierzytelniania jest aktywne
@@ -2199,8 +2117,6 @@ config.ssh_start_builtin_server=Wykorzystaj wbudowany serwer
 config.ssh_port=Port
 config.ssh_listen_port=Port nasłuchiwania
 config.ssh_root_path=Ścieżka do katalogu głównego
-config.ssh_key_test_path=Ścieżka do klucza testowego
-config.ssh_keygen_path=Ścieżka do generatora ('ssh-keygen')
 config.ssh_minimum_key_size_check=Sprawdzanie minimalnej długości klucza
 config.ssh_minimum_key_sizes=Minimalne rozmiary kluczy
 
@@ -2253,7 +2169,6 @@ config.mailer_use_sendmail=Używaj Sendmail
 config.mailer_sendmail_path=Ścieżka Sendmail
 config.mailer_sendmail_args=Dodatkowe argumenty Sendmail
 config.mailer_sendmail_timeout=Limit czasu Sendmail
-config.test_email_placeholder=Email (np. test@example.com)
 config.send_test_mail=Wyślij testową wiadomość e-mail
 
 config.oauth_config=Konfiguracja OAuth
@@ -2309,7 +2224,6 @@ monitor.desc=Opis
 monitor.start=Czas rozpoczęcia
 monitor.execute_time=Czas wykonania
 monitor.process.cancel=Anuluj proces
-monitor.process.cancel_desc=Anulowanie procesu może spowodować utratę danych
 
 monitor.queues=Kolejki
 monitor.queue=Kolejka: %s
@@ -2319,7 +2233,6 @@ monitor.queue.exemplar=Przykładowy typ
 monitor.queue.numberworkers=Liczba procesów pracujących
 monitor.queue.maxnumberworkers=Maksymalna liczba procesów pracujących
 monitor.queue.settings.title=Ustawienia Puli
-monitor.queue.settings.maxnumberworkers=Maksymalna liczba procesów pracujących
 monitor.queue.settings.maxnumberworkers.placeholder=Obecnie %[1]d
 monitor.queue.settings.maxnumberworkers.error=Maksymalna liczba procesów pracujących musi być liczbą
 monitor.queue.settings.submit=Aktualizuj ustawienia
@@ -2396,8 +2309,6 @@ error.no_committer_account=Brak konta powiÄ…zanego z adresem e-mail autora
 error.no_gpg_keys_found=Nie znaleziono w bazie danych klucza dla tego podpisu
 error.not_signed_commit=Commit nie podpisany
 error.failed_retrieval_gpg_keys=Nie udało się odzyskać żadnego klucza powiązanego z kontem autora
-error.probable_bad_signature=OSTRZEŻENIE! Pomimo istnienia klucza z takim ID w bazie, nie weryfikuje on tego commita! Ten commit jest PODEJRZANY.
-error.probable_bad_default_signature=OSTRZEŻENIE! Pomimo, że domyślny klucz posiada to ID, nie weryfikuje on tego commita! Ten commit jest PODEJRZANY.
 
 [units]
 error.no_unit_allowed_repo=Nie masz uprawnień do żadnej sekcji tego repozytorium.
@@ -2411,8 +2322,12 @@ conan.details.repository=Repozytorium
 owner.settings.cleanuprules.enabled=WÅ‚Ä…czone
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Opis
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_pt-BR.ini b/options/locale/locale_pt-BR.ini
index 204fedc311..cc571816ac 100644
--- a/options/locale/locale_pt-BR.ini
+++ b/options/locale/locale_pt-BR.ini
@@ -42,7 +42,6 @@ webauthn_use_twofa=Use um código de duas etapas do seu telefone
 webauthn_error=Não foi possível ler sua chave de segurança.
 webauthn_unsupported_browser=Seu navegador não oferece suporte ao WebAuthn.
 webauthn_error_unknown=Ocorreu um erro desconhecido. Por favor, tente novamente.
-webauthn_error_insecure=`WebAuthn suporta apenas conexões seguras. Para testar via HTTP, você pode usar a origem "localhost" ou "127.0.0.1"`
 webauthn_error_unable_to_process=O servidor não pôde processar sua solicitação.
 webauthn_error_duplicated=A chave de segurança não é permitida para esta solicitação. Por favor, certifique-se que a chave já não está registrada.
 webauthn_error_empty=Você deve definir um nome para esta chave.
@@ -123,7 +122,6 @@ pin=Fixar
 unpin=Desfixar
 
 artifacts=Artefatos
-confirm_delete_artifact=Tem certeza que deseja excluir o artefato '%s' ?
 
 archived=Arquivado
 
@@ -181,8 +179,6 @@ buttons.enable_monospace_font=Habilitar fonte mono espaçada
 buttons.disable_monospace_font=Desabilitar fonte mono espaçada
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Ocorreu um erro
@@ -215,16 +211,10 @@ path=Caminho
 sqlite_helper=Caminho do arquivo do banco de dados SQLite3.<br>Informe um caminho absoluto se você executar o Gitea como um serviço.
 reinstall_error=Você está tentando instalar em um banco de dados existente do Gitea
 reinstall_confirm_message=Reinstalar com um banco de dados Gitea existente pode causar vários problemas. Na maioria dos casos, você deve usar seu "app.ini" existente para executar o Gitea. Se você sabe o que está fazendo, confirme o seguinte:
-reinstall_confirm_check_1=Os dados criptografados pelo SECRET_KEY no app.ini poderão ser perdidos: os usuários podem não conseguir fazer login com 2FA/OTP & espelhos podem não funcionar corretamente. Ao marcar esta caixa você confirma que o atual arquivo app.ini contém o SECRET_KEY correto.
-reinstall_confirm_check_2=Os repositórios e configurações podem precisar ser re-sincronizados. Marcando esta caixa você confirma que irá sincronizar novamente os hooks para os repositórios e o arquivo authorized_keys manualmente. Você confirma que irá garantir que as configurações de repositório e espelhamento estão corretas.
 reinstall_confirm_check_3=Você confirma que este Gitea está realmente executando com a localização correta do app.ini e que você tem certeza de que precisa reinstalar. Você confirma que tomou conhecimento dos riscos acima descritos.
 err_empty_db_path=O caminho do banco de dados SQLite3 não pode ser em branco.
 no_admin_and_disable_registration=Você não pode desabilitar o auto-cadastro do usuário sem criar uma conta de administrador.
 err_empty_admin_password=A senha do administrador não pode ser em branco.
-err_empty_admin_email=O e-mail do administrador não pode ser em branco.
-err_admin_name_is_reserved=Nome de usuário do administrador é inválido, nome de usuário está reservado
-err_admin_name_pattern_not_allowed=Nome de usuário administrador é inválido, o nome de usuário corresponde a um padrão reservado
-err_admin_name_is_invalid=Nome de usuário do administrador inválido
 
 general_title=Configurações gerais
 app_name=Nome do servidor
@@ -240,7 +230,6 @@ domain_helper=Domínio ou endereço de host para o servidor.
 ssh_port=Porta do servidor SSH
 ssh_port_helper=Número da porta que seu servidor SSH está usando. Deixe em branco para desabilitar.
 http_port=Porta HTTP de uso do Gitea
-http_port_helper=Número da porta que o servidor web do Gitea irá usar.
 app_url=URL base do Gitea
 app_url_helper=Endereço base para URLs clone HTTP(S) e notificações por e-mail.
 log_root_path=Caminho do log
@@ -303,7 +292,6 @@ no_reply_address=Domínio de e-mail oculto
 no_reply_address_helper=Nome de domínio para usuários com um endereço de e-mail oculto. Por exemplo, o nome de usuário 'joe' será registrado no Git como 'joe@noreply.example.org' se o domínio de e-mail oculto estiver definido como 'noreply.example.org'.
 password_algorithm=Algoritmo Hash de Senha
 invalid_password_algorithm=Algoritmo de hash de senha inválido
-password_algorithm_helper=Escolha o algoritmo de hash para as senhas. Diferentes algoritmos têm requerimentos e forças diversos. O algoritmo argon2 é bastante seguro, mas usa muita memória e pode ser inapropriado para sistemas com menos recursos.
 enable_update_checker=Habilitar Verificador de Atualizações
 enable_update_checker_helper=Procura por novas versões periodicamente conectando-se ao gitea.io.
 env_config_keys=Configuração do ambiente
@@ -361,8 +349,6 @@ allow_password_change=Exigir que o usuário redefina a senha (recomendado)
 reset_password_mail_sent_prompt=Um e-mail de confirmação foi enviado para <b>%s</b>. Por favor, verifique sua caixa de entrada dentro do(s) próximo(s) %s para concluir o processo de recuperação de conta.
 active_your_account=Ativar sua conta
 account_activated=Conta foi ativada
-prohibit_login=Acesso proibido
-prohibit_login_desc=Sua conta está proibida de fazer login, entre em contato com o administrador do site.
 resent_limit_prompt=Você já solicitou recentemente um e-mail de ativação. Por favor, aguarde 3 minutos e tente novamente.
 has_unconfirmed_mail=Oi %s, você possui um endereço de e-mail não confirmado (<b>%s</b>). Se você não recebeu um e-mail de confirmação ou precisa reenviar um novo, clique no botão abaixo.
 resend_mail=Clique aqui para reenviar seu e-mail de ativação
@@ -398,16 +384,12 @@ openid_connect_desc=O URI do OpenID escolhido é desconhecido. Associe-o com uma
 openid_register_title=Criar uma nova conta
 openid_register_desc=O URI do OpenID escolhido é desconhecido. Associe-o com uma nova conta aqui.
 openid_signin_desc=Digite o URI do seu OpenID. Por exemplo: alice.openid.example.org ou https://openid.example.org/alice.
-disable_forgot_password_mail=A recuperação de conta está desativada porque nenhum e-mail está configurado. Por favor, contate o administrador do site.
-disable_forgot_password_mail_admin=A recuperação de conta só está disponível quando o e-mail está configurado. Por favor, configure o e-mail para permitir a recuperação de conta.
 email_domain_blacklisted=Você não pode se cadastrar com seu endereço de e-mail.
 authorize_application=Autorizar aplicativo
 authorize_redirect_notice=Você será redirecionado para %s se você autorizar este aplicativo.
 authorize_application_created_by=Este aplicativo foi criado por %s.
-authorize_application_description=Se você conceder o acesso, ele será capaz de acessar e escrever em todas as informações da sua conta, incluindo repositórios privados e organizações.
 authorize_title=Autorizar "%s" para acessar sua conta?
 authorization_failed=Autorização falhou
-authorization_failed_desc=A autorização falhou porque detectamos uma solicitação inválida. Entre em contato com o responsável do aplicativo que você tentou autorizar.
 sspi_auth_failed=Falha de autenticação SSPI
 password_pwned_err=Não foi possível concluir a requisição ao HaveIBeenPwned
 last_admin=Você não pode remover o último administrador. Deve haver pelo menos um administrador.
@@ -428,8 +410,6 @@ activate_email.title=%s, por favor verifique o seu endereço de e-mail
 activate_email.text=Por favor clique no link a seguir para verificar o seu endereço de e-mail em <b>%s</b>:
 
 register_notify.title=%[1]s, bem-vindo(a) a %[2]s
-register_notify.text_1=este é o seu e-mail de confirmação de registro para %s!
-register_notify.text_2=Agora você pode entrar com o nome de usuário: %s.
 register_notify.text_3=Se esta conta foi criada para você, <a href="%s">defina sua senha</a> primeiro.
 
 reset_password=Recuperar sua conta
@@ -467,7 +447,6 @@ release.download.targz=Código fonte (TAR.GZ)
 repo.transfer.subject_to=%s gostaria de transferir "%s" para %s
 repo.transfer.subject_to_you=%s gostaria de transferir "%s" para você
 repo.transfer.to_you=você
-repo.transfer.body=Para o aceitar ou rejeitar visite %s, ou simplesmente o ignore.
 
 repo.collaborator.added.subject=%s adicionou você a %s
 repo.collaborator.added.text=Você foi adicionado como um colaborador do repositório:
@@ -519,7 +498,6 @@ url_error= `"%s" não é um URL válido.`
 include_error=` deve conter "%s".`
 glob_pattern_error=` padrão glob é inválido: %s.`
 regex_pattern_error=` o regex é inválido: %s.`
-username_error=` só pode conter caracteres alfanuméricos ('0-9','a-z','A-Z'), traço ('-'), sublinhado ('_') e ponto ('.'). Não pode começar ou terminar com caracteres não alfanuméricos, e caracteres não-alfanuméricos consecutivos também são proibidos.`
 invalid_group_team_map_error=` mapeamento é inválido: %s`
 unknown_error=Erro desconhecido:
 captcha_incorrect=O código CAPTCHA está incorreto.
@@ -532,11 +510,9 @@ username_has_not_been_changed=Nome de usuário não foi alterado
 repo_name_been_taken=O nome de repositório já está sendo usado.
 repository_force_private=Forçar Privado está ativado: repositórios privados não podem ser tornados públicos.
 repository_files_already_exist=Arquivos já existem neste repositório. Contate o administrador.
-repository_files_already_exist.adopt=Arquivos já existem neste repositório e só podem ser adotados.
 repository_files_already_exist.delete=Arquivos já existem neste repositório. Você deve deletá-los.
 repository_files_already_exist.adopt_or_delete=Arquivos já existem neste repositório. Você deve adotá-los ou deletá-los.
 visit_rate_limit=Limitação da taxa de visita remota.
-2fa_auth_required=Visita remota requer autenticação de dois fatores.
 org_name_been_taken=O nome da organização já está sendo usado.
 team_name_been_taken=O nome da equipe já está sendo usado.
 team_no_units_error=Permitir acesso a pelo menos uma seção de repositório.
@@ -564,14 +540,8 @@ invalid_ssh_key=Não é possível verificar sua chave SSH: %s
 invalid_gpg_key=Não é possível verificar sua chave GPG: %s
 invalid_ssh_principal=Nome principal inválido: %s
 must_use_public_key=A chave que você forneceu é uma chave privada. Por favor, não envie sua chave privada em nenhum lugar. Use sua chave pública em vez disso.
-unable_verify_ssh_key=Não é possível verificar a chave SSH, verifique se há erros.
 auth_failed=Autenticação falhou: %v
 
-still_own_repo=Sua conta possui um ou mais repositórios, exclua ou transfira-os primeiro.
-still_has_org=Sua conta é um membro de uma ou mais organizações, deixe-as primeiro.
-still_own_packages=Sua conta possui um ou mais pacotes, exclua-os primeiro.
-org_still_own_repo=Esta organização ainda possui repositórios, exclua ou transfira-os primeiro.
-org_still_own_packages=Esta organização ainda possui pacotes, exclua-os primeiro.
 
 target_branch_not_exist=O branch de destino não existe.
 
@@ -601,7 +571,6 @@ settings=Configurações do usuário
 
 form.name_reserved=O nome de usuário "%s" está reservado.
 form.name_pattern_not_allowed=O padrão de "%s" não é permitido em um nome de usuário.
-form.name_chars_not_allowed=Nome de usuário "%s" contém caracteres inválidos.
 
 
 [settings]
@@ -624,7 +593,6 @@ uid=UID
 public_profile=Perfil público
 biography_placeholder=Conte-nos um pouco sobre você! (Você pode usar Markdown)
 location_placeholder=Compartilhe sua localização aproximada com outras pessoas
-profile_desc=Controle como o seu perfil é exibido para outros usuários. Seu endereço de e-mail principal será usado para notificações, recuperação de senha e operações do Git baseadas na Web.
 full_name=Nome completo
 website=Site
 location=Localização
@@ -694,10 +662,8 @@ requires_activation=Requer ativação
 primary_email=Tornar Principal
 activate_email=Enviar Ativação
 activations_pending=Ativações pendentes
-can_not_add_email_activations_pending=Há uma ativação pendente, tente novamente em alguns minutos se quiser adicionar um novo e-mail.
 delete_email=Remover
 email_deletion=Remover endereço de e-mail
-email_deletion_desc=O endereço de e-mail e informações relacionadas serão removidos de sua conta. Commits aplicados por este endereço de e-mail permanecerão inalterados. Continuar?
 email_deletion_success=O endereço de e-mail foi removido.
 theme_update_success=Seu tema foi atualizado.
 theme_update_error=O tema selecionado não existe.
@@ -740,7 +706,6 @@ gpg_key_matched_identities_long=As identidades incorporadas nesta chave coincide
 gpg_key_verified=Chave validada
 gpg_key_verified_long=A chave foi validada com um token e pode ser usada para verificar commits correspondentes a qualquer endereço de e-mail ativado para esse usuário, além de quaisquer identidades correspondentes para essa chave.
 gpg_key_verify=Validar
-gpg_invalid_token_signature=A chave GPG fornecida, a assinatura ou o token não correspondem ou o token está desatualizado.
 gpg_token_required=Você tem que fornecer uma assinatura para o token abaixo
 gpg_token=Token
 gpg_token_help=Você pode gerar uma assinatura usando:
@@ -750,7 +715,6 @@ verify_gpg_key_success=A chave GPG "%s" foi validada.
 ssh_key_verified=Chave validada
 ssh_key_verified_long=A chave foi validada com um token e pode ser usada para validar commits que correspondam a qualquer dos endereços de e-mail ativados deste usuário.
 ssh_key_verify=Validar
-ssh_invalid_token_signature=A chave, assinatura ou token SSH fornecidos não coincidem, ou então o token expirou.
 ssh_token_required=Você tem que fornecer uma assinatura para o token abaixo
 ssh_token=Token
 ssh_token_help=Você pode gerar uma assinatura usando:
@@ -771,7 +735,6 @@ gpg_key_deletion=Remover a chave GPG
 ssh_principal_deletion=Remover Nome Principal do Certificado SSH
 ssh_key_deletion_desc=A exclusão de uma chave SSH revoga seu acesso à sua conta. Continuar?
 gpg_key_deletion_desc=A exclusão de uma chave GPG cancela a verificação de confirmações assinadas por ela. Continuar?
-ssh_principal_deletion_desc=A exclusão de um Nome Principal de um Certificado SSH revoga o seu acesso à sua conta. Proceder?
 ssh_key_deletion_success=A chave SSH foi removida.
 gpg_key_deletion_success=A chave GPG foi removida.
 ssh_principal_deletion_success=O nome principal foi removido.
@@ -828,7 +791,6 @@ create_oauth2_application_button=Criar aplicativo
 create_oauth2_application_success=Você criou um aplicativo OAuth2 com sucesso.
 update_oauth2_application_success=Você atualizou o aplicativo OAuth2 com sucesso.
 oauth2_application_name=Nome do aplicativo
-oauth2_confidential_client=Cliente Confidencial. Selecione para aplicativos que mantêm a confidencialidade do segredo, como aplicativos web. Não selecione para aplicativos nativos, incluindo aplicativos desktop e celulares.
 oauth2_redirect_uris=URIs de redirecionamento. Por favor use uma nova linha para cada URI.
 save_application=Salvar
 oauth2_client_id=Client ID
@@ -842,17 +804,14 @@ oauth2_application_remove_description=A remoção de um aplicativo OAuth2 impedi
 oauth2_application_locked=O Gitea pré-registra alguns aplicativos OAuth2 na inicialização, se habilitados na configuração. Para evitar um comportamento inesperado, eles não podem ser editados nem removidos. Consulte a documentação do OAuth2 para obter mais informações.
 
 authorized_oauth2_applications=Aplicações OAuth2 autorizadas
-authorized_oauth2_applications_description=Você concedeu acesso à sua conta pessoal da Gitea para esses aplicativos de terceiros. Revogue o acesso aos aplicativos de que não precisa mais.
 revoke_key=Revogar
 revoke_oauth2_grant=Revogar acesso
-revoke_oauth2_grant_description=Revogando o acesso para este aplicativo de terceiros impedirá este aplicativo de acessar seus dados. Tem certeza?
 revoke_oauth2_grant_success=Acesso revogado com sucesso.
 
 twofa_recovery_tip=Se você perder o seu dispositivo, você será capaz de usar uma chave de recuperação de uso único para recuperar o acesso à sua conta.
 twofa_is_enrolled=Sua conta está atualmente <strong>habilitada</strong> com autenticação de dois fatores.
 twofa_not_enrolled=Sua conta não está atualmente inscrita para a autenticação em duas etapas.
 twofa_disable=Desabilitar a autenticação de dois fatores
-twofa_enroll=Inscrever para a autenticação de dois fatores
 twofa_disable_note=Você pode desabilitar a autenticação de dois fatores se necessário.
 twofa_disable_desc=Desabilitar a autenticação de dois fatores tornará sua conta menos segura. Tem certeza que deseja continuar?
 twofa_disabled=A autenticação de dois fatores foi desabilitada.
@@ -865,13 +824,11 @@ twofa_failed_get_secret=Falha ao obter o segredo.
 webauthn_register_key=Adicionar chave de segurança
 webauthn_nickname=Apelido
 webauthn_delete_key=Remover chave de segurança
-webauthn_delete_key_desc=Se você remover uma chave de segurança, não poderá mais entrar com ela. Continuar?
 webauthn_key_loss_warning=Se você perder suas chaves de segurança, perderá o acesso à sua conta.
 webauthn_alternative_tip=Você pode querer configurar um método de autenticação adicional.
 
 manage_account_links=Gerenciar contas vinculadas
 manage_account_links_desc=Estas contas externas estão vinculadas a sua conta de Gitea.
-account_links_not_available=Não existem contas externas atualmente vinculadas a esta conta.
 link_account=Vincular Conta
 remove_account_link=Remover conta vinculada
 remove_account_link_desc=A exclusão da chave SSH revogará o acesso à sua conta. Continuar?
@@ -926,7 +883,6 @@ fork_to_different_account=Faça um fork para uma conta diferente
 fork_visibility_helper=A visibilidade do fork de um repositório não pode ser alterada.
 fork_branch=Branch a ser clonado para o fork
 all_branches=Todos os branches
-fork_no_valid_owners=Não é possível fazer um fork desse repositório porque não há proprietários validos.
 use_template=Usar este modelo
 download_zip=Baixar ZIP
 download_tar=Baixar TAR.GZ
@@ -963,12 +919,10 @@ mirror_sync=sincronizado
 mirror_sync_on_commit=Sincronizar quando commits forem enviados
 mirror_address=Clonar de URL
 mirror_address_desc=Coloque todas as credenciais necessárias na seção de autorização.
-mirror_address_url_invalid=O URL fornecido é inválido. Você deve escapar todos os componentes do URL corretamente.
 mirror_address_protocol_invalid=O URL fornecido é inválido. Somente locais http(s):// ou git:// podem ser usados para espelhamento.
 mirror_lfs=Armazenamento de Arquivo Grande (LFS)
 mirror_lfs_desc=Ativar espelhamento de dados LFS.
 mirror_lfs_endpoint=Destino LFS
-mirror_lfs_endpoint_desc=A sincronização tentará usar o URL de clonagem para <a target="_blank" rel="noopener noreferrer" href="%s">determinar o servidor LFS</a>. Você também pode especificar um destino personalizado se os dados do repositório LFS forem armazenados em outro lugar.
 mirror_last_synced=Última sincronização
 mirror_password_placeholder=(inalterada)
 mirror_password_blank_placeholder=(não definida)
@@ -980,7 +934,6 @@ forks=Forks
 reactions_more=e %d mais
 unit_disabled=O administrador do site desabilitou esta seção do repositório.
 language_other=Outra
-adopt_search=Digite o nome de usuário para pesquisar por repositórios órfãos... (deixe em branco para encontrar todos)
 adopt_preexisting_label=Adotar arquivos
 adopt_preexisting=Adotar arquivos pré-existentes
 adopt_preexisting_content=Criar repositório a partir de %s
@@ -1015,8 +968,6 @@ template.issue_labels=Etiquetas de issue
 template.one_item=Deve-se selecionar pelo menos um item de modelo
 template.invalid=Deve-se selecionar um repositório de modelo
 
-archive.title=Este repositório está arquivado. Você pode visualizar arquivos e cloná-lo, mas não pode fazer push, abrir issues ou pull requests.
-archive.title_date=Este repositório foi arquivado em %s. Você pode visualizar arquivos e cloná-lo, mas não pode fazer push, abrir issues ou pull requests.
 archive.issue.nocomment=Este repositório está arquivado. Você não pode comentar nas issues.
 archive.pull.nocomment=Este repositório está arquivado. Você não pode comentar nos pull requests.
 
@@ -1033,7 +984,6 @@ migrate_options_lfs=Migrar arquivos LFS
 migrate_options_lfs_endpoint.label=Destino LFS
 migrate_options_lfs_endpoint.description=A migração tentará usar seu controle remoto Git para <a target="_blank" rel="noopener noreferrer" href="%s">determinar o servidor LFS</a>. Você também pode especificar um destino personalizado se os dados do repositório LFS forem armazenados em outro lugar.
 migrate_options_lfs_endpoint.description.local=Um caminho de servidor local também é suportado.
-migrate_options_lfs_endpoint.placeholder=Se for deixado em branco, o endpoint será derivado do URL do clone
 migrate_items=Itens da migração
 migrate_items_wiki=Wiki
 migrate_items_milestones=Marcos
@@ -1045,10 +995,8 @@ migrate_items_releases=Versões
 migrate_repo=Migrar repositório
 migrate.clone_address=Migrar / Clonar de URL
 migrate.clone_address_desc=URL HTTP (S) ou Git 'clone' de um repositório existente
-migrate.github_token_desc=Você pode colocar aqui um ou mais tokens separados por vírgulas para tornar a migração mais rápida para compensar o limite de taxa de API do GitHub. AVISO: abusar desse recurso pode violar a política do provedor de serviços e levar ao bloqueio da conta.
 migrate.clone_local_path=ou um caminho de servidor local
 migrate.permission_denied=Você não pode importar repositórios locais.
-migrate.permission_denied_blocked=Você não pode importar dos hosts não permitidos, por favor peça ao administrador para verificar as configurações ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_local_path=O caminho local é inválido. Ele não existe ou não é um diretório.
 migrate.invalid_lfs_endpoint=O destino LFS não é válido.
 migrate.failed=Migração falhou: %v
@@ -1056,7 +1004,6 @@ migrate.migrate_items_options=Um Token de Acesso é necessário para migrar iten
 migrated_from=Migrado de <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrado de %[1]s
 migrate.migrate=Migrar de %s
-migrate.migrating=Migrando a partir de <b>%s</b> ...
 migrate.migrating_failed=Migração a partir de <b>%s</b> falhou.
 migrate.migrating_failed.error=Falha ao migrar: %s
 migrate.migrating_failed_no_addr=A migração falhou.
@@ -1098,7 +1045,6 @@ clone_this_repo=Clonar este repositório
 cite_this_repo=Citar este repositório
 create_new_repo_command=Criando um novo repositório por linha de comando
 push_exist_repo=Realizando push para um repositório existente por linha de comando
-empty_message=Este repositório está vazio.
 broken_message=Os dados Git subjacentes a este repositório não podem ser lidos. Entre em contato com o administrador desta instância ou exclua este repositório.
 
 code=Código
@@ -1116,7 +1062,6 @@ projects=Projetos
 packages=Pacotes
 actions=Ações
 labels=Etiquetas
-org_labels_desc=Rótulos de nível de organização que podem ser usados em <strong>todos os repositórios</strong> sob esta organização
 org_labels_desc_manage=gerenciar
 
 milestone=Marco
@@ -1148,7 +1093,6 @@ file_copy_permalink=Copiar Link Permanente
 view_git_blame=Ver Git Blame
 video_not_supported_in_browser=Seu navegador não suporta a tag 'video' do HTML5.
 audio_not_supported_in_browser=Seu navegador não suporta a tag 'audio' do HTML5.
-stored_lfs=Armazenado com Git LFS
 symbolic_link=Link simbólico
 executable_file=Arquivo executável
 generated=Gerado
@@ -1192,7 +1136,6 @@ editor.update=Atualizar %s
 editor.delete=Excluir %s
 editor.patch=Aplicar Correção
 editor.patching=Corrigindo:
-editor.fail_to_apply_patch=`Não foi possível aplicar a correção "%s"`
 editor.new_patch=Nova correção
 editor.commit_message_desc=Adicione uma descrição detalhada (opcional)...
 editor.signoff_desc=Adicione um assinado-por-committer no final do log do commit.
@@ -1208,17 +1151,12 @@ editor.filename_is_invalid=O nome do arquivo é inválido: "%s".
 editor.branch_does_not_exist=Branch "%s" não existe neste repositório.
 editor.branch_already_exists=Branch "%s" já existe neste repositório.
 editor.directory_is_a_file=O nome do diretório "%s" já é usado como um nome de arquivo neste repositório.
-editor.file_is_a_symlink=`"%s" é um link simbólico. Links simbólicos não podem ser editados no editor da web`
 editor.filename_is_a_directory=O nome do arquivo "%s" já é usado como um nome de diretório neste repositório.
-editor.file_editing_no_longer_exists=O arquivo que está sendo editado, "%s", não existe mais neste repositório.
-editor.file_deleting_no_longer_exists=O arquivo a ser excluído, "%s", não existe mais neste repositório.
 editor.file_changed_while_editing=O conteúdo do arquivo mudou desde que você começou a editar. <a target="_blank" rel="noopener noreferrer" href="%s">Clique aqui</a> para ver o que foi editado ou <strong>clique em Aplicar commit das alterações novamemente</strong> para sobreescrever estas alterações.
 editor.file_already_exists=Um arquivo com nome "%s" já existe neste repositório.
 editor.commit_empty_file_header=Fazer commit de um arquivo vazio
 editor.commit_empty_file_text=O arquivo que você está prestes fazer commit está vazio. Continuar?
 editor.no_changes_to_show=Nenhuma alteração a mostrar.
-editor.fail_to_update_file=Falha ao atualizar/criar arquivo "%s".
-editor.fail_to_update_file_summary=Mensagem de erro:
 editor.push_rejected_no_message=A alteração foi rejeitada pelo servidor sem uma mensagem. Por favor, verifique os Hooks Git.
 editor.push_rejected=A alteração foi rejeitada pelo servidor. Por favor, verifique os Hooks Git.
 editor.push_rejected_summary=Mensagem completa de rejeição:
@@ -1233,6 +1171,7 @@ editor.require_signed_commit=Branch requer um commit assinado
 editor.cherry_pick=Cherry-pick %s para:
 editor.revert=Reverter %s para:
 
+
 commits.desc=Veja o histórico de alterações do código de fonte.
 commits.commits=Commits
 commits.no_commits=Nenhum commit em comum. "%s" e "%s" tem históricos completamente diferentes.
@@ -1389,7 +1328,6 @@ issues.filter_type.reviewed_by_you=Revisado por você
 issues.filter_sort=Ordenação
 issues.filter_sort.latest=Mais recentes
 issues.filter_sort.oldest=Mais antigos
-issues.filter_sort.recentupdate=Mais recentemente atualizados
 issues.filter_sort.leastupdate=Menos recentemente atualizados
 issues.filter_sort.mostcomment=Mais comentados
 issues.filter_sort.leastcomment=Menos comentados
@@ -1496,7 +1434,6 @@ issues.pin_comment=fixou isto %s
 issues.unpin_comment=desafixou isto %s
 issues.lock=Bloquear conversação
 issues.unlock=Desbloquear conversação
-issues.lock.unknown_reason=Não pode-se bloquear uma issue com um motivo desconhecido.
 issues.lock_duplicate=Uma issue não pode ser bloqueada duas vezes.
 issues.unlock_error=Não pode-se desbloquear uma issue que não esteja bloqueada.
 issues.lock_with_reason=bloqueada como <strong>%s</strong> e conversação limitada para colaboradores %s
@@ -1504,7 +1441,6 @@ issues.lock_no_reason=bloqueada e conversação limitada para colaboradores %s
 issues.unlock_comment=desbloqueada esta conversação %s
 issues.lock_confirm=Bloquear
 issues.unlock_confirm=Desbloquear
-issues.lock.notice_1=- Outros usuários não poderão adicionar novos comentários nesta issue.
 issues.lock.notice_2=- Você e outros colaboradores com acesso a este repositório ainda podem deixar comentários que outros podem ver.
 issues.lock.notice_3=- Você pode sempre desbloquear esta issue novamente no futuro.
 issues.unlock.notice_1=- Todos poderão comentar mais uma vez nesta issue.
@@ -1542,7 +1478,6 @@ issues.due_date_form=dd/mm/aaaa
 issues.due_date_form_add=Adicionar data limite
 issues.due_date_form_edit=Editar
 issues.due_date_form_remove=Remover
-issues.due_date_not_writer=Você precisa de acesso de gravação a esse repositório para atualizar a data limite de uma issue.
 issues.due_date_not_set=Data limite não informada.
 issues.due_date_added=adicionou a data limite %s %s
 issues.due_date_modified=modificou a data limite de %[2]s para %[1]s %[3]s
@@ -1565,9 +1500,7 @@ issues.dependency.pr_closing_blockedby=Fechamento deste pull request está bloqu
 issues.dependency.issue_closing_blockedby=Fechamento desta issue está bloqueado pelas seguintes issues
 issues.dependency.issue_close_blocks=Esta issue bloqueia o fechamento das seguintes issues
 issues.dependency.pr_close_blocks=Este pull request bloqueia o fechamento das seguintes issues
-issues.dependency.issue_close_blocked=Você precisa fechar todas as issues que bloqueiam esta issue antes de poder fechá-la.
 issues.dependency.issue_batch_close_blocked=Não é possível fechar as issues que você escolheu, porque a issue #%d ainda tem dependências abertas
-issues.dependency.pr_close_blocked=Você precisa fechar todas issues que bloqueiam este pull request antes de poder fazer o merge.
 issues.dependency.blocks_short=Bloqueia
 issues.dependency.blocked_by_short=Depende de
 issues.dependency.remove_header=Remover dependência
@@ -1578,12 +1511,10 @@ issues.dependency.add_error_same_issue=Você não pode fazer uma issue depender
 issues.dependency.add_error_dep_issue_not_exist=Issue dependente não existe.
 issues.dependency.add_error_dep_not_exist=Dependência não existe.
 issues.dependency.add_error_dep_exists=Dependência já existe.
-issues.dependency.add_error_cannot_create_circular=Você não pode criar uma dependência com duas issues bloqueando uma a outra.
 issues.dependency.add_error_dep_not_same_repo=Ambas as issues devem estar no mesmo repositório.
 issues.review.self.approval=Você não pode aprovar o seu próprio pull request.
 issues.review.self.rejection=Você não pode solicitar alterações em seu próprio pull request.
 issues.review.approve=aprovou estas alterações %s
-issues.review.dismissed=rejeitou a revisão de %s %s
 issues.review.dismissed_label=Rejeitada
 issues.review.left_comment=deixou um comentário
 issues.review.content.empty=Você precisa deixar um comentário indicando as alterações solicitadas.
@@ -1591,7 +1522,6 @@ issues.review.reject=alterações solicitadas %s
 issues.review.wait=foi solicitada para revisão %s
 issues.review.add_review_request=solicitou revisão de %s %s
 issues.review.remove_review_request=removeu a solicitação de revisão para %s %s
-issues.review.remove_review_request_self=recusou revisar %s
 issues.review.pending=Pendente
 issues.review.pending.tooltip=Este comentário não está atualmente visível para outros usuários. Para enviar seus comentários pendentes, selecione "%s" -> "%s/%s/%s" no topo da página.
 issues.review.review=Revisão
@@ -1608,7 +1538,6 @@ issues.review.resolve_conversation=Resolver conversa
 issues.review.un_resolve_conversation=Conversa não resolvida
 issues.review.resolved_by=marcou esta conversa como resolvida
 issues.review.commented=Comentar
-issues.assignee.error=Nem todos os responsáveis foram adicionados devido a um erro inesperado.
 issues.reference_issue.body=Conteúdo
 issues.content_history.deleted=excluído
 issues.content_history.edited=editado
@@ -1643,7 +1572,6 @@ pulls.show_all_commits=Mostrar todos os commits
 pulls.show_changes_since_your_last_review=Mostrar alterações desde sua última revisão
 pulls.showing_only_single_commit=Mostrando apenas as alterações do commit %[1]s
 pulls.showing_specified_commit_range=Mostrando apenas as alterações entre %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Selecionar commit. Mantenha pressionado shift + clique para selecionar um intervalo
 pulls.review_only_possible_for_full_diff=A revisão só é possível ao visualizar todas as diferenças
 pulls.filter_changes_by_commit=Filtrar por commit
 pulls.nothing_to_compare=Estes branches são iguais. Não há nenhuma necessidade para criar um pull request.
@@ -1671,7 +1599,6 @@ pulls.add_prefix=Adicione o prefixo <strong>%s</strong>
 pulls.remove_prefix=Remover o prefixo <strong>%s</strong>
 pulls.data_broken=Este pull request está quebrado devido a falta de informação do fork.
 pulls.files_conflicted=Este pull request tem alterações conflitantes com o branch de destino.
-pulls.is_checking=Verificação de conflitos do merge está em andamento. Tente novamente em alguns momentos.
 pulls.is_ancestor=Este branch já está incluído no branch de destino. Não há nada para mesclar.
 pulls.is_empty=As alterações neste branch já estão na branch de destino. Este será um commit vazio.
 pulls.required_status_check_failed=Algumas verificações necessárias não foram bem sucedidas.
@@ -1693,16 +1620,12 @@ pulls.reject_count_1=%d pedido de alteração
 pulls.reject_count_n=%d pedidos de alteração
 pulls.waiting_count_1=aguardando %d revisão
 pulls.waiting_count_n=aguardando %d revisões
-pulls.wrong_commit_id=id de commit tem que ser um id de commit no branch de destino
 
 pulls.no_merge_desc=O merge deste pull request não pode ser aplicado porque todas as opções de mesclagem do repositório estão desabilitadas.
 pulls.no_merge_helper=Habilite as opções de merge nas configurações do repositório ou faça o merge do pull request manualmente.
 pulls.no_merge_wip=O merge deste pull request não pode ser aplicado porque está marcado como um trabalho em andamento.
-pulls.no_merge_not_ready=Este pull request não está pronto para ser realizado o merge, verifique o status da revisão e as verificações de status.
 pulls.no_merge_access=Você não está autorizado para realizar o merge deste pull request.
 pulls.merge_pull_request=Criar commit de merge
-pulls.rebase_merge_pull_request=Rebase e fast-forward
-pulls.rebase_merge_commit_pull_request=Rebase e criar commit de merge
 pulls.squash_merge_pull_request=Criar commit de squash
 pulls.fast_forward_only_merge_pull_request=Apenas Fast-forward
 pulls.merge_manually=Merge feito manualmente
@@ -1710,13 +1633,8 @@ pulls.merge_commit_id=A ID de merge commit
 pulls.require_signed_wont_sign=O branch requer commits assinados, mas este merge não será assinado
 
 pulls.invalid_merge_option=Você não pode usar esta opção de merge neste pull request.
-pulls.merge_conflict=O merge falhou: Houve um conflito ao fazer merge. Dica: Tente uma estratégia diferente
 pulls.merge_conflict_summary=Mensagem de erro
-pulls.rebase_conflict=O merge falhou: Houve um conflito durante o rebase do commit %[1]s. Dica: Tente uma estratégia diferente
 pulls.rebase_conflict_summary=Mensagem de Erro
-pulls.unrelated_histories=Merge falhou: O merge do principal e da base não compartilham uma história comum. Dica: Tente uma estratégia diferente
-pulls.merge_out_of_date=Merge falhou: durante a geração do merge, a base não foi atualizada. Dica: Tente novamente.
-pulls.head_out_of_date=O merge falhou: Enquanto gerava o merge, a head foi atualizada. Dica: Tente novamente.
 pulls.push_rejected_summary=Mensagem completa da rejeição
 pulls.open_unmerged_pull_exists=`Não é possível executar uma operação de reabertura pois há um pull request pendente (#%d) com propriedades idênticas.`
 pulls.status_checking=Algumas verificações estão pendentes
@@ -1740,7 +1658,6 @@ pulls.cmd_instruction_checkout_title=Checkout
 pulls.cmd_instruction_merge_title=Merge
 pulls.cmd_instruction_merge_desc=Faça merge das alterações e atualize no Gitea.
 pulls.clear_merge_message=Limpar mensagem do merge
-pulls.clear_merge_message_hint=Limpar a mensagem de merge só irá remover o conteúdo da mensagem de commit e manter trailers git gerados, como "Co-Authored-By …".
 
 pulls.auto_merge_button_when_succeed=(Quando a verificação for bem-sucedida)
 pulls.auto_merge_when_succeed=Mesclar automaticamente quando todas as verificações forem bem sucedidas
@@ -1793,12 +1710,10 @@ milestones.filter_sort.most_issues=Com mais issues
 milestones.filter_sort.least_issues=Com menos issues
 
 signing.will_sign=Esse commit será assinado com a chave "%s".
-signing.wont_sign.error=Ocorreu um erro ao verificar se o commit poderia ser assinado.
 signing.wont_sign.nokey=Não há nenhuma chave disponível para assinar esse commit.
 signing.wont_sign.never=Commits nunca são assinados.
 signing.wont_sign.always=Commits são sempre assinados.
 signing.wont_sign.pubkey=O commit não será assinado porque você não tem uma chave pública associada à sua conta.
-signing.wont_sign.twofa=Você deve ter a autenticação de dois fatores ativada para que os commits sejam assinados.
 signing.wont_sign.parentsigned=O commit não será assinado, pois o commit pai não está assinado.
 signing.wont_sign.basesigned=O merge não será assinado, pois o commit base não está assinado.
 signing.wont_sign.commitssigned=O merge não será assinado, pois todos os commits associados não estão assinados.
@@ -1881,7 +1796,6 @@ activity.title.releases_1=%d Versão
 activity.title.releases_n=%d Versões
 activity.title.releases_published_by=%s publicada(s) por %s
 activity.published_release_label=Publicado
-activity.no_git_activity=Não houve nenhuma atividade de commit neste período.
 activity.git_stats_exclude_merges=Excluindo merges,
 activity.git_stats_author_1=%d autor
 activity.git_stats_author_n=%d autores
@@ -1909,7 +1823,6 @@ contributors.contribution_type.additions=Adições
 contributors.contribution_type.deletions=Exclusões
 
 settings=Configurações
-settings.desc=Opções é onde você pode gerenciar as configurações para o repositório
 settings.options=Repositório
 settings.collaboration=Colaboradores
 settings.collaboration.admin=Administrador
@@ -1984,7 +1897,6 @@ settings.admin_indexer_commit_sha=Último SHA indexado
 settings.admin_indexer_unindexed=Não indexado
 settings.reindex_button=Adicionar à fila de reindexação
 settings.reindex_requested=Reindexação requisitada
-settings.admin_enable_close_issues_via_commit_in_any_branch=Fechar issue via commit em um branch não padrão
 settings.danger_zone=Zona de perigo
 settings.new_owner_has_same_repo=O novo proprietário já tem um repositório com o mesmo nome. Por favor, escolha outro nome.
 settings.convert=Converter para repositório tradicional
@@ -2004,7 +1916,6 @@ settings.transfer_abort=Cancelar transferência
 settings.transfer_abort_invalid=Não é possível cancelar uma transferência de repositório não existente.
 settings.transfer_desc=Transferir este repositório para outro usuário ou para uma organização onde você tem direitos de administrador.
 settings.transfer_form_title=Digite o nome do repositório para confirmar:
-settings.transfer_in_progress=Há uma transferência em andamento. Por favor, cancele se você gostaria de transferir este repositório para outro usuário.
 settings.transfer_notices_1=- Você perderá o acesso ao repositório se transferir para um usuário individual.
 settings.transfer_notices_2=- Você manterá acesso ao repositório se transferi-lo para uma organização que você também é proprietário.
 settings.transfer_notices_3=- Se o repositório for privado e for transferido para um usuário individual, esta ação certifica que o usuário tem pelo menos permissão de leitura (e altera as permissões se necessário).
@@ -2018,12 +1929,9 @@ settings.trust_model.default=Modelo Padrão de Confiança
 settings.trust_model.default.desc=Use o modelo de confiança de repositório padrão para esta instalação.
 settings.trust_model.collaborator=Colaborador
 settings.trust_model.collaborator.long=Colaborador: Confiar em assinaturas feitas por colaboradores
-settings.trust_model.collaborator.desc=Assinaturas válidas dos colaboradores deste repositório serão marcadas como "confiáveis" - (quer correspondam ao autor do commit ou não). Caso contrário, assinaturas válidas serão marcadas como "não confiáveis" se a assinatura corresponder ao autor do submissão e "não corresponde" se não corresponder.
 settings.trust_model.committer=Committer
-settings.trust_model.committer.long=Committer: Confiar nas assinaturas que correspondam aos committers (isso corresponde ao GitHub e forçará commits assinados pelo Gitea a ter o Gitea como o committer)
 settings.trust_model.collaboratorcommitter=Colaborador+Commiter
 settings.trust_model.collaboratorcommitter.long=Colaborador+Committer: Confiar na assinatura dos colaboradores que correspondem ao autor do commit
-settings.trust_model.collaboratorcommitter.desc=Assinaturas válidas dos colaboradores deste repositório serão marcadas como "confiáveis" se corresponderem ao autor do commit. Caso contrário, as assinaturas válidas serão marcadas como "não confiáveis" se a assinatura corresponder ao autor do commit e "não corresponde" caso contrário. Isso forçará o Gitea a ser marcado como o autor do commit nos commits assinados com o autor marcado como Co-Authored-By: e o Committed-By: resumo do commit. A chave padrão do Gitea tem que corresponder a um usuário no banco de dados.
 settings.wiki_delete=Excluir dados da wiki
 settings.wiki_delete_desc=A exclusão de dados da wiki é permanente e não pode ser desfeita.
 settings.wiki_delete_notices_1=- Isso excluirá e desabilitará permanentemente a wiki do repositório %s.
@@ -2032,7 +1940,6 @@ settings.wiki_deletion_success=Os dados da wiki do repositório foi excluídos.
 settings.delete=Excluir este repositório
 settings.delete_desc=A exclusão de um repositório é permanente e não pode ser desfeita.
 settings.delete_notices_1=- Esta operação <strong>NÃO PODER�</strong> ser desfeita.
-settings.delete_notices_2=- Essa operação excluirá permanentemente o repositório <strong>%s</strong>, incluindo código, issues, comentários, dados da wiki e configurações do colaborador.
 settings.delete_notices_fork_1=- Forks deste repositório se tornarão independentes após a exclusão.
 settings.deletion_success=O repositório foi excluído.
 settings.update_settings_success=As configurações do repositório foram atualizadas.
@@ -2052,8 +1959,6 @@ settings.team_not_in_organization=A equipe não está na mesma organização que
 settings.teams=Equipes
 settings.add_team=Adicionar Equipe
 settings.add_team_duplicate=A equipe já tem o repositório
-settings.add_team_success=A equipe agora tem acesso ao repositório.
-settings.change_team_permission_tip=A permissão da equipe está definida na página de configurações da equipe e não pode ser alterada por repositório
 settings.delete_team_tip=Esta equipe tem acesso a todos os repositórios e não pode ser removida
 settings.remove_team_success=O acesso da equipe ao repositório foi removido.
 settings.add_webhook=Adicionar webhook
@@ -2062,8 +1967,6 @@ settings.hooks_desc=Webhooks automaticamente fazem requisições de HTTP POST pa
 settings.webhook_deletion=Remover webhook
 settings.webhook_deletion_desc=A exclusão de um webhook exclui suas configurações e o histórico de entrega. Continuar?
 settings.webhook_deletion_success=O webhook foi removido.
-settings.webhook.test_delivery=Entrega de teste
-settings.webhook.test_delivery_desc=Teste este webhook com um falso evento.
 settings.webhook.request=Solicitação
 settings.webhook.response=Resposta
 settings.webhook.headers=Cabeçalhos
@@ -2107,7 +2010,6 @@ settings.event_repository=Repositório
 settings.event_repository_desc=Repositório criado ou excluído.
 settings.event_header_issue=Eventos da Issue
 settings.event_issues=Issues
-settings.event_issues_desc=Issue aberta, fechada, reaberta ou editada.
 settings.event_issue_assign=Issue Atribuída
 settings.event_issue_assign_desc=Issue atribuída ou não atribuída.
 settings.event_issue_label=Issue Rotulada
@@ -2118,7 +2020,6 @@ settings.event_issue_comment=Comentário da issue
 settings.event_issue_comment_desc=Comentário da issue criado, editado ou excluído.
 settings.event_header_pull_request=Eventos de Pull Request
 settings.event_pull_request=Pull request
-settings.event_pull_request_desc=Pull request aberto, fechado, reaberto ou editado.
 settings.event_pull_request_assign=Pull Request Atribuído
 settings.event_pull_request_assign_desc=Pull request atribuído ou desatribuído.
 settings.event_pull_request_label=Pull Request Rotulado
@@ -2254,11 +2155,9 @@ settings.lfs_invalid_locking_path=Caminho inválido: %s
 settings.lfs_invalid_lock_directory=Não é possível bloquear o diretório: %s
 settings.lfs_lock_already_exists=O bloqueio já existe: %s
 settings.lfs_lock=Bloqueio
-settings.lfs_lock_path=Caminho de arquivo para bloquear...
 settings.lfs_locks_no_locks=Sem bloqueios
 settings.lfs_lock_file_no_exist=Arquivo bloqueado não existe no branch padrão
 settings.lfs_force_unlock=Forçar desbloqueio
-settings.lfs_pointers.found=Encontrado %d ponteiro(s) de blob - %d associado, %d não associado (%d ausente na loja)
 settings.lfs_pointers.sha=SHA Blob
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=No repositório
@@ -2424,7 +2323,6 @@ error.csv.unexpected=Não é possível renderizar este arquivo porque ele conté
 error.csv.invalid_field_count=Não é possível renderizar este arquivo porque ele tem um número errado de campos na linha %d.
 
 [graphs]
-component_loading=Carregando %s...
 component_loading_failed=Não foi possível carregar %s
 component_loading_info=Isto pode demorar um pouco…
 
@@ -2457,7 +2355,6 @@ form.create_org_not_allowed=Você não tem permissão para criar uma organizaçÃ
 settings=Configurações
 settings.options=Organização
 settings.full_name=Nome completo
-settings.email=E-mail de contato
 settings.website=Site
 settings.location=Localização
 settings.permission=Permissões
@@ -2471,14 +2368,13 @@ settings.visibility.private_shortname=Privado
 
 settings.update_settings=Atualizar Configurações
 settings.update_setting_success=Configurações da organização foram atualizadas.
-settings.change_orgname_redirect_prompt=O nome antigo irá redirecionar até que seja reivindicado.
+
+
 settings.update_avatar_success=O avatar da organização foi atualizado.
 settings.delete=Excluir organização
 settings.delete_account=Excluir esta organização
 settings.delete_prompt=A organização será excluída permanentemente. Isto <strong>NÃO PODER�</strong> ser desfeito!
 settings.confirm_delete_account=Confirmar exclusão
-settings.delete_org_title=Excluir organização
-settings.delete_org_desc=Essa organização será excluída permanentemente. Continuar?
 settings.hooks_desc=Adicionar Webhooks que serão acionados para <strong>todos os repositórios</strong> desta organização.
 
 settings.labels_desc=Adicionar rótulos que possam ser usadas em issues para <strong>todos os repositórios</strong> desta organização.
@@ -2533,7 +2429,6 @@ teams.remove_all_repos_title=Remover todos os repositórios da equipe
 teams.remove_all_repos_desc=Isto irá remover todos os repositórios da equipe.
 teams.add_all_repos_title=Adicionar todos os repositórios
 teams.add_all_repos_desc=Isto irá adicionar todos os repositórios da organização à equipe.
-teams.add_nonexistent_repo=O repositório que você está tentando adicionar não existe. Crie-o antes de adicioná-lo.
 teams.add_duplicate_users=Usuário já é um membro da equipe.
 teams.repos.none=Nenhum repositório pode ser acessado por essa equipe.
 teams.members.none=Nenhum membro nesta equipe.
@@ -2559,7 +2454,6 @@ repositories=Repositórios
 hooks=Webhooks
 integrations=Integrações
 authentication=Fontes de autenticação
-emails=E-mails do Usuário
 config=Configuração
 config_summary=Resumo
 config_settings=Configurações
@@ -2587,26 +2481,16 @@ dashboard.cron.process=Cron: %[1]s
 dashboard.cron.error=Erro no Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s terminou
 dashboard.delete_inactive_accounts=Excluir todas as contas não ativadas
-dashboard.delete_inactive_accounts.started=A tarefa de apagar todas as contas não ativadas foi iniciada.
 dashboard.delete_repo_archives=Excluir todos os arquivos dos repositórios (ZIP, TAR.GZ, etc..)
-dashboard.delete_repo_archives.started=A tarefa de remover todos os arquivos foi iniciada.
 dashboard.delete_missing_repos=Excluir todos os repositórios que não possuem seus arquivos Git
-dashboard.delete_missing_repos.started=Foi iniciada a tarefa de excluir todos os repositórios que não têm arquivos Git.
 dashboard.delete_generated_repository_avatars=Excluir avatares gerados do repositório
 dashboard.update_mirrors=Atualizar espelhamentos
 dashboard.repo_health_check=Verificar estado de saúde de todos os repositórios
 dashboard.check_repo_stats=Verificar estatísticas de todos os repositórios
 dashboard.archive_cleanup=Apagar arquivos antigos de repositório
-dashboard.deleted_branches_cleanup=Realizar limpeza de branches apagados
 dashboard.update_migration_poster_id=Sincronizar os IDs do remetente da migração
-dashboard.git_gc_repos=Coleta de lixo em todos os repositórios
-dashboard.resync_all_sshkeys=Atualizar o arquivo '.ssh/authorized_keys' com as chaves SSH do Gitea.
-dashboard.resync_all_sshprincipals=Atualizar o arquivo '.ssh/authorized_principals' com os diretores do Gitea SSH.
-dashboard.resync_all_hooks=Ressincronizar hooks pre-receive, update e post-receive de todos os repositórios.
 dashboard.reinit_missing_repos=Reinicializar todos os repositórios Git perdidos cujos registros existem
 dashboard.sync_external_users=Sincronizar dados de usuário externo
-dashboard.cleanup_hook_task_table=Limpar tabela hook_task
-dashboard.cleanup_packages=Limpar pacotes expirados
 dashboard.server_uptime=Tempo de atividade do Servidor
 dashboard.current_goroutine=Goroutines Atuais
 dashboard.current_memory_usage=Uso de memória atual
@@ -2638,7 +2522,6 @@ dashboard.last_gc_pause=Última pausa do GC
 dashboard.gc_times=Nº de execuções do GC
 dashboard.update_checker=Verificador de atualização
 dashboard.delete_old_system_notices=Excluir todos os avisos de sistema antigos do banco de dados
-dashboard.gc_lfs=Coletar lixos dos meta-objetos LFS
 
 users.user_manage_panel=Gerenciamento de conta de usuário
 users.new_account=Criar conta de usuário
@@ -2652,7 +2535,6 @@ users.2fa=2FA
 users.repos=Repositórios
 users.created=Criado
 users.last_login=Último acesso
-users.never_login=Nunca acessado
 users.send_register_notify=Enviar notificação de cadastro de usuário
 users.new_success=Usuário "%s" criado.
 users.edit=Editar
@@ -2679,7 +2561,6 @@ users.still_own_repo=Este usuário ainda possui um ou mais repositórios. Exclua
 users.still_has_org=Este usuário é membro de uma organização. Remova o usuário de qualquer organização primeiro.
 users.purge=Eliminar usuário
 users.purge_help=Exclua forçosamente o usuário e quaisquer repositórios, organizações e pacotes pertencentes ao usuário. Todos os comentários também serão excluídos.
-users.still_own_packages=Este usuário é dono de um ou mais pacotes. Exclua estes pacotes antes de continuar.
 users.deletion_success=A conta de usuário foi excluída.
 users.reset_2fa=Reinicializar 2FA
 users.list_status_filter.menu_text=Filtro
@@ -2699,11 +2580,7 @@ users.details=Detalhes do usuário
 emails.email_manage_panel=Gerenciamento de E-mail de Usuário
 emails.primary=Principal
 emails.activated=Ativado
-emails.filter_sort.email=E-mail
-emails.filter_sort.email_reverse=E-mail (reverso)
-emails.filter_sort.name=Nome de Usuário
-emails.filter_sort.name_reverse=Nome de Usuário (reverso)
-emails.updated=E-mail atualizado
+emails.filter_sort.name=Nome de usuário
 emails.not_updated=Falha ao atualizar o endereço de e-mail solicitado: %v
 emails.duplicate_active=Este endereço de e-mail já está ativo para um usuário diferente.
 emails.change_email_header=Atualizar Propriedades do E-mail
@@ -2817,26 +2694,18 @@ auths.oauth2_required_claim_name_helper=Defina este nome para permitir o login d
 auths.oauth2_required_claim_value=Valor do Claim Obrigatorio
 auths.oauth2_required_claim_value_helper=Defina este valor para permitir o login desta fonte apenas para usuários que tenham um claim com este nome e valor
 auths.oauth2_group_claim_name=Nome do claim que fornece os nomes dos grupos para esta fonte. (Opcional)
-auths.oauth2_admin_group=Valor do Claim de Grupo para os usuários administradores. (Opcional - requer nome do claim acima)
-auths.oauth2_restricted_group=Valor do Claim de Grupo para os usuários restritos. (Opcional - requer nome do claim acima)
-auths.oauth2_map_group_to_team=Mapear grupos para Organizações. (Opcional - requer nome do claim acima)
 auths.oauth2_map_group_to_team_removal=Remover usuários de equipes sincronizadas se o usuário não pertence ao grupo correspondente.
 auths.enable_auto_register=Habilitar cadastro automático
 auths.sspi_auto_create_users=Criar usuários automaticamente
-auths.sspi_auto_create_users_helper=Permitir que o método de autenticação SSPI crie automaticamente novas contas para usuários que fazem o login pela primeira vez
 auths.sspi_auto_activate_users=Ativar usuários automaticamente
 auths.sspi_auto_activate_users_helper=Permitir que o método de autenticação SSPI ative automaticamente novos usuários
 auths.sspi_strip_domain_names=Remover nomes de domínio dos nomes de usuário
-auths.sspi_strip_domain_names_helper=Se marcado, nomes de domínio serão removidos dos nomes de logon (ex. "DOM�NIO\usuário" e "user@examplo.org" ambos se tornarão apenas "usuário").
 auths.sspi_separator_replacement=Separador a ser usado em vez de \, / e @
-auths.sspi_separator_replacement_helper=Caractere a ser usado para substituir os separadores de nomes de logon de nível baixo (ex. os \ em "DOMINIO\usuario") e nomes principais de usuário (ex. @ em "usuario@examplo.org").
 auths.sspi_default_language=Idioma padrão do usuário
-auths.sspi_default_language_helper=Idioma padrão para usuários criados automaticamente pelo método de autenticação SSPI. Deixe em branco se você prefere que o idioma seja detectado automaticamente.
 auths.tips=Dicas
 auths.tips.oauth2.general=Autenticação OAuth2
 auths.tips.oauth2.general.tip=Ao registrar uma nova autenticação OAuth2, o URL de retorno de chamada/redirecionamento deve ser:
 auths.tip.oauth2_provider=Provedor OAuth2
-auths.tip.nextcloud=`Registre um novo consumidor OAuth em sua instância usando o seguinte menu "Configurações -> Segurança -> Cliente OAuth 2.0"`
 auths.tip.mastodon=Insira a URL da instância personalizada do mastodon que você deseja usar para autenticar (ou use o padrão)
 auths.edit=Editar fonte de autenticação
 auths.activated=Esta fonte de autenticação está ativada
@@ -2878,8 +2747,6 @@ config.ssh_domain=Domínio do servidor SSH
 config.ssh_port=Porta
 config.ssh_listen_port=Porta de escuta
 config.ssh_root_path=Caminho da raiz
-config.ssh_key_test_path=Caminho da chave de teste
-config.ssh_keygen_path=Caminho do keygen ('ssh-keygen')
 config.ssh_minimum_key_size_check=Verificar tamanho mínimo da chave
 config.ssh_minimum_key_sizes=Tamanhos mínimos da chave
 
@@ -2936,7 +2803,6 @@ config.mailer_sendmail_path=Caminho do Sendmail
 config.mailer_sendmail_args=Argumentos extras para o Sendmail
 config.mailer_sendmail_timeout=Tempo limite do Sendmail
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=E-mail (por exemplo, teste@exemplo.com.br)
 config.send_test_mail=Enviar e-mail de teste
 config.send_test_mail_submit=Enviar
 config.test_mail_failed=Ocorreu um erro ao enviar um e-mail de teste para "%s": %v
@@ -3013,7 +2879,6 @@ monitor.queue.numberworkers=Número de executores
 monitor.queue.maxnumberworkers=Número máximo de executores
 monitor.queue.numberinqueue=Número na Fila
 monitor.queue.settings.title=Configurações do conjunto
-monitor.queue.settings.maxnumberworkers=Número máximo de executores
 monitor.queue.settings.maxnumberworkers.placeholder=Atualmente %[1]d
 monitor.queue.settings.maxnumberworkers.error=Número máximo de executores deve ser um número
 monitor.queue.settings.submit=Atualizar configurações
@@ -3116,8 +2981,6 @@ error.no_committer_account=Nenhuma conta vinculada ao e-mail do autor do commit
 error.no_gpg_keys_found=Nenhuma chave conhecida encontrada para esta assinatura no banco de dados
 error.not_signed_commit=Não é um commit assinado
 error.failed_retrieval_gpg_keys=Falha em obter qualquer chave anexada à conta do autor do commit
-error.probable_bad_signature=AVISO! Embora exista uma chave com este ID no banco de dados, ela não verifica este commit! Este commit é SUSPEITO.
-error.probable_bad_default_signature=AVISO! Embora a chave padrão tenha este ID, ela não verifica este commit! Este commit é SUSPEITO.
 
 [units]
 unit=Unidade
@@ -3153,7 +3016,6 @@ versions=Versões
 versions.view_all=Ver todas
 dependency.id=ID
 dependency.version=Versão
-alpine.registry=Configure este registro adicionando o URL no arquivo <code>/etc/apk/repositories</code>:
 alpine.registry.key=Baixe a chave RSA pública do registro para a pasta <code>/etc/apk/keys/</code> para verificar a assinatura do índice:
 alpine.registry.info=Escolha o $branch e $repository da lista abaixo.
 alpine.install=Para instalar o pacote, execute o seguinte comando:
@@ -3163,18 +3025,13 @@ alpine.repository.architectures=Arquiteturas
 arch.repository=Informações do repositório
 arch.repository.repositories=Repositórios
 arch.repository.architectures=Arquiteturas
-cargo.registry=Configurar este registro no arquivo de configuração de Cargo (por exemplo <code>~/.cargo/config.toml</code>):
 cargo.install=Para instalar o pacote usando Cargo, execute o seguinte comando:
-chef.registry=Configure este registro em seu arquivo <code>~/.chef/config.rb</code>:
 chef.install=Para instalar o pacote, execute o seguinte comando:
-composer.registry=Configure este registro em seu arquivo <code>~/.composer/config.json</code>:
 composer.install=Para instalar o pacote usando o Composer, execute o seguinte comando:
 composer.dependencies=Dependências
 composer.dependencies.development=Dependências de Desenvolvimento
 conan.details.repository=Repositório
-conan.registry=Configure este registro pela linha de comando:
 conan.install=Para instalar o pacote usando o Conan, execute o seguinte comando:
-conda.registry=Configure este registro como um repositório Conda no arquivo <code>.condarc</code>:
 conda.install=Para instalar o pacote usando o Conda, execute o seguinte comando:
 container.details.type=Tipo de Imagem
 container.details.platform=Plataforma
@@ -3184,9 +3041,7 @@ container.layers=Camadas da Imagem
 container.labels=Rótulos
 container.labels.key=Chave
 container.labels.value=Valor
-cran.registry=Configure este registro no arquivo <code>Rprofile.site</code>:
 cran.install=Para instalar o pacote, execute o seguinte comando:
-debian.registry=Configure este registro pela linha de comando:
 debian.registry.info=Escolha uma $distribution e um $component da lista abaixo:
 debian.install=Para instalar o pacote, execute o seguinte comando:
 debian.repository=Informações do repositório
@@ -3195,16 +3050,11 @@ debian.repository.components=Componentes
 debian.repository.architectures=Arquiteturas
 generic.download=Baixar pacote pela linha de comando:
 go.install=Instale o pacote usando o comando:
-helm.registry=Configurar este registro pela linha de comando:
 helm.install=Para instalar o pacote, execute o seguinte comando:
-maven.registry=Configure este registro no arquivo <code>pom.xml</code> do seu projeto:
-maven.install=Para usar o pacote inclua o seguinte no bloco de <code>dependencies</code> no arquivo <code>pom.xml</code>:
 maven.install2=Executar via linha de comando:
 maven.download=Para baixar a dependência, execute via linha de comando:
-nuget.registry=Configurar este registro pela linha de comando:
 nuget.install=Para instalar o pacote usando NuGet, execute o seguinte comando:
 nuget.dependency.framework=Estrutura Alvo
-npm.registry=Configure este registro no arquivo <code>.npmrc</code> do seu projeto:
 npm.install=Para instalar o pacote usando o npm, execute o seguinte comando:
 npm.install2=ou adicione-o ao arquivo package.json:
 npm.dependencies=Dependências
@@ -3215,7 +3065,6 @@ npm.details.tag=Tag
 pub.install=Para instalar o pacote usando Dart, execute o seguinte comando:
 pypi.requires=Requer Python
 pypi.install=Para instalar o pacote usando pip, execute o seguinte comando:
-rpm.registry=Configure este registro pela linha de comando:
 rpm.distros.redhat=em distribuições baseadas no RedHat
 rpm.distros.suse=em distribuições baseadas no SUSE
 rpm.install=Para instalar o pacote, execute o seguinte comando:
@@ -3227,7 +3076,6 @@ rubygems.dependencies.runtime=Dependências de Execução
 rubygems.dependencies.development=Dependências de Desenvolvimento
 rubygems.required.ruby=Requer o Ruby versão
 rubygems.required.rubygems=Requer o RubyGem versão
-swift.registry=Configure este registro pela linha de comando:
 swift.install=Adicione o pacote em seu arquivo <code>Package.swift</code>:
 swift.install2=e execute o seguinte comando:
 vagrant.install=Para adicionar uma Vagrant box, execute o seguinte comando:
@@ -3247,7 +3095,6 @@ owner.settings.cargo.initialize.error=Falha ao inicializar índice Cargo: %v
 owner.settings.cargo.initialize.success=O índice Cargo foi criado com sucesso.
 owner.settings.cargo.rebuild=Reconstruir �ndice
 owner.settings.cargo.rebuild.error=Falha ao reconstruir índice Cargo: %v
-owner.settings.cargo.rebuild.success=O índice Cargo foi reconstruído com sucesso.
 owner.settings.cleanuprules.title=Gerenciar Regras de Limpeza
 owner.settings.cleanuprules.add=Adicionar Regra de Limpeza
 owner.settings.cleanuprules.edit=Editar Regra de Limpeza
@@ -3274,12 +3121,13 @@ owner.settings.chef.keypair=Gerar par de chaves
 secrets=Segredos
 description=Os segredos serão passados a certas ações e não poderão ser lidos de outra forma.
 none=Não há segredos ainda.
-creation=Adicionar Segredo
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Descrição
 creation.name_placeholder=apenas caracteres alfanuméricos ou underline (_), não pode começar com GITEA_ ou GITHUB_
 creation.value_placeholder=Insira qualquer conteúdo. Espaços em branco no início e no fim serão omitidos.
-creation.success=O segredo "%s" foi adicionado.
-creation.failed=Falha ao adicionar segredo.
+
+
 deletion=Excluir segredo
 deletion.description=A exclusão de um segredo é permanente e não pode ser desfeita. Continuar?
 deletion.success=O segredo foi excluído.
@@ -3327,7 +3175,6 @@ runners.delete_runner=Deletar esse runner
 runners.delete_runner_success=Runner excluído com sucesso
 runners.delete_runner_failed=Falha ao excluir runner
 runners.delete_runner_header=Confirme para excluir este runner
-runners.delete_runner_notice=Se uma tarefa estiver sendo executada neste runner, ela será encerrada e marcada como falha. Pode quebrar o workflow de construção.
 runners.none=Nenhum runner disponível
 runners.status.unspecified=Desconhecido
 runners.status.idle=Inativo
diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index 8b4d66a718..099d4a7816 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -44,7 +44,7 @@ webauthn_use_twofa=Usar um código de dois passos do seu telefone
 webauthn_error=Não foi possível ler a sua chave de segurança.
 webauthn_unsupported_browser=O seu navegador não oferece suporte ao WebAuthn.
 webauthn_error_unknown=Ocorreu um erro desconhecido. Tente novamente, por favor.
-webauthn_error_insecure=`WebAuthn apenas suporta conexões seguras. Para testar sobre HTTP, pode usar a origem "localhost" ou "127.0.0.1"`
+webauthn_error_insecure=WebAuthn apenas suporta conexões seguras. Para testar sobre HTTP, pode usar a origem "localhost" ou "127.0.0.1".
 webauthn_error_unable_to_process=O servidor não conseguiu processar o seu pedido.
 webauthn_error_duplicated=A chave de segurança não é permitida neste pedido. Certifique-se de que a chave não está já registada.
 webauthn_error_empty=Tem de definir um nome para esta chave.
@@ -117,6 +117,7 @@ files=Ficheiros
 
 error=Erro
 error404=A página que pretende aceder <strong>não existe</strong> ou <strong>não tem autorização</strong> para a ver.
+error503=O servidor não conseguiu concluir o seu pedido. Tente novamente mais tarde.
 go_back=Voltar
 invalid_data=Dados inválidos: %v
 
@@ -129,6 +130,7 @@ pin=Fixar
 unpin=Desafixar
 
 artifacts=Artefactos
+expired=Expirado
 confirm_delete_artifact=Tem a certeza que quer eliminar este artefacto "%s"?
 
 archived=Arquivado
@@ -166,7 +168,7 @@ no_results_found=Não foram encontrados quaisquer resultados.
 internal_error_skipped=Ocorreu um erro interno mas foi ignorado: %s
 
 [search]
-search=Pesquisar...
+search=Pesquisar…
 type_tooltip=Tipo de pesquisa
 fuzzy=Aproximada
 fuzzy_tooltip=Incluir também os resultados que estejam próximos do termo de pesquisa
@@ -176,23 +178,23 @@ regexp=Regexp
 regexp_tooltip=Incluir apenas os resultados que correspondam ao termo de pesquisa com expressões regulares
 exact=Fiel
 exact_tooltip=Incluir somente os resultados que correspondam rigorosamente ao termo de pesquisa
-repo_kind=Pesquisar repositórios...
-user_kind=Pesquisar utilizadores...
-org_kind=Pesquisar organizações...
-team_kind=Pesquisar equipas...
-code_kind=Pesquisar código...
+repo_kind=Pesquisar repositórios…
+user_kind=Pesquisar utilizadores…
+org_kind=Pesquisar organizações…
+team_kind=Pesquisar equipas…
+code_kind=Pesquisar código-fonte…
 code_search_unavailable=A pesquisa de código não está disponível, neste momento. Entre em contacto com o administrador.
 code_search_by_git_grep=Os resultados da pesquisa no código-fonte neste momento são fornecidos pelo "git grep". Esses resultados podem ser melhores se o administrador habilitar o indexador do repositório.
-package_kind=Pesquisar pacotes...
-project_kind=Pesquisar planeamentos...
-branch_kind=Pesquisar ramos...
-tag_kind=Pesquisar etiquetas...
+package_kind=Pesquisar pacotes…
+project_kind=Pesquisar planeamentos…
+branch_kind=Pesquisar ramos…
+tag_kind=Pesquisar etiquetas…
 tag_tooltip=Pesquisar etiquetas correspondentes. Use '%' para corresponder a qualquer sequência de números.
-commit_kind=Pesquisar cometimentos...
-runner_kind=Pesquisar executores...
+commit_kind=Pesquisar cometimentos…
+runner_kind=Pesquisar executores…
 no_results=Não foram encontrados resultados correspondentes.
-issue_kind=Pesquisar questões...
-pull_kind=Pesquisar puxadas...
+issue_kind=Pesquisar questões…
+pull_kind=Pesquisar puxadas…
 keyword_search_unavailable=Pesquisar por palavra-chave não está disponível, neste momento. Entre em contacto com o administrador.
 
 [aria]
@@ -228,8 +230,8 @@ buttons.enable_monospace_font=Habilitar tipo de letra mono-espaçado
 buttons.disable_monospace_font=Desabilitar tipo de letra mono-espaçado
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
+string.asc=A–Z
+string.desc=Z–A
 
 [error]
 occurred=Ocorreu um erro
@@ -250,7 +252,7 @@ license_desc=Vá buscar <a target="_blank" rel="noopener noreferrer" href="%[1]s
 
 [install]
 install=Instalação
-installing_desc=Instalando agora, por favor aguarde...
+installing_desc=Instalando agora, por favor aguarde…
 title=Configuração inicial
 docker_helper=Se correr o Gitea dentro do Docker, leia a <a target="_blank" rel="noopener noreferrer" href="%s">documentação</a> antes de alterar quaisquer configurações.
 require_db_desc=Gitea requer MySQL, PostgreSQL, MSSQL, SQLite3 ou TiDB (protocolo MySQL).
@@ -267,15 +269,15 @@ path=Localização
 sqlite_helper=Localização do ficheiro da base de dados em SQLite3.<br>Insira um caminho absoluto se corre o Gitea como um serviço.
 reinstall_error=Está a tentar instalar numa base de dados do Gitea já existente
 reinstall_confirm_message=Reinstalar com uma base de dados do Gitea já existente pode causar múltiplos problemas. Na maioria dos casos deve usar o seu "app.ini" existente para correr o Gitea. Se souber o que está a fazer, confirme o seguinte:
-reinstall_confirm_check_1=Os dados encriptados pela chave secreta (SECRET_KEY) no ficheiro app.ini poderão ser perdidos: utilizadores poderão não ser capazes de iniciar a sessão com autenticação em dois passos (2FA) ou com chaves de utilização única (OTP) e as réplicas poderão deixar de funcionar em boas condições. Ao marcar esta opção estará a confirmar que o ficheiro app.ini vigente contém a SECRET_KEY certa.
-reinstall_confirm_check_2=Os repositórios e as configurações poderão ter de voltar a ser sincronizados. Ao marcar esta opção estará a confirmar que vai voltar a sincronizar manualmente os automatismos para os repositórios e o ficheiro authorized_keys. Estará também a confirmar que vai assegurar que as configurações do repositório e das réplicas estão em condições.
+reinstall_confirm_check_1=Os dados encriptados pela chave secreta (SECRET_KEY) no ficheiro app.ini poderão ser perdidos: os utilizadores poderão não ser capazes de iniciar a sessão com autenticação em dois passos (2FA) ou com chaves de utilização única (OTP) e as réplicas poderão deixar de funcionar adequadamente. Ao marcar esta opção estará a confirmar que o ficheiro app.ini vigente contém a SECRET_KEY certa.
+reinstall_confirm_check_2=Os repositórios e as configurações poderão ter de voltar a ser sincronizados. Ao marcar esta opção estará a confirmar que vai voltar a sincronizar manualmente os automatismos para os repositórios e o ficheiro authorized_keys. Estará também a confirmar que vai assegurar que as configurações do repositório e das réplicas estão certas.
 reinstall_confirm_check_3=Você confirma que tem a certeza absoluta de que este Gitea está a correr com a localização certa do ficheiro app.ini e que tem a certeza de que tem de voltar a instalar. Você confirma que tomou conhecimento dos riscos acima descritos.
 err_empty_db_path=A localização da base de dados SQLite3 não pode estar vazia.
 no_admin_and_disable_registration=Não pode desabilitar a auto-inscrição de utilizadores sem criar uma conta de administrador.
 err_empty_admin_password=A senha do administrador não pode estar em branco.
-err_empty_admin_email=O email do administrador não pode estar em branco.
+err_empty_admin_email=O endereço de email do administrador não pode estar em branco.
 err_admin_name_is_reserved=O nome de utilizador do administrador é inválido porque está reservado
-err_admin_name_pattern_not_allowed=O nome de utilizador do administrador é inválido porque corresponde a um padrão reservado
+err_admin_name_pattern_not_allowed=O nome de utilizador do administrador é inválido porque corresponde a um padrão reservado.
 err_admin_name_is_invalid=O nome de utilizador do administrador é inválido
 
 general_title=Configurações gerais
@@ -356,7 +358,7 @@ no_reply_address=Domínio dos emails ocultos
 no_reply_address_helper=Nome de domínio para utilizadores com um endereço de email oculto. Por exemplo, o nome de utilizador 'silva' será registado no Git como 'silva@semresposta.exemplo.org' se o domínio de email oculto estiver definido como 'semresposta.exemplo.org'.
 password_algorithm=Algoritmo de Hash da Senha
 invalid_password_algorithm=Algoritmo de hash da senha inválido
-password_algorithm_helper=Definir o algoritmo de hash da senha. Os algoritmos têm requisitos e resistência distintos. `argon2` é bastante seguro, mas usa muita memória e pode ser inapropriado para sistemas pequenos.
+password_algorithm_helper=Definir o algoritmo de hash da senha. Os algoritmos têm requisitos e resistências distintos. `argon2` é bastante seguro, mas usa muita memória e pode ser inapropriado para sistemas pequenos.
 enable_update_checker=Habilitar verificador de novidades
 enable_update_checker_helper=Verifica, periodicamente, se foi lançada alguma versão nova, fazendo uma ligação ao gitea.io.
 env_config_keys=Configuração do ambiente
@@ -419,6 +421,7 @@ remember_me.compromised=O identificador da sessão já não é válido, o que po
 forgot_password_title=Esqueci-me da senha
 forgot_password=Esqueceu a sua senha?
 need_account=Precisa de uma conta?
+sign_up_tip=Você está a registar a primeira conta no sistema, que tem privilégios de administrador. Guarde cuidadosamente o nome de utilizador e a senha. Se se esquecer do nome de utilizador ou da senha, consulte a documentação do Gitea para recuperar a conta.
 sign_up_now=Inscreva-se agora.
 sign_up_successful=A conta foi criada com sucesso. Bem-vindo/a!
 confirmation_mail_sent_prompt_ex=Foi enviado um email de confirmação para <b>%s</b>. Verifique a sua caixa de entrada dentro de %s para completar o processo de registo. Se o seu endereço de email de registo estiver errado, pode iniciar a sessão novamente e mudá-lo.
@@ -449,6 +452,7 @@ use_scratch_code=Usar um código de recuperação
 twofa_scratch_used=Você usou o seu código de recuperação. Foi reencaminhado para a página de configurações da autenticação em dois passos para poder remover o registo do seu dispositivo ou gerar um novo código de recuperação.
 twofa_passcode_incorrect=A senha está errada. Se perdeu o seu dispositivo, use o código de recuperação para iniciar a sessão.
 twofa_scratch_token_incorrect=O código de recuperação está errado.
+twofa_required=Tem de configurar a autenticação em dois passos para obter acesso aos repositórios ou então tentar iniciar a sessão novamente.
 login_userpass=Iniciar sessão
 login_openid=OpenID
 oauth_signup_tab=Fazer inscrição
@@ -467,13 +471,13 @@ openid_connect_desc=O URI do OpenID escolhido é desconhecido. Associe-o a uma n
 openid_register_title=Criar uma conta nova
 openid_register_desc=O URI do OpenID escolhido é desconhecido. Associe-o a uma nova conta aqui.
 openid_signin_desc=Insira o seu URI OpenID. Por exemplo: alice.openid.exemplo.org or https://openid.exemplo.org/alice.
-disable_forgot_password_mail=A recuperação de conta está desabilitada porque não foi definido o email. Entre em contacto com o administrador do sítio.
-disable_forgot_password_mail_admin=A recuperação de conta só está disponível quando o email está configurado. Por favor, configure o email para permitir a recuperação de conta.
+disable_forgot_password_mail=A recuperação de conta está desabilitada porque não foi definido um endereço de email. Entre em contacto com o administrador do sítio.
+disable_forgot_password_mail_admin=A recuperação de conta só está disponível quando está configurado um endereço de email.
 email_domain_blacklisted=Não pode fazer um registo com o seu endereço de email.
 authorize_application=Autorizar aplicação
 authorize_redirect_notice=Irá ser reencaminhado para %s se autorizar esta aplicação.
 authorize_application_created_by=Esta aplicação foi criada por %s.
-authorize_application_description=Se conceder acesso, a aplicação terá privilégios para alterar toda a informação da conta, incluindo repositórios e organizações privados.
+authorize_application_description=Se conceder o acesso, a aplicação terá privilégios para aceder e alterar toda a informação da sua conta, incluindo organizações e repositórios privados.
 authorize_application_with_scopes=Com âmbitos: %s
 authorize_title=Autorizar o acesso de "%s" à sua conta?
 authorization_failed=A autorização falhou
@@ -502,7 +506,7 @@ activate_email.text=Por favor clique na seguinte ligação para validar o seu en
 
 register_notify=Bem-vindo(a) a %s
 register_notify.title=%[1]s, bem-vindo(a) a %[2]s
-register_notify.text_1=este é o seu email de confirmação de registo para %s!
+register_notify.text_1=Este é o seu email de confirmação de registo para %s!
 register_notify.text_2=Agora pode iniciar a sessão com o nome de utilizador: %s.
 register_notify.text_3=Se esta conta foi criada para si, <a href="%s">defina a sua senha</a> primeiro.
 
@@ -541,7 +545,7 @@ release.download.targz=Código fonte (TAR.GZ)
 repo.transfer.subject_to=%s gostaria de transferir "%s" para %s
 repo.transfer.subject_to_you=%s gostaria de transferir "%s" para si
 repo.transfer.to_you=você
-repo.transfer.body=Para o aceitar ou rejeitar visite %s, ou ignore-o, simplesmente.
+repo.transfer.body=Para o aceitar ou rejeitar, visite %s ou ignore-o, simplesmente.
 
 repo.collaborator.added.subject=%s adicionou você a %s
 repo.collaborator.added.text=Foi adicionado(a) como colaborador(a) do repositório:
@@ -593,7 +597,7 @@ url_error=`"%s" não é um URL válido.`
 include_error=` tem que conter o texto "%s".`
 glob_pattern_error=` o padrão glob é inválido: %s.`
 regex_pattern_error=` o padrão regex é inválido: %s.`
-username_error=` só pode conter caracteres alfanuméricos ('0-9','a-z','A-Z'), hífen ('-'), sublinhado ('_') e ponto ('.') Não pode começar nem terminar com caracteres não alfanuméricos, e caracteres não alfanuméricos consecutivos também são proibidos.`
+username_error=` só pode conter caracteres alfanuméricos ('0-9','a-z','A-Z'), hífen ('-'), sublinhado ('_') e ponto ('.') Não pode começar nem terminar com caracteres não alfanuméricos e caracteres não alfanuméricos consecutivos também são proibidos.`
 invalid_group_team_map_error=` o mapeamento é inválido: %s`
 unknown_error=Erro desconhecido:
 captcha_incorrect=O código CAPTCHA está errado.
@@ -618,7 +622,7 @@ team_name_been_taken=O nome da equipa já foi tomado.
 team_no_units_error=Permitir acesso a pelo menos uma secção do repositório.
 email_been_used=O endereço de email já está em uso.
 email_invalid=O endereço de email é inválido.
-email_domain_is_not_allowed=O domínio do email de utilizador <b>%s</b> entra en conflito com o EMAIL_DOMAIN_ALLOWLIST ou com o EMAIL_DOMAIN_BLOCKLIST. Verifique se a operação estava prevista.
+email_domain_is_not_allowed=O domínio do endereço de email do utilizador <b>%s</b> entra en conflito com o EMAIL_DOMAIN_ALLOWLIST ou com o EMAIL_DOMAIN_BLOCKLIST. Verifique se a operação estava prevista.
 openid_been_used=O endereço OpenID "%s" já está em uso.
 username_password_incorrect=O nome de utilizador ou a senha estão errados.
 password_complexity=A senha não passa nos requisitos de complexidade:
@@ -643,14 +647,14 @@ invalid_ssh_key=Não é possível validar a sua chave SSH: %s
 invalid_gpg_key=Não é possível validar a sua chave GPG: %s
 invalid_ssh_principal=Protagonista inválido: %s
 must_use_public_key=A chave que você forneceu é privada. Não carregue a sua chave em lugar nenhum, em vez disso use a sua chave pública.
-unable_verify_ssh_key=Não é possível validar a chave SSH, verifique se tem erros.
+unable_verify_ssh_key=Não é possível validar a chave SSH. Verifique se tem erros.
 auth_failed=Falhou a autenticação: %v
 
-still_own_repo=A sua conta possui um ou mais repositórios, elimine-os ou transfira-os primeiro.
-still_has_org=A sua conta é membro de uma ou mais organizações, saia delas primeiro.
-still_own_packages=A sua conta possui um ou mais pacotes, elimine-os primeiro.
-org_still_own_repo=Esta organização ainda possui um ou mais repositórios, elimine-os ou transfira-os primeiro.
-org_still_own_packages=Esta organização ainda possui um ou mais pacotes, elimine-os primeiro.
+still_own_repo=A sua conta possui um ou mais repositórios. Elimine-os ou transfira-os primeiro.
+still_has_org=A sua conta é membro de uma ou mais organizações. Saia delas primeiro.
+still_own_packages=A sua conta possui um ou mais pacotes. Elimine-os primeiro.
+org_still_own_repo=Esta organização ainda possui um ou mais repositórios. Elimine-os ou transfira-os primeiro.
+org_still_own_packages=Esta organização ainda possui um ou mais pacotes. Elimine-os primeiro.
 
 target_branch_not_exist=O ramo de destino não existe.
 target_ref_not_exist=A referência de destino não existe %s
@@ -685,7 +689,7 @@ form.name_chars_not_allowed=O nome de utilizador "%s" contém caracteres inváli
 
 block.block=Bloquear
 block.block.user=Bloquear utilizador
-block.block.org=Bloquear utilizador para a organização
+block.block.org=Bloquear utilizador da organização
 block.block.failure=Falhou o bloqueio do utilizador: %s
 block.unblock=Desbloquear
 block.unblock.failure=Falhou o desbloqueio do utilizador: %s
@@ -730,8 +734,8 @@ public_profile=Perfil público
 biography_placeholder=Conte-nos um pouco sobre si! (Pode usar Markdown)
 location_placeholder=Partilhe a sua localização aproximada com outros
 profile_desc=Controle como o seu perfil é apresentado aos outros utilizadores. O seu endereço de email principal será usado para notificações, recuperação de senha e operações Git baseadas na web.
-password_username_disabled=Não tem permissão para alterar os nomes de utilizador deles/delas. Entre em contacto com o administrador para saber mais detalhes.
-password_full_name_disabled=Não tem permissão para alterar o nome completo deles/delas. Entre em contacto com o administrador para saber mais detalhes.
+password_username_disabled=Não tem permissão para alterar o seu nome de utilizador. Entre em contacto com o administrador para saber mais detalhes.
+password_full_name_disabled=Não tem permissão para alterar o seu nome completo. Entre em contacto com o administrador para saber mais detalhes.
 full_name=Nome completo
 website=Sítio web
 location=Localização
@@ -749,7 +753,7 @@ cancel=Cancelar
 language=Idioma
 ui=Tema
 hidden_comment_types=Tipos de comentários ocultos
-hidden_comment_types_description=Os tipos de comentário marcados aqui não serão mostrados dentro das páginas das questões. Marcar "Rótulo", por exemplo, remove todos os comentários "{user} adicionou/removeu {label}".
+hidden_comment_types_description=Os tipos de comentário marcados aqui não serão mostrados nas páginas das questões. Marcar "Rótulo", por exemplo, remove todos os comentários "{utilizador} adicionou/removeu {rótulo}".
 hidden_comment_types.ref_tooltip=Comentários onde esta questão foi referenciada a partir de outra questão/cometimento/…
 hidden_comment_types.issue_ref_tooltip=Comentários onde o utilizador altera o ramo/etiqueta associado à questão
 comment_type_group_reference=Referência
@@ -798,17 +802,17 @@ manage_openid=Gerir endereços OpenID
 email_desc=O seu endereço de email principal irá ser usado para notificações, recuperação de senha e, desde que não esteja oculto, operações Git baseados na web.
 theme_desc=Este será o seu tema padrão em todo o sítio.
 theme_colorblindness_help=Suporte a temas para daltónicos
-theme_colorblindness_prompt=O Gitea acabou de obter alguns temas com suporte básico para daltónicos que têm apenas algumas cores definidas. O trabalho ainda está em andamento. Poderiam ser feitos mais melhoramentos se fossem definidas mais cores nos ficheiros CSS do tema.
+theme_colorblindness_prompt=O Gitea apenas tem alguns temas com suporte básico para daltónicos que têm apenas algumas cores definidas. O trabalho ainda está em andamento. Poderiam ser feitos mais melhoramentos se fossem definidas mais cores nos ficheiros CSS do tema.
 primary=Principal
 activated=Em uso
 requires_activation=Tem que ser habilitado
 primary_email=Tornar no principal
 activate_email=Enviar pedido de verificação
 activations_pending=Habilitações pendentes
-can_not_add_email_activations_pending=Existe uma validação pendente. Tente de novo dentro de alguns minutos, se quiser adicionar um novo email.
+can_not_add_email_activations_pending=Existe uma validação pendente. Tente de novo dentro de alguns minutos, se quiser adicionar um novo endereço de email.
 delete_email=Remover
 email_deletion=Remover endereço de email
-email_deletion_desc=O endereço de email e informações relacionadas serão removidos da sua conta. Os cometimentos feitos no Git com este endereço de email permanecerão inalterados. Quer continuar?
+email_deletion_desc=Este endereço de email e informações relacionadas serão removidos da sua conta. Os cometimentos feitos no Git com este endereço de email permanecerão inalterados. Quer continuar?
 email_deletion_success=O endereço de email foi removido.
 theme_update_success=O seu tema foi substituído.
 theme_update_error=O tema escolhido não existe.
@@ -851,7 +855,7 @@ gpg_key_matched_identities_long=As identidades incorporadas nesta chave correspo
 gpg_key_verified=Chave validada
 gpg_key_verified_long=A chave foi validada com um código e pode ser usada para validar cometimentos que correspondam a qualquer dos endereços de email em uso por parte deste utilizador, para além das identidades correspondentes a esta chave.
 gpg_key_verify=Validar
-gpg_invalid_token_signature=A chave GPG, assinatura ou código fornecidos não correspondem ou então o código expirou.
+gpg_invalid_token_signature=A chave GPG, assinatura ou código fornecidos não correspondem, ou então o código expirou.
 gpg_token_required=Tem que fornecer uma assinatura para o código abaixo
 gpg_token=Código
 gpg_token_help=Pode gerar uma assinatura usando o seguinte comando:
@@ -861,7 +865,7 @@ verify_gpg_key_success=A chave GPG "%s" foi validada.
 ssh_key_verified=Chave validada
 ssh_key_verified_long=A chave foi validada com um código e pode ser usada para validar cometimentos que correspondam a qualquer dos endereços de email em uso por parte deste utilizador.
 ssh_key_verify=Validar
-ssh_invalid_token_signature=A chave SSH, assinatura ou código fornecidos não correspondem ou então o código expirou.
+ssh_invalid_token_signature=A chave SSH, assinatura ou código fornecidos não correspondem, ou então o código expirou.
 ssh_token_required=Tem que fornecer uma assinatura para o código abaixo
 ssh_token=Código
 ssh_token_help=Pode gerar uma assinatura usando o seguinte comando:
@@ -882,7 +886,7 @@ gpg_key_deletion=Remover chave GPG
 ssh_principal_deletion=Remover Protagonista de Certificado SSH
 ssh_key_deletion_desc=Remover uma chave SSH revoga o acesso dessa chave à sua conta. Quer continuar?
 gpg_key_deletion_desc=Remover uma chave GPG retira as validações feitas sobre os cometimentos assinados com ela. Quer continuar?
-ssh_principal_deletion_desc=Remover um Protagonista de Certificado SSH revoga o seu acesso à sua conta. Quer continuar?
+ssh_principal_deletion_desc=Remover um Protagonista de Certificado SSH revoga o acesso dele à sua conta. Quer continuar?
 ssh_key_deletion_success=A chave SSH foi removida.
 gpg_key_deletion_success=A chave GPG foi removida.
 ssh_principal_deletion_success=O protagonista foi removido.
@@ -926,6 +930,9 @@ permission_not_set=Não definido
 permission_no_access=Sem acesso
 permission_read=Lidas
 permission_write=Leitura e escrita
+permission_anonymous_read=Leitura anónima
+permission_everyone_read=Leitura pública
+permission_everyone_write=Escrita pública
 access_token_desc=As permissões dos códigos escolhidos limitam a autorização apenas às rotas da <a %s>API</a> correspondentes. Leia a <a %s>documentação</a> para obter mais informação.
 at_least_one_permission=Tem que escolher pelo menos uma permissão para criar um código
 permissions_list=Permissões:
@@ -956,7 +963,7 @@ oauth2_application_remove_description=A remoção de uma aplicação OAuth2 impe
 oauth2_application_locked=O Gitea pré-regista algumas aplicações OAuth2 no arranque, se forem habilitadas na configuração. Para evitar comportamentos inesperados, estas não podem ser editadas nem removidas. Consulte a documentação sobre o OAuth2 para obter mais informações.
 
 authorized_oauth2_applications=Aplicações OAuth2 autorizadas
-authorized_oauth2_applications_description=Concedeu acesso à sua conta pessoal do Gitea a estas aplicações de terceiros. Por favor, revogue o acesso às aplicações que já não precisa.
+authorized_oauth2_applications_description=Concedeu acesso à sua conta pessoal do Gitea a estas aplicações de terceiros. Revogue o acesso às aplicações que já não precisa.
 revoke_key=Revogar
 revoke_oauth2_grant=Revogar acesso
 revoke_oauth2_grant_description=Revogar o acesso desta aplicação de terceiros impedi-la-á de aceder aos seus dados. Tem a certeza?
@@ -1014,6 +1021,8 @@ email_notifications.onmention=Enviar email somente quando mencionado(a)
 email_notifications.disable=Desabilitar notificações por email
 email_notifications.submit=Definir preferência do email
 email_notifications.andyourown=e as suas próprias notificações
+email_notifications.actions.desc=Notificações para sequências de trabalho são executadas em repositórios configurados com <a target="_blank" href="%s">Gitea Actions</a>.
+email_notifications.actions.failure_only=Notificar apenas as execuções de sequências de trabalho falhadas
 
 visibility=Visibilidade do utilizador
 visibility.public=Pública
@@ -1095,7 +1104,7 @@ mirror_sync=sincronizado
 mirror_sync_on_commit=Sincronizar quando forem enviados cometimentos
 mirror_address=Clonar a partir do URL
 mirror_address_desc=Coloque, na secção de autorização, as credenciais que, eventualmente, sejam necessárias.
-mirror_address_url_invalid=O URL fornecido é inválido. Tem que codificar adequadamente todos os componentes do URL.
+mirror_address_url_invalid=O URL fornecido é inválido. Certifique-se que codifica adequadamente todos os componentes do URL.
 mirror_address_protocol_invalid=O URL fornecido é inválido. Só se pode replicar a partir de endereços http(s):// ou git://.
 mirror_lfs=Armazenamento de Ficheiros Grandes (LFS)
 mirror_lfs_desc=Habilitar a réplica de dados LFS.
@@ -1113,7 +1122,7 @@ stars=Favoritos
 reactions_more=e mais %d
 unit_disabled=O administrador desabilitou esta secção do repositório.
 language_other=Outros
-adopt_search=Insira o nome de utilizador para procurar repositórios adoptados... (deixe em branco para encontrar todos)
+adopt_search=Insira o nome de utilizador para procurar repositórios adoptados… (deixe em branco para encontrar todos)
 adopt_preexisting_label=Adoptar ficheiros
 adopt_preexisting=Adoptar ficheiros pré-existentes
 adopt_preexisting_content=Criar repositório a partir de %s
@@ -1138,6 +1147,7 @@ transfer.no_permission_to_reject=Você não tem permissão para rejeitar esta tr
 
 desc.private=Privado
 desc.public=Público
+desc.public_access=Acesso público
 desc.template=Modelo
 desc.internal=Interno
 desc.archived=Arquivado
@@ -1154,8 +1164,8 @@ template.issue_labels=Rótulos das questões
 template.one_item=Tem que escolher pelo menos um item do modelo
 template.invalid=Tem que escolher um repositório modelo
 
-archive.title=Este repositório está arquivado. Pode ver os seus ficheiros e cloná-lo, mas não pode fazer envios para o repositório nem lançar questões ou fazer pedidos de integração.
-archive.title_date=Este repositório foi arquivado em %s. Pode ver os ficheiros e cloná-lo, mas não pode fazer envios ou abrir questões ou pedidos de integração.
+archive.title=Este repositório está arquivado. Pode ver os seus ficheiros e cloná-lo. Não pode lançar questões nem fazer pedidos de integração nem fazer envios.
+archive.title_date=Este repositório foi arquivado em %s. Pode ver os ficheiros e cloná-lo. Não pode abrir questões nem fazer pedidos de integração nem enviar cometimentos.
 archive.issue.nocomment=Este repositório está arquivado. Não pode comentar nas questões.
 archive.pull.nocomment=Este repositório está arquivado. Não pode comentar nos pedidos de integração.
 
@@ -1172,7 +1182,7 @@ migrate_options_lfs=Migrar ficheiros LFS
 migrate_options_lfs_endpoint.label=Destino LFS
 migrate_options_lfs_endpoint.description=A migração irá tentar usar o seu controlo remoto do Git para <a target="_blank" rel="noopener noreferrer" href="%s">determinar o servidor LFS</a>. Também pode especificar um destino personalizado se os dados do repositório LFS forem armazenados noutro lugar.
 migrate_options_lfs_endpoint.description.local=Uma localização de servidor local também é suportada.
-migrate_options_lfs_endpoint.placeholder=Se for deixado em branco, o destino será determinado a partir do URL do clone
+migrate_options_lfs_endpoint.placeholder=Se for deixado em branco, o destino será determinado a partir do URL do clone.
 migrate_items=Itens da migração
 migrate_items_wiki=Wiki
 migrate_items_milestones=Etapas
@@ -1184,10 +1194,10 @@ migrate_items_releases=Lançamentos
 migrate_repo=Migrar o repositório
 migrate.clone_address=Migrar / clonar a partir do URL
 migrate.clone_address_desc=O URL de clonagem HTTP(S) ou Git de um repositório existente
-migrate.github_token_desc=Pode colocar aqui um ou mais códigos separados por vírgulas para tornar mais rápida a migração, para compensar a limitação de velocidade da API do GitHub. AVISO: O abuso desta funcionalidade poderá violar a política do seu fornecedor de serviço e levar ao bloqueio da conta.
+migrate.github_token_desc=Pode colocar aqui um ou mais códigos, separados por vírgulas, para tornar mais rápida a migração, para compensar a limitação de velocidade da API do GitHub. AVISO: O abuso desta funcionalidade poderá violar a política do seu fornecedor de serviço e levar ao bloqueio da(s) sua(a) conta(s).
 migrate.clone_local_path=ou uma localização no servidor local
 migrate.permission_denied=Não está autorizado a importar repositórios locais.
-migrate.permission_denied_blocked=Não pode importar de servidores não permitidos, por favor peça ao administrador para verificar as configurações ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
+migrate.permission_denied_blocked=Não pode importar de servidores não permitidos. Peça ao administrador para verificar as configurações ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_local_path=A localização local é inválida. Não existe ou não é uma pasta.
 migrate.invalid_lfs_endpoint=O destino LFS não é válido.
 migrate.failed=A migração falhou: %v
@@ -1195,7 +1205,7 @@ migrate.migrate_items_options=É necessário um código de acesso para migrar it
 migrated_from=Migrado de <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrado de %[1]s
 migrate.migrate=Migrar de %s
-migrate.migrating=Migrando a partir de <b>%s</b> ...
+migrate.migrating=Migrando a partir de <b>%s</b>…
 migrate.migrating_failed=A migração de <b>%s</b> falhou.
 migrate.migrating_failed.error=Falhou a migração: %s
 migrate.migrating_failed_no_addr=A migração falhou.
@@ -1221,6 +1231,7 @@ migrate.migrating_issues=Migrando questões
 migrate.migrating_pulls=Migrando pedidos de integração
 migrate.cancel_migrating_title=Cancelar migração
 migrate.cancel_migrating_confirm=Quer cancelar esta migração?
+migration_status=Estado da migração
 
 mirror_from=réplica de
 forked_from=derivado de
@@ -1243,7 +1254,7 @@ clone_this_repo=Clonar este repositório
 cite_this_repo=Citar este repositório
 create_new_repo_command=Criando um novo repositório na linha de comandos
 push_exist_repo=Enviando, pela linha de comandos, um repositório existente
-empty_message=Este repositório não contém qualquer conteúdo.
+empty_message=Este repositório não tem qualquer conteúdo.
 broken_message=Os dados Git subjacentes a este repositório não podem ser lidos. Contacte o administrador desta instância ou elimine este repositório.
 no_branch=Este repositório não tem quaisquer ramos.
 
@@ -1299,7 +1310,6 @@ file_copy_permalink=Copiar ligação permanente
 view_git_blame=Ver Git Blame
 video_not_supported_in_browser=O seu navegador não suporta a etiqueta 'video' do HTML5.
 audio_not_supported_in_browser=O seu navegador não suporta a etiqueta 'audio' do HTML5.
-stored_lfs=Armazenado com Git LFS
 symbolic_link=Ligação simbólica
 executable_file=Ficheiro executável
 vendored=Externo
@@ -1312,6 +1322,7 @@ commit_graph.color=Colorido
 commit.contained_in=Este cometimento está contido em:
 commit.contained_in_default_branch=Este cometimento é parte do ramo principal
 commit.load_referencing_branches_and_tags=Carregar ramos e etiquetas que referenciem este cometimento
+commit.merged_in_pr=Este cometimento foi integrado dentro do pedido de integração %s.
 blame=Responsabilidade
 download_file=Descarregar ficheiro
 normal_view=Vista normal
@@ -1325,7 +1336,9 @@ editor.upload_file=Carregar ficheiro
 editor.edit_file=Editar ficheiro
 editor.preview_changes=Pré-visualizar modificações
 editor.cannot_edit_lfs_files=Ficheiros LFS não podem ser editados na interface web.
+editor.cannot_edit_too_large_file=O ficheiro é demasiado grande para ser editado.
 editor.cannot_edit_non_text_files=Ficheiros binários não podem ser editados na interface da web.
+editor.file_not_editable_hint=Mas ainda pode renomeá-lo ou movê-lo.
 editor.edit_this_file=Editar ficheiro
 editor.this_file_locked=Ficheiro bloqueado
 editor.must_be_on_a_branch=Tem que estar num ramo para fazer ou propor modificações neste ficheiro.
@@ -1345,7 +1358,7 @@ editor.update=Modificar %s
 editor.delete=Eliminar %s
 editor.patch=Aplicar remendo (patch)
 editor.patching=Remendando (patching):
-editor.fail_to_apply_patch=`Não foi possível aplicar o remendo (patch) "%s"`
+editor.fail_to_apply_patch=Não foi possível aplicar o remendo (patch)
 editor.new_patch=Novo remendo (patch)
 editor.commit_message_desc=Adicionar uma descrição alargada opcional…
 editor.signoff_desc=Adicionar "Assinado-por" seguido do autor do cometimento no fim da mensagem do registo de cometimentos.
@@ -1358,15 +1371,14 @@ editor.new_branch_name_desc=Nome do novo ramo…
 editor.cancel=Cancelar
 editor.filename_cannot_be_empty=O nome do ficheiro não pode estar em branco.
 editor.filename_is_invalid=O nome do ficheiro é inválido: "%s".
-editor.commit_email=Email do cometimento
-editor.invalid_commit_email=O email do comentimento é inválido.
+editor.commit_email=Endereço de email do cometimento
+editor.invalid_commit_email=O endereço de email do comentimento é inválido.
 editor.branch_does_not_exist=O ramo "%s" não existe neste repositório.
 editor.branch_already_exists=O ramo "%s" já existe neste repositório.
 editor.directory_is_a_file=O nome da pasta "%s" já é usado como um nome de ficheiro neste repositório.
-editor.file_is_a_symlink=`"%s" é uma ligação simbólica. Ligações simbólicas não podem ser editadas no editor web`
+editor.file_is_a_symlink=`"%s" é uma ligação simbólica. Ligações simbólicas não podem ser editadas no editor web.`
 editor.filename_is_a_directory=O nome de ficheiro "%s" já está a ser usado como um nome de pasta neste repositório.
-editor.file_editing_no_longer_exists=O ficheiro que está a ser editado, "%s", já não existe neste repositório.
-editor.file_deleting_no_longer_exists=O ficheiro que está a ser eliminado, "%s", já não existe neste repositório.
+editor.file_modifying_no_longer_exists=O ficheiro que está a ser modificado, "%s", já não existe neste repositório.
 editor.file_changed_while_editing=O conteúdo do ficheiro mudou desde que começou a editar. <a target="_blank" rel="noopener noreferrer" href="%s">Clique aqui</a> para ver as modificações ou clique em <strong>Cometer novamente</strong> para escrever por cima.
 editor.file_already_exists=Já existe um ficheiro com o nome "%s" neste repositório.
 editor.commit_id_not_matching=O ID do cometimento não corresponde ao ID de quando começou a editar. Faça o cometimento para um ramo de remendo (patch) e depois faça a integração.
@@ -1374,8 +1386,6 @@ editor.push_out_of_date=O envio parece estar obsoleto.
 editor.commit_empty_file_header=Cometer um ficheiro vazio
 editor.commit_empty_file_text=O ficheiro que está prestes a cometer está vazio. Quer continuar?
 editor.no_changes_to_show=Não existem modificações para mostrar.
-editor.fail_to_update_file=Falhou ao modificar/criar o ficheiro "%s".
-editor.fail_to_update_file_summary=Mensagem de erro:
 editor.push_rejected_no_message=A modificação foi rejeitada pelo servidor sem qualquer mensagem. Verifique os Automatismos do Git.
 editor.push_rejected=A modificação foi rejeitada pelo servidor. Verifique os Automatismos do Git.
 editor.push_rejected_summary=Mensagem completa de rejeição:
@@ -1389,6 +1399,15 @@ editor.user_no_push_to_branch=O utilizador não pode enviar para o ramo
 editor.require_signed_commit=O ramo requer um cometimento assinado
 editor.cherry_pick=Escolher a dedo %s para:
 editor.revert=Reverter %s para:
+editor.failed_to_commit=Falhou ao cometer as modificações.
+editor.failed_to_commit_summary=Mensagem de erro:
+
+editor.fork_create=Faça uma derivação do repositório para propor modificações
+editor.fork_create_description=Não pode editar este repositório. Ao invés disso, crie uma derivação, faça as modificações nessa derivação e crie um pedido de integração.
+editor.fork_edit_description=Não pode editar este repositório. As modificações irão ser escritas na sua derivação <b>%s</b>, para que possa criar um pedido de integração.
+editor.fork_not_editable=Fez uma derivação deste repositório, mas a sua derivação não é editável.
+editor.fork_failed_to_push_branch=Falhou ao enviar o ramo %s para o seu repositório.
+editor.fork_branch_exists=O ramo "%s" já existe na sua derivação. Escolha outro nome para o ramo.
 
 commits.desc=Navegar pelo histórico de modificações no código fonte.
 commits.commits=Cometimentos
@@ -1517,7 +1536,7 @@ issues.remove_labels=removeu os rótulos %s %s
 issues.add_remove_labels=adicionou o(s) rótulo(s) %s e removeu %s %s
 issues.add_milestone_at=`adicionou esta questão à etapa <b>%s</b> %s`
 issues.add_project_at=`adicionou esta questão ao planeamento <b>%s</b> %s`
-issues.move_to_column_of_project=`isto foi movido para %s dentro de %s em %s`
+issues.move_to_column_of_project=`moveu isto para %s em %s %s`
 issues.change_milestone_at=`modificou a etapa de <b>%s</b> para <b>%s</b> %s`
 issues.change_project_at=`modificou o planeamento de <b>%s</b> para <b>%s</b> %s`
 issues.remove_milestone_at=`removeu esta questão da etapa <b>%s</b> %s`
@@ -1546,13 +1565,14 @@ issues.filter_project=Planeamento
 issues.filter_project_all=Todos os planeamentos
 issues.filter_project_none=Nenhum planeamento
 issues.filter_assignee=Encarregado
-issues.filter_assginee_no_assignee=Sem encarregado
-issues.filter_assignee_any_assignee=Atribuído a qualquer pessoa
+issues.filter_assignee_no_assignee=Não atribuída
+issues.filter_assignee_any_assignee=Atribuída a alguém
 issues.filter_poster=Autor(a)
 issues.filter_user_placeholder=Procurar utilizadores
 issues.filter_user_no_select=Todos os utilizadores
 issues.filter_type=Tipo
 issues.filter_type.all_issues=Todas as questões
+issues.filter_type.all_pull_requests=Todos os pedidos de integração
 issues.filter_type.assigned_to_you=Atribuídas a si
 issues.filter_type.created_by_you=Criadas por si
 issues.filter_type.mentioning_you=Mencionando a si
@@ -1644,12 +1664,15 @@ issues.save=Guardar
 issues.label_title=Nome do rótulo
 issues.label_description=Descrição do rótulo
 issues.label_color=Cor do rótulo
+issues.label_color_invalid=Cor inválida
 issues.label_exclusive=Exclusivo
 issues.label_archive=Arquivar rótulo
 issues.label_archived_filter=Mostrar rótulos arquivados
 issues.label_archive_tooltip=Os rótulos arquivados são, por norma, excluídos das sugestões ao pesquisar por rótulo.
 issues.label_exclusive_desc=Nomeie o rótulo <code>âmbito/item</code> para torná-lo mutuamente exclusivo com outros rótulos do <code>âmbito/</code>.
 issues.label_exclusive_warning=Quaisquer rótulos com âmbito que estejam em conflito irão ser removidos ao editar os rótulos de uma questão ou de um pedido de integração.
+issues.label_exclusive_order=Ordenação
+issues.label_exclusive_order_tooltip=Rótulos exclusivos no mesmo âmbito serão ordenados de acordo com esta ordem numérica.
 issues.label_count=%d rótulos
 issues.label_open_issues=%d questões abertas
 issues.label_edit=Editar
@@ -1673,7 +1696,6 @@ issues.pin_comment=fixou isto %s
 issues.unpin_comment=desafixou isto %s
 issues.lock=Bloquear diálogo
 issues.unlock=Desbloquear diálogo
-issues.lock.unknown_reason=Não é possível bloquear uma questão com um motivo desconhecido.
 issues.lock_duplicate=Uma questão não pode ser bloqueada duas vezes.
 issues.unlock_error=Não é possível desbloquear uma questão que não está bloqueada.
 issues.lock_with_reason=bloqueou o diálogo como sendo <strong>%s</strong> e restringiu-o aos colaboradores %s
@@ -1681,7 +1703,7 @@ issues.lock_no_reason=bloqueou o diálogo e restringiu-o aos colaboradores %s
 issues.unlock_comment=desbloqueou este diálogo %s
 issues.lock_confirm=Bloquear
 issues.unlock_confirm=Desbloquear
-issues.lock.notice_1=- Os outros utilizadores deixarão de poder adicionar novos comentários a esta questão.
+issues.lock.notice_1=- Os outros utilizadores não podem adicionar novos comentários a esta questão.
 issues.lock.notice_2=- Você e outros colaboradores com acesso a este repositório ainda poderão deixar comentários que outros possam ver.
 issues.lock.notice_3=- Poderá sempre voltar a desbloquear esta questão no futuro.
 issues.unlock.notice_1=- Toda gente poderá voltar a comentar nesta questão.
@@ -1707,6 +1729,8 @@ issues.remove_time_estimate_at=removeu a estimativa de tempo %s
 issues.time_estimate_invalid=O formato da estimativa de tempo é inválido
 issues.start_tracking_history=começou a trabalhar %s
 issues.tracker_auto_close=O cronómetro será parado automaticamente quando esta questão for fechada
+issues.stopwatch_already_stopped=O cronómetro para esta questão já está parado
+issues.stopwatch_already_created=O cronómetro para esta questão já existe
 issues.tracking_already_started=`Você já iniciou a contagem de tempo <a href="%s">noutra questão</a>!`
 issues.stop_tracking=Parar cronómetro
 issues.stop_tracking_history=trabalhou durante <b>%[1]s</b> %[2]s
@@ -1770,7 +1794,7 @@ issues.dependency.add_error_same_issue=Não pode fazer uma questão depender de
 issues.dependency.add_error_dep_issue_not_exist=A questão dependente não existe.
 issues.dependency.add_error_dep_not_exist=A dependência não existe.
 issues.dependency.add_error_dep_exists=A dependência já existe.
-issues.dependency.add_error_cannot_create_circular=Não pode criar uma dependência onde duas questões se bloqueiam simultaneamente.
+issues.dependency.add_error_cannot_create_circular=Não pode criar uma dependência com duas questões em que cada uma bloqueia a outra.
 issues.dependency.add_error_dep_not_same_repo=Ambas as questões têm que estar no mesmo repositório.
 issues.review.self.approval=Não pode aprovar o seu próprio pedido de integração.
 issues.review.self.rejection=Não pode solicitar modificações sobre o seu próprio pedido de integração.
@@ -1784,7 +1808,7 @@ issues.review.reject=modificações solicitadas %s
 issues.review.wait=foi solicitada para revisão %s
 issues.review.add_review_request=solicitou revisão de %s %s
 issues.review.remove_review_request=removeu a solicitação de revisão para %s %s
-issues.review.remove_review_request_self=recusou-se a rever %s
+issues.review.remove_review_request_self=recusou rever %s
 issues.review.pending=Pendente
 issues.review.pending.tooltip=Este comentário não está visível para os outros utilizadores, neste momento. Para submeter os seus comentários pendentes, escolha "%s" → "%s/%s/%s" no topo da página.
 issues.review.review=Revisão
@@ -1806,7 +1830,7 @@ issues.review.requested=Revisão pendente
 issues.review.rejected=Modificações solicitadas
 issues.review.stale=Modificada depois da aprovação
 issues.review.unofficial=Aprovação não oficial
-issues.assignee.error=Nem todos os encarregados foram adicionados devido a um erro inesperado.
+issues.assignee.error=Nem todos os encarregados foram adicionados, devido a um erro inesperado.
 issues.reference_issue.body=Conteúdo
 issues.content_history.deleted=eliminado
 issues.content_history.edited=editado
@@ -1844,11 +1868,11 @@ pulls.show_all_commits=Mostrar todos os cometimentos
 pulls.show_changes_since_your_last_review=Mostrar modificações desde a sua última revisão
 pulls.showing_only_single_commit=Mostrando apenas as modificações do comentimento %[1]s
 pulls.showing_specified_commit_range=Mostrando apenas as modificações entre %[1]s..%[2]s
-pulls.select_commit_hold_shift_for_range=Escolha o comentimento. Mantenha premido o shift enquanto clica para escolher um intervalo
+pulls.select_commit_hold_shift_for_range=Escolha o comentimento. Para escolher um intervalo, mantenha premido o shift enquanto clica.
 pulls.review_only_possible_for_full_diff=A revisão só é possível ao visualizar o diff completo
 pulls.filter_changes_by_commit=Filtrar por cometimento
 pulls.nothing_to_compare=Estes ramos são iguais. Não há necessidade de criar um pedido de integração.
-pulls.nothing_to_compare_have_tag=O ramo/etiqueta escolhidos são iguais.
+pulls.nothing_to_compare_have_tag=Os ramos/etiquetas escolhidos são iguais.
 pulls.nothing_to_compare_and_allow_empty_pr=Estes ramos são iguais. Este pedido de integração ficará vazio.
 pulls.has_pull_request=`Já existe um pedido de integração entre estes ramos: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=Criar um pedido de integração
@@ -1873,7 +1897,7 @@ pulls.add_prefix=Adicione o prefixo <strong>%s</strong>
 pulls.remove_prefix=Remover o prefixo <strong>%s</strong>
 pulls.data_broken=Este pedido de integração está danificado devido à falta de informação da derivação.
 pulls.files_conflicted=Este pedido de integração contém modificações que entram em conflito com o ramo de destino.
-pulls.is_checking=Está em andamento uma verificação de conflitos na integração. Tente novamente daqui a alguns momentos.
+pulls.is_checking=Verificando se existem conflitos na integração…
 pulls.is_ancestor=Este ramo já está incluído no ramo de destino. Não há nada a integrar.
 pulls.is_empty=As modificações feitas neste ramo já existem no ramo de destino. Este cometimento ficará vazio.
 pulls.required_status_check_failed=Algumas das verificações obrigatórias não foram bem sucedidas.
@@ -1914,17 +1938,17 @@ pulls.merge_commit_id=O ID de cometimento da integração
 pulls.require_signed_wont_sign=O ramo requer que os cometimentos sejam assinados mas esta integração não vai ser assinada
 
 pulls.invalid_merge_option=Não pode usar esta opção de integração neste pedido de integração.
-pulls.merge_conflict=A integração falhou: Houve um conflito durante a integração. Dica: tente uma estratégia diferente
+pulls.merge_conflict=A integração falhou: Houve um conflito durante a integração. Dica: Tente uma estratégia diferente.
 pulls.merge_conflict_summary=Mensagem de erro
-pulls.rebase_conflict=A integração falhou: Houve um conflito durante a mudança de base do cometimento %[1]s. Dica: Tente uma estratégia diferente
+pulls.rebase_conflict=A integração falhou: Houve um conflito durante a mudança de base do cometimento %[1]s. Dica: Tente uma estratégia diferente.
 pulls.rebase_conflict_summary=Mensagem de erro
-pulls.unrelated_histories=A integração falhou: O topo da integração e a base não partilham um histórico comum. Dica: Tente uma estratégia diferente
-pulls.merge_out_of_date=Falhou a integração: Enquanto estava a gerar a integração, a base foi modificada. Dica: Tente de novo.
-pulls.head_out_of_date=Falhou a integração: Enquanto estava a gerar a integração, o topo foi modificado. Dica: Tente de novo.
-pulls.has_merged=Falhou: A integração constante do pedido foi executada, não pode integrar novamente nem modificar o ramo alvo.
+pulls.unrelated_histories=A integração falhou: O topo da integração e a base não partilham um histórico comum. Dica: Tente uma estratégia diferente.
+pulls.merge_out_of_date=Falhou a integração: Enquanto gerava a integração, a base foi modificada. Dica: Tente de novo.
+pulls.head_out_of_date=Falhou a integração: Enquanto gerava a integração, o topo foi modificado. Dica: Tente de novo.
+pulls.has_merged=Falhou: A integração constante do pedido foi executada. Não pode integrar novamente nem modificar o ramo alvo.
 pulls.push_rejected=O envio falhou: O envio foi rejeitado. Reveja os Automatismos do Git neste repositório.
 pulls.push_rejected_summary=Mensagem completa de rejeição
-pulls.push_rejected_no_message=O envio falhou: O envio foi rejeitado mas não houve qualquer mensagem remota. Reveja os Automatismos do Git para este repositório
+pulls.push_rejected_no_message=O envio falhou: O envio foi rejeitado mas não houve qualquer mensagem remota. Reveja os Automatismos do Git para este repositório.
 pulls.open_unmerged_pull_exists=`Não pode executar uma operação de reabertura porque há um pedido de integração pendente (#%d) com propriedades idênticas.`
 pulls.status_checking=Algumas verificações estão pendentes
 pulls.status_checks_success=Todas as verificações foram bem sucedidas
@@ -1948,9 +1972,9 @@ pulls.cmd_instruction_checkout_title=Checkout
 pulls.cmd_instruction_checkout_desc=A partir do seu repositório, crie um novo ramo e teste nele as modificações.
 pulls.cmd_instruction_merge_title=Integrar
 pulls.cmd_instruction_merge_desc=Integrar as modificações e enviar para o Gitea.
-pulls.cmd_instruction_merge_warning=Aviso: Esta operação não pode executar pedidos de integração porque "auto-identificar integração manual" não estava habilitado
+pulls.cmd_instruction_merge_warning=Aviso: Esta operação não pode executar pedidos de integração porque a opção "auto-identificar integração manual" não está habilitada.
 pulls.clear_merge_message=Apagar mensagem de integração
-pulls.clear_merge_message_hint=Apagar a mensagem de integração apenas remove o conteúdo da mensagem de cometimento e mantém os rodapés do git, tais como "Co-Autorado-Por …".
+pulls.clear_merge_message_hint=Apagar a mensagem de integração apenas remove o conteúdo da mensagem de cometimento e mantém os rodapés gerados pelo git, tais como "Co-Autorado-Por…".
 
 pulls.auto_merge_button_when_succeed=(quando as verificações forem bem-sucedidas)
 pulls.auto_merge_when_succeed=Integrar automaticamente quando todas as verificações forem bem-sucedidas
@@ -2130,14 +2154,21 @@ contributors.contribution_type.additions=Adições
 contributors.contribution_type.deletions=Eliminações
 
 settings=Configurações
-settings.desc=Configurações é onde pode gerir as configurações do repositório
+settings.desc=Configurações é onde pode gerir as configurações do repositório.
 settings.options=Repositório
+settings.public_access=Acesso público
+settings.public_access_desc=Configurar as permissões de acesso público do visitante para substituir os valores predefinidos deste repositório.
+settings.public_access.docs.not_set=Não definido: nenhuma permissão extra de acesso público. As permissões do visitante seguem a visibilidade e as permissões de membro do repositório.
+settings.public_access.docs.anonymous_read=Leitura anónima: utilizadores sem sessão iniciada podem consultar a unidade.
+settings.public_access.docs.everyone_read=Leitura pública: todos os utilizadores com sessão iniciada podem aceder à unidade com permissão de leitura. Permissão de leitura das unidades de questões / pedidos de integração também significa que os utilizadores podem criar novas questões / pedidos de integração.
+settings.public_access.docs.everyone_write=Escrita pública: Todos os utilizadores com sessão iniciada têm permissão de escrita na unidade. Apenas a unidade Wiki suporta esta permissão.
 settings.collaboration=Colaboradores
 settings.collaboration.admin=Administrador
 settings.collaboration.write=Escrita
 settings.collaboration.read=Leitura
 settings.collaboration.owner=Proprietário(a)
 settings.collaboration.undefined=Não definido
+settings.collaboration.per_unit=Permissões da Unidade
 settings.hooks=Automatismos web
 settings.githooks=Automatismos do Git
 settings.basic_settings=Configurações básicas
@@ -2147,7 +2178,7 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Configure o seu
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Configure os seu planeamento para puxar, automaticamente, cometimentos, etiquetas e ramos a partir de outro repositório.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Neste momento isto só pode ser feito no menu "Nova migração". Para obter mais informação, consulte:
 settings.mirror_settings.docs.disabled_push_mirror.info=As réplicas foram desabilitadas pelo administrador deste sítio.
-settings.mirror_settings.docs.no_new_mirrors=O seu repositório está a replicar modificações para, ou a partir, de outro repositório. Tenha em mente que não pode criar novas réplicas neste momento.
+settings.mirror_settings.docs.no_new_mirrors=O seu repositório está a replicar modificações para, ou a partir de, outro repositório. Tenha em mente que neste momento não pode criar novas réplicas.
 settings.mirror_settings.docs.can_still_use=Embora não possa modificar réplicas existentes ou criar novas, ainda pode usar a sua réplica existente.
 settings.mirror_settings.docs.pull_mirror_instructions=Para configurar uma réplica de outro repositório, consulte
 settings.mirror_settings.docs.more_information_if_disabled=Pode aprender mais sobre réplicas de envios e de puxadas aqui:
@@ -2178,7 +2209,6 @@ settings.advanced_settings=Configurações avançadas
 settings.wiki_desc=Habilitar wiki do repositório
 settings.use_internal_wiki=Usar o wiki integrado
 settings.default_wiki_branch_name=Nome do ramo predefinido do wiki
-settings.default_permission_everyone_access=Permissão de acesso predefinida para todos os utilizadores registados:
 settings.failed_to_change_default_wiki_branch=Falhou ao mudar o nome do ramo predefinido do wiki.
 settings.use_external_wiki=Usar um wiki externo
 settings.external_wiki_url=URL do wiki externo
@@ -2260,13 +2290,13 @@ settings.trust_model.default=Modelo de confiança padrão
 settings.trust_model.default.desc=Usar o modelo de confiança padrão do repositório para esta instalação.
 settings.trust_model.collaborator=Colaborador
 settings.trust_model.collaborator.long=Colaborador: Confiar nas assinaturas dos colaboradores
-settings.trust_model.collaborator.desc=Assinaturas válidas dos colaboradores deste repositório serão marcadas como "fiável" (independentemente de corresponderem, ou não, ao autor do cometimento). Caso contrário, assinaturas válidas serão marcadas como "não fiável" se a assinatura corresponder ao autor do cometimento e "não corresponde", se não corresponder.
+settings.trust_model.collaborator.desc=Assinaturas válidas dos colaboradores deste repositório serão marcadas como "fiável", independentemente de corresponderem, ou não, ao autor do cometimento. Caso contrário, assinaturas válidas serão marcadas como "não fiável" se a assinatura corresponder ao autor do cometimento e "não corresponde", se não corresponder.
 settings.trust_model.committer=Autor do cometimento
-settings.trust_model.committer.long=Autor do cometimento: Confiar nas assinaturas que correspondam aos autores dos cometimentos (isto corresponde ao funcionamento do GitHub e força a que os cometimentos assinados do Gitea tenham o Gitea como autor do cometimento)
-settings.trust_model.committer.desc=Assinaturas válidas apenas serão marcadas como "fiável" se corresponderem ao autor do cometimento, caso contrário serão marcadas como "não corresponde". Isto irá forçar o Gitea a ser o autor do cometimento nos cometimentos assinados, ficando o autor real marcado como "Co-autorado-por:" e "Co-cometido-por:" no resumo do cometimento. A chave padrão do Gitea tem que corresponder a um utilizador na base de dados.
+settings.trust_model.committer.long=Autor do cometimento: Confiar nas assinaturas que correspondam aos autores dos cometimentos. Isto corresponde ao comportamento do GitHub e força a que os cometimentos assinados do Gitea tenham o Gitea como autor do cometimento.
+settings.trust_model.committer.desc=Assinaturas válidas apenas serão marcadas como "fiável" se corresponderem ao autor do cometimento, caso contrário serão marcadas como "não corresponde". Isto irá forçar o Gitea a ser o autor do cometimento nos cometimentos assinados, ficando o autor real marcado como "Co-autorado-por:" e "Co-cometido-por:" no rodapé do cometimento. A chave padrão do Gitea tem que corresponder a um utilizador na base de dados.
 settings.trust_model.collaboratorcommitter=Colaborador + Autor do cometimento
 settings.trust_model.collaboratorcommitter.long=Colaborador + Autor do cometimento: Confiar nas assinaturas dos colaboradores que correspondam ao autor do cometimento
-settings.trust_model.collaboratorcommitter.desc=Assinaturas válidas feitas por colaboradores deste repositório serão marcadas como "fiável" se corresponderem ao autor do cometimento. Caso contrário, assinaturas válidas serão marcadas como "não fiável" se a assinatura corresponder ao autor do cometimento e "não corresponde" se não corresponder. Isto irá forçar a que o Gitea seja marcado como sendo o autor do cometimento nos cometimentos assinados, ficando o autor real marcado como "Co-autorado-por:" e "Co-cometido-por:" no resumo do cometimento. A chave padrão do Gitea tem que corresponder a um utilizador na base de dados.
+settings.trust_model.collaboratorcommitter.desc=Assinaturas válidas feitas por colaboradores deste repositório serão marcadas como "fiável" se corresponderem ao autor do cometimento. Caso contrário, assinaturas válidas serão marcadas como "não fiável" se a assinatura corresponder ao autor do cometimento e "não corresponde" se não corresponder. Isto irá forçar a que o Gitea seja marcado como sendo o autor do cometimento nos cometimentos assinados, ficando o autor real marcado como "Co-autorado-por:" e "Co-cometido-por:" no rodapé do cometimento. A chave padrão do Gitea tem que corresponder a um utilizador na base de dados.
 settings.wiki_delete=Eliminar dados do wiki
 settings.wiki_delete_desc=Eliminar os dados do repositório do wiki é permanente e não pode ser revertido.
 settings.wiki_delete_notices_1=- Isso excluirá e desabilitará permanentemente o wiki do repositório para %s.
@@ -2275,7 +2305,7 @@ settings.wiki_deletion_success=Os dados do repositório do wiki foram eliminados
 settings.delete=Eliminar este repositório
 settings.delete_desc=Eliminar um repositório é permanente e não pode ser revertido.
 settings.delete_notices_1=- Esta operação <strong>NÃO PODER�</strong> ser revertida.
-settings.delete_notices_2=- Esta operação eliminará permanentemente o repositório <strong>%s</strong> incluindo código-fonte, questões, comentários, dados do wiki e configurações dos colaboradores.
+settings.delete_notices_2=- Esta operação eliminará permanentemente o repositório <strong>%s</strong>, incluindo código-fonte, questões, comentários, dados do wiki e configurações dos colaboradores.
 settings.delete_notices_fork_1=- Derivações deste repositório tornar-se-ão independentes, após a eliminação.
 settings.deletion_success=O repositório foi eliminado.
 settings.update_settings_success=As configurações do repositório foram modificadas.
@@ -2307,8 +2337,8 @@ settings.hooks_desc=Os automatismos web fazem pedidos HTTP POST automaticamente
 settings.webhook_deletion=Remover automatismo web
 settings.webhook_deletion_desc=Remover um automatismo web elimina as configurações e o histórico de entrega desse automatismo. Quer continuar?
 settings.webhook_deletion_success=O automatismo web foi removido.
-settings.webhook.test_delivery=Entrega de teste
-settings.webhook.test_delivery_desc=Testar este automatismo web com um evento falso.
+settings.webhook.test_delivery=Testar o envio
+settings.webhook.test_delivery_desc=Testar este automatismo web com um evento de envio falso.
 settings.webhook.test_delivery_desc_disabled=Para testar este automatismo web com um evento falso, habilite-o.
 settings.webhook.request=Pedido
 settings.webhook.response=Resposta
@@ -2328,6 +2358,7 @@ settings.payload_url=URL de destino
 settings.http_method=Método HTTP
 settings.content_type=Tipo de conteúdo POST
 settings.secret=Segredo
+settings.webhook_secret_desc=Se o servidor de automatismos web suportar a utilização de segredos, você pode seguir o manual do automatismo web e preencher um segredo aqui.
 settings.slack_username=Nome de utilizador
 settings.slack_icon_url=URL do ícone
 settings.slack_color=Cor
@@ -2357,7 +2388,7 @@ settings.event_repository=Repositório
 settings.event_repository_desc=Repositório criado ou eliminado.
 settings.event_header_issue=Eventos da questão
 settings.event_issues=Questões
-settings.event_issues_desc=Questão aberta, fechada, reaberta ou editada.
+settings.event_issues_desc=Questão aberta, fechada, reaberta, editada ou eliminada.
 settings.event_issue_assign=Questão atribuída
 settings.event_issue_assign_desc=Encarregado atribuído ou retirado à questão.
 settings.event_issue_label=Questão com rótulo
@@ -2368,7 +2399,7 @@ settings.event_issue_comment=Comentário da questão
 settings.event_issue_comment_desc=Comentário da questão criado, editado ou eliminado.
 settings.event_header_pull_request=Eventos de pedidos de integração
 settings.event_pull_request=Pedido de integração
-settings.event_pull_request_desc=Pedido de integração aberto, fechado, reaberto ou editado.
+settings.event_pull_request_desc=Pedido de integração aberto, fechado, reaberto, editado ou eliminado.
 settings.event_pull_request_assign=Encarregado atribuído ao pedido de integração
 settings.event_pull_request_assign_desc=Encarregado atribuído ou retirado ao pedido de integração.
 settings.event_pull_request_label=Rótulo atribuído ao pedido de integração
@@ -2386,8 +2417,10 @@ settings.event_pull_request_review_request_desc=A revisão do pedido de integraÃ
 settings.event_pull_request_approvals=Aprovações do pedido de integração
 settings.event_pull_request_merge=Integração constante no pedido
 settings.event_header_workflow=Eventos da sequência de trabalho
+settings.event_workflow_run=Execução da sequência de trabalho
+settings.event_workflow_run_desc=A execução da sequência de trabalho das operações do Gitea foi colocada em fila, está em espera, em andamento ou concluída.
 settings.event_workflow_job=Trabalhos da sequência de trabalho
-settings.event_workflow_job_desc=O trabalho da sequência de trabalho das operações do Gitea foi colocado em fila, está em espera, em andamento ou concluída.
+settings.event_workflow_job_desc=O trabalho da sequência de trabalho das operações do Gitea foi colocado em fila, está em espera, em andamento ou concluído.
 settings.event_package=Pacote
 settings.event_package_desc=Pacote criado ou eliminado num repositório.
 settings.branch_filter=Filtro de ramos
@@ -2511,7 +2544,7 @@ settings.block_on_official_review_requests_desc=A integração não será possí
 settings.block_outdated_branch=Bloquear integração se o pedido de integração for obsoleto
 settings.block_outdated_branch_desc=A integração não será possível quando o ramo de topo estiver abaixo do ramo base.
 settings.block_admin_merge_override=Os administradores têm de cumprir as regras de salvaguarda dos ramos
-settings.block_admin_merge_override_desc=Os administradores têm de cumprir as regras de salvaguarda e não as podem contornar.
+settings.block_admin_merge_override_desc=Os administradores têm de cumprir as regras de salvaguarda do ramo e não as podem contornar.
 settings.default_branch_desc=Escolha um ramo do repositório como sendo o predefinido para pedidos de integração e cometimentos:
 settings.merge_style_desc=Estilos de integração
 settings.default_merge_style_desc=Tipo de integração predefinido
@@ -2538,10 +2571,10 @@ settings.matrix.homeserver_url=URL do servidor caseiro
 settings.matrix.room_id=ID da sala
 settings.matrix.message_type=Tipo de mensagem
 settings.visibility.private.button=Tornar privado
-settings.visibility.private.text=Mudar a visibilidade para privado não só irá tornar o repositório visível somente para membros autorizados como também poderá remover a relação entre o repositório e derivações, vigilâncias e favoritos.
+settings.visibility.private.text=Mudar a visibilidade para privado irá tornar o repositório visível somente para membros autorizados e poderá remover a relação entre o repositório e derivações existentes, vigilâncias e favoritos.
 settings.visibility.private.bullet_title=<strong>Mudar a visibilidade para privado irá:</strong>
 settings.visibility.private.bullet_one=Tornar o repositório visível somente para membros autorizados.
-settings.visibility.private.bullet_two=Possivelmente remover a relação entre o repositório e <strong>derivações</strong>, <strong>vigilâncias</strong> e <strong>favoritos</strong>.
+settings.visibility.private.bullet_two=Poderá remover a relação entre o repositório e <strong>derivações</strong>, <strong>vigilâncias</strong> e <strong>favoritos</strong>.
 settings.visibility.public.button=Tornar público
 settings.visibility.public.text=Mudar a visibilidade para público irá tornar o repositório visível para qualquer pessoa.
 settings.visibility.public.bullet_title=<strong>Mudar a visibilidade para público irá:</strong>
@@ -2578,11 +2611,11 @@ settings.lfs_invalid_locking_path=Localização inválida: %s
 settings.lfs_invalid_lock_directory=Não foi possível bloquear a pasta: %s
 settings.lfs_lock_already_exists=Já existe um bloqueio: %s
 settings.lfs_lock=Bloquear
-settings.lfs_lock_path=Localização do ficheiro a bloquear...
+settings.lfs_lock_path=Localização do ficheiro a bloquear…
 settings.lfs_locks_no_locks=Sem bloqueios
 settings.lfs_lock_file_no_exist=O ficheiro bloqueado não existe no ramo principal
 settings.lfs_force_unlock=Forçar desbloqueio
-settings.lfs_pointers.found=Encontrado(s) %d ponteiro(s) de blob - %d associado(a), %d desassociado(a) (%d ausente do armazenamento)
+settings.lfs_pointers.found=Encontrado(s) %d ponteiro(s) de blob — %d associado(a), %d desassociado(a) (%d ausente do armazenamento)
 settings.lfs_pointers.sha=SHA do blob
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=No repositório
@@ -2723,6 +2756,7 @@ branch.restore_success=O ramo "%s" foi restaurado.
 branch.restore_failed=Falhou a restauração do ramo "%s".
 branch.protected_deletion_failed=O ramo "%s" está protegido, não pode ser eliminado.
 branch.default_deletion_failed=O ramo "%s" é o ramo principal, não pode ser eliminado.
+branch.default_branch_not_exist=O ramo predefinido "%s" não existe.
 branch.restore=`Restaurar o ramo "%s"`
 branch.download=`Descarregar o ramo "%s"`
 branch.rename=`Renomear ramo "%s"`
@@ -2739,6 +2773,8 @@ branch.new_branch_from=`Criar um novo ramo a partir do ramo "%s"`
 branch.renamed=O ramo %s foi renomeado para %s.
 branch.rename_default_or_protected_branch_error=Só os administradores é que podem renomear o ramo principal ou ramos protegidos.
 branch.rename_protected_branch_failed=Este ramo está protegido por regras de salvaguarda baseadas em padrões glob.
+branch.commits_divergence_from=Divergência nos cometimentos: %[1]d atrás e %[2]d à frente de %[3]s
+branch.commits_no_divergence=Idêntico ao ramo %[1]s
 
 tag.create_tag=Criar etiqueta %s
 tag.create_tag_operation=Criar etiqueta
@@ -2752,6 +2788,7 @@ topic.done=Concluído
 topic.count_prompt=Não pode escolher mais do que 25 tópicos
 topic.format_prompt=Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') ou pontos ('.') e podem ter até 35 caracteres. As letras têm que ser minúsculas.
 
+find_file.follow_symlink=Seguir esta ligação simbólica para onde ela está apontando
 find_file.go_to_file=Ir para o ficheiro
 find_file.no_matching=Não foi encontrado qualquer ficheiro correspondente
 
@@ -2761,7 +2798,7 @@ error.csv.invalid_field_count=Não é possível apresentar este ficheiro porque
 error.broken_git_hook=Os automatismos git deste repositório parecem estar danificados. Consulte a <a target="_blank" rel="noreferrer" href="%s">documentação</a> sobre como os consertar e depois envie alguns cometimentos para refrescar o estado.
 
 [graphs]
-component_loading=A carregar %s...
+component_loading=A carregar %s…
 component_loading_failed=Não foi possível carregar %s
 component_loading_info=Isto pode demorar um pouco…
 component_failed_to_load=Ocorreu um erro inesperado.
@@ -2792,6 +2829,7 @@ team_permission_desc=Permissão
 team_unit_desc=Permitir acesso às secções do repositório
 team_unit_disabled=(desabilitada)
 
+form.name_been_taken=O nome da organização "%s" já foi tomado.
 form.name_reserved=O nome de organização "%s" está reservado.
 form.name_pattern_not_allowed=O padrão "%s" não é permitido no nome de uma organização.
 form.create_org_not_allowed=Não tem permissão para criar uma organização.
@@ -2799,7 +2837,7 @@ form.create_org_not_allowed=Não tem permissão para criar uma organização.
 settings=Configurações
 settings.options=Organização
 settings.full_name=Nome completo
-settings.email=Email de contacto
+settings.email=Endereço de email de contacto
 settings.website=Sítio web
 settings.location=Localização
 settings.permission=Permissões
@@ -2813,15 +2851,28 @@ settings.visibility.private_shortname=Privado
 
 settings.update_settings=Modificar configurações
 settings.update_setting_success=As configurações da organização foram modificadas.
-settings.change_orgname_prompt=Nota: Mudar o nome da organização também irá mudar o URL da organização e libertar o nome antigo.
-settings.change_orgname_redirect_prompt=O nome antigo, enquanto não for reivindicado, irá reencaminhar para o novo.
+
+settings.rename=Renomear organização
+settings.rename_desc=Mudar o nome da organização também irá mudar o URL da organização e libertar o nome antigo.
+settings.rename_success=A organização %[1]s foi renomeada para %[2]s com sucesso.
+settings.rename_no_change=O nome da organização não foi alterado.
+settings.rename_new_org_name=Novo nome da organização
+settings.rename_failed=A renomeação da organização falhou por causa de um erro interno
+settings.rename_notices_1=Esta operação <strong>NÃO PODER�</strong> ser revertida.
+settings.rename_notices_2=O antigo nome, enquanto não for reivindicado, irá reencaminhar para o novo.
+
 settings.update_avatar_success=O avatar da organização foi modificado.
 settings.delete=Eliminar organização
 settings.delete_account=Eliminar esta organização
 settings.delete_prompt=A organização será removida permanentemente. Essa operação <strong>NÃO PODER�</strong> ser revertida!
+settings.name_confirm=Insira o nome da organização para confirmar:
+settings.delete_notices_1=Esta operação <strong>NÃO PODER�</strong> ser revertida.
+settings.delete_notices_2=Esta operação irá eliminar de forma permanente todos os <strong>repositórios</strong> de <strong>%s</strong>, incluindo código-fonte, questões, comentários, dados do wiki e configurações dos colaboradores.
+settings.delete_notices_3=Esta operação irá eliminar de forma permanente todos os <strong>pacotes</strong> de <strong>%s</strong>.
+settings.delete_notices_4=Esta operação irá eliminar de forma permanente todos os <strong>planeamentos</strong> de <strong>%s</strong>.
 settings.confirm_delete_account=Confirme a eliminação
-settings.delete_org_title=Eliminar organização
-settings.delete_org_desc=Esta organização será eliminada permanentemente. Quer continuar?
+settings.delete_failed=A eliminação da organização falhou por causa de um erro interno
+settings.delete_successful=A organização <b>%s</b> foi eliminada com sucesso.
 settings.hooks_desc=Adicionar automatismos web que serão despoletados para <strong>todos os repositórios</strong> desta organização.
 
 settings.labels_desc=Adicionar rótulos que possam ser usados em questões para <strong>todos os repositórios</strong> desta organização.
@@ -2877,7 +2928,7 @@ teams.remove_all_repos_title=Remover todos os repositórios da equipa
 teams.remove_all_repos_desc=Isto irá remover todos os repositórios da equipa.
 teams.add_all_repos_title=Adicionar todos os repositórios
 teams.add_all_repos_desc=Isto irá adicionar todos os repositórios da organização à equipa.
-teams.add_nonexistent_repo=O repositório que está a tentar adicionar não existe, por favor crie-o primeiro.
+teams.add_nonexistent_repo=O repositório que está a tentar adicionar não existe. Crie-o primeiro.
 teams.add_duplicate_users=O utilizador já é um membro da equipa.
 teams.repos.none=Não há repositórios que possam ser acedidos por esta equipa.
 teams.members.none=Não há membros nesta equipa.
@@ -2918,7 +2969,7 @@ repositories=Repositórios
 hooks=Automatismos web
 integrations=Integrações
 authentication=Fontes de autenticação
-emails=Emails do utilizador
+emails=Endereços de email do utilizador
 config=Configuração
 config_summary=Resumo
 config_settings=Configurações
@@ -2965,12 +3016,12 @@ dashboard.archive_cleanup=Eliminar arquivos de repositórios antigos
 dashboard.deleted_branches_cleanup=Limpar ramos eliminados
 dashboard.update_migration_poster_id=Sincronizar os IDs do remetente da migração
 dashboard.git_gc_repos=Fazer a recolha do lixo em todos os repositórios
-dashboard.resync_all_sshkeys=Sincronizar o ficheiro '.ssh/authorized_keys' com as chaves SSH do Gitea.
-dashboard.resync_all_sshprincipals=Modificar o ficheiro '.ssh/authorized_principals' com os protagonistas SSH do Gitea.
-dashboard.resync_all_hooks=Voltar a sincronizar automatismos de pré-acolhimento, modificação e pós-acolhimento de todos os repositórios.
+dashboard.resync_all_sshkeys=Sincronizar o ficheiro '.ssh/authorized_keys' com as chaves SSH do Gitea
+dashboard.resync_all_sshprincipals=Modificar o ficheiro '.ssh/authorized_principals' com os protagonistas SSH do Gitea
+dashboard.resync_all_hooks=Voltar a sincronizar automatismos de pré-acolhimento, modificação e pós-acolhimento de todos os repositórios
 dashboard.reinit_missing_repos=Reinicializar todos os repositórios Git em falta para os quais existam registos
 dashboard.sync_external_users=Sincronizar dados externos do utilizador
-dashboard.cleanup_hook_task_table=Limpar tabela hook_task
+dashboard.cleanup_hook_task_table=Limpar a tabela hook_task
 dashboard.cleanup_packages=Limpar pacotes expirados
 dashboard.cleanup_actions=Limpar recursos das operações expirados
 dashboard.server_uptime=Tempo em funcionamento contínuo do servidor
@@ -3003,7 +3054,7 @@ dashboard.total_gc_pause=Pausa total da recolha de lixo
 dashboard.last_gc_pause=Última pausa da recolha de lixo
 dashboard.gc_times=N.º de recolhas de lixo
 dashboard.delete_old_actions=Eliminar todo o trabalho antigo da base de dados
-dashboard.delete_old_actions.started=Foi iniciado o processo de eliminação de todo o trabalho antigo da base de dados.
+dashboard.delete_old_actions.started=Foi iniciado o processo de eliminação de todo o trabalho antigo da base de dados
 dashboard.update_checker=Verificador de novas versões
 dashboard.delete_old_system_notices=Eliminar todas as notificações do sistema antigas da base de dados
 dashboard.gc_lfs=Recolher lixo dos meta-elementos LFS
@@ -3057,7 +3108,7 @@ users.still_own_repo=Este utilizador ainda possui um ou mais repositórios. Elim
 users.still_has_org=Este utilizador é membro de uma organização. Remova, primeiro, o utilizador de todas as organizações.
 users.purge=Eliminar utilizador
 users.purge_help=Eliminar o utilizador à força, juntamente com todos os seus repositórios, organizações e pacotes. Também serão eliminados todos os seus comentários.
-users.still_own_packages=Este utilizador ainda possui um ou mais pacotes, elimine esses pacotes primeiro.
+users.still_own_packages=Este utilizador ainda possui um ou mais pacotes. Elimine esses pacotes primeiro.
 users.deletion_success=A conta de utilizador foi eliminada.
 users.reset_2fa=Reinicializar a autenticação em dois passos
 users.list_status_filter.menu_text=Filtro
@@ -3077,11 +3128,11 @@ users.details=Detalhes do utilizador
 emails.email_manage_panel=Gestão de endereços de email do utilizador
 emails.primary=Principal
 emails.activated=Em uso
-emails.filter_sort.email=Email
-emails.filter_sort.email_reverse=Email (invertido)
+emails.filter_sort.email=Endereço de email
+emails.filter_sort.email_reverse=Endereço de email (inverso)
 emails.filter_sort.name=Nome de utilizador
-emails.filter_sort.name_reverse=Nome de utilizador (invertido)
-emails.updated=Email modificado
+emails.filter_sort.name_reverse=Nome de utilizador (inverso)
+emails.updated=Endereço de email modificado
 emails.not_updated=Falhou a modificação do endereço de email solicitado: %v
 emails.duplicate_active=Este endereço de email já está a ser usado por outro utilizador.
 emails.change_email_header=Modificar propriedades do email
@@ -3089,7 +3140,7 @@ emails.change_email_text=Tem a certeza que quer modificar este endereço de emai
 emails.delete=Eliminar email
 emails.delete_desc=Tem a certeza que quer eliminar este endereço de email?
 emails.deletion_success=O endereço de email foi eliminado.
-emails.delete_primary_email_error=Não pode eliminar o email principal.
+emails.delete_primary_email_error=Não pode eliminar o endereço de email principal.
 
 orgs.org_manage_panel=Gestão das organizações
 orgs.name=Nome
@@ -3203,9 +3254,11 @@ auths.oauth2_required_claim_name_helper=Defina este nome para restringir o iníc
 auths.oauth2_required_claim_value=Valor de Reivindicação obrigatório
 auths.oauth2_required_claim_value_helper=Defina este valor para restringir o início de sessão desta fonte a utilizadores que tenham uma reivindicação com este nome e este valor
 auths.oauth2_group_claim_name=Reivindicar nome que fornece nomes de grupo para esta fonte. (Opcional)
-auths.oauth2_admin_group=Valor da Reivindicação de Grupo para utilizadores administradores. (Opcional - exige a reivindicação de nome acima)
-auths.oauth2_restricted_group=Valor da Reivindicação de Grupo para utilizadores restritos. (Opcional - exige a reivindicação de nome acima)
-auths.oauth2_map_group_to_team=Mapear grupos reclamados em equipas da organização (opcional — requer nome de reclamação acima).
+auths.oauth2_full_name_claim_name=Nome completo reivindicado. (Opcional — se for definido, o nome completo do utilizador será sempre sincronizado com este reivindicado)
+auths.oauth2_ssh_public_key_claim_name=Nome reivindicado da chave pública SSH
+auths.oauth2_admin_group=Valor da Reivindicação de Grupo para utilizadores administradores. (Opcional — exige a reivindicação de nome acima)
+auths.oauth2_restricted_group=Valor da Reivindicação de Grupo para utilizadores restritos. (Opcional — exige a reivindicação de nome acima)
+auths.oauth2_map_group_to_team=Mapear grupos reclamados em equipas da organização. (Opcional — exige a reivindicação de nome acima)
 auths.oauth2_map_group_to_team_removal=Remover utilizadores das equipas sincronizadas se esses utilizadores não pertencerem ao grupo correspondente.
 auths.enable_auto_register=Habilitar o registo automático
 auths.sspi_auto_create_users=Criar utilizadores automaticamente
@@ -3215,7 +3268,7 @@ auths.sspi_auto_activate_users_helper=Permitir que o método de autenticação S
 auths.sspi_strip_domain_names=Remover nomes de domínio dos nomes de utilizador
 auths.sspi_strip_domain_names_helper=Se esta opção estiver marcada, os nomes de domínio serão removidos dos nomes do início de sessão (ex.: "DOM�NIO\utilizador" e "utilizador@exemplo.org" tornar-se-ão "utilizador", simplesmente).
 auths.sspi_separator_replacement=Separador a usar em vez de \, / e @
-auths.sspi_separator_replacement_helper=O carácter a ser usado para substituir os separadores de nomes de início de sessão de nível inferior (ex.: o \ em "DOM�NIO\utilizador") e os nomes principais do utilizador (ex.: o @ em "utilizador@exemplo.org").
+auths.sspi_separator_replacement_helper=O caractere a ser usado para substituir os separadores de nomes de início de sessão de nível inferior (ex.: o \ em "DOM�NIO\utilizador") e os nomes principais do utilizador (ex.: o @ em "utilizador@exemplo.org").
 auths.sspi_default_language=Idioma predefinido do utilizador
 auths.sspi_default_language_helper=Idioma predefinido para utilizadores criados automaticamente pelo método de autenticação SSPI. Deixe em branco se preferir que o idioma seja determinado automaticamente.
 auths.tips=Dicas
@@ -3276,8 +3329,6 @@ config.ssh_domain=Domínio do servidor SSH
 config.ssh_port=Porto
 config.ssh_listen_port=Porto de escuta
 config.ssh_root_path=Localização base
-config.ssh_key_test_path=Localização do teste das chaves
-config.ssh_keygen_path=Localização do gerador de chaves ('ssh-keygen')
 config.ssh_minimum_key_size_check=Verificação de tamanho mínimo da chave
 config.ssh_minimum_key_sizes=Tamanhos mínimos da chave
 
@@ -3335,7 +3386,7 @@ config.mailer_sendmail_path=Localização do sendmail
 config.mailer_sendmail_args=Argumentos extras para o sendmail
 config.mailer_sendmail_timeout=Tempo limite do Sendmail
 config.mailer_use_dummy=Fictício
-config.test_email_placeholder=Email (ex.: teste@exemplo.com)
+config.test_email_placeholder=Endereço de email (ex.: teste@exemplo.com)
 config.send_test_mail=Enviar email de teste
 config.send_test_mail_submit=Enviar
 config.test_mail_failed=Falhou o envio de um email de teste para "%s": %v
@@ -3452,8 +3503,8 @@ self_check.startup_warnings=Alertas do arranque:
 self_check.database_collation_mismatch=Supor que a base de dados usa a colação: %s
 self_check.database_collation_case_insensitive=A base de dados está a usar a colação %s, que é insensível à diferença entre maiúsculas e minúsculas. Embora o Gitea possa trabalhar com ela, pode haver alguns casos raros que não funcionem como esperado.
 self_check.database_inconsistent_collation_columns=A base de dados está a usar a colação %s, mas estas colunas estão a usar colações diferentes. Isso poderá causar alguns problemas inesperados.
-self_check.database_fix_mysql=Para utilizadores do MySQL/MariaDB, pode usar o comando "gitea doctor convert" para resolver os problemas de colação. Também pode resolver o problema com comandos SQL "ALTER ... COLLATE ..." aplicados manualmente.
-self_check.database_fix_mssql=Para utilizadores do MSSQL só pode resolver o problema aplicando comandos SQL "ALTER ... COLLATE ..." manualmente, por enquanto.
+self_check.database_fix_mysql=Para utilizadores do MySQL/MariaDB, pode usar o comando "gitea doctor convert" para resolver os problemas de colação. Também pode resolver o problema manualmente com comandos SQL "ALTER ... COLLATE ...".
+self_check.database_fix_mssql=Para utilizadores do MSSQL só pode resolver o problema manualmente com comandos SQL "ALTER ... COLLATE ...", por enquanto.
 self_check.location_origin_mismatch=O URL corrente (%[1]s) não corresponde ao URL visto pelo Gitea (%[2]s). Se estiver a usar um reverse proxy, certifique-se que os cabeçalhos "Host" e "X-Forwarded-Proto" estão bem definidos.
 
 [action]
@@ -3590,7 +3641,7 @@ arch.install=Sincronizar pacote com pacman:
 arch.repository=Informação do repositório
 arch.repository.repositories=Repositórios
 arch.repository.architectures=Arquitecturas
-cargo.registry=Configurar este registo no ficheiro de configuração do Cargo (por exemplo: <code>~/.cargo/config.toml</code>):
+cargo.registry=Configure este registo no ficheiro de configuração do Cargo (por exemplo: <code>~/.cargo/config.toml</code>):
 cargo.install=Para instalar o pacote usando o Cargo, execute o seguinte comando:
 chef.registry=Configure este registo no seu ficheiro <code>~/.chef/config.rb</code>:
 chef.install=Para instalar o pacote, execute o seguinte comando:
@@ -3599,7 +3650,7 @@ composer.install=Para instalar o pacote usando o Composer, execute o seguinte co
 composer.dependencies=Dependências
 composer.dependencies.development=Dependências de desenvolvimento
 conan.details.repository=Repositório
-conan.registry=Configurar este registo usando a linha de comandos:
+conan.registry=Configure este registo usando a linha de comandos:
 conan.install=Para instalar o pacote usando o Conan, execute o seguinte comando:
 conda.registry=Configure este registo como um repositório Conda no seu ficheiro <code>.condarc</code>:
 conda.install=Para instalar o pacote usando o Conda, execute o seguinte comando:
@@ -3615,7 +3666,7 @@ container.labels.key=Chave
 container.labels.value=Valor
 cran.registry=Configure este registo no seu ficheiro <code>Rprofile.site</code>:
 cran.install=Para instalar o pacote, execute o seguinte comando:
-debian.registry=Configurar este registo usando a linha de comandos:
+debian.registry=Configure este registo usando a linha de comandos:
 debian.registry.info=Escolha $distribution e $component da lista abaixo.
 debian.install=Para instalar o pacote, execute o seguinte comando:
 debian.repository=Informação do repositório
@@ -3624,13 +3675,13 @@ debian.repository.components=Componentes
 debian.repository.architectures=Arquitecturas
 generic.download=Descarregar pacote usando a linha de comandos:
 go.install=Instale o pacote a partir da linha de comandos:
-helm.registry=Configurar este registo usando a linha de comandos:
+helm.registry=Configure este registo usando a linha de comandos:
 helm.install=Para instalar o pacote, execute o seguinte comando:
 maven.registry=Configure este registo no seu ficheiro <code>pom.xml</code> do projecto:
 maven.install=Para usar este pacote, inclua no bloco <code>dependencies</code> do ficheiro <code>pom.xml</code> o seguinte:
 maven.install2=Executar usando a linha de comandos:
 maven.download=Para descarregar a dependência, execute na linha de comandos:
-nuget.registry=Configurar este registo usando a linha de comandos:
+nuget.registry=Configure este registo usando a linha de comandos:
 nuget.install=Para instalar o pacote usando NuGet, execute o seguinte comando:
 nuget.dependency.framework=Estrutura alvo
 npm.registry=Configure este registo no seu ficheiro <code>.npmrc</code> do projecto:
@@ -3645,7 +3696,7 @@ npm.details.tag=Etiqueta
 pub.install=Para instalar o pacote usando o Dart, execute o seguinte comando:
 pypi.requires=Requer Python
 pypi.install=Para instalar o pacote usando o pip, execute o seguinte comando:
-rpm.registry=Configurar este registo usando a linha de comandos:
+rpm.registry=Configure este registo usando a linha de comandos:
 rpm.distros.redhat=em distribuições baseadas no RedHat
 rpm.distros.suse=em distribuições baseadas no SUSE
 rpm.install=Para instalar o pacote, execute o seguinte comando:
@@ -3658,7 +3709,7 @@ rubygems.dependencies.runtime=Dependências do tempo de execução (runtime)
 rubygems.dependencies.development=Dependências de desenvolvimento
 rubygems.required.ruby=Requer a versão do Ruby
 rubygems.required.rubygems=Requer a versão do RubyGem
-swift.registry=Configurar este registo usando a linha de comandos:
+swift.registry=Configure este registo usando a linha de comandos:
 swift.install=Adicione o pacote no seu ficheiro <code>Package.swift</code>:
 swift.install2=e execute o seguinte comando:
 vagrant.install=Para adicionar uma máquina virtual Vagrant, execute o seguinte comando:
@@ -3710,13 +3761,18 @@ owner.settings.chef.keypair.description=É necessário um par de chaves para aut
 secrets=Segredos
 description=Os segredos serão transmitidos a certas operações e não poderão ser lidos de outra forma.
 none=Ainda não há segredos.
-creation=Adicionar segredo
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Descrição
 creation.name_placeholder=Só sublinhados ou alfanuméricos sem distinguir maiúsculas, sem começar com GITEA_ nem GITHUB_
 creation.value_placeholder=Insira um conteúdo qualquer. Espaços em branco no início ou no fim serão omitidos.
 creation.description_placeholder=Escreva uma descrição curta (opcional).
-creation.success=O segredo "%s" foi adicionado.
-creation.failed=Falhou ao adicionar o segredo.
+
+save_success=O segredo "%s" foi guardado.
+save_failed=Falhou ao guardar o segredo.
+
+add_secret=Adicionar segredo
+edit_secret=Editar segredo
 deletion=Remover segredo
 deletion.description=Remover um segredo é permanente e não pode ser revertido. Continuar?
 deletion.success=O segredo foi removido.
@@ -3794,6 +3850,11 @@ runs.no_workflows.documentation=Para mais informação sobre o Gitea Actions vej
 runs.no_runs=A sequência de trabalho ainda não foi executada.
 runs.empty_commit_message=(mensagem de cometimento vazia)
 runs.expire_log_message=Os registros foram removidos porque eram muito antigos.
+runs.delete=Eliminar execução da sequência de trabalho
+runs.cancel=Cancelar a execução da sequência de trabalho
+runs.delete.description=Tem a certeza que pretende eliminar permanentemente a execução desta sequência de trabalho? Esta operação não poderá ser desfeita.
+runs.not_done=A execução desta sequência de trabalho ainda não terminou.
+runs.view_workflow_file=Ver ficheiro da sequência de trabalho
 
 workflow.disable=Desabilitar sequência de trabalho
 workflow.disable_success=A sequência de trabalho '%s' foi desabilitada com sucesso.
@@ -3833,6 +3894,8 @@ deleted.display_name=Planeamento eliminado
 type-1.display_name=Planeamento individual
 type-2.display_name=Planeamento do repositório
 type-3.display_name=Planeamento da organização
+enter_fullscreen=Ecrã inteiro
+exit_fullscreen=Sair do ecrã inteiro
 
 [git.filemode]
 changed_filemode=%[1]s → %[2]s
diff --git a/options/locale/locale_ru-RU.ini b/options/locale/locale_ru-RU.ini
index fe52165837..30443e2a23 100644
--- a/options/locale/locale_ru-RU.ini
+++ b/options/locale/locale_ru-RU.ini
@@ -42,7 +42,6 @@ webauthn_use_twofa=ИÑ�пользуйте двухфакторный код Ñ� Ð
 webauthn_error=�е удало�ь прочитать ваш ключ безопа�но�ти.
 webauthn_unsupported_browser=Ваш браузер в на�то�щее врем� не поддерживает WebAuthn.
 webauthn_error_unknown=Произошла неизве�тна� ошибка. Повторите попытку.
-webauthn_error_insecure=`WebAuthn поддерживает только безопа�ные �оединени�. Дл� те�тировани� по HTTP можно и�пользовать "localhost" или "127.0.0.1"`
 webauthn_error_unable_to_process=Сервер не �мог обработать ваш запро�.
 webauthn_error_duplicated=Данный ключ безопа�но�ти не разрешен дл� �того запро�а. Пожалуй�та, убедите�ь, что ключ не реги�трировал�� ранее.
 webauthn_error_empty=�еобходимо задать им� дл� �того ключа.
@@ -179,8 +178,6 @@ buttons.enable_monospace_font=Включить моноширинный шриф
 buttons.disable_monospace_font=Выключить моноширинный шрифт
 
 [filter]
-string.asc=A - Я
-string.desc=Я - �
 
 [error]
 occurred=Произошла ошибка
@@ -213,16 +210,10 @@ path=Путь
 sqlite_helper=Путь к файлу базы данных SQLite3.<br>Введите аб�олютный путь, е�ли вы запу�каете Gitea как �лужбу.
 reinstall_error=Вы пытаете�ь произве�ти у�тановку в уже �уще�твующую базу данных Gitea
 reinstall_confirm_message=Переу�тановка в уже �уще�твующую базу данных Gitea может вызвать не�колько проблем. В большин�тве �лучаев вы должны и�пользовать �уще�твующий "app.ini" дл� запу�ка Gitea. Е�ли вы понимаете, что вы делаете, подтвердите:
-reinstall_confirm_check_1=Данные, зашифрованные SECRET_KEY в приложении, могут быть потер�ны: пользователи не �могут войти в �и�тему � помощью 2FA/OTP & зеркала могут работать неправильно. Отметьте �тот флажок, чтобы убедить��, что текущий файл app.ini �одержит корректный SECRET_KEY.
-reinstall_confirm_check_2=Репозитории и на�тройки могут понадобить�� пере�инхронизировать. Отметьте �тот флажок, чтобы вручную �инхронизировать хуки дл� репозиториев и authorized_keys. Вы подтверждаете, что на�тройки репозитори� и зеркала верны.
 reinstall_confirm_check_3=Вы подтверждаете, что полно�тью уверены, что �тот Gitea запущен при коренном ра�положении app.ini и вы уверены, что вам нужна переу�тановка. Вы подтверждаете, что �оглашаете�ь � указанными выше ри�ками.
 err_empty_db_path=Путь к базе данных SQLite3 не может быть пу�тым.
 no_admin_and_disable_registration=Вы не можете отключить реги�трацию до �оздани� учётной запи�и админи�тратора.
 err_empty_admin_password=Пароль админи�тратора не может быть пу�тым.
-err_empty_admin_email=�дре� �лектронной почты админи�тратора не может быть пу�тым.
-err_admin_name_is_reserved=�еверное им� админи�тратора, �то им� зарезервировано
-err_admin_name_pattern_not_allowed=�еверное им� админи�тратора, им� попадает под зарезервированный шаблон
-err_admin_name_is_invalid=�еверное им� админи�тратора
 
 general_title=О�новные на�тройки
 app_name=�азвание �айта
@@ -238,7 +229,6 @@ domain_helper=Домен или адре� хо�та дл� �ервера.
 ssh_port=Порт SSH �ервера
 ssh_port_helper=�омер порта, который и�пользует SSH �ервер. О�тавьте пу�тым, чтобы отключить SSH.
 http_port=Gitea HTTP порт
-http_port_helper=�омер порта, который будет про�лушивать�� Gitea веб-�ервером.
 app_url=Базовый URL Gitea
 app_url_helper=Этот параметр вли�ет на URL дл� клонировани� по HTTP/HTTPS и на некоторые уведомлени� по �лектронной почте.
 log_root_path=Путь к журналу
@@ -301,7 +291,6 @@ no_reply_address=Скрытый почтовый домен
 no_reply_address_helper=Доменное им� дл� пользователей �о �крытым адре�ом �лектронной почты. �апример, им� пользовател� 'joe' будет зареги�трировано в Git как 'joe@noreply.example.org' е�ли �крытый домен �лектронной почты у�тановлен как 'noreply.example.org'.
 password_algorithm=�лгоритм хешировани� парол�
 invalid_password_algorithm=�екорректный алгоритм хешировани� парол�
-password_algorithm_helper=Задайте алгоритм хешировани� паролей. �лгоритмы имеют различные требовани� и �тойко�ть. �лгоритм argon2 довольно безопа�ен, но он и�пользует много пам�ти и может не подходить дл� �лабых �и�тем.
 enable_update_checker=Включить проверку обновлений
 enable_update_checker_helper=Периодиче�ки провер�ет наличие новых вер�ий, подключа��ь к gitea.io.
 env_config_keys=�а�тройка окружени�
@@ -359,8 +348,6 @@ allow_password_change=Требовать Ñ�мену паролÑ� пользовÐ
 reset_password_mail_sent_prompt=Пи�ьмо � подтверждением отправлено на <b>%s</b>. Пожалуй�та, проверьте вход�щую почту в течение %s, чтобы завершить проце�� во��тановлени� аккаунта.
 active_your_account=�ктивируйте �вой аккаунт
 account_activated=Учётна� запи�ь активирована
-prohibit_login=Вход запрещён
-prohibit_login_desc=Вход в вашу учётную запи�ь запрещен, пожалуй�та, �в�жите�ь � админи�тратором �айта.
 resent_limit_prompt=Извините, вы уже запро�или активацию по �лектронной почте недавно. Пожалуй�та, подождите 3 минуты, а затем повторите попытку.
 has_unconfirmed_mail=Здрав�твуйте, %s! У ва� е�ть неподтвержденный адре� �лектронной почты (<b>%s</b>). Е�ли вам не приходило пи�ьмо � подтверждением или нужно вы�лать новое пи�ьмо, нажмите на кнопку ниже.
 resend_mail=�ажмите зде�ь, чтобы переотправить активационное пи�ьмо
@@ -396,16 +383,12 @@ openid_connect_desc=Выбранный OpenID URI неизве�тен. Св�ж
 openid_register_title=Создать новый аккаунт
 openid_register_desc=Выбранный OpenID URI неизве�тен. Св�жите � новой учётной запи�ью зде�ь.
 openid_signin_desc=Введите ваш OpenID URI. �апример: alice.openid.example.org или https://openid.example.org/alice.
-disable_forgot_password_mail=Во��тановление учётной запи�и отключено, потому что �лектронна� почта не на�троена. Пожалуй�та, �в�жите�ь � админи�тратором �айта.
-disable_forgot_password_mail_admin=Во��тановление учётной запи�и до�тупно только при на�тройке �лектронной почты. Пожалуй�та, на�тройте �лектронную почту, чтобы включить во��тановление аккаунта.
 email_domain_blacklisted=С данным адре�ом �лектронной почты реги�траци� невозможна.
 authorize_application=�вторизаци� приложени�
 authorize_redirect_notice=Вы будете перенаправлены на %s, е�ли вы авторизуете �то приложение.
 authorize_application_created_by=Это приложение было �оздано %s.
-authorize_application_description=Е�ли вы предо�тавите до�туп, оно �может получить до�туп и редактировать любую информацию о вашей учётной запи�и, включа� �одержимое ча�тных репозиториев и организаций.
 authorize_title=Разрешить «%s» до�туп к вашей учётной запи�и?
 authorization_failed=Ошибка авторизации
-authorization_failed_desc=Ошибка авторизации, обнаружен неверный запро�. Пожалуй�та, �в�жите�ь � автором приложени�, которое вы пытали�ь авторизовать.
 sspi_auth_failed=�утентификаци� SSPI не удала�ь
 password_pwned_err=�е удало�ь завершить запро� к HaveIBeenPwned
 
@@ -425,8 +408,6 @@ activate_email.title=%s, пожалуйÑ�та, подтвердите ваш аÐ
 activate_email.text=Пожалуй�та, перейдите по ��ылке, чтобы подтвердить ваш адре� �лектронной почты в течение <b>%s</b>:
 
 register_notify.title=%[1]s, добро пожаловать в %[2]s
-register_notify.text_1=�то пи�ьмо � вашим подтверждением реги�трации в %s!
-register_notify.text_2=Теперь вы можете войти через логин: %s.
 register_notify.text_3=Е�ли �та учётна� запи�ь была �оздана дл� ва�, пожалуй�та, �начала <a href="%s">у�тановите пароль</a>.
 
 reset_password=Во��тановить учётную запи�ь
@@ -464,7 +445,6 @@ release.download.targz=И�ходный код (TAR.GZ)
 repo.transfer.subject_to=%s хочет передать «%s» в %s
 repo.transfer.subject_to_you=%s хочет передать «%s» вам
 repo.transfer.to_you=вам
-repo.transfer.body=Дл� того чтобы прин�ть или отклонить перейдите по ��ылке %s или про�то проигнорируйте данный запро�.
 
 repo.collaborator.added.subject=%s добавил(а) ва� в %s
 repo.collaborator.added.text=Вы были добавлены в каче�тве �оавтора репозитори�:
@@ -516,7 +496,6 @@ url_error=`«%s» не �вл�ет�� валидным URL.`
 include_error=` должно �одержать под�троку «%s».`
 glob_pattern_error=` неверный glob шаблон: %s.`
 regex_pattern_error=` �еверный шаблон регул�рного выражени�: %s.`
-username_error=` может �одержать только алфавитно-цифровые �имволы ('0-9','a-z','A-Z'), тире ('-'), подчеркивани� ('_') и точку ('.'). Первый �имвол должен быть алфавитно-цифровым, по�ледовательно�ти из не�кольких не алфавитно-цифровых �имволов запрещены.`
 invalid_group_team_map_error=` �опо�тавление недопу�тимо: %s`
 unknown_error=�еизве�тна� ошибка:
 captcha_incorrect=Капча не пройдена.
@@ -529,11 +508,9 @@ username_has_not_been_changed=Им� пользовател� не было из
 repo_name_been_taken=�азвание репозитори� уже и�пользует��.
 repository_force_private=Включена принудительна� приватно�ть: приватные репозитории не могут быть �деланы публичными.
 repository_files_already_exist=Файлы уже �уще�твуют дл� �того репозитори�. Обратите�ь к �и�темному админи�тратору.
-repository_files_already_exist.adopt=Файлы уже �уще�твуют дл� �того репозитори� и могут быть только прин�ты.
 repository_files_already_exist.delete=Файлы уже �уще�твуют дл� �того репозитори�. Вы должны удалить их.
 repository_files_already_exist.adopt_or_delete=Файлы уже �уще�твуют дл� �того репозитори�. Или прин�ть их или удалить их.
 visit_rate_limit=Удалённый вход отклонён в �в�зи � ограничением количе�тва попыток в �екунду.
-2fa_auth_required=Удалённый вход требует двухфакторную аутентификацию.
 org_name_been_taken=�азвание организации уже зан�то.
 team_name_been_taken=�азвание команды уже зан�то.
 team_no_units_error=Разрешите до�туп хот� бы к одному разделу репозитори�.
@@ -561,14 +538,8 @@ invalid_ssh_key=�е удает�� проверить ключ SSH: %s
 invalid_gpg_key=�е удает�� проверить ключ GPG: %s
 invalid_ssh_principal=�еверный принципал: %s
 must_use_public_key=Ключ, который вы предо�тавили, �вл�ет�� закрытым. Пожалуй�та, не отправл�йте �вой закрытый ключ куда бы то ни было. И�пользуйте дл� �тих целей открытый ключ.
-unable_verify_ssh_key=�е удаёт�� верифицировать ключ SSH, проверьте его на наличие ошибок.
 auth_failed=Ошибка аутентификации: %v
 
-still_own_repo=Ваша учётна� запи�ь владеет одним или не�колькими репозитори�ми, �начала удалите или передайте их.
-still_has_org=Ваша учётна� запи�ь �вл�ет�� членом одной или не�кольких организаций, �начала покиньте их.
-still_own_packages=Ваша учётна� запи�ь владеет одним или не�колькими пакетами, �начала удалите их.
-org_still_own_repo=Эта организаци� в�ё ещё владеет одним или не�колькими репозитори�ми, �начала удалите или передайте их.
-org_still_own_packages=Эта организаци� в�ё ещё владеет одним или не�колькими пакетами, �начала удалите их.
 
 target_branch_not_exist=Целева� ветка не �уще�твует.
 
@@ -597,7 +568,6 @@ settings=Параметры пользовател�
 
 form.name_reserved=Им� пользовател� «%s» зарезервировано.
 form.name_pattern_not_allowed=Шаблон «%s» не допу�кает�� в имени пользовател�.
-form.name_chars_not_allowed=Им� пользовател� «%s» �одержит недопу�тимые �имволы.
 
 
 [settings]
@@ -620,7 +590,6 @@ uid=UID
 public_profile=Открытый профиль
 biography_placeholder=Ра��кажите немного о �ебе! (Можно и�пользовать Markdown)
 location_placeholder=Поделите�ь �воим приблизительным ме�тоположением � другими
-profile_desc=Контролируйте, как ваш профиль будет отображать�� другим пользовател�м. Ваш о�новной адре� �лектронной почты будет и�пользовать�� дл� уведомлений, во��тановлени� парол� и веб-операций Git.
 full_name=Им� и фамили�
 website=Веб-�айт
 location=Ме�тоположение
@@ -690,10 +659,8 @@ requires_activation=Требует�� активаци�
 primary_email=Сделать о�новным
 activate_email=Отправить активацию
 activations_pending=Ожидает активации
-can_not_add_email_activations_pending=Ожидает�� активаци�. Е�ли хотите добавить новый почтовый �щик, попробуйте еще раз через не�колько минут.
 delete_email=Удалить
 email_deletion=Удалить адре� �лектронной почты
-email_deletion_desc=�дре� �лектронной почты и в�� �в�занна� � ним информаци� будет удалена из вашего аккаунта. Коммиты, �деланные от имени �того адре�а �лектронной почты, не будут изменены. Продолжить?
 email_deletion_success=Ваш адре� �лектронной почты был удалён.
 theme_update_success=Тема была изменена.
 theme_update_error=Выбранна� тема не �уще�твует.
@@ -735,7 +702,6 @@ gpg_key_matched_identities_long=В�троенные в �тот ключ иде
 gpg_key_verified=Проверенный ключ
 gpg_key_verified_long=Ключ был проверен токеном и может быть и�пользован дл� проверки коммитов, �оответ�твующих любым активным адре�ом �лектронной почты �того пользовател� в дополнение к любым �оответ�твующим идентификаторам �того ключа.
 gpg_key_verify=Проверить
-gpg_invalid_token_signature=Предо�тавленный ключ GPG, подпи�ь и токен не �овпадают, либо токен у�тарел.
 gpg_token_required=Вы должны предо�тавить подпи�ь дл� токена ниже
 gpg_token=Токен
 gpg_token_help=Вы можете �генерировать подпи�ь � помощью:
@@ -745,7 +711,6 @@ verify_gpg_key_success=Ключ GPG «%s» верифицирован.
 ssh_key_verified=Проверенный ключ
 ssh_key_verified_long=Ключ был проверен токеном и может быть и�пользован дл� проверки коммитов, �оответ�твующих любым активным адре�ом �лектронной почты �того пользовател�.
 ssh_key_verify=Проверить
-ssh_invalid_token_signature=Предо�тавленный ключ SSH, подпи�ь или токен не �овпадают, либо токен у�тарел.
 ssh_token_required=Вы должны предо�тавить подпи�ь дл� токена ниже
 ssh_token=Токен
 ssh_token_help=Вы можете �генерировать подпи�ь � помощью:
@@ -766,7 +731,6 @@ gpg_key_deletion=Удалить ключ GPG
 ssh_principal_deletion=Удалить принципала �ертификата SSH
 ssh_key_deletion_desc=Удаление ключа SSH аннулирует его до�туп к вашей учётной запи�и. Продолжить?
 gpg_key_deletion_desc=Удаление ключа GPG отмен�ет проверку подпи�анных им коммитов. Продолжить?
-ssh_principal_deletion_desc=Удаление принципала �ертификата SSH отзывает до�туп к вашей учётной запи�и. Продолжить?
 ssh_key_deletion_success=Ключ SSH удален.
 gpg_key_deletion_success=Ключ GPG удалён.
 ssh_principal_deletion_success=Принципал удалён.
@@ -836,17 +800,14 @@ oauth2_application_create_description=Приложени� OAuth2 предо�т
 oauth2_application_remove_description=Удаление приложени� OAuth2 приведёт к отмене его до�тупа к авторизованным учётным запи��м пользователей в данном �кземпл�ре. Продолжить?
 
 authorized_oauth2_applications=�вторизованные приложени� OAuth2
-authorized_oauth2_applications_description=Вы предо�тавили до�туп к вашему пер�ональному аккаунту Gitea �тим �торонним приложени�м. Пожалуй�та, отзовите до�туп у приложений, которые больше не и�пользуют��.
 revoke_key=Отозвать
 revoke_oauth2_grant=Отозвать до�туп
-revoke_oauth2_grant_description=Отзыв до�тупа у �того �тороннего приложени� не позволит ему получать до�туп к вашим данным. Вы уверены?
 revoke_oauth2_grant_success=До�туп был у�пешно отозван.
 
 twofa_recovery_tip=В �лучае утраты у�трой�тва можно и�пользовать одноразовый ключ во��тановлени� дл� получени� до�тупа к учётной запи�и.
 twofa_is_enrolled=Ваша учётна� запи�ь в на�то�щее врем� <strong>и�пользует</strong> двухфакторную аутентификацию.
 twofa_not_enrolled=Ваша учётна� запи�ь в на�то�щее врем� не и�пользует двухфакторную аутентификацию.
 twofa_disable=Отключить двухфакторную аутентификацию
-twofa_enroll=Включить двухфакторную аутентификацию
 twofa_disable_note=При необходимо�ти можно отключить двухфакторную аутентификацию.
 twofa_disable_desc=Отключение двухфакторной аутентификации �делает ваш аккаунт менее безопа�ным. Продолжить?
 twofa_disabled=Двухфакторна� аутентификаци� выключена.
@@ -859,12 +820,10 @@ twofa_failed_get_secret=�е удало�ь получить ключ.
 webauthn_register_key=Добавить ключ безопа�но�ти
 webauthn_nickname=Им� пользовател�
 webauthn_delete_key=Удалить ключ безопа�но�ти
-webauthn_delete_key_desc=Е�ли вы удалите ключ безопа�но�ти, вы больше не �можете войти � его помощью. Продолжить?
 webauthn_key_loss_warning=В �лучае утраты ключей безопа�но�ти вы потер�ете до�туп к учётной запи�и.
 
 manage_account_links=Управление прив�занными аккаунтами
 manage_account_links_desc=Эти внешние аккаунты прив�заны к вашему аккаунту Gitea.
-account_links_not_available=В на�то�щее врем� нет внешних аккаунтов, прив�занных к вашему аккаунту Gitea.
 link_account=Прив�зать аккаунт
 remove_account_link=Удалить прив�занный аккаунт
 remove_account_link_desc=Удаление прив�занной учётной запи�и отменит её до�туп к вашей учётной запи�и Gitea. Продолжить?
@@ -955,7 +914,6 @@ mirror_address_desc=ПомеÑ�тите необходимые учётные дÐ
 mirror_lfs=Хранилище больших файлов (LFS)
 mirror_lfs_desc=�ктивировать зеркалирование данных LFS.
 mirror_lfs_endpoint=LFS Endpoint
-mirror_lfs_endpoint_desc=Sync попытает�� и�пользовать URL клона <a target="_blank" rel="noopener noreferrer" href="%s">дл� определени� �ервера LFS</a>. Вы также можете указать пользователь�кую конечную точку, е�ли данные хранит�� где-то в хранилище.
 mirror_last_synced=По�ледн�� �инхронизаци�
 mirror_password_placeholder=(�еизменный)
 mirror_password_blank_placeholder=(Отменено)
@@ -967,7 +925,6 @@ forks=Форки
 reactions_more=и ещё %d
 unit_disabled=�дмини�тратор �айта отключил �тот раздел репозитори�.
 language_other=Разное
-adopt_search=Введите им� пользовател� дл� пои�ка неутверждённых репозиториев... (о�тавьте пу�тым, чтобы найти в�е)
 adopt_preexisting_label=Прин�тые файлы
 adopt_preexisting=Прин�ть уже �уще�твующие файлы
 adopt_preexisting_content=Создать репозиторий из %s
@@ -1026,10 +983,8 @@ migrate_items_releases=Релизы
 migrate_repo=Перено� репозитори�
 migrate.clone_address=Перено� / Клонирование по URL
 migrate.clone_address_desc=Это может быть HTTP/HTTPS/GIT адре� или локальный путь �уще�твующего репозитори� на �ервере.
-migrate.github_token_desc=Вы можете поме�тить один или не�колько токенов, разделенных зап�тыми, чтобы �делать миграцию бы�трее из-за ограничени� �коро�ти GitHub API. ПРЕДУПРЕЖДЕ�ИЕ: Злоупотребление �той функцией может нарушить политику по�тавщика у�луг и приве�ти к блокировке аккаунта.
 migrate.clone_local_path=или локальный путь на �ервере
 migrate.permission_denied=У ва� нет прав на импорт локальных репозиториев.
-migrate.permission_denied_blocked=Вы не можете импортировать � запрещённых хо�тов, пожалуй�та, попро�ите админи�тратора проверить на�тройки ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
 migrate.invalid_local_path=�едопу�тимый локальный путь. Он не �уще�твует или не �вл�ет�� каталогом.
 migrate.invalid_lfs_endpoint=Конечна� точка LFS недей�твительна.
 migrate.failed=Миграци� не удала�ь: %v
@@ -1037,7 +992,6 @@ migrate.migrate_items_options=Токен доÑ�тупа необходим длÑ
 migrated_from=Перене�ено из <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Перене�ено из %[1]s
 migrate.migrate=Миграци� из %s
-migrate.migrating=Перено� из <b>%s</b>...
 migrate.migrating_failed=Перено� из <b>%s</b> не удал��.
 migrate.migrating_failed.error=�е удало�ь мигрировать: %s
 migrate.migrating_failed_no_addr=Миграци� не удала�ь.
@@ -1079,7 +1033,6 @@ clone_this_repo=Клонировать репозиторий
 cite_this_repo=Со�лать�� на �тот репозиторий
 create_new_repo_command=Создать новый репозиторий из командной �троки
 push_exist_repo=Отправка �уще�твующего репозитори� из командной �троки
-empty_message=В репозитории нет файлов.
 broken_message=Данные Git, лежащие в о�нове репозитори�, не могут быть прочитаны. Св�жите�ь � админи�тратором �того �кземпл�ра или удалите �тот репозиторий.
 
 code=Код
@@ -1097,7 +1050,6 @@ projects=Проекты
 packages=Пакеты
 actions=Дей�тви�
 labels=Метки
-org_labels_desc=Метки уровн� организации, которые можно и�пользовать � <strong>в�еми репозитори�ми</strong> в �той организации
 org_labels_desc_manage=управл�ть
 
 milestone=Этап
@@ -1127,7 +1079,6 @@ file_copy_permalink=Копировать по�то�нную ��ылку
 view_git_blame=Показать git blame
 video_not_supported_in_browser=Ваш браузер не поддерживает HTML5 'video' т�г.
 audio_not_supported_in_browser=Ваш браузер не поддерживает HTML5 'audio' т�г.
-stored_lfs=Хранит�� Git LFS
 symbolic_link=Символиче�ка� ��ылка
 executable_file=И�полн�емый файл
 commit_graph=Граф коммитов
@@ -1170,7 +1121,6 @@ editor.update=Обновить %s
 editor.delete=Удалить %s
 editor.patch=Применить патч
 editor.patching=И�правление:
-editor.fail_to_apply_patch=�евозможно применить патч «%s»
 editor.new_patch=�овый патч
 editor.commit_message_desc=Добавьте необ�зательное ра�ширенное опи�ание…
 editor.signoff_desc=Добавить трейлер Signed-off-by � автором коммита в конце �ообщени� коммита.
@@ -1186,17 +1136,12 @@ editor.filename_is_invalid=�едопу�тимое им� файла: «%s».
 editor.branch_does_not_exist=Ветка «%s» от�ут�твует в �том репозитории.
 editor.branch_already_exists=Ветка «%s» уже �уще�твует в �том репозитории.
 editor.directory_is_a_file=Им� каталога «%s» уже и�пользует�� в каче�тве имени файла в �том репозитории.
-editor.file_is_a_symlink=`«%s» �вл�ет�� �имволиче�кой ��ылкой. Символиче�кие ��ылки невозможно отредактировать в веб-редакторе`
 editor.filename_is_a_directory=Им� файла «%s» уже и�пользует�� в каче�тве каталога в �том репозитории.
-editor.file_editing_no_longer_exists=Редактируемый файл «%s» больше не �уще�твует в �том репозитории.
-editor.file_deleting_no_longer_exists=Удал�емый файл «%s» больше не �уще�твует в �том репозитории.
 editor.file_changed_while_editing=Содержимое файла изменило�ь � момента начала редактировани�. <a target="_blank" rel="noopener noreferrer" href="%s">�ажмите зде�ь</a>, чтобы увидеть, что было изменено, или <strong>Зафик�ировать изменени� �нова</strong>, чтобы заменить их.
 editor.file_already_exists=Файл � именем «%s» уже �уще�твует в репозитории.
 editor.commit_empty_file_header=Закоммитить пу�той файл
 editor.commit_empty_file_text=Файл, который вы �обираете�ь зафик�ировать, пу�т. Продолжить?
 editor.no_changes_to_show=�ет изменений.
-editor.fail_to_update_file=�е удало�ь обновить/�оздать файл «%s».
-editor.fail_to_update_file_summary=Ошибка:
 editor.push_rejected_no_message=Изменение отклонено �ервером без �ообщени�. Пожалуй�та, проверьте хуки Git.
 editor.push_rejected=Изменение отклонено �ервером. Пожалуй�та, проверьте хуки Git.
 editor.push_rejected_summary=Полное �ообщение об отклонении:
@@ -1211,6 +1156,7 @@ editor.require_signed_commit=Ветка ожидает подпи�анный к
 editor.cherry_pick=Перене�ти изменени� %s в:
 editor.revert=Откатить %s к:
 
+
 commits.desc=Про�мотр и�тории изменений и�ходного кода.
 commits.commits=Коммитов
 commits.no_commits=�ет общих коммитов. «%s» и «%s» имеют �овершенно разные и�тории.
@@ -1355,7 +1301,6 @@ issues.filter_project=Проект
 issues.filter_project_all=В�е проекты
 issues.filter_project_none=�ет проекта
 issues.filter_assignee=�азначено
-issues.filter_assginee_no_assignee=�ет ответ�твенного
 issues.filter_poster=�втор
 issues.filter_type=Тип
 issues.filter_type.all_issues=В�е задачи
@@ -1367,7 +1312,6 @@ issues.filter_type.reviewed_by_you=Проверенные вами
 issues.filter_sort=Сортировать
 issues.filter_sort.latest=�овейшие
 issues.filter_sort.oldest=Старейшие
-issues.filter_sort.recentupdate=�едавно обновленные
 issues.filter_sort.leastupdate=Давно обновленные
 issues.filter_sort.mostcomment=Больше комментариев
 issues.filter_sort.leastcomment=Меньше комментариев
@@ -1475,7 +1419,6 @@ issues.pin_comment=закрепил(а) �ту задачу %s
 issues.unpin_comment=открепил(а) �ту задачу %s
 issues.lock=Ограничить об�уждение
 issues.unlock=Сн�ть ограничение
-issues.lock.unknown_reason=Дл� ограничени� об�уждени� необходимо указать причину.
 issues.lock_duplicate=Об�уждение задачи уже ограничено.
 issues.unlock_error=�евозможно �н�ть не�уще�твующее ограничение об�уждени�.
 issues.lock_with_reason=заблокировано как <strong>%s</strong> и ограничено об�уждение дл� �оуча�тников %s
@@ -1483,7 +1426,6 @@ issues.lock_no_reason=ограничил(а) обÑ�уждение задачи Ð
 issues.unlock_comment=�н�л(а) ограничение %s
 issues.lock_confirm=Ограничить
 issues.unlock_confirm=Сн�ть
-issues.lock.notice_1=- Другие пользователи не могут добавл�ть новые комментарии к �той задаче.
 issues.lock.notice_2=- Вы и другие �оавторы � до�тупом к �тому репозиторию могут о�тавл�ть комментарии, которые могут видеть другие.
 issues.lock.notice_3=- Вы в�егда можете �н�ть ограничение � об�уждени� �той задачи.
 issues.unlock.notice_1=- В�е �нова �могут прин�ть уча�тие в об�уждении данной задачи.
@@ -1543,9 +1485,7 @@ issues.dependency.pr_closing_blockedby=Закрытие Ñ�того запроÑ�Ð
 issues.dependency.issue_closing_blockedby=Закрытие �той задачи блокирует�� �ледующими задачами
 issues.dependency.issue_close_blocks=Эта задача блокирует закрытие �ледующих задач
 issues.dependency.pr_close_blocks=Этот запро� на �ли�ние блокирует закрытие �ледующих задач
-issues.dependency.issue_close_blocked=Вам необходимо закрыть в�е задачи, блокирующие �ту задачу, прежде чем вы �можете её закрыть.
 issues.dependency.issue_batch_close_blocked=�евозможно пакетно закрыть выбранные задачи, потому что у задачи #%d о�тают�� открытые зави�имо�ти
-issues.dependency.pr_close_blocked=Вам необходимо закрыть в�е задачи, блокирующие �тот запро� на �ли�ние, прежде чем вы �можете прин�ть его.
 issues.dependency.blocks_short=Блоки
 issues.dependency.blocked_by_short=Зави�ит от
 issues.dependency.remove_header=Удалить зави�имо�ть
@@ -1556,12 +1496,10 @@ issues.dependency.add_error_same_issue=Вы не можете за�тавить
 issues.dependency.add_error_dep_issue_not_exist=Зави�има� задача не �уще�твует.
 issues.dependency.add_error_dep_not_exist=Зави�имо�ти не �уще�твует.
 issues.dependency.add_error_dep_exists=Зави�имо�ть уже �уще�твует.
-issues.dependency.add_error_cannot_create_circular=Вы не можете �оздать зави�имо�ть � двум� задачами, блокирующими друг друга.
 issues.dependency.add_error_dep_not_same_repo=Обе задачи должны находить�� в одном репозитории.
 issues.review.self.approval=Вы не можете одобрить �об�твенный запро� на �ли�ние.
 issues.review.self.rejection=�евозможно запрашивать изменени� �воего запро�а на �ли�ние.
 issues.review.approve=одобрил(а) �ти изменени� %s
-issues.review.dismissed=отклонен отзыв %s %s
 issues.review.dismissed_label=Отклонено
 issues.review.left_comment=о�тавил комментарий
 issues.review.content.empty=Запрашива� изменени�, вы об�заны о�тавить комментарий � по��нением �воих пожеланий отно�ительно запро�а на �ли�ние.
@@ -1569,7 +1507,6 @@ issues.review.reject=запро�ил(а) изменени� %s
 issues.review.wait=был запрошен дл� отзыва %s
 issues.review.add_review_request=запро�ил отзыв от %s %s
 issues.review.remove_review_request=удалена за�вка на отзыв дл� %s %s
-issues.review.remove_review_request_self=отказано в отзыве %s
 issues.review.pending=Ожидание
 issues.review.pending.tooltip=Этот комментарий в на�то�щее врем� не виден другим пользовател�м. Чтобы отправить отложенные комментарии, выберите «%s» → «%s/%s/%s» в верхней ча�ти �траницы.
 issues.review.review=Рецензи�
@@ -1585,7 +1522,6 @@ issues.review.resolve_conversation=Покинуть диалог
 issues.review.un_resolve_conversation=�езавершённый разговор
 issues.review.resolved_by=пометить �тот разговор как разрешённый
 issues.review.commented=Комментировать
-issues.assignee.error=�е в�е назначени� были добавлены из-за непредвиденной ошибки.
 issues.reference_issue.body=Тело
 issues.content_history.deleted=удалено
 issues.content_history.edited=отредактировано
@@ -1646,7 +1582,6 @@ pulls.add_prefix=Добавить <strong>%s</strong> префик�
 pulls.remove_prefix=Удалить <strong>%s</strong> префик�
 pulls.data_broken=Содержимое �того запро�а было нарушено в�лед�твие удалени� информации форка.
 pulls.files_conflicted=Этот запро� на �ли�ние имеет изменени� конфликтующие � целевой веткой.
-pulls.is_checking=Продолжает�� проверка конфликтов, пожалуй�та обновите �траницу не�колько позже.
 pulls.is_ancestor=Эта ветка уже включена в целевую ветку. Сливать нечего.
 pulls.is_empty=Изменени� из �той ветки уже е�ть в целевой ветке. Это будет пу�той коммит.
 pulls.required_status_check_failed=�екоторые необходимые проверки не были пройдены.
@@ -1664,29 +1599,20 @@ pulls.reject_count_1=%d запро� на изменение
 pulls.reject_count_n=%d запро�ов на изменение
 pulls.waiting_count_1=%d ожидает проверки
 pulls.waiting_count_n=%d ожидающих отзывов
-pulls.wrong_commit_id=id фик�ации должен быть идентификатором фик�ации в целевой ветке
 
 pulls.no_merge_desc=Запро� на �ли�ние не может быть прин�т, так как отключены в�е на�тройки �ли�ни�.
 pulls.no_merge_helper=Включите опции �ли�ни� в на�тройках репозитори� или �овершите �ли�ние �того запро�а вручную.
 pulls.no_merge_wip=Данный запро� на �ли�ние не может быть прин�т, по�кольку он помечен как наход�щий�� в разработке.
-pulls.no_merge_not_ready=Этот запро� не готов к �ли�нию, обратите внимани� на ревью и проверки.
 pulls.no_merge_access=У ва� нет права дл� �ли�ни� данного запро�а.
 pulls.merge_pull_request=Создать коммит на �ли�ние
-pulls.rebase_merge_pull_request=Выполнить Rebase, а затем fast-forward �ли�ние
-pulls.rebase_merge_commit_pull_request=Выполнить rebase, а затем �оздать коммит �ли�ни�
 pulls.squash_merge_pull_request=Создать объединённый коммит
 pulls.merge_manually=Слито вручную
 pulls.merge_commit_id=ID коммита �ли�ни�
 pulls.require_signed_wont_sign=Данна� ветка ожидает подпи�анные коммиты, однако �ли�ние не будет подпи�ано
 
 pulls.invalid_merge_option=Этот параметр �ли�ни� нельз� и�пользовать дл� �того запро�а на �ли�ние.
-pulls.merge_conflict=Сли�ние не удало�ь: Произошел конфликт во врем� �ли�ни�. Совет: попробуйте другую �тратегию
 pulls.merge_conflict_summary=Сообщение об ошибке
-pulls.rebase_conflict=Сли�ние не удало�ь: Произошел конфликт во врем� �ли�ни�: %[1]s. Совет: попробуйте другую �тратегию
 pulls.rebase_conflict_summary=Сообщение об ошибке
-pulls.unrelated_histories=Сли�ние не удало�ь: У и�точника и цели �ли�ни� нет общей и�тории. Совет: попробуйте другую �тратегию
-pulls.merge_out_of_date=Ошибка �ли�ни�: при �оздании �ли�ни� база данных была обновлена. Под�казка: попробуйте ещё раз.
-pulls.head_out_of_date=Ошибка �ли�ни�: во врем� �ли�ни� головной коммит был обновлён. Попробуйте ещё раз.
 pulls.push_rejected_summary=Полна� ошибка отклонени�
 pulls.open_unmerged_pull_exists=`Вы не можете �нова открыть, по�кольку уже �уще�твует запро� на �ли�ние (#%d) из того же репозитори� � той же информацией о �ли�нии и ожидающий �ли�ни�.`
 pulls.status_checking=Выполн�ют�� некоторые проверки
@@ -1709,7 +1635,6 @@ pulls.reopened_at=`переоткрыл Ñ�тот запроÑ� на Ñ�лиÑ�ниÐ
 pulls.cmd_instruction_merge_title=Слить
 pulls.cmd_instruction_merge_desc=Слить изменени� и обновить в Gitea.
 pulls.clear_merge_message=Очи�тить �ообщение о �ли�нии
-pulls.clear_merge_message_hint=Очи�тка �ообщени� о �ли�нии удалит только �одержимое �ообщени� коммита, но �охранит �генерированные git добавки, такие как "Co-Authored-By …".
 
 pulls.auto_merge_button_when_succeed=(При у�пешных проверках)
 pulls.auto_merge_when_succeed=Слить автоматиче�ки по�ле прохождени� в�ех проверок
@@ -1763,7 +1688,6 @@ signing.will_sign=Этот коммит будет подпи�ан ключом
 signing.wont_sign.never=Коммиты никогда не подпи�ывают��.
 signing.wont_sign.always=Коммиты в�егда подпи�ывают��.
 signing.wont_sign.pubkey=Этот коммит не будет подпи�ан, по�кольку к вашей учётной запи�и не прив�зано публичного ключа.
-signing.wont_sign.twofa=Дл� подпи�ани� коммитов у ва� должна быть включена двухфакторна� аутентификаци�.
 signing.wont_sign.parentsigned=Этот коммит не будет подпи�ан, так как родитель�кий коммит не подпи�ан.
 signing.wont_sign.basesigned=Сли�ние не будет подпи�ано, так как базовый коммит не подпи�ан.
 signing.wont_sign.headsigned=Сли�ние не будет подпи�ано, так как головной коммит не подпи�ан.
@@ -1844,7 +1768,6 @@ activity.title.releases_1=%d релиз
 activity.title.releases_n=%d релизов
 activity.title.releases_published_by=%s опубликованы %s
 activity.published_release_label=Опубликовано
-activity.no_git_activity=В �тот период не было новых коммитов.
 activity.git_stats_exclude_merges=За и�ключением �ли�ний,
 activity.git_stats_author_1=%d автор
 activity.git_stats_author_n=%d автора(ов)
@@ -1869,7 +1792,6 @@ activity.git_stats_deletion_n=%d удалений
 contributors.contribution_type.commits=коммитов
 
 settings=�а�тройки
-settings.desc=В на�тройках вы можете мен�ть различные параметры �того репозитори�
 settings.options=Репозиторий
 settings.collaboration=Соавторы
 settings.collaboration.admin=�дмини�тратор
@@ -1886,7 +1808,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=�а�тройт
 settings.mirror_settings.docs.disabled_push_mirror.instructions=�а�тройте �вой проект, чтобы автоматиче�ки получать коммиты, теги и ветки из другого репозитори�.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=В на�то�щее врем� �то можно �делать только в меню «�ова� миграци�». Дл� получени� дополнительной информации, пожалуй�та, ознакомьте�ь:
 settings.mirror_settings.docs.disabled_push_mirror.info=Push-зеркала отключены админи�тратором �айта.
-settings.mirror_settings.docs.no_new_mirrors=Ваш репозиторий зеркалирует изменени� в другой репозиторий или из него. Пожалуй�та, имейте в виду, что в данный момент невозможно �оздавать новые зеркала.
 settings.mirror_settings.docs.can_still_use=Хот� вы не можете измен�ть �уще�твующие зеркала или �оздавать новые, вы можете по-прежнему и�пользовать �уще�твующее зеркало.
 settings.mirror_settings.docs.pull_mirror_instructions=Чтобы на�троить pull-зеркало, пожалуй�та, ознакомьте�ь:
 settings.mirror_settings.docs.more_information_if_disabled=Вы можете узнать больше о зеркалах push и pull зде�ь:
@@ -1952,7 +1873,6 @@ settings.admin_indexer_commit_sha=ПоÑ�ледний индекÑ�ированнÑ
 settings.admin_indexer_unindexed=�е индек�ировано
 settings.reindex_button=Добавить в очередь переиндек�ации
 settings.reindex_requested=Переиндек�аци� запрошена
-settings.admin_enable_close_issues_via_commit_in_any_branch=Закрыть задачу � помощью коммита, �деланного в ветке не по умолчанию
 settings.danger_zone=Опа�на� зона
 settings.new_owner_has_same_repo=У нового владельца уже е�ть хранилище � таким названием.
 settings.convert=Преобразовать в обычный репозиторий
@@ -1973,7 +1893,6 @@ settings.transfer_abort_invalid=�евозможно отменить тран�
 settings.transfer_abort_success=Передача репозитори� %s у�пешно отменена.
 settings.transfer_desc=Передать репозиторий другому пользователю или организации где у ва� е�ть права админи�тратора.
 settings.transfer_form_title=Введите �опут�твующую информацию дл� подтверждени� операции:
-settings.transfer_in_progress=Тран�фер в проце��е выполнени�. Отмените его, е�ли желаете выполнить тран�фер другому пользователю.
 settings.transfer_notices_1=- Вы можете потер�ть до�туп, е�ли новый владелец �вл�ет�� отдельным пользователем.
 settings.transfer_notices_2=- Вы �охраните до�туп, е�ли новым владельцем �танет организаци�, владельцем которой вы �вл�ете�ь.
 settings.transfer_notices_3=- е�ли репозиторий �вл�ет�� приватным и передает�� отдельному пользователю, �то дей�твие позвол�ет убедить��, что пользователь имеет хот� бы права на чтение (и при необходимо�ти измен�ет права до�тупа).
@@ -1987,13 +1906,9 @@ settings.trust_model.default=Модель довери� по умолчанию
 settings.trust_model.default.desc=И�пользовать �тандартную модель довери� репозитори� дл� �той у�тановки.
 settings.trust_model.collaborator=Соавтор
 settings.trust_model.collaborator.long=Соавтор: Довер�ть подпи��м �оавторов
-settings.trust_model.collaborator.desc=Дей�твительные подпи�и �оавторов �того репозитори� будут помечены как «доверенные» (незави�имо от того, �оответ�твуют ли они автору коммита). В о�тальных �луча�х дей�твительные подпи�и будут помечены как «недоверенные», е�ли подпи�ь �оответ�твует автору коммита, и «не �овпадающие», е�ли нет.
 settings.trust_model.committer=Коммитер
-settings.trust_model.committer.long=Коммитер: Довер�ть подпи��м, �оответ�твующим коммитерам (Это �овпадает � GitHub и за�тавит подпи�ать коммиты Gitea в каче�тве коммитера)
-settings.trust_model.committer.desc=Дей�твительные подпи�и будут помечены «доверенными», только е�ли они �оответ�твуют автору коммита, в противном �лучае они будут помечены «не �овпадающими». Это за�тавит Gitea быть автором подпи�анных коммитов, а фактиче�кий автор будет обозначен в трейлерах Co-Authored-By: и Co-Committed-By: коммита. Ключ Gitea по умолчанию должен �оответ�твовать пользователю в базе данных.
 settings.trust_model.collaboratorcommitter=Соавтор+Коммитер
 settings.trust_model.collaboratorcommitter.long=Соавтор+Коммитер: Довер�ть подпи��м �оавторов, которые �оответ�твуют автору коммита
-settings.trust_model.collaboratorcommitter.desc=Дей�твительные подпи�и �оавторов �того репозитори� будут помечены «доверенными», е�ли они �оответ�твуют автору коммита. Дей�твительные подпи�и будут помечены как «недоверенные», е�ли подпи�ь �оответ�твует автору коммита, и «не �овпадающие» впротивном �лучае. Это за�тавит Gitea быть отмеченным в каче�тве автора подпи�анного коммита, а фактиче�кий автор будет указан в трейлерах Co-Authored-By: и Co-Committed-By: коммита. Ключ Gitea по умолчанию должен �оответ�твовать пользователю в базе данных.
 settings.wiki_delete=Стереть данные вики
 settings.wiki_delete_desc=Будьте внимательны! Как только вы удалите вики — пути назад не будет.
 settings.wiki_delete_notices_1=- Это нав�егда удалит и отключит вики дл� %s.
@@ -2002,7 +1917,6 @@ settings.wiki_deletion_success=Данные вики удалены.
 settings.delete=Удалить �тот репозиторий
 settings.delete_desc=Будьте внимательны! Как только вы удалите репозиторий — пути назад не будет.
 settings.delete_notices_1=- Эта операци� <strong>�Е МОЖЕТ</strong> быть отменена.
-settings.delete_notices_2=- Эта операци� нав�егда удалит в�ё из репозитори� <strong>%s</strong>, включа� данные Git, �в�занные � ним задачи, комментарии и права до�тупа дл� �отрудников.
 settings.delete_notices_fork_1=- В�е форки �танут незави�имыми репозитори�ми по�ле удалени�.
 settings.deletion_success=Репозиторий удалён.
 settings.update_settings_success=�а�тройки репозитори� обновлены.
@@ -2023,8 +1937,6 @@ settings.team_not_in_organization=Команда не в той же органÐ
 settings.teams=Команды
 settings.add_team=Добавить команду
 settings.add_team_duplicate=Команда уже имеет репозиторий
-settings.add_team_success=Команда теперь имеет до�туп к репозиторию.
-settings.change_team_permission_tip=Разрешение команды у�тановлено на �транице на�тройки команды и не может быть изменено дл� каждого репозитори�
 settings.delete_team_tip=Эта команда имеет до�туп ко в�ем репозитори�м и не может быть удалена
 settings.remove_team_success=До�туп команды к репозиторию удалён.
 settings.add_webhook=Добавить веб-хук
@@ -2033,8 +1945,6 @@ settings.hooks_desc=Веб-хуки позвол�ют внешним �лужб
 settings.webhook_deletion=Удалить веб-хук
 settings.webhook_deletion_desc=Удаление �того веб-хука приведет к удалению в�ей �в�занной � ним информации, включа� и�торию. Хотите продолжить?
 settings.webhook_deletion_success=Веб-хук был удалён.
-settings.webhook.test_delivery=Проверить до�тавку
-settings.webhook.test_delivery_desc=Отправить те�товое �обытие дл� те�тировани� на�тройки веб-хука.
 settings.webhook.request=Запро�
 settings.webhook.response=Ответ
 settings.webhook.headers=Заголовки
@@ -2078,7 +1988,6 @@ settings.event_repository=Репозиторий
 settings.event_repository_desc=Репозиторий �оздан или удален.
 settings.event_header_issue=Событи� задачи
 settings.event_issues=Задачи
-settings.event_issues_desc=Задача открыта, закрыта, переоткрыта или отредактирована.
 settings.event_issue_assign=�азначена задача
 settings.event_issue_assign_desc=Задача назначена или �н�та � назначени�.
 settings.event_issue_label=Ярлык задачи
@@ -2089,7 +1998,6 @@ settings.event_issue_comment=Комментарии в задаче
 settings.event_issue_comment_desc=Комментарий �оздан, изменён или удалён.
 settings.event_header_pull_request=Событи� запро�а на �ли�ние
 settings.event_pull_request=Запро� на �ли�ние
-settings.event_pull_request_desc=Запро� на �ли�ние открыт, закрыт, переоткрыт или отредактирован.
 settings.event_pull_request_assign=Запро�а на �ли�ние назначен
 settings.event_pull_request_assign_desc=Запро� на �ли�ние назначен или не назначен.
 settings.event_pull_request_label=Запро� на �ли�ние отмечен
@@ -2223,7 +2131,6 @@ settings.archive.branchsettings_unavailable=�а�тройки ветки нед
 settings.archive.tagsettings_unavailable=�а�тройки тегов недо�тупны, е�ли репозиторий архивирован.
 settings.unarchive.button=Разархивировать репозиторий
 settings.unarchive.header=Вернуть �тот репозиторий из архива
-settings.unarchive.text=Разархивирование репозитори� во��тановит его �по�обно�ть принимать изменени�, а также новые задачи и запро�ы на �ли�ние.
 settings.unarchive.success=Репозиторий был у�пешно разархивирован.
 settings.update_avatar_success=�ватар репозитори� обновлён.
 settings.lfs=LFS
@@ -2240,11 +2147,9 @@ settings.lfs_invalid_locking_path=�едопу�тимый путь: %s
 settings.lfs_invalid_lock_directory=�евозможно заблокировать каталог: %s
 settings.lfs_lock_already_exists=Блокировка уже �уще�твует: %s
 settings.lfs_lock=Заблокировать
-settings.lfs_lock_path=Путь к файлу дл� блокировки...
 settings.lfs_locks_no_locks=�ет блокировки
 settings.lfs_lock_file_no_exist=Заблокированный файл не �уще�твует в ветке по умолчанию
 settings.lfs_force_unlock=Принудительна� разблокировка
-settings.lfs_pointers.found=�айдено %d указатель(ей) блоков - при�оединено %d, %d не прив�зано (%d от�ут�твует в хранилище)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=В репозитории
@@ -2445,7 +2350,6 @@ form.create_org_not_allowed=Этому пользователю не разреÑ
 settings=�а�тройки
 settings.options=Организаци�
 settings.full_name=Полное им�
-settings.email=Почта дл� �в�зи
 settings.website=Сайт
 settings.location=Ме�тоположение
 settings.permission=Разрешени�
@@ -2459,15 +2363,13 @@ settings.visibility.private_shortname=Приватный
 
 settings.update_settings=Обновить на�тройки
 settings.update_setting_success=�а�тройки организации обновлены.
-settings.change_orgname_prompt=Обратите внимание: изменение названи� организации также изменит URL вашей организации и о�вободит �тарое им�.
-settings.change_orgname_redirect_prompt=Старое им� будет перенаправлено до тех пор, пока оно не будет введено.
+
+
 settings.update_avatar_success=�ватар организации обновлён.
 settings.delete=Удалить организацию
 settings.delete_account=Удалить �ту организацию
 settings.delete_prompt=Это дей�твие <strong>БЕЗВОЗВР�Т�О</strong> удалит �ту организацию нав�егда!
 settings.confirm_delete_account=Подтвердить удаление
-settings.delete_org_title=Удалить организацию
-settings.delete_org_desc=Эта организаци� будет безвозвратно удалена. Продолжить?
 settings.hooks_desc=Добавьте веб-хуки, которые будет вызывать�� дл� <strong>в�ех репозиториев</strong> под �той организации.
 
 settings.labels_desc=Добавьте метки, которые могут быть и�пользованы в задачах дл� <strong>в�ех репозиториев</strong> �той организации.
@@ -2522,7 +2424,6 @@ teams.remove_all_repos_title=Удалить в�е репозитории ком
 teams.remove_all_repos_desc=Удал�ет в�е репозитории из команды.
 teams.add_all_repos_title=Добавить в�е репозитории
 teams.add_all_repos_desc=Добавит в�е репозитории организации в команду.
-teams.add_nonexistent_repo=Репозиторий, который вы пытаете�ь добавить, не �уще�твует, �начала �оздайте его.
 teams.add_duplicate_users=Пользователь уже �о�тоит в команде.
 teams.repos.none=Дл� �той команды нет до�тупных репозиториев.
 teams.members.none=В �той команде нет уча�тников.
@@ -2548,7 +2449,6 @@ repositories=Репозитории
 hooks=Веб-хуки
 integrations=Интеграции
 authentication=�утентификаци�
-emails=�дре�а �л. почты пользователей
 config=Конфигураци�
 config_summary=Стати�тика
 config_settings=�а�тройки
@@ -2577,26 +2477,16 @@ dashboard.cron.cancelled=Планировщик: %[1]s отменено: %[3]s
 dashboard.cron.error=Ошибка в запланированном задании: %s: %[3]s
 dashboard.cron.finished=Планировщик: %[1]s завершено
 dashboard.delete_inactive_accounts=Удалить в�е неактивированные учётные запи�и
-dashboard.delete_inactive_accounts.started=Удаление в�ех неактивированных учётных запи�ей начало�ь.
 dashboard.delete_repo_archives=Удалить в�е архивы репозиториев (ZIP, TAR.GZ, и т.д..)
-dashboard.delete_repo_archives.started=Удаление в�ех архивов репозитори� начало�ь.
 dashboard.delete_missing_repos=Удалить в�е запи�и о репозитори�х � от�ут�твующими файлами Git
-dashboard.delete_missing_repos.started=�ачато удаление в�ех репозиториев без Git-файлов.
 dashboard.delete_generated_repository_avatars=Удалить генерированные аватары репозитори�
 dashboard.update_mirrors=Обновить зеркала
 dashboard.repo_health_check=Проверка �о�то�ни� в�ех репозиториев
 dashboard.check_repo_stats=Проверить в�ю �тати�тику репозитори�
 dashboard.archive_cleanup=Удалить �тарые архивы репозитори�
-dashboard.deleted_branches_cleanup=Очи�тка удалённых ветвей
 dashboard.update_migration_poster_id=Обновить ID плакатов миграции
-dashboard.git_gc_repos=Выполнить �борку му�ора дл� в�ех репозиториев
-dashboard.resync_all_sshkeys=Обновить файл '.ssh/authorized_keys' � ключами SSH Gitea.
-dashboard.resync_all_sshprincipals=Обновите файл '.ssh/authorized_principals' SSH данными уча�тника Gitea.
-dashboard.resync_all_hooks=Повторна� �инхронизаци� hook'ов pre-receive, update и post-receive во в�ех репозитори�х.
 dashboard.reinit_missing_repos=Переинициализировать в�е от�ут�твующие Git репозитории, дл� которых �уще�твуют запи�и
 dashboard.sync_external_users=Синхронизировать данные внешних пользователей
-dashboard.cleanup_hook_task_table=Очи�тить таблицу hook_task
-dashboard.cleanup_packages=Очи�тка у�таревших пакетов
 dashboard.server_uptime=Врем� непрерывной работы �ервера
 dashboard.current_goroutine=Текущее количе�тво Goroutines
 dashboard.current_memory_usage=Текущее и�пользование пам�ти
@@ -2628,7 +2518,6 @@ dashboard.last_gc_pause=ПоÑ�леднÑ�Ñ� пауза Ñ�борщика муÑ�оÑ
 dashboard.gc_times=Количе�тво �борок му�ора
 dashboard.update_checker=Проверка обновлений
 dashboard.delete_old_system_notices=Удалить в�е �тарые �и�темные уведомлени� из базы данных
-dashboard.gc_lfs=Выполнить �борку му�ора метаобъектов LFS
 
 users.user_manage_panel=Панель управлени� пользовател�ми
 users.new_account=Создать новый аккаунт
@@ -2643,7 +2532,6 @@ users.2fa=Двухфакторна� авторизаци�
 users.repos=Репозитории
 users.created=Создано
 users.last_login=По�ледний вход
-users.never_login=�икогда не входил
 users.send_register_notify=Отправить пользователю уведомление о реги�трации
 users.new_success=Учётна� запи�ь «%s» �оздана.
 users.edit=Редактировать
@@ -2670,7 +2558,6 @@ users.still_own_repo=Этот пользователь вÑ�Ñ‘ ещё Ñ�влÑ�еÑ
 users.still_has_org=Этот пользователь в�ё ещё �вл�ет�� членом одной или более организаций. Сначала удалите пользовател� из в�ех организаций.
 users.purge=Удалить пользовател�
 users.purge_help=Принудительное удаление пользовател� и любых репозиториев, организаций и пакетов, принадлежащих пользователю. Комментарии тоже будут удалены.
-users.still_own_packages=Этот пользователь в�ё ещё владеет одним или не�колькими пакетами, �начала удалите их.
 users.deletion_success=Учётна� запи�ь у�пешно удалена.
 users.reset_2fa=Сбро� 2FA
 users.list_status_filter.menu_text=Фильтр
@@ -2690,11 +2577,7 @@ users.details=О пользователе
 emails.email_manage_panel=Управление �л. почтой пользовател�
 emails.primary=Первичный
 emails.activated=�ктивирован
-emails.filter_sort.email=Эл. почта
-emails.filter_sort.email_reverse=Эл. почта (обратный)
 emails.filter_sort.name=Им� пользовател�
-emails.filter_sort.name_reverse=Им� пользовател� (обратное)
-emails.updated=Email обновлён
 emails.not_updated=�е удало�ь обновить запрошенный адре� �лектронной почты: %v
 emails.duplicate_active=Этот адре� �лектронной почты уже активирован дл� другого пользовател�.
 emails.change_email_header=Обновить �вой�тва �лектронной почты
@@ -2810,25 +2693,17 @@ auths.oauth2_required_claim_name_helper=Задайте, чтобы ограниÑ
 auths.oauth2_required_claim_value=�еобходимое значение за�вки
 auths.oauth2_required_claim_value_helper=Задайте, чтобы ограничить вход � �того и�точника только пользовател�ми � за�вкой, имеющей такие им� и значение
 auths.oauth2_group_claim_name=Им� за�вки, указывающее имена групп дл� �того и�точника. (�еоб�зательно)
-auths.oauth2_admin_group=Значение за�вки группы дл� админи�траторов. (�еоб�зательно - требует�� им� за�вки выше)
-auths.oauth2_restricted_group=Значение за�вки группы дл� ограниченных пользователей. (�еоб�зательно - требует�� им� за�вки выше)
-auths.oauth2_map_group_to_team=Сопо�тавление за�вленных групп командам организации. (�еоб�зательно — требует�� им� за�вки выше)
 auths.oauth2_map_group_to_team_removal=Удалить пользователей из �инхронизированных команд, е�ли пользователь не принадлежит к �оответ�твующей группе.
 auths.enable_auto_register=Включить автоматиче�кую реги�трацию
 auths.sspi_auto_create_users=�втоматиче�ки �оздавать пользователей
-auths.sspi_auto_create_users_helper=Разрешить метод аутентификации SSPI дл� автоматиче�кого �оздани� новых учётных запи�ей дл� пользователей, которые впервые вход�т в �и�тему
 auths.sspi_auto_activate_users=�втоматиче�ки активировать пользователей
 auths.sspi_auto_activate_users_helper=Разрешить метод аутентификации SSPI дл� автоматиче�кой активации новых пользователей
 auths.sspi_strip_domain_names=Удал�ть доменные имена из имён пользователей
-auths.sspi_strip_domain_names_helper=Е�ли отмечено, доменные имена будут удалены из имен входов (например, "DOMAIN\user" и "user@example.org" �танут только "user").
 auths.sspi_separator_replacement=Разделитель дл� и�пользовани� вме�то \, / и @
-auths.sspi_separator_replacement_helper=Символ, и�пользуемый дл� замены разделителей имен входа нижнего уровн� (например. \ в "DOMAIN\user") и имена о�новных пользователей (например, @ в "user@example.org").
 auths.sspi_default_language=Язык пользовател� по умолчанию
-auths.sspi_default_language_helper=Язык по умолчанию дл� пользователей, автоматиче�ки �оздаваемый методом аутентификации SSPI. О�тавьте пу�тым, е�ли вы предпочитаете, чтобы �зык определ�л�� автоматиче�ки.
 auths.tips=Советы
 auths.tips.oauth2.general=�утентификаци� OAuth2
 auths.tip.oauth2_provider=По�тавщик OAuth2
-auths.tip.nextcloud=`Зареги�трируйте нового потребител� OAuth в вашем �кземпл�ре, и�пользу� меню "Settings -> Security -> OAuth 2.0 client"`
 auths.tip.mastodon=Введите пользователь�кий URL �кземпл�ра дл� �кземпл�ра mastodon, � которым вы хотите аутентифицировать�� (или и�пользовать его по умолчанию)
 auths.edit=Обновить параметры аутентификации
 auths.activated=И�точник аутентификации активирован
@@ -2871,8 +2746,6 @@ config.ssh_domain=Домен SSH �ервера
 config.ssh_port=Порт
 config.ssh_listen_port=Про�лушиваемый порт
 config.ssh_root_path=Корневой путь
-config.ssh_key_test_path=Путь к те�товому ключу
-config.ssh_keygen_path=Путь к генератору ключей ('ssh-keygen')
 config.ssh_minimum_key_size_check=Минимальный размер ключа проверки
 config.ssh_minimum_key_sizes=Минимальные размеры ключа
 
@@ -2930,7 +2803,6 @@ config.mailer_sendmail_path=Путь к Sendmail
 config.mailer_sendmail_args=Дополнительные аргументы дл� Sendmail
 config.mailer_sendmail_timeout=Тайм-аут Sendmail
 config.mailer_use_dummy=Заглушка
-config.test_email_placeholder=Электронна� почта (например, test@example.com)
 config.send_test_mail=Отправить те�товое пи�ьмо
 config.send_test_mail_submit=Отправить
 config.test_mail_failed=�е удало�ь отправить те�товое пи�ьмо на «%s»: %v
@@ -3009,7 +2881,6 @@ monitor.queue.maxnumberworkers=МакÑ�имальное количеÑ�тво Ñ€Ð
 monitor.queue.numberinqueue=Позици� в очереди
 monitor.queue.settings.title=�а�тройки пула
 monitor.queue.settings.desc=Пулы увеличивают�� динамиче�ки в ответ на блокировку очередей �воих рабочих.
-monitor.queue.settings.maxnumberworkers=Мак�имальное количе�тво рабочих
 monitor.queue.settings.maxnumberworkers.placeholder=В на�то�щее врем� %[1]d
 monitor.queue.settings.maxnumberworkers.error=Мак�имальное количе�тво рабочих должно быть чи�лом
 monitor.queue.settings.submit=Обновить на�тройки
@@ -3111,8 +2982,6 @@ error.no_committer_account=�ккаунт пользовател� � такой
 error.no_gpg_keys_found=�е найден ключ, �оответ�твующий данной подпи�и
 error.not_signed_commit=�еподпи�анный коммит
 error.failed_retrieval_gpg_keys=�е удало�ь получить ни одного ключа GPG автора коммита
-error.probable_bad_signature=В�ИМ��ИЕ! Хот� в базе данных е�ть ключ � �тим идентификатором, он не завер�ет �тот коммит! Этот коммит ПОДОЗРИТЕЛЬ�ЫЙ.
-error.probable_bad_default_signature=В�ИМ��ИЕ! Хот� ключ по умолчанию имеет �тот идентификатор, он не завер�ет �тот коммит! Этот коммит ПОДОЗРИТЕЛЬ�ЫЙ.
 
 [units]
 unit=Элемент
@@ -3149,7 +3018,6 @@ versions=Вер�ии
 versions.view_all=Показать в�ё
 dependency.id=ID
 dependency.version=Вер�и�
-alpine.registry=�а�тройте �тот рее�тр, добавив URL в файл <code>/etc/apk/repositories</code>:
 alpine.registry.key=Загрузите публичный ключ RSA рее�тра в каталог <code>/etc/apk/keys/</code> дл� проверки подпи�и индек�а:
 alpine.registry.info=Выберите $branch и $repository из �пи�ка ниже.
 alpine.install=Чтобы у�тановить пакет, выполните �ледующую команду:
@@ -3159,18 +3027,13 @@ alpine.repository.architectures=�рхитектуры
 arch.repository=О репозитории
 arch.repository.repositories=Репозитории
 arch.repository.architectures=�рхитектуры
-cargo.registry=�а�тройте �тот рее�тр в файле конфигурации Cargo (например, <code>~/.cargo/config.toml</code>):
 cargo.install=Чтобы у�тановить пакет � помощью Cargo, выполните �ледующую команду:
-chef.registry=�а�тройте �тот рее�тр в �воём файле <code>~/.chef/config.rb</code>:
 chef.install=Чтобы у�тановить пакет, выполните �ледующую команду:
-composer.registry=�а�тройте �тот рее�тр в файле <code>~/.composer/config.json</code>:
 composer.install=Чтобы у�тановить пакет � помощью Composer, выполните �ледующую команду:
 composer.dependencies=Зави�имо�ти
 composer.dependencies.development=Зави�имо�ти дл� разработки
 conan.details.repository=Репозиторий
-conan.registry=�а�троить рее�тр из командной �троки:
 conan.install=Чтобы у�тановить пакет � помощью Conan, выполните �ледующую команду:
-conda.registry=Пропишите �тот рее�тр в каче�тве репозитори� Conda в �воём файле <code>.condarc</code>:
 conda.install=Чтобы у�тановить пакет � помощью Conda, выполните �ледующую команду:
 container.details.type=Тип образа
 container.details.platform=Платформа
@@ -3180,9 +3043,7 @@ container.layers=Слои образа
 container.labels=Метки
 container.labels.key=Ключ
 container.labels.value=Значение
-cran.registry=�а�тройте �тот рее�тр в файле <code>Rprofile.site</code>:
 cran.install=Чтобы у�тановить пакет, выполните �ледующую команду:
-debian.registry=�а�троить рее�тр из командной �троки:
 debian.registry.info=Выберите $distribution и $component из �пи�ка ниже.
 debian.install=Чтобы у�тановить пакет, выполните �ледующую команду:
 debian.repository=О репозитории
@@ -3191,16 +3052,11 @@ debian.repository.components=Компоненты
 debian.repository.architectures=�рхитектуры
 generic.download=Скачать пакет из командной �троки:
 go.install=У�тановите пакет из командной �троки:
-helm.registry=�а�троить рее�тр из командной �троки:
 helm.install=Чтобы у�тановить пакет, выполните �ледующую команду:
-maven.registry=�а�тройте рее�тр в файле <code>pom.xml</code> вашего проекта:
-maven.install=Чтобы и�пользовать пакет, включите в блок <code>dependencies</code> в файле <code>pom.xml</code> �ледующее:
 maven.install2=Выполнить через командную �троку:
 maven.download=Чтобы �качать зави�имо�ть, запу�тите в командной �троке:
-nuget.registry=�а�троить рее�тр из командной �троки:
 nuget.install=Чтобы у�тановить пакет � помощью NuGet, выполните �ледующую команду:
 nuget.dependency.framework=Целевой фреймворк
-npm.registry=�а�тройте рее�тр в файле <code>.npmrc</code> вашего проекта:
 npm.install=Чтобы у�тановить пакет � помощью npm, выполните �ледующую команду:
 npm.install2=или добавьте его в файл package.json:
 npm.dependencies=Зави�имо�ти
@@ -3211,7 +3067,6 @@ npm.details.tag=Тег
 pub.install=Чтобы у�тановить пакет � помощью Dart, выполните �ледующую команду:
 pypi.requires=Требует�� Python
 pypi.install=Чтобы у�тановить пакет � помощью pip, выполните �ледующую команду:
-rpm.registry=�а�троить рее�тр из командной �троки:
 rpm.distros.redhat=на ди�трибутивах �емей�тва RedHat
 rpm.distros.suse=на ди�трибутивах �емей�тва SUSE
 rpm.install=Чтобы у�тановить пакет, выполните �ледующую команду:
@@ -3223,7 +3078,6 @@ rubygems.dependencies.runtime=Зави�имо�ти времени выполн
 rubygems.dependencies.development=Зави�имо�ти дл� разработки
 rubygems.required.ruby=Требует�� вер�и� Ruby
 rubygems.required.rubygems=Требует�� вер�и� RubyGem
-swift.registry=�а�троить рее�тр из командной �троки:
 swift.install=Добавьте пакет в �вой файл <code>Package.swift</code>:
 swift.install2=и запу�тите �ледующую команду:
 vagrant.install=Чтобы добавить бок� Vagrant, выполните �ледующую команду:
@@ -3245,7 +3099,6 @@ owner.settings.cargo.initialize.error=�е удало�ь инициализир
 owner.settings.cargo.initialize.success=Индек� Cargo у�пешно �оздан.
 owner.settings.cargo.rebuild=Пере�троить индек�
 owner.settings.cargo.rebuild.error=�е удало�ь пере�троить индек� Cargo: %v
-owner.settings.cargo.rebuild.success=Индек� Cargo у�пешно пере�троен.
 owner.settings.cleanuprules.title=Управление правилами очи�тки
 owner.settings.cleanuprules.add=Добавить правило очи�тки
 owner.settings.cleanuprules.edit=Изменить правило очи�тки
@@ -3272,12 +3125,13 @@ owner.settings.chef.keypair=Создать пару ключей
 secrets=Секреты
 description=Секреты будут передавать�� определенным дей�тви�м и не могут быть прочитаны иначе.
 none=Секретов пока нет.
-creation=Добавить �екрет
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Опи�ание
 creation.name_placeholder=реги�тр не важен, только алфавитно-цифровые �имволы и подчёркивани�, не может начинать�� � GITEA_ или GITHUB_
 creation.value_placeholder=Введите любое �одержимое. Пробельные �имволы в начале и конце будут опущены.
-creation.success=Секрет «%s» добавлен.
-creation.failed=�е удало�ь добавить �екрет.
+
+
 deletion=Удалить �екрет
 deletion.description=Удаление �екрета необратимо, его нельз� отменить. Продолжить?
 deletion.success=Секрет удалён.
@@ -3325,7 +3179,6 @@ runners.delete_runner=Удалить �тот раннер
 runners.delete_runner_success=Раннер у�пешно удалён
 runners.delete_runner_failed=�е удало�ь удалить раннер
 runners.delete_runner_header=Подтвердите удаление раннера
-runners.delete_runner_notice=Е�ли на �том раннере выполн�ет�� задание, оно будет завершено и помечено как неудачное. Это может нарушить рабочий поток �борки.
 runners.none=�ет до�тупных раннеров
 runners.status.unspecified=�еизве�тно
 runners.status.idle=Про�таивает
diff --git a/options/locale/locale_si-LK.ini b/options/locale/locale_si-LK.ini
index 2cd7fb29b9..39c3835eb9 100644
--- a/options/locale/locale_si-LK.ini
+++ b/options/locale/locale_si-LK.ini
@@ -145,10 +145,6 @@ sqlite_helper=SQLite3 දත්ත සමුද�ය සඳහ� ගොනු
 err_empty_db_path=SQLite3 දත්ත සමුද� ම�ර්ගය හිස් විය නොහ�ක.
 no_admin_and_disable_registration=පරිප�ලක ගිණුමක් නිර්ම�ණය නොකර පරි�ීලක ස්වයං ලිය�පදිංචිය අක්රිය කළ නොහ�ක.
 err_empty_admin_password=පරිප�ලක මුරපදය හිස් විය නොහ�ක.
-err_empty_admin_email=පරිප�ලක විද්යුත් ත�පෑල හිස් විය නොහ�ක.
-err_admin_name_is_reserved=පරිප�ලක පරි�ීලක න�මය අවලංගුයි, පරි�ීලක න�මය වෙන් කර ඇත
-err_admin_name_pattern_not_allowed=පරිප�ලක පරි�ීලක න�මය අවලංගුයි, පරි�ීලක න�මය වෙන් කළ රට�වකට ග�ලපෙයි
-err_admin_name_is_invalid=පරිප�ලක පරි�ීලක න�මය වලංගු නොවේ
 
 general_title=පොදු ස�කසුම්
 app_name=අඩවියේ සිර�සිය
@@ -163,7 +159,6 @@ domain_helper=සේව�ද�යකය සඳහ� ඩොමේන් හ�
 ssh_port=SSH සේව�ද�යකය වර�ය
 ssh_port_helper=වර�ය අංකය ඔබගේ SSH සේව�ද�යකය සවන් දෙයි. අක්රිය කිරීමට හිස් තබන්න.
 http_port=HTTP සවන් දෙන්න වර�ය
-http_port_helper=වර�ය අංකය Giteas වෙබ් සේව�ද�යකය මත සවන් දෙනු ඇත.
 app_url=මූලික URL එක කරන්න
 app_url_helper=HTTP සඳහ� මූලික ලිපිනය (S) URL පරිගණක ක්රිඩ�වට සම�න සහ විද්යුත් ත�ප�ල් ද�නුම්දීම්.
 log_root_path=ලොග් ම�ර්ගය
@@ -266,7 +261,6 @@ allow_password_change=මුරපදය වෙනස් කිරීමට පà
 reset_password_mail_sent_prompt=තහවුරු කිරීමේ විද්යුත් ත�පෑලක් <b>%s</b>වෙත යව� ඇත. ඊළඟ තුළ ඔබගේ එන ලිපි පරීක්ෂ� කරන්න %s ගිණුම යථ� ක්රිය�වලිය සම්පූර්ණ කිරීම සඳහ�.
 active_your_account=ඔබගේ ගිණුම ක්�රිය�ත්මක කරන්න
 account_activated=ඔබගේ ගිණුම ක්�රිය�ත්මක කර ඇත
-prohibit_login=තහනම් දී අත්සන්
 resent_limit_prompt=ඔබ ද�නටමත් මෑතකදී සක්රිය කිරීමේ විද්යුත් ත�පෑලක් ඉල්ල� ඇත. කරුණ�කර 3 මිනිත්තු බල� න�වත උත්ස�හ කරන්න.
 has_unconfirmed_mail=හ�යි %s, ඔබට තහවුරු නොකළ විද්යුත් ත�ප�ල් ලිපිනයක් ඇත (<b>%s</b>). ඔබට තහවුරු කිරීමේ විද්යුත් ත�පෑලක් නොල�බුනේ නම් හ� නව එකක් න�වත ය�වීමට අව�්ය නම්, කරුණ�කර පහත බොත්තම ක්ලික් කරන්න.
 resend_mail=ඔබගේ සක්රිය කිරීමේ විද්යුත් ත�පෑල න�වත ය�වීමට මෙහි ක්ලික් කරන්න
@@ -296,13 +290,10 @@ openid_connect_title=දà·�නට පවතින ගිණුමකට සමà·
 openid_connect_desc=ත�ර�ගත් OpenID URI නොදනී. මෙහි නව ගිණුමක් සමඟ එය සම්බන්ධ කරන්න.
 openid_register_title=නව ගිණුමක් ස�දන්න
 openid_register_desc=ත�ර�ගත් OpenID URI නොදනී. මෙහි නව ගිණුමක් සමඟ එය සම්බන්ධ කරන්න.
-disable_forgot_password_mail=කිසිදු ඊ-ත�ප�ල් සකස් කර නොම�ති නිස� ගිණුම් ප්රතිස�ධනය අක්රීය කර ඇත. කරුණ�කර ඔබේ වෙබ් අඩවි පරිප�ලක අමතන්න.
-disable_forgot_password_mail_admin=ගිණුම් ප්රතිස�ධනය ලබ� ගත හ�ක්කේ විද්යුත් ත�පෑල සකස් කරන විට පමණි. කරුණ�කර ගිණුම් ප්රතිස�ධනය සක්රීය කිරීම සඳහ� විද්යුත් ත�පෑලක් සකසන්න.
 email_domain_blacklisted=ඔබට ඔබගේ විද්යුත් ත�ප�ල් ලිපිනය සමඟ ලිය�පදිංචි විය නොහ�ක.
 authorize_application=අයදුම්පත සඳහ� බලය ප�වරීම
 authorize_redirect_notice=ඔබ මෙම යෙදුමට බලය පවරන්නේ නම් ඔබව %s වෙත හරව� යවනු ල�බේ.
 authorize_application_created_by=මෙම යෙදුම %sවිසින් නිර්ම�ණය කරන ලදී.
-authorize_application_description=ඔබ ප්රවේ�ය ලබ� දෙන්නේ නම්, පුද්ගලික රිප�ස් සහ සංවිධ�න ඇතුළු ඔබගේ ගිණුම් තොරතුරු වෙත ප්රවේ� වීමට සහ ලිවීමට හ�කි වනු ඇත.
 authorize_title=ඔබගේ ගිණුමට ප්රවේ� වීමට "%s" බලය පවරන්නද?
 authorization_failed=බලය ප�වරීම අස�ර්ථකයි
 sspi_auth_failed=SSPI සත්ය�පන අසමත් විය
@@ -322,8 +313,6 @@ activate_email=ඔබගේ විද්යුත් තà·�පà·�ල් ලිà¶
 activate_email.text=තුළ ඔබගේ විද්යුත් ත�ප�ල් ලිපිනය සත්ය�පනය කිරීමට පහත සබ�ඳිය ක්ලික් කරන්න <b>%s</b>:
 
 register_notify.title=%[1]s, %[2]s වෙත ස�දරයෙන් පිළිගනිමු
-register_notify.text_1=මෙය %sසඳහ� ඔබගේ ලිය�පදිංචි තහවුරු කිරීමේ විද්යුත් ත�පෑලයි!
-register_notify.text_2=ඔබට ද�න් පරි�ීලක න�මය හරහ� පිවිසිය හ�කිය: %s.
 register_notify.text_3=මෙම ගිණුම ඔබ වෙනුවෙන් නිර්ම�ණය කර තිබේ නම්, කරුණ�කර <a href="%s">ඔබගේ මුරපදය</a> පළමු සකසන්න.
 
 reset_password=ඔබගේ ගිණුම ප්�රතිස�ධනය
@@ -361,7 +350,6 @@ release.download.targz=ප්�රභව කේතය (TAR.GZ)
 repo.transfer.subject_to=%s "%s" සිට %sදක්ව� ම�රු කිරීමට ක�මතියි
 repo.transfer.subject_to_you=%s "%s" ඔබ වෙත ම�රු කිරීමට ක�මතියි
 repo.transfer.to_you=ඔබ
-repo.transfer.body=එය පිළිග�නීමට හ� ප්රතික්ෂේප කිරීමට පිවිසෙන්න %s හ� එය නොසලක� හරින්න.
 
 repo.collaborator.added.subject=%s ඔබව %s ට එකතු කළ�
 repo.collaborator.added.text=ඔබ ගබඩ�වේ සහය�ගිත�කරුවෙකු ලෙස එකතු කර ඇත:
@@ -414,11 +402,9 @@ username_been_taken=පරි�ීලක න�මය ද�නටමත් ග
 username_change_not_local_user=දේ�ීය නොවන පරි�ීලකයින්ට ඔවුන්ගේ පරි�ීලක න�මය වෙනස් කිරීමට අවසර න�ත.
 repo_name_been_taken=ක�ෂ්ඨයේ නම භ�විත� කර ඇත.
 repository_files_already_exist=මෙම ගබඩ�ව සඳහ� ලිපිගොනු ද�නටමත් පවතී. පද්ධති පරිප�ලක අමතන්න.
-repository_files_already_exist.adopt=මෙම ගබඩ�ව සඳහ� ලිපිගොනු ද�නටමත් පවතින අතර එය අනුගමනය කළ හ�කිය.
 repository_files_already_exist.delete=මෙම ගබඩ�ව සඳහ� ලිපිගොනු ද�නටමත් පවතී. ඔබ ඒව� මක� ද�මිය යුතුය.
 repository_files_already_exist.adopt_or_delete=මෙම ගබඩ�ව සඳහ� ලිපිගොනු ද�නටමත් පවතී. එක්ක� ඒව� අනුගමනය කරන්න හ� ඒව� මක� දමන්න.
 visit_rate_limit=දුරස්ථ සංච�රය අනුප�ත සීම� කිරීම ආමන්ත්රණය කරන ලදී.
-2fa_auth_required=දුරස්ථ සංච�රය ස�ධක දෙකක් සත්ය�පනය අව�්ය විය.
 org_name_been_taken=සංවිධ�නයේ නම ද�නටමත් ගෙන ඇත.
 team_name_been_taken=කණ්ඩ�යමේ නම ද�නටමත් ගෙන ඇත.
 team_no_units_error=අවම ව�යෙන් එක් ගබඩ�වක් වෙත ප්රවේ� වීමට ඉඩ දෙන්න.
@@ -530,7 +516,6 @@ activate_email=සක්රිය යවන්න
 activations_pending=අව�්ය ක්රිය�ක�රකම්
 delete_email=ඉවත් කරන්න
 email_deletion=වි-ත�පෑල ඉවත් කරන්න
-email_deletion_desc=විද්යුත් ත�ප�ල් ලිපිනය සහ අද�ළ තොරතුරු ඔබගේ ගිණුමෙන් ඉවත් කරනු ල�බේ. මෙම විද්යුත් ත�ප�ල් ලිපිනය මගින් Git විවරණය නොවෙනස්ව පවතිනු ඇත. දිගටම?
 email_deletion_success=විද්යුත් ත�ප�ල් ලිපිනය ඉවත් කර ඇත.
 theme_update_success=ඔබගේ තේම�ව ය�වත්ක�ල කෙරිණි.
 theme_update_error=ත�ර�ගත් තේම�ව නොපවතී.
@@ -571,7 +556,6 @@ gpg_key_matched_identities_long=මෙම යතුර තුළ ක�ව�ද
 gpg_key_verified=සත්ය�පිත යතුර
 gpg_key_verified_long=යතුර ට�කනයක් සමඟ සත්ය�පනය කර ඇති අතර මෙම යතුර සඳහ� ඕනෑම ග�ලපෙන අනන්යත�වයන්ට අමතරව මෙම පරි�ීලකය� සඳහ� ඕනෑම සක්රිය විද්යුත් ත�ප�ල් ලිපින වලට ග�ලපෙන වෙනස්වීම් සත්ය�පනය කිරීමට භ�විත� කළ හ�කිය.
 gpg_key_verify=සත්ය�පනය කරන්න
-gpg_invalid_token_signature=සපයන ලද GPG යතුර, අත්සන සහ ට�කනය නොග�ලපේ.
 gpg_token_required=පහත ට�කනය සඳහ� ඔබ අත්සනක් ලබ� දිය යුතුය
 gpg_token=ට�කනය
 gpg_token_help=ඔබට අත්සනක් ජනනය කළ හ�කිය:
@@ -593,7 +577,6 @@ gpg_key_deletion=ජීපීජී යතුර ඉවත් කරන්න
 ssh_principal_deletion=SSH සහතිකය විදුහල්පති ඉවත් කරන්න
 ssh_key_deletion_desc=SSH යතුරක් ඉවත් කිරීම ඔබගේ ගිණුමට එහි ප්රවේ�ය අවලංගු කරයි. දිගටම?
 gpg_key_deletion_desc=GPG යතුරක් ඉවත් කිරීම එක්සත් ජ�තීන්ගේ-සත්ය�පනය කරයි එය අත්සන් කර ඇත. දිගටම?
-ssh_principal_deletion_desc=SSH සහතිකයේ විදුහල්පති ඉවත් කිරීම ඔබගේ ගිණුමට ප්රවේ�ය අවලංගු කරයි. දිගටම?
 ssh_key_deletion_success=SSH යතුර ඉවත් කර ඇත.
 gpg_key_deletion_success=GPG යතුර ඉවත් කර ඇත.
 ssh_principal_deletion_success=විදුහල්පති ඉවත් කර ඇත.
@@ -646,12 +629,10 @@ oauth2_application_create_description=OUTU2 යෙදුම් මෙම අවà
 authorized_oauth2_applications=බලයලත් OUTU2
 revoke_key=අවලංගු
 revoke_oauth2_grant=ප්රවේ� අවලංගු
-revoke_oauth2_grant_description=මෙම තෙවන ප�ර්�වීය යෙදුම සඳහ� ප්රවේ�ය අවලංගු කිරීමෙන් මෙම යෙදුම ඔබගේ දත්ත වෙත ප්රවේ� වීම වළක්වනු ඇත. ඔබට වි�්ව�සද?
 
 twofa_is_enrolled=ඔබගේ ගිණුම ද�නට <strong>ස�ධක දෙකක සත්ය�පනය තුළ</strong> ලිය�පදිංචි කර ඇත.
 twofa_not_enrolled=ඔබගේ ගිණුම ද�නට ස�ධක දෙකක සත්ය�පනය තුළ ලිය�පදිංචි වී නොම�ත.
 twofa_disable=ද්වි-ස�ධක සත්ය�පනය අක්රීය කරන්න
-twofa_enroll=ද්වි-ස�ධක සත්ය�පන බවට ඇතුල්
 twofa_disable_note=අව�්ය නම් ඔබට ද්වි-ස�ධක සත්ය�පනය අක්රිය කළ හ�කිය.
 twofa_disable_desc=ද්වි-ස�ධක සත්ය�පනය අක්රීය කිරීමෙන් ඔබගේ ගිණුම අඩු ආරක්ෂිත වනු ඇත. දිගටම?
 twofa_disabled=ද්වි-ස�ධක සත්ය�පනය අක්රීය කර ඇත.
@@ -664,7 +645,6 @@ twofa_failed_get_secret=රහස්ය වීමට අසමත් විය.
 
 manage_account_links=සම්බන්ධිත ගිණුම් කළමන�කරණය කරන්න
 manage_account_links_desc=මෙම බ�හිර ගිණුම් ඔබගේ Gitea ගිණුමට සම්බන්ධ කර ඇත.
-account_links_not_available=ද�නට ඔබගේ Gitea ගිණුමට සම්බන්ධ බ�හිර ගිණුම් නොම�ත.
 link_account=ගිණුම සබ�ඳින්න
 remove_account_link=සම්බන්ධිත ගිණුම ඉවත් කරන්න
 remove_account_link_desc=සම්බන්ධිත ගිණුමක් ඉවත් කිරීම ඔබගේ Gitea ගිණුමට එහි ප්රවේ�ය අවලංගු කරනු ඇත. දිගටම?
@@ -742,7 +722,6 @@ mirror_address_desc=අව�්ය ඕනෑම අක්තපත්ර බල
 mirror_lfs=වි��ල ගොනු ගබඩ� (LFS)
 mirror_lfs_desc=LFS දත්ත පතිබිම්බ�ත්මක සක්රිය.
 mirror_lfs_endpoint=LFS එන්පොයින්ට්
-mirror_lfs_endpoint_desc=සමමුහුර්ත කරන්න කිරීමට පරිගණක ක්රිඩ�වට සම�න url එක භ�විත� කිරීමට උත්ස�හ කරනු ඇත <a target="_blank" rel="noopener noreferrer" href="%s">LFS සේව�ද�යකය තීරණය</a>. නිධිය LFS දත්ත වෙන කොහේ හරි ගබඩ� කර තිබේ නම් ඔබට අභිරුචි අන්ත ලක්ෂ්යයක් නියම කළ හ�කිය.
 mirror_last_synced=අවසන් සමමුහුර්ත
 mirror_password_placeholder=(නොවෙනස්ව)
 mirror_password_blank_placeholder=(නොපිහිටුවිය)
@@ -753,7 +732,6 @@ forks=දෙබලක
 reactions_more=සහ තවත් %d
 unit_disabled=අඩවි පරිප�ලක විසින් මෙම ගබඩ�ව අක්රීය කර ඇත.
 language_other=වෙනත්
-adopt_search=සම්මත නොකළ නිධි සෙවීම සඳහ� පරි�ීලක න�මය ඇතුළත් කරන්න... (සියල්ල සොය� ග�නීමට හිස්ව තබන්න)
 adopt_preexisting_label=ගොනු සම්ප�දනය
 adopt_preexisting=පෙර පවතින ලිපිගොනු අනුගමනය කරන්න
 adopt_preexisting_content=%s වෙතින් ක�ෂ්ඨය ස�දන්න
@@ -797,14 +775,12 @@ migrate.clone_address=URL එක සිට සංක්රමණය/පරිග
 migrate.clone_address_desc=පවතින ගබඩ�වේ HTTP (S) හ� Git 'පරිගණක ක්රිඩ�වට සම�න' URL
 migrate.clone_local_path=හ� දේ�ීය සේව�ද�යක ම�ර්ගයක්
 migrate.permission_denied=දේ�ීය ගබඩ�වන් ආනයනය කිරීමට ඔබට අවසර න�ත.
-migrate.permission_denied_blocked=ඔබට අවසර නොලත් ධ�රකයන් වෙතින් ආය�ත කළ නොහ�ක, කරුණ�කර ALUWED_DOMAINS/LOCALNTWorks/BLOCKED_DOMAINSS ස�කසුම් පරීක්ෂ� කිරීමට පරි
 migrate.invalid_lfs_endpoint=මෙම LFS අවසන් ලක්ෂ්යය වලංගු නොවේ.
 migrate.failed=සංක්රමණය අස�ර්ථකයි: %v
 migrate.migrate_items_options=අමතර අයිතම සංක්රමණය කිරීම සඳහ� ප්රවේ� ට�කනය අව�්ය වේ
 migrated_from=<a href="%[1]s">%[2]s සිට</a>දක්ව� සංක්රමණය වී ඇත
 migrated_from_fake=සංක්රමණය වූ ගෙම්%[1]s
 migrate.migrate=%sසිට සංක්රමණය
-migrate.migrating=<b>%s</b> සිට සංක්රමණය වීම...
 migrate.migrating_failed=<b>%s</b> සිට සංක්රමණය වීම අස�ර්ථක විය.
 migrate.migrating_failed_no_addr=සංක්රමණය අස�ර්ථකයි.
 migrate.git.description=ඕනෑම Git සේව�වකින් පමණක් ගබඩ�වක් සංක්රමණය කරන්න.
@@ -838,7 +814,6 @@ quick_guide=ඉක්මන් ම�ර්ග�පදේ�ය
 clone_this_repo=මෙම ගබඩ�ව පරිගණක ක්රිඩ�වට සම�න
 create_new_repo_command=විධ�න රේඛ�වේ නව ගබඩ�වක් නිර්ම�ණය කිරීම
 push_exist_repo=විධ�න රේඛ�වේ සිට පවත්න� ගබඩ�වක් තල්ලු කිරීම
-empty_message=මෙම ගබඩ�ව කිසිදු අන්තර්ගතයක් අඩංගු නොවේ.
 
 code=කේතය
 code.desc=ප්රවේ� මූල කේතය, ගොනු, විවරයන් සහ ��ඛ�.
@@ -853,7 +828,6 @@ issues=ග�ටළු
 pulls=ඉල්ලීම් අදින්න
 projects=ව්�ය�පෘති
 labels=ලේබල
-org_labels_desc=මෙම සංවිධ�නය යටතේ <strong>සියලුම ගබඩ�වලදී</strong> සමඟ භ�විත� කළ හ�කි සංවිධ�න මට්ටමේ ලේබල්
 org_labels_desc_manage=කළමන�කරණය
 
 milestones=සන්ධිස්ථ�න
@@ -874,7 +848,6 @@ file_too_large=ගොනුව පෙන්වීමට තරම් විà·�à·
 file_copy_permalink=පිටපත් ම�මලින්ක්
 video_not_supported_in_browser=ඔබගේ බ්රව්සරය HTML5 'වීඩිය�' ට�ගය සඳහ� සහය නොදක්වයි.
 audio_not_supported_in_browser=ඔබගේ බ්රව්සරය HTML5 '�්රව්ය' ට�ගය සඳහ� සහය නොදක්වයි.
-stored_lfs=Git LFS සමඟ ගබඩ�
 symbolic_link=සංකේත�ත්මක සබ�ඳිය
 commit_graph=ප්රස්ත�රය ක�ප
 commit_graph.select=��ඛ� ත�රන්න
@@ -918,13 +891,13 @@ editor.file_changed_while_editing=ඔබ සංස්කරණය කිරීà¶
 editor.commit_empty_file_header=හිස් ගොනුවක් ක�ප කරන්න
 editor.commit_empty_file_text=ඔබ ක�ප කිරීමට යන ගොනුව හිස් ය. ඉදිරියට?
 editor.no_changes_to_show=පෙන්වීමට කිසිදු වෙනසක් න�ත.
-editor.fail_to_update_file_summary=ද�ෂ පණිවිඩය:
 editor.push_rejected_summary=පූර්ණ ප්රතික්ෂේප පණිවිඩය:
 editor.add_subdir=ඩිරෙක්ටරියක් එක් කරන්න…
 editor.no_commit_to_branch=��ඛ�වට කෙලින්ම ක�පවිය නොහ�කි නිස�:
 editor.user_no_push_to_branch=පරි�ීලකය�ට ��ඛ�වට තල්ලු කළ නොහ�ක
 editor.require_signed_commit=��ඛ�වට අත්සන් කළ ක�පවීමක් අව�්ය වේ
 
+
 commits.desc=මූල��්ර කේත වෙනස් කිරීමේ ඉතිහ�සය පිරික්සන්න.
 commits.commits=විවරයන්
 commits.nothing_to_compare=මෙම ��ඛ� සම�න වේ.
@@ -1025,7 +998,6 @@ issues.filter_label_no_select=සියලු ලේබල
 issues.filter_milestone=සන්ධිස්ථ�නය
 issues.filter_project_none=ව්�ය�පෘති න�ත
 issues.filter_assignee=අස්ගිනී
-issues.filter_assginee_no_assignee=කිසිදු අස්ව�ද්දුමක්
 issues.filter_type=වර්ගය
 issues.filter_type.all_issues=සියලු ග�ටළු
 issues.filter_type.assigned_to_you=ඔබට පවර� ඇත
@@ -1035,7 +1007,6 @@ issues.filter_type.review_requested=සම�ල�චනය ඉල්ල�
 issues.filter_sort=වර්ග
 issues.filter_sort.latest=නවතම
 issues.filter_sort.oldest=ප�රණිතම
-issues.filter_sort.recentupdate=මෑතදී ය�වත්ක�ල
 issues.filter_sort.leastupdate=අවම ව�යෙන් මෑතකදී ය�වත්ක�ලීන
 issues.filter_sort.mostcomment=බොහ� අදහස්
 issues.filter_sort.leastcomment=අවම ව�යෙන් අදහස්
@@ -1112,7 +1083,6 @@ issues.subscribe=ද�යක වන්න
 issues.unsubscribe=ද�යක වන්න
 issues.lock=ලොක් සංව�දය
 issues.unlock=සංව�දය අගුළු ඇරීමට
-issues.lock.unknown_reason=නොදන්න� හේතුවක් සමඟ ග�ටළුවක් අගුලු ද�මිය නොහ�ක.
 issues.lock_duplicate=ප්ර�්නයක් දෙවරක් අගුලු ද�මිය නොහ�ක.
 issues.unlock_error=අගුලු දම� න�ති බව ප්ර�්නයක් අන්ලොක් කරන්න බ�හ�.
 issues.lock_with_reason=<strong>%s</strong> ලෙස අගුළු දම� ඇති අතර සහය�ගීත�කරුවන්ට සීමිත සංව�දයක් %s
@@ -1120,7 +1090,6 @@ issues.lock_no_reason=සහය�ගීත�කරුවන්ට අගුළ
 issues.unlock_comment=මෙම සංව�දය අගුළු ද�මීය %s
 issues.lock_confirm=අගුළු ලන්න
 issues.unlock_confirm=අගුළු හරින්න
-issues.lock.notice_1=- වෙනත් පරි�ීලකයින්ට මෙම ග�ටළුව සඳහ� නව අදහස් එකතු කළ නොහ�ක.
 issues.lock.notice_2=- මෙම ගබඩ�වට ප්රවේ�ය ඇති ඔබට සහ වෙනත් සහය�ගීකයින්ට තවමත් අන් අයට ද�කිය හ�කි අදහස් ද�ක්විය හ�කිය.
 issues.lock.notice_3=- අන�ගතයේදී ඔබට මෙම ග�ටළුව න�වත විවෘත කළ හ�කිය.
 issues.unlock.notice_1=- සෑම කෙනෙකුටම මෙම ග�ටලුව ග�න අදහස් ද�ක්වීමට හ�කි වනු ඇත.
@@ -1171,8 +1140,6 @@ issues.dependency.pr_closing_blockedby=මෙම ඇදීමේ ඉල්ලී
 issues.dependency.issue_closing_blockedby=මෙම ග�ටළුව අවසන් කිරීම පහත සඳහන් ග�ටළු මගින් අවහිර කරනු ල�බේ
 issues.dependency.issue_close_blocks=මෙම ග�ටළුව පහත සඳහන් ග�ටළු අවසන් කිරීම
 issues.dependency.pr_close_blocks=පහත සඳහන් ග�ටළු අවසන් කිරීම මෙම අදින්න ඉල්ලීම අවහිර කරයි
-issues.dependency.issue_close_blocked=ඔබට එය වස� ද�මීමට පෙර මෙම ග�ටළුව අවහිර කරන සියලුම ග�ටළු වස� ද�මිය යුතුය.
-issues.dependency.pr_close_blocked=ඔබ එය ඒක�බද්ධ කිරීමට පෙර මෙම අදින්න ඉල්ලීම අවහිර සියලු ප්ර�්න වස� ද�මීමට අව�්ය.
 issues.dependency.blocks_short=බ්ලොක්
 issues.dependency.blocked_by_short=මත රඳ� පවතී
 issues.dependency.remove_header=පර�යත්තය ඉවත් කරන්න
@@ -1183,12 +1150,10 @@ issues.dependency.add_error_same_issue=ඔබට ප්ර�්නයක් ත
 issues.dependency.add_error_dep_issue_not_exist=ය�පෙන ප්ර�්නය නොපවතී.
 issues.dependency.add_error_dep_not_exist=පර�යත්තය නොපවතී.
 issues.dependency.add_error_dep_exists=පර�යත්තය ද�නටමත් පවතී.
-issues.dependency.add_error_cannot_create_circular=ඔබ එකිනෙක� අවහිර ප්ර�්න දෙකක් සමග ය�පීමක් නිර්ම�ණය කළ නොහ�ක.
 issues.dependency.add_error_dep_not_same_repo=මෙම ග�ටළු දෙකම එකම ගබඩ�වේ තිබිය යුතුය.
 issues.review.self.approval=ඔබ ඔබේ ම අදින්න ඉල්ලීම අනුමත කළ නොහ�ක.
 issues.review.self.rejection=ඔබ ඔබේ ම අදින්න ඉල්ලීම මත වෙනස්කම් ඉල්ල� සිටිය නොහ�ක.
 issues.review.approve=මෙම වෙනස්කම් අනුමත %s
-issues.review.dismissed=%sහි සම�ල�චනය %sප්රතික්ෂේප කරන ලද
 issues.review.dismissed_label=බ�හ�ර
 issues.review.left_comment=අදහසක් හ�රගිය�
 issues.review.content.empty=ඉල්ලූ වෙනස (ය) පෙන්නුම් කරමින් ඔබ අදහස් ද�ක්වීමක් කළ යුතුය.
@@ -1196,7 +1161,6 @@ issues.review.reject=%s ඉල්ලූ වෙනස්කම්
 issues.review.wait=සම�ල�චනය සඳහ� ඉල්ල� සිටියේය %s
 issues.review.add_review_request=%s %sසිට සම�ල�චන ඉල්ල�
 issues.review.remove_review_request=සඳහ� ඉවත් සම�ල�චන ඉල්ලීම %s %s
-issues.review.remove_review_request_self=%sසම�ල�චනය කිරීම ප්රතික්ෂේප කළේය
 issues.review.pending=වංගු
 issues.review.review=සම�ල�චනය
 issues.review.reviewers=සම�ල�චකයන්
@@ -1209,7 +1173,6 @@ issues.review.resolve_conversation=සංව�දය විසඳන්න
 issues.review.un_resolve_conversation=නොවිසඳිය හ�කි සංව�දය
 issues.review.resolved_by=මෙම සංව�දය විසඳ� ඇති පරිදි සලකුණු කර ඇත
 issues.review.commented=අදහස
-issues.assignee.error=අනපේක්ෂිත ද�ෂයක් හේතුවෙන් සියලුම ඇසිග්නස් එකතු නොකළේය.
 issues.reference_issue.body=�රීරය
 issues.content_history.deleted=මක� ද�මූ
 issues.content_history.edited=සංස්කරණය
@@ -1252,7 +1215,6 @@ pulls.add_prefix=<strong>%s</strong> උපසර්ගය එකතු කරà¶
 pulls.remove_prefix=<strong>%s</strong> උපසර්ගය ඉවත් කරන්න
 pulls.data_broken=අතුරුදහන් වූ දෙබලක තොරතුරු හේතුවෙන් මෙම අදින්න ඉල්ලීම ක�ඩී ඇත.
 pulls.files_conflicted=මෙම අදින්න ඉල්ලීම ඉලක්කගත ��ඛ�ව සමග එකිනෙකට වෙනස් වෙනස්කම් ඇත.
-pulls.is_checking=ග�ටුම් පරීක්ෂ� කිරීම ඒක�බද්ධ කිරීම ක්රිය�ත්මක වෙමින් පවතී. සුළු මොහොතකින් න�වත උත්ස�හ කරන්න.
 pulls.required_status_check_failed=සමහර අව�්ය චෙක්පත් ස�ර්ථක නොවීය.
 pulls.required_status_check_missing=සමහර අව�්ය චෙක්පත් අස්ථ�නගත වී ඇත.
 pulls.required_status_check_administrator=පරිප�ලකයෙකු ලෙස, ඔබ තවමත් මෙම අදින්න ඉල්ලීම ඒක�බද්ධ කළ හ�කිය.
@@ -1267,28 +1229,20 @@ pulls.reject_count_1=වෙනස් කිරීමේ ඉල්ලීම් %d
 pulls.reject_count_n=වෙනස් කිරීමේ ඉල්ලීම් %d
 pulls.waiting_count_1=%d සම�ල�චන බල�
 pulls.waiting_count_n=%d සම�ල�චන බල�
-pulls.wrong_commit_id=ඉලක්කගත ��ඛ�වේ ක�පවූ හ�ඳුනුම්පතක් විය යුතුය
 
 pulls.no_merge_desc=සියලු නිධි ඒක�බද්ධ විකල්ප අක්රීය කර ඇති නිස� මෙම අදින්න ඉල්ලීම ඒක�බද්ධ කළ නොහ�ක.
 pulls.no_merge_helper=ගබඩ�වේ ස�කසුම් ඒක�බද්ධ විකල්ප සක්රීය කරන්න හ� අදින්න ඉල්ලීම අතින් ඒක�බද්ධ කරන්න.
 pulls.no_merge_wip=එය ප්රගතියේ ක�ර්යයක් ලෙස සලකුණු කර ඇති නිස� මෙම අදින්න ඉල්ලීම ඒක�බද්ධ කළ නොහ�කිය.
-pulls.no_merge_not_ready=මෙම අදින්න ඉල්ලීම ඒක�බද්ධ කිරීමට සූද�නම් න�ත, සම�ල�චනය තත්ත්වය සහ තත්ත්වය චෙක්පත් පරීක්ෂ� කරන්න.
 pulls.no_merge_access=මෙම අදින්න ඉල්ලීම ඒක�බද්ධ කිරීමට ඔබට අවසර න�ත.
 pulls.merge_pull_request=ඒක�බද්ධ ක�ප නිර්ම�ණය
-pulls.rebase_merge_pull_request=පසුව වේගයෙන් ඉදිරියට යන්න
-pulls.rebase_merge_commit_pull_request=Rebase ඉන්පසු ඒක�බද්ධ කරන්න
 pulls.squash_merge_pull_request=ස්කොෂ් ක�පීමට ස�දන්න
 pulls.merge_manually=අතින් සංයුක්ත කර ඇත
 pulls.merge_commit_id=ඒක�බද්ධ කිරීමේ හ�ඳුනුම්පත
 pulls.require_signed_wont_sign=��ඛ�වට අත්සන් කළ කොපියක් අව�්ය වුවද මෙම ඒක�බද්ධ කිරීම අත්සන් නොකෙරේ
 
 pulls.invalid_merge_option=ඔබ මෙම අදින්න ඉල්ලීම සඳහ� මෙම ඒක�බද්ධ විකල්පය භ�විත� කළ නොහ�ක.
-pulls.merge_conflict=ඒක�බද්ධ කිරීම අසමත් විය: ඒක�බද්ධ වන අතර ග�ටුමක් ඇති විය. ඉඟිය: වෙනත් උප�ය ම�ර්ගයක් උත්ස�හ කරන්න
 pulls.merge_conflict_summary=ද�ෂ පණිවිඩය
-pulls.rebase_conflict=ඒක�බද්ධ කිරීම අසමත් විය: න�වත පදනම් කිරීමේදී ග�ටුමක් ඇති විය:%[1]s ඉඟිය: වෙනත් උප�ය ම�ර්ගයක් උත්ස�හ කරන්න
 pulls.rebase_conflict_summary=ද�ෂ පණිවිඩය
-pulls.unrelated_histories=ඒක�බද්ධ කිරීම අසමත් විය: ඒක�බද්ධ හිස සහ ප�දය පොදු ඉතිහ�සයක් බෙද� නොගනී. ඉඟිය: වෙනත් උප�ය ම�ර්ගයක් උත්ස�හ කරන්න
-pulls.merge_out_of_date=ඒක�බද්ධ කිරීම අසමත් විය: ඒක�බද්ධ කිරීම ජනනය කරන අතර, පදනම ය�වත්ක�ලීන කරන ලදී. ඉඟිය: න�වත උත්ස�හ කරන්න.
 pulls.push_rejected_summary=පූර්ණ ප්රතික්ෂේප පණිවිඩය
 pulls.open_unmerged_pull_exists=සම�න ගුණ�ංග සහිත අදින්න ඉල්ලීමක් (#%d) ඇති බ�වින් ඔබට න�වත විවෘත කිරීමේ මෙහෙයුමක් කළ නොහ�ක. 
 pulls.status_checking=සමහර චෙක්පත් බල� ඇත
@@ -1405,7 +1359,6 @@ activity.title.releases_1=නිකුතු %d
 activity.title.releases_n=නිකුතු %d
 activity.title.releases_published_by=%s විසින් ප්රක��යට පත් කර %s
 activity.published_release_label=ප්රක��යට පත්
-activity.no_git_activity=මෙම ක�ලය තුළ කිසිදු ක�පවීමක් සිදු වී නොම�ත.
 activity.git_stats_exclude_merges=ඒක�බද්ධ කිරීම හ�ර,
 activity.git_stats_author_1=%d කර්තෘ
 activity.git_stats_author_n=%d කතුවරුන්
@@ -1430,7 +1383,6 @@ activity.git_stats_deletion_n=%d මක�ද�මීම්
 contributors.contribution_type.commits=විවරයන්
 
 settings=ස�කසුම්
-settings.desc=ස�කසුම් යනු ගබඩ�ව සඳහ� ස�කසුම් කළමන�කරණය කළ හ�කි ස්ථ�නයයි
 settings.options=ක�ෂ්ඨය
 settings.collaboration=සහය�ගිත�කරුවන්
 settings.collaboration.admin=පරිප�ලක
@@ -1482,7 +1434,6 @@ settings.pulls.enable_autodetect_manual_merge=ස්වයංක්රීය හ
 settings.pulls.default_delete_branch_after_merge=පෙරනිමියෙන් ඒක�බද්ධ කිරීමෙන් පසු අදින්න ඉල්ලීම ��ඛ�ව මකන්න
 settings.admin_settings=පරිප�ලක ස�කසුම්
 settings.admin_enable_health_check=ගබඩ�වක් සෞඛ්ය චෙක්පත් සක්රීය කරන්න (git fsck)
-settings.admin_enable_close_issues_via_commit_in_any_branch=පෙරනිමි නොවන ��ඛ�වකින් සිදු කරන ලද ක�පවීමක් හරහ� ග�ටළුවක් වසන්න
 settings.danger_zone=අන්තර�ය කල�පය
 settings.new_owner_has_same_repo=නව හිමිකරුට ද�නටමත් එකම නමක් සහිත ගබඩ�වක් ඇත. කරුණ�කර වෙනත් නමක් ත�රන්න.
 settings.convert=ස�ම�න්ය ගබඩ�ව බවට පරිවර්තනය කරන්න
@@ -1502,7 +1453,6 @@ settings.transfer_abort=මà·�රු කිරීම අවලංගු කරà¶
 settings.transfer_abort_invalid=ඔබට නොපවතින නිධි හුවම�රුවක් අවලංගු කළ නොහ�ක.
 settings.transfer_desc=මෙම ගබඩ�ව පරි�ීලකයෙකුට හ� ඔබට පරිප�ලක අයිතිව�සිකම් ඇති සංවිධ�නයකට ම�රු කරන්න.
 settings.transfer_form_title=තහවුරු කිරීමක් ලෙස නිධි න�මය ඇතුලත් කරන්න:
-settings.transfer_in_progress=ද�නට අඛණ්ඩ හුවම�රුවක් පවතී. මෙම ගබඩ�ව වෙනත් පරි�ීලකයෙකුට ම�රු කිරීමට ඔබ ක�මති නම් කරුණ�කර එය අවලංගු කරන්න.
 settings.transfer_notices_1=- ඔබ එය තනි පරි�ීලකයෙකුට ම�රු කළහොත් ඔබට ගබඩ�වට ප්රවේ�ය අහිමි වනු ඇත.
 settings.transfer_notices_2=- ඔබ එය ඔබට (co-) අයිති සංවිධ�නයක් වෙත ම�රු කළහොත් ඔබ ගබඩ�වට ප්රවේ�ය තබ� ගනු ඇත.
 settings.transfer_notices_3=- ගබඩ�ව පුද්ගලික වන අතර එය තනි පරි�ීලකයෙකුට ම�රු කරනු ල�බේ නම්, මෙම ක්රිය�ව පරි�ීලකය�ට අවම ව�යෙන් කියවීමට අවසර ලබ� ඇති බවට වග බල� ගනී (සහ අව�්ය නම් අවසර වෙනස් කරයි).
@@ -1516,12 +1466,9 @@ settings.trust_model.default=පෙරනිමි විà·�à·Šà·€à·�à·ƒ ආකà
 settings.trust_model.default.desc=මෙම ස්ථ�පනය සඳහ� පෙරනිමි නිධි වි�්ව�ස ආකෘතිය භ�විත� කරන්න.
 settings.trust_model.collaborator=සහය�ගීත�ව
 settings.trust_model.collaborator.long=සහය�ගීත�ව: සහය�ගිත�කරුවන් විසින් වි�්ව�ස අත්සන්
-settings.trust_model.collaborator.desc=මෙම ගබඩ�වේ හවුල්කරුවන් විසින් වලංගු අත්සන් “වි�්ව�සද�යක� ලෙස සලකුණු කරනු ල�බේ - (ඔවුන් ක�පකරු සමඟ ග�ලපෙනව�ද න�ද්ද යන්න). එසේ නොම�ති නම්, අත්සන ක�පකරු හ� “නොග�ලපේ� නම් වලංගු අත්සන් “වි�්ව�ස කළ නොහ�කි� ලෙස සලකුණු කරනු ල�බේ.
 settings.trust_model.committer=ක�රක
-settings.trust_model.committer.long=කමිටුව: කමිටුවන්ට ග�ලපෙන වි�්ව�සනීය අත්සන් (මෙය ගිටබ් වලට ග�ලපෙන අතර ගිටිය� අත්සන් කරන ලද ක�පීම් කමිටුව ලෙස ගිටිය� තබ� ග�නීමට බල කරනු ඇත)
 settings.trust_model.collaboratorcommitter=සහය�ගීත�+කමිටුව
 settings.trust_model.collaboratorcommitter.long=සහය�ගීත�+කමිටුව: කමිටුව සමඟ ග�ලපෙන සහය�ගිත�කරුවන්ගේ වි�්ව�සනීය අත්සන්
-settings.trust_model.collaboratorcommitter.desc=මෙම ගබඩ�වේ හවුල්කරුවන් විසින් වලංගු අත්සන් ක�පකරු සමඟ ග�ලපෙන්නේ නම් “වි�්ව�සද�යක� ලෙස සලකුණු කරනු ල�බේ. එසේ නොම�ති නම්, අත්සන ක�පකරුට ග�ලපෙන්නේ නම් සහ “අසමසම� වෙනත් ආක�රයකින් වලංගු අත්සන් “වි�්ව�ස කළ නොහ�කි� ලෙස සලකුණු කරනු ල�බේ. මෙය Gitea සම-කර්තෘ-විසින්: සහ සම-කමිටුව: ක�ප කිරීමේ ට්රේලරය ලෙස සලකුණු කරන ලද ස�බෑ කමිටුව සමඟ අත්සන් කරන ලද ක�පවීම් මත ක�පකරු ලෙස සලකුණු කිරීමට බල කරනු ඇත. පෙරනිමි Gitea යතුර දත්ත සමුද�යේ පරි�ීලකයෙකුට ග�ලපේ.
 settings.wiki_delete=විකි දත්ත මකන්න
 settings.wiki_delete_desc=නිධි විකි දත්ත මක� ද�මීම ස්ථිර වන අතර එය අහ�සි කළ නොහ�ක.
 settings.wiki_delete_notices_1=- මෙය %sසඳහ� විකි නිධිය ස්ථිරවම මක� දම� අක්රීය කරනු ඇත.
@@ -1530,7 +1477,6 @@ settings.wiki_deletion_success=නිධි විකි දත්ත මක�
 settings.delete=මෙම ගබඩ�ව මකන්න
 settings.delete_desc=ගබඩ�වක් මක� ද�මීම ස්ථිර වන අතර එය අහ�සි කළ නොහ�ක.
 settings.delete_notices_1=- මෙම මෙහෙයුම <strong></strong> අහ�සි කළ නොහ�ක.
-settings.delete_notices_2=- මෙම මෙහෙයුම මඟින් කේතය, ග�ටළු, අදහස්, විකි දත්ත සහ සහය�ගීත� ස�කසුම් ඇතුළුව <strong>%s</strong> ගබඩ�ව ස්ථිරවම මක� දමනු ඇත.
 settings.delete_notices_fork_1=- මෙම ගබඩ�වේ ෆ�ක්ස් මක� ද�මීමෙන් පසු ස්ව�ධීන වනු ඇත.
 settings.deletion_success=ගබඩ�ව මක� දම� ඇත.
 settings.update_settings_success=නිධි ස�කසුම් ය�වත්ක�ලීන කර ඇත.
@@ -1549,8 +1495,6 @@ settings.team_not_in_organization=මෙම කණ්ඩà·�යම ගබඩà·�à·
 settings.teams=කණ්ඩ�යම්
 settings.add_team=කණ්ඩ�යම එකතු කරන්න
 settings.add_team_duplicate=කණ්ඩ�යම ද�නටමත් ගබඩ�වක් ඇත
-settings.add_team_success=කණ්ඩ�යමට ද�න් ක�ෂ්ඨයට ප්�රවේ�ය ඇත.
-settings.change_team_permission_tip=කණ්ඩ�යමේ අවසරය කණ්ඩ�යම් ස�කසුම් පිටුවේ සකසන අතර ක�ෂ්ඨය අනුව වෙනස් කළ නොහ�කිය
 settings.delete_team_tip=මෙම කණ්ඩ�යම සියළුම ක�ෂ්ඨවලට ප්�රවේ�ය ඇති අතර ඉවත් කළ නොහ�කිය
 settings.remove_team_success=ක�ෂ්ඨය වෙත කණ්ඩ�යමේ ප්�රවේ�ය ඉවත් කර ඇත.
 settings.add_webhook=වෙබ්හූක් එකතු කරන්න
@@ -1559,8 +1503,6 @@ settings.hooks_desc=ඇතà·�ම් Gitea සිදුවීම් අවුලà
 settings.webhook_deletion=වෙබ්හූක් ඉවත් කරන්න
 settings.webhook_deletion_desc=වෙබ්කොක්කක් ඉවත් කිරීම එහි ස�කසුම් සහ බෙද�හ�රීමේ ඉතිහ�සය මක� දමයි. දිගටම?
 settings.webhook_deletion_success=වෙබ්කොක්කෙන් ඉවත් කර ඇත.
-settings.webhook.test_delivery=ටෙස්ට් ස�පයුම්
-settings.webhook.test_delivery_desc=ව්ය�ජ සිදුවීමකින් මෙම වෙබ්කොක්කෙන් පරීක්ෂ� කරන්න.
 settings.webhook.request=ඉල්ලීම
 settings.webhook.response=ප්�රතිච�රය
 settings.webhook.headers=�ීර්ෂ
@@ -1600,7 +1542,6 @@ settings.event_repository=ක�ෂ්ඨය
 settings.event_repository_desc=ගබඩ�ව නිර්ම�ණය කරන ලද හ� මක� දමන ලදි.
 settings.event_header_issue=නිකුත් කිරීමේ සිදුවීම්
 settings.event_issues=ග�ටළු
-settings.event_issues_desc=නිකුත් කිරීම විවෘත කිරීම, වස� ද�මීම, න�වත විවෘත කිරීම හ� සංස්කරණය කිරීම.
 settings.event_issue_assign=පවර� ඇති නිකුතුව
 settings.event_issue_assign_desc=පවර� ඇති හ� පවර� නොම�ති නිකුත් කිරීම.
 settings.event_issue_label=ලේබල් නිකුත්
@@ -1611,7 +1552,6 @@ settings.event_issue_comment=නිකුතුව
 settings.event_issue_comment_desc=නිකුත් අදහස් නිර්ම�ණය, සංස්කරණය, හ� මක�.
 settings.event_header_pull_request=ඉල්ලීම් සිදුවීම් අදින්න
 settings.event_pull_request=ඉල්ලීම අදින්න
-settings.event_pull_request_desc=අදින්න ඉල්ලීම විවෘත, වස�, න�වත විවෘත, හ� සංස්කරණය.
 settings.event_pull_request_assign=පවර� ඉල්ලීම අදින්න
 settings.event_pull_request_assign_desc=පවර� ඇති හ� පවර� නොම�ති ඉල්ලීම අදින්න.
 settings.event_pull_request_label=ලේබල් ඉල්ලීම අදින්න
@@ -1715,11 +1655,9 @@ settings.lfs_invalid_locking_path=වලංගු නොවන මà·�ර්ගà¶
 settings.lfs_invalid_lock_directory=බහලුම අගුළු ද�මිය නොහ�ක: %s
 settings.lfs_lock_already_exists=අගුල ද�නටමත් පවතී: %s
 settings.lfs_lock=අගුල
-settings.lfs_lock_path=අගුලු ද�මීමට ලිපිගොනු...
 settings.lfs_locks_no_locks=අගුළු න�ත
 settings.lfs_lock_file_no_exist=අගුලු ද�මූ ගොනුව පෙරනිමි ��ඛ�වේ නොපවතී
 settings.lfs_force_unlock=බල�ත්මක අගුළු හ�රීම
-settings.lfs_pointers.found=%d blob pointer (ය) සොය�ගෙන ඇත - %d ආ�්රිත, %d ආ�්රිත (%d ගබඩ�වෙන් අතුරුදහන්)
 settings.lfs_pointers.sha=බ්ලබ් ෂ�
 settings.lfs_pointers.inRepo=රෙප� දී
 settings.lfs_pointers.exists=ගබඩ�වේ පවතී
@@ -1886,14 +1824,13 @@ settings.visibility.private_shortname=පෞද්ගලික
 
 settings.update_settings=ස�කසුම් ය�වත්ක�ල කරන්න
 settings.update_setting_success=සංවිධ�නයේ ස�කසුම් ය�වත්ක�ල කර ඇත.
-settings.change_orgname_redirect_prompt=ප�රණි නම ඉල්ල� සිටින තුරු න�වත හරව� යවයි.
+
+
 settings.update_avatar_success=සංවිධ�නයේ අවත�රය ය�වත්ක�ලීන කර ඇත.
 settings.delete=සංවිධ�නය මකන්න
 settings.delete_account=මෙම සංවිධ�නය මකන්න
 settings.delete_prompt=සංවිධ�නය ස්ථිරවම ඉවත් කරනු ල�බේ. මෙම <strong></strong> අහ�සි කළ නොහ�ක!
 settings.confirm_delete_account=මක�ද�මීම තහවුරු කරන්න
-settings.delete_org_title=සංවිධ�නය මකන්න
-settings.delete_org_desc=මෙම සංවිධ�නය ස්ථිරවම මක� දමනු ඇත. දිගටම?
 settings.hooks_desc=මෙම සංවිධ�නය යටතේ <strong>සියලුම ගබඩ�වන්</strong> සඳහ� මුලපුරනු ලබන වෙබ් කොකු එකතු කරන්න.
 
 settings.labels_desc=මෙම සංවිධ�නය යටතේ <strong>සියලුම ගබඩ�වලදී</strong> සඳහ� ග�ටළු සඳහ� භ�විත� කළ හ�කි ලේබල් එකතු කරන්න.
@@ -1962,7 +1899,6 @@ organizations=සංවිධ�න
 repositories=ක�ෂ්ඨ
 hooks=වෙබ්කොකු
 authentication=සත්ය�පන ප්රභවයන්
-emails=පරි�ීලක වි-ත�ප�ල්
 config=වින්�ය�සය
 config_summary=ස�ර�ං�ය
 config_settings=ස�කසුම්
@@ -1989,25 +1925,16 @@ dashboard.cron.process=ක්ර�න්:%[1]s
 dashboard.cron.error=ක්ර�න් හි ද�ෂය: %s:%[3]s
 dashboard.cron.finished=ක්ර�න්:%[1]s අවසන් වී ඇත
 dashboard.delete_inactive_accounts=සියලුම අක්රීය ගිණුම් මකන්න
-dashboard.delete_inactive_accounts.started=සියලුම අක්රීය ගිණුම් ක�ර්යය ආරම්භ කර මක� දමන්න.
 dashboard.delete_repo_archives=සියලුම ගබඩ�වන් 'ලේඛන�ග�රය මකන්න (ZIP, TAR.GZ, ආදිය..)
-dashboard.delete_repo_archives.started=සියලුම ගබඩ�වල් ලේඛන�ග�ර ක�ර්යය ආරම්භ කිරීම මකන්න.
 dashboard.delete_missing_repos=ඔවුන්ගේ Git ගොනු අතුරුදහන් වූ සියලුම ගබඩ�වන් මකන්න
-dashboard.delete_missing_repos.started=සියළුම ගබඩ�වන් මක� දමන්න Git ගොනු ක�ර්යය ආරම්භ විය.
 dashboard.delete_generated_repository_avatars=ජනනය කරන ලද නිධි අවත�රය මකන්න
 dashboard.update_mirrors=දර්පණ ය�වත්ක�ලීන කරන්න
 dashboard.repo_health_check=සෞඛ්ය සියලු ගබඩ�වලදී පරීක්ෂ�
 dashboard.check_repo_stats=සියළුම ක�ෂ්ඨවල සංඛ්�ය�ලේඛන පරීක්�ෂ� කරන්න
 dashboard.archive_cleanup=ප�රණි නිධි ලේඛන�ග�රය මකන්න
-dashboard.deleted_branches_cleanup=මක�ද�මූ ��ඛ� පිරිසිදු කිරීම
 dashboard.update_migration_poster_id=සංක්රමණ ප�ස්ටර් ය�වත්ක�ලීන කිරීම
-dashboard.git_gc_repos=කසළ සියලු ගබඩ�වල් එකතු කරයි
-dashboard.resync_all_sshkeys=Gitea SSH යතුරු සමඟ '.ssh/authorized_keys' ගොනුව ය�වත්ක�ලීන කරන්න.
-dashboard.resync_all_sshprincipals=Gitea SSH විදුහල්පතිවරුන් සමඟ '.ssh/authorized_විදුහල්පති' ගොනුව ය�වත්ක�ලීන කරන්න.
-dashboard.resync_all_hooks=පෙර ල�බීමට, ය�වත්ක�ලීන කිරීමට සහ සියලු ගබඩ�වන් න�වත ලබ� ග�නීමට කොකු න�වත සකස් කරන්න.
 dashboard.reinit_missing_repos=අතුරුදහන් වූ සියලුම ගිට් නිධි න�වත ආරම්භ කිරීම
 dashboard.sync_external_users=බ�හිර පරි�ීලක දත්ත සමමුහූර්තනය
-dashboard.cleanup_hook_task_table=පිරිසිදු hook_task වගුව
 dashboard.server_uptime=සේව�ද�යකය ය�වත්ක�ලීන කිරීම
 dashboard.current_goroutine=වත්මන් ග�ර්අවුට්ලයින්
 dashboard.current_memory_usage=වත්මන් මතක භ�විතය
@@ -2048,7 +1975,6 @@ users.restricted=සීම�
 users.repos=ක�ෂ්ඨය
 users.created=සෑදීම
 users.last_login=අවසන් සංඥ� දී
-users.never_login=කවද�වත් සිග්නෙඩ්-දී
 users.send_register_notify=පරි�ීලක ලිය�පදිංචි ද�නුම්දීම යවන්න
 users.edit=සංස්කරණය
 users.auth_source=සත්ය�පන මූල��්රය
@@ -2089,11 +2015,7 @@ users.list_status_filter.not_2fa_enabled=2FA ආබ�ධිත
 emails.email_manage_panel=පරි�ීලක විද්යුත් කළමන�කරණය
 emails.primary=ප්ර�ථමික
 emails.activated=සක්රිය
-emails.filter_sort.email=වි-ත�පෑල
-emails.filter_sort.email_reverse=විද්යුත් ත�පෑල (ආපසු)
 emails.filter_sort.name=පරි�ීලක න�මය
-emails.filter_sort.name_reverse=පරි�ීලක නම (ප්රතිල�ම)
-emails.updated=වි-ත�පෑල ය�වත්ක�ල කෙරිණි
 emails.not_updated=ඉල්ලූ විද්යුත් ත�ප�ල් ලිපිනය ය�වත්ක�ලීන කිරීමට අපොහොසත් විය: %v
 emails.duplicate_active=මෙම විද්යුත් ත�ප�ල් ලිපිනය වෙනත් පරි�ීලකයෙකු සඳහ� ද�නටමත් ක්රිය�ක�රී වේ.
 emails.change_email_header=විද්යුත් ගුණ�ංග ය�වත්ක�ලීන කරන්න
@@ -2191,19 +2113,14 @@ auths.skip_local_two_fa_helper=unset පිටත් 2FA කට්ටලයකà·
 auths.oauth2_tenant=අඳ
 auths.enable_auto_register=ස්වයං ලිය�පදිංචිය සබල කරන්න
 auths.sspi_auto_create_users=ස්වයංක්�රීයව පරි�ීලකයින් ස�දන්න
-auths.sspi_auto_create_users_helper=පළමු වරට ලොගින් වන පරි�ීලකයින් සඳහ� නව ගිණුම් ස්වයංක්රීයව නිර්ම�ණය කිරීමට SSPI auth ක්රමයට ඉඩ දෙන්න
 auths.sspi_auto_activate_users=පරි�ීලකයින් ස්වයංක්රීයව සක්රිය කරන්න
 auths.sspi_auto_activate_users_helper=නව පරි�ීලකයින් ස්වයංක්රීයව සක්රිය කිරීමට SSPI auth ක්රමයට ඉඩ දෙන්න
 auths.sspi_strip_domain_names=පරි�ීලක න�ම වලින් වසම් න�ම ඉවත් කරන්න
-auths.sspi_strip_domain_names_helper=පරීක්ෂ� කර ඇත්නම්, ඩොමේන් නම් ලොගන් නම් වලින් ඉවත් කරනු ල�බේ (උද�. “ඩොමේන්\ පරි�ීලක� සහ "user@example.org" යන දෙකම හුදෙක් “පරි�ීලක� බවට පත්වනු ඇත).
 auths.sspi_separator_replacement=\,/සහ @ වෙනුවට භ�විත� කිරීමට වෙන්කර
-auths.sspi_separator_replacement_helper=පහළ මට්ටමේ පිවිසුම් න�ම (ද. "ඩොමේන්\ පරි�ීලක" හි) සහ පරි�ීලක ප්රධ�න නම් (ද. @ in "user@example.org").
 auths.sspi_default_language=පෙරනිමි පරි�ීලක භ�ෂ�ව
-auths.sspi_default_language_helper=SSPI auth ක්රමය මගින් ස්වයංක්රීයව නිර්ම�ණය කරන ලද පරි�ීලකයින් සඳහ� පෙරනිමි භ�ෂ�ව. ඔබ භ�ෂ�ව ස්වයංක්රීයව හඳුන� ග�නීමට ක�මති නම් හිස්ව තබන්න.
 auths.tips=ඉඟි
 auths.tips.oauth2.general=OUTU2 සත්ය�පන
 auths.tip.oauth2_provider=OUTU2 ස�පයුම්කරු
-auths.tip.nextcloud=පහත සඳහන් මෙනුව භ�විත� කරමින් ඔබගේ උද�හරණයක් මත නව OAUTH ප�රිභ�ගිකයෙකු ලිය�පදිංචි කරන්න “ස�කසීම් -> ආරක්ෂ�ව -> OAUTH 2.0 සේව�ද�යකය��
 auths.tip.mastodon=ඔබට සත්ය�පනය කිරීමට අව�්ය mastodon උද�හරණයක් සඳහ� අභිරුචි උද�හරණයක් URL එකක් ආද�න කරන්න (හ� පෙරනිමි එකක් භ�විත� කරන්න)
 auths.edit=සත්ය�පන මූල��්රය සංස්කරණය කරන්න
 auths.activated=මෙම සත්ය�පන මූල��්රය සක්රිය කර ඇත
@@ -2241,8 +2158,6 @@ config.ssh_domain=SSH සේව�ද�යකය වසම්
 config.ssh_port=වර�ය
 config.ssh_listen_port=සවන් වර�ය
 config.ssh_root_path=මූල ම�ර්ගය
-config.ssh_key_test_path=ප්රධ�න ටෙස්ට් ම�ර්ගය
-config.ssh_keygen_path=Keygen ('ssh-keygen') ම�ර්ගය
 config.ssh_minimum_key_size_check=අවම කී ප්රම�ණය පරීක්ෂ�
 config.ssh_minimum_key_sizes=අවම යතුරෙහි ප්�රම�ණ
 
@@ -2294,7 +2209,6 @@ config.mailer_use_sendmail=සෙන්ඩ්මේල් භ�විත� ක
 config.mailer_sendmail_path=සෙන්ඩ්මේල් ම�ර්ගය
 config.mailer_sendmail_args=Sendmail වෙත අමතර තර්ක
 config.mailer_sendmail_timeout=සෙන්ඩ්මේල් වේල�ව
-config.test_email_placeholder=වි-ත�පෑල (උද�. පරීක්�ෂ�ව@උද�හරණය.ලංක�)
 config.send_test_mail=අත්හද� බ�ලීමේ වි-ත�පෑල යවන්න
 
 config.oauth_config=ඕත් වින්ය�සය
@@ -2359,7 +2273,6 @@ monitor.queue.exemplar=ආදර්� වර්ගය
 monitor.queue.numberworkers=කම්කරුවන් සංඛ්ය�ව
 monitor.queue.maxnumberworkers=ම�ක්ස් කම්කරු සංඛ්ය�ව
 monitor.queue.settings.title=තට�කය ස�කසුම්
-monitor.queue.settings.maxnumberworkers=ම�ක්ස් කම්කරුවන් සංඛ්ය�ව
 monitor.queue.settings.maxnumberworkers.placeholder=වත්මන්%[1]d
 monitor.queue.settings.maxnumberworkers.error=ම�ක්ස් කම්කරුවන්ගේ සංඛ්ය�ව අංකයක් විය යුතුය
 monitor.queue.settings.submit=ස�කසුම් ය�වත්ක�ල කරන්න
@@ -2453,8 +2366,12 @@ conan.details.repository=ක�ෂ්ඨය
 owner.settings.cleanuprules.enabled=සබල කර ඇත
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=සවිස්තරය
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_sk-SK.ini b/options/locale/locale_sk-SK.ini
index 20f26db801..1c6cc7a7ad 100644
--- a/options/locale/locale_sk-SK.ini
+++ b/options/locale/locale_sk-SK.ini
@@ -43,7 +43,6 @@ webauthn_use_twofa=Použite kód dvojfaktorového overenia z vášho telefónu
 webauthn_error=Nie je možné pre�ítať váš bezpe�nostný kód.
 webauthn_unsupported_browser=Váš prehliada� aktuálne nepodporuje WebAuthn.
 webauthn_error_unknown=Vyskytla sa neznáma chyba. Skúste to znova.
-webauthn_error_insecure=`WebAuthn podporuje iba bezpe�né spojenia. Na testovanie cez HTTP môžete použiť "localhost" alebo "127.0.0.1"`
 webauthn_error_unable_to_process=Server nemohol spracovať vašu požiadavku.
 webauthn_error_duplicated=Bezpe�nostný kľú� nie je pre túto požiadavku povolený. Uistite sa, že kľú� ešte nie je zaregistrovaný.
 webauthn_error_empty=Musíte nastaviť meno pre tento kľú�.
@@ -178,8 +177,6 @@ buttons.enable_monospace_font=Povoliť font s pevnou šírkou
 buttons.disable_monospace_font=Zakázať font s pevnou šírkou
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Vyskytla sa chyba
@@ -212,16 +209,10 @@ path=Cesta
 sqlite_helper=Cesta k súboru databázy SQLite3.<br>Ak spúšťate Gitea ako službu, zadajte absolútnu cestu.
 reinstall_error=Pokúšate sa inštalovať do existujúcej databázy Gitea
 reinstall_confirm_message=Opätovná inštalácia s existujúcou databázou Gitea môže spôsobiť viacero problémov. Vo vä�šine prípadov by ste na spustenie Gitea mali použiť svoj existujúci súbor „app.ini“. Ak viete, �o robíte, potvr�te nasledujúce:
-reinstall_confirm_check_1=Údaje zašifrované pomocou SECRET_KEY v app.ini sa môžu stratiť: používatelia sa možno nebudú môcť prihlásiť s 2FA/OTP a zrkadlá možno nebudú fungovať správne. Za�iarknutím tohto polí�ka potvrdzujete, že aktuálny súbor app.ini obsahuje správny kľú� SECRET_KEY.
-reinstall_confirm_check_2=Repozitáre a nastavenia možno bude potrebné znova synchronizovať. Za�iarknutím tohto polí�ka potvrdzujete, že hooky pre repozitáre a súbor autorizovaných kľú�ov znova zosynchronizujete manuálne. Potvrdzujete, že zabezpe�íte, aby boli nastavenia úložiska a zrkadla správne.
 reinstall_confirm_check_3=Potvrdzujete, že ste si úplne istí, že táto Gitea beží so správnym umiestnením app.ini a že ste si istí, že ju musíte znova nainštalovať. Potvrdzujete, že beriete na vedomie vyššie uvedené riziká.
 err_empty_db_path=Cesta k databáze SQLite3 nesmie byť prázdna.
 no_admin_and_disable_registration=Nemôžete zakázať registráciu bez vytvorenia administrátorského ú�tu.
 err_empty_admin_password=Heslo administrátora nemôže byť prázdne.
-err_empty_admin_email=E-mail administrátora nemôže byť prázdny.
-err_admin_name_is_reserved=Používateľské meno administrátora je neplatné, používateľské meno je rezervované
-err_admin_name_pattern_not_allowed=Používateľské meno administrátora je neplatné, používateľské meno zodpovedá vyhradenému vzoru
-err_admin_name_is_invalid=Používateľské meno administrátora je neplatné
 
 general_title=Všeobecné nastavenia
 app_name=Názov webu
@@ -236,7 +227,6 @@ domain_helper=Adresa domény alebo hostiteľa serveru.
 ssh_port=Port SSH servera
 ssh_port_helper=Číslo portu na ktorom na�úva SSH server. Ke� ponecháte prázdne, SSH server zakážete.
 http_port=HTTP port pre Gitea
-http_port_helper=Číslo portu na ktorom po�úva webový server Gitea.
 app_url=Základná URL Gitea
 app_url_helper=Základná adresa pre klonované HTTP(S) URL adresy a e-mailové upozornenia.
 log_root_path=Adresár logov
@@ -298,7 +288,6 @@ no_reply_address=Skrytá e-mailová doména
 no_reply_address_helper=Doménové meno pre používateľov so skrytou e-mailovou adresou. Napríklad, používateľ s menom 'joe' bude zalogovaný v Git-e ako 'joe@noreply.example.org' ak je skrytá e-mailová doména nastavená na 'noreply.example.org'.
 password_algorithm=Hašovací algoritmus hesla
 invalid_password_algorithm=Neplatný hash algoritmus hesla
-password_algorithm_helper=Nastavte algoritmus hashovania hesla. Algoritmy majú rôzne požiadavky a silu. Algoritmus argon2 je pomerne bezpe�ný, ale využíva veľa pamäte a môže byť nevhodný pre malé systémy.
 enable_update_checker=Povoliť kontrolu aktualizácií
 enable_update_checker_helper=Pravidelne kontroluje nové verzie pripojením k gitea.io.
 
@@ -351,7 +340,6 @@ allow_password_change=Vyžiadať od používateľa zmenu hesla (doporu�uje sa)
 reset_password_mail_sent_prompt=Na adresu <b>%s</b> bol odoslaný potvrdzovací e-mail. Skontrolujte si, prosím, vašu doru�enú poštu po�as najbližších %s pre dokon�enie procesu obnovenia ú�tu.
 active_your_account=Aktivovať ú�et
 account_activated=Ú�et bol aktivovaný
-prohibit_login=Prihlásenie zakázané
 resent_limit_prompt=Pred malou chvíľou ste už požiadali o aktiva�ný email. Po�kajte, prosím, 3 minúty a potom skúste znova.
 has_unconfirmed_mail=Ahoj %s, tvoja e-mailová adresa (<b>%s</b>) je neoverená. Ak si ešte nedostal potvrdzovací e-mail, alebo je potrebné odoslať nový, klikni, prosím, na tla�idlo nižšie.
 resend_mail=Kliknite sem pre opätovné odoslanie aktiva�ného e-mailu
@@ -384,13 +372,10 @@ openid_connect_title=Pripojiť k existujúcemu ú�tu
 openid_connect_desc=Zvolené OpenID URI je neznáme. Združte s novým ú�tom tu.
 openid_register_title=Vytvoriť nový ú�et
 openid_register_desc=Zvolené OpenID URI je neznáme. Združte s novým ú�tom tu.
-disable_forgot_password_mail=Obnovenie ú�tu je zakázané pretože nie je nastavený e-mail. Kontaktujte, prosím, správcu webu.
-disable_forgot_password_mail_admin=Obnovenie ú�tu je možné iba po nastavení e-mailu. Pre povolenie obnovy ú�tu nastavte, prosím, e-mail.
 email_domain_blacklisted=Nemôžete sa zaregistrovať s vašou e-mailovou adresou.
 authorize_application=Autorizovať aplikáciu
 authorize_redirect_notice=Ak autorizujete túto aplikáciu, budete presmerovaní na %s.
 authorize_application_created_by=Túto aplikáciu vytvoril %s.
-authorize_application_description=Ak udelíte prístup, bude možné pristupovať a zapisovať do všetkých vašich informácií o ú�te, vrátane súkromných repozitárov a organizácií.
 authorize_title=Autorizovať „%s“ pre prístup k vášmu ú�tu?
 authorization_failed=Autorizácia zlyhala
 sspi_auth_failed=SSPI overenie zlyhalo
@@ -411,8 +396,6 @@ activate_email=Overte svoju e-mailovú adresu
 activate_email.text=Pre overenie vašej e-mailovej adresy kliknite, prosím, na nasledovný odkaz do <b>%s</b>:
 
 register_notify.title=%[1]s, vitajte v %[2]s
-register_notify.text_1=toto je e-mail potvrdzujúci vašu registráciu pre %s!
-register_notify.text_2=Teraz sa môžete prihlásiť s používateľským menom: %s.
 register_notify.text_3=Ak bol tento ú�et vytvorený pre vás, nastavte prosím najskôr <a href="%s">svoje heslo</a>.
 
 reset_password=Obnoviť váš ú�et
@@ -449,7 +432,6 @@ release.download.targz=Zdrojový kód (TAR.GZ)
 repo.transfer.subject_to=%s by chcel preniesť "%s" do %s
 repo.transfer.subject_to_you=%s by chcel preniesť "%s" k vám
 repo.transfer.to_you=vy
-repo.transfer.body=Ak to chcete prijať alebo odmietnuť, navštívte %s alebo to jednoducho ignorujte.
 
 repo.collaborator.added.subject=%s vás pridal do %s
 repo.collaborator.added.text=Boli ste pridaný ako spolupracovník repozitára:
@@ -499,7 +481,6 @@ max_size_error=` musí obsahovať maximálne %s znakov.`
 email_error=` nie je platná e-mailová adresa.`
 glob_pattern_error=` glob vzor je neplatný: %s.`
 regex_pattern_error=` regex vzor je neplatný: %s.`
-username_error=` môže obsahovať iba alfanumerické znaky ('0-9', 'a-z', 'A-Z'), poml�ku ('-'), pod�iarkovník ('_') a bodku ('.'). Nemôže za�ínať ani kon�iť nealfanumerickými znakmi a po sebe idúce nealfanumerické znaky sú tiež zakázané.`
 invalid_group_team_map_error=`mapovanie je neplatné: %s`
 unknown_error=Neznáma chyba:
 captcha_incorrect=Overovací kód CAPTCHA je nesprávny.
@@ -511,11 +492,9 @@ username_change_not_local_user=Používatelia overovaní inak ako lokálne si ne
 repo_name_been_taken=Meno repozitára sa už používa.
 repository_force_private=Je aktivované "Iba súkromne": súkromné repozitáre nesmú byť zverejnené.
 repository_files_already_exist=Súbory pre tento repozitár už existujú. Kontaktujte správcu systému.
-repository_files_already_exist.adopt=Súbory pre tento repozitár už existujú dajú sa iba prijať.
 repository_files_already_exist.delete=Súbory pre tento repozitár už existujú. Musíte ich zmazať.
 repository_files_already_exist.adopt_or_delete=Súbory pre tento repozitár už existujú. Bu� ich prijmite, alebo zmažte.
 visit_rate_limit=Dosiahnutý limit rýchlosti dotazov pri vzdialenom prístupe.
-2fa_auth_required=Vzdialený prístup vyžaduje dvojfaktorové overovanie.
 org_name_been_taken=Názov organizácie sa už používa.
 team_name_been_taken=Názov tímu sa už používa.
 team_no_units_error=Povoliť prístup aspoň do jednej sekcie repozitára.
@@ -542,7 +521,6 @@ invalid_ssh_key=Nie je možné overiť váš SSH kľú�: %s
 invalid_gpg_key=Nie je možné overiť váš GPG kľú�: %s
 invalid_ssh_principal=Neplatná identita: %s
 must_use_public_key=Zadaný kľú� je súkromný kľú�. Nikde neodovzdávajte svoj súkromný kľú�. Namiesto toho použite svoj verejný kľú�.
-unable_verify_ssh_key=Nie je možné overiť kľú� SSH, skontrolujte, �i neobsahuje chyby.
 auth_failed=Overenie zlyhalo: %v
 
 
@@ -645,7 +623,6 @@ activate_email=Poslať aktiváciu
 activations_pending=Čakajúca aktivácia
 delete_email=Odstrániť
 email_deletion=Vymazať e-mailovú adresu
-email_deletion_desc=E-mailová adresa a pridružené informácie budú z vášho ú�tu odstránené. Commity Gitu s touto e-mailovou adresou zostanú nezmenené. Pokra�ovať?
 email_deletion_success=E-mailová adresa bola odstránená.
 theme_update_success=Vaša téma bola aktualizovaná.
 theme_update_error=Vybraná téma vzhľadu neexistuje.
@@ -686,7 +663,6 @@ gpg_key_matched_identities_long=Vložené identity v tomto kľú�i zodpovedajú
 gpg_key_verified=Overený kľú�
 gpg_key_verified_long=Kľú� bol overený pomocou tokenu a môže byť použitý k overeniu commitov zhodujúcich sa s ľubovoľnou vašou aktivovalo e-mailovou adresou pre tohoto užívateľa naviac k akejkoľvek odpovedajúcej identite tohoto kľú�a.
 gpg_key_verify=Overiť
-gpg_invalid_token_signature=Zadaný GPG kľú�, podpis a token sa nezhodujú alebo je token zastaralý.
 gpg_token_required=Musíte zadať podpis pre nižšie uvedený token
 gpg_token=Token
 gpg_token_help=Podpis môžete vygenerovať pomocou:
@@ -695,7 +671,6 @@ key_signature_gpg_placeholder=Za�ína s '-----BEGIN PGP SIGNATURE-----'
 ssh_key_verified=Overený kľú�
 ssh_key_verified_long=Kľú� bol overený tokenom a možno ho použiť na overenie commitov zhodujúcich sa so všetkými aktivovanými e-mailovými adresami tohto používateľa.
 ssh_key_verify=Overiť
-ssh_invalid_token_signature=Zadaný SSH kľú�, podpis alebo token sa nezhodujú alebo je token zastaralý.
 ssh_token_required=Musíte zadať podpis pre nižšie uvedený token
 ssh_token=Token
 ssh_token_help=Podpis môžete vygenerovať pomocou:
@@ -712,7 +687,6 @@ gpg_key_deletion=Odstrániť GPG kľú�
 ssh_principal_deletion=Vymazať SSH certifika�nú identitu
 ssh_key_deletion_desc=Odstránenie SSH kľú�a zruší jeho prístup k vašemu ú�tu. Pokra�ovať?
 gpg_key_deletion_desc=Odstránením GPG kľú�a zneplatníte overenie commitov, ktoré sú  ním podpísané. Pokra�ovať?
-ssh_principal_deletion_desc=Odstránenie SSH certifikátu identity zruší jeho prístup k vašemu ú�tu. Pokra�ovať?
 ssh_key_deletion_success=SSH kľú� bol odstránený.
 gpg_key_deletion_success=GPG kľú� bol odstránený.
 ssh_principal_deletion_success=Zabezpe�enie bolo odstránené.
@@ -754,7 +728,6 @@ remove_oauth2_application_success=Aplikácia bola odstránená.
 create_oauth2_application=Vytvoriť novú aplikáciu OAuth2
 create_oauth2_application_button=Vytvoriť aplikáciu
 oauth2_application_name=Názov aplikácie
-oauth2_confidential_client=Dôverný klient. Vyberte aplikácie, ktoré uchovávajú tajomstvo v tajnosti, ako sú webové aplikácie. Nevyberajte pre natívne aplikácie vrátane aplikácií pre po�íta�e a mobilné aplikácie.
 save_application=Uložiť
 oauth2_client_id=ID klienta
 oauth2_client_secret=Tajný klientsky kľú�
@@ -766,12 +739,10 @@ oauth2_application_create_description=Aplikácie OAuth2 poskytujú aplikáciám
 authorized_oauth2_applications=Autorizované aplikácie OAuth2
 revoke_key=Odvolať
 revoke_oauth2_grant=Odstrániť prístup
-revoke_oauth2_grant_description=Zrušenie prístupu tejto aplikáciu tretej strany zabráni tejto aplikácii v prístupe k vašim údajom. Ste si istý?
 
 twofa_is_enrolled=Váš ú�et je momentálne <strong>používa</strong> dvojfaktorovú autentifikáciu.
 twofa_not_enrolled=Váš ú�et momentálne nepoužíva dvojfaktorovú autentifikáciu.
 twofa_disable=Vypnúť dvojfaktorovú autentifikáciu
-twofa_enroll=Povoliť dvojfaktorové overovanie
 twofa_disable_note=V prípade potreby môžete zakázať dvojfaktorové overenie.
 twofa_disable_desc=Vypnutím dvojfaktorovej autentifikácie bude váš ú�et menej bezpe�ný. Ďalej?
 twofa_disabled=Dvojfaktorové overovanie bolo vypnuté.
@@ -784,11 +755,9 @@ twofa_failed_get_secret=Nepodarilo sa získať tajomstvo.
 webauthn_register_key=Pridať bezpe�nostný kľú�
 webauthn_nickname=Prezývka
 webauthn_delete_key=Odstrániť bezpe�nostný kľú�
-webauthn_delete_key_desc=Ak odstránite bezpe�nostný kľú�, už sa s ním nebudete môcť prihlásiť. Ďalej?
 
 manage_account_links=Spravovať prepojené kontá
 manage_account_links_desc=Tieto externé ú�ty sú prepojené s vaším ú�tom Gitea.
-account_links_not_available=V sú�asnosti nie sú s vaším ú�tom Gitea prepojené žiadne externé ú�ty.
 link_account=Pripojiť ú�et
 remove_account_link=Odstrániť prepojený ú�et
 remove_account_link_desc=Odstránenie prepojeného ú�tu zruší jeho prístup k vášmu ú�tu Gitea. Pokra�ovať?
@@ -857,7 +826,6 @@ mirror_address=Klonovať z URL
 mirror_lfs=Úložisko veľkých súborov (LFS)
 mirror_lfs_desc=Aktivovať zrkadlenie dát LFS.
 mirror_lfs_endpoint=Koncový bod LFS
-mirror_lfs_endpoint_desc=Synchronizácia sa pokúsi použiť klonovaciu adresu URL na <a target="_blank" rel="noopener noreferrer" href="%s">ur�enie servera LFS</a>. Môžete tiež zadať vlastný koncový bod, ak sú dáta repozitára LFS uložené niekde inde.
 mirror_last_synced=Posledná synchronizácia
 mirror_password_placeholder=(Nezmenené)
 mirror_password_blank_placeholder=(Nenastavené)
@@ -868,7 +836,6 @@ forks=Forky
 reactions_more=a %d �alších
 unit_disabled=Správca stránky zakázal túto sekciu repozitára.
 language_other=Iný
-adopt_search=Ak chcete vyhľadať neprijaté úložiská, zadajte používateľské meno... (pre vyhľadanie všetkých nechajte prázdne)
 adopt_preexisting_label=Prijať súbory
 adopt_preexisting=Prijať už existujúce súbory
 adopt_preexisting_content=Vytvoriť repozitár z %s
@@ -916,7 +883,6 @@ migrate_items_labels=Štítky
 migrate_items_pullrequests=Pull requesty
 migrate_repo=Migrovať repozitár
 migrate.clone_address_desc=HTTP(S) alebo Git 'clone' URL pre klonovanie existujúceho repozitára
-migrate.github_token_desc=Sem môžete vložiť jeden alebo viac tokenov oddelených �iarkami, aby sa migrácia zrýchlila z dôvodu limitu rýchlosti rozhrania GitHub API. UPOZORNENIE: Zneužitie tejto funkcie môže porušiť zásady poskytovateľa služieb a viesť k zablokovaniu ú�tu.
 migrate.clone_local_path=alebo cestu k lokálnemu serveru
 migrate.permission_denied=Nemáte povolené importovať miestne repozitáre.
 migrate.invalid_lfs_endpoint=Koncový bod LFS nie je platný.
@@ -948,7 +914,6 @@ quick_guide=Rýchly sprievodca
 clone_this_repo=Klonovať tento repozitár
 create_new_repo_command=Vytvoriť nový repozitár v príkazovom riadku
 push_exist_repo=Odoslanie existujúceho repozitára z príkazového riadku
-empty_message=Tento repozitár ešte nemá obsah.
 broken_message=Údaje Git, ktoré sú základom tohto úložiska, sa nedajú pre�ítať. Kontaktujte správcu tejto inštancie alebo odstráňte toto úložisko.
 
 code=Zdrojový kód
@@ -965,7 +930,6 @@ projects=Projekty
 packages=Balí�ky
 actions=Akcie
 labels=Štítky
-org_labels_desc=Štítky na úrovni organizácie, ktoré možno použiť so <strong>všetkými repozitármi</strong> v rámci tejto organizácie
 org_labels_desc_manage=spravovať
 
 milestone=Míľnik
@@ -981,7 +945,6 @@ file_copy_permalink=Kopírovať trvalý odkaz
 view_git_blame=Zobraziť Git Blame
 video_not_supported_in_browser=Váš prehliada� nepodporuje HTML5 tag 'video'.
 audio_not_supported_in_browser=Váš prehliada� nepodporuje HTML5 tag 'audio'.
-stored_lfs=Uložené pomocou Git LFS
 symbolic_link=Symbolický odkaz
 commit_graph=Graf commitov
 line=riadok
@@ -1008,6 +971,7 @@ editor.commit_empty_file_text=Súbor, ktorý sa chystáte odoslať, je prázdny.
 editor.no_commit_to_branch=Nedá sa odoslať priamo do vetvy, pretože:
 editor.require_signed_commit=Vetva vyžaduje podpísaný commit
 
+
 commits.commits=Commity
 commits.search_all=VÅ¡etky vetvy
 commits.author=Autor
@@ -1075,11 +1039,9 @@ issues.unpin=Odopnúť
 
 
 issues.dependency.cancel=Zrušiť
-issues.review.dismissed=zamietol revíziu od %s %s
 issues.review.wait=bol požiadaný o revidovanie %s
 issues.review.add_review_request=požiadal o revidovanie od %s %s
 issues.review.remove_review_request=odstránil žiadosť o revidovanie na %s %s
-issues.review.remove_review_request_self=odmietol revidovať %s
 issues.review.review=Revízia
 issues.review.reviewers=Revidenti
 
@@ -1088,10 +1050,7 @@ pulls.tab_commits=Commity
 pulls.data_broken=Tento pull request je nefunk�ný z dôvodu chýbajúcich informácií o forku.
 pulls.waiting_count_1=%d �akajúca revízia
 pulls.waiting_count_n=%d �akajúcich revízií
-pulls.wrong_commit_id=ID commitu musí byť ID commitu v cieľovej vetve
 
-pulls.no_merge_not_ready=Tento pull request nie je pripravený na merge, skontrolujte stav revízie a kontroly stavu.
-pulls.rebase_merge_commit_pull_request=Rebase a potom vytvoriť zlu�ovací commit
 pulls.merge_commit_id=ID zlu�ovacieho commitu
 
 
@@ -1136,12 +1095,9 @@ settings.transfer_owner=Nový vlastník
 settings.transfer_started=`Tento repozitár bol ozna�ený na prenos a �aká na potvrdenie od "%s"`
 settings.transfer_succeed=Repozitár bol prenesený.
 settings.trust_model.collaborator.long=Spolupracovník: Dôverovať podpisom spolupracovníkov
-settings.trust_model.collaborator.desc=Platné podpisy spolupracovníkov tohto úložiska budú ozna�ené ako "dôveryhodné" - (bez ohľadu na to, �i sa zhodujú s prispievateľom alebo nie). V opa�nom prípade budú platné podpisy ozna�ené ako „nedôveryhodné“, ak sa podpis zhoduje s prispievateľom, a „nezhodujúce sa“, ak nie.
 settings.trust_model.committer=Prispievateľ
-settings.trust_model.committer.long=Prispievateľ: Dôverovať podpisom, ktoré sa zhodujú s prispievateľmi (toto sa zhoduje s GitHubom a prinúti Gitea podpísané príkazy, aby mali Gitea ako prispievateľa)
 settings.trust_model.collaboratorcommitter=Spolupracovník+Prispievateľ
 settings.trust_model.collaboratorcommitter.long=Spolupracovník+Prispievateľ: Dôverujte podpisom spolupracovníkov, ktorí zodpovedajú prispievateľovi
-settings.trust_model.collaboratorcommitter.desc=Platné podpisy spolupracovníkov tohto repozitára budú ozna�ené ako „dôveryhodné“, ak sa zhodujú s prispievateľom. V opa�nom prípade budú platné podpisy ozna�ené ako „nedôveryhodné“, ak sa podpis zhoduje s prispievateľom, a v opa�nom prípade budú „nezhodujúce sa“. To prinúti Giteu, aby bola ozna�ená ako autor na podpísaných odovzdaniach so skuto�ným autorom ozna�eným ako Co-Authored-By: and Co-Committed-By: na konci commitu. Predvolený kľú� Gitea sa musí zhodovať s používateľom v databáze.
 settings.wiki_delete_desc=Odstránenie údajov wiki je trvalé a nemožno ho vrátiť späť.
 settings.wiki_delete_notices_1=- Natrvalo odstráni a zakáže wiki pre %s.
 settings.wiki_deletion_success=Údaje wiki boli vymazané.
@@ -1156,8 +1112,6 @@ settings.collaborator_deletion_desc=Odstránenie spolupracovníka zruší jeho p
 settings.change_team_access_not_allowed=Zmena prístupu tímu k repozitáru bola obmedzená na vlastníka organizácie
 settings.team_not_in_organization=Tím nie je v rovnakej organizácii ako repozitár
 settings.add_team_duplicate=Tím už má repozitár
-settings.add_team_success=Tím má teraz prístup k repozitáru.
-settings.change_team_permission_tip=Oprávnenia tímu sa nastavujú na stránke s nastaveniami tímu a nedajú sa zmeniť pre jednotlivé repozitáre
 settings.delete_team_tip=Tento tím má prístup ku všetkým repozitárom a nemožno ho odstrániť
 settings.add_webhook=Pridať webhook
 settings.add_webhook.invalid_channel_name=Názov kanála webhooku nemôže byť prázdny a nemôže obsahovať iba znak #.
@@ -1165,7 +1119,6 @@ settings.hooks_desc=Webhooky automaticky odosielajú požiadavky HTTP POST na se
 settings.webhook_deletion=Odstrániť webhook
 settings.webhook_deletion_desc=Odstránením webhooku sa vymažú jeho nastavenia a história doru�ovania. Ďalej?
 settings.webhook_deletion_success=Webhook bol odstránený.
-settings.webhook.test_delivery_desc=Otestujte tento webhook pomocou testovacej udalosti.
 settings.webhook.replay.description=Zopakujte tento webhook.
 settings.add_webhook_desc=Gitea odošle požiadavky <code>POST</code> so špecifikovaným typom obsahu na cieľovú adresu URL. Pre�ítajte si viac v <a target="_blank" rel="noopener noreferrer" href="%s">sprievodcovi webhookmi</a>.
 settings.event_header_repository=Udalosti repozitára
@@ -1220,6 +1173,8 @@ lower_repositories=repozitáre
 settings.visibility.private=Súkromná ​​(viditeľné iba pre �lenov organizácie)
 settings.visibility.private_shortname=Súkromný
 
+
+
 settings.hooks_desc=Pridajte webhooky, ktoré sa spustia nad <strong>všetkými repozitármi</strong> v rámci tejto organizácie.
 
 
@@ -1265,7 +1220,6 @@ systemhooks.update_webhook=Aktualizovať defaultný webhook
 auths.enabled=Povolené
 auths.oauth2_tokenURL=Token URL
 auths.sspi_default_language=Predvolený jazyk používateľa
-auths.sspi_default_language_helper=Predvolený jazyk pre používateľov automaticky vytvorený metódou SSPI auth. Ak uprednostňujete automatické zisťovanie jazyka, nechajte pole prázdne.
 
 config.app_ver=Verzia Gitea
 config.app_url=Základná URL Gitea
@@ -1322,6 +1276,10 @@ owner.settings.cleanuprules.enabled=Povolené
 
 [secrets]
 
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
+
+
+
 [actions]
 
 
diff --git a/options/locale/locale_sv-SE.ini b/options/locale/locale_sv-SE.ini
index dbe53aaadf..7ec0090bcb 100644
--- a/options/locale/locale_sv-SE.ini
+++ b/options/locale/locale_sv-SE.ini
@@ -136,10 +136,6 @@ sqlite_helper=Sökväg för SQLite3-databasen.<br>Ange en absolut sökväg om du
 err_empty_db_path=En sökväg till SQLite3-databasen måste anges.
 no_admin_and_disable_registration=Du kan inte inaktivera självregistrering utan att skapa ett administratörskonto.
 err_empty_admin_password=Administratörslösenordet kan inte vara tomt.
-err_empty_admin_email=Administratörens mail kan inte vara tom.
-err_admin_name_is_reserved=Administratörsanvändarnamnet är ogiltigt, användarnamnet är reserverat
-err_admin_name_pattern_not_allowed=Administratörens användarnamn är ogiltigt, användarnamnet matchar ett reserverat mönster
-err_admin_name_is_invalid=Administratörsanvändarnamnet är ogiltigt
 
 general_title=Allmänna inställningar
 app_name=Sajtens namn
@@ -152,7 +148,6 @@ run_user=Kör som användarnamn
 ssh_port=SSH-serverport
 ssh_port_helper=Portnumret som din SSH-server lyssnar på. Lämna tom för att inaktivera.
 http_port=Gitea HTTP-lyssningsport
-http_port_helper=Portnumret som Giteas webbserver kommer lyssna på.
 app_url=Gitea URL
 app_url_helper=Basadressen för HTTP(S)-kloningslänkar och mejlnotifikationer.
 log_root_path=Loggsökväg
@@ -253,7 +248,6 @@ allow_password_change=Kräv att användaren byter lösenord (rekommenderas)
 reset_password_mail_sent_prompt=Ett nytt bekräftelsemail has skickats till <b>%s</b>. Vänligen kontrollera din inkorg inom de kommande %s för att slutföra återställning av ditt konto.
 active_your_account=Aktivera ditt konto
 account_activated=Kontot har aktiverats
-prohibit_login=Inloggning otillåten
 resent_limit_prompt=Du har redan begärt ett aktiveringsmejl nyligen. Vänligen vänta 3 minuter och försök igen.
 has_unconfirmed_mail=Hej %s, du har en obekräftad epostaddress (<b>%s</b>). Om du inte har fått ett bekräftelsemail eller behöver ett nytt, klicka på knappen nedan.
 resend_mail=Klicka här för att skicka ditt aktiveringsmejl igen
@@ -287,7 +281,6 @@ email_domain_blacklisted=Du kan inte registrera dig med din e-postadress.
 authorize_application=Godkänn applikation
 authorize_redirect_notice=Du kommer att omdirigeras till %s om du auktoriserar denna applikation.
 authorize_application_created_by=Denna applikation skapades av %s.
-authorize_application_description=Om du beviljar åtkomst kommer den att kunna läsa och skriva information om ditt konto, inklusive privata förråd och organisationer.
 authorize_title=Ge "%s" tillgång till ditt konto?
 authorization_failed=Auktorisering misslyckades
 sspi_auth_failed=SSPI-autentisering misslyckades
@@ -356,11 +349,9 @@ lang_select_error=Välj ett språk från listan.
 username_been_taken=Användarnamnet är redan taget.
 repo_name_been_taken=Namnet för utvecklingskatalogen är upptaget.
 repository_files_already_exist=Filer finns redan för denna utvecklingskatalog. Kontakta systemadministratören.
-repository_files_already_exist.adopt=Filer finns redan för denna utvecklingskatalog och kan bara antas.
 repository_files_already_exist.delete=Filer finns redan för denna utvecklingskatalog. Du måste ta bort dem.
 repository_files_already_exist.adopt_or_delete=Filer finns redan för denna utvecklingskatalog. Antingen anta dem eller ta bort dem.
 visit_rate_limit=För många förfrågningar på för kort tid till fjärrvärden.
-2fa_auth_required=Fjärrbesök kräver tvåfaktorsautentisering.
 org_name_been_taken=Organisationsnamnet är redan taget.
 team_name_been_taken=Teamnamnet är redan taget.
 team_no_units_error=Tillåt åtkomst för åtminstone en del av utvecklingskatalogen.
@@ -464,7 +455,6 @@ activate_email=Skicka aktivering
 activations_pending=Väntar på aktivering
 delete_email=Ta Bort
 email_deletion=Ta Bort mejladress
-email_deletion_desc=Mejladressen och relaterad information kommer tas bort från ditt konto. Git-commits med denna mejladress förblir oförändrade. Vill du fortsätta?
 email_deletion_success=Mejladressen har tagits bort.
 theme_update_success=Ditt tema ändrades.
 theme_update_error=Det valda temat finns inte.
@@ -556,12 +546,10 @@ oauth2_application_create_description=OAuth2-applikationer ger tredjepartsapplik
 authorized_oauth2_applications=Auktoriserade OAuth2-appar
 revoke_key=Upphäv
 revoke_oauth2_grant=Upphäv åtkomst
-revoke_oauth2_grant_description=Återkallning av åtkomst för detta tredjepartsprogram kommer att hindra programmet från att komma åt dina data. Är du säker?
 
 twofa_is_enrolled=Ditt konto är för närvarande <strong>uppsäkrad</strong> med tvåfaktorsautentisering.
 twofa_not_enrolled=Ditt konto är för närvarande inte uppsäkrad med tvåfaktorsautentisering.
 twofa_disable=Inaktivera tvåfaktorsautentisering
-twofa_enroll=Aktivera tvåfaktorsautentisering
 twofa_disable_note=Du kan inaktivera tvåfaktorsautentisering om det behövs.
 twofa_disable_desc=Avaktivering av tvåfaktorsautentisering kommer göra ditt konto mindre säkert. Vill du fortsätta?
 twofa_disabled=Tvåfaktorsautentisering har blivit avaktiverat.
@@ -573,7 +561,6 @@ passcode_invalid=Koden är ogiltig. Försök igen.
 
 manage_account_links=Hantera Länkade Konton
 manage_account_links_desc=Dessa externa konton är länkade till ditt Gitea-konto.
-account_links_not_available=Det finns för närvarande inga externa konton länkade till ditt Gitea-konto.
 link_account=Länka konto
 remove_account_link=Ta Bort Länkat Konto
 remove_account_link_desc=Borttagning av länkade konton kommer häva dess åtkomst till ditt Gitea-konto. Vill du fortsätta?
@@ -688,7 +675,6 @@ migrate.migrate_items_options=Åtkomsttoken krävs för att migrera ytterligare
 migrated_from=Migrerad från <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Migrerad från %[1]s
 migrate.migrate=Migrera från %s
-migrate.migrating=Migrerar från <b>%s</b> ...
 migrate.migrating_failed=Migrering från <b>%s</b> misslyckades.
 migrate.migrating_issues=Migrerar Ärenden
 
@@ -710,7 +696,6 @@ quick_guide=Snabbguide
 clone_this_repo=Klona detta repo
 create_new_repo_command=Skapa en ny utvecklingskatalog på kommandoraden
 push_exist_repo=Pusha en existerande utvecklingskatalog från kommandoraden
-empty_message=Detta förråd innehåller inget.
 
 code=Kod
 code.desc=Se källkod, filer, commits och brancher.
@@ -724,7 +709,6 @@ issues=Ärenden
 pulls=Pull-förfrågningar
 projects=Projekt
 labels=Etiketter
-org_labels_desc=Etiketter på organisationsnivå som kan användas i <strong>alla utvecklingskataloger</strong> tillhörande denna organisation
 org_labels_desc_manage=hantera
 
 milestones=Milstenar
@@ -739,7 +723,6 @@ file_too_large=Filen är för stor för att visas.
 
 video_not_supported_in_browser=Din webbläsare stödjer ej HTML5-taggen 'video'.
 audio_not_supported_in_browser=Din webbläsare stöder inte taggen 'audio' i HTML5.
-stored_lfs=Sparad med Git LFS
 symbolic_link=Symbolisk länk
 commit_graph=Commit-Graf
 commit_graph.monochrome=Mono
@@ -778,12 +761,12 @@ editor.file_changed_while_editing=Filens innehåll har ändrats sedan du påbör
 editor.commit_empty_file_header=Committa en tom fil
 editor.commit_empty_file_text=Filen du vill committa är tom. Vill du fortsätta?
 editor.no_changes_to_show=Det finns inga ändringar att visa.
-editor.fail_to_update_file_summary=Felmeddelande:
 editor.add_subdir=Lägga till en katalog…
 editor.no_commit_to_branch=Det gick inte att committa direkt till branchen för:
 editor.user_no_push_to_branch=Användaren kan inte pusha till branchen
 editor.require_signed_commit=Branchen kräver en signerad commit
 
+
 commits.desc=Bläddra i källkodens förändringshistorik.
 commits.commits=Incheckningar
 commits.search_all=Alla brancher
@@ -873,7 +856,6 @@ issues.filter_label_no_select=Alla etiketter
 issues.filter_milestone=Milsten
 issues.filter_project_none=Inget projekt
 issues.filter_assignee=Förvärvare
-issues.filter_assginee_no_assignee=Ingen tilldelad
 issues.filter_type=Typ
 issues.filter_type.all_issues=Alla ärenden
 issues.filter_type.assigned_to_you=Tilldelad dig
@@ -882,7 +864,6 @@ issues.filter_type.mentioning_you=Nämner dig
 issues.filter_sort=Sortera
 issues.filter_sort.latest=Nyaste
 issues.filter_sort.oldest=Äldsta
-issues.filter_sort.recentupdate=Nyligen uppdaterade
 issues.filter_sort.leastupdate=Äldst uppdaterad
 issues.filter_sort.mostcomment=Mest kommenterade
 issues.filter_sort.leastcomment=Minst kommenterade
@@ -956,7 +937,6 @@ issues.subscribe=Prenumerera
 issues.unsubscribe=Avsluta prenumerationen
 issues.lock=LÃ¥s konversation
 issues.unlock=LÃ¥s upp konversation
-issues.lock.unknown_reason=Kan inte låsa ärende utan angiven anledning.
 issues.lock_duplicate=Ett ärende kan inte låsas två gånger.
 issues.unlock_error=Kan inte låsa upp ett olåst ärende.
 issues.lock_with_reason=låst som <strong>%s</strong> och begränsad konversation till medarbetare %s
@@ -964,7 +944,6 @@ issues.lock_no_reason=låst och begränsat konversation till kollaboratörer %s
 issues.unlock_comment=lås upp denna konversation %s
 issues.lock_confirm=LÃ¥s
 issues.unlock_confirm=LÃ¥s upp
-issues.lock.notice_1=- Andra användare kan inte kommentera detta ärende.
 issues.lock.notice_2=- Du och andra kollaboratörer med tillgång till denna utvecklingskatalog kan fortfarande skriva kommentarer som andra kan se.
 issues.lock.notice_3=- Du kan alltid låsa upp detta ärende senare.
 issues.unlock.notice_1=- Alla kommer kunna kommentera detta ärende en gång till.
@@ -1013,8 +992,6 @@ issues.dependency.added_dependency=`lade till ett nytt beroende %s`
 issues.dependency.removed_dependency=`tog bort ett beroende %s`
 issues.dependency.issue_close_blocks=Detta ärende blockerar en stängning av följande ärenden
 issues.dependency.pr_close_blocks=Denna pull-förfrågan blockerar stängning av följande ärenden
-issues.dependency.issue_close_blocked=Du måste stänga alla ärenden som blockerar det här ärendet innan du kan stänga det.
-issues.dependency.pr_close_blocked=Du måste stänga alla ärenden som blockerar denna pull-förfrågan innan du kan merga det.
 issues.dependency.blocks_short=Blockerar
 issues.dependency.blocked_by_short=Beroende av
 issues.dependency.remove_header=Ta bort beroende
@@ -1025,7 +1002,6 @@ issues.dependency.add_error_same_issue=Ett ärende kan inte bero på sig själv.
 issues.dependency.add_error_dep_issue_not_exist=Ärendet du beror på, finns inte.
 issues.dependency.add_error_dep_not_exist=Beroendet finns inte.
 issues.dependency.add_error_dep_exists=Beroendet finns redan.
-issues.dependency.add_error_cannot_create_circular=Du kan inte skapa ett beroende med två ärenden som blockerar varandra.
 issues.dependency.add_error_dep_not_same_repo=Båda ärendena måste vara i samma utvecklingskatalog.
 issues.review.self.approval=Du kan inte godkänna din egen pull-begäran.
 issues.review.self.rejection=Du kan inte begära ändringar för din egna pull-förfrågan.
@@ -1036,7 +1012,6 @@ issues.review.reject=begärda ändringar %s
 issues.review.wait=begärdes för granskning %s
 issues.review.add_review_request=begärde granskning från %s %s
 issues.review.remove_review_request=tog bort granskningsbegäran för %s %s
-issues.review.remove_review_request_self=vägrade att granska %s
 issues.review.pending=Väntande
 issues.review.review=Granska
 issues.review.reviewers=Granskare
@@ -1047,7 +1022,6 @@ issues.review.hide_resolved=Dölj löst
 issues.review.resolve_conversation=Lös konversation
 issues.review.resolved_by=markerade denna konversation som löst
 issues.review.commented=Kommentar
-issues.assignee.error=Inte alla tilldelade har lagts till på grund av ett oväntat fel.
 issues.content_history.options=Alternativ
 
 
@@ -1073,7 +1047,6 @@ pulls.is_closed=Pull-förfrågan har stängts.
 pulls.title_wip_desc=`<a href="#">Börja titeln med <strong>%s</strong></a> för att förhindra att pull-förfrågan sammanfogas av misstag`
 pulls.data_broken=Pull-requesten är trasig pågrund av oexisterande information on forken.
 pulls.files_conflicted=Den här pull-förfrågan ha ändringar som är i konflikt med mål-branchen.
-pulls.is_checking=Merge-konfliktkontroll pågår. Försök igen senare.
 pulls.required_status_check_failed=Vissa tvingande kontroller lyckades inte.
 pulls.required_status_check_missing=Vissa tvingande kontroller saknas.
 pulls.required_status_check_administrator=Som administratör kan du fortfarande merga den här pull requesten.
@@ -1186,7 +1159,6 @@ activity.title.releases_1=%d release
 activity.title.releases_n=%d releaser
 activity.title.releases_published_by=%s publicerad av %s
 activity.published_release_label=Publicerad
-activity.no_git_activity=Det har inte gjorts några commit under den här perioden.
 activity.git_stats_exclude_merges=Exkludera merger,
 activity.git_stats_author_1=%d författare
 activity.git_stats_author_n=%d författare
@@ -1205,7 +1177,6 @@ activity.git_stats_deletion_n=%d borttagningar
 contributors.contribution_type.commits=Incheckningar
 
 settings=Inställningar
-settings.desc=Inställningarna är där du kan hantera inställningar för utvecklingskatalogen
 settings.options=Utvecklingskatalog
 settings.collaboration=Medarbetare
 settings.collaboration.admin=Administratör
@@ -1246,7 +1217,6 @@ settings.pulls_desc=Aktivera Pull Requests för utvecklingskatalog
 settings.pulls.ignore_whitespace=Ignorera blanksteg vid konflikter
 settings.admin_settings=Administratörsinställningar
 settings.admin_enable_health_check=Aktivera hälsokontroll för utvecklingskataloger (git fsck)
-settings.admin_enable_close_issues_via_commit_in_any_branch=Stäng ett ärende via en commit gjord i en icke standard-gren
 settings.danger_zone=Högrisksområde
 settings.new_owner_has_same_repo=Den nya ägaren har redan ett repo med det namnet. Vänligen välj ett annat namn.
 settings.convert=Konvertera till vanlig utvecklingskatalog
@@ -1272,7 +1242,6 @@ settings.wiki_deletion_success=Utvecklingskatalogens wiki-data har blivit bortta
 settings.delete=Ta Bort Detta Repo
 settings.delete_desc=Borttagning av en utvecklingskatalog är permanent och kan ej ångras.
 settings.delete_notices_1=- Denna åtgärd kan <strong>INTE</strong> ångras.
-settings.delete_notices_2=- Denna åtgärd kommer permanent ta bort utvecklingskatalogen <strong>%s</strong> inklusive kod, ärenden, kommentarer, wiki-data samt medarbetarinställningar.
 settings.delete_notices_fork_1=- Forkar av denna utvecklingskatalog kommer bli självständiga efter borttagning.
 settings.deletion_success=Utvecklingskatalog har tagits bort.
 settings.update_settings_success=Inställningar för utvecklingskatalog har uppdaterats.
@@ -1289,15 +1258,12 @@ settings.change_team_access_not_allowed=Att ändra teamåtkomst för utvecklings
 settings.team_not_in_organization=Teamet är inte i samma organisation som utvecklingskatalogen
 settings.teams=Grupper
 settings.add_team_duplicate=Teamet har redan utvecklingskatalogen
-settings.add_team_success=Teamet har nu tillgång till utvecklingskatalogen.
 settings.remove_team_success=Teamets åtkomst till utvecklingskatalogen har tagits bort.
 settings.add_webhook=Lägg Till Webbhook
 settings.hooks_desc=Webhooks gör automatiskt ett HTTP POST anrop mot en server när vissa Gitea events triggas. Läs mer om detta i <a target="_blank" rel="noopener noreferrer" href="%s">webhooks guiden</a>.
 settings.webhook_deletion=Ta bort Webhook
 settings.webhook_deletion_desc=Borttagning utav en webhook tar även bort dess inställningar och leveranshistorik. Vill du fortsätta?
 settings.webhook_deletion_success=Webhooken har blivit borttagen.
-settings.webhook.test_delivery=Testa Leverans
-settings.webhook.test_delivery_desc=Testa webhooken genom ett testevent.
 settings.webhook.request=Begäran
 settings.webhook.response=Svar
 settings.webhook.headers=Huvuden
@@ -1405,7 +1371,6 @@ settings.lfs_invalid_locking_path=Ogiltig sökväg: %s
 settings.lfs_invalid_lock_directory=Kan inte låsa katalog: %s
 settings.lfs_lock_already_exists=LÃ¥s finns redan: %s
 settings.lfs_lock=LÃ¥s
-settings.lfs_lock_path=Filväg att låsa...
 settings.lfs_locks_no_locks=Inga lås
 settings.lfs_force_unlock=Tvinga upplåsning
 settings.lfs_pointers.sha=Blob SHA
@@ -1528,13 +1493,13 @@ settings.visibility.private=Privat (synlig endast för organisationens medlemmar
 settings.visibility.private_shortname=Privat
 
 settings.update_settings=Uppdatera inställningar
+
+
 settings.update_avatar_success=Organisationens avatar har uppdateras.
 settings.delete=Tag bort organisation
 settings.delete_account=Tag bort denna organisation
 settings.delete_prompt=Organisationen kommer tas bort permanent, och det går <strong>INTE</strong> att ångra detta!
 settings.confirm_delete_account=Bekräfta borttagning
-settings.delete_org_title=Ta bort organisation
-settings.delete_org_desc=Denna organisation kommer tas bort permanent. Vill du fortsätta?
 settings.hooks_desc=Lägg till webbhook som triggas för <strong>alla utvecklingskataloger</strong> under denna organisationen.
 
 settings.labels_desc=Lägg till etiketter som kan användas till ärenden för <strong>alla utvecklingskataloger</strong> under denna organisation.
@@ -1617,8 +1582,6 @@ dashboard.clean_unbind_oauth=Rena obundna OAuth anslutningar
 dashboard.clean_unbind_oauth_success=Alla obundna OAuth anslutningar har raderats.
 dashboard.delete_missing_repos=Ta bort alla utvecklingskataloger som saknar filer specifika för Git
 dashboard.delete_generated_repository_avatars=Ta bort genererade avatarer för utvecklingskatalogen
-dashboard.git_gc_repos=Rensa skräpfiler på samtliga utvecklingskataloger
-dashboard.resync_all_hooks=Återsynkronisera pre-recieve, update och post-receive hooks för alla utvecklingskataloger.
 dashboard.reinit_missing_repos=Återinitialisera alla saknade utvecklingskataloger som vi känner till
 dashboard.sync_external_users=Synkronisera extern användardata
 dashboard.server_uptime=Serverns upptid
@@ -1660,7 +1623,6 @@ users.admin=Administratör
 users.repos=Utvecklingskataloger
 users.created=Skapad
 users.last_login=Senaste inloggning
-users.never_login=Aldrig varit inloggad
 users.send_register_notify=Skicka notifiering vid användarregistrering
 users.edit=Redigera
 users.auth_source=Autentiseringskälla
@@ -1687,10 +1649,7 @@ users.list_status_filter.is_admin=Administratör
 
 emails.primary=Primär
 emails.activated=Aktiverad
-emails.filter_sort.email=E-post
-emails.filter_sort.email_reverse=E-post (omvänd)
 emails.filter_sort.name=Användarnamn
-emails.filter_sort.name_reverse=Användarnamn (omvänd)
 
 orgs.org_manage_panel=Organisationshantering
 orgs.name=Namn
@@ -1795,8 +1754,6 @@ config.ssh_start_builtin_server=Använd inbyggd Server
 config.ssh_port=Port
 config.ssh_listen_port=Lyssningsport
 config.ssh_root_path=Rotsökväg
-config.ssh_key_test_path=Testsökväg för nyckel
-config.ssh_keygen_path=Sökväg för nyckelgenerator ('ssh-keygen')
 config.ssh_minimum_key_size_check=Kontroll av minsta tillåtna nyckelstorlek
 config.ssh_minimum_key_sizes=Minsta tillåtna nyckelstorlek
 
@@ -1972,8 +1929,6 @@ error.no_committer_account=Inget konto är kopplat till bidragsgivarens mejladre
 error.no_gpg_keys_found=Ingen känd nyckel hittad för denna signaturen i databasen
 error.not_signed_commit=Inte en signerad commit
 error.failed_retrieval_gpg_keys=Det gick inte att hämta någon nyckel kopplad till bidragsgivarens konto
-error.probable_bad_signature=VARNING! Även om det finns en nyckel med detta ID i databasen så verifierar det inte committen! Denna commit är MISSTÄNKT.
-error.probable_bad_default_signature=VARNING! Även om standard-nyckeln har detta ID så verifierar det inte committen! Denna commit är MISSTÄNKT.
 
 [units]
 error.no_unit_allowed_repo=Du tillåts inte åtkomst till någon del av denna utvecklingskatalog.
@@ -1988,8 +1943,12 @@ conan.details.repository=Utvecklingskatalog
 owner.settings.cleanuprules.enabled=Aktiv
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Beskrivning
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_tr-TR.ini b/options/locale/locale_tr-TR.ini
index 1a044fca83..ca7ae8a962 100644
--- a/options/locale/locale_tr-TR.ini
+++ b/options/locale/locale_tr-TR.ini
@@ -44,7 +44,6 @@ webauthn_use_twofa=Telefonunuzdan iki aşamalı doğrulama kodu kullanın
 webauthn_error=Güvenlik anahtarınız okunamıyor.
 webauthn_unsupported_browser=Tarayıcınız henüz WebAuthn desteklemiyor.
 webauthn_error_unknown=Bilinmeyen bir hata oluştu. Lütfen tekrar deneyin.
-webauthn_error_insecure=WebAuthn sadece güvenli bağlantıyı destekler. HTTP üzerinden test etmek için "localhost" veya "127.0.0.1" adreslerini kullanabilirsiniz.
 webauthn_error_unable_to_process=Sunucu isteÄŸinizi iÅŸleyemedi.
 webauthn_error_duplicated=Güvenlik anahtarının bu istek için izni yok. Anahtarın halihazırda kayıtlı olmadığından emin olun.
 webauthn_error_empty=Bu anahtar için bir isim belirlemelisiniz.
@@ -113,6 +112,7 @@ copy_type_unsupported=Bu dosya türü kopyalanamaz
 write=Yaz
 preview=Önizleme
 loading=Yükleniyor…
+files=Dosyalar
 
 error=Hata
 error404=Ulaşmaya çalıştığınız sayfa <strong>mevcut değil</strong> veya <strong>görüntüleme yetkiniz yok</strong>.
@@ -128,7 +128,7 @@ pin=Sabitle
 unpin=Sabitlemeyi kaldır
 
 artifacts=Yapılar
-confirm_delete_artifact=%s yapısını silmek istediğinizden emin misiniz?
+expired=Süresi doldu
 
 archived=ArÅŸivlenmiÅŸ
 
@@ -165,29 +165,18 @@ no_results_found=Sonuç bulunamadı.
 internal_error_skipped=Dahili bir hata oluştu ama atlandı: %s
 
 [search]
-search=Ara...
 type_tooltip=Arama türü
 fuzzy=Bulanık
-fuzzy_tooltip=Arama terimine benzeyen sonuçları da içer
+words=Kelimeler
+words_tooltip=Sadece arama terimi kelimeleriyle eşleşen sonuçları içer
+regexp=Regexp
+regexp_tooltip=Sadece regexp arama terimiyle tamamen eşleşen sonuçları içer
 exact=Tam
 exact_tooltip=Sadece arama terimiyle tamamen eşleşen sonuçları içer
-repo_kind=Depoları ara...
-user_kind=Kullanıcıları ara...
-org_kind=Organizasyonları ara...
-team_kind=Takımları ara...
-code_kind=Kod ara...
 code_search_unavailable=Kod arama şu an mevcut değil. Lütfen site yöneticisiyle iletişime geçin.
 code_search_by_git_grep=Mevcut kod arama sonuçları "git grep" ile sağlanıyor. Eğer yönetici Depo Dizinleyici'yi etkinleştirirse daha iyi sonuçlar çıkabilir.
-package_kind=Paketleri ara...
-project_kind=Projeleri ara...
-branch_kind=Dalları ara...
-tag_kind=Etiketleri ara...
 tag_tooltip=Eşleşen etiketler için arama. Herhangi bir numara serisi bulmak için '%' kullanın.
-commit_kind=Ä°ÅŸlemeleri ara...
-runner_kind=Çalıştırıcıları ara...
 no_results=Eşleşen sonuç bulunamadı.
-issue_kind=Konuları ara...
-pull_kind=DeÄŸiÅŸiklikleri ara...
 keyword_search_unavailable=Anahtar kelime ile arama şu an mevcut değil. Lütfen site yöneticinizle iletişime geçin.
 
 [aria]
@@ -223,8 +212,6 @@ buttons.enable_monospace_font=Eşaralıklı yazıtipini etkinleştir
 buttons.disable_monospace_font=Eşaralıklı yazıtipini devre dışı bırak
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=Bir hata oluÅŸtu
@@ -235,10 +222,13 @@ network_error=Ağ hatası
 [startpage]
 app_desc=Zahmetsiz, kendi sunucunuzda barındırabileceğiniz Git servisi
 install=Kurulumu kolay
+install_desc=Platformunuz için <a target="_blank" rel="noopener noreferrer" href="https://docs.gitea.com/installation/install-from-binary">ikili dosyayı çalıştırın</a>, <a target="_blank" rel="noopener noreferrer" href="https://github.com/go-gitea/gitea/tree/master/docker">Docker</a> ile yükleyin veya <a target="_blank" rel="noopener noreferrer" href="https://docs.gitea.com/installation/install-from-package">paket</a> olarak edinin.
 platform=Farklı platformlarda çalışablir
+platform_desc=Gitea <a target="_blank" rel="noopener noreferrer" href="%s">Go</a> ile derleme yapılabilecek her yerde çalışmaktadır: Windows, macOS, Linux, ARM, vb. Hangisini seviyorsanız onu seçin!
 lightweight=Hafif
 lightweight_desc=Gitea'nın minimal gereksinimleri çok düşüktür ve ucuz bir Raspberry Pi üzerinde çalışabilmektedir. Makine enerjinizden tasarruf edin!
 license=Açık Kaynak
+license_desc=Gidin ve <a target="_blank" rel="noopener noreferrer" href="https://code.gitea.io/gitea">code.gitea.io/gitea</a>'yı edinin! Bu projeyi daha da iyi yapmak için <a target="_blank" rel="noopener noreferrer" href="https://github.com/go-gitea/gitea">katkıda bulunarak</a> bize katılın. Katkıda bulunmaktan çekinmeyin!
 
 [install]
 install=Kurulum
@@ -258,16 +248,10 @@ path=Yol
 sqlite_helper=SQLite3 veritabanı dosya yolu.<br> Gitea'yı servis olarak çalıştırıyorsanız tam yol adını girin.
 reinstall_error=Mevcut bir Gitea veritabanına yüklemeye çalışıyorsunuz
 reinstall_confirm_message=Mevcut bir Gitea veritabanıyla yeniden kurulum yapmak birden çok soruna neden olabilir. Çoğu durumda Gitea'yı çalıştırmak için mevcut "app.ini" dosyanızı kullanmalısınız. Ne yaptığınızı biliyorsanız, aşağıdakileri onaylayın:
-reinstall_confirm_check_1=App.ini'de SECRET_KEY tarafından şifrelenen veriler kaybolabilir: kullanıcılar 2FA/OTP ile oturum açamayabilir ve yansıtmalar düzgün çalışmayabilir. Bu kutuyu işaretleyerek mevcut app.ini dosyasının doğru SECRET_KEY dosyasını içerdiğini onaylarsınız.
-reinstall_confirm_check_2=Depoların ve ayarların yeniden senkronize edilmesi gerekebilir. Bu kutuyu işaretleyerek, havuzlar ve yetkili_anahtarlar dosyası için kancaları elle yeniden senkronize edeceğinizi onaylamış olursunuz. Depo ve yansı ayarlarının doğru olduğundan emin olacağınızı onaylıyorsunuz.
 reinstall_confirm_check_3=Bu Gitea'nın doğru app.ini konumuyla çalıştığından kesinlikle emin olduğunuzu ve yeniden yüklemeniz gerektiğinden emin olduğunuzu onaylarsınız. Yukarıdaki riskleri kabul ettiğinizi onaylıyorsunuz.
 err_empty_db_path=SQLite3 veritabanı dosya yolu boş olamaz.
 no_admin_and_disable_registration=Bir yönetici hesabı oluşturmadan kullanıcı kaydını kapatamazsınız.
 err_empty_admin_password=Yönetici parolası boş olamaz.
-err_empty_admin_email=Yönetici e-postası boş olamaz.
-err_admin_name_is_reserved=Yönetici Kullanıcı Adı geçersiz, bu kullanıcı adı rezerv edilen bir kelimedir
-err_admin_name_pattern_not_allowed=Yönetici kullanıcı adı geçersiz, kullanıcı adı ayrılmış bir desenle eşleşiyor
-err_admin_name_is_invalid=Yönetici Kullanıcı Adı geçersiz
 
 general_title=Genel Ayarlar
 app_name=Site Başlığı
@@ -283,7 +267,6 @@ domain_helper=Sunucu için alan adı veya ana bilgisayar adresi.
 ssh_port=SSH Sunucu Portu
 ssh_port_helper=SSH sunucusunun dinleyeceği port numarası. Etkisizleştimek için boş bırakın.
 http_port=Gitea HTTP Dinleme Portu
-http_port_helper=Gitea'nın web sunucusunun dinleyeceği port numarası.
 app_url=Gitea Kök URL
 app_url_helper=HTTP(S) kopyalama URL'leri ve e-posta bildirimleri için temel adres.
 log_root_path=Günlük Dosyaları Yolu
@@ -347,11 +330,11 @@ no_reply_address=Gizlenecek E-Posta Alan Adı
 no_reply_address_helper=Gizlenmiş e-posta adresine sahip kullanıcılar için alan adı. Örneğin 'ali' kullanıcı adı, gizlenmiş e-postalar için alan adı 'yanityok.ornek.org' olarak ayarlandığında Git günlüğüne 'ali@yanityok.ornek.org' olarak kaydedilecektir.
 password_algorithm=Parola Hash Algoritması
 invalid_password_algorithm=Hatalı parola hash algoritması
-password_algorithm_helper=Parola hash algoritmasını ayarlayın. Algoritmalar değişen gereksinimlere ve güce sahiptirler. argon2 algoritması iyi özelliklere sahip olmasına rağmen fazla miktarda bellek kullanır ve küçük sistemler için uygun olmayabilir.
 enable_update_checker=Güncelleme Denetleyicisini Etkinleştir
 enable_update_checker_helper=Düzenli olarak gitea.io'ya bağlanarak yeni yayınlanan sürümleri denetler.
 env_config_keys=Ortam Yapılandırma
 env_config_keys_prompt=Aşağıdaki ortam değişkenleri de yapılandırma dosyanıza eklenecektir:
+config_write_file_prompt=Bu yapılandırma seçenekleri şuraya yazılacak: %s
 
 [home]
 nav_menu=Gezinti Menüsü
@@ -380,6 +363,12 @@ show_only_public=Yalnızca açık olanlar gösteriliyor
 
 issues.in_your_repos=Depolarınızda
 
+guide_title=Etkinlik yok
+guide_desc=Herhangi bir depo veya kullanıcı takip etmiyorsunuz, bu yüzden görüntülenecek bir içerik yok. Aşağıdaki bağlantıları kullanarak ilgi çekici depo ve kullanıcıları keşfedebilirsiniz.
+explore_repos=Depoları keşfet
+explore_users=Kullanıcıları keşfet
+empty_org=Henüz bir organizasyon yok.
+empty_repo=Henüz bir depo yok.
 
 [explore]
 repos=Depolar
@@ -403,6 +392,7 @@ remember_me.compromised=Oturum açma tokeni artık geçerli değil, bu ele geçi
 forgot_password_title=Åžifremi unuttum
 forgot_password=Åžifrenizi mi unuttunuz?
 need_account=Bir hesaba mı ihtiyacın var?
+sign_up_tip=Sistemdeki yönetici ayrıcalıklarına sahip olan ilk hesabı oluşturuyorsunuz. Lütfen kullanıcı adınızı ve parolanızı unutmamaya dikkat edin. Kullanıcı adı veya parolayı unutursanız, hesabı kurtarmak için lütfen Gitea belgelerine bakın.
 sign_up_now=Hemen kaydolun.
 sign_up_successful=Hesap başarılı bir şekilde oluşturuldu. Hoşgeldiniz!
 confirmation_mail_sent_prompt_ex=Yeni bir doğrulama e-postası <b>%s</b> adresine gönderildi. Lütfen kayıt sürecini tamamlamak için %s içinde gelen kutunuzu denetleyin. Eğer kayıt e-posta adresiniz hatalı ise, tekrar oturum açıp değiştirebilirsiniz.
@@ -411,8 +401,6 @@ allow_password_change=Kullanıcıyı parola değiştirmeye zorla (önerilen)
 reset_password_mail_sent_prompt=<b>%s</b> adresine bir onay e-postası gönderildi. Hesap kurtarma işlemini tamamlamak için lütfen gelen kutunuzu sonraki %s içinde kontrol edin.
 active_your_account=Hesabınızı Etkinleştirin
 account_activated=Hesap etkinleÅŸtirildi
-prohibit_login=Oturum Açma Yasağı
-prohibit_login_desc=Hesabınız ile oturum açmanız yasaklanmış, lütfen site yöneticinizle iletişime geçin.
 resent_limit_prompt=Zaten bir etkinleştirme e-postası talep ettiniz. Lütfen 3 dakika bekleyip tekrar deneyin.
 has_unconfirmed_mail=Merhaba %s, doğrulanmamış bir e-posta adresin var (<b>%s</b>). Bir doğrulama e-postası almadıysanız ya da yenisine ihtiyacınız varsa lütfen aşağıdaki düğmeye tıklayın.
 change_unconfirmed_mail_address=Eğer kayıt e-posta adresiniz hatalı ise, burada değiştirebilir ve yeni bir doğrulama e-postası gönderebilirsiniz.
@@ -441,26 +429,24 @@ oauth_signup_submit=Hesabı Tamamla
 oauth_signin_tab=Mevcut Hesaba BaÄŸla
 oauth_signin_title=Bağlantılı Hesabı Yetkilendirmek için Giriş Yapın
 oauth_signin_submit=Hesabı Bağla
+oauth.signin.error.general=Yetkilendirme isteğini işlerken bir hata oluştu: %s. Eğer hata devam ederse lütfen site yöneticisiyle bağlantıya geçin.
 oauth.signin.error.access_denied=Yetkilendirme isteÄŸi reddedildi.
 oauth.signin.error.temporarily_unavailable=Yetkilendirme sunucusu geçici olarak erişilemez olduğu için yetkilendirme başarısız oldu. Lütfen daha sonra tekrar deneyin.
-oauth_callback_unable_auto_reg=Otomatik kayıt etkin ancak OAuth2 Sağlayıcı %[1] eksik sahalar döndürdü: %[2]s, otomatik olarak hesap oluşturulamıyor, lütfen bir hesap oluşturun veya bağlantı verin, veya site yöneticisiyle iletişim kurun.
 openid_connect_submit=BaÄŸlan
 openid_connect_title=Mevcut olan bir hesaba baÄŸlan
 openid_connect_desc=Seçilen OpenID URI'si bilinmiyor. Burada yeni bir hesapla ilişkilendir.
 openid_register_title=Yeni hesap oluÅŸtur
 openid_register_desc=Seçilen OpenID URI'si bilinmiyor. Burada yeni bir hesapla ilişkilendir.
 openid_signin_desc=OpenID URI'nizi girin. Örneğin: alice.openid.example.org veya https://openid.example.org/alice.
-disable_forgot_password_mail=E posta ayarlanmadığından hesap kurtarma devre dışı. Site yöneticinizle iletişime geçin.
-disable_forgot_password_mail_admin=Hesap kurtarma sadece e posta ayarlıyken kullanılabilir. Hesap kurtarmayı etkinleştirmek için lütfen e posta ayarlayın.
 email_domain_blacklisted=Bu e-posta adresinizle kayıt olamazsınız.
 authorize_application=Uygulamayı Yetkilendir
 authorize_redirect_notice=Bu uygulamayı yetkilendirirseniz %s adresine yönlendirileceksiniz.
 authorize_application_created_by=Bu uygulama %s tarafından oluşturuldu.
-authorize_application_description=Erişime izin verirseniz, özel depolar ve organizasyonlar da dahil olmak üzere tüm hesap bilgilerinize erişebilir ve yazabilir.
+authorize_application_with_scopes=Kapsamlar: %s
 authorize_title=Hesabınıza erişmesi için "%s" yetkilendirilsin mi?
 authorization_failed=Yetkilendirme başarısız oldu
-authorization_failed_desc=Geçersiz bir istek tespit ettiğimiz için yetkilendirme başarısız oldu. Lütfen izin vermeye çalıştığınız uygulamanın sağlayıcısı ile iletişim kurun.
 sspi_auth_failed=SSPI kimlik doğrulaması başarısız oldu
+password_pwned=Seçtiğiniz parola, daha önce herkese açık veri ihlallerinde açığa çıkan bir <a target="_blank" rel="noopener noreferrer" href="%s">çalınan parola listesindedir</a>. Lütfen farklı bir parola ile tekrar deneyin ve başka yerlerde de bu parolayı değiştirmeyi düşünün.
 password_pwned_err=HaveIBeenPwned'e yapılan istek tamamlanamadı
 last_admin=Son yöneticiyi silemezsiniz. En azından bir yönetici olmalıdır.
 signin_passkey=Bir parola anahtarı ile oturum aç
@@ -483,8 +469,6 @@ activate_email.text=E posta adresinizi doğrulamak için lütfen <b>%s</b> için
 
 register_notify=%s'ya HoÅŸ Geldiniz
 register_notify.title=%[1]s, %[2]s e hoÅŸgeldiniz
-register_notify.text_1=bu %s için kayıt onay e postanızdır!
-register_notify.text_2=Artık %s kullanıcı adı ile oturum açabilirsiniz.
 register_notify.text_3=Eğer bu hesap sizin için oluşturulduysa, lütfen önce <a href="%s">şifrenizi</a> ayarlayın.
 
 reset_password=Hesabınızı kurtarın
@@ -522,7 +506,6 @@ release.download.targz=Kaynak Kodu (TAR.GZ)
 repo.transfer.subject_to=%s "%s" aktarımını %s tarafına gerçekleştirmek istiyor
 repo.transfer.subject_to_you=%s size "%s" aktarmak istiyor
 repo.transfer.to_you=siz
-repo.transfer.body=Kabul veya reddetmek için %s ziyaret edin veya görmezden gelin.
 
 repo.collaborator.added.subject=%s sizi %s ekledi
 repo.collaborator.added.text=Bu depo için katkıcı olarak eklendiniz:
@@ -574,7 +557,6 @@ url_error=`"%s" geçerli bir URL değil.`
 include_error=` "%s" içermelidir.`
 glob_pattern_error=` glob deseni geçersiz: %s.`
 regex_pattern_error=` regex dizisi geçersiz: %s.`
-username_error=` sadece alfanümerik karakterler ('0-9','a-z','A-Z'), tire ('-'), altçizgi ('_') ve nokta ('.') içerebilir. Alfanümerik olmayan karakterle başlayamaz veya bitemez ve alfanümerik olmayan karakterler peşpeşe gelemez.`
 invalid_group_team_map_error=` eşleme geçersiz: %s`
 unknown_error=Bilinmeyen hata:
 captcha_incorrect=CAPTCHA eÅŸleÅŸmedi.
@@ -583,21 +565,20 @@ lang_select_error=Listeden bir dil seçin.
 
 username_been_taken=Bu kullanıcı adı daha önce alınmış.
 username_change_not_local_user=Yerel olmayan kullanıcılar kendi kullanıcı adlarını değiştiremezler.
+change_username_disabled=Kullanıcı adı değişikliği devre dışıdır.
+change_full_name_disabled=Tam ad değişikliği devre dışıdır.
 username_has_not_been_changed=Kullanıcı adı değişmedi
 repo_name_been_taken=Depo adı zaten kullanılıyor.
 repository_force_private=Gizliyi Zorla devrede: gizli depolar herkese açık yapılamaz.
 repository_files_already_exist=Bu depo için dosyalar zaten var. Sistem yöneticisine başvurun.
-repository_files_already_exist.adopt=Bu depo için dosyalar zaten var ve yalnızca Kabul Edilebilir.
 repository_files_already_exist.delete=Bu depo için dosyalar zaten var. Onları silmelisiniz.
 repository_files_already_exist.adopt_or_delete=Bu depo için dosyalar zaten var. Ya kabul edin ya da silin.
 visit_rate_limit=Uzaktan ziyarette oran sınırlaması ele alındı.
-2fa_auth_required=Uzaktan ziyaret için iki faktörlü kimlik doğrulaması gerekli.
 org_name_been_taken=Organizasyon adı zaten kullanılıyor.
 team_name_been_taken=Takım adı zaten alınmış.
 team_no_units_error=En az bir depo bölümüne erişimine izin ver.
 email_been_used=E-posta adresi zaten kullanılıyor.
 email_invalid=E-posta adresi geçersiz.
-email_domain_is_not_allowed=Kullanıcı e-posta adresi <b>%s</b> alan adı EMAIL_DOMAIN_ALLOWLIST veya EMAIL_DOMAIN_BLOCKLIST ile çelişiyor. Lütfen işleminizin beklendiğinden emin olun.
 openid_been_used=OpenID adresi "%s" zaten kullanılıyor.
 username_password_incorrect=Kullanıcı adı veya parola hatalı.
 password_complexity=Parola, karmaşıklık gereksinimlerini karşılamıyor:
@@ -622,16 +603,11 @@ invalid_ssh_key=SSH anahtarınız doğrulanamıyor: %s
 invalid_gpg_key=GPG anahtarınız doğrulanamıyor: %s
 invalid_ssh_principal=Geçersiz sorumlu: %s
 must_use_public_key=Sağladığınız anahtar bir özel anahtardır. Lütfen özel anahtarınızı herhangi bir yere yüklemeyin. Onun yerine açık anahtarınızı kullanın.
-unable_verify_ssh_key=SSH anahtarı doğrulanamıyor, hatalar için dikkatle inceleyin.
 auth_failed=Kimlik doğrulaması başarısız oldu: %v
 
-still_own_repo=Hesabınız bir veya daha fazla depoya sahip, önce depoları silin veya aktarın.
-still_has_org=Hesabınız bir veya daha fazla organizasyonun üyesi, önce onlardan ayrılın.
-still_own_packages=Hesabınız bir veya daha fazla pakete sahip, önce onları silin.
-org_still_own_repo=Bu organizasyon hala bir veya daha fazla depoya sahip, önce depoları silin veya aktarın.
-org_still_own_packages=Bu organizasyon hala bir veya daha fazla pakete sahip, önce onları silin.
 
 target_branch_not_exist=Hedef dal mevcut deÄŸil.
+target_ref_not_exist=Hedef referans mevcut deÄŸil %s
 
 admin_cannot_delete_self=Yöneticiyken kendinizi silemezsiniz. Lütfen önce yönetici haklarınızı kaldırın.
 
@@ -659,11 +635,9 @@ settings=Kullanıcı Ayarları
 
 form.name_reserved=`"%s" kullanıcı adı rezerve edilmiş.`
 form.name_pattern_not_allowed=Kullanıcı adında "%s" deseni kullanılamaz.
-form.name_chars_not_allowed=`"%s" kullanıcı adı geçersiz karakterler içeriyor.`
 
 block.block=Engelle
 block.block.user=Kullanıcıyı engelle
-block.block.org=Kullanıcıyı organizasyonda engelle
 block.block.failure=Kullanıcı engellenemedi: %s
 block.unblock=Engeli kaldır
 block.unblock.failure=Kullanıcının engeli kaldırılamadı: %s
@@ -676,7 +650,6 @@ block.info_3=kullanıcı adınızdan @bahsederek size bildirim göndermek
 block.info_4=kendi depolarına sizi katkıcı olarak davet etmek
 block.info_5=depolara yıldız koymak, çatallamak veya izlemek
 block.info_6=konu veya değişiklik isteği açmak ve yorum eklemek
-block.info_7=konularda veya değişiklik isteklerinde yorumlarınıza tepki vermek
 block.user_to_block=Engellenecek kullanıcı
 block.note=Not
 block.note.title=İsteğe bağlı not:
@@ -698,14 +671,17 @@ applications=Uygulamalar
 orgs=Organizasyonları Yönet
 repos=Depolar
 delete=Hesabı Sil
+twofa=İki Aşamalı Kimlik Doğrulama (TOTP)
 account_link=Bağlı Hesaplar
 organization=Organizasyonlar
 uid=UID
+webauthn=İki-Aşamalı Kimlik Doğrulama (Güvenlik Anahtarları)
 
 public_profile=Herkese Açık Profil
 biography_placeholder=Bize kendiniz hakkında birşeyler söyleyin! (Markdown kullanabilirsiniz)
 location_placeholder=Yaklaşık konumunuzu başkalarıyla paylaşın
-profile_desc=Profilinizin başkalarına nasıl gösterildiğini yönetin. Ana e-posta adresiniz bildirimler, parola kurtarma ve web tabanlı Git işlemleri için kullanılacaktır.
+password_username_disabled=Yerel olmayan kullanıcılara kullanıcı adlarını değiştirme izni verilmemiştir. Daha fazla bilgi edinmek için lütfen site yöneticisi ile iletişime geçiniz.
+password_full_name_disabled=Tam adınızı değiştirme izniniz yoktur. Daha fazla bilgi edinmek için lütfen site yöneticisi ile iletişime geçiniz.
 full_name=Ad Soyad
 website=Web Sitesi
 location=Konum
@@ -723,7 +699,6 @@ cancel=Ä°ptal
 language=Dil
 ui=Tema
 hidden_comment_types=Gizli yorum türleri
-hidden_comment_types_description=Burada işaretlenen yorum türleri konu sayfalarında görüntülenmeyecektir. Örneğin "Etiket" seçildiğinde tüm "{user}, {label} ekledi/çıkardı" yorumları kalkacaktır.
 hidden_comment_types.ref_tooltip=Bu konuya başka konu/işlem tarafından değinilen yorumlar…
 hidden_comment_types.issue_ref_tooltip=Kullanıcının konuyla ilişkili dalı/etiketi değiştirdiği yorumlar
 comment_type_group_reference=Referans
@@ -755,6 +730,7 @@ uploaded_avatar_not_a_image=Yüklenen dosya bir resim dosyası değil.
 uploaded_avatar_is_too_big=Yüklenen dosyanın boyutu (%d KiB), azami boyutu (%d KiB) aşıyor.
 update_avatar_success=Profil resminiz deÄŸiÅŸtirildi.
 update_user_avatar_success=Kullanıcının avatarı güncellendi.
+cropper_prompt=Kaydetmeden önce resmi düzenleyebilirsiniz. Düzenlenen resim PNG biçiminde kaydedilecektir.
 
 change_password=Parolayı Güncelle
 old_password=Mevcut Parola
@@ -770,18 +746,14 @@ manage_themes=Varsayılan temayı seç
 manage_openid=OpenID Adreslerini Yönet
 email_desc=Ana e-posta adresiniz bildirimler, parola kurtarma ve gizlenmemişse eğer web tabanlı Git işlemleri için kullanılacaktır.
 theme_desc=Bu, sitedeki varsayılan temanız olacak.
-theme_colorblindness_help=Renk Körlüğü için Tema Desteği
-theme_colorblindness_prompt=Gitea temel renk körlüğü desteği olan, yalnızca az sayıda rengin tanımlı olduğu, sadece birkaç temaya sahip. Çalışmalar sürüyor. Tema CSS dosyalarında daha çok renk tanımlanmasıyla daha fazla iyileştirme yapılabilir.
 primary=Birincil
 activated=AktifleÅŸtirildi
 requires_activation=EtkinleÅŸtirme gerekiyor
 primary_email=Birincil Yap
 activate_email=Etkinleştirme Gönder
 activations_pending=Bekleyen EtkinleÅŸtirmeler
-can_not_add_email_activations_pending=Bekleyen etkinleştirme var, yeni bir e-posta adresi eklemek istiyorsanız birkaç dakika içinde tekrar deneyin.
 delete_email=Kaldır
 email_deletion=E-posta Adresini Kaldır
-email_deletion_desc=E-posta adresi ve ilgili bilgiler hesabınızdan kaldırılacak. Bu e-posta adresi tarafından yapılan işlemeler değişmeden kalacaktır. Devam edilsin mi?
 email_deletion_success=E-posta adresi kaldırıldı.
 theme_update_success=Temanız güncellendi.
 theme_update_error=Seçilen tema mevcut değil.
@@ -797,6 +769,7 @@ add_email_success=Yeni e-posta adresi eklendi.
 email_preference_set_success=E-posta tercihi başarıyla ayarlandı.
 add_openid_success=Yeni OpenID adresi eklendi.
 keep_email_private=E-posta Adresini Gizle
+keep_email_private_popup=Bu, e-posta adresinizi profilde, değişiklik isteği yaptığınızda veya web arayüzünde dosya düzenlediğinizde gizleyecektir. İtilen işlemeler değişmeyecektir.
 openid_desc=OpenID, kimlik doğrulama işlemini harici bir sağlayıcıya devretmenize olanak sağlar.
 
 manage_ssh_keys=SSH Anahtarlarını Yönet
@@ -823,7 +796,6 @@ gpg_key_matched_identities_long=Bu anahtara gömülü kimlikler bu kullanıcı i
 gpg_key_verified=Doğrulanmış Anahtar
 gpg_key_verified_long=Bu anahtar doğrulandı ve etkinleştirilmiş herhangi bir e-posta adresi veya eşleşen herhangi bir kimlik ile uyuşan işlemeleri doğrulamaya hazır.
 gpg_key_verify=DoÄŸrula
-gpg_invalid_token_signature=Verilen GPG anahtarı, imza ve anahtar uyuşmuyor veya anahtar çok eski.
 gpg_token_required=Aşağıdaki anahtar için bir imza sağlamalısınız
 gpg_token=Anahtar
 gpg_token_help=Åžunu kullanarak bir imza oluÅŸturabilirsiniz:
@@ -833,7 +805,6 @@ verify_gpg_key_success=GPG anahtarı "%s" doğrulandı.
 ssh_key_verified=Doğrulanmış Anahtar
 ssh_key_verified_long=Bu anahtar bir belirteç ile doğrulandı ve bu kullanıcı için etkinleştirilmiş herhangi bir e-posta adresi ile uyuşan işlemeleri doğrulamak için kullanılabilir.
 ssh_key_verify=DoÄŸrula
-ssh_invalid_token_signature=Verilen SSH anahtarı, imza veya erişim anahtarı uyuşmuyor veya erişim anahtarı çok eski.
 ssh_token_required=Aşağıdaki erişim anahtarı için bir imza sağlamalısınız
 ssh_token=Erişim Anahtarı
 ssh_token_help=Åžunu kullanarak bir imza oluÅŸturabilirsiniz:
@@ -854,7 +825,6 @@ gpg_key_deletion=GPG Anahtarını Sil
 ssh_principal_deletion=SSH Sertifika Sorumlusunu Kaldır
 ssh_key_deletion_desc=Bir SSH anahtarını kaldırmak, hesabınıza erişimi iptal eder. Devam edilsin mi?
 gpg_key_deletion_desc=Bir GPG anahtarını kaldırmak, onun tarafından imzalanan işlemelerin doğrulamasını iptal eder. Devam edilsin mi?
-ssh_principal_deletion_desc=Bir SSH Sertifika Sorumlusunun kaldırılması, hesabınıza erişimini iptal eder. Devam edilsin mi?
 ssh_key_deletion_success=SSH anahtarı silindi.
 gpg_key_deletion_success=GPG anahtarı silindi.
 ssh_principal_deletion_success=Sorumlu kaldırıldı.
@@ -898,6 +868,9 @@ permission_not_set=Ayarlanmadı
 permission_no_access=EriÅŸim Yok
 permission_read=OkunmuÅŸ
 permission_write=Okuma ve Yazma
+permission_anonymous_read=Anonim Okuma
+permission_everyone_read=Herkes Okuyabilir
+permission_everyone_write=Herkes Yazabilir
 access_token_desc=Seçili token izinleri, yetkilendirmeyi ilgili <a %s>API</a> yollarıyla sınırlandıracaktır. Daha fazla bilgi için <a %s>belgeleri</a> okuyun.
 at_least_one_permission=Bir token oluşturmak için en azından bir izin seçmelisiniz
 permissions_list=Ä°zinler:
@@ -913,7 +886,6 @@ create_oauth2_application_button=Uygulama OluÅŸtur
 create_oauth2_application_success=Yeni bir OAuth2 uygulamasını başarıyla oluşturdunuz.
 update_oauth2_application_success=OAuth2 uygulamasını başarıyla güncellediniz.
 oauth2_application_name=Uygulama Adı
-oauth2_confidential_client=Güvenli İstemci. Web uygulamaları gibi sırları güvende tutan uygulamalar için bunu seçin. Masaüstü ve mobil uygulamaları da içeren doğal uygulamalar için seçmeyin.
 oauth2_skip_secondary_authorization=Herkese açık istemcilerin yetkilendirilmesini bir kere erişim izni verdikten sonra atla. <strong>Bu bir güvenlik riski oluşturabilir.</strong>
 oauth2_redirect_uris=Yönlendirme URI'leri. Lütfen her bir URI'yi yeni bir satıra yazın.
 save_application=Kaydet
@@ -925,38 +897,40 @@ oauth2_client_secret_hint=Bu sayfadan ayrıldıktan veya yeniledikten sonra gizl
 oauth2_application_edit=Düzenle
 oauth2_application_create_description=OAuth2 uygulamaları, üçüncü taraf uygulamanıza bu durumda kullanıcı hesaplarına erişim sağlar.
 oauth2_application_remove_description=Bir OAuth2 uygulamasının kaldırılması, bu sunucudaki yetkili kullanıcı hesaplarına erişmesini önler. Devam edilsin mi?
+oauth2_application_locked=Gitea kimi OAuth2 uygulamalarının başlangıçta ön kaydını, yapılandırmada etkinleştirilmişse yapabilir. Beklenmeyen davranışı önlemek için bunlar ne düzenlenmeli ne de kaldırılmalı. Daha fazla bilgi için OAuth2 belgesine bakın.
 
 authorized_oauth2_applications=Yetkili OAuth2 Uygulamaları
-authorized_oauth2_applications_description=Kişisel Gitea hesabınıza bu üçüncü parti uygulamalara erişim izni verdiniz. Lütfen artık ihtiyaç duyulmayan uygulamalara erişimi iptal edin.
 revoke_key=Ä°ptal Et
 revoke_oauth2_grant=EriÅŸimi Ä°ptal Et
-revoke_oauth2_grant_description=Bu üçüncü taraf uygulamasına erişimin iptal edilmesi bu uygulamanın verilerinize erişmesini önleyecektir. Emin misiniz?
 revoke_oauth2_grant_success=Erişim başarıyla kaldırıldı.
 
+twofa_desc=İki aşamalı kimlik doğrulama, hesabınızın güvenliğini artırır.
 twofa_recovery_tip=Aygıtınızı kaybetmeniz durumunda, hesabınıza tekrar erişmek için tek kullanımlık kurtarma anahtarını kullanabileceksiniz.
 twofa_is_enrolled=Hesabınız şu anda iki faktörlü kimlik doğrulaması içinde <strong>kaydedilmiş</strong>.
 twofa_not_enrolled=Hesabınız şu anda iki faktörlü kimlik doğrulaması içinde kaydedilmemiş.
 twofa_disable=İki Aşamalı Doğrulamayı Devre Dışı Bırak
-twofa_enroll=İki Faktörlü Kimlik Doğrulamaya Kaydolun
+twofa_scratch_token_regenerate=Geçici Kodu Yeniden Üret
+twofa_scratch_token_regenerated=Geçici kodunuz şimdi %s. Güvenli bir yerde saklayın, tekrar gösterilmeyecektir.
 twofa_disable_note=Gerekirse iki faktörlü kimlik doğrulamayı devre dışı bırakabilirsiniz.
 twofa_disable_desc=İki faktörlü kimlik doğrulamayı devre dışı bırakmak hesabınızı daha az güvenli hale getirir. Devam edilsin mi?
+regenerate_scratch_token_desc=Geçici kodunuzu kaybettiyseniz veya oturum açmak için kullandıysanız, buradan sıfırlayabilirsiniz.
 twofa_disabled=İki faktörlü kimlik doğrulama devre dışı bırakıldı.
 scan_this_image=Kim doğrulama uygulamanızla bu görüntüyü tarayın:
 or_enter_secret=Veya gizli ÅŸeyi girin: %s
 then_enter_passcode=Ve uygulamada gösterilen şifreyi girin:
 passcode_invalid=Şifre geçersiz. Tekrar deneyin.
+twofa_enrolled=Hesabınız başarıyla kaydedildi. Tek kullanımlık geçici kodunuz (%s) tekrar gösterilmeyeceği için güvenilir bir yerde saklayın.
 twofa_failed_get_secret=Gizlilik elde edilemedi.
 
+webauthn_desc=Güvenlik anahtarları, şifreleme anahtarlarını içeren donanım aygıtlarıdır. İki aşamalı kimlik doğrulama için kullanılabilirler. Güvenlik anahtarları <a rel="noreferrer" target="_blank" href="%s">WebAuthn Authenticator</a> standardını desteklemelidir.
 webauthn_register_key=Güvenlik Anahtarı Ekle
 webauthn_nickname=Takma Ad
 webauthn_delete_key=Güvenlik Anahtarını Kaldır
-webauthn_delete_key_desc=Bir güvenlik anahtarını kaldırırsanız, onunla artık giriş yapamazsınız. Devam edilsin mi?
 webauthn_key_loss_warning=Güvenlik anahtarlarınızı kaybederseniz, hesabınıza erişimi kaybedersiniz.
 webauthn_alternative_tip=Ek bir kimlik doğrulama yöntemi ayarlamak isteyebilirsiniz.
 
 manage_account_links=Bağlı Hesapları Yönet
 manage_account_links_desc=Bu harici hesaplar Gitea hesabınızla bağlantılı.
-account_links_not_available=Şu anda Gitea hesabınıza bağlı harici bir hesap yok.
 link_account=Hesap BaÄŸla
 remove_account_link=Bağlantılı Hesabı Kaldır
 remove_account_link_desc=Bağlantılı bir hesabı kaldırmak, onunla Gitea hesabınıza erişimi iptal edecektir. Devam edilsin mi?
@@ -993,6 +967,7 @@ new_repo_helper=Bir depo, sürüm geçmişi dahil tüm proje dosyalarını içer
 owner=Sahibi
 owner_helper=Bazı organizasyonlar, en çok depo sayısı sınırı nedeniyle açılır menüde görünmeyebilir.
 repo_name=Depo Ä°smi
+repo_name_helper=İyi depo isimleri kısa, akılda kalıcı ve benzersiz anahtar kelimeler kullanır. “.profile� veya ‘.profile-private’ adlı bir depo, kullanıcı/kuruluş profili için bir README.md eklemek için kullanılabilir.
 repo_size=Depo Boyutu
 template=Åžablon
 template_select=Bir şablon seçin.
@@ -1011,7 +986,8 @@ fork_to_different_account=Başka bir hesaba çatalla
 fork_visibility_helper=Çatallanmış bir deponun görünürlüğü değiştirilemez.
 fork_branch=Çatala klonlanacak dal
 all_branches=Tüm dallar
-fork_no_valid_owners=Geçerli bir sahibi olmadığı için bu depo çatallanamaz.
+view_all_branches=Tüm dalları görüntüle
+view_all_tags=Tüm etiketleri görüntüle
 fork.blocked_user=Depo çatallanamıyor, depo sahibi tarafından engellenmişsiniz.
 use_template=Bu ÅŸablonu kullan
 open_with_editor=%s ile aç
@@ -1022,6 +998,8 @@ generate_repo=Depo OluÅŸtur
 generate_from=Åžuradan OluÅŸtur
 repo_desc=Açıklama
 repo_desc_helper=Kısa açıklama girin (isteğe bağlı)
+repo_no_desc=Hiçbir açıklama sağlanmadı
+repo_lang=Dil
 repo_gitignore_helper=.gitignore şablonlarını seç.
 repo_gitignore_helper_desc=Sık kullanılan diller için bir şablon listesinden hangi dosyaların izlenmeyeceğini seçin. Her dilin oluşturma araçları tarafından oluşturulan tipik yapılar, varsayılan olarak .gitignore dosyasına dahil edilmiştir.
 issue_labels=Konu Etiketleri
@@ -1029,6 +1007,7 @@ issue_labels_helper=Bir konu etiket seti seçin.
 license=Lisans
 license_helper=Bir lisans dosyası seçin.
 license_helper_desc=Bir lisans, başkalarının kodunuzla neler yapıp yapamayacağını yönetir. Projeniz için hangisinin doğru olduğundan emin değil misiniz? <a target="_blank" rel="noopener noreferrer" href="%s">Lisans seçme</a> konusuna bakın
+multiple_licenses=Çoklu Lisans
 object_format=Nesne Biçimi
 object_format_helper=Deponun nesne biçimi. Daha sonra değiştirilemez. SHA1 en uyumlu olandır.
 readme=README
@@ -1052,12 +1031,10 @@ mirror_sync=eÅŸitlendi
 mirror_sync_on_commit=İşlemeler gönderildiğinde senkronize et
 mirror_address=URL'den Klonla
 mirror_address_desc=Yetkilendirme bölümüne gerekli tüm kimlik bilgilerini girin.
-mirror_address_url_invalid=Sağlanan URL geçersiz. URL'nin tüm bileşenleri doğru olarak girilmelidir.
 mirror_address_protocol_invalid=Sağlanan URL geçersiz. Yalnızca http(s):// veya git:// konumları yansı olabilir.
 mirror_lfs=Büyük Dosya Depolama (LFS)
 mirror_lfs_desc=LFS verisinin yansılamasını etkinleştir.
 mirror_lfs_endpoint=LFS Uç Noktası
-mirror_lfs_endpoint_desc=Senkronizasyon, <a target="_blank" rel="noopener noreferrer" href="%s"> LFS sunucusunu belirlemek</a> için klonlama url'sini kullanmaya çalışacak. Eğer LFS veri deposu başka yerdeyse özel bir uç nokta da belirtebilirsiniz.
 mirror_last_synced=Son Senkronize Edilen
 mirror_password_placeholder=(DeÄŸiÅŸtirilmedi)
 mirror_password_blank_placeholder=(Ayarı kaldır)
@@ -1070,7 +1047,6 @@ stars=Yıldızlar
 reactions_more=ve %d daha fazla
 unit_disabled=Site yöneticisi bu depo bölümünü devre dışı bıraktı.
 language_other=DiÄŸer
-adopt_search=Kabul edilmeyen depoları aramak için kullanıcı adını girin... (tümünü bulmak için boş bırakın)
 adopt_preexisting_label=Dosyaları Kabul Et
 adopt_preexisting=Önceden var olan dosyaları kabul et
 adopt_preexisting_content=%s konumundan depo oluÅŸtur
@@ -1082,15 +1058,20 @@ delete_preexisting_success=%s içindeki kabul edilmeyen dosyalar silindi
 blame_prior=Bu değişiklikten önceki suçu görüntüle
 blame.ignore_revs=<a href="%s">.git-blame-ignore-revs</a> dosyasındaki sürümler yok sayılıyor. Bunun yerine normal sorumlu görüntüsü için <a href="%s">buraya tıklayın</a>.
 blame.ignore_revs.failed=<a href="%s">.git-blame-ignore-revs</a> dosyasındaki sürümler yok sayılamadı.
+user_search_tooltip=En fazla 30 kullanıcı görüntüler
 
+tree_path_not_found=%[1] yolu, %[2]s deposunda mevcut deÄŸil
 
 transfer.accept=Aktarımı Kabul Et
+transfer.accept_desc=`"%s" tarafına aktar`
 transfer.reject=Aktarımı Reddet
+transfer.reject_desc=`"%s" tarafına aktarımı iptal et`
 transfer.no_permission_to_accept=Bu aktarımı kabul etme izniniz yok.
 transfer.no_permission_to_reject=Bu aktarımı reddetme izniniz yok.
 
 desc.private=Özel
 desc.public=Genel
+desc.public_access=Herkese Açık Erişim
 desc.template=Åžablon
 desc.internal=Dahili
 desc.archived=ArÅŸivlenmiÅŸ
@@ -1107,8 +1088,6 @@ template.issue_labels=Konu Etiketleri
 template.one_item=En az bir şablon öğesi seçmelisiniz
 template.invalid=Bir şablon deposu seçmelisiniz
 
-archive.title=Bu depo arşivlendi. Dosyaları görüntüleyebilir ve klonlayabilirsiniz ama işleme gönderemez veya konu veya değişiklik isteği açamazsınız.
-archive.title_date=Bu depo %s tarihinde arşivlendi. Dosyaları görüntüleyebilir ve klonlayabilirsiniz ama işleme gönderemez veya konu veya değişiklik isteği açamazsınız.
 archive.issue.nocomment=Bu depo arşivlendi. Konular bölümünde yorum yapamazsınız.
 archive.pull.nocomment=Bu depo arşivlendi. Değişiklik istekleri bölümünde yorum yapamazsınız.
 
@@ -1125,7 +1104,6 @@ migrate_options_lfs=LFS dosyalarını taşı
 migrate_options_lfs_endpoint.label=LFS Uç Noktası
 migrate_options_lfs_endpoint.description=Taşıma, <a target="_blank" rel="noopener noreferrer" href="%s"> LFS sunucusunu belirlemek</a> için Git uzak sunucusunu kullanmaya çalışacak. Eğer LFS veri deposu başka yerdeyse özel bir uç nokta da belirtebilirsiniz.
 migrate_options_lfs_endpoint.description.local=Yerel bir sunucu yolu da destekleniyor.
-migrate_options_lfs_endpoint.placeholder=Boş bırakılırsa, uç nokta klon URL'sinden türetilecektir
 migrate_items=Göç Öğeleri
 migrate_items_wiki=Wiki
 migrate_items_milestones=Dönüm noktaları
@@ -1137,10 +1115,8 @@ migrate_items_releases=Sürümler
 migrate_repo=Depoyu Göç Ettir
 migrate.clone_address=URL'den Taşı / Klonla
 migrate.clone_address_desc=Varolan bir deponun HTTP(S) veya Git 'klonlama' URL'si
-migrate.github_token_desc=GitHub API hız sınırı nedeniyle göçü hızlandırmak için buraya virgülle ayrılmış bir veya daha fazla erişm anahtarı koyabilirsiniz. UYARI: Bu özelliğin kötüye kullanılması, hizmet sağlayıcının politikasını ihlal edebilir ve hesabın engellenmesine yol açabilir.
 migrate.clone_local_path=veya bir yerel sunucu yolu
 migrate.permission_denied=Yerel depoları içeri aktarma izniniz yok.
-migrate.permission_denied_blocked=İzin verilmeyen sunuculardan içe aktaramazsınız, lütfen yöneticiden ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS ayarlarını kontrol etmesini isteyin.
 migrate.invalid_local_path=Yerel yol geçersiz. Mevcut değil veya bir dizin değil.
 migrate.invalid_lfs_endpoint=LFS Uç noktası geçerli değil.
 migrate.failed=Göç başarısız: %v
@@ -1148,7 +1124,6 @@ migrate.migrate_items_options=Ek öğeleri taşımak için Erişim Kodu gereklid
 migrated_from=<a href="%[1]s">%[2]s</a> konumundan göç edildi
 migrated_from_fake=%[1]s Konumundan Göç Edildi
 migrate.migrate=%s Konumundan Göç Et
-migrate.migrating=<b>%s</b> konumundan taşınıyor ...
 migrate.migrating_failed=<b>%s</b> konumundan taşıma başarısız oldu.
 migrate.migrating_failed.error=Göç yapılamadı: %s
 migrate.migrating_failed_no_addr=Göç başarısız oldu.
@@ -1160,6 +1135,11 @@ migrate.gogs.description=Notabug.org veya diğer Gogs sunucularından veri aktar
 migrate.onedev.description=Code.onedev.io ve diğer OneDev sunucularından veri aktar.
 migrate.codebase.description=Codebasehq.com sitesinden veri aktar.
 migrate.gitbucket.description=GitBucket sunucularından veri aktar.
+migrate.codecommit.description=AWS CodeCommit'ten veri aktar.
+migrate.codecommit.aws_access_key_id=AWS Erişim Anahtarı Kimliği
+migrate.codecommit.aws_secret_access_key=AWS Gizli Erişim Anahtarı
+migrate.codecommit.https_git_credentials_username=HTTPS Git Kimliği Kullanıcı Adı
+migrate.codecommit.https_git_credentials_password=HTTPS Git Kimliği Parolası
 migrate.migrating_git=Git Verilerini Taşıma
 migrate.migrating_topics=Konuları Taşıma
 migrate.migrating_milestones=Kilometre Taşlarını Taşıma
@@ -1169,6 +1149,7 @@ migrate.migrating_issues=Konuları Taşıma
 migrate.migrating_pulls=Değişiklik İsteklerini Taşıma
 migrate.cancel_migrating_title=Göçü İptal Et
 migrate.cancel_migrating_confirm=Bu göçü iptal etmek istiyor musunuz?
+migration_status=Aktarma durumu
 
 mirror_from=şunun yansıması
 forked_from=şundan çatallanmış
@@ -1191,7 +1172,6 @@ clone_this_repo=Bu depoyu klonla
 cite_this_repo=Bu depoya atıf ver
 create_new_repo_command=Komut satırında yeni bir depo oluşturuluyor
 push_exist_repo=Komut satırından mevcut bir depo itiliyor
-empty_message=Bu depoda herhangi bir içerik yok.
 broken_message=Bu deponun altındaki Git verisi okunamıyor. Bu sunucunun yöneticisiyle bağlantıya geçin veya bu depoyu silin.
 
 code=Kod
@@ -1209,7 +1189,6 @@ projects=Projeler
 packages=Paketler
 actions=Ä°ÅŸlemler
 labels=Etiketler
-org_labels_desc=Bu organizasyon altında <strong>tüm depolarla</strong> kullanılabilen organizasyon düzeyinde etiketler
 org_labels_desc_manage=yönet
 
 milestone=Dönüm noktası
@@ -1237,6 +1216,7 @@ ambiguous_runes_header=`Bu dosya muğlak Evrensel Kodlu karakter içeriyor`
 ambiguous_runes_description=`Bu dosya, başka karakterlerle karıştırılabilecek evrensel kodlu karakter içeriyor. Eğer bunu kasıtlı olarak yaptıysanız bu uyarıyı yok sayabilirsiniz. Gizli karakterleri göstermek için Kaçış Karakterli düğmesine tıklayın.`
 invisible_runes_line=`Bu satırda görünmez evrensel kodlu karakter var`
 ambiguous_runes_line=`Bu satırda muğlak evrensel kodlu karakter var`
+ambiguous_character=`%[1]c [U+%04[1]X], %[2]c [U+%04[2]X] ile karıştırılabilir`
 
 escape_control_characters=Kaçış Karakterli
 unescape_control_characters=Kaçış Karaktersiz
@@ -1244,7 +1224,6 @@ file_copy_permalink=Kalıcı Bağlantıyı Kopyala
 view_git_blame=Git Suç Görüntüle
 video_not_supported_in_browser=Tarayıcınız HTML5 'video' etiketini desteklemiyor.
 audio_not_supported_in_browser=Tarayıcınız HTML5 'audio' etiketini desteklemiyor.
-stored_lfs=Git LFS ile depolandı
 symbolic_link=Sembolik Bağlantı
 executable_file=Çalıştırılabilir Dosya
 vendored=Sağlanmış
@@ -1270,7 +1249,9 @@ editor.upload_file=Dosya Yükle
 editor.edit_file=Dosyayı Düzenle
 editor.preview_changes=Değişiklikleri Önizle
 editor.cannot_edit_lfs_files=LFS dosyaları web arayüzünde düzenlenemez.
+editor.cannot_edit_too_large_file=Bu dosya düzenlenmek için çok büyük.
 editor.cannot_edit_non_text_files=Bu tür dosyalar web arayüzünden düzenlenemez.
+editor.file_not_editable_hint=Ama yine de ismini değiştirebilir veya taşıyabilirsiniz.
 editor.edit_this_file=Dosyayı Düzenle
 editor.this_file_locked=Dosya kilitlendi
 editor.must_be_on_a_branch=Bu dosyada değişiklik yapmak veya önermek için bir dalda olmalısınız.
@@ -1290,7 +1271,7 @@ editor.update=%s Güncelle
 editor.delete=%s Sil
 editor.patch=Yama Uygula
 editor.patching=Yamalanıyor:
-editor.fail_to_apply_patch=`"%s" yaması uygulanamıyor`
+editor.fail_to_apply_patch=Yama uygulanamıyor
 editor.new_patch=Yeni Yama
 editor.commit_message_desc=İsteğe bağlı uzun bir açıklama ekleyin…
 editor.signoff_desc=İşleme günlüğü mesajının sonuna işleyen tarafından imzalanan bir fragman ekleyin.
@@ -1306,19 +1287,14 @@ editor.filename_is_invalid=Dosya adı geçersiz: "%s".
 editor.branch_does_not_exist=Bu depoda "%s" dalı yok.
 editor.branch_already_exists=Bu depoda "%s" dalı zaten var.
 editor.directory_is_a_file=Dizin adı "%s" zaten bu depoda bir dosya adı olarak kullanılmaktadır.
-editor.file_is_a_symlink=`"%s" sembolik bir bağlantıdır. Sembolik bağlantılar web düzenleyicisinde düzenlenemez`
 editor.filename_is_a_directory=Dosya adı "%s" zaten bu depoda bir dizin adı olarak kullanılmaktadır.
-editor.file_editing_no_longer_exists=Düzenlenmekte olan "%s" dosyası artık bu depoda yer almıyor.
-editor.file_deleting_no_longer_exists=Silinen "%s" dosyası artık bu depoda yer almıyor.
+editor.file_modifying_no_longer_exists=Değiştirilmekte olan "%s" dosyası artık bu depoda yer almıyor.
 editor.file_changed_while_editing=Düzenlemeye başladığınızdan beri dosya içeriği değişti. Görmek için <a target="_blank" rel="noopener noreferrer" href="%s">burayı tıklayın</a> veya üzerine yazmak için <strong>değişiklikleri yine de işleyin</strong>.
 editor.file_already_exists=Bu depoda "%s" isimli bir dosya zaten var.
-editor.commit_id_not_matching=İşleme ID'si, düzenlemeye başladığınız ID ile uyuşmuyor, bir yama dalına işleme yapın ve sonra birleştirin.
 editor.push_out_of_date=Ä°tme eskimiÅŸ.
 editor.commit_empty_file_header=BoÅŸ bir dosya iÅŸle
 editor.commit_empty_file_text=İşlemek üzere olduğunuz dosya boş. Devam edilsin mi?
 editor.no_changes_to_show=Gösterilecek değişiklik yok.
-editor.fail_to_update_file=`"%s" dosyası güncellenemedi/oluşturulamadı.`
-editor.fail_to_update_file_summary=Hata Mesajı:
 editor.push_rejected_no_message=Değişiklik, bir ileti olmadan sunucu tarafından reddedildi. Git Hooks'u kontrol edin.
 editor.push_rejected=Değişiklik sunucu tarafından reddedildi. Lütfen Git Hooks'u kontrol edin.
 editor.push_rejected_summary=Tam Red Mesajı:
@@ -1332,6 +1308,12 @@ editor.user_no_push_to_branch=Kullanıcı dala gönderemez
 editor.require_signed_commit=Dal imzalı bir işleme gerektirir
 editor.cherry_pick=%s şunun üzerine cımbızla:
 editor.revert=%s şuna geri döndür:
+editor.failed_to_commit=Değişikliklerin işlenmesi başarısız oldu.
+editor.failed_to_commit_summary=Hata Mesajı:
+
+editor.fork_create=Değişiklikler Önermek için Depoyu Çatallayın
+editor.fork_not_editable=Bu deponun çatalını oluşturdunuz ancak çatalınız düzenlenemez durumda.
+editor.fork_failed_to_push_branch=%s dalını deponuza gönderme başarısız oldu.
 
 commits.desc=Kaynak kodu değişiklik geçmişine göz atın.
 commits.commits=Ä°ÅŸleme
@@ -1351,6 +1333,7 @@ commits.signed_by_untrusted_user_unmatched=İşleyici ile eşleşmeyen güvenilm
 commits.gpg_key_id=GPG Anahtar KimliÄŸi
 commits.ssh_key_fingerprint=SSH Anahtar Parmak Ä°zi
 commits.view_path=Geçmişte bu noktayı görüntüle
+commits.view_file_diff=Bu dosyanın bu işlemedeki değişikliklerini görüntüle
 
 commit.operations=Ä°ÅŸlemler
 commit.revert=Geri Al
@@ -1411,6 +1394,8 @@ issues.filter_milestones=Kilometre Taşı Süzgeci
 issues.filter_projects=Projeyi Süz
 issues.filter_labels=Etiket Süzgeci
 issues.filter_reviewers=Gözden Geçiren Süzgeci
+issues.filter_no_results=Sonuç yok
+issues.filter_no_results_placeholder=Arama filtrelerinizi ayarlamayı deneyin.
 issues.new=Yeni Konu
 issues.new.title_empty=Başlık boş olamaz
 issues.new.labels=Etiketler
@@ -1428,8 +1413,8 @@ issues.new.clear_milestone=Kilometre Taşlarını Temizle
 issues.new.assignees=Atananlar
 issues.new.clear_assignees=Atamaları Temizle
 issues.new.no_assignees=Atanan KiÅŸi Yok
+issues.new.no_reviewers=Gözden geçiren yok
 issues.new.blocked_user=Konu oluşturulamıyor, depo sahibi tarafından engellenmişsiniz.
-issues.edit.already_changed=Konuya yapılan değişiklikler kaydedilemiyor. İçerik başka kullanıcı tarafından değiştirilmiş gözüküyor. Diğerlerinin değişikliklerinin üzerine yazmamak için lütfen sayfayı yenileyin ve tekrar düzenlemeye çalışın
 issues.edit.blocked_user=İçerik düzenlenemiyor, gönderen veya depo sahibi tarafından engellenmişsiniz.
 issues.choose.get_started=BaÅŸla
 issues.choose.open_external_link=Aç
@@ -1484,10 +1469,14 @@ issues.filter_project=Proje
 issues.filter_project_all=Tüm projeler
 issues.filter_project_none=Proje yok
 issues.filter_assignee=Atanan
-issues.filter_assginee_no_assignee=Atanan yok
+issues.filter_assignee_no_assignee=Hiç kimseye atanmamış
+issues.filter_assignee_any_assignee=Herhangi bir kimseye atanmış
 issues.filter_poster=Yazar
+issues.filter_user_placeholder=Kullanıcıları ara
+issues.filter_user_no_select=Tüm kullanıcılar
 issues.filter_type=Tür
 issues.filter_type.all_issues=Tüm konular
+issues.filter_type.all_pull_requests=Tüm değişiklik istekleri
 issues.filter_type.assigned_to_you=Size atanan
 issues.filter_type.created_by_you=Sizin oluşturduklarınız
 issues.filter_type.mentioning_you=Sizden bahsedilen
@@ -1496,7 +1485,6 @@ issues.filter_type.reviewed_by_you=Sizin tarafınızdan incelendi
 issues.filter_sort=Sırala
 issues.filter_sort.latest=En yeni
 issues.filter_sort.oldest=En eski
-issues.filter_sort.recentupdate=Yakın zamanda güncellenmiş
 issues.filter_sort.leastupdate=Yakın olmayan zamanda güncellenmiş
 issues.filter_sort.mostcomment=En çok yorum yapılan
 issues.filter_sort.leastcomment=En az yorum yapılan
@@ -1579,12 +1567,14 @@ issues.save=Kaydet
 issues.label_title=Etiket adı
 issues.label_description=Etiket açıklaması
 issues.label_color=Etiket rengi
+issues.label_color_invalid=Geçersiz renk
 issues.label_exclusive=Özel
 issues.label_archive=Etiketi ArÅŸivle
 issues.label_archived_filter=Arşivlenmiş etiketleri göster
 issues.label_archive_tooltip=Arşivlenmiş etiketler, etiket araması yapılırken varsayılan olarak önerilerin dışında tutuluyor.
 issues.label_exclusive_desc=<code>Kapsam/öğe</code> etiketini, diğer <code>kapsam/</code> etiketleriyle ayrışık olacak şekilde adlandırın.
 issues.label_exclusive_warning=Çakışan kapsamlı etiketler, bir konu veya değişiklik isteği etiketleri düzenlenirken kaldırılacaktır.
+issues.label_exclusive_order_tooltip=Aynı bağlamdaki özel etiketler bu sayısal sıralamaya göre sıralanacaktır.
 issues.label_count=%d etiket
 issues.label_open_issues=%d açık konu
 issues.label_edit=Düzenle
@@ -1608,7 +1598,6 @@ issues.pin_comment=%s sabitlendi
 issues.unpin_comment=%s sabitlenmesi kaldırıldı
 issues.lock=Konuşmayı kilitle
 issues.unlock=Konuşmanın kilidini aç
-issues.lock.unknown_reason=Sebep belirtmeden konuyu kilitleyemezsiniz.
 issues.lock_duplicate=Bir konu iki kez kilitlenemez.
 issues.unlock_error=Kilitlenmemiş bir konunun kilidini açamazsınız.
 issues.lock_with_reason=<strong>%s</strong> olarak kilitlendi ve katkıcılar için sınırlandırıldı %s
@@ -1616,7 +1605,6 @@ issues.lock_no_reason=konuşma kilitlendi ve katkıcılar için sınırlandırı
 issues.unlock_comment=bu konuşmanın kilidini açtı %s
 issues.lock_confirm=Kilitle
 issues.unlock_confirm=Kilidi Aç
-issues.lock.notice_1=- Diğer kullanıcılar bu konuya yeni yorum ekleyemez.
 issues.lock.notice_2=- Siz ve bu depoya erişimi olan diğer katkıcılar, başkalarının görebileceği yorumlar bırakabilir.
 issues.lock.notice_3=- Her zaman bu konunun kilidini açabilirsiniz.
 issues.unlock.notice_1=- Herkes bu konuda bir kez daha yorum yapabilir.
@@ -1630,12 +1618,25 @@ issues.delete.title=Bu konu silinsin mi?
 issues.delete.text=Bu konuyu gerçekten silmek istiyor musunuz? (Bu işlem tüm içeriği kalıcı olarak silecektir. Arşivde tutma niyetiniz varsa silmek yerine kapatmayı düşünün)
 
 issues.tracker=Zaman Takibi
-
+issues.timetracker_timer_start=Zamanlayıcıyı başlat
+issues.timetracker_timer_stop=Zamanlayıcıyı durdur
+issues.timetracker_timer_discard=Zamanlayıcıyı kaldır
+issues.timetracker_timer_manually_add=Zaman Ekle
+
+issues.time_estimate_set=Tahmini zaman ayarla
+issues.time_estimate_display=Tahmin: %s
+issues.change_time_estimate_at=zaman tahmini deÄŸiÅŸtirildi: <b>%[1]s</b>%[2]s
+issues.remove_time_estimate_at=zaman tahmini %s kaldırıldı
+issues.time_estimate_invalid=Zaman tahmini biçimi hatalı
 issues.tracker_auto_close=Bu konu kapatıldığında zamanlayıcı otomatik olarak durur
 issues.tracking_already_started=`<a href="%s">başka bir konuda</a> zaten zaman izleyici başlattınız!`
+issues.stop_tracking=Zamanlayıcıyı Durdur
+issues.stop_tracking_history=<b>%[1]s</b> %[2]s için çalıştı
+issues.cancel_tracking=Yoksay
 issues.cancel_tracking_history=`%s zaman takibini iptal etti`
 issues.del_time=Bu zaman kaydını sil
 issues.del_time_history=`%s harcanan zaman silindi`
+issues.add_time_manually=El ile Zaman Ekle
 issues.add_time_hours=Saat
 issues.add_time_minutes=Dakika
 issues.add_time_sum_to_small=Zaman girilmedi.
@@ -1654,7 +1655,6 @@ issues.due_date_form=yyyy-aa-gg
 issues.due_date_form_add=BitiÅŸ tarihi ekle
 issues.due_date_form_edit=Düzenle
 issues.due_date_form_remove=Kaldır
-issues.due_date_not_writer=Bir konunun bitiş tarihini güncellemek için bu depoda yazma iznine ihtiyacınız var.
 issues.due_date_not_set=Bitiş tarihi atanmadı.
 issues.due_date_added=bitiÅŸ tarihini %s olarak %s ekledi
 issues.due_date_modified=bitiÅŸ tarihini %[2]s iken %[1]s olarak %[3]s deÄŸiÅŸtirdi
@@ -1677,9 +1677,7 @@ issues.dependency.pr_closing_blockedby=Bu değişiklik isteğinin kapatılması
 issues.dependency.issue_closing_blockedby=Bu konunun kapatılması aşağıdaki konular tarafından engelleniyor
 issues.dependency.issue_close_blocks=Bu konu aşağıdaki konuların kapatılmasını engelliyor
 issues.dependency.pr_close_blocks=Bu değişiklik isteği aşağıdaki sorunların kapatılmasını engelliyor
-issues.dependency.issue_close_blocked=Kapatmadan önce bu konuyu engelleyen tüm konuları kapatmanız gerekir.
 issues.dependency.issue_batch_close_blocked=Seçtiğiniz konular topluca kapatılamıyor, çünkü #%d konusunun açık bağımlılıkları var
-issues.dependency.pr_close_blocked=Birleştirme işleminden önce, bu değişiklik isteğini engelleyen tüm konuları kapatmanız gerekir.
 issues.dependency.blocks_short=Engeller
 issues.dependency.blocked_by_short=Bağımlılıklar
 issues.dependency.remove_header=Bağımlılığı Kaldır
@@ -1690,12 +1688,11 @@ issues.dependency.add_error_same_issue=Bir konuyu kendine bağımlı yapamazsın
 issues.dependency.add_error_dep_issue_not_exist=Bağımlı konu mevcut değil.
 issues.dependency.add_error_dep_not_exist=Bağımlılık mevcut değil.
 issues.dependency.add_error_dep_exists=Bağımlılık zaten var.
-issues.dependency.add_error_cannot_create_circular=Birbirini engelleyen iki konu arasında bağımlılık oluşturamazsınız.
 issues.dependency.add_error_dep_not_same_repo=Her iki konu da aynı depoda olmalıdır.
 issues.review.self.approval=Kendi değişiklik isteğinizi onaylayamazsınız.
 issues.review.self.rejection=Kendi deÄŸiÅŸiklik isteÄŸinizde deÄŸiÅŸiklik isteyemezsiniz.
 issues.review.approve=%s bu değişiklikleri onayladı
-issues.review.dismissed=%s incelemesini %s reddetti
+issues.review.comment=%s incelendi
 issues.review.dismissed_label=Reddedildi
 issues.review.left_comment=bir yorum yaptı
 issues.review.content.empty=İstenen değişiklik(ler)i belirten bir yorum bırakmanız gerekir.
@@ -1703,7 +1700,6 @@ issues.review.reject=%s deÄŸiÅŸiklik istedi
 issues.review.wait=için %s inceleme isteği
 issues.review.add_review_request=%s tarafından %s inceleme istedi
 issues.review.remove_review_request=%s %s için inceleme isteği kaldırıldı
-issues.review.remove_review_request_self=%s incelemeyi reddetti
 issues.review.pending=Beklemede
 issues.review.pending.tooltip=Bu yorum başkaları tarafından görünmüyor. Bekleyen yorumlarınızı göndermek için, sayfanın üstünde "%s" -> "%s/%s/%s" seçin.
 issues.review.review=Gözden Geçir
@@ -1719,8 +1715,12 @@ issues.review.hide_resolved=Çözülenleri gizle
 issues.review.resolve_conversation=Konuşmayı çöz
 issues.review.un_resolve_conversation=Konuşmayı çözme
 issues.review.resolved_by=bu konuşmayı çözümlenmiş olarak işaretledi
-issues.review.commented=Yorum Yap
-issues.assignee.error=Beklenmeyen bir hata nedeniyle tüm atananlar eklenmedi.
+issues.review.commented=Yorum
+issues.review.official=Onaylandı
+issues.review.requested=Ä°nceleme bekliyor
+issues.review.rejected=DeÄŸiÅŸiklik istendi
+issues.review.stale=Onaydan sonra güncellendi
+issues.review.unofficial=Sayılmamış onay
 issues.reference_issue.body=Gövde
 issues.content_history.deleted=silindi
 issues.content_history.edited=düzenlendi
@@ -1737,7 +1737,6 @@ pulls.desc=DeÄŸiÅŸiklik isteklerini ve kod incelemelerini etkinleÅŸtir.
 pulls.new=Yeni DeÄŸiÅŸiklik Ä°steÄŸi
 pulls.new.blocked_user=Değişiklik isteği oluşturulamıyor, depo sahibi tarafından engellenmişsiniz.
 pulls.new.must_collaborator=Değişiklik isteği oluşturmak için bir katkıcı olmalısınız.
-pulls.edit.already_changed=Değişiklik isteğine yapılan değişiklikler kaydedilemiyor. İçerik başka kullanıcı tarafından değiştirilmiş gözüküyor. Diğerlerinin değişikliklerinin üzerine yazmamak için lütfen sayfayı yenileyin ve tekrar düzenlemeye çalışın
 pulls.view=Değişiklik İsteği Görüntüle
 pulls.compare_changes=Yeni DeÄŸiÅŸiklik Ä°steÄŸi
 pulls.allow_edits_from_maintainers=Bakımcıların düzenlemelerine izin ver
@@ -1758,11 +1757,9 @@ pulls.show_all_commits=Tüm işlemeleri göster
 pulls.show_changes_since_your_last_review=Son incelemenizden sonraki değişiklikleri göster
 pulls.showing_only_single_commit=Sadece %[1]s işlemesindeki değişiklikler gösteriliyor
 pulls.showing_specified_commit_range=%[1]s..%[2]s arasındaki değişiklikler gösteriliyor
-pulls.select_commit_hold_shift_for_range=İşleme seç. Bir aralık seçmek için Shift'e basılı tutup tıklayın
 pulls.review_only_possible_for_full_diff=İnceleme sadece tam fark görüntülemede mümkündür
 pulls.filter_changes_by_commit=İşleme ile süz
 pulls.nothing_to_compare=Bu dallar eÅŸit. DeÄŸiÅŸiklik isteÄŸi oluÅŸturmaya gerek yok.
-pulls.nothing_to_compare_have_tag=Seçili dal/etiket aynı.
 pulls.nothing_to_compare_and_allow_empty_pr=Bu dallar eÅŸittir. Bu DÄ° boÅŸ olacak.
 pulls.has_pull_request=`Bu dallar arasında zaten bir değişiklik isteği var: <a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=DeÄŸiÅŸiklik Ä°steÄŸi OluÅŸtur
@@ -1787,12 +1784,13 @@ pulls.add_prefix=<strong>%s</strong> ön ekini ekle
 pulls.remove_prefix=<strong>%s</strong> ön ekini kaldır
 pulls.data_broken=Bu değişiklik isteği, çatallama bilgilerinin eksik olması nedeniyle bozuldu.
 pulls.files_conflicted=Bu değişiklik isteğinde, hedef dalla çakışan değişiklikler var.
-pulls.is_checking=Birleştirme çakışması denetimi devam ediyor. Birkaç dakika sonra tekrar deneyin.
 pulls.is_ancestor=Bu dal zaten hedef dalda mevcut. BirleÅŸtirilecek bir ÅŸey yok.
 pulls.is_empty=Bu daldaki değişiklikler zaten hedef dalda mevcut. Bu boş bir işleme olacaktır.
 pulls.required_status_check_failed=Bazı gerekli denetimler başarılı olmadı.
 pulls.required_status_check_missing=Gerekli bazı kontroller eksik.
 pulls.required_status_check_administrator=Yönetici olarak, bu değişiklik isteğini yine de birleştirebilirsiniz.
+pulls.blocked_by_approvals=Bu değişiklik isteğinin henüz yeterli onayı yok. %d onay var, %d onay gerekiyor.
+pulls.blocked_by_approvals_whitelisted=Bu değişiklik isteği henüz yeterince onaya sahip değil. İzinli kullanıcılar veya takımlar %d/%d onay verdi.
 pulls.blocked_by_rejection=Bu değişiklik isteğinde resmi bir gözden geçiren tarafından istenen değişiklikler var.
 pulls.blocked_by_official_review_requests=Bu deÄŸiÅŸiklik isteÄŸinde resmi inceleme istekleri var.
 pulls.blocked_by_outdated_branch=Bu değişiklik isteği eskidiği için engellendi.
@@ -1809,16 +1807,12 @@ pulls.reject_count_1=%d deÄŸiÅŸiklik isteÄŸi
 pulls.reject_count_n=%d deÄŸiÅŸiklik isteÄŸi
 pulls.waiting_count_1=%d bekleyen inceleme
 pulls.waiting_count_n=%d bekleyen inceleme
-pulls.wrong_commit_id=işleme kimliği, hedef daldaki bir işleme kimliği olmalıdır
 
 pulls.no_merge_desc=Tüm depo birleştirme seçenekleri devre dışı bırakıldığından, bu değişiklik isteği birleştirilemez.
 pulls.no_merge_helper=Depo ayarlarındaki birleştirme seçeneklerini etkinleştirin veya değişiklik isteğini el ile birleştirin.
 pulls.no_merge_wip=Bu değişiklik isteği birleştirilemez çünkü devam eden bir çalışma olarak işaretlendi.
-pulls.no_merge_not_ready=Bu değişiklik isteği birleştirilmeye hazır değil, inceleme durumunu ve durum kontrollerini kontrol edin.
 pulls.no_merge_access=Bu deÄŸiÅŸiklik isteÄŸini birleÅŸtirme yetkiniz yok.
 pulls.merge_pull_request=BirleÅŸtirme iÅŸlemi oluÅŸtur
-pulls.rebase_merge_pull_request=Yeniden yapılandır ve ileri sar
-pulls.rebase_merge_commit_pull_request=Yeniden yapılandır ve birleştirme işlemi oluştur
 pulls.squash_merge_pull_request=Ezme iÅŸlemi oluÅŸtur
 pulls.fast_forward_only_merge_pull_request=Sadece ileri sarma
 pulls.merge_manually=Elle birleÅŸtirildi
@@ -1826,14 +1820,9 @@ pulls.merge_commit_id=BirleÅŸtirme iÅŸlemesi kimliÄŸi
 pulls.require_signed_wont_sign=Dal imzalı işlemeler gerektiriyor, ancak bu birleştirme imzalanmayacak
 
 pulls.invalid_merge_option=Bu değişiklik isteği için bu birleştirme seçeneğini kullanamazsınız.
-pulls.merge_conflict=Birleştirme Başarısız Oldu: Birleştirme sırasında bir çakışma oldu. İpucu: Farklı bir strateji deneyin
 pulls.merge_conflict_summary=Hata Mesajı
-pulls.rebase_conflict=Birleştirme Başarısız: Yeniden yapılandırma işlemesi sırasında bir çakışma oldu: %[1]s. İpucu: Farklı bir strateji deneyin
 pulls.rebase_conflict_summary=Hata Mesajı
-pulls.unrelated_histories=Birleştirme Başarısız: Birleştirme başlığı ve tabanı ortak bir geçmişi paylaşmıyor. İpucu: Farklı bir strateji deneyin
-pulls.merge_out_of_date=Birleştirme Başarısız: Birleştirme oluşturulurken, taban güncellendi. İpucu: Tekrar deneyin.
-pulls.head_out_of_date=Birleştirme Başarısız: Birleştirme oluşturulurken, ana güncellendi. İpucu: Tekrar deneyin.
-pulls.has_merged=Başarısız: Değişiklik isteği birleştirildi, yeniden birleştiremez veya hedef dalı değiştiremezsiniz.
+pulls.push_rejected=Gönderme Başarısız Oldu: Gönderme reddedildi. Bu depo için Git İstemcilerini inceleyin.
 pulls.push_rejected_summary=Tam Red Mesajı
 pulls.open_unmerged_pull_exists=`Aynı özelliklere sahip bekleyen bir değişiklik isteği (#%d) olduğundan yeniden açma işlemini gerçekleştiremezsiniz.`
 pulls.status_checking=Bazı denetlemeler beklemede
@@ -1858,7 +1847,6 @@ pulls.cmd_instruction_checkout_desc=Proje deponuzdan yeni bir dalı çekin ve de
 pulls.cmd_instruction_merge_title=BirleÅŸtir
 pulls.cmd_instruction_merge_desc=Değişiklikleri birleştirin ve Gitea'da güncelleyin.
 pulls.clear_merge_message=BirleÅŸtirme iletilerini temizle
-pulls.clear_merge_message_hint=Birleştirme iletisini temizlemek sadece işleme ileti içeriğini kaldırır ama üretilmiş "Co-Authored-By …" gibi git fragmanlarını korur.
 
 pulls.auto_merge_button_when_succeed=(Denetlemeler başarılı olduğunda)
 pulls.auto_merge_when_succeed=Tüm denetlemeler başarılı olduğundan otomatik olarak birleştir
@@ -1912,12 +1900,10 @@ milestones.filter_sort.most_issues=En çok konu
 milestones.filter_sort.least_issues=En az konu
 
 signing.will_sign=Bu işleme "%s" anahtarıyla imzalanacak.
-signing.wont_sign.error=İşlemenin imzalanıp imzalanamayacağını kontrol ederken bir hata oluştu.
 signing.wont_sign.nokey=Bu işlemeyi imzalamak için anahtar yok.
 signing.wont_sign.never=Ä°ÅŸlemeler asla imzalanmaz.
 signing.wont_sign.always=İşlemeler her zaman imzalanır.
 signing.wont_sign.pubkey=Hesabınızla ilişkilendirilmiş bir ortak anahtarınız olmadığı için işleme imzalanmayacak.
-signing.wont_sign.twofa=İşlemelerin imzalanması için iki aşamalı kimlik doğrulamayı etkinleştirmelisiniz.
 signing.wont_sign.parentsigned=Üst işleme imzalanmadığı için bu işleme imzalanmayacak.
 signing.wont_sign.basesigned=Temel işleme imzalanmadığı için birleştirme imzalanmayacak.
 signing.wont_sign.headsigned=Ana işleme imzalanmadığı için birleştirme imzalanmayacak.
@@ -2003,7 +1989,6 @@ activity.title.releases_1=%d Sürüm
 activity.title.releases_n=%d Sürüm
 activity.title.releases_published_by=%s %s tarafından yayınlandı
 activity.published_release_label=Yayınlandı
-activity.no_git_activity=Bu dönemde herhangi bir işleme yapılmamıştır.
 activity.git_stats_exclude_merges=Birleştirmeler hariç,
 activity.git_stats_author_1=%d yazar
 activity.git_stats_author_n=%d yazar
@@ -2031,8 +2016,8 @@ contributors.contribution_type.additions=Eklemeler
 contributors.contribution_type.deletions=Silmeler
 
 settings=Ayarlar
-settings.desc=Ayarlar, deponun ayarlarını yönetebileceğiniz yerdir
 settings.options=Depo
+settings.public_access=Herkese Açık Erişim
 settings.collaboration=Katkıcılar
 settings.collaboration.admin=Yönetici
 settings.collaboration.write=Yazma
@@ -2048,7 +2033,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=Projenizi iÅŸlem
 settings.mirror_settings.docs.disabled_push_mirror.instructions=Projenizi işlemeleri, etiketleri ve dalları başka bir depodan otomatik olarak çekecek şekilde kurun.
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Şu an bu sadece "Yeni Göç" menüsüyle yapılabilir. Daha fazla bilgi için, lütfen şuraya danışın:
 settings.mirror_settings.docs.disabled_push_mirror.info=Gönderme yansıları site yöneticiniz tarafından devre dışı bırakılmıştır.
-settings.mirror_settings.docs.no_new_mirrors=Deponuz değişiklikleri başka bir depoyla yansılıyor. Şu an başka bir yansı oluşturamayacağınızı unutmayın.
 settings.mirror_settings.docs.can_still_use=Her ne kadar mevcut yansıları değiştiremiyor veya yeni yansı oluşturamıyor olsanız da, hala mevcut yansıyı kullanabilirsiniz.
 settings.mirror_settings.docs.pull_mirror_instructions=Çekme yansıyı kurmak için, lütfen şuraya danışın:
 settings.mirror_settings.docs.more_information_if_disabled=İtme ve çekme yansıları hakkında daha fazla bilgiye şuradan ulaşabilirsiniz:
@@ -2122,7 +2106,6 @@ settings.admin_indexer_commit_sha=Son Dizinlenen SHA
 settings.admin_indexer_unindexed=DizinlenmemiÅŸ
 settings.reindex_button=Yeniden Dizinleme KuyruÄŸuna Ekle
 settings.reindex_requested=Yeniden Dizinleme Ä°stendi
-settings.admin_enable_close_issues_via_commit_in_any_branch=Varsayılan olmayan bir dalda yapılan bir işlemeyle konuyu kapat
 settings.danger_zone=Tehlike Alanı
 settings.new_owner_has_same_repo=Yeni sahibin aynı isimde başka bir deposu var. Lütfen farklı bir isim seçin.
 settings.convert=Düzenli Depoya Dönüştür
@@ -2144,7 +2127,6 @@ settings.transfer_abort_invalid=Var olmayan bir depo aktarımını iptal edemezs
 settings.transfer_abort_success=%s tarafına yapılan depo aktarımı başarıyla iptal edildi.
 settings.transfer_desc=Bu depoyu bir kullanıcıya veya yönetici haklarına sahip olduğunuz bir organizasyona aktarın.
 settings.transfer_form_title=Onaylamak için depo adını girin:
-settings.transfer_in_progress=Şu anda devam etmekte olan bir aktarım mevcut. Eğer bu depoyu başka bir kullanıcıya aktarmak istiyorsanız mevcut aktarımı iptal edin.
 settings.transfer_notices_1=- Bireysel bir kullanıcıya aktarırsanız depoya erişiminizi kaybedersiniz.
 settings.transfer_notices_2=- Sahip (-yardımcı) olduğunuz bir organizasyona devrederseniz, depoya erişmeye devam edersiniz.
 settings.transfer_notices_3=- Depo özelse ve bireysel bir kullanıcıya aktarılmışsa, bu eylem kullanıcının en azından okuma iznine sahip olmasını sağlar (ve gerekirse izinleri değiştirir).
@@ -2158,13 +2140,9 @@ settings.trust_model.default=Varsayılan Güven Modeli
 settings.trust_model.default.desc=Bu kurulum için varsayılan depo güven modelini kullanın.
 settings.trust_model.collaborator=Katkıcı
 settings.trust_model.collaborator.long=Katkıcı: Katkıcıların imzalarına güvenin
-settings.trust_model.collaborator.desc=Bu deponun katkıcılarının geçerli imzaları "güvenilir" olarak işaretlenecektir - (işleyici ile eşleşse de eşleşmese de). Aksi takdirde, imzanın işleyiciyle eşleşmesi durumunda geçerli imzalar "güvenilmez", eşleşmiyorsa "eşleşmemiş" olarak işaretlenir.
 settings.trust_model.committer=Ä°ÅŸleyici
-settings.trust_model.committer.long=İşleyici: İşleyicilerle eşleşen imzalara güvenin (Bu, GitHub ile eşleşir ve Gitea imzalı işlemeleri işleyen olarak Gitea'ya sahip olmaya zorlar)
-settings.trust_model.committer.desc=Geçerli imzalar yalnızca işleyiciyle eşleşiyorsa "güvenilir" olarak işaretlenir, aksi takdirde "eşleşmemiş" olarak işaretlenir. Bu, Gitea'yı işlemede Ortak Yazan: ve Ortak İşlenen: fragmanı olarak işaretlenen gerçek kaydediciyle imzalanan işlemelerde işleyici olmayı zorlayacaktır. Varsayılan Gitea anahtarı, veritabanındaki bir Kullanıcıyla eşleşmelidir.
 settings.trust_model.collaboratorcommitter=Katkıcı+İşleyici
 settings.trust_model.collaboratorcommitter.long=Katkıcı+İşleyen: İşleyenle eşleşen katkıcıların imzalarına güvenin
-settings.trust_model.collaboratorcommitter.desc=Bu deponun katkıcılarının geçerli imzaları, işleyici ile eşleşiyorlarsa "güvenilir" olarak işaretlenecektir. Aksi takdirde, imza işleyiciyle eşleşiyorsa geçerli imzalar "güvenilmez", aksi takdirde "eşleşmiyor" olarak işaretlenir. Bu, Gitea'yı işlemede Ortak Yazan: ve Ortak İşlenen: fragmanı olarak işaretlenmiş gerçek işleyici ile imzalı işlemelerde işleyici olarak işaretlenmeye zorlayacaktır. Varsayılan Gitea anahtarı, veritabanındaki bir Kullanıcıyla eşleşmelidir.
 settings.wiki_delete=Wiki Verisini Sil
 settings.wiki_delete_desc=Depo wiki verilerini silmek kalıcıdır ve geri alınamaz.
 settings.wiki_delete_notices_1=- Bu işlem, %s için depo wiki'sini kalıcı olarak siler ve devre dışı bırakır.
@@ -2173,7 +2151,6 @@ settings.wiki_deletion_success=Depo wiki verisi silindi.
 settings.delete=Bu Depoyu Sil
 settings.delete_desc=Bir depoyu silmek kalıcıdır ve geri alınamaz.
 settings.delete_notices_1=- Bu iÅŸlem geri <strong>ALINAMAZ</strong>.
-settings.delete_notices_2=- Bu işlem, kod, sorunlar, yorumlar, wiki verileri ve katkıcı ayarları dahil olmak üzere <strong>%s</strong> deposunu kalıcı olarak siler.
 settings.delete_notices_fork_1=- Silme işleminden sonra bu deponun çatalları bağımsız hale gelecektir.
 settings.deletion_success=Depo silindi.
 settings.update_settings_success=Depo ayarları güncellendi.
@@ -2195,8 +2172,6 @@ settings.team_not_in_organization=Takım, depo ile aynı organizasyonda değil
 settings.teams=Takımlar
 settings.add_team=Takım Ekle
 settings.add_team_duplicate=Takım zaten bu depoya sahip
-settings.add_team_success=Takım artık bu depoya erişebilir.
-settings.change_team_permission_tip=Takımın izni takım ayarı sayfasında ayarlanır ve depo başına değiştirilemez
 settings.delete_team_tip=Bu takımın tüm depolara erişimi var ve kaldırılamıyor
 settings.remove_team_success=Takımın depoya erişimi kaldırıldı.
 settings.add_webhook=Web Ä°steÄŸi Ekle
@@ -2205,8 +2180,6 @@ settings.hooks_desc=Web istemcileri, belirli Gitea olayları tetiklendiğinde ot
 settings.webhook_deletion=Web Ä°steÄŸini Sil
 settings.webhook_deletion_desc=Bir web isteğini kaldırmak, ayarlarını ve teslimat geçmişini siler. Devam edilsin mi?
 settings.webhook_deletion_success=Web isteÄŸi silindi.
-settings.webhook.test_delivery=Test Dağıtımı
-settings.webhook.test_delivery_desc=Bu web isteÄŸini sahte bir olayla test edin.
 settings.webhook.test_delivery_desc_disabled=Bu web istemcisini sahte bir olayla denemek için etkinleştirin.
 settings.webhook.request=Ä°stekler
 settings.webhook.response=Cevaplar
@@ -2253,7 +2226,6 @@ settings.event_repository=Depo
 settings.event_repository_desc=Depo oluÅŸturuldu veya silindi.
 settings.event_header_issue=Konu Olayları
 settings.event_issues=Konular
-settings.event_issues_desc=Konu açıldı, kapatıldı, yeniden açıldı veya düzenlendi.
 settings.event_issue_assign=Konu Atandı
 settings.event_issue_assign_desc=Konu atandı veya atanmadı.
 settings.event_issue_label=Konu Etiketlendi
@@ -2264,7 +2236,6 @@ settings.event_issue_comment=Konu Yorumu
 settings.event_issue_comment_desc=Konu yorumu eklendiğinde, düzenlendiğinde veya silindiğinde.
 settings.event_header_pull_request=Değişiklik İsteği Olayları
 settings.event_pull_request=İstek Çek
-settings.event_pull_request_desc=Değişiklik isteği açıldı, kapatıldı, yeniden açıldı veya düzenlendi.
 settings.event_pull_request_assign=Değişiklik İsteği Atandı
 settings.event_pull_request_assign_desc=Değişiklik isteği atanmış veya atanmamış.
 settings.event_pull_request_label=DeÄŸiÅŸiklik Ä°steÄŸi Etiketlendi
@@ -2284,6 +2255,7 @@ settings.event_pull_request_merge=DeÄŸiÅŸiklik Ä°steÄŸi BirleÅŸtirme
 settings.event_package=Paket
 settings.event_package_desc=Bir depoda paket oluÅŸturuldu veya silindi.
 settings.branch_filter=Dal filtresi
+settings.branch_filter_desc=Gönderme, dal oluşturma ve dal silme olayları için glob deseni olarak belirtilen dal beyaz listesi. Boşsa veya <code>*</code> ise, tüm dallar için olaylar raporlanır. Sözdizimi için <a href="%[1]s">%[2]s</a> belgelerine bakın. Örnekler: <code>master</code>, <code>{master,release*}</code>.
 settings.authorization_header=Yetkilendirme Başlığı
 settings.authorization_header_desc=Mevcutsa isteklere yetkilendirme başlığı olarak eklenecektir. Örnekler: %s.
 settings.active=Etkin
@@ -2424,7 +2396,6 @@ settings.archive.tagsettings_unavailable=Depo arşivlenmişse etiket ayarları k
 settings.archive.mirrors_unavailable=Depo arşivlenmişse yansılar kullanılamaz.
 settings.unarchive.button=Depoyu Arşivden Çıkar
 settings.unarchive.header=Bu Depoyu Arşivden Çıkar
-settings.unarchive.text=Depoyu arşivden çıkarmak, yeni sorunların ve değişiklik isteklerinin yanı sıra işleme ve itme yeteneğini de geri kazandıracaktır.
 settings.unarchive.success=Depo başarıyla arşivden çıkarıldı.
 settings.unarchive.error=Depoyu arşivden çıkarmaya çalışırken bir hata oluştu. Daha fazla ayrıntı için günlüğe bakın.
 settings.update_avatar_success=Depo resmi güncellendi.
@@ -2442,11 +2413,9 @@ settings.lfs_invalid_locking_path=Geçersiz yol: %s
 settings.lfs_invalid_lock_directory=Dizin kilitlenemiyor: %s
 settings.lfs_lock_already_exists=Kilit zaten var: %s
 settings.lfs_lock=Kilitle
-settings.lfs_lock_path=Kilitlenecek dosya yolu...
 settings.lfs_locks_no_locks=Kilit yok
 settings.lfs_lock_file_no_exist=Kilitli dosya varsayılan dalda mevcut değil
 settings.lfs_force_unlock=Kilidi Açmaya Zorla
-settings.lfs_pointers.found=Bulunan %d blob işaretçi(leri) - %d ilişkili, %d ilişkilendirilmemiş (%d mağazadan eksik)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=Depoda
@@ -2618,7 +2587,6 @@ error.csv.invalid_field_count=%d satırında yanlış sayıda alan olduğundan b
 error.broken_git_hook=Bu deponun Git İstemcileri bozuk gibi gözüküyor. Onarmak için lütfen <a target="_blank" rel="noreferrer" href="%s">belgelere</a> bakın, daha sonra durumu yenilemek için bazı işlemeler itin.
 
 [graphs]
-component_loading=%s yükleniyor...
 component_loading_failed=%s yüklenemedi
 component_loading_info=Bu biraz sürebilir…
 component_failed_to_load=Beklenmedik bir hata oluÅŸtu.
@@ -2656,7 +2624,6 @@ form.create_org_not_allowed=Organizasyon oluşturmanıza izin verilmiyor.
 settings=Ayarlar
 settings.options=Organizasyon
 settings.full_name=Tam Ä°sim
-settings.email=Ä°letiÅŸim E-posta
 settings.website=Web Sitesi
 settings.location=Lokasyon
 settings.permission=Ä°zinler
@@ -2670,15 +2637,13 @@ settings.visibility.private_shortname=Özel
 
 settings.update_settings=Ayarları Güncelle
 settings.update_setting_success=Organizasyon ayarları güncellendi.
-settings.change_orgname_prompt=Not: Organizasyon adını değiştirmek organizasyonunuzun URL'sini de değiştirecek ve eski ismi serbest bıracaktır.
-settings.change_orgname_redirect_prompt=Eski ad, talep edilene kadar yeniden yönlendirilecektir.
+
+
 settings.update_avatar_success=Organizasyonun resmi güncellendi.
 settings.delete=Organizasyonu Sil
 settings.delete_account=Bu Organizasyonu Sil
 settings.delete_prompt=Organizasyon kalıcı olarak kaldırılacaktır. Bu işlem <strong>GERİ ALINAMAZ</strong>!
 settings.confirm_delete_account=Silmeyi Onaylıyorum
-settings.delete_org_title=Organizasyonu Sil
-settings.delete_org_desc=Bu organizasyon kalıcı olarak silinecektir. Devam edilsin mi?
 settings.hooks_desc=Bu organizasyon altındaki <strong>tüm depolar</strong> için tetiklenecek webhook'lar ekle.
 
 settings.labels_desc=Bu organizasyonun altındaki <strong>tüm depolar</strong> ile ilgili konularda kullanılabilecek etiketler ekleyin.
@@ -2733,7 +2698,6 @@ teams.remove_all_repos_title=Tüm takım depolarını kaldır
 teams.remove_all_repos_desc=Bu, tüm depoları takımdan kaldıracaktır.
 teams.add_all_repos_title=Tüm depoları ekle
 teams.add_all_repos_desc=Bu, organizasyonun tüm depolarını takıma ekleyecektir.
-teams.add_nonexistent_repo=Eklemeye çalıştığınz depo mevcut değil. Lütfen önce oluşturun.
 teams.add_duplicate_users=Kullanıcı zaten takımın üyesi.
 teams.repos.none=Bu takım tarafından hiçbir depoya erişilemedi.
 teams.members.none=Bu takımda üye yok.
@@ -2763,7 +2727,6 @@ repositories=Depolar
 hooks=Web Ä°stemcileri
 integrations=Bütünleştirmeler
 authentication=Yetkilendirme Kaynakları
-emails=Kullanıcı E-postaları
 config=Yapılandırma
 config_summary=Özet
 config_settings=Ayarlar
@@ -2794,11 +2757,8 @@ dashboard.cron.cancelled=Cron: %[1]s iptal edildi: %[3]s
 dashboard.cron.error=Cron Hatası: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s bitti
 dashboard.delete_inactive_accounts=Etkinleştirilmemiş tüm hesapları sil
-dashboard.delete_inactive_accounts.started=Etkinleştirilmemiş tüm hesapları silme görevi başladı.
 dashboard.delete_repo_archives=Tüm depoların arşivlerini (ZIP, TAR.GZ, vb.) sil
-dashboard.delete_repo_archives.started=Tüm depo arşivlerini silme görevi başladı.
 dashboard.delete_missing_repos=Git dosyaları eksik olan tüm depoları sil
-dashboard.delete_missing_repos.started=Git dosyaları eksik olan tüm depoları silme görevi başladı.
 dashboard.delete_generated_repository_avatars=OluÅŸturulan depo resimlerini sil
 dashboard.sync_repo_branches=Eşzamanlama git verisinden veritabanlarına dalları kaçırdı
 dashboard.sync_repo_tags=Etiketleri git verisinden veritabanına eşitle
@@ -2806,17 +2766,9 @@ dashboard.update_mirrors=Yansıları Güncelle
 dashboard.repo_health_check=Tüm depoların sağlığını denetle
 dashboard.check_repo_stats=Tüm depo istatistiklerini denetle
 dashboard.archive_cleanup=Eski depo arÅŸivlerini sil
-dashboard.deleted_branches_cleanup=Silinen dalları temizle
 dashboard.update_migration_poster_id=Taşıma poster kimliklerini güncelle
-dashboard.git_gc_repos=Depolardaki çöpleri topla
-dashboard.resync_all_sshkeys='.ssh/authority_keys' dosyasını Gitea SSH anahtarlarıyla güncelle.
-dashboard.resync_all_sshprincipals='.ssh/authorized_principals' dosyasını Gitea SSH sorumlularıyla güncelleyin.
-dashboard.resync_all_hooks=Tüm depoların alma öncesi, güncelleme ve alma sonrası kancalarını yeniden senkronize edin.
 dashboard.reinit_missing_repos=Kayıtları bulunanlar için tüm eksik Git depolarını yeniden başlat
 dashboard.sync_external_users=Harici kullanıcı verisini senkronize et
-dashboard.cleanup_hook_task_table=Hook_task tablosunu temizleme
-dashboard.cleanup_packages=Süresi dolmuş paketleri temizleme
-dashboard.cleanup_actions=Eylemlerin süresi geçmiş günlük ve yapılarını temizle
 dashboard.server_uptime=Sunucunun Ayakta Kalma Süresi
 dashboard.current_goroutine=Güncel Goroutine'ler
 dashboard.current_memory_usage=Güncel Bellek Kullanımı
@@ -2847,10 +2799,8 @@ dashboard.total_gc_pause=Toplam GC Durması
 dashboard.last_gc_pause=Son GC Durması
 dashboard.gc_times=GC Zamanları
 dashboard.delete_old_actions=Veritabanından tüm eski faaliyetleri sil
-dashboard.delete_old_actions.started=Veritabanından başlatılan tüm eski faaliyetleri silin.
 dashboard.update_checker=Denetleyiciyi güncelle
 dashboard.delete_old_system_notices=Veritabanından tüm eski sistem bildirimlerini sil
-dashboard.gc_lfs=LFS üst nesnelerin atıklarını temizle
 dashboard.stop_zombie_tasks=Zombi görevlerin durdurma eylemleri
 dashboard.stop_endless_tasks=Daimi görevlerin durdurma eylemleri
 dashboard.cancel_abandoned_jobs=Terkedilmiş görevlerin iptal eylemleri
@@ -2873,7 +2823,6 @@ users.2fa=2FD
 users.repos=Depolar
 users.created=OluÅŸturuldu
 users.last_login=Son Oturum Açma
-users.never_login=Hiç Oturum Açılmadı
 users.send_register_notify=Kullanıcı Kayıt Bildirimi Gönder
 users.new_success=`"%s" kullanıcı hesabı oluşturuldu.`
 users.edit=Düzenle
@@ -2900,7 +2849,6 @@ users.still_own_repo=Bu kullanıcı hala bir veya daha fazla depoya sahip. Önce
 users.still_has_org=Bu kullanıcı bir organizasyonun üyesidir. Önce kullanıcıyı tüm organizasyonlardan çıkarın.
 users.purge=Kullanıcıyı Temizle
 users.purge_help=Kullanıcıyı ve sahip olduğu herhangi bir depoyu, organizasyonu ve paketleri zorla sil. Tüm yorumlar da silinecektir.
-users.still_own_packages=Kullanıcının bir veya daha fazla paketi var, önce bu paketleri silin.
 users.deletion_success=Kullanıcı hesabı silindi.
 users.reset_2fa=2FD'yi sıfırla
 users.list_status_filter.menu_text=Filtre
@@ -2920,11 +2868,7 @@ users.details=Kullanıcı Ayrıntıları
 emails.email_manage_panel=Kullanıcı E-posta Yönetimi
 emails.primary=Birincil
 emails.activated=AktifleÅŸtirildi
-emails.filter_sort.email=E-Posta
-emails.filter_sort.email_reverse=E-posta (ters)
 emails.filter_sort.name=Kullanıcı Adı
-emails.filter_sort.name_reverse=Kullanıcı Adı (ters)
-emails.updated=E-posta güncellendi
 emails.not_updated=İstenen e-posta adresi güncellenemedi: %v
 emails.duplicate_active=Bu e-posta adresi farklı bir kullanıcı için zaten aktif.
 emails.change_email_header=E-posta Özelliklerini Güncelle
@@ -2932,7 +2876,6 @@ emails.change_email_text=Bu e-posta adresini güncellemek istediğinizden emin m
 emails.delete=E-postayı Sil
 emails.delete_desc=Bu e-posta adresini silmek istediÄŸinizden emin misiniz?
 emails.deletion_success=E-posta adresi silindi.
-emails.delete_primary_email_error=Ana e-posta adresini silemezsiniz.
 
 orgs.org_manage_panel=Organizasyon Yönetimi
 orgs.name=Ä°sim
@@ -3044,26 +2987,18 @@ auths.oauth2_required_claim_name_helper=Bu ismi, bu kaynağa oturum açmayı bu
 auths.oauth2_required_claim_value=Gerekli Talep DeÄŸeri
 auths.oauth2_required_claim_value_helper=Bu değeri, bu kaynağa oturum açmayı bu isimdeki ve değerdeki talebe sahip kullanıcıların girişiyle sınırlamak için ayarlayın
 auths.oauth2_group_claim_name=Talep ismi bu kaynak için grup isimlerini sağlıyor. (İsteğe bağlı)
-auths.oauth2_admin_group=Yönetici kullanıcıları için Grup Talep değeri. (İsteğe bağlı, yukarıda talep ismine gerek duyar)
-auths.oauth2_restricted_group=Kısıtlı kullanıcılar için Grup Talep değeri. (İsteğe bağlı, yukarıda talep ismine gerek duyar)
-auths.oauth2_map_group_to_team=Talep edilen grupları Organizasyon takımlarına eşle. (İsteğe bağlıdır - yukarıdaki talep adına gerek duyar)
 auths.oauth2_map_group_to_team_removal=Eğer kullanıcı ilişkili gruba ait değilse, kullanıcıları eşleşmiş takımlardan çıkarın.
 auths.enable_auto_register=Otomatik Kaydolmayı Etkinleştir
 auths.sspi_auto_create_users=Kullanıcıları otomatik olarak oluştur
-auths.sspi_auto_create_users_helper=SSPI kimlik doğrulama yönteminin ilk kez oturum açan kullanıcılar için otomatik olarak yeni hesaplar oluşturmasına izin ver
 auths.sspi_auto_activate_users=Kullanıcıları otomatik olarak etkinleştir
 auths.sspi_auto_activate_users_helper=SSPI kimlik doğrulama yönteminin yeni kullanıcıları otomatik olarak etkinleştirmesine izin ver
 auths.sspi_strip_domain_names=Alan adlarını kullanıcı adlarından kaldır
-auths.sspi_strip_domain_names_helper=İşaretlenirse, etki alanı adları oturum açma adlarından kaldırılacaktır (örn. "ETKİALANI\kullanıcı" ve " kullanıcı@örnek.org "her ikisi de sadece "kullanıcı" olacak).
 auths.sspi_separator_replacement=\, / ve @ yerine kullanılacak ayırıcı
-auths.sspi_separator_replacement_helper=Alt seviye oturum açma adlarının (örneğin, "ETKİALANI\kullanıcı" içindeki \) ve kullanıcı asıl adlarının (örneğin, "kullanıcı@örnek.org" daki @) ayırıcılarını değiştirmek için kullanılacak karakter.
 auths.sspi_default_language=Varsayılan kullanıcı dili
-auths.sspi_default_language_helper=SSPI kimlik doğrulama yöntemi tarafından otomatik olarak oluşturulan kullanıcılar için varsayılan dil. Dili otomatik olarak algılamayı tercih ederseniz boş bırakın.
 auths.tips=İpuçları
 auths.tips.oauth2.general=OAuth2 Kimlik DoÄŸrulama
 auths.tips.oauth2.general.tip=Yeni bir OAuth2 kimlik doğrulama kaydederken, geri çağırma/yönlendirme URL'si şu olmalıdır:
 auths.tip.oauth2_provider=OAuth2 Sağlayıcısı
-auths.tip.nextcloud=Aşağıdaki "Ayarlar -> Güvenlik -> OAuth 2.0 istemcisi" menüsünü kullanarak örneğinize yeni bir OAuth tüketicisi kaydedin
 auths.tip.openid_connect=Bitiş noktalarını belirlemek için OpenID Connect Discovery URL'sini (https://{server}/.well-known/openid-configuration) kullanın
 auths.tip.mastodon=Kimlik doğrulaması yapmak istediğiniz mastodon örneği için özel bir örnek URL girin (veya varsayılan olanı kullanın)
 auths.edit=Kimlik Doğrulama Kaynağı Düzenle
@@ -3107,8 +3042,6 @@ config.ssh_domain=SSH Sunucusu Alan Adı
 config.ssh_port=Bağlantı Noktası
 config.ssh_listen_port=Port'u Dinle
 config.ssh_root_path=Kök Yol
-config.ssh_key_test_path=Anahtar Test Yolu
-config.ssh_keygen_path=Keygen ('ssh-keygen') Yolu
 config.ssh_minimum_key_size_check=Minimum Anahtar Uzunluğu Kontrolü
 config.ssh_minimum_key_sizes=Minimum Anahtar Uzunlukları
 
@@ -3166,7 +3099,6 @@ config.mailer_sendmail_path=Sendmail Yolu
 config.mailer_sendmail_args=Sendmail İçin İlave Değişkenler
 config.mailer_sendmail_timeout=Sendmail Zaman Aşımı
 config.mailer_use_dummy=Sahte
-config.test_email_placeholder=E-posta (ör. test@example.com)
 config.send_test_mail=Test E-postası Gönder
 config.send_test_mail_submit=Gönder
 config.test_mail_failed=`"%s" adresine deneme e-postası gönderilemedi: %v`
@@ -3251,7 +3183,6 @@ monitor.queue.numberinqueue=Kuyruktaki Sayı
 monitor.queue.review_add=Çalışanları İncele / Ekle
 monitor.queue.settings.title=Havuz Ayarları
 monitor.queue.settings.desc=Havuzlar, çalışan kuyruğu tıkanmasına bir yanıt olarak dinamik olarak büyürler.
-monitor.queue.settings.maxnumberworkers=En fazla çalışan Sayısı
 monitor.queue.settings.maxnumberworkers.placeholder=Åžu anda %[1]d
 monitor.queue.settings.maxnumberworkers.error=En fazla çalışan sayısı bir sayı olmalıdır
 monitor.queue.settings.submit=Ayarları Güncelle
@@ -3277,10 +3208,6 @@ notices.delete_success=Sistem bildirimleri silindi.
 self_check.no_problem_found=Henüz bir sorun bulunmadı.
 self_check.startup_warnings=Başlangıç uyarıları:
 self_check.database_collation_mismatch=Veritabanının şu harmanlamayı kullanmasını bekle: %s
-self_check.database_collation_case_insensitive=Veritabanı %s harmanlamasını kullanıyor, bu duyarsız bir harmanlamadır. Her ne kadar Gitea bununla çalışabilse de, beklendiği gibi çalışmadığı nadir durumlar ortaya çıkabilir.
-self_check.database_inconsistent_collation_columns=Veritabanı %s harmanlamasını kullanıyor, ancak bu sütunlar uyumsuz harmanlamalar kullanıyor. Bu beklenmedik sorunlar oluşturabilir.
-self_check.database_fix_mysql=MySQL/MariaDB kullanıcıları "gitea doctor convert" komutunu harmanlama sorunlarını çözmek için kullanabilir veya "ALTER ... COLLATE ..." SQL'lerini şahsen çalıştırarak sorunu çözebilirler.
-self_check.database_fix_mssql=MSSQL kullanıcıları sorunu şu an sadece "ALTER ... COLLATE ..." SQL'lerini şahsen çalıştırarak çözebilirler.
 self_check.location_origin_mismatch=Mevcut URL (%[1]s) Gitea tarafından görülen URL (%[2]s) ile eşleşmiyor. Eğer bir vekil sunucu kullanıyorsanız, lütfen "Host" ve "X-Forwarded-Proto" başlıklarının doğru ayarlandığından emin olunuz.
 
 [action]
@@ -3363,8 +3290,6 @@ error.no_committer_account=İşleyicinin e-posta adresine bağlı hesap yok
 error.no_gpg_keys_found=Veri tabanında bu imza için bilinen anahtar bulunamadı
 error.not_signed_commit=İmzalı bir işleme değil
 error.failed_retrieval_gpg_keys=İşleyicin hesabına bağlı herhangi bir anahtar alınamadı
-error.probable_bad_signature=UYARI! Veritabanında bu kimliğe sahip bir anahtar olmasına rağmen, bu işlemeyi doğrulamaz! Bu işleme ŞÜPHELİDİR.
-error.probable_bad_default_signature=UYARI! Varsayılan anahtarın bu kimliği olmasına rağmen, bu işlemeyi doğrulamaz! Bu işleme ŞÜPHELİDİR.
 
 [units]
 unit=Birim
@@ -3402,7 +3327,6 @@ versions=Sürümler
 versions.view_all=Tümünü görüntüle
 dependency.id=Kimlik
 dependency.version=Sürüm
-alpine.registry=Bu kütüğü, <code>/etc/apk/repositories</code> dosyanıza url'yi ekleyerek kurun:
 alpine.registry.key=Kütüğün açık RSA anahtarını, indeks imzasını doğrulamak için <code>/etc/apk/keys/</code> dizinine indirin:
 alpine.registry.info=Aşağıdaki listeden $branch ve $repository seçin.
 alpine.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
@@ -3413,18 +3337,13 @@ alpine.repository.architectures=Mimariler
 arch.repository=Depo Bilgisi
 arch.repository.repositories=Depolar
 arch.repository.architectures=Mimariler
-cargo.registry=Bu kütüğü Cargo yapılandırma dosyasına (örneğin <code>~/.cargo/config.toml</code>) ayarlayın:
 cargo.install=Paketi Cargo kullanarak kurmak için, şu komutu çalıştırın:
-chef.registry=Bu kütüğü <code>~/.chef/config.rb</code> dosyasında ayarlayın:
 chef.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
-composer.registry=Bu kütüğü <code>~/.composer/config.json</code> dosyasında ayarlayın:
 composer.install=Paketi Composer ile kurmak için, şu komutu çalıştırın:
 composer.dependencies=Bağımlılıklar
 composer.dependencies.development=Geliştirme Bağımlılıkları
 conan.details.repository=Depo
-conan.registry=Bu kütüğü komut satırını kullanarak kurun:
 conan.install=Conan ile paket kurmak için aşağıdaki komutu çalıştırın:
-conda.registry=Bu kütüğü <code>.condarc</code> dosyasında bir Conda deposu olarak ayarlayın:
 conda.install=Conda ile paket kurmak için aşağıdaki komutu çalıştırın:
 container.details.type=Görüntü Türü
 container.details.platform=Platform
@@ -3434,9 +3353,7 @@ container.layers=Görüntü Katmanları
 container.labels=Etiketler
 container.labels.key=Anahtar
 container.labels.value=DeÄŸer
-cran.registry=Bu kütüğü <code>Rprofile.site</code> dosyasında ayarlayın:
 cran.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
-debian.registry=Bu kütüğü komut satırını kullanarak kurun:
 debian.registry.info=Aşağıdaki listeden $distribution ve $component seçin.
 debian.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
 debian.repository=Depo Bilgisi
@@ -3445,16 +3362,11 @@ debian.repository.components=BileÅŸenler
 debian.repository.architectures=Mimariler
 generic.download=Paketi komut satırında indirin:
 go.install=Paketi komut satırını kullanarak yükleyin:
-helm.registry=Bu kütüğü komut satırını kullanarak kurun:
 helm.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
-maven.registry=Bu kütüğü projenizdeki <code>pom.xml</code> dosyasında ayarlayın:
-maven.install=Paketi kullanmak için aşağıdaki <code>dependencies</code> parçasını <code>pom.xml</code> dosyasınıza ekleyin:
 maven.install2=Komut satırında çalıştırın:
 maven.download=Bağımlılığı indirmek için, komut satırında çalıştırın:
-nuget.registry=Bu kütüğü komut satırını kullanarak kurun:
 nuget.install=Paketi NuGet ile kurmak için, şu komutu çalıştırın:
 nuget.dependency.framework=Hedef Çerçeve
-npm.registry=Bu kütüğü projenizdeki <code>.npmrc</code> dosyasında ayarlayın:
 npm.install=Paketi npm ile kurmak için, şu komutu çalıştırın:
 npm.install2=veya paketi package.json dosyasına ekleyin:
 npm.dependencies=Bağımlılıklar
@@ -3466,7 +3378,6 @@ npm.details.tag=Etiket
 pub.install=Paketi Dart ile kurmak için, şu komutu çalıştırın:
 pypi.requires=Gereken Python
 pypi.install=Paketi pip ile kurmak için, şu komutu çalıştırın:
-rpm.registry=Bu kütüğü komut satırını kullanarak kurun:
 rpm.distros.redhat=RedHat tabanlı dağıtımlarda
 rpm.distros.suse=SUSE tabanlı dağıtımlarda
 rpm.install=Paketi kurmak için, aşağıdaki komutu çalıştırın:
@@ -3479,7 +3390,6 @@ rubygems.dependencies.runtime=Çalışma Zamanı Bağımlılıkları
 rubygems.dependencies.development=Geliştirme Bağımlılıkları
 rubygems.required.ruby=Gereken Ruby sürümü
 rubygems.required.rubygems=Gereken RubyGem sürümü
-swift.registry=Bu kütüğü komut satırını kullanarak kurun:
 swift.install=Paketi <code>Package.swift</code> dosyanıza ekleyin:
 swift.install2=ve şu komutu çalıştırın:
 vagrant.install=Vagrant paketi eklemek için aşağıdaki komutu çalıştırın:
@@ -3502,7 +3412,6 @@ owner.settings.cargo.initialize.success=Cargo dizini başarıyla oluşturuldu.
 owner.settings.cargo.rebuild=Dizini yeniden oluÅŸtur
 owner.settings.cargo.rebuild.description=İndeks, depolanmış Cargo paketleriyle eşzamanlanmamışsa yeniden oluşturma yararlı olabilir.
 owner.settings.cargo.rebuild.error=Cargo dizinini yeniden oluşturma başarısız oldu: %v
-owner.settings.cargo.rebuild.success=Cargo dizini başarıyla yeniden oluşturuldu.
 owner.settings.cleanuprules.title=Temizleme Kurallarını Yönet
 owner.settings.cleanuprules.add=Temizleme Kuralı Ekle
 owner.settings.cleanuprules.edit=Temizleme Kuralı Düzenle
@@ -3531,12 +3440,13 @@ owner.settings.chef.keypair.description=Chef kütüğünde kimlik doğrulaması
 secrets=Gizlilikler
 description=Gizlilikler belirli işlemlere aktarılacaktır, bunun dışında okunamaz.
 none=Henüz gizlilik yok.
-creation=Gizlilik Ekle
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Açıklama
 creation.name_placeholder=küçük-büyük harfe duyarlı değil, alfanümerik karakterler veya sadece alt tire, GITEA_ veya GITHUB_ ile başlayamaz
 creation.value_placeholder=Herhangi bir içerik girin. Baştaki ve sondaki boşluklar ihmal edilecektir.
-creation.success=Gizlilik "%s" eklendi.
-creation.failed=Gizlilik eklenemedi.
+
+
 deletion=Gizliliği kaldır
 deletion.description=Bir gizliliği kaldırma kalıcıdır ve geri alınamaz. Devam edilsin mi?
 deletion.success=Gizlilik kaldırıldı.
@@ -3584,7 +3494,6 @@ runners.delete_runner=Bu çalıştırıcıyı sil
 runners.delete_runner_success=Çalıştırıcı başarıyla silindi
 runners.delete_runner_failed=Çalıştırıcı silinemedi
 runners.delete_runner_header=Çalıştırıcıyı silmeyi onaylayın
-runners.delete_runner_notice=Eğer bu çalıştırıcıda bir görev çalışıyorsa, sonlandırılacak ve başarısız olarak işaretlenecek. Yapım iş akışını bozabilir.
 runners.none=Hiç çalıştırıcı yok
 runners.status.unspecified=Bilinmiyor
 runners.status.idle=BoÅŸta
diff --git a/options/locale/locale_uk-UA.ini b/options/locale/locale_uk-UA.ini
index 8c8911ceb6..c0de41a8c3 100644
--- a/options/locale/locale_uk-UA.ini
+++ b/options/locale/locale_uk-UA.ini
@@ -2,7 +2,9 @@ home=Головна
 dashboard=Панель управлінн�
 explore=Огл�д
 help=Довідка
+logo=Логотип
 sign_in=Увійти
+sign_in_with_provider=Увійдіть за допомогою %s
 sign_in_or=або
 sign_out=Вийти
 sign_up=Реє�траці�
@@ -15,35 +17,49 @@ template=Шаблон
 language=Мова
 notifications=Сповіщенн�
 active_stopwatch=Трекер робочого ча�у
+tracked_time_summary=Під�умок від�тежуваного ча�у на о�нові фільтрів �пи�ку задач
 create_new=Створити…
 user_profile_and_more=Профіль і налаштуванн�…
 signed_in_as=Увійшов �к
+enable_javascript=Дл� роботи цього �айту потрібен JavaScript.
 toc=Змі�т
 licenses=Ліцензії
 return_to_gitea=Повернути�� до Gitea
+more_items=Більше елементів
 
 username=Ім'� кри�тувача
 email=�дре�а електронної пошти
 password=Пароль
-access_token=Токен До�тупу
-re_type=Підтвердженн� парол�
+access_token=Токен до�тупу
+re_type=Підтвердити пароль
 captcha=CAPTCHA
-twofa=Двофакторна авторизаці�
+twofa=Двофакторна автентифікаці�
 twofa_scratch=Двофакторний одноразовий пароль
 passcode=Код до�тупу
 
+webauthn_insert_key=В�тавте ключ безпеки
+webauthn_sign_in=�ати�ніть кнопку на вашому ключі безпеки. Якщо ваш ключ без фізичної кнопки, поновно в�тавте ключ.
+webauthn_press_button=Будь ла�ка, нати�ніть кнопку на вашому ключі безпеки…
+webauthn_use_twofa=Викори�товуйте двофакторний код із Вашого телефона
+webauthn_error=�е вдало�� прочитати ваш ключ безпеки.
+webauthn_unsupported_browser=Ваш браузер наразі не підтримує WebAuthn.
+webauthn_error_unknown=Стала�� невідома помилка. Будь ла�ка, �пробуйте ще раз.
+webauthn_error_unable_to_process=Сервер не зміг обробити ваш запит.
+webauthn_error_duplicated=Ключ безпеки не підходить дл� цього запиту. Переконайте��, що ключ ще не зареє�тровано.
+webauthn_error_empty=Ви повинні в�тановити назву дл� цього ключа.
+webauthn_error_timeout=Ча� очікуванн� вичерпано, перш ніж ваш ключ було прочитано. Перезавантажте �торінку та �пробуйте ще раз.
 webauthn_reload=Оновити
 
-repository=Репозиторій
+repository=Сховище
 organization=Організаці�
 mirror=Дзеркало
 issue_milestone=Етап
-new_repo=�овий репозиторій
+new_repo=�ове �ховище
 new_migrate=�ова міграці�
 new_mirror=�ове дзеркало
-new_fork=�овий репозиторій - копі�
 new_org=�ова організаці�
 new_project=�овий проєкт
+new_project_column=�овий �товпець
 manage_org=Керуванн� організаці�ми
 admin_panel=Панель �дміні�тратора
 account_settings=�алаштуванн� облікового запи�у
@@ -53,7 +69,7 @@ your_starred=Обрані
 your_settings=�алаштуванн�
 
 all=У�і
-sources=Вла�ні
+sources=Джерела
 mirrors=Дзеркала
 collaborative=Спільні
 forks=Форки
@@ -65,303 +81,411 @@ milestones=Етапи
 
 ok=OK
 cancel=Відмінити
+retry=Повторіть �пробу
+rerun=Перезапу�тити
+rerun_all=Перезапу�тити в�і завданн�
 save=Зберегти
 add=Додати
 add_all=Додати в�е
 remove=Видалити
 remove_all=Видалити в�е
+remove_label_str=`Видалити елемент "%s"`
 edit=Редагувати
+view=Перегл�нути
+test=Те�т
 
 enabled=Увімкнено
 disabled=Вимкнено
+locked=Заблоковано
 
 copy=Копіювати
 copy_url=Копіювати URL
+copy_hash=Копіювати хеш
+copy_content=Копіювати вмі�т
 copy_branch=Копіювати назву гілки
+copy_path=Копіювати шл�х
 copy_success=Скопійовано!
 copy_error=�е вдало�� �копіювати
+copy_type_unsupported=Цей тип файлу не можна �копіювати
 
 write=Пи�ати
 preview=Попередній перегл�д
 loading=Завантаженн�…
+files=Файли
 
 error=Помилка
-error404=Сторінка, до �кої ви намагаєте�� звернути�� або до <strong>, не і�нує</strong> або <strong>Ви не маєте права</strong> на її перегл�д.
+error404=Сторінка, �ку ви намагаєте�� відкрити, <strong>не і�нує</strong> або <strong>ви не маєте права</strong> на її перегл�д.
+go_back=�азад
+invalid_data=�едій�ні дані: %v
 
 never=�іколи
+unknown=�евідомо
 
+rss_feed=Стрічка RSS
 
+pin=Закріпити
+unpin=Відкріпити
 
+artifacts=�ртефакти
+expired=Про�трочено
 
-archived=�рхівовані
+archived=�рхівовано
 
-concept_code_repository=Репозиторій
+concept_code_repository=Сховище
 concept_user_organization=Організаці�
 
+show_timestamps=Показувати ча�ові мітки
+show_log_seconds=Показувати �екунди
+show_full_screen=Показати на ве�ь екран
+download_logs=Завантажити журнали
 
+confirm_delete_selected=Підтверджуєте видаленн� в�іх вибраних елементів?
 
 name=�азва
+value=Значенн�
+readme=Файл readme
 
 filter=Фільтр
-filter.is_archived=�рхівовані
+filter.clear=Очи�тити фільтр
+filter.is_archived=�рхівовано
+filter.not_archived=�е архівовано
+filter.is_fork=Відгалужено
+filter.not_fork=�е відгалужено
+filter.is_mirror=Віддзеркалено
+filter.not_mirror=�е віддзеркалено
 filter.is_template=Шаблон
-filter.public=Публічний
+filter.not_template=�е шаблон
+filter.public=Публічна
 filter.private=Приватний
 
+no_results_found=�ічого не знайдено.
+internal_error_skipped=Трапила�ь внутрішн� помилка, але пропущена: %s
 
 [search]
+type_tooltip=Тип пошуку
+fuzzy=�еточний
+words=Слова
+words_tooltip=Включати тільки результати, �кі відповідають пошуковим �ловам
+regexp=Регул�рний вираз
+regexp_tooltip=Включати тільки результати, �кі відповідають пошуковому запиту регул�рного виразу
+exact=Точний
+exact_tooltip=Включати тільки результати, �кі відповідають точному пошуковому запиту
+code_search_unavailable=Пошук коду наразі недо�тупний. Будь ла�ка, зверніть�� до адміні�тратора �айту.
+code_search_by_git_grep=Поточні результати пошуку коду надають�� командою "git grep". Результати можуть бути кращими, �кщо адміні�тратор �айту увімкне індек�атор �ховища.
+no_results=�е знайдено жодного збігу.
+keyword_search_unavailable=Пошук за ключовими �ловами наразі недо�тупний. Будь ла�ка, зверніть�� до адміні�тратора �айту.
 
 [aria]
+navbar=Панель навігації
+footer=�ижній колонтитул
+footer.software=Про програмне забезпеченн�
+footer.links=По�иланн�
 
 [heatmap]
+number_of_contributions_in_the_last_12_months=%s вне�ків за о�танні 12 мі��ців
+no_contributions=�емає вне�ків
+less=Менше
+more=Більше
 
 [editor]
+buttons.heading.tooltip=Додати заголовок
+buttons.bold.tooltip=Додати грубий тек�т
+buttons.italic.tooltip=Додати кур�ивний тек�т
+buttons.quote.tooltip=Цитувати тек�т
+buttons.code.tooltip=Додати код
+buttons.link.tooltip=Додати по�иланн�
+buttons.list.unordered.tooltip=Додати �пи�ок
+buttons.list.ordered.tooltip=Додати нумерований �пи�ок
+buttons.list.task.tooltip=Додати �пи�ок завдань
+buttons.table.add.tooltip=Додати таблицю
 buttons.table.add.insert=Додати
+buttons.table.rows=Р�дки
+buttons.table.cols=Стовпці
+buttons.mention.tooltip=Згадати кори�тувача або команду
+buttons.ref.tooltip=По�иланн� на задачу або запит на злитт�
+buttons.switch_to_legacy.tooltip=Викори�товувати за�тарілий редактор
+buttons.enable_monospace_font=Увімкнути моноширинний шрифт
+buttons.disable_monospace_font=Вимкнути моноширинний шрифт
 
 [filter]
 
 [error]
 occurred=Стала�� помилка
+report_message=Якщо ви вважаєте, що це помилка Gitea, будь ла�ка, �пробуйте відшукати відповідну проблему на <a href="https://github.com/go-gitea/gitea/issues">GitHub</a> або �творіть нову, �кщо необхідно.
+not_found=Ціль не знайдено.
 network_error=Помилка мережі
 
 [startpage]
 app_desc=Зручний вла�ний �ерві� хо�тингу репозиторіїв Git
 install=Легко в�тановити
+install_desc=Про�то <a target="_blank" rel="noopener noreferrer" href="https://docs.gitea.com/installation/install-from-binary">запу�тіть двійковий файл</a> дл� вашої платформи, �кори�тайте�� <a target="_blank" rel="noopener noreferrer" href="https://github.com/go-gitea/gitea/tree/master/docker">Docker</a>, або в�тановіть <a target="_blank" rel="noopener noreferrer" href="https://docs.gitea.com/installation/install-from-package">�и�темою керуванн� пакунками</a>.
 platform=Платформонезалежні�ть
+platform_desc=Gitea запу�каєть�� будь-де, де <a target=«_blank» rel=«noopener noreferrer» href=«%s»>Go</a> може компілювати�ь: на Windows, macOS, Linux, ARM тощо. Виберіть платформу, �ку любите!
 lightweight=�евибагливі�ть
-lightweight_desc=Gitea має низькі вимоги до ре�ур�ів та може працювати на недорогому Raspberry Pi. Збережіть �вою машину енергію!
+lightweight_desc=Gitea має мінімальні вимоги і може працювати на недорогому Raspberry Pi. Заощаджуйте ре�ур�и вашої машини!
 license=Відкритий вихідний код
 
 [install]
 install=В�тановленн�
 title=Початкова конфігураці�
-docker_helper=Якщо ви запу�каєте Gitea в�ередині Docker, будь ла�ка уважно прочитайте <a target="_blank" rel="noopener" href="%s">документацію</a> перед тим, �к що�ь змінити на цій �торінці.
+docker_helper=Якщо ви запу�каєте Gitea у Docker, будь ла�ка, прочитайте <a target="_blank" rel="noopener noreferrer" href="%s">документацію</a> перед тим, �к змінювати будь-�кі налаштуванн�.
+require_db_desc=Gitea потребує MySQL, PostgreSQL, MSSQL, SQLite3 або TiDB (протокол MySQL).
 db_title=�алаштуванн� бази даних
 db_type=Тип бази даних
 host=Хо�т
 user=Ім'� кри�тувача
 password=Пароль
-db_name=Ім'� бази даних
+db_name=�азва бази даних
 db_schema=Схема
-db_schema_helper=Залиште пу�тим дл� бази даних за замовчуванн�м ("публічна").
+db_schema_helper=Залиште пу�тим дл� типової �хеми бази даних ("публічна").
 ssl_mode=SSL
 path=Шл�х
-sqlite_helper=Шл�х до файлу дл� бази даних SQLite3.<br>Введіть аб�олютний шл�х, �кщо ви запу�каєте Gіtea �к �ерві�.
+sqlite_helper=Шл�х до файлу бази даних SQLite3.<br>Введіть аб�олютний шл�х, �кщо ви запу�каєте Gіtea �к �ерві�.
 reinstall_error=Ви намагаєте�� в�тановити в на�вну базу даних Gitea
 reinstall_confirm_message=Повторне в�тановленн� в на�вну базу даних Gitea може �причинити багато проблем. В більшо�ті випадків, ви повинні викори�товувати �вій на�вний "app.ini" дл� запу�ку Gitea. Якщо ви знаєте, що робите, �пробуйте на�тупне:
-reinstall_confirm_check_1=Дані зашифровані з викори�танн�м SECRET_KEY з app.ini можуть бути втрачені: кори�тувачі не зможуть увійти з 2FA/OTP і дзеркала можуть працювати некоректно. В�тановлюючи цей прапорець, ви підтверджуєте, що в поточному файлі app.ini вказано правильне значенн� SECRET_KEY.
-reinstall_confirm_check_2=Репозиторії та налаштуванн� необхідно повторно �инхронізувати. В�тановлюючи цей прапорець, ви підтверджуєте, що ви �инхронізуватимете хуки репозиторіїв та authorized_keys вручну. Ви підтверджуєте, що налаштуванн� репозиторію і дзеркала є правильними.
-reinstall_confirm_check_3=Ви підтверджуєте, що повні�тю впевнені в тому, що дл� цього екземпл�ра Gitea вказано правильне розташуванн� app.ini та екземпл�р �лід в�тановити повторно. Ви підтверджуєте, що у�відомлюєте вищенаведені ризики.
+reinstall_confirm_check_3=Ви підтверджуєте, що аб�олютно впевнені, що Gitea працює з правильним розташуванн�м файлу app.ini, і що вам потрібно перев�тановити програму. Ви підтверджуєте, що у�відомлюєте вищевказані ризики.
 err_empty_db_path=Шл�х до файлу бази даних SQLite3 не може бути порожнім.
-no_admin_and_disable_registration=Ви не можете вимкнути реє�трацію до �творенн� облікового запи�у адміні�тратора.
+no_admin_and_disable_registration=Ви не можете вимкнути реє�трацію без �творенн� облікового запи�у адміні�тратора.
 err_empty_admin_password=Пароль адміні�тратора не може бути порожнім.
-err_empty_admin_email=Електронна адре�а адміні�тратора не може бути порожньою.
-err_admin_name_is_reserved=�еправильне ім'� кори�тувача-адміні�тратора - ім'� зарезервоване
-err_admin_name_pattern_not_allowed=Ім'� адміні�тратора недій�не, це ім'� підпадає під зарезервований шаблон
-err_admin_name_is_invalid=�еправильне ім'� кори�тувача-адміні�тратора
 
 general_title=Загальні налаштуванн�
 app_name=�азва �айту
 app_name_helper=Тут ви можете вве�ти назву �воєї компанії.
-repo_path=Кореневий шл�х репозиторі�
-repo_path_helper=В�і вилучені Git репозиторії будуть збережені в цей каталог.
-lfs_path=Кореневої шл�х Git LFS
-lfs_path_helper=У цій папці будуть зберігати�� файли Git LFS. Залиште порожнім, щоб вимкнути LFS.
-run_user=Запу�к від імені Кори�тувача
+repo_path=Кореневий шл�х �ховища
+repo_path_helper=До цього каталогу буде збережено віддалені �ховища Git.
+lfs_path=Кореневий шл�х Git LFS
+lfs_path_helper=У цій теці будуть зберігати�� файли Git LFS. Залиште порожнім, щоб вимкнути.
+run_user=Виконати �к
+run_user_helper=Ім'� кори�тувача операційної �и�теми, від імені �кого запу�каєть�� Gitea. Зауважте, що цей кори�тувач повинен мати до�туп до кореневого шл�ху �ховища.
 domain=Домен �ервера
-domain_helper=Домен або адре�а хо�та �ервера.
+domain_helper=Домен або хо�т-адре�а �ервера.
 ssh_port=Порт SSH �ервера
 ssh_port_helper=�омер порту, �кий викори�товує SSH �ервер. Залиште порожнім, щоб вимкнути SSH.
 http_port=Gitea HTTP порт
-http_port_helper=�омер порту, �кий буде про�луховувати�� Giteas веб-�ервером.
 app_url=Базова URL-адре�а Gitea
-app_url_helper=Базова адре�а дл� HTTP(S) клонуванн� через URL та повідомлень електронної пошти.
-log_root_path=Шл�х до лог файлу
-log_root_path_helper=Файли журналу будуть запи�ані в цей каталог.
-
-optional_title=Додаткові налаштуванн�
-email_title=�алаштуванн� Email
-smtp_addr=SMTP хо�т
-smtp_port=SMTP порт
-smtp_from=Відправл�ти Email від імені
-smtp_from_helper=Електронна пошта дл� викори�танн� в Gіtea. Введіть звичайну електронну адре�у або викори�товуйте формат: "Ім'�" <email@example.com>.
-mailer_user=SMTP Ім'� кри�тувача
-mailer_password=SMTP Пароль
-register_confirm=Потрібно підтвердити електронну пошту дл� реє�трації
+app_url_helper=Базова адре�а дл� URL-адре� клонів HTTP(S) та �повіщень електронною поштою.
+log_root_path=Шл�х до журналу
+log_root_path_helper=Файли журналу будуть запи�ані в цю теку.
+
+optional_title=�еобов'�зкові налаштуванн�
+email_title=�алаштуванн� електронної пошти
+smtp_addr=Сервер SMTP
+smtp_port=Порт SMTP
+smtp_from=Відправити ли�та від імені
+smtp_from_invalid=�дре�а "�аді�лати ли�та �к" недій�на
+smtp_from_helper=�дре�а електронної пошти, �ку буде викори�товувати Gitea. Введіть звичайну адре�у електронної пошти або викори�товуйте формат «Ім'�» <email@example.com>.
+mailer_user=Ім'� кори�тувача SMTP
+mailer_password=Пароль SMTP
+register_confirm=Вимагати підтвердженн� електронною поштою дл� реє�трації
 mail_notify=Увімкнути �повіщенн� електронною поштою
-server_service_title=Сервер і налаштуванн� зовнішніх �лужб
+server_service_title=�алаштуванн� �ервера і �торонніх �ерві�ів
 offline_mode=Увімкнути локальний режим
-offline_mode_popup=Відключити �торонні мережі до�тавки контенту і об�луговувати в�і ре�ур�и локально.
+offline_mode_popup=Вимкнути �торонні мережі до�тавки контенту та об�луговувати в�і ре�ур�и локально.
 disable_gravatar=Вимкнути Gravatar
-disable_gravatar_popup=Відключити Gravatar і �торонні джерела аватарів. Якщо кори�тувач не завантажить аватар локально то за замовчуванн�м буде викори�товувати�� �тандартний аватар.
-federated_avatar_lookup=Увімкнути федеративні аватари
-federated_avatar_lookup_popup=Увімкнути зовнішний �ватар за допомогою Libravatar.
-disable_registration=Вимкнути �амо�тійну реє�трацію
-disable_registration_popup=Вимкнути �амо�тійну реє�трацію кори�тувачів, тільки адміні�тратор може �творювати нові облікові запи�и.
+disable_gravatar_popup=Вимкнути Gravatar та �торонні джерела аватарок. Якщо кори�тувач локально не завантажить аватар, буде викори�товувати�� типовий аватар.
+federated_avatar_lookup=Увімкнути зовнішні аватари
+federated_avatar_lookup_popup=Увімкнути пошук об'єднаних аватарів за допомогою Libravatar.
+disable_registration=Вимкнути реє�трацію
+disable_registration_popup=Вимкнути реє�трацію кори�тувачів, тільки адміні�тратор може �творювати нові облікові запи�и.
 allow_only_external_registration_popup=Дозволити реє�трацію тільки через �торонні �ерві�и
-openid_signin=Увімкнути реє�трацію за допомогою OpenID
-openid_signin_popup=Увімкнути вхід за допомогою OpenID.
+openid_signin=Увімкнути вхід за допомогою OpenID
+openid_signin_popup=Увімкнути вхід кори�тувачів за допомогою OpenID.
 openid_signup=Увімкнути �амо�тійну реє�трацію за допомогою OpenID
 openid_signup_popup=Увімкнути �амореє�трацію кори�тувачів на о�нові OpenID.
-enable_captcha=Увімкнути CAPTCHA при реє�трації
-enable_captcha_popup=Вимагати перевірку CAPTCHA при �амо�тійній реє�трації кори�тувача.
+enable_captcha=Увімкнути CAPTCHA дл� реє�трації
+enable_captcha_popup=Вимагати CAPTCHA дл� �амореє�трації кори�тувачів.
 require_sign_in_view=Вимагати авторизації дл� перегл�ду �торінок
+require_sign_in_view_popup=Обмежити до�туп до �торінки лише дл� зареє�трованих кори�тувачів. Відвідувачі побачать тільки �торінки входу і реє�трації.
 admin_setting_desc=Створенн� облікового запи�у адміні�тратора необов'�зково. Перший зареє�трований кори�тувач автоматично �тає адміні�тратором.
 admin_title=�алаштуванн� облікового запи�у адміні�тратора
 admin_name=Ім'� кри�тувача �дміні�тратора
 admin_password=Пароль
-confirm_password=Підтвердженн� парол�
+confirm_password=Підтвердити пароль
 admin_email=�дре�а електронної пошти
-install_btn_confirm=В�тановленн� Gitea
-test_git_failed=�е в змозі перевірити 'git' команду: %v
+install_btn_confirm=В�тановити Gitea
+test_git_failed=�е вдало�� перевірити команду 'git': %v
 sqlite3_not_available=Ц� вер�і� Gitea не підтримує SQLite3. Будь ла�ка, завантажте офіційну бінарну вер�ію з %s (не вер�ію gobuild).
-invalid_db_setting=�алаштуванн� бази даних є некоректними: %v
-invalid_repo_path=Помилковий шл�х до корен� репозиторію: %v
-invalid_app_data_path=�екоректний шл�х до даних програми: %v
-run_user_not_match=Ім'� кори�тувача 'run as' не є поточним ім'�м кори�тувача: %s -> %s
-internal_token_failed=�е вдало�� згенерувати внутрішній токен: %v
-secret_key_failed=�е вдало�� згенерувати �екретний ключ: %v
-save_config_failed=�е в змозі зберегти конфігурацію: %v
-invalid_admin_setting=�еприпу�тимі налаштуванн� облікового запи�у адміні�тратора: %v
-invalid_log_root_path=�еприпу�тимий шл�х дл� логів: %v
-default_keep_email_private=Приховати адре�у електронної пошти за замовчуванн�м
-default_keep_email_private_popup=Приховати адре�у електронної пошти нових облікових запи�ів за замовчуванн�м.
-default_allow_create_organization=Дозволити �творенн� організацій за замовчуванн�м
-default_allow_create_organization_popup=Дозволити новим обліковим запи�ам кори�тувачів �творювати організації за замовчуванн�м.
-default_enable_timetracking=Увімкнути від�теженн� ча�у за замовчуванн�м
-default_enable_timetracking_popup=Включити від�теженн� ча�у дл� нових репозиторіїв за замовчуванн�м.
+invalid_db_setting=�алаштуванн� бази даних недій�ні: %v
+invalid_db_table=База даних таблиці "%s" є недій�ною: %v
+invalid_repo_path=Кореневий шл�х до �ховища невірний: %v
+invalid_app_data_path=Шл�х до даних додатка невірний: %v
+run_user_not_match=Ім'� кори�тувача “Виконати �к� не є поточним ім'�м кори�тувача: %s -> %s
+internal_token_failed=�е вдало�� �творити внутрішній токен: %v
+secret_key_failed=�е вдало�� �творити �екретний ключ: %v
+save_config_failed=�е вдало�� зберегти конфігурацію: %v
+invalid_admin_setting=�алаштуванн� облікового запи�у адміні�тратора є недій�ним: %v
+invalid_log_root_path=�еправильний шл�х до журналу: %v
+default_keep_email_private=Типово приховувати адре�и електронної пошти
+default_keep_email_private_popup=Типово приховувати адре�и електронної пошти нових облікових запи�ів.
+default_allow_create_organization=За замовчуванн�м дозволити �творенн� організацій
+default_allow_create_organization_popup=За замовчуванн�м дозволити новим кори�тувачам �творювати організації.
+default_enable_timetracking=За замовчуванн�м увімкнути від�теженн� ча�у
+default_enable_timetracking_popup=Увімкнути від�теженн� ча�у дл� нових �ховищ за замовчуванн�м.
 no_reply_address=Прихований поштовий домен
-no_reply_address_helper=Доменне ім'� дл� кори�тувачів із прихованою електронною адре�ою. �априклад, ім'� кори�тувача 'joe' буде входити в Git �к 'joe@noreply.example.org', �кщо дл� прихованого домену електронної пошти в�тановлено 'noreply.example.org'.
+no_reply_address_helper=Доменне ім'� дл� кори�тувачів із прихованою електронною адре�ою. �априклад, ім'� кори�тувача 'Joe' буде зображати�� в Git �к 'joe@noreply.example.org', �кщо прихований домен електронної пошти в�тановлено 'noreply.example.org'.
 password_algorithm=�лгоритм хешуванн� парол�
+invalid_password_algorithm=�едій�ний хеш-алгоритм парол�
+enable_update_checker=Увімкнути перевірку оновлень
+enable_update_checker_helper=Періодично перевір�ти на�вні�ть нових вер�ій, підключаючи�ь до gitea.io.
+env_config_keys=Конфігураці� �ередовища
+env_config_keys_prompt=�а�тупні змінні �ередовища також будуть за�то�овані до вашого файлу конфігурації:
+config_write_file_prompt=Ці параметри будуть запи�ані в: %s
 
 [home]
-uname_holder=Ім'� кори�тувача або Ел. пошта
+nav_menu=Меню навігації
+uname_holder=Ім'� кори�тувача або адре�а електронної пошти
 password_holder=Пароль
 switch_dashboard_context=Переключити контек�т панелі управлінн�
-my_repos=Репозиторії
-show_more_repos=Показати більше репозиторіїв…
-collaborative_repos=Спільні репозиторії
+my_repos=Сховища
+show_more_repos=Показати більше �ховищ…
+collaborative_repos=Спільні �ховища
 my_orgs=Мої організації
 my_mirrors=Мої дзеркала
 view_home=Перегл�нути %s
 filter=Інші фільтри
-filter_by_team_repositories=Фільтрувати за репозиторі�ми команд
+filter_by_team_repositories=Фільтрувати за �ховищами команд
 feed_of=`Стрічка "%s"`
 
 show_archived=�рхівовані
-show_both_archived_unarchived=Показано архівовані і не архівовані
+show_both_archived_unarchived=Показано архівовані і неархівовані
 show_only_archived=Показано тільки архівовані
-show_only_unarchived=Показано тільки не архівовані
+show_only_unarchived=Показано тільки неархівовані
 
 show_private=Приватні
 show_both_private_public=Показано публічні та приватні
 show_only_private=Показано тільки приватні
 show_only_public=Показано тільки публічні
 
-issues.in_your_repos=В ваших репозиторі�х
+issues.in_your_repos=У ваших �ховищах
 
+guide_title=Жодної активно�ті
+guide_desc=�аразі ви не �тежите за жодним �ховищем або кори�тувачем, тому нема чого відображати. Ви можете перегл�нути �ховища або кори�тувачів, �кі ва� цікавл�ть, за по�иланн�ми нижче.
+explore_repos=Огл�д �ховищ
+explore_users=Огл�д кори�тувачів
+empty_org=Організацій поки що немає.
+empty_repo=Сховищ поки що немає.
 
 [explore]
-repos=Репозиторії
+repos=Сховища
 users=Кори�тувачі
 organizations=Організації
+go_to=Перейти до
 code=Код
 code_last_indexed_at=О�танні індек�овані %s
+relevant_repositories_tooltip=Сховища, �кі є відгалуженими або не мають теми, піктограми й опи�у, приховують��.
+relevant_repositories=Показано лише важливі �ховища, <a href="%s">показати нефільтровані результати</a>.
 
 [auth]
 create_new_account=Реє�траці� облікового запи�у
-disable_register_prompt=Вибачте, можливі�ть реє�трації відключена. Будь ла�ка, зв'�жіть�� з адміні�тратором �айту.
+already_have_account=Вже зареє�тровані?
+sign_in_now=Увійдіть зараз!
+disable_register_prompt=Реє�трацію вимкнено. Будь ла�ка, зв'�жіть�� з адміні�тратором �айту.
 disable_register_mail=Підтвердженн� реє�трації електронною поштою вимкнено.
+manual_activation_only=Зверніть�� до адміні�тратора �айту дл� завершенн� активації.
 remember_me=Запам’�тати цей при�трій
+remember_me.compromised=Токен дл� входу більше не дій�ний, що може �відчити про �компрометований обліковий запи�. Перевірте �вій обліковий запи� на на�вні�ть незвичайних дій.
 forgot_password_title=Забув пароль
 forgot_password=Забули пароль?
-must_change_password=Оновіть �вій пароль
-allow_password_change=Вимагати в кори�тувача змінити пароль (рекомендуєть��)
-reset_password_mail_sent_prompt=Електронний ли�т із підтвердженн�м наді�лано <b>%s</b>. Перевірте папку 'Вхідні' в межах на�тупних %s, щоб завершити проце� відновленн� облікового запи�у.
+need_account=Потрібен обліковий запи�?
+sign_up_tip=Ви реє�труєте перший обліковий запи� у �и�темі, з правами адміні�тратора. Будь ла�ка, уважно запам'�тайте �воє ім'� кори�тувача та пароль. Якщо ви їх забудете, зверніть�� до документації Gitea, щоб відновити обліковий запи�.
+sign_up_now=Зареє�трувати��.
+sign_up_successful=Обліковий запи� �творено у�пішно. Вітаю!
+confirmation_mail_sent_prompt_ex=�овий ли�т з підтвердженн�м було наді�лано на <b>%s</b>. Будь ла�ка, перевірте �вою поштову �криньку прот�гом на�тупних %s, щоб завершити проце� реє�трації. Якщо ви вказали невірну адре�у електронної пошти, ви можете увійти ще раз і змінити її.
+must_change_password=Оновити пароль
+allow_password_change=Вимагати від кори�тувача змінити пароль (рекомендовано)
+reset_password_mail_sent_prompt=�а адре�у <b>%s</b> було наді�лано ли�т із підтвердженн�м. Будь ла�ка, перевірте �вою поштову �криньку прот�гом на�тупних %s, щоб завершити проце� відновленн� облікового запи�у.
 active_your_account=�ктивувати обліковий запи�
 account_activated=Обліковий запи� активовано
-prohibit_login=Вхід заборонений
-resent_limit_prompt=Вибачте, ви вже запро�или активацію по електронній пошті нещодавно. Будь ла�ка, зачекайте 3 хвилини, а потім �пробуйте ще раз.
-has_unconfirmed_mail=Привіт %s, у ва� є непідтверджена електронна адре�а (<b>%s </b>). Якщо ви не отримали електронний ли�т із підтвердженн�м або вам потрібно наді�лати новий, нати�ніть на кнопку нижче.
-resend_mail=�ати�ніть тут, щоб ви�лати ли�т активації знову
-email_not_associate=Ц� електронна пошта не пов'�зана ні з одним обліковим запи�ом.
-send_reset_mail=�аді�лати електронний ли�т дл� відновленн� облікового запи�у
+resent_limit_prompt=Ви вже над�илали запит на активацію нещодавно. Зачекайте 3 хвилини і �пробуйте ще раз.
+has_unconfirmed_mail=Привіт %s, у ва� непідтверджена адре�а електронної пошти (<b>%s</b>). Якщо ви не отримали ли�та з підтвердженн�м або вам потрібно наді�лати новий, будь ла�ка, нати�ніть кнопку нижче.
+change_unconfirmed_mail_address=Якщо ваша адре�а електронної пошти дл� реє�трації невірна, ви можете змінити її тут і наді�лати новий ли�т з підтвердженн�м.
+resend_mail=�ати�ніть тут, щоб повторно наді�лати ли�т з активацією
+email_not_associate=Ц� адре�а електронної пошти не пов'�зана з жодним обліковим запи�ом.
+send_reset_mail=�аді�лати ли�т дл� відновленн� облікового запи�у
 reset_password=Відновленн� облікового запи�у
-invalid_code=Цей код підтвердженн� недій�ний або закінчив��.
+invalid_code=Ваш код підтвердженн� недій�ний або його термін дії закінчив��.
+invalid_code_forgot_password=Ваш код підтвердженн� недій�ний або термін дії минув. �ати�ніть <a href="%s">тут</a>, щоб почати новий �еан�.
+invalid_password=Ваш пароль не збігаєть�� з паролем, �кий викори�товував�� при �творенні облікового запи�у.
 reset_password_helper=Відновити обліковий запи�
+reset_password_wrong_user=Ви увійшли �к %s, але по�иланн� дл� відновленн� облікового запи�у призначене дл� %s
 password_too_short=Довжина парол� не може бути меншою за %d �имволів.
-non_local_account=�елокальні акаунти не можуть змінити пароль через Gitea.
+non_local_account=�елокальні кори�тувачі не можуть оновити �вій пароль через вебінтерфей� Gitea.
 verify=Підтвердити
 scratch_code=Одноразовий пароль
-use_scratch_code=Викори�товувати одноразовий пароль
-twofa_scratch_used=Ви викори�товували одноразовий пароль. Ви були перенаправлені на �торінку налаштувань дл� генерації нового коду або відключенн� двуфакторної автентифікації.
-twofa_passcode_incorrect=Ваш пароль є невірним. Якщо ви втратили при�трій, викори�товуйте ваш одноразовий пароль.
+use_scratch_code=Скори�тати�ь одноразовим паролем
+twofa_scratch_used=Ви �кори�тали�� одноразовим паролем. Ва� перенаправлено на �торінку налаштувань двофакторної автентифікації, щоб видалити при�трій або згенерувати новий одноразовий пароль.
+twofa_passcode_incorrect=Ваш пароль неправильний. Якщо ви загубили �вій при�трій, �кори�тайте�� одноразовим паролем.
 twofa_scratch_token_incorrect=�евірний одноразовий пароль.
 login_userpass=Увійти
 login_openid=OpenID
 oauth_signup_tab=Зареє�трувати обліковий запи�
-oauth_signup_title=Повний новий обліковий запи�
-oauth_signup_submit=Повний обліковий запи�
-oauth_signin_tab=По�иланн� на і�нуючий обліковий запи�
+oauth_signup_title=Завершити реє�трацію облікового запи�у
+oauth_signup_submit=Поповнити обліковий запи�
+oauth_signin_tab=Прив'�зати до і�нуючого облікового запи�у
 oauth_signin_title=Увійдіть щоб авторизувати пов'�заний обліковий запи�
 oauth_signin_submit=Прив'�зати обліковий запи�
+oauth.signin.error.general=Під ча� обробки запиту на авторизацію �тала�� помилка: %s. Якщо ц� помилка повторить��, зверніть�� до адміні�тратора �айту.
+oauth.signin.error.access_denied=Запит на авторизацію відхилено.
+oauth.signin.error.temporarily_unavailable=Помилка авторизації, �ервер автентифікації тимча�ово недо�тупний. Спробуйте пізніше.
 openid_connect_submit=Під’єднати��
 openid_connect_title=Підключити�� до і�нуючого облікового запи�у
-openid_connect_desc=Вибраний OpenID URI невідомий. Пов'�жіть його з новим обліковим запи�ом тут.
+openid_connect_desc=Обраний OpenID URI невідомий. Зв'�жіть його тут з новим обліковим запи�ом.
 openid_register_title=Створити новий обліковий запи�
-openid_register_desc=Вибраний OpenID URI невідомий. Пов'�жіть йогоз новим обліковим запи�ом тут.
-disable_forgot_password_mail=Відновленн� облікового запи�у вимкнено, о�кільки не налаштована електронна пошта. Будь ла�ка, зв'�жіть�� з адміні�тратором �айту.
-disable_forgot_password_mail_admin=Відновленн� облікового запи�у до�тупне лише пі�л� налаштуванн� електронної пошти. Будь ла�ка, налаштуйте ел. пошту дл� відновленн� облікового запи�у.
-email_domain_blacklisted=З вказаним email реє�траці� неможлива.
+openid_register_desc=Обраний OpenID URI невідомий. Зв'�жіть його тут з новим обліковим запи�ом.
+openid_signin_desc=Введіть �вій OpenID URI. �априклад: alice.openid.example.org або https://openid.example.org/alice.
+email_domain_blacklisted=Ви не можете зареє�трувати�� з адре�ою електронної пошти.
 authorize_application=�вторизувати програму
 authorize_redirect_notice=Ва� буде переадре�овано до %s, �кщо ви авторизуєте цю програму.
 authorize_application_created_by=Ц� програма �творена %s.
-authorize_application_description=Якщо ви нада�те цей до�туп, то він матиме до�туп до в�іх ваших даних облікового запи�у, включаючи приватні репозиторії та організації.
-authorize_title=�вторизуйвати "%s" дл� до�тупу до вашого облікового запи�у?
+authorize_title=�вторизувати "%s" дл� до�тупу до вашого облікового запи�у?
 authorization_failed=Помилка авторизації
-sspi_auth_failed=Помилка SSPI-автентифікації
+sspi_auth_failed=Помилка автентифікації SSPI
+password_pwned=Пароль, �кий ви обрали, знаходить�� в <a target="_blank" rel="noopener noreferrer" href="https://haveibeenpwned.com/Passwords">�пи�ку викрадених паролів</a>, раніше викритих в публічних витоках даних. Спробуйте ще раз з іншим паролем і подумайте про зміну цього парол� деінде.
 password_pwned_err=�е вдало�� виконати запит до HaveIBeenPwed
+last_admin=�е можна видалити о�таннього адміні�тратора. Повинен бути хоча б один адміні�тратор.
+signin_passkey=Увійти за допомогою ключа до�тупу
+back_to_sign_in=Повернути�� до авторизації
 
 [mail]
 view_it_on=Перегл�нути на %s
-link_not_working_do_paste=�е працює? Спробуйте �копіювати та в�тавити його в �вій браузер.
+reply=або надішліть відповідь безпо�ередньо на цей електронний ли�т
+link_not_working_do_paste=�е працює? Спробуйте �копіювати та в�тавити його у браузер.
 hi_user_x=Привіт <b>%s</b>,
 
 activate_account=Будь ла�ка, активуйте ваш обліковий запи�
 activate_account.title=%s, будь ла�ка, активуйте �вій обліковий запи�
 activate_account.text_1=Привіт, <b>%[1]s</b>, д�куємо за реє�трацію на %[2]s!
-activate_account.text_2=Перейдіть за цим по�иланн�м, щоб активувати ваш обліковий запи� в <b>%s</b>:
+activate_account.text_2=Будь ла�ка, перейдіть за на�тупним по�иланн�м, щоб активувати �вій обліковий запи� прот�гом <b>%s</b>:
 
-activate_email=Підтвердить вашу адре�у електронної пошти
-activate_email.text=Перейдіть за цим по�иланн�м, щоб підтвердити вашу електронну адре�у в <b>%s</b>:
+activate_email=Підтвердіть адре�у електронної пошти
+activate_email.title=%s, будь ла�ка, підтвердіть вашу адре�у електронної пошти
+activate_email.text=Будь ла�ка, перейдіть за на�тупним по�иланн�м прот�гом <b>%s</b>, щоб підтвердити �вою електронну адре�у:
 
+register_notify=Ла�каво про�имо до %s
 register_notify.title=%[1]s, ла�каво про�имо до %[2]s
-register_notify.text_1=це ваша е-пошта дл� підтвердженн� реє�трації дл� %s!
-register_notify.text_2=Тепер ви можете увійти �к: %s.
-register_notify.text_3=Якщо цей обліковий запи� було �творено дл� ва�, будь ла�ка, �початку <a href="%s">в�тановіть �вій пароль</a>.
+register_notify.text_3=Якщо цей обліковий запи� �творено дл� ва�, будь ла�ка, �першу <a href="%s">в�тановіть пароль</a>.
 
-reset_password=Відновленн� вашого облікового запи�у
-reset_password.title=%s, ви відправили запит на відновленн� облікового запи�у
-reset_password.text=Перейдіть за цим по�иланн�м, щоб відновити ваш обліковий запи� в <b>%s</b>:
+reset_password=Відновити обліковий запи�
+reset_password.title=%s, ви наді�лали запит на відновленн� облікового запи�у
+reset_password.text=Щоб відновити обліковий запи�, перейдіть за на�тупним по�иланн�м прот�гом <b>%s</b>:
 
 register_success=Реє�траці� у�пішна
 
-issue_assigned.pull=@%[1]s призначив вам запит злитт� %[2]s в репозиторії %[3]s.
-issue_assigned.issue=@%[1]s призначив вам задачу %[2]s у репозиторії %[3]s.
+issue_assigned.pull=@%[1]s призначив вам запит на злитт� %[2]s в �ховищі %[3]s.
+issue_assigned.issue=@%[1]s призначив вам задачу %[2]s в �ховищі %[3]s.
 
 issue.x_mentioned_you=<b>@%s</b> згадав ва�:
-issue.action.force_push=<b>%[1]s</b> force-pushed <b>%[2]s</b> з %[3]s в %[4]s.
-issue.action.push_1=<b>@%[1]s</b> наді�лав %[3]d коміти %[2]s
-issue.action.push_n=<b>@%[1]s</b> відправив %[3]d коміти до %[2]s
-issue.action.close=<b>@%[1]s</b> закрито #%[2]d.
+issue.action.push_1=<b>@%[1]s</b> наді�лав %[3]d коміт в %[2]s
+issue.action.push_n=<b>@%[1]s</b> наді�лав %[3]d коміти до %[2]s
+issue.action.close=<b>@%[1]s</b> закрив #%[2]d.
 issue.action.reopen=<b>@%[1]s</b> заново відкрив #%[2]d.
 issue.action.merge=<b>@%[1]s</b> об'єднав #%[2]d до %[3]s.
-issue.action.approve=<b>@%[1]s</b> затвердили цей запит на злитт�.
-issue.action.reject=<b>@%[1]s</b> запитують зміни на цей запит на злитт�.
-issue.action.review=<b>@%[1]s</b> прокоментували цей запит на злитт�.
-issue.action.review_dismissed=<b>@%[1]s</b> відхилено о�танній відгук від %[2]s дл� цього запиту на злитт�.
-issue.action.ready_for_review=<b>@%[1]s</b> позначили цей запит на злитт� �к готовий до розгл�ду.
-issue.action.new=<b>@%[1]s</b> �творили #%[2]d.
+issue.action.approve=<b>@%[1]s</b> затвердив цей запит на злитт�.
+issue.action.reject=<b>@%[1]s</b> запро�ив зміни у цьому запиті на злитт�.
+issue.action.review=<b>@%[1]s</b> прокоментував цей запит на злитт�.
+issue.action.review_dismissed=<b>@%[1]s</b> відхилив о�танній відгук від %[2]s на цей запит на злитт�.
+issue.action.ready_for_review=<b>@%[1]s</b> позначив цей запит на злитт� �к готовий до розгл�ду.
+issue.action.new=<b>@%[1]s</b> �творив #%[2]d.
 issue.in_tree_path=Ð’ %s:
 
 release.new.subject=%s в %s випущено
@@ -372,35 +496,39 @@ release.downloads=Звантаженн�:
 release.download.zip=Вихідний код (ZIP)
 release.download.targz=Вихідний код (TAR.GZ)
 
-repo.transfer.subject_to=%s бажає передати"%s" в %s
-repo.transfer.subject_to_you=%s бажає передати"%s" вам
+repo.transfer.subject_to=%s хоче перене�ти "%s" в %s
+repo.transfer.subject_to_you=%s хоче передати"%s" вам
 repo.transfer.to_you=вам
-repo.transfer.body=Щоб прийн�ти або відхилити перейдіть до %s або про�то ігноруйте.
 
 repo.collaborator.added.subject=%s додав ва� до %s
-repo.collaborator.added.text=Ви були додані в �ко�ті �півавтора репозиторію:
+repo.collaborator.added.text=Ва� додали �к �півавтора до �ховища:
 
+team_invite.subject=%[1]s запрошує ва� приєднати�� до організації %[2]s
+team_invite.text_1=%[1]s запрошує ва� до команди %[2]s в організації %[3]s.
+team_invite.text_2=Перейдіть за по�иланн�м, щоб приєднати�� до команди:
+team_invite.text_3=Примітка: Це запрошенн� призначене дл� %[1]s. Якщо ви не очікували цього запрошенн�, ви можете проігнорувати це повідомленн�.
 
 [modal]
 yes=Так
 no=�і
+confirm=Підтвердити
 cancel=Відмінити
-modify=Оновленн�
+modify=Оновити
 
 [form]
 UserName=Ім’� кори�тувача
-RepoName=�азва репозиторію
+RepoName=�азва �ховища
 Email=�дре�а електронної пошти
 Password=Пароль
-Retype=Підтвердженн� парол�
-SSHTitle=Iм'� SSH ключа
+Retype=Підтвердити пароль
+SSHTitle=�азва ключа SSH
 HttpsUrl=�дре�а HTTPS
 PayloadUrl=URL обробника
 TeamName=�азва команди
 AuthName=�азва авторизації
-AdminEmail=Email адміні�тратора
+AdminEmail=�дре�а електронної пошти адміні�тратора
 
-NewBranchName=Ім'� нової гілки
+NewBranchName=�азва нової гілки
 CommitSummary=Резюме коміту
 CommitMessage=Повідомленн� коміту
 CommitChoice=Вибір коміта
@@ -410,76 +538,115 @@ Content=Змі�т
 SSPISeparatorReplacement=Розділювач
 SSPIDefaultLanguage=Типова мова
 
-require_error=` не може бути пу�тим.`
-alpha_dash_error=` повинен мі�тити тільки літерно-цифрові �имволи, дефі� ('-') та підкре�ленн� ('_'). `
-alpha_dash_dot_error=` повинен мі�тити тільки літерно-цифрові �имволи, дефі� ('-') , підкре�ленн� ('_') та точки ('.'). `
-git_ref_name_error=` повинен бути правильним по�илальним ім'�м Git.`
+require_error=` не може бути порожнім.`
+alpha_dash_error=` повинен мі�тити тільки алфавітно-цифрові �имволи, дефі� ('-') та підкре�ленн� ('_').`
+alpha_dash_dot_error=` повинен мі�тити тільки алфавітно-цифрові �имволи, дефі� ('-'), підкре�ленн� ('_') та крапку ('.').`
+git_ref_name_error=` повинен бути правильно �формованим ім'�м-по�иланн�м на Git.`
 size_error=` повинен бути розмір %s.`
-min_size_error=` повинен бути принаймні %s �имволів.`
-max_size_error=` повинен бути не більш �к %s �имволів.`
-email_error=` не є адре�ою електронної пошти.`
-glob_pattern_error=` неприпу�тимий шаблон glob: %s.`
-regex_pattern_error=` неприпу�тимий шаблон regex: %s.`
+min_size_error=` має мі�тити принаймні %s �имволів.`
+max_size_error=` має мі�тити не більше %s �имволів.`
+email_error=` не є дій�ною адре�ою електронної пошти.`
+url_error=`"%s" не є дій�ною URL-адре�ою.`
+include_error=` повинен мі�тити підр�док "%s".`
+glob_pattern_error=` недій�ний шаблон glob: %s.`
+regex_pattern_error=` недій�ний шаблон регул�рного виразу: %s.`
 unknown_error=�евідома помилка:
 captcha_incorrect=Код CAPTCHA неправильний.
-password_not_match=Паролі не �півпадають.
-lang_select_error=Оберіть мову з переліку.
-
-username_been_taken=Ім'� кори�тувача вже зайн�то.
-username_change_not_local_user=�елокальні кори�тувачі не можуть змінити �воє ім'� кори�тувача.
-repo_name_been_taken=Ім'� репозіторію вже викори�товуєть��.
-repository_files_already_exist=Файли вже і�нують дл� цього репозитарію. Зверніть�� до �и�темного адміні�тратора.
-repository_files_already_exist.adopt=Файли вже і�нують дл� цього репозиторію і можуть бути лише прийн�ті.
-repository_files_already_exist.delete=Файли вже і�нують дл� цього �ховища. Ви повинні видалити їх.
-repository_files_already_exist.adopt_or_delete=Файли вже і�нують дл� цього репозиторію. Їх можливо прийн�ти або видалити.
-visit_rate_limit=Обмеженн� швидко�ті віддаленого до�тупу.
-2fa_auth_required=Дл� віддаленого до�тупу необхідна двуфакторна аутентифікаці�.
-org_name_been_taken=�азва організації вже зайн�то.
-team_name_been_taken=�азва команди вже зайн�то.
-team_no_units_error=Дозволити до�туп до принаймні одного розділу репозитарію.
-email_been_used=Ц� електронна адре�а вже викори�товуєть��.
-email_invalid=�дре�а електронної пошти помилкова.
+password_not_match=Паролі не збігають��.
+lang_select_error=Оберіть мову зі �пи�ку.
+
+username_been_taken=Ім'� кори�тувача вже зайн�те.
+username_change_not_local_user=�елокальні кори�тувачі не можуть змінювати �воє ім'� кори�тувача.
+change_username_disabled=Зміна імені кори�тувача відключена.
+change_full_name_disabled=Зміна повного імені відключена.
+username_has_not_been_changed=Ім'� кори�тувача не змінено
+repo_name_been_taken=�азва �ховища вже викори�товуєть��.
+repository_force_private=Приму�ову приватні�ть ввімкнено: приватні �ховища не можна зробити загальнодо�тупними.
+repository_files_already_exist=Дл� цього �ховища вже і�нують файли. Зверніть�� до �и�темного адміні�тратора.
+repository_files_already_exist.delete=Дл� цього �ховища вже і�нують файли. Ви повинні видалити їх.
+repository_files_already_exist.adopt_or_delete=Дл� цього �ховища вже і�нують файли. Прийміть їх або видаліть.
+visit_rate_limit=Віддалений до�туп відхилено у зв'�зку з обмеженн�м кілько�ті �проб.
+org_name_been_taken=�азва організації вже зайн�та.
+team_name_been_taken=�азва команди вже зайн�та.
+team_no_units_error=Дозволити до�туп до принаймні одного розділу �ховища.
+email_been_used=�дре�а електронної пошти вже викори�товуєть��.
+email_invalid=�дре�а електронної пошти недій�на.
+openid_been_used=�дре�а OpenID '%s' вже викори�товуєть��.
 username_password_incorrect=�еправильне ім'� кори�тувача або пароль.
-password_complexity=Пароль не відповідає вимогам до �кладно�ті:
-password_lowercase_one=Принаймні одна буква в нижньому регі�трі
-password_uppercase_one=Принаймні одна буква в верхньому регі�трі
+password_complexity=Пароль не відповідає вимогам �кладно�ті:
+password_lowercase_one=Принаймні один �имвол нижнього регі�тру
+password_uppercase_one=Принаймні один �имвол верхнього регі�тру
 password_digit_one=Принаймні одна цифра
-password_special_one=Принаймні один �пеціальний �имвол (пунктуаці�, дужки, лапки тощо)
-enterred_invalid_repo_name=�евірно введено ім'� репозиторію.
-enterred_invalid_org_name=�евірно введено ім'� організації.
-enterred_invalid_owner_name=Ім'� нового вла�ника не є дій�ним.
-enterred_invalid_password=Введений вами пароль некоректний.
-user_not_exist=Даний кори�тувач не і�нує.
+password_special_one=Принаймні один �пеціальний �имвол (розділові знаки, дужки, лапки тощо)
+enterred_invalid_repo_name=Ви ввели неправильну назву �ховища.
+enterred_invalid_org_name=Ви ввели неправильну назву організації.
+enterred_invalid_owner_name=Ім'� нового вла�ника недій�не.
+enterred_invalid_password=Ви ввели неправильний пароль.
+unset_password=Кори�тувач не в�тановив пароль.
+unsupported_login_type=Тип входу не підтримуєть�� дл� видаленн� облікового запи�у.
+user_not_exist=Кори�тувач не і�нує.
 team_not_exist=Команда не і�нує.
-last_org_owner=Ви не можете видалити о�таннього кори�тувача з команди 'вла�ники'. У кожній команді має бути принаймні один вла�ник.
+last_org_owner=Ви не можете видалити о�таннього кори�тувача з групи 'вла�ників'. В організації має бути принаймні один вла�ник.
 cannot_add_org_to_team=Організацію неможливо додати �к уча�ника команди.
+duplicate_invite_to_team=Кори�тувача вже запрошено �к члена команди.
+organization_leave_success=Ви у�пішно покинули організацію %s.
 
-invalid_ssh_key=�еможливо перевірити ваш SSH ключ: %s
-invalid_gpg_key=�еможливо перевірити ваш GPG ключ: %s
-invalid_ssh_principal=�екоректний відповідальний: %s
+invalid_ssh_key=�е вдаєть�� перевірити ключ SSH: %s
+invalid_gpg_key=�е вдаєть�� перевірити ключ GPG: %s
+invalid_ssh_principal=�евірна ідентичні�ть: %s
+must_use_public_key=�аданий вами ключ — приватний. Будь ла�ка, нікуди не завантажуйте �вій приватний ключ. �атомі�ть викори�товуйте публічний ключ.
 auth_failed=Помилка автентифікації: %v
 
 
 target_branch_not_exist=Цільової гілки не і�нує.
+target_ref_not_exist=Цільове по�иланн� не і�нує %s
 
+admin_cannot_delete_self=Ви не можете видалити �ебе, допоки ви адміні�тратор. Будь ла�ка, �початку видаліть права адміні�тратора.
 
 [user]
-change_avatar=Змінити �вій аватар…
-repositories=Репозиторії
+change_avatar=Змінити аватар…
+joined_on=Приєднав��(-ла�ь) %s
+repositories=Сховища
 activity=Публічна активні�ть
-followers=Читачі
+followers=По�лідовники
 show_more=Показати більше
-starred=Обрані Репозиторії
-watched=Від�тежувані репозиторії
-projects=Проєкт
+starred=Обрані �ховища
+watched=Від�тежувані �ховища
+code=Код
+projects=Проєкти
 overview=Огл�д
-following=Читає
-follow=Підпи�ати��
-unfollow=Відпи�ати��
+following=Від�тежувані
+follow=Стежити
+unfollow=�е �тежити
 user_bio=Біографі�
-disabled_public_activity=Цей кори�тувач вимкнув публічний показ ді�льно�ті.
-
-
+disabled_public_activity=Цей кори�тувач вимкнув публічну видимі�ть активно�ті.
+email_visibility.limited=Ваша електронна пошта видима дл� в�іх автентифікованих кори�тувачів
+email_visibility.private=Вашу адре�у електронної пошти бачитимете лише ви та адміні�тратори
+show_on_map=Показати це мі�це на карті
+settings=�алаштуванн� кори�тувача
+
+form.name_reserved=Ім'� кори�тувача "%s" зарезервовано.
+form.name_pattern_not_allowed=Шаблон "%s" не дозволено в імені кори�тувача.
+
+block.block=Заблокувати
+block.block.user=Заблокувати кори�тувача
+block.block.failure=�е вдало�� заблокувати кори�тувача: %s
+block.unblock=Розблокувати
+block.unblock.failure=�е вдало�� розблокувати кори�тувача: %s
+block.blocked=Ви заблокували цього кори�тувача.
+block.title=Заблокувати кори�тувача
+block.info=Блокуванн� кори�тувача не дозвол�є йому взаємоді�ти зі �ховищами, наприклад, відкривати або коментувати запити на злитт� або задачі. Дізнайте�� більше про блокуванн� кори�тувача.
+block.info_1=Блокуванн� кори�тувача запобігає на�тупним ді�м у вашому обліковому запи�і та ваших �ховищах:
+block.info_2=�лідкують за вашим обліковим запи�ом
+block.info_3=над�илати вам �повіщенн� @згадавши ваше ім'�
+block.info_6=відкритт� та коментуванн� задач або запитів на злитт�
+block.user_to_block=Блокувати Кори�тувача
+block.note=Примітка
+block.note.title=�еобов’�зкова примітка:
+block.note.info=�отатка не видима дл� заблокованого кори�тувача.
+block.note.edit=Редагувати нотатку
+block.list=Заблоковані кори�тувачі
+block.list.none=Ви не заблокували жодного кори�тувача.
 
 [settings]
 profile=Профіль
@@ -488,336 +655,436 @@ appearance=Зовнішній вигл�д
 password=Пароль
 security=Безпека
 avatar=�ватар
-ssh_gpg_keys=SSH / GPG ключі
+ssh_gpg_keys=Ключі SSH / GPG
 social=Соціальні облікові запи�и
 applications=Додатки
 orgs=Керуванн� організаці�ми
 repos=Репозиторії
 delete=Видалити обліковий запи�
+twofa=Двофакторна автентифікаці� (TOTP)
 account_link=Прив'�зані облікові запи�и
 organization=Організації
+uid=UID
+webauthn=Двофакторна автентифікаці� (ключі безпеки)
 
 public_profile=Загальнодо�тупний профіль
+biography_placeholder=Розкажіть нам трохи про �ебе! (Ви можете викори�товувати Markdown)
+location_placeholder=Ділити�� �воїм приблизним географічним положенн�м з іншими
+password_username_disabled=Вам не дозволено змінювати ім'� кори�тувача. Будь ла�ка, зв'�жіть�� з адміні�тратором �айту дл� отриманн� більш докладної інформації.
+password_full_name_disabled=Вам не дозволено змінювати ваше ім'�. Будь ла�ка, зв'�жіть�� з адміні�тратором �айту дл� більш докладної інформації.
 full_name=Повне ім'�
 website=Веб-�айт
 location=Мі�цезнаходженн�
 update_theme=Оновити тему
 update_profile=Оновити профіль
 update_language=Оновити мову
+update_language_not_found=Мова "%s" недо�тупна.
 update_language_success=Мову оновлено.
 update_profile_success=Профіль у�пішно оновлено.
-change_username=Ваше Ім'� кри�тувача було змінено.
+change_username=Ваше ім'� кори�тувача змінено.
+change_username_prompt=Примітка: Зміна імені кори�тувача також змінює URL-адре�у облікового запи�у.
+change_username_redirect_prompt=Старе ім'� кори�тувача буде перенаправл�ти�� на нове, поки хто�ь не викори�тає його.
 continue=Продовжити
 cancel=Відмінити
 language=Мова
 ui=Тема
+hidden_comment_types=Приховані типи коментарів
+hidden_comment_types.ref_tooltip=Коментарі, де на цю задачу було зроблено по�иланн� з іншого випу�ку/коміту/…
+hidden_comment_types.issue_ref_tooltip=Коментарі, в �ких кори�тувач змінює гілку/тег, пов'�зані з нею
+comment_type_group_reference=По�иланн�
 comment_type_group_label=Мітка
 comment_type_group_milestone=Етап
 comment_type_group_assignee=Виконавець
 comment_type_group_title=Заголовок
 comment_type_group_branch=Гілка
+comment_type_group_time_tracking=Облік ча�у
+comment_type_group_deadline=Крайній �трок
+comment_type_group_dependency=Залежні�ть
+comment_type_group_lock=Стату� блокуванн�
+comment_type_group_review_request=Запит на перевірку
+comment_type_group_pull_request_push=Додані коміти
 comment_type_group_project=Проєкт
+comment_type_group_issue_ref=По�иланн� на задачу
+saved_successfully=Ваші налаштуванн� у�пішно збережено.
 privacy=Приватні�ть
+keep_activity_private=Приховати активні�ть зі �торінки профілю
 keep_activity_private_popup=Показувати вашу активні�ть лише Вам та адміні�траторам
 
 lookup_avatar_by_mail=Знайти �ватар за адре�ою електронної пошти
 federated_avatar_lookup=Знайти зовнішній аватар
-enable_custom_avatar=Увімкнути кори�тувацькі аватари
-choose_new_avatar=Оберіть новий аватар
+enable_custom_avatar=Увімкнути кори�тувацький аватар
+choose_new_avatar=Обрати новий аватар
 update_avatar=Оновити аватар
 delete_current_avatar=Видалити поточний аватар
 uploaded_avatar_not_a_image=Завантажений файл не є зображенн�м.
-update_avatar_success=Ваш аватар був змінений.
+uploaded_avatar_is_too_big=Розмір завантаженого файлу (%d KiB) перевищує мак�имальний розмір (%d KiB).
+update_avatar_success=Ваш аватар оновлено.
 update_user_avatar_success=�ватар кори�тувача оновлено.
+cropper_prompt=Ви можете відредагувати зображенн� перед збереженн�м. Відредаговане зображенн� буде збережено �к PNG.
 
 change_password=Оновити пароль
 old_password=Поточний пароль
 new_password=�овий пароль
+retype_new_password=Підтвердити новий пароль
 password_incorrect=Поточний пароль неправильний.
-change_password_success=Ваш пароль був оновлений. Тепер увійдіть в �и�тему, викори�товуючи новий пароль.
-password_change_disabled=�елокальні акаунти не можуть змінити пароль через Gitea.
+change_password_success=Ваш пароль оновлено. Відтепер входьте в �и�тему, викори�товуючи новий пароль.
+password_change_disabled=�елокальні кори�тувачі не можуть оновити �вій пароль через вебінтерфей� Gitea.
 
 emails=�дре�а електронної пошти
-manage_emails=Керуванн� адре�ами ел. пошти
-manage_themes=Виберіть тему за замовчуванн�м
-manage_openid=Керуванн� OpenID
+manage_emails=Керуванн� адре�ами електронної пошти
+manage_themes=Обрати типову тему
+manage_openid=Керуванн� адре�ами OpenID
+email_desc=Ваша о�новна адре�а електронної пошти викори�товуватиметь�� дл� �повіщень, відновленн� парол� і, за умови, що вона не прихована, дл� веб-операцій з Git.
 theme_desc=Ц� тема буде типовою дл� в�ього �айту.
 primary=О�новний
 activated=�ктивовано
 requires_activation=Потрібна активаці�
-primary_email=Зробити о�новним
+primary_email=Зробити о�новною
 activate_email=�аді�лати активацію
-activations_pending=�ктивації в очікуванні
+activations_pending=Очікуванн� активації
 delete_email=Видалити
 email_deletion=Видалити адре�у електронної пошти
-email_deletion_desc=Електронна адре�а та пов'�зана з нею інформаці� буде видалена з вашого облікового запи�у. Git коміти, здій�нені через цю електронну адре�у, залишить�� без змін. Продовжити?
-email_deletion_success=�дре�у електронної пошти було видалено.
+email_deletion_success=�дре�у електронної пошти видалено.
 theme_update_success=Тему оновлено.
-theme_update_error=Вибрана тема не і�нує.
+theme_update_error=Обрана тема не і�нує.
 openid_deletion=Видалити адре�у OpenID
-openid_deletion_desc=Видаленн� цієї OpenID-адре�и з вашого облікового запи�у заборон�є вам входити з ним. Продовжити?
-openid_deletion_success=�дре�а OpenID була видалена.
+openid_deletion_desc=Видаленн� цієї адре�и OpenID не дозволить вам увійти за нею. Продовжити?
+openid_deletion_success=�дре�у OpenID видалено.
 add_new_email=Додати нову адре�у електронної пошти
 add_new_openid=Додати новий OpenID URI
 add_email=Додати адре�у електронної пошти
 add_openid=Додати OpenID URI
+add_email_confirmation_sent=Електронний ли�т із підтвердженн�м було відправлено на '%s', будь ла�ка, перевірте вашу поштову �криньку прот�гом на�тупних %s, щоб підтвердити адре�у.
 add_email_success=Додано нову адре�у електронної пошти.
-email_preference_set_success=�алаштуванн� електронної пошти у�пішно в�тановлені.
-add_openid_success=�ова адре�а OpenID була додана.
+email_preference_set_success=�алаштуванн� електронної пошти у�пішно в�тановлено.
+add_openid_success=Додано нову адре�у OpenID.
 keep_email_private=Приховати адре�у електронної пошти
-openid_desc=OpenID дозвол�є делегувати аутентифікацію зовнішньому по�тачальнику по�луг.
+openid_desc=OpenID дозвол�є делегувати автентифікацію зовнішньому по�тачальнику по�луг.
 
-manage_ssh_keys=Керувати SSH ключами
-manage_ssh_principals=Управлінн� SSH �ертифікатами кори�тувачів
-manage_gpg_keys=Керувати GPG ключами
+manage_ssh_keys=Керувати ключами SSH
+manage_ssh_principals=Керуванн� ідентично�т�ми �ертифікатів SSH
+manage_gpg_keys=Керувати ключами SSH
 add_key=Додати ключ
-ssh_desc=Ці відкриті SSH-ключі пов'�зані з вашим обліковим запи�ом. Відповідні приватні ключі дозвол�ють отримати повний до�туп до ваших репозиторіїв.
-principal_desc=Ці на�тройки SSH �ертифікатів вказані у вашому обліковому запи�і та надають повний до�туп до ваших репозиторіїв.
-gpg_desc=Ці публічні ключі GPG пов'�зані з вашим обліковим запи�ом. Тримайте �вої приватні ключі в безпеці, о�кільки вони дозвол�ють здій�нювати перевірку комітів.
-ssh_helper=<strong>Потрібна допомога?</strong> Дивіть�� гід на GitHub з <a href="%s"> генерації ключів SSH</a> або виправленн� <a href="%s">типових неполадок SSH</a>.
-gpg_helper=<strong> Потрібна допомога? </strong> Перегл�ньте по�ібник GitHub <a href="%s"> про GPG </a>.
-add_new_key=Додати SSH ключ
-add_new_gpg_key=Додати GPG ключ
+ssh_desc=Ці публічні ключі SSH пов'�зані з вашим обліковим запи�ом. Відповідні приватні ключі надають повний до�туп до ваших �ховищ.
+principal_desc=Ці ідентифікатори �ертифікатів SSH прив'�зані до вашого облікового запи�у і надають повний до�туп до ваших �ховищ.
+gpg_desc=Ці публічні ключі GPG пов'�зані з вашим обліковим запи�ом. Зберігайте �вої приватні ключі в безпеці, о�кільки вони дозвол�ють підтверджувати коміти.
+ssh_helper=<strong>Потрібна допомога?</strong> Ознайомте�� з ін�трукцією GitHub щодо <a href="%s">�творенн� вла�них ключів SSH</a> або виправленн� <a href="%s">типових неполадок SSH.</a>
+gpg_helper=<strong>Потрібна допомога?</strong> Перегл�ньте по�ібник GitHub <a href="%s">про GPG</a>.
+add_new_key=Додати ключ SSH
+add_new_gpg_key=Додати ключ GPG
 key_content_ssh_placeholder=Починаєть�� з 'ssh-ed25519', 'ssh-rsa', 'ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521', 'sk-ecdsa-sha2-nistp256@openssh.com', або 'sk-ssh-ed25519@openssh.com'
 key_content_gpg_placeholder=Починаєть�� з '-----BEGIN PGP PUBLIC KEY BLOCK-----'
-add_new_principal=Додати кори�тувача
-ssh_key_been_used=Цей SSH ключ вже був додано до �ервера.
+add_new_principal=Додати ідентичні�ть
+ssh_key_been_used=Цей ключ SSH вже було додано до �ервера.
 ssh_key_name_used=Ключ SSH з таким ім'�м вже і�нує у вашому обліковому запи�і.
-ssh_principal_been_used=Цей кори�тувач вже був доданий на �ервер.
+ssh_principal_been_used=Цю ідентичні�ть вже було додано до �ервера.
 gpg_key_id_used=Публічний ключ GPG з таким �амим ідентифікатором вже і�нує.
-gpg_no_key_email_found=Цей ключ GPG не відповідає жодній активованій поштовій адре�і, �ка пов'�зана з вашим обліковим запи�ом. Його в�е рівно можна додати, �кщо ви підпишете наданий токен.
-gpg_key_matched_identities=Відповідні отримувачі:
-gpg_key_matched_identities_long=Вбудовані ідентифікатори цього ключа збігають�� з на�тупними активованими адре�ами електронної пошти вказаного кори�тувача. Коміти, �кі відповідають цим адре�ам, можуть бути підтверджені цим ключем.
+gpg_no_key_email_found=Цей ключ GPG не відповідає жодній активованій адре�і електронної пошти, пов'�заній з вашим обліковим запи�ом. Його в�е одно можна додати, �кщо ви підпишете наданий токен.
+gpg_key_matched_identities=Відповідні ідентично�ті:
+gpg_key_matched_identities_long=Вбудовані ідентифікатори цього ключа збігають�� з на�тупними активованими адре�ами електронної пошти цього кори�тувача. За допомогою цього ключа можна перевір�ти коміти, що відповідають цим адре�ам електронної пошти.
 gpg_key_verified=Перевірений ключ
-gpg_key_verified_long=Ключ перевірений за допомогою токена і може бути викори�тано дл� підтвердженн� комітів, �кі відповідають будь-�кій з активованих адре� електронної пошти дл� цього кори�тувача, на додачу до будь-�ких відповідних ідентифікацій дл� цього ключа.
+gpg_key_verified_long=Ключ був перевірений токеном і може бути викори�таний дл� перевірки комітів, що відповідають будь-�ким активованим адре�ам електронної пошти дл� цього кори�тувача, а також будь-�ких ідентифікаторів, що відповідають цьому ключу.
 gpg_key_verify=Підтвердити
-gpg_invalid_token_signature=�аданий ключ GPG, підпи� і токен не �півпадають або токен за�тарів.
 gpg_token_required=Вам потрібно надати підпи� дл� нижчевказаного токена
 gpg_token=Токен
 gpg_token_help=Ви можете �творити підпи� за допомогою:
 gpg_token_signature=Тек�товий (armored) підпи� GPG
 key_signature_gpg_placeholder=`Починаєть�� з "-----BEGIN PGP SIGNATURE-----"`
+verify_gpg_key_success=Ключ GPG '%s' перевірено.
 ssh_key_verified=Перевірений ключ
-ssh_key_verify=Підтвердити
+ssh_key_verified_long=Ключ було перевірено за допомогою токена. Його можна викори�товувати дл� перевірки комітів, що відповідають будь-�ким активованим адре�ам електронної пошти цього кори�тувача.
+ssh_key_verify=Перевірити
 ssh_token_required=Вам потрібно надати підпи� дл� нижчевказаного токена
 ssh_token=Токен
 ssh_token_help=Ви можете �творити підпи� за допомогою:
+ssh_token_signature=Тек�товий підпи� SSH
+key_signature_ssh_placeholder=`Починаєть�� з "-----BEGIN SSH SIGNATURE-----"`
+verify_ssh_key_success=Ключ SSH '%s' перевірено.
 subkeys=Підключі
-key_id=ID ключа
-key_name=Ім'� ключа
+key_id=Ідентифікатор ключа
+key_name=�азва ключа
 key_content=Змі�т
 principal_content=Змі�т
+add_key_success=Ключ SSH '%s' додано.
+add_gpg_key_success=Ключ GPG '%s' додано.
+add_principal_success=Було додано SSH �ертифікат ідентично�ті '%s'.
 delete_key=Видалити
-ssh_key_deletion=Видалити SSH ключ
-gpg_key_deletion=Видалити GPG ключ
-ssh_principal_deletion=Видалити SSH �ертифікат кори�тувача
+ssh_key_deletion=Видалити ключ SSH
+gpg_key_deletion=Видалити ключ GPG
+ssh_principal_deletion=Видалити ідентичні�ть �ертифікату SSH
 ssh_key_deletion_desc=Видаленн� ключа SSH �ка�овує до�туп до вашого облікового запи�у. Продовжити?
-gpg_key_deletion_desc=Видаленн� GPG ключа �ка�овує перевірку підпи�аних ним комітів. Продовжити?
-ssh_principal_deletion_desc=Видаленн� ключа SSH �ка�овує до�туп до вашого облікового запи�у. Продовжити?
-ssh_key_deletion_success=SSH ключ був видалений.
-gpg_key_deletion_success=GPG було видалено.
-ssh_principal_deletion_success=Кори�тувача видалено.
+gpg_key_deletion_desc=Видаленн� ключа GPG �ка�овує перевірку підпи�аних ним комітів. Продовжити?
+ssh_key_deletion_success=Ключ SSH видалено.
+gpg_key_deletion_success=Ключ GPG видалено.
+ssh_principal_deletion_success=Ідентичні�ть видалено.
+added_on=Додано %s
+valid_until_date=Дій�но до %s
 valid_forever=Дій�ний завжди
-last_used=О�таннє викори�танн�
-no_activity=Жодної ді�льно�ті
-can_read_info=Читати
-can_write_info=�апи�ати
-key_state_desc=Цей ключ викори�товував�� в о�танні 7 днів
-token_state_desc=Цей токен викори�товував�� в о�танні 7 днів
-principal_state_desc=Уча�тник був на �айті в о�танні 7 днів
+last_used=Во�таннє викори�тано
+no_activity=�ещодавн� активні�ть від�утн�
+can_read_info=Читанн�
+can_write_info=Запи�
+key_state_desc=Цей ключ викори�товував�� прот�гом о�танніх 7 днів
+token_state_desc=Цей токен викори�товував�� прот�гом о�танніх 7 днів
+principal_state_desc=Ц� ідентичні�ть викори�товувала�� прот�гом о�танніх 7 днів
 show_openid=Показати у профілю
-hide_openid=�е показувати у профілі
+hide_openid=Приховати з профілю
 ssh_disabled=SSH вимкнено
-ssh_externally_managed=Цей ключ SSH має зовнішнє управлінн� дл� цього кори�тувача
-manage_social=Керувати зв'�заними обліковими запи�ами �оціальних мереж
+ssh_signonly=SSH наразі вимкнено, тому ці ключі викори�товують�� лише дл� перевірки підпи�у комітів.
+ssh_externally_managed=Цей ключ SSH керуєть�� ззовні дл� цього кори�тувача
+manage_social=Керувати пов'�заними обліковими запи�ами �оціальних мереж
+social_desc=Ці облікові запи�и �оціальних мереж можна викори�товувати дл� входу в ваш обліковий запи�. Переконайте��, що в�і вони належать вам.
 unbind=Від'єднати
+unbind_success=Соціальний обліковий запи� у�пішно видалено.
 
-manage_access_token=Керуванн� токенами до�тупу
-generate_new_token=Згенерувати новий токен
-tokens_desc=Ці токени надають до�туп до вашого облікового запи�у за допомогою Gitea API.
-token_name=Ім'� токену
+manage_access_token=Керувати токенами до�тупу
+generate_new_token=Створити новий токен
+tokens_desc=Ці токени надають до�туп до вашого облікового запи�у за допомогою API Gitea.
+token_name=�азва токену
 generate_token=Згенерувати токен
-generate_token_success=Ваш новий токен був �творений. Скопіюйте його зараз, о�кільки він не буде показаний знову.
+generate_token_success=Ваш новий токен �творено. Скопіюйте його зараз, о�кільки він не буде показаний знову.
 generate_token_name_duplicate=�азва програми <strong>%s</strong> вже викори�товуєть��. Будь ла�ка, викори�тайте нову.
 delete_token=Видалити
 access_token_deletion=Видалити токен до�тупу
 access_token_deletion_cancel_action=Відмінити
 access_token_deletion_confirm_action=Видалити
-delete_token_success=Токен був знищений. Програми, що викори�товують його, більше не мають до�тупу до вашого облікового запи�у.
-permission_read=Прочитані
-
-manage_oauth2_applications=Керуванн� програмами OAuth2
-edit_oauth2_application=Редагувати програму OAuth2
-oauth2_applications_desc=Програми OAuth2 дають можливі�ть вашим �тороннім програмам надійно аутентифікувати кори�тувачів у цьому екземпл�рі Gitea.
-remove_oauth2_application=Видалити програму OAuth2
-remove_oauth2_application_desc=Видаленн� програми OAuth2 �ка�овує до�туп до в�іх підпи�аних маркерів до�тупу. Продовжити?
-remove_oauth2_application_success=Програму видалено.
-create_oauth2_application=Створити нову програму OAuth2
-create_oauth2_application_button=Створити програму
-oauth2_application_name=�азва програми
+access_token_deletion_desc=Видаленн� токена призведе до відкликанн� до�тупу до вашого облікового запи�у дл� додатків, �кі його викори�товують. Це неможливо �ка�увати. Продовжити?
+delete_token_success=Токен знищено. Додатки, що викори�товують його, більше не мають до�тупу до вашого облікового запи�у.
+repo_and_org_access=До�туп до �ховища та організації
+permissions_public_only=Лише загальнодо�тупні
+permissions_access_all=В�і (загальнодо�тупні, приватні та з обмеженим до�тупом)
+permission_not_set=�е в�тановлено
+permission_no_access=�емає до�тупу
+permission_read=Читанн�
+permission_write=Читанн� і запи�
+permission_anonymous_read=�нонімне читанн�
+permission_everyone_read=Читанн� дл� в�іх
+permission_everyone_write=Запи� дл� в�іх
+access_token_desc=Обрані дозволи токена обмежують авторизацію лише відповідними маршрутами <a %s>API</a>. Читайте <a %s>документацію</a> дл� отриманн� додаткової інформації.
+at_least_one_permission=�еобхідно вибрати хоча б одне право до�тупу дл� �творенн� токена
+permissions_list=Дозволи:
+
+manage_oauth2_applications=Керуванн� додатками OAuth2
+edit_oauth2_application=Редагувати додаток OAuth2
+oauth2_applications_desc=Додатки OAuth2 дозвол�ють вашому �торонньому додатку безпечно автентифікувати кори�тувачів у цьому екземпл�рі Gitea.
+remove_oauth2_application=Видалити додаток OAuth2
+remove_oauth2_application_desc=Видаленн� додатка OAuth2 �ка�ує до�туп до в�іх підпи�аних токенів до�тупу. Продовжити?
+remove_oauth2_application_success=Додаток видалено.
+create_oauth2_application=Створити новий додаток OAuth2
+create_oauth2_application_button=Створити додаток
+create_oauth2_application_success=Ви у�пішно �творили новий додаток OAuth2.
+update_oauth2_application_success=Ви у�пішно оновили додаток OAuth2.
+oauth2_application_name=�азва додатка
+oauth2_skip_secondary_authorization=Пропу�тити авторизацію дл� публічних клієнтів пі�л� наданн� до�тупу один раз. <strong>Може �тановити ризик дл� безпеки.</strong>
+oauth2_redirect_uris=URI дл� перенаправленн�. Будь ла�ка, викори�товуйте новий р�док дл� кожного URI.
 save_application=Зберегти
-oauth2_client_id=ID Клієнта
+oauth2_client_id=Ідентифікатор клієнта
 oauth2_client_secret=Ключ клієнта
 oauth2_regenerate_secret=Відновити ключ
-oauth2_regenerate_secret_hint=Ви втратили �вій ключ?
+oauth2_regenerate_secret_hint=Втратили ключ?
 oauth2_application_edit=Редагувати
 oauth2_application_create_description=Програми OAuth2 надають вашим �тороннім програмам до�туп до облікових запи�ів кори�тувачів у цьому екземпл�рі.
+oauth2_application_remove_description=Видаленн� OAuth2 не дозволить додатку отримати до�туп до авторизованих облікових запи�ів кори�тувачів на цьому �ервері. Продовжити?
+oauth2_application_locked=Gitea попередньо реє�трує де�кі програми OAuth2 під ча� запу�ку, �кщо це ввімкнено в конфігурації. Щоб запобігти не�подіваній поведінці, їх не можна ні редагувати, ні видал�ти. Дл� отриманн� додаткової інформації зверніть�� до документації OAuth2.
 
 authorized_oauth2_applications=�вторизовані програми OAuth2
 revoke_key=Відкликати
 revoke_oauth2_grant=Ска�увати до�туп
-revoke_oauth2_grant_description=Ска�уванн� до�тупу дл� цієї програми третьої �торони не дозволить їй отримувати до�туп до ваших даних. Ви впевнені?
+revoke_oauth2_grant_success=До�туп у�пішно �ка�овано.
 
-twofa_is_enrolled=Ваш обліковий запи� на даний ча� <strong>викори�товує</strong> двофакторну автентифікацію.
-twofa_not_enrolled=Ваш обліковий запи� наразі не викори�товує двофакторну автентифікаціїю.
+twofa_desc=Щоб захи�тити �вій обліковий запи� від крадіжки парол�, ви можете викори�товувати �мартфон або інший при�трій дл� отриманн� одноразових паролів, прив'�заних до ча�у (TOTP).
+twofa_recovery_tip=Якщо ви втратите �вій при�трій, ви зможете �кори�тати�� одноразовим ключем відновленн�, щоб відновити до�туп до �вого облікового запи�у.
+twofa_is_enrolled=Ваш обліковий запи� наразі <strong>викори�товує</strong> двофакторну автентифікацію.
+twofa_not_enrolled=Ваш обліковий запи� наразі не викори�товує двофакторну автентифікацію.
 twofa_disable=Вимкнути двофакторну автентифікацію
-twofa_enroll=Увімкнути двофакторну автентифікацію
-twofa_disable_note=При необхідно�ті можна відключити двофакторну автентифікацію.
+twofa_scratch_token_regenerate=Регенерувати одноразовий ключ відновленн�
+twofa_scratch_token_regenerated=Ваш одноразовий ключ відновленн� тепер %s. Зберігайте його у безпечному мі�ці, о�кільки його більше не буде показано.
+twofa_disable_note=За потреби ви можете вимкнути двофакторну автентифікацію.
 twofa_disable_desc=Вимкненн� двофакторної автентифікації зробить ваш обліковий запи� менш безпечним. Продовжити?
-twofa_disabled=Двофакторна автентифікаці� вимкнена.
-scan_this_image=Про�кануйте це зображенн� вашим додатком дл� двуфакторної автентифікації:
-or_enter_secret=�бо введіть �екрет: %s
+regenerate_scratch_token_desc=Якщо ви втратили ключ відновленн� або вже викори�товували його дл� входу, ви можете �кинути його тут.
+twofa_disabled=Двофакторну автентифікацію вимкнено.
+scan_this_image=Від�кануйте це зображенн� вашим додатком дл� двофакторної автентифікації:
+or_enter_secret=�бо введіть код: %s
 then_enter_passcode=І введіть пароль, �кий відображаєть�� в додатку:
 passcode_invalid=�екоректний пароль. Спробуй ще раз.
-twofa_failed_get_secret=�е вдало�� отримати �екрет.
+twofa_failed_get_secret=�е вдало�� отримати код.
 
+webauthn_register_key=Додати ключ безпеки
+webauthn_nickname=П�евдонім
+webauthn_delete_key=Видалити ключ безпеки
+webauthn_key_loss_warning=Якщо ви втратите ключі безпеки, ви втратите до�туп до �вого облікового запи�у.
+webauthn_alternative_tip=Ви можете налаштувати додатковий метод автентифікації.
 
-manage_account_links=Керуванн� обліковими запи�ами
-manage_account_links_desc=Ці зовнішні акаунти прив'�зані до вашого аккаунту Gitea.
-account_links_not_available=�аразі немає зовнішніх облікових запи�ів, пов'�заних із вашим обліковим запи�ом Gitea.
+manage_account_links=Керуванн� прив'�заними обліковими запи�ами
+manage_account_links_desc=Ці зовнішні облікові запи�и прив'�зані до вашого облікового запи�у Gitea.
 link_account=Прив'�зати обліковий запи�
-remove_account_link=Видалити облікові запи�и
+remove_account_link=Видалити обліковий запи�
 remove_account_link_desc=Видаленн� пов'�заного облікового запи�у відкликає його до�туп до вашого облікового запи�у Gitea. Продовжити?
-remove_account_link_success=Зв'�заний обліковий запи� видалено.
+remove_account_link_success=Прив'�заний обліковий запи� видалено.
 
+hooks.desc=Додайте веб-хуки, �кі запу�катимуть�� дл� <strong>у�іх репозиторіїв</strong>, �кими ви володієте.
 
-orgs_none=Ви не є уча�ником будь-�кої організації.
+orgs_none=Ви не є членом організації.
+repos_none=У ва� немає �ховищ.
 
-delete_account=Видалити ваш обліковий запи�
-delete_prompt=Ц� операці� о�таточно видалить обліковий запи� кори�тувача. Це <strong>�Е МОЖЛИВО</strong> відмінити.
-delete_with_all_comments=Ваш обліковий запи� молодший за %s днів. Щоб уникнути коментарів-привидів, в�і запити/PR коментрарі будуть видалені з ним.
-confirm_delete_account=Підтвердженн� видаленн�
-delete_account_title=Видалити цей обліковий запи�
+delete_account=Видалити обліковий запи�
+delete_prompt=Ц� операці� о�таточно видалить ваш обліковий запи�. Її <strong>�Е МОЖЛИВО</strong> �ка�увати.
+delete_with_all_comments=Ваш обліковий запи� молодший за %s днів. Щоб уникнути коментарів-привидів, у�і ваші коментарі будуть видалені разом з ним.
+confirm_delete_account=Підтвердити видаленн�
+delete_account_title=Видалити обліковий запи�
 delete_account_desc=Ви впевнені, що хочете о�таточно видалити цей обліковий запи�?
 
-email_notifications.enable=Увімкнути �повіщенн� email
-email_notifications.onmention=Повідомленн� email тільки коли згадують
-email_notifications.disable=Вимкнути email �повіщенн�
-email_notifications.submit=�алаштувати параметри email
+email_notifications.enable=Увімкнути �повіщенн� електронною поштою
+email_notifications.onmention=Повідомл�ти електронною поштою коли згадують
+email_notifications.disable=Вимкнути �повіщенн� електронною поштою
+email_notifications.submit=�алаштувати параметри електронної пошти
+email_notifications.andyourown=І ваші вла�ні повідомленн�
 
 visibility=Видимі�ть кори�тувача
 visibility.public=Публічний
 visibility.limited=Обмежений
+visibility.limited_tooltip=До�тупно лише дл� авторизованих кори�тувачів
 visibility.private=Приватний
+visibility.private_tooltip=До�тупно лише дл� членів організацій, до �ких ви долучили��
 
 [repo]
+new_repo_helper=Сховище мі�тить у�і файли проєкту, включно з і�торією ревізій. Ви вже розміщуєте його деінде? <a href="%s">Перене�ти �ховище.</a>
 owner=Вла�ник
-owner_helper=Де�кі організації можуть не відображати�� у випадаючому �пи�ку через мак�имальну кількі�ть репозиторііїв.
-repo_name=�азва репозиторію
-repo_size=Розмір репозиторію
+owner_helper=Де�кі організації можуть не відображати�� у �пи�ку через обмеженн� на мак�имальну кількі�ть �ховищ.
+repo_name=�азва �ховища
+repo_name_helper=У хороших назвах �ховищ викори�товують�� короткі ключові �лова, �кі легко запам'�товують�� та є унікальними. Сховище з назвою «.profile» або «.profile-private» можна викори�товувати дл� додаванн� README.md дл� профілю кори�тувача/організації.
+repo_size=Розмір �ховища
 template=Шаблон
-template_select=Оберіть шаблон.
-template_helper=Зробити репозиторій шаблоном
-template_description=Шаблонні репозиторії дозвол�ють кори�тувачам генерувати нові репозиторії із такою ж �труктурою директорій, файлами та додатковими налаштуванн�ми.
+template_select=Обрати шаблон.
+template_helper=Зробити �ховище шаблоном
+template_description=Шаблонні �ховища дозвол�ють кори�тувачам �творювати нові �ховища з такою ж �труктурою каталогів, файлами та додатковими налаштуванн�ми.
 visibility=Видимі�ть
-visibility_description=Тільки вла�ник або члени організації �кі мають віповідні права, зможуть побачити.
+visibility_description=Тільки вла�ник або члени організації, �кщо вони мають дозвіл, зможуть його побачити.
+visibility_helper=Зробити �ховище приватним
 visibility_helper_forced=�дміні�тратор вашого �айту налаштував параметри: в�і нові репозиторії будуть приватними.
 visibility_fork_helper=(Ці зміни вплинуть на в�і форки.)
 clone_helper=Потрібна допомога у клонуванні? Відвідайте �торінку <a target="_blank" rel="noopener" href="%s">Допомога</a>.
 fork_repo=Форкнути репозиторій
 fork_from=Форк з
-fork_visibility_helper=�еможливо змінити видимі�ть форкнутого репозиторію.
+fork_visibility_helper=�еможливо змінити видимі�ть розгалуженого �ховища.
+all_branches=У�і гілки
+view_all_branches=Перегл�нути в�і гілки
+view_all_tags=Перегл�нути в�і мітки
 use_template=За�то�увати цей шаблон
+open_with_editor=Відкрити в %s
 download_zip=Завантажити ZIP
 download_tar=Завантажити TAR.GZ
 download_bundle=Завантажити BUNDLE
-generate_repo=Згенерувати репозиторій
-generate_from=Генерувати з
+generate_repo=Створити �ховище
+generate_from=Створити з
 repo_desc=Опи�
-repo_desc_helper=Введіть короткий опи� (опціонально)
-repo_gitignore_helper=Виберіть шаблон .gitignore.
-repo_gitignore_helper_desc=Оберіть з �пи�ку мовних шаблонів файли, �кі не будуть від�тежувати�ь. Типові артефакти, �кі генерують�� за допомогою ін�трументів побудови кожної мови, за замовчуванн�м включені до .gitignor.
+repo_desc_helper=Введіть короткий опи� (необов'�зково)
+repo_no_desc=�емає опи�у
+repo_lang=Мови
+repo_gitignore_helper=Обрати шаблон .gitignore.
+repo_gitignore_helper_desc=Оберіть з �пи�ку мовних шаблонів файли, �кі не �лід від�тежувати. Типові артефакти, що генерують�� ін�трументами збірки кожної мови, за замовчуванн�м включені до .gitignor.
 issue_labels=Мітки задачі
-issue_labels_helper=Вибрати мітку дл� задачі.
+issue_labels_helper=Виберіть набір міток задачі.
 license=Ліцензі�
-license_helper=Виберіть ліцензійний файл.
-license_helper_desc=Ліцензі� регулює те, що інші можуть і не можуть робити з вашим кодом. �е впевнені, що �аме підходить дл� вашого проєкту? Дивіть�� <a target="_blank" rel="noopener noreferrer" href="%s">Виберіть ліцензію.</a>
+license_helper=Обрати файл ліцензії.
+license_helper_desc=Ліцензі� визначає, що інші можуть робити з вашим кодом, а що ні. �е впевнені, �ка підходить дл� вашого проєкту? Дивіть�� <a target="_blank" rel="noopener noreferrer" href="%s">Вибір ліцензії.</a>
+multiple_licenses=Кілька ліцензій
+object_format=Формат об'єкту
+object_format_helper=Формат об'єкту �ховища. �еможливо буде змінити пізніше. SHA1 є найбільш �умі�ним.
 readme=README
 readme_helper=Виберіть шаблон README.
-readme_helper_desc=Це мі�це, де ви можете напи�ати повний опи� вашого проєкту.
-auto_init=Ініціалізувати репозиторій (Додає .gitignore, LICENSE та README)
+readme_helper_desc=Тут ви можете повні�тю опи�ати ваш проєкт.
+auto_init=Ініціалізувати �ховище (додає файли .gitignore, ліцензію та README)
 trust_model_helper=Виберіть модель довіри дл� підтвердженн� підпи�у. Можливі варіанти:
-trust_model_helper_collaborator=Співавтор: підпи�и довіри від �півавторів
-trust_model_helper_committer=Уча�ник: довірені підпи�и уча�тників
-trust_model_helper_collaborator_committer=Співавтор+Комітер: довірчі підпи�и від �півавторів, �кі відповідають комітеру
-trust_model_helper_default=За замовчуванн�м: викори�товувати �тандартну модель довіри дл� цієї у�тановки
-create_repo=Створити репозиторій
+trust_model_helper_collaborator=Співавтор: довір�ти підпи�ам �півавторів
+trust_model_helper_committer=Комітер: довір�ти підпи�ам, �кі відповідають комітерам
+trust_model_helper_collaborator_committer=Співавтор+Комітер: довір�ти підпи�ам �півавторів, �кі відповідають комітеру
+trust_model_helper_default=Типово: викори�товувати �тандартну модель довіри дл� цієї у�тановки
+create_repo=Створити �ховище
 default_branch=Головна гілка
-default_branch_helper=Гілка за замовчуванн�м є базовою гілкою дл� запитів на злитт� та комітів коду.
+default_branch_label=типово
+default_branch_helper=Типова гілка є базовою гілкою дл� запитів на злитт� та комітів.
 mirror_prune=Очи�тити
-mirror_prune_desc=Видаленн� за�тарілих по�илань �кі ви від�лідковуєте
-mirror_interval_invalid=Інтервал дзеркалюванн� є неприпу�тимим.
-mirror_address=Клонуванн� з URL-адре�и
-mirror_address_desc=Помі�тіть будь-�кі необхідні облікові дані у розділі �вторизаці�.
-mirror_lfs=Склад великих файлів (LFS)
-mirror_lfs_desc=�ктивувати дзеркальне відображенн� даних LFS.
+mirror_prune_desc=Видалити за�тарілі по�иланн� на віддалені від�теженн�
+mirror_interval=Інтервал дзеркалюванн� (допу�тимі одиниці виміру ча�у 'h', 'm', 's'). 0 - щоб вимкнути періодичну �инхронізацію. (Мінімальний інтервал: %s)
+mirror_interval_invalid=Інтервал дзеркалюванн� недій�ний.
+mirror_sync=�инхронізовано
+mirror_sync_on_commit=Синхронізувати, коли над�илають�� коміти
+mirror_address=Клонувати з URL-адре�и
+mirror_address_desc=Введіть необхідні облікові дані в розділі �вторизаці�.
+mirror_address_protocol_invalid=URL-адре�а недій�на. Допу�тимі лише адре�и http(s):// або git://.
+mirror_lfs=Сховище великих файлів (LFS)
+mirror_lfs_desc=�ктивувати дзеркалюванн� даних LFS.
 mirror_lfs_endpoint=Кінцева точка LFS
-mirror_lfs_endpoint_desc=Синхронізаці� �пробує викори�товувати url дл� клону щоб <a target="_blank" rel="noopener noreferrer" href="%s">визначити LFS-�ервер</a>. Ви також можете вказати кінцеву точку кори�тувача, �кщо дані репозиторію LFS зберігають�� в іншому мі�ці.
 mirror_last_synced=О�танн� �инхронізаці�
 mirror_password_placeholder=(без змін)
-mirror_password_blank_placeholder=(відключено)
+mirror_password_blank_placeholder=(�е в�тановлено)
 mirror_password_help=Змініть ім'� кори�тувача, щоб видалити збережений пароль.
 watchers=Спо�терігачі
-stargazers=Зацікавлені
+stargazers=Шанувальники
+stars_remove_warning=Це видалить у�і зірки з цього �ховища.
 forks=Форки
-reactions_more=додати %d більше
-unit_disabled=�дміні�тратор �айту вимкнув цей розділ репозиторію.
+stars=Зірки
+reactions_more=і ще %d
+unit_disabled=�дміні�тратор �айту вимкнув цей розділ �ховища.
 language_other=Інші
-adopt_search=Введіть ім'� кори�тувача дл� пошуку неприйн�тних репозиторіїв... (залиште порожнім, щоб знайти в�і)
-adopt_preexisting_label=Прийн�ті файли
-adopt_preexisting=Прийн�ти вже і�нуючі файли
-adopt_preexisting_content=Створити репозиторій з %s
-adopt_preexisting_success=Прийн�ти файли та �творити репозиторій з %s
+adopt_preexisting_label=Прийн�ти файли
+adopt_preexisting=Прийн�ти попередньо �творені файли
+adopt_preexisting_content=Створити �ховище з %s
+adopt_preexisting_success=Прийн�ти файли та �творити �ховище з %s
 delete_preexisting_label=Видалити
-delete_preexisting=Видалити і�нуючі файли
+delete_preexisting=Видалити попередньо �творені файли
 delete_preexisting_content=Видалити файли з %s
 delete_preexisting_success=Видалено неприйн�ті файли в %s
 blame_prior=Перегл�нути анотацію, що передує цій зміні
+blame.ignore_revs.failed=�е вдало�� проігнорувати ревізії у <a href="%s">.git-blame-ignore-revs</a>.
+user_search_tooltip=Показує не більше 30 кори�тувачів
 
+tree_path_not_found=Шл�х %[1]s не і�нує в %[2]s
 
-transfer.accept=Дозволити тран�фер
-transfer.reject=Відхилити тран�фер
+transfer.accept=Дозволити переміщенн�
+transfer.accept_desc=`Перемі�тити до "%s"`
+transfer.reject=Відхилити переміщенн�
+transfer.reject_desc=`Ска�увати переміщенн� до "%s"`
+transfer.no_permission_to_accept=У ва� немає дозволу приймати цю передачу.
+transfer.no_permission_to_reject=У ва� немає дозволу на відхиленн� цієї передачі.
 
 desc.private=Приватний
 desc.public=Публічний
+desc.public_access=Публічний до�туп
 desc.template=Шаблон
 desc.internal=Внутрішній
-desc.archived=�рхівний
+desc.archived=�рхівований
+desc.sha256=SHA256
 
 template.items=Елементи шаблону
 template.git_content=Вмі�т Git (типова гілка)
-template.git_hooks=Перехоплювачі Git
-template.webhooks=Webhook'и
+template.git_hooks=Хуки Git
+template.git_hooks_tooltip=�аразі ви не можете змінювати або видал�ти Git-хуки пі�л� їх додаванн�. Виберіть це лише �кщо ви довір�єте �ховищу шаблонів.
+template.webhooks=Веб-хуки
 template.topics=Теми
 template.avatar=�ватар
 template.issue_labels=Мітки задачі
 template.one_item=Слід обрати хоча б один елемент шаблону
-template.invalid=Слід обрати шаблонний репозиторій
+template.invalid=Слід обрати шаблонне �ховище
 
-archive.issue.nocomment=Цей репозиторій архівовано. Ви не можете коментувати задачі.
-archive.pull.nocomment=Це архівний репозитарій. Ви не можете коментувати пулл-рекве�ти.
+archive.issue.nocomment=Це �ховище архівовано. Ви не можете коментувати задачі.
+archive.pull.nocomment=Це �ховище архівовано. Ви не можете коментувати запити на злитт�.
 
-form.reach_limit_of_creation_1=Ви вже до��гли ліміту в %d репозиторіїв.
-form.reach_limit_of_creation_n=Ви до��гли мак�имальної кілько�ті %d �творених репозиторіїв.
+form.reach_limit_of_creation_1=Ви до��гли мак�имальної кілько�ті %d �ховища.
+form.reach_limit_of_creation_n=Ви до��гли мак�имальної кілько�ті %d �ховищ.
+form.name_reserved=�азву �ховища '%s' зарезервовано.
+form.name_pattern_not_allowed=Шаблон '%s' не дозволено в назві �ховища.
 
 need_auth=�вторизаці�
 migrate_options=Параметри міграції
 migrate_service=Серві� міграції
-migrate_options_lfs=Перене�енн� LFS файлів
+migrate_options_mirror_helper=Це �ховище буде дзеркалом
+migrate_options_lfs=Перене�енн� файлів LFS
 migrate_options_lfs_endpoint.label=Кінцева точка LFS
-migrate_options_lfs_endpoint.description=Міграці� буде намагати�� викори�товувати ваш Git віддалено, щоб <a target="_blank" rel="noopener noreferrer" href="%s">визначати LFS �ервер</a>. Ви також можете вказати �вою кінцеву точку, �кщо дані репозиторію LFS зберігають�� в іншому мі�ці.
-migrate_options_lfs_endpoint.description.local=Також підтримують�� шл�хи на локальному �ервері.
-migrate_items=Деталі міграції
+migrate_options_lfs_endpoint.description=Міграці� �пробує викори�тати ваш Git віддалено, щоб <a target="_blank" rel="noopener noreferrer" href="%s">визначати �ервер LFS</a>. Ви також можете вказати вла�ну кінцеву точку, �кщо дані �ховища LFS зберігають�� в іншому мі�ці.
+migrate_options_lfs_endpoint.description.local=Також підтримуєть�� шл�х до локального �ервера.
+migrate_items=Елементи міграції
 migrate_items_wiki=Вікі
 migrate_items_milestones=Етапи
 migrate_items_labels=Мітки
@@ -827,26 +1094,31 @@ migrate_items_merge_requests=Запити на злитт�
 migrate_items_releases=Релізи
 migrate_repo=Перене�ти репозиторій
 migrate.clone_address=Міграці� / клонувати з URL-адре�и
-migrate.clone_address_desc=URL-адре�а HTTP(S) або Git "clone" і�нуючого репозиторі�
+migrate.clone_address_desc=URL-адре�а HTTP(S) або Git "clone" і�нуючого �ховища
 migrate.clone_local_path=або шл�х до локального �ерверу
 migrate.permission_denied=Вам не дозволено імпортувати локальні репозиторії.
-migrate.permission_denied_blocked=Ви не можете імпортувати з заборонених вузлів, будь ла�ка, попро�іть адміні�тратора перевірити налаштуванн� ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS.
-migrate.invalid_lfs_endpoint=Помилкова кінцева точка LFS.
+migrate.invalid_local_path=Локальний шл�х недій�ний. Він не і�нує або не є каталогом.
+migrate.invalid_lfs_endpoint=Кінцева точка LFS недій�на.
 migrate.failed=Міграці� не вдала��: %v
 migrate.migrate_items_options=Дл� перене�енн� додаткових елементів потрібен токен до�тупу
 migrated_from=Перене�ено з <a href="%[1]s">%[2]s</a>
 migrated_from_fake=Перене�ено з %[1]s
-migrate.migrate=Міграці� з %s
-migrate.migrating=Міграці� із <b>%s</b>...
+migrate.migrate=Мігрувати з %s
 migrate.migrating_failed=Міграці� із <b>%s</b> не вдала��.
+migrate.migrating_failed.error=�е вдало�� перене�ти: %s
 migrate.migrating_failed_no_addr=Міграці� не вдала��.
-migrate.git.description=Перене�енн� лише репозиторію з будь-�кої �лужби Git.
+migrate.github.description=Перене�ти дані з github.com чи інших �ерверів Github.
+migrate.git.description=Перене�ти �ховище з будь-�кого �ерві�у Git'у.
 migrate.gitlab.description=Перене�ти дані з gitlab.com та інших екземпл�рів GitLab.
 migrate.gitea.description=Перене�ти дані з gitea.com та інших екземпл�рів Gitea.
 migrate.gogs.description=Перене�ти дані з notabug.org та інших екземпл�рів Gogs.
 migrate.onedev.description=Перене�ти дані з code.onedev.io та інших екземпл�рів OneDev.
 migrate.codebase.description=Перене�ти дані з codebasehq.com.
 migrate.gitbucket.description=Перене�ти дані з екземпл�рів GitBucket.
+migrate.codecommit.description=Перене�енн� даних з AWS CodeCommit.
+migrate.codecommit.aws_access_key_id=ID ключа до�тупу AWS
+migrate.codecommit.https_git_credentials_username=Ім’� кори�тувача HTTPS Git
+migrate.codecommit.https_git_credentials_password=Пароль кори�тувача HTTPS Git
 migrate.migrating_git=Міграці� Git даних
 migrate.migrating_topics=Міграці� тем
 migrate.migrating_milestones=Міграці� етапів
@@ -854,26 +1126,32 @@ migrate.migrating_labels=Міграці� міток
 migrate.migrating_releases=Міграці� релізів
 migrate.migrating_issues=Міграці� задач
 migrate.migrating_pulls=Міграці� запитів на злитт�
+migrate.cancel_migrating_title=Ска�увати міграцію
+migrate.cancel_migrating_confirm=Ви хочете �ка�увати міграцію?
+migration_status=Cтату� міграції
 
 mirror_from=дзеркало
 forked_from=форк від
 generated_from=згенеровано з
-fork_from_self=Ви не можете форкнути репозиторій, так �к ви його вла�ник.
+fork_from_self=Ви не можете форкнути вла�не �ховище.
 fork_guest_user=Увійдіть, щоб зробити форк репозитарію.
 watch_guest_user=Увійдіть, щоб �лідкувати за цим репозиторієм.
 star_guest_user=Увійдіть, щоб додати в обране цей репозиторій.
 unwatch=�е �тежити
-watch=Слідкувати
+watch=Стежити
 unstar=Видалити із обраних
 star=В обрані
 fork=Форк
+action.blocked_user=�еможливо виконати дію, о�кільки ви заблоковані вла�ником �ховища.
 download_archive=Скачати репозиторій
+more_operations=Інші операції
 
 quick_guide=Короткий по�ібник
 clone_this_repo=Кнонувати цей репозиторій
+cite_this_repo=По�лати�� на це �ховище
 create_new_repo_command=Створити новий репозиторій з командного р�дка
 push_exist_repo=Опублікувати і�нуючий репозиторій з командного р�дка
-empty_message=Цей репозиторій порожній.
+broken_message=�еможливо прочитати дані Git, що лежать в о�нові цього �ховища. Зверніть�� до адміні�тратора �ервера або видаліть �ховище.
 
 code=Код
 code.desc=До�туп до коду, файлів, комітів та гілок.
@@ -887,97 +1165,148 @@ tags=Теги
 issues=Задачі
 pulls=Запити на злитт�
 projects=Проєкти
+packages=Пакети
+actions=Дії
 labels=Мітки
-org_labels_desc=Мітки рівн� організації можуть викори�товувати�� <strong>в у�іх репозиторі�х</strong> цієї організації
 org_labels_desc_manage=керувати
 
 milestone=Етап
-milestones=Етап
+milestones=Етапи
 commits=Коміти
 commit=Коміт
 release=Реліз
 releases=Релізи
 tag=Тег
-released_this=випущені релізи
+released_this=випу�тив(-ла)
+file.title=%s в %s
 file_raw=�еформатований
 file_history=І�торі�
 file_view_source=Перегл�нути вихідний код
-file_view_rendered=Перегл�нути відрендерено
 file_view_raw=Перегл�д Raw
 file_permalink=По�тійне по�иланн�
-file_too_large=Цей файл завеликий щоб бути показаним.
-
+file_too_large=Файл занадто великий дл� відображенн�.
+file_is_empty=Файл порожній.
+code_preview_line_from_to=Р�дки від %[1]d до %[2]d в %[3]s
+code_preview_line_in=Р�док %[1]d в %[2]s
+invisible_runes_header=`Цей файл мі�тить невидимі �имволи Юнікоду`
+invisible_runes_description=`Цей файл мі�тить невидимі �имволи Юнікоду, �кі не розрізн�ють�� людиною, але можуть по-різному обробл�ти�� комп'ютером. Якщо ви вважаєте, що це зроблено навми�но, можете �міливо ігнорувати це попередженн�. Щоб показати їх, �кори�тайте�� кнопкою Escape.`
+ambiguous_runes_header=`Цей файл мі�тить неоднозначні �имволи Юнікоду`
+ambiguous_runes_description=`Цей файл мі�тить �имволи Юнікоду, �кі можна �плутати з іншими �имволами. Якщо ви вважаєте, що це зроблено навми�но, можете �міливо ігнорувати це попередженн�. Щоб показати їх, �кори�тайте�� кнопкою Escape.`
+invisible_runes_line=`Цей р�док мі�тить невидимі �имволи Юнікоду`
+ambiguous_runes_line=`Цей р�док мі�тить неоднозначні �имволи Юнікоду`
+ambiguous_character=`%[1]c [U+%04[1]X] можна �плутати з %[2]c [U+%04[2]X]`
+
+escape_control_characters=Екранувати
+unescape_control_characters=Відмінити екрануванн�
 file_copy_permalink=Копіювати по�тійне по�иланн�
 video_not_supported_in_browser=Ваш браузер не підтримує тег 'video' HTML5.
 audio_not_supported_in_browser=Ваш браузер не підтримує тег HTML5 'audio'.
-stored_lfs=Збережено з Git LFS
 symbolic_link=Символічне по�иланн�
+executable_file=Виконуваний файл
+generated=Створено
 commit_graph=Графік комітів
 commit_graph.select=Виберіть гілки
 commit_graph.hide_pr_refs=Приховати запити на злитт�
-commit_graph.monochrome=Монохром
+commit_graph.monochrome=Монохромний
 commit_graph.color=Колір
-blame=Звинуваченн�
+commit.contained_in=Цей коміт мі�тить�� в:
+commit.contained_in_default_branch=Цей коміт є ча�тиною типової гілки
+commit.load_referencing_branches_and_tags=Завантажити гілки та мітки, �кі по�илають�� на цей коміт
+blame=�нотаці�
 download_file=Завантажити файл
 normal_view=Звичайний вигл�д
 line=р�док
 lines=р�дки
+from_comment=(коментар)
 
+editor.add_file=Додати файл
 editor.new_file=�овий файл
 editor.upload_file=Завантажити файл
-editor.edit_file=Редагуванн� файлу
+editor.edit_file=Редагувати файл
 editor.preview_changes=Попередній перегл�д змін
 editor.cannot_edit_lfs_files=Файли LFS не можна редагувати в веб-інтерфей�і.
+editor.cannot_edit_too_large_file=Файл занадто великий дл� редагуванн�.
 editor.cannot_edit_non_text_files=Бінарні файли не можливо редагувати у веб-інтерфей�і.
+editor.file_not_editable_hint=�ле ви в�е ще можете перейменувати або перемі�тити його.
 editor.edit_this_file=Редагувати файл
 editor.this_file_locked=Файл заблоковано
-editor.must_be_on_a_branch=Ви повинні бути у гілці щоб зробити, або запропонувати зміни до цього файлу.
-editor.fork_before_edit=�еобхідно зробити форк цього репозиторій, щоб вне�ти або запропонувати зміни в цей файл.
+editor.must_be_on_a_branch=Ви повинні бути у гілці щоб робити або пропонувати зміни до цього файлу.
+editor.fork_before_edit=�еобхідно зробити форк цього �ховища, щоб вне�ти або запропонувати зміни в цей файл.
 editor.delete_this_file=Видалити файл
 editor.must_have_write_access=Ви повинні мати до�туп на запи� щоб запропонувати зміни до цього файлу.
-editor.name_your_file=Дайте назву файлу…
-editor.filename_help=Щоб додати каталог, наберіть його назву, а потім - ко�у ри�ку ('/'). Щоб видалити каталог, перейдіть до початку пол� і нати�ніть backspace.
+editor.file_delete_success=Файл "%s" видалено.
+editor.name_your_file=�азвіть файл…
+editor.filename_help=Щоб додати каталог, наберіть його назву, а потім - пр�мий �леш ('/'). Щоб видалити каталог, перейдіть до початку пол� і нати�ніть видалити ліворуч.
 editor.or=або
 editor.cancel_lower=Ска�увати
 editor.commit_signed_changes=Вне�ти підпи�ані зміни
-editor.commit_changes=Закомітити зміни
+editor.commit_changes=Зафік�увати зміни
+editor.add_tmpl=Додати '{filename}'
+editor.add=Додати %s
+editor.update=Оновити %s
+editor.delete=Видалити %s
+editor.patch=За�то�увати патч
+editor.patching=За�то�уванн� виправлень:
+editor.new_patch=�овий патч
 editor.commit_message_desc=Додати необов'�зковий розширений опи�…
-editor.signoff_desc=Додатиь Signed-off-by комітом в конці повідомленн� журналу комітів.
-editor.commit_directly_to_this_branch=Зробіть коміт пр�мо в гілку <strong class="branch-name">%s</strong>.
+editor.signoff_desc=Додати «Підпи�ано комітером» в кінці повідомленн� коміту.
+editor.commit_directly_to_this_branch=Зробити коміт безпо�ередньо в гілку <strong class="branch-name">%s</strong>.
 editor.create_new_branch=Створити <strong>нову гілку</strong> дл� цього коміту та відкрити запит на злитт�.
 editor.create_new_branch_np=Створити <strong>нову гілку</strong> дл� цього коміту.
 editor.propose_file_change=Запропонувати зміну файлу
-editor.new_branch_name_desc=Ім'� нової гілки…
+editor.new_branch_name=�азвіть нову гілку дл� цього коміту
+editor.new_branch_name_desc=�азва нової гілки…
 editor.cancel=Відмінити
-editor.filename_cannot_be_empty=Ім'� файлу не може бути порожнім.
+editor.filename_cannot_be_empty=�азва файлу не може бути порожньою.
+editor.filename_is_invalid=�азва файлу недій�на: "%s".
+editor.filename_is_a_directory=�азва файлу '%s' вже викори�товуєть�� �к назва каталогу у цьому �ховищі.
+editor.file_modifying_no_longer_exists=Редагований файл '%s' більше не і�нує в цьому �ховищі.
 editor.file_changed_while_editing=Змі�т файлу змінив�� з моменту початку редагуванн�. <a target="_blank" rel="noopener" href="%s"> �ати�ніть тут </a>, щоб перегл�нути що було змінено, або <strong>закомітьте зміни ще раз</strong>, щоб перепи�ати їх.
 editor.commit_empty_file_header=Закомітити порожній файл
-editor.commit_empty_file_text=Файл, в комміті порожній. Продовжити?
-editor.no_changes_to_show=�ема змін дл� показу.
-editor.fail_to_update_file_summary=Помилка:
+editor.commit_empty_file_text=Файл, �кий ви збираєте�� закомітити, порожній. Продовжувати?
+editor.no_changes_to_show=�емає змін.
+editor.push_rejected_no_message=Зміну відхилено �ервером без повідомленн�. Будь ла�ка, перевірте Git-хуки.
+editor.push_rejected=Зміну відхилено �ервером. Будь ла�ка, перевірте Git-хуки.
 editor.push_rejected_summary=Повне повідомленн� про відмову:
 editor.add_subdir=Додати каталог…
+editor.unable_to_upload_files=�е вдало�� завантажити файли до '"%s". Помилка: %v
+editor.upload_file_is_locked=Файл "%s" заблоковано %s.
+editor.upload_files_to_dir=`Завантажити файли до "%s"`
 editor.no_commit_to_branch=�е вдало�� вне�ти коміт безпо�ередньо до гілки, тому що:
-editor.user_no_push_to_branch=Кори�тувач не може здій�нити пуш до гілки
 editor.require_signed_commit=Гілка вимагає підпи�аного коміту
+editor.revert=Повернути %s до:
+editor.failed_to_commit=�е вдало�� зафік�увати зміни.
+editor.failed_to_commit_summary=Помилка:
+
 
 commits.desc=Перегл�нути і�торію зміни коду.
 commits.commits=Коміти
+commits.no_commits=�емає �пільних комітів. '%s' та '%s' мають різну і�торію.
 commits.nothing_to_compare=Ці гілки однакові.
+commits.search_branch=Ц� гілка
 commits.search_all=У�і гілки
 commits.author=�втор
 commits.message=Повідомленн�
 commits.date=Дата
-commits.older=Давніше
-commits.newer=�овіше
+commits.older=Старіші
+commits.newer=�овіші
 commits.signed_by=Підпи�ано
 commits.signed_by_untrusted_user=Підпи�аний недовіреним кори�тувачем
-commits.signed_by_untrusted_user_unmatched=Підпи�аний недовіреним кори�тувачем, �кий не відповідає комітеру
+commits.signed_by_untrusted_user_unmatched=Підпи�ано недовіреним кори�тувачем, �кий не відповідає комітеру
 commits.gpg_key_id=Ідентифікатор GPG ключа
+commits.ssh_key_fingerprint=Відбиток ключа SSH
+commits.view_path=Перегл�нути в і�торії
+commits.view_file_diff=Перегл�нути зміни до цього файлу в цьому коміті
 
+commit.operations=Дії
+commit.revert=Повернути до попереднього �тану
+commit.revert-header=Повернути: %s
+commit.revert-content=Виберіть гілку, до �кої хочете повернути��:
 
 commitstatus.error=Помилка
+commitstatus.failure=�евдача
 commitstatus.pending=Очікуванн�
+commitstatus.success=У�піх
 
 ext_issues=До�туп до зовнішніх задач
 ext_issues.desc=По�иланн� на зовнішню �и�тему від�теженн� задач.
@@ -987,23 +1316,35 @@ projects.description_placeholder=Опи�
 projects.create=Створити проєкт
 projects.title=�азва
 projects.new=�овий проєкт
-projects.new_subheader=Координуйте, від�тежуйте та оновлюйте інформацію про виконувану роботу в одному мі�ці, аби проєкти залишали�� прозорими та за розкладом.
+projects.new_subheader=Координуйте, від�тежуйте та оновлюйте �вою роботу в одному мі�ці, щоб проєкти залишали�� прозорими та виконували�� за графіком.
+projects.create_success=Проєкт "%s" �творено.
 projects.deletion=Видалити проєкт
 projects.deletion_desc=Видаленн� проєкту видал�є його з у�іх пов'�заних задач. Продовжити?
 projects.deletion_success=Проєкт видалено.
-projects.edit=Редагувати проєкти
+projects.edit=Редагувати проєкт
 projects.edit_subheader=Проєкти організовують задачі та від�тежують прогре�.
-projects.modify=Оновити проєкт
+projects.modify=Редагувати проєкт
+projects.edit_success=Проєкт "%s" оновлено.
 projects.type.none=Від�утній
 projects.type.basic_kanban=Спрощений канбан
 projects.type.bug_triage=Сортуванн� помилок
 projects.template.desc=Шаблон проєкту
-projects.template.desc_helper=Оберіть шаблон проєкту, аби почати
+projects.template.desc_helper=Оберіть шаблон проєкту, щоб розпочати роботу
+projects.column.edit=Редагувати �товпець
 projects.column.edit_title=�азва
 projects.column.new_title=�азва
+projects.column.new_submit=Створити �товпець
+projects.column.new=�овий �товпець
+projects.column.set_default=В�тановити типово
+projects.column.set_default_desc=В�тановіть цей �товпець типовим дл� задач і запитів на злитт� без категорії
+projects.column.delete=Видалити �товпець
 projects.column.color=Колір
 projects.open=Відкрити
 projects.close=Закрити
+projects.column.assigned_to=Призначено
+projects.card_type.desc=Попередні перегл�ди картки
+projects.card_type.images_and_text=Зображенн� і тек�т
+projects.card_type.text_only=Лише тек�т
 
 issues.desc=Організаці� звітів про помилки, завдань та етапів.
 issues.filter_assignees=Фільтр виконавців
@@ -1011,8 +1352,10 @@ issues.filter_milestones=Фільтр етапів
 issues.filter_projects=Фільтр проєктів
 issues.filter_labels=Фільтр міток
 issues.filter_reviewers=Фільтр рецензентів
+issues.filter_no_results=�емає результатів
+issues.filter_no_results_placeholder=Спробуйте налаштувати �вої фільтри пошуку.
 issues.new=�ова задача
-issues.new.title_empty=Заголовок не може бути пу�тим
+issues.new.title_empty=Заголовок не може бути порожнім
 issues.new.labels=Мітки
 issues.new.no_label=Без мітки
 issues.new.clear_labels=Очи�тити мітки
@@ -1023,15 +1366,21 @@ issues.new.open_projects=Відкриті проєкти
 issues.new.closed_projects=Закриті проєкти
 issues.new.no_items=�емає елементів
 issues.new.milestone=Етап
-issues.new.no_milestone=Етап від�утній
+issues.new.no_milestone=Етапи від�утні
 issues.new.clear_milestone=Очи�тити етап
 issues.new.assignees=Виконавці
 issues.new.clear_assignees=Прибрати виконавців
-issues.new.no_assignees=�емає виконавц�
-issues.choose.get_started=Початок роботи
+issues.new.no_assignees=�емає виконавців
+issues.new.no_reviewers=�емає рецензентів
+issues.new.blocked_user=�е вдало�� �творити задачу, тому що ви заблоковані вла�ником �ховища.
+issues.edit.blocked_user=�еможливо редагувати вмі�т, о�кільки ва� заблоковано автором або вла�ником �ховища.
+issues.choose.get_started=Розпочати
 issues.choose.open_external_link=Відкрити
 issues.choose.blank=Типово
-issues.choose.blank_about=Створити задачу із шаблону за замовчуванн�м.
+issues.choose.blank_about=Створити задачу із �тандартного шаблону.
+issues.choose.ignore_invalid_templates=�едій�ні шаблони проігноровано
+issues.choose.invalid_templates=Знайдено %v недій�ний(х) шаблон(ів)
+issues.choose.invalid_config=Конфігураці� задачі мі�тить помилки:
 issues.no_ref=�е вказана гілка або тег
 issues.create=Створити задачу
 issues.new_label=�ова мітка
@@ -1041,7 +1390,8 @@ issues.create_label=Створити мітку
 issues.label_templates.title=Завантажити визначений набір міток
 issues.label_templates.info=Ще немає міток. �ати�ніть '�ова мітка' або викори�товуйте попередньо визначений набір міток:
 issues.label_templates.helper=Оберіть набір міток
-issues.label_templates.use=Викори�товувати набір міток
+issues.label_templates.use=Викори�тати набір міток
+issues.label_templates.fail_to_load_file=�е вдало�� завантажити файл шаблона мітки '%s': %v
 issues.add_label=додано %s з міткою %s
 issues.add_labels=додано %s з мітками %s
 issues.remove_label=видалено %s з міткою %s
@@ -1067,28 +1417,39 @@ issues.delete_branch_at=`видалена гілка <b>%s</b> %s`
 issues.filter_label=Мітка
 issues.filter_label_exclude=`Викори�товуйте <code>Alt</code> + <code>клік/Enter</code> дл� виключенн� міток`
 issues.filter_label_no_select=В�і мітки
+issues.filter_label_select_no_label=Без мітки
 issues.filter_milestone=Етап
+issues.filter_milestone_all=В�і етапи
+issues.filter_milestone_none=Етапи від�утні
+issues.filter_milestone_open=Відкриті етапи
+issues.filter_milestone_closed=Закриті етапи
 issues.filter_project=Проєкт
+issues.filter_project_all=В�і проєкти
 issues.filter_project_none=Проєкт від�утній
 issues.filter_assignee=Виконавець
-issues.filter_assginee_no_assignee=�емає виконавц�
+issues.filter_assignee_no_assignee=�ікому не при�воєно
+issues.filter_assignee_any_assignee=Призначено будь-кому
+issues.filter_poster=�втор
+issues.filter_user_placeholder=Пошук кори�тувачів
+issues.filter_user_no_select=У�і кори�тувачі
 issues.filter_type=Тип
 issues.filter_type.all_issues=В�і задачі
+issues.filter_type.all_pull_requests=У�і запити на злитт�
 issues.filter_type.assigned_to_you=Призначене вам
 issues.filter_type.created_by_you=Створено вами
 issues.filter_type.mentioning_you=Ва� згадано
-issues.filter_type.review_requested=Відгук запитано
+issues.filter_type.review_requested=Запит на рецензію
+issues.filter_type.reviewed_by_you=Перевірено вами
 issues.filter_sort=Сортувати
 issues.filter_sort.latest=�айновіші
 issues.filter_sort.oldest=�ай�таріші
-issues.filter_sort.recentupdate=�ещодавно оновлено
 issues.filter_sort.leastupdate=�айдавніше оновлені
 issues.filter_sort.mostcomment=�айбільш коментовані
 issues.filter_sort.leastcomment=�айменш коментовані
-issues.filter_sort.nearduedate=�айновіша дата
-issues.filter_sort.farduedate=�ай�таріша дата
-issues.filter_sort.moststars=�айбільш обраних
-issues.filter_sort.feweststars=�айменш обраних
+issues.filter_sort.nearduedate=�айближчий термін
+issues.filter_sort.farduedate=�айвіддаленіший термін
+issues.filter_sort.moststars=�айбільш фаворизовані
+issues.filter_sort.feweststars=�айменш фаворизовані
 issues.filter_sort.mostforks=�айбільше форків
 issues.filter_sort.fewestforks=�айменше форків
 issues.action_open=Відкрити
@@ -1098,13 +1459,16 @@ issues.action_milestone=Етап
 issues.action_milestone_no_select=Етап від�утній
 issues.action_assignee=Виконавець
 issues.action_assignee_no_select=�емає виконавц�
+issues.action_check=В�тановити/зн�ти позначку
+issues.action_check_all=В�тановити/зн�ти позначку з у�іх елементів
 issues.opened_by=%[1]s відкрито <a href="%[2]s">%[3]s</a>
-issues.opened_by_fake=відкрито %[1]s кори�тувачем %[2]s
+issues.opened_by_fake=%[1]s відкрито кори�тувачем %[2]s
 issues.previous=Попередній
 issues.next=Далі
 issues.open_title=Відкрито
 issues.closed_title=Закрито
 issues.draft_title=Чернетка
+issues.num_comments_1=%d коментар
 issues.num_comments=%d коментарів
 issues.commented_at=`прокоментував(ла) <a href="#%s">%s</a>`
 issues.delete_comment_confirm=Ви впевнені, що хочете видалити цей коментар?
@@ -1113,33 +1477,56 @@ issues.context.quote_reply=Цитувати відповідь
 issues.context.reference_issue=По�иланн� в новій задачі
 issues.context.edit=Редагувати
 issues.context.delete=Видалити
+issues.no_content=�емає опи�у.
+issues.close=Закрити задачу
+issues.comment_pull_merged_at=об'єднав(-ла) коміти %[1]s в %[2]s %[3]s
+issues.comment_manually_pull_merged_at=вручну об'єднав(-ла) коміти %[1]s в %[2]s %[3]s
+issues.close_comment_issue=Закрити з коментарем
 issues.reopen_issue=Відкрити знову
+issues.reopen_comment_issue=Повторно відкрити з коментарем
 issues.create_comment=Коментар
-issues.closed_at=`закрив цю задачу <a id="%[1]s" href="#%[1]s">%[2]s</a>`
-issues.reopened_at=`повторно відкрив цю задачу <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.comment.blocked_user=�еможливо �творити або редагувати коментар, тому що ви заблоковані автором або вла�ником �ховища.
+issues.closed_at=`закрив(ла) цю задачу <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.reopened_at=`повторно відкрив(ла) цю задачу <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.commit_ref_at=`згадано цю задачу в коміті <a id="%[1]s" href="#%[1]s">%[2]s</a>`
-issues.ref_issue_from=`<a href="%[3]s">по�иланн� на цю задачу %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.ref_issue_from=`<a href="%[3]s"> вказав(ла) на цю задачу %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_pull_from=`<a href="%[3]s">по�лав�� на цей запит злитт� %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_closing_from=`<a href="%[3]s">згадав запит на злитт� %[4]s, �кі закриють цю задачу</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
-issues.ref_reopening_from=`<a href="%[3]s">згадав запит на злитт� %[4]s, �кі повторно відкриють цю задачу</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.ref_reopening_from=`<a href="%[3]s">згадав запит на злитт� %[4]s, �кий знову відкриє цю задачу</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_closed_from=`<a href="%[3]s">закрив цю задачу %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_reopened_from=`<a href="%[3]s">повторно відкрито цю задачу %[4]s</a> <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 issues.ref_from=`із %[1]s`
+issues.author=�втор
+issues.author_helper=Цей кори�тувач є автором.
 issues.role.owner=Вла�ник
+issues.role.owner_helper=Цей кори�тувач — вла�ник �ховища.
 issues.role.member=Уча�ник
+issues.role.member_helper=Цей кори�тувач є уча�ником організації, �кій належить це �ховище.
+issues.role.collaborator=Співавтор
+issues.role.collaborator_helper=Цей кори�тувач був запрошений до �півпраці у �ховищі.
+issues.role.first_time_contributor=Уча�ник, �кий вперше долучив��
+issues.role.first_time_contributor_helper=Це перший вне�ок цього кори�тувача в �ховищі.
+issues.role.contributor=Співавтор
+issues.role.contributor_helper=Цей кори�тувач раніше вже вно�ив зміни до �ховища.
 issues.re_request_review=Повторно попро�ити рецензію
 issues.is_stale=З ча�у о�танньої перевірки в цей PR було вне�ено де�кі зміни
 issues.remove_request_review=Видалити запит рецензуванн�
 issues.remove_request_review_block=�еможливо видалити запит рецензуванн�
-issues.dismiss_review=Відхилити рецензiю
-issues.dismiss_review_warning=Ви впевнені, що хочете відхилити цей відгук?
-issues.sign_in_require_desc=<a href="%s">Підпишіть��</a> щоб приєднати�� до обговоренн�.
+issues.dismiss_review=Відхилити рецензію
+issues.dismiss_review_warning=Ви впевнені, що хочете відхилити рецензію?
+issues.sign_in_require_desc=<a href="%s">Увійдіть</a>, щоб приєднати�� до розмови.
 issues.edit=Редагувати
 issues.cancel=Відмінити
 issues.save=Зберегти
 issues.label_title=�азва мітки
 issues.label_description=Опи� мітки
-issues.label_color=Колір мітки
+issues.label_color=Колір
+issues.label_color_invalid=�едій�ний колір
+issues.label_exclusive=Ек�клюзивно
+issues.label_archive=Мітка архіву
+issues.label_archived_filter=Показати архівовані мітки
+issues.label_archive_tooltip=�рхівовані мітки типово виключають�� з пропозицій під ча� пошуку за мітками.
+issues.label_exclusive_order=Пор�док �ортуванн�
 issues.label_count=%d міток
 issues.label_open_issues=%d відкритих задач
 issues.label_edit=Редагувати
@@ -1147,9 +1534,9 @@ issues.label_delete=Видалити
 issues.label_modify=Редагувати мітку
 issues.label_deletion=Видалити мітку
 issues.label_deletion_desc=Видаленн� мітки видал�є її з у�іх задач. Продовжити?
-issues.label_deletion_success=Мітку було видалено.
+issues.label_deletion_success=Мітку видалено.
 issues.label.filter_sort.alphabetically=За алфавітом
-issues.label.filter_sort.reverse_alphabetically=З кінц� алфавіту
+issues.label.filter_sort.reverse_alphabetically=У зворотному алфавітному пор�дку
 issues.label.filter_sort.by_size=�айменший розмір
 issues.label.filter_sort.reverse_by_size=�айбільший розмір
 issues.num_participants=%d уча�ників
@@ -1157,18 +1544,20 @@ issues.attachment.open_tab=`Ð�атиÑ�ніть щоб побачити "%s" у Ð
 issues.attachment.download=`�ати�ніть щоб завантажити "%s"`
 issues.subscribe=Підпи�ати��
 issues.unsubscribe=Відпи�ати��
-issues.lock=Блокуванн� обговоренн�
-issues.unlock=Розблокуванн� обговоренн�
-issues.lock.unknown_reason=�еможливо заблокувати задачу з невідомою причиною.
-issues.lock_duplicate=Задача не може бути заблокованим двічі.
+issues.unpin=Відкріпити
+issues.max_pinned=Ви не можете прикріпити більше задач
+issues.pin_comment=прикріпив(-ла) %s
+issues.unpin_comment=відкріпив(-ла) %s
+issues.lock=Блокувати обговоренн�
+issues.unlock=Розблокувати обговоренн�
+issues.lock_duplicate=Обговоренн� задачі не може бути заблоковано двічі.
 issues.unlock_error=�е можливо розблокувати задачу, �ка не заблокована.
 issues.lock_with_reason=заблоковано �к <strong>%s</strong> та обмежене обговоренн� дл� �півавторів %s
 issues.lock_no_reason=заблоковано та обмежене обговоренн� дл� �півавторів %s
-issues.unlock_comment=розблоковане обговоренн� %s
+issues.unlock_comment=розблокував(ла) обговоренн� %s
 issues.lock_confirm=Заблокувати
 issues.unlock_confirm=Розблокувати
-issues.lock.notice_1=- Інші кори�тувачі не можуть додавати нові коментарі до цієї задачі.
-issues.lock.notice_2=- Ви й інші �півавтори, �кі мають до�туп до цього репозиторію, можете залишати коментарі, �кі інші можуть бачити.
+issues.lock.notice_2=- Ви та інші �півавтори, �кі мають до�туп до цього �ховища, в�е ще можете залишати коментарі, �кі можуть бачити інші.
 issues.lock.notice_3=- Ви завжди зможете розблокувати цю задачу в майбутньому.
 issues.unlock.notice_1=- Кожен зможе прокоментувати цю задачу ще раз.
 issues.unlock.notice_2=- Ви завжди зможете заблокувати цю задачу в майбутньому.
@@ -1177,26 +1566,43 @@ issues.lock.title=Заблокувати обговореннÑ� цієї задÐ
 issues.unlock.title=Розблокувати обговоренн� цієї задачі.
 issues.comment_on_locked=Ви не можете коментувати заблоковану задачу.
 issues.delete=Видалити
+issues.delete.title=Видалити цю задачу?
+issues.delete.text=Ви дій�но хочете видалити цю задачу? (Це видалить ве�ь вмі�т. �атомі�ть подумайте про те, щоб закрити її та зберегти в архіві)
 
 issues.tracker=Від�теженн� ча�у
-
+issues.timetracker_timer_start=Запу�тити таймер
+issues.timetracker_timer_stop=Зупинити таймер
+issues.timetracker_timer_discard=Скинути таймер
+issues.timetracker_timer_manually_add=Додати ча�
+
+issues.time_estimate_set=В�тановити орієнтовний ча�
+issues.time_estimate_display=Оцінка: %s
+issues.change_time_estimate_at=змінено приблизний ча� на <b>%[1]s</b> %[2]s
+issues.remove_time_estimate_at=видалено оцінку ча�у %s
+issues.time_estimate_invalid=�евірний формат розрахунку ча�у
 issues.tracker_auto_close=Таймер буде автоматично зупинено, коли ц� задача буде закрита
 issues.tracking_already_started=`Ви вже почали від�тежувати ча� дл� <a href="%s">іншої задачі</a>!`
+issues.stop_tracking=Зупинити таймер
+issues.stop_tracking_history=працював дл� <b>%[1]s</b> %[2]s
+issues.cancel_tracking=Скинути
+issues.cancel_tracking_history=`�ка�ував(-ла) від�теженн� ча�у %s`
 issues.del_time=Видалити цей журнал ча�у
+issues.add_time_history=додав(ла) витрачений ча� <b>%[1]s</b> %[2]s
 issues.del_time_history=`видалив витрачений ча� %s`
+issues.add_time_manually=Вручну додати ча�
 issues.add_time_hours=Години
 issues.add_time_minutes=Хвилини
 issues.add_time_sum_to_small=Ча� не введено.
 issues.time_spent_total=Загальний витрачений ча�
 issues.time_spent_from_all_authors=`Загальний витрачений ча�: %s`
 
-issues.due_date=Дата завершенн�
-issues.invalid_due_date_format=Дата закінченн� має бути в форматі 'ррр-мм-дд'.
-issues.error_modifying_due_date=�е вдало�� змінити дату завершенн�.
+issues.due_date=Строк виконанн�
+issues.invalid_due_date_format=Формат �троку виконанн� повинен бути 'рррр-мм-дд'.
+issues.error_modifying_due_date=�е вдало�� змінити термін виконанн�.
 issues.error_removing_due_date=�е вдало�� видалити дату завершенн�.
 issues.push_commit_1=додав %d коміт %s
 issues.push_commits_n=додав %d коміти(-ів) %s
-issues.force_push_codes=`приму�ово залито %[1]s з <a class="ui sha" href="%[3]s"><code>%[2]s</code></a> до <a class="ui sha" href="%[5]s"><code>%[4]s</code></a> %[6]s`
+issues.force_push_codes=`приму�ово наді�лано %[1]s з <a class="ui sha" href="%[3]s"><code>%[2]s</code></a> до <a class="ui sha" href="%[5]s"><code>%[4]s</code></a> %[6]s`
 issues.force_push_compare=Порівн�ти
 issues.due_date_form=рррр-мм-дд
 issues.due_date_form_add=Додати дату завершенн�
@@ -1204,10 +1610,16 @@ issues.due_date_form_edit=Редагувати
 issues.due_date_form_remove=Видалити
 issues.due_date_not_set=Термін виконанн� не в�тановлений.
 issues.due_date_added=додав(ла) дату завершенн� %s %s
+issues.due_date_modified=змінив(-ла) термін виконанн� з %[2]s на %[1]s %[3]s
 issues.due_date_remove=видалив(ла) дату завершенн� %s %s
 issues.due_date_overdue=Про�трочено
-issues.due_date_invalid=Термін дії не дій�ний або знаходить�� за межами допу�тимого діапазону. Будь ла�ка викори�товуйте формат 'yyyy-mm-dd'.
+issues.due_date_invalid=Термін дії не дій�ний або знаходить�� за межами діапазону. Будь ла�ка, викори�товуйте формат 'рррр-мм-дд'.
 issues.dependency.title=Залежно�ті
+issues.dependency.issue_no_dependencies=Залежно�тей не в�тановлено.
+issues.dependency.pr_no_dependencies=Залежно�тей не в�тановлено.
+issues.dependency.no_permission_1=У ва� немає дозволу на читанн� %d залежно�ті
+issues.dependency.no_permission_n=Ви не маєте дозволу на читанн� %d залежно�тей
+issues.dependency.no_permission.can_remove=Ви не маєте дозволу на читанн� цієї залежно�ті, але можете видалити її.
 issues.dependency.add=Додати залежні�ть…
 issues.dependency.cancel=Відмінити
 issues.dependency.remove=Видалити
@@ -1215,39 +1627,40 @@ issues.dependency.remove_info=Видалити цю залежні�ть
 issues.dependency.added_dependency=`додав нову залежні�ть %s`
 issues.dependency.removed_dependency=`видалив залежні�ть %s`
 issues.dependency.pr_closing_blockedby=Закритт� цього запиту злитт� заблоковано на�тупними задачами
-issues.dependency.issue_closing_blockedby=Закритт� цієї задачи заблоковано на�тупними задачами
-issues.dependency.issue_close_blocks=Ц� задача блокує закритт� залежних задач
+issues.dependency.issue_closing_blockedby=Закритт� цієї задачі заблоковано на�тупними задачами
+issues.dependency.issue_close_blocks=Ц� задача блокує закритт� на�тупних задач
 issues.dependency.pr_close_blocks=Цей запит на злитт� блокує закритт� залежних задач
-issues.dependency.issue_close_blocked=Вам потрібно закрити в�і задачі, що блокують цю задачу, перед її закритт�м.
-issues.dependency.pr_close_blocked=Вам потрібно закрити в�і задачі, що блокують цей запит, перед його злитт�м.
+issues.dependency.issue_batch_close_blocked=�еможливо пакетно закрити обрані задачі, о�кільки задача #%d в�е ще має відкриті залежно�ті
 issues.dependency.blocks_short=Блоки
 issues.dependency.blocked_by_short=Залежить від
 issues.dependency.remove_header=Видалити залежні�ть
 issues.dependency.issue_remove_text=Це призведе до видаленн� залежно�ті з цієї задачі. Продовжити?
-issues.dependency.pr_remove_text=Це призведе до видаленн� залежно�ті з цього пулл-рекве�ту. Продовжити?
+issues.dependency.pr_remove_text=Це вилучить залежні�ть з цього запиту на злитт�. Продовжити?
 issues.dependency.setting=Увімкнути залежно�ті дл� задач та запитів на злитт�
 issues.dependency.add_error_same_issue=Ви не можете зробити задачу залежною від �ебе.
-issues.dependency.add_error_dep_issue_not_exist=Залежні�ть дл� задачі не і�нує.
+issues.dependency.add_error_dep_issue_not_exist=Залежної задачі не і�нує.
 issues.dependency.add_error_dep_not_exist=Залежні�ть не і�нує.
 issues.dependency.add_error_dep_exists=Залежні�ть уже і�нує.
-issues.dependency.add_error_cannot_create_circular=Ви не можете �творити залежні�ть з двома задачами, �кі блокують одна одну.
 issues.dependency.add_error_dep_not_same_repo=Обидві задачі повинні бути в одному репозиторії.
-issues.review.self.approval=Ви не можете �хвалити вла�ний пулл-рекве�т.
+issues.review.self.approval=Ви не можете затвердити вла�ний запит на злитт�.
 issues.review.self.rejection=Ви не можете наді�лати запит на зміну на вла�ний пулл-рекве�т.
-issues.review.approve=зміни затверджено %s
-issues.review.dismissed=відхилено відгук %s %s
+issues.review.approve=затвердив(ла) ці зміни %s
+issues.review.comment=рецензовано %s
 issues.review.dismissed_label=Відхилено
 issues.review.left_comment=додав коментар
-issues.review.content.empty=Запрошуючи зміни, ви зобов'�зані залишити коментар з по��ненн�ми �воїх побажань відно�но Pull Request'а.
+issues.review.content.empty=Вам потрібно залишити коментар із зазначенн�м бажаної зміни (змін).
 issues.review.reject=зробив запит змін %s
-issues.review.wait=попро�ив рецензію %s
+issues.review.wait=запро�или на рецензію %s
 issues.review.add_review_request=попро�ив рецензію від %s %s
 issues.review.remove_review_request=видалив запит на рецензію до %s %s
-issues.review.remove_review_request_self=відмовив�� рецензувати %s
 issues.review.pending=Очікуванн�
+issues.review.pending.tooltip=Цей коментар наразі не видно іншим кори�тувачам. Щоб відправити �вій коментар, виберіть "%s" -> "%s/%s/%s" у верхній ча�тині �торінки.
 issues.review.review=Рецензії
 issues.review.reviewers=Рецензенти
 issues.review.outdated=За�тарілі
+issues.review.outdated_description=Вмі�т змінив�� з моменту �творенн� цього коментар�
+issues.review.option.show_outdated_comments=Показати за�тарілі коментарі
+issues.review.option.hide_outdated_comments=Приховати за�тарілі коментарі
 issues.review.show_outdated=Показати за�тарілі
 issues.review.hide_outdated=Приховати за�тарілі
 issues.review.show_resolved=Показати вирішене
@@ -1255,28 +1668,47 @@ issues.review.hide_resolved=Приховати вирішене
 issues.review.resolve_conversation=Завершити обговоренн�
 issues.review.un_resolve_conversation=Поновити обговоренн�
 issues.review.resolved_by=позначив обговоренн� завершеним
-issues.review.commented=Коментар
-issues.assignee.error=Додано не в�іх виконавців через непередбачену помилку.
+issues.review.commented=Коментувати
+issues.review.official=Затверджено
+issues.review.requested=Очікуєть�� розгл�д
+issues.review.rejected=Запит на зміни
+issues.review.stale=Оновлено з моменту затвердженн�
+issues.review.unofficial=�евраховане затвердженн�
 issues.reference_issue.body=Тіло
 issues.content_history.deleted=видалено
 issues.content_history.edited=відредаговано
 issues.content_history.created=�творено
 issues.content_history.delete_from_history=Видалити з і�торії
 issues.content_history.delete_from_history_confirm=Видалити з і�торії?
-issues.content_history.options=�алаштуванн�
+issues.content_history.options=Параметри
+issues.reference_link=По�иланн�: %s
 
 compare.compare_base=о�нова
 compare.compare_head=порівн�ти
 
 pulls.desc=Увімкнути запити на злитт� та огл�д коду.
 pulls.new=�овий запит на злитт�
+pulls.new.blocked_user=�еможливо �творити запит на злитт�, тому що ви заблоковані вла�ником �ховища.
+pulls.new.must_collaborator=Ви повинні бути уча�ником, щоб �творити запит на злитт�.
+pulls.view=Перегл�нути запит на злитт�
 pulls.compare_changes=�овий запит на злитт�
+pulls.allow_edits_from_maintainers_desc=Кори�тувачі з до�тупом на запи� до базової гілки також можуть завантажувати �вої зміни до цієї гілки
+pulls.allow_edits_from_maintainers_err=Оновленн� не вдало��
 pulls.compare_changes_desc=Порівн�ти дві гілки і �творити запит на злитт� дл� змін.
+pulls.has_viewed_file=Перегл�дів
+pulls.has_changed_since_last_review=Змінено з моменту вашого о�таннього відгуку
+pulls.viewed_files_label=Перегл�нуто %[1]d / %[2]d файлів
+pulls.expand_files=Розгорнути в�і файли
+pulls.collapse_files=Згорнути в�і файли
 pulls.compare_base=злити в
-pulls.compare_compare=pull з
-pulls.switch_comparison_type=Перемкнути вигл�д порівн�нн�
+pulls.switch_comparison_type=Перемкнути тип порівн�нн�
 pulls.switch_head_and_base=Помін�ти мі�ц�ми о�новну та базову гілку
 pulls.filter_branch=Фільтр по гілці
+pulls.show_all_commits=Показати в�і коміти
+pulls.show_changes_since_your_last_review=Показати зміни пі�л� вашого о�таннього відгуку
+pulls.showing_only_single_commit=Відображають�� лише зміни коміту %[1]s
+pulls.showing_specified_commit_range=Відображають�� лише зміни між %[1]s..%[2]s
+pulls.filter_changes_by_commit=Фільтр за комітом
 pulls.nothing_to_compare=Ці гілки однакові. �емає необхідно�ті �творювати запитів на злитт�.
 pulls.nothing_to_compare_and_allow_empty_pr=Одинакові гілки. Цей PR буде порожнім.
 pulls.has_pull_request=`Запит злитт� дл� цих гілок вже і�нує: <a href="%[1]s">%[2]s#%[3]d</a>`
@@ -1287,114 +1719,145 @@ pulls.change_target_branch_at=`змінена цільова гілка з <b>%s
 pulls.tab_conversation=Обговоренн�
 pulls.tab_commits=Коміти
 pulls.tab_files=Змінені файли
-pulls.reopen_to_merge=Будь ла�ка перевідкрийте цей запит щоб зді�нити операцію злитт�.
+pulls.reopen_to_merge=Будь ла�ка, заново відкрийте цей запит щоб виконати злитт�.
 pulls.cant_reopen_deleted_branch=Цей запит не можна повторно відкрити, о�кільки гілку видалено.
 pulls.merged=Злито
+pulls.merged_success=Запит на злитт� у�пішно об'єднано і закрито
+pulls.closed=Запит на злитт� закрито
 pulls.manually_merged=Ручне злитт�
-pulls.is_closed=Запит на злитт� було закрито.
-pulls.title_wip_desc=`<a href="#">Почніть заголовок з <strong>%s</strong></a> щоб запобігти випадковому злиттю запитів.`
-pulls.cannot_merge_work_in_progress=Цей пулл-рекве�т позначений �к прийн�тий в опрацюванн�.
-pulls.still_in_progress=В�е ще в проце�і?
+pulls.merged_info_text=Гілку %s тепер можна видалити.
+pulls.is_closed=Запит на злитт� закрито.
+pulls.title_wip_desc=`<a href="#">Почніть заголовок з <strong>%s</strong></a> щоб запобігти випадковому об'єднанню.`
+pulls.cannot_merge_work_in_progress=Цей запит на злитт� позначено �к незавершений.
+pulls.still_in_progress=Ще не закінчено?
 pulls.add_prefix=Додати префік� <strong>%s</strong>
 pulls.remove_prefix=Видалити префік� <strong>%s</strong>
-pulls.data_broken=Змі�т цього запиту було порушено вна�лідок видаленн� інформації Форком. Цей запит т�гнеть�� через від�утні�ть інформації про вилученн�.
-pulls.files_conflicted=Цей запит має зміни, що конфліктують з цільовою гілкою.
-pulls.is_checking=Триває перевірка конфліктів, будь ла�ка обновіть �торінку дещо пізніше.
+pulls.data_broken=Збій цього запиту на злитт� через від�утні�ть інформації про форк.
+pulls.files_conflicted=Цей запит на злитт� має зміни, що конфліктують з цільовою гілкою.
+pulls.is_ancestor=Цю гілку вже включено до цільової гілки. �ема чого об'єднувати.
 pulls.required_status_check_failed=Де�кі необхідні перевірки виконані з помилками.
 pulls.required_status_check_missing=Декілька з необхідних перевірок від�утні.
 pulls.required_status_check_administrator=Як адміні�тратор ви в�е одно можете об'єднати цей запит на злитт�.
-pulls.can_auto_merge_desc=Цей запит можна об'єднати автоматично.
-pulls.cannot_auto_merge_desc=Цей запит на злитт� не може бути злитий автоматично через конфлікти.
-pulls.cannot_auto_merge_helper=Злийте вручну дл� вирішенн� конфліктів.
-pulls.num_conflicting_files_1=%d конфліктуючий файл
-pulls.num_conflicting_files_n=%d конфліктуючі файли
+pulls.can_auto_merge_desc=Цей запит на злитт� можна об'єднати автоматично.
+pulls.cannot_auto_merge_desc=Цей запит на злитт� не може бути об'єднано автоматично через конфлікти.
+pulls.cannot_auto_merge_helper=Об'єднайте вручну дл� вирішенн� конфліктів.
+pulls.num_conflicting_files_1=%d конфліктний файл
+pulls.num_conflicting_files_n=%d конфліктних файлів
 pulls.approve_count_1=%d �хваленн�
 pulls.approve_count_n=%d �хвалень
 pulls.reject_count_1=%d запит на зміну
-pulls.reject_count_n=%d запити на зміну
-pulls.waiting_count_1=очікуєть�� %d рецензі�
+pulls.reject_count_n=%d запитів на зміну
+pulls.waiting_count_1=очікуєть�� %d рецензій
 pulls.waiting_count_n=очікуєть�� %d рецензії(й)
-pulls.wrong_commit_id=id коміту повинен бути id коміту в цільовій гілці
-
-pulls.no_merge_desc=Цей запити на злитт� неможливо злити, о�кільки в�і параметри об'єднанн� репозиторі� вимкнено.
-pulls.no_merge_helper=Увімкніть параметри злитт� в налаштуванн�х репозиторі� або злийте запити на злитт� вручну.
-pulls.no_merge_wip=Цей пулл-рекве�т не можливо об'єднати, тому-що він вже виконуєть��.
-pulls.no_merge_not_ready=Цей запит не готовий до злитт�, перевірте �тату� рецензіюванн� і �тату� перевірки.
-pulls.no_merge_access=Ви не авторизовані, щоб виконати цей запит на злитт�.
-pulls.merge_pull_request=Створити коміт зі злитт�м
-pulls.rebase_merge_pull_request=Перебазувати, а потім виконати злитт� перемотуванн�м
-pulls.rebase_merge_commit_pull_request=Перебазувати, а потім �творити коміт злитт�
+
+pulls.no_merge_desc=Цей запит на злитт� неможливо об'єднати, о�кільки в�і параметри об'єднанн� �ховищ вимкнено.
+pulls.no_merge_helper=Увімкніть параметри об'єднанн� в налаштуванн�х �ховища або об'єднайте запит на злитт� вручну.
+pulls.no_merge_wip=Цей запит на злитт� неможливо об'єднаний, о�кільки він позначений �к незавершений.
+pulls.no_merge_access=Ви не авторизовані об'єднувати цей запит на злитт�.
+pulls.merge_pull_request=Створити коміт об'єднанн�
 pulls.squash_merge_pull_request=Створити зварений (squash) коміт
 pulls.merge_manually=Об’єднано вручну
-pulls.merge_commit_id=ID коміту злитт�
-pulls.require_signed_wont_sign=Гілка вимагає підпи�аних комітів, але це злитт� не буде підпи�ано
+pulls.merge_commit_id=Ідентифікатор коміту об’єднанн�
+pulls.require_signed_wont_sign=Гілка вимагає підпи�аних комітів, але це об'єднанн� не буде підпи�ано
 
-pulls.invalid_merge_option=Цей параметр злитт� не можна викори�товувати дл� цього Pull Request'а.
-pulls.merge_conflict=Злитт� не вдало��: Був конфлікт при злитт�. Підказка: �пробуйте іншу �тратегію
+pulls.invalid_merge_option=Цей параметр об'єднанн� не можна викори�товувати дл� цього запиту на злитт�.
 pulls.merge_conflict_summary=Помилка
-pulls.rebase_conflict=Злитт� не вдало��: відбув�� конфлікт під ча� злитт�: %[1]s. Підказка: �пробуйте іншу �тратегію
 pulls.rebase_conflict_summary=Помилка
-pulls.unrelated_histories=Помилка злитт�: head та base злитт� не мають �пільної і�торії. Підказка: �пробуйте іншу �тратегію
-pulls.merge_out_of_date=Помилка злитт�: base було оновлено, поки відбувало�� злитт�. Підказка: �пробуйте знову.
 pulls.push_rejected_summary=Повне повідомленн� про відмову
-pulls.open_unmerged_pull_exists=`Ви не можете знову відкрити, о�кільки вже і�нує запит на злитт� (%d) з того ж репозиторі� з тією ж інформацією про злитт� і в очікуванні.`
-pulls.status_checking=Де�кі перевірки знаход�ть�� на розгл�ді
+pulls.open_unmerged_pull_exists=`Ви не можете повторно відкрити цей запит на злитт�, о�кільки вже і�нує один (#%d) з ідентичними вла�тиво�т�ми.`
+pulls.status_checking=Де�кі перевірки ще не завершені
 pulls.status_checks_success=В�і перевірки були у�пішними
 pulls.status_checks_warning=Декілька перевірок завершили�� з попередженн�ми
-pulls.status_checks_failure=Декілька перевірок не були у�пішними
+pulls.status_checks_failure=Де�кі перевірки не �працювали
 pulls.status_checks_error=Декілька перевірок завершили�� з помилками
 pulls.status_checks_requested=Обов'�зково
 pulls.status_checks_details=Подробиці
-pulls.update_branch=Оновити гілку шл�хом злитт�
+pulls.status_checks_hide_all=Приховати в�і перевірки
+pulls.status_checks_show_all=Показати в�і перевірки
+pulls.update_branch=Оновити гілку шл�хом об'єднанн�
 pulls.update_branch_rebase=Оновити гілку перебазуванн�м
-pulls.update_branch_success=Оновленн� гілки пройшло у�пішно
+pulls.update_branch_success=Оновленн� гілки у�пішне
 pulls.update_not_allowed=Ви не можете оновити гілку
 pulls.outdated_with_base_branch=Ц� гілка за�таріла відно�но базової гілки
+pulls.close=Закрити запит на злитт�
 pulls.closed_at=`закрив цей запит на злитт� <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 pulls.reopened_at=`повторно відкрив цей запит на злитт� <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+pulls.cmd_instruction_hint=Перегл�нути ін�трукції командного р�дка
+pulls.cmd_instruction_merge_title=Об'єднати
+pulls.cmd_instruction_merge_desc=Об'єднати зміни і оновити на Gitea.
+pulls.clear_merge_message=Очи�тити повідомленн� про об'єднанн�
 
+pulls.auto_merge_button_when_succeed=(Якщо перевірки у�пішні)
+pulls.auto_merge_when_succeed=�втоматичне об'єднанн� пі�л� у�пішного завершенн� в�іх перевірок
 
+pulls.auto_merge_cancel_schedule=Ска�увати автоматичне об'єднанн�
+pulls.auto_merge_not_scheduled=Цей запит на злитт� не плануєть�� об'єднувати автоматично.
 
 
+pulls.delete.title=Видалити цей запит на злитт�?
 
+pulls.upstream_diverging_prompt_behind_1=Ц� гілка на %[1]d коміт позаду %[2]s
+pulls.upstream_diverging_prompt_behind_n=Ц� гілка на %[1]d комітів позаду %[2]s
+pulls.upstream_diverging_prompt_base_newer=Базова гілка %s має нові зміни
+pulls.upstream_diverging_merge_confirm=Хочете об’єднати "%[1]s" з "%[2]s"?
 
+pull.deleted_branch=(видалена):%s
+pull.agit_documentation=Перегл�нути документацію про AGit
 
 
 milestones.new=�овий етап
 milestones.closed=Закрито %s
+milestones.update_ago=Оновлено %s
 milestones.no_due_date=�емає дати завершенн�
 milestones.open=Відкрити
 milestones.close=Закрити
+milestones.completeness=<strong>%d%%</strong> завершено
 milestones.create=Створити етап
 milestones.title=Заголовок
 milestones.desc=Опи�
-milestones.due_date=Дата завершенн� (опціонально)
+milestones.due_date=Дата завершенн� (необов’�зково)
 milestones.clear=Очи�тити
 milestones.invalid_due_date_format=Дата завершенн� має бути в форматі 'рррр-мм-дд'.
+milestones.create_success=Етап "%s" �творено.
 milestones.edit=Редагувати етап
-milestones.edit_subheader=Створюйте етапи дл� організації ваших задач.
+milestones.edit_subheader=Етапи впор�дковують задачі та від�тежують прогре�.
 milestones.cancel=Відмінити
 milestones.modify=Оновити етап
+milestones.edit_success=Етап '%s' оновлено.
 milestones.deletion=Видалити етап
-milestones.deletion_desc=Видаленн� етапу призведе до його видаленн� з у�іх пов'�заних задач. Продовжити?
-milestones.deletion_success=Етап у�пішно видалено.
+milestones.deletion_desc=Видаленн� етапу видал�є його з у�іх пов'�заних з ним задач. Продовжити?
+milestones.deletion_success=Етап видалено.
 milestones.filter_sort.name=�азва
-milestones.filter_sort.least_complete=Менш повне
-milestones.filter_sort.most_complete=Більш повне
-milestones.filter_sort.most_issues=�айбільш задач
-milestones.filter_sort.least_issues=�айменш задач
-
-
+milestones.filter_sort.earliest_due_data=�айраніший �трок
+milestones.filter_sort.latest_due_date=О�танній �трок
+milestones.filter_sort.most_issues=�айбільше задач
+milestones.filter_sort.least_issues=�айменше задач
+
+signing.will_sign=Цей коміт буде підпи�ано ключем "%s".
+signing.wont_sign.nokey=�емає ключа дл� підпи�анн� цього коміту.
+signing.wont_sign.never=Коміти ніколи не підпи�ують��.
+signing.wont_sign.always=Коміти завжди підпи�ують��.
+signing.wont_sign.pubkey=Коміт не буде підпи�ано, о�кільки у ва� немає публічного ключа, пов'�заного з вашим обліковим запи�ом.
+signing.wont_sign.parentsigned=Цей коміт не буде підпи�ано, о�кільки не підпи�ано батьків�ький коміт.
+signing.wont_sign.basesigned=Об'єднанн� не буде підпи�ане, о�кільки базовий коміт не підпи�ано.
+signing.wont_sign.headsigned=Об'єднанн� не буде підпи�ане, о�кільки не підпи�ано головний коміт.
+signing.wont_sign.commitssigned=Об'єднанн� не буде підпи�ане, о�кільки в�і пов'�зані з ним коміти не підпи�ані.
+signing.wont_sign.approved=Об'єднанн� не буде підпи�ане, о�кільки злитт� не затверджено.
+signing.wont_sign.not_signed_in=Ви не увійшли до �и�теми.
+
+ext_wiki=До�туп до зовнішньої вікі
 ext_wiki.desc=По�иланн� на зовнішню вікі.
 
 wiki=Вікі
 wiki.welcome=Ла�каво про�имо до Вікі.
-wiki.welcome_desc=Wiki дозвол�є пи�ати та ділити�� документацією з �півавторами.
-wiki.desc=Пишіть та обмінюйте�� документацією із �півавторами.
+wiki.welcome_desc=Wiki дозвол�є пи�ати та ділити�� документацією зі �півавторами.
+wiki.desc=Пишіть та обмінюйте�� документацією зі �півавторами.
 wiki.create_first_page=Створити першу �торінку
 wiki.page=Сторінка
 wiki.filter_page=Фільтр �торінок
 wiki.new_page=Сторінка
+wiki.page_title=Заголовок �торінки
+wiki.page_content=Змі�т �торінки
 wiki.default_commit_message=�апишіть примітку про оновленн� цієї �торінки (необов'�зково).
 wiki.save_page=Зберегти �торінку
 wiki.last_commit_info=%s редагував цю �торінку %s
@@ -1404,12 +1867,19 @@ wiki.file_revision=Ревізії �торінки
 wiki.wiki_page_revisions=Ревізії вікі �торінок
 wiki.back_to_wiki=Повернути�ь на �торінку Вікі
 wiki.delete_page_button=Видалити �торінку
-wiki.page_already_exists=Вікі-�торінка з таким �амим ім'�м вже і�нує.
+wiki.delete_page_notice_1=Видаленн� вікі-�торінки "%s" не може бути �ка�овано. Продовжити?
+wiki.page_already_exists=Сторінка Вікі з такою назвою вже і�нує.
+wiki.reserved_page=�азва �торінки вікі "%s" зарезервована.
 wiki.pages=Сторінки
 wiki.last_updated=О�танні оновленн� %s
 wiki.page_name_desc=Введіть назву вікі-�торінки. Де�кі із �пеціальних імен: 'Home', '_Sidebar' та '_Footer'.
+wiki.original_git_entry_tooltip=Перегл�д оригінального файлу Git замі�ть викори�танн� дружнього по�иланн�.
 
 activity=�ктивні�ть
+activity.navbar.pulse=Пуль�
+activity.navbar.code_frequency=Ча�тота коду
+activity.navbar.contributors=Співавтори
+activity.navbar.recent_commits=�ещодавні коміти
 activity.period.filter_label=Період:
 activity.period.daily=1 день
 activity.period.halfweekly=3 дні
@@ -1419,25 +1889,25 @@ activity.period.quarterly=3 мі��ці
 activity.period.semiyearly=6 мі��ців
 activity.period.yearly=1 рік
 activity.overview=Огл�д
-activity.active_prs_count_1=<strong>%d</strong> �ктивний запити на злитт�
+activity.active_prs_count_1=<strong>%d</strong> �ктивний запит на злитт�
 activity.active_prs_count_n=<strong>%d</strong> �ктивні запити на злитт�
-activity.merged_prs_count_1=Злитий запит на злитт�
-activity.merged_prs_count_n=Злиті запити на злитт�
+activity.merged_prs_count_1=Об'єднаний запит на злитт�
+activity.merged_prs_count_n=Об'єднані запити на злитт�
 activity.opened_prs_count_1=Запропонований запит на злитт�
-activity.opened_prs_count_n=Запропонованих запитів на злитт�
+activity.opened_prs_count_n=Запропоновані запити на злитт�
 activity.title.user_1=%d кори�тувачем
 activity.title.user_n=%d кори�тувачами
 activity.title.prs_1=%d Запит на злитт�
 activity.title.prs_n=%d Запитів на злитт�
 activity.title.prs_merged_by=%s злито %s
 activity.title.prs_opened_by=%s запропоновано %s
-activity.merged_prs_label=Злито
+activity.merged_prs_label=Об'єднано
 activity.opened_prs_label=Запропоновано
 activity.active_issues_count_1=<strong>%d</strong> �ктивна задача
 activity.active_issues_count_n=<strong>%d</strong> �ктивні задачі
 activity.closed_issues_count_1=Закрита задача
 activity.closed_issues_count_n=Закриті задачі
-activity.title.issues_1=%d Задач
+activity.title.issues_1=%d Задача
 activity.title.issues_n=%d Задач
 activity.title.issues_closed_from=%s закрито %s
 activity.title.issues_created_by=%s �творена(і) %s
@@ -1447,97 +1917,126 @@ activity.new_issues_count_n=�ові Задачі
 activity.new_issue_label=Відкриті
 activity.title.unresolved_conv_1=%d �езавершене обговоренн�
 activity.title.unresolved_conv_n=%d �езавершених обговорень
-activity.unresolved_conv_desc=Спи�ок в�іх �тарих задач і Pull Request'ів з недавньої активні�тю, але ще не закритих або прийн�тих.
+activity.unresolved_conv_desc=Ці нещодавно змінені задачі і запити на злитт� ще не вирішені.
 activity.unresolved_conv_label=Відкрити
 activity.title.releases_1=%d Реліз
 activity.title.releases_n=%d Релізів
 activity.title.releases_published_by=%s опубліковано %s
 activity.published_release_label=Опубліковано
-activity.no_git_activity=У цей період не було здій�нено жодних дій.
-activity.git_stats_exclude_merges=�е враховуючи злитт�,
+activity.git_stats_exclude_merges=�е враховуючи об'єднанн�,
 activity.git_stats_author_1=%d автор
 activity.git_stats_author_n=%d автори
-activity.git_stats_pushed_1=відправлено
-activity.git_stats_pushed_n=відправлено
+activity.git_stats_pushed_1=відправив(ла)
+activity.git_stats_pushed_n=відправили
 activity.git_stats_commit_1=%d коміт
-activity.git_stats_commit_n=%d коміти
+activity.git_stats_commit_n=%d комітів
 activity.git_stats_push_to_branch=в %s та
 activity.git_stats_push_to_all_branches=до в�іх гілок.
 activity.git_stats_on_default_branch=�а %s,
 activity.git_stats_file_1=%d файл
-activity.git_stats_file_n=%d файли
-activity.git_stats_files_changed_1=змінено
+activity.git_stats_file_n=%d файлів
+activity.git_stats_files_changed_1=змінив(ла)
 activity.git_stats_files_changed_n=змінено
 activity.git_stats_additions=і були
 activity.git_stats_addition_1=%d добавка
-activity.git_stats_addition_n=%d добавки
+activity.git_stats_addition_n=%d додатків
 activity.git_stats_and_deletions=та
 activity.git_stats_deletion_1=%d видалений
 activity.git_stats_deletion_n=%d видалені
 
+contributors.contribution_type.filter_label=Тип вне�ку:
 contributors.contribution_type.commits=Коміти
+contributors.contribution_type.deletions=Видаленн�
 
 settings=�алаштуванн�
-settings.desc=У налаштуванн�х ви можете змінювати різні параметри цього репозиторі�
-settings.options=Репозиторій
+settings.options=Сховище
+settings.public_access=Публічний до�туп
+settings.public_access.docs.everyone_write=В�і пишуть: в�і зареє�тровані кори�тувачі можуть вно�ити зміни до розділу. Тільки розділ Wiki підтримує цей дозвіл.
 settings.collaboration=Співавтори
 settings.collaboration.admin=�дміні�тратор
 settings.collaboration.write=Запи�
-settings.collaboration.read=Читати
+settings.collaboration.read=Читанн�
 settings.collaboration.owner=Вла�ник
 settings.collaboration.undefined=�е визначено
 settings.hooks=Веб-хуки
 settings.githooks=Git хуки
 settings.basic_settings=Базові налаштуванн�
 settings.mirror_settings=�алаштуванн� дзеркала
-settings.mirror_settings.mirrored_repository=Віддзеркалений репозиторій
+settings.mirror_settings.docs=�алаштуйте �ховище на автоматичну �инхронізацію комітів, міток і гілок з іншим �ховищем.
+settings.mirror_settings.docs.disabled_pull_mirror.instructions=�алаштуйте ваш проєкт на автоматичне перене�енн� комітів, міток і гілок до іншого �ховища. Отриманн� змін з дзеркал було вимкнено адміні�тратором вашого �айту.
+settings.mirror_settings.docs.disabled_push_mirror.instructions=�алаштуйте �вій проєкт на автоматичне отриманн� комітів, міток і гілок з іншого �ховища.
+settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=�аразі це можна зробити лише в меню «�ова міграці�». Дл� отриманн� додаткової інформації зверніть�� до:
+settings.mirror_settings.docs.can_still_use=Хоча ви не можете змінювати на�вні дзеркала чи �творювати нові, ви в�е одно можете викори�товувати чинне дзеркало.
+settings.mirror_settings.docs.doc_link_title=Як віддзеркалити �ховища?
+settings.mirror_settings.docs.doc_link_pull_section=розділ документації "Злитт� з віддаленого �ховища".
+settings.mirror_settings.docs.pulling_remote_title=Завантаженн� з віддаленого �ховища
+settings.mirror_settings.mirrored_repository=Віддзеркалене �ховища
 settings.mirror_settings.direction=�апр�мок
 settings.mirror_settings.direction.pull=Pull
 settings.mirror_settings.direction.push=Push
 settings.mirror_settings.last_update=О�таннє оновленн�
-settings.mirror_settings.push_mirror.none=�е налаштовано дзеркало push
-settings.mirror_settings.push_mirror.remote_url=URL віддаленого репозитарі� git
-settings.mirror_settings.push_mirror.add=Додати Push дзеркало
+settings.mirror_settings.push_mirror.remote_url=URL віддаленого �ховища Git
+settings.mirror_settings.push_mirror.edit_sync_time=Редагувати інтервал �инхронізації дзеркал
 
 settings.sync_mirror=Синхронізувати зараз
 settings.site=Веб-�айт
 settings.update_settings=Оновити налаштуванн�
-settings.branches.update_default_branch=Оновити гілку за замовчуванн�м
-settings.advanced_settings=Додаткові налаштуванн�
-settings.wiki_desc=Увімкнути репозиторії Вікі
-settings.use_internal_wiki=Викори�товувати вбудовані Вікі
-settings.use_external_wiki=Викори�товувати зовнішні Вікі
+settings.update_mirror_settings=Оновити параметри дзеркала
+settings.branches.switch_default_branch=Змінити типову гілку
+settings.branches.update_default_branch=Оновити типову гілку
+settings.branches.add_new_rule=Додати нове правило
+settings.advanced_settings=Розширені налаштуванн�
+settings.wiki_desc=Увімкнути Вікі �ховища
+settings.use_internal_wiki=Викори�товувати вбудовану Вікі
+settings.default_wiki_branch_name=�азва типової гілки Вікі
+settings.failed_to_change_default_wiki_branch=�е вдало�� змінити �тандартну гілку вікі.
+settings.use_external_wiki=Викори�товувати зовнішню Вікі
 settings.external_wiki_url=URL зовнішньої вікі
-settings.external_wiki_url_error=Зовнішн� URL-адре�а wiki не є допу�тимою URL-адре�ою.
-settings.external_wiki_url_desc=Відвідувачі будуть перенаправлені на URL-адре�у, коли вони клацають по вкладці.
+settings.external_wiki_url_error=Зовнішн� URL-адре�а Вікі є недій�ною.
+settings.external_wiki_url_desc=Відвідувачі перенаправл�ють�� на URL-адре�у зовнішньої вікі при нати�канні вкладки.
 settings.issues_desc=Увімкнути від�теженн� задач в репозиторію
 settings.use_internal_issue_tracker=Викори�товувати вбудовану �и�тему від�теженн� задач
 settings.use_external_issue_tracker=Викори�товувати зовнішню �и�тему обліку задач
 settings.external_tracker_url=URL зовнішньої �и�теми від�теженн� задач
-settings.external_tracker_url_error=URL зовнішнього баг-трекера не є допу�тимою URL-адре�ою.
-settings.external_tracker_url_desc=Відвідувачі перенаправл�ють�� на зовнішню URL-адре�у, коли нати�кають вкладку 'Задачі'.
+settings.external_tracker_url_error=URL-адре�а зовнішнього трекера задач є недій�ною.
+settings.external_tracker_url_desc=Відвідувачі перенаправл�ють�� на URL-адре�у зовнішнього трекера задач при нати�канні на вкладку.
 settings.tracker_url_format=Формат URL зовнішнього трекера задач
-settings.tracker_url_format_error=�еправильний формат URL-адре�и зовнішнього баг-трекера.
-settings.tracker_issue_style=Формат номеру дл� зовнішньої �и�теми обліку задач
+settings.tracker_url_format_error=Формат URL-адре�и зовнішнього трекера проблем недій�ний.
 settings.tracker_issue_style.numeric=Цифровий
-settings.tracker_issue_style.alphanumeric=Буквено-цифровий
+settings.tracker_issue_style.alphanumeric=�лфавітно-цифровий
+settings.tracker_issue_style.regexp=Регул�рний вираз
+settings.tracker_issue_style.regexp_pattern=Шаблон регул�рного виразу
+settings.tracker_issue_style.regexp_pattern_desc=Першу захоплену групу буде викори�тано замі�ть <code>{index}</code>.
 settings.tracker_url_format_desc=Викори�товуйте шаблони <code>{user}</code>, <code>{repo}</code> та <code>{index}</code> дл� імені кори�тувача, репозиторію та номеру задічі.
 settings.enable_timetracker=Увімкнути від�теженн� ча�у
-settings.allow_only_contributors_to_track_time=Враховувати тільки уча�ників розробки в підрахунку ча�у
+settings.allow_only_contributors_to_track_time=Лише від�тежувати ча� �півавторів
 settings.pulls_desc=Увімкнути запити на злитт� в репозиторій
 settings.pulls.ignore_whitespace=Ігнорувати пробіл у конфліктах
-settings.pulls.enable_autodetect_manual_merge=Увімкнути автовизначенн� ручного злитт� (Примітка: у де�ких о�обливий випадках можуть виникнуть помилки)
+settings.pulls.enable_autodetect_manual_merge=Увімкнути автоматичне визначенн� ручного об'єднанн� (Примітка: у де�ких о�обливих випадках можуть виникати помилкові оцінки)
 settings.pulls.default_delete_branch_after_merge=Видал�ти гілку запиту злитт�, коли його прийн�то
+settings.releases_desc=Увімкнути релізи �ховища
+settings.packages_desc=Увімкнути реє�тр пакетів �ховища
+settings.projects_desc=Увімкнути проєкти
+settings.projects_mode_desc=Режим проєктів (�кі типи проєктів показувати)
+settings.projects_mode_repo=Тільки проєкти �ховища
+settings.projects_mode_owner=Тільки проєкти кори�тувачів або організацій
+settings.projects_mode_all=В�і проєкти
+settings.actions_desc=Увімкнути дії �ховища
 settings.admin_settings=�алаштуванн� адміні�тратора
-settings.admin_enable_health_check=Включити перевірки працездатно�ті репозиторію (git fsck)
-settings.admin_enable_close_issues_via_commit_in_any_branch=Закрити задачу за допомогою коміта, зробленого не в головній гілці
+settings.admin_enable_health_check=Увімкнути перевірку �тану �ховища (git fsck)
+settings.admin_code_indexer=Індек�атор коду
+settings.admin_stats_indexer=Індек�атор �тати�тики коду
+settings.admin_indexer_commit_sha=О�танній індек�ований SHA
+settings.admin_indexer_unindexed=�е індек�овано
+settings.reindex_button=Додати до черги на реіндек�ацію
+settings.reindex_requested=Запит на переіндек�ацію
 settings.danger_zone=�ебезпечна зона
-settings.new_owner_has_same_repo=�овий вла�ник вже має репозиторій з такою назвою. Будь ла�ка, виберіть інше ім'�.
-settings.convert=Перетворити на звичайний репозиторій
-settings.convert_desc=Ви можете �конвертувати це дзеркало у звичайний репозиторій. Це не може бути �ка�овано.
+settings.new_owner_has_same_repo=�овий вла�ник вже має �ховище з такою назвою. Будь ла�ка, виберіть іншу назву.
+settings.convert=Перетворити на звичайне �ховище
+settings.convert_desc=Ви можете перетворити це дзеркало на звичайне �ховище. Це неможливо �ка�увати.
 settings.convert_notices_1=Ц� операці� перетворить дзеркало у звичайний репозиторій і не може бути �ка�ована.
 settings.convert_confirm=Перетворити репозиторій
-settings.convert_succeed=Репозиторій у�пішно перетворений в звичайний.
+settings.convert_succeed=Дзеркало було перетворено на звичайне �ховище.
 settings.convert_fork=Перетворити на звичайний репозиторій
 settings.convert_fork_desc=Ви можете перетворити цей форк на звичайний репозиторій. Цю дію неможливо �ка�увати.
 settings.convert_fork_notices_1=Ц� операці� перетворить форк на звичайний репозиторій та не може бути �ка�ованою.
@@ -1547,89 +2046,83 @@ settings.transfer=Передати новому вла�нику
 settings.transfer.rejected=Перене�енн� репозиторію відхилено.
 settings.transfer.success=Перене�енн� репозиторію виконано.
 settings.transfer_abort=Ска�увати перене�енн�
-settings.transfer_abort_invalid=Ви не можете �ка�увати неі�нуюче перене�енн� �ховища.
-settings.transfer_desc=Передати репозиторій кори�тувачеві або організації, де ви маєте права адміні�тратора.
-settings.transfer_form_title=Введіть ім'� репозиторі� �к підтвердженн�:
-settings.transfer_in_progress=В даний ча� відбуваєть�� перене�енн�. Будь ла�ка, �ка�уйте його, �кщо ви бажаєте перене�ти цей репозиторій іншому кори�тувачу.
-settings.transfer_notices_1=- Ви втратите до�туп до репозиторі�, �кщо ви переведете його окремому кори�тувачеві.
-settings.transfer_notices_2=- Ви збережете до�туп, �кщо новим вла�ником �тане організаці�, вла�ником �кої ви є.
-settings.transfer_notices_3=- Якщо репозиторій є приватним і передаєть�� окремому кори�тувачеві, ц� ді� гарантує, що кори�тувач має хоча б дозвіл на читан� репозитарію (і при необхідно�ті змінює права дозволів).
+settings.transfer_abort_invalid=Ви не можете �ка�увати перене�енн� неі�нуючого �ховища.
+settings.transfer_abort_success=Перене�енн� �ховища до %s у�пішно �ка�овано.
+settings.transfer_desc=Передати це �ховище кори�тувачеві або організації, дл� �кої ви маєте права адміні�тратора.
+settings.transfer_form_title=Введіть назву �ховища дл� підтвердженн�:
+settings.transfer_notices_1=- Ви втратите до�туп до �ховища, �кщо переда�те його окремому кори�тувачеві.
+settings.transfer_notices_2=- Ви збережете до�туп до �ховища, �кщо переда�те його організації, �кою ви (�пів)володієте.
+settings.transfer_notices_3=- Якщо �ховище є приватним і передаєть�� окремому кори�тувачеві, ц� ді� гарантує, що кори�тувач має принаймні права на читанн� (і змінює ці права, �кщо необхідно).
 settings.transfer_owner=�овий вла�ник
 settings.transfer_perform=Зді�нити перене�енн�
-settings.transfer_started=`Цей репозиторій чекає підтвердженн� перене�енн� від "%s"`
-settings.transfer_succeed=Репозиторій був перене�ений.
+settings.transfer_started=Це �ховище було позначено дл� передачі та очікує на підтвердженн� від «%s»
+settings.transfer_succeed=Сховище перене�ено.
 settings.signing_settings=Параметри перевірки підпи�у
-settings.trust_model=Модель довіри дл� підпи�у
-settings.trust_model.default=Модель довіри за замовчуванн�м
-settings.trust_model.default.desc=Викори�товувати модель довіри репозиторію за замовчуванн�м дл� цього �айту.
+settings.trust_model=Модель довіри до підпи�у
+settings.trust_model.default=Типова модель довіри
+settings.trust_model.default.desc=Викори�товувати типову модель довіри до �ховища дл� цього �айту.
 settings.trust_model.collaborator=Співавтор
 settings.trust_model.collaborator.long=Співавтор: підпи�и довіри від �півавторів
-settings.trust_model.collaborator.desc=Допу�тимі підпи�и �півавторів цього репозиторію буде позначано �к "довірені" - (�кщо вони відповідають комітеру чи ні). В іншому випадку дій�ні підпи�и будуть позначені �к «ненадійні», �кщо підпи� �півпадає з комітером і «невідповідні», �кщо ні.
-settings.trust_model.committer=Коммітер
-settings.trust_model.committer.long=Коммітер: Довір�ти підпи�ам �кі відповідають комітерам (Так �к і на GitHub, і зму�ить підпи�ати коміти Gitea в �ко�ті коммітера)
-settings.trust_model.collaboratorcommitter=Співавтор+Коммітер
-settings.trust_model.collaboratorcommitter.long=Співавтор+Коммітер: Довір�ти підпи�ам від �півавторів, �кі відповідають комітеру
-settings.trust_model.collaboratorcommitter.desc=Допу�тимі підпи�и �півавторів цього репозиторію будуть позначати�� �к "довірені", �кщо вони відповідають комітеру. В іншому випадку дій�ні підпи�и будуть позначені �к «ненадійні», �кщо підпи� �півпадає з комітером і �к «невідповіді» в іншому випадку. Це зму�ить Gitea бути відміченим �к комітер пі�л� підпи�анн� фактичним комітером, позначеним Co-Authored-By: і Co-Committed-By: прикріпленим до комміту. Типовий ключ Gitea повинен відповідати кори�тувачу в базі даних.
-settings.wiki_delete=Видалити вікі-дані
-settings.wiki_delete_desc=Будьте уважні! Як тільки ви видалите Вікі - шл�ху назад не буде.
-settings.wiki_delete_notices_1=- Це назавжди знищить і відключить wiki дл� %s.
-settings.confirm_wiki_delete=Видалити Вікі-дані
-settings.wiki_deletion_success=Дані wiki були видалені.
+settings.trust_model.committer=Комітер
+settings.trust_model.collaboratorcommitter=Співавтор+Комітер
+settings.trust_model.collaboratorcommitter.long=Співавтор+Комітер: Довір�ти підпи�ам від �півавторів, �кі відповідають комітеру
+settings.wiki_delete=Видалити дані Вікі
+settings.wiki_delete_desc=Видаленн� даних Вікі �ховища є о�таточним і не може бути �ка�оване.
+settings.wiki_delete_notices_1=- Це назавжди видалить і вимкне вікі �ховища дл� %s.
+settings.confirm_wiki_delete=Видалити дані Вікі
+settings.wiki_deletion_success=Дані Вікі видалено.
 settings.delete=Видалити цей репозиторій
-settings.delete_desc=Будьте уважні! Як тільки ви видалите репозиторій - шл�ху назад не буде.
-settings.delete_notices_1=- Цю операцію <strong>�Е МОЖ��</strong> відмінити.
-settings.delete_notices_2=- Ц� операці� о�таточно видалить <strong>%s</strong> репозиторій, включаючи код, задачі, коментарі, вікі та налаштуванн� �півавторів.
+settings.delete_desc=Видаленн� �ховища є о�таточним і не може бути �ка�оване.
+settings.delete_notices_1=- Цю операцію <strong>�ЕМОЖЛИВО</strong> �ка�увати.
 settings.delete_notices_fork_1=- В�і форки �тануть незалежними репозиторі�ми пі�л� видаленн�.
 settings.deletion_success=Репозиторій у�пішно видалено.
-settings.update_settings_success=�алаштуванн� репозиторію було оновлено.
+settings.update_settings_success=�алаштуванн� �ховища оновлено.
+settings.update_settings_no_unit=Сховище повинно дозвол�ти хоча б �ку�ь взаємодію.
 settings.confirm_delete=Видалити репозиторій
 settings.add_collaborator=Додати �півавтора
 settings.add_collaborator_success=Додано �півавтора.
-settings.add_collaborator_inactive_user=�е можливо додати неактивного кори�тувача �ко�ті �півавтора.
+settings.add_collaborator_inactive_user=�еможливо додати неактивного кори�тувача �к �півавтора.
+settings.add_collaborator_owner=�еможливо додати вла�ника �к �півавтора.
 settings.add_collaborator_duplicate=Співавтора уже додано до цього репозиторію.
 settings.delete_collaborator=Видалити
 settings.collaborator_deletion=Видалити �півавтора
-settings.collaborator_deletion_desc=Цей кори�тувач більше не матиме до�тупу дл� �пільної роботи в цьому репозиторії пі�л� видаленн�. Ви хочете продовжити?
-settings.remove_collaborator_success=Співавтор видалений.
+settings.collaborator_deletion_desc=Видаленн� �півавтора призведе до відкликанн� його до�тупу до цього �ховища. Продовжити?
+settings.remove_collaborator_success=Співавтора видалено.
 settings.org_not_allowed_to_be_collaborator=Організації не можуть бути додані �к �півавтори.
 settings.change_team_access_not_allowed=Зміна до�тупу команди до репозитарію обмежена вла�ником організації
-settings.team_not_in_organization=Команда та репозитарій мають прив�зки до різних організацій
+settings.team_not_in_organization=Команда не належить до тієї ж організації, що й �ховище
 settings.teams=Команди
-settings.add_team=Додати Команду
-settings.add_team_duplicate=Команда вже має прив�зку до репозитарію
-settings.add_team_success=Команда отримала до�туп до репозиторію.
-settings.change_team_permission_tip=Дозволи команди в�тановлюють�� на �торінці налаштувань команди та не можуть бути заданими дл� кожного з репозиторіїв окремо
+settings.add_team=Додати команду
+settings.add_team_duplicate=Команда вже має �ховище
 settings.delete_team_tip=Ц� команда має до�туп до в�іх репозиторіїв та не може бути видалена
-settings.remove_team_success=До�туп команди до репозиторію видалений.
+settings.remove_team_success=До�туп команди до �ховища видалено.
 settings.add_webhook=Додати веб-хук
-settings.add_webhook.invalid_channel_name=�азва каналу Webhook не може бути порожньою і не може мі�тити лише �имвол #.
-settings.hooks_desc=Веб-хуки автоматично робить HTTP POST-запити на �ервер, коли відбувають�� певні події Gitea. Дізнайте�� більше в <a target="_blank" rel="noopener" href="%s"> ін�трукції по викори�танню web-хуків </a>.
+settings.add_webhook.invalid_channel_name=�азва каналу веб-хука не може бути порожньою і мі�тити лише �имвол #.
+settings.hooks_desc=Веб-хуки автоматично робл�ть HTTP POST запити до �ервера, коли відбувають�� певні події Gitea. Дізнайте�� більше в <a target="_blank" rel="noopener noreferrer" href="%s">ін�трукції по викори�танню веб-хуків</a>.
 settings.webhook_deletion=Видалити веб-хук
-settings.webhook_deletion_desc=Видаленн� цього веб-хука призведе до видаленн� в�ієї пов'�заної з ним інформації, включаючи і�торію. Бажаєте продовжити?
-settings.webhook_deletion_success=Webhook видалено.
-settings.webhook.test_delivery=Перевірити до�тавку
-settings.webhook.test_delivery_desc=Перевірте цей веб-хук з підробленою подією.
+settings.webhook_deletion_desc=Видаленн� веб-хука видал�є його налаштуванн� та і�торію до�тавки. Продовжити?
+settings.webhook_deletion_success=Веб-хук видалено.
 settings.webhook.request=Запит
 settings.webhook.response=Відповідь
 settings.webhook.headers=Заголовки
 settings.webhook.payload=Змі�т
 settings.webhook.body=Тіло
-settings.githook_edit_desc=Якщо хук неактивний, буде пред�тавлено зразок змі�ту. Порожнє значенн� у цьому полі призведе до вимкненн� хуку.
-settings.githook_name=Ім'� хуку
+settings.webhook.replay.description=Повторити цей веб-хук.
+settings.githook_edit_desc=Якщо хук неактивний, буде показано зразок вмі�ту. Якщо залишити вмі�т порожнім, хук буде вимкнено.
+settings.githook_name=�азва хуку
 settings.githook_content=Змі�т хука
 settings.update_githook=Оновити хук
-settings.add_webhook_desc=Gitea буде відправл�ти <code>POST</code> запити на вказану URL адре�у, з інформацією про події, що відбувають��. Подробиці на �торінці <a target="_blank" rel="noopener" href="%s"> ін�трукції по викори�танню web-хуків </a>.
+settings.add_webhook_desc=Gitea надішле запити <code>POST</code> із зазначеним типом змі�ту на цільову URL-адре�у. Дізнайте�� більше в <a target="_blank" rel="noopener noreferrer" href="%s">ін�трукції по викори�танню веб-хуків</a>.
 settings.payload_url=Цільова URL-адре�а
 settings.http_method=Метод HTTP
 settings.content_type=Тип змі�ту
 settings.secret=Секрет
 settings.slack_username=Ім'� кри�тувача
-settings.slack_icon_url=URL іконки
+settings.slack_icon_url=URL піктограми
 settings.slack_color=Колір
 settings.discord_username=Ім'� кри�тувача
-settings.discord_icon_url=URL іконки
+settings.discord_icon_url=URL піктограми
 settings.event_desc=Тригер:
-settings.event_push_only=Push події
 settings.event_send_everything=В�і події
 settings.event_choose=Вла�ні події…
 settings.event_header_repository=Події репозиторію
@@ -1638,41 +2131,44 @@ settings.event_create_desc=Гілку або тег �творено.
 settings.event_delete=Видалити
 settings.event_delete_desc=Гілку або мітку було видалено.
 settings.event_fork=Форк
-settings.event_fork_desc=Репозиторій було форкнуто.
 settings.event_wiki=Вікі
+settings.event_statuses=Стату�и
+settings.event_statuses_desc=Стату� коміту оновлено з API.
 settings.event_release=Реліз
-settings.event_release_desc=Реліз опублікований, оновлений або видалений з репозиторі�.
+settings.event_release_desc=Реліз опубліковано, оновлено або видалено зі �ховища.
 settings.event_push=Push
-settings.event_push_desc=Git push до репозиторію.
 settings.event_repository=Репозиторій
 settings.event_repository_desc=Репозиторій �творений або видалено.
 settings.event_header_issue=Події задачі
 settings.event_issues=Задачі
-settings.event_issues_desc=Задача відкрита, закрита, повторно відкрита або відредагована.
-settings.event_issue_assign=Задача прив'�зана
+settings.event_issues_desc=Задачу відкрито, закрито, повторно відкрито, відредаговано або видалено.
+settings.event_issue_assign=Задачу призначено
 settings.event_issue_assign_desc=Задачу призначено або �ка�овано.
-settings.event_issue_label=Задача з міткою
 settings.event_issue_label_desc=Мітки задачі оновлено або видалено.
-settings.event_issue_milestone=Задача з етапом
-settings.event_issue_milestone_desc=Задача призначена на етап або видалена з етапу.
 settings.event_issue_comment=Коментар задачі
 settings.event_issue_comment_desc=Коментар задачі �творено, видалено чи відредаговано.
 settings.event_header_pull_request=Події запиту злитт�
-settings.event_pull_request=Запити до злитт�
-settings.event_pull_request_desc=Запит до злитт� відкрито, закрито, перевідкрито або відредаговано.
+settings.event_pull_request=Запити на злитт�
+settings.event_pull_request_desc=Запит на злитт� відкрито, закрито, повторно відкрито, відредаговано або видалено.
 settings.event_pull_request_assign=Запит на злитт� призначено
-settings.event_pull_request_assign_desc=Запит про злитт� призначено або �ка�овано.
+settings.event_pull_request_assign_desc=Запит на злитт� призначено або �ка�овано.
 settings.event_pull_request_label=Запиту на злитт� призначена мітка
 settings.event_pull_request_label_desc=Мітка запиту на злитт� оновлена або очищена.
-settings.event_pull_request_milestone=Запит на злитт� призначений на етап
-settings.event_pull_request_milestone_desc=Запит на злитт� призначений на етап або видалений з етапу.
-settings.event_pull_request_comment=Запит на злитт� прокоментований
+settings.event_pull_request_milestone=Запит на злитт� додано до етапу
+settings.event_pull_request_milestone_desc=Запит на злитт� додано до етапу або видалено з етапу.
+settings.event_pull_request_comment=Запит на злитт� прокоментовано
 settings.event_pull_request_comment_desc=Коментар запиту на злитт� �творено, відредаговано чи видалено.
 settings.event_pull_request_review=Запит на злитт� рецензовано
-settings.event_pull_request_review_desc=Коментар запиту до злитт� підтверджений, відхилений або рецензований.
+settings.event_pull_request_review_desc=Запит на злитт� підтверджено, відхилено або прокоментовано.
 settings.event_pull_request_sync=Запит на злитт� �инхронізуєть��
 settings.event_pull_request_sync_desc=Запит до злитт� �инхронізовано.
+settings.event_header_workflow=Події робочого проце�у
+settings.event_workflow_run=Запущений робочий проце�
+settings.event_workflow_run_desc=Запущений робочий проце� Gitea в черзі, в очікуванні, в проце�і виконанн� або завершений.
+settings.event_workflow_job=Завданн� робочого проце�у
+settings.event_package=Пакет
 settings.branch_filter=Фільтр гілок
+settings.authorization_header=Заголовок авторизації
 settings.active=�ктивний
 settings.active_helper=Інформацію про викликані події буде наді�лано за цією веб-хук URL-адре�ою.
 settings.add_hook_success=Веб-хук було додано.
@@ -1684,71 +2180,108 @@ settings.hook_type=Тип хука
 settings.slack_token=Токен
 settings.slack_domain=Домен
 settings.slack_channel=Канал
-settings.deploy_keys=Ключі дл� розгортуванн�
-settings.add_deploy_key=Додати ключ дл� розгортуванн�
-settings.deploy_key_desc=Ключі розгортанн� до�тупні тільки дл� читанн�. Це не те ж �аме що і SSH-ключі аккаунта.
+settings.web_hook_name_gitea=Gitea
+settings.web_hook_name_gogs=Gogs
+settings.web_hook_name_slack=Slack
+settings.web_hook_name_discord=Discord
+settings.web_hook_name_dingtalk=DingTalk
+settings.web_hook_name_telegram=Telegram
+settings.web_hook_name_matrix=Matrix
+settings.web_hook_name_msteams=Microsoft Teams
+settings.web_hook_name_feishu_or_larksuite=Feishu / Lark Suite
+settings.web_hook_name_feishu=Feishu
+settings.web_hook_name_larksuite=Lark Suite
+settings.web_hook_name_wechatwork=WeCom (Wechat Work)
+settings.web_hook_name_packagist=Packagist
+settings.packagist_username=Ім'� кори�тувача Packagist
+settings.packagist_api_token=Токен API
+settings.deploy_keys=Ключі дл� розгортанн�
+settings.add_deploy_key=Додати ключ дл� розгортанн�
+settings.deploy_key_desc=Ключі розгортанн� мають до�туп до �ховища лише дл� читанн�.
 settings.is_writable=Увімкнути до�туп дл� запи�у
-settings.is_writable_info=Чи може цей ключ бути викори�таний дл� виконанн� <strong>push</strong> в репозиторій? Ключі розгортанн� завжди мають до�туп на pull.
-settings.no_deploy_keys=Ви не додавали ключі розгортанн�.
+settings.no_deploy_keys=Ключів розгортанн� ще немає.
 settings.title=Заголовок
 settings.deploy_key_content=Змі�т
-settings.key_been_used=Змі�т ключа розгортанн� вже викори�товуєть��.
-settings.key_name_used=Ключ розгортанн� з таким заголовком вже і�нує.
-settings.deploy_key_deletion=Видалити ключ дл� розгортуванн�
-settings.deploy_key_deletion_desc=Видаленн� ключа розгортки унеможливить до�туп до репозиторі� з його допомогою. Ви впевнені?
+settings.key_been_used=Ключ розгортанн� з ідентичним вмі�том вже викори�товуєть��.
+settings.key_name_used=Ключ розгортанн� з такою ж назвою вже і�нує.
+settings.deploy_key_deletion=Видалити ключ розгортанн�
+settings.deploy_key_deletion_desc=Вилученн� ключа розгортанн� призведе до відкликанн� його до�тупу до цього �ховища. Продовжити?
 settings.deploy_key_deletion_success=Ключі розгортанн� було видалено.
 settings.branches=Гілки
 settings.protected_branch=Захи�т гілки
-settings.protected_branch_can_push=Дозволити push?
-settings.protected_branch_can_push_yes=Ви можете виконувати push
-settings.protect_this_branch=Захи�тити цю гілку
-settings.protect_this_branch_desc=Запобігає видаленню гілки та обмежує виконанн� в ній push та злитт�.
+settings.protected_branch.save_rule=Зберегти правило
+settings.protected_branch.delete_rule=Видалити правило
+settings.branch_protection=Захи�т гілки '<b>%s</b>'
+settings.protect_this_branch=Увімкнути захи�т гілок
 settings.protect_disable_push=Заборонити Push
 settings.protect_disable_push_desc=Дл� цієї гілки буде заборонено виконанн� push.
 settings.protect_enable_push=Дозволити Push
 settings.protect_enable_push_desc=Будь-хто із правом запи�у зможе виконувати push дл� цієї гілки (за виключенн�м force push).
+settings.protect_enable_merge=Увімкнути об’єднанн�
 settings.protect_check_status_contexts=Увімкнути перевірку �тану
+settings.protect_status_check_patterns=Шаблони перевірки �тану:
+settings.protect_status_check_patterns_desc=Введіть шаблони, щоб вказати, �кі перевірки �тану повинні пройти гілки, перш ніж їх буде об'єднано у гілку, що відповідає цьому правилу. Кожен р�док визначає шаблон. Шаблони не можуть бути порожніми.
 settings.protect_check_status_contexts_list=Перевірки �тату�у знайдено дл� репозитарію за минулий тиждень
+settings.protect_status_check_matched=Збіг
+settings.protect_invalid_status_check_pattern=�едій�ний шаблон перевірки �тану: "%s".
+settings.protect_no_valid_status_check_patterns=�емає дій�них шаблонів перевірки �тану.
 settings.protect_required_approvals=�еобхідно �хваленн�:
 settings.dismiss_stale_approvals=Відхилити за�тарілі погодженн�
 settings.dismiss_stale_approvals_desc=Коли нові коміти що змінюють вмі�т пулл-запиту відправл�ють�� в гілку, �тарі погодженн� будуть відхилені.
+settings.ignore_stale_approvals=Ігнорувати за�тарілі затвердженн�
 settings.require_signed_commits=Потрібно підпи�ані коміти
 settings.require_signed_commits_desc=Відхил�ти push до цієї гілки, �кщо вони не підпи�ані або підпи� неможливо перевірити.
+settings.protect_branch_name_pattern=Шаблон назви захищених гілок
+settings.protect_branch_name_pattern_desc=Шаблони назв захищених гілок. Перегл�ньте <a href="https://github.com/gobwas/glob">документацію</a> щодо �интак�и�у шаблону. Приклади: main, release/**
+settings.protect_patterns=Шаблони
+settings.protect_protected_file_patterns=Шаблони захищених файлів (розділені крапками з комою ';'):
+settings.protect_unprotected_file_patterns=Шаблони незахищених файлів (розділені крапкою з комою ';'):
 settings.add_protected_branch=Увімкнути захи�т
 settings.delete_protected_branch=Вимкнути захи�т
+settings.update_protect_branch_success=Оновлено захи�т гілок дл� правила "%s".
+settings.remove_protected_branch_success=Видалено захи�т гілок дл� правила "%s".
+settings.remove_protected_branch_failed=�е вдало�� видалити правило захи�ту гілки "%s.
 settings.protected_branch_deletion_desc=Будь-�кий кори�тувач з дозволами на запи� зможе виконувати push в цю гілку. Ви впевнені?
-settings.block_rejected_reviews=Блокувати злитт� при відкидаючих рецензі�х
-settings.block_rejected_reviews_desc=Злитт� буде недо�тупним, �кщо є запит змін від офіційних рецензентів, навіть за на�вно�ті до�татньої кілько�ті �хвалень.
-settings.block_on_official_review_requests=Блокувати злитт� при запиті на офіціальний розгл�д
+settings.block_rejected_reviews=Блокувати об'єднанн� �кщо рецензії відхилено
+settings.block_rejected_reviews_desc=Об'єднанн� буде неможливим, �кщо офіційні рецензенти вимагають вне�енн� змін, навіть �кщо є до�татн� кількі�ть �хвалень.
+settings.block_on_official_review_requests=Блокувати об'єднанн� за офіційними запитами на рецензуванн�
 settings.block_on_official_review_requests_desc=Об’єднанн� неможливе, коли воно має офіційні запити на розгл�д, навіть �кщо до�татньо �хвалень.
-settings.block_outdated_branch=Блокувати злитт�, �кщо запит на злитт� за�тарів
-settings.block_outdated_branch_desc=Злитт� буде неможливим, коли головна гілка позаду о�новної.
-settings.default_branch_desc=Головна гілка є 'базовою' дл� вашого репозиторі�, на �ку за замовчуванн�м �пр�мовані в�і запити на злитт� і �ка є обличч�м вашого репозиторі�. Перше, що побачить відвідувач - це змі�т головної гілки. Виберіть її з уже і�нуючих:
+settings.block_outdated_branch=Блокувати об'єднанн�, �кщо запит на злитт� за�тарів
+settings.block_outdated_branch_desc=Об'єднанн� буде неможливим, �кщо головна гілка позаду о�новної.
+settings.block_admin_merge_override=�дміні�тратори повинні дотримувати�� правил захи�ту гілки
+settings.default_branch_desc=Обрати типову гілку �ховища дл� запитів на злитт� і комітів:
+settings.merge_style_desc=Стилі об'єднанн�
+settings.default_merge_style_desc=Типовий �тиль об'єднанн�
 settings.choose_branch=Оберіть гілку…
 settings.no_protected_branch=�емає захищених гілок.
 settings.edit_protected_branch=Редагувати
+settings.protected_branch_required_rule_name=�еобхідна назва правила
+settings.protected_branch_duplicate_rule_name=�азва правила вже і�нує
 settings.protected_branch_required_approvals_min=Чи�ло необхідних �хвалень не може бути від'ємним.
 settings.tags=Мітки
 settings.tags.protection=Захи�т мітки
-settings.tags.protection.pattern=Шаблон тега
+settings.tags.protection.pattern=Шаблон мітки
 settings.tags.protection.allowed=Дозволено
 settings.tags.protection.allowed.users=Дозволені кори�тувачі
 settings.tags.protection.allowed.teams=Дозволені команди
 settings.tags.protection.allowed.noone=�іхто
-settings.tags.protection.create=Захи�тна мітка
+settings.tags.protection.create=Захи�тити мітку
 settings.tags.protection.none=Там не немає захищених міток.
+settings.tags.protection.pattern.description=Ви можете викори�товувати єдине ім’�, глобальний шаблон або регул�рний вираз, щоб відповідати кільком міткам. Докладніше читайте в <a target="_blank" rel="noopener" href="https://docs.gitea.com/usage/protected-tags">по�ібнику із захищених міток</a>.
 settings.bot_token=Токен дл� бота
-settings.chat_id=Чат ID
+settings.chat_id=ID чату
 settings.matrix.homeserver_url=URL домашньої �торінки
-settings.matrix.room_id=�омер кімнати
+settings.matrix.room_id=ID кімнати
 settings.matrix.message_type=Тип повідомленн�
-settings.archive.button=�рхівний репозиторій
+settings.visibility.public.button=Зробити публічним
 settings.archive.header=Відправити репозиторій в архів
-settings.archive.success=Репозиторію у�пішно при�воєно �тату� архівного.
-settings.archive.error=Стала�� помилка при �пробі архівувати репозиторій. Докладнішу інформацію див. у журналі.
-settings.archive.error_ismirror=�еможливо архівувати дзеркальний репозиротрій.
+settings.archive.success=Сховище у�пішно заархівовано.
+settings.archive.error=Стала�� помилка при �пробі архівувати репозиторій. Докладнішу інформацію дивіть�� у журналі.
+settings.archive.error_ismirror=�еможливо архівувати дзеркальне �ховище.
 settings.archive.branchsettings_unavailable=Параметри гілки не до�тупні, �кщо репозиторій архівний.
 settings.archive.tagsettings_unavailable=Параметри міток недо�тупні, �кщо репозиторій архівний.
+settings.unarchive.header=Розархівувати це �ховище
+settings.unarchive.success=Сховище у�пішно розархівовано.
 settings.update_avatar_success=�ватар репозиторію оновлений.
 settings.lfs=LFS
 settings.lfs_filelist=Файли LFS, �кі зберігають�� в цьому репозиторії
@@ -1760,15 +2293,13 @@ settings.lfs_delete=Видалити файл LFS з OID %s
 settings.lfs_delete_warning=Видаленн� файлу LFS може �причинити помилки "Об'єкт не і�нує" під ча� перевірки. Ви впевнені?
 settings.lfs_findpointerfiles=Знайти файли-по�иланн�
 settings.lfs_locks=Блокуванн�
-settings.lfs_invalid_locking_path=�еприпу�тимий шл�х: %s
+settings.lfs_invalid_locking_path=�едій�ний шл�х: %s
 settings.lfs_invalid_lock_directory=�е можливо заблокувати каталог: %s
-settings.lfs_lock_already_exists=Блокуванн� вже викори�товуєть��: %s
+settings.lfs_lock_already_exists=Блокуванн� вже і�нує: %s
 settings.lfs_lock=Блокувати
-settings.lfs_lock_path=Шл�х до файлу дл� блокуванн�...
 settings.lfs_locks_no_locks=Від�утнє блокуванн�
 settings.lfs_lock_file_no_exist=Заблокований файл не і�нує у гілці за замовчуванн�м
 settings.lfs_force_unlock=Приму�ове розблокуванн�
-settings.lfs_pointers.found=Знайдено %d по�илань на blob - %d пов'�заних, %d непов'�заних (%d від�утні у �ховищі)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=В репозиторії
@@ -1802,7 +2333,7 @@ diff.stats_desc_file=%d змін: %d доповнень та %d видалень
 diff.bin=BIN
 diff.bin_not_shown=Бінарний файл не відображаєть��.
 diff.view_file=Перегл�нути файл
-diff.file_before=Перед
+diff.file_before=До
 diff.file_after=Пі�л�
 diff.file_image_width=Ширина
 diff.file_image_height=Ви�ота
@@ -1814,6 +2345,7 @@ diff.show_more=Показати більше
 diff.load=Завантажити різницю
 diff.generated=згенерований
 diff.vendored=�торонній
+diff.comment.add_line_comment=Додати про�тий коментар
 diff.comment.placeholder=Залишити коментар
 diff.comment.add_single_comment=Додати про�тий коментар
 diff.comment.add_review_comment=Додати коментар
@@ -1821,81 +2353,129 @@ diff.comment.start_review=Розпочати рецензію
 diff.comment.reply=Відповідь
 diff.review=Рецензі�
 diff.review.header=�аді�лати рецензію
-diff.review.placeholder=Рецензійований коментарій
+diff.review.placeholder=Рецензі� коментар�
 diff.review.comment=Коментар
 diff.review.approve=Затвердити
 diff.review.reject=Запит змін
 diff.committed_by=зафік�овано
 diff.protected=Захищений
-diff.image.side_by_side=Пліч-о-пліч
-diff.image.swipe=Свайп
-diff.image.overlay=Оверлей
+diff.image.side_by_side=Поруч
+diff.image.swipe=Прове�ти пальцем
+diff.image.overlay=�акла�ти
+diff.has_escaped=Цей р�док мі�тить приховані �имволи Юнікоду
+diff.show_file_tree=Показати дерево файлів
+diff.hide_file_tree=Сховати дерево файлів
+diff.submodule_added=Підмодуль %[1]s додано в %[2]s
+diff.submodule_deleted=Підмодуль %[1]s видалено з %[2]s
+diff.submodule_updated=Підмодуль %[1]s оновлено: %[2]s
 
 releases.desc=Від�лідковувати вер�ії проєкту і завантаженн�.
 release.releases=Релізи
 release.detail=Деталі релізу
-release.tags=Теги
+release.tags=Мітки
 release.new_release=�овий реліз
 release.draft=Чернетка
 release.prerelease=Пре-реліз
 release.stable=Стабільний
+release.latest=О�танні
 release.compare=Порівн�ти
 release.edit=редагувати
 release.ahead.commits=<strong>%d</strong> коміт(ів)
 release.ahead.target=до %s з моменту цього випу�ку
 release.source_code=Код
-release.new_subheader=Публікаці� релізів допоможе вам організувати вер�ію проєкту.
-release.edit_subheader=Публікаці� релізів допоможе вам організувати вер�ію проєкту.
-release.tag_name=�азва тегу
+release.new_subheader=Релізи впор�дковують вер�ії проєкту.
+release.edit_subheader=Релізи впор�дковують вер�ії проєкту.
+release.tag_name=�азва мітки
 release.target=Ціль
-release.tag_helper=Виберіть і�нуючий тег або �творіть новий.
+release.tag_helper=Вибрати і�нуючу мітку або �творити нову.
+release.title=�азва релізу
+release.title_empty=Заголовок не може бути порожнім.
+release.message=Опишіть цей реліз
 release.prerelease_desc=Позначити �к пре-реліз
-release.prerelease_helper=Позначте цей випу�к непридатним дл� ПРОД викори�танн�.
+release.prerelease_helper=Позначите випу�к �к непридатний дл� продуктивного викори�танн�.
 release.cancel=Відмінити
 release.publish=Опублікувати реліз
 release.save_draft=Зберегти чернетку
 release.edit_release=Оновити реліз
 release.delete_release=Видалити реліз
-release.delete_tag=Видалити тег
+release.delete_tag=Видалити мітку
 release.deletion=Видалити реліз
-release.deletion_success=Реліз, було видалено.
+release.deletion_success=Реліз видалено.
 release.deletion_tag_desc=Буде видалено цей тег із репозиторію. Вмі�т репозиторі� та і�торі� залишать�� незмінними. Продовжити?
 release.deletion_tag_success=Мітка видалена.
-release.tag_name_already_exist=Реліз з цим ім'�м мітки вже і�нує.
-release.tag_name_invalid=�еприпу�тиме ім'� тега.
-release.tag_name_protected=Ім'� тега захищене.
-release.tag_already_exist=Цей тег вже викори�товуєть��.
-release.downloads=Завантажити
+release.tag_name_already_exist=Реліз з такою ж міткою вже і�нує.
+release.tag_name_invalid=�азва мітки недій�на.
+release.tag_name_protected=�азва мітки захищена.
+release.tag_already_exist=�азва мітки вже і�нує.
+release.downloads=Завантаженн�
 release.download_count=Завантаженн�: %s
-release.add_tag_msg=Викори�товуйте заголовок і змі�т релізу �к повідомленн� �к тег повідомленн�.
+release.add_tag_msg=Викори�товуйте заголовок і змі�т релізу �к повідомленн� мітки.
 release.add_tag=Створити тільки мітку
+release.releases_for=Релізи дл� %s
+release.tags_for=Мітки дл� %s
 
-branch.name=Ім'� гілки
+branch.name=�азва гілки
+branch.already_exists=Гілка з назвою "%s" вже і�нує.
 branch.delete_head=Видалити
+branch.delete=`Видалити гілку "%s"`
 branch.delete_html=Видалити гілку
+branch.delete_desc=Видаленн� гілки є незворотним. Хоча видалена гілка може продовжувати і�нувати ще де�кий ча� до того, �к її буде видалено о�таточно, у більшо�ті випадків це �ЕМОЖЛИВО �ка�увати. Продовжити?
+branch.deletion_success=Гілку "%s" видалено.
+branch.deletion_failed=�е вдало�� видалити гілку "%s".
+branch.delete_branch_has_new_commits=Гілку "%s" не можна видалити, о�кільки пі�л� з'єднанн� було додано нові коміти.
 branch.create_branch=Створити гілку %s
+branch.create_from=`з "%s"`
+branch.create_success=Створено гілку "%s".
+branch.branch_name_conflict=�азва гілки "%s" конфліктує з уже і�нуючою гілкою "%s".
+branch.tag_collision=Гілка "%s" не може бути �творена, о�кільки у �ховищі вже і�нує мітка з такою назвою.
 branch.deleted_by=Видалено %s
+branch.restore_success=Гілку "%s" відновлено.
+branch.restore_failed=�е вдало�� відновити гілку "%s".
+branch.protected_deletion_failed=Гілка "%s" захищена. Її неможливо видалити.
+branch.default_deletion_failed=Гілка "%s" �тандартна. Її неможливо видалити.
+branch.restore=`Відновити гілку "%s"`
+branch.download=`Завантажити гілку "%s"`
+branch.rename=`Перейменувати гілку "%s"`
 branch.included_desc=Ц� гілка є ча�тиною типової гілки
 branch.included=Включено
 branch.create_new_branch=Створити гілку з гілки:
 branch.confirm_create_branch=Створити гілку
+branch.warning_rename_default_branch=Ви перейменовуєте �тандартну гілку.
+branch.rename_branch_to=Перейменувати "%s" на:
 branch.confirm_rename_branch=Перейменувати гілку
 branch.create_branch_operation=Створити гілку
 branch.new_branch=Створити нову гілку
+branch.new_branch_from=`Створити нову гілку з "%s"`
 branch.renamed=Гілку %s перейменовано на %s.
+branch.rename_default_or_protected_branch_error=Лише адміні�тратори можуть перейменовувати типові або захищені гілки.
+branch.rename_protected_branch_failed=Ц� гілка захищена правилами захи�ту на о�нові глобальних правил.
 
 tag.create_tag=Створити тег %s
+tag.create_tag_operation=Створити мітку
+tag.confirm_create_tag=Створити мітку
+tag.create_tag_from=`Створити нову мітку з "%s"`
 
+tag.create_success=Мітку "%s" �творено.
 
-topic.manage_topics=Керувати тематичними мітками
+topic.manage_topics=Керувати темами
 topic.done=Готово
+topic.count_prompt=Ви не можете вибрати більше ніж 25 тем
+topic.format_prompt=Теми мають починати�� з літери або цифри, можуть мі�тити дефі�и ('-') і крапки ('.'), мати довжину до 35 �имволів. Літери повинні бути малими.
 
+find_file.go_to_file=Перейти до файлу
+find_file.no_matching=�е знайдено відповідного файлу
 
 error.csv.too_large=�е вдаєть�� відобразити цей файл, тому що він завеликий.
 error.csv.unexpected=�е вдаєть�� відобразити цей файл, тому що він мі�тить неочікуваний �имвол в р�дку %d і �товпці %d.
 error.csv.invalid_field_count=�е вдаєть�� відобразити цей файл, тому що він має неправильну кількі�ть полів у р�дку %d.
 
 [graphs]
+component_loading_failed=�е вдало�� завантажити %s
+component_loading_info=Це може зайн�ти трохи ча�у…
+component_failed_to_load=Стала�ь непередбачена помилка.
+code_frequency.what=ча�тота коду
+contributors.what=вне�ки
+recent_commits.what=нові коміти
 
 [org]
 org_name_holder=�азва організації
@@ -1905,6 +2485,7 @@ create_org=Створити організацію
 repo_updated=Оновлено
 members=Уча�ники
 teams=Команди
+code=Код
 lower_members=уча�ники
 lower_repositories=репозиторії
 create_new_team=�ова команда
@@ -1914,11 +2495,13 @@ team_name=�азва команди
 team_desc=Опи�
 team_name_helper=�азва команди має бути про�тою та зрозумілою.
 team_desc_helper=Опишіть мету або роль команди.
-team_access_desc=До�туп до репозиторі�
+team_access_desc=До�туп до �ховища
 team_permission_desc=Права до�тупу
 team_unit_desc=Дозволити до�туп до розділів репозиторію
 team_unit_disabled=(Вимкнено)
 
+form.name_reserved=�азву організації "%s" зарезервовано.
+form.name_pattern_not_allowed=Шаблон "%s" не допу�каєть�� в назві організації.
 form.create_org_not_allowed=Вам не дозволено �творювати організації.
 
 settings=�алаштуванн�
@@ -1929,28 +2512,38 @@ settings.location=Розташуванн�
 settings.permission=Дозволи
 settings.repoadminchangeteam=�дміні�тратор репозитарію може додавати та видал�ти до�туп дл� команд
 settings.visibility=Видимі�ть
-settings.visibility.public=Публічний
-settings.visibility.limited_shortname=Обмежений
-settings.visibility.private=Приватний (Видимий лише членам організації)
+settings.visibility.public=Публічна
+settings.visibility.limited=Обмежений (Видимий лише дл� автентифікованих кори�тувачів)
+settings.visibility.limited_shortname=Обмежена
+settings.visibility.private=Приватна (Видима лише членам організації)
 settings.visibility.private_shortname=Приватний
 
 settings.update_settings=Оновити налаштуванн�
 settings.update_setting_success=�алаштуванн� організації оновлені.
-settings.change_orgname_redirect_prompt=Старе ім'� буде перенаправлено до тих пір, поки воно не буде заброньовано.
+
+settings.rename=Перейменувати організацію
+settings.rename_desc=Зміна назви організації також змінить URL адре�у вашої організації і звільнить �тару назву.
+settings.rename_new_org_name=�азва нової організації
+settings.rename_notices_1=Цю операцію <strong>�ЕМОЖЛИВО</strong> �ка�увати.
+settings.rename_notices_2=Стара назва буде перенаправл�ти�� на нову, поки хто�ь не викори�тає її.
+
 settings.update_avatar_success=�ватар організації оновлений.
 settings.delete=Видалити організацію
 settings.delete_account=Видалити цю організацію
-settings.delete_prompt=Організаці� буде о�таточно видалена. Це <strong>�Е МОЖЛИВО</strong> відмінити!
-settings.confirm_delete_account=Підтвердіть видаленн�
-settings.delete_org_title=Видалити організацію
-settings.delete_org_desc=Ц� організаці� буде безповоротно видалена. Продовжити?
-settings.hooks_desc=Додайте webhooks, �кий буде викликати�� дл� <strong>в�іх репозиторіїв</strong> �кими володіє ц� організаці�.
+settings.delete_prompt=Організацію буде о�таточно видалено. Це <strong>�ЕМОЖЛИВО</strong> �ка�увати!
+settings.name_confirm=Введіть назву організації дл� підтвердженн�:
+settings.delete_notices_1=Цю операцію <strong>�ЕМОЖЛИВО</strong> �ка�увати.
+settings.delete_notices_3=Ц� операці� назавжди видалить в�і <strong>пакети</strong> <strong>%s</strong>.
+settings.delete_notices_4=Ц� операці� назавжди видалить в�і <strong>проєкти</strong> <strong>%s</strong>.
+settings.confirm_delete_account=Підтвердити видаленн�
+settings.delete_successful=Організацію <b>%s</b> у�пішно видалено.
+settings.hooks_desc=Додайте веб-хуки, �кі �працьовуватимуть дл� <strong>в�іх �ховищ</strong> у цій організації.
 
-settings.labels_desc=Додати мітки, �кі можуть бути викори�тані дл� задач дл� <strong>в�іх репозиторіїв</strong> в цій організації.
+settings.labels_desc=Додайте мітки, �кі можна викори�товувати у задачах дл� <strong>у�іх �ховищ</strong> у цій організації.
 
 members.membership_visibility=Видимі�ть уча�ника:
 members.public=Показувати
-members.public_helper=зробити прихованим
+members.public_helper=приховати
 members.private=Прихований
 members.private_helper=зробити видимим
 members.member_role=Роль уча�ника:
@@ -1968,22 +2561,28 @@ teams.leave=Покинути
 teams.leave.detail=Покинути %s?
 teams.can_create_org_repo=Створити репозиторії
 teams.can_create_org_repo_helper=Уча�ники можуть �творювати нові репозиторії в організації. �втор отримає до�туп адміні�тратора до нового репозиторію.
-teams.read_access=Прочитані
+teams.none_access=�емає до�тупу
+teams.none_access_helper=Уча�ники не можуть перегл�дати або виконувати будь-�кі інші дії з цією одиницею. Це не впливає на загальнодо�тупні �ховища.
+teams.general_access=Загальний до�туп
+teams.general_access_helper=Дозволи уча�ників будуть визначати�� відповідно до наведеної нижче таблиці дозволів.
+teams.read_access=Читанн�
 teams.read_access_helper=Уча�ники можуть перегл�дати та клонувати репозиторії команд.
+teams.write_access=Запи�
 teams.write_access_helper=Уча�ники можуть читати і виконувати push в репозиторії команд.
 teams.admin_access=До�туп адміні�тратора
 teams.admin_access_helper=Уча�ники можуть виконувати pull, push в репозиторії команд і додавати �півавторів в команду.
 teams.no_desc=Ц� команда не має опи�у
 teams.settings=�алаштуванн�
-teams.owners_permission_desc=Вла�ник має повний до�туп до <strong>у�іх репозиторіїв</strong> та має <strong>права адміні�тратора</strong> організації.
+teams.owners_permission_desc=Вла�ники мають повний до�туп до <strong>у�іх репозиторіїв</strong> та <strong>права адміні�тратора</strong> організації.
 teams.members=Уча�ники команди
 teams.update_settings=Оновити налаштуванн�
 teams.delete_team=Видалити команду
 teams.add_team_member=Додати уча�ника команди
+teams.invite_team_member=Запро�ити до %s
 teams.delete_team_title=Видалити команду
 teams.delete_team_desc=Видаленн� команди �ка�овує до�туп до репозиторі� дл� її уча�ників. Продовжити?
 teams.delete_team_success=Команду було видалено.
-teams.read_permission_desc=Ц� команда має до�туп дл� <strong>читанн�</strong>: уча�ники можуть перегл�дати та клонувати репозиторії.
+teams.read_permission_desc=Ц� команда має до�туп на <strong>читанн�</strong>: уча�ники можуть перегл�дати та клонувати репозиторії.
 teams.write_permission_desc=Ц� команда надає до�туп на <strong>запи�</strong>: уча�ники можуть отримувати й виконувати push команди до репозитрію.
 teams.admin_permission_desc=Ц� команда надає <strong>адміні�тратор�ький</strong> до�туп: уча�ники можуть читати, виконувати push команди та додавати �півробітників до репозиторію.
 teams.create_repo_permission_desc=Крім того, ц� команда надає дозвіл <strong>Створити репозиторій</strong>: уча�ники можуть �творювати нові репозиторії в організації.
@@ -1995,6 +2594,7 @@ teams.add_all_repos_desc=Це додаÑ�Ñ‚ÑŒ вÑ�Ñ– репозиторії орÐ
 teams.add_duplicate_users=Кори�тувач уже є членом команди.
 teams.repos.none=Дл� команди немає до�тупних репозиторіїв.
 teams.members.none=�емає членів в цій команді.
+teams.members.blocked_user=�е вдаєть�� додати кори�тувача, о�кільки він заблокований організацією.
 teams.specific_repositories=Конкретні репозиторії
 teams.specific_repositories_helper=Уча�ники матимуть до�туп лише до репозиторіїв, �кі були �вно додані до команди. Вибір цього пункту <strong>не призводить</strong> до автоматичного видаленн� репозиторіїв, доданих з <i>В�і репозиторії</i>.
 teams.all_repositories=В�і репозиторії
@@ -2002,17 +2602,34 @@ teams.all_repositories_helper=Команда має доÑ�туп до вÑ�Ñ–Ñ… Ñ
 teams.all_repositories_read_permission_desc=Ц� команда надає дозвіл <strong>Перегл�д</strong> дл� <strong>в�іх репозиторіїв</strong>: уча�ники можуть перегл�дати та клонувати їх.
 teams.all_repositories_write_permission_desc=Ц� команда надає дозвіл <strong>Запи�</strong> дл� <strong>в�іх репозиторіїв</strong>: уча�ники можуть перегл�дати та виконувати push в репозиторі�х.
 teams.all_repositories_admin_permission_desc=Ц� команда надає дозвіл <strong>�дміні�труванн�</strong> дл� <strong>в�іх репозиторіїв</strong>: уча�ники можуть перегл�дати, виконувати push та додавати �півробітників.
-
-
+teams.invite.title=Ва� запро�или приєднати�� до команди <strong>%s</strong> в організації <strong>%s</strong>.
+teams.invite.by=Запрошений %s
+teams.invite.description=Будь ла�ка, нати�ніть на кнопку нижче, щоб приєднати�� до команди.
+
+view_as_role=Перегл�нути �к: %s
+view_as_public_hint=Ви перегл�даєте README �к публічний кори�тувач.
+view_as_member_hint=Ви перегл�даєте README �к член цієї організації.
+
+worktime=Ча� роботи
+worktime.date_range_start=Дата початку
+worktime.date_range_end=Дата завершенн�
+worktime.query=Запит
+worktime.time=Ча�
+worktime.by_milestones=За етапами
+worktime.by_members=За уча�никами
 
 [admin]
+maintenance=Технічне об�луговуванн�
 dashboard=Панель управлінн�
+self_check=Самоперевірка
+identity_access=Ідентифікаці� та до�туп
 users=Облікові запи�и кори�тувачів
 organizations=Організації
+assets=Ре�ур�и коду
 repositories=Репозиторії
 hooks=Веб-хуки
+integrations=Інтеграції
 authentication=Джерела автентифікації
-emails=Електронні адре�и Кори�тувача
 config=Конфігураці�
 config_summary=Під�умок
 config_settings=�алаштуванн�
@@ -2021,8 +2638,11 @@ monitor=Моніторинг
 first_page=Перша
 last_page=О�танн�
 total=Разом: %d
+settings=�дміні�тративні налаштуванн�
 
+dashboard.new_version_hint=Gitea %s тепер до�тупна, ви викори�товуєте %s. Перевірте <a target="_blank" rel="noreferrer" href="https://blog.gitea.io">блог</a> дл� отриманн� додаткової інформації.
 dashboard.statistic=Під�умок
+dashboard.maintenance_operations=Операції з технічного об�луговуванн�
 dashboard.system_status=Стату� �и�теми
 dashboard.operation_name=�азва операції
 dashboard.operation_switch=Перемкнути
@@ -2031,34 +2651,28 @@ dashboard.clean_unbind_oauth=ОчиÑ�тити Ñ�пиÑ�ок незавершенÐ
 dashboard.clean_unbind_oauth_success=В�і незавершені зв'�зки OAuth були видалені.
 dashboard.task.started=Запущено завданн�: %[1]s
 dashboard.task.process=Завданн�: %[1]s
+dashboard.task.cancelled=Завданн�: %[1]s �ка�овано: %[3]s
 dashboard.task.error=Помилка у завданні: %[1]s:%[3]s
 dashboard.task.finished=Завершило�� завданн�, �ке запу�тив %[2]s: %[1]s
 dashboard.task.unknown=�евідоме завданн�: %[1]s
 dashboard.cron.started=Запущено Cron: %[1]s
 dashboard.cron.process=Cron: %[1]s
+dashboard.cron.cancelled=Планувальник: %[1]s �ка�овано: %[3]s
 dashboard.cron.error=Помилка в Cron: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s завершено
 dashboard.delete_inactive_accounts=Видалити в�і неактивовані облікові запи�и
-dashboard.delete_inactive_accounts.started=Запущено завданн� видаленн� в�і неактивованих облікових запи�ів.
 dashboard.delete_repo_archives=Видалити в�і архіви репозиторіїв (ZIP, TAR.GZ, і т. д..)
-dashboard.delete_repo_archives.started=Запущено завданн� видаленн� в�іх архівів репозиторіїв.
-dashboard.delete_missing_repos=Видалити в�і запи�и про репозиторії з від�утніми файлами Git
-dashboard.delete_missing_repos.started=Запущено завданн� видаленн� в�іх репозиторіїв, в �ких від�утні файли Git.
-dashboard.delete_generated_repository_avatars=Видалити репозиторій з згенерованими аватарами
+dashboard.delete_missing_repos=Видаліть у�і �ховища, в �ких від�утні файли Git
+dashboard.delete_generated_repository_avatars=Видалити згенеровані аватарки �ховища
+dashboard.sync_repo_branches=Синхронізувати пропущені гілки з даних git до баз даних
 dashboard.update_mirrors=Оновити дзеркала
 dashboard.repo_health_check=Перевірка �тану в�іх репозиторіїв
 dashboard.check_repo_stats=Перевірити �тати�тику в�іх репозиторіїв
 dashboard.archive_cleanup=Видалити �тарі архіви репозиторіїв
-dashboard.deleted_branches_cleanup=Прибрати видалені гілки
 dashboard.update_migration_poster_id=Оновити мігровані ID авторів
-dashboard.git_gc_repos=Виконати очи�тку �мітт� дл� в�іх репозиторіїв
-dashboard.resync_all_sshkeys=Оновити файл '.ssh/authorized_keys' з SSH ключами Gitea.
-dashboard.resync_all_sshprincipals=Оновіть файл '.ssh/authorized_princтipals' з SSH даними кори�тувача Gitea.
-dashboard.resync_all_hooks=Пере�инхронізувати перед-прийн�тні, оновлюючі та по�т-прийн�тні хуки в у�іх репозиторі�х.
-dashboard.reinit_missing_repos=Переініціалізувати у�і репозитрії git-файли �ких втрачено
+dashboard.reinit_missing_repos=Заново ініціалізувати в�і від�утні �ховища Git'а, дл� �ких і�нують запи�и
 dashboard.sync_external_users=Синхронізувати дані зовнішніх кори�тувачів
-dashboard.cleanup_hook_task_table=Очи�тити hook_task таблицю
-dashboard.server_uptime=Uptime �ерверу
+dashboard.server_uptime=Ча� роботи �ервера
 dashboard.current_goroutine=Поточна кількі�ть Goroutines
 dashboard.current_memory_usage=Поточне викори�танн� пам'�ті
 dashboard.total_memory_allocated=Виділено пам'�ті загалом
@@ -2087,6 +2701,16 @@ dashboard.total_gc_time=Загальна пауза збирача �мітт�
 dashboard.total_gc_pause=Загальна пауза збирача �мітт� (GC)
 dashboard.last_gc_pause=О�танн� пауза збирача �мітт� (GC)
 dashboard.gc_times=Кількі�ть запу�ків збирача �мітт� (GC)
+dashboard.delete_old_actions=Видалити в�і �тарі дії з бази даних
+dashboard.update_checker=Перевірка оновлень
+dashboard.delete_old_system_notices=Видалити в�і �тарі �и�темні повідомленн� з бази даних
+dashboard.stop_endless_tasks=Зупинити не�кінченні завданн�
+dashboard.cancel_abandoned_jobs=Ска�увати покинуті завданн�
+dashboard.start_schedule_tasks=Запу�к запланованих завдань
+dashboard.sync_branch.started=Розпочато �инхронізацію гілок
+dashboard.sync_tag.started=Розпочато �инхронізацію міток
+dashboard.rebuild_issue_indexer=Перебудувати індек�атор задач
+dashboard.sync_repo_licenses=Синхронізувати ліцензії �ховища
 
 users.user_manage_panel=Керуванн� обліковими запи�ами кори�тувачів
 users.new_account=Створити обліковий запи�
@@ -2095,12 +2719,15 @@ users.full_name=Повне ім'�
 users.activated=�ктивовано
 users.admin=�дміні�тратор
 users.restricted=Обмежено
+users.reserved=Зарезервовано
+users.bot=Бот
+users.remote=Віддалений
 users.2fa=2FA
 users.repos=Репозиторії
 users.created=Створено
 users.last_login=О�танній вхід
-users.never_login=�іколи не входив
 users.send_register_notify=�аді�лати повідомленн� про реє�трацію кори�тувача
+users.new_success=Обліковий запи� "%s" �творено.
 users.edit=Редагувати
 users.auth_source=Джерело автентифікації
 users.local=Локальні
@@ -2120,8 +2747,10 @@ users.allow_import_local=Може імпортувати локальні реп
 users.allow_create_organization=Може �творювати організацій
 users.update_profile=Оновити обліковий запи�
 users.delete_account=Видалити цей обліковий запи�
-users.still_own_repo=Ваш обліковий запи� в�е ще володіє одним або кількома репозиторі�ми, �початку вам потрібно видалити або передати їх.
-users.still_has_org=Цей обліковий запи� в�е ще є уча�ником однієї або декількох організацій. Дл� продовженн�, покиньте або видаліть організації.
+users.cannot_delete_self=Ви не можете видалити �ебе
+users.still_own_repo=Цей кори�тувач в�е ще володіє одним або кількома �ховищами. Спочатку видаліть або передайте ці �ховища.
+users.still_has_org=Цей кори�тувач є членом організації. Спочатку видаліть кори�тувача з у�іх організацій.
+users.purge=Видалити кори�тувача
 users.deletion_success=Обліковий запи� кори�тувача було видалено.
 users.reset_2fa=Скинути 2FA
 users.list_status_filter.menu_text=Фільтр
@@ -2132,22 +2761,23 @@ users.list_status_filter.is_admin=�дміні�тратор
 users.list_status_filter.not_admin=�е адміні�тратор
 users.list_status_filter.is_restricted=З обмеженн�ми
 users.list_status_filter.not_restricted=Без обмежень
-users.list_status_filter.is_prohibit_login=Вхід заборонено
-users.list_status_filter.not_prohibit_login=Вхід дозволено
+users.list_status_filter.is_prohibit_login=Заборонити вхід
+users.list_status_filter.not_prohibit_login=Дозволити вхід
 users.list_status_filter.is_2fa_enabled=2FA увімкнена
 users.list_status_filter.not_2fa_enabled=2FA вимкнена
+users.details=Інформаці� про кори�тувача
 
 emails.email_manage_panel=Управлінн� поштою кори�тувача
-emails.primary=Головний
+emails.primary=О�новна
 emails.activated=�ктивовано
-emails.filter_sort.email=Електронна пошта
-emails.filter_sort.email_reverse=Електронна пошта (зворотна)
-emails.filter_sort.name=Ім'� кори�тувача
-emails.filter_sort.name_reverse=Ім'� кори�тувача (зворотне)
-emails.updated=Електронну пошту оновлено
+emails.filter_sort.name=Ім'� кри�тувача
 emails.not_updated=�е вдало�ь оновити адре�у електронної пошти: %v
-emails.duplicate_active=Ц� електронна адре�а вже активна дл� іншого кори�тувача.
+emails.duplicate_active=Ц� адре�а електронної пошти вже активна дл� іншого кори�тувача.
 emails.change_email_header=Редагувати вла�тиво�ті електронної пошти
+emails.change_email_text=Ви впевнені, що хочете оновити адре�у електронної пошти?
+emails.delete=Видалити адре�у електронної пошти
+emails.delete_desc=Ви впевнені, що хочете видалити адре�у електронної пошти?
+emails.deletion_success=�дре�у електронної пошти видалено.
 
 orgs.org_manage_panel=Керуванн� організаці�ми
 orgs.name=�азва
@@ -2163,12 +2793,21 @@ repos.name=�азва
 repos.private=Приватний
 repos.issues=Задачі
 repos.size=Розмір
+repos.lfs_size=Розмір LFS
 
+packages.package_manage_panel=Керуванн� пакетами
+packages.total_size=Загальний розмір: %s
+packages.unreferenced_size=Розмір без по�илань: %s
+packages.cleanup=Очи�тити про�трочені дані
+packages.cleanup.success=Очищенн� про�трочених даних завершено
 packages.owner=Вла�ник
+packages.creator=�втор
 packages.name=�азва
+packages.version=Вер�і�
 packages.type=Тип
-packages.repository=Репозиторій
+packages.repository=Сховище
 packages.size=Розмір
+packages.published=Опубліковано
 
 defaulthooks=Веб-хуки за замовчуванн�м
 defaulthooks.add_webhook=Додати веб-хук за замовчуванн�м
@@ -2180,7 +2819,7 @@ systemhooks.update_webhook=Оновити �и�темний вебхук
 
 auths.auth_manage_panel=Керуванн� джерелом автентифікації
 auths.new=Додати джерело автентифікації
-auths.name=Ім'�
+auths.name=�азва
 auths.type=Тип
 auths.enabled=Увімкнено
 auths.syncenabled=Увімкнути �инхронізацію кори�тувача
@@ -2197,12 +2836,13 @@ auths.user_base=База пошуку кори�тувачів
 auths.user_dn=DN кори�тувача
 auths.attribute_username=�трибут імені кори�тувача
 auths.attribute_username_placeholder=Залиште порожнім, щоб викори�товувати ім'� кори�тувача дл� реє�трації.
-auths.attribute_name=�трибут імені
-auths.attribute_surname=�трибут Surname
-auths.attribute_mail=�трибут Email
-auths.attribute_ssh_public_key=�трибут Відкритий SSH ключ
+auths.attribute_name=Вла�тиво�ті імені
+auths.attribute_surname=Вла�тиво�ті прізвища
+auths.attribute_mail=Вла�тиво�ті електронної пошти
+auths.attribute_ssh_public_key=Вла�тиво�ті публічного ключа SSH
+auths.attribute_avatar=Вла�тиво�ті аватару
 auths.attributes_in_bind=Вит�гувати атрибути в контек�ті Bind DN
-auths.allow_deactivate_all=Дозволити порожньому результату пошуку відключити в�іх кори�тувачів
+auths.allow_deactivate_all=Дозволити порожній результат пошуку, щоб деактивувати в�іх кори�тувачів
 auths.use_paged_search=Викори�товувати по�торінковий пошук
 auths.search_page_size=Розмір �торінки
 auths.filter=Кори�тувацький фільтр
@@ -2212,6 +2852,7 @@ auths.restricted_filter_helper=Залиште пу�тим, щоб не в�та
 auths.group_search_base=Пошукова база груп DN
 auths.group_attribute_list_users=�трибут групи зі �пи�ком кори�тувачів
 auths.user_attribute_in_group=�трибути кори�тувача в групі
+auths.enable_ldap_groups=Увімкнути групи LDAP
 auths.ms_ad_sa=�трибути пошуку MS AD
 auths.smtp_auth=Тип автентифікації SMTP
 auths.smtphost=SMTP хо�т
@@ -2227,7 +2868,7 @@ auths.disable_helo=Вимкнути HELO
 auths.pam_service_name=Ім'� �лужби PAM
 auths.pam_email_domain=Поштовий домен PAM (необов'�зково)
 auths.oauth2_provider=По�тачальник OAuth2
-auths.oauth2_icon_url=URL іконки
+auths.oauth2_icon_url=URL піктограми
 auths.oauth2_clientID=ID клієнта (ключ)
 auths.oauth2_clientSecret=Ключ клієнта
 auths.openIdConnectAutoDiscoveryURL=OpenID Connect URL дл� автоматизації входу
@@ -2239,34 +2880,42 @@ auths.oauth2_emailURL=URL електронної пошти
 auths.skip_local_two_fa=Пропу�тити локальну 2FA
 auths.skip_local_two_fa_helper=Якщо значенн� не вказано, локальнам кори�тувачам, що викори�товують двофакторну автентифікацію, в�е одно проходитимуть її дл� входу в �и�тему
 auths.oauth2_tenant=Tenant
+auths.oauth2_map_group_to_team_removal=Видалити кори�тувачів із �инхронізованих команд, �кщо кори�тувач не належить до відповідної групи.
 auths.enable_auto_register=Увімкнути автоматичну реє�трацію
 auths.sspi_auto_create_users=�втоматично �творювати кори�тувачів
-auths.sspi_auto_create_users_helper=Дозволити автоматичне �творенн� нових облікових запи�ів дл� кори�тувачів, �кі вперше увійшли з викори�танн� автентифікації SSPI
 auths.sspi_auto_activate_users=�втоматично активувати кори�тувачів
 auths.sspi_auto_activate_users_helper=Дозволити автоматичну активацію облікових запи�ів, �творених при автентифікації SSPI
 auths.sspi_strip_domain_names=Вилучати назви доменів з імен кори�тувачів
-auths.sspi_strip_domain_names_helper=Якщо увімкнено, доменні імена будуть видал�ти�� з імені входу (наприклад, "DOMAIN\user" та "user@example.org" �тануть "user").
 auths.sspi_separator_replacement=Викори�товувати замі�ть \, / та @ роздільник
-auths.sspi_separator_replacement_helper=Символ, �кий замінює роздільники імен входу нижнього рівн� (наприклад, \ в "DOMAIN\user") та о�новних імен кори�тувачів (наприклад, @ "user@example.org").
 auths.sspi_default_language=Типова мова кори�тувача
-auths.sspi_default_language_helper=Типова мова дл� кори�тувачів, �кі �творюють�� автоматично при SSPI-автентифікації. Залиште не вказаним, �кщо надаєте перевагу автоматичному визначенню мови.
 auths.tips=Поради
 auths.tips.oauth2.general=OAuth2 автентифікаці�
+auths.tips.oauth2.general.tip=Під ча� реє�трації нової автентифікації OAuth2 URL-адре�а зворотного виклику/перенаправленн� повинна бути такою:
 auths.tip.oauth2_provider=По�тачальник OAuth2
-auths.tip.nextcloud=`Зареє�труйте нового �поживача OAuth у вашому екземпл�рі за допомогою на�тупного меню "�алаштуванн� -> Безпека -> клієнт OAuth 2.0"`
+auths.tip.bitbucket=`Зареє�труйте нового �поживача OAuth на %s і додайте дозвіл "Обліковий запи�" - "Читанн�"`
+auths.tip.dropbox=Створити новий додаток на %s
+auths.tip.facebook=`Зареє�труйте новий додаток на %s і додайте модуль "Facebook Login"`
+auths.tip.github=Зареє�труйте новий додаток OAuth на %s
+auths.tip.gitlab_new=Зареє�труйте новий додаток на %s
+auths.tip.google_plus=Отримайте облікові дані клієнта OAuth2 з кон�олі Google API за адре�ою %s
+auths.tip.twitter=Перейдіть до %s, �творіть додаток і переконайте��, що параметр «Дозволити викори�товувати цей додаток дл� входу в Twitter» увімкнено
+auths.tip.discord=Зареє�трувати новий додаток на %s
+auths.tip.gitea=Зареє�труйте новий додаток OAuth2. По�ібник можна знайти за по�иланн�м %s
 auths.tip.mastodon=Введіть URL �пеціального екземпл�ра дл� екземпл�ра mastodon, �кий ви хочете автентифікувати за допомогою (або викори�товувати за замовчуванн�м)
 auths.edit=Редагувати джерело автентифікації
-auths.activated=Ц� аутентифікаці� активована
-auths.update_success=Параметри аутентифікації оновлені.
+auths.activated=Це джерело автентифікації активовано
+auths.new_success=�втентифікацію "%s" додано.
+auths.update_success=Джерело автентифікації оновлено.
 auths.update=Оновити джерело автентифікації
 auths.delete=Видалити джерело автентифікації
 auths.delete_auth_title=Видалити джерело автентифікації
-auths.delete_auth_desc=Це джерело аутентифікації буде видалене, ви впевнені, що ви хочете продовжити?
-auths.still_in_used=Ц� перевірка �правжно�ті до�і викори�товуєть�� де�кими кори�тувачами. Видаліть або змініть дл� цих кори�тувачів тип входу в �и�тему.
-auths.deletion_success=Канал аутентифікації у�пішно знищений.
-auths.login_source_of_type_exist=Джерело автентифікації такого типу вже на�вне.
+auths.delete_auth_desc=Видаленн� джерела автентифікації заборон�є кори�тувачам викори�товувати його дл� входу. Продовжити?
+auths.still_in_used=Джерело автентифікації в�е ще викори�товуєть��. Спочатку перетворіть або видаліть кори�тувачів, �кі викори�товують це джерело автентифікації.
+auths.deletion_success=Джерело автентифікації видалено.
+auths.login_source_exist=Джерело автентифікації "%s" вже і�нує.
+auths.login_source_of_type_exist=Джерело автентифікації такого типу вже і�нує.
 
-config.server_config=Конфігураці� �ервера
+config.server_config=�алаштуванн� �ервера
 config.app_name=�азва �айту
 config.app_ver=Вер�і� Gitea
 config.app_url=Базова URL-адре�а Gitea
@@ -2274,13 +2923,14 @@ config.custom_conf=Шл�х до файлу конфігурації
 config.custom_file_root_path=Шл�х до файлу кори�тувача
 config.domain=Домен �ервера
 config.offline_mode=Локальний режим
-config.disable_router_log=Вимкнути логуванн� роутеру
+config.disable_router_log=Вимкнути журнал маршрутизатора
 config.run_user=Запу�к від імені Кори�тувача
 config.run_mode=Режим виконанн�
 config.git_version=Вер�і� Git
+config.app_data_path=Шл�х до даних додатка
 config.repo_root_path=Кореневий шл�х репозиторі�
-config.lfs_root_path=Кореневої шл�х LFS
-config.log_file_root_path=Шл�х до лог файлу
+config.lfs_root_path=Кореневий шл�х LFS
+config.log_file_root_path=Шл�х до журналу
 config.script_type=Тип �крипта
 config.reverse_auth_user=Ім'� кори�тувача дл� авторизації на reverse proxy
 
@@ -2290,9 +2940,7 @@ config.ssh_start_builtin_server=ВикориÑ�товувати вбудованÐ
 config.ssh_domain=Домен SSH �ервера
 config.ssh_port=Порт
 config.ssh_listen_port=Порт що про�луховуєть��
-config.ssh_root_path=Шл�х до кореню
-config.ssh_key_test_path=Шл�х до те�тового ключа
-config.ssh_keygen_path=Шл�х до генератора ключів ('ssh-keygen')
+config.ssh_root_path=Шл�х до корен�
 config.ssh_minimum_key_size_check=Мінімальний розмір ключа перевірки
 config.ssh_minimum_key_sizes=Мінімальні розміри ключів
 
@@ -2304,8 +2952,8 @@ config.lfs_http_auth_expiry=За�таріла LFS HTTP аунтифікаці�
 config.db_config=Конфігураці� бази даних
 config.db_type=Тип
 config.db_host=Хо�т
-config.db_name=Ім'�
-config.db_user=Ім'� кри�тувача
+config.db_name=�азва
+config.db_user=Ім'� кори�тувача
 config.db_schema=Схема
 config.db_ssl_mode=SSL
 config.db_path=Шл�х
@@ -2337,16 +2985,23 @@ config.queue_length=Довжина черги
 config.deliver_timeout=Затримка до�тавки
 config.skip_tls_verify=Пропу�тити перевірку TLS
 
+config.mailer_config=�алаштуванн� пошти
 config.mailer_enabled=Увімкнено
-config.mailer_name=Ім'�
-config.mailer_smtp_port=SMTP порт
+config.mailer_enable_helo=Увімкнути HELO
+config.mailer_name=�азва
+config.mailer_protocol=Протокол
+config.mailer_smtp_addr=�дре�а SMTP
+config.mailer_smtp_port=Порт SMTP
 config.mailer_user=Кори�тувач
 config.mailer_use_sendmail=Викори�товувати Sendmail
 config.mailer_sendmail_path=Шл�х до Sendmail
 config.mailer_sendmail_args=Додаткові аргументи до Sendmail
 config.mailer_sendmail_timeout=Тайм-аут Sendmail
-config.test_email_placeholder=�дре�а електронної пошти (наприклад, test@example.com)
+config.mailer_use_dummy=Даммі
 config.send_test_mail=Відправити те�тового ли�та
+config.send_test_mail_submit=�аді�лати
+config.test_mail_failed=�е вдало�� наді�лати те�товий ли�т "%s": %v
+config.test_mail_sent=Те�товий ли�т наді�лано "%s".
 
 config.oauth_config=Конфігураці� OAuth
 config.oauth_enabled=Увімкнено
@@ -2356,6 +3011,10 @@ config.cache_adapter=�даптер кешу
 config.cache_interval=Інтервал кешуванн�
 config.cache_conn=Підключенн� до кешу
 config.cache_item_ttl=Ча� зберіганн� даних кешу
+config.cache_test=Перевірити кеш
+config.cache_test_failed=�е вдало�� перевірити кеш: %v.
+config.cache_test_slow=Перевірка кешу у�пішна, але відповідь повільна: %s.
+config.cache_test_succeeded=Те�т кешу у�пішно завершено, отримано відповідь за %s.
 
 config.session_config=Конфігураці� �е�ії
 config.session_provider=Провайдер �е�ії
@@ -2384,22 +3043,30 @@ config.git_pull_timeout=Тайм-аут операції Pull
 config.git_gc_timeout=Тайм-аут операції збирача �мітт� (GC)
 
 config.log_config=Конфігураці� журналу
+config.logger_name_fmt=Журнал: %s
 config.disabled_logger=Вимкнено
 config.access_log_mode=Режим до�тупу до журналу
+config.access_log_template=Шаблон журналу до�тупу
 config.xorm_log_sql=Журнал SQL
 
+config.set_setting_failed=�е вдало�� в�тановити параметр %s
 
+monitor.stats=Стати�тика
 
 monitor.cron=Завданн� cron
-monitor.name=Ім'�
+monitor.name=�азва
 monitor.schedule=Розклад
 monitor.next=�а�тупного разу
 monitor.previous=Попереднього разу
 monitor.execute_times=Кількі�ть виконань
 monitor.process=Запущені проце�и
+monitor.performance_logs=Журнал швидкодії
+monitor.processes_count=%d проце�и(-ів)
+monitor.download_diagnosis_report=Завантажити звіт діагно�тики
 monitor.desc=Опи�
 monitor.start=Ча� початку
 monitor.execute_time=Ча� виконанн�
+monitor.last_execution_result=Результат
 monitor.process.cancel=Зупинити проце�
 monitor.process.children=Дочірні проце�и
 
@@ -2410,15 +3077,18 @@ monitor.queue.type=Тип
 monitor.queue.exemplar=Приклад типу
 monitor.queue.numberworkers=Кількі�ть робочих потоків
 monitor.queue.maxnumberworkers=Мак�имальна кількі�ть робочих потоків
+monitor.queue.numberinqueue=�омер у черзі
 monitor.queue.settings.title=�алаштуванн� пулу
-monitor.queue.settings.maxnumberworkers=Мак�имальна кількі�ть робочих потоків
 monitor.queue.settings.maxnumberworkers.placeholder=Поточний %[1]d
 monitor.queue.settings.maxnumberworkers.error=Мак�имальна кількі�ть робочих потоків має бути чи�лом
 monitor.queue.settings.submit=Оновити налаштуванн�
 monitor.queue.settings.changed=�алаштуванн� оновлено
+monitor.queue.settings.remove_all_items=Видалити в�е
+monitor.queue.settings.remove_all_items_done=У�і елементи черги видалено.
 
 notices.system_notice_list=Сповіщенн� �и�теми
 notices.view_detail_header=Перегл�нути деталі повідомленн�
+notices.operations=Дії
 notices.select_all=Вибрати в�е
 notices.deselect_all=Ска�увати виділенн�
 notices.inverse_selection=Інвертувати виділене
@@ -2431,11 +3101,15 @@ notices.desc=Опи�
 notices.op=Оп.
 notices.delete_success=Сповіщенн� �и�теми були видалені.
 
+self_check.no_problem_found=�аразі проблем не ви�влено.
+self_check.startup_warnings=Попередженн� під ча� запу�ку:
+self_check.database_collation_mismatch=Очікуєть��, що база даних викори�тає зі�тавленн�: %s
+self_check.location_origin_mismatch=Поточна URL-адре�а (%[1]) не відповідає URL-адре�і Gitea (%[2]). Якщо ви викори�товуєте зворотний прок�і, переконайте��, що заголовки "Host" та "X-Forwarded-Proto" в�тановлені правильно.
 
 [action]
 create_repo=�творив(ла) репозиторій <a href="%s">%s</a>
 rename_repo=репозиторій перейменовано з <code>%[1]s</code> на <a href="%[2]s">%[3]s</a>
-commit_repo=наді�лав зміни (push) до <a href="%[2]s">%[3]s</a> о <a href="%[1]s">%[4]s</a>
+commit_repo=наді�лав зміни (push) до <a href="%[2]s">%[3]s</a> в <a href="%[1]s">%[4]s</a>
 create_issue=`відкрив задачу <a href="%[1]s">%[3]s#%[2]s</a>`
 close_issue=`закрив задачу <a href="%[1]s">%[3]s#%[2]s</a>`
 reopen_issue=`повторно відкрив задачу <a href="%[1]s">%[3]s#%[2]s</a>`
@@ -2445,6 +3119,7 @@ reopen_pull_request=`повторно відкрив запит злитт� <a
 comment_issue=`прокоментував задачу <a href="%[1]s">%[3]s#%[2]s</a>`
 comment_pull=`прокоментував запит злитт� <a href="%[1]s">%[3]s#%[2]s</a>`
 merge_pull_request=`прийн�в запит злитт� <a href="%[1]s">%[3]s#%[2]s</a>`
+auto_merge_pull_request=`автоматично об'єднано запит на злитт� <a href="%[1]s">%[3]s#%[2]s</a>`
 transfer_repo=перене�ено репозиторій <code>%s</code> у <a href="%s">%s</a>
 push_tag=�творив мітку <a href="%[2]s">%[3]s</a> в <a href="%[1]s">%[4]s</a>
 delete_tag=видалено мітку %[2]s з <a href="%[1]s">%[3]s</a>
@@ -2477,7 +3152,7 @@ seconds=%d �екунди
 minutes=%d хвилини
 hours=%d години
 days=%d дні
-weeks=%d тижднів
+weeks=%d тижні(в)
 months=%d мі��ці
 years=%d роки
 raw_seconds=�екунди
@@ -2485,6 +3160,7 @@ raw_minutes=хвилини
 
 [dropzone]
 default_message=Перет�гніть файли або нати�ніть тут, щоб завантажити.
+invalid_input_type=�еможливо завантажити файли цього типу.
 file_too_big=Розмір файлу ({{filesize}} MB), що більше ніж мак�имальний розмір: ({{maxFilesize}} MB).
 remove_file=Видалити файл
 
@@ -2498,54 +3174,274 @@ pin=Прикріпити �повіщенн�
 mark_as_read=Позначити �к прочитане
 mark_as_unread=Позначити �к непрочитане
 mark_all_as_read=Позначити в�і �к прочитані
+subscriptions=�бонементи
+watching=Стежить
+no_subscriptions=�емає абонементів
 
 [gpg]
 default_key=Підпи�ано типовим ключем
 error.extract_sign=�е вдало�� вит�гти підпи�
 error.generate_hash=�е вдало�� згенерувати хеш коміту
-error.no_committer_account=�ккаунт кори�тувача з таким Email не знайдено
-error.no_gpg_keys_found=�е вдало�� знайти GPG ключ що відповідає даному підпи�у
+error.no_committer_account=�емає облікового запи�у, прив'�заного до адре�и електронної пошти комітера
+error.no_gpg_keys_found=Дл� цього підпи�у в базі даних не знайдено жодного відомого ключа
 error.not_signed_commit=�епідпи�аний коміт
-error.failed_retrieval_gpg_keys=�е вдало�� отримати відповідний GPG ключ кори�тувача
-error.probable_bad_signature=УВ�Г�! Хоча ключ з таким ID і є в базі, коміт не може бути ним перевірено! Цей коміт ПІДОЗРІЛИЙ.
-error.probable_bad_default_signature=УВ�Г�! Хоча типовий ключ має цей ID, коміт не може бути ним перевірено! Цей коміт ПІДОЗРІЛИЙ.
+error.failed_retrieval_gpg_keys=�е вдало�� отримати жодного ключа, прив'�заного до облікового запи�у комітера
 
 [units]
-error.no_unit_allowed_repo=У ва� немає до�тупу до жодного розділу цього репозитори�.
-error.unit_not_allowed=У ва� немає до�тупу до жодного розділу цього репозитори�.
+unit=Одиниц� вимірюванн�
+error.no_unit_allowed_repo=У ва� немає до�тупу до жодного розділу цього �ховища.
+error.unit_not_allowed=У ва� немає до�тупу до жодного розділу цього �ховища.
 
 [packages]
+title=Пакети
+desc=Керувати пакетами �ховища.
+empty=�аразі пакети від�утні.
+no_metadata=�емає метаданих.
+empty.documentation=Дл� отриманн� додаткової інформації про реє�тр пакетів, дивіть�� <a target="_blank" rel="noopener noreferrer" href="%s">документацію</a>.
+empty.repo=Ви завантажили пакунок, але він тут не відображаєть��? Перейдіть до <a href="%[1]s">налаштуванн� пакету</a> та під'єднайте його до цього �ховища.
+registry.documentation=Докладнішу інформацію про реє�тр %s наведено у <a target="_blank" rel="noopener noreferrer" href="%s">документації</a>.
 filter.type=Тип
+filter.type.all=В�і
+filter.no_result=Ваш фільтр не дав результатів.
+filter.container.tagged=З міткою
+filter.container.untagged=Без мітки
+published_by=%[1]s опубліковано <a href="%[2]s">%[3]s</a>
+published_by_in=%[1]s опубліковано <a href="%[2]s">%[3]s</a> у <a href="%[4]s"><strong>%[5]s</strong></a>
+installation=В�тановленн�
+about=Про цей пакет
+requirements=Вимоги
+dependencies=Залежно�ті
+keywords=Ключові �лова
+details=Подробиці
+details.author=�втор
+details.project_site=Сторінка проєкту
+details.repository_site=Сторінка �ховища
+details.documentation_site=Сторінка документації
+details.license=Ліцензі�
+assets=Ре�ур�и
+versions=Вер�ії
+versions.view_all=Перегл�нути в�е
+dependency.id=ID
+dependency.version=Вер�і�
+search_in_external_registry=Шукати в %s
+alpine.registry.key=Завантажте публічний ключ RSA реє�тру в теку <code>/etc/apk/keys/</code> дл� перевірки підпи�у індек�у:
+alpine.registry.info=Виберіть $branch та $repository зі �пи�ку нижче.
+alpine.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+alpine.repository=Інформаці� про �ховище
 alpine.repository.branches=Гілки
 alpine.repository.repositories=Репозиторії
+alpine.repository.architectures=�рхітектури
+arch.registry=Додати �ервер з відповідним �ховищем та архітектурою до <code>/etc/pacman.conf</code>:
+arch.install=Синхронізувати пакет з pacman:
+arch.repository=Інформаці� про �ховище
 arch.repository.repositories=Репозиторії
-conan.details.repository=Репозиторій
+arch.repository.architectures=�рхітектури
+cargo.install=Щоб в�тановити пакет за допомогою Cargo, виконайте на�тупну команду:
+chef.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+composer.install=Щоб в�тановити пакет за допомогою Composer, виконайте на�тупну команду:
+composer.dependencies=Залежно�ті
+composer.dependencies.development=Залежно�ті розробки
+conan.details.repository=Сховище
+conan.install=Щоб в�тановити пакет за допомогою Conan, виконайте на�тупну команду:
+conda.install=Щоб в�тановити пакет за допомогою Conda, виконайте на�тупну команду:
+container.details.type=Тип зображенн�
+container.details.platform=Платформа
+container.pull=Завантажити образ з командного р�дка:
+container.images=Образи
+container.multi_arch=ОС / �рхітектура
+container.layers=Шари образів
+container.labels=Мітки
+container.labels.key=Ключ
+container.labels.value=Значенн�
+cran.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+debian.registry.info=Оберіть $distribution та $component зі �пи�ку нижче.
+debian.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+debian.repository=Інформаці� про �ховище
+debian.repository.distributions=Ди�трибутиви
+debian.repository.components=Компоненти
+debian.repository.architectures=�рхітектури
+generic.download=Завантажити пакет з командного р�дка:
+go.install=В�тановити пакет із командного р�дка:
+helm.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+maven.install2=Виконати з командного р�дка:
+maven.download=Щоб завантажити залежні�ть, виконайте в командному р�дку:
+nuget.install=Щоб в�тановити пакет за допомогою NuGet, запу�тіть на�тупну команду:
+nuget.dependency.framework=Цільовий фреймворк
+npm.install=Щоб в�тановити пакет за допомогою npm, виконайте на�тупну команду:
+npm.install2=або додайте до файлу package.json:
+npm.dependencies=Залежно�ті
+npm.dependencies.development=Залежно�ті розробки
+npm.dependencies.optional=�еобовʼ�зкові залежно�ті
+npm.details.tag=Мітка
+pypi.requires=Потрібен Python
+rpm.distros.redhat=на ди�трибутивах на о�нові RedHat
+rpm.distros.suse=на ди�трибутивах на о�нові SUSE
+rpm.install=Щоб в�тановити пакет, виконайте на�тупну команду:
+rpm.repository=Інформаці� про �ховище
+rpm.repository.architectures=�рхітектури
+rpm.repository.multiple_groups=Цей пакет до�тупний у багатьох групах.
+rubygems.install=Щоб в�тановити пакет за допомогою gem, виконайте на�тупну команду:
+rubygems.install2=або додайте до Gemfile:
+rubygems.dependencies.development=Залежно�ті розробки
+rubygems.required.ruby=Вимагає вер�ію Ruby
+rubygems.required.rubygems=Вимагає вер�ію RubyGem
+swift.install=Додайте пакет у ваш файл <code>Package.swift</code>:
+swift.install2=і виконайте на�тупну команду:
+vagrant.install=Щоб додати бок� Vagrant, виконайте на�тупну команду:
+settings.link=Прив'�зати пакет до �ховища
+settings.link.description=Якщо ви зв'�жете пакет зі �ховищем, його буде вказано у �пи�ку пакетів �ховища.
+settings.link.select=Обрати �ховище
+settings.link.button=Оновити по�иланн� на �ховище
+settings.link.error=�е вдало�� оновити по�иланн� на �ховище.
+settings.delete=Видалити пакет
+settings.delete.description=Видаленн� пакета є о�таточним і не може бути �ка�оване.
+settings.delete.notice=Ви збираєте�ь видалити %s (%s). Цю операцію неможливо �ка�увати, ви впевнені?
+settings.delete.success=Пакет видалено.
+settings.delete.error=�е вдало�� видалити пакет.
+owner.settings.cargo.title=Індек� реє�тру Cargo
+owner.settings.cargo.initialize=Ініціалізувати індек�
+owner.settings.cargo.initialize.description=Дл� викори�танн� реє�тру Cargo потрібне �пеціальне �ховище індек�ів Git. Викори�танн� цього параметра дозволить (повторно) �творити та автоматично налаштувати �ховище.
+owner.settings.cargo.initialize.error=�е вдало�� ініціалізувати індек� Cargo: %v
+owner.settings.cargo.initialize.success=Індек� Cargo у�пішно �творено.
+owner.settings.cargo.rebuild=Перебудувати індек�
+owner.settings.cargo.rebuild.description=Повторна збірка може бути кори�ною, �кщо індек� не �инхронізовано зі збереженими пакетами Cargo.
+owner.settings.cargo.rebuild.error=�е вдало�� перебудувати індек� Cargo: %v
+owner.settings.cleanuprules.title=Керувати правилами очищенн�
+owner.settings.cleanuprules.add=Додати правило очищенн�
+owner.settings.cleanuprules.edit=Редагувати правило очищенн�
+owner.settings.cleanuprules.none=Правила очищенн� від�утні. Будь ла�ка, зверніть�� до документації.
+owner.settings.cleanuprules.preview=Попередній перегл�д правила очищенн�
+owner.settings.cleanuprules.preview.overview=Заплановано видаленн� %d пакетів.
+owner.settings.cleanuprules.preview.none=Правило очищенн� не відповідає жодному пакету.
 owner.settings.cleanuprules.enabled=Увімкнено
+owner.settings.cleanuprules.pattern_full_match=За�то�увати шаблон до повної назви пакета
+owner.settings.cleanuprules.keep.title=Вер�ії, �кі відповідають цим правилам, зберігають��, навіть �кщо вони відповідають наведеному нижче правилу видаленн�.
+owner.settings.cleanuprules.keep.count=Залишити найновіші
+owner.settings.cleanuprules.keep.count.1=1 вер�і� на пакет
+owner.settings.cleanuprules.keep.count.n=%d вер�ії(-й) на пакет
+owner.settings.cleanuprules.keep.pattern=Зберігати вер�ії, що збігають��
+owner.settings.cleanuprules.remove.title=Вер�ії, �кі відповідають цим правилам, видал�ють��, �кщо правило вище не вимагає їх збереженн�.
+owner.settings.cleanuprules.remove.days=Видалити вер�ії, �таріші за
+owner.settings.cleanuprules.remove.pattern=Видалити вер�ії, що збігають��
+owner.settings.cleanuprules.success.update=Правило очищенн� оновлено.
+owner.settings.cleanuprules.success.delete=Правило очищенн� видалено.
+owner.settings.chef.title=Реє�тр Chef
+owner.settings.chef.keypair=Згенерувати ключову пару
+owner.settings.chef.keypair.description=Ключова пара необхідна дл� автентифікації у реє�трі Chef. Якщо ви �творювали ключову пару раніше, �творенн� нової пари призведе до �ка�уванн� �тарої.
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=Опи�
+creation.name_placeholder=без урахуванн� регі�тру, тільки алфавітно-цифрові �имволи або підкре�ленн�, не можуть починати�� з GITEA_ або GITHUB_.
+creation.value_placeholder=Введіть довільний вмі�т. Пробіли на початку та в кінці будуть пропущені.
+creation.description_placeholder=Введіть короткий опи� (необов'�зково).
+
+
 
 [actions]
+actions=Дії
 
+unit.desc=Керувати ді�ми
 
+status.unknown=�евідомий
+status.waiting=Очікуванн�
+status.running=Виконуєть��
+status.success=У�піх
+status.failure=�евдача
+status.cancelled=Ска�овано
+status.skipped=Пропущено
+status.blocked=Заблоковано
 
+runners.status=Стату�
+runners.id=ID
 runners.name=�азва
 runners.owner_type=Тип
 runners.description=Опи�
+runners.labels=Мітки
+runners.last_online=О�танній раз онлайн
+runners.task_list.no_tasks=�аразі завдань немає.
 runners.task_list.run=Запу�тити
+runners.task_list.status=Стату�
 runners.task_list.repository=Репозиторій
 runners.task_list.commit=Коміт
+runners.task_list.done_at=Завершено о
+runners.update_runner=Оновити зміни
+runners.status.unspecified=�евідомий
+runners.status.idle=Очікуванн�
 runners.status.active=�ктивний
+runners.version=Вер�і�
+runners.reset_registration_token=Скинути реє�траційний токен
 
+runs.all_workflows=В�і робочі проце�и
 runs.commit=Коміт
-
-
-
-
+runs.scheduled=Заплановано
+runs.pushed_by=завантажено
+runs.invalid_workflow_helper=Файл конфігурації робочих проце�ів недій�ний. Будь ла�ка, перевірте файл конфігурації: %s
+runs.no_job_without_needs=Робочий проце� повинен мі�тити принаймні одну задачу без залежно�тей.
+runs.no_job=Робочий проце� повинен мі�тити принаймні одну задачу
+runs.actor=�ктор
+runs.status=Стату�
+runs.actors_no_select=У�і актори
+runs.status_no_select=В�і �тату�и
+runs.no_results=Збігів немає.
+runs.no_workflows=Робочих проце�ів наразі немає.
+runs.no_workflows.quick_start=�е знаєте, �к почати з Gitea Дії? Дивіть�� <a target="_blank" rel="noopener noreferrer" href="%s">по�ібник швидкого �тарту</a>.
+runs.no_workflows.documentation=Дл� отриманн� додаткової інформації про Gitea Дії, перегл�ньте <a target="_blank" rel="noopener noreferrer" href="%s">документацію</a>.
+runs.no_runs=Робочий проце� ще не виконував��.
+runs.empty_commit_message=(порожнє повідомленн� коміту)
+runs.expire_log_message=Журнали були очищені, тому що вони були занадто �тарі.
+runs.delete=Видалити запущений робочий проце�
+runs.delete.description=Ви впевнені, що хочете о�таточно видалити цей робочий проце�? Цю дію неможливо �ка�увати.
+runs.not_done=Виконанн� цього робочого проце�у не завершено.
+runs.view_workflow_file=Перегл�д файлу робочого проце�у
+
+workflow.disable=Вимкнути робочий проце�
+workflow.disable_success=Робочий проце� '%s' у�пішно вимкнено.
+workflow.enable=Увімкнути робочий проце�
+workflow.enable_success=Робочий проце� '%s' у�пішно ввімкнено.
+workflow.disabled=Робочий проце� вимкнений.
+workflow.run=Запу�тити робочий проце�
+workflow.not_found=Робочий проце� '%s' не знайдено.
+workflow.run_success=Робочий проце� '%s' завершив�� у�пішно.
+workflow.from_ref=Викори�тати робочий проце� з
+workflow.has_workflow_dispatch=Цей робочий проце� має тригер події workflow_dispatch.
+workflow.has_no_workflow_dispatch=Робочий проце� “%s� не має тригера події workflow_dispatch.
+
+
+variables=Змінні
+variables.management=Керуванн� змінними
+variables.creation=Додати змінну
+variables.none=�аразі немає змінних.
+variables.deletion=Видалити змінну
+variables.deletion.description=Видаленн� змінної є о�таточним і не може бути �ка�оване. Продовжити?
+variables.description=Змінні будуть передані певним ді�м і не можуть бути прочитані інакше.
+variables.id_not_exist=Змінної з ідентифікатором %d не і�нує.
+variables.edit=Редагувати змінну
+variables.deletion.failed=�е вдало�� видалити змінну.
+variables.deletion.success=Змінну видалено.
+variables.creation.failed=�е вдало�� додати змінну.
+variables.creation.success=Змінну "%s" додано.
+variables.update.failed=�е вдало�� відредагувати змінну.
+variables.update.success=Змінну відредаговано.
+
+logs.always_auto_scroll=Завжди автоматично прокручувати журнали
+logs.always_expand_running=Завжди розгортати поточні журнали
 
 [projects]
+deleted.display_name=Видалений проєкт
+type-1.display_name=Індивідуальний проєкт
+type-2.display_name=Проєкт �ховища
+type-3.display_name=Проєкт організації
+enter_fullscreen=Повноекранний режим
+exit_fullscreen=Вийти з повноекранного режиму
 
 [git.filemode]
+changed_filemode=%[1]s → %[2]s
 ; Ordered by git filemode value, ascending. E.g. directory has "040000", normal file has "100644", …
+directory=Тека
+normal_file=Звичайний файл
+executable_file=Виконуваний файл
 symbolic_link=Символічне по�иланн�
+submodule=Підмодуль
 
diff --git a/options/locale/locale_zh-CN.ini b/options/locale/locale_zh-CN.ini
index f36789921e..01e35820a1 100644
--- a/options/locale/locale_zh-CN.ini
+++ b/options/locale/locale_zh-CN.ini
@@ -4,14 +4,14 @@ explore=探索
 help=帮助
 logo=徽标
 sign_in=登录
-sign_in_with_provider=使用 %s 登录
+sign_in_with_provider=使用「%s�登录
 sign_in_or=或
 sign_out=退出
 sign_up=注册
 link_account=链接账户
 register=注册
-version=当�版本
-powered_by=Powered by %s
+version=版本
+powered_by=由 %s 强力驱动
 page=页�
 template=模�
 language=语言选项
@@ -28,7 +28,7 @@ return_to_gitea=返回 Gitea
 more_items=更多选项
 
 username=用户�
-email=电�邮件地�
+email=邮箱地�
 password=密�
 access_token=访问令牌（Access Token）
 re_type=确认密�
@@ -42,9 +42,8 @@ webauthn_sign_in=按下安全密钥上的按钮。如果安全密钥没有按钮
 webauthn_press_button=请按下安全密钥上的按钮…
 webauthn_use_twofa=使用�自手机中的两步验��
 webauthn_error=无法读�安全密钥。
-webauthn_unsupported_browser=你的�览器目��支� WebAuthn。
+webauthn_unsupported_browser=您的�览器目��支� WebAuthn。
 webauthn_error_unknown=�生未知错误。请�试。
-webauthn_error_insecure=WebAuthn 仅支�安全连接。如果�在 HTTP �议上进行测试，请使用 "localhost" 或 "127.0.0.1" 作为访问��
 webauthn_error_unable_to_process=�务器无法处�您的请求。
 webauthn_error_duplicated=此安全密钥未被许�用于这个请求。请确�该密钥尚未注册。
 webauthn_error_empty=您必须为此密钥设置一个�称。
@@ -58,11 +57,11 @@ issue_milestone=里程碑
 new_repo=创建仓库
 new_migrate=�移外部仓库
 new_mirror=创建新的镜�
-new_fork=新的仓库Fork
+new_fork=派生新仓库
 new_org=创建组织
 new_project=创建项目
 new_project_column=创建列
-manage_org=管�我的组织
+manage_org=管�组织
 admin_panel=管���
 account_settings=�户设置
 settings=设置
@@ -78,7 +77,7 @@ forks=派生
 
 activities=最近活动
 pull_requests=�并请求
-issues=工�管�
+issues=工�
 milestones=里程碑
 
 ok=确定
@@ -91,7 +90,7 @@ add=添加
 add_all=添加所有
 remove=移除
 remove_all=移除所有
-remove_label_str=`删除标签 "%s"`
+remove_label_str=删除标签「%s�
 edit=编辑
 view=查看
 test=测试
@@ -113,6 +112,7 @@ copy_type_unsupported=无法�制此类型的文件内容
 write=撰写
 preview=预览
 loading=正在加载...
+files=文件
 
 error=错误
 error404=您正�试访问的页� <strong>�存在</strong> 或 <strong>您尚未被授�</strong> 查看该页�。
@@ -127,8 +127,9 @@ rss_feed=RSS 订阅�
 pin=固定
 unpin=�消置顶
 
-artifacts=制�
-confirm_delete_artifact=您确定�删除制�'%s'�？
+artifacts=产物
+expired=已过期
+confirm_delete_artifact=您确定�删除产物「%s��？
 
 archived=已归档
 
@@ -162,32 +163,21 @@ filter.public=公开
 filter.private=�有
 
 no_results_found=未找到结果
-internal_error_skipped=�生内部错误，但已被跳过： %s
+internal_error_skipped=�生内部错误，但已跳过： %s
 
 [search]
-search=�索...
 type_tooltip=�索类型
 fuzzy=模糊
-fuzzy_tooltip=包�近似匹��索�的结果
+words=�
+words_tooltip=仅包�匹��索�的结果
+regexp=正则表达�
+regexp_tooltip=仅包�匹�正则表达��索�的结果
 exact=精确
 exact_tooltip=仅包�精确匹��索�的结果
-repo_kind=�索仓库...
-user_kind=�索用户...
-org_kind=�索组织...
-team_kind=�索团队...
-code_kind=�索代�...
 code_search_unavailable=代��索当���用。请与网站管�员�系。
-code_search_by_git_grep=当�代��索结果由“git grep��供。如果站点管�员�用仓库索引器，�能会有更好的结果。
-package_kind=�索软件包...
-project_kind=�索项目...
-branch_kind=�索分支...
-tag_kind=�索标签...
-tag_tooltip=�索匹�的标签。使用“%��匹�任何�列的数字
-commit_kind=�索�交记录...
-runner_kind=�索runners...
+code_search_by_git_grep=当�代��索结果由「git grep��供。如果站点管�员�用仓库索引器，�能会有更好的结果。
+tag_tooltip=�索匹�的标签。使用「%��匹�任何�列的数字。
 no_results=未找到匹�结果
-issue_kind=�索工�...
-pull_kind=�索�并请求...
 keyword_search_unavailable=按关键字�索当���用。请�系站点管�员。
 
 [aria]
@@ -223,8 +213,6 @@ buttons.enable_monospace_font=�用等宽字体
 buttons.disable_monospace_font=�用等宽字体
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=�生了一个错误
@@ -245,7 +233,6 @@ license_desc=所有的代�都开�在 <a target="_blank" rel="noopener norefe
 
 [install]
 install=安装页�
-installing_desc=正在安装，请�候...
 title=�始�置
 docker_helper=如果您正在使用 Docker 容器�行 Gitea，请务必先仔细阅读 <a target="_blank" rel="noopener noreferrer" href="%s">官方文档</a> ��对本页�进行填写。
 require_db_desc=Gitea 需�使用 MySQL�PostgreSQL�MSSQL�SQLite3 或 TiDB (MySQL�议) 等数�库
@@ -255,23 +242,17 @@ host=数�库主机
 user=用户�
 password=数�库用户密�
 db_name=数�库�称
-db_schema=Schema
+db_schema=架构
 db_schema_helper=留空则数�库中默认值为("public")。
 ssl_mode=SSL
 path=数�库文件路径
 sqlite_helper=SQLite3 数�库的文件路径。<br>如果以�务的方��行 Gitea，请输入�对路径。
 reinstall_error=您正在�试安装到一个已�有 Gitea 数�的数�库中
-reinstall_confirm_message=使用现有的 Gitea 数�库�新安装�能会导致多个问题。在大多数情况下，你应该使用你现有的 “app.ini� ��行 Gitea。如果你知�自己在�什么，请确认以下内容：
-reinstall_confirm_check_1=使用 app.ini 中 SECRET KEY 加密的数��能会丢失：用户�能无法使用 2FA/OTP 登录，仓库镜��能无法正常工作。勾选此框，表示您确认当� app.ini 文件包�正确的 SECRET KEY。
-reinstall_confirm_check_2=代�仓库和设置�能需��新�步。勾选此框，表示您确认将手动�新�步仓库和 SSH authorized_keys 的钩�。您确认您将确�代�仓库和镜�设置是正确的。
-reinstall_confirm_check_3=你确认你�对肯定这个 Gitea 在正确的 app.ini �置上�行，而且你确定你必须�新安装。你确认你知晓上述风险。
+reinstall_confirm_message=使用现有的 Gitea 数�库�新安装�能会导致多个问题。在大多数情况下，您应该使用您现有的「app.ini���行 Gitea。如果您知�自己在�什么，请确认以下内容：
+reinstall_confirm_check_3=您确认您�对肯定这个 Gitea 在正确的 app.ini �置上�行，而且您确定您必须�新安装。您确认您知晓上述风险。
 err_empty_db_path=SQLite 数�库文件路径�能为空。
 no_admin_and_disable_registration=您�能够在未创建管�员用户的情况下�止注册。
 err_empty_admin_password=管�员密��能为空。
-err_empty_admin_email=管�员电�邮件�能为空。
-err_admin_name_is_reserved=管�员用户�无效，用户�是�留的
-err_admin_name_pattern_not_allowed=管�员用户�无效，用户�是�留字
-err_admin_name_is_invalid=管�员用户�无效
 
 general_title=一般设置
 app_name=站点�称
@@ -287,9 +268,8 @@ domain_helper=�务器的域�或主机地�。
 ssh_port=SSH �务端�
 ssh_port_helper=SSH �务器的端��，为空则�用它。
 http_port=HTTP �务端�
-http_port_helper=Giteas web �务器将侦�的端��。
 app_url=基础URL
-app_url_helper=用于 HTTP (S) 克隆和电�邮件通知的基本地�。
+app_url_helper=用于 HTTP (S) 克隆和邮件通知的基本地�。
 log_root_path=日志路径
 log_root_path_helper=日志文件将写入此目录。
 
@@ -297,12 +277,12 @@ optional_title=�选设置
 email_title=电�邮箱设置
 smtp_addr=SMTP 主机地�
 smtp_port=SMTP 端�
-smtp_from=电�邮件�件人
-smtp_from_invalid=`"��电�邮件为"地�无效`
-smtp_from_helper=请输入一个用于 Gitea 的电�邮件地�，或者使用完整格�："�称" <email@example.com>
+smtp_from=邮件�件人
+smtp_from_invalid=「邮件�件人�地�无效
+smtp_from_helper=请输入一个用于 Gitea 的邮箱地�，或者使用完整格�：「�称�<email@example.com>。
 mailer_user=SMTP 用户�
 mailer_password=SMTP 密�
-register_confirm=需��电�邮件确认注册
+register_confirm=需�邮件确认注册
 mail_notify=�用邮件通知�醒
 server_service_title=�务器和第三方�务设置
 offline_mode=�用本地模�
@@ -327,12 +307,12 @@ admin_title=管�员��设置
 admin_name=管�员用户�
 admin_password=管�员密�
 confirm_password=确认密�
-admin_email=电�邮件地�
+admin_email=邮箱地�
 install_btn_confirm=立�安装
 test_git_failed=无法识别 'git' 命令：%v
 sqlite3_not_available=您所使用的�行版�支� SQLite3，请从 %s 下载官方构建版，而�是 gobuild 版本。
 invalid_db_setting=数�库设置无效: %v
-invalid_db_table=数�库表 '%s' 无效： %v
+invalid_db_table=数�库表「%s�无效：%v
 invalid_repo_path=仓库根目录设置无效：%v
 invalid_app_data_path=应用数�路径无效： %v
 run_user_not_match=�行用户��是当�的用户�：%s -> %s
@@ -341,17 +321,16 @@ secret_key_failed=生�密钥失败： %v
 save_config_failed=应用�置�存失败：%v
 invalid_admin_setting=管�员�户设置无效: %v
 invalid_log_root_path=日志路径无效: %v
-default_keep_email_private=默认情况下��电�邮件地�
-default_keep_email_private_popup=默认情况下, ��新用户�户的电�邮件地�。
+default_keep_email_private=默认情况下��邮箱地�
+default_keep_email_private_popup=默认情况下，��新用户�户的邮箱地�。
 default_allow_create_organization=默认情况下�许创建组织
 default_allow_create_organization_popup=默认情况下, �许新用户�户创建组织。
 default_enable_timetracking=默认情况下�用时间跟踪
 default_enable_timetracking_popup=默认情况下�用新仓库的时间跟踪。
-no_reply_address=��电�邮件
-no_reply_address_helper=具有��电�邮件地�的用户的域�。例如, 用户� "joe" 将以 "joe@noreply.example.org" 的身份登录到 Git 中. 如果��的电�邮件域设置为 "noreply.example.org"。
+no_reply_address=��邮件域
+no_reply_address_helper=具有��邮箱地�的用户的域�。例如，如果��邮箱域�设置为「noreply.example.org�，那么用户�「joe�在 Git 中将显示为「joe@noreply.example.org�。
 password_algorithm=密�哈希算法
 invalid_password_algorithm=无效的密�哈希算法
-password_algorithm_helper=设置密�散列算法。算法有��的�求和强度。 argon2 算法相当安全，但使用大�内存，因此�能�适��型系统。
 enable_update_checker=�用更新检查
 enable_update_checker_helper=通过连接到 gitea.io 定期检查新版本�布。
 env_config_keys=环境�置
@@ -371,7 +350,7 @@ my_mirrors=我的镜�
 view_home=访问 %s
 filter=其他过滤器
 filter_by_team_repositories=按团队仓库筛选
-feed_of=`"%s"的�`
+feed_of=「%s�的�
 
 show_archived=已归档
 show_both_archived_unarchived=显示已归档和未归档的
@@ -385,6 +364,12 @@ show_only_public=�显示公开的
 
 issues.in_your_repos=在您的仓库中
 
+guide_title=无活动
+guide_desc=您目�没有关注任何仓库或用户，所以没有�显示的内容。 您�以从下�的链接中探索感兴趣的仓库或用户。
+explore_repos=探索仓库
+explore_users=探索用户
+empty_org=目�还没有组织。
+empty_repo=目�还没有仓库。
 
 [explore]
 repos=仓库
@@ -401,43 +386,42 @@ create_new_account=注册��
 already_have_account=已有账�？
 sign_in_now=立�登录
 disable_register_prompt=对�起，注册功能已被关闭。请�系网站管�员。
-disable_register_mail=已�用注册的电�邮件确认。
+disable_register_mail=已�用注册邮件确认。
 manual_activation_only=请�系您的站点管�员�完�激活。
 remember_me=记�此设备
 remember_me.compromised=登录令牌��有效，因为它�能表明�户已被破�。请检查您的�户是�有异常活动。
 forgot_password_title=忘记密�
 forgot_password=忘记密�？
-need_account=需�一个�户?
-sign_up_now=还没账�？马上注册。
+need_account=需�一个�户？
+sign_up_tip=您正在系统中注册第一个�户，它拥有管�员��。请仔细记�您的用户�和密�。 如果您忘记了用户�或密�，请�阅 Gitea 文档以��账户。
+sign_up_now=立�注册。
 sign_up_successful=�户创建�功。欢迎�
-confirmation_mail_sent_prompt_ex=一�新的确认邮件已���到 <b>%s</b>请在下一个 %s 中检查您的收件箱以完�注册过程。 如果您的注册电�邮件地��正确，您�以�新登录并更改它。
+confirmation_mail_sent_prompt_ex=一�新的确认邮件已���到 <b>%s</b>。请在下一个 %s 中检查您的收件箱以完�注册�程。 如果您的注册邮箱地��正确，您�以�新登录并更改它。
 must_change_password=更新您的密�
 allow_password_change=�求用户更改密�（推�）
-reset_password_mail_sent_prompt=确认电�邮件已被��到 <b>%s</b>。请您在 %s 内检查您的收件箱 ，完�密��置过程。
+reset_password_mail_sent_prompt=确认邮件已被��到 <b>%s</b>。请您在 %s 内检查您的收件箱 ，完�密��置�程。
 active_your_account=激活您的�户
 account_activated=�户已激活
-prohibit_login=�止登录
-prohibit_login_desc=您的�户被�止登录，请与网站管�员�系。
 resent_limit_prompt=您请求��激活邮件过于频�，请等待 3 分钟��试�
 has_unconfirmed_mail=%s 您好，系统检测到您有一���至 <b>%s</b> 但未被确认的邮件。如果您未收到激活邮件，或需��新��，请�击下方的按钮。
-change_unconfirmed_mail_address=如果您的注册电�邮件地��正确，您�以在此更改并�新��新的确认电�邮件。
+change_unconfirmed_mail_address=如果您的注册邮箱地��正确，您�以在此更改并�新��新的确认邮件。
 resend_mail=�击此处�新��确认邮件
 email_not_associate=您输入的邮箱地�未被关�到任何���
 send_reset_mail=��账户��邮件
 reset_password=账户��
 invalid_code=此确认密钥无效或已过期。
-invalid_code_forgot_password=你的确认�无效或者已过期，点击 <a href="%s">这里</a> 开始新的会�。
+invalid_code_forgot_password=您的确认�无效或已过期，点击 <a href="%s">这里</a> 开始新的会�。
 invalid_password=您的密�与用于创建账户的密��匹�。
 reset_password_helper=��账户
 reset_password_wrong_user=您以 %s 登录，但��账�链接是用于 %s。
 password_too_short=密�长度�能少于 %d �。
-non_local_account=�本地�户�能通过 Gitea 的 web 界�更改密�。
+non_local_account=�本地�户�能通过 Gitea 的 Web 界�更改密�。
 verify=验�
 scratch_code=验��令
 use_scratch_code=使用验��令
-twofa_scratch_used=你已�使用了你的验��令。你将会转到两步验�设置页�以便移除你的注册设备或者�新生�新的验��令。
-twofa_passcode_incorrect=你的验���正确。如果你丢失了你的设备，请使用你的验��令。
-twofa_scratch_token_incorrect=你的验��令�正确。
+twofa_scratch_used=您已�使用了您的验��令。您将会转到两步验�设置页�以便移除您的注册设备或者�新生�新的验��令。
+twofa_passcode_incorrect=您的验���正确。如果您丢失了您的设备，请使用您的验��令。
+twofa_scratch_token_incorrect=您的验��令�正确。
 login_userpass=登录
 login_openid=OpenID
 oauth_signup_tab=注册��
@@ -446,31 +430,28 @@ oauth_signup_submit=完�账�
 oauth_signin_tab=绑定到现有��
 oauth_signin_title=登录以授�绑定�户
 oauth_signin_submit=绑定账�
+oauth.signin.error.general=处�授�请求时出错：%s。如果此错误�然存在，请与站点管�员�系。
 oauth.signin.error.access_denied=授�请求被拒�。
 oauth.signin.error.temporarily_unavailable=授�失败，因为认��务器暂时��用。请���试。
-oauth_callback_unable_auto_reg=自动注册已�用，但OAuth2 �供商 %[1]s 返回缺失的字段：%[2]s，无法自动创建�户，请创建或链接到一个�户，或�系站点管�员。
+oauth_callback_unable_auto_reg=自动注册已�用，但 OAuth2 �供商 %[1]s 返回缺失的字段：%[2]s，无法自动创建�户，请创建或链接到一个�户，或�系站点管�员。
 openid_connect_submit=连接
 openid_connect_title=连接到现有的�户
 openid_connect_desc=所选的 OpenID URI 未知。在这里关�一个新�户。
 openid_register_title=创建新�户
 openid_register_desc=所选的 OpenID URI 未知。在这里关�一个新�户。
 openid_signin_desc=输入您的OpenID地�。例如：alice.openid.example.org 或 https://openid.example.org/alice.
-disable_forgot_password_mail=由于未设置电�邮件，�户��被�用。 请�系您的站点管�员。
-disable_forgot_password_mail_admin=�户��仅在设置电�邮件��用。 请设置电�邮件以�用�户��。
-email_domain_blacklisted=您�能使用您的电�邮件地�注册。
+email_domain_blacklisted=您�能使用您的邮箱地�注册。
 authorize_application=应用授�
 authorize_redirect_notice=如果您授�此应用，您将会被�定�到 %s。
-authorize_application_created_by=此应用由%s创建。
-authorize_application_description=如果您�许，它将能够读�和修改您的所有�户信�，包括�人仓库和组织。
-authorize_application_with_scopes=范围: %s
+authorize_application_created_by=此应用由 %s 创建。
+authorize_application_with_scopes=范围：%s
 authorize_title=授� %s 访问您的�户？
 authorization_failed=授�失败
-authorization_failed_desc=因为检测到无效请求，授�失败。请�试�系您授�应用的管�员。
 sspi_auth_failed=SSPI 认�失败
 password_pwned=此密�出现在 <a target="_blank" rel="noopener noreferrer" href="%s">被盗密�</a> 列表上并且曾�被公开。 请使用�一个密��试一次。
 password_pwned_err=无法完�对 HaveIBeenPwned 的请求
 last_admin=您�能删除最�一个管�员。必须至少�留一个管�员。
-signin_passkey=使用密钥登录
+signin_passkey=使用通行密钥登录
 back_to_sign_in=返回登录页�
 
 [mail]
@@ -486,24 +467,23 @@ activate_account.text_2=请在 <b>%s</b> 时间内，点击以下链接激活您
 
 activate_email=请验�您的邮箱地�
 activate_email.title=%s，请验�您的邮箱
-activate_email.text=请在 <b>%s</b> 时间内，点击以下链接，以验�你的电�邮件地�：
+activate_email.text=请在 <b>%s</b> 时间内，点击以下链接，以验�您的邮箱地�：
 
 register_notify=欢迎�到 %s
 register_notify.title=%[1]s，欢迎�到 %[2]s
-register_notify.text_1=这是您的 %s 注册确认电�邮件 �
-register_notify.text_2=您现在�以以用户� %s 登录。
+register_notify.text_1=这是您的 %s 注册确认邮件 �
 register_notify.text_3=如果此账户已为您创建，请先 <a href="%s">设置您的密�</a>。
 
 reset_password=��您的账户
 reset_password.title=%s，您已请求��您的�户
-reset_password.text=请在 <b>%s</b> 时间内，点击以下链接，��你的账户：
+reset_password.text=请在 <b>%s</b> 时间内，点击以下链接，以��您的账户：
 
 register_success=注册�功
 
 issue_assigned.pull=@%[1]s 已将仓库 %[3]s 中的�并请求 %[2]s 指派给您
 issue_assigned.issue=@%[1]s 已将仓库 %[3]s 中的工� %[2]s 指派给您
 
-issue.x_mentioned_you=<b>@%s</b> �到了您：
+issue.x_mentioned_you=<b>@%s</b> ��了您：
 issue.action.force_push=<b>%[1]s</b> 强制从 %[3]s 推� <b>%[2]s</b> 至 [4]s。
 issue.action.push_1=<b>@%[1]s</b> 推�了 %[3]d 个�交到 %[2]s
 issue.action.push_n=<b>@%[1]s</b> 推�了 %[3]d 个�交到 %[2]s
@@ -518,26 +498,25 @@ issue.action.ready_for_review=<b>@%[1]s</b> 标记此�并请求已评审通过
 issue.action.new=<b>@%[1]s</b> 创建了 #%[2]d.
 issue.in_tree_path=在 %s 中：
 
-release.new.subject=%[2]s 中的 %[1]s �布了
+release.new.subject=%[2]s 中的 %[1]s 已�布
 release.new.text=<b>@%[1]s</b> 于 %[3]s �布了 %[2]s
-release.title=标题： %s
+release.title=标题：%s
 release.note=注释：
 release.downloads=下载：
-release.download.zip=�代� (ZIP)
-release.download.targz=�代� (TAR.GZ)
+release.download.zip=�代�（ZIP）
+release.download.targz=�代�（TAR.GZ）
 
-repo.transfer.subject_to=%s 想�将 "%s" 转让给 %s
-repo.transfer.subject_to_you=%s 想�将 "%s" 转让给你
-repo.transfer.to_you=ä½ 
-repo.transfer.body=访问 %s 以接�或拒�转移，亦�忽略此邮件。
+repo.transfer.subject_to=%s 想�将「%s�转移给 %s
+repo.transfer.subject_to_you=%s 想�将「%s�转移给您
+repo.transfer.to_you=您
 
-repo.collaborator.added.subject=%s 把你添加到了 %s
-repo.collaborator.added.text=您已被添加为代�库的�作者：
+repo.collaborator.added.subject=%s 把您添加到了 %s
+repo.collaborator.added.text=您已被添加为仓库的�作者：
 
 team_invite.subject=%[1]s 邀请您加入组织 %[2]s
 team_invite.text_1=%[1]s 邀请您加入组织 %[3]s 中的团队 %[2]s。
 team_invite.text_2=请点击下�的链接加入团队：
-team_invite.text_3=注�：这是��给 %[1]s 的邀请。如果您未曾收到过此类邀请，请忽略这�电�邮件。
+team_invite.text_3=注�：此邀请是��给 %[1]s 的。如果您未预期收到此邀请，请忽略这�邮件。
 
 [modal]
 yes=确认�作
@@ -577,37 +556,33 @@ size_error=长度必须为 %s。
 min_size_error=长度最�为 %s 个字符。
 max_size_error=长度最大为 %s 个字符。
 email_error=�是一个有效的邮箱地�。
-url_error=`'%s' �是一个有效的 URL。`
-include_error=`必须包��字符串 "%s"。`
-glob_pattern_error=`匹�模�无效：%s.`
+url_error=`「%s��是一个有效的 URL。`
+include_error=`必须包��字符串「%s�。`
+glob_pattern_error=`匹�表达�无效：%s.`
 regex_pattern_error=`正则表达�无效：%s.`
-username_error=` �能包�字�数字字符('0-9','a-z','A-Z'), 破折� ('-'), 下划线 ('_') 和点 ('.'). �能以�字�数字字符开头或结尾，并且��许连续的�字�数字字符。`
 invalid_group_team_map_error=`映射无效： %s`
 unknown_error=未知错误：
 captcha_incorrect=验���正确。
 password_not_match=密��匹�。
 lang_select_error=从列表中选出语言
 
-username_been_taken=用户�已被使用。
+username_been_taken=用户�已使用。
 username_change_not_local_user=�本地用户��许更改用户�。
-change_username_disabled=更改用户�已被�用。
+change_username_disabled=更改用户�已�用。
 change_full_name_disabled=更改用户全�已�用
 username_has_not_been_changed=用户�未更改
-repo_name_been_taken=仓库�称已被使用。
-repository_force_private=“强制�有�已�用：�有仓库�能被公开。
+repo_name_been_taken=仓库�称已使用。
+repository_force_private=「强制�有�已�用：�有仓库�能被公开。
 repository_files_already_exist=此仓库已存在文件。请�系系统管�员。
-repository_files_already_exist.adopt=此仓库已存在文件，�能被收录。
 repository_files_already_exist.delete=此仓库已存在文件，必须先删除他们。
 repository_files_already_exist.adopt_or_delete=此仓库已存在文件，�么删除他们，�么收录他们。
 visit_rate_limit=远程访问达到速度�制。
-2fa_auth_required=远程访问需���验�。
-org_name_been_taken=组织�称已被使用。
-team_name_been_taken=团队�称已被使用。
+org_name_been_taken=组织�称已使用。
+team_name_been_taken=团队�称已使用。
 team_no_units_error=至少选择一项仓库�元。
-email_been_used=该电�邮件地�已在使用中。
+email_been_used=该邮箱地�已在使用中。
 email_invalid=此邮箱地�无效。
-email_domain_is_not_allowed=用户 <b>%s</b> 与EMAIL_DOMAIN_ALLOWLIT 或 EMAIL_DOMAIN_BLOCKLIT 冲�。请确�您的�作是预期的。
-openid_been_used=OpenID 地� "%s" 已被使用。
+openid_been_used=OpenID 地�「%s�已被使用。
 username_password_incorrect=用户�或密��正确。
 password_complexity=密�未达到��程度�求:
 password_lowercase_one=至少一个�写字符
@@ -622,23 +597,17 @@ unset_password=登录用户没有设置密�。
 unsupported_login_type=此登录类型�支�手动删除�户。
 user_not_exist=该用户�存在
 team_not_exist=团队�存在
-last_org_owner=您�能从 "所有者" 团队中删除最�一个用户。组织中必须至少有一个所有者。
-cannot_add_org_to_team=组织�能被加入到团队中。
+last_org_owner=您�能从「所有者�团队中删除最�一个用户。组织中必须至少有一个所有者。
+cannot_add_org_to_team=组织�能加入到团队中。
 duplicate_invite_to_team=此用户已被邀请为团队�员。
 organization_leave_success=您已�功离开组织 %s。
 
-invalid_ssh_key=无法验�您的 SSH 密钥: %s
-invalid_gpg_key=无法验�您的 GPG 密钥: %s
-invalid_ssh_principal=无效的规则： %s
+invalid_ssh_key=无法验�您的 SSH 密钥：%s
+invalid_gpg_key=无法验�您的 GPG 密钥：%s
+invalid_ssh_principal=无效的规则：%s
 must_use_public_key=您�供的密钥是�钥。��在任何地方上传您的�钥，请改用您的公钥。
-unable_verify_ssh_key=无法验� SSH 密钥，请仔细检查是�有错误。
 auth_failed=授�验�失败：%v
 
-still_own_repo=此�户�拥有至少一个仓库，您需�先删除或转移它们。
-still_has_org=此�户隶属于一个或多个组织，请先退出这些组织。
-still_own_packages=您的账户拥有一个或多个软件包，请先删除它们。
-org_still_own_repo=该组织�然是�些仓库的拥有者，请先删除或转移它们�
-org_still_own_packages=该组织�然是一个或多个软件包的拥有者，请先删除它们。
 
 target_branch_not_exist=目标分支�存在。
 target_ref_not_exist=目标引用 %s �存在
@@ -662,31 +631,28 @@ follow=关注
 unfollow=�消关注
 user_bio=简历
 disabled_public_activity=该用户已��活动记录。
-email_visibility.limited=所有已认�用户��看到您的电�邮件地�
-email_visibility.private=�有你本人和管�员�以看到你的电�邮件地�
+email_visibility.limited=所有已认�用户��看到您的邮箱地�
+email_visibility.private=�有您本人和管�员�以看到您的邮箱地�
 show_on_map=在地图上显示这个�置
 settings=用户设置
 
-form.name_reserved=用户� "%s" 被�留。
-form.name_pattern_not_allowed=用户�中��许使用 "%s" 格�。
-form.name_chars_not_allowed=用户� "%s" 包�无效字符。
+form.name_reserved=用户�「%s�被�留。
+form.name_pattern_not_allowed=用户�中��许使用「%s�格�。
 
 block.block=�蔽
 block.block.user=�蔽用户
-block.block.org=�蔽用户访问组织
-block.block.failure=�蔽用户失败: %s
+block.block.failure=�蔽用户失败：%s
 block.unblock=�消�蔽
-block.unblock.failure=�蔽用户失败: %s
+block.unblock.failure=�消�蔽用户失败：%s
 block.blocked=您已�蔽此用户。
 block.title=�蔽一个用户
 block.info=�蔽用户会阻止他们与仓库进行交互，例如打开或评论�并请求或出现问题。了解更多关于�蔽用户的信�。
 block.info_1=阻止用户在您的�户和仓库中进行以下�作：
-block.info_2=关注你的账�
-block.info_3=通过@��您的用户��您��通知
+block.info_2=关注您的账�
+block.info_3=通过 @ ��您的用户��您��通知
 block.info_4=邀请您作为�作者到他们的仓库中
 block.info_5=在仓库中点赞�派生或关注
 block.info_6=打开和评论工�或�并请求
-block.info_7=在问题或�并请求中对您的评论�出�应
 block.user_to_block=��蔽的用户
 block.note=备注
 block.note.title=�选备注：
@@ -715,18 +681,18 @@ uid=UID
 webauthn=两步验�（安全密钥）
 
 public_profile=公开信�
-biography_placeholder=告诉我们一点您自己� (您�以使用Markdown)
-location_placeholder=与他人分享你的大概�置
-profile_desc=控制您的个人资料对其他用户的显示方�。您的主�电�邮件地�将用于通知�密���和基于网页界�的 Git �作
-password_username_disabled=��许�本地用户更改他们的用户�。更多详情请�系您的系统管�员。
-password_full_name_disabled=您无�更改他们的全�。请�系您的站点管�员了解更多详情。
+biography_placeholder=告诉我们一点您自己� (您�以使用 Markdown)
+location_placeholder=与他人分享您的大概�置
+profile_desc=控制您的个人资料对其他用户的显示方�。您的主邮箱地�将用于通知�密���和基于网页的 Git �作。
+password_username_disabled=您�被�许更改您的用户�。更多详情请�系您的系统管�员。
+password_full_name_disabled=您�被�许更改您的全�。请�系您的站点管�员了解更多详情。
 full_name=自定义�称
 website=个人网站
 location=所在地区
 update_theme=更新主题
 update_profile=更新信�
 update_language=更新语言
-update_language_not_found=语言 %s ��用。
+update_language_not_found=语言「%s���用。
 update_language_success=语言已更新。
 update_profile_success=您的资料信�已�更新
 change_username=您的用户�已更改。
@@ -737,7 +703,6 @@ cancel=�消�作
 language=界�语言
 ui=主题
 hidden_comment_types=��的评论类型
-hidden_comment_types_description=此处选中的注释类型�会显示在问题页�中。比如，勾选�标签“删除所有 "<user> 添加/删除的 <label>" 注释。
 hidden_comment_types.ref_tooltip=注释此问题在何处被��过，如�一个问题�代��交等
 hidden_comment_types.issue_ref_tooltip=注释用户在何处更改了与此问题相关�的分支/标签
 comment_type_group_reference=引用
@@ -759,7 +724,7 @@ privacy=��设置
 keep_activity_private=��个人资料页�中的活动
 keep_activity_private_popup=使活动仅对您和管�员��
 
-lookup_avatar_by_mail=从电�邮箱地�查找头�
+lookup_avatar_by_mail=从邮箱地�查找头�
 federated_avatar_lookup=Federated Avatar 查找
 enable_custom_avatar=�动自定义头�
 choose_new_avatar=选择新的头�
@@ -783,96 +748,90 @@ emails=邮箱地�
 manage_emails=管�邮箱地�
 manage_themes=选择默认主题
 manage_openid=管� OpenID 地�
-email_desc=您的主�电�邮件地�将用于通知�密���，基于网页界�的Git�作(��它�是设置为��的)。
+email_desc=您的主邮箱地�将用于通知�密���以�基于网页的 Git �作（如果它未设为��）。
 theme_desc=这将是您在整个网站上的默认主题。
-theme_colorblindness_help=颜色障�主题支�
-theme_colorblindness_prompt=Gitea �能获得一些基本的颜色障�支�，这些主题�定义了少数颜色。 这项工作�在进行中，�以通过在主题的 CSS 文件中定义更多颜色��更多的改进。
 primary=主�
 activated=已激活
 requires_activation=需�激活
-primary_email=设为主�邮件地�
+primary_email=设为主邮箱
 activate_email=��激活邮件
 activations_pending=等待激活
-can_not_add_email_activations_pending=有一个待处�的激活请求，请�等几分钟���试添加新的电�邮件地�。
 delete_email=移除
-email_deletion=移除电�邮件地�
-email_deletion_desc=电�邮箱地�和相关信�将会被删除。使用此电�邮箱地���的Git�交将会�留，继续？
-email_deletion_success=您的电�邮箱地�已被移除。
+email_deletion=移除邮箱地�
+email_deletion_desc=邮箱地�和相关信�将会被删除。使用此邮箱地���的Git�交将会�留，继续？
+email_deletion_success=您的邮箱地�已移除。
 theme_update_success=您的主题已更新。
 theme_update_error=所选主题�存在。
 openid_deletion=移除 OpenID 地�
-openid_deletion_desc=删除此 OpenID 地�将会阻止你使用它进行登录。你确定�继续�？
-openid_deletion_success=OpenID地�已被移除。
+openid_deletion_desc=删除此 OpenID 地�将会阻止您使用它进行登录。您确定�继续�？
+openid_deletion_success=OpenID 地�已移除。
 add_new_email=添加新的邮箱地�
 add_new_openid=添加新的 OpenID URI
-add_email=增加电�邮件地�
+add_email=新增邮箱地�
 add_openid=添加 OpenID URI
-add_email_confirmation_sent=一�确认邮件已�被��至 %s，请检查您的收件箱并在 %s 内完�确认注册�作。
-add_email_success=新的电�邮件地�已添加。
-email_preference_set_success=电�邮件首选项已�功设置。
+add_email_confirmation_sent=一�确认邮件已���至「%s�，请检查您的收件箱并在 %s 内完�确认注册�作。
+add_email_success=新邮箱地�已添加。
+email_preference_set_success=邮件首选项已�功设置。
 add_openid_success=新的 OpenID 地�已添加。
-keep_email_private=��电�邮件地�
-keep_email_private_popup=这将会��您的电�邮件地�，�仅在您的个人资料中，还在您使用Web界�创建�并请求或编辑文件时。已推�的�交将�会被修改。在�交中使用 %s 以和您的账�关�。
-openid_desc=OpenID 让你�以将认�转�到外部�务。
+keep_email_private=��邮箱地�
+keep_email_private_popup=这将会��您的邮箱地�，�仅在您的个人资料中，还在您使用 Web 界�创建�并请求或编辑文件时。已推�的�交将�会被修改。在�交中使用 %s 以和您的账�关�。
+openid_desc=OpenID 让您�以将认�转�到外部�务。
 
 manage_ssh_keys=管� SSH 密钥
-manage_ssh_principals=管�SSH�书规则
+manage_ssh_principals=管� SSH �书规则
 manage_gpg_keys=管� GPG 密钥
 add_key=增加密钥
-ssh_desc=这些 SSH 公钥已�关�到你的账�。相应的�钥拥有完全�作你的仓库的��。
-principal_desc=这些SSH�书规则已关�到你的账�将�许完全访问你的所有仓库。
-gpg_desc=这些 GPG 公钥已�关�到你的账�。请妥善�管你的�钥因为他们将被用于认��交。
+ssh_desc=这些 SSH 公钥已�关�到您的账�。相应的�钥拥有完全�作您仓库的��。
+principal_desc=这些 SSH �书规则已关�到您的账�将�许完全访问您所有仓库。
+gpg_desc=这些 GPG 公钥已�关�到您的账�。请妥善�管您的�钥因为他们将被用于认��交。
 ssh_helper=<strong>需�帮助？</strong> 请查看有关 <a href="%s">如何生� SSH 密钥</a> 或 <a href="%s">常� SSH 问题</a> 寻找答案。
-gpg_helper=<strong>需�帮助�？</strong>看一看 GitHub  <a href="%s">关于GPG</a> 的指导。
+gpg_helper=<strong>需�帮助？</strong>看一看 GitHub <a href="%s">关于 GPG</a> 的指导。
 add_new_key=增加 SSH 密钥
 add_new_gpg_key=添加的 GPG 密钥
 key_content_ssh_placeholder=以 'ssh-ed25519'� 'ssh-rsa'� 'ecdsa-sha2-nistp256'�'ecdsa-sha2-nistp384'�'ecdsa-sha2-nistp521'� 'sk-ecdsa-sha2-nistp256@openssh.com' 或 'sk-ssh-ed25519@openssh.com' 开头
 key_content_gpg_placeholder=以 '-----BEGIN PGP PUBLIC KEY BLOCK-----' 开头
 add_new_principal=添加规则
 ssh_key_been_used=此 SSH 密钥已添加到�务器。
-ssh_key_name_used=使用相��称的SSH公钥已�存在�
+ssh_key_name_used=使用相��称的 SSH 公钥已�存在。
 ssh_principal_been_used=此规则已�加入到了�务器。
-gpg_key_id_used=使用相��称的GPG公钥已�存在�
-gpg_no_key_email_found=此 GPG 密钥与您�户关�的任何已激活电�邮件地���匹�。如果您在�供的令牌上签�，它�然�以被添加。
+gpg_key_id_used=使用相��称的 GPG 公钥已�存在。
+gpg_no_key_email_found=此 GPG 密钥与您�户关�的任何已激活邮箱地���匹�。如果您已对�供的令牌进行签�，��添加该密钥。
 gpg_key_matched_identities=匹�的身份：
-gpg_key_matched_identities_long=此密钥中包�的身份信�与下�这个该用户已激活电�邮件地�是相匹�的。因此，能与这些电�邮件地�相匹�的�交�以通过此密钥进行验�。
+gpg_key_matched_identities_long=此密钥中包�的身份信�与以下此用户已激活邮箱地�匹�。与这些邮箱地�相匹�的�交�通过此密钥进行验�。
 gpg_key_verified=已验�的密钥
-gpg_key_verified_long=密钥已�用令牌进行了验�，并且�以用�验�匹�此用户任何已激活电�邮件地�的�交，以�匹�此密钥的任何身份。
+gpg_key_verified_long=密钥已通过令牌验�，除与此密钥匹�的任何身份外，还�用于验�与该用户任何已激活邮箱地�匹�的�交。
 gpg_key_verify=验�
-gpg_invalid_token_signature=�供的 GPG 密钥�签�和令牌�匹�或过期。
 gpg_token_required=您必须为下�的令牌�供签�
 gpg_token=令牌
 gpg_token_help=您�以使用以下方�生�签�：
 gpg_token_signature=GPG 增强签�
 key_signature_gpg_placeholder=以 '-----BEGIN PGP PUBLIC KEY BLOCK-----' 开头
-verify_gpg_key_success=GPG 密钥 %s 已被验�。
+verify_gpg_key_success=GPG 密钥「%s�已验�。
 ssh_key_verified=已验�的密钥
-ssh_key_verified_long=密钥已�用令牌进行了验�，并且�以用�验�匹�此用户任何已激活电�邮件地�的�交。
+ssh_key_verified_long=密钥已通过令牌验�，�用于验�与该用户任何已激活邮箱地�匹�的�交。
 ssh_key_verify=验�
-ssh_invalid_token_signature=�供的 SSH 密钥�签�或令牌�匹�或令牌已过期。
 ssh_token_required=您必须为下�的令牌�供签�
 ssh_token=令牌
 ssh_token_help=您�以使用以下方�生�签�：
 ssh_token_signature=增强 SSH 签�
 key_signature_ssh_placeholder=以 '-----BEGIN SSH SIGNATURE -----' 开头
-verify_ssh_key_success=SSH 密钥 %s 已被验�。
+verify_ssh_key_success=SSH 密钥「%s�已验�。
 subkeys=�项
-key_id=é”®ID
+key_id=密钥 ID
 key_name=密钥�称
 key_content=密钥内容
 principal_content=内容
-add_key_success=SSH 密钥 %s 添加�功。
-add_gpg_key_success=GPG 密钥 %s 添加�功。
-add_principal_success=SSH�书规则 %s 添加�功。
+add_key_success=SSH 密钥「%s�添加�功。
+add_gpg_key_success=GPG 密钥「%s�添加�功。
+add_principal_success=SSH �书规则「%s�添加�功。
 delete_key=删除
 ssh_key_deletion=删除 SSH 密钥
 gpg_key_deletion=删除 GPG 密钥
 ssh_principal_deletion=删除 SSH �书规则
 ssh_key_deletion_desc=删除 SSH 公钥将�消对应的�钥对您的 Gitea �户的访问��。继续？
-gpg_key_deletion_desc=删除 GPG 公钥将无法认知使用对应�钥签�的�交，继续？
-ssh_principal_deletion_desc=删除此 SSH �书规则将�消它对您的账户的访问��。继续？
-ssh_key_deletion_success=GPG 密钥已被删除。
-gpg_key_deletion_success=GPG 密钥已被删除。
+gpg_key_deletion_desc=删除 GPG 公钥将无法认�对应�钥签�的�交，继续？
+ssh_key_deletion_success=SSH 密钥已删除。
+gpg_key_deletion_success=GPG 密钥已删除。
 ssh_principal_deletion_success=此规则删除�功。
 added_on=添加于 %s
 valid_until_date=有效期至 %s
@@ -886,7 +845,7 @@ token_state_desc=7 天内使用过该密钥
 principal_state_desc=7 天内使用过该规则
 show_openid=在个人信�上显示
 hide_openid=在个人信�上��
-ssh_disabled=SSH 被�用
+ssh_disabled=SSH 已�用
 ssh_signonly=SSH 目�已�用，因此这些密钥仅用于�交签�验�。
 ssh_externally_managed=此 SSH 密钥是由外部管�的
 manage_social=管�关�社交�户
@@ -906,16 +865,19 @@ access_token_deletion=删除 Access Token
 access_token_deletion_cancel_action=�消
 access_token_deletion_confirm_action=刪除
 access_token_deletion_desc=删除令牌将撤销程�对您账户的访问��。此�作无法撤消。是�继续？
-delete_token_success=令牌已�被删除。使用该令牌的应用将��能够访问你的账�。
+delete_token_success=令牌已�被删除。使用该令牌的应用将��能够访问您的账�。
 repo_and_org_access=仓库和组织访问��
 permissions_public_only=仅公开
-permissions_access_all=全部(公开��有和��)
+permissions_access_all=全部（公开��有和��）
 permission_not_set=未设置
 permission_no_access=无访问��
 permission_read=�读
 permission_write=读写
+permission_anonymous_read=匿�读
+permission_everyone_read=所有人�读
+permission_everyone_write=所有人�写
 access_token_desc=所选令牌��仅�于对应的 <a %s>API</a> 路由的授�。阅读 <a %s>文档</a> 以获�更多信�。
-at_least_one_permission=你需�选择至少一个���能创建令牌
+at_least_one_permission=您需�选择至少一个���能创建令牌
 permissions_list=��：
 
 manage_oauth2_applications=管� OAuth2 应用程�
@@ -923,13 +885,12 @@ edit_oauth2_application=编辑 OAuth2 应用程�
 oauth2_applications_desc=OAuth2 应用�许第三方应用程�在此 Gitea 实例中安全验�用户。
 remove_oauth2_application=删除 OAuth2 应用程�
 remove_oauth2_application_desc=删除 OAuth2 应用将撤销所有签�的访问令牌。继续�？
-remove_oauth2_application_success=该应用已被删除。
+remove_oauth2_application_success=该应用已删除。
 create_oauth2_application=创建新的 OAuth2 应用程�
 create_oauth2_application_button=创建应用
 create_oauth2_application_success=您已�功创建了一个新的 OAuth2 应用。
 update_oauth2_application_success=您已�功更新了此 OAuth2 应用。
 oauth2_application_name=应用�称
-oauth2_confidential_client=机密客户端。是�是能够维�凭�机密性的应用，比如网页应用程�。如果是本地应用程�请��勾选，包括桌�和移动端应用。
 oauth2_skip_secondary_authorization=首次授���许公共客户端跳过授�步骤。 <strong>�能会带�安全风险。</strong>
 oauth2_redirect_uris=�定� URI。�行一个 URI。
 save_application=�存
@@ -941,67 +902,65 @@ oauth2_client_secret_hint=您离开或刷新此页��将�会�显示此密
 oauth2_application_edit=编辑
 oauth2_application_create_description=OAuth2 应用�许您的第三方应用程�访问此实例的用户�户。
 oauth2_application_remove_description=移除一个OAuth2应用将会阻止它访问此实例上的已授�用户账户。是�继续？
-oauth2_application_locked=如果�置�用，Gitea预注册一些OAuth2应用程�。 为了防止�外的行为, 这些应用既�能编辑也�能删除。请�阅OAuth2文档以获�更多信�。
+oauth2_application_locked=如果�置�用，Gitea 将在�动时预注册一些 OAuth2 应用程�。 为了防止�外的行为, 这些应用既�能编辑也�能删除。请�阅 OAuth2 文档以获�更多信�。
 
 authorized_oauth2_applications=已授�的 OAuth2 应用
-authorized_oauth2_applications_description=您已授予这些第三方应用程�访问您的个人 Gitea 账户的��。请撤销那些您��需�的应用程�的访问��。
 revoke_key=撤销
 revoke_oauth2_grant=撤回��
-revoke_oauth2_grant_description=确定撤销此三方应用程�的授�，并阻止此应用程�访问您的数�？
 revoke_oauth2_grant_success=�功撤销了访问��。
 
-twofa_desc=为�护你的账�密�安全，你�以使用智能手机或其它设备�接收时间强相关的一次性密�（TOTP）。
+twofa_desc=为�护您的账�密�安全，您�以使用智能手机或其它设备�接收时间强相关的一次性密�（TOTP）。
 twofa_recovery_tip=如果您丢失了您的设备，您将能够使用一次性��密钥��新获得对您账户的访问。
-twofa_is_enrolled=你的账�<strong>已�用</strong>了两步验�。
-twofa_not_enrolled=你的账�未开�两步验�。
+twofa_is_enrolled=您的账�<strong>已�用</strong>了两步验�。
+twofa_not_enrolled=您的账�未开�两步验�。
 twofa_disable=�用两步认�
 twofa_scratch_token_regenerate=�新生��始令牌
 twofa_scratch_token_regenerated=您的�始令牌现在是 %s。将其存放在安全的地方，它将�会�次显示。
-twofa_enroll=�用两步验�
 twofa_disable_note=如果需�, �以�用�因素身份验�。
 twofa_disable_desc=关掉两步验�会使得您的账��安全，继续执行？
 regenerate_scratch_token_desc=如果您丢失了您的��密钥或已�使用它登录, 您�以在这里�置它。
-twofa_disabled=两步验�已被�用。
+twofa_disabled=两步验�已�用。
 scan_this_image=使用您的授�应用扫�这张图片：
 or_enter_secret=或者输入密钥：%s
 then_enter_passcode=并输入应用程�中显示的密�:
 passcode_invalid=密��正确。�试一次。
-twofa_enrolled=你的账�已��用了两步验�。请�存�始令牌（%s）到一个安全的地方，此令牌仅显示一次。
+twofa_enrolled=您的账�已��用了两步验�。请�存�始令牌（%s）到一个安全的地方，此令牌仅显示一次。
 twofa_failed_get_secret=获� secret 失败。
 
 webauthn_desc=安全密钥是包�加密密钥的硬件设备。它们�以用于�因素身份验�。安全密钥必须支� <a rel="noreferrer" target="_blank" href="%s">WebAuthn 身份验�器</a> 标准。
 webauthn_register_key=添加安全密钥
 webauthn_nickname=昵称
 webauthn_delete_key=移除安全密钥
-webauthn_delete_key_desc=如果删除了安全密钥，则�能�使用它登录。继续？
 webauthn_key_loss_warning=如果您丢失了您的安全密钥，您将无法访问您的�户。
 webauthn_alternative_tip=您�能想��置�外的身份验�方法。
 
 manage_account_links=管�绑定过的账�
 manage_account_links_desc=这些外部�户已�绑定到您的 Gitea �户。
-account_links_not_available=当�没有与您的 Gitea �户绑定的外部�户。
+account_links_not_available=当�没有外部�户链接到您的 Gitea �户。
 link_account=链接账户
 remove_account_link=删除已绑定的账�
 remove_account_link_desc=删除已绑定�户将�销其对您的 Gitea �户的访问��。继续？
 remove_account_link_success=已�消绑定�户。
 
-hooks.desc=添加 Webhooks，它们将会在您拥有的<strong>所有仓库</strong>上触�
+hooks.desc=添加 Web 钩�，它们将会在您拥有的<strong>所有仓库</strong>上触�。
 
 orgs_none=您现在还�是任何组织的�员。
-repos_none=你并�拥有任何仓库。
+repos_none=您并�拥有任何仓库。
 
 delete_account=删除当��户
-delete_prompt=此�作将永久删除您的用户�户。它 <strong>�能</strong> 被撤消。
-delete_with_all_comments=你的�户年龄�于 %s。为了��幽�评论，所有工�/�并请求的评论都将与它一起被删除。
+delete_prompt=此�作将永久删除您的用户�户。它 <strong>无法</strong> 被撤消。
+delete_with_all_comments=您的�户年龄�于 %s。为了��幽�评论，所有工�/�并请求的评论都将与它一起被删除。
 confirm_delete_account=确认删除�户
 delete_account_title=删除当��户
 delete_account_desc=确实�永久删除此用户�户�？
 
 email_notifications.enable=�用邮件通知
-email_notifications.onmention=�在被�到时邮件通知
+email_notifications.onmention=仅被��时通知
 email_notifications.disable=�用邮件通知
-email_notifications.submit=邮件通知设置
-email_notifications.andyourown=和您自己的通知
+email_notifications.submit=设置邮件通知
+email_notifications.andyourown=仅与您相关的通知
+email_notifications.actions.desc=设置了 <a target="_blank" href="%s">Gitea 工作�</a> 的仓库中工作��行的通知。
+email_notifications.actions.failure_only=仅在工作��行失败时通知
 
 visibility=用户��性
 visibility.public=公开
@@ -1016,6 +975,9 @@ new_repo_helper=代ç �仓库包å�«äº†æ‰€æœ‰çš„项目文件，包括版本历å�²è
 owner=拥有者
 owner_helper=由于最大仓库数��制，一些组织�能�会显示在下拉列表中。
 repo_name=仓库�称
+repo_name_profile_public_hint=.profile 是一个特殊的仓库，您�以使用它将 README.md 添加到您的公共组织资料中，任何人都�以看到。请确�它是公开的，并使用个人资料目录中的 README 对其进行�始化以开始使用。
+repo_name_profile_private_hint=.profile-private 是一个特殊的仓库，您�以使用它�您的组织�员个人资料添加 README.md，仅对组织�员��。请确�它是�有的，并使用个人资料目录中的 README 对其进行�始化以开始使用。
+repo_name_helper=�想的仓库�称应由简短�有�义和独特的关键�组�。「.profile�和「.profile-private��用于为用户/组织添加 README.md。
 repo_size=仓库大�
 template=模�
 template_select=选择模�
@@ -1029,41 +991,41 @@ visibility_fork_helper=（修改该值将会影�到所有派生仓库）
 clone_helper=�知�如何克隆？查看<a target="_blank" rel="noopener noreferrer" href="%s">帮助</a> 。
 fork_repo=派生仓库
 fork_from=派生自
-already_forked=你已�派生过 %s
+already_forked=您已�派生过 %s
 fork_to_different_account=派生到其他账�
 fork_visibility_helper=无法更改派生仓库的��性。
-fork_branch=�克隆到 Fork 的分支
+fork_branch=�克隆为派生的分支
 all_branches=所有分支
 view_all_branches=查看所有分支
 view_all_tags=查看所有标签
-fork_no_valid_owners=这个代�仓库无法被派生，因为没有有效的所有者。
 fork.blocked_user=无法克隆仓库，因为您被仓库所有者�蔽。
 use_template=使用此模�
 open_with_editor=用 %s 打开
+
 download_zip=下载 ZIP
 download_tar=下载 TAR.GZ
 download_bundle=下载 BUNDLE
 generate_repo=生�仓库
 generate_from=生�自
-repo_desc=仓库�述
+repo_desc=�述
 repo_desc_helper=输入简��述 (�选)
 repo_no_desc=无详细信�
-repo_lang=编程语言
-repo_gitignore_helper=选择 .gitignore 模�。
+repo_lang=语言
+repo_gitignore_helper=选择 .gitignore 模�
 repo_gitignore_helper_desc=从常�语言的模�列表中选择忽略跟踪的文件。默认情况下，由开�或构建工具生�的特殊文件都包�在 .gitignore 中。
 issue_labels=工�标签
 issue_labels_helper=选择一个工�标签集
 license=授�许�
-license_helper=选择授�许�文件。
-license_helper_desc=许��说明了其他人�以和��以用您的代��什么。�确定哪一个适�你的项目？� <a target="_blank" rel="noopener noreferrer" href="%s">选择一个许��</a>
+license_helper=选择授�许�文件
+license_helper_desc=许��说明了其他人�以和��以用您的代��什么。�确定哪一个适�您的项目？� <a target="_blank" rel="noopener noreferrer" href="%s">选择一个许��</a>
 multiple_licenses=多许��
 object_format=对象格�
 object_format_helper=仓库的对象格�。之�无法更改。SHA1 是最兼容的。
 readme=自述
 readme_helper=选择自述文件模�。
 readme_helper_desc=这是您�以为您的项目撰写完整�述的地方。
-auto_init=�始化仓库(添加. gitignore�许��和自述文件)
-trust_model_helper=选择签�验�的“信任模型�。�能的选项是:
+auto_init=�始化仓库（添加 .gitignore�许��和自述文件）
+trust_model_helper=选择签�验�的信任模型。�能的选项是：
 trust_model_helper_collaborator=�作者：信任�作者的签�
 trust_model_helper_committer=�交者：信任与�交者相符的签�
 trust_model_helper_collaborator_committer=�作者+�交者：信任�作者�时是�交者的签�
@@ -1080,25 +1042,22 @@ mirror_sync=已�步
 mirror_sync_on_commit=推��交时�步
 mirror_address=从 URL 克隆
 mirror_address_desc=在授�框中输入必�的凭�。
-mirror_address_url_invalid=URL无效。请检查您所输入的URL是�正确。
 mirror_address_protocol_invalid=�供的URL无效。�能使用http(s)://或git://地�进行镜��作。
 mirror_lfs=大文件存储 (LFS)
 mirror_lfs_desc=镜� LFS 数�。
 mirror_lfs_endpoint=LFS 网�
-mirror_lfs_endpoint_desc=�步将�试使用克隆网�� <a target="_blank" rel="noopener noreferrer" href="%s">确定 LFS �务器</a>。如果仓库 LFS 数�存储在其他�置，你还�以指定自定义网�。
 mirror_last_synced=上次�步
 mirror_password_placeholder=(未更改)
 mirror_password_blank_placeholder=(未设置)
 mirror_password_help=更改用户�以删除已储存的密�。
 watchers=关注者
-stargazers=称赞者
+stargazers=已赞者
 stars_remove_warning=这将清除此仓库的所有点赞数。
 forks=派生仓库
 stars=点赞数
 reactions_more=�加载 %d
 unit_disabled=站点管�员已�用此仓库�元。
 language_other=其它
-adopt_search=输入用户�以�索未被收录的仓库... (留空以查找全部)
 adopt_preexisting_label=收录仓库
 adopt_preexisting=收录已存在的仓库
 adopt_preexisting_content=从 %s 创建仓库
@@ -1112,25 +1071,27 @@ blame.ignore_revs=忽略 <a href="%s">.git-blame-ignore-revs</a> 的修订。点
 blame.ignore_revs.failed=忽略 <a href="%s">.git-blame-ignore-revs</a> 版本失败。
 user_search_tooltip=最多显示30�用户
 
+tree_path_not_found=%[2]s 中�存在路径 %[1]s
 
 transfer.accept=接�转移
-transfer.accept_desc=`转移到 "%s"`
+transfer.accept_desc=转移到「%s�
 transfer.reject=拒�转移
-transfer.reject_desc=`�消转移到 "%s"`
-transfer.no_permission_to_accept=您没有��接�此转让。
-transfer.no_permission_to_reject=您没有��拒�此转让。
+transfer.reject_desc=�消转移到「%s�
+transfer.no_permission_to_accept=您没有��接�此转移。
+transfer.no_permission_to_reject=您没有��拒�此转移。
 
 desc.private=�有库
 desc.public=公开
+desc.public_access=公开访问
 desc.template=模�
 desc.internal=内部
 desc.archived=已存档
 desc.sha256=SHA256
 
 template.items=模�选项
-template.git_content=Git数�(默认分支)
+template.git_content=Git 数�（默认分支）
 template.git_hooks=Git é’©å­�
-template.git_hooks_tooltip=你目�无法修改或删除被添加过的 Git Hook。仅当你信任模�仓库时��以选择此项。
+template.git_hooks_tooltip=您目�无法修改或删除被添加过的 Git 钩�。仅当您信任模�仓库时��以选择此项。
 template.webhooks=Web é’©å­�
 template.topics=主题
 template.avatar=头�
@@ -1138,15 +1099,13 @@ template.issue_labels=工�标签
 template.one_item=必须至少选择一个模�项
 template.invalid=必须选择一个模�仓库
 
-archive.title=该仓库已被归档。您�以查看文件和克隆它，但�能推��创建工�或�并请求。
-archive.title_date=该仓库已于 %s 归档。您�以查看文件或克隆它，但�能推��创建工�或�并请求。
 archive.issue.nocomment=此仓库已存档，您�能在此工�添加评论。
 archive.pull.nocomment=此仓库已存档，您�能在此�并请求添加评论。
 
-form.reach_limit_of_creation_1=你已�达到了 %d 仓库的上�。
-form.reach_limit_of_creation_n=你已�达到了 %d 个仓库的上�。
-form.name_reserved=仓库�称 %s 是被�留的。
-form.name_pattern_not_allowed=仓库�称中��许使用 %s 格�。
+form.reach_limit_of_creation_1=您已�达到了 %d 仓库的上�。
+form.reach_limit_of_creation_n=您已�达到了 %d 个仓库的上�。
+form.name_reserved=仓库�称 %s 是�留的。
+form.name_pattern_not_allowed=仓库�中��许使用「%s�格�。
 
 need_auth=授�
 migrate_options=�移选项
@@ -1154,9 +1113,8 @@ migrate_service=�移�务
 migrate_options_mirror_helper=该仓库将是一个镜�
 migrate_options_lfs=�移 LFS 文件
 migrate_options_lfs_endpoint.label=LFS 网�
-migrate_options_lfs_endpoint.description=�移将�试使用你的 Git remote � <a target="_blank" rel="noopener noreferrer" href="%s">确定 LFS �务器</a>。如果仓库 LFS 数�存储在其他�置，你还�以指定自定义网�。
+migrate_options_lfs_endpoint.description=�移将�试使用您的 Git remote � <a target="_blank" rel="noopener noreferrer" href="%s">确定 LFS �务器</a>。如果仓库 LFS 数�存储在其他�置，您还�以指定自定义网�。
 migrate_options_lfs_endpoint.description.local=支�本地�务器路径。
-migrate_options_lfs_endpoint.placeholder=如果留空，网�将从克隆 URL 中得到
 migrate_items=�移项目
 migrate_items_wiki=百科
 migrate_items_milestones=里程碑
@@ -1164,14 +1122,12 @@ migrate_items_labels=标签
 migrate_items_issues=工�
 migrate_items_pullrequests=�并请求
 migrate_items_merge_requests=�并请求
-migrate_items_releases=版本�布
+migrate_items_releases=�布
 migrate_repo=�移仓库
 migrate.clone_address=从 URL �移/克隆
 migrate.clone_address_desc=现有仓库的 HTTP(s) 或 Git "clone" URL
-migrate.github_token_desc=由于 GitHub API 速率�制，您�以在此处放置一个或多个以逗�分隔的令牌，以加快�移速度。 警告：滥用此功能�能会���务�供商的政策并导致�户被�。
 migrate.clone_local_path=或�务器本地路径
 migrate.permission_denied=您没有获得导入本地仓库的��。
-migrate.permission_denied_blocked=您�能从��许的主机导入，请询问管�员以检查 ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS 设置。
 migrate.invalid_local_path=本地路径无效。它�存在或�是一个目录。
 migrate.invalid_lfs_endpoint=LFS 网�无效。
 migrate.failed=�移失败：%v
@@ -1179,7 +1135,6 @@ migrate.migrate_items_options=需�访问令牌��移�外的内容
 migrated_from=从 <a href="%[1]s">%[2]s</a> �移
 migrated_from_fake=从 %[1]s �移�功
 migrate.migrate=从 %s �移
-migrate.migrating=正在从 <b>%s</b> �移...
 migrate.migrating_failed=从 <b>%s</b> �移失败。
 migrate.migrating_failed.error=�移失败：%s
 migrate.migrating_failed_no_addr=�移失败。
@@ -1205,6 +1160,7 @@ migrate.migrating_issues=�移工�
 migrate.migrating_pulls=�移�并请求
 migrate.cancel_migrating_title=�消�移
 migrate.cancel_migrating_confirm=您想��消此次�移�？
+migration_status=�移状�
 
 mirror_from=镜�自地�
 forked_from=派生自
@@ -1227,7 +1183,6 @@ clone_this_repo=克隆当�仓库
 cite_this_repo=引用此仓库
 create_new_repo_command=从命令行创建一个新的仓库
 push_exist_repo=从命令行推�已�创建的仓库
-empty_message=这个家伙很懒，什么都没有推�。
 broken_message=无法读�此仓库下的 Git 数�。 �系此实例的管�员或删除此仓库。
 
 code=代�
@@ -1236,25 +1191,24 @@ branch=分支
 tree=目录树
 clear_ref=`清除当�引用`
 filter_branch_and_tag=过滤分支或标签
-find_tag=查找Git标签
+find_tag=查找标签
 branches=分支列表
 tags=标签列表
 issues=工�
 pulls=�并请求
 projects=项目
 packages=软件包
-actions=Actions
+actions=工作�
 labels=标签
-org_labels_desc=组织级别的标签，�以被本组织下的 <strong>所有仓库</strong> 使用
 org_labels_desc_manage=管�
 
 milestone=里程碑
 milestones=里程碑
 commits=�交
 commit=�交
-release=版本�布
-releases=版本�布
-tag=Git标签
+release=�布
+releases=�布
+tag=标签
 released_this=�布
 tagged_this=已标记
 file.title=%s �于 %s
@@ -1282,7 +1236,6 @@ file_copy_permalink=�制永久链接
 view_git_blame=查看 Git Blame
 video_not_supported_in_browser=您的�览器�支�使用 HTML5 'video' 标签。
 audio_not_supported_in_browser=您的�览器�支�使用 HTML5 'video' 标签。
-stored_lfs=存储到Git LFS
 symbolic_link=符�链接
 executable_file=�执行文件
 vendored=被供应的
@@ -1308,16 +1261,18 @@ editor.upload_file=上传文件
 editor.edit_file=编辑文件
 editor.preview_changes=预览�更
 editor.cannot_edit_lfs_files=无法在 web 界�中编辑 lfs 文件。
+editor.cannot_edit_too_large_file=文件过大，无法编辑。
 editor.cannot_edit_non_text_files=网页�能编辑二进制文件。
+editor.file_not_editable_hint=但您�然�以�命�或移动它。
 editor.edit_this_file=编辑文件
 editor.this_file_locked=文件已�定
 editor.must_be_on_a_branch=您必须在�个分支上�能对此文件进行修改�作。
-editor.fork_before_edit=您必须在派生这个仓库�能对此文件进行修改�作
+editor.fork_before_edit=您必须派生这个仓库�能对此文件进行修改�作。
 editor.delete_this_file=删除文件
 editor.must_have_write_access=您必须具有写���能对此文件进行修改�作。
-editor.file_delete_success=文件 %s 已被删除。
+editor.file_delete_success=文件「%s�已删除。
 editor.name_your_file=命�文件...
-editor.filename_help=通过键入�称�跟斜线 ("/") �添加目录。通过在输入框的开头键入 "退格" �删除目录。
+editor.filename_help=通过键入�称�跟斜线 ("/") �添加目录。通过在输入框的开头键入「退格��删除目录。
 editor.or=或
 editor.cancel_lower=�消
 editor.commit_signed_changes=�交已签�的更改
@@ -1328,52 +1283,55 @@ editor.update=æ›´æ–° %s
 editor.delete=删除 %s
 editor.patch=应用补�
 editor.patching=打补�：
-editor.fail_to_apply_patch=无法应用补� %s
+editor.fail_to_apply_patch=无法应用补�
 editor.new_patch=新补�
 editor.commit_message_desc=添加一个�选的扩展�述...
 editor.signoff_desc=在�交日志消�末尾添加签署人信�。
 editor.commit_directly_to_this_branch=直接�交至 <strong class="branch-name">%s</strong> 分支。
 editor.create_new_branch=为此�交创建一个 <strong>新的分支</strong> 并�起�并请求。
 editor.create_new_branch_np=为此�交创建 <strong>新分支</strong>。
-editor.propose_file_change=�议文件更改
+editor.propose_file_change=建议文件更改
 editor.new_branch_name=为这次�交的新分支命�
 editor.new_branch_name_desc=新的分支�称...
 editor.cancel=�消
 editor.filename_cannot_be_empty=文件��能为空。
-editor.filename_is_invalid=文件� %s 无效
-editor.branch_does_not_exist=此仓库中�存在�为 %s 的分支。
-editor.branch_already_exists=此仓库已存在�为 %s 的分支。
-editor.directory_is_a_file=%s 已�作为文件�在此仓库中存在。
-editor.file_is_a_symlink=`"%s" 是一个符�链接，无法在 web 编辑器中编辑`
-editor.filename_is_a_directory=此仓库中已存在�为“%s� 的目录。
-editor.file_editing_no_longer_exists=正在编辑的文件 %s 已�存在。
-editor.file_deleting_no_longer_exists=正在删除的文件 %s 已�存在。
+editor.filename_is_invalid=文件�无效：「%s�。
+editor.branch_does_not_exist=此仓库中�存在�为「%s�的分支。
+editor.branch_already_exists=此仓库已存在�为「%s�的分支。
+editor.directory_is_a_file=目录�「%s�已作为文件�在此仓库中存在。
+editor.filename_is_a_directory=文件�「%s�已作为目录�在此仓库中存在。
+editor.file_modifying_no_longer_exists=正在修改的文件「%s�已�存在于此仓库。
 editor.file_changed_while_editing=文件内容在您进行编辑时已��生�动。<a target="_blank" rel="noopener noreferrer" href="%s">�击此处</a> 查看�动的具体内容，或者 <strong>�次�交</strong> 覆盖已�生的�动。
-editor.file_already_exists=此仓库已�存在�为 %s 的文件。
-editor.commit_id_not_matching=�交ID与您开始编辑时的ID�匹�。请�交到补�分支然��并。
+editor.file_already_exists=此仓库已�存在�为「%s�的文件。
 editor.push_out_of_date=推�似乎已�过时。
 editor.commit_empty_file_header=�交一个空文件
 editor.commit_empty_file_text=您��交的文件是空的，继续�？
 editor.no_changes_to_show=没有�以显示的�更。
-editor.fail_to_update_file=更新/创建文件 %s 失败。
-editor.fail_to_update_file_summary=错误信�：
-editor.push_rejected_no_message=此修改被�务器拒�并且没有�馈消�。请检查 Git Hook。
-editor.push_rejected=此修改被�务器拒�。请检查 Git Hook。
+editor.push_rejected_no_message=此修改被�务器拒�并且没有�馈消�。请检查 Git 钩�。
+editor.push_rejected=此修改被�务器拒�。请检查 Git 钩�。
 editor.push_rejected_summary=详细拒�信�：
 editor.add_subdir=添加目录
-editor.unable_to_upload_files=上传文件至 %s 时�生错误：%v
-editor.upload_file_is_locked=文件 %s 被 %s �定。
-editor.upload_files_to_dir=上传文件至 %s
-editor.cannot_commit_to_protected_branch=��以�交到��护的分支 %s。
+editor.unable_to_upload_files=上传文件至「%s�失败：%v
+editor.upload_file_is_locked=文件「%s�被 %s �定。
+editor.upload_files_to_dir=上传文件至「%s�
+editor.cannot_commit_to_protected_branch=��以�交到��护的分支「%s�。
 editor.no_commit_to_branch=无法直接�交分支，因为：
 editor.user_no_push_to_branch=用户�能推�到分支
 editor.require_signed_commit=分支需�签��交
-editor.cherry_pick=Cherry-pick %s 到：
+editor.cherry_pick=拣选�交 %s 到：
 editor.revert=将 %s 还原到：
+editor.failed_to_commit=�交更改失败。
+editor.failed_to_commit_summary=错误信�：
+
+editor.fork_create=派生仓库以请求�更
+editor.fork_create_description=您�能直接编辑此仓库。您�以派生此仓库，进行编辑并创建一个�并请求。
+editor.fork_edit_description=您�能直接编辑此仓库。 更改将写入您的派生仓库 <b>%s</b>，以便您�以创建一个�并请求。
+editor.fork_not_editable=您已�派生了此仓库，但您的派生是��编辑的。
+editor.fork_failed_to_push_branch=推�分支 %s 到仓库失败。
 
 commits.desc=�览代�修改历�
 commits.commits=次代��交
-commits.no_commits=没有共�的�交。%s 和 %s 的历�完全��。
+commits.no_commits=没有共�的�交。「%s�和「%s�的历�完全��。
 commits.nothing_to_compare=这些分支是相�的。
 commits.search.tooltip=`您�以在关键��加上�缀，如"author:", "committer:", "after:", 或"before:", 例如 "retrin author:Alice before:2019-01-13"`
 commits.search_branch=此分支
@@ -1389,18 +1347,19 @@ commits.signed_by_untrusted_user_unmatched=由与æ��交者ä¸�匹é…�的未授信ç
 commits.gpg_key_id=GPG 密钥 ID
 commits.ssh_key_fingerprint=SSH 密钥指纹
 commits.view_path=在历�记录中的此处查看
+commits.view_file_diff=查看�交中的文件更改
 
 commit.operations=�作
 commit.revert=还原
-commit.revert-header=还原： %s
+commit.revert-header=还原：%s
 commit.revert-content=选择�还原的分支：
-commit.cherry-pick=Cherry-pick
-commit.cherry-pick-header=Cherry-pick: %s
-commit.cherry-pick-content=选择 cherry-pick 的目标分支：
+commit.cherry-pick=拣选�交
+commit.cherry-pick-header=拣选�交：%s
+commit.cherry-pick-content=选择�拣选�交的目标分支：
 
 commitstatus.error=错误
 commitstatus.failure=失败
-commitstatus.pending=待定
+commitstatus.pending=队列
 commitstatus.success=�功
 
 ext_issues=访问外部工�
@@ -1413,14 +1372,14 @@ projects.create=创建项目
 projects.title=标题
 projects.new=创建项目
 projects.new_subheader=在一个地方�调�跟踪和更新您的工作，让项目���明并按计划进行。
-projects.create_success=项目 %s 创建�功。
+projects.create_success=项目「%s�创建�功。
 projects.deletion=删除项目
 projects.deletion_desc=删除项目会从所有相关的工�中移除它。是�继续？
-projects.deletion_success=该项目已被删除。
+projects.deletion_success=该项目已删除。
 projects.edit=编辑项目
 projects.edit_subheader=项目用于组织工�和跟踪进展情况。
 projects.modify=更新项目
-projects.edit_success=项目 %s 更新�功。
+projects.edit_success=项目「%s�更新�功。
 projects.type.none=æ— 
 projects.type.basic_kanban=基础看�
 projects.type.bug_triage=Bug分类看�
@@ -1434,8 +1393,8 @@ projects.column.new=创建列
 projects.column.set_default=设为默认
 projects.column.set_default_desc=设置此列为未分类问题和�并请求的默认值
 projects.column.delete=删除列
-projects.column.deletion_desc=删除项目列会将所有相关问题移到“未分类�。是�继续？
-projects.column.color=彩色
+projects.column.deletion_desc=删除项目列会将所有相关问题移至默认列。是�继续？
+projects.column.color=颜色
 projects.open=开�
 projects.close=关闭
 projects.column.assigned_to=指派给
@@ -1449,6 +1408,8 @@ issues.filter_milestones=筛选里程碑
 issues.filter_projects=筛选项目
 issues.filter_labels=筛选标签
 issues.filter_reviewers=筛选审核者
+issues.filter_no_results=没有结果
+issues.filter_no_results_placeholder=请�试调整您的�索过滤器。
 issues.new=创建工�
 issues.new.title_empty=标题�能为空
 issues.new.labels=标签
@@ -1468,7 +1429,6 @@ issues.new.clear_assignees=�消指派�员
 issues.new.no_assignees=未指派�员
 issues.new.no_reviewers=无审核者
 issues.new.blocked_user=无法创建工�，因为您已被仓库所有者�蔽。
-issues.edit.already_changed=无法�存对工�的更改。其内容似乎已被其他用户更改。 请刷新页�并�新编辑以��覆盖他们的更改
 issues.edit.blocked_user=无法编辑内容，因为您已被仓库所有者或工�创建者�蔽。
 issues.choose.get_started=开始
 issues.choose.open_external_link=开�
@@ -1477,19 +1437,19 @@ issues.choose.blank_about=从默认模�创建一个工�。
 issues.choose.ignore_invalid_templates=已忽略无效模�
 issues.choose.invalid_templates=�现了 %v 个无效模�
 issues.choose.invalid_config=问题�置包�错误：
-issues.no_ref=分支/标记未指定
+issues.no_ref=分支/Git标签未指定
 issues.create=创建工�
 issues.new_label=创建标签
 issues.new_label_placeholder=标签�称
 issues.new_label_desc_placeholder=�述
 issues.create_label=创建标签
 issues.label_templates.title=加载预定义的标签模�
-issues.label_templates.info=还没有任何标签。您�以使用'创建标签'按钮或者加载预定义的标签集创建标签
+issues.label_templates.info=还没有任何标签。您�以使用「创建标签�按钮或者加载预定义的标签集创建标签：
 issues.label_templates.helper=选择标签模�
 issues.label_templates.use=使用标签集
-issues.label_templates.fail_to_load_file=加载标签模�文件 %s 时�生错误：%v
+issues.label_templates.fail_to_load_file=加载标签模�文件「%s�时�生错误：%v
 issues.add_label=于 %[2]s 添加了标签 %[1]s
-issues.add_labels=于 %s 添加 %s 标签
+issues.add_labels=于 %[2]s 添加了标签 %[1]s
 issues.remove_label=于 %[2]s 删除了标签 %[1]s
 issues.remove_labels=于 %[2]s 删除了标签 %[1]s
 issues.add_remove_labels=于 %[3]s 添加了标签 %[1]s ，删除了标签 %[2]s
@@ -1499,11 +1459,11 @@ issues.move_to_column_of_project=`将此对象移至 %s 的 %s 中在 %s 上`
 issues.change_milestone_at=`%[3]s 修改了里程碑从 <b>%[1]s</b> 到 <b>%[2]s</b>`
 issues.change_project_at=于 %[3]s 将此从项目 <b>%[1]s</b> 移到 <b>%[2]s</b>
 issues.remove_milestone_at=`%[2]s 删除了里程碑 <b>%[1]s</b>`
-issues.remove_project_at=`从 <b>%s</b> 项目 %s 中删除`
+issues.remove_project_at=`于  %[2]s 将此工�从项目 <b>%[1]s</b> 中删除`
 issues.deleted_milestone=（已删除）
 issues.deleted_project=`(已删除)`
 issues.self_assign_at=`于 %s 指派给自己`
-issues.add_assignee_at=`于 %[2]s 被 <b>%[1]s</b> 指派`
+issues.add_assignee_at=`于 %[2]s 由 <b>%[1]s</b> 指派`
 issues.remove_assignee_at=`<b>%s</b> �消了指派在 %s`
 issues.remove_self_assignment=`于 %s �消了指派`
 issues.change_title_at=`于 %[3]s 修改标题 <b><strike>%[1]s</strike></b> 为 <b>%[2]s</b>`
@@ -1522,13 +1482,16 @@ issues.filter_milestone_open=进行中的里程碑
 issues.filter_milestone_closed=已关闭的里程碑
 issues.filter_project=项目
 issues.filter_project_all=所有项目
-issues.filter_project_none=暂无项目
+issues.filter_project_none=未加项目
 issues.filter_assignee=指派人筛选
+issues.filter_assignee_no_assignee=未指派给任何人
+issues.filter_assignee_any_assignee=已有指派
 issues.filter_poster=作者
 issues.filter_user_placeholder=�索用户
 issues.filter_user_no_select=所有用户
 issues.filter_type=类型筛选
 issues.filter_type.all_issues=所有工�
+issues.filter_type.all_pull_requests=所有�并请求
 issues.filter_type.assigned_to_you=指派给您的
 issues.filter_type.created_by_you=由您创建的
 issues.filter_type.mentioning_you=��您的
@@ -1537,7 +1500,6 @@ issues.filter_type.reviewed_by_you=您评审过的
 issues.filter_sort=排�
 issues.filter_sort.latest=最新创建
 issues.filter_sort.oldest=最早创建
-issues.filter_sort.recentupdate=最近更新
 issues.filter_sort.leastupdate=最早更新
 issues.filter_sort.mostcomment=最多评论
 issues.filter_sort.leastcomment=最少评论
@@ -1557,11 +1519,11 @@ issues.action_assignee_no_select=未指派
 issues.action_check=选中/�消选中
 issues.action_check_all=选中/�消选中所有项目
 issues.opened_by=由 <a href="%[2]s">%[3]s</a> 于 %[1]s创建
-pulls.merged_by=由 <a href="%[2]s">%[3]s</a> 创建，被�并于 %[1]s
-pulls.merged_by_fake=由 %[2]s 创建，被�并于 %[1]s
-issues.closed_by=由 <a href="%[2]s">%[3]s</a> 创建，被关闭于 %[1]s
+pulls.merged_by=由 <a href="%[2]s">%[3]s</a> 创建，�并于 %[1]s
+pulls.merged_by_fake=由 %[2]s 创建，�并于 %[1]s
+issues.closed_by=由 <a href="%[2]s">%[3]s</a> 创建，关闭于 %[1]s
 issues.opened_by_fake=由 %[2]s 于 %[1]s 打开
-issues.closed_by_fake=由 %[2]s 创建，被关闭于 %[1]s
+issues.closed_by_fake=由 %[2]s 创建，关闭于 %[1]s
 issues.previous=上一页
 issues.next=下一页
 issues.open_title=开�中
@@ -1581,8 +1543,8 @@ issues.close=关闭工�
 issues.comment_pull_merged_at=已�并�交 %[1]s 到 %[2]s %[3]s
 issues.comment_manually_pull_merged_at=手动�并�交 %[1]s 到 %[2]s %[3]s
 issues.close_comment_issue=评论并关闭
-issues.reopen_issue=�新开�
-issues.reopen_comment_issue=评论并�新开�
+issues.reopen_issue=�新打开
+issues.reopen_comment_issue=评论并�新打开
 issues.create_comment=评论
 issues.comment.blocked_user=无法创建或编辑评论，因为您已被仓库所有者或工�创建者�蔽。
 issues.closed_at=`于 <a id="%[1]s" href="#%[1]s">%[2]s</a> 关闭此工�`
@@ -1597,9 +1559,9 @@ issues.ref_reopened_from=`<a href="%[3]s">�新打开这个工� %[4]s</a> <a
 issues.ref_from=`�自 %[1]s`
 issues.author=作者
 issues.author_helper=此用户是作者。
-issues.role.owner=管�员
+issues.role.owner=所有者
 issues.role.owner_helper=该用户是该仓库的所有者。
-issues.role.member=普通�员
+issues.role.member=�员
 issues.role.member_helper=该用户是拥有该仓库的组织�员。
 issues.role.collaborator=�作者
 issues.role.collaborator_helper=该用户已被邀请在仓库上进行�作。
@@ -1618,46 +1580,47 @@ issues.edit=编辑
 issues.cancel=�消
 issues.save=�存
 issues.label_title=标签�称
-issues.label_description=标签�述
-issues.label_color=标签颜色
-issues.label_exclusive=独有
+issues.label_description=�述
+issues.label_color=颜色
+issues.label_color_invalid=无效的颜色
+issues.label_exclusive=互斥
 issues.label_archive=归档标签
-issues.label_archived_filter=显示存档标签
-issues.label_archive_tooltip=在标签�索时，默认情况下存档标签将被排除在外。
+issues.label_archived_filter=显示已归档标签
+issues.label_archive_tooltip=在标签�索时，默认情况下已归档标签将被排除在外。
 issues.label_exclusive_desc=命�标签为 <code>scope/item</code> 以使其与其他以 <code>scope/</code> 开头的标签互斥。
 issues.label_exclusive_warning=在编辑工�或�并请求的标签时，任何冲�的范围标签都将被删除。
+issues.label_exclusive_order=排�顺�
+issues.label_exclusive_order_tooltip=在�一个范围内的互斥标签将按照这个数字进行排�
 issues.label_count=%d 个标签
-issues.label_open_issues=%d 个开�的工�
+issues.label_open_issues=%d 个已打开工�/�并请求
 issues.label_edit=编辑
 issues.label_delete=删除
 issues.label_modify=编辑标签
 issues.label_deletion=删除标签
 issues.label_deletion_desc=删除标签会将其从所有问题中删除。继续？
-issues.label_deletion_success=该标签已被删除。
+issues.label_deletion_success=该标签已删除。
 issues.label.filter_sort.alphabetically=按字�顺�排�
 issues.label.filter_sort.reverse_alphabetically=按字�逆�排�
 issues.label.filter_sort.by_size=最�尺寸
 issues.label.filter_sort.reverse_by_size=最大尺寸
 issues.num_participants=%d ��与者
-issues.attachment.open_tab=`在新的标签页中查看 '%s'`
-issues.attachment.download=`点击下载 '%s'`
+issues.attachment.open_tab=`在新的标签页中查看「%s�`
+issues.attachment.download=`点击下载「%s�`
 issues.subscribe=订阅
 issues.unsubscribe=�消订阅
 issues.unpin=�消置顶
 issues.max_pinned=您�能置顶更多工�
-issues.pin_comment=于 %s 被置顶
+issues.pin_comment=于 %s 置顶
 issues.unpin_comment=于 %s �消置顶
 issues.lock=�定对�
 issues.unlock=解�对�
-issues.lock.unknown_reason=由于未知原因无法�定。
-issues.lock_duplicate=一个工��能被�定两次。
+issues.lock_duplicate=一个工��能�定两次。
 issues.unlock_error=无法解�一个未�定的工�。
 issues.lock_with_reason=因为 <strong>%s</strong> 而�定，并将对��制为�作者 %s
 issues.lock_no_reason=�定并�制仅�作者 %s
 issues.unlock_comment=解�此对� %s
 issues.lock_confirm=�定
 issues.unlock_confirm=解�​​​​
-issues.lock.notice_1=- 其他用户�能对这个工�添加新的评论。
 issues.lock.notice_2=- 您和仓库其他�作者��评论并��。
 issues.lock.notice_3=- 您�以在未��次解�这个工�。
 issues.unlock.notice_1=- �个人都�以�次就这一工��表评论。
@@ -1677,14 +1640,21 @@ issues.timetracker_timer_discard=删除计时器
 issues.timetracker_timer_manually_add=添加时间
 
 issues.time_estimate_set=设置预计时间
-issues.time_estimate_display=预计： %s
-issues.remove_time_estimate_at=删除预计时间 %s
+issues.time_estimate_display=预估：%s
+issues.change_time_estimate_at=预估时间已修改为 <b>%[1]s</b> %[2]s
+issues.remove_time_estimate_at=删除预估时间 %s
 issues.time_estimate_invalid=预计时间格�无效
 issues.start_tracking_history=`开始工作 %s`
 issues.tracker_auto_close=当此工�关闭时，自动�止计时器
-issues.tracking_already_started=`你已�开始对 <a href="%s">�一个工�</a> 进行时间跟踪�`
+issues.stopwatch_already_stopped=此工�的计时器已��止
+issues.stopwatch_already_created=此工�的计时器已�存在
+issues.tracking_already_started=`您已�开始对 <a href="%s">�一个工�</a> 进行时间跟踪�`
+issues.stop_tracking=�止计时器
+issues.stop_tracking_history=工作 <b>%[1]s</b> 于 %[2]s �止
+issues.cancel_tracking=�消
 issues.cancel_tracking_history=`�消时间跟踪 %s`
 issues.del_time=删除此时间跟踪日志
+issues.add_time_history=已于 %[2]s 添加计时 <b>%[1]</b>
 issues.del_time_history=`已删除时间 %s`
 issues.add_time_manually=手动添加时间
 issues.add_time_hours=�时
@@ -1694,7 +1664,7 @@ issues.time_spent_total=总用时
 issues.time_spent_from_all_authors=`总花费时间：%s`
 
 issues.due_date=到期时间
-issues.invalid_due_date_format=到期时间的格�必须是 'yyyy-mm-dd' 的形�。
+issues.invalid_due_date_format=到期时间的格�必须是「yyyy-mm-dd�的形�。
 issues.error_modifying_due_date=修改到期时间失败。
 issues.error_removing_due_date=删除到期时间失败。
 issues.push_commit_1=于 %[2]s 推�了 %[1]d 个�交
@@ -1705,7 +1675,6 @@ issues.due_date_form=yyyy年mm月dd日
 issues.due_date_form_add=设置到期时间
 issues.due_date_form_edit=编辑
 issues.due_date_form_remove=删除
-issues.due_date_not_writer=您需�该仓库的写���能更新工�的到期日期。
 issues.due_date_not_set=未设置到期时间。
 issues.due_date_added=于 %[2]s 设置到期时间为 %[1]s
 issues.due_date_modified=将到期日从 %[2]s 修改为 %[1]s %[3]s
@@ -1728,26 +1697,22 @@ issues.dependency.pr_closing_blockedby=以下工å�•é˜»æ­¢äº†å…³é—­æ­¤å�ˆå¹¶è¯·æ±
 issues.dependency.issue_closing_blockedby=关闭此工�被以下工�阻止
 issues.dependency.issue_close_blocks=此工�阻止了以下工�的关闭
 issues.dependency.pr_close_blocks=此�并请求阻止以下工�的关闭
-issues.dependency.issue_close_blocked=您需�关闭所有阻止此工�的工�, 然��能关闭它。
 issues.dependency.issue_batch_close_blocked=无法批�关闭您所选择的工�，因为 #%d 工��然有处于打开状�的�赖工�
-issues.dependency.pr_close_blocked=您需�关闭所有阻止此�并请求的工�, 然��能�并它。
 issues.dependency.blocks_short=阻止
 issues.dependency.blocked_by_short=�赖于
 issues.dependency.remove_header=删除�赖项
 issues.dependency.issue_remove_text=此�作将从工�中删除�赖。是��继续?
 issues.dependency.pr_remove_text=此�作将从�并请求中删除�赖。是��继续?
 issues.dependency.setting=为工�和�并请求�用�赖
-issues.dependency.add_error_same_issue=你�能让一个工��赖于自己。
+issues.dependency.add_error_same_issue=您�能让一个工��赖于自身。
 issues.dependency.add_error_dep_issue_not_exist=�赖项�存在。
 issues.dependency.add_error_dep_not_exist=�赖项�存在。
 issues.dependency.add_error_dep_exists=�赖项已存在。
-issues.dependency.add_error_cannot_create_circular=您�能创建�赖, 使得两个工�相互阻止。
 issues.dependency.add_error_dep_not_same_repo=这两个工�必须在�一仓库。
 issues.review.self.approval=您�能批准您自己的�并请求。
 issues.review.self.rejection=您�能请求对您自己的�并请求进行更改。
 issues.review.approve=于 %s 批准此�并请求
 issues.review.comment=评审于 %s
-issues.review.dismissed=于 %[2]s �消了 %[1]s 的评审
 issues.review.dismissed_label=已�消
 issues.review.left_comment=留下了一�评论
 issues.review.content.empty=您需�留下一个注释，表明需�的更改。
@@ -1755,7 +1720,6 @@ issues.review.reject=请求�更 %s
 issues.review.wait=已请求 %s 审核
 issues.review.add_review_request=于 %[2]s 请求 %[1]s 评审
 issues.review.remove_review_request=�消对 %s 的评审请求 %s
-issues.review.remove_review_request_self=拒�审核 %s
 issues.review.pending=待定
 issues.review.pending.tooltip=此评论目�对其他用户���。 若��交您的待定评论，请在页�顶部选择 %s -> %s/%s/%s。
 issues.review.review=评审
@@ -1777,11 +1741,10 @@ issues.review.requested=等待审核
 issues.review.rejected=请求�更
 issues.review.stale=批准�已更新
 issues.review.unofficial=�官方审批数
-issues.assignee.error=因为未知原因，并�所有的指派都�功。
 issues.reference_issue.body=内容
-issues.content_history.deleted=删除于
-issues.content_history.edited=最�编辑于
-issues.content_history.created=创建于
+issues.content_history.deleted=已删除
+issues.content_history.edited=已编辑
+issues.content_history.created=已创建
 issues.content_history.delete_from_history=从历�记录中删除
 issues.content_history.delete_from_history_confirm=从历�记录中删除�？
 issues.content_history.options=选项
@@ -1794,7 +1757,6 @@ pulls.desc=�用�并请求和代�评审。
 pulls.new=创建�并请求
 pulls.new.blocked_user=无法创建�并请求，因为您已被仓库所有者�蔽。
 pulls.new.must_collaborator=您必须是仓库的�作者�能创建�并请求。
-pulls.edit.already_changed=无法�存对�并请求的更改。其内容似乎已被其他用户更改。 请刷新页�并�新编辑以��覆盖他们的更改
 pulls.view=查看�并请求
 pulls.compare_changes=创建�并请求
 pulls.allow_edits_from_maintainers=�许维护者编辑
@@ -1814,12 +1776,10 @@ pulls.filter_branch=过滤分支
 pulls.show_all_commits=显示所有�交
 pulls.show_changes_since_your_last_review=显示自您上次审核以�的更改
 pulls.showing_only_single_commit=仅显示�交 %[1]s 的更改
-pulls.showing_specified_commit_range=仅显示 %[1]s...%[2]s 之间的更改
-pulls.select_commit_hold_shift_for_range=选择�交。按� Shift + �击选择一个范围
+pulls.showing_specified_commit_range=仅显示 %[1]s..%[2]s 之间的更改
 pulls.review_only_possible_for_full_diff=�有在查看全部差异时�能进行审核
 pulls.filter_changes_by_commit=按�交筛选
 pulls.nothing_to_compare=分支内容相�，无需创建�并请求。
-pulls.nothing_to_compare_have_tag=所选分支/标签相�。
 pulls.nothing_to_compare_and_allow_empty_pr=这些分支是相等的，此�并请求将为空。
 pulls.has_pull_request=这些分支之间的�并请求已存在: <a href="%[1]s">%[2]s#%[3]d</a>
 pulls.create=创建�并请求
@@ -1835,7 +1795,7 @@ pulls.merged=已�并
 pulls.merged_success=�并请求已�功�并和关闭
 pulls.closed=�并请求已关闭
 pulls.manually_merged=已手动�并
-pulls.merged_info_text=分支 %s 现在�以被删除了。
+pulls.merged_info_text=分支 %s 现在�以删除了。
 pulls.is_closed=�并请求已�关闭。
 pulls.title_wip_desc=`<a href="#">标题以 <strong>%s</strong> 开头</a>以��并请求�外�并。`
 pulls.cannot_merge_work_in_progress=此�并请求被标记为正在进行的工作。
@@ -1844,7 +1804,6 @@ pulls.add_prefix=添加 <strong>%s</strong> �缀
 pulls.remove_prefix=删除 <strong>%s</strong> �缀
 pulls.data_broken=此�并请求因为派生仓库信�缺失而中断。
 pulls.files_conflicted=此�并请求有�更与目标分支冲�。
-pulls.is_checking=正在进行�并冲�检测，请���试。
 pulls.is_ancestor=此分支已�包�在目标分支中，没有什么�以�并。
 pulls.is_empty=此分支上的更改已�在目标分支上。这将是一个空�交。
 pulls.required_status_check_failed=一些必�的检查没有�功
@@ -1868,34 +1827,23 @@ pulls.reject_count_1=%d �更请求
 pulls.reject_count_n=%d �更请求
 pulls.waiting_count_1=%d 个正在等待审核
 pulls.waiting_count_n=%d 个正在等待审核
-pulls.wrong_commit_id=�交 id 必须在目标分支 上
 
-pulls.no_merge_desc=由于未�用�并选项，此�并请求无法被�并。
+pulls.no_merge_desc=由于未�用�并选项，此�并请求无法�并。
 pulls.no_merge_helper=在仓库设置中�用�并选项或者手工�并请求。
 pulls.no_merge_wip=这个�并请求无法�并，因为被标记为尚未完�的工作。
-pulls.no_merge_not_ready=此�并请求尚未准备好�并，请检查审核状�和状�检查。
 pulls.no_merge_access=您无��并此�并请求。
 pulls.merge_pull_request=创建�并�交
-pulls.rebase_merge_pull_request=�基�快进
-pulls.rebase_merge_commit_pull_request=�基�创建�并�交
 pulls.squash_merge_pull_request=创建压缩�交
 pulls.fast_forward_only_merge_pull_request=ä»…å¿«è¿›
 pulls.merge_manually=手动�并
 pulls.merge_commit_id=�并�交 ID
 pulls.require_signed_wont_sign=分支需�签�的�交，但这个�并将�会被签�
 
-pulls.invalid_merge_option=你�以在此�并请求中使用�并选项。
-pulls.merge_conflict=�并失败：�并时有冲��生。�示：采用其它�并策略
+pulls.invalid_merge_option=您�以在此�并请求中使用�并选项。
 pulls.merge_conflict_summary=错误信�
-pulls.rebase_conflict=�并失败：�基�交有冲�：%[1]s。�示：采用其它�并策略
 pulls.rebase_conflict_summary=错误信�
-pulls.unrelated_histories=�并失败：两个分支没有共�历�。�示：�试��的策略
-pulls.merge_out_of_date=�并失败：在生��并时，主分支已更新。�示：�试一次。
-pulls.head_out_of_date=�并失败：在生��并时，head 已更新。�示：�试一次。
-pulls.has_merged=失败：�并请求已�被�并，您�能�次�并或更改目标分支。
 pulls.push_rejected=推�失败：推�被拒�。审查此仓库的 Git 钩�。
 pulls.push_rejected_summary=详细拒�信�
-pulls.push_rejected_no_message=推�失败：此推�被拒�但未�供其他信�。请检查此仓库的 Git 钩�。
 pulls.open_unmerged_pull_exists=`您�能执行�新打开�作, 因为已�存在相�的�并请求 (#%d)。`
 pulls.status_checking=一些检测�在等待�行
 pulls.status_checks_success=所有检测��功
@@ -1914,13 +1862,13 @@ pulls.outdated_with_base_branch=此分支相比基础分支已过期
 pulls.close=关闭�并请求
 pulls.closed_at=`于 <a id="%[1]s" href="#%[1]s">%[2]s</a> 关闭此�并请求 `
 pulls.reopened_at=`�新打开此�并请求 <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+pulls.cmd_instruction_hint=查看命令行�示
 pulls.cmd_instruction_checkout_title=检出
-pulls.cmd_instruction_checkout_desc=从你的仓库中检出一个新的分支并测试�更。
+pulls.cmd_instruction_checkout_desc=从您的仓库中检出一个新的分支并测试�更。
 pulls.cmd_instruction_merge_title=�并
 pulls.cmd_instruction_merge_desc=�并�更并更新到 Gitea 上
-pulls.cmd_instruction_merge_warning=警告：此�作�能�并该�并请求，因为“自动检测手动�并�未�用
+pulls.cmd_instruction_merge_warning=警告：此�作�能�并该�并请求，因为「自动检测手动�并�未�用
 pulls.clear_merge_message=清除�并信�
-pulls.clear_merge_message_hint=清除�并消��会删除�交消�内容，并�留生�的 git 附加内容，如“Co-Authored-By …�。
 
 pulls.auto_merge_button_when_succeed=(当检查�功时)
 pulls.auto_merge_when_succeed=在所有检查�功�自动�并
@@ -1935,15 +1883,16 @@ pulls.auto_merge_newly_scheduled_comment=`已于 %[1]s 设置此å�ˆå¹¶è¯·æ±‚在æ
 pulls.auto_merge_canceled_schedule_comment=`已于 %[1]s �消了自动�并设置 `
 
 pulls.delete.title=删除此�并请求？
-pulls.delete.text=你真的�删除这个�并请求�？ (这将永久删除所有内容。如果你打算将内容存档，请考虑关闭它)
+pulls.delete.text=您真的�删除这个�并请求�？（这将永久删除所有内容。如果您打算将内容存档，请考虑关闭它）
 
 pulls.recently_pushed_new_branches=您已�于%[2]s推�了分支 <strong>%[1]s</strong>
 pulls.upstream_diverging_prompt_behind_1=该分支��于 %[2]s %[1]d 个�交
 pulls.upstream_diverging_prompt_behind_n=该分支��于 %[2]s %[1]d 个�交
 pulls.upstream_diverging_prompt_base_newer=基础分支 %s 有新的更改
 pulls.upstream_diverging_merge=�步派生
+pulls.upstream_diverging_merge_confirm=�将 %[1]s �并到 %[2]s �？
 
-pull.deleted_branch=(已删除): %s
+pull.deleted_branch=(已删除)：%s
 pull.agit_documentation=查看有关 AGit 的文档
 
 comments.edit.already_changed=无法�存对评论的更改。其内容似乎已被其他用户更改。 请刷新页�并�新编辑以��覆盖他们的更改
@@ -1952,7 +1901,7 @@ milestones.new=新的里程碑
 milestones.closed=于 %s关闭
 milestones.update_ago=已更新 %s
 milestones.no_due_date=暂无截止日期
-milestones.open=开�
+milestones.open=打开
 milestones.close=关闭
 milestones.new_subheader=里程碑�以帮助您组织工�并跟踪其进度。
 milestones.completeness=<strong>%d%%</strong> 已完�
@@ -1961,16 +1910,16 @@ milestones.title=标题
 milestones.desc=�述
 milestones.due_date=截止日期（�选）
 milestones.clear=清除
-milestones.invalid_due_date_format=到期时间的格�必须是 'yyyy-mm-dd' 的形�。
-milestones.create_success=里程碑 %s 创建�功。
+milestones.invalid_due_date_format=到期时间的格�必须是「yyyy-mm-dd�的形�。
+milestones.create_success=里程碑「%s�创建�功。
 milestones.edit=编辑里程碑
 milestones.edit_subheader=里程碑组织工�，�并请求和跟踪进度。
 milestones.cancel=�消
 milestones.modify=更新里程碑
-milestones.edit_success=里程碑 %s 已�更新。
+milestones.edit_success=里程碑「%s�更新�功。
 milestones.deletion=删除里程碑
 milestones.deletion_desc=删除该里程碑将会移除所有工�中相关的信�。是�继续？
-milestones.deletion_success=里程碑已被删除。
+milestones.deletion_success=里程碑已删除。
 milestones.filter_sort.name=�称
 milestones.filter_sort.earliest_due_data=到期日从远到近
 milestones.filter_sort.latest_due_date=到期日从近到远
@@ -1979,13 +1928,11 @@ milestones.filter_sort.most_complete=完�度从高到低
 milestones.filter_sort.most_issues=工�从多到少
 milestones.filter_sort.least_issues=工�从少到多
 
-signing.will_sign=这个�交将用密钥 "%s" 签�。
-signing.wont_sign.error=在检查�交是��以被签�时出错。
+signing.will_sign=这个�交将用密钥「%s�签�。
 signing.wont_sign.nokey=没有�用的密钥�签署这个�交。
 signing.wont_sign.never=�交从未签�。
 signing.wont_sign.always=�交总是签�。
 signing.wont_sign.pubkey=由于您没有公钥关�到您的账户，�交将�会被签�。
-signing.wont_sign.twofa=您必须�用两步验��能签��交。
 signing.wont_sign.parentsigned=�交将�会被签�，因为父�交没有签�。
 signing.wont_sign.basesigned=�并将�会被签�，因为父�交没有签�。
 signing.wont_sign.headsigned=�并将�会被签�，因为最新�交没有签�。
@@ -1994,11 +1941,11 @@ signing.wont_sign.approved=å�ˆå¹¶å°†ä¸�会被签å��，因为å�ˆå¹¶è¯·æ±‚未被æ‰
 signing.wont_sign.not_signed_in=您还没有登录。
 
 ext_wiki=访问外部百科
-ext_wiki.desc=链接到外部 wiki。
+ext_wiki.desc=链接到外部百科。
 
 wiki=百科
-wiki.welcome=欢迎�到百科!
-wiki.welcome_desc=百科�许你撰写和与�作者分享文档
+wiki.welcome=欢迎�到百科。
+wiki.welcome_desc=百科�许您撰写和与�作者分享文档。
 wiki.desc=撰写和与�作者分享文档
 wiki.create_first_page=创建第一个页�
 wiki.page=页�
@@ -2015,113 +1962,116 @@ wiki.file_revision=页�历�
 wiki.wiki_page_revisions=页�历�
 wiki.back_to_wiki=返回百科
 wiki.delete_page_button=删除页�
-wiki.delete_page_notice_1=百科页� %s 删除�无法��，是�继续？
+wiki.delete_page_notice_1=百科页�「%s�删除�无法��，是�继续？
 wiki.page_already_exists=相��称的 Wiki 页�已�存在。
-wiki.reserved_page=百科页��称 %s 是被�留的。
+wiki.reserved_page=百科页��称「%s�是�留的。
 wiki.pages=所有页�
 wiki.last_updated=最�更新于 %s
-wiki.page_name_desc=输入此 Wiki 页�的�称。特殊�称有：'Home', '_Sidebar' 和 '_Footer'。
+wiki.page_name_desc=输入此百科页�的�称。特殊�称有：「Home�，「_Sidebar�和「_Footer�。
 wiki.original_git_entry_tooltip=查看原始的 Git 文件而�是使用�好链接。
 
-activity=动�
+activity=活动
 activity.navbar.pulse=活动
 activity.navbar.code_frequency=代�频率
 activity.navbar.contributors=贡献者
-activity.navbar.recent_commits=最近的�交
+activity.navbar.recent_commits=最近�交
 activity.period.filter_label=周期：
 activity.period.daily=1 天
 activity.period.halfweekly=3 天
-activity.period.weekly=1周
-activity.period.monthly=1 个月
-activity.period.quarterly=3个月
-activity.period.semiyearly=6 个月
-activity.period.yearly=1å¹´
+activity.period.weekly=1 周
+activity.period.monthly=1 月
+activity.period.quarterly=3 月
+activity.period.semiyearly=6 月
+activity.period.yearly=1 å¹´
 activity.overview=概览
-activity.active_prs_count_1=<strong>%d</strong> �并请求
-activity.active_prs_count_n=<strong>%d</strong> �并请求
-activity.merged_prs_count_1=�并请求
-activity.merged_prs_count_n=�并请求
-activity.opened_prs_count_1=新�并请求
-activity.opened_prs_count_n=新�并请求
-activity.title.user_1=%d 用户
-activity.title.user_n=%d 用户
-activity.title.prs_1=%d �并请求
-activity.title.prs_n=%d �并请求
+activity.active_prs_count_1=<strong>%d</strong> 个�并请求
+activity.active_prs_count_n=<strong>%d</strong> 个�并请求
+activity.merged_prs_count_1=已�并的�并请求
+activity.merged_prs_count_n=已�并的�并请求
+activity.opened_prs_count_1=创建的�并请求
+activity.opened_prs_count_n=创建的�并请求
+activity.title.user_1=%d �用户
+activity.title.user_n=%d �用户
+activity.title.prs_1=%d 个�并请求
+activity.title.prs_n=%d 个�并请求
 activity.title.prs_merged_by=%[2]s 由 %[1]s �并
 activity.title.prs_opened_by=%[2]s 创建了 %[1]s
 activity.merged_prs_label=已�并
 activity.opened_prs_label=已创建
-activity.active_issues_count_1=<strong>%d</strong> 工�
-activity.active_issues_count_n=<strong>%d</strong> 工�
+activity.active_issues_count_1=<strong>%d</strong> 张工�
+activity.active_issues_count_n=<strong>%d</strong> 张工�
 activity.closed_issues_count_1=已关闭的工�
 activity.closed_issues_count_n=已关闭的工�
-activity.title.issues_1=%d 工�
-activity.title.issues_n=%d 工�
-activity.title.issues_closed_from=%s 从 %s 被关闭
+activity.title.issues_1=%d 张工�
+activity.title.issues_n=%d 张工�
+activity.title.issues_closed_from=%s 从 %s 关闭
 activity.title.issues_created_by=%[2]s 创建了 %[1]s
 activity.closed_issue_label=已关闭
-activity.new_issues_count_1=创建工�
-activity.new_issues_count_n=创建工�
+activity.new_issues_count_1=已打开的工�
+activity.new_issues_count_n=已打开的工�
 activity.new_issue_label=打开的
 activity.title.unresolved_conv_1=%d 未解决的会�
 activity.title.unresolved_conv_n=%d 未解决的会�
 activity.unresolved_conv_desc=这些最近更新的工�和�并请求还没有解决。
 activity.unresolved_conv_label=打开
-activity.title.releases_1=%d 版本�布
-activity.title.releases_n=%d 版本�布
+activity.title.releases_1=%d 个�布
+activity.title.releases_n=%d 个�布
 activity.title.releases_published_by=%[2]s �布了 %[1]s
 activity.published_release_label=已�布
-activity.no_git_activity=在此期间没有任何�交活动。
-activity.git_stats_exclude_merges=排除�并，
-activity.git_stats_author_1=%d 作者
-activity.git_stats_author_n=%d 作者
-activity.git_stats_pushed_1=已�推�
-activity.git_stats_pushed_n=已�推�
-activity.git_stats_commit_1=%d �交
-activity.git_stats_commit_n=%d �交
+activity.git_stats_exclude_merges=排除�并�，
+activity.git_stats_author_1=%d �作者
+activity.git_stats_author_n=%d �作者
+activity.git_stats_pushed_1=已推�
+activity.git_stats_pushed_n=已推�
+activity.git_stats_commit_1=%d 次�交
+activity.git_stats_commit_n=%d 次�交
 activity.git_stats_push_to_branch=到 %s 和
 activity.git_stats_push_to_all_branches=到所有分支。
 activity.git_stats_on_default_branch=在 %s 上，
-activity.git_stats_file_1=%d 文件
-activity.git_stats_file_n=%d 文件
-activity.git_stats_files_changed_1=已�改�
-activity.git_stats_files_changed_n=已�改�
-activity.git_stats_additions=而且
-activity.git_stats_addition_1=新增 %d 行
-activity.git_stats_addition_n=新增 %d 行
+activity.git_stats_file_1=%d 个文件
+activity.git_stats_file_n=%d 个文件
+activity.git_stats_files_changed_1=已修改
+activity.git_stats_files_changed_n=已修改
+activity.git_stats_additions=并且已有
+activity.git_stats_addition_1=%d 行新增
+activity.git_stats_addition_n=%d 行新增
 activity.git_stats_and_deletions=和
-activity.git_stats_deletion_1=删除 %d 行
-activity.git_stats_deletion_n=删除 %d 行
+activity.git_stats_deletion_1=%d 行删除
+activity.git_stats_deletion_n=%d 行删除
 
 contributors.contribution_type.filter_label=贡献类型：
 contributors.contribution_type.commits=�交
-contributors.contribution_type.additions=更多
+contributors.contribution_type.additions=新增
 contributors.contribution_type.deletions=删除
 
 settings=设置
-settings.desc=设置是你�以管�仓库设置的地方
 settings.options=仓库
+settings.public_access=公开访问
+settings.public_access_desc=�置公共访客访问��以覆盖此仓库的默认值。
+settings.public_access.docs.not_set=未设置：没有�外的公共访问��。访客���循仓库的��性和�员��。
+settings.public_access.docs.anonymous_read=匿��读：未登录的用户�以通过读���访问�元。
+settings.public_access.docs.everyone_write=所有人�写：所有登录用户都有写入��。�有百科支�此��。
 settings.collaboration=�作者
 settings.collaboration.admin=管�员
 settings.collaboration.write=�写��
 settings.collaboration.read=�读��
 settings.collaboration.owner=所有者
 settings.collaboration.undefined=未定义
+settings.collaboration.per_unit=�元��
 settings.hooks=Web é’©å­�
 settings.githooks=管� Git 钩�
 settings.basic_settings=基本设置
 settings.mirror_settings=镜�设置
-settings.mirror_settings.docs=设置您的仓库以自动�步�一个仓库的�交�标签和分支。
-settings.mirror_settings.docs.disabled_pull_mirror.instructions=设置您的项目以自动将�交�标签和分支推�到�一个仓库。您的站点管�员已�用了拉�镜�。
+settings.mirror_settings.docs=将您的仓库设置为自动�步�一个仓库的�交�标签和分支。
+settings.mirror_settings.docs.disabled_pull_mirror.instructions=将您的项目设置为自动将�交�标签和分支推�到�一个仓库。您的站点管�员已�用了拉�镜�。
 settings.mirror_settings.docs.disabled_push_mirror.instructions=将您的项目设置为自动从一个仓库拉��交�标签和分支。
-settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=现在，这�能在“�移外部仓库���中完�。欲了解更多信�，请咨询：
+settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=现在，这�能在「�移外部仓库���中完�。欲了解更多信�，请�考：
 settings.mirror_settings.docs.disabled_push_mirror.info=您的站点管�员已�用推�镜�。
-settings.mirror_settings.docs.no_new_mirrors=您的仓库将镜��步�一个仓库的更改。请注�，您现在�能创建任何新的镜�。
 settings.mirror_settings.docs.can_still_use=虽然您�能修改现有镜�或创建新镜�，但您�然�以使用已存在的镜�。
 settings.mirror_settings.docs.pull_mirror_instructions=�创建一个拉�镜�，请�阅：
 settings.mirror_settings.docs.more_information_if_disabled=您�以在这里找到更多关于推�和拉�镜�的信�：
 settings.mirror_settings.docs.doc_link_title=如何镜�仓库？
-settings.mirror_settings.docs.doc_link_pull_section=文档中的 “从远程仓库拉�� 部分。
+settings.mirror_settings.docs.doc_link_pull_section=文档中的「从远程仓库拉��部分。
 settings.mirror_settings.docs.pulling_remote_title=从远程仓库拉�代�
 settings.mirror_settings.mirrored_repository=镜�库
 settings.mirror_settings.pushed_repository=推�仓库
@@ -2149,22 +2099,22 @@ settings.use_internal_wiki=使用内置百科
 settings.default_wiki_branch_name=默认百科分支�称
 settings.failed_to_change_default_wiki_branch=更改百科默认分支失败。
 settings.use_external_wiki=使用外部百科
-settings.external_wiki_url=外部 Wiki 链接
+settings.external_wiki_url=外部百科链接
 settings.external_wiki_url_error=外部百科链接无效
-settings.external_wiki_url_desc=当点击百科标签时，访问者将被�定�到外部百科系统的URL。
+settings.external_wiki_url_desc=当点击百科标签时，访问者将被�定�到外部百科系统的 URL。
 settings.issues_desc=�用工�系统
-settings.use_internal_issue_tracker=使用内置的轻�级工�管�系统
-settings.use_external_issue_tracker=使用外部的工�管�系统
+settings.use_internal_issue_tracker=使用内置工�系统
+settings.use_external_issue_tracker=使用外部工�系统
 settings.external_tracker_url=外部工�系统 URL
 settings.external_tracker_url_error=外部百科链接无效
-settings.external_tracker_url_desc=当点击工�标签时，访问者将被�定�到外部工�系统的URL。
+settings.external_tracker_url_desc=当点击工�标签时，访问者将被�定�到外部工�系统的 URL。
 settings.tracker_url_format=外部工�管�系统的 URL 格�
 settings.tracker_url_format_error=外部工�链接无效
 settings.tracker_issue_style=外部工�管�系统的编�格�
 settings.tracker_issue_style.numeric=纯数字形�
 settings.tracker_issue_style.alphanumeric=英文字�数字组�形�
 settings.tracker_issue_style.regexp=正则表达�
-settings.tracker_issue_style.regexp_pattern=正则表达�模�
+settings.tracker_issue_style.regexp_pattern=正则表达�
 settings.tracker_issue_style.regexp_pattern_desc=第一个被�获的组将�代 <code>{index}</code>。
 settings.tracker_url_format_desc=使用��符 <code>{user}</code>, <code>{repo}</code> 和 <code>{index}</code> 作为用户��仓库�和工�索引。
 settings.enable_timetracker=�用时间跟踪
@@ -2174,15 +2124,15 @@ settings.pulls.ignore_whitespace=忽略空白冲�
 settings.pulls.enable_autodetect_manual_merge=�用自动检测手动�并 (注�：在�些特殊情况下�能�生错误判断)
 settings.pulls.allow_rebase_update=�许通过�基更新�并请求分支
 settings.pulls.default_delete_branch_after_merge=默认�并�删除�并请求分支
-settings.pulls.default_allow_edits_from_maintainers=默认开��许维护者编辑
-settings.releases_desc=�用�布
+settings.pulls.default_allow_edits_from_maintainers=默认�许维护者编辑
+settings.releases_desc=�用仓库�布
 settings.packages_desc=�用仓库软件包注册中心
 settings.projects_desc=�用项目
 settings.projects_mode_desc=项目模� (�显示的项目类型)
 settings.projects_mode_repo=仅仓库项目
 settings.projects_mode_owner=仅�用户或组织项目
 settings.projects_mode_all=所有项目
-settings.actions_desc=�用 Actions
+settings.actions_desc=�用仓库工作�
 settings.admin_settings=管�员设置
 settings.admin_enable_health_check=�用仓库�康检查 (git fsck)
 settings.admin_code_indexer=代�索引器
@@ -2191,7 +2141,6 @@ settings.admin_indexer_commit_sha=上次索引的 SHA
 settings.admin_indexer_unindexed=未索引
 settings.reindex_button=添加到�新索引队列
 settings.reindex_requested=已请求�新索引
-settings.admin_enable_close_issues_via_commit_in_any_branch=通过在�默认分支中�交�关闭工�
 settings.danger_zone=�险�作区
 settings.new_owner_has_same_repo=新的仓库拥有者已�存在��仓库�
 settings.convert=转�为普通仓库
@@ -2205,36 +2154,31 @@ settings.convert_fork_notices_1=该�作会将派生仓库转�为普通仓库
 settings.convert_fork_confirm=转�仓库
 settings.convert_fork_succeed=此派生仓库已�转�为普通仓库。
 settings.transfer=转移仓库所有�
-settings.transfer.rejected=代�库转移被拒�。
-settings.transfer.success=代�库转移�功。
-settings.transfer.blocked_user=无法传输仓库，因为您被新的所有者�蔽。
+settings.transfer.rejected=仓库转移被拒�。
+settings.transfer.success=仓库转移�功。
+settings.transfer.blocked_user=无法转移仓库，因为您已被新所有者�蔽。
 settings.transfer_abort=�消转移
-settings.transfer_abort_invalid=你�能�消�存在的代�库转移。
-settings.transfer_abort_success=�功�消了将代�库转让给 %s。
+settings.transfer_abort_invalid=您�能�消�存在的仓库转移。
+settings.transfer_abort_success=�功�消将仓库转移给 %s。
 settings.transfer_desc=您�以将仓库转移至您拥有管�员��的�户或组织。
-settings.transfer_form_title=输入仓库�称以�确认:
-settings.transfer_in_progress=当�正在进行转让。 如果你想将此代�库转让给�一个用户，请�消它。
-settings.transfer_notices_1=- 如果将此仓库转移给其他用户, 您将失去对此仓库的访问��。
-settings.transfer_notices_2=-如果将其转移到您 (共�) 拥有的组织，您�以继续访问该仓库。
-settings.transfer_notices_3=- 如果仓库是�有的并且被转移给�个用户，那么此�作�以确�该用户至少具有读��(以�必�时的更改��)。
-settings.transfer_notices_4=- 如果存储库属于�个组织，而您将其转移给�一个组织或个人，那么您将失去存储库工�与其组织项目系统之间的链接。
+settings.transfer_form_title=输入仓库�称以确认：
+settings.transfer_notices_1=- 如果将此仓库转移给其他用户，您将失去对此仓库的访问��。
+settings.transfer_notices_2=- 如果将其转移到您（共�）拥有的组织，您�以继续访问该仓库。
+settings.transfer_notices_3=- 如果仓库是�有的并且被转移给�个用户，那么此�作�以确�该用户至少具有读��（以�必�时的更改��）。
+settings.transfer_notices_4=- 如果仓库属于�个组织，而您将其转移给�一个组织或个人，那么您将失去仓库工�与其组织项目系统之间的链接。
 settings.transfer_owner=新拥有者
-settings.transfer_perform=执行转让
-settings.transfer_started=该代�库已被标记为转让并等待�自 %s 的确认
-settings.transfer_succeed=仓库已被转移。
+settings.transfer_perform=执行转移
+settings.transfer_started=该仓库已标记为转移并等待�自 %s 的确认
+settings.transfer_succeed=仓库已转移。
 settings.signing_settings=签�验�设置
 settings.trust_model=签�信任模型
 settings.trust_model.default=默认信任模型
 settings.trust_model.default.desc=为此安装使用默认仓库信任模型。
 settings.trust_model.collaborator=�作者
 settings.trust_model.collaborator.long=�作者：信任�作者的签�
-settings.trust_model.collaborator.desc=此仓库中�作者的有效签�将被标记为「�信�(无论它们是�是�交者)，签��符��交者时将标记为「��信�，都�匹�时标记为「�匹��。
 settings.trust_model.committer=�交者
-settings.trust_model.committer.long=�交者： 信任与�交者相符的签� (此特性类似 GitHub，这会强制采用 Gitea 作为�交者和签�者)
-settings.trust_model.committer.desc=有效签��有和�交者相匹��会被标记为“�信任�，�则它们将被标记为“�匹��。这强制 Gitea �为签��交的�交者，而实际�交者被加上 Co-authored-by: 和 Co-committed-by: 的标记。 默认的 Gitea 密钥必须匹�数�库中的一�用户。
 settings.trust_model.collaboratorcommitter=�作者+�交者
 settings.trust_model.collaboratorcommitter.long=�作者+�交者：信任�作者�时是�交者的签�
-settings.trust_model.collaboratorcommitter.desc=此仓库中�作者的有效签�在他�时是�交者时将被标记为「�信�，签��匹�了�交者时将标记为「��信�，都�匹�时标记为「�匹��。这会强制 Gitea �为签�者和�交者，实际的�交者将被标记于�交消�结尾处的「Co-Authored-By:�和「Co-Committed-By:�。默认的 Gitea 签�密钥必须匹�数�库中的一个用户密钥。
 settings.wiki_delete=删除百科数�
 settings.wiki_delete_desc=删除仓库百科数�是永久性的，无法撤消。
 settings.wiki_delete_notices_1=- 这将永久删除和�用 %s 的百科。
@@ -2242,19 +2186,18 @@ settings.confirm_wiki_delete=删除百科数�
 settings.wiki_deletion_success=仓库百科数�删除�功�
 settings.delete=删除本仓库
 settings.delete_desc=删除仓库是永久性的, 无法撤消。
-settings.delete_notices_1=- 此�作 <strong>��以</strong> 被回滚。
-settings.delete_notices_2=- 此�作将永久删除仓库 <strong>%s</strong>，包括 Git 数�� 工��评论�百科和�作者的�作��。
+settings.delete_notices_1=- 此�作 <strong>无法</strong> 被回滚。
 settings.delete_notices_fork_1=- 在此仓库删除�，它的派生仓库将��独立仓库。
-settings.deletion_success=仓库已被删除。
+settings.deletion_success=仓库已删除。
 settings.update_settings_success=仓库设置已更新。
-settings.update_settings_no_unit=该代�库应该至少�许��形�的交互。
+settings.update_settings_no_unit=该仓库应至少�许��形�的交互。
 settings.confirm_delete=删除本仓库
 settings.add_collaborator=增加�作者
 settings.add_collaborator_success=�作者添加�功�
 settings.add_collaborator_inactive_user=无法添加未激活的用户作为�作者。
 settings.add_collaborator_owner=�能将所有者添加为�作者。
-settings.add_collaborator_duplicate=�作者已�被添加到本仓库。
-settings.add_collaborator.blocked_user=此写作者被仓库所有者�蔽，�之亦然。
+settings.add_collaborator_duplicate=�作者已�添加到本仓库。
+settings.add_collaborator.blocked_user=此�作者被仓库所有者�蔽，�之亦然。
 settings.delete_collaborator=删除
 settings.collaborator_deletion=删除�作者
 settings.collaborator_deletion_desc=删除�作者�他将无法�对此仓库的访问。继续？
@@ -2265,28 +2208,26 @@ settings.team_not_in_organization=团队�在与仓库相�的组织中
 settings.teams=团队
 settings.add_team=添加团队
 settings.add_team_duplicate=团队已�拥有仓库
-settings.add_team_success=团队现在�以访问仓库。
-settings.change_team_permission_tip=团队��设置于团队设置页�，�能根�仓库更改
 settings.delete_team_tip=该团队�有仓库, 无法删除
-settings.remove_team_success=团队访问仓库的��已被删除。
+settings.remove_team_success=团队访问仓库的��已删除。
 settings.add_webhook=添加 Web 钩�
-settings.add_webhook.invalid_channel_name=Webhook 通��称�能为空且�能仅包�一个 # 字符。
-settings.hooks_desc=当Gitea事件�生时，Web钩�自动�出HTTP POST请求。在 <a target="_blank" rel="noopener noreferrer" href="%s"> 指�</a> 中阅读更多内容。
+settings.add_webhook.invalid_channel_name=Web 钩�通��称�能为空且�能仅包�一个 # 字符。
+settings.hooks_desc=当 Gitea 事件�生时，Web 钩�自动�出 HTTP POST 请求。在 <a target="_blank" rel="noopener noreferrer" href="%s"> 指�</a> 中阅读更多内容。
 settings.webhook_deletion=删除 Web 钩�
-settings.webhook_deletion_desc=删除 web钩� 将删除其设置和历�记录。继续？
+settings.webhook_deletion_desc=删除 Web 钩�将删除其设置和历�记录。继续？
 settings.webhook_deletion_success=Web 钩�删除�功�
-settings.webhook.test_delivery=测试推�
-settings.webhook.test_delivery_desc=用�事件测试这个 web钩�。
-settings.webhook.test_delivery_desc_disabled=�用 虚�事件 测试这个Webhook，请激活它。
+settings.webhook.test_delivery=测试推�事件
+settings.webhook.test_delivery_desc=用�推�事件测试这个 Web 钩�。
+settings.webhook.test_delivery_desc_disabled=�用�事件测试这个 Web钩�，请激活它。
 settings.webhook.request=请求内容
 settings.webhook.response=�应内容
 settings.webhook.headers=头信�
 settings.webhook.payload=内容
 settings.webhook.body=�应体
-settings.webhook.replay.description=�放此 webhook。
-settings.webhook.replay.description_disabled=若��播此 WebHook，请激活它。
-settings.webhook.delivery.success=一个事件已被添加到推�队列。�能需�过几秒钟�会显示在推�记录中。
-settings.githooks_desc=Git Hook 是 Git 本身�供的功能。您�以在下方编辑 hook 文件以设置自定义�作。
+settings.webhook.replay.description=�放此 Web 钩�。
+settings.webhook.replay.description_disabled=若��新�行此 Web 钩�，请激活它。
+settings.webhook.delivery.success=一个事件已添加到推�队列。�能需�过几秒钟�会显示在推�记录中。
+settings.githooks_desc=Git 钩�是 Git 本身�供的功能。您�以在下方编辑 hook 文件以设置自定义�作。
 settings.githook_edit_desc=如果钩�未�动，则会显示样例文件中的内容。如果想�删除�个钩�，则�交空白文本��。
 settings.githook_name=钩��称
 settings.githook_content=钩�文本
@@ -2294,8 +2235,9 @@ settings.update_githook=更新钩�设置
 settings.add_webhook_desc=Gitea 将�目标 URL ��具有指定内容类型的 <code>POST</code> 请求。在 <a target="_blank" rel="noopener noreferrer" href="%s">webhooks 指�</a> 中阅读更多内容。
 settings.payload_url=目标 URL
 settings.http_method=HTTP 方法
-settings.content_type=POST  Content Type
-settings.secret=密钥文本
+settings.content_type=POST 内容类型
+settings.secret=密钥
+settings.webhook_secret_desc=如果 Webhook �务器支�使用密钥，您�以按照 Webhook 的手册在此处填写一个密钥。
 settings.slack_username=�务�称
 settings.slack_icon_url=图标 URL
 settings.slack_color=颜色
@@ -2311,10 +2253,12 @@ settings.event_create_desc=创建分支或标签
 settings.event_delete=刪除
 settings.event_delete_desc=分支或标签已删除。
 settings.event_fork=派生
-settings.event_fork_desc=仓库被派生。
+settings.event_fork_desc=仓库已派生。
 settings.event_wiki=百科
 settings.event_wiki_desc=创建��命��编辑或删除了百科页�。
-settings.event_release=版本�布
+settings.event_statuses=状�
+settings.event_statuses_desc=已从 API 更新�交状�。
+settings.event_release=�布
 settings.event_release_desc=�布�更新或删除版本时。
 settings.event_push=推�
 settings.event_force_push=强制推�
@@ -2325,40 +2269,45 @@ settings.event_header_issue=工�事件
 settings.event_issues=工�
 settings.event_issues_desc=工�已打开�已关闭�已�新打开或已编辑。
 settings.event_issue_assign=工�已指派
-settings.event_issue_assign_desc=工�已被指派或�消指派。
-settings.event_issue_label=已标记工�
-settings.event_issue_label_desc=工�标签被更新或清除。
-settings.event_issue_milestone=工�被收入里程碑中
-settings.event_issue_milestone_desc=工�被收入或�消收入里程碑中。
+settings.event_issue_assign_desc=工�已指派或�消指派。
+settings.event_issue_label=工�增删标签
+settings.event_issue_label_desc=工�标签已更新或清除。
+settings.event_issue_milestone=工�已收入里程碑中
+settings.event_issue_milestone_desc=工�已收入或�消收入里程碑中。
 settings.event_issue_comment=工�评论
-settings.event_issue_comment_desc=工�评论被创建�编辑或删除
+settings.event_issue_comment_desc=工�评论已创建�编辑或删除。
 settings.event_header_pull_request=�并请求事件
 settings.event_pull_request=�并请求
-settings.event_pull_request_desc=�并请求被打开�被关闭�被�新打开或被编辑。
-settings.event_pull_request_assign=�并请求被指派
-settings.event_pull_request_assign_desc=�并请求被指派或�消指派。
-settings.event_pull_request_label=�并请求被贴上标签
-settings.event_pull_request_label_desc=�并请求的标签被更新或清除。
-settings.event_pull_request_milestone=�并请求被记录于里程碑中
-settings.event_pull_request_milestone_desc=�并请求被记录或�消记录于里程碑中。
-settings.event_pull_request_comment=�并请求被评论
-settings.event_pull_request_comment_desc=�并请求评论被创建�编辑或删除。
+settings.event_pull_request_desc=�并请求已打开�关闭��新打开或编辑。
+settings.event_pull_request_assign=�并请求已指派
+settings.event_pull_request_assign_desc=�并请求已指派或�消指派。
+settings.event_pull_request_label=�并请求增删标签
+settings.event_pull_request_label_desc=�并请求的标签已更新或清除。
+settings.event_pull_request_milestone=�并请求已记录于里程碑中
+settings.event_pull_request_milestone_desc=�并请求已记录或�消记录于里程碑中。
+settings.event_pull_request_comment=�并请求已评论
+settings.event_pull_request_comment_desc=�并请求评论已创建�编辑或删除。
 settings.event_pull_request_review=已审核的�并请求
-settings.event_pull_request_review_desc=�并请求被批准�拒�或�出审查��
-settings.event_pull_request_sync=�并请求被�步
-settings.event_pull_request_sync_desc=�并请求被�步。
+settings.event_pull_request_review_desc=�并请求已批准�拒�或�出审查��。
+settings.event_pull_request_sync=�并请求已�步
+settings.event_pull_request_sync_desc=�并请求已�步。
 settings.event_pull_request_review_request=�起�并请求评审
 settings.event_pull_request_review_request_desc=�并请求评审已请求或已�消
 settings.event_pull_request_approvals=�并请求批准
 settings.event_pull_request_merge=�并请求�并
+settings.event_header_workflow=工作�程事件
+settings.event_workflow_run=工作��行
+settings.event_workflow_run_desc=Gitea 工作�队列中�等待中�正在进行或已完�的任务。
+settings.event_workflow_job=工作�任务
+settings.event_workflow_job_desc=Gitea 工作�队列中�等待中�正在进行或已完�的任务。
 settings.event_package=软件包
-settings.event_package_desc=软件包已在仓库中被创建或删除。
+settings.event_package_desc=软件包在仓库中已创建或删除。
 settings.branch_filter=分支过滤
-settings.branch_filter_desc=推��创建，删除分支事件的分支白��，使用 glob 模�匹�指定。若为空或 <code>*</code>，则将报告所有分支的事件。语法文档� <a href="%[1]s">%[2]s</a>。示例：<code>master</code>,<code>{master,release*}</code>。
+settings.branch_filter_desc=推��创建，删除分支事件的分支白��，使用 glob 表达�匹�指定。若为空或 <code>*</code>，则会报告所有分支的事件。语法文档� <a href="%[1]s">%[2]s</a>。示例：<code>master</code>,<code>{master,release*}</code>。
 settings.authorization_header=授�标头
 settings.authorization_header_desc=当存在时将被作为授�标头包�在内。例如: %s。
 settings.active=激活
-settings.active_helper=触�事件的信�将��到此 webhook 网�。
+settings.active_helper=触�事件的信�将��到此 Web 钩� URL。
 settings.add_hook_success=Web 钩�添加�功�
 settings.update_webhook=æ›´æ–° Web é’©å­�
 settings.update_hook_success=Web 钩�更新�功�
@@ -2368,7 +2317,7 @@ settings.hook_type=钩�类型
 settings.slack_token=令牌
 settings.slack_domain=域�
 settings.slack_channel=频�
-settings.add_web_hook_desc=将 <a target="_blank" rel="noreferrer" href="%s">%s</a>集�到您的代�库。
+settings.add_web_hook_desc=将 <a target="_blank" rel="noreferrer" href="%s">%s</a> 集�到您的仓库。
 settings.web_hook_name_gitea=Gitea
 settings.web_hook_name_gogs=Gogs
 settings.web_hook_name_slack=Slack
@@ -2395,7 +2344,7 @@ settings.title=标题
 settings.deploy_key_content=密钥文本
 settings.key_been_used=具有相�内容的部署密钥已在使用中。
 settings.key_name_used=使用相��称的部署密钥已�存在�
-settings.add_key_success=部署密钥 %s 添加�功。
+settings.add_key_success=部署密钥「%s�添加�功。
 settings.deploy_key_deletion=删除部署密钥
 settings.deploy_key_deletion_desc=删除部署密钥将�消此密钥对此仓库的访问��。继续？
 settings.deploy_key_deletion_success=部署密钥已删除。
@@ -2404,11 +2353,11 @@ settings.protected_branch=分支�护
 settings.protected_branch.save_rule=�存规则
 settings.protected_branch.delete_rule=删除规则
 settings.protected_branch_can_push=是��许推�？
-settings.protected_branch_can_push_yes=你�以推
-settings.protected_branch_can_push_no=你�能推�
-settings.branch_protection=分支 '<b>%s</b>' 的�护规则
+settings.protected_branch_can_push_yes=您�以推�
+settings.protected_branch_can_push_no=您�能推�
+settings.branch_protection=分支「<b>%s</b>�的�护规则
 settings.protect_this_branch=�用分支�护
-settings.protect_this_branch_desc=阻止删除并�制Git推�和�并到分支。
+settings.protect_this_branch_desc=阻止删除并�制 Git 推�和�并到分支。
 settings.protect_disable_push=�用推�
 settings.protect_disable_push_desc=此分支��许推�。
 settings.protect_disable_force_push=�用强制推�
@@ -2434,13 +2383,13 @@ settings.protect_merge_whitelist_committers_desc=ä»…å…�许白å��å�•ç”¨æˆ·æˆ–团é
 settings.protect_merge_whitelist_users=�并白��用户：
 settings.protect_merge_whitelist_teams=�并白��团队：
 settings.protect_check_status_contexts=�用状�检查
-settings.protect_status_check_patterns=状�检查模�：
-settings.protect_status_check_patterns_desc=输入模�，指定哪些状�检查必须通过，�能将分支�并到符�此规则的分支中去。�一行指定一个模�，模��能为空。
+settings.protect_status_check_patterns=状�检查表达�：
+settings.protect_status_check_patterns_desc=输入表达�以指定在分支�并到匹�此规则的分支之�必须通过哪些状�检查。�一行指定一个表达�且表达��能为空。
 settings.protect_check_status_contexts_desc=�求状�检查通过�能�并。如果�用，�交必须先推�到�一个分支，然���并或推�到匹�这些�护规则的分支。如果没有选择具体的状�检查上下文，则所有的状�检查都通过�能�并。
 settings.protect_check_status_contexts_list=此仓库上周进行过的状�检查
 settings.protect_status_check_matched=匹�
-settings.protect_invalid_status_check_pattern=无效的状�检查规则：“%s�。
-settings.protect_no_valid_status_check_patterns=没有有效的状�检查规则。
+settings.protect_invalid_status_check_pattern=无效的状�检查表达�：「%s�。
+settings.protect_no_valid_status_check_patterns=没有有效的状�检查表达�。
 settings.protect_required_approvals=所需的批准：
 settings.protect_required_approvals_desc=��许�并有足够审核的�并请求。�求的审核必须�自白��或者有��的用户或团队。
 settings.protect_approvals_whitelist_enabled=仅列入白��的用户或团队��批准
@@ -2453,18 +2402,18 @@ settings.ignore_stale_approvals=忽略过期批准
 settings.ignore_stale_approvals_desc=对旧�交（过期审核）的批准将�计入 PR 的批准数。如果过期审查已被驳回，则与此无关。
 settings.require_signed_commits=需�签��交
 settings.require_signed_commits_desc=拒�推�未签�或无法验�的�交到分支
-settings.protect_branch_name_pattern=��护的分支�称模�
-settings.protect_branch_name_pattern_desc=分支�护的�称匹�规则。语法请�阅 <a href="%s">文档</a> 。如：main, release/**
-settings.protect_patterns=规则
-settings.protect_protected_file_patterns=��护的文件模�(使用分� ';' 分隔)：
-settings.protect_protected_file_patterns_desc=�使用户有�添加�编辑或删除此分支中的文件，也��许直接更改��护的文件。 �以使用分� (';') 分隔多个模�。 �<a href='%[1]s'>%[2]s</a>文档了解模�语法。例如： <code>.drone.yml</code>, <code>/docs/**/*.txt</code>
-settings.protect_unprotected_file_patterns=���护的文件模�(使用分� ';' 分隔)：
-settings.protect_unprotected_file_patterns_desc=如果用户有写��，则�许直接更改的���护的文件，以绕过推��制。�以使用分�分隔多个模� (';')。 � <a href='%[1]s'>%[2]s</a> 文档了解模�语法。例如： <code>.drone.yml</code>, <code>/docs/**/*.txt</code>
+settings.protect_branch_name_pattern=��护的分支�称表达�
+settings.protect_branch_name_pattern_desc=分支�护的�称匹�表达�。语法请�阅 <a href="%s">文档</a> 。如：main, release/**
+settings.protect_patterns=表达�
+settings.protect_protected_file_patterns=��护的文件表达�（使用分�「;�分隔）：
+settings.protect_protected_file_patterns_desc=�使用户有�添加�编辑或删除此分支中的文件，也��许直接更改��护的文件。 �以使用分�「;�分隔多个表达�。 �<a href='%[1]s'>%[2]s</a>文档了解表达�语法。例如： <code>.drone.yml</code>, <code>/docs/**/*.txt</code>。
+settings.protect_unprotected_file_patterns=���护的文件表达�（使用分�「;�分隔）：
+settings.protect_unprotected_file_patterns_desc=如果用户有写��，则�许直接更改的���护的文件，以绕过推��制。�以使用分�分隔多个表达�「;�。 � <a href='%[1]s'>%[2]s</a> 文档了解表达�语法。例如： <code>.drone.yml</code>, <code>/docs/**/*.txt</code>。
 settings.add_protected_branch=�用�护
 settings.delete_protected_branch=�用�护
-settings.update_protect_branch_success=分支�护规则 %s 更新�功。
-settings.remove_protected_branch_success=移除分支�护规则"%s"�功。
-settings.remove_protected_branch_failed=移除分支�护规则"%s"失败。
+settings.update_protect_branch_success=分支�护规则「%s�更新�功。
+settings.remove_protected_branch_success=分支�护规则「%s�移除�功。
+settings.remove_protected_branch_failed=分支�护规则「%s�移除失败。
 settings.protected_branch_deletion=删除分支�护
 settings.protected_branch_deletion_desc=�用分支�护�许具有写入��的用户推��交到此分支。继续？
 settings.block_rejected_reviews=拒�审核阻止了此�并
@@ -2474,7 +2423,6 @@ settings.block_on_official_review_requests_desc=处于评审状æ€�时，å�³ä½¿æœ
 settings.block_outdated_branch=如果�并请求已�过时，阻止�并
 settings.block_outdated_branch_desc=当头部分支��基础分支时，�能�并。
 settings.block_admin_merge_override=管�员须�守分支�护规则
-settings.block_admin_merge_override_desc=管�员须�守分支�护规则，�能规�该规则。
 settings.default_branch_desc=请选择一个默认的分支用于�并请求和�交：
 settings.merge_style_desc=�并方�
 settings.default_merge_style_desc=默认�并风格
@@ -2485,15 +2433,15 @@ settings.protected_branch_required_rule_name=必须填写规则�称
 settings.protected_branch_duplicate_rule_name=规则�称已存在
 settings.protected_branch_required_approvals_min=所需的审批数�能为负数。
 settings.tags=标签
-settings.tags.protection=Git标签�护
-settings.tags.protection.pattern=Git标签模�
+settings.tags.protection=标签�护
+settings.tags.protection.pattern=标签表达�
 settings.tags.protection.allowed=�许列表
 settings.tags.protection.allowed.users=�许的账�
 settings.tags.protection.allowed.teams=�许的团队
 settings.tags.protection.allowed.noone=æ— 
-settings.tags.protection.create=�护Git标签
-settings.tags.protection.none=没有��护的Git标签
-settings.tags.protection.pattern.description=你�以使用�个�称或 glob 模�匹�或正则表达��匹�多个标签。了解详情请访问 <a target="_blank" rel="noopener" href="%s">�护Git标签指�</a>。
+settings.tags.protection.create=�护标签
+settings.tags.protection.none=没有��护的标签。
+settings.tags.protection.pattern.description=您�以使用�个�称或 glob 表达�匹�或正则表达��匹�多个标签。了解详情请访问 <a target="_blank" rel="noopener" href="%s">�护标签指�</a>。
 settings.bot_token=Bot 令牌
 settings.chat_id=�天 ID
 settings.thread_id=线程 ID
@@ -2501,10 +2449,7 @@ settings.matrix.homeserver_url=主�务器网�
 settings.matrix.room_id=房间ID
 settings.matrix.message_type=消�类型
 settings.visibility.private.button=设为�有
-settings.visibility.private.text=将��性更改为�有�仅会使仓库仅对�许的�员��，而且�能会消除它与派生仓库�关注者和点赞之间的关系。
 settings.visibility.private.bullet_title=<strong>将��性改为�有将会：</strong>
-settings.visibility.private.bullet_one=使仓库�对�许的�员��。
-settings.visibility.private.bullet_two=�能会删除它与 <strong>派生仓库</strong>� <strong>关注者</strong>和 <strong>点赞</strong> 之间的关系。
 settings.visibility.public.button=设为公开
 settings.visibility.public.text=将��性更改为公开会使任何人都��。
 settings.visibility.public.bullet_title=<strong>将��性改为公开将会：</strong>
@@ -2514,16 +2459,15 @@ settings.visibility.error=试图更改仓库��性时出错。
 settings.visibility.fork_error=无法更改派生仓库的��性。
 settings.archive.button=归档仓库
 settings.archive.header=归档此仓库
-settings.archive.text=归档仓库将使其完全�读。它将在首页��。没有人（甚至你�）能够进行新的�交，或打开工���并请求。
+settings.archive.text=归档仓库将使其完全�读。它将在首页��。没有人（包括您）能够进行新的�交，或打开工���并请求。
 settings.archive.success=仓库已�功归档。
 settings.archive.error=仓库在归档时出现异常。请通过日志获�详细信�。
 settings.archive.error_ismirror=请��对镜�仓库归档，谢谢�
 settings.archive.branchsettings_unavailable=已归档仓库无法进行分支设置。
-settings.archive.tagsettings_unavailable=已归档仓库的Git标签设置��用。
-settings.archive.mirrors_unavailable=如果仓库已被归档，镜�将��用。
+settings.archive.tagsettings_unavailable=已归档仓库的标签设置��用。
+settings.archive.mirrors_unavailable=如果仓库已归档，镜�将��用。
 settings.unarchive.button=撤销仓库归档
 settings.unarchive.header=撤销此仓库归档
-settings.unarchive.text=撤销归档将��仓库接收�交�推�，以�新工�和�并请求的能力。
 settings.unarchive.success=仓库已�功撤销归档。
 settings.unarchive.error=仓库在�消归档时出现异常。请通过日志获�详细信�。
 settings.update_avatar_success=仓库头�已�更新。
@@ -2541,11 +2485,9 @@ settings.lfs_invalid_locking_path=无效路径：%s
 settings.lfs_invalid_lock_directory=无法�定目录：%s
 settings.lfs_lock_already_exists=�已�存在：%s
 settings.lfs_lock=�定
-settings.lfs_lock_path=��定的文件路径...
 settings.lfs_locks_no_locks=无�定
 settings.lfs_lock_file_no_exist=�定的文件在默认分支中�存在
 settings.lfs_force_unlock=强制解�
-settings.lfs_pointers.found=找到 %d 个�指针 - %d 个关�， %d 个未关�(%d 个从仓库丢失)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=在仓库中
@@ -2574,7 +2516,7 @@ diff.whitespace_show_everything=显示所有更改
 diff.whitespace_ignore_all_whitespace=比较行时忽略空白符�
 diff.whitespace_ignore_amount_changes=忽略空白符�数�的�化
 diff.whitespace_ignore_at_eol=忽略行末空白符�的更改
-diff.stats_desc=共有 <strong> %d 个文件被更改</strong>，包括 <strong>%d 次�入</strong> 和 <strong>%d 次删除</strong>
+diff.stats_desc=共<strong>修改 %d 个文件</strong>，包� <strong>%d 行新增</strong>和 <strong>%d 行删除</strong>
 diff.stats_desc_file=�更 %d 行：新增 %d 行，删除  %d 行
 diff.bin=二进制
 diff.bin_not_shown=二进制文件未显示。
@@ -2613,24 +2555,27 @@ diff.image.overlay=�加
 diff.has_escaped=这一行有��的 Unicode 字符
 diff.show_file_tree=显示文件树
 diff.hide_file_tree=��文件树
+diff.submodule_added=�模� %[1]s 已添加到 %[2]s
+diff.submodule_deleted=�模� %[1]s 已从 %[2]s 中删除
+diff.submodule_updated=�模� %[1]s 已更新：%[2]s
 
 releases.desc=跟踪项目版本和下载。
-release.releases=版本�布
+release.releases=�布
 release.detail=�布详情
-release.tags=Git标签
+release.tags=标签
 release.new_release=�布新版
 release.draft=�稿
-release.prerelease=预�行
+release.prerelease=预�布
 release.stable=稳定
-release.latest=最新版本
+release.latest=最新
 release.compare=比较
 release.edit=编辑
 release.ahead.commits=<strong>%d</strong> 次�交
-release.ahead.target=在此版本�布�被加入到 %s
+release.ahead.target=在此版本�布�已加入到 %s
 tag.ahead.target=自此标签到 %s
 release.source_code=�代�
-release.new_subheader=版本�布组织项目的版本。
-release.edit_subheader=版本�布组织项目的版本。
+release.new_subheader=�布组织项目的版本。
+release.edit_subheader=�布组织项目的版本。
 release.tag_name=标签�称
 release.target=目标分支
 release.tag_helper=选择一个存在的标签或者创建新标签。
@@ -2639,77 +2584,82 @@ release.tag_helper_existing=现有标签。
 release.title=�布标题
 release.title_empty=标题�能为空。
 release.message=�述这个版本
-release.prerelease_desc=标记为预�行
+release.prerelease_desc=标记为预�布
 release.prerelease_helper=标记此版本�适�生产使用。
 release.cancel=�消
 release.publish=�布版本
 release.save_draft=�存�稿
 release.edit_release=�存此次�布
 release.delete_release=删除�布
-release.delete_tag=删除 Git标签
+release.delete_tag=删除标签
 release.deletion=删除�布
-release.deletion_desc=删除版本�布�会从 Gitea 中移除。这�会影� Git 的标签以�您仓库的内容和历�。是�继续？
-release.deletion_success=Release已被删除。
-release.deletion_tag_desc=将从仓库中删除此 Git标签。仓库内容和历�记录����。继续�？
-release.deletion_tag_success=该 Git标签 已�被删除
-release.tag_name_already_exist=使用此标签�称的�布版本已�存在。
+release.deletion_desc=删除�布�会从 Gitea 中移除�布。这�会影� Git 的标签以�您仓库的内容和历�。是�继续？
+release.deletion_success=该�布已删除。
+release.deletion_tag_desc=将从仓库中删除此标签。仓库内容和历�记录����。继续�？
+release.deletion_tag_success=该标签已删除。
+release.tag_name_already_exist=使用此标签�称的�布已�存在。
 release.tag_name_invalid=标签�称无效。
-release.tag_name_protected=Git标签�称已��护。
-release.tag_already_exist=此 Git标签 �称已存在
+release.tag_name_protected=标签�已��护。
+release.tag_already_exist=此标签�已存在。
 release.downloads=下载附件
 release.download_count=下载：%s
 release.add_tag_msg=使用�布的标题和内容作为标签消�。
 release.add_tag=仅创建标签
-release.releases_for=%s 的版本�布
+release.releases_for=%s 的�布
 release.tags_for=%s 的标签
 
 branch.name=分支�称
-branch.already_exists=�为 %s 的分支已存在。
+branch.already_exists=�为「%s�的分支已存在。
 branch.delete_head=刪除
-branch.delete=删除分支 %s
+branch.delete=删除分支「%s�
 branch.delete_html=删除分支
 branch.delete_desc=删除分支是永久的。虽然已删除的分支在实际被删除�有�能会短时间存在，但这在大多数情况下无法撤销。是�继续？
-branch.deletion_success=分支 %s 已被删除。
-branch.deletion_failed=删除分支 %s 失败。
-branch.delete_branch_has_new_commits=因为�并之�有新的�交，分支 %s 无法被删除。
+branch.deletion_success=分支「%s�删除�功。
+branch.deletion_failed=分支「%s�删除失败。
+branch.delete_branch_has_new_commits=因为�并之�有新的�交，分支「%s�无法删除。
 branch.create_branch=创建分支 %s
-branch.create_from=从 %s
-branch.create_success=分支 '%s' 已创建。
-branch.branch_already_exists=此仓库已存在�为 %s 的分支。
-branch.branch_name_conflict=分支�称"%s"与已存在的分支"%s"冲�。
-branch.tag_collision=分支 %s �能被创建因为��的标签已�存在。
+branch.create_from=从「%s�
+branch.create_success=分支「%s�已创建。
+branch.branch_already_exists=此仓库已存在�为「%s�的分支。
+branch.branch_name_conflict=分支�称「%s�与已存在的分支「%s�冲�。
+branch.tag_collision=分支「%s�无法创建，因为��的标签已�存在。
 branch.deleted_by=删除人：%s
-branch.restore_success=分支 "%s"已还原。
-branch.restore_failed=还原分支 "%s"失败。
-branch.protected_deletion_failed=�能删除��护的分支 "%s"。
-branch.default_deletion_failed=�能删除默认分支"%s"。
-branch.restore=`还原分支 "%s"`
-branch.download=`下载分支 "%s"`
-branch.rename=`�命�分支 "%s"`
+branch.restore_success=分支「%s�已还原。
+branch.restore_failed=分支「%s�还原失败。
+branch.protected_deletion_failed=�能删除��护的分支「%s�。
+branch.default_deletion_failed=�能删除默认分支「%s�。
+branch.default_branch_not_exist=默认分支「%s��存在。
+branch.restore=还原分支「%s�
+branch.download=下载分支「%s�
+branch.rename=�命�分支「%s�
 branch.included_desc=此分支是默认分支的一部分
 branch.included=已包�
 branch.create_new_branch=从下列分支创建分支：
 branch.confirm_create_branch=创建分支
 branch.warning_rename_default_branch=您正在�命�默认分支。
-branch.rename_branch_to=�命� %s 为:
+branch.rename_branch_to=�命�「%s�为：
 branch.confirm_rename_branch=�命�分支
 branch.create_branch_operation=创建分支
 branch.new_branch=创建新分支
-branch.new_branch_from=基于"%s"创建新分支
-branch.renamed=分支 %s 被�命�为 %s。
+branch.new_branch_from=基于「%s�创建新分支
+branch.renamed=分支 %s 已�命�为 %s。
+branch.rename_default_or_protected_branch_error=�有管�员能�命�默认分支和��护的分支。
+branch.rename_protected_branch_failed=此分支�到 glob 语法规则的�护。
+branch.commits_no_divergence=与分支 %[1]s 相�
 
 tag.create_tag=创建标签 %s
 tag.create_tag_operation=创建标签
 tag.confirm_create_tag=创建标签
-tag.create_tag_from=基于"%s"创建新标签
+tag.create_tag_from=基于「%s�创建新标签
 
-tag.create_success=标签"%s"已存在
+tag.create_success=标签「%s�已存在。
 
 topic.manage_topics=管�主题
 topic.done=�存
 topic.count_prompt=您最多选择25个主题
 topic.format_prompt=主题必须以字�或数字开头，�以包�连字符 ('-') 和�点 ('.')，长度�得超过35个字符。字符必须为�写。
 
+find_file.follow_symlink=跟�此符�链接的指��置
 find_file.go_to_file=转到文件
 find_file.no_matching=没有找到匹�的文件
 
@@ -2719,9 +2669,8 @@ error.csv.invalid_field_count=无法渲染此文件，因为它在第 %d 行中ç
 error.broken_git_hook=此仓库的 Git 钩�似乎已��。 请按照 <a target="_blank" rel="noreferrer" href="%s">文档</a> �修�它们，然�推�一些�交�刷新状�。
 
 [graphs]
-component_loading=正在加载 %s...
 component_loading_failed=无法加载 %s
-component_loading_info=这�能需�一点…
+component_loading_info=这�能需�一点时间…
 component_failed_to_load=�外的错误�生了。
 code_frequency.what=代�频率
 contributors.what=贡献
@@ -2750,14 +2699,14 @@ team_permission_desc=��
 team_unit_desc=�许访问仓库�元
 team_unit_disabled=(已�用)
 
-form.name_reserved=组织�称 '%s' 是被�留的。
-form.name_pattern_not_allowed=仓库�称中��许使用 "%s"。
+form.name_been_taken=组织�称「%s�已�被�用。
+form.name_reserved=组织�称「%s�是�留的。
+form.name_pattern_not_allowed=组织�中��许使用「%s�格�。
 form.create_org_not_allowed=此账��止创建组织
 
 settings=组织设置
 settings.options=组织
 settings.full_name=组织全�
-settings.email=�系电�邮件
 settings.website=网站
 settings.location=所在地区
 settings.permission=��
@@ -2771,15 +2720,23 @@ settings.visibility.private_shortname=�有
 
 settings.update_settings=更新组织设置
 settings.update_setting_success=组织设置已更新。
-settings.change_orgname_prompt=注�：更改组织�称�时会更改组织的 URL 地�并释放旧的�称。
-settings.change_orgname_redirect_prompt=在被人使用�，旧用户�将会被�定�。
+
+settings.rename=修改组织�称
+settings.rename_desc=更改组织�称�时会更改组织的 URL 地�并释放旧的�称。
+settings.rename_new_org_name=新组织�称
+settings.rename_notices_1=此�作 <strong>无法</strong> 被回滚。
+settings.rename_notices_2=在被人使用�，旧�称将会被�定�。
+
 settings.update_avatar_success=组织头�已�更新。
 settings.delete=删除组织
 settings.delete_account=删除当�组织
-settings.delete_prompt=删除�作会永久清除该组织的信�，并且 <strong>����</strong>�
+settings.delete_prompt=删除�作会永久清除该组织的信�，并且 <strong>无法</strong> ���
+settings.name_confirm=输入组织�称以确认：
+settings.delete_notices_1=此�作 <strong>无法</strong> 被回滚。
+settings.delete_notices_3=此�作将永久删除 <strong>%s</strong> 的所有 <strong>软件包</strong>。
+settings.delete_notices_4=此�作将永久删除 <strong>%s</strong> 的所有 <strong>项目</strong>。
 settings.confirm_delete_account=确认删除组织
-settings.delete_org_title=删除组织
-settings.delete_org_desc=此组织将会被永久删除，确认继续�？
+settings.delete_successful=组织 <b>%s</b> 已�功删除。
 settings.hooks_desc=在此处添加的 Web 钩�将会应用到该组织下的 <strong>所有仓库</strong>。
 
 settings.labels_desc=添加能够被该组织下的 <strong>所有仓库</strong> 的工�使用的标签。
@@ -2825,7 +2782,7 @@ teams.invite_team_member=邀请加入 %s
 teams.invite_team_member.list=待处�的邀请
 teams.delete_team_title=删除团队
 teams.delete_team_desc=删除一个团队将删除团队�员的访问��，继续？
-teams.delete_team_success=该团队已被删除。
+teams.delete_team_success=该团队已删除。
 teams.read_permission_desc=该团队拥有对所属仓库的 <strong>读�</strong> ��，团队�员�以进行查看和克隆等�读�作。
 teams.write_permission_desc=该团队拥有对所属仓库的 <strong>读�</strong> 和 <strong>写入</strong> 的��。
 teams.admin_permission_desc=该团队拥有一定的 <strong>管�</strong> ��，团队�员�以读��克隆�推�以�添加其它仓库�作者。
@@ -2835,7 +2792,6 @@ teams.remove_all_repos_title=移除所有团队仓库
 teams.remove_all_repos_desc=这将从团队中移除所有仓库。
 teams.add_all_repos_title=添加所有仓库
 teams.add_all_repos_desc=这将把组织的所有仓库添加到团队。
-teams.add_nonexistent_repo=您�试添加的仓库�存在，请先创建它。
 teams.add_duplicate_users=用户已�是团队�员。
 teams.repos.none=此团队无法访问任何仓库。
 teams.members.none=团队中没有�员。
@@ -2851,7 +2807,18 @@ teams.invite.title=您已被邀请加入组织 <strong>%s</strong> 中的团队
 teams.invite.by=邀请人 %s
 teams.invite.description=请点击下�的按钮加入团队。
 
+view_as_role=以 %s 身份查看
+view_as_public_hint=您正在以公开用户的身份查看 README
+view_as_member_hint=您正在以组织�员的身份查看 README
 
+worktime=工作时间
+worktime.date_range_start=起始日期
+worktime.date_range_end=结�日期
+worktime.query=查询
+worktime.time=时间
+worktime.by_repositories=按仓库
+worktime.by_milestones=按里程碑
+worktime.by_members=按�员
 
 [admin]
 maintenance=维护
@@ -2865,7 +2832,6 @@ repositories=仓库管�
 hooks=Web é’©å­�
 integrations=集�
 authentication=认��
-emails=用户邮件
 config=应用�置
 config_summary=摘�
 config_settings=设置
@@ -2884,46 +2850,37 @@ dashboard.operation_name=�作�称
 dashboard.operation_switch=开关
 dashboard.operation_run=执行
 dashboard.clean_unbind_oauth=清�未绑定的 OAuth 连接
-dashboard.clean_unbind_oauth_success=所有未绑定的 OAuth 连接已被删除。
+dashboard.clean_unbind_oauth_success=所有未绑定的 OAuth 连接已删除。
 dashboard.task.started=已开始任务：%[1]s
 dashboard.task.process=任务: %[1]s
 dashboard.task.cancelled=任务: %[1]s 已�消: %[3]s
 dashboard.task.error=任务中的错误: %[1]s: %[3]s
 dashboard.task.finished=任务: %[2]s �动的 %[1]s 已完�
 dashboard.task.unknown=未知任务： %[1]s
-dashboard.cron.started=已开始计划任务：%[1]s
+dashboard.cron.started=计划任务：%[1]s 已�动
 dashboard.cron.process=计划任务：%[1]s
-dashboard.cron.cancelled=定时任务: %[1]s 已�消: %[3]s
-dashboard.cron.error=任务中的错误： %s: %[3]s
-dashboard.cron.finished=任务：%[1]s 已�完�
+dashboard.cron.cancelled=计划任务：%[1]s 已�消：%[3]s
+dashboard.cron.error=计划任务错误： %s: %[3]s
+dashboard.cron.finished=计划任务：%[1]s 已完�
 dashboard.delete_inactive_accounts=删除所有未激活的�户
-dashboard.delete_inactive_accounts.started=删除所有未激活的账户任务已�动。
-dashboard.delete_repo_archives=删除所有代�库的存档 (ZIP� TAR�GZ, 等...)
-dashboard.delete_repo_archives.started=删除所有仓库存档任务已�动。
+dashboard.delete_repo_archives=删除所有仓库的存档（ZIP�TAR�GZ等）
 dashboard.delete_missing_repos=删除所有丢失 Git 文件的仓库
-dashboard.delete_missing_repos.started=删除所有丢失 Git 文件的仓库任务已�动。
 dashboard.delete_generated_repository_avatars=删除生�的仓库头�
-dashboard.sync_repo_branches=将缺少的分支从 git 数��步到数�库
-dashboard.sync_repo_tags=从 git 数��步标签到数�库
+dashboard.sync_repo_branches=将缺少的分支从 Git 数��步到数�库
+dashboard.sync_repo_tags=从 Git 数��步标签到数�库
 dashboard.update_mirrors=更新镜�仓库
 dashboard.repo_health_check=�康检查所有仓库
 dashboard.check_repo_stats=检查所有仓库统计
 dashboard.archive_cleanup=删除旧的仓库存档
-dashboard.deleted_branches_cleanup=清�已删除的分支
 dashboard.update_migration_poster_id=更新�移的�表者ID
-dashboard.git_gc_repos=对仓库进行垃圾回收
-dashboard.resync_all_sshkeys=使用 Gitea 的 SSH 密钥更新「.ssh/authorized_keys�文件。
-dashboard.resync_all_sshprincipals=使用 Gitea 的 SSH 规则更新「.ssh/authorized_principals�文件。
-dashboard.resync_all_hooks=�新�步所有仓库的 pre-receive�update 和 post-receive 钩�
 dashboard.reinit_missing_repos=�新�始化所有丢失的 Git 仓库存在的记录
 dashboard.sync_external_users=�步外部用户数�
 dashboard.cleanup_hook_task_table=清� hook_task 表
-dashboard.cleanup_packages=清�过期的软件包
-dashboard.cleanup_actions=清�过期的 Actions 资�
+dashboard.cleanup_actions=清�过期的工作�资�
 dashboard.server_uptime=�务�行时间
 dashboard.current_goroutine=当� Goroutines 数�
 dashboard.current_memory_usage=当�内存使用�
-dashboard.total_memory_allocated=所有被分�的内存
+dashboard.total_memory_allocated=所有已分�的内存
 dashboard.memory_obtained=内存�用�
 dashboard.pointer_lookup_times=指针查找次数
 dashboard.memory_allocate_times=内存分�次数
@@ -2932,36 +2889,34 @@ dashboard.current_heap_usage=当� Heap 内存使用�
 dashboard.heap_memory_obtained=Heap 内存�用�
 dashboard.heap_memory_idle=Heap 内存空闲�
 dashboard.heap_memory_in_use=正在使用的 Heap 内存
-dashboard.heap_memory_released=被释放的 Heap 内存
+dashboard.heap_memory_released=已释放的 Heap 内存
 dashboard.heap_objects=Heap 对象数�
 dashboard.bootstrap_stack_usage=�动 Stack 使用�
-dashboard.stack_memory_obtained=被分�的 Stack 内存
+dashboard.stack_memory_obtained=已分�的 Stack 内存
 dashboard.mspan_structures_usage=MSpan 结构内存使用�
-dashboard.mspan_structures_obtained=被分�的 MSpan 结构内存
+dashboard.mspan_structures_obtained=已分�的 MSpan 结构内存
 dashboard.mcache_structures_usage=MCache 结构内存使用�
-dashboard.mcache_structures_obtained=被分�的 MCache 结构内存
-dashboard.profiling_bucket_hash_table_obtained=被分�的剖�哈希表内存
-dashboard.gc_metadata_obtained=被分�的 GC 元数�内存
-dashboard.other_system_allocation_obtained=其它被分�的系统内存
+dashboard.mcache_structures_obtained=已分�的 MCache 结构内存
+dashboard.profiling_bucket_hash_table_obtained=已分�的剖�哈希表内存
+dashboard.gc_metadata_obtained=已分�的 GC 元数�内存
+dashboard.other_system_allocation_obtained=其它已分�的系统内存
 dashboard.next_gc_recycle=下次 GC 内存回收�
 dashboard.last_gc_time=�离上次 GC 时间
 dashboard.total_gc_time=GC 暂�时间总�
 dashboard.total_gc_pause=GC 暂�时间总�
 dashboard.last_gc_pause=上次 GC 暂�时间
 dashboard.gc_times=GC 执行次数
-dashboard.delete_old_actions=从数�库中删除所有旧�作记录
-dashboard.delete_old_actions.started=已开始从数�库中删除所有旧�作记录。
+dashboard.delete_old_actions=从数�库中删除所有旧工作�记录
 dashboard.update_checker=更新检查器
 dashboard.delete_old_system_notices=从数�库中删除所有旧系统通知
-dashboard.gc_lfs=垃圾回收 LFS 元数�
-dashboard.stop_zombie_tasks=�止僵尸任务
-dashboard.stop_endless_tasks=�止无法�止的任务
-dashboard.cancel_abandoned_jobs=�消丢弃的任务
-dashboard.start_schedule_tasks=开始Actions调度任务
+dashboard.stop_zombie_tasks=�止僵尸工作�任务
+dashboard.stop_endless_tasks=�止无�循环的工作�任务
+dashboard.cancel_abandoned_jobs=�消已放弃的工作�任务
+dashboard.start_schedule_tasks=�动工作�计划任务
 dashboard.sync_branch.started=分支�步已开始
 dashboard.sync_tag.started=标签�步已开始
 dashboard.rebuild_issue_indexer=�建工�索引
-dashboard.sync_repo_licenses=�新仓库许��探测
+dashboard.sync_repo_licenses=�新探测仓库许��
 
 users.user_manage_panel=用户�户管�
 users.new_account=创建新�户
@@ -2977,35 +2932,33 @@ users.2fa=两步验�
 users.repos=仓库数
 users.created=创建时间
 users.last_login=上次登录
-users.never_login=从未登录
 users.send_register_notify=��注册通知
-users.new_success=用户账户 '%s' 已被创建。
+users.new_success=用户账户「%s�已创建。
 users.edit=修改
 users.auth_source=认��
 users.local=本地
 users.auth_login_name=认�登录�称
 users.password_helper=��密�为空将�更改密�。
-users.update_profile_success=该�户已被更新。
+users.update_profile_success=该�户已更新。
 users.edit_account=编辑��
 users.max_repo_creation=最大仓库数
 users.max_repo_creation_desc=（设置为 -1 表示使用全局默认值）
-users.is_activated=该用户已被激活
+users.is_activated=该用户已激活
 users.prohibit_login=�用登录
 users.is_admin=是管�员
 users.is_restricted=��
 users.allow_git_hook=�许创建 Git 钩�
-users.allow_git_hook_tooltip=Git 钩�将会被以�作系统用户�行，将会拥有�样的主机访问��。因此，拥有此特殊的Git 钩���将能够访问�修改所有的 Gitea 仓库或者Gitea的数�库。�时也能获得Gitea的管�员��。
+users.allow_git_hook_tooltip=Git 钩�将会以�作系统用户�行，拥有�样的主机访问��。因此，拥有此特殊的 Git 钩���将能够访问�修改所有的 Gitea 仓库或者 Gitea 的数�库。�时也能获得 Gitea 的管�员��。
 users.allow_import_local=�许导入本地仓库
 users.allow_create_organization=�许创建组织
 users.update_profile=更新�户
 users.delete_account=删除�户
-users.cannot_delete_self=你�能删除自己
-users.still_own_repo=此用户�然拥有一个或多个仓库。必须首先删除或转让这些仓库。
+users.cannot_delete_self=您�能删除自己
+users.still_own_repo=此用户�然拥有一个或多个仓库。必须首先删除或转移这些仓库。
 users.still_has_org=此用户是组织的�员。必须先从组织中删除用户。
 users.purge=清�用户
-users.purge_help=强制删除用户和用户拥有的任何仓库�组织和软件包。所有评论也将被删除。
-users.still_own_packages=此用户�然拥有一个或多个软件包，请先删除这些软件包。
-users.deletion_success=用户�户已被删除。
+users.purge_help=强制删除用户和用户拥有的任何仓库�组织和软件包。所有评论也将删除。
+users.deletion_success=用户�户已删除。
 users.reset_2fa=�置两步验�
 users.list_status_filter.menu_text=过滤
 users.list_status_filter.reset=�置
@@ -3024,19 +2977,14 @@ users.details=用户详细信�
 emails.email_manage_panel=邮件管�
 emails.primary=主�的
 emails.activated=已激活
-emails.filter_sort.email=电�邮件
-emails.filter_sort.email_reverse=电�邮件(逆�)
 emails.filter_sort.name=用户�
-emails.filter_sort.name_reverse=用户�(倒�)
-emails.updated=电�邮件已更新
-emails.not_updated=无法更新请求的电�邮件地�： %v
-emails.duplicate_active=此电�邮件地�已被�一个用户激活使用。
-emails.change_email_header=更新电�邮件属性
-emails.change_email_text=您确定�更新该电�邮件地��？
-emails.delete=删除电�邮件
-emails.delete_desc=您确定�删除该电�邮件地�？
-emails.deletion_success=电�邮件地�已被删除。
-emails.delete_primary_email_error=您�能删除主电�邮件。
+emails.not_updated=无法更新请求的邮箱地�：%v
+emails.duplicate_active=此邮箱地�已被�一个用户激活使用。
+emails.change_email_header=更新邮箱属性
+emails.change_email_text=您确定�更新该邮箱地��？
+emails.delete=删除邮箱
+emails.delete_desc=您确定�删除该邮箱地�？
+emails.deletion_success=邮箱地�已删除。
 
 orgs.org_manage_panel=组织管�
 orgs.name=�称
@@ -3056,7 +3004,7 @@ repos.lfs_size=LFS 大�
 
 packages.package_manage_panel=软件包管�
 packages.total_size=总大�：%s
-packages.unreferenced_size=未引用大�： %s
+packages.unreferenced_size=未引用大�：%s
 packages.cleanup=清�过期数�
 packages.cleanup.success=清�过期数��功
 packages.owner=所有者
@@ -3068,13 +3016,13 @@ packages.repository=仓库
 packages.size=大�
 packages.published=已�布
 
-defaulthooks=默认Web钩�
+defaulthooks=默认 Web 钩�
 defaulthooks.desc=当�些 Gitea 事件触�时，Web 钩�自动��务器�出 HTTP POST 请求。这里定义的 Web 钩�是默认�置，将被�制到所有新的仓库中。详情请访问 <a target="_blank" rel="noopener" href="%s">Web 钩�指�</a>。
-defaulthooks.add_webhook=添加默认Web 钩�
+defaulthooks.add_webhook=添加默认 Web 钩�
 defaulthooks.update_webhook=更新默认 Web 钩�
 
 systemhooks=系统 Web 钩�
-systemhooks.desc=当�些 Gitea 事件触�时，Web 钩�自动��务器�出HTTP POST请求。这里定义的 Web 钩�将作用于系统上的所有仓库，所以请考虑这�能带�的任何性能影�。了解详情请访问 <a target="_blank" rel="noopener" href="%s">Web 钩�指�</a>。
+systemhooks.desc=当�些 Gitea 事件触�时，Web 钩�自动��务器�出 HTTP POST 请求。这里定义的 Web 钩�将作用于系统上的所有仓库，所以请考虑这�能带�的任何性能影�。了解详情请访问 <a target="_blank" rel="noopener" href="%s">Web 钩�指�</a>。
 systemhooks.add_webhook=添加系统 Web 钩�
 systemhooks.update_webhook=更新系统 Web 钩�
 
@@ -3096,7 +3044,7 @@ auths.bind_password=绑定密�
 auths.user_base=用户�索基准
 auths.user_dn=用户 DN
 auths.attribute_username=用户�属性
-auths.attribute_username_placeholder=置空将使用Gitea的用户�。
+auths.attribute_username_placeholder=置空将使用 Gitea 的用户�。
 auths.attribute_name=�字属性
 auths.attribute_surname=姓�属性
 auths.attribute_mail=电�邮箱属性
@@ -3130,7 +3078,7 @@ auths.helo_hostname=HELO 主机�
 auths.helo_hostname_helper=用 HELO ��的主机�。 留空��当�主机�。
 auths.disable_helo=�用 HELO
 auths.pam_service_name=PAM �务�称
-auths.pam_email_domain=PAM 电�邮件域(�选)
+auths.pam_email_domain=PAM 邮件域（�选）
 auths.oauth2_provider=OAuth2 �供程�
 auths.oauth2_icon_url=图标 URL
 auths.oauth2_clientID=客户端 ID （键）
@@ -3139,8 +3087,8 @@ auths.openIdConnectAutoDiscoveryURL=OpenID 连接自动�现 URL
 auths.oauth2_use_custom_url=使用自定义的 URL 而�是默认的 URL
 auths.oauth2_tokenURL=令牌 URL
 auths.oauth2_authURL=授� URL
-auths.oauth2_profileURL=Profile URL
-auths.oauth2_emailURL=电�邮件 URL
+auths.oauth2_profileURL=个人资料 URL
+auths.oauth2_emailURL=邮箱 URL
 auths.skip_local_two_fa=跳过本地两步验�
 auths.skip_local_two_fa_helper=�设置�味�设置了两步验�的本地用户�然需�通过两步验��能登录
 auths.oauth2_tenant=租户
@@ -3150,41 +3098,34 @@ auths.oauth2_required_claim_name_helper=设置此å��称，å�ªæœ‰å…·æœ‰æ­¤å��称ç
 auths.oauth2_required_claim_value=必须填写 Claim 声明的值
 auths.oauth2_required_claim_value_helper=设置此值，�有拥有对应的声明（Claim）的�称和值的用户�被�许从此�登录
 auths.oauth2_group_claim_name=用于�供用户组�称的 Claim 声明�称。(�选)
-auths.oauth2_admin_group=管�员用户组的 Claim 声明值。(�选 - 需�上�的声明�称)
-auths.oauth2_restricted_group=��用户组的 Claim 声明值。(�选 - 需�上�的声明�称)
-auths.oauth2_map_group_to_team=映射声明的组到组织团队。（�选 - �求在上�填写声明的�字）
+auths.oauth2_ssh_public_key_claim_name=SSH 公钥声明�称
 auths.oauth2_map_group_to_team_removal=如果用户�属于相应的组，从已�步团队中移除用户
 auths.enable_auto_register=�许用户自动注册
 auths.sspi_auto_create_users=自动创建用户
-auths.sspi_auto_create_users_helper=�许 SSPI 认�在用户第一次登录时自动创建新账�
 auths.sspi_auto_activate_users=自动激活用户
 auths.sspi_auto_activate_users_helper=�许 SSPI 认�自动激活新用户
 auths.sspi_strip_domain_names=从用户�中删除域�部分
-auths.sspi_strip_domain_names_helper=如果选中此项，域�将从登录�中删除(例如，"DOMAIN\user"和"user@example.org"，两者都将���是“用户�)。
 auths.sspi_separator_replacement=�使用的分隔符代替\, / 和 @
-auths.sspi_separator_replacement_helper=用于替�下级登录�称分隔符的字符 (例如 "DOMAIN\user") 中的 \ 和用户主�字(如"user@example.org"中的 @)。
 auths.sspi_default_language=默认语言
-auths.sspi_default_language_helper=SSPI 认�方法为用户自动创建的默认语言。如果您想�自动检测到语言，请留空。
 auths.tips=帮助�示
 auths.tips.oauth2.general=OAuth2 认�
 auths.tips.oauth2.general.tip=当注册新的 OAuth2 身份验�时，回调/�定� URL 应该是：
 auths.tip.oauth2_provider=OAuth2 �供程�
-auths.tip.bitbucket=在 %s 注册新的 OAuth 使用者�时添加��“账��-“读��
-auths.tip.nextcloud=使用下�的��“设置（Settings） -> 安全（Security） -> OAuth 2.0 client�在您的实例上注册一个新的 OAuth 客户端。
+auths.tip.bitbucket=在 %s 注册新的 OAuth 使用者�时添加��「账��-「读��
 auths.tip.dropbox=在 %s 上创建一个新的应用程�
-auths.tip.facebook=`在 %s 注册一个新的应用，并添加产�"Facebook 登录"`
+auths.tip.facebook=在 %s 注册一个新的应用，并添加产�「Facebook 登录�
 auths.tip.github=在 %s 注册一个 OAuth 应用程�
 auths.tip.gitlab_new=在 %s 注册一个新的应用
 auths.tip.google_plus=从谷歌 API 控制� %s 获得 OAuth2 客户端凭�
 auths.tip.openid_connect=使用 OpenID 连接�现 URL ({server}/.well-known/openid-configuration) �指定终点
-auths.tip.twitter=访问 %s，创建应用并确��用了"�许此应用程�用于登录 Twitter"的选项。
+auths.tip.twitter=访问 %s，创建应用并确��用了「�许此应用程�使用 Twitter 登录�的选项
 auths.tip.discord=在 %s 上注册新应用程�
 auths.tip.gitea=注册一个新的 OAuth2 应用程�。�以访问 %s 查看帮助
-auths.tip.yandex=在 %s 上创建一个新的应用程�。在“ Yandex.Passport API�这部分中选择以下��：“访问电�邮件地�（Access to email address）�，“访问用户头�（Access to user avatar）�和“访问用户�，�字和姓�，性别（Access to username, first name and surname, genderAccess to username, first name and surname, gender）�
+auths.tip.yandex=在 %s 上创建一个新的应用。在「Yandex.Passport API�这部分中选择以下��：「访问邮箱地��，「访问用户头��和「访问用户�，�字和姓�，性别�
 auths.tip.mastodon=输入您想�认�的 mastodon 实例的自定义 URL (或使用默认值)
 auths.edit=修改认��
 auths.activated=该认��已��用
-auths.new_success=已添加身份验� '%s'。
+auths.new_success=已添加身份验�「%s�。
 auths.update_success=认��已�更新。
 auths.update=更新认��
 auths.delete=删除认��
@@ -3192,10 +3133,10 @@ auths.delete_auth_title=删除身份验��
 auths.delete_auth_desc=删除一个认��将阻止使用它进行登录。确认？
 auths.still_in_used=认���在使用。请先解除或者删除使用此认��的用户。
 auths.deletion_success=认��已�更新。
-auths.login_source_exist=认�� '%s' 已�存在。
+auths.login_source_exist=认��「%s�已�存在。
 auths.login_source_of_type_exist=此类型的认��已存在。
-auths.unable_to_initialize_openid=无法�始化 OpenID Connect �供商： %s
-auths.invalid_openIdConnectAutoDiscoveryURL=无效的 Auto Discovery URL (这必须是一个以 http:// 或 https://开头的有效的 URL)
+auths.unable_to_initialize_openid=无法�始化 OpenID Connect �供商：%s
+auths.invalid_openIdConnectAutoDiscoveryURL=无效的自动�现 URL（这必须是一个以 http:// 或 https:// 开头的有效的 URL）
 
 config.server_config=�务器�置
 config.app_name=站点�称
@@ -3223,8 +3164,6 @@ config.ssh_domain=SSH �务器域�
 config.ssh_port=端�
 config.ssh_listen_port=监�端�
 config.ssh_root_path=根目录
-config.ssh_key_test_path=密钥测试路径
-config.ssh_keygen_path=密钥生�器（'ssh-keygen'）路径
 config.ssh_minimum_key_size_check=密钥最�长度检查
 config.ssh_minimum_key_sizes=密钥最�长度�制
 
@@ -3238,16 +3177,16 @@ config.db_type=类型
 config.db_host=主机
 config.db_name=数�库�称
 config.db_user=用户�
-config.db_schema=架构模�
+config.db_schema=架构
 config.db_ssl_mode=SSL
 config.db_path=数�库路径
 
 config.service_config=�务�置
-config.register_email_confirm=需�电�邮件确认注册
+config.register_email_confirm=需�邮件确认注册
 config.disable_register=�止用户注册
-config.allow_only_internal_registration=��许通过 Gitea 进行注册
+config.allow_only_internal_registration=仅�许通过 Gitea 进行注册
 config.allow_only_external_registration=仅�许通过外部�务注册
-config.enable_openid_signup=�用 OpenID 自注册
+config.enable_openid_signup=�用 OpenID 自助注册
 config.enable_openid_signin=�用 OpenID 登录
 config.show_registration_button=显示注册按钮
 config.require_sign_in_view=�用登录访问�制
@@ -3255,12 +3194,12 @@ config.mail_notify=�用邮件通知
 config.enable_captcha=�用登录验��
 config.active_code_lives=激活用户链接有效期
 config.reset_password_code_lives=��账户验��过期时间
-config.default_keep_email_private=默认情况下��电�邮件地�
+config.default_keep_email_private=默认��邮箱地�
 config.default_allow_create_organization=默认情况下�许创建组织
 config.enable_timetracking=�用时间跟踪
 config.default_enable_timetracking=默认情况下�用时间跟踪
 config.default_allow_only_contributors_to_track_time=仅�许�员跟踪时间
-config.no_reply_address=��电�邮件域
+config.no_reply_address=��邮件域
 config.default_visibility_organization=新组织的默认��性
 config.default_enable_dependencies=默认情况下�用工��赖
 
@@ -3271,7 +3210,7 @@ config.skip_tls_verify=跳过 TLS 验�
 
 config.mailer_config=Mailer �置
 config.mailer_enabled=�用�务
-config.mailer_enable_helo=�用HELO
+config.mailer_enable_helo=�用 HELO
 config.mailer_name=任务�称
 config.mailer_protocol=�议
 config.mailer_smtp_addr=SMTP 地�
@@ -3282,11 +3221,10 @@ config.mailer_sendmail_path=Sendmail 路径
 config.mailer_sendmail_args=Sendmail 的�外�数
 config.mailer_sendmail_timeout=Sendmail 超时
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=电�邮� (例如，test@example.com)
 config.send_test_mail=��测试邮件
 config.send_test_mail_submit=��
-config.test_mail_failed=��测试邮件至 '%s' 时失败：%v
-config.test_mail_sent=测试邮件已���至 '%s'。
+config.test_mail_failed=��测试邮件至「%s�失败：%v
+config.test_mail_sent=测试邮件已���至「%s�。
 
 config.oauth_config=OAuth �置
 config.oauth_enabled=�用
@@ -3298,7 +3236,7 @@ config.cache_conn=Cache 连接字符串
 config.cache_item_ttl=缓存项目 TTL
 config.cache_test=测试缓存
 config.cache_test_failed=缓存测试失败： %v。
-config.cache_test_slow=缓存测试�功，但�应缓慢： %s。
+config.cache_test_slow=缓存测试�功，但�应缓慢：%s。
 config.cache_test_succeeded=缓存测试�功，在 %s 时间内得到�应。
 
 config.session_config=Session �置
@@ -3339,7 +3277,7 @@ config.set_setting_failed=设置 %s 失败
 
 monitor.stats=统计
 
-monitor.cron=Cron 任务
+monitor.cron=计划任务
 monitor.name=任务�称
 monitor.schedule=任务安排
 monitor.next=下次执行时间
@@ -3347,6 +3285,7 @@ monitor.previous=上次执行时间
 monitor.execute_times=执行次数
 monitor.process=�行中进程
 monitor.stacktrace=调用栈踪迹
+monitor.trace=追踪
 monitor.performance_logs=性能日志
 monitor.processes_count=%d 个进程
 monitor.download_diagnosis_report=下载诊断报告
@@ -3355,11 +3294,10 @@ monitor.start=开始时间
 monitor.execute_time=执行时长
 monitor.last_execution_result=结果
 monitor.process.cancel=中止进程
-monitor.process.cancel_desc=中止一个进程�能导致数�丢失
 monitor.process.children=�进程
 
 monitor.queues=队列
-monitor.queue=队列： %s
+monitor.queue=队列：%s
 monitor.queue.name=�称
 monitor.queue.type=类型
 monitor.queue.exemplar=数�类型
@@ -3370,13 +3308,12 @@ monitor.queue.numberinqueue=队列中的数�
 monitor.queue.review_add=查看 / 添加工作者
 monitor.queue.settings.title=池设置
 monitor.queue.settings.desc=因为工作者队列阻塞，池正在动�扩展。
-monitor.queue.settings.maxnumberworkers=最大工作者数�
 monitor.queue.settings.maxnumberworkers.placeholder=当� %[1]d
 monitor.queue.settings.maxnumberworkers.error=最大工作者数必须是数字
 monitor.queue.settings.submit=更新设置
 monitor.queue.settings.changed=设置已更新
 monitor.queue.settings.remove_all_items=移除全部
-monitor.queue.settings.remove_all_items_done=队列中的所有项目已被移除。
+monitor.queue.settings.remove_all_items_done=队列中的所有项目已移除。
 
 notices.system_notice_list=系统�示管�
 notices.view_detail_header=查看�示详情
@@ -3391,16 +3328,12 @@ notices.type_1=仓库
 notices.type_2=任务
 notices.desc=�示�述
 notices.op=�作
-notices.delete_success=系统通知已被删除。
+notices.delete_success=系统通知已删除。
 
 self_check.no_problem_found=尚未�现问题。
 self_check.startup_warnings=�动警告：
 self_check.database_collation_mismatch=期望数�库使用的校验方�：%s
-self_check.database_collation_case_insensitive=数�库正在使用一个校验 %s, 这是一个��感的校验. 虽然Gitea�以与它�作，但�能有一些罕�的情况�如预期的那样起作用。
-self_check.database_inconsistent_collation_columns=数�库正在使用%s的排�规则，但是这些列使用了�匹�的排�规则。这�能会造�一些�外问题。
-self_check.database_fix_mysql=对于MySQL/MariaDB用户，您�以使用“gitea doctor convert�命令�解决校验问题。 或者您也�以通过 "ALTER ... COLLATE ..." 这样的SQL �手动解决这个问题。
-self_check.database_fix_mssql=对于MSSQL用户，您现在�能通过"ALTER ... COLLATE ..."SQLs手动解决这个问题。
-self_check.location_origin_mismatch=当� URL (%[1]s) 与 Gitea 的 URL (%[2]s) �匹� 。 如果您正在使用��代�，请确�设置正确的“主机�和“X-转�-原始�标题。
+self_check.location_origin_mismatch=当� URL（%[1]s）与 Gitea 的 URL（%[2]s）�匹� 。 如果您正在使用��代�，请确�设置正确的「Host�和「X-Forwarded-Proto�标头。
 
 [action]
 create_repo=创建了仓库 <a href="%s">%s</a>
@@ -3408,10 +3341,10 @@ rename_repo=�命�仓库 <code>%[1]s</code> 为 <a href="%[2]s">%[3]s</a>
 commit_repo=推�到了仓库 <a href="%[1]s">%[4]s</a> 的 <a href="%[2]s">%[3]s</a> 分支
 create_issue=`创建了工� <a href="%[1]s">%[3]s#%[2]s</a>`
 close_issue=`关闭了工� <a href="%[1]s">%[3]s#%[2]s</a>`
-reopen_issue=`�新开�了工� <a href="%[1]s">%[3]s#%[2]s</a>`
+reopen_issue=`�新打开了工� <a href="%[1]s">%[3]s#%[2]s</a>`
 create_pull_request=`创建了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
 close_pull_request=`关闭了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
-reopen_pull_request=`�新开�了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
+reopen_pull_request=`�新打开了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
 comment_issue=`评论了工� <a href="%[1]s">%[3]s#%[2]s</a>`
 comment_pull=`评论了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
 merge_pull_request=`�并了�并请求 <a href="%[1]s">%[3]s#%[2]s</a>`
@@ -3479,12 +3412,10 @@ no_subscriptions=无订阅
 default_key=使用默认密钥签�
 error.extract_sign=无法��签�
 error.generate_hash=无法生��交的哈希
-error.no_committer_account=没有�户链接到�交者的电�邮件
+error.no_committer_account=没有�户链接到�交者的邮箱
 error.no_gpg_keys_found=找�到此签�对应的密钥
 error.not_signed_commit=未签�的�交
 error.failed_retrieval_gpg_keys=找�到任何与该�交者账�相关的密钥
-error.probable_bad_signature=警告�虽然数�库中有一个此ID的密钥，但它没有验�此�交�此�交是有疑问的。
-error.probable_bad_default_signature=警告�虽然默认密钥拥有此ID，但它没有验�此�交�此�交是有疑问的。
 
 [units]
 unit=�元
@@ -3522,10 +3453,10 @@ versions=版本
 versions.view_all=查看全部
 dependency.id=ID
 dependency.version=版本
-alpine.registry=通过在您的 <code>/etc/apk/repositories</code> 文件中添加 URL �设置此注册中心：
+search_in_external_registry=在 %s 中�索
 alpine.registry.key=下载注册中心公开的 RSA 密钥到 <code>/etc/apk/keys/</code> 文件夹�验�索引签�：
 alpine.registry.info=从下�的列表中选择 $branch 和 $repository。
-alpine.install=�安装包，请�行以下命令：
+alpine.install=�安装软件包，请�行以下命令：
 alpine.repository=仓库信�
 alpine.repository.branches=分支
 alpine.repository.repositories=仓库
@@ -3535,49 +3466,38 @@ arch.install=使用 pacman �步软件包：
 arch.repository=仓库信�
 arch.repository.repositories=仓库
 arch.repository.architectures=架构
-cargo.registry=在 Cargo �置文件中设置此注册中心(例如：<code>~/.cargo/config.toml</code>)：
 cargo.install=�使用 Cargo 安装软件包，请�行以下命令：
-chef.registry=在您的 <code>~/.chef/config.rb</code> 文件中设置此注册中心：
-chef.install=�安装包，请�行以下命令：
-composer.registry=在您的 <code>~/.composer/config.json</code> 文件中设置此注册中心：
+chef.install=�安装软件包，请�行以下命令：
 composer.install=�使用 Composer 安装软件包，请�行以下命令：
 composer.dependencies=�赖
 composer.dependencies.development=开��赖
 conan.details.repository=仓库
-conan.registry=从命令行设置此注册中心：
 conan.install=�使用 Conan 安装软件包，请�行以下命令：
-conda.registry=在您的 <code>.condarc</code> 文件中将此注册中心设置为 Conda 仓库：
 conda.install=�使用 Conda 安装软件包，请�行以下命令：
 container.details.type=镜�类型
 container.details.platform=平�
 container.pull=从命令行拉�镜�：
 container.images=镜�
+container.digest=摘�
 container.multi_arch=OS / Arch
 container.layers=镜�层
 container.labels=标签
 container.labels.key=é”®
 container.labels.value=值
-cran.registry=在您的 <code>Rprofile.site</code> 文件中设置此注册中心：
-cran.install=�安装包，请�行以下命令：
-debian.registry=从命令行设置此注册中心：
+cran.install=�安装软件包，请�行以下命令：
 debian.registry.info=从下�的列表中选择 $distribution 和 $component。
-debian.install=�安装包，请�行以下命令：
+debian.install=�安装软件包，请�行以下命令：
 debian.repository=仓库信�
 debian.repository.distributions=�行版
 debian.repository.components=组件
 debian.repository.architectures=架构
 generic.download=从命令行下载软件包：
 go.install=通过命令行安装软件包：
-helm.registry=从命令行设置此注册中心：
 helm.install=�安装包，请�行以下命令：
-maven.registry=在您项目的 <code>pom.xml</code> 文件中设置此注册中心：
-maven.install=�使用这个软件包，在 <code>pom.xml</code> 文件中的 <code>�赖项</code> �中包�以下内容：
 maven.install2=通过命令行�行：
 maven.download=�下载�赖项，请通过命令行�行：
-nuget.registry=从命令行设置此注册中心：
 nuget.install=�使用 Nuget 安装软件包，请�行以下命令：
 nuget.dependency.framework=目标框架
-npm.registry=在您项目的 <code>.npmrc</code> 文件中设置此注册中心：
 npm.install=�使用 npm 安装软件包，请�行以下命令：
 npm.install2=或将其添加到 package.json 文件：
 npm.dependencies=�赖项
@@ -3589,10 +3509,9 @@ npm.details.tag=标签
 pub.install=�使用 Dart 安装软件包，请�行以下命令：
 pypi.requires=需� Python
 pypi.install=�使用 pip 安装软件包，请�行以下命令：
-rpm.registry=从命令行设置此注册中心：
 rpm.distros.redhat=在基于 RedHat 的�行版
 rpm.distros.suse=在基于 SUSE 的�行版
-rpm.install=�安装包，请�行以下命令：
+rpm.install=�安装软件包，请�行以下命令：
 rpm.repository=仓库信�
 rpm.repository.architectures=架构
 rpm.repository.multiple_groups=此软件包�在多个组中使用。
@@ -3602,12 +3521,11 @@ rubygems.dependencies.runtime=�行时�赖
 rubygems.dependencies.development=开��赖
 rubygems.required.ruby=需� Ruby 版本
 rubygems.required.rubygems=需� RubyGem 版本
-swift.registry=从命令行设置此注册中心：
-swift.install=在你的 <code>Package.swift</code>文件中添加该包：
+swift.install=在您的 <code>Package.swift</code>文件中添加该包：
 swift.install2=并�行以下命令：
 vagrant.install=若�添加一个 Vagrant box，请�行以下命令：
 settings.link=将此软件包链接到仓库
-settings.link.description=如果您将一个软件包与一个代�库链接起�，软件包将显示在代�库的软件包列表中。
+settings.link.description=如果您将一个软件包与一个仓库链接起�，软件包将显示在仓库的软件包列表中。
 settings.link.select=选择仓库
 settings.link.button=更新仓库链接
 settings.link.success=仓库链接已�功更新。
@@ -3615,13 +3533,13 @@ settings.link.error=更新仓库链接失败。
 settings.delete=删除软件包
 settings.delete.description=删除软件包是永久性的，无法撤消。
 settings.delete.notice=您将�删除 %s (%s)。此�作是��逆的，您确定�？
-settings.delete.success=软件包已被删除。
+settings.delete.success=软件包已删除。
 settings.delete.error=删除软件包失败。
 owner.settings.cargo.title=Cargo 注册中心索引
 owner.settings.cargo.initialize=�始化索引
-owner.settings.cargo.initialize.description=使用 Cargo 注册中心时需�一个特殊索引的 Git 仓库。使用此选项将（�新）创建存储库并自动�置它。
-owner.settings.cargo.initialize.error=�始化Cargo索引失败： %v
-owner.settings.cargo.initialize.success=Cargo索引已��功创建。
+owner.settings.cargo.initialize.description=使用 Cargo 注册中心时需�一个特殊索引的 Git 仓库。使用此选项将（�新）创建仓库并自动�置它。
+owner.settings.cargo.initialize.error=�始化 Cargo 索引失败： %v
+owner.settings.cargo.initialize.success=Cargo 索引已��功创建。
 owner.settings.cargo.rebuild=�建索引
 owner.settings.cargo.rebuild.description=如果索引与存储的 Cargo 包��步，�建�能会有用。
 owner.settings.cargo.rebuild.error=无法�建 Cargo 索引: %v
@@ -3634,7 +3552,7 @@ owner.settings.cleanuprules.preview=清�规则预览
 owner.settings.cleanuprules.preview.overview=%d 个软件包计划被删除。
 owner.settings.cleanuprules.preview.none=清�规则与任何软件包都�匹�。
 owner.settings.cleanuprules.enabled=�用
-owner.settings.cleanuprules.pattern_full_match=应用规则到完整软件包�称
+owner.settings.cleanuprules.pattern_full_match=应用表达�到完整软件包�称
 owner.settings.cleanuprules.keep.title=与这些规则相匹�的版本�使与下�的删除规则相匹�，也将予以�留。
 owner.settings.cleanuprules.keep.count=�留最新的
 owner.settings.cleanuprules.keep.count.1=�个软件包1个版本
@@ -3652,24 +3570,30 @@ owner.settings.chef.keypair.description=需è¦�密钥对æ‰�能å�‘ Chef 注册中å
 
 [secrets]
 secrets=密钥
-description=Secrets 将被传给特定的 Actions，其它情况将�能读�
+description=密钥将被传给特定的工作�，其它情况无法读�。
 none=还没有密钥。
-creation=添加密钥
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=组织�述
-creation.name_placeholder=�区分大�写，字�数字或下划线�能以GITEA_ 或 GITHUB_ 开头。
-creation.value_placeholder=输入任何内容，开头和结尾的空白都会被�略
-creation.success=您的密钥 '%s' 添加�功。
-creation.failed=添加密钥失败。
+creation.name_placeholder=�区分大�写，仅�字�数字或下划线且�能以 GITEA_ 或 GITHUB_ 开头
+creation.value_placeholder=输入任何内容，开头和结尾的空白将会被忽略
+creation.description_placeholder=输入简短�述（�选）
+
+save_success=密钥「%s��存�功。
+save_failed=密钥�存失败。
+
+add_secret=添加密钥
+edit_secret=编辑密钥
 deletion=删除密钥
-deletion.description=删除密钥是永久性的，无法撤消。继续�？
-deletion.success=此Secret已被删除。
+deletion.description=删除密钥是永久性的且无法撤消。继续？
+deletion.success=此密钥已删除。
 deletion.failed=删除密钥失败。
 management=密钥管�
 
 [actions]
-actions=Actions
+actions=工作�
 
-unit.desc=管�Actions
+unit.desc=管�工作�
 
 status.unknown=未知
 status.waiting=等待中
@@ -3680,20 +3604,20 @@ status.cancelled=已�消
 status.skipped=已忽略
 status.blocked=阻塞中
 
-runners=Runners
-runners.runner_manage_panel=Runners管�
-runners.new=创建 Runner
+runners=�行器
+runners.runner_manage_panel=�行器管�
+runners.new=创建新�行器
 runners.new_notice=如何�动一个�行器
 runners.status=状�
 runners.id=ID
 runners.name=�称
 runners.owner_type=类型
-runners.description=组织�述
+runners.description=�述
 runners.labels=标签
 runners.last_online=上次在线时间
-runners.runner_title=Runner
-runners.task_list=最近在此runner上的任务
-runners.task_list.no_tasks=还没有任务。
+runners.runner_title=�行器
+runners.task_list=最近在此�行器上的任务
+runners.task_list.no_tasks=目�还没有任务。
 runners.task_list.run=执行
 runners.task_list.status=状�
 runners.task_list.repository=仓库
@@ -3702,27 +3626,27 @@ runners.task_list.done_at=完�于
 runners.edit_runner=编辑�行器
 runners.update_runner=更新更改
 runners.update_runner_success=�行器更新�功
-runners.update_runner_failed=更新�行器失败
-runners.delete_runner=删除�行器
+runners.update_runner_failed=�行器更新失败
+runners.delete_runner=删除此�行器
 runners.delete_runner_success=�行器删除�功
-runners.delete_runner_failed=删除�行器失败
+runners.delete_runner_failed=�行器删除失败
 runners.delete_runner_header=确认�删除此�行器
-runners.delete_runner_notice=如果一个任务正在�行在此�行器上，它将被终止并标记为失败。它�能会打断正在构建的工作�。
-runners.none=无�用的 Runner
+runners.none=无�用�行器
 runners.status.unspecified=未知
 runners.status.idle=空闲
-runners.status.active=激活
+runners.status.active=�用
 runners.status.offline=离线
 runners.version=版本
 runners.reset_registration_token=�置注册令牌
+runners.reset_registration_token_confirm=是��销当�令牌并生�一个新令牌？
 runners.reset_registration_token_success=�功�置�行器注册令牌
 
 runs.all_workflows=所有工作�
 runs.commit=�交
 runs.scheduled=已计划的
 runs.pushed_by=推�者
-runs.invalid_workflow_helper=工作��置文件无效。请检查您的�置文件： %s
-runs.no_matching_online_runner_helper=没有匹�标签的在线 runner： %s
+runs.invalid_workflow_helper=工作��置文件无效。请检查您的�置文件：%s
+runs.no_matching_online_runner_helper=没有匹� %s 标签的在线�行器
 runs.no_job_without_needs=工作�必须包�至少一个没有�赖关系的作业。
 runs.no_job=工作�必须包�至少一个作业
 runs.actor=�作者
@@ -3731,22 +3655,28 @@ runs.actors_no_select=所有�作者
 runs.status_no_select=所有状�
 runs.no_results=没有匹�的结果。
 runs.no_workflows=目�还没有工作�。
-runs.no_workflows.quick_start=�知�如何使用 Gitea Actions�？请查看 <a target="_blank" rel="noopener noreferrer" href="%s">快速�动指�</a>。
-runs.no_workflows.documentation=关于Gitea Actions的更多信�，请�阅 <a target="_blank" rel="noopener noreferrer" href="%s">文档</a>。
+runs.no_workflows.quick_start=�知�如何使用 Gitea 工作��？请查看<a target="_blank" rel="noopener noreferrer" href="%s">快速开始指�</a>。
+runs.no_workflows.documentation=关于 Gitea 工作�的更多信�，请�阅<a target="_blank" rel="noopener noreferrer" href="%s">文档</a>。
 runs.no_runs=工作�尚未�行过。
-runs.empty_commit_message=(空白的�交消�)
-runs.expire_log_message=旧的日志已被清除
+runs.empty_commit_message=（空白的�交消�）
+runs.expire_log_message=旧的日志已清除。
+runs.delete=删除工作��行
+runs.cancel=�消工作��行
+runs.delete.description=您确定�永久删除此工作��行�？此�作无法撤消。
+runs.not_done=此工作��行尚未完�。
+runs.view_workflow_file=查看工作�文件
 
 workflow.disable=�用工作�
-workflow.disable_success=工作� '%s' 已�功�用。
+workflow.disable_success=工作�「%s�已�功�用。
 workflow.enable=�用工作�
-workflow.enable_success=工作� '%s' 已�功�用。
+workflow.enable_success=工作�「%s�已�功�用。
 workflow.disabled=工作�已�用。
 workflow.run=�行工作�
-workflow.not_found=工作� %s 未找到。
-workflow.run_success=工作� %s 已�功�行。
+workflow.not_found=工作�「%s�未找到。
+workflow.run_success=工作�「%s�已�功�行。
 workflow.from_ref=使用工作�从
-workflow.has_workflow_dispatch=此 Workflow 有一个 Workflow_dispatch 事件触�器。
+workflow.has_workflow_dispatch=此工作�有一个 workflow_dispatch 事件触�器。
+workflow.has_no_workflow_dispatch=工作�「%s�没有 workflow_dispatch 事件触�器。
 
 need_approval_desc=该工作�由派生仓库的�并请求所触�，需�批准方��行。
 
@@ -3756,22 +3686,26 @@ variables.creation=添加��
 variables.none=目�还没有��。
 variables.deletion=删除��
 variables.deletion.description=删除��是永久性的，无法撤消。继续�？
-variables.description=��将被传给特定的 Actions，其它情况将�能读�
+variables.description=��将被传给特定的工作�，其它情况下无法读�。
 variables.id_not_exist=ID为 %d 的���存在。
 variables.edit=编辑��
-variables.deletion.failed=删除��失败。
-variables.deletion.success=��已被删除。
-variables.creation.failed=添加��失败。
-variables.creation.success=�� “%s� 添加�功。
-variables.update.failed=编辑��失败。
-variables.update.success=该��已被编辑。
+variables.deletion.failed=��删除失败。
+variables.deletion.success=��已删除。
+variables.creation.failed=��添加失败。
+variables.creation.success=��「%s�添加�功。
+variables.update.failed=��编辑失败。
+variables.update.success=��已编辑。
 
+logs.always_auto_scroll=总是自动滚动日志
+logs.always_expand_running=总是展开�行日志
 
 [projects]
 deleted.display_name=已删除项目
 type-1.display_name=个人项目
 type-2.display_name=仓库项目
 type-3.display_name=组织项目
+enter_fullscreen=全�
+exit_fullscreen=退出全�
 
 [git.filemode]
 changed_filemode=%[1]s -> %[2]s
diff --git a/options/locale/locale_zh-HK.ini b/options/locale/locale_zh-HK.ini
index b924faba09..0cf0de3ec4 100644
--- a/options/locale/locale_zh-HK.ini
+++ b/options/locale/locale_zh-HK.ini
@@ -364,7 +364,6 @@ file_history=文件歷�
 file_view_raw=查看原始文件
 file_permalink=永久連�
 
-stored_lfs=儲存到到 Git LFS
 
 editor.preview_changes=�覽更改
 editor.or=或
@@ -375,6 +374,7 @@ editor.create_new_branch=建立 <strong>新的分支</strong> 為此�交和開
 editor.cancel=�消
 editor.no_changes_to_show=沒有�以顯示的變更。
 
+
 commits.commits=次程�碼�交
 commits.author=作者
 commits.message=備註
@@ -416,7 +416,6 @@ issues.delete_branch_at=`刪除分支 <b>%s</b> %s`
 issues.filter_label=標籤篩�
 issues.filter_milestone=里程碑篩�
 issues.filter_assignee=指派人篩�
-issues.filter_assginee_no_assignee=無負責人
 issues.filter_type=類型篩�
 issues.filter_type.all_issues=所有�題
 issues.filter_type.assigned_to_you=指派給您的
@@ -425,7 +424,6 @@ issues.filter_type.mentioning_you=��您的
 issues.filter_sort=排�
 issues.filter_sort.latest=最新建立
 issues.filter_sort.oldest=最早建立
-issues.filter_sort.recentupdate=最近更新
 issues.filter_sort.leastupdate=最少更新
 issues.filter_sort.mostcomment=最多評論
 issues.filter_sort.leastcomment=最少評論
@@ -542,7 +540,6 @@ activity.new_issues_count_1=建立�題
 contributors.contribution_type.commits=�交歷�
 
 settings=儲存庫設定
-settings.desc=設定是您�以管�儲存庫設定的地方
 settings.options=儲存庫
 settings.collaboration.write=�寫權�
 settings.collaboration.read=�讀權�
@@ -570,7 +567,6 @@ settings.delete_notices_1=- 此�作 <strong>��以</strong> 被回滾。
 settings.delete_collaborator=移除�員
 settings.teams=組織團隊
 settings.add_webhook=建立 Webhook
-settings.webhook.test_delivery=測試推�
 settings.webhook.request=請求內容
 settings.webhook.response=響應內容
 settings.webhook.headers=標題
@@ -658,10 +654,11 @@ settings.visibility.private_shortname=�有庫
 
 settings.update_settings=更新組織設定
 settings.update_setting_success=組織設定已更新。
+
+
 settings.delete=刪除組織
 settings.delete_account=刪除當�組織
 settings.confirm_delete_account=確�刪除組織
-settings.delete_org_title=刪除組織
 settings.hooks_desc=新增 webhooks 將觸發在這個組織下 <strong>全部的儲存庫</strong> 。
 
 
@@ -817,8 +814,6 @@ config.ssh_enabled=已啟用
 config.ssh_port=埠
 config.ssh_listen_port=監�埠
 config.ssh_root_path=根路徑
-config.ssh_key_test_path=金鑰測試路徑
-config.ssh_keygen_path=金鑰產生 (' ssh-keygen ') 路徑
 config.ssh_minimum_key_size_check=金鑰最�大�檢查
 config.ssh_minimum_key_sizes=金鑰最�大�
 
@@ -963,8 +958,12 @@ conan.details.repository=儲存庫
 owner.settings.cleanuprules.enabled=已啟用
 
 [secrets]
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=組織�述
 
+
+
 [actions]
 
 
diff --git a/options/locale/locale_zh-TW.ini b/options/locale/locale_zh-TW.ini
index 10d6676ac5..10f103b82a 100644
--- a/options/locale/locale_zh-TW.ini
+++ b/options/locale/locale_zh-TW.ini
@@ -44,7 +44,6 @@ webauthn_use_twofa=使用來自手機的兩步驟驗證碼
 webauthn_error=無法讀�您的安全金鑰。
 webauthn_unsupported_browser=您的�覽器還�支� WebAuthn。
 webauthn_error_unknown=發生未知的錯誤，請�試一次。
-webauthn_error_insecure=WebAuthn �支�安全連線。想在 HTTP 上測試，您�以使用「localhost�或「127.0.0.1�
 webauthn_error_unable_to_process=伺�器無法執行您的請求。
 webauthn_error_duplicated=此請求��許使用這個安全金鑰。請確�該金鑰尚未註冊。
 webauthn_error_empty=您必須命�此金鑰。
@@ -128,7 +127,6 @@ pin=固定
 unpin=�消固定
 
 artifacts=檔案或工件
-confirm_delete_artifact=你確定�刪除這個檔案 '%s' 嗎？
 
 archived=已�存
 
@@ -164,29 +162,14 @@ no_results_found=找�到�果。
 internal_error_skipped=已略�內部錯誤：%s
 
 [search]
-search=�尋…
 type_tooltip=�尋類型
 fuzzy=模糊
-fuzzy_tooltip=包�與�尋詞接近的�果
 exact=精確
 exact_tooltip=�包�完全符�關�字的�果
-repo_kind=�尋儲存庫…
-user_kind=�尋使用者…
-org_kind=�尋組織…
-team_kind=�尋團隊…
-code_kind=�尋代碼…
 code_search_unavailable=�在無法使用原始碼�尋。請與網站管�員�絡。
 code_search_by_git_grep=目�的原始碼�尋�果是由「git grep��供。如果網站管�者啟用 Repository Indexer �能�以�供更好的�果。
-package_kind=�尋軟體包...
-project_kind=�尋專案…
-branch_kind=�尋分支…
-tag_kind=�尋標籤…
 tag_tooltip=�尋符�的標籤。使用「%�以比�任�長度的數字。
-commit_kind=�尋�交歷�…
-runner_kind=�尋 Runner...
 no_results=找�到符�的�果。
-issue_kind=�尋議題…
-pull_kind=�尋�併請求...
 keyword_search_unavailable=�在無法使用關�字�尋。請與網站管�員�絡。
 
 [aria]
@@ -222,8 +205,6 @@ buttons.enable_monospace_font=啟用等寬字型
 buttons.disable_monospace_font=�用等寬字型
 
 [filter]
-string.asc=A - Z
-string.desc=Z - A
 
 [error]
 occurred=發生錯誤
@@ -260,16 +241,10 @@ path=資料庫檔案路徑
 sqlite_helper=SQLite3 或 TiDB 資料庫的檔案路徑。<br>如果將 Gitea 註冊為�務執行，請輸入絕�路徑。
 reinstall_error=您正試圖安�到既有的 Gitea 資料庫中
 reinstall_confirm_message=使用既有的 Gitea 資料庫來安��能造�多種�題。大部分的情形下您應使用既有的「app.ini�來執行 Gitea。如果您知�自己正在�什麼，請確�下列事項：
-reinstall_confirm_check_1=您�能會�失以 app.ini 中 SECRET_KEY 所加密的資料：使用者或將無法�以 2FA/OTP 方�登入����能無法正常�作。核�此方塊代表您確�目�的 app.ini 包�正確的 SECRET_KEY。
-reinstall_confirm_check_2=儲存庫和設定�能需��新�步。核�此方塊代表您確�您將會手動�新�步儲存庫的 Hook 和 SSH authorized_keys 檔案。您確�您會確�儲存庫和��設定正確。
 reinstall_confirm_check_3=您確�您絕�肯定此 Gitea 在正確的 app.ini �置上執行，而且您確定您必須�新安�。您確�您瞭解上述風險。
 err_empty_db_path=SQLite3 資料庫路徑��以為空。
 no_admin_and_disable_registration=您�能夠在未建立管�員使用者的情�下�止註冊。
 err_empty_admin_password=管�員密碼�能為空。
-err_empty_admin_email=管�員信箱�能為空。
-err_admin_name_is_reserved=無效的管�員帳號，帳號已被�留
-err_admin_name_pattern_not_allowed=無效的管�員帳號，該帳號符��留�則
-err_admin_name_is_invalid=無效的管�員帳號
 
 general_title=一般設定
 app_name=網站標題
@@ -285,7 +260,6 @@ domain_helper=伺�器的域�或主機�置。
 ssh_port=SSH 伺�器埠
 ssh_port_helper=SSH 伺�器使用的埠號，留空以�用此設定。
 http_port=Gitea HTTP 埠
-http_port_helper=Gitea 的網�伺�器�接�的埠號。
 app_url=Gitea 基本 URL
 app_url_helper=用於 HTTP(S) Clone 和電�郵件通知的基本網�。
 log_root_path=日誌路徑
@@ -349,7 +323,6 @@ no_reply_address=隱�電�信箱域�
 no_reply_address_helper=作為隱�電�信箱使用者的域�。例如，如果隱�的電�信箱域�設定為「noreply.example.org�，帳號「joe�將以「joe@noreply.example.org�的身分登錄到 Git 中。
 password_algorithm=密碼雜湊演算法
 invalid_password_algorithm=無效的密碼雜湊演算法
-password_algorithm_helper=設定密碼雜湊演算法。演算法有��的需求與強度。argon2 演算法雖然較安全但會使用大�記憶體，�能��用於�型系統。
 enable_update_checker=啟用更新檢查器
 enable_update_checker_helper=定期連線到 gitea.io 檢查更新。
 env_config_keys=環境組態設定
@@ -414,8 +387,6 @@ allow_password_change=�求使用者更改密碼 (推薦)
 reset_password_mail_sent_prompt=確�信已發�至 <b>%s</b>。請在 %s內檢查您的收件匣並完�帳戶救�作業。
 active_your_account=啟用您的帳戶
 account_activated=帳戶已啟用
-prohibit_login=�止登入
-prohibit_login_desc=您的帳戶被�止登入，請�絡網站管�員
 resent_limit_prompt=抱歉，您請求發�驗證電�郵件太�頻�，請等待 3 分�後�試一次。
 has_unconfirmed_mail=%s 您好，您有一�發�至( <b>%s</b>) 但未被確�的郵件。如果您未收到啟用郵件，或需��新發�，請單擊下方的按鈕。
 change_unconfirmed_mail_address=如果您註冊的電�郵件地�有錯誤，您�以在這邊更正，並�新寄�確�郵件。
@@ -446,23 +417,18 @@ oauth_signin_title=登入以授權連�帳戶
 oauth_signin_submit=連�帳戶
 oauth.signin.error.access_denied=授權請求被拒絕。
 oauth.signin.error.temporarily_unavailable=授權失敗，因為�證伺�器暫時無法使用。請�後�試。
-oauth_callback_unable_auto_reg=自助註冊已啟用，但是 OAuth2 �供者 %[1]s 回傳的�果缺少欄�：%[2]s，導致無法自動建立帳號。請建立新帳號或是連�至既存的帳號，或是�絡網站管�者。
 openid_connect_submit=連接
 openid_connect_title=連接到�有帳戶
 openid_connect_desc=所�的 OpenID URI 未知。在這裡連�一個新帳戶。
 openid_register_title=建立新帳戶
 openid_register_desc=所�的 OpenID URI 未知。在這裡連�一個新帳戶。
 openid_signin_desc=輸入您的 OpenID ��。例如：alice.openid.example.org 或是 https://openid.example.org/alice。
-disable_forgot_password_mail=由於未設定電�郵件功能，帳戶救�功能已被�用。請與網站管�員�絡。
-disable_forgot_password_mail_admin=帳戶救�功能需�設定電�郵件功能�能使用。請設定電�郵件功能以啟用帳戶救�功能。
 email_domain_blacklisted=您無法使用您的電�信箱註冊帳號。
 authorize_application=授權應用程�
 authorize_redirect_notice=如果您授權此應用程�，您將會被�新導�至 %s。
 authorize_application_created_by=此應用程�是由 %s 建立的。
-authorize_application_description=如果您�許，它將能夠讀�和修改您的所有帳戶資訊，包括�有儲存庫和組織。
 authorize_title=授權「%s�存�您的帳戶？
 authorization_failed=授權失效
-authorization_failed_desc=授權失敗，因為我們�測到無效的請求。請�絡您欲授權之應用程�的維護人員。
 sspi_auth_failed=SSPI �證失敗
 password_pwned=您�擇的密碼已被列於<a target="_blank" rel="noopener noreferrer" href="%s">被盜密碼清單</a>中，該清單因公共資料外洩而暴露。請試試其他密碼。
 password_pwned_err=無法完�� HaveIBeenPwned 的請求。
@@ -487,8 +453,6 @@ activate_email.text=請在 <b>%s</b>內點擊下列連çµ�以驗證您的電å­�ä¿
 
 register_notify=歡迎來到 Gitea
 register_notify.title=%[1]s，歡迎來到 %[2]s
-register_notify.text_1=這是您在 %s 的註冊確�信�
-register_notify.text_2=您�在�以用帳號 %s 登入。
 register_notify.text_3=如果這是由管�員為您建立的帳戶，請先<a href="%s">設定您的密碼</a>。
 
 reset_password=救�您的帳戶
@@ -526,7 +490,6 @@ release.download.targz=原始碼 (TAR.GZ)
 repo.transfer.subject_to=%s 想�把「%s�轉移給 %s
 repo.transfer.subject_to_you=%s 想�把「%s�轉移給您
 repo.transfer.to_you=您
-repo.transfer.body=請造訪 %s 以接�或拒絕轉移，您也�以忽略它。
 
 repo.collaborator.added.subject=%s 把您加入到 %s
 repo.collaborator.added.text=您已被新增為儲存庫的�作者：
@@ -578,7 +541,6 @@ url_error=`「%s�是無效的 URL。`
 include_error=` 必須包��字串「%s�。`
 glob_pattern_error=` glob 比�模�無效：%s.`
 regex_pattern_error=` 正�表示�模�無效：%s.`
-username_error=`�能包�英文字�數字 ('0-9'�'a-z'�'A-Z')�破折號 ('-')�底線 ('_')��點 ('.')，�能以�英文字�數字開頭或�尾，也��許連續的�英文字�數字。`
 invalid_group_team_map_error=` �應無效: %s`
 unknown_error=未知錯誤：
 captcha_incorrect=驗證碼�正確。
@@ -593,17 +555,14 @@ username_has_not_been_changed=使用者�稱並未變更
 repo_name_been_taken=儲存庫�稱已被使用。
 repository_force_private=已啟用「強制�有�：�有儲存庫�能被公開。
 repository_files_already_exist=此儲存庫的檔案已存在，請�絡系統管�有。
-repository_files_already_exist.adopt=此儲存庫的檔案已存在，並且�能被接管。
 repository_files_already_exist.delete=此儲存庫的檔案已存在，您必須刪除它們。
 repository_files_already_exist.adopt_or_delete=此儲存庫的檔案已存在，您�以接管或刪除它們。
 visit_rate_limit=�端造訪已�用�上�。
-2fa_auth_required=�端造訪需�兩步驟驗證。
 org_name_been_taken=組織�稱已被使用。
 team_name_been_taken=團隊�稱已被使用。
 team_no_units_error=請至少�擇一個儲存庫�域。
 email_been_used=此電�信箱已被使用
 email_invalid=此電�信箱無效。
-email_domain_is_not_allowed=使用者的電�郵件地� <b>%s</b> 與電�郵件域��許清單或是電�郵件域��止清單有��。請確�您�期執行這個動作。
 openid_been_used=OpenID ��「%s�已被使用。
 username_password_incorrect=帳號或密碼�正確
 password_complexity=密碼複雜度沒有通�以下的�求:
@@ -628,14 +587,8 @@ invalid_ssh_key=無法驗證您的 SSH 密鑰：%s
 invalid_gpg_key=無法驗證您的 GPG 密鑰：%s
 invalid_ssh_principal=無效的主體: %s
 must_use_public_key=您�供的金鑰是�有金鑰，請勿上傳您的�有金鑰到任何地方，請使用您的公鑰。
-unable_verify_ssh_key=無法驗證 SSH 金鑰，請�次檢查以��錯誤。
 auth_failed=授權�證失敗：%v
 
-still_own_repo=您的帳戶�有一個以上的儲存庫，請先刪除或轉移它們。
-still_has_org=您的帳戶是一個或多個組織的�員，請先離開它們。
-still_own_packages=您的帳戶�有一個以上的套件，請先刪除它們。
-org_still_own_repo=此組織�然�有一個以上的儲存庫，請先刪除或轉移它們。
-org_still_own_packages=此組織�然�有一個以上的套件，請先刪除它們。
 
 target_branch_not_exist=目標分支�存在
 target_ref_not_exist=目標�考�存在 %s
@@ -666,11 +619,9 @@ settings=使用者設定
 
 form.name_reserved=「%s�是�留的帳號。
 form.name_pattern_not_allowed=帳號��包�字元「%s�。
-form.name_chars_not_allowed=帳號「%s�包�無效字元。
 
 block.block=�鎖
 block.block.user=�鎖使用者
-block.block.org=為組織阻擋使用者
 block.block.failure=無法�鎖使用者: %s
 block.unblock=解除�鎖
 block.unblock.failure=無法解除�鎖使用者: %s
@@ -683,7 +634,6 @@ block.info_3=�� @mentioning 標記您的使用者�稱來通知您
 block.info_4=邀請您�為他們的儲存庫的�作者
 block.info_5=�儲存庫加上星號�建立分之或是關注儲存庫
 block.info_6=建立�題或是�併請求，或是�其進行留言
-block.info_7=�您在�題或是�併請求中的留言�出�應
 block.user_to_block=欲阻擋的使用者
 block.note=備註
 block.note.title=�用附註：
@@ -713,9 +663,6 @@ webauthn=安全金鑰
 public_profile=公開的個人資料
 biography_placeholder=告訴我們一些關於您的事情�! (您�以使用 Markdown)
 location_placeholder=與其他人分享您的大概�置
-profile_desc=控制您的個人檔案會如何呈�給其她使用者。您的主�電�郵件地�會被用於通知�密碼救�以�網�上的 Git �作。
-password_username_disabled=�本地使用者��許更改他們的帳號。詳細資訊請�絡您的系統管�員。
-password_full_name_disabled=您�被�許更改他們的全�。詳細資訊請�絡您的系統管�員。
 full_name=全�
 website=個人網站
 location=所在地�
@@ -733,7 +680,6 @@ cancel=�消
 language=語言
 ui=佈景主題
 hidden_comment_types=隱�的留言類型
-hidden_comment_types_description=此處勾�的評論類型將�會顯示在�題��內。例如勾�「標籤�將移除所有的"{user} 新增/移除{label}" 評論。
 hidden_comment_types.ref_tooltip=當這個�題在其他的�題��交…等地方被引用時的留言
 hidden_comment_types.issue_ref_tooltip=當使用者更改與這個�題相關�的分支�標籤時的留言
 comment_type_group_reference=�考
@@ -781,18 +727,14 @@ manage_themes=�擇�設佈景主題
 manage_openid=管� OpenID ��
 email_desc=您的主�電�信箱將用於通知�密碼�復以�（如果未隱�）基於網�的 Git �作。
 theme_desc=這將是您在整個網站上的�設佈景主題。
-theme_colorblindness_help=色盲主題支�
-theme_colorblindness_prompt=Gitea 剛�得了一些具有基本色盲支�的主題，其中僅定義了幾種�色。這項工作�在進行中。��在主題 CSS 檔案中定義更多�色�以完�更多改進。
 primary=主�
 activated=已啟用
 requires_activation=需�啟動
 primary_email=設為主�
 activate_email=寄出啟用信
 activations_pending=等待啟用中
-can_not_add_email_activations_pending=有一個待處�的啟用，若�新增電�信箱，請幾分�後�試。
 delete_email=移除
 email_deletion=移除電�信箱
-email_deletion_desc=電�信箱和相關資訊將從您的帳戶中刪除，由此電�信箱所�交的 Git 將���變，是�繼續？
 email_deletion_success=該電�信箱已被刪除
 theme_update_success=已更新佈景主題。
 theme_update_error=��的佈景主題�存在。
@@ -835,7 +777,6 @@ gpg_key_matched_identities_long=此金鑰中嵌入的身分符�此使用者已
 gpg_key_verified=已驗證的金鑰
 gpg_key_verified_long=金鑰已被 Token 驗證且�用來驗證符�此使用者已啟用的電�信箱的�交，以�任何符�此金鑰的身分。
 gpg_key_verify=é©—è­‰
-gpg_invalid_token_signature=�供的 GPG 金鑰�簽署�Token �符�或 Token 已�期。
 gpg_token_required=您必須為下列的 Token �供簽署
 gpg_token=Token
 gpg_token_help=您�以使用以下方法產生簽署：
@@ -845,7 +786,6 @@ verify_gpg_key_success=已驗證 GPG 金鑰「%s�。
 ssh_key_verified=已驗證的金鑰
 ssh_key_verified_long=金鑰已被 Token 驗證且�用來驗證符�此使用者已啟用的電�信箱的�交。
 ssh_key_verify=é©—è­‰
-ssh_invalid_token_signature=�供的 SSH 金鑰�簽署�Token �符�或 Token 已�期。
 ssh_token_required=您必須為下列的 Token �供簽署
 ssh_token=Token
 ssh_token_help=您�以使用以下方法產生簽署：
@@ -866,7 +806,6 @@ gpg_key_deletion=移除 GPG 金鑰
 ssh_principal_deletion=移除 SSH �證主體
 ssh_key_deletion_desc=刪除 SSH 金鑰將撤銷其�您帳戶的存�權�。是�繼續？
 gpg_key_deletion_desc=刪除 GPG 金鑰將�消驗證由其簽署的�交。是�繼續？
-ssh_principal_deletion_desc=移除 SSH �證主體將撤銷其�您帳戶的存�權�。是�繼續？
 ssh_key_deletion_success=SSH 金鑰已被移除。
 gpg_key_deletion_success=GPG 金鑰已被移除。
 ssh_principal_deletion_success=已移除主體。
@@ -925,7 +864,6 @@ create_oauth2_application_button=建立應用程�
 create_oauth2_application_success=您已�功建立新的 OAuth2 應用程�。
 update_oauth2_application_success=您已�功更新 OAuth2 應用程�。
 oauth2_application_name=應用程��稱
-oauth2_confidential_client=機密客戶端 (Confidential Client)。請為能��機密性的程�勾�，例如網�應用程�。使用原生程�時��勾�，包�桌��行動應用程�。
 oauth2_skip_secondary_authorization=授權一次後，跳�公用客戶端的二次授權。<strong>�能會帶來安全風險。</strong>
 oauth2_redirect_uris=�新導� URI，�行一個 URI。
 save_application=儲存
@@ -940,10 +878,8 @@ oauth2_application_remove_description=移除 OAuth2 應用程å¼�將阻止其存å
 oauth2_application_locked=Gitea 在啟動時會�先註冊一些 OAuth2 應用程�（如果在�置中啟用）。為防止�外行為，這些應用程�無法編輯或刪除。請�閱 OAuth2 文件以��更多資訊。
 
 authorized_oauth2_applications=已授權的 OAuth2 應用程�
-authorized_oauth2_applications_description=您已授權這些第三方應用程�存�您的 Gitea 帳戶。請撤銷��需�的應用程�的存�權。
 revoke_key=撤銷
 revoke_oauth2_grant=撤銷存�權
-revoke_oauth2_grant_description=撤銷此第三方應用程�的存�權，此應用程�就無法�存�您的資料。您確定嗎？
 revoke_oauth2_grant_success=�功撤銷存�權。
 
 twofa_desc=兩步驟驗證�以增強您的帳戶安全性。
@@ -953,7 +889,6 @@ twofa_not_enrolled=您的帳戶目�尚未啟用兩步驟驗證。
 twofa_disable=�用兩步驟驗證
 twofa_scratch_token_regenerate=�新產生備用驗證碼
 twofa_scratch_token_regenerated=您的單次使用�復密鑰�在是 %s。請將其存放在安全的地方，因為它�會�次顯示。
-twofa_enroll=啟用兩步驟驗證
 twofa_disable_note=如有需�，您�以�用兩步驟驗證。
 twofa_disable_desc=關閉兩步驟驗證會使您的帳戶安全性�低，是�繼續？
 regenerate_scratch_token_desc=如果您�失了備用驗證碼或已經使用它登入，您�以在此�新設定。
@@ -969,13 +904,11 @@ webauthn_desc=安全金鑰是包�加密密鑰的硬體設備，它們�以用
 webauthn_register_key=新增安全金鑰
 webauthn_nickname=暱稱
 webauthn_delete_key=移除安全金鑰
-webauthn_delete_key_desc=如果您移除安全金鑰，將�能�使用它登入。是�繼續？
 webauthn_key_loss_warning=如果您�失了安全金鑰，您將無法存�您的帳戶。
 webauthn_alternative_tip=您�能需�設定其他的驗證方法。
 
 manage_account_links=管�已連�的帳戶
 manage_account_links_desc=這些外部帳戶已連�到您的 Gitea 帳戶。
-account_links_not_available=目�沒有連�到您的 Gitea 帳戶的外部帳戶
 link_account=連�帳戶
 remove_account_link=刪除已連�的帳戶
 remove_account_link_desc=刪除連�帳戶將撤銷其� Gitea 帳戶的存�權�。是�繼續？
@@ -1032,7 +965,6 @@ fork_branch=�克隆到 fork 的分支
 all_branches=所有分支
 view_all_branches=查看所有分支
 view_all_tags=查看所有標籤
-fork_no_valid_owners=此儲存庫無法 fork，因為沒有有效的�有者。
 fork.blocked_user=無法 fork 儲存庫，因為您被儲存庫�有者�鎖。
 use_template=使用此範本
 open_with_editor=以 %s 開啟
@@ -1076,12 +1008,10 @@ mirror_sync=已�步
 mirror_sync_on_commit=推��交後進行�步
 mirror_address=從 URL Clone
 mirror_address_desc=在授權資訊中填入必�的資料。
-mirror_address_url_invalid=�供的 URL 無效。您必須正確轉義 URL 的所有組件。
 mirror_address_protocol_invalid=�供的 URL 無效。僅�使用 http(s):// 或 git:// �置進行��。
 mirror_lfs=大型檔案存儲 (LFS)
 mirror_lfs_desc=啟動 LFS 檔案的��功能。
 mirror_lfs_endpoint=LFS 端點
-mirror_lfs_endpoint_desc=�步將會嘗試使用 Clone URL 來<a target="_blank" rel="noopener noreferrer" href="%s">確� LFS 伺�器</a>。如果存儲庫的 LFS 資料放在其他地方，您也�以指定自訂的端點。
 mirror_last_synced=上次�步
 mirror_password_placeholder=(未變更)
 mirror_password_blank_placeholder=(未設定)
@@ -1094,7 +1024,6 @@ stars=星
 reactions_more=�多添加 %d個
 unit_disabled=網站管�員已經�用這個儲存庫�域。
 language_other=其他
-adopt_search=輸入帳號以�尋未接管的儲存庫... (留白以查詢全部)
 adopt_preexisting_label=接管檔案
 adopt_preexisting=接管既有的檔案
 adopt_preexisting_content=從 %s 建立儲存庫
@@ -1133,8 +1062,6 @@ template.issue_labels=�題標籤
 template.one_item=至少須�擇一個範本項目
 template.invalid=必須�擇一個儲存庫範本
 
-archive.title=此儲存庫已�存。您�以查看檔案並進行 Clone，但無法推�或開啟�題或�併請求。
-archive.title_date=此儲存庫已於 %s �存。您�以查看檔案並進行 Clone，但無法推�或開啟�題或�併請求。
 archive.issue.nocomment=此儲存庫已�存，您�能在�題上留言。
 archive.pull.nocomment=此儲存庫已�存，您�能在�併請求上留言。
 
@@ -1151,7 +1078,6 @@ migrate_options_lfs=�移 LFS 檔案
 migrate_options_lfs_endpoint.label=LFS 端點
 migrate_options_lfs_endpoint.description=�移將會嘗試使用您的 Git Remote 來<a target="_blank" rel="noopener noreferrer" href="%s">確� LFS 伺�器</a>。如果存儲庫的 LFS 資料放在其他地方，您也�以指定自訂的端點。
 migrate_options_lfs_endpoint.description.local=�時也支�本地伺�器路徑。
-migrate_options_lfs_endpoint.placeholder=如果留空，端點將從 Clone URL 中推導出來
 migrate_items=�移項目
 migrate_items_wiki=Wiki
 migrate_items_milestones=里程碑
@@ -1163,10 +1089,8 @@ migrate_items_releases=版本發布
 migrate_repo=�移儲存庫
 migrate.clone_address=從 URL �移 / Clone
 migrate.clone_address_desc=�有存儲庫的 HTTP(S) 或 Git Clone URL
-migrate.github_token_desc=由於 GitHub API 的速率�制，您�在此輸入一個或多個由�形逗號「,�分隔的 Token 來加快�移速度。警告：濫用此功能�能會��該�務�供者的政策並導致帳戶被�鎖。
 migrate.clone_local_path=或者是本地端伺�器路徑
 migrate.permission_denied=您並沒有導入本地儲存庫的權�。
-migrate.permission_denied_blocked=您無法從未�許的主機匯入，請�絡管�員檢查以下設定值 ALLOWED_DOMAINS/ALLOW_LOCALNETWORKS/BLOCKED_DOMAINS
 migrate.invalid_local_path=無效的本地路徑，該路徑�存在或�是一個目錄。
 migrate.invalid_lfs_endpoint=該 LFS 端點無效。
 migrate.failed=�移失敗：%v
@@ -1174,7 +1098,6 @@ migrate.migrate_items_options=�移其他項目需� Access Token。
 migrated_from=已從 <a href="%[1]s">%[2]s</a> �移
 migrated_from_fake=已從 %[1]s �移
 migrate.migrate=從 %s �移
-migrate.migrating=正在從 <b>%s</b> �移...
 migrate.migrating_failed=從 <b>%s</b> �移失敗
 migrate.migrating_failed.error=�移失敗: %s
 migrate.migrating_failed_no_addr=�移失敗。
@@ -1220,7 +1143,6 @@ clone_this_repo=Clone 此儲存庫
 cite_this_repo=引用此儲存庫
 create_new_repo_command=從命令列建立新儲存庫。
 push_exist_repo=從命令列推�已存在的儲存庫
-empty_message=此儲存庫未包�任何內容。
 broken_message=無法讀�此儲存庫底層的 Git 資料。請�絡此 Gitea 執行個體的管�員或刪除此儲存庫。
 
 code=程�碼
@@ -1238,7 +1160,6 @@ projects=專案
 packages=套件
 actions=Actions
 labels=標籤
-org_labels_desc=組織層級標籤�用於此組織下的<strong>所有存儲庫</strong>。
 org_labels_desc_manage=管�
 
 milestone=里程碑
@@ -1275,7 +1196,6 @@ file_copy_permalink=複製固定連�
 view_git_blame=檢視 Git Blame
 video_not_supported_in_browser=您的�覽器�支�使用 HTML5 播放影片。
 audio_not_supported_in_browser=您的�覽器�支� HTML5 的「audio�標籤
-stored_lfs=已使用 Git LFS 儲存
 symbolic_link=符號連�
 executable_file=�執行檔
 vendored=已供應
@@ -1321,7 +1241,6 @@ editor.update=æ›´æ–° %s
 editor.delete=刪除 %s
 editor.patch=套用 Patch
 editor.patching=正在 Patch:
-editor.fail_to_apply_patch=無法套用 Patch「%s�
 editor.new_patch=新增 Patch
 editor.commit_message_desc=(�用) 加入詳細說明...
 editor.signoff_desc=在�交訊�底部加入�交者的「Signed-off-by�資訊。
@@ -1337,19 +1256,13 @@ editor.filename_is_invalid=檔�無效:「%s�。
 editor.branch_does_not_exist=此儲存庫沒有�為「%s�的分支。
 editor.branch_already_exists=此儲存庫已有�為「%s�的分支。
 editor.directory_is_a_file=目錄�稱「%s�已被此儲存庫的檔案使用。
-editor.file_is_a_symlink=`"%s" 是一個符號連�。符號連�無法在網�編輯器中編輯`
 editor.filename_is_a_directory=檔�「%s�已被此儲存庫的目錄�稱使用。
-editor.file_editing_no_longer_exists=正�編輯的檔案「%s�已�存在此儲存庫中。
-editor.file_deleting_no_longer_exists=正�刪除的檔案「%s�已�存在此儲存庫中。
 editor.file_changed_while_editing=檔案內容在您編輯的途中已被變更。<a target="_blank" rel="noopener noreferrer" href="%s">按一下此處</a>查看更動的地方或<strong>�次�交</strong>以覆蓋這些變更。
 editor.file_already_exists=此儲存庫已有�為「%s�的檔案。
-editor.commit_id_not_matching=�交 ID 與您開始編輯時的 ID �匹�。請�交到一個補�分支然後�併。
 editor.push_out_of_date=推�似乎已�時。
 editor.commit_empty_file_header=�交空白檔案
 editor.commit_empty_file_text=你準備�交的檔案是空白的，是�繼續？
 editor.no_changes_to_show=沒有�以顯示的變更。
-editor.fail_to_update_file=更新/建立檔案「%s�失敗。
-editor.fail_to_update_file_summary=錯誤訊�:
 editor.push_rejected_no_message=該變更被伺�器拒絕但未�供其他資訊。請檢查 Git Hook。
 editor.push_rejected=該變更被伺�器拒絕。請檢查 Git Hook。
 editor.push_rejected_summary=完整的拒絕訊�:
@@ -1364,6 +1277,7 @@ editor.require_signed_commit=分支僅接�經簽署的�交
 editor.cherry_pick=Cherry-pick %s 到：
 editor.revert=還原 %s 到：
 
+
 commits.desc=�覽原始碼修改歷程。
 commits.commits=次程�碼�交
 commits.no_commits=沒有共�的�交。「%s�和「%s�的歷�完全��。
@@ -1461,7 +1375,6 @@ issues.new.clear_assignees=清除負責人
 issues.new.no_assignees=沒有負責人
 issues.new.no_reviewers=沒有審核者
 issues.new.blocked_user=無法建立�題，因為您被儲存庫�有者�鎖。
-issues.edit.already_changed=無法儲存�題的變更。看起來內容已被其他使用者更改。請�新整���並�次嘗試編輯以��覆蓋他們的變更。
 issues.edit.blocked_user=無法編輯內容，因為您被發文者或儲存庫�有者�鎖。
 issues.choose.get_started=開始
 issues.choose.open_external_link=é–‹å•Ÿ
@@ -1530,7 +1443,6 @@ issues.filter_type.reviewed_by_you=由您審核
 issues.filter_sort=排�
 issues.filter_sort.latest=最新建立
 issues.filter_sort.oldest=最早建立
-issues.filter_sort.recentupdate=最近更新
 issues.filter_sort.leastupdate=最少更新
 issues.filter_sort.mostcomment=最多留言
 issues.filter_sort.leastcomment=最少留言
@@ -1642,7 +1554,6 @@ issues.pin_comment=固定於 %s
 issues.unpin_comment=�消固定於 %s
 issues.lock=鎖定�話
 issues.unlock=解鎖�話
-issues.lock.unknown_reason=由於未知的原因而無法鎖定�題。
 issues.lock_duplicate=�題無法被鎖定兩次。
 issues.unlock_error=無法解鎖未被鎖定的�題。
 issues.lock_with_reason=因為 <strong>%s</strong> 而鎖定，並將�話設為�作者�定 %s
@@ -1650,7 +1561,6 @@ issues.lock_no_reason=鎖定並將�話設為�作者�定 %s
 issues.unlock_comment=解鎖這個�話 %s
 issues.lock_confirm=鎖定
 issues.unlock_confirm=解除鎖定
-issues.lock.notice_1=- 其他使用者�能在這個�題上新增留言。
 issues.lock.notice_2=- 你和此儲存庫的�作者�然�留言，其他人也能看到。
 issues.lock.notice_3=- 你以後�以隨時�解鎖這個�題。
 issues.unlock.notice_1=- 所有人將��此�題�次發表留言。
@@ -1698,7 +1608,6 @@ issues.due_date_form=yyyy年mm月dd日
 issues.due_date_form_add=新增截止日期
 issues.due_date_form_edit=編輯
 issues.due_date_form_remove=移除
-issues.due_date_not_writer=您需��此儲存庫的寫入權��能更新�題的截止日期。
 issues.due_date_not_set=未設定截止日期。
 issues.due_date_added=新增了截止日期 %s %s
 issues.due_date_modified=將截止日期從 %[2]s 修改為 %[1]s %[3]s
@@ -1721,9 +1630,7 @@ issues.dependency.pr_closing_blockedby=æ­¤å�ˆä½µè«‹æ±‚被下列å•�題阻擋而ç„
 issues.dependency.issue_closing_blockedby=此�題被下列�題阻擋而無法關閉
 issues.dependency.issue_close_blocks=因為此�題的阻擋，下列�題無法被關閉
 issues.dependency.pr_close_blocks=因為此�併請求的阻擋，下列�題無法被關閉
-issues.dependency.issue_close_blocked=在您關閉此�題以�，您必須先關閉所有阻擋它的�題。
 issues.dependency.issue_batch_close_blocked=無法批次關閉您�擇的�題，因為�題 #%d 還有開放中的先決�件。
-issues.dependency.pr_close_blocked=在您�併以�，您必須先關閉所有阻擋它的�題。
 issues.dependency.blocks_short=阻擋
 issues.dependency.blocked_by_short=先決於
 issues.dependency.remove_header=移除先決�件
@@ -1734,13 +1641,11 @@ issues.dependency.add_error_same_issue=您無法將å•�題設定為自己的先æ±
 issues.dependency.add_error_dep_issue_not_exist=先決�件�題�存在。
 issues.dependency.add_error_dep_not_exist=先決�件�存在。
 issues.dependency.add_error_dep_exists=先決�件已存在。
-issues.dependency.add_error_cannot_create_circular=您無法建立讓兩個�題互相阻擋的先決�件。
 issues.dependency.add_error_dep_not_same_repo=這兩個�題必須在�一個存儲庫中。
 issues.review.self.approval=您�能核�自己的�併請求。
 issues.review.self.rejection=您�能�自己的�併請求�出請求變更。
 issues.review.approve=核�了這些變更 %s
 issues.review.comment=已審核 %s
-issues.review.dismissed=�消 %s 的審核 %s
 issues.review.dismissed_label=已�消
 issues.review.left_comment=留下了回應
 issues.review.content.empty=您必須留下訊�指出需�修正的地方。
@@ -1748,7 +1653,6 @@ issues.review.reject=請求了變更 %s
 issues.review.wait=被請求進行審核 %s
 issues.review.add_review_request=請求了 %s 來審核 %s
 issues.review.remove_review_request=移除了� %s 的審核請求 %s
-issues.review.remove_review_request_self=拒絕了審核 %s
 issues.review.pending=待處�
 issues.review.pending.tooltip=目�其他使用者還�能看見此留言。��出您待定的留言請在��最上方�擇「%s�->「%s/%s/%s�。
 issues.review.review=審核
@@ -1770,7 +1674,6 @@ issues.review.requested=審核待處�
 issues.review.rejected=請求變更
 issues.review.stale=核准後已更新
 issues.review.unofficial=未計入的核准
-issues.assignee.error=因為未�期的錯誤，未能�功加入所有負責人。
 issues.reference_issue.body=內容
 issues.content_history.deleted=刪除
 issues.content_history.edited=編輯
@@ -1787,7 +1690,6 @@ pulls.desc=啟用�併請求和程�碼審核。
 pulls.new=建立�併請求
 pulls.new.blocked_user=無法建立�併請求，因為您被儲存庫�有者�鎖。
 pulls.new.must_collaborator=您必須是�作者�能建立�併請求。
-pulls.edit.already_changed=無法儲存�併請求的變更。看起來內容已被其他使用者更改。請�新整���並�次嘗試編輯以��覆蓋他們的變更。
 pulls.view=檢視�併請求
 pulls.compare_changes=建立�併請求
 pulls.allow_edits_from_maintainers=�許維護者編輯
@@ -1808,11 +1710,9 @@ pulls.show_all_commits=顯示所有�交
 pulls.show_changes_since_your_last_review=顯示自上次審核以來的變更
 pulls.showing_only_single_commit=僅顯示�交 %[1]s 的變更
 pulls.showing_specified_commit_range=僅顯示介於 %[1]s 和 %[2]s 之間的變更
-pulls.select_commit_hold_shift_for_range=�擇�交。按� Shift 並點擊以�擇範�
 pulls.review_only_possible_for_full_diff=僅在查看完整差異時�能進行審核
 pulls.filter_changes_by_commit=按�交篩�變更
 pulls.nothing_to_compare=這些分支的內容相�，無需建立�併請求。
-pulls.nothing_to_compare_have_tag=所�的分支/標籤相�。
 pulls.nothing_to_compare_and_allow_empty_pr=這些分支的內容相�，此�併請求將會是空白的。
 pulls.has_pull_request=`已有介於這些分支間的�併請求：<a href="%[1]s">%[2]s#%[3]d</a>`
 pulls.create=建立�併請求
@@ -1837,7 +1737,6 @@ pulls.add_prefix=加入 <strong>%s</strong> �綴
 pulls.remove_prefix=移除 <strong>%s</strong> �綴
 pulls.data_broken=此�併請求已�毀，因為�失 Fork 資訊。
 pulls.files_conflicted=此�併請求有變更和目標分支��。
-pulls.is_checking=正在進行�併��檢查，請�後�試。
 pulls.is_ancestor=這個分支已經�併到目標分支上。沒有�以�併的內容。
 pulls.is_empty=在這個分支上的更動都已經套用在目標分支上。這將會產生一個空的�交。
 pulls.required_status_check_failed=未通��些必�的檢查。
@@ -1861,33 +1760,22 @@ pulls.reject_count_1=%d 變更請求
 pulls.reject_count_n=%d 變更請求
 pulls.waiting_count_1=%d 等待審核
 pulls.waiting_count_n=%d 等待審核
-pulls.wrong_commit_id=�交 id 必須存在於目標分支上
 
 pulls.no_merge_desc=無法進行�併，因為所有儲存庫的�併�項已被�用。
 pulls.no_merge_helper=在儲存庫設定啟用�併�項或手動�併該�併請求。
 pulls.no_merge_wip=無法進行�併，因為它被標記為還在進行中。
-pulls.no_merge_not_ready=此�併請求還沒準備好被�併，請檢查審核狀態和狀態檢查。
 pulls.no_merge_access=您未被授權�併此�併請求。
 pulls.merge_pull_request=建立�併�交
-pulls.rebase_merge_pull_request=Rebase 後快轉
-pulls.rebase_merge_commit_pull_request=Rebase 後建立�併�交
 pulls.squash_merge_pull_request=建立 Squash �交
 pulls.merge_manually=手動�併
 pulls.merge_commit_id=�併�交 ID
 pulls.require_signed_wont_sign=該分支需�經簽署的�交，但此�併將�會被簽署。
 
 pulls.invalid_merge_option=您無法�此�併請求使用這個�併�項。
-pulls.merge_conflict=�併失敗：�併時發生��。 �示：請嘗試��的策略
 pulls.merge_conflict_summary=錯誤訊�
-pulls.rebase_conflict=�併失敗：Rebase �交時發生��：%[1]s。 �示：請嘗試��的策略
 pulls.rebase_conflict_summary=錯誤訊�
-pulls.unrelated_histories=�併失敗：��併的 HEAD 和基底分支沒有共�的歷�。 �示：請嘗試��的策略
-pulls.merge_out_of_date=�併失敗：產生�併時，基底已被更新。�示：�試一次。
-pulls.head_out_of_date=�併失敗：產生�併時，head 已被更新。�示：�試一次。
-pulls.has_merged=失敗：此�併請求已被�併，您�能�次�併或更改目標分支。
 pulls.push_rejected=�併失敗：此推�被拒絕。請檢查此儲存庫的 Git Hook。
 pulls.push_rejected_summary=完整的拒絕訊�
-pulls.push_rejected_no_message=�併失敗：此推�被拒絕但未�供其他資訊。<br>請檢查此儲存庫的 Git Hook。
 pulls.open_unmerged_pull_exists=`您�能�新開放，因為目�有相�的�併請求 (#%d) 正在進行中。`
 pulls.status_checking=還在進行一些檢查
 pulls.status_checks_success=已通�所有檢查
@@ -1910,9 +1798,7 @@ pulls.cmd_instruction_checkout_title=檢出
 pulls.cmd_instruction_checkout_desc=從您的專案儲存庫中，檢出一個新分支並測試變更。
 pulls.cmd_instruction_merge_title=�併
 pulls.cmd_instruction_merge_desc=�併變更並在 Gitea 上更新。
-pulls.cmd_instruction_merge_warning=警告：此�作無法�併�併請求，因為未啟用「自動檢測手動�併�
 pulls.clear_merge_message=清除�併訊�
-pulls.clear_merge_message_hint=清除�併訊�將僅移除�交訊�內容，留下產生的 git �尾，如「Co-Authored-By …�。
 
 pulls.auto_merge_button_when_succeed=(當通�檢查後)
 pulls.auto_merge_when_succeed=通�所有檢查後自動�併
@@ -1970,12 +1856,10 @@ milestones.filter_sort.most_issues=�題由多到少
 milestones.filter_sort.least_issues=�題由少到多
 
 signing.will_sign=此�交將使用金鑰「%s�簽署。
-signing.wont_sign.error=檢查�交是��以簽署時發生錯誤。
 signing.wont_sign.nokey=沒有�用的金鑰來簽署此�交。
 signing.wont_sign.never=�交從�簽署。
 signing.wont_sign.always=�交總是簽署。
 signing.wont_sign.pubkey=�交�會被簽署，因為您的帳戶沒有關�的公鑰。
-signing.wont_sign.twofa=您必須啟用雙因素驗證�能簽署�交。
 signing.wont_sign.parentsigned=�交�會被簽署，因為父�交未簽署。
 signing.wont_sign.basesigned=�併�會被簽署，因為基底�交未簽署。
 signing.wont_sign.headsigned=�併�會被簽署，因為 head �交未簽署。
@@ -2061,7 +1945,6 @@ activity.title.releases_1=%d 個版本
 activity.title.releases_n=%d 個版本
 activity.title.releases_published_by=%[2]s發布了 %[1]s
 activity.published_release_label=已發布
-activity.no_git_activity=期間內沒有任何�交動態
 activity.git_stats_exclude_merges=�計�併，
 activity.git_stats_author_1=%d �作者
 activity.git_stats_author_n=%d �作者
@@ -2089,7 +1972,6 @@ contributors.contribution_type.additions=新增
 contributors.contribution_type.deletions=刪除
 
 settings=設定
-settings.desc=設定是您�以管�儲存庫設定的地方
 settings.options=儲存庫
 settings.collaboration=�作者
 settings.collaboration.admin=管�員
@@ -2106,7 +1988,6 @@ settings.mirror_settings.docs.disabled_pull_mirror.instructions=設定您的專æ
 settings.mirror_settings.docs.disabled_push_mirror.instructions=設定您的專案自動從其他儲存庫拉��交�標籤�分支。
 settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=�在這個功能�能從「�移外部儲存庫�進行設定，詳情請�考:
 settings.mirror_settings.docs.disabled_push_mirror.info=您的網站管�員已�用了推���。
-settings.mirror_settings.docs.no_new_mirrors=您的儲存庫正在��變更到或從�一個儲存庫。請注�，您目�無法建立任何新的��。
 settings.mirror_settings.docs.can_still_use=雖然您無法修改�有的��或建立新的��，但您�然�以使用�有的��。
 settings.mirror_settings.docs.pull_mirror_instructions=設定拉���請�考：
 settings.mirror_settings.docs.more_information_if_disabled=您�以在這裡找到有關推�和拉���的更多資訊：
@@ -2181,7 +2062,6 @@ settings.admin_indexer_commit_sha=最後索引的 SHA
 settings.admin_indexer_unindexed=未索引
 settings.reindex_button=加入到�新索引佇列
 settings.reindex_requested=已請求�新索引
-settings.admin_enable_close_issues_via_commit_in_any_branch=�以從��設分支的�交訊�關閉�題
 settings.danger_zone=�險�作�
 settings.new_owner_has_same_repo=新的儲存庫�有者已經存在��儲存庫�
 settings.convert=轉�為普通儲存庫
@@ -2203,7 +2083,6 @@ settings.transfer_abort_invalid=您無法�消�存在的儲存庫轉移。
 settings.transfer_abort_success=�功�消轉移儲存庫至 %s。
 settings.transfer_desc=將此儲存庫轉移給其他使用者或�您管�的組織。
 settings.transfer_form_title=輸入儲存庫�稱以確�：
-settings.transfer_in_progress=目�正在進行轉移。如果您想�將此儲存庫轉移給其他使用者，請�消他。
 settings.transfer_notices_1=- 如果將此儲存庫轉移給個別使用者，您將會失去此儲存庫的存�權。
 settings.transfer_notices_2=- 如果將此儲存庫轉移到您(共�)�有的組織，您將能繼續�有此儲存庫的存�權。
 settings.transfer_notices_3=- 如果此儲存庫為�有儲存庫且將轉移給個別使用者，此動作確�該使用者至少�有讀�權� (必�時將會修改權�)。
@@ -2218,13 +2097,9 @@ settings.trust_model.default=�設信任模�
 settings.trust_model.default.desc=使用此 Gitea 的�設儲存庫信任模�。
 settings.trust_model.collaborator=�作者
 settings.trust_model.collaborator.long=�作者: 信任�作者的簽署
-settings.trust_model.collaborator.desc=此儲存庫�作者的有效簽署將被標記為「�信任�(無論它們是�符��交者)，簽署�符��交者時將標記為「��信任�，都�符�時標記為「�符��。
 settings.trust_model.committer=�交者
-settings.trust_model.committer.long=�交者: 信任與�交者相符的簽署 (此�項與 GitHub 相�，這會強制 Gitea 簽署�交並以 Gitea 作為�交者)
-settings.trust_model.committer.desc=�交者的有效簽署將被標記為「�信任�，�則將被標記為「�符��。這將會強制 Gitea �為�簽署�交的�交者，實際的�交者將於�交訊��尾被標記為「Co-authored-by:�和「Co-committed-by:�。�設的 Gitea 金鑰必須符�資料庫中的一�使用者。
 settings.trust_model.collaboratorcommitter=�作者+�交者
 settings.trust_model.collaboratorcommitter.long=�作者 + �交者: 信任�作者�時是�交者的簽署
-settings.trust_model.collaboratorcommitter.desc=此儲存庫�作者的有效簽署在他�時是�交者時將被標記為「�信任�，簽署�符��交者時將標記為「��信任�，都�符�時標記為「�符��。這會強制 Gitea �為�簽署�交的�交者，實際的�交者將於�交訊��尾被標記為「Co-Authored-By:�和「Co-Committed-By:�。�設的 Gitea 金鑰必須符�資料庫中的一�使用者。
 settings.wiki_delete=刪除 Wiki 資料
 settings.wiki_delete_desc=刪除儲存庫 Wiki 資料是永久的且��還原。
 settings.wiki_delete_notices_1=- 這將會永久刪除與�用 %s 的儲存庫 Wiki。
@@ -2233,7 +2108,6 @@ settings.wiki_deletion_success=已刪除儲存庫的 Wiki 資料。
 settings.delete=刪除本儲存庫
 settings.delete_desc=刪除儲存庫是永久的且��還原。
 settings.delete_notices_1=- 此動作<strong>��</strong>還原。
-settings.delete_notices_2=- 此�作將永久刪除 <strong>%s</strong> 儲存庫，包括程�碼��題�留言�Wiki 資料和�作者設定。
 settings.delete_notices_fork_1=- 在此儲存庫刪除後，它的 fork 將會變��立儲存庫。
 settings.deletion_success=這個儲存庫已被刪除。
 settings.update_settings_success=已更新儲存庫的設定。
@@ -2255,8 +2129,6 @@ settings.team_not_in_organization=團隊和儲存庫�在相�的組織內
 settings.teams=團隊
 settings.add_team=增加團隊
 settings.add_team_duplicate=團隊已�有該儲存庫
-settings.add_team_success=團隊�在�存�該儲存庫了。
-settings.change_team_permission_tip=團隊權��於團隊設定��修改，�能��儲存庫分別調整。
 settings.delete_team_tip=此團隊�存�所有儲存庫，無法移除
 settings.remove_team_success=已移除團隊存�儲存庫的權�。
 settings.add_webhook=建立 Webhook
@@ -2265,8 +2137,6 @@ settings.hooks_desc=當觸發�些 Gitea 事件時，Webhook 會自動發出 HT
 settings.webhook_deletion=移除 Webhook
 settings.webhook_deletion_desc=移除 Webhook 將刪除它的設定�傳�記錄，是�繼續？
 settings.webhook_deletion_success=Webhook 已移除。
-settings.webhook.test_delivery=傳�測試資料
-settings.webhook.test_delivery_desc=使用�事件測試此 Webhook。
 settings.webhook.test_delivery_desc_disabled=�使用�事件測試此 Webhook，請啟用它。
 settings.webhook.request=請求
 settings.webhook.response=回應
@@ -2313,7 +2183,6 @@ settings.event_repository=儲存庫
 settings.event_repository_desc=建立或刪除儲存庫。
 settings.event_header_issue=�題事件
 settings.event_issues=�題
-settings.event_issues_desc=建立�編輯�關閉��新開放�題。
 settings.event_issue_assign=指派�題
 settings.event_issue_assign_desc=指派或�消指派�題。
 settings.event_issue_label=標籤
@@ -2324,7 +2193,6 @@ settings.event_issue_comment=�題留言
 settings.event_issue_comment_desc=已經建立�編輯或刪除的�題留言。
 settings.event_header_pull_request=�併請求事件
 settings.event_pull_request=�併請求
-settings.event_pull_request_desc=建立�編輯�關閉��新開放�併請求。
 settings.event_pull_request_assign=指派�併請求
 settings.event_pull_request_assign_desc=指派或�消指派�併請求。
 settings.event_pull_request_label=�併請求標籤
@@ -2464,7 +2332,6 @@ settings.block_on_official_review_requests_desc=如果有官方的審核請求æ™
 settings.block_outdated_branch=如果�併請求已經�時則阻擋�併
 settings.block_outdated_branch_desc=當 head 分支�後於基礎分支時�得�併。
 settings.block_admin_merge_override=管�員必須�守分支�護�則
-settings.block_admin_merge_override_desc=管�員必須�守分支�護�則，�能繞�它。
 settings.default_branch_desc=請�擇用來�交程�碼和�併請求的�設分支。
 settings.merge_style_desc=�併方�
 settings.default_merge_style_desc=�設�併方�
@@ -2491,10 +2358,7 @@ settings.matrix.homeserver_url=主伺�器網�
 settings.matrix.room_id=�天室 ID
 settings.matrix.message_type=訊�類型
 settings.visibility.private.button=設為�人
-settings.visibility.private.text=將�見性更改為�人�僅會使儲存庫僅��許的�員�見，還�能會移除它與 fork�關注者和星標之間的關係。
 settings.visibility.private.bullet_title=<strong>更改�見性為�人將：</strong>
-settings.visibility.private.bullet_one=使儲存庫僅��許的�員�見。
-settings.visibility.private.bullet_two=�能會移除它與 <strong>fork</strong>�<strong>關注者</strong> 和 <strong>星標</strong> 之間的關係。
 settings.visibility.public.button=設為公開
 settings.visibility.public.text=將�見性更改為公開將使儲存庫�任何人�見。
 settings.visibility.public.bullet_title=<strong>更改�見性為公開將：</strong>
@@ -2513,7 +2377,6 @@ settings.archive.tagsettings_unavailable=已�存的儲存庫無法使用標籤
 settings.archive.mirrors_unavailable=如果儲存庫已�存，則無法使用��。
 settings.unarchive.button=�消�存儲存庫
 settings.unarchive.header=�消�存此儲存庫
-settings.unarchive.text=�消�存儲存庫將�復其接收�交和推�的能力，以�新�題和�併請求。
 settings.unarchive.success=儲存庫已�功�消�存。
 settings.unarchive.error=嘗試�消�存儲存庫時發生錯誤。查看日誌檔以�得更多資訊。
 settings.update_avatar_success=已更新儲存庫的大頭貼。
@@ -2531,11 +2394,9 @@ settings.lfs_invalid_locking_path=無效的路徑: %s
 settings.lfs_invalid_lock_directory=無法鎖定目錄: %s
 settings.lfs_lock_already_exists=鎖定已存在：%s
 settings.lfs_lock=鎖定
-settings.lfs_lock_path=�鎖定的檔案路徑...
 settings.lfs_locks_no_locks=沒有鎖定
 settings.lfs_lock_file_no_exist=已鎖定的檔案�存在於�設分支
 settings.lfs_force_unlock=強制解鎖
-settings.lfs_pointers.found=找到 %d 個 blob 指標 - %d 個已關�, %d 個未關� (%d 個從存放��失)
 settings.lfs_pointers.sha=Blob SHA
 settings.lfs_pointers.oid=OID
 settings.lfs_pointers.inRepo=在儲存庫中
@@ -2709,7 +2570,6 @@ error.csv.invalid_field_count=無法渲染此檔案，因為它第 %d 行的欄ä
 error.broken_git_hook=此儲存庫的 Git hooks 似乎已�壞。請按照 <a target="_blank" rel="noreferrer" href="%s">文件</a> 進行修復，然後推�一些�交以刷新狀態。
 
 [graphs]
-component_loading=正在載入 %s...
 component_loading_failed=無法載入 %s
 component_loading_info=這�能需�一點時間…
 component_failed_to_load=發生�外錯誤。
@@ -2747,7 +2607,6 @@ form.create_org_not_allowed=此帳號�止建立組織。
 settings=設定
 settings.options=組織
 settings.full_name=組織全�
-settings.email=�絡電�郵件
 settings.website=官方網站
 settings.location=所在地�
 settings.permission=權�
@@ -2761,15 +2620,13 @@ settings.visibility.private_shortname=�有
 
 settings.update_settings=更新設定
 settings.update_setting_success=組織設定已更新。
-settings.change_orgname_prompt=注�：更改組織�稱將�時更改組織的 URL 並釋放舊�稱。
-settings.change_orgname_redirect_prompt=舊的�稱被領用�，會�新導�新�稱。
+
+
 settings.update_avatar_success=已更新組織的大頭貼。
 settings.delete=刪除組織
 settings.delete_account=刪除這個組織
 settings.delete_prompt=該組織將被永久刪除。此動作<strong>��</strong>還原�
 settings.confirm_delete_account=確�刪除組織
-settings.delete_org_title=刪除組織
-settings.delete_org_desc=�將永久刪除這個組織，是�繼續？
 settings.hooks_desc=此組織下的<strong>所有存儲庫</strong>都會觸發在此新增的 Webhook。
 
 settings.labels_desc=在此處新增的標籤�用於此組織下的<strong>所有儲存庫</strong>。
@@ -2825,7 +2682,6 @@ teams.remove_all_repos_title=移除所有團隊儲存庫
 teams.remove_all_repos_desc=這將從團隊中移除所有儲存庫。
 teams.add_all_repos_title=增加所有儲存庫
 teams.add_all_repos_desc=這將把組織的所有儲存庫增加到團隊。
-teams.add_nonexistent_repo=您嘗試新增的儲存庫�存在，請先建立它。
 teams.add_duplicate_users=使用者已經是團隊�員了。
 teams.repos.none=這個團隊沒有�以存�的儲存庫。
 teams.members.none=這個團隊沒有任何�員。
@@ -2855,7 +2711,6 @@ repositories=儲存庫
 hooks=Webhook
 integrations=整�
 authentication=�證來�
-emails=使用者電�信箱
 config=組態
 config_summary=摘�
 config_settings=設定
@@ -2887,11 +2742,8 @@ dashboard.cron.cancelled=Cron: %[1]s 已�消: %[3]s
 dashboard.cron.error=Cron 中的錯誤: %s: %[3]s
 dashboard.cron.finished=Cron: %[1]s 已完�
 dashboard.delete_inactive_accounts=刪除所有未啟用帳戶
-dashboard.delete_inactive_accounts.started=刪除所有未啟用帳戶的任務已啟動。
 dashboard.delete_repo_archives=刪除所有儲存庫存檔 (ZIP, TAR.GZ, etc..)
-dashboard.delete_repo_archives.started=刪除所有儲存庫存檔的任務已啟動。
 dashboard.delete_missing_repos=刪除所有�失 Git 檔案的儲存庫
-dashboard.delete_missing_repos.started=刪除所有�失 Git 檔案的儲存庫的任務已啟動。
 dashboard.delete_generated_repository_avatars=刪除產生的儲存庫大頭貼
 dashboard.sync_repo_branches=從 Git 資料�步��的分支到資料庫
 dashboard.sync_repo_tags=從 Git 資料�步標籤到資料庫
@@ -2899,17 +2751,9 @@ dashboard.update_mirrors=更新��
 dashboard.repo_health_check=�所有儲存庫進行�康檢查
 dashboard.check_repo_stats=檢查所有儲存庫的統計資料
 dashboard.archive_cleanup=刪除舊的儲存庫存檔
-dashboard.deleted_branches_cleanup=清�已刪除的分支
 dashboard.update_migration_poster_id=更新�移發布者 ID
-dashboard.git_gc_repos=�所有儲存庫進行垃圾回收
-dashboard.resync_all_sshkeys=使用 Gitea 的 SSH 金鑰更新「.ssh/authorized_keys�檔案。
-dashboard.resync_all_sshprincipals=使用 Gitea 的 SSH 主體更新「.ssh/authorized_principals�檔案。
-dashboard.resync_all_hooks=�新�步所有儲存庫的 pre-receive�update 和 post-receive Hook。
 dashboard.reinit_missing_repos=�新�始化所有記錄存在但�失的 Git 儲存庫
 dashboard.sync_external_users=�步外部使用者資料
-dashboard.cleanup_hook_task_table=清� hook_task 資料表
-dashboard.cleanup_packages=清�已�期的套件
-dashboard.cleanup_actions=清��期的�作資�
 dashboard.server_uptime=�務執行時間
 dashboard.current_goroutine=目�的 Goroutines 數�
 dashboard.current_memory_usage=目�記憶體使用�
@@ -2940,10 +2784,8 @@ dashboard.total_gc_pause=總 GC 暫�時間
 dashboard.last_gc_pause=上次 GC 暫�時間
 dashboard.gc_times=GC 執行次數
 dashboard.delete_old_actions=從資料庫刪除所有舊行為
-dashboard.delete_old_actions.started=從資料庫刪除所有舊行為的任務已啟動。
 dashboard.update_checker=更新檢查器
 dashboard.delete_old_system_notices=從資料庫刪除所有舊系統�示
-dashboard.gc_lfs=� LFS meta objects 進行垃圾回收
 dashboard.stop_zombie_tasks=�止殭�任務
 dashboard.stop_endless_tasks=�止永��止的任務
 dashboard.cancel_abandoned_jobs=�消已放棄的工作
@@ -2967,7 +2809,6 @@ users.2fa=兩步驟驗證
 users.repos=儲存庫數
 users.created=建立時間
 users.last_login=上次登入
-users.never_login=從未登入
 users.send_register_notify=寄�使用者註冊通知
 users.new_success=已建立新帳戶「%s�。
 users.edit=編輯
@@ -2994,7 +2835,6 @@ users.still_own_repo=這個使用者還æ“�有一個或更多的儲存庫。請å…
 users.still_has_org=此使用者是組織的�員。請先將他從組織中移除。
 users.purge=清除使用者
 users.purge_help=強制刪除使用者和他�有的所有儲存庫�組織�套件，所有留言也會被刪除。
-users.still_own_packages=此使用者�然�有一個以上的套件，請先刪除這些套件。
 users.deletion_success=使用者帳戶已被刪除。
 users.reset_2fa=�設兩步驟驗證
 users.list_status_filter.menu_text=篩�
@@ -3014,11 +2854,7 @@ users.details=使用者詳細資訊
 emails.email_manage_panel=使用者電�信箱管�
 emails.primary=主�
 emails.activated=已啟用
-emails.filter_sort.email=電�信箱
-emails.filter_sort.email_reverse=電�信箱(倒�)
-emails.filter_sort.name=使用者�稱
-emails.filter_sort.name_reverse=使用者�稱(倒�)
-emails.updated=信箱已更新
+emails.filter_sort.name=帳號
 emails.not_updated=電�信箱更新失敗: %v
 emails.duplicate_active=此信箱已被其他使用者使用
 emails.change_email_header=更新電�信箱屬性
@@ -3026,7 +2862,6 @@ emails.change_email_text=您確定�更新此電�郵件地�嗎？
 emails.delete=刪除電�郵件
 emails.delete_desc=您確定�刪除此電�郵件地�嗎？
 emails.deletion_success=電�郵件地�已被刪除。
-emails.delete_primary_email_error=您�能刪除主�的電�郵件地�。
 
 orgs.org_manage_panel=組織管�
 orgs.name=�稱
@@ -3140,27 +2975,19 @@ auths.oauth2_required_claim_name_helper=填寫此�稱以�制 Claim 中有此
 auths.oauth2_required_claim_value=必須填寫 Claim 值
 auths.oauth2_required_claim_value_helper=填寫此�稱以�制 Claim 中有此�稱和值的使用者�能從此來�登入
 auths.oauth2_group_claim_name=Claim �稱�供群組�稱給此來�。(�用)
-auths.oauth2_admin_group=管�員使用者的群組 Claim 值。(�用 - 需�上�的 Claim �稱)
-auths.oauth2_restricted_group=��制使用者的群組 Claim 值。(�用 - 需�上�的 Claim �稱)
-auths.oauth2_map_group_to_team=將已 Claim 的群組�應到組織團隊。(�用 - 需�上述 Claim �稱)
 auths.oauth2_map_group_to_team_removal=如果使用者�屬於相�應的群組，將使用者從已�步的團隊移除。
 auths.enable_auto_register=�許授權用戶自動註冊
 auths.sspi_auto_create_users=自動建立使用者
-auths.sspi_auto_create_users_helper=�許 SSPI �證方法於使用者首次登入時自動建立新帳戶
 auths.sspi_auto_activate_users=自動啟用使用者
 auths.sspi_auto_activate_users_helper=�許 SSPI �證方法自動啟用新使用者
 auths.sspi_strip_domain_names=從帳號中移除域�
-auths.sspi_strip_domain_names_helper=勾�後，將從登入�稱中移除域� (例如:「DOMAIN\user�和「user@example.org�都會變�「user�)
 auths.sspi_separator_replacement=用來替� \, / 和 @ 的分隔符號
-auths.sspi_separator_replacement_helper=用來替�下級登入�稱分隔符號的字元 (例如:「DOMAIN\user�中的「\�) 和使用者主體�稱 (例如:「user@example.org�中的「@�)。
 auths.sspi_default_language=使用者�設語言
-auths.sspi_default_language_helper=SSPI �證方法自動建立之使用者的�設語言，留白以自動�測。
 auths.tips=幫助�示
 auths.tips.oauth2.general=OAuth2 �證
 auths.tips.oauth2.general.tip=註冊新的 OAuth2 �證時，回調/�定� URL 應為：
 auths.tip.oauth2_provider=OAuth2 �供者
 auths.tip.bitbucket=註冊新的 OAuth 客戶端並加入權�「Account - Read�。網�：https://bitbucket.org/account/user/<your username>/oauth-consumers/new
-auths.tip.nextcloud=在您的執行個體中，於�單「設定 -> 安全性 -> OAuth 2.0 客戶端�註冊新的 OAuth 客戶端
 auths.tip.dropbox=建立新的 App。網�：https://www.dropbox.com/developers/apps
 auths.tip.facebook=註冊新的應用程�並新增產�「Facebook 登入�。網�：https://developers.facebook.com/apps
 auths.tip.github=註冊新的 OAuth 應用程�。網�：https://github.com/settings/applications/new
@@ -3213,8 +3040,6 @@ config.ssh_domain=SSH 伺�器域�
 config.ssh_port=連接埠
 config.ssh_listen_port=監�埠
 config.ssh_root_path=根路徑
-config.ssh_key_test_path=金鑰測試路徑
-config.ssh_keygen_path=金鑰產生 (' ssh-keygen ') 路徑
 config.ssh_minimum_key_size_check=金鑰最�大�檢查
 config.ssh_minimum_key_sizes=金鑰最�大�
 
@@ -3272,7 +3097,6 @@ config.mailer_sendmail_path=Sendmail 路徑
 config.mailer_sendmail_args=Sendmail �數
 config.mailer_sendmail_timeout=Sendmail 逾時
 config.mailer_use_dummy=Dummy
-config.test_email_placeholder=電�信箱 (例：test@example.com)
 config.send_test_mail=傳�測試郵件
 config.send_test_mail_submit=傳�
 config.test_mail_failed=傳�測試郵件到「%s�時失敗: %v
@@ -3344,7 +3168,6 @@ monitor.start=開始時間
 monitor.execute_time=已執行時間
 monitor.last_execution_result=�果
 monitor.process.cancel=��處�程�
-monitor.process.cancel_desc=��處�程��能造�資料�失
 monitor.process.children=�程�
 
 monitor.queues=佇列
@@ -3359,7 +3182,6 @@ monitor.queue.numberinqueue=佇列中的數�
 monitor.queue.review_add=審查 / 增加工作者
 monitor.queue.settings.title=集�設定
 monitor.queue.settings.desc=集�會根據工作者佇列的阻塞情�動態增長。
-monitor.queue.settings.maxnumberworkers=最大工作者數�
 monitor.queue.settings.maxnumberworkers.placeholder=目� %[1]d
 monitor.queue.settings.maxnumberworkers.error=最大工作者數�必須是數字
 monitor.queue.settings.submit=更新設定
@@ -3385,10 +3207,6 @@ notices.delete_success=已刪除系統�示。
 self_check.no_problem_found=尚未發�任何�題。
 self_check.startup_warnings=啟動警告：
 self_check.database_collation_mismatch=�期資料庫使用排��則：%s
-self_check.database_collation_case_insensitive=資料庫正在使用排��則 %s，這是一個��分大�寫的排��則。雖然 Gitea �以正常�作，但在�些罕見情�下�能會出��期外的�題。
-self_check.database_inconsistent_collation_columns=資料庫正在使用排��則 %s，但這些欄�使用了�匹�的排��則。這�能會導致一些�期外的�題。
-self_check.database_fix_mysql=�於 MySQL/MariaDB 使用者，您�以使用 "gitea doctor convert" 命令來修復排��則�題，或者也�以手動使用 "ALTER ... COLLATE ..." SQL 語�來修復�題。
-self_check.database_fix_mssql=�於 MSSQL 使用者，目�您�能手動使用 "ALTER ... COLLATE ..." SQL 語�來修復�題。
 self_check.location_origin_mismatch=當� URL (%[1]s) 與 Gitea 看到的 URL (%[2]s) �匹�。如果您使用了��代�，請確� "Host" 和 "X-Forwarded-Proto" 標頭設置正確。
 
 [action]
@@ -3472,8 +3290,6 @@ error.no_committer_account=�交者的電�信箱沒有連�到任何帳戶
 error.no_gpg_keys_found=沒有發�已知的金鑰在資料庫的簽署中
 error.not_signed_commit=未簽�的�交
 error.failed_retrieval_gpg_keys=找�到任何與該�交者帳戶相關的金鑰
-error.probable_bad_signature=警告�雖然資料庫中有此 ID 的金鑰，但此�交未通�它的驗證�此�交是有疑慮的。
-error.probable_bad_default_signature=警告�雖然�設金鑰�有此 ID，但此�交未通�它的驗證�此�交是有疑慮的。
 
 [units]
 unit=單元
@@ -3511,7 +3327,6 @@ versions=版本
 versions.view_all=檢視全部
 dependency.id=ID
 dependency.version=版本
-alpine.registry=在您的 <code>/etc/apk/repositories</code> 檔加入下列 URL 以設定此註冊中心:
 alpine.registry.key=下載註冊中心的公開 RSA 金鑰到 <code>/etc/apk/keys/</code> 資料夾來驗證索引簽署:
 alpine.registry.info=從下列清單�擇 $branch 和 $repository
 alpine.install=執行下列命令安�此套件:
@@ -3524,18 +3339,13 @@ arch.install=使用 pacman �步套件:
 arch.repository=儲存庫資訊
 arch.repository.repositories=儲存庫
 arch.repository.architectures=架構
-cargo.registry=在 Cargo 組態檔設定此註冊中心 (例如: <code>~/.cargo/config.toml</code>):
 cargo.install=執行下列命令以使用 Cargo 安�此套件:
-chef.registry=在您的 <code>~/.chef/config.rb</code> 檔設定此註冊中心:
 chef.install=執行下列命令安�此套件:
-composer.registry=在您的 <code>~/.composer/config.json</code> 檔設定此註冊中心:
 composer.install=執行下列命令以使用 Composer 安�此套件:
 composer.dependencies=相�性
 composer.dependencies.development=開發相�性
 conan.details.repository=儲存庫
-conan.registry=��下列命令設定此註冊中心:
 conan.install=執行下列命令以使用 Conan 安�此套件:
-conda.registry=在您的 <code>.condarc</code> 檔設定此註冊中心為 Conda 存儲庫:
 conda.install=執行下列命令以使用 Conda 安�此套件:
 container.details.type=映�檔類型
 container.details.platform=平�
@@ -3545,9 +3355,7 @@ container.layers=映�檔 Layers
 container.labels=標籤
 container.labels.key=�
 container.labels.value=值
-cran.registry=在您的 <code>Rprofile.site</code> 檔設定此註冊中心:
 cran.install=執行下列命令安�此套件:
-debian.registry=��下列命令設定此註冊中心:
 debian.registry.info=從下列清單�擇$distribution和$component
 debian.install=執行下列命令安�此套件:
 debian.repository=儲存庫資訊
@@ -3556,16 +3364,11 @@ debian.repository.components=元件
 debian.repository.architectures=架構
 generic.download=��下列命令下載套件:
 go.install=��下列命令安�套件:
-helm.registry=��下列命令設定此註冊中心:
 helm.install=執行下列命令安�此套件:
-maven.registry=在您專案的 <code>pom.xml</code> 檔設定此註冊中心:
-maven.install=若�使用此套件，請在您 <code>pom.xml</code> 檔的 <code>dependencies</code> 段�加入下列內容:
 maven.install2=��下列命令執行:
 maven.download=��下列命令下載相�性:
-nuget.registry=��下列命令設定此註冊中心:
 nuget.install=執行下列命令以使用 NuGet 安�此套件:
 nuget.dependency.framework=目標框架
-npm.registry=在您專案的 <code>.npmrc</code> 檔設定此註冊中心:
 npm.install=執行下列命令以使用 npm 安�此套件:
 npm.install2=或將它加到 package.json 檔:
 npm.dependencies=相�性
@@ -3577,7 +3380,6 @@ npm.details.tag=標籤
 pub.install=執行下列命令以使用 Dart 安�此套件:
 pypi.requires=需� Python
 pypi.install=執行下列命令以使用 pip 安�此套件:
-rpm.registry=��下列命令設定此註冊中心:
 rpm.distros.redhat=在基於 RedHat 的發行版上
 rpm.distros.suse=在基於 SUSE 的發行版上
 rpm.install=執行下列命令安�此套件:
@@ -3590,7 +3392,6 @@ rubygems.dependencies.runtime=執行階段相�性
 rubygems.dependencies.development=開發相�性
 rubygems.required.ruby=需�的 Ruby 版本
 rubygems.required.rubygems=需�的 RubyGem 版本
-swift.registry=��下列命令設定此註冊中心:
 swift.install=將此套件加入您的 <code>Package.swift</code> 檔:
 swift.install2=並執行下列命令:
 vagrant.install=執行下列命令以新增 Vagrant box:
@@ -3613,7 +3414,6 @@ owner.settings.cargo.initialize.success=�功建立了 Cargo 索引。
 owner.settings.cargo.rebuild=�建索引
 owner.settings.cargo.rebuild.description=如果索引與儲存的 Cargo 套件��步，�建索引�能會有幫助。
 owner.settings.cargo.rebuild.error=�建 Cargo 索引失敗: %v
-owner.settings.cargo.rebuild.success=�功�建了 Cargo 索引。
 owner.settings.cleanuprules.title=管�清��則
 owner.settings.cleanuprules.add=加入清��則
 owner.settings.cleanuprules.edit=編輯清��則
@@ -3642,12 +3442,13 @@ owner.settings.chef.keypair.description=é©—è­‰ Chef 註冊中心需è¦�一個密é
 secrets=Secret
 description=Secret 會被傳給特定的 Action，其他情�無法讀�。
 none=還沒有 Secret。
-creation=加入 Secret
+
+; These keys are also for "edit secret", the keys are kept as-is to avoid unnecessary re-translation
 creation.description=�述
 creation.name_placeholder=��分大�寫，�能包�英文字��數字�底線 ('_')，�能以 GITEA_ 或 GITHUB_ 開頭。
 creation.value_placeholder=輸入任何內容，頭尾的空白都會被忽略。
-creation.success=已新增 Secret「%s�。
-creation.failed=加入 Secret 失敗。
+
+
 deletion=移除 Secret
 deletion.description=移除 Secret 是永久的且��還原，是�繼續？
 deletion.success=已移除此 Secret。
@@ -3695,7 +3496,6 @@ runners.delete_runner=刪除此 Runner
 runners.delete_runner_success=刪除 Runner �功
 runners.delete_runner_failed=刪除 Runner 失敗
 runners.delete_runner_header=確�刪除此 Runner
-runners.delete_runner_notice=如果有任務正在此 Runner 上執行，它�能會被中止並標記為失敗，這�能會打斷建置工作�程。
 runners.none=沒有�用的 Runner
 runners.status.unspecified=未知
 runners.status.idle=é–’ç½®
diff --git a/package-lock.json b/package-lock.json
index c347cf5fd8..0cee3699a8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,114 +10,114 @@
         "@citation-js/plugin-csl": "0.7.18",
         "@citation-js/plugin-software-formats": "0.6.1",
         "@github/markdown-toolbar-element": "2.2.3",
-        "@github/relative-time-element": "4.4.5",
-        "@github/text-expander-element": "2.9.1",
+        "@github/relative-time-element": "4.4.8",
+        "@github/text-expander-element": "2.9.2",
         "@mcaptcha/vanilla-glue": "0.1.0-alpha-3",
-        "@primer/octicons": "19.15.1",
+        "@primer/octicons": "19.15.5",
         "@silverwind/vue3-calendar-heatmap": "2.0.6",
         "add-asset-webpack-plugin": "3.0.0",
-        "ansi_up": "6.0.2",
-        "asciinema-player": "3.9.0",
-        "chart.js": "4.4.8",
+        "ansi_up": "6.0.6",
+        "asciinema-player": "3.10.0",
+        "chart.js": "4.5.0",
         "chartjs-adapter-dayjs-4": "1.0.4",
         "chartjs-plugin-zoom": "2.2.0",
-        "clippie": "4.1.5",
+        "clippie": "4.1.7",
         "cropperjs": "1.6.2",
         "css-loader": "7.1.2",
         "dayjs": "1.11.13",
         "dropzone": "6.0.0-beta.2",
         "easymde": "2.20.0",
         "esbuild-loader": "4.3.0",
-        "escape-goat": "4.0.0",
         "fast-glob": "3.3.3",
-        "htmx.org": "2.0.4",
+        "htmx.org": "2.0.6",
         "idiomorph": "0.7.3",
         "jquery": "3.7.1",
-        "katex": "0.16.21",
+        "katex": "0.16.22",
         "license-checker-webpack-plugin": "0.2.1",
-        "mermaid": "11.5.0",
+        "mermaid": "11.9.0",
         "mini-css-extract-plugin": "2.9.2",
-        "minimatch": "10.0.1",
+        "minimatch": "10.0.3",
         "monaco-editor": "0.52.2",
         "monaco-editor-webpack-plugin": "7.1.0",
+        "online-3d-viewer": "0.16.0",
         "pdfobject": "2.3.1",
         "perfect-debounce": "1.0.0",
-        "postcss": "8.5.3",
+        "postcss": "8.5.6",
         "postcss-loader": "8.1.1",
-        "postcss-nesting": "13.0.1",
+        "postcss-nesting": "13.0.2",
         "sortablejs": "1.15.6",
-        "swagger-ui-dist": "5.20.1",
+        "swagger-ui-dist": "5.27.0",
         "tailwindcss": "3.4.17",
         "throttle-debounce": "5.0.2",
         "tinycolor2": "1.6.0",
         "tippy.js": "6.3.7",
         "toastify-js": "1.12.0",
         "tributejs": "5.1.3",
-        "typescript": "5.8.2",
-        "uint8-to-base64": "0.2.0",
+        "typescript": "5.8.3",
+        "uint8-to-base64": "0.2.1",
         "vanilla-colorful": "0.7.2",
-        "vue": "3.5.13",
+        "vue": "3.5.18",
         "vue-bar-graph": "2.2.0",
         "vue-chartjs": "5.3.2",
         "vue-loader": "17.4.2",
-        "webpack": "5.98.0",
+        "webpack": "5.101.0",
         "webpack-cli": "6.0.1",
         "wrap-ansi": "9.0.0"
       },
       "devDependencies": {
-        "@eslint-community/eslint-plugin-eslint-comments": "4.4.1",
-        "@playwright/test": "1.49.1",
-        "@stoplight/spectral-cli": "6.14.3",
+        "@eslint-community/eslint-plugin-eslint-comments": "4.5.0",
+        "@playwright/test": "1.54.1",
+        "@stoplight/spectral-cli": "6.15.0",
         "@stylistic/eslint-plugin-js": "3.1.0",
-        "@stylistic/stylelint-plugin": "3.1.2",
+        "@stylistic/stylelint-plugin": "4.0.0",
         "@types/dropzone": "5.7.9",
         "@types/jquery": "3.5.32",
         "@types/katex": "0.16.7",
-        "@types/license-checker-webpack-plugin": "0.2.4",
+        "@types/license-checker-webpack-plugin": "0.2.5",
         "@types/pdfobject": "2.2.5",
         "@types/sortablejs": "1.15.8",
-        "@types/swagger-ui-dist": "3.30.5",
+        "@types/swagger-ui-dist": "3.30.6",
         "@types/throttle-debounce": "5.0.2",
         "@types/tinycolor2": "1.4.6",
-        "@types/toastify-js": "1.12.3",
-        "@typescript-eslint/eslint-plugin": "8.26.1",
-        "@typescript-eslint/parser": "8.26.1",
-        "@vitejs/plugin-vue": "5.2.1",
-        "@vitest/eslint-plugin": "1.1.37",
+        "@types/toastify-js": "1.12.4",
+        "@typescript-eslint/eslint-plugin": "8.38.0",
+        "@typescript-eslint/parser": "8.38.0",
+        "@vitejs/plugin-vue": "6.0.1",
+        "@vitest/eslint-plugin": "1.3.4",
         "eslint": "8.57.0",
-        "eslint-import-resolver-typescript": "3.9.0",
+        "eslint-import-resolver-typescript": "4.4.4",
         "eslint-plugin-array-func": "4.0.0",
         "eslint-plugin-github": "5.0.2",
-        "eslint-plugin-import-x": "4.7.2",
+        "eslint-plugin-import-x": "4.16.1",
         "eslint-plugin-no-jquery": "3.1.1",
         "eslint-plugin-no-use-extend-native": "0.5.0",
-        "eslint-plugin-playwright": "2.2.0",
-        "eslint-plugin-regexp": "2.7.0",
-        "eslint-plugin-sonarjs": "3.0.2",
+        "eslint-plugin-playwright": "2.2.2",
+        "eslint-plugin-regexp": "2.9.0",
+        "eslint-plugin-sonarjs": "3.0.4",
         "eslint-plugin-unicorn": "56.0.1",
-        "eslint-plugin-vue": "10.0.0",
-        "eslint-plugin-vue-scoped-css": "2.9.0",
-        "eslint-plugin-wc": "2.2.1",
-        "happy-dom": "17.4.4",
-        "markdownlint-cli": "0.44.0",
-        "material-icon-theme": "5.20.0",
+        "eslint-plugin-vue": "10.4.0",
+        "eslint-plugin-vue-scoped-css": "2.11.0",
+        "eslint-plugin-wc": "3.0.1",
+        "happy-dom": "18.0.1",
+        "markdownlint-cli": "0.45.0",
+        "material-icon-theme": "5.24.0",
         "nolyfill": "1.0.44",
         "postcss-html": "1.8.0",
-        "stylelint": "16.16.0",
-        "stylelint-config-recommended": "15.0.0",
+        "stylelint": "16.23.0",
+        "stylelint-config-recommended": "17.0.0",
         "stylelint-declaration-block-no-ignored-properties": "2.8.0",
         "stylelint-declaration-strict-value": "1.10.11",
-        "stylelint-define-config": "16.15.0",
+        "stylelint-define-config": "16.22.0",
         "stylelint-value-no-unknown-custom-properties": "6.0.1",
-        "svgo": "3.3.2",
-        "type-fest": "4.37.0",
-        "updates": "16.4.2",
-        "vite-string-plugin": "1.4.4",
-        "vitest": "3.0.8",
-        "vue-tsc": "2.2.8"
+        "svgo": "4.0.0",
+        "type-fest": "4.41.0",
+        "updates": "16.5.2",
+        "vite-string-plugin": "1.4.6",
+        "vitest": "3.2.4",
+        "vue-tsc": "3.0.4"
       },
       "engines": {
-        "node": ">= 18.0.0"
+        "node": ">= 20.0.0"
       }
     },
     "node_modules/@alloc/quick-lru": {
@@ -133,13 +133,13 @@
       }
     },
     "node_modules/@antfu/install-pkg": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@antfu/install-pkg/-/install-pkg-1.0.0.tgz",
-      "integrity": "sha512-xvX6P/lo1B3ej0OsaErAjqgFYzYVcJpamjLAFLYh9vRJngBrMoUG7aVnrGTeqM7yxbyTD5p3F2+0/QUEh8Vzhw==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@antfu/install-pkg/-/install-pkg-1.1.0.tgz",
+      "integrity": "sha512-MGQsmw10ZyI+EJo45CdSER4zEb+p31LpDAFp2Z3gkSd1yqVZGi0Ebx++YTEMonJy4oChEMLsxZ64j8FH6sSqtQ==",
       "license": "MIT",
       "dependencies": {
-        "package-manager-detector": "^0.2.8",
-        "tinyexec": "^0.3.2"
+        "package-manager-detector": "^1.3.0",
+        "tinyexec": "^1.0.1"
       },
       "funding": {
         "url": "https://github.com/sponsors/antfu"
@@ -165,14 +165,14 @@
       }
     },
     "node_modules/@babel/code-frame": {
-      "version": "7.26.2",
-      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz",
-      "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==",
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz",
+      "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==",
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-validator-identifier": "^7.25.9",
+        "@babel/helper-validator-identifier": "^7.27.1",
         "js-tokens": "^4.0.0",
-        "picocolors": "^1.0.0"
+        "picocolors": "^1.1.1"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -185,30 +185,30 @@
       "license": "MIT"
     },
     "node_modules/@babel/helper-string-parser": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz",
-      "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==",
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
       "license": "MIT",
       "engines": {
         "node": ">=6.9.0"
       }
     },
     "node_modules/@babel/helper-validator-identifier": {
-      "version": "7.25.9",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz",
-      "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==",
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz",
+      "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==",
       "license": "MIT",
       "engines": {
         "node": ">=6.9.0"
       }
     },
     "node_modules/@babel/parser": {
-      "version": "7.26.10",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz",
-      "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==",
+      "version": "7.28.0",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.0.tgz",
+      "integrity": "sha512-jVZGvOxOuNSsuQuLRTh13nU0AogFlw32w/MT+LV6D3sP5WdbW61E77RnkbaO2dUvmPAYrBDJXGn5gGS6tH4j8g==",
       "license": "MIT",
       "dependencies": {
-        "@babel/types": "^7.26.10"
+        "@babel/types": "^7.28.0"
       },
       "bin": {
         "parser": "bin/babel-parser.js"
@@ -218,25 +218,22 @@
       }
     },
     "node_modules/@babel/runtime": {
-      "version": "7.26.10",
-      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.26.10.tgz",
-      "integrity": "sha512-2WJMeRQPHKSPemqk/awGrAiuFfzBmOIPXKizAsVhWH9YJqLZ0H+HS4c8loHGgW6utJ3E/ejXQUsiGaQy2NZ9Fw==",
+      "version": "7.28.2",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.2.tgz",
+      "integrity": "sha512-KHp2IflsnGywDjBWDkR9iEqiWSpc8GIi0lgTT3mOElT0PP1tG26P4tmFI2YvAdzgq9RGyoHZQEIEdZy6Ec5xCA==",
       "license": "MIT",
-      "dependencies": {
-        "regenerator-runtime": "^0.14.0"
-      },
       "engines": {
         "node": ">=6.9.0"
       }
     },
     "node_modules/@babel/types": {
-      "version": "7.26.10",
-      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz",
-      "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==",
+      "version": "7.28.2",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.2.tgz",
+      "integrity": "sha512-ruv7Ae4J5dUYULmeXw1gmb7rYRz57OWCPM57pHojnLq/3Z1CK2lNSLTCVjxVk1F/TZHwOZZrOWi0ur95BbLxNQ==",
       "license": "MIT",
       "dependencies": {
-        "@babel/helper-string-parser": "^7.25.9",
-        "@babel/helper-validator-identifier": "^7.25.9"
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.27.1"
       },
       "engines": {
         "node": ">=6.9.0"
@@ -434,9 +431,9 @@
       }
     },
     "node_modules/@csstools/css-parser-algorithms": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/@csstools/css-parser-algorithms/-/css-parser-algorithms-3.0.4.tgz",
-      "integrity": "sha512-Up7rBoV77rv29d3uKHUIVubz1BTcgyUK72IvCQAbfbMv584xHcGKCKbWh7i8hPrRJ7qU4Y8IO3IY9m+iTB7P3A==",
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/@csstools/css-parser-algorithms/-/css-parser-algorithms-3.0.5.tgz",
+      "integrity": "sha512-DaDeUkXZKjdGhgYaHNJTV9pV7Y9B3b644jCLs9Upc3VeNGg6LWARAT6O+Q+/COo+2gg/bM5rhpMAtf70WqfBdQ==",
       "dev": true,
       "funding": [
         {
@@ -453,13 +450,13 @@
         "node": ">=18"
       },
       "peerDependencies": {
-        "@csstools/css-tokenizer": "^3.0.3"
+        "@csstools/css-tokenizer": "^3.0.4"
       }
     },
     "node_modules/@csstools/css-tokenizer": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@csstools/css-tokenizer/-/css-tokenizer-3.0.3.tgz",
-      "integrity": "sha512-UJnjoFsmxfKUdNYdWgOB0mWUypuLvAfQPH1+pyvRJs6euowbFkFC6P13w1l8mJyi3vxYMxc9kld5jZEGRQs6bw==",
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/@csstools/css-tokenizer/-/css-tokenizer-3.0.4.tgz",
+      "integrity": "sha512-Vd/9EVDiu6PPJt9yAh6roZP6El1xHrdvIVGjyBsHR0RYwNHgL7FJPyIIW4fANJNG6FtyZfvlRPpFI4ZM/lubvw==",
       "dev": true,
       "funding": [
         {
@@ -477,9 +474,9 @@
       }
     },
     "node_modules/@csstools/media-query-list-parser": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/@csstools/media-query-list-parser/-/media-query-list-parser-3.0.1.tgz",
-      "integrity": "sha512-HNo8gGD02kHmcbX6PvCoUuOQvn4szyB9ca63vZHKX5A81QytgDG4oxG4IaEfHTlEZSZ6MjPEMWIVU+zF2PZcgw==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/@csstools/media-query-list-parser/-/media-query-list-parser-4.0.3.tgz",
+      "integrity": "sha512-HAYH7d3TLRHDOUQK4mZKf9k9Ph/m8Akstg66ywKR4SFAigjs3yBiUeZtFxywiTm5moZMAp/5W/ZuFnNXXYLuuQ==",
       "dev": true,
       "funding": [
         {
@@ -496,8 +493,52 @@
         "node": ">=18"
       },
       "peerDependencies": {
-        "@csstools/css-parser-algorithms": "^3.0.1",
-        "@csstools/css-tokenizer": "^3.0.1"
+        "@csstools/css-parser-algorithms": "^3.0.5",
+        "@csstools/css-tokenizer": "^3.0.4"
+      }
+    },
+    "node_modules/@csstools/selector-resolve-nested": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@csstools/selector-resolve-nested/-/selector-resolve-nested-3.1.0.tgz",
+      "integrity": "sha512-mf1LEW0tJLKfWyvn5KdDrhpxHyuxpbNwTIwOYLIvsTffeyOf85j5oIzfG0yosxDgx/sswlqBnESYUcQH0vgZ0g==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/csstools"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/csstools"
+        }
+      ],
+      "license": "MIT-0",
+      "engines": {
+        "node": ">=18"
+      },
+      "peerDependencies": {
+        "postcss-selector-parser": "^7.0.0"
+      }
+    },
+    "node_modules/@csstools/selector-specificity": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@csstools/selector-specificity/-/selector-specificity-5.0.0.tgz",
+      "integrity": "sha512-PCqQV3c4CoVm3kdPhyeZ07VmBRdH2EpMFA/pd9OASpOEC3aXNGoqPDAZ80D0cLpMBxnmk0+yNhGsEx31hq7Gtw==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/csstools"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/csstools"
+        }
+      ],
+      "license": "MIT-0",
+      "engines": {
+        "node": ">=18"
+      },
+      "peerDependencies": {
+        "postcss-selector-parser": "^7.0.0"
       }
     },
     "node_modules/@discoveryjs/json-ext": {
@@ -521,21 +562,21 @@
       }
     },
     "node_modules/@emnapi/core": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.3.1.tgz",
-      "integrity": "sha512-pVGjBIt1Y6gg3EJN8jTcfpP/+uuRksIo055oE/OBkDNcjZqVbfkWCksG1Jp4yZnj3iKWyWX8fdG/j6UDYPbFog==",
+      "version": "1.4.5",
+      "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.4.5.tgz",
+      "integrity": "sha512-XsLw1dEOpkSX/WucdqUhPWP7hDxSvZiY+fsUC14h+FtQ2Ifni4znbBt8punRX+Uj2JG/uDb8nEHVKvrVlvdZ5Q==",
       "dev": true,
       "license": "MIT",
       "optional": true,
       "dependencies": {
-        "@emnapi/wasi-threads": "1.0.1",
+        "@emnapi/wasi-threads": "1.0.4",
         "tslib": "^2.4.0"
       }
     },
     "node_modules/@emnapi/runtime": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.3.1.tgz",
-      "integrity": "sha512-kEBmG8KyqtxJZv+ygbEim+KCGtIq1fC22Ms3S4ziXmYKm8uyoLX0MHONVKwp+9opg390VaKRNt4a7A9NwmpNhw==",
+      "version": "1.4.5",
+      "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.4.5.tgz",
+      "integrity": "sha512-++LApOtY0pEEz1zrd9vy1/zXVaVJJ/EbAF3u0fXIzPJEDtnITsBGbbK0EkM72amhl/R5b+5xx0Y/QhcVOpuulg==",
       "dev": true,
       "license": "MIT",
       "optional": true,
@@ -544,9 +585,9 @@
       }
     },
     "node_modules/@emnapi/wasi-threads": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/@emnapi/wasi-threads/-/wasi-threads-1.0.1.tgz",
-      "integrity": "sha512-iIBu7mwkq4UQGeMEM8bLwNK962nXdhodeScX4slfQnRhEMMzvYivHhutCIk8uojvmASXXPC2WNEjwxFWk72Oqw==",
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/@emnapi/wasi-threads/-/wasi-threads-1.0.4.tgz",
+      "integrity": "sha512-PJR+bOmMOPH8AtcTGAyYNiuJ3/Fcoj2XN/gBEWzDIKh254XO+mM9XoXHk5GNEhodxeMznbg7BlRojVbKN+gC6g==",
       "dev": true,
       "license": "MIT",
       "optional": true,
@@ -555,9 +596,9 @@
       }
     },
     "node_modules/@esbuild/aix-ppc64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.1.tgz",
-      "integrity": "sha512-kfYGy8IdzTGy+z0vFGvExZtxkFlA4zAxgKEahG9KE1ScBjpQnFsNOX8KTU5ojNru5ed5CVoJYXFtoxaq5nFbjQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.8.tgz",
+      "integrity": "sha512-urAvrUedIqEiFR3FYSLTWQgLu5tb+m0qZw0NBEasUeo6wuqatkMDaRT+1uABiGXEu5vqgPd7FGE1BhsAIy9QVA==",
       "cpu": [
         "ppc64"
       ],
@@ -571,9 +612,9 @@
       }
     },
     "node_modules/@esbuild/android-arm": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.1.tgz",
-      "integrity": "sha512-dp+MshLYux6j/JjdqVLnMglQlFu+MuVeNrmT5nk6q07wNhCdSnB7QZj+7G8VMUGh1q+vj2Bq8kRsuyA00I/k+Q==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.8.tgz",
+      "integrity": "sha512-RONsAvGCz5oWyePVnLdZY/HHwA++nxYWIX1atInlaW6SEkwq6XkP3+cb825EUcRs5Vss/lGh/2YxAb5xqc07Uw==",
       "cpu": [
         "arm"
       ],
@@ -587,9 +628,9 @@
       }
     },
     "node_modules/@esbuild/android-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.1.tgz",
-      "integrity": "sha512-50tM0zCJW5kGqgG7fQ7IHvQOcAn9TKiVRuQ/lN0xR+T2lzEFvAi1ZcS8DiksFcEpf1t/GYOeOfCAgDHFpkiSmA==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.8.tgz",
+      "integrity": "sha512-OD3p7LYzWpLhZEyATcTSJ67qB5D+20vbtr6vHlHWSQYhKtzUYrETuWThmzFpZtFsBIxRvhO07+UgVA9m0i/O1w==",
       "cpu": [
         "arm64"
       ],
@@ -603,9 +644,9 @@
       }
     },
     "node_modules/@esbuild/android-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.1.tgz",
-      "integrity": "sha512-GCj6WfUtNldqUzYkN/ITtlhwQqGWu9S45vUXs7EIYf+7rCiiqH9bCloatO9VhxsL0Pji+PF4Lz2XXCES+Q8hDw==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.8.tgz",
+      "integrity": "sha512-yJAVPklM5+4+9dTeKwHOaA+LQkmrKFX96BM0A/2zQrbS6ENCmxc4OVoBs5dPkCCak2roAD+jKCdnmOqKszPkjA==",
       "cpu": [
         "x64"
       ],
@@ -619,9 +660,9 @@
       }
     },
     "node_modules/@esbuild/darwin-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.1.tgz",
-      "integrity": "sha512-5hEZKPf+nQjYoSr/elb62U19/l1mZDdqidGfmFutVUjjUZrOazAtwK+Kr+3y0C/oeJfLlxo9fXb1w7L+P7E4FQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.8.tgz",
+      "integrity": "sha512-Jw0mxgIaYX6R8ODrdkLLPwBqHTtYHJSmzzd+QeytSugzQ0Vg4c5rDky5VgkoowbZQahCbsv1rT1KW72MPIkevw==",
       "cpu": [
         "arm64"
       ],
@@ -635,9 +676,9 @@
       }
     },
     "node_modules/@esbuild/darwin-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.1.tgz",
-      "integrity": "sha512-hxVnwL2Dqs3fM1IWq8Iezh0cX7ZGdVhbTfnOy5uURtao5OIVCEyj9xIzemDi7sRvKsuSdtCAhMKarxqtlyVyfA==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.8.tgz",
+      "integrity": "sha512-Vh2gLxxHnuoQ+GjPNvDSDRpoBCUzY4Pu0kBqMBDlK4fuWbKgGtmDIeEC081xi26PPjn+1tct+Bh8FjyLlw1Zlg==",
       "cpu": [
         "x64"
       ],
@@ -651,9 +692,9 @@
       }
     },
     "node_modules/@esbuild/freebsd-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.1.tgz",
-      "integrity": "sha512-1MrCZs0fZa2g8E+FUo2ipw6jw5qqQiH+tERoS5fAfKnRx6NXH31tXBKI3VpmLijLH6yriMZsxJtaXUyFt/8Y4A==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.8.tgz",
+      "integrity": "sha512-YPJ7hDQ9DnNe5vxOm6jaie9QsTwcKedPvizTVlqWG9GBSq+BuyWEDazlGaDTC5NGU4QJd666V0yqCBL2oWKPfA==",
       "cpu": [
         "arm64"
       ],
@@ -667,9 +708,9 @@
       }
     },
     "node_modules/@esbuild/freebsd-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.1.tgz",
-      "integrity": "sha512-0IZWLiTyz7nm0xuIs0q1Y3QWJC52R8aSXxe40VUxm6BB1RNmkODtW6LHvWRrGiICulcX7ZvyH6h5fqdLu4gkww==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.8.tgz",
+      "integrity": "sha512-MmaEXxQRdXNFsRN/KcIimLnSJrk2r5H8v+WVafRWz5xdSVmWLoITZQXcgehI2ZE6gioE6HirAEToM/RvFBeuhw==",
       "cpu": [
         "x64"
       ],
@@ -683,9 +724,9 @@
       }
     },
     "node_modules/@esbuild/linux-arm": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.1.tgz",
-      "integrity": "sha512-NdKOhS4u7JhDKw9G3cY6sWqFcnLITn6SqivVArbzIaf3cemShqfLGHYMx8Xlm/lBit3/5d7kXvriTUGa5YViuQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.8.tgz",
+      "integrity": "sha512-FuzEP9BixzZohl1kLf76KEVOsxtIBFwCaLupVuk4eFVnOZfU+Wsn+x5Ryam7nILV2pkq2TqQM9EZPsOBuMC+kg==",
       "cpu": [
         "arm"
       ],
@@ -699,9 +740,9 @@
       }
     },
     "node_modules/@esbuild/linux-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.1.tgz",
-      "integrity": "sha512-jaN3dHi0/DDPelk0nLcXRm1q7DNJpjXy7yWaWvbfkPvI+7XNSc/lDOnCLN7gzsyzgu6qSAmgSvP9oXAhP973uQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.8.tgz",
+      "integrity": "sha512-WIgg00ARWv/uYLU7lsuDK00d/hHSfES5BzdWAdAig1ioV5kaFNrtK8EqGcUBJhYqotlUByUKz5Qo6u8tt7iD/w==",
       "cpu": [
         "arm64"
       ],
@@ -715,9 +756,9 @@
       }
     },
     "node_modules/@esbuild/linux-ia32": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.1.tgz",
-      "integrity": "sha512-OJykPaF4v8JidKNGz8c/q1lBO44sQNUQtq1KktJXdBLn1hPod5rE/Hko5ugKKZd+D2+o1a9MFGUEIUwO2YfgkQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.8.tgz",
+      "integrity": "sha512-A1D9YzRX1i+1AJZuFFUMP1E9fMaYY+GnSQil9Tlw05utlE86EKTUA7RjwHDkEitmLYiFsRd9HwKBPEftNdBfjg==",
       "cpu": [
         "ia32"
       ],
@@ -731,9 +772,9 @@
       }
     },
     "node_modules/@esbuild/linux-loong64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.1.tgz",
-      "integrity": "sha512-nGfornQj4dzcq5Vp835oM/o21UMlXzn79KobKlcs3Wz9smwiifknLy4xDCLUU0BWp7b/houtdrgUz7nOGnfIYg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.8.tgz",
+      "integrity": "sha512-O7k1J/dwHkY1RMVvglFHl1HzutGEFFZ3kNiDMSOyUrB7WcoHGf96Sh+64nTRT26l3GMbCW01Ekh/ThKM5iI7hQ==",
       "cpu": [
         "loong64"
       ],
@@ -747,9 +788,9 @@
       }
     },
     "node_modules/@esbuild/linux-mips64el": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.1.tgz",
-      "integrity": "sha512-1osBbPEFYwIE5IVB/0g2X6i1qInZa1aIoj1TdL4AaAb55xIIgbg8Doq6a5BzYWgr+tEcDzYH67XVnTmUzL+nXg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.8.tgz",
+      "integrity": "sha512-uv+dqfRazte3BzfMp8PAQXmdGHQt2oC/y2ovwpTteqrMx2lwaksiFZ/bdkXJC19ttTvNXBuWH53zy/aTj1FgGw==",
       "cpu": [
         "mips64el"
       ],
@@ -763,9 +804,9 @@
       }
     },
     "node_modules/@esbuild/linux-ppc64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.1.tgz",
-      "integrity": "sha512-/6VBJOwUf3TdTvJZ82qF3tbLuWsscd7/1w+D9LH0W/SqUgM5/JJD0lrJ1fVIfZsqB6RFmLCe0Xz3fmZc3WtyVg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.8.tgz",
+      "integrity": "sha512-GyG0KcMi1GBavP5JgAkkstMGyMholMDybAf8wF5A70CALlDM2p/f7YFE7H92eDeH/VBtFJA5MT4nRPDGg4JuzQ==",
       "cpu": [
         "ppc64"
       ],
@@ -779,9 +820,9 @@
       }
     },
     "node_modules/@esbuild/linux-riscv64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.1.tgz",
-      "integrity": "sha512-nSut/Mx5gnilhcq2yIMLMe3Wl4FK5wx/o0QuuCLMtmJn+WeWYoEGDN1ipcN72g1WHsnIbxGXd4i/MF0gTcuAjQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.8.tgz",
+      "integrity": "sha512-rAqDYFv3yzMrq7GIcen3XP7TUEG/4LK86LUPMIz6RT8A6pRIDn0sDcvjudVZBiiTcZCY9y2SgYX2lgK3AF+1eg==",
       "cpu": [
         "riscv64"
       ],
@@ -795,9 +836,9 @@
       }
     },
     "node_modules/@esbuild/linux-s390x": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.1.tgz",
-      "integrity": "sha512-cEECeLlJNfT8kZHqLarDBQso9a27o2Zd2AQ8USAEoGtejOrCYHNtKP8XQhMDJMtthdF4GBmjR2au3x1udADQQQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.8.tgz",
+      "integrity": "sha512-Xutvh6VjlbcHpsIIbwY8GVRbwoviWT19tFhgdA7DlenLGC/mbc3lBoVb7jxj9Z+eyGqvcnSyIltYUrkKzWqSvg==",
       "cpu": [
         "s390x"
       ],
@@ -811,9 +852,9 @@
       }
     },
     "node_modules/@esbuild/linux-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.1.tgz",
-      "integrity": "sha512-xbfUhu/gnvSEg+EGovRc+kjBAkrvtk38RlerAzQxvMzlB4fXpCFCeUAYzJvrnhFtdeyVCDANSjJvOvGYoeKzFA==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.8.tgz",
+      "integrity": "sha512-ASFQhgY4ElXh3nDcOMTkQero4b1lgubskNlhIfJrsH5OKZXDpUAKBlNS0Kx81jwOBp+HCeZqmoJuihTv57/jvQ==",
       "cpu": [
         "x64"
       ],
@@ -827,9 +868,9 @@
       }
     },
     "node_modules/@esbuild/netbsd-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.1.tgz",
-      "integrity": "sha512-O96poM2XGhLtpTh+s4+nP7YCCAfb4tJNRVZHfIE7dgmax+yMP2WgMd2OecBuaATHKTHsLWHQeuaxMRnCsH8+5g==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.8.tgz",
+      "integrity": "sha512-d1KfruIeohqAi6SA+gENMuObDbEjn22olAR7egqnkCD9DGBG0wsEARotkLgXDu6c4ncgWTZJtN5vcgxzWRMzcw==",
       "cpu": [
         "arm64"
       ],
@@ -843,9 +884,9 @@
       }
     },
     "node_modules/@esbuild/netbsd-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.1.tgz",
-      "integrity": "sha512-X53z6uXip6KFXBQ+Krbx25XHV/NCbzryM6ehOAeAil7X7oa4XIq+394PWGnwaSQ2WRA0KI6PUO6hTO5zeF5ijA==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.8.tgz",
+      "integrity": "sha512-nVDCkrvx2ua+XQNyfrujIG38+YGyuy2Ru9kKVNyh5jAys6n+l44tTtToqHjino2My8VAY6Lw9H7RI73XFi66Cg==",
       "cpu": [
         "x64"
       ],
@@ -859,9 +900,9 @@
       }
     },
     "node_modules/@esbuild/openbsd-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.1.tgz",
-      "integrity": "sha512-Na9T3szbXezdzM/Kfs3GcRQNjHzM6GzFBeU1/6IV/npKP5ORtp9zbQjvkDJ47s6BCgaAZnnnu/cY1x342+MvZg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.8.tgz",
+      "integrity": "sha512-j8HgrDuSJFAujkivSMSfPQSAa5Fxbvk4rgNAS5i3K+r8s1X0p1uOO2Hl2xNsGFppOeHOLAVgYwDVlmxhq5h+SQ==",
       "cpu": [
         "arm64"
       ],
@@ -875,9 +916,9 @@
       }
     },
     "node_modules/@esbuild/openbsd-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.1.tgz",
-      "integrity": "sha512-T3H78X2h1tszfRSf+txbt5aOp/e7TAz3ptVKu9Oyir3IAOFPGV6O9c2naym5TOriy1l0nNf6a4X5UXRZSGX/dw==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.8.tgz",
+      "integrity": "sha512-1h8MUAwa0VhNCDp6Af0HToI2TJFAn1uqT9Al6DJVzdIBAd21m/G0Yfc77KDM3uF3T/YaOgQq3qTJHPbTOInaIQ==",
       "cpu": [
         "x64"
       ],
@@ -890,10 +931,26 @@
         "node": ">=18"
       }
     },
+    "node_modules/@esbuild/openharmony-arm64": {
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.8.tgz",
+      "integrity": "sha512-r2nVa5SIK9tSWd0kJd9HCffnDHKchTGikb//9c7HX+r+wHYCpQrSgxhlY6KWV1nFo1l4KFbsMlHk+L6fekLsUg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
     "node_modules/@esbuild/sunos-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.1.tgz",
-      "integrity": "sha512-2H3RUvcmULO7dIE5EWJH8eubZAI4xw54H1ilJnRNZdeo8dTADEZ21w6J22XBkXqGJbe0+wnNJtw3UXRoLJnFEg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.8.tgz",
+      "integrity": "sha512-zUlaP2S12YhQ2UzUfcCuMDHQFJyKABkAjvO5YSndMiIkMimPmxA+BYSBikWgsRpvyxuRnow4nS5NPnf9fpv41w==",
       "cpu": [
         "x64"
       ],
@@ -907,9 +964,9 @@
       }
     },
     "node_modules/@esbuild/win32-arm64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.1.tgz",
-      "integrity": "sha512-GE7XvrdOzrb+yVKB9KsRMq+7a2U/K5Cf/8grVFRAGJmfADr/e/ODQ134RK2/eeHqYV5eQRFxb1hY7Nr15fv1NQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.8.tgz",
+      "integrity": "sha512-YEGFFWESlPva8hGL+zvj2z/SaK+pH0SwOM0Nc/d+rVnW7GSTFlLBGzZkuSU9kFIGIo8q9X3ucpZhu8PDN5A2sQ==",
       "cpu": [
         "arm64"
       ],
@@ -923,9 +980,9 @@
       }
     },
     "node_modules/@esbuild/win32-ia32": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.1.tgz",
-      "integrity": "sha512-uOxSJCIcavSiT6UnBhBzE8wy3n0hOkJsBOzy7HDAuTDE++1DJMRRVCPGisULScHL+a/ZwdXPpXD3IyFKjA7K8A==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.8.tgz",
+      "integrity": "sha512-hiGgGC6KZ5LZz58OL/+qVVoZiuZlUYlYHNAmczOm7bs2oE1XriPFi5ZHHrS8ACpV5EjySrnoCKmcbQMN+ojnHg==",
       "cpu": [
         "ia32"
       ],
@@ -939,9 +996,9 @@
       }
     },
     "node_modules/@esbuild/win32-x64": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.1.tgz",
-      "integrity": "sha512-Y1EQdcfwMSeQN/ujR5VayLOJ1BHaK+ssyk0AEzPjC+t1lITgsnccPqFjb6V+LsTp/9Iov4ysfjxLaGJ9RPtkVg==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.8.tgz",
+      "integrity": "sha512-cn3Yr7+OaaZq1c+2pe+8yxC8E144SReCQjN6/2ynubzYjvyqZjTXfQJpAcQpsdJq3My7XADANiYGHoFC69pLQw==",
       "cpu": [
         "x64"
       ],
@@ -955,9 +1012,9 @@
       }
     },
     "node_modules/@eslint-community/eslint-plugin-eslint-comments": {
-      "version": "4.4.1",
-      "resolved": "https://registry.npmjs.org/@eslint-community/eslint-plugin-eslint-comments/-/eslint-plugin-eslint-comments-4.4.1.tgz",
-      "integrity": "sha512-lb/Z/MzbTf7CaVYM9WCFNQZ4L1yi3ev2fsFPF99h31ljhSEyUoyEsKsNWiU+qD1glbYTDJdqgyaLKtyTkkqtuQ==",
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/@eslint-community/eslint-plugin-eslint-comments/-/eslint-plugin-eslint-comments-4.5.0.tgz",
+      "integrity": "sha512-MAhuTKlr4y/CE3WYX26raZjy+I/kS2PLKSzvfmDCGrBLTFHOYwqROZdr4XwPgXwX3K9rjzMr4pSmUWGnzsUyMg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -975,9 +1032,9 @@
       }
     },
     "node_modules/@eslint-community/eslint-utils": {
-      "version": "4.5.1",
-      "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.5.1.tgz",
-      "integrity": "sha512-soEIOALTfTK6EjmKMMoLugwaP0rzkad90iIWd1hMO9ARkSAyjfMfkRRhLvD5qH7vvM0Cg72pieUfR6yh6XxC4w==",
+      "version": "4.7.0",
+      "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.7.0.tgz",
+      "integrity": "sha512-dyybb3AcajC7uha6CvhdVRJqaKyn7w2YKqKyAN37NKYgZT36w+iRb0Dymmc5qEJ549c/S31cMMSFd75bteCpCw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -1057,17 +1114,6 @@
         "url": "https://github.com/sponsors/epoberezkin"
       }
     },
-    "node_modules/@eslint/eslintrc/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/@eslint/eslintrc/node_modules/eslint-visitor-keys": {
       "version": "3.4.3",
       "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz",
@@ -1149,19 +1195,19 @@
       "license": "MIT"
     },
     "node_modules/@github/relative-time-element": {
-      "version": "4.4.5",
-      "resolved": "https://registry.npmjs.org/@github/relative-time-element/-/relative-time-element-4.4.5.tgz",
-      "integrity": "sha512-9ejPtayBDIJfEU8x1fg/w2o5mahHkkp1SC6uObDtoKs4Gn+2a1vNK8XIiNDD8rMeEfpvDjydgSZZ+uk+7N0VsQ==",
+      "version": "4.4.8",
+      "resolved": "https://registry.npmjs.org/@github/relative-time-element/-/relative-time-element-4.4.8.tgz",
+      "integrity": "sha512-FSLYm6F3TSQnqHE1EMQUVVgi2XjbCvsESwwXfugHFpBnhyF1uhJOtu0Psp/BB/qqazfdkk7f5fVcu7WuXl3t8Q==",
       "license": "MIT"
     },
     "node_modules/@github/text-expander-element": {
-      "version": "2.9.1",
-      "resolved": "https://registry.npmjs.org/@github/text-expander-element/-/text-expander-element-2.9.1.tgz",
-      "integrity": "sha512-T/pCDjB/diMaarmcdc01hP026v0b9lidluyZD5z/EPOExXRdNDqb11kOXevoMZY42WiI3Yhoqsj3nbM+HthLgQ==",
+      "version": "2.9.2",
+      "resolved": "https://registry.npmjs.org/@github/text-expander-element/-/text-expander-element-2.9.2.tgz",
+      "integrity": "sha512-XY8EUMqM4GAloNxXNA1Py1ny+engWwYntbgsnpstQN4piaTI9rIlfYldyd0nnPXhxjGCVqHPmP6yg17Q0/n9Vg==",
       "license": "MIT",
       "dependencies": {
         "@github/combobox-nav": "^2.0.2",
-        "dom-input-range": "^1.2.0"
+        "dom-input-range": "^2.0.0"
       }
     },
     "node_modules/@humanwhocodes/config-array": {
@@ -1180,17 +1226,6 @@
         "node": ">=10.10.0"
       }
     },
-    "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/@humanwhocodes/config-array/node_modules/minimatch": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -1260,6 +1295,27 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/@isaacs/balanced-match": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz",
+      "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==",
+      "license": "MIT",
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
+    "node_modules/@isaacs/brace-expansion": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz",
+      "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==",
+      "license": "MIT",
+      "dependencies": {
+        "@isaacs/balanced-match": "^4.0.1"
+      },
+      "engines": {
+        "node": "20 || >=22"
+      }
+    },
     "node_modules/@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -1351,17 +1407,13 @@
       }
     },
     "node_modules/@jridgewell/gen-mapping": {
-      "version": "0.3.8",
-      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.8.tgz",
-      "integrity": "sha512-imAbBGkb+ebQyxKgzv5Hu2nmROxoDOXHh80evxdoXNOrvAnVx7zimzc1Oo5h9RlfV4vPXaE2iM5pOFbvOCClWA==",
+      "version": "0.3.12",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.12.tgz",
+      "integrity": "sha512-OuLGC46TjB5BbN1dH8JULVVZY4WTdkF7tV9Ys6wLL1rubZnCMstOhNHueU5bLCrnRuDhKPDM4g6sw4Bel5Gzqg==",
       "license": "MIT",
       "dependencies": {
-        "@jridgewell/set-array": "^1.2.1",
-        "@jridgewell/sourcemap-codec": "^1.4.10",
+        "@jridgewell/sourcemap-codec": "^1.5.0",
         "@jridgewell/trace-mapping": "^0.3.24"
-      },
-      "engines": {
-        "node": ">=6.0.0"
       }
     },
     "node_modules/@jridgewell/resolve-uri": {
@@ -1373,19 +1425,10 @@
         "node": ">=6.0.0"
       }
     },
-    "node_modules/@jridgewell/set-array": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz",
-      "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=6.0.0"
-      }
-    },
     "node_modules/@jridgewell/source-map": {
-      "version": "0.3.6",
-      "resolved": "https://registry.npmjs.org/@jridgewell/source-map/-/source-map-0.3.6.tgz",
-      "integrity": "sha512-1ZJTZebgqllO79ue2bm3rIGud/bOe0pP5BjSRCRxxYkEZS8STV7zN84UBbiYu7jy+eCKSnVIUgoWWE/tt+shMQ==",
+      "version": "0.3.10",
+      "resolved": "https://registry.npmjs.org/@jridgewell/source-map/-/source-map-0.3.10.tgz",
+      "integrity": "sha512-0pPkgz9dY+bijgistcTTJ5mR+ocqRXLuhXHYdzoMmmoJ2C9S46RCm2GMUbatPEUK9Yjy26IrAy8D/M00lLkv+Q==",
       "license": "MIT",
       "dependencies": {
         "@jridgewell/gen-mapping": "^0.3.5",
@@ -1393,15 +1436,15 @@
       }
     },
     "node_modules/@jridgewell/sourcemap-codec": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
-      "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+      "version": "1.5.4",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.4.tgz",
+      "integrity": "sha512-VT2+G1VQs/9oz078bLrYbecdZKs912zQlkelYpuf+SXF+QvZDYJlbx/LSx+meSAwdDFnF8FVXW92AVjjkVmgFw==",
       "license": "MIT"
     },
     "node_modules/@jridgewell/trace-mapping": {
-      "version": "0.3.25",
-      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz",
-      "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==",
+      "version": "0.3.29",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.29.tgz",
+      "integrity": "sha512-uw6guiW/gcAGPDhLmd77/6lW8QLeiV5RUTsAX46Db6oLhGaVj4lhnPwb184s1bkc8kdVg/+h988dro8GRDpmYQ==",
       "license": "MIT",
       "dependencies": {
         "@jridgewell/resolve-uri": "^3.1.0",
@@ -1448,39 +1491,11 @@
       }
     },
     "node_modules/@keyv/serialize": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/@keyv/serialize/-/serialize-1.0.3.tgz",
-      "integrity": "sha512-qnEovoOp5Np2JDGonIDL6Ayihw0RhnRh6vxPuHo4RDn1UOzwEo4AeIfpL6UGIrsceWrCMiVPgwRjbHu4vYFc3g==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "buffer": "^6.0.3"
-      }
-    },
-    "node_modules/@keyv/serialize/node_modules/buffer": {
-      "version": "6.0.3",
-      "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
-      "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@keyv/serialize/-/serialize-1.1.0.tgz",
+      "integrity": "sha512-RlDgexML7Z63Q8BSaqhXdCYNBy/JQnqYIwxofUrNLGCblOMHp+xux2Q8nLMLlPpgHQPoU0Do8Z6btCpRBEqZ8g==",
       "dev": true,
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/feross"
-        },
-        {
-          "type": "patreon",
-          "url": "https://www.patreon.com/feross"
-        },
-        {
-          "type": "consulting",
-          "url": "https://feross.org/support"
-        }
-      ],
-      "license": "MIT",
-      "dependencies": {
-        "base64-js": "^1.3.1",
-        "ieee754": "^1.2.1"
-      }
+      "license": "MIT"
     },
     "node_modules/@kurkle/color": {
       "version": "0.3.4",
@@ -1540,25 +1555,25 @@
       }
     },
     "node_modules/@mermaid-js/parser": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/@mermaid-js/parser/-/parser-0.3.0.tgz",
-      "integrity": "sha512-HsvL6zgE5sUPGgkIDlmAWR1HTNHz2Iy11BAWPTa4Jjabkpguy4Ze2gzfLrg6pdRuBvFwgUYyxiaNqZwrEEXepA==",
+      "version": "0.6.2",
+      "resolved": "https://registry.npmjs.org/@mermaid-js/parser/-/parser-0.6.2.tgz",
+      "integrity": "sha512-+PO02uGF6L6Cs0Bw8RpGhikVvMWEysfAyl27qTlroUB8jSWr1lL0Sf6zi78ZxlSnmgSY2AMMKVgghnN9jTtwkQ==",
       "license": "MIT",
       "dependencies": {
-        "langium": "3.0.0"
+        "langium": "3.3.1"
       }
     },
     "node_modules/@napi-rs/wasm-runtime": {
-      "version": "0.2.7",
-      "resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-0.2.7.tgz",
-      "integrity": "sha512-5yximcFK5FNompXfJFoWanu5l8v1hNGqNHh9du1xETp9HWk/B/PzvchX55WYOPaIeNglG8++68AAiauBAtbnzw==",
+      "version": "0.2.12",
+      "resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-0.2.12.tgz",
+      "integrity": "sha512-ZVWUcfwY4E/yPitQJl481FjFo3K22D6qF0DuFH6Y/nbnE11GY5uguDxZMGXPQ8WQ0128MXQD7TnfHyK4oWoIJQ==",
       "dev": true,
       "license": "MIT",
       "optional": true,
       "dependencies": {
-        "@emnapi/core": "^1.3.1",
-        "@emnapi/runtime": "^1.3.1",
-        "@tybys/wasm-util": "^0.9.0"
+        "@emnapi/core": "^1.4.3",
+        "@emnapi/runtime": "^1.4.3",
+        "@tybys/wasm-util": "^0.10.0"
       }
     },
     "node_modules/@nodelib/fs.scandir": {
@@ -1596,16 +1611,6 @@
         "node": ">= 8"
       }
     },
-    "node_modules/@nolyfill/is-core-module": {
-      "version": "1.0.39",
-      "resolved": "https://registry.npmjs.org/@nolyfill/is-core-module/-/is-core-module-1.0.39.tgz",
-      "integrity": "sha512-nn5ozdjYQpUCZlWGuxcJY/KpxkWQs4DcbMCmKojjyrYDEAGy4Ce19NN4v5MduafTwJlbKc99UA8YhSVqq9yPZA==",
-      "dev": true,
-      "license": "MIT",
-      "engines": {
-        "node": ">=12.4.0"
-      }
-    },
     "node_modules/@nolyfill/shared": {
       "version": "1.0.44",
       "resolved": "https://registry.npmjs.org/@nolyfill/shared/-/shared-1.0.44.tgz",
@@ -1613,163 +1618,6 @@
       "dev": true,
       "license": "MIT"
     },
-    "node_modules/@oxc-resolver/binding-darwin-arm64": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-darwin-arm64/-/binding-darwin-arm64-5.0.0.tgz",
-      "integrity": "sha512-zwHAf+owoxSWTDD4dFuwW+FkpaDzbaL30H5Ltocb+RmLyg4WKuteusRLKh5Y8b/cyu7UzhxM0haIqQjyqA1iuA==",
-      "cpu": [
-        "arm64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "darwin"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-darwin-x64": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-darwin-x64/-/binding-darwin-x64-5.0.0.tgz",
-      "integrity": "sha512-1lS3aBNVjVQKBvZdHm13+8tSjvu2Tl1Cv4FnUyMYxqx6+rsom2YaOylS5LhDUwfZu0zAgpLMwK6kGpF/UPncNg==",
-      "cpu": [
-        "x64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "darwin"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-freebsd-x64": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-freebsd-x64/-/binding-freebsd-x64-5.0.0.tgz",
-      "integrity": "sha512-q9sRd68wC1/AJ0eu6ClhxlklVfe8gH4wrUkSyEbIYTZ8zY5yjsLY3fpqqsaCvWJUx65nW+XtnAxCGCi5AXr1Mw==",
-      "cpu": [
-        "x64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "freebsd"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-linux-arm-gnueabihf": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-linux-arm-gnueabihf/-/binding-linux-arm-gnueabihf-5.0.0.tgz",
-      "integrity": "sha512-catYavWsvqViYnCveQjhrK6yVYDEPFvIOgGLxnz5r2dcgrjpmquzREoyss0L2QG/J5HTTbwqwZ1kk+g56hE/1A==",
-      "cpu": [
-        "arm"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "linux"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-linux-arm64-gnu": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-5.0.0.tgz",
-      "integrity": "sha512-l/0pWoQM5kVmJLg4frQ1mKZOXgi0ex/hzvFt8E4WK2ifXr5JgKFUokxsb/oat7f5YzdJJh5r9p+qS/t3dA26Aw==",
-      "cpu": [
-        "arm64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "linux"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-linux-arm64-musl": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-linux-arm64-musl/-/binding-linux-arm64-musl-5.0.0.tgz",
-      "integrity": "sha512-bx0oz/oaAW4FGYqpIIxJCnmgb906YfMhTEWCJvYkxjpEI8VKLJEL3PQevYiqDq36SA0yRLJ/sQK2fqry8AFBfA==",
-      "cpu": [
-        "arm64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "linux"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-linux-x64-gnu": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-linux-x64-gnu/-/binding-linux-x64-gnu-5.0.0.tgz",
-      "integrity": "sha512-4PH++qbSIhlRsFYdN1P9neDov4OGhTGo5nbQ1D7AL6gWFLo3gdZTc00FM2y8JjeTcPWEXkViZuwpuc0w5i6qHg==",
-      "cpu": [
-        "x64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "linux"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-linux-x64-musl": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-linux-x64-musl/-/binding-linux-x64-musl-5.0.0.tgz",
-      "integrity": "sha512-mLfQFpX3/5y9oWi0b+9FbWDkL2hM0Y29653beCHiHxAdGyVgb2DsJbK74WkMTwtSz9by8vyBh8jGPZcg1yLZbQ==",
-      "cpu": [
-        "x64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "linux"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-wasm32-wasi": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-wasm32-wasi/-/binding-wasm32-wasi-5.0.0.tgz",
-      "integrity": "sha512-uEhsAZSo65qsRi6+IfBTEUUFbjg7T2yruJeLYpFfEATpm3ory5Mgo5vx3L0c2/Cz1OUZXBgp3A8x6VMUB2jT2A==",
-      "cpu": [
-        "wasm32"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "dependencies": {
-        "@napi-rs/wasm-runtime": "^0.2.7"
-      },
-      "engines": {
-        "node": ">=14.0.0"
-      }
-    },
-    "node_modules/@oxc-resolver/binding-win32-arm64-msvc": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-win32-arm64-msvc/-/binding-win32-arm64-msvc-5.0.0.tgz",
-      "integrity": "sha512-8DbSso9Jp1ns8AYuZFXdRfAcdJrzZwkFm/RjPuvAPTENsm685dosBF8G6gTHQlHvULnk6o3sa9ygZaTGC/UoEw==",
-      "cpu": [
-        "arm64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "win32"
-      ]
-    },
-    "node_modules/@oxc-resolver/binding-win32-x64-msvc": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@oxc-resolver/binding-win32-x64-msvc/-/binding-win32-x64-msvc-5.0.0.tgz",
-      "integrity": "sha512-ylppfPEg63NuRXOPNsXFlgyl37JrtRn0QMO26X3K3Ytp5HtLrMreQMGVtgr30e1l2YmAWqhvmKlCryOqzGPD/g==",
-      "cpu": [
-        "x64"
-      ],
-      "dev": true,
-      "license": "MIT",
-      "optional": true,
-      "os": [
-        "win32"
-      ]
-    },
     "node_modules/@pkgjs/parseargs": {
       "version": "0.11.0",
       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
@@ -1781,26 +1629,26 @@
       }
     },
     "node_modules/@pkgr/core": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.1.1.tgz",
-      "integrity": "sha512-cq8o4cWH0ibXh9VGi5P20Tu9XF/0fFXl9EUinr9QfTM7a7p0oTA4iJRCQWppXR1Pg8dSM0UCItCkPwsk9qWWYA==",
+      "version": "0.2.9",
+      "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.2.9.tgz",
+      "integrity": "sha512-QNqXyfVS2wm9hweSYD2O7F0G06uurj9kZ96TRQE5Y9hU7+tgdZwIkbAKc5Ocy1HxEY2kuDQa6cQ1WRs/O5LFKA==",
       "dev": true,
       "license": "MIT",
       "engines": {
         "node": "^12.20.0 || ^14.18.0 || >=16.0.0"
       },
       "funding": {
-        "url": "https://opencollective.com/unts"
+        "url": "https://opencollective.com/pkgr"
       }
     },
     "node_modules/@playwright/test": {
-      "version": "1.49.1",
-      "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.49.1.tgz",
-      "integrity": "sha512-Ky+BVzPz8pL6PQxHqNRW1k3mIyv933LML7HktS8uik0bUXNCdPhoS/kLihiO1tMf/egaJb4IutXd7UywvXEW+g==",
+      "version": "1.54.1",
+      "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.54.1.tgz",
+      "integrity": "sha512-FS8hQ12acieG2dYSksmLOF7BNxnVf2afRJdCuM1eMSxj6QTSE6G4InGF7oApGgDb65MX7AwMVlIkpru0yZA4Xw==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "playwright": "1.49.1"
+        "playwright": "1.54.1"
       },
       "bin": {
         "playwright": "cli.js"
@@ -1820,14 +1668,21 @@
       }
     },
     "node_modules/@primer/octicons": {
-      "version": "19.15.1",
-      "resolved": "https://registry.npmjs.org/@primer/octicons/-/octicons-19.15.1.tgz",
-      "integrity": "sha512-2cFLIrfbNvfeAPxmJTr/k7/b5QvIxqM7MeroGrXojDodA2yB1nXyt91Xhu9+2e0CL5ZAe3Vd2/fEf9N9EUiX9A==",
+      "version": "19.15.5",
+      "resolved": "https://registry.npmjs.org/@primer/octicons/-/octicons-19.15.5.tgz",
+      "integrity": "sha512-FCXPTlXlHvAS3rRBd1C/xVBYSYzPPwS8tNcUxnvUYK6L4/d+zUy2KExLtzW+L9xKo2z8J9uY+c1VCsNRf+b4MQ==",
       "license": "MIT",
       "dependencies": {
         "object-assign": "^4.1.1"
       }
     },
+    "node_modules/@rolldown/pluginutils": {
+      "version": "1.0.0-beta.29",
+      "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.0-beta.29.tgz",
+      "integrity": "sha512-NIJgOsMjbxAXvoGq/X0gD7VPMQ8j9g0BiDaNjVNVjvl+iKXxL3Jre0v31RmBYeLEmkbj2s02v8vFTbUXi5XS2Q==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@rollup/plugin-commonjs": {
       "version": "22.0.2",
       "resolved": "https://registry.npmjs.org/@rollup/plugin-commonjs/-/plugin-commonjs-22.0.2.tgz",
@@ -1876,9 +1731,9 @@
       "license": "MIT"
     },
     "node_modules/@rollup/rollup-android-arm-eabi": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.35.0.tgz",
-      "integrity": "sha512-uYQ2WfPaqz5QtVgMxfN6NpLD+no0MYHDBywl7itPYd3K5TjjSghNKmX8ic9S8NU8w81NVhJv/XojcHptRly7qQ==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.46.2.tgz",
+      "integrity": "sha512-Zj3Hl6sN34xJtMv7Anwb5Gu01yujyE/cLBDB2gnHTAHaWS1Z38L7kuSG+oAh0giZMqG060f/YBStXtMH6FvPMA==",
       "cpu": [
         "arm"
       ],
@@ -1890,9 +1745,9 @@
       ]
     },
     "node_modules/@rollup/rollup-android-arm64": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.35.0.tgz",
-      "integrity": "sha512-FtKddj9XZudurLhdJnBl9fl6BwCJ3ky8riCXjEw3/UIbjmIY58ppWwPEvU3fNu+W7FUsAsB1CdH+7EQE6CXAPA==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.46.2.tgz",
+      "integrity": "sha512-nTeCWY83kN64oQ5MGz3CgtPx8NSOhC5lWtsjTs+8JAJNLcP3QbLCtDDgUKQc/Ro/frpMq4SHUaHN6AMltcEoLQ==",
       "cpu": [
         "arm64"
       ],
@@ -1904,9 +1759,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-arm64": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.35.0.tgz",
-      "integrity": "sha512-Uk+GjOJR6CY844/q6r5DR/6lkPFOw0hjfOIzVx22THJXMxktXG6CbejseJFznU8vHcEBLpiXKY3/6xc+cBm65Q==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.46.2.tgz",
+      "integrity": "sha512-HV7bW2Fb/F5KPdM/9bApunQh68YVDU8sO8BvcW9OngQVN3HHHkw99wFupuUJfGR9pYLLAjcAOA6iO+evsbBaPQ==",
       "cpu": [
         "arm64"
       ],
@@ -1918,9 +1773,9 @@
       ]
     },
     "node_modules/@rollup/rollup-darwin-x64": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.35.0.tgz",
-      "integrity": "sha512-3IrHjfAS6Vkp+5bISNQnPogRAW5GAV1n+bNCrDwXmfMHbPl5EhTmWtfmwlJxFRUCBZ+tZ/OxDyU08aF6NI/N5Q==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.46.2.tgz",
+      "integrity": "sha512-SSj8TlYV5nJixSsm/y3QXfhspSiLYP11zpfwp6G/YDXctf3Xkdnk4woJIF5VQe0of2OjzTt8EsxnJDCdHd2xMA==",
       "cpu": [
         "x64"
       ],
@@ -1932,9 +1787,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-arm64": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.35.0.tgz",
-      "integrity": "sha512-sxjoD/6F9cDLSELuLNnY0fOrM9WA0KrM0vWm57XhrIMf5FGiN8D0l7fn+bpUeBSU7dCgPV2oX4zHAsAXyHFGcQ==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.46.2.tgz",
+      "integrity": "sha512-ZyrsG4TIT9xnOlLsSSi9w/X29tCbK1yegE49RYm3tu3wF1L/B6LVMqnEWyDB26d9Ecx9zrmXCiPmIabVuLmNSg==",
       "cpu": [
         "arm64"
       ],
@@ -1946,9 +1801,9 @@
       ]
     },
     "node_modules/@rollup/rollup-freebsd-x64": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.35.0.tgz",
-      "integrity": "sha512-2mpHCeRuD1u/2kruUiHSsnjWtHjqVbzhBkNVQ1aVD63CcexKVcQGwJ2g5VphOd84GvxfSvnnlEyBtQCE5hxVVw==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.46.2.tgz",
+      "integrity": "sha512-pCgHFoOECwVCJ5GFq8+gR8SBKnMO+xe5UEqbemxBpCKYQddRQMgomv1104RnLSg7nNvgKy05sLsY51+OVRyiVw==",
       "cpu": [
         "x64"
       ],
@@ -1960,9 +1815,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.35.0.tgz",
-      "integrity": "sha512-mrA0v3QMy6ZSvEuLs0dMxcO2LnaCONs1Z73GUDBHWbY8tFFocM6yl7YyMu7rz4zS81NDSqhrUuolyZXGi8TEqg==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.46.2.tgz",
+      "integrity": "sha512-EtP8aquZ0xQg0ETFcxUbU71MZlHaw9MChwrQzatiE8U/bvi5uv/oChExXC4mWhjiqK7azGJBqU0tt5H123SzVA==",
       "cpu": [
         "arm"
       ],
@@ -1974,9 +1829,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.35.0.tgz",
-      "integrity": "sha512-DnYhhzcvTAKNexIql8pFajr0PiDGrIsBYPRvCKlA5ixSS3uwo/CWNZxB09jhIapEIg945KOzcYEAGGSmTSpk7A==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.46.2.tgz",
+      "integrity": "sha512-qO7F7U3u1nfxYRPM8HqFtLd+raev2K137dsV08q/LRKRLEc7RsiDWihUnrINdsWQxPR9jqZ8DIIZ1zJJAm5PjQ==",
       "cpu": [
         "arm"
       ],
@@ -1988,9 +1843,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.35.0.tgz",
-      "integrity": "sha512-uagpnH2M2g2b5iLsCTZ35CL1FgyuzzJQ8L9VtlJ+FckBXroTwNOaD0z0/UF+k5K3aNQjbm8LIVpxykUOQt1m/A==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.46.2.tgz",
+      "integrity": "sha512-3dRaqLfcOXYsfvw5xMrxAk9Lb1f395gkoBYzSFcc/scgRFptRXL9DOaDpMiehf9CO8ZDRJW2z45b6fpU5nwjng==",
       "cpu": [
         "arm64"
       ],
@@ -2002,9 +1857,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-arm64-musl": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.35.0.tgz",
-      "integrity": "sha512-XQxVOCd6VJeHQA/7YcqyV0/88N6ysSVzRjJ9I9UA/xXpEsjvAgDTgH3wQYz5bmr7SPtVK2TsP2fQ2N9L4ukoUg==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.46.2.tgz",
+      "integrity": "sha512-fhHFTutA7SM+IrR6lIfiHskxmpmPTJUXpWIsBXpeEwNgZzZZSg/q4i6FU4J8qOGyJ0TR+wXBwx/L7Ho9z0+uDg==",
       "cpu": [
         "arm64"
       ],
@@ -2016,9 +1871,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-loongarch64-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loongarch64-gnu/-/rollup-linux-loongarch64-gnu-4.35.0.tgz",
-      "integrity": "sha512-5pMT5PzfgwcXEwOaSrqVsz/LvjDZt+vQ8RT/70yhPU06PTuq8WaHhfT1LW+cdD7mW6i/J5/XIkX/1tCAkh1W6g==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loongarch64-gnu/-/rollup-linux-loongarch64-gnu-4.46.2.tgz",
+      "integrity": "sha512-i7wfGFXu8x4+FRqPymzjD+Hyav8l95UIZ773j7J7zRYc3Xsxy2wIn4x+llpunexXe6laaO72iEjeeGyUFmjKeA==",
       "cpu": [
         "loong64"
       ],
@@ -2029,10 +1884,10 @@
         "linux"
       ]
     },
-    "node_modules/@rollup/rollup-linux-powerpc64le-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.35.0.tgz",
-      "integrity": "sha512-c+zkcvbhbXF98f4CtEIP1EBA/lCic5xB0lToneZYvMeKu5Kamq3O8gqrxiYYLzlZH6E3Aq+TSW86E4ay8iD8EA==",
+    "node_modules/@rollup/rollup-linux-ppc64-gnu": {
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.46.2.tgz",
+      "integrity": "sha512-B/l0dFcHVUnqcGZWKcWBSV2PF01YUt0Rvlurci5P+neqY/yMKchGU8ullZvIv5e8Y1C6wOn+U03mrDylP5q9Yw==",
       "cpu": [
         "ppc64"
       ],
@@ -2044,9 +1899,23 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.35.0.tgz",
-      "integrity": "sha512-s91fuAHdOwH/Tad2tzTtPX7UZyytHIRR6V4+2IGlV0Cej5rkG0R61SX4l4y9sh0JBibMiploZx3oHKPnQBKe4g==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.46.2.tgz",
+      "integrity": "sha512-32k4ENb5ygtkMwPMucAb8MtV8olkPT03oiTxJbgkJa7lJ7dZMr0GCFJlyvy+K8iq7F/iuOr41ZdUHaOiqyR3iQ==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-musl": {
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.46.2.tgz",
+      "integrity": "sha512-t5B2loThlFEauloaQkZg9gxV05BYeITLvLkWOkRXogP4qHXLkWSbSHKM9S6H1schf/0YGP/qNKtiISlxvfmmZw==",
       "cpu": [
         "riscv64"
       ],
@@ -2058,9 +1927,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-s390x-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.35.0.tgz",
-      "integrity": "sha512-hQRkPQPLYJZYGP+Hj4fR9dDBMIM7zrzJDWFEMPdTnTy95Ljnv0/4w/ixFw3pTBMEuuEuoqtBINYND4M7ujcuQw==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.46.2.tgz",
+      "integrity": "sha512-YKjekwTEKgbB7n17gmODSmJVUIvj8CX7q5442/CK80L8nqOUbMtf8b01QkG3jOqyr1rotrAnW6B/qiHwfcuWQA==",
       "cpu": [
         "s390x"
       ],
@@ -2072,9 +1941,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-gnu": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.35.0.tgz",
-      "integrity": "sha512-Pim1T8rXOri+0HmV4CdKSGrqcBWX0d1HoPnQ0uw0bdp1aP5SdQVNBy8LjYncvnLgu3fnnCt17xjWGd4cqh8/hA==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.46.2.tgz",
+      "integrity": "sha512-Jj5a9RUoe5ra+MEyERkDKLwTXVu6s3aACP51nkfnK9wJTraCC8IMe3snOfALkrjTYd2G1ViE1hICj0fZ7ALBPA==",
       "cpu": [
         "x64"
       ],
@@ -2086,9 +1955,9 @@
       ]
     },
     "node_modules/@rollup/rollup-linux-x64-musl": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.35.0.tgz",
-      "integrity": "sha512-QysqXzYiDvQWfUiTm8XmJNO2zm9yC9P/2Gkrwg2dH9cxotQzunBHYr6jk4SujCTqnfGxduOmQcI7c2ryuW8XVg==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.46.2.tgz",
+      "integrity": "sha512-7kX69DIrBeD7yNp4A5b81izs8BqoZkCIaxQaOpumcJ1S/kmqNFjPhDu1LHeVXv0SexfHQv5cqHsxLOjETuqDuA==",
       "cpu": [
         "x64"
       ],
@@ -2100,9 +1969,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-arm64-msvc": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.35.0.tgz",
-      "integrity": "sha512-OUOlGqPkVJCdJETKOCEf1mw848ZyJ5w50/rZ/3IBQVdLfR5jk/6Sr5m3iO2tdPgwo0x7VcncYuOvMhBWZq8ayg==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.46.2.tgz",
+      "integrity": "sha512-wiJWMIpeaak/jsbaq2HMh/rzZxHVW1rU6coyeNNpMwk5isiPjSTx0a4YLSlYDwBH/WBvLz+EtsNqQScZTLJy3g==",
       "cpu": [
         "arm64"
       ],
@@ -2114,9 +1983,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-ia32-msvc": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.35.0.tgz",
-      "integrity": "sha512-2/lsgejMrtwQe44glq7AFFHLfJBPafpsTa6JvP2NGef/ifOa4KBoglVf7AKN7EV9o32evBPRqfg96fEHzWo5kw==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.46.2.tgz",
+      "integrity": "sha512-gBgaUDESVzMgWZhcyjfs9QFK16D8K6QZpwAaVNJxYDLHWayOta4ZMjGm/vsAEy3hvlS2GosVFlBlP9/Wb85DqQ==",
       "cpu": [
         "ia32"
       ],
@@ -2128,9 +1997,9 @@
       ]
     },
     "node_modules/@rollup/rollup-win32-x64-msvc": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.35.0.tgz",
-      "integrity": "sha512-PIQeY5XDkrOysbQblSW7v3l1MDZzkTEzAfTPkj5VAu3FW8fS4ynyLg2sINp0fp3SjZ8xkRYpLqoKcYqAkhU1dw==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.46.2.tgz",
+      "integrity": "sha512-CvUo2ixeIQGtF6WvuB87XWqPQkoFAFqW+HUo/WzHwuHDvIwZCtjdWXoYCcr06iKGydiqTclC4jU/TNObC/xKZg==",
       "cpu": [
         "x64"
       ],
@@ -2168,6 +2037,16 @@
         "vue": "^3.2.29"
       }
     },
+    "node_modules/@simonwep/pickr": {
+      "version": "1.9.0",
+      "resolved": "https://registry.npmjs.org/@simonwep/pickr/-/pickr-1.9.0.tgz",
+      "integrity": "sha512-oEYvv15PyfZzjoAzvXYt3UyNGwzsrpFxLaZKzkOSd0WYBVwLd19iJerePDONxC1iF6+DpcswPdLIM2KzCJuYFg==",
+      "license": "MIT",
+      "dependencies": {
+        "core-js": "3.32.2",
+        "nanopop": "2.3.0"
+      }
+    },
     "node_modules/@stoplight/better-ajv-errors": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/@stoplight/better-ajv-errors/-/better-ajv-errors-1.0.3.tgz",
@@ -2267,9 +2146,9 @@
       }
     },
     "node_modules/@stoplight/spectral-cli": {
-      "version": "6.14.3",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-cli/-/spectral-cli-6.14.3.tgz",
-      "integrity": "sha512-vKy7d2yqBfOf94uB6KXzujDl6/qjXa8mCQ6cfsQ8xYsoArZN9iBHpS3271hR5IyTm3R1GwMgaSZ1h0sfZjZrZw==",
+      "version": "6.15.0",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-cli/-/spectral-cli-6.15.0.tgz",
+      "integrity": "sha512-FVeQIuqQQnnLfa8vy+oatTKUve7uU+3SaaAfdjpX/B+uB1NcfkKRJYhKT9wMEehDRaMPL5AKIRYMCFerdEbIpw==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2331,9 +2210,9 @@
       }
     },
     "node_modules/@stoplight/spectral-core": {
-      "version": "1.19.5",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-core/-/spectral-core-1.19.5.tgz",
-      "integrity": "sha512-i+njdliW7bAHGsHEgDvH0To/9IxiYiBELltkZ7ASVy4i+WXtZ40lQXpeRQRwePrBcSgQl0gcZFuKX10nmSHtbw==",
+      "version": "1.20.0",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-core/-/spectral-core-1.20.0.tgz",
+      "integrity": "sha512-5hBP81nCC1zn1hJXL/uxPNRKNcB+/pEIHgCjPRpl/w/qy9yC9ver04tw1W0l/PMiv0UeB5dYgozXVQ4j5a6QQQ==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2377,17 +2256,6 @@
         "node": "^12.20 || >=14.13"
       }
     },
-    "node_modules/@stoplight/spectral-core/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/@stoplight/spectral-core/node_modules/minimatch": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -2418,9 +2286,9 @@
       }
     },
     "node_modules/@stoplight/spectral-formatters": {
-      "version": "1.4.3",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-formatters/-/spectral-formatters-1.4.3.tgz",
-      "integrity": "sha512-03Nc6nhjMO9aHhJPgBH4zDwMPklKLWEMtvx+PMmzfStCndMjJkf8ki7O/55u3myZ1TwxBzln9z9tXPLSL3KKhw==",
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-formatters/-/spectral-formatters-1.5.0.tgz",
+      "integrity": "sha512-lR7s41Z00Mf8TdXBBZQ3oi2uR8wqAtR6NO0KA8Ltk4FSpmAy0i6CKUmJG9hZQjanTnGmwpQkT/WP66p1GY3iXA==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2443,9 +2311,9 @@
       }
     },
     "node_modules/@stoplight/spectral-functions": {
-      "version": "1.9.4",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-functions/-/spectral-functions-1.9.4.tgz",
-      "integrity": "sha512-+dgu7QQ1JIZFsNLhNbQLPA9tniIT3KjOc9ORv0LYSCLvZjkWT2bN7vgmathbXsbmhnmhvl15H9sRqUIqzi+qoQ==",
+      "version": "1.10.1",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-functions/-/spectral-functions-1.10.1.tgz",
+      "integrity": "sha512-obu8ZfoHxELOapfGsCJixKZXZcffjg+lSoNuttpmUFuDzVLT3VmH8QkPXfOGOL5Pz80BR35ClNAToDkdnYIURg==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2513,9 +2381,9 @@
       }
     },
     "node_modules/@stoplight/spectral-ruleset-bundler": {
-      "version": "1.6.2",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-ruleset-bundler/-/spectral-ruleset-bundler-1.6.2.tgz",
-      "integrity": "sha512-Tg7y/0e/6yY4hiebh9YLUGa/fHcgI6RyjfBcRGipYU7QDcJUn2UZYSzeC9hggMwT0UiRzdQlch0aEl7L4VL1GQ==",
+      "version": "1.6.3",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-ruleset-bundler/-/spectral-ruleset-bundler-1.6.3.tgz",
+      "integrity": "sha512-AQFRO6OCKg8SZJUupnr3+OzI1LrMieDTEUHsYgmaRpNiDRPvzImE3bzM1KyQg99q58kTQyZ8kpr7sG8Lp94RRA==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2590,9 +2458,9 @@
       "license": "Apache-2.0"
     },
     "node_modules/@stoplight/spectral-rulesets": {
-      "version": "1.21.4",
-      "resolved": "https://registry.npmjs.org/@stoplight/spectral-rulesets/-/spectral-rulesets-1.21.4.tgz",
-      "integrity": "sha512-F03Uf+Rb9FnxfjNeIeB0B/dGDJ+NozRkQZtZ/jryoOu+7Qp7rI1e/BkFWEM3y4Fr0zcNEkpS7bjkXnW4frHPcA==",
+      "version": "1.22.0",
+      "resolved": "https://registry.npmjs.org/@stoplight/spectral-rulesets/-/spectral-rulesets-1.22.0.tgz",
+      "integrity": "sha512-l2EY2jiKKLsvnPfGy+pXC0LeGsbJzcQP5G/AojHgf+cwN//VYxW1Wvv4WKFx/CLmLxc42mJYF2juwWofjWYNIQ==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -2704,26 +2572,25 @@
       }
     },
     "node_modules/@stylistic/stylelint-plugin": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/@stylistic/stylelint-plugin/-/stylelint-plugin-3.1.2.tgz",
-      "integrity": "sha512-tylFJGMQo62alGazK74MNxFjMagYOHmBZiePZFOJK2n13JZta0uVkB3Bh5qodUmOLtRH+uxH297EibK14UKm8g==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@stylistic/stylelint-plugin/-/stylelint-plugin-4.0.0.tgz",
+      "integrity": "sha512-CFwt3K4Y/7bygNCLCQ8Sy4Hzgbhxq3BsNW0FIuYxl17HD3ywptm54ocyeiLVRrk5jtz1Zwks7Xr9eiZt8SWHAw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@csstools/css-parser-algorithms": "^3.0.1",
-        "@csstools/css-tokenizer": "^3.0.1",
-        "@csstools/media-query-list-parser": "^3.0.1",
-        "is-plain-object": "^5.0.0",
-        "postcss-selector-parser": "^6.1.2",
+        "@csstools/css-parser-algorithms": "^3.0.5",
+        "@csstools/css-tokenizer": "^3.0.4",
+        "@csstools/media-query-list-parser": "^4.0.3",
+        "postcss": "^8.5.6",
+        "postcss-selector-parser": "^7.1.0",
         "postcss-value-parser": "^4.2.0",
-        "style-search": "^0.1.0",
-        "stylelint": "^16.8.2"
+        "style-search": "^0.1.0"
       },
       "engines": {
         "node": "^18.12 || >=20.9"
       },
       "peerDependencies": {
-        "stylelint": "^16.8.0"
+        "stylelint": "^16.22.0"
       }
     },
     "node_modules/@swc/helpers": {
@@ -2732,20 +2599,10 @@
       "integrity": "sha512-wpCQMhf5p5GhNg2MmGKXzUNwxe7zRiCsmqYsamez2beP7mKPCSiu+BjZcdN95yYSzO857kr0VfQewmGpS77nqA==",
       "license": "MIT"
     },
-    "node_modules/@trysound/sax": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/@trysound/sax/-/sax-0.2.0.tgz",
-      "integrity": "sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==",
-      "dev": true,
-      "license": "ISC",
-      "engines": {
-        "node": ">=10.13.0"
-      }
-    },
     "node_modules/@tybys/wasm-util": {
-      "version": "0.9.0",
-      "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.9.0.tgz",
-      "integrity": "sha512-6+7nlbMVX/PVDCwaIQ8nTOPveOcFLSt8GcXdx8hD0bt39uWxYT88uXzqTd4fTvqta7oeUJqudepapKNt2DYJFw==",
+      "version": "0.10.0",
+      "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.10.0.tgz",
+      "integrity": "sha512-VyyPYFlOMNylG45GoAe0xDoLwWuowvf92F9kySqzYh8vmYm7D2u4iUJKa1tOUpS70Ku13ASrOkS4ScXFsTaCNQ==",
       "dev": true,
       "license": "MIT",
       "optional": true,
@@ -2753,10 +2610,20 @@
         "tslib": "^2.4.0"
       }
     },
+    "node_modules/@types/chai": {
+      "version": "5.2.2",
+      "resolved": "https://registry.npmjs.org/@types/chai/-/chai-5.2.2.tgz",
+      "integrity": "sha512-8kB30R7Hwqf40JPiKhVzodJs2Qc1ZJ5zuT3uzw5Hq/dhNCl3G3l83jfpdI1e20BP348+fV7VIL/+FxaXkqBmWg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/deep-eql": "*"
+      }
+    },
     "node_modules/@types/codemirror": {
-      "version": "5.60.15",
-      "resolved": "https://registry.npmjs.org/@types/codemirror/-/codemirror-5.60.15.tgz",
-      "integrity": "sha512-dTOvwEQ+ouKJ/rE9LT1Ue2hmP6H1mZv5+CCnNWu2qtiOe2LQa9lCprEY20HxiDmV/Bxh+dXjywmy5aKvoGjULA==",
+      "version": "5.60.16",
+      "resolved": "https://registry.npmjs.org/@types/codemirror/-/codemirror-5.60.16.tgz",
+      "integrity": "sha512-V/yHdamffSS075jit+fDxaOAmdP2liok8NSNJnAZfDJErzOheuygHZEhAJrfmk5TEyM32MhkZjwo/idX791yxw==",
       "license": "MIT",
       "dependencies": {
         "@types/tern": "*"
@@ -2853,9 +2720,9 @@
       "license": "MIT"
     },
     "node_modules/@types/d3-dispatch": {
-      "version": "3.0.6",
-      "resolved": "https://registry.npmjs.org/@types/d3-dispatch/-/d3-dispatch-3.0.6.tgz",
-      "integrity": "sha512-4fvZhzMeeuBJYZXRXrRIQnvUYfyXwYmLsdiN7XXmVNQKKw1cM8a5WdID0g1hVFZDqT9ZqZEY5pD44p24VS7iZQ==",
+      "version": "3.0.7",
+      "resolved": "https://registry.npmjs.org/@types/d3-dispatch/-/d3-dispatch-3.0.7.tgz",
+      "integrity": "sha512-5o9OIAdKkhN1QItV2oqaE5KMIiXAvDWBDPrD85e58Qlz1c1kI/J0NcqbEG88CoTwJrYe7ntUCVfeUl2UJKbWgA==",
       "license": "MIT"
     },
     "node_modules/@types/d3-drag": {
@@ -3025,10 +2892,10 @@
         "@types/ms": "*"
       }
     },
-    "node_modules/@types/doctrine": {
-      "version": "0.0.9",
-      "resolved": "https://registry.npmjs.org/@types/doctrine/-/doctrine-0.0.9.tgz",
-      "integrity": "sha512-eOIHzCUSH7SMfonMG1LsC2f8vxBFtho6NGBznK41R84YzPuvSBzrhEps33IsQiOW9+VL6NQ9DbjQJznk/S4uRA==",
+    "node_modules/@types/deep-eql": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/@types/deep-eql/-/deep-eql-4.0.2.tgz",
+      "integrity": "sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw==",
       "dev": true,
       "license": "MIT"
     },
@@ -3121,9 +2988,9 @@
       "license": "MIT"
     },
     "node_modules/@types/license-checker-webpack-plugin": {
-      "version": "0.2.4",
-      "resolved": "https://registry.npmjs.org/@types/license-checker-webpack-plugin/-/license-checker-webpack-plugin-0.2.4.tgz",
-      "integrity": "sha512-QTWqHJ5T9lgm3vPwWSZnBwAB+15zl4QBfGoNDcjnthHQEP8VTV87fYfp1HVeCtrDip73xWMtasQeA4QHQ0nFLw==",
+      "version": "0.2.5",
+      "resolved": "https://registry.npmjs.org/@types/license-checker-webpack-plugin/-/license-checker-webpack-plugin-0.2.5.tgz",
+      "integrity": "sha512-raj3YPZxjkDlRrJJUq6So+C9i/fqYxUtVZzlXxm6bwwXONOnTHvGCfYmbQhzsHJneiJdlR6mMH76/bvWbZZN8Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3151,12 +3018,12 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "22.13.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.10.tgz",
-      "integrity": "sha512-I6LPUvlRH+O6VRUqYOcMudhaIdUVWfsjnZavnsraHvpBwaEyMN29ry+0UVJhImYL16xsscu0aske3yA+uPOWfw==",
+      "version": "24.1.0",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.1.0.tgz",
+      "integrity": "sha512-ut5FthK5moxFKH2T1CUOC6ctR67rQRvvHdFLCD2Ql6KXmMuCrjsSsRI9UsLCm9M18BMwClv4pn327UvB7eeO1w==",
       "license": "MIT",
       "dependencies": {
-        "undici-types": "~6.20.0"
+        "undici-types": "~7.8.0"
       }
     },
     "node_modules/@types/normalize-package-data": {
@@ -3202,9 +3069,9 @@
       "license": "MIT"
     },
     "node_modules/@types/swagger-ui-dist": {
-      "version": "3.30.5",
-      "resolved": "https://registry.npmjs.org/@types/swagger-ui-dist/-/swagger-ui-dist-3.30.5.tgz",
-      "integrity": "sha512-SrXhD9L8qeIxJzN+o1kmf3wXeVf/+Km3jIdRM1+Yq3I5b/dlF5TcGr5WCVM7I/cBYpgf43/gCPIucQ13AhICiw==",
+      "version": "3.30.6",
+      "resolved": "https://registry.npmjs.org/@types/swagger-ui-dist/-/swagger-ui-dist-3.30.6.tgz",
+      "integrity": "sha512-FVxN7wjLYRtJsZBscOcOcf8oR++m38vbUFjT33Mr9HBuasX9bRDrJsp7iwixcOtKSHEEa2B7o2+4wEiXqC+Ebw==",
       "dev": true,
       "license": "MIT"
     },
@@ -3239,9 +3106,9 @@
       "license": "MIT"
     },
     "node_modules/@types/toastify-js": {
-      "version": "1.12.3",
-      "resolved": "https://registry.npmjs.org/@types/toastify-js/-/toastify-js-1.12.3.tgz",
-      "integrity": "sha512-9RjLlbAHMSaae/KZNHGv19VG4gcLIm3YjvacCXBtfMfYn26h76YP5oxXI8k26q4iKXCB9LNfv18lsoS0JnFPTg==",
+      "version": "1.12.4",
+      "resolved": "https://registry.npmjs.org/@types/toastify-js/-/toastify-js-1.12.4.tgz",
+      "integrity": "sha512-zfZHU4tKffPCnZRe7pjv/eFKzTVHozKewFCKaCjZ4gFinKgJRz/t0bkZiMCXJxPhv/ZoeDGNOeRD09R0kQZ/nw==",
       "dev": true,
       "license": "MIT"
     },
@@ -3304,31 +3171,38 @@
       }
     },
     "node_modules/@types/webpack-sources/node_modules/source-map": {
-      "version": "0.7.4",
-      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.4.tgz",
-      "integrity": "sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA==",
+      "version": "0.7.6",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.6.tgz",
+      "integrity": "sha512-i5uvt8C3ikiWeNZSVZNWcfZPItFQOsYTUAOkcUPGd8DqDy1uOUikjt5dG+uRlwyvR108Fb9DOd4GvXfT0N2/uQ==",
       "dev": true,
       "license": "BSD-3-Clause",
       "engines": {
-        "node": ">= 8"
+        "node": ">= 12"
       }
     },
+    "node_modules/@types/whatwg-mimetype": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/@types/whatwg-mimetype/-/whatwg-mimetype-3.0.2.tgz",
+      "integrity": "sha512-c2AKvDT8ToxLIOUlN51gTiHXflsfIFisS4pO7pDPoKouJCESkhZnEy623gwP9laCy5lnLDAw1vAzu2vM2YLOrA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@typescript-eslint/eslint-plugin": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.26.1.tgz",
-      "integrity": "sha512-2X3mwqsj9Bd3Ciz508ZUtoQQYpOhU/kWoUqIf49H8Z0+Vbh6UF/y0OEYp0Q0axOGzaBGs7QxRwq0knSQ8khQNA==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.38.0.tgz",
+      "integrity": "sha512-CPoznzpuAnIOl4nhj4tRr4gIPj5AfKgkiJmGQDaq+fQnRJTYlcBjbX3wbciGmpoPf8DREufuPRe1tNMZnGdanA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@eslint-community/regexpp": "^4.10.0",
-        "@typescript-eslint/scope-manager": "8.26.1",
-        "@typescript-eslint/type-utils": "8.26.1",
-        "@typescript-eslint/utils": "8.26.1",
-        "@typescript-eslint/visitor-keys": "8.26.1",
+        "@typescript-eslint/scope-manager": "8.38.0",
+        "@typescript-eslint/type-utils": "8.38.0",
+        "@typescript-eslint/utils": "8.38.0",
+        "@typescript-eslint/visitor-keys": "8.38.0",
         "graphemer": "^1.4.0",
-        "ignore": "^5.3.1",
+        "ignore": "^7.0.0",
         "natural-compare": "^1.4.0",
-        "ts-api-utils": "^2.0.1"
+        "ts-api-utils": "^2.1.0"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3338,22 +3212,32 @@
         "url": "https://opencollective.com/typescript-eslint"
       },
       "peerDependencies": {
-        "@typescript-eslint/parser": "^8.0.0 || ^8.0.0-alpha.0",
+        "@typescript-eslint/parser": "^8.38.0",
         "eslint": "^8.57.0 || ^9.0.0",
         "typescript": ">=4.8.4 <5.9.0"
       }
     },
+    "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": {
+      "version": "7.0.5",
+      "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz",
+      "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 4"
+      }
+    },
     "node_modules/@typescript-eslint/parser": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.26.1.tgz",
-      "integrity": "sha512-w6HZUV4NWxqd8BdeFf81t07d7/YV9s7TCWrQQbG5uhuvGUAW+fq1usZ1Hmz9UPNLniFnD8GLSsDpjP0hm1S4lQ==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.38.0.tgz",
+      "integrity": "sha512-Zhy8HCvBUEfBECzIl1PKqF4p11+d0aUJS1GeUiuqK9WmOug8YCmC4h4bjyBvMyAMI9sbRczmrYL5lKg/YMbrcQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@typescript-eslint/scope-manager": "8.26.1",
-        "@typescript-eslint/types": "8.26.1",
-        "@typescript-eslint/typescript-estree": "8.26.1",
-        "@typescript-eslint/visitor-keys": "8.26.1",
+        "@typescript-eslint/scope-manager": "8.38.0",
+        "@typescript-eslint/types": "8.38.0",
+        "@typescript-eslint/typescript-estree": "8.38.0",
+        "@typescript-eslint/visitor-keys": "8.38.0",
         "debug": "^4.3.4"
       },
       "engines": {
@@ -3368,35 +3252,75 @@
         "typescript": ">=4.8.4 <5.9.0"
       }
     },
+    "node_modules/@typescript-eslint/project-service": {
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.38.0.tgz",
+      "integrity": "sha512-dbK7Jvqcb8c9QfH01YB6pORpqX1mn5gDZc9n63Ak/+jD67oWXn3Gs0M6vddAN+eDXBCS5EmNWzbSxsn9SzFWWg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@typescript-eslint/tsconfig-utils": "^8.38.0",
+        "@typescript-eslint/types": "^8.38.0",
+        "debug": "^4.3.4"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/typescript-eslint"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.8.4 <5.9.0"
+      }
+    },
     "node_modules/@typescript-eslint/scope-manager": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.26.1.tgz",
-      "integrity": "sha512-6EIvbE5cNER8sqBu6V7+KeMZIC1664d2Yjt+B9EWUXrsyWpxx4lEZrmvxgSKRC6gX+efDL/UY9OpPZ267io3mg==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.38.0.tgz",
+      "integrity": "sha512-WJw3AVlFFcdT9Ri1xs/lg8LwDqgekWXWhH3iAF+1ZM+QPd7oxQ6jvtW/JPwzAScxitILUIFs0/AnQ/UWHzbATQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@typescript-eslint/types": "8.26.1",
-        "@typescript-eslint/visitor-keys": "8.26.1"
+        "@typescript-eslint/types": "8.38.0",
+        "@typescript-eslint/visitor-keys": "8.38.0"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
       },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/typescript-eslint"
+      }
+    },
+    "node_modules/@typescript-eslint/tsconfig-utils": {
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.38.0.tgz",
+      "integrity": "sha512-Lum9RtSE3EroKk/bYns+sPOodqb2Fv50XOl/gMviMKNvanETUuUcC9ObRbzrJ4VSd2JalPqgSAavwrPiPvnAiQ==",
+      "dev": true,
+      "license": "MIT",
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
       },
       "funding": {
         "type": "opencollective",
         "url": "https://opencollective.com/typescript-eslint"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.8.4 <5.9.0"
       }
     },
     "node_modules/@typescript-eslint/type-utils": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.26.1.tgz",
-      "integrity": "sha512-Kcj/TagJLwoY/5w9JGEFV0dclQdyqw9+VMndxOJKtoFSjfZhLXhYjzsQEeyza03rwHx2vFEGvrJWJBXKleRvZg==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.38.0.tgz",
+      "integrity": "sha512-c7jAvGEZVf0ao2z+nnz8BUaHZD09Agbh+DY7qvBQqLiz8uJzRgVPj5YvOh8I8uEiH8oIUGIfHzMwUcGVco/SJg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@typescript-eslint/typescript-estree": "8.26.1",
-        "@typescript-eslint/utils": "8.26.1",
+        "@typescript-eslint/types": "8.38.0",
+        "@typescript-eslint/typescript-estree": "8.38.0",
+        "@typescript-eslint/utils": "8.38.0",
         "debug": "^4.3.4",
-        "ts-api-utils": "^2.0.1"
+        "ts-api-utils": "^2.1.0"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3411,9 +3335,9 @@
       }
     },
     "node_modules/@typescript-eslint/types": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.26.1.tgz",
-      "integrity": "sha512-n4THUQW27VmQMx+3P+B0Yptl7ydfceUj4ON/AQILAASwgYdZ/2dhfymRMh5egRUrvK5lSmaOm77Ry+lmXPOgBQ==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.38.0.tgz",
+      "integrity": "sha512-wzkUfX3plUqij4YwWaJyqhiPE5UCRVlFpKn1oCRn2O1bJ592XxWJj8ROQ3JD5MYXLORW84063z3tZTb/cs4Tyw==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -3425,20 +3349,22 @@
       }
     },
     "node_modules/@typescript-eslint/typescript-estree": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.26.1.tgz",
-      "integrity": "sha512-yUwPpUHDgdrv1QJ7YQal3cMVBGWfnuCdKbXw1yyjArax3353rEJP1ZA+4F8nOlQ3RfS2hUN/wze3nlY+ZOhvoA==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.38.0.tgz",
+      "integrity": "sha512-fooELKcAKzxux6fA6pxOflpNS0jc+nOQEEOipXFNjSlBS6fqrJOVY/whSn70SScHrcJ2LDsxWrneFoWYSVfqhQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@typescript-eslint/types": "8.26.1",
-        "@typescript-eslint/visitor-keys": "8.26.1",
+        "@typescript-eslint/project-service": "8.38.0",
+        "@typescript-eslint/tsconfig-utils": "8.38.0",
+        "@typescript-eslint/types": "8.38.0",
+        "@typescript-eslint/visitor-keys": "8.38.0",
         "debug": "^4.3.4",
         "fast-glob": "^3.3.2",
         "is-glob": "^4.0.3",
         "minimatch": "^9.0.4",
         "semver": "^7.6.0",
-        "ts-api-utils": "^2.0.1"
+        "ts-api-utils": "^2.1.0"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3451,6 +3377,23 @@
         "typescript": ">=4.8.4 <5.9.0"
       }
     },
+    "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^1.0.0"
+      }
+    },
     "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
       "version": "9.0.5",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
@@ -3468,16 +3411,16 @@
       }
     },
     "node_modules/@typescript-eslint/utils": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.26.1.tgz",
-      "integrity": "sha512-V4Urxa/XtSUroUrnI7q6yUTD3hDtfJ2jzVfeT3VK0ciizfK2q/zGC0iDh1lFMUZR8cImRrep6/q0xd/1ZGPQpg==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.38.0.tgz",
+      "integrity": "sha512-hHcMA86Hgt+ijJlrD8fX0j1j8w4C92zue/8LOPAFioIno+W0+L7KqE8QZKCcPGc/92Vs9x36w/4MPTJhqXdyvg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@eslint-community/eslint-utils": "^4.4.0",
-        "@typescript-eslint/scope-manager": "8.26.1",
-        "@typescript-eslint/types": "8.26.1",
-        "@typescript-eslint/typescript-estree": "8.26.1"
+        "@eslint-community/eslint-utils": "^4.7.0",
+        "@typescript-eslint/scope-manager": "8.38.0",
+        "@typescript-eslint/types": "8.38.0",
+        "@typescript-eslint/typescript-estree": "8.38.0"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3492,14 +3435,14 @@
       }
     },
     "node_modules/@typescript-eslint/visitor-keys": {
-      "version": "8.26.1",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.26.1.tgz",
-      "integrity": "sha512-AjOC3zfnxd6S4Eiy3jwktJPclqhFHNyd8L6Gycf9WUPoKZpgM5PjkxY1X7uSy61xVpiJDhhk7XT2NVsN3ALTWg==",
+      "version": "8.38.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.38.0.tgz",
+      "integrity": "sha512-pWrTcoFNWuwHlA9CvlfSsGWs14JxfN1TH25zM5L7o0pRLhsoZkDnTsXfQRJBEWJoV5DL0jf+Z+sxiud+K0mq1g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@typescript-eslint/types": "8.26.1",
-        "eslint-visitor-keys": "^4.2.0"
+        "@typescript-eslint/types": "8.38.0",
+        "eslint-visitor-keys": "^4.2.1"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -3516,10 +3459,38 @@
       "dev": true,
       "license": "ISC"
     },
-    "node_modules/@unrs/rspack-resolver-binding-darwin-arm64": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-darwin-arm64/-/rspack-resolver-binding-darwin-arm64-1.1.0.tgz",
-      "integrity": "sha512-otdWnJrycP8Ow0rbiKKjhrW7PPeHPoIglYjBruqh75fEwQGV2EmA9oZMgD4YA6g+/hGzD0mXI26YnWL0G0SkTA==",
+    "node_modules/@unrs/resolver-binding-android-arm-eabi": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-android-arm-eabi/-/resolver-binding-android-arm-eabi-1.11.1.tgz",
+      "integrity": "sha512-ppLRUgHVaGRWUx0R0Ut06Mjo9gBaBkg3v/8AxusGLhsIotbBLuRk51rAzqLC8gq6NyyAojEXglNjzf6R948DNw==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-android-arm64": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-android-arm64/-/resolver-binding-android-arm64-1.11.1.tgz",
+      "integrity": "sha512-lCxkVtb4wp1v+EoN+HjIG9cIIzPkX5OtM03pQYkG+U5O/wL53LC4QbIeazgiKqluGeVEeBlZahHalCaBvU1a2g==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-darwin-arm64": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-darwin-arm64/-/resolver-binding-darwin-arm64-1.11.1.tgz",
+      "integrity": "sha512-gPVA1UjRu1Y/IsB/dQEsp2V1pm44Of6+LWvbLc9SDk1c2KhhDRDBUkQCYVWe6f26uJb3fOK8saWMgtX8IrMk3g==",
       "cpu": [
         "arm64"
       ],
@@ -3530,10 +3501,10 @@
         "darwin"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-darwin-x64": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-darwin-x64/-/rspack-resolver-binding-darwin-x64-1.1.0.tgz",
-      "integrity": "sha512-MqHyrtIw2ra0KZlniDITROq6rEiMsBnaJtQDYLNDv/y+pvPSXdB3VveZCwSldXJ9TrST2b3NnIbmehljjsMVhg==",
+    "node_modules/@unrs/resolver-binding-darwin-x64": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-darwin-x64/-/resolver-binding-darwin-x64-1.11.1.tgz",
+      "integrity": "sha512-cFzP7rWKd3lZaCsDze07QX1SC24lO8mPty9vdP+YVa3MGdVgPmFc59317b2ioXtgCMKGiCLxJ4HQs62oz6GfRQ==",
       "cpu": [
         "x64"
       ],
@@ -3544,10 +3515,10 @@
         "darwin"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-freebsd-x64": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-freebsd-x64/-/rspack-resolver-binding-freebsd-x64-1.1.0.tgz",
-      "integrity": "sha512-bopyOqmtWn8np1d4iN90PE1tYHopdWwei7mK8/8mf4qhc99f7WRNXtWa1MoL5sjN3DWef3jvr0+MGnMS9MTfJA==",
+    "node_modules/@unrs/resolver-binding-freebsd-x64": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-freebsd-x64/-/resolver-binding-freebsd-x64-1.11.1.tgz",
+      "integrity": "sha512-fqtGgak3zX4DCB6PFpsH5+Kmt/8CIi4Bry4rb1ho6Av2QHTREM+47y282Uqiu3ZRF5IQioJQ5qWRV6jduA+iGw==",
       "cpu": [
         "x64"
       ],
@@ -3558,10 +3529,10 @@
         "freebsd"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-linux-arm-gnueabihf": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-linux-arm-gnueabihf/-/rspack-resolver-binding-linux-arm-gnueabihf-1.1.0.tgz",
-      "integrity": "sha512-XldXRkQurDBXCiCuIaWcqOX6UtvjFW8O3CH/kFEZxNJISOAt+ztgyRQRxYhf+T1p18R4boripKmWKEE0uBCiYw==",
+    "node_modules/@unrs/resolver-binding-linux-arm-gnueabihf": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm-gnueabihf/-/resolver-binding-linux-arm-gnueabihf-1.11.1.tgz",
+      "integrity": "sha512-u92mvlcYtp9MRKmP+ZvMmtPN34+/3lMHlyMj7wXJDeXxuM0Vgzz0+PPJNsro1m3IZPYChIkn944wW8TYgGKFHw==",
       "cpu": [
         "arm"
       ],
@@ -3572,10 +3543,24 @@
         "linux"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-linux-arm64-gnu": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-linux-arm64-gnu/-/rspack-resolver-binding-linux-arm64-gnu-1.1.0.tgz",
-      "integrity": "sha512-8zubI4MY3whPfLNHEiJ0TeSC5eSmNVWTEGAeMGALCUQtVD9TyZTd6wGwWrQVRN7ESIapWUSChkPLr+Bi13d9sQ==",
+    "node_modules/@unrs/resolver-binding-linux-arm-musleabihf": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm-musleabihf/-/resolver-binding-linux-arm-musleabihf-1.11.1.tgz",
+      "integrity": "sha512-cINaoY2z7LVCrfHkIcmvj7osTOtm6VVT16b5oQdS4beibX2SYBwgYLmqhBjA1t51CarSaBuX5YNsWLjsqfW5Cw==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-linux-arm64-gnu": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm64-gnu/-/resolver-binding-linux-arm64-gnu-1.11.1.tgz",
+      "integrity": "sha512-34gw7PjDGB9JgePJEmhEqBhWvCiiWCuXsL9hYphDF7crW7UgI05gyBAi6MF58uGcMOiOqSJ2ybEeCvHcq0BCmQ==",
       "cpu": [
         "arm64"
       ],
@@ -3586,10 +3571,10 @@
         "linux"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-linux-arm64-musl": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-linux-arm64-musl/-/rspack-resolver-binding-linux-arm64-musl-1.1.0.tgz",
-      "integrity": "sha512-+GAyOhl8KPqJsILpHTB/mMc4hfOwI4INed8VAZnSvdaL0ec3Sz/6UXEeTtucW1fWhwaP3lVlpjv2xuRhOCjehA==",
+    "node_modules/@unrs/resolver-binding-linux-arm64-musl": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm64-musl/-/resolver-binding-linux-arm64-musl-1.11.1.tgz",
+      "integrity": "sha512-RyMIx6Uf53hhOtJDIamSbTskA99sPHS96wxVE/bJtePJJtpdKGXO1wY90oRdXuYOGOTuqjT8ACccMc4K6QmT3w==",
       "cpu": [
         "arm64"
       ],
@@ -3600,10 +3585,66 @@
         "linux"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-linux-x64-gnu": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-linux-x64-gnu/-/rspack-resolver-binding-linux-x64-gnu-1.1.0.tgz",
-      "integrity": "sha512-0zoy6UwRFoto5boJKGjgDpA+4kv+G1kysgrAe0KVefJXOnDNJlfgcV7mOV2O9J+FqtIQsXvzmOJxDB9e1Hhbzw==",
+    "node_modules/@unrs/resolver-binding-linux-ppc64-gnu": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-ppc64-gnu/-/resolver-binding-linux-ppc64-gnu-1.11.1.tgz",
+      "integrity": "sha512-D8Vae74A4/a+mZH0FbOkFJL9DSK2R6TFPC9M+jCWYia/q2einCubX10pecpDiTmkJVUH+y8K3BZClycD8nCShA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-linux-riscv64-gnu": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-riscv64-gnu/-/resolver-binding-linux-riscv64-gnu-1.11.1.tgz",
+      "integrity": "sha512-frxL4OrzOWVVsOc96+V3aqTIQl1O2TjgExV4EKgRY09AJ9leZpEg8Ak9phadbuX0BA4k8U5qtvMSQQGGmaJqcQ==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-linux-riscv64-musl": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-riscv64-musl/-/resolver-binding-linux-riscv64-musl-1.11.1.tgz",
+      "integrity": "sha512-mJ5vuDaIZ+l/acv01sHoXfpnyrNKOk/3aDoEdLO/Xtn9HuZlDD6jKxHlkN8ZhWyLJsRBxfv9GYM2utQ1SChKew==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-linux-s390x-gnu": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-s390x-gnu/-/resolver-binding-linux-s390x-gnu-1.11.1.tgz",
+      "integrity": "sha512-kELo8ebBVtb9sA7rMe1Cph4QHreByhaZ2QEADd9NzIQsYNQpt9UkM9iqr2lhGr5afh885d/cB5QeTXSbZHTYPg==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-linux-x64-gnu": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-x64-gnu/-/resolver-binding-linux-x64-gnu-1.11.1.tgz",
+      "integrity": "sha512-C3ZAHugKgovV5YvAMsxhq0gtXuwESUKc5MhEtjBpLoHPLYM+iuwSj3lflFwK3DPm68660rZ7G8BMcwSro7hD5w==",
       "cpu": [
         "x64"
       ],
@@ -3614,10 +3655,10 @@
         "linux"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-linux-x64-musl": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-linux-x64-musl/-/rspack-resolver-binding-linux-x64-musl-1.1.0.tgz",
-      "integrity": "sha512-XjC+aZKi+X+ma5e6yaVTvojK0v0kxfikbP1dB0klx80NjCW9KRrldiZxAo7ME8Tb4a7Fz0J6PDOVzd9tFYwkQQ==",
+    "node_modules/@unrs/resolver-binding-linux-x64-musl": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-x64-musl/-/resolver-binding-linux-x64-musl-1.11.1.tgz",
+      "integrity": "sha512-rV0YSoyhK2nZ4vEswT/QwqzqQXw5I6CjoaYMOX0TqBlWhojUf8P94mvI7nuJTeaCkkds3QE4+zS8Ko+GdXuZtA==",
       "cpu": [
         "x64"
       ],
@@ -3628,10 +3669,10 @@
         "linux"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-wasm32-wasi": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-wasm32-wasi/-/rspack-resolver-binding-wasm32-wasi-1.1.0.tgz",
-      "integrity": "sha512-eVBK4z9VN3vahAh2+bQBl+vs9JgWEF1xeccilDcerGNkmlFHB1My5++sbeZzou+DExkioVAdfK+uVyVnHS4k7Q==",
+    "node_modules/@unrs/resolver-binding-wasm32-wasi": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-wasm32-wasi/-/resolver-binding-wasm32-wasi-1.11.1.tgz",
+      "integrity": "sha512-5u4RkfxJm+Ng7IWgkzi3qrFOvLvQYnPBmjmZQ8+szTK/b31fQCnleNl1GgEt7nIsZRIf5PLhPwT0WM+q45x/UQ==",
       "cpu": [
         "wasm32"
       ],
@@ -3639,16 +3680,16 @@
       "license": "MIT",
       "optional": true,
       "dependencies": {
-        "@napi-rs/wasm-runtime": "^0.2.7"
+        "@napi-rs/wasm-runtime": "^0.2.11"
       },
       "engines": {
         "node": ">=14.0.0"
       }
     },
-    "node_modules/@unrs/rspack-resolver-binding-win32-arm64-msvc": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-win32-arm64-msvc/-/rspack-resolver-binding-win32-arm64-msvc-1.1.0.tgz",
-      "integrity": "sha512-ktm/CnSKOt/Wwdi2SBECLPJ+gL5oaw8LDHG4IfOQO5oT6qlIP0DaOUPrTf8g/WTlLnSp4TryDBM0B/gGla3LEw==",
+    "node_modules/@unrs/resolver-binding-win32-arm64-msvc": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-arm64-msvc/-/resolver-binding-win32-arm64-msvc-1.11.1.tgz",
+      "integrity": "sha512-nRcz5Il4ln0kMhfL8S3hLkxI85BXs3o8EYoattsJNdsX4YUU89iOkVn7g0VHSRxFuVMdM4Q1jEpIId1Ihim/Uw==",
       "cpu": [
         "arm64"
       ],
@@ -3659,10 +3700,24 @@
         "win32"
       ]
     },
-    "node_modules/@unrs/rspack-resolver-binding-win32-x64-msvc": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@unrs/rspack-resolver-binding-win32-x64-msvc/-/rspack-resolver-binding-win32-x64-msvc-1.1.0.tgz",
-      "integrity": "sha512-cdMid8RdR6XaQ5uAudzdu9Ydl3HbYjiwpsh+X01APmTZG2ph7OeaRTozW4F8ScUHkPHfrYedv9McICbHxgBvXQ==",
+    "node_modules/@unrs/resolver-binding-win32-ia32-msvc": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-ia32-msvc/-/resolver-binding-win32-ia32-msvc-1.11.1.tgz",
+      "integrity": "sha512-DCEI6t5i1NmAZp6pFonpD5m7i6aFrpofcp4LA2i8IIq60Jyo28hamKBxNrZcyOwVOZkgsRp9O2sXWBWP8MnvIQ==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@unrs/resolver-binding-win32-x64-msvc": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-x64-msvc/-/resolver-binding-win32-x64-msvc-1.11.1.tgz",
+      "integrity": "sha512-lrW200hZdbfRtztbygyaq/6jP6AKE8qQN2KvPcJ+x7wiD038YtnYtZ82IMNJ69GJibV7bwL3y9FgK+5w/pYt6g==",
       "cpu": [
         "x64"
       ],
@@ -3674,27 +3729,32 @@
       ]
     },
     "node_modules/@vitejs/plugin-vue": {
-      "version": "5.2.1",
-      "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-5.2.1.tgz",
-      "integrity": "sha512-cxh314tzaWwOLqVes2gnnCtvBDcM1UMdn+iFR+UjAn411dPT3tOmqrJjbMd7koZpMAmBM/GqeV4n9ge7JSiJJQ==",
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-6.0.1.tgz",
+      "integrity": "sha512-+MaE752hU0wfPFJEUAIxqw18+20euHHdxVtMvbFcOEpjEyfqXH/5DCoTHiVJ0J29EhTJdoTkjEv5YBKU9dnoTw==",
       "dev": true,
       "license": "MIT",
+      "dependencies": {
+        "@rolldown/pluginutils": "1.0.0-beta.29"
+      },
       "engines": {
-        "node": "^18.0.0 || >=20.0.0"
+        "node": "^20.19.0 || >=22.12.0"
       },
       "peerDependencies": {
-        "vite": "^5.0.0 || ^6.0.0",
+        "vite": "^5.0.0 || ^6.0.0 || ^7.0.0",
         "vue": "^3.2.25"
       }
     },
     "node_modules/@vitest/eslint-plugin": {
-      "version": "1.1.37",
-      "resolved": "https://registry.npmjs.org/@vitest/eslint-plugin/-/eslint-plugin-1.1.37.tgz",
-      "integrity": "sha512-cnlBV8zr0oaBu1Vk6ruqWzpPzFCtwY0yuwUQpNIeFOUl3UhXVwNUoOYfWkZzeToGuNBaXvIsr6/RgHrXiHXqXA==",
+      "version": "1.3.4",
+      "resolved": "https://registry.npmjs.org/@vitest/eslint-plugin/-/eslint-plugin-1.3.4.tgz",
+      "integrity": "sha512-EOg8d0jn3BAiKnR55WkFxmxfWA3nmzrbIIuOXyTe6A72duryNgyU+bdBEauA97Aab3ho9kLmAwgPX63Ckj4QEg==",
       "dev": true,
       "license": "MIT",
+      "dependencies": {
+        "@typescript-eslint/utils": "^8.24.1"
+      },
       "peerDependencies": {
-        "@typescript-eslint/utils": "^8.24.0",
         "eslint": ">= 8.57.0",
         "typescript": ">= 5.0.0",
         "vitest": "*"
@@ -3709,14 +3769,15 @@
       }
     },
     "node_modules/@vitest/expect": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-3.0.8.tgz",
-      "integrity": "sha512-Xu6TTIavTvSSS6LZaA3EebWFr6tsoXPetOWNMOlc7LO88QVVBwq2oQWBoDiLCN6YTvNYsGSjqOO8CAdjom5DCQ==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-3.2.4.tgz",
+      "integrity": "sha512-Io0yyORnB6sikFlt8QW5K7slY4OjqNX9jmJQ02QDda8lyM6B5oNgVWoSoKPac8/kgnCUzuHQKrSLtu/uOqqrig==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/spy": "3.0.8",
-        "@vitest/utils": "3.0.8",
+        "@types/chai": "^5.2.2",
+        "@vitest/spy": "3.2.4",
+        "@vitest/utils": "3.2.4",
         "chai": "^5.2.0",
         "tinyrainbow": "^2.0.0"
       },
@@ -3725,13 +3786,13 @@
       }
     },
     "node_modules/@vitest/mocker": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-3.0.8.tgz",
-      "integrity": "sha512-n3LjS7fcW1BCoF+zWZxG7/5XvuYH+lsFg+BDwwAz0arIwHQJFUEsKBQ0BLU49fCxuM/2HSeBPHQD8WjgrxMfow==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-3.2.4.tgz",
+      "integrity": "sha512-46ryTE9RZO/rfDd7pEqFl7etuyzekzEhUbTW3BvmeO/BcCMEgq59BKhek3dXDWgAj4oMK6OZi+vRr1wPW6qjEQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/spy": "3.0.8",
+        "@vitest/spy": "3.2.4",
         "estree-walker": "^3.0.3",
         "magic-string": "^0.30.17"
       },
@@ -3740,7 +3801,7 @@
       },
       "peerDependencies": {
         "msw": "^2.4.9",
-        "vite": "^5.0.0 || ^6.0.0"
+        "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0"
       },
       "peerDependenciesMeta": {
         "msw": {
@@ -3752,9 +3813,9 @@
       }
     },
     "node_modules/@vitest/mocker/node_modules/@types/estree": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz",
-      "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==",
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
       "dev": true,
       "license": "MIT"
     },
@@ -3779,9 +3840,9 @@
       }
     },
     "node_modules/@vitest/pretty-format": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.0.8.tgz",
-      "integrity": "sha512-BNqwbEyitFhzYMYHUVbIvepOyeQOSFA/NeJMIP9enMntkkxLgOcgABH6fjyXG85ipTgvero6noreavGIqfJcIg==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz",
+      "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -3792,27 +3853,28 @@
       }
     },
     "node_modules/@vitest/runner": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-3.0.8.tgz",
-      "integrity": "sha512-c7UUw6gEcOzI8fih+uaAXS5DwjlBaCJUo7KJ4VvJcjL95+DSR1kova2hFuRt3w41KZEFcOEiq098KkyrjXeM5w==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-3.2.4.tgz",
+      "integrity": "sha512-oukfKT9Mk41LreEW09vt45f8wx7DordoWUZMYdY/cyAk7w5TWkTRCNZYF7sX7n2wB7jyGAl74OxgwhPgKaqDMQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/utils": "3.0.8",
-        "pathe": "^2.0.3"
+        "@vitest/utils": "3.2.4",
+        "pathe": "^2.0.3",
+        "strip-literal": "^3.0.0"
       },
       "funding": {
         "url": "https://opencollective.com/vitest"
       }
     },
     "node_modules/@vitest/snapshot": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.0.8.tgz",
-      "integrity": "sha512-x8IlMGSEMugakInj44nUrLSILh/zy1f2/BgH0UeHpNyOocG18M9CWVIFBaXPt8TrqVZWmcPjwfG/ht5tnpba8A==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz",
+      "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/pretty-format": "3.0.8",
+        "@vitest/pretty-format": "3.2.4",
         "magic-string": "^0.30.17",
         "pathe": "^2.0.3"
       },
@@ -3831,27 +3893,27 @@
       }
     },
     "node_modules/@vitest/spy": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-3.0.8.tgz",
-      "integrity": "sha512-MR+PzJa+22vFKYb934CejhR4BeRpMSoxkvNoDit68GQxRLSf11aT6CTj3XaqUU9rxgWJFnqicN/wxw6yBRkI1Q==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-3.2.4.tgz",
+      "integrity": "sha512-vAfasCOe6AIK70iP5UD11Ac4siNUNJ9i/9PZ3NKx07sG6sUxeag1LWdNrMWeKKYBLlzuK+Gn65Yd5nyL6ds+nw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "tinyspy": "^3.0.2"
+        "tinyspy": "^4.0.3"
       },
       "funding": {
         "url": "https://opencollective.com/vitest"
       }
     },
     "node_modules/@vitest/utils": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-3.0.8.tgz",
-      "integrity": "sha512-nkBC3aEhfX2PdtQI/QwAWp8qZWwzASsU4Npbcd5RdMPBSSLCpkZp52P3xku3s3uA0HIEhGvEcF8rNkBsz9dQ4Q==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-3.2.4.tgz",
+      "integrity": "sha512-fB2V0JFrQSMsCo9HiSq3Ezpdv4iYaXRG1Sx8edX3MwxfyNn83mKiGzOcH+Fkxt4MHxr3y42fQi1oeAInqgX2QA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/pretty-format": "3.0.8",
-        "loupe": "^3.1.3",
+        "@vitest/pretty-format": "3.2.4",
+        "loupe": "^3.1.4",
         "tinyrainbow": "^2.0.0"
       },
       "funding": {
@@ -3859,72 +3921,72 @@
       }
     },
     "node_modules/@volar/language-core": {
-      "version": "2.4.12",
-      "resolved": "https://registry.npmjs.org/@volar/language-core/-/language-core-2.4.12.tgz",
-      "integrity": "sha512-RLrFdXEaQBWfSnYGVxvR2WrO6Bub0unkdHYIdC31HzIEqATIuuhRRzYu76iGPZ6OtA4Au1SnW0ZwIqPP217YhA==",
+      "version": "2.4.20",
+      "resolved": "https://registry.npmjs.org/@volar/language-core/-/language-core-2.4.20.tgz",
+      "integrity": "sha512-dRDF1G33xaAIDqR6+mXUIjXYdu9vzSxlMGfMEwBxQsfY/JMUEXSpLTR057oTKlUQ2nIvCmP9k94A8h8z2VrNSA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@volar/source-map": "2.4.12"
+        "@volar/source-map": "2.4.20"
       }
     },
     "node_modules/@volar/source-map": {
-      "version": "2.4.12",
-      "resolved": "https://registry.npmjs.org/@volar/source-map/-/source-map-2.4.12.tgz",
-      "integrity": "sha512-bUFIKvn2U0AWojOaqf63ER0N/iHIBYZPpNGogfLPQ68F5Eet6FnLlyho7BS0y2HJ1jFhSif7AcuTx1TqsCzRzw==",
+      "version": "2.4.20",
+      "resolved": "https://registry.npmjs.org/@volar/source-map/-/source-map-2.4.20.tgz",
+      "integrity": "sha512-mVjmFQH8mC+nUaVwmbxoYUy8cww+abaO8dWzqPUjilsavjxH0jCJ3Mp8HFuHsdewZs2c+SP+EO7hCd8Z92whJg==",
       "dev": true,
       "license": "MIT"
     },
     "node_modules/@volar/typescript": {
-      "version": "2.4.12",
-      "resolved": "https://registry.npmjs.org/@volar/typescript/-/typescript-2.4.12.tgz",
-      "integrity": "sha512-HJB73OTJDgPc80K30wxi3if4fSsZZAOScbj2fcicMuOPoOkcf9NNAINb33o+DzhBdF9xTKC1gnPmIRDous5S0g==",
+      "version": "2.4.20",
+      "resolved": "https://registry.npmjs.org/@volar/typescript/-/typescript-2.4.20.tgz",
+      "integrity": "sha512-Oc4DczPwQyXcVbd+5RsNEqX6ia0+w3p+klwdZQ6ZKhFjWoBP9PCPQYlKYRi/tDemWphW93P/Vv13vcE9I9D2GQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@volar/language-core": "2.4.12",
+        "@volar/language-core": "2.4.20",
         "path-browserify": "^1.0.1",
         "vscode-uri": "^3.0.8"
       }
     },
     "node_modules/@vue/compiler-core": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.5.13.tgz",
-      "integrity": "sha512-oOdAkwqUfW1WqpwSYJce06wvt6HljgY3fGeM9NcVA1HaYOij3mZG9Rkysn0OHuyUAGMbEbARIpsG+LPVlBJ5/Q==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.5.18.tgz",
+      "integrity": "sha512-3slwjQrrV1TO8MoXgy3aynDQ7lslj5UqDxuHnrzHtpON5CBinhWjJETciPngpin/T3OuW3tXUf86tEurusnztw==",
       "license": "MIT",
       "dependencies": {
-        "@babel/parser": "^7.25.3",
-        "@vue/shared": "3.5.13",
+        "@babel/parser": "^7.28.0",
+        "@vue/shared": "3.5.18",
         "entities": "^4.5.0",
         "estree-walker": "^2.0.2",
-        "source-map-js": "^1.2.0"
+        "source-map-js": "^1.2.1"
       }
     },
     "node_modules/@vue/compiler-dom": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.5.13.tgz",
-      "integrity": "sha512-ZOJ46sMOKUjO3e94wPdCzQ6P1Lx/vhp2RSvfaab88Ajexs0AHeV0uasYhi99WPaogmBlRHNRuly8xV75cNTMDA==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.5.18.tgz",
+      "integrity": "sha512-RMbU6NTU70++B1JyVJbNbeFkK+A+Q7y9XKE2EM4NLGm2WFR8x9MbAtWxPPLdm0wUkuZv9trpwfSlL6tjdIa1+A==",
       "license": "MIT",
       "dependencies": {
-        "@vue/compiler-core": "3.5.13",
-        "@vue/shared": "3.5.13"
+        "@vue/compiler-core": "3.5.18",
+        "@vue/shared": "3.5.18"
       }
     },
     "node_modules/@vue/compiler-sfc": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.5.13.tgz",
-      "integrity": "sha512-6VdaljMpD82w6c2749Zhf5T9u5uLBWKnVue6XWxprDobftnletJ8+oel7sexFfM3qIxNmVE7LSFGTpv6obNyaQ==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.5.18.tgz",
+      "integrity": "sha512-5aBjvGqsWs+MoxswZPoTB9nSDb3dhd1x30xrrltKujlCxo48j8HGDNj3QPhF4VIS0VQDUrA1xUfp2hEa+FNyXA==",
       "license": "MIT",
       "dependencies": {
-        "@babel/parser": "^7.25.3",
-        "@vue/compiler-core": "3.5.13",
-        "@vue/compiler-dom": "3.5.13",
-        "@vue/compiler-ssr": "3.5.13",
-        "@vue/shared": "3.5.13",
+        "@babel/parser": "^7.28.0",
+        "@vue/compiler-core": "3.5.18",
+        "@vue/compiler-dom": "3.5.18",
+        "@vue/compiler-ssr": "3.5.18",
+        "@vue/shared": "3.5.18",
         "estree-walker": "^2.0.2",
-        "magic-string": "^0.30.11",
-        "postcss": "^8.4.48",
-        "source-map-js": "^1.2.0"
+        "magic-string": "^0.30.17",
+        "postcss": "^8.5.6",
+        "source-map-js": "^1.2.1"
       }
     },
     "node_modules/@vue/compiler-sfc/node_modules/magic-string": {
@@ -3937,13 +3999,13 @@
       }
     },
     "node_modules/@vue/compiler-ssr": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/compiler-ssr/-/compiler-ssr-3.5.13.tgz",
-      "integrity": "sha512-wMH6vrYHxQl/IybKJagqbquvxpWCuVYpoUJfCqFZwa/JY1GdATAQ+TgVtgrwwMZ0D07QhA99rs/EAAWfvG6KpA==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-ssr/-/compiler-ssr-3.5.18.tgz",
+      "integrity": "sha512-xM16Ak7rSWHkM3m22NlmcdIM+K4BMyFARAfV9hYFl+SFuRzrZ3uGMNW05kA5pmeMa0X9X963Kgou7ufdbpOP9g==",
       "license": "MIT",
       "dependencies": {
-        "@vue/compiler-dom": "3.5.13",
-        "@vue/shared": "3.5.13"
+        "@vue/compiler-dom": "3.5.18",
+        "@vue/shared": "3.5.18"
       }
     },
     "node_modules/@vue/compiler-vue2": {
@@ -3958,20 +4020,20 @@
       }
     },
     "node_modules/@vue/language-core": {
-      "version": "2.2.8",
-      "resolved": "https://registry.npmjs.org/@vue/language-core/-/language-core-2.2.8.tgz",
-      "integrity": "sha512-rrzB0wPGBvcwaSNRriVWdNAbHQWSf0NlGqgKHK5mEkXpefjUlVRP62u03KvwZpvKVjRnBIQ/Lwre+Mx9N6juUQ==",
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/@vue/language-core/-/language-core-3.0.4.tgz",
+      "integrity": "sha512-BvueED4LfBCSNH66eeUQk37MQCb7hjdezzGgxniM0LbriW53AJIyLorgshAtStmjfsAuOCcTl/c1b+nz/ye8xQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@volar/language-core": "~2.4.11",
+        "@volar/language-core": "2.4.20",
         "@vue/compiler-dom": "^3.5.0",
         "@vue/compiler-vue2": "^2.7.16",
         "@vue/shared": "^3.5.0",
-        "alien-signals": "^1.0.3",
-        "minimatch": "^9.0.3",
+        "alien-signals": "^2.0.5",
         "muggle-string": "^0.4.1",
-        "path-browserify": "^1.0.1"
+        "path-browserify": "^1.0.1",
+        "picomatch": "^4.0.2"
       },
       "peerDependencies": {
         "typescript": "*"
@@ -3982,70 +4044,67 @@
         }
       }
     },
-    "node_modules/@vue/language-core/node_modules/minimatch": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
-      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+    "node_modules/@vue/language-core/node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
       "dev": true,
-      "license": "ISC",
-      "dependencies": {
-        "brace-expansion": "^2.0.1"
-      },
+      "license": "MIT",
       "engines": {
-        "node": ">=16 || 14 >=14.17"
+        "node": ">=12"
       },
       "funding": {
-        "url": "https://github.com/sponsors/isaacs"
+        "url": "https://github.com/sponsors/jonschlinkert"
       }
     },
     "node_modules/@vue/reactivity": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.5.13.tgz",
-      "integrity": "sha512-NaCwtw8o48B9I6L1zl2p41OHo/2Z4wqYGGIK1Khu5T7yxrn+ATOixn/Udn2m+6kZKB/J7cuT9DbWWhRxqixACg==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.5.18.tgz",
+      "integrity": "sha512-x0vPO5Imw+3sChLM5Y+B6G1zPjwdOri9e8V21NnTnlEvkxatHEH5B5KEAJcjuzQ7BsjGrKtfzuQ5eQwXh8HXBg==",
       "license": "MIT",
       "dependencies": {
-        "@vue/shared": "3.5.13"
+        "@vue/shared": "3.5.18"
       }
     },
     "node_modules/@vue/runtime-core": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.5.13.tgz",
-      "integrity": "sha512-Fj4YRQ3Az0WTZw1sFe+QDb0aXCerigEpw418pw1HBUKFtnQHWzwojaukAs2X/c9DQz4MQ4bsXTGlcpGxU/RCIw==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.5.18.tgz",
+      "integrity": "sha512-DUpHa1HpeOQEt6+3nheUfqVXRog2kivkXHUhoqJiKR33SO4x+a5uNOMkV487WPerQkL0vUuRvq/7JhRgLW3S+w==",
       "license": "MIT",
       "dependencies": {
-        "@vue/reactivity": "3.5.13",
-        "@vue/shared": "3.5.13"
+        "@vue/reactivity": "3.5.18",
+        "@vue/shared": "3.5.18"
       }
     },
     "node_modules/@vue/runtime-dom": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.5.13.tgz",
-      "integrity": "sha512-dLaj94s93NYLqjLiyFzVs9X6dWhTdAlEAciC3Moq7gzAc13VJUdCnjjRurNM6uTLFATRHexHCTu/Xp3eW6yoog==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.5.18.tgz",
+      "integrity": "sha512-YwDj71iV05j4RnzZnZtGaXwPoUWeRsqinblgVJwR8XTXYZ9D5PbahHQgsbmzUvCWNF6x7siQ89HgnX5eWkr3mw==",
       "license": "MIT",
       "dependencies": {
-        "@vue/reactivity": "3.5.13",
-        "@vue/runtime-core": "3.5.13",
-        "@vue/shared": "3.5.13",
+        "@vue/reactivity": "3.5.18",
+        "@vue/runtime-core": "3.5.18",
+        "@vue/shared": "3.5.18",
         "csstype": "^3.1.3"
       }
     },
     "node_modules/@vue/server-renderer": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/server-renderer/-/server-renderer-3.5.13.tgz",
-      "integrity": "sha512-wAi4IRJV/2SAW3htkTlB+dHeRmpTiVIK1OGLWV1yeStVSebSQQOwGwIq0D3ZIoBj2C2qpgz5+vX9iEBkTdk5YA==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/server-renderer/-/server-renderer-3.5.18.tgz",
+      "integrity": "sha512-PvIHLUoWgSbDG7zLHqSqaCoZvHi6NNmfVFOqO+OnwvqMz/tqQr3FuGWS8ufluNddk7ZLBJYMrjcw1c6XzR12mA==",
       "license": "MIT",
       "dependencies": {
-        "@vue/compiler-ssr": "3.5.13",
-        "@vue/shared": "3.5.13"
+        "@vue/compiler-ssr": "3.5.18",
+        "@vue/shared": "3.5.18"
       },
       "peerDependencies": {
-        "vue": "3.5.13"
+        "vue": "3.5.18"
       }
     },
     "node_modules/@vue/shared": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.5.13.tgz",
-      "integrity": "sha512-/hnE/qP5ZoGpol0a5mDi45bOd7t3tjYJBjsgCsivow7D48cJeV5l05RD82lPqi7gRiphZM37rnhW1l6ZoCNNnQ==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.5.18.tgz",
+      "integrity": "sha512-cZy8Dq+uuIXbxCZpuLd2GJdeSO/lIzIspC2WtkqIpje5QyFbvLaI5wZtdUjLHjGZrlVX6GilejatWwVYYRc8tA==",
       "license": "MIT"
     },
     "node_modules/@webassemblyjs/ast": {
@@ -4264,9 +4323,9 @@
       }
     },
     "node_modules/acorn": {
-      "version": "8.14.1",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.1.tgz",
-      "integrity": "sha512-OvQ/2pUDKmgfCg++xsTX1wGxfTaszcHVcTctW4UJB4hibJx2HXxxO5UmVgyjMa+ZDsiaf5wWLXYpRWMmBI0QHg==",
+      "version": "8.15.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
+      "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
       "license": "MIT",
       "bin": {
         "acorn": "bin/acorn"
@@ -4275,6 +4334,18 @@
         "node": ">=0.4.0"
       }
     },
+    "node_modules/acorn-import-phases": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz",
+      "integrity": "sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.13.0"
+      },
+      "peerDependencies": {
+        "acorn": "^8.14.0"
+      }
+    },
     "node_modules/acorn-jsx": {
       "version": "5.3.2",
       "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz",
@@ -4371,16 +4442,16 @@
       }
     },
     "node_modules/alien-signals": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/alien-signals/-/alien-signals-1.0.4.tgz",
-      "integrity": "sha512-DJqqQD3XcsaQcQ1s+iE2jDUZmmQpXwHiR6fCAim/w87luaW+vmLY8fMlrdkmRwzaFXhkxf3rqPCR59tKVv1MDw==",
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/alien-signals/-/alien-signals-2.0.5.tgz",
+      "integrity": "sha512-PdJB6+06nUNAClInE3Dweq7/2xVAYM64vvvS1IHVHSJmgeOtEdrAGyp7Z2oJtYm0B342/Exd2NT0uMJaThcjLQ==",
       "dev": true,
       "license": "MIT"
     },
     "node_modules/ansi_up": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/ansi_up/-/ansi_up-6.0.2.tgz",
-      "integrity": "sha512-3G3vKvl1ilEp7J1u6BmULpMA0xVoW/f4Ekqhl8RTrJrhEBkonKn5k3bUc5Xt+qDayA6iDX0jyUh3AbZjB/l0tw==",
+      "version": "6.0.6",
+      "resolved": "https://registry.npmjs.org/ansi_up/-/ansi_up-6.0.6.tgz",
+      "integrity": "sha512-yIa1x3Ecf8jWP4UWEunNjqNX6gzE4vg2gGz+xqRGY+TBSucnYp6RRdPV4brmtg6bQ1ljD48mZ5iGSEj7QEpRKA==",
       "license": "MIT",
       "engines": {
         "node": "*"
@@ -4537,9 +4608,9 @@
       }
     },
     "node_modules/asciinema-player": {
-      "version": "3.9.0",
-      "resolved": "https://registry.npmjs.org/asciinema-player/-/asciinema-player-3.9.0.tgz",
-      "integrity": "sha512-SXVFImVzeNr8ZUdNIHABGuzlbnGWTKy245AquAjODsAnv+Lp6vxjYGN0LfA8ns30tnx/ag/bMrTbLq13TpHE6w==",
+      "version": "3.10.0",
+      "resolved": "https://registry.npmjs.org/asciinema-player/-/asciinema-player-3.10.0.tgz",
+      "integrity": "sha512-shoOK6F606nDKZxDVM7JuGSCAyWLePoGRFNlV+FqiP5Sqvyn0BlE7wlbjZyd2X4P1iRhv/HKfVNtnQIxmgphRA==",
       "license": "Apache-2.0",
       "dependencies": {
         "@babel/runtime": "^7.21.0",
@@ -4630,9 +4701,10 @@
       }
     },
     "node_modules/balanced-match": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
-      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-2.0.0.tgz",
+      "integrity": "sha512-1ugUSr8BHXRnK23KfuYS+gVMC3LB8QGH9W1iGtDPsNWoQbgtXSExkBu2aDR4epiGWZOjZsj6lDl/N/AqqTC3UA==",
+      "dev": true,
       "license": "MIT"
     },
     "node_modules/base64-js": {
@@ -4684,14 +4756,21 @@
       "license": "ISC"
     },
     "node_modules/brace-expansion": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "license": "MIT",
       "dependencies": {
-        "balanced-match": "^1.0.0"
+        "balanced-match": "^1.0.0",
+        "concat-map": "0.0.1"
       }
     },
+    "node_modules/brace-expansion/node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "license": "MIT"
+    },
     "node_modules/braces": {
       "version": "3.0.3",
       "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
@@ -4705,9 +4784,9 @@
       }
     },
     "node_modules/browserslist": {
-      "version": "4.24.4",
-      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.24.4.tgz",
-      "integrity": "sha512-KDi1Ny1gSePi1vm0q4oxSF8b4DR44GF4BbmS2YdhPLOEqd8pDviZOGH/GsmRwoWJ2+5Lr085X7naowMwKHDG1A==",
+      "version": "4.25.1",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.25.1.tgz",
+      "integrity": "sha512-KGj0KoOMXLpSNkkEI6Z6mShmQy0bc1I+T7K9N81k4WWMrfz+6fQ6es80B/YLAeRoKvjYE1YSHHOW1qe9xIVzHw==",
       "funding": [
         {
           "type": "opencollective",
@@ -4724,10 +4803,10 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "caniuse-lite": "^1.0.30001688",
-        "electron-to-chromium": "^1.5.73",
+        "caniuse-lite": "^1.0.30001726",
+        "electron-to-chromium": "^1.5.173",
         "node-releases": "^2.0.19",
-        "update-browserslist-db": "^1.1.1"
+        "update-browserslist-db": "^1.1.3"
       },
       "bin": {
         "browserslist": "cli.js"
@@ -4807,24 +4886,24 @@
       }
     },
     "node_modules/cacheable": {
-      "version": "1.8.9",
-      "resolved": "https://registry.npmjs.org/cacheable/-/cacheable-1.8.9.tgz",
-      "integrity": "sha512-FicwAUyWnrtnd4QqYAoRlNs44/a1jTL7XDKqm5gJ90wz1DQPlC7U2Rd1Tydpv+E7WAr4sQHuw8Q8M3nZMAyecQ==",
+      "version": "1.10.3",
+      "resolved": "https://registry.npmjs.org/cacheable/-/cacheable-1.10.3.tgz",
+      "integrity": "sha512-M6p10iJ/VT0wT7TLIGUnm958oVrU2cUK8pQAVU21Zu7h8rbk/PeRtRWrvHJBql97Bhzk3g1N6+2VKC+Rjxna9Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "hookified": "^1.7.1",
-        "keyv": "^5.3.1"
+        "hookified": "^1.10.0",
+        "keyv": "^5.4.0"
       }
     },
     "node_modules/cacheable/node_modules/keyv": {
-      "version": "5.3.2",
-      "resolved": "https://registry.npmjs.org/keyv/-/keyv-5.3.2.tgz",
-      "integrity": "sha512-Lji2XRxqqa5Wg+CHLVfFKBImfJZ4pCSccu9eVWK6w4c2SDFLd8JAn1zqTuSFnsxb7ope6rMsnIHfp+eBbRBRZQ==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/keyv/-/keyv-5.4.0.tgz",
+      "integrity": "sha512-TMckyVjEoacG5IteUpUrOBsFORtheqziVyyY2dLUwg1jwTb8u48LX4TgmtogkNl9Y9unaEJ1luj10fGyjMGFOQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@keyv/serialize": "^1.0.3"
+        "@keyv/serialize": "^1.1.0"
       }
     },
     "node_modules/callsites": {
@@ -4846,9 +4925,9 @@
       }
     },
     "node_modules/caniuse-lite": {
-      "version": "1.0.30001705",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001705.tgz",
-      "integrity": "sha512-S0uyMMiYvA7CxNgomYBwwwPUnWzFD83f3B1ce5jHUfHTH//QL6hHsreI8RVC5606R4ssqravelYO5TU6t8sEyg==",
+      "version": "1.0.30001731",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001731.tgz",
+      "integrity": "sha512-lDdp2/wrOmTRWuoB5DpfNkC0rJDU8DqRa6nYL6HK6sytw70QMopt/NIc/9SM7ylItlBWfACXk0tEn37UWM/+mg==",
       "funding": [
         {
           "type": "opencollective",
@@ -4866,9 +4945,9 @@
       "license": "CC-BY-4.0"
     },
     "node_modules/chai": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/chai/-/chai-5.2.0.tgz",
-      "integrity": "sha512-mCuXncKXk5iCLhfhwTc0izo0gtEmpz5CtG2y8GiOINBlMVS6v8TMRc5TaLWKS6692m9+dVVfzgeVxR5UxWHTYw==",
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/chai/-/chai-5.2.1.tgz",
+      "integrity": "sha512-5nFxhUrX0PqtyogoYOA8IPswy5sZFTOsBFl/9bNsmDLgsxYTzSZQJDPppDnZPTQbzSEm0hqGjWPzRemQCYbD6A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -4879,7 +4958,7 @@
         "pathval": "^2.0.0"
       },
       "engines": {
-        "node": ">=12"
+        "node": ">=18"
       }
     },
     "node_modules/chalk": {
@@ -4932,9 +5011,9 @@
       }
     },
     "node_modules/chart.js": {
-      "version": "4.4.8",
-      "resolved": "https://registry.npmjs.org/chart.js/-/chart.js-4.4.8.tgz",
-      "integrity": "sha512-IkGZlVpXP+83QpMm4uxEiGqSI7jFizwVtF3+n5Pc3k7sMO+tkd0qxh2OzLhenM0K80xtmAONWGBn082EiBQSDA==",
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/chart.js/-/chart.js-4.5.0.tgz",
+      "integrity": "sha512-aYeC/jDgSEx8SHWZvANYMioYMZ2KX02W6f6uVfyteuCGcadDLcYVHdfdygsTQkQ4TKn5lghoojAsPj5pu0SnvQ==",
       "license": "MIT",
       "dependencies": {
         "@kurkle/color": "^0.3.0"
@@ -5058,9 +5137,9 @@
       }
     },
     "node_modules/ci-info": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.2.0.tgz",
-      "integrity": "sha512-cYY9mypksY8NRqgDB1XD1RiJL338v/551niynFTGkZOO2LHuB2OmOYxDIe/ttN9AHwrqdum1360G3ald0W9kCg==",
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-4.3.0.tgz",
+      "integrity": "sha512-l+2bNRMiQgcfILUi33labAZYIWlH1kWDp+ecNo5iisRKrbm0xcRyCww71/YU0Fkw0mAFpz9bJayXPjey6vkmaQ==",
       "dev": true,
       "funding": [
         {
@@ -5103,9 +5182,9 @@
       }
     },
     "node_modules/clippie": {
-      "version": "4.1.5",
-      "resolved": "https://registry.npmjs.org/clippie/-/clippie-4.1.5.tgz",
-      "integrity": "sha512-ZNGL7+p8HZWM2G8fecb3N7izoagXGktTg7nSYxzBID4OAtOBU7SUFvI9EL/0IZpy9VkU8AY6Zp8AvaH4/Xj7pA==",
+      "version": "4.1.7",
+      "resolved": "https://registry.npmjs.org/clippie/-/clippie-4.1.7.tgz",
+      "integrity": "sha512-l8BmUmWqOt4mpxeSflcfODJJOU+DsE5atWj82k1zsxd2X82haz2+g12PJPMOt6e1Cs4/ZnOWdRAV+nY9n2o1Rg==",
       "license": "BSD-2-Clause"
     },
     "node_modules/cliui": {
@@ -5165,9 +5244,9 @@
       }
     },
     "node_modules/codemirror": {
-      "version": "5.65.18",
-      "resolved": "https://registry.npmjs.org/codemirror/-/codemirror-5.65.18.tgz",
-      "integrity": "sha512-Gaz4gHnkbHMGgahNt3CA5HBk5lLQBqmD/pBgeB4kQU6OedZmqMBjlRF0LSrp2tJ4wlLNPm2FfaUd1pDy0mdlpA==",
+      "version": "5.65.19",
+      "resolved": "https://registry.npmjs.org/codemirror/-/codemirror-5.65.19.tgz",
+      "integrity": "sha512-+aFkvqhaAVr1gferNMuN8vkTSrWIFvzlMV9I2KBLCWS2WpZ2+UAkZjlMZmEuT+gcXTi6RrGQCkWq1/bDtGqhIA==",
       "license": "MIT"
     },
     "node_modules/codemirror-spell-checker": {
@@ -5243,19 +5322,30 @@
       "license": "MIT"
     },
     "node_modules/confbox": {
-      "version": "0.2.1",
-      "resolved": "https://registry.npmjs.org/confbox/-/confbox-0.2.1.tgz",
-      "integrity": "sha512-hkT3yDPFbs95mNCy1+7qNKC6Pro+/ibzYxtM2iqEigpf0sVw+bg4Zh9/snjsBcf990vfIsg5+1U7VyiyBb3etg==",
+      "version": "0.2.2",
+      "resolved": "https://registry.npmjs.org/confbox/-/confbox-0.2.2.tgz",
+      "integrity": "sha512-1NB+BKqhtNipMsov4xI/NnhCKp9XG9NamYp5PVm9klAT0fsrNPjaFICsCFhNhwZJKNh7zB/3q8qXz0E9oaMNtQ==",
       "license": "MIT"
     },
+    "node_modules/core-js": {
+      "version": "3.32.2",
+      "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.32.2.tgz",
+      "integrity": "sha512-pxXSw1mYZPDGvTQqEc5vgIb83jGQKFGYWY76z4a7weZXUolw3G+OvpZqSRcfYOoOVUQJYEPsWeQK8pKEnUtWxQ==",
+      "hasInstallScript": true,
+      "license": "MIT",
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/core-js"
+      }
+    },
     "node_modules/core-js-compat": {
-      "version": "3.41.0",
-      "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.41.0.tgz",
-      "integrity": "sha512-RFsU9LySVue9RTwdDVX/T0e2Y6jRYWXERKElIjpuEOEnxaXffI0X7RUwVzfYLfzuLXSNJDYoRYUAmRUcyln20A==",
+      "version": "3.44.0",
+      "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.44.0.tgz",
+      "integrity": "sha512-JepmAj2zfl6ogy34qfWtcE7nHKAJnKsQFRn++scjVS2bZFllwptzw61BZcZFYBPpUznLfAvh0LGhxKppk04ClA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "browserslist": "^4.24.4"
+        "browserslist": "^4.25.1"
       },
       "funding": {
         "type": "opencollective",
@@ -5375,9 +5465,9 @@
       }
     },
     "node_modules/css-select": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/css-select/-/css-select-5.1.0.tgz",
-      "integrity": "sha512-nwoRF1rvRRnnCqqY7updORDsuqKzqYJ28+oSMaJMMgOauh3fvwHqMS7EZpIPqK8GL+g9mKxF1vP/ZjSeNjEVHg==",
+      "version": "5.2.2",
+      "resolved": "https://registry.npmjs.org/css-select/-/css-select-5.2.2.tgz",
+      "integrity": "sha512-TizTzUddG/xYLA3NXodFM0fSbNizXjOKhqiQQwvhlspadZokn1KDy0NZFS0wuEubIYAV5/c1/lAr0TaaFXEXzw==",
       "dev": true,
       "license": "BSD-2-Clause",
       "dependencies": {
@@ -5406,9 +5496,9 @@
       }
     },
     "node_modules/css-what": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/css-what/-/css-what-6.1.0.tgz",
-      "integrity": "sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==",
+      "version": "6.2.2",
+      "resolved": "https://registry.npmjs.org/css-what/-/css-what-6.2.2.tgz",
+      "integrity": "sha512-u/O3vwbptzhMs3L1fQE82ZSLHQQfto5gyZzwteVIEyeaY5Fc7R4dapF/BvRoSYFeqfBk4m0V1Vafq5Pjv25wvA==",
       "dev": true,
       "license": "BSD-2-Clause",
       "engines": {
@@ -5473,9 +5563,9 @@
       "license": "MIT"
     },
     "node_modules/cytoscape": {
-      "version": "3.31.1",
-      "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.31.1.tgz",
-      "integrity": "sha512-Hx5Mtb1+hnmAKaZZ/7zL1Y5HTFYOjdDswZy/jD+1WINRU8KVi1B7+vlHdsTwY+VCFucTreoyu1RDzQJ9u0d2Hw==",
+      "version": "3.33.0",
+      "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.33.0.tgz",
+      "integrity": "sha512-2d2EwwhaxLWC8ahkH1PpQwCyu6EY3xDRdcEJXrLTb4fOUtVc+YWQalHU67rFS1a6ngj1fgv9dQLtJxP/KAFZEw==",
       "license": "MIT",
       "engines": {
         "node": ">=0.10"
@@ -6008,9 +6098,9 @@
       "license": "MIT"
     },
     "node_modules/debug": {
-      "version": "4.4.0",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz",
-      "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==",
+      "version": "4.4.1",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
+      "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
       "license": "MIT",
       "dependencies": {
         "ms": "^2.1.3"
@@ -6025,9 +6115,9 @@
       }
     },
     "node_modules/decode-named-character-reference": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.1.0.tgz",
-      "integrity": "sha512-Wy+JTSbFThEOXQIR2L6mxJvEs+veIzpmqD7ynWxMXGpnk3smkHQOp6forLdHsKpAMW9iJpaBBIxz285t1n1C3w==",
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.2.0.tgz",
+      "integrity": "sha512-c6fcElNV6ShtZXmsgNgFFV5tVX2PaV4g+MOAkb8eXHvn6sryJBrZa9r0zV6+dtTyoCKxtDy5tyQ5ZwQuidtd+Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -6184,9 +6274,9 @@
       }
     },
     "node_modules/dom-input-range": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/dom-input-range/-/dom-input-range-1.2.0.tgz",
-      "integrity": "sha512-8HVA5Oy5Vt872S7IXsjjp6/5Hqsm5YZLhurxwwQXp80T9qVsj8/mEUH3sQlFujLLUoWfxiaThHHuJ3/q1MHVuA==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/dom-input-range/-/dom-input-range-2.0.1.tgz",
+      "integrity": "sha512-UMGnuQlEepIPCju5NrPe+8y52B+pRvSjIaSPW92KpukoDGSEVkI2iaCR4HxK7K6C7zmVsWE8PEjCYZaJMr3vpg==",
       "license": "MIT",
       "workspaces": [
         "demos"
@@ -6237,9 +6327,9 @@
       }
     },
     "node_modules/dompurify": {
-      "version": "3.2.4",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.4.tgz",
-      "integrity": "sha512-ysFSFEDVduQpyhzAob/kkuJjf5zWkZD8/A9ywSp1byueyuCfHamrCBa14/Oc2iiB0e51B+NpxSl5gmzn+Ms/mg==",
+      "version": "3.2.6",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.6.tgz",
+      "integrity": "sha512-/2GogDQlohXPZe6D6NOgQvXLPSYBqIWMnZ8zzOhn09REE4eyAzb+Hed3jhoM9OkuaJ8P6ZGTTVWQKAi8ieIzfQ==",
       "license": "(MPL-2.0 OR Apache-2.0)",
       "optionalDependencies": {
         "@types/trusted-types": "^2.0.7"
@@ -6290,9 +6380,9 @@
       }
     },
     "node_modules/electron-to-chromium": {
-      "version": "1.5.119",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.119.tgz",
-      "integrity": "sha512-Ku4NMzUjz3e3Vweh7PhApPrZSS4fyiCIbcIrG9eKrriYVLmbMepETR/v6SU7xPm98QTqMSYiCwfO89QNjXLkbQ==",
+      "version": "1.5.194",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.194.tgz",
+      "integrity": "sha512-SdnWJwSUot04UR51I2oPD8kuP2VI37/CADR1OHsFOUzZIvfWJBO6q11k5P/uKNyTT3cdOsnyjkrZ+DDShqYqJA==",
       "license": "ISC"
     },
     "node_modules/emoji-regex": {
@@ -6311,9 +6401,9 @@
       }
     },
     "node_modules/enhanced-resolve": {
-      "version": "5.18.1",
-      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.1.tgz",
-      "integrity": "sha512-ZSW3ma5GkcQBIpwZTSRAI8N71Uuwgs93IezB7mf7R60tC8ZbJideoDNKjHn2O9KIlx6rkGTTEk1xUCK2E1Y2Yg==",
+      "version": "5.18.2",
+      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.2.tgz",
+      "integrity": "sha512-6Jw4sE1maoRJo3q8MsSIn2onJFbLTOjY9hlx4DZXmOKvLRd1Ok2kXmAGXaafL2+ijsJZ1ClYbl/pmqr9+k4iUQ==",
       "license": "MIT",
       "dependencies": {
         "graceful-fs": "^4.2.4",
@@ -6380,15 +6470,15 @@
       }
     },
     "node_modules/es-module-lexer": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.6.0.tgz",
-      "integrity": "sha512-qqnD1yMU6tk/jnaMosogGySTZP8YtUgAffA9nMN+E/rjxcfRQ6IEk7IiozUjgxKoFHBGjTLnrHB/YC45r/59EQ==",
+      "version": "1.7.0",
+      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.7.0.tgz",
+      "integrity": "sha512-jEQoCwk8hyb2AZziIOLhDqpm5+2ww5uIE6lkO/6jcOCusfk6LhMHpXXfBLXTZ7Ydyt0j4VoUQv6uGNYbdW+kBA==",
       "license": "MIT"
     },
     "node_modules/esbuild": {
-      "version": "0.25.1",
-      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.1.tgz",
-      "integrity": "sha512-BGO5LtrGC7vxnqucAe/rmvKdJllfGaYWdyABvyMoXQlfYMb2bbRuReWR5tEGE//4LcNJj9XrkovTqNYRFZHAMQ==",
+      "version": "0.25.8",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.8.tgz",
+      "integrity": "sha512-vVC0USHGtMi8+R4Kz8rt6JhEWLxsv9Rnu/lGYbPR8u47B+DCBksq9JarW0zOO7bs37hyOK1l2/oqtbciutL5+Q==",
       "hasInstallScript": true,
       "license": "MIT",
       "bin": {
@@ -6398,31 +6488,32 @@
         "node": ">=18"
       },
       "optionalDependencies": {
-        "@esbuild/aix-ppc64": "0.25.1",
-        "@esbuild/android-arm": "0.25.1",
-        "@esbuild/android-arm64": "0.25.1",
-        "@esbuild/android-x64": "0.25.1",
-        "@esbuild/darwin-arm64": "0.25.1",
-        "@esbuild/darwin-x64": "0.25.1",
-        "@esbuild/freebsd-arm64": "0.25.1",
-        "@esbuild/freebsd-x64": "0.25.1",
-        "@esbuild/linux-arm": "0.25.1",
-        "@esbuild/linux-arm64": "0.25.1",
-        "@esbuild/linux-ia32": "0.25.1",
-        "@esbuild/linux-loong64": "0.25.1",
-        "@esbuild/linux-mips64el": "0.25.1",
-        "@esbuild/linux-ppc64": "0.25.1",
-        "@esbuild/linux-riscv64": "0.25.1",
-        "@esbuild/linux-s390x": "0.25.1",
-        "@esbuild/linux-x64": "0.25.1",
-        "@esbuild/netbsd-arm64": "0.25.1",
-        "@esbuild/netbsd-x64": "0.25.1",
-        "@esbuild/openbsd-arm64": "0.25.1",
-        "@esbuild/openbsd-x64": "0.25.1",
-        "@esbuild/sunos-x64": "0.25.1",
-        "@esbuild/win32-arm64": "0.25.1",
-        "@esbuild/win32-ia32": "0.25.1",
-        "@esbuild/win32-x64": "0.25.1"
+        "@esbuild/aix-ppc64": "0.25.8",
+        "@esbuild/android-arm": "0.25.8",
+        "@esbuild/android-arm64": "0.25.8",
+        "@esbuild/android-x64": "0.25.8",
+        "@esbuild/darwin-arm64": "0.25.8",
+        "@esbuild/darwin-x64": "0.25.8",
+        "@esbuild/freebsd-arm64": "0.25.8",
+        "@esbuild/freebsd-x64": "0.25.8",
+        "@esbuild/linux-arm": "0.25.8",
+        "@esbuild/linux-arm64": "0.25.8",
+        "@esbuild/linux-ia32": "0.25.8",
+        "@esbuild/linux-loong64": "0.25.8",
+        "@esbuild/linux-mips64el": "0.25.8",
+        "@esbuild/linux-ppc64": "0.25.8",
+        "@esbuild/linux-riscv64": "0.25.8",
+        "@esbuild/linux-s390x": "0.25.8",
+        "@esbuild/linux-x64": "0.25.8",
+        "@esbuild/netbsd-arm64": "0.25.8",
+        "@esbuild/netbsd-x64": "0.25.8",
+        "@esbuild/openbsd-arm64": "0.25.8",
+        "@esbuild/openbsd-x64": "0.25.8",
+        "@esbuild/openharmony-arm64": "0.25.8",
+        "@esbuild/sunos-x64": "0.25.8",
+        "@esbuild/win32-arm64": "0.25.8",
+        "@esbuild/win32-ia32": "0.25.8",
+        "@esbuild/win32-x64": "0.25.8"
       }
     },
     "node_modules/esbuild-loader": {
@@ -6452,18 +6543,6 @@
         "node": ">=6"
       }
     },
-    "node_modules/escape-goat": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/escape-goat/-/escape-goat-4.0.0.tgz",
-      "integrity": "sha512-2Sd4ShcWxbx6OY1IHyla/CVNwvg7XwZVoXZHcSu9w9SReNP1EzzD5T8NWKIR38fIqEns9kDWKUQTXXAmlDrdPg==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=12"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
-      }
-    },
     "node_modules/escape-string-regexp": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
@@ -6535,9 +6614,9 @@
       }
     },
     "node_modules/eslint-compat-utils": {
-      "version": "0.6.4",
-      "resolved": "https://registry.npmjs.org/eslint-compat-utils/-/eslint-compat-utils-0.6.4.tgz",
-      "integrity": "sha512-/u+GQt8NMfXO8w17QendT4gvO5acfxQsAKirAt0LVxDnr2N8YLCVbregaNc/Yhp7NM128DwCaRvr8PLDfeNkQw==",
+      "version": "0.6.5",
+      "resolved": "https://registry.npmjs.org/eslint-compat-utils/-/eslint-compat-utils-0.6.5.tgz",
+      "integrity": "sha512-vAUHYzue4YAa2hNACjB8HvUQj5yehAZgiClyFVVom9cP8z5NSFq3PwB/TtJslN2zAMgRX6FCFCjYBbQh71g5RQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -6551,18 +6630,46 @@
       }
     },
     "node_modules/eslint-config-prettier": {
-      "version": "10.1.1",
-      "resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-10.1.1.tgz",
-      "integrity": "sha512-4EQQr6wXwS+ZJSzaR5ZCrYgLxqvUjdXctaEtBqHcbkW944B1NQyO4qpdHQbXBONfwxXdkAY81HH4+LUfrg+zPw==",
+      "version": "10.1.8",
+      "resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-10.1.8.tgz",
+      "integrity": "sha512-82GZUjRS0p/jganf6q1rEO25VSoHH0hKPCTrgillPjdI/3bgBhAE1QzHrHTizjpRvy6pGAvKjDJtk2pF9NDq8w==",
       "dev": true,
       "license": "MIT",
       "bin": {
         "eslint-config-prettier": "bin/cli.js"
       },
+      "funding": {
+        "url": "https://opencollective.com/eslint-config-prettier"
+      },
       "peerDependencies": {
         "eslint": ">=7.0.0"
       }
     },
+    "node_modules/eslint-import-context": {
+      "version": "0.1.9",
+      "resolved": "https://registry.npmjs.org/eslint-import-context/-/eslint-import-context-0.1.9.tgz",
+      "integrity": "sha512-K9Hb+yRaGAGUbwjhFNHvSmmkZs9+zbuoe3kFQ4V1wYjrepUFYM2dZAfNtjbbj3qsPfUfsA68Bx/ICWQMi+C8Eg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "get-tsconfig": "^4.10.1",
+        "stable-hash-x": "^0.2.0"
+      },
+      "engines": {
+        "node": "^12.20.0 || ^14.18.0 || >=16.0.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint-import-context"
+      },
+      "peerDependencies": {
+        "unrs-resolver": "^1.0.0"
+      },
+      "peerDependenciesMeta": {
+        "unrs-resolver": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/eslint-import-resolver-node": {
       "version": "0.3.9",
       "resolved": "https://registry.npmjs.org/eslint-import-resolver-node/-/eslint-import-resolver-node-0.3.9.tgz",
@@ -6586,25 +6693,25 @@
       }
     },
     "node_modules/eslint-import-resolver-typescript": {
-      "version": "3.9.0",
-      "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.9.0.tgz",
-      "integrity": "sha512-EUcFmaz0zAa6P2C9jAb5XDymRld8S6TURvWcIW7y+czOW+K8hrjgQgbhBsNE0J/dDZ6HLfcn70LqnIil9W+ICw==",
+      "version": "4.4.4",
+      "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-4.4.4.tgz",
+      "integrity": "sha512-1iM2zeBvrYmUNTj2vSC/90JTHDth+dfOfiNKkxApWRsTJYNrc8rOdxxIf5vazX+BiAXTeOT0UvWpGI/7qIWQOw==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "@nolyfill/is-core-module": "1.0.39",
-        "debug": "^4.3.7",
-        "get-tsconfig": "^4.10.0",
-        "is-bun-module": "^1.0.2",
-        "oxc-resolver": "^5.0.0",
-        "stable-hash": "^0.0.5",
-        "tinyglobby": "^0.2.12"
+        "debug": "^4.4.1",
+        "eslint-import-context": "^0.1.8",
+        "get-tsconfig": "^4.10.1",
+        "is-bun-module": "^2.0.0",
+        "stable-hash-x": "^0.2.0",
+        "tinyglobby": "^0.2.14",
+        "unrs-resolver": "^1.7.11"
       },
       "engines": {
-        "node": "^14.18.0 || >=16.0.0"
+        "node": "^16.17.0 || >=18.6.0"
       },
       "funding": {
-        "url": "https://opencollective.com/unts/projects/eslint-import-resolver-ts"
+        "url": "https://opencollective.com/eslint-import-resolver-typescript"
       },
       "peerDependencies": {
         "eslint": "*",
@@ -6621,9 +6728,9 @@
       }
     },
     "node_modules/eslint-module-utils": {
-      "version": "2.12.0",
-      "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.12.0.tgz",
-      "integrity": "sha512-wALZ0HFoytlyh/1+4wuZ9FJCD/leWHQzzrxJ8+rebyReSLk7LApMyd3WJaLVoN+D5+WIdJyDK1c6JnE65V4Zyg==",
+      "version": "2.12.1",
+      "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.12.1.tgz",
+      "integrity": "sha512-L8jSWTze7K2mTg0vos/RuLRS5soomksDPoJLXIslC7c8Wmut3bx7CPpJijDcBZtxQ5lrbUdM+s0OlNbz0DCDNw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -6763,30 +6870,30 @@
       }
     },
     "node_modules/eslint-plugin-import": {
-      "version": "2.31.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.31.0.tgz",
-      "integrity": "sha512-ixmkI62Rbc2/w8Vfxyh1jQRTdRTF52VxwRVHl/ykPAmqG+Nb7/kNn+byLP0LxPgI7zWA16Jt82SybJInmMia3A==",
+      "version": "2.32.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.32.0.tgz",
+      "integrity": "sha512-whOE1HFo/qJDyX4SnXzP4N6zOWn79WhnCUY/iDR0mPfQZO8wcYE4JClzI2oZrhBnnMUCBCHZhO6VQyoBU95mZA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@rtsao/scc": "^1.1.0",
-        "array-includes": "^3.1.8",
-        "array.prototype.findlastindex": "^1.2.5",
-        "array.prototype.flat": "^1.3.2",
-        "array.prototype.flatmap": "^1.3.2",
+        "array-includes": "^3.1.9",
+        "array.prototype.findlastindex": "^1.2.6",
+        "array.prototype.flat": "^1.3.3",
+        "array.prototype.flatmap": "^1.3.3",
         "debug": "^3.2.7",
         "doctrine": "^2.1.0",
         "eslint-import-resolver-node": "^0.3.9",
-        "eslint-module-utils": "^2.12.0",
+        "eslint-module-utils": "^2.12.1",
         "hasown": "^2.0.2",
-        "is-core-module": "^2.15.1",
+        "is-core-module": "^2.16.1",
         "is-glob": "^4.0.3",
         "minimatch": "^3.1.2",
         "object.fromentries": "^2.0.8",
         "object.groupby": "^1.0.3",
-        "object.values": "^1.2.0",
+        "object.values": "^1.2.1",
         "semver": "^6.3.1",
-        "string.prototype.trimend": "^1.0.8",
+        "string.prototype.trimend": "^1.0.9",
         "tsconfig-paths": "^3.15.0"
       },
       "engines": {
@@ -6797,41 +6904,40 @@
       }
     },
     "node_modules/eslint-plugin-import-x": {
-      "version": "4.7.2",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.7.2.tgz",
-      "integrity": "sha512-+GpGWKbQMK3izrwU4XoRGdAJHwvxuboiNusqU25nNXlRsmnxj8B5niQRuFK1aHEvcbIKE6D9ZfwjsLmBQbnJmw==",
+      "version": "4.16.1",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.16.1.tgz",
+      "integrity": "sha512-vPZZsiOKaBAIATpFE2uMI4w5IRwdv/FpQ+qZZMR4E+PeOcM4OeoEbqxRMnywdxP19TyB/3h6QBB0EWon7letSQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@types/doctrine": "^0.0.9",
-        "@typescript-eslint/utils": "^8.26.1",
-        "debug": "^4.4.0",
-        "doctrine": "^3.0.0",
-        "eslint-import-resolver-node": "^0.3.9",
-        "get-tsconfig": "^4.10.0",
+        "@typescript-eslint/types": "^8.35.0",
+        "comment-parser": "^1.4.1",
+        "debug": "^4.4.1",
+        "eslint-import-context": "^0.1.9",
         "is-glob": "^4.0.3",
-        "minimatch": "^10.0.1",
-        "rspack-resolver": "^1.1.0",
-        "semver": "^7.7.1",
-        "stable-hash": "^0.0.5",
-        "tslib": "^2.8.1"
+        "minimatch": "^9.0.3 || ^10.0.1",
+        "semver": "^7.7.2",
+        "stable-hash-x": "^0.2.0",
+        "unrs-resolver": "^1.9.2"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
       },
+      "funding": {
+        "url": "https://opencollective.com/eslint-plugin-import-x"
+      },
       "peerDependencies": {
-        "eslint": "^8.57.0 || ^9.0.0"
-      }
-    },
-    "node_modules/eslint-plugin-import/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
+        "@typescript-eslint/utils": "^8.0.0",
+        "eslint": "^8.57.0 || ^9.0.0",
+        "eslint-import-resolver-node": "*"
+      },
+      "peerDependenciesMeta": {
+        "@typescript-eslint/utils": {
+          "optional": true
+        },
+        "eslint-import-resolver-node": {
+          "optional": true
+        }
       }
     },
     "node_modules/eslint-plugin-import/node_modules/debug": {
@@ -6910,17 +7016,6 @@
         "eslint": "^3 || ^4 || ^5 || ^6 || ^7 || ^8 || ^9"
       }
     },
-    "node_modules/eslint-plugin-jsx-a11y/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/eslint-plugin-jsx-a11y/node_modules/minimatch": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -6971,14 +7066,11 @@
       }
     },
     "node_modules/eslint-plugin-playwright": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-playwright/-/eslint-plugin-playwright-2.2.0.tgz",
-      "integrity": "sha512-qSQpAw7RcSzE3zPp8FMGkthaCWovHZ/BsXtpmnGax9vQLIovlh1bsZHEa2+j2lv9DWhnyeLM/qZmp7ffQZfQvg==",
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-playwright/-/eslint-plugin-playwright-2.2.2.tgz",
+      "integrity": "sha512-j0jKpndIPOXRRP9uMkwb9l/nSmModOU3452nrFdgFJoEv/435J1onk8+aITzjDW8DfypxgmVaDMdmVIa6F7I0w==",
       "dev": true,
       "license": "MIT",
-      "workspaces": [
-        "examples"
-      ],
       "dependencies": {
         "globals": "^13.23.0"
       },
@@ -6990,14 +7082,14 @@
       }
     },
     "node_modules/eslint-plugin-prettier": {
-      "version": "5.2.3",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.2.3.tgz",
-      "integrity": "sha512-qJ+y0FfCp/mQYQ/vWQ3s7eUlFEL4PyKfAJxsnYTJ4YT73nsJBWqmEpFryxV9OeUiqmsTsYJ5Y+KDNaeP31wrRw==",
+      "version": "5.5.3",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.5.3.tgz",
+      "integrity": "sha512-NAdMYww51ehKfDyDhv59/eIItUVzU0Io9H2E8nHNGKEeeqlnci+1gCvrHib6EmZdf6GxF+LCV5K7UC65Ezvw7w==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "prettier-linter-helpers": "^1.0.0",
-        "synckit": "^0.9.1"
+        "synckit": "^0.11.7"
       },
       "engines": {
         "node": "^14.18.0 || >=16.0.0"
@@ -7008,7 +7100,7 @@
       "peerDependencies": {
         "@types/eslint": ">=8.0.0",
         "eslint": ">=8.0.0",
-        "eslint-config-prettier": "*",
+        "eslint-config-prettier": ">= 7.0.0 <10.0.0 || >=10.1.0",
         "prettier": ">=3.0.0"
       },
       "peerDependenciesMeta": {
@@ -7021,9 +7113,9 @@
       }
     },
     "node_modules/eslint-plugin-regexp": {
-      "version": "2.7.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-regexp/-/eslint-plugin-regexp-2.7.0.tgz",
-      "integrity": "sha512-U8oZI77SBtH8U3ulZ05iu0qEzIizyEDXd+BWHvyVxTOjGwcDcvy/kEpgFG4DYca2ByRLiVPFZ2GeH7j1pdvZTA==",
+      "version": "2.9.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-regexp/-/eslint-plugin-regexp-2.9.0.tgz",
+      "integrity": "sha512-9WqJMnOq8VlE/cK+YAo9C9YHhkOtcEtEk9d12a+H7OSZFwlpI6stiHmYPGa2VE0QhTzodJyhlyprUaXDZLgHBw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -7043,9 +7135,9 @@
       }
     },
     "node_modules/eslint-plugin-sonarjs": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-3.0.2.tgz",
-      "integrity": "sha512-LxjbfwI7ypENeTmGyKmDyNux3COSkMi7H/6Cal5StSLQ6edf0naP45SZR43OclaNR7WfhVTZdhOn63q3/Y6puQ==",
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-3.0.4.tgz",
+      "integrity": "sha512-ftQcP811kRJNXapqpQXHErEoVOdTPfYPPYd7n3AExIPwv4qWKKHf4slFvXmodiOnfgy1Tl3waPZZLD7lcvJOtw==",
       "dev": true,
       "license": "LGPL-3.0-only",
       "dependencies": {
@@ -7054,15 +7146,33 @@
         "bytes": "3.1.2",
         "functional-red-black-tree": "1.0.1",
         "jsx-ast-utils": "3.3.5",
+        "lodash.merge": "4.6.2",
         "minimatch": "9.0.5",
         "scslre": "0.3.0",
-        "semver": "7.7.1",
-        "typescript": "^5"
+        "semver": "7.7.2",
+        "typescript": ">=5"
       },
       "peerDependencies": {
         "eslint": "^8.0.0 || ^9.0.0"
       }
     },
+    "node_modules/eslint-plugin-sonarjs/node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/eslint-plugin-sonarjs/node_modules/brace-expansion": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^1.0.0"
+      }
+    },
     "node_modules/eslint-plugin-sonarjs/node_modules/minimatch": {
       "version": "9.0.5",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
@@ -7127,9 +7237,9 @@
       }
     },
     "node_modules/eslint-plugin-vue": {
-      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-vue/-/eslint-plugin-vue-10.0.0.tgz",
-      "integrity": "sha512-XKckedtajqwmaX6u1VnECmZ6xJt+YvlmMzBPZd+/sI3ub2lpYZyFnsyWo7c3nMOQKJQudeyk1lw/JxdgeKT64w==",
+      "version": "10.4.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-vue/-/eslint-plugin-vue-10.4.0.tgz",
+      "integrity": "sha512-K6tP0dW8FJVZLQxa2S7LcE1lLw3X8VvB3t887Q6CLrFVxHYBXGANbXvwNzYIu6Ughx1bSJ5BDT0YB3ybPT39lw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -7144,24 +7254,30 @@
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
       },
       "peerDependencies": {
+        "@typescript-eslint/parser": "^7.0.0 || ^8.0.0",
         "eslint": "^8.57.0 || ^9.0.0",
         "vue-eslint-parser": "^10.0.0"
+      },
+      "peerDependenciesMeta": {
+        "@typescript-eslint/parser": {
+          "optional": true
+        }
       }
     },
     "node_modules/eslint-plugin-vue-scoped-css": {
-      "version": "2.9.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-vue-scoped-css/-/eslint-plugin-vue-scoped-css-2.9.0.tgz",
-      "integrity": "sha512-zXeKtEUpfk3PlsgKnr9/2U8K2xcsCV1M9hXWRhKbl3wipVowGXfHrhqUzHFVWNAHzEQv0DCDXGFWrmsGFqhGGA==",
+      "version": "2.11.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-vue-scoped-css/-/eslint-plugin-vue-scoped-css-2.11.0.tgz",
+      "integrity": "sha512-rrJgLY8iroTIUMSyxhyhJzFcRxABbk3gFrOLkl41F9G1VBqNNpDShyf6PmDoBEWDk07/bJlnqYlvnQ3giUrRYQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@eslint-community/eslint-utils": "^4.4.0",
-        "eslint-compat-utils": "^0.6.0",
+        "eslint-compat-utils": "^0.6.5",
         "lodash": "^4.17.21",
         "postcss": "^8.4.31",
         "postcss-safe-parser": "^6.0.0",
         "postcss-scss": "^4.0.3",
-        "postcss-selector-parser": "^6.0.9",
+        "postcss-selector-parser": "^7.0.0",
         "postcss-styl": "^0.12.0"
       },
       "engines": {
@@ -7175,15 +7291,29 @@
         "vue-eslint-parser": ">=7.1.0"
       }
     },
+    "node_modules/eslint-plugin-vue/node_modules/postcss-selector-parser": {
+      "version": "6.1.2",
+      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz",
+      "integrity": "sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "cssesc": "^3.0.0",
+        "util-deprecate": "^1.0.2"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/eslint-plugin-wc": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-wc/-/eslint-plugin-wc-2.2.1.tgz",
-      "integrity": "sha512-KstLqGmyQz088DvFlDYHg0sHih+w2QeulreCi1D1ftr357klO2zqHdG/bbnNMmuQdVFDuNkopNIyNhmG0XCT/g==",
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-wc/-/eslint-plugin-wc-3.0.1.tgz",
+      "integrity": "sha512-0p1wkSlA2Ue3FA4qW+5LZ+15sy0p1nUyVl1eyBMLq4rtN1LtE9IdI49BXNWMz8N8bM/y7Ulx8SWGAni5f8XO5g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "is-valid-element-name": "^1.0.0",
-        "js-levenshtein-esm": "^1.2.0"
+        "js-levenshtein-esm": "^2.0.0"
       },
       "peerDependencies": {
         "eslint": ">=8.40.0"
@@ -7217,9 +7347,9 @@
       }
     },
     "node_modules/eslint-visitor-keys": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz",
-      "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==",
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
+      "integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
       "dev": true,
       "license": "Apache-2.0",
       "engines": {
@@ -7246,17 +7376,6 @@
         "url": "https://github.com/sponsors/epoberezkin"
       }
     },
-    "node_modules/eslint/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/eslint/node_modules/eslint-visitor-keys": {
       "version": "3.4.3",
       "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz",
@@ -7309,15 +7428,15 @@
       }
     },
     "node_modules/espree": {
-      "version": "10.3.0",
-      "resolved": "https://registry.npmjs.org/espree/-/espree-10.3.0.tgz",
-      "integrity": "sha512-0QYC8b24HWY8zjRnDTL6RiHfDbAWn63qb4LMj1Z4b076A4une81+z03Kg7l7mn/48PUTqoLptSXez8oknU8Clg==",
+      "version": "10.4.0",
+      "resolved": "https://registry.npmjs.org/espree/-/espree-10.4.0.tgz",
+      "integrity": "sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ==",
       "dev": true,
       "license": "BSD-2-Clause",
       "dependencies": {
-        "acorn": "^8.14.0",
+        "acorn": "^8.15.0",
         "acorn-jsx": "^5.3.2",
-        "eslint-visitor-keys": "^4.2.0"
+        "eslint-visitor-keys": "^4.2.1"
       },
       "engines": {
         "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -7403,9 +7522,9 @@
       }
     },
     "node_modules/expect-type": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/expect-type/-/expect-type-1.2.0.tgz",
-      "integrity": "sha512-80F22aiJ3GLyVnS/B3HzgR6RelZVumzj9jkL0Rhz4h0xYbNW9PjlQz5h3J/SShErbXBc295vseR4/MIbVmUbeA==",
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/expect-type/-/expect-type-1.2.2.tgz",
+      "integrity": "sha512-JhFGDVJ7tmDJItKhYgJCGLOWjuK9vPxiXoUFLwLDc99NlmklilbiQJwoctZtt13+xMw91MCk/REan6MWHqDjyA==",
       "dev": true,
       "license": "Apache-2.0",
       "engines": {
@@ -7413,9 +7532,9 @@
       }
     },
     "node_modules/exsolve": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/exsolve/-/exsolve-1.0.4.tgz",
-      "integrity": "sha512-xsZH6PXaER4XoV+NiT7JHp1bJodJVT+cxeSH1G0f0tlT0lJqYuHUP3bUx2HtfTDvOagMINYp8rsqusxud3RXhw==",
+      "version": "1.0.7",
+      "resolved": "https://registry.npmjs.org/exsolve/-/exsolve-1.0.7.tgz",
+      "integrity": "sha512-VO5fQUzZtI6C+vx4w/4BWJpg3s/5l+6pRQEHzFRM8WFi4XffSP1Z+4qi7GbjWbvRQEbdIco5mIMq+zX4rPuLrw==",
       "license": "MIT"
     },
     "node_modules/fast-deep-equal": {
@@ -7543,6 +7662,12 @@
         }
       }
     },
+    "node_modules/fflate": {
+      "version": "0.8.2",
+      "resolved": "https://registry.npmjs.org/fflate/-/fflate-0.8.2.tgz",
+      "integrity": "sha512-cPJU47OaAoCbg0pBvzsgpTPhmhqI5eJjh/JIu8tPj5q+T7iLvW/JAYUqmE7KOB4R1ZyEhzBaIQpQpardBF5z8A==",
+      "license": "MIT"
+    },
     "node_modules/file-entry-cache": {
       "version": "6.0.1",
       "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz",
@@ -7718,9 +7843,9 @@
       }
     },
     "node_modules/get-tsconfig": {
-      "version": "4.10.0",
-      "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.10.0.tgz",
-      "integrity": "sha512-kGzZ3LWWQcGIAmg6iWvXn0ei6WDtV26wzHRMwDSzmAbcXrTEXxHy6IehI6/4eT6VRKyMP1eF1VqwrVUmE/LR7A==",
+      "version": "4.10.1",
+      "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.10.1.tgz",
+      "integrity": "sha512-auHyJ4AgMz7vgS8Hp3N6HXSmlMdUyhSUrfBF16w153rxtLIEOE+HGqaBppczZvnHLqQJfiHotCYpNhl0lUROFQ==",
       "license": "MIT",
       "dependencies": {
         "resolve-pkg-maps": "^1.0.0"
@@ -7768,16 +7893,6 @@
       "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==",
       "license": "BSD-2-Clause"
     },
-    "node_modules/glob/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/glob/node_modules/minimatch": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -7924,19 +8039,37 @@
       }
     },
     "node_modules/happy-dom": {
-      "version": "17.4.4",
-      "resolved": "https://registry.npmjs.org/happy-dom/-/happy-dom-17.4.4.tgz",
-      "integrity": "sha512-/Pb0ctk3HTZ5xEL3BZ0hK1AqDSAUuRQitOmROPHhfUYEWpmTImwfD8vFDGADmMAX0JYgbcgxWoLFKtsWhcpuVA==",
+      "version": "18.0.1",
+      "resolved": "https://registry.npmjs.org/happy-dom/-/happy-dom-18.0.1.tgz",
+      "integrity": "sha512-qn+rKOW7KWpVTtgIUi6RVmTBZJSe2k0Db0vh1f7CWrWclkkc7/Q+FrOfkZIb2eiErLyqu5AXEzE7XthO9JVxRA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "webidl-conversions": "^7.0.0",
+        "@types/node": "^20.0.0",
+        "@types/whatwg-mimetype": "^3.0.2",
         "whatwg-mimetype": "^3.0.0"
       },
       "engines": {
-        "node": ">=18.0.0"
+        "node": ">=20.0.0"
+      }
+    },
+    "node_modules/happy-dom/node_modules/@types/node": {
+      "version": "20.19.9",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.9.tgz",
+      "integrity": "sha512-cuVNgarYWZqxRJDQHEB58GEONhOK79QVR/qYx4S7kcUObQvUwvFnYxJuuHUKm2aieN9X3yZB4LZsuYNU1Qphsw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "undici-types": "~6.21.0"
       }
     },
+    "node_modules/happy-dom/node_modules/undici-types": {
+      "version": "6.21.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+      "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/has-flag": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
@@ -7974,9 +8107,9 @@
       }
     },
     "node_modules/hookified": {
-      "version": "1.8.1",
-      "resolved": "https://registry.npmjs.org/hookified/-/hookified-1.8.1.tgz",
-      "integrity": "sha512-GrO2l93P8xCWBSTBX9l2BxI78VU/MAAYag+pG8curS3aBGy0++ZlxrQ7PdUOUVMbn5BwkGb6+eRrnf43ipnFEA==",
+      "version": "1.11.0",
+      "resolved": "https://registry.npmjs.org/hookified/-/hookified-1.11.0.tgz",
+      "integrity": "sha512-aDdIN3GyU5I6wextPplYdfmWCo+aLmjjVbntmX6HLD5RCi/xKsivYEBhnRD+d9224zFf008ZpLMPlWF0ZodYZw==",
       "dev": true,
       "license": "MIT"
     },
@@ -8031,9 +8164,9 @@
       }
     },
     "node_modules/htmx.org": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/htmx.org/-/htmx.org-2.0.4.tgz",
-      "integrity": "sha512-HLxMCdfXDOJirs3vBZl/ZLoY+c7PfM4Ahr2Ad4YXh6d22T5ltbTXFFkpx9Tgb2vvmWFMbIc3LqN2ToNkZJvyYQ==",
+      "version": "2.0.6",
+      "resolved": "https://registry.npmjs.org/htmx.org/-/htmx.org-2.0.6.tgz",
+      "integrity": "sha512-7ythjYneGSk3yCHgtCnQeaoF+D+o7U2LF37WU3O0JYv3gTZSicdEFiI/Ai/NJyC5ZpYJWMpUb11OC5Lr6AfAqA==",
       "license": "0BSD"
     },
     "node_modules/iconv-lite": {
@@ -8275,13 +8408,13 @@
       }
     },
     "node_modules/is-bun-module": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-1.3.0.tgz",
-      "integrity": "sha512-DgXeu5UWI0IsMQundYb5UAOzm6G2eVnarJ0byP6Tm55iZNKceD59LNPA2L4VvsScTtHcw0yEkVwSf7PC+QoLSA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-2.0.0.tgz",
+      "integrity": "sha512-gNCGbnnnnFAUGKeZ9PdbyeGYJqewpmc2aKHUEMO5nQPWU9lOmv7jcmQIv+qHD8fXW6W7qfuCwX4rY9LNRjXrkQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "semver": "^7.6.3"
+        "semver": "^7.7.1"
       }
     },
     "node_modules/is-core-module": {
@@ -8461,18 +8594,19 @@
       }
     },
     "node_modules/jackspeak": {
-      "version": "3.4.3",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
-      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz",
+      "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==",
+      "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/cliui": "^8.0.2"
       },
+      "engines": {
+        "node": "20 || >=22"
+      },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
-      },
-      "optionalDependencies": {
-        "@pkgjs/parseargs": "^0.11.0"
       }
     },
     "node_modules/jest-worker": {
@@ -8520,9 +8654,9 @@
       "license": "MIT"
     },
     "node_modules/js-levenshtein-esm": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/js-levenshtein-esm/-/js-levenshtein-esm-1.2.0.tgz",
-      "integrity": "sha512-fzreKVq1eD7eGcQr7MtRpQH94f8gIfhdrc7yeih38xh684TNMK9v5aAu2wxfIRMk/GpAJRrzcirMAPIaSDaByQ==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/js-levenshtein-esm/-/js-levenshtein-esm-2.0.0.tgz",
+      "integrity": "sha512-1n4LEPOL4wRXY8rOQcuA7Iuaphe5xCMayvufCzlLAi+hRsnBRDbSS6XPuV58CBVJxj5D9ApFLyjQ7KzFToyHBw==",
       "dev": true,
       "license": "MIT"
     },
@@ -8698,9 +8832,9 @@
       "license": "MIT"
     },
     "node_modules/katex": {
-      "version": "0.16.21",
-      "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.21.tgz",
-      "integrity": "sha512-XvqR7FgOHtWupfMiigNzmh+MgUVmDGU2kXZm899ZkPfcuoPuFxyHmXsgATDpFZDAXCI8tvinaVcDo8PIIJSo4A==",
+      "version": "0.16.22",
+      "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.22.tgz",
+      "integrity": "sha512-XCHRdUw4lf3SKBaJe4EvgqIuWwkPSo9XoeO8GjQW94Bp7TWv9hNhzZjZ+OH9yf1UmLygb7DIT5GSFQiyt16zYg==",
       "funding": [
         "https://opencollective.com/katex",
         "https://github.com/sponsors/katex"
@@ -8738,9 +8872,9 @@
       }
     },
     "node_modules/known-css-properties": {
-      "version": "0.35.0",
-      "resolved": "https://registry.npmjs.org/known-css-properties/-/known-css-properties-0.35.0.tgz",
-      "integrity": "sha512-a/RAk2BfKk+WFGhhOCAYqSiFLc34k8Mt/6NWRI4joER0EYUzXIcFivjjnoD3+XU1DggLn/tZc3DOAgke7l8a4A==",
+      "version": "0.37.0",
+      "resolved": "https://registry.npmjs.org/known-css-properties/-/known-css-properties-0.37.0.tgz",
+      "integrity": "sha512-JCDrsP4Z1Sb9JwG0aJ8Eo2r7k4Ou5MwmThS/6lcIe1ICyb7UBJKGRIUUdqc2ASdE/42lgz6zFUnzAIhtXnBVrQ==",
       "dev": true,
       "license": "MIT"
     },
@@ -8751,9 +8885,9 @@
       "license": "MIT"
     },
     "node_modules/langium": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/langium/-/langium-3.0.0.tgz",
-      "integrity": "sha512-+Ez9EoiByeoTu/2BXmEaZ06iPNXM6thWJp02KfBO/raSMyCJ4jw7AkWWa+zBCTm0+Tw1Fj9FOxdqSskyN5nAwg==",
+      "version": "3.3.1",
+      "resolved": "https://registry.npmjs.org/langium/-/langium-3.3.1.tgz",
+      "integrity": "sha512-QJv/h939gDpvT+9SiLVlY7tZC3xB2qK57v0J04Sh9wpMb6MP1q8gB21L3WIo8T5P1MSMg3Ep14L7KkDCFG3y4w==",
       "license": "MIT",
       "dependencies": {
         "chevrotain": "~11.0.3",
@@ -8836,16 +8970,6 @@
         "webpack": "^4.4.0 || ^5.4.0"
       }
     },
-    "node_modules/license-checker-webpack-plugin/node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/license-checker-webpack-plugin/node_modules/minimatch": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -9061,9 +9185,9 @@
       "license": "MIT"
     },
     "node_modules/loupe": {
-      "version": "3.1.3",
-      "resolved": "https://registry.npmjs.org/loupe/-/loupe-3.1.3.tgz",
-      "integrity": "sha512-kkIp7XSkP78ZxJEsSxW3712C6teJVoeHHwgo9zJ380de7IYyJ2ISlxojcH2pC5OFLewESmnRi/+XCDIEEVyoug==",
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/loupe/-/loupe-3.2.0.tgz",
+      "integrity": "sha512-2NCfZcT5VGVNX9mSZIxLRkEAegDGBpuQZBy13desuHeVORmBDyAET4TkJr4SjqQy3A8JDofMN6LpkK8Xcm/dlw==",
       "dev": true,
       "license": "MIT"
     },
@@ -9078,10 +9202,14 @@
       }
     },
     "node_modules/lru-cache": {
-      "version": "10.4.3",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
-      "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
-      "license": "ISC"
+      "version": "11.1.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.1.0.tgz",
+      "integrity": "sha512-QIXZUBJUx+2zHUdQujWejBkcD9+cs94tLn0+YL8UrCh+D5sCXZ4c7LaEH48pNwRY3MLDgqUFyhlCyjJPf1WP0A==",
+      "dev": true,
+      "license": "ISC",
+      "engines": {
+        "node": "20 || >=22"
+      }
     },
     "node_modules/magic-string": {
       "version": "0.25.9",
@@ -9119,52 +9247,52 @@
       }
     },
     "node_modules/markdownlint": {
-      "version": "0.37.4",
-      "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.37.4.tgz",
-      "integrity": "sha512-u00joA/syf3VhWh6/ybVFkib5Zpj2e5KB/cfCei8fkSRuums6nyisTWGqjTWIOFoFwuXoTBQQiqlB4qFKp8ncQ==",
+      "version": "0.38.0",
+      "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.38.0.tgz",
+      "integrity": "sha512-xaSxkaU7wY/0852zGApM8LdlIfGCW8ETZ0Rr62IQtAnUMlMuifsg09vWJcNYeL4f0anvr8Vo4ZQar8jGpV0btQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "markdown-it": "14.1.0",
-        "micromark": "4.0.1",
-        "micromark-core-commonmark": "2.0.2",
-        "micromark-extension-directive": "3.0.2",
+        "micromark": "4.0.2",
+        "micromark-core-commonmark": "2.0.3",
+        "micromark-extension-directive": "4.0.0",
         "micromark-extension-gfm-autolink-literal": "2.1.0",
         "micromark-extension-gfm-footnote": "2.1.0",
-        "micromark-extension-gfm-table": "2.1.0",
+        "micromark-extension-gfm-table": "2.1.1",
         "micromark-extension-math": "3.1.0",
-        "micromark-util-types": "2.0.1"
+        "micromark-util-types": "2.0.2"
       },
       "engines": {
-        "node": ">=18"
+        "node": ">=20"
       },
       "funding": {
         "url": "https://github.com/sponsors/DavidAnson"
       }
     },
     "node_modules/markdownlint-cli": {
-      "version": "0.44.0",
-      "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.44.0.tgz",
-      "integrity": "sha512-ZJTAONlvF9NkrIBltCdW15DxN9UTbPiKMEqAh2EU2gwIFlrCMavyCEPPO121cqfYOrLUJWW8/XKWongstmmTeQ==",
+      "version": "0.45.0",
+      "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.45.0.tgz",
+      "integrity": "sha512-GiWr7GfJLVfcopL3t3pLumXCYs8sgWppjIA1F/Cc3zIMgD3tmkpyZ1xkm1Tej8mw53B93JsDjgA3KOftuYcfOw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "commander": "~13.1.0",
-        "glob": "~10.4.5",
-        "ignore": "~7.0.3",
+        "glob": "~11.0.2",
+        "ignore": "~7.0.4",
         "js-yaml": "~4.1.0",
         "jsonc-parser": "~3.3.1",
         "jsonpointer": "~5.0.1",
-        "markdownlint": "~0.37.4",
-        "minimatch": "~9.0.5",
+        "markdown-it": "~14.1.0",
+        "markdownlint": "~0.38.0",
+        "minimatch": "~10.0.1",
         "run-con": "~1.3.2",
-        "smol-toml": "~1.3.1"
+        "smol-toml": "~1.3.4"
       },
       "bin": {
         "markdownlint": "markdownlint.js"
       },
       "engines": {
-        "node": ">=18"
+        "node": ">=20"
       }
     },
     "node_modules/markdownlint-cli/node_modules/commander": {
@@ -9178,30 +9306,33 @@
       }
     },
     "node_modules/markdownlint-cli/node_modules/glob": {
-      "version": "10.4.5",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
-      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
+      "version": "11.0.3",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.3.tgz",
+      "integrity": "sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==",
       "dev": true,
       "license": "ISC",
       "dependencies": {
-        "foreground-child": "^3.1.0",
-        "jackspeak": "^3.1.2",
-        "minimatch": "^9.0.4",
+        "foreground-child": "^3.3.1",
+        "jackspeak": "^4.1.1",
+        "minimatch": "^10.0.3",
         "minipass": "^7.1.2",
         "package-json-from-dist": "^1.0.0",
-        "path-scurry": "^1.11.1"
+        "path-scurry": "^2.0.0"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
+      "engines": {
+        "node": "20 || >=22"
+      },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/markdownlint-cli/node_modules/ignore": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.3.tgz",
-      "integrity": "sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==",
+      "version": "7.0.5",
+      "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz",
+      "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -9215,22 +9346,6 @@
       "dev": true,
       "license": "MIT"
     },
-    "node_modules/markdownlint-cli/node_modules/minimatch": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
-      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
-      "dev": true,
-      "license": "ISC",
-      "dependencies": {
-        "brace-expansion": "^2.0.1"
-      },
-      "engines": {
-        "node": ">=16 || 14 >=14.17"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
     "node_modules/marked": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/marked/-/marked-4.3.0.tgz",
@@ -9244,9 +9359,9 @@
       }
     },
     "node_modules/material-icon-theme": {
-      "version": "5.20.0",
-      "resolved": "https://registry.npmjs.org/material-icon-theme/-/material-icon-theme-5.20.0.tgz",
-      "integrity": "sha512-EAz5I2O7Hq6G8Rv0JdO6NXL+jK/mvDppcVUVbsUMpSqSmFczNdaR5WJ3lOiRz4HNBlEN2i2sVSfuqI5iNQfGLg==",
+      "version": "5.24.0",
+      "resolved": "https://registry.npmjs.org/material-icon-theme/-/material-icon-theme-5.24.0.tgz",
+      "integrity": "sha512-fKCtRSOZwSMipgfsisDtlERXndg7hu4Ykhw8Vr+92NFVhYAi3izRHyKg6YooTw6yIB8fMF6Gq8IeNhbRxRY2SQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -9316,14 +9431,14 @@
       }
     },
     "node_modules/mermaid": {
-      "version": "11.5.0",
-      "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-11.5.0.tgz",
-      "integrity": "sha512-IYhyukID3zzDj1EihKiN1lp+PXNImoJ3Iyz73qeDAgnus4BNGsJV1n471P4PyeGxPVONerZxignwGxGTSwZnlg==",
+      "version": "11.9.0",
+      "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-11.9.0.tgz",
+      "integrity": "sha512-YdPXn9slEwO0omQfQIsW6vS84weVQftIyyTGAZCwM//MGhPzL1+l6vO6bkf0wnP4tHigH1alZ5Ooy3HXI2gOag==",
       "license": "MIT",
       "dependencies": {
         "@braintree/sanitize-url": "^7.0.4",
         "@iconify/utils": "^2.1.33",
-        "@mermaid-js/parser": "^0.3.0",
+        "@mermaid-js/parser": "^0.6.2",
         "@types/d3": "^7.4.3",
         "cytoscape": "^3.29.3",
         "cytoscape-cose-bilkent": "^4.1.0",
@@ -9332,11 +9447,11 @@
         "d3-sankey": "^0.12.3",
         "dagre-d3-es": "7.0.11",
         "dayjs": "^1.11.13",
-        "dompurify": "^3.2.4",
-        "katex": "^0.16.9",
+        "dompurify": "^3.2.5",
+        "katex": "^0.16.22",
         "khroma": "^2.1.0",
         "lodash-es": "^4.17.21",
-        "marked": "^15.0.7",
+        "marked": "^16.0.0",
         "roughjs": "^4.6.6",
         "stylis": "^4.3.6",
         "ts-dedent": "^2.2.0",
@@ -9344,21 +9459,21 @@
       }
     },
     "node_modules/mermaid/node_modules/marked": {
-      "version": "15.0.7",
-      "resolved": "https://registry.npmjs.org/marked/-/marked-15.0.7.tgz",
-      "integrity": "sha512-dgLIeKGLx5FwziAnsk4ONoGwHwGPJzselimvlVskE9XLN4Orv9u2VA3GWw/lYUqjfA0rUT/6fqKwfZJapP9BEg==",
+      "version": "16.1.1",
+      "resolved": "https://registry.npmjs.org/marked/-/marked-16.1.1.tgz",
+      "integrity": "sha512-ij/2lXfCRT71L6u0M29tJPhP0bM5shLL3u5BePhFwPELj2blMJ6GDtD7PfJhRLhJ/c2UwrK17ySVcDzy2YHjHQ==",
       "license": "MIT",
       "bin": {
         "marked": "bin/marked.js"
       },
       "engines": {
-        "node": ">= 18"
+        "node": ">= 20"
       }
     },
     "node_modules/micromark": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/micromark/-/micromark-4.0.1.tgz",
-      "integrity": "sha512-eBPdkcoCNvYcxQOAKAlceo5SNdzZWfF+FcSupREAzdAh9rRmE239CEQAiTwIgblwnoM8zzj35sZ5ZwvSEOF6Kw==",
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/micromark/-/micromark-4.0.2.tgz",
+      "integrity": "sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA==",
       "dev": true,
       "funding": [
         {
@@ -9392,9 +9507,9 @@
       }
     },
     "node_modules/micromark-core-commonmark": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/micromark-core-commonmark/-/micromark-core-commonmark-2.0.2.tgz",
-      "integrity": "sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==",
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/micromark-core-commonmark/-/micromark-core-commonmark-2.0.3.tgz",
+      "integrity": "sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg==",
       "dev": true,
       "funding": [
         {
@@ -9427,9 +9542,9 @@
       }
     },
     "node_modules/micromark-extension-directive": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/micromark-extension-directive/-/micromark-extension-directive-3.0.2.tgz",
-      "integrity": "sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/micromark-extension-directive/-/micromark-extension-directive-4.0.0.tgz",
+      "integrity": "sha512-/C2nqVmXXmiseSSuCdItCMho7ybwwop6RrrRPk0KbOHW21JKoCldC+8rFOaundDoRBUWBnJJcxeA/Kvi34WQXg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -9485,9 +9600,9 @@
       }
     },
     "node_modules/micromark-extension-gfm-table": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.0.tgz",
-      "integrity": "sha512-Ub2ncQv+fwD70/l4ou27b4YzfNaCJOvyX4HxXU15m7mpYY+rjuWzsLIPZHJL253Z643RpbcP1oeIJlQ/SKW67g==",
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/micromark-extension-gfm-table/-/micromark-extension-gfm-table-2.1.1.tgz",
+      "integrity": "sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -9875,9 +9990,9 @@
       "license": "MIT"
     },
     "node_modules/micromark-util-types": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/micromark-util-types/-/micromark-util-types-2.0.1.tgz",
-      "integrity": "sha512-534m2WhVTddrcKVepwmVEVnUAmtrx9bfIjNoQHRqfnvdaHQiFytEhJoTgpWJvDEXCO5gLTQh3wYC1PgOJA4NSQ==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/micromark-util-types/-/micromark-util-types-2.0.2.tgz",
+      "integrity": "sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA==",
       "dev": true,
       "funding": [
         {
@@ -9956,12 +10071,12 @@
       }
     },
     "node_modules/minimatch": {
-      "version": "10.0.1",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz",
-      "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==",
+      "version": "10.0.3",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.3.tgz",
+      "integrity": "sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==",
       "license": "ISC",
       "dependencies": {
-        "brace-expansion": "^2.0.1"
+        "@isaacs/brace-expansion": "^5.0.0"
       },
       "engines": {
         "node": "20 || >=22"
@@ -10068,9 +10183,9 @@
       }
     },
     "node_modules/nanoid": {
-      "version": "3.3.10",
-      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.10.tgz",
-      "integrity": "sha512-vSJJTG+t/dIKAUhUDw/dLdZ9s//5OxcHqLaDWWrW4Cdq7o6tdLIczUkMXt2MBNmk6sJRZBZRXVixs7URY1CmIg==",
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
       "funding": [
         {
           "type": "github",
@@ -10085,6 +10200,28 @@
         "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
       }
     },
+    "node_modules/nanopop": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/nanopop/-/nanopop-2.3.0.tgz",
+      "integrity": "sha512-fzN+T2K7/Ah25XU02MJkPZ5q4Tj5FpjmIYq4rvoHX4yb16HzFdCO6JxFFn5Y/oBhQ8no8fUZavnyIv9/+xkBBw==",
+      "license": "MIT"
+    },
+    "node_modules/napi-postinstall": {
+      "version": "0.3.2",
+      "resolved": "https://registry.npmjs.org/napi-postinstall/-/napi-postinstall-0.3.2.tgz",
+      "integrity": "sha512-tWVJxJHmBWLy69PvO96TZMZDrzmw5KeiZBz3RHmiM2XZ9grBJ2WgMAFVVg25nqp3ZjTFUs2Ftw1JhscL3Teliw==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "napi-postinstall": "lib/cli.js"
+      },
+      "engines": {
+        "node": "^12.20.0 || ^14.18.0 || >=16.0.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/napi-postinstall"
+      }
+    },
     "node_modules/natural-compare": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
@@ -10309,6 +10446,17 @@
         "wrappy": "1"
       }
     },
+    "node_modules/online-3d-viewer": {
+      "version": "0.16.0",
+      "resolved": "https://registry.npmjs.org/online-3d-viewer/-/online-3d-viewer-0.16.0.tgz",
+      "integrity": "sha512-Mcmo41TM3K+svlMDRH8ySKSY2e8s7Sssdb5U9LV3gkFKVWGGuS304Vk5gqxopAJbE72DpsC67Ve3YNtcAuROwQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@simonwep/pickr": "1.9.0",
+        "fflate": "0.8.2",
+        "three": "0.176.0"
+      }
+    },
     "node_modules/optionator": {
       "version": "0.9.4",
       "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz",
@@ -10327,29 +10475,6 @@
         "node": ">= 0.8.0"
       }
     },
-    "node_modules/oxc-resolver": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/oxc-resolver/-/oxc-resolver-5.0.0.tgz",
-      "integrity": "sha512-66fopyAqCN8Mx4tzNiBXWbk8asCSuxUWN62gwTc3yfRs7JfWhX/eVJCf+fUrfbNOdQVOWn+o8pAKllp76ysMXA==",
-      "dev": true,
-      "license": "MIT",
-      "funding": {
-        "url": "https://github.com/sponsors/Boshen"
-      },
-      "optionalDependencies": {
-        "@oxc-resolver/binding-darwin-arm64": "5.0.0",
-        "@oxc-resolver/binding-darwin-x64": "5.0.0",
-        "@oxc-resolver/binding-freebsd-x64": "5.0.0",
-        "@oxc-resolver/binding-linux-arm-gnueabihf": "5.0.0",
-        "@oxc-resolver/binding-linux-arm64-gnu": "5.0.0",
-        "@oxc-resolver/binding-linux-arm64-musl": "5.0.0",
-        "@oxc-resolver/binding-linux-x64-gnu": "5.0.0",
-        "@oxc-resolver/binding-linux-x64-musl": "5.0.0",
-        "@oxc-resolver/binding-wasm32-wasi": "5.0.0",
-        "@oxc-resolver/binding-win32-arm64-msvc": "5.0.0",
-        "@oxc-resolver/binding-win32-x64-msvc": "5.0.0"
-      }
-    },
     "node_modules/p-limit": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz",
@@ -10398,13 +10523,10 @@
       "license": "BlueOak-1.0.0"
     },
     "node_modules/package-manager-detector": {
-      "version": "0.2.11",
-      "resolved": "https://registry.npmjs.org/package-manager-detector/-/package-manager-detector-0.2.11.tgz",
-      "integrity": "sha512-BEnLolu+yuz22S56CU1SUKq3XC3PkwD5wv4ikR4MfGvnRVcmzXR9DwSlW2fEamyTPyXHomBJRzgapeuBvRNzJQ==",
-      "license": "MIT",
-      "dependencies": {
-        "quansync": "^0.2.7"
-      }
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/package-manager-detector/-/package-manager-detector-1.3.0.tgz",
+      "integrity": "sha512-ZsEbbZORsyHuO00lY1kV3/t72yp6Ysay6Pd17ZAlNGuGwmWDLCJxFpRs0IzfXfj1o4icJOkUEioexFHzyPurSQ==",
+      "license": "MIT"
     },
     "node_modules/parent-module": {
       "version": "1.0.1",
@@ -10503,16 +10625,17 @@
       "license": "MIT"
     },
     "node_modules/path-scurry": {
-      "version": "1.11.1",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
-      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz",
+      "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==",
+      "dev": true,
       "license": "BlueOak-1.0.0",
       "dependencies": {
-        "lru-cache": "^10.2.0",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+        "lru-cache": "^11.0.0",
+        "minipass": "^7.1.2"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.18"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -10535,9 +10658,9 @@
       "license": "MIT"
     },
     "node_modules/pathval": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/pathval/-/pathval-2.0.0.tgz",
-      "integrity": "sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/pathval/-/pathval-2.0.1.tgz",
+      "integrity": "sha512-//nshmD55c46FuFw26xV/xFAaB5HF9Xdap7HJBBnrKdAd6/GxDBaNA1870O79+9ueg61cZLSVc+OaFlfmObYVQ==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -10584,9 +10707,9 @@
       }
     },
     "node_modules/pirates": {
-      "version": "4.0.6",
-      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz",
-      "integrity": "sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==",
+      "version": "4.0.7",
+      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.7.tgz",
+      "integrity": "sha512-TfySrs/5nm8fQJDcBDuUng3VOUKsd7S+zqvbOTiGXHfxX4wK31ard+hoNuvkicM/2YFzlpDgABOevKSsB4G/FA==",
       "license": "MIT",
       "engines": {
         "node": ">= 6"
@@ -10657,24 +10780,24 @@
       }
     },
     "node_modules/pkg-types": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.1.0.tgz",
-      "integrity": "sha512-wmJwA+8ihJixSoHKxZJRBQG1oY8Yr9pGLzRmSsNms0iNWyHHAlZCa7mmKiFR10YPZuz/2k169JiS/inOjBCZ2A==",
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.2.0.tgz",
+      "integrity": "sha512-2SM/GZGAEkPp3KWORxQZns4M+WSeXbC2HEvmOIJe3Cmiv6ieAJvdVhDldtHqM5J1Y7MrR1XhkBT/rMlhh9FdqQ==",
       "license": "MIT",
       "dependencies": {
-        "confbox": "^0.2.1",
-        "exsolve": "^1.0.1",
+        "confbox": "^0.2.2",
+        "exsolve": "^1.0.7",
         "pathe": "^2.0.3"
       }
     },
     "node_modules/playwright": {
-      "version": "1.49.1",
-      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.49.1.tgz",
-      "integrity": "sha512-VYL8zLoNTBxVOrJBbDuRgDWa3i+mfQgDTrL8Ah9QXZ7ax4Dsj0MSq5bYgytRnDVVe+njoKnfsYkH3HzqVj5UZA==",
+      "version": "1.54.1",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.54.1.tgz",
+      "integrity": "sha512-peWpSwIBmSLi6aW2auvrUtf2DqY16YYcCMO8rTVx486jKmDTJg7UAhyrraP98GB8BoPURZP8+nxO7TSd4cPr5g==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "playwright-core": "1.49.1"
+        "playwright-core": "1.54.1"
       },
       "bin": {
         "playwright": "cli.js"
@@ -10687,9 +10810,9 @@
       }
     },
     "node_modules/playwright-core": {
-      "version": "1.49.1",
-      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.49.1.tgz",
-      "integrity": "sha512-BzmpVcs4kE2CH15rWfzpjzVGhWERJfmnXmniSyKeRZUs9Ws65m+RGIi7mjJK/euCegfn3i7jvqWeWyHe9y3Vgg==",
+      "version": "1.54.1",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.54.1.tgz",
+      "integrity": "sha512-Nbjs2zjj0htNhzgiy5wu+3w09YetDx5pkrpI/kZotDlDUaYk0HVA5xrBVPdow4SAUIlhgKcJeJg4GRKW6xHusA==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {
@@ -10736,9 +10859,9 @@
       }
     },
     "node_modules/postcss": {
-      "version": "8.5.3",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.3.tgz",
-      "integrity": "sha512-dle9A3yYxlBSrt8Fu+IpjGT8SY8hN0mlaA6GY8t0P5PjIOZemULz/E2Bnm/2dcUOena75OTNkHI76uZBNUUq3A==",
+      "version": "8.5.6",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz",
+      "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==",
       "funding": [
         {
           "type": "opencollective",
@@ -10755,7 +10878,7 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "nanoid": "^3.3.8",
+        "nanoid": "^3.3.11",
         "picocolors": "^1.1.1",
         "source-map-js": "^1.2.1"
       },
@@ -10815,41 +10938,6 @@
         "postcss": "^8.4.21"
       }
     },
-    "node_modules/postcss-load-config": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz",
-      "integrity": "sha512-bSVhyJGL00wMVoPUzAVAnbEoWyqRxkjv64tUl427SKnPrENtq6hJwUojroMz2VB+Q1edmi4IfrAPpami5VVgMQ==",
-      "funding": [
-        {
-          "type": "opencollective",
-          "url": "https://opencollective.com/postcss/"
-        },
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/ai"
-        }
-      ],
-      "license": "MIT",
-      "dependencies": {
-        "lilconfig": "^3.0.0",
-        "yaml": "^2.3.4"
-      },
-      "engines": {
-        "node": ">= 14"
-      },
-      "peerDependencies": {
-        "postcss": ">=8.0.9",
-        "ts-node": ">=9.0.0"
-      },
-      "peerDependenciesMeta": {
-        "postcss": {
-          "optional": true
-        },
-        "ts-node": {
-          "optional": true
-        }
-      }
-    },
     "node_modules/postcss-loader": {
       "version": "8.1.1",
       "resolved": "https://registry.npmjs.org/postcss-loader/-/postcss-loader-8.1.1.tgz",
@@ -10910,19 +10998,6 @@
         "postcss": "^8.1.0"
       }
     },
-    "node_modules/postcss-modules-local-by-default/node_modules/postcss-selector-parser": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz",
-      "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==",
-      "license": "MIT",
-      "dependencies": {
-        "cssesc": "^3.0.0",
-        "util-deprecate": "^1.0.2"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "node_modules/postcss-modules-scope": {
       "version": "3.2.1",
       "resolved": "https://registry.npmjs.org/postcss-modules-scope/-/postcss-modules-scope-3.2.1.tgz",
@@ -10938,19 +11013,6 @@
         "postcss": "^8.1.0"
       }
     },
-    "node_modules/postcss-modules-scope/node_modules/postcss-selector-parser": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz",
-      "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==",
-      "license": "MIT",
-      "dependencies": {
-        "cssesc": "^3.0.0",
-        "util-deprecate": "^1.0.2"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "node_modules/postcss-modules-values": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/postcss-modules-values/-/postcss-modules-values-4.0.0.tgz",
@@ -10991,37 +11053,23 @@
         "postcss": "^8.2.14"
       }
     },
-    "node_modules/postcss-nesting": {
-      "version": "13.0.1",
-      "resolved": "https://registry.npmjs.org/postcss-nesting/-/postcss-nesting-13.0.1.tgz",
-      "integrity": "sha512-VbqqHkOBOt4Uu3G8Dm8n6lU5+9cJFxiuty9+4rcoyRPO9zZS1JIs6td49VIoix3qYqELHlJIn46Oih9SAKo+yQ==",
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/csstools"
-        },
-        {
-          "type": "opencollective",
-          "url": "https://opencollective.com/csstools"
-        }
-      ],
-      "license": "MIT-0",
+    "node_modules/postcss-nested/node_modules/postcss-selector-parser": {
+      "version": "6.1.2",
+      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz",
+      "integrity": "sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==",
+      "license": "MIT",
       "dependencies": {
-        "@csstools/selector-resolve-nested": "^3.0.0",
-        "@csstools/selector-specificity": "^5.0.0",
-        "postcss-selector-parser": "^7.0.0"
+        "cssesc": "^3.0.0",
+        "util-deprecate": "^1.0.2"
       },
       "engines": {
-        "node": ">=18"
-      },
-      "peerDependencies": {
-        "postcss": "^8.4"
+        "node": ">=4"
       }
     },
-    "node_modules/postcss-nesting/node_modules/@csstools/selector-resolve-nested": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/@csstools/selector-resolve-nested/-/selector-resolve-nested-3.0.0.tgz",
-      "integrity": "sha512-ZoK24Yku6VJU1gS79a5PFmC8yn3wIapiKmPgun0hZgEI5AOqgH2kiPRsPz1qkGv4HL+wuDLH83yQyk6inMYrJQ==",
+    "node_modules/postcss-nesting": {
+      "version": "13.0.2",
+      "resolved": "https://registry.npmjs.org/postcss-nesting/-/postcss-nesting-13.0.2.tgz",
+      "integrity": "sha512-1YCI290TX+VP0U/K/aFxzHzQWHWURL+CtHMSbex1lCdpXD1SoR2sYuxDu5aNI9lPoXpKTCggFZiDJbwylU0LEQ==",
       "funding": [
         {
           "type": "github",
@@ -11033,46 +11081,16 @@
         }
       ],
       "license": "MIT-0",
-      "engines": {
-        "node": ">=18"
-      },
-      "peerDependencies": {
+      "dependencies": {
+        "@csstools/selector-resolve-nested": "^3.1.0",
+        "@csstools/selector-specificity": "^5.0.0",
         "postcss-selector-parser": "^7.0.0"
-      }
-    },
-    "node_modules/postcss-nesting/node_modules/@csstools/selector-specificity": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@csstools/selector-specificity/-/selector-specificity-5.0.0.tgz",
-      "integrity": "sha512-PCqQV3c4CoVm3kdPhyeZ07VmBRdH2EpMFA/pd9OASpOEC3aXNGoqPDAZ80D0cLpMBxnmk0+yNhGsEx31hq7Gtw==",
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/csstools"
-        },
-        {
-          "type": "opencollective",
-          "url": "https://opencollective.com/csstools"
-        }
-      ],
-      "license": "MIT-0",
+      },
       "engines": {
         "node": ">=18"
       },
       "peerDependencies": {
-        "postcss-selector-parser": "^7.0.0"
-      }
-    },
-    "node_modules/postcss-nesting/node_modules/postcss-selector-parser": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz",
-      "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==",
-      "license": "MIT",
-      "dependencies": {
-        "cssesc": "^3.0.0",
-        "util-deprecate": "^1.0.2"
-      },
-      "engines": {
-        "node": ">=4"
+        "postcss": "^8.4"
       }
     },
     "node_modules/postcss-resolve-nested-selector": {
@@ -11127,9 +11145,9 @@
       }
     },
     "node_modules/postcss-selector-parser": {
-      "version": "6.1.2",
-      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz",
-      "integrity": "sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==",
+      "version": "7.1.0",
+      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz",
+      "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==",
       "license": "MIT",
       "dependencies": {
         "cssesc": "^3.0.0",
@@ -11176,9 +11194,9 @@
       }
     },
     "node_modules/prettier": {
-      "version": "3.5.3",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz",
-      "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==",
+      "version": "3.6.2",
+      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.2.tgz",
+      "integrity": "sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==",
       "dev": true,
       "license": "MIT",
       "bin": {
@@ -11242,9 +11260,9 @@
       }
     },
     "node_modules/quansync": {
-      "version": "0.2.8",
-      "resolved": "https://registry.npmjs.org/quansync/-/quansync-0.2.8.tgz",
-      "integrity": "sha512-4+saucphJMazjt7iOM27mbFCk+D9dd/zmgMDCzRZ8MEoBfYp7lAvoN38et/phRQF6wOPMy/OROBGgoWeSKyluA==",
+      "version": "0.2.10",
+      "resolved": "https://registry.npmjs.org/quansync/-/quansync-0.2.10.tgz",
+      "integrity": "sha512-t41VRkMYbkHyCYmOvx/6URnN80H7k4X0lLdBMGsz+maAwrJQYB1djpV6vHrQIBE0WBSGqhtEHrK9U3DWWH8v7A==",
       "funding": [
         {
           "type": "individual",
@@ -11442,12 +11460,6 @@
         "node": "^12.0.0 || ^14.0.0 || >=16.0.0"
       }
     },
-    "node_modules/regenerator-runtime": {
-      "version": "0.14.1",
-      "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz",
-      "integrity": "sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==",
-      "license": "MIT"
-    },
     "node_modules/regexp-ast-analysis": {
       "version": "0.7.1",
       "resolved": "https://registry.npmjs.org/regexp-ast-analysis/-/regexp-ast-analysis-0.7.1.tgz",
@@ -11652,29 +11664,6 @@
         "points-on-path": "^0.2.1"
       }
     },
-    "node_modules/rspack-resolver": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/rspack-resolver/-/rspack-resolver-1.1.0.tgz",
-      "integrity": "sha512-pJfTX5KuwbJc4agd2AQ9sMwrBxMAGkLt4/HHw5+L06WuzxjsEjg3oDKdbfn43QGq0Stw8wQ7VpZjWA/T03L0Pg==",
-      "dev": true,
-      "license": "MIT",
-      "funding": {
-        "url": "https://github.com/sponsors/JounQin"
-      },
-      "optionalDependencies": {
-        "@unrs/rspack-resolver-binding-darwin-arm64": "1.1.0",
-        "@unrs/rspack-resolver-binding-darwin-x64": "1.1.0",
-        "@unrs/rspack-resolver-binding-freebsd-x64": "1.1.0",
-        "@unrs/rspack-resolver-binding-linux-arm-gnueabihf": "1.1.0",
-        "@unrs/rspack-resolver-binding-linux-arm64-gnu": "1.1.0",
-        "@unrs/rspack-resolver-binding-linux-arm64-musl": "1.1.0",
-        "@unrs/rspack-resolver-binding-linux-x64-gnu": "1.1.0",
-        "@unrs/rspack-resolver-binding-linux-x64-musl": "1.1.0",
-        "@unrs/rspack-resolver-binding-wasm32-wasi": "1.1.0",
-        "@unrs/rspack-resolver-binding-win32-arm64-msvc": "1.1.0",
-        "@unrs/rspack-resolver-binding-win32-x64-msvc": "1.1.0"
-      }
-    },
     "node_modules/run-con": {
       "version": "1.3.2",
       "resolved": "https://registry.npmjs.org/run-con/-/run-con-1.3.2.tgz",
@@ -11766,9 +11755,9 @@
       "license": "ISC"
     },
     "node_modules/schema-utils": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.0.tgz",
-      "integrity": "sha512-Gf9qqc58SpCA/xdziiHz35F4GNIWYWZrEshUc/G/r5BnLph6xpKuLeoJoQuj5WfBIx/eQLf+hmVPYHaxJu7V2g==",
+      "version": "4.3.2",
+      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.2.tgz",
+      "integrity": "sha512-Gn/JaSk/Mt9gYubxTtSn/QCV4em9mpAPiR1rqy/Ocu19u/G9J5WWdNoUT4SiV6mFC3y6cxyFcFwdzPM3FgxGAQ==",
       "license": "MIT",
       "dependencies": {
         "@types/json-schema": "^7.0.9",
@@ -11800,9 +11789,9 @@
       }
     },
     "node_modules/semver": {
-      "version": "7.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.1.tgz",
-      "integrity": "sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA==",
+      "version": "7.7.2",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
+      "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
       "license": "ISC",
       "bin": {
         "semver": "bin/semver.js"
@@ -11821,18 +11810,18 @@
       }
     },
     "node_modules/seroval": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/seroval/-/seroval-1.2.1.tgz",
-      "integrity": "sha512-yBxFFs3zmkvKNmR0pFSU//rIsYjuX418TnlDmc2weaq5XFDqDIV/NOMPBoLrbxjLH42p4UzRuXHryXh9dYcKcw==",
+      "version": "1.3.2",
+      "resolved": "https://registry.npmjs.org/seroval/-/seroval-1.3.2.tgz",
+      "integrity": "sha512-RbcPH1n5cfwKrru7v7+zrZvjLurgHhGyso3HTyGtRivGWgYjbOmGuivCQaORNELjNONoK35nj28EoWul9sb1zQ==",
       "license": "MIT",
       "engines": {
         "node": ">=10"
       }
     },
     "node_modules/seroval-plugins": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/seroval-plugins/-/seroval-plugins-1.2.1.tgz",
-      "integrity": "sha512-H5vs53+39+x4Udwp4J5rNZfgFuA+Lt+uU+09w1gYBVWomtAl98B+E9w7yC05Xc81/HgLvJdlyqJbU0fJCKCmdw==",
+      "version": "1.3.2",
+      "resolved": "https://registry.npmjs.org/seroval-plugins/-/seroval-plugins-1.3.2.tgz",
+      "integrity": "sha512-0QvCV2lM3aj/U3YozDiVwx9zpH0q8A60CTWIv4Jszj/givcudPb48B+rkU5D51NJ0pTpweGMttHjboPa9/zoIQ==",
       "license": "MIT",
       "engines": {
         "node": ">=10"
@@ -11935,9 +11924,9 @@
       }
     },
     "node_modules/smol-toml": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.3.1.tgz",
-      "integrity": "sha512-tEYNll18pPKHroYSmLLrksq233j021G0giwW7P3D24jC54pQ5W5BXMsQ/Mvw1OJCmEYDgY+lrzT+3nNUtoNfXQ==",
+      "version": "1.3.4",
+      "resolved": "https://registry.npmjs.org/smol-toml/-/smol-toml-1.3.4.tgz",
+      "integrity": "sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA==",
       "dev": true,
       "license": "BSD-3-Clause",
       "engines": {
@@ -11948,14 +11937,14 @@
       }
     },
     "node_modules/solid-js": {
-      "version": "1.9.5",
-      "resolved": "https://registry.npmjs.org/solid-js/-/solid-js-1.9.5.tgz",
-      "integrity": "sha512-ogI3DaFcyn6UhYhrgcyRAMbu/buBJitYQASZz5WzfQVPP10RD2AbCoRZ517psnezrasyCbWzIxZ6kVqet768xw==",
+      "version": "1.9.7",
+      "resolved": "https://registry.npmjs.org/solid-js/-/solid-js-1.9.7.tgz",
+      "integrity": "sha512-/saTKi8iWEM233n5OSi1YHCCuh66ZIQ7aK2hsToPe4tqGm7qAejU1SwNuTPivbWAYq7SjuHVVYxxuZQNRbICiw==",
       "license": "MIT",
       "dependencies": {
         "csstype": "^3.1.0",
-        "seroval": "^1.1.0",
-        "seroval-plugins": "^1.1.0"
+        "seroval": "~1.3.0",
+        "seroval-plugins": "~1.3.0"
       }
     },
     "node_modules/sortablejs": {
@@ -12088,12 +12077,15 @@
         "spdx-ranges": "^2.0.0"
       }
     },
-    "node_modules/stable-hash": {
-      "version": "0.0.5",
-      "resolved": "https://registry.npmjs.org/stable-hash/-/stable-hash-0.0.5.tgz",
-      "integrity": "sha512-+L3ccpzibovGXFK+Ap/f8LOS0ahMrHTf3xu7mMLSpEGU0EO9ucaysSylKo9eRDFNhWve/y275iPmIZ4z39a9iA==",
+    "node_modules/stable-hash-x": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/stable-hash-x/-/stable-hash-x-0.2.0.tgz",
+      "integrity": "sha512-o3yWv49B/o4QZk5ZcsALc6t0+eCelPc44zZsLtCQnZPDwFpDYSWcDnrv2TtMmMbQ7uKo3J0HTURCqckw23czNQ==",
       "dev": true,
-      "license": "MIT"
+      "license": "MIT",
+      "engines": {
+        "node": ">=12.0.0"
+      }
     },
     "node_modules/stackback": {
       "version": "0.0.2",
@@ -12114,9 +12106,9 @@
       }
     },
     "node_modules/std-env": {
-      "version": "3.8.1",
-      "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.8.1.tgz",
-      "integrity": "sha512-vj5lIj3Mwf9D79hBkltk5qmkFI+biIKWS2IBxEyEU3AX1tUf7AoL8nSazCOiiqQsGKIq01SClsKEzweu34uwvA==",
+      "version": "3.9.0",
+      "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.9.0.tgz",
+      "integrity": "sha512-UGvjygr6F6tpH7o2qyqR6QYpwraIjKSdtzyBdyytFOHmPZY917kwdwLG0RbOjWOnKmnm3PeHjaoLLMie7kPLQw==",
       "dev": true,
       "license": "MIT"
     },
@@ -12250,6 +12242,19 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/strip-literal": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/strip-literal/-/strip-literal-3.0.0.tgz",
+      "integrity": "sha512-TcccoMhJOM3OebGhSBEmp3UZ2SfDMZUEBdRA/9ynfLi8yYajyWX3JiXArcJt4Umh4vISpspkQIY8ZZoCqjbviA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "js-tokens": "^9.0.1"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
     "node_modules/style-search": {
       "version": "0.1.0",
       "resolved": "https://registry.npmjs.org/style-search/-/style-search-0.1.0.tgz",
@@ -12258,9 +12263,9 @@
       "license": "ISC"
     },
     "node_modules/stylelint": {
-      "version": "16.16.0",
-      "resolved": "https://registry.npmjs.org/stylelint/-/stylelint-16.16.0.tgz",
-      "integrity": "sha512-40X5UOb/0CEFnZVEHyN260HlSSUxPES+arrUphOumGWgXERHfwCD0kNBVILgQSij8iliYVwlc0V7M5bcLP9vPg==",
+      "version": "16.23.0",
+      "resolved": "https://registry.npmjs.org/stylelint/-/stylelint-16.23.0.tgz",
+      "integrity": "sha512-69T5aS2LUY306ekt1Q1oaSPwz/jaG9HjyMix3UMrai1iEbuOafBe2Dh8xlyczrxFAy89qcKyZWWtc42XLx3Bbw==",
       "dev": true,
       "funding": [
         {
@@ -12274,9 +12279,9 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "@csstools/css-parser-algorithms": "^3.0.4",
-        "@csstools/css-tokenizer": "^3.0.3",
-        "@csstools/media-query-list-parser": "^4.0.2",
+        "@csstools/css-parser-algorithms": "^3.0.5",
+        "@csstools/css-tokenizer": "^3.0.4",
+        "@csstools/media-query-list-parser": "^4.0.3",
         "@csstools/selector-specificity": "^5.0.0",
         "@dual-bundle/import-meta-resolve": "^4.1.0",
         "balanced-match": "^2.0.0",
@@ -12284,24 +12289,24 @@
         "cosmiconfig": "^9.0.0",
         "css-functions-list": "^3.2.3",
         "css-tree": "^3.1.0",
-        "debug": "^4.3.7",
+        "debug": "^4.4.1",
         "fast-glob": "^3.3.3",
         "fastest-levenshtein": "^1.0.16",
-        "file-entry-cache": "^10.0.7",
+        "file-entry-cache": "^10.1.3",
         "global-modules": "^2.0.0",
         "globby": "^11.1.0",
         "globjoin": "^0.1.4",
         "html-tags": "^3.3.1",
-        "ignore": "^7.0.3",
+        "ignore": "^7.0.5",
         "imurmurhash": "^0.1.4",
         "is-plain-object": "^5.0.0",
-        "known-css-properties": "^0.35.0",
+        "known-css-properties": "^0.37.0",
         "mathml-tag-names": "^2.1.3",
         "meow": "^13.2.0",
         "micromatch": "^4.0.8",
         "normalize-path": "^3.0.0",
         "picocolors": "^1.1.1",
-        "postcss": "^8.5.3",
+        "postcss": "^8.5.6",
         "postcss-resolve-nested-selector": "^0.1.6",
         "postcss-safe-parser": "^7.0.1",
         "postcss-selector-parser": "^7.1.0",
@@ -12321,9 +12326,9 @@
       }
     },
     "node_modules/stylelint-config-recommended": {
-      "version": "15.0.0",
-      "resolved": "https://registry.npmjs.org/stylelint-config-recommended/-/stylelint-config-recommended-15.0.0.tgz",
-      "integrity": "sha512-9LejMFsat7L+NXttdHdTq94byn25TD+82bzGRiV1Pgasl99pWnwipXS5DguTpp3nP1XjvLXVnEJIuYBfsRjRkA==",
+      "version": "17.0.0",
+      "resolved": "https://registry.npmjs.org/stylelint-config-recommended/-/stylelint-config-recommended-17.0.0.tgz",
+      "integrity": "sha512-WaMSdEiPfZTSFVoYmJbxorJfA610O0tlYuU2aEwY33UQhSPgFbClrVJYWvy3jGJx+XW37O+LyNLiZOEXhKhJmA==",
       "dev": true,
       "funding": [
         {
@@ -12340,7 +12345,7 @@
         "node": ">=18.12.0"
       },
       "peerDependencies": {
-        "stylelint": "^16.13.0"
+        "stylelint": "^16.23.0"
       }
     },
     "node_modules/stylelint-declaration-block-no-ignored-properties": {
@@ -12370,9 +12375,9 @@
       }
     },
     "node_modules/stylelint-define-config": {
-      "version": "16.15.0",
-      "resolved": "https://registry.npmjs.org/stylelint-define-config/-/stylelint-define-config-16.15.0.tgz",
-      "integrity": "sha512-nzHX9ZpI/k4A7izGYPS79xLAf2HyGvYkk/UXMgsQ7ZQEvkOZpQt4Aca4Qn5DYqNmWnqNlW5E3wK+qUmdR3vdxg==",
+      "version": "16.22.0",
+      "resolved": "https://registry.npmjs.org/stylelint-define-config/-/stylelint-define-config-16.22.0.tgz",
+      "integrity": "sha512-EEgHRugsryKo7LpenYyd4yLoZon3lHvRAi7WsMaZoRX9GPOkeDXrMga+N4VA4nK4Zus02EQwyYkndNQ64jaB2A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -12404,86 +12409,32 @@
         "stylelint": ">=16"
       }
     },
-    "node_modules/stylelint/node_modules/@csstools/media-query-list-parser": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/@csstools/media-query-list-parser/-/media-query-list-parser-4.0.2.tgz",
-      "integrity": "sha512-EUos465uvVvMJehckATTlNqGj4UJWkTmdWuDMjqvSUkjGpmOyFZBVwb4knxCm/k2GMTXY+c/5RkdndzFYWeX5A==",
-      "dev": true,
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/csstools"
-        },
-        {
-          "type": "opencollective",
-          "url": "https://opencollective.com/csstools"
-        }
-      ],
-      "license": "MIT",
-      "engines": {
-        "node": ">=18"
-      },
-      "peerDependencies": {
-        "@csstools/css-parser-algorithms": "^3.0.4",
-        "@csstools/css-tokenizer": "^3.0.3"
-      }
-    },
-    "node_modules/stylelint/node_modules/@csstools/selector-specificity": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@csstools/selector-specificity/-/selector-specificity-5.0.0.tgz",
-      "integrity": "sha512-PCqQV3c4CoVm3kdPhyeZ07VmBRdH2EpMFA/pd9OASpOEC3aXNGoqPDAZ80D0cLpMBxnmk0+yNhGsEx31hq7Gtw==",
-      "dev": true,
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/csstools"
-        },
-        {
-          "type": "opencollective",
-          "url": "https://opencollective.com/csstools"
-        }
-      ],
-      "license": "MIT-0",
-      "engines": {
-        "node": ">=18"
-      },
-      "peerDependencies": {
-        "postcss-selector-parser": "^7.0.0"
-      }
-    },
-    "node_modules/stylelint/node_modules/balanced-match": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-2.0.0.tgz",
-      "integrity": "sha512-1ugUSr8BHXRnK23KfuYS+gVMC3LB8QGH9W1iGtDPsNWoQbgtXSExkBu2aDR4epiGWZOjZsj6lDl/N/AqqTC3UA==",
-      "dev": true,
-      "license": "MIT"
-    },
     "node_modules/stylelint/node_modules/file-entry-cache": {
-      "version": "10.0.7",
-      "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-10.0.7.tgz",
-      "integrity": "sha512-txsf5fu3anp2ff3+gOJJzRImtrtm/oa9tYLN0iTuINZ++EyVR/nRrg2fKYwvG/pXDofcrvvb0scEbX3NyW/COw==",
+      "version": "10.1.3",
+      "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-10.1.3.tgz",
+      "integrity": "sha512-D+w75Ub8T55yor7fPgN06rkCAUbAYw2vpxJmmjv/GDAcvCnv9g7IvHhIZoxzRZThrXPFI2maeY24pPbtyYU7Lg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "flat-cache": "^6.1.7"
+        "flat-cache": "^6.1.12"
       }
     },
     "node_modules/stylelint/node_modules/flat-cache": {
-      "version": "6.1.7",
-      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-6.1.7.tgz",
-      "integrity": "sha512-qwZ4xf1v1m7Rc9XiORly31YaChvKt6oNVHuqqZcoED/7O+ToyNVGobKsIAopY9ODcWpEDKEBAbrSOCBHtNQvew==",
+      "version": "6.1.12",
+      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-6.1.12.tgz",
+      "integrity": "sha512-U+HqqpZPPXP5d24bWuRzjGqVqUcw64k4nZAbruniDwdRg0H10tvN7H6ku1tjhA4rg5B9GS3siEvwO2qjJJ6f8Q==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "cacheable": "^1.8.9",
+        "cacheable": "^1.10.3",
         "flatted": "^3.3.3",
-        "hookified": "^1.7.1"
+        "hookified": "^1.10.0"
       }
     },
     "node_modules/stylelint/node_modules/ignore": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.3.tgz",
-      "integrity": "sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==",
+      "version": "7.0.5",
+      "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz",
+      "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -12517,20 +12468,6 @@
         "postcss": "^8.4.31"
       }
     },
-    "node_modules/stylelint/node_modules/postcss-selector-parser": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.0.tgz",
-      "integrity": "sha512-8sLjZwK0R+JlxlYcTuVnyT2v+htpdrjDOKuMcOVdYjt52Lh8hWRYpxBPoKx/Zg+bcjc3wx6fmQevMmUztS/ccA==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "cssesc": "^3.0.0",
-        "util-deprecate": "^1.0.2"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "node_modules/stylelint/node_modules/resolve-from": {
       "version": "5.0.0",
       "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz",
@@ -12569,13 +12506,13 @@
       }
     },
     "node_modules/stylus/node_modules/source-map": {
-      "version": "0.7.4",
-      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.4.tgz",
-      "integrity": "sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA==",
+      "version": "0.7.6",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.6.tgz",
+      "integrity": "sha512-i5uvt8C3ikiWeNZSVZNWcfZPItFQOsYTUAOkcUPGd8DqDy1uOUikjt5dG+uRlwyvR108Fb9DOd4GvXfT0N2/uQ==",
       "dev": true,
       "license": "BSD-3-Clause",
       "engines": {
-        "node": ">= 8"
+        "node": ">= 12"
       }
     },
     "node_modules/sucrase": {
@@ -12600,6 +12537,21 @@
         "node": ">=16 || 14 >=14.17"
       }
     },
+    "node_modules/sucrase/node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "license": "MIT"
+    },
+    "node_modules/sucrase/node_modules/brace-expansion": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^1.0.0"
+      }
+    },
     "node_modules/sucrase/node_modules/commander": {
       "version": "4.1.1",
       "resolved": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz",
@@ -12629,6 +12581,27 @@
         "url": "https://github.com/sponsors/isaacs"
       }
     },
+    "node_modules/sucrase/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
+      }
+    },
+    "node_modules/sucrase/node_modules/lru-cache": {
+      "version": "10.4.3",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
+      "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
+      "license": "ISC"
+    },
     "node_modules/sucrase/node_modules/minimatch": {
       "version": "9.0.5",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
@@ -12644,6 +12617,22 @@
         "url": "https://github.com/sponsors/isaacs"
       }
     },
+    "node_modules/sucrase/node_modules/path-scurry": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "lru-cache": "^10.2.0",
+        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/superstruct": {
       "version": "0.10.13",
       "resolved": "https://registry.npmjs.org/superstruct/-/superstruct-0.10.13.tgz",
@@ -12709,25 +12698,25 @@
       "dev": true
     },
     "node_modules/svgo": {
-      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/svgo/-/svgo-3.3.2.tgz",
-      "integrity": "sha512-OoohrmuUlBs8B8o6MB2Aevn+pRIH9zDALSR+6hhqVfa6fRwG/Qw9VUMSMW9VNg2CFc/MTIfabtdOVl9ODIJjpw==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/svgo/-/svgo-4.0.0.tgz",
+      "integrity": "sha512-VvrHQ+9uniE+Mvx3+C9IEe/lWasXCU0nXMY2kZeLrHNICuRiC8uMPyM14UEaMOFA5mhyQqEkB02VoQ16n3DLaw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@trysound/sax": "0.2.0",
-        "commander": "^7.2.0",
+        "commander": "^11.1.0",
         "css-select": "^5.1.0",
-        "css-tree": "^2.3.1",
+        "css-tree": "^3.0.1",
         "css-what": "^6.1.0",
         "csso": "^5.0.5",
-        "picocolors": "^1.0.0"
+        "picocolors": "^1.1.1",
+        "sax": "^1.4.1"
       },
       "bin": {
-        "svgo": "bin/svgo"
+        "svgo": "bin/svgo.js"
       },
       "engines": {
-        "node": ">=14.0.0"
+        "node": ">=16"
       },
       "funding": {
         "type": "opencollective",
@@ -12735,35 +12724,21 @@
       }
     },
     "node_modules/svgo/node_modules/commander": {
-      "version": "7.2.0",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-7.2.0.tgz",
-      "integrity": "sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw==",
-      "dev": true,
-      "license": "MIT",
-      "engines": {
-        "node": ">= 10"
-      }
-    },
-    "node_modules/svgo/node_modules/css-tree": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/css-tree/-/css-tree-2.3.1.tgz",
-      "integrity": "sha512-6Fv1DV/TYw//QF5IzQdqsNDjx/wc8TrMBZsqjL9eW01tWb7R7k/mq+/VXfJCl7SoD5emsJop9cOByJZfs8hYIw==",
+      "version": "11.1.0",
+      "resolved": "https://registry.npmjs.org/commander/-/commander-11.1.0.tgz",
+      "integrity": "sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ==",
       "dev": true,
       "license": "MIT",
-      "dependencies": {
-        "mdn-data": "2.0.30",
-        "source-map-js": "^1.0.1"
-      },
       "engines": {
-        "node": "^10 || ^12.20.0 || ^14.13.0 || >=15.0.0"
+        "node": ">=16"
       }
     },
-    "node_modules/svgo/node_modules/mdn-data": {
-      "version": "2.0.30",
-      "resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.0.30.tgz",
-      "integrity": "sha512-GaqWWShW4kv/G9IEucWScBx9G1/vsFZZJUO+tD26M8J8z3Kw5RDQjaoZe03YAClgeS/SWPOcb4nkFBTEi5DUEA==",
+    "node_modules/svgo/node_modules/sax": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/sax/-/sax-1.4.1.tgz",
+      "integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==",
       "dev": true,
-      "license": "CC0-1.0"
+      "license": "ISC"
     },
     "node_modules/svgson": {
       "version": "5.3.1",
@@ -12777,9 +12752,9 @@
       }
     },
     "node_modules/swagger-ui-dist": {
-      "version": "5.20.1",
-      "resolved": "https://registry.npmjs.org/swagger-ui-dist/-/swagger-ui-dist-5.20.1.tgz",
-      "integrity": "sha512-qBPCis2w8nP4US7SvUxdJD3OwKcqiWeZmjN2VWhq2v+ESZEXOP/7n4DeiOiiZcGYTKMHAHUUrroHaTsjUWTEGw==",
+      "version": "5.27.0",
+      "resolved": "https://registry.npmjs.org/swagger-ui-dist/-/swagger-ui-dist-5.27.0.tgz",
+      "integrity": "sha512-tS6LRyBhY6yAqxrfsA9IYpGWPUJOri6sclySa7TdC7XQfGLvTwDY531KLgfQwHEtQsn+sT4JlUspbeQDBVGWig==",
       "license": "Apache-2.0",
       "dependencies": {
         "@scarf/scarf": "=1.4.0"
@@ -12799,20 +12774,19 @@
       }
     },
     "node_modules/synckit": {
-      "version": "0.9.2",
-      "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.9.2.tgz",
-      "integrity": "sha512-vrozgXDQwYO72vHjUb/HnFbQx1exDjoKzqx23aXEg2a9VIg2TSFZ8FmeZpTjUCFMYw7mpX4BE2SFu8wI7asYsw==",
+      "version": "0.11.11",
+      "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.11.tgz",
+      "integrity": "sha512-MeQTA1r0litLUf0Rp/iisCaL8761lKAZHaimlbGK4j0HysC4PLfqygQj9srcs0m2RdtDYnF8UuYyKpbjHYp7Jw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@pkgr/core": "^0.1.0",
-        "tslib": "^2.6.2"
+        "@pkgr/core": "^0.2.9"
       },
       "engines": {
         "node": "^14.18.0 || >=16.0.0"
       },
       "funding": {
-        "url": "https://opencollective.com/unts"
+        "url": "https://opencollective.com/synckit"
       }
     },
     "node_modules/table": {
@@ -12869,23 +12843,71 @@
         "node": ">=14.0.0"
       }
     },
+    "node_modules/tailwindcss/node_modules/postcss-load-config": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz",
+      "integrity": "sha512-bSVhyJGL00wMVoPUzAVAnbEoWyqRxkjv64tUl427SKnPrENtq6hJwUojroMz2VB+Q1edmi4IfrAPpami5VVgMQ==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "lilconfig": "^3.0.0",
+        "yaml": "^2.3.4"
+      },
+      "engines": {
+        "node": ">= 14"
+      },
+      "peerDependencies": {
+        "postcss": ">=8.0.9",
+        "ts-node": ">=9.0.0"
+      },
+      "peerDependenciesMeta": {
+        "postcss": {
+          "optional": true
+        },
+        "ts-node": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/tailwindcss/node_modules/postcss-selector-parser": {
+      "version": "6.1.2",
+      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz",
+      "integrity": "sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==",
+      "license": "MIT",
+      "dependencies": {
+        "cssesc": "^3.0.0",
+        "util-deprecate": "^1.0.2"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/tapable": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz",
-      "integrity": "sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==",
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.2.tgz",
+      "integrity": "sha512-Re10+NauLTMCudc7T5WLFLAwDhQ0JWdrMK+9B2M8zR5hRExKmsRDCBA7/aV/pNJFltmBFO5BAMlQFi/vq3nKOg==",
       "license": "MIT",
       "engines": {
         "node": ">=6"
       }
     },
     "node_modules/terser": {
-      "version": "5.39.0",
-      "resolved": "https://registry.npmjs.org/terser/-/terser-5.39.0.tgz",
-      "integrity": "sha512-LBAhFyLho16harJoWMg/nZsQYgTrg5jXOn2nCYjRUcZZEdE3qa2zb8QEDRUGVZBW4rlazf2fxkg8tztybTaqWw==",
+      "version": "5.43.1",
+      "resolved": "https://registry.npmjs.org/terser/-/terser-5.43.1.tgz",
+      "integrity": "sha512-+6erLbBm0+LROX2sPXlUYx/ux5PyE9K/a92Wrt6oA+WDAoFTdpHE5tCYCI5PNzq2y8df4rA+QgHLJuR4jNymsg==",
       "license": "BSD-2-Clause",
       "dependencies": {
         "@jridgewell/source-map": "^0.3.3",
-        "acorn": "^8.8.2",
+        "acorn": "^8.14.0",
         "commander": "^2.20.0",
         "source-map-support": "~0.5.20"
       },
@@ -12964,6 +12986,12 @@
         "node": ">=0.8"
       }
     },
+    "node_modules/three": {
+      "version": "0.176.0",
+      "resolved": "https://registry.npmjs.org/three/-/three-0.176.0.tgz",
+      "integrity": "sha512-PWRKYWQo23ojf9oZSlRGH8K09q7nRSWx6LY/HF/UUrMdYgN9i1e2OwJYHoQjwc6HF/4lvvYLC5YC1X8UJL2ZpA==",
+      "license": "MIT"
+    },
     "node_modules/throttle-debounce": {
       "version": "5.0.2",
       "resolved": "https://registry.npmjs.org/throttle-debounce/-/throttle-debounce-5.0.2.tgz",
@@ -12987,19 +13015,19 @@
       "license": "MIT"
     },
     "node_modules/tinyexec": {
-      "version": "0.3.2",
-      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-0.3.2.tgz",
-      "integrity": "sha512-KQQR9yN7R5+OSwaK0XQoj22pwHoTlgYqmUscPYoknOoWCWfj/5/ABTMRi69FrKU5ffPVh5QcFikpWJI/P1ocHA==",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.0.1.tgz",
+      "integrity": "sha512-5uC6DDlmeqiOwCPmK9jMSdOuZTh8bU39Ys6yidB+UTt5hfZUPGAypSgFRiEp+jbi9qH40BLDvy85jIU88wKSqw==",
       "license": "MIT"
     },
     "node_modules/tinyglobby": {
-      "version": "0.2.12",
-      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.12.tgz",
-      "integrity": "sha512-qkf4trmKSIiMTs/E63cxH+ojC2unam7rJ0WrauAzpT3ECNTxGRMlaXxVbfxMUC/w0LaYk6jQ4y/nGR9uBO3tww==",
+      "version": "0.2.14",
+      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.14.tgz",
+      "integrity": "sha512-tX5e7OM1HnYr2+a2C/4V0htOcSQcoSTH9KgJnVvNm5zm/cyEWKJ7j7YutsH9CxMdtOkkLFy2AHrMci9IM8IPZQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "fdir": "^6.4.3",
+        "fdir": "^6.4.4",
         "picomatch": "^4.0.2"
       },
       "engines": {
@@ -13010,9 +13038,9 @@
       }
     },
     "node_modules/tinyglobby/node_modules/fdir": {
-      "version": "6.4.3",
-      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.3.tgz",
-      "integrity": "sha512-PMXmW2y1hDDfTSRc9gaXIuCCRpuoz3Kaz8cUelp3smouvfT632ozg2vrT6lJsHKKOF59YLbOGfAWGUcKEfRMQw==",
+      "version": "6.4.6",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.6.tgz",
+      "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==",
       "dev": true,
       "license": "MIT",
       "peerDependencies": {
@@ -13025,9 +13053,9 @@
       }
     },
     "node_modules/tinyglobby/node_modules/picomatch": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz",
-      "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -13038,9 +13066,9 @@
       }
     },
     "node_modules/tinypool": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/tinypool/-/tinypool-1.0.2.tgz",
-      "integrity": "sha512-al6n+QEANGFOMf/dmUMsuS5/r9B06uwlyNjZZql/zv8J7ybHCgoihBNORZCY2mzUuAnomQa2JdhyHKzZxPCrFA==",
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/tinypool/-/tinypool-1.1.1.tgz",
+      "integrity": "sha512-Zba82s87IFq9A9XmjiX5uZA/ARWDrB03OHlq+Vw1fSdt0I+4/Kutwy8BP4Y/y/aORMo61FQ0vIb5j44vSo5Pkg==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -13058,9 +13086,9 @@
       }
     },
     "node_modules/tinyspy": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/tinyspy/-/tinyspy-3.0.2.tgz",
-      "integrity": "sha512-n1cw8k1k0x4pgA2+9XrOkFydTerNcJ1zWCO5Nn9scWHTD+5tp8dghT2x1uduQePZTZgd3Tupf+x9BxJjeJi77Q==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/tinyspy/-/tinyspy-4.0.3.tgz",
+      "integrity": "sha512-t2T/WLB2WRgZ9EpE4jgPJ9w+i66UZfDc8wHh0xrwiRNN+UwH98GIJkTeZqX9rg0i0ptwzqW+uYeIF0T4F8LR7A==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -13107,9 +13135,9 @@
       "license": "MIT"
     },
     "node_modules/ts-api-utils": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.0.1.tgz",
-      "integrity": "sha512-dnlgjFSVetynI8nzgJ+qF62efpglpWRk8isUEWZGWlJYySCTD6aKvbUDu+zbPeDakk3bg5H4XpitHukgfL1m9w==",
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.1.0.tgz",
+      "integrity": "sha512-CUgTZL1irw8u29bzrOD/nH85jqyc74D6SshFgujOIA7osm2Rz7dYH77agkx7H4FBNxDq7Cjf+IjaX/8zwFW+ZQ==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -13181,9 +13209,9 @@
       }
     },
     "node_modules/type-fest": {
-      "version": "4.37.0",
-      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.37.0.tgz",
-      "integrity": "sha512-S/5/0kFftkq27FPNye0XM1e2NsnoD/3FS+pBmbjmmtLT6I+i344KoOf7pvXreaFsDamWeaJX55nczA1m5PsBDg==",
+      "version": "4.41.0",
+      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.41.0.tgz",
+      "integrity": "sha512-TeTSQ6H5YHvpqVwBRcnLDCBnDOHWYu7IvGbHT6N8AOymcr9PJGjc1GTtiWZTYg0NCgYwvnYWEkVChQAr9bjfwA==",
       "dev": true,
       "license": "(MIT OR CC0-1.0)",
       "engines": {
@@ -13194,9 +13222,9 @@
       }
     },
     "node_modules/typescript": {
-      "version": "5.8.2",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.2.tgz",
-      "integrity": "sha512-aJn6wq13/afZp/jT9QZmwEjDqqvSGp1VT5GVg+f/t6/oVyrgXM6BY1h9BRh/O5p3PlUPAe+WuiEZOmb/49RqoQ==",
+      "version": "5.8.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz",
+      "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==",
       "license": "Apache-2.0",
       "bin": {
         "tsc": "bin/tsc",
@@ -13207,9 +13235,9 @@
       }
     },
     "node_modules/typo-js": {
-      "version": "1.2.5",
-      "resolved": "https://registry.npmjs.org/typo-js/-/typo-js-1.2.5.tgz",
-      "integrity": "sha512-F45vFWdGX8xahIk/sOp79z2NJs8ETMYsmMChm9D5Hlx3+9j7VnCyQyvij5MOCrNY3NNe8noSyokRjQRfq+Bc7A==",
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/typo-js/-/typo-js-1.3.0.tgz",
+      "integrity": "sha512-ERVoYp5PG7jpj7+kzKmFZfp5+IYMOOQM3etNnlYu06Z2CL5UmC9ekT8Z/JVYpR7e7sXB4bOFq1fz/budv++Z0g==",
       "license": "BSD-3-Clause"
     },
     "node_modules/uc.micro": {
@@ -13220,21 +13248,21 @@
       "license": "MIT"
     },
     "node_modules/ufo": {
-      "version": "1.5.4",
-      "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.5.4.tgz",
-      "integrity": "sha512-UsUk3byDzKd04EyoZ7U4DOlxQaD14JUKQl6/P7wiX4FNvUfm3XL246n9W5AmqwW5RSFJ27NAuM0iLscAOYUiGQ==",
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.6.1.tgz",
+      "integrity": "sha512-9a4/uxlTWJ4+a5i0ooc1rU7C7YOw3wT+UGqdeNNHWnOF9qcMBgLRS+4IYUqbczewFx4mLEig6gawh7X6mFlEkA==",
       "license": "MIT"
     },
     "node_modules/uint8-to-base64": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/uint8-to-base64/-/uint8-to-base64-0.2.0.tgz",
-      "integrity": "sha512-r13jrghEYZAN99GeYpEjM107DOxqB65enskpwce8rRHVAGEtaWmsF5GqoGdPMf8DIXc9XyAJTdvlvRZi4LsszA==",
+      "version": "0.2.1",
+      "resolved": "https://registry.npmjs.org/uint8-to-base64/-/uint8-to-base64-0.2.1.tgz",
+      "integrity": "sha512-uO/84GaoDUfiAxpa8EksjVLE77A9Kc7ZTziN4zRpq4de9yLaLcZn3jx1/sVjyupsywcVX6RKWbqLe7gUNyzH+Q==",
       "license": "ISC"
     },
     "node_modules/undici-types": {
-      "version": "6.20.0",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz",
-      "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==",
+      "version": "7.8.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
+      "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
       "license": "MIT"
     },
     "node_modules/universalify": {
@@ -13247,6 +13275,41 @@
         "node": ">= 10.0.0"
       }
     },
+    "node_modules/unrs-resolver": {
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/unrs-resolver/-/unrs-resolver-1.11.1.tgz",
+      "integrity": "sha512-bSjt9pjaEBnNiGgc9rUiHGKv5l4/TGzDmYw3RhnkJGtLhbnnA/5qJj7x3dNDCRx/PJxu774LlH8lCOlB4hEfKg==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "dependencies": {
+        "napi-postinstall": "^0.3.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/unrs-resolver"
+      },
+      "optionalDependencies": {
+        "@unrs/resolver-binding-android-arm-eabi": "1.11.1",
+        "@unrs/resolver-binding-android-arm64": "1.11.1",
+        "@unrs/resolver-binding-darwin-arm64": "1.11.1",
+        "@unrs/resolver-binding-darwin-x64": "1.11.1",
+        "@unrs/resolver-binding-freebsd-x64": "1.11.1",
+        "@unrs/resolver-binding-linux-arm-gnueabihf": "1.11.1",
+        "@unrs/resolver-binding-linux-arm-musleabihf": "1.11.1",
+        "@unrs/resolver-binding-linux-arm64-gnu": "1.11.1",
+        "@unrs/resolver-binding-linux-arm64-musl": "1.11.1",
+        "@unrs/resolver-binding-linux-ppc64-gnu": "1.11.1",
+        "@unrs/resolver-binding-linux-riscv64-gnu": "1.11.1",
+        "@unrs/resolver-binding-linux-riscv64-musl": "1.11.1",
+        "@unrs/resolver-binding-linux-s390x-gnu": "1.11.1",
+        "@unrs/resolver-binding-linux-x64-gnu": "1.11.1",
+        "@unrs/resolver-binding-linux-x64-musl": "1.11.1",
+        "@unrs/resolver-binding-wasm32-wasi": "1.11.1",
+        "@unrs/resolver-binding-win32-arm64-msvc": "1.11.1",
+        "@unrs/resolver-binding-win32-ia32-msvc": "1.11.1",
+        "@unrs/resolver-binding-win32-x64-msvc": "1.11.1"
+      }
+    },
     "node_modules/update-browserslist-db": {
       "version": "1.1.3",
       "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.3.tgz",
@@ -13278,16 +13341,16 @@
       }
     },
     "node_modules/updates": {
-      "version": "16.4.2",
-      "resolved": "https://registry.npmjs.org/updates/-/updates-16.4.2.tgz",
-      "integrity": "sha512-FCnbRnBUWrzhbsatc+RqUoLK7WB88VDGB9Jb1vB2JOx8gN69oXAE4/umtZsUzdeiM2TZ0aVb0kQJ0NbY8K21nw==",
+      "version": "16.5.2",
+      "resolved": "https://registry.npmjs.org/updates/-/updates-16.5.2.tgz",
+      "integrity": "sha512-CyxIT9TvUGe62hNWXW5FjbgNd8cPucqO5yrihmf+WgMtSUj31b4HyPuMsozxTnO0XQhTTLShIyV7ySJSSC5dsg==",
       "dev": true,
       "license": "BSD-2-Clause",
       "bin": {
         "updates": "dist/index.js"
       },
       "engines": {
-        "node": ">=18"
+        "node": ">=20"
       }
     },
     "node_modules/uri-js": {
@@ -13364,21 +13427,24 @@
       "license": "MIT"
     },
     "node_modules/vite": {
-      "version": "6.2.2",
-      "resolved": "https://registry.npmjs.org/vite/-/vite-6.2.2.tgz",
-      "integrity": "sha512-yW7PeMM+LkDzc7CgJuRLMW2Jz0FxMOsVJ8Lv3gpgW9WLcb9cTW+121UEr1hvmfR7w3SegR5ItvYyzVz1vxNJgQ==",
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-7.0.6.tgz",
+      "integrity": "sha512-MHFiOENNBd+Bd9uvc8GEsIzdkn1JxMmEeYX35tI3fv0sJBUTfW5tQsoaOwuY4KhBI09A3dUJ/DXf2yxPVPUceg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "esbuild": "^0.25.0",
-        "postcss": "^8.5.3",
-        "rollup": "^4.30.1"
+        "fdir": "^6.4.6",
+        "picomatch": "^4.0.3",
+        "postcss": "^8.5.6",
+        "rollup": "^4.40.0",
+        "tinyglobby": "^0.2.14"
       },
       "bin": {
         "vite": "bin/vite.js"
       },
       "engines": {
-        "node": "^18.0.0 || ^20.0.0 || >=22.0.0"
+        "node": "^20.19.0 || >=22.12.0"
       },
       "funding": {
         "url": "https://github.com/vitejs/vite?sponsor=1"
@@ -13387,14 +13453,14 @@
         "fsevents": "~2.3.3"
       },
       "peerDependencies": {
-        "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0",
+        "@types/node": "^20.19.0 || >=22.12.0",
         "jiti": ">=1.21.0",
-        "less": "*",
+        "less": "^4.0.0",
         "lightningcss": "^1.21.0",
-        "sass": "*",
-        "sass-embedded": "*",
-        "stylus": "*",
-        "sugarss": "*",
+        "sass": "^1.70.0",
+        "sass-embedded": "^1.70.0",
+        "stylus": ">=0.54.8",
+        "sugarss": "^5.0.0",
         "terser": "^5.16.0",
         "tsx": "^4.8.1",
         "yaml": "^2.4.2"
@@ -13436,17 +13502,17 @@
       }
     },
     "node_modules/vite-node": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/vite-node/-/vite-node-3.0.8.tgz",
-      "integrity": "sha512-6PhR4H9VGlcwXZ+KWCdMqbtG649xCPZqfI9j2PsK1FcXgEzro5bGHcVKFCTqPLaNKZES8Evqv4LwvZARsq5qlg==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/vite-node/-/vite-node-3.2.4.tgz",
+      "integrity": "sha512-EbKSKh+bh1E1IFxeO0pg1n4dvoOTt0UDiXMd/qn++r98+jPO1xtJilvXldeuQ8giIB5IkpjCgMleHMNEsGH6pg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "cac": "^6.7.14",
-        "debug": "^4.4.0",
-        "es-module-lexer": "^1.6.0",
+        "debug": "^4.4.1",
+        "es-module-lexer": "^1.7.0",
         "pathe": "^2.0.3",
-        "vite": "^5.0.0 || ^6.0.0"
+        "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0"
       },
       "bin": {
         "vite-node": "vite-node.mjs"
@@ -13459,19 +13525,34 @@
       }
     },
     "node_modules/vite-string-plugin": {
-      "version": "1.4.4",
-      "resolved": "https://registry.npmjs.org/vite-string-plugin/-/vite-string-plugin-1.4.4.tgz",
-      "integrity": "sha512-mHcdjsDaJSBnUrsAb4L+AWamWVWSFwDb5JuBbU5hAOt1w/ixaQ0EwWx2gAZiqFfpl5XlSE0WmCp2ShbdwgqsvQ==",
+      "version": "1.4.6",
+      "resolved": "https://registry.npmjs.org/vite-string-plugin/-/vite-string-plugin-1.4.6.tgz",
+      "integrity": "sha512-Csjtny8/uVIynzlaRRj4RpHrPAakNwlH9jw6kgQ8tQhc2f0zzA6bCbAgWD0y84EgB8aLNrz7pZFUqSt3LOtk+w==",
       "dev": true,
       "license": "BSD-2-Clause"
     },
     "node_modules/vite/node_modules/@types/estree": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz",
-      "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==",
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/vite/node_modules/fdir": {
+      "version": "6.4.6",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.6.tgz",
+      "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==",
+      "dev": true,
+      "license": "MIT",
+      "peerDependencies": {
+        "picomatch": "^3 || ^4"
+      },
+      "peerDependenciesMeta": {
+        "picomatch": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/vite/node_modules/fsevents": {
       "version": "2.3.3",
       "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
@@ -13487,14 +13568,27 @@
         "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
       }
     },
+    "node_modules/vite/node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
     "node_modules/vite/node_modules/rollup": {
-      "version": "4.35.0",
-      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.35.0.tgz",
-      "integrity": "sha512-kg6oI4g+vc41vePJyO6dHt/yl0Rz3Thv0kJeVQ3D1kS3E5XSuKbPc29G4IpT/Kv1KQwgHVcN+HtyS+HYLNSvQg==",
+      "version": "4.46.2",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.46.2.tgz",
+      "integrity": "sha512-WMmLFI+Boh6xbop+OAGo9cQ3OgX9MIg7xOQjn+pTCwOkk+FNDAeAemXkJ3HzDJrVXleLOFVa1ipuc1AmEx1Dwg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@types/estree": "1.0.6"
+        "@types/estree": "1.0.8"
       },
       "bin": {
         "rollup": "dist/bin/rollup"
@@ -13504,54 +13598,58 @@
         "npm": ">=8.0.0"
       },
       "optionalDependencies": {
-        "@rollup/rollup-android-arm-eabi": "4.35.0",
-        "@rollup/rollup-android-arm64": "4.35.0",
-        "@rollup/rollup-darwin-arm64": "4.35.0",
-        "@rollup/rollup-darwin-x64": "4.35.0",
-        "@rollup/rollup-freebsd-arm64": "4.35.0",
-        "@rollup/rollup-freebsd-x64": "4.35.0",
-        "@rollup/rollup-linux-arm-gnueabihf": "4.35.0",
-        "@rollup/rollup-linux-arm-musleabihf": "4.35.0",
-        "@rollup/rollup-linux-arm64-gnu": "4.35.0",
-        "@rollup/rollup-linux-arm64-musl": "4.35.0",
-        "@rollup/rollup-linux-loongarch64-gnu": "4.35.0",
-        "@rollup/rollup-linux-powerpc64le-gnu": "4.35.0",
-        "@rollup/rollup-linux-riscv64-gnu": "4.35.0",
-        "@rollup/rollup-linux-s390x-gnu": "4.35.0",
-        "@rollup/rollup-linux-x64-gnu": "4.35.0",
-        "@rollup/rollup-linux-x64-musl": "4.35.0",
-        "@rollup/rollup-win32-arm64-msvc": "4.35.0",
-        "@rollup/rollup-win32-ia32-msvc": "4.35.0",
-        "@rollup/rollup-win32-x64-msvc": "4.35.0",
+        "@rollup/rollup-android-arm-eabi": "4.46.2",
+        "@rollup/rollup-android-arm64": "4.46.2",
+        "@rollup/rollup-darwin-arm64": "4.46.2",
+        "@rollup/rollup-darwin-x64": "4.46.2",
+        "@rollup/rollup-freebsd-arm64": "4.46.2",
+        "@rollup/rollup-freebsd-x64": "4.46.2",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.46.2",
+        "@rollup/rollup-linux-arm-musleabihf": "4.46.2",
+        "@rollup/rollup-linux-arm64-gnu": "4.46.2",
+        "@rollup/rollup-linux-arm64-musl": "4.46.2",
+        "@rollup/rollup-linux-loongarch64-gnu": "4.46.2",
+        "@rollup/rollup-linux-ppc64-gnu": "4.46.2",
+        "@rollup/rollup-linux-riscv64-gnu": "4.46.2",
+        "@rollup/rollup-linux-riscv64-musl": "4.46.2",
+        "@rollup/rollup-linux-s390x-gnu": "4.46.2",
+        "@rollup/rollup-linux-x64-gnu": "4.46.2",
+        "@rollup/rollup-linux-x64-musl": "4.46.2",
+        "@rollup/rollup-win32-arm64-msvc": "4.46.2",
+        "@rollup/rollup-win32-ia32-msvc": "4.46.2",
+        "@rollup/rollup-win32-x64-msvc": "4.46.2",
         "fsevents": "~2.3.2"
       }
     },
     "node_modules/vitest": {
-      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/vitest/-/vitest-3.0.8.tgz",
-      "integrity": "sha512-dfqAsNqRGUc8hB9OVR2P0w8PZPEckti2+5rdZip0WIz9WW0MnImJ8XiR61QhqLa92EQzKP2uPkzenKOAHyEIbA==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/vitest/-/vitest-3.2.4.tgz",
+      "integrity": "sha512-LUCP5ev3GURDysTWiP47wRRUpLKMOfPh+yKTx3kVIEiu5KOMeqzpnYNsKyOoVrULivR8tLcks4+lga33Whn90A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/expect": "3.0.8",
-        "@vitest/mocker": "3.0.8",
-        "@vitest/pretty-format": "^3.0.8",
-        "@vitest/runner": "3.0.8",
-        "@vitest/snapshot": "3.0.8",
-        "@vitest/spy": "3.0.8",
-        "@vitest/utils": "3.0.8",
+        "@types/chai": "^5.2.2",
+        "@vitest/expect": "3.2.4",
+        "@vitest/mocker": "3.2.4",
+        "@vitest/pretty-format": "^3.2.4",
+        "@vitest/runner": "3.2.4",
+        "@vitest/snapshot": "3.2.4",
+        "@vitest/spy": "3.2.4",
+        "@vitest/utils": "3.2.4",
         "chai": "^5.2.0",
-        "debug": "^4.4.0",
-        "expect-type": "^1.1.0",
+        "debug": "^4.4.1",
+        "expect-type": "^1.2.1",
         "magic-string": "^0.30.17",
         "pathe": "^2.0.3",
-        "std-env": "^3.8.0",
+        "picomatch": "^4.0.2",
+        "std-env": "^3.9.0",
         "tinybench": "^2.9.0",
         "tinyexec": "^0.3.2",
-        "tinypool": "^1.0.2",
+        "tinyglobby": "^0.2.14",
+        "tinypool": "^1.1.1",
         "tinyrainbow": "^2.0.0",
-        "vite": "^5.0.0 || ^6.0.0",
-        "vite-node": "3.0.8",
+        "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0",
+        "vite-node": "3.2.4",
         "why-is-node-running": "^2.3.0"
       },
       "bin": {
@@ -13567,8 +13665,8 @@
         "@edge-runtime/vm": "*",
         "@types/debug": "^4.1.12",
         "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0",
-        "@vitest/browser": "3.0.8",
-        "@vitest/ui": "3.0.8",
+        "@vitest/browser": "3.2.4",
+        "@vitest/ui": "3.2.4",
         "happy-dom": "*",
         "jsdom": "*"
       },
@@ -13606,6 +13704,26 @@
         "@jridgewell/sourcemap-codec": "^1.5.0"
       }
     },
+    "node_modules/vitest/node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/vitest/node_modules/tinyexec": {
+      "version": "0.3.2",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-0.3.2.tgz",
+      "integrity": "sha512-KQQR9yN7R5+OSwaK0XQoj22pwHoTlgYqmUscPYoknOoWCWfj/5/ABTMRi69FrKU5ffPVh5QcFikpWJI/P1ocHA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/vscode-jsonrpc": {
       "version": "8.2.0",
       "resolved": "https://registry.npmjs.org/vscode-jsonrpc/-/vscode-jsonrpc-8.2.0.tgz",
@@ -13656,16 +13774,16 @@
       "license": "MIT"
     },
     "node_modules/vue": {
-      "version": "3.5.13",
-      "resolved": "https://registry.npmjs.org/vue/-/vue-3.5.13.tgz",
-      "integrity": "sha512-wmeiSMxkZCSc+PM2w2VRsOYAZC8GdipNFRTsLSfodVqI9mbejKeXEGr8SckuLnrQPGe3oJN5c3K0vpoU9q/wCQ==",
+      "version": "3.5.18",
+      "resolved": "https://registry.npmjs.org/vue/-/vue-3.5.18.tgz",
+      "integrity": "sha512-7W4Y4ZbMiQ3SEo+m9lnoNpV9xG7QVMLa+/0RFwwiAVkeYoyGXqWE85jabU4pllJNUzqfLShJ5YLptewhCWUgNA==",
       "license": "MIT",
       "dependencies": {
-        "@vue/compiler-dom": "3.5.13",
-        "@vue/compiler-sfc": "3.5.13",
-        "@vue/runtime-dom": "3.5.13",
-        "@vue/server-renderer": "3.5.13",
-        "@vue/shared": "3.5.13"
+        "@vue/compiler-dom": "3.5.18",
+        "@vue/compiler-sfc": "3.5.18",
+        "@vue/runtime-dom": "3.5.18",
+        "@vue/server-renderer": "3.5.18",
+        "@vue/shared": "3.5.18"
       },
       "peerDependencies": {
         "typescript": "*"
@@ -13696,9 +13814,9 @@
       }
     },
     "node_modules/vue-eslint-parser": {
-      "version": "10.1.1",
-      "resolved": "https://registry.npmjs.org/vue-eslint-parser/-/vue-eslint-parser-10.1.1.tgz",
-      "integrity": "sha512-bh2Z/Au5slro9QJ3neFYLanZtb1jH+W2bKqGHXAoYD4vZgNG3KeotL7JpPv5xzY4UXUXJl7TrIsnzECH63kd3Q==",
+      "version": "10.2.0",
+      "resolved": "https://registry.npmjs.org/vue-eslint-parser/-/vue-eslint-parser-10.2.0.tgz",
+      "integrity": "sha512-CydUvFOQKD928UzZhTp4pr2vWz1L+H99t7Pkln2QSPdvmURT0MoC4wUccfCnuEaihNsu9aYYyk+bep8rlfkUXw==",
       "dev": true,
       "license": "MIT",
       "peer": true,
@@ -13708,7 +13826,6 @@
         "eslint-visitor-keys": "^4.2.0",
         "espree": "^10.3.0",
         "esquery": "^1.6.0",
-        "lodash": "^4.17.21",
         "semver": "^7.6.3"
       },
       "engines": {
@@ -13722,9 +13839,9 @@
       }
     },
     "node_modules/vue-eslint-parser/node_modules/eslint-scope": {
-      "version": "8.3.0",
-      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.3.0.tgz",
-      "integrity": "sha512-pUNxi75F8MJ/GdeKtVLSbYg4ZI34J6C0C7sbL4YOp2exGwen7ZsuBqKzUhXd0qMQ362yET3z+uPwKeg/0C2XCQ==",
+      "version": "8.4.0",
+      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.4.0.tgz",
+      "integrity": "sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg==",
       "dev": true,
       "license": "BSD-2-Clause",
       "peer": true,
@@ -13762,14 +13879,14 @@
       }
     },
     "node_modules/vue-tsc": {
-      "version": "2.2.8",
-      "resolved": "https://registry.npmjs.org/vue-tsc/-/vue-tsc-2.2.8.tgz",
-      "integrity": "sha512-jBYKBNFADTN+L+MdesNX/TB3XuDSyaWynKMDgR+yCSln0GQ9Tfb7JS2lr46s2LiFUT1WsmfWsSvIElyxzOPqcQ==",
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/vue-tsc/-/vue-tsc-3.0.4.tgz",
+      "integrity": "sha512-kZmSEjGtROApVBuaIcoprrXZsFNGon5ggkTJokmhQ/H1hMzCFRPQ0Ed8IHYFsmYJYvHBcdmEQVGVcRuxzPzNbw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@volar/typescript": "~2.4.11",
-        "@vue/language-core": "2.2.8"
+        "@volar/typescript": "2.4.20",
+        "@vue/language-core": "3.0.4"
       },
       "bin": {
         "vue-tsc": "bin/vue-tsc.js"
@@ -13779,9 +13896,9 @@
       }
     },
     "node_modules/watchpack": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz",
-      "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==",
+      "version": "2.4.4",
+      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.4.tgz",
+      "integrity": "sha512-c5EGNOiyxxV5qmTtAB7rbiXxi1ooX1pQKMLX/MIabJjRA0SJBQOjKF+KSVfHkr9U1cADPon0mRiVe/riyaiDUA==",
       "license": "MIT",
       "dependencies": {
         "glob-to-regexp": "^0.4.1",
@@ -13792,30 +13909,28 @@
       }
     },
     "node_modules/webidl-conversions": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz",
-      "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==",
-      "dev": true,
-      "license": "BSD-2-Clause",
-      "engines": {
-        "node": ">=12"
-      }
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
+      "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==",
+      "license": "BSD-2-Clause"
     },
     "node_modules/webpack": {
-      "version": "5.98.0",
-      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.98.0.tgz",
-      "integrity": "sha512-UFynvx+gM44Gv9qFgj0acCQK2VE1CtdfwFdimkapco3hlPCJ/zeq73n2yVKimVbtm+TnApIugGhLJnkU6gjYXA==",
+      "version": "5.101.0",
+      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.101.0.tgz",
+      "integrity": "sha512-B4t+nJqytPeuZlHuIKTbalhljIFXeNRqrUGAQgTGlfOl2lXXKXw+yZu6bicycP+PUlM44CxBjCFD6aciKFT3LQ==",
       "license": "MIT",
       "dependencies": {
         "@types/eslint-scope": "^3.7.7",
-        "@types/estree": "^1.0.6",
+        "@types/estree": "^1.0.8",
+        "@types/json-schema": "^7.0.15",
         "@webassemblyjs/ast": "^1.14.1",
         "@webassemblyjs/wasm-edit": "^1.14.1",
         "@webassemblyjs/wasm-parser": "^1.14.1",
-        "acorn": "^8.14.0",
+        "acorn": "^8.15.0",
+        "acorn-import-phases": "^1.0.3",
         "browserslist": "^4.24.0",
         "chrome-trace-event": "^1.0.2",
-        "enhanced-resolve": "^5.17.1",
+        "enhanced-resolve": "^5.17.2",
         "es-module-lexer": "^1.2.1",
         "eslint-scope": "5.1.1",
         "events": "^3.2.0",
@@ -13825,11 +13940,11 @@
         "loader-runner": "^4.2.0",
         "mime-types": "^2.1.27",
         "neo-async": "^2.6.2",
-        "schema-utils": "^4.3.0",
+        "schema-utils": "^4.3.2",
         "tapable": "^2.1.1",
         "terser-webpack-plugin": "^5.3.11",
         "watchpack": "^2.4.1",
-        "webpack-sources": "^3.2.3"
+        "webpack-sources": "^3.3.3"
       },
       "bin": {
         "webpack": "bin/webpack.js"
@@ -13923,9 +14038,9 @@
       }
     },
     "node_modules/webpack/node_modules/@types/estree": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz",
-      "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==",
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
       "license": "MIT"
     },
     "node_modules/webpack/node_modules/eslint-scope": {
@@ -13951,9 +14066,9 @@
       }
     },
     "node_modules/webpack/node_modules/webpack-sources": {
-      "version": "3.2.3",
-      "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.2.3.tgz",
-      "integrity": "sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==",
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.3.tgz",
+      "integrity": "sha512-yd1RBzSGanHkitROoPFd6qsrxt+oFhg/129YzheDGqeustzX0vTZJZsSsQjVQC4yzBQ56K55XU8gaNCtIzOnTg==",
       "license": "MIT",
       "engines": {
         "node": ">=10.13.0"
@@ -13979,12 +14094,6 @@
         "webidl-conversions": "^3.0.0"
       }
     },
-    "node_modules/whatwg-url/node_modules/webidl-conversions": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
-      "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==",
-      "license": "BSD-2-Clause"
-    },
     "node_modules/which": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
@@ -14192,15 +14301,15 @@
       }
     },
     "node_modules/yaml": {
-      "version": "2.7.0",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.7.0.tgz",
-      "integrity": "sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==",
+      "version": "2.8.0",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.0.tgz",
+      "integrity": "sha512-4lLa/EcQCB0cJkyts+FpIRx5G/llPxfP6VQU5KByHEhLxY3IJCH0f0Hy1MHI8sClTvsIb8qwRJ6R/ZdlDJ/leQ==",
       "license": "ISC",
       "bin": {
         "yaml": "bin.mjs"
       },
       "engines": {
-        "node": ">= 14"
+        "node": ">= 14.6"
       }
     },
     "node_modules/yargs": {
diff --git a/package.json b/package.json
index ef1a132994..8d12276d27 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "type": "module",
   "engines": {
-    "node": ">= 18.0.0"
+    "node": ">= 20.0.0"
   },
   "dependencies": {
     "@citation-js/core": "0.7.18",
@@ -9,111 +9,111 @@
     "@citation-js/plugin-csl": "0.7.18",
     "@citation-js/plugin-software-formats": "0.6.1",
     "@github/markdown-toolbar-element": "2.2.3",
-    "@github/relative-time-element": "4.4.5",
-    "@github/text-expander-element": "2.9.1",
+    "@github/relative-time-element": "4.4.8",
+    "@github/text-expander-element": "2.9.2",
     "@mcaptcha/vanilla-glue": "0.1.0-alpha-3",
-    "@primer/octicons": "19.15.1",
+    "@primer/octicons": "19.15.5",
     "@silverwind/vue3-calendar-heatmap": "2.0.6",
     "add-asset-webpack-plugin": "3.0.0",
-    "ansi_up": "6.0.2",
-    "asciinema-player": "3.9.0",
-    "chart.js": "4.4.8",
+    "ansi_up": "6.0.6",
+    "asciinema-player": "3.10.0",
+    "chart.js": "4.5.0",
     "chartjs-adapter-dayjs-4": "1.0.4",
     "chartjs-plugin-zoom": "2.2.0",
-    "clippie": "4.1.5",
+    "clippie": "4.1.7",
     "cropperjs": "1.6.2",
     "css-loader": "7.1.2",
     "dayjs": "1.11.13",
     "dropzone": "6.0.0-beta.2",
     "easymde": "2.20.0",
     "esbuild-loader": "4.3.0",
-    "escape-goat": "4.0.0",
     "fast-glob": "3.3.3",
-    "htmx.org": "2.0.4",
+    "htmx.org": "2.0.6",
     "idiomorph": "0.7.3",
     "jquery": "3.7.1",
-    "katex": "0.16.21",
+    "katex": "0.16.22",
     "license-checker-webpack-plugin": "0.2.1",
-    "mermaid": "11.5.0",
+    "mermaid": "11.9.0",
     "mini-css-extract-plugin": "2.9.2",
-    "minimatch": "10.0.1",
+    "minimatch": "10.0.3",
     "monaco-editor": "0.52.2",
     "monaco-editor-webpack-plugin": "7.1.0",
+    "online-3d-viewer": "0.16.0",
     "pdfobject": "2.3.1",
     "perfect-debounce": "1.0.0",
-    "postcss": "8.5.3",
+    "postcss": "8.5.6",
     "postcss-loader": "8.1.1",
-    "postcss-nesting": "13.0.1",
+    "postcss-nesting": "13.0.2",
     "sortablejs": "1.15.6",
-    "swagger-ui-dist": "5.20.1",
+    "swagger-ui-dist": "5.27.0",
     "tailwindcss": "3.4.17",
     "throttle-debounce": "5.0.2",
     "tinycolor2": "1.6.0",
     "tippy.js": "6.3.7",
     "toastify-js": "1.12.0",
     "tributejs": "5.1.3",
-    "typescript": "5.8.2",
-    "uint8-to-base64": "0.2.0",
+    "typescript": "5.8.3",
+    "uint8-to-base64": "0.2.1",
     "vanilla-colorful": "0.7.2",
-    "vue": "3.5.13",
+    "vue": "3.5.18",
     "vue-bar-graph": "2.2.0",
     "vue-chartjs": "5.3.2",
     "vue-loader": "17.4.2",
-    "webpack": "5.98.0",
+    "webpack": "5.101.0",
     "webpack-cli": "6.0.1",
     "wrap-ansi": "9.0.0"
   },
   "devDependencies": {
-    "@eslint-community/eslint-plugin-eslint-comments": "4.4.1",
-    "@playwright/test": "1.49.1",
-    "@stoplight/spectral-cli": "6.14.3",
+    "@eslint-community/eslint-plugin-eslint-comments": "4.5.0",
+    "@playwright/test": "1.54.1",
+    "@stoplight/spectral-cli": "6.15.0",
     "@stylistic/eslint-plugin-js": "3.1.0",
-    "@stylistic/stylelint-plugin": "3.1.2",
+    "@stylistic/stylelint-plugin": "4.0.0",
     "@types/dropzone": "5.7.9",
     "@types/jquery": "3.5.32",
     "@types/katex": "0.16.7",
-    "@types/license-checker-webpack-plugin": "0.2.4",
+    "@types/license-checker-webpack-plugin": "0.2.5",
     "@types/pdfobject": "2.2.5",
     "@types/sortablejs": "1.15.8",
-    "@types/swagger-ui-dist": "3.30.5",
+    "@types/swagger-ui-dist": "3.30.6",
     "@types/throttle-debounce": "5.0.2",
     "@types/tinycolor2": "1.4.6",
-    "@types/toastify-js": "1.12.3",
-    "@typescript-eslint/eslint-plugin": "8.26.1",
-    "@typescript-eslint/parser": "8.26.1",
-    "@vitejs/plugin-vue": "5.2.1",
-    "@vitest/eslint-plugin": "1.1.37",
+    "@types/toastify-js": "1.12.4",
+    "@typescript-eslint/eslint-plugin": "8.38.0",
+    "@typescript-eslint/parser": "8.38.0",
+    "@vitejs/plugin-vue": "6.0.1",
+    "@vitest/eslint-plugin": "1.3.4",
     "eslint": "8.57.0",
-    "eslint-import-resolver-typescript": "3.9.0",
+    "eslint-import-resolver-typescript": "4.4.4",
     "eslint-plugin-array-func": "4.0.0",
     "eslint-plugin-github": "5.0.2",
-    "eslint-plugin-import-x": "4.7.2",
+    "eslint-plugin-import-x": "4.16.1",
     "eslint-plugin-no-jquery": "3.1.1",
     "eslint-plugin-no-use-extend-native": "0.5.0",
-    "eslint-plugin-playwright": "2.2.0",
-    "eslint-plugin-regexp": "2.7.0",
-    "eslint-plugin-sonarjs": "3.0.2",
+    "eslint-plugin-playwright": "2.2.2",
+    "eslint-plugin-regexp": "2.9.0",
+    "eslint-plugin-sonarjs": "3.0.4",
     "eslint-plugin-unicorn": "56.0.1",
-    "eslint-plugin-vue": "10.0.0",
-    "eslint-plugin-vue-scoped-css": "2.9.0",
-    "eslint-plugin-wc": "2.2.1",
-    "happy-dom": "17.4.4",
-    "markdownlint-cli": "0.44.0",
-    "material-icon-theme": "5.20.0",
+    "eslint-plugin-vue": "10.4.0",
+    "eslint-plugin-vue-scoped-css": "2.11.0",
+    "eslint-plugin-wc": "3.0.1",
+    "happy-dom": "18.0.1",
+    "markdownlint-cli": "0.45.0",
+    "material-icon-theme": "5.24.0",
     "nolyfill": "1.0.44",
     "postcss-html": "1.8.0",
-    "stylelint": "16.16.0",
-    "stylelint-config-recommended": "15.0.0",
+    "stylelint": "16.23.0",
+    "stylelint-config-recommended": "17.0.0",
     "stylelint-declaration-block-no-ignored-properties": "2.8.0",
     "stylelint-declaration-strict-value": "1.10.11",
-    "stylelint-define-config": "16.15.0",
+    "stylelint-define-config": "16.22.0",
     "stylelint-value-no-unknown-custom-properties": "6.0.1",
-    "svgo": "3.3.2",
-    "type-fest": "4.37.0",
-    "updates": "16.4.2",
-    "vite-string-plugin": "1.4.4",
-    "vitest": "3.0.8",
-    "vue-tsc": "2.2.8"
+    "svgo": "4.0.0",
+    "type-fest": "4.41.0",
+    "updates": "16.5.2",
+    "vite-string-plugin": "1.4.6",
+    "vitest": "3.2.4",
+    "vue-tsc": "3.0.4"
   },
   "browserslist": [
     "defaults"
diff --git a/poetry.lock b/poetry.lock
deleted file mode 100644
index ca7ae78cb8..0000000000
--- a/poetry.lock
+++ /dev/null
@@ -1,426 +0,0 @@
-# This file is automatically @generated by Poetry 2.1.1 and should not be changed by hand.
-
-[[package]]
-name = "click"
-version = "8.1.8"
-description = "Composable command line interface toolkit"
-optional = false
-python-versions = ">=3.7"
-groups = ["dev"]
-files = [
-    {file = "click-8.1.8-py3-none-any.whl", hash = "sha256:63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2"},
-    {file = "click-8.1.8.tar.gz", hash = "sha256:ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a"},
-]
-
-[package.dependencies]
-colorama = {version = "*", markers = "platform_system == \"Windows\""}
-
-[[package]]
-name = "colorama"
-version = "0.4.6"
-description = "Cross-platform colored terminal text."
-optional = false
-python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7"
-groups = ["dev"]
-files = [
-    {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"},
-    {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"},
-]
-
-[[package]]
-name = "cssbeautifier"
-version = "1.15.4"
-description = "CSS unobfuscator and beautifier."
-optional = false
-python-versions = "*"
-groups = ["dev"]
-files = [
-    {file = "cssbeautifier-1.15.4-py3-none-any.whl", hash = "sha256:78c84d5e5378df7d08622bbd0477a1abdbd209680e95480bf22f12d5701efc98"},
-    {file = "cssbeautifier-1.15.4.tar.gz", hash = "sha256:9bb08dc3f64c101a01677f128acf01905914cf406baf87434dcde05b74c0acf5"},
-]
-
-[package.dependencies]
-editorconfig = ">=0.12.2"
-jsbeautifier = "*"
-six = ">=1.13.0"
-
-[[package]]
-name = "djlint"
-version = "1.36.4"
-description = "HTML Template Linter and Formatter"
-optional = false
-python-versions = ">=3.9"
-groups = ["dev"]
-files = [
-    {file = "djlint-1.36.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a2dfb60883ceb92465201bfd392291a7597c6752baede6fbb6f1980cac8d6c5c"},
-    {file = "djlint-1.36.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:4bc6a1320c0030244b530ac200642f883d3daa451a115920ef3d56d08b644292"},
-    {file = "djlint-1.36.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:3164a048c7bb0baf042387b1e33f9bbbf99d90d1337bb4c3d66eb0f96f5400a1"},
-    {file = "djlint-1.36.4-cp310-cp310-win_amd64.whl", hash = "sha256:3196d5277da5934962d67ad6c33a948ba77a7b6eadf064648bef6ee5f216b03c"},
-    {file = "djlint-1.36.4-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:3d68da0ed10ee9ca1e32e225cbb8e9b98bf7e6f8b48a8e4836117b6605b88cc7"},
-    {file = "djlint-1.36.4-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:c0478d5392247f1e6ee29220bbdbf7fb4e1bc0e7e83d291fda6fb926c1787ba7"},
-    {file = "djlint-1.36.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:962f7b83aee166e499eff916d631c6dde7f1447d7610785a60ed2a75a5763483"},
-    {file = "djlint-1.36.4-cp311-cp311-win_amd64.whl", hash = "sha256:53cbc450aa425c832f09bc453b8a94a039d147b096740df54a3547fada77ed08"},
-    {file = "djlint-1.36.4-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:ff9faffd7d43ac20467493fa71d5355b5b330a00ade1c4d1e859022f4195223b"},
-    {file = "djlint-1.36.4-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:79489e262b5ac23a8dfb7ca37f1eea979674cfc2d2644f7061d95bea12c38f7e"},
-    {file = "djlint-1.36.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:e58c5fa8c6477144a0be0a87273706a059e6dd0d6efae01146ae8c29cdfca675"},
-    {file = "djlint-1.36.4-cp312-cp312-win_amd64.whl", hash = "sha256:bb6903777bf3124f5efedcddf1f4716aef097a7ec4223fc0fa54b865829a6e08"},
-    {file = "djlint-1.36.4-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:ead475013bcac46095b1bbc8cf97ed2f06e83422335734363f8a76b4ba7e47c2"},
-    {file = "djlint-1.36.4-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:6c601dfa68ea253311deb4a29a7362b7a64933bdfcfb5a06618f3e70ad1fa835"},
-    {file = "djlint-1.36.4-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:bda5014f295002363381969864addeb2db13955f1b26e772657c3b273ed7809f"},
-    {file = "djlint-1.36.4-cp313-cp313-win_amd64.whl", hash = "sha256:16ce37e085afe5a30953b2bd87cbe34c37843d94c701fc68a2dda06c1e428ff4"},
-    {file = "djlint-1.36.4-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:89678661888c03d7bc6cadd75af69db29962b5ecbf93a81518262f5c48329f04"},
-    {file = "djlint-1.36.4-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:5b01a98df3e1ab89a552793590875bc6e954cad661a9304057db75363d519fa0"},
-    {file = "djlint-1.36.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:dabbb4f7b93223d471d09ae34ed515fef98b2233cbca2449ad117416c44b1351"},
-    {file = "djlint-1.36.4-cp39-cp39-win_amd64.whl", hash = "sha256:7a483390d17e44df5bc23dcea29bdf6b63f3ed8b4731d844773a4829af4f5e0b"},
-    {file = "djlint-1.36.4-py3-none-any.whl", hash = "sha256:e9699b8ac3057a6ed04fb90835b89bee954ed1959c01541ce4f8f729c938afdd"},
-    {file = "djlint-1.36.4.tar.gz", hash = "sha256:17254f218b46fe5a714b224c85074c099bcb74e3b2e1f15c2ddc2cf415a408a1"},
-]
-
-[package.dependencies]
-click = ">=8.0.1"
-colorama = ">=0.4.4"
-cssbeautifier = ">=1.14.4"
-jsbeautifier = ">=1.14.4"
-json5 = ">=0.9.11"
-pathspec = ">=0.12"
-pyyaml = ">=6"
-regex = ">=2023"
-tomli = {version = ">=2.0.1", markers = "python_version < \"3.11\""}
-tqdm = ">=4.62.2"
-typing-extensions = {version = ">=3.6.6", markers = "python_version < \"3.11\""}
-
-[[package]]
-name = "editorconfig"
-version = "0.17.0"
-description = "EditorConfig File Locator and Interpreter for Python"
-optional = false
-python-versions = "*"
-groups = ["dev"]
-files = [
-    {file = "EditorConfig-0.17.0-py3-none-any.whl", hash = "sha256:fe491719c5f65959ec00b167d07740e7ffec9a3f362038c72b289330b9991dfc"},
-    {file = "editorconfig-0.17.0.tar.gz", hash = "sha256:8739052279699840065d3a9f5c125d7d5a98daeefe53b0e5274261d77cb49aa2"},
-]
-
-[[package]]
-name = "jsbeautifier"
-version = "1.15.4"
-description = "JavaScript unobfuscator and beautifier."
-optional = false
-python-versions = "*"
-groups = ["dev"]
-files = [
-    {file = "jsbeautifier-1.15.4-py3-none-any.whl", hash = "sha256:72f65de312a3f10900d7685557f84cb61a9733c50dcc27271a39f5b0051bf528"},
-    {file = "jsbeautifier-1.15.4.tar.gz", hash = "sha256:5bb18d9efb9331d825735fbc5360ee8f1aac5e52780042803943aa7f854f7592"},
-]
-
-[package.dependencies]
-editorconfig = ">=0.12.2"
-six = ">=1.13.0"
-
-[[package]]
-name = "json5"
-version = "0.10.0"
-description = "A Python implementation of the JSON5 data format."
-optional = false
-python-versions = ">=3.8.0"
-groups = ["dev"]
-files = [
-    {file = "json5-0.10.0-py3-none-any.whl", hash = "sha256:19b23410220a7271e8377f81ba8aacba2fdd56947fbb137ee5977cbe1f5e8dfa"},
-    {file = "json5-0.10.0.tar.gz", hash = "sha256:e66941c8f0a02026943c52c2eb34ebeb2a6f819a0be05920a6f5243cd30fd559"},
-]
-
-[package.extras]
-dev = ["build (==1.2.2.post1)", "coverage (==7.5.3)", "mypy (==1.13.0)", "pip (==24.3.1)", "pylint (==3.2.3)", "ruff (==0.7.3)", "twine (==5.1.1)", "uv (==0.5.1)"]
-
-[[package]]
-name = "pathspec"
-version = "0.12.1"
-description = "Utility library for gitignore style pattern matching of file paths."
-optional = false
-python-versions = ">=3.8"
-groups = ["dev"]
-files = [
-    {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"},
-    {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"},
-]
-
-[[package]]
-name = "pyyaml"
-version = "6.0.2"
-description = "YAML parser and emitter for Python"
-optional = false
-python-versions = ">=3.8"
-groups = ["dev"]
-files = [
-    {file = "PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"},
-    {file = "PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf"},
-    {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237"},
-    {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b"},
-    {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed"},
-    {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180"},
-    {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68"},
-    {file = "PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99"},
-    {file = "PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e"},
-    {file = "PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774"},
-    {file = "PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee"},
-    {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c"},
-    {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317"},
-    {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85"},
-    {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"},
-    {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e"},
-    {file = "PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5"},
-    {file = "PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44"},
-    {file = "PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab"},
-    {file = "PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725"},
-    {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5"},
-    {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425"},
-    {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476"},
-    {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48"},
-    {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b"},
-    {file = "PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4"},
-    {file = "PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8"},
-    {file = "PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba"},
-    {file = "PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1"},
-    {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133"},
-    {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484"},
-    {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5"},
-    {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc"},
-    {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652"},
-    {file = "PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183"},
-    {file = "PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563"},
-    {file = "PyYAML-6.0.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a"},
-    {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5"},
-    {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d"},
-    {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083"},
-    {file = "PyYAML-6.0.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706"},
-    {file = "PyYAML-6.0.2-cp38-cp38-win32.whl", hash = "sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a"},
-    {file = "PyYAML-6.0.2-cp38-cp38-win_amd64.whl", hash = "sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff"},
-    {file = "PyYAML-6.0.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d"},
-    {file = "PyYAML-6.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f"},
-    {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290"},
-    {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12"},
-    {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19"},
-    {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e"},
-    {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725"},
-    {file = "PyYAML-6.0.2-cp39-cp39-win32.whl", hash = "sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631"},
-    {file = "PyYAML-6.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8"},
-    {file = "pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e"},
-]
-
-[[package]]
-name = "regex"
-version = "2024.11.6"
-description = "Alternative regular expression module, to replace re."
-optional = false
-python-versions = ">=3.8"
-groups = ["dev"]
-files = [
-    {file = "regex-2024.11.6-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:ff590880083d60acc0433f9c3f713c51f7ac6ebb9adf889c79a261ecf541aa91"},
-    {file = "regex-2024.11.6-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:658f90550f38270639e83ce492f27d2c8d2cd63805c65a13a14d36ca126753f0"},
-    {file = "regex-2024.11.6-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:164d8b7b3b4bcb2068b97428060b2a53be050085ef94eca7f240e7947f1b080e"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d3660c82f209655a06b587d55e723f0b813d3a7db2e32e5e7dc64ac2a9e86fde"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d22326fcdef5e08c154280b71163ced384b428343ae16a5ab2b3354aed12436e"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f1ac758ef6aebfc8943560194e9fd0fa18bcb34d89fd8bd2af18183afd8da3a2"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:997d6a487ff00807ba810e0f8332c18b4eb8d29463cfb7c820dc4b6e7562d0cf"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:02a02d2bb04fec86ad61f3ea7f49c015a0681bf76abb9857f945d26159d2968c"},
-    {file = "regex-2024.11.6-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f02f93b92358ee3f78660e43b4b0091229260c5d5c408d17d60bf26b6c900e86"},
-    {file = "regex-2024.11.6-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:06eb1be98df10e81ebaded73fcd51989dcf534e3c753466e4b60c4697a003b67"},
-    {file = "regex-2024.11.6-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:040df6fe1a5504eb0f04f048e6d09cd7c7110fef851d7c567a6b6e09942feb7d"},
-    {file = "regex-2024.11.6-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:fdabbfc59f2c6edba2a6622c647b716e34e8e3867e0ab975412c5c2f79b82da2"},
-    {file = "regex-2024.11.6-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:8447d2d39b5abe381419319f942de20b7ecd60ce86f16a23b0698f22e1b70008"},
-    {file = "regex-2024.11.6-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:da8f5fc57d1933de22a9e23eec290a0d8a5927a5370d24bda9a6abe50683fe62"},
-    {file = "regex-2024.11.6-cp310-cp310-win32.whl", hash = "sha256:b489578720afb782f6ccf2840920f3a32e31ba28a4b162e13900c3e6bd3f930e"},
-    {file = "regex-2024.11.6-cp310-cp310-win_amd64.whl", hash = "sha256:5071b2093e793357c9d8b2929dfc13ac5f0a6c650559503bb81189d0a3814519"},
-    {file = "regex-2024.11.6-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:5478c6962ad548b54a591778e93cd7c456a7a29f8eca9c49e4f9a806dcc5d638"},
-    {file = "regex-2024.11.6-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:2c89a8cc122b25ce6945f0423dc1352cb9593c68abd19223eebbd4e56612c5b7"},
-    {file = "regex-2024.11.6-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:94d87b689cdd831934fa3ce16cc15cd65748e6d689f5d2b8f4f4df2065c9fa20"},
-    {file = "regex-2024.11.6-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1062b39a0a2b75a9c694f7a08e7183a80c63c0d62b301418ffd9c35f55aaa114"},
-    {file = "regex-2024.11.6-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:167ed4852351d8a750da48712c3930b031f6efdaa0f22fa1933716bfcd6bf4a3"},
-    {file = "regex-2024.11.6-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d548dafee61f06ebdb584080621f3e0c23fff312f0de1afc776e2a2ba99a74f"},
-    {file = "regex-2024.11.6-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f2a19f302cd1ce5dd01a9099aaa19cae6173306d1302a43b627f62e21cf18ac0"},
-    {file = "regex-2024.11.6-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bec9931dfb61ddd8ef2ebc05646293812cb6b16b60cf7c9511a832b6f1854b55"},
-    {file = "regex-2024.11.6-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:9714398225f299aa85267fd222f7142fcb5c769e73d7733344efc46f2ef5cf89"},
-    {file = "regex-2024.11.6-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:202eb32e89f60fc147a41e55cb086db2a3f8cb82f9a9a88440dcfc5d37faae8d"},
-    {file = "regex-2024.11.6-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:4181b814e56078e9b00427ca358ec44333765f5ca1b45597ec7446d3a1ef6e34"},
-    {file = "regex-2024.11.6-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:068376da5a7e4da51968ce4c122a7cd31afaaec4fccc7856c92f63876e57b51d"},
-    {file = "regex-2024.11.6-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:ac10f2c4184420d881a3475fb2c6f4d95d53a8d50209a2500723d831036f7c45"},
-    {file = "regex-2024.11.6-cp311-cp311-win32.whl", hash = "sha256:c36f9b6f5f8649bb251a5f3f66564438977b7ef8386a52460ae77e6070d309d9"},
-    {file = "regex-2024.11.6-cp311-cp311-win_amd64.whl", hash = "sha256:02e28184be537f0e75c1f9b2f8847dc51e08e6e171c6bde130b2687e0c33cf60"},
-    {file = "regex-2024.11.6-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:52fb28f528778f184f870b7cf8f225f5eef0a8f6e3778529bdd40c7b3920796a"},
-    {file = "regex-2024.11.6-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:fdd6028445d2460f33136c55eeb1f601ab06d74cb3347132e1c24250187500d9"},
-    {file = "regex-2024.11.6-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:805e6b60c54bf766b251e94526ebad60b7de0c70f70a4e6210ee2891acb70bf2"},
-    {file = "regex-2024.11.6-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b85c2530be953a890eaffde05485238f07029600e8f098cdf1848d414a8b45e4"},
-    {file = "regex-2024.11.6-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:bb26437975da7dc36b7efad18aa9dd4ea569d2357ae6b783bf1118dabd9ea577"},
-    {file = "regex-2024.11.6-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:abfa5080c374a76a251ba60683242bc17eeb2c9818d0d30117b4486be10c59d3"},
-    {file = "regex-2024.11.6-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b7fa6606c2881c1db9479b0eaa11ed5dfa11c8d60a474ff0e095099f39d98e"},
-    {file = "regex-2024.11.6-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0c32f75920cf99fe6b6c539c399a4a128452eaf1af27f39bce8909c9a3fd8cbe"},
-    {file = "regex-2024.11.6-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:982e6d21414e78e1f51cf595d7f321dcd14de1f2881c5dc6a6e23bbbbd68435e"},
-    {file = "regex-2024.11.6-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:a7c2155f790e2fb448faed6dd241386719802296ec588a8b9051c1f5c481bc29"},
-    {file = "regex-2024.11.6-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:149f5008d286636e48cd0b1dd65018548944e495b0265b45e1bffecce1ef7f39"},
-    {file = "regex-2024.11.6-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:e5364a4502efca094731680e80009632ad6624084aff9a23ce8c8c6820de3e51"},
-    {file = "regex-2024.11.6-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:0a86e7eeca091c09e021db8eb72d54751e527fa47b8d5787caf96d9831bd02ad"},
-    {file = "regex-2024.11.6-cp312-cp312-win32.whl", hash = "sha256:32f9a4c643baad4efa81d549c2aadefaeba12249b2adc5af541759237eee1c54"},
-    {file = "regex-2024.11.6-cp312-cp312-win_amd64.whl", hash = "sha256:a93c194e2df18f7d264092dc8539b8ffb86b45b899ab976aa15d48214138e81b"},
-    {file = "regex-2024.11.6-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:a6ba92c0bcdf96cbf43a12c717eae4bc98325ca3730f6b130ffa2e3c3c723d84"},
-    {file = "regex-2024.11.6-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:525eab0b789891ac3be914d36893bdf972d483fe66551f79d3e27146191a37d4"},
-    {file = "regex-2024.11.6-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:086a27a0b4ca227941700e0b31425e7a28ef1ae8e5e05a33826e17e47fbfdba0"},
-    {file = "regex-2024.11.6-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bde01f35767c4a7899b7eb6e823b125a64de314a8ee9791367c9a34d56af18d0"},
-    {file = "regex-2024.11.6-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b583904576650166b3d920d2bcce13971f6f9e9a396c673187f49811b2769dc7"},
-    {file = "regex-2024.11.6-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1c4de13f06a0d54fa0d5ab1b7138bfa0d883220965a29616e3ea61b35d5f5fc7"},
-    {file = "regex-2024.11.6-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3cde6e9f2580eb1665965ce9bf17ff4952f34f5b126beb509fee8f4e994f143c"},
-    {file = "regex-2024.11.6-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0d7f453dca13f40a02b79636a339c5b62b670141e63efd511d3f8f73fba162b3"},
-    {file = "regex-2024.11.6-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:59dfe1ed21aea057a65c6b586afd2a945de04fc7db3de0a6e3ed5397ad491b07"},
-    {file = "regex-2024.11.6-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:b97c1e0bd37c5cd7902e65f410779d39eeda155800b65fc4d04cc432efa9bc6e"},
-    {file = "regex-2024.11.6-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:f9d1e379028e0fc2ae3654bac3cbbef81bf3fd571272a42d56c24007979bafb6"},
-    {file = "regex-2024.11.6-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:13291b39131e2d002a7940fb176e120bec5145f3aeb7621be6534e46251912c4"},
-    {file = "regex-2024.11.6-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:4f51f88c126370dcec4908576c5a627220da6c09d0bff31cfa89f2523843316d"},
-    {file = "regex-2024.11.6-cp313-cp313-win32.whl", hash = "sha256:63b13cfd72e9601125027202cad74995ab26921d8cd935c25f09c630436348ff"},
-    {file = "regex-2024.11.6-cp313-cp313-win_amd64.whl", hash = "sha256:2b3361af3198667e99927da8b84c1b010752fa4b1115ee30beaa332cabc3ef1a"},
-    {file = "regex-2024.11.6-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:3a51ccc315653ba012774efca4f23d1d2a8a8f278a6072e29c7147eee7da446b"},
-    {file = "regex-2024.11.6-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:ad182d02e40de7459b73155deb8996bbd8e96852267879396fb274e8700190e3"},
-    {file = "regex-2024.11.6-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:ba9b72e5643641b7d41fa1f6d5abda2c9a263ae835b917348fc3c928182ad467"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:40291b1b89ca6ad8d3f2b82782cc33807f1406cf68c8d440861da6304d8ffbbd"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:cdf58d0e516ee426a48f7b2c03a332a4114420716d55769ff7108c37a09951bf"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a36fdf2af13c2b14738f6e973aba563623cb77d753bbbd8d414d18bfaa3105dd"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d1cee317bfc014c2419a76bcc87f071405e3966da434e03e13beb45f8aced1a6"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:50153825ee016b91549962f970d6a4442fa106832e14c918acd1c8e479916c4f"},
-    {file = "regex-2024.11.6-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:ea1bfda2f7162605f6e8178223576856b3d791109f15ea99a9f95c16a7636fb5"},
-    {file = "regex-2024.11.6-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:df951c5f4a1b1910f1a99ff42c473ff60f8225baa1cdd3539fe2819d9543e9df"},
-    {file = "regex-2024.11.6-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:072623554418a9911446278f16ecb398fb3b540147a7828c06e2011fa531e773"},
-    {file = "regex-2024.11.6-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:f654882311409afb1d780b940234208a252322c24a93b442ca714d119e68086c"},
-    {file = "regex-2024.11.6-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:89d75e7293d2b3e674db7d4d9b1bee7f8f3d1609428e293771d1a962617150cc"},
-    {file = "regex-2024.11.6-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:f65557897fc977a44ab205ea871b690adaef6b9da6afda4790a2484b04293a5f"},
-    {file = "regex-2024.11.6-cp38-cp38-win32.whl", hash = "sha256:6f44ec28b1f858c98d3036ad5d7d0bfc568bdd7a74f9c24e25f41ef1ebfd81a4"},
-    {file = "regex-2024.11.6-cp38-cp38-win_amd64.whl", hash = "sha256:bb8f74f2f10dbf13a0be8de623ba4f9491faf58c24064f32b65679b021ed0001"},
-    {file = "regex-2024.11.6-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:5704e174f8ccab2026bd2f1ab6c510345ae8eac818b613d7d73e785f1310f839"},
-    {file = "regex-2024.11.6-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:220902c3c5cc6af55d4fe19ead504de80eb91f786dc102fbd74894b1551f095e"},
-    {file = "regex-2024.11.6-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:5e7e351589da0850c125f1600a4c4ba3c722efefe16b297de54300f08d734fbf"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5056b185ca113c88e18223183aa1a50e66507769c9640a6ff75859619d73957b"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2e34b51b650b23ed3354b5a07aab37034d9f923db2a40519139af34f485f77d0"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5670bce7b200273eee1840ef307bfa07cda90b38ae56e9a6ebcc9f50da9c469b"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:08986dce1339bc932923e7d1232ce9881499a0e02925f7402fb7c982515419ef"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:93c0b12d3d3bc25af4ebbf38f9ee780a487e8bf6954c115b9f015822d3bb8e48"},
-    {file = "regex-2024.11.6-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:764e71f22ab3b305e7f4c21f1a97e1526a25ebdd22513e251cf376760213da13"},
-    {file = "regex-2024.11.6-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:f056bf21105c2515c32372bbc057f43eb02aae2fda61052e2f7622c801f0b4e2"},
-    {file = "regex-2024.11.6-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:69ab78f848845569401469da20df3e081e6b5a11cb086de3eed1d48f5ed57c95"},
-    {file = "regex-2024.11.6-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:86fddba590aad9208e2fa8b43b4c098bb0ec74f15718bb6a704e3c63e2cef3e9"},
-    {file = "regex-2024.11.6-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:684d7a212682996d21ca12ef3c17353c021fe9de6049e19ac8481ec35574a70f"},
-    {file = "regex-2024.11.6-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:a03e02f48cd1abbd9f3b7e3586d97c8f7a9721c436f51a5245b3b9483044480b"},
-    {file = "regex-2024.11.6-cp39-cp39-win32.whl", hash = "sha256:41758407fc32d5c3c5de163888068cfee69cb4c2be844e7ac517a52770f9af57"},
-    {file = "regex-2024.11.6-cp39-cp39-win_amd64.whl", hash = "sha256:b2837718570f95dd41675328e111345f9b7095d821bac435aac173ac80b19983"},
-    {file = "regex-2024.11.6.tar.gz", hash = "sha256:7ab159b063c52a0333c884e4679f8d7a85112ee3078fe3d9004b2dd875585519"},
-]
-
-[[package]]
-name = "six"
-version = "1.17.0"
-description = "Python 2 and 3 compatibility utilities"
-optional = false
-python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7"
-groups = ["dev"]
-files = [
-    {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"},
-    {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"},
-]
-
-[[package]]
-name = "tomli"
-version = "2.2.1"
-description = "A lil' TOML parser"
-optional = false
-python-versions = ">=3.8"
-groups = ["dev"]
-markers = "python_version < \"3.11\""
-files = [
-    {file = "tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249"},
-    {file = "tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6"},
-    {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ece47d672db52ac607a3d9599a9d48dcb2f2f735c6c2d1f34130085bb12b112a"},
-    {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6972ca9c9cc9f0acaa56a8ca1ff51e7af152a9f87fb64623e31d5c83700080ee"},
-    {file = "tomli-2.2.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c954d2250168d28797dd4e3ac5cf812a406cd5a92674ee4c8f123c889786aa8e"},
-    {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:8dd28b3e155b80f4d54beb40a441d366adcfe740969820caf156c019fb5c7ec4"},
-    {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e59e304978767a54663af13c07b3d1af22ddee3bb2fb0618ca1593e4f593a106"},
-    {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:33580bccab0338d00994d7f16f4c4ec25b776af3ffaac1ed74e0b3fc95e885a8"},
-    {file = "tomli-2.2.1-cp311-cp311-win32.whl", hash = "sha256:465af0e0875402f1d226519c9904f37254b3045fc5084697cefb9bdde1ff99ff"},
-    {file = "tomli-2.2.1-cp311-cp311-win_amd64.whl", hash = "sha256:2d0f2fdd22b02c6d81637a3c95f8cd77f995846af7414c5c4b8d0545afa1bc4b"},
-    {file = "tomli-2.2.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4a8f6e44de52d5e6c657c9fe83b562f5f4256d8ebbfe4ff922c495620a7f6cea"},
-    {file = "tomli-2.2.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8d57ca8095a641b8237d5b079147646153d22552f1c637fd3ba7f4b0b29167a8"},
-    {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e340144ad7ae1533cb897d406382b4b6fede8890a03738ff1683af800d54192"},
-    {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2b95f9de79181805df90bedc5a5ab4c165e6ec3fe99f970d0e302f384ad222"},
-    {file = "tomli-2.2.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:40741994320b232529c802f8bc86da4e1aa9f413db394617b9a256ae0f9a7f77"},
-    {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:400e720fe168c0f8521520190686ef8ef033fb19fc493da09779e592861b78c6"},
-    {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:02abe224de6ae62c19f090f68da4e27b10af2b93213d36cf44e6e1c5abd19fdd"},
-    {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:b82ebccc8c8a36f2094e969560a1b836758481f3dc360ce9a3277c65f374285e"},
-    {file = "tomli-2.2.1-cp312-cp312-win32.whl", hash = "sha256:889f80ef92701b9dbb224e49ec87c645ce5df3fa2cc548664eb8a25e03127a98"},
-    {file = "tomli-2.2.1-cp312-cp312-win_amd64.whl", hash = "sha256:7fc04e92e1d624a4a63c76474610238576942d6b8950a2d7f908a340494e67e4"},
-    {file = "tomli-2.2.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f4039b9cbc3048b2416cc57ab3bda989a6fcf9b36cf8937f01a6e731b64f80d7"},
-    {file = "tomli-2.2.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:286f0ca2ffeeb5b9bd4fcc8d6c330534323ec51b2f52da063b11c502da16f30c"},
-    {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a92ef1a44547e894e2a17d24e7557a5e85a9e1d0048b0b5e7541f76c5032cb13"},
-    {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9316dc65bed1684c9a98ee68759ceaed29d229e985297003e494aa825ebb0281"},
-    {file = "tomli-2.2.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e85e99945e688e32d5a35c1ff38ed0b3f41f43fad8df0bdf79f72b2ba7bc5272"},
-    {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:ac065718db92ca818f8d6141b5f66369833d4a80a9d74435a268c52bdfa73140"},
-    {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:d920f33822747519673ee656a4b6ac33e382eca9d331c87770faa3eef562aeb2"},
-    {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:a198f10c4d1b1375d7687bc25294306e551bf1abfa4eace6650070a5c1ae2744"},
-    {file = "tomli-2.2.1-cp313-cp313-win32.whl", hash = "sha256:d3f5614314d758649ab2ab3a62d4f2004c825922f9e370b29416484086b264ec"},
-    {file = "tomli-2.2.1-cp313-cp313-win_amd64.whl", hash = "sha256:a38aa0308e754b0e3c67e344754dff64999ff9b513e691d0e786265c93583c69"},
-    {file = "tomli-2.2.1-py3-none-any.whl", hash = "sha256:cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc"},
-    {file = "tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff"},
-]
-
-[[package]]
-name = "tqdm"
-version = "4.67.1"
-description = "Fast, Extensible Progress Meter"
-optional = false
-python-versions = ">=3.7"
-groups = ["dev"]
-files = [
-    {file = "tqdm-4.67.1-py3-none-any.whl", hash = "sha256:26445eca388f82e72884e0d580d5464cd801a3ea01e63e5601bdff9ba6a48de2"},
-    {file = "tqdm-4.67.1.tar.gz", hash = "sha256:f8aef9c52c08c13a65f30ea34f4e5aac3fd1a34959879d7e59e63027286627f2"},
-]
-
-[package.dependencies]
-colorama = {version = "*", markers = "platform_system == \"Windows\""}
-
-[package.extras]
-dev = ["nbval", "pytest (>=6)", "pytest-asyncio (>=0.24)", "pytest-cov", "pytest-timeout"]
-discord = ["requests"]
-notebook = ["ipywidgets (>=6)"]
-slack = ["slack-sdk"]
-telegram = ["requests"]
-
-[[package]]
-name = "typing-extensions"
-version = "4.12.2"
-description = "Backported and Experimental Type Hints for Python 3.8+"
-optional = false
-python-versions = ">=3.8"
-groups = ["dev"]
-markers = "python_version < \"3.11\""
-files = [
-    {file = "typing_extensions-4.12.2-py3-none-any.whl", hash = "sha256:04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d"},
-    {file = "typing_extensions-4.12.2.tar.gz", hash = "sha256:1a7ead55c7e559dd4dee8856e3a88b41225abfe1ce8df57b7c13915fe121ffb8"},
-]
-
-[[package]]
-name = "yamllint"
-version = "1.36.1"
-description = "A linter for YAML files."
-optional = false
-python-versions = ">=3.9"
-groups = ["dev"]
-files = [
-    {file = "yamllint-1.36.1-py3-none-any.whl", hash = "sha256:3e2ccd47ea12449837adf6b2c56fd9e31172ce42bc1470380806be461f25df66"},
-    {file = "yamllint-1.36.1.tar.gz", hash = "sha256:a287689daaafc301a80549b2d0170452ebfdcabd826e3fe3b4c66e322d4851fa"},
-]
-
-[package.dependencies]
-pathspec = ">=0.5.3"
-pyyaml = "*"
-
-[package.extras]
-dev = ["doc8", "flake8", "flake8-import-order", "rstcheck[sphinx]", "sphinx"]
-
-[metadata]
-lock-version = "2.1"
-python-versions = "^3.10"
-content-hash = "d48a461813418f7b803a7f94713d93076a009a96554e0f4c707be0cc2a95b563"
diff --git a/poetry.toml b/poetry.toml
deleted file mode 100644
index 6eda9f8eff..0000000000
--- a/poetry.toml
+++ /dev/null
@@ -1,3 +0,0 @@
-[virtualenvs]
-in-project = true
-options.no-pip = true
diff --git a/public/assets/img/svg/gitea-chef.svg b/public/assets/img/svg/gitea-chef.svg
index c5e8a721cc..8fd8ed325d 100644
--- a/public/assets/img/svg/gitea-chef.svg
+++ b/public/assets/img/svg/gitea-chef.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 36 36" class="svg gitea-chef" width="16" height="16" aria-hidden="true"><g fill="none" fill-rule="evenodd"><path fill="#435363" d="M18 25.8c-4.3 0-7.7-3.6-7.7-8s3.4-7.9 7.7-7.9c3.5 0 6.4 2.4 7.3 5.7h3c-1-5-5.2-8.7-10.3-8.7-5.9 0-10.6 4.9-10.6 10.9 0 6.1 4.7 11 10.6 11 5.1 0 9.3-3.7 10.3-8.7h-3c-.9 3.3-3.8 5.7-7.3 5.7"/><path fill="#435363" d="M12.8 23.2c1.3 1.4 3.1 2.3 5.2 2.3v-3.2c-1.2 0-2.3-.5-3.1-1.3z"/><path fill="#F38B00" d="M10.6 17.8c0 1.1.3 2.2.6 3.1l2.9-1.3c-.3-.5-.4-1.1-.4-1.8 0-2.4 1.9-4.4 4.3-4.4v-3.2c-4.1 0-7.4 3.4-7.4 7.6"/><path fill="#435363" d="m20.6 10.7-1.1 3c.9.4 1.7 1.1 2.2 1.9H25c-.7-2.2-2.3-4-4.4-4.9"/><path fill="#F38B00" d="m19.5 22 1.1 2.9c2.1-.8 3.7-2.6 4.4-4.8h-3.3c-.5.8-1.3 1.5-2.2 1.9"/><path fill="#435363" d="M4.4 22.1c-.1-.2-.1-.3-.1-.5-.1-.2-.1-.3-.2-.5V21c0-.1 0-.3-.1-.4v-.5c-.1-.1-.1-.2-.1-.3-.1-.6-.1-1.3-.1-2H.9c0 .8 0 1.5.1 2.2 0 .2.1.4.1.6v.1c0 .2.1.4.1.5s0 .2.1.3v.3c.1.1.1.2.1.4 0 0 .1.1.1.2 0 .2 0 .3.1.4v.2c.2.7.5 1.3.7 2L5 23.8c-.2-.6-.4-1.1-.6-1.7"/><path fill="#F38B00" d="M18 32.6c-3.9 0-7.5-1.7-10.1-4.4l-2 2.2c3.1 3.2 7.3 5.2 12.1 5.2 8.7 0 15.8-6.8 16.9-15.5H32c-1.1 7-7 12.5-14 12.5M18 3.1c3.1 0 6.1 1.1 8.4 2.9l1.8-2.4C25.3 1.4 21.8.1 18 .1 10.7.1 4.5 4.8 2.1 11.4l2.7 1.1C6.8 7 12 3.1 18 3.1"/><path fill="#435363" d="M32 15.6h2.9c-.3-2.6-1.2-5-2.5-7.2L30 10c1 1.7 1.7 3.6 2 5.6"/><path fill="#F38B00" d="M28.7 15.6h2.9c-.8-5.1-4.1-9.3-8.6-11.1l-1.1 2.8c3.5 1.3 6 4.5 6.8 8.3"/><path fill="#435363" d="M18 6.5v-3c-5.9 0-10.9 3.8-12.9 9.1l2.7 1.1C9.4 9.5 13.3 6.5 18 6.5"/><path fill="#F38B00" d="M7 17.8H4.1c0 6.1 3.6 11.2 8.7 13.4l1.1-2.8C9.9 26.7 7 22.6 7 17.8"/><path fill="#435363" d="M18 29.2v3c6.9 0 12.6-5.3 13.6-12.1h-2.9c-1 5.2-5.4 9.1-10.7 9.1"/></g></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 36 36" class="svg gitea-chef" width="16" height="16" aria-hidden="true"><g fill="none" fill-rule="evenodd"><path fill="#435363" d="M18 25.8c-4.3 0-7.7-3.6-7.7-8s3.4-7.9 7.7-7.9c3.5 0 6.4 2.4 7.3 5.7h3c-1-5-5.2-8.7-10.3-8.7-5.9 0-10.6 4.9-10.6 10.9 0 6.1 4.7 11 10.6 11 5.1 0 9.3-3.7 10.3-8.7h-3c-.9 3.3-3.8 5.7-7.3 5.7"/><path fill="#435363" d="M12.8 23.2c1.3 1.4 3.1 2.3 5.2 2.3v-3.2c-1.2 0-2.3-.5-3.1-1.3z"/><path fill="#f38b00" d="M10.6 17.8c0 1.1.3 2.2.6 3.1l2.9-1.3c-.3-.5-.4-1.1-.4-1.8 0-2.4 1.9-4.4 4.3-4.4v-3.2c-4.1 0-7.4 3.4-7.4 7.6"/><path fill="#435363" d="m20.6 10.7-1.1 3c.9.4 1.7 1.1 2.2 1.9H25c-.7-2.2-2.3-4-4.4-4.9"/><path fill="#f38b00" d="m19.5 22 1.1 2.9c2.1-.8 3.7-2.6 4.4-4.8h-3.3c-.5.8-1.3 1.5-2.2 1.9"/><path fill="#435363" d="M4.4 22.1c-.1-.2-.1-.3-.1-.5-.1-.2-.1-.3-.2-.5V21c0-.1 0-.3-.1-.4v-.5c-.1-.1-.1-.2-.1-.3-.1-.6-.1-1.3-.1-2H.9c0 .8 0 1.5.1 2.2 0 .2.1.4.1.6v.1c0 .2.1.4.1.5s0 .2.1.3v.3c.1.1.1.2.1.4 0 0 .1.1.1.2 0 .2 0 .3.1.4v.2c.2.7.5 1.3.7 2L5 23.8c-.2-.6-.4-1.1-.6-1.7"/><path fill="#f38b00" d="M18 32.6c-3.9 0-7.5-1.7-10.1-4.4l-2 2.2c3.1 3.2 7.3 5.2 12.1 5.2 8.7 0 15.8-6.8 16.9-15.5H32c-1.1 7-7 12.5-14 12.5M18 3.1c3.1 0 6.1 1.1 8.4 2.9l1.8-2.4C25.3 1.4 21.8.1 18 .1 10.7.1 4.5 4.8 2.1 11.4l2.7 1.1C6.8 7 12 3.1 18 3.1"/><path fill="#435363" d="M32 15.6h2.9c-.3-2.6-1.2-5-2.5-7.2L30 10c1 1.7 1.7 3.6 2 5.6"/><path fill="#f38b00" d="M28.7 15.6h2.9c-.8-5.1-4.1-9.3-8.6-11.1l-1.1 2.8c3.5 1.3 6 4.5 6.8 8.3"/><path fill="#435363" d="M18 6.5v-3c-5.9 0-10.9 3.8-12.9 9.1l2.7 1.1C9.4 9.5 13.3 6.5 18 6.5"/><path fill="#f38b00" d="M7 17.8H4.1c0 6.1 3.6 11.2 8.7 13.4l1.1-2.8C9.9 26.7 7 22.6 7 17.8"/><path fill="#435363" d="M18 29.2v3c6.9 0 12.6-5.3 13.6-12.1h-2.9c-1 5.2-5.4 9.1-10.7 9.1"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-codecommit.svg b/public/assets/img/svg/gitea-codecommit.svg
index b44847d9e1..35d0b39c03 100644
--- a/public/assets/img/svg/gitea-codecommit.svg
+++ b/public/assets/img/svg/gitea-codecommit.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="-10 -10 100 100" class="svg gitea-codecommit" width="16" height="16" aria-hidden="true"><g fill="none" fill-rule="evenodd"><path fill="#C925D1" d="M0 0h80v80H0z"/><path fill="#FFF" d="M26.628 28.105h-2.017v-6.982c0-.558.36-.99.926-.99l7.144-.007v1.994H27.95l4.862 4.819-1.445 1.434-4.806-4.728zm28.07 10.867 1.869.827-6.541 14.446-1.868-.827zm1.311 10.493 4.003-2.89-3.526-3.535 1.458-1.422 4.36 4.373a1.002 1.002 0 0 1-.126 1.527l-4.963 3.58zm-9.043-8.802 1.205 1.633-4.061 2.932 3.538 3.536-1.454 1.424-4.374-4.373a1 1 0 0 1 .124-1.528zM69 24.13v42.858c0 .56-.458 1.012-1.024 1.012h-31.26c-.272 0-.53-.107-.723-.297a.96.96 0 0 1-.285-.7V55.034h2.018v10.971h29.256V25.113H37.726v-1.995h30.25c.566 0 1.024.453 1.024 1.012M33.182 34.588c0-1.927 1.585-3.495 3.535-3.495s3.535 1.568 3.535 3.495-1.585 3.495-3.535 3.495-3.535-1.568-3.535-3.495M17.549 66.009c-1.95 0-3.535-1.568-3.535-3.495s1.585-3.494 3.535-3.494 3.535 1.567 3.535 3.494-1.585 3.495-3.535 3.495m-3.535-23.442c0-1.927 1.585-3.495 3.535-3.495 1.982 0 3.535 1.535 3.535 3.495 0 1.927-1.585 3.495-3.535 3.495s-3.535-1.568-3.535-3.495m.004-25.081c0-1.925 1.584-3.491 3.53-3.491 1.948 0 3.532 1.566 3.532 3.49s-1.584 3.491-3.531 3.491-3.531-1.566-3.531-3.49m23.708 29.762v-7.276c2.57-.477 4.535-2.708 4.535-5.384 0-3.022-2.487-5.482-5.544-5.482s-5.545 2.46-5.545 5.482c0 2.676 1.966 4.907 4.536 5.384v7.276c0 1.163-.786 2.218-1.98 2.686l-10.451 4.1c-1.673.657-2.903 1.948-3.434 3.496-.433-.195-.801-.336-1.285-.416v-9.146c2.623-.433 4.535-2.687 4.535-5.401 0-2.764-1.878-4.972-4.535-5.393V22.889c2.626-.431 4.54-2.688 4.54-5.403 0-3.025-2.49-5.486-5.55-5.486S12 14.46 12 17.486c0 2.64 2.022 4.85 4.54 5.369v14.347c-2.515.518-4.536 2.727-4.536 5.365s2.02 4.846 4.536 5.365v9.217c-2.515.52-4.536 2.727-4.536 5.365 0 3.022 2.488 5.482 5.545 5.482s5.544-2.46 5.544-5.482a5.43 5.43 0 0 0-1.458-3.693c.167-1.27 1.066-2.384 2.397-2.905l10.45-4.1c1.98-.777 3.244-2.57 3.244-4.568"/></g></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="-10 -10 100 100" class="svg gitea-codecommit" width="16" height="16" aria-hidden="true"><g fill="none" fill-rule="evenodd"><path fill="#c925d1" d="M0 0h80v80H0z"/><path fill="#fff" d="M26.628 28.105h-2.017v-6.982c0-.558.36-.99.926-.99l7.144-.007v1.994H27.95l4.862 4.819-1.445 1.434-4.806-4.728zm28.07 10.867 1.869.827-6.541 14.446-1.868-.827zm1.311 10.493 4.003-2.89-3.526-3.535 1.458-1.422 4.36 4.373a1.002 1.002 0 0 1-.126 1.527l-4.963 3.58zm-9.043-8.802 1.205 1.633-4.061 2.932 3.538 3.536-1.454 1.424-4.374-4.373a1 1 0 0 1 .124-1.528zM69 24.13v42.858c0 .56-.458 1.012-1.024 1.012h-31.26c-.272 0-.53-.107-.723-.297a.96.96 0 0 1-.285-.7V55.034h2.018v10.971h29.256V25.113H37.726v-1.995h30.25c.566 0 1.024.453 1.024 1.012M33.182 34.588c0-1.927 1.585-3.495 3.535-3.495s3.535 1.568 3.535 3.495-1.585 3.495-3.535 3.495-3.535-1.568-3.535-3.495M17.549 66.009c-1.95 0-3.535-1.568-3.535-3.495s1.585-3.494 3.535-3.494 3.535 1.567 3.535 3.494-1.585 3.495-3.535 3.495m-3.535-23.442c0-1.927 1.585-3.495 3.535-3.495 1.982 0 3.535 1.535 3.535 3.495 0 1.927-1.585 3.495-3.535 3.495s-3.535-1.568-3.535-3.495m.004-25.081c0-1.925 1.584-3.491 3.53-3.491 1.948 0 3.532 1.566 3.532 3.49s-1.584 3.491-3.531 3.491-3.531-1.566-3.531-3.49m23.708 29.762v-7.276c2.57-.477 4.535-2.708 4.535-5.384 0-3.022-2.487-5.482-5.544-5.482s-5.545 2.46-5.545 5.482c0 2.676 1.966 4.907 4.536 5.384v7.276c0 1.163-.786 2.218-1.98 2.686l-10.451 4.1c-1.673.657-2.903 1.948-3.434 3.496-.433-.195-.801-.336-1.285-.416v-9.146c2.623-.433 4.535-2.687 4.535-5.401 0-2.764-1.878-4.972-4.535-5.393V22.889c2.626-.431 4.54-2.688 4.54-5.403 0-3.025-2.49-5.486-5.55-5.486S12 14.46 12 17.486c0 2.64 2.022 4.85 4.54 5.369v14.347c-2.515.518-4.536 2.727-4.536 5.365s2.02 4.846 4.536 5.365v9.217c-2.515.52-4.536 2.727-4.536 5.365 0 3.022 2.488 5.482 5.545 5.482s5.544-2.46 5.544-5.482a5.43 5.43 0 0 0-1.458-3.693c.167-1.27 1.066-2.384 2.397-2.905l10.45-4.1c1.98-.777 3.244-2.57 3.244-4.568"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-debian.svg b/public/assets/img/svg/gitea-debian.svg
index fa2f2f49dc..e92d0b6937 100644
--- a/public/assets/img/svg/gitea-debian.svg
+++ b/public/assets/img/svg/gitea-debian.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 210 260" class="svg gitea-debian" width="16" height="16" aria-hidden="true"><g fill="#D70751"><path d="M124.525 137.053c-4.125.058.78 2.125 6.165 2.954a55 55 0 0 0 4.04-3.479c-3.354.821-6.765.838-10.205.525m22.14-5.52c2.457-3.389 4.246-7.102 4.878-10.939-.551 2.736-2.035 5.099-3.435 7.592-7.711 4.854-.726-2.883-.004-5.824-8.29 10.436-1.138 6.257-1.439 9.171m8.174-21.265c.497-7.428-1.462-5.08-2.121-2.245.766.4 1.377 5.237 2.121 2.245M108.883 8.736c2.201.395 4.757.698 4.398 1.224 2.407-.528 2.954-1.015-4.398-1.224M113.281 9.96l-1.556.32 1.448-.127z"/><path d="M181.93 113.085c.247 6.671-1.95 9.907-3.932 15.637l-3.564 1.781c-2.919 5.666.282 3.598-1.807 8.105-4.556 4.049-13.823 12.67-16.789 13.457-2.163-.047 1.469-2.554 1.943-3.537-6.097 4.188-4.894 6.285-14.217 8.83l-.273-.607c-23.001 10.818-54.947-10.622-54.526-39.876-.246 1.857-.698 1.393-1.208 2.144-1.186-15.052 6.952-30.17 20.675-36.343 13.427-6.646 29.163-3.918 38.78 5.044-5.282-6.92-15.795-14.254-28.255-13.568-12.208.193-23.625 7.95-27.436 16.369-6.253 3.938-6.979 15.177-9.704 17.233-3.665 26.943 6.896 38.583 24.762 52.275 2.812 1.896.792 2.184 1.173 3.627-5.936-2.779-11.372-6.976-15.841-12.114 2.372 3.473 4.931 6.847 8.239 9.499-5.596-1.897-13.074-13.563-15.256-14.038 9.647 17.274 39.142 30.295 54.587 23.836-7.146.263-16.226.146-24.256-2.822-3.371-1.734-7.958-5.331-7.14-6.003 21.079 7.875 42.854 5.965 61.09-8.655 4.641-3.614 9.709-9.761 11.173-9.846-2.206 3.317.377 1.596-1.318 4.523 4.625-7.456-2.008-3.035 4.779-12.877l2.507 3.453c-.931-6.188 7.687-13.704 6.813-23.492 1.975-2.994 2.206 3.22.107 10.107 2.912-7.64.767-8.867 1.516-15.171.81 2.118 1.867 4.37 2.412 6.606-1.895-7.382 1.948-12.433 2.898-16.724-.937-.415-2.928 3.264-3.383-5.457.065-3.788 1.054-1.985 1.435-2.917-.744-.427-2.694-3.33-3.88-8.9.86-1.308 2.3 3.393 3.47 3.586-.753-4.429-2.049-7.805-2.103-11.202-3.421-7.149-1.211.953-3.985-3.069-3.641-11.357 3.021-2.637 3.47-7.796 5.52 7.995 8.667 20.387 10.11 25.519-1.103-6.258-2.883-12.32-5.058-18.185 1.677.705-2.699-12.875 2.18-3.882-5.21-19.172-22.302-37.087-38.025-45.493 1.924 1.76 4.354 3.971 3.481 4.317-7.819-4.656-6.444-5.018-7.565-6.985-6.369-2.591-6.788.208-11.007.004-12.005-6.368-14.318-5.69-25.368-9.681l.502 2.349c-7.953-2.649-9.265 1.005-17.862.009-.523-.409 2.753-1.479 5.452-1.871-7.69 1.015-7.329-1.515-14.854.279 1.855-1.301 3.815-2.162 5.793-3.269-6.271.381-14.971 3.649-12.286.677-10.235 4.569-28.403 10.976-38.597 20.535l-.321-2.142c-4.672 5.608-20.371 16.748-21.622 24.011l-1.249.291c-2.431 4.116-4.004 8.781-5.932 13.016-3.18 5.417-4.661 2.085-4.208 2.934-6.253 12.679-9.359 23.332-12.043 32.069 1.912 2.858.046 17.206.769 28.688-3.141 56.709 39.8 111.77 86.737 124.48 6.88 2.459 17.11 2.364 25.813 2.618-10.268-2.937-11.595-1.556-21.595-5.044-7.215-3.398-8.797-7.277-13.907-11.711l2.022 3.573c-10.021-3.547-5.829-4.39-13.982-6.972l2.16-2.82c-3.249-.246-8.604-5.475-10.069-8.371l-3.553.14c-4.27-5.269-6.545-9.063-6.379-12.005l-1.148 2.047c-1.301-2.235-15.709-19.759-8.234-15.679-1.389-1.271-3.235-2.067-5.237-5.703l1.522-1.739c-3.597-4.627-6.621-10.562-6.391-12.536 1.919 2.592 3.25 3.075 4.568 3.52-9.083-22.539-9.593-1.242-16.474-22.942l1.456-.116c-1.116-1.682-1.793-3.506-2.69-5.298l.633-6.313c-6.541-7.562-1.829-32.151-.887-45.637.655-5.485 5.459-11.322 9.114-20.477l-2.227-.384c4.256-7.423 24.301-29.814 33.583-28.662 4.499-5.649-.892-.02-1.772-1.443 9.878-10.223 12.984-7.222 19.65-9.061 7.19-4.268-6.17 1.664-2.761-1.628 12.427-3.174 8.808-7.216 25.021-8.828 1.71.973-3.969 1.503-5.395 2.766 10.354-5.066 32.769-3.914 47.326 2.811 16.895 7.896 35.873 31.232 36.622 53.189l.852.229c-.431 8.729 1.336 18.822-1.727 28.094l2.1-4.385"/><path d="m79.5 142.715-.578 2.893c2.71 3.683 4.861 7.673 8.323 10.552-2.49-4.863-4.341-6.872-7.745-13.445m6.409-.251c-1.435-1.587-2.284-3.497-3.235-5.4.909 3.345 2.771 6.219 4.504 9.143zm113.411-24.65-.605 1.52c-1.111 7.892-3.511 15.701-7.189 22.941a72.1 72.1 0 0 0 7.79-24.461M109.698 6.757c2.789-1.022 6.855-.56 9.814-1.233-3.855.324-7.693.517-11.484 1.005zM11.781 58.824c.642 5.951-4.477 8.26 1.134 4.337 3.007-6.773-1.175-1.87-1.134-4.337M5.188 86.362c1.292-3.967 1.526-6.349 2.02-8.645-3.571 4.566-1.643 5.539-2.02 8.645"/></g></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 210 260" class="svg gitea-debian" width="16" height="16" aria-hidden="true"><g fill="#d70751"><path d="M124.525 137.053c-4.125.058.78 2.125 6.165 2.954a55 55 0 0 0 4.04-3.479c-3.354.821-6.765.838-10.205.525m22.14-5.52c2.457-3.389 4.246-7.102 4.878-10.939-.551 2.736-2.035 5.099-3.435 7.592-7.711 4.854-.726-2.883-.004-5.824-8.29 10.436-1.138 6.257-1.439 9.171m8.174-21.265c.497-7.428-1.462-5.08-2.121-2.245.766.4 1.377 5.237 2.121 2.245M108.883 8.736c2.201.395 4.757.698 4.398 1.224 2.407-.528 2.954-1.015-4.398-1.224M113.281 9.96l-1.556.32 1.448-.127z"/><path d="M181.93 113.085c.247 6.671-1.95 9.907-3.932 15.637l-3.564 1.781c-2.919 5.666.282 3.598-1.807 8.105-4.556 4.049-13.823 12.67-16.789 13.457-2.163-.047 1.469-2.554 1.943-3.537-6.097 4.188-4.894 6.285-14.217 8.83l-.273-.607c-23.001 10.818-54.947-10.622-54.526-39.876-.246 1.857-.698 1.393-1.208 2.144-1.186-15.052 6.952-30.17 20.675-36.343 13.427-6.646 29.163-3.918 38.78 5.044-5.282-6.92-15.795-14.254-28.255-13.568-12.208.193-23.625 7.95-27.436 16.369-6.253 3.938-6.979 15.177-9.704 17.233-3.665 26.943 6.896 38.583 24.762 52.275 2.812 1.896.792 2.184 1.173 3.627-5.936-2.779-11.372-6.976-15.841-12.114 2.372 3.473 4.931 6.847 8.239 9.499-5.596-1.897-13.074-13.563-15.256-14.038 9.647 17.274 39.142 30.295 54.587 23.836-7.146.263-16.226.146-24.256-2.822-3.371-1.734-7.958-5.331-7.14-6.003 21.079 7.875 42.854 5.965 61.09-8.655 4.641-3.614 9.709-9.761 11.173-9.846-2.206 3.317.377 1.596-1.318 4.523 4.625-7.456-2.008-3.035 4.779-12.877l2.507 3.453c-.931-6.188 7.687-13.704 6.813-23.492 1.975-2.994 2.206 3.22.107 10.107 2.912-7.64.767-8.867 1.516-15.171.81 2.118 1.867 4.37 2.412 6.606-1.895-7.382 1.948-12.433 2.898-16.724-.937-.415-2.928 3.264-3.383-5.457.065-3.788 1.054-1.985 1.435-2.917-.744-.427-2.694-3.33-3.88-8.9.86-1.308 2.3 3.393 3.47 3.586-.753-4.429-2.049-7.805-2.103-11.202-3.421-7.149-1.211.953-3.985-3.069-3.641-11.357 3.021-2.637 3.47-7.796 5.52 7.995 8.667 20.387 10.11 25.519-1.103-6.258-2.883-12.32-5.058-18.185 1.677.705-2.699-12.875 2.18-3.882-5.21-19.172-22.302-37.087-38.025-45.493 1.924 1.76 4.354 3.971 3.481 4.317-7.819-4.656-6.444-5.018-7.565-6.985-6.369-2.591-6.788.208-11.007.004-12.005-6.368-14.318-5.69-25.368-9.681l.502 2.349c-7.953-2.649-9.265 1.005-17.862.009-.523-.409 2.753-1.479 5.452-1.871-7.69 1.015-7.329-1.515-14.854.279 1.855-1.301 3.815-2.162 5.793-3.269-6.271.381-14.971 3.649-12.286.677-10.235 4.569-28.403 10.976-38.597 20.535l-.321-2.142c-4.672 5.608-20.371 16.748-21.622 24.011l-1.249.291c-2.431 4.116-4.004 8.781-5.932 13.016-3.18 5.417-4.661 2.085-4.208 2.934-6.253 12.679-9.359 23.332-12.043 32.069 1.912 2.858.046 17.206.769 28.688-3.141 56.709 39.8 111.77 86.737 124.48 6.88 2.459 17.11 2.364 25.813 2.618-10.268-2.937-11.595-1.556-21.595-5.044-7.215-3.398-8.797-7.277-13.907-11.711l2.022 3.573c-10.021-3.547-5.829-4.39-13.982-6.972l2.16-2.82c-3.249-.246-8.604-5.475-10.069-8.371l-3.553.14c-4.27-5.269-6.545-9.063-6.379-12.005l-1.148 2.047c-1.301-2.235-15.709-19.759-8.234-15.679-1.389-1.271-3.235-2.067-5.237-5.703l1.522-1.739c-3.597-4.627-6.621-10.562-6.391-12.536 1.919 2.592 3.25 3.075 4.568 3.52-9.083-22.539-9.593-1.242-16.474-22.942l1.456-.116c-1.116-1.682-1.793-3.506-2.69-5.298l.633-6.313c-6.541-7.562-1.829-32.151-.887-45.637.655-5.485 5.459-11.322 9.114-20.477l-2.227-.384c4.256-7.423 24.301-29.814 33.583-28.662 4.499-5.649-.892-.02-1.772-1.443 9.878-10.223 12.984-7.222 19.65-9.061 7.19-4.268-6.17 1.664-2.761-1.628 12.427-3.174 8.808-7.216 25.021-8.828 1.71.973-3.969 1.503-5.395 2.766 10.354-5.066 32.769-3.914 47.326 2.811 16.895 7.896 35.873 31.232 36.622 53.189l.852.229c-.431 8.729 1.336 18.822-1.727 28.094l2.1-4.385"/><path d="m79.5 142.715-.578 2.893c2.71 3.683 4.861 7.673 8.323 10.552-2.49-4.863-4.341-6.872-7.745-13.445m6.409-.251c-1.435-1.587-2.284-3.497-3.235-5.4.909 3.345 2.771 6.219 4.504 9.143zm113.411-24.65-.605 1.52c-1.111 7.892-3.511 15.701-7.189 22.941a72.1 72.1 0 0 0 7.79-24.461M109.698 6.757c2.789-1.022 6.855-.56 9.814-1.233-3.855.324-7.693.517-11.484 1.005zM11.781 58.824c.642 5.951-4.477 8.26 1.134 4.337 3.007-6.773-1.175-1.87-1.134-4.337M5.188 86.362c1.292-3.967 1.526-6.349 2.02-8.645-3.571 4.566-1.643 5.539-2.02 8.645"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-gitbucket.svg b/public/assets/img/svg/gitea-gitbucket.svg
index 62f603484e..b9e99724b2 100644
--- a/public/assets/img/svg/gitea-gitbucket.svg
+++ b/public/assets/img/svg/gitea-gitbucket.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" version="1.0" viewBox="0 0 316 329" class="svg gitea-gitbucket" width="16" height="16" aria-hidden="true"><path d="M123 21.1c-44.8 2.8-84 12.8-97.1 24.6-5 4.5-5 7.1 0 11.6C41.7 71.5 96.6 82.9 150 83h10.6l5.4-5.6c11.8-12.1 21.3-12.4 32.6-1.2l5.2 5 13.3-1.7c33.8-4.2 61.5-12.7 71.8-22 5.3-4.8 5.3-7.2 0-12-10.1-9.1-39.1-18.1-70.4-21.9-28.3-3.4-65.6-4.4-95.5-2.5M23.2 80.6c.4 1.6 7 42.9 14.8 91.9 7.9 49 14.7 89.5 15.2 90.2 1.7 2.1 25.8 11.4 41.6 15.9 13 3.7 35.1 8.4 40 8.4.6 0 1.2-.6 1.2-1.3 0-.6-17.4-18.5-38.6-39.7C57.9 206.6 55 203.2 55 196s3-10.7 38.3-45.9c30.1-30 34.8-34.3 36.6-33.5 1.1.5 8.7 7.4 17 15.2l15.1 14.4v5.9c0 7.3 2.4 12.4 7.7 16.7l3.8 3v61.8l-3.8 3.4c-10.2 8.9-10.2 22.9-.1 30.7 3.1 2.3 4.9 2.8 10.8 3.1 8.2.4 11.5-1.1 16.2-7.3 2.2-3 2.9-5.1 3.2-10 .4-6.5-.2-8.3-5.3-15.4l-2.5-3.4v-26.6c0-26.7.3-31.1 2.3-31.1.5 0 5.4 4.4 10.9 9.7 9.6 9.5 9.9 10 10.8 15.7 1.7 10.3 8.9 16.6 19 16.6 7.6 0 13.5-3.9 17.4-11.7 3.2-6.4 1.6-14.3-4.3-20.6-4.1-4.4-7.3-5.7-14.9-5.7h-6.8l-12.7-12.1c-10.7-10.1-12.7-12.6-13.2-15.7-1.2-7.2-1.6-8.2-4.7-11.7-3.9-4.5-7.7-6.5-12.2-6.5-1.9 0-4.5-.4-5.8-.9s-9.9-8.2-19.3-17l-17-16-7.1-.1c-10.6 0-36-2.7-52.4-5.5-22.8-4-38.5-8.6-57.9-17.2-1.1-.5-1.3 0-.9 2.3M278.5 83.6c-8.6 3.6-28 8.8-42.5 11.4-6.9 1.2-12.9 2.6-13.5 3.1-.6.6 9.3 11.2 27.5 29.4 15.6 15.6 28.5 28.3 28.7 28.1s1.9-15.8 3.8-34.7 3.7-35.6 4-37.2c.6-3.4-.2-3.4-8-.1M255.2 259.3c-7.8 7.8-14.2 14.6-14.2 15s.7.7 1.6.7c2.2 0 23-8.9 24.2-10.3.9-1.1 3.5-18.7 2.9-19.3-.2-.2-6.7 6.1-14.5 13.9M56 283.5c0 3.4 4 9.5 8.4 12.9 6.1 4.6 19.7 10.4 31.7 13.5 16.9 4.3 32.1 6.2 53.4 6.8l19 .5-7-7.1c-6.8-6.9-7.1-7.1-12-7.1-18.9 0-55.1-7.9-80.6-17.6C62.5 283 57 281 56.6 281c-.3 0-.6 1.1-.6 2.5M262 283.4c-5.3 2.8-25 9.7-36 12.6l-11.4 2.9-7.8 7.8c-4.2 4.2-7.6 7.9-7.4 8.1.9.8 24.4-4.1 33.4-6.9 16.4-5.3 26.7-11.4 30.8-18.5 2.4-4 3.1-7.4 1.7-7.4-.5.1-1.9.7-3.3 1.4"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 316 329" class="svg gitea-gitbucket" width="16" height="16" aria-hidden="true"><path d="M123 21.1c-44.8 2.8-84 12.8-97.1 24.6-5 4.5-5 7.1 0 11.6C41.7 71.5 96.6 82.9 150 83h10.6l5.4-5.6c11.8-12.1 21.3-12.4 32.6-1.2l5.2 5 13.3-1.7c33.8-4.2 61.5-12.7 71.8-22 5.3-4.8 5.3-7.2 0-12-10.1-9.1-39.1-18.1-70.4-21.9-28.3-3.4-65.6-4.4-95.5-2.5M23.2 80.6c.4 1.6 7 42.9 14.8 91.9 7.9 49 14.7 89.5 15.2 90.2 1.7 2.1 25.8 11.4 41.6 15.9 13 3.7 35.1 8.4 40 8.4.6 0 1.2-.6 1.2-1.3 0-.6-17.4-18.5-38.6-39.7C57.9 206.6 55 203.2 55 196s3-10.7 38.3-45.9c30.1-30 34.8-34.3 36.6-33.5 1.1.5 8.7 7.4 17 15.2l15.1 14.4v5.9c0 7.3 2.4 12.4 7.7 16.7l3.8 3v61.8l-3.8 3.4c-10.2 8.9-10.2 22.9-.1 30.7 3.1 2.3 4.9 2.8 10.8 3.1 8.2.4 11.5-1.1 16.2-7.3 2.2-3 2.9-5.1 3.2-10 .4-6.5-.2-8.3-5.3-15.4l-2.5-3.4v-26.6c0-26.7.3-31.1 2.3-31.1.5 0 5.4 4.4 10.9 9.7 9.6 9.5 9.9 10 10.8 15.7 1.7 10.3 8.9 16.6 19 16.6 7.6 0 13.5-3.9 17.4-11.7 3.2-6.4 1.6-14.3-4.3-20.6-4.1-4.4-7.3-5.7-14.9-5.7h-6.8l-12.7-12.1c-10.7-10.1-12.7-12.6-13.2-15.7-1.2-7.2-1.6-8.2-4.7-11.7-3.9-4.5-7.7-6.5-12.2-6.5-1.9 0-4.5-.4-5.8-.9s-9.9-8.2-19.3-17l-17-16-7.1-.1c-10.6 0-36-2.7-52.4-5.5-22.8-4-38.5-8.6-57.9-17.2-1.1-.5-1.3 0-.9 2.3M278.5 83.6c-8.6 3.6-28 8.8-42.5 11.4-6.9 1.2-12.9 2.6-13.5 3.1-.6.6 9.3 11.2 27.5 29.4 15.6 15.6 28.5 28.3 28.7 28.1s1.9-15.8 3.8-34.7 3.7-35.6 4-37.2c.6-3.4-.2-3.4-8-.1M255.2 259.3c-7.8 7.8-14.2 14.6-14.2 15s.7.7 1.6.7c2.2 0 23-8.9 24.2-10.3.9-1.1 3.5-18.7 2.9-19.3-.2-.2-6.7 6.1-14.5 13.9M56 283.5c0 3.4 4 9.5 8.4 12.9 6.1 4.6 19.7 10.4 31.7 13.5 16.9 4.3 32.1 6.2 53.4 6.8l19 .5-7-7.1c-6.8-6.9-7.1-7.1-12-7.1-18.9 0-55.1-7.9-80.6-17.6C62.5 283 57 281 56.6 281c-.3 0-.6 1.1-.6 2.5M262 283.4c-5.3 2.8-25 9.7-36 12.6l-11.4 2.9-7.8 7.8c-4.2 4.2-7.6 7.9-7.4 8.1.9.8 24.4-4.1 33.4-6.9 16.4-5.3 26.7-11.4 30.8-18.5 2.4-4 3.1-7.4 1.7-7.4-.5.1-1.9.7-3.3 1.4"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-gitlab.svg b/public/assets/img/svg/gitea-gitlab.svg
index 03fcb0b87e..e2d708e7be 100644
--- a/public/assets/img/svg/gitea-gitlab.svg
+++ b/public/assets/img/svg/gitea-gitlab.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32" class="svg gitea-gitlab" width="16" height="16" aria-hidden="true"><path fill="#E24329" d="m31.462 12.779-.045-.115-4.35-11.35a1.14 1.14 0 0 0-.447-.541 1.16 1.16 0 0 0-1.343.071c-.187.15-.322.356-.386.587l-2.94 9.001h-11.9l-2.941-9a1.14 1.14 0 0 0-1.045-.84 1.15 1.15 0 0 0-1.13.72L.579 12.68l-.045.113a8.09 8.09 0 0 0 2.68 9.34l.016.012.038.03 6.635 4.967 3.28 2.484 1.994 1.51a1.35 1.35 0 0 0 1.627 0l1.994-1.51 3.282-2.484 6.673-4.997.018-.013a8.09 8.09 0 0 0 2.69-9.352Z"/><path fill="#FC6D26" d="m31.462 12.779-.045-.115a14.75 14.75 0 0 0-5.856 2.634l-9.553 7.24L22.1 27.14l6.673-4.997.019-.013a8.09 8.09 0 0 0 2.67-9.352Z"/><path fill="#FCA326" d="m9.908 27.14 3.275 2.485 1.994 1.51a1.35 1.35 0 0 0 1.627 0l1.994-1.51 3.282-2.484s-2.835-2.14-6.092-4.603z"/><path fill="#FC6D26" d="M6.435 15.305A14.7 14.7 0 0 0 .58 12.672l-.045.113a8.09 8.09 0 0 0 2.68 9.347l.016.012.038.03 6.635 4.967 6.105-4.603-9.573-7.233Z"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32" class="svg gitea-gitlab" width="16" height="16" aria-hidden="true"><path fill="#e24329" d="m31.462 12.779-.045-.115-4.35-11.35a1.14 1.14 0 0 0-.447-.541 1.16 1.16 0 0 0-1.343.071c-.187.15-.322.356-.386.587l-2.94 9.001h-11.9l-2.941-9a1.14 1.14 0 0 0-1.045-.84 1.15 1.15 0 0 0-1.13.72L.579 12.68l-.045.113a8.09 8.09 0 0 0 2.68 9.34l.016.012.038.03 6.635 4.967 3.28 2.484 1.994 1.51a1.35 1.35 0 0 0 1.627 0l1.994-1.51 3.282-2.484 6.673-4.997.018-.013a8.09 8.09 0 0 0 2.69-9.352Z"/><path fill="#fc6d26" d="m31.462 12.779-.045-.115a14.75 14.75 0 0 0-5.856 2.634l-9.553 7.24L22.1 27.14l6.673-4.997.019-.013a8.09 8.09 0 0 0 2.67-9.352Z"/><path fill="#fca326" d="m9.908 27.14 3.275 2.485 1.994 1.51a1.35 1.35 0 0 0 1.627 0l1.994-1.51 3.282-2.484s-2.835-2.14-6.092-4.603z"/><path fill="#fc6d26" d="M6.435 15.305A14.7 14.7 0 0 0 .58 12.672l-.045.113a8.09 8.09 0 0 0 2.68 9.347l.016.012.038.03 6.635 4.967 6.105-4.603-9.573-7.233Z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-google.svg b/public/assets/img/svg/gitea-google.svg
index 7dd2622df6..26ee04cb64 100644
--- a/public/assets/img/svg/gitea-google.svg
+++ b/public/assets/img/svg/gitea-google.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" class="gitea-google__svg gitea-google__gitea-google svg gitea-google" viewBox="0 0 24 24" width="16" height="16"><path fill="#4285F4" d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09"/><path fill="#34A853" d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23"/><path fill="#FBBC05" d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22z"/><path fill="#EA4335" d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53"/><path fill="none" d="M1 1h22v22H1z"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" class="gitea-google__svg gitea-google__gitea-google svg gitea-google" viewBox="0 0 24 24" width="16" height="16"><path fill="#4285f4" d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09"/><path fill="#34a853" d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23"/><path fill="#fbbc05" d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22z"/><path fill="#ea4335" d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53"/><path fill="none" d="M1 1h22v22H1z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-maven.svg b/public/assets/img/svg/gitea-maven.svg
index 320d01a234..f6ece7dc28 100644
--- a/public/assets/img/svg/gitea-maven.svg
+++ b/public/assets/img/svg/gitea-maven.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2392.5 4226.6" class="svg gitea-maven" width="16" height="16" aria-hidden="true"><linearGradient id="gitea-maven__a" x1="-5167.1" x2="-4570.1" y1="697.55" y2="1395.6" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#F69923"/><stop offset=".312" stop-color="#F79A23"/><stop offset=".838" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__a)" d="M1798.9 20.1C1732.6 59.2 1622.5 170 1491 330.5l120.8 228c84.8-121.3 170.9-230.4 257.8-323.6 6.7-7.4 10.2-10.9 10.2-10.9-3.4 3.6-6.8 7.3-10.2 10.9-28.1 31-113.4 130.5-242.1 328.1 123.9-6.2 314.3-31.5 469.6-58.1 46.2-258.8-45.3-377.3-45.3-377.3S1935.5-60.6 1798.9 20.1"/><path fill="none" d="M1594.4 1320.7c.9-.2 1.8-.3 2.7-.5l-17.4 1.9c-1.1.5-2 1-3.1 1.4 6-.9 11.9-1.9 17.8-2.8m-123.3 408.4c-9.9 2.2-20 3.9-30.2 5.4 10.2-1.5 20.3-3.3 30.2-5.4m-838 916.1c1.3-3.4 2.6-6.8 3.8-10.2 26.6-70.2 52.9-138.4 79-204.9 29.3-74.6 58.2-146.8 86.8-216.8 30.1-73.8 59.8-145.1 89.1-214 30.7-72.3 61-141.9 90.7-208.9 24.2-54.5 48-107.3 71.5-158.4 7.8-17 15.6-33.9 23.4-50.6 15.4-33.1 30.7-65.6 45.7-97.3 13.9-29.3 27.7-57.9 41.4-86 4.5-9.4 9.1-18.6 13.6-27.9.7-1.5 1.5-3 2.2-4.5l-14.8 1.6-11.8-23.2c-1.1 2.3-2.3 4.5-3.5 6.8q-31.8 63.15-63 127.5c-12 24.8-24 49.7-35.9 74.7-33 69.3-65.5 139.2-97.4 209.6-32.3 71.1-63.9 142.6-94.9 214.2-30.5 70.3-60.3 140.7-89.6 210.9-29.2 70.1-57.7 140-85.6 209.4-29.1 72.5-57.4 144.3-84.8 215.3-6.2 16-12.4 32-18.5 48-22 57.3-43.4 113.8-64.3 169.6l18.6 36.7 16.6-1.8c.6-1.7 1.2-3.4 1.8-5 26.9-73.5 53.5-145.1 79.9-214.8m800.1-909.5c.1 0 .1-.1.2-.1 0 0-.1 0-.2.1"/><path fill="#BE202E" d="M1393.2 1934.8c-15.4 2.8-31.3 5.5-47.6 8.3-.1 0-.2.1-.3.1 8.2-1.2 16.3-2.4 24.3-3.8s15.8-2.9 23.6-4.6"/><path fill="#BE202E" d="M1393.2 1934.8c-15.4 2.8-31.3 5.5-47.6 8.3-.1 0-.2.1-.3.1 8.2-1.2 16.3-2.4 24.3-3.8s15.8-2.9 23.6-4.6" opacity=".35"/><path fill="#BE202E" d="M1433.6 1735.5s-.1 0-.1.1c-.1 0-.1.1-.2.1 2.6-.3 5.1-.8 7.6-1.1 10.3-1.5 20.4-3.3 30.2-5.4-12.3 2-24.8 4.2-37.5 6.3"/><path fill="#BE202E" d="M1433.6 1735.5s-.1 0-.1.1c-.1 0-.1.1-.2.1 2.6-.3 5.1-.8 7.6-1.1 10.3-1.5 20.4-3.3 30.2-5.4-12.3 2-24.8 4.2-37.5 6.3" opacity=".35"/><linearGradient id="gitea-maven__b" x1="-9585.3" x2="-5326.2" y1="620.5" y2="620.5" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__b)" d="M1255.7 1147.6c36.7-68.6 73.9-135.7 111.5-201 39-67.8 78.5-133.6 118.4-197 2.3-3.7 4.7-7.5 7-11.3 39.4-62.4 79.2-122.4 119.3-179.8l-120.8-228c-9.1 11.1-18.2 22.4-27.5 33.9-34.8 43.4-71 90.1-108.1 139.6-41.8 55.8-84.8 115.4-128.5 177.9-40.3 57.8-81.2 118.3-122.1 180.9-34.8 53.3-69.8 108.2-104.5 164.5l-3.9 6.3 157.2 310.5c33.6-66.5 67.6-132.1 102-196.5"/><linearGradient id="gitea-maven__c" x1="-9071.2" x2="-6533.2" y1="1047.7" y2="1047.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#282662"/><stop offset=".095" stop-color="#662E8D"/><stop offset=".788" stop-color="#9F2064"/><stop offset=".949" stop-color="#CD2032"/></linearGradient><path fill="url(#gitea-maven__c)" d="M539.7 2897.1c-20.8 57.2-41.7 115.4-62.7 174.9-.3.9-.6 1.7-.9 2.6-3 8.4-5.9 16.8-8.9 25.2-14.1 40.1-26.4 76.2-54.5 158.3 46.3 21.1 83.5 76.7 118.7 139.8-3.7-65.3-30.8-126.7-82.1-174.2 228.3 10.3 425-47.4 526.7-214.3 9.1-14.9 17.4-30.5 24.9-47.2-46.2 58.6-103.5 83.5-211.4 77.4-.2.1-.5.2-.7.3.2-.1.5-.2.7-.3 158.8-71.1 238.5-139.3 308.9-252.4 16.7-26.8 32.9-56.1 49.5-88.6-138.9 142.6-299.8 183.2-469.3 152.4l-127.1 13.9c-4 10.7-7.9 21.4-11.8 32.2"/><linearGradient id="gitea-maven__d" x1="-9346.1" x2="-5087" y1="580.82" y2="580.82" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__d)" d="M599 2612.4c27.5-71 55.8-142.8 84.8-215.3 27.8-69.4 56.4-139.2 85.6-209.4s59.1-140.5 89.6-210.9c31-71.6 62.7-143.1 94.9-214.2 31.9-70.3 64.4-140.3 97.4-209.6 11.9-25 23.9-49.9 35.9-74.7q31.2-64.35 63-127.5c1.1-2.3 2.3-4.5 3.5-6.8l-157.2-310.5c-2.6 4.2-5.1 8.4-7.7 12.6-36.6 59.8-73.1 121-108.9 183.5-36.2 63.1-71.7 127.4-106.4 192.6-29.3 55-57.9 110.5-85.7 166.5-5.6 11.4-11.1 22.6-16.6 33.9-34.3 70.5-65.2 138.6-93.2 204.1-31.7 74.2-59.6 145.1-84 212.3-16.1 44.2-30.7 86.9-44.1 127.9-11 35-21.5 70.1-31.4 105-23.5 82.3-43.7 164.4-60.3 246.2l158 311.9c20.9-55.8 42.3-112.3 64.3-169.6 6.1-15.9 12.3-32 18.5-48"/><linearGradient id="gitea-maven__e" x1="-9035.5" x2="-6797.2" y1="638.44" y2="638.44" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#282662"/><stop offset=".095" stop-color="#662E8D"/><stop offset=".788" stop-color="#9F2064"/><stop offset=".949" stop-color="#CD2032"/></linearGradient><path fill="url(#gitea-maven__e)" d="M356.1 2529.2c-19.8 99.8-33.9 199.2-41 298-.2 3.5-.6 6.9-.8 10.4-49.3-79-181.3-156.1-181-155.4 94.5 137 166.2 273 176.9 406.5-50.6 10.4-119.9-4.6-200-34.1 83.5 76.7 146.2 97.9 170.6 103.6-76.7 4.8-156.6 57.5-237.1 118.2 117.7-48 212.8-67 280.9-51.6-108 305.8-216.3 643.4-324.6 1001.8 33.2-9.8 53-32.1 64.1-62.3 19.3-64.9 147.4-490.7 348.1-1050.4 5.7-15.9 11.5-31.9 17.3-48 1.6-4.5 3.3-9 4.9-13.4 21.2-58.7 43.2-118.6 65.9-179.7 5.2-13.9 10.4-27.8 15.6-41.8.1-.3.2-.6.3-.8l-157.8-311.8c-.7 3.5-1.6 7.1-2.3 10.8"/><linearGradient id="gitea-maven__f" x1="-9346.1" x2="-5087" y1="1021.6" y2="1021.6" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__f)" d="M1178.1 1370.3c-4.5 9.2-9 18.5-13.6 27.9-13.6 28.1-27.4 56.7-41.4 86-15.1 31.7-30.3 64.1-45.7 97.3-7.8 16.7-15.5 33.5-23.4 50.6-23.5 51.1-47.3 103.9-71.5 158.4-29.7 67-60 136.6-90.7 208.9-29.3 68.9-59 140.2-89.1 214-28.6 70-57.5 142.3-86.8 216.8-26.1 66.5-52.4 134.7-79 204.9-1.3 3.4-2.6 6.8-3.8 10.2-26.4 69.7-53 141.3-79.8 214.7-.6 1.7-1.2 3.4-1.8 5l127.1-13.9c-2.5-.5-5.1-.8-7.6-1.3 152-18.9 354-132.5 484.6-272.7 60.2-64.6 114.8-140.8 165.3-230 37.6-66.4 72.9-140 106.5-221.5 29.4-71.2 57.6-148.3 84.8-231.9-34.9 18.4-74.9 31.9-119 41.3-7.7 1.6-15.6 3.2-23.6 4.6s-16.1 2.7-24.3 3.8c.1 0 .2-.1.3-.1 141.7-54.5 231.1-159.8 296.1-288.7-37.3 25.4-97.9 58.7-170.5 74.7-9.9 2.2-20 3.9-30.2 5.4-2.6.4-5.1.8-7.6 1.1.1 0 .1-.1.2-.1 0 0 .1 0 .1-.1 49.2-20.6 90.7-43.6 126.7-70.8 7.7-5.8 15.2-11.8 22.4-18.1 11-9.5 21.4-19.5 31.4-30 6.4-6.7 12.6-13.6 18.6-20.8 14.1-16.8 27.3-34.9 39.7-54.6 3.8-6 7.5-12.1 11.2-18.4 4.7-9.1 9.2-18 13.6-26.8 19.8-39.8 35.6-75.3 48.2-106.5 6.3-15.6 11.8-30 16.5-43.4 1.9-5.3 3.7-10.5 5.4-15.5 5-15 9.1-28.3 12.3-40 4.8-17.5 7.7-31.4 9.3-41.5-4.8 3.8-10.3 7.6-16.5 11.3-42.8 25.6-116.2 48.8-175.4 59.7l116.7-12.8-116.7 12.8c-.9.2-1.8.3-2.7.5-5.9 1-11.9 1.9-17.9 2.9 1.1-.5 2-1 3.1-1.4l-399.3 43.8c-.7 1.4-1.4 2.8-2.2 4.3"/><linearGradient id="gitea-maven__g" x1="-9610.3" x2="-5351.2" y1="999.73" y2="999.73" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__g)" d="M1627.6 563.1c-35.5 54.5-74.3 116.4-116 186.5-2.2 3.6-4.4 7.4-6.6 11.1-36 60.7-74.3 127.3-114.5 200.3-34.8 63-71 130.6-108.6 203.3-32.8 63.3-66.7 130.5-101.5 201.6l399.3-43.8c116.3-53.5 168.3-101.9 218.8-171.9 13.4-19.3 26.9-39.5 40.3-60.4 41-64 81.2-134.5 117.2-204.6 34.7-67.7 65.3-134.8 88.8-195.3 14.9-38.5 26.9-74.3 35.2-105.7 7.3-27.7 13-54 17.4-79.1-155.5 26.5-345.9 51.9-469.8 58"/><path fill="#BE202E" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8"/><path fill="#BE202E" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8" opacity=".35"/><linearGradient id="gitea-maven__h" x1="-9346.1" x2="-5087" y1="1152.7" y2="1152.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__h)" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8"/><path fill="#BE202E" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1"/><path fill="#BE202E" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1" opacity=".35"/><linearGradient id="gitea-maven__i" x1="-9346.1" x2="-5087" y1="1137.7" y2="1137.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__i)" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1"/><path fill="#BE202E" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1"/><path fill="#BE202E" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1" opacity=".35"/><linearGradient id="gitea-maven__j" x1="-6953.4" x2="-6012" y1="1134.7" y2="1134.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9E2064"/><stop offset=".63" stop-color="#C92037"/><stop offset=".751" stop-color="#CD2335"/><stop offset="1" stop-color="#E97826"/></linearGradient><path fill="url(#gitea-maven__j)" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2392.5 4226.6" class="svg gitea-maven" width="16" height="16" aria-hidden="true"><linearGradient id="gitea-maven__a" x1="-5167.1" x2="-4570.1" y1="697.55" y2="1395.6" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#f69923"/><stop offset=".312" stop-color="#f79a23"/><stop offset=".838" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__a)" d="M1798.9 20.1C1732.6 59.2 1622.5 170 1491 330.5l120.8 228c84.8-121.3 170.9-230.4 257.8-323.6 6.7-7.4 10.2-10.9 10.2-10.9-3.4 3.6-6.8 7.3-10.2 10.9-28.1 31-113.4 130.5-242.1 328.1 123.9-6.2 314.3-31.5 469.6-58.1 46.2-258.8-45.3-377.3-45.3-377.3S1935.5-60.6 1798.9 20.1"/><path fill="none" d="M1594.4 1320.7c.9-.2 1.8-.3 2.7-.5l-17.4 1.9c-1.1.5-2 1-3.1 1.4 6-.9 11.9-1.9 17.8-2.8m-123.3 408.4c-9.9 2.2-20 3.9-30.2 5.4 10.2-1.5 20.3-3.3 30.2-5.4m-838 916.1c1.3-3.4 2.6-6.8 3.8-10.2 26.6-70.2 52.9-138.4 79-204.9 29.3-74.6 58.2-146.8 86.8-216.8 30.1-73.8 59.8-145.1 89.1-214 30.7-72.3 61-141.9 90.7-208.9 24.2-54.5 48-107.3 71.5-158.4 7.8-17 15.6-33.9 23.4-50.6 15.4-33.1 30.7-65.6 45.7-97.3 13.9-29.3 27.7-57.9 41.4-86 4.5-9.4 9.1-18.6 13.6-27.9.7-1.5 1.5-3 2.2-4.5l-14.8 1.6-11.8-23.2c-1.1 2.3-2.3 4.5-3.5 6.8q-31.8 63.15-63 127.5c-12 24.8-24 49.7-35.9 74.7-33 69.3-65.5 139.2-97.4 209.6-32.3 71.1-63.9 142.6-94.9 214.2-30.5 70.3-60.3 140.7-89.6 210.9-29.2 70.1-57.7 140-85.6 209.4-29.1 72.5-57.4 144.3-84.8 215.3-6.2 16-12.4 32-18.5 48-22 57.3-43.4 113.8-64.3 169.6l18.6 36.7 16.6-1.8c.6-1.7 1.2-3.4 1.8-5 26.9-73.5 53.5-145.1 79.9-214.8m800.1-909.5c.1 0 .1-.1.2-.1 0 0-.1 0-.2.1"/><path fill="#be202e" d="M1393.2 1934.8c-15.4 2.8-31.3 5.5-47.6 8.3-.1 0-.2.1-.3.1 8.2-1.2 16.3-2.4 24.3-3.8s15.8-2.9 23.6-4.6"/><path fill="#be202e" d="M1393.2 1934.8c-15.4 2.8-31.3 5.5-47.6 8.3-.1 0-.2.1-.3.1 8.2-1.2 16.3-2.4 24.3-3.8s15.8-2.9 23.6-4.6" opacity=".35"/><path fill="#be202e" d="M1433.6 1735.5s-.1 0-.1.1c-.1 0-.1.1-.2.1 2.6-.3 5.1-.8 7.6-1.1 10.3-1.5 20.4-3.3 30.2-5.4-12.3 2-24.8 4.2-37.5 6.3"/><path fill="#be202e" d="M1433.6 1735.5s-.1 0-.1.1c-.1 0-.1.1-.2.1 2.6-.3 5.1-.8 7.6-1.1 10.3-1.5 20.4-3.3 30.2-5.4-12.3 2-24.8 4.2-37.5 6.3" opacity=".35"/><linearGradient id="gitea-maven__b" x1="-9585.3" x2="-5326.2" y1="620.5" y2="620.5" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__b)" d="M1255.7 1147.6c36.7-68.6 73.9-135.7 111.5-201 39-67.8 78.5-133.6 118.4-197 2.3-3.7 4.7-7.5 7-11.3 39.4-62.4 79.2-122.4 119.3-179.8l-120.8-228c-9.1 11.1-18.2 22.4-27.5 33.9-34.8 43.4-71 90.1-108.1 139.6-41.8 55.8-84.8 115.4-128.5 177.9-40.3 57.8-81.2 118.3-122.1 180.9-34.8 53.3-69.8 108.2-104.5 164.5l-3.9 6.3 157.2 310.5c33.6-66.5 67.6-132.1 102-196.5"/><linearGradient id="gitea-maven__c" x1="-9071.2" x2="-6533.2" y1="1047.7" y2="1047.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#282662"/><stop offset=".095" stop-color="#662e8d"/><stop offset=".788" stop-color="#9f2064"/><stop offset=".949" stop-color="#cd2032"/></linearGradient><path fill="url(#gitea-maven__c)" d="M539.7 2897.1c-20.8 57.2-41.7 115.4-62.7 174.9-.3.9-.6 1.7-.9 2.6-3 8.4-5.9 16.8-8.9 25.2-14.1 40.1-26.4 76.2-54.5 158.3 46.3 21.1 83.5 76.7 118.7 139.8-3.7-65.3-30.8-126.7-82.1-174.2 228.3 10.3 425-47.4 526.7-214.3 9.1-14.9 17.4-30.5 24.9-47.2-46.2 58.6-103.5 83.5-211.4 77.4-.2.1-.5.2-.7.3.2-.1.5-.2.7-.3 158.8-71.1 238.5-139.3 308.9-252.4 16.7-26.8 32.9-56.1 49.5-88.6-138.9 142.6-299.8 183.2-469.3 152.4l-127.1 13.9c-4 10.7-7.9 21.4-11.8 32.2"/><linearGradient id="gitea-maven__d" x1="-9346.1" x2="-5087" y1="580.82" y2="580.82" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__d)" d="M599 2612.4c27.5-71 55.8-142.8 84.8-215.3 27.8-69.4 56.4-139.2 85.6-209.4s59.1-140.5 89.6-210.9c31-71.6 62.7-143.1 94.9-214.2 31.9-70.3 64.4-140.3 97.4-209.6 11.9-25 23.9-49.9 35.9-74.7q31.2-64.35 63-127.5c1.1-2.3 2.3-4.5 3.5-6.8l-157.2-310.5c-2.6 4.2-5.1 8.4-7.7 12.6-36.6 59.8-73.1 121-108.9 183.5-36.2 63.1-71.7 127.4-106.4 192.6-29.3 55-57.9 110.5-85.7 166.5-5.6 11.4-11.1 22.6-16.6 33.9-34.3 70.5-65.2 138.6-93.2 204.1-31.7 74.2-59.6 145.1-84 212.3-16.1 44.2-30.7 86.9-44.1 127.9-11 35-21.5 70.1-31.4 105-23.5 82.3-43.7 164.4-60.3 246.2l158 311.9c20.9-55.8 42.3-112.3 64.3-169.6 6.1-15.9 12.3-32 18.5-48"/><linearGradient id="gitea-maven__e" x1="-9035.5" x2="-6797.2" y1="638.44" y2="638.44" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#282662"/><stop offset=".095" stop-color="#662e8d"/><stop offset=".788" stop-color="#9f2064"/><stop offset=".949" stop-color="#cd2032"/></linearGradient><path fill="url(#gitea-maven__e)" d="M356.1 2529.2c-19.8 99.8-33.9 199.2-41 298-.2 3.5-.6 6.9-.8 10.4-49.3-79-181.3-156.1-181-155.4 94.5 137 166.2 273 176.9 406.5-50.6 10.4-119.9-4.6-200-34.1 83.5 76.7 146.2 97.9 170.6 103.6-76.7 4.8-156.6 57.5-237.1 118.2 117.7-48 212.8-67 280.9-51.6-108 305.8-216.3 643.4-324.6 1001.8 33.2-9.8 53-32.1 64.1-62.3 19.3-64.9 147.4-490.7 348.1-1050.4 5.7-15.9 11.5-31.9 17.3-48 1.6-4.5 3.3-9 4.9-13.4 21.2-58.7 43.2-118.6 65.9-179.7 5.2-13.9 10.4-27.8 15.6-41.8.1-.3.2-.6.3-.8l-157.8-311.8c-.7 3.5-1.6 7.1-2.3 10.8"/><linearGradient id="gitea-maven__f" x1="-9346.1" x2="-5087" y1="1021.6" y2="1021.6" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__f)" d="M1178.1 1370.3c-4.5 9.2-9 18.5-13.6 27.9-13.6 28.1-27.4 56.7-41.4 86-15.1 31.7-30.3 64.1-45.7 97.3-7.8 16.7-15.5 33.5-23.4 50.6-23.5 51.1-47.3 103.9-71.5 158.4-29.7 67-60 136.6-90.7 208.9-29.3 68.9-59 140.2-89.1 214-28.6 70-57.5 142.3-86.8 216.8-26.1 66.5-52.4 134.7-79 204.9-1.3 3.4-2.6 6.8-3.8 10.2-26.4 69.7-53 141.3-79.8 214.7-.6 1.7-1.2 3.4-1.8 5l127.1-13.9c-2.5-.5-5.1-.8-7.6-1.3 152-18.9 354-132.5 484.6-272.7 60.2-64.6 114.8-140.8 165.3-230 37.6-66.4 72.9-140 106.5-221.5 29.4-71.2 57.6-148.3 84.8-231.9-34.9 18.4-74.9 31.9-119 41.3-7.7 1.6-15.6 3.2-23.6 4.6s-16.1 2.7-24.3 3.8c.1 0 .2-.1.3-.1 141.7-54.5 231.1-159.8 296.1-288.7-37.3 25.4-97.9 58.7-170.5 74.7-9.9 2.2-20 3.9-30.2 5.4-2.6.4-5.1.8-7.6 1.1.1 0 .1-.1.2-.1 0 0 .1 0 .1-.1 49.2-20.6 90.7-43.6 126.7-70.8 7.7-5.8 15.2-11.8 22.4-18.1 11-9.5 21.4-19.5 31.4-30 6.4-6.7 12.6-13.6 18.6-20.8 14.1-16.8 27.3-34.9 39.7-54.6 3.8-6 7.5-12.1 11.2-18.4 4.7-9.1 9.2-18 13.6-26.8 19.8-39.8 35.6-75.3 48.2-106.5 6.3-15.6 11.8-30 16.5-43.4 1.9-5.3 3.7-10.5 5.4-15.5 5-15 9.1-28.3 12.3-40 4.8-17.5 7.7-31.4 9.3-41.5-4.8 3.8-10.3 7.6-16.5 11.3-42.8 25.6-116.2 48.8-175.4 59.7l116.7-12.8-116.7 12.8c-.9.2-1.8.3-2.7.5-5.9 1-11.9 1.9-17.9 2.9 1.1-.5 2-1 3.1-1.4l-399.3 43.8c-.7 1.4-1.4 2.8-2.2 4.3"/><linearGradient id="gitea-maven__g" x1="-9610.3" x2="-5351.2" y1="999.73" y2="999.73" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__g)" d="M1627.6 563.1c-35.5 54.5-74.3 116.4-116 186.5-2.2 3.6-4.4 7.4-6.6 11.1-36 60.7-74.3 127.3-114.5 200.3-34.8 63-71 130.6-108.6 203.3-32.8 63.3-66.7 130.5-101.5 201.6l399.3-43.8c116.3-53.5 168.3-101.9 218.8-171.9 13.4-19.3 26.9-39.5 40.3-60.4 41-64 81.2-134.5 117.2-204.6 34.7-67.7 65.3-134.8 88.8-195.3 14.9-38.5 26.9-74.3 35.2-105.7 7.3-27.7 13-54 17.4-79.1-155.5 26.5-345.9 51.9-469.8 58"/><path fill="#be202e" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8"/><path fill="#be202e" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8" opacity=".35"/><linearGradient id="gitea-maven__h" x1="-9346.1" x2="-5087" y1="1152.7" y2="1152.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__h)" d="M1369.6 1939.4c-8 1.4-16.1 2.7-24.3 3.8 8.2-1.1 16.3-2.4 24.3-3.8"/><path fill="#be202e" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1"/><path fill="#be202e" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1" opacity=".35"/><linearGradient id="gitea-maven__i" x1="-9346.1" x2="-5087" y1="1137.7" y2="1137.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__i)" d="M1433.2 1735.7c2.6-.3 5.1-.8 7.6-1.1-2.5.3-5 .7-7.6 1.1"/><path fill="#be202e" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1"/><path fill="#be202e" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1" opacity=".35"/><linearGradient id="gitea-maven__j" x1="-6953.4" x2="-6012" y1="1134.7" y2="1134.7" gradientTransform="rotate(-65.001 -2052.931 -4777.847)" gradientUnits="userSpaceOnUse"><stop offset=".323" stop-color="#9e2064"/><stop offset=".63" stop-color="#c92037"/><stop offset=".751" stop-color="#cd2335"/><stop offset="1" stop-color="#e97826"/></linearGradient><path fill="url(#gitea-maven__j)" d="M1433.5 1735.6s.1 0 .1-.1c0 0-.1 0-.1.1"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-microsoftonline.svg b/public/assets/img/svg/gitea-microsoftonline.svg
index f2ce13ac22..c143eccbb6 100644
--- a/public/assets/img/svg/gitea-microsoftonline.svg
+++ b/public/assets/img/svg/gitea-microsoftonline.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 48 48" class="svg gitea-microsoftonline" width="16" height="16" aria-hidden="true"><path fill="url(#gitea-microsoftonline__a)" d="m20.084 3.026-.224.136a8 8 0 0 0-1.009.722l.648-.456H25L26 11l-5 5-5 3.475v4.008a8 8 0 0 0 3.857 6.844l5.264 3.186L14 40h-2.145l-3.998-2.42A8 8 0 0 1 4 30.737V17.26a8 8 0 0 1 3.86-6.846l12-7.258q.111-.068.224-.131Z"/><path fill="url(#gitea-microsoftonline__b)" d="m20.084 3.026-.224.136a8 8 0 0 0-1.009.722l.648-.456H25L26 11l-5 5-5 3.475v4.008a8 8 0 0 0 3.857 6.844l5.264 3.186L14 40h-2.145l-3.998-2.42A8 8 0 0 1 4 30.737V17.26a8 8 0 0 1 3.86-6.846l12-7.258q.111-.068.224-.131Z"/><path fill="url(#gitea-microsoftonline__c)" d="M32 19v4.48a8 8 0 0 1-3.857 6.844l-12 7.264a8 8 0 0 1-8.008.16l11.722 7.096a8 8 0 0 0 8.286 0l12-7.264A8 8 0 0 0 44 30.736V27.5L43 26z"/><path fill="url(#gitea-microsoftonline__d)" d="M32 19v4.48a8 8 0 0 1-3.857 6.844l-12 7.264a8 8 0 0 1-8.008.16l11.722 7.096a8 8 0 0 0 8.286 0l12-7.264A8 8 0 0 0 44 30.736V27.5L43 26z"/><path fill="url(#gitea-microsoftonline__e)" d="m40.14 10.415-12-7.258a8 8 0 0 0-8.042-.139l-.238.144A8 8 0 0 0 16 10.008v9.483l3.86-2.334a8 8 0 0 1 8.28 0l12 7.258A8 8 0 0 1 43.997 31q.004-.132.004-.263V17.26a8 8 0 0 0-3.86-6.845Z"/><path fill="url(#gitea-microsoftonline__f)" d="m40.14 10.415-12-7.258a8 8 0 0 0-8.042-.139l-.238.144A8 8 0 0 0 16 10.008v9.483l3.86-2.334a8 8 0 0 1 8.28 0l12 7.258A8 8 0 0 1 43.997 31q.004-.132.004-.263V17.26a8 8 0 0 0-3.86-6.845Z"/><path fill="url(#gitea-microsoftonline__g)" d="M4.004 30.998"/><path fill="url(#gitea-microsoftonline__h)" d="M4.004 30.998"/><defs><radialGradient id="gitea-microsoftonline__a" cx="0" cy="0" r="1" gradientTransform="rotate(110.528 5.021 11.358)scale(33.3657 58.1966)" gradientUnits="userSpaceOnUse"><stop offset=".064" stop-color="#AE7FE2"/><stop offset="1" stop-color="#0078D4"/></radialGradient><radialGradient id="gitea-microsoftonline__c" cx="0" cy="0" r="1" gradientTransform="matrix(30.7198 -4.51832 2.98465 20.29248 10.43 36.351)" gradientUnits="userSpaceOnUse"><stop offset=".134" stop-color="#D59DFF"/><stop offset="1" stop-color="#5E438F"/></radialGradient><radialGradient id="gitea-microsoftonline__e" cx="0" cy="0" r="1" gradientTransform="matrix(-24.1583 -6.12555 10.3118 -40.66824 41.055 26.504)" gradientUnits="userSpaceOnUse"><stop offset=".058" stop-color="#50E6FF"/><stop offset="1" stop-color="#436DCD"/></radialGradient><radialGradient id="gitea-microsoftonline__g" cx="0" cy="0" r="1" gradientTransform="matrix(-24.1583 -6.12555 10.3118 -40.66824 41.055 26.504)" gradientUnits="userSpaceOnUse"><stop offset=".058" stop-color="#50E6FF"/><stop offset="1" stop-color="#436DCD"/></radialGradient><linearGradient id="gitea-microsoftonline__b" x1="17.512" x2="12.751" y1="37.868" y2="29.635" gradientUnits="userSpaceOnUse"><stop stop-color="#114A8B"/><stop offset="1" stop-color="#0078D4" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__d" x1="40.357" x2="35.255" y1="25.377" y2="32.692" gradientUnits="userSpaceOnUse"><stop stop-color="#493474"/><stop offset="1" stop-color="#8C66BA" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__f" x1="16.976" x2="24.487" y1="3.057" y2="3.057" gradientUnits="userSpaceOnUse"><stop stop-color="#2D3F80"/><stop offset="1" stop-color="#436DCD" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__h" x1="16.976" x2="24.487" y1="3.057" y2="3.057" gradientUnits="userSpaceOnUse"><stop stop-color="#2D3F80"/><stop offset="1" stop-color="#436DCD" stop-opacity="0"/></linearGradient></defs></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 48 48" class="svg gitea-microsoftonline" width="16" height="16" aria-hidden="true"><path fill="url(#gitea-microsoftonline__a)" d="m20.084 3.026-.224.136a8 8 0 0 0-1.009.722l.648-.456H25L26 11l-5 5-5 3.475v4.008a8 8 0 0 0 3.857 6.844l5.264 3.186L14 40h-2.145l-3.998-2.42A8 8 0 0 1 4 30.737V17.26a8 8 0 0 1 3.86-6.846l12-7.258q.111-.068.224-.131Z"/><path fill="url(#gitea-microsoftonline__b)" d="m20.084 3.026-.224.136a8 8 0 0 0-1.009.722l.648-.456H25L26 11l-5 5-5 3.475v4.008a8 8 0 0 0 3.857 6.844l5.264 3.186L14 40h-2.145l-3.998-2.42A8 8 0 0 1 4 30.737V17.26a8 8 0 0 1 3.86-6.846l12-7.258q.111-.068.224-.131Z"/><path fill="url(#gitea-microsoftonline__c)" d="M32 19v4.48a8 8 0 0 1-3.857 6.844l-12 7.264a8 8 0 0 1-8.008.16l11.722 7.096a8 8 0 0 0 8.286 0l12-7.264A8 8 0 0 0 44 30.736V27.5L43 26z"/><path fill="url(#gitea-microsoftonline__d)" d="M32 19v4.48a8 8 0 0 1-3.857 6.844l-12 7.264a8 8 0 0 1-8.008.16l11.722 7.096a8 8 0 0 0 8.286 0l12-7.264A8 8 0 0 0 44 30.736V27.5L43 26z"/><path fill="url(#gitea-microsoftonline__e)" d="m40.14 10.415-12-7.258a8 8 0 0 0-8.042-.139l-.238.144A8 8 0 0 0 16 10.008v9.483l3.86-2.334a8 8 0 0 1 8.28 0l12 7.258A8 8 0 0 1 43.997 31q.004-.132.004-.263V17.26a8 8 0 0 0-3.86-6.845Z"/><path fill="url(#gitea-microsoftonline__f)" d="m40.14 10.415-12-7.258a8 8 0 0 0-8.042-.139l-.238.144A8 8 0 0 0 16 10.008v9.483l3.86-2.334a8 8 0 0 1 8.28 0l12 7.258A8 8 0 0 1 43.997 31q.004-.132.004-.263V17.26a8 8 0 0 0-3.86-6.845Z"/><path fill="url(#gitea-microsoftonline__g)" d="M4.004 30.998"/><path fill="url(#gitea-microsoftonline__h)" d="M4.004 30.998"/><defs><radialGradient id="gitea-microsoftonline__a" cx="0" cy="0" r="1" gradientTransform="rotate(110.528 5.021 11.358)scale(33.3657 58.1966)" gradientUnits="userSpaceOnUse"><stop offset=".064" stop-color="#ae7fe2"/><stop offset="1" stop-color="#0078d4"/></radialGradient><radialGradient id="gitea-microsoftonline__c" cx="0" cy="0" r="1" gradientTransform="rotate(-8.367 253.693 -53.118)scale(31.0503 20.5108)" gradientUnits="userSpaceOnUse"><stop offset=".134" stop-color="#d59dff"/><stop offset="1" stop-color="#5e438f"/></radialGradient><radialGradient id="gitea-microsoftonline__e" cx="0" cy="0" r="1" gradientTransform="rotate(194.228 22.182 10.69)scale(24.9228 41.9552)" gradientUnits="userSpaceOnUse"><stop offset=".058" stop-color="#50e6ff"/><stop offset="1" stop-color="#436dcd"/></radialGradient><radialGradient id="gitea-microsoftonline__g" cx="0" cy="0" r="1" gradientTransform="rotate(194.228 22.182 10.69)scale(24.9228 41.9552)" gradientUnits="userSpaceOnUse"><stop offset=".058" stop-color="#50e6ff"/><stop offset="1" stop-color="#436dcd"/></radialGradient><linearGradient id="gitea-microsoftonline__b" x1="17.512" x2="12.751" y1="37.868" y2="29.635" gradientUnits="userSpaceOnUse"><stop stop-color="#114a8b"/><stop offset="1" stop-color="#0078d4" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__d" x1="40.357" x2="35.255" y1="25.377" y2="32.692" gradientUnits="userSpaceOnUse"><stop stop-color="#493474"/><stop offset="1" stop-color="#8c66ba" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__f" x1="16.976" x2="24.487" y1="3.057" y2="3.057" gradientUnits="userSpaceOnUse"><stop stop-color="#2d3f80"/><stop offset="1" stop-color="#436dcd" stop-opacity="0"/></linearGradient><linearGradient id="gitea-microsoftonline__h" x1="16.976" x2="24.487" y1="3.057" y2="3.057" gradientUnits="userSpaceOnUse"><stop stop-color="#2d3f80"/><stop offset="1" stop-color="#436dcd" stop-opacity="0"/></linearGradient></defs></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-npm.svg b/public/assets/img/svg/gitea-npm.svg
index 7ef74e72bd..2b05c79353 100644
--- a/public/assets/img/svg/gitea-npm.svg
+++ b/public/assets/img/svg/gitea-npm.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 18 7" class="svg gitea-npm" width="16" height="16" aria-hidden="true"><path fill="#CB3837" d="M0 0h18v6H9v1H5V6H0zm1 5h2V2h1v3h1V1H1zm5-4v5h2V5h2V1zm2 1h1v2H8zm3-1v4h2V2h1v3h1V2h1v3h1V1z"/><path fill="#fff" d="M1 5h2V2h1v3h1V1H1zM6 1v5h2V5h2V1zm3 3H8V2h1zM11 1v4h2V2h1v3h1V2h1v3h1V1z"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 18 7" class="svg gitea-npm" width="16" height="16" aria-hidden="true"><path fill="#cb3837" d="M0 0h18v6H9v1H5V6H0zm1 5h2V2h1v3h1V1H1zm5-4v5h2V5h2V1zm2 1h1v2H8zm3-1v4h2V2h1v3h1V2h1v3h1V1z"/><path fill="#fff" d="M1 5h2V2h1v3h1V1H1zM6 1v5h2V5h2V1zm3 3H8V2h1zM11 1v4h2V2h1v3h1V2h1v3h1V1z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-onedev.svg b/public/assets/img/svg/gitea-onedev.svg
index 94ad1bab31..7ecd18895d 100644
--- a/public/assets/img/svg/gitea-onedev.svg
+++ b/public/assets/img/svg/gitea-onedev.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" version="1.0" viewBox="0 0 700 700" class="svg gitea-onedev" width="16" height="16" aria-hidden="true"><path d="M315.5 99.6c-29.5 4-55.8 12-81.2 24.8L223 130l-5.2-4c-14.9-11.3-37.6-14.9-55.8-9-19.1 6.3-35.1 22.2-41.1 41-2.7 8.3-3.6 22.9-1.9 31.2 1.5 8 5 16.5 9.1 22.5 3.1 4.7 3.1 4.8 1.4 7.8C106 260 95.1 294.4 92 337.7c-1.1 15.7-.1 40.2 2.1 53l1.1 6.5-4.9 4.4c-2.8 2.3-7.5 7.6-10.6 11.6-19.4 25.5-24.7 57.9-14.4 88.3 9.2 26.9 31.2 48.8 58.4 58.1 20.6 6.9 40.6 7 61.1.1l6.7-2.2 10.5 7.1c45.6 31 92 45.5 146 45.5 33 0 61.6-5.2 91-16.4 67.6-25.8 122.9-81.1 148.4-148.4l2.7-7.2 7.7-3.8c9.1-4.5 21.1-15.7 25.9-24.3 21.1-37.5-1-84.3-43.2-91.7-19.9-3.5-39.3 2.7-53.9 17.2-7.1 7.1-11.7 14.5-15.3 24.7-3.4 9.4-3.8 25.8-.9 35.3 2.8 9.5 8.5 19.3 15.3 26.4 7.2 7.6 7.2 6 0 20.5-8.9 18.1-20.3 34.1-35.2 49.5-34.6 35.7-78.2 56.3-128.3 60.3-42.8 3.4-89.3-8.9-125-33-1.1-.8-1-1.7.8-5.2 12.1-23.6 13.5-53.7 3.9-78-8.7-21.8-27.5-41.6-48.6-51.2-9-4.1-22.7-7.4-34-8.3l-9.1-.7-.8-9.6c-3.5-46.9 13.5-99.8 45.5-141.7 6.5-8.6 24.3-26.7 33.6-34.2 43.8-35.6 101.3-52.8 158.1-47.2 39.9 3.9 79 19.1 110.6 43 16.9 12.8 37.5 34.9 48.6 52l4.3 6.7-3.3 5.2c-2.9 4.7-3.3 6.3-3.6 13.4-.3 7.3-.1 8.6 2.5 13.6 3.2 6.1 10.2 12 16.3 13.9 22.8 6.8 43-16.9 32.6-38.2-3.1-6.4-9.3-12.2-14.7-13.8-2.5-.8-4.1-2.1-5.2-4.3-.9-1.7-3.2-5.8-5.1-9.2l-3.5-6 3.6-5c17.7-24.4 15.8-57.5-4.4-79.4-8-8.6-15.5-13.6-25.9-17.2-19.8-6.8-38.9-4.2-56.5 7.8l-7.8 5.3-15.3-7.4c-27.9-13.4-55-21.3-84-24.4-13.3-1.5-48.1-1.2-60.3.5"/><path d="M271.8 271.1c-13.9 2.1-30.5 17.3-40.5 37.4-18.3 36.4-13.4 81.5 9.8 91.5 15.2 6.5 34.5-2.7 48.6-23.2 5.5-8 9.7-15.7 9-16.5-.3-.2-2 .3-3.8 1.2-2.4 1.3-5.1 1.6-10.5 1.3-6.1-.3-7.9-.8-11.6-3.4-8.9-6.2-12.4-19.1-7.9-29 2.4-5.2 9-10.8 14.7-12.4 9.1-2.6 20 1.4 25.2 9.2l2.7 4.2.3-12.4c.4-18.9-3.4-31.6-12.4-40.5-6.3-6.3-14.2-8.8-23.6-7.4M420.5 271c-11.6 1.9-20.2 11.3-24.9 27-2.1 6.9-3.1 20-2.2 27.4l.8 5.7 2.1-3.2c10.2-15 31.6-14 39.9 2 6 11.5 1.5 25.1-10.4 31.2-5 2.5-15 2.6-20 .1l-3.6-1.9 1.4 3.3c6.1 14.5 20 30.1 32.3 36.1 5.7 2.8 14.4 4 20.4 2.9 5.2-1 12.1-6.1 16.1-11.9 18.1-26.4 8.1-79-20-105.8-10.8-10.2-21.6-14.6-31.9-12.9M322.5 431.9c-16.1 1.6-23.5 6.1-23.5 14.3 0 11.4 13 21.1 34 25.4 10.2 2 31.2 1.5 40.5-1 13.5-3.7 23.8-10.3 27.6-17.7 4.9-9.7-.2-17.1-13.8-20-6.1-1.2-54.2-2-64.8-1"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 700 700" class="svg gitea-onedev" width="16" height="16" aria-hidden="true"><path d="M315.5 99.6c-29.5 4-55.8 12-81.2 24.8L223 130l-5.2-4c-14.9-11.3-37.6-14.9-55.8-9-19.1 6.3-35.1 22.2-41.1 41-2.7 8.3-3.6 22.9-1.9 31.2 1.5 8 5 16.5 9.1 22.5 3.1 4.7 3.1 4.8 1.4 7.8C106 260 95.1 294.4 92 337.7c-1.1 15.7-.1 40.2 2.1 53l1.1 6.5-4.9 4.4c-2.8 2.3-7.5 7.6-10.6 11.6-19.4 25.5-24.7 57.9-14.4 88.3 9.2 26.9 31.2 48.8 58.4 58.1 20.6 6.9 40.6 7 61.1.1l6.7-2.2 10.5 7.1c45.6 31 92 45.5 146 45.5 33 0 61.6-5.2 91-16.4 67.6-25.8 122.9-81.1 148.4-148.4l2.7-7.2 7.7-3.8c9.1-4.5 21.1-15.7 25.9-24.3 21.1-37.5-1-84.3-43.2-91.7-19.9-3.5-39.3 2.7-53.9 17.2-7.1 7.1-11.7 14.5-15.3 24.7-3.4 9.4-3.8 25.8-.9 35.3 2.8 9.5 8.5 19.3 15.3 26.4 7.2 7.6 7.2 6 0 20.5-8.9 18.1-20.3 34.1-35.2 49.5-34.6 35.7-78.2 56.3-128.3 60.3-42.8 3.4-89.3-8.9-125-33-1.1-.8-1-1.7.8-5.2 12.1-23.6 13.5-53.7 3.9-78-8.7-21.8-27.5-41.6-48.6-51.2-9-4.1-22.7-7.4-34-8.3l-9.1-.7-.8-9.6c-3.5-46.9 13.5-99.8 45.5-141.7 6.5-8.6 24.3-26.7 33.6-34.2 43.8-35.6 101.3-52.8 158.1-47.2 39.9 3.9 79 19.1 110.6 43 16.9 12.8 37.5 34.9 48.6 52l4.3 6.7-3.3 5.2c-2.9 4.7-3.3 6.3-3.6 13.4-.3 7.3-.1 8.6 2.5 13.6 3.2 6.1 10.2 12 16.3 13.9 22.8 6.8 43-16.9 32.6-38.2-3.1-6.4-9.3-12.2-14.7-13.8-2.5-.8-4.1-2.1-5.2-4.3-.9-1.7-3.2-5.8-5.1-9.2l-3.5-6 3.6-5c17.7-24.4 15.8-57.5-4.4-79.4-8-8.6-15.5-13.6-25.9-17.2-19.8-6.8-38.9-4.2-56.5 7.8l-7.8 5.3-15.3-7.4c-27.9-13.4-55-21.3-84-24.4-13.3-1.5-48.1-1.2-60.3.5"/><path d="M271.8 271.1c-13.9 2.1-30.5 17.3-40.5 37.4-18.3 36.4-13.4 81.5 9.8 91.5 15.2 6.5 34.5-2.7 48.6-23.2 5.5-8 9.7-15.7 9-16.5-.3-.2-2 .3-3.8 1.2-2.4 1.3-5.1 1.6-10.5 1.3-6.1-.3-7.9-.8-11.6-3.4-8.9-6.2-12.4-19.1-7.9-29 2.4-5.2 9-10.8 14.7-12.4 9.1-2.6 20 1.4 25.2 9.2l2.7 4.2.3-12.4c.4-18.9-3.4-31.6-12.4-40.5-6.3-6.3-14.2-8.8-23.6-7.4M420.5 271c-11.6 1.9-20.2 11.3-24.9 27-2.1 6.9-3.1 20-2.2 27.4l.8 5.7 2.1-3.2c10.2-15 31.6-14 39.9 2 6 11.5 1.5 25.1-10.4 31.2-5 2.5-15 2.6-20 .1l-3.6-1.9 1.4 3.3c6.1 14.5 20 30.1 32.3 36.1 5.7 2.8 14.4 4 20.4 2.9 5.2-1 12.1-6.1 16.1-11.9 18.1-26.4 8.1-79-20-105.8-10.8-10.2-21.6-14.6-31.9-12.9M322.5 431.9c-16.1 1.6-23.5 6.1-23.5 14.3 0 11.4 13 21.1 34 25.4 10.2 2 31.2 1.5 40.5-1 13.5-3.7 23.8-10.3 27.6-17.7 4.9-9.7-.2-17.1-13.8-20-6.1-1.2-54.2-2-64.8-1"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-openid.svg b/public/assets/img/svg/gitea-openid.svg
index f4702d2cdf..10c37145a3 100644
--- a/public/assets/img/svg/gitea-openid.svg
+++ b/public/assets/img/svg/gitea-openid.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" version="1.0" viewBox="0 0 2400 2400" class="svg gitea-openid" width="16" height="16" aria-hidden="true"><path fill="#ff7c00" d="m1270 218.3-173.1 84.3-.7 981.8c-.3 540 .2 981.4 1.1 981l174.5-81.8 172.3-80.8v-984.4c0-541.7-.2-984.7-.4-984.4z"/><path fill="#aaa" d="M981.9 785.5c-425.3 63.2-766.5 264.1-889 523a491.5 491.5 0 0 0-43.6 146c-4.2 29.2-4.7 95-1.2 124 19 152.6 115.2 299.9 273.2 418.8 147.7 111 350.5 196.5 568.6 239.7 59 11.6 179 29 200.5 29 2.3 0 3-23.2 3-109.1v-109.2l-5.1-1-37.9-6a1182 1182 0 0 1-305.4-90.6c-122.2-55.7-225.1-137.7-284.6-226.4-107.5-160.5-81.3-344.3 70-491.3 57-55.5 115.4-95.2 199.5-136.1a1112.6 1112.6 0 0 1 269.4-89.2l29.7-6c3.7-1.2 4-8.6 4-111.5V779.5l-6.3.2a823 823 0 0 0-44.8 5.8m525 104c0 103 .2 110.4 4.1 111.6l29.5 6a1221.6 1221.6 0 0 1 207.7 61.3A1088 1088 0 0 1 1862 1123c4.6 3.7 1.4 5.8-88 56-51.1 28.5-93 52.7-93 53.4 0 1.9 671.6 146.8 673.2 145.2 1.2-1.2-45.5-496-47-497.6-.2-.2-38.5 21-85 47.2l-89.6 50.2c-4.2 2-8.8.2-27.9-10.7-130.8-75-289.6-132.2-460.8-166.1a1871 1871 0 0 0-132.9-21.1c-4 0-4.2 6.7-4.2 110z"/><path fill="#cbaa7c" d="M1094.5 2156.9c0 60.6.3 85.5.5 55 .5-30.2.5-79.9 0-110.3-.2-30.2-.5-5.3-.5 55.3"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2400 2400" class="svg gitea-openid" width="16" height="16" aria-hidden="true"><path fill="#ff7c00" d="m1270 218.3-173.1 84.3-.7 981.8c-.3 540 .2 981.4 1.1 981l174.5-81.8 172.3-80.8v-984.4c0-541.7-.2-984.7-.4-984.4z"/><path fill="#aaa" d="M981.9 785.5c-425.3 63.2-766.5 264.1-889 523a491.5 491.5 0 0 0-43.6 146c-4.2 29.2-4.7 95-1.2 124 19 152.6 115.2 299.9 273.2 418.8 147.7 111 350.5 196.5 568.6 239.7 59 11.6 179 29 200.5 29 2.3 0 3-23.2 3-109.1v-109.2l-5.1-1-37.9-6a1182 1182 0 0 1-305.4-90.6c-122.2-55.7-225.1-137.7-284.6-226.4-107.5-160.5-81.3-344.3 70-491.3 57-55.5 115.4-95.2 199.5-136.1a1112.6 1112.6 0 0 1 269.4-89.2l29.7-6c3.7-1.2 4-8.6 4-111.5V779.5l-6.3.2a823 823 0 0 0-44.8 5.8m525 104c0 103 .2 110.4 4.1 111.6l29.5 6a1221.6 1221.6 0 0 1 207.7 61.3A1088 1088 0 0 1 1862 1123c4.6 3.7 1.4 5.8-88 56-51.1 28.5-93 52.7-93 53.4 0 1.9 671.6 146.8 673.2 145.2 1.2-1.2-45.5-496-47-497.6-.2-.2-38.5 21-85 47.2l-89.6 50.2c-4.2 2-8.8.2-27.9-10.7-130.8-75-289.6-132.2-460.8-166.1a1871 1871 0 0 0-132.9-21.1c-4 0-4.2 6.7-4.2 110z"/><path fill="#cbaa7c" d="M1094.5 2156.9c0 60.6.3 85.5.5 55 .5-30.2.5-79.9 0-110.3-.2-30.2-.5-5.3-.5 55.3"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-rubygems.svg b/public/assets/img/svg/gitea-rubygems.svg
index 4e43bdf2f4..7cd9d34e6a 100644
--- a/public/assets/img/svg/gitea-rubygems.svg
+++ b/public/assets/img/svg/gitea-rubygems.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 198.13 197.58" class="svg gitea-rubygems" width="16" height="16" aria-hidden="true"><defs><linearGradient id="gitea-rubygems__b" x1="194.9" x2="141.03" y1="153.56" y2="117.41" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#871101"/><stop offset=".99" stop-color="#911209"/><stop offset="1" stop-color="#911209"/></linearGradient><linearGradient id="gitea-rubygems__c" x1="151.8" x2="97.93" y1="217.79" y2="181.64" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#871101"/><stop offset=".99" stop-color="#911209"/><stop offset="1" stop-color="#911209"/></linearGradient><linearGradient id="gitea-rubygems__d" x1="38.696" x2="47.047" y1="127.39" y2="181.66" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".23" stop-color="#E57252"/><stop offset=".46" stop-color="#DE3B20"/><stop offset=".99" stop-color="#A60003"/><stop offset="1" stop-color="#A60003"/></linearGradient><linearGradient id="gitea-rubygems__e" x1="96.133" x2="99.21" y1="76.715" y2="132.1" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".23" stop-color="#E4714E"/><stop offset=".56" stop-color="#BE1A0D"/><stop offset=".99" stop-color="#A80D00"/><stop offset="1" stop-color="#A80D00"/></linearGradient><linearGradient id="gitea-rubygems__f" x1="147.1" x2="156.31" y1="25.521" y2="65.216" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".18" stop-color="#E46342"/><stop offset=".4" stop-color="#C82410"/><stop offset=".99" stop-color="#A80D00"/><stop offset="1" stop-color="#A80D00"/></linearGradient><linearGradient id="gitea-rubygems__g" x1="118.98" x2="158.67" y1="11.542" y2="-8.305" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".54" stop-color="#C81F11"/><stop offset=".99" stop-color="#BF0905"/><stop offset="1" stop-color="#BF0905"/></linearGradient><linearGradient id="gitea-rubygems__h" x1="3.903" x2="7.17" y1="113.55" y2="146.26" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".31" stop-color="#DE4024"/><stop offset=".99" stop-color="#BF190B"/><stop offset="1" stop-color="#BF190B"/></linearGradient><linearGradient id="gitea-rubygems__i" x1="-18.556" x2="135.02" y1="155.1" y2="-2.809" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#BD0012"/><stop offset=".07" stop-color="#fff"/><stop offset=".17" stop-color="#fff"/><stop offset=".27" stop-color="#C82F1C"/><stop offset=".33" stop-color="#820C01"/><stop offset=".46" stop-color="#A31601"/><stop offset=".72" stop-color="#B31301"/><stop offset=".99" stop-color="#E82609"/><stop offset="1" stop-color="#E82609"/></linearGradient><linearGradient id="gitea-rubygems__q" x1="99.075" x2="52.818" y1="171.03" y2="159.62" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#8C0C01"/><stop offset=".54" stop-color="#990C00"/><stop offset=".99" stop-color="#A80D0E"/><stop offset="1" stop-color="#A80D0E"/></linearGradient><linearGradient id="gitea-rubygems__r" x1="178.53" x2="137.43" y1="115.51" y2="78.684" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#7E110B"/><stop offset=".99" stop-color="#9E0C00"/><stop offset="1" stop-color="#9E0C00"/></linearGradient><linearGradient id="gitea-rubygems__s" x1="193.62" x2="173.15" y1="47.937" y2="26.054" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#79130D"/><stop offset=".99" stop-color="#9E120B"/><stop offset="1" stop-color="#9E120B"/></linearGradient><linearGradient id="gitea-rubygems__v" x1="26.67" x2="9.989" y1="197.34" y2="140.74" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#8B2114"/><stop offset=".43" stop-color="#9E100A"/><stop offset=".99" stop-color="#B3100C"/><stop offset="1" stop-color="#B3100C"/></linearGradient><linearGradient id="gitea-rubygems__w" x1="154.64" x2="192.04" y1="9.798" y2="26.306" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#B31000"/><stop offset=".44" stop-color="#910F08"/><stop offset=".99" stop-color="#791C12"/><stop offset="1" stop-color="#791C12"/></linearGradient><linearGradient id="gitea-rubygems__a" x1="174.07" x2="132.28" y1="215.55" y2="141.75" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#FB7655"/><stop offset=".41" stop-color="#E42B1E"/><stop offset=".99" stop-color="#900"/><stop offset="1" stop-color="#900"/></linearGradient><radialGradient id="gitea-rubygems__t" cx="143.83" cy="79.388" r="50.358" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#A80D00"/><stop offset=".99" stop-color="#7E0E08"/><stop offset="1" stop-color="#7E0E08"/></radialGradient><radialGradient id="gitea-rubygems__u" cx="74.092" cy="145.75" r="66.944" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#A30C00"/><stop offset=".99" stop-color="#800E08"/><stop offset="1" stop-color="#800E08"/></radialGradient></defs><path fill="url(#gitea-rubygems__a)" fill-rule="evenodd" d="M153.5 130.41 40.38 197.58l146.47-9.94 11.28-147.69z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__b)" fill-rule="evenodd" d="m187.09 187.54-12.59-86.89-34.29 45.28z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__c)" fill-rule="evenodd" d="m187.26 187.54-92.23-7.24-54.16 17.09z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__d)" fill-rule="evenodd" d="m41 197.41 23.04-75.48-50.7 10.84z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__e)" fill-rule="evenodd" d="M140.2 146.18 119 63.14l-60.67 56.87z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__f)" fill-rule="evenodd" d="m193.32 64.31-57.35-46.84L120 69.1z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__g)" fill-rule="evenodd" d="m166.5.77-33.73 18.64L111.49.52z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__h)" fill-rule="evenodd" d="m0 158.09 14.13-25.77-11.43-30.7z" clip-rule="evenodd"/><path fill="#fff" fill-rule="evenodd" d="m1.94 100.65 11.5 32.62 49.97-11.211 57.05-53.02 16.1-51.139L111.209 0l-43.1 16.13C54.53 28.76 28.18 53.75 27.23 54.22c-.94.48-17.4 31.59-25.29 46.43" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__i)" fill-rule="evenodd" d="M42.32 42.05c29.43-29.18 67.37-46.42 81.93-31.73 14.551 14.69-.88 50.39-30.31 79.56s-66.9 47.36-81.45 32.67c-14.56-14.68.4-51.33 29.83-80.5" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__q)" fill-rule="evenodd" d="m41 197.38 22.86-75.72 75.92 24.39c-27.45 25.74-57.98 47.5-98.78 51.33" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__r)" fill-rule="evenodd" d="m120.56 68.89 19.49 77.2c22.93-24.11 43.51-50.03 53.589-82.09z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__s)" fill-rule="evenodd" d="M193.44 64.39c7.8-23.54 9.6-57.31-27.181-63.58l-30.18 16.67z" clip-rule="evenodd"/><path fill="#9e1209" fill-rule="evenodd" d="M0 157.75c1.08 38.851 29.11 39.43 41.05 39.771L13.47 133.11z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__t)" fill-rule="evenodd" d="M120.67 69.01c17.62 10.83 53.131 32.58 53.851 32.98 1.119.63 15.31-23.93 18.53-37.81z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__u)" fill-rule="evenodd" d="m63.83 121.66 30.56 58.96c18.07-9.8 32.22-21.74 45.18-34.53z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__v)" fill-rule="evenodd" d="m13.35 133.19-4.33 51.56c8.17 11.16 19.41 12.13 31.2 11.26-8.53-21.23-25.57-63.68-26.87-62.82" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__w)" fill-rule="evenodd" d="m135.9 17.61 60.71 8.52C193.37 12.4 183.42 3.54 166.46.77z" clip-rule="evenodd"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 198.13 197.58" class="svg gitea-rubygems" width="16" height="16" aria-hidden="true"><defs><linearGradient id="gitea-rubygems__b" x1="194.9" x2="141.03" y1="153.56" y2="117.41" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#871101"/><stop offset=".99" stop-color="#911209"/><stop offset="1" stop-color="#911209"/></linearGradient><linearGradient id="gitea-rubygems__c" x1="151.8" x2="97.93" y1="217.79" y2="181.64" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#871101"/><stop offset=".99" stop-color="#911209"/><stop offset="1" stop-color="#911209"/></linearGradient><linearGradient id="gitea-rubygems__d" x1="38.696" x2="47.047" y1="127.39" y2="181.66" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".23" stop-color="#e57252"/><stop offset=".46" stop-color="#de3b20"/><stop offset=".99" stop-color="#a60003"/><stop offset="1" stop-color="#a60003"/></linearGradient><linearGradient id="gitea-rubygems__e" x1="96.133" x2="99.21" y1="76.715" y2="132.1" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".23" stop-color="#e4714e"/><stop offset=".56" stop-color="#be1a0d"/><stop offset=".99" stop-color="#a80d00"/><stop offset="1" stop-color="#a80d00"/></linearGradient><linearGradient id="gitea-rubygems__f" x1="147.1" x2="156.31" y1="25.521" y2="65.216" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".18" stop-color="#e46342"/><stop offset=".4" stop-color="#c82410"/><stop offset=".99" stop-color="#a80d00"/><stop offset="1" stop-color="#a80d00"/></linearGradient><linearGradient id="gitea-rubygems__g" x1="118.98" x2="158.67" y1="11.542" y2="-8.305" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".54" stop-color="#c81f11"/><stop offset=".99" stop-color="#bf0905"/><stop offset="1" stop-color="#bf0905"/></linearGradient><linearGradient id="gitea-rubygems__h" x1="3.903" x2="7.17" y1="113.55" y2="146.26" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fff"/><stop offset=".31" stop-color="#de4024"/><stop offset=".99" stop-color="#bf190b"/><stop offset="1" stop-color="#bf190b"/></linearGradient><linearGradient id="gitea-rubygems__i" x1="-18.556" x2="135.02" y1="155.1" y2="-2.809" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#bd0012"/><stop offset=".07" stop-color="#fff"/><stop offset=".17" stop-color="#fff"/><stop offset=".27" stop-color="#c82f1c"/><stop offset=".33" stop-color="#820c01"/><stop offset=".46" stop-color="#a31601"/><stop offset=".72" stop-color="#b31301"/><stop offset=".99" stop-color="#e82609"/><stop offset="1" stop-color="#e82609"/></linearGradient><linearGradient id="gitea-rubygems__q" x1="99.075" x2="52.818" y1="171.03" y2="159.62" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#8c0c01"/><stop offset=".54" stop-color="#990c00"/><stop offset=".99" stop-color="#a80d0e"/><stop offset="1" stop-color="#a80d0e"/></linearGradient><linearGradient id="gitea-rubygems__r" x1="178.53" x2="137.43" y1="115.51" y2="78.684" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#7e110b"/><stop offset=".99" stop-color="#9e0c00"/><stop offset="1" stop-color="#9e0c00"/></linearGradient><linearGradient id="gitea-rubygems__s" x1="193.62" x2="173.15" y1="47.937" y2="26.054" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#79130d"/><stop offset=".99" stop-color="#9e120b"/><stop offset="1" stop-color="#9e120b"/></linearGradient><linearGradient id="gitea-rubygems__v" x1="26.67" x2="9.989" y1="197.34" y2="140.74" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#8b2114"/><stop offset=".43" stop-color="#9e100a"/><stop offset=".99" stop-color="#b3100c"/><stop offset="1" stop-color="#b3100c"/></linearGradient><linearGradient id="gitea-rubygems__w" x1="154.64" x2="192.04" y1="9.798" y2="26.306" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#b31000"/><stop offset=".44" stop-color="#910f08"/><stop offset=".99" stop-color="#791c12"/><stop offset="1" stop-color="#791c12"/></linearGradient><linearGradient id="gitea-rubygems__a" x1="174.07" x2="132.28" y1="215.55" y2="141.75" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#fb7655"/><stop offset=".41" stop-color="#e42b1e"/><stop offset=".99" stop-color="#900"/><stop offset="1" stop-color="#900"/></linearGradient><radialGradient id="gitea-rubygems__t" cx="143.83" cy="79.388" r="50.358" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a80d00"/><stop offset=".99" stop-color="#7e0e08"/><stop offset="1" stop-color="#7e0e08"/></radialGradient><radialGradient id="gitea-rubygems__u" cx="74.092" cy="145.75" r="66.944" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#a30c00"/><stop offset=".99" stop-color="#800e08"/><stop offset="1" stop-color="#800e08"/></radialGradient></defs><path fill="url(#gitea-rubygems__a)" fill-rule="evenodd" d="M153.5 130.41 40.38 197.58l146.47-9.94 11.28-147.69z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__b)" fill-rule="evenodd" d="m187.09 187.54-12.59-86.89-34.29 45.28z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__c)" fill-rule="evenodd" d="m187.26 187.54-92.23-7.24-54.16 17.09z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__d)" fill-rule="evenodd" d="m41 197.41 23.04-75.48-50.7 10.84z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__e)" fill-rule="evenodd" d="M140.2 146.18 119 63.14l-60.67 56.87z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__f)" fill-rule="evenodd" d="m193.32 64.31-57.35-46.84L120 69.1z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__g)" fill-rule="evenodd" d="m166.5.77-33.73 18.64L111.49.52z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__h)" fill-rule="evenodd" d="m0 158.09 14.13-25.77-11.43-30.7z" clip-rule="evenodd"/><path fill="#fff" fill-rule="evenodd" d="m1.94 100.65 11.5 32.62 49.97-11.211 57.05-53.02 16.1-51.139L111.209 0l-43.1 16.13C54.53 28.76 28.18 53.75 27.23 54.22c-.94.48-17.4 31.59-25.29 46.43" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__i)" fill-rule="evenodd" d="M42.32 42.05c29.43-29.18 67.37-46.42 81.93-31.73 14.551 14.69-.88 50.39-30.31 79.56s-66.9 47.36-81.45 32.67c-14.56-14.68.4-51.33 29.83-80.5" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__q)" fill-rule="evenodd" d="m41 197.38 22.86-75.72 75.92 24.39c-27.45 25.74-57.98 47.5-98.78 51.33" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__r)" fill-rule="evenodd" d="m120.56 68.89 19.49 77.2c22.93-24.11 43.51-50.03 53.589-82.09z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__s)" fill-rule="evenodd" d="M193.44 64.39c7.8-23.54 9.6-57.31-27.181-63.58l-30.18 16.67z" clip-rule="evenodd"/><path fill="#9e1209" fill-rule="evenodd" d="M0 157.75c1.08 38.851 29.11 39.43 41.05 39.771L13.47 133.11z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__t)" fill-rule="evenodd" d="M120.67 69.01c17.62 10.83 53.131 32.58 53.851 32.98 1.119.63 15.31-23.93 18.53-37.81z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__u)" fill-rule="evenodd" d="m63.83 121.66 30.56 58.96c18.07-9.8 32.22-21.74 45.18-34.53z" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__v)" fill-rule="evenodd" d="m13.35 133.19-4.33 51.56c8.17 11.16 19.41 12.13 31.2 11.26-8.53-21.23-25.57-63.68-26.87-62.82" clip-rule="evenodd"/><path fill="url(#gitea-rubygems__w)" fill-rule="evenodd" d="m135.9 17.61 60.71 8.52C193.37 12.4 183.42 3.54 166.46.77z" clip-rule="evenodd"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-swift.svg b/public/assets/img/svg/gitea-swift.svg
index 4182100185..891ac12b56 100644
--- a/public/assets/img/svg/gitea-swift.svg
+++ b/public/assets/img/svg/gitea-swift.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" viewBox="0 0 59.5 59.5" class="svg gitea-swift" width="16" height="16" aria-hidden="true"><path fill="#F05138" d="M59.387 16.45a83 83 0 0 0-.027-1.792c-.034-1.301-.111-2.614-.343-3.9-.234-1.308-.618-2.523-1.222-3.71a12.46 12.46 0 0 0-5.452-5.452C51.156.992 49.94.609 48.635.374c-1.287-.232-2.6-.308-3.902-.343a86 86 0 0 0-1.792-.027Q41.876-.001 40.813 0H18.578q-1.064-.001-2.127.004c-.598.004-1.196.01-1.793.027q-.488.012-.978.036c-.978.047-1.959.133-2.924.307-.98.176-1.908.436-2.811.81A12.5 12.5 0 0 0 3.89 3.89a12.5 12.5 0 0 0-2.294 3.158C.992 8.235.61 9.45.374 10.758c-.231 1.286-.308 2.599-.343 3.9a86 86 0 0 0-.027 1.792Q-.002 17.515 0 18.578v22.234q-.001 1.064.004 2.129c.004.597.01 1.194.027 1.79.035 1.302.112 2.615.343 3.902.235 1.306.618 2.522 1.222 3.71a12.457 12.457 0 0 0 5.453 5.453c1.186.603 2.401.986 3.707 1.22 1.287.232 2.6.309 3.902.344q.896.023 1.793.026 1.063.006 2.127.004h22.235q1.065.002 2.128-.004.897-.003 1.792-.026c1.302-.035 2.615-.112 3.902-.344 1.306-.234 2.521-.617 3.708-1.221a12.46 12.46 0 0 0 5.452-5.453c.604-1.187.988-2.403 1.223-3.71.23-1.286.308-2.599.342-3.9.017-.597.023-1.194.027-1.791q.006-1.065.004-2.129V18.578q.001-1.065-.004-2.128"/><path fill="#fff" d="m47.061 36.661-.004-.005c.066-.223.133-.446.19-.675 2.466-9.82-3.55-21.432-13.731-27.545 4.461 6.048 6.434 13.373 4.681 19.78-.156.572-.344 1.12-.552 1.653-.225-.148-.51-.316-.89-.526 0 0-10.128-6.253-21.104-17.312-.288-.29 5.853 8.776 12.822 16.14-3.283-1.843-12.434-8.5-18.227-13.802.712 1.186 1.559 2.33 2.49 3.43 4.837 6.135 11.145 13.704 18.703 19.517-5.31 3.25-12.814 3.502-20.285.003a30.7 30.7 0 0 1-5.193-3.098c3.162 5.058 8.033 9.423 13.96 11.97 7.07 3.039 14.1 2.833 19.337.05l-.004.007.079-.047q.323-.172.637-.358c2.516-1.306 7.485-2.63 10.152 2.559.653 1.27 2.041-5.46-3.062-11.739z"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xml:space="preserve" viewBox="0 0 59.5 59.5" class="svg gitea-swift" width="16" height="16" aria-hidden="true"><path fill="#f05138" d="M59.387 16.45a83 83 0 0 0-.027-1.792c-.034-1.301-.111-2.614-.343-3.9-.234-1.308-.618-2.523-1.222-3.71a12.46 12.46 0 0 0-5.452-5.452C51.156.992 49.94.609 48.635.374c-1.287-.232-2.6-.308-3.902-.343a86 86 0 0 0-1.792-.027Q41.876-.001 40.813 0H18.578q-1.064-.001-2.127.004c-.598.004-1.196.01-1.793.027q-.488.012-.978.036c-.978.047-1.959.133-2.924.307-.98.176-1.908.436-2.811.81A12.5 12.5 0 0 0 3.89 3.89a12.5 12.5 0 0 0-2.294 3.158C.992 8.235.61 9.45.374 10.758c-.231 1.286-.308 2.599-.343 3.9a86 86 0 0 0-.027 1.792Q-.002 17.515 0 18.578v22.234q-.001 1.064.004 2.129c.004.597.01 1.194.027 1.79.035 1.302.112 2.615.343 3.902.235 1.306.618 2.522 1.222 3.71a12.457 12.457 0 0 0 5.453 5.453c1.186.603 2.401.986 3.707 1.22 1.287.232 2.6.309 3.902.344q.896.023 1.793.026 1.063.006 2.127.004h22.235q1.065.002 2.128-.004.897-.003 1.792-.026c1.302-.035 2.615-.112 3.902-.344 1.306-.234 2.521-.617 3.708-1.221a12.46 12.46 0 0 0 5.452-5.453c.604-1.187.988-2.403 1.223-3.71.23-1.286.308-2.599.342-3.9.017-.597.023-1.194.027-1.791q.006-1.065.004-2.129V18.578q.001-1.065-.004-2.128"/><path fill="#fff" d="m47.061 36.661-.004-.005c.066-.223.133-.446.19-.675 2.466-9.82-3.55-21.432-13.731-27.545 4.461 6.048 6.434 13.373 4.681 19.78-.156.572-.344 1.12-.552 1.653-.225-.148-.51-.316-.89-.526 0 0-10.128-6.253-21.104-17.312-.288-.29 5.853 8.776 12.822 16.14-3.283-1.843-12.434-8.5-18.227-13.802.712 1.186 1.559 2.33 2.49 3.43 4.837 6.135 11.145 13.704 18.703 19.517-5.31 3.25-12.814 3.502-20.285.003a30.7 30.7 0 0 1-5.193-3.098c3.162 5.058 8.033 9.423 13.96 11.97 7.07 3.039 14.1 2.833 19.337.05l-.004.007.079-.047q.323-.172.637-.358c2.516-1.306 7.485-2.63 10.152 2.559.653 1.27 2.041-5.46-3.062-11.739z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/gitea-vagrant.svg b/public/assets/img/svg/gitea-vagrant.svg
index ba50101d52..18b05e900d 100644
--- a/public/assets/img/svg/gitea-vagrant.svg
+++ b/public/assets/img/svg/gitea-vagrant.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid" viewBox="0 0 255 263" class="svg gitea-vagrant" width="16" height="16" aria-hidden="true"><path fill="#1159CC" d="M254.22 20.234 196.03 53.47l-1.64 20.618-44.19 99.772-26.27 17.34 3.18 71.6 49.53-28.55 77.58-189.946zM92.45 56.933V34.051l-.238-.136-38.483 19.102 1.642 23.034L103.4 180.6l26.02-14.71-2.31-28.09z"/><path fill="#127EFF" d="m219.56 0-57.75 33.814h-.04v23.119L127.11 137.8v27.02l-23.12 13.41L57.788 74.146V53.81L92.45 33.848 34.668 0 .006 20.234v24.783L78.022 234.49l49.088 28.31v-71.16l23.09-13.41-.27-.17 46.51-103.914V53.81l57.78-33.576z"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid" viewBox="0 0 255 263" class="svg gitea-vagrant" width="16" height="16" aria-hidden="true"><path fill="#1159cc" d="M254.22 20.234 196.03 53.47l-1.64 20.618-44.19 99.772-26.27 17.34 3.18 71.6 49.53-28.55 77.58-189.946zM92.45 56.933V34.051l-.238-.136-38.483 19.102 1.642 23.034L103.4 180.6l26.02-14.71-2.31-28.09z"/><path fill="#127eff" d="m219.56 0-57.75 33.814h-.04v23.119L127.11 137.8v27.02l-23.12 13.41L57.788 74.146V53.81L92.45 33.848 34.668 0 .006 20.234v24.783L78.022 234.49l49.088 28.31v-71.16l23.09-13.41-.27-.17 46.51-103.914V53.81l57.78-33.576z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-agent.svg b/public/assets/img/svg/octicon-agent.svg
new file mode 100644
index 0000000000..9e2bce0fef
--- /dev/null
+++ b/public/assets/img/svg/octicon-agent.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-agent" width="16" height="16" aria-hidden="true"><path d="M14.5 8.9v-.052A2.956 2.956 0 0 0 11.542 5.9a.82.82 0 0 1-.751-.501l-.145-.348A3.5 3.5 0 0 0 7.421 2.9h-.206a3.754 3.754 0 0 0-3.736 4.118l.011.121a.82.82 0 0 1-.619.879A1.81 1.81 0 0 0 1.5 9.773v.14c0 1.097.89 1.987 1.987 1.987H4.5a.75.75 0 0 1 0 1.5H3.487A3.487 3.487 0 0 1 0 9.913v-.14C0 8.449.785 7.274 1.963 6.75A5.253 5.253 0 0 1 7.215 1.4h.206a4.99 4.99 0 0 1 4.586 3.024A4.455 4.455 0 0 1 16 8.848V8.9a.75.75 0 0 1-1.5 0"/><path d="m8.38 7.67 2.25 2.25a.75.75 0 0 1 0 1.061L8.38 13.23a.749.749 0 1 1-1.06-1.06l1.719-1.72L7.32 8.731A.75.75 0 0 1 8.38 7.67M15 13.45h-3a.75.75 0 0 1 0-1.5h3a.75.75 0 0 1 0 1.5"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-loop.svg b/public/assets/img/svg/octicon-loop.svg
new file mode 100644
index 0000000000..967641f121
--- /dev/null
+++ b/public/assets/img/svg/octicon-loop.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-loop" width="16" height="16" aria-hidden="true"><path d="M1.896 4.559a6.25 6.25 0 0 1 8.839 0 .75.75 0 0 1-1.06 1.061 4.75 4.75 0 1 0 0 6.717L13.03 8.98l-1.553-1.554A.25.25 0 0 1 11.654 7h4.096a.25.25 0 0 1 .25.25v4.096a.25.25 0 0 1-.427.177l-1.482-1.482-3.356 3.356a6.25 6.25 0 0 1-8.839-8.838"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-mention.svg b/public/assets/img/svg/octicon-mention.svg
index 75b414e123..ff408c59a2 100644
--- a/public/assets/img/svg/octicon-mention.svg
+++ b/public/assets/img/svg/octicon-mention.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-mention" width="16" height="16" aria-hidden="true"><path d="M4.75 2.37a6.501 6.501 0 0 0 6.5 11.26.75.75 0 0 1 .75 1.298A7.999 7.999 0 0 1 .989 4.148 8 8 0 0 1 16 7.75v1.5a2.75 2.75 0 0 1-5.072 1.475 3.999 3.999 0 0 1-6.65-4.19A4 4 0 0 1 12 8v1.25a1.25 1.25 0 0 0 2.5 0V7.867a6.5 6.5 0 0 0-9.75-5.496ZM10.5 8a2.5 2.5 0 1 0-5 0 2.5 2.5 0 0 0 5 0"/></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-mention" width="16" height="16" aria-hidden="true"><path d="M8 .5a7.5 7.5 0 0 1 7.499 7.462l.002.038v1.164a2.612 2.612 0 0 1-4.783 1.454A3.76 3.76 0 0 1 8 11.776 3.776 3.776 0 1 1 11.776 8v1.164a1.112 1.112 0 0 0 2.225 0L14 8a6 6 0 1 0-3.311 5.365.75.75 0 0 1 .673 1.341A7.5 7.5 0 1 1 8 .5m0 5.225a2.275 2.275 0 1 0 0 4.552 2.275 2.275 0 0 0 0-4.552"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-pause.svg b/public/assets/img/svg/octicon-pause.svg
new file mode 100644
index 0000000000..008de5afdf
--- /dev/null
+++ b/public/assets/img/svg/octicon-pause.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-pause" width="16" height="16" aria-hidden="true"><path d="M5 2h1a1 1 0 0 1 1 1v10a1 1 0 0 1-1 1H5a1 1 0 0 1-1-1V3a1 1 0 0 1 1-1m5 0h1a1 1 0 0 1 1 1v10a1 1 0 0 1-1 1h-1a1 1 0 0 1-1-1V3a1 1 0 0 1 1-1"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-space.svg b/public/assets/img/svg/octicon-space.svg
new file mode 100644
index 0000000000..22912be37a
--- /dev/null
+++ b/public/assets/img/svg/octicon-space.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-space" width="16" height="16" aria-hidden="true"><path d="M0 13.25V2.75C0 1.784.784 1 1.75 1H5c.551 0 1.07.26 1.4.7l.9 1.2a.25.25 0 0 0 .2.1h6.75c.966 0 1.75.784 1.75 1.75v3.638a.75.75 0 0 1-1.5 0V4.75a.25.25 0 0 0-.25-.25H7.5a1.75 1.75 0 0 1-1.4-.7l-.9-1.2a.25.25 0 0 0-.2-.1H1.75a.25.25 0 0 0-.25.25v10.5c0 .138.112.25.25.25h5.663l.076.004a.75.75 0 0 1 0 1.492L7.413 15H1.75A1.75 1.75 0 0 1 0 13.25"/><path d="M12.265 9.16a.248.248 0 0 1 .467 0l.237.649a3.73 3.73 0 0 0 2.219 2.218l.649.238a.249.249 0 0 1 0 .467l-.649.237a3.73 3.73 0 0 0-2.219 2.219l-.237.649a.249.249 0 0 1-.467 0l-.238-.649a3.73 3.73 0 0 0-2.218-2.219l-.649-.237a.248.248 0 0 1 0-.467l.649-.238a3.73 3.73 0 0 0 2.218-2.218z"/></svg>
\ No newline at end of file
diff --git a/public/assets/img/svg/octicon-sparkle.svg b/public/assets/img/svg/octicon-sparkle.svg
new file mode 100644
index 0000000000..769350bbbe
--- /dev/null
+++ b/public/assets/img/svg/octicon-sparkle.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" class="svg octicon-sparkle" width="16" height="16" aria-hidden="true"><path d="M7.198.57c.275-.752 1.34-.752 1.615 0l.849 2.317a5.82 5.82 0 0 0 3.462 3.463l2.317.848c.753.275.753 1.34 0 1.615l-2.317.849a5.82 5.82 0 0 0-3.462 3.462l-.849 2.317c-.275.753-1.34.753-1.615 0l-.848-2.317a5.82 5.82 0 0 0-3.463-3.462L.57 8.813c-.752-.275-.752-1.34 0-1.615l2.317-.848A5.82 5.82 0 0 0 6.35 2.887zm.562 2.833A7.32 7.32 0 0 1 3.403 7.76l-.673.246.673.246a7.32 7.32 0 0 1 4.357 4.356l.246.673.246-.673a7.32 7.32 0 0 1 4.356-4.356l.673-.246-.673-.246a7.32 7.32 0 0 1-4.356-4.357l-.246-.673z"/></svg>
\ No newline at end of file
diff --git a/pyproject.toml b/pyproject.toml
index a2aedfe148..3657feb2ce 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,12 +1,13 @@
-[tool.poetry]
-package-mode = false
+[project]
+name = "gitea"
+version = "0.0.0"
+requires-python = ">=3.10"
 
-[tool.poetry.dependencies]
-python = "^3.10"
-
-[tool.poetry.group.dev.dependencies]
-djlint = "1.36.4"
-yamllint = "1.36.1"
+[dependency-groups]
+dev = [
+  "djlint==1.36.4",
+  "yamllint==1.37.1",
+]
 
 [tool.djlint]
 profile="golang"
diff --git a/routers/api/actions/artifacts.go b/routers/api/actions/artifacts.go
index 0832e52f55..d71a6f487c 100644
--- a/routers/api/actions/artifacts.go
+++ b/routers/api/actions/artifacts.go
@@ -337,7 +337,10 @@ func (ar artifactRoutes) listArtifacts(ctx *ArtifactContext) {
 		return
 	}
 
-	artifacts, err := db.Find[actions.ActionArtifact](ctx, actions.FindArtifactsOptions{RunID: runID})
+	artifacts, err := db.Find[actions.ActionArtifact](ctx, actions.FindArtifactsOptions{
+		RunID:  runID,
+		Status: int(actions.ArtifactStatusUploadConfirmed),
+	})
 	if err != nil {
 		log.Error("Error getting artifacts: %v", err)
 		ctx.HTTPError(http.StatusInternalServerError, err.Error())
@@ -402,6 +405,7 @@ func (ar artifactRoutes) getDownloadArtifactURL(ctx *ArtifactContext) {
 	artifacts, err := db.Find[actions.ActionArtifact](ctx, actions.FindArtifactsOptions{
 		RunID:        runID,
 		ArtifactName: itemPath,
+		Status:       int(actions.ArtifactStatusUploadConfirmed),
 	})
 	if err != nil {
 		log.Error("Error getting artifacts: %v", err)
@@ -424,7 +428,7 @@ func (ar artifactRoutes) getDownloadArtifactURL(ctx *ArtifactContext) {
 	for _, artifact := range artifacts {
 		var downloadURL string
 		if setting.Actions.ArtifactStorage.ServeDirect() {
-			u, err := ar.fs.URL(artifact.StoragePath, artifact.ArtifactName, nil)
+			u, err := ar.fs.URL(artifact.StoragePath, artifact.ArtifactName, ctx.Req.Method, nil)
 			if err != nil && !errors.Is(err, storage.ErrURLNotSupported) {
 				log.Error("Error getting serve direct url: %v", err)
 			}
@@ -473,6 +477,11 @@ func (ar artifactRoutes) downloadArtifact(ctx *ArtifactContext) {
 		ctx.HTTPError(http.StatusBadRequest)
 		return
 	}
+	if artifact.Status != actions.ArtifactStatusUploadConfirmed {
+		log.Error("Error artifact not found: %s", artifact.Status.ToString())
+		ctx.HTTPError(http.StatusNotFound, "Error artifact not found")
+		return
+	}
 
 	fd, err := ar.fs.Open(artifact.StoragePath)
 	if err != nil {
diff --git a/routers/api/actions/artifacts_chunks.go b/routers/api/actions/artifacts_chunks.go
index 9d2b69820c..708931d1ac 100644
--- a/routers/api/actions/artifacts_chunks.go
+++ b/routers/api/actions/artifacts_chunks.go
@@ -51,7 +51,7 @@ func saveUploadChunkBase(st storage.ObjectStorage, ctx *ArtifactContext,
 		log.Info("[artifact] check chunk md5, sum: %s, header: %s", chunkMd5String, reqMd5String)
 		// if md5 not match, delete the chunk
 		if reqMd5String != chunkMd5String {
-			checkErr = fmt.Errorf("md5 not match")
+			checkErr = errors.New("md5 not match")
 		}
 	}
 	if writtenSize != contentSize {
@@ -261,7 +261,7 @@ func mergeChunksForArtifact(ctx *ArtifactContext, chunks []*chunkFileItem, st st
 		return fmt.Errorf("save merged file error: %v", err)
 	}
 	if written != artifact.FileCompressedSize {
-		return fmt.Errorf("merged file size is not equal to chunk length")
+		return errors.New("merged file size is not equal to chunk length")
 	}
 
 	defer func() {
diff --git a/routers/api/actions/artifacts_utils.go b/routers/api/actions/artifacts_utils.go
index 77ce765098..35868c290e 100644
--- a/routers/api/actions/artifacts_utils.go
+++ b/routers/api/actions/artifacts_utils.go
@@ -43,7 +43,7 @@ func validateRunID(ctx *ArtifactContext) (*actions.ActionTask, int64, bool) {
 	return task, runID, true
 }
 
-func validateRunIDV4(ctx *ArtifactContext, rawRunID string) (*actions.ActionTask, int64, bool) { //nolint:unparam
+func validateRunIDV4(ctx *ArtifactContext, rawRunID string) (*actions.ActionTask, int64, bool) { //nolint:unparam // ActionTask is never used
 	task := ctx.ActionTask
 	runID, err := strconv.ParseInt(rawRunID, 10, 64)
 	if err != nil || task.Job.RunID != runID {
diff --git a/routers/api/actions/artifactsv4.go b/routers/api/actions/artifactsv4.go
index 665156d936..6d27479628 100644
--- a/routers/api/actions/artifactsv4.go
+++ b/routers/api/actions/artifactsv4.go
@@ -162,15 +162,15 @@ func (r artifactV4Routes) buildSignature(endp, expires, artifactName string, tas
 	mac.Write([]byte(endp))
 	mac.Write([]byte(expires))
 	mac.Write([]byte(artifactName))
-	mac.Write([]byte(fmt.Sprint(taskID)))
-	mac.Write([]byte(fmt.Sprint(artifactID)))
+	fmt.Fprint(mac, taskID)
+	fmt.Fprint(mac, artifactID)
 	return mac.Sum(nil)
 }
 
 func (r artifactV4Routes) buildArtifactURL(ctx *ArtifactContext, endp, artifactName string, taskID, artifactID int64) string {
 	expires := time.Now().Add(60 * time.Minute).Format("2006-01-02 15:04:05.999999999 -0700 MST")
 	uploadURL := strings.TrimSuffix(httplib.GuessCurrentAppURL(ctx), "/") + strings.TrimSuffix(r.prefix, "/") +
-		"/" + endp + "?sig=" + base64.URLEncoding.EncodeToString(r.buildSignature(endp, expires, artifactName, taskID, artifactID)) + "&expires=" + url.QueryEscape(expires) + "&artifactName=" + url.QueryEscape(artifactName) + "&taskID=" + fmt.Sprint(taskID) + "&artifactID=" + fmt.Sprint(artifactID)
+		"/" + endp + "?sig=" + base64.URLEncoding.EncodeToString(r.buildSignature(endp, expires, artifactName, taskID, artifactID)) + "&expires=" + url.QueryEscape(expires) + "&artifactName=" + url.QueryEscape(artifactName) + "&taskID=" + strconv.FormatInt(taskID, 10) + "&artifactID=" + strconv.FormatInt(artifactID, 10)
 	return uploadURL
 }
 
@@ -448,17 +448,15 @@ func (r *artifactV4Routes) listArtifacts(ctx *ArtifactContext) {
 		return
 	}
 
-	artifacts, err := db.Find[actions.ActionArtifact](ctx, actions.FindArtifactsOptions{RunID: runID})
+	artifacts, err := db.Find[actions.ActionArtifact](ctx, actions.FindArtifactsOptions{
+		RunID:  runID,
+		Status: int(actions.ArtifactStatusUploadConfirmed),
+	})
 	if err != nil {
 		log.Error("Error getting artifacts: %v", err)
 		ctx.HTTPError(http.StatusInternalServerError, err.Error())
 		return
 	}
-	if len(artifacts) == 0 {
-		log.Debug("[artifact] handleListArtifacts, no artifacts")
-		ctx.HTTPError(http.StatusNotFound)
-		return
-	}
 
 	list := []*ListArtifactsResponse_MonolithArtifact{}
 
@@ -510,11 +508,16 @@ func (r *artifactV4Routes) getSignedArtifactURL(ctx *ArtifactContext) {
 		ctx.HTTPError(http.StatusNotFound, "Error artifact not found")
 		return
 	}
+	if artifact.Status != actions.ArtifactStatusUploadConfirmed {
+		log.Error("Error artifact not found: %s", artifact.Status.ToString())
+		ctx.HTTPError(http.StatusNotFound, "Error artifact not found")
+		return
+	}
 
 	respData := GetSignedArtifactURLResponse{}
 
 	if setting.Actions.ArtifactStorage.ServeDirect() {
-		u, err := storage.ActionsArtifacts.URL(artifact.StoragePath, artifact.ArtifactPath, nil)
+		u, err := storage.ActionsArtifacts.URL(artifact.StoragePath, artifact.ArtifactPath, ctx.Req.Method, nil)
 		if u != nil && err == nil {
 			respData.SignedUrl = u.String()
 		}
@@ -538,6 +541,11 @@ func (r *artifactV4Routes) downloadArtifact(ctx *ArtifactContext) {
 		ctx.HTTPError(http.StatusNotFound, "Error artifact not found")
 		return
 	}
+	if artifact.Status != actions.ArtifactStatusUploadConfirmed {
+		log.Error("Error artifact not found: %s", artifact.Status.ToString())
+		ctx.HTTPError(http.StatusNotFound, "Error artifact not found")
+		return
+	}
 
 	file, _ := r.fs.Open(artifact.StoragePath)
 
diff --git a/routers/api/packages/alpine/alpine.go b/routers/api/packages/alpine/alpine.go
index f35cff3df2..f250a1a549 100644
--- a/routers/api/packages/alpine/alpine.go
+++ b/routers/api/packages/alpine/alpine.go
@@ -25,9 +25,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 func GetRepositoryKey(ctx *context.Context) {
@@ -68,13 +67,14 @@ func GetRepositoryFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pv,
 		&packages_service.PackageFileInfo{
 			Filename:     alpine_service.IndexArchiveFilename,
 			CompositeKey: fmt.Sprintf("%s|%s|%s", ctx.PathParam("branch"), ctx.PathParam("repository"), ctx.PathParam("architecture")),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
@@ -216,7 +216,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		}
 	}
 
-	s, u, pf, err := packages_service.GetPackageFileStream(ctx, pfs[0])
+	s, u, pf, err := packages_service.OpenFileForDownload(ctx, pfs[0], ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go
index b64306037f..f6ee5958b5 100644
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@@ -5,8 +5,6 @@ package packages
 
 import (
 	"net/http"
-	"regexp"
-	"strings"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/perm"
@@ -46,13 +44,14 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.Context) {
 			if ok { // it's a personal access token but not oauth2 token
 				scopeMatched := false
 				var err error
-				if accessMode == perm.AccessModeRead {
+				switch accessMode {
+				case perm.AccessModeRead:
 					scopeMatched, err = scope.HasScope(auth_model.AccessTokenScopeReadPackage)
 					if err != nil {
 						ctx.HTTPError(http.StatusInternalServerError, "HasScope", err.Error())
 						return
 					}
-				} else if accessMode == perm.AccessModeWrite {
+				case perm.AccessModeWrite:
 					scopeMatched, err = scope.HasScope(auth_model.AccessTokenScopeWritePackage)
 					if err != nil {
 						ctx.HTTPError(http.StatusInternalServerError, "HasScope", err.Error())
@@ -100,7 +99,7 @@ func verifyAuth(r *web.Router, authMethods []auth.Method) {
 		ctx.Doer, err = authGroup.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
 		if err != nil {
 			log.Error("Failed to verify user: %v", err)
-			ctx.HTTPError(http.StatusUnauthorized, "authGroup.Verify")
+			ctx.HTTPError(http.StatusUnauthorized, "Failed to authenticate user")
 			return
 		}
 		ctx.IsSigned = ctx.Doer != nil
@@ -281,42 +280,10 @@ func CommonRoutes() *web.Router {
 				})
 			})
 		}, reqPackageAccess(perm.AccessModeRead))
-		r.Group("/conda", func() {
-			var (
-				downloadPattern = regexp.MustCompile(`\A(.+/)?(.+)/((?:[^/]+(?:\.tar\.bz2|\.conda))|(?:current_)?repodata\.json(?:\.bz2)?)\z`)
-				uploadPattern   = regexp.MustCompile(`\A(.+/)?([^/]+(?:\.tar\.bz2|\.conda))\z`)
-			)
-
-			r.Get("/*", func(ctx *context.Context) {
-				m := downloadPattern.FindStringSubmatch(ctx.PathParam("*"))
-				if len(m) == 0 {
-					ctx.Status(http.StatusNotFound)
-					return
-				}
-
-				ctx.SetPathParam("channel", strings.TrimSuffix(m[1], "/"))
-				ctx.SetPathParam("architecture", m[2])
-				ctx.SetPathParam("filename", m[3])
-
-				switch m[3] {
-				case "repodata.json", "repodata.json.bz2", "current_repodata.json", "current_repodata.json.bz2":
-					conda.EnumeratePackages(ctx)
-				default:
-					conda.DownloadPackageFile(ctx)
-				}
-			})
-			r.Put("/*", reqPackageAccess(perm.AccessModeWrite), func(ctx *context.Context) {
-				m := uploadPattern.FindStringSubmatch(ctx.PathParam("*"))
-				if len(m) == 0 {
-					ctx.Status(http.StatusNotFound)
-					return
-				}
-
-				ctx.SetPathParam("channel", strings.TrimSuffix(m[1], "/"))
-				ctx.SetPathParam("filename", m[2])
-
-				conda.UploadPackageFile(ctx)
-			})
+		r.PathGroup("/conda/*", func(g *web.RouterPathGroup) {
+			g.MatchPath("GET", "/<architecture>/<filename>", conda.ListOrGetPackages)
+			g.MatchPath("GET", "/<channel:*>/<architecture>/<filename>", conda.ListOrGetPackages)
+			g.MatchPath("PUT", "/<channel:*>/<filename>", reqPackageAccess(perm.AccessModeWrite), conda.UploadPackageFile)
 		}, reqPackageAccess(perm.AccessModeRead))
 		r.Group("/cran", func() {
 			r.Group("/src", func() {
@@ -357,67 +324,22 @@ func CommonRoutes() *web.Router {
 		}, reqPackageAccess(perm.AccessModeRead))
 		r.Group("/go", func() {
 			r.Put("/upload", reqPackageAccess(perm.AccessModeWrite), goproxy.UploadPackage)
-			r.Get("/sumdb/sum.golang.org/supported", func(ctx *context.Context) {
-				ctx.Status(http.StatusNotFound)
-			})
+			r.Get("/sumdb/sum.golang.org/supported", http.NotFound)
 
-			// Manual mapping of routes because the package name contains slashes which chi does not support
 			// https://go.dev/ref/mod#goproxy-protocol
-			r.Get("/*", func(ctx *context.Context) {
-				path := ctx.PathParam("*")
-
-				if strings.HasSuffix(path, "/@latest") {
-					ctx.SetPathParam("name", path[:len(path)-len("/@latest")])
-					ctx.SetPathParam("version", "latest")
-
-					goproxy.PackageVersionMetadata(ctx)
-					return
-				}
-
-				parts := strings.SplitN(path, "/@v/", 2)
-				if len(parts) != 2 {
-					ctx.Status(http.StatusNotFound)
-					return
-				}
-
-				ctx.SetPathParam("name", parts[0])
-
-				// <package/name>/@v/list
-				if parts[1] == "list" {
-					goproxy.EnumeratePackageVersions(ctx)
-					return
-				}
-
-				// <package/name>/@v/<version>.zip
-				if strings.HasSuffix(parts[1], ".zip") {
-					ctx.SetPathParam("version", parts[1][:len(parts[1])-len(".zip")])
-
-					goproxy.DownloadPackageFile(ctx)
-					return
-				}
-				// <package/name>/@v/<version>.info
-				if strings.HasSuffix(parts[1], ".info") {
-					ctx.SetPathParam("version", parts[1][:len(parts[1])-len(".info")])
-
-					goproxy.PackageVersionMetadata(ctx)
-					return
-				}
-				// <package/name>/@v/<version>.mod
-				if strings.HasSuffix(parts[1], ".mod") {
-					ctx.SetPathParam("version", parts[1][:len(parts[1])-len(".mod")])
-
-					goproxy.PackageVersionGoModContent(ctx)
-					return
-				}
-
-				ctx.Status(http.StatusNotFound)
+			r.PathGroup("/*", func(g *web.RouterPathGroup) {
+				g.MatchPath("GET", "/<name:*>/@<version:latest>", goproxy.PackageVersionMetadata)
+				g.MatchPath("GET", "/<name:*>/@v/list", goproxy.EnumeratePackageVersions)
+				g.MatchPath("GET", "/<name:*>/@v/<version>.zip", goproxy.DownloadPackageFile)
+				g.MatchPath("GET", "/<name:*>/@v/<version>.info", goproxy.PackageVersionMetadata)
+				g.MatchPath("GET", "/<name:*>/@v/<version>.mod", goproxy.PackageVersionGoModContent)
 			})
 		}, reqPackageAccess(perm.AccessModeRead))
 		r.Group("/generic", func() {
 			r.Group("/{packagename}/{packageversion}", func() {
 				r.Delete("", reqPackageAccess(perm.AccessModeWrite), generic.DeletePackage)
 				r.Group("/{filename}", func() {
-					r.Get("", generic.DownloadPackageFile)
+					r.Methods("HEAD,GET", "", generic.DownloadPackageFile)
 					r.Group("", func() {
 						r.Put("", generic.UploadPackage)
 						r.Delete("", generic.DeletePackageFile)
@@ -531,82 +453,26 @@ func CommonRoutes() *web.Router {
 				})
 			})
 		}, reqPackageAccess(perm.AccessModeRead))
+
 		r.Group("/pypi", func() {
 			r.Post("/", reqPackageAccess(perm.AccessModeWrite), pypi.UploadPackageFile)
 			r.Get("/files/{id}/{version}/{filename}", pypi.DownloadPackageFile)
 			r.Get("/simple/{id}", pypi.PackageMetadata)
 		}, reqPackageAccess(perm.AccessModeRead))
-		r.Group("/rpm", func() {
-			r.Group("/repository.key", func() {
-				r.Head("", rpm.GetRepositoryKey)
-				r.Get("", rpm.GetRepositoryKey)
-			})
-
-			var (
-				repoPattern     = regexp.MustCompile(`\A(.*?)\.repo\z`)
-				uploadPattern   = regexp.MustCompile(`\A(.*?)/upload\z`)
-				filePattern     = regexp.MustCompile(`\A(.*?)/package/([^/]+)/([^/]+)/([^/]+)(?:/([^/]+\.rpm)|)\z`)
-				repoFilePattern = regexp.MustCompile(`\A(.*?)/repodata/([^/]+)\z`)
-			)
-
-			r.Methods("HEAD,GET,PUT,DELETE", "*", func(ctx *context.Context) {
-				path := ctx.PathParam("*")
-				isHead := ctx.Req.Method == "HEAD"
-				isGetHead := ctx.Req.Method == "HEAD" || ctx.Req.Method == "GET"
-				isPut := ctx.Req.Method == "PUT"
-				isDelete := ctx.Req.Method == "DELETE"
-
-				m := repoPattern.FindStringSubmatch(path)
-				if len(m) == 2 && isGetHead {
-					ctx.SetPathParam("group", strings.Trim(m[1], "/"))
-					rpm.GetRepositoryConfig(ctx)
-					return
-				}
 
-				m = repoFilePattern.FindStringSubmatch(path)
-				if len(m) == 3 && isGetHead {
-					ctx.SetPathParam("group", strings.Trim(m[1], "/"))
-					ctx.SetPathParam("filename", m[2])
-					if isHead {
-						rpm.CheckRepositoryFileExistence(ctx)
-					} else {
-						rpm.GetRepositoryFile(ctx)
-					}
-					return
-				}
-
-				m = uploadPattern.FindStringSubmatch(path)
-				if len(m) == 2 && isPut {
-					reqPackageAccess(perm.AccessModeWrite)(ctx)
-					if ctx.Written() {
-						return
-					}
-					ctx.SetPathParam("group", strings.Trim(m[1], "/"))
-					rpm.UploadPackageFile(ctx)
-					return
-				}
-
-				m = filePattern.FindStringSubmatch(path)
-				if len(m) == 6 && (isGetHead || isDelete) {
-					ctx.SetPathParam("group", strings.Trim(m[1], "/"))
-					ctx.SetPathParam("name", m[2])
-					ctx.SetPathParam("version", m[3])
-					ctx.SetPathParam("architecture", m[4])
-					if isGetHead {
-						rpm.DownloadPackageFile(ctx)
-					} else {
-						reqPackageAccess(perm.AccessModeWrite)(ctx)
-						if ctx.Written() {
-							return
-						}
-						rpm.DeletePackageFile(ctx)
-					}
-					return
-				}
-
-				ctx.Status(http.StatusNotFound)
-			})
+		r.Methods("HEAD,GET", "/rpm.repo", reqPackageAccess(perm.AccessModeRead), rpm.GetRepositoryConfig)
+		r.PathGroup("/rpm/*", func(g *web.RouterPathGroup) {
+			g.MatchPath("HEAD,GET", "/repository.key", rpm.GetRepositoryKey)
+			g.MatchPath("HEAD,GET", "/<group:*>.repo", rpm.GetRepositoryConfig)
+			g.MatchPath("HEAD", "/<group:*>/repodata/<filename>", rpm.CheckRepositoryFileExistence)
+			g.MatchPath("GET", "/<group:*>/repodata/<filename>", rpm.GetRepositoryFile)
+			g.MatchPath("PUT", "/<group:*>/upload", reqPackageAccess(perm.AccessModeWrite), rpm.UploadPackageFile)
+			// this URL pattern is only used internally in the RPM index, it is generated by us, the filename part is not really used (can be anything)
+			g.MatchPath("HEAD,GET", "/<group:*>/package/<name>/<version>/<architecture>", rpm.DownloadPackageFile)
+			g.MatchPath("HEAD,GET", "/<group:*>/package/<name>/<version>/<architecture>/<filename>", rpm.DownloadPackageFile)
+			g.MatchPath("DELETE", "/<group:*>/package/<name>/<version>/<architecture>", reqPackageAccess(perm.AccessModeWrite), rpm.DeletePackageFile)
 		}, reqPackageAccess(perm.AccessModeRead))
+
 		r.Group("/rubygems", func() {
 			r.Get("/specs.4.8.gz", rubygems.EnumeratePackages)
 			r.Get("/latest_specs.4.8.gz", rubygems.EnumeratePackagesLatest)
@@ -620,6 +486,7 @@ func CommonRoutes() *web.Router {
 				r.Delete("/yank", rubygems.DeletePackage)
 			}, reqPackageAccess(perm.AccessModeWrite))
 		}, reqPackageAccess(perm.AccessModeRead))
+
 		r.Group("/swift", func() {
 			r.Group("", func() { // Needs to be unauthenticated.
 				r.Post("", swift.CheckAuthenticate)
@@ -631,31 +498,12 @@ func CommonRoutes() *web.Router {
 						r.Get("", swift.EnumeratePackageVersions)
 						r.Get(".json", swift.EnumeratePackageVersions)
 					}, swift.CheckAcceptMediaType(swift.AcceptJSON))
-					r.Group("/{version}", func() {
-						r.Get("/Package.swift", swift.CheckAcceptMediaType(swift.AcceptSwift), swift.DownloadManifest)
-						r.Put("", reqPackageAccess(perm.AccessModeWrite), swift.CheckAcceptMediaType(swift.AcceptJSON), swift.UploadPackageFile)
-						r.Get("", func(ctx *context.Context) {
-							// Can't use normal routes here: https://github.com/go-chi/chi/issues/781
-
-							version := ctx.PathParam("version")
-							if strings.HasSuffix(version, ".zip") {
-								swift.CheckAcceptMediaType(swift.AcceptZip)(ctx)
-								if ctx.Written() {
-									return
-								}
-								ctx.SetPathParam("version", version[:len(version)-4])
-								swift.DownloadPackageFile(ctx)
-							} else {
-								swift.CheckAcceptMediaType(swift.AcceptJSON)(ctx)
-								if ctx.Written() {
-									return
-								}
-								if strings.HasSuffix(version, ".json") {
-									ctx.SetPathParam("version", version[:len(version)-5])
-								}
-								swift.PackageVersionMetadata(ctx)
-							}
-						})
+					r.PathGroup("/*", func(g *web.RouterPathGroup) {
+						g.MatchPath("GET", "/<version>.json", swift.CheckAcceptMediaType(swift.AcceptJSON), swift.PackageVersionMetadata)
+						g.MatchPath("GET", "/<version>.zip", swift.CheckAcceptMediaType(swift.AcceptZip), swift.DownloadPackageFile)
+						g.MatchPath("GET", "/<version>/Package.swift", swift.CheckAcceptMediaType(swift.AcceptSwift), swift.DownloadManifest)
+						g.MatchPath("GET", "/<version>", swift.CheckAcceptMediaType(swift.AcceptJSON), swift.PackageVersionMetadata)
+						g.MatchPath("PUT", "/<version>", reqPackageAccess(perm.AccessModeWrite), swift.CheckAcceptMediaType(swift.AcceptJSON), swift.UploadPackageFile)
 					})
 				})
 				r.Get("/identifiers", swift.CheckAcceptMediaType(swift.AcceptJSON), swift.LookupPackageIdentifiers)
@@ -692,6 +540,8 @@ func ContainerRoutes() *web.Router {
 		&container.Auth{},
 	})
 
+	// TODO: Content Discovery / References (not implemented yet)
+
 	r.Get("", container.ReqContainerAccess, container.DetermineSupport)
 	r.Group("/token", func() {
 		r.Get("", container.Authenticate)
@@ -700,26 +550,22 @@ func ContainerRoutes() *web.Router {
 	r.Get("/_catalog", container.ReqContainerAccess, container.GetRepositoryList)
 	r.Group("/{username}", func() {
 		r.PathGroup("/*", func(g *web.RouterPathGroup) {
-			g.MatchPath("POST", "/<image:*>/blobs/uploads", reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, container.InitiateUploadBlob)
-			g.MatchPath("GET", "/<image:*>/tags/list", container.VerifyImageName, container.GetTagList)
-			g.MatchPath("GET,PATCH,PUT,DELETE", `/<image:*>/blobs/uploads/<uuid:[-.=\w]+>`, reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, func(ctx *context.Context) {
-				if ctx.Req.Method == http.MethodGet {
-					container.GetUploadBlob(ctx)
-				} else if ctx.Req.Method == http.MethodPatch {
-					container.UploadBlob(ctx)
-				} else if ctx.Req.Method == http.MethodPut {
-					container.EndUploadBlob(ctx)
-				} else /* DELETE */ {
-					container.CancelUploadBlob(ctx)
-				}
-			})
+			g.MatchPath("POST", "/<image:*>/blobs/uploads", reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, container.PostBlobsUploads)
+			g.MatchPath("GET", "/<image:*>/tags/list", container.VerifyImageName, container.GetTagsList)
+
+			patternBlobsUploadsUUID := g.PatternRegexp(`/<image:*>/blobs/uploads/<uuid:[-.=\w]+>`, reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName)
+			g.MatchPattern("GET", patternBlobsUploadsUUID, container.GetBlobsUpload)
+			g.MatchPattern("PATCH", patternBlobsUploadsUUID, container.PatchBlobsUpload)
+			g.MatchPattern("PUT", patternBlobsUploadsUUID, container.PutBlobsUpload)
+			g.MatchPattern("DELETE", patternBlobsUploadsUUID, container.DeleteBlobsUpload)
+
 			g.MatchPath("HEAD", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.HeadBlob)
 			g.MatchPath("GET", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.GetBlob)
 			g.MatchPath("DELETE", `/<image:*>/blobs/<digest>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteBlob)
 
 			g.MatchPath("HEAD", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.HeadManifest)
 			g.MatchPath("GET", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.GetManifest)
-			g.MatchPath("PUT", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.UploadManifest)
+			g.MatchPath("PUT", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.PutManifest)
 			g.MatchPath("DELETE", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteManifest)
 		})
 	}, container.ReqContainerAccess, context.UserAssignmentWeb(), context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead))
diff --git a/routers/api/packages/arch/arch.go b/routers/api/packages/arch/arch.go
index f5dc6c1d01..061484785d 100644
--- a/routers/api/packages/arch/arch.go
+++ b/routers/api/packages/arch/arch.go
@@ -24,9 +24,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 func GetRepositoryKey(ctx *context.Context) {
@@ -239,7 +238,7 @@ func GetPackageOrRepositoryFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetPackageFileStream(ctx, pfs[0])
+	s, u, pf, err := packages_service.OpenFileForDownload(ctx, pfs[0], ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
diff --git a/routers/api/packages/cargo/cargo.go b/routers/api/packages/cargo/cargo.go
index 42ef13476c..a7f00ee1cb 100644
--- a/routers/api/packages/cargo/cargo.go
+++ b/routers/api/packages/cargo/cargo.go
@@ -37,21 +37,20 @@ type StatusMessage struct {
 }
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, StatusResponse{
-			OK: false,
-			Errors: []StatusMessage{
-				{
-					Message: message,
-				},
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, StatusResponse{
+		OK: false,
+		Errors: []StatusMessage{
+			{
+				Message: message,
 			},
-		})
+		},
 	})
 }
 
 // https://rust-lang.github.io/rfcs/2789-sparse-index.html
 func RepositoryConfig(ctx *context.Context) {
-	ctx.JSON(http.StatusOK, cargo_service.BuildConfig(ctx.Package.Owner, setting.Service.RequireSignInView || ctx.Package.Owner.Visibility != structs.VisibleTypePublic))
+	ctx.JSON(http.StatusOK, cargo_service.BuildConfig(ctx.Package.Owner, setting.Service.RequireSignInViewStrict || ctx.Package.Owner.Visibility != structs.VisibleTypePublic))
 }
 
 func EnumeratePackageVersions(ctx *context.Context) {
@@ -95,10 +94,7 @@ type SearchResultMeta struct {
 
 // https://doc.rust-lang.org/cargo/reference/registries.html#search
 func SearchPackages(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page < 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	perPage := ctx.FormInt("per_page")
 	paginator := db.ListOptions{
 		Page:     page,
@@ -168,7 +164,7 @@ func ListOwners(ctx *context.Context) {
 
 // DownloadPackageFile serves the content of a package
 func DownloadPackageFile(ctx *context.Context) {
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -179,6 +175,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: strings.ToLower(fmt.Sprintf("%s-%s.crate", ctx.PathParam("package"), ctx.PathParam("version"))),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/chef/auth.go b/routers/api/packages/chef/auth.go
index a790e9a363..c6808300a2 100644
--- a/routers/api/packages/chef/auth.go
+++ b/routers/api/packages/chef/auth.go
@@ -12,6 +12,7 @@ import (
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"hash"
 	"math/big"
@@ -121,7 +122,7 @@ func verifyTimestamp(req *http.Request) error {
 	}
 
 	if diff > maxTimeDifference {
-		return fmt.Errorf("time difference")
+		return errors.New("time difference")
 	}
 
 	return nil
@@ -190,7 +191,7 @@ func getAuthorizationData(req *http.Request) ([]byte, error) {
 	tmp := make([]string, len(valueList))
 	for k, v := range valueList {
 		if k > len(tmp) {
-			return nil, fmt.Errorf("invalid X-Ops-Authorization headers")
+			return nil, errors.New("invalid X-Ops-Authorization headers")
 		}
 		tmp[k-1] = v
 	}
@@ -267,7 +268,7 @@ func verifyDataOld(signature, data []byte, pub *rsa.PublicKey) error {
 	}
 
 	if !slices.Equal(out[skip:], data) {
-		return fmt.Errorf("could not verify signature")
+		return errors.New("could not verify signature")
 	}
 
 	return nil
diff --git a/routers/api/packages/chef/chef.go b/routers/api/packages/chef/chef.go
index a0c8c5696c..50011ab0b1 100644
--- a/routers/api/packages/chef/chef.go
+++ b/routers/api/packages/chef/chef.go
@@ -30,10 +30,9 @@ func apiError(ctx *context.Context, status int, obj any) {
 		ErrorMessages []string `json:"error_messages"`
 	}
 
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, Error{
-			ErrorMessages: []string{message},
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, Error{
+		ErrorMessages: []string{message},
 	})
 }
 
@@ -343,7 +342,7 @@ func DownloadPackage(ctx *context.Context) {
 
 	pf := pd.Files[0].File
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
diff --git a/routers/api/packages/composer/composer.go b/routers/api/packages/composer/composer.go
index c6c14e5cf4..df04f49d2d 100644
--- a/routers/api/packages/composer/composer.go
+++ b/routers/api/packages/composer/composer.go
@@ -28,18 +28,17 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		type Error struct {
-			Status  int    `json:"status"`
-			Message string `json:"message"`
-		}
-		ctx.JSON(status, struct {
-			Errors []Error `json:"errors"`
-		}{
-			Errors: []Error{
-				{Status: status, Message: message},
-			},
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	type Error struct {
+		Status  int    `json:"status"`
+		Message string `json:"message"`
+	}
+	ctx.JSON(status, struct {
+		Errors []Error `json:"errors"`
+	}{
+		Errors: []Error{
+			{Status: status, Message: message},
+		},
 	})
 }
 
@@ -53,10 +52,7 @@ func ServiceIndex(ctx *context.Context) {
 // SearchPackages searches packages, only "q" is supported
 // https://packagist.org/apidoc#search-packages
 func SearchPackages(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page < 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	perPage := ctx.FormInt("per_page")
 	paginator := db.ListOptions{
 		Page:     page,
@@ -163,7 +159,7 @@ func PackageMetadata(ctx *context.Context) {
 
 // DownloadPackageFile serves the content of a package
 func DownloadPackageFile(ctx *context.Context) {
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -174,6 +170,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: ctx.PathParam("filename"),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/conan/auth.go b/routers/api/packages/conan/auth.go
index 9c03d01391..bce3235a2e 100644
--- a/routers/api/packages/conan/auth.go
+++ b/routers/api/packages/conan/auth.go
@@ -34,7 +34,6 @@ func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataS
 
 	u, err := user_model.GetUserByID(req.Context(), packageMeta.UserID)
 	if err != nil {
-		log.Error("GetUserByID:  %v", err)
 		return nil, err
 	}
 	if packageMeta.Scope != "" {
diff --git a/routers/api/packages/conan/conan.go b/routers/api/packages/conan/conan.go
index 8019eee9f7..126b1593cd 100644
--- a/routers/api/packages/conan/conan.go
+++ b/routers/api/packages/conan/conan.go
@@ -55,16 +55,13 @@ func jsonResponse(ctx *context.Context, status int, obj any) {
 	// https://github.com/conan-io/conan/issues/6613
 	ctx.Resp.Header().Set("Content-Type", "application/json")
 	ctx.Status(status)
-	if err := json.NewEncoder(ctx.Resp).Encode(obj); err != nil {
-		log.Error("JSON encode: %v", err)
-	}
+	_ = json.NewEncoder(ctx.Resp).Encode(obj)
 }
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		jsonResponse(ctx, status, map[string]string{
-			"message": message,
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	jsonResponse(ctx, status, map[string]string{
+		"message": message,
 	})
 }
 
@@ -393,7 +390,6 @@ func uploadFile(ctx *context.Context, fileFilter container.Set[string], fileKey
 		if isConanfileFile {
 			metadata, err := conan_module.ParseConanfile(buf)
 			if err != nil {
-				log.Error("Error parsing package metadata: %v", err)
 				apiError(ctx, http.StatusInternalServerError, err)
 				return
 			}
@@ -419,7 +415,6 @@ func uploadFile(ctx *context.Context, fileFilter container.Set[string], fileKey
 		} else {
 			info, err := conan_module.ParseConaninfo(buf)
 			if err != nil {
-				log.Error("Error parsing conan info: %v", err)
 				apiError(ctx, http.StatusInternalServerError, err)
 				return
 			}
@@ -480,7 +475,7 @@ func downloadFile(ctx *context.Context, fileFilter container.Set[string], fileKe
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -492,6 +487,7 @@ func downloadFile(ctx *context.Context, fileFilter container.Set[string], fileKe
 			Filename:     filename,
 			CompositeKey: fileKey,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/conda/conda.go b/routers/api/packages/conda/conda.go
index 7a46681235..f496002bb5 100644
--- a/routers/api/packages/conda/conda.go
+++ b/routers/api/packages/conda/conda.go
@@ -13,7 +13,6 @@ import (
 	packages_model "code.gitea.io/gitea/models/packages"
 	conda_model "code.gitea.io/gitea/models/packages/conda"
 	"code.gitea.io/gitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	conda_module "code.gitea.io/gitea/modules/packages/conda"
 	"code.gitea.io/gitea/modules/util"
@@ -25,17 +24,34 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, struct {
-			Reason  string `json:"reason"`
-			Message string `json:"message"`
-		}{
-			Reason:  http.StatusText(status),
-			Message: message,
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, struct {
+		Reason  string `json:"reason"`
+		Message string `json:"message"`
+	}{
+		Reason:  http.StatusText(status),
+		Message: message,
 	})
 }
 
+func isCondaPackageFileName(filename string) bool {
+	return strings.HasSuffix(filename, ".tar.bz2") || strings.HasSuffix(filename, ".conda")
+}
+
+func ListOrGetPackages(ctx *context.Context) {
+	filename := ctx.PathParam("filename")
+	switch filename {
+	case "repodata.json", "repodata.json.bz2", "current_repodata.json", "current_repodata.json.bz2":
+		EnumeratePackages(ctx)
+		return
+	}
+	if isCondaPackageFileName(filename) {
+		DownloadPackageFile(ctx)
+		return
+	}
+	http.NotFound(ctx.Resp, ctx.Req)
+}
+
 func EnumeratePackages(ctx *context.Context) {
 	type Info struct {
 		Subdir string `json:"subdir"`
@@ -167,13 +183,16 @@ func EnumeratePackages(ctx *context.Context) {
 	}
 
 	resp.WriteHeader(http.StatusOK)
-
-	if err := json.NewEncoder(w).Encode(repoData); err != nil {
-		log.Error("JSON encode: %v", err)
-	}
+	_ = json.NewEncoder(w).Encode(repoData)
 }
 
 func UploadPackageFile(ctx *context.Context) {
+	filename := ctx.PathParam("filename")
+	if !isCondaPackageFileName(filename) {
+		apiError(ctx, http.StatusBadRequest, nil)
+		return
+	}
+
 	upload, needToClose, err := ctx.UploadStream()
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
@@ -191,7 +210,7 @@ func UploadPackageFile(ctx *context.Context) {
 	defer buf.Close()
 
 	var pck *conda_module.Package
-	if strings.HasSuffix(strings.ToLower(ctx.PathParam("filename")), ".tar.bz2") {
+	if strings.HasSuffix(filename, ".tar.bz2") {
 		pck, err = conda_module.ParsePackageBZ2(buf)
 	} else {
 		pck, err = conda_module.ParsePackageConda(buf, buf.Size())
@@ -293,7 +312,7 @@ func DownloadPackageFile(ctx *context.Context) {
 
 	pf := pfs[0]
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
diff --git a/routers/api/packages/container/auth.go b/routers/api/packages/container/auth.go
index 1d8ae6af7d..19a931c405 100644
--- a/routers/api/packages/container/auth.go
+++ b/routers/api/packages/container/auth.go
@@ -21,7 +21,7 @@ func (a *Auth) Name() string {
 }
 
 // Verify extracts the user from the Bearer token
-// If it's an anonymous session a ghost user is returned
+// If it's an anonymous session, a ghost user is returned
 func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataStore, sess auth.SessionStore) (*user_model.User, error) {
 	packageMeta, err := packages.ParseAuthorizationRequest(req)
 	if err != nil {
@@ -35,7 +35,6 @@ func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataS
 
 	u, err := user_model.GetPossibleUserByID(req.Context(), packageMeta.UserID)
 	if err != nil {
-		log.Error("GetPossibleUserByID:  %v", err)
 		return nil, err
 	}
 
diff --git a/routers/api/packages/container/blob.go b/routers/api/packages/container/blob.go
index 671803788a..4b7bcee9d0 100644
--- a/routers/api/packages/container/blob.go
+++ b/routers/api/packages/container/blob.go
@@ -20,11 +20,13 @@ import (
 	container_module "code.gitea.io/gitea/modules/packages/container"
 	"code.gitea.io/gitea/modules/util"
 	packages_service "code.gitea.io/gitea/services/packages"
+
+	"github.com/opencontainers/go-digest"
 )
 
 // saveAsPackageBlob creates a package blob from an upload
 // The uploaded blob gets stored in a special upload version to link them to the package/image
-func saveAsPackageBlob(ctx context.Context, hsr packages_module.HashedSizeReader, pci *packages_service.PackageCreationInfo) (*packages_model.PackageBlob, error) { //nolint:unparam
+func saveAsPackageBlob(ctx context.Context, hsr packages_module.HashedSizeReader, pci *packages_service.PackageCreationInfo) (*packages_model.PackageBlob, error) { //nolint:unparam // PackageBlob is never used
 	pb := packages_service.NewPackageBlob(hsr)
 
 	exists := false
@@ -88,20 +90,18 @@ func mountBlob(ctx context.Context, pi *packages_service.PackageInfo, pb *packag
 	})
 }
 
-func containerPkgName(piOwnerID int64, piName string) string {
-	return fmt.Sprintf("pkg_%d_container_%s", piOwnerID, strings.ToLower(piName))
+func containerGlobalLockKey(piOwnerID int64, piName, usage string) string {
+	return fmt.Sprintf("pkg_%d_container_%s_%s", piOwnerID, strings.ToLower(piName), usage)
 }
 
 func getOrCreateUploadVersion(ctx context.Context, pi *packages_service.PackageInfo) (*packages_model.PackageVersion, error) {
-	var uploadVersion *packages_model.PackageVersion
-
-	releaser, err := globallock.Lock(ctx, containerPkgName(pi.Owner.ID, pi.Name))
+	releaser, err := globallock.Lock(ctx, containerGlobalLockKey(pi.Owner.ID, pi.Name, "package"))
 	if err != nil {
 		return nil, err
 	}
 	defer releaser()
 
-	err = db.WithTx(ctx, func(ctx context.Context) error {
+	return db.WithTx2(ctx, func(ctx context.Context) (*packages_model.PackageVersion, error) {
 		created := true
 		p := &packages_model.Package{
 			OwnerID:   pi.Owner.ID,
@@ -113,7 +113,7 @@ func getOrCreateUploadVersion(ctx context.Context, pi *packages_service.PackageI
 		if p, err = packages_model.TryInsertPackage(ctx, p); err != nil {
 			if !errors.Is(err, packages_model.ErrDuplicatePackage) {
 				log.Error("Error inserting package: %v", err)
-				return err
+				return nil, err
 			}
 			created = false
 		}
@@ -121,35 +121,30 @@ func getOrCreateUploadVersion(ctx context.Context, pi *packages_service.PackageI
 		if created {
 			if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypePackage, p.ID, container_module.PropertyRepository, strings.ToLower(pi.Owner.LowerName+"/"+pi.Name)); err != nil {
 				log.Error("Error setting package property: %v", err)
-				return err
+				return nil, err
 			}
 		}
 
 		pv := &packages_model.PackageVersion{
 			PackageID:    p.ID,
 			CreatorID:    pi.Owner.ID,
-			Version:      container_model.UploadVersion,
-			LowerVersion: container_model.UploadVersion,
+			Version:      container_module.UploadVersion,
+			LowerVersion: container_module.UploadVersion,
 			IsInternal:   true,
 			MetadataJSON: "null",
 		}
 		if pv, err = packages_model.GetOrInsertVersion(ctx, pv); err != nil {
 			if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
 				log.Error("Error inserting package: %v", err)
-				return err
+				return nil, err
 			}
 		}
-
-		uploadVersion = pv
-
-		return nil
+		return pv, nil
 	})
-
-	return uploadVersion, err
 }
 
 func createFileForBlob(ctx context.Context, pv *packages_model.PackageVersion, pb *packages_model.PackageBlob) error {
-	filename := strings.ToLower(fmt.Sprintf("sha256_%s", pb.HashSHA256))
+	filename := strings.ToLower("sha256_" + pb.HashSHA256)
 
 	pf := &packages_model.PackageFile{
 		VersionID:    pv.ID,
@@ -175,8 +170,8 @@ func createFileForBlob(ctx context.Context, pv *packages_model.PackageVersion, p
 	return nil
 }
 
-func deleteBlob(ctx context.Context, ownerID int64, image, digest string) error {
-	releaser, err := globallock.Lock(ctx, containerPkgName(ownerID, image))
+func deleteBlob(ctx context.Context, ownerID int64, image string, digest digest.Digest) error {
+	releaser, err := globallock.Lock(ctx, containerGlobalLockKey(ownerID, image, "blob"))
 	if err != nil {
 		return err
 	}
@@ -186,7 +181,7 @@ func deleteBlob(ctx context.Context, ownerID int64, image, digest string) error
 		pfds, err := container_model.GetContainerBlobs(ctx, &container_model.BlobSearchOptions{
 			OwnerID: ownerID,
 			Image:   image,
-			Digest:  digest,
+			Digest:  string(digest),
 		})
 		if err != nil {
 			return err
diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go
index bb14db9db7..db81dd13c2 100644
--- a/routers/api/packages/container/container.go
+++ b/routers/api/packages/container/container.go
@@ -13,6 +13,7 @@ import (
 	"regexp"
 	"strconv"
 	"strings"
+	"sync"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	packages_model "code.gitea.io/gitea/models/packages"
@@ -21,6 +22,7 @@ import (
 	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/optional"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	container_module "code.gitea.io/gitea/modules/packages/container"
 	"code.gitea.io/gitea/modules/setting"
@@ -31,17 +33,21 @@ import (
 	packages_service "code.gitea.io/gitea/services/packages"
 	container_service "code.gitea.io/gitea/services/packages/container"
 
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 )
 
 // maximum size of a container manifest
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-manifests
 const maxManifestSize = 10 * 1024 * 1024
 
-var (
-	imageNamePattern = regexp.MustCompile(`\A[a-z0-9]+([._-][a-z0-9]+)*(/[a-z0-9]+([._-][a-z0-9]+)*)*\z`)
-	referencePattern = regexp.MustCompile(`\A[a-zA-Z0-9_][a-zA-Z0-9._-]{0,127}\z`)
-)
+var globalVars = sync.OnceValue(func() (ret struct {
+	imageNamePattern, referencePattern *regexp.Regexp
+},
+) {
+	ret.imageNamePattern = regexp.MustCompile(`\A[a-z0-9]+([._-][a-z0-9]+)*(/[a-z0-9]+([._-][a-z0-9]+)*)*\z`)
+	ret.referencePattern = regexp.MustCompile(`\A[a-zA-Z0-9_][a-zA-Z0-9._-]{0,127}\z`)
+	return ret
+})
 
 type containerHeaders struct {
 	Status        int
@@ -50,7 +56,7 @@ type containerHeaders struct {
 	Range         string
 	Location      string
 	ContentType   string
-	ContentLength int64
+	ContentLength optional.Option[int64]
 }
 
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#legacy-docker-support-http-headers
@@ -64,8 +70,8 @@ func setResponseHeaders(resp http.ResponseWriter, h *containerHeaders) {
 	if h.ContentType != "" {
 		resp.Header().Set("Content-Type", h.ContentType)
 	}
-	if h.ContentLength != 0 {
-		resp.Header().Set("Content-Length", strconv.FormatInt(h.ContentLength, 10))
+	if h.ContentLength.Has() {
+		resp.Header().Set("Content-Length", strconv.FormatInt(h.ContentLength.Value(), 10))
 	}
 	if h.UploadUUID != "" {
 		resp.Header().Set("Docker-Upload-Uuid", h.UploadUUID)
@@ -83,16 +89,13 @@ func jsonResponse(ctx *context.Context, status int, obj any) {
 		Status:      status,
 		ContentType: "application/json",
 	})
-	if err := json.NewEncoder(ctx.Resp).Encode(obj); err != nil {
-		log.Error("JSON encode: %v", err)
-	}
+	_ = json.NewEncoder(ctx.Resp).Encode(obj) // ignore network errors
 }
 
 func apiError(ctx *context.Context, status int, err error) {
-	helper.LogAndProcessError(ctx, status, err, func(message string) {
-		setResponseHeaders(ctx.Resp, &containerHeaders{
-			Status: status,
-		})
+	_ = helper.ProcessErrorForUser(ctx, status, err)
+	setResponseHeaders(ctx.Resp, &containerHeaders{
+		Status: status,
 	})
 }
 
@@ -126,14 +129,14 @@ func apiUnauthorizedError(ctx *context.Context) {
 
 // ReqContainerAccess is a middleware which checks the current user valid (real user or ghost if anonymous access is enabled)
 func ReqContainerAccess(ctx *context.Context) {
-	if ctx.Doer == nil || (setting.Service.RequireSignInView && ctx.Doer.IsGhost()) {
+	if ctx.Doer == nil || (setting.Service.RequireSignInViewStrict && ctx.Doer.IsGhost()) {
 		apiUnauthorizedError(ctx)
 	}
 }
 
 // VerifyImageName is a middleware which checks if the image name is allowed
 func VerifyImageName(ctx *context.Context) {
-	if !imageNamePattern.MatchString(ctx.PathParam("image")) {
+	if !globalVars().imageNamePattern.MatchString(ctx.PathParam("image")) {
 		apiErrorDefined(ctx, errNameInvalid)
 	}
 }
@@ -152,7 +155,7 @@ func Authenticate(ctx *context.Context) {
 	u := ctx.Doer
 	packageScope := auth_service.GetAccessScope(ctx.Data)
 	if u == nil {
-		if setting.Service.RequireSignInView {
+		if setting.Service.RequireSignInViewStrict {
 			apiUnauthorizedError(ctx)
 			return
 		}
@@ -215,7 +218,7 @@ func GetRepositoryList(ctx *context.Context) {
 	if len(repositories) == n {
 		v := url.Values{}
 		if n > 0 {
-			v.Add("n", strconv.Itoa(n))
+			v.Add("n", strconv.Itoa(n)) // FIXME: "n" can't be zero here, the logic is inconsistent with GetTagsList
 		}
 		v.Add("last", repositories[len(repositories)-1])
 
@@ -230,7 +233,7 @@ func GetRepositoryList(ctx *context.Context) {
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#mounting-a-blob-from-another-repository
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
-func InitiateUploadBlob(ctx *context.Context) {
+func PostBlobsUploads(ctx *context.Context) {
 	image := ctx.PathParam("image")
 
 	mount := ctx.FormTrim("mount")
@@ -312,14 +315,14 @@ func InitiateUploadBlob(ctx *context.Context) {
 
 	setResponseHeaders(ctx.Resp, &containerHeaders{
 		Location:   fmt.Sprintf("/v2/%s/%s/blobs/uploads/%s", ctx.Package.Owner.LowerName, image, upload.ID),
-		Range:      "0-0",
 		UploadUUID: upload.ID,
 		Status:     http.StatusAccepted,
 	})
 }
 
-// https://docs.docker.com/registry/spec/api/#get-blob-upload
-func GetUploadBlob(ctx *context.Context) {
+// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
+func GetBlobsUpload(ctx *context.Context) {
+	image := ctx.PathParam("image")
 	uuid := ctx.PathParam("uuid")
 
 	upload, err := packages_model.GetBlobUploadByID(ctx, uuid)
@@ -332,15 +335,21 @@ func GetUploadBlob(ctx *context.Context) {
 		return
 	}
 
-	setResponseHeaders(ctx.Resp, &containerHeaders{
-		Range:      fmt.Sprintf("0-%d", upload.BytesReceived),
+	// FIXME: undefined behavior when the uploaded content is empty: https://github.com/opencontainers/distribution-spec/issues/578
+	respHeaders := &containerHeaders{
+		Location:   fmt.Sprintf("/v2/%s/%s/blobs/uploads/%s", ctx.Package.Owner.LowerName, image, upload.ID),
 		UploadUUID: upload.ID,
 		Status:     http.StatusNoContent,
-	})
+	}
+	if upload.BytesReceived > 0 {
+		respHeaders.Range = fmt.Sprintf("0-%d", upload.BytesReceived-1)
+	}
+	setResponseHeaders(ctx.Resp, respHeaders)
 }
 
+// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
-func UploadBlob(ctx *context.Context) {
+func PatchBlobsUpload(ctx *context.Context) {
 	image := ctx.PathParam("image")
 
 	uploader, err := container_service.NewBlobUploader(ctx, ctx.PathParam("uuid"))
@@ -376,16 +385,19 @@ func UploadBlob(ctx *context.Context) {
 		return
 	}
 
-	setResponseHeaders(ctx.Resp, &containerHeaders{
+	respHeaders := &containerHeaders{
 		Location:   fmt.Sprintf("/v2/%s/%s/blobs/uploads/%s", ctx.Package.Owner.LowerName, image, uploader.ID),
-		Range:      fmt.Sprintf("0-%d", uploader.Size()-1),
 		UploadUUID: uploader.ID,
 		Status:     http.StatusAccepted,
-	})
+	}
+	if uploader.Size() > 0 {
+		respHeaders.Range = fmt.Sprintf("0-%d", uploader.Size()-1)
+	}
+	setResponseHeaders(ctx.Resp, respHeaders)
 }
 
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
-func EndUploadBlob(ctx *context.Context) {
+func PutBlobsUpload(ctx *context.Context) {
 	image := ctx.PathParam("image")
 
 	digest := ctx.FormTrim("digest")
@@ -403,12 +415,7 @@ func EndUploadBlob(ctx *context.Context) {
 		}
 		return
 	}
-	doClose := true
-	defer func() {
-		if doClose {
-			uploader.Close()
-		}
-	}()
+	defer uploader.Close()
 
 	if ctx.Req.Body != nil {
 		if err := uploader.Append(ctx, ctx.Req.Body); err != nil {
@@ -441,11 +448,10 @@ func EndUploadBlob(ctx *context.Context) {
 		return
 	}
 
-	if err := uploader.Close(); err != nil {
-		apiError(ctx, http.StatusInternalServerError, err)
-		return
-	}
-	doClose = false
+	// Some SDK (e.g.: minio) will close the Reader if it is also a Closer after "uploading".
+	// And we don't need to wrap the reader to anything else because the SDK will benefit from other interfaces like Seeker.
+	// It's safe to call Close twice, so ignore the error.
+	_ = uploader.Close()
 
 	if err := container_service.RemoveBlobUploadByID(ctx, uploader.ID); err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
@@ -460,7 +466,7 @@ func EndUploadBlob(ctx *context.Context) {
 }
 
 // https://docs.docker.com/registry/spec/api/#delete-blob-upload
-func CancelUploadBlob(ctx *context.Context) {
+func DeleteBlobsUpload(ctx *context.Context) {
 	uuid := ctx.PathParam("uuid")
 
 	_, err := packages_model.GetBlobUploadByID(ctx, uuid)
@@ -484,16 +490,15 @@ func CancelUploadBlob(ctx *context.Context) {
 }
 
 func getBlobFromContext(ctx *context.Context) (*packages_model.PackageFileDescriptor, error) {
-	d := ctx.PathParam("digest")
-
-	if digest.Digest(d).Validate() != nil {
+	d := digest.Digest(ctx.PathParam("digest"))
+	if d.Validate() != nil {
 		return nil, container_model.ErrContainerBlobNotExist
 	}
 
 	return workaroundGetContainerBlob(ctx, &container_model.BlobSearchOptions{
 		OwnerID: ctx.Package.Owner.ID,
 		Image:   ctx.PathParam("image"),
-		Digest:  d,
+		Digest:  string(d),
 	})
 }
 
@@ -511,7 +516,7 @@ func HeadBlob(ctx *context.Context) {
 
 	setResponseHeaders(ctx.Resp, &containerHeaders{
 		ContentDigest: blob.Properties.GetByName(container_module.PropertyDigest),
-		ContentLength: blob.Blob.Size,
+		ContentLength: optional.Some(blob.Blob.Size),
 		Status:        http.StatusOK,
 	})
 }
@@ -533,9 +538,8 @@ func GetBlob(ctx *context.Context) {
 
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#deleting-blobs
 func DeleteBlob(ctx *context.Context) {
-	d := ctx.PathParam("digest")
-
-	if digest.Digest(d).Validate() != nil {
+	d := digest.Digest(ctx.PathParam("digest"))
+	if d.Validate() != nil {
 		apiErrorDefined(ctx, errBlobUnknown)
 		return
 	}
@@ -551,7 +555,7 @@ func DeleteBlob(ctx *context.Context) {
 }
 
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-manifests
-func UploadManifest(ctx *context.Context) {
+func PutManifest(ctx *context.Context) {
 	reference := ctx.PathParam("reference")
 
 	mci := &manifestCreationInfo{
@@ -563,7 +567,7 @@ func UploadManifest(ctx *context.Context) {
 		IsTagged:  digest.Digest(reference).Validate() != nil,
 	}
 
-	if mci.IsTagged && !referencePattern.MatchString(reference) {
+	if mci.IsTagged && !globalVars().referencePattern.MatchString(reference) {
 		apiErrorDefined(ctx, errManifestInvalid.WithMessage("Tag is invalid"))
 		return
 	}
@@ -607,18 +611,18 @@ func UploadManifest(ctx *context.Context) {
 }
 
 func getBlobSearchOptionsFromContext(ctx *context.Context) (*container_model.BlobSearchOptions, error) {
-	reference := ctx.PathParam("reference")
-
 	opts := &container_model.BlobSearchOptions{
 		OwnerID:    ctx.Package.Owner.ID,
 		Image:      ctx.PathParam("image"),
 		IsManifest: true,
 	}
 
-	if digest.Digest(reference).Validate() == nil {
-		opts.Digest = reference
-	} else if referencePattern.MatchString(reference) {
+	reference := ctx.PathParam("reference")
+	if d := digest.Digest(reference); d.Validate() == nil {
+		opts.Digest = string(d)
+	} else if globalVars().referencePattern.MatchString(reference) {
 		opts.Tag = reference
+		opts.OnlyLead = true
 	} else {
 		return nil, container_model.ErrContainerBlobNotExist
 	}
@@ -650,7 +654,7 @@ func HeadManifest(ctx *context.Context) {
 	setResponseHeaders(ctx.Resp, &containerHeaders{
 		ContentDigest: manifest.Properties.GetByName(container_module.PropertyDigest),
 		ContentType:   manifest.Properties.GetByName(container_module.PropertyMediaType),
-		ContentLength: manifest.Blob.Size,
+		ContentLength: optional.Some(manifest.Blob.Size),
 		Status:        http.StatusOK,
 	})
 }
@@ -705,7 +709,7 @@ func DeleteManifest(ctx *context.Context) {
 func serveBlob(ctx *context.Context, pfd *packages_model.PackageFileDescriptor) {
 	serveDirectReqParams := make(url.Values)
 	serveDirectReqParams.Set("response-content-type", pfd.Properties.GetByName(container_module.PropertyMediaType))
-	s, u, _, err := packages_service.GetPackageBlobStream(ctx, pfd.File, pfd.Blob, serveDirectReqParams)
+	s, u, _, err := packages_service.OpenBlobForDownload(ctx, pfd.File, pfd.Blob, ctx.Req.Method, serveDirectReqParams)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
@@ -714,14 +718,14 @@ func serveBlob(ctx *context.Context, pfd *packages_model.PackageFileDescriptor)
 	headers := &containerHeaders{
 		ContentDigest: pfd.Properties.GetByName(container_module.PropertyDigest),
 		ContentType:   pfd.Properties.GetByName(container_module.PropertyMediaType),
-		ContentLength: pfd.Blob.Size,
+		ContentLength: optional.Some(pfd.Blob.Size),
 		Status:        http.StatusOK,
 	}
 
 	if u != nil {
 		headers.Status = http.StatusTemporaryRedirect
 		headers.Location = u.String()
-
+		headers.ContentLength = optional.None[int64]() // do not set Content-Length for redirect responses
 		setResponseHeaders(ctx.Resp, headers)
 		return
 	}
@@ -729,13 +733,11 @@ func serveBlob(ctx *context.Context, pfd *packages_model.PackageFileDescriptor)
 	defer s.Close()
 
 	setResponseHeaders(ctx.Resp, headers)
-	if _, err := io.Copy(ctx.Resp, s); err != nil {
-		log.Error("Error whilst copying content to response: %v", err)
-	}
+	_, _ = io.Copy(ctx.Resp, s)
 }
 
 // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#content-discovery
-func GetTagList(ctx *context.Context) {
+func GetTagsList(ctx *context.Context) {
 	image := ctx.PathParam("image")
 
 	if _, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.TypeContainer, image); err != nil {
@@ -780,7 +782,8 @@ func GetTagList(ctx *context.Context) {
 	})
 }
 
-// FIXME: Workaround to be removed in v1.20
+// FIXME: Workaround to be removed in v1.20.
+// Update maybe we should never really remote it, as long as there is legacy data?
 // https://github.com/go-gitea/gitea/issues/19586
 func workaroundGetContainerBlob(ctx *context.Context, opts *container_model.BlobSearchOptions) (*packages_model.PackageFileDescriptor, error) {
 	blob, err := container_model.GetContainerBlob(ctx, opts)
diff --git a/routers/api/packages/container/manifest.go b/routers/api/packages/container/manifest.go
index ad035cf473..de40215aa7 100644
--- a/routers/api/packages/container/manifest.go
+++ b/routers/api/packages/container/manifest.go
@@ -10,11 +10,13 @@ import (
 	"io"
 	"os"
 	"strings"
+	"time"
 
 	"code.gitea.io/gitea/models/db"
 	packages_model "code.gitea.io/gitea/models/packages"
 	container_model "code.gitea.io/gitea/models/packages/container"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/globallock"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
@@ -22,23 +24,12 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	notify_service "code.gitea.io/gitea/services/notify"
 	packages_service "code.gitea.io/gitea/services/packages"
+	container_service "code.gitea.io/gitea/services/packages/container"
 
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	oci "github.com/opencontainers/image-spec/specs-go/v1"
 )
 
-func isValidMediaType(mt string) bool {
-	return strings.HasPrefix(mt, "application/vnd.docker.") || strings.HasPrefix(mt, "application/vnd.oci.")
-}
-
-func isImageManifestMediaType(mt string) bool {
-	return strings.EqualFold(mt, oci.MediaTypeImageManifest) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.v2+json")
-}
-
-func isImageIndexMediaType(mt string) bool {
-	return strings.EqualFold(mt, oci.MediaTypeImageIndex) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.list.v2+json")
-}
-
 // manifestCreationInfo describes a manifest to create
 type manifestCreationInfo struct {
 	MediaType  string
@@ -55,71 +46,71 @@ func processManifest(ctx context.Context, mci *manifestCreationInfo, buf *packag
 	if err := json.NewDecoder(buf).Decode(&index); err != nil {
 		return "", err
 	}
-
 	if index.SchemaVersion != 2 {
 		return "", errUnsupported.WithMessage("Schema version is not supported")
 	}
-
 	if _, err := buf.Seek(0, io.SeekStart); err != nil {
 		return "", err
 	}
 
-	if !isValidMediaType(mci.MediaType) {
+	if !container_module.IsMediaTypeValid(mci.MediaType) {
 		mci.MediaType = index.MediaType
-		if !isValidMediaType(mci.MediaType) {
+		if !container_module.IsMediaTypeValid(mci.MediaType) {
 			return "", errManifestInvalid.WithMessage("MediaType not recognized")
 		}
 	}
 
-	if isImageManifestMediaType(mci.MediaType) {
-		return processImageManifest(ctx, mci, buf)
-	} else if isImageIndexMediaType(mci.MediaType) {
-		return processImageManifestIndex(ctx, mci, buf)
+	// .../container/manifest.go:453:createManifestBlob() [E] Error inserting package blob: Error 1062 (23000): Duplicate entry '..........' for key 'package_blob.UQE_package_blob_md5'
+	releaser, err := globallock.Lock(ctx, containerGlobalLockKey(mci.Owner.ID, mci.Image, "manifest"))
+	if err != nil {
+		return "", err
+	}
+	defer releaser()
+
+	if container_module.IsMediaTypeImageManifest(mci.MediaType) {
+		return processOciImageManifest(ctx, mci, buf)
+	} else if container_module.IsMediaTypeImageIndex(mci.MediaType) {
+		return processOciImageIndex(ctx, mci, buf)
 	}
 	return "", errManifestInvalid
 }
 
-func processImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) {
-	manifestDigest := ""
-
-	err := func() error {
-		var manifest oci.Manifest
-		if err := json.NewDecoder(buf).Decode(&manifest); err != nil {
-			return err
-		}
-
-		if _, err := buf.Seek(0, io.SeekStart); err != nil {
-			return err
-		}
-
-		ctx, committer, err := db.TxContext(ctx)
-		if err != nil {
-			return err
-		}
-		defer committer.Close()
-
-		configDescriptor, err := container_model.GetContainerBlob(ctx, &container_model.BlobSearchOptions{
-			OwnerID: mci.Owner.ID,
-			Image:   mci.Image,
-			Digest:  string(manifest.Config.Digest),
-		})
-		if err != nil {
-			return err
-		}
+type processManifestTxRet struct {
+	pv      *packages_model.PackageVersion
+	pb      *packages_model.PackageBlob
+	created bool
+	digest  string
+}
 
-		configReader, err := packages_module.NewContentStore().Get(packages_module.BlobHash256Key(configDescriptor.Blob.HashSHA256))
-		if err != nil {
-			return err
+func handleCreateManifestResult(ctx context.Context, err error, mci *manifestCreationInfo, contentStore *packages_module.ContentStore, txRet *processManifestTxRet) (string, error) {
+	if err != nil && txRet.created && txRet.pb != nil {
+		if err := contentStore.Delete(packages_module.BlobHash256Key(txRet.pb.HashSHA256)); err != nil {
+			log.Error("Error deleting package blob from content store: %v", err)
 		}
-		defer configReader.Close()
+		return "", err
+	}
+	pd, err := packages_model.GetPackageDescriptor(ctx, txRet.pv)
+	if err != nil {
+		log.Error("Error getting package descriptor: %v", err) // ignore this error
+	} else {
+		notify_service.PackageCreate(ctx, mci.Creator, pd)
+	}
+	return txRet.digest, nil
+}
 
-		metadata, err := container_module.ParseImageConfig(manifest.Config.MediaType, configReader)
-		if err != nil {
-			return err
-		}
+func processOciImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (manifestDigest string, errRet error) {
+	manifest, configDescriptor, metadata, err := container_service.ParseManifestMetadata(ctx, buf, mci.Owner.ID, mci.Image)
+	if err != nil {
+		return "", err
+	}
+	if _, err = buf.Seek(0, io.SeekStart); err != nil {
+		return "", err
+	}
 
+	contentStore := packages_module.NewContentStore()
+	var txRet processManifestTxRet
+	err = db.WithTx(ctx, func(ctx context.Context) (err error) {
 		blobReferences := make([]*blobReference, 0, 1+len(manifest.Layers))
-
 		blobReferences = append(blobReferences, &blobReference{
 			Digest:       manifest.Config.Digest,
 			MediaType:    manifest.Config.MediaType,
@@ -150,78 +141,43 @@ func processImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *p
 			return err
 		}
 
-		uploadVersion, err := packages_model.GetInternalVersionByNameAndVersion(ctx, mci.Owner.ID, packages_model.TypeContainer, mci.Image, container_model.UploadVersion)
-		if err != nil && err != packages_model.ErrPackageNotExist {
+		uploadVersion, err := packages_model.GetInternalVersionByNameAndVersion(ctx, mci.Owner.ID, packages_model.TypeContainer, mci.Image, container_module.UploadVersion)
+		if err != nil && !errors.Is(err, packages_model.ErrPackageNotExist) {
 			return err
 		}
 
 		for _, ref := range blobReferences {
-			if err := createFileFromBlobReference(ctx, pv, uploadVersion, ref); err != nil {
+			if _, err = createFileFromBlobReference(ctx, pv, uploadVersion, ref); err != nil {
 				return err
 			}
 		}
+		txRet.pv = pv
+		txRet.pb, txRet.created, txRet.digest, err = createManifestBlob(ctx, contentStore, mci, pv, buf)
+		return err
+	})
 
-		pb, created, digest, err := createManifestBlob(ctx, mci, pv, buf)
-		removeBlob := false
-		defer func() {
-			if removeBlob {
-				contentStore := packages_module.NewContentStore()
-				if err := contentStore.Delete(packages_module.BlobHash256Key(pb.HashSHA256)); err != nil {
-					log.Error("Error deleting package blob from content store: %v", err)
-				}
-			}
-		}()
-		if err != nil {
-			removeBlob = created
-			return err
-		}
-
-		if err := committer.Commit(); err != nil {
-			removeBlob = created
-			return err
-		}
-
-		if err := notifyPackageCreate(ctx, mci.Creator, pv); err != nil {
-			return err
-		}
-
-		manifestDigest = digest
+	return handleCreateManifestResult(ctx, err, mci, contentStore, &txRet)
+}
 
-		return nil
-	}()
-	if err != nil {
+func processOciImageIndex(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (manifestDigest string, errRet error) {
+	var index oci.Index
+	if err := json.NewDecoder(buf).Decode(&index); err != nil {
+		return "", err
+	}
+	if _, err := buf.Seek(0, io.SeekStart); err != nil {
 		return "", err
 	}
 
-	return manifestDigest, nil
-}
-
-func processImageManifestIndex(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) {
-	manifestDigest := ""
-
-	err := func() error {
-		var index oci.Index
-		if err := json.NewDecoder(buf).Decode(&index); err != nil {
-			return err
-		}
-
-		if _, err := buf.Seek(0, io.SeekStart); err != nil {
-			return err
-		}
-
-		ctx, committer, err := db.TxContext(ctx)
-		if err != nil {
-			return err
-		}
-		defer committer.Close()
-
+	contentStore := packages_module.NewContentStore()
+	var txRet processManifestTxRet
+	err := db.WithTx(ctx, func(ctx context.Context) (err error) {
 		metadata := &container_module.Metadata{
 			Type:      container_module.TypeOCI,
 			Manifests: make([]*container_module.Manifest, 0, len(index.Manifests)),
 		}
 
 		for _, manifest := range index.Manifests {
-			if !isImageManifestMediaType(manifest.MediaType) {
+			if !container_module.IsMediaTypeImageManifest(manifest.MediaType) {
 				return errManifestInvalid
 			}
 
@@ -265,50 +221,12 @@ func processImageManifestIndex(ctx context.Context, mci *manifestCreationInfo, b
 			return err
 		}
 
-		pb, created, digest, err := createManifestBlob(ctx, mci, pv, buf)
-		removeBlob := false
-		defer func() {
-			if removeBlob {
-				contentStore := packages_module.NewContentStore()
-				if err := contentStore.Delete(packages_module.BlobHash256Key(pb.HashSHA256)); err != nil {
-					log.Error("Error deleting package blob from content store: %v", err)
-				}
-			}
-		}()
-		if err != nil {
-			removeBlob = created
-			return err
-		}
-
-		if err := committer.Commit(); err != nil {
-			removeBlob = created
-			return err
-		}
-
-		if err := notifyPackageCreate(ctx, mci.Creator, pv); err != nil {
-			return err
-		}
-
-		manifestDigest = digest
-
-		return nil
-	}()
-	if err != nil {
-		return "", err
-	}
-
-	return manifestDigest, nil
-}
-
-func notifyPackageCreate(ctx context.Context, doer *user_model.User, pv *packages_model.PackageVersion) error {
-	pd, err := packages_model.GetPackageDescriptor(ctx, pv)
-	if err != nil {
+		txRet.pv = pv
+		txRet.pb, txRet.created, txRet.digest, err = createManifestBlob(ctx, contentStore, mci, pv, buf)
 		return err
-	}
-
-	notify_service.PackageCreate(ctx, doer, pd)
+	})
 
-	return nil
+	return handleCreateManifestResult(ctx, err, mci, contentStore, &txRet)
 }
 
 func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, metadata *container_module.Metadata) (*packages_model.PackageVersion, error) {
@@ -349,24 +267,31 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
 		LowerVersion: strings.ToLower(mci.Reference),
 		MetadataJSON: string(metadataJSON),
 	}
-	var pv *packages_model.PackageVersion
-	if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
+	pv, err := packages_model.GetOrInsertVersion(ctx, _pv)
+	if err != nil {
 		if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
 			log.Error("Error inserting package: %v", err)
 			return nil, err
 		}
 
-		if err = packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
-			return nil, err
-		}
-
-		// keep download count on overwrite
-		_pv.DownloadCount = pv.DownloadCount
-
-		if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
-			if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
-				log.Error("Error inserting package: %v", err)
-				return nil, err
+		if container_module.IsMediaTypeImageIndex(mci.MediaType) {
+			if pv.CreatedUnix.AsTime().Before(time.Now().Add(-24 * time.Hour)) {
+				if err = packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
+					return nil, err
+				}
+				// keep download count on overwriting
+				_pv.DownloadCount = pv.DownloadCount
+				if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
+					if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
+						log.Error("Error inserting package: %v", err)
+						return nil, err
+					}
+				}
+			} else {
+				err = packages_model.UpdateVersion(ctx, &packages_model.PackageVersion{ID: pv.ID, MetadataJSON: _pv.MetadataJSON})
+				if err != nil {
+					return nil, err
+				}
 			}
 		}
 	}
@@ -376,14 +301,20 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
 	}
 
 	if mci.IsTagged {
-		if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged, ""); err != nil {
-			log.Error("Error setting package version property: %v", err)
+		if err = packages_model.InsertOrUpdateProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged, ""); err != nil {
+			return nil, err
+		}
+	} else {
+		if err = packages_model.DeletePropertiesByName(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged); err != nil {
 			return nil, err
 		}
 	}
+
+	if err = packages_model.DeletePropertiesByName(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestReference); err != nil {
+		return nil, err
+	}
 	for _, manifest := range metadata.Manifests {
-		if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestReference, manifest.Digest); err != nil {
-			log.Error("Error setting package version property: %v", err)
+		if _, err = packages_model.InsertProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestReference, manifest.Digest); err != nil {
 			return nil, err
 		}
 	}
@@ -400,30 +331,31 @@ type blobReference struct {
 	IsLead       bool
 }
 
-func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *packages_model.PackageVersion, ref *blobReference) error {
+func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *packages_model.PackageVersion, ref *blobReference) (*packages_model.PackageFile, error) {
 	if ref.File.Blob.Size != ref.ExpectedSize {
-		return errSizeInvalid
+		return nil, errSizeInvalid
 	}
 
 	if ref.Name == "" {
-		ref.Name = strings.ToLower(fmt.Sprintf("sha256_%s", ref.File.Blob.HashSHA256))
+		ref.Name = strings.ToLower("sha256_" + ref.File.Blob.HashSHA256)
 	}
 
 	pf := &packages_model.PackageFile{
-		VersionID: pv.ID,
-		BlobID:    ref.File.Blob.ID,
-		Name:      ref.Name,
-		LowerName: ref.Name,
-		IsLead:    ref.IsLead,
+		VersionID:    pv.ID,
+		BlobID:       ref.File.Blob.ID,
+		Name:         ref.Name,
+		LowerName:    ref.Name,
+		CompositeKey: string(ref.Digest),
+		IsLead:       ref.IsLead,
 	}
 	var err error
 	if pf, err = packages_model.TryInsertFile(ctx, pf); err != nil {
 		if errors.Is(err, packages_model.ErrDuplicatePackageFile) {
 			// Skip this blob because the manifest contains the same filesystem layer multiple times.
-			return nil
+			return pf, nil
 		}
 		log.Error("Error inserting package file: %v", err)
-		return err
+		return nil, err
 	}
 
 	props := map[string]string{
@@ -433,21 +365,21 @@ func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *package
 	for name, value := range props {
 		if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeFile, pf.ID, name, value); err != nil {
 			log.Error("Error setting package file property: %v", err)
-			return err
+			return nil, err
 		}
 	}
 
-	// Remove the file from the blob upload version
+	// Remove the ref file (old file) from the blob upload version
 	if uploadVersion != nil && ref.File.File != nil && uploadVersion.ID == ref.File.File.VersionID {
 		if err := packages_service.DeletePackageFile(ctx, ref.File.File); err != nil {
-			return err
+			return nil, err
 		}
 	}
 
-	return nil
+	return pf, nil
 }
 
-func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *packages_model.PackageVersion, buf *packages_module.HashedBuffer) (*packages_model.PackageBlob, bool, string, error) {
+func createManifestBlob(ctx context.Context, contentStore *packages_module.ContentStore, mci *manifestCreationInfo, pv *packages_model.PackageVersion, buf *packages_module.HashedBuffer) (_ *packages_model.PackageBlob, created bool, manifestDigest string, _ error) {
 	pb, exists, err := packages_model.GetOrInsertBlob(ctx, packages_service.NewPackageBlob(buf))
 	if err != nil {
 		log.Error("Error inserting package blob: %v", err)
@@ -456,29 +388,48 @@ func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *pack
 	// FIXME: Workaround to be removed in v1.20
 	// https://github.com/go-gitea/gitea/issues/19586
 	if exists {
-		err = packages_module.NewContentStore().Has(packages_module.BlobHash256Key(pb.HashSHA256))
+		err = contentStore.Has(packages_module.BlobHash256Key(pb.HashSHA256))
 		if err != nil && (errors.Is(err, util.ErrNotExist) || errors.Is(err, os.ErrNotExist)) {
 			log.Debug("Package registry inconsistent: blob %s does not exist on file system", pb.HashSHA256)
 			exists = false
 		}
 	}
 	if !exists {
-		contentStore := packages_module.NewContentStore()
 		if err := contentStore.Save(packages_module.BlobHash256Key(pb.HashSHA256), buf, buf.Size()); err != nil {
 			log.Error("Error saving package blob in content store: %v", err)
 			return nil, false, "", err
 		}
 	}
 
-	manifestDigest := digestFromHashSummer(buf)
-	err = createFileFromBlobReference(ctx, pv, nil, &blobReference{
+	manifestDigest = digestFromHashSummer(buf)
+	pf, err := createFileFromBlobReference(ctx, pv, nil, &blobReference{
 		Digest:       digest.Digest(manifestDigest),
 		MediaType:    mci.MediaType,
-		Name:         container_model.ManifestFilename,
+		Name:         container_module.ManifestFilename,
 		File:         &packages_model.PackageFileDescriptor{Blob: pb},
 		ExpectedSize: pb.Size,
 		IsLead:       true,
 	})
+	if err != nil {
+		return nil, false, "", err
+	}
 
+	oldManifestFiles, _, err := packages_model.SearchFiles(ctx, &packages_model.PackageFileSearchOptions{
+		OwnerID:     mci.Owner.ID,
+		PackageType: packages_model.TypeContainer,
+		VersionID:   pv.ID,
+		Query:       container_module.ManifestFilename,
+	})
+	if err != nil {
+		return nil, false, "", err
+	}
+	for _, oldManifestFile := range oldManifestFiles {
+		if oldManifestFile.ID != pf.ID && oldManifestFile.IsLead {
+			err = packages_model.UpdateFile(ctx, &packages_model.PackageFile{ID: oldManifestFile.ID, IsLead: false}, []string{"is_lead"})
+			if err != nil {
+				return nil, false, "", err
+			}
+		}
+	}
 	return pb, !exists, manifestDigest, err
 }
diff --git a/routers/api/packages/cran/cran.go b/routers/api/packages/cran/cran.go
index 8a20072cb6..323690fd52 100644
--- a/routers/api/packages/cran/cran.go
+++ b/routers/api/packages/cran/cran.go
@@ -22,9 +22,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 func EnumerateSourcePackages(ctx *context.Context) {
@@ -250,7 +249,7 @@ func downloadPackageFile(ctx *context.Context, opts *cran_model.SearchOptions) {
 		return
 	}
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
diff --git a/routers/api/packages/debian/debian.go b/routers/api/packages/debian/debian.go
index fec34c91a6..82c7952bdb 100644
--- a/routers/api/packages/debian/debian.go
+++ b/routers/api/packages/debian/debian.go
@@ -24,9 +24,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 func GetRepositoryKey(ctx *context.Context) {
@@ -59,13 +58,14 @@ func GetRepositoryFile(ctx *context.Context) {
 		key += "|" + component + "|" + architecture
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pv,
 		&packages_service.PackageFileInfo{
 			Filename:     ctx.PathParam("filename"),
 			CompositeKey: key,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
@@ -106,7 +106,7 @@ func GetRepositoryFileByHash(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetPackageFileStream(ctx, pfs[0])
+	s, u, pf, err := packages_service.OpenFileForDownload(ctx, pfs[0], ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
@@ -210,7 +210,7 @@ func DownloadPackageFile(ctx *context.Context) {
 	name := ctx.PathParam("name")
 	version := ctx.PathParam("version")
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -222,6 +222,7 @@ func DownloadPackageFile(ctx *context.Context) {
 			Filename:     fmt.Sprintf("%s_%s_%s.deb", name, version, ctx.PathParam("architecture")),
 			CompositeKey: fmt.Sprintf("%s|%s", ctx.PathParam("distribution"), ctx.PathParam("component")),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
diff --git a/routers/api/packages/generic/generic.go b/routers/api/packages/generic/generic.go
index 0b5daa7334..5eb189e6d9 100644
--- a/routers/api/packages/generic/generic.go
+++ b/routers/api/packages/generic/generic.go
@@ -11,7 +11,6 @@ import (
 	"unicode"
 
 	packages_model "code.gitea.io/gitea/models/packages"
-	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	"code.gitea.io/gitea/routers/api/packages/helper"
 	"code.gitea.io/gitea/services/context"
@@ -24,14 +23,13 @@ var (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 // DownloadPackageFile serves the specific generic package.
 func DownloadPackageFile(ctx *context.Context) {
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -42,6 +40,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: ctx.PathParam("filename"),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
@@ -101,7 +100,6 @@ func UploadPackage(ctx *context.Context) {
 
 	buf, err := packages_module.CreateHashedBufferFromReader(upload)
 	if err != nil {
-		log.Error("Error creating hashed buffer: %v", err)
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
 	}
diff --git a/routers/api/packages/goproxy/goproxy.go b/routers/api/packages/goproxy/goproxy.go
index bde29df739..951f50053c 100644
--- a/routers/api/packages/goproxy/goproxy.go
+++ b/routers/api/packages/goproxy/goproxy.go
@@ -22,9 +22,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 func EnumeratePackageVersions(ctx *context.Context) {
@@ -106,7 +105,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pfs[0])
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pfs[0], ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
diff --git a/routers/api/packages/helm/helm.go b/routers/api/packages/helm/helm.go
index fb12daaa46..4c1b72d5c0 100644
--- a/routers/api/packages/helm/helm.go
+++ b/routers/api/packages/helm/helm.go
@@ -14,7 +14,6 @@ import (
 
 	packages_model "code.gitea.io/gitea/models/packages"
 	"code.gitea.io/gitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	helm_module "code.gitea.io/gitea/modules/packages/helm"
@@ -28,13 +27,12 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		type Error struct {
-			Error string `json:"error"`
-		}
-		ctx.JSON(status, Error{
-			Error: message,
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	type Error struct {
+		Error string `json:"error"`
+	}
+	ctx.JSON(status, Error{
+		Error: message,
 	})
 }
 
@@ -87,16 +85,14 @@ func Index(ctx *context.Context) {
 	}
 
 	ctx.Resp.WriteHeader(http.StatusOK)
-	if err := yaml.NewEncoder(ctx.Resp).Encode(&Index{
+	_ = yaml.NewEncoder(ctx.Resp).Encode(&Index{
 		APIVersion: "v1",
 		Entries:    entries,
 		Generated:  time.Now(),
 		ServerInfo: &ServerInfo{
 			ContextPath: setting.AppSubURL + "/api/packages/" + url.PathEscape(ctx.Package.Owner.Name) + "/helm",
 		},
-	}); err != nil {
-		log.Error("YAML encode failed: %v", err)
-	}
+	})
 }
 
 // DownloadPackageFile serves the content of a package
@@ -122,12 +118,13 @@ func DownloadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pvs[0],
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/helper/helper.go b/routers/api/packages/helper/helper.go
index cdb64109ad..27d4e6ffdc 100644
--- a/routers/api/packages/helper/helper.go
+++ b/routers/api/packages/helper/helper.go
@@ -15,31 +15,29 @@ import (
 	"code.gitea.io/gitea/services/context"
 )
 
-// LogAndProcessError logs an error and calls a custom callback with the processed error message.
-// If the error is an InternalServerError the message is stripped if the user is not an admin.
-func LogAndProcessError(ctx *context.Context, status int, obj any, cb func(string)) {
+// ProcessErrorForUser logs the error and returns a user-error message for the end user.
+// If the status is http.StatusInternalServerError, the message is stripped for non-admin users in production.
+func ProcessErrorForUser(ctx *context.Context, status int, errObj any) string {
 	var message string
-	if err, ok := obj.(error); ok {
+	if err, ok := errObj.(error); ok {
 		message = err.Error()
-	} else if obj != nil {
-		message = fmt.Sprintf("%s", obj)
+	} else if errObj != nil {
+		message = fmt.Sprint(errObj)
 	}
-	if status == http.StatusInternalServerError {
-		log.ErrorWithSkip(1, message)
 
+	if status == http.StatusInternalServerError {
+		log.Log(2, log.ERROR, "Package registry API internal error: %d %s", status, message)
 		if setting.IsProd && (ctx.Doer == nil || !ctx.Doer.IsAdmin) {
-			message = ""
+			message = "internal server error"
 		}
-	} else {
-		log.Debug(message)
+		return message
 	}
 
-	if cb != nil {
-		cb(message)
-	}
+	log.Log(2, log.DEBUG, "Package registry API user error: %d %s", status, message)
+	return message
 }
 
-// Serves the content of the package file
+// ServePackageFile the content of the package file
 // If the url is set it will redirect the request, otherwise the content is copied to the response.
 func ServePackageFile(ctx *context.Context, s io.ReadSeekCloser, u *url.URL, pf *packages_model.PackageFile, forceOpts ...*context.ServeHeaderOptions) {
 	if u != nil {
diff --git a/routers/api/packages/maven/maven.go b/routers/api/packages/maven/maven.go
index 9089c2eccf..6c2916908b 100644
--- a/routers/api/packages/maven/maven.go
+++ b/routers/api/packages/maven/maven.go
@@ -22,7 +22,6 @@ import (
 	packages_model "code.gitea.io/gitea/models/packages"
 	"code.gitea.io/gitea/modules/globallock"
 	"code.gitea.io/gitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	maven_module "code.gitea.io/gitea/modules/packages/maven"
 	"code.gitea.io/gitea/modules/util"
@@ -49,14 +48,9 @@ var (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		// The maven client does not present the error message to the user. Log it for users with access to server logs.
-		if status == http.StatusBadRequest || status == http.StatusInternalServerError {
-			log.Error(message)
-		}
-
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	// Maven client doesn't present the error message to end users; site admin can check the server logs that outputted by ProcessErrorForUser
+	ctx.PlainText(status, message)
 }
 
 // DownloadPackageFile serves the content of a package
@@ -223,7 +217,7 @@ func servePackageFile(ctx *context.Context, params parameters, serveContent bool
 		return
 	}
 
-	s, u, _, err := packages_service.GetPackageBlobStream(ctx, pf, pb, nil)
+	s, u, _, err := packages_service.OpenBlobForDownload(ctx, pf, pb, ctx.Req.Method, nil)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
diff --git a/routers/api/packages/npm/npm.go b/routers/api/packages/npm/npm.go
index 6ec46bcb36..cc2aff8ea0 100644
--- a/routers/api/packages/npm/npm.go
+++ b/routers/api/packages/npm/npm.go
@@ -33,10 +33,9 @@ import (
 var errInvalidTagName = errors.New("The tag name is invalid")
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, map[string]string{
-			"error": message,
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, map[string]string{
+		"error": message,
 	})
 }
 
@@ -85,7 +84,7 @@ func DownloadPackageFile(ctx *context.Context) {
 	packageVersion := ctx.PathParam("version")
 	filename := ctx.PathParam("filename")
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -96,6 +95,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
@@ -132,12 +132,13 @@ func DownloadPackageFileByName(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pvs[0],
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/nuget/api_v2.go b/routers/api/packages/nuget/api_v2.go
index a726065ad0..801c60af13 100644
--- a/routers/api/packages/nuget/api_v2.go
+++ b/routers/api/packages/nuget/api_v2.go
@@ -246,21 +246,30 @@ type TypedValue[T any] struct {
 }
 
 type FeedEntryProperties struct {
-	Version                  string                `xml:"d:Version"`
-	NormalizedVersion        string                `xml:"d:NormalizedVersion"`
 	Authors                  string                `xml:"d:Authors"`
+	Copyright                string                `xml:"d:Copyright,omitempty"`
+	Created                  TypedValue[time.Time] `xml:"d:Created"`
 	Dependencies             string                `xml:"d:Dependencies"`
 	Description              string                `xml:"d:Description"`
-	VersionDownloadCount     TypedValue[int64]     `xml:"d:VersionDownloadCount"`
+	DevelopmentDependency    TypedValue[bool]      `xml:"d:DevelopmentDependency"`
 	DownloadCount            TypedValue[int64]     `xml:"d:DownloadCount"`
-	PackageSize              TypedValue[int64]     `xml:"d:PackageSize"`
-	Created                  TypedValue[time.Time] `xml:"d:Created"`
+	ID                       string                `xml:"d:Id"`
+	IconURL                  string                `xml:"d:IconUrl,omitempty"`
+	Language                 string                `xml:"d:Language,omitempty"`
 	LastUpdated              TypedValue[time.Time] `xml:"d:LastUpdated"`
-	Published                TypedValue[time.Time] `xml:"d:Published"`
+	LicenseURL               string                `xml:"d:LicenseUrl,omitempty"`
+	MinClientVersion         string                `xml:"d:MinClientVersion,omitempty"`
+	NormalizedVersion        string                `xml:"d:NormalizedVersion"`
+	Owners                   string                `xml:"d:Owners,omitempty"`
+	PackageSize              TypedValue[int64]     `xml:"d:PackageSize"`
 	ProjectURL               string                `xml:"d:ProjectUrl,omitempty"`
+	Published                TypedValue[time.Time] `xml:"d:Published"`
 	ReleaseNotes             string                `xml:"d:ReleaseNotes,omitempty"`
 	RequireLicenseAcceptance TypedValue[bool]      `xml:"d:RequireLicenseAcceptance"`
-	Title                    string                `xml:"d:Title"`
+	Tags                     string                `xml:"d:Tags,omitempty"`
+	Title                    string                `xml:"d:Title,omitempty"`
+	Version                  string                `xml:"d:Version"`
+	VersionDownloadCount     TypedValue[int64]     `xml:"d:VersionDownloadCount"`
 }
 
 type FeedEntry struct {
@@ -353,21 +362,30 @@ func createEntry(l *linkBuilder, pd *packages_model.PackageDescriptor, withNames
 		Author:  metadata.Authors,
 		Content: content,
 		Properties: &FeedEntryProperties{
-			Version:                  pd.Version.Version,
-			NormalizedVersion:        pd.Version.Version,
 			Authors:                  metadata.Authors,
+			Copyright:                metadata.Copyright,
+			Created:                  createdValue,
 			Dependencies:             buildDependencyString(metadata),
 			Description:              metadata.Description,
-			VersionDownloadCount:     TypedValue[int64]{Type: "Edm.Int64", Value: pd.Version.DownloadCount},
+			DevelopmentDependency:    TypedValue[bool]{Type: "Edm.Boolean", Value: metadata.DevelopmentDependency},
 			DownloadCount:            TypedValue[int64]{Type: "Edm.Int64", Value: pd.Version.DownloadCount},
-			PackageSize:              TypedValue[int64]{Type: "Edm.Int64", Value: pd.CalculateBlobSize()},
-			Created:                  createdValue,
+			ID:                       pd.Package.Name,
+			IconURL:                  metadata.IconURL,
+			Language:                 metadata.Language,
 			LastUpdated:              createdValue,
-			Published:                createdValue,
+			LicenseURL:               metadata.LicenseURL,
+			MinClientVersion:         metadata.MinClientVersion,
+			NormalizedVersion:        pd.Version.Version,
+			Owners:                   metadata.Owners,
+			PackageSize:              TypedValue[int64]{Type: "Edm.Int64", Value: pd.CalculateBlobSize()},
 			ProjectURL:               metadata.ProjectURL,
+			Published:                createdValue,
 			ReleaseNotes:             metadata.ReleaseNotes,
 			RequireLicenseAcceptance: TypedValue[bool]{Type: "Edm.Boolean", Value: metadata.RequireLicenseAcceptance},
-			Title:                    pd.Package.Name,
+			Tags:                     metadata.Tags,
+			Title:                    metadata.Title,
+			Version:                  pd.Version.Version,
+			VersionDownloadCount:     TypedValue[int64]{Type: "Edm.Int64", Value: pd.Version.DownloadCount},
 		},
 	}
 
diff --git a/routers/api/packages/nuget/api_v3.go b/routers/api/packages/nuget/api_v3.go
index 2fe25dc0f8..3262f2d9af 100644
--- a/routers/api/packages/nuget/api_v3.go
+++ b/routers/api/packages/nuget/api_v3.go
@@ -53,15 +53,23 @@ type RegistrationIndexPageItem struct {
 // https://docs.microsoft.com/en-us/nuget/api/registration-base-url-resource#catalog-entry
 type CatalogEntry struct {
 	CatalogLeafURL           string                    `json:"@id"`
-	PackageContentURL        string                    `json:"packageContent"`
+	Authors                  string                    `json:"authors"`
+	Copyright                string                    `json:"copyright"`
+	DependencyGroups         []*PackageDependencyGroup `json:"dependencyGroups"`
+	Description              string                    `json:"description"`
+	IconURL                  string                    `json:"iconUrl"`
 	ID                       string                    `json:"id"`
+	IsPrerelease             bool                      `json:"isPrerelease"`
+	Language                 string                    `json:"language"`
+	LicenseURL               string                    `json:"licenseUrl"`
+	PackageContentURL        string                    `json:"packageContent"`
+	ProjectURL               string                    `json:"projectUrl"`
+	RequireLicenseAcceptance bool                      `json:"requireLicenseAcceptance"`
+	Summary                  string                    `json:"summary"`
+	Tags                     string                    `json:"tags"`
 	Version                  string                    `json:"version"`
-	Description              string                    `json:"description"`
 	ReleaseNotes             string                    `json:"releaseNotes"`
-	Authors                  string                    `json:"authors"`
-	RequireLicenseAcceptance bool                      `json:"requireLicenseAcceptance"`
-	ProjectURL               string                    `json:"projectURL"`
-	DependencyGroups         []*PackageDependencyGroup `json:"dependencyGroups"`
+	Published                time.Time                 `json:"published"`
 }
 
 // https://docs.microsoft.com/en-us/nuget/api/registration-base-url-resource#package-dependency-group
@@ -109,15 +117,24 @@ func createRegistrationIndexPageItem(l *linkBuilder, pd *packages_model.PackageD
 		RegistrationLeafURL: l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version),
 		PackageContentURL:   l.GetPackageDownloadURL(pd.Package.Name, pd.Version.Version),
 		CatalogEntry: &CatalogEntry{
-			CatalogLeafURL:    l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version),
-			PackageContentURL: l.GetPackageDownloadURL(pd.Package.Name, pd.Version.Version),
-			ID:                pd.Package.Name,
-			Version:           pd.Version.Version,
-			Description:       metadata.Description,
-			ReleaseNotes:      metadata.ReleaseNotes,
-			Authors:           metadata.Authors,
-			ProjectURL:        metadata.ProjectURL,
-			DependencyGroups:  createDependencyGroups(pd),
+			CatalogLeafURL:           l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version),
+			Authors:                  metadata.Authors,
+			Copyright:                metadata.Copyright,
+			DependencyGroups:         createDependencyGroups(pd),
+			Description:              metadata.Description,
+			IconURL:                  metadata.IconURL,
+			ID:                       pd.Package.Name,
+			IsPrerelease:             pd.Version.IsPrerelease(),
+			Language:                 metadata.Language,
+			LicenseURL:               metadata.LicenseURL,
+			PackageContentURL:        l.GetPackageDownloadURL(pd.Package.Name, pd.Version.Version),
+			ProjectURL:               metadata.ProjectURL,
+			RequireLicenseAcceptance: metadata.RequireLicenseAcceptance,
+			Summary:                  metadata.Summary,
+			Tags:                     metadata.Tags,
+			Version:                  pd.Version.Version,
+			ReleaseNotes:             metadata.ReleaseNotes,
+			Published:                pd.Version.CreatedUnix.AsLocalTime(),
 		},
 	}
 }
@@ -145,22 +162,42 @@ func createDependencyGroups(pd *packages_model.PackageDescriptor) []*PackageDepe
 
 // https://docs.microsoft.com/en-us/nuget/api/registration-base-url-resource#registration-leaf
 type RegistrationLeafResponse struct {
-	RegistrationLeafURL  string    `json:"@id"`
-	Type                 []string  `json:"@type"`
-	Listed               bool      `json:"listed"`
-	PackageContentURL    string    `json:"packageContent"`
-	Published            time.Time `json:"published"`
-	RegistrationIndexURL string    `json:"registration"`
+	RegistrationLeafURL  string       `json:"@id"`
+	Type                 []string     `json:"@type"`
+	PackageContentURL    string       `json:"packageContent"`
+	RegistrationIndexURL string       `json:"registration"`
+	CatalogEntry         CatalogEntry `json:"catalogEntry"`
 }
 
 func createRegistrationLeafResponse(l *linkBuilder, pd *packages_model.PackageDescriptor) *RegistrationLeafResponse {
+	registrationLeafURL := l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version)
+	packageDownloadURL := l.GetPackageDownloadURL(pd.Package.Name, pd.Version.Version)
+	metadata := pd.Metadata.(*nuget_module.Metadata)
 	return &RegistrationLeafResponse{
-		Type:                 []string{"Package", "http://schema.nuget.org/catalog#Permalink"},
-		Listed:               true,
-		Published:            pd.Version.CreatedUnix.AsLocalTime(),
-		RegistrationLeafURL:  l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version),
-		PackageContentURL:    l.GetPackageDownloadURL(pd.Package.Name, pd.Version.Version),
+		RegistrationLeafURL:  registrationLeafURL,
 		RegistrationIndexURL: l.GetRegistrationIndexURL(pd.Package.Name),
+		PackageContentURL:    packageDownloadURL,
+		Type:                 []string{"Package", "http://schema.nuget.org/catalog#Permalink"},
+		CatalogEntry: CatalogEntry{
+			CatalogLeafURL:           registrationLeafURL,
+			Authors:                  metadata.Authors,
+			Copyright:                metadata.Copyright,
+			DependencyGroups:         createDependencyGroups(pd),
+			Description:              metadata.Description,
+			IconURL:                  metadata.IconURL,
+			ID:                       pd.Package.Name,
+			IsPrerelease:             pd.Version.IsPrerelease(),
+			Language:                 metadata.Language,
+			LicenseURL:               metadata.LicenseURL,
+			PackageContentURL:        packageDownloadURL,
+			ProjectURL:               metadata.ProjectURL,
+			RequireLicenseAcceptance: metadata.RequireLicenseAcceptance,
+			Summary:                  metadata.Summary,
+			Tags:                     metadata.Tags,
+			Version:                  pd.Version.Version,
+			ReleaseNotes:             metadata.ReleaseNotes,
+			Published:                pd.Version.CreatedUnix.AsLocalTime(),
+		},
 	}
 }
 
@@ -188,13 +225,24 @@ type SearchResultResponse struct {
 
 // https://docs.microsoft.com/en-us/nuget/api/search-query-service-resource#search-result
 type SearchResult struct {
-	ID                   string                 `json:"id"`
-	Version              string                 `json:"version"`
-	Versions             []*SearchResultVersion `json:"versions"`
-	Description          string                 `json:"description"`
-	Authors              string                 `json:"authors"`
-	ProjectURL           string                 `json:"projectURL"`
-	RegistrationIndexURL string                 `json:"registration"`
+	Authors                  string                    `json:"authors"`
+	Copyright                string                    `json:"copyright"`
+	DependencyGroups         []*PackageDependencyGroup `json:"dependencyGroups"`
+	Description              string                    `json:"description"`
+	IconURL                  string                    `json:"iconUrl"`
+	ID                       string                    `json:"id"`
+	IsPrerelease             bool                      `json:"isPrerelease"`
+	Language                 string                    `json:"language"`
+	LicenseURL               string                    `json:"licenseUrl"`
+	ProjectURL               string                    `json:"projectUrl"`
+	RequireLicenseAcceptance bool                      `json:"requireLicenseAcceptance"`
+	Summary                  string                    `json:"summary"`
+	Tags                     string                    `json:"tags"`
+	Title                    string                    `json:"title"`
+	TotalDownloads           int64                     `json:"totalDownloads"`
+	Version                  string                    `json:"version"`
+	Versions                 []*SearchResultVersion    `json:"versions"`
+	RegistrationIndexURL     string                    `json:"registration"`
 }
 
 // https://docs.microsoft.com/en-us/nuget/api/search-query-service-resource#search-result
@@ -230,11 +278,12 @@ func createSearchResultResponse(l *linkBuilder, totalHits int64, pds []*packages
 func createSearchResult(l *linkBuilder, pds []*packages_model.PackageDescriptor) *SearchResult {
 	latest := pds[0]
 	versions := make([]*SearchResultVersion, 0, len(pds))
+	totalDownloads := int64(0)
 	for _, pd := range pds {
 		if latest.SemVer.LessThan(pd.SemVer) {
 			latest = pd
 		}
-
+		totalDownloads += pd.Version.DownloadCount
 		versions = append(versions, &SearchResultVersion{
 			RegistrationLeafURL: l.GetRegistrationLeafURL(pd.Package.Name, pd.Version.Version),
 			Version:             pd.Version.Version,
@@ -244,12 +293,23 @@ func createSearchResult(l *linkBuilder, pds []*packages_model.PackageDescriptor)
 	metadata := latest.Metadata.(*nuget_module.Metadata)
 
 	return &SearchResult{
-		ID:                   latest.Package.Name,
-		Version:              latest.Version.Version,
-		Versions:             versions,
-		Description:          metadata.Description,
-		Authors:              metadata.Authors,
-		ProjectURL:           metadata.ProjectURL,
-		RegistrationIndexURL: l.GetRegistrationIndexURL(latest.Package.Name),
+		Authors:                  metadata.Authors,
+		Copyright:                metadata.Copyright,
+		Description:              metadata.Description,
+		DependencyGroups:         createDependencyGroups(latest),
+		IconURL:                  metadata.IconURL,
+		ID:                       latest.Package.Name,
+		IsPrerelease:             latest.Version.IsPrerelease(),
+		Language:                 metadata.Language,
+		LicenseURL:               metadata.LicenseURL,
+		ProjectURL:               metadata.ProjectURL,
+		RequireLicenseAcceptance: metadata.RequireLicenseAcceptance,
+		Summary:                  metadata.Summary,
+		Tags:                     metadata.Tags,
+		Title:                    metadata.Title,
+		TotalDownloads:           totalDownloads,
+		Version:                  latest.Version.Version,
+		Versions:                 versions,
+		RegistrationIndexURL:     l.GetRegistrationIndexURL(latest.Package.Name),
 	}
 }
diff --git a/routers/api/packages/nuget/auth.go b/routers/api/packages/nuget/auth.go
index e81ad01b2b..ce7df0ce0a 100644
--- a/routers/api/packages/nuget/auth.go
+++ b/routers/api/packages/nuget/auth.go
@@ -26,7 +26,6 @@ func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataS
 	token, err := auth_model.GetAccessTokenBySHA(req.Context(), req.Header.Get("X-NuGet-ApiKey"))
 	if err != nil {
 		if !(auth_model.IsErrAccessTokenNotExist(err) || auth_model.IsErrAccessTokenEmpty(err)) {
-			log.Error("GetAccessTokenBySHA: %v", err)
 			return nil, err
 		}
 		return nil, nil
@@ -34,7 +33,6 @@ func (a *Auth) Verify(req *http.Request, w http.ResponseWriter, store auth.DataS
 
 	u, err := user_model.GetUserByID(req.Context(), token.UID)
 	if err != nil {
-		log.Error("GetUserByID:  %v", err)
 		return nil, err
 	}
 
diff --git a/routers/api/packages/nuget/nuget.go b/routers/api/packages/nuget/nuget.go
index 07a8de0a68..c42fdd7db5 100644
--- a/routers/api/packages/nuget/nuget.go
+++ b/routers/api/packages/nuget/nuget.go
@@ -17,7 +17,6 @@ import (
 	"code.gitea.io/gitea/models/db"
 	packages_model "code.gitea.io/gitea/models/packages"
 	nuget_model "code.gitea.io/gitea/models/packages/nuget"
-	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	nuget_module "code.gitea.io/gitea/modules/packages/nuget"
@@ -29,22 +28,17 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, map[string]string{
-			"Message": message,
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, map[string]string{
+		"Message": message,
 	})
 }
 
-func xmlResponse(ctx *context.Context, status int, obj any) { //nolint:unparam
+func xmlResponse(ctx *context.Context, status int, obj any) { //nolint:unparam // status is always StatusOK
 	ctx.Resp.Header().Set("Content-Type", "application/atom+xml; charset=utf-8")
 	ctx.Resp.WriteHeader(status)
-	if _, err := ctx.Resp.Write([]byte(xml.Header)); err != nil {
-		log.Error("Write failed: %v", err)
-	}
-	if err := xml.NewEncoder(ctx.Resp).Encode(obj); err != nil {
-		log.Error("XML encode failed: %v", err)
-	}
+	_, _ = ctx.Resp.Write([]byte(xml.Header))
+	_ = xml.NewEncoder(ctx.Resp).Encode(obj)
 }
 
 // https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Core/NuGet.Protocol/LegacyFeed/V2FeedQueryBuilder.cs
@@ -405,7 +399,7 @@ func DownloadPackageFile(ctx *context.Context) {
 	packageVersion := ctx.PathParam("version")
 	filename := ctx.PathParam("filename")
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -416,6 +410,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
@@ -488,7 +483,7 @@ func UploadPackage(ctx *context.Context) {
 		pv,
 		&packages_service.PackageFileCreationInfo{
 			PackageFileInfo: packages_service.PackageFileInfo{
-				Filename: strings.ToLower(fmt.Sprintf("%s.nuspec", np.ID)),
+				Filename: strings.ToLower(np.ID + ".nuspec"),
 			},
 			Data: nuspecBuf,
 		},
@@ -669,7 +664,7 @@ func DownloadSymbolFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetPackageFileStream(ctx, pfs[0])
+	s, u, pf, err := packages_service.OpenFileForDownload(ctx, pfs[0], ctx.Req.Method)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
diff --git a/routers/api/packages/pub/pub.go b/routers/api/packages/pub/pub.go
index e7b07aefd0..7564e14d0e 100644
--- a/routers/api/packages/pub/pub.go
+++ b/routers/api/packages/pub/pub.go
@@ -15,7 +15,6 @@ import (
 
 	packages_model "code.gitea.io/gitea/models/packages"
 	"code.gitea.io/gitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	pub_module "code.gitea.io/gitea/modules/packages/pub"
 	"code.gitea.io/gitea/modules/setting"
@@ -29,9 +28,7 @@ func jsonResponse(ctx *context.Context, status int, obj any) {
 	resp := ctx.Resp
 	resp.Header().Set("Content-Type", "application/vnd.pub.v2+json")
 	resp.WriteHeader(status)
-	if err := json.NewEncoder(resp).Encode(obj); err != nil {
-		log.Error("JSON encode: %v", err)
-	}
+	_ = json.NewEncoder(resp).Encode(obj)
 }
 
 func apiError(ctx *context.Context, status int, obj any) {
@@ -43,13 +40,12 @@ func apiError(ctx *context.Context, status int, obj any) {
 		Error Error `json:"error"`
 	}
 
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		jsonResponse(ctx, status, ErrorWrapper{
-			Error: Error{
-				Code:    http.StatusText(status),
-				Message: message,
-			},
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	jsonResponse(ctx, status, ErrorWrapper{
+		Error: Error{
+			Code:    http.StatusText(status),
+			Message: message,
+		},
 	})
 }
 
@@ -274,7 +270,7 @@ func DownloadPackageFile(ctx *context.Context) {
 
 	pf := pd.Files[0].File
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
diff --git a/routers/api/packages/pypi/pypi.go b/routers/api/packages/pypi/pypi.go
index 199f4e7478..1b8f4bea34 100644
--- a/routers/api/packages/pypi/pypi.go
+++ b/routers/api/packages/pypi/pypi.go
@@ -40,9 +40,8 @@ var versionMatcher = regexp.MustCompile(`\Av?` +
 	`\z`)
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 // PackageMetadata returns the metadata for a single package
@@ -82,7 +81,7 @@ func DownloadPackageFile(ctx *context.Context) {
 	packageVersion := ctx.PathParam("version")
 	filename := ctx.PathParam("filename")
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -93,6 +92,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/packages/rpm/rpm.go b/routers/api/packages/rpm/rpm.go
index a00a61c079..5abbb0c8ae 100644
--- a/routers/api/packages/rpm/rpm.go
+++ b/routers/api/packages/rpm/rpm.go
@@ -26,9 +26,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 // https://dnf.readthedocs.io/en/latest/conf_ref.html
@@ -96,13 +95,14 @@ func GetRepositoryFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pv,
 		&packages_service.PackageFileInfo{
 			Filename:     ctx.PathParam("filename"),
 			CompositeKey: ctx.PathParam("group"),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
@@ -220,7 +220,7 @@ func DownloadPackageFile(ctx *context.Context) {
 	name := ctx.PathParam("name")
 	version := ctx.PathParam("version")
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -232,6 +232,7 @@ func DownloadPackageFile(ctx *context.Context) {
 			Filename:     fmt.Sprintf("%s-%s.%s.rpm", name, version, ctx.PathParam("architecture")),
 			CompositeKey: ctx.PathParam("group"),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
diff --git a/routers/api/packages/rubygems/rubygems.go b/routers/api/packages/rubygems/rubygems.go
index de8c7ef3ed..1ecf93592e 100644
--- a/routers/api/packages/rubygems/rubygems.go
+++ b/routers/api/packages/rubygems/rubygems.go
@@ -14,6 +14,7 @@ import (
 	"strings"
 
 	packages_model "code.gitea.io/gitea/models/packages"
+	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/optional"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	rubygems_module "code.gitea.io/gitea/modules/packages/rubygems"
@@ -24,9 +25,8 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.PlainText(status, message)
-	})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.PlainText(status, message)
 }
 
 // EnumeratePackages serves the package list
@@ -177,12 +177,13 @@ func DownloadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, pf, err := packages_service.GetFileStreamByPackageVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageVersion(
 		ctx,
 		pvs[0],
 		&packages_service.PackageFileInfo{
 			Filename: filename,
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
@@ -309,7 +310,7 @@ func GetPackageInfo(ctx *context.Context) {
 		apiError(ctx, http.StatusNotFound, nil)
 		return
 	}
-	infoContent, err := makePackageInfo(ctx, versions)
+	infoContent, err := makePackageInfo(ctx, versions, cache.NewEphemeralCache())
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
@@ -317,7 +318,7 @@ func GetPackageInfo(ctx *context.Context) {
 	ctx.PlainText(http.StatusOK, infoContent)
 }
 
-// GetAllPackagesVersions returns a custom text based format containing information about all versions of all rubygems.
+// GetAllPackagesVersions returns a custom text-based format containing information about all versions of all rubygems.
 // ref: https://guides.rubygems.org/rubygems-org-compact-index-api/
 func GetAllPackagesVersions(ctx *context.Context) {
 	packages, err := packages_model.GetPackagesByType(ctx, ctx.Package.Owner.ID, packages_model.TypeRubyGems)
@@ -326,6 +327,7 @@ func GetAllPackagesVersions(ctx *context.Context) {
 		return
 	}
 
+	ephemeralCache := cache.NewEphemeralCache()
 	out := &strings.Builder{}
 	out.WriteString("---\n")
 	for _, pkg := range packages {
@@ -338,7 +340,7 @@ func GetAllPackagesVersions(ctx *context.Context) {
 			continue
 		}
 
-		info, err := makePackageInfo(ctx, versions)
+		info, err := makePackageInfo(ctx, versions, ephemeralCache)
 		if err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
@@ -348,7 +350,14 @@ func GetAllPackagesVersions(ctx *context.Context) {
 		_, _ = fmt.Fprintf(out, "%s ", pkg.Name)
 		for i, v := range versions {
 			sep := util.Iif(i == len(versions)-1, "", ",")
-			_, _ = fmt.Fprintf(out, "%s%s", v.Version, sep)
+			pd, err := packages_model.GetPackageDescriptorWithCache(ctx, v, ephemeralCache)
+			if errors.Is(err, util.ErrNotExist) {
+				continue
+			} else if err != nil {
+				apiError(ctx, http.StatusInternalServerError, err)
+				return
+			}
+			writePackageVersionForList(pd.Metadata, v.Version, sep, out)
 		}
 		_, _ = fmt.Fprintf(out, " %x\n", md5.Sum([]byte(info)))
 	}
@@ -356,6 +365,16 @@ func GetAllPackagesVersions(ctx *context.Context) {
 	ctx.PlainText(http.StatusOK, out.String())
 }
 
+func writePackageVersionForList(metadata any, version, sep string, out *strings.Builder) {
+	if metadata, _ := metadata.(*rubygems_module.Metadata); metadata != nil && metadata.Platform != "" && metadata.Platform != "ruby" {
+		// VERSION_PLATFORM (see comment above in GetAllPackagesVersions)
+		_, _ = fmt.Fprintf(out, "%s_%s%s", version, metadata.Platform, sep)
+	} else {
+		// VERSION only
+		_, _ = fmt.Fprintf(out, "%s%s", version, sep)
+	}
+}
+
 func writePackageVersionRequirements(prefix string, reqs []rubygems_module.VersionRequirement, out *strings.Builder) {
 	out.WriteString(prefix)
 	if len(reqs) == 0 {
@@ -367,11 +386,21 @@ func writePackageVersionRequirements(prefix string, reqs []rubygems_module.Versi
 	}
 }
 
-func makePackageVersionDependency(ctx *context.Context, version *packages_model.PackageVersion) (string, error) {
+func writePackageVersionForDependency(version, platform string, out *strings.Builder) {
+	if platform != "" && platform != "ruby" {
+		// VERSION-PLATFORM (see comment below in makePackageVersionDependency)
+		_, _ = fmt.Fprintf(out, "%s-%s ", version, platform)
+	} else {
+		// VERSION only
+		_, _ = fmt.Fprintf(out, "%s ", version)
+	}
+}
+
+func makePackageVersionDependency(ctx *context.Context, version *packages_model.PackageVersion, c *cache.EphemeralCache) (string, error) {
 	// format: VERSION[-PLATFORM] [DEPENDENCY[,DEPENDENCY,...]]|REQUIREMENT[,REQUIREMENT,...]
 	// DEPENDENCY: GEM:CONSTRAINT[&CONSTRAINT]
 	// REQUIREMENT: KEY:VALUE (always contains "checksum")
-	pd, err := packages_model.GetPackageDescriptor(ctx, version)
+	pd, err := packages_model.GetPackageDescriptorWithCache(ctx, version, c)
 	if err != nil {
 		return "", err
 	}
@@ -388,8 +417,7 @@ func makePackageVersionDependency(ctx *context.Context, version *packages_model.
 	}
 
 	buf := &strings.Builder{}
-	buf.WriteString(version.Version)
-	buf.WriteByte(' ')
+	writePackageVersionForDependency(version.Version, metadata.Platform, buf)
 	for i, dep := range metadata.RuntimeDependencies {
 		sep := util.Iif(i == 0, "", ",")
 		writePackageVersionRequirements(fmt.Sprintf("%s%s:", sep, dep.Name), dep.Version, buf)
@@ -404,10 +432,10 @@ func makePackageVersionDependency(ctx *context.Context, version *packages_model.
 	return buf.String(), nil
 }
 
-func makePackageInfo(ctx *context.Context, versions []*packages_model.PackageVersion) (string, error) {
+func makePackageInfo(ctx *context.Context, versions []*packages_model.PackageVersion, c *cache.EphemeralCache) (string, error) {
 	ret := "---\n"
 	for _, v := range versions {
-		dep, err := makePackageVersionDependency(ctx, v)
+		dep, err := makePackageVersionDependency(ctx, v, c)
 		if err != nil {
 			return "", err
 		}
diff --git a/routers/api/packages/rubygems/rubygems_test.go b/routers/api/packages/rubygems/rubygems_test.go
new file mode 100644
index 0000000000..a07e12a7d3
--- /dev/null
+++ b/routers/api/packages/rubygems/rubygems_test.go
@@ -0,0 +1,41 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package rubygems
+
+import (
+	"strings"
+	"testing"
+
+	rubygems_module "code.gitea.io/gitea/modules/packages/rubygems"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestWritePackageVersion(t *testing.T) {
+	buf := &strings.Builder{}
+
+	writePackageVersionForList(nil, "1.0", " ", buf)
+	assert.Equal(t, "1.0 ", buf.String())
+	buf.Reset()
+
+	writePackageVersionForList(&rubygems_module.Metadata{Platform: "ruby"}, "1.0", " ", buf)
+	assert.Equal(t, "1.0 ", buf.String())
+	buf.Reset()
+
+	writePackageVersionForList(&rubygems_module.Metadata{Platform: "linux"}, "1.0", " ", buf)
+	assert.Equal(t, "1.0_linux ", buf.String())
+	buf.Reset()
+
+	writePackageVersionForDependency("1.0", "", buf)
+	assert.Equal(t, "1.0 ", buf.String())
+	buf.Reset()
+
+	writePackageVersionForDependency("1.0", "ruby", buf)
+	assert.Equal(t, "1.0 ", buf.String())
+	buf.Reset()
+
+	writePackageVersionForDependency("1.0", "os", buf)
+	assert.Equal(t, "1.0-os ", buf.String())
+	buf.Reset()
+}
diff --git a/routers/api/packages/swift/swift.go b/routers/api/packages/swift/swift.go
index 4d7fb8b1a6..e1c3b36834 100644
--- a/routers/api/packages/swift/swift.go
+++ b/routers/api/packages/swift/swift.go
@@ -77,17 +77,14 @@ func apiError(ctx *context.Context, status int, obj any) {
 		Detail string `json:"detail"`
 	}
 
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		setResponseHeaders(ctx.Resp, &headers{
-			Status:      status,
-			ContentType: "application/problem+json",
-		})
-		if err := json.NewEncoder(ctx.Resp).Encode(Problem{
-			Status: status,
-			Detail: message,
-		}); err != nil {
-			log.Error("JSON encode: %v", err)
-		}
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	setResponseHeaders(ctx.Resp, &headers{
+		Status:      status,
+		ContentType: "application/problem+json",
+	})
+	_ = json.NewEncoder(ctx.Resp).Encode(Problem{
+		Status: status,
+		Detail: message,
 	})
 }
 
@@ -290,7 +287,24 @@ func DownloadManifest(ctx *context.Context) {
 	})
 }
 
-// https://github.com/swiftlang/swift-package-manager/blob/main/Documentation/PackageRegistry/Registry.md#endpoint-6
+// formFileOptionalReadCloser returns (nil, nil) if the formKey is not present.
+func formFileOptionalReadCloser(ctx *context.Context, formKey string) (io.ReadCloser, error) {
+	multipartFile, _, err := ctx.Req.FormFile(formKey)
+	if err != nil && !errors.Is(err, http.ErrMissingFile) {
+		return nil, err
+	}
+	if multipartFile != nil {
+		return multipartFile, nil
+	}
+
+	content := ctx.Req.FormValue(formKey)
+	if content == "" {
+		return nil, nil
+	}
+	return io.NopCloser(strings.NewReader(content)), nil
+}
+
+// UploadPackageFile refers to https://github.com/swiftlang/swift-package-manager/blob/main/Documentation/PackageRegistry/Registry.md#endpoint-6
 func UploadPackageFile(ctx *context.Context) {
 	packageScope := ctx.PathParam("scope")
 	packageName := ctx.PathParam("name")
@@ -304,9 +318,9 @@ func UploadPackageFile(ctx *context.Context) {
 
 	packageVersion := v.Core().String()
 
-	file, _, err := ctx.Req.FormFile("source-archive")
-	if err != nil {
-		apiError(ctx, http.StatusBadRequest, err)
+	file, err := formFileOptionalReadCloser(ctx, "source-archive")
+	if file == nil || err != nil {
+		apiError(ctx, http.StatusBadRequest, "unable to read source-archive file")
 		return
 	}
 	defer file.Close()
@@ -318,10 +332,13 @@ func UploadPackageFile(ctx *context.Context) {
 	}
 	defer buf.Close()
 
-	var mr io.Reader
-	metadata := ctx.Req.FormValue("metadata")
-	if metadata != "" {
-		mr = strings.NewReader(metadata)
+	mr, err := formFileOptionalReadCloser(ctx, "metadata")
+	if err != nil {
+		apiError(ctx, http.StatusBadRequest, "unable to read metadata file")
+		return
+	}
+	if mr != nil {
+		defer mr.Close()
 	}
 
 	pck, err := swift_module.ParsePackage(buf, buf.Size(), mr)
@@ -409,7 +426,7 @@ func DownloadPackageFile(ctx *context.Context) {
 
 	pf := pd.Files[0].File
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
diff --git a/routers/api/packages/vagrant/vagrant.go b/routers/api/packages/vagrant/vagrant.go
index 3afaa5de1f..36fc41f581 100644
--- a/routers/api/packages/vagrant/vagrant.go
+++ b/routers/api/packages/vagrant/vagrant.go
@@ -24,14 +24,13 @@ import (
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
-	helper.LogAndProcessError(ctx, status, obj, func(message string) {
-		ctx.JSON(status, struct {
-			Errors []string `json:"errors"`
-		}{
-			Errors: []string{
-				message,
-			},
-		})
+	message := helper.ProcessErrorForUser(ctx, status, obj)
+	ctx.JSON(status, struct {
+		Errors []string `json:"errors"`
+	}{
+		Errors: []string{
+			message,
+		},
 	})
 }
 
@@ -218,7 +217,7 @@ func UploadPackageFile(ctx *context.Context) {
 }
 
 func DownloadPackageFile(ctx *context.Context) {
-	s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
+	s, u, pf, err := packages_service.OpenFileForDownloadByPackageNameAndVersion(
 		ctx,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
@@ -229,6 +228,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		&packages_service.PackageFileInfo{
 			Filename: ctx.PathParam("provider"),
 		},
+		ctx.Req.Method,
 	)
 	if err != nil {
 		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go
index 957d593d89..4eff51782f 100644
--- a/routers/api/v1/activitypub/reqsignature.go
+++ b/routers/api/v1/activitypub/reqsignature.go
@@ -7,6 +7,7 @@ import (
 	"crypto"
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -34,7 +35,7 @@ func getPublicKeyFromResponse(b []byte, keyID *url.URL) (p crypto.PublicKey, err
 	pubKeyPem := pubKey.PublicKeyPem
 	block, _ := pem.Decode([]byte(pubKeyPem))
 	if block == nil || block.Type != "PUBLIC KEY" {
-		return nil, fmt.Errorf("could not decode publicKeyPem to PUBLIC KEY pem block type")
+		return nil, errors.New("could not decode publicKeyPem to PUBLIC KEY pem block type")
 	}
 	p, err = x509.ParsePKIXPublicKey(block.Bytes)
 	return p, err
diff --git a/routers/api/v1/admin/action.go b/routers/api/v1/admin/action.go
new file mode 100644
index 0000000000..2fbb8e1a95
--- /dev/null
+++ b/routers/api/v1/admin/action.go
@@ -0,0 +1,93 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package admin
+
+import (
+	"code.gitea.io/gitea/routers/api/v1/shared"
+	"code.gitea.io/gitea/services/context"
+)
+
+// ListWorkflowJobs Lists all jobs
+func ListWorkflowJobs(ctx *context.APIContext) {
+	// swagger:operation GET /admin/actions/jobs admin listAdminWorkflowJobs
+	// ---
+	// summary: Lists all jobs
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJobsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	shared.ListJobs(ctx, 0, 0, 0)
+}
+
+// ListWorkflowRuns Lists all runs
+func ListWorkflowRuns(ctx *context.APIContext) {
+	// swagger:operation GET /admin/actions/runs admin listAdminWorkflowRuns
+	// ---
+	// summary: Lists all runs
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: event
+	//   in: query
+	//   description: workflow event name
+	//   type: string
+	//   required: false
+	// - name: branch
+	//   in: query
+	//   description: workflow branch
+	//   type: string
+	//   required: false
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: actor
+	//   in: query
+	//   description: triggered by user
+	//   type: string
+	//   required: false
+	// - name: head_sha
+	//   in: query
+	//   description: triggering sha of the workflow run
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowRunsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	shared.ListRuns(ctx, 0, 0)
+}
diff --git a/routers/api/v1/admin/hooks.go b/routers/api/v1/admin/hooks.go
index fb1ea4eab6..a687541be5 100644
--- a/routers/api/v1/admin/hooks.go
+++ b/routers/api/v1/admin/hooks.go
@@ -51,9 +51,10 @@ func ListHooks(ctx *context.APIContext) {
 	// for compatibility the default value is true
 	isSystemWebhook := optional.Some(true)
 	typeValue := ctx.FormString("type")
-	if typeValue == "default" {
+	switch typeValue {
+	case "default":
 		isSystemWebhook = optional.Some(false)
-	} else if typeValue == "all" {
+	case "all":
 		isSystemWebhook = optional.None[bool]()
 	}
 
diff --git a/routers/api/v1/admin/org.go b/routers/api/v1/admin/org.go
index 8808a1587d..c3473372f2 100644
--- a/routers/api/v1/admin/org.go
+++ b/routers/api/v1/admin/org.go
@@ -29,7 +29,7 @@ func CreateOrg(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of the user that will own the created organization
+	//   description: username of the user who will own the created organization
 	//   type: string
 	//   required: true
 	// - name: organization
@@ -101,7 +101,7 @@ func GetAllOrgs(ctx *context.APIContext) {
 
 	listOptions := utils.GetListOptions(ctx)
 
-	users, maxResults, err := user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+	users, maxResults, err := user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		Type:        user_model.UserTypeOrganization,
 		OrderBy:     db.SearchOrderByAlphabetically,
diff --git a/routers/api/v1/admin/repo.go b/routers/api/v1/admin/repo.go
index c119d5390a..12a78c9c4b 100644
--- a/routers/api/v1/admin/repo.go
+++ b/routers/api/v1/admin/repo.go
@@ -22,7 +22,7 @@ func CreateRepo(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of the user. This user will own the created repository
+	//   description: username of the user who will own the created repository
 	//   type: string
 	//   required: true
 	// - name: repository
diff --git a/routers/api/v1/admin/runners.go b/routers/api/v1/admin/runners.go
index 329242d9f6..736c421229 100644
--- a/routers/api/v1/admin/runners.go
+++ b/routers/api/v1/admin/runners.go
@@ -24,3 +24,81 @@ func GetRegistrationToken(ctx *context.APIContext) {
 
 	shared.GetRegistrationToken(ctx, 0, 0)
 }
+
+// CreateRegistrationToken returns the token to register global runners
+func CreateRegistrationToken(ctx *context.APIContext) {
+	// swagger:operation POST /admin/actions/runners/registration-token admin adminCreateRunnerRegistrationToken
+	// ---
+	// summary: Get an global actions runner registration token
+	// produces:
+	// - application/json
+	// parameters:
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/RegistrationToken"
+
+	shared.GetRegistrationToken(ctx, 0, 0)
+}
+
+// ListRunners get all runners
+func ListRunners(ctx *context.APIContext) {
+	// swagger:operation GET /admin/actions/runners admin getAdminRunners
+	// ---
+	// summary: Get all runners
+	// produces:
+	// - application/json
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunnersResponse"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRunners(ctx, 0, 0)
+}
+
+// GetRunner get an global runner
+func GetRunner(ctx *context.APIContext) {
+	// swagger:operation GET /admin/actions/runners/{runner_id} admin getAdminRunner
+	// ---
+	// summary: Get an global runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunner"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.GetRunner(ctx, 0, 0, ctx.PathParamInt64("runner_id"))
+}
+
+// DeleteRunner delete an global runner
+func DeleteRunner(ctx *context.APIContext) {
+	// swagger:operation DELETE /admin/actions/runners/{runner_id} admin deleteAdminRunner
+	// ---
+	// summary: Delete an global runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "204":
+	//     description: runner has been deleted
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.DeleteRunner(ctx, 0, 0, ctx.PathParamInt64("runner_id"))
+}
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index c4bb85de55..494bace585 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -175,7 +175,7 @@ func EditUser(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to edit
+	//   description: username of the user whose data is to be edited
 	//   type: string
 	//   required: true
 	// - name: body
@@ -239,8 +239,8 @@ func EditUser(ctx *context.APIContext) {
 		Location:                optional.FromPtr(form.Location),
 		Description:             optional.FromPtr(form.Description),
 		IsActive:                optional.FromPtr(form.Active),
-		IsAdmin:                 optional.FromPtr(form.Admin),
-		Visibility:              optional.FromNonDefault(api.VisibilityModes[form.Visibility]),
+		IsAdmin:                 user_service.UpdateOptionFieldFromPtr(form.Admin),
+		Visibility:              optional.FromMapLookup(api.VisibilityModes, form.Visibility),
 		AllowGitHook:            optional.FromPtr(form.AllowGitHook),
 		AllowImportLocal:        optional.FromPtr(form.AllowImportLocal),
 		MaxRepoCreation:         optional.FromPtr(form.MaxRepoCreation),
@@ -272,7 +272,7 @@ func DeleteUser(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to delete
+	//   description: username of the user to delete
 	//   type: string
 	//   required: true
 	// - name: purge
@@ -296,7 +296,7 @@ func DeleteUser(ctx *context.APIContext) {
 
 	// admin should not delete themself
 	if ctx.ContextUser.ID == ctx.Doer.ID {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("you cannot delete yourself"))
+		ctx.APIError(http.StatusUnprocessableEntity, errors.New("you cannot delete yourself"))
 		return
 	}
 
@@ -328,7 +328,7 @@ func CreatePublicKey(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user who is to receive a public key
 	//   type: string
 	//   required: true
 	// - name: key
@@ -358,7 +358,7 @@ func DeleteUserPublicKey(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose public key is to be deleted
 	//   type: string
 	//   required: true
 	// - name: id
@@ -405,7 +405,7 @@ func SearchUsers(ctx *context.APIContext) {
 	//   format: int64
 	// - name: login_name
 	//   in: query
-	//   description: user's login name to search for
+	//   description: identifier of the user, provided by the external authenticator
 	//   type: string
 	// - name: page
 	//   in: query
@@ -423,7 +423,7 @@ func SearchUsers(ctx *context.APIContext) {
 
 	listOptions := utils.GetListOptions(ctx)
 
-	users, maxResults, err := user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+	users, maxResults, err := user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		Type:        user_model.UserTypeIndividual,
 		LoginName:   ctx.FormTrim("login_name"),
@@ -456,7 +456,7 @@ func RenameUser(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: existing username of user
+	//   description: current username of the user
 	//   type: string
 	//   required: true
 	// - name: body
diff --git a/routers/api/v1/admin/user_badge.go b/routers/api/v1/admin/user_badge.go
index 6d9665a72b..ce32f455b0 100644
--- a/routers/api/v1/admin/user_badge.go
+++ b/routers/api/v1/admin/user_badge.go
@@ -22,7 +22,7 @@ func ListUserBadges(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose badges are to be listed
 	//   type: string
 	//   required: true
 	// responses:
@@ -53,7 +53,7 @@ func AddUserBadges(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user to whom a badge is to be added
 	//   type: string
 	//   required: true
 	// - name: body
@@ -87,7 +87,7 @@ func DeleteUserBadges(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose badge is to be deleted
 	//   type: string
 	//   required: true
 	// - name: body
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index bc76b5285e..f412e8a06c 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -64,6 +64,7 @@
 package v1
 
 import (
+	gocontext "context"
 	"errors"
 	"fmt"
 	"net/http"
@@ -144,7 +145,7 @@ func repoAssignment() func(ctx *context.APIContext) {
 		)
 
 		// Check if the user is the same as the repository owner.
-		if ctx.IsSigned && ctx.Doer.LowerName == strings.ToLower(userName) {
+		if ctx.IsSigned && strings.EqualFold(ctx.Doer.LowerName, userName) {
 			owner = ctx.Doer
 		} else {
 			owner, err = user_model.GetUserByName(ctx, userName)
@@ -211,20 +212,43 @@ func repoAssignment() func(ctx *context.APIContext) {
 			}
 			ctx.Repo.Permission.SetUnitsWithDefaultAccessMode(ctx.Repo.Repository.Units, ctx.Repo.Permission.AccessMode)
 		} else {
-			ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
+			needTwoFactor, err := doerNeedTwoFactorAuth(ctx, ctx.Doer)
 			if err != nil {
 				ctx.APIErrorInternal(err)
 				return
 			}
+			if needTwoFactor {
+				ctx.Repo.Permission = access_model.PermissionNoAccess()
+			} else {
+				ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
+				if err != nil {
+					ctx.APIErrorInternal(err)
+					return
+				}
+			}
 		}
 
-		if !ctx.Repo.Permission.HasAnyUnitAccess() {
+		if !ctx.Repo.Permission.HasAnyUnitAccessOrPublicAccess() {
 			ctx.APIErrorNotFound()
 			return
 		}
 	}
 }
 
+func doerNeedTwoFactorAuth(ctx gocontext.Context, doer *user_model.User) (bool, error) {
+	if !setting.TwoFactorAuthEnforced {
+		return false, nil
+	}
+	if doer == nil {
+		return false, nil
+	}
+	has, err := auth_model.HasTwoFactorOrWebAuthn(ctx, doer.ID)
+	if err != nil {
+		return false, err
+	}
+	return !has, nil
+}
+
 func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
 		if ctx.Package.AccessMode < accessMode && !ctx.IsUserSiteAdmin() {
@@ -307,7 +331,7 @@ func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeC
 
 		// use the http method to determine the access level
 		requiredScopeLevel := auth_model.Read
-		if ctx.Req.Method == "POST" || ctx.Req.Method == "PUT" || ctx.Req.Method == "PATCH" || ctx.Req.Method == "DELETE" {
+		if ctx.Req.Method == http.MethodPost || ctx.Req.Method == http.MethodPut || ctx.Req.Method == http.MethodPatch || ctx.Req.Method == http.MethodDelete {
 			requiredScopeLevel = auth_model.Write
 		}
 
@@ -355,7 +379,7 @@ func reqToken() func(ctx *context.APIContext) {
 
 func reqExploreSignIn() func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
-		if (setting.Service.RequireSignInView || setting.Service.Explore.RequireSigninView) && !ctx.IsSigned {
+		if (setting.Service.RequireSignInViewStrict || setting.Service.Explore.RequireSigninView) && !ctx.IsSigned {
 			ctx.APIError(http.StatusUnauthorized, "you must be signed in to search for users")
 		}
 	}
@@ -431,15 +455,6 @@ func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
 	}
 }
 
-// reqRepoBranchWriter user should have a permission to write to a branch, or be a site admin
-func reqRepoBranchWriter(ctx *context.APIContext) {
-	options, ok := web.GetForm(ctx).(api.FileOptionInterface)
-	if !ok || (!ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, options.Branch()) && !ctx.IsUserSiteAdmin()) {
-		ctx.APIError(http.StatusForbidden, "user should have a permission to write to this branch")
-		return
-	}
-}
-
 // reqRepoReader user should have specific read permission or be a repo admin or a site admin
 func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
@@ -720,9 +735,17 @@ func mustEnableWiki(ctx *context.APIContext) {
 	}
 }
 
+// FIXME: for consistency, maybe most mustNotBeArchived checks should be replaced with mustEnableEditor
 func mustNotBeArchived(ctx *context.APIContext) {
 	if ctx.Repo.Repository.IsArchived {
-		ctx.APIError(http.StatusLocked, fmt.Errorf("%s is archived", ctx.Repo.Repository.LogString()))
+		ctx.APIError(http.StatusLocked, fmt.Errorf("%s is archived", ctx.Repo.Repository.FullName()))
+		return
+	}
+}
+
+func mustEnableEditor(ctx *context.APIContext) {
+	if !ctx.Repo.Repository.CanEnableEditor() {
+		ctx.APIError(http.StatusLocked, fmt.Errorf("%s is not allowed to edit", ctx.Repo.Repository.FullName()))
 		return
 	}
 }
@@ -842,13 +865,13 @@ func verifyAuthWithOptions(options *common.VerifyOptions) func(ctx *context.APIC
 func individualPermsChecker(ctx *context.APIContext) {
 	// org permissions have been checked in context.OrgAssignment(), but individual permissions haven't been checked.
 	if ctx.ContextUser.IsIndividual() {
-		switch {
-		case ctx.ContextUser.Visibility == api.VisibleTypePrivate:
+		switch ctx.ContextUser.Visibility {
+		case api.VisibleTypePrivate:
 			if ctx.Doer == nil || (ctx.ContextUser.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin) {
 				ctx.APIErrorNotFound("Visit Project", nil)
 				return
 			}
-		case ctx.ContextUser.Visibility == api.VisibleTypeLimited:
+		case api.VisibleTypeLimited:
 			if ctx.Doer == nil {
 				ctx.APIErrorNotFound("Visit Project", nil)
 				return
@@ -886,7 +909,7 @@ func Routes() *web.Router {
 	m.Use(apiAuth(buildAuthGroup()))
 
 	m.Use(verifyAuthWithOptions(&common.VerifyOptions{
-		SignInRequired: setting.Service.RequireSignInView,
+		SignInRequired: setting.Service.RequireSignInViewStrict,
 	}))
 
 	addActionsRoutes := func(
@@ -912,8 +935,14 @@ func Routes() *web.Router {
 			})
 
 			m.Group("/runners", func() {
+				m.Get("", reqToken(), reqChecker, act.ListRunners)
 				m.Get("/registration-token", reqToken(), reqChecker, act.GetRegistrationToken)
+				m.Post("/registration-token", reqToken(), reqChecker, act.CreateRegistrationToken)
+				m.Get("/{runner_id}", reqToken(), reqChecker, act.GetRunner)
+				m.Delete("/{runner_id}", reqToken(), reqChecker, act.DeleteRunner)
 			})
+			m.Get("/runs", reqToken(), reqChecker, act.ListWorkflowRuns)
+			m.Get("/jobs", reqToken(), reqChecker, act.ListWorkflowJobs)
 		})
 	}
 
@@ -943,7 +972,8 @@ func Routes() *web.Router {
 		// Misc (public accessible)
 		m.Group("", func() {
 			m.Get("/version", misc.Version)
-			m.Get("/signing-key.gpg", misc.SigningKey)
+			m.Get("/signing-key.gpg", misc.SigningKeyGPG)
+			m.Get("/signing-key.pub", misc.SigningKeySSH)
 			m.Post("/markup", reqToken(), bind(api.MarkupOption{}), misc.Markup)
 			m.Post("/markdown", reqToken(), bind(api.MarkdownOption{}), misc.Markdown)
 			m.Post("/markdown/raw", reqToken(), misc.MarkdownRaw)
@@ -1043,8 +1073,15 @@ func Routes() *web.Router {
 				})
 
 				m.Group("/runners", func() {
+					m.Get("", reqToken(), user.ListRunners)
 					m.Get("/registration-token", reqToken(), user.GetRegistrationToken)
+					m.Post("/registration-token", reqToken(), user.CreateRegistrationToken)
+					m.Get("/{runner_id}", reqToken(), user.GetRunner)
+					m.Delete("/{runner_id}", reqToken(), user.DeleteRunner)
 				})
+
+				m.Get("/runs", reqToken(), user.ListWorkflowRuns)
+				m.Get("/jobs", reqToken(), user.ListWorkflowJobs)
 			})
 
 			m.Get("/followers", user.ListMyFollowers)
@@ -1168,6 +1205,11 @@ func Routes() *web.Router {
 					m.Post("/{workflow_id}/dispatches", reqRepoWriter(unit.TypeActions), bind(api.CreateActionWorkflowDispatch{}), repo.ActionsDispatchWorkflow)
 				}, context.ReferencesGitRepo(), reqToken(), reqRepoReader(unit.TypeActions))
 
+				m.Group("/actions/jobs", func() {
+					m.Get("/{job_id}", repo.GetWorkflowJob)
+					m.Get("/{job_id}/logs", repo.DownloadActionsRunJobLogs)
+				}, reqToken(), reqRepoReader(unit.TypeActions))
+
 				m.Group("/hooks/git", func() {
 					m.Combo("").Get(repo.ListGitHooks)
 					m.Group("/{id}", func() {
@@ -1205,7 +1247,7 @@ func Routes() *web.Router {
 				}, reqToken())
 				m.Get("/raw/*", context.ReferencesGitRepo(), context.RepoRefForAPI, reqRepoReader(unit.TypeCode), repo.GetRawFile)
 				m.Get("/media/*", context.ReferencesGitRepo(), context.RepoRefForAPI, reqRepoReader(unit.TypeCode), repo.GetRawFileOrLFS)
-				m.Get("/archive/*", reqRepoReader(unit.TypeCode), repo.GetArchive)
+				m.Methods("HEAD,GET", "/archive/*", reqRepoReader(unit.TypeCode), repo.GetArchive)
 				m.Combo("/forks").Get(repo.ListForks).
 					Post(reqToken(), reqRepoReader(unit.TypeCode), bind(api.CreateForkOption{}), repo.CreateFork)
 				m.Post("/merge-upstream", reqToken(), mustNotBeArchived, reqRepoWriter(unit.TypeCode), bind(api.MergeUpstreamRequest{}), repo.MergeUpstream)
@@ -1243,7 +1285,14 @@ func Routes() *web.Router {
 				}, reqToken(), reqAdmin())
 				m.Group("/actions", func() {
 					m.Get("/tasks", repo.ListActionTasks)
-					m.Get("/runs/{run}/artifacts", repo.GetArtifactsOfRun)
+					m.Group("/runs", func() {
+						m.Group("/{run}", func() {
+							m.Get("", repo.GetWorkflowRun)
+							m.Delete("", reqToken(), reqRepoWriter(unit.TypeActions), repo.DeleteActionRun)
+							m.Get("/jobs", repo.ListWorkflowRunJobs)
+							m.Get("/artifacts", repo.GetArtifactsOfRun)
+						})
+					})
 					m.Get("/artifacts", repo.GetArtifacts)
 					m.Group("/artifacts/{artifact_id}", func() {
 						m.Get("", repo.GetArtifact)
@@ -1374,18 +1423,29 @@ func Routes() *web.Router {
 					m.Get("/tags/{sha}", repo.GetAnnotatedTag)
 					m.Get("/notes/{sha}", repo.GetNote)
 				}, context.ReferencesGitRepo(true), reqRepoReader(unit.TypeCode))
-				m.Post("/diffpatch", reqRepoWriter(unit.TypeCode), reqToken(), bind(api.ApplyDiffPatchFileOptions{}), mustNotBeArchived, repo.ApplyDiffPatch)
 				m.Group("/contents", func() {
 					m.Get("", repo.GetContentsList)
-					m.Post("", reqToken(), bind(api.ChangeFilesOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.ChangeFiles)
 					m.Get("/*", repo.GetContents)
-					m.Group("/*", func() {
-						m.Post("", bind(api.CreateFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.CreateFile)
-						m.Put("", bind(api.UpdateFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.UpdateFile)
-						m.Delete("", bind(api.DeleteFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.DeleteFile)
-					}, reqToken())
-				}, reqRepoReader(unit.TypeCode))
-				m.Get("/signing-key.gpg", misc.SigningKey)
+					m.Group("", func() {
+						// "change file" operations, need permission to write to the target branch provided by the form
+						m.Post("", bind(api.ChangeFilesOptions{}), repo.ReqChangeRepoFileOptionsAndCheck, repo.ChangeFiles)
+						m.Group("/*", func() {
+							m.Post("", bind(api.CreateFileOptions{}), repo.ReqChangeRepoFileOptionsAndCheck, repo.CreateFile)
+							m.Put("", bind(api.UpdateFileOptions{}), repo.ReqChangeRepoFileOptionsAndCheck, repo.UpdateFile)
+							m.Delete("", bind(api.DeleteFileOptions{}), repo.ReqChangeRepoFileOptionsAndCheck, repo.DeleteFile)
+						})
+						m.Post("/diffpatch", bind(api.ApplyDiffPatchFileOptions{}), repo.ReqChangeRepoFileOptionsAndCheck, repo.ApplyDiffPatch)
+					}, mustEnableEditor, reqToken())
+				}, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo())
+				m.Group("/contents-ext", func() {
+					m.Get("", repo.GetContentsExt)
+					m.Get("/*", repo.GetContentsExt)
+				}, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo())
+				m.Combo("/file-contents", reqRepoReader(unit.TypeCode), context.ReferencesGitRepo()).
+					Get(repo.GetFileContentsGet).
+					Post(bind(api.GetFilesOptions{}), repo.GetFileContentsPost) // the POST method requires "write" permission, so we also support "GET" method above
+				m.Get("/signing-key.gpg", misc.SigningKeyGPG)
+				m.Get("/signing-key.pub", misc.SigningKeySSH)
 				m.Group("/topics", func() {
 					m.Combo("").Get(repo.ListTopics).
 						Put(reqToken(), reqAdmin(), bind(api.RepoTopicOptions{}), repo.UpdateTopics)
@@ -1406,7 +1466,7 @@ func Routes() *web.Router {
 					m.Delete("", repo.DeleteAvatar)
 				}, reqAdmin(), reqToken())
 
-				m.Get("/{ball_type:tarball|zipball|bundle}/*", reqRepoReader(unit.TypeCode), repo.DownloadArchive)
+				m.Methods("HEAD,GET", "/{ball_type:tarball|zipball|bundle}/*", reqRepoReader(unit.TypeCode), repo.DownloadArchive)
 			}, repoAssignment(), checkTokenPublicOnly())
 		}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository))
 
@@ -1518,6 +1578,11 @@ func Routes() *web.Router {
 								Delete(reqToken(), reqAdmin(), repo.UnpinIssue)
 							m.Patch("/{position}", reqToken(), reqAdmin(), repo.MoveIssuePin)
 						})
+						m.Group("/lock", func() {
+							m.Combo("").
+								Put(bind(api.LockIssueOption{}), repo.LockIssue).
+								Delete(repo.UnlockIssue)
+						}, reqToken(), reqAdmin())
 					})
 				}, mustEnableIssuesOrPulls)
 				m.Group("/labels", func() {
@@ -1540,14 +1605,19 @@ func Routes() *web.Router {
 		// NOTE: these are Gitea package management API - see packages.CommonRoutes and packages.DockerContainerRoutes for endpoints that implement package manager APIs
 		m.Group("/packages/{username}", func() {
 			m.Group("/{type}/{name}", func() {
+				m.Get("/", packages.ListPackageVersions)
+
 				m.Group("/{version}", func() {
 					m.Get("", packages.GetPackage)
 					m.Delete("", reqPackageAccess(perm.AccessModeWrite), packages.DeletePackage)
 					m.Get("/files", packages.ListPackageFiles)
 				})
 
-				m.Post("/-/link/{repo_name}", reqPackageAccess(perm.AccessModeWrite), packages.LinkPackage)
-				m.Post("/-/unlink", reqPackageAccess(perm.AccessModeWrite), packages.UnlinkPackage)
+				m.Group("/-", func() {
+					m.Get("/latest", packages.GetLatestPackageVersion)
+					m.Post("/link/{repo_name}", reqPackageAccess(perm.AccessModeWrite), packages.LinkPackage)
+					m.Post("/unlink", reqPackageAccess(perm.AccessModeWrite), packages.UnlinkPackage)
+				})
 			})
 
 			m.Get("/", packages.ListPackages)
@@ -1680,6 +1750,16 @@ func Routes() *web.Router {
 					Patch(bind(api.EditHookOption{}), admin.EditHook).
 					Delete(admin.DeleteHook)
 			})
+			m.Group("/actions", func() {
+				m.Group("/runners", func() {
+					m.Get("", admin.ListRunners)
+					m.Post("/registration-token", admin.CreateRegistrationToken)
+					m.Get("/{runner_id}", admin.GetRunner)
+					m.Delete("/{runner_id}", admin.DeleteRunner)
+				})
+				m.Get("/runs", admin.ListWorkflowRuns)
+				m.Get("/jobs", admin.ListWorkflowJobs)
+			})
 			m.Group("/runners", func() {
 				m.Get("/registration-token", admin.GetRegistrationToken)
 			})
diff --git a/routers/api/v1/misc/markup.go b/routers/api/v1/misc/markup.go
index 0cd4b8c5c5..909310b4c8 100644
--- a/routers/api/v1/misc/markup.go
+++ b/routers/api/v1/misc/markup.go
@@ -42,7 +42,7 @@ func Markup(ctx *context.APIContext) {
 		return
 	}
 
-	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck
+	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck // form.Wiki is deprecated
 	common.RenderMarkup(ctx.Base, ctx.Repo, mode, form.Text, form.Context, form.FilePath)
 }
 
@@ -73,7 +73,7 @@ func Markdown(ctx *context.APIContext) {
 		return
 	}
 
-	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck
+	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck // form.Wiki is deprecated
 	common.RenderMarkup(ctx.Base, ctx.Repo, mode, form.Text, form.Context, "")
 }
 
diff --git a/routers/api/v1/misc/markup_test.go b/routers/api/v1/misc/markup_test.go
index 6063e54cdc..38a1a3be9e 100644
--- a/routers/api/v1/misc/markup_test.go
+++ b/routers/api/v1/misc/markup_test.go
@@ -134,7 +134,7 @@ Here are some links to the most important topics. You can find the full list of
 <h2 id="user-content-quick-links">Quick Links</h2>
 <p>Here are some links to the most important topics. You can find the full list of pages at the sidebar.</p>
 <p><a href="http://localhost:3000/user2/repo1/wiki/Configuration" rel="nofollow">Configuration</a>
-<a href="http://localhost:3000/user2/repo1/wiki/raw/images/icon-bug.png" rel="nofollow"><img src="http://localhost:3000/user2/repo1/wiki/raw/images/icon-bug.png" title="icon-bug.png" alt="images/icon-bug.png"/></a></p>
+<a href="http://localhost:3000/user2/repo1/wiki/images/icon-bug.png" rel="nofollow"><img src="http://localhost:3000/user2/repo1/wiki/raw/images/icon-bug.png" title="icon-bug.png" alt="images/icon-bug.png"/></a></p>
 `,
 	}
 
@@ -158,19 +158,19 @@ Here are some links to the most important topics. You can find the full list of
 
 	input := "[Link](test.md)\n![Image](image.png)"
 	testRenderMarkdown(t, "gfm", false, input, `<p><a href="http://localhost:3000/user2/repo1/src/branch/main/test.md" rel="nofollow">Link</a>
-<a href="http://localhost:3000/user2/repo1/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
+<a href="http://localhost:3000/user2/repo1/src/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
 `, http.StatusOK)
 
 	testRenderMarkdown(t, "gfm", false, input, `<p><a href="http://localhost:3000/user2/repo1/src/branch/main/test.md" rel="nofollow">Link</a>
-<a href="http://localhost:3000/user2/repo1/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
+<a href="http://localhost:3000/user2/repo1/src/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
 `, http.StatusOK)
 
 	testRenderMarkup(t, "gfm", false, "", input, `<p><a href="http://localhost:3000/user2/repo1/src/branch/main/test.md" rel="nofollow">Link</a>
-<a href="http://localhost:3000/user2/repo1/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
+<a href="http://localhost:3000/user2/repo1/src/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/image.png" alt="Image"/></a></p>
 `, http.StatusOK)
 
 	testRenderMarkup(t, "file", false, "path/new-file.md", input, `<p><a href="http://localhost:3000/user2/repo1/src/branch/main/path/test.md" rel="nofollow">Link</a>
-<a href="http://localhost:3000/user2/repo1/media/branch/main/path/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/path/image.png" alt="Image"/></a></p>
+<a href="http://localhost:3000/user2/repo1/src/branch/main/path/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/user2/repo1/media/branch/main/path/image.png" alt="Image"/></a></p>
 `, http.StatusOK)
 
 	testRenderMarkup(t, "file", false, "path/test.unknown", "## Test", "unsupported file to render: \"path/test.unknown\"\n", http.StatusUnprocessableEntity)
diff --git a/routers/api/v1/misc/signing.go b/routers/api/v1/misc/signing.go
index 667396e39c..db70e04b8f 100644
--- a/routers/api/v1/misc/signing.go
+++ b/routers/api/v1/misc/signing.go
@@ -4,14 +4,35 @@
 package misc
 
 import (
-	"fmt"
-
+	"code.gitea.io/gitea/modules/git"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
 	"code.gitea.io/gitea/services/context"
 )
 
-// SigningKey returns the public key of the default signing key if it exists
-func SigningKey(ctx *context.APIContext) {
+func getSigningKey(ctx *context.APIContext, expectedFormat string) {
+	// if the handler is in the repo's route group, get the repo's signing key
+	// otherwise, get the global signing key
+	path := ""
+	if ctx.Repo != nil && ctx.Repo.Repository != nil {
+		path = ctx.Repo.Repository.RepoPath()
+	}
+	content, format, err := asymkey_service.PublicSigningKey(ctx, path)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	if format == "" {
+		ctx.APIErrorNotFound("no signing key")
+		return
+	} else if format != expectedFormat {
+		ctx.APIErrorNotFound("signing key format is " + format)
+		return
+	}
+	_, _ = ctx.Write([]byte(content))
+}
+
+// SigningKeyGPG returns the public key of the default signing key if it exists
+func SigningKeyGPG(ctx *context.APIContext) {
 	// swagger:operation GET /signing-key.gpg miscellaneous getSigningKey
 	// ---
 	// summary: Get default signing-key.gpg
@@ -44,19 +65,42 @@ func SigningKey(ctx *context.APIContext) {
 	//     description: "GPG armored public key"
 	//     schema:
 	//       type: string
+	getSigningKey(ctx, git.SigningKeyFormatOpenPGP)
+}
 
-	path := ""
-	if ctx.Repo != nil && ctx.Repo.Repository != nil {
-		path = ctx.Repo.Repository.RepoPath()
-	}
+// SigningKeySSH returns the public key of the default signing key if it exists
+func SigningKeySSH(ctx *context.APIContext) {
+	// swagger:operation GET /signing-key.pub miscellaneous getSigningKeySSH
+	// ---
+	// summary: Get default signing-key.pub
+	// produces:
+	//     - text/plain
+	// responses:
+	//   "200":
+	//     description: "ssh public key"
+	//     schema:
+	//       type: string
 
-	content, err := asymkey_service.PublicSigningKey(ctx, path)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return
-	}
-	_, err = ctx.Write([]byte(content))
-	if err != nil {
-		ctx.APIErrorInternal(fmt.Errorf("Error writing key content %w", err))
-	}
+	// swagger:operation GET /repos/{owner}/{repo}/signing-key.pub repository repoSigningKeySSH
+	// ---
+	// summary: Get signing-key.pub for given repository
+	// produces:
+	//     - text/plain
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     description: "ssh public key"
+	//     schema:
+	//       type: string
+	getSigningKey(ctx, git.SigningKeyFormatSSH)
 }
diff --git a/routers/api/v1/org/action.go b/routers/api/v1/org/action.go
index b1cd2f0c3c..3ae5e60585 100644
--- a/routers/api/v1/org/action.go
+++ b/routers/api/v1/org/action.go
@@ -190,6 +190,27 @@ func (Action) GetRegistrationToken(ctx *context.APIContext) {
 	shared.GetRegistrationToken(ctx, ctx.Org.Organization.ID, 0)
 }
 
+// https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-a-registration-token-for-an-organization
+// CreateRegistrationToken returns the token to register org runners
+func (Action) CreateRegistrationToken(ctx *context.APIContext) {
+	// swagger:operation POST /orgs/{org}/actions/runners/registration-token organization orgCreateRunnerRegistrationToken
+	// ---
+	// summary: Get an organization's actions runner registration token
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/RegistrationToken"
+
+	shared.GetRegistrationToken(ctx, ctx.Org.Organization.ID, 0)
+}
+
 // ListVariables list org-level variables
 func (Action) ListVariables(ctx *context.APIContext) {
 	// swagger:operation GET /orgs/{org}/actions/variables organization getOrgVariablesList
@@ -363,13 +384,13 @@ func (Action) CreateVariable(ctx *context.APIContext) {
 	//     "$ref": "#/definitions/CreateVariableOption"
 	// responses:
 	//   "201":
-	//     description: response when creating an org-level variable
-	//   "204":
-	//     description: response when creating an org-level variable
+	//     description: successfully created the org-level variable
 	//   "400":
 	//     "$ref": "#/responses/error"
-	//   "404":
-	//     "$ref": "#/responses/notFound"
+	//   "409":
+	//     description: variable name already exists.
+	//   "500":
+	//     "$ref": "#/responses/error"
 
 	opt := web.GetForm(ctx).(*api.CreateVariableOption)
 
@@ -398,7 +419,7 @@ func (Action) CreateVariable(ctx *context.APIContext) {
 		return
 	}
 
-	ctx.Status(http.StatusNoContent)
+	ctx.Status(http.StatusCreated)
 }
 
 // UpdateVariable update an org-level variable
@@ -470,6 +491,175 @@ func (Action) UpdateVariable(ctx *context.APIContext) {
 	ctx.Status(http.StatusNoContent)
 }
 
+// ListRunners get org-level runners
+func (Action) ListRunners(ctx *context.APIContext) {
+	// swagger:operation GET /orgs/{org}/actions/runners organization getOrgRunners
+	// ---
+	// summary: Get org-level runners
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunnersResponse"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRunners(ctx, ctx.Org.Organization.ID, 0)
+}
+
+// GetRunner get an org-level runner
+func (Action) GetRunner(ctx *context.APIContext) {
+	// swagger:operation GET /orgs/{org}/actions/runners/{runner_id} organization getOrgRunner
+	// ---
+	// summary: Get an org-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunner"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.GetRunner(ctx, ctx.Org.Organization.ID, 0, ctx.PathParamInt64("runner_id"))
+}
+
+// DeleteRunner delete an org-level runner
+func (Action) DeleteRunner(ctx *context.APIContext) {
+	// swagger:operation DELETE /orgs/{org}/actions/runners/{runner_id} organization deleteOrgRunner
+	// ---
+	// summary: Delete an org-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "204":
+	//     description: runner has been deleted
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.DeleteRunner(ctx, ctx.Org.Organization.ID, 0, ctx.PathParamInt64("runner_id"))
+}
+
+func (Action) ListWorkflowJobs(ctx *context.APIContext) {
+	// swagger:operation GET /orgs/{org}/actions/jobs organization getOrgWorkflowJobs
+	// ---
+	// summary: Get org-level workflow jobs
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJobsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListJobs(ctx, ctx.Org.Organization.ID, 0, 0)
+}
+
+func (Action) ListWorkflowRuns(ctx *context.APIContext) {
+	// swagger:operation GET /orgs/{org}/actions/runs organization getOrgWorkflowRuns
+	// ---
+	// summary: Get org-level workflow runs
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: org
+	//   in: path
+	//   description: name of the organization
+	//   type: string
+	//   required: true
+	// - name: event
+	//   in: query
+	//   description: workflow event name
+	//   type: string
+	//   required: false
+	// - name: branch
+	//   in: query
+	//   description: workflow branch
+	//   type: string
+	//   required: false
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: actor
+	//   in: query
+	//   description: triggered by user
+	//   type: string
+	//   required: false
+	// - name: head_sha
+	//   in: query
+	//   description: triggering sha of the workflow run
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowRunsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRuns(ctx, ctx.Org.Organization.ID, 0)
+}
+
 var _ actions_service.API = new(Action)
 
 // Action implements actions_service.API
diff --git a/routers/api/v1/org/block.go b/routers/api/v1/org/block.go
index 69a5222a20..6b2f3dc615 100644
--- a/routers/api/v1/org/block.go
+++ b/routers/api/v1/org/block.go
@@ -47,7 +47,7 @@ func CheckUserBlock(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: user to check
+	//   description: username of the user to check
 	//   type: string
 	//   required: true
 	// responses:
@@ -71,7 +71,7 @@ func BlockUser(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: user to block
+	//   description: username of the user to block
 	//   type: string
 	//   required: true
 	// - name: note
@@ -101,7 +101,7 @@ func UnblockUser(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: user to unblock
+	//   description: username of the user to unblock
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/org/member.go b/routers/api/v1/org/member.go
index 2663d78b73..1c12b0cc94 100644
--- a/routers/api/v1/org/member.go
+++ b/routers/api/v1/org/member.go
@@ -8,6 +8,7 @@ import (
 	"net/url"
 
 	"code.gitea.io/gitea/models/organization"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/routers/api/v1/user"
@@ -132,7 +133,7 @@ func IsMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user to check for an organization membership
 	//   type: string
 	//   required: true
 	// responses:
@@ -185,7 +186,7 @@ func IsPublicMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user to check for a public organization membership
 	//   type: string
 	//   required: true
 	// responses:
@@ -210,6 +211,20 @@ func IsPublicMember(ctx *context.APIContext) {
 	}
 }
 
+func checkCanChangeOrgUserStatus(ctx *context.APIContext, targetUser *user_model.User) {
+	// allow user themselves to change their status, and allow admins to change any user
+	if targetUser.ID == ctx.Doer.ID || ctx.Doer.IsAdmin {
+		return
+	}
+	// allow org owners to change status of members
+	isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
+	if err != nil {
+		ctx.APIError(http.StatusInternalServerError, err)
+	} else if !isOwner {
+		ctx.APIError(http.StatusForbidden, "Cannot change member visibility")
+	}
+}
+
 // PublicizeMember make a member's membership public
 func PublicizeMember(ctx *context.APIContext) {
 	// swagger:operation PUT /orgs/{org}/public_members/{username} organization orgPublicizeMember
@@ -225,7 +240,7 @@ func PublicizeMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user whose membership is to be publicized
 	//   type: string
 	//   required: true
 	// responses:
@@ -240,8 +255,8 @@ func PublicizeMember(ctx *context.APIContext) {
 	if ctx.Written() {
 		return
 	}
-	if userToPublicize.ID != ctx.Doer.ID {
-		ctx.APIError(http.StatusForbidden, "Cannot publicize another member")
+	checkCanChangeOrgUserStatus(ctx, userToPublicize)
+	if ctx.Written() {
 		return
 	}
 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToPublicize.ID, true)
@@ -267,7 +282,7 @@ func ConcealMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user whose membership is to be concealed
 	//   type: string
 	//   required: true
 	// responses:
@@ -282,8 +297,8 @@ func ConcealMember(ctx *context.APIContext) {
 	if ctx.Written() {
 		return
 	}
-	if userToConceal.ID != ctx.Doer.ID {
-		ctx.APIError(http.StatusForbidden, "Cannot conceal another member")
+	checkCanChangeOrgUserStatus(ctx, userToConceal)
+	if ctx.Written() {
 		return
 	}
 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToConceal.ID, false)
@@ -309,7 +324,7 @@ func DeleteMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user to remove from the organization
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/org/org.go b/routers/api/v1/org/org.go
index c9208f4757..cd67686065 100644
--- a/routers/api/v1/org/org.go
+++ b/routers/api/v1/org/org.go
@@ -26,12 +26,10 @@ import (
 
 func listUserOrgs(ctx *context.APIContext, u *user_model.User) {
 	listOptions := utils.GetListOptions(ctx)
-	showPrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == u.ID)
-
 	opts := organization.FindOrgOptions{
-		ListOptions:    listOptions,
-		UserID:         u.ID,
-		IncludePrivate: showPrivate,
+		ListOptions:       listOptions,
+		UserID:            u.ID,
+		IncludeVisibility: organization.DoerViewOtherVisibility(ctx.Doer, u),
 	}
 	orgs, maxResults, err := db.FindAndCount[organization.Organization](ctx, opts)
 	if err != nil {
@@ -84,7 +82,7 @@ func ListUserOrgs(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose organizations are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
@@ -114,7 +112,7 @@ func GetUserOrgsPermissions(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose permissions are to be obtained
 	//   type: string
 	//   required: true
 	// - name: org
@@ -201,7 +199,7 @@ func GetAll(ctx *context.APIContext) {
 
 	listOptions := utils.GetListOptions(ctx)
 
-	publicOrgs, maxResults, err := user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+	publicOrgs, maxResults, err := user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		ListOptions: listOptions,
 		Type:        user_model.UserTypeOrganization,
@@ -393,7 +391,7 @@ func Edit(ctx *context.APIContext) {
 		Description:               optional.Some(form.Description),
 		Website:                   optional.Some(form.Website),
 		Location:                  optional.Some(form.Location),
-		Visibility:                optional.FromNonDefault(api.VisibilityModes[form.Visibility]),
+		Visibility:                optional.FromMapLookup(api.VisibilityModes, form.Visibility),
 		RepoAdminChangeTeamAccess: optional.FromPtr(form.RepoAdminChangeTeamAccess),
 	}
 	if err := user_service.UpdateUser(ctx, ctx.Org.Organization.AsUser(), opts); err != nil {
diff --git a/routers/api/v1/org/team.go b/routers/api/v1/org/team.go
index f70e5dd235..1a1710750a 100644
--- a/routers/api/v1/org/team.go
+++ b/routers/api/v1/org/team.go
@@ -141,26 +141,18 @@ func GetTeam(ctx *context.APIContext) {
 	ctx.JSON(http.StatusOK, apiTeam)
 }
 
-func attachTeamUnits(team *organization.Team, units []string) {
+func attachTeamUnits(team *organization.Team, defaultAccessMode perm.AccessMode, units []string) {
 	unitTypes, _ := unit_model.FindUnitTypes(units...)
 	team.Units = make([]*organization.TeamUnit, 0, len(units))
 	for _, tp := range unitTypes {
 		team.Units = append(team.Units, &organization.TeamUnit{
 			OrgID:      team.OrgID,
 			Type:       tp,
-			AccessMode: team.AccessMode,
+			AccessMode: defaultAccessMode,
 		})
 	}
 }
 
-func convertUnitsMap(unitsMap map[string]string) map[unit_model.Type]perm.AccessMode {
-	res := make(map[unit_model.Type]perm.AccessMode, len(unitsMap))
-	for unitKey, p := range unitsMap {
-		res[unit_model.TypeFromKey(unitKey)] = perm.ParseAccessMode(p)
-	}
-	return res
-}
-
 func attachTeamUnitsMap(team *organization.Team, unitsMap map[string]string) {
 	team.Units = make([]*organization.TeamUnit, 0, len(unitsMap))
 	for unitKey, p := range unitsMap {
@@ -214,24 +206,22 @@ func CreateTeam(ctx *context.APIContext) {
 	//   "422":
 	//     "$ref": "#/responses/validationError"
 	form := web.GetForm(ctx).(*api.CreateTeamOption)
-	p := perm.ParseAccessMode(form.Permission)
-	if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
-		p = unit_model.MinUnitAccessMode(convertUnitsMap(form.UnitsMap))
-	}
+	teamPermission := perm.ParseAccessMode(form.Permission, perm.AccessModeNone, perm.AccessModeAdmin)
 	team := &organization.Team{
 		OrgID:                   ctx.Org.Organization.ID,
 		Name:                    form.Name,
 		Description:             form.Description,
 		IncludesAllRepositories: form.IncludesAllRepositories,
 		CanCreateOrgRepo:        form.CanCreateOrgRepo,
-		AccessMode:              p,
+		AccessMode:              teamPermission,
 	}
 
 	if team.AccessMode < perm.AccessModeAdmin {
 		if len(form.UnitsMap) > 0 {
 			attachTeamUnitsMap(team, form.UnitsMap)
 		} else if len(form.Units) > 0 {
-			attachTeamUnits(team, form.Units)
+			unitPerm := perm.ParseAccessMode(form.Permission, perm.AccessModeRead, perm.AccessModeWrite)
+			attachTeamUnits(team, unitPerm, form.Units)
 		} else {
 			ctx.APIErrorInternal(errors.New("units permission should not be empty"))
 			return
@@ -304,15 +294,10 @@ func EditTeam(ctx *context.APIContext) {
 	isAuthChanged := false
 	isIncludeAllChanged := false
 	if !team.IsOwnerTeam() && len(form.Permission) != 0 {
-		// Validate permission level.
-		p := perm.ParseAccessMode(form.Permission)
-		if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
-			p = unit_model.MinUnitAccessMode(convertUnitsMap(form.UnitsMap))
-		}
-
-		if team.AccessMode != p {
+		teamPermission := perm.ParseAccessMode(form.Permission, perm.AccessModeNone, perm.AccessModeAdmin)
+		if team.AccessMode != teamPermission {
 			isAuthChanged = true
-			team.AccessMode = p
+			team.AccessMode = teamPermission
 		}
 
 		if form.IncludesAllRepositories != nil {
@@ -325,7 +310,8 @@ func EditTeam(ctx *context.APIContext) {
 		if len(form.UnitsMap) > 0 {
 			attachTeamUnitsMap(team, form.UnitsMap)
 		} else if len(form.Units) > 0 {
-			attachTeamUnits(team, form.Units)
+			unitPerm := perm.ParseAccessMode(form.Permission, perm.AccessModeRead, perm.AccessModeWrite)
+			attachTeamUnits(team, unitPerm, form.Units)
 		}
 	} else {
 		attachAdminTeamUnits(team)
@@ -440,7 +426,7 @@ func GetTeamMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the member to list
+	//   description: username of the user whose data is to be listed
 	//   type: string
 	//   required: true
 	// responses:
@@ -481,7 +467,7 @@ func AddTeamMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user to add
+	//   description: username of the user to add to a team
 	//   type: string
 	//   required: true
 	// responses:
@@ -523,7 +509,7 @@ func RemoveTeamMember(ctx *context.APIContext) {
 	//   required: true
 	// - name: username
 	//   in: path
-	//   description: username of the user to remove
+	//   description: username of the user to remove from a team
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/packages/package.go b/routers/api/v1/packages/package.go
index f869519344..41b7f2a43f 100644
--- a/routers/api/v1/packages/package.go
+++ b/routers/api/v1/packages/package.go
@@ -56,13 +56,10 @@ func ListPackages(ctx *context.APIContext) {
 
 	listOptions := utils.GetListOptions(ctx)
 
-	packageType := ctx.FormTrim("type")
-	query := ctx.FormTrim("q")
-
-	pvs, count, err := packages.SearchVersions(ctx, &packages.PackageSearchOptions{
+	apiPackages, count, err := searchPackages(ctx, &packages.PackageSearchOptions{
 		OwnerID:    ctx.Package.Owner.ID,
-		Type:       packages.Type(packageType),
-		Name:       packages.SearchValue{Value: query},
+		Type:       packages.Type(ctx.FormTrim("type")),
+		Name:       packages.SearchValue{Value: ctx.FormTrim("q")},
 		IsInternal: optional.Some(false),
 		Paginator:  &listOptions,
 	})
@@ -71,22 +68,6 @@ func ListPackages(ctx *context.APIContext) {
 		return
 	}
 
-	pds, err := packages.GetPackageDescriptors(ctx, pvs)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return
-	}
-
-	apiPackages := make([]*api.Package, 0, len(pds))
-	for _, pd := range pds {
-		apiPackage, err := convert.ToPackage(ctx, pd, ctx.Doer)
-		if err != nil {
-			ctx.APIErrorInternal(err)
-			return
-		}
-		apiPackages = append(apiPackages, apiPackage)
-	}
-
 	ctx.SetLinkHeader(int(count), listOptions.PageSize)
 	ctx.SetTotalCountHeader(count)
 	ctx.JSON(http.StatusOK, apiPackages)
@@ -217,6 +198,121 @@ func ListPackageFiles(ctx *context.APIContext) {
 	ctx.JSON(http.StatusOK, apiPackageFiles)
 }
 
+// ListPackageVersions gets all versions of a package
+func ListPackageVersions(ctx *context.APIContext) {
+	// swagger:operation GET /packages/{owner}/{type}/{name} package listPackageVersions
+	// ---
+	// summary: Gets all versions of a package
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the package
+	//   type: string
+	//   required: true
+	// - name: type
+	//   in: path
+	//   description: type of the package
+	//   type: string
+	//   required: true
+	// - name: name
+	//   in: path
+	//   description: name of the package
+	//   type: string
+	//   required: true
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/PackageList"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	listOptions := utils.GetListOptions(ctx)
+
+	apiPackages, count, err := searchPackages(ctx, &packages.PackageSearchOptions{
+		OwnerID:    ctx.Package.Owner.ID,
+		Type:       packages.Type(ctx.PathParam("type")),
+		Name:       packages.SearchValue{Value: ctx.PathParam("name"), ExactMatch: true},
+		IsInternal: optional.Some(false),
+		Paginator:  &listOptions,
+	})
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	ctx.SetLinkHeader(int(count), listOptions.PageSize)
+	ctx.SetTotalCountHeader(count)
+	ctx.JSON(http.StatusOK, apiPackages)
+}
+
+// GetLatestPackageVersion gets the latest version of a package
+func GetLatestPackageVersion(ctx *context.APIContext) {
+	// swagger:operation GET /packages/{owner}/{type}/{name}/-/latest package getLatestPackageVersion
+	// ---
+	// summary: Gets the latest version of a package
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the package
+	//   type: string
+	//   required: true
+	// - name: type
+	//   in: path
+	//   description: type of the package
+	//   type: string
+	//   required: true
+	// - name: name
+	//   in: path
+	//   description: name of the package
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/Package"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	pvs, _, err := packages.SearchLatestVersions(ctx, &packages.PackageSearchOptions{
+		OwnerID:    ctx.Package.Owner.ID,
+		Type:       packages.Type(ctx.PathParam("type")),
+		Name:       packages.SearchValue{Value: ctx.PathParam("name"), ExactMatch: true},
+		IsInternal: optional.Some(false),
+	})
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	if len(pvs) == 0 {
+		ctx.APIError(http.StatusNotFound, err)
+		return
+	}
+
+	pd, err := packages.GetPackageDescriptor(ctx, pvs[0])
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	apiPackage, err := convert.ToPackage(ctx, pd, ctx.Doer)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	ctx.JSON(http.StatusOK, apiPackage)
+}
+
 // LinkPackage sets a repository link for a package
 func LinkPackage(ctx *context.APIContext) {
 	// swagger:operation POST /packages/{owner}/{type}/{name}/-/link/{repo_name} package linkPackage
@@ -335,3 +431,26 @@ func UnlinkPackage(ctx *context.APIContext) {
 	}
 	ctx.Status(http.StatusNoContent)
 }
+
+func searchPackages(ctx *context.APIContext, opts *packages.PackageSearchOptions) ([]*api.Package, int64, error) {
+	pvs, count, err := packages.SearchVersions(ctx, opts)
+	if err != nil {
+		return nil, 0, err
+	}
+
+	pds, err := packages.GetPackageDescriptors(ctx, pvs)
+	if err != nil {
+		return nil, 0, err
+	}
+
+	apiPackages := make([]*api.Package, 0, len(pds))
+	for _, pd := range pds {
+		apiPackage, err := convert.ToPackage(ctx, pd, ctx.Doer)
+		if err != nil {
+			return nil, 0, err
+		}
+		apiPackages = append(apiPackages, apiPackage)
+	}
+
+	return apiPackages, count, nil
+}
diff --git a/routers/api/v1/repo/action.go b/routers/api/v1/repo/action.go
index 2ace9fa295..25aabe6dd2 100644
--- a/routers/api/v1/repo/action.go
+++ b/routers/api/v1/repo/action.go
@@ -46,7 +46,7 @@ func (Action) ListActionsSecrets(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: owner of the repository
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -183,7 +183,7 @@ func (Action) DeleteSecret(ctx *context.APIContext) {
 	//   required: true
 	// responses:
 	//   "204":
-	//     description: delete one secret of the organization
+	//     description: delete one secret of the repository
 	//   "400":
 	//     "$ref": "#/responses/error"
 	//   "404":
@@ -216,7 +216,7 @@ func (Action) GetVariable(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -270,7 +270,7 @@ func (Action) DeleteVariable(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -319,7 +319,7 @@ func (Action) CreateVariable(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -339,12 +339,12 @@ func (Action) CreateVariable(ctx *context.APIContext) {
 	// responses:
 	//   "201":
 	//     description: response when creating a repo-level variable
-	//   "204":
-	//     description: response when creating a repo-level variable
 	//   "400":
 	//     "$ref": "#/responses/error"
-	//   "404":
-	//     "$ref": "#/responses/notFound"
+	//   "409":
+	//     description: variable name already exists.
+	//   "500":
+	//     "$ref": "#/responses/error"
 
 	opt := web.GetForm(ctx).(*api.CreateVariableOption)
 
@@ -373,7 +373,7 @@ func (Action) CreateVariable(ctx *context.APIContext) {
 		return
 	}
 
-	ctx.Status(http.StatusNoContent)
+	ctx.Status(http.StatusCreated)
 }
 
 // UpdateVariable update a repo-level variable
@@ -386,7 +386,7 @@ func (Action) UpdateVariable(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -458,7 +458,7 @@ func (Action) ListVariables(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -531,6 +531,233 @@ func (Action) GetRegistrationToken(ctx *context.APIContext) {
 	shared.GetRegistrationToken(ctx, 0, ctx.Repo.Repository.ID)
 }
 
+// CreateRegistrationToken returns the token to register repo runners
+func (Action) CreateRegistrationToken(ctx *context.APIContext) {
+	// swagger:operation POST /repos/{owner}/{repo}/actions/runners/registration-token repository repoCreateRunnerRegistrationToken
+	// ---
+	// summary: Get a repository's actions runner registration token
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/RegistrationToken"
+
+	shared.GetRegistrationToken(ctx, 0, ctx.Repo.Repository.ID)
+}
+
+// ListRunners get repo-level runners
+func (Action) ListRunners(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/runners repository getRepoRunners
+	// ---
+	// summary: Get repo-level runners
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunnersResponse"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRunners(ctx, 0, ctx.Repo.Repository.ID)
+}
+
+// GetRunner get an repo-level runner
+func (Action) GetRunner(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/runners/{runner_id} repository getRepoRunner
+	// ---
+	// summary: Get an repo-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunner"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.GetRunner(ctx, 0, ctx.Repo.Repository.ID, ctx.PathParamInt64("runner_id"))
+}
+
+// DeleteRunner delete an repo-level runner
+func (Action) DeleteRunner(ctx *context.APIContext) {
+	// swagger:operation DELETE /repos/{owner}/{repo}/actions/runners/{runner_id} repository deleteRepoRunner
+	// ---
+	// summary: Delete an repo-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "204":
+	//     description: runner has been deleted
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.DeleteRunner(ctx, 0, ctx.Repo.Repository.ID, ctx.PathParamInt64("runner_id"))
+}
+
+// GetWorkflowRunJobs Lists all jobs for a workflow run.
+func (Action) ListWorkflowJobs(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/jobs repository listWorkflowJobs
+	// ---
+	// summary: Lists all jobs for a repository
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJobsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	repoID := ctx.Repo.Repository.ID
+
+	shared.ListJobs(ctx, 0, repoID, 0)
+}
+
+// ListWorkflowRuns Lists all runs for a repository run.
+func (Action) ListWorkflowRuns(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/runs repository getWorkflowRuns
+	// ---
+	// summary: Lists all runs for a repository run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: event
+	//   in: query
+	//   description: workflow event name
+	//   type: string
+	//   required: false
+	// - name: branch
+	//   in: query
+	//   description: workflow branch
+	//   type: string
+	//   required: false
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: actor
+	//   in: query
+	//   description: triggered by user
+	//   type: string
+	//   required: false
+	// - name: head_sha
+	//   in: query
+	//   description: triggering sha of the workflow run
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowRunsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	repoID := ctx.Repo.Repository.ID
+
+	shared.ListRuns(ctx, 0, repoID)
+}
+
 var _ actions_service.API = new(Action)
 
 // Action implements actions_service.API
@@ -637,7 +864,7 @@ func ActionsListRepositoryWorkflows(ctx *context.APIContext) {
 	//   "500":
 	//     "$ref": "#/responses/error"
 
-	workflows, err := actions_service.ListActionWorkflows(ctx)
+	workflows, err := convert.ListActionWorkflows(ctx, ctx.Repo.GitRepo, ctx.Repo.Repository)
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -683,7 +910,7 @@ func ActionsGetWorkflow(ctx *context.APIContext) {
 	//     "$ref": "#/responses/error"
 
 	workflowID := ctx.PathParam("workflow_id")
-	workflow, err := actions_service.GetActionWorkflow(ctx, workflowID)
+	workflow, err := convert.GetActionWorkflow(ctx, ctx.Repo.GitRepo, ctx.Repo.Repository, workflowID)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			ctx.APIError(http.StatusNotFound, err)
@@ -873,7 +1100,168 @@ func ActionsEnableWorkflow(ctx *context.APIContext) {
 	ctx.Status(http.StatusNoContent)
 }
 
-// GetArtifacts Lists all artifacts for a repository.
+// GetWorkflowRun Gets a specific workflow run.
+func GetWorkflowRun(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/runs/{run} repository GetWorkflowRun
+	// ---
+	// summary: Gets a specific workflow run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: run
+	//   in: path
+	//   description: id of the run
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowRun"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	runID := ctx.PathParamInt64("run")
+	job, has, err := db.GetByID[actions_model.ActionRun](ctx, runID)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	if !has || job.RepoID != ctx.Repo.Repository.ID {
+		ctx.APIErrorNotFound(util.ErrNotExist)
+		return
+	}
+
+	convertedRun, err := convert.ToActionWorkflowRun(ctx, ctx.Repo.Repository, job)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	ctx.JSON(http.StatusOK, convertedRun)
+}
+
+// ListWorkflowRunJobs Lists all jobs for a workflow run.
+func ListWorkflowRunJobs(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/runs/{run}/jobs repository listWorkflowRunJobs
+	// ---
+	// summary: Lists all jobs for a workflow run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: run
+	//   in: path
+	//   description: runid of the workflow run
+	//   type: integer
+	//   required: true
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJobsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	repoID := ctx.Repo.Repository.ID
+
+	runID := ctx.PathParamInt64("run")
+
+	// Avoid the list all jobs functionality for this api route to be used with a runID == 0.
+	if runID <= 0 {
+		ctx.APIError(http.StatusBadRequest, util.NewInvalidArgumentErrorf("runID must be a positive integer"))
+		return
+	}
+
+	// runID is used as an additional filter next to repoID to ensure that we only list jobs for the specified repoID and runID.
+	// no additional checks for runID are needed here
+	shared.ListJobs(ctx, 0, repoID, runID)
+}
+
+// GetWorkflowJob Gets a specific workflow job for a workflow run.
+func GetWorkflowJob(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/jobs/{job_id} repository getWorkflowJob
+	// ---
+	// summary: Gets a specific workflow job for a workflow run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: job_id
+	//   in: path
+	//   description: id of the job
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJob"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	jobID := ctx.PathParamInt64("job_id")
+	job, has, err := db.GetByID[actions_model.ActionRunJob](ctx, jobID)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	if !has || job.RepoID != ctx.Repo.Repository.ID {
+		ctx.APIErrorNotFound(util.ErrNotExist)
+		return
+	}
+
+	convertedWorkflowJob, err := convert.ToActionWorkflowJob(ctx, ctx.Repo.Repository, nil, job)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	ctx.JSON(http.StatusOK, convertedWorkflowJob)
+}
+
+// GetArtifactsOfRun Lists all artifacts for a repository.
 func GetArtifactsOfRun(ctx *context.APIContext) {
 	// swagger:operation GET /repos/{owner}/{repo}/actions/runs/{run}/artifacts repository getArtifactsOfRun
 	// ---
@@ -883,7 +1271,7 @@ func GetArtifactsOfRun(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -942,6 +1330,58 @@ func GetArtifactsOfRun(ctx *context.APIContext) {
 	ctx.JSON(http.StatusOK, &res)
 }
 
+// DeleteActionRun Delete a workflow run
+func DeleteActionRun(ctx *context.APIContext) {
+	// swagger:operation DELETE /repos/{owner}/{repo}/actions/runs/{run} repository deleteActionRun
+	// ---
+	// summary: Delete a workflow run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: run
+	//   in: path
+	//   description: runid of the workflow run
+	//   type: integer
+	//   required: true
+	// responses:
+	//   "204":
+	//     description: "No Content"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	runID := ctx.PathParamInt64("run")
+	run, err := actions_model.GetRunByRepoAndID(ctx, ctx.Repo.Repository.ID, runID)
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.APIErrorNotFound(err)
+		return
+	} else if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	if !run.Status.IsDone() {
+		ctx.APIError(http.StatusBadRequest, "this workflow run is not done")
+		return
+	}
+
+	if err := actions_service.DeleteRun(ctx, run); err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	ctx.Status(http.StatusNoContent)
+}
+
 // GetArtifacts Lists all artifacts for a repository.
 func GetArtifacts(ctx *context.APIContext) {
 	// swagger:operation GET /repos/{owner}/{repo}/actions/artifacts repository getArtifacts
@@ -952,7 +1392,7 @@ func GetArtifacts(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -1013,7 +1453,7 @@ func GetArtifact(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -1062,7 +1502,7 @@ func DeleteArtifact(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -1103,8 +1543,8 @@ func DeleteArtifact(ctx *context.APIContext) {
 func buildSignature(endp string, expires, artifactID int64) []byte {
 	mac := hmac.New(sha256.New, setting.GetGeneralTokenSigningSecret())
 	mac.Write([]byte(endp))
-	mac.Write([]byte(fmt.Sprint(expires)))
-	mac.Write([]byte(fmt.Sprint(artifactID)))
+	fmt.Fprint(mac, expires)
+	fmt.Fprint(mac, artifactID)
 	return mac.Sum(nil)
 }
 
@@ -1129,7 +1569,7 @@ func DownloadArtifact(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: name of the owner
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
diff --git a/routers/api/v1/repo/actions_run.go b/routers/api/v1/repo/actions_run.go
new file mode 100644
index 0000000000..a12a6fdd6d
--- /dev/null
+++ b/routers/api/v1/repo/actions_run.go
@@ -0,0 +1,64 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"errors"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/common"
+	"code.gitea.io/gitea/services/context"
+)
+
+func DownloadActionsRunJobLogs(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs repository downloadActionsRunJobLogs
+	// ---
+	// summary: Downloads the job logs for a workflow run
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repository
+	//   type: string
+	//   required: true
+	// - name: job_id
+	//   in: path
+	//   description: id of the job
+	//   type: integer
+	//   required: true
+	// responses:
+	//   "200":
+	//     description: output blob content
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	jobID := ctx.PathParamInt64("job_id")
+	curJob, err := actions_model.GetRunJobByID(ctx, jobID)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	if err = curJob.LoadRepo(ctx); err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	err = common.DownloadActionsRunJobLogs(ctx.Base, ctx.Repo.Repository, curJob)
+	if err != nil {
+		if errors.Is(err, util.ErrNotExist) {
+			ctx.APIErrorNotFound(err)
+		} else {
+			ctx.APIErrorInternal(err)
+		}
+	}
+}
diff --git a/routers/api/v1/repo/blob.go b/routers/api/v1/repo/blob.go
index d1cb72f5f1..9a17fc1bbf 100644
--- a/routers/api/v1/repo/blob.go
+++ b/routers/api/v1/repo/blob.go
@@ -47,7 +47,7 @@ func GetBlob(ctx *context.APIContext) {
 		return
 	}
 
-	if blob, err := files_service.GetBlobBySHA(ctx, ctx.Repo.Repository, ctx.Repo.GitRepo, sha); err != nil {
+	if blob, err := files_service.GetBlobBySHA(ctx.Repo.Repository, ctx.Repo.GitRepo, sha); err != nil {
 		ctx.APIError(http.StatusBadRequest, err)
 	} else {
 		ctx.JSON(http.StatusOK, blob)
diff --git a/routers/api/v1/repo/branch.go b/routers/api/v1/repo/branch.go
index 9c6e572fb4..9af958a5b7 100644
--- a/routers/api/v1/repo/branch.go
+++ b/routers/api/v1/repo/branch.go
@@ -6,7 +6,6 @@ package repo
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/models/db"
@@ -60,17 +59,16 @@ func GetBranch(ctx *context.APIContext) {
 
 	branchName := ctx.PathParam("*")
 
-	branch, err := ctx.Repo.GitRepo.GetBranch(branchName)
+	exist, err := git_model.IsBranchExist(ctx, ctx.Repo.Repository.ID, branchName)
 	if err != nil {
-		if git.IsErrBranchNotExist(err) {
-			ctx.APIErrorNotFound(err)
-		} else {
-			ctx.APIErrorInternal(err)
-		}
+		ctx.APIErrorInternal(err)
+		return
+	} else if !exist {
+		ctx.APIErrorNotFound(err)
 		return
 	}
 
-	c, err := branch.GetCommit()
+	c, err := ctx.Repo.GitRepo.GetBranchCommit(branchName)
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -82,7 +80,7 @@ func GetBranch(ctx *context.APIContext) {
 		return
 	}
 
-	br, err := convert.ToBranch(ctx, ctx.Repo.Repository, branch.Name, c, branchProtection, ctx.Doer, ctx.Repo.IsAdmin())
+	br, err := convert.ToBranch(ctx, ctx.Repo.Repository, branchName, c, branchProtection, ctx.Doer, ctx.Repo.IsAdmin())
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -157,9 +155,9 @@ func DeleteBranch(ctx *context.APIContext) {
 		case git.IsErrBranchNotExist(err):
 			ctx.APIErrorNotFound(err)
 		case errors.Is(err, repo_service.ErrBranchIsDefault):
-			ctx.APIError(http.StatusForbidden, fmt.Errorf("can not delete default branch"))
+			ctx.APIError(http.StatusForbidden, errors.New("can not delete default branch"))
 		case errors.Is(err, git_model.ErrBranchIsProtected):
-			ctx.APIError(http.StatusForbidden, fmt.Errorf("branch protected"))
+			ctx.APIError(http.StatusForbidden, errors.New("branch protected"))
 		default:
 			ctx.APIErrorInternal(err)
 		}
@@ -226,9 +224,9 @@ func CreateBranch(ctx *context.APIContext) {
 			ctx.APIErrorInternal(err)
 			return
 		}
-	} else if len(opt.OldBranchName) > 0 { //nolint
-		if gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, opt.OldBranchName) { //nolint
-			oldCommit, err = ctx.Repo.GitRepo.GetBranchCommit(opt.OldBranchName) //nolint
+	} else if len(opt.OldBranchName) > 0 { //nolint:staticcheck // deprecated field
+		if gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, opt.OldBranchName) { //nolint:staticcheck // deprecated field
+			oldCommit, err = ctx.Repo.GitRepo.GetBranchCommit(opt.OldBranchName) //nolint:staticcheck // deprecated field
 			if err != nil {
 				ctx.APIErrorInternal(err)
 				return
@@ -261,25 +259,19 @@ func CreateBranch(ctx *context.APIContext) {
 		return
 	}
 
-	branch, err := ctx.Repo.GitRepo.GetBranch(opt.BranchName)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return
-	}
-
-	commit, err := branch.GetCommit()
+	commit, err := ctx.Repo.GitRepo.GetBranchCommit(opt.BranchName)
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
 	}
 
-	branchProtection, err := git_model.GetFirstMatchProtectedBranchRule(ctx, ctx.Repo.Repository.ID, branch.Name)
+	branchProtection, err := git_model.GetFirstMatchProtectedBranchRule(ctx, ctx.Repo.Repository.ID, opt.BranchName)
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
 	}
 
-	br, err := convert.ToBranch(ctx, ctx.Repo.Repository, branch.Name, commit, branchProtection, ctx.Doer, ctx.Repo.IsAdmin())
+	br, err := convert.ToBranch(ctx, ctx.Repo.Repository, opt.BranchName, commit, branchProtection, ctx.Doer, ctx.Repo.IsAdmin())
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -587,7 +579,7 @@ func CreateBranchProtection(ctx *context.APIContext) {
 
 	ruleName := form.RuleName
 	if ruleName == "" {
-		ruleName = form.BranchName //nolint
+		ruleName = form.BranchName //nolint:staticcheck // deprecated field
 	}
 	if len(ruleName) == 0 {
 		ctx.APIError(http.StatusBadRequest, "both rule_name and branch_name are empty")
@@ -1189,7 +1181,7 @@ func MergeUpstream(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 	form := web.GetForm(ctx).(*api.MergeUpstreamRequest)
-	mergeStyle, err := repo_service.MergeUpstream(ctx, ctx.Doer, ctx.Repo.Repository, form.Branch)
+	mergeStyle, err := repo_service.MergeUpstream(ctx, ctx.Doer, ctx.Repo.Repository, form.Branch, form.FfOnly)
 	if err != nil {
 		if errors.Is(err, util.ErrInvalidArgument) {
 			ctx.APIError(http.StatusBadRequest, err)
diff --git a/routers/api/v1/repo/collaborators.go b/routers/api/v1/repo/collaborators.go
index a54225f0fd..eed9c19fe1 100644
--- a/routers/api/v1/repo/collaborators.go
+++ b/routers/api/v1/repo/collaborators.go
@@ -93,7 +93,7 @@ func IsCollaborator(ctx *context.APIContext) {
 	//   required: true
 	// - name: collaborator
 	//   in: path
-	//   description: username of the collaborator
+	//   description: username of the user to check for being a collaborator
 	//   type: string
 	//   required: true
 	// responses:
@@ -145,7 +145,7 @@ func AddOrUpdateCollaborator(ctx *context.APIContext) {
 	//   required: true
 	// - name: collaborator
 	//   in: path
-	//   description: username of the collaborator to add
+	//   description: username of the user to add or update as a collaborator
 	//   type: string
 	//   required: true
 	// - name: body
@@ -181,7 +181,7 @@ func AddOrUpdateCollaborator(ctx *context.APIContext) {
 
 	p := perm.AccessModeWrite
 	if form.Permission != nil {
-		p = perm.ParseAccessMode(*form.Permission)
+		p = perm.ParseAccessMode(*form.Permission, perm.AccessModeRead, perm.AccessModeWrite, perm.AccessModeAdmin)
 	}
 
 	if err := repo_service.AddOrUpdateCollaborator(ctx, ctx.Repo.Repository, collaborator, p); err != nil {
@@ -264,7 +264,7 @@ func GetRepoPermissions(ctx *context.APIContext) {
 	//   required: true
 	// - name: collaborator
 	//   in: path
-	//   description: username of the collaborator
+	//   description: username of the collaborator whose permissions are to be obtained
 	//   type: string
 	//   required: true
 	// responses:
@@ -276,7 +276,7 @@ func GetRepoPermissions(ctx *context.APIContext) {
 	//     "$ref": "#/responses/forbidden"
 
 	collaboratorUsername := ctx.PathParam("collaborator")
-	if !ctx.Doer.IsAdmin && ctx.Doer.LowerName != strings.ToLower(collaboratorUsername) && !ctx.IsUserRepoAdmin() {
+	if !ctx.Doer.IsAdmin && !strings.EqualFold(ctx.Doer.LowerName, collaboratorUsername) && !ctx.IsUserRepoAdmin() {
 		ctx.APIError(http.StatusForbidden, "Only admins can query all permissions, repo admins can query all repo permissions, collaborators can query only their own")
 		return
 	}
diff --git a/routers/api/v1/repo/commits.go b/routers/api/v1/repo/commits.go
index 03489d777b..6a93be624f 100644
--- a/routers/api/v1/repo/commits.go
+++ b/routers/api/v1/repo/commits.go
@@ -5,10 +5,10 @@
 package repo
 
 import (
-	"fmt"
 	"math"
 	"net/http"
 	"strconv"
+	"time"
 
 	issues_model "code.gitea.io/gitea/models/issues"
 	user_model "code.gitea.io/gitea/models/user"
@@ -65,7 +65,7 @@ func GetSingleCommit(ctx *context.APIContext) {
 
 	sha := ctx.PathParam("sha")
 	if !git.IsValidRefPattern(sha) {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("no valid ref or sha: %s", sha))
+		ctx.APIError(http.StatusUnprocessableEntity, "no valid ref or sha: "+sha)
 		return
 	}
 
@@ -76,7 +76,7 @@ func getCommit(ctx *context.APIContext, identifier string, toCommitOpts convert.
 	commit, err := ctx.Repo.GitRepo.GetCommit(identifier)
 	if err != nil {
 		if git.IsErrNotExist(err) {
-			ctx.APIErrorNotFound(identifier)
+			ctx.APIErrorNotFound("commit doesn't exist: " + identifier)
 			return
 		}
 		ctx.APIErrorInternal(err)
@@ -117,6 +117,16 @@ func GetAllCommits(ctx *context.APIContext) {
 	//   in: query
 	//   description: filepath of a file/dir
 	//   type: string
+	// - name: since
+	//   in: query
+	//   description: Only commits after this date will be returned (ISO 8601 format)
+	//   type: string
+	//   format: date-time
+	// - name: until
+	//   in: query
+	//   description: Only commits before this date will be returned (ISO 8601 format)
+	//   type: string
+	//   format: date-time
 	// - name: stat
 	//   in: query
 	//   description: include diff stats for every commit (disable for speedup, default 'true')
@@ -149,6 +159,23 @@ func GetAllCommits(ctx *context.APIContext) {
 	//   "409":
 	//     "$ref": "#/responses/EmptyRepository"
 
+	since := ctx.FormString("since")
+	until := ctx.FormString("until")
+
+	// Validate since/until as ISO 8601 (RFC3339)
+	if since != "" {
+		if _, err := time.Parse(time.RFC3339, since); err != nil {
+			ctx.APIError(http.StatusUnprocessableEntity, "invalid 'since' format, expected ISO 8601 (RFC3339)")
+			return
+		}
+	}
+	if until != "" {
+		if _, err := time.Parse(time.RFC3339, until); err != nil {
+			ctx.APIError(http.StatusUnprocessableEntity, "invalid 'until' format, expected ISO 8601 (RFC3339)")
+			return
+		}
+	}
+
 	if ctx.Repo.Repository.IsEmpty {
 		ctx.JSON(http.StatusConflict, api.APIError{
 			Message: "Git Repository is empty.",
@@ -180,13 +207,7 @@ func GetAllCommits(ctx *context.APIContext) {
 		var baseCommit *git.Commit
 		if len(sha) == 0 {
 			// no sha supplied - use default branch
-			head, err := ctx.Repo.GitRepo.GetHEADBranch()
-			if err != nil {
-				ctx.APIErrorInternal(err)
-				return
-			}
-
-			baseCommit, err = ctx.Repo.GitRepo.GetBranchCommit(head.Name)
+			baseCommit, err = ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
 			if err != nil {
 				ctx.APIErrorInternal(err)
 				return
@@ -205,6 +226,8 @@ func GetAllCommits(ctx *context.APIContext) {
 			RepoPath: ctx.Repo.GitRepo.Path,
 			Not:      not,
 			Revision: []string{baseCommit.ID.String()},
+			Since:    since,
+			Until:    until,
 		})
 		if err != nil {
 			ctx.APIErrorInternal(err)
@@ -212,7 +235,7 @@ func GetAllCommits(ctx *context.APIContext) {
 		}
 
 		// Query commits
-		commits, err = baseCommit.CommitsByRange(listOptions.Page, listOptions.PageSize, not)
+		commits, err = baseCommit.CommitsByRange(listOptions.Page, listOptions.PageSize, not, since, until)
 		if err != nil {
 			ctx.APIErrorInternal(err)
 			return
@@ -228,6 +251,8 @@ func GetAllCommits(ctx *context.APIContext) {
 				Not:      not,
 				Revision: []string{sha},
 				RelPath:  []string{path},
+				Since:    since,
+				Until:    until,
 			})
 
 		if err != nil {
@@ -244,6 +269,8 @@ func GetAllCommits(ctx *context.APIContext) {
 				File:     path,
 				Not:      not,
 				Page:     listOptions.Page,
+				Since:    since,
+				Until:    until,
 			})
 		if err != nil {
 			ctx.APIErrorInternal(err)
@@ -317,7 +344,7 @@ func DownloadCommitDiffOrPatch(ctx *context.APIContext) {
 
 	if err := git.GetRawDiff(ctx.Repo.GitRepo, sha, diffType, ctx.Resp); err != nil {
 		if git.IsErrNotExist(err) {
-			ctx.APIErrorNotFound(sha)
+			ctx.APIErrorNotFound("commit doesn't exist: " + sha)
 			return
 		}
 		ctx.APIErrorInternal(err)
diff --git a/routers/api/v1/repo/download.go b/routers/api/v1/repo/download.go
index 20901badfb..acd93ecf2e 100644
--- a/routers/api/v1/repo/download.go
+++ b/routers/api/v1/repo/download.go
@@ -4,7 +4,6 @@
 package repo
 
 import (
-	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/modules/git"
@@ -23,7 +22,7 @@ func DownloadArchive(ctx *context.APIContext) {
 	case "bundle":
 		tp = git.ArchiveBundle
 	default:
-		ctx.APIError(http.StatusBadRequest, fmt.Sprintf("Unknown archive type: %s", ballType))
+		ctx.APIError(http.StatusBadRequest, "Unknown archive type: "+ballType)
 		return
 	}
 
diff --git a/routers/api/v1/repo/file.go b/routers/api/v1/repo/file.go
index 1ba71aa8a3..a85dda79d0 100644
--- a/routers/api/v1/repo/file.go
+++ b/routers/api/v1/repo/file.go
@@ -16,16 +16,18 @@ import (
 
 	git_model "code.gitea.io/gitea/models/git"
 	repo_model "code.gitea.io/gitea/models/repo"
-	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/httpcache"
+	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/routers/api/v1/utils"
 	"code.gitea.io/gitea/routers/common"
 	"code.gitea.io/gitea/services/context"
 	pull_service "code.gitea.io/gitea/services/pull"
@@ -60,7 +62,7 @@ func GetRawFile(ctx *context.APIContext) {
 	//   required: true
 	// - name: ref
 	//   in: query
-	//   description: "The name of the commit/branch/tag. Default the repository’s default branch"
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch"
 	//   type: string
 	//   required: false
 	// responses:
@@ -113,7 +115,7 @@ func GetRawFileOrLFS(ctx *context.APIContext) {
 	//   required: true
 	// - name: ref
 	//   in: query
-	//   description: "The name of the commit/branch/tag. Default the repository’s default branch"
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch"
 	//   type: string
 	//   required: false
 	// responses:
@@ -137,27 +139,27 @@ func GetRawFileOrLFS(ctx *context.APIContext) {
 	ctx.RespHeader().Set(giteaObjectTypeHeader, string(files_service.GetObjectTypeFromTreeEntry(entry)))
 
 	// LFS Pointer files are at most 1024 bytes - so any blob greater than 1024 bytes cannot be an LFS file
-	if blob.Size() > 1024 {
+	if blob.Size() > lfs.MetaFileMaxSize {
 		// First handle caching for the blob
 		if httpcache.HandleGenericETagTimeCache(ctx.Req, ctx.Resp, `"`+blob.ID.String()+`"`, lastModified) {
 			return
 		}
 
-		// OK not cached - serve!
+		// If not cached - serve!
 		if err := common.ServeBlob(ctx.Base, ctx.Repo.Repository, ctx.Repo.TreePath, blob, lastModified); err != nil {
 			ctx.APIErrorInternal(err)
 		}
 		return
 	}
 
-	// OK, now the blob is known to have at most 1024 bytes we can simply read this in one go (This saves reading it twice)
+	// OK, now the blob is known to have at most 1024 (lfs pointer max size) bytes,
+	// we can simply read this in one go (This saves reading it twice)
 	dataRc, err := blob.DataAsync()
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
 	}
 
-	// FIXME: code from #19689, what if the file is large ... OOM ...
 	buf, err := io.ReadAll(dataRc)
 	if err != nil {
 		_ = dataRc.Close()
@@ -179,7 +181,7 @@ func GetRawFileOrLFS(ctx *context.APIContext) {
 			return
 		}
 
-		// OK not cached - serve!
+		// If not cached - serve!
 		common.ServeContentByReader(ctx.Base, ctx.Repo.TreePath, blob.Size(), bytes.NewReader(buf))
 		return
 	}
@@ -208,7 +210,7 @@ func GetRawFileOrLFS(ctx *context.APIContext) {
 
 	if setting.LFS.Storage.ServeDirect() {
 		// If we have a signed url (S3, object storage), redirect to this directly.
-		u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name(), nil)
+		u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name(), ctx.Req.Method, nil)
 		if u != nil && err == nil {
 			ctx.Redirect(u.String())
 			return
@@ -329,7 +331,7 @@ func download(ctx *context.APIContext, archiveName string, archiver *repo_model.
 	rPath := archiver.RelativePath()
 	if setting.RepoArchive.Storage.ServeDirect() {
 		// If we have a signed url (S3, object storage), redirect to this directly.
-		u, err := storage.RepoArchives.URL(rPath, downloadName, nil)
+		u, err := storage.RepoArchives.URL(rPath, downloadName, ctx.Req.Method, nil)
 		if u != nil && err == nil {
 			ctx.Redirect(u.String())
 			return
@@ -375,7 +377,7 @@ func GetEditorconfig(ctx *context.APIContext) {
 	//   required: true
 	// - name: ref
 	//   in: query
-	//   description: "The name of the commit/branch/tag. Default the repository’s default branch (usually master)"
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch."
 	//   type: string
 	//   required: false
 	// responses:
@@ -403,18 +405,6 @@ func GetEditorconfig(ctx *context.APIContext) {
 	ctx.JSON(http.StatusOK, def)
 }
 
-// canWriteFiles returns true if repository is editable and user has proper access level.
-func canWriteFiles(ctx *context.APIContext, branch string) bool {
-	return ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, branch) &&
-		!ctx.Repo.Repository.IsMirror &&
-		!ctx.Repo.Repository.IsArchived
-}
-
-// canReadFiles returns true if repository is readable and user has proper access level.
-func canReadFiles(r *context.Repository) bool {
-	return r.Permission.CanRead(unit.TypeCode)
-}
-
 func base64Reader(s string) (io.ReadSeeker, error) {
 	b, err := base64.StdEncoding.DecodeString(s)
 	if err != nil {
@@ -423,6 +413,45 @@ func base64Reader(s string) (io.ReadSeeker, error) {
 	return bytes.NewReader(b), nil
 }
 
+func ReqChangeRepoFileOptionsAndCheck(ctx *context.APIContext) {
+	commonOpts := web.GetForm(ctx).(api.FileOptionsInterface).GetFileOptions()
+	commonOpts.BranchName = util.IfZero(commonOpts.BranchName, ctx.Repo.Repository.DefaultBranch)
+	commonOpts.NewBranchName = util.IfZero(commonOpts.NewBranchName, commonOpts.BranchName)
+	if !ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, commonOpts.NewBranchName) && !ctx.IsUserSiteAdmin() {
+		ctx.APIError(http.StatusForbidden, "user should have a permission to write to the target branch")
+		return
+	}
+	changeFileOpts := &files_service.ChangeRepoFilesOptions{
+		Message:   commonOpts.Message,
+		OldBranch: commonOpts.BranchName,
+		NewBranch: commonOpts.NewBranchName,
+		Committer: &files_service.IdentityOptions{
+			GitUserName:  commonOpts.Committer.Name,
+			GitUserEmail: commonOpts.Committer.Email,
+		},
+		Author: &files_service.IdentityOptions{
+			GitUserName:  commonOpts.Author.Name,
+			GitUserEmail: commonOpts.Author.Email,
+		},
+		Dates: &files_service.CommitDateOptions{
+			Author:    commonOpts.Dates.Author,
+			Committer: commonOpts.Dates.Committer,
+		},
+		Signoff: commonOpts.Signoff,
+	}
+	if commonOpts.Dates.Author.IsZero() {
+		commonOpts.Dates.Author = time.Now()
+	}
+	if commonOpts.Dates.Committer.IsZero() {
+		commonOpts.Dates.Committer = time.Now()
+	}
+	ctx.Data["__APIChangeRepoFilesOptions"] = changeFileOpts
+}
+
+func getAPIChangeRepoFileOptions[T api.FileOptionsInterface](ctx *context.APIContext) (apiOpts T, opts *files_service.ChangeRepoFilesOptions) {
+	return web.GetForm(ctx).(T), ctx.Data["__APIChangeRepoFilesOptions"].(*files_service.ChangeRepoFilesOptions)
+}
+
 // ChangeFiles handles API call for modifying multiple files
 func ChangeFiles(ctx *context.APIContext) {
 	// swagger:operation POST /repos/{owner}/{repo}/contents repository repoChangeFiles
@@ -459,20 +488,18 @@ func ChangeFiles(ctx *context.APIContext) {
 	//     "$ref": "#/responses/error"
 	//   "423":
 	//     "$ref": "#/responses/repoArchivedError"
-
-	apiOpts := web.GetForm(ctx).(*api.ChangeFilesOptions)
-
-	if apiOpts.BranchName == "" {
-		apiOpts.BranchName = ctx.Repo.Repository.DefaultBranch
+	apiOpts, opts := getAPIChangeRepoFileOptions[*api.ChangeFilesOptions](ctx)
+	if ctx.Written() {
+		return
 	}
-
-	var files []*files_service.ChangeRepoFile
 	for _, file := range apiOpts.Files {
 		contentReader, err := base64Reader(file.ContentBase64)
 		if err != nil {
 			ctx.APIError(http.StatusUnprocessableEntity, err)
 			return
 		}
+		// FIXME: ChangeFileOperation.SHA is NOT required for update or delete if last commit is provided in the options
+		// But the LastCommitID is not provided in the API options, need to fully fix them in API
 		changeRepoFile := &files_service.ChangeRepoFile{
 			Operation:     file.Operation,
 			TreePath:      file.Path,
@@ -480,41 +507,15 @@ func ChangeFiles(ctx *context.APIContext) {
 			ContentReader: contentReader,
 			SHA:           file.SHA,
 		}
-		files = append(files, changeRepoFile)
-	}
-
-	opts := &files_service.ChangeRepoFilesOptions{
-		Files:     files,
-		Message:   apiOpts.Message,
-		OldBranch: apiOpts.BranchName,
-		NewBranch: apiOpts.NewBranchName,
-		Committer: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Committer.Name,
-			GitUserEmail: apiOpts.Committer.Email,
-		},
-		Author: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Author.Name,
-			GitUserEmail: apiOpts.Author.Email,
-		},
-		Dates: &files_service.CommitDateOptions{
-			Author:    apiOpts.Dates.Author,
-			Committer: apiOpts.Dates.Committer,
-		},
-		Signoff: apiOpts.Signoff,
-	}
-	if opts.Dates.Author.IsZero() {
-		opts.Dates.Author = time.Now()
-	}
-	if opts.Dates.Committer.IsZero() {
-		opts.Dates.Committer = time.Now()
+		opts.Files = append(opts.Files, changeRepoFile)
 	}
 
 	if opts.Message == "" {
-		opts.Message = changeFilesCommitMessage(ctx, files)
+		opts.Message = changeFilesCommitMessage(ctx, opts.Files)
 	}
 
-	if filesResponse, err := createOrUpdateFiles(ctx, opts); err != nil {
-		handleCreateOrUpdateFileError(ctx, err)
+	if filesResponse, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, opts); err != nil {
+		handleChangeRepoFilesError(ctx, err)
 	} else {
 		ctx.JSON(http.StatusCreated, filesResponse)
 	}
@@ -562,56 +563,27 @@ func CreateFile(ctx *context.APIContext) {
 	//   "423":
 	//     "$ref": "#/responses/repoArchivedError"
 
-	apiOpts := web.GetForm(ctx).(*api.CreateFileOptions)
-
-	if apiOpts.BranchName == "" {
-		apiOpts.BranchName = ctx.Repo.Repository.DefaultBranch
+	apiOpts, opts := getAPIChangeRepoFileOptions[*api.CreateFileOptions](ctx)
+	if ctx.Written() {
+		return
 	}
-
 	contentReader, err := base64Reader(apiOpts.ContentBase64)
 	if err != nil {
 		ctx.APIError(http.StatusUnprocessableEntity, err)
 		return
 	}
 
-	opts := &files_service.ChangeRepoFilesOptions{
-		Files: []*files_service.ChangeRepoFile{
-			{
-				Operation:     "create",
-				TreePath:      ctx.PathParam("*"),
-				ContentReader: contentReader,
-			},
-		},
-		Message:   apiOpts.Message,
-		OldBranch: apiOpts.BranchName,
-		NewBranch: apiOpts.NewBranchName,
-		Committer: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Committer.Name,
-			GitUserEmail: apiOpts.Committer.Email,
-		},
-		Author: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Author.Name,
-			GitUserEmail: apiOpts.Author.Email,
-		},
-		Dates: &files_service.CommitDateOptions{
-			Author:    apiOpts.Dates.Author,
-			Committer: apiOpts.Dates.Committer,
-		},
-		Signoff: apiOpts.Signoff,
-	}
-	if opts.Dates.Author.IsZero() {
-		opts.Dates.Author = time.Now()
-	}
-	if opts.Dates.Committer.IsZero() {
-		opts.Dates.Committer = time.Now()
-	}
-
+	opts.Files = append(opts.Files, &files_service.ChangeRepoFile{
+		Operation:     "create",
+		TreePath:      ctx.PathParam("*"),
+		ContentReader: contentReader,
+	})
 	if opts.Message == "" {
 		opts.Message = changeFilesCommitMessage(ctx, opts.Files)
 	}
 
-	if filesResponse, err := createOrUpdateFiles(ctx, opts); err != nil {
-		handleCreateOrUpdateFileError(ctx, err)
+	if filesResponse, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, opts); err != nil {
+		handleChangeRepoFilesError(ctx, err)
 	} else {
 		fileResponse := files_service.GetFileResponseFromFilesResponse(filesResponse, 0)
 		ctx.JSON(http.StatusCreated, fileResponse)
@@ -659,96 +631,55 @@ func UpdateFile(ctx *context.APIContext) {
 	//     "$ref": "#/responses/error"
 	//   "423":
 	//     "$ref": "#/responses/repoArchivedError"
-	apiOpts := web.GetForm(ctx).(*api.UpdateFileOptions)
-	if ctx.Repo.Repository.IsEmpty {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("repo is empty"))
-		return
-	}
 
-	if apiOpts.BranchName == "" {
-		apiOpts.BranchName = ctx.Repo.Repository.DefaultBranch
+	apiOpts, opts := getAPIChangeRepoFileOptions[*api.UpdateFileOptions](ctx)
+	if ctx.Written() {
+		return
 	}
-
 	contentReader, err := base64Reader(apiOpts.ContentBase64)
 	if err != nil {
 		ctx.APIError(http.StatusUnprocessableEntity, err)
 		return
 	}
-
-	opts := &files_service.ChangeRepoFilesOptions{
-		Files: []*files_service.ChangeRepoFile{
-			{
-				Operation:     "update",
-				ContentReader: contentReader,
-				SHA:           apiOpts.SHA,
-				FromTreePath:  apiOpts.FromPath,
-				TreePath:      ctx.PathParam("*"),
-			},
-		},
-		Message:   apiOpts.Message,
-		OldBranch: apiOpts.BranchName,
-		NewBranch: apiOpts.NewBranchName,
-		Committer: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Committer.Name,
-			GitUserEmail: apiOpts.Committer.Email,
-		},
-		Author: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Author.Name,
-			GitUserEmail: apiOpts.Author.Email,
-		},
-		Dates: &files_service.CommitDateOptions{
-			Author:    apiOpts.Dates.Author,
-			Committer: apiOpts.Dates.Committer,
-		},
-		Signoff: apiOpts.Signoff,
-	}
-	if opts.Dates.Author.IsZero() {
-		opts.Dates.Author = time.Now()
-	}
-	if opts.Dates.Committer.IsZero() {
-		opts.Dates.Committer = time.Now()
-	}
-
+	opts.Files = append(opts.Files, &files_service.ChangeRepoFile{
+		Operation:     "update",
+		ContentReader: contentReader,
+		SHA:           apiOpts.SHA,
+		FromTreePath:  apiOpts.FromPath,
+		TreePath:      ctx.PathParam("*"),
+	})
 	if opts.Message == "" {
 		opts.Message = changeFilesCommitMessage(ctx, opts.Files)
 	}
 
-	if filesResponse, err := createOrUpdateFiles(ctx, opts); err != nil {
-		handleCreateOrUpdateFileError(ctx, err)
+	if filesResponse, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, opts); err != nil {
+		handleChangeRepoFilesError(ctx, err)
 	} else {
 		fileResponse := files_service.GetFileResponseFromFilesResponse(filesResponse, 0)
 		ctx.JSON(http.StatusOK, fileResponse)
 	}
 }
 
-func handleCreateOrUpdateFileError(ctx *context.APIContext, err error) {
+func handleChangeRepoFilesError(ctx *context.APIContext, err error) {
 	if files_service.IsErrUserCannotCommit(err) || pull_service.IsErrFilePathProtected(err) {
 		ctx.APIError(http.StatusForbidden, err)
 		return
 	}
 	if git_model.IsErrBranchAlreadyExists(err) || files_service.IsErrFilenameInvalid(err) || pull_service.IsErrSHADoesNotMatch(err) ||
-		files_service.IsErrFilePathInvalid(err) || files_service.IsErrRepoFileAlreadyExists(err) {
+		files_service.IsErrFilePathInvalid(err) || files_service.IsErrRepoFileAlreadyExists(err) ||
+		files_service.IsErrCommitIDDoesNotMatch(err) || files_service.IsErrSHAOrCommitIDNotProvided(err) {
 		ctx.APIError(http.StatusUnprocessableEntity, err)
 		return
 	}
-	if git_model.IsErrBranchNotExist(err) || git.IsErrBranchNotExist(err) {
+	if git.IsErrBranchNotExist(err) || files_service.IsErrRepoFileDoesNotExist(err) || git.IsErrNotExist(err) {
 		ctx.APIError(http.StatusNotFound, err)
 		return
 	}
-
-	ctx.APIErrorInternal(err)
-}
-
-// Called from both CreateFile or UpdateFile to handle both
-func createOrUpdateFiles(ctx *context.APIContext, opts *files_service.ChangeRepoFilesOptions) (*api.FilesResponse, error) {
-	if !canWriteFiles(ctx, opts.OldBranch) {
-		return nil, repo_model.ErrUserDoesNotHaveAccessToRepo{
-			UserID:   ctx.Doer.ID,
-			RepoName: ctx.Repo.Repository.LowerName,
-		}
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.APIError(http.StatusNotFound, err)
+		return
 	}
-
-	return files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, opts)
+	ctx.APIErrorInternal(err)
 }
 
 // format commit message if empty
@@ -762,7 +693,7 @@ func changeFilesCommitMessage(ctx *context.APIContext, files []*files_service.Ch
 		switch file.Operation {
 		case "create":
 			createFiles = append(createFiles, file.TreePath)
-		case "update":
+		case "update", "upload", "rename": // upload and rename works like "update", there is no translation for them at the moment
 			updateFiles = append(updateFiles, file.TreePath)
 		case "delete":
 			deleteFiles = append(deleteFiles, file.TreePath)
@@ -820,85 +751,119 @@ func DeleteFile(ctx *context.APIContext) {
 	//     "$ref": "#/responses/error"
 	//   "404":
 	//     "$ref": "#/responses/error"
+	//   "422":
+	//     "$ref": "#/responses/error"
 	//   "423":
 	//     "$ref": "#/responses/repoArchivedError"
 
-	apiOpts := web.GetForm(ctx).(*api.DeleteFileOptions)
-	if !canWriteFiles(ctx, apiOpts.BranchName) {
-		ctx.APIError(http.StatusForbidden, repo_model.ErrUserDoesNotHaveAccessToRepo{
-			UserID:   ctx.Doer.ID,
-			RepoName: ctx.Repo.Repository.LowerName,
-		})
+	apiOpts, opts := getAPIChangeRepoFileOptions[*api.DeleteFileOptions](ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if apiOpts.BranchName == "" {
-		apiOpts.BranchName = ctx.Repo.Repository.DefaultBranch
-	}
-
-	opts := &files_service.ChangeRepoFilesOptions{
-		Files: []*files_service.ChangeRepoFile{
-			{
-				Operation: "delete",
-				SHA:       apiOpts.SHA,
-				TreePath:  ctx.PathParam("*"),
-			},
-		},
-		Message:   apiOpts.Message,
-		OldBranch: apiOpts.BranchName,
-		NewBranch: apiOpts.NewBranchName,
-		Committer: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Committer.Name,
-			GitUserEmail: apiOpts.Committer.Email,
-		},
-		Author: &files_service.IdentityOptions{
-			GitUserName:  apiOpts.Author.Name,
-			GitUserEmail: apiOpts.Author.Email,
-		},
-		Dates: &files_service.CommitDateOptions{
-			Author:    apiOpts.Dates.Author,
-			Committer: apiOpts.Dates.Committer,
-		},
-		Signoff: apiOpts.Signoff,
-	}
-	if opts.Dates.Author.IsZero() {
-		opts.Dates.Author = time.Now()
-	}
-	if opts.Dates.Committer.IsZero() {
-		opts.Dates.Committer = time.Now()
-	}
-
+	opts.Files = append(opts.Files, &files_service.ChangeRepoFile{
+		Operation: "delete",
+		SHA:       apiOpts.SHA,
+		TreePath:  ctx.PathParam("*"),
+	})
 	if opts.Message == "" {
 		opts.Message = changeFilesCommitMessage(ctx, opts.Files)
 	}
 
 	if filesResponse, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, opts); err != nil {
-		if git.IsErrBranchNotExist(err) || files_service.IsErrRepoFileDoesNotExist(err) || git.IsErrNotExist(err) {
-			ctx.APIError(http.StatusNotFound, err)
-			return
-		} else if git_model.IsErrBranchAlreadyExists(err) ||
-			files_service.IsErrFilenameInvalid(err) ||
-			pull_service.IsErrSHADoesNotMatch(err) ||
-			files_service.IsErrCommitIDDoesNotMatch(err) ||
-			files_service.IsErrSHAOrCommitIDNotProvided(err) {
-			ctx.APIError(http.StatusBadRequest, err)
-			return
-		} else if files_service.IsErrUserCannotCommit(err) {
-			ctx.APIError(http.StatusForbidden, err)
-			return
-		}
-		ctx.APIErrorInternal(err)
+		handleChangeRepoFilesError(ctx, err)
 	} else {
 		fileResponse := files_service.GetFileResponseFromFilesResponse(filesResponse, 0)
 		ctx.JSON(http.StatusOK, fileResponse) // FIXME on APIv2: return http.StatusNoContent
 	}
 }
 
-// GetContents Get the metadata and contents (if a file) of an entry in a repository, or a list of entries if a dir
+func resolveRefCommit(ctx *context.APIContext, ref string, minCommitIDLen ...int) *utils.RefCommit {
+	ref = util.IfZero(ref, ctx.Repo.Repository.DefaultBranch)
+	refCommit, err := utils.ResolveRefCommit(ctx, ctx.Repo.Repository, ref, minCommitIDLen...)
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.APIErrorNotFound(err)
+	} else if err != nil {
+		ctx.APIErrorInternal(err)
+	}
+	return refCommit
+}
+
+func GetContentsExt(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/contents-ext/{filepath} repository repoGetContentsExt
+	// ---
+	// summary: The extended "contents" API, to get file metadata and/or content, or list a directory.
+	// description: It guarantees that only one of the response fields is set if the request succeeds.
+	//              Users can pass "includes=file_content" or "includes=lfs_metadata" to retrieve more fields.
+	//              "includes=file_content" only works for single file, if you need to retrieve file contents in batch,
+	//              use "file-contents" API after listing the directory.
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: filepath
+	//   in: path
+	//   description: path of the dir, file, symlink or submodule in the repo. Swagger requires path parameter to be "required",
+	//                you can leave it empty or pass a single dot (".") to get the root directory.
+	//   type: string
+	//   required: true
+	// - name: ref
+	//   in: query
+	//   description: the name of the commit/branch/tag, default to the repository’s default branch.
+	//   type: string
+	//   required: false
+	// - name: includes
+	//   in: query
+	//   description: By default this API's response only contains file's metadata. Use comma-separated "includes" options to retrieve more fields.
+	//                Option "file_content" will try to retrieve the file content, "lfs_metadata" will try to retrieve LFS metadata,
+	//                "commit_metadata" will try to retrieve commit metadata, and "commit_message" will try to retrieve commit message.
+	//   type: string
+	//   required: false
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/ContentsExtResponse"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	if treePath := ctx.PathParam("*"); treePath == "." || treePath == "/" {
+		ctx.SetPathParam("*", "") // workaround for swagger, it requires path parameter to be "required", but we need to list root directory
+	}
+	opts := files_service.GetContentsOrListOptions{TreePath: ctx.PathParam("*")}
+	for includeOpt := range strings.SplitSeq(ctx.FormString("includes"), ",") {
+		if includeOpt == "" {
+			continue
+		}
+		switch includeOpt {
+		case "file_content":
+			opts.IncludeSingleFileContent = true
+		case "lfs_metadata":
+			opts.IncludeLfsMetadata = true
+		case "commit_metadata":
+			opts.IncludeCommitMetadata = true
+		case "commit_message":
+			opts.IncludeCommitMessage = true
+		default:
+			ctx.APIError(http.StatusBadRequest, fmt.Sprintf("unknown include option %q", includeOpt))
+			return
+		}
+	}
+	ctx.JSON(http.StatusOK, getRepoContents(ctx, opts))
+}
+
 func GetContents(ctx *context.APIContext) {
 	// swagger:operation GET /repos/{owner}/{repo}/contents/{filepath} repository repoGetContents
 	// ---
-	// summary: Gets the metadata and contents (if a file) of an entry in a repository, or a list of entries if a dir
+	// summary: Gets the metadata and contents (if a file) of an entry in a repository, or a list of entries if a dir.
+	// description: This API follows GitHub's design, and it is not easy to use. Recommend users to use the "contents-ext" API instead.
 	// produces:
 	// - application/json
 	// parameters:
@@ -919,7 +884,7 @@ func GetContents(ctx *context.APIContext) {
 	//   required: true
 	// - name: ref
 	//   in: query
-	//   description: "The name of the commit/branch/tag. Default the repository’s default branch (usually master)"
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch."
 	//   type: string
 	//   required: false
 	// responses:
@@ -927,34 +892,38 @@ func GetContents(ctx *context.APIContext) {
 	//     "$ref": "#/responses/ContentsResponse"
 	//   "404":
 	//     "$ref": "#/responses/notFound"
-
-	if !canReadFiles(ctx.Repo) {
-		ctx.APIErrorInternal(repo_model.ErrUserDoesNotHaveAccessToRepo{
-			UserID:   ctx.Doer.ID,
-			RepoName: ctx.Repo.Repository.LowerName,
-		})
+	ret := getRepoContents(ctx, files_service.GetContentsOrListOptions{
+		TreePath:                 ctx.PathParam("*"),
+		IncludeSingleFileContent: true,
+		IncludeCommitMetadata:    true,
+	})
+	if ctx.Written() {
 		return
 	}
+	ctx.JSON(http.StatusOK, util.Iif[any](ret.FileContents != nil, ret.FileContents, ret.DirContents))
+}
 
-	treePath := ctx.PathParam("*")
-	ref := ctx.FormTrim("ref")
-
-	if fileList, err := files_service.GetContentsOrList(ctx, ctx.Repo.Repository, treePath, ref); err != nil {
+func getRepoContents(ctx *context.APIContext, opts files_service.GetContentsOrListOptions) *api.ContentsExtResponse {
+	refCommit := resolveRefCommit(ctx, ctx.FormTrim("ref"))
+	if ctx.Written() {
+		return nil
+	}
+	ret, err := files_service.GetContentsOrList(ctx, ctx.Repo.Repository, ctx.Repo.GitRepo, refCommit, opts)
+	if err != nil {
 		if git.IsErrNotExist(err) {
 			ctx.APIErrorNotFound("GetContentsOrList", err)
-			return
+			return nil
 		}
 		ctx.APIErrorInternal(err)
-	} else {
-		ctx.JSON(http.StatusOK, fileList)
 	}
+	return &ret
 }
 
-// GetContentsList Get the metadata of all the entries of the root dir
 func GetContentsList(ctx *context.APIContext) {
 	// swagger:operation GET /repos/{owner}/{repo}/contents repository repoGetContentsList
 	// ---
-	// summary: Gets the metadata of all the entries of the root dir
+	// summary: Gets the metadata of all the entries of the root dir.
+	// description: This API follows GitHub's design, and it is not easy to use. Recommend users to use our "contents-ext" API instead.
 	// produces:
 	// - application/json
 	// parameters:
@@ -970,7 +939,7 @@ func GetContentsList(ctx *context.APIContext) {
 	//   required: true
 	// - name: ref
 	//   in: query
-	//   description: "The name of the commit/branch/tag. Default the repository’s default branch (usually master)"
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch."
 	//   type: string
 	//   required: false
 	// responses:
@@ -982,3 +951,102 @@ func GetContentsList(ctx *context.APIContext) {
 	// same as GetContents(), this function is here because swagger fails if path is empty in GetContents() interface
 	GetContents(ctx)
 }
+
+func GetFileContentsGet(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/file-contents repository repoGetFileContents
+	// ---
+	// summary: Get the metadata and contents of requested files
+	// description: See the POST method. This GET method supports using JSON encoded request body in query parameter.
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: ref
+	//   in: query
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch."
+	//   type: string
+	//   required: false
+	// - name: body
+	//   in: query
+	//   description: "The JSON encoded body (see the POST request): {\"files\": [\"filename1\", \"filename2\"]}"
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/ContentsListResponse"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	// The POST method requires "write" permission, so we also support this "GET" method
+	handleGetFileContents(ctx)
+}
+
+func GetFileContentsPost(ctx *context.APIContext) {
+	// swagger:operation POST /repos/{owner}/{repo}/file-contents repository repoGetFileContentsPost
+	// ---
+	// summary: Get the metadata and contents of requested files
+	// description: Uses automatic pagination based on default page size and
+	// 							max response size and returns the maximum allowed number of files.
+	//							Files which could not be retrieved are null. Files which are too large
+	//							are being returned with `encoding == null`, `content == null` and `size > 0`,
+	//							they can be requested separately by using the `download_url`.
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: ref
+	//   in: query
+	//   description: "The name of the commit/branch/tag. Default to the repository’s default branch."
+	//   type: string
+	//   required: false
+	// - name: body
+	//   in: body
+	//   required: true
+	//   schema:
+	//     "$ref": "#/definitions/GetFilesOptions"
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/ContentsListResponse"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	// This is actually a "read" request, but we need to accept a "files" list, then POST method seems easy to use.
+	// But the permission system requires that the caller must have "write" permission to use POST method.
+	// At the moment, there is no other way to get around the permission check, so there is a "GET" workaround method above.
+	handleGetFileContents(ctx)
+}
+
+func handleGetFileContents(ctx *context.APIContext) {
+	opts, ok := web.GetForm(ctx).(*api.GetFilesOptions)
+	if !ok {
+		err := json.Unmarshal(util.UnsafeStringToBytes(ctx.FormString("body")), &opts)
+		if err != nil {
+			ctx.APIError(http.StatusBadRequest, "invalid body parameter")
+			return
+		}
+	}
+	refCommit := resolveRefCommit(ctx, ctx.FormTrim("ref"))
+	if ctx.Written() {
+		return
+	}
+	filesResponse := files_service.GetContentsListFromTreePaths(ctx, ctx.Repo.Repository, ctx.Repo.GitRepo, refCommit, opts.Files)
+	ctx.JSON(http.StatusOK, util.SliceNilAsEmpty(filesResponse))
+}
diff --git a/routers/api/v1/repo/hook_test.go b/routers/api/v1/repo/hook_test.go
index 2d15c6e078..f8d61ccf00 100644
--- a/routers/api/v1/repo/hook_test.go
+++ b/routers/api/v1/repo/hook_test.go
@@ -23,7 +23,7 @@ func TestTestHook(t *testing.T) {
 	contexttest.LoadRepoCommit(t, ctx)
 	contexttest.LoadUser(t, ctx, 2)
 	TestHook(ctx)
-	assert.EqualValues(t, http.StatusNoContent, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusNoContent, ctx.Resp.WrittenStatus())
 
 	unittest.AssertExistsAndLoadBean(t, &webhook.HookTask{
 		HookID: 1,
diff --git a/routers/api/v1/repo/issue.go b/routers/api/v1/repo/issue.go
index e678db5262..d4a5872fd1 100644
--- a/routers/api/v1/repo/issue.go
+++ b/routers/api/v1/repo/issue.go
@@ -152,7 +152,7 @@ func SearchIssues(ctx *context.APIContext) {
 	)
 	{
 		// find repos user can access (for issue search)
-		opts := &repo_model.SearchRepoOptions{
+		opts := repo_model.SearchRepoOptions{
 			Private:     false,
 			AllPublic:   true,
 			TopicOnly:   false,
@@ -895,6 +895,15 @@ func EditIssue(ctx *context.APIContext) {
 		issue.MilestoneID != *form.Milestone {
 		oldMilestoneID := issue.MilestoneID
 		issue.MilestoneID = *form.Milestone
+		if issue.MilestoneID > 0 {
+			issue.Milestone, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, *form.Milestone)
+			if err != nil {
+				ctx.APIErrorInternal(err)
+				return
+			}
+		} else {
+			issue.Milestone = nil
+		}
 		if err = issue_service.ChangeMilestoneAssign(ctx, issue, ctx.Doer, oldMilestoneID); err != nil {
 			ctx.APIErrorInternal(err)
 			return
diff --git a/routers/api/v1/repo/issue_comment.go b/routers/api/v1/repo/issue_comment.go
index 0c572a06a8..cc342a9313 100644
--- a/routers/api/v1/repo/issue_comment.go
+++ b/routers/api/v1/repo/issue_comment.go
@@ -609,15 +609,17 @@ func editIssueComment(ctx *context.APIContext, form api.EditIssueCommentOption)
 		return
 	}
 
-	oldContent := comment.Content
-	comment.Content = form.Body
-	if err := issue_service.UpdateComment(ctx, comment, comment.ContentVersion, ctx.Doer, oldContent); err != nil {
-		if errors.Is(err, user_model.ErrBlockedUser) {
-			ctx.APIError(http.StatusForbidden, err)
-		} else {
-			ctx.APIErrorInternal(err)
+	if form.Body != comment.Content {
+		oldContent := comment.Content
+		comment.Content = form.Body
+		if err := issue_service.UpdateComment(ctx, comment, comment.ContentVersion, ctx.Doer, oldContent); err != nil {
+			if errors.Is(err, user_model.ErrBlockedUser) {
+				ctx.APIError(http.StatusForbidden, err)
+			} else {
+				ctx.APIErrorInternal(err)
+			}
+			return
 		}
-		return
 	}
 
 	ctx.JSON(http.StatusOK, convert.ToAPIComment(ctx, ctx.Repo.Repository, comment))
diff --git a/routers/api/v1/repo/issue_dependency.go b/routers/api/v1/repo/issue_dependency.go
index 2048c76ea0..1b58beb7b6 100644
--- a/routers/api/v1/repo/issue_dependency.go
+++ b/routers/api/v1/repo/issue_dependency.go
@@ -77,10 +77,7 @@ func GetIssueDependencies(ctx *context.APIContext) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	limit := ctx.FormInt("limit")
 	if limit == 0 {
 		limit = setting.API.DefaultPagingNum
@@ -328,10 +325,7 @@ func GetIssueBlocks(ctx *context.APIContext) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	limit := ctx.FormInt("limit")
 	if limit <= 1 {
 		limit = setting.API.DefaultPagingNum
diff --git a/routers/api/v1/repo/issue_label.go b/routers/api/v1/repo/issue_label.go
index f8e14e0490..d5eee2d469 100644
--- a/routers/api/v1/repo/issue_label.go
+++ b/routers/api/v1/repo/issue_label.go
@@ -5,7 +5,7 @@
 package repo
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 	"reflect"
 
@@ -321,7 +321,7 @@ func prepareForReplaceOrAdd(ctx *context.APIContext, form api.IssueLabelsOption)
 
 	if !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) {
 		ctx.APIError(http.StatusForbidden, "write permission is required")
-		return nil, nil, fmt.Errorf("permission denied")
+		return nil, nil, errors.New("permission denied")
 	}
 
 	var (
@@ -337,12 +337,12 @@ func prepareForReplaceOrAdd(ctx *context.APIContext, form api.IssueLabelsOption)
 			labelNames = append(labelNames, rv.String())
 		default:
 			ctx.APIError(http.StatusBadRequest, "a label must be an integer or a string")
-			return nil, nil, fmt.Errorf("invalid label")
+			return nil, nil, errors.New("invalid label")
 		}
 	}
 	if len(labelIDs) > 0 && len(labelNames) > 0 {
 		ctx.APIError(http.StatusBadRequest, "labels should be an array of strings or integers")
-		return nil, nil, fmt.Errorf("invalid labels")
+		return nil, nil, errors.New("invalid labels")
 	}
 	if len(labelNames) > 0 {
 		repoLabelIDs, err := issues_model.GetLabelIDsInRepoByNames(ctx, ctx.Repo.Repository.ID, labelNames)
diff --git a/routers/api/v1/repo/issue_lock.go b/routers/api/v1/repo/issue_lock.go
new file mode 100644
index 0000000000..b9e5bcf6eb
--- /dev/null
+++ b/routers/api/v1/repo/issue_lock.go
@@ -0,0 +1,152 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"errors"
+	"net/http"
+
+	issues_model "code.gitea.io/gitea/models/issues"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/services/context"
+)
+
+// LockIssue lock an issue
+func LockIssue(ctx *context.APIContext) {
+	// swagger:operation PUT /repos/{owner}/{repo}/issues/{index}/lock issue issueLockIssue
+	// ---
+	// summary: Lock an issue
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: index
+	//   in: path
+	//   description: index of the issue
+	//   type: integer
+	//   format: int64
+	//   required: true
+	// - name: body
+	//   in: body
+	//   schema:
+	//     "$ref": "#/definitions/LockIssueOption"
+	// responses:
+	//   "204":
+	//     "$ref": "#/responses/empty"
+	//   "403":
+	//     "$ref": "#/responses/forbidden"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	reason := web.GetForm(ctx).(*api.LockIssueOption).Reason
+	issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64("index"))
+	if err != nil {
+		if issues_model.IsErrIssueNotExist(err) {
+			ctx.APIErrorNotFound(err)
+		} else {
+			ctx.APIErrorInternal(err)
+		}
+		return
+	}
+
+	if !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) {
+		ctx.APIError(http.StatusForbidden, errors.New("no permission to lock this issue"))
+		return
+	}
+
+	if !issue.IsLocked {
+		opt := &issues_model.IssueLockOptions{
+			Doer:   ctx.ContextUser,
+			Issue:  issue,
+			Reason: reason,
+		}
+
+		issue.Repo = ctx.Repo.Repository
+		err = issues_model.LockIssue(ctx, opt)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
+
+// UnlockIssue unlock an issue
+func UnlockIssue(ctx *context.APIContext) {
+	// swagger:operation DELETE /repos/{owner}/{repo}/issues/{index}/lock issue issueUnlockIssue
+	// ---
+	// summary: Unlock an issue
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: index
+	//   in: path
+	//   description: index of the issue
+	//   type: integer
+	//   format: int64
+	//   required: true
+	// responses:
+	//   "204":
+	//     "$ref": "#/responses/empty"
+	//   "403":
+	//     "$ref": "#/responses/forbidden"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64("index"))
+	if err != nil {
+		if issues_model.IsErrIssueNotExist(err) {
+			ctx.APIErrorNotFound(err)
+		} else {
+			ctx.APIErrorInternal(err)
+		}
+		return
+	}
+
+	if !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) {
+		ctx.APIError(http.StatusForbidden, errors.New("no permission to unlock this issue"))
+		return
+	}
+
+	if issue.IsLocked {
+		opt := &issues_model.IssueLockOptions{
+			Doer:  ctx.ContextUser,
+			Issue: issue,
+		}
+
+		issue.Repo = ctx.Repo.Repository
+		err = issues_model.UnlockIssue(ctx, opt)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
diff --git a/routers/api/v1/repo/issue_stopwatch.go b/routers/api/v1/repo/issue_stopwatch.go
index b18e172b37..0f28b9757d 100644
--- a/routers/api/v1/repo/issue_stopwatch.go
+++ b/routers/api/v1/repo/issue_stopwatch.go
@@ -4,7 +4,6 @@
 package repo
 
 import (
-	"errors"
 	"net/http"
 
 	issues_model "code.gitea.io/gitea/models/issues"
@@ -49,14 +48,17 @@ func StartIssueStopwatch(ctx *context.APIContext) {
 	//   "409":
 	//     description: Cannot start a stopwatch again if it already exists
 
-	issue, err := prepareIssueStopwatch(ctx, false)
-	if err != nil {
+	issue := prepareIssueForStopwatch(ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if err := issues_model.CreateIssueStopwatch(ctx, ctx.Doer, issue); err != nil {
+	if ok, err := issues_model.CreateIssueStopwatch(ctx, ctx.Doer, issue); err != nil {
 		ctx.APIErrorInternal(err)
 		return
+	} else if !ok {
+		ctx.APIError(http.StatusConflict, "cannot start a stopwatch again if it already exists")
+		return
 	}
 
 	ctx.Status(http.StatusCreated)
@@ -96,18 +98,20 @@ func StopIssueStopwatch(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 	//   "409":
-	//     description:  Cannot stop a non existent stopwatch
+	//     description:  Cannot stop a non-existent stopwatch
 
-	issue, err := prepareIssueStopwatch(ctx, true)
-	if err != nil {
+	issue := prepareIssueForStopwatch(ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if err := issues_model.FinishIssueStopwatch(ctx, ctx.Doer, issue); err != nil {
+	if ok, err := issues_model.FinishIssueStopwatch(ctx, ctx.Doer, issue); err != nil {
 		ctx.APIErrorInternal(err)
 		return
+	} else if !ok {
+		ctx.APIError(http.StatusConflict, "cannot stop a non-existent stopwatch")
+		return
 	}
-
 	ctx.Status(http.StatusCreated)
 }
 
@@ -145,22 +149,25 @@ func DeleteIssueStopwatch(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 	//   "409":
-	//     description:  Cannot cancel a non existent stopwatch
+	//     description:  Cannot cancel a non-existent stopwatch
 
-	issue, err := prepareIssueStopwatch(ctx, true)
-	if err != nil {
+	issue := prepareIssueForStopwatch(ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if err := issues_model.CancelStopwatch(ctx, ctx.Doer, issue); err != nil {
+	if ok, err := issues_model.CancelStopwatch(ctx, ctx.Doer, issue); err != nil {
 		ctx.APIErrorInternal(err)
 		return
+	} else if !ok {
+		ctx.APIError(http.StatusConflict, "cannot cancel a non-existent stopwatch")
+		return
 	}
 
 	ctx.Status(http.StatusNoContent)
 }
 
-func prepareIssueStopwatch(ctx *context.APIContext, shouldExist bool) (*issues_model.Issue, error) {
+func prepareIssueForStopwatch(ctx *context.APIContext) *issues_model.Issue {
 	issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64("index"))
 	if err != nil {
 		if issues_model.IsErrIssueNotExist(err) {
@@ -168,32 +175,19 @@ func prepareIssueStopwatch(ctx *context.APIContext, shouldExist bool) (*issues_m
 		} else {
 			ctx.APIErrorInternal(err)
 		}
-
-		return nil, err
+		return nil
 	}
 
 	if !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) {
 		ctx.Status(http.StatusForbidden)
-		return nil, errors.New("Unable to write to PRs")
+		return nil
 	}
 
 	if !ctx.Repo.CanUseTimetracker(ctx, issue, ctx.Doer) {
 		ctx.Status(http.StatusForbidden)
-		return nil, errors.New("Cannot use time tracker")
-	}
-
-	if issues_model.StopwatchExists(ctx, ctx.Doer.ID, issue.ID) != shouldExist {
-		if shouldExist {
-			ctx.APIError(http.StatusConflict, "cannot stop/cancel a non existent stopwatch")
-			err = errors.New("cannot stop/cancel a non existent stopwatch")
-		} else {
-			ctx.APIError(http.StatusConflict, "cannot start a stopwatch again if it already exists")
-			err = errors.New("cannot start a stopwatch again if it already exists")
-		}
-		return nil, err
+		return nil
 	}
-
-	return issue, nil
+	return issue
 }
 
 // GetStopwatches get all stopwatches
diff --git a/routers/api/v1/repo/issue_subscription.go b/routers/api/v1/repo/issue_subscription.go
index 21e549496d..c89f228a06 100644
--- a/routers/api/v1/repo/issue_subscription.go
+++ b/routers/api/v1/repo/issue_subscription.go
@@ -43,7 +43,7 @@ func AddIssueSubscription(ctx *context.APIContext) {
 	//   required: true
 	// - name: user
 	//   in: path
-	//   description: user to subscribe
+	//   description: username of the user to subscribe the issue to
 	//   type: string
 	//   required: true
 	// responses:
@@ -87,7 +87,7 @@ func DelIssueSubscription(ctx *context.APIContext) {
 	//   required: true
 	// - name: user
 	//   in: path
-	//   description: user witch unsubscribe
+	//   description: username of the user to unsubscribe from an issue
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/repo/issue_tracked_time.go b/routers/api/v1/repo/issue_tracked_time.go
index dbb2afa920..171da272cc 100644
--- a/routers/api/v1/repo/issue_tracked_time.go
+++ b/routers/api/v1/repo/issue_tracked_time.go
@@ -4,7 +4,7 @@
 package repo
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 	"time"
 
@@ -116,7 +116,7 @@ func ListTrackedTimes(ctx *context.APIContext) {
 		if opts.UserID == 0 {
 			opts.UserID = ctx.Doer.ID
 		} else {
-			ctx.APIError(http.StatusForbidden, fmt.Errorf("query by user not allowed; not enough rights"))
+			ctx.APIError(http.StatusForbidden, errors.New("query by user not allowed; not enough rights"))
 			return
 		}
 	}
@@ -366,7 +366,7 @@ func DeleteTime(ctx *context.APIContext) {
 		return
 	}
 	if time.Deleted {
-		ctx.APIErrorNotFound(fmt.Errorf("tracked time [%d] already deleted", time.ID))
+		ctx.APIErrorNotFound("tracked time was already deleted")
 		return
 	}
 
@@ -405,7 +405,7 @@ func ListTrackedTimesByUser(ctx *context.APIContext) {
 	//   required: true
 	// - name: user
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose tracked times are to be listed
 	//   type: string
 	//   required: true
 	// responses:
@@ -437,7 +437,7 @@ func ListTrackedTimesByUser(ctx *context.APIContext) {
 	}
 
 	if !ctx.IsUserRepoAdmin() && !ctx.Doer.IsAdmin && ctx.Doer.ID != user.ID {
-		ctx.APIError(http.StatusForbidden, fmt.Errorf("query by user not allowed; not enough rights"))
+		ctx.APIError(http.StatusForbidden, errors.New("query by user not allowed; not enough rights"))
 		return
 	}
 
@@ -545,7 +545,7 @@ func ListTrackedTimesByRepository(ctx *context.APIContext) {
 		if opts.UserID == 0 {
 			opts.UserID = ctx.Doer.ID
 		} else {
-			ctx.APIError(http.StatusForbidden, fmt.Errorf("query by user not allowed; not enough rights"))
+			ctx.APIError(http.StatusForbidden, errors.New("query by user not allowed; not enough rights"))
 			return
 		}
 	}
diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go
index d7508684a1..c1e0b47d33 100644
--- a/routers/api/v1/repo/migrate.go
+++ b/routers/api/v1/repo/migrate.go
@@ -115,12 +115,12 @@ func Migrate(ctx *context.APIContext) {
 	gitServiceType := convert.ToGitServiceType(form.Service)
 
 	if form.Mirror && setting.Mirror.DisableNewPull {
-		ctx.APIError(http.StatusForbidden, fmt.Errorf("the site administrator has disabled the creation of new pull mirrors"))
+		ctx.APIError(http.StatusForbidden, errors.New("the site administrator has disabled the creation of new pull mirrors"))
 		return
 	}
 
 	if setting.Repository.DisableMigrations {
-		ctx.APIError(http.StatusForbidden, fmt.Errorf("the site administrator has disabled migrations"))
+		ctx.APIError(http.StatusForbidden, errors.New("the site administrator has disabled migrations"))
 		return
 	}
 
@@ -181,7 +181,7 @@ func Migrate(ctx *context.APIContext) {
 		IsPrivate:      opts.Private || setting.Repository.ForcePrivate,
 		IsMirror:       opts.Mirror,
 		Status:         repo_model.RepositoryBeingMigrated,
-	})
+	}, false)
 	if err != nil {
 		handleMigrateError(ctx, repoOwner, err)
 		return
@@ -203,7 +203,7 @@ func Migrate(ctx *context.APIContext) {
 		}
 
 		if repo != nil {
-			if errDelete := repo_service.DeleteRepositoryDirectly(ctx, ctx.Doer, repo.ID); errDelete != nil {
+			if errDelete := repo_service.DeleteRepositoryDirectly(ctx, repo.ID); errDelete != nil {
 				log.Error("DeleteRepository: %v", errDelete)
 			}
 		}
diff --git a/routers/api/v1/repo/mirror.go b/routers/api/v1/repo/mirror.go
index b5f4c12c50..f11a1603c4 100644
--- a/routers/api/v1/repo/mirror.go
+++ b/routers/api/v1/repo/mirror.go
@@ -5,7 +5,6 @@ package repo
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 	"time"
 
@@ -367,7 +366,7 @@ func CreatePushMirror(ctx *context.APIContext, mirrorOption *api.CreatePushMirro
 	pushMirror := &repo_model.PushMirror{
 		RepoID:        repo.ID,
 		Repo:          repo,
-		RemoteName:    fmt.Sprintf("remote_mirror_%s", remoteSuffix),
+		RemoteName:    "remote_mirror_" + remoteSuffix,
 		Interval:      interval,
 		SyncOnCommit:  mirrorOption.SyncOnCommit,
 		RemoteAddress: remoteAddress,
diff --git a/routers/api/v1/repo/notes.go b/routers/api/v1/repo/notes.go
index dcb512256c..87efb1caf2 100644
--- a/routers/api/v1/repo/notes.go
+++ b/routers/api/v1/repo/notes.go
@@ -4,7 +4,7 @@
 package repo
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 
 	"code.gitea.io/gitea/modules/git"
@@ -54,7 +54,7 @@ func GetNote(ctx *context.APIContext) {
 
 	sha := ctx.PathParam("sha")
 	if !git.IsValidRefPattern(sha) {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("no valid ref or sha: %s", sha))
+		ctx.APIError(http.StatusUnprocessableEntity, "no valid ref or sha: "+sha)
 		return
 	}
 	getNote(ctx, sha)
@@ -62,7 +62,7 @@ func GetNote(ctx *context.APIContext) {
 
 func getNote(ctx *context.APIContext, identifier string) {
 	if ctx.Repo.GitRepo == nil {
-		ctx.APIErrorInternal(fmt.Errorf("no open git repo"))
+		ctx.APIErrorInternal(errors.New("no open git repo"))
 		return
 	}
 
@@ -79,7 +79,7 @@ func getNote(ctx *context.APIContext, identifier string) {
 	var note git.Note
 	if err := git.GetNote(ctx, ctx.Repo.GitRepo, commitID.String(), &note); err != nil {
 		if git.IsErrNotExist(err) {
-			ctx.APIErrorNotFound(identifier)
+			ctx.APIErrorNotFound("commit doesn't exist: " + identifier)
 			return
 		}
 		ctx.APIErrorInternal(err)
diff --git a/routers/api/v1/repo/patch.go b/routers/api/v1/repo/patch.go
index bcf498bf7e..e9f5cf5d90 100644
--- a/routers/api/v1/repo/patch.go
+++ b/routers/api/v1/repo/patch.go
@@ -5,15 +5,10 @@ package repo
 
 import (
 	"net/http"
-	"time"
 
-	git_model "code.gitea.io/gitea/models/git"
-	repo_model "code.gitea.io/gitea/models/repo"
-	"code.gitea.io/gitea/modules/git"
 	api "code.gitea.io/gitea/modules/structs"
-	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
-	pull_service "code.gitea.io/gitea/services/pull"
 	"code.gitea.io/gitea/services/repository/files"
 )
 
@@ -49,63 +44,22 @@ func ApplyDiffPatch(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 	//   "423":
 	//     "$ref": "#/responses/repoArchivedError"
-	apiOpts := web.GetForm(ctx).(*api.ApplyDiffPatchFileOptions)
-
+	apiOpts, changeRepoFileOpts := getAPIChangeRepoFileOptions[*api.ApplyDiffPatchFileOptions](ctx)
 	opts := &files.ApplyDiffPatchOptions{
-		Content:   apiOpts.Content,
-		SHA:       apiOpts.SHA,
-		Message:   apiOpts.Message,
-		OldBranch: apiOpts.BranchName,
-		NewBranch: apiOpts.NewBranchName,
-		Committer: &files.IdentityOptions{
-			GitUserName:  apiOpts.Committer.Name,
-			GitUserEmail: apiOpts.Committer.Email,
-		},
-		Author: &files.IdentityOptions{
-			GitUserName:  apiOpts.Author.Name,
-			GitUserEmail: apiOpts.Author.Email,
-		},
-		Dates: &files.CommitDateOptions{
-			Author:    apiOpts.Dates.Author,
-			Committer: apiOpts.Dates.Committer,
-		},
-		Signoff: apiOpts.Signoff,
-	}
-	if opts.Dates.Author.IsZero() {
-		opts.Dates.Author = time.Now()
-	}
-	if opts.Dates.Committer.IsZero() {
-		opts.Dates.Committer = time.Now()
-	}
-
-	if opts.Message == "" {
-		opts.Message = "apply-patch"
-	}
+		Content: apiOpts.Content,
+		Message: util.IfZero(apiOpts.Message, "apply-patch"),
 
-	if !canWriteFiles(ctx, apiOpts.BranchName) {
-		ctx.APIErrorInternal(repo_model.ErrUserDoesNotHaveAccessToRepo{
-			UserID:   ctx.Doer.ID,
-			RepoName: ctx.Repo.Repository.LowerName,
-		})
-		return
+		OldBranch: changeRepoFileOpts.OldBranch,
+		NewBranch: changeRepoFileOpts.NewBranch,
+		Committer: changeRepoFileOpts.Committer,
+		Author:    changeRepoFileOpts.Author,
+		Dates:     changeRepoFileOpts.Dates,
+		Signoff:   changeRepoFileOpts.Signoff,
 	}
 
 	fileResponse, err := files.ApplyDiffPatch(ctx, ctx.Repo.Repository, ctx.Doer, opts)
 	if err != nil {
-		if files.IsErrUserCannotCommit(err) || pull_service.IsErrFilePathProtected(err) {
-			ctx.APIError(http.StatusForbidden, err)
-			return
-		}
-		if git_model.IsErrBranchAlreadyExists(err) || files.IsErrFilenameInvalid(err) || pull_service.IsErrSHADoesNotMatch(err) ||
-			files.IsErrFilePathInvalid(err) || files.IsErrRepoFileAlreadyExists(err) {
-			ctx.APIError(http.StatusUnprocessableEntity, err)
-			return
-		}
-		if git_model.IsErrBranchNotExist(err) || git.IsErrBranchNotExist(err) {
-			ctx.APIError(http.StatusNotFound, err)
-			return
-		}
-		ctx.APIErrorInternal(err)
+		handleChangeRepoFilesError(ctx, err)
 	} else {
 		ctx.JSON(http.StatusCreated, fileResponse)
 	}
diff --git a/routers/api/v1/repo/pull.go b/routers/api/v1/repo/pull.go
index f5d0e37c65..09729200d5 100644
--- a/routers/api/v1/repo/pull.go
+++ b/routers/api/v1/repo/pull.go
@@ -23,6 +23,7 @@ import (
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
@@ -51,7 +52,7 @@ func ListPullRequests(ctx *context.APIContext) {
 	// parameters:
 	// - name: owner
 	//   in: path
-	//   description: Owner of the repo
+	//   description: owner of the repo
 	//   type: string
 	//   required: true
 	// - name: repo
@@ -73,7 +74,7 @@ func ListPullRequests(ctx *context.APIContext) {
 	//   in: query
 	//   description: Type of sort
 	//   type: string
-	//   enum: [oldest, recentupdate, leastupdate, mostcomment, leastcomment, priority]
+	//   enum: [oldest, recentupdate, recentclose, leastupdate, mostcomment, leastcomment, priority]
 	// - name: milestone
 	//   in: query
 	//   description: ID of the milestone
@@ -202,6 +203,10 @@ func GetPullRequest(ctx *context.APIContext) {
 		ctx.APIErrorInternal(err)
 		return
 	}
+
+	// Consider API access a view for delayed checking.
+	pull_service.StartPullRequestCheckOnView(ctx, pr)
+
 	ctx.JSON(http.StatusOK, convert.ToAPIPullRequest(ctx, pr, ctx.Doer))
 }
 
@@ -287,6 +292,10 @@ func GetPullRequestByBaseHead(ctx *context.APIContext) {
 		ctx.APIErrorInternal(err)
 		return
 	}
+
+	// Consider API access a view for delayed checking.
+	pull_service.StartPullRequestCheckOnView(ctx, pr)
+
 	ctx.JSON(http.StatusOK, convert.ToAPIPullRequest(ctx, pr, ctx.Doer))
 }
 
@@ -698,6 +707,11 @@ func EditPullRequest(ctx *context.APIContext) {
 		issue.MilestoneID != form.Milestone {
 		oldMilestoneID := issue.MilestoneID
 		issue.MilestoneID = form.Milestone
+		issue.Milestone, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, form.Milestone)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
 		if err = issue_service.ChangeMilestoneAssign(ctx, issue, ctx.Doer, oldMilestoneID); err != nil {
 			ctx.APIErrorInternal(err)
 			return
@@ -921,7 +935,7 @@ func MergePullRequest(ctx *context.APIContext) {
 	if err := pull_service.CheckPullMergeable(ctx, ctx.Doer, &ctx.Repo.Permission, pr, mergeCheckType, form.ForceMerge); err != nil {
 		if errors.Is(err, pull_service.ErrIsClosed) {
 			ctx.APIErrorNotFound()
-		} else if errors.Is(err, pull_service.ErrUserNotAllowedToMerge) {
+		} else if errors.Is(err, pull_service.ErrNoPermissionToMerge) {
 			ctx.APIError(http.StatusMethodNotAllowed, "User not allowed to merge PR")
 		} else if errors.Is(err, pull_service.ErrHasMerged) {
 			ctx.APIError(http.StatusMethodNotAllowed, "")
@@ -929,7 +943,7 @@ func MergePullRequest(ctx *context.APIContext) {
 			ctx.APIError(http.StatusMethodNotAllowed, "Work in progress PRs cannot be merged")
 		} else if errors.Is(err, pull_service.ErrNotMergeableState) {
 			ctx.APIError(http.StatusMethodNotAllowed, "Please try again later")
-		} else if pull_service.IsErrDisallowedToMerge(err) {
+		} else if errors.Is(err, pull_service.ErrNotReadyToMerge) {
 			ctx.APIError(http.StatusMethodNotAllowed, err)
 		} else if asymkey_service.IsErrWontSign(err) {
 			ctx.APIError(http.StatusMethodNotAllowed, err)
@@ -1054,9 +1068,9 @@ func MergePullRequest(ctx *context.APIContext) {
 				case git.IsErrBranchNotExist(err):
 					ctx.APIErrorNotFound(err)
 				case errors.Is(err, repo_service.ErrBranchIsDefault):
-					ctx.APIError(http.StatusForbidden, fmt.Errorf("can not delete default branch"))
+					ctx.APIError(http.StatusForbidden, errors.New("can not delete default branch"))
 				case errors.Is(err, git_model.ErrBranchIsProtected):
-					ctx.APIError(http.StatusForbidden, fmt.Errorf("branch protected"))
+					ctx.APIError(http.StatusForbidden, errors.New("branch protected"))
 				default:
 					ctx.APIErrorInternal(err)
 				}
@@ -1288,7 +1302,7 @@ func UpdatePullRequest(ctx *context.APIContext) {
 	// default merge commit message
 	message := fmt.Sprintf("Merge branch '%s' into %s", pr.BaseBranch, pr.HeadBranch)
 
-	if err = pull_service.Update(ctx, pr, ctx.Doer, message, rebase); err != nil {
+	if err = pull_service.Update(graceful.GetManager().ShutdownContext(), pr, ctx.Doer, message, rebase); err != nil {
 		if pull_service.IsErrMergeConflicts(err) {
 			ctx.APIError(http.StatusConflict, "merge failed because of conflict")
 			return
@@ -1447,9 +1461,9 @@ func GetPullRequestCommits(ctx *context.APIContext) {
 	defer closer.Close()
 
 	if pr.HasMerged {
-		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.MergeBase, pr.GetGitRefName(), false, false)
+		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.MergeBase, pr.GetGitHeadRefName(), false, false)
 	} else {
-		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitRefName(), false, false)
+		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitHeadRefName(), false, false)
 	}
 	if err != nil {
 		ctx.APIErrorInternal(err)
@@ -1570,16 +1584,16 @@ func GetPullRequestFiles(ctx *context.APIContext) {
 
 	var prInfo *git.CompareInfo
 	if pr.HasMerged {
-		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.MergeBase, pr.GetGitRefName(), true, false)
+		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.MergeBase, pr.GetGitHeadRefName(), true, false)
 	} else {
-		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitRefName(), true, false)
+		prInfo, err = baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitHeadRefName(), true, false)
 	}
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
 	}
 
-	headCommitID, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+	headCommitID, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -1624,7 +1638,9 @@ func GetPullRequestFiles(ctx *context.APIContext) {
 
 	apiFiles := make([]*api.ChangedFile, 0, limit)
 	for i := start; i < start+limit; i++ {
-		apiFiles = append(apiFiles, convert.ToChangedFile(diff.Files[i], pr.HeadRepo, endCommitID))
+		// refs/pull/1/head stores the HEAD commit ID, allowing all related commits to be found in the base repository.
+		// The head repository might have been deleted, so we should not rely on it here.
+		apiFiles = append(apiFiles, convert.ToChangedFile(diff.Files[i], pr.BaseRepo, endCommitID))
 	}
 
 	ctx.SetLinkHeader(totalNumberOfFiles, listOptions.PageSize)
diff --git a/routers/api/v1/repo/pull_review.go b/routers/api/v1/repo/pull_review.go
index fb35126a99..3c00193fac 100644
--- a/routers/api/v1/repo/pull_review.go
+++ b/routers/api/v1/repo/pull_review.go
@@ -336,7 +336,7 @@ func CreatePullReview(ctx *context.APIContext) {
 		}
 		defer closer.Close()
 
-		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitRefName())
+		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
 			ctx.APIErrorInternal(err)
 			return
@@ -439,7 +439,7 @@ func SubmitPullReview(ctx *context.APIContext) {
 	}
 
 	if review.Type != issues_model.ReviewTypePending {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("only a pending review can be submitted"))
+		ctx.APIError(http.StatusUnprocessableEntity, errors.New("only a pending review can be submitted"))
 		return
 	}
 
@@ -451,11 +451,11 @@ func SubmitPullReview(ctx *context.APIContext) {
 
 	// if review stay pending return
 	if reviewType == issues_model.ReviewTypePending {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("review stay pending"))
+		ctx.APIError(http.StatusUnprocessableEntity, errors.New("review stay pending"))
 		return
 	}
 
-	headCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(pr.GetGitRefName())
+	headCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return
@@ -496,7 +496,7 @@ func preparePullReviewType(ctx *context.APIContext, pr *issues_model.PullRequest
 	case api.ReviewStateApproved:
 		// can not approve your own PR
 		if pr.Issue.IsPoster(ctx.Doer.ID) {
-			ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("approve your own pull is not allowed"))
+			ctx.APIError(http.StatusUnprocessableEntity, errors.New("approve your own pull is not allowed"))
 			return -1, true
 		}
 		reviewType = issues_model.ReviewTypeApprove
@@ -505,7 +505,7 @@ func preparePullReviewType(ctx *context.APIContext, pr *issues_model.PullRequest
 	case api.ReviewStateRequestChanges:
 		// can not reject your own PR
 		if pr.Issue.IsPoster(ctx.Doer.ID) {
-			ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("reject your own pull is not allowed"))
+			ctx.APIError(http.StatusUnprocessableEntity, errors.New("reject your own pull is not allowed"))
 			return -1, true
 		}
 		reviewType = issues_model.ReviewTypeReject
diff --git a/routers/api/v1/repo/release.go b/routers/api/v1/repo/release.go
index 36fff126e1..272b395dfb 100644
--- a/routers/api/v1/repo/release.go
+++ b/routers/api/v1/repo/release.go
@@ -4,6 +4,7 @@
 package repo
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 
@@ -220,7 +221,7 @@ func CreateRelease(ctx *context.APIContext) {
 
 	form := web.GetForm(ctx).(*api.CreateReleaseOption)
 	if ctx.Repo.Repository.IsEmpty {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Errorf("repo is empty"))
+		ctx.APIError(http.StatusUnprocessableEntity, errors.New("repo is empty"))
 		return
 	}
 	rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, form.TagName)
@@ -246,7 +247,9 @@ func CreateRelease(ctx *context.APIContext) {
 			IsTag:        false,
 			Repo:         ctx.Repo.Repository,
 		}
-		if err := release_service.CreateRelease(ctx.Repo.GitRepo, rel, nil, ""); err != nil {
+		// GitHub doesn't have "tag_message", GitLab has: https://docs.gitlab.com/api/releases/#create-a-release
+		// It doesn't need to be the same as the "release note"
+		if err := release_service.CreateRelease(ctx.Repo.GitRepo, rel, nil, form.TagMessage); err != nil {
 			if repo_model.IsErrReleaseAlreadyExist(err) {
 				ctx.APIError(http.StatusConflict, err)
 			} else if release_service.IsErrProtectedTagName(err) {
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 3d638cb05e..7b3858ccb1 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -5,6 +5,7 @@
 package repo
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"slices"
@@ -133,7 +134,7 @@ func Search(ctx *context.APIContext) {
 		private = false
 	}
 
-	opts := &repo_model.SearchRepoOptions{
+	opts := repo_model.SearchRepoOptions{
 		ListOptions:        utils.GetListOptions(ctx),
 		Actor:              ctx.Doer,
 		Keyword:            ctx.FormTrim("q"),
@@ -328,7 +329,7 @@ func Generate(ctx *context.APIContext) {
 	// parameters:
 	// - name: template_owner
 	//   in: path
-	//   description: name of the template repository owner
+	//   description: owner of the template repository
 	//   type: string
 	//   required: true
 	// - name: template_repo
@@ -668,7 +669,7 @@ func updateBasicProperties(ctx *context.APIContext, opts api.EditRepoOption) err
 		newRepoName = *opts.Name
 	}
 	// Check if repository name has been changed and not just a case change
-	if repo.LowerName != strings.ToLower(newRepoName) {
+	if !strings.EqualFold(repo.LowerName, newRepoName) {
 		if err := repo_service.ChangeRepositoryName(ctx, ctx.Doer, repo, newRepoName); err != nil {
 			switch {
 			case repo_model.IsErrRepoAlreadyExist(err):
@@ -711,7 +712,7 @@ func updateBasicProperties(ctx *context.APIContext, opts api.EditRepoOption) err
 		visibilityChanged = repo.IsPrivate != *opts.Private
 		// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
 		if visibilityChanged && setting.Repository.ForcePrivate && !*opts.Private && !ctx.Doer.IsAdmin {
-			err := fmt.Errorf("cannot change private repository to public")
+			err := errors.New("cannot change private repository to public")
 			ctx.APIError(http.StatusUnprocessableEntity, err)
 			return err
 		}
@@ -771,21 +772,16 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 	var units []repo_model.RepoUnit
 	var deleteUnitTypes []unit_model.Type
 
-	currHasIssues := repo.UnitEnabled(ctx, unit_model.TypeIssues)
-	newHasIssues := currHasIssues
 	if opts.HasIssues != nil {
-		newHasIssues = *opts.HasIssues
-	}
-	if currHasIssues || newHasIssues {
-		if newHasIssues && opts.ExternalTracker != nil && !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
+		if *opts.HasIssues && opts.ExternalTracker != nil && !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
 			// Check that values are valid
 			if !validation.IsValidExternalURL(opts.ExternalTracker.ExternalTrackerURL) {
-				err := fmt.Errorf("External tracker URL not valid")
+				err := errors.New("External tracker URL not valid")
 				ctx.APIError(http.StatusUnprocessableEntity, err)
 				return err
 			}
 			if len(opts.ExternalTracker.ExternalTrackerFormat) != 0 && !validation.IsValidExternalTrackerURLFormat(opts.ExternalTracker.ExternalTrackerFormat) {
-				err := fmt.Errorf("External tracker URL format not valid")
+				err := errors.New("External tracker URL format not valid")
 				ctx.APIError(http.StatusUnprocessableEntity, err)
 				return err
 			}
@@ -801,7 +797,7 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				},
 			})
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
-		} else if newHasIssues && opts.ExternalTracker == nil && !unit_model.TypeIssues.UnitGlobalDisabled() {
+		} else if *opts.HasIssues && opts.ExternalTracker == nil && !unit_model.TypeIssues.UnitGlobalDisabled() {
 			// Default to built-in tracker
 			var config *repo_model.IssuesConfig
 
@@ -828,7 +824,7 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				Config: config,
 			})
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
-		} else if !newHasIssues {
+		} else if !*opts.HasIssues {
 			if !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
 				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
 			}
@@ -838,16 +834,11 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 		}
 	}
 
-	currHasWiki := repo.UnitEnabled(ctx, unit_model.TypeWiki)
-	newHasWiki := currHasWiki
 	if opts.HasWiki != nil {
-		newHasWiki = *opts.HasWiki
-	}
-	if currHasWiki || newHasWiki {
-		if newHasWiki && opts.ExternalWiki != nil && !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
+		if *opts.HasWiki && opts.ExternalWiki != nil && !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
 			// Check that values are valid
 			if !validation.IsValidExternalURL(opts.ExternalWiki.ExternalWikiURL) {
-				err := fmt.Errorf("External wiki URL not valid")
+				err := errors.New("External wiki URL not valid")
 				ctx.APIError(http.StatusUnprocessableEntity, "Invalid external wiki URL")
 				return err
 			}
@@ -860,7 +851,7 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				},
 			})
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
-		} else if newHasWiki && opts.ExternalWiki == nil && !unit_model.TypeWiki.UnitGlobalDisabled() {
+		} else if *opts.HasWiki && opts.ExternalWiki == nil && !unit_model.TypeWiki.UnitGlobalDisabled() {
 			config := &repo_model.UnitConfig{}
 			units = append(units, repo_model.RepoUnit{
 				RepoID: repo.ID,
@@ -868,7 +859,7 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				Config: config,
 			})
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
-		} else if !newHasWiki {
+		} else if !*opts.HasWiki {
 			if !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
 				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
 			}
@@ -878,13 +869,8 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 		}
 	}
 
-	currHasPullRequests := repo.UnitEnabled(ctx, unit_model.TypePullRequests)
-	newHasPullRequests := currHasPullRequests
-	if opts.HasPullRequests != nil {
-		newHasPullRequests = *opts.HasPullRequests
-	}
-	if currHasPullRequests || newHasPullRequests {
-		if newHasPullRequests && !unit_model.TypePullRequests.UnitGlobalDisabled() {
+	if opts.HasPullRequests != nil && !unit_model.TypePullRequests.UnitGlobalDisabled() {
+		if *opts.HasPullRequests {
 			// We do allow setting individual PR settings through the API, so
 			// we get the config settings and then set them
 			// if those settings were provided in the opts.
@@ -952,18 +938,13 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				Type:   unit_model.TypePullRequests,
 				Config: config,
 			})
-		} else if !newHasPullRequests && !unit_model.TypePullRequests.UnitGlobalDisabled() {
+		} else {
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePullRequests)
 		}
 	}
 
-	currHasProjects := repo.UnitEnabled(ctx, unit_model.TypeProjects)
-	newHasProjects := currHasProjects
-	if opts.HasProjects != nil {
-		newHasProjects = *opts.HasProjects
-	}
-	if currHasProjects || newHasProjects {
-		if newHasProjects && !unit_model.TypeProjects.UnitGlobalDisabled() {
+	if opts.HasProjects != nil && !unit_model.TypeProjects.UnitGlobalDisabled() {
+		if *opts.HasProjects {
 			unit, err := repo.GetUnit(ctx, unit_model.TypeProjects)
 			var config *repo_model.ProjectsConfig
 			if err != nil {
@@ -983,7 +964,7 @@ func updateRepoUnits(ctx *context.APIContext, opts api.EditRepoOption) error {
 				Type:   unit_model.TypeProjects,
 				Config: config,
 			})
-		} else if !newHasProjects && !unit_model.TypeProjects.UnitGlobalDisabled() {
+		} else {
 			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeProjects)
 		}
 	}
@@ -1038,7 +1019,7 @@ func updateRepoArchivedState(ctx *context.APIContext, opts api.EditRepoOption) e
 	// archive / un-archive
 	if opts.Archived != nil {
 		if repo.IsMirror {
-			err := fmt.Errorf("repo is a mirror, cannot archive/un-archive")
+			err := errors.New("repo is a mirror, cannot archive/un-archive")
 			ctx.APIError(http.StatusUnprocessableEntity, err)
 			return err
 		}
diff --git a/routers/api/v1/repo/repo_test.go b/routers/api/v1/repo/repo_test.go
index 0a63b16a99..97233f85dc 100644
--- a/routers/api/v1/repo/repo_test.go
+++ b/routers/api/v1/repo/repo_test.go
@@ -58,7 +58,7 @@ func TestRepoEdit(t *testing.T) {
 	web.SetForm(ctx, &opts)
 	Edit(ctx)
 
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{
 		ID: 1,
 	}, unittest.Cond("name = ? AND is_archived = 1", *opts.Name))
@@ -78,7 +78,7 @@ func TestRepoEditNameChange(t *testing.T) {
 
 	web.SetForm(ctx, &opts)
 	Edit(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 
 	unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{
 		ID: 1,
diff --git a/routers/api/v1/repo/status.go b/routers/api/v1/repo/status.go
index e1dbb25865..40007ea1e5 100644
--- a/routers/api/v1/repo/status.go
+++ b/routers/api/v1/repo/status.go
@@ -177,20 +177,14 @@ func GetCommitStatusesByRef(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	filter := utils.ResolveRefOrSha(ctx, ctx.PathParam("ref"))
+	refCommit := resolveRefCommit(ctx, ctx.PathParam("ref"), 7)
 	if ctx.Written() {
 		return
 	}
-
-	getCommitStatuses(ctx, filter) // By default filter is maybe the raw SHA
+	getCommitStatuses(ctx, refCommit.CommitID)
 }
 
-func getCommitStatuses(ctx *context.APIContext, sha string) {
-	if len(sha) == 0 {
-		ctx.APIError(http.StatusBadRequest, nil)
-		return
-	}
-	sha = utils.MustConvertToSHA1(ctx.Base, ctx.Repo, sha)
+func getCommitStatuses(ctx *context.APIContext, commitID string) {
 	repo := ctx.Repo.Repository
 
 	listOptions := utils.GetListOptions(ctx)
@@ -198,12 +192,12 @@ func getCommitStatuses(ctx *context.APIContext, sha string) {
 	statuses, maxResults, err := db.FindAndCount[git_model.CommitStatus](ctx, &git_model.CommitStatusOptions{
 		ListOptions: listOptions,
 		RepoID:      repo.ID,
-		SHA:         sha,
+		SHA:         commitID,
 		SortType:    ctx.FormTrim("sort"),
 		State:       ctx.FormTrim("state"),
 	})
 	if err != nil {
-		ctx.APIErrorInternal(fmt.Errorf("GetCommitStatuses[%s, %s, %d]: %w", repo.FullName(), sha, ctx.FormInt("page"), err))
+		ctx.APIErrorInternal(fmt.Errorf("GetCommitStatuses[%s, %s, %d]: %w", repo.FullName(), commitID, ctx.FormInt("page"), err))
 		return
 	}
 
@@ -257,18 +251,25 @@ func GetCombinedCommitStatusByRef(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	sha := utils.ResolveRefOrSha(ctx, ctx.PathParam("ref"))
+	refCommit := resolveRefCommit(ctx, ctx.PathParam("ref"), 7)
 	if ctx.Written() {
 		return
 	}
 
 	repo := ctx.Repo.Repository
 
-	statuses, count, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, utils.GetListOptions(ctx))
+	statuses, err := git_model.GetLatestCommitStatus(ctx, repo.ID, refCommit.Commit.ID.String(), utils.GetListOptions(ctx))
+	if err != nil {
+		ctx.APIErrorInternal(fmt.Errorf("GetLatestCommitStatus[%s, %s]: %w", repo.FullName(), refCommit.CommitID, err))
+		return
+	}
+
+	count, err := git_model.CountLatestCommitStatus(ctx, repo.ID, refCommit.Commit.ID.String())
 	if err != nil {
-		ctx.APIErrorInternal(fmt.Errorf("GetLatestCommitStatus[%s, %s]: %w", repo.FullName(), sha, err))
+		ctx.APIErrorInternal(fmt.Errorf("CountLatestCommitStatus[%s, %s]: %w", repo.FullName(), refCommit.CommitID, err))
 		return
 	}
+	ctx.SetTotalCountHeader(count)
 
 	if len(statuses) == 0 {
 		ctx.JSON(http.StatusOK, &api.CombinedStatus{})
@@ -276,7 +277,5 @@ func GetCombinedCommitStatusByRef(ctx *context.APIContext) {
 	}
 
 	combiStatus := convert.ToCombinedStatus(ctx, statuses, convert.ToRepo(ctx, repo, ctx.Repo.Permission))
-
-	ctx.SetTotalCountHeader(count)
 	ctx.JSON(http.StatusOK, combiStatus)
 }
diff --git a/routers/api/v1/repo/tag.go b/routers/api/v1/repo/tag.go
index 2e6c1c1023..9e77637282 100644
--- a/routers/api/v1/repo/tag.go
+++ b/routers/api/v1/repo/tag.go
@@ -110,7 +110,7 @@ func GetAnnotatedTag(ctx *context.APIContext) {
 	if tag, err := ctx.Repo.GitRepo.GetAnnotatedTag(sha); err != nil {
 		ctx.APIError(http.StatusBadRequest, err)
 	} else {
-		commit, err := tag.Commit(ctx.Repo.GitRepo)
+		commit, err := ctx.Repo.GitRepo.GetTagCommit(tag.Name)
 		if err != nil {
 			ctx.APIError(http.StatusBadRequest, err)
 		}
@@ -150,7 +150,7 @@ func GetTag(ctx *context.APIContext) {
 
 	tag, err := ctx.Repo.GitRepo.GetTag(tagName)
 	if err != nil {
-		ctx.APIErrorNotFound(tagName)
+		ctx.APIErrorNotFound("tag doesn't exist: " + tagName)
 		return
 	}
 	ctx.JSON(http.StatusOK, convert.ToTag(ctx.Repo.Repository, tag))
diff --git a/routers/api/v1/repo/transfer.go b/routers/api/v1/repo/transfer.go
index 7b890c9e5c..cbf3d10c39 100644
--- a/routers/api/v1/repo/transfer.go
+++ b/routers/api/v1/repo/transfer.go
@@ -108,19 +108,16 @@ func Transfer(ctx *context.APIContext) {
 	oldFullname := ctx.Repo.Repository.FullName()
 
 	if err := repo_service.StartRepositoryTransfer(ctx, ctx.Doer, newOwner, ctx.Repo.Repository, teams); err != nil {
-		if repo_model.IsErrRepoTransferInProgress(err) {
+		switch {
+		case repo_model.IsErrRepoTransferInProgress(err):
 			ctx.APIError(http.StatusConflict, err)
-			return
-		}
-
-		if repo_model.IsErrRepoAlreadyExist(err) {
+		case repo_model.IsErrRepoAlreadyExist(err):
 			ctx.APIError(http.StatusUnprocessableEntity, err)
-			return
-		}
-
-		if errors.Is(err, user_model.ErrBlockedUser) {
+		case repo_service.IsRepositoryLimitReached(err):
+			ctx.APIError(http.StatusForbidden, err)
+		case errors.Is(err, user_model.ErrBlockedUser):
 			ctx.APIError(http.StatusForbidden, err)
-		} else {
+		default:
 			ctx.APIErrorInternal(err)
 		}
 		return
@@ -169,6 +166,8 @@ func AcceptTransfer(ctx *context.APIContext) {
 			ctx.APIError(http.StatusNotFound, err)
 		case errors.Is(err, util.ErrPermissionDenied):
 			ctx.APIError(http.StatusForbidden, err)
+		case repo_service.IsRepositoryLimitReached(err):
+			ctx.APIError(http.StatusForbidden, err)
 		default:
 			ctx.APIErrorInternal(err)
 		}
diff --git a/routers/api/v1/repo/wiki.go b/routers/api/v1/repo/wiki.go
index 67dd6c913d..8e24ffa465 100644
--- a/routers/api/v1/repo/wiki.go
+++ b/routers/api/v1/repo/wiki.go
@@ -193,7 +193,7 @@ func getWikiPage(ctx *context.APIContext, wikiName wiki_service.WebPath) *api.Wi
 	}
 
 	// get commit count - wiki revisions
-	commitsCount, _ := wikiRepo.FileCommitsCount("master", pageFilename)
+	commitsCount, _ := wikiRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
 
 	// Get last change information.
 	lastCommit, err := wikiRepo.GetCommitByPath(pageFilename)
@@ -298,10 +298,7 @@ func ListWikiPages(ctx *context.APIContext) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	limit := ctx.FormInt("limit")
 	if limit <= 1 {
 		limit = setting.API.DefaultPagingNum
@@ -432,17 +429,14 @@ func ListPageRevisions(ctx *context.APIContext) {
 	}
 
 	// get commit count - wiki revisions
-	commitsCount, _ := wikiRepo.FileCommitsCount("master", pageFilename)
+	commitsCount, _ := wikiRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	// get Commit Count
 	commitsHistory, err := wikiRepo.CommitsByFileAndRange(
 		git.CommitsByFileAndRangeOptions{
-			Revision: "master",
+			Revision: ctx.Repo.Repository.DefaultWikiBranch,
 			File:     pageFilename,
 			Page:     page,
 		})
@@ -486,7 +480,7 @@ func findWikiRepoCommit(ctx *context.APIContext) (*git.Repository, *git.Commit)
 		return nil, nil
 	}
 
-	commit, err := wikiRepo.GetBranchCommit("master")
+	commit, err := wikiRepo.GetBranchCommit(ctx.Repo.Repository.DefaultWikiBranch)
 	if err != nil {
 		if git.IsErrNotExist(err) {
 			ctx.APIErrorNotFound(err)
@@ -505,7 +499,7 @@ func wikiContentsByEntry(ctx *context.APIContext, entry *git.TreeEntry) string {
 	if blob.Size() > setting.API.DefaultMaxBlobSize {
 		return ""
 	}
-	content, err := blob.GetBlobContentBase64()
+	content, err := blob.GetBlobContentBase64(nil)
 	if err != nil {
 		ctx.APIErrorInternal(err)
 		return ""
diff --git a/routers/api/v1/settings/settings.go b/routers/api/v1/settings/settings.go
index 0ee81b96d5..94fbadeab0 100644
--- a/routers/api/v1/settings/settings.go
+++ b/routers/api/v1/settings/settings.go
@@ -43,6 +43,7 @@ func GetGeneralAPISettings(ctx *context.APIContext) {
 		DefaultPagingNum:       setting.API.DefaultPagingNum,
 		DefaultGitTreesPerPage: setting.API.DefaultGitTreesPerPage,
 		DefaultMaxBlobSize:     setting.API.DefaultMaxBlobSize,
+		DefaultMaxResponseSize: setting.API.DefaultMaxResponseSize,
 	})
 }
 
diff --git a/routers/api/v1/shared/action.go b/routers/api/v1/shared/action.go
new file mode 100644
index 0000000000..c97e9419fd
--- /dev/null
+++ b/routers/api/v1/shared/action.go
@@ -0,0 +1,187 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package shared
+
+import (
+	"fmt"
+	"net/http"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/webhook"
+	"code.gitea.io/gitea/routers/api/v1/utils"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/convert"
+)
+
+// ListJobs lists jobs for api route validated ownerID and repoID
+// ownerID == 0 and repoID == 0 means all jobs
+// ownerID == 0 and repoID != 0 means all jobs for the given repo
+// ownerID != 0 and repoID == 0 means all jobs for the given user/org
+// ownerID != 0 and repoID != 0 undefined behavior
+// runID == 0 means all jobs
+// runID is used as an additional filter together with ownerID and repoID to only return jobs for the given run
+// Access rights are checked at the API route level
+func ListJobs(ctx *context.APIContext, ownerID, repoID, runID int64) {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
+	opts := actions_model.FindRunJobOptions{
+		OwnerID:     ownerID,
+		RepoID:      repoID,
+		RunID:       runID,
+		ListOptions: utils.GetListOptions(ctx),
+	}
+	for _, status := range ctx.FormStrings("status") {
+		values, err := convertToInternal(status)
+		if err != nil {
+			ctx.APIError(http.StatusBadRequest, fmt.Errorf("Invalid status %s", status))
+			return
+		}
+		opts.Statuses = append(opts.Statuses, values...)
+	}
+
+	jobs, total, err := db.FindAndCount[actions_model.ActionRunJob](ctx, opts)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	res := new(api.ActionWorkflowJobsResponse)
+	res.TotalCount = total
+
+	res.Entries = make([]*api.ActionWorkflowJob, len(jobs))
+
+	isRepoLevel := repoID != 0 && ctx.Repo != nil && ctx.Repo.Repository != nil && ctx.Repo.Repository.ID == repoID
+	for i := range jobs {
+		var repository *repo_model.Repository
+		if isRepoLevel {
+			repository = ctx.Repo.Repository
+		} else {
+			repository, err = repo_model.GetRepositoryByID(ctx, jobs[i].RepoID)
+			if err != nil {
+				ctx.APIErrorInternal(err)
+				return
+			}
+		}
+
+		convertedWorkflowJob, err := convert.ToActionWorkflowJob(ctx, repository, nil, jobs[i])
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
+		res.Entries[i] = convertedWorkflowJob
+	}
+
+	ctx.JSON(http.StatusOK, &res)
+}
+
+func convertToInternal(s string) ([]actions_model.Status, error) {
+	switch s {
+	case "pending", "waiting", "requested", "action_required":
+		return []actions_model.Status{actions_model.StatusBlocked}, nil
+	case "queued":
+		return []actions_model.Status{actions_model.StatusWaiting}, nil
+	case "in_progress":
+		return []actions_model.Status{actions_model.StatusRunning}, nil
+	case "completed":
+		return []actions_model.Status{
+			actions_model.StatusSuccess,
+			actions_model.StatusFailure,
+			actions_model.StatusSkipped,
+			actions_model.StatusCancelled,
+		}, nil
+	case "failure":
+		return []actions_model.Status{actions_model.StatusFailure}, nil
+	case "success":
+		return []actions_model.Status{actions_model.StatusSuccess}, nil
+	case "skipped", "neutral":
+		return []actions_model.Status{actions_model.StatusSkipped}, nil
+	case "cancelled", "timed_out":
+		return []actions_model.Status{actions_model.StatusCancelled}, nil
+	default:
+		return nil, fmt.Errorf("invalid status %s", s)
+	}
+}
+
+// ListRuns lists jobs for api route validated ownerID and repoID
+// ownerID == 0 and repoID == 0 means all runs
+// ownerID == 0 and repoID != 0 means all runs for the given repo
+// ownerID != 0 and repoID == 0 means all runs for the given user/org
+// ownerID != 0 and repoID != 0 undefined behavior
+// Access rights are checked at the API route level
+func ListRuns(ctx *context.APIContext, ownerID, repoID int64) {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
+	opts := actions_model.FindRunOptions{
+		OwnerID:     ownerID,
+		RepoID:      repoID,
+		ListOptions: utils.GetListOptions(ctx),
+	}
+
+	if event := ctx.FormString("event"); event != "" {
+		opts.TriggerEvent = webhook.HookEventType(event)
+	}
+	if branch := ctx.FormString("branch"); branch != "" {
+		opts.Ref = string(git.RefNameFromBranch(branch))
+	}
+	for _, status := range ctx.FormStrings("status") {
+		values, err := convertToInternal(status)
+		if err != nil {
+			ctx.APIError(http.StatusBadRequest, fmt.Errorf("Invalid status %s", status))
+			return
+		}
+		opts.Status = append(opts.Status, values...)
+	}
+	if actor := ctx.FormString("actor"); actor != "" {
+		user, err := user_model.GetUserByName(ctx, actor)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
+		opts.TriggerUserID = user.ID
+	}
+	if headSHA := ctx.FormString("head_sha"); headSHA != "" {
+		opts.CommitSHA = headSHA
+	}
+
+	runs, total, err := db.FindAndCount[actions_model.ActionRun](ctx, opts)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	res := new(api.ActionWorkflowRunsResponse)
+	res.TotalCount = total
+
+	res.Entries = make([]*api.ActionWorkflowRun, len(runs))
+	isRepoLevel := repoID != 0 && ctx.Repo != nil && ctx.Repo.Repository != nil && ctx.Repo.Repository.ID == repoID
+	for i := range runs {
+		var repository *repo_model.Repository
+		if isRepoLevel {
+			repository = ctx.Repo.Repository
+		} else {
+			repository, err = repo_model.GetRepositoryByID(ctx, runs[i].RepoID)
+			if err != nil {
+				ctx.APIErrorInternal(err)
+				return
+			}
+		}
+
+		convertedRun, err := convert.ToActionWorkflowRun(ctx, repository, runs[i])
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
+		res.Entries[i] = convertedRun
+	}
+
+	ctx.JSON(http.StatusOK, &res)
+}
diff --git a/routers/api/v1/shared/runners.go b/routers/api/v1/shared/runners.go
index f31d9e5d0b..e9834aff9f 100644
--- a/routers/api/v1/shared/runners.go
+++ b/routers/api/v1/shared/runners.go
@@ -8,8 +8,13 @@ import (
 	"net/http"
 
 	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/api/v1/utils"
 	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/convert"
 )
 
 // RegistrationToken is response related to registration token
@@ -30,3 +35,93 @@ func GetRegistrationToken(ctx *context.APIContext, ownerID, repoID int64) {
 
 	ctx.JSON(http.StatusOK, RegistrationToken{Token: token.Token})
 }
+
+// ListRunners lists runners for api route validated ownerID and repoID
+// ownerID == 0 and repoID == 0 means all runners including global runners, does not appear in sql where clause
+// ownerID == 0 and repoID != 0 means all runners for the given repo
+// ownerID != 0 and repoID == 0 means all runners for the given user/org
+// ownerID != 0 and repoID != 0 undefined behavior
+// Access rights are checked at the API route level
+func ListRunners(ctx *context.APIContext, ownerID, repoID int64) {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
+	runners, total, err := db.FindAndCount[actions_model.ActionRunner](ctx, &actions_model.FindRunnerOptions{
+		OwnerID:     ownerID,
+		RepoID:      repoID,
+		ListOptions: utils.GetListOptions(ctx),
+	})
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+
+	res := new(api.ActionRunnersResponse)
+	res.TotalCount = total
+
+	res.Entries = make([]*api.ActionRunner, len(runners))
+	for i, runner := range runners {
+		res.Entries[i] = convert.ToActionRunner(ctx, runner)
+	}
+
+	ctx.JSON(http.StatusOK, &res)
+}
+
+func getRunnerByID(ctx *context.APIContext, ownerID, repoID, runnerID int64) (*actions_model.ActionRunner, bool) {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
+
+	runner, err := actions_model.GetRunnerByID(ctx, runnerID)
+	if err != nil {
+		if errors.Is(err, util.ErrNotExist) {
+			ctx.APIErrorNotFound("Runner not found")
+		} else {
+			ctx.APIErrorInternal(err)
+		}
+		return nil, false
+	}
+
+	if !runner.EditableInContext(ownerID, repoID) {
+		ctx.APIErrorNotFound("No permission to access this runner")
+		return nil, false
+	}
+	return runner, true
+}
+
+// GetRunner get the runner for api route validated ownerID and repoID
+// ownerID == 0 and repoID == 0 means any runner including global runners
+// ownerID == 0 and repoID != 0 means any runner for the given repo
+// ownerID != 0 and repoID == 0 means any runner for the given user/org
+// ownerID != 0 and repoID != 0 undefined behavior
+// Access rights are checked at the API route level
+func GetRunner(ctx *context.APIContext, ownerID, repoID, runnerID int64) {
+	if ownerID != 0 && repoID != 0 {
+		setting.PanicInDevOrTesting("ownerID and repoID should not be both set")
+	}
+	runner, ok := getRunnerByID(ctx, ownerID, repoID, runnerID)
+	if !ok {
+		return
+	}
+	ctx.JSON(http.StatusOK, convert.ToActionRunner(ctx, runner))
+}
+
+// DeleteRunner deletes the runner for api route validated ownerID and repoID
+// ownerID == 0 and repoID == 0 means any runner including global runners
+// ownerID == 0 and repoID != 0 means any runner for the given repo
+// ownerID != 0 and repoID == 0 means any runner for the given user/org
+// ownerID != 0 and repoID != 0 undefined behavior
+// Access rights are checked at the API route level
+func DeleteRunner(ctx *context.APIContext, ownerID, repoID, runnerID int64) {
+	runner, ok := getRunnerByID(ctx, ownerID, repoID, runnerID)
+	if !ok {
+		return
+	}
+
+	err := actions_model.DeleteRunner(ctx, runner.ID)
+	if err != nil {
+		ctx.APIErrorInternal(err)
+		return
+	}
+	ctx.Status(http.StatusNoContent)
+}
diff --git a/routers/api/v1/swagger/action.go b/routers/api/v1/swagger/action.go
index 16a250184a..0606505950 100644
--- a/routers/api/v1/swagger/action.go
+++ b/routers/api/v1/swagger/action.go
@@ -44,5 +44,5 @@ type swaggerResponseActionWorkflow struct {
 // swagger:response ActionWorkflowList
 type swaggerResponseActionWorkflowList struct {
 	// in:body
-	Body []api.ActionWorkflow `json:"body"`
+	Body api.ActionWorkflowResponse `json:"body"`
 }
diff --git a/routers/api/v1/swagger/options.go b/routers/api/v1/swagger/options.go
index aa5990eb38..bafd5e04a2 100644
--- a/routers/api/v1/swagger/options.go
+++ b/routers/api/v1/swagger/options.go
@@ -119,6 +119,9 @@ type swaggerParameterBodies struct {
 	EditAttachmentOptions api.EditAttachmentOptions
 
 	// in:body
+	GetFilesOptions api.GetFilesOptions
+
+	// in:body
 	ChangeFilesOptions api.ChangeFilesOptions
 
 	// in:body
@@ -216,4 +219,7 @@ type swaggerParameterBodies struct {
 
 	// in:body
 	UpdateVariableOption api.UpdateVariableOption
+
+	// in:body
+	LockIssueOption api.LockIssueOption
 }
diff --git a/routers/api/v1/swagger/repo.go b/routers/api/v1/swagger/repo.go
index 25f137f3bf..9e20c0533b 100644
--- a/routers/api/v1/swagger/repo.go
+++ b/routers/api/v1/swagger/repo.go
@@ -331,6 +331,12 @@ type swaggerContentsListResponse struct {
 	Body []api.ContentsResponse `json:"body"`
 }
 
+// swagger:response ContentsExtResponse
+type swaggerContentsExtResponse struct {
+	// in:body
+	Body api.ContentsExtResponse `json:"body"`
+}
+
 // FileDeleteResponse
 // swagger:response FileDeleteResponse
 type swaggerFileDeleteResponse struct {
@@ -443,6 +449,34 @@ type swaggerRepoTasksList struct {
 	Body api.ActionTaskResponse `json:"body"`
 }
 
+// WorkflowRunsList
+// swagger:response WorkflowRunsList
+type swaggerActionWorkflowRunsResponse struct {
+	// in:body
+	Body api.ActionWorkflowRunsResponse `json:"body"`
+}
+
+// WorkflowRun
+// swagger:response WorkflowRun
+type swaggerWorkflowRun struct {
+	// in:body
+	Body api.ActionWorkflowRun `json:"body"`
+}
+
+// WorkflowJobsList
+// swagger:response WorkflowJobsList
+type swaggerActionWorkflowJobsResponse struct {
+	// in:body
+	Body api.ActionWorkflowJobsResponse `json:"body"`
+}
+
+// WorkflowJob
+// swagger:response WorkflowJob
+type swaggerWorkflowJob struct {
+	// in:body
+	Body api.ActionWorkflowJob `json:"body"`
+}
+
 // ArtifactsList
 // swagger:response ArtifactsList
 type swaggerRepoArtifactsList struct {
@@ -457,6 +491,20 @@ type swaggerRepoArtifact struct {
 	Body api.ActionArtifact `json:"body"`
 }
 
+// RunnerList
+// swagger:response RunnerList
+type swaggerRunnerList struct {
+	// in:body
+	Body api.ActionRunnersResponse `json:"body"`
+}
+
+// Runner
+// swagger:response Runner
+type swaggerRunner struct {
+	// in:body
+	Body api.ActionRunner `json:"body"`
+}
+
 // swagger:response Compare
 type swaggerCompare struct {
 	// in:body
diff --git a/routers/api/v1/user/action.go b/routers/api/v1/user/action.go
index 04097fcc95..e934d02aa7 100644
--- a/routers/api/v1/user/action.go
+++ b/routers/api/v1/user/action.go
@@ -12,6 +12,7 @@ import (
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/routers/api/v1/shared"
 	"code.gitea.io/gitea/routers/api/v1/utils"
 	actions_service "code.gitea.io/gitea/services/actions"
 	"code.gitea.io/gitea/services/context"
@@ -127,13 +128,11 @@ func CreateVariable(ctx *context.APIContext) {
 	//     "$ref": "#/definitions/CreateVariableOption"
 	// responses:
 	//   "201":
-	//     description: response when creating a variable
-	//   "204":
-	//     description: response when creating a variable
+	//     description: successfully created the user-level variable
 	//   "400":
 	//     "$ref": "#/responses/error"
-	//   "404":
-	//     "$ref": "#/responses/notFound"
+	//   "409":
+	//     description: variable name already exists.
 
 	opt := web.GetForm(ctx).(*api.CreateVariableOption)
 
@@ -162,7 +161,7 @@ func CreateVariable(ctx *context.APIContext) {
 		return
 	}
 
-	ctx.Status(http.StatusNoContent)
+	ctx.Status(http.StatusCreated)
 }
 
 // UpdateVariable update a user-level variable which is created by current doer
@@ -358,3 +357,86 @@ func ListVariables(ctx *context.APIContext) {
 	ctx.SetTotalCountHeader(count)
 	ctx.JSON(http.StatusOK, variables)
 }
+
+// ListWorkflowRuns lists workflow runs
+func ListWorkflowRuns(ctx *context.APIContext) {
+	// swagger:operation GET /user/actions/runs user getUserWorkflowRuns
+	// ---
+	// summary: Get workflow runs
+	// parameters:
+	// - name: event
+	//   in: query
+	//   description: workflow event name
+	//   type: string
+	//   required: false
+	// - name: branch
+	//   in: query
+	//   description: workflow branch
+	//   type: string
+	//   required: false
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: actor
+	//   in: query
+	//   description: triggered by user
+	//   type: string
+	//   required: false
+	// - name: head_sha
+	//   in: query
+	//   description: triggering sha of the workflow run
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// produces:
+	// - application/json
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowRunsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRuns(ctx, ctx.Doer.ID, 0)
+}
+
+// ListWorkflowJobs lists workflow jobs
+func ListWorkflowJobs(ctx *context.APIContext) {
+	// swagger:operation GET /user/actions/jobs user getUserWorkflowJobs
+	// ---
+	// summary: Get workflow jobs
+	// parameters:
+	// - name: status
+	//   in: query
+	//   description: workflow status (pending, queued, in_progress, failure, success, skipped)
+	//   type: string
+	//   required: false
+	// - name: page
+	//   in: query
+	//   description: page number of results to return (1-based)
+	//   type: integer
+	// - name: limit
+	//   in: query
+	//   description: page size of results
+	//   type: integer
+	// produces:
+	// - application/json
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/WorkflowJobsList"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	shared.ListJobs(ctx, ctx.Doer.ID, 0, 0)
+}
diff --git a/routers/api/v1/user/app.go b/routers/api/v1/user/app.go
index 4ca06ca923..6f1053e7ac 100644
--- a/routers/api/v1/user/app.go
+++ b/routers/api/v1/user/app.go
@@ -30,7 +30,7 @@ func ListAccessTokens(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of to user whose access tokens are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
@@ -62,6 +62,8 @@ func ListAccessTokens(ctx *context.APIContext) {
 			Name:           tokens[i].Name,
 			TokenLastEight: tokens[i].TokenLastEight,
 			Scopes:         tokens[i].Scope.StringSlice(),
+			Created:        tokens[i].CreatedUnix.AsTime(),
+			Updated:        tokens[i].UpdatedUnix.AsTime(),
 		}
 	}
 
@@ -81,7 +83,7 @@ func CreateAccessToken(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose token is to be created
 	//   required: true
 	//   type: string
 	// - name: body
@@ -147,7 +149,7 @@ func DeleteAccessToken(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose token is to be deleted
 	//   type: string
 	//   required: true
 	// - name: token
diff --git a/routers/api/v1/user/block.go b/routers/api/v1/user/block.go
index 7231e9add7..8365188f60 100644
--- a/routers/api/v1/user/block.go
+++ b/routers/api/v1/user/block.go
@@ -37,7 +37,7 @@ func CheckUserBlock(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: user to check
+	//   description: username of the user to check
 	//   type: string
 	//   required: true
 	// responses:
@@ -56,7 +56,7 @@ func BlockUser(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: user to block
+	//   description: username of the user to block
 	//   type: string
 	//   required: true
 	// - name: note
@@ -81,7 +81,7 @@ func UnblockUser(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: user to unblock
+	//   description: username of the user to unblock
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/user/follower.go b/routers/api/v1/user/follower.go
index 0d0c0be7e0..339b994af4 100644
--- a/routers/api/v1/user/follower.go
+++ b/routers/api/v1/user/follower.go
@@ -67,7 +67,7 @@ func ListFollowers(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose followers are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
@@ -131,7 +131,7 @@ func ListFollowing(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose followed users are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
@@ -167,7 +167,7 @@ func CheckMyFollowing(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of followed user
+	//   description: username of the user to check for authenticated followers
 	//   type: string
 	//   required: true
 	// responses:
@@ -187,12 +187,12 @@ func CheckFollowing(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of following user
+	//   description: username of the following user
 	//   type: string
 	//   required: true
 	// - name: target
 	//   in: path
-	//   description: username of followed user
+	//   description: username of the followed user
 	//   type: string
 	//   required: true
 	// responses:
@@ -216,7 +216,7 @@ func Follow(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to follow
+	//   description: username of the user to follow
 	//   type: string
 	//   required: true
 	// responses:
@@ -246,7 +246,7 @@ func Unfollow(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to unfollow
+	//   description: username of the user to unfollow
 	//   type: string
 	//   required: true
 	// responses:
diff --git a/routers/api/v1/user/gpg_key.go b/routers/api/v1/user/gpg_key.go
index 504e74ae10..9ec4d2c938 100644
--- a/routers/api/v1/user/gpg_key.go
+++ b/routers/api/v1/user/gpg_key.go
@@ -4,7 +4,7 @@
 package user
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 	"strings"
 
@@ -53,7 +53,7 @@ func ListGPGKeys(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose GPG key list is to be obtained
 	//   type: string
 	//   required: true
 	// - name: page
@@ -135,7 +135,7 @@ func GetGPGKey(ctx *context.APIContext) {
 // CreateUserGPGKey creates new GPG key to given user by ID.
 func CreateUserGPGKey(ctx *context.APIContext, form api.CreateGPGKeyOption, uid int64) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageGPGKeys) {
-		ctx.APIErrorNotFound("Not Found", fmt.Errorf("gpg keys setting is not allowed to be visited"))
+		ctx.APIErrorNotFound("Not Found", errors.New("gpg keys setting is not allowed to be visited"))
 		return
 	}
 
@@ -205,7 +205,7 @@ func VerifyUserGPGKey(ctx *context.APIContext) {
 
 	if err != nil {
 		if asymkey_model.IsErrGPGInvalidTokenSignature(err) {
-			ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))
+			ctx.APIError(http.StatusUnprocessableEntity, "The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: "+token)
 			return
 		}
 		ctx.APIErrorInternal(err)
@@ -276,7 +276,7 @@ func DeleteGPGKey(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageGPGKeys) {
-		ctx.APIErrorNotFound("Not Found", fmt.Errorf("gpg keys setting is not allowed to be visited"))
+		ctx.APIErrorNotFound("Not Found", errors.New("gpg keys setting is not allowed to be visited"))
 		return
 	}
 
@@ -302,9 +302,9 @@ func HandleAddGPGKeyError(ctx *context.APIContext, err error, token string) {
 	case asymkey_model.IsErrGPGKeyParsing(err):
 		ctx.APIError(http.StatusUnprocessableEntity, err)
 	case asymkey_model.IsErrGPGNoEmailFound(err):
-		ctx.APIError(http.StatusNotFound, fmt.Sprintf("None of the emails attached to the GPG key could be found. It may still be added if you provide a valid signature for the token: %s", token))
+		ctx.APIError(http.StatusNotFound, "None of the emails attached to the GPG key could be found. It may still be added if you provide a valid signature for the token: "+token)
 	case asymkey_model.IsErrGPGInvalidTokenSignature(err):
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))
+		ctx.APIError(http.StatusUnprocessableEntity, "The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: "+token)
 	default:
 		ctx.APIErrorInternal(err)
 	}
diff --git a/routers/api/v1/user/key.go b/routers/api/v1/user/key.go
index 6295f4753b..aa69245e49 100644
--- a/routers/api/v1/user/key.go
+++ b/routers/api/v1/user/key.go
@@ -5,7 +5,7 @@ package user
 
 import (
 	std_ctx "context"
-	"fmt"
+	"errors"
 	"net/http"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
@@ -24,9 +24,10 @@ import (
 
 // appendPrivateInformation appends the owner and key type information to api.PublicKey
 func appendPrivateInformation(ctx std_ctx.Context, apiKey *api.PublicKey, key *asymkey_model.PublicKey, defaultUser *user_model.User) (*api.PublicKey, error) {
-	if key.Type == asymkey_model.KeyTypeDeploy {
+	switch key.Type {
+	case asymkey_model.KeyTypeDeploy:
 		apiKey.KeyType = "deploy"
-	} else if key.Type == asymkey_model.KeyTypeUser {
+	case asymkey_model.KeyTypeUser:
 		apiKey.KeyType = "user"
 
 		if defaultUser.ID == key.OwnerID {
@@ -38,7 +39,7 @@ func appendPrivateInformation(ctx std_ctx.Context, apiKey *api.PublicKey, key *a
 			}
 			apiKey.Owner = convert.ToUser(ctx, user, user)
 		}
-	} else {
+	default:
 		apiKey.KeyType = "unknown"
 	}
 	apiKey.ReadOnly = key.Mode == perm.AccessModeRead
@@ -135,7 +136,7 @@ func ListPublicKeys(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose public keys are to be listed
 	//   type: string
 	//   required: true
 	// - name: fingerprint
@@ -200,7 +201,7 @@ func GetPublicKey(ctx *context.APIContext) {
 // CreateUserPublicKey creates new public key to given user by ID.
 func CreateUserPublicKey(ctx *context.APIContext, form api.CreateKeyOption, uid int64) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys) {
-		ctx.APIErrorNotFound("Not Found", fmt.Errorf("ssh keys setting is not allowed to be visited"))
+		ctx.APIErrorNotFound("Not Found", errors.New("ssh keys setting is not allowed to be visited"))
 		return
 	}
 
@@ -270,7 +271,7 @@ func DeletePublicKey(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys) {
-		ctx.APIErrorNotFound("Not Found", fmt.Errorf("ssh keys setting is not allowed to be visited"))
+		ctx.APIErrorNotFound("Not Found", errors.New("ssh keys setting is not allowed to be visited"))
 		return
 	}
 
diff --git a/routers/api/v1/user/repo.go b/routers/api/v1/user/repo.go
index 6aabc4fb90..6d0129681e 100644
--- a/routers/api/v1/user/repo.go
+++ b/routers/api/v1/user/repo.go
@@ -19,7 +19,7 @@ import (
 func listUserRepos(ctx *context.APIContext, u *user_model.User, private bool) {
 	opts := utils.GetListOptions(ctx)
 
-	repos, count, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+	repos, count, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 		Actor:       u,
 		Private:     private,
 		ListOptions: opts,
@@ -62,7 +62,7 @@ func ListUserRepos(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose owned repos are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
@@ -103,7 +103,7 @@ func ListMyRepos(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/RepositoryList"
 
-	opts := &repo_model.SearchRepoOptions{
+	opts := repo_model.SearchRepoOptions{
 		ListOptions:        utils.GetListOptions(ctx),
 		Actor:              ctx.Doer,
 		OwnerID:            ctx.Doer.ID,
diff --git a/routers/api/v1/user/runners.go b/routers/api/v1/user/runners.go
index 899218473e..be3f63cc5e 100644
--- a/routers/api/v1/user/runners.go
+++ b/routers/api/v1/user/runners.go
@@ -24,3 +24,81 @@ func GetRegistrationToken(ctx *context.APIContext) {
 
 	shared.GetRegistrationToken(ctx, ctx.Doer.ID, 0)
 }
+
+// CreateRegistrationToken returns the token to register user runners
+func CreateRegistrationToken(ctx *context.APIContext) {
+	// swagger:operation POST /user/actions/runners/registration-token user userCreateRunnerRegistrationToken
+	// ---
+	// summary: Get an user's actions runner registration token
+	// produces:
+	// - application/json
+	// parameters:
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/RegistrationToken"
+
+	shared.GetRegistrationToken(ctx, ctx.Doer.ID, 0)
+}
+
+// ListRunners get user-level runners
+func ListRunners(ctx *context.APIContext) {
+	// swagger:operation GET /user/actions/runners user getUserRunners
+	// ---
+	// summary: Get user-level runners
+	// produces:
+	// - application/json
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunnersResponse"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.ListRunners(ctx, ctx.Doer.ID, 0)
+}
+
+// GetRunner get an user-level runner
+func GetRunner(ctx *context.APIContext) {
+	// swagger:operation GET /user/actions/runners/{runner_id} user getUserRunner
+	// ---
+	// summary: Get an user-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/definitions/ActionRunner"
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.GetRunner(ctx, ctx.Doer.ID, 0, ctx.PathParamInt64("runner_id"))
+}
+
+// DeleteRunner delete an user-level runner
+func DeleteRunner(ctx *context.APIContext) {
+	// swagger:operation DELETE /user/actions/runners/{runner_id} user deleteUserRunner
+	// ---
+	// summary: Delete an user-level runner
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: runner_id
+	//   in: path
+	//   description: id of the runner
+	//   type: string
+	//   required: true
+	// responses:
+	//   "204":
+	//     description: runner has been deleted
+	//   "400":
+	//     "$ref": "#/responses/error"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	shared.DeleteRunner(ctx, ctx.Doer.ID, 0, ctx.PathParamInt64("runner_id"))
+}
diff --git a/routers/api/v1/user/star.go b/routers/api/v1/user/star.go
index 4b0cb45d67..ee5d63063b 100644
--- a/routers/api/v1/user/star.go
+++ b/routers/api/v1/user/star.go
@@ -50,7 +50,7 @@ func GetStarredRepos(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose starred repos are to be listed
 	//   type: string
 	//   required: true
 	// - name: page
diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 757a548518..6de1125c40 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -73,7 +73,7 @@ func Search(ctx *context.APIContext) {
 		if ctx.PublicOnly {
 			visible = []structs.VisibleType{structs.VisibleTypePublic}
 		}
-		users, maxResults, err = user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+		users, maxResults, err = user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 			Actor:         ctx.Doer,
 			Keyword:       ctx.FormTrim("q"),
 			UID:           uid,
@@ -110,7 +110,7 @@ func GetInfo(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to get
+	//   description: username of the user whose data is to be listed
 	//   type: string
 	//   required: true
 	// responses:
@@ -151,7 +151,7 @@ func GetUserHeatmapData(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user to get
+	//   description: username of the user whose heatmap is to be obtained
 	//   type: string
 	//   required: true
 	// responses:
@@ -177,7 +177,7 @@ func ListUserActivityFeeds(ctx *context.APIContext) {
 	// parameters:
 	// - name: username
 	//   in: path
-	//   description: username of user
+	//   description: username of the user whose activity feeds are to be listed
 	//   type: string
 	//   required: true
 	// - name: only-performed-by
diff --git a/routers/api/v1/user/watch.go b/routers/api/v1/user/watch.go
index 76d7c81793..844eac2c67 100644
--- a/routers/api/v1/user/watch.go
+++ b/routers/api/v1/user/watch.go
@@ -49,7 +49,7 @@ func GetWatchedRepos(ctx *context.APIContext) {
 	// - name: username
 	//   type: string
 	//   in: path
-	//   description: username of the user
+	//   description: username of the user whose watched repos are to be listed
 	//   required: true
 	// - name: page
 	//   in: query
diff --git a/routers/api/v1/utils/git.go b/routers/api/v1/utils/git.go
index af672ba147..1cfe01a639 100644
--- a/routers/api/v1/utils/git.go
+++ b/routers/api/v1/utils/git.go
@@ -4,53 +4,54 @@
 package utils
 
 import (
-	gocontext "context"
-	"fmt"
-	"net/http"
+	"errors"
 
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
-	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/reqctx"
 	"code.gitea.io/gitea/services/context"
 )
 
-// ResolveRefOrSha resolve ref to sha if exist
-func ResolveRefOrSha(ctx *context.APIContext, ref string) string {
-	if len(ref) == 0 {
-		ctx.APIError(http.StatusBadRequest, nil)
-		return ""
-	}
+type RefCommit struct {
+	InputRef string
+	RefName  git.RefName
+	Commit   *git.Commit
+	CommitID string
+}
 
-	sha := ref
-	// Search branches and tags
-	for _, refType := range []string{"heads", "tags"} {
-		refSHA, lastMethodName, err := searchRefCommitByType(ctx, refType, ref)
-		if err != nil {
-			ctx.APIErrorInternal(fmt.Errorf("%s: %w", lastMethodName, err))
-			return ""
-		}
-		if refSHA != "" {
-			sha = refSHA
-			break
-		}
+// ResolveRefCommit resolve ref to a commit if exist
+func ResolveRefCommit(ctx reqctx.RequestContext, repo *repo_model.Repository, inputRef string, minCommitIDLen ...int) (_ *RefCommit, err error) {
+	gitRepo, err := gitrepo.RepositoryFromRequestContextOrOpen(ctx, repo)
+	if err != nil {
+		return nil, err
 	}
-
-	sha = MustConvertToSHA1(ctx, ctx.Repo, sha)
-
-	if ctx.Repo.GitRepo != nil {
-		err := ctx.Repo.GitRepo.AddLastCommitCache(ctx.Repo.Repository.GetCommitsCountCacheKey(ref, ref != sha), ctx.Repo.Repository.FullName(), sha)
-		if err != nil {
-			log.Error("Unable to get commits count for %s in %s. Error: %v", sha, ctx.Repo.Repository.FullName(), err)
-		}
+	refCommit := RefCommit{InputRef: inputRef}
+	if gitrepo.IsBranchExist(ctx, repo, inputRef) {
+		refCommit.RefName = git.RefNameFromBranch(inputRef)
+	} else if gitrepo.IsTagExist(ctx, repo, inputRef) {
+		refCommit.RefName = git.RefNameFromTag(inputRef)
+	} else if git.IsStringLikelyCommitID(git.ObjectFormatFromName(repo.ObjectFormatName), inputRef, minCommitIDLen...) {
+		refCommit.RefName = git.RefNameFromCommit(inputRef)
+	}
+	if refCommit.RefName == "" {
+		return nil, git.ErrNotExist{ID: inputRef}
 	}
+	if refCommit.Commit, err = gitRepo.GetCommit(refCommit.RefName.String()); err != nil {
+		return nil, err
+	}
+	refCommit.CommitID = refCommit.Commit.ID.String()
+	return &refCommit, nil
+}
 
-	return sha
+func NewRefCommit(refName git.RefName, commit *git.Commit) *RefCommit {
+	return &RefCommit{InputRef: refName.ShortName(), RefName: refName, Commit: commit, CommitID: commit.ID.String()}
 }
 
 // GetGitRefs return git references based on filter
 func GetGitRefs(ctx *context.APIContext, filter string) ([]*git.Reference, string, error) {
 	if ctx.Repo.GitRepo == nil {
-		return nil, "", fmt.Errorf("no open git repo found in context")
+		return nil, "", errors.New("no open git repo found in context")
 	}
 	if len(filter) > 0 {
 		filter = "refs/" + filter
@@ -58,42 +59,3 @@ func GetGitRefs(ctx *context.APIContext, filter string) ([]*git.Reference, strin
 	refs, err := ctx.Repo.GitRepo.GetRefsFiltered(filter)
 	return refs, "GetRefsFiltered", err
 }
-
-func searchRefCommitByType(ctx *context.APIContext, refType, filter string) (string, string, error) {
-	refs, lastMethodName, err := GetGitRefs(ctx, refType+"/"+filter) // Search by type
-	if err != nil {
-		return "", lastMethodName, err
-	}
-	if len(refs) > 0 {
-		return refs[0].Object.String(), "", nil // Return found SHA
-	}
-	return "", "", nil
-}
-
-// ConvertToObjectID returns a full-length SHA1 from a potential ID string
-func ConvertToObjectID(ctx gocontext.Context, repo *context.Repository, commitID string) (git.ObjectID, error) {
-	objectFormat := repo.GetObjectFormat()
-	if len(commitID) == objectFormat.FullLength() && objectFormat.IsValid(commitID) {
-		sha, err := git.NewIDFromString(commitID)
-		if err == nil {
-			return sha, nil
-		}
-	}
-
-	gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, repo.Repository)
-	if err != nil {
-		return objectFormat.EmptyObjectID(), fmt.Errorf("RepositoryFromContextOrOpen: %w", err)
-	}
-	defer closer.Close()
-
-	return gitRepo.ConvertToGitID(commitID)
-}
-
-// MustConvertToSHA1 returns a full-length SHA1 string from a potential ID string, or returns origin input if it can't convert to SHA1
-func MustConvertToSHA1(ctx gocontext.Context, repo *context.Repository, commitID string) string {
-	sha, err := ConvertToObjectID(ctx, repo, commitID)
-	if err != nil {
-		return commitID
-	}
-	return sha.String()
-}
diff --git a/routers/api/v1/utils/hook.go b/routers/api/v1/utils/hook.go
index ce0c1b5097..6f598f14c8 100644
--- a/routers/api/v1/utils/hook.go
+++ b/routers/api/v1/utils/hook.go
@@ -4,7 +4,6 @@
 package utils
 
 import (
-	"fmt"
 	"net/http"
 	"strconv"
 	"strings"
@@ -16,6 +15,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/validation"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/context"
 	webhook_service "code.gitea.io/gitea/services/webhook"
@@ -80,7 +80,7 @@ func GetRepoHook(ctx *context.APIContext, repoID, hookID int64) (*webhook.Webhoo
 // write the appropriate error to `ctx`. Return whether the form is valid
 func checkCreateHookOption(ctx *context.APIContext, form *api.CreateHookOption) bool {
 	if !webhook_service.IsValidHookTaskType(form.Type) {
-		ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("Invalid hook type: %s", form.Type))
+		ctx.APIError(http.StatusUnprocessableEntity, "Invalid hook type: "+form.Type)
 		return false
 	}
 	for _, name := range []string{"url", "content_type"} {
@@ -93,6 +93,10 @@ func checkCreateHookOption(ctx *context.APIContext, form *api.CreateHookOption)
 		ctx.APIError(http.StatusUnprocessableEntity, "Invalid content type")
 		return false
 	}
+	if !validation.IsValidURL(form.Config["url"]) {
+		ctx.APIError(http.StatusUnprocessableEntity, "Invalid url")
+		return false
+	}
 	return true
 }
 
@@ -155,6 +159,42 @@ func pullHook(events []string, event string) bool {
 	return util.SliceContainsString(events, event, true) || util.SliceContainsString(events, string(webhook_module.HookEventPullRequest), true)
 }
 
+func updateHookEvents(events []string) webhook_module.HookEvents {
+	if len(events) == 0 {
+		events = []string{"push"}
+	}
+	hookEvents := make(webhook_module.HookEvents)
+	hookEvents[webhook_module.HookEventCreate] = util.SliceContainsString(events, string(webhook_module.HookEventCreate), true)
+	hookEvents[webhook_module.HookEventPush] = util.SliceContainsString(events, string(webhook_module.HookEventPush), true)
+	hookEvents[webhook_module.HookEventDelete] = util.SliceContainsString(events, string(webhook_module.HookEventDelete), true)
+	hookEvents[webhook_module.HookEventFork] = util.SliceContainsString(events, string(webhook_module.HookEventFork), true)
+	hookEvents[webhook_module.HookEventRepository] = util.SliceContainsString(events, string(webhook_module.HookEventRepository), true)
+	hookEvents[webhook_module.HookEventWiki] = util.SliceContainsString(events, string(webhook_module.HookEventWiki), true)
+	hookEvents[webhook_module.HookEventRelease] = util.SliceContainsString(events, string(webhook_module.HookEventRelease), true)
+	hookEvents[webhook_module.HookEventPackage] = util.SliceContainsString(events, string(webhook_module.HookEventPackage), true)
+	hookEvents[webhook_module.HookEventStatus] = util.SliceContainsString(events, string(webhook_module.HookEventStatus), true)
+	hookEvents[webhook_module.HookEventWorkflowRun] = util.SliceContainsString(events, string(webhook_module.HookEventWorkflowRun), true)
+	hookEvents[webhook_module.HookEventWorkflowJob] = util.SliceContainsString(events, string(webhook_module.HookEventWorkflowJob), true)
+
+	// Issues
+	hookEvents[webhook_module.HookEventIssues] = issuesHook(events, "issues_only")
+	hookEvents[webhook_module.HookEventIssueAssign] = issuesHook(events, string(webhook_module.HookEventIssueAssign))
+	hookEvents[webhook_module.HookEventIssueLabel] = issuesHook(events, string(webhook_module.HookEventIssueLabel))
+	hookEvents[webhook_module.HookEventIssueMilestone] = issuesHook(events, string(webhook_module.HookEventIssueMilestone))
+	hookEvents[webhook_module.HookEventIssueComment] = issuesHook(events, string(webhook_module.HookEventIssueComment))
+
+	// Pull requests
+	hookEvents[webhook_module.HookEventPullRequest] = pullHook(events, "pull_request_only")
+	hookEvents[webhook_module.HookEventPullRequestAssign] = pullHook(events, string(webhook_module.HookEventPullRequestAssign))
+	hookEvents[webhook_module.HookEventPullRequestLabel] = pullHook(events, string(webhook_module.HookEventPullRequestLabel))
+	hookEvents[webhook_module.HookEventPullRequestMilestone] = pullHook(events, string(webhook_module.HookEventPullRequestMilestone))
+	hookEvents[webhook_module.HookEventPullRequestComment] = pullHook(events, string(webhook_module.HookEventPullRequestComment))
+	hookEvents[webhook_module.HookEventPullRequestReview] = pullHook(events, "pull_request_review")
+	hookEvents[webhook_module.HookEventPullRequestReviewRequest] = pullHook(events, string(webhook_module.HookEventPullRequestReviewRequest))
+	hookEvents[webhook_module.HookEventPullRequestSync] = pullHook(events, string(webhook_module.HookEventPullRequestSync))
+	return hookEvents
+}
+
 // addHook add the hook specified by `form`, `ownerID` and `repoID`. If there is
 // an error, write to `ctx` accordingly. Return (webhook, ok)
 func addHook(ctx *context.APIContext, form *api.CreateHookOption, ownerID, repoID int64) (*webhook.Webhook, bool) {
@@ -163,9 +203,6 @@ func addHook(ctx *context.APIContext, form *api.CreateHookOption, ownerID, repoI
 		return nil, false
 	}
 
-	if len(form.Events) == 0 {
-		form.Events = []string{"push"}
-	}
 	if form.Config["is_system_webhook"] != "" {
 		sw, err := strconv.ParseBool(form.Config["is_system_webhook"])
 		if err != nil {
@@ -184,31 +221,7 @@ func addHook(ctx *context.APIContext, form *api.CreateHookOption, ownerID, repoI
 		IsSystemWebhook: isSystemWebhook,
 		HookEvent: &webhook_module.HookEvent{
 			ChooseEvents: true,
-			HookEvents: webhook_module.HookEvents{
-				webhook_module.HookEventCreate:                   util.SliceContainsString(form.Events, string(webhook_module.HookEventCreate), true),
-				webhook_module.HookEventDelete:                   util.SliceContainsString(form.Events, string(webhook_module.HookEventDelete), true),
-				webhook_module.HookEventFork:                     util.SliceContainsString(form.Events, string(webhook_module.HookEventFork), true),
-				webhook_module.HookEventIssues:                   issuesHook(form.Events, "issues_only"),
-				webhook_module.HookEventIssueAssign:              issuesHook(form.Events, string(webhook_module.HookEventIssueAssign)),
-				webhook_module.HookEventIssueLabel:               issuesHook(form.Events, string(webhook_module.HookEventIssueLabel)),
-				webhook_module.HookEventIssueMilestone:           issuesHook(form.Events, string(webhook_module.HookEventIssueMilestone)),
-				webhook_module.HookEventIssueComment:             issuesHook(form.Events, string(webhook_module.HookEventIssueComment)),
-				webhook_module.HookEventPush:                     util.SliceContainsString(form.Events, string(webhook_module.HookEventPush), true),
-				webhook_module.HookEventPullRequest:              pullHook(form.Events, "pull_request_only"),
-				webhook_module.HookEventPullRequestAssign:        pullHook(form.Events, string(webhook_module.HookEventPullRequestAssign)),
-				webhook_module.HookEventPullRequestLabel:         pullHook(form.Events, string(webhook_module.HookEventPullRequestLabel)),
-				webhook_module.HookEventPullRequestMilestone:     pullHook(form.Events, string(webhook_module.HookEventPullRequestMilestone)),
-				webhook_module.HookEventPullRequestComment:       pullHook(form.Events, string(webhook_module.HookEventPullRequestComment)),
-				webhook_module.HookEventPullRequestReview:        pullHook(form.Events, "pull_request_review"),
-				webhook_module.HookEventPullRequestReviewRequest: pullHook(form.Events, string(webhook_module.HookEventPullRequestReviewRequest)),
-				webhook_module.HookEventPullRequestSync:          pullHook(form.Events, string(webhook_module.HookEventPullRequestSync)),
-				webhook_module.HookEventWiki:                     util.SliceContainsString(form.Events, string(webhook_module.HookEventWiki), true),
-				webhook_module.HookEventRepository:               util.SliceContainsString(form.Events, string(webhook_module.HookEventRepository), true),
-				webhook_module.HookEventRelease:                  util.SliceContainsString(form.Events, string(webhook_module.HookEventRelease), true),
-				webhook_module.HookEventPackage:                  util.SliceContainsString(form.Events, string(webhook_module.HookEventPackage), true),
-				webhook_module.HookEventStatus:                   util.SliceContainsString(form.Events, string(webhook_module.HookEventStatus), true),
-				webhook_module.HookEventWorkflowJob:              util.SliceContainsString(form.Events, string(webhook_module.HookEventWorkflowJob), true),
-			},
+			HookEvents:   updateHookEvents(form.Events),
 			BranchFilter: form.BranchFilter,
 		},
 		IsActive: form.Active,
@@ -325,6 +338,10 @@ func EditRepoHook(ctx *context.APIContext, form *api.EditHookOption, hookID int6
 func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webhook) bool {
 	if form.Config != nil {
 		if url, ok := form.Config["url"]; ok {
+			if !validation.IsValidURL(url) {
+				ctx.APIError(http.StatusUnprocessableEntity, "Invalid url")
+				return false
+			}
 			w.URL = url
 		}
 		if ct, ok := form.Config["content_type"]; ok {
@@ -353,19 +370,10 @@ func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webh
 	}
 
 	// Update events
-	if len(form.Events) == 0 {
-		form.Events = []string{"push"}
-	}
+	w.HookEvents = updateHookEvents(form.Events)
 	w.PushOnly = false
 	w.SendEverything = false
 	w.ChooseEvents = true
-	w.HookEvents[webhook_module.HookEventCreate] = util.SliceContainsString(form.Events, string(webhook_module.HookEventCreate), true)
-	w.HookEvents[webhook_module.HookEventPush] = util.SliceContainsString(form.Events, string(webhook_module.HookEventPush), true)
-	w.HookEvents[webhook_module.HookEventDelete] = util.SliceContainsString(form.Events, string(webhook_module.HookEventDelete), true)
-	w.HookEvents[webhook_module.HookEventFork] = util.SliceContainsString(form.Events, string(webhook_module.HookEventFork), true)
-	w.HookEvents[webhook_module.HookEventRepository] = util.SliceContainsString(form.Events, string(webhook_module.HookEventRepository), true)
-	w.HookEvents[webhook_module.HookEventWiki] = util.SliceContainsString(form.Events, string(webhook_module.HookEventWiki), true)
-	w.HookEvents[webhook_module.HookEventRelease] = util.SliceContainsString(form.Events, string(webhook_module.HookEventRelease), true)
 	w.BranchFilter = form.BranchFilter
 
 	err := w.SetHeaderAuthorization(form.AuthorizationHeader)
@@ -374,23 +382,6 @@ func editHook(ctx *context.APIContext, form *api.EditHookOption, w *webhook.Webh
 		return false
 	}
 
-	// Issues
-	w.HookEvents[webhook_module.HookEventIssues] = issuesHook(form.Events, "issues_only")
-	w.HookEvents[webhook_module.HookEventIssueAssign] = issuesHook(form.Events, string(webhook_module.HookEventIssueAssign))
-	w.HookEvents[webhook_module.HookEventIssueLabel] = issuesHook(form.Events, string(webhook_module.HookEventIssueLabel))
-	w.HookEvents[webhook_module.HookEventIssueMilestone] = issuesHook(form.Events, string(webhook_module.HookEventIssueMilestone))
-	w.HookEvents[webhook_module.HookEventIssueComment] = issuesHook(form.Events, string(webhook_module.HookEventIssueComment))
-
-	// Pull requests
-	w.HookEvents[webhook_module.HookEventPullRequest] = pullHook(form.Events, "pull_request_only")
-	w.HookEvents[webhook_module.HookEventPullRequestAssign] = pullHook(form.Events, string(webhook_module.HookEventPullRequestAssign))
-	w.HookEvents[webhook_module.HookEventPullRequestLabel] = pullHook(form.Events, string(webhook_module.HookEventPullRequestLabel))
-	w.HookEvents[webhook_module.HookEventPullRequestMilestone] = pullHook(form.Events, string(webhook_module.HookEventPullRequestMilestone))
-	w.HookEvents[webhook_module.HookEventPullRequestComment] = pullHook(form.Events, string(webhook_module.HookEventPullRequestComment))
-	w.HookEvents[webhook_module.HookEventPullRequestReview] = pullHook(form.Events, "pull_request_review")
-	w.HookEvents[webhook_module.HookEventPullRequestReviewRequest] = pullHook(form.Events, string(webhook_module.HookEventPullRequestReviewRequest))
-	w.HookEvents[webhook_module.HookEventPullRequestSync] = pullHook(form.Events, string(webhook_module.HookEventPullRequestSync))
-
 	if err := w.UpdateEvent(); err != nil {
 		ctx.APIErrorInternal(err)
 		return false
diff --git a/routers/api/v1/utils/hook_test.go b/routers/api/v1/utils/hook_test.go
new file mode 100644
index 0000000000..e5e8ce07ce
--- /dev/null
+++ b/routers/api/v1/utils/hook_test.go
@@ -0,0 +1,82 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package utils
+
+import (
+	"net/http"
+	"testing"
+
+	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/services/contexttest"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestTestHookValidation(t *testing.T) {
+	unittest.PrepareTestEnv(t)
+
+	t.Run("Test Validation", func(t *testing.T) {
+		ctx, _ := contexttest.MockAPIContext(t, "user2/repo1/hooks")
+		contexttest.LoadRepo(t, ctx, 1)
+		contexttest.LoadRepoCommit(t, ctx)
+		contexttest.LoadUser(t, ctx, 2)
+
+		checkCreateHookOption(ctx, &structs.CreateHookOption{
+			Type: "gitea",
+			Config: map[string]string{
+				"content_type": "json",
+				"url":          "https://example.com/webhook",
+			},
+		})
+		assert.Equal(t, 0, ctx.Resp.WrittenStatus()) // not written yet
+	})
+
+	t.Run("Test Validation with invalid URL", func(t *testing.T) {
+		ctx, _ := contexttest.MockAPIContext(t, "user2/repo1/hooks")
+		contexttest.LoadRepo(t, ctx, 1)
+		contexttest.LoadRepoCommit(t, ctx)
+		contexttest.LoadUser(t, ctx, 2)
+
+		checkCreateHookOption(ctx, &structs.CreateHookOption{
+			Type: "gitea",
+			Config: map[string]string{
+				"content_type": "json",
+				"url":          "example.com/webhook",
+			},
+		})
+		assert.Equal(t, http.StatusUnprocessableEntity, ctx.Resp.WrittenStatus())
+	})
+
+	t.Run("Test Validation with invalid webhook type", func(t *testing.T) {
+		ctx, _ := contexttest.MockAPIContext(t, "user2/repo1/hooks")
+		contexttest.LoadRepo(t, ctx, 1)
+		contexttest.LoadRepoCommit(t, ctx)
+		contexttest.LoadUser(t, ctx, 2)
+
+		checkCreateHookOption(ctx, &structs.CreateHookOption{
+			Type: "unknown",
+			Config: map[string]string{
+				"content_type": "json",
+				"url":          "example.com/webhook",
+			},
+		})
+		assert.Equal(t, http.StatusUnprocessableEntity, ctx.Resp.WrittenStatus())
+	})
+
+	t.Run("Test Validation with empty content type", func(t *testing.T) {
+		ctx, _ := contexttest.MockAPIContext(t, "user2/repo1/hooks")
+		contexttest.LoadRepo(t, ctx, 1)
+		contexttest.LoadRepoCommit(t, ctx)
+		contexttest.LoadUser(t, ctx, 2)
+
+		checkCreateHookOption(ctx, &structs.CreateHookOption{
+			Type: "unknown",
+			Config: map[string]string{
+				"url": "https://example.com/webhook",
+			},
+		})
+		assert.Equal(t, http.StatusUnprocessableEntity, ctx.Resp.WrittenStatus())
+	})
+}
diff --git a/routers/api/v1/utils/main_test.go b/routers/api/v1/utils/main_test.go
new file mode 100644
index 0000000000..4eace1f369
--- /dev/null
+++ b/routers/api/v1/utils/main_test.go
@@ -0,0 +1,21 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package utils
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/setting"
+	webhook_service "code.gitea.io/gitea/services/webhook"
+)
+
+func TestMain(m *testing.M) {
+	unittest.MainTest(m, &unittest.TestOptions{
+		SetUp: func() error {
+			setting.LoadQueueSettings()
+			return webhook_service.Init()
+		},
+	})
+}
diff --git a/routers/common/actions.go b/routers/common/actions.go
new file mode 100644
index 0000000000..a4eabb6ba2
--- /dev/null
+++ b/routers/common/actions.go
@@ -0,0 +1,71 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"fmt"
+	"strings"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/actions"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/context"
+)
+
+func DownloadActionsRunJobLogsWithIndex(ctx *context.Base, ctxRepo *repo_model.Repository, runID, jobIndex int64) error {
+	runJobs, err := actions_model.GetRunJobsByRunID(ctx, runID)
+	if err != nil {
+		return fmt.Errorf("GetRunJobsByRunID: %w", err)
+	}
+	if err = runJobs.LoadRepos(ctx); err != nil {
+		return fmt.Errorf("LoadRepos: %w", err)
+	}
+	if jobIndex < 0 || jobIndex >= int64(len(runJobs)) {
+		return util.NewNotExistErrorf("job index is out of range: %d", jobIndex)
+	}
+	return DownloadActionsRunJobLogs(ctx, ctxRepo, runJobs[jobIndex])
+}
+
+func DownloadActionsRunJobLogs(ctx *context.Base, ctxRepo *repo_model.Repository, curJob *actions_model.ActionRunJob) error {
+	if curJob.Repo.ID != ctxRepo.ID {
+		return util.NewNotExistErrorf("job not found")
+	}
+
+	if curJob.TaskID == 0 {
+		return util.NewNotExistErrorf("job not started")
+	}
+
+	if err := curJob.LoadRun(ctx); err != nil {
+		return fmt.Errorf("LoadRun: %w", err)
+	}
+
+	task, err := actions_model.GetTaskByID(ctx, curJob.TaskID)
+	if err != nil {
+		return fmt.Errorf("GetTaskByID: %w", err)
+	}
+
+	if task.LogExpired {
+		return util.NewNotExistErrorf("logs have been cleaned up")
+	}
+
+	reader, err := actions.OpenLogs(ctx, task.LogInStorage, task.LogFilename)
+	if err != nil {
+		return fmt.Errorf("OpenLogs: %w", err)
+	}
+	defer reader.Close()
+
+	workflowName := curJob.Run.WorkflowID
+	if p := strings.Index(workflowName, "."); p > 0 {
+		workflowName = workflowName[0:p]
+	}
+	ctx.ServeContent(reader, &context.ServeHeaderOptions{
+		Filename:           fmt.Sprintf("%v-%v-%v.log", workflowName, curJob.Name, task.ID),
+		ContentLength:      &task.LogSize,
+		ContentType:        "text/plain",
+		ContentTypeCharset: "utf-8",
+		Disposition:        "attachment",
+	})
+	return nil
+}
diff --git a/routers/common/blockexpensive.go b/routers/common/blockexpensive.go
new file mode 100644
index 0000000000..f52aa2b709
--- /dev/null
+++ b/routers/common/blockexpensive.go
@@ -0,0 +1,90 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"net/http"
+	"strings"
+
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/reqctx"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/web/middleware"
+
+	"github.com/go-chi/chi/v5"
+)
+
+func BlockExpensive() func(next http.Handler) http.Handler {
+	if !setting.Service.BlockAnonymousAccessExpensive {
+		return nil
+	}
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+			ret := determineRequestPriority(reqctx.FromContext(req.Context()))
+			if !ret.SignedIn {
+				if ret.Expensive || ret.LongPolling {
+					http.Redirect(w, req, setting.AppSubURL+"/user/login", http.StatusSeeOther)
+					return
+				}
+			}
+			next.ServeHTTP(w, req)
+		})
+	}
+}
+
+func isRoutePathExpensive(routePattern string) bool {
+	if strings.HasPrefix(routePattern, "/user/") || strings.HasPrefix(routePattern, "/login/") {
+		return false
+	}
+
+	expensivePaths := []string{
+		// code related
+		"/{username}/{reponame}/archive/",
+		"/{username}/{reponame}/blame/",
+		"/{username}/{reponame}/commit/",
+		"/{username}/{reponame}/commits/",
+		"/{username}/{reponame}/graph",
+		"/{username}/{reponame}/media/",
+		"/{username}/{reponame}/raw/",
+		"/{username}/{reponame}/src/",
+
+		// issue & PR related (no trailing slash)
+		"/{username}/{reponame}/issues",
+		"/{username}/{reponame}/{type:issues}",
+		"/{username}/{reponame}/pulls",
+		"/{username}/{reponame}/{type:pulls}",
+
+		// wiki
+		"/{username}/{reponame}/wiki/",
+
+		// activity
+		"/{username}/{reponame}/activity/",
+	}
+	for _, path := range expensivePaths {
+		if strings.HasPrefix(routePattern, path) {
+			return true
+		}
+	}
+	return false
+}
+
+func isRoutePathForLongPolling(routePattern string) bool {
+	return routePattern == "/user/events"
+}
+
+func determineRequestPriority(reqCtx reqctx.RequestContext) (ret struct {
+	SignedIn    bool
+	Expensive   bool
+	LongPolling bool
+},
+) {
+	chiRoutePath := chi.RouteContext(reqCtx).RoutePattern()
+	if _, ok := reqCtx.GetData()[middleware.ContextDataKeySignedUser].(*user_model.User); ok {
+		ret.SignedIn = true
+	} else {
+		ret.Expensive = isRoutePathExpensive(chiRoutePath)
+		ret.LongPolling = isRoutePathForLongPolling(chiRoutePath)
+	}
+	return ret
+}
diff --git a/routers/common/blockexpensive_test.go b/routers/common/blockexpensive_test.go
new file mode 100644
index 0000000000..db5c0db7dd
--- /dev/null
+++ b/routers/common/blockexpensive_test.go
@@ -0,0 +1,30 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestBlockExpensive(t *testing.T) {
+	cases := []struct {
+		expensive bool
+		routePath string
+	}{
+		{false, "/user/xxx"},
+		{false, "/login/xxx"},
+		{true, "/{username}/{reponame}/archive/xxx"},
+		{true, "/{username}/{reponame}/graph"},
+		{true, "/{username}/{reponame}/src/xxx"},
+		{true, "/{username}/{reponame}/wiki/xxx"},
+		{true, "/{username}/{reponame}/activity/xxx"},
+	}
+	for _, c := range cases {
+		assert.Equal(t, c.expensive, isRoutePathExpensive(c.routePath), "routePath: %s", c.routePath)
+	}
+
+	assert.True(t, isRoutePathForLongPolling("/user/events"))
+}
diff --git a/routers/common/db.go b/routers/common/db.go
index cb163c867d..01c0261427 100644
--- a/routers/common/db.go
+++ b/routers/common/db.go
@@ -5,7 +5,7 @@ package common
 
 import (
 	"context"
-	"fmt"
+	"errors"
 	"time"
 
 	"code.gitea.io/gitea/models/db"
@@ -25,7 +25,7 @@ func InitDBEngine(ctx context.Context) (err error) {
 	for i := 0; i < setting.Database.DBConnectRetries; i++ {
 		select {
 		case <-ctx.Done():
-			return fmt.Errorf("Aborted due to shutdown:\nin retry ORM engine initialization")
+			return errors.New("Aborted due to shutdown:\nin retry ORM engine initialization")
 		default:
 		}
 		log.Info("ORM engine initialization attempt #%d/%d...", i+1, setting.Database.DBConnectRetries)
diff --git a/routers/common/markup.go b/routers/common/markup.go
index 60bf0dba54..00b2dd07c6 100644
--- a/routers/common/markup.go
+++ b/routers/common/markup.go
@@ -76,7 +76,11 @@ func RenderMarkup(ctx *context.Base, ctxRepo *context.Repository, mode, text, ur
 		})
 		rctx = rctx.WithMarkupType(markdown.MarkupName)
 	case "comment":
-		rctx = renderhelper.NewRenderContextRepoComment(ctx, repoModel, renderhelper.RepoCommentOptions{DeprecatedOwnerName: repoOwnerName, DeprecatedRepoName: repoName})
+		rctx = renderhelper.NewRenderContextRepoComment(ctx, repoModel, renderhelper.RepoCommentOptions{
+			DeprecatedOwnerName: repoOwnerName,
+			DeprecatedRepoName:  repoName,
+			FootnoteContextID:   "preview",
+		})
 		rctx = rctx.WithMarkupType(markdown.MarkupName)
 	case "wiki":
 		rctx = renderhelper.NewRenderContextRepoWiki(ctx, repoModel, renderhelper.RepoWikiOptions{DeprecatedOwnerName: repoOwnerName, DeprecatedRepoName: repoName})
@@ -88,7 +92,7 @@ func RenderMarkup(ctx *context.Base, ctxRepo *context.Repository, mode, text, ur
 		})
 		rctx = rctx.WithMarkupType("").WithRelativePath(filePath) // render the repo file content by its extension
 	default:
-		ctx.HTTPError(http.StatusUnprocessableEntity, fmt.Sprintf("Unknown mode: %s", mode))
+		ctx.HTTPError(http.StatusUnprocessableEntity, "Unknown mode: "+mode)
 		return
 	}
 	rctx = rctx.WithUseAbsoluteLink(true)
diff --git a/routers/common/pagetmpl.go b/routers/common/pagetmpl.go
new file mode 100644
index 0000000000..c48596d48b
--- /dev/null
+++ b/routers/common/pagetmpl.go
@@ -0,0 +1,83 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	goctx "context"
+	"errors"
+	"sync"
+
+	activities_model "code.gitea.io/gitea/models/activities"
+	"code.gitea.io/gitea/models/db"
+	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/services/context"
+)
+
+// StopwatchTmplInfo is a view on a stopwatch specifically for template rendering
+type StopwatchTmplInfo struct {
+	IssueLink  string
+	RepoSlug   string
+	IssueIndex int64
+	Seconds    int64
+}
+
+func getActiveStopwatch(ctx *context.Context) *StopwatchTmplInfo {
+	if ctx.Doer == nil {
+		return nil
+	}
+
+	_, sw, issue, err := issues_model.HasUserStopwatch(ctx, ctx.Doer.ID)
+	if err != nil {
+		if !errors.Is(err, goctx.Canceled) {
+			log.Error("Unable to HasUserStopwatch for user:%-v: %v", ctx.Doer, err)
+		}
+		return nil
+	}
+
+	if sw == nil || sw.ID == 0 {
+		return nil
+	}
+
+	return &StopwatchTmplInfo{
+		issue.Link(),
+		issue.Repo.FullName(),
+		issue.Index,
+		sw.Seconds() + 1, // ensure time is never zero in ui
+	}
+}
+
+func notificationUnreadCount(ctx *context.Context) int64 {
+	if ctx.Doer == nil {
+		return 0
+	}
+	count, err := db.Count[activities_model.Notification](ctx, activities_model.FindNotificationOptions{
+		UserID: ctx.Doer.ID,
+		Status: []activities_model.NotificationStatus{activities_model.NotificationStatusUnread},
+	})
+	if err != nil {
+		if !errors.Is(err, goctx.Canceled) {
+			log.Error("Unable to find notification for user:%-v: %v", ctx.Doer, err)
+		}
+		return 0
+	}
+	return count
+}
+
+type pageGlobalDataType struct {
+	IsSigned    bool
+	IsSiteAdmin bool
+
+	GetNotificationUnreadCount func() int64
+	GetActiveStopwatch         func() *StopwatchTmplInfo
+}
+
+func PageGlobalData(ctx *context.Context) {
+	var data pageGlobalDataType
+	data.IsSigned = ctx.Doer != nil
+	data.IsSiteAdmin = ctx.Doer != nil && ctx.Doer.IsAdmin
+	data.GetNotificationUnreadCount = sync.OnceValue(func() int64 { return notificationUnreadCount(ctx) })
+	data.GetActiveStopwatch = sync.OnceValue(func() *StopwatchTmplInfo { return getActiveStopwatch(ctx) })
+	ctx.Data["PageGlobalData"] = data
+}
diff --git a/routers/common/qos.go b/routers/common/qos.go
new file mode 100644
index 0000000000..e50fbe4f69
--- /dev/null
+++ b/routers/common/qos.go
@@ -0,0 +1,145 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"strings"
+
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/web/middleware"
+	giteacontext "code.gitea.io/gitea/services/context"
+
+	"github.com/bohde/codel"
+	"github.com/go-chi/chi/v5"
+)
+
+const tplStatus503 templates.TplName = "status/503"
+
+type Priority int
+
+func (p Priority) String() string {
+	switch p {
+	case HighPriority:
+		return "high"
+	case DefaultPriority:
+		return "default"
+	case LowPriority:
+		return "low"
+	default:
+		return fmt.Sprintf("%d", p)
+	}
+}
+
+const (
+	LowPriority     = Priority(-10)
+	DefaultPriority = Priority(0)
+	HighPriority    = Priority(10)
+)
+
+// QoS implements quality of service for requests, based upon whether
+// or not the user is logged in. All traffic may get dropped, and
+// anonymous users are deprioritized.
+func QoS() func(next http.Handler) http.Handler {
+	if !setting.Service.QoS.Enabled {
+		return nil
+	}
+
+	maxOutstanding := setting.Service.QoS.MaxInFlightRequests
+	if maxOutstanding <= 0 {
+		maxOutstanding = 10
+	}
+
+	c := codel.NewPriority(codel.Options{
+		// The maximum number of waiting requests.
+		MaxPending: setting.Service.QoS.MaxWaitingRequests,
+		// The maximum number of in-flight requests.
+		MaxOutstanding: maxOutstanding,
+		// The target latency that a blocked request should wait
+		// for. After this, it might be dropped.
+		TargetLatency: setting.Service.QoS.TargetWaitTime,
+	})
+
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+			ctx := req.Context()
+
+			priority := requestPriority(ctx)
+
+			// Check if the request can begin processing.
+			err := c.Acquire(ctx, int(priority))
+			if err != nil {
+				log.Error("QoS error, dropping request of priority %s: %v", priority, err)
+				renderServiceUnavailable(w, req)
+				return
+			}
+
+			// Release long-polling immediately, so they don't always
+			// take up an in-flight request
+			if strings.Contains(req.URL.Path, "/user/events") {
+				c.Release()
+			} else {
+				defer c.Release()
+			}
+
+			next.ServeHTTP(w, req)
+		})
+	}
+}
+
+// requestPriority assigns a priority value for a request based upon
+// whether the user is logged in and how expensive the endpoint is
+func requestPriority(ctx context.Context) Priority {
+	// If the user is logged in, assign high priority.
+	data := middleware.GetContextData(ctx)
+	if _, ok := data[middleware.ContextDataKeySignedUser].(*user_model.User); ok {
+		return HighPriority
+	}
+
+	rctx := chi.RouteContext(ctx)
+	if rctx == nil {
+		return DefaultPriority
+	}
+
+	// If we're operating in the context of a repo, assign low priority
+	routePattern := rctx.RoutePattern()
+	if strings.HasPrefix(routePattern, "/{username}/{reponame}/") {
+		return LowPriority
+	}
+
+	return DefaultPriority
+}
+
+// renderServiceUnavailable will render an HTTP 503 Service
+// Unavailable page, providing HTML if the client accepts it.
+func renderServiceUnavailable(w http.ResponseWriter, req *http.Request) {
+	acceptsHTML := false
+	for _, part := range req.Header["Accept"] {
+		if strings.Contains(part, "text/html") {
+			acceptsHTML = true
+			break
+		}
+	}
+
+	// If the client doesn't accept HTML, then render a plain text response
+	if !acceptsHTML {
+		http.Error(w, "503 Service Unavailable", http.StatusServiceUnavailable)
+		return
+	}
+
+	tmplCtx := giteacontext.TemplateContext{}
+	tmplCtx["Locale"] = middleware.Locale(w, req)
+	ctxData := middleware.GetContextData(req.Context())
+	err := templates.HTMLRenderer().HTML(w, http.StatusServiceUnavailable, tplStatus503, ctxData, tmplCtx)
+	if err != nil {
+		log.Error("Error occurs again when rendering service unavailable page: %v", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		_, _ = w.Write([]byte("Internal server error, please collect error logs and report to Gitea issue tracker"))
+	}
+}
diff --git a/routers/common/qos_test.go b/routers/common/qos_test.go
new file mode 100644
index 0000000000..850a5f51db
--- /dev/null
+++ b/routers/common/qos_test.go
@@ -0,0 +1,91 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"net/http"
+	"testing"
+
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/contexttest"
+
+	"github.com/go-chi/chi/v5"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestRequestPriority(t *testing.T) {
+	type test struct {
+		Name         string
+		User         *user_model.User
+		RoutePattern string
+		Expected     Priority
+	}
+
+	cases := []test{
+		{
+			Name:     "Logged In",
+			User:     &user_model.User{},
+			Expected: HighPriority,
+		},
+		{
+			Name:         "Sign In",
+			RoutePattern: "/user/login",
+			Expected:     DefaultPriority,
+		},
+		{
+			Name:         "Repo Home",
+			RoutePattern: "/{username}/{reponame}",
+			Expected:     DefaultPriority,
+		},
+		{
+			Name:         "User Repo",
+			RoutePattern: "/{username}/{reponame}/src/branch/main",
+			Expected:     LowPriority,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.Name, func(t *testing.T) {
+			ctx, _ := contexttest.MockContext(t, "")
+
+			if tc.User != nil {
+				data := middleware.GetContextData(ctx)
+				data[middleware.ContextDataKeySignedUser] = tc.User
+			}
+
+			rctx := chi.RouteContext(ctx)
+			rctx.RoutePatterns = []string{tc.RoutePattern}
+
+			assert.Exactly(t, tc.Expected, requestPriority(ctx))
+		})
+	}
+}
+
+func TestRenderServiceUnavailable(t *testing.T) {
+	t.Run("HTML", func(t *testing.T) {
+		ctx, resp := contexttest.MockContext(t, "")
+		ctx.Req.Header.Set("Accept", "text/html")
+
+		renderServiceUnavailable(resp, ctx.Req)
+		assert.Equal(t, http.StatusServiceUnavailable, resp.Code)
+		assert.Contains(t, resp.Header().Get("Content-Type"), "text/html")
+
+		body := resp.Body.String()
+		assert.Contains(t, body, `lang="en-US"`)
+		assert.Contains(t, body, "503 Service Unavailable")
+	})
+
+	t.Run("plain", func(t *testing.T) {
+		ctx, resp := contexttest.MockContext(t, "")
+		ctx.Req.Header.Set("Accept", "text/plain")
+
+		renderServiceUnavailable(resp, ctx.Req)
+		assert.Equal(t, http.StatusServiceUnavailable, resp.Code)
+		assert.Contains(t, resp.Header().Get("Content-Type"), "text/plain")
+
+		body := resp.Body.String()
+		assert.Contains(t, body, "503 Service Unavailable")
+	})
+}
diff --git a/routers/install/install.go b/routers/install/install.go
index b81a5680d3..dc8f209f3b 100644
--- a/routers/install/install.go
+++ b/routers/install/install.go
@@ -5,12 +5,12 @@
 package install
 
 import (
-	"fmt"
 	"net/http"
 	"net/mail"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"slices"
 	"strconv"
 	"strings"
 	"time"
@@ -99,14 +99,7 @@ func Install(ctx *context.Context) {
 	form.SSLMode = setting.Database.SSLMode
 
 	curDBType := setting.Database.Type.String()
-	var isCurDBTypeSupported bool
-	for _, dbType := range setting.SupportedDatabaseTypes {
-		if dbType == curDBType {
-			isCurDBTypeSupported = true
-			break
-		}
-	}
-	if !isCurDBTypeSupported {
+	if !slices.Contains(setting.SupportedDatabaseTypes, curDBType) {
 		curDBType = "mysql"
 	}
 	ctx.Data["CurDbType"] = curDBType
@@ -151,7 +144,7 @@ func Install(ctx *context.Context) {
 	form.DisableRegistration = setting.Service.DisableRegistration
 	form.AllowOnlyExternalRegistration = setting.Service.AllowOnlyExternalRegistration
 	form.EnableCaptcha = setting.Service.EnableCaptcha
-	form.RequireSignInView = setting.Service.RequireSignInView
+	form.RequireSignInView = setting.Service.RequireSignInViewStrict
 	form.DefaultKeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
 	form.DefaultAllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization
 	form.DefaultEnableTimetracking = setting.Service.DefaultEnableTimetracking
@@ -398,7 +391,7 @@ func SubmitInstall(ctx *context.Context) {
 		cfg.Section("server").Key("DISABLE_SSH").SetValue("true")
 	} else {
 		cfg.Section("server").Key("DISABLE_SSH").SetValue("false")
-		cfg.Section("server").Key("SSH_PORT").SetValue(fmt.Sprint(form.SSHPort))
+		cfg.Section("server").Key("SSH_PORT").SetValue(strconv.Itoa(form.SSHPort))
 	}
 
 	if form.LFSRootPath != "" {
@@ -429,10 +422,10 @@ func SubmitInstall(ctx *context.Context) {
 	} else {
 		cfg.Section("mailer").Key("ENABLED").SetValue("false")
 	}
-	cfg.Section("service").Key("REGISTER_EMAIL_CONFIRM").SetValue(fmt.Sprint(form.RegisterConfirm))
-	cfg.Section("service").Key("ENABLE_NOTIFY_MAIL").SetValue(fmt.Sprint(form.MailNotify))
+	cfg.Section("service").Key("REGISTER_EMAIL_CONFIRM").SetValue(strconv.FormatBool(form.RegisterConfirm))
+	cfg.Section("service").Key("ENABLE_NOTIFY_MAIL").SetValue(strconv.FormatBool(form.MailNotify))
 
-	cfg.Section("server").Key("OFFLINE_MODE").SetValue(fmt.Sprint(form.OfflineMode))
+	cfg.Section("server").Key("OFFLINE_MODE").SetValue(strconv.FormatBool(form.OfflineMode))
 	if err := system_model.SetSettings(ctx, map[string]string{
 		setting.Config().Picture.DisableGravatar.DynKey():       strconv.FormatBool(form.DisableGravatar),
 		setting.Config().Picture.EnableFederatedAvatar.DynKey(): strconv.FormatBool(form.EnableFederatedAvatar),
@@ -441,17 +434,17 @@ func SubmitInstall(ctx *context.Context) {
 		return
 	}
 
-	cfg.Section("openid").Key("ENABLE_OPENID_SIGNIN").SetValue(fmt.Sprint(form.EnableOpenIDSignIn))
-	cfg.Section("openid").Key("ENABLE_OPENID_SIGNUP").SetValue(fmt.Sprint(form.EnableOpenIDSignUp))
-	cfg.Section("service").Key("DISABLE_REGISTRATION").SetValue(fmt.Sprint(form.DisableRegistration))
-	cfg.Section("service").Key("ALLOW_ONLY_EXTERNAL_REGISTRATION").SetValue(fmt.Sprint(form.AllowOnlyExternalRegistration))
-	cfg.Section("service").Key("ENABLE_CAPTCHA").SetValue(fmt.Sprint(form.EnableCaptcha))
-	cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").SetValue(fmt.Sprint(form.RequireSignInView))
-	cfg.Section("service").Key("DEFAULT_KEEP_EMAIL_PRIVATE").SetValue(fmt.Sprint(form.DefaultKeepEmailPrivate))
-	cfg.Section("service").Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").SetValue(fmt.Sprint(form.DefaultAllowCreateOrganization))
-	cfg.Section("service").Key("DEFAULT_ENABLE_TIMETRACKING").SetValue(fmt.Sprint(form.DefaultEnableTimetracking))
-	cfg.Section("service").Key("NO_REPLY_ADDRESS").SetValue(fmt.Sprint(form.NoReplyAddress))
-	cfg.Section("cron.update_checker").Key("ENABLED").SetValue(fmt.Sprint(form.EnableUpdateChecker))
+	cfg.Section("openid").Key("ENABLE_OPENID_SIGNIN").SetValue(strconv.FormatBool(form.EnableOpenIDSignIn))
+	cfg.Section("openid").Key("ENABLE_OPENID_SIGNUP").SetValue(strconv.FormatBool(form.EnableOpenIDSignUp))
+	cfg.Section("service").Key("DISABLE_REGISTRATION").SetValue(strconv.FormatBool(form.DisableRegistration))
+	cfg.Section("service").Key("ALLOW_ONLY_EXTERNAL_REGISTRATION").SetValue(strconv.FormatBool(form.AllowOnlyExternalRegistration))
+	cfg.Section("service").Key("ENABLE_CAPTCHA").SetValue(strconv.FormatBool(form.EnableCaptcha))
+	cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").SetValue(strconv.FormatBool(form.RequireSignInView))
+	cfg.Section("service").Key("DEFAULT_KEEP_EMAIL_PRIVATE").SetValue(strconv.FormatBool(form.DefaultKeepEmailPrivate))
+	cfg.Section("service").Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").SetValue(strconv.FormatBool(form.DefaultAllowCreateOrganization))
+	cfg.Section("service").Key("DEFAULT_ENABLE_TIMETRACKING").SetValue(strconv.FormatBool(form.DefaultEnableTimetracking))
+	cfg.Section("service").Key("NO_REPLY_ADDRESS").SetValue(form.NoReplyAddress)
+	cfg.Section("cron.update_checker").Key("ENABLED").SetValue(strconv.FormatBool(form.EnableUpdateChecker))
 
 	cfg.Section("session").Key("PROVIDER").SetValue("file")
 
@@ -607,6 +600,8 @@ func SubmitInstall(ctx *context.Context) {
 
 // InstallDone shows the "post-install" page, makes it easier to develop the page.
 // The name is not called as "PostInstall" to avoid misinterpretation as a handler for "POST /install"
-func InstallDone(ctx *context.Context) { //nolint
+func InstallDone(ctx *context.Context) { //nolint:revive // export stutter
+	hasUsers, _ := user_model.HasUsers(ctx)
+	ctx.Data["IsAccountCreated"] = hasUsers.HasAnyUser
 	ctx.HTML(http.StatusOK, tplPostInstall)
 }
diff --git a/routers/install/routes.go b/routers/install/routes.go
index 7309a405d4..bc7a0eb48c 100644
--- a/routers/install/routes.go
+++ b/routers/install/routes.go
@@ -36,7 +36,7 @@ func Routes() *web.Router {
 
 func installNotFound(w http.ResponseWriter, req *http.Request) {
 	w.Header().Add("Content-Type", "text/html; charset=utf-8")
-	w.Header().Add("Refresh", fmt.Sprintf("1; url=%s", setting.AppSubURL+"/"))
+	w.Header().Add("Refresh", "1; url="+setting.AppSubURL+"/")
 	// do not use 30x status, because the "post-install" page needs to use 404/200 to detect if Gitea has been installed.
 	// the fetch API could follow 30x requests to the page with 200 status.
 	w.WriteHeader(http.StatusNotFound)
diff --git a/routers/install/routes_test.go b/routers/install/routes_test.go
index 2aa7f5d7b7..e8902ba3f1 100644
--- a/routers/install/routes_test.go
+++ b/routers/install/routes_test.go
@@ -4,6 +4,7 @@
 package install
 
 import (
+	"net/http"
 	"net/http/httptest"
 	"testing"
 
@@ -17,20 +18,20 @@ func TestRoutes(t *testing.T) {
 	assert.NotNil(t, r)
 
 	w := httptest.NewRecorder()
-	req := httptest.NewRequest("GET", "/", nil)
+	req := httptest.NewRequest(http.MethodGet, "/", nil)
 	r.ServeHTTP(w, req)
-	assert.EqualValues(t, 200, w.Code)
+	assert.Equal(t, 200, w.Code)
 	assert.Contains(t, w.Body.String(), `class="page-content install"`)
 
 	w = httptest.NewRecorder()
-	req = httptest.NewRequest("GET", "/no-such", nil)
+	req = httptest.NewRequest(http.MethodGet, "/no-such", nil)
 	r.ServeHTTP(w, req)
-	assert.EqualValues(t, 404, w.Code)
+	assert.Equal(t, 404, w.Code)
 
 	w = httptest.NewRecorder()
-	req = httptest.NewRequest("GET", "/assets/img/gitea.svg", nil)
+	req = httptest.NewRequest(http.MethodGet, "/assets/img/gitea.svg", nil)
 	r.ServeHTTP(w, req)
-	assert.EqualValues(t, 200, w.Code)
+	assert.Equal(t, 200, w.Code)
 }
 
 func TestMain(m *testing.M) {
diff --git a/routers/private/hook_post_receive.go b/routers/private/hook_post_receive.go
index dba6aef9a3..e8bef7d6c1 100644
--- a/routers/private/hook_post_receive.go
+++ b/routers/private/hook_post_receive.go
@@ -14,6 +14,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/cachegroup"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
@@ -206,25 +207,19 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
 			return
 		}
 
-		cols := make([]string, 0, 2)
-
-		if isPrivate.Has() {
+		// FIXME: these options are not quite right, for example: changing visibility should do more works than just setting the is_private flag
+		// These options should only be used for "push-to-create"
+		if isPrivate.Has() && repo.IsPrivate != isPrivate.Value() {
+			// TODO: it needs to do more work
 			repo.IsPrivate = isPrivate.Value()
-			cols = append(cols, "is_private")
+			if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_private"); err != nil {
+				ctx.JSON(http.StatusInternalServerError, private.HookPostReceiveResult{Err: "Failed to change visibility"})
+			}
 		}
-
-		if isTemplate.Has() {
+		if isTemplate.Has() && repo.IsTemplate != isTemplate.Value() {
 			repo.IsTemplate = isTemplate.Value()
-			cols = append(cols, "is_template")
-		}
-
-		if len(cols) > 0 {
-			if err := repo_model.UpdateRepositoryCols(ctx, repo, cols...); err != nil {
-				log.Error("Failed to Update: %s/%s Error: %v", ownerName, repoName, err)
-				ctx.JSON(http.StatusInternalServerError, private.HookPostReceiveResult{
-					Err: fmt.Sprintf("Failed to Update: %s/%s Error: %v", ownerName, repoName, err),
-				})
-				return
+			if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_template"); err != nil {
+				ctx.JSON(http.StatusInternalServerError, private.HookPostReceiveResult{Err: "Failed to change template status"})
 			}
 		}
 	}
@@ -303,14 +298,11 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
 			}
 
 			if pr == nil {
-				if repo.IsFork {
-					branch = fmt.Sprintf("%s:%s", repo.OwnerName, branch)
-				}
 				results = append(results, private.HookPostReceiveBranchResult{
 					Message: setting.Git.PullRequestPushMessage && baseRepo.AllowsPulls(ctx),
 					Create:  true,
 					Branch:  branch,
-					URL:     fmt.Sprintf("%s/compare/%s...%s", baseRepo.HTMLURL(), util.PathEscapeSegments(baseRepo.DefaultBranch), util.PathEscapeSegments(branch)),
+					URL:     fmt.Sprintf("%s/pulls/new/%s", repo.HTMLURL(), util.PathEscapeSegments(branch)),
 				})
 			} else {
 				results = append(results, private.HookPostReceiveBranchResult{
@@ -329,9 +321,7 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
 }
 
 func loadContextCacheUser(ctx context.Context, id int64) (*user_model.User, error) {
-	return cache.GetWithContextCache(ctx, "hook_post_receive_user", id, func() (*user_model.User, error) {
-		return user_model.GetUserByID(ctx, id)
-	})
+	return cache.GetWithContextCache(ctx, cachegroup.User, id, user_model.GetUserByID)
 }
 
 // handlePullRequestMerging handle pull request merging, a pull request action should push at least 1 commit
diff --git a/routers/private/hook_post_receive_test.go b/routers/private/hook_post_receive_test.go
index 34722f910d..ca721b16d1 100644
--- a/routers/private/hook_post_receive_test.go
+++ b/routers/private/hook_post_receive_test.go
@@ -43,7 +43,7 @@ func TestHandlePullRequestMerging(t *testing.T) {
 	pr, err = issues_model.GetPullRequestByID(db.DefaultContext, pr.ID)
 	assert.NoError(t, err)
 	assert.True(t, pr.HasMerged)
-	assert.EqualValues(t, "01234567", pr.MergedCommitID)
+	assert.Equal(t, "01234567", pr.MergedCommitID)
 
 	unittest.AssertNotExistsBean(t, &pull_model.AutoMerge{ID: autoMerge.ID})
 }
diff --git a/routers/private/hook_pre_receive.go b/routers/private/hook_pre_receive.go
index ae23abc542..dd9d0bc15e 100644
--- a/routers/private/hook_pre_receive.go
+++ b/routers/private/hook_pre_receive.go
@@ -4,6 +4,7 @@
 package private
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"os"
@@ -311,13 +312,13 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
 			if isForcePush {
 				log.Warn("Forbidden: User %d is not allowed to force-push to protected branch: %s in %-v", ctx.opts.UserID, branchName, repo)
 				ctx.JSON(http.StatusForbidden, private.Response{
-					UserMsg: fmt.Sprintf("Not allowed to force-push to protected branch %s", branchName),
+					UserMsg: "Not allowed to force-push to protected branch " + branchName,
 				})
 				return
 			}
 			log.Warn("Forbidden: User %d is not allowed to push to protected branch: %s in %-v", ctx.opts.UserID, branchName, repo)
 			ctx.JSON(http.StatusForbidden, private.Response{
-				UserMsg: fmt.Sprintf("Not allowed to push to protected branch %s", branchName),
+				UserMsg: "Not allowed to push to protected branch " + branchName,
 			})
 			return
 		}
@@ -353,7 +354,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
 		if !allowedMerge {
 			log.Warn("Forbidden: User %d is not allowed to push to protected branch: %s in %-v and is not allowed to merge pr #%d", ctx.opts.UserID, branchName, repo, pr.Index)
 			ctx.JSON(http.StatusForbidden, private.Response{
-				UserMsg: fmt.Sprintf("Not allowed to push to protected branch %s", branchName),
+				UserMsg: "Not allowed to push to protected branch " + branchName,
 			})
 			return
 		}
@@ -374,7 +375,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
 
 		// Check all status checks and reviews are ok
 		if err := pull_service.CheckPullBranchProtections(ctx, pr, true); err != nil {
-			if pull_service.IsErrDisallowedToMerge(err) {
+			if errors.Is(err, pull_service.ErrNotReadyToMerge) {
 				log.Warn("Forbidden: User %d is not allowed push to protected branch %s in %-v and pr #%d is not ready to be merged: %s", ctx.opts.UserID, branchName, repo, pr.Index, err.Error())
 				ctx.JSON(http.StatusForbidden, private.Response{
 					UserMsg: fmt.Sprintf("Not allowed to push to protected branch %s and pr #%d is not ready to be merged: %s", branchName, ctx.opts.PullRequestID, err.Error()),
@@ -447,10 +448,7 @@ func preReceiveFor(ctx *preReceiveContext, refFullName git.RefName) {
 
 	baseBranchName := refFullName.ForBranchName()
 
-	baseBranchExist := false
-	if gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, baseBranchName) {
-		baseBranchExist = true
-	}
+	baseBranchExist := gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, baseBranchName)
 
 	if !baseBranchExist {
 		for p, v := range baseBranchName {
diff --git a/routers/private/hook_verification.go b/routers/private/hook_verification.go
index 7c06cf8557..57d0964ead 100644
--- a/routers/private/hook_verification.go
+++ b/routers/private/hook_verification.go
@@ -6,7 +6,6 @@ package private
 import (
 	"bufio"
 	"context"
-	"fmt"
 	"io"
 	"os"
 
@@ -113,7 +112,7 @@ type errUnverifiedCommit struct {
 }
 
 func (e *errUnverifiedCommit) Error() string {
-	return fmt.Sprintf("Unverified commit: %s", e.sha)
+	return "Unverified commit: " + e.sha
 }
 
 func isErrUnverifiedCommit(err error) bool {
diff --git a/routers/private/hook_verification_test.go b/routers/private/hook_verification_test.go
index f6c2e1087f..8653e34daa 100644
--- a/routers/private/hook_verification_test.go
+++ b/routers/private/hook_verification_test.go
@@ -18,7 +18,9 @@ func TestVerifyCommits(t *testing.T) {
 	unittest.PrepareTestEnv(t)
 
 	gitRepo, err := git.OpenRepository(t.Context(), testReposDir+"repo1_hook_verification")
-	defer gitRepo.Close()
+	if err != nil {
+		defer gitRepo.Close()
+	}
 	assert.NoError(t, err)
 
 	objectFormat, err := gitRepo.GetObjectFormat()
diff --git a/routers/private/manager.go b/routers/private/manager.go
index c712bbcf21..00e52d6511 100644
--- a/routers/private/manager.go
+++ b/routers/private/manager.go
@@ -180,7 +180,7 @@ func AddLogger(ctx *context.PrivateContext) {
 		writerOption.Addr, _ = opts.Config["address"].(string)
 		writerMode.WriterOption = writerOption
 	default:
-		panic(fmt.Sprintf("invalid log writer mode: %s", writerType))
+		panic("invalid log writer mode: " + writerType)
 	}
 	writer, err := log.NewEventWriter(opts.Writer, writerType, writerMode)
 	if err != nil {
diff --git a/routers/private/serv.go b/routers/private/serv.go
index ecff3b7a53..b879be0dc2 100644
--- a/routers/private/serv.go
+++ b/routers/private/serv.go
@@ -81,6 +81,7 @@ func ServCommand(ctx *context.PrivateContext) {
 	ownerName := ctx.PathParam("owner")
 	repoName := ctx.PathParam("repo")
 	mode := perm.AccessMode(ctx.FormInt("mode"))
+	verb := ctx.FormString("verb")
 
 	// Set the basic parts of the results to return
 	results := private.ServCommandResults{
@@ -286,7 +287,7 @@ func ServCommand(ctx *context.PrivateContext) {
 			repo.IsPrivate ||
 			owner.Visibility.IsPrivate() ||
 			(user != nil && user.IsRestricted) || // user will be nil if the key is a deploykey
-			setting.Service.RequireSignInView) {
+			setting.Service.RequireSignInViewStrict) {
 		if key.Type == asymkey_model.KeyTypeDeploy {
 			if deployKey.Mode < mode {
 				ctx.JSON(http.StatusUnauthorized, private.Response{
@@ -295,8 +296,11 @@ func ServCommand(ctx *context.PrivateContext) {
 				return
 			}
 		} else {
-			// Because of the special ref "refs/for" we will need to delay write permission check
-			if git.DefaultFeatures().SupportProcReceive && unitType == unit.TypeCode {
+			// Because of the special ref "refs/for" (AGit) we will need to delay write permission check,
+			// AGit flow needs to write its own ref when the doer has "reader" permission (allowing to create PR).
+			// The real permission check is done in HookPreReceive (routers/private/hook_pre_receive.go).
+			// Here it should relax the permission check for "git push (git-receive-pack)", but not for others like LFS operations.
+			if git.DefaultFeatures().SupportProcReceive && unitType == unit.TypeCode && verb == git.CmdVerbReceivePack {
 				mode = perm.AccessModeRead
 			}
 
diff --git a/routers/web/admin/admin_test.go b/routers/web/admin/admin_test.go
index 6c38f0b509..a568c7c5c8 100644
--- a/routers/web/admin/admin_test.go
+++ b/routers/web/admin/admin_test.go
@@ -69,7 +69,7 @@ func TestShadowPassword(t *testing.T) {
 	}
 
 	for _, k := range kases {
-		assert.EqualValues(t, k.Result, shadowPassword(k.Provider, k.CfgItem))
+		assert.Equal(t, k.Result, shadowPassword(k.Provider, k.CfgItem))
 	}
 }
 
@@ -79,7 +79,7 @@ func TestSelfCheckPost(t *testing.T) {
 
 	ctx, resp := contexttest.MockContext(t, "GET http://host/sub/admin/self_check?location_origin=http://frontend")
 	SelfCheckPost(ctx)
-	assert.EqualValues(t, http.StatusOK, resp.Code)
+	assert.Equal(t, http.StatusOK, resp.Code)
 
 	data := struct {
 		Problems []string `json:"problems"`
diff --git a/routers/web/admin/applications.go b/routers/web/admin/applications.go
index aec6349f21..79c3a08808 100644
--- a/routers/web/admin/applications.go
+++ b/routers/web/admin/applications.go
@@ -4,7 +4,6 @@
 package admin
 
 import (
-	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/models/auth"
@@ -23,8 +22,8 @@ var (
 func newOAuth2CommonHandlers() *user_setting.OAuth2CommonHandlers {
 	return &user_setting.OAuth2CommonHandlers{
 		OwnerID:            0,
-		BasePathList:       fmt.Sprintf("%s/-/admin/applications", setting.AppSubURL),
-		BasePathEditPrefix: fmt.Sprintf("%s/-/admin/applications/oauth2", setting.AppSubURL),
+		BasePathList:       setting.AppSubURL + "/-/admin/applications",
+		BasePathEditPrefix: setting.AppSubURL + "/-/admin/applications/oauth2",
 		TplAppEdit:         tplSettingsOauth2ApplicationEdit,
 	}
 }
diff --git a/routers/web/admin/auths.go b/routers/web/admin/auths.go
index 2b3bf1f77d..56c384b970 100644
--- a/routers/web/admin/auths.go
+++ b/routers/web/admin/auths.go
@@ -28,8 +28,6 @@ import (
 	"code.gitea.io/gitea/services/auth/source/sspi"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/forms"
-
-	"xorm.io/xorm/convert"
 )
 
 const (
@@ -149,7 +147,6 @@ func parseLDAPConfig(form forms.AuthenticationForm) *ldap.Source {
 		RestrictedFilter:      form.RestrictedFilter,
 		AllowDeactivateAll:    form.AllowDeactivateAll,
 		Enabled:               true,
-		SkipLocalTwoFA:        form.SkipLocalTwoFA,
 	}
 }
 
@@ -163,7 +160,6 @@ func parseSMTPConfig(form forms.AuthenticationForm) *smtp.Source {
 		SkipVerify:     form.SkipVerify,
 		HeloHostname:   form.HeloHostname,
 		DisableHelo:    form.DisableHelo,
-		SkipLocalTwoFA: form.SkipLocalTwoFA,
 	}
 }
 
@@ -181,7 +177,7 @@ func parseOAuth2Config(form forms.AuthenticationForm) *oauth2.Source {
 		customURLMapping = nil
 	}
 	var scopes []string
-	for _, s := range strings.Split(form.Oauth2Scopes, ",") {
+	for s := range strings.SplitSeq(form.Oauth2Scopes, ",") {
 		s = strings.TrimSpace(s)
 		if s != "" {
 			scopes = append(scopes, s)
@@ -198,12 +194,14 @@ func parseOAuth2Config(form forms.AuthenticationForm) *oauth2.Source {
 		Scopes:                        scopes,
 		RequiredClaimName:             form.Oauth2RequiredClaimName,
 		RequiredClaimValue:            form.Oauth2RequiredClaimValue,
-		SkipLocalTwoFA:                form.SkipLocalTwoFA,
 		GroupClaimName:                form.Oauth2GroupClaimName,
 		RestrictedGroup:               form.Oauth2RestrictedGroup,
 		AdminGroup:                    form.Oauth2AdminGroup,
 		GroupTeamMap:                  form.Oauth2GroupTeamMap,
 		GroupTeamMapRemoval:           form.Oauth2GroupTeamMapRemoval,
+
+		SSHPublicKeyClaimName: form.Oauth2SSHPublicKeyClaimName,
+		FullNameClaimName:     form.Oauth2FullNameClaimName,
 	}
 }
 
@@ -252,7 +250,7 @@ func NewAuthSourcePost(ctx *context.Context) {
 	ctx.Data["SSPIDefaultLanguage"] = ""
 
 	hasTLS := false
-	var config convert.Conversion
+	var config auth.Config
 	switch auth.Type(form.Type) {
 	case auth.LDAP, auth.DLDAP:
 		config = parseLDAPConfig(form)
@@ -262,9 +260,8 @@ func NewAuthSourcePost(ctx *context.Context) {
 		hasTLS = true
 	case auth.PAM:
 		config = &pam_service.Source{
-			ServiceName:    form.PAMServiceName,
-			EmailDomain:    form.PAMEmailDomain,
-			SkipLocalTwoFA: form.SkipLocalTwoFA,
+			ServiceName: form.PAMServiceName,
+			EmailDomain: form.PAMEmailDomain,
 		}
 	case auth.OAuth2:
 		config = parseOAuth2Config(form)
@@ -302,11 +299,12 @@ func NewAuthSourcePost(ctx *context.Context) {
 	}
 
 	if err := auth.CreateSource(ctx, &auth.Source{
-		Type:          auth.Type(form.Type),
-		Name:          form.Name,
-		IsActive:      form.IsActive,
-		IsSyncEnabled: form.IsSyncEnabled,
-		Cfg:           config,
+		Type:            auth.Type(form.Type),
+		Name:            form.Name,
+		IsActive:        form.IsActive,
+		IsSyncEnabled:   form.IsSyncEnabled,
+		TwoFactorPolicy: form.TwoFactorPolicy,
+		Cfg:             config,
 	}); err != nil {
 		if auth.IsErrSourceAlreadyExist(err) {
 			ctx.Data["Err_Name"] = true
@@ -384,7 +382,7 @@ func EditAuthSourcePost(ctx *context.Context) {
 		return
 	}
 
-	var config convert.Conversion
+	var config auth.Config
 	switch auth.Type(form.Type) {
 	case auth.LDAP, auth.DLDAP:
 		config = parseLDAPConfig(form)
@@ -421,6 +419,7 @@ func EditAuthSourcePost(ctx *context.Context) {
 	source.IsActive = form.IsActive
 	source.IsSyncEnabled = form.IsSyncEnabled
 	source.Cfg = config
+	source.TwoFactorPolicy = form.TwoFactorPolicy
 	if err := auth.UpdateSource(ctx, source); err != nil {
 		if auth.IsErrSourceAlreadyExist(err) {
 			ctx.Data["Err_Name"] = true
diff --git a/routers/web/admin/config.go b/routers/web/admin/config.go
index 520f14e89f..0e5b23db6d 100644
--- a/routers/web/admin/config.go
+++ b/routers/web/admin/config.go
@@ -61,7 +61,7 @@ func TestCache(ctx *context.Context) {
 
 func shadowPasswordKV(cfgItem, splitter string) string {
 	fields := strings.Split(cfgItem, splitter)
-	for i := 0; i < len(fields); i++ {
+	for i := range fields {
 		if strings.HasPrefix(fields[i], "password=") {
 			fields[i] = "password=******"
 			break
@@ -200,7 +200,7 @@ func ChangeConfig(ctx *context.Context) {
 	value := ctx.FormString("value")
 	cfg := setting.Config()
 
-	marshalBool := func(v string) (string, error) { //nolint:unparam
+	marshalBool := func(v string) (string, error) { //nolint:unparam // error is always nil
 		if b, _ := strconv.ParseBool(v); b {
 			return "true", nil
 		}
diff --git a/routers/web/admin/diagnosis.go b/routers/web/admin/diagnosis.go
index d040dbe0ba..5395529d66 100644
--- a/routers/web/admin/diagnosis.go
+++ b/routers/web/admin/diagnosis.go
@@ -16,13 +16,7 @@ import (
 )
 
 func MonitorDiagnosis(ctx *context.Context) {
-	seconds := ctx.FormInt64("seconds")
-	if seconds <= 1 {
-		seconds = 1
-	}
-	if seconds > 300 {
-		seconds = 300
-	}
+	seconds := min(max(ctx.FormInt64("seconds"), 1), 300)
 
 	httplib.ServeSetHeaders(ctx.Resp, &httplib.ServeHeaderOptions{
 		ContentType: "application/zip",
diff --git a/routers/web/admin/notice.go b/routers/web/admin/notice.go
index 21a8ab0d17..e9d6abbe92 100644
--- a/routers/web/admin/notice.go
+++ b/routers/web/admin/notice.go
@@ -26,10 +26,7 @@ func Notices(ctx *context.Context) {
 	ctx.Data["PageIsAdminNotices"] = true
 
 	total := system_model.CountNotices(ctx)
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	notices, err := system_model.Notices(ctx, page, setting.UI.Admin.NoticePagingNum)
 	if err != nil {
diff --git a/routers/web/admin/orgs.go b/routers/web/admin/orgs.go
index 35e61efa17..e34f203aaf 100644
--- a/routers/web/admin/orgs.go
+++ b/routers/web/admin/orgs.go
@@ -27,7 +27,7 @@ func Organizations(ctx *context.Context) {
 		ctx.SetFormString("sort", UserSearchDefaultAdminSort)
 	}
 
-	explore.RenderUserSearch(ctx, &user_model.SearchUserOptions{
+	explore.RenderUserSearch(ctx, user_model.SearchUserOptions{
 		Actor:           ctx.Doer,
 		Type:            user_model.UserTypeOrganization,
 		IncludeReserved: true, // administrator needs to list all accounts include reserved
diff --git a/routers/web/admin/packages.go b/routers/web/admin/packages.go
index 5122342259..1904bfee11 100644
--- a/routers/web/admin/packages.go
+++ b/routers/web/admin/packages.go
@@ -24,10 +24,7 @@ const (
 
 // Packages shows all packages
 func Packages(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	query := ctx.FormTrim("q")
 	packageType := ctx.FormTrim("type")
 	sort := ctx.FormTrim("sort")
diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index f6a3af1c86..27577cd35b 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -21,8 +21,8 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/templates"
-	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/web/explore"
 	user_setting "code.gitea.io/gitea/routers/web/user/setting"
@@ -65,18 +65,18 @@ func Users(ctx *context.Context) {
 		"SortType":        sortType,
 	}
 
-	explore.RenderUserSearch(ctx, &user_model.SearchUserOptions{
+	explore.RenderUserSearch(ctx, user_model.SearchUserOptions{
 		Actor: ctx.Doer,
 		Type:  user_model.UserTypeIndividual,
 		ListOptions: db.ListOptions{
 			PageSize: setting.UI.Admin.UserPagingNum,
 		},
 		SearchByEmail:      true,
-		IsActive:           util.OptionalBoolParse(statusFilterMap["is_active"]),
-		IsAdmin:            util.OptionalBoolParse(statusFilterMap["is_admin"]),
-		IsRestricted:       util.OptionalBoolParse(statusFilterMap["is_restricted"]),
-		IsTwoFactorEnabled: util.OptionalBoolParse(statusFilterMap["is_2fa_enabled"]),
-		IsProhibitLogin:    util.OptionalBoolParse(statusFilterMap["is_prohibit_login"]),
+		IsActive:           optional.ParseBool(statusFilterMap["is_active"]),
+		IsAdmin:            optional.ParseBool(statusFilterMap["is_admin"]),
+		IsRestricted:       optional.ParseBool(statusFilterMap["is_restricted"]),
+		IsTwoFactorEnabled: optional.ParseBool(statusFilterMap["is_2fa_enabled"]),
+		IsProhibitLogin:    optional.ParseBool(statusFilterMap["is_prohibit_login"]),
 		IncludeReserved:    true, // administrator needs to list all accounts include reserved, bot, remote ones
 	}, tplUsers)
 }
@@ -269,7 +269,7 @@ func ViewUser(ctx *context.Context) {
 		return
 	}
 
-	repos, count, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	repos, count, err := repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptionsAll,
 		OwnerID:     u.ID,
 		OrderBy:     db.SearchOrderByAlphabetically,
@@ -293,9 +293,9 @@ func ViewUser(ctx *context.Context) {
 	ctx.Data["EmailsTotal"] = len(emails)
 
 	orgs, err := db.Find[org_model.Organization](ctx, org_model.FindOrgOptions{
-		ListOptions:    db.ListOptionsAll,
-		UserID:         u.ID,
-		IncludePrivate: true,
+		ListOptions:       db.ListOptionsAll,
+		UserID:            u.ID,
+		IncludeVisibility: structs.VisibleTypePrivate,
 	})
 	if err != nil {
 		ctx.ServerError("FindOrgs", err)
@@ -432,7 +432,7 @@ func EditUserPost(ctx *context.Context) {
 		Website:                 optional.Some(form.Website),
 		Location:                optional.Some(form.Location),
 		IsActive:                optional.Some(form.Active),
-		IsAdmin:                 optional.Some(form.Admin),
+		IsAdmin:                 user_service.UpdateOptionFieldFromValue(form.Admin),
 		AllowGitHook:            optional.Some(form.AllowGitHook),
 		AllowImportLocal:        optional.Some(form.AllowImportLocal),
 		MaxRepoCreation:         optional.Some(form.MaxRepoCreation),
diff --git a/routers/web/auth/2fa.go b/routers/web/auth/2fa.go
index fe363fe90a..1f087a7897 100644
--- a/routers/web/auth/2fa.go
+++ b/routers/web/auth/2fa.go
@@ -9,11 +9,11 @@ import (
 
 	"code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/context"
-	"code.gitea.io/gitea/services/externalaccount"
 	"code.gitea.io/gitea/services/forms"
 )
 
@@ -74,7 +74,7 @@ func TwoFactorPost(ctx *context.Context) {
 		}
 
 		if ctx.Session.Get("linkAccount") != nil {
-			err = externalaccount.LinkAccountFromStore(ctx, ctx.Session, u)
+			err = linkAccountFromContext(ctx, u)
 			if err != nil {
 				ctx.ServerError("UserSignIn", err)
 				return
@@ -87,6 +87,7 @@ func TwoFactorPost(ctx *context.Context) {
 			return
 		}
 
+		_ = ctx.Session.Set(session.KeyUserHasTwoFactorAuth, true)
 		handleSignIn(ctx, u, remember)
 		return
 	}
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index f07ef98931..2ccd1c71b5 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -76,6 +76,10 @@ func autoSignIn(ctx *context.Context) (bool, error) {
 		}
 		return false, nil
 	}
+	userHasTwoFactorAuth, err := auth.HasTwoFactorOrWebAuthn(ctx, u.ID)
+	if err != nil {
+		return false, fmt.Errorf("HasTwoFactorOrWebAuthn: %w", err)
+	}
 
 	isSucceed = true
 
@@ -87,9 +91,9 @@ func autoSignIn(ctx *context.Context) (bool, error) {
 	ctx.SetSiteCookie(setting.CookieRememberName, nt.ID+":"+token, setting.LogInRememberDays*timeutil.Day)
 
 	if err := updateSession(ctx, nil, map[string]any{
-		// Set session IDs
-		"uid":   u.ID,
-		"uname": u.Name,
+		session.KeyUID:                  u.ID,
+		session.KeyUname:                u.Name,
+		session.KeyUserHasTwoFactorAuth: userHasTwoFactorAuth,
 	}); err != nil {
 		return false, fmt.Errorf("unable to updateSession: %w", err)
 	}
@@ -239,9 +243,8 @@ func SignInPost(ctx *context.Context) {
 	}
 
 	// Now handle 2FA:
-
 	// First of all if the source can skip local two fa we're done
-	if skipper, ok := source.Cfg.(auth_service.LocalTwoFASkipper); ok && skipper.IsSkipLocalTwoFA() {
+	if source.TwoFactorShouldSkip() {
 		handleSignIn(ctx, u, form.Remember)
 		return
 	}
@@ -262,7 +265,7 @@ func SignInPost(ctx *context.Context) {
 	}
 
 	if !hasTOTPtwofa && !hasWebAuthnTwofa {
-		// No two factor auth configured we can sign in the user
+		// No two-factor auth configured we can sign in the user
 		handleSignIn(ctx, u, form.Remember)
 		return
 	}
@@ -311,8 +314,14 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
 		ctx.SetSiteCookie(setting.CookieRememberName, nt.ID+":"+token, setting.LogInRememberDays*timeutil.Day)
 	}
 
+	userHasTwoFactorAuth, err := auth.HasTwoFactorOrWebAuthn(ctx, u.ID)
+	if err != nil {
+		ctx.ServerError("HasTwoFactorOrWebAuthn", err)
+		return setting.AppSubURL + "/"
+	}
+
 	if err := updateSession(ctx, []string{
-		// Delete the openid, 2fa and linkaccount data
+		// Delete the openid, 2fa and link_account data
 		"openid_verified_uri",
 		"openid_signin_remember",
 		"openid_determined_email",
@@ -320,9 +329,11 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
 		"twofaUid",
 		"twofaRemember",
 		"linkAccount",
+		"linkAccountData",
 	}, map[string]any{
-		"uid":   u.ID,
-		"uname": u.Name,
+		session.KeyUID:                  u.ID,
+		session.KeyUname:                u.Name,
+		session.KeyUserHasTwoFactorAuth: userHasTwoFactorAuth,
 	}); err != nil {
 		ctx.ServerError("RegenerateSession", err)
 		return setting.AppSubURL + "/"
@@ -411,9 +422,11 @@ func SignOut(ctx *context.Context) {
 // SignUp render the register page
 func SignUp(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("sign_up")
-
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
 
+	hasUsers, _ := user_model.HasUsers(ctx)
+	ctx.Data["IsFirstTimeRegistration"] = !hasUsers.HasAnyUser
+
 	oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
 	if err != nil {
 		ctx.ServerError("UserSignUp", err)
@@ -507,7 +520,7 @@ func SignUpPost(ctx *context.Context) {
 		Passwd: form.Password,
 	}
 
-	if !createAndHandleCreatedUser(ctx, tplSignUp, form, u, nil, nil, false) {
+	if !createAndHandleCreatedUser(ctx, tplSignUp, form, u, nil, nil) {
 		// error already handled
 		return
 	}
@@ -518,23 +531,24 @@ func SignUpPost(ctx *context.Context) {
 
 // createAndHandleCreatedUser calls createUserInContext and
 // then handleUserCreated.
-func createAndHandleCreatedUser(ctx *context.Context, tpl templates.TplName, form any, u *user_model.User, overwrites *user_model.CreateUserOverwriteOptions, gothUser *goth.User, allowLink bool) bool {
-	if !createUserInContext(ctx, tpl, form, u, overwrites, gothUser, allowLink) {
+func createAndHandleCreatedUser(ctx *context.Context, tpl templates.TplName, form any, u *user_model.User, overwrites *user_model.CreateUserOverwriteOptions, possibleLinkAccountData *LinkAccountData) bool {
+	if !createUserInContext(ctx, tpl, form, u, overwrites, possibleLinkAccountData) {
 		return false
 	}
-	return handleUserCreated(ctx, u, gothUser)
+	return handleUserCreated(ctx, u, possibleLinkAccountData)
 }
 
 // createUserInContext creates a user and handles errors within a given context.
-// Optionally a template can be specified.
-func createUserInContext(ctx *context.Context, tpl templates.TplName, form any, u *user_model.User, overwrites *user_model.CreateUserOverwriteOptions, gothUser *goth.User, allowLink bool) (ok bool) {
+// Optionally, a template can be specified.
+func createUserInContext(ctx *context.Context, tpl templates.TplName, form any, u *user_model.User, overwrites *user_model.CreateUserOverwriteOptions, possibleLinkAccountData *LinkAccountData) (ok bool) {
 	meta := &user_model.Meta{
 		InitialIP:        ctx.RemoteAddr(),
 		InitialUserAgent: ctx.Req.UserAgent(),
 	}
 	if err := user_model.CreateUser(ctx, u, meta, overwrites); err != nil {
-		if allowLink && (user_model.IsErrUserAlreadyExist(err) || user_model.IsErrEmailAlreadyUsed(err)) {
-			if setting.OAuth2Client.AccountLinking == setting.OAuth2AccountLinkingAuto {
+		if possibleLinkAccountData != nil && (user_model.IsErrUserAlreadyExist(err) || user_model.IsErrEmailAlreadyUsed(err)) {
+			switch setting.OAuth2Client.AccountLinking {
+			case setting.OAuth2AccountLinkingAuto:
 				var user *user_model.User
 				user = &user_model.User{Name: u.Name}
 				hasUser, err := user_model.GetUser(ctx, user)
@@ -548,15 +562,15 @@ func createUserInContext(ctx *context.Context, tpl templates.TplName, form any,
 				}
 
 				// TODO: probably we should respect 'remember' user's choice...
-				linkAccount(ctx, user, *gothUser, true)
+				oauth2LinkAccount(ctx, user, possibleLinkAccountData, true)
 				return false // user is already created here, all redirects are handled
-			} else if setting.OAuth2Client.AccountLinking == setting.OAuth2AccountLinkingLogin {
-				showLinkingLogin(ctx, *gothUser)
+			case setting.OAuth2AccountLinkingLogin:
+				showLinkingLogin(ctx, possibleLinkAccountData.AuthSourceID, possibleLinkAccountData.GothUser)
 				return false // user will be created only after linking login
 			}
 		}
 
-		// handle error without template
+		// handle error without a template
 		if len(tpl) == 0 {
 			ctx.ServerError("CreateUser", err)
 			return false
@@ -597,12 +611,18 @@ func createUserInContext(ctx *context.Context, tpl templates.TplName, form any,
 // handleUserCreated does additional steps after a new user is created.
 // It auto-sets admin for the only user, updates the optional external user and
 // sends a confirmation email if required.
-func handleUserCreated(ctx *context.Context, u *user_model.User, gothUser *goth.User) (ok bool) {
+func handleUserCreated(ctx *context.Context, u *user_model.User, possibleLinkAccountData *LinkAccountData) (ok bool) {
 	// Auto-set admin for the only user.
-	if user_model.CountUsers(ctx, nil) == 1 {
+	hasUsers, err := user_model.HasUsers(ctx)
+	if err != nil {
+		ctx.ServerError("HasUsers", err)
+		return false
+	}
+	if hasUsers.HasOnlyOneUser {
+		// the only user is the one just created, will set it as admin
 		opts := &user_service.UpdateOptions{
 			IsActive:     optional.Some(true),
-			IsAdmin:      optional.Some(true),
+			IsAdmin:      user_service.UpdateOptionFieldFromValue(true),
 			SetLastLogin: true,
 		}
 		if err := user_service.UpdateUser(ctx, u, opts); err != nil {
@@ -612,8 +632,8 @@ func handleUserCreated(ctx *context.Context, u *user_model.User, gothUser *goth.
 	}
 
 	// update external user information
-	if gothUser != nil {
-		if err := externalaccount.EnsureLinkExternalToUser(ctx, u, *gothUser); err != nil {
+	if possibleLinkAccountData != nil {
+		if err := externalaccount.EnsureLinkExternalToUser(ctx, possibleLinkAccountData.AuthSourceID, u, possibleLinkAccountData.GothUser); err != nil {
 			log.Error("EnsureLinkExternalToUser failed: %v", err)
 		}
 	}
diff --git a/routers/web/auth/auth_test.go b/routers/web/auth/auth_test.go
index e238125407..a0fd5c0e50 100644
--- a/routers/web/auth/auth_test.go
+++ b/routers/web/auth/auth_test.go
@@ -64,13 +64,14 @@ func TestUserLogin(t *testing.T) {
 func TestSignUpOAuth2Login(t *testing.T) {
 	defer test.MockVariableValue(&setting.OAuth2Client.EnableAutoRegistration, true)()
 
+	_ = oauth2.Init(t.Context())
 	addOAuth2Source(t, "dummy-auth-source", oauth2.Source{})
 
 	t.Run("OAuth2MissingField", func(t *testing.T) {
 		defer test.MockVariableValue(&gothic.CompleteUserAuth, func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
 			return goth.User{Provider: "dummy-auth-source", UserID: "dummy-user"}, nil
 		})()
-		mockOpt := contexttest.MockContextOption{SessionStore: session.NewMockStore("dummy-sid")}
+		mockOpt := contexttest.MockContextOption{SessionStore: session.NewMockMemStore("dummy-sid")}
 		ctx, resp := contexttest.MockContext(t, "/user/oauth2/dummy-auth-source/callback?code=dummy-code", mockOpt)
 		ctx.SetPathParam("provider", "dummy-auth-source")
 		SignInOAuthCallback(ctx)
@@ -84,7 +85,7 @@ func TestSignUpOAuth2Login(t *testing.T) {
 	})
 
 	t.Run("OAuth2CallbackError", func(t *testing.T) {
-		mockOpt := contexttest.MockContextOption{SessionStore: session.NewMockStore("dummy-sid")}
+		mockOpt := contexttest.MockContextOption{SessionStore: session.NewMockMemStore("dummy-sid")}
 		ctx, resp := contexttest.MockContext(t, "/user/oauth2/dummy-auth-source/callback", mockOpt)
 		ctx.SetPathParam("provider", "dummy-auth-source")
 		SignInOAuthCallback(ctx)
diff --git a/routers/web/auth/linkaccount.go b/routers/web/auth/linkaccount.go
index b3c61946b9..c624d896ca 100644
--- a/routers/web/auth/linkaccount.go
+++ b/routers/web/auth/linkaccount.go
@@ -5,7 +5,6 @@ package auth
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 	"strings"
 
@@ -21,8 +20,6 @@ import (
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/externalaccount"
 	"code.gitea.io/gitea/services/forms"
-
-	"github.com/markbates/goth"
 )
 
 var tplLinkAccount templates.TplName = "user/auth/link_account"
@@ -52,28 +49,28 @@ func LinkAccount(ctx *context.Context) {
 	ctx.Data["SignInLink"] = setting.AppSubURL + "/user/link_account_signin"
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/link_account_signup"
 
-	gothUser, ok := ctx.Session.Get("linkAccountGothUser").(goth.User)
+	linkAccountData := oauth2GetLinkAccountData(ctx)
 
 	// If you'd like to quickly debug the "link account" page layout, just uncomment the blow line
 	// Don't worry, when the below line exists, the lint won't pass: ineffectual assignment to gothUser (ineffassign)
-	// gothUser, ok = goth.User{Email: "invalid-email", Name: "."}, true // intentionally use invalid data to avoid pass the registration check
+	// linkAccountData = &LinkAccountData{authSource, gothUser} // intentionally use invalid data to avoid pass the registration check
 
-	if !ok {
+	if linkAccountData == nil {
 		// no account in session, so just redirect to the login page, then the user could restart the process
 		ctx.Redirect(setting.AppSubURL + "/user/login")
 		return
 	}
 
-	if missingFields, ok := gothUser.RawData["__giteaAutoRegMissingFields"].([]string); ok {
-		ctx.Data["AutoRegistrationFailedPrompt"] = ctx.Tr("auth.oauth_callback_unable_auto_reg", gothUser.Provider, strings.Join(missingFields, ","))
+	if missingFields, ok := linkAccountData.GothUser.RawData["__giteaAutoRegMissingFields"].([]string); ok {
+		ctx.Data["AutoRegistrationFailedPrompt"] = ctx.Tr("auth.oauth_callback_unable_auto_reg", linkAccountData.GothUser.Provider, strings.Join(missingFields, ","))
 	}
 
-	uname, err := extractUserNameFromOAuth2(&gothUser)
+	uname, err := extractUserNameFromOAuth2(&linkAccountData.GothUser)
 	if err != nil {
 		ctx.ServerError("UserSignIn", err)
 		return
 	}
-	email := gothUser.Email
+	email := linkAccountData.GothUser.Email
 	ctx.Data["user_name"] = uname
 	ctx.Data["email"] = email
 
@@ -152,8 +149,8 @@ func LinkAccountPostSignIn(ctx *context.Context) {
 	ctx.Data["SignInLink"] = setting.AppSubURL + "/user/link_account_signin"
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/link_account_signup"
 
-	gothUser := ctx.Session.Get("linkAccountGothUser")
-	if gothUser == nil {
+	linkAccountData := oauth2GetLinkAccountData(ctx)
+	if linkAccountData == nil {
 		ctx.ServerError("UserSignIn", errors.New("not in LinkAccount session"))
 		return
 	}
@@ -169,11 +166,14 @@ func LinkAccountPostSignIn(ctx *context.Context) {
 		return
 	}
 
-	linkAccount(ctx, u, gothUser.(goth.User), signInForm.Remember)
+	oauth2LinkAccount(ctx, u, linkAccountData, signInForm.Remember)
 }
 
-func linkAccount(ctx *context.Context, u *user_model.User, gothUser goth.User, remember bool) {
-	updateAvatarIfNeed(ctx, gothUser.AvatarURL, u)
+func oauth2LinkAccount(ctx *context.Context, u *user_model.User, linkAccountData *LinkAccountData, remember bool) {
+	oauth2SignInSync(ctx, linkAccountData.AuthSourceID, u, linkAccountData.GothUser)
+	if ctx.Written() {
+		return
+	}
 
 	// If this user is enrolled in 2FA, we can't sign the user in just yet.
 	// Instead, redirect them to the 2FA authentication page.
@@ -185,7 +185,7 @@ func linkAccount(ctx *context.Context, u *user_model.User, gothUser goth.User, r
 			return
 		}
 
-		err = externalaccount.LinkAccountToUser(ctx, u, gothUser)
+		err = externalaccount.LinkAccountToUser(ctx, linkAccountData.AuthSourceID, u, linkAccountData.GothUser)
 		if err != nil {
 			ctx.ServerError("UserLinkAccount", err)
 			return
@@ -243,17 +243,11 @@ func LinkAccountPostRegister(ctx *context.Context) {
 	ctx.Data["SignInLink"] = setting.AppSubURL + "/user/link_account_signin"
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/link_account_signup"
 
-	gothUserInterface := ctx.Session.Get("linkAccountGothUser")
-	if gothUserInterface == nil {
+	linkAccountData := oauth2GetLinkAccountData(ctx)
+	if linkAccountData == nil {
 		ctx.ServerError("UserSignUp", errors.New("not in LinkAccount session"))
 		return
 	}
-	gothUser, ok := gothUserInterface.(goth.User)
-	if !ok {
-		ctx.ServerError("UserSignUp", fmt.Errorf("session linkAccountGothUser type is %t but not goth.User", gothUserInterface))
-		return
-	}
-
 	if ctx.HasError() {
 		ctx.HTML(http.StatusOK, tplLinkAccount)
 		return
@@ -296,31 +290,38 @@ func LinkAccountPostRegister(ctx *context.Context) {
 		}
 	}
 
-	authSource, err := auth.GetActiveOAuth2SourceByName(ctx, gothUser.Provider)
-	if err != nil {
-		ctx.ServerError("CreateUser", err)
-		return
-	}
-
 	u := &user_model.User{
 		Name:        form.UserName,
 		Email:       form.Email,
 		Passwd:      form.Password,
 		LoginType:   auth.OAuth2,
-		LoginSource: authSource.ID,
-		LoginName:   gothUser.UserID,
+		LoginSource: linkAccountData.AuthSourceID,
+		LoginName:   linkAccountData.GothUser.UserID,
 	}
 
-	if !createAndHandleCreatedUser(ctx, tplLinkAccount, form, u, nil, &gothUser, false) {
+	if !createAndHandleCreatedUser(ctx, tplLinkAccount, form, u, nil, linkAccountData) {
 		// error already handled
 		return
 	}
 
+	authSource, err := auth.GetSourceByID(ctx, linkAccountData.AuthSourceID)
+	if err != nil {
+		ctx.ServerError("GetSourceByID", err)
+		return
+	}
 	source := authSource.Cfg.(*oauth2.Source)
-	if err := syncGroupsToTeams(ctx, source, &gothUser, u); err != nil {
+	if err := syncGroupsToTeams(ctx, source, &linkAccountData.GothUser, u); err != nil {
 		ctx.ServerError("SyncGroupsToTeams", err)
 		return
 	}
 
 	handleSignIn(ctx, u, false)
 }
+
+func linkAccountFromContext(ctx *context.Context, user *user_model.User) error {
+	linkAccountData := oauth2GetLinkAccountData(ctx)
+	if linkAccountData == nil {
+		return errors.New("not in LinkAccount session")
+	}
+	return externalaccount.LinkAccountToUser(ctx, linkAccountData.AuthSourceID, user, linkAccountData.GothUser)
+}
diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go
index 277f8bed31..f1c155e78f 100644
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@@ -4,6 +4,7 @@
 package auth
 
 import (
+	"encoding/gob"
 	"errors"
 	"fmt"
 	"html"
@@ -18,8 +19,8 @@ import (
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/web/middleware"
 	source_service "code.gitea.io/gitea/services/auth/source"
 	"code.gitea.io/gitea/services/auth/source/oauth2"
@@ -34,9 +35,8 @@ import (
 
 // SignInOAuth handles the OAuth2 login buttons
 func SignInOAuth(ctx *context.Context) {
-	provider := ctx.PathParam("provider")
-
-	authSource, err := auth.GetActiveOAuth2SourceByName(ctx, provider)
+	authName := ctx.PathParam("provider")
+	authSource, err := auth.GetActiveOAuth2SourceByAuthName(ctx, authName)
 	if err != nil {
 		ctx.ServerError("SignIn", err)
 		return
@@ -73,8 +73,6 @@ func SignInOAuth(ctx *context.Context) {
 
 // SignInOAuthCallback handles the callback from the given provider
 func SignInOAuthCallback(ctx *context.Context) {
-	provider := ctx.PathParam("provider")
-
 	if ctx.Req.FormValue("error") != "" {
 		var errorKeyValues []string
 		for k, vv := range ctx.Req.Form {
@@ -87,7 +85,8 @@ func SignInOAuthCallback(ctx *context.Context) {
 	}
 
 	// first look if the provider is still active
-	authSource, err := auth.GetActiveOAuth2SourceByName(ctx, provider)
+	authName := ctx.PathParam("provider")
+	authSource, err := auth.GetActiveOAuth2SourceByAuthName(ctx, authName)
 	if err != nil {
 		ctx.ServerError("SignIn", err)
 		return
@@ -132,7 +131,7 @@ func SignInOAuthCallback(ctx *context.Context) {
 	if u == nil {
 		if ctx.Doer != nil {
 			// attach user to the current signed-in user
-			err = externalaccount.LinkAccountToUser(ctx, ctx.Doer, gothUser)
+			err = externalaccount.LinkAccountToUser(ctx, authSource.ID, ctx.Doer, gothUser)
 			if err != nil {
 				ctx.ServerError("UserLinkAccount", err)
 				return
@@ -155,9 +154,10 @@ func SignInOAuthCallback(ctx *context.Context) {
 				return
 			}
 			if uname == "" {
-				if setting.OAuth2Client.Username == setting.OAuth2UsernameNickname {
+				switch setting.OAuth2Client.Username {
+				case setting.OAuth2UsernameNickname:
 					missingFields = append(missingFields, "nickname")
-				} else if setting.OAuth2Client.Username == setting.OAuth2UsernamePreferredUsername {
+				case setting.OAuth2UsernamePreferredUsername:
 					missingFields = append(missingFields, "preferred_username")
 				} // else: "UserID" and "Email" have been handled above separately
 			}
@@ -172,12 +172,11 @@ func SignInOAuthCallback(ctx *context.Context) {
 					gothUser.RawData = make(map[string]any)
 				}
 				gothUser.RawData["__giteaAutoRegMissingFields"] = missingFields
-				showLinkingLogin(ctx, gothUser)
+				showLinkingLogin(ctx, authSource.ID, gothUser)
 				return
 			}
 			u = &user_model.User{
 				Name:        uname,
-				FullName:    gothUser.Name,
 				Email:       gothUser.Email,
 				LoginType:   auth.OAuth2,
 				LoginSource: authSource.ID,
@@ -191,10 +190,14 @@ func SignInOAuthCallback(ctx *context.Context) {
 			source := authSource.Cfg.(*oauth2.Source)
 
 			isAdmin, isRestricted := getUserAdminAndRestrictedFromGroupClaims(source, &gothUser)
-			u.IsAdmin = isAdmin.ValueOrDefault(false)
-			u.IsRestricted = isRestricted.ValueOrDefault(false)
+			u.IsAdmin = isAdmin.ValueOrDefault(user_service.UpdateOptionField[bool]{FieldValue: false}).FieldValue
+			u.IsRestricted = isRestricted.ValueOrDefault(setting.Service.DefaultUserIsRestricted)
 
-			if !createAndHandleCreatedUser(ctx, templates.TplName(""), nil, u, overwriteDefault, &gothUser, setting.OAuth2Client.AccountLinking != setting.OAuth2AccountLinkingDisabled) {
+			linkAccountData := &LinkAccountData{authSource.ID, gothUser}
+			if setting.OAuth2Client.AccountLinking == setting.OAuth2AccountLinkingDisabled {
+				linkAccountData = nil
+			}
+			if !createAndHandleCreatedUser(ctx, "", nil, u, overwriteDefault, linkAccountData) {
 				// error already handled
 				return
 			}
@@ -205,7 +208,7 @@ func SignInOAuthCallback(ctx *context.Context) {
 			}
 		} else {
 			// no existing user is found, request attach or new account
-			showLinkingLogin(ctx, gothUser)
+			showLinkingLogin(ctx, authSource.ID, gothUser)
 			return
 		}
 	}
@@ -256,11 +259,11 @@ func getClaimedGroups(source *oauth2.Source, gothUser *goth.User) container.Set[
 	return claimValueToStringSet(groupClaims)
 }
 
-func getUserAdminAndRestrictedFromGroupClaims(source *oauth2.Source, gothUser *goth.User) (isAdmin, isRestricted optional.Option[bool]) {
+func getUserAdminAndRestrictedFromGroupClaims(source *oauth2.Source, gothUser *goth.User) (isAdmin optional.Option[user_service.UpdateOptionField[bool]], isRestricted optional.Option[bool]) {
 	groups := getClaimedGroups(source, gothUser)
 
 	if source.AdminGroup != "" {
-		isAdmin = optional.Some(groups.Contains(source.AdminGroup))
+		isAdmin = user_service.UpdateOptionFieldFromSync(groups.Contains(source.AdminGroup))
 	}
 	if source.RestrictedGroup != "" {
 		isRestricted = optional.Some(groups.Contains(source.RestrictedGroup))
@@ -269,17 +272,36 @@ func getUserAdminAndRestrictedFromGroupClaims(source *oauth2.Source, gothUser *g
 	return isAdmin, isRestricted
 }
 
-func showLinkingLogin(ctx *context.Context, gothUser goth.User) {
-	if err := updateSession(ctx, nil, map[string]any{
-		"linkAccountGothUser": gothUser,
-	}); err != nil {
-		ctx.ServerError("updateSession", err)
+type LinkAccountData struct {
+	AuthSourceID int64
+	GothUser     goth.User
+}
+
+func oauth2GetLinkAccountData(ctx *context.Context) *LinkAccountData {
+	gob.Register(LinkAccountData{})
+	v, ok := ctx.Session.Get("linkAccountData").(LinkAccountData)
+	if !ok {
+		return nil
+	}
+	return &v
+}
+
+func Oauth2SetLinkAccountData(ctx *context.Context, linkAccountData LinkAccountData) error {
+	gob.Register(LinkAccountData{})
+	return updateSession(ctx, nil, map[string]any{
+		"linkAccountData": linkAccountData,
+	})
+}
+
+func showLinkingLogin(ctx *context.Context, authSourceID int64, gothUser goth.User) {
+	if err := Oauth2SetLinkAccountData(ctx, LinkAccountData{authSourceID, gothUser}); err != nil {
+		ctx.ServerError("Oauth2SetLinkAccountData", err)
 		return
 	}
 	ctx.Redirect(setting.AppSubURL + "/user/link_account")
 }
 
-func updateAvatarIfNeed(ctx *context.Context, url string, u *user_model.User) {
+func oauth2UpdateAvatarIfNeed(ctx *context.Context, url string, u *user_model.User) {
 	if setting.OAuth2Client.UpdateAvatar && len(url) > 0 {
 		resp, err := http.Get(url)
 		if err == nil {
@@ -297,11 +319,14 @@ func updateAvatarIfNeed(ctx *context.Context, url string, u *user_model.User) {
 	}
 }
 
-func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model.User, gothUser goth.User) {
-	updateAvatarIfNeed(ctx, gothUser.AvatarURL, u)
+func handleOAuth2SignIn(ctx *context.Context, authSource *auth.Source, u *user_model.User, gothUser goth.User) {
+	oauth2SignInSync(ctx, authSource.ID, u, gothUser)
+	if ctx.Written() {
+		return
+	}
 
 	needs2FA := false
-	if !source.Cfg.(*oauth2.Source).SkipLocalTwoFA {
+	if !authSource.TwoFactorShouldSkip() {
 		_, err := auth.GetTwoFactorByUID(ctx, u.ID)
 		if err != nil && !auth.IsErrTwoFactorNotEnrolled(err) {
 			ctx.ServerError("UserSignIn", err)
@@ -310,7 +335,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
 		needs2FA = err == nil
 	}
 
-	oauth2Source := source.Cfg.(*oauth2.Source)
+	oauth2Source := authSource.Cfg.(*oauth2.Source)
 	groupTeamMapping, err := auth_module.UnmarshalGroupTeamMapping(oauth2Source.GroupTeamMap)
 	if err != nil {
 		ctx.ServerError("UnmarshalGroupTeamMapping", err)
@@ -336,7 +361,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
 		}
 	}
 
-	if err := externalaccount.EnsureLinkExternalToUser(ctx, u, gothUser); err != nil {
+	if err := externalaccount.EnsureLinkExternalToUser(ctx, authSource.ID, u, gothUser); err != nil {
 		ctx.ServerError("EnsureLinkExternalToUser", err)
 		return
 	}
@@ -351,10 +376,16 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
 			ctx.ServerError("UpdateUser", err)
 			return
 		}
+		userHasTwoFactorAuth, err := auth.HasTwoFactorOrWebAuthn(ctx, u.ID)
+		if err != nil {
+			ctx.ServerError("UpdateUser", err)
+			return
+		}
 
 		if err := updateSession(ctx, nil, map[string]any{
-			"uid":   u.ID,
-			"uname": u.Name,
+			session.KeyUID:                  u.ID,
+			session.KeyUname:                u.Name,
+			session.KeyUserHasTwoFactorAuth: userHasTwoFactorAuth,
 		}); err != nil {
 			ctx.ServerError("updateSession", err)
 			return
diff --git a/routers/web/auth/oauth2_provider.go b/routers/web/auth/oauth2_provider.go
index ff571fbf2c..79989d8fbe 100644
--- a/routers/web/auth/oauth2_provider.go
+++ b/routers/web/auth/oauth2_provider.go
@@ -4,17 +4,17 @@
 package auth
 
 import (
-	"errors"
 	"fmt"
 	"html"
 	"html/template"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/auth/httpauth"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -98,7 +98,7 @@ func InfoOAuth(ctx *context.Context) {
 	}
 
 	response := &userInfoResponse{
-		Sub:               fmt.Sprint(ctx.Doer.ID),
+		Sub:               strconv.FormatInt(ctx.Doer.ID, 10),
 		Name:              ctx.Doer.DisplayName(),
 		PreferredUsername: ctx.Doer.Name,
 		Email:             ctx.Doer.Email,
@@ -107,9 +107,8 @@ func InfoOAuth(ctx *context.Context) {
 
 	var accessTokenScope auth.AccessTokenScope
 	if auHead := ctx.Req.Header.Get("Authorization"); auHead != "" {
-		auths := strings.Fields(auHead)
-		if len(auths) == 2 && (auths[0] == "token" || strings.ToLower(auths[0]) == "bearer") {
-			accessTokenScope, _ = auth_service.GetOAuthAccessTokenScopeAndUserID(ctx, auths[1])
+		if parsed, ok := httpauth.ParseAuthorizationHeader(auHead); ok && parsed.BearerToken != nil {
+			accessTokenScope, _ = auth_service.GetOAuthAccessTokenScopeAndUserID(ctx, parsed.BearerToken.Token)
 		}
 	}
 
@@ -126,18 +125,12 @@ func InfoOAuth(ctx *context.Context) {
 	ctx.JSON(http.StatusOK, response)
 }
 
-func parseBasicAuth(ctx *context.Context) (username, password string, err error) {
-	authHeader := ctx.Req.Header.Get("Authorization")
-	if authType, authData, ok := strings.Cut(authHeader, " "); ok && strings.EqualFold(authType, "Basic") {
-		return base.BasicAuthDecode(authData)
-	}
-	return "", "", errors.New("invalid basic authentication")
-}
-
 // IntrospectOAuth introspects an oauth token
 func IntrospectOAuth(ctx *context.Context) {
 	clientIDValid := false
-	if clientID, clientSecret, err := parseBasicAuth(ctx); err == nil {
+	authHeader := ctx.Req.Header.Get("Authorization")
+	if parsed, ok := httpauth.ParseAuthorizationHeader(authHeader); ok && parsed.BasicAuth != nil {
+		clientID, clientSecret := parsed.BasicAuth.Username, parsed.BasicAuth.Password
 		app, err := auth.GetOAuth2ApplicationByClientID(ctx, clientID)
 		if err != nil && !auth.IsErrOauthClientIDInvalid(err) {
 			// this is likely a database error; log it and respond without details
@@ -169,9 +162,7 @@ func IntrospectOAuth(ctx *context.Context) {
 			if err == nil && app != nil {
 				response.Active = true
 				response.Scope = grant.Scope
-				response.Issuer = setting.AppURL
-				response.Audience = []string{app.ClientID}
-				response.Subject = fmt.Sprint(grant.UserID)
+				response.RegisteredClaims = oauth2_provider.NewJwtRegisteredClaimsFromUser(app.ClientID, grant.UserID, nil /*exp*/)
 			}
 			if user, err := user_model.GetUserByID(ctx, grant.UserID); err == nil {
 				response.Username = user.Name
@@ -431,7 +422,14 @@ func GrantApplicationOAuth(ctx *context.Context) {
 
 // OIDCWellKnown generates JSON so OIDC clients know Gitea's capabilities
 func OIDCWellKnown(ctx *context.Context) {
-	ctx.Data["SigningKey"] = oauth2_provider.DefaultSigningKey
+	if !setting.OAuth2.Enabled {
+		http.NotFound(ctx.Resp, ctx.Req)
+		return
+	}
+	jwtRegisteredClaims := oauth2_provider.NewJwtRegisteredClaimsFromUser("well-known", 0, nil)
+	ctx.Data["OidcIssuer"] = jwtRegisteredClaims.Issuer // use the consistent issuer from the JWT registered claims
+	ctx.Data["OidcBaseUrl"] = strings.TrimSuffix(setting.AppURL, "/")
+	ctx.Data["SigningKeyMethodAlg"] = oauth2_provider.DefaultSigningKey.SigningMethod().Alg()
 	ctx.JSONTemplate("user/auth/oidc_wellknown")
 }
 
@@ -464,16 +462,16 @@ func AccessTokenOAuth(ctx *context.Context) {
 	form := *web.GetForm(ctx).(*forms.AccessTokenForm)
 	// if there is no ClientID or ClientSecret in the request body, fill these fields by the Authorization header and ensure the provided field matches the Authorization header
 	if form.ClientID == "" || form.ClientSecret == "" {
-		authHeader := ctx.Req.Header.Get("Authorization")
-		if authType, authData, ok := strings.Cut(authHeader, " "); ok && strings.EqualFold(authType, "Basic") {
-			clientID, clientSecret, err := base.BasicAuthDecode(authData)
-			if err != nil {
+		if authHeader := ctx.Req.Header.Get("Authorization"); authHeader != "" {
+			parsed, ok := httpauth.ParseAuthorizationHeader(authHeader)
+			if !ok || parsed.BasicAuth == nil {
 				handleAccessTokenError(ctx, oauth2_provider.AccessTokenError{
 					ErrorCode:        oauth2_provider.AccessTokenErrorCodeInvalidRequest,
 					ErrorDescription: "cannot parse basic auth header",
 				})
 				return
 			}
+			clientID, clientSecret := parsed.BasicAuth.Username, parsed.BasicAuth.Password
 			// validate that any fields present in the form match the Basic auth header
 			if form.ClientID != "" && form.ClientID != clientID {
 				handleAccessTokenError(ctx, oauth2_provider.AccessTokenError{
diff --git a/routers/web/auth/oauth_signin_sync.go b/routers/web/auth/oauth_signin_sync.go
new file mode 100644
index 0000000000..86d1966024
--- /dev/null
+++ b/routers/web/auth/oauth_signin_sync.go
@@ -0,0 +1,93 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package auth
+
+import (
+	"fmt"
+
+	asymkey_model "code.gitea.io/gitea/models/asymkey"
+	"code.gitea.io/gitea/models/auth"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
+	asymkey_service "code.gitea.io/gitea/services/asymkey"
+	"code.gitea.io/gitea/services/auth/source/oauth2"
+	"code.gitea.io/gitea/services/context"
+
+	"github.com/markbates/goth"
+)
+
+func oauth2SignInSync(ctx *context.Context, authSourceID int64, u *user_model.User, gothUser goth.User) {
+	oauth2UpdateAvatarIfNeed(ctx, gothUser.AvatarURL, u)
+
+	authSource, err := auth.GetSourceByID(ctx, authSourceID)
+	if err != nil {
+		ctx.ServerError("GetSourceByID", err)
+		return
+	}
+	oauth2Source, _ := authSource.Cfg.(*oauth2.Source)
+	if !authSource.IsOAuth2() || oauth2Source == nil {
+		ctx.ServerError("oauth2SignInSync", fmt.Errorf("source %s is not an OAuth2 source", gothUser.Provider))
+		return
+	}
+
+	// sync full name
+	fullNameKey := util.IfZero(oauth2Source.FullNameClaimName, "name")
+	fullName, _ := gothUser.RawData[fullNameKey].(string)
+	fullName = util.IfZero(fullName, gothUser.Name)
+
+	// need to update if the user has no full name set
+	shouldUpdateFullName := u.FullName == ""
+	// force to update if the attribute is set
+	shouldUpdateFullName = shouldUpdateFullName || oauth2Source.FullNameClaimName != ""
+	// only update if the full name is different
+	shouldUpdateFullName = shouldUpdateFullName && u.FullName != fullName
+	if shouldUpdateFullName {
+		u.FullName = fullName
+		if err := user_model.UpdateUserCols(ctx, u, "full_name"); err != nil {
+			log.Error("Unable to sync OAuth2 user full name %s: %v", gothUser.Provider, err)
+		}
+	}
+
+	err = oauth2UpdateSSHPubIfNeed(ctx, authSource, &gothUser, u)
+	if err != nil {
+		log.Error("Unable to sync OAuth2 SSH public key %s: %v", gothUser.Provider, err)
+	}
+}
+
+func oauth2SyncGetSSHKeys(source *oauth2.Source, gothUser *goth.User) ([]string, error) {
+	value, exists := gothUser.RawData[source.SSHPublicKeyClaimName]
+	if !exists {
+		return []string{}, nil
+	}
+	rawSlice, ok := value.([]any)
+	if !ok {
+		return nil, fmt.Errorf("invalid SSH public key value type: %T", value)
+	}
+
+	sshKeys := make([]string, 0, len(rawSlice))
+	for _, v := range rawSlice {
+		str, ok := v.(string)
+		if !ok {
+			return nil, fmt.Errorf("invalid SSH public key value item type: %T", v)
+		}
+		sshKeys = append(sshKeys, str)
+	}
+	return sshKeys, nil
+}
+
+func oauth2UpdateSSHPubIfNeed(ctx *context.Context, authSource *auth.Source, gothUser *goth.User, user *user_model.User) error {
+	oauth2Source, _ := authSource.Cfg.(*oauth2.Source)
+	if oauth2Source == nil || oauth2Source.SSHPublicKeyClaimName == "" {
+		return nil
+	}
+	sshKeys, err := oauth2SyncGetSSHKeys(oauth2Source, gothUser)
+	if err != nil {
+		return err
+	}
+	if !asymkey_model.SynchronizePublicKeys(ctx, user, authSource, sshKeys) {
+		return nil
+	}
+	return asymkey_service.RewriteAllPublicKeys(ctx)
+}
diff --git a/routers/web/auth/openid.go b/routers/web/auth/openid.go
index c3415cccac..4ef4c96ccc 100644
--- a/routers/web/auth/openid.go
+++ b/routers/web/auth/openid.go
@@ -4,7 +4,7 @@
 package auth
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 	"net/url"
 
@@ -55,13 +55,13 @@ func allowedOpenIDURI(uri string) (err error) {
 			}
 		}
 		// must match one of this or be refused
-		return fmt.Errorf("URI not allowed by whitelist")
+		return errors.New("URI not allowed by whitelist")
 	}
 
 	// A blacklist match expliclty forbids
 	for _, pat := range setting.Service.OpenIDBlacklist {
 		if pat.MatchString(uri) {
-			return fmt.Errorf("URI forbidden by blacklist")
+			return errors.New("URI forbidden by blacklist")
 		}
 	}
 
@@ -99,7 +99,7 @@ func SignInOpenIDPost(ctx *context.Context) {
 	url, err := openid.RedirectURL(id, redirectTo, setting.AppURL)
 	if err != nil {
 		log.Error("Error in OpenID redirect URL: %s, %v", redirectTo, err.Error())
-		ctx.RenderWithErr(fmt.Sprintf("Unable to find OpenID provider in %s", redirectTo), tplSignInOpenID, &form)
+		ctx.RenderWithErr("Unable to find OpenID provider in "+redirectTo, tplSignInOpenID, &form)
 		return
 	}
 
@@ -349,10 +349,7 @@ func RegisterOpenIDPost(ctx *context.Context) {
 		context.VerifyCaptcha(ctx, tplSignUpOID, form)
 	}
 
-	length := setting.MinPasswordLength
-	if length < 256 {
-		length = 256
-	}
+	length := max(setting.MinPasswordLength, 256)
 	password, err := util.CryptoRandomString(int64(length))
 	if err != nil {
 		ctx.RenderWithErr(err.Error(), tplSignUpOID, form)
@@ -364,7 +361,7 @@ func RegisterOpenIDPost(ctx *context.Context) {
 		Email:  form.Email,
 		Passwd: password,
 	}
-	if !createUserInContext(ctx, tplSignUpOID, form, u, nil, nil, false) {
+	if !createUserInContext(ctx, tplSignUpOID, form, u, nil, nil) {
 		// error already handled
 		return
 	}
diff --git a/routers/web/auth/password.go b/routers/web/auth/password.go
index 8dbde85fe6..537ad4b994 100644
--- a/routers/web/auth/password.go
+++ b/routers/web/auth/password.go
@@ -5,7 +5,6 @@ package auth
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/models/auth"
@@ -108,14 +107,14 @@ func commonResetPassword(ctx *context.Context) (*user_model.User, *auth.TwoFacto
 	}
 
 	if len(code) == 0 {
-		ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true)
+		ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", setting.AppSubURL+"/user/forgot_password"), true)
 		return nil, nil
 	}
 
 	// Fail early, don't frustrate the user
 	u := user_model.VerifyUserTimeLimitCode(ctx, &user_model.TimeLimitCodeOptions{Purpose: user_model.TimeLimitCodeResetPassword}, code)
 	if u == nil {
-		ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true)
+		ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", setting.AppSubURL+"/user/forgot_password"), true)
 		return nil, nil
 	}
 
diff --git a/routers/web/auth/webauthn.go b/routers/web/auth/webauthn.go
index 78f6c3b58e..dacb6be225 100644
--- a/routers/web/auth/webauthn.go
+++ b/routers/web/auth/webauthn.go
@@ -15,7 +15,6 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/services/context"
-	"code.gitea.io/gitea/services/externalaccount"
 
 	"github.com/go-webauthn/webauthn/protocol"
 	"github.com/go-webauthn/webauthn/webauthn"
@@ -150,7 +149,7 @@ func WebAuthnPasskeyLogin(ctx *context.Context) {
 
 	// Now handle account linking if that's requested
 	if ctx.Session.Get("linkAccount") != nil {
-		if err := externalaccount.LinkAccountFromStore(ctx, ctx.Session, user); err != nil {
+		if err := linkAccountFromContext(ctx, user); err != nil {
 			ctx.ServerError("LinkAccountFromStore", err)
 			return
 		}
@@ -268,7 +267,7 @@ func WebAuthnLoginAssertionPost(ctx *context.Context) {
 
 	// Now handle account linking if that's requested
 	if ctx.Session.Get("linkAccount") != nil {
-		if err := externalaccount.LinkAccountFromStore(ctx, ctx.Session, user); err != nil {
+		if err := linkAccountFromContext(ctx, user); err != nil {
 			ctx.ServerError("LinkAccountFromStore", err)
 			return
 		}
diff --git a/routers/web/base.go b/routers/web/base.go
index a284dd0288..0f06cb5e4b 100644
--- a/routers/web/base.go
+++ b/routers/web/base.go
@@ -25,7 +25,7 @@ func avatarStorageHandler(storageSetting *setting.Storage, prefix string, objSto
 
 	if storageSetting.ServeDirect() {
 		return func(w http.ResponseWriter, req *http.Request) {
-			if req.Method != "GET" && req.Method != "HEAD" {
+			if req.Method != http.MethodGet && req.Method != http.MethodHead {
 				http.Error(w, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
 				return
 			}
@@ -39,7 +39,7 @@ func avatarStorageHandler(storageSetting *setting.Storage, prefix string, objSto
 			rPath := strings.TrimPrefix(req.URL.Path, "/"+prefix+"/")
 			rPath = util.PathJoinRelX(rPath)
 
-			u, err := objStore.URL(rPath, path.Base(rPath), nil)
+			u, err := objStore.URL(rPath, path.Base(rPath), req.Method, nil)
 			if err != nil {
 				if os.IsNotExist(err) || errors.Is(err, os.ErrNotExist) {
 					log.Warn("Unable to find %s %s", prefix, rPath)
@@ -56,7 +56,7 @@ func avatarStorageHandler(storageSetting *setting.Storage, prefix string, objSto
 	}
 
 	return func(w http.ResponseWriter, req *http.Request) {
-		if req.Method != "GET" && req.Method != "HEAD" {
+		if req.Method != http.MethodGet && req.Method != http.MethodHead {
 			http.Error(w, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
 			return
 		}
diff --git a/routers/web/devtest/devtest.go b/routers/web/devtest/devtest.go
index 1ea1398173..a22d376579 100644
--- a/routers/web/devtest/devtest.go
+++ b/routers/web/devtest/devtest.go
@@ -4,16 +4,22 @@
 package devtest
 
 import (
+	"fmt"
+	"html/template"
 	"net/http"
 	"path"
+	"strconv"
 	"strings"
 	"time"
+	"unicode"
 
 	"code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/db"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/badge"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 )
 
@@ -45,86 +51,135 @@ func FetchActionTest(ctx *context.Context) {
 	ctx.JSONRedirect("")
 }
 
-func prepareMockData(ctx *context.Context) {
-	if ctx.Req.URL.Path == "/devtest/gitea-ui" {
-		now := time.Now()
-		ctx.Data["TimeNow"] = now
-		ctx.Data["TimePast5s"] = now.Add(-5 * time.Second)
-		ctx.Data["TimeFuture5s"] = now.Add(5 * time.Second)
-		ctx.Data["TimePast2m"] = now.Add(-2 * time.Minute)
-		ctx.Data["TimeFuture2m"] = now.Add(2 * time.Minute)
-		ctx.Data["TimePast1y"] = now.Add(-1 * 366 * 86400 * time.Second)
-		ctx.Data["TimeFuture1y"] = now.Add(1 * 366 * 86400 * time.Second)
+func prepareMockDataGiteaUI(ctx *context.Context) {
+	now := time.Now()
+	ctx.Data["TimeNow"] = now
+	ctx.Data["TimePast5s"] = now.Add(-5 * time.Second)
+	ctx.Data["TimeFuture5s"] = now.Add(5 * time.Second)
+	ctx.Data["TimePast2m"] = now.Add(-2 * time.Minute)
+	ctx.Data["TimeFuture2m"] = now.Add(2 * time.Minute)
+	ctx.Data["TimePast1y"] = now.Add(-1 * 366 * 86400 * time.Second)
+	ctx.Data["TimeFuture1y"] = now.Add(1 * 366 * 86400 * time.Second)
+}
+
+func prepareMockDataBadgeCommitSign(ctx *context.Context) {
+	var commits []*asymkey.SignCommit
+	mockUsers, _ := db.Find[user_model.User](ctx, user_model.SearchUserOptions{ListOptions: db.ListOptions{PageSize: 1}})
+	mockUser := mockUsers[0]
+	commits = append(commits, &asymkey.SignCommit{
+		Verification: &asymkey.CommitVerification{},
+		UserCommit: &user_model.UserCommit{
+			Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
+		},
+	})
+	commits = append(commits, &asymkey.SignCommit{
+		Verification: &asymkey.CommitVerification{
+			Verified:    true,
+			Reason:      "name / key-id",
+			SigningUser: mockUser,
+			SigningKey:  &asymkey.GPGKey{KeyID: "12345678"},
+			TrustStatus: "trusted",
+		},
+		UserCommit: &user_model.UserCommit{
+			User:   mockUser,
+			Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
+		},
+	})
+	commits = append(commits, &asymkey.SignCommit{
+		Verification: &asymkey.CommitVerification{
+			Verified:      true,
+			Reason:        "name / key-id",
+			SigningUser:   mockUser,
+			SigningSSHKey: &asymkey.PublicKey{Fingerprint: "aa:bb:cc:dd:ee"},
+			TrustStatus:   "untrusted",
+		},
+		UserCommit: &user_model.UserCommit{
+			User:   mockUser,
+			Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
+		},
+	})
+	commits = append(commits, &asymkey.SignCommit{
+		Verification: &asymkey.CommitVerification{
+			Verified:      true,
+			Reason:        "name / key-id",
+			SigningUser:   mockUser,
+			SigningSSHKey: &asymkey.PublicKey{Fingerprint: "aa:bb:cc:dd:ee"},
+			TrustStatus:   "other(unmatch)",
+		},
+		UserCommit: &user_model.UserCommit{
+			User:   mockUser,
+			Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
+		},
+	})
+	commits = append(commits, &asymkey.SignCommit{
+		Verification: &asymkey.CommitVerification{
+			Warning:      true,
+			Reason:       "gpg.error",
+			SigningEmail: "test@example.com",
+		},
+		UserCommit: &user_model.UserCommit{
+			User:   mockUser,
+			Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
+		},
+	})
+
+	ctx.Data["MockCommits"] = commits
+}
+
+func prepareMockDataBadgeActionsSvg(ctx *context.Context) {
+	fontFamilyNames := strings.Split(badge.DefaultFontFamily, ",")
+	selectedFontFamilyName := ctx.FormString("font", fontFamilyNames[0])
+	selectedStyle := ctx.FormString("style", badge.DefaultStyle)
+	var badges []badge.Badge
+	badges = append(badges, badge.GenerateBadge("啊啊啊啊啊啊啊啊啊啊啊啊", "🌞🌞🌞🌞🌞", "green"))
+	for r := range rune(256) {
+		if unicode.IsPrint(r) {
+			s := strings.Repeat(string(r), 15)
+			badges = append(badges, badge.GenerateBadge(s, util.TruncateRunes(s, 7), "green"))
+		}
 	}
 
-	if ctx.Req.URL.Path == "/devtest/commit-sign-badge" {
-		var commits []*asymkey.SignCommit
-		mockUsers, _ := db.Find[user_model.User](ctx, user_model.SearchUserOptions{ListOptions: db.ListOptions{PageSize: 1}})
-		mockUser := mockUsers[0]
-		commits = append(commits, &asymkey.SignCommit{
-			Verification: &asymkey.CommitVerification{},
-			UserCommit: &user_model.UserCommit{
-				Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
-			},
-		})
-		commits = append(commits, &asymkey.SignCommit{
-			Verification: &asymkey.CommitVerification{
-				Verified:    true,
-				Reason:      "name / key-id",
-				SigningUser: mockUser,
-				SigningKey:  &asymkey.GPGKey{KeyID: "12345678"},
-				TrustStatus: "trusted",
-			},
-			UserCommit: &user_model.UserCommit{
-				User:   mockUser,
-				Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
-			},
-		})
-		commits = append(commits, &asymkey.SignCommit{
-			Verification: &asymkey.CommitVerification{
-				Verified:      true,
-				Reason:        "name / key-id",
-				SigningUser:   mockUser,
-				SigningSSHKey: &asymkey.PublicKey{Fingerprint: "aa:bb:cc:dd:ee"},
-				TrustStatus:   "untrusted",
-			},
-			UserCommit: &user_model.UserCommit{
-				User:   mockUser,
-				Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
-			},
-		})
-		commits = append(commits, &asymkey.SignCommit{
-			Verification: &asymkey.CommitVerification{
-				Verified:      true,
-				Reason:        "name / key-id",
-				SigningUser:   mockUser,
-				SigningSSHKey: &asymkey.PublicKey{Fingerprint: "aa:bb:cc:dd:ee"},
-				TrustStatus:   "other(unmatch)",
-			},
-			UserCommit: &user_model.UserCommit{
-				User:   mockUser,
-				Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
-			},
-		})
-		commits = append(commits, &asymkey.SignCommit{
-			Verification: &asymkey.CommitVerification{
-				Warning:      true,
-				Reason:       "gpg.error",
-				SigningEmail: "test@example.com",
-			},
-			UserCommit: &user_model.UserCommit{
-				User:   mockUser,
-				Commit: &git.Commit{ID: git.Sha1ObjectFormat.EmptyObjectID()},
-			},
-		})
+	var badgeSVGs []template.HTML
+	for i, b := range badges {
+		b.IDPrefix = "devtest-" + strconv.FormatInt(int64(i), 10) + "-"
+		b.FontFamily = selectedFontFamilyName
+		var h template.HTML
+		var err error
+		switch selectedStyle {
+		case badge.StyleFlat:
+			h, err = ctx.RenderToHTML("shared/actions/runner_badge_flat", map[string]any{"Badge": b})
+		case badge.StyleFlatSquare:
+			h, err = ctx.RenderToHTML("shared/actions/runner_badge_flat-square", map[string]any{"Badge": b})
+		default:
+			err = fmt.Errorf("unknown badge style: %s", selectedStyle)
+		}
+		if err != nil {
+			ctx.ServerError("RenderToHTML", err)
+			return
+		}
+		badgeSVGs = append(badgeSVGs, h)
+	}
+	ctx.Data["BadgeSVGs"] = badgeSVGs
+	ctx.Data["BadgeFontFamilyNames"] = fontFamilyNames
+	ctx.Data["SelectedFontFamilyName"] = selectedFontFamilyName
+	ctx.Data["BadgeStyles"] = badge.GlobalVars().AllStyles
+	ctx.Data["SelectedStyle"] = selectedStyle
+}
 
-		ctx.Data["MockCommits"] = commits
+func prepareMockData(ctx *context.Context) {
+	switch ctx.Req.URL.Path {
+	case "/devtest/gitea-ui":
+		prepareMockDataGiteaUI(ctx)
+	case "/devtest/badge-commit-sign":
+		prepareMockDataBadgeCommitSign(ctx)
+	case "/devtest/badge-actions-svg":
+		prepareMockDataBadgeActionsSvg(ctx)
 	}
 }
 
-func Tmpl(ctx *context.Context) {
+func TmplCommon(ctx *context.Context) {
 	prepareMockData(ctx)
-	if ctx.Req.Method == "POST" {
+	if ctx.Req.Method == http.MethodPost {
 		_ = ctx.Req.ParseForm()
 		ctx.Flash.Info("form: "+ctx.Req.Method+" "+ctx.Req.RequestURI+"<br>"+
 			"Form: "+ctx.Req.Form.Encode()+"<br>"+
diff --git a/routers/web/devtest/mail_preview.go b/routers/web/devtest/mail_preview.go
new file mode 100644
index 0000000000..d6bade15d7
--- /dev/null
+++ b/routers/web/devtest/mail_preview.go
@@ -0,0 +1,58 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package devtest
+
+import (
+	"net/http"
+	"strings"
+
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/mailer"
+
+	"gopkg.in/yaml.v3"
+)
+
+func MailPreviewRender(ctx *context.Context) {
+	tmplName := ctx.PathParam("*")
+	mockDataContent, err := templates.AssetFS().ReadFile("mail/" + tmplName + ".devtest.yml")
+	mockData := map[string]any{}
+	if err == nil {
+		err = yaml.Unmarshal(mockDataContent, &mockData)
+		if err != nil {
+			http.Error(ctx.Resp, "Failed to parse mock data: "+err.Error(), http.StatusInternalServerError)
+			return
+		}
+	}
+	mockData["locale"] = ctx.Locale
+	err = mailer.LoadedTemplates().BodyTemplates.ExecuteTemplate(ctx.Resp, tmplName, mockData)
+	if err != nil {
+		_, _ = ctx.Resp.Write([]byte(err.Error()))
+	}
+}
+
+func prepareMailPreviewRender(ctx *context.Context, tmplName string) {
+	tmplSubject := mailer.LoadedTemplates().SubjectTemplates.Lookup(tmplName)
+	if tmplSubject == nil {
+		ctx.Data["RenderMailSubject"] = "default subject"
+	} else {
+		var buf strings.Builder
+		err := tmplSubject.Execute(&buf, nil)
+		if err != nil {
+			ctx.Data["RenderMailSubject"] = err.Error()
+		} else {
+			ctx.Data["RenderMailSubject"] = buf.String()
+		}
+	}
+	ctx.Data["RenderMailTemplateName"] = tmplName
+}
+
+func MailPreview(ctx *context.Context) {
+	ctx.Data["MailTemplateNames"] = mailer.LoadedTemplates().TemplateNames
+	tmplName := ctx.FormString("tmpl")
+	if tmplName != "" {
+		prepareMailPreviewRender(ctx, tmplName)
+	}
+	ctx.HTML(http.StatusOK, "devtest/mail-preview")
+}
diff --git a/routers/web/devtest/mock_actions.go b/routers/web/devtest/mock_actions.go
index 3ce75dfad2..bc741ecd11 100644
--- a/routers/web/devtest/mock_actions.go
+++ b/routers/web/devtest/mock_actions.go
@@ -4,9 +4,9 @@
 package devtest
 
 import (
-	"fmt"
 	mathRand "math/rand/v2"
 	"net/http"
+	"strconv"
 	"strings"
 	"time"
 
@@ -38,8 +38,8 @@ func generateMockStepsLog(logCur actions.LogCursor) (stepsLog []*actions.ViewSte
 	for i := 0; i < mockCount; i++ {
 		logStr := mockedLogs[int(cur)%len(mockedLogs)]
 		cur++
-		logStr = strings.ReplaceAll(logStr, "{step}", fmt.Sprintf("%d", logCur.Step))
-		logStr = strings.ReplaceAll(logStr, "{cursor}", fmt.Sprintf("%d", cur))
+		logStr = strings.ReplaceAll(logStr, "{step}", strconv.Itoa(logCur.Step))
+		logStr = strings.ReplaceAll(logStr, "{cursor}", strconv.FormatInt(cur, 10))
 		stepsLog = append(stepsLog, &actions.ViewStepLog{
 			Step:    logCur.Step,
 			Cursor:  cur,
@@ -94,6 +94,16 @@ func MockActionsRunsJobs(ctx *context.Context) {
 		Size:   1024 * 1024,
 		Status: "completed",
 	})
+	resp.Artifacts = append(resp.Artifacts, &actions.ArtifactsViewItem{
+		Name:   "artifact-very-loooooooooooooooooooooooooooooooooooooooooooooooooooooooong",
+		Size:   100 * 1024,
+		Status: "expired",
+	})
+	resp.Artifacts = append(resp.Artifacts, &actions.ArtifactsViewItem{
+		Name:   "artifact-really-loooooooooooooooooooooooooooooooooooooooooooooooooooooooong",
+		Size:   1024 * 1024,
+		Status: "completed",
+	})
 
 	resp.State.Run.Jobs = append(resp.State.Run.Jobs, &actions.ViewJob{
 		ID:       runID * 10,
diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go
index 8f6518a4fc..3bb50ef397 100644
--- a/routers/web/explore/code.go
+++ b/routers/web/explore/code.go
@@ -5,6 +5,7 @@ package explore
 
 import (
 	"net/http"
+	"slices"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -93,14 +94,7 @@ func Code(ctx *context.Context) {
 
 		loadRepoIDs := make([]int64, 0, len(searchResults))
 		for _, result := range searchResults {
-			var find bool
-			for _, id := range loadRepoIDs {
-				if id == result.RepoID {
-					find = true
-					break
-				}
-			}
-			if !find {
+			if !slices.Contains(loadRepoIDs, result.RepoID) {
 				loadRepoIDs = append(loadRepoIDs, result.RepoID)
 			}
 		}
diff --git a/routers/web/explore/org.go b/routers/web/explore/org.go
index 7bb71acfd7..f8f7f5c18c 100644
--- a/routers/web/explore/org.go
+++ b/routers/web/explore/org.go
@@ -44,7 +44,7 @@ func Organizations(ctx *context.Context) {
 		ctx.SetFormString("sort", sortOrder)
 	}
 
-	RenderUserSearch(ctx, &user_model.SearchUserOptions{
+	RenderUserSearch(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		Type:        user_model.UserTypeOrganization,
 		ListOptions: db.ListOptions{PageSize: setting.UI.ExplorePagingNum},
diff --git a/routers/web/explore/repo.go b/routers/web/explore/repo.go
index cf3128314b..f0d7d0ce7d 100644
--- a/routers/web/explore/repo.go
+++ b/routers/web/explore/repo.go
@@ -94,7 +94,7 @@ func RenderRepoSearch(ctx *context.Context, opts *RepoSearchOptions) {
 	private := ctx.FormOptionalBool("private")
 	ctx.Data["IsPrivate"] = private
 
-	repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     page,
 			PageSize: opts.PageSize,
@@ -151,6 +151,7 @@ func Repos(ctx *context.Context) {
 	ctx.Data["CodePageIsDisabled"] = setting.Service.Explore.DisableCodePage
 	ctx.Data["Title"] = ctx.Tr("explore")
 	ctx.Data["PageIsExplore"] = true
+	ctx.Data["ShowRepoOwnerOnList"] = true
 	ctx.Data["PageIsExploreRepositories"] = true
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 
diff --git a/routers/web/explore/user.go b/routers/web/explore/user.go
index e1e1ec1cfd..af48e6fb79 100644
--- a/routers/web/explore/user.go
+++ b/routers/web/explore/user.go
@@ -32,7 +32,7 @@ func isKeywordValid(keyword string) bool {
 }
 
 // RenderUserSearch render user search page
-func RenderUserSearch(ctx *context.Context, opts *user_model.SearchUserOptions, tplName templates.TplName) {
+func RenderUserSearch(ctx *context.Context, opts user_model.SearchUserOptions, tplName templates.TplName) {
 	// Sitemap index for sitemap paths
 	opts.Page = int(ctx.PathParamInt64("idx"))
 	isSitemap := ctx.PathParam("idx") != ""
@@ -151,7 +151,7 @@ func Users(ctx *context.Context) {
 		ctx.SetFormString("sort", sortOrder)
 	}
 
-	RenderUserSearch(ctx, &user_model.SearchUserOptions{
+	RenderUserSearch(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		Type:        user_model.UserTypeIndividual,
 		ListOptions: db.ListOptions{PageSize: setting.UI.ExplorePagingNum},
diff --git a/routers/web/feed/branch.go b/routers/web/feed/branch.go
index d3dae9503e..eb7f6dc5bc 100644
--- a/routers/web/feed/branch.go
+++ b/routers/web/feed/branch.go
@@ -4,11 +4,11 @@
 package feed
 
 import (
-	"fmt"
 	"strings"
 	"time"
 
 	"code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/services/context"
 
 	"github.com/gorilla/feeds"
@@ -16,13 +16,17 @@ import (
 
 // ShowBranchFeed shows tags and/or releases on the repo as RSS / Atom feed
 func ShowBranchFeed(ctx *context.Context, repo *repo.Repository, formatType string) {
-	commits, err := ctx.Repo.Commit.CommitsByRange(0, 10, "")
-	if err != nil {
-		ctx.ServerError("ShowBranchFeed", err)
-		return
+	var commits []*git.Commit
+	var err error
+	if ctx.Repo.Commit != nil {
+		commits, err = ctx.Repo.Commit.CommitsByRange(0, 10, "", "", "")
+		if err != nil {
+			ctx.ServerError("ShowBranchFeed", err)
+			return
+		}
 	}
 
-	title := fmt.Sprintf("Latest commits for branch %s", ctx.Repo.BranchName)
+	title := "Latest commits for branch " + ctx.Repo.BranchName
 	link := &feeds.Link{Href: repo.HTMLURL() + "/" + ctx.Repo.RefTypeNameSubURL()}
 
 	feed := &feeds.Feed{
diff --git a/routers/web/feed/convert.go b/routers/web/feed/convert.go
index b04855fa6a..7c59132841 100644
--- a/routers/web/feed/convert.go
+++ b/routers/web/feed/convert.go
@@ -201,7 +201,7 @@ func feedActionsToFeedItems(ctx *context.Context, actions activities_model.Actio
 			switch act.OpType {
 			case activities_model.ActionCommitRepo, activities_model.ActionMirrorSyncPush:
 				push := templates.ActionContent2Commits(act)
-
+				_ = act.LoadRepo(ctx)
 				for _, commit := range push.Commits {
 					if len(desc) != 0 {
 						desc += "\n\n"
@@ -209,7 +209,7 @@ func feedActionsToFeedItems(ctx *context.Context, actions activities_model.Actio
 					desc += fmt.Sprintf("<a href=\"%s\">%s</a>\n%s",
 						html.EscapeString(fmt.Sprintf("%s/commit/%s", act.GetRepoAbsoluteLink(ctx), commit.Sha1)),
 						commit.Sha1,
-						renderUtils.RenderCommitMessage(commit.Message, nil),
+						renderUtils.RenderCommitMessage(commit.Message, act.Repo),
 					)
 				}
 
diff --git a/routers/web/feed/file.go b/routers/web/feed/file.go
index 407e4fa2d5..026c15c43a 100644
--- a/routers/web/feed/file.go
+++ b/routers/web/feed/file.go
@@ -4,7 +4,6 @@
 package feed
 
 import (
-	"fmt"
 	"strings"
 	"time"
 
@@ -33,7 +32,7 @@ func ShowFileFeed(ctx *context.Context, repo *repo.Repository, formatType string
 		return
 	}
 
-	title := fmt.Sprintf("Latest commits for file %s", ctx.Repo.TreePath)
+	title := "Latest commits for file " + ctx.Repo.TreePath
 
 	link := &feeds.Link{Href: repo.HTMLURL() + "/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(ctx.Repo.TreePath)}
 
diff --git a/routers/web/githttp.go b/routers/web/githttp.go
index 8597ffe795..06de811f16 100644
--- a/routers/web/githttp.go
+++ b/routers/web/githttp.go
@@ -4,26 +4,12 @@
 package web
 
 import (
-	"net/http"
-
-	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/web/repo"
 	"code.gitea.io/gitea/services/context"
 )
 
 func addOwnerRepoGitHTTPRouters(m *web.Router) {
-	reqGitSignIn := func(ctx *context.Context) {
-		if !setting.Service.RequireSignInView {
-			return
-		}
-		// rely on the results of Contexter
-		if !ctx.IsSigned {
-			// TODO: support digit auth - which would be Authorization header with digit
-			ctx.Resp.Header().Set("WWW-Authenticate", `Basic realm="Gitea"`)
-			ctx.HTTPError(http.StatusUnauthorized)
-		}
-	}
 	m.Group("/{username}/{reponame}", func() {
 		m.Methods("POST,OPTIONS", "/git-upload-pack", repo.ServiceUploadPack)
 		m.Methods("POST,OPTIONS", "/git-receive-pack", repo.ServiceReceivePack)
@@ -36,5 +22,5 @@ func addOwnerRepoGitHTTPRouters(m *web.Router) {
 		m.Methods("GET,OPTIONS", "/objects/{head:[0-9a-f]{2}}/{hash:[0-9a-f]{38,62}}", repo.GetLooseObject)
 		m.Methods("GET,OPTIONS", "/objects/pack/pack-{file:[0-9a-f]{40,64}}.pack", repo.GetPackFile)
 		m.Methods("GET,OPTIONS", "/objects/pack/pack-{file:[0-9a-f]{40,64}}.idx", repo.GetIdxFile)
-	}, optSignInIgnoreCsrf, reqGitSignIn, repo.HTTPGitEnabledHandler, repo.CorsHandler(), context.UserAssignmentWeb())
+	}, optSignInIgnoreCsrf, repo.HTTPGitEnabledHandler, repo.CorsHandler(), context.UserAssignmentWeb())
 }
diff --git a/routers/web/goget.go b/routers/web/goget.go
index 79d5c2b207..67e0bee866 100644
--- a/routers/web/goget.go
+++ b/routers/web/goget.go
@@ -18,7 +18,7 @@ import (
 )
 
 func goGet(ctx *context.Context) {
-	if ctx.Req.Method != "GET" || len(ctx.Req.URL.RawQuery) < 8 || ctx.FormString("go-get") != "1" {
+	if ctx.Req.Method != http.MethodGet || len(ctx.Req.URL.RawQuery) < 8 || ctx.FormString("go-get") != "1" {
 		return
 	}
 
diff --git a/routers/web/home.go b/routers/web/home.go
index 208cc36dfb..4b15ee83c2 100644
--- a/routers/web/home.go
+++ b/routers/web/home.go
@@ -68,7 +68,7 @@ func Home(ctx *context.Context) {
 func HomeSitemap(ctx *context.Context) {
 	m := sitemap.NewSitemapIndex()
 	if !setting.Service.Explore.DisableUsersPage {
-		_, cnt, err := user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+		_, cnt, err := user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 			Type:        user_model.UserTypeIndividual,
 			ListOptions: db.ListOptions{PageSize: 1},
 			IsActive:    optional.Some(true),
@@ -86,7 +86,7 @@ func HomeSitemap(ctx *context.Context) {
 		}
 	}
 
-	_, cnt, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	_, cnt, err := repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			PageSize: 1,
 		},
diff --git a/routers/web/misc/markup.go b/routers/web/misc/markup.go
index 0c7ec6c2eb..f90cf3ffed 100644
--- a/routers/web/misc/markup.go
+++ b/routers/web/misc/markup.go
@@ -15,6 +15,6 @@ import (
 // Markup render markup document to HTML
 func Markup(ctx *context.Context) {
 	form := web.GetForm(ctx).(*api.MarkupOption)
-	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck
+	mode := util.Iif(form.Wiki, "wiki", form.Mode) //nolint:staticcheck // form.Wiki is deprecated
 	common.RenderMarkup(ctx.Base, ctx.Repo, mode, form.Text, form.Context, form.FilePath)
 }
diff --git a/routers/web/misc/misc.go b/routers/web/misc/misc.go
index d42afafe9e..59b97c1717 100644
--- a/routers/web/misc/misc.go
+++ b/routers/web/misc/misc.go
@@ -20,7 +20,7 @@ func SSHInfo(rw http.ResponseWriter, req *http.Request) {
 		return
 	}
 	rw.Header().Set("content-type", "text/json;charset=UTF-8")
-	_, err := rw.Write([]byte(`{"type":"gitea","version":1}`))
+	_, err := rw.Write([]byte(`{"type":"agit","version":1}`))
 	if err != nil {
 		log.Error("fail to write result: err: %v", err)
 		rw.WriteHeader(http.StatusInternalServerError)
diff --git a/routers/web/nodeinfo.go b/routers/web/nodeinfo.go
index f1cc7bf530..47856bf98b 100644
--- a/routers/web/nodeinfo.go
+++ b/routers/web/nodeinfo.go
@@ -4,7 +4,6 @@
 package web
 
 import (
-	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/modules/setting"
@@ -24,7 +23,7 @@ type nodeInfoLink struct {
 func NodeInfoLinks(ctx *context.Context) {
 	nodeinfolinks := &nodeInfoLinks{
 		Links: []nodeInfoLink{{
-			fmt.Sprintf("%sapi/v1/nodeinfo", setting.AppURL),
+			setting.AppURL + "api/v1/nodeinfo",
 			"http://nodeinfo.diaspora.software/ns/schema/2.1",
 		}},
 	}
diff --git a/routers/web/org/block.go b/routers/web/org/block.go
index aeb4bd51a8..60f722dd39 100644
--- a/routers/web/org/block.go
+++ b/routers/web/org/block.go
@@ -20,6 +20,11 @@ func BlockedUsers(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettings"] = true
 	ctx.Data["PageIsSettingsBlockedUsers"] = true
 
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	shared_user.BlockedUsers(ctx, ctx.ContextUser)
 	if ctx.Written() {
 		return
@@ -29,6 +34,11 @@ func BlockedUsers(ctx *context.Context) {
 }
 
 func BlockedUsersPost(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	shared_user.BlockedUsersPost(ctx, ctx.ContextUser)
 	if ctx.Written() {
 		return
diff --git a/routers/web/org/home.go b/routers/web/org/home.go
index e3c2dcf0bd..63ae6c683b 100644
--- a/routers/web/org/home.go
+++ b/routers/web/org/home.go
@@ -86,12 +86,6 @@ func home(ctx *context.Context, viewRepositories bool) {
 	private := ctx.FormOptionalBool("private")
 	ctx.Data["IsPrivate"] = private
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	opts := &organization.FindOrgMembersOpts{
 		Doer:         ctx.Doer,
 		OrgID:        org.ID,
@@ -109,9 +103,9 @@ func home(ctx *context.Context, viewRepositories bool) {
 	ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
 	ctx.Data["ShowMemberAndTeamTab"] = ctx.Org.IsMember || len(members) > 0
 
-	prepareResult, err := shared_user.PrepareOrgHeader(ctx)
+	prepareResult, err := shared_user.RenderUserOrgHeader(ctx)
 	if err != nil {
-		ctx.ServerError("PrepareOrgHeader", err)
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -121,7 +115,7 @@ func home(ctx *context.Context, viewRepositories bool) {
 	ctx.Data["PageIsViewOverview"] = isViewOverview
 	ctx.Data["ShowOrgProfileReadmeSelector"] = isViewOverview && prepareResult.ProfilePublicReadmeBlob != nil && prepareResult.ProfilePrivateReadmeBlob != nil
 
-	repos, count, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	repos, count, err := repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			PageSize: setting.UI.User.RepoPagingNum,
 			Page:     page,
@@ -154,7 +148,7 @@ func home(ctx *context.Context, viewRepositories bool) {
 	ctx.HTML(http.StatusOK, tplOrgHome)
 }
 
-func prepareOrgProfileReadme(ctx *context.Context, prepareResult *shared_user.PrepareOrgHeaderResult) bool {
+func prepareOrgProfileReadme(ctx *context.Context, prepareResult *shared_user.PrepareOwnerHeaderResult) bool {
 	viewAs := ctx.FormString("view_as", util.Iif(ctx.Org.IsMember, "member", "public"))
 	viewAsMember := viewAs == "member"
 
diff --git a/routers/web/org/members.go b/routers/web/org/members.go
index 7d88d6b1ad..61022d3f09 100644
--- a/routers/web/org/members.go
+++ b/routers/web/org/members.go
@@ -28,10 +28,7 @@ func Members(ctx *context.Context) {
 	ctx.Data["Title"] = org.FullName
 	ctx.Data["PageIsOrgMembers"] = true
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	opts := &organization.FindOrgMembersOpts{
 		Doer:  ctx.Doer,
@@ -54,9 +51,8 @@ func Members(ctx *context.Context) {
 		return
 	}
 
-	_, err = shared_user.PrepareOrgHeader(ctx)
-	if err != nil {
-		ctx.ServerError("PrepareOrgHeader", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/org/org.go b/routers/web/org/org.go
index 856a605764..0540d5c591 100644
--- a/routers/web/org/org.go
+++ b/routers/web/org/org.go
@@ -27,11 +27,14 @@ const (
 // Create render the page for create organization
 func Create(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("new_org")
-	ctx.Data["DefaultOrgVisibilityMode"] = setting.Service.DefaultOrgVisibilityMode
 	if !ctx.Doer.CanCreateOrganization() {
 		ctx.ServerError("Not allowed", errors.New(ctx.Locale.TrString("org.form.create_org_not_allowed")))
 		return
 	}
+
+	ctx.Data["visibility"] = setting.Service.DefaultOrgVisibilityMode
+	ctx.Data["repo_admin_change_team_access"] = true
+
 	ctx.HTML(http.StatusOK, tplCreateOrg)
 }
 
diff --git a/routers/web/org/org_labels.go b/routers/web/org/org_labels.go
index ccab2131db..2a4aa7f557 100644
--- a/routers/web/org/org_labels.go
+++ b/routers/web/org/org_labels.go
@@ -4,13 +4,15 @@
 package org
 
 import (
-	"net/http"
+	"errors"
 
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/modules/label"
 	repo_module "code.gitea.io/gitea/modules/repository"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
+	shared_label "code.gitea.io/gitea/routers/web/shared/label"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/forms"
 )
@@ -32,47 +34,45 @@ func RetrieveLabels(ctx *context.Context) {
 
 // NewLabel create new label for organization
 func NewLabel(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.CreateLabelForm)
-	ctx.Data["Title"] = ctx.Tr("repo.labels")
-	ctx.Data["PageIsLabels"] = true
-	ctx.Data["PageIsOrgSettings"] = true
-
-	if ctx.HasError() {
-		ctx.Flash.Error(ctx.Data["ErrorMsg"].(string))
-		ctx.Redirect(ctx.Org.OrgLink + "/settings/labels")
+	form := shared_label.GetLabelEditForm(ctx)
+	if ctx.Written() {
 		return
 	}
 
 	l := &issues_model.Label{
-		OrgID:       ctx.Org.Organization.ID,
-		Name:        form.Title,
-		Exclusive:   form.Exclusive,
-		Description: form.Description,
-		Color:       form.Color,
+		OrgID:          ctx.Org.Organization.ID,
+		Name:           form.Title,
+		Exclusive:      form.Exclusive,
+		Description:    form.Description,
+		Color:          form.Color,
+		ExclusiveOrder: form.ExclusiveOrder,
 	}
 	if err := issues_model.NewLabel(ctx, l); err != nil {
 		ctx.ServerError("NewLabel", err)
 		return
 	}
-	ctx.Redirect(ctx.Org.OrgLink + "/settings/labels")
+	ctx.JSONRedirect(ctx.Org.OrgLink + "/settings/labels")
 }
 
 // UpdateLabel update a label's name and color
 func UpdateLabel(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.CreateLabelForm)
+	form := shared_label.GetLabelEditForm(ctx)
+	if ctx.Written() {
+		return
+	}
+
 	l, err := issues_model.GetLabelInOrgByID(ctx, ctx.Org.Organization.ID, form.ID)
-	if err != nil {
-		switch {
-		case issues_model.IsErrOrgLabelNotExist(err):
-			ctx.HTTPError(http.StatusNotFound)
-		default:
-			ctx.ServerError("UpdateLabel", err)
-		}
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.JSONErrorNotFound()
+		return
+	} else if err != nil {
+		ctx.ServerError("GetLabelInOrgByID", err)
 		return
 	}
 
 	l.Name = form.Title
 	l.Exclusive = form.Exclusive
+	l.ExclusiveOrder = form.ExclusiveOrder
 	l.Description = form.Description
 	l.Color = form.Color
 	l.SetArchived(form.IsArchived)
@@ -80,7 +80,7 @@ func UpdateLabel(ctx *context.Context) {
 		ctx.ServerError("UpdateLabel", err)
 		return
 	}
-	ctx.Redirect(ctx.Org.OrgLink + "/settings/labels")
+	ctx.JSONRedirect(ctx.Org.OrgLink + "/settings/labels")
 }
 
 // DeleteLabel delete a label
diff --git a/routers/web/org/projects.go b/routers/web/org/projects.go
index 49f4792772..059cce8281 100644
--- a/routers/web/org/projects.go
+++ b/routers/web/org/projects.go
@@ -43,17 +43,17 @@ func MustEnableProjects(ctx *context.Context) {
 
 // Projects renders the home page of projects
 func Projects(ctx *context.Context) {
-	shared_user.PrepareContextForProfileBigAvatar(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	ctx.Data["Title"] = ctx.Tr("repo.projects")
 
 	sortType := ctx.FormTrim("sort")
 
 	isShowClosed := strings.ToLower(ctx.FormTrim("state")) == "closed"
 	keyword := ctx.FormTrim("q")
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	var projectType project_model.Type
 	if ctx.ContextUser.IsOrganization() {
@@ -101,7 +101,6 @@ func Projects(ctx *context.Context) {
 	}
 
 	ctx.Data["Projects"] = projects
-	shared_user.RenderUserHeader(ctx)
 
 	if isShowClosed {
 		ctx.Data["State"] = "closed"
@@ -113,12 +112,6 @@ func Projects(ctx *context.Context) {
 		project.RenderedContent = renderUtils.MarkdownToHtml(project.Description)
 	}
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	numPages := 0
 	if total > 0 {
 		numPages = (int(total) - 1/setting.UI.IssuePagingNum)
@@ -152,11 +145,8 @@ func RenderNewProject(ctx *context.Context) {
 	ctx.Data["PageIsViewProjects"] = true
 	ctx.Data["HomeLink"] = ctx.ContextUser.HomeLink()
 	ctx.Data["CancelLink"] = ctx.ContextUser.HomeLink() + "/-/projects"
-	shared_user.RenderUserHeader(ctx)
-
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -167,7 +157,10 @@ func RenderNewProject(ctx *context.Context) {
 func NewProjectPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.CreateProjectForm)
 	ctx.Data["Title"] = ctx.Tr("repo.projects.new")
-	shared_user.RenderUserHeader(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 
 	if ctx.HasError() {
 		RenderNewProject(ctx)
@@ -248,7 +241,10 @@ func RenderEditProject(ctx *context.Context) {
 	ctx.Data["CanWriteProjects"] = canWriteProjects(ctx)
 	ctx.Data["CardTypes"] = project_model.GetCardConfig()
 
-	shared_user.RenderUserHeader(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 
 	p, err := project_model.GetProjectByID(ctx, ctx.PathParamInt64("id"))
 	if err != nil {
@@ -282,11 +278,8 @@ func EditProjectPost(ctx *context.Context) {
 	ctx.Data["CardTypes"] = project_model.GetCardConfig()
 	ctx.Data["CancelLink"] = project_model.ProjectLinkForOrg(ctx.ContextUser, projectID)
 
-	shared_user.RenderUserHeader(ctx)
-
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -343,14 +336,14 @@ func ViewProject(ctx *context.Context) {
 		return
 	}
 
-	labelIDs := issue.PrepareFilterIssueLabels(ctx, project.RepoID, project.Owner)
+	preparedLabelFilter := issue.PrepareFilterIssueLabels(ctx, project.RepoID, project.Owner)
 	if ctx.Written() {
 		return
 	}
 	assigneeID := ctx.FormString("assignee")
 
 	opts := issues_model.IssuesOptions{
-		LabelIDs:   labelIDs,
+		LabelIDs:   preparedLabelFilter.SelectedLabelIDs,
 		AssigneeID: assigneeID,
 		Owner:      project.Owner,
 		Doer:       ctx.Doer,
@@ -406,8 +399,8 @@ func ViewProject(ctx *context.Context) {
 	}
 
 	// Get the exclusive scope for every label ID
-	labelExclusiveScopes := make([]string, 0, len(labelIDs))
-	for _, labelID := range labelIDs {
+	labelExclusiveScopes := make([]string, 0, len(preparedLabelFilter.SelectedLabelIDs))
+	for _, labelID := range preparedLabelFilter.SelectedLabelIDs {
 		foundExclusiveScope := false
 		for _, label := range labels {
 			if label.ID == labelID || label.ID == -labelID {
@@ -422,7 +415,7 @@ func ViewProject(ctx *context.Context) {
 	}
 
 	for _, l := range labels {
-		l.LoadSelectedLabelsAfterClick(labelIDs, labelExclusiveScopes)
+		l.LoadSelectedLabelsAfterClick(preparedLabelFilter.SelectedLabelIDs, labelExclusiveScopes)
 	}
 	ctx.Data["Labels"] = labels
 	ctx.Data["NumLabels"] = len(labels)
@@ -443,11 +436,9 @@ func ViewProject(ctx *context.Context) {
 	ctx.Data["Project"] = project
 	ctx.Data["IssuesMap"] = issuesMap
 	ctx.Data["Columns"] = columns
-	shared_user.RenderUserHeader(ctx)
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/org/setting.go b/routers/web/org/setting.go
index cb1c4213c9..2bc1e8bc43 100644
--- a/routers/web/org/setting.go
+++ b/routers/web/org/setting.go
@@ -18,6 +18,7 @@ import (
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
 	shared_user "code.gitea.io/gitea/routers/web/shared/user"
 	user_setting "code.gitea.io/gitea/routers/web/user/setting"
@@ -31,8 +32,6 @@ import (
 const (
 	// tplSettingsOptions template path for render settings
 	tplSettingsOptions templates.TplName = "org/settings/options"
-	// tplSettingsDelete template path for render delete repository
-	tplSettingsDelete templates.TplName = "org/settings/delete"
 	// tplSettingsHooks template path for render hook settings
 	tplSettingsHooks templates.TplName = "org/settings/hooks"
 	// tplSettingsLabels template path for render labels settings
@@ -48,9 +47,8 @@ func Settings(ctx *context.Context) {
 	ctx.Data["RepoAdminChangeTeamAccess"] = ctx.Org.Organization.RepoAdminChangeTeamAccess
 	ctx.Data["ContextUser"] = ctx.ContextUser
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -72,26 +70,6 @@ func SettingsPost(ctx *context.Context) {
 
 	org := ctx.Org.Organization
 
-	if org.Name != form.Name {
-		if err := user_service.RenameUser(ctx, org.AsUser(), form.Name); err != nil {
-			if user_model.IsErrUserAlreadyExist(err) {
-				ctx.Data["Err_Name"] = true
-				ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), tplSettingsOptions, &form)
-			} else if db.IsErrNameReserved(err) {
-				ctx.Data["Err_Name"] = true
-				ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplSettingsOptions, &form)
-			} else if db.IsErrNamePatternNotAllowed(err) {
-				ctx.Data["Err_Name"] = true
-				ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplSettingsOptions, &form)
-			} else {
-				ctx.ServerError("RenameUser", err)
-			}
-			return
-		}
-
-		ctx.Org.OrgLink = setting.AppSubURL + "/org/" + url.PathEscape(org.Name)
-	}
-
 	if form.Email != "" {
 		if err := user_service.ReplacePrimaryEmailAddress(ctx, org.AsUser(), form.Email); err != nil {
 			ctx.Data["Err_Email"] = true
@@ -121,7 +99,7 @@ func SettingsPost(ctx *context.Context) {
 
 	// update forks visibility
 	if visibilityChanged {
-		repos, _, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+		repos, _, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 			Actor: org.AsUser(), Private: true, ListOptions: db.ListOptions{Page: 1, PageSize: org.NumRepos},
 		})
 		if err != nil {
@@ -164,43 +142,27 @@ func SettingsDeleteAvatar(ctx *context.Context) {
 	ctx.JSONRedirect(ctx.Org.OrgLink + "/settings")
 }
 
-// SettingsDelete response for deleting an organization
-func SettingsDelete(ctx *context.Context) {
-	ctx.Data["Title"] = ctx.Tr("org.settings")
-	ctx.Data["PageIsOrgSettings"] = true
-	ctx.Data["PageIsSettingsDelete"] = true
-
-	if ctx.Req.Method == "POST" {
-		if ctx.Org.Organization.Name != ctx.FormString("org_name") {
-			ctx.Data["Err_OrgName"] = true
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_org_name"), tplSettingsDelete, nil)
-			return
-		}
-
-		if err := org_service.DeleteOrganization(ctx, ctx.Org.Organization, false); err != nil {
-			if repo_model.IsErrUserOwnRepos(err) {
-				ctx.Flash.Error(ctx.Tr("form.org_still_own_repo"))
-				ctx.Redirect(ctx.Org.OrgLink + "/settings/delete")
-			} else if packages_model.IsErrUserOwnPackages(err) {
-				ctx.Flash.Error(ctx.Tr("form.org_still_own_packages"))
-				ctx.Redirect(ctx.Org.OrgLink + "/settings/delete")
-			} else {
-				ctx.ServerError("DeleteOrganization", err)
-			}
-		} else {
-			log.Trace("Organization deleted: %s", ctx.Org.Organization.Name)
-			ctx.Redirect(setting.AppSubURL + "/")
-		}
+// SettingsDeleteOrgPost response for deleting an organization
+func SettingsDeleteOrgPost(ctx *context.Context) {
+	if ctx.Org.Organization.Name != ctx.FormString("org_name") {
+		ctx.JSONError(ctx.Tr("form.enterred_invalid_org_name"))
 		return
 	}
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if err := org_service.DeleteOrganization(ctx, ctx.Org.Organization, false /* no purge */); err != nil {
+		if repo_model.IsErrUserOwnRepos(err) {
+			ctx.JSONError(ctx.Tr("form.org_still_own_repo"))
+		} else if packages_model.IsErrUserOwnPackages(err) {
+			ctx.JSONError(ctx.Tr("form.org_still_own_packages"))
+		} else {
+			log.Error("DeleteOrganization: %v", err)
+			ctx.JSONError(util.Iif(ctx.Doer.IsAdmin, err.Error(), string(ctx.Tr("org.settings.delete_failed"))))
+		}
 		return
 	}
 
-	ctx.HTML(http.StatusOK, tplSettingsDelete)
+	ctx.Flash.Success(ctx.Tr("org.settings.delete_successful", ctx.Org.Organization.Name))
+	ctx.JSONRedirect(setting.AppSubURL + "/")
 }
 
 // Webhooks render webhook list page
@@ -218,9 +180,8 @@ func Webhooks(ctx *context.Context) {
 		return
 	}
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -246,11 +207,47 @@ func Labels(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettingsLabels"] = true
 	ctx.Data["LabelTemplateFiles"] = repo_module.LabelTemplateFiles
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
 	ctx.HTML(http.StatusOK, tplSettingsLabels)
 }
+
+// SettingsRenamePost response for renaming organization
+func SettingsRenamePost(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RenameOrgForm)
+	if ctx.HasError() {
+		ctx.JSONError(ctx.GetErrMsg())
+		return
+	}
+
+	oldOrgName, newOrgName := ctx.Org.Organization.Name, form.NewOrgName
+
+	if form.OrgName != oldOrgName {
+		ctx.JSONError(ctx.Tr("form.enterred_invalid_org_name"))
+		return
+	}
+	if newOrgName == oldOrgName {
+		ctx.JSONError(ctx.Tr("org.settings.rename_no_change"))
+		return
+	}
+
+	if err := user_service.RenameUser(ctx, ctx.Org.Organization.AsUser(), newOrgName); err != nil {
+		if user_model.IsErrUserAlreadyExist(err) {
+			ctx.JSONError(ctx.Tr("org.form.name_been_taken", newOrgName))
+		} else if db.IsErrNameReserved(err) {
+			ctx.JSONError(ctx.Tr("org.form.name_reserved", newOrgName))
+		} else if db.IsErrNamePatternNotAllowed(err) {
+			ctx.JSONError(ctx.Tr("org.form.name_pattern_not_allowed", newOrgName))
+		} else {
+			log.Error("RenameOrganization: %v", err)
+			ctx.JSONError(util.Iif(ctx.Doer.IsAdmin, err.Error(), string(ctx.Tr("org.settings.rename_failed"))))
+		}
+		return
+	}
+
+	ctx.Flash.Success(ctx.Tr("org.settings.rename_success", oldOrgName, newOrgName))
+	ctx.JSONRedirect(setting.AppSubURL + "/org/" + url.PathEscape(newOrgName) + "/settings")
+}
diff --git a/routers/web/org/setting_oauth2.go b/routers/web/org/setting_oauth2.go
index c93058477e..47f653bf88 100644
--- a/routers/web/org/setting_oauth2.go
+++ b/routers/web/org/setting_oauth2.go
@@ -45,9 +45,8 @@ func Applications(ctx *context.Context) {
 	}
 	ctx.Data["Applications"] = apps
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/org/setting_packages.go b/routers/web/org/setting_packages.go
index 0912a9e0fd..ec80e2867c 100644
--- a/routers/web/org/setting_packages.go
+++ b/routers/web/org/setting_packages.go
@@ -25,9 +25,8 @@ func Packages(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettings"] = true
 	ctx.Data["PageIsSettingsPackages"] = true
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -41,9 +40,8 @@ func PackagesRuleAdd(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettings"] = true
 	ctx.Data["PageIsSettingsPackages"] = true
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -57,9 +55,8 @@ func PackagesRuleEdit(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettings"] = true
 	ctx.Data["PageIsSettingsPackages"] = true
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -99,9 +96,8 @@ func PackagesRulePreview(ctx *context.Context) {
 	ctx.Data["PageIsOrgSettings"] = true
 	ctx.Data["PageIsSettingsPackages"] = true
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/org/teams.go b/routers/web/org/teams.go
index aeea3708b2..0ec7cfddc5 100644
--- a/routers/web/org/teams.go
+++ b/routers/web/org/teams.go
@@ -46,6 +46,10 @@ const (
 
 // Teams render teams list page
 func Teams(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	org := ctx.Org.Organization
 	ctx.Data["Title"] = org.FullName
 	ctx.Data["PageIsOrgTeams"] = true
@@ -58,12 +62,6 @@ func Teams(ctx *context.Context) {
 	}
 	ctx.Data["Teams"] = ctx.Org.Teams
 
-	_, err := shared_user.PrepareOrgHeader(ctx)
-	if err != nil {
-		ctx.ServerError("PrepareOrgHeader", err)
-		return
-	}
-
 	ctx.HTML(http.StatusOK, tplTeams)
 }
 
@@ -272,22 +270,35 @@ func TeamsRepoAction(ctx *context.Context) {
 
 // NewTeam render create new team page
 func NewTeam(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	ctx.Data["Title"] = ctx.Org.Organization.FullName
 	ctx.Data["PageIsOrgTeams"] = true
 	ctx.Data["PageIsOrgTeamsNew"] = true
 	ctx.Data["Team"] = &org_model.Team{}
 	ctx.Data["Units"] = unit_model.Units
-	if err := shared_user.LoadHeaderCount(ctx); err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
 	ctx.HTML(http.StatusOK, tplTeamNew)
 }
 
+// FIXME: TEAM-UNIT-PERMISSION: this design is not right, when a new unit is added in the future,
+// The existing teams won't inherit the correct admin permission for the new unit.
+// The full history is like this:
+// 1. There was only "team", no "team unit", so "team.authorize" was used to determine the team permission.
+// 2. Later, "team unit" was introduced, then the usage of "team.authorize" became inconsistent, and causes various bugs.
+//   - Sometimes, "team.authorize" is used to determine the team permission, e.g. admin, owner
+//   - Sometimes, "team unit" is used not really used and "team unit" is used.
+//   - Some functions like `GetTeamsWithAccessToAnyRepoUnit` use both.
+//
+// 3. After introducing "team unit" and more unclear changes, it becomes difficult to maintain team permissions.
+//   - Org owner need to click the permission for each unit, but can't just set a common "write" permission for all units.
+//
+// Ideally, "team.authorize=write" should mean the team has write access to all units including newly (future) added ones.
 func getUnitPerms(forms url.Values, teamPermission perm.AccessMode) map[unit_model.Type]perm.AccessMode {
 	unitPerms := make(map[unit_model.Type]perm.AccessMode)
 	for _, ut := range unit_model.AllRepoUnitTypes {
-		// Default accessmode is none
+		// Default access mode is none
 		unitPerms[ut] = perm.AccessModeNone
 
 		v, ok := forms[fmt.Sprintf("unit_%d", ut)]
@@ -314,19 +325,14 @@ func getUnitPerms(forms url.Values, teamPermission perm.AccessMode) map[unit_mod
 func NewTeamPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.CreateTeamForm)
 	includesAllRepositories := form.RepoAccess == "all"
-	p := perm.ParseAccessMode(form.Permission)
-	unitPerms := getUnitPerms(ctx.Req.Form, p)
-	if p < perm.AccessModeAdmin {
-		// if p is less than admin accessmode, then it should be general accessmode,
-		// so we should calculate the minial accessmode from units accessmodes.
-		p = unit_model.MinUnitAccessMode(unitPerms)
-	}
+	teamPermission := perm.ParseAccessMode(form.Permission, perm.AccessModeNone, perm.AccessModeAdmin)
+	unitPerms := getUnitPerms(ctx.Req.Form, teamPermission)
 
 	t := &org_model.Team{
 		OrgID:                   ctx.Org.Organization.ID,
 		Name:                    form.TeamName,
 		Description:             form.Description,
-		AccessMode:              p,
+		AccessMode:              teamPermission,
 		IncludesAllRepositories: includesAllRepositories,
 		CanCreateOrgRepo:        form.CanCreateOrgRepo,
 	}
@@ -373,15 +379,15 @@ func NewTeamPost(ctx *context.Context) {
 
 // TeamMembers render team members page
 func TeamMembers(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	ctx.Data["Title"] = ctx.Org.Team.Name
 	ctx.Data["PageIsOrgTeams"] = true
 	ctx.Data["PageIsOrgTeamMembers"] = true
 
-	if err := shared_user.LoadHeaderCount(ctx); err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	if err := ctx.Org.Team.LoadMembers(ctx); err != nil {
 		ctx.ServerError("GetMembers", err)
 		return
@@ -401,15 +407,15 @@ func TeamMembers(ctx *context.Context) {
 
 // TeamRepositories show the repositories of team
 func TeamRepositories(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	ctx.Data["Title"] = ctx.Org.Team.Name
 	ctx.Data["PageIsOrgTeams"] = true
 	ctx.Data["PageIsOrgTeamRepos"] = true
 
-	if err := shared_user.LoadHeaderCount(ctx); err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	repos, err := repo_model.GetTeamRepositories(ctx, &repo_model.SearchTeamRepoOptions{
 		TeamID: ctx.Org.Team.ID,
 	})
@@ -466,16 +472,16 @@ func SearchTeam(ctx *context.Context) {
 
 // EditTeam render team edit page
 func EditTeam(ctx *context.Context) {
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	ctx.Data["Title"] = ctx.Org.Organization.FullName
 	ctx.Data["PageIsOrgTeams"] = true
 	if err := ctx.Org.Team.LoadUnits(ctx); err != nil {
 		ctx.ServerError("LoadUnits", err)
 		return
 	}
-	if err := shared_user.LoadHeaderCount(ctx); err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
 	ctx.Data["Team"] = ctx.Org.Team
 	ctx.Data["Units"] = unit_model.Units
 	ctx.HTML(http.StatusOK, tplTeamNew)
@@ -485,13 +491,8 @@ func EditTeam(ctx *context.Context) {
 func EditTeamPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.CreateTeamForm)
 	t := ctx.Org.Team
-	newAccessMode := perm.ParseAccessMode(form.Permission)
-	unitPerms := getUnitPerms(ctx.Req.Form, newAccessMode)
-	if newAccessMode < perm.AccessModeAdmin {
-		// if newAccessMode is less than admin accessmode, then it should be general accessmode,
-		// so we should calculate the minial accessmode from units accessmodes.
-		newAccessMode = unit_model.MinUnitAccessMode(unitPerms)
-	}
+	teamPermission := perm.ParseAccessMode(form.Permission, perm.AccessModeNone, perm.AccessModeAdmin)
+	unitPerms := getUnitPerms(ctx.Req.Form, teamPermission)
 	isAuthChanged := false
 	isIncludeAllChanged := false
 	includesAllRepositories := form.RepoAccess == "all"
@@ -503,9 +504,9 @@ func EditTeamPost(ctx *context.Context) {
 
 	if !t.IsOwnerTeam() {
 		t.Name = form.TeamName
-		if t.AccessMode != newAccessMode {
+		if t.AccessMode != teamPermission {
 			isAuthChanged = true
-			t.AccessMode = newAccessMode
+			t.AccessMode = teamPermission
 		}
 
 		if t.IncludesAllRepositories != includesAllRepositories {
diff --git a/routers/web/org/worktime.go b/routers/web/org/worktime.go
index 2336984825..c7b44baf7b 100644
--- a/routers/web/org/worktime.go
+++ b/routers/web/org/worktime.go
@@ -9,6 +9,7 @@ import (
 
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/modules/templates"
+	shared_user "code.gitea.io/gitea/routers/web/shared/user"
 	"code.gitea.io/gitea/services/context"
 )
 
@@ -55,13 +56,14 @@ func Worktime(ctx *context.Context) {
 
 	var worktimeSumResult any
 	var err error
-	if worktimeBy == "milestones" {
+	switch worktimeBy {
+	case "milestones":
 		worktimeSumResult, err = organization.GetWorktimeByMilestones(ctx.Org.Organization, unixFrom, unixTo)
 		ctx.Data["WorktimeByMilestones"] = true
-	} else if worktimeBy == "members" {
+	case "members":
 		worktimeSumResult, err = organization.GetWorktimeByMembers(ctx.Org.Organization, unixFrom, unixTo)
 		ctx.Data["WorktimeByMembers"] = true
-	} else /* by repos */ {
+	default: /* by repos */
 		worktimeSumResult, err = organization.GetWorktimeByRepos(ctx.Org.Organization, unixFrom, unixTo)
 		ctx.Data["WorktimeByRepos"] = true
 	}
@@ -69,6 +71,12 @@ func Worktime(ctx *context.Context) {
 		ctx.ServerError("GetWorktime", err)
 		return
 	}
+
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	ctx.Data["WorktimeSumResult"] = worktimeSumResult
 	ctx.HTML(http.StatusOK, tplByRepos)
 }
diff --git a/routers/web/repo/actions/actions.go b/routers/web/repo/actions/actions.go
index d07d195713..202da407d2 100644
--- a/routers/web/repo/actions/actions.go
+++ b/routers/web/repo/actions/actions.go
@@ -6,6 +6,7 @@ package actions
 import (
 	"bytes"
 	stdCtx "context"
+	"errors"
 	"net/http"
 	"slices"
 	"strings"
@@ -67,7 +68,11 @@ func List(ctx *context.Context) {
 	ctx.Data["PageIsActions"] = true
 
 	commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
-	if err != nil {
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.Data["NotFoundPrompt"] = ctx.Tr("repo.branch.default_branch_not_exist", ctx.Repo.Repository.DefaultBranch)
+		ctx.NotFound(nil)
+		return
+	} else if err != nil {
 		ctx.ServerError("GetBranchCommit", err)
 		return
 	}
@@ -121,7 +126,7 @@ func prepareWorkflowDispatchTemplate(ctx *context.Context, commit *git.Commit) (
 
 	var curWorkflow *model.Workflow
 
-	entries, err := actions.ListWorkflows(commit)
+	_, entries, err := actions.ListWorkflows(commit)
 	if err != nil {
 		ctx.ServerError("ListWorkflows", err)
 		return nil
@@ -312,6 +317,8 @@ func prepareWorkflowList(ctx *context.Context, workflows []Workflow) {
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
 	ctx.Data["HasWorkflowsOrRuns"] = len(workflows) > 0 || len(runs) > 0
+
+	ctx.Data["CanWriteRepoUnitActions"] = ctx.Repo.CanWrite(unit.TypeActions)
 }
 
 // loadIsRefDeleted loads the IsRefDeleted field for each run in the list.
@@ -370,10 +377,8 @@ func workflowDispatchConfig(w *model.Workflow) *WorkflowDispatch {
 		if !decodeNode(w.RawOn, &val) {
 			return nil
 		}
-		for _, v := range val {
-			if v == "workflow_dispatch" {
-				return &WorkflowDispatch{}
-			}
+		if slices.Contains(val, "workflow_dispatch") {
+			return &WorkflowDispatch{}
 		}
 	case yaml.MappingNode:
 		var val map[string]yaml.Node
diff --git a/routers/web/repo/actions/badge.go b/routers/web/repo/actions/badge.go
index e920ecaf58..d268a8df8a 100644
--- a/routers/web/repo/actions/badge.go
+++ b/routers/web/repo/actions/badge.go
@@ -5,35 +5,38 @@ package actions
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 	"path/filepath"
 	"strings"
 
 	actions_model "code.gitea.io/gitea/models/actions"
 	"code.gitea.io/gitea/modules/badge"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 )
 
 func GetWorkflowBadge(ctx *context.Context) {
 	workflowFile := ctx.PathParam("workflow_name")
-	branch := ctx.Req.URL.Query().Get("branch")
-	if branch == "" {
-		branch = ctx.Repo.Repository.DefaultBranch
-	}
-	branchRef := fmt.Sprintf("refs/heads/%s", branch)
-	event := ctx.Req.URL.Query().Get("event")
+	branch := ctx.FormString("branch", ctx.Repo.Repository.DefaultBranch)
+	event := ctx.FormString("event")
+	style := ctx.FormString("style")
 
-	badge, err := getWorkflowBadge(ctx, workflowFile, branchRef, event)
+	branchRef := git.RefNameFromBranch(branch)
+	b, err := getWorkflowBadge(ctx, workflowFile, branchRef.String(), event)
 	if err != nil {
 		ctx.ServerError("GetWorkflowBadge", err)
 		return
 	}
 
-	ctx.Data["Badge"] = badge
+	ctx.Data["Badge"] = b
 	ctx.RespHeader().Set("Content-Type", "image/svg+xml")
-	ctx.HTML(http.StatusOK, "shared/actions/runner_badge")
+	switch style {
+	case badge.StyleFlatSquare:
+		ctx.HTML(http.StatusOK, "shared/actions/runner_badge_flat-square")
+	default: // defaults to badge.StyleFlat
+		ctx.HTML(http.StatusOK, "shared/actions/runner_badge_flat")
+	}
 }
 
 func getWorkflowBadge(ctx *context.Context, workflowFile, branchName, event string) (badge.Badge, error) {
@@ -48,7 +51,7 @@ func getWorkflowBadge(ctx *context.Context, workflowFile, branchName, event stri
 		return badge.Badge{}, err
 	}
 
-	color, ok := badge.StatusColorMap[run.Status]
+	color, ok := badge.GlobalVars().StatusColorMap[run.Status]
 	if !ok {
 		return badge.GenerateBadge(workflowName, "unknown status", badge.DefaultColor), nil
 	}
diff --git a/routers/web/repo/actions/view.go b/routers/web/repo/actions/view.go
index 41f0d2d0ec..52b2e9995e 100644
--- a/routers/web/repo/actions/view.go
+++ b/routers/web/repo/actions/view.go
@@ -14,7 +14,6 @@ import (
 	"net/http"
 	"net/url"
 	"strconv"
-	"strings"
 	"time"
 
 	actions_model "code.gitea.io/gitea/models/actions"
@@ -31,6 +30,7 @@ import (
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/routers/common"
 	actions_service "code.gitea.io/gitea/services/actions"
 	context_module "code.gitea.io/gitea/services/context"
 	notify_service "code.gitea.io/gitea/services/notify"
@@ -64,6 +64,36 @@ func View(ctx *context_module.Context) {
 	ctx.HTML(http.StatusOK, tplViewActions)
 }
 
+func ViewWorkflowFile(ctx *context_module.Context) {
+	runIndex := getRunIndex(ctx)
+	run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
+	if err != nil {
+		ctx.NotFoundOrServerError("GetRunByIndex", func(err error) bool {
+			return errors.Is(err, util.ErrNotExist)
+		}, err)
+		return
+	}
+	commit, err := ctx.Repo.GitRepo.GetCommit(run.CommitSHA)
+	if err != nil {
+		ctx.NotFoundOrServerError("GetCommit", func(err error) bool {
+			return errors.Is(err, util.ErrNotExist)
+		}, err)
+		return
+	}
+	rpath, entries, err := actions.ListWorkflows(commit)
+	if err != nil {
+		ctx.ServerError("ListWorkflows", err)
+		return
+	}
+	for _, entry := range entries {
+		if entry.Name() == run.WorkflowID {
+			ctx.Redirect(fmt.Sprintf("%s/src/commit/%s/%s/%s", ctx.Repo.RepoLink, url.PathEscape(run.CommitSHA), util.PathEscapeSegments(rpath), util.PathEscapeSegments(run.WorkflowID)))
+			return
+		}
+	}
+	ctx.NotFound(nil)
+}
+
 type LogCursor struct {
 	Step     int   `json:"step"`
 	Cursor   int64 `json:"cursor"`
@@ -200,13 +230,9 @@ func ViewPost(ctx *context_module.Context) {
 		}
 	}
 
-	// TODO: "ComposeMetas" (usually for comment) is not quite right, but it is still the same as what template "RenderCommitMessage" does.
-	// need to be refactored together in the future
-	metas := ctx.Repo.Repository.ComposeMetas(ctx)
-
 	// the title for the "run" is from the commit message
 	resp.State.Run.Title = run.Title
-	resp.State.Run.TitleHTML = templates.NewRenderUtils(ctx).RenderCommitMessage(run.Title, metas)
+	resp.State.Run.TitleHTML = templates.NewRenderUtils(ctx).RenderCommitMessage(run.Title, ctx.Repo.Repository)
 	resp.State.Run.Link = run.Link()
 	resp.State.Run.CanCancel = !run.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions)
 	resp.State.Run.CanApprove = run.NeedApproval && ctx.Repo.CanWrite(unit.TypeActions)
@@ -223,7 +249,7 @@ func ViewPost(ctx *context_module.Context) {
 			ID:       v.ID,
 			Name:     v.Name,
 			Status:   v.Status.String(),
-			CanRerun: v.Status.IsDone() && ctx.Repo.CanWrite(unit.TypeActions),
+			CanRerun: resp.State.Run.CanRerun,
 			Duration: v.Duration().String(),
 		})
 	}
@@ -278,7 +304,7 @@ func ViewPost(ctx *context_module.Context) {
 	if task != nil {
 		steps, logs, err := convertToViewModel(ctx, req.LogCursors, task)
 		if err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("convertToViewModel", err)
 			return
 		}
 		resp.State.CurrentJob.Steps = append(resp.State.CurrentJob.Steps, steps...)
@@ -382,7 +408,7 @@ func Rerun(ctx *context_module.Context) {
 
 	run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
 	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("GetRunByIndex", err)
 		return
 	}
 
@@ -400,7 +426,7 @@ func Rerun(ctx *context_module.Context) {
 		run.Started = 0
 		run.Stopped = 0
 		if err := actions_model.UpdateRun(ctx, run, "started", "stopped", "previous_duration"); err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("UpdateRun", err)
 			return
 		}
 	}
@@ -415,11 +441,11 @@ func Rerun(ctx *context_module.Context) {
 			// if the job has needs, it should be set to "blocked" status to wait for other jobs
 			shouldBlock := len(j.Needs) > 0
 			if err := rerunJob(ctx, j, shouldBlock); err != nil {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
+				ctx.ServerError("RerunJob", err)
 				return
 			}
 		}
-		ctx.JSON(http.StatusOK, struct{}{})
+		ctx.JSONOK()
 		return
 	}
 
@@ -429,17 +455,17 @@ func Rerun(ctx *context_module.Context) {
 		// jobs other than the specified one should be set to "blocked" status
 		shouldBlock := j.JobID != job.JobID
 		if err := rerunJob(ctx, j, shouldBlock); err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("RerunJob", err)
 			return
 		}
 	}
 
-	ctx.JSON(http.StatusOK, struct{}{})
+	ctx.JSONOK()
 }
 
 func rerunJob(ctx *context_module.Context, job *actions_model.ActionRunJob, shouldBlock bool) error {
 	status := job.Status
-	if !status.IsDone() {
+	if !status.IsDone() || !job.Run.Status.IsDone() {
 		return nil
 	}
 
@@ -459,7 +485,7 @@ func rerunJob(ctx *context_module.Context, job *actions_model.ActionRunJob, shou
 	}
 
 	actions_service.CreateCommitStatus(ctx, job)
-	_ = job.LoadAttributes(ctx)
+	actions_service.NotifyWorkflowRunStatusUpdateWithReload(ctx, job)
 	notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
 
 	return nil
@@ -469,49 +495,19 @@ func Logs(ctx *context_module.Context) {
 	runIndex := getRunIndex(ctx)
 	jobIndex := ctx.PathParamInt64("job")
 
-	job, _ := getRunJobs(ctx, runIndex, jobIndex)
-	if ctx.Written() {
-		return
-	}
-	if job.TaskID == 0 {
-		ctx.HTTPError(http.StatusNotFound, "job is not started")
-		return
-	}
-
-	err := job.LoadRun(ctx)
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
-		return
-	}
-
-	task, err := actions_model.GetTaskByID(ctx, job.TaskID)
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
-		return
-	}
-	if task.LogExpired {
-		ctx.HTTPError(http.StatusNotFound, "logs have been cleaned up")
-		return
-	}
-
-	reader, err := actions.OpenLogs(ctx, task.LogInStorage, task.LogFilename)
+	run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
 	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.NotFoundOrServerError("GetRunByIndex", func(err error) bool {
+			return errors.Is(err, util.ErrNotExist)
+		}, err)
 		return
 	}
-	defer reader.Close()
 
-	workflowName := job.Run.WorkflowID
-	if p := strings.Index(workflowName, "."); p > 0 {
-		workflowName = workflowName[0:p]
+	if err = common.DownloadActionsRunJobLogsWithIndex(ctx.Base, ctx.Repo.Repository, run.ID, jobIndex); err != nil {
+		ctx.NotFoundOrServerError("DownloadActionsRunJobLogsWithIndex", func(err error) bool {
+			return errors.Is(err, util.ErrNotExist)
+		}, err)
 	}
-	ctx.ServeContent(reader, &context_module.ServeHeaderOptions{
-		Filename:           fmt.Sprintf("%v-%v-%v.log", workflowName, job.Name, task.ID),
-		ContentLength:      &task.LogSize,
-		ContentType:        "text/plain",
-		ContentTypeCharset: "utf-8",
-		Disposition:        "attachment",
-	})
 }
 
 func Cancel(ctx *context_module.Context) {
@@ -538,7 +534,7 @@ func Cancel(ctx *context_module.Context) {
 					return err
 				}
 				if n == 0 {
-					return fmt.Errorf("job has changed, try again")
+					return errors.New("job has changed, try again")
 				}
 				if n > 0 {
 					updatedjobs = append(updatedjobs, job)
@@ -551,7 +547,7 @@ func Cancel(ctx *context_module.Context) {
 		}
 		return nil
 	}); err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("StopTask", err)
 		return
 	}
 
@@ -561,7 +557,11 @@ func Cancel(ctx *context_module.Context) {
 		_ = job.LoadAttributes(ctx)
 		notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
 	}
-
+	if len(updatedjobs) > 0 {
+		job := updatedjobs[0]
+		actions_service.NotifyWorkflowRunStatusUpdateWithReload(ctx, job)
+		notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+	}
 	ctx.JSON(http.StatusOK, struct{}{})
 }
 
@@ -597,12 +597,18 @@ func Approve(ctx *context_module.Context) {
 		}
 		return nil
 	}); err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("UpdateRunJob", err)
 		return
 	}
 
 	actions_service.CreateCommitStatus(ctx, jobs...)
 
+	if len(updatedjobs) > 0 {
+		job := updatedjobs[0]
+		actions_service.NotifyWorkflowRunStatusUpdateWithReload(ctx, job)
+		notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+	}
+
 	for _, job := range updatedjobs {
 		_ = job.LoadAttributes(ctx)
 		notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
@@ -611,6 +617,33 @@ func Approve(ctx *context_module.Context) {
 	ctx.JSON(http.StatusOK, struct{}{})
 }
 
+func Delete(ctx *context_module.Context) {
+	runIndex := getRunIndex(ctx)
+	repoID := ctx.Repo.Repository.ID
+
+	run, err := actions_model.GetRunByIndex(ctx, repoID, runIndex)
+	if err != nil {
+		if errors.Is(err, util.ErrNotExist) {
+			ctx.JSONErrorNotFound()
+			return
+		}
+		ctx.ServerError("GetRunByIndex", err)
+		return
+	}
+
+	if !run.Status.IsDone() {
+		ctx.JSONError(ctx.Tr("actions.runs.not_done"))
+		return
+	}
+
+	if err := actions_service.DeleteRun(ctx, run); err != nil {
+		ctx.ServerError("DeleteRun", err)
+		return
+	}
+
+	ctx.JSONOK()
+}
+
 // getRunJobs gets the jobs of runIndex, and returns jobs[jobIndex], jobs.
 // Any error will be written to the ctx.
 // It never returns a nil job of an empty jobs, if the jobIndex is out of range, it will be treated as 0.
@@ -618,20 +651,20 @@ func getRunJobs(ctx *context_module.Context, runIndex, jobIndex int64) (*actions
 	run, err := actions_model.GetRunByIndex(ctx, ctx.Repo.Repository.ID, runIndex)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
-			ctx.HTTPError(http.StatusNotFound, err.Error())
+			ctx.NotFound(nil)
 			return nil, nil
 		}
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("GetRunByIndex", err)
 		return nil, nil
 	}
 	run.Repo = ctx.Repo.Repository
 	jobs, err := actions_model.GetRunJobsByRunID(ctx, run.ID)
 	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("GetRunJobsByRunID", err)
 		return nil, nil
 	}
 	if len(jobs) == 0 {
-		ctx.HTTPError(http.StatusNotFound)
+		ctx.NotFound(nil)
 		return nil, nil
 	}
 
@@ -657,7 +690,7 @@ func ArtifactsDeleteView(ctx *context_module.Context) {
 		return
 	}
 	if err = actions_model.SetArtifactNeedDelete(ctx, run.ID, artifactName); err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("SetArtifactNeedDelete", err)
 		return
 	}
 	ctx.JSON(http.StatusOK, struct{}{})
@@ -673,7 +706,7 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 			ctx.HTTPError(http.StatusNotFound, err.Error())
 			return
 		}
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("GetRunByIndex", err)
 		return
 	}
 
@@ -682,7 +715,7 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 		ArtifactName: artifactName,
 	})
 	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, err.Error())
+		ctx.ServerError("FindArtifacts", err)
 		return
 	}
 	if len(artifacts) == 0 {
@@ -703,7 +736,7 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 	if len(artifacts) == 1 && actions.IsArtifactV4(artifacts[0]) {
 		err := actions.DownloadArtifactV4(ctx.Base, artifacts[0])
 		if err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("DownloadArtifactV4", err)
 			return
 		}
 		return
@@ -716,7 +749,7 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 	for _, art := range artifacts {
 		f, err := storage.ActionsArtifacts.Open(art.StoragePath)
 		if err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("ActionsArtifacts.Open", err)
 			return
 		}
 
@@ -724,7 +757,7 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 		if art.ContentEncoding == "gzip" {
 			r, err = gzip.NewReader(f)
 			if err != nil {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
+				ctx.ServerError("gzip.NewReader", err)
 				return
 			}
 		} else {
@@ -734,11 +767,11 @@ func ArtifactsDownloadView(ctx *context_module.Context) {
 
 		w, err := writer.Create(art.ArtifactPath)
 		if err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("writer.Create", err)
 			return
 		}
 		if _, err := io.Copy(w, r); err != nil {
-			ctx.HTTPError(http.StatusInternalServerError, err.Error())
+			ctx.ServerError("io.Copy", err)
 			return
 		}
 	}
diff --git a/routers/web/repo/activity.go b/routers/web/repo/activity.go
index 1d809ad8e9..8232f0cc04 100644
--- a/routers/web/repo/activity.go
+++ b/routers/web/repo/activity.go
@@ -8,6 +8,7 @@ import (
 	"time"
 
 	activities_model "code.gitea.io/gitea/models/activities"
+	"code.gitea.io/gitea/models/git"
 	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/services/context"
@@ -52,12 +53,26 @@ func Activity(ctx *context.Context) {
 	ctx.Data["DateUntil"] = timeUntil
 	ctx.Data["PeriodText"] = ctx.Tr("repo.activity.period." + ctx.Data["Period"].(string))
 
+	canReadCode := ctx.Repo.CanRead(unit.TypeCode)
+	if canReadCode {
+		// GetActivityStats needs to read the default branch to get some information
+		branchExist, _ := git.IsBranchExist(ctx, ctx.Repo.Repository.ID, ctx.Repo.Repository.DefaultBranch)
+		if !branchExist {
+			ctx.Data["NotFoundPrompt"] = ctx.Tr("repo.branch.default_branch_not_exist", ctx.Repo.Repository.DefaultBranch)
+			ctx.NotFound(nil)
+			return
+		}
+	}
+
 	var err error
-	if ctx.Data["Activity"], err = activities_model.GetActivityStats(ctx, ctx.Repo.Repository, timeFrom,
+	// TODO: refactor these arguments to a struct
+	ctx.Data["Activity"], err = activities_model.GetActivityStats(ctx, ctx.Repo.Repository, timeFrom,
 		ctx.Repo.CanRead(unit.TypeReleases),
 		ctx.Repo.CanRead(unit.TypeIssues),
 		ctx.Repo.CanRead(unit.TypePullRequests),
-		ctx.Repo.CanRead(unit.TypeCode)); err != nil {
+		canReadCode,
+	)
+	if err != nil {
 		ctx.ServerError("GetActivityStats", err)
 		return
 	}
diff --git a/routers/web/repo/attachment.go b/routers/web/repo/attachment.go
index 9eda926dad..f696669196 100644
--- a/routers/web/repo/attachment.go
+++ b/routers/web/repo/attachment.go
@@ -129,7 +129,7 @@ func ServeAttachment(ctx *context.Context, uuid string) {
 
 	if setting.Attachment.Storage.ServeDirect() {
 		// If we have a signed url (S3, object storage), redirect to this directly.
-		u, err := storage.Attachments.URL(attach.RelativePath(), attach.Name, nil)
+		u, err := storage.Attachments.URL(attach.RelativePath(), attach.Name, ctx.Req.Method, nil)
 
 		if u != nil && err == nil {
 			ctx.Redirect(u.String())
diff --git a/routers/web/repo/blame.go b/routers/web/repo/blame.go
index efd85b9452..e304633f95 100644
--- a/routers/web/repo/blame.go
+++ b/routers/web/repo/blame.go
@@ -8,6 +8,7 @@ import (
 	gotemplate "html/template"
 	"net/http"
 	"net/url"
+	"path"
 	"strconv"
 	"strings"
 
@@ -15,13 +16,13 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/languagestats"
 	"code.gitea.io/gitea/modules/highlight"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
-	files_service "code.gitea.io/gitea/services/repository/files"
 )
 
 type blameRow struct {
@@ -69,7 +70,7 @@ func RefBlame(ctx *context.Context) {
 	blob := entry.Blob()
 	fileSize := blob.Size()
 	ctx.Data["FileSize"] = fileSize
-	ctx.Data["FileName"] = blob.Name()
+	ctx.Data["FileTreePath"] = ctx.Repo.TreePath
 
 	tplName := tplRepoViewContent
 	if !ctx.FormBool("only_content") {
@@ -234,7 +235,7 @@ func processBlameParts(ctx *context.Context, blameParts []*git.BlamePart) map[st
 func renderBlame(ctx *context.Context, blameParts []*git.BlamePart, commitNames map[string]*user_model.UserCommit) {
 	repoLink := ctx.Repo.RepoLink
 
-	language, err := files_service.TryGetContentLanguage(ctx.Repo.GitRepo, ctx.Repo.CommitID, ctx.Repo.TreePath)
+	language, err := languagestats.GetFileLanguage(ctx, ctx.Repo.GitRepo, ctx.Repo.CommitID, ctx.Repo.TreePath)
 	if err != nil {
 		log.Error("Unable to get file language for %-v:%s. Error: %v", ctx.Repo.Repository, ctx.Repo.TreePath, err)
 	}
@@ -285,8 +286,7 @@ func renderBlame(ctx *context.Context, blameParts []*git.BlamePart, commitNames
 			if i != len(lines)-1 {
 				line += "\n"
 			}
-			fileName := fmt.Sprintf("%v", ctx.Data["FileName"])
-			line, lexerNameForLine := highlight.Code(fileName, language, line)
+			line, lexerNameForLine := highlight.Code(path.Base(ctx.Repo.TreePath), language, line)
 
 			// set lexer name to the first detected lexer. this is certainly suboptimal and
 			// we should instead highlight the whole file at once
diff --git a/routers/web/repo/branch.go b/routers/web/repo/branch.go
index 5d963eff66..96d1d87836 100644
--- a/routers/web/repo/branch.go
+++ b/routers/web/repo/branch.go
@@ -45,10 +45,7 @@ func Branches(ctx *context.Context) {
 	ctx.Data["PageIsViewCode"] = true
 	ctx.Data["PageIsBranches"] = true
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	pageSize := setting.Git.BranchesRangeSize
 
 	kw := ctx.FormString("q")
@@ -261,10 +258,10 @@ func CreateBranch(ctx *context.Context) {
 
 func MergeUpstream(ctx *context.Context) {
 	branchName := ctx.FormString("branch")
-	_, err := repo_service.MergeUpstream(ctx, ctx.Doer, ctx.Repo.Repository, branchName)
+	_, err := repo_service.MergeUpstream(ctx, ctx.Doer, ctx.Repo.Repository, branchName, false)
 	if err != nil {
 		if errors.Is(err, util.ErrNotExist) {
-			ctx.JSONError(ctx.Tr("error.not_found"))
+			ctx.JSONErrorNotFound()
 			return
 		} else if pull_service.IsErrMergeConflicts(err) {
 			ctx.JSONError(ctx.Tr("repo.pulls.merge_conflict"))
diff --git a/routers/web/repo/cherry_pick.go b/routers/web/repo/cherry_pick.go
deleted file mode 100644
index ec50e1435e..0000000000
--- a/routers/web/repo/cherry_pick.go
+++ /dev/null
@@ -1,192 +0,0 @@
-// Copyright 2021 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package repo
-
-import (
-	"bytes"
-	"errors"
-	"strings"
-
-	git_model "code.gitea.io/gitea/models/git"
-	"code.gitea.io/gitea/models/unit"
-	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/templates"
-	"code.gitea.io/gitea/modules/util"
-	"code.gitea.io/gitea/modules/web"
-	"code.gitea.io/gitea/services/context"
-	"code.gitea.io/gitea/services/forms"
-	"code.gitea.io/gitea/services/repository/files"
-)
-
-var tplCherryPick templates.TplName = "repo/editor/cherry_pick"
-
-// CherryPick handles cherrypick GETs
-func CherryPick(ctx *context.Context) {
-	ctx.Data["SHA"] = ctx.PathParam("sha")
-	cherryPickCommit, err := ctx.Repo.GitRepo.GetCommit(ctx.PathParam("sha"))
-	if err != nil {
-		if git.IsErrNotExist(err) {
-			ctx.NotFound(err)
-			return
-		}
-		ctx.ServerError("GetCommit", err)
-		return
-	}
-
-	if ctx.FormString("cherry-pick-type") == "revert" {
-		ctx.Data["CherryPickType"] = "revert"
-		ctx.Data["commit_summary"] = "revert " + ctx.PathParam("sha")
-		ctx.Data["commit_message"] = "revert " + cherryPickCommit.Message()
-	} else {
-		ctx.Data["CherryPickType"] = "cherry-pick"
-		splits := strings.SplitN(cherryPickCommit.Message(), "\n", 2)
-		ctx.Data["commit_summary"] = splits[0]
-		ctx.Data["commit_message"] = splits[1]
-	}
-
-	canCommit := renderCommitRights(ctx)
-	ctx.Data["TreePath"] = ""
-
-	if canCommit {
-		ctx.Data["commit_choice"] = frmCommitChoiceDirect
-	} else {
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-	}
-	ctx.Data["new_branch_name"] = GetUniquePatchBranchName(ctx)
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	ctx.Data["LineWrapExtensions"] = strings.Join(setting.Repository.Editor.LineWrapExtensions, ",")
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-
-	ctx.HTML(200, tplCherryPick)
-}
-
-// CherryPickPost handles cherrypick POSTs
-func CherryPickPost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.CherryPickForm)
-
-	sha := ctx.PathParam("sha")
-	ctx.Data["SHA"] = sha
-	if form.Revert {
-		ctx.Data["CherryPickType"] = "revert"
-	} else {
-		ctx.Data["CherryPickType"] = "cherry-pick"
-	}
-
-	canCommit := renderCommitRights(ctx)
-	branchName := ctx.Repo.BranchName
-	if form.CommitChoice == frmCommitChoiceNewBranch {
-		branchName = form.NewBranchName
-	}
-	ctx.Data["commit_summary"] = form.CommitSummary
-	ctx.Data["commit_message"] = form.CommitMessage
-	ctx.Data["commit_choice"] = form.CommitChoice
-	ctx.Data["new_branch_name"] = form.NewBranchName
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	ctx.Data["LineWrapExtensions"] = strings.Join(setting.Repository.Editor.LineWrapExtensions, ",")
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-
-	if ctx.HasError() {
-		ctx.HTML(200, tplCherryPick)
-		return
-	}
-
-	// Cannot commit to a an existing branch if user doesn't have rights
-	if branchName == ctx.Repo.BranchName && !canCommit {
-		ctx.Data["Err_NewBranchName"] = true
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-		ctx.RenderWithErr(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", branchName), tplCherryPick, &form)
-		return
-	}
-
-	message := strings.TrimSpace(form.CommitSummary)
-	if message == "" {
-		if form.Revert {
-			message = ctx.Locale.TrString("repo.commit.revert-header", sha)
-		} else {
-			message = ctx.Locale.TrString("repo.commit.cherry-pick-header", sha)
-		}
-	}
-
-	form.CommitMessage = strings.TrimSpace(form.CommitMessage)
-	if len(form.CommitMessage) > 0 {
-		message += "\n\n" + form.CommitMessage
-	}
-
-	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, form.CommitEmail)
-	if !valid {
-		ctx.Data["Err_CommitEmail"] = true
-		ctx.RenderWithErr(ctx.Tr("repo.editor.invalid_commit_email"), tplCherryPick, &form)
-		return
-	}
-	opts := &files.ApplyDiffPatchOptions{
-		LastCommitID: form.LastCommit,
-		OldBranch:    ctx.Repo.BranchName,
-		NewBranch:    branchName,
-		Message:      message,
-		Author:       gitCommitter,
-		Committer:    gitCommitter,
-	}
-
-	// First lets try the simple plain read-tree -m approach
-	opts.Content = sha
-	if _, err := files.CherryPick(ctx, ctx.Repo.Repository, ctx.Doer, form.Revert, opts); err != nil {
-		if git_model.IsErrBranchAlreadyExists(err) {
-			// User has specified a branch that already exists
-			branchErr := err.(git_model.ErrBranchAlreadyExists)
-			ctx.Data["Err_NewBranchName"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplCherryPick, &form)
-			return
-		} else if files.IsErrCommitIDDoesNotMatch(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_changed_while_editing", ctx.Repo.RepoLink+"/compare/"+form.LastCommit+"..."+ctx.Repo.CommitID), tplPatchFile, &form)
-			return
-		}
-		// Drop through to the apply technique
-
-		buf := &bytes.Buffer{}
-		if form.Revert {
-			if err := git.GetReverseRawDiff(ctx, ctx.Repo.Repository.RepoPath(), sha, buf); err != nil {
-				if git.IsErrNotExist(err) {
-					ctx.NotFound(errors.New("commit " + ctx.PathParam("sha") + " does not exist."))
-					return
-				}
-				ctx.ServerError("GetRawDiff", err)
-				return
-			}
-		} else {
-			if err := git.GetRawDiff(ctx.Repo.GitRepo, sha, git.RawDiffType("patch"), buf); err != nil {
-				if git.IsErrNotExist(err) {
-					ctx.NotFound(errors.New("commit " + ctx.PathParam("sha") + " does not exist."))
-					return
-				}
-				ctx.ServerError("GetRawDiff", err)
-				return
-			}
-		}
-
-		opts.Content = buf.String()
-		ctx.Data["FileContent"] = opts.Content
-
-		if _, err := files.ApplyDiffPatch(ctx, ctx.Repo.Repository, ctx.Doer, opts); err != nil {
-			if git_model.IsErrBranchAlreadyExists(err) {
-				// User has specified a branch that already exists
-				branchErr := err.(git_model.ErrBranchAlreadyExists)
-				ctx.Data["Err_NewBranchName"] = true
-				ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplCherryPick, &form)
-				return
-			} else if files.IsErrCommitIDDoesNotMatch(err) {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.file_changed_while_editing", ctx.Repo.RepoLink+"/compare/"+form.LastCommit+"..."+ctx.Repo.CommitID), tplPatchFile, &form)
-				return
-			}
-			ctx.RenderWithErr(ctx.Tr("repo.editor.fail_to_apply_patch", err), tplPatchFile, &form)
-			return
-		}
-	}
-
-	if form.CommitChoice == frmCommitChoiceNewBranch && ctx.Repo.Repository.UnitEnabled(ctx, unit.TypePullRequests) {
-		ctx.Redirect(ctx.Repo.RepoLink + "/compare/" + util.PathEscapeSegments(ctx.Repo.BranchName) + "..." + util.PathEscapeSegments(form.NewBranchName))
-	} else {
-		ctx.Redirect(ctx.Repo.RepoLink + "/src/branch/" + util.PathEscapeSegments(branchName))
-	}
-}
diff --git a/routers/web/repo/code_frequency.go b/routers/web/repo/code_frequency.go
index e212d3b60c..2b2dd5744a 100644
--- a/routers/web/repo/code_frequency.go
+++ b/routers/web/repo/code_frequency.go
@@ -34,7 +34,7 @@ func CodeFrequencyData(ctx *context.Context) {
 			ctx.Status(http.StatusAccepted)
 			return
 		}
-		ctx.ServerError("GetCodeFrequencyData", err)
+		ctx.ServerError("GetContributorStats", err)
 	} else {
 		ctx.JSON(http.StatusOK, contributorStats["total"].Weeks)
 	}
diff --git a/routers/web/repo/commit.go b/routers/web/repo/commit.go
index 3fd1eacb58..0c60abcecd 100644
--- a/routers/web/repo/commit.go
+++ b/routers/web/repo/commit.go
@@ -15,12 +15,14 @@ import (
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
+	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/renderhelper"
 	repo_model "code.gitea.io/gitea/models/repo"
 	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/charset"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
@@ -66,10 +68,7 @@ func Commits(ctx *context.Context) {
 
 	commitsCount := ctx.Repo.CommitsCount
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	pageSize := ctx.FormInt("limit")
 	if pageSize <= 0 {
@@ -77,7 +76,7 @@ func Commits(ctx *context.Context) {
 	}
 
 	// Both `git log branchName` and `git log commitId` work.
-	commits, err := ctx.Repo.Commit.CommitsByRange(page, pageSize, "")
+	commits, err := ctx.Repo.Commit.CommitsByRange(page, pageSize, "", "", "")
 	if err != nil {
 		ctx.ServerError("CommitsByRange", err)
 		return
@@ -168,10 +167,13 @@ func Graph(ctx *context.Context) {
 	ctx.Data["Username"] = ctx.Repo.Owner.Name
 	ctx.Data["Reponame"] = ctx.Repo.Repository.Name
 
+	divOnly := ctx.FormBool("div-only")
+	queryParams := ctx.Req.URL.Query()
+	queryParams.Del("div-only")
 	paginator := context.NewPagination(int(graphCommitsCount), setting.UI.GraphMaxCommitNum, page, 5)
-	paginator.AddParamFromRequest(ctx.Req)
+	paginator.AddParamFromQuery(queryParams)
 	ctx.Data["Page"] = paginator
-	if ctx.FormBool("div-only") {
+	if divOnly {
 		ctx.HTML(http.StatusOK, tplGraphDiv)
 		return
 	}
@@ -215,13 +217,12 @@ func SearchCommits(ctx *context.Context) {
 
 // FileHistory show a file's reversions
 func FileHistory(ctx *context.Context) {
-	fileName := ctx.Repo.TreePath
-	if len(fileName) == 0 {
+	if ctx.Repo.TreePath == "" {
 		Commits(ctx)
 		return
 	}
 
-	commitsCount, err := ctx.Repo.GitRepo.FileCommitsCount(ctx.Repo.RefFullName.ShortName(), fileName) // FIXME: legacy code used ShortName
+	commitsCount, err := ctx.Repo.GitRepo.FileCommitsCount(ctx.Repo.RefFullName.ShortName(), ctx.Repo.TreePath)
 	if err != nil {
 		ctx.ServerError("FileCommitsCount", err)
 		return
@@ -230,15 +231,12 @@ func FileHistory(ctx *context.Context) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	commits, err := ctx.Repo.GitRepo.CommitsByFileAndRange(
 		git.CommitsByFileAndRangeOptions{
 			Revision: ctx.Repo.RefFullName.ShortName(), // FIXME: legacy code used ShortName
-			File:     fileName,
+			File:     ctx.Repo.TreePath,
 			Page:     page,
 		})
 	if err != nil {
@@ -253,7 +251,7 @@ func FileHistory(ctx *context.Context) {
 
 	ctx.Data["Username"] = ctx.Repo.Owner.Name
 	ctx.Data["Reponame"] = ctx.Repo.Repository.Name
-	ctx.Data["FileName"] = fileName
+	ctx.Data["FileTreePath"] = ctx.Repo.TreePath
 	ctx.Data["CommitCount"] = commitsCount
 
 	pager := context.NewPagination(int(commitsCount), setting.Git.CommitsRangeSize, page, 5)
@@ -314,7 +312,7 @@ func Diff(ctx *context.Context) {
 		maxLines, maxFiles = -1, -1
 	}
 
-	diff, err := gitdiff.GetDiffForRender(ctx, gitRepo, &gitdiff.DiffOptions{
+	diff, err := gitdiff.GetDiffForRender(ctx, ctx.Repo.RepoLink, gitRepo, &gitdiff.DiffOptions{
 		AfterCommitID:      commitID,
 		SkipTo:             ctx.FormString("skip-to"),
 		MaxLines:           maxLines,
@@ -370,10 +368,14 @@ func Diff(ctx *context.Context) {
 			return
 		}
 
-		ctx.PageData["DiffFiles"] = transformDiffTreeForUI(diffTree, nil)
+		renderedIconPool := fileicon.NewRenderedIconPool()
+		ctx.PageData["DiffFileTree"] = transformDiffTreeForWeb(renderedIconPool, diffTree, nil)
+		ctx.PageData["FolderIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolder())
+		ctx.PageData["FolderOpenIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolderOpen())
+		ctx.Data["FileIconPoolHTML"] = renderedIconPool.RenderToHTML()
 	}
 
-	statuses, _, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, commitID, db.ListOptionsAll)
+	statuses, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, commitID, db.ListOptionsAll)
 	if err != nil {
 		log.Error("GetLatestCommitStatus: %v", err)
 	}
@@ -410,6 +412,11 @@ func Diff(ctx *context.Context) {
 		}
 	}
 
+	pr, _ := issues_model.GetPullRequestByMergedCommit(ctx, ctx.Repo.Repository.ID, commitID)
+	if pr != nil {
+		ctx.Data["MergedPRIssueNumber"] = pr.Index
+	}
+
 	ctx.HTML(http.StatusOK, tplCommitPage)
 }
 
@@ -453,6 +460,9 @@ func processGitCommits(ctx *context.Context, gitCommits []*git.Commit) ([]*git_m
 	}
 	if !ctx.Repo.CanRead(unit_model.TypeActions) {
 		for _, commit := range commits {
+			if commit.Status == nil {
+				continue
+			}
 			commit.Status.HideActionsURL(ctx)
 			git_model.CommitStatusesHideActionsURL(ctx, commit.Statuses)
 		}
diff --git a/routers/web/repo/common_recentbranches.go b/routers/web/repo/common_recentbranches.go
new file mode 100644
index 0000000000..c2083dec73
--- /dev/null
+++ b/routers/web/repo/common_recentbranches.go
@@ -0,0 +1,73 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	git_model "code.gitea.io/gitea/models/git"
+	access_model "code.gitea.io/gitea/models/perm/access"
+	unit_model "code.gitea.io/gitea/models/unit"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/services/context"
+	repo_service "code.gitea.io/gitea/services/repository"
+)
+
+type RecentBranchesPromptDataStruct struct {
+	RecentlyPushedNewBranches []*git_model.RecentlyPushedNewBranch
+}
+
+func prepareRecentlyPushedNewBranches(ctx *context.Context) {
+	if ctx.Doer == nil {
+		return
+	}
+	if err := ctx.Repo.Repository.GetBaseRepo(ctx); err != nil {
+		log.Error("GetBaseRepo: %v", err)
+		return
+	}
+
+	opts := git_model.FindRecentlyPushedNewBranchesOptions{
+		Repo:     ctx.Repo.Repository,
+		BaseRepo: ctx.Repo.Repository,
+	}
+	if ctx.Repo.Repository.IsFork {
+		opts.BaseRepo = ctx.Repo.Repository.BaseRepo
+	}
+
+	baseRepoPerm, err := access_model.GetUserRepoPermission(ctx, opts.BaseRepo, ctx.Doer)
+	if err != nil {
+		log.Error("GetUserRepoPermission: %v", err)
+		return
+	}
+	if !opts.Repo.CanContentChange() || !opts.BaseRepo.CanContentChange() {
+		return
+	}
+	if !opts.BaseRepo.UnitEnabled(ctx, unit_model.TypePullRequests) || !baseRepoPerm.CanRead(unit_model.TypePullRequests) {
+		return
+	}
+
+	var finalBranches []*git_model.RecentlyPushedNewBranch
+	branches, err := git_model.FindRecentlyPushedNewBranches(ctx, ctx.Doer, opts)
+	if err != nil {
+		log.Error("FindRecentlyPushedNewBranches failed: %v", err)
+		return
+	}
+
+	for _, branch := range branches {
+		divergingInfo, err := repo_service.GetBranchDivergingInfo(ctx,
+			branch.BranchRepo, branch.BranchName, // "base" repo for diverging info
+			opts.BaseRepo, opts.BaseRepo.DefaultBranch, // "head" repo for diverging info
+		)
+		if err != nil {
+			log.Error("GetBranchDivergingInfo failed: %v", err)
+			continue
+		}
+		branchRepoHasNewCommits := divergingInfo.BaseHasNewCommits
+		baseRepoCommitsBehind := divergingInfo.HeadCommitsBehind
+		if branchRepoHasNewCommits || baseRepoCommitsBehind > 0 {
+			finalBranches = append(finalBranches, branch)
+		}
+	}
+	if len(finalBranches) > 0 {
+		ctx.Data["RecentBranchesPromptData"] = RecentBranchesPromptDataStruct{finalBranches}
+	}
+}
diff --git a/routers/web/repo/compare.go b/routers/web/repo/compare.go
index 3e9cdb5df8..c771b30e5f 100644
--- a/routers/web/repo/compare.go
+++ b/routers/web/repo/compare.go
@@ -26,6 +26,7 @@ import (
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/charset"
 	csv_module "code.gitea.io/gitea/modules/csv"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
@@ -401,12 +402,11 @@ func ParseCompareInfo(ctx *context.Context) *common.CompareInfo {
 		ci.HeadRepo = ctx.Repo.Repository
 		ci.HeadGitRepo = ctx.Repo.GitRepo
 	} else if has {
-		ci.HeadGitRepo, err = gitrepo.OpenRepository(ctx, ci.HeadRepo)
+		ci.HeadGitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ci.HeadRepo)
 		if err != nil {
-			ctx.ServerError("OpenRepository", err)
+			ctx.ServerError("RepositoryFromRequestContextOrOpen", err)
 			return nil
 		}
-		defer ci.HeadGitRepo.Close()
 	} else {
 		ctx.NotFound(nil)
 		return nil
@@ -569,20 +569,20 @@ func PrepareCompareDiff(
 	ctx *context.Context,
 	ci *common.CompareInfo,
 	whitespaceBehavior git.TrustedCmdArgs,
-) bool {
-	var (
-		repo  = ctx.Repo.Repository
-		err   error
-		title string
-	)
-
-	// Get diff information.
-	ctx.Data["CommitRepoLink"] = ci.HeadRepo.Link()
-
+) (nothingToCompare bool) {
+	repo := ctx.Repo.Repository
 	headCommitID := ci.CompareInfo.HeadCommitID
 
+	ctx.Data["CommitRepoLink"] = ci.HeadRepo.Link()
 	ctx.Data["AfterCommitID"] = headCommitID
 
+	// follow GitHub's behavior: autofill the form and expand
+	newPrFormTitle := ctx.FormTrim("title")
+	newPrFormBody := ctx.FormTrim("body")
+	ctx.Data["ExpandNewPrForm"] = ctx.FormBool("expand") || ctx.FormBool("quick_pull") || newPrFormTitle != "" || newPrFormBody != ""
+	ctx.Data["TitleQuery"] = newPrFormTitle
+	ctx.Data["BodyQuery"] = newPrFormBody
+
 	if (headCommitID == ci.CompareInfo.MergeBase && !ci.DirectComparison) ||
 		headCommitID == ci.CompareInfo.BaseCommitID {
 		ctx.Data["IsNothingToCompare"] = true
@@ -614,7 +614,7 @@ func PrepareCompareDiff(
 
 	fileOnly := ctx.FormBool("file-only")
 
-	diff, err := gitdiff.GetDiffForRender(ctx, ci.HeadGitRepo,
+	diff, err := gitdiff.GetDiffForRender(ctx, ci.HeadRepo.Link(), ci.HeadGitRepo,
 		&gitdiff.DiffOptions{
 			BeforeCommitID:     beforeCommitID,
 			AfterCommitID:      headCommitID,
@@ -645,7 +645,11 @@ func PrepareCompareDiff(
 			return false
 		}
 
-		ctx.PageData["DiffFiles"] = transformDiffTreeForUI(diffTree, nil)
+		renderedIconPool := fileicon.NewRenderedIconPool()
+		ctx.PageData["DiffFileTree"] = transformDiffTreeForWeb(renderedIconPool, diffTree, nil)
+		ctx.PageData["FolderIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolder())
+		ctx.PageData["FolderOpenIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolderOpen())
+		ctx.Data["FileIconPoolHTML"] = renderedIconPool.RenderToHTML()
 	}
 
 	headCommit, err := ci.HeadGitRepo.GetCommit(headCommitID)
@@ -670,6 +674,7 @@ func PrepareCompareDiff(
 	ctx.Data["Commits"] = commits
 	ctx.Data["CommitCount"] = len(commits)
 
+	title := ci.HeadBranch
 	if len(commits) == 1 {
 		c := commits[0]
 		title = strings.TrimSpace(c.UserCommit.Summary())
@@ -678,9 +683,8 @@ func PrepareCompareDiff(
 		if len(body) > 1 {
 			ctx.Data["content"] = strings.Join(body[1:], "\n")
 		}
-	} else {
-		title = ci.HeadBranch
 	}
+
 	if len(title) > 255 {
 		var trailer string
 		title, trailer = util.EllipsisDisplayStringX(title, 255)
@@ -727,11 +731,6 @@ func getBranchesAndTagsForRepo(ctx gocontext.Context, repo *repo_model.Repositor
 // CompareDiff show different from one commit to another commit
 func CompareDiff(ctx *context.Context) {
 	ci := ParseCompareInfo(ctx)
-	defer func() {
-		if ci != nil && ci.HeadGitRepo != nil {
-			ci.HeadGitRepo.Close()
-		}
-	}()
 	if ctx.Written() {
 		return
 	}
@@ -745,8 +744,7 @@ func CompareDiff(ctx *context.Context) {
 		ctx.Data["OtherCompareSeparator"] = "..."
 	}
 
-	nothingToCompare := PrepareCompareDiff(ctx, ci,
-		gitdiff.GetWhitespaceFlag(ctx.Data["WhitespaceBehavior"].(string)))
+	nothingToCompare := PrepareCompareDiff(ctx, ci, gitdiff.GetWhitespaceFlag(ctx.Data["WhitespaceBehavior"].(string)))
 	if ctx.Written() {
 		return
 	}
@@ -945,9 +943,10 @@ func ExcerptBlob(ctx *context.Context) {
 				RightHunkSize: rightHunkSize,
 			},
 		}
-		if direction == "up" {
+		switch direction {
+		case "up":
 			section.Lines = append([]*gitdiff.DiffLine{lineSection}, section.Lines...)
-		} else if direction == "down" {
+		case "down":
 			section.Lines = append(section.Lines, lineSection)
 		}
 	}
diff --git a/routers/web/repo/download.go b/routers/web/repo/download.go
index 020cebf196..6f394aae27 100644
--- a/routers/web/repo/download.go
+++ b/routers/web/repo/download.go
@@ -54,7 +54,7 @@ func ServeBlobOrLFS(ctx *context.Context, blob *git.Blob, lastModified *time.Tim
 
 		if setting.LFS.Storage.ServeDirect() {
 			// If we have a signed url (S3, object storage, blob storage), redirect to this directly.
-			u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name(), nil)
+			u, err := storage.LFS.URL(pointer.RelativePath(), blob.Name(), ctx.Req.Method, nil)
 			if u != nil && err == nil {
 				ctx.Redirect(u.String())
 				return nil
diff --git a/routers/web/repo/editor.go b/routers/web/repo/editor.go
index 113622f872..2a5ac10282 100644
--- a/routers/web/repo/editor.go
+++ b/routers/web/repo/editor.go
@@ -4,6 +4,7 @@
 package repo
 
 import (
+	"bytes"
 	"fmt"
 	"io"
 	"net/http"
@@ -11,19 +12,17 @@ import (
 	"strings"
 
 	git_model "code.gitea.io/gitea/models/git"
-	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
-	"code.gitea.io/gitea/modules/typesniffer"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
-	"code.gitea.io/gitea/routers/utils"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/context/upload"
 	"code.gitea.io/gitea/services/forms"
@@ -35,871 +34,422 @@ const (
 	tplEditDiffPreview templates.TplName = "repo/editor/diff_preview"
 	tplDeleteFile      templates.TplName = "repo/editor/delete"
 	tplUploadFile      templates.TplName = "repo/editor/upload"
+	tplPatchFile       templates.TplName = "repo/editor/patch"
+	tplCherryPick      templates.TplName = "repo/editor/cherry_pick"
 
-	frmCommitChoiceDirect    string = "direct"
-	frmCommitChoiceNewBranch string = "commit-to-new-branch"
+	editorCommitChoiceDirect    string = "direct"
+	editorCommitChoiceNewBranch string = "commit-to-new-branch"
 )
 
-func canCreateBasePullRequest(ctx *context.Context) bool {
-	baseRepo := ctx.Repo.Repository.BaseRepo
-	return baseRepo != nil && baseRepo.UnitEnabled(ctx, unit.TypePullRequests)
-}
-
-func renderCommitRights(ctx *context.Context) bool {
-	canCommitToBranch, err := ctx.Repo.CanCommitToBranch(ctx, ctx.Doer)
-	if err != nil {
-		log.Error("CanCommitToBranch: %v", err)
-	}
-	ctx.Data["CanCommitToBranch"] = canCommitToBranch
-	ctx.Data["CanCreatePullRequest"] = ctx.Repo.Repository.UnitEnabled(ctx, unit.TypePullRequests) || canCreateBasePullRequest(ctx)
-
-	return canCommitToBranch.CanCommitToBranch
-}
-
-// redirectForCommitChoice redirects after committing the edit to a branch
-func redirectForCommitChoice(ctx *context.Context, commitChoice, newBranchName, treePath string) {
-	if commitChoice == frmCommitChoiceNewBranch {
-		// Redirect to a pull request when possible
-		redirectToPullRequest := false
-		repo := ctx.Repo.Repository
-		baseBranch := ctx.Repo.BranchName
-		headBranch := newBranchName
-		if repo.UnitEnabled(ctx, unit.TypePullRequests) {
-			redirectToPullRequest = true
-		} else if canCreateBasePullRequest(ctx) {
-			redirectToPullRequest = true
-			baseBranch = repo.BaseRepo.DefaultBranch
-			headBranch = repo.Owner.Name + "/" + repo.Name + ":" + headBranch
-			repo = repo.BaseRepo
-		}
-
-		if redirectToPullRequest {
-			ctx.Redirect(repo.Link() + "/compare/" + util.PathEscapeSegments(baseBranch) + "..." + util.PathEscapeSegments(headBranch))
-			return
+func prepareEditorCommitFormOptions(ctx *context.Context, editorAction string) *context.CommitFormOptions {
+	cleanedTreePath := files_service.CleanGitTreePath(ctx.Repo.TreePath)
+	if cleanedTreePath != ctx.Repo.TreePath {
+		redirectTo := fmt.Sprintf("%s/%s/%s/%s", ctx.Repo.RepoLink, editorAction, util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(cleanedTreePath))
+		if ctx.Req.URL.RawQuery != "" {
+			redirectTo += "?" + ctx.Req.URL.RawQuery
 		}
+		ctx.Redirect(redirectTo)
+		return nil
 	}
 
-	returnURI := ctx.FormString("return_uri")
-
-	ctx.RedirectToCurrentSite(
-		returnURI,
-		ctx.Repo.RepoLink+"/src/branch/"+util.PathEscapeSegments(newBranchName)+"/"+util.PathEscapeSegments(treePath),
-	)
-}
+	commitFormOptions, err := context.PrepareCommitFormOptions(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.Permission, ctx.Repo.RefFullName)
+	if err != nil {
+		ctx.ServerError("PrepareCommitFormOptions", err)
+		return nil
+	}
 
-// getParentTreeFields returns list of parent tree names and corresponding tree paths
-// based on given tree path.
-func getParentTreeFields(treePath string) (treeNames, treePaths []string) {
-	if len(treePath) == 0 {
-		return treeNames, treePaths
+	if commitFormOptions.NeedFork {
+		ForkToEdit(ctx)
+		return nil
 	}
 
-	treeNames = strings.Split(treePath, "/")
-	treePaths = make([]string, len(treeNames))
-	for i := range treeNames {
-		treePaths[i] = strings.Join(treeNames[:i+1], "/")
+	if commitFormOptions.WillSubmitToFork && !commitFormOptions.TargetRepo.CanEnableEditor() {
+		ctx.Data["NotFoundPrompt"] = ctx.Locale.Tr("repo.editor.fork_not_editable")
+		ctx.NotFound(nil)
 	}
-	return treeNames, treePaths
-}
 
-func editFileCommon(ctx *context.Context, isNewFile bool) {
-	ctx.Data["PageIsEdit"] = true
-	ctx.Data["IsNewFile"] = isNewFile
 	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
+	ctx.Data["TreePath"] = ctx.Repo.TreePath
+	ctx.Data["CommitFormOptions"] = commitFormOptions
+
+	// for online editor
 	ctx.Data["PreviewableExtensions"] = strings.Join(markup.PreviewableExtensions(), ",")
 	ctx.Data["LineWrapExtensions"] = strings.Join(setting.Repository.Editor.LineWrapExtensions, ",")
 	ctx.Data["IsEditingFileOnly"] = ctx.FormString("return_uri") != ""
 	ctx.Data["ReturnURI"] = ctx.FormString("return_uri")
-}
-
-func editFile(ctx *context.Context, isNewFile bool) {
-	editFileCommon(ctx, isNewFile)
-	canCommit := renderCommitRights(ctx)
 
-	treePath := cleanUploadFileName(ctx.Repo.TreePath)
-	if treePath != ctx.Repo.TreePath {
-		if isNewFile {
-			ctx.Redirect(path.Join(ctx.Repo.RepoLink, "_new", util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(treePath)))
-		} else {
-			ctx.Redirect(path.Join(ctx.Repo.RepoLink, "_edit", util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(treePath)))
-		}
-		return
-	}
-
-	// Check if the filename (and additional path) is specified in the querystring
-	// (filename is a misnomer, but kept for compatibility with GitHub)
-	filePath, fileName := path.Split(ctx.Req.URL.Query().Get("filename"))
-	filePath = strings.Trim(filePath, "/")
-	treeNames, treePaths := getParentTreeFields(path.Join(ctx.Repo.TreePath, filePath))
-
-	if !isNewFile {
-		entry, err := ctx.Repo.Commit.GetTreeEntryByPath(ctx.Repo.TreePath)
-		if err != nil {
-			HandleGitError(ctx, "Repo.Commit.GetTreeEntryByPath", err)
-			return
-		}
-
-		// No way to edit a directory online.
-		if entry.IsDir() {
-			ctx.NotFound(nil)
-			return
-		}
-
-		blob := entry.Blob()
-		if blob.Size() >= setting.UI.MaxDisplayFileSize {
-			ctx.NotFound(err)
-			return
-		}
-
-		dataRc, err := blob.DataAsync()
-		if err != nil {
-			ctx.NotFound(err)
-			return
-		}
-
-		defer dataRc.Close()
-
-		ctx.Data["FileSize"] = blob.Size()
-		ctx.Data["FileName"] = blob.Name()
-
-		buf := make([]byte, 1024)
-		n, _ := util.ReadAtMost(dataRc, buf)
-		buf = buf[:n]
-
-		// Only some file types are editable online as text.
-		if !typesniffer.DetectContentType(buf).IsRepresentableAsText() {
-			ctx.NotFound(nil)
-			return
-		}
-
-		d, _ := io.ReadAll(dataRc)
-
-		buf = append(buf, d...)
-		if content, err := charset.ToUTF8(buf, charset.ConvertOpts{KeepBOM: true}); err != nil {
-			log.Error("ToUTF8: %v", err)
-			ctx.Data["FileContent"] = string(buf)
-		} else {
-			ctx.Data["FileContent"] = content
-		}
-	} else {
-		// Append filename from query, or empty string to allow username the new file.
-		treeNames = append(treeNames, fileName)
-	}
-
-	ctx.Data["TreeNames"] = treeNames
-	ctx.Data["TreePaths"] = treePaths
+	// form fields
 	ctx.Data["commit_summary"] = ""
 	ctx.Data["commit_message"] = ""
-	ctx.Data["commit_choice"] = util.Iif(canCommit, frmCommitChoiceDirect, frmCommitChoiceNewBranch)
-	ctx.Data["new_branch_name"] = GetUniquePatchBranchName(ctx)
+	ctx.Data["commit_choice"] = util.Iif(commitFormOptions.CanCommitToBranch, editorCommitChoiceDirect, editorCommitChoiceNewBranch)
+	ctx.Data["new_branch_name"] = getUniquePatchBranchName(ctx, ctx.Doer.LowerName, commitFormOptions.TargetRepo)
 	ctx.Data["last_commit"] = ctx.Repo.CommitID
-
-	ctx.Data["EditorconfigJson"] = GetEditorConfig(ctx, treePath)
-
-	ctx.HTML(http.StatusOK, tplEditFile)
+	return commitFormOptions
 }
 
-// GetEditorConfig returns a editorconfig JSON string for given treePath or "null"
-func GetEditorConfig(ctx *context.Context, treePath string) string {
-	ec, _, err := ctx.Repo.GetEditorconfig()
-	if err == nil {
-		def, err := ec.GetDefinitionForFilename(treePath)
-		if err == nil {
-			jsonStr, _ := json.Marshal(def)
-			return string(jsonStr)
-		}
-	}
-	return "null"
+func prepareTreePathFieldsAndPaths(ctx *context.Context, treePath string) {
+	// show the tree path fields in the "breadcrumb" and help users to edit the target tree path
+	ctx.Data["TreeNames"], ctx.Data["TreePaths"] = getParentTreeFields(strings.TrimPrefix(treePath, "/"))
 }
 
-// EditFile render edit file page
-func EditFile(ctx *context.Context) {
-	editFile(ctx, false)
+type preparedEditorCommitForm[T any] struct {
+	form              T
+	commonForm        *forms.CommitCommonForm
+	CommitFormOptions *context.CommitFormOptions
+	OldBranchName     string
+	NewBranchName     string
+	GitCommitter      *files_service.IdentityOptions
 }
 
-// NewFile render create file page
-func NewFile(ctx *context.Context) {
-	editFile(ctx, true)
+func (f *preparedEditorCommitForm[T]) GetCommitMessage(defaultCommitMessage string) string {
+	commitMessage := util.IfZero(strings.TrimSpace(f.commonForm.CommitSummary), defaultCommitMessage)
+	if body := strings.TrimSpace(f.commonForm.CommitMessage); body != "" {
+		commitMessage += "\n\n" + body
+	}
+	return commitMessage
 }
 
-func editFilePost(ctx *context.Context, form forms.EditRepoFileForm, isNewFile bool) {
-	editFileCommon(ctx, isNewFile)
-	ctx.Data["PageHasPosted"] = true
-
-	canCommit := renderCommitRights(ctx)
-	treeNames, treePaths := getParentTreeFields(form.TreePath)
-	branchName := ctx.Repo.BranchName
-	if form.CommitChoice == frmCommitChoiceNewBranch {
-		branchName = form.NewBranchName
-	}
-
-	ctx.Data["TreePath"] = form.TreePath
-	ctx.Data["TreeNames"] = treeNames
-	ctx.Data["TreePaths"] = treePaths
-	ctx.Data["FileContent"] = form.Content
-	ctx.Data["commit_summary"] = form.CommitSummary
-	ctx.Data["commit_message"] = form.CommitMessage
-	ctx.Data["commit_choice"] = form.CommitChoice
-	ctx.Data["new_branch_name"] = form.NewBranchName
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	ctx.Data["EditorconfigJson"] = GetEditorConfig(ctx, form.TreePath)
-
+func prepareEditorCommitSubmittedForm[T forms.CommitCommonFormInterface](ctx *context.Context) *preparedEditorCommitForm[T] {
+	form := web.GetForm(ctx).(T)
 	if ctx.HasError() {
-		ctx.HTML(http.StatusOK, tplEditFile)
-		return
+		ctx.JSONError(ctx.GetErrMsg())
+		return nil
 	}
 
-	// Cannot commit to an existing branch if user doesn't have rights
-	if branchName == ctx.Repo.BranchName && !canCommit {
-		ctx.Data["Err_NewBranchName"] = true
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-		ctx.RenderWithErr(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", branchName), tplEditFile, &form)
-		return
-	}
+	commonForm := form.GetCommitCommonForm()
+	commonForm.TreePath = files_service.CleanGitTreePath(commonForm.TreePath)
 
-	// CommitSummary is optional in the web form, if empty, give it a default message based on add or update
-	// `message` will be both the summary and message combined
-	message := strings.TrimSpace(form.CommitSummary)
-	if len(message) == 0 {
-		if isNewFile {
-			message = ctx.Locale.TrString("repo.editor.add", form.TreePath)
-		} else {
-			message = ctx.Locale.TrString("repo.editor.update", form.TreePath)
-		}
+	commitFormOptions, err := context.PrepareCommitFormOptions(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.Permission, ctx.Repo.RefFullName)
+	if err != nil {
+		ctx.ServerError("PrepareCommitFormOptions", err)
+		return nil
 	}
-	form.CommitMessage = strings.TrimSpace(form.CommitMessage)
-	if len(form.CommitMessage) > 0 {
-		message += "\n\n" + form.CommitMessage
+	if commitFormOptions.NeedFork {
+		// It shouldn't happen, because we should have done the checks in the "GET" request. But just in case.
+		ctx.JSONError(ctx.Locale.TrString("error.not_found"))
+		return nil
 	}
 
-	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, form.CommitEmail)
-	if !valid {
-		ctx.Data["Err_CommitEmail"] = true
-		ctx.RenderWithErr(ctx.Tr("repo.editor.invalid_commit_email"), tplEditFile, &form)
-		return
+	// check commit behavior
+	fromBaseBranch := ctx.FormString("from_base_branch")
+	commitToNewBranch := commonForm.CommitChoice == editorCommitChoiceNewBranch || fromBaseBranch != ""
+	targetBranchName := util.Iif(commitToNewBranch, commonForm.NewBranchName, ctx.Repo.BranchName)
+	if targetBranchName == ctx.Repo.BranchName && !commitFormOptions.CanCommitToBranch {
+		ctx.JSONError(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", targetBranchName))
+		return nil
 	}
 
-	operation := "update"
-	if isNewFile {
-		operation = "create"
+	if !issues.CanMaintainerWriteToBranch(ctx, ctx.Repo.Permission, targetBranchName, ctx.Doer) {
+		ctx.NotFound(nil)
+		return nil
 	}
 
-	if _, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.ChangeRepoFilesOptions{
-		LastCommitID: form.LastCommit,
-		OldBranch:    ctx.Repo.BranchName,
-		NewBranch:    branchName,
-		Message:      message,
-		Files: []*files_service.ChangeRepoFile{
-			{
-				Operation:     operation,
-				FromTreePath:  ctx.Repo.TreePath,
-				TreePath:      form.TreePath,
-				ContentReader: strings.NewReader(strings.ReplaceAll(form.Content, "\r", "")),
-			},
-		},
-		Signoff:   form.Signoff,
-		Author:    gitCommitter,
-		Committer: gitCommitter,
-	}); err != nil {
-		// This is where we handle all the errors thrown by files_service.ChangeRepoFiles
-		if git.IsErrNotExist(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_editing_no_longer_exists", ctx.Repo.TreePath), tplEditFile, &form)
-		} else if git_model.IsErrLFSFileLocked(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.upload_file_is_locked", err.(git_model.ErrLFSFileLocked).Path, err.(git_model.ErrLFSFileLocked).UserName), tplEditFile, &form)
-		} else if files_service.IsErrFilenameInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_invalid", form.TreePath), tplEditFile, &form)
-		} else if files_service.IsErrFilePathInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			if fileErr, ok := err.(files_service.ErrFilePathInvalid); ok {
-				switch fileErr.Type {
-				case git.EntryModeSymlink:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.file_is_a_symlink", fileErr.Path), tplEditFile, &form)
-				case git.EntryModeTree:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_a_directory", fileErr.Path), tplEditFile, &form)
-				case git.EntryModeBlob:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.directory_is_a_file", fileErr.Path), tplEditFile, &form)
-				default:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_invalid", fileErr.Path), tplEditFile, &form)
-				}
-			} else {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if files_service.IsErrRepoFileAlreadyExists(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_already_exists", form.TreePath), tplEditFile, &form)
-		} else if git.IsErrBranchNotExist(err) {
-			// For when a user adds/updates a file to a branch that no longer exists
-			if branchErr, ok := err.(git.ErrBranchNotExist); ok {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.branch_does_not_exist", branchErr.Name), tplEditFile, &form)
-			} else {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if git_model.IsErrBranchAlreadyExists(err) {
-			// For when a user specifies a new branch that already exists
-			ctx.Data["Err_NewBranchName"] = true
-			if branchErr, ok := err.(git_model.ErrBranchAlreadyExists); ok {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplEditFile, &form)
-			} else {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if files_service.IsErrCommitIDDoesNotMatch(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.commit_id_not_matching"), tplEditFile, &form)
-		} else if git.IsErrPushOutOfDate(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.push_out_of_date"), tplEditFile, &form)
-		} else if git.IsErrPushRejected(err) {
-			errPushRej := err.(*git.ErrPushRejected)
-			if len(errPushRej.Message) == 0 {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplEditFile, &form)
+	// Committer user info
+	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, commonForm.CommitEmail)
+	if !valid {
+		ctx.JSONError(ctx.Tr("repo.editor.invalid_commit_email"))
+		return nil
+	}
+
+	if commitToNewBranch {
+		// if target branch exists, we should stop
+		targetBranchExists, err := git_model.IsBranchExist(ctx, commitFormOptions.TargetRepo.ID, targetBranchName)
+		if err != nil {
+			ctx.ServerError("IsBranchExist", err)
+			return nil
+		} else if targetBranchExists {
+			if fromBaseBranch != "" {
+				ctx.JSONError(ctx.Tr("repo.editor.fork_branch_exists", targetBranchName))
 			} else {
-				flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
-					"Message": ctx.Tr("repo.editor.push_rejected"),
-					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
-					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
-				})
-				if err != nil {
-					ctx.ServerError("editFilePost.HTMLString", err)
-					return
-				}
-				ctx.RenderWithErr(flashError, tplEditFile, &form)
+				ctx.JSONError(ctx.Tr("repo.editor.branch_already_exists", targetBranchName))
 			}
-		} else {
-			flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
-				"Message": ctx.Tr("repo.editor.fail_to_update_file", form.TreePath),
-				"Summary": ctx.Tr("repo.editor.fail_to_update_file_summary"),
-				"Details": utils.SanitizeFlashErrorString(err.Error()),
-			})
-			if err != nil {
-				ctx.ServerError("editFilePost.HTMLString", err)
-				return
-			}
-			ctx.RenderWithErr(flashError, tplEditFile, &form)
+			return nil
 		}
 	}
 
-	if ctx.Repo.Repository.IsEmpty {
-		if isEmpty, err := ctx.Repo.GitRepo.IsEmpty(); err == nil && !isEmpty {
-			_ = repo_model.UpdateRepositoryCols(ctx, &repo_model.Repository{ID: ctx.Repo.Repository.ID, IsEmpty: false}, "is_empty")
+	oldBranchName := ctx.Repo.BranchName
+	if fromBaseBranch != "" {
+		err = editorPushBranchToForkedRepository(ctx, ctx.Doer, ctx.Repo.Repository.BaseRepo, fromBaseBranch, commitFormOptions.TargetRepo, targetBranchName)
+		if err != nil {
+			log.Error("Unable to editorPushBranchToForkedRepository: %v", err)
+			ctx.JSONError(ctx.Tr("repo.editor.fork_failed_to_push_branch", targetBranchName))
+			return nil
 		}
+		// we have pushed the base branch as the new branch, now we need to commit the changes directly to the new branch
+		oldBranchName = targetBranchName
 	}
 
-	redirectForCommitChoice(ctx, form.CommitChoice, branchName, form.TreePath)
-}
-
-// EditFilePost response for editing file
-func EditFilePost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.EditRepoFileForm)
-	editFilePost(ctx, *form, false)
-}
-
-// NewFilePost response for creating file
-func NewFilePost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.EditRepoFileForm)
-	editFilePost(ctx, *form, true)
-}
-
-// DiffPreviewPost render preview diff page
-func DiffPreviewPost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.EditPreviewDiffForm)
-	treePath := cleanUploadFileName(ctx.Repo.TreePath)
-	if len(treePath) == 0 {
-		ctx.HTTPError(http.StatusInternalServerError, "file name to diff is invalid")
-		return
+	return &preparedEditorCommitForm[T]{
+		form:              form,
+		commonForm:        commonForm,
+		CommitFormOptions: commitFormOptions,
+		OldBranchName:     oldBranchName,
+		NewBranchName:     targetBranchName,
+		GitCommitter:      gitCommitter,
 	}
-
-	entry, err := ctx.Repo.Commit.GetTreeEntryByPath(treePath)
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, "GetTreeEntryByPath: "+err.Error())
-		return
-	} else if entry.IsDir() {
-		ctx.HTTPError(http.StatusUnprocessableEntity)
-		return
-	}
-
-	diff, err := files_service.GetDiffPreview(ctx, ctx.Repo.Repository, ctx.Repo.BranchName, treePath, form.Content)
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, "GetDiffPreview: "+err.Error())
-		return
-	}
-
-	if len(diff.Files) != 0 {
-		ctx.Data["File"] = diff.Files[0]
-	}
-
-	ctx.HTML(http.StatusOK, tplEditDiffPreview)
 }
 
-// DeleteFile render delete file page
-func DeleteFile(ctx *context.Context) {
-	ctx.Data["PageIsDelete"] = true
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-	treePath := cleanUploadFileName(ctx.Repo.TreePath)
-
-	if treePath != ctx.Repo.TreePath {
-		ctx.Redirect(path.Join(ctx.Repo.RepoLink, "_delete", util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(treePath)))
+// redirectForCommitChoice redirects after committing the edit to a branch
+func redirectForCommitChoice[T any](ctx *context.Context, parsed *preparedEditorCommitForm[T], treePath string) {
+	// when editing a file in a PR, it should return to the origin location
+	if returnURI := ctx.FormString("return_uri"); returnURI != "" && httplib.IsCurrentGiteaSiteURL(ctx, returnURI) {
+		ctx.JSONRedirect(returnURI)
 		return
 	}
 
-	ctx.Data["TreePath"] = treePath
-	canCommit := renderCommitRights(ctx)
-
-	ctx.Data["commit_summary"] = ""
-	ctx.Data["commit_message"] = ""
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	if canCommit {
-		ctx.Data["commit_choice"] = frmCommitChoiceDirect
-	} else {
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
+	if parsed.commonForm.CommitChoice == editorCommitChoiceNewBranch {
+		// Redirect to a pull request when possible
+		redirectToPullRequest := false
+		repo, baseBranch, headBranch := ctx.Repo.Repository, parsed.OldBranchName, parsed.NewBranchName
+		if ctx.Repo.Repository.IsFork && parsed.CommitFormOptions.CanCreateBasePullRequest {
+			redirectToPullRequest = true
+			baseBranch = repo.BaseRepo.DefaultBranch
+			headBranch = repo.Owner.Name + "/" + repo.Name + ":" + headBranch
+			repo = repo.BaseRepo
+		} else if repo.UnitEnabled(ctx, unit.TypePullRequests) {
+			redirectToPullRequest = true
+		}
+		if redirectToPullRequest {
+			ctx.JSONRedirect(repo.Link() + "/compare/" + util.PathEscapeSegments(baseBranch) + "..." + util.PathEscapeSegments(headBranch))
+			return
+		}
 	}
-	ctx.Data["new_branch_name"] = GetUniquePatchBranchName(ctx)
 
-	ctx.HTML(http.StatusOK, tplDeleteFile)
+	// redirect to the newly updated file
+	redirectTo := util.URLJoin(ctx.Repo.RepoLink, "src/branch", util.PathEscapeSegments(parsed.NewBranchName), util.PathEscapeSegments(treePath))
+	ctx.JSONRedirect(redirectTo)
 }
 
-// DeleteFilePost response for deleting file
-func DeleteFilePost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.DeleteRepoFileForm)
-	canCommit := renderCommitRights(ctx)
-	branchName := ctx.Repo.BranchName
-	if form.CommitChoice == frmCommitChoiceNewBranch {
-		branchName = form.NewBranchName
-	}
-
-	ctx.Data["PageIsDelete"] = true
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-	ctx.Data["TreePath"] = ctx.Repo.TreePath
-	ctx.Data["commit_summary"] = form.CommitSummary
-	ctx.Data["commit_message"] = form.CommitMessage
-	ctx.Data["commit_choice"] = form.CommitChoice
-	ctx.Data["new_branch_name"] = form.NewBranchName
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-
-	if ctx.HasError() {
-		ctx.HTML(http.StatusOK, tplDeleteFile)
-		return
-	}
-
-	if branchName == ctx.Repo.BranchName && !canCommit {
-		ctx.Data["Err_NewBranchName"] = true
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-		ctx.RenderWithErr(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", branchName), tplDeleteFile, &form)
-		return
-	}
-
-	message := strings.TrimSpace(form.CommitSummary)
-	if len(message) == 0 {
-		message = ctx.Locale.TrString("repo.editor.delete", ctx.Repo.TreePath)
-	}
-	form.CommitMessage = strings.TrimSpace(form.CommitMessage)
-	if len(form.CommitMessage) > 0 {
-		message += "\n\n" + form.CommitMessage
+func editFileOpenExisting(ctx *context.Context) (prefetch []byte, dataRc io.ReadCloser, fInfo *fileInfo) {
+	entry, err := ctx.Repo.Commit.GetTreeEntryByPath(ctx.Repo.TreePath)
+	if err != nil {
+		HandleGitError(ctx, "GetTreeEntryByPath", err)
+		return nil, nil, nil
 	}
 
-	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, form.CommitEmail)
-	if !valid {
-		ctx.Data["Err_CommitEmail"] = true
-		ctx.RenderWithErr(ctx.Tr("repo.editor.invalid_commit_email"), tplDeleteFile, &form)
-		return
+	// No way to edit a directory online.
+	if entry.IsDir() {
+		ctx.NotFound(nil)
+		return nil, nil, nil
 	}
 
-	if _, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.ChangeRepoFilesOptions{
-		LastCommitID: form.LastCommit,
-		OldBranch:    ctx.Repo.BranchName,
-		NewBranch:    branchName,
-		Files: []*files_service.ChangeRepoFile{
-			{
-				Operation: "delete",
-				TreePath:  ctx.Repo.TreePath,
-			},
-		},
-		Message:   message,
-		Signoff:   form.Signoff,
-		Author:    gitCommitter,
-		Committer: gitCommitter,
-	}); err != nil {
-		// This is where we handle all the errors thrown by repofiles.DeleteRepoFile
-		if git.IsErrNotExist(err) || files_service.IsErrRepoFileDoesNotExist(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_deleting_no_longer_exists", ctx.Repo.TreePath), tplDeleteFile, &form)
-		} else if files_service.IsErrFilenameInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_invalid", ctx.Repo.TreePath), tplDeleteFile, &form)
-		} else if files_service.IsErrFilePathInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			if fileErr, ok := err.(files_service.ErrFilePathInvalid); ok {
-				switch fileErr.Type {
-				case git.EntryModeSymlink:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.file_is_a_symlink", fileErr.Path), tplDeleteFile, &form)
-				case git.EntryModeTree:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_a_directory", fileErr.Path), tplDeleteFile, &form)
-				case git.EntryModeBlob:
-					ctx.RenderWithErr(ctx.Tr("repo.editor.directory_is_a_file", fileErr.Path), tplDeleteFile, &form)
-				default:
-					ctx.ServerError("DeleteRepoFile", err)
-				}
-			} else {
-				ctx.ServerError("DeleteRepoFile", err)
-			}
-		} else if git.IsErrBranchNotExist(err) {
-			// For when a user deletes a file to a branch that no longer exists
-			if branchErr, ok := err.(git.ErrBranchNotExist); ok {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.branch_does_not_exist", branchErr.Name), tplDeleteFile, &form)
-			} else {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if git_model.IsErrBranchAlreadyExists(err) {
-			// For when a user specifies a new branch that already exists
-			if branchErr, ok := err.(git_model.ErrBranchAlreadyExists); ok {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplDeleteFile, &form)
-			} else {
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if files_service.IsErrCommitIDDoesNotMatch(err) || git.IsErrPushOutOfDate(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_changed_while_deleting", ctx.Repo.RepoLink+"/compare/"+util.PathEscapeSegments(form.LastCommit)+"..."+util.PathEscapeSegments(ctx.Repo.CommitID)), tplDeleteFile, &form)
-		} else if git.IsErrPushRejected(err) {
-			errPushRej := err.(*git.ErrPushRejected)
-			if len(errPushRej.Message) == 0 {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplDeleteFile, &form)
-			} else {
-				flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
-					"Message": ctx.Tr("repo.editor.push_rejected"),
-					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
-					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
-				})
-				if err != nil {
-					ctx.ServerError("DeleteFilePost.HTMLString", err)
-					return
-				}
-				ctx.RenderWithErr(flashError, tplDeleteFile, &form)
-			}
+	blob := entry.Blob()
+	buf, dataRc, fInfo, err := getFileReader(ctx, ctx.Repo.Repository.ID, blob)
+	if err != nil {
+		if git.IsErrNotExist(err) {
+			ctx.NotFound(err)
 		} else {
-			ctx.ServerError("DeleteRepoFile", err)
+			ctx.ServerError("getFileReader", err)
 		}
-		return
+		return nil, nil, nil
 	}
 
-	ctx.Flash.Success(ctx.Tr("repo.editor.file_delete_success", ctx.Repo.TreePath))
-	treePath := path.Dir(ctx.Repo.TreePath)
-	if treePath == "." {
-		treePath = "" // the file deleted was in the root, so we return the user to the root directory
-	}
-	if len(treePath) > 0 {
-		// Need to get the latest commit since it changed
-		commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.BranchName)
-		if err == nil && commit != nil {
-			// We have the comment, now find what directory we can return the user to
-			// (must have entries)
-			treePath = GetClosestParentWithFiles(treePath, commit)
-		} else {
-			treePath = "" // otherwise return them to the root of the repo
+	if fInfo.isLFSFile() {
+		lfsLock, err := git_model.GetTreePathLock(ctx, ctx.Repo.Repository.ID, ctx.Repo.TreePath)
+		if err != nil {
+			_ = dataRc.Close()
+			ctx.ServerError("GetTreePathLock", err)
+			return nil, nil, nil
+		} else if lfsLock != nil && lfsLock.OwnerID != ctx.Doer.ID {
+			_ = dataRc.Close()
+			ctx.NotFound(nil)
+			return nil, nil, nil
 		}
 	}
 
-	redirectForCommitChoice(ctx, form.CommitChoice, branchName, treePath)
+	return buf, dataRc, fInfo
 }
 
-// UploadFile render upload file page
-func UploadFile(ctx *context.Context) {
-	ctx.Data["PageIsUpload"] = true
-	upload.AddUploadContext(ctx, "repo")
-	canCommit := renderCommitRights(ctx)
-	treePath := cleanUploadFileName(ctx.Repo.TreePath)
-	if treePath != ctx.Repo.TreePath {
-		ctx.Redirect(path.Join(ctx.Repo.RepoLink, "_upload", util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(treePath)))
-		return
-	}
-	ctx.Repo.TreePath = treePath
-
-	treeNames, treePaths := getParentTreeFields(ctx.Repo.TreePath)
-	if len(treeNames) == 0 {
-		// We must at least have one element for user to input.
-		treeNames = []string{""}
-	}
-
-	ctx.Data["TreeNames"] = treeNames
-	ctx.Data["TreePaths"] = treePaths
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-	ctx.Data["commit_summary"] = ""
-	ctx.Data["commit_message"] = ""
-	if canCommit {
-		ctx.Data["commit_choice"] = frmCommitChoiceDirect
-	} else {
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-	}
-	ctx.Data["new_branch_name"] = GetUniquePatchBranchName(ctx)
-
-	ctx.HTML(http.StatusOK, tplUploadFile)
-}
-
-// UploadFilePost response for uploading file
-func UploadFilePost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.UploadRepoFileForm)
-	ctx.Data["PageIsUpload"] = true
-	upload.AddUploadContext(ctx, "repo")
-	canCommit := renderCommitRights(ctx)
-
-	oldBranchName := ctx.Repo.BranchName
-	branchName := oldBranchName
-
-	if form.CommitChoice == frmCommitChoiceNewBranch {
-		branchName = form.NewBranchName
-	}
-
-	form.TreePath = cleanUploadFileName(form.TreePath)
+func EditFile(ctx *context.Context) {
+	editorAction := ctx.PathParam("editor_action")
+	isNewFile := editorAction == "_new"
+	ctx.Data["IsNewFile"] = isNewFile
 
-	treeNames, treePaths := getParentTreeFields(form.TreePath)
-	if len(treeNames) == 0 {
-		// We must at least have one element for user to input.
-		treeNames = []string{""}
+	// Check if the filename (and additional path) is specified in the querystring
+	// (filename is a misnomer, but kept for compatibility with GitHub)
+	urlQuery := ctx.Req.URL.Query()
+	queryFilename := urlQuery.Get("filename")
+	if queryFilename != "" {
+		newTreePath := path.Join(ctx.Repo.TreePath, queryFilename)
+		redirectTo := fmt.Sprintf("%s/%s/%s/%s", ctx.Repo.RepoLink, editorAction, util.PathEscapeSegments(ctx.Repo.BranchName), util.PathEscapeSegments(newTreePath))
+		urlQuery.Del("filename")
+		if newQueryParams := urlQuery.Encode(); newQueryParams != "" {
+			redirectTo += "?" + newQueryParams
+		}
+		ctx.Redirect(redirectTo)
+		return
 	}
 
-	ctx.Data["TreePath"] = form.TreePath
-	ctx.Data["TreeNames"] = treeNames
-	ctx.Data["TreePaths"] = treePaths
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/branch/" + util.PathEscapeSegments(branchName)
-	ctx.Data["commit_summary"] = form.CommitSummary
-	ctx.Data["commit_message"] = form.CommitMessage
-	ctx.Data["commit_choice"] = form.CommitChoice
-	ctx.Data["new_branch_name"] = branchName
+	// on the "New File" page, we should add an empty path field to make end users could input a new name
+	prepareTreePathFieldsAndPaths(ctx, util.Iif(isNewFile, ctx.Repo.TreePath+"/", ctx.Repo.TreePath))
 
-	if ctx.HasError() {
-		ctx.HTML(http.StatusOK, tplUploadFile)
+	prepareEditorCommitFormOptions(ctx, editorAction)
+	if ctx.Written() {
 		return
 	}
 
-	if oldBranchName != branchName {
-		if _, err := ctx.Repo.GitRepo.GetBranch(branchName); err == nil {
-			ctx.Data["Err_NewBranchName"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchName), tplUploadFile, &form)
+	if !isNewFile {
+		prefetch, dataRc, fInfo := editFileOpenExisting(ctx)
+		if ctx.Written() {
 			return
 		}
-	} else if !canCommit {
-		ctx.Data["Err_NewBranchName"] = true
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-		ctx.RenderWithErr(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", branchName), tplUploadFile, &form)
-		return
-	}
+		defer dataRc.Close()
 
-	if !ctx.Repo.Repository.IsEmpty {
-		var newTreePath string
-		for _, part := range treeNames {
-			newTreePath = path.Join(newTreePath, part)
-			entry, err := ctx.Repo.Commit.GetTreeEntryByPath(newTreePath)
+		ctx.Data["FileSize"] = fInfo.fileSize
+
+		// Only some file types are editable online as text.
+		if fInfo.isLFSFile() {
+			ctx.Data["NotEditableReason"] = ctx.Tr("repo.editor.cannot_edit_lfs_files")
+		} else if !fInfo.st.IsRepresentableAsText() {
+			ctx.Data["NotEditableReason"] = ctx.Tr("repo.editor.cannot_edit_non_text_files")
+		} else if fInfo.fileSize >= setting.UI.MaxDisplayFileSize {
+			ctx.Data["NotEditableReason"] = ctx.Tr("repo.editor.cannot_edit_too_large_file")
+		}
+
+		if ctx.Data["NotEditableReason"] == nil {
+			buf, err := io.ReadAll(io.MultiReader(bytes.NewReader(prefetch), dataRc))
 			if err != nil {
-				if git.IsErrNotExist(err) {
-					break // Means there is no item with that name, so we're good
-				}
-				ctx.ServerError("Repo.Commit.GetTreeEntryByPath", err)
+				ctx.ServerError("ReadAll", err)
 				return
 			}
-
-			// User can only upload files to a directory, the directory name shouldn't be an existing file.
-			if !entry.IsDir() {
-				ctx.Data["Err_TreePath"] = true
-				ctx.RenderWithErr(ctx.Tr("repo.editor.directory_is_a_file", part), tplUploadFile, &form)
-				return
+			if content, err := charset.ToUTF8(buf, charset.ConvertOpts{KeepBOM: true}); err != nil {
+				ctx.Data["FileContent"] = string(buf)
+			} else {
+				ctx.Data["FileContent"] = content
 			}
 		}
 	}
 
-	message := strings.TrimSpace(form.CommitSummary)
-	if len(message) == 0 {
-		dir := form.TreePath
-		if dir == "" {
-			dir = "/"
-		}
-		message = ctx.Locale.TrString("repo.editor.upload_files_to_dir", dir)
-	}
-
-	form.CommitMessage = strings.TrimSpace(form.CommitMessage)
-	if len(form.CommitMessage) > 0 {
-		message += "\n\n" + form.CommitMessage
-	}
+	ctx.Data["EditorconfigJson"] = getContextRepoEditorConfig(ctx, ctx.Repo.TreePath)
+	ctx.HTML(http.StatusOK, tplEditFile)
+}
 
-	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, form.CommitEmail)
-	if !valid {
-		ctx.Data["Err_CommitEmail"] = true
-		ctx.RenderWithErr(ctx.Tr("repo.editor.invalid_commit_email"), tplUploadFile, &form)
+func EditFilePost(ctx *context.Context) {
+	editorAction := ctx.PathParam("editor_action")
+	isNewFile := editorAction == "_new"
+	parsed := prepareEditorCommitSubmittedForm[*forms.EditRepoFileForm](ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if err := files_service.UploadRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.UploadRepoFileOptions{
-		LastCommitID: ctx.Repo.CommitID,
-		OldBranch:    oldBranchName,
-		NewBranch:    branchName,
-		TreePath:     form.TreePath,
-		Message:      message,
-		Files:        form.Files,
-		Signoff:      form.Signoff,
-		Author:       gitCommitter,
-		Committer:    gitCommitter,
-	}); err != nil {
-		if git_model.IsErrLFSFileLocked(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.upload_file_is_locked", err.(git_model.ErrLFSFileLocked).Path, err.(git_model.ErrLFSFileLocked).UserName), tplUploadFile, &form)
-		} else if files_service.IsErrFilenameInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_invalid", form.TreePath), tplUploadFile, &form)
-		} else if files_service.IsErrFilePathInvalid(err) {
-			ctx.Data["Err_TreePath"] = true
-			fileErr := err.(files_service.ErrFilePathInvalid)
-			switch fileErr.Type {
-			case git.EntryModeSymlink:
-				ctx.RenderWithErr(ctx.Tr("repo.editor.file_is_a_symlink", fileErr.Path), tplUploadFile, &form)
-			case git.EntryModeTree:
-				ctx.RenderWithErr(ctx.Tr("repo.editor.filename_is_a_directory", fileErr.Path), tplUploadFile, &form)
-			case git.EntryModeBlob:
-				ctx.RenderWithErr(ctx.Tr("repo.editor.directory_is_a_file", fileErr.Path), tplUploadFile, &form)
-			default:
-				ctx.HTTPError(http.StatusInternalServerError, err.Error())
-			}
-		} else if files_service.IsErrRepoFileAlreadyExists(err) {
-			ctx.Data["Err_TreePath"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_already_exists", form.TreePath), tplUploadFile, &form)
-		} else if git.IsErrBranchNotExist(err) {
-			branchErr := err.(git.ErrBranchNotExist)
-			ctx.RenderWithErr(ctx.Tr("repo.editor.branch_does_not_exist", branchErr.Name), tplUploadFile, &form)
-		} else if git_model.IsErrBranchAlreadyExists(err) {
-			// For when a user specifies a new branch that already exists
-			ctx.Data["Err_NewBranchName"] = true
-			branchErr := err.(git_model.ErrBranchAlreadyExists)
-			ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplUploadFile, &form)
-		} else if git.IsErrPushOutOfDate(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_changed_while_editing", ctx.Repo.RepoLink+"/compare/"+util.PathEscapeSegments(ctx.Repo.CommitID)+"..."+util.PathEscapeSegments(form.NewBranchName)), tplUploadFile, &form)
-		} else if git.IsErrPushRejected(err) {
-			errPushRej := err.(*git.ErrPushRejected)
-			if len(errPushRej.Message) == 0 {
-				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplUploadFile, &form)
-			} else {
-				flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
-					"Message": ctx.Tr("repo.editor.push_rejected"),
-					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
-					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
-				})
-				if err != nil {
-					ctx.ServerError("UploadFilePost.HTMLString", err)
-					return
-				}
-				ctx.RenderWithErr(flashError, tplUploadFile, &form)
-			}
-		} else {
-			// os.ErrNotExist - upload file missing in the intervening time?!
-			log.Error("Error during upload to repo: %-v to filepath: %s on %s from %s: %v", ctx.Repo.Repository, form.TreePath, oldBranchName, form.NewBranchName, err)
-			ctx.RenderWithErr(ctx.Tr("repo.editor.unable_to_upload_files", form.TreePath, err), tplUploadFile, &form)
-		}
+	defaultCommitMessage := util.Iif(isNewFile, ctx.Locale.TrString("repo.editor.add", parsed.form.TreePath), ctx.Locale.TrString("repo.editor.update", parsed.form.TreePath))
+
+	var operation string
+	if isNewFile {
+		operation = "create"
+	} else if parsed.form.Content.Has() {
+		// The form content only has data if the file is representable as text, is not too large and not in lfs.
+		operation = "update"
+	} else if ctx.Repo.TreePath != parsed.form.TreePath {
+		// If it doesn't have data, the only possible operation is a "rename"
+		operation = "rename"
+	} else {
+		// It should never happen, just in case
+		ctx.JSONError(ctx.Tr("error.occurred"))
 		return
 	}
 
-	if ctx.Repo.Repository.IsEmpty {
-		if isEmpty, err := ctx.Repo.GitRepo.IsEmpty(); err == nil && !isEmpty {
-			_ = repo_model.UpdateRepositoryCols(ctx, &repo_model.Repository{ID: ctx.Repo.Repository.ID, IsEmpty: false}, "is_empty")
-		}
+	_, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.ChangeRepoFilesOptions{
+		LastCommitID: parsed.form.LastCommit,
+		OldBranch:    parsed.OldBranchName,
+		NewBranch:    parsed.NewBranchName,
+		Message:      parsed.GetCommitMessage(defaultCommitMessage),
+		Files: []*files_service.ChangeRepoFile{
+			{
+				Operation:     operation,
+				FromTreePath:  ctx.Repo.TreePath,
+				TreePath:      parsed.form.TreePath,
+				ContentReader: strings.NewReader(strings.ReplaceAll(parsed.form.Content.Value(), "\r", "")),
+			},
+		},
+		Signoff:   parsed.form.Signoff,
+		Author:    parsed.GitCommitter,
+		Committer: parsed.GitCommitter,
+	})
+	if err != nil {
+		editorHandleFileOperationError(ctx, parsed.NewBranchName, err)
+		return
 	}
 
-	redirectForCommitChoice(ctx, form.CommitChoice, branchName, form.TreePath)
+	redirectForCommitChoice(ctx, parsed, parsed.form.TreePath)
 }
 
-func cleanUploadFileName(name string) string {
-	// Rebase the filename
-	name = util.PathJoinRel(name)
-	// Git disallows any filenames to have a .git directory in them.
-	for _, part := range strings.Split(name, "/") {
-		if strings.ToLower(part) == ".git" {
-			return ""
-		}
+// DeleteFile render delete file page
+func DeleteFile(ctx *context.Context) {
+	prepareEditorCommitFormOptions(ctx, "_delete")
+	if ctx.Written() {
+		return
 	}
-	return name
+	ctx.Data["PageIsDelete"] = true
+	ctx.HTML(http.StatusOK, tplDeleteFile)
 }
 
-// UploadFileToServer upload file to server file dir not git
-func UploadFileToServer(ctx *context.Context) {
-	file, header, err := ctx.Req.FormFile("file")
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, fmt.Sprintf("FormFile: %v", err))
+// DeleteFilePost response for deleting file
+func DeleteFilePost(ctx *context.Context) {
+	parsed := prepareEditorCommitSubmittedForm[*forms.DeleteRepoFileForm](ctx)
+	if ctx.Written() {
 		return
 	}
-	defer file.Close()
 
-	buf := make([]byte, 1024)
-	n, _ := util.ReadAtMost(file, buf)
-	if n > 0 {
-		buf = buf[:n]
-	}
-
-	err = upload.Verify(buf, header.Filename, setting.Repository.Upload.AllowedTypes)
+	treePath := ctx.Repo.TreePath
+	_, err := files_service.ChangeRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.ChangeRepoFilesOptions{
+		LastCommitID: parsed.form.LastCommit,
+		OldBranch:    parsed.OldBranchName,
+		NewBranch:    parsed.NewBranchName,
+		Files: []*files_service.ChangeRepoFile{
+			{
+				Operation: "delete",
+				TreePath:  treePath,
+			},
+		},
+		Message:   parsed.GetCommitMessage(ctx.Locale.TrString("repo.editor.delete", treePath)),
+		Signoff:   parsed.form.Signoff,
+		Author:    parsed.GitCommitter,
+		Committer: parsed.GitCommitter,
+	})
 	if err != nil {
-		ctx.HTTPError(http.StatusBadRequest, err.Error())
+		editorHandleFileOperationError(ctx, parsed.NewBranchName, err)
 		return
 	}
 
-	name := cleanUploadFileName(header.Filename)
-	if len(name) == 0 {
-		ctx.HTTPError(http.StatusInternalServerError, "Upload file name is invalid")
-		return
-	}
+	ctx.Flash.Success(ctx.Tr("repo.editor.file_delete_success", treePath))
+	redirectTreePath := getClosestParentWithFiles(ctx.Repo.GitRepo, parsed.NewBranchName, treePath)
+	redirectForCommitChoice(ctx, parsed, redirectTreePath)
+}
 
-	upload, err := repo_model.NewUpload(ctx, name, buf, file)
-	if err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, fmt.Sprintf("NewUpload: %v", err))
+func UploadFile(ctx *context.Context) {
+	ctx.Data["PageIsUpload"] = true
+	prepareTreePathFieldsAndPaths(ctx, ctx.Repo.TreePath)
+	opts := prepareEditorCommitFormOptions(ctx, "_upload")
+	if ctx.Written() {
 		return
 	}
+	upload.AddUploadContextForRepo(ctx, opts.TargetRepo)
 
-	log.Trace("New file uploaded: %s", upload.UUID)
-	ctx.JSON(http.StatusOK, map[string]string{
-		"uuid": upload.UUID,
-	})
+	ctx.HTML(http.StatusOK, tplUploadFile)
 }
 
-// RemoveUploadFileFromServer remove file from server file dir
-func RemoveUploadFileFromServer(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.RemoveUploadFileForm)
-	if len(form.File) == 0 {
-		ctx.Status(http.StatusNoContent)
+func UploadFilePost(ctx *context.Context) {
+	parsed := prepareEditorCommitSubmittedForm[*forms.UploadRepoFileForm](ctx)
+	if ctx.Written() {
 		return
 	}
 
-	if err := repo_model.DeleteUploadByUUID(ctx, form.File); err != nil {
-		ctx.HTTPError(http.StatusInternalServerError, fmt.Sprintf("DeleteUploadByUUID: %v", err))
+	defaultCommitMessage := ctx.Locale.TrString("repo.editor.upload_files_to_dir", util.IfZero(parsed.form.TreePath, "/"))
+	err := files_service.UploadRepoFiles(ctx, ctx.Repo.Repository, ctx.Doer, &files_service.UploadRepoFileOptions{
+		LastCommitID: parsed.form.LastCommit,
+		OldBranch:    parsed.OldBranchName,
+		NewBranch:    parsed.NewBranchName,
+		TreePath:     parsed.form.TreePath,
+		Message:      parsed.GetCommitMessage(defaultCommitMessage),
+		Files:        parsed.form.Files,
+		Signoff:      parsed.form.Signoff,
+		Author:       parsed.GitCommitter,
+		Committer:    parsed.GitCommitter,
+	})
+	if err != nil {
+		editorHandleFileOperationError(ctx, parsed.NewBranchName, err)
 		return
 	}
-
-	log.Trace("Upload file removed: %s", form.File)
-	ctx.Status(http.StatusNoContent)
-}
-
-// GetUniquePatchBranchName Gets a unique branch name for a new patch branch
-// It will be in the form of <username>-patch-<num> where <num> is the first branch of this format
-// that doesn't already exist. If we exceed 1000 tries or an error is thrown, we just return "" so the user has to
-// type in the branch name themselves (will be an empty field)
-func GetUniquePatchBranchName(ctx *context.Context) string {
-	prefix := ctx.Doer.LowerName + "-patch-"
-	for i := 1; i <= 1000; i++ {
-		branchName := fmt.Sprintf("%s%d", prefix, i)
-		if _, err := ctx.Repo.GitRepo.GetBranch(branchName); err != nil {
-			if git.IsErrBranchNotExist(err) {
-				return branchName
-			}
-			log.Error("GetUniquePatchBranchName: %v", err)
-			return ""
-		}
-	}
-	return ""
-}
-
-// GetClosestParentWithFiles Recursively gets the path of parent in a tree that has files (used when file in a tree is
-// deleted). Returns "" for the root if no parents other than the root have files. If the given treePath isn't a
-// SubTree or it has no entries, we go up one dir and see if we can return the user to that listing.
-func GetClosestParentWithFiles(treePath string, commit *git.Commit) string {
-	if len(treePath) == 0 || treePath == "." {
-		return ""
-	}
-	// see if the tree has entries
-	if tree, err := commit.SubTree(treePath); err != nil {
-		// failed to get tree, going up a dir
-		return GetClosestParentWithFiles(path.Dir(treePath), commit)
-	} else if entries, err := tree.ListEntries(); err != nil || len(entries) == 0 {
-		// no files in this dir, going up a dir
-		return GetClosestParentWithFiles(path.Dir(treePath), commit)
-	}
-	return treePath
+	redirectForCommitChoice(ctx, parsed, parsed.form.TreePath)
 }
diff --git a/routers/web/repo/editor_apply_patch.go b/routers/web/repo/editor_apply_patch.go
new file mode 100644
index 0000000000..bd2811cc5f
--- /dev/null
+++ b/routers/web/repo/editor_apply_patch.go
@@ -0,0 +1,51 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+	"strings"
+
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/repository/files"
+)
+
+func NewDiffPatch(ctx *context.Context) {
+	prepareEditorCommitFormOptions(ctx, "_diffpatch")
+	if ctx.Written() {
+		return
+	}
+
+	ctx.Data["PageIsPatch"] = true
+	ctx.HTML(http.StatusOK, tplPatchFile)
+}
+
+// NewDiffPatchPost response for sending patch page
+func NewDiffPatchPost(ctx *context.Context) {
+	parsed := prepareEditorCommitSubmittedForm[*forms.EditRepoFileForm](ctx)
+	if ctx.Written() {
+		return
+	}
+
+	defaultCommitMessage := ctx.Locale.TrString("repo.editor.patch")
+	_, err := files.ApplyDiffPatch(ctx, ctx.Repo.Repository, ctx.Doer, &files.ApplyDiffPatchOptions{
+		LastCommitID: parsed.form.LastCommit,
+		OldBranch:    parsed.OldBranchName,
+		NewBranch:    parsed.NewBranchName,
+		Message:      parsed.GetCommitMessage(defaultCommitMessage),
+		Content:      strings.ReplaceAll(parsed.form.Content.Value(), "\r\n", "\n"),
+		Author:       parsed.GitCommitter,
+		Committer:    parsed.GitCommitter,
+	})
+	if err != nil {
+		err = util.ErrorWrapLocale(err, "repo.editor.fail_to_apply_patch")
+	}
+	if err != nil {
+		editorHandleFileOperationError(ctx, parsed.NewBranchName, err)
+		return
+	}
+	redirectForCommitChoice(ctx, parsed, parsed.form.TreePath)
+}
diff --git a/routers/web/repo/editor_cherry_pick.go b/routers/web/repo/editor_cherry_pick.go
new file mode 100644
index 0000000000..10c2741b1c
--- /dev/null
+++ b/routers/web/repo/editor_cherry_pick.go
@@ -0,0 +1,86 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"bytes"
+	"net/http"
+	"strings"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/repository/files"
+)
+
+func CherryPick(ctx *context.Context) {
+	prepareEditorCommitFormOptions(ctx, "_cherrypick")
+	if ctx.Written() {
+		return
+	}
+
+	fromCommitID := ctx.PathParam("sha")
+	ctx.Data["FromCommitID"] = fromCommitID
+	cherryPickCommit, err := ctx.Repo.GitRepo.GetCommit(fromCommitID)
+	if err != nil {
+		HandleGitError(ctx, "GetCommit", err)
+		return
+	}
+
+	if ctx.FormString("cherry-pick-type") == "revert" {
+		ctx.Data["CherryPickType"] = "revert"
+		ctx.Data["commit_summary"] = "revert " + ctx.PathParam("sha")
+		ctx.Data["commit_message"] = "revert " + cherryPickCommit.Message()
+	} else {
+		ctx.Data["CherryPickType"] = "cherry-pick"
+		splits := strings.SplitN(cherryPickCommit.Message(), "\n", 2)
+		ctx.Data["commit_summary"] = splits[0]
+		ctx.Data["commit_message"] = splits[1]
+	}
+
+	ctx.HTML(http.StatusOK, tplCherryPick)
+}
+
+func CherryPickPost(ctx *context.Context) {
+	fromCommitID := ctx.PathParam("sha")
+	parsed := prepareEditorCommitSubmittedForm[*forms.CherryPickForm](ctx)
+	if ctx.Written() {
+		return
+	}
+
+	defaultCommitMessage := util.Iif(parsed.form.Revert, ctx.Locale.TrString("repo.commit.revert-header", fromCommitID), ctx.Locale.TrString("repo.commit.cherry-pick-header", fromCommitID))
+	opts := &files.ApplyDiffPatchOptions{
+		LastCommitID: parsed.form.LastCommit,
+		OldBranch:    parsed.OldBranchName,
+		NewBranch:    parsed.NewBranchName,
+		Message:      parsed.GetCommitMessage(defaultCommitMessage),
+		Author:       parsed.GitCommitter,
+		Committer:    parsed.GitCommitter,
+	}
+
+	// First try the simple plain read-tree -m approach
+	opts.Content = fromCommitID
+	if _, err := files.CherryPick(ctx, ctx.Repo.Repository, ctx.Doer, parsed.form.Revert, opts); err != nil {
+		// Drop through to the "apply" method
+		buf := &bytes.Buffer{}
+		if parsed.form.Revert {
+			err = git.GetReverseRawDiff(ctx, ctx.Repo.Repository.RepoPath(), fromCommitID, buf)
+		} else {
+			err = git.GetRawDiff(ctx.Repo.GitRepo, fromCommitID, "patch", buf)
+		}
+		if err == nil {
+			opts.Content = buf.String()
+			_, err = files.ApplyDiffPatch(ctx, ctx.Repo.Repository, ctx.Doer, opts)
+			if err != nil {
+				err = util.ErrorWrapLocale(err, "repo.editor.fail_to_apply_patch")
+			}
+		}
+		if err != nil {
+			editorHandleFileOperationError(ctx, parsed.NewBranchName, err)
+			return
+		}
+	}
+	redirectForCommitChoice(ctx, parsed, parsed.form.TreePath)
+}
diff --git a/routers/web/repo/editor_error.go b/routers/web/repo/editor_error.go
new file mode 100644
index 0000000000..245226a039
--- /dev/null
+++ b/routers/web/repo/editor_error.go
@@ -0,0 +1,82 @@
+// Copyright 2025 Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"errors"
+
+	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/utils"
+	context_service "code.gitea.io/gitea/services/context"
+	files_service "code.gitea.io/gitea/services/repository/files"
+)
+
+func errorAs[T error](v error) (e T, ok bool) {
+	if errors.As(v, &e) {
+		return e, true
+	}
+	return e, false
+}
+
+func editorHandleFileOperationErrorRender(ctx *context_service.Context, message, summary, details string) {
+	flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
+		"Message": message,
+		"Summary": summary,
+		"Details": utils.SanitizeFlashErrorString(details),
+	})
+	if err == nil {
+		ctx.JSONError(flashError)
+	} else {
+		log.Error("RenderToHTML: %v", err)
+		ctx.JSONError(message + "\n" + summary + "\n" + utils.SanitizeFlashErrorString(details))
+	}
+}
+
+func editorHandleFileOperationError(ctx *context_service.Context, targetBranchName string, err error) {
+	if errAs := util.ErrorAsLocale(err); errAs != nil {
+		ctx.JSONError(ctx.Tr(errAs.TrKey, errAs.TrArgs...))
+	} else if errAs, ok := errorAs[git.ErrNotExist](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.file_modifying_no_longer_exists", errAs.RelPath))
+	} else if errAs, ok := errorAs[git_model.ErrLFSFileLocked](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.upload_file_is_locked", errAs.Path, errAs.UserName))
+	} else if errAs, ok := errorAs[files_service.ErrFilenameInvalid](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.filename_is_invalid", errAs.Path))
+	} else if errAs, ok := errorAs[files_service.ErrFilePathInvalid](err); ok {
+		switch errAs.Type {
+		case git.EntryModeSymlink:
+			ctx.JSONError(ctx.Tr("repo.editor.file_is_a_symlink", errAs.Path))
+		case git.EntryModeTree:
+			ctx.JSONError(ctx.Tr("repo.editor.filename_is_a_directory", errAs.Path))
+		case git.EntryModeBlob:
+			ctx.JSONError(ctx.Tr("repo.editor.directory_is_a_file", errAs.Path))
+		default:
+			ctx.JSONError(ctx.Tr("repo.editor.filename_is_invalid", errAs.Path))
+		}
+	} else if errAs, ok := errorAs[files_service.ErrRepoFileAlreadyExists](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.file_already_exists", errAs.Path))
+	} else if errAs, ok := errorAs[git.ErrBranchNotExist](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.branch_does_not_exist", errAs.Name))
+	} else if errAs, ok := errorAs[git_model.ErrBranchAlreadyExists](err); ok {
+		ctx.JSONError(ctx.Tr("repo.editor.branch_already_exists", errAs.BranchName))
+	} else if files_service.IsErrCommitIDDoesNotMatch(err) {
+		ctx.JSONError(ctx.Tr("repo.editor.commit_id_not_matching"))
+	} else if files_service.IsErrCommitIDDoesNotMatch(err) || git.IsErrPushOutOfDate(err) {
+		ctx.JSONError(ctx.Tr("repo.editor.file_changed_while_editing", ctx.Repo.RepoLink+"/compare/"+util.PathEscapeSegments(ctx.Repo.CommitID)+"..."+util.PathEscapeSegments(targetBranchName)))
+	} else if errAs, ok := errorAs[*git.ErrPushRejected](err); ok {
+		if errAs.Message == "" {
+			ctx.JSONError(ctx.Tr("repo.editor.push_rejected_no_message"))
+		} else {
+			editorHandleFileOperationErrorRender(ctx, ctx.Locale.TrString("repo.editor.push_rejected"), ctx.Locale.TrString("repo.editor.push_rejected_summary"), errAs.Message)
+		}
+	} else if errors.Is(err, util.ErrNotExist) {
+		ctx.JSONError(ctx.Tr("error.not_found"))
+	} else {
+		setting.PanicInDevOrTesting("unclear err %T: %v", err, err)
+		editorHandleFileOperationErrorRender(ctx, ctx.Locale.TrString("repo.editor.failed_to_commit"), ctx.Locale.TrString("repo.editor.failed_to_commit_summary"), err.Error())
+	}
+}
diff --git a/routers/web/repo/editor_fork.go b/routers/web/repo/editor_fork.go
new file mode 100644
index 0000000000..b78a634c00
--- /dev/null
+++ b/routers/web/repo/editor_fork.go
@@ -0,0 +1,31 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+	repo_service "code.gitea.io/gitea/services/repository"
+)
+
+const tplEditorFork templates.TplName = "repo/editor/fork"
+
+func ForkToEdit(ctx *context.Context) {
+	ctx.HTML(http.StatusOK, tplEditorFork)
+}
+
+func ForkToEditPost(ctx *context.Context) {
+	ForkRepoTo(ctx, ctx.Doer, repo_service.ForkRepoOptions{
+		BaseRepo:     ctx.Repo.Repository,
+		Name:         getUniqueRepositoryName(ctx, ctx.Doer.ID, ctx.Repo.Repository.Name),
+		Description:  ctx.Repo.Repository.Description,
+		SingleBranch: ctx.Repo.Repository.DefaultBranch, // maybe we only need the default branch in the fork?
+	})
+	if ctx.Written() {
+		return
+	}
+	ctx.JSONRedirect("") // reload the page, the new fork should be editable now
+}
diff --git a/routers/web/repo/editor_preview.go b/routers/web/repo/editor_preview.go
new file mode 100644
index 0000000000..14be5b72b6
--- /dev/null
+++ b/routers/web/repo/editor_preview.go
@@ -0,0 +1,41 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/services/context"
+	files_service "code.gitea.io/gitea/services/repository/files"
+)
+
+func DiffPreviewPost(ctx *context.Context) {
+	content := ctx.FormString("content")
+	treePath := files_service.CleanGitTreePath(ctx.Repo.TreePath)
+	if treePath == "" {
+		ctx.HTTPError(http.StatusBadRequest, "file name to diff is invalid")
+		return
+	}
+
+	entry, err := ctx.Repo.Commit.GetTreeEntryByPath(treePath)
+	if err != nil {
+		ctx.ServerError("GetTreeEntryByPath", err)
+		return
+	} else if entry.IsDir() {
+		ctx.HTTPError(http.StatusUnprocessableEntity)
+		return
+	}
+
+	diff, err := files_service.GetDiffPreview(ctx, ctx.Repo.Repository, ctx.Repo.BranchName, treePath, content)
+	if err != nil {
+		ctx.ServerError("GetDiffPreview", err)
+		return
+	}
+
+	if len(diff.Files) != 0 {
+		ctx.Data["File"] = diff.Files[0]
+	}
+
+	ctx.HTML(http.StatusOK, tplEditDiffPreview)
+}
diff --git a/routers/web/repo/editor_test.go b/routers/web/repo/editor_test.go
index 566db31693..6e2c1d6219 100644
--- a/routers/web/repo/editor_test.go
+++ b/routers/web/repo/editor_test.go
@@ -6,76 +6,27 @@ package repo
 import (
 	"testing"
 
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
-	"code.gitea.io/gitea/services/contexttest"
 
 	"github.com/stretchr/testify/assert"
 )
 
-func TestCleanUploadName(t *testing.T) {
+func TestEditorUtils(t *testing.T) {
 	unittest.PrepareTestEnv(t)
-
-	kases := map[string]string{
-		".git/refs/master":               "",
-		"/root/abc":                      "root/abc",
-		"./../../abc":                    "abc",
-		"a/../.git":                      "",
-		"a/../../../abc":                 "abc",
-		"../../../acd":                   "acd",
-		"../../.git/abc":                 "",
-		"..\\..\\.git/abc":               "..\\..\\.git/abc",
-		"..\\../.git/abc":                "",
-		"..\\../.git":                    "",
-		"abc/../def":                     "def",
-		".drone.yml":                     ".drone.yml",
-		".abc/def/.drone.yml":            ".abc/def/.drone.yml",
-		"..drone.yml.":                   "..drone.yml.",
-		"..a.dotty...name...":            "..a.dotty...name...",
-		"..a.dotty../.folder../.name...": "..a.dotty../.folder../.name...",
-	}
-	for k, v := range kases {
-		assert.EqualValues(t, cleanUploadFileName(k), v)
-	}
-}
-
-func TestGetUniquePatchBranchName(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	expectedBranchName := "user2-patch-1"
-	branchName := GetUniquePatchBranchName(ctx)
-	assert.Equal(t, expectedBranchName, branchName)
-}
-
-func TestGetClosestParentWithFiles(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	repo := ctx.Repo.Repository
-	branch := repo.DefaultBranch
-	gitRepo, _ := gitrepo.OpenRepository(git.DefaultContext, repo)
-	defer gitRepo.Close()
-	commit, _ := gitRepo.GetBranchCommit(branch)
-	var expectedTreePath string // Should return the root dir, empty string, since there are no subdirs in this repo
-	for _, deletedFile := range []string{
-		"dir1/dir2/dir3/file.txt",
-		"file.txt",
-	} {
-		treePath := GetClosestParentWithFiles(deletedFile, commit)
-		assert.Equal(t, expectedTreePath, treePath)
-	}
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+	t.Run("getUniquePatchBranchName", func(t *testing.T) {
+		branchName := getUniquePatchBranchName(t.Context(), "user2", repo)
+		assert.Equal(t, "user2-patch-1", branchName)
+	})
+	t.Run("getClosestParentWithFiles", func(t *testing.T) {
+		gitRepo, _ := gitrepo.OpenRepository(git.DefaultContext, repo)
+		defer gitRepo.Close()
+		treePath := getClosestParentWithFiles(gitRepo, "sub-home-md-img-check", "docs/foo/bar")
+		assert.Equal(t, "docs", treePath)
+		treePath = getClosestParentWithFiles(gitRepo, "sub-home-md-img-check", "any/other")
+		assert.Empty(t, treePath)
+	})
 }
diff --git a/routers/web/repo/editor_uploader.go b/routers/web/repo/editor_uploader.go
new file mode 100644
index 0000000000..1ce9a1aca4
--- /dev/null
+++ b/routers/web/repo/editor_uploader.go
@@ -0,0 +1,61 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/context/upload"
+	files_service "code.gitea.io/gitea/services/repository/files"
+)
+
+// UploadFileToServer upload file to server file dir not git
+func UploadFileToServer(ctx *context.Context) {
+	file, header, err := ctx.Req.FormFile("file")
+	if err != nil {
+		ctx.ServerError("FormFile", err)
+		return
+	}
+	defer file.Close()
+
+	buf := make([]byte, 1024)
+	n, _ := util.ReadAtMost(file, buf)
+	if n > 0 {
+		buf = buf[:n]
+	}
+
+	err = upload.Verify(buf, header.Filename, setting.Repository.Upload.AllowedTypes)
+	if err != nil {
+		ctx.HTTPError(http.StatusBadRequest, err.Error())
+		return
+	}
+
+	name := files_service.CleanGitTreePath(header.Filename)
+	if len(name) == 0 {
+		ctx.HTTPError(http.StatusBadRequest, "Upload file name is invalid")
+		return
+	}
+
+	uploaded, err := repo_model.NewUpload(ctx, name, buf, file)
+	if err != nil {
+		ctx.ServerError("NewUpload", err)
+		return
+	}
+
+	ctx.JSON(http.StatusOK, map[string]string{"uuid": uploaded.UUID})
+}
+
+// RemoveUploadFileFromServer remove file from server file dir
+func RemoveUploadFileFromServer(ctx *context.Context) {
+	fileUUID := ctx.FormString("file")
+	if err := repo_model.DeleteUploadByUUID(ctx, fileUUID); err != nil {
+		ctx.ServerError("DeleteUploadByUUID", err)
+		return
+	}
+	ctx.Status(http.StatusNoContent)
+}
diff --git a/routers/web/repo/editor_util.go b/routers/web/repo/editor_util.go
new file mode 100644
index 0000000000..f910f0bd40
--- /dev/null
+++ b/routers/web/repo/editor_util.go
@@ -0,0 +1,110 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"context"
+	"fmt"
+	"path"
+	"strings"
+
+	git_model "code.gitea.io/gitea/models/git"
+	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/log"
+	repo_module "code.gitea.io/gitea/modules/repository"
+	context_service "code.gitea.io/gitea/services/context"
+)
+
+// getUniquePatchBranchName Gets a unique branch name for a new patch branch
+// It will be in the form of <username>-patch-<num> where <num> is the first branch of this format
+// that doesn't already exist. If we exceed 1000 tries or an error is thrown, we just return "" so the user has to
+// type in the branch name themselves (will be an empty field)
+func getUniquePatchBranchName(ctx context.Context, prefixName string, repo *repo_model.Repository) string {
+	prefix := prefixName + "-patch-"
+	for i := 1; i <= 1000; i++ {
+		branchName := fmt.Sprintf("%s%d", prefix, i)
+		if exist, err := git_model.IsBranchExist(ctx, repo.ID, branchName); err != nil {
+			log.Error("getUniquePatchBranchName: %v", err)
+			return ""
+		} else if !exist {
+			return branchName
+		}
+	}
+	return ""
+}
+
+// getClosestParentWithFiles Recursively gets the closest path of parent in a tree that has files when a file in a tree is
+// deleted. It returns "" for the tree root if no parents other than the root have files.
+func getClosestParentWithFiles(gitRepo *git.Repository, branchName, originTreePath string) string {
+	var f func(treePath string, commit *git.Commit) string
+	f = func(treePath string, commit *git.Commit) string {
+		if treePath == "" || treePath == "." {
+			return ""
+		}
+		// see if the tree has entries
+		if tree, err := commit.SubTree(treePath); err != nil {
+			return f(path.Dir(treePath), commit) // failed to get the tree, going up a dir
+		} else if entries, err := tree.ListEntries(); err != nil || len(entries) == 0 {
+			return f(path.Dir(treePath), commit) // no files in this dir, going up a dir
+		}
+		return treePath
+	}
+	commit, err := gitRepo.GetBranchCommit(branchName) // must get the commit again to get the latest change
+	if err != nil {
+		log.Error("GetBranchCommit: %v", err)
+		return ""
+	}
+	return f(originTreePath, commit)
+}
+
+// getContextRepoEditorConfig returns the editorconfig JSON string for given treePath or "null"
+func getContextRepoEditorConfig(ctx *context_service.Context, treePath string) string {
+	ec, _, err := ctx.Repo.GetEditorconfig()
+	if err == nil {
+		def, err := ec.GetDefinitionForFilename(treePath)
+		if err == nil {
+			jsonStr, _ := json.Marshal(def)
+			return string(jsonStr)
+		}
+	}
+	return "null"
+}
+
+// getParentTreeFields returns list of parent tree names and corresponding tree paths based on given treePath.
+// eg: []{"a", "b", "c"}, []{"a", "a/b", "a/b/c"}
+// or: []{""}, []{""} for the root treePath
+func getParentTreeFields(treePath string) (treeNames, treePaths []string) {
+	treeNames = strings.Split(treePath, "/")
+	treePaths = make([]string, len(treeNames))
+	for i := range treeNames {
+		treePaths[i] = strings.Join(treeNames[:i+1], "/")
+	}
+	return treeNames, treePaths
+}
+
+// getUniqueRepositoryName Gets a unique repository name for a user
+// It will append a -<num> postfix if the name is already taken
+func getUniqueRepositoryName(ctx context.Context, ownerID int64, name string) string {
+	uniqueName := name
+	for i := 1; i < 1000; i++ {
+		_, err := repo_model.GetRepositoryByName(ctx, ownerID, uniqueName)
+		if err != nil || repo_model.IsErrRepoNotExist(err) {
+			return uniqueName
+		}
+		uniqueName = fmt.Sprintf("%s-%d", name, i)
+		i++
+	}
+	return ""
+}
+
+func editorPushBranchToForkedRepository(ctx context.Context, doer *user_model.User, baseRepo *repo_model.Repository, baseBranchName string, targetRepo *repo_model.Repository, targetBranchName string) error {
+	return git.Push(ctx, baseRepo.RepoPath(), git.PushOptions{
+		Remote: targetRepo.RepoPath(),
+		Branch: baseBranchName + ":" + targetBranchName,
+		Env:    repo_module.PushingEnvironment(doer, targetRepo),
+	})
+}
diff --git a/routers/web/repo/fork.go b/routers/web/repo/fork.go
index 36e64bfee3..c2694e540f 100644
--- a/routers/web/repo/fork.go
+++ b/routers/web/repo/fork.go
@@ -91,12 +91,17 @@ func getForkRepository(ctx *context.Context) *repo_model.Repository {
 	ctx.Data["CanForkToUser"] = canForkToUser
 	ctx.Data["Orgs"] = orgs
 
+	// TODO: this message should only be shown for the "current doer" when it is selected, just like the "new repo" page.
+	// msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", ctx.Doer.MaxCreationLimit())
+
 	if canForkToUser {
 		ctx.Data["ContextUser"] = ctx.Doer
+		ctx.Data["CanForkRepoInNewOwner"] = true
 	} else if len(orgs) > 0 {
 		ctx.Data["ContextUser"] = orgs[0]
+		ctx.Data["CanForkRepoInNewOwner"] = true
 	} else {
-		ctx.Data["CanForkRepo"] = false
+		ctx.Data["CanForkRepoInNewOwner"] = false
 		ctx.Flash.Error(ctx.Tr("repo.fork_no_valid_owners"), true)
 		return nil
 	}
@@ -120,15 +125,6 @@ func getForkRepository(ctx *context.Context) *repo_model.Repository {
 // Fork render repository fork page
 func Fork(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("new_fork")
-
-	if ctx.Doer.CanForkRepo() {
-		ctx.Data["CanForkRepo"] = true
-	} else {
-		maxCreationLimit := ctx.Doer.MaxCreationLimit()
-		msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", maxCreationLimit)
-		ctx.Flash.Error(msg, true)
-	}
-
 	getForkRepository(ctx)
 	if ctx.Written() {
 		return
@@ -141,7 +137,6 @@ func Fork(ctx *context.Context) {
 func ForkPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.CreateRepoForm)
 	ctx.Data["Title"] = ctx.Tr("new_fork")
-	ctx.Data["CanForkRepo"] = true
 
 	ctxUser := checkContextUser(ctx, form.UID)
 	if ctx.Written() {
@@ -156,7 +151,7 @@ func ForkPost(ctx *context.Context) {
 	ctx.Data["ContextUser"] = ctxUser
 
 	if ctx.HasError() {
-		ctx.HTML(http.StatusOK, tplFork)
+		ctx.JSONError(ctx.GetErrMsg())
 		return
 	}
 
@@ -164,12 +159,12 @@ func ForkPost(ctx *context.Context) {
 	traverseParentRepo := forkRepo
 	for {
 		if !repository.CanUserForkBetweenOwners(ctxUser.ID, traverseParentRepo.OwnerID) {
-			ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), tplFork, &form)
+			ctx.JSONError(ctx.Tr("repo.settings.new_owner_has_same_repo"))
 			return
 		}
 		repo := repo_model.GetForkedRepo(ctx, ctxUser.ID, traverseParentRepo.ID)
 		if repo != nil {
-			ctx.Redirect(ctxUser.HomeLink() + "/" + url.PathEscape(repo.Name))
+			ctx.JSONRedirect(ctxUser.HomeLink() + "/" + url.PathEscape(repo.Name))
 			return
 		}
 		if !traverseParentRepo.IsFork {
@@ -194,44 +189,50 @@ func ForkPost(ctx *context.Context) {
 		}
 	}
 
-	repo, err := repo_service.ForkRepository(ctx, ctx.Doer, ctxUser, repo_service.ForkRepoOptions{
+	repo := ForkRepoTo(ctx, ctxUser, repo_service.ForkRepoOptions{
 		BaseRepo:     forkRepo,
 		Name:         form.RepoName,
 		Description:  form.Description,
 		SingleBranch: form.ForkSingleBranch,
 	})
+	if ctx.Written() {
+		return
+	}
+	ctx.JSONRedirect(ctxUser.HomeLink() + "/" + url.PathEscape(repo.Name))
+}
+
+func ForkRepoTo(ctx *context.Context, owner *user_model.User, forkOpts repo_service.ForkRepoOptions) *repo_model.Repository {
+	repo, err := repo_service.ForkRepository(ctx, ctx.Doer, owner, forkOpts)
 	if err != nil {
 		ctx.Data["Err_RepoName"] = true
 		switch {
 		case repo_model.IsErrReachLimitOfRepo(err):
-			maxCreationLimit := ctxUser.MaxCreationLimit()
+			maxCreationLimit := owner.MaxCreationLimit()
 			msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", maxCreationLimit)
-			ctx.RenderWithErr(msg, tplFork, &form)
+			ctx.JSONError(msg)
 		case repo_model.IsErrRepoAlreadyExist(err):
-			ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), tplFork, &form)
+			ctx.JSONError(ctx.Tr("repo.settings.new_owner_has_same_repo"))
 		case repo_model.IsErrRepoFilesAlreadyExist(err):
 			switch {
 			case ctx.IsUserSiteAdmin() || (setting.Repository.AllowAdoptionOfUnadoptedRepositories && setting.Repository.AllowDeleteOfUnadoptedRepositories):
-				ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt_or_delete"), tplFork, form)
+				ctx.JSONError(ctx.Tr("form.repository_files_already_exist.adopt_or_delete"))
 			case setting.Repository.AllowAdoptionOfUnadoptedRepositories:
-				ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt"), tplFork, form)
+				ctx.JSONError(ctx.Tr("form.repository_files_already_exist.adopt"))
 			case setting.Repository.AllowDeleteOfUnadoptedRepositories:
-				ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.delete"), tplFork, form)
+				ctx.JSONError(ctx.Tr("form.repository_files_already_exist.delete"))
 			default:
-				ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist"), tplFork, form)
+				ctx.JSONError(ctx.Tr("form.repository_files_already_exist"))
 			}
 		case db.IsErrNameReserved(err):
-			ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplFork, &form)
+			ctx.JSONError(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name))
 		case db.IsErrNamePatternNotAllowed(err):
-			ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplFork, &form)
+			ctx.JSONError(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern))
 		case errors.Is(err, user_model.ErrBlockedUser):
-			ctx.RenderWithErr(ctx.Tr("repo.fork.blocked_user"), tplFork, form)
+			ctx.JSONError(ctx.Tr("repo.fork.blocked_user"))
 		default:
 			ctx.ServerError("ForkPost", err)
 		}
-		return
+		return nil
 	}
-
-	log.Trace("Repository forked[%d]: %s/%s", forkRepo.ID, ctxUser.Name, repo.Name)
-	ctx.Redirect(ctxUser.HomeLink() + "/" + url.PathEscape(repo.Name))
+	return repo
 }
diff --git a/routers/web/repo/githttp.go b/routers/web/repo/githttp.go
index f93d7fc66a..deb3ae4f3a 100644
--- a/routers/web/repo/githttp.go
+++ b/routers/web/repo/githttp.go
@@ -13,6 +13,7 @@ import (
 	"os"
 	"path/filepath"
 	"regexp"
+	"slices"
 	"strconv"
 	"strings"
 	"sync"
@@ -29,7 +30,6 @@ import (
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
-	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 	repo_service "code.gitea.io/gitea/services/repository"
 
@@ -78,7 +78,7 @@ func httpBase(ctx *context.Context) *serviceHandler {
 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-archive") {
 		isPull = true
 	} else {
-		isPull = ctx.Req.Method == "HEAD" || ctx.Req.Method == "GET"
+		isPull = ctx.Req.Method == http.MethodHead || ctx.Req.Method == http.MethodGet
 	}
 
 	var accessMode perm.AccessMode
@@ -127,7 +127,7 @@ func httpBase(ctx *context.Context) *serviceHandler {
 	// Only public pull don't need auth.
 	isPublicPull := repoExist && !repo.IsPrivate && isPull
 	var (
-		askAuth = !isPublicPull || setting.Service.RequireSignInView
+		askAuth = !isPublicPull || setting.Service.RequireSignInViewStrict
 		environ []string
 	)
 
@@ -303,17 +303,12 @@ var (
 
 func dummyInfoRefs(ctx *context.Context) {
 	infoRefsOnce.Do(func() {
-		tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-info-refs-cache")
+		tmpDir, cleanup, err := setting.AppDataTempDir("git-repo-content").MkdirTempRandom("gitea-info-refs-cache")
 		if err != nil {
 			log.Error("Failed to create temp dir for git-receive-pack cache: %v", err)
 			return
 		}
-
-		defer func() {
-			if err := util.RemoveAll(tmpDir); err != nil {
-				log.Error("RemoveAll: %v", err)
-			}
-		}()
+		defer cleanup()
 
 		if err := git.InitRepository(ctx, tmpDir, true, git.Sha1ObjectFormat.Name()); err != nil {
 			log.Error("Failed to init bare repo for git-receive-pack cache: %v", err)
@@ -360,8 +355,8 @@ func setHeaderNoCache(ctx *context.Context) {
 func setHeaderCacheForever(ctx *context.Context) {
 	now := time.Now().Unix()
 	expires := now + 31536000
-	ctx.Resp.Header().Set("Date", fmt.Sprintf("%d", now))
-	ctx.Resp.Header().Set("Expires", fmt.Sprintf("%d", expires))
+	ctx.Resp.Header().Set("Date", strconv.FormatInt(now, 10))
+	ctx.Resp.Header().Set("Expires", strconv.FormatInt(expires, 10))
 	ctx.Resp.Header().Set("Cache-Control", "public, max-age=31536000")
 }
 
@@ -369,12 +364,7 @@ func containsParentDirectorySeparator(v string) bool {
 	if !strings.Contains(v, "..") {
 		return false
 	}
-	for _, ent := range strings.FieldsFunc(v, isSlashRune) {
-		if ent == ".." {
-			return true
-		}
-	}
-	return false
+	return slices.Contains(strings.FieldsFunc(v, isSlashRune), "..")
 }
 
 func isSlashRune(r rune) bool { return r == '/' || r == '\\' }
@@ -394,7 +384,7 @@ func (h *serviceHandler) sendFile(ctx *context.Context, contentType, file string
 	}
 
 	ctx.Resp.Header().Set("Content-Type", contentType)
-	ctx.Resp.Header().Set("Content-Length", fmt.Sprintf("%d", fi.Size()))
+	ctx.Resp.Header().Set("Content-Length", strconv.FormatInt(fi.Size(), 10))
 	// http.TimeFormat required a UTC time, refer to https://pkg.go.dev/net/http#TimeFormat
 	ctx.Resp.Header().Set("Last-Modified", fi.ModTime().UTC().Format(http.TimeFormat))
 	http.ServeFile(ctx.Resp, ctx.Req, reqFile)
diff --git a/routers/web/repo/githttp_test.go b/routers/web/repo/githttp_test.go
index 5ba8de3d63..0164b11f66 100644
--- a/routers/web/repo/githttp_test.go
+++ b/routers/web/repo/githttp_test.go
@@ -37,6 +37,6 @@ func TestContainsParentDirectorySeparator(t *testing.T) {
 	}
 
 	for i := range tests {
-		assert.EqualValues(t, tests[i].b, containsParentDirectorySeparator(tests[i].v))
+		assert.Equal(t, tests[i].b, containsParentDirectorySeparator(tests[i].v))
 	}
 }
diff --git a/routers/web/repo/issue.go b/routers/web/repo/issue.go
index dbbe29a3c3..54b7e5df2a 100644
--- a/routers/web/repo/issue.go
+++ b/routers/web/repo/issue.go
@@ -43,7 +43,8 @@ const (
 	tplIssueChoose templates.TplName = "repo/issue/choose"
 	tplIssueView   templates.TplName = "repo/issue/view"
 
-	tplReactions templates.TplName = "repo/issue/view_content/reactions"
+	tplPullMergeBox templates.TplName = "repo/issue/view_content/pull_merge_box"
+	tplReactions    templates.TplName = "repo/issue/view_content/reactions"
 
 	issueTemplateKey      = "IssueTemplate"
 	issueTemplateTitleKey = "IssueTemplateTitle"
@@ -211,7 +212,7 @@ func getActionIssues(ctx *context.Context) issues_model.IssueList {
 		return nil
 	}
 	issueIDs := make([]int64, 0, 10)
-	for _, stringIssueID := range strings.Split(commaSeparatedIssueIDs, ",") {
+	for stringIssueID := range strings.SplitSeq(commaSeparatedIssueIDs, ",") {
 		issueID, err := strconv.ParseInt(stringIssueID, 10, 64)
 		if err != nil {
 			ctx.ServerError("ParseInt", err)
@@ -363,7 +364,9 @@ func UpdateIssueContent(ctx *context.Context) {
 		}
 	}
 
-	rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository)
+	rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository, renderhelper.RepoCommentOptions{
+		FootnoteContextID: "0",
+	})
 	content, err := markdown.RenderString(rctx, issue.Content)
 	if err != nil {
 		ctx.ServerError("RenderString", err)
@@ -417,6 +420,16 @@ func UpdateIssueMilestone(ctx *context.Context) {
 			continue
 		}
 		issue.MilestoneID = milestoneID
+		if milestoneID > 0 {
+			var err error
+			issue.Milestone, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, milestoneID)
+			if err != nil {
+				ctx.ServerError("GetMilestoneByRepoID", err)
+				return
+			}
+		} else {
+			issue.Milestone = nil
+		}
 		if err := issue_service.ChangeMilestoneAssign(ctx, issue, ctx.Doer, oldMilestoneID); err != nil {
 			ctx.ServerError("ChangeMilestoneAssign", err)
 			return
diff --git a/routers/web/repo/issue_comment.go b/routers/web/repo/issue_comment.go
index 45463200f6..cb5b2d8019 100644
--- a/routers/web/repo/issue_comment.go
+++ b/routers/web/repo/issue_comment.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"html/template"
 	"net/http"
+	"strconv"
 
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/renderhelper"
@@ -96,13 +97,13 @@ func NewComment(ctx *context.Context) {
 				// Regenerate patch and test conflict.
 				if pr == nil {
 					issue.PullRequest.HeadCommitID = ""
-					pull_service.AddToTaskQueue(ctx, issue.PullRequest)
+					pull_service.StartPullRequestCheckImmediately(ctx, issue.PullRequest)
 				}
 
 				// check whether the ref of PR <refs/pulls/pr_index/head> in base repo is consistent with the head commit of head branch in the head repo
 				// get head commit of PR
 				if pull.Flow == issues_model.PullRequestFlowGithub {
-					prHeadRef := pull.GetGitRefName()
+					prHeadRef := pull.GetGitHeadRefName()
 					if err := pull.LoadBaseRepo(ctx); err != nil {
 						ctx.ServerError("Unable to load base repo", err)
 						return
@@ -239,21 +240,28 @@ func UpdateCommentContent(ctx *context.Context) {
 		return
 	}
 
-	oldContent := comment.Content
 	newContent := ctx.FormString("content")
 	contentVersion := ctx.FormInt("content_version")
+	if contentVersion != comment.ContentVersion {
+		ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed"))
+		return
+	}
 
-	// allow to save empty content
-	comment.Content = newContent
-	if err = issue_service.UpdateComment(ctx, comment, contentVersion, ctx.Doer, oldContent); err != nil {
-		if errors.Is(err, user_model.ErrBlockedUser) {
-			ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user"))
-		} else if errors.Is(err, issues_model.ErrCommentAlreadyChanged) {
-			ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed"))
-		} else {
-			ctx.ServerError("UpdateComment", err)
+	if newContent != comment.Content {
+		// allow to save empty content
+		oldContent := comment.Content
+		comment.Content = newContent
+
+		if err = issue_service.UpdateComment(ctx, comment, contentVersion, ctx.Doer, oldContent); err != nil {
+			if errors.Is(err, user_model.ErrBlockedUser) {
+				ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user"))
+			} else if errors.Is(err, issues_model.ErrCommentAlreadyChanged) {
+				ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed"))
+			} else {
+				ctx.ServerError("UpdateComment", err)
+			}
+			return
 		}
-		return
 	}
 
 	if err := comment.LoadAttachments(ctx); err != nil {
@@ -271,7 +279,9 @@ func UpdateCommentContent(ctx *context.Context) {
 
 	var renderedContent template.HTML
 	if comment.Content != "" {
-		rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository)
+		rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository, renderhelper.RepoCommentOptions{
+			FootnoteContextID: strconv.FormatInt(comment.ID, 10),
+		})
 		renderedContent, err = markdown.RenderString(rctx, comment.Content)
 		if err != nil {
 			ctx.ServerError("RenderString", err)
diff --git a/routers/web/repo/issue_content_history.go b/routers/web/repo/issue_content_history.go
index c2c208736c..3602f4ec8a 100644
--- a/routers/web/repo/issue_content_history.go
+++ b/routers/web/repo/issue_content_history.go
@@ -157,15 +157,16 @@ func GetContentHistoryDetail(ctx *context.Context) {
 	diffHTMLBuf := bytes.Buffer{}
 	diffHTMLBuf.WriteString("<pre class='chroma'>")
 	for _, it := range diff {
-		if it.Type == diffmatchpatch.DiffInsert {
+		switch it.Type {
+		case diffmatchpatch.DiffInsert:
 			diffHTMLBuf.WriteString("<span class='gi'>")
 			diffHTMLBuf.WriteString(html.EscapeString(it.Text))
 			diffHTMLBuf.WriteString("</span>")
-		} else if it.Type == diffmatchpatch.DiffDelete {
+		case diffmatchpatch.DiffDelete:
 			diffHTMLBuf.WriteString("<span class='gd'>")
 			diffHTMLBuf.WriteString(html.EscapeString(it.Text))
 			diffHTMLBuf.WriteString("</span>")
-		} else {
+		default:
 			diffHTMLBuf.WriteString(html.EscapeString(it.Text))
 		}
 	}
diff --git a/routers/web/repo/issue_label.go b/routers/web/repo/issue_label.go
index 62c0128f19..72a316e98d 100644
--- a/routers/web/repo/issue_label.go
+++ b/routers/web/repo/issue_label.go
@@ -4,6 +4,7 @@
 package repo
 
 import (
+	"errors"
 	"net/http"
 
 	"code.gitea.io/gitea/models/db"
@@ -13,7 +14,9 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
+	shared_label "code.gitea.io/gitea/routers/web/shared/label"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/forms"
 	issue_service "code.gitea.io/gitea/services/issue"
@@ -100,54 +103,53 @@ func RetrieveLabelsForList(ctx *context.Context) {
 
 // NewLabel create new label for repository
 func NewLabel(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.CreateLabelForm)
-	ctx.Data["Title"] = ctx.Tr("repo.labels")
-	ctx.Data["PageIsLabels"] = true
-
-	if ctx.HasError() {
-		ctx.Flash.Error(ctx.Data["ErrorMsg"].(string))
-		ctx.Redirect(ctx.Repo.RepoLink + "/labels")
+	form := shared_label.GetLabelEditForm(ctx)
+	if ctx.Written() {
 		return
 	}
 
 	l := &issues_model.Label{
-		RepoID:      ctx.Repo.Repository.ID,
-		Name:        form.Title,
-		Exclusive:   form.Exclusive,
-		Description: form.Description,
-		Color:       form.Color,
+		RepoID:         ctx.Repo.Repository.ID,
+		Name:           form.Title,
+		Exclusive:      form.Exclusive,
+		ExclusiveOrder: form.ExclusiveOrder,
+		Description:    form.Description,
+		Color:          form.Color,
 	}
 	if err := issues_model.NewLabel(ctx, l); err != nil {
 		ctx.ServerError("NewLabel", err)
 		return
 	}
-	ctx.Redirect(ctx.Repo.RepoLink + "/labels")
+	ctx.JSONRedirect(ctx.Repo.RepoLink + "/labels")
 }
 
 // UpdateLabel update a label's name and color
 func UpdateLabel(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.CreateLabelForm)
+	form := shared_label.GetLabelEditForm(ctx)
+	if ctx.Written() {
+		return
+	}
+
 	l, err := issues_model.GetLabelInRepoByID(ctx, ctx.Repo.Repository.ID, form.ID)
-	if err != nil {
-		switch {
-		case issues_model.IsErrRepoLabelNotExist(err):
-			ctx.HTTPError(http.StatusNotFound)
-		default:
-			ctx.ServerError("UpdateLabel", err)
-		}
+	if errors.Is(err, util.ErrNotExist) {
+		ctx.JSONErrorNotFound()
+		return
+	} else if err != nil {
+		ctx.ServerError("GetLabelInRepoByID", err)
 		return
 	}
+
 	l.Name = form.Title
 	l.Exclusive = form.Exclusive
+	l.ExclusiveOrder = form.ExclusiveOrder
 	l.Description = form.Description
 	l.Color = form.Color
-
 	l.SetArchived(form.IsArchived)
 	if err := issues_model.UpdateLabel(ctx, l); err != nil {
 		ctx.ServerError("UpdateLabel", err)
 		return
 	}
-	ctx.Redirect(ctx.Repo.RepoLink + "/labels")
+	ctx.JSONRedirect(ctx.Repo.RepoLink + "/labels")
 }
 
 // DeleteLabel delete a label
diff --git a/routers/web/repo/issue_label_test.go b/routers/web/repo/issue_label_test.go
index 486c2e35a2..f4eca26f8e 100644
--- a/routers/web/repo/issue_label_test.go
+++ b/routers/web/repo/issue_label_test.go
@@ -6,10 +6,12 @@ package repo
 import (
 	"net/http"
 	"strconv"
+	"strings"
 	"testing"
 
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/web"
@@ -19,26 +21,27 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func int64SliceToCommaSeparated(a []int64) string {
-	s := ""
-	for i, n := range a {
-		if i > 0 {
-			s += ","
-		}
-		s += strconv.Itoa(int(n))
-	}
-	return s
+func TestIssueLabel(t *testing.T) {
+	unittest.PrepareTestEnv(t)
+	t.Run("RetrieveLabels", testRetrieveLabels)
+	t.Run("NewLabel", testNewLabel)
+	t.Run("NewLabelInvalidColor", testNewLabelInvalidColor)
+	t.Run("UpdateLabel", testUpdateLabel)
+	t.Run("UpdateLabelInvalidColor", testUpdateLabelInvalidColor)
+	t.Run("UpdateIssueLabelClear", testUpdateIssueLabelClear)
+	t.Run("UpdateIssueLabelToggle", testUpdateIssueLabelToggle)
+	t.Run("InitializeLabels", testInitializeLabels)
+	t.Run("DeleteLabel", testDeleteLabel)
 }
 
-func TestInitializeLabels(t *testing.T) {
-	unittest.PrepareTestEnv(t)
+func testInitializeLabels(t *testing.T) {
 	assert.NoError(t, repository.LoadRepoConfig())
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/labels/initialize")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 2)
 	web.SetForm(ctx, &forms.InitializeLabelsForm{TemplateName: "Default"})
 	InitializeLabels(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	unittest.AssertExistsAndLoadBean(t, &issues_model.Label{
 		RepoID: 2,
 		Name:   "enhancement",
@@ -47,8 +50,7 @@ func TestInitializeLabels(t *testing.T) {
 	assert.Equal(t, "/user2/repo2/labels", test.RedirectURL(ctx.Resp))
 }
 
-func TestRetrieveLabels(t *testing.T) {
-	unittest.PrepareTestEnv(t)
+func testRetrieveLabels(t *testing.T) {
 	for _, testCase := range []struct {
 		RepoID           int64
 		Sort             string
@@ -68,15 +70,14 @@ func TestRetrieveLabels(t *testing.T) {
 		assert.True(t, ok)
 		if assert.Len(t, labels, len(testCase.ExpectedLabelIDs)) {
 			for i, label := range labels {
-				assert.EqualValues(t, testCase.ExpectedLabelIDs[i], label.ID)
+				assert.Equal(t, testCase.ExpectedLabelIDs[i], label.ID)
 			}
 		}
 	}
 }
 
-func TestNewLabel(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1/labels/edit")
+func testNewLabel(t *testing.T) {
+	ctx, respWriter := contexttest.MockContext(t, "user2/repo1/labels/edit")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	web.SetForm(ctx, &forms.CreateLabelForm{
@@ -84,17 +85,32 @@ func TestNewLabel(t *testing.T) {
 		Color: "#abcdef",
 	})
 	NewLabel(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	unittest.AssertExistsAndLoadBean(t, &issues_model.Label{
 		Name:  "newlabel",
 		Color: "#abcdef",
 	})
-	assert.Equal(t, "/user2/repo1/labels", test.RedirectURL(ctx.Resp))
+	assert.Equal(t, "/user2/repo1/labels", test.RedirectURL(respWriter))
 }
 
-func TestUpdateLabel(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1/labels/edit")
+func testNewLabelInvalidColor(t *testing.T) {
+	ctx, respWriter := contexttest.MockContext(t, "user2/repo1/labels/edit")
+	contexttest.LoadUser(t, ctx, 2)
+	contexttest.LoadRepo(t, ctx, 1)
+	web.SetForm(ctx, &forms.CreateLabelForm{
+		Title: "newlabel-x",
+		Color: "bad-label-code",
+	})
+	NewLabel(ctx)
+	assert.Equal(t, http.StatusBadRequest, ctx.Resp.WrittenStatus())
+	assert.Equal(t, "repo.issues.label_color_invalid", test.ParseJSONError(respWriter.Body.Bytes()).ErrorMessage)
+	unittest.AssertNotExistsBean(t, &issues_model.Label{
+		Name: "newlabel-x",
+	})
+}
+
+func testUpdateLabel(t *testing.T) {
+	ctx, respWriter := contexttest.MockContext(t, "user2/repo1/labels/edit")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	web.SetForm(ctx, &forms.CreateLabelForm{
@@ -104,43 +120,62 @@ func TestUpdateLabel(t *testing.T) {
 		IsArchived: true,
 	})
 	UpdateLabel(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	unittest.AssertExistsAndLoadBean(t, &issues_model.Label{
 		ID:    2,
 		Name:  "newnameforlabel",
 		Color: "#abcdef",
 	})
-	assert.Equal(t, "/user2/repo1/labels", test.RedirectURL(ctx.Resp))
+	assert.Equal(t, "/user2/repo1/labels", test.RedirectURL(respWriter))
 }
 
-func TestDeleteLabel(t *testing.T) {
-	unittest.PrepareTestEnv(t)
+func testUpdateLabelInvalidColor(t *testing.T) {
+	ctx, respWriter := contexttest.MockContext(t, "user2/repo1/labels/edit")
+	contexttest.LoadUser(t, ctx, 2)
+	contexttest.LoadRepo(t, ctx, 1)
+	web.SetForm(ctx, &forms.CreateLabelForm{
+		ID:    1,
+		Title: "label1",
+		Color: "bad-label-code",
+	})
+
+	UpdateLabel(ctx)
+
+	assert.Equal(t, http.StatusBadRequest, ctx.Resp.WrittenStatus())
+	assert.Equal(t, "repo.issues.label_color_invalid", test.ParseJSONError(respWriter.Body.Bytes()).ErrorMessage)
+	unittest.AssertExistsAndLoadBean(t, &issues_model.Label{
+		ID:    1,
+		Name:  "label1",
+		Color: "#abcdef",
+	})
+}
+
+func testDeleteLabel(t *testing.T) {
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/labels/delete")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	ctx.Req.Form.Set("id", "2")
 	DeleteLabel(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	unittest.AssertNotExistsBean(t, &issues_model.Label{ID: 2})
 	unittest.AssertNotExistsBean(t, &issues_model.IssueLabel{LabelID: 2})
 	assert.EqualValues(t, ctx.Tr("repo.issues.label_deletion_success"), ctx.Flash.SuccessMsg)
 }
 
-func TestUpdateIssueLabel_Clear(t *testing.T) {
-	unittest.PrepareTestEnv(t)
+func testUpdateIssueLabelClear(t *testing.T) {
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/issues/labels")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	ctx.Req.Form.Set("issue_ids", "1,3")
 	ctx.Req.Form.Set("action", "clear")
 	UpdateIssueLabel(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	unittest.AssertNotExistsBean(t, &issues_model.IssueLabel{IssueID: 1})
 	unittest.AssertNotExistsBean(t, &issues_model.IssueLabel{IssueID: 3})
 	unittest.CheckConsistencyFor(t, &issues_model.Label{})
 }
 
-func TestUpdateIssueLabel_Toggle(t *testing.T) {
+func testUpdateIssueLabelToggle(t *testing.T) {
 	for _, testCase := range []struct {
 		Action      string
 		IssueIDs    []int64
@@ -156,11 +191,12 @@ func TestUpdateIssueLabel_Toggle(t *testing.T) {
 		ctx, _ := contexttest.MockContext(t, "user2/repo1/issues/labels")
 		contexttest.LoadUser(t, ctx, 2)
 		contexttest.LoadRepo(t, ctx, 1)
-		ctx.Req.Form.Set("issue_ids", int64SliceToCommaSeparated(testCase.IssueIDs))
+
+		ctx.Req.Form.Set("issue_ids", strings.Join(base.Int64sToStrings(testCase.IssueIDs), ","))
 		ctx.Req.Form.Set("action", testCase.Action)
 		ctx.Req.Form.Set("id", strconv.Itoa(int(testCase.LabelID)))
 		UpdateIssueLabel(ctx)
-		assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+		assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 		for _, issueID := range testCase.IssueIDs {
 			if testCase.ExpectedAdd {
 				unittest.AssertExistsAndLoadBean(t, &issues_model.IssueLabel{IssueID: issueID, LabelID: testCase.LabelID})
diff --git a/routers/web/repo/issue_list.go b/routers/web/repo/issue_list.go
index 69b38c81ec..fd34422cfc 100644
--- a/routers/web/repo/issue_list.go
+++ b/routers/web/repo/issue_list.go
@@ -5,8 +5,10 @@ package repo
 
 import (
 	"bytes"
-	"fmt"
+	"maps"
 	"net/http"
+	"slices"
+	"sort"
 	"strconv"
 	"strings"
 
@@ -18,6 +20,7 @@ import (
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	issue_indexer "code.gitea.io/gitea/modules/indexer/issues"
+	db_indexer "code.gitea.io/gitea/modules/indexer/issues/db"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
@@ -30,14 +33,6 @@ import (
 	pull_service "code.gitea.io/gitea/services/pull"
 )
 
-func issueIDsFromSearch(ctx *context.Context, keyword string, opts *issues_model.IssuesOptions) ([]int64, error) {
-	ids, _, err := issue_indexer.SearchIssues(ctx, issue_indexer.ToSearchOptions(keyword, opts))
-	if err != nil {
-		return nil, fmt.Errorf("SearchIssues: %w", err)
-	}
-	return ids, nil
-}
-
 func retrieveProjectsForIssueList(ctx *context.Context, repo *repo_model.Repository) {
 	ctx.Data["OpenProjects"], ctx.Data["ClosedProjects"] = retrieveProjectsInternal(ctx, repo)
 }
@@ -66,7 +61,7 @@ func SearchIssues(ctx *context.Context) {
 	)
 	{
 		// find repos user can access (for issue search)
-		opts := &repo_model.SearchRepoOptions{
+		opts := repo_model.SearchRepoOptions{
 			Private:     false,
 			AllPublic:   true,
 			TopicOnly:   false,
@@ -459,6 +454,19 @@ func UpdateIssueStatus(ctx *context.Context) {
 	ctx.JSONOK()
 }
 
+func prepareIssueFilterExclusiveOrderScopes(ctx *context.Context, allLabels []*issues_model.Label) {
+	scopeSet := make(map[string]bool)
+	for _, label := range allLabels {
+		scope := label.ExclusiveScope()
+		if len(scope) > 0 && label.ExclusiveOrder > 0 {
+			scopeSet[scope] = true
+		}
+	}
+	scopes := slices.Collect(maps.Keys(scopeSet))
+	sort.Strings(scopes)
+	ctx.Data["ExclusiveLabelScopes"] = scopes
+}
+
 func renderMilestones(ctx *context.Context) {
 	// Get milestones
 	milestones, err := db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{
@@ -481,7 +489,7 @@ func renderMilestones(ctx *context.Context) {
 	ctx.Data["ClosedMilestones"] = closedMilestones
 }
 
-func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption optional.Option[bool]) {
+func prepareIssueFilterAndList(ctx *context.Context, milestoneID, projectID int64, isPullOption optional.Option[bool]) {
 	var err error
 	viewType := ctx.FormString("type")
 	sortType := ctx.FormString("sort")
@@ -502,7 +510,7 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 		case "mentioned":
 			mentionedID = ctx.Doer.ID
 		case "assigned":
-			assigneeID = fmt.Sprint(ctx.Doer.ID)
+			assigneeID = strconv.FormatInt(ctx.Doer.ID, 10)
 		case "review_requested":
 			reviewRequestedID = ctx.Doer.ID
 		case "reviewed_by":
@@ -521,15 +529,18 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 		mileIDs = []int64{milestoneID}
 	}
 
-	labelIDs := issue.PrepareFilterIssueLabels(ctx, repo.ID, ctx.Repo.Owner)
+	preparedLabelFilter := issue.PrepareFilterIssueLabels(ctx, repo.ID, ctx.Repo.Owner)
 	if ctx.Written() {
 		return
 	}
 
+	prepareIssueFilterExclusiveOrderScopes(ctx, preparedLabelFilter.AllLabels)
+
+	var keywordMatchedIssueIDs []int64
 	var issueStats *issues_model.IssueStats
 	statsOpts := &issues_model.IssuesOptions{
 		RepoIDs:           []int64{repo.ID},
-		LabelIDs:          labelIDs,
+		LabelIDs:          preparedLabelFilter.SelectedLabelIDs,
 		MilestoneIDs:      mileIDs,
 		ProjectID:         projectID,
 		AssigneeID:        assigneeID,
@@ -541,7 +552,7 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 		IssueIDs:          nil,
 	}
 	if keyword != "" {
-		allIssueIDs, err := issueIDsFromSearch(ctx, keyword, statsOpts)
+		keywordMatchedIssueIDs, _, err = issue_indexer.SearchIssues(ctx, issue_indexer.ToSearchOptions(keyword, statsOpts))
 		if err != nil {
 			if issue_indexer.IsAvailable(ctx) {
 				ctx.ServerError("issueIDsFromSearch", err)
@@ -550,14 +561,17 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 			ctx.Data["IssueIndexerUnavailable"] = true
 			return
 		}
-		statsOpts.IssueIDs = allIssueIDs
+		if len(keywordMatchedIssueIDs) == 0 {
+			// It did search with the keyword, but no issue found, just set issueStats to empty, then no need to do query again.
+			issueStats = &issues_model.IssueStats{}
+			// set keywordMatchedIssueIDs to empty slice, so we can distinguish it from "nil"
+			keywordMatchedIssueIDs = []int64{}
+		}
+		statsOpts.IssueIDs = keywordMatchedIssueIDs
 	}
-	if keyword != "" && len(statsOpts.IssueIDs) == 0 {
-		// So it did search with the keyword, but no issue found.
-		// Just set issueStats to empty.
-		issueStats = &issues_model.IssueStats{}
-	} else {
-		// So it did search with the keyword, and found some issues. It needs to get issueStats of these issues.
+
+	if issueStats == nil {
+		// Either it did search with the keyword, and found some issues, it needs to get issueStats of these issues.
 		// Or the keyword is empty, so it doesn't need issueIDs as filter, just get issueStats with statsOpts.
 		issueStats, err = issues_model.GetIssueStats(ctx, statsOpts)
 		if err != nil {
@@ -589,25 +603,21 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 		ctx.Data["TotalTrackedTime"] = totalTrackedTime
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
-
-	var total int
-	switch {
-	case isShowClosed.Value():
-		total = int(issueStats.ClosedCount)
-	case !isShowClosed.Has():
-		total = int(issueStats.OpenCount + issueStats.ClosedCount)
-	default:
-		total = int(issueStats.OpenCount)
+	// prepare pager
+	total := int(issueStats.OpenCount + issueStats.ClosedCount)
+	if isShowClosed.Has() {
+		total = util.Iif(isShowClosed.Value(), int(issueStats.ClosedCount), int(issueStats.OpenCount))
 	}
+	page := max(ctx.FormInt("page"), 1)
 	pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5)
 
+	// prepare real issue list:
 	var issues issues_model.IssueList
-	{
-		ids, err := issueIDsFromSearch(ctx, keyword, &issues_model.IssuesOptions{
+	if keywordMatchedIssueIDs == nil || len(keywordMatchedIssueIDs) > 0 {
+		// Either it did search with the keyword, and found some issues, then keywordMatchedIssueIDs is not null, it needs to use db indexer.
+		// Or the keyword is empty, it also needs to usd db indexer.
+		// In either case, no need to use keyword anymore
+		searchResult, err := db_indexer.GetIndexer().FindWithIssueOptions(ctx, &issues_model.IssuesOptions{
 			Paginator: &db.ListOptions{
 				Page:     pager.Paginater.Current(),
 				PageSize: setting.UI.IssuePagingNum,
@@ -622,18 +632,16 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 			ProjectID:         projectID,
 			IsClosed:          isShowClosed,
 			IsPull:            isPullOption,
-			LabelIDs:          labelIDs,
+			LabelIDs:          preparedLabelFilter.SelectedLabelIDs,
 			SortType:          sortType,
+			IssueIDs:          keywordMatchedIssueIDs,
 		})
 		if err != nil {
-			if issue_indexer.IsAvailable(ctx) {
-				ctx.ServerError("issueIDsFromSearch", err)
-				return
-			}
-			ctx.Data["IssueIndexerUnavailable"] = true
+			ctx.ServerError("DBIndexer.Search", err)
 			return
 		}
-		issues, err = issues_model.GetIssuesByIDs(ctx, ids, true)
+		issueIDs := issue_indexer.SearchResultToIDSlice(searchResult)
+		issues, err = issues_model.GetIssuesByIDs(ctx, issueIDs, true)
 		if err != nil {
 			ctx.ServerError("GetIssuesByIDs", err)
 			return
@@ -696,9 +704,10 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 			return 0
 		}
 		reviewTyp := issues_model.ReviewTypeApprove
-		if typ == "reject" {
+		switch typ {
+		case "reject":
 			reviewTyp = issues_model.ReviewTypeReject
-		} else if typ == "waiting" {
+		case "waiting":
 			reviewTyp = issues_model.ReviewTypeRequest
 		}
 		for _, count := range counts {
@@ -727,7 +736,7 @@ func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption opt
 	ctx.Data["IssueStats"] = issueStats
 	ctx.Data["OpenCount"] = issueStats.OpenCount
 	ctx.Data["ClosedCount"] = issueStats.ClosedCount
-	ctx.Data["SelLabelIDs"] = labelIDs
+	ctx.Data["SelLabelIDs"] = preparedLabelFilter.SelectedLabelIDs
 	ctx.Data["ViewType"] = viewType
 	ctx.Data["SortType"] = sortType
 	ctx.Data["MilestoneID"] = milestoneID
@@ -758,6 +767,10 @@ func Issues(ctx *context.Context) {
 		}
 		ctx.Data["Title"] = ctx.Tr("repo.pulls")
 		ctx.Data["PageIsPullList"] = true
+		prepareRecentlyPushedNewBranches(ctx)
+		if ctx.Written() {
+			return
+		}
 	} else {
 		MustEnableIssues(ctx)
 		if ctx.Written() {
@@ -768,7 +781,7 @@ func Issues(ctx *context.Context) {
 		ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo)
 	}
 
-	issues(ctx, ctx.FormInt64("milestone"), ctx.FormInt64("project"), optional.Some(isPullList))
+	prepareIssueFilterAndList(ctx, ctx.FormInt64("milestone"), ctx.FormInt64("project"), optional.Some(isPullList))
 	if ctx.Written() {
 		return
 	}
diff --git a/routers/web/repo/issue_lock.go b/routers/web/repo/issue_lock.go
index 1d5fc8a5f3..bc8aabd90b 100644
--- a/routers/web/repo/issue_lock.go
+++ b/routers/web/repo/issue_lock.go
@@ -24,11 +24,6 @@ func LockIssue(ctx *context.Context) {
 		return
 	}
 
-	if !form.HasValidReason() {
-		ctx.JSONError(ctx.Tr("repo.issues.lock.unknown_reason"))
-		return
-	}
-
 	if err := issues_model.LockIssue(ctx, &issues_model.IssueLockOptions{
 		Doer:   ctx.Doer,
 		Issue:  issue,
diff --git a/routers/web/repo/issue_new.go b/routers/web/repo/issue_new.go
index 9f52396414..887019b146 100644
--- a/routers/web/repo/issue_new.go
+++ b/routers/web/repo/issue_new.go
@@ -7,6 +7,7 @@ import (
 	"errors"
 	"fmt"
 	"html/template"
+	"maps"
 	"net/http"
 	"slices"
 	"sort"
@@ -136,9 +137,7 @@ func NewIssue(ctx *context.Context) {
 
 	ret := issue_service.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo)
 	templateLoaded, errs := setTemplateIfExists(ctx, issueTemplateKey, IssueTemplateCandidates, pageMetaData)
-	for k, v := range errs {
-		ret.TemplateErrors[k] = v
-	}
+	maps.Copy(ret.TemplateErrors, errs)
 	if ctx.Written() {
 		return
 	}
@@ -223,11 +222,11 @@ func DeleteIssue(ctx *context.Context) {
 	}
 
 	if issue.IsPull {
-		ctx.Redirect(fmt.Sprintf("%s/pulls", ctx.Repo.Repository.Link()), http.StatusSeeOther)
+		ctx.Redirect(ctx.Repo.Repository.Link()+"/pulls", http.StatusSeeOther)
 		return
 	}
 
-	ctx.Redirect(fmt.Sprintf("%s/issues", ctx.Repo.Repository.Link()), http.StatusSeeOther)
+	ctx.Redirect(ctx.Repo.Repository.Link()+"/issues", http.StatusSeeOther)
 }
 
 func toSet[ItemType any, KeyType comparable](slice []ItemType, keyFunc func(ItemType) KeyType) container.Set[KeyType] {
diff --git a/routers/web/repo/issue_stopwatch.go b/routers/web/repo/issue_stopwatch.go
index 73e279e0a6..2de3a7cfec 100644
--- a/routers/web/repo/issue_stopwatch.go
+++ b/routers/web/repo/issue_stopwatch.go
@@ -4,41 +4,53 @@
 package repo
 
 import (
-	"strings"
-
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/modules/eventsource"
 	"code.gitea.io/gitea/services/context"
 )
 
-// IssueStopwatch creates or stops a stopwatch for the given issue.
-func IssueStopwatch(c *context.Context) {
+// IssueStartStopwatch creates a stopwatch for the given issue.
+func IssueStartStopwatch(c *context.Context) {
 	issue := GetActionIssue(c)
 	if c.Written() {
 		return
 	}
 
-	var showSuccessMessage bool
-
-	if !issues_model.StopwatchExists(c, c.Doer.ID, issue.ID) {
-		showSuccessMessage = true
-	}
-
 	if !c.Repo.CanUseTimetracker(c, issue, c.Doer) {
 		c.NotFound(nil)
 		return
 	}
 
-	if err := issues_model.CreateOrStopIssueStopwatch(c, c.Doer, issue); err != nil {
-		c.ServerError("CreateOrStopIssueStopwatch", err)
+	if ok, err := issues_model.CreateIssueStopwatch(c, c.Doer, issue); err != nil {
+		c.ServerError("CreateIssueStopwatch", err)
 		return
+	} else if !ok {
+		c.Flash.Warning(c.Tr("repo.issues.stopwatch_already_created"))
+	} else {
+		c.Flash.Success(c.Tr("repo.issues.tracker_auto_close"))
 	}
+	c.JSONRedirect("")
+}
 
-	if showSuccessMessage {
-		c.Flash.Success(c.Tr("repo.issues.tracker_auto_close"))
+// IssueStopStopwatch stops a stopwatch for the given issue.
+func IssueStopStopwatch(c *context.Context) {
+	issue := GetActionIssue(c)
+	if c.Written() {
+		return
 	}
 
+	if !c.Repo.CanUseTimetracker(c, issue, c.Doer) {
+		c.NotFound(nil)
+		return
+	}
+
+	if ok, err := issues_model.FinishIssueStopwatch(c, c.Doer, issue); err != nil {
+		c.ServerError("FinishIssueStopwatch", err)
+		return
+	} else if !ok {
+		c.Flash.Warning(c.Tr("repo.issues.stopwatch_already_stopped"))
+	}
 	c.JSONRedirect("")
 }
 
@@ -53,7 +65,7 @@ func CancelStopwatch(c *context.Context) {
 		return
 	}
 
-	if err := issues_model.CancelStopwatch(c, c.Doer, issue); err != nil {
+	if _, err := issues_model.CancelStopwatch(c, c.Doer, issue); err != nil {
 		c.ServerError("CancelStopwatch", err)
 		return
 	}
@@ -72,39 +84,3 @@ func CancelStopwatch(c *context.Context) {
 
 	c.JSONRedirect("")
 }
-
-// GetActiveStopwatch is the middleware that sets .ActiveStopwatch on context
-func GetActiveStopwatch(ctx *context.Context) {
-	if strings.HasPrefix(ctx.Req.URL.Path, "/api") {
-		return
-	}
-
-	if !ctx.IsSigned {
-		return
-	}
-
-	_, sw, issue, err := issues_model.HasUserStopwatch(ctx, ctx.Doer.ID)
-	if err != nil {
-		ctx.ServerError("HasUserStopwatch", err)
-		return
-	}
-
-	if sw == nil || sw.ID == 0 {
-		return
-	}
-
-	ctx.Data["ActiveStopwatch"] = StopwatchTmplInfo{
-		issue.Link(),
-		issue.Repo.FullName(),
-		issue.Index,
-		sw.Seconds() + 1, // ensure time is never zero in ui
-	}
-}
-
-// StopwatchTmplInfo is a view on a stopwatch specifically for template rendering
-type StopwatchTmplInfo struct {
-	IssueLink  string
-	RepoSlug   string
-	IssueIndex int64
-	Seconds    int64
-}
diff --git a/routers/web/repo/issue_view.go b/routers/web/repo/issue_view.go
index b312f1260a..d0064e763e 100644
--- a/routers/web/repo/issue_view.go
+++ b/routers/web/repo/issue_view.go
@@ -9,6 +9,7 @@ import (
 	"net/http"
 	"net/url"
 	"sort"
+	"strconv"
 
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
@@ -31,6 +32,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/templates/vars"
+	"code.gitea.io/gitea/modules/util"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/context/upload"
@@ -271,14 +273,29 @@ func combineLabelComments(issue *issues_model.Issue) {
 	}
 }
 
-// ViewIssue render issue view page
-func ViewIssue(ctx *context.Context) {
+func prepareIssueViewLoad(ctx *context.Context) *issues_model.Issue {
+	issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64("index"))
+	if err != nil {
+		ctx.NotFoundOrServerError("GetIssueByIndex", issues_model.IsErrIssueNotExist, err)
+		return nil
+	}
+	issue.Repo = ctx.Repo.Repository
+	ctx.Data["Issue"] = issue
+
+	if err = issue.LoadPullRequest(ctx); err != nil {
+		ctx.ServerError("LoadPullRequest", err)
+		return nil
+	}
+	return issue
+}
+
+func handleViewIssueRedirectExternal(ctx *context.Context) {
 	if ctx.PathParam("type") == "issues" {
 		// If issue was requested we check if repo has external tracker and redirect
 		extIssueUnit, err := ctx.Repo.Repository.GetUnit(ctx, unit.TypeExternalTracker)
 		if err == nil && extIssueUnit != nil {
 			if extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == markup.IssueNameStyleNumeric || extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == "" {
-				metas := ctx.Repo.Repository.ComposeMetas(ctx)
+				metas := ctx.Repo.Repository.ComposeCommentMetas(ctx)
 				metas["index"] = ctx.PathParam("index")
 				res, err := vars.Expand(extIssueUnit.ExternalTrackerConfig().ExternalTrackerFormat, metas)
 				if err != nil {
@@ -294,18 +311,18 @@ func ViewIssue(ctx *context.Context) {
 			return
 		}
 	}
+}
 
-	issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64("index"))
-	if err != nil {
-		if issues_model.IsErrIssueNotExist(err) {
-			ctx.NotFound(err)
-		} else {
-			ctx.ServerError("GetIssueByIndex", err)
-		}
+// ViewIssue render issue view page
+func ViewIssue(ctx *context.Context) {
+	handleViewIssueRedirectExternal(ctx)
+	if ctx.Written() {
 		return
 	}
-	if issue.Repo == nil {
-		issue.Repo = ctx.Repo.Repository
+
+	issue := prepareIssueViewLoad(ctx)
+	if ctx.Written() {
+		return
 	}
 
 	// Make sure type and URL matches.
@@ -337,12 +354,12 @@ func ViewIssue(ctx *context.Context) {
 	ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled
 	upload.AddUploadContext(ctx, "comment")
 
-	if err = issue.LoadAttributes(ctx); err != nil {
+	if err := issue.LoadAttributes(ctx); err != nil {
 		ctx.ServerError("LoadAttributes", err)
 		return
 	}
 
-	if err = filterXRefComments(ctx, issue); err != nil {
+	if err := filterXRefComments(ctx, issue); err != nil {
 		ctx.ServerError("filterXRefComments", err)
 		return
 	}
@@ -351,7 +368,7 @@ func ViewIssue(ctx *context.Context) {
 
 	if ctx.IsSigned {
 		// Update issue-user.
-		if err = activities_model.SetIssueReadBy(ctx, issue.ID, ctx.Doer.ID); err != nil {
+		if err := activities_model.SetIssueReadBy(ctx, issue.ID, ctx.Doer.ID); err != nil {
 			ctx.ServerError("ReadBy", err)
 			return
 		}
@@ -365,15 +382,13 @@ func ViewIssue(ctx *context.Context) {
 
 	prepareFuncs := []func(*context.Context, *issues_model.Issue){
 		prepareIssueViewContent,
-		func(ctx *context.Context, issue *issues_model.Issue) {
-			preparePullViewPullInfo(ctx, issue)
-		},
 		prepareIssueViewCommentsAndSidebarParticipants,
-		preparePullViewReviewAndMerge,
 		prepareIssueViewSidebarWatch,
 		prepareIssueViewSidebarTimeTracker,
 		prepareIssueViewSidebarDependency,
 		prepareIssueViewSidebarPin,
+		func(ctx *context.Context, issue *issues_model.Issue) { preparePullViewPullInfo(ctx, issue) },
+		preparePullViewReviewAndMerge,
 	}
 
 	for _, prepareFunc := range prepareFuncs {
@@ -412,9 +427,29 @@ func ViewIssue(ctx *context.Context) {
 		return user_service.CanBlockUser(ctx, ctx.Doer, blocker, blockee)
 	}
 
+	if issue.PullRequest != nil && !issue.PullRequest.IsChecking() && !setting.IsProd {
+		ctx.Data["PullMergeBoxReloadingInterval"] = 1 // in dev env, force using the reloading logic to make sure it won't break
+	}
+
 	ctx.HTML(http.StatusOK, tplIssueView)
 }
 
+func ViewPullMergeBox(ctx *context.Context) {
+	issue := prepareIssueViewLoad(ctx)
+	if !issue.IsPull {
+		ctx.NotFound(nil)
+		return
+	}
+	preparePullViewPullInfo(ctx, issue)
+	preparePullViewReviewAndMerge(ctx, issue)
+	ctx.Data["PullMergeBoxReloading"] = issue.PullRequest.IsChecking()
+
+	// TODO: it should use a dedicated struct to render the pull merge box, to make sure all data is prepared correctly
+	ctx.Data["IsIssuePoster"] = ctx.IsSigned && issue.IsPoster(ctx.Doer.ID)
+	ctx.Data["HasIssuesOrPullsWritePermission"] = ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull)
+	ctx.HTML(http.StatusOK, tplPullMergeBox)
+}
+
 func prepareIssueViewSidebarDependency(ctx *context.Context, issue *issues_model.Issue) {
 	if issue.IsPull && !ctx.Repo.CanRead(unit.TypeIssues) {
 		ctx.Data["IssueDependencySearchType"] = "pulls"
@@ -457,7 +492,7 @@ func preparePullViewSigning(ctx *context.Context, issue *issues_model.Issue) {
 	pull := issue.PullRequest
 	ctx.Data["WillSign"] = false
 	if ctx.Doer != nil {
-		sign, key, _, err := asymkey_service.SignMerge(ctx, pull, ctx.Doer, pull.BaseRepo.RepoPath(), pull.BaseBranch, pull.GetGitRefName())
+		sign, key, _, err := asymkey_service.SignMerge(ctx, pull, ctx.Doer, pull.BaseRepo.RepoPath(), pull.BaseBranch, pull.GetGitHeadRefName())
 		ctx.Data["WillSign"] = sign
 		ctx.Data["SigningKey"] = key
 		if err != nil {
@@ -594,7 +629,9 @@ func prepareIssueViewCommentsAndSidebarParticipants(ctx *context.Context, issue
 		comment.Issue = issue
 
 		if comment.Type == issues_model.CommentTypeComment || comment.Type == issues_model.CommentTypeReview {
-			rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo)
+			rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo, renderhelper.RepoCommentOptions{
+				FootnoteContextID: strconv.FormatInt(comment.ID, 10),
+			})
 			comment.RenderedContent, err = markdown.RenderString(rctx, comment.Content)
 			if err != nil {
 				ctx.ServerError("RenderString", err)
@@ -670,7 +707,9 @@ func prepareIssueViewCommentsAndSidebarParticipants(ctx *context.Context, issue
 				}
 			}
 		} else if comment.Type.HasContentSupport() {
-			rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo)
+			rctx := renderhelper.NewRenderContextRepoComment(ctx, issue.Repo, renderhelper.RepoCommentOptions{
+				FootnoteContextID: strconv.FormatInt(comment.ID, 10),
+			})
 			comment.RenderedContent, err = markdown.RenderString(rctx, comment.Content)
 			if err != nil {
 				ctx.ServerError("RenderString", err)
@@ -727,6 +766,9 @@ func prepareIssueViewCommentsAndSidebarParticipants(ctx *context.Context, issue
 			}
 			if !ctx.Repo.CanRead(unit.TypeActions) {
 				for _, commit := range comment.Commits {
+					if commit.Status == nil {
+						continue
+					}
 					commit.Status.HideActionsURL(ctx)
 					git_model.CommitStatusesHideActionsURL(ctx, commit.Statuses)
 				}
@@ -792,6 +834,8 @@ func preparePullViewReviewAndMerge(ctx *context.Context, issue *issues_model.Iss
 	allowMerge := false
 	canWriteToHeadRepo := false
 
+	pull_service.StartPullRequestCheckOnView(ctx, pull)
+
 	if ctx.IsSigned {
 		if err := pull.LoadHeadRepo(ctx); err != nil {
 			log.Error("LoadHeadRepo: %v", err)
@@ -838,6 +882,7 @@ func preparePullViewReviewAndMerge(ctx *context.Context, issue *issues_model.Iss
 		}
 	}
 
+	ctx.Data["PullMergeBoxReloadingInterval"] = util.Iif(pull != nil && pull.IsChecking(), 2000, 0)
 	ctx.Data["CanWriteToHeadRepo"] = canWriteToHeadRepo
 	ctx.Data["ShowMergeInstructions"] = canWriteToHeadRepo
 	ctx.Data["AllowMerge"] = allowMerge
@@ -948,7 +993,9 @@ func preparePullViewReviewAndMerge(ctx *context.Context, issue *issues_model.Iss
 
 func prepareIssueViewContent(ctx *context.Context, issue *issues_model.Issue) {
 	var err error
-	rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository)
+	rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository, renderhelper.RepoCommentOptions{
+		FootnoteContextID: "0", // Set footnote context ID to 0 for the issue content
+	})
 	issue.RenderedContent, err = markdown.RenderString(rctx, issue.Content)
 	if err != nil {
 		ctx.ServerError("RenderString", err)
@@ -958,5 +1005,4 @@ func prepareIssueViewContent(ctx *context.Context, issue *issues_model.Issue) {
 		ctx.ServerError("roleDescriptor", err)
 		return
 	}
-	ctx.Data["Issue"] = issue
 }
diff --git a/routers/web/repo/milestone.go b/routers/web/repo/milestone.go
index f1d0a857ea..dd53b1d3f1 100644
--- a/routers/web/repo/milestone.go
+++ b/routers/web/repo/milestone.go
@@ -38,10 +38,7 @@ func Milestones(ctx *context.Context) {
 	isShowClosed := ctx.FormString("state") == "closed"
 	sortType := ctx.FormString("sort")
 	keyword := ctx.FormTrim("q")
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	miles, total, err := db.FindAndCount[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{
 		ListOptions: db.ListOptions{
@@ -263,7 +260,7 @@ func MilestoneIssuesAndPulls(ctx *context.Context) {
 	ctx.Data["Title"] = milestone.Name
 	ctx.Data["Milestone"] = milestone
 
-	issues(ctx, milestoneID, projectID, optional.None[bool]())
+	prepareIssueFilterAndList(ctx, milestoneID, projectID, optional.None[bool]())
 
 	ret := issue.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo)
 	ctx.Data["NewIssueChooseTemplate"] = len(ret.IssueTemplates) > 0
diff --git a/routers/web/repo/packages.go b/routers/web/repo/packages.go
index 65a340a799..d09a57c03f 100644
--- a/routers/web/repo/packages.go
+++ b/routers/web/repo/packages.go
@@ -21,10 +21,7 @@ const (
 
 // Packages displays a list of all packages in the repository
 func Packages(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	query := ctx.FormTrim("q")
 	packageType := ctx.FormTrim("type")
 
diff --git a/routers/web/repo/patch.go b/routers/web/repo/patch.go
deleted file mode 100644
index 120b3469f6..0000000000
--- a/routers/web/repo/patch.go
+++ /dev/null
@@ -1,125 +0,0 @@
-// Copyright 2021 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package repo
-
-import (
-	"strings"
-
-	git_model "code.gitea.io/gitea/models/git"
-	"code.gitea.io/gitea/models/unit"
-	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/templates"
-	"code.gitea.io/gitea/modules/util"
-	"code.gitea.io/gitea/modules/web"
-	"code.gitea.io/gitea/services/context"
-	"code.gitea.io/gitea/services/forms"
-	"code.gitea.io/gitea/services/repository/files"
-)
-
-const (
-	tplPatchFile templates.TplName = "repo/editor/patch"
-)
-
-// NewDiffPatch render create patch page
-func NewDiffPatch(ctx *context.Context) {
-	canCommit := renderCommitRights(ctx)
-
-	ctx.Data["PageIsPatch"] = true
-
-	ctx.Data["commit_summary"] = ""
-	ctx.Data["commit_message"] = ""
-	if canCommit {
-		ctx.Data["commit_choice"] = frmCommitChoiceDirect
-	} else {
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-	}
-	ctx.Data["new_branch_name"] = GetUniquePatchBranchName(ctx)
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	ctx.Data["LineWrapExtensions"] = strings.Join(setting.Repository.Editor.LineWrapExtensions, ",")
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-
-	ctx.HTML(200, tplPatchFile)
-}
-
-// NewDiffPatchPost response for sending patch page
-func NewDiffPatchPost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.EditRepoFileForm)
-
-	canCommit := renderCommitRights(ctx)
-	branchName := ctx.Repo.BranchName
-	if form.CommitChoice == frmCommitChoiceNewBranch {
-		branchName = form.NewBranchName
-	}
-	ctx.Data["PageIsPatch"] = true
-	ctx.Data["BranchLink"] = ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
-	ctx.Data["FileContent"] = form.Content
-	ctx.Data["commit_summary"] = form.CommitSummary
-	ctx.Data["commit_message"] = form.CommitMessage
-	ctx.Data["commit_choice"] = form.CommitChoice
-	ctx.Data["new_branch_name"] = form.NewBranchName
-	ctx.Data["last_commit"] = ctx.Repo.CommitID
-	ctx.Data["LineWrapExtensions"] = strings.Join(setting.Repository.Editor.LineWrapExtensions, ",")
-
-	if ctx.HasError() {
-		ctx.HTML(200, tplPatchFile)
-		return
-	}
-
-	// Cannot commit to an existing branch if user doesn't have rights
-	if branchName == ctx.Repo.BranchName && !canCommit {
-		ctx.Data["Err_NewBranchName"] = true
-		ctx.Data["commit_choice"] = frmCommitChoiceNewBranch
-		ctx.RenderWithErr(ctx.Tr("repo.editor.cannot_commit_to_protected_branch", branchName), tplEditFile, &form)
-		return
-	}
-
-	// CommitSummary is optional in the web form, if empty, give it a default message based on add or update
-	// `message` will be both the summary and message combined
-	message := strings.TrimSpace(form.CommitSummary)
-	if len(message) == 0 {
-		message = ctx.Locale.TrString("repo.editor.patch")
-	}
-
-	form.CommitMessage = strings.TrimSpace(form.CommitMessage)
-	if len(form.CommitMessage) > 0 {
-		message += "\n\n" + form.CommitMessage
-	}
-
-	gitCommitter, valid := WebGitOperationGetCommitChosenEmailIdentity(ctx, form.CommitEmail)
-	if !valid {
-		ctx.Data["Err_CommitEmail"] = true
-		ctx.RenderWithErr(ctx.Tr("repo.editor.invalid_commit_email"), tplPatchFile, &form)
-		return
-	}
-
-	fileResponse, err := files.ApplyDiffPatch(ctx, ctx.Repo.Repository, ctx.Doer, &files.ApplyDiffPatchOptions{
-		LastCommitID: form.LastCommit,
-		OldBranch:    ctx.Repo.BranchName,
-		NewBranch:    branchName,
-		Message:      message,
-		Content:      strings.ReplaceAll(form.Content, "\r", ""),
-		Author:       gitCommitter,
-		Committer:    gitCommitter,
-	})
-	if err != nil {
-		if git_model.IsErrBranchAlreadyExists(err) {
-			// User has specified a branch that already exists
-			branchErr := err.(git_model.ErrBranchAlreadyExists)
-			ctx.Data["Err_NewBranchName"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.editor.branch_already_exists", branchErr.BranchName), tplEditFile, &form)
-			return
-		} else if files.IsErrCommitIDDoesNotMatch(err) {
-			ctx.RenderWithErr(ctx.Tr("repo.editor.file_changed_while_editing", ctx.Repo.RepoLink+"/compare/"+form.LastCommit+"..."+ctx.Repo.CommitID), tplPatchFile, &form)
-			return
-		}
-		ctx.RenderWithErr(ctx.Tr("repo.editor.fail_to_apply_patch", err), tplPatchFile, &form)
-		return
-	}
-
-	if form.CommitChoice == frmCommitChoiceNewBranch && ctx.Repo.Repository.UnitEnabled(ctx, unit.TypePullRequests) {
-		ctx.Redirect(ctx.Repo.RepoLink + "/compare/" + util.PathEscapeSegments(ctx.Repo.BranchName) + "..." + util.PathEscapeSegments(form.NewBranchName))
-	} else {
-		ctx.Redirect(ctx.Repo.RepoLink + "/commit/" + fileResponse.Commit.SHA)
-	}
-}
diff --git a/routers/web/repo/projects.go b/routers/web/repo/projects.go
index 6810025c6f..a57976b4ca 100644
--- a/routers/web/repo/projects.go
+++ b/routers/web/repo/projects.go
@@ -61,10 +61,7 @@ func Projects(ctx *context.Context) {
 	isShowClosed := strings.ToLower(ctx.FormTrim("state")) == "closed"
 	keyword := ctx.FormTrim("q")
 	repo := ctx.Repo.Repository
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	ctx.Data["OpenCount"] = repo.NumOpenProjects
 	ctx.Data["ClosedCount"] = repo.NumClosedProjects
@@ -313,13 +310,13 @@ func ViewProject(ctx *context.Context) {
 		return
 	}
 
-	labelIDs := issue.PrepareFilterIssueLabels(ctx, ctx.Repo.Repository.ID, ctx.Repo.Owner)
+	preparedLabelFilter := issue.PrepareFilterIssueLabels(ctx, ctx.Repo.Repository.ID, ctx.Repo.Owner)
 
 	assigneeID := ctx.FormString("assignee")
 
 	issuesMap, err := project_service.LoadIssuesFromProject(ctx, project, &issues_model.IssuesOptions{
 		RepoIDs:    []int64{ctx.Repo.Repository.ID},
-		LabelIDs:   labelIDs,
+		LabelIDs:   preparedLabelFilter.SelectedLabelIDs,
 		AssigneeID: assigneeID,
 	})
 	if err != nil {
@@ -381,8 +378,8 @@ func ViewProject(ctx *context.Context) {
 	}
 
 	// Get the exclusive scope for every label ID
-	labelExclusiveScopes := make([]string, 0, len(labelIDs))
-	for _, labelID := range labelIDs {
+	labelExclusiveScopes := make([]string, 0, len(preparedLabelFilter.SelectedLabelIDs))
+	for _, labelID := range preparedLabelFilter.SelectedLabelIDs {
 		foundExclusiveScope := false
 		for _, label := range labels {
 			if label.ID == labelID || label.ID == -labelID {
@@ -397,7 +394,7 @@ func ViewProject(ctx *context.Context) {
 	}
 
 	for _, l := range labels {
-		l.LoadSelectedLabelsAfterClick(labelIDs, labelExclusiveScopes)
+		l.LoadSelectedLabelsAfterClick(preparedLabelFilter.SelectedLabelIDs, labelExclusiveScopes)
 	}
 	ctx.Data["Labels"] = labels
 	ctx.Data["NumLabels"] = len(labels)
diff --git a/routers/web/repo/pull.go b/routers/web/repo/pull.go
index e12798f93d..bc58efeb6f 100644
--- a/routers/web/repo/pull.go
+++ b/routers/web/repo/pull.go
@@ -24,8 +24,10 @@ import (
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/emoji"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/graceful"
 	issue_template "code.gitea.io/gitea/modules/issue/template"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -181,6 +183,7 @@ func setMergeTarget(ctx *context.Context, pull *issues_model.PullRequest) {
 
 // GetPullDiffStats get Pull Requests diff stats
 func GetPullDiffStats(ctx *context.Context) {
+	// FIXME: this getPullInfo seems to be a duplicate call with other route handlers
 	issue, ok := getPullInfo(ctx)
 	if !ok {
 		return
@@ -188,21 +191,19 @@ func GetPullDiffStats(ctx *context.Context) {
 	pull := issue.PullRequest
 
 	mergeBaseCommitID := GetMergedBaseCommitID(ctx, issue)
-
 	if mergeBaseCommitID == "" {
-		ctx.NotFound(nil)
-		return
+		return // no merge base, do nothing, do not stop the route handler, see below
 	}
 
-	headCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(pull.GetGitRefName())
+	// do not report 500 server error to end users if error occurs, otherwise a PR missing ref won't be able to view.
+	headCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 	if err != nil {
-		ctx.ServerError("GetRefCommitID", err)
+		log.Error("Failed to GetRefCommitID: %v, repo: %v", err, ctx.Repo.Repository.FullName())
 		return
 	}
-
 	diffShortStat, err := gitdiff.GetDiffShortStat(ctx.Repo.GitRepo, mergeBaseCommitID, headCommitID)
 	if err != nil {
-		ctx.ServerError("GetDiffShortStat", err)
+		log.Error("Failed to GetDiffShortStat: %v, repo: %v", err, ctx.Repo.Repository.FullName())
 		return
 	}
 
@@ -217,13 +218,13 @@ func GetMergedBaseCommitID(ctx *context.Context, issue *issues_model.Issue) stri
 	if pull.MergeBase == "" {
 		var commitSHA, parentCommit string
 		// If there is a head or a patch file, and it is readable, grab info
-		commitSHA, err := ctx.Repo.GitRepo.GetRefCommitID(pull.GetGitRefName())
+		commitSHA, err := ctx.Repo.GitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 		if err != nil {
 			// Head File does not exist, try the patch
 			commitSHA, err = ctx.Repo.GitRepo.ReadPatchCommit(pull.Index)
 			if err == nil {
 				// Recreate pull head in files for next time
-				if err := ctx.Repo.GitRepo.SetReference(pull.GetGitRefName(), commitSHA); err != nil {
+				if err := ctx.Repo.GitRepo.SetReference(pull.GetGitHeadRefName(), commitSHA); err != nil {
 					log.Error("Could not write head file", err)
 				}
 			} else {
@@ -273,7 +274,7 @@ func prepareMergedViewPullInfo(ctx *context.Context, issue *issues_model.Issue)
 	baseCommit := GetMergedBaseCommitID(ctx, issue)
 
 	compareInfo, err := ctx.Repo.GitRepo.GetCompareInfo(ctx.Repo.Repository.RepoPath(),
-		baseCommit, pull.GetGitRefName(), false, false)
+		baseCommit, pull.GetGitHeadRefName(), false, false)
 	if err != nil {
 		if strings.Contains(err.Error(), "fatal: Not a valid object name") || strings.Contains(err.Error(), "unknown revision or path not in the working tree") {
 			ctx.Data["IsPullRequestBroken"] = true
@@ -291,7 +292,7 @@ func prepareMergedViewPullInfo(ctx *context.Context, issue *issues_model.Issue)
 
 	if len(compareInfo.Commits) != 0 {
 		sha := compareInfo.Commits[0].ID.String()
-		commitStatuses, _, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, sha, db.ListOptionsAll)
+		commitStatuses, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, sha, db.ListOptionsAll)
 		if err != nil {
 			ctx.ServerError("GetLatestCommitStatus", err)
 			return nil
@@ -353,12 +354,12 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 		ctx.Data["BaseTarget"] = pull.BaseBranch
 		ctx.Data["HeadTarget"] = pull.HeadBranch
 
-		sha, err := baseGitRepo.GetRefCommitID(pull.GetGitRefName())
+		sha, err := baseGitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 		if err != nil {
-			ctx.ServerError(fmt.Sprintf("GetRefCommitID(%s)", pull.GetGitRefName()), err)
+			ctx.ServerError(fmt.Sprintf("GetRefCommitID(%s)", pull.GetGitHeadRefName()), err)
 			return nil
 		}
-		commitStatuses, _, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll)
+		commitStatuses, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll)
 		if err != nil {
 			ctx.ServerError("GetLatestCommitStatus", err)
 			return nil
@@ -373,7 +374,7 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 		}
 
 		compareInfo, err := baseGitRepo.GetCompareInfo(pull.BaseRepo.RepoPath(),
-			pull.MergeBase, pull.GetGitRefName(), false, false)
+			pull.MergeBase, pull.GetGitHeadRefName(), false, false)
 		if err != nil {
 			if strings.Contains(err.Error(), "fatal: Not a valid object name") {
 				ctx.Data["IsPullRequestBroken"] = true
@@ -406,12 +407,12 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 		if pull.Flow == issues_model.PullRequestFlowGithub {
 			headBranchExist = gitrepo.IsBranchExist(ctx, pull.HeadRepo, pull.HeadBranch)
 		} else {
-			headBranchExist = gitrepo.IsReferenceExist(ctx, pull.BaseRepo, pull.GetGitRefName())
+			headBranchExist = gitrepo.IsReferenceExist(ctx, pull.BaseRepo, pull.GetGitHeadRefName())
 		}
 
 		if headBranchExist {
 			if pull.Flow != issues_model.PullRequestFlowGithub {
-				headBranchSha, err = baseGitRepo.GetRefCommitID(pull.GetGitRefName())
+				headBranchSha, err = baseGitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 			} else {
 				headBranchSha, err = headGitRepo.GetBranchCommitID(pull.HeadBranch)
 			}
@@ -434,7 +435,7 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 		ctx.Data["GetCommitMessages"] = ""
 	}
 
-	sha, err := baseGitRepo.GetRefCommitID(pull.GetGitRefName())
+	sha, err := baseGitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 	if err != nil {
 		if git.IsErrNotExist(err) {
 			ctx.Data["IsPullRequestBroken"] = true
@@ -450,11 +451,11 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 			ctx.Data["NumFiles"] = 0
 			return nil
 		}
-		ctx.ServerError(fmt.Sprintf("GetRefCommitID(%s)", pull.GetGitRefName()), err)
+		ctx.ServerError(fmt.Sprintf("GetRefCommitID(%s)", pull.GetGitHeadRefName()), err)
 		return nil
 	}
 
-	commitStatuses, _, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll)
+	commitStatuses, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll)
 	if err != nil {
 		ctx.ServerError("GetLatestCommitStatus", err)
 		return nil
@@ -521,7 +522,7 @@ func prepareViewPullInfo(ctx *context.Context, issue *issues_model.Issue) *git.C
 	}
 
 	compareInfo, err := baseGitRepo.GetCompareInfo(pull.BaseRepo.RepoPath(),
-		git.BranchPrefix+pull.BaseBranch, pull.GetGitRefName(), false, false)
+		git.BranchPrefix+pull.BaseBranch, pull.GetGitHeadRefName(), false, false)
 	if err != nil {
 		if strings.Contains(err.Error(), "fatal: Not a valid object name") {
 			ctx.Data["IsPullRequestBroken"] = true
@@ -580,7 +581,7 @@ func GetPullCommits(ctx *context.Context) {
 	}
 	resp := &pullCommitList{}
 
-	commits, lastReviewCommitSha, err := pull_service.GetPullCommits(ctx, issue)
+	commits, lastReviewCommitSha, err := pull_service.GetPullCommits(ctx, ctx.Repo.GitRepo, ctx.Doer, issue)
 	if err != nil {
 		ctx.JSON(http.StatusInternalServerError, err)
 		return
@@ -642,8 +643,17 @@ func ViewPullCommits(ctx *context.Context) {
 	ctx.HTML(http.StatusOK, tplPullCommits)
 }
 
+func indexCommit(commits []*git.Commit, commitID string) *git.Commit {
+	for i := range commits {
+		if commits[i].ID.String() == commitID {
+			return commits[i]
+		}
+	}
+	return nil
+}
+
 // ViewPullFiles render pull request changed files list page
-func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommit string, willShowSpecifiedCommitRange, willShowSpecifiedCommit bool) {
+func viewPullFiles(ctx *context.Context, beforeCommitID, afterCommitID string) {
 	ctx.Data["PageIsPullList"] = true
 	ctx.Data["PageIsPullFiles"] = true
 
@@ -653,11 +663,7 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 	}
 	pull := issue.PullRequest
 
-	var (
-		startCommitID string
-		endCommitID   string
-		gitRepo       = ctx.Repo.GitRepo
-	)
+	gitRepo := ctx.Repo.GitRepo
 
 	prInfo := preparePullViewPullInfo(ctx, issue)
 	if ctx.Written() {
@@ -667,77 +673,68 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 		return
 	}
 
-	// Validate the given commit sha to show (if any passed)
-	if willShowSpecifiedCommit || willShowSpecifiedCommitRange {
-		foundStartCommit := len(specifiedStartCommit) == 0
-		foundEndCommit := len(specifiedEndCommit) == 0
-
-		if !(foundStartCommit && foundEndCommit) {
-			for _, commit := range prInfo.Commits {
-				if commit.ID.String() == specifiedStartCommit {
-					foundStartCommit = true
-				}
-				if commit.ID.String() == specifiedEndCommit {
-					foundEndCommit = true
-				}
-
-				if foundStartCommit && foundEndCommit {
-					break
-				}
-			}
-		}
-
-		if !(foundStartCommit && foundEndCommit) {
-			ctx.NotFound(nil)
-			return
-		}
-	}
-
-	if ctx.Written() {
-		return
-	}
-
-	headCommitID, err := gitRepo.GetRefCommitID(pull.GetGitRefName())
+	headCommitID, err := gitRepo.GetRefCommitID(pull.GetGitHeadRefName())
 	if err != nil {
 		ctx.ServerError("GetRefCommitID", err)
 		return
 	}
 
-	ctx.Data["IsShowingOnlySingleCommit"] = willShowSpecifiedCommit
+	isSingleCommit := beforeCommitID == "" && afterCommitID != ""
+	ctx.Data["IsShowingOnlySingleCommit"] = isSingleCommit
+	isShowAllCommits := (beforeCommitID == "" || beforeCommitID == prInfo.MergeBase) && (afterCommitID == "" || afterCommitID == headCommitID)
+	ctx.Data["IsShowingAllCommits"] = isShowAllCommits
 
-	if willShowSpecifiedCommit || willShowSpecifiedCommitRange {
-		if len(specifiedEndCommit) > 0 {
-			endCommitID = specifiedEndCommit
-		} else {
-			endCommitID = headCommitID
-		}
-		if len(specifiedStartCommit) > 0 {
-			startCommitID = specifiedStartCommit
+	if afterCommitID == "" || afterCommitID == headCommitID {
+		afterCommitID = headCommitID
+	}
+	afterCommit := indexCommit(prInfo.Commits, afterCommitID)
+	if afterCommit == nil {
+		ctx.HTTPError(http.StatusBadRequest, "after commit not found in PR commits")
+		return
+	}
+
+	var beforeCommit *git.Commit
+	if !isSingleCommit {
+		if beforeCommitID == "" || beforeCommitID == prInfo.MergeBase {
+			beforeCommitID = prInfo.MergeBase
+			// mergebase commit is not in the list of the pull request commits
+			beforeCommit, err = gitRepo.GetCommit(beforeCommitID)
+			if err != nil {
+				ctx.ServerError("GetCommit", err)
+				return
+			}
 		} else {
-			startCommitID = prInfo.MergeBase
+			beforeCommit = indexCommit(prInfo.Commits, beforeCommitID)
+			if beforeCommit == nil {
+				ctx.HTTPError(http.StatusBadRequest, "before commit not found in PR commits")
+				return
+			}
 		}
-		ctx.Data["IsShowingAllCommits"] = false
 	} else {
-		endCommitID = headCommitID
-		startCommitID = prInfo.MergeBase
-		ctx.Data["IsShowingAllCommits"] = true
+		beforeCommit, err = afterCommit.Parent(0)
+		if err != nil {
+			ctx.ServerError("Parent", err)
+			return
+		}
+		beforeCommitID = beforeCommit.ID.String()
 	}
 
 	ctx.Data["Username"] = ctx.Repo.Owner.Name
 	ctx.Data["Reponame"] = ctx.Repo.Repository.Name
-	ctx.Data["AfterCommitID"] = endCommitID
-	ctx.Data["BeforeCommitID"] = startCommitID
-
-	fileOnly := ctx.FormBool("file-only")
+	ctx.Data["MergeBase"] = prInfo.MergeBase
+	ctx.Data["AfterCommitID"] = afterCommitID
+	ctx.Data["BeforeCommitID"] = beforeCommitID
 
 	maxLines, maxFiles := setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffFiles
 	files := ctx.FormStrings("files")
+	fileOnly := ctx.FormBool("file-only")
 	if fileOnly && (len(files) == 2 || len(files) == 1) {
 		maxLines, maxFiles = -1, -1
 	}
 
 	diffOptions := &gitdiff.DiffOptions{
-		AfterCommitID:      endCommitID,
+		BeforeCommitID:     beforeCommitID,
+		AfterCommitID:      afterCommitID,
 		SkipTo:             ctx.FormString("skip-to"),
 		MaxLines:           maxLines,
 		MaxLineCharacters:  setting.Git.MaxGitDiffLineCharacters,
@@ -745,11 +742,7 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 		WhitespaceBehavior: gitdiff.GetWhitespaceFlag(ctx.Data["WhitespaceBehavior"].(string)),
 	}
 
-	if !willShowSpecifiedCommit {
-		diffOptions.BeforeCommitID = startCommitID
-	}
-
-	diff, err := gitdiff.GetDiffForRender(ctx, gitRepo, diffOptions, files...)
+	diff, err := gitdiff.GetDiffForRender(ctx, ctx.Repo.RepoLink, gitRepo, diffOptions, files...)
 	if err != nil {
 		ctx.ServerError("GetDiff", err)
 		return
@@ -759,19 +752,16 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 	// have to load only the diff and not get the viewed information
 	// as the viewed information is designed to be loaded only on latest PR
 	// diff and if you're signed in.
-	shouldGetUserSpecificDiff := false
-	if !ctx.IsSigned || willShowSpecifiedCommit || willShowSpecifiedCommitRange {
-		// do nothing
-	} else {
-		shouldGetUserSpecificDiff = true
-		err = gitdiff.SyncUserSpecificDiff(ctx, ctx.Doer.ID, pull, gitRepo, diff, diffOptions, files...)
+	var reviewState *pull_model.ReviewState
+	if ctx.IsSigned && isShowAllCommits {
+		reviewState, err = gitdiff.SyncUserSpecificDiff(ctx, ctx.Doer.ID, pull, gitRepo, diff, diffOptions)
 		if err != nil {
 			ctx.ServerError("SyncUserSpecificDiff", err)
 			return
 		}
 	}
 
-	diffShortStat, err := gitdiff.GetDiffShortStat(ctx.Repo.GitRepo, startCommitID, endCommitID)
+	diffShortStat, err := gitdiff.GetDiffShortStat(ctx.Repo.GitRepo, beforeCommitID, afterCommitID)
 	if err != nil {
 		ctx.ServerError("GetDiffShortStat", err)
 		return
@@ -818,39 +808,26 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 
 	if !fileOnly {
 		// note: use mergeBase is set to false because we already have the merge base from the pull request info
-		diffTree, err := gitdiff.GetDiffTree(ctx, gitRepo, false, startCommitID, endCommitID)
+		diffTree, err := gitdiff.GetDiffTree(ctx, gitRepo, false, beforeCommitID, afterCommitID)
 		if err != nil {
 			ctx.ServerError("GetDiffTree", err)
 			return
 		}
-
-		filesViewedState := make(map[string]pull_model.ViewedState)
-		if shouldGetUserSpecificDiff {
-			// This sort of sucks because we already fetch this when getting the diff
-			review, err := pull_model.GetNewestReviewState(ctx, ctx.Doer.ID, issue.ID)
-			if err == nil && review != nil && review.UpdatedFiles != nil {
-				// If there wasn't an error and we have a review with updated files, use that
-				filesViewedState = review.UpdatedFiles
-			}
+		var filesViewedState map[string]pull_model.ViewedState
+		if reviewState != nil {
+			filesViewedState = reviewState.UpdatedFiles
 		}
 
-		ctx.PageData["DiffFiles"] = transformDiffTreeForUI(diffTree, filesViewedState)
+		renderedIconPool := fileicon.NewRenderedIconPool()
+		ctx.PageData["DiffFileTree"] = transformDiffTreeForWeb(renderedIconPool, diffTree, filesViewedState)
+		ctx.PageData["FolderIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolder())
+		ctx.PageData["FolderOpenIcon"] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolderOpen())
+		ctx.Data["FileIconPoolHTML"] = renderedIconPool.RenderToHTML()
 	}
 
 	ctx.Data["Diff"] = diff
 	ctx.Data["DiffNotAvailable"] = diffShortStat.NumFiles == 0
 
-	baseCommit, err := ctx.Repo.GitRepo.GetCommit(startCommitID)
-	if err != nil {
-		ctx.ServerError("GetCommit", err)
-		return
-	}
-	commit, err := gitRepo.GetCommit(endCommitID)
-	if err != nil {
-		ctx.ServerError("GetCommit", err)
-		return
-	}
-
 	if ctx.IsSigned && ctx.Doer != nil {
 		if ctx.Data["CanMarkConversation"], err = issues_model.CanMarkConversation(ctx, issue, ctx.Doer); err != nil {
 			ctx.ServerError("CanMarkConversation", err)
@@ -858,7 +835,7 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 		}
 	}
 
-	setCompareContext(ctx, baseCommit, commit, ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)
+	setCompareContext(ctx, beforeCommit, afterCommit, ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)
 
 	assigneeUsers, err := repo_model.GetRepoAssignees(ctx, ctx.Repo.Repository)
 	if err != nil {
@@ -905,7 +882,7 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 	ctx.Data["CanBlockUser"] = func(blocker, blockee *user_model.User) bool {
 		return user_service.CanBlockUser(ctx, ctx.Doer, blocker, blockee)
 	}
-	if !willShowSpecifiedCommit && !willShowSpecifiedCommitRange && pull.Flow == issues_model.PullRequestFlowGithub {
+	if isShowAllCommits && pull.Flow == issues_model.PullRequestFlowGithub {
 		if err := pull.LoadHeadRepo(ctx); err != nil {
 			ctx.ServerError("LoadHeadRepo", err)
 			return
@@ -934,19 +911,17 @@ func viewPullFiles(ctx *context.Context, specifiedStartCommit, specifiedEndCommi
 }
 
 func ViewPullFilesForSingleCommit(ctx *context.Context) {
-	viewPullFiles(ctx, "", ctx.PathParam("sha"), true, true)
+	// it doesn't support showing files from mergebase to the special commit
+	// otherwise it will be ambiguous
+	viewPullFiles(ctx, "", ctx.PathParam("sha"))
 }
 
 func ViewPullFilesForRange(ctx *context.Context) {
-	viewPullFiles(ctx, ctx.PathParam("shaFrom"), ctx.PathParam("shaTo"), true, false)
-}
-
-func ViewPullFilesStartingFromCommit(ctx *context.Context) {
-	viewPullFiles(ctx, "", ctx.PathParam("sha"), true, false)
+	viewPullFiles(ctx, ctx.PathParam("shaFrom"), ctx.PathParam("shaTo"))
 }
 
 func ViewPullFilesForAllCommitsOfPr(ctx *context.Context) {
-	viewPullFiles(ctx, "", "", false, false)
+	viewPullFiles(ctx, "", "")
 }
 
 // UpdatePullRequest merge PR's baseBranch into headBranch
@@ -991,7 +966,9 @@ func UpdatePullRequest(ctx *context.Context) {
 	// default merge commit message
 	message := fmt.Sprintf("Merge branch '%s' into %s", issue.PullRequest.BaseBranch, issue.PullRequest.HeadBranch)
 
-	if err = pull_service.Update(ctx, issue.PullRequest, ctx.Doer, message, rebase); err != nil {
+	// The update process should not be cancelled by the user
+	// so we set the context to be a background context
+	if err = pull_service.Update(graceful.GetManager().ShutdownContext(), issue.PullRequest, ctx.Doer, message, rebase); err != nil {
 		if pull_service.IsErrMergeConflicts(err) {
 			conflictError := err.(pull_service.ErrMergeConflicts)
 			flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{
@@ -1063,7 +1040,7 @@ func MergePullRequest(ctx *context.Context) {
 			} else {
 				ctx.JSONError(ctx.Tr("repo.issues.closed_title"))
 			}
-		case errors.Is(err, pull_service.ErrUserNotAllowedToMerge):
+		case errors.Is(err, pull_service.ErrNoPermissionToMerge):
 			ctx.JSONError(ctx.Tr("repo.pulls.update_not_allowed"))
 		case errors.Is(err, pull_service.ErrHasMerged):
 			ctx.JSONError(ctx.Tr("repo.pulls.has_merged"))
@@ -1071,7 +1048,7 @@ func MergePullRequest(ctx *context.Context) {
 			ctx.JSONError(ctx.Tr("repo.pulls.no_merge_wip"))
 		case errors.Is(err, pull_service.ErrNotMergeableState):
 			ctx.JSONError(ctx.Tr("repo.pulls.no_merge_not_ready"))
-		case pull_service.IsErrDisallowedToMerge(err):
+		case errors.Is(err, pull_service.ErrNotReadyToMerge):
 			ctx.JSONError(ctx.Tr("repo.pulls.no_merge_not_ready"))
 		case asymkey_service.IsErrWontSign(err):
 			ctx.JSONError(err.Error()) // has no translation ...
@@ -1260,13 +1237,23 @@ func CancelAutoMergePullRequest(ctx *context.Context) {
 }
 
 func stopTimerIfAvailable(ctx *context.Context, user *user_model.User, issue *issues_model.Issue) error {
-	if issues_model.StopwatchExists(ctx, user.ID, issue.ID) {
-		if err := issues_model.CreateOrStopIssueStopwatch(ctx, user, issue); err != nil {
-			return err
+	_, err := issues_model.FinishIssueStopwatch(ctx, user, issue)
+	return err
+}
+
+func PullsNewRedirect(ctx *context.Context) {
+	branch := ctx.PathParam("*")
+	redirectRepo := ctx.Repo.Repository
+	repo := ctx.Repo.Repository
+	if repo.IsFork {
+		if err := repo.GetBaseRepo(ctx); err != nil {
+			ctx.ServerError("GetBaseRepo", err)
+			return
 		}
+		redirectRepo = repo.BaseRepo
+		branch = fmt.Sprintf("%s:%s", repo.OwnerName, branch)
 	}
-
-	return nil
+	ctx.Redirect(fmt.Sprintf("%s/compare/%s...%s?expand=1", redirectRepo.Link(), util.PathEscapeSegments(redirectRepo.DefaultBranch), util.PathEscapeSegments(branch)))
 }
 
 // CompareAndPullRequestPost response for creating pull request
@@ -1286,11 +1273,6 @@ func CompareAndPullRequestPost(ctx *context.Context) {
 	)
 
 	ci := ParseCompareInfo(ctx)
-	defer func() {
-		if ci != nil && ci.HeadGitRepo != nil {
-			ci.HeadGitRepo.Close()
-		}
-	}()
 	if ctx.Written() {
 		return
 	}
@@ -1506,7 +1488,7 @@ func CleanUpPullRequest(ctx *context.Context) {
 	}()
 
 	// Check if branch has no new commits
-	headCommitID, err := gitBaseRepo.GetRefCommitID(pr.GetGitRefName())
+	headCommitID, err := gitBaseRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	if err != nil {
 		log.Error("GetRefCommitID: %v", err)
 		ctx.Flash.Error(ctx.Tr("repo.branch.deletion_failed", fullBranchName))
diff --git a/routers/web/repo/pull_review.go b/routers/web/repo/pull_review.go
index fb92d24394..18e14e9b22 100644
--- a/routers/web/repo/pull_review.go
+++ b/routers/web/repo/pull_review.go
@@ -49,7 +49,7 @@ func RenderNewCodeCommentForm(ctx *context.Context) {
 	ctx.Data["PageIsPullFiles"] = true
 	ctx.Data["Issue"] = issue
 	ctx.Data["CurrentReview"] = currentReview
-	pullHeadCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(issue.PullRequest.GetGitRefName())
+	pullHeadCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(issue.PullRequest.GetGitHeadRefName())
 	if err != nil {
 		ctx.ServerError("GetRefCommitID", err)
 		return
@@ -199,7 +199,7 @@ func renderConversation(ctx *context.Context, comment *issues_model.Comment, ori
 		ctx.ServerError("comment.Issue.LoadPullRequest", err)
 		return
 	}
-	pullHeadCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(comment.Issue.PullRequest.GetGitRefName())
+	pullHeadCommitID, err := ctx.Repo.GitRepo.GetRefCommitID(comment.Issue.PullRequest.GetGitHeadRefName())
 	if err != nil {
 		ctx.ServerError("GetRefCommitID", err)
 		return
@@ -209,11 +209,12 @@ func renderConversation(ctx *context.Context, comment *issues_model.Comment, ori
 		return user_service.CanBlockUser(ctx, ctx.Doer, blocker, blockee)
 	}
 
-	if origin == "diff" {
+	switch origin {
+	case "diff":
 		ctx.HTML(http.StatusOK, tplDiffConversation)
-	} else if origin == "timeline" {
+	case "timeline":
 		ctx.HTML(http.StatusOK, tplTimelineConversation)
-	} else {
+	default:
 		ctx.HTTPError(http.StatusBadRequest, "Unknown origin: "+origin)
 	}
 }
diff --git a/routers/web/repo/recent_commits.go b/routers/web/repo/recent_commits.go
index 228eb0dbac..2660116062 100644
--- a/routers/web/repo/recent_commits.go
+++ b/routers/web/repo/recent_commits.go
@@ -4,12 +4,10 @@
 package repo
 
 import (
-	"errors"
 	"net/http"
 
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/services/context"
-	contributors_service "code.gitea.io/gitea/services/repository"
 )
 
 const (
@@ -26,16 +24,3 @@ func RecentCommits(ctx *context.Context) {
 
 	ctx.HTML(http.StatusOK, tplRecentCommits)
 }
-
-// RecentCommitsData returns JSON of recent commits data
-func RecentCommitsData(ctx *context.Context) {
-	if contributorStats, err := contributors_service.GetContributorStats(ctx, ctx.Cache, ctx.Repo.Repository, ctx.Repo.Repository.DefaultBranch); err != nil {
-		if errors.Is(err, contributors_service.ErrAwaitGeneration) {
-			ctx.Status(http.StatusAccepted)
-			return
-		}
-		ctx.ServerError("RecentCommitsData", err)
-	} else {
-		ctx.JSON(http.StatusOK, contributorStats["total"].Weeks)
-	}
-}
diff --git a/routers/web/repo/release.go b/routers/web/repo/release.go
index 553bdbf6e5..36ea20c23e 100644
--- a/routers/web/repo/release.go
+++ b/routers/web/repo/release.go
@@ -8,6 +8,7 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/models/db"
@@ -102,7 +103,7 @@ func getReleaseInfos(ctx *context.Context, opts *repo_model.FindReleasesOptions)
 	releaseInfos := make([]*ReleaseInfo, 0, len(releases))
 	for _, r := range releases {
 		if r.Publisher, ok = cacheUsers[r.PublisherID]; !ok {
-			r.Publisher, err = user_model.GetUserByID(ctx, r.PublisherID)
+			r.Publisher, err = user_model.GetPossibleUserByID(ctx, r.PublisherID)
 			if err != nil {
 				if user_model.IsErrUserNotExist(err) {
 					r.Publisher = user_model.NewGhostUser()
@@ -113,7 +114,9 @@ func getReleaseInfos(ctx *context.Context, opts *repo_model.FindReleasesOptions)
 			cacheUsers[r.PublisherID] = r.Publisher
 		}
 
-		rctx := renderhelper.NewRenderContextRepoComment(ctx, r.Repo)
+		rctx := renderhelper.NewRenderContextRepoComment(ctx, r.Repo, renderhelper.RepoCommentOptions{
+			FootnoteContextID: strconv.FormatInt(r.ID, 10),
+		})
 		r.RenderedNote, err = markdown.RenderString(rctx, r.Note)
 		if err != nil {
 			return nil, err
@@ -130,7 +133,7 @@ func getReleaseInfos(ctx *context.Context, opts *repo_model.FindReleasesOptions)
 		}
 
 		if canReadActions {
-			statuses, _, err := git_model.GetLatestCommitStatus(ctx, r.Repo.ID, r.Sha1, db.ListOptionsAll)
+			statuses, err := git_model.GetLatestCommitStatus(ctx, r.Repo.ID, r.Sha1, db.ListOptionsAll)
 			if err != nil {
 				return nil, err
 			}
@@ -378,7 +381,7 @@ func NewRelease(ctx *context.Context) {
 
 			ctx.Data["ShowCreateTagOnlyButton"] = false
 			ctx.Data["tag_name"] = rel.TagName
-			ctx.Data["tag_target"] = rel.Target
+			ctx.Data["tag_target"] = util.IfZero(rel.Target, ctx.Repo.Repository.DefaultBranch)
 			ctx.Data["title"] = rel.Title
 			ctx.Data["content"] = rel.Note
 			ctx.Data["attachments"] = rel.Attachments
@@ -534,7 +537,7 @@ func EditRelease(ctx *context.Context) {
 	}
 	ctx.Data["ID"] = rel.ID
 	ctx.Data["tag_name"] = rel.TagName
-	ctx.Data["tag_target"] = rel.Target
+	ctx.Data["tag_target"] = util.IfZero(rel.Target, ctx.Repo.Repository.DefaultBranch)
 	ctx.Data["title"] = rel.Title
 	ctx.Data["content"] = rel.Note
 	ctx.Data["prerelease"] = rel.IsPrerelease
@@ -580,7 +583,7 @@ func EditReleasePost(ctx *context.Context) {
 		return
 	}
 	ctx.Data["tag_name"] = rel.TagName
-	ctx.Data["tag_target"] = rel.Target
+	ctx.Data["tag_target"] = util.IfZero(rel.Target, ctx.Repo.Repository.DefaultBranch)
 	ctx.Data["title"] = rel.Title
 	ctx.Data["content"] = rel.Note
 	ctx.Data["prerelease"] = rel.IsPrerelease
diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
index 73baf683ed..1b700aa6da 100644
--- a/routers/web/repo/repo.go
+++ b/routers/web/repo/repo.go
@@ -87,17 +87,13 @@ func checkContextUser(ctx *context.Context, uid int64) *user_model.User {
 		return nil
 	}
 
-	if !ctx.Doer.IsAdmin {
-		orgsAvailable := []*organization.Organization{}
-		for i := 0; i < len(orgs); i++ {
-			if orgs[i].CanCreateRepo() {
-				orgsAvailable = append(orgsAvailable, orgs[i])
-			}
+	var orgsAvailable []*organization.Organization
+	for i := range orgs {
+		if ctx.Doer.CanCreateRepoIn(orgs[i].AsUser()) {
+			orgsAvailable = append(orgsAvailable, orgs[i])
 		}
-		ctx.Data["Orgs"] = orgsAvailable
-	} else {
-		ctx.Data["Orgs"] = orgs
 	}
+	ctx.Data["Orgs"] = orgsAvailable
 
 	// Not equal means current user is an organization.
 	if uid == ctx.Doer.ID || uid == 0 {
@@ -154,8 +150,8 @@ func createCommon(ctx *context.Context) {
 	ctx.Data["Licenses"] = repo_module.Licenses
 	ctx.Data["Readmes"] = repo_module.Readmes
 	ctx.Data["IsForcedPrivate"] = setting.Repository.ForcePrivate
-	ctx.Data["CanCreateRepo"] = ctx.Doer.CanCreateRepo()
-	ctx.Data["MaxCreationLimit"] = ctx.Doer.MaxCreationLimit()
+	ctx.Data["CanCreateRepoInDoer"] = ctx.Doer.CanCreateRepoIn(ctx.Doer)
+	ctx.Data["MaxCreationLimitOfDoer"] = ctx.Doer.MaxCreationLimit()
 	ctx.Data["SupportedObjectFormats"] = git.DefaultFeatures().SupportedObjectFormats
 	ctx.Data["DefaultObjectFormat"] = git.Sha1ObjectFormat
 }
@@ -305,11 +301,15 @@ func CreatePost(ctx *context.Context) {
 }
 
 func handleActionError(ctx *context.Context, err error) {
-	if errors.Is(err, user_model.ErrBlockedUser) {
+	switch {
+	case errors.Is(err, user_model.ErrBlockedUser):
 		ctx.Flash.Error(ctx.Tr("repo.action.blocked_user"))
-	} else if errors.Is(err, util.ErrPermissionDenied) {
+	case repo_service.IsRepositoryLimitReached(err):
+		limit := err.(repo_service.LimitReachedError).Limit
+		ctx.Flash.Error(ctx.TrN(limit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", limit))
+	case errors.Is(err, util.ErrPermissionDenied):
 		ctx.HTTPError(http.StatusNotFound)
-	} else {
+	default:
 		ctx.ServerError(fmt.Sprintf("Action (%s)", ctx.PathParam("action")), err)
 	}
 }
@@ -398,7 +398,7 @@ func download(ctx *context.Context, archiveName string, archiver *repo_model.Rep
 	rPath := archiver.RelativePath()
 	if setting.RepoArchive.Storage.ServeDirect() {
 		// If we have a signed url (S3, object storage), redirect to this directly.
-		u, err := storage.RepoArchives.URL(rPath, downloadName, nil)
+		u, err := storage.RepoArchives.URL(rPath, downloadName, ctx.Req.Method, nil)
 		if u != nil && err == nil {
 			ctx.Redirect(u.String())
 			return
@@ -461,7 +461,7 @@ func SearchRepo(ctx *context.Context) {
 	if page <= 0 {
 		page = 1
 	}
-	opts := &repo_model.SearchRepoOptions{
+	opts := repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			Page:     page,
 			PageSize: convert.ToCorrectPageSize(ctx.FormInt("limit")),
diff --git a/routers/web/repo/setting/lfs.go b/routers/web/repo/setting/lfs.go
index 655291d25c..af6708e841 100644
--- a/routers/web/repo/setting/lfs.go
+++ b/routers/web/repo/setting/lfs.go
@@ -18,6 +18,7 @@ import (
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/git/pipeline"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
@@ -44,10 +45,7 @@ func LFSFiles(ctx *context.Context) {
 		ctx.NotFound(nil)
 		return
 	}
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	total, err := git_model.CountLFSMetaObjects(ctx, ctx.Repo.Repository.ID)
 	if err != nil {
 		ctx.ServerError("LFSFiles", err)
@@ -76,10 +74,7 @@ func LFSLocks(ctx *context.Context) {
 	}
 	ctx.Data["LFSFilesLink"] = ctx.Repo.RepoLink + "/settings/lfs"
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	total, err := git_model.CountLFSLockByRepoID(ctx, ctx.Repo.Repository.ID)
 	if err != nil {
 		ctx.ServerError("LFSLocks", err)
@@ -109,17 +104,13 @@ func LFSLocks(ctx *context.Context) {
 	}
 
 	// Clone base repo.
-	tmpBasePath, err := repo_module.CreateTemporaryPath("locks")
+	tmpBasePath, cleanup, err := repo_module.CreateTemporaryPath("locks")
 	if err != nil {
 		log.Error("Failed to create temporary path: %v", err)
 		ctx.ServerError("LFSLocks", err)
 		return
 	}
-	defer func() {
-		if err := repo_module.RemoveTemporaryPath(tmpBasePath); err != nil {
-			log.Error("LFSLocks: RemoveTemporaryPath: %v", err)
-		}
-	}()
+	defer cleanup()
 
 	if err := git.Clone(ctx, ctx.Repo.Repository.RepoPath(), tmpBasePath, git.CloneRepoOptions{
 		Bare:   true,
@@ -138,39 +129,24 @@ func LFSLocks(ctx *context.Context) {
 	}
 	defer gitRepo.Close()
 
-	filenames := make([]string, len(lfsLocks))
-
-	for i, lock := range lfsLocks {
-		filenames[i] = lock.Path
-	}
-
-	if err := gitRepo.ReadTreeToIndex(ctx.Repo.Repository.DefaultBranch); err != nil {
-		log.Error("Unable to read the default branch to the index: %s (%v)", ctx.Repo.Repository.DefaultBranch, err)
-		ctx.ServerError("LFSLocks", fmt.Errorf("unable to read the default branch to the index: %s (%w)", ctx.Repo.Repository.DefaultBranch, err))
-		return
-	}
-
-	name2attribute2info, err := gitRepo.CheckAttribute(git.CheckAttributeOpts{
-		Attributes: []string{"lockable"},
-		Filenames:  filenames,
-		CachedOnly: true,
-	})
+	checker, err := attribute.NewBatchChecker(gitRepo, ctx.Repo.Repository.DefaultBranch, []string{attribute.Lockable})
 	if err != nil {
 		log.Error("Unable to check attributes in %s (%v)", tmpBasePath, err)
 		ctx.ServerError("LFSLocks", err)
 		return
 	}
+	defer checker.Close()
 
 	lockables := make([]bool, len(lfsLocks))
+	filenames := make([]string, len(lfsLocks))
 	for i, lock := range lfsLocks {
-		attribute2info, has := name2attribute2info[lock.Path]
-		if !has {
-			continue
-		}
-		if attribute2info["lockable"] != "set" {
+		filenames[i] = lock.Path
+		attrs, err := checker.CheckPath(lock.Path)
+		if err != nil {
+			log.Error("Unable to check attributes in %s: %s (%v)", tmpBasePath, lock.Path, err)
 			continue
 		}
-		lockables[i] = true
+		lockables[i] = attrs.Get(attribute.Lockable).ToBool().Value()
 	}
 	ctx.Data["Lockables"] = lockables
 
@@ -291,8 +267,10 @@ func LFSFileGet(ctx *context.Context) {
 	buf = buf[:n]
 
 	st := typesniffer.DetectContentType(buf)
+	// FIXME: there is no IsPlainText set, but template uses it
 	ctx.Data["IsTextFile"] = st.IsText()
 	ctx.Data["FileSize"] = meta.Size
+	// FIXME: the last field is the URL-base64-encoded filename, it should not be "direct"
 	ctx.Data["RawFileLink"] = fmt.Sprintf("%s%s/%s.git/info/lfs/objects/%s/%s", setting.AppURL, url.PathEscape(ctx.Repo.Repository.OwnerName), url.PathEscape(ctx.Repo.Repository.Name), url.PathEscape(meta.Oid), "direct")
 	switch {
 	case st.IsRepresentableAsText():
@@ -333,8 +311,6 @@ func LFSFileGet(ctx *context.Context) {
 		}
 		ctx.Data["LineNums"] = gotemplate.HTML(output.String())
 
-	case st.IsPDF():
-		ctx.Data["IsPDFFile"] = true
 	case st.IsVideo():
 		ctx.Data["IsVideoFile"] = true
 	case st.IsAudio():
diff --git a/routers/web/repo/setting/protected_branch.go b/routers/web/repo/setting/protected_branch.go
index 75de2ba1e7..0eea5e3f34 100644
--- a/routers/web/repo/setting/protected_branch.go
+++ b/routers/web/repo/setting/protected_branch.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 	"time"
 
@@ -16,6 +17,7 @@ import (
 	"code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/web"
@@ -88,7 +90,7 @@ func SettingsProtectedBranch(c *context.Context) {
 	c.Data["recent_status_checks"] = contexts
 
 	if c.Repo.Owner.IsOrganization() {
-		teams, err := organization.OrgFromUser(c.Repo.Owner).TeamsWithAccessToRepo(c, c.Repo.Repository.ID, perm.AccessModeRead)
+		teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(c, c.Repo.Owner.ID, c.Repo.Repository.ID, perm.AccessModeRead, unit.TypeCode, unit.TypePullRequests)
 		if err != nil {
 			c.ServerError("Repo.Owner.TeamsWithAccessToRepo", err)
 			return
@@ -110,7 +112,7 @@ func SettingsProtectedBranchPost(ctx *context.Context) {
 	var protectBranch *git_model.ProtectedBranch
 	if f.RuleName == "" {
 		ctx.Flash.Error(ctx.Tr("repo.settings.protected_branch_required_rule_name"))
-		ctx.Redirect(fmt.Sprintf("%s/settings/branches/edit", ctx.Repo.RepoLink))
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings/branches/edit")
 		return
 	}
 
@@ -283,32 +285,32 @@ func SettingsProtectedBranchPost(ctx *context.Context) {
 func DeleteProtectedBranchRulePost(ctx *context.Context) {
 	ruleID := ctx.PathParamInt64("id")
 	if ruleID <= 0 {
-		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", fmt.Sprintf("%d", ruleID)))
-		ctx.JSONRedirect(fmt.Sprintf("%s/settings/branches", ctx.Repo.RepoLink))
+		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", strconv.FormatInt(ruleID, 10)))
+		ctx.JSONRedirect(ctx.Repo.RepoLink + "/settings/branches")
 		return
 	}
 
 	rule, err := git_model.GetProtectedBranchRuleByID(ctx, ctx.Repo.Repository.ID, ruleID)
 	if err != nil {
-		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", fmt.Sprintf("%d", ruleID)))
-		ctx.JSONRedirect(fmt.Sprintf("%s/settings/branches", ctx.Repo.RepoLink))
+		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", strconv.FormatInt(ruleID, 10)))
+		ctx.JSONRedirect(ctx.Repo.RepoLink + "/settings/branches")
 		return
 	}
 
 	if rule == nil {
-		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", fmt.Sprintf("%d", ruleID)))
-		ctx.JSONRedirect(fmt.Sprintf("%s/settings/branches", ctx.Repo.RepoLink))
+		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", strconv.FormatInt(ruleID, 10)))
+		ctx.JSONRedirect(ctx.Repo.RepoLink + "/settings/branches")
 		return
 	}
 
 	if err := git_model.DeleteProtectedBranch(ctx, ctx.Repo.Repository, ruleID); err != nil {
 		ctx.Flash.Error(ctx.Tr("repo.settings.remove_protected_branch_failed", rule.RuleName))
-		ctx.JSONRedirect(fmt.Sprintf("%s/settings/branches", ctx.Repo.RepoLink))
+		ctx.JSONRedirect(ctx.Repo.RepoLink + "/settings/branches")
 		return
 	}
 
 	ctx.Flash.Success(ctx.Tr("repo.settings.remove_protected_branch_success", rule.RuleName))
-	ctx.JSONRedirect(fmt.Sprintf("%s/settings/branches", ctx.Repo.RepoLink))
+	ctx.JSONRedirect(ctx.Repo.RepoLink + "/settings/branches")
 }
 
 func UpdateBranchProtectionPriories(ctx *context.Context) {
@@ -332,7 +334,7 @@ func RenameBranchPost(ctx *context.Context) {
 
 	if ctx.HasError() {
 		ctx.Flash.Error(ctx.GetErrMsg())
-		ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+		ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		return
 	}
 
@@ -341,13 +343,13 @@ func RenameBranchPost(ctx *context.Context) {
 		switch {
 		case repo_model.IsErrUserDoesNotHaveAccessToRepo(err):
 			ctx.Flash.Error(ctx.Tr("repo.branch.rename_default_or_protected_branch_error"))
-			ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+			ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		case git_model.IsErrBranchAlreadyExists(err):
 			ctx.Flash.Error(ctx.Tr("repo.branch.branch_already_exists", form.To))
-			ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+			ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		case errors.Is(err, git_model.ErrBranchIsProtected):
 			ctx.Flash.Error(ctx.Tr("repo.branch.rename_protected_branch_failed"))
-			ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+			ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		default:
 			ctx.ServerError("RenameBranch", err)
 		}
@@ -356,16 +358,16 @@ func RenameBranchPost(ctx *context.Context) {
 
 	if msg == "target_exist" {
 		ctx.Flash.Error(ctx.Tr("repo.settings.rename_branch_failed_exist", form.To))
-		ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+		ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		return
 	}
 
 	if msg == "from_not_exist" {
 		ctx.Flash.Error(ctx.Tr("repo.settings.rename_branch_failed_not_exist", form.From))
-		ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+		ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 		return
 	}
 
 	ctx.Flash.Success(ctx.Tr("repo.settings.rename_branch_success", form.From, form.To))
-	ctx.Redirect(fmt.Sprintf("%s/branches", ctx.Repo.RepoLink))
+	ctx.Redirect(ctx.Repo.RepoLink + "/branches")
 }
diff --git a/routers/web/repo/setting/protected_tag.go b/routers/web/repo/setting/protected_tag.go
index 33692778d5..50f5a28c4c 100644
--- a/routers/web/repo/setting/protected_tag.go
+++ b/routers/web/repo/setting/protected_tag.go
@@ -12,6 +12,7 @@ import (
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
@@ -156,7 +157,7 @@ func setTagsContext(ctx *context.Context) error {
 	ctx.Data["Users"] = users
 
 	if ctx.Repo.Owner.IsOrganization() {
-		teams, err := organization.OrgFromUser(ctx.Repo.Owner).TeamsWithAccessToRepo(ctx, ctx.Repo.Repository.ID, perm.AccessModeRead)
+		teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, ctx.Repo.Owner.ID, ctx.Repo.Repository.ID, perm.AccessModeRead, unit.TypeCode, unit.TypePullRequests)
 		if err != nil {
 			ctx.ServerError("Repo.Owner.TeamsWithAccessToRepo", err)
 			return err
diff --git a/routers/web/repo/setting/public_access.go b/routers/web/repo/setting/public_access.go
new file mode 100644
index 0000000000..368d34294a
--- /dev/null
+++ b/routers/web/repo/setting/public_access.go
@@ -0,0 +1,155 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+import (
+	"net/http"
+	"slices"
+	"strconv"
+
+	"code.gitea.io/gitea/models/perm"
+	"code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unit"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+)
+
+const tplRepoSettingsPublicAccess templates.TplName = "repo/settings/public_access"
+
+func parsePublicAccessMode(permission string, allowed []string) (ret struct {
+	AnonymousAccessMode, EveryoneAccessMode perm.AccessMode
+},
+) {
+	ret.AnonymousAccessMode = perm.AccessModeNone
+	ret.EveryoneAccessMode = perm.AccessModeNone
+
+	// if site admin forces repositories to be private, then do not allow any other access mode,
+	// otherwise the "force private" setting would be bypassed
+	if setting.Repository.ForcePrivate {
+		return ret
+	}
+	if !slices.Contains(allowed, permission) {
+		return ret
+	}
+	switch permission {
+	case paAnonymousRead:
+		ret.AnonymousAccessMode = perm.AccessModeRead
+	case paEveryoneRead:
+		ret.EveryoneAccessMode = perm.AccessModeRead
+	case paEveryoneWrite:
+		ret.EveryoneAccessMode = perm.AccessModeWrite
+	}
+	return ret
+}
+
+const (
+	paNotSet        = "not-set"
+	paAnonymousRead = "anonymous-read"
+	paEveryoneRead  = "everyone-read"
+	paEveryoneWrite = "everyone-write"
+)
+
+type repoUnitPublicAccess struct {
+	UnitType          unit.Type
+	FormKey           string
+	DisplayName       string
+	PublicAccessTypes []string
+	UnitPublicAccess  string
+}
+
+func repoUnitPublicAccesses(ctx *context.Context) []*repoUnitPublicAccess {
+	accesses := []*repoUnitPublicAccess{
+		{
+			UnitType:          unit.TypeCode,
+			DisplayName:       ctx.Locale.TrString("repo.code"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypeIssues,
+			DisplayName:       ctx.Locale.TrString("issues"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypePullRequests,
+			DisplayName:       ctx.Locale.TrString("pull_requests"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypeReleases,
+			DisplayName:       ctx.Locale.TrString("repo.releases"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypeWiki,
+			DisplayName:       ctx.Locale.TrString("repo.wiki"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead, paEveryoneWrite},
+		},
+		{
+			UnitType:          unit.TypeProjects,
+			DisplayName:       ctx.Locale.TrString("repo.projects"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypePackages,
+			DisplayName:       ctx.Locale.TrString("repo.packages"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+		{
+			UnitType:          unit.TypeActions,
+			DisplayName:       ctx.Locale.TrString("repo.actions"),
+			PublicAccessTypes: []string{paAnonymousRead, paEveryoneRead},
+		},
+	}
+	for _, ua := range accesses {
+		ua.FormKey = "repo-unit-access-" + strconv.Itoa(int(ua.UnitType))
+		for _, u := range ctx.Repo.Repository.Units {
+			if u.Type == ua.UnitType {
+				ua.UnitPublicAccess = paNotSet
+				switch {
+				case u.EveryoneAccessMode == perm.AccessModeWrite:
+					ua.UnitPublicAccess = paEveryoneWrite
+				case u.EveryoneAccessMode == perm.AccessModeRead:
+					ua.UnitPublicAccess = paEveryoneRead
+				case u.AnonymousAccessMode == perm.AccessModeRead:
+					ua.UnitPublicAccess = paAnonymousRead
+				}
+				break
+			}
+		}
+	}
+	return slices.DeleteFunc(accesses, func(ua *repoUnitPublicAccess) bool {
+		return ua.UnitPublicAccess == ""
+	})
+}
+
+func PublicAccess(ctx *context.Context) {
+	ctx.Data["PageIsSettingsPublicAccess"] = true
+	ctx.Data["RepoUnitPublicAccesses"] = repoUnitPublicAccesses(ctx)
+	ctx.Data["GlobalForcePrivate"] = setting.Repository.ForcePrivate
+	if setting.Repository.ForcePrivate {
+		ctx.Flash.Error(ctx.Tr("form.repository_force_private"), true)
+	}
+	ctx.HTML(http.StatusOK, tplRepoSettingsPublicAccess)
+}
+
+func PublicAccessPost(ctx *context.Context) {
+	accesses := repoUnitPublicAccesses(ctx)
+	for _, ua := range accesses {
+		formVal := ctx.FormString(ua.FormKey)
+		parsed := parsePublicAccessMode(formVal, ua.PublicAccessTypes)
+		err := repo.UpdateRepoUnitPublicAccess(ctx, &repo.RepoUnit{
+			RepoID:              ctx.Repo.Repository.ID,
+			Type:                ua.UnitType,
+			AnonymousAccessMode: parsed.AnonymousAccessMode,
+			EveryoneAccessMode:  parsed.EveryoneAccessMode,
+		})
+		if err != nil {
+			ctx.ServerError("UpdateRepoUnitPublicAccess", err)
+			return
+		}
+	}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(ctx.Repo.Repository.Link() + "/settings/public_access")
+}
diff --git a/routers/web/repo/setting/secrets.go b/routers/web/repo/setting/secrets.go
index 46cb875f9b..c6e2d18249 100644
--- a/routers/web/repo/setting/secrets.go
+++ b/routers/web/repo/setting/secrets.go
@@ -44,9 +44,8 @@ func getSecretsCtx(ctx *context.Context) (*secretsCtx, error) {
 	}
 
 	if ctx.Data["PageIsOrgSettings"] == true {
-		err := shared_user.LoadHeaderCount(ctx)
-		if err != nil {
-			ctx.ServerError("LoadHeaderCount", err)
+		if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+			ctx.ServerError("RenderUserOrgHeader", err)
 			return nil, nil
 		}
 		return &secretsCtx{
diff --git a/routers/web/repo/setting/setting.go b/routers/web/repo/setting/setting.go
index ac7eb768fa..0865d9d7c0 100644
--- a/routers/web/repo/setting/setting.go
+++ b/routers/web/repo/setting/setting.go
@@ -6,14 +6,12 @@ package setting
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 	"strings"
 	"time"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/organization"
-	"code.gitea.io/gitea/models/perm"
 	repo_model "code.gitea.io/gitea/models/repo"
 	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
@@ -37,6 +35,8 @@ import (
 	mirror_service "code.gitea.io/gitea/services/mirror"
 	repo_service "code.gitea.io/gitea/services/repository"
 	wiki_service "code.gitea.io/gitea/services/wiki"
+
+	"xorm.io/xorm/convert"
 )
 
 const (
@@ -48,15 +48,6 @@ const (
 	tplDeployKeys      templates.TplName = "repo/settings/deploy_keys"
 )
 
-func parseEveryoneAccessMode(permission string, allowed ...perm.AccessMode) perm.AccessMode {
-	// if site admin forces repositories to be private, then do not allow any other access mode,
-	// otherwise the "force private" setting would be bypassed
-	if setting.Repository.ForcePrivate {
-		return perm.AccessModeNone
-	}
-	return perm.ParseAccessMode(permission, allowed...)
-}
-
 // SettingsCtxData is a middleware that sets all the general context data for the
 // settings template.
 func SettingsCtxData(ctx *context.Context) {
@@ -68,9 +59,10 @@ func SettingsCtxData(ctx *context.Context) {
 	ctx.Data["DisableNewPushMirrors"] = setting.Mirror.DisableNewPush
 	ctx.Data["DefaultMirrorInterval"] = setting.Mirror.DefaultInterval
 	ctx.Data["MinimumMirrorInterval"] = setting.Mirror.MinInterval
+	ctx.Data["CanConvertFork"] = ctx.Repo.Repository.IsFork && ctx.Doer.CanCreateRepoIn(ctx.Repo.Repository.Owner)
 
 	signing, _ := asymkey_service.SigningKey(ctx, ctx.Repo.Repository.RepoPath())
-	ctx.Data["SigningKeyAvailable"] = len(signing) > 0
+	ctx.Data["SigningKeyAvailable"] = signing != nil
 	ctx.Data["SigningSettings"] = setting.Repository.Signing
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 
@@ -105,8 +97,6 @@ func Settings(ctx *context.Context) {
 
 // SettingsPost response for changes of a repository
 func SettingsPost(ctx *context.Context) {
-	form := web.GetForm(ctx).(*forms.RepoSettingForm)
-
 	ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate
 	ctx.Data["MirrorsEnabled"] = setting.Mirror.Enabled
 	ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
@@ -115,871 +105,937 @@ func SettingsPost(ctx *context.Context) {
 	ctx.Data["MinimumMirrorInterval"] = setting.Mirror.MinInterval
 
 	signing, _ := asymkey_service.SigningKey(ctx, ctx.Repo.Repository.RepoPath())
-	ctx.Data["SigningKeyAvailable"] = len(signing) > 0
+	ctx.Data["SigningKeyAvailable"] = signing != nil
 	ctx.Data["SigningSettings"] = setting.Repository.Signing
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 
-	repo := ctx.Repo.Repository
-
 	switch ctx.FormString("action") {
 	case "update":
-		if ctx.HasError() {
-			ctx.HTML(http.StatusOK, tplSettingsOptions)
-			return
-		}
+		handleSettingsPostUpdate(ctx)
+	case "mirror":
+		handleSettingsPostMirror(ctx)
+	case "mirror-sync":
+		handleSettingsPostMirrorSync(ctx)
+	case "push-mirror-sync":
+		handleSettingsPostPushMirrorSync(ctx)
+	case "push-mirror-update":
+		handleSettingsPostPushMirrorUpdate(ctx)
+	case "push-mirror-remove":
+		handleSettingsPostPushMirrorRemove(ctx)
+	case "push-mirror-add":
+		handleSettingsPostPushMirrorAdd(ctx)
+	case "advanced":
+		handleSettingsPostAdvanced(ctx)
+	case "signing":
+		handleSettingsPostSigning(ctx)
+	case "admin":
+		handleSettingsPostAdmin(ctx)
+	case "admin_index":
+		handleSettingsPostAdminIndex(ctx)
+	case "convert":
+		handleSettingsPostConvert(ctx)
+	case "convert_fork":
+		handleSettingsPostConvertFork(ctx)
+	case "transfer":
+		handleSettingsPostTransfer(ctx)
+	case "cancel_transfer":
+		handleSettingsPostCancelTransfer(ctx)
+	case "delete":
+		handleSettingsPostDelete(ctx)
+	case "delete-wiki":
+		handleSettingsPostDeleteWiki(ctx)
+	case "archive":
+		handleSettingsPostArchive(ctx)
+	case "unarchive":
+		handleSettingsPostUnarchive(ctx)
+	case "visibility":
+		handleSettingsPostVisibility(ctx)
+	default:
+		ctx.NotFound(nil)
+	}
+}
 
-		newRepoName := form.RepoName
-		// Check if repository name has been changed.
-		if repo.LowerName != strings.ToLower(newRepoName) {
-			// Close the GitRepo if open
-			if ctx.Repo.GitRepo != nil {
-				ctx.Repo.GitRepo.Close()
-				ctx.Repo.GitRepo = nil
-			}
-			if err := repo_service.ChangeRepositoryName(ctx, ctx.Doer, repo, newRepoName); err != nil {
+func handleSettingsPostUpdate(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if ctx.HasError() {
+		ctx.HTML(http.StatusOK, tplSettingsOptions)
+		return
+	}
+
+	newRepoName := form.RepoName
+	// Check if repository name has been changed.
+	if !strings.EqualFold(repo.LowerName, newRepoName) {
+		// Close the GitRepo if open
+		if ctx.Repo.GitRepo != nil {
+			ctx.Repo.GitRepo.Close()
+			ctx.Repo.GitRepo = nil
+		}
+		if err := repo_service.ChangeRepositoryName(ctx, ctx.Doer, repo, newRepoName); err != nil {
+			ctx.Data["Err_RepoName"] = true
+			switch {
+			case repo_model.IsErrRepoAlreadyExist(err):
+				ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), tplSettingsOptions, &form)
+			case db.IsErrNameReserved(err):
+				ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplSettingsOptions, &form)
+			case repo_model.IsErrRepoFilesAlreadyExist(err):
 				ctx.Data["Err_RepoName"] = true
 				switch {
-				case repo_model.IsErrRepoAlreadyExist(err):
-					ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), tplSettingsOptions, &form)
-				case db.IsErrNameReserved(err):
-					ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplSettingsOptions, &form)
-				case repo_model.IsErrRepoFilesAlreadyExist(err):
-					ctx.Data["Err_RepoName"] = true
-					switch {
-					case ctx.IsUserSiteAdmin() || (setting.Repository.AllowAdoptionOfUnadoptedRepositories && setting.Repository.AllowDeleteOfUnadoptedRepositories):
-						ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt_or_delete"), tplSettingsOptions, form)
-					case setting.Repository.AllowAdoptionOfUnadoptedRepositories:
-						ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt"), tplSettingsOptions, form)
-					case setting.Repository.AllowDeleteOfUnadoptedRepositories:
-						ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.delete"), tplSettingsOptions, form)
-					default:
-						ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist"), tplSettingsOptions, form)
-					}
-				case db.IsErrNamePatternNotAllowed(err):
-					ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplSettingsOptions, &form)
+				case ctx.IsUserSiteAdmin() || (setting.Repository.AllowAdoptionOfUnadoptedRepositories && setting.Repository.AllowDeleteOfUnadoptedRepositories):
+					ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt_or_delete"), tplSettingsOptions, form)
+				case setting.Repository.AllowAdoptionOfUnadoptedRepositories:
+					ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt"), tplSettingsOptions, form)
+				case setting.Repository.AllowDeleteOfUnadoptedRepositories:
+					ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.delete"), tplSettingsOptions, form)
 				default:
-					ctx.ServerError("ChangeRepositoryName", err)
+					ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist"), tplSettingsOptions, form)
 				}
-				return
+			case db.IsErrNamePatternNotAllowed(err):
+				ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplSettingsOptions, &form)
+			default:
+				ctx.ServerError("ChangeRepositoryName", err)
 			}
-
-			log.Trace("Repository name changed: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newRepoName)
-		}
-		// In case it's just a case change.
-		repo.Name = newRepoName
-		repo.LowerName = strings.ToLower(newRepoName)
-		repo.Description = form.Description
-		repo.Website = form.Website
-		repo.IsTemplate = form.Template
-
-		// Visibility of forked repository is forced sync with base repository.
-		if repo.IsFork {
-			form.Private = repo.BaseRepo.IsPrivate || repo.BaseRepo.Owner.Visibility == structs.VisibleTypePrivate
-		}
-
-		if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
-			ctx.ServerError("UpdateRepository", err)
 			return
 		}
-		log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(repo.Link() + "/settings")
+		log.Trace("Repository name changed: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newRepoName)
+	}
+	// In case it's just a case change.
+	repo.Name = newRepoName
+	repo.LowerName = strings.ToLower(newRepoName)
+	repo.Description = form.Description
+	repo.Website = form.Website
+	repo.IsTemplate = form.Template
+
+	// Visibility of forked repository is forced sync with base repository.
+	if repo.IsFork {
+		form.Private = repo.BaseRepo.IsPrivate || repo.BaseRepo.Owner.Visibility == structs.VisibleTypePrivate
+	}
 
-	case "mirror":
-		if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
-			ctx.NotFound(nil)
-			return
-		}
+	if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
+		ctx.ServerError("UpdateRepository", err)
+		return
+	}
+	log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 
-		pullMirror, err := repo_model.GetMirrorByRepoID(ctx, ctx.Repo.Repository.ID)
-		if err == repo_model.ErrMirrorNotExist {
-			ctx.NotFound(nil)
-			return
-		}
-		if err != nil {
-			ctx.ServerError("GetMirrorByRepoID", err)
-			return
-		}
-		// This section doesn't require repo_name/RepoName to be set in the form, don't show it
-		// as an error on the UI for this action
-		ctx.Data["Err_RepoName"] = nil
-
-		interval, err := time.ParseDuration(form.Interval)
-		if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
-			ctx.Data["Err_Interval"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		pullMirror.EnablePrune = form.EnablePrune
-		pullMirror.Interval = interval
-		pullMirror.ScheduleNextUpdate()
-		if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
-			ctx.ServerError("UpdateMirror", err)
-			return
-		}
+func handleSettingsPostMirror(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
+		ctx.NotFound(nil)
+		return
+	}
 
-		u, err := git.GetRemoteURL(ctx, ctx.Repo.Repository.RepoPath(), pullMirror.GetRemoteName())
-		if err != nil {
-			ctx.Data["Err_MirrorAddress"] = true
-			handleSettingRemoteAddrError(ctx, err, form)
-			return
-		}
-		if u.User != nil && form.MirrorPassword == "" && form.MirrorUsername == u.User.Username() {
-			form.MirrorPassword, _ = u.User.Password()
-		}
+	pullMirror, err := repo_model.GetMirrorByRepoID(ctx, ctx.Repo.Repository.ID)
+	if err == repo_model.ErrMirrorNotExist {
+		ctx.NotFound(nil)
+		return
+	}
+	if err != nil {
+		ctx.ServerError("GetMirrorByRepoID", err)
+		return
+	}
+	// This section doesn't require repo_name/RepoName to be set in the form, don't show it
+	// as an error on the UI for this action
+	ctx.Data["Err_RepoName"] = nil
+
+	interval, err := time.ParseDuration(form.Interval)
+	if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
+		ctx.Data["Err_Interval"] = true
+		ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
+		return
+	}
 
-		address, err := git.ParseRemoteAddr(form.MirrorAddress, form.MirrorUsername, form.MirrorPassword)
-		if err == nil {
-			err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
-		}
-		if err != nil {
-			ctx.Data["Err_MirrorAddress"] = true
-			handleSettingRemoteAddrError(ctx, err, form)
-			return
-		}
+	pullMirror.EnablePrune = form.EnablePrune
+	pullMirror.Interval = interval
+	pullMirror.ScheduleNextUpdate()
+	if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
+		ctx.ServerError("UpdateMirror", err)
+		return
+	}
 
-		if err := mirror_service.UpdateAddress(ctx, pullMirror, address); err != nil {
-			ctx.ServerError("UpdateAddress", err)
-			return
-		}
+	u, err := git.GetRemoteURL(ctx, ctx.Repo.Repository.RepoPath(), pullMirror.GetRemoteName())
+	if err != nil {
+		ctx.Data["Err_MirrorAddress"] = true
+		handleSettingRemoteAddrError(ctx, err, form)
+		return
+	}
+	if u.User != nil && form.MirrorPassword == "" && form.MirrorUsername == u.User.Username() {
+		form.MirrorPassword, _ = u.User.Password()
+	}
 
-		remoteAddress, err := util.SanitizeURL(form.MirrorAddress)
-		if err != nil {
-			ctx.Data["Err_MirrorAddress"] = true
-			handleSettingRemoteAddrError(ctx, err, form)
-			return
-		}
-		pullMirror.RemoteAddress = remoteAddress
+	address, err := git.ParseRemoteAddr(form.MirrorAddress, form.MirrorUsername, form.MirrorPassword)
+	if err == nil {
+		err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
+	}
+	if err != nil {
+		ctx.Data["Err_MirrorAddress"] = true
+		handleSettingRemoteAddrError(ctx, err, form)
+		return
+	}
 
-		form.LFS = form.LFS && setting.LFS.StartServer
+	if err := mirror_service.UpdateAddress(ctx, pullMirror, address); err != nil {
+		ctx.ServerError("UpdateAddress", err)
+		return
+	}
 
-		if len(form.LFSEndpoint) > 0 {
-			ep := lfs.DetermineEndpoint("", form.LFSEndpoint)
-			if ep == nil {
-				ctx.Data["Err_LFSEndpoint"] = true
-				ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_lfs_endpoint"), tplSettingsOptions, &form)
-				return
-			}
-			err = migrations.IsMigrateURLAllowed(ep.String(), ctx.Doer)
-			if err != nil {
-				ctx.Data["Err_LFSEndpoint"] = true
-				handleSettingRemoteAddrError(ctx, err, form)
-				return
-			}
-		}
+	remoteAddress, err := util.SanitizeURL(form.MirrorAddress)
+	if err != nil {
+		ctx.Data["Err_MirrorAddress"] = true
+		handleSettingRemoteAddrError(ctx, err, form)
+		return
+	}
+	pullMirror.RemoteAddress = remoteAddress
 
-		pullMirror.LFS = form.LFS
-		pullMirror.LFSEndpoint = form.LFSEndpoint
-		if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
-			ctx.ServerError("UpdateMirror", err)
+	form.LFS = form.LFS && setting.LFS.StartServer
+
+	if len(form.LFSEndpoint) > 0 {
+		ep := lfs.DetermineEndpoint("", form.LFSEndpoint)
+		if ep == nil {
+			ctx.Data["Err_LFSEndpoint"] = true
+			ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_lfs_endpoint"), tplSettingsOptions, &form)
 			return
 		}
-
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(repo.Link() + "/settings")
-
-	case "mirror-sync":
-		if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
-			ctx.NotFound(nil)
+		err = migrations.IsMigrateURLAllowed(ep.String(), ctx.Doer)
+		if err != nil {
+			ctx.Data["Err_LFSEndpoint"] = true
+			handleSettingRemoteAddrError(ctx, err, form)
 			return
 		}
+	}
 
-		mirror_service.AddPullMirrorToQueue(repo.ID)
+	pullMirror.LFS = form.LFS
+	pullMirror.LFSEndpoint = form.LFSEndpoint
+	if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
+		ctx.ServerError("UpdateMirror", err)
+		return
+	}
 
-		ctx.Flash.Info(ctx.Tr("repo.settings.pull_mirror_sync_in_progress", repo.OriginalURL))
-		ctx.Redirect(repo.Link() + "/settings")
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-	case "push-mirror-sync":
-		if !setting.Mirror.Enabled {
-			ctx.NotFound(nil)
-			return
-		}
+func handleSettingsPostMirrorSync(ctx *context.Context) {
+	repo := ctx.Repo.Repository
+	if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
+		ctx.NotFound(nil)
+		return
+	}
 
-		m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
-		if m == nil {
-			ctx.NotFound(nil)
-			return
-		}
+	mirror_service.AddPullMirrorToQueue(repo.ID)
 
-		mirror_service.AddPushMirrorToQueue(m.ID)
+	ctx.Flash.Info(ctx.Tr("repo.settings.pull_mirror_sync_in_progress", repo.OriginalURL))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		ctx.Flash.Info(ctx.Tr("repo.settings.push_mirror_sync_in_progress", m.RemoteAddress))
-		ctx.Redirect(repo.Link() + "/settings")
+func handleSettingsPostPushMirrorSync(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
 
-	case "push-mirror-update":
-		if !setting.Mirror.Enabled || repo.IsArchived {
-			ctx.NotFound(nil)
-			return
-		}
+	if !setting.Mirror.Enabled {
+		ctx.NotFound(nil)
+		return
+	}
 
-		// This section doesn't require repo_name/RepoName to be set in the form, don't show it
-		// as an error on the UI for this action
-		ctx.Data["Err_RepoName"] = nil
+	m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
+	if m == nil {
+		ctx.NotFound(nil)
+		return
+	}
 
-		interval, err := time.ParseDuration(form.PushMirrorInterval)
-		if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
-			ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &forms.RepoSettingForm{})
-			return
-		}
+	mirror_service.AddPushMirrorToQueue(m.ID)
 
-		m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
-		if m == nil {
-			ctx.NotFound(nil)
-			return
-		}
+	ctx.Flash.Info(ctx.Tr("repo.settings.push_mirror_sync_in_progress", m.RemoteAddress))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		m.Interval = interval
-		if err := repo_model.UpdatePushMirrorInterval(ctx, m); err != nil {
-			ctx.ServerError("UpdatePushMirrorInterval", err)
-			return
-		}
-		// Background why we are adding it to Queue
-		// If we observed its implementation in the context of `push-mirror-sync` where it
-		// is evident that pushing to the queue is necessary for updates.
-		// So, there are updates within the given interval, it is necessary to update the queue accordingly.
-		if !ctx.FormBool("push_mirror_defer_sync") {
-			// push_mirror_defer_sync is mainly for testing purpose, we do not really want to sync the push mirror immediately
-			mirror_service.AddPushMirrorToQueue(m.ID)
-		}
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(repo.Link() + "/settings")
+func handleSettingsPostPushMirrorUpdate(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
 
-	case "push-mirror-remove":
-		if !setting.Mirror.Enabled || repo.IsArchived {
-			ctx.NotFound(nil)
-			return
-		}
+	if !setting.Mirror.Enabled || repo.IsArchived {
+		ctx.NotFound(nil)
+		return
+	}
 
-		// This section doesn't require repo_name/RepoName to be set in the form, don't show it
-		// as an error on the UI for this action
-		ctx.Data["Err_RepoName"] = nil
+	// This section doesn't require repo_name/RepoName to be set in the form, don't show it
+	// as an error on the UI for this action
+	ctx.Data["Err_RepoName"] = nil
 
-		m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
-		if m == nil {
-			ctx.NotFound(nil)
-			return
-		}
+	interval, err := time.ParseDuration(form.PushMirrorInterval)
+	if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
+		ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &forms.RepoSettingForm{})
+		return
+	}
 
-		if err := mirror_service.RemovePushMirrorRemote(ctx, m); err != nil {
-			ctx.ServerError("RemovePushMirrorRemote", err)
-			return
-		}
+	m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
+	if m == nil {
+		ctx.NotFound(nil)
+		return
+	}
 
-		if err := repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
-			ctx.ServerError("DeletePushMirrorByID", err)
-			return
-		}
+	m.Interval = interval
+	if err := repo_model.UpdatePushMirrorInterval(ctx, m); err != nil {
+		ctx.ServerError("UpdatePushMirrorInterval", err)
+		return
+	}
+	// Background why we are adding it to Queue
+	// If we observed its implementation in the context of `push-mirror-sync` where it
+	// is evident that pushing to the queue is necessary for updates.
+	// So, there are updates within the given interval, it is necessary to update the queue accordingly.
+	if !ctx.FormBool("push_mirror_defer_sync") {
+		// push_mirror_defer_sync is mainly for testing purpose, we do not really want to sync the push mirror immediately
+		mirror_service.AddPushMirrorToQueue(m.ID)
+	}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(repo.Link() + "/settings")
+func handleSettingsPostPushMirrorRemove(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
 
-	case "push-mirror-add":
-		if setting.Mirror.DisableNewPush || repo.IsArchived {
-			ctx.NotFound(nil)
-			return
-		}
+	if !setting.Mirror.Enabled || repo.IsArchived {
+		ctx.NotFound(nil)
+		return
+	}
 
-		// This section doesn't require repo_name/RepoName to be set in the form, don't show it
-		// as an error on the UI for this action
-		ctx.Data["Err_RepoName"] = nil
+	// This section doesn't require repo_name/RepoName to be set in the form, don't show it
+	// as an error on the UI for this action
+	ctx.Data["Err_RepoName"] = nil
 
-		interval, err := time.ParseDuration(form.PushMirrorInterval)
-		if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
-			ctx.Data["Err_PushMirrorInterval"] = true
-			ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
-			return
-		}
+	m, _, _ := repo_model.GetPushMirrorByIDAndRepoID(ctx, form.PushMirrorID, repo.ID)
+	if m == nil {
+		ctx.NotFound(nil)
+		return
+	}
 
-		address, err := git.ParseRemoteAddr(form.PushMirrorAddress, form.PushMirrorUsername, form.PushMirrorPassword)
-		if err == nil {
-			err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
-		}
-		if err != nil {
-			ctx.Data["Err_PushMirrorAddress"] = true
-			handleSettingRemoteAddrError(ctx, err, form)
-			return
-		}
+	if err := mirror_service.RemovePushMirrorRemote(ctx, m); err != nil {
+		ctx.ServerError("RemovePushMirrorRemote", err)
+		return
+	}
 
-		remoteSuffix, err := util.CryptoRandomString(10)
-		if err != nil {
-			ctx.ServerError("RandomString", err)
-			return
-		}
+	if err := repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
+		ctx.ServerError("DeletePushMirrorByID", err)
+		return
+	}
 
-		remoteAddress, err := util.SanitizeURL(form.PushMirrorAddress)
-		if err != nil {
-			ctx.Data["Err_PushMirrorAddress"] = true
-			handleSettingRemoteAddrError(ctx, err, form)
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		m := &repo_model.PushMirror{
-			RepoID:        repo.ID,
-			Repo:          repo,
-			RemoteName:    fmt.Sprintf("remote_mirror_%s", remoteSuffix),
-			SyncOnCommit:  form.PushMirrorSyncOnCommit,
-			Interval:      interval,
-			RemoteAddress: remoteAddress,
-		}
-		if err := db.Insert(ctx, m); err != nil {
-			ctx.ServerError("InsertPushMirror", err)
-			return
-		}
+func handleSettingsPostPushMirrorAdd(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
 
-		if err := mirror_service.AddPushMirrorRemote(ctx, m, address); err != nil {
-			if err := repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
-				log.Error("DeletePushMirrors %v", err)
-			}
-			ctx.ServerError("AddPushMirrorRemote", err)
-			return
-		}
+	if setting.Mirror.DisableNewPush || repo.IsArchived {
+		ctx.NotFound(nil)
+		return
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(repo.Link() + "/settings")
+	// This section doesn't require repo_name/RepoName to be set in the form, don't show it
+	// as an error on the UI for this action
+	ctx.Data["Err_RepoName"] = nil
 
-	case "advanced":
-		var repoChanged bool
-		var units []repo_model.RepoUnit
-		var deleteUnitTypes []unit_model.Type
+	interval, err := time.ParseDuration(form.PushMirrorInterval)
+	if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
+		ctx.Data["Err_PushMirrorInterval"] = true
+		ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
+		return
+	}
 
-		// This section doesn't require repo_name/RepoName to be set in the form, don't show it
-		// as an error on the UI for this action
-		ctx.Data["Err_RepoName"] = nil
+	address, err := git.ParseRemoteAddr(form.PushMirrorAddress, form.PushMirrorUsername, form.PushMirrorPassword)
+	if err == nil {
+		err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
+	}
+	if err != nil {
+		ctx.Data["Err_PushMirrorAddress"] = true
+		handleSettingRemoteAddrError(ctx, err, form)
+		return
+	}
 
-		if repo.CloseIssuesViaCommitInAnyBranch != form.EnableCloseIssuesViaCommitInAnyBranch {
-			repo.CloseIssuesViaCommitInAnyBranch = form.EnableCloseIssuesViaCommitInAnyBranch
-			repoChanged = true
-		}
+	remoteSuffix, err := util.CryptoRandomString(10)
+	if err != nil {
+		ctx.ServerError("RandomString", err)
+		return
+	}
 
-		if form.EnableCode && !unit_model.TypeCode.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID:             repo.ID,
-				Type:               unit_model.TypeCode,
-				EveryoneAccessMode: parseEveryoneAccessMode(form.DefaultCodeEveryoneAccess, perm.AccessModeNone, perm.AccessModeRead),
-			})
-		} else if !unit_model.TypeCode.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeCode)
-		}
+	remoteAddress, err := util.SanitizeURL(form.PushMirrorAddress)
+	if err != nil {
+		ctx.Data["Err_PushMirrorAddress"] = true
+		handleSettingRemoteAddrError(ctx, err, form)
+		return
+	}
 
-		if form.EnableWiki && form.EnableExternalWiki && !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
-			if !validation.IsValidExternalURL(form.ExternalWikiURL) {
-				ctx.Flash.Error(ctx.Tr("repo.settings.external_wiki_url_error"))
-				ctx.Redirect(repo.Link() + "/settings")
-				return
-			}
+	m := &repo_model.PushMirror{
+		RepoID:        repo.ID,
+		Repo:          repo,
+		RemoteName:    "remote_mirror_" + remoteSuffix,
+		SyncOnCommit:  form.PushMirrorSyncOnCommit,
+		Interval:      interval,
+		RemoteAddress: remoteAddress,
+	}
+	if err := db.Insert(ctx, m); err != nil {
+		ctx.ServerError("InsertPushMirror", err)
+		return
+	}
 
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeExternalWiki,
-				Config: &repo_model.ExternalWikiConfig{
-					ExternalWikiURL: form.ExternalWikiURL,
-				},
-			})
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
-		} else if form.EnableWiki && !form.EnableExternalWiki && !unit_model.TypeWiki.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID:             repo.ID,
-				Type:               unit_model.TypeWiki,
-				Config:             new(repo_model.UnitConfig),
-				EveryoneAccessMode: parseEveryoneAccessMode(form.DefaultWikiEveryoneAccess, perm.AccessModeNone, perm.AccessModeRead, perm.AccessModeWrite),
-			})
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
-		} else {
-			if !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
-				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
-			}
-			if !unit_model.TypeWiki.UnitGlobalDisabled() {
-				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
-			}
+	if err := mirror_service.AddPushMirrorRemote(ctx, m, address); err != nil {
+		if err := repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
+			log.Error("DeletePushMirrors %v", err)
 		}
+		ctx.ServerError("AddPushMirrorRemote", err)
+		return
+	}
 
-		if form.DefaultWikiBranch != "" {
-			if err := wiki_service.ChangeDefaultWikiBranch(ctx, repo, form.DefaultWikiBranch); err != nil {
-				log.Error("ChangeDefaultWikiBranch failed, err: %v", err)
-				ctx.Flash.Warning(ctx.Tr("repo.settings.failed_to_change_default_wiki_branch"))
-			}
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		if form.EnableIssues && form.EnableExternalTracker && !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
-			if !validation.IsValidExternalURL(form.ExternalTrackerURL) {
-				ctx.Flash.Error(ctx.Tr("repo.settings.external_tracker_url_error"))
-				ctx.Redirect(repo.Link() + "/settings")
-				return
-			}
-			if len(form.TrackerURLFormat) != 0 && !validation.IsValidExternalTrackerURLFormat(form.TrackerURLFormat) {
-				ctx.Flash.Error(ctx.Tr("repo.settings.tracker_url_format_error"))
-				ctx.Redirect(repo.Link() + "/settings")
-				return
-			}
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeExternalTracker,
-				Config: &repo_model.ExternalTrackerConfig{
-					ExternalTrackerURL:           form.ExternalTrackerURL,
-					ExternalTrackerFormat:        form.TrackerURLFormat,
-					ExternalTrackerStyle:         form.TrackerIssueStyle,
-					ExternalTrackerRegexpPattern: form.ExternalTrackerRegexpPattern,
-				},
-			})
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
-		} else if form.EnableIssues && !form.EnableExternalTracker && !unit_model.TypeIssues.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeIssues,
-				Config: &repo_model.IssuesConfig{
-					EnableTimetracker:                form.EnableTimetracker,
-					AllowOnlyContributorsToTrackTime: form.AllowOnlyContributorsToTrackTime,
-					EnableDependencies:               form.EnableIssueDependencies,
-				},
-				EveryoneAccessMode: parseEveryoneAccessMode(form.DefaultIssuesEveryoneAccess, perm.AccessModeNone, perm.AccessModeRead),
-			})
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
-		} else {
-			if !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
-				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
-			}
-			if !unit_model.TypeIssues.UnitGlobalDisabled() {
-				deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
-			}
+func newRepoUnit(repo *repo_model.Repository, unitType unit_model.Type, config convert.Conversion) repo_model.RepoUnit {
+	repoUnit := repo_model.RepoUnit{RepoID: repo.ID, Type: unitType, Config: config}
+	for _, u := range repo.Units {
+		if u.Type == unitType {
+			repoUnit.EveryoneAccessMode = u.EveryoneAccessMode
+			repoUnit.AnonymousAccessMode = u.AnonymousAccessMode
 		}
+	}
+	return repoUnit
+}
 
-		if form.EnableProjects && !unit_model.TypeProjects.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeProjects,
-				Config: &repo_model.ProjectsConfig{
-					ProjectsMode: repo_model.ProjectsMode(form.ProjectsMode),
-				},
-			})
-		} else if !unit_model.TypeProjects.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeProjects)
-		}
+func handleSettingsPostAdvanced(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	var repoChanged bool
+	var units []repo_model.RepoUnit
+	var deleteUnitTypes []unit_model.Type
 
-		if form.EnableReleases && !unit_model.TypeReleases.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeReleases,
-			})
-		} else if !unit_model.TypeReleases.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeReleases)
-		}
+	// This section doesn't require repo_name/RepoName to be set in the form, don't show it
+	// as an error on the UI for this action
+	ctx.Data["Err_RepoName"] = nil
+
+	if repo.CloseIssuesViaCommitInAnyBranch != form.EnableCloseIssuesViaCommitInAnyBranch {
+		repo.CloseIssuesViaCommitInAnyBranch = form.EnableCloseIssuesViaCommitInAnyBranch
+		repoChanged = true
+	}
+
+	if form.EnableCode && !unit_model.TypeCode.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeCode, nil))
+	} else if !unit_model.TypeCode.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeCode)
+	}
 
-		if form.EnablePackages && !unit_model.TypePackages.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypePackages,
-			})
-		} else if !unit_model.TypePackages.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePackages)
+	if form.EnableWiki && form.EnableExternalWiki && !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
+		if !validation.IsValidExternalURL(form.ExternalWikiURL) {
+			ctx.Flash.Error(ctx.Tr("repo.settings.external_wiki_url_error"))
+			ctx.Redirect(repo.Link() + "/settings")
+			return
 		}
 
-		if form.EnableActions && !unit_model.TypeActions.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypeActions,
-			})
-		} else if !unit_model.TypeActions.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeActions)
+		units = append(units, newRepoUnit(repo, unit_model.TypeExternalWiki, &repo_model.ExternalWikiConfig{
+			ExternalWikiURL: form.ExternalWikiURL,
+		}))
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
+	} else if form.EnableWiki && !form.EnableExternalWiki && !unit_model.TypeWiki.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeWiki, new(repo_model.UnitConfig)))
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
+	} else {
+		if !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
+			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
 		}
+		if !unit_model.TypeWiki.UnitGlobalDisabled() {
+			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
+		}
+	}
 
-		if form.EnablePulls && !unit_model.TypePullRequests.UnitGlobalDisabled() {
-			units = append(units, repo_model.RepoUnit{
-				RepoID: repo.ID,
-				Type:   unit_model.TypePullRequests,
-				Config: &repo_model.PullRequestsConfig{
-					IgnoreWhitespaceConflicts:     form.PullsIgnoreWhitespace,
-					AllowMerge:                    form.PullsAllowMerge,
-					AllowRebase:                   form.PullsAllowRebase,
-					AllowRebaseMerge:              form.PullsAllowRebaseMerge,
-					AllowSquash:                   form.PullsAllowSquash,
-					AllowFastForwardOnly:          form.PullsAllowFastForwardOnly,
-					AllowManualMerge:              form.PullsAllowManualMerge,
-					AutodetectManualMerge:         form.EnableAutodetectManualMerge,
-					AllowRebaseUpdate:             form.PullsAllowRebaseUpdate,
-					DefaultDeleteBranchAfterMerge: form.DefaultDeleteBranchAfterMerge,
-					DefaultMergeStyle:             repo_model.MergeStyle(form.PullsDefaultMergeStyle),
-					DefaultAllowMaintainerEdit:    form.DefaultAllowMaintainerEdit,
-				},
-			})
-		} else if !unit_model.TypePullRequests.UnitGlobalDisabled() {
-			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePullRequests)
+	if form.DefaultWikiBranch != "" {
+		if err := wiki_service.ChangeDefaultWikiBranch(ctx, repo, form.DefaultWikiBranch); err != nil {
+			log.Error("ChangeDefaultWikiBranch failed, err: %v", err)
+			ctx.Flash.Warning(ctx.Tr("repo.settings.failed_to_change_default_wiki_branch"))
 		}
+	}
 
-		if len(units) == 0 {
-			ctx.Flash.Error(ctx.Tr("repo.settings.update_settings_no_unit"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+	if form.EnableIssues && form.EnableExternalTracker && !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
+		if !validation.IsValidExternalURL(form.ExternalTrackerURL) {
+			ctx.Flash.Error(ctx.Tr("repo.settings.external_tracker_url_error"))
+			ctx.Redirect(repo.Link() + "/settings")
 			return
 		}
-
-		if err := repo_service.UpdateRepositoryUnits(ctx, repo, units, deleteUnitTypes); err != nil {
-			ctx.ServerError("UpdateRepositoryUnits", err)
+		if len(form.TrackerURLFormat) != 0 && !validation.IsValidExternalTrackerURLFormat(form.TrackerURLFormat) {
+			ctx.Flash.Error(ctx.Tr("repo.settings.tracker_url_format_error"))
+			ctx.Redirect(repo.Link() + "/settings")
 			return
 		}
-		if repoChanged {
-			if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
-				ctx.ServerError("UpdateRepository", err)
-				return
-			}
+		units = append(units, newRepoUnit(repo, unit_model.TypeExternalTracker, &repo_model.ExternalTrackerConfig{
+			ExternalTrackerURL:           form.ExternalTrackerURL,
+			ExternalTrackerFormat:        form.TrackerURLFormat,
+			ExternalTrackerStyle:         form.TrackerIssueStyle,
+			ExternalTrackerRegexpPattern: form.ExternalTrackerRegexpPattern,
+		}))
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
+	} else if form.EnableIssues && !form.EnableExternalTracker && !unit_model.TypeIssues.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeIssues, &repo_model.IssuesConfig{
+			EnableTimetracker:                form.EnableTimetracker,
+			AllowOnlyContributorsToTrackTime: form.AllowOnlyContributorsToTrackTime,
+			EnableDependencies:               form.EnableIssueDependencies,
+		}))
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
+	} else {
+		if !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
+			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
 		}
-		log.Trace("Repository advanced settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+		if !unit_model.TypeIssues.UnitGlobalDisabled() {
+			deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
+		}
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+	if form.EnableProjects && !unit_model.TypeProjects.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeProjects, &repo_model.ProjectsConfig{
+			ProjectsMode: repo_model.ProjectsMode(form.ProjectsMode),
+		}))
+	} else if !unit_model.TypeProjects.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeProjects)
+	}
 
-	case "signing":
-		changed := false
-		trustModel := repo_model.ToTrustModel(form.TrustModel)
-		if trustModel != repo.TrustModel {
-			repo.TrustModel = trustModel
-			changed = true
-		}
+	if form.EnableReleases && !unit_model.TypeReleases.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeReleases, nil))
+	} else if !unit_model.TypeReleases.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeReleases)
+	}
 
-		if changed {
-			if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
-				ctx.ServerError("UpdateRepository", err)
-				return
-			}
-		}
-		log.Trace("Repository signing settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	if form.EnablePackages && !unit_model.TypePackages.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypePackages, nil))
+	} else if !unit_model.TypePackages.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePackages)
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+	if form.EnableActions && !unit_model.TypeActions.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypeActions, nil))
+	} else if !unit_model.TypeActions.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeActions)
+	}
 
-	case "admin":
-		if !ctx.Doer.IsAdmin {
-			ctx.HTTPError(http.StatusForbidden)
-			return
-		}
+	if form.EnablePulls && !unit_model.TypePullRequests.UnitGlobalDisabled() {
+		units = append(units, newRepoUnit(repo, unit_model.TypePullRequests, &repo_model.PullRequestsConfig{
+			IgnoreWhitespaceConflicts:     form.PullsIgnoreWhitespace,
+			AllowMerge:                    form.PullsAllowMerge,
+			AllowRebase:                   form.PullsAllowRebase,
+			AllowRebaseMerge:              form.PullsAllowRebaseMerge,
+			AllowSquash:                   form.PullsAllowSquash,
+			AllowFastForwardOnly:          form.PullsAllowFastForwardOnly,
+			AllowManualMerge:              form.PullsAllowManualMerge,
+			AutodetectManualMerge:         form.EnableAutodetectManualMerge,
+			AllowRebaseUpdate:             form.PullsAllowRebaseUpdate,
+			DefaultDeleteBranchAfterMerge: form.DefaultDeleteBranchAfterMerge,
+			DefaultMergeStyle:             repo_model.MergeStyle(form.PullsDefaultMergeStyle),
+			DefaultAllowMaintainerEdit:    form.DefaultAllowMaintainerEdit,
+		}))
+	} else if !unit_model.TypePullRequests.UnitGlobalDisabled() {
+		deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePullRequests)
+	}
 
-		if repo.IsFsckEnabled != form.EnableHealthCheck {
-			repo.IsFsckEnabled = form.EnableHealthCheck
-		}
+	if len(units) == 0 {
+		ctx.Flash.Error(ctx.Tr("repo.settings.update_settings_no_unit"))
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
+	}
 
+	if err := repo_service.UpdateRepositoryUnits(ctx, repo, units, deleteUnitTypes); err != nil {
+		ctx.ServerError("UpdateRepositoryUnits", err)
+		return
+	}
+	if repoChanged {
 		if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
 			ctx.ServerError("UpdateRepository", err)
 			return
 		}
+	}
+	log.Trace("Repository advanced settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 
-		log.Trace("Repository admin settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
-
-		ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-
-	case "admin_index":
-		if !ctx.Doer.IsAdmin {
-			ctx.HTTPError(http.StatusForbidden)
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		switch form.RequestReindexType {
-		case "stats":
-			if err := stats.UpdateRepoIndexer(ctx.Repo.Repository); err != nil {
-				ctx.ServerError("UpdateStatsRepondexer", err)
-				return
-			}
-		case "code":
-			if !setting.Indexer.RepoIndexerEnabled {
-				ctx.HTTPError(http.StatusForbidden)
-				return
-			}
-			code.UpdateRepoIndexer(ctx.Repo.Repository)
-		default:
-			ctx.NotFound(nil)
+func handleSettingsPostSigning(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	trustModel := repo_model.ToTrustModel(form.TrustModel)
+	if trustModel != repo.TrustModel {
+		repo.TrustModel = trustModel
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "trust_model"); err != nil {
+			ctx.ServerError("UpdateRepositoryColsNoAutoTime", err)
 			return
 		}
+		log.Trace("Repository signing settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	}
 
-		log.Trace("Repository reindex for %s requested: %s/%s", form.RequestReindexType, ctx.Repo.Owner.Name, repo.Name)
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.reindex_requested"))
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+func handleSettingsPostAdmin(ctx *context.Context) {
+	if !ctx.Doer.IsAdmin {
+		ctx.HTTPError(http.StatusForbidden)
+		return
+	}
 
-	case "convert":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
-		if repo.Name != form.RepoName {
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+	repo := ctx.Repo.Repository
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	if repo.IsFsckEnabled != form.EnableHealthCheck {
+		repo.IsFsckEnabled = form.EnableHealthCheck
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_fsck_enabled"); err != nil {
+			ctx.ServerError("UpdateRepositoryColsNoAutoTime", err)
 			return
 		}
+		log.Trace("Repository admin settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	}
 
-		if !repo.IsMirror {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
-		repo.IsMirror = false
+	ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		if _, err := repo_service.CleanUpMigrateInfo(ctx, repo); err != nil {
-			ctx.ServerError("CleanUpMigrateInfo", err)
-			return
-		} else if err = repo_model.DeleteMirrorByRepoID(ctx, ctx.Repo.Repository.ID); err != nil {
-			ctx.ServerError("DeleteMirrorByRepoID", err)
-			return
-		}
-		log.Trace("Repository converted from mirror to regular: %s", repo.FullName())
-		ctx.Flash.Success(ctx.Tr("repo.settings.convert_succeed"))
-		ctx.Redirect(repo.Link())
+func handleSettingsPostAdminIndex(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Doer.IsAdmin {
+		ctx.HTTPError(http.StatusForbidden)
+		return
+	}
 
-	case "convert_fork":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
+	switch form.RequestReindexType {
+	case "stats":
+		if err := stats.UpdateRepoIndexer(ctx.Repo.Repository); err != nil {
+			ctx.ServerError("UpdateStatsRepondexer", err)
 			return
 		}
-		if err := repo.LoadOwner(ctx); err != nil {
-			ctx.ServerError("Convert Fork", err)
-			return
-		}
-		if repo.Name != form.RepoName {
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+	case "code":
+		if !setting.Indexer.RepoIndexerEnabled {
+			ctx.HTTPError(http.StatusForbidden)
 			return
 		}
+		code.UpdateRepoIndexer(ctx.Repo.Repository)
+	default:
+		ctx.NotFound(nil)
+		return
+	}
 
-		if !repo.IsFork {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
+	log.Trace("Repository reindex for %s requested: %s/%s", form.RequestReindexType, ctx.Repo.Owner.Name, repo.Name)
 
-		if !ctx.Repo.Owner.CanCreateRepo() {
-			maxCreationLimit := ctx.Repo.Owner.MaxCreationLimit()
-			msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", maxCreationLimit)
-			ctx.Flash.Error(msg)
-			ctx.Redirect(repo.Link() + "/settings")
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.reindex_requested"))
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		if err := repo_service.ConvertForkToNormalRepository(ctx, repo); err != nil {
-			log.Error("Unable to convert repository %-v from fork. Error: %v", repo, err)
-			ctx.ServerError("Convert Fork", err)
-			return
-		}
+func handleSettingsPostConvert(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	if repo.Name != form.RepoName {
+		ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+		return
+	}
 
-		log.Trace("Repository converted from fork to regular: %s", repo.FullName())
-		ctx.Flash.Success(ctx.Tr("repo.settings.convert_fork_succeed"))
-		ctx.Redirect(repo.Link())
+	if !repo.IsMirror {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	repo.IsMirror = false
 
-	case "transfer":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
-		if repo.Name != form.RepoName {
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
-			return
-		}
+	if _, err := repo_service.CleanUpMigrateInfo(ctx, repo); err != nil {
+		ctx.ServerError("CleanUpMigrateInfo", err)
+		return
+	} else if err = repo_model.DeleteMirrorByRepoID(ctx, ctx.Repo.Repository.ID); err != nil {
+		ctx.ServerError("DeleteMirrorByRepoID", err)
+		return
+	}
+	log.Trace("Repository converted from mirror to regular: %s", repo.FullName())
+	ctx.Flash.Success(ctx.Tr("repo.settings.convert_succeed"))
+	ctx.Redirect(repo.Link())
+}
 
-		newOwner, err := user_model.GetUserByName(ctx, ctx.FormString("new_owner_name"))
-		if err != nil {
-			if user_model.IsErrUserNotExist(err) {
-				ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
-				return
-			}
-			ctx.ServerError("IsUserExist", err)
-			return
-		}
+func handleSettingsPostConvertFork(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	if err := repo.LoadOwner(ctx); err != nil {
+		ctx.ServerError("Convert Fork", err)
+		return
+	}
+	if repo.Name != form.RepoName {
+		ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+		return
+	}
 
-		if newOwner.Type == user_model.UserTypeOrganization {
-			if !ctx.Doer.IsAdmin && newOwner.Visibility == structs.VisibleTypePrivate && !organization.OrgFromUser(newOwner).HasMemberWithUserID(ctx, ctx.Doer.ID) {
-				// The user shouldn't know about this organization
-				ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
-				return
-			}
-		}
+	if !repo.IsFork {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
 
-		// Close the GitRepo if open
-		if ctx.Repo.GitRepo != nil {
-			ctx.Repo.GitRepo.Close()
-			ctx.Repo.GitRepo = nil
-		}
+	if !ctx.Doer.CanForkRepoIn(ctx.Repo.Owner) {
+		maxCreationLimit := ctx.Repo.Owner.MaxCreationLimit()
+		msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", maxCreationLimit)
+		ctx.Flash.Error(msg)
+		ctx.Redirect(repo.Link() + "/settings")
+		return
+	}
 
-		oldFullname := repo.FullName()
-		if err := repo_service.StartRepositoryTransfer(ctx, ctx.Doer, newOwner, repo, nil); err != nil {
-			if repo_model.IsErrRepoAlreadyExist(err) {
-				ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), tplSettingsOptions, nil)
-			} else if repo_model.IsErrRepoTransferInProgress(err) {
-				ctx.RenderWithErr(ctx.Tr("repo.settings.transfer_in_progress"), tplSettingsOptions, nil)
-			} else if errors.Is(err, user_model.ErrBlockedUser) {
-				ctx.RenderWithErr(ctx.Tr("repo.settings.transfer.blocked_user"), tplSettingsOptions, nil)
-			} else {
-				ctx.ServerError("TransferOwnership", err)
-			}
+	if err := repo_service.ConvertForkToNormalRepository(ctx, repo); err != nil {
+		log.Error("Unable to convert repository %-v from fork. Error: %v", repo, err)
+		ctx.ServerError("Convert Fork", err)
+		return
+	}
 
-			return
-		}
+	log.Trace("Repository converted from fork to regular: %s", repo.FullName())
+	ctx.Flash.Success(ctx.Tr("repo.settings.convert_fork_succeed"))
+	ctx.Redirect(repo.Link())
+}
 
-		if ctx.Repo.Repository.Status == repo_model.RepositoryPendingTransfer {
-			log.Trace("Repository transfer process was started: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newOwner)
-			ctx.Flash.Success(ctx.Tr("repo.settings.transfer_started", newOwner.DisplayName()))
-		} else {
-			log.Trace("Repository transferred: %s -> %s", oldFullname, ctx.Repo.Repository.FullName())
-			ctx.Flash.Success(ctx.Tr("repo.settings.transfer_succeed"))
-		}
-		ctx.Redirect(repo.Link() + "/settings")
+func handleSettingsPostTransfer(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	if repo.Name != form.RepoName {
+		ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+		return
+	}
 
-	case "cancel_transfer":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
+	newOwner, err := user_model.GetUserByName(ctx, ctx.FormString("new_owner_name"))
+	if err != nil {
+		if user_model.IsErrUserNotExist(err) {
+			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
 			return
 		}
+		ctx.ServerError("IsUserExist", err)
+		return
+	}
 
-		repoTransfer, err := repo_model.GetPendingRepositoryTransfer(ctx, ctx.Repo.Repository)
-		if err != nil {
-			if repo_model.IsErrNoPendingTransfer(err) {
-				ctx.Flash.Error("repo.settings.transfer_abort_invalid")
-				ctx.Redirect(repo.Link() + "/settings")
-			} else {
-				ctx.ServerError("GetPendingRepositoryTransfer", err)
-			}
+	if newOwner.Type == user_model.UserTypeOrganization {
+		if !ctx.Doer.IsAdmin && newOwner.Visibility == structs.VisibleTypePrivate && !organization.OrgFromUser(newOwner).HasMemberWithUserID(ctx, ctx.Doer.ID) {
+			// The user shouldn't know about this organization
+			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
 			return
 		}
+	}
 
-		if err := repo_service.CancelRepositoryTransfer(ctx, repoTransfer, ctx.Doer); err != nil {
-			ctx.ServerError("CancelRepositoryTransfer", err)
-			return
+	// Close the GitRepo if open
+	if ctx.Repo.GitRepo != nil {
+		ctx.Repo.GitRepo.Close()
+		ctx.Repo.GitRepo = nil
+	}
+
+	oldFullname := repo.FullName()
+	if err := repo_service.StartRepositoryTransfer(ctx, ctx.Doer, newOwner, repo, nil); err != nil {
+		if repo_model.IsErrRepoAlreadyExist(err) {
+			ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), tplSettingsOptions, nil)
+		} else if repo_model.IsErrRepoTransferInProgress(err) {
+			ctx.RenderWithErr(ctx.Tr("repo.settings.transfer_in_progress"), tplSettingsOptions, nil)
+		} else if repo_service.IsRepositoryLimitReached(err) {
+			limit := err.(repo_service.LimitReachedError).Limit
+			ctx.RenderWithErr(ctx.TrN(limit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", limit), tplSettingsOptions, nil)
+		} else if errors.Is(err, user_model.ErrBlockedUser) {
+			ctx.RenderWithErr(ctx.Tr("repo.settings.transfer.blocked_user"), tplSettingsOptions, nil)
+		} else {
+			ctx.ServerError("TransferOwnership", err)
 		}
 
-		log.Trace("Repository transfer process was cancelled: %s/%s ", ctx.Repo.Owner.Name, repo.Name)
-		ctx.Flash.Success(ctx.Tr("repo.settings.transfer_abort_success", repoTransfer.Recipient.Name))
-		ctx.Redirect(repo.Link() + "/settings")
+		return
+	}
 
-	case "delete":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
-		if repo.Name != form.RepoName {
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
-			return
-		}
+	if ctx.Repo.Repository.Status == repo_model.RepositoryPendingTransfer {
+		log.Trace("Repository transfer process was started: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newOwner)
+		ctx.Flash.Success(ctx.Tr("repo.settings.transfer_started", newOwner.DisplayName()))
+	} else {
+		log.Trace("Repository transferred: %s -> %s", oldFullname, ctx.Repo.Repository.FullName())
+		ctx.Flash.Success(ctx.Tr("repo.settings.transfer_succeed"))
+	}
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		// Close the gitrepository before doing this.
-		if ctx.Repo.GitRepo != nil {
-			ctx.Repo.GitRepo.Close()
-		}
+func handleSettingsPostCancelTransfer(ctx *context.Context) {
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
 
-		if err := repo_service.DeleteRepository(ctx, ctx.Doer, ctx.Repo.Repository, true); err != nil {
-			ctx.ServerError("DeleteRepository", err)
-			return
+	repoTransfer, err := repo_model.GetPendingRepositoryTransfer(ctx, ctx.Repo.Repository)
+	if err != nil {
+		if repo_model.IsErrNoPendingTransfer(err) {
+			ctx.Flash.Error("repo.settings.transfer_abort_invalid")
+			ctx.Redirect(repo.Link() + "/settings")
+		} else {
+			ctx.ServerError("GetPendingRepositoryTransfer", err)
 		}
-		log.Trace("Repository deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+		return
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.deletion_success"))
-		ctx.Redirect(ctx.Repo.Owner.DashboardLink())
+	if err := repo_service.CancelRepositoryTransfer(ctx, repoTransfer, ctx.Doer); err != nil {
+		ctx.ServerError("CancelRepositoryTransfer", err)
+		return
+	}
 
-	case "delete-wiki":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusNotFound)
-			return
-		}
-		if repo.Name != form.RepoName {
-			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
-			return
-		}
+	log.Trace("Repository transfer process was cancelled: %s/%s ", ctx.Repo.Owner.Name, repo.Name)
+	ctx.Flash.Success(ctx.Tr("repo.settings.transfer_abort_success", repoTransfer.Recipient.Name))
+	ctx.Redirect(repo.Link() + "/settings")
+}
 
-		err := wiki_service.DeleteWiki(ctx, repo)
-		if err != nil {
-			log.Error("Delete Wiki: %v", err.Error())
-		}
-		log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+func handleSettingsPostDelete(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	if repo.Name != form.RepoName {
+		ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+		return
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.wiki_deletion_success"))
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+	// Close the gitrepository before doing this.
+	if ctx.Repo.GitRepo != nil {
+		ctx.Repo.GitRepo.Close()
+	}
 
-	case "archive":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusForbidden)
-			return
-		}
+	if err := repo_service.DeleteRepository(ctx, ctx.Doer, ctx.Repo.Repository, true); err != nil {
+		ctx.ServerError("DeleteRepository", err)
+		return
+	}
+	log.Trace("Repository deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 
-		if repo.IsMirror {
-			ctx.Flash.Error(ctx.Tr("repo.settings.archive.error_ismirror"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.deletion_success"))
+	ctx.Redirect(ctx.Repo.Owner.DashboardLink())
+}
 
-		if err := repo_model.SetArchiveRepoState(ctx, repo, true); err != nil {
-			log.Error("Tried to archive a repo: %s", err)
-			ctx.Flash.Error(ctx.Tr("repo.settings.archive.error"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-			return
-		}
+func handleSettingsPostDeleteWiki(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusNotFound)
+		return
+	}
+	if repo.Name != form.RepoName {
+		ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
+		return
+	}
 
-		if err := actions_service.CleanRepoScheduleTasks(ctx, repo); err != nil {
-			log.Error("CleanRepoScheduleTasks for archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
-		}
+	err := wiki_service.DeleteWiki(ctx, repo)
+	if err != nil {
+		log.Error("Delete Wiki: %v", err.Error())
+	}
+	log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 
-		// update issue indexer
-		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
+	ctx.Flash.Success(ctx.Tr("repo.settings.wiki_deletion_success"))
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.archive.success"))
+func handleSettingsPostArchive(ctx *context.Context) {
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusForbidden)
+		return
+	}
 
-		log.Trace("Repository was archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	if repo.IsMirror {
+		ctx.Flash.Error(ctx.Tr("repo.settings.archive.error_ismirror"))
 		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
+	}
 
-	case "unarchive":
-		if !ctx.Repo.IsOwner() {
-			ctx.HTTPError(http.StatusForbidden)
-			return
-		}
+	if err := repo_model.SetArchiveRepoState(ctx, repo, true); err != nil {
+		log.Error("Tried to archive a repo: %s", err)
+		ctx.Flash.Error(ctx.Tr("repo.settings.archive.error"))
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
+	}
 
-		if err := repo_model.SetArchiveRepoState(ctx, repo, false); err != nil {
-			log.Error("Tried to unarchive a repo: %s", err)
-			ctx.Flash.Error(ctx.Tr("repo.settings.unarchive.error"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-			return
-		}
+	if err := actions_service.CleanRepoScheduleTasks(ctx, repo); err != nil {
+		log.Error("CleanRepoScheduleTasks for archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
+	}
 
-		if ctx.Repo.Repository.UnitEnabled(ctx, unit_model.TypeActions) {
-			if err := actions_service.DetectAndHandleSchedules(ctx, repo); err != nil {
-				log.Error("DetectAndHandleSchedules for un-archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
-			}
-		}
+	// update issue indexer
+	issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
 
-		// update issue indexer
-		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
+	ctx.Flash.Success(ctx.Tr("repo.settings.archive.success"))
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.unarchive.success"))
+	log.Trace("Repository was archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
+
+func handleSettingsPostUnarchive(ctx *context.Context) {
+	repo := ctx.Repo.Repository
+	if !ctx.Repo.IsOwner() {
+		ctx.HTTPError(http.StatusForbidden)
+		return
+	}
 
-		log.Trace("Repository was un-archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	if err := repo_model.SetArchiveRepoState(ctx, repo, false); err != nil {
+		log.Error("Tried to unarchive a repo: %s", err)
+		ctx.Flash.Error(ctx.Tr("repo.settings.unarchive.error"))
 		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
+	}
 
-	case "visibility":
-		if repo.IsFork {
-			ctx.Flash.Error(ctx.Tr("repo.settings.visibility.fork_error"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-			return
+	if ctx.Repo.Repository.UnitEnabled(ctx, unit_model.TypeActions) {
+		if err := actions_service.DetectAndHandleSchedules(ctx, repo); err != nil {
+			log.Error("DetectAndHandleSchedules for un-archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
 		}
+	}
 
-		var err error
+	// update issue indexer
+	issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
 
-		// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
-		if setting.Repository.ForcePrivate && repo.IsPrivate && !ctx.Doer.IsAdmin {
-			ctx.RenderWithErr(ctx.Tr("form.repository_force_private"), tplSettingsOptions, form)
-			return
-		}
+	ctx.Flash.Success(ctx.Tr("repo.settings.unarchive.success"))
 
-		if repo.IsPrivate {
-			err = repo_service.MakeRepoPublic(ctx, repo)
-		} else {
-			err = repo_service.MakeRepoPrivate(ctx, repo)
-		}
+	log.Trace("Repository was un-archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+}
 
-		if err != nil {
-			log.Error("Tried to change the visibility of the repo: %s", err)
-			ctx.Flash.Error(ctx.Tr("repo.settings.visibility.error"))
-			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
-			return
-		}
+func handleSettingsPostVisibility(ctx *context.Context) {
+	form := web.GetForm(ctx).(*forms.RepoSettingForm)
+	repo := ctx.Repo.Repository
+	if repo.IsFork {
+		ctx.Flash.Error(ctx.Tr("repo.settings.visibility.fork_error"))
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
+	}
 
-		ctx.Flash.Success(ctx.Tr("repo.settings.visibility.success"))
+	var err error
 
-		log.Trace("Repository visibility changed: %s/%s", ctx.Repo.Owner.Name, repo.Name)
-		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+	// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
+	if setting.Repository.ForcePrivate && repo.IsPrivate && !ctx.Doer.IsAdmin {
+		ctx.RenderWithErr(ctx.Tr("form.repository_force_private"), tplSettingsOptions, form)
+		return
+	}
 
-	default:
-		ctx.NotFound(nil)
+	if repo.IsPrivate {
+		err = repo_service.MakeRepoPublic(ctx, repo)
+	} else {
+		err = repo_service.MakeRepoPrivate(ctx, repo)
+	}
+
+	if err != nil {
+		log.Error("Tried to change the visibility of the repo: %s", err)
+		ctx.Flash.Error(ctx.Tr("repo.settings.visibility.error"))
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+		return
 	}
+
+	ctx.Flash.Success(ctx.Tr("repo.settings.visibility.success"))
+
+	log.Trace("Repository visibility changed: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+	ctx.Redirect(ctx.Repo.RepoLink + "/settings")
 }
 
 func handleSettingRemoteAddrError(ctx *context.Context, err error, form *forms.RepoSettingForm) {
diff --git a/routers/web/repo/setting/settings_test.go b/routers/web/repo/setting/settings_test.go
index ad33dac514..15ebea888c 100644
--- a/routers/web/repo/setting/settings_test.go
+++ b/routers/web/repo/setting/settings_test.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/contexttest"
@@ -24,23 +25,8 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func createSSHAuthorizedKeysTmpPath(t *testing.T) func() {
-	tmpDir := t.TempDir()
-
-	oldPath := setting.SSH.RootPath
-	setting.SSH.RootPath = tmpDir
-
-	return func() {
-		setting.SSH.RootPath = oldPath
-	}
-}
-
 func TestAddReadOnlyDeployKey(t *testing.T) {
-	if deferable := createSSHAuthorizedKeysTmpPath(t); deferable != nil {
-		defer deferable()
-	} else {
-		return
-	}
+	defer test.MockVariableValue(&setting.SSH.RootPath, t.TempDir())()
 	unittest.PrepareTestEnv(t)
 
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/settings/keys")
@@ -54,7 +40,7 @@ func TestAddReadOnlyDeployKey(t *testing.T) {
 	}
 	web.SetForm(ctx, &addKeyForm)
 	DeployKeysPost(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 
 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{
 		Name:    addKeyForm.Title,
@@ -64,11 +50,7 @@ func TestAddReadOnlyDeployKey(t *testing.T) {
 }
 
 func TestAddReadWriteOnlyDeployKey(t *testing.T) {
-	if deferable := createSSHAuthorizedKeysTmpPath(t); deferable != nil {
-		defer deferable()
-	} else {
-		return
-	}
+	defer test.MockVariableValue(&setting.SSH.RootPath, t.TempDir())()
 
 	unittest.PrepareTestEnv(t)
 
@@ -84,7 +66,7 @@ func TestAddReadWriteOnlyDeployKey(t *testing.T) {
 	}
 	web.SetForm(ctx, &addKeyForm)
 	DeployKeysPost(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 
 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{
 		Name:    addKeyForm.Title,
@@ -121,7 +103,7 @@ func TestCollaborationPost(t *testing.T) {
 
 	CollaborationPost(ctx)
 
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 
 	exists, err := repo_model.IsCollaborator(ctx, re.ID, 4)
 	assert.NoError(t, err)
@@ -147,7 +129,7 @@ func TestCollaborationPost_InactiveUser(t *testing.T) {
 
 	CollaborationPost(ctx)
 
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -179,7 +161,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) {
 
 	CollaborationPost(ctx)
 
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 
 	exists, err := repo_model.IsCollaborator(ctx, re.ID, 4)
 	assert.NoError(t, err)
@@ -188,7 +170,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) {
 	// Try adding the same collaborator again
 	CollaborationPost(ctx)
 
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -210,7 +192,7 @@ func TestCollaborationPost_NonExistentUser(t *testing.T) {
 
 	CollaborationPost(ctx)
 
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -250,7 +232,7 @@ func TestAddTeamPost(t *testing.T) {
 	AddTeamPost(ctx)
 
 	assert.True(t, repo_service.HasRepository(db.DefaultContext, team, re.ID))
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.Empty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -290,7 +272,7 @@ func TestAddTeamPost_NotAllowed(t *testing.T) {
 	AddTeamPost(ctx)
 
 	assert.False(t, repo_service.HasRepository(db.DefaultContext, team, re.ID))
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -331,7 +313,7 @@ func TestAddTeamPost_AddTeamTwice(t *testing.T) {
 
 	AddTeamPost(ctx)
 	assert.True(t, repo_service.HasRepository(db.DefaultContext, team, re.ID))
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
@@ -364,7 +346,7 @@ func TestAddTeamPost_NonExistentTeam(t *testing.T) {
 	ctx.Repo = repo
 
 	AddTeamPost(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
diff --git a/routers/web/repo/setting/webhook.go b/routers/web/repo/setting/webhook.go
index d3151a86a2..f107449749 100644
--- a/routers/web/repo/setting/webhook.go
+++ b/routers/web/repo/setting/webhook.go
@@ -185,6 +185,7 @@ func ParseHookEvent(form forms.WebhookForm) *webhook_module.HookEvent {
 			webhook_module.HookEventRepository:               form.Repository,
 			webhook_module.HookEventPackage:                  form.Package,
 			webhook_module.HookEventStatus:                   form.Status,
+			webhook_module.HookEventWorkflowRun:              form.WorkflowRun,
 			webhook_module.HookEventWorkflowJob:              form.WorkflowJob,
 		},
 		BranchFilter: form.BranchFilter,
@@ -197,7 +198,6 @@ type webhookParams struct {
 
 	URL         string
 	ContentType webhook.HookContentType
-	Secret      string
 	HTTPMethod  string
 	WebhookForm forms.WebhookForm
 	Meta        any
@@ -236,7 +236,7 @@ func createWebhook(ctx *context.Context, params webhookParams) {
 		URL:             params.URL,
 		HTTPMethod:      params.HTTPMethod,
 		ContentType:     params.ContentType,
-		Secret:          params.Secret,
+		Secret:          params.WebhookForm.Secret,
 		HookEvent:       ParseHookEvent(params.WebhookForm),
 		IsActive:        params.WebhookForm.Active,
 		Type:            params.Type,
@@ -289,7 +289,7 @@ func editWebhook(ctx *context.Context, params webhookParams) {
 
 	w.URL = params.URL
 	w.ContentType = params.ContentType
-	w.Secret = params.Secret
+	w.Secret = params.WebhookForm.Secret
 	w.HookEvent = ParseHookEvent(params.WebhookForm)
 	w.IsActive = params.WebhookForm.Active
 	w.HTTPMethod = params.HTTPMethod
@@ -335,7 +335,6 @@ func giteaHookParams(ctx *context.Context) webhookParams {
 		Type:        webhook_module.GITEA,
 		URL:         form.PayloadURL,
 		ContentType: contentType,
-		Secret:      form.Secret,
 		HTTPMethod:  form.HTTPMethod,
 		WebhookForm: form.WebhookForm,
 	}
@@ -363,7 +362,6 @@ func gogsHookParams(ctx *context.Context) webhookParams {
 		Type:        webhook_module.GOGS,
 		URL:         form.PayloadURL,
 		ContentType: contentType,
-		Secret:      form.Secret,
 		WebhookForm: form.WebhookForm,
 	}
 }
diff --git a/routers/web/repo/treelist.go b/routers/web/repo/treelist.go
index ab74741e61..340b2bc091 100644
--- a/routers/web/repo/treelist.go
+++ b/routers/web/repo/treelist.go
@@ -4,10 +4,14 @@
 package repo
 
 import (
+	"html/template"
 	"net/http"
+	"path"
+	"strings"
 
 	pull_model "code.gitea.io/gitea/models/pull"
 	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/gitdiff"
@@ -56,41 +60,94 @@ func isExcludedEntry(entry *git.TreeEntry) bool {
 	return false
 }
 
-type FileDiffFile struct {
-	Name        string
+// WebDiffFileItem is used by frontend, check the field names in frontend before changing
+type WebDiffFileItem struct {
+	FullName    string
+	DisplayName string
 	NameHash    string
-	IsSubmodule bool
+	DiffStatus  string
+	EntryMode   string
 	IsViewed    bool
-	Status      string
+	Children    []*WebDiffFileItem
+	FileIcon    template.HTML
 }
 
-// transformDiffTreeForUI transforms a DiffTree into a slice of FileDiffFile for UI rendering
+// WebDiffFileTree is used by frontend, check the field names in frontend before changing
+type WebDiffFileTree struct {
+	TreeRoot WebDiffFileItem
+}
+
+// transformDiffTreeForWeb transforms a gitdiff.DiffTree into a WebDiffFileTree for Web UI rendering
 // it also takes a map of file names to their viewed state, which is used to mark files as viewed
-func transformDiffTreeForUI(diffTree *gitdiff.DiffTree, filesViewedState map[string]pull_model.ViewedState) []FileDiffFile {
-	files := make([]FileDiffFile, 0, len(diffTree.Files))
+func transformDiffTreeForWeb(renderedIconPool *fileicon.RenderedIconPool, diffTree *gitdiff.DiffTree, filesViewedState map[string]pull_model.ViewedState) (dft WebDiffFileTree) {
+	dirNodes := map[string]*WebDiffFileItem{"": &dft.TreeRoot}
+	addItem := func(item *WebDiffFileItem) {
+		var parentPath string
+		pos := strings.LastIndexByte(item.FullName, '/')
+		if pos == -1 {
+			item.DisplayName = item.FullName
+		} else {
+			parentPath = item.FullName[:pos]
+			item.DisplayName = item.FullName[pos+1:]
+		}
+		parentNode, parentExists := dirNodes[parentPath]
+		if !parentExists {
+			parentNode = &dft.TreeRoot
+			fields := strings.Split(parentPath, "/")
+			for idx, field := range fields {
+				nodePath := strings.Join(fields[:idx+1], "/")
+				node, ok := dirNodes[nodePath]
+				if !ok {
+					node = &WebDiffFileItem{EntryMode: "tree", DisplayName: field, FullName: nodePath}
+					dirNodes[nodePath] = node
+					parentNode.Children = append(parentNode.Children, node)
+				}
+				parentNode = node
+			}
+		}
+		parentNode.Children = append(parentNode.Children, item)
+	}
 
 	for _, file := range diffTree.Files {
-		nameHash := git.HashFilePathForWebUI(file.HeadPath)
-		isSubmodule := file.HeadMode == git.EntryModeCommit
-		isViewed := filesViewedState[file.HeadPath] == pull_model.Viewed
-
-		files = append(files, FileDiffFile{
-			Name:        file.HeadPath,
-			NameHash:    nameHash,
-			IsSubmodule: isSubmodule,
-			IsViewed:    isViewed,
-			Status:      file.Status,
-		})
+		item := &WebDiffFileItem{FullName: file.HeadPath, DiffStatus: file.Status}
+		item.IsViewed = filesViewedState[item.FullName] == pull_model.Viewed
+		item.NameHash = git.HashFilePathForWebUI(item.FullName)
+		item.FileIcon = fileicon.RenderEntryIconHTML(renderedIconPool, &fileicon.EntryInfo{BaseName: path.Base(file.HeadPath), EntryMode: file.HeadMode})
+
+		switch file.HeadMode {
+		case git.EntryModeTree:
+			item.EntryMode = "tree"
+		case git.EntryModeCommit:
+			item.EntryMode = "commit" // submodule
+		default:
+			// default to empty, and will be treated as "blob" file because there is no "symlink" support yet
+		}
+		addItem(item)
 	}
 
-	return files
+	var mergeSingleDir func(node *WebDiffFileItem)
+	mergeSingleDir = func(node *WebDiffFileItem) {
+		if len(node.Children) == 1 {
+			if child := node.Children[0]; child.EntryMode == "tree" {
+				node.FullName = child.FullName
+				node.DisplayName = node.DisplayName + "/" + child.DisplayName
+				node.Children = child.Children
+				mergeSingleDir(node)
+			}
+		}
+	}
+	for _, node := range dft.TreeRoot.Children {
+		mergeSingleDir(node)
+	}
+	return dft
 }
 
 func TreeViewNodes(ctx *context.Context) {
-	results, err := files_service.GetTreeViewNodes(ctx, ctx.Repo.Commit, ctx.Repo.TreePath, ctx.FormString("sub_path"))
+	renderedIconPool := fileicon.NewRenderedIconPool()
+	results, err := files_service.GetTreeViewNodes(ctx, ctx.Repo.RepoLink, renderedIconPool, ctx.Repo.Commit, ctx.Repo.TreePath, ctx.FormString("sub_path"))
 	if err != nil {
 		ctx.ServerError("GetTreeViewNodes", err)
 		return
 	}
-	ctx.JSON(http.StatusOK, map[string]any{"fileTreeNodes": results})
+	ctx.JSON(http.StatusOK, map[string]any{"fileTreeNodes": results, "renderedIconPool": renderedIconPool.IconSVGs})
 }
diff --git a/routers/web/repo/treelist_test.go b/routers/web/repo/treelist_test.go
new file mode 100644
index 0000000000..94ba60661b
--- /dev/null
+++ b/routers/web/repo/treelist_test.go
@@ -0,0 +1,68 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"html/template"
+	"testing"
+
+	pull_model "code.gitea.io/gitea/models/pull"
+	"code.gitea.io/gitea/modules/fileicon"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/services/gitdiff"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestTransformDiffTreeForWeb(t *testing.T) {
+	renderedIconPool := fileicon.NewRenderedIconPool()
+	ret := transformDiffTreeForWeb(renderedIconPool, &gitdiff.DiffTree{Files: []*gitdiff.DiffTreeRecord{
+		{
+			Status:   "changed",
+			HeadPath: "dir-a/dir-a-x/file-deep",
+			HeadMode: git.EntryModeBlob,
+		},
+		{
+			Status:   "added",
+			HeadPath: "file1",
+			HeadMode: git.EntryModeBlob,
+		},
+	}}, map[string]pull_model.ViewedState{
+		"dir-a/dir-a-x/file-deep": pull_model.Viewed,
+	})
+
+	mockIconForFile := func(id string) template.HTML {
+		return template.HTML(`<svg class="svg git-entry-icon octicon-file" width="16" height="16" aria-hidden="true"><use xlink:href="#` + id + `"></use></svg>`)
+	}
+	assert.Equal(t, WebDiffFileTree{
+		TreeRoot: WebDiffFileItem{
+			Children: []*WebDiffFileItem{
+				{
+					EntryMode:   "tree",
+					DisplayName: "dir-a/dir-a-x",
+					FullName:    "dir-a/dir-a-x",
+					Children: []*WebDiffFileItem{
+						{
+							EntryMode:   "",
+							DisplayName: "file-deep",
+							FullName:    "dir-a/dir-a-x/file-deep",
+							NameHash:    "4acf7eef1c943a09e9f754e93ff190db8583236b",
+							DiffStatus:  "changed",
+							IsViewed:    true,
+							FileIcon:    mockIconForFile(`svg-mfi-file`),
+						},
+					},
+				},
+				{
+					EntryMode:   "",
+					DisplayName: "file1",
+					FullName:    "file1",
+					NameHash:    "60b27f004e454aca81b0480209cce5081ec52390",
+					DiffStatus:  "added",
+					FileIcon:    mockIconForFile(`svg-mfi-file`),
+				},
+			},
+		},
+	}, ret)
+}
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 6ed5801d10..e47bc56d08 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -12,6 +12,7 @@ import (
 	"io"
 	"net/http"
 	"net/url"
+	"path"
 	"strings"
 	"time"
 
@@ -29,6 +30,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/charset"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
@@ -58,60 +60,63 @@ const (
 )
 
 type fileInfo struct {
-	isTextFile bool
-	isLFSFile  bool
-	fileSize   int64
-	lfsMeta    *lfs.Pointer
-	st         typesniffer.SniffedType
+	fileSize int64
+	lfsMeta  *lfs.Pointer
+	st       typesniffer.SniffedType
 }
 
-func getFileReader(ctx gocontext.Context, repoID int64, blob *git.Blob) ([]byte, io.ReadCloser, *fileInfo, error) {
-	dataRc, err := blob.DataAsync()
+func (fi *fileInfo) isLFSFile() bool {
+	return fi.lfsMeta != nil && fi.lfsMeta.Oid != ""
+}
+
+func getFileReader(ctx gocontext.Context, repoID int64, blob *git.Blob) (buf []byte, dataRc io.ReadCloser, fi *fileInfo, err error) {
+	dataRc, err = blob.DataAsync()
 	if err != nil {
 		return nil, nil, nil, err
 	}
 
-	buf := make([]byte, 1024)
+	const prefetchSize = lfs.MetaFileMaxSize
+
+	buf = make([]byte, prefetchSize)
 	n, _ := util.ReadAtMost(dataRc, buf)
 	buf = buf[:n]
 
-	st := typesniffer.DetectContentType(buf)
-	isTextFile := st.IsText()
+	fi = &fileInfo{fileSize: blob.Size(), st: typesniffer.DetectContentType(buf)}
 
 	// FIXME: what happens when README file is an image?
-	if !isTextFile || !setting.LFS.StartServer {
-		return buf, dataRc, &fileInfo{isTextFile, false, blob.Size(), nil, st}, nil
+	if !fi.st.IsText() || !setting.LFS.StartServer {
+		return buf, dataRc, fi, nil
 	}
 
 	pointer, _ := lfs.ReadPointerFromBuffer(buf)
-	if !pointer.IsValid() { // fallback to plain file
-		return buf, dataRc, &fileInfo{isTextFile, false, blob.Size(), nil, st}, nil
+	if !pointer.IsValid() { // fallback to a plain file
+		return buf, dataRc, fi, nil
 	}
 
 	meta, err := git_model.GetLFSMetaObjectByOid(ctx, repoID, pointer.Oid)
-	if err != nil { // fallback to plain file
+	if err != nil { // fallback to a plain file
 		log.Warn("Unable to access LFS pointer %s in repo %d: %v", pointer.Oid, repoID, err)
-		return buf, dataRc, &fileInfo{isTextFile, false, blob.Size(), nil, st}, nil
+		return buf, dataRc, fi, nil
 	}
 
-	dataRc.Close()
-
+	// close the old dataRc and open the real LFS target
+	_ = dataRc.Close()
 	dataRc, err = lfs.ReadMetaObject(pointer)
 	if err != nil {
 		return nil, nil, nil, err
 	}
 
-	buf = make([]byte, 1024)
+	buf = make([]byte, prefetchSize)
 	n, err = util.ReadAtMost(dataRc, buf)
 	if err != nil {
-		dataRc.Close()
-		return nil, nil, nil, err
+		_ = dataRc.Close()
+		return nil, nil, fi, err
 	}
 	buf = buf[:n]
-
-	st = typesniffer.DetectContentType(buf)
-
-	return buf, dataRc, &fileInfo{st.IsText(), true, meta.Size, &meta.Pointer, st}, nil
+	fi.st = typesniffer.DetectContentType(buf)
+	fi.fileSize = blob.Size()
+	fi.lfsMeta = &meta.Pointer
+	return buf, dataRc, fi, nil
 }
 
 func loadLatestCommitData(ctx *context.Context, latestCommit *git.Commit) bool {
@@ -130,7 +135,7 @@ func loadLatestCommitData(ctx *context.Context, latestCommit *git.Commit) bool {
 		ctx.Data["LatestCommitVerification"] = verification
 		ctx.Data["LatestCommitUser"] = user_model.ValidateCommitWithEmail(ctx, latestCommit)
 
-		statuses, _, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, latestCommit.ID.String(), db.ListOptionsAll)
+		statuses, err := git_model.GetLatestCommitStatus(ctx, ctx.Repo.Repository.ID, latestCommit.ID.String(), db.ListOptionsAll)
 		if err != nil {
 			log.Error("GetLatestCommitStatus: %v", err)
 		}
@@ -252,6 +257,19 @@ func LastCommit(ctx *context.Context) {
 	ctx.HTML(http.StatusOK, tplRepoViewList)
 }
 
+func prepareDirectoryFileIcons(ctx *context.Context, files []git.CommitInfo) {
+	renderedIconPool := fileicon.NewRenderedIconPool()
+	fileIcons := map[string]template.HTML{}
+	for _, f := range files {
+		fullPath := path.Join(ctx.Repo.TreePath, f.Entry.Name())
+		entryInfo := fileicon.EntryInfoFromGitTreeEntry(ctx.Repo.Commit, fullPath, f.Entry)
+		fileIcons[f.Entry.Name()] = fileicon.RenderEntryIconHTML(renderedIconPool, entryInfo)
+	}
+	fileIcons[".."] = fileicon.RenderEntryIconHTML(renderedIconPool, fileicon.EntryInfoFolder())
+	ctx.Data["FileIcons"] = fileIcons
+	ctx.Data["FileIconPoolHTML"] = renderedIconPool.RenderToHTML()
+}
+
 func renderDirectoryFiles(ctx *context.Context, timeout time.Duration) git.Entries {
 	tree, err := ctx.Repo.Commit.SubTree(ctx.Repo.TreePath)
 	if err != nil {
@@ -287,12 +305,13 @@ func renderDirectoryFiles(ctx *context.Context, timeout time.Duration) git.Entri
 		defer cancel()
 	}
 
-	files, latestCommit, err := allEntries.GetCommitsInfo(commitInfoCtx, ctx.Repo.Commit, ctx.Repo.TreePath)
+	files, latestCommit, err := allEntries.GetCommitsInfo(commitInfoCtx, ctx.Repo.RepoLink, ctx.Repo.Commit, ctx.Repo.TreePath)
 	if err != nil {
 		ctx.ServerError("GetCommitsInfo", err)
 		return nil
 	}
 	ctx.Data["Files"] = files
+	prepareDirectoryFileIcons(ctx, files)
 	for _, f := range files {
 		if f.Commit == nil {
 			ctx.Data["HasFilesWithoutLatestCommit"] = true
@@ -381,9 +400,10 @@ func Forks(ctx *context.Context) {
 	}
 
 	pager := context.NewPagination(int(total), pageSize, page, 5)
+	ctx.Data["ShowRepoOwnerAvatar"] = true
+	ctx.Data["ShowRepoOwnerOnList"] = true
 	ctx.Data["Page"] = pager
-
-	ctx.Data["Forks"] = forks
+	ctx.Data["Repos"] = forks
 
 	ctx.HTML(http.StatusOK, tplForks)
 }
diff --git a/routers/web/repo/view_file.go b/routers/web/repo/view_file.go
index 4ce7a8e3a4..2d5bddd939 100644
--- a/routers/web/repo/view_file.go
+++ b/routers/web/repo/view_file.go
@@ -18,44 +18,165 @@ import (
 	"code.gitea.io/gitea/modules/actions"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/highlight"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/typesniffer"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 	issue_service "code.gitea.io/gitea/services/issue"
-	files_service "code.gitea.io/gitea/services/repository/files"
 
 	"github.com/nektos/act/pkg/model"
 )
 
-func prepareToRenderFile(ctx *context.Context, entry *git.TreeEntry) {
-	ctx.Data["IsViewFile"] = true
-	ctx.Data["HideRepoInfo"] = true
-	blob := entry.Blob()
-	buf, dataRc, fInfo, err := getFileReader(ctx, ctx.Repo.Repository.ID, blob)
+func prepareLatestCommitInfo(ctx *context.Context) bool {
+	commit, err := ctx.Repo.Commit.GetCommitByPath(ctx.Repo.TreePath)
 	if err != nil {
-		ctx.ServerError("getFileReader", err)
-		return
+		ctx.ServerError("GetCommitByPath", err)
+		return false
 	}
-	defer dataRc.Close()
 
-	ctx.Data["Title"] = ctx.Tr("repo.file.title", ctx.Repo.Repository.Name+"/"+path.Base(ctx.Repo.TreePath), ctx.Repo.RefFullName.ShortName())
-	ctx.Data["FileIsSymlink"] = entry.IsLink()
-	ctx.Data["FileName"] = blob.Name()
-	ctx.Data["RawFileLink"] = ctx.Repo.RepoLink + "/raw/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(ctx.Repo.TreePath)
+	return loadLatestCommitData(ctx, commit)
+}
 
-	commit, err := ctx.Repo.Commit.GetCommitByPath(ctx.Repo.TreePath)
+func prepareFileViewLfsAttrs(ctx *context.Context) (*attribute.Attributes, bool) {
+	attrsMap, err := attribute.CheckAttributes(ctx, ctx.Repo.GitRepo, ctx.Repo.CommitID, attribute.CheckAttributeOpts{
+		Filenames:  []string{ctx.Repo.TreePath},
+		Attributes: []string{attribute.LinguistGenerated, attribute.LinguistVendored, attribute.LinguistLanguage, attribute.GitlabLanguage},
+	})
 	if err != nil {
-		ctx.ServerError("GetCommitByPath", err)
-		return
+		ctx.ServerError("attribute.CheckAttributes", err)
+		return nil, false
+	}
+	attrs := attrsMap[ctx.Repo.TreePath]
+	if attrs == nil {
+		// this case shouldn't happen, just in case.
+		setting.PanicInDevOrTesting("no attributes found for %s", ctx.Repo.TreePath)
+		attrs = attribute.NewAttributes()
+	}
+	ctx.Data["IsVendored"], ctx.Data["IsGenerated"] = attrs.GetVendored().Value(), attrs.GetGenerated().Value()
+	return attrs, true
+}
+
+func handleFileViewRenderMarkup(ctx *context.Context, filename string, sniffedType typesniffer.SniffedType, prefetchBuf []byte, utf8Reader io.Reader) bool {
+	markupType := markup.DetectMarkupTypeByFileName(filename)
+	if markupType == "" {
+		markupType = markup.DetectRendererType(filename, sniffedType, prefetchBuf)
+	}
+	if markupType == "" {
+		return false
+	}
+
+	ctx.Data["HasSourceRenderedToggle"] = true
+
+	if ctx.FormString("display") == "source" {
+		return false
+	}
+
+	ctx.Data["MarkupType"] = markupType
+	metas := ctx.Repo.Repository.ComposeRepoFileMetas(ctx)
+	metas["RefTypeNameSubURL"] = ctx.Repo.RefTypeNameSubURL()
+	rctx := renderhelper.NewRenderContextRepoFile(ctx, ctx.Repo.Repository, renderhelper.RepoFileOptions{
+		CurrentRefPath:  ctx.Repo.RefTypeNameSubURL(),
+		CurrentTreePath: path.Dir(ctx.Repo.TreePath),
+	}).
+		WithMarkupType(markupType).
+		WithRelativePath(ctx.Repo.TreePath).
+		WithMetas(metas)
+
+	var err error
+	ctx.Data["EscapeStatus"], ctx.Data["FileContent"], err = markupRender(ctx, rctx, utf8Reader)
+	if err != nil {
+		ctx.ServerError("Render", err)
+		return true
+	}
+	// to prevent iframe from loading third-party url
+	ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'")
+	return true
+}
+
+func handleFileViewRenderSource(ctx *context.Context, filename string, attrs *attribute.Attributes, fInfo *fileInfo, utf8Reader io.Reader) bool {
+	if ctx.FormString("display") == "rendered" || !fInfo.st.IsRepresentableAsText() {
+		return false
+	}
+
+	if !fInfo.st.IsText() {
+		if ctx.FormString("display") == "" {
+			// not text but representable as text, e.g. SVG
+			// since there is no "display" is specified, let other renders to handle
+			return false
+		}
+		ctx.Data["HasSourceRenderedToggle"] = true
+	}
+
+	buf, _ := io.ReadAll(utf8Reader)
+	// The Open Group Base Specification: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html
+	//   empty: 0 lines; "a": 1 incomplete-line; "a\n": 1 line; "a\nb": 1 line, 1 incomplete-line;
+	// Gitea uses the definition (like most modern editors):
+	//   empty: 0 lines; "a": 1 line; "a\n": 2 lines; "a\nb": 2 lines;
+	//   When rendering, the last empty line is not rendered in UI, while the line-number is still counted, to tell users that the file contains a trailing EOL.
+	//   To make the UI more consistent, it could use an icon mark to indicate that there is no trailing EOL, and show line-number as the rendered lines.
+	// This NumLines is only used for the display on the UI: "xxx lines"
+	if len(buf) == 0 {
+		ctx.Data["NumLines"] = 0
+	} else {
+		ctx.Data["NumLines"] = bytes.Count(buf, []byte{'\n'}) + 1
+	}
+
+	language := attrs.GetLanguage().Value()
+	fileContent, lexerName, err := highlight.File(filename, language, buf)
+	ctx.Data["LexerName"] = lexerName
+	if err != nil {
+		log.Error("highlight.File failed, fallback to plain text: %v", err)
+		fileContent = highlight.PlainText(buf)
+	}
+	status := &charset.EscapeStatus{}
+	statuses := make([]*charset.EscapeStatus, len(fileContent))
+	for i, line := range fileContent {
+		statuses[i], fileContent[i] = charset.EscapeControlHTML(line, ctx.Locale)
+		status = status.Or(statuses[i])
 	}
+	ctx.Data["EscapeStatus"] = status
+	ctx.Data["FileContent"] = fileContent
+	ctx.Data["LineEscapeStatus"] = statuses
+	return true
+}
+
+func handleFileViewRenderImage(ctx *context.Context, fInfo *fileInfo, prefetchBuf []byte) bool {
+	if !fInfo.st.IsImage() {
+		return false
+	}
+	if fInfo.st.IsSvgImage() && !setting.UI.SVG.Enabled {
+		return false
+	}
+	if fInfo.st.IsSvgImage() {
+		ctx.Data["HasSourceRenderedToggle"] = true
+	} else {
+		img, _, err := image.DecodeConfig(bytes.NewReader(prefetchBuf))
+		if err == nil { // ignore the error for the formats that are not supported by image.DecodeConfig
+			ctx.Data["ImageSize"] = fmt.Sprintf("%dx%dpx", img.Width, img.Height)
+		}
+	}
+	return true
+}
 
-	if !loadLatestCommitData(ctx, commit) {
+func prepareFileView(ctx *context.Context, entry *git.TreeEntry) {
+	ctx.Data["IsViewFile"] = true
+	ctx.Data["HideRepoInfo"] = true
+
+	if !prepareLatestCommitInfo(ctx) {
 		return
 	}
 
+	blob := entry.Blob()
+
+	ctx.Data["Title"] = ctx.Tr("repo.file.title", ctx.Repo.Repository.Name+"/"+path.Base(ctx.Repo.TreePath), ctx.Repo.RefFullName.ShortName())
+	ctx.Data["FileIsSymlink"] = entry.IsLink()
+	ctx.Data["FileTreePath"] = ctx.Repo.TreePath
+	ctx.Data["RawFileLink"] = ctx.Repo.RepoLink + "/raw/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(ctx.Repo.TreePath)
+
 	if ctx.Repo.TreePath == ".editorconfig" {
 		_, editorconfigWarning, editorconfigErr := ctx.Repo.GetEditorconfig(ctx.Repo.Commit)
 		if editorconfigWarning != nil {
@@ -87,226 +208,103 @@ func prepareToRenderFile(ctx *context.Context, entry *git.TreeEntry) {
 		}
 	}
 
-	isDisplayingSource := ctx.FormString("display") == "source"
-	isDisplayingRendered := !isDisplayingSource
+	// Don't call any other repository functions depends on git.Repository until the dataRc closed to
+	// avoid creating an unnecessary temporary cat file.
+	buf, dataRc, fInfo, err := getFileReader(ctx, ctx.Repo.Repository.ID, blob)
+	if err != nil {
+		ctx.ServerError("getFileReader", err)
+		return
+	}
+	defer dataRc.Close()
 
-	if fInfo.isLFSFile {
+	if fInfo.isLFSFile() {
 		ctx.Data["RawFileLink"] = ctx.Repo.RepoLink + "/media/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(ctx.Repo.TreePath)
 	}
 
-	isRepresentableAsText := fInfo.st.IsRepresentableAsText()
-	if !isRepresentableAsText {
-		// If we can't show plain text, always try to render.
-		isDisplayingSource = false
-		isDisplayingRendered = true
+	if !prepareFileViewEditorButtons(ctx) {
+		return
 	}
-	ctx.Data["IsLFSFile"] = fInfo.isLFSFile
+
+	ctx.Data["IsLFSFile"] = fInfo.isLFSFile()
 	ctx.Data["FileSize"] = fInfo.fileSize
-	ctx.Data["IsTextFile"] = fInfo.isTextFile
-	ctx.Data["IsRepresentableAsText"] = isRepresentableAsText
-	ctx.Data["IsDisplayingSource"] = isDisplayingSource
-	ctx.Data["IsDisplayingRendered"] = isDisplayingRendered
+	ctx.Data["IsRepresentableAsText"] = fInfo.st.IsRepresentableAsText()
 	ctx.Data["IsExecutable"] = entry.IsExecutable()
+	ctx.Data["CanCopyContent"] = fInfo.st.IsRepresentableAsText() || fInfo.st.IsImage()
 
-	isTextSource := fInfo.isTextFile || isDisplayingSource
-	ctx.Data["IsTextSource"] = isTextSource
-	if isTextSource {
-		ctx.Data["CanCopyContent"] = true
-	}
-
-	// Check LFS Lock
-	lfsLock, err := git_model.GetTreePathLock(ctx, ctx.Repo.Repository.ID, ctx.Repo.TreePath)
-	ctx.Data["LFSLock"] = lfsLock
-	if err != nil {
-		ctx.ServerError("GetTreePathLock", err)
+	attrs, ok := prepareFileViewLfsAttrs(ctx)
+	if !ok {
 		return
 	}
-	if lfsLock != nil {
-		u, err := user_model.GetUserByID(ctx, lfsLock.OwnerID)
-		if err != nil {
-			ctx.ServerError("GetTreePathLock", err)
-			return
-		}
-		ctx.Data["LFSLockOwner"] = u.Name
-		ctx.Data["LFSLockOwnerHomeLink"] = u.HomeLink()
-		ctx.Data["LFSLockHint"] = ctx.Tr("repo.editor.this_file_locked")
-	}
 
-	// Assume file is not editable first.
-	if fInfo.isLFSFile {
-		ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.cannot_edit_lfs_files")
-	} else if !isRepresentableAsText {
-		ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.cannot_edit_non_text_files")
-	}
+	// TODO: in the future maybe we need more accurate flags, for example:
+	// * IsRepresentableAsText: some files are text, some are not
+	// * IsRenderableXxx: some files are rendered by backend "markup" engine, some are rendered by frontend (pdf, 3d)
+	// * DefaultViewMode: when there is no "display" query parameter, which view mode should be used by default, source or rendered
 
+	utf8Reader := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
 	switch {
-	case isRepresentableAsText:
-		if fInfo.fileSize >= setting.UI.MaxDisplayFileSize {
-			ctx.Data["IsFileTooLarge"] = true
-			break
-		}
-
-		if fInfo.st.IsSvgImage() {
-			ctx.Data["IsImageFile"] = true
-			ctx.Data["CanCopyContent"] = true
-			ctx.Data["HasSourceRenderedToggle"] = true
-		}
-
-		rd := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
-
-		shouldRenderSource := ctx.FormString("display") == "source"
-		readmeExist := util.IsReadmeFileName(blob.Name())
-		ctx.Data["ReadmeExist"] = readmeExist
-
-		markupType := markup.DetectMarkupTypeByFileName(blob.Name())
-		if markupType == "" {
-			markupType = markup.DetectRendererType(blob.Name(), bytes.NewReader(buf))
-		}
-		if markupType != "" {
-			ctx.Data["HasSourceRenderedToggle"] = true
-		}
-		if markupType != "" && !shouldRenderSource {
-			ctx.Data["IsMarkup"] = true
-			ctx.Data["MarkupType"] = markupType
-			metas := ctx.Repo.Repository.ComposeDocumentMetas(ctx)
-			metas["RefTypeNameSubURL"] = ctx.Repo.RefTypeNameSubURL()
-			rctx := renderhelper.NewRenderContextRepoFile(ctx, ctx.Repo.Repository, renderhelper.RepoFileOptions{
-				CurrentRefPath:  ctx.Repo.RefTypeNameSubURL(),
-				CurrentTreePath: path.Dir(ctx.Repo.TreePath),
-			}).
-				WithMarkupType(markupType).
-				WithRelativePath(ctx.Repo.TreePath).
-				WithMetas(metas)
-
-			ctx.Data["EscapeStatus"], ctx.Data["FileContent"], err = markupRender(ctx, rctx, rd)
-			if err != nil {
-				ctx.ServerError("Render", err)
-				return
-			}
-			// to prevent iframe load third-party url
-			ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'")
-		} else {
-			buf, _ := io.ReadAll(rd)
-
-			// The Open Group Base Specification: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html
-			//   empty: 0 lines; "a": 1 incomplete-line; "a\n": 1 line; "a\nb": 1 line, 1 incomplete-line;
-			// Gitea uses the definition (like most modern editors):
-			//   empty: 0 lines; "a": 1 line; "a\n": 2 lines; "a\nb": 2 lines;
-			//   When rendering, the last empty line is not rendered in UI, while the line-number is still counted, to tell users that the file contains a trailing EOL.
-			//   To make the UI more consistent, it could use an icon mark to indicate that there is no trailing EOL, and show line-number as the rendered lines.
-			// This NumLines is only used for the display on the UI: "xxx lines"
-			if len(buf) == 0 {
-				ctx.Data["NumLines"] = 0
-			} else {
-				ctx.Data["NumLines"] = bytes.Count(buf, []byte{'\n'}) + 1
-			}
-
-			language, err := files_service.TryGetContentLanguage(ctx.Repo.GitRepo, ctx.Repo.CommitID, ctx.Repo.TreePath)
-			if err != nil {
-				log.Error("Unable to get file language for %-v:%s. Error: %v", ctx.Repo.Repository, ctx.Repo.TreePath, err)
-			}
-
-			fileContent, lexerName, err := highlight.File(blob.Name(), language, buf)
-			ctx.Data["LexerName"] = lexerName
-			if err != nil {
-				log.Error("highlight.File failed, fallback to plain text: %v", err)
-				fileContent = highlight.PlainText(buf)
-			}
-			status := &charset.EscapeStatus{}
-			statuses := make([]*charset.EscapeStatus, len(fileContent))
-			for i, line := range fileContent {
-				statuses[i], fileContent[i] = charset.EscapeControlHTML(line, ctx.Locale)
-				status = status.Or(statuses[i])
-			}
-			ctx.Data["EscapeStatus"] = status
-			ctx.Data["FileContent"] = fileContent
-			ctx.Data["LineEscapeStatus"] = statuses
-		}
-		if !fInfo.isLFSFile {
-			if ctx.Repo.CanEnableEditor(ctx, ctx.Doer) {
-				if lfsLock != nil && lfsLock.OwnerID != ctx.Doer.ID {
-					ctx.Data["CanEditFile"] = false
-					ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.this_file_locked")
-				} else {
-					ctx.Data["CanEditFile"] = true
-					ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.edit_this_file")
-				}
-			} else if !ctx.Repo.RefFullName.IsBranch() {
-				ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.must_be_on_a_branch")
-			} else if !ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, ctx.Repo.BranchName) {
-				ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.fork_before_edit")
-			}
-		}
-
-	case fInfo.st.IsPDF():
-		ctx.Data["IsPDFFile"] = true
+	case fInfo.fileSize >= setting.UI.MaxDisplayFileSize:
+		ctx.Data["IsFileTooLarge"] = true
+	case handleFileViewRenderMarkup(ctx, entry.Name(), fInfo.st, buf, utf8Reader):
+		// it also sets ctx.Data["FileContent"] and more
+		ctx.Data["IsMarkup"] = true
+	case handleFileViewRenderSource(ctx, entry.Name(), attrs, fInfo, utf8Reader):
+		// it also sets ctx.Data["FileContent"] and more
+		ctx.Data["IsDisplayingSource"] = true
+	case handleFileViewRenderImage(ctx, fInfo, buf):
+		ctx.Data["IsImageFile"] = true
 	case fInfo.st.IsVideo():
 		ctx.Data["IsVideoFile"] = true
 	case fInfo.st.IsAudio():
 		ctx.Data["IsAudioFile"] = true
-	case fInfo.st.IsImage() && (setting.UI.SVG.Enabled || !fInfo.st.IsSvgImage()):
-		ctx.Data["IsImageFile"] = true
-		ctx.Data["CanCopyContent"] = true
 	default:
-		if fInfo.fileSize >= setting.UI.MaxDisplayFileSize {
-			ctx.Data["IsFileTooLarge"] = true
-			break
-		}
+		// unable to render anything, show the "view raw" or let frontend handle it
+	}
+}
 
-		// TODO: this logic duplicates with "isRepresentableAsText=true", it is not the same as "LFSFileGet" in "lfs.go"
-		// It is used by "external renders", markupRender will execute external programs to get rendered content.
-		if markupType := markup.DetectMarkupTypeByFileName(blob.Name()); markupType != "" {
-			rd := io.MultiReader(bytes.NewReader(buf), dataRc)
-			ctx.Data["IsMarkup"] = true
-			ctx.Data["MarkupType"] = markupType
-
-			rctx := renderhelper.NewRenderContextRepoFile(ctx, ctx.Repo.Repository, renderhelper.RepoFileOptions{
-				CurrentRefPath:  ctx.Repo.RefTypeNameSubURL(),
-				CurrentTreePath: path.Dir(ctx.Repo.TreePath),
-			}).
-				WithMarkupType(markupType).
-				WithRelativePath(ctx.Repo.TreePath)
-
-			ctx.Data["EscapeStatus"], ctx.Data["FileContent"], err = markupRender(ctx, rctx, rd)
-			if err != nil {
-				ctx.ServerError("Render", err)
-				return
-			}
-		}
+func prepareFileViewEditorButtons(ctx *context.Context) bool {
+	// archived or mirror repository, the buttons should not be shown
+	if !ctx.Repo.Repository.CanEnableEditor() {
+		return true
 	}
 
-	if ctx.Repo.GitRepo != nil {
-		checker, deferable := ctx.Repo.GitRepo.CheckAttributeReader(ctx.Repo.CommitID)
-		if checker != nil {
-			defer deferable()
-			attrs, err := checker.CheckPath(ctx.Repo.TreePath)
-			if err == nil {
-				ctx.Data["IsVendored"] = git.AttributeToBool(attrs, git.AttributeLinguistVendored).Value()
-				ctx.Data["IsGenerated"] = git.AttributeToBool(attrs, git.AttributeLinguistGenerated).Value()
-			}
-		}
+	// The buttons should not be shown if it's not a branch
+	if !ctx.Repo.RefFullName.IsBranch() {
+		ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.must_be_on_a_branch")
+		ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.must_be_on_a_branch")
+		return true
 	}
 
-	if fInfo.st.IsImage() && !fInfo.st.IsSvgImage() {
-		img, _, err := image.DecodeConfig(bytes.NewReader(buf))
-		if err == nil {
-			// There are Image formats go can't decode
-			// Instead of throwing an error in that case, we show the size only when we can decode
-			ctx.Data["ImageSize"] = fmt.Sprintf("%dx%dpx", img.Width, img.Height)
-		}
+	if !ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, ctx.Repo.BranchName) {
+		ctx.Data["CanEditFile"] = true
+		ctx.Data["EditFileTooltip"] = ctx.Tr("repo.editor.fork_before_edit")
+		ctx.Data["CanDeleteFile"] = true
+		ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.must_have_write_access")
+		return true
 	}
 
-	if ctx.Repo.CanEnableEditor(ctx, ctx.Doer) {
-		if lfsLock != nil && lfsLock.OwnerID != ctx.Doer.ID {
-			ctx.Data["CanDeleteFile"] = false
-			ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.this_file_locked")
-		} else {
-			ctx.Data["CanDeleteFile"] = true
-			ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.delete_this_file")
+	lfsLock, err := git_model.GetTreePathLock(ctx, ctx.Repo.Repository.ID, ctx.Repo.TreePath)
+	ctx.Data["LFSLock"] = lfsLock
+	if err != nil {
+		ctx.ServerError("GetTreePathLock", err)
+		return false
+	}
+	if lfsLock != nil {
+		u, err := user_model.GetUserByID(ctx, lfsLock.OwnerID)
+		if err != nil {
+			ctx.ServerError("GetTreePathLock", err)
+			return false
 		}
-	} else if !ctx.Repo.RefFullName.IsBranch() {
-		ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.must_be_on_a_branch")
-	} else if !ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, ctx.Repo.BranchName) {
-		ctx.Data["DeleteFileTooltip"] = ctx.Tr("repo.editor.must_have_write_access")
+		ctx.Data["LFSLockOwner"] = u.Name
+		ctx.Data["LFSLockOwnerHomeLink"] = u.HomeLink()
+		ctx.Data["LFSLockHint"] = ctx.Tr("repo.editor.this_file_locked")
 	}
+
+	// it's a lfs file and the user is not the owner of the lock
+	isLFSLocked := lfsLock != nil && lfsLock.OwnerID != ctx.Doer.ID
+	ctx.Data["CanEditFile"] = !isLFSLocked
+	ctx.Data["EditFileTooltip"] = util.Iif(isLFSLocked, ctx.Tr("repo.editor.this_file_locked"), ctx.Tr("repo.editor.edit_this_file"))
+	ctx.Data["CanDeleteFile"] = !isLFSLocked
+	ctx.Data["DeleteFileTooltip"] = util.Iif(isLFSLocked, ctx.Tr("repo.editor.this_file_locked"), ctx.Tr("repo.editor.delete_this_file"))
+	return true
 }
diff --git a/routers/web/repo/view_home.go b/routers/web/repo/view_home.go
index d538406035..f475e93f60 100644
--- a/routers/web/repo/view_home.go
+++ b/routers/web/repo/view_home.go
@@ -15,11 +15,13 @@ import (
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
-	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
 	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/htmlutil"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
@@ -76,7 +78,7 @@ func prepareOpenWithEditorApps(ctx *context.Context) {
 		schema, _, _ := strings.Cut(app.OpenURL, ":")
 		var iconHTML template.HTML
 		if schema == "vscode" || schema == "vscodium" || schema == "jetbrains" {
-			iconHTML = svg.RenderHTML(fmt.Sprintf("gitea-%s", schema), 16)
+			iconHTML = svg.RenderHTML("gitea-"+schema, 16)
 		} else {
 			iconHTML = svg.RenderHTML("gitea-git", 16) // TODO: it could support user's customized icon in the future
 		}
@@ -140,7 +142,7 @@ func prepareToRenderDirectory(ctx *context.Context) {
 		ctx.Data["Title"] = ctx.Tr("repo.file.title", ctx.Repo.Repository.Name+"/"+path.Base(ctx.Repo.TreePath), ctx.Repo.RefFullName.ShortName())
 	}
 
-	subfolder, readmeFile, err := findReadmeFileInEntries(ctx, entries, true)
+	subfolder, readmeFile, err := findReadmeFileInEntries(ctx, ctx.Repo.TreePath, entries, true)
 	if err != nil {
 		ctx.ServerError("findReadmeFileInEntries", err)
 		return
@@ -193,56 +195,6 @@ func prepareUpstreamDivergingInfo(ctx *context.Context) {
 	ctx.Data["UpstreamDivergingInfo"] = upstreamDivergingInfo
 }
 
-func prepareRecentlyPushedNewBranches(ctx *context.Context) {
-	if ctx.Doer != nil {
-		if err := ctx.Repo.Repository.GetBaseRepo(ctx); err != nil {
-			ctx.ServerError("GetBaseRepo", err)
-			return
-		}
-
-		opts := &git_model.FindRecentlyPushedNewBranchesOptions{
-			Repo:     ctx.Repo.Repository,
-			BaseRepo: ctx.Repo.Repository,
-		}
-		if ctx.Repo.Repository.IsFork {
-			opts.BaseRepo = ctx.Repo.Repository.BaseRepo
-		}
-
-		baseRepoPerm, err := access_model.GetUserRepoPermission(ctx, opts.BaseRepo, ctx.Doer)
-		if err != nil {
-			ctx.ServerError("GetUserRepoPermission", err)
-			return
-		}
-
-		if !opts.Repo.IsMirror && !opts.BaseRepo.IsMirror &&
-			opts.BaseRepo.UnitEnabled(ctx, unit_model.TypePullRequests) &&
-			baseRepoPerm.CanRead(unit_model.TypePullRequests) {
-			var finalBranches []*git_model.RecentlyPushedNewBranch
-			branches, err := git_model.FindRecentlyPushedNewBranches(ctx, ctx.Doer, opts)
-			if err != nil {
-				log.Error("FindRecentlyPushedNewBranches failed: %v", err)
-			}
-
-			for _, branch := range branches {
-				divergingInfo, err := repo_service.GetBranchDivergingInfo(ctx,
-					branch.BranchRepo, branch.BranchName, // "base" repo for diverging info
-					opts.BaseRepo, opts.BaseRepo.DefaultBranch, // "head" repo for diverging info
-				)
-				if err != nil {
-					log.Error("GetBranchDivergingInfo failed: %v", err)
-					continue
-				}
-				branchRepoHasNewCommits := divergingInfo.BaseHasNewCommits
-				baseRepoCommitsBehind := divergingInfo.HeadCommitsBehind
-				if branchRepoHasNewCommits || baseRepoCommitsBehind > 0 {
-					finalBranches = append(finalBranches, branch)
-				}
-			}
-			ctx.Data["RecentlyPushedNewBranches"] = finalBranches
-		}
-	}
-}
-
 func updateContextRepoEmptyAndStatus(ctx *context.Context, empty bool, status repo_model.RepositoryStatus) {
 	if ctx.Repo.Repository.IsEmpty == empty && ctx.Repo.Repository.Status == status {
 		return
@@ -259,6 +211,10 @@ func updateContextRepoEmptyAndStatus(ctx *context.Context, empty bool, status re
 
 func handleRepoEmptyOrBroken(ctx *context.Context) {
 	showEmpty := true
+	if ctx.Repo.GitRepo == nil {
+		// in case the repo really exists and works, but the status was incorrectly marked as "broken", we need to open and check it again
+		ctx.Repo.GitRepo, _ = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
+	}
 	if ctx.Repo.GitRepo != nil {
 		reallyEmpty, err := ctx.Repo.GitRepo.IsEmpty()
 		if err != nil {
@@ -269,7 +225,7 @@ func handleRepoEmptyOrBroken(ctx *context.Context) {
 		} else if reallyEmpty {
 			showEmpty = true // the repo is really empty
 			updateContextRepoEmptyAndStatus(ctx, true, repo_model.RepositoryReady)
-		} else if branches, _, _ := ctx.Repo.GitRepo.GetBranches(0, 1); len(branches) == 0 {
+		} else if branches, _, _ := ctx.Repo.GitRepo.GetBranchNames(0, 1); len(branches) == 0 {
 			showEmpty = true // it is not really empty, but there is no branch
 			// at the moment, other repo units like "actions" are not able to handle such case,
 			// so we just mark the repo as empty to prevent from displaying these units.
@@ -302,12 +258,44 @@ func handleRepoEmptyOrBroken(ctx *context.Context) {
 	ctx.Redirect(link)
 }
 
+func isViewHomeOnlyContent(ctx *context.Context) bool {
+	return ctx.FormBool("only_content")
+}
+
+func handleRepoViewSubmodule(ctx *context.Context, commitSubmoduleFile *git.CommitSubmoduleFile) {
+	submoduleWebLink := commitSubmoduleFile.SubmoduleWebLinkTree(ctx)
+	if submoduleWebLink == nil {
+		ctx.Data["NotFoundPrompt"] = ctx.Repo.TreePath
+		ctx.NotFound(nil)
+		return
+	}
+
+	redirectLink := submoduleWebLink.CommitWebLink
+	if isViewHomeOnlyContent(ctx) {
+		ctx.Resp.Header().Set("Content-Type", "text/html; charset=utf-8")
+		_, _ = ctx.Resp.Write([]byte(htmlutil.HTMLFormat(`<a href="%s">%s</a>`, redirectLink, redirectLink)))
+	} else if !httplib.IsCurrentGiteaSiteURL(ctx, redirectLink) {
+		// don't auto-redirect to external URL, to avoid open redirect or phishing
+		ctx.Data["NotFoundPrompt"] = redirectLink
+		ctx.NotFound(nil)
+	} else {
+		ctx.Redirect(submoduleWebLink.CommitWebLink)
+	}
+}
+
 func prepareToRenderDirOrFile(entry *git.TreeEntry) func(ctx *context.Context) {
 	return func(ctx *context.Context) {
-		if entry.IsDir() {
+		if entry.IsSubModule() {
+			commitSubmoduleFile, err := git.GetCommitInfoSubmoduleFile(ctx.Repo.RepoLink, ctx.Repo.TreePath, ctx.Repo.Commit, entry.ID)
+			if err != nil {
+				HandleGitError(ctx, "prepareToRenderDirOrFile: GetCommitInfoSubmoduleFile", err)
+				return
+			}
+			handleRepoViewSubmodule(ctx, commitSubmoduleFile)
+		} else if entry.IsDir() {
 			prepareToRenderDirectory(ctx)
 		} else {
-			prepareToRenderFile(ctx, entry)
+			prepareFileView(ctx, entry)
 		}
 	}
 }
@@ -343,11 +331,39 @@ func prepareHomeTreeSideBarSwitch(ctx *context.Context) {
 	ctx.Data["UserSettingCodeViewShowFileTree"] = showFileTree
 }
 
+func redirectSrcToRaw(ctx *context.Context) bool {
+	// GitHub redirects a tree path with "?raw=1" to the raw path
+	// It is useful to embed some raw contents into Markdown files,
+	// then viewing the Markdown in "src" path could embed the raw content correctly.
+	if ctx.Repo.TreePath != "" && ctx.FormBool("raw") {
+		ctx.Redirect(ctx.Repo.RepoLink + "/raw/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(ctx.Repo.TreePath))
+		return true
+	}
+	return false
+}
+
+func redirectFollowSymlink(ctx *context.Context, treePathEntry *git.TreeEntry) bool {
+	if ctx.Repo.TreePath == "" || !ctx.FormBool("follow_symlink") {
+		return false
+	}
+	if treePathEntry.IsLink() {
+		if res, err := git.EntryFollowLinks(ctx.Repo.Commit, ctx.Repo.TreePath, treePathEntry); err == nil {
+			redirect := ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL() + "/" + util.PathEscapeSegments(res.TargetFullPath) + "?" + ctx.Req.URL.RawQuery
+			ctx.Redirect(redirect)
+			return true
+		} // else: don't handle the links we cannot resolve, so ignore the error
+	}
+	return false
+}
+
 // Home render repository home page
 func Home(ctx *context.Context) {
 	if handleRepoHomeFeed(ctx) {
 		return
 	}
+	if redirectSrcToRaw(ctx) {
+		return
+	}
 
 	// Check whether the repo is viewable: not in migration, and the code unit should be enabled
 	// Ideally the "feed" logic should be after this, but old code did so, so keep it as-is.
@@ -356,10 +372,8 @@ func Home(ctx *context.Context) {
 		return
 	}
 
-	prepareHomeTreeSideBarSwitch(ctx)
-
 	title := ctx.Repo.Repository.Owner.Name + "/" + ctx.Repo.Repository.Name
-	if len(ctx.Repo.Repository.Description) > 0 {
+	if ctx.Repo.Repository.Description != "" {
 		title += ": " + ctx.Repo.Repository.Description
 	}
 	ctx.Data["Title"] = title
@@ -372,6 +386,8 @@ func Home(ctx *context.Context) {
 		return
 	}
 
+	prepareHomeTreeSideBarSwitch(ctx)
+
 	// get the current git entry which doer user is currently looking at.
 	entry, err := ctx.Repo.Commit.GetTreeEntryByPath(ctx.Repo.TreePath)
 	if err != nil {
@@ -379,6 +395,10 @@ func Home(ctx *context.Context) {
 		return
 	}
 
+	if redirectFollowSymlink(ctx, entry) {
+		return
+	}
+
 	// prepare the tree path
 	var treeNames, paths []string
 	branchLink := ctx.Repo.RepoLink + "/src/" + ctx.Repo.RefTypeNameSubURL()
@@ -427,7 +447,7 @@ func Home(ctx *context.Context) {
 		}
 	}
 
-	if ctx.FormBool("only_content") {
+	if isViewHomeOnlyContent(ctx) {
 		ctx.HTML(http.StatusOK, tplRepoViewContent)
 	} else if len(treeNames) != 0 {
 		ctx.HTML(http.StatusOK, tplRepoView)
diff --git a/routers/web/repo/view_home_test.go b/routers/web/repo/view_home_test.go
new file mode 100644
index 0000000000..dd74ae560b
--- /dev/null
+++ b/routers/web/repo/view_home_test.go
@@ -0,0 +1,37 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+	"testing"
+
+	"code.gitea.io/gitea/models/unittest"
+	git_module "code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/services/contexttest"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestViewHomeSubmoduleRedirect(t *testing.T) {
+	unittest.PrepareTestEnv(t)
+
+	ctx, _ := contexttest.MockContext(t, "/user2/repo1/src/branch/master/test-submodule")
+	submodule := git_module.NewCommitSubmoduleFile("/user2/repo1", "test-submodule", "../repo-other", "any-ref-id")
+	handleRepoViewSubmodule(ctx, submodule)
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, "/user2/repo-other/tree/any-ref-id", ctx.Resp.Header().Get("Location"))
+
+	ctx, _ = contexttest.MockContext(t, "/user2/repo1/src/branch/master/test-submodule")
+	submodule = git_module.NewCommitSubmoduleFile("/user2/repo1", "test-submodule", "https://other/user2/repo-other.git", "any-ref-id")
+	handleRepoViewSubmodule(ctx, submodule)
+	// do not auto-redirect for external URLs, to avoid open redirect or phishing
+	assert.Equal(t, http.StatusNotFound, ctx.Resp.WrittenStatus())
+
+	ctx, respWriter := contexttest.MockContext(t, "/user2/repo1/src/branch/master/test-submodule?only_content=true")
+	submodule = git_module.NewCommitSubmoduleFile("/user2/repo1", "test-submodule", "../repo-other", "any-ref-id")
+	handleRepoViewSubmodule(ctx, submodule)
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, `<a href="/user2/repo-other/tree/any-ref-id">/user2/repo-other/tree/any-ref-id</a>`, respWriter.Body.String())
+}
diff --git a/routers/web/repo/view_readme.go b/routers/web/repo/view_readme.go
index 48befe47f8..ba03febff3 100644
--- a/routers/web/repo/view_readme.go
+++ b/routers/web/repo/view_readme.go
@@ -32,15 +32,7 @@ import (
 //	entries == ctx.Repo.Commit.SubTree(ctx.Repo.TreePath).ListEntries()
 //
 // FIXME: There has to be a more efficient way of doing this
-func findReadmeFileInEntries(ctx *context.Context, entries []*git.TreeEntry, tryWellKnownDirs bool) (string, *git.TreeEntry, error) {
-	// Create a list of extensions in priority order
-	// 1. Markdown files - with and without localisation - e.g. README.en-us.md or README.md
-	// 2. Txt files - e.g. README.txt
-	// 3. No extension - e.g. README
-	exts := append(localizedExtensions(".md", ctx.Locale.Language()), ".txt", "") // sorted by priority
-	extCount := len(exts)
-	readmeFiles := make([]*git.TreeEntry, extCount+1)
-
+func findReadmeFileInEntries(ctx *context.Context, parentDir string, entries []*git.TreeEntry, tryWellKnownDirs bool) (string, *git.TreeEntry, error) {
 	docsEntries := make([]*git.TreeEntry, 3) // (one of docs/, .gitea/ or .github/)
 	for _, entry := range entries {
 		if tryWellKnownDirs && entry.IsDir() {
@@ -62,16 +54,23 @@ func findReadmeFileInEntries(ctx *context.Context, entries []*git.TreeEntry, try
 					docsEntries[2] = entry
 				}
 			}
-			continue
 		}
+	}
+
+	// Create a list of extensions in priority order
+	// 1. Markdown files - with and without localisation - e.g. README.en-us.md or README.md
+	// 2. Txt files - e.g. README.txt
+	// 3. No extension - e.g. README
+	exts := append(localizedExtensions(".md", ctx.Locale.Language()), ".txt", "") // sorted by priority
+	extCount := len(exts)
+	readmeFiles := make([]*git.TreeEntry, extCount+1)
+	for _, entry := range entries {
 		if i, ok := util.IsReadmeFileExtension(entry.Name(), exts...); ok {
-			log.Debug("Potential readme file: %s", entry.Name())
+			fullPath := path.Join(parentDir, entry.Name())
 			if readmeFiles[i] == nil || base.NaturalSortLess(readmeFiles[i].Name(), entry.Blob().Name()) {
 				if entry.IsLink() {
-					target, err := entry.FollowLinks()
-					if err != nil && !git.IsErrBadLink(err) {
-						return "", nil, err
-					} else if target != nil && (target.IsExecutable() || target.IsRegular()) {
+					res, err := git.EntryFollowLinks(ctx.Repo.Commit, fullPath, entry)
+					if err == nil && (res.TargetEntry.IsExecutable() || res.TargetEntry.IsRegular()) {
 						readmeFiles[i] = entry
 					}
 				} else {
@@ -80,6 +79,7 @@ func findReadmeFileInEntries(ctx *context.Context, entries []*git.TreeEntry, try
 			}
 		}
 	}
+
 	var readmeFile *git.TreeEntry
 	for _, f := range readmeFiles {
 		if f != nil {
@@ -103,7 +103,7 @@ func findReadmeFileInEntries(ctx *context.Context, entries []*git.TreeEntry, try
 				return "", nil, err
 			}
 
-			subfolder, readmeFile, err := findReadmeFileInEntries(ctx, childEntries, false)
+			subfolder, readmeFile, err := findReadmeFileInEntries(ctx, parentDir, childEntries, false)
 			if err != nil && !git.IsErrNotExist(err) {
 				return "", nil, err
 			}
@@ -139,46 +139,52 @@ func localizedExtensions(ext, languageCode string) (localizedExts []string) {
 }
 
 func prepareToRenderReadmeFile(ctx *context.Context, subfolder string, readmeFile *git.TreeEntry) {
-	target := readmeFile
-	if readmeFile != nil && readmeFile.IsLink() {
-		target, _ = readmeFile.FollowLinks()
-	}
-	if target == nil {
-		// if findReadmeFile() failed and/or gave us a broken symlink (which it shouldn't)
-		// simply skip rendering the README
+	if readmeFile == nil {
 		return
 	}
 
+	readmeFullPath := path.Join(ctx.Repo.TreePath, subfolder, readmeFile.Name())
+	readmeTargetEntry := readmeFile
+	if readmeFile.IsLink() {
+		if res, err := git.EntryFollowLinks(ctx.Repo.Commit, readmeFullPath, readmeFile); err == nil {
+			readmeTargetEntry = res.TargetEntry
+		} else {
+			readmeTargetEntry = nil // if we cannot resolve the symlink, we cannot render the readme, ignore the error
+		}
+	}
+	if readmeTargetEntry == nil {
+		return // if no valid README entry found, skip rendering the README
+	}
+
 	ctx.Data["RawFileLink"] = ""
-	ctx.Data["ReadmeInList"] = true
+	ctx.Data["ReadmeInList"] = path.Join(subfolder, readmeFile.Name()) // the relative path to the readme file to the current tree path
 	ctx.Data["ReadmeExist"] = true
 	ctx.Data["FileIsSymlink"] = readmeFile.IsLink()
 
-	buf, dataRc, fInfo, err := getFileReader(ctx, ctx.Repo.Repository.ID, target.Blob())
+	buf, dataRc, fInfo, err := getFileReader(ctx, ctx.Repo.Repository.ID, readmeTargetEntry.Blob())
 	if err != nil {
 		ctx.ServerError("getFileReader", err)
 		return
 	}
 	defer dataRc.Close()
 
-	ctx.Data["FileIsText"] = fInfo.isTextFile
-	ctx.Data["FileName"] = path.Join(subfolder, readmeFile.Name())
+	ctx.Data["FileIsText"] = fInfo.st.IsText()
+	ctx.Data["FileTreePath"] = readmeFullPath
 	ctx.Data["FileSize"] = fInfo.fileSize
-	ctx.Data["IsLFSFile"] = fInfo.isLFSFile
+	ctx.Data["IsLFSFile"] = fInfo.isLFSFile()
 
-	if fInfo.isLFSFile {
+	if fInfo.isLFSFile() {
 		filenameBase64 := base64.RawURLEncoding.EncodeToString([]byte(readmeFile.Name()))
 		ctx.Data["RawFileLink"] = fmt.Sprintf("%s.git/info/lfs/objects/%s/%s", ctx.Repo.Repository.Link(), url.PathEscape(fInfo.lfsMeta.Oid), url.PathEscape(filenameBase64))
 	}
 
-	if !fInfo.isTextFile {
+	if !fInfo.st.IsText() {
 		return
 	}
 
 	if fInfo.fileSize >= setting.UI.MaxDisplayFileSize {
 		// Pretend that this is a normal text file to display 'This file is too large to be shown'
 		ctx.Data["IsFileTooLarge"] = true
-		ctx.Data["IsTextFile"] = true
 		return
 	}
 
@@ -190,10 +196,10 @@ func prepareToRenderReadmeFile(ctx *context.Context, subfolder string, readmeFil
 
 		rctx := renderhelper.NewRenderContextRepoFile(ctx, ctx.Repo.Repository, renderhelper.RepoFileOptions{
 			CurrentRefPath:  ctx.Repo.RefTypeNameSubURL(),
-			CurrentTreePath: path.Join(ctx.Repo.TreePath, subfolder),
+			CurrentTreePath: path.Dir(readmeFullPath),
 		}).
 			WithMarkupType(markupType).
-			WithRelativePath(path.Join(ctx.Repo.TreePath, subfolder, readmeFile.Name())) // ctx.Repo.TreePath is the directory not the Readme so we must append the Readme filename (and path).
+			WithRelativePath(readmeFullPath)
 
 		ctx.Data["EscapeStatus"], ctx.Data["FileContent"], err = markupRender(ctx, rctx, rd)
 		if err != nil {
@@ -212,7 +218,7 @@ func prepareToRenderReadmeFile(ctx *context.Context, subfolder string, readmeFil
 		ctx.Data["EscapeStatus"], ctx.Data["FileContent"] = charset.EscapeControlHTML(template.HTML(contentEscaped), ctx.Locale)
 	}
 
-	if !fInfo.isLFSFile && ctx.Repo.CanEnableEditor(ctx, ctx.Doer) {
+	if !fInfo.isLFSFile() && ctx.Repo.Repository.CanEnableEditor() {
 		ctx.Data["CanEditReadmeFile"] = true
 	}
 }
diff --git a/routers/web/repo/wiki.go b/routers/web/repo/wiki.go
index 20c8c2b406..a35b7b86e1 100644
--- a/routers/web/repo/wiki.go
+++ b/routers/web/repo/wiki.go
@@ -6,8 +6,7 @@ package repo
 
 import (
 	"bytes"
-	gocontext "context"
-	"fmt"
+	"html/template"
 	"io"
 	"net/http"
 	"net/url"
@@ -62,9 +61,9 @@ func MustEnableWiki(ctx *context.Context) {
 		return
 	}
 
-	unit, err := ctx.Repo.Repository.GetUnit(ctx, unit.TypeExternalWiki)
+	repoUnit, err := ctx.Repo.Repository.GetUnit(ctx, unit.TypeExternalWiki)
 	if err == nil {
-		ctx.Redirect(unit.ExternalWikiConfig().ExternalWikiURL)
+		ctx.Redirect(repoUnit.ExternalWikiConfig().ExternalWikiURL)
 		return
 	}
 }
@@ -96,7 +95,7 @@ func findEntryForFile(commit *git.Commit, target string) (*git.TreeEntry, error)
 }
 
 func findWikiRepoCommit(ctx *context.Context) (*git.Repository, *git.Commit, error) {
-	wikiGitRepo, errGitRepo := gitrepo.OpenRepository(ctx, ctx.Repo.Repository.WikiStorageRepo())
+	wikiGitRepo, errGitRepo := gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository.WikiStorageRepo())
 	if errGitRepo != nil {
 		ctx.ServerError("OpenRepository", errGitRepo)
 		return nil, nil, errGitRepo
@@ -110,7 +109,7 @@ func findWikiRepoCommit(ctx *context.Context) (*git.Repository, *git.Commit, err
 			return wikiGitRepo, nil, errBranch
 		}
 		// update the default branch in the database
-		errDb := repo_model.UpdateRepositoryCols(ctx, &repo_model.Repository{ID: ctx.Repo.Repository.ID, DefaultWikiBranch: gitRepoDefaultBranch}, "default_wiki_branch")
+		errDb := repo_model.UpdateRepositoryColsNoAutoTime(ctx, &repo_model.Repository{ID: ctx.Repo.Repository.ID, DefaultWikiBranch: gitRepoDefaultBranch}, "default_wiki_branch")
 		if errDb != nil {
 			return wikiGitRepo, nil, errDb
 		}
@@ -179,23 +178,17 @@ func wikiContentsByName(ctx *context.Context, commit *git.Commit, wikiName wiki_
 }
 
 func renderViewPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) {
-	wikiRepo, commit, err := findWikiRepoCommit(ctx)
+	wikiGitRepo, commit, err := findWikiRepoCommit(ctx)
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		if !git.IsErrNotExist(err) {
 			ctx.ServerError("GetBranchCommit", err)
 		}
 		return nil, nil
 	}
 
-	// Get page list.
+	// get the wiki pages list.
 	entries, err := commit.ListEntries()
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		ctx.ServerError("ListEntries", err)
 		return nil, nil
 	}
@@ -209,9 +202,6 @@ func renderViewPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) {
 			if repo_model.IsErrWikiInvalidFileName(err) {
 				continue
 			}
-			if wikiRepo != nil {
-				wikiRepo.Close()
-			}
 			ctx.ServerError("WikiFilenameToName", err)
 			return nil, nil
 		} else if wikiName == "_Sidebar" || wikiName == "_Footer" {
@@ -250,58 +240,26 @@ func renderViewPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) {
 		ctx.Redirect(util.URLJoin(ctx.Repo.RepoLink, "wiki/raw", string(pageName)))
 	}
 	if entry == nil || ctx.Written() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		return nil, nil
 	}
 
-	// get filecontent
+	// get page content
 	data := wikiContentsByEntry(ctx, entry)
 	if ctx.Written() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		return nil, nil
 	}
 
-	var sidebarContent []byte
-	if !isSideBar {
-		sidebarContent, _, _, _ = wikiContentsByName(ctx, commit, "_Sidebar")
-		if ctx.Written() {
-			if wikiRepo != nil {
-				wikiRepo.Close()
-			}
-			return nil, nil
-		}
-	} else {
-		sidebarContent = data
-	}
-
-	var footerContent []byte
-	if !isFooter {
-		footerContent, _, _, _ = wikiContentsByName(ctx, commit, "_Footer")
-		if ctx.Written() {
-			if wikiRepo != nil {
-				wikiRepo.Close()
-			}
-			return nil, nil
-		}
-	} else {
-		footerContent = data
-	}
-
 	rctx := renderhelper.NewRenderContextRepoWiki(ctx, ctx.Repo.Repository)
 
-	buf := &strings.Builder{}
-	renderFn := func(data []byte) (escaped *charset.EscapeStatus, output string, err error) {
+	renderFn := func(data []byte) (escaped *charset.EscapeStatus, output template.HTML, err error) {
+		buf := &strings.Builder{}
 		markupRd, markupWr := io.Pipe()
 		defer markupWr.Close()
 		done := make(chan struct{})
 		go func() {
 			// We allow NBSP here this is rendered
 			escaped, _ = charset.EscapeControlReader(markupRd, buf, ctx.Locale, charset.RuneNBSP)
-			output = buf.String()
+			output = template.HTML(buf.String())
 			buf.Reset()
 			close(done)
 		}()
@@ -312,75 +270,61 @@ func renderViewPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) {
 		return escaped, output, err
 	}
 
-	ctx.Data["EscapeStatus"], ctx.Data["content"], err = renderFn(data)
+	ctx.Data["EscapeStatus"], ctx.Data["WikiContentHTML"], err = renderFn(data)
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		ctx.ServerError("Render", err)
 		return nil, nil
 	}
 
 	if rctx.SidebarTocNode != nil {
-		sb := &strings.Builder{}
-		err = markdown.SpecializedMarkdown(rctx).Renderer().Render(sb, nil, rctx.SidebarTocNode)
-		if err != nil {
+		sb := strings.Builder{}
+		if err = markdown.SpecializedMarkdown(rctx).Renderer().Render(&sb, nil, rctx.SidebarTocNode); err != nil {
 			log.Error("Failed to render wiki sidebar TOC: %v", err)
-		} else {
-			ctx.Data["sidebarTocContent"] = sb.String()
 		}
+		ctx.Data["WikiSidebarTocHTML"] = templates.SanitizeHTML(sb.String())
 	}
 
 	if !isSideBar {
-		buf.Reset()
-		ctx.Data["sidebarEscapeStatus"], ctx.Data["sidebarContent"], err = renderFn(sidebarContent)
+		sidebarContent, _, _, _ := wikiContentsByName(ctx, commit, "_Sidebar")
+		if ctx.Written() {
+			return nil, nil
+		}
+		ctx.Data["WikiSidebarEscapeStatus"], ctx.Data["WikiSidebarHTML"], err = renderFn(sidebarContent)
 		if err != nil {
-			if wikiRepo != nil {
-				wikiRepo.Close()
-			}
 			ctx.ServerError("Render", err)
 			return nil, nil
 		}
-		ctx.Data["sidebarPresent"] = sidebarContent != nil
-	} else {
-		ctx.Data["sidebarPresent"] = false
 	}
 
 	if !isFooter {
-		buf.Reset()
-		ctx.Data["footerEscapeStatus"], ctx.Data["footerContent"], err = renderFn(footerContent)
+		footerContent, _, _, _ := wikiContentsByName(ctx, commit, "_Footer")
+		if ctx.Written() {
+			return nil, nil
+		}
+		ctx.Data["WikiFooterEscapeStatus"], ctx.Data["WikiFooterHTML"], err = renderFn(footerContent)
 		if err != nil {
-			if wikiRepo != nil {
-				wikiRepo.Close()
-			}
 			ctx.ServerError("Render", err)
 			return nil, nil
 		}
-		ctx.Data["footerPresent"] = footerContent != nil
-	} else {
-		ctx.Data["footerPresent"] = false
 	}
 
 	// get commit count - wiki revisions
-	commitsCount, _ := wikiRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
+	commitsCount, _ := wikiGitRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
 	ctx.Data["CommitCount"] = commitsCount
 
-	return wikiRepo, entry
+	return wikiGitRepo, entry
 }
 
 func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry) {
-	wikiRepo, commit, err := findWikiRepoCommit(ctx)
+	wikiGitRepo, commit, err := findWikiRepoCommit(ctx)
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		if !git.IsErrNotExist(err) {
 			ctx.ServerError("GetBranchCommit", err)
 		}
 		return nil, nil
 	}
 
-	// get requested pagename
+	// get requested page name
 	pageName := wiki_service.WebPathFromRequest(ctx.PathParamRaw("*"))
 	if len(pageName) == 0 {
 		pageName = "Home"
@@ -395,53 +339,35 @@ func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry)
 	ctx.Data["Username"] = ctx.Repo.Owner.Name
 	ctx.Data["Reponame"] = ctx.Repo.Repository.Name
 
-	// lookup filename in wiki - get filecontent, gitTree entry , real filename
-	data, entry, pageFilename, noEntry := wikiContentsByName(ctx, commit, pageName)
+	// lookup filename in wiki - get page content, gitTree entry , real filename
+	_, entry, pageFilename, noEntry := wikiContentsByName(ctx, commit, pageName)
 	if noEntry {
 		ctx.Redirect(ctx.Repo.RepoLink + "/wiki/?action=_pages")
 	}
 	if entry == nil || ctx.Written() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		return nil, nil
 	}
 
-	ctx.Data["content"] = string(data)
-	ctx.Data["sidebarPresent"] = false
-	ctx.Data["sidebarContent"] = ""
-	ctx.Data["footerPresent"] = false
-	ctx.Data["footerContent"] = ""
-
 	// get commit count - wiki revisions
-	commitsCount, _ := wikiRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
+	commitsCount, _ := wikiGitRepo.FileCommitsCount(ctx.Repo.Repository.DefaultWikiBranch, pageFilename)
 	ctx.Data["CommitCount"] = commitsCount
 
 	// get page
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	// get Commit Count
-	commitsHistory, err := wikiRepo.CommitsByFileAndRange(
+	commitsHistory, err := wikiGitRepo.CommitsByFileAndRange(
 		git.CommitsByFileAndRangeOptions{
 			Revision: ctx.Repo.Repository.DefaultWikiBranch,
 			File:     pageFilename,
 			Page:     page,
 		})
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		ctx.ServerError("CommitsByFileAndRange", err)
 		return nil, nil
 	}
 	ctx.Data["Commits"], err = git_service.ConvertFromGitCommit(ctx, commitsHistory, ctx.Repo.Repository)
 	if err != nil {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
 		ctx.ServerError("ConvertFromGitCommit", err)
 		return nil, nil
 	}
@@ -450,16 +376,11 @@ func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry)
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
 
-	return wikiRepo, entry
+	return wikiGitRepo, entry
 }
 
 func renderEditPage(ctx *context.Context) {
-	wikiRepo, commit, err := findWikiRepoCommit(ctx)
-	defer func() {
-		if wikiRepo != nil {
-			_ = wikiRepo.Close()
-		}
-	}()
+	_, commit, err := findWikiRepoCommit(ctx)
 	if err != nil {
 		if !git.IsErrNotExist(err) {
 			ctx.ServerError("GetBranchCommit", err)
@@ -467,7 +388,7 @@ func renderEditPage(ctx *context.Context) {
 		return
 	}
 
-	// get requested pagename
+	// get requested page name
 	pageName := wiki_service.WebPathFromRequest(ctx.PathParamRaw("*"))
 	if len(pageName) == 0 {
 		pageName = "Home"
@@ -491,17 +412,13 @@ func renderEditPage(ctx *context.Context) {
 		return
 	}
 
-	// get filecontent
+	// get wiki page content
 	data := wikiContentsByEntry(ctx, entry)
 	if ctx.Written() {
 		return
 	}
 
-	ctx.Data["content"] = string(data)
-	ctx.Data["sidebarPresent"] = false
-	ctx.Data["sidebarContent"] = ""
-	ctx.Data["footerPresent"] = false
-	ctx.Data["footerContent"] = ""
+	ctx.Data["WikiEditContent"] = string(data)
 }
 
 // WikiPost renders post of wiki page
@@ -563,12 +480,7 @@ func Wiki(ctx *context.Context) {
 		return
 	}
 
-	wikiRepo, entry := renderViewPage(ctx)
-	defer func() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
-	}()
+	wikiGitRepo, entry := renderViewPage(ctx)
 	if ctx.Written() {
 		return
 	}
@@ -581,10 +493,10 @@ func Wiki(ctx *context.Context) {
 	wikiPath := entry.Name()
 	if markup.DetectMarkupTypeByFileName(wikiPath) != markdown.MarkupName {
 		ext := strings.ToUpper(filepath.Ext(wikiPath))
-		ctx.Data["FormatWarning"] = fmt.Sprintf("%s rendering is not supported at the moment. Rendered as Markdown.", ext)
+		ctx.Data["FormatWarning"] = ext + " rendering is not supported at the moment. Rendered as Markdown."
 	}
 	// Get last change information.
-	lastCommit, err := wikiRepo.GetCommitByPath(wikiPath)
+	lastCommit, err := wikiGitRepo.GetCommitByPath(wikiPath)
 	if err != nil {
 		ctx.ServerError("GetCommitByPath", err)
 		return
@@ -604,13 +516,7 @@ func WikiRevision(ctx *context.Context) {
 		return
 	}
 
-	wikiRepo, entry := renderRevisionPage(ctx)
-	defer func() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
-	}()
-
+	wikiGitRepo, entry := renderRevisionPage(ctx)
 	if ctx.Written() {
 		return
 	}
@@ -622,7 +528,7 @@ func WikiRevision(ctx *context.Context) {
 
 	// Get last change information.
 	wikiPath := entry.Name()
-	lastCommit, err := wikiRepo.GetCommitByPath(wikiPath)
+	lastCommit, err := wikiGitRepo.GetCommitByPath(wikiPath)
 	if err != nil {
 		ctx.ServerError("GetCommitByPath", err)
 		return
@@ -642,12 +548,7 @@ func WikiPages(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("repo.wiki.pages")
 	ctx.Data["CanWriteWiki"] = ctx.Repo.CanWrite(unit.TypeWiki) && !ctx.Repo.Repository.IsArchived
 
-	wikiRepo, commit, err := findWikiRepoCommit(ctx)
-	defer func() {
-		if wikiRepo != nil {
-			_ = wikiRepo.Close()
-		}
-	}()
+	_, commit, err := findWikiRepoCommit(ctx)
 	if err != nil {
 		ctx.Redirect(ctx.Repo.RepoLink + "/wiki")
 		return
@@ -667,7 +568,7 @@ func WikiPages(ctx *context.Context) {
 	}
 	allEntries.CustomSort(base.NaturalSortLess)
 
-	entries, _, err := allEntries.GetCommitsInfo(gocontext.Context(ctx), commit, treePath)
+	entries, _, err := allEntries.GetCommitsInfo(ctx, ctx.Repo.RepoLink, commit, treePath)
 	if err != nil {
 		ctx.ServerError("GetCommitsInfo", err)
 		return
@@ -701,13 +602,7 @@ func WikiPages(ctx *context.Context) {
 
 // WikiRaw outputs raw blob requested by user (image for example)
 func WikiRaw(ctx *context.Context) {
-	wikiRepo, commit, err := findWikiRepoCommit(ctx)
-	defer func() {
-		if wikiRepo != nil {
-			wikiRepo.Close()
-		}
-	}()
-
+	_, commit, err := findWikiRepoCommit(ctx)
 	if err != nil {
 		if git.IsErrNotExist(err) {
 			ctx.NotFound(nil)
diff --git a/routers/web/repo/wiki_test.go b/routers/web/repo/wiki_test.go
index e44cf46ba8..59bf6ed79b 100644
--- a/routers/web/repo/wiki_test.go
+++ b/routers/web/repo/wiki_test.go
@@ -71,7 +71,7 @@ func assertPagesMetas(t *testing.T, expectedNames []string, metas any) {
 	require.Len(t, pageMetas, len(expectedNames))
 
 	for i, pageMeta := range pageMetas {
-		assert.EqualValues(t, expectedNames[i], pageMeta.Name)
+		assert.Equal(t, expectedNames[i], pageMeta.Name)
 	}
 }
 
@@ -82,7 +82,7 @@ func TestWiki(t *testing.T) {
 	ctx.SetPathParam("*", "Home")
 	contexttest.LoadRepo(t, ctx, 1)
 	Wiki(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, "Home", ctx.Data["Title"])
 	assertPagesMetas(t, []string{"Home", "Page With Image", "Page With Spaced Name", "Unescaped File"}, ctx.Data["Pages"])
 
@@ -90,7 +90,7 @@ func TestWiki(t *testing.T) {
 	ctx.SetPathParam("*", "jpeg.jpg")
 	contexttest.LoadRepo(t, ctx, 1)
 	Wiki(ctx)
-	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 	assert.Equal(t, "/user2/repo1/wiki/raw/jpeg.jpg", ctx.Resp.Header().Get("Location"))
 }
 
@@ -100,7 +100,7 @@ func TestWikiPages(t *testing.T) {
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/wiki/?action=_pages")
 	contexttest.LoadRepo(t, ctx, 1)
 	WikiPages(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assertPagesMetas(t, []string{"Home", "Page With Image", "Page With Spaced Name", "Unescaped File"}, ctx.Data["Pages"])
 }
 
@@ -111,7 +111,7 @@ func TestNewWiki(t *testing.T) {
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	NewWiki(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, ctx.Tr("repo.wiki.new_page"), ctx.Data["Title"])
 }
 
@@ -131,7 +131,7 @@ func TestNewWikiPost(t *testing.T) {
 			Message: message,
 		})
 		NewWikiPost(ctx)
-		assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+		assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 		assertWikiExists(t, ctx.Repo.Repository, wiki_service.UserTitleToWebPath("", title))
 		assert.Equal(t, content, wikiContent(t, ctx.Repo.Repository, wiki_service.UserTitleToWebPath("", title)))
 	}
@@ -149,7 +149,7 @@ func TestNewWikiPost_ReservedName(t *testing.T) {
 		Message: message,
 	})
 	NewWikiPost(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, ctx.Tr("repo.wiki.reserved_page", "_edit"), ctx.Flash.ErrorMsg)
 	assertWikiNotExists(t, ctx.Repo.Repository, "_edit")
 }
@@ -162,16 +162,16 @@ func TestEditWiki(t *testing.T) {
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	EditWiki(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, "Home", ctx.Data["Title"])
-	assert.Equal(t, wikiContent(t, ctx.Repo.Repository, "Home"), ctx.Data["content"])
+	assert.Equal(t, wikiContent(t, ctx.Repo.Repository, "Home"), ctx.Data["WikiEditContent"])
 
 	ctx, _ = contexttest.MockContext(t, "user2/repo1/wiki/jpeg.jpg?action=_edit")
 	ctx.SetPathParam("*", "jpeg.jpg")
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	EditWiki(ctx)
-	assert.EqualValues(t, http.StatusForbidden, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusForbidden, ctx.Resp.WrittenStatus())
 }
 
 func TestEditWikiPost(t *testing.T) {
@@ -190,7 +190,7 @@ func TestEditWikiPost(t *testing.T) {
 			Message: message,
 		})
 		EditWikiPost(ctx)
-		assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+		assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 		assertWikiExists(t, ctx.Repo.Repository, wiki_service.UserTitleToWebPath("", title))
 		assert.Equal(t, content, wikiContent(t, ctx.Repo.Repository, wiki_service.UserTitleToWebPath("", title)))
 		if title != "Home" {
@@ -206,7 +206,7 @@ func TestDeleteWikiPagePost(t *testing.T) {
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadRepo(t, ctx, 1)
 	DeleteWikiPagePost(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assertWikiNotExists(t, ctx.Repo.Repository, "Home")
 }
 
@@ -228,10 +228,10 @@ func TestWikiRaw(t *testing.T) {
 		contexttest.LoadRepo(t, ctx, 1)
 		WikiRaw(ctx)
 		if filetype == "" {
-			assert.EqualValues(t, http.StatusNotFound, ctx.Resp.WrittenStatus(), "filepath: %s", filepath)
+			assert.Equal(t, http.StatusNotFound, ctx.Resp.WrittenStatus(), "filepath: %s", filepath)
 		} else {
-			assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus(), "filepath: %s", filepath)
-			assert.EqualValues(t, filetype, ctx.Resp.Header().Get("Content-Type"), "filepath: %s", filepath)
+			assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus(), "filepath: %s", filepath)
+			assert.Equal(t, filetype, ctx.Resp.Header().Get("Content-Type"), "filepath: %s", filepath)
 		}
 	}
 }
@@ -245,7 +245,12 @@ func TestDefaultWikiBranch(t *testing.T) {
 	assert.NoError(t, wiki_service.ChangeDefaultWikiBranch(db.DefaultContext, repoWithNoWiki, "main"))
 
 	// repo with wiki
-	assert.NoError(t, repo_model.UpdateRepositoryCols(db.DefaultContext, &repo_model.Repository{ID: 1, DefaultWikiBranch: "wrong-branch"}))
+	assert.NoError(t, repo_model.UpdateRepositoryColsNoAutoTime(
+		db.DefaultContext,
+		&repo_model.Repository{ID: 1, DefaultWikiBranch: "wrong-branch"},
+		"default_wiki_branch",
+	),
+	)
 
 	ctx, _ := contexttest.MockContext(t, "user2/repo1/wiki")
 	ctx.SetPathParam("*", "Home")
diff --git a/routers/web/shared/actions/runners.go b/routers/web/shared/actions/runners.go
index 444bd960db..648f8046a4 100644
--- a/routers/web/shared/actions/runners.go
+++ b/routers/web/shared/actions/runners.go
@@ -57,9 +57,8 @@ func getRunnersCtx(ctx *context.Context) (*runnersCtx, error) {
 	}
 
 	if ctx.Data["PageIsOrgSettings"] == true {
-		err := shared_user.LoadHeaderCount(ctx)
-		if err != nil {
-			ctx.ServerError("LoadHeaderCount", err)
+		if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+			ctx.ServerError("RenderUserOrgHeader", err)
 			return nil, nil
 		}
 		return &runnersCtx{
@@ -109,10 +108,7 @@ func Runners(ctx *context.Context) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	opts := actions_model.FindRunnerOptions{
 		ListOptions: db.ListOptions{
@@ -180,10 +176,7 @@ func RunnersEdit(ctx *context.Context) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	runnerID := ctx.PathParamInt64("runnerid")
 	ownerID := rCtx.OwnerID
@@ -198,7 +191,7 @@ func RunnersEdit(ctx *context.Context) {
 		ctx.ServerError("LoadAttributes", err)
 		return
 	}
-	if !runner.Editable(ownerID, repoID) {
+	if !runner.EditableInContext(ownerID, repoID) {
 		err = errors.New("no permission to edit this runner")
 		ctx.NotFound(err)
 		return
@@ -251,7 +244,7 @@ func RunnersEditPost(ctx *context.Context) {
 		ctx.ServerError("RunnerDetailsEditPost.GetRunnerByID", err)
 		return
 	}
-	if !runner.Editable(ownerID, repoID) {
+	if !runner.EditableInContext(ownerID, repoID) {
 		ctx.NotFound(util.NewPermissionDeniedErrorf("no permission to edit this runner"))
 		return
 	}
@@ -305,7 +298,7 @@ func RunnerDeletePost(ctx *context.Context) {
 		return
 	}
 
-	if !runner.Editable(rCtx.OwnerID, rCtx.RepoID) {
+	if !runner.EditableInContext(rCtx.OwnerID, rCtx.RepoID) {
 		ctx.NotFound(util.NewPermissionDeniedErrorf("no permission to delete this runner"))
 		return
 	}
diff --git a/routers/web/shared/actions/variables.go b/routers/web/shared/actions/variables.go
index 9cc1676d7b..a43c2c2690 100644
--- a/routers/web/shared/actions/variables.go
+++ b/routers/web/shared/actions/variables.go
@@ -49,9 +49,8 @@ func getVariablesCtx(ctx *context.Context) (*variablesCtx, error) {
 	}
 
 	if ctx.Data["PageIsOrgSettings"] == true {
-		err := shared_user.LoadHeaderCount(ctx)
-		if err != nil {
-			ctx.ServerError("LoadHeaderCount", err)
+		if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+			ctx.ServerError("RenderUserOrgHeader", err)
 			return nil, nil
 		}
 		return &variablesCtx{
diff --git a/routers/web/shared/issue/issue_label.go b/routers/web/shared/issue/issue_label.go
index eacea36b02..e2eeaaf0af 100644
--- a/routers/web/shared/issue/issue_label.go
+++ b/routers/web/shared/issue/issue_label.go
@@ -14,14 +14,18 @@ import (
 )
 
 // PrepareFilterIssueLabels reads the "labels" query parameter, sets `ctx.Data["Labels"]` and `ctx.Data["SelectLabels"]`
-func PrepareFilterIssueLabels(ctx *context.Context, repoID int64, owner *user_model.User) (labelIDs []int64) {
+func PrepareFilterIssueLabels(ctx *context.Context, repoID int64, owner *user_model.User) (ret struct {
+	AllLabels        []*issues_model.Label
+	SelectedLabelIDs []int64
+},
+) {
 	// 1,-2 means including label 1 and excluding label 2
 	// 0 means issues with no label
 	// blank means labels will not be filtered for issues
 	selectLabels := ctx.FormString("labels")
 	if selectLabels != "" {
 		var err error
-		labelIDs, err = base.StringsToInt64s(strings.Split(selectLabels, ","))
+		ret.SelectedLabelIDs, err = base.StringsToInt64s(strings.Split(selectLabels, ","))
 		if err != nil {
 			ctx.Flash.Error(ctx.Tr("invalid_data", selectLabels), true)
 		}
@@ -32,7 +36,7 @@ func PrepareFilterIssueLabels(ctx *context.Context, repoID int64, owner *user_mo
 		repoLabels, err := issues_model.GetLabelsByRepoID(ctx, repoID, "", db.ListOptions{})
 		if err != nil {
 			ctx.ServerError("GetLabelsByRepoID", err)
-			return nil
+			return ret
 		}
 		allLabels = append(allLabels, repoLabels...)
 	}
@@ -41,14 +45,14 @@ func PrepareFilterIssueLabels(ctx *context.Context, repoID int64, owner *user_mo
 		orgLabels, err := issues_model.GetLabelsByOrgID(ctx, owner.ID, "", db.ListOptions{})
 		if err != nil {
 			ctx.ServerError("GetLabelsByOrgID", err)
-			return nil
+			return ret
 		}
 		allLabels = append(allLabels, orgLabels...)
 	}
 
 	// Get the exclusive scope for every label ID
-	labelExclusiveScopes := make([]string, 0, len(labelIDs))
-	for _, labelID := range labelIDs {
+	labelExclusiveScopes := make([]string, 0, len(ret.SelectedLabelIDs))
+	for _, labelID := range ret.SelectedLabelIDs {
 		foundExclusiveScope := false
 		for _, label := range allLabels {
 			if label.ID == labelID || label.ID == -labelID {
@@ -63,9 +67,10 @@ func PrepareFilterIssueLabels(ctx *context.Context, repoID int64, owner *user_mo
 	}
 
 	for _, l := range allLabels {
-		l.LoadSelectedLabelsAfterClick(labelIDs, labelExclusiveScopes)
+		l.LoadSelectedLabelsAfterClick(ret.SelectedLabelIDs, labelExclusiveScopes)
 	}
 	ctx.Data["Labels"] = allLabels
 	ctx.Data["SelectLabels"] = selectLabels
-	return labelIDs
+	ret.AllLabels = allLabels
+	return ret
 }
diff --git a/routers/web/shared/label/label.go b/routers/web/shared/label/label.go
new file mode 100644
index 0000000000..6968a318c4
--- /dev/null
+++ b/routers/web/shared/label/label.go
@@ -0,0 +1,26 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package label
+
+import (
+	"code.gitea.io/gitea/modules/label"
+	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/forms"
+)
+
+func GetLabelEditForm(ctx *context.Context) *forms.CreateLabelForm {
+	form := web.GetForm(ctx).(*forms.CreateLabelForm)
+	if ctx.HasError() {
+		ctx.JSONError(ctx.Data["ErrorMsg"].(string))
+		return nil
+	}
+	var err error
+	form.Color, err = label.NormalizeColor(form.Color)
+	if err != nil {
+		ctx.JSONError(ctx.Tr("repo.issues.label_color_invalid"))
+		return nil
+	}
+	return form
+}
diff --git a/routers/web/shared/packages/packages.go b/routers/web/shared/packages/packages.go
index 3d1795b42c..a18dedf89c 100644
--- a/routers/web/shared/packages/packages.go
+++ b/routers/web/shared/packages/packages.go
@@ -8,7 +8,6 @@ import (
 	"net/http"
 	"time"
 
-	"code.gitea.io/gitea/models/db"
 	packages_model "code.gitea.io/gitea/models/packages"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
@@ -159,12 +158,18 @@ func SetRulePreviewContext(ctx *context.Context, owner *user_model.User) {
 			PackageID:  p.ID,
 			IsInternal: optional.Some(false),
 			Sort:       packages_model.SortCreatedDesc,
-			Paginator:  db.NewAbsoluteListOptions(pcr.KeepCount, 200),
 		})
 		if err != nil {
 			ctx.ServerError("SearchVersions", err)
 			return
 		}
+		if pcr.KeepCount > 0 {
+			if pcr.KeepCount < len(pvs) {
+				pvs = pvs[pcr.KeepCount:]
+			} else {
+				pvs = nil
+			}
+		}
 		for _, pv := range pvs {
 			if skip, err := container_service.ShouldBeSkipped(ctx, pcr, p, pv); err != nil {
 				ctx.ServerError("ShouldBeSkipped", err)
@@ -177,7 +182,6 @@ func SetRulePreviewContext(ctx *context.Context, owner *user_model.User) {
 			if pcr.MatchFullName {
 				toMatch = p.LowerName + "/" + pv.LowerVersion
 			}
-
 			if pcr.KeepPatternMatcher != nil && pcr.KeepPatternMatcher.MatchString(toMatch) {
 				continue
 			}
diff --git a/routers/web/shared/secrets/secrets.go b/routers/web/shared/secrets/secrets.go
index c8b80ebb26..29f4e9520d 100644
--- a/routers/web/shared/secrets/secrets.go
+++ b/routers/web/shared/secrets/secrets.go
@@ -32,11 +32,11 @@ func PerformSecretsPost(ctx *context.Context, ownerID, repoID int64, redirectURL
 	s, _, err := secret_service.CreateOrUpdateSecret(ctx, ownerID, repoID, form.Name, util.ReserveLineBreakForTextarea(form.Data), form.Description)
 	if err != nil {
 		log.Error("CreateOrUpdateSecret failed: %v", err)
-		ctx.JSONError(ctx.Tr("secrets.creation.failed"))
+		ctx.JSONError(ctx.Tr("secrets.save_failed"))
 		return
 	}
 
-	ctx.Flash.Success(ctx.Tr("secrets.creation.success", s.Name))
+	ctx.Flash.Success(ctx.Tr("secrets.save_success", s.Name))
 	ctx.JSONRedirect(redirectURL)
 }
 
diff --git a/routers/web/shared/user/header.go b/routers/web/shared/user/header.go
index 62b146c7f3..2bd0abc4c0 100644
--- a/routers/web/shared/user/header.go
+++ b/routers/web/shared/user/header.go
@@ -24,19 +24,8 @@ import (
 	"code.gitea.io/gitea/services/context"
 )
 
-// prepareContextForCommonProfile store some common data into context data for user's profile related pages (including the nav menu)
-// It is designed to be fast and safe to be called multiple times in one request
-func prepareContextForCommonProfile(ctx *context.Context) {
-	ctx.Data["IsPackageEnabled"] = setting.Packages.Enabled
-	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
-	ctx.Data["EnableFeed"] = setting.Other.EnableFeed
-	ctx.Data["FeedURL"] = ctx.ContextUser.HomeLink()
-}
-
-// PrepareContextForProfileBigAvatar set the context for big avatar view on the profile page
-func PrepareContextForProfileBigAvatar(ctx *context.Context) {
-	prepareContextForCommonProfile(ctx)
-
+// prepareContextForProfileBigAvatar set the context for big avatar view on the profile page
+func prepareContextForProfileBigAvatar(ctx *context.Context) {
 	ctx.Data["IsFollowing"] = ctx.Doer != nil && user_model.IsFollowing(ctx, ctx.Doer.ID, ctx.ContextUser.ID)
 	ctx.Data["ShowUserEmail"] = setting.UI.ShowUserEmail && ctx.ContextUser.Email != "" && ctx.IsSigned && !ctx.ContextUser.KeepEmailPrivate
 	if setting.Service.UserLocationMapURL != "" {
@@ -58,13 +47,12 @@ func PrepareContextForProfileBigAvatar(ctx *context.Context) {
 		ctx.Data["RenderedDescription"] = content
 	}
 
-	showPrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == ctx.ContextUser.ID)
 	orgs, err := db.Find[organization.Organization](ctx, organization.FindOrgOptions{
-		UserID:         ctx.ContextUser.ID,
-		IncludePrivate: showPrivate,
+		UserID:            ctx.ContextUser.ID,
+		IncludeVisibility: organization.DoerViewOtherVisibility(ctx.Doer, ctx.ContextUser),
 		ListOptions: db.ListOptions{
 			Page: 1,
-			// query one more results (without a separate counting) to see whether we need to add the "show more orgs" link
+			// query one more result (without a separate counting) to see whether we need to add the "show more orgs" link
 			PageSize: setting.UI.User.OrgPagingNum + 1,
 		},
 	})
@@ -138,17 +126,45 @@ func FindOwnerProfileReadme(ctx *context.Context, doer *user_model.User, optProf
 	return profileDbRepo, profileReadmeBlob
 }
 
-func RenderUserHeader(ctx *context.Context) {
-	prepareContextForCommonProfile(ctx)
-
-	_, profileReadmeBlob := FindOwnerProfileReadme(ctx, ctx.Doer)
-	ctx.Data["HasUserProfileReadme"] = profileReadmeBlob != nil
+type PrepareOwnerHeaderResult struct {
+	ProfilePublicRepo        *repo_model.Repository
+	ProfilePublicReadmeBlob  *git.Blob
+	ProfilePrivateRepo       *repo_model.Repository
+	ProfilePrivateReadmeBlob *git.Blob
+	HasOrgProfileReadme      bool
 }
 
-func LoadHeaderCount(ctx *context.Context) error {
-	prepareContextForCommonProfile(ctx)
+const (
+	RepoNameProfilePrivate = ".profile-private"
+	RepoNameProfile        = ".profile"
+)
+
+func RenderUserOrgHeader(ctx *context.Context) (result *PrepareOwnerHeaderResult, err error) {
+	ctx.Data["IsPackageEnabled"] = setting.Packages.Enabled
+	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
+	ctx.Data["EnableFeed"] = setting.Other.EnableFeed
+	ctx.Data["FeedURL"] = ctx.ContextUser.HomeLink()
+
+	if err := loadHeaderCount(ctx); err != nil {
+		return nil, err
+	}
 
-	repoCount, err := repo_model.CountRepository(ctx, &repo_model.SearchRepoOptions{
+	result = &PrepareOwnerHeaderResult{}
+	if ctx.ContextUser.IsOrganization() {
+		result.ProfilePublicRepo, result.ProfilePublicReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer)
+		result.ProfilePrivateRepo, result.ProfilePrivateReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer, RepoNameProfilePrivate)
+		result.HasOrgProfileReadme = result.ProfilePublicReadmeBlob != nil || result.ProfilePrivateReadmeBlob != nil
+		ctx.Data["HasOrgProfileReadme"] = result.HasOrgProfileReadme // many pages need it to show the "overview" tab
+	} else {
+		_, profileReadmeBlob := FindOwnerProfileReadme(ctx, ctx.Doer)
+		ctx.Data["HasUserProfileReadme"] = profileReadmeBlob != nil
+		prepareContextForProfileBigAvatar(ctx)
+	}
+	return result, nil
+}
+
+func loadHeaderCount(ctx *context.Context) error {
+	repoCount, err := repo_model.CountRepository(ctx, repo_model.SearchRepoOptions{
 		Actor:              ctx.Doer,
 		OwnerID:            ctx.ContextUser.ID,
 		Private:            ctx.IsSigned,
@@ -178,29 +194,3 @@ func LoadHeaderCount(ctx *context.Context) error {
 
 	return nil
 }
-
-const (
-	RepoNameProfilePrivate = ".profile-private"
-	RepoNameProfile        = ".profile"
-)
-
-type PrepareOrgHeaderResult struct {
-	ProfilePublicRepo        *repo_model.Repository
-	ProfilePublicReadmeBlob  *git.Blob
-	ProfilePrivateRepo       *repo_model.Repository
-	ProfilePrivateReadmeBlob *git.Blob
-	HasOrgProfileReadme      bool
-}
-
-func PrepareOrgHeader(ctx *context.Context) (result *PrepareOrgHeaderResult, err error) {
-	if err = LoadHeaderCount(ctx); err != nil {
-		return nil, err
-	}
-
-	result = &PrepareOrgHeaderResult{}
-	result.ProfilePublicRepo, result.ProfilePublicReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer)
-	result.ProfilePrivateRepo, result.ProfilePrivateReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer, RepoNameProfilePrivate)
-	result.HasOrgProfileReadme = result.ProfilePublicReadmeBlob != nil || result.ProfilePrivateReadmeBlob != nil
-	ctx.Data["HasOrgProfileReadme"] = result.HasOrgProfileReadme // many pages need it to show the "overview" tab
-	return result, nil
-}
diff --git a/routers/web/swagger_json.go b/routers/web/swagger_json.go
index fc39b504a9..52f6beaf59 100644
--- a/routers/web/swagger_json.go
+++ b/routers/web/swagger_json.go
@@ -4,10 +4,15 @@
 package web
 
 import (
+	"html/template"
+
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/services/context"
 )
 
 // SwaggerV1Json render swagger v1 json
 func SwaggerV1Json(ctx *context.Context) {
+	ctx.Data["SwaggerAppVer"] = template.HTML(template.JSEscapeString(setting.AppVer))
+	ctx.Data["SwaggerAppSubUrl"] = setting.AppSubURL // it is JS-safe
 	ctx.JSONTemplate("swagger/v1_json")
 }
diff --git a/routers/web/user/code.go b/routers/web/user/code.go
index f9aa58b877..11579c40a6 100644
--- a/routers/web/user/code.go
+++ b/routers/web/user/code.go
@@ -5,6 +5,7 @@ package user
 
 import (
 	"net/http"
+	"slices"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -26,11 +27,8 @@ func CodeSearch(ctx *context.Context) {
 		ctx.Redirect(ctx.ContextUser.HomeLink())
 		return
 	}
-	shared_user.PrepareContextForProfileBigAvatar(ctx)
-	shared_user.RenderUserHeader(ctx)
-
-	if err := shared_user.LoadHeaderCount(ctx); err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -89,14 +87,7 @@ func CodeSearch(ctx *context.Context) {
 
 		loadRepoIDs := make([]int64, 0, len(searchResults))
 		for _, result := range searchResults {
-			var find bool
-			for _, id := range loadRepoIDs {
-				if id == result.RepoID {
-					find = true
-					break
-				}
-			}
-			if !find {
+			if !slices.Contains(loadRepoIDs, result.RepoID) {
 				loadRepoIDs = append(loadRepoIDs, result.RepoID)
 			}
 		}
diff --git a/routers/web/user/home.go b/routers/web/user/home.go
index 44e2a5ec71..b53a3daedb 100644
--- a/routers/web/user/home.go
+++ b/routers/web/user/home.go
@@ -176,7 +176,7 @@ func Milestones(ctx *context.Context) {
 	}
 
 	var (
-		userRepoCond = repo_model.SearchRepositoryCondition(&repoOpts) // all repo condition user could visit
+		userRepoCond = repo_model.SearchRepositoryCondition(repoOpts) // all repo condition user could visit
 		repoCond     = userRepoCond
 		repoIDs      []int64
 
@@ -197,7 +197,7 @@ func Milestones(ctx *context.Context) {
 			reposQuery = reposQuery[1 : len(reposQuery)-1]
 			// for each ID (delimiter ",") add to int to repoIDs
 
-			for _, rID := range strings.Split(reposQuery, ",") {
+			for rID := range strings.SplitSeq(reposQuery, ",") {
 				// Ensure nonempty string entries
 				if rID != "" && rID != "0" {
 					rIDint64, err := strconv.ParseInt(rID, 10, 64)
@@ -242,7 +242,7 @@ func Milestones(ctx *context.Context) {
 		return
 	}
 
-	showRepos, _, err := repo_model.SearchRepositoryByCondition(ctx, &repoOpts, userRepoCond, false)
+	showRepos, _, err := repo_model.SearchRepositoryByCondition(ctx, repoOpts, userRepoCond, false)
 	if err != nil {
 		ctx.ServerError("SearchRepositoryByCondition", err)
 		return
@@ -461,7 +461,7 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
 	// As team:
 	// - Team org's owns the repository.
 	// - Team has read permission to repository.
-	repoOpts := &repo_model.SearchRepoOptions{
+	repoOpts := repo_model.SearchRepoOptions{
 		Actor:       ctx.Doer,
 		OwnerID:     ctxUser.ID,
 		Private:     true,
@@ -520,10 +520,7 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
 	opts.IsClosed = optional.Some(isShowClosed)
 
 	// Make sure page number is at least 1. Will be posted to ctx.Data.
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	opts.Paginator = &db.ListOptions{
 		Page:     page,
 		PageSize: setting.UI.IssuePagingNum,
@@ -617,9 +614,10 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
 			return 0
 		}
 		reviewTyp := issues_model.ReviewTypeApprove
-		if typ == "reject" {
+		switch typ {
+		case "reject":
 			reviewTyp = issues_model.ReviewTypeReject
-		} else if typ == "waiting" {
+		case "waiting":
 			reviewTyp = issues_model.ReviewTypeRequest
 		}
 		for _, count := range counts {
@@ -698,7 +696,7 @@ func ShowGPGKeys(ctx *context.Context) {
 
 	headers := make(map[string]string)
 	if len(failedEntitiesID) > 0 { // If some key need re-import to be exported
-		headers["Note"] = fmt.Sprintf("The keys with the following IDs couldn't be exported and need to be reuploaded %s", strings.Join(failedEntitiesID, ", "))
+		headers["Note"] = "The keys with the following IDs couldn't be exported and need to be reuploaded " + strings.Join(failedEntitiesID, ", ")
 	} else if len(entities) == 0 {
 		headers["Note"] = "This user hasn't uploaded any GPG keys."
 	}
diff --git a/routers/web/user/home_test.go b/routers/web/user/home_test.go
index b2c8ad98ba..68ad79b11e 100644
--- a/routers/web/user/home_test.go
+++ b/routers/web/user/home_test.go
@@ -28,7 +28,7 @@ func TestArchivedIssues(t *testing.T) {
 	ctx.Req.Form.Set("state", "open")
 
 	// Assume: User 30 has access to two Repos with Issues, one of the Repos being archived.
-	repos, _, _ := repo_model.GetUserRepositories(db.DefaultContext, &repo_model.SearchRepoOptions{Actor: ctx.Doer})
+	repos, _, _ := repo_model.GetUserRepositories(db.DefaultContext, repo_model.SearchRepoOptions{Actor: ctx.Doer})
 	assert.Len(t, repos, 3)
 	IsArchived := make(map[int64]bool)
 	NumIssues := make(map[int64]int)
@@ -37,15 +37,15 @@ func TestArchivedIssues(t *testing.T) {
 		NumIssues[repo.ID] = repo.NumIssues
 	}
 	assert.False(t, IsArchived[50])
-	assert.EqualValues(t, 1, NumIssues[50])
+	assert.Equal(t, 1, NumIssues[50])
 	assert.True(t, IsArchived[51])
-	assert.EqualValues(t, 1, NumIssues[51])
+	assert.Equal(t, 1, NumIssues[51])
 
 	// Act
 	Issues(ctx)
 
 	// Assert: One Issue (ID 30) from one Repo (ID 50) is retrieved, while nothing from archived Repo 51 is retrieved
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 
 	assert.Len(t, ctx.Data["Issues"], 1)
 }
@@ -58,7 +58,7 @@ func TestIssues(t *testing.T) {
 	contexttest.LoadUser(t, ctx, 2)
 	ctx.Req.Form.Set("state", "closed")
 	Issues(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 
 	assert.EqualValues(t, true, ctx.Data["IsShowClosed"])
 	assert.Len(t, ctx.Data["Issues"], 1)
@@ -72,7 +72,7 @@ func TestPulls(t *testing.T) {
 	contexttest.LoadUser(t, ctx, 2)
 	ctx.Req.Form.Set("state", "open")
 	Pulls(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 
 	assert.Len(t, ctx.Data["Issues"], 5)
 }
@@ -87,7 +87,7 @@ func TestMilestones(t *testing.T) {
 	ctx.Req.Form.Set("state", "closed")
 	ctx.Req.Form.Set("sort", "furthestduedate")
 	Milestones(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, map[int64]int64{1: 1}, ctx.Data["Counts"])
 	assert.EqualValues(t, true, ctx.Data["IsShowClosed"])
 	assert.EqualValues(t, "furthestduedate", ctx.Data["SortType"])
@@ -107,7 +107,7 @@ func TestMilestonesForSpecificRepo(t *testing.T) {
 	ctx.Req.Form.Set("state", "closed")
 	ctx.Req.Form.Set("sort", "furthestduedate")
 	Milestones(ctx)
-	assert.EqualValues(t, http.StatusOK, ctx.Resp.WrittenStatus())
+	assert.Equal(t, http.StatusOK, ctx.Resp.WrittenStatus())
 	assert.EqualValues(t, map[int64]int64{1: 1}, ctx.Data["Counts"])
 	assert.EqualValues(t, true, ctx.Data["IsShowClosed"])
 	assert.EqualValues(t, "furthestduedate", ctx.Data["SortType"])
diff --git a/routers/web/user/notification.go b/routers/web/user/notification.go
index 1c91ff6364..aaf9d435c0 100644
--- a/routers/web/user/notification.go
+++ b/routers/web/user/notification.go
@@ -4,11 +4,8 @@
 package user
 
 import (
-	goctx "context"
-	"errors"
 	"fmt"
 	"net/http"
-	"net/url"
 	"strings"
 
 	activities_model "code.gitea.io/gitea/models/activities"
@@ -35,84 +32,42 @@ const (
 	tplNotificationSubscriptions templates.TplName = "user/notification/notification_subscriptions"
 )
 
-// GetNotificationCount is the middleware that sets the notification count in the context
-func GetNotificationCount(ctx *context.Context) {
-	if strings.HasPrefix(ctx.Req.URL.Path, "/api") {
-		return
-	}
-
-	if !ctx.IsSigned {
-		return
-	}
-
-	ctx.Data["NotificationUnreadCount"] = func() int64 {
-		count, err := db.Count[activities_model.Notification](ctx, activities_model.FindNotificationOptions{
-			UserID: ctx.Doer.ID,
-			Status: []activities_model.NotificationStatus{activities_model.NotificationStatusUnread},
-		})
-		if err != nil {
-			if err != goctx.Canceled {
-				log.Error("Unable to GetNotificationCount for user:%-v: %v", ctx.Doer, err)
-			}
-			return -1
-		}
-
-		return count
-	}
-}
-
-// Notifications is the notifications page
+// Notifications is the notification list page
 func Notifications(ctx *context.Context) {
-	getNotifications(ctx)
+	prepareUserNotificationsData(ctx)
 	if ctx.Written() {
 		return
 	}
 	if ctx.FormBool("div-only") {
-		ctx.Data["SequenceNumber"] = ctx.FormString("sequence-number")
 		ctx.HTML(http.StatusOK, tplNotificationDiv)
 		return
 	}
 	ctx.HTML(http.StatusOK, tplNotification)
 }
 
-func getNotifications(ctx *context.Context) {
-	var (
-		keyword = ctx.FormTrim("q")
-		status  activities_model.NotificationStatus
-		page    = ctx.FormInt("page")
-		perPage = ctx.FormInt("perPage")
-	)
-	if page < 1 {
-		page = 1
-	}
-	if perPage < 1 {
-		perPage = 20
-	}
-
-	switch keyword {
-	case "read":
-		status = activities_model.NotificationStatusRead
-	default:
-		status = activities_model.NotificationStatusUnread
-	}
+func prepareUserNotificationsData(ctx *context.Context) {
+	pageType := ctx.FormString("type", ctx.FormString("q")) // "q" is the legacy query parameter for "page type"
+	page := max(1, ctx.FormInt("page"))
+	perPage := util.IfZero(ctx.FormInt("perPage"), 20) // this value is never used or exposed ....
+	queryStatus := util.Iif(pageType == "read", activities_model.NotificationStatusRead, activities_model.NotificationStatusUnread)
 
 	total, err := db.Count[activities_model.Notification](ctx, activities_model.FindNotificationOptions{
 		UserID: ctx.Doer.ID,
-		Status: []activities_model.NotificationStatus{status},
+		Status: []activities_model.NotificationStatus{queryStatus},
 	})
 	if err != nil {
 		ctx.ServerError("ErrGetNotificationCount", err)
 		return
 	}
 
-	// redirect to last page if request page is more than total pages
 	pager := context.NewPagination(int(total), perPage, page, 5)
 	if pager.Paginater.Current() < page {
-		ctx.Redirect(fmt.Sprintf("%s/notifications?q=%s&page=%d", setting.AppSubURL, url.QueryEscape(ctx.FormString("q")), pager.Paginater.Current()))
-		return
+		// use the last page if the requested page is more than total pages
+		page = pager.Paginater.Current()
+		pager = context.NewPagination(int(total), perPage, page, 5)
 	}
 
-	statuses := []activities_model.NotificationStatus{status, activities_model.NotificationStatusPinned}
+	statuses := []activities_model.NotificationStatus{queryStatus, activities_model.NotificationStatusPinned}
 	nls, err := db.Find[activities_model.Notification](ctx, activities_model.FindNotificationOptions{
 		ListOptions: db.ListOptions{
 			PageSize: perPage,
@@ -169,51 +124,37 @@ func getNotifications(ctx *context.Context) {
 	}
 
 	ctx.Data["Title"] = ctx.Tr("notifications")
-	ctx.Data["Keyword"] = keyword
-	ctx.Data["Status"] = status
+	ctx.Data["PageType"] = pageType
 	ctx.Data["Notifications"] = notifications
-
+	ctx.Data["Link"] = setting.AppSubURL + "/notifications"
+	ctx.Data["SequenceNumber"] = ctx.FormString("sequence-number")
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
 }
 
 // NotificationStatusPost is a route for changing the status of a notification
 func NotificationStatusPost(ctx *context.Context) {
-	var (
-		notificationID = ctx.FormInt64("notification_id")
-		statusStr      = ctx.FormString("status")
-		status         activities_model.NotificationStatus
-	)
-
-	switch statusStr {
-	case "read":
-		status = activities_model.NotificationStatusRead
-	case "unread":
-		status = activities_model.NotificationStatusUnread
-	case "pinned":
-		status = activities_model.NotificationStatusPinned
+	notificationID := ctx.FormInt64("notification_id")
+	var newStatus activities_model.NotificationStatus
+	switch ctx.FormString("notification_action") {
+	case "mark_as_read":
+		newStatus = activities_model.NotificationStatusRead
+	case "mark_as_unread":
+		newStatus = activities_model.NotificationStatusUnread
+	case "pin":
+		newStatus = activities_model.NotificationStatusPinned
 	default:
-		ctx.ServerError("InvalidNotificationStatus", errors.New("Invalid notification status"))
-		return
+		return // ignore user's invalid input
 	}
-
-	if _, err := activities_model.SetNotificationStatus(ctx, notificationID, ctx.Doer, status); err != nil {
+	if _, err := activities_model.SetNotificationStatus(ctx, notificationID, ctx.Doer, newStatus); err != nil {
 		ctx.ServerError("SetNotificationStatus", err)
 		return
 	}
 
-	if !ctx.FormBool("noredirect") {
-		url := fmt.Sprintf("%s/notifications?page=%s", setting.AppSubURL, url.QueryEscape(ctx.FormString("page")))
-		ctx.Redirect(url, http.StatusSeeOther)
-	}
-
-	getNotifications(ctx)
+	prepareUserNotificationsData(ctx)
 	if ctx.Written() {
 		return
 	}
-	ctx.Data["Link"] = setting.AppSubURL + "/notifications"
-	ctx.Data["SequenceNumber"] = ctx.Req.PostFormValue("sequence-number")
-
 	ctx.HTML(http.StatusOK, tplNotificationDiv)
 }
 
@@ -230,10 +171,7 @@ func NotificationPurgePost(ctx *context.Context) {
 
 // NotificationSubscriptions returns the list of subscribed issues
 func NotificationSubscriptions(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page < 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	sortType := ctx.FormString("sort")
 	ctx.Data["SortType"] = sortType
@@ -314,16 +252,8 @@ func NotificationSubscriptions(ctx *context.Context) {
 	ctx.Data["CommitLastStatus"] = lastStatus
 	ctx.Data["CommitStatuses"] = commitStatuses
 	ctx.Data["Issues"] = issues
-
 	ctx.Data["IssueRefEndNames"], ctx.Data["IssueRefURLs"] = issue_service.GetRefEndNamesAndURLs(issues, "")
 
-	commitStatus, err := pull_service.GetIssuesLastCommitStatus(ctx, issues)
-	if err != nil {
-		ctx.ServerError("GetIssuesLastCommitStatus", err)
-		return
-	}
-	ctx.Data["CommitStatus"] = commitStatus
-
 	approvalCounts, err := issues.GetApprovalCounts(ctx)
 	if err != nil {
 		ctx.ServerError("ApprovalCounts", err)
@@ -335,9 +265,10 @@ func NotificationSubscriptions(ctx *context.Context) {
 			return 0
 		}
 		reviewTyp := issues_model.ReviewTypeApprove
-		if typ == "reject" {
+		switch typ {
+		case "reject":
 			reviewTyp = issues_model.ReviewTypeReject
-		} else if typ == "waiting" {
+		case "waiting":
 			reviewTyp = issues_model.ReviewTypeRequest
 		}
 		for _, count := range counts {
@@ -365,10 +296,7 @@ func NotificationSubscriptions(ctx *context.Context) {
 
 // NotificationWatching returns the list of watching repos
 func NotificationWatching(ctx *context.Context) {
-	page := ctx.FormInt("page")
-	if page < 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 
 	keyword := ctx.FormTrim("q")
 	ctx.Data["Keyword"] = keyword
@@ -416,7 +344,7 @@ func NotificationWatching(ctx *context.Context) {
 	private := ctx.FormOptionalBool("private")
 	ctx.Data["IsPrivate"] = private
 
-	repos, count, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	repos, count, err := repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			PageSize: setting.UI.User.RepoPagingNum,
 			Page:     page,
diff --git a/routers/web/user/package.go b/routers/web/user/package.go
index c01bc96e2b..d130d1dca1 100644
--- a/routers/web/user/package.go
+++ b/routers/web/user/package.go
@@ -4,6 +4,8 @@
 package user
 
 import (
+	gocontext "context"
+	"errors"
 	"net/http"
 	"net/url"
 
@@ -20,6 +22,7 @@ import (
 	"code.gitea.io/gitea/modules/optional"
 	alpine_module "code.gitea.io/gitea/modules/packages/alpine"
 	arch_module "code.gitea.io/gitea/modules/packages/arch"
+	container_module "code.gitea.io/gitea/modules/packages/container"
 	debian_module "code.gitea.io/gitea/modules/packages/debian"
 	rpm_module "code.gitea.io/gitea/modules/packages/rpm"
 	"code.gitea.io/gitea/modules/setting"
@@ -31,6 +34,7 @@ import (
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/services/forms"
 	packages_service "code.gitea.io/gitea/services/packages"
+	container_service "code.gitea.io/gitea/services/packages/container"
 )
 
 const (
@@ -42,11 +46,11 @@ const (
 
 // ListPackages displays a list of all packages of the context user
 func ListPackages(ctx *context.Context) {
-	shared_user.PrepareContextForProfileBigAvatar(ctx)
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
 	}
+	page := max(ctx.FormInt("page"), 1)
 	query := ctx.FormTrim("q")
 	packageType := ctx.FormTrim("type")
 
@@ -94,8 +98,6 @@ func ListPackages(ctx *context.Context) {
 		return
 	}
 
-	shared_user.RenderUserHeader(ctx)
-
 	ctx.Data["Title"] = ctx.Tr("packages.title")
 	ctx.Data["IsPackagesPage"] = true
 	ctx.Data["Query"] = query
@@ -106,9 +108,8 @@ func ListPackages(ctx *context.Context) {
 	ctx.Data["Total"] = total
 	ctx.Data["RepositoryAccessMap"] = repositoryAccessMap
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -126,11 +127,9 @@ func ListPackages(ctx *context.Context) {
 			ctx.Data["IsOrganizationOwner"] = false
 		}
 	}
-
 	pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
-
 	ctx.HTML(http.StatusOK, tplPackagesList)
 }
 
@@ -164,16 +163,36 @@ func RedirectToLastVersion(ctx *context.Context) {
 		ctx.ServerError("GetPackageDescriptor", err)
 		return
 	}
-
 	ctx.Redirect(pd.VersionWebLink())
 }
 
+func viewPackageContainerImage(ctx gocontext.Context, pd *packages_model.PackageDescriptor, digest string) (*container_module.Metadata, error) {
+	manifestBlob, err := container_model.GetContainerBlob(ctx, &container_model.BlobSearchOptions{
+		OwnerID: pd.Owner.ID,
+		Image:   pd.Package.LowerName,
+		Digest:  digest,
+	})
+	if err != nil {
+		return nil, err
+	}
+	manifestReader, err := packages_service.OpenBlobStream(manifestBlob.Blob)
+	if err != nil {
+		return nil, err
+	}
+	defer manifestReader.Close()
+	_, _, metadata, err := container_service.ParseManifestMetadata(ctx, manifestReader, pd.Owner.ID, pd.Package.LowerName)
+	return metadata, err
+}
+
 // ViewPackageVersion displays a single package version
 func ViewPackageVersion(ctx *context.Context) {
-	pd := ctx.Package.Descriptor
-
-	shared_user.RenderUserHeader(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 
+	versionSub := ctx.PathParam("version_sub")
+	pd := ctx.Package.Descriptor
 	ctx.Data["Title"] = pd.Package.Name
 	ctx.Data["IsPackagesPage"] = true
 	ctx.Data["PackageDescriptor"] = pd
@@ -261,21 +280,30 @@ func ViewPackageVersion(ctx *context.Context) {
 
 		ctx.Data["Groups"] = util.Sorted(groups.Values())
 		ctx.Data["Architectures"] = util.Sorted(architectures.Values())
-	}
-
-	var (
-		total int64
-		pvs   []*packages_model.PackageVersion
-	)
-	switch pd.Package.Type {
 	case packages_model.TypeContainer:
-		pvs, total, err = container_model.SearchImageTags(ctx, &container_model.ImageTagsSearchOptions{
+		imageMetadata := pd.Metadata
+		if versionSub != "" {
+			imageMetadata, err = viewPackageContainerImage(ctx, pd, versionSub)
+			if errors.Is(err, util.ErrNotExist) {
+				ctx.NotFound(nil)
+				return
+			} else if err != nil {
+				ctx.ServerError("viewPackageContainerImage", err)
+				return
+			}
+		}
+		ctx.Data["ContainerImageMetadata"] = imageMetadata
+	}
+	var pvs []*packages_model.PackageVersion
+	var pvsTotal int64
+	if pd.Package.Type == packages_model.TypeContainer {
+		pvs, pvsTotal, err = container_model.SearchImageTags(ctx, &container_model.ImageTagsSearchOptions{
 			Paginator: db.NewAbsoluteListOptions(0, 5),
 			PackageID: pd.Package.ID,
 			IsTagged:  true,
 		})
-	default:
-		pvs, total, err = packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
+	} else {
+		pvs, pvsTotal, err = packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
 			Paginator:  db.NewAbsoluteListOptions(0, 5),
 			PackageID:  pd.Package.ID,
 			IsInternal: optional.Some(false),
@@ -285,9 +313,8 @@ func ViewPackageVersion(ctx *context.Context) {
 		ctx.ServerError("", err)
 		return
 	}
-
 	ctx.Data["LatestVersions"] = pvs
-	ctx.Data["TotalVersionCount"] = total
+	ctx.Data["TotalVersionCount"] = pvsTotal
 
 	ctx.Data["CanWritePackages"] = ctx.Package.AccessMode >= perm.AccessModeWrite || ctx.IsUserSiteAdmin()
 
@@ -301,19 +328,16 @@ func ViewPackageVersion(ctx *context.Context) {
 		hasRepositoryAccess = permission.HasAnyUnitAccess()
 	}
 	ctx.Data["HasRepositoryAccess"] = hasRepositoryAccess
-
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	ctx.HTML(http.StatusOK, tplPackagesView)
 }
 
 // ListPackageVersions lists all versions of a package
 func ListPackageVersions(ctx *context.Context) {
-	shared_user.PrepareContextForProfileBigAvatar(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
+
 	p, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.Type(ctx.PathParam("type")), ctx.PathParam("name"))
 	if err != nil {
 		if err == packages_model.ErrPackageNotExist {
@@ -324,10 +348,7 @@ func ListPackageVersions(ctx *context.Context) {
 		return
 	}
 
-	page := ctx.FormInt("page")
-	if page <= 1 {
-		page = 1
-	}
+	page := max(ctx.FormInt("page"), 1)
 	pagination := &db.ListOptions{
 		PageSize: setting.UI.PackagesPagingNum,
 		Page:     page,
@@ -336,8 +357,6 @@ func ListPackageVersions(ctx *context.Context) {
 	query := ctx.FormTrim("q")
 	sort := ctx.FormTrim("sort")
 
-	shared_user.RenderUserHeader(ctx)
-
 	ctx.Data["Title"] = ctx.Tr("packages.title")
 	ctx.Data["IsPackagesPage"] = true
 	ctx.Data["PackageDescriptor"] = &packages_model.PackageDescriptor{
@@ -393,12 +412,6 @@ func ListPackageVersions(ctx *context.Context) {
 
 	ctx.Data["Total"] = total
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
@@ -410,25 +423,22 @@ func ListPackageVersions(ctx *context.Context) {
 func PackageSettings(ctx *context.Context) {
 	pd := ctx.Package.Descriptor
 
-	shared_user.RenderUserHeader(ctx)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 
 	ctx.Data["Title"] = pd.Package.Name
 	ctx.Data["IsPackagesPage"] = true
 	ctx.Data["PackageDescriptor"] = pd
 
-	repos, _, _ := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+	repos, _, _ := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 		Actor:   pd.Owner,
 		Private: true,
 	})
 	ctx.Data["Repos"] = repos
 	ctx.Data["CanWritePackages"] = ctx.Package.AccessMode >= perm.AccessModeWrite || ctx.IsUserSiteAdmin()
 
-	err := shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
-		return
-	}
-
 	ctx.HTML(http.StatusOK, tplPackagesSettings)
 }
 
@@ -503,9 +513,9 @@ func DownloadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	s, u, _, err := packages_service.GetPackageFileStream(ctx, pf)
+	s, u, _, err := packages_service.OpenFileForDownload(ctx, pf, ctx.Req.Method)
 	if err != nil {
-		ctx.ServerError("GetPackageFileStream", err)
+		ctx.ServerError("OpenFileForDownload", err)
 		return
 	}
 
diff --git a/routers/web/user/profile.go b/routers/web/user/profile.go
index 39f066a53c..d7052914b6 100644
--- a/routers/web/user/profile.go
+++ b/routers/web/user/profile.go
@@ -63,27 +63,22 @@ func userProfile(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.ContextUser.DisplayName()
 	ctx.Data["PageIsUserProfile"] = true
 
-	// prepare heatmap data
-	if setting.Service.EnableUserHeatmap {
-		data, err := activities_model.GetUserHeatmapDataByUser(ctx, ctx.ContextUser, ctx.Doer)
-		if err != nil {
-			ctx.ServerError("GetUserHeatmapDataByUser", err)
-			return
-		}
-		ctx.Data["HeatmapData"] = data
-		ctx.Data["HeatmapTotalContributions"] = activities_model.GetTotalContributionsInHeatmap(data)
-	}
-
 	profileDbRepo, profileReadmeBlob := shared_user.FindOwnerProfileReadme(ctx, ctx.Doer)
 
-	showPrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == ctx.ContextUser.ID)
-	prepareUserProfileTabData(ctx, showPrivate, profileDbRepo, profileReadmeBlob)
-	// call PrepareContextForProfileBigAvatar later to avoid re-querying the NumFollowers & NumFollowing
-	shared_user.PrepareContextForProfileBigAvatar(ctx)
+	prepareUserProfileTabData(ctx, profileDbRepo, profileReadmeBlob)
+
+	// prepare the user nav header data after "prepareUserProfileTabData" to avoid re-querying the NumFollowers & NumFollowing
+	// because ctx.Data["NumFollowers"] and "NumFollowing" logic duplicates in both of them
+	// and the "profile readme" related logic also duplicates in both of FindOwnerProfileReadme and RenderUserOrgHeader
+	// TODO: it is a bad design and should be refactored later,
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	ctx.HTML(http.StatusOK, tplProfile)
 }
 
-func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDbRepo *repo_model.Repository, profileReadme *git.Blob) {
+func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.Repository, profileReadme *git.Blob) {
 	// if there is a profile readme, default to "overview" page, otherwise, default to "repositories" page
 	// if there is not a profile readme, the overview tab should be treated as the repositories tab
 	tab := ctx.FormString("tab")
@@ -166,8 +161,20 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		ctx.Data["Cards"] = following
 		total = int(numFollowing)
 	case "activity":
+		// prepare heatmap data
+		if setting.Service.EnableUserHeatmap {
+			data, err := activities_model.GetUserHeatmapDataByUser(ctx, ctx.ContextUser, ctx.Doer)
+			if err != nil {
+				ctx.ServerError("GetUserHeatmapDataByUser", err)
+				return
+			}
+			ctx.Data["HeatmapData"] = data
+			ctx.Data["HeatmapTotalContributions"] = activities_model.GetTotalContributionsInHeatmap(data)
+		}
+
 		date := ctx.FormString("date")
 		pagingNum = setting.UI.FeedPagingNum
+		showPrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == ctx.ContextUser.ID)
 		items, count, err := feed_service.GetFeeds(ctx, activities_model.GetFeedsOptions{
 			RequestedUser:   ctx.ContextUser,
 			Actor:           ctx.Doer,
@@ -190,7 +197,8 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		total = int(count)
 	case "stars":
 		ctx.Data["PageIsProfileStarList"] = true
-		repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+		ctx.Data["ShowRepoOwnerOnList"] = true
+		repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: pagingNum,
 				Page:     page,
@@ -217,7 +225,7 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 
 		total = int(count)
 	case "watching":
-		repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+		repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: pagingNum,
 				Page:     page,
@@ -258,8 +266,8 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		}
 	case "organizations":
 		orgs, count, err := db.FindAndCount[organization.Organization](ctx, organization.FindOrgOptions{
-			UserID:         ctx.ContextUser.ID,
-			IncludePrivate: showPrivate,
+			UserID:            ctx.ContextUser.ID,
+			IncludeVisibility: organization.DoerViewOtherVisibility(ctx.Doer, ctx.ContextUser),
 			ListOptions: db.ListOptions{
 				Page:     page,
 				PageSize: pagingNum,
@@ -272,7 +280,7 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		ctx.Data["Cards"] = orgs
 		total = int(count)
 	default: // default to "repositories"
-		repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+		repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: pagingNum,
 				Page:     page,
@@ -302,9 +310,8 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 	ctx.Data["Repos"] = repos
 	ctx.Data["Total"] = total
 
-	err = shared_user.LoadHeaderCount(ctx)
-	if err != nil {
-		ctx.ServerError("LoadHeaderCount", err)
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
 		return
 	}
 
@@ -328,9 +335,11 @@ func ActionUserFollow(ctx *context.Context) {
 		ctx.HTTPError(http.StatusBadRequest, fmt.Sprintf("Action %q failed", ctx.FormString("action")))
 		return
 	}
-
+	if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+		ctx.ServerError("RenderUserOrgHeader", err)
+		return
+	}
 	if ctx.ContextUser.IsIndividual() {
-		shared_user.PrepareContextForProfileBigAvatar(ctx)
 		ctx.HTML(http.StatusOK, tplProfileBigAvatar)
 		return
 	} else if ctx.ContextUser.IsOrganization() {
diff --git a/routers/web/user/search.go b/routers/web/user/search.go
index be5eee90a9..9acb9694d7 100644
--- a/routers/web/user/search.go
+++ b/routers/web/user/search.go
@@ -16,7 +16,7 @@ import (
 
 // SearchCandidates searches candidate users for dropdown list
 func SearchCandidates(ctx *context.Context) {
-	users, _, err := user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
+	users, _, err := user_model.SearchUsers(ctx, user_model.SearchUserOptions{
 		Actor:       ctx.Doer,
 		Keyword:     ctx.FormTrim("q"),
 		Type:        user_model.UserTypeIndividual,
diff --git a/routers/web/user/setting/account.go b/routers/web/user/setting/account.go
index 94577832a9..6b17da50e5 100644
--- a/routers/web/user/setting/account.go
+++ b/routers/web/user/setting/account.go
@@ -6,7 +6,6 @@ package setting
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 	"time"
 
@@ -36,15 +35,14 @@ const (
 
 // Account renders change user's password, user's email and user suicide page
 func Account(ctx *context.Context) {
-	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials, setting.UserFeatureDeletion) && !setting.Service.EnableNotifyMail {
-		ctx.NotFound(fmt.Errorf("account setting are not allowed to be changed"))
+	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials, setting.UserFeatureDeletion) {
+		ctx.NotFound(errors.New("account setting are not allowed to be changed"))
 		return
 	}
 
 	ctx.Data["Title"] = ctx.Tr("settings.account")
 	ctx.Data["PageIsSettingsAccount"] = true
 	ctx.Data["Email"] = ctx.Doer.Email
-	ctx.Data["EnableNotifyMail"] = setting.Service.EnableNotifyMail
 
 	loadAccountData(ctx)
 
@@ -54,7 +52,7 @@ func Account(ctx *context.Context) {
 // AccountPost response for change user's password
 func AccountPost(ctx *context.Context) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials) {
-		ctx.NotFound(fmt.Errorf("password setting is not allowed to be changed"))
+		ctx.NotFound(errors.New("password setting is not allowed to be changed"))
 		return
 	}
 
@@ -62,7 +60,6 @@ func AccountPost(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")
 	ctx.Data["PageIsSettingsAccount"] = true
 	ctx.Data["Email"] = ctx.Doer.Email
-	ctx.Data["EnableNotifyMail"] = setting.Service.EnableNotifyMail
 
 	if ctx.HasError() {
 		loadAccountData(ctx)
@@ -105,7 +102,7 @@ func AccountPost(ctx *context.Context) {
 // EmailPost response for change user's email
 func EmailPost(ctx *context.Context) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials) {
-		ctx.NotFound(fmt.Errorf("emails are not allowed to be changed"))
+		ctx.NotFound(errors.New("emails are not allowed to be changed"))
 		return
 	}
 
@@ -113,7 +110,6 @@ func EmailPost(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")
 	ctx.Data["PageIsSettingsAccount"] = true
 	ctx.Data["Email"] = ctx.Doer.Email
-	ctx.Data["EnableNotifyMail"] = setting.Service.EnableNotifyMail
 
 	// Make email address primary.
 	if ctx.FormString("_method") == "PRIMARY" {
@@ -173,30 +169,6 @@ func EmailPost(ctx *context.Context) {
 		ctx.Redirect(setting.AppSubURL + "/user/settings/account")
 		return
 	}
-	// Set Email Notification Preference
-	if ctx.FormString("_method") == "NOTIFICATION" {
-		preference := ctx.FormString("preference")
-		if !(preference == user_model.EmailNotificationsEnabled ||
-			preference == user_model.EmailNotificationsOnMention ||
-			preference == user_model.EmailNotificationsDisabled ||
-			preference == user_model.EmailNotificationsAndYourOwn) {
-			log.Error("Email notifications preference change returned unrecognized option %s: %s", preference, ctx.Doer.Name)
-			ctx.ServerError("SetEmailPreference", errors.New("option unrecognized"))
-			return
-		}
-		opts := &user.UpdateOptions{
-			EmailNotificationsPreference: optional.Some(preference),
-		}
-		if err := user.UpdateUser(ctx, ctx.Doer, opts); err != nil {
-			log.Error("Set Email Notifications failed: %v", err)
-			ctx.ServerError("UpdateUser", err)
-			return
-		}
-		log.Trace("Email notifications preference made %s: %s", preference, ctx.Doer.Name)
-		ctx.Flash.Success(ctx.Tr("settings.email_preference_set_success"))
-		ctx.Redirect(setting.AppSubURL + "/user/settings/account")
-		return
-	}
 
 	if ctx.HasError() {
 		loadAccountData(ctx)
@@ -239,7 +211,7 @@ func EmailPost(ctx *context.Context) {
 // DeleteEmail response for delete user's email
 func DeleteEmail(ctx *context.Context) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageCredentials) {
-		ctx.NotFound(fmt.Errorf("emails are not allowed to be changed"))
+		ctx.NotFound(errors.New("emails are not allowed to be changed"))
 		return
 	}
 	email, err := user_model.GetEmailAddressByID(ctx, ctx.Doer.ID, ctx.FormInt64("id"))
@@ -268,7 +240,6 @@ func DeleteAccount(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("settings")
 	ctx.Data["PageIsSettingsAccount"] = true
 	ctx.Data["Email"] = ctx.Doer.Email
-	ctx.Data["EnableNotifyMail"] = setting.Service.EnableNotifyMail
 
 	if _, _, err := auth.UserSignIn(ctx, ctx.Doer.Name, ctx.FormString("password")); err != nil {
 		switch {
@@ -343,7 +314,6 @@ func loadAccountData(ctx *context.Context) {
 		emails[i] = &email
 	}
 	ctx.Data["Emails"] = emails
-	ctx.Data["EmailNotificationsPreference"] = ctx.Doer.EmailNotificationsPreference
 	ctx.Data["ActivationsPending"] = pendingActivation
 	ctx.Data["CanAddEmails"] = !pendingActivation || !setting.Service.RegisterEmailConfirm
 	ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer)
diff --git a/routers/web/user/setting/account_test.go b/routers/web/user/setting/account_test.go
index 13caa33771..9b8cffc868 100644
--- a/routers/web/user/setting/account_test.go
+++ b/routers/web/user/setting/account_test.go
@@ -95,7 +95,7 @@ func TestChangePassword(t *testing.T) {
 			AccountPost(ctx)
 
 			assert.Contains(t, ctx.Flash.ErrorMsg, req.Message)
-			assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
+			assert.Equal(t, http.StatusSeeOther, ctx.Resp.WrittenStatus())
 		})
 	}
 }
diff --git a/routers/web/user/setting/applications.go b/routers/web/user/setting/applications.go
index 1f6c97a5cc..9c43ddd3ea 100644
--- a/routers/web/user/setting/applications.go
+++ b/routers/web/user/setting/applications.go
@@ -43,8 +43,9 @@ func ApplicationsPost(ctx *context.Context) {
 
 	_ = ctx.Req.ParseForm()
 	var scopeNames []string
+	const accessTokenScopePrefix = "scope-"
 	for k, v := range ctx.Req.Form {
-		if strings.HasPrefix(k, "scope-") {
+		if strings.HasPrefix(k, accessTokenScopePrefix) {
 			scopeNames = append(scopeNames, v...)
 		}
 	}
@@ -54,7 +55,7 @@ func ApplicationsPost(ctx *context.Context) {
 		ctx.ServerError("GetScope", err)
 		return
 	}
-	if scope == "" || scope == auth_model.AccessTokenScopePublicOnly {
+	if !scope.HasPermissionScope() {
 		ctx.Flash.Error(ctx.Tr("settings.at_least_one_permission"), true)
 	}
 
diff --git a/routers/web/user/setting/keys.go b/routers/web/user/setting/keys.go
index 17e32f5403..6b5a7a2e2a 100644
--- a/routers/web/user/setting/keys.go
+++ b/routers/web/user/setting/keys.go
@@ -5,7 +5,7 @@
 package setting
 
 import (
-	"fmt"
+	"errors"
 	"net/http"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
@@ -26,7 +26,7 @@ const (
 // Keys render user's SSH/GPG public keys page
 func Keys(ctx *context.Context) {
 	if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys, setting.UserFeatureManageGPGKeys) {
-		ctx.NotFound(fmt.Errorf("keys setting is not allowed to be changed"))
+		ctx.NotFound(errors.New("keys setting is not allowed to be changed"))
 		return
 	}
 
@@ -87,7 +87,7 @@ func KeysPost(ctx *context.Context) {
 		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 	case "gpg":
 		if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageGPGKeys) {
-			ctx.NotFound(fmt.Errorf("gpg keys setting is not allowed to be visited"))
+			ctx.NotFound(errors.New("gpg keys setting is not allowed to be visited"))
 			return
 		}
 
@@ -168,7 +168,7 @@ func KeysPost(ctx *context.Context) {
 		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 	case "ssh":
 		if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys) {
-			ctx.NotFound(fmt.Errorf("ssh keys setting is not allowed to be visited"))
+			ctx.NotFound(errors.New("ssh keys setting is not allowed to be visited"))
 			return
 		}
 
@@ -212,7 +212,7 @@ func KeysPost(ctx *context.Context) {
 		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 	case "verify_ssh":
 		if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys) {
-			ctx.NotFound(fmt.Errorf("ssh keys setting is not allowed to be visited"))
+			ctx.NotFound(errors.New("ssh keys setting is not allowed to be visited"))
 			return
 		}
 
@@ -249,7 +249,7 @@ func DeleteKey(ctx *context.Context) {
 	switch ctx.FormString("type") {
 	case "gpg":
 		if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageGPGKeys) {
-			ctx.NotFound(fmt.Errorf("gpg keys setting is not allowed to be visited"))
+			ctx.NotFound(errors.New("gpg keys setting is not allowed to be visited"))
 			return
 		}
 		if err := asymkey_model.DeleteGPGKey(ctx, ctx.Doer, ctx.FormInt64("id")); err != nil {
@@ -259,7 +259,7 @@ func DeleteKey(ctx *context.Context) {
 		}
 	case "ssh":
 		if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureManageSSHKeys) {
-			ctx.NotFound(fmt.Errorf("ssh keys setting is not allowed to be visited"))
+			ctx.NotFound(errors.New("ssh keys setting is not allowed to be visited"))
 			return
 		}
 
diff --git a/routers/web/user/setting/notifications.go b/routers/web/user/setting/notifications.go
new file mode 100644
index 0000000000..8ff6f1d941
--- /dev/null
+++ b/routers/web/user/setting/notifications.go
@@ -0,0 +1,89 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/models/unit"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+	"code.gitea.io/gitea/services/user"
+)
+
+const tplSettingsNotifications templates.TplName = "user/settings/notifications"
+
+// Notifications render user's notifications settings
+func Notifications(ctx *context.Context) {
+	if !setting.Service.EnableNotifyMail {
+		ctx.NotFound(nil)
+		return
+	}
+
+	ctx.Data["Title"] = ctx.Tr("notifications")
+	ctx.Data["PageIsSettingsNotifications"] = true
+	ctx.Data["EmailNotificationsPreference"] = ctx.Doer.EmailNotificationsPreference
+
+	actionsEmailPref, err := user_model.GetUserSetting(ctx, ctx.Doer.ID, user_model.SettingsKeyEmailNotificationGiteaActions, user_model.SettingEmailNotificationGiteaActionsFailureOnly)
+	if err != nil {
+		ctx.ServerError("GetUserSetting", err)
+		return
+	}
+	ctx.Data["ActionsEmailNotificationsPreference"] = actionsEmailPref
+
+	ctx.HTML(http.StatusOK, tplSettingsNotifications)
+}
+
+// NotificationsEmailPost set user's email notification preference
+func NotificationsEmailPost(ctx *context.Context) {
+	if !setting.Service.EnableNotifyMail {
+		ctx.NotFound(nil)
+		return
+	}
+
+	preference := ctx.FormString("preference")
+	if !(preference == user_model.EmailNotificationsEnabled ||
+		preference == user_model.EmailNotificationsOnMention ||
+		preference == user_model.EmailNotificationsDisabled ||
+		preference == user_model.EmailNotificationsAndYourOwn) {
+		ctx.Flash.Error(ctx.Tr("invalid_data", preference))
+		ctx.Redirect(setting.AppSubURL + "/user/settings/notifications")
+		return
+	}
+	opts := &user.UpdateOptions{
+		EmailNotificationsPreference: optional.Some(preference),
+	}
+	if err := user.UpdateUser(ctx, ctx.Doer, opts); err != nil {
+		ctx.ServerError("UpdateUser", err)
+		return
+	}
+	ctx.Flash.Success(ctx.Tr("settings.email_preference_set_success"))
+	ctx.Redirect(setting.AppSubURL + "/user/settings/notifications")
+}
+
+// NotificationsActionsEmailPost set user's email notification preference on Gitea Actions
+func NotificationsActionsEmailPost(ctx *context.Context) {
+	if !setting.Actions.Enabled || unit.TypeActions.UnitGlobalDisabled() {
+		ctx.NotFound(nil)
+		return
+	}
+
+	preference := ctx.FormString("preference")
+	if !(preference == user_model.SettingEmailNotificationGiteaActionsAll ||
+		preference == user_model.SettingEmailNotificationGiteaActionsDisabled ||
+		preference == user_model.SettingEmailNotificationGiteaActionsFailureOnly) {
+		ctx.Flash.Error(ctx.Tr("invalid_data", preference))
+		ctx.Redirect(setting.AppSubURL + "/user/settings/notifications")
+		return
+	}
+	if err := user_model.SetUserSetting(ctx, ctx.Doer.ID, user_model.SettingsKeyEmailNotificationGiteaActions, preference); err != nil {
+		ctx.ServerError("SetUserSetting", err)
+		return
+	}
+	ctx.Flash.Success(ctx.Tr("settings.email_preference_set_success"))
+	ctx.Redirect(setting.AppSubURL + "/user/settings/notifications")
+}
diff --git a/routers/web/user/setting/oauth2_common.go b/routers/web/user/setting/oauth2_common.go
index d4da468a85..f460acce10 100644
--- a/routers/web/user/setting/oauth2_common.go
+++ b/routers/web/user/setting/oauth2_common.go
@@ -28,8 +28,8 @@ func (oa *OAuth2CommonHandlers) renderEditPage(ctx *context.Context) {
 	ctx.Data["FormActionPath"] = fmt.Sprintf("%s/%d", oa.BasePathEditPrefix, app.ID)
 
 	if ctx.ContextUser != nil && ctx.ContextUser.IsOrganization() {
-		if err := shared_user.LoadHeaderCount(ctx); err != nil {
-			ctx.ServerError("LoadHeaderCount", err)
+		if _, err := shared_user.RenderUserOrgHeader(ctx); err != nil {
+			ctx.ServerError("RenderUserOrgHeader", err)
 			return
 		}
 	}
diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go
index 7577036a55..98995cd69c 100644
--- a/routers/web/user/setting/profile.go
+++ b/routers/web/user/setting/profile.go
@@ -22,6 +22,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/typesniffer"
@@ -206,8 +207,8 @@ func Organization(ctx *context.Context) {
 			PageSize: setting.UI.Admin.UserPagingNum,
 			Page:     ctx.FormInt("page"),
 		},
-		UserID:         ctx.Doer.ID,
-		IncludePrivate: ctx.IsSigned,
+		UserID:            ctx.Doer.ID,
+		IncludeVisibility: structs.VisibleTypePrivate,
 	}
 
 	if opts.Page <= 0 {
@@ -284,7 +285,7 @@ func Repos(ctx *context.Context) {
 			return
 		}
 
-		userRepos, _, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+		userRepos, _, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 			Actor:   ctxUser,
 			Private: true,
 			ListOptions: db.ListOptions{
@@ -309,7 +310,7 @@ func Repos(ctx *context.Context) {
 		ctx.Data["Dirs"] = repoNames
 		ctx.Data["ReposMap"] = repos
 	} else {
-		repos, count64, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{Actor: ctxUser, Private: true, ListOptions: opts})
+		repos, count64, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{Actor: ctxUser, Private: true, ListOptions: opts})
 		if err != nil {
 			ctx.ServerError("GetUserRepositories", err)
 			return
diff --git a/routers/web/user/setting/security/2fa.go b/routers/web/user/setting/security/2fa.go
index e5315efc74..e5e23c820c 100644
--- a/routers/web/user/setting/security/2fa.go
+++ b/routers/web/user/setting/security/2fa.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/context"
@@ -163,6 +164,7 @@ func EnrollTwoFactor(ctx *context.Context) {
 
 	ctx.Data["Title"] = ctx.Tr("settings")
 	ctx.Data["PageIsSettingsSecurity"] = true
+	ctx.Data["ShowTwoFactorRequiredMessage"] = false
 
 	t, err := auth.GetTwoFactorByUID(ctx, ctx.Doer.ID)
 	if t != nil {
@@ -194,6 +196,7 @@ func EnrollTwoFactorPost(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.TwoFactorAuthForm)
 	ctx.Data["Title"] = ctx.Tr("settings")
 	ctx.Data["PageIsSettingsSecurity"] = true
+	ctx.Data["ShowTwoFactorRequiredMessage"] = false
 
 	t, err := auth.GetTwoFactorByUID(ctx, ctx.Doer.ID)
 	if t != nil {
@@ -246,6 +249,10 @@ func EnrollTwoFactorPost(ctx *context.Context) {
 		return
 	}
 
+	newTwoFactorErr := auth.NewTwoFactor(ctx, t)
+	if newTwoFactorErr == nil {
+		_ = ctx.Session.Set(session.KeyUserHasTwoFactorAuth, true)
+	}
 	// Now we have to delete the secrets - because if we fail to insert then it's highly likely that they have already been used
 	// If we can detect the unique constraint failure below we can move this to after the NewTwoFactor
 	if err := ctx.Session.Delete("twofaSecret"); err != nil {
@@ -261,10 +268,10 @@ func EnrollTwoFactorPost(ctx *context.Context) {
 		log.Error("Unable to save changes to the session: %v", err)
 	}
 
-	if err = auth.NewTwoFactor(ctx, t); err != nil {
+	if newTwoFactorErr != nil {
 		// FIXME: We need to handle a unique constraint fail here it's entirely possible that another request has beaten us.
 		// If there is a unique constraint fail we should just tolerate the error
-		ctx.ServerError("SettingsTwoFactor: Failed to save two factor", err)
+		ctx.ServerError("SettingsTwoFactor: Failed to save two factor", newTwoFactorErr)
 		return
 	}
 
diff --git a/routers/web/user/setting/security/webauthn.go b/routers/web/user/setting/security/webauthn.go
index 63721343df..eb9f46af52 100644
--- a/routers/web/user/setting/security/webauthn.go
+++ b/routers/web/user/setting/security/webauthn.go
@@ -13,6 +13,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	wa "code.gitea.io/gitea/modules/auth/webauthn"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/context"
@@ -120,7 +121,7 @@ func WebauthnRegisterPost(ctx *context.Context) {
 		return
 	}
 	_ = ctx.Session.Delete("webauthnName")
-
+	_ = ctx.Session.Set(session.KeyUserHasTwoFactorAuth, true)
 	ctx.JSON(http.StatusCreated, cred)
 }
 
diff --git a/routers/web/web.go b/routers/web/web.go
index f4bd3ef4bc..09be0c3904 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -178,7 +178,7 @@ func verifyAuthWithOptions(options *common.VerifyOptions) func(ctx *context.Cont
 			return
 		}
 
-		if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" {
+		if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == http.MethodPost {
 			ctx.Csrf.Validate(ctx)
 			if ctx.Written() {
 				return
@@ -280,28 +280,26 @@ func Routes() *web.Router {
 		routes.Get("/api/swagger", append(mid, misc.Swagger)...) // Render V1 by default
 	}
 
-	// TODO: These really seem like things that could be folded into Contexter or as helper functions
-	mid = append(mid, user.GetNotificationCount)
-	mid = append(mid, repo.GetActiveStopwatch)
 	mid = append(mid, goGet)
+	mid = append(mid, common.PageGlobalData)
 
-	others := web.NewRouter()
-	others.Use(mid...)
-	registerRoutes(others)
-	routes.Mount("", others)
+	webRoutes := web.NewRouter()
+	webRoutes.Use(mid...)
+	webRoutes.Group("", func() { registerWebRoutes(webRoutes) }, common.BlockExpensive(), common.QoS())
+	routes.Mount("", webRoutes)
 	return routes
 }
 
 var optSignInIgnoreCsrf = verifyAuthWithOptions(&common.VerifyOptions{DisableCSRF: true})
 
-// registerRoutes register routes
-func registerRoutes(m *web.Router) {
+// registerWebRoutes register routes
+func registerWebRoutes(m *web.Router) {
 	// required to be signed in or signed out
 	reqSignIn := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: true})
 	reqSignOut := verifyAuthWithOptions(&common.VerifyOptions{SignOutRequired: true})
 	// optional sign in (if signed in, use the user as doer, if not, no doer)
-	optSignIn := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: setting.Service.RequireSignInView})
-	optExploreSignIn := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: setting.Service.RequireSignInView || setting.Service.Explore.RequireSigninView})
+	optSignIn := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: setting.Service.RequireSignInViewStrict})
+	optExploreSignIn := verifyAuthWithOptions(&common.VerifyOptions{SignInRequired: setting.Service.RequireSignInViewStrict || setting.Service.Explore.RequireSigninView})
 
 	validation.AddBindingRules()
 
@@ -597,6 +595,11 @@ func registerRoutes(m *web.Router) {
 			m.Post("/hidden_comments", user_setting.UpdateUserHiddenComments)
 			m.Post("/theme", web.Bind(forms.UpdateThemeForm{}), user_setting.UpdateUIThemePost)
 		})
+		m.Group("/notifications", func() {
+			m.Get("", user_setting.Notifications)
+			m.Post("/email", user_setting.NotificationsEmailPost)
+			m.Post("/actions", user_setting.NotificationsActionsEmailPost)
+		})
 		m.Group("/security", func() {
 			m.Get("", security.Security)
 			m.Group("/two_factor", func() {
@@ -684,7 +687,7 @@ func registerRoutes(m *web.Router) {
 			m.Get("", user_setting.BlockedUsers)
 			m.Post("", web.Bind(forms.BlockUserForm{}), user_setting.BlockedUsersPost)
 		})
-	}, reqSignIn, ctxDataSet("PageIsUserSettings", true, "EnablePackages", setting.Packages.Enabled))
+	}, reqSignIn, ctxDataSet("PageIsUserSettings", true, "EnablePackages", setting.Packages.Enabled, "EnableNotifyMail", setting.Service.EnableNotifyMail))
 
 	m.Group("/user", func() {
 		m.Get("/activate", auth.Activate)
@@ -856,13 +859,13 @@ func registerRoutes(m *web.Router) {
 	individualPermsChecker := func(ctx *context.Context) {
 		// org permissions have been checked in context.OrgAssignment(), but individual permissions haven't been checked.
 		if ctx.ContextUser.IsIndividual() {
-			switch {
-			case ctx.ContextUser.Visibility == structs.VisibleTypePrivate:
+			switch ctx.ContextUser.Visibility {
+			case structs.VisibleTypePrivate:
 				if ctx.Doer == nil || (ctx.ContextUser.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin) {
 					ctx.NotFound(nil)
 					return
 				}
-			case ctx.ContextUser.Visibility == structs.VisibleTypeLimited:
+			case structs.VisibleTypeLimited:
 				if ctx.Doer == nil {
 					ctx.NotFound(nil)
 					return
@@ -966,7 +969,8 @@ func registerRoutes(m *web.Router) {
 					addSettingsVariablesRoutes()
 				}, actions.MustEnableActions)
 
-				m.Methods("GET,POST", "/delete", org.SettingsDelete)
+				m.Post("/rename", web.Bind(forms.RenameOrgForm{}), org.SettingsRenamePost)
+				m.Post("/delete", org.SettingsDeleteOrgPost)
 
 				m.Group("/packages", func() {
 					m.Get("", org.Packages)
@@ -1014,6 +1018,7 @@ func registerRoutes(m *web.Router) {
 					m.Get("/versions", user.ListPackageVersions)
 					m.Group("/{version}", func() {
 						m.Get("", user.ViewPackageVersion)
+						m.Get("/{version_sub}", user.ViewPackageVersion)
 						m.Get("/files/{fileid}", user.DownloadPackageFile)
 						m.Group("/settings", func() {
 							m.Get("", user.PackageSettings)
@@ -1031,7 +1036,7 @@ func registerRoutes(m *web.Router) {
 				m.Get("", org.Projects)
 				m.Get("/{id}", org.ViewProject)
 			}, reqUnitAccess(unit.TypeProjects, perm.AccessModeRead, true))
-			m.Group("", func() { //nolint:dupl
+			m.Group("", func() { //nolint:dupl // duplicates lines 1421-1441
 				m.Get("/new", org.RenderNewProject)
 				m.Post("/new", web.Bind(forms.CreateProjectForm{}), org.NewProjectPost)
 				m.Group("/{id}", func() {
@@ -1080,6 +1085,8 @@ func registerRoutes(m *web.Router) {
 		m.Post("/avatar", web.Bind(forms.AvatarForm{}), repo_setting.SettingsAvatar)
 		m.Post("/avatar/delete", repo_setting.SettingsDeleteAvatar)
 
+		m.Combo("/public_access").Get(repo_setting.PublicAccess).Post(repo_setting.PublicAccessPost)
+
 		m.Group("/collaboration", func() {
 			m.Combo("").Get(repo_setting.Collaboration).Post(repo_setting.CollaborationPost)
 			m.Post("/access_mode", repo_setting.ChangeCollaborationAccessMode)
@@ -1185,6 +1192,7 @@ func registerRoutes(m *web.Router) {
 		m.Combo("/compare/*", repo.MustBeNotEmpty, repo.SetEditorconfigIfExists).
 			Get(repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.CompareDiff).
 			Post(reqSignIn, context.RepoMustNotBeArchived(), reqUnitPullsReader, repo.MustAllowPulls, web.Bind(forms.CreateIssueForm{}), repo.SetWhitespaceBehavior, repo.CompareAndPullRequestPost)
+		m.Get("/pulls/new/*", repo.PullsNewRedirect)
 	}, optSignIn, context.RepoAssignment, reqUnitCodeReader)
 	// end "/{username}/{reponame}": repo code: find, compare, list
 
@@ -1210,7 +1218,7 @@ func registerRoutes(m *web.Router) {
 		m.Get("/comments/{id}/attachments", repo.GetCommentAttachments)
 		m.Get("/labels", repo.RetrieveLabelsForList, repo.Labels)
 		m.Get("/milestones", repo.Milestones)
-		m.Get("/milestone/{id}", context.RepoRef(), repo.MilestoneIssuesAndPulls)
+		m.Get("/milestone/{id}", repo.MilestoneIssuesAndPulls)
 		m.Get("/issues/suggestions", repo.IssueSuggestions)
 	}, optSignIn, context.RepoAssignment, reqRepoIssuesOrPullsReader) // issue/pull attachments, labels, milestones
 	// end "/{username}/{reponame}": view milestone, label, issue, pull, etc
@@ -1224,9 +1232,9 @@ func registerRoutes(m *web.Router) {
 	m.Group("/{username}/{reponame}", func() { // edit issues, pulls, labels, milestones, etc
 		m.Group("/issues", func() {
 			m.Group("/new", func() {
-				m.Combo("").Get(context.RepoRef(), repo.NewIssue).
+				m.Combo("").Get(repo.NewIssue).
 					Post(web.Bind(forms.CreateIssueForm{}), repo.NewIssuePost)
-				m.Get("/choose", context.RepoRef(), repo.NewIssueChooseTemplate)
+				m.Get("/choose", repo.NewIssueChooseTemplate)
 			})
 			m.Get("/search", repo.SearchRepoIssuesJSON)
 		}, reqUnitIssuesReader)
@@ -1250,7 +1258,8 @@ func registerRoutes(m *web.Router) {
 					m.Post("/add", web.Bind(forms.AddTimeManuallyForm{}), repo.AddTimeManually)
 					m.Post("/{timeid}/delete", repo.DeleteTime)
 					m.Group("/stopwatch", func() {
-						m.Post("/toggle", repo.IssueStopwatch)
+						m.Post("/start", repo.IssueStartStopwatch)
+						m.Post("/stop", repo.IssueStopStopwatch)
 						m.Post("/cancel", repo.CancelStopwatch)
 					})
 				})
@@ -1289,7 +1298,7 @@ func registerRoutes(m *web.Router) {
 			m.Post("/edit", web.Bind(forms.CreateLabelForm{}), repo.UpdateLabel)
 			m.Post("/delete", repo.DeleteLabel)
 			m.Post("/initialize", web.Bind(forms.InitializeLabelsForm{}), repo.InitializeLabels)
-		}, reqRepoIssuesOrPullsWriter, context.RepoRef())
+		}, reqRepoIssuesOrPullsWriter)
 
 		m.Group("/milestones", func() {
 			m.Combo("/new").Get(repo.NewMilestone).
@@ -1298,7 +1307,7 @@ func registerRoutes(m *web.Router) {
 			m.Post("/{id}/edit", web.Bind(forms.CreateMilestoneForm{}), repo.EditMilestonePost)
 			m.Post("/{id}/{action}", repo.ChangeMilestoneStatus)
 			m.Post("/delete", repo.DeleteMilestone)
-		}, reqRepoIssuesOrPullsWriter, context.RepoRef())
+		}, reqRepoIssuesOrPullsWriter)
 
 		// FIXME: many "pulls" requests are sent to "issues" endpoints incorrectly, need to move these routes to the proper place
 		m.Group("/issues", func() {
@@ -1310,26 +1319,38 @@ func registerRoutes(m *web.Router) {
 	}, reqSignIn, context.RepoAssignment, context.RepoMustNotBeArchived())
 	// end "/{username}/{reponame}": create or edit issues, pulls, labels, milestones
 
-	m.Group("/{username}/{reponame}", func() { // repo code
+	m.Group("/{username}/{reponame}", func() { // repo code (at least "code reader")
 		m.Group("", func() {
 			m.Group("", func() {
-				m.Post("/_preview/*", web.Bind(forms.EditPreviewDiffForm{}), repo.DiffPreviewPost)
-				m.Combo("/_edit/*").Get(repo.EditFile).
-					Post(web.Bind(forms.EditRepoFileForm{}), repo.EditFilePost)
-				m.Combo("/_new/*").Get(repo.NewFile).
-					Post(web.Bind(forms.EditRepoFileForm{}), repo.NewFilePost)
-				m.Combo("/_delete/*").Get(repo.DeleteFile).
-					Post(web.Bind(forms.DeleteRepoFileForm{}), repo.DeleteFilePost)
-				m.Combo("/_upload/*", repo.MustBeAbleToUpload).Get(repo.UploadFile).
-					Post(web.Bind(forms.UploadRepoFileForm{}), repo.UploadFilePost)
-				m.Combo("/_diffpatch/*").Get(repo.NewDiffPatch).
-					Post(web.Bind(forms.EditRepoFileForm{}), repo.NewDiffPatchPost)
-				m.Combo("/_cherrypick/{sha:([a-f0-9]{7,64})}/*").Get(repo.CherryPick).
-					Post(web.Bind(forms.CherryPickForm{}), repo.CherryPickPost)
-			}, context.RepoRefByType(git.RefTypeBranch), context.CanWriteToBranch(), repo.WebGitOperationCommonData)
+				// "GET" requests only need "code reader" permission, "POST" requests need "code writer" permission.
+				// Because reader can "fork and edit"
+				canWriteToBranch := context.CanWriteToBranch()
+				m.Post("/_preview/*", repo.DiffPreviewPost) // read-only, fine with "code reader"
+				m.Post("/_fork/*", repo.ForkToEditPost)     // read-only, fork to own repo, fine with "code reader"
+
+				// the path params are used in PrepareCommitFormOptions to construct the correct form action URL
+				m.Combo("/{editor_action:_edit}/*").
+					Get(repo.EditFile).
+					Post(web.Bind(forms.EditRepoFileForm{}), canWriteToBranch, repo.EditFilePost)
+				m.Combo("/{editor_action:_new}/*").
+					Get(repo.EditFile).
+					Post(web.Bind(forms.EditRepoFileForm{}), canWriteToBranch, repo.EditFilePost)
+				m.Combo("/{editor_action:_delete}/*").
+					Get(repo.DeleteFile).
+					Post(web.Bind(forms.DeleteRepoFileForm{}), canWriteToBranch, repo.DeleteFilePost)
+				m.Combo("/{editor_action:_upload}/*", repo.MustBeAbleToUpload).
+					Get(repo.UploadFile).
+					Post(web.Bind(forms.UploadRepoFileForm{}), canWriteToBranch, repo.UploadFilePost)
+				m.Combo("/{editor_action:_diffpatch}/*").
+					Get(repo.NewDiffPatch).
+					Post(web.Bind(forms.EditRepoFileForm{}), canWriteToBranch, repo.NewDiffPatchPost)
+				m.Combo("/{editor_action:_cherrypick}/{sha:([a-f0-9]{7,64})}/*").
+					Get(repo.CherryPick).
+					Post(web.Bind(forms.CherryPickForm{}), canWriteToBranch, repo.CherryPickPost)
+			}, context.RepoRefByType(git.RefTypeBranch), repo.WebGitOperationCommonData)
 			m.Group("", func() {
 				m.Post("/upload-file", repo.UploadFileToServer)
-				m.Post("/upload-remove", web.Bind(forms.RemoveUploadFileForm{}), repo.RemoveUploadFileFromServer)
+				m.Post("/upload-remove", repo.RemoveUploadFileFromServer)
 			}, repo.MustBeAbleToUpload, reqRepoCodeWriter)
 		}, repo.MustBeEditable, context.RepoMustNotBeArchived())
 
@@ -1376,7 +1397,7 @@ func registerRoutes(m *web.Router) {
 			m.Post("/delete", repo.DeleteRelease)
 			m.Post("/attachments", repo.UploadReleaseAttachment)
 			m.Post("/attachments/remove", repo.DeleteAttachment)
-		}, reqSignIn, context.RepoMustNotBeArchived(), reqRepoReleaseWriter, context.RepoRef())
+		}, reqSignIn, context.RepoMustNotBeArchived(), reqRepoReleaseWriter)
 		m.Group("/releases", func() {
 			m.Get("/edit/*", repo.EditRelease)
 			m.Post("/edit/*", web.Bind(forms.EditReleaseForm{}), repo.EditReleasePost)
@@ -1402,7 +1423,7 @@ func registerRoutes(m *web.Router) {
 	m.Group("/{username}/{reponame}/projects", func() {
 		m.Get("", repo.Projects)
 		m.Get("/{id}", repo.ViewProject)
-		m.Group("", func() { //nolint:dupl
+		m.Group("", func() { //nolint:dupl // duplicates lines 1034-1054
 			m.Get("/new", repo.RenderNewProject)
 			m.Post("/new", web.Bind(forms.CreateProjectForm{}), repo.NewProjectPost)
 			m.Group("/{id}", func() {
@@ -1444,8 +1465,10 @@ func registerRoutes(m *web.Router) {
 				m.Post("/rerun", reqRepoActionsWriter, actions.Rerun)
 				m.Get("/logs", actions.Logs)
 			})
+			m.Get("/workflow", actions.ViewWorkflowFile)
 			m.Post("/cancel", reqRepoActionsWriter, actions.Cancel)
 			m.Post("/approve", reqRepoActionsWriter, actions.Approve)
+			m.Post("/delete", reqRepoActionsWriter, actions.Delete)
 			m.Get("/artifacts/{artifact_name}", actions.ArtifactsDownloadView)
 			m.Delete("/artifacts/{artifact_name}", reqRepoActionsWriter, actions.ArtifactsDeleteView)
 			m.Post("/rerun", reqRepoActionsWriter, actions.Rerun)
@@ -1489,7 +1512,7 @@ func registerRoutes(m *web.Router) {
 			})
 			m.Group("/recent-commits", func() {
 				m.Get("", repo.RecentCommits)
-				m.Get("/data", repo.RecentCommitsData)
+				m.Get("/data", repo.CodeFrequencyData) // "recent-commits" also uses the same data as "code-frequency"
 			})
 		}, reqUnitCodeReader)
 	},
@@ -1504,20 +1527,20 @@ func registerRoutes(m *web.Router) {
 			m.Get("", repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewIssue)
 			m.Get(".diff", repo.DownloadPullDiff)
 			m.Get(".patch", repo.DownloadPullPatch)
+			m.Get("/merge_box", repo.ViewPullMergeBox)
 			m.Group("/commits", func() {
-				m.Get("", context.RepoRef(), repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewPullCommits)
-				m.Get("/list", context.RepoRef(), repo.GetPullCommits)
-				m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForSingleCommit)
+				m.Get("", repo.SetWhitespaceBehavior, repo.GetPullDiffStats, repo.ViewPullCommits)
+				m.Get("/list", repo.GetPullCommits)
+				m.Get("/{sha:[a-f0-9]{7,64}}", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForSingleCommit)
 			})
 			m.Post("/merge", context.RepoMustNotBeArchived(), web.Bind(forms.MergePullRequestForm{}), repo.MergePullRequest)
 			m.Post("/cancel_auto_merge", context.RepoMustNotBeArchived(), repo.CancelAutoMergePullRequest)
 			m.Post("/update", repo.UpdatePullRequest)
 			m.Post("/set_allow_maintainer_edit", web.Bind(forms.UpdateAllowEditsForm{}), repo.SetAllowEdits)
-			m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest)
+			m.Post("/cleanup", context.RepoMustNotBeArchived(), repo.CleanUpPullRequest)
 			m.Group("/files", func() {
-				m.Get("", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForAllCommitsOfPr)
-				m.Get("/{sha:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesStartingFromCommit)
-				m.Get("/{shaFrom:[a-f0-9]{7,40}}..{shaTo:[a-f0-9]{7,40}}", context.RepoRef(), repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForRange)
+				m.Get("", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForAllCommitsOfPr)
+				m.Get("/{shaFrom:[a-f0-9]{7,64}}..{shaTo:[a-f0-9]{7,64}}", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.SetShowOutdatedComments, repo.ViewPullFilesForRange)
 				m.Group("/reviews", func() {
 					m.Get("/new_comment", repo.RenderNewCodeCommentForm)
 					m.Post("/comments", web.Bind(forms.CodeCommentForm{}), repo.SetShowOutdatedComments, repo.CreateCodeComment)
@@ -1604,7 +1627,7 @@ func registerRoutes(m *web.Router) {
 		m.Get("/tree/*", repo.RedirectRepoTreeToSrc)    // redirect "/owner/repo/tree/*" requests to "/owner/repo/src/*"
 		m.Get("/blob/*", repo.RedirectRepoBlobToCommit) // redirect "/owner/repo/blob/*" requests to "/owner/repo/src/commit/*"
 
-		m.Get("/forks", context.RepoRef(), repo.Forks)
+		m.Get("/forks", repo.Forks)
 		m.Get("/commit/{sha:([a-f0-9]{7,64})}.{ext:patch|diff}", repo.MustBeNotEmpty, repo.RawDiff)
 		m.Post("/lastcommit/*", context.RepoRefByType(git.RefTypeCommit), repo.LastCommit)
 	}, optSignIn, context.RepoAssignment, reqUnitCodeReader)
@@ -1640,7 +1663,9 @@ func registerRoutes(m *web.Router) {
 		m.Group("/devtest", func() {
 			m.Any("", devtest.List)
 			m.Any("/fetch-action-test", devtest.FetchActionTest)
-			m.Any("/{sub}", devtest.Tmpl)
+			m.Any("/mail-preview", devtest.MailPreview)
+			m.Any("/mail-preview/*", devtest.MailPreviewRender)
+			m.Any("/{sub}", devtest.TmplCommon)
 			m.Get("/repo-action-view/{run}/{job}", devtest.MockActionsView)
 			m.Post("/actions-mock/runs/{run}/jobs/{job}", web.Bind(actions.ViewRequest{}), devtest.MockActionsRunsJobs)
 		})
diff --git a/routers/web/webfinger.go b/routers/web/webfinger.go
index afcfdc8252..a4c9bf902b 100644
--- a/routers/web/webfinger.go
+++ b/routers/web/webfinger.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 
 	user_model "code.gitea.io/gitea/models/user"
@@ -85,10 +86,10 @@ func WebfingerQuery(ctx *context.Context) {
 
 	aliases := []string{
 		u.HTMLURL(),
-		appURL.String() + "api/v1/activitypub/user-id/" + fmt.Sprint(u.ID),
+		appURL.String() + "api/v1/activitypub/user-id/" + strconv.FormatInt(u.ID, 10),
 	}
 	if !u.KeepEmailPrivate {
-		aliases = append(aliases, fmt.Sprintf("mailto:%s", u.Email))
+		aliases = append(aliases, "mailto:"+u.Email)
 	}
 
 	links := []*webfingerLink{
@@ -104,7 +105,7 @@ func WebfingerQuery(ctx *context.Context) {
 		{
 			Rel:  "self",
 			Type: "application/activity+json",
-			Href: appURL.String() + "api/v1/activitypub/user-id/" + fmt.Sprint(u.ID),
+			Href: appURL.String() + "api/v1/activitypub/user-id/" + strconv.FormatInt(u.ID, 10),
 		},
 		{
 			Rel:  "http://openid.net/specs/connect/1.0/issuer",
diff --git a/services/actions/auth.go b/services/actions/auth.go
index 1ef21f6e0e..12a8fba53f 100644
--- a/services/actions/auth.go
+++ b/services/actions/auth.go
@@ -4,6 +4,7 @@
 package actions
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"strings"
@@ -80,7 +81,7 @@ func ParseAuthorizationToken(req *http.Request) (int64, error) {
 	parts := strings.SplitN(h, " ", 2)
 	if len(parts) != 2 {
 		log.Error("split token failed: %s", h)
-		return 0, fmt.Errorf("split token failed")
+		return 0, errors.New("split token failed")
 	}
 
 	return TokenToTaskID(parts[1])
@@ -100,7 +101,7 @@ func TokenToTaskID(token string) (int64, error) {
 
 	c, ok := parsedToken.Claims.(*actionsClaims)
 	if !parsedToken.Valid || !ok {
-		return 0, fmt.Errorf("invalid token claim")
+		return 0, errors.New("invalid token claim")
 	}
 
 	return c.TaskID, nil
diff --git a/services/actions/auth_test.go b/services/actions/auth_test.go
index 85e7409105..38d0ba7f82 100644
--- a/services/actions/auth_test.go
+++ b/services/actions/auth_test.go
@@ -18,7 +18,7 @@ func TestCreateAuthorizationToken(t *testing.T) {
 	var taskID int64 = 23
 	token, err := CreateAuthorizationToken(taskID, 1, 2)
 	assert.NoError(t, err)
-	assert.NotEqual(t, "", token)
+	assert.NotEmpty(t, token)
 	claims := jwt.MapClaims{}
 	_, err = jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (any, error) {
 		return setting.GetGeneralTokenSigningSecret(), nil
@@ -44,7 +44,7 @@ func TestParseAuthorizationToken(t *testing.T) {
 	var taskID int64 = 23
 	token, err := CreateAuthorizationToken(taskID, 1, 2)
 	assert.NoError(t, err)
-	assert.NotEqual(t, "", token)
+	assert.NotEmpty(t, token)
 	headers := http.Header{}
 	headers.Set("Authorization", "Bearer "+token)
 	rTaskID, err := ParseAuthorizationToken(&http.Request{
diff --git a/services/actions/cleanup.go b/services/actions/cleanup.go
index 23d6e3a49d..d0cc63e538 100644
--- a/services/actions/cleanup.go
+++ b/services/actions/cleanup.go
@@ -5,12 +5,14 @@ package actions
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
 	actions_model "code.gitea.io/gitea/models/actions"
 	"code.gitea.io/gitea/models/db"
 	actions_module "code.gitea.io/gitea/modules/actions"
+	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
@@ -27,7 +29,7 @@ func Cleanup(ctx context.Context) error {
 	}
 
 	// clean up old logs
-	if err := CleanupLogs(ctx); err != nil {
+	if err := CleanupExpiredLogs(ctx); err != nil {
 		return fmt.Errorf("cleanup logs: %w", err)
 	}
 
@@ -98,8 +100,15 @@ func cleanNeedDeleteArtifacts(taskCtx context.Context) error {
 
 const deleteLogBatchSize = 100
 
-// CleanupLogs removes logs which are older than the configured retention time
-func CleanupLogs(ctx context.Context) error {
+func removeTaskLog(ctx context.Context, task *actions_model.ActionTask) {
+	if err := actions_module.RemoveLogs(ctx, task.LogInStorage, task.LogFilename); err != nil {
+		log.Error("Failed to remove log %s (in storage %v) of task %v: %v", task.LogFilename, task.LogInStorage, task.ID, err)
+		// do not return error here, go on
+	}
+}
+
+// CleanupExpiredLogs removes logs which are older than the configured retention time
+func CleanupExpiredLogs(ctx context.Context) error {
 	olderThan := timeutil.TimeStampNow().AddDuration(-time.Duration(setting.Actions.LogRetentionDays) * 24 * time.Hour)
 
 	count := 0
@@ -109,10 +118,7 @@ func CleanupLogs(ctx context.Context) error {
 			return fmt.Errorf("find old tasks: %w", err)
 		}
 		for _, task := range tasks {
-			if err := actions_module.RemoveLogs(ctx, task.LogInStorage, task.LogFilename); err != nil {
-				log.Error("Failed to remove log %s (in storage %v) of task %v: %v", task.LogFilename, task.LogInStorage, task.ID, err)
-				// do not return error here, go on
-			}
+			removeTaskLog(ctx, task)
 			task.LogIndexes = nil // clear log indexes since it's a heavy field
 			task.LogExpired = true
 			if err := actions_model.UpdateTask(ctx, task, "log_indexes", "log_expired"); err != nil {
@@ -148,3 +154,107 @@ func CleanupEphemeralRunners(ctx context.Context) error {
 	log.Info("Removed %d runners", affected)
 	return nil
 }
+
+// CleanupEphemeralRunnersByPickedTaskOfRepo removes all ephemeral runners that have active/finished tasks on the given repository
+func CleanupEphemeralRunnersByPickedTaskOfRepo(ctx context.Context, repoID int64) error {
+	subQuery := builder.Select("`action_runner`.id").
+		From(builder.Select("*").From("`action_runner`"), "`action_runner`"). // mysql needs this redundant subquery
+		Join("INNER", "`action_task`", "`action_task`.`runner_id` = `action_runner`.`id`").
+		Where(builder.And(builder.Eq{"`action_runner`.`ephemeral`": true}, builder.Eq{"`action_task`.`repo_id`": repoID}))
+	b := builder.Delete(builder.In("id", subQuery)).From("`action_runner`")
+	res, err := db.GetEngine(ctx).Exec(b)
+	if err != nil {
+		return fmt.Errorf("find runners: %w", err)
+	}
+	affected, _ := res.RowsAffected()
+	log.Info("Removed %d runners", affected)
+	return nil
+}
+
+// DeleteRun deletes workflow run, including all logs and artifacts.
+func DeleteRun(ctx context.Context, run *actions_model.ActionRun) error {
+	if !run.Status.IsDone() {
+		return errors.New("run is not done")
+	}
+
+	repoID := run.RepoID
+
+	jobs, err := actions_model.GetRunJobsByRunID(ctx, run.ID)
+	if err != nil {
+		return err
+	}
+	jobIDs := container.FilterSlice(jobs, func(j *actions_model.ActionRunJob) (int64, bool) {
+		return j.ID, true
+	})
+	tasks := make(actions_model.TaskList, 0)
+	if len(jobIDs) > 0 {
+		if err := db.GetEngine(ctx).Where("repo_id = ?", repoID).In("job_id", jobIDs).Find(&tasks); err != nil {
+			return err
+		}
+	}
+
+	artifacts, err := db.Find[actions_model.ActionArtifact](ctx, actions_model.FindArtifactsOptions{
+		RepoID: repoID,
+		RunID:  run.ID,
+	})
+	if err != nil {
+		return err
+	}
+
+	var recordsToDelete []any
+
+	recordsToDelete = append(recordsToDelete, &actions_model.ActionRun{
+		RepoID: repoID,
+		ID:     run.ID,
+	})
+	recordsToDelete = append(recordsToDelete, &actions_model.ActionRunJob{
+		RepoID: repoID,
+		RunID:  run.ID,
+	})
+	for _, tas := range tasks {
+		recordsToDelete = append(recordsToDelete, &actions_model.ActionTask{
+			RepoID: repoID,
+			ID:     tas.ID,
+		})
+		recordsToDelete = append(recordsToDelete, &actions_model.ActionTaskStep{
+			RepoID: repoID,
+			TaskID: tas.ID,
+		})
+		recordsToDelete = append(recordsToDelete, &actions_model.ActionTaskOutput{
+			TaskID: tas.ID,
+		})
+	}
+	recordsToDelete = append(recordsToDelete, &actions_model.ActionArtifact{
+		RepoID: repoID,
+		RunID:  run.ID,
+	})
+
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		// TODO: Deleting task records could break current ephemeral runner implementation. This is a temporary workaround suggested by ChristopherHX.
+		// Since you delete potentially the only task an ephemeral act_runner has ever run, please delete the affected runners first.
+		// one of
+		//    call cleanup ephemeral runners first
+		//    delete affected ephemeral act_runners
+		//    I would make ephemeral runners fully delete directly before formally finishing the task
+		//
+		// See also: https://github.com/go-gitea/gitea/pull/34337#issuecomment-2862222788
+		if err := CleanupEphemeralRunners(ctx); err != nil {
+			return err
+		}
+		return db.DeleteBeans(ctx, recordsToDelete...)
+	}); err != nil {
+		return err
+	}
+
+	// Delete files on storage
+	for _, tas := range tasks {
+		removeTaskLog(ctx, tas)
+	}
+	for _, art := range artifacts {
+		if err := storage.ActionsArtifacts.Delete(art.StoragePath); err != nil {
+			log.Error("remove artifact file %q: %v", art.StoragePath, err)
+		}
+	}
+
+	return nil
+}
diff --git a/services/actions/clear_tasks.go b/services/actions/clear_tasks.go
index 2aeb0e8c96..274c04aa57 100644
--- a/services/actions/clear_tasks.go
+++ b/services/actions/clear_tasks.go
@@ -42,6 +42,10 @@ func notifyWorkflowJobStatusUpdate(ctx context.Context, jobs []*actions_model.Ac
 			_ = job.LoadAttributes(ctx)
 			notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
 		}
+		if len(jobs) > 0 {
+			job := jobs[0]
+			notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+		}
 	}
 }
 
@@ -123,7 +127,7 @@ func CancelAbandonedJobs(ctx context.Context) error {
 		}
 		CreateCommitStatus(ctx, job)
 		if updated {
-			_ = job.LoadAttributes(ctx)
+			NotifyWorkflowRunStatusUpdateWithReload(ctx, job)
 			notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
 		}
 	}
diff --git a/services/actions/commit_status.go b/services/actions/commit_status.go
index 94ab89a3b7..ef241e5091 100644
--- a/services/actions/commit_status.go
+++ b/services/actions/commit_status.go
@@ -5,6 +5,7 @@ package actions
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"path"
 
@@ -13,9 +14,9 @@ import (
 	git_model "code.gitea.io/gitea/models/git"
 	user_model "code.gitea.io/gitea/models/user"
 	actions_module "code.gitea.io/gitea/modules/actions"
+	"code.gitea.io/gitea/modules/commitstatus"
 	git "code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
-	api "code.gitea.io/gitea/modules/structs"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	commitstatus_service "code.gitea.io/gitea/services/repository/commitstatus"
 
@@ -51,7 +52,7 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
 			return fmt.Errorf("GetPushEventPayload: %w", err)
 		}
 		if payload.HeadCommit == nil {
-			return fmt.Errorf("head commit is missing in event payload")
+			return errors.New("head commit is missing in event payload")
 		}
 		sha = payload.HeadCommit.ID
 	case // pull_request
@@ -71,9 +72,9 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
 			return fmt.Errorf("GetPullRequestEventPayload: %w", err)
 		}
 		if payload.PullRequest == nil {
-			return fmt.Errorf("pull request is missing in event payload")
+			return errors.New("pull request is missing in event payload")
 		} else if payload.PullRequest.Head == nil {
-			return fmt.Errorf("head of pull request is missing in event payload")
+			return errors.New("head of pull request is missing in event payload")
 		}
 		sha = payload.PullRequest.Head.Sha
 	case webhook_module.HookEventRelease:
@@ -91,7 +92,7 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
 	}
 	ctxname := fmt.Sprintf("%s / %s (%s)", runName, job.Name, event)
 	state := toCommitStatus(job.Status)
-	if statuses, _, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll); err == nil {
+	if statuses, err := git_model.GetLatestCommitStatus(ctx, repo.ID, sha, db.ListOptionsAll); err == nil {
 		for _, v := range statuses {
 			if v.Context == ctxname {
 				if v.State == state {
@@ -146,16 +147,18 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
 	return commitstatus_service.CreateCommitStatus(ctx, repo, creator, commitID.String(), &status)
 }
 
-func toCommitStatus(status actions_model.Status) api.CommitStatusState {
+func toCommitStatus(status actions_model.Status) commitstatus.CommitStatusState {
 	switch status {
-	case actions_model.StatusSuccess, actions_model.StatusSkipped:
-		return api.CommitStatusSuccess
+	case actions_model.StatusSuccess:
+		return commitstatus.CommitStatusSuccess
 	case actions_model.StatusFailure, actions_model.StatusCancelled:
-		return api.CommitStatusFailure
+		return commitstatus.CommitStatusFailure
 	case actions_model.StatusWaiting, actions_model.StatusBlocked, actions_model.StatusRunning:
-		return api.CommitStatusPending
+		return commitstatus.CommitStatusPending
+	case actions_model.StatusSkipped:
+		return commitstatus.CommitStatusSkipped
 	default:
-		return api.CommitStatusError
+		return commitstatus.CommitStatusError
 	}
 }
 
diff --git a/services/actions/context.go b/services/actions/context.go
index d14728fae4..b6de429ccf 100644
--- a/services/actions/context.go
+++ b/services/actions/context.go
@@ -6,6 +6,7 @@ package actions
 import (
 	"context"
 	"fmt"
+	"strconv"
 
 	actions_model "code.gitea.io/gitea/models/actions"
 	"code.gitea.io/gitea/models/db"
@@ -14,11 +15,16 @@ import (
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+
+	"github.com/nektos/act/pkg/model"
 )
 
+type GiteaContext map[string]any
+
 // GenerateGiteaContext generate the gitea context without token and gitea_runtime_token
 // job can be nil when generating a context for parsing workflow-level expressions
-func GenerateGiteaContext(run *actions_model.ActionRun, job *actions_model.ActionRunJob) map[string]any {
+func GenerateGiteaContext(run *actions_model.ActionRun, job *actions_model.ActionRunJob) GiteaContext {
 	event := map[string]any{}
 	_ = json.Unmarshal([]byte(run.EventPayload), &event)
 
@@ -41,7 +47,7 @@ func GenerateGiteaContext(run *actions_model.ActionRun, job *actions_model.Actio
 
 	refName := git.RefName(ref)
 
-	gitContext := map[string]any{
+	gitContext := GiteaContext{
 		// standard contexts, see https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
 		"action":            "",                                       // string, The name of the action currently running, or the id of a step. GitHub removes special characters, and uses the name __run when the current step runs a script without an id. If you use the same action more than once in the same job, the name will include a suffix with the sequence number with underscore before it. For example, the first script you run will have the name __run, and the second script will be named __run_2. Similarly, the second invocation of actions/checkout will be actionscheckout2.
 		"action_path":       "",                                       // string, The path where an action is located. This property is only supported in composite actions. You can use this path to access files located in the same repository as the action.
@@ -68,7 +74,7 @@ func GenerateGiteaContext(run *actions_model.ActionRun, job *actions_model.Actio
 		"repositoryUrl":     run.Repo.HTMLURL(),                       // string, The Git URL to the repository. For example, git://github.com/codertocat/hello-world.git.
 		"retention_days":    "",                                       // string, The number of days that workflow run logs and artifacts are kept.
 		"run_id":            "",                                       // string, A unique number for each workflow run within a repository. This number does not change if you re-run the workflow run.
-		"run_number":        fmt.Sprint(run.Index),                    // string, A unique number for each run of a particular workflow in a repository. This number begins at 1 for the workflow's first run, and increments with each new run. This number does not change if you re-run the workflow run.
+		"run_number":        strconv.FormatInt(run.Index, 10),         // string, A unique number for each run of a particular workflow in a repository. This number begins at 1 for the workflow's first run, and increments with each new run. This number does not change if you re-run the workflow run.
 		"run_attempt":       "",                                       // string, A unique number for each attempt of a particular workflow run in a repository. This number begins at 1 for the workflow run's first attempt, and increments with each re-run.
 		"secret_source":     "Actions",                                // string, The source of a secret used in a workflow. Possible values are None, Actions, Dependabot, or Codespaces.
 		"server_url":        setting.AppURL,                           // string, The URL of the GitHub server. For example: https://github.com.
@@ -83,8 +89,8 @@ func GenerateGiteaContext(run *actions_model.ActionRun, job *actions_model.Actio
 
 	if job != nil {
 		gitContext["job"] = job.JobID
-		gitContext["run_id"] = fmt.Sprint(job.RunID)
-		gitContext["run_attempt"] = fmt.Sprint(job.Attempt)
+		gitContext["run_id"] = strconv.FormatInt(job.RunID, 10)
+		gitContext["run_attempt"] = strconv.FormatInt(job.Attempt, 10)
 	}
 
 	return gitContext
@@ -159,3 +165,37 @@ func mergeTwoOutputs(o1, o2 map[string]string) map[string]string {
 	}
 	return ret
 }
+
+func (g *GiteaContext) ToGitHubContext() *model.GithubContext {
+	return &model.GithubContext{
+		Event:            util.GetMapValueOrDefault(*g, "event", map[string]any(nil)),
+		EventPath:        util.GetMapValueOrDefault(*g, "event_path", ""),
+		Workflow:         util.GetMapValueOrDefault(*g, "workflow", ""),
+		RunID:            util.GetMapValueOrDefault(*g, "run_id", ""),
+		RunNumber:        util.GetMapValueOrDefault(*g, "run_number", ""),
+		Actor:            util.GetMapValueOrDefault(*g, "actor", ""),
+		Repository:       util.GetMapValueOrDefault(*g, "repository", ""),
+		EventName:        util.GetMapValueOrDefault(*g, "event_name", ""),
+		Sha:              util.GetMapValueOrDefault(*g, "sha", ""),
+		Ref:              util.GetMapValueOrDefault(*g, "ref", ""),
+		RefName:          util.GetMapValueOrDefault(*g, "ref_name", ""),
+		RefType:          util.GetMapValueOrDefault(*g, "ref_type", ""),
+		HeadRef:          util.GetMapValueOrDefault(*g, "head_ref", ""),
+		BaseRef:          util.GetMapValueOrDefault(*g, "base_ref", ""),
+		Token:            "", // deliberately omitted for security
+		Workspace:        util.GetMapValueOrDefault(*g, "workspace", ""),
+		Action:           util.GetMapValueOrDefault(*g, "action", ""),
+		ActionPath:       util.GetMapValueOrDefault(*g, "action_path", ""),
+		ActionRef:        util.GetMapValueOrDefault(*g, "action_ref", ""),
+		ActionRepository: util.GetMapValueOrDefault(*g, "action_repository", ""),
+		Job:              util.GetMapValueOrDefault(*g, "job", ""),
+		JobName:          "", // not present in GiteaContext
+		RepositoryOwner:  util.GetMapValueOrDefault(*g, "repository_owner", ""),
+		RetentionDays:    util.GetMapValueOrDefault(*g, "retention_days", ""),
+		RunnerPerflog:    "", // not present in GiteaContext
+		RunnerTrackingID: "", // not present in GiteaContext
+		ServerURL:        util.GetMapValueOrDefault(*g, "server_url", ""),
+		APIURL:           util.GetMapValueOrDefault(*g, "api_url", ""),
+		GraphQLURL:       util.GetMapValueOrDefault(*g, "graphql_url", ""),
+	}
+}
diff --git a/services/actions/interface.go b/services/actions/interface.go
index d4fa782fec..a054c38e4f 100644
--- a/services/actions/interface.go
+++ b/services/actions/interface.go
@@ -25,4 +25,16 @@ type API interface {
 	UpdateVariable(*context.APIContext)
 	// GetRegistrationToken get registration token
 	GetRegistrationToken(*context.APIContext)
+	// CreateRegistrationToken get registration token
+	CreateRegistrationToken(*context.APIContext)
+	// ListRunners list runners
+	ListRunners(*context.APIContext)
+	// GetRunner get a runner
+	GetRunner(*context.APIContext)
+	// DeleteRunner delete runner
+	DeleteRunner(*context.APIContext)
+	// ListWorkflowJobs list jobs
+	ListWorkflowJobs(*context.APIContext)
+	// ListWorkflowRuns list runs
+	ListWorkflowRuns(*context.APIContext)
 }
diff --git a/services/actions/job_emitter.go b/services/actions/job_emitter.go
index c11bb5875f..47c9f59094 100644
--- a/services/actions/job_emitter.go
+++ b/services/actions/job_emitter.go
@@ -11,6 +11,7 @@ import (
 	actions_model "code.gitea.io/gitea/models/actions"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/graceful"
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/queue"
 	notify_service "code.gitea.io/gitea/services/notify"
 
@@ -78,9 +79,30 @@ func checkJobsOfRun(ctx context.Context, runID int64) error {
 		_ = job.LoadAttributes(ctx)
 		notify_service.WorkflowJobStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job, nil)
 	}
+	if len(jobs) > 0 {
+		runUpdated := true
+		for _, job := range jobs {
+			if !job.Status.IsDone() {
+				runUpdated = false
+				break
+			}
+		}
+		if runUpdated {
+			NotifyWorkflowRunStatusUpdateWithReload(ctx, jobs[0])
+		}
+	}
 	return nil
 }
 
+func NotifyWorkflowRunStatusUpdateWithReload(ctx context.Context, job *actions_model.ActionRunJob) {
+	job.Run = nil
+	if err := job.LoadAttributes(ctx); err != nil {
+		log.Error("LoadAttributes: %v", err)
+		return
+	}
+	notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+}
+
 type jobStatusResolver struct {
 	statuses map[int64]actions_model.Status
 	needs    map[int64][]int64
diff --git a/services/actions/notifier.go b/services/actions/notifier.go
index 831cde3523..d10cc0ab34 100644
--- a/services/actions/notifier.go
+++ b/services/actions/notifier.go
@@ -6,13 +6,16 @@ package actions
 import (
 	"context"
 
+	actions_model "code.gitea.io/gitea/models/actions"
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/models/organization"
 	packages_model "code.gitea.io/gitea/models/packages"
 	perm_model "code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
@@ -762,3 +765,41 @@ func (n *actionsNotifier) MigrateRepository(ctx context.Context, doer, u *user_m
 		Sender:       convert.ToUser(ctx, doer, nil),
 	}).Notify(ctx)
 }
+
+func (n *actionsNotifier) WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun) {
+	ctx = withMethod(ctx, "WorkflowRunStatusUpdate")
+
+	var org *api.Organization
+	if repo.Owner.IsOrganization() {
+		org = convert.ToOrganization(ctx, organization.OrgFromUser(repo.Owner))
+	}
+
+	status := convert.ToWorkflowRunAction(run.Status)
+
+	gitRepo, err := gitrepo.OpenRepository(ctx, repo)
+	if err != nil {
+		log.Error("OpenRepository: %v", err)
+		return
+	}
+	defer gitRepo.Close()
+
+	convertedWorkflow, err := convert.GetActionWorkflow(ctx, gitRepo, repo, run.WorkflowID)
+	if err != nil {
+		log.Error("GetActionWorkflow: %v", err)
+		return
+	}
+	convertedRun, err := convert.ToActionWorkflowRun(ctx, repo, run)
+	if err != nil {
+		log.Error("ToActionWorkflowRun: %v", err)
+		return
+	}
+
+	newNotifyInput(repo, sender, webhook_module.HookEventWorkflowRun).WithPayload(&api.WorkflowRunPayload{
+		Action:       status,
+		Workflow:     convertedWorkflow,
+		WorkflowRun:  convertedRun,
+		Organization: org,
+		Repo:         convert.ToRepo(ctx, repo, access_model.Permission{AccessMode: perm_model.AccessModeOwner}),
+		Sender:       convert.ToUser(ctx, sender, nil),
+	}).Notify(ctx)
+}
diff --git a/services/actions/notifier_helper.go b/services/actions/notifier_helper.go
index d179134798..b8bc20cdbb 100644
--- a/services/actions/notifier_helper.go
+++ b/services/actions/notifier_helper.go
@@ -33,7 +33,9 @@ import (
 	"github.com/nektos/act/pkg/model"
 )
 
-var methodCtxKey struct{}
+type methodCtxKeyType struct{}
+
+var methodCtxKey methodCtxKeyType
 
 // withMethod sets the notification method that this context currently executes.
 // Used for debugging/ troubleshooting purposes.
@@ -44,8 +46,7 @@ func withMethod(ctx context.Context, method string) context.Context {
 			return ctx
 		}
 	}
-	// FIXME: review the use of this nolint directive
-	return context.WithValue(ctx, methodCtxKey, method) //nolint:staticcheck
+	return context.WithValue(ctx, methodCtxKey, method)
 }
 
 // getMethod gets the notification method that this context currently executes.
@@ -103,7 +104,7 @@ func (input *notifyInput) WithPayload(payload api.Payloader) *notifyInput {
 func (input *notifyInput) WithPullRequest(pr *issues_model.PullRequest) *notifyInput {
 	input.PullRequest = pr
 	if input.Ref == "" {
-		input.Ref = git.RefName(pr.GetGitRefName())
+		input.Ref = git.RefName(pr.GetGitHeadRefName())
 	}
 	return input
 }
@@ -178,7 +179,7 @@ func notify(ctx context.Context, input *notifyInput) error {
 		return fmt.Errorf("gitRepo.GetCommit: %w", err)
 	}
 
-	if skipWorkflows(input, commit) {
+	if skipWorkflows(ctx, input, commit) {
 		return nil
 	}
 
@@ -243,7 +244,7 @@ func notify(ctx context.Context, input *notifyInput) error {
 	return handleWorkflows(ctx, detectedWorkflows, commit, input, ref.String())
 }
 
-func skipWorkflows(input *notifyInput, commit *git.Commit) bool {
+func skipWorkflows(ctx context.Context, input *notifyInput, commit *git.Commit) bool {
 	// skip workflow runs with a configured skip-ci string in commit message or pr title if the event is push or pull_request(_sync)
 	// https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs
 	skipWorkflowEvents := []webhook_module.HookEventType{
@@ -263,6 +264,27 @@ func skipWorkflows(input *notifyInput, commit *git.Commit) bool {
 			}
 		}
 	}
+	if input.Event == webhook_module.HookEventWorkflowRun {
+		wrun, ok := input.Payload.(*api.WorkflowRunPayload)
+		for i := 0; i < 5 && ok && wrun.WorkflowRun != nil; i++ {
+			if wrun.WorkflowRun.Event != "workflow_run" {
+				return false
+			}
+			r, err := actions_model.GetRunByRepoAndID(ctx, input.Repo.ID, wrun.WorkflowRun.ID)
+			if err != nil {
+				log.Error("GetRunByRepoAndID: %v", err)
+				return true
+			}
+			wrun, err = r.GetWorkflowRunEventPayload()
+			if err != nil {
+				log.Error("GetWorkflowRunEventPayload: %v", err)
+				return true
+			}
+		}
+		// skip workflow runs events exceeding the maxiumum of 5 recursive events
+		log.Debug("repo %s: skipped workflow_run because of recursive event of 5", input.Repo.RepoPath())
+		return true
+	}
 	return false
 }
 
@@ -302,9 +324,11 @@ func handleWorkflows(
 		run := &actions_model.ActionRun{
 			Title:             strings.SplitN(commit.CommitMessage, "\n", 2)[0],
 			RepoID:            input.Repo.ID,
+			Repo:              input.Repo,
 			OwnerID:           input.Repo.OwnerID,
 			WorkflowID:        dwf.EntryName,
 			TriggerUserID:     input.Doer.ID,
+			TriggerUser:       input.Doer,
 			Ref:               ref,
 			CommitSHA:         commit.ID.String(),
 			IsForkPullRequest: isForkPullRequest,
@@ -333,12 +357,18 @@ func handleWorkflows(
 			continue
 		}
 
-		jobs, err := jobparser.Parse(dwf.Content, jobparser.WithVars(vars))
+		giteaCtx := GenerateGiteaContext(run, nil)
+
+		jobs, err := jobparser.Parse(dwf.Content, jobparser.WithVars(vars), jobparser.WithGitContext(giteaCtx.ToGitHubContext()))
 		if err != nil {
 			log.Error("jobparser.Parse: %v", err)
 			continue
 		}
 
+		if len(jobs) > 0 && jobs[0].RunName != "" {
+			run.Title = jobs[0].RunName
+		}
+
 		// cancel running jobs if the event is push or pull_request_sync
 		if run.Event == webhook_module.HookEventPush ||
 			run.Event == webhook_module.HookEventPullRequestSync {
@@ -364,6 +394,15 @@ func handleWorkflows(
 			continue
 		}
 		CreateCommitStatus(ctx, alljobs...)
+		if len(alljobs) > 0 {
+			job := alljobs[0]
+			err := job.LoadRun(ctx)
+			if err != nil {
+				log.Error("LoadRun: %v", err)
+				continue
+			}
+			notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+		}
 		for _, job := range alljobs {
 			notify_service.WorkflowJobStatusUpdate(ctx, input.Repo, input.Doer, job, nil)
 		}
@@ -508,9 +547,11 @@ func handleSchedules(
 		run := &actions_model.ActionSchedule{
 			Title:         strings.SplitN(commit.CommitMessage, "\n", 2)[0],
 			RepoID:        input.Repo.ID,
+			Repo:          input.Repo,
 			OwnerID:       input.Repo.OwnerID,
 			WorkflowID:    dwf.EntryName,
 			TriggerUserID: user_model.ActionsUserID,
+			TriggerUser:   user_model.NewActionsUser(),
 			Ref:           ref,
 			CommitSHA:     commit.ID.String(),
 			Event:         input.Event,
@@ -518,6 +559,25 @@ func handleSchedules(
 			Specs:         schedules,
 			Content:       dwf.Content,
 		}
+
+		vars, err := actions_model.GetVariablesOfRun(ctx, run.ToActionRun())
+		if err != nil {
+			log.Error("GetVariablesOfRun: %v", err)
+			continue
+		}
+
+		giteaCtx := GenerateGiteaContext(run.ToActionRun(), nil)
+
+		jobs, err := jobparser.Parse(dwf.Content, jobparser.WithVars(vars), jobparser.WithGitContext(giteaCtx.ToGitHubContext()))
+		if err != nil {
+			log.Error("jobparser.Parse: %v", err)
+			continue
+		}
+
+		if len(jobs) > 0 && jobs[0].RunName != "" {
+			run.Title = jobs[0].RunName
+		}
+
 		crons = append(crons, run)
 	}
 
diff --git a/services/actions/schedule_tasks.go b/services/actions/schedule_tasks.go
index a30b166063..c029c5a1a2 100644
--- a/services/actions/schedule_tasks.go
+++ b/services/actions/schedule_tasks.go
@@ -157,6 +157,7 @@ func CreateScheduleTask(ctx context.Context, cron *actions_model.ActionSchedule)
 	if err != nil {
 		log.Error("LoadAttributes: %v", err)
 	}
+	notify_service.WorkflowRunStatusUpdate(ctx, run.Repo, run.TriggerUser, run)
 	for _, job := range allJobs {
 		notify_service.WorkflowJobStatusUpdate(ctx, run.Repo, run.TriggerUser, job, nil)
 	}
diff --git a/services/actions/task.go b/services/actions/task.go
index 9c8198206a..6a547c1c12 100644
--- a/services/actions/task.go
+++ b/services/actions/task.go
@@ -5,6 +5,7 @@ package actions
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	actions_model "code.gitea.io/gitea/models/actions"
@@ -39,7 +40,7 @@ func PickTask(ctx context.Context, runner *actions_model.ActionRunner) (*runnerv
 			if err != nil {
 				return nil, false, err
 			}
-			return nil, false, fmt.Errorf("runner has been removed")
+			return nil, false, errors.New("runner has been removed")
 		}
 	}
 
diff --git a/services/actions/workflow.go b/services/actions/workflow.go
index dc8a1dd349..233e22b5dd 100644
--- a/services/actions/workflow.go
+++ b/services/actions/workflow.go
@@ -5,9 +5,6 @@ package actions
 
 import (
 	"fmt"
-	"net/http"
-	"net/url"
-	"path"
 	"strings"
 
 	actions_model "code.gitea.io/gitea/models/actions"
@@ -31,61 +28,8 @@ import (
 	"github.com/nektos/act/pkg/model"
 )
 
-func getActionWorkflowPath(commit *git.Commit) string {
-	paths := []string{".gitea/workflows", ".github/workflows"}
-	for _, treePath := range paths {
-		if _, err := commit.SubTree(treePath); err == nil {
-			return treePath
-		}
-	}
-	return ""
-}
-
-func getActionWorkflowEntry(ctx *context.APIContext, commit *git.Commit, folder string, entry *git.TreeEntry) *api.ActionWorkflow {
-	cfgUnit := ctx.Repo.Repository.MustGetUnit(ctx, unit.TypeActions)
-	cfg := cfgUnit.ActionsConfig()
-
-	defaultBranch, _ := commit.GetBranchName()
-
-	workflowURL := fmt.Sprintf("%s/actions/workflows/%s", ctx.Repo.Repository.APIURL(), url.PathEscape(entry.Name()))
-	workflowRepoURL := fmt.Sprintf("%s/src/branch/%s/%s/%s", ctx.Repo.Repository.HTMLURL(ctx), util.PathEscapeSegments(defaultBranch), util.PathEscapeSegments(folder), url.PathEscape(entry.Name()))
-	badgeURL := fmt.Sprintf("%s/actions/workflows/%s/badge.svg?branch=%s", ctx.Repo.Repository.HTMLURL(ctx), url.PathEscape(entry.Name()), url.QueryEscape(ctx.Repo.Repository.DefaultBranch))
-
-	// See https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#get-a-workflow
-	// State types:
-	// - active
-	// - deleted
-	// - disabled_fork
-	// - disabled_inactivity
-	// - disabled_manually
-	state := "active"
-	if cfg.IsWorkflowDisabled(entry.Name()) {
-		state = "disabled_manually"
-	}
-
-	// The CreatedAt and UpdatedAt fields currently reflect the timestamp of the latest commit, which can later be refined
-	// by retrieving the first and last commits for the file history. The first commit would indicate the creation date,
-	// while the last commit would represent the modification date. The DeletedAt could be determined by identifying
-	// the last commit where the file existed. However, this implementation has not been done here yet, as it would likely
-	// cause a significant performance degradation.
-	createdAt := commit.Author.When
-	updatedAt := commit.Author.When
-
-	return &api.ActionWorkflow{
-		ID:        entry.Name(),
-		Name:      entry.Name(),
-		Path:      path.Join(folder, entry.Name()),
-		State:     state,
-		CreatedAt: createdAt,
-		UpdatedAt: updatedAt,
-		URL:       workflowURL,
-		HTMLURL:   workflowRepoURL,
-		BadgeURL:  badgeURL,
-	}
-}
-
 func EnableOrDisableWorkflow(ctx *context.APIContext, workflowID string, isEnable bool) error {
-	workflow, err := GetActionWorkflow(ctx, workflowID)
+	workflow, err := convert.GetActionWorkflow(ctx, ctx.Repo.GitRepo, ctx.Repo.Repository, workflowID)
 	if err != nil {
 		return err
 	}
@@ -102,44 +46,6 @@ func EnableOrDisableWorkflow(ctx *context.APIContext, workflowID string, isEnabl
 	return repo_model.UpdateRepoUnit(ctx, cfgUnit)
 }
 
-func ListActionWorkflows(ctx *context.APIContext) ([]*api.ActionWorkflow, error) {
-	defaultBranchCommit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return nil, err
-	}
-
-	entries, err := actions.ListWorkflows(defaultBranchCommit)
-	if err != nil {
-		ctx.APIError(http.StatusNotFound, err.Error())
-		return nil, err
-	}
-
-	folder := getActionWorkflowPath(defaultBranchCommit)
-
-	workflows := make([]*api.ActionWorkflow, len(entries))
-	for i, entry := range entries {
-		workflows[i] = getActionWorkflowEntry(ctx, defaultBranchCommit, folder, entry)
-	}
-
-	return workflows, nil
-}
-
-func GetActionWorkflow(ctx *context.APIContext, workflowID string) (*api.ActionWorkflow, error) {
-	entries, err := ListActionWorkflows(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	for _, entry := range entries {
-		if entry.Name == workflowID {
-			return entry, nil
-		}
-	}
-
-	return nil, util.NewNotExistErrorf("workflow %q not found", workflowID)
-}
-
 func DispatchActionWorkflow(ctx reqctx.RequestContext, doer *user_model.User, repo *repo_model.Repository, gitRepo *git.Repository, workflowID, ref string, processInputs func(model *model.WorkflowDispatch, inputs map[string]any) error) error {
 	if workflowID == "" {
 		return util.ErrorWrapLocale(
@@ -185,29 +91,62 @@ func DispatchActionWorkflow(ctx reqctx.RequestContext, doer *user_model.User, re
 	}
 
 	// get workflow entry from runTargetCommit
-	entries, err := actions.ListWorkflows(runTargetCommit)
+	_, entries, err := actions.ListWorkflows(runTargetCommit)
 	if err != nil {
 		return err
 	}
 
 	// find workflow from commit
 	var workflows []*jobparser.SingleWorkflow
-	for _, entry := range entries {
-		if entry.Name() != workflowID {
-			continue
-		}
+	var entry *git.TreeEntry
 
-		content, err := actions.GetContentFromEntry(entry)
-		if err != nil {
-			return err
-		}
-		workflows, err = jobparser.Parse(content)
-		if err != nil {
-			return err
+	run := &actions_model.ActionRun{
+		Title:             strings.SplitN(runTargetCommit.CommitMessage, "\n", 2)[0],
+		RepoID:            repo.ID,
+		Repo:              repo,
+		OwnerID:           repo.OwnerID,
+		WorkflowID:        workflowID,
+		TriggerUserID:     doer.ID,
+		TriggerUser:       doer,
+		Ref:               string(refName),
+		CommitSHA:         runTargetCommit.ID.String(),
+		IsForkPullRequest: false,
+		Event:             "workflow_dispatch",
+		TriggerEvent:      "workflow_dispatch",
+		Status:            actions_model.StatusWaiting,
+	}
+
+	for _, e := range entries {
+		if e.Name() != workflowID {
+			continue
 		}
+		entry = e
 		break
 	}
 
+	if entry == nil {
+		return util.ErrorWrapLocale(
+			util.NewNotExistErrorf("workflow %q doesn't exist", workflowID),
+			"actions.workflow.not_found", workflowID,
+		)
+	}
+
+	content, err := actions.GetContentFromEntry(entry)
+	if err != nil {
+		return err
+	}
+
+	giteaCtx := GenerateGiteaContext(run, nil)
+
+	workflows, err = jobparser.Parse(content, jobparser.WithGitContext(giteaCtx.ToGitHubContext()))
+	if err != nil {
+		return err
+	}
+
+	if len(workflows) > 0 && workflows[0].RunName != "" {
+		run.Title = workflows[0].RunName
+	}
+
 	if len(workflows) == 0 {
 		return util.ErrorWrapLocale(
 			util.NewNotExistErrorf("workflow %q doesn't exist", workflowID),
@@ -236,25 +175,12 @@ func DispatchActionWorkflow(ctx reqctx.RequestContext, doer *user_model.User, re
 		Inputs:     inputsWithDefaults,
 		Sender:     convert.ToUserWithAccessMode(ctx, doer, perm.AccessModeNone),
 	}
+
 	var eventPayload []byte
 	if eventPayload, err = workflowDispatchPayload.JSONPayload(); err != nil {
 		return fmt.Errorf("JSONPayload: %w", err)
 	}
-
-	run := &actions_model.ActionRun{
-		Title:             strings.SplitN(runTargetCommit.CommitMessage, "\n", 2)[0],
-		RepoID:            repo.ID,
-		OwnerID:           repo.OwnerID,
-		WorkflowID:        workflowID,
-		TriggerUserID:     doer.ID,
-		Ref:               string(refName),
-		CommitSHA:         runTargetCommit.ID.String(),
-		IsForkPullRequest: false,
-		Event:             "workflow_dispatch",
-		TriggerEvent:      "workflow_dispatch",
-		EventPayload:      string(eventPayload),
-		Status:            actions_model.StatusWaiting,
-	}
+	run.EventPayload = string(eventPayload)
 
 	// cancel running jobs of the same workflow
 	if err := CancelPreviousJobs(
@@ -277,9 +203,17 @@ func DispatchActionWorkflow(ctx reqctx.RequestContext, doer *user_model.User, re
 		log.Error("FindRunJobs: %v", err)
 	}
 	CreateCommitStatus(ctx, allJobs...)
+	if len(allJobs) > 0 {
+		job := allJobs[0]
+		err := job.LoadRun(ctx)
+		if err != nil {
+			log.Error("LoadRun: %v", err)
+		} else {
+			notify_service.WorkflowRunStatusUpdate(ctx, job.Run.Repo, job.Run.TriggerUser, job.Run)
+		}
+	}
 	for _, job := range allJobs {
 		notify_service.WorkflowJobStatusUpdate(ctx, repo, doer, job, nil)
 	}
-
 	return nil
 }
diff --git a/services/agit/agit.go b/services/agit/agit.go
index 1e6ce93312..63b3eab4f2 100644
--- a/services/agit/agit.go
+++ b/services/agit/agit.go
@@ -5,10 +5,12 @@ package agit
 
 import (
 	"context"
+	"encoding/base64"
 	"fmt"
 	"os"
 	"strings"
 
+	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
@@ -17,17 +19,30 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 	notify_service "code.gitea.io/gitea/services/notify"
 	pull_service "code.gitea.io/gitea/services/pull"
 )
 
+func parseAgitPushOptionValue(s string) string {
+	if base64Value, ok := strings.CutPrefix(s, "{base64}"); ok {
+		decoded, err := base64.StdEncoding.DecodeString(base64Value)
+		return util.Iif(err == nil, string(decoded), s)
+	}
+	return s
+}
+
 // ProcReceive handle proc receive work
 func ProcReceive(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, opts *private.HookOptions) ([]private.HookProcReceiveRefResult, error) {
 	results := make([]private.HookProcReceiveRefResult, 0, len(opts.OldCommitIDs))
 	forcePush := opts.GitPushOptions.Bool(private.GitPushOptionForcePush)
 	topicBranch := opts.GitPushOptions["topic"]
-	title := strings.TrimSpace(opts.GitPushOptions["title"])
-	description := strings.TrimSpace(opts.GitPushOptions["description"])
+
+	// some options are base64-encoded with "{base64}" prefix if they contain new lines
+	// other agit push options like "issue", "reviewer" and "cc" are not supported
+	title := parseAgitPushOptionValue(opts.GitPushOptions["title"])
+	description := parseAgitPushOptionValue(opts.GitPushOptions["description"])
+
 	objectFormat := git.ObjectFormatFromName(repo.ObjectFormatName)
 	userName := strings.ToLower(opts.UserName)
 
@@ -150,7 +165,7 @@ func ProcReceive(ctx context.Context, repo *repo_model.Repository, gitRepo *git.
 			log.Trace("Pull request created: %d/%d", repo.ID, prIssue.ID)
 
 			results = append(results, private.HookProcReceiveRefResult{
-				Ref:               pr.GetGitRefName(),
+				Ref:               pr.GetGitHeadRefName(),
 				OriginalRef:       opts.RefFullNames[i],
 				OldOID:            objectFormat.EmptyObjectID().String(),
 				NewOID:            opts.NewCommitIDs[i],
@@ -167,7 +182,7 @@ func ProcReceive(ctx context.Context, repo *repo_model.Repository, gitRepo *git.
 			return nil, fmt.Errorf("unable to load base repository for PR[%d] Error: %w", pr.ID, err)
 		}
 
-		oldCommitID, err := gitRepo.GetRefCommitID(pr.GetGitRefName())
+		oldCommitID, err := gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
 			return nil, fmt.Errorf("unable to get ref commit id in base repository for PR[%d] Error: %w", pr.ID, err)
 		}
@@ -199,12 +214,38 @@ func ProcReceive(ctx context.Context, repo *repo_model.Repository, gitRepo *git.
 			}
 		}
 
+		// Store old commit ID for review staleness checking
+		oldHeadCommitID := pr.HeadCommitID
+
 		pr.HeadCommitID = opts.NewCommitIDs[i]
 		if err = pull_service.UpdateRef(ctx, pr); err != nil {
 			return nil, fmt.Errorf("failed to update pull ref. Error: %w", err)
 		}
 
-		pull_service.AddToTaskQueue(ctx, pr)
+		// Mark existing reviews as stale when PR content changes (same as regular GitHub flow)
+		if oldHeadCommitID != opts.NewCommitIDs[i] {
+			if err := issues_model.MarkReviewsAsStale(ctx, pr.IssueID); err != nil {
+				log.Error("MarkReviewsAsStale: %v", err)
+			}
+
+			// Dismiss all approval reviews if protected branch rule item enabled
+			pb, err := git_model.GetFirstMatchProtectedBranchRule(ctx, pr.BaseRepoID, pr.BaseBranch)
+			if err != nil {
+				log.Error("GetFirstMatchProtectedBranchRule: %v", err)
+			}
+			if pb != nil && pb.DismissStaleApprovals {
+				if err := pull_service.DismissApprovalReviews(ctx, pusher, pr); err != nil {
+					log.Error("DismissApprovalReviews: %v", err)
+				}
+			}
+
+			// Mark reviews for the new commit as not stale
+			if err := issues_model.MarkReviewsAsNotStale(ctx, pr.IssueID, opts.NewCommitIDs[i]); err != nil {
+				log.Error("MarkReviewsAsNotStale: %v", err)
+			}
+		}
+
+		pull_service.StartPullRequestCheckImmediately(ctx, pr)
 		err = pr.LoadIssue(ctx)
 		if err != nil {
 			return nil, fmt.Errorf("failed to load pull issue. Error: %w", err)
@@ -219,7 +260,7 @@ func ProcReceive(ctx context.Context, repo *repo_model.Repository, gitRepo *git.
 		results = append(results, private.HookProcReceiveRefResult{
 			OldOID:            oldCommitID,
 			NewOID:            opts.NewCommitIDs[i],
-			Ref:               pr.GetGitRefName(),
+			Ref:               pr.GetGitHeadRefName(),
 			OriginalRef:       opts.RefFullNames[i],
 			IsForcePush:       isForcePush,
 			IsCreatePR:        false,
diff --git a/services/agit/agit_test.go b/services/agit/agit_test.go
new file mode 100644
index 0000000000..feaf7dca9b
--- /dev/null
+++ b/services/agit/agit_test.go
@@ -0,0 +1,16 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package agit
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestParseAgitPushOptionValue(t *testing.T) {
+	assert.Equal(t, "a", parseAgitPushOptionValue("a"))
+	assert.Equal(t, "a", parseAgitPushOptionValue("{base64}YQ=="))
+	assert.Equal(t, "{base64}invalid value", parseAgitPushOptionValue("{base64}invalid value"))
+}
diff --git a/services/asymkey/commit.go b/services/asymkey/commit.go
index df29133972..54ef052a50 100644
--- a/services/asymkey/commit.go
+++ b/services/asymkey/commit.go
@@ -5,61 +5,63 @@ package asymkey
 
 import (
 	"context"
+	"fmt"
+	"slices"
 	"strings"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/db"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/cachegroup"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
+	"github.com/42wim/sshsig"
 	"github.com/ProtonMail/go-crypto/openpgp/packet"
 )
 
 // ParseCommitWithSignature check if signature is good against keystore.
 func ParseCommitWithSignature(ctx context.Context, c *git.Commit) *asymkey_model.CommitVerification {
-	var committer *user_model.User
-	if c.Committer != nil {
-		var err error
-		// Find Committer account
-		committer, err = user_model.GetUserByEmail(ctx, c.Committer.Email) // This finds the user by primary email or activated email so commit will not be valid if email is not
-		if err != nil {                                                    // Skipping not user for committer
-			committer = &user_model.User{
-				Name:  c.Committer.Name,
-				Email: c.Committer.Email,
-			}
-			// We can expect this to often be an ErrUserNotExist. in the case
-			// it is not, however, it is important to log it.
-			if !user_model.IsErrUserNotExist(err) {
-				log.Error("GetUserByEmail: %v", err)
-				return &asymkey_model.CommitVerification{
-					CommittingUser: committer,
-					Verified:       false,
-					Reason:         "gpg.error.no_committer_account",
-				}
-			}
+	committer, err := user_model.GetUserByEmail(ctx, c.Committer.Email)
+	if err != nil && !user_model.IsErrUserNotExist(err) {
+		log.Error("GetUserByEmail: %v", err)
+		return &asymkey_model.CommitVerification{
+			Verified: false,
+			Reason:   "gpg.error.no_committer_account", // this error is not right, but such error should seldom happen
 		}
 	}
-
 	return ParseCommitWithSignatureCommitter(ctx, c, committer)
 }
 
+// ParseCommitWithSignatureCommitter parses a commit's GPG or SSH signature.
+// The caller guarantees that the committer user is related to the commit by checking its activated email addresses or no-reply address.
+// If the commit is singed by an instance key, then committer can be nil.
+// If the signature exists, even if committer is nil, the returned CommittingUser will be a non-nil fake user (e.g.: instance key)
 func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, committer *user_model.User) *asymkey_model.CommitVerification {
-	// If no signature just report the committer
+	// If no signature, just report the committer
 	if c.Signature == nil {
 		return &asymkey_model.CommitVerification{
 			CommittingUser: committer,
-			Verified:       false,                         // Default value
-			Reason:         "gpg.error.not_signed_commit", // Default value
+			Verified:       false,
+			Reason:         "gpg.error.not_signed_commit",
+		}
+	}
+	// to support instance key, we need a fake committer user (not really needed, but legacy code accesses the committer without nil-check)
+	if committer == nil {
+		committer = &user_model.User{
+			Name:  c.Committer.Name,
+			Email: c.Committer.Email,
 		}
 	}
-
-	// If this a SSH signature handle it differently
 	if strings.HasPrefix(c.Signature.Signature, "-----BEGIN SSH SIGNATURE-----") {
-		return asymkey_model.ParseCommitWithSSHSignature(ctx, c, committer)
+		return parseCommitWithSSHSignature(ctx, c, committer)
 	}
+	return parseCommitWithGPGSignature(ctx, c, committer)
+}
 
+func parseCommitWithGPGSignature(ctx context.Context, c *git.Commit, committer *user_model.User) *asymkey_model.CommitVerification {
 	// Parsing signature
 	sig, err := asymkey_model.ExtractSignature(c.Signature.Signature)
 	if err != nil { // Skipping failed to extract sign
@@ -113,20 +115,11 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
 			}
 		}
 
-		committerEmailAddresses, _ := user_model.GetEmailAddresses(ctx, committer.ID)
-		activated := false
-		for _, e := range committerEmailAddresses {
-			if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {
-				activated = true
-				break
-			}
-		}
-
 		for _, k := range keys {
 			// Pre-check (& optimization) that emails attached to key can be attached to the committer email and can validate
 			canValidate := false
 			email := ""
-			if k.Verified && activated {
+			if k.Verified {
 				canValidate = true
 				email = c.Committer.Email
 			}
@@ -160,7 +153,7 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
 		}
 		if err := gpgSettings.LoadPublicKeyContent(); err != nil {
 			log.Error("Error getting default signing key: %s %v", gpgSettings.KeyID, err)
-		} else if commitVerification := VerifyWithGPGSettings(ctx, &gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
+		} else if commitVerification := verifyWithGPGSettings(ctx, &gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
 			if commitVerification.Reason == asymkey_model.BadSignature {
 				defaultReason = asymkey_model.BadSignature
 			} else {
@@ -175,7 +168,7 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
 	} else if defaultGPGSettings == nil {
 		log.Warn("Unable to get defaultGPGSettings for unattached commit: %s", c.ID.String())
 	} else if defaultGPGSettings.Sign {
-		if commitVerification := VerifyWithGPGSettings(ctx, defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
+		if commitVerification := verifyWithGPGSettings(ctx, defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
 			if commitVerification.Reason == asymkey_model.BadSignature {
 				defaultReason = asymkey_model.BadSignature
 			} else {
@@ -207,18 +200,17 @@ func checkKeyEmails(ctx context.Context, email string, keys ...*asymkey_model.GP
 		}
 		if key.Verified && key.OwnerID != 0 {
 			if uid != key.OwnerID {
-				userEmails, _ = user_model.GetEmailAddresses(ctx, key.OwnerID)
+				userEmails, _ = cache.GetWithContextCache(ctx, cachegroup.UserEmailAddresses, key.OwnerID, user_model.GetEmailAddresses)
 				uid = key.OwnerID
-				user = &user_model.User{ID: uid}
-				_, _ = user_model.GetUser(ctx, user)
+				user, _ = cache.GetWithContextCache(ctx, cachegroup.User, uid, user_model.GetUserByID)
 			}
 			for _, e := range userEmails {
 				if e.IsActivated && (email == "" || strings.EqualFold(e.Email, email)) {
 					return true, e.Email
 				}
 			}
-			if user.KeepEmailPrivate && strings.EqualFold(email, user.GetEmail()) {
-				return true, user.GetEmail()
+			if user != nil && strings.EqualFold(email, user.GetPlaceholderEmail()) {
+				return true, user.GetPlaceholderEmail()
 			}
 		}
 	}
@@ -229,10 +221,7 @@ func HashAndVerifyForKeyID(ctx context.Context, sig *packet.Signature, payload s
 	if keyID == "" {
 		return nil
 	}
-	keys, err := db.Find[asymkey_model.GPGKey](ctx, asymkey_model.FindGPGKeyOptions{
-		KeyID:          keyID,
-		IncludeSubKeys: true,
-	})
+	keys, err := cache.GetWithContextCache(ctx, cachegroup.GPGKeyWithSubKeys, keyID, asymkey_model.FindGPGKeyWithSubKeys)
 	if err != nil {
 		log.Error("GetGPGKeysByKeyID: %v", err)
 		return &asymkey_model.CommitVerification{
@@ -247,10 +236,7 @@ func HashAndVerifyForKeyID(ctx context.Context, sig *packet.Signature, payload s
 	for _, key := range keys {
 		var primaryKeys []*asymkey_model.GPGKey
 		if key.PrimaryKeyID != "" {
-			primaryKeys, err = db.Find[asymkey_model.GPGKey](ctx, asymkey_model.FindGPGKeyOptions{
-				KeyID:          key.PrimaryKeyID,
-				IncludeSubKeys: true,
-			})
+			primaryKeys, err = cache.GetWithContextCache(ctx, cachegroup.GPGKeyWithSubKeys, key.PrimaryKeyID, asymkey_model.FindGPGKeyWithSubKeys)
 			if err != nil {
 				log.Error("GetGPGKeysByKeyID: %v", err)
 				return &asymkey_model.CommitVerification{
@@ -270,8 +256,8 @@ func HashAndVerifyForKeyID(ctx context.Context, sig *packet.Signature, payload s
 			Name:  name,
 			Email: email,
 		}
-		if key.OwnerID != 0 {
-			owner, err := user_model.GetUserByID(ctx, key.OwnerID)
+		if key.OwnerID > 0 {
+			owner, err := cache.GetWithContextCache(ctx, cachegroup.User, key.OwnerID, user_model.GetUserByID)
 			if err == nil {
 				signer = owner
 			} else if !user_model.IsErrUserNotExist(err) {
@@ -297,7 +283,7 @@ func HashAndVerifyForKeyID(ctx context.Context, sig *packet.Signature, payload s
 	}
 }
 
-func VerifyWithGPGSettings(ctx context.Context, gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *user_model.User, keyID string) *asymkey_model.CommitVerification {
+func verifyWithGPGSettings(ctx context.Context, gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *user_model.User, keyID string) *asymkey_model.CommitVerification {
 	// First try to find the key in the db
 	if commitVerification := HashAndVerifyForKeyID(ctx, sig, payload, committer, gpgSettings.KeyID, gpgSettings.Name, gpgSettings.Email); commitVerification != nil {
 		return commitVerification
@@ -361,3 +347,104 @@ func VerifyWithGPGSettings(ctx context.Context, gpgSettings *git.GPGSettings, si
 	}
 	return nil
 }
+
+func verifySSHCommitVerificationByInstanceKey(c *git.Commit, committerUser, signerUser *user_model.User, committerGitEmail, publicKeyContent string) *asymkey_model.CommitVerification {
+	fingerprint, err := asymkey_model.CalcFingerprint(publicKeyContent)
+	if err != nil {
+		log.Error("Error calculating the fingerprint public key %q, err: %v", publicKeyContent, err)
+		return nil
+	}
+	sshPubKey := &asymkey_model.PublicKey{
+		Verified:    true,
+		Content:     publicKeyContent,
+		Fingerprint: fingerprint,
+		HasUsed:     true,
+	}
+	return verifySSHCommitVerification(c.Signature.Signature, c.Signature.Payload, sshPubKey, committerUser, signerUser, committerGitEmail)
+}
+
+// parseCommitWithSSHSignature check if signature is good against keystore.
+func parseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committerUser *user_model.User) *asymkey_model.CommitVerification {
+	// Now try to associate the signature with the committer, if present
+	if committerUser.ID != 0 {
+		keys, err := db.Find[asymkey_model.PublicKey](ctx, asymkey_model.FindPublicKeyOptions{
+			OwnerID:    committerUser.ID,
+			NotKeytype: asymkey_model.KeyTypePrincipal,
+		})
+		if err != nil { // Skipping failed to get ssh keys of user
+			log.Error("ListPublicKeys: %v", err)
+			return &asymkey_model.CommitVerification{
+				CommittingUser: committerUser,
+				Verified:       false,
+				Reason:         "gpg.error.failed_retrieval_gpg_keys",
+			}
+		}
+
+		for _, k := range keys {
+			if k.Verified {
+				commitVerification := verifySSHCommitVerification(c.Signature.Signature, c.Signature.Payload, k, committerUser, committerUser, c.Committer.Email)
+				if commitVerification != nil {
+					return commitVerification
+				}
+			}
+		}
+	}
+
+	// Try the pre-set trusted keys (for key-rotation purpose)
+	// At the moment, we still use the SigningName&SigningEmail for the rotated keys.
+	// Maybe in the future we can extend the key format to "ssh-xxx .... old-user@example.com" to support different signer emails.
+	for _, k := range setting.Repository.Signing.TrustedSSHKeys {
+		signerUser := &user_model.User{
+			Name:  setting.Repository.Signing.SigningName,
+			Email: setting.Repository.Signing.SigningEmail,
+		}
+		commitVerification := verifySSHCommitVerificationByInstanceKey(c, committerUser, signerUser, c.Committer.Email, k)
+		if commitVerification != nil && commitVerification.Verified {
+			return commitVerification
+		}
+	}
+
+	// Try the configured instance-wide SSH public key
+	if setting.Repository.Signing.SigningFormat == git.SigningKeyFormatSSH && !slices.Contains([]string{"", "default", "none"}, setting.Repository.Signing.SigningKey) {
+		gpgSettings := git.GPGSettings{
+			Sign:   true,
+			KeyID:  setting.Repository.Signing.SigningKey,
+			Name:   setting.Repository.Signing.SigningName,
+			Email:  setting.Repository.Signing.SigningEmail,
+			Format: setting.Repository.Signing.SigningFormat,
+		}
+		signerUser := &user_model.User{
+			Name:  gpgSettings.Name,
+			Email: gpgSettings.Email,
+		}
+		if err := gpgSettings.LoadPublicKeyContent(); err != nil {
+			log.Error("Error getting instance-wide SSH signing key %q, err: %v", gpgSettings.KeyID, err)
+		} else {
+			commitVerification := verifySSHCommitVerificationByInstanceKey(c, committerUser, signerUser, gpgSettings.Email, gpgSettings.PublicKeyContent)
+			if commitVerification != nil && commitVerification.Verified {
+				return commitVerification
+			}
+		}
+	}
+
+	return &asymkey_model.CommitVerification{
+		CommittingUser: committerUser,
+		Verified:       false,
+		Reason:         asymkey_model.NoKeyFound,
+	}
+}
+
+func verifySSHCommitVerification(sig, payload string, k *asymkey_model.PublicKey, committer, signer *user_model.User, email string) *asymkey_model.CommitVerification {
+	if err := sshsig.Verify(strings.NewReader(payload), []byte(sig), []byte(k.Content), "git"); err != nil {
+		return nil
+	}
+
+	return &asymkey_model.CommitVerification{ // Everything is ok
+		CommittingUser: committer,
+		Verified:       true,
+		Reason:         fmt.Sprintf("%s / %s", signer.Name, k.Fingerprint),
+		SigningUser:    signer,
+		SigningSSHKey:  k,
+		SigningEmail:   email,
+	}
+}
diff --git a/services/asymkey/commit_test.go b/services/asymkey/commit_test.go
new file mode 100644
index 0000000000..6edba1e90a
--- /dev/null
+++ b/services/asymkey/commit_test.go
@@ -0,0 +1,99 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package asymkey
+
+import (
+	"strings"
+	"testing"
+
+	asymkey_model "code.gitea.io/gitea/models/asymkey"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestParseCommitWithSSHSignature(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	// Here we only need to do some tests that "tests/integration/gpg_ssh_git_test.go" doesn't cover
+
+	// -----BEGIN OPENSSH PRIVATE KEY-----
+	// b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+	// QyNTUxOQAAACC6T6zF0oPak8dOIzzT1kXB7LrcsVo04SKc3GjuvMllZwAAAJgy08upMtPL
+	// qQAAAAtzc2gtZWQyNTUxOQAAACC6T6zF0oPak8dOIzzT1kXB7LrcsVo04SKc3GjuvMllZw
+	// AAAEDWqPHTH51xb4hy1y1f1VeWL/2A9Q0b6atOyv5fx8x5prpPrMXSg9qTx04jPNPWRcHs
+	// utyxWjThIpzcaO68yWVnAAAAEXVzZXIyQGV4YW1wbGUuY29tAQIDBA==
+	// -----END OPENSSH PRIVATE KEY-----
+	sshPubKey, err := asymkey_model.AddPublicKey(t.Context(), 999, "user-ssh-key-any-name", "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpPrMXSg9qTx04jPNPWRcHsutyxWjThIpzcaO68yWVn", 0)
+	require.NoError(t, err)
+	_, err = db.GetEngine(t.Context()).ID(sshPubKey.ID).Cols("verified").Update(&asymkey_model.PublicKey{Verified: true})
+	require.NoError(t, err)
+
+	t.Run("UserSSHKey", func(t *testing.T) {
+		commit, err := git.CommitFromReader(nil, git.Sha1ObjectFormat.EmptyObjectID(), strings.NewReader(`tree a3b1fad553e0f9a2b4a58327bebde36c7da75aa2
+author user2 <user2@example.com> 1752194028 -0700
+committer user2 <user2@example.com> 1752194028 -0700
+gpgsig -----BEGIN SSH SIGNATURE-----
+ U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAguk+sxdKD2pPHTiM809ZFwey63L
+ FaNOEinNxo7rzJZWcAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
+ AAAAQBfX+6mcKZBnXckwHcBFqRuXMD3vTKi1yv5wgrqIxTyr2LWB97xxmO92cvjsr0POQ2
+ 2YA7mQS510Cg2s1uU1XAk=
+ -----END SSH SIGNATURE-----
+
+init project
+`))
+		require.NoError(t, err)
+
+		// the committingUser is guaranteed by the caller, parseCommitWithSSHSignature doesn't do any more checks
+		committingUser := &user_model.User{ID: 999, Name: "user-x"}
+		ret := parseCommitWithSSHSignature(t.Context(), commit, committingUser)
+		require.NotNil(t, ret)
+		assert.True(t, ret.Verified)
+		assert.Equal(t, committingUser.Name+" / "+sshPubKey.Fingerprint, ret.Reason)
+		assert.False(t, ret.Warning)
+		assert.Equal(t, committingUser, ret.SigningUser)
+		assert.Equal(t, committingUser, ret.CommittingUser)
+		assert.Equal(t, sshPubKey.ID, ret.SigningSSHKey.ID)
+	})
+
+	t.Run("TrustedSSHKey", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Repository.Signing.SigningName, "gitea")()
+		defer test.MockVariableValue(&setting.Repository.Signing.SigningEmail, "gitea@fake.local")()
+		defer test.MockVariableValue(&setting.Repository.Signing.TrustedSSHKeys, []string{"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH6Y4idVaW3E+bLw1uqoAfJD7o5Siu+HqS51E9oQLPE9"})()
+
+		commit, err := git.CommitFromReader(nil, git.Sha1ObjectFormat.EmptyObjectID(), strings.NewReader(`tree 9a93ffa76e8b72bdb6431910b3a506fa2b39f42e
+author User Two <user2@example.com> 1749230009 +0200
+committer User Two <user2@example.com> 1749230009 +0200
+gpgsig -----BEGIN SSH SIGNATURE-----
+ U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgfpjiJ1VpbcT5svDW6qgB8kPujl
+ KK74epLnUT2hAs8T0AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
+ AAAAQDX2t2iHuuLxEWHLJetYXKsgayv3c43r0pJNfAzdLN55Q65pC5M7rG6++gT2bxcpOu
+ Y6EXbpLqia9sunEF3+LQY=
+ -----END SSH SIGNATURE-----
+
+Initial commit with signed file
+`))
+		require.NoError(t, err)
+		committingUser := &user_model.User{
+			ID:    2,
+			Name:  "User Two",
+			Email: "user2@example.com",
+		}
+		ret := parseCommitWithSSHSignature(t.Context(), commit, committingUser)
+		require.NotNil(t, ret)
+		assert.True(t, ret.Verified)
+		assert.False(t, ret.Warning)
+		assert.Equal(t, committingUser, ret.CommittingUser)
+		if assert.NotNil(t, ret.SigningUser) {
+			assert.Equal(t, "gitea", ret.SigningUser.Name)
+			assert.Equal(t, "gitea@fake.local", ret.SigningUser.Email)
+		}
+	})
+}
diff --git a/services/asymkey/deploy_key.go b/services/asymkey/deploy_key.go
index 9e5a6d6292..04023f9ffb 100644
--- a/services/asymkey/deploy_key.go
+++ b/services/asymkey/deploy_key.go
@@ -49,28 +49,21 @@ func deleteDeployKeyFromDB(ctx context.Context, key *asymkey_model.DeployKey) er
 // DeleteDeployKey deletes deploy key from its repository authorized_keys file if needed.
 // Permissions check should be done outside.
 func DeleteDeployKey(ctx context.Context, repo *repo_model.Repository, id int64) error {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	key, err := asymkey_model.GetDeployKeyByID(ctx, id)
-	if err != nil {
-		if asymkey_model.IsErrDeployKeyNotExist(err) {
-			return nil
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		key, err := asymkey_model.GetDeployKeyByID(ctx, id)
+		if err != nil {
+			if asymkey_model.IsErrDeployKeyNotExist(err) {
+				return nil
+			}
+			return fmt.Errorf("GetDeployKeyByID: %w", err)
 		}
-		return fmt.Errorf("GetDeployKeyByID: %w", err)
-	}
 
-	if key.RepoID != repo.ID {
-		return fmt.Errorf("deploy key %d does not belong to repository %d", id, repo.ID)
-	}
+		if key.RepoID != repo.ID {
+			return fmt.Errorf("deploy key %d does not belong to repository %d", id, repo.ID)
+		}
 
-	if err := deleteDeployKeyFromDB(dbCtx, key); err != nil {
-		return err
-	}
-	if err := committer.Commit(); err != nil {
+		return deleteDeployKeyFromDB(ctx, key)
+	}); err != nil {
 		return err
 	}
 
diff --git a/services/asymkey/sign.go b/services/asymkey/sign.go
index 2216bca54a..f94462ea46 100644
--- a/services/asymkey/sign.go
+++ b/services/asymkey/sign.go
@@ -6,6 +6,7 @@ package asymkey
 import (
 	"context"
 	"fmt"
+	"os"
 	"strings"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
@@ -85,9 +86,9 @@ func IsErrWontSign(err error) bool {
 }
 
 // SigningKey returns the KeyID and git Signature for the repo
-func SigningKey(ctx context.Context, repoPath string) (string, *git.Signature) {
+func SigningKey(ctx context.Context, repoPath string) (*git.SigningKey, *git.Signature) {
 	if setting.Repository.Signing.SigningKey == "none" {
-		return "", nil
+		return nil, nil
 	}
 
 	if setting.Repository.Signing.SigningKey == "default" || setting.Repository.Signing.SigningKey == "" {
@@ -95,53 +96,77 @@ func SigningKey(ctx context.Context, repoPath string) (string, *git.Signature) {
 		value, _, _ := git.NewCommand("config", "--get", "commit.gpgsign").RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 		sign, valid := git.ParseBool(strings.TrimSpace(value))
 		if !sign || !valid {
-			return "", nil
+			return nil, nil
 		}
 
+		format, _, _ := git.NewCommand("config", "--default", git.SigningKeyFormatOpenPGP, "--get", "gpg.format").RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 		signingKey, _, _ := git.NewCommand("config", "--get", "user.signingkey").RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 		signingName, _, _ := git.NewCommand("config", "--get", "user.name").RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 		signingEmail, _, _ := git.NewCommand("config", "--get", "user.email").RunStdString(ctx, &git.RunOpts{Dir: repoPath})
-		return strings.TrimSpace(signingKey), &git.Signature{
-			Name:  strings.TrimSpace(signingName),
-			Email: strings.TrimSpace(signingEmail),
+
+		if strings.TrimSpace(signingKey) == "" {
+			return nil, nil
 		}
+
+		return &git.SigningKey{
+				KeyID:  strings.TrimSpace(signingKey),
+				Format: strings.TrimSpace(format),
+			}, &git.Signature{
+				Name:  strings.TrimSpace(signingName),
+				Email: strings.TrimSpace(signingEmail),
+			}
 	}
 
-	return setting.Repository.Signing.SigningKey, &git.Signature{
-		Name:  setting.Repository.Signing.SigningName,
-		Email: setting.Repository.Signing.SigningEmail,
+	if setting.Repository.Signing.SigningKey == "" {
+		return nil, nil
 	}
+
+	return &git.SigningKey{
+			KeyID:  setting.Repository.Signing.SigningKey,
+			Format: setting.Repository.Signing.SigningFormat,
+		}, &git.Signature{
+			Name:  setting.Repository.Signing.SigningName,
+			Email: setting.Repository.Signing.SigningEmail,
+		}
 }
 
 // PublicSigningKey gets the public signing key within a provided repository directory
-func PublicSigningKey(ctx context.Context, repoPath string) (string, error) {
+func PublicSigningKey(ctx context.Context, repoPath string) (content, format string, err error) {
 	signingKey, _ := SigningKey(ctx, repoPath)
-	if signingKey == "" {
-		return "", nil
+	if signingKey == nil {
+		return "", "", nil
+	}
+	if signingKey.Format == git.SigningKeyFormatSSH {
+		content, err := os.ReadFile(signingKey.KeyID)
+		if err != nil {
+			log.Error("Unable to read SSH public key file in %s: %s, %v", repoPath, signingKey, err)
+			return "", signingKey.Format, err
+		}
+		return string(content), signingKey.Format, nil
 	}
 
 	content, stderr, err := process.GetManager().ExecDir(ctx, -1, repoPath,
-		"gpg --export -a", "gpg", "--export", "-a", signingKey)
+		"gpg --export -a", "gpg", "--export", "-a", signingKey.KeyID)
 	if err != nil {
 		log.Error("Unable to get default signing key in %s: %s, %s, %v", repoPath, signingKey, stderr, err)
-		return "", err
+		return "", signingKey.Format, err
 	}
-	return content, nil
+	return content, signingKey.Format, nil
 }
 
 // SignInitialCommit determines if we should sign the initial commit to this repository
-func SignInitialCommit(ctx context.Context, repoPath string, u *user_model.User) (bool, string, *git.Signature, error) {
+func SignInitialCommit(ctx context.Context, repoPath string, u *user_model.User) (bool, *git.SigningKey, *git.Signature, error) {
 	rules := signingModeFromStrings(setting.Repository.Signing.InitialCommit)
 	signingKey, sig := SigningKey(ctx, repoPath)
-	if signingKey == "" {
-		return false, "", nil, &ErrWontSign{noKey}
+	if signingKey == nil {
+		return false, nil, nil, &ErrWontSign{noKey}
 	}
 
 Loop:
 	for _, rule := range rules {
 		switch rule {
 		case never:
-			return false, "", nil, &ErrWontSign{never}
+			return false, nil, nil, &ErrWontSign{never}
 		case always:
 			break Loop
 		case pubkey:
@@ -150,18 +175,18 @@ Loop:
 				IncludeSubKeys: true,
 			})
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if len(keys) == 0 {
-				return false, "", nil, &ErrWontSign{pubkey}
+				return false, nil, nil, &ErrWontSign{pubkey}
 			}
 		case twofa:
 			twofaModel, err := auth.GetTwoFactorByUID(ctx, u.ID)
 			if err != nil && !auth.IsErrTwoFactorNotEnrolled(err) {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if twofaModel == nil {
-				return false, "", nil, &ErrWontSign{twofa}
+				return false, nil, nil, &ErrWontSign{twofa}
 			}
 		}
 	}
@@ -169,19 +194,19 @@ Loop:
 }
 
 // SignWikiCommit determines if we should sign the commits to this repository wiki
-func SignWikiCommit(ctx context.Context, repo *repo_model.Repository, u *user_model.User) (bool, string, *git.Signature, error) {
+func SignWikiCommit(ctx context.Context, repo *repo_model.Repository, u *user_model.User) (bool, *git.SigningKey, *git.Signature, error) {
 	repoWikiPath := repo.WikiPath()
 	rules := signingModeFromStrings(setting.Repository.Signing.Wiki)
 	signingKey, sig := SigningKey(ctx, repoWikiPath)
-	if signingKey == "" {
-		return false, "", nil, &ErrWontSign{noKey}
+	if signingKey == nil {
+		return false, nil, nil, &ErrWontSign{noKey}
 	}
 
 Loop:
 	for _, rule := range rules {
 		switch rule {
 		case never:
-			return false, "", nil, &ErrWontSign{never}
+			return false, nil, nil, &ErrWontSign{never}
 		case always:
 			break Loop
 		case pubkey:
@@ -190,35 +215,35 @@ Loop:
 				IncludeSubKeys: true,
 			})
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if len(keys) == 0 {
-				return false, "", nil, &ErrWontSign{pubkey}
+				return false, nil, nil, &ErrWontSign{pubkey}
 			}
 		case twofa:
 			twofaModel, err := auth.GetTwoFactorByUID(ctx, u.ID)
 			if err != nil && !auth.IsErrTwoFactorNotEnrolled(err) {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if twofaModel == nil {
-				return false, "", nil, &ErrWontSign{twofa}
+				return false, nil, nil, &ErrWontSign{twofa}
 			}
 		case parentSigned:
 			gitRepo, err := gitrepo.OpenRepository(ctx, repo.WikiStorageRepo())
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			defer gitRepo.Close()
 			commit, err := gitRepo.GetCommit("HEAD")
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if commit.Signature == nil {
-				return false, "", nil, &ErrWontSign{parentSigned}
+				return false, nil, nil, &ErrWontSign{parentSigned}
 			}
 			verification := ParseCommitWithSignature(ctx, commit)
 			if !verification.Verified {
-				return false, "", nil, &ErrWontSign{parentSigned}
+				return false, nil, nil, &ErrWontSign{parentSigned}
 			}
 		}
 	}
@@ -226,18 +251,18 @@ Loop:
 }
 
 // SignCRUDAction determines if we should sign a CRUD commit to this repository
-func SignCRUDAction(ctx context.Context, repoPath string, u *user_model.User, tmpBasePath, parentCommit string) (bool, string, *git.Signature, error) {
+func SignCRUDAction(ctx context.Context, repoPath string, u *user_model.User, tmpBasePath, parentCommit string) (bool, *git.SigningKey, *git.Signature, error) {
 	rules := signingModeFromStrings(setting.Repository.Signing.CRUDActions)
 	signingKey, sig := SigningKey(ctx, repoPath)
-	if signingKey == "" {
-		return false, "", nil, &ErrWontSign{noKey}
+	if signingKey == nil {
+		return false, nil, nil, &ErrWontSign{noKey}
 	}
 
 Loop:
 	for _, rule := range rules {
 		switch rule {
 		case never:
-			return false, "", nil, &ErrWontSign{never}
+			return false, nil, nil, &ErrWontSign{never}
 		case always:
 			break Loop
 		case pubkey:
@@ -246,35 +271,35 @@ Loop:
 				IncludeSubKeys: true,
 			})
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if len(keys) == 0 {
-				return false, "", nil, &ErrWontSign{pubkey}
+				return false, nil, nil, &ErrWontSign{pubkey}
 			}
 		case twofa:
 			twofaModel, err := auth.GetTwoFactorByUID(ctx, u.ID)
 			if err != nil && !auth.IsErrTwoFactorNotEnrolled(err) {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if twofaModel == nil {
-				return false, "", nil, &ErrWontSign{twofa}
+				return false, nil, nil, &ErrWontSign{twofa}
 			}
 		case parentSigned:
 			gitRepo, err := git.OpenRepository(ctx, tmpBasePath)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			defer gitRepo.Close()
 			commit, err := gitRepo.GetCommit(parentCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if commit.Signature == nil {
-				return false, "", nil, &ErrWontSign{parentSigned}
+				return false, nil, nil, &ErrWontSign{parentSigned}
 			}
 			verification := ParseCommitWithSignature(ctx, commit)
 			if !verification.Verified {
-				return false, "", nil, &ErrWontSign{parentSigned}
+				return false, nil, nil, &ErrWontSign{parentSigned}
 			}
 		}
 	}
@@ -282,16 +307,16 @@ Loop:
 }
 
 // SignMerge determines if we should sign a PR merge commit to the base repository
-func SignMerge(ctx context.Context, pr *issues_model.PullRequest, u *user_model.User, tmpBasePath, baseCommit, headCommit string) (bool, string, *git.Signature, error) {
+func SignMerge(ctx context.Context, pr *issues_model.PullRequest, u *user_model.User, tmpBasePath, baseCommit, headCommit string) (bool, *git.SigningKey, *git.Signature, error) {
 	if err := pr.LoadBaseRepo(ctx); err != nil {
 		log.Error("Unable to get Base Repo for pull request")
-		return false, "", nil, err
+		return false, nil, nil, err
 	}
 	repo := pr.BaseRepo
 
 	signingKey, signer := SigningKey(ctx, repo.RepoPath())
-	if signingKey == "" {
-		return false, "", nil, &ErrWontSign{noKey}
+	if signingKey == nil {
+		return false, nil, nil, &ErrWontSign{noKey}
 	}
 	rules := signingModeFromStrings(setting.Repository.Signing.Merges)
 
@@ -302,7 +327,7 @@ Loop:
 	for _, rule := range rules {
 		switch rule {
 		case never:
-			return false, "", nil, &ErrWontSign{never}
+			return false, nil, nil, &ErrWontSign{never}
 		case always:
 			break Loop
 		case pubkey:
@@ -311,91 +336,91 @@ Loop:
 				IncludeSubKeys: true,
 			})
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if len(keys) == 0 {
-				return false, "", nil, &ErrWontSign{pubkey}
+				return false, nil, nil, &ErrWontSign{pubkey}
 			}
 		case twofa:
 			twofaModel, err := auth.GetTwoFactorByUID(ctx, u.ID)
 			if err != nil && !auth.IsErrTwoFactorNotEnrolled(err) {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if twofaModel == nil {
-				return false, "", nil, &ErrWontSign{twofa}
+				return false, nil, nil, &ErrWontSign{twofa}
 			}
 		case approved:
 			protectedBranch, err := git_model.GetFirstMatchProtectedBranchRule(ctx, repo.ID, pr.BaseBranch)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			if protectedBranch == nil {
-				return false, "", nil, &ErrWontSign{approved}
+				return false, nil, nil, &ErrWontSign{approved}
 			}
 			if issues_model.GetGrantedApprovalsCount(ctx, protectedBranch, pr) < 1 {
-				return false, "", nil, &ErrWontSign{approved}
+				return false, nil, nil, &ErrWontSign{approved}
 			}
 		case baseSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(ctx, tmpBasePath)
 				if err != nil {
-					return false, "", nil, err
+					return false, nil, nil, err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(baseCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			verification := ParseCommitWithSignature(ctx, commit)
 			if !verification.Verified {
-				return false, "", nil, &ErrWontSign{baseSigned}
+				return false, nil, nil, &ErrWontSign{baseSigned}
 			}
 		case headSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(ctx, tmpBasePath)
 				if err != nil {
-					return false, "", nil, err
+					return false, nil, nil, err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(headCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			verification := ParseCommitWithSignature(ctx, commit)
 			if !verification.Verified {
-				return false, "", nil, &ErrWontSign{headSigned}
+				return false, nil, nil, &ErrWontSign{headSigned}
 			}
 		case commitsSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(ctx, tmpBasePath)
 				if err != nil {
-					return false, "", nil, err
+					return false, nil, nil, err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(headCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			verification := ParseCommitWithSignature(ctx, commit)
 			if !verification.Verified {
-				return false, "", nil, &ErrWontSign{commitsSigned}
+				return false, nil, nil, &ErrWontSign{commitsSigned}
 			}
 			// need to work out merge-base
 			mergeBaseCommit, _, err := gitRepo.GetMergeBase("", baseCommit, headCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			commitList, err := commit.CommitsBeforeUntil(mergeBaseCommit)
 			if err != nil {
-				return false, "", nil, err
+				return false, nil, nil, err
 			}
 			for _, commit := range commitList {
 				verification := ParseCommitWithSignature(ctx, commit)
 				if !verification.Verified {
-					return false, "", nil, &ErrWontSign{commitsSigned}
+					return false, nil, nil, &ErrWontSign{commitsSigned}
 				}
 			}
 		}
diff --git a/services/asymkey/ssh_key.go b/services/asymkey/ssh_key.go
index da57059d4b..01fa7ff15f 100644
--- a/services/asymkey/ssh_key.go
+++ b/services/asymkey/ssh_key.go
@@ -27,20 +27,9 @@ func DeletePublicKey(ctx context.Context, doer *user_model.User, id int64) (err
 		}
 	}
 
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if _, err = db.DeleteByID[asymkey_model.PublicKey](dbCtx, id); err != nil {
-		return err
-	}
-
-	if err = committer.Commit(); err != nil {
+	if _, err = db.DeleteByID[asymkey_model.PublicKey](ctx, id); err != nil {
 		return err
 	}
-	committer.Close()
 
 	if key.Type == asymkey_model.KeyTypePrincipal {
 		return RewriteAllPrincipalKeys(ctx)
diff --git a/services/asymkey/ssh_key_principals.go b/services/asymkey/ssh_key_principals.go
index 5ed5cfa782..6493c1cc51 100644
--- a/services/asymkey/ssh_key_principals.go
+++ b/services/asymkey/ssh_key_principals.go
@@ -14,24 +14,6 @@ import (
 
 // AddPrincipalKey adds new principal to database and authorized_principals file.
 func AddPrincipalKey(ctx context.Context, ownerID int64, content string, authSourceID int64) (*asymkey_model.PublicKey, error) {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return nil, err
-	}
-	defer committer.Close()
-
-	// Principals cannot be duplicated.
-	has, err := db.GetEngine(dbCtx).
-		Where("content = ? AND type = ?", content, asymkey_model.KeyTypePrincipal).
-		Get(new(asymkey_model.PublicKey))
-	if err != nil {
-		return nil, err
-	} else if has {
-		return nil, asymkey_model.ErrKeyAlreadyExist{
-			Content: content,
-		}
-	}
-
 	key := &asymkey_model.PublicKey{
 		OwnerID:       ownerID,
 		Name:          content,
@@ -40,15 +22,27 @@ func AddPrincipalKey(ctx context.Context, ownerID int64, content string, authSou
 		Type:          asymkey_model.KeyTypePrincipal,
 		LoginSourceID: authSourceID,
 	}
-	if err = db.Insert(dbCtx, key); err != nil {
-		return nil, fmt.Errorf("addKey: %w", err)
-	}
 
-	if err = committer.Commit(); err != nil {
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		// Principals cannot be duplicated.
+		has, err := db.GetEngine(ctx).
+			Where("content = ? AND type = ?", content, asymkey_model.KeyTypePrincipal).
+			Get(new(asymkey_model.PublicKey))
+		if err != nil {
+			return err
+		} else if has {
+			return asymkey_model.ErrKeyAlreadyExist{
+				Content: content,
+			}
+		}
+
+		if err = db.Insert(ctx, key); err != nil {
+			return fmt.Errorf("addKey: %w", err)
+		}
+		return nil
+	}); err != nil {
 		return nil, err
 	}
 
-	committer.Close()
-
 	return key, RewriteAllPrincipalKeys(ctx)
 }
diff --git a/services/attachment/attachment_test.go b/services/attachment/attachment_test.go
index 142bcfe629..65475836be 100644
--- a/services/attachment/attachment_test.go
+++ b/services/attachment/attachment_test.go
@@ -41,6 +41,6 @@ func TestUploadAttachment(t *testing.T) {
 
 	attachment, err := repo_model.GetAttachmentByUUID(db.DefaultContext, attach.UUID)
 	assert.NoError(t, err)
-	assert.EqualValues(t, user.ID, attachment.UploaderID)
+	assert.Equal(t, user.ID, attachment.UploaderID)
 	assert.Equal(t, int64(0), attachment.DownloadCount)
 }
diff --git a/services/auth/auth.go b/services/auth/auth.go
index f7deeb4c50..fb6612290b 100644
--- a/services/auth/auth.go
+++ b/services/auth/auth.go
@@ -62,14 +62,14 @@ func (a *authPathDetector) isAPIPath() bool {
 
 // isAttachmentDownload check if request is a file download (GET) with URL to an attachment
 func (a *authPathDetector) isAttachmentDownload() bool {
-	return strings.HasPrefix(a.req.URL.Path, "/attachments/") && a.req.Method == "GET"
+	return strings.HasPrefix(a.req.URL.Path, "/attachments/") && a.req.Method == http.MethodGet
 }
 
 func (a *authPathDetector) isFeedRequest(req *http.Request) bool {
 	if !setting.Other.EnableFeed {
 		return false
 	}
-	if req.Method != "GET" {
+	if req.Method != http.MethodGet {
 		return false
 	}
 	return a.vars.feedPathRe.MatchString(req.URL.Path) || a.vars.feedRefPathRe.MatchString(req.URL.Path)
diff --git a/services/auth/auth_test.go b/services/auth/auth_test.go
index b8d3396163..c45f312c90 100644
--- a/services/auth/auth_test.go
+++ b/services/auth/auth_test.go
@@ -97,7 +97,7 @@ func Test_isGitRawOrLFSPath(t *testing.T) {
 	defer test.MockVariableValue(&setting.LFS.StartServer)()
 	for _, tt := range tests {
 		t.Run(tt.path, func(t *testing.T) {
-			req, _ := http.NewRequest("POST", "http://localhost"+tt.path, nil)
+			req, _ := http.NewRequest(http.MethodPost, "http://localhost"+tt.path, nil)
 			setting.LFS.StartServer = false
 			assert.Equal(t, tt.want, newAuthPathDetector(req).isGitRawOrAttachOrLFSPath())
 
@@ -119,7 +119,7 @@ func Test_isGitRawOrLFSPath(t *testing.T) {
 	}
 	for _, tt := range lfsTests {
 		t.Run(tt, func(t *testing.T) {
-			req, _ := http.NewRequest("POST", tt, nil)
+			req, _ := http.NewRequest(http.MethodPost, tt, nil)
 			setting.LFS.StartServer = false
 			got := newAuthPathDetector(req).isGitRawOrAttachOrLFSPath()
 			assert.Equalf(t, setting.LFS.StartServer, got, "isGitOrLFSPath(%q) = %v, want %v, %v", tt, got, setting.LFS.StartServer, globalVars().gitRawOrAttachPathRe.MatchString(tt))
@@ -148,7 +148,7 @@ func Test_isFeedRequest(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.path, func(t *testing.T) {
-			req, _ := http.NewRequest("GET", "http://localhost"+tt.path, nil)
+			req, _ := http.NewRequest(http.MethodGet, "http://localhost"+tt.path, nil)
 			assert.Equal(t, tt.want, newAuthPathDetector(req).isFeedRequest(req))
 		})
 	}
diff --git a/services/auth/basic.go b/services/auth/basic.go
index e22b9e1eb7..6d147deeb1 100644
--- a/services/auth/basic.go
+++ b/services/auth/basic.go
@@ -7,12 +7,11 @@ package auth
 import (
 	"errors"
 	"net/http"
-	"strings"
 
 	actions_model "code.gitea.io/gitea/models/actions"
 	auth_model "code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/auth/httpauth"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
@@ -47,24 +46,22 @@ func (b *Basic) Name() string {
 // name/token on successful validation.
 // Returns nil if header is empty or validation fails.
 func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) {
-	// Basic authentication should only fire on API, Feed, Download or on Git or LFSPaths
+	// Basic authentication should only fire on API, Feed, Download, Archives or on Git or LFSPaths
 	// Not all feed (rss/atom) clients feature the ability to add cookies or headers, so we need to allow basic auth for feeds
 	detector := newAuthPathDetector(req)
-	if !detector.isAPIPath() && !detector.isFeedRequest(req) && !detector.isContainerPath() && !detector.isAttachmentDownload() && !detector.isGitRawOrAttachOrLFSPath() {
+	if !detector.isAPIPath() && !detector.isFeedRequest(req) && !detector.isContainerPath() && !detector.isAttachmentDownload() && !detector.isArchivePath() && !detector.isGitRawOrAttachOrLFSPath() {
 		return nil, nil
 	}
 
-	baHead := req.Header.Get("Authorization")
-	if len(baHead) == 0 {
+	authHeader := req.Header.Get("Authorization")
+	if authHeader == "" {
 		return nil, nil
 	}
-
-	auths := strings.SplitN(baHead, " ", 2)
-	if len(auths) != 2 || (strings.ToLower(auths[0]) != "basic") {
+	parsed, ok := httpauth.ParseAuthorizationHeader(authHeader)
+	if !ok || parsed.BasicAuth == nil {
 		return nil, nil
 	}
-
-	uname, passwd, _ := base.BasicAuthDecode(auths[1])
+	uname, passwd := parsed.BasicAuth.Username, parsed.BasicAuth.Password
 
 	// Check if username or password is a token
 	isUsernameToken := len(passwd) == 0 || passwd == "x-oauth-basic"
@@ -142,14 +139,14 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 		return nil, err
 	}
 
-	if skipper, ok := source.Cfg.(LocalTwoFASkipper); !ok || !skipper.IsSkipLocalTwoFA() {
-		// Check if the user has webAuthn registration
+	if !source.TwoFactorShouldSkip() {
+		// Check if the user has WebAuthn registration
 		hasWebAuthn, err := auth_model.HasWebAuthnRegistrationsByUID(req.Context(), u.ID)
 		if err != nil {
 			return nil, err
 		}
 		if hasWebAuthn {
-			return nil, errors.New("Basic authorization is not allowed while webAuthn enrolled")
+			return nil, errors.New("basic authorization is not allowed while WebAuthn enrolled")
 		}
 
 		if err := validateTOTP(req, u); err != nil {
diff --git a/services/auth/httpsign.go b/services/auth/httpsign.go
index 83a36bef23..25e96ff32d 100644
--- a/services/auth/httpsign.go
+++ b/services/auth/httpsign.go
@@ -134,7 +134,7 @@ func VerifyCert(r *http.Request) (*asymkey_model.PublicKey, error) {
 	// Check if it's really a ssh certificate
 	cert, ok := pk.(*ssh.Certificate)
 	if !ok {
-		return nil, fmt.Errorf("no certificate found")
+		return nil, errors.New("no certificate found")
 	}
 
 	c := &ssh.CertChecker{
@@ -153,7 +153,7 @@ func VerifyCert(r *http.Request) (*asymkey_model.PublicKey, error) {
 
 	// check the CA of the cert
 	if !c.IsUserAuthority(cert.SignatureKey) {
-		return nil, fmt.Errorf("CA check failed")
+		return nil, errors.New("CA check failed")
 	}
 
 	// Create a verifier
@@ -191,7 +191,7 @@ func VerifyCert(r *http.Request) (*asymkey_model.PublicKey, error) {
 	}
 
 	// No public key matching a principal in the certificate is registered in gitea
-	return nil, fmt.Errorf("no valid principal found")
+	return nil, errors.New("no valid principal found")
 }
 
 // doVerify iterates across the provided public keys attempting the verify the current request against each key in turn
diff --git a/services/auth/interface.go b/services/auth/interface.go
index 275b4dd56c..c4bed2b640 100644
--- a/services/auth/interface.go
+++ b/services/auth/interface.go
@@ -20,7 +20,7 @@ type SessionStore session.Store
 // Method represents an authentication method (plugin) for HTTP requests.
 type Method interface {
 	// Verify tries to verify the authentication data contained in the request.
-	// If verification is successful returns either an existing user object (with id > 0)
+	// If verification succeeds, it returns either an existing user object (with id > 0)
 	// or a new user object (with id = 0) populated with the information that was found
 	// in the authentication data (username or email).
 	// Second argument returns err if verification fails, otherwise
@@ -35,11 +35,6 @@ type PasswordAuthenticator interface {
 	Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error)
 }
 
-// LocalTwoFASkipper represents a source of authentication that can skip local 2fa
-type LocalTwoFASkipper interface {
-	IsSkipLocalTwoFA() bool
-}
-
 // SynchronizableSource represents a source that can synchronize users
 type SynchronizableSource interface {
 	Sync(ctx context.Context, updateExisting bool) error
diff --git a/services/auth/oauth2.go b/services/auth/oauth2.go
index 66cc686809..7df6f4638e 100644
--- a/services/auth/oauth2.go
+++ b/services/auth/oauth2.go
@@ -13,6 +13,7 @@ import (
 	actions_model "code.gitea.io/gitea/models/actions"
 	auth_model "code.gitea.io/gitea/models/auth"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/auth/httpauth"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
@@ -97,9 +98,9 @@ func parseToken(req *http.Request) (string, bool) {
 
 	// check header token
 	if auHead := req.Header.Get("Authorization"); auHead != "" {
-		auths := strings.Fields(auHead)
-		if len(auths) == 2 && (auths[0] == "token" || strings.ToLower(auths[0]) == "bearer") {
-			return auths[1], true
+		parsed, ok := httpauth.ParseAuthorizationHeader(auHead)
+		if ok && parsed.BearerToken != nil {
+			return parsed.BearerToken.Token, true
 		}
 	}
 	return "", false
diff --git a/services/auth/oauth2_test.go b/services/auth/oauth2_test.go
index 9edf18d58e..f003742a94 100644
--- a/services/auth/oauth2_test.go
+++ b/services/auth/oauth2_test.go
@@ -26,7 +26,7 @@ func TestUserIDFromToken(t *testing.T) {
 
 		o := OAuth2{}
 		uid := o.userIDFromToken(t.Context(), token, ds)
-		assert.Equal(t, int64(user_model.ActionsUserID), uid)
+		assert.Equal(t, user_model.ActionsUserID, uid)
 		assert.Equal(t, true, ds["IsActionsToken"])
 		assert.Equal(t, ds["ActionsTaskID"], int64(RunningTaskID))
 	})
diff --git a/services/auth/source/db/source.go b/services/auth/source/db/source.go
index bb2270cbd6..90baa61f5b 100644
--- a/services/auth/source/db/source.go
+++ b/services/auth/source/db/source.go
@@ -11,7 +11,9 @@ import (
 )
 
 // Source is a password authentication service
-type Source struct{}
+type Source struct {
+	auth.ConfigBase `json:"-"`
+}
 
 // FromDB fills up an OAuth2Config from serialized format.
 func (source *Source) FromDB(bs []byte) error {
diff --git a/services/auth/source/ldap/assert_interface_test.go b/services/auth/source/ldap/assert_interface_test.go
index 33347687dc..8e8accd668 100644
--- a/services/auth/source/ldap/assert_interface_test.go
+++ b/services/auth/source/ldap/assert_interface_test.go
@@ -15,13 +15,11 @@ import (
 type sourceInterface interface {
 	auth.PasswordAuthenticator
 	auth.SynchronizableSource
-	auth.LocalTwoFASkipper
 	auth_model.SSHKeyProvider
 	auth_model.Config
 	auth_model.SkipVerifiable
 	auth_model.HasTLSer
 	auth_model.UseTLSer
-	auth_model.SourceSettable
 }
 
 var _ (sourceInterface) = &ldap.Source{}
diff --git a/services/auth/source/ldap/source.go b/services/auth/source/ldap/source.go
index 963cdba7c2..d49dbc45ce 100644
--- a/services/auth/source/ldap/source.go
+++ b/services/auth/source/ldap/source.go
@@ -24,6 +24,8 @@ import (
 
 // Source Basic LDAP authentication service
 type Source struct {
+	auth.ConfigBase `json:"-"`
+
 	Name                  string // canonical name (ie. corporate.ad)
 	Host                  string // LDAP host
 	Port                  int    // port number
@@ -54,9 +56,6 @@ type Source struct {
 	GroupTeamMap          string // Map LDAP groups to teams
 	GroupTeamMapRemoval   bool   // Remove user from teams which are synchronized and user is not a member of the corresponding LDAP group
 	UserUID               string // User Attribute listed in Group
-	SkipLocalTwoFA        bool   `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
-
-	authSource *auth.Source // reference to the authSource
 }
 
 // FromDB fills up a LDAPConfig from serialized format.
@@ -109,11 +108,6 @@ func (source *Source) ProvidesSSHKeys() bool {
 	return strings.TrimSpace(source.AttributeSSHPublicKey) != ""
 }
 
-// SetAuthSource sets the related AuthSource
-func (source *Source) SetAuthSource(authSource *auth.Source) {
-	source.authSource = authSource
-}
-
 func init() {
 	auth.RegisterTypeConfig(auth.LDAP, &Source{})
 	auth.RegisterTypeConfig(auth.DLDAP, &Source{})
diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go
index 6a6c60cd40..6005a4744a 100644
--- a/services/auth/source/ldap/source_authenticate.go
+++ b/services/auth/source/ldap/source_authenticate.go
@@ -5,7 +5,6 @@ package ldap
 
 import (
 	"context"
-	"fmt"
 	"strings"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
@@ -26,7 +25,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 	if user != nil {
 		loginName = user.LoginName
 	}
-	sr := source.SearchEntry(loginName, password, source.authSource.Type == auth.DLDAP)
+	sr := source.SearchEntry(loginName, password, source.AuthSource.Type == auth.DLDAP)
 	if sr == nil {
 		// User not in LDAP, do nothing
 		return nil, user_model.ErrUserNotExist{Name: loginName}
@@ -41,7 +40,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 		sr.Username = userName
 	}
 	if sr.Mail == "" {
-		sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username)
+		sr.Mail = sr.Username + "@localhost.local"
 	}
 	isAttributeSSHPublicKeySet := strings.TrimSpace(source.AttributeSSHPublicKey) != ""
 
@@ -59,7 +58,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 			opts := &user_service.UpdateOptions{}
 			if source.AdminFilter != "" && user.IsAdmin != sr.IsAdmin {
 				// Change existing admin flag only if AdminFilter option is set
-				opts.IsAdmin = optional.Some(sr.IsAdmin)
+				opts.IsAdmin = user_service.UpdateOptionFieldFromSync(sr.IsAdmin)
 			}
 			if !sr.IsAdmin && source.RestrictedFilter != "" && user.IsRestricted != sr.IsRestricted {
 				// Change existing restricted flag only if RestrictedFilter option is set
@@ -74,7 +73,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 	}
 
 	if user != nil {
-		if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(ctx, user, source.authSource, sr.SSHPublicKey) {
+		if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(ctx, user, source.AuthSource, sr.SSHPublicKey) {
 			if err := asymkey_service.RewriteAllPublicKeys(ctx); err != nil {
 				return user, err
 			}
@@ -85,8 +84,8 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 			Name:        sr.Username,
 			FullName:    composeFullName(sr.Name, sr.Surname, sr.Username),
 			Email:       sr.Mail,
-			LoginType:   source.authSource.Type,
-			LoginSource: source.authSource.ID,
+			LoginType:   source.AuthSource.Type,
+			LoginSource: source.AuthSource.ID,
 			LoginName:   userName,
 			IsAdmin:     sr.IsAdmin,
 		}
@@ -100,7 +99,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 			return user, err
 		}
 
-		if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(ctx, user, source.authSource, sr.SSHPublicKey) {
+		if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(ctx, user, source.AuthSource, sr.SSHPublicKey) {
 			if err := asymkey_service.RewriteAllPublicKeys(ctx); err != nil {
 				return user, err
 			}
@@ -124,8 +123,3 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 
 	return user, nil
 }
-
-// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
-func (source *Source) IsSkipLocalTwoFA() bool {
-	return source.SkipLocalTwoFA
-}
diff --git a/services/auth/source/ldap/source_search.go b/services/auth/source/ldap/source_search.go
index fa2c45ce4a..f6c032492f 100644
--- a/services/auth/source/ldap/source_search.go
+++ b/services/auth/source/ldap/source_search.go
@@ -117,10 +117,10 @@ func dial(source *Source) (*ldap.Conn, error) {
 	}
 
 	if source.SecurityProtocol == SecurityProtocolLDAPS {
-		return ldap.DialTLS("tcp", net.JoinHostPort(source.Host, strconv.Itoa(source.Port)), tlsConfig) //nolint:staticcheck
+		return ldap.DialTLS("tcp", net.JoinHostPort(source.Host, strconv.Itoa(source.Port)), tlsConfig) //nolint:staticcheck // DialTLS is deprecated
 	}
 
-	conn, err := ldap.Dial("tcp", net.JoinHostPort(source.Host, strconv.Itoa(source.Port))) //nolint:staticcheck
+	conn, err := ldap.Dial("tcp", net.JoinHostPort(source.Host, strconv.Itoa(source.Port))) //nolint:staticcheck // Dial is deprecated
 	if err != nil {
 		return nil, fmt.Errorf("error during Dial: %w", err)
 	}
@@ -241,7 +241,7 @@ func (source *Source) listLdapGroupMemberships(l *ldap.Conn, uid string, applyGr
 }
 
 func (source *Source) getUserAttributeListedInGroup(entry *ldap.Entry) string {
-	if strings.ToLower(source.UserUID) == "dn" {
+	if strings.EqualFold(source.UserUID, "dn") {
 		return entry.DN
 	}
 
diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go
index e817bf1fa9..7b401c5c96 100644
--- a/services/auth/source/ldap/source_sync.go
+++ b/services/auth/source/ldap/source_sync.go
@@ -5,7 +5,6 @@ package ldap
 
 import (
 	"context"
-	"fmt"
 	"strings"
 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
@@ -23,21 +22,21 @@ import (
 
 // Sync causes this ldap source to synchronize its users with the db
 func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
-	log.Trace("Doing: SyncExternalUsers[%s]", source.authSource.Name)
+	log.Trace("Doing: SyncExternalUsers[%s]", source.AuthSource.Name)
 
 	isAttributeSSHPublicKeySet := strings.TrimSpace(source.AttributeSSHPublicKey) != ""
 	var sshKeysNeedUpdate bool
 
 	// Find all users with this login type - FIXME: Should this be an iterator?
-	users, err := user_model.GetUsersBySource(ctx, source.authSource)
+	users, err := user_model.GetUsersBySource(ctx, source.AuthSource)
 	if err != nil {
 		log.Error("SyncExternalUsers: %v", err)
 		return err
 	}
 	select {
 	case <-ctx.Done():
-		log.Warn("SyncExternalUsers: Cancelled before update of %s", source.authSource.Name)
-		return db.ErrCancelledf("Before update of %s", source.authSource.Name)
+		log.Warn("SyncExternalUsers: Cancelled before update of %s", source.AuthSource.Name)
+		return db.ErrCancelledf("Before update of %s", source.AuthSource.Name)
 	default:
 	}
 
@@ -52,7 +51,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 
 	sr, err := source.SearchEntries()
 	if err != nil {
-		log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.authSource.Name)
+		log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.AuthSource.Name)
 		return nil
 	}
 
@@ -75,7 +74,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 	for _, su := range sr {
 		select {
 		case <-ctx.Done():
-			log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.authSource.Name)
+			log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.AuthSource.Name)
 			// Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed
 			if sshKeysNeedUpdate {
 				err = asymkey_service.RewriteAllPublicKeys(ctx)
@@ -83,7 +82,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 					log.Error("RewriteAllPublicKeys: %v", err)
 				}
 			}
-			return db.ErrCancelledf("During update of %s before completed update of users", source.authSource.Name)
+			return db.ErrCancelledf("During update of %s before completed update of users", source.AuthSource.Name)
 		default:
 		}
 		if su.Username == "" && su.Mail == "" {
@@ -106,20 +105,20 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 		}
 
 		if su.Mail == "" {
-			su.Mail = fmt.Sprintf("%s@localhost.local", su.Username)
+			su.Mail = su.Username + "@localhost.local"
 		}
 
 		fullName := composeFullName(su.Name, su.Surname, su.Username)
 		// If no existing user found, create one
 		if usr == nil {
-			log.Trace("SyncExternalUsers[%s]: Creating user %s", source.authSource.Name, su.Username)
+			log.Trace("SyncExternalUsers[%s]: Creating user %s", source.AuthSource.Name, su.Username)
 
 			usr = &user_model.User{
 				LowerName:   su.LowerName,
 				Name:        su.Username,
 				FullName:    fullName,
-				LoginType:   source.authSource.Type,
-				LoginSource: source.authSource.ID,
+				LoginType:   source.AuthSource.Type,
+				LoginSource: source.AuthSource.ID,
 				LoginName:   su.Username,
 				Email:       su.Mail,
 				IsAdmin:     su.IsAdmin,
@@ -131,12 +130,12 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 
 			err = user_model.CreateUser(ctx, usr, &user_model.Meta{}, overwriteDefault)
 			if err != nil {
-				log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.authSource.Name, su.Username, err)
+				log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.AuthSource.Name, su.Username, err)
 			}
 
 			if err == nil && isAttributeSSHPublicKeySet {
-				log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.authSource.Name, usr.Name)
-				if asymkey_model.AddPublicKeysBySource(ctx, usr, source.authSource, su.SSHPublicKey) {
+				log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.AuthSource.Name, usr.Name)
+				if asymkey_model.AddPublicKeysBySource(ctx, usr, source.AuthSource, su.SSHPublicKey) {
 					sshKeysNeedUpdate = true
 				}
 			}
@@ -146,7 +145,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 			}
 		} else if updateExisting {
 			// Synchronize SSH Public Key if that attribute is set
-			if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(ctx, usr, source.authSource, su.SSHPublicKey) {
+			if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(ctx, usr, source.AuthSource, su.SSHPublicKey) {
 				sshKeysNeedUpdate = true
 			}
 
@@ -156,14 +155,14 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				!strings.EqualFold(usr.Email, su.Mail) ||
 				usr.FullName != fullName ||
 				!usr.IsActive {
-				log.Trace("SyncExternalUsers[%s]: Updating user %s", source.authSource.Name, usr.Name)
+				log.Trace("SyncExternalUsers[%s]: Updating user %s", source.AuthSource.Name, usr.Name)
 
 				opts := &user_service.UpdateOptions{
 					FullName: optional.Some(fullName),
 					IsActive: optional.Some(true),
 				}
 				if source.AdminFilter != "" {
-					opts.IsAdmin = optional.Some(su.IsAdmin)
+					opts.IsAdmin = user_service.UpdateOptionFieldFromSync(su.IsAdmin)
 				}
 				// Change existing restricted flag only if RestrictedFilter option is set
 				if !su.IsAdmin && source.RestrictedFilter != "" {
@@ -171,16 +170,17 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				}
 
 				if err := user_service.UpdateUser(ctx, usr, opts); err != nil {
-					log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.authSource.Name, usr.Name, err)
+					log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.AuthSource.Name, usr.Name, err)
 				}
 
 				if err := user_service.ReplacePrimaryEmailAddress(ctx, usr, su.Mail); err != nil {
-					log.Error("SyncExternalUsers[%s]: Error updating user %s primary email %s: %v", source.authSource.Name, usr.Name, su.Mail, err)
+					log.Error("SyncExternalUsers[%s]: Error updating user %s primary email %s: %v", source.AuthSource.Name, usr.Name, su.Mail, err)
 				}
 			}
 
-			if usr.IsUploadAvatarChanged(su.Avatar) {
-				if err == nil && source.AttributeAvatar != "" {
+			if source.AttributeAvatar != "" {
+				if len(su.Avatar) > 0 && usr.IsUploadAvatarChanged(su.Avatar) {
+					log.Trace("SyncExternalUsers[%s]: Uploading new avatar for %s", source.AuthSource.Name, usr.Name)
 					_ = user_service.UploadAvatar(ctx, usr, su.Avatar)
 				}
 			}
@@ -203,8 +203,8 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 
 	select {
 	case <-ctx.Done():
-		log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.authSource.Name)
-		return db.ErrCancelledf("During update of %s before delete users", source.authSource.Name)
+		log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.AuthSource.Name)
+		return db.ErrCancelledf("During update of %s before delete users", source.AuthSource.Name)
 	default:
 	}
 
@@ -215,13 +215,13 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				continue
 			}
 
-			log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.authSource.Name, usr.Name)
+			log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.AuthSource.Name, usr.Name)
 
 			opts := &user_service.UpdateOptions{
 				IsActive: optional.Some(false),
 			}
 			if err := user_service.UpdateUser(ctx, usr, opts); err != nil {
-				log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.authSource.Name, usr.Name, err)
+				log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.AuthSource.Name, usr.Name, err)
 			}
 		}
 	}
diff --git a/services/auth/source/oauth2/assert_interface_test.go b/services/auth/source/oauth2/assert_interface_test.go
index 56fe0e4aa8..d870ac1dcd 100644
--- a/services/auth/source/oauth2/assert_interface_test.go
+++ b/services/auth/source/oauth2/assert_interface_test.go
@@ -14,7 +14,6 @@ import (
 
 type sourceInterface interface {
 	auth_model.Config
-	auth_model.SourceSettable
 	auth_model.RegisterableSource
 	auth.PasswordAuthenticator
 }
diff --git a/services/auth/source/oauth2/providers.go b/services/auth/source/oauth2/providers.go
index f2c1bb4894..75ed41ba66 100644
--- a/services/auth/source/oauth2/providers.go
+++ b/services/auth/source/oauth2/providers.go
@@ -27,6 +27,7 @@ type Provider interface {
 	DisplayName() string
 	IconHTML(size int) template.HTML
 	CustomURLSettings() *CustomURLSettings
+	SupportSSHPublicKey() bool
 }
 
 // GothProviderCreator provides a function to create a goth.Provider
diff --git a/services/auth/source/oauth2/providers_base.go b/services/auth/source/oauth2/providers_base.go
index 9d4ab106e5..d34597d6d9 100644
--- a/services/auth/source/oauth2/providers_base.go
+++ b/services/auth/source/oauth2/providers_base.go
@@ -14,6 +14,13 @@ import (
 type BaseProvider struct {
 	name        string
 	displayName string
+
+	// TODO: maybe some providers also support SSH public keys, then they can set this to true
+	supportSSHPublicKey bool
+}
+
+func (b *BaseProvider) SupportSSHPublicKey() bool {
+	return b.supportSSHPublicKey
 }
 
 // Name provides the technical name for this provider
diff --git a/services/auth/source/oauth2/providers_openid.go b/services/auth/source/oauth2/providers_openid.go
index 285876d5ac..e86dc48232 100644
--- a/services/auth/source/oauth2/providers_openid.go
+++ b/services/auth/source/oauth2/providers_openid.go
@@ -17,6 +17,10 @@ import (
 // OpenIDProvider is a GothProvider for OpenID
 type OpenIDProvider struct{}
 
+func (o *OpenIDProvider) SupportSSHPublicKey() bool {
+	return true
+}
+
 // Name provides the technical name for this provider
 func (o *OpenIDProvider) Name() string {
 	return "openidConnect"
diff --git a/services/auth/source/oauth2/source.go b/services/auth/source/oauth2/source.go
index 3454c9ad55..00d89b3481 100644
--- a/services/auth/source/oauth2/source.go
+++ b/services/auth/source/oauth2/source.go
@@ -10,6 +10,8 @@ import (
 
 // Source holds configuration for the OAuth2 login source.
 type Source struct {
+	auth.ConfigBase `json:"-"`
+
 	Provider                      string
 	ClientID                      string
 	ClientSecret                  string
@@ -25,10 +27,9 @@ type Source struct {
 	GroupTeamMap        string
 	GroupTeamMapRemoval bool
 	RestrictedGroup     string
-	SkipLocalTwoFA      bool `json:",omitempty"`
 
-	// reference to the authSource
-	authSource *auth.Source
+	SSHPublicKeyClaimName string
+	FullNameClaimName     string
 }
 
 // FromDB fills up an OAuth2Config from serialized format.
@@ -41,11 +42,6 @@ func (source *Source) ToDB() ([]byte, error) {
 	return json.Marshal(source)
 }
 
-// SetAuthSource sets the related AuthSource
-func (source *Source) SetAuthSource(authSource *auth.Source) {
-	source.authSource = authSource
-}
-
 func init() {
 	auth.RegisterTypeConfig(auth.OAuth2, &Source{})
 }
diff --git a/services/auth/source/oauth2/source_callout.go b/services/auth/source/oauth2/source_callout.go
index 8d70bee248..f09d25c772 100644
--- a/services/auth/source/oauth2/source_callout.go
+++ b/services/auth/source/oauth2/source_callout.go
@@ -13,7 +13,7 @@ import (
 // Callout redirects request/response pair to authenticate against the provider
 func (source *Source) Callout(request *http.Request, response http.ResponseWriter) error {
 	// not sure if goth is thread safe (?) when using multiple providers
-	request.Header.Set(ProviderHeaderKey, source.authSource.Name)
+	request.Header.Set(ProviderHeaderKey, source.AuthSource.Name)
 
 	// don't use the default gothic begin handler to prevent issues when some error occurs
 	// normally the gothic library will write some custom stuff to the response instead of our own nice error page
@@ -33,7 +33,7 @@ func (source *Source) Callout(request *http.Request, response http.ResponseWrite
 // this will trigger a new authentication request, but because we save it in the session we can use that
 func (source *Source) Callback(request *http.Request, response http.ResponseWriter) (goth.User, error) {
 	// not sure if goth is thread safe (?) when using multiple providers
-	request.Header.Set(ProviderHeaderKey, source.authSource.Name)
+	request.Header.Set(ProviderHeaderKey, source.AuthSource.Name)
 
 	gothRWMutex.RLock()
 	defer gothRWMutex.RUnlock()
diff --git a/services/auth/source/oauth2/source_register.go b/services/auth/source/oauth2/source_register.go
index 82a36acaa6..12da56c11b 100644
--- a/services/auth/source/oauth2/source_register.go
+++ b/services/auth/source/oauth2/source_register.go
@@ -9,13 +9,13 @@ import (
 
 // RegisterSource causes an OAuth2 configuration to be registered
 func (source *Source) RegisterSource() error {
-	err := RegisterProviderWithGothic(source.authSource.Name, source)
-	return wrapOpenIDConnectInitializeError(err, source.authSource.Name, source)
+	err := RegisterProviderWithGothic(source.AuthSource.Name, source)
+	return wrapOpenIDConnectInitializeError(err, source.AuthSource.Name, source)
 }
 
 // UnregisterSource causes an OAuth2 configuration to be unregistered
 func (source *Source) UnregisterSource() error {
-	RemoveProviderFromGothic(source.authSource.Name)
+	RemoveProviderFromGothic(source.AuthSource.Name)
 	return nil
 }
 
diff --git a/services/auth/source/oauth2/source_sync.go b/services/auth/source/oauth2/source_sync.go
index 5e30313c8f..c2e3dfb1a8 100644
--- a/services/auth/source/oauth2/source_sync.go
+++ b/services/auth/source/oauth2/source_sync.go
@@ -18,27 +18,27 @@ import (
 
 // Sync causes this OAuth2 source to synchronize its users with the db.
 func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
-	log.Trace("Doing: SyncExternalUsers[%s] %d", source.authSource.Name, source.authSource.ID)
+	log.Trace("Doing: SyncExternalUsers[%s] %d", source.AuthSource.Name, source.AuthSource.ID)
 
 	if !updateExisting {
-		log.Info("SyncExternalUsers[%s] not running since updateExisting is false", source.authSource.Name)
+		log.Info("SyncExternalUsers[%s] not running since updateExisting is false", source.AuthSource.Name)
 		return nil
 	}
 
-	provider, err := createProvider(source.authSource.Name, source)
+	provider, err := createProvider(source.AuthSource.Name, source)
 	if err != nil {
 		return err
 	}
 
 	if !provider.RefreshTokenAvailable() {
-		log.Trace("SyncExternalUsers[%s] provider doesn't support refresh tokens, can't synchronize", source.authSource.Name)
+		log.Trace("SyncExternalUsers[%s] provider doesn't support refresh tokens, can't synchronize", source.AuthSource.Name)
 		return nil
 	}
 
 	opts := user_model.FindExternalUserOptions{
 		HasRefreshToken: true,
 		Expired:         true,
-		LoginSourceID:   source.authSource.ID,
+		LoginSourceID:   source.AuthSource.ID,
 	}
 
 	return user_model.IterateExternalLogin(ctx, opts, func(ctx context.Context, u *user_model.ExternalLoginUser) error {
@@ -77,7 +77,7 @@ func (source *Source) refresh(ctx context.Context, provider goth.Provider, u *us
 	// recognizes them as a valid user, they will be able to login
 	// via their provider and reactivate their account.
 	if shouldDisable {
-		log.Info("SyncExternalUsers[%s] disabling user %d", source.authSource.Name, user.ID)
+		log.Info("SyncExternalUsers[%s] disabling user %d", source.AuthSource.Name, user.ID)
 
 		return db.WithTx(ctx, func(ctx context.Context) error {
 			if hasUser {
diff --git a/services/auth/source/oauth2/source_sync_test.go b/services/auth/source/oauth2/source_sync_test.go
index aacb4286a1..2927f3634b 100644
--- a/services/auth/source/oauth2/source_sync_test.go
+++ b/services/auth/source/oauth2/source_sync_test.go
@@ -18,19 +18,21 @@ func TestSource(t *testing.T) {
 
 	source := &Source{
 		Provider: "fake",
-		authSource: &auth.Source{
-			ID:            12,
-			Type:          auth.OAuth2,
-			Name:          "fake",
-			IsActive:      true,
-			IsSyncEnabled: true,
+		ConfigBase: auth.ConfigBase{
+			AuthSource: &auth.Source{
+				ID:            12,
+				Type:          auth.OAuth2,
+				Name:          "fake",
+				IsActive:      true,
+				IsSyncEnabled: true,
+			},
 		},
 	}
 
 	user := &user_model.User{
 		LoginName:   "external",
 		LoginType:   auth.OAuth2,
-		LoginSource: source.authSource.ID,
+		LoginSource: source.AuthSource.ID,
 		Name:        "test",
 		Email:       "external@example.com",
 	}
@@ -47,7 +49,7 @@ func TestSource(t *testing.T) {
 	err = user_model.LinkExternalToUser(t.Context(), user, e)
 	assert.NoError(t, err)
 
-	provider, err := createProvider(source.authSource.Name, source)
+	provider, err := createProvider(source.AuthSource.Name, source)
 	assert.NoError(t, err)
 
 	t.Run("refresh", func(t *testing.T) {
@@ -88,8 +90,8 @@ func TestSource(t *testing.T) {
 			ok, err := user_model.GetExternalLogin(t.Context(), e)
 			assert.NoError(t, err)
 			assert.True(t, ok)
-			assert.Equal(t, "", e.RefreshToken)
-			assert.Equal(t, "", e.AccessToken)
+			assert.Empty(t, e.RefreshToken)
+			assert.Empty(t, e.AccessToken)
 
 			u, err := user_model.GetUserByID(t.Context(), user.ID)
 			assert.NoError(t, err)
diff --git a/services/auth/source/oauth2/store.go b/services/auth/source/oauth2/store.go
index 90fa965602..7b6b26edc8 100644
--- a/services/auth/source/oauth2/store.go
+++ b/services/auth/source/oauth2/store.go
@@ -11,7 +11,6 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	session_module "code.gitea.io/gitea/modules/session"
 
-	chiSession "gitea.com/go-chi/session"
 	"github.com/gorilla/sessions"
 )
 
@@ -35,11 +34,11 @@ func (st *SessionsStore) New(r *http.Request, name string) (*sessions.Session, e
 
 // getOrNew gets the session from the chi-session if it exists. Override permits the overriding of an unexpected object.
 func (st *SessionsStore) getOrNew(r *http.Request, name string, override bool) (*sessions.Session, error) {
-	chiStore := chiSession.GetSession(r)
+	store := session_module.GetContextSession(r)
 
 	session := sessions.NewSession(st, name)
 
-	rawData := chiStore.Get(name)
+	rawData := store.Get(name)
 	if rawData != nil {
 		oldSession, ok := rawData.(*sessions.Session)
 		if ok {
@@ -56,21 +55,21 @@ func (st *SessionsStore) getOrNew(r *http.Request, name string, override bool) (
 	}
 
 	session.IsNew = override
-	session.ID = chiStore.ID() // Simply copy the session id from the chi store
+	session.ID = store.ID() // Simply copy the session id from the chi store
 
-	return session, chiStore.Set(name, session)
+	return session, store.Set(name, session)
 }
 
 // Save should persist session to the underlying store implementation.
 func (st *SessionsStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
-	chiStore := chiSession.GetSession(r)
+	store := session_module.GetContextSession(r)
 
 	if session.IsNew {
 		_, _ = session_module.RegenerateSession(w, r)
 		session.IsNew = false
 	}
 
-	if err := chiStore.Set(session.Name(), session); err != nil {
+	if err := store.Set(session.Name(), session); err != nil {
 		return err
 	}
 
@@ -83,7 +82,7 @@ func (st *SessionsStore) Save(r *http.Request, w http.ResponseWriter, session *s
 		}
 	}
 
-	return chiStore.Release()
+	return store.Release()
 }
 
 type sizeWriter struct {
diff --git a/services/auth/source/oauth2/urlmapping.go b/services/auth/source/oauth2/urlmapping.go
index d0442d58a8..b9f445caa7 100644
--- a/services/auth/source/oauth2/urlmapping.go
+++ b/services/auth/source/oauth2/urlmapping.go
@@ -14,11 +14,11 @@ type CustomURLMapping struct {
 
 // CustomURLSettings describes the urls values and availability to use when customizing OAuth2 provider URLs
 type CustomURLSettings struct {
-	AuthURL    Attribute `json:",omitempty"`
-	TokenURL   Attribute `json:",omitempty"`
-	ProfileURL Attribute `json:",omitempty"`
-	EmailURL   Attribute `json:",omitempty"`
-	Tenant     Attribute `json:",omitempty"`
+	AuthURL    Attribute
+	TokenURL   Attribute
+	ProfileURL Attribute
+	EmailURL   Attribute
+	Tenant     Attribute
 }
 
 // Attribute describes the availability, and required status for a custom url configuration
diff --git a/services/auth/source/pam/assert_interface_test.go b/services/auth/source/pam/assert_interface_test.go
index 8e7648b8d3..908d097d96 100644
--- a/services/auth/source/pam/assert_interface_test.go
+++ b/services/auth/source/pam/assert_interface_test.go
@@ -15,7 +15,6 @@ import (
 type sourceInterface interface {
 	auth.PasswordAuthenticator
 	auth_model.Config
-	auth_model.SourceSettable
 }
 
 var _ (sourceInterface) = &pam.Source{}
diff --git a/services/auth/source/pam/source.go b/services/auth/source/pam/source.go
index 96b182e185..d1db6db9b7 100644
--- a/services/auth/source/pam/source.go
+++ b/services/auth/source/pam/source.go
@@ -17,12 +17,10 @@ import (
 
 // Source holds configuration for the PAM login source.
 type Source struct {
-	ServiceName    string // pam service (e.g. system-auth)
-	EmailDomain    string
-	SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
+	auth.ConfigBase `json:"-"`
 
-	// reference to the authSource
-	authSource *auth.Source
+	ServiceName string // pam service (e.g. system-auth)
+	EmailDomain string
 }
 
 // FromDB fills up a PAMConfig from serialized format.
@@ -35,11 +33,6 @@ func (source *Source) ToDB() ([]byte, error) {
 	return json.Marshal(source)
 }
 
-// SetAuthSource sets the related AuthSource
-func (source *Source) SetAuthSource(authSource *auth.Source) {
-	source.authSource = authSource
-}
-
 func init() {
 	auth.RegisterTypeConfig(auth.PAM, &Source{})
 }
diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go
index 6fd02dc29f..db7c6aab96 100644
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@@ -56,7 +56,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 		Email:       email,
 		Passwd:      password,
 		LoginType:   auth.PAM,
-		LoginSource: source.authSource.ID,
+		LoginSource: source.AuthSource.ID,
 		LoginName:   userName, // This is what the user typed in
 	}
 	overwriteDefault := &user_model.CreateUserOverwriteOptions{
@@ -69,8 +69,3 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 
 	return user, nil
 }
-
-// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
-func (source *Source) IsSkipLocalTwoFA() bool {
-	return source.SkipLocalTwoFA
-}
diff --git a/services/auth/source/smtp/assert_interface_test.go b/services/auth/source/smtp/assert_interface_test.go
index 6c9cde66e1..56edad0c71 100644
--- a/services/auth/source/smtp/assert_interface_test.go
+++ b/services/auth/source/smtp/assert_interface_test.go
@@ -18,7 +18,6 @@ type sourceInterface interface {
 	auth_model.SkipVerifiable
 	auth_model.HasTLSer
 	auth_model.UseTLSer
-	auth_model.SourceSettable
 }
 
 var _ (sourceInterface) = &smtp.Source{}
diff --git a/services/auth/source/smtp/source.go b/services/auth/source/smtp/source.go
index 2a648e421e..2ae81ad4f2 100644
--- a/services/auth/source/smtp/source.go
+++ b/services/auth/source/smtp/source.go
@@ -17,6 +17,8 @@ import (
 
 // Source holds configuration for the SMTP login source.
 type Source struct {
+	auth.ConfigBase `json:"-"`
+
 	Auth           string
 	Host           string
 	Port           int
@@ -25,10 +27,6 @@ type Source struct {
 	SkipVerify     bool
 	HeloHostname   string
 	DisableHelo    bool
-	SkipLocalTwoFA bool `json:",omitempty"`
-
-	// reference to the authSource
-	authSource *auth.Source
 }
 
 // FromDB fills up an SMTPConfig from serialized format.
@@ -56,11 +54,6 @@ func (source *Source) UseTLS() bool {
 	return source.ForceSMTPS || source.Port == 465
 }
 
-// SetAuthSource sets the related AuthSource
-func (source *Source) SetAuthSource(authSource *auth.Source) {
-	source.authSource = authSource
-}
-
 func init() {
 	auth.RegisterTypeConfig(auth.SMTP, &Source{})
 }
diff --git a/services/auth/source/smtp/source_authenticate.go b/services/auth/source/smtp/source_authenticate.go
index b2e94933a6..b8e668f5f9 100644
--- a/services/auth/source/smtp/source_authenticate.go
+++ b/services/auth/source/smtp/source_authenticate.go
@@ -72,7 +72,7 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 		Email:       userName,
 		Passwd:      password,
 		LoginType:   auth_model.SMTP,
-		LoginSource: source.authSource.ID,
+		LoginSource: source.AuthSource.ID,
 		LoginName:   userName,
 	}
 	overwriteDefault := &user_model.CreateUserOverwriteOptions{
@@ -85,8 +85,3 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 
 	return user, nil
 }
-
-// IsSkipLocalTwoFA returns if this source should skip local 2fa for password authentication
-func (source *Source) IsSkipLocalTwoFA() bool {
-	return source.SkipLocalTwoFA
-}
diff --git a/services/auth/source/sspi/source.go b/services/auth/source/sspi/source.go
index bdd6ef451c..3b7b5cb033 100644
--- a/services/auth/source/sspi/source.go
+++ b/services/auth/source/sspi/source.go
@@ -17,6 +17,8 @@ import (
 
 // Source holds configuration for SSPI single sign-on.
 type Source struct {
+	auth.ConfigBase `json:"-"`
+
 	AutoCreateUsers      bool
 	AutoActivateUsers    bool
 	StripDomainNames     bool
diff --git a/services/automerge/automerge.go b/services/automerge/automerge.go
index 62d560ff94..a60883b4cc 100644
--- a/services/automerge/automerge.go
+++ b/services/automerge/automerge.go
@@ -22,23 +22,21 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/queue"
+	"code.gitea.io/gitea/services/automergequeue"
 	notify_service "code.gitea.io/gitea/services/notify"
 	pull_service "code.gitea.io/gitea/services/pull"
 	repo_service "code.gitea.io/gitea/services/repository"
 )
 
-// prAutoMergeQueue represents a queue to handle update pull request tests
-var prAutoMergeQueue *queue.WorkerPoolQueue[string]
-
 // Init runs the task queue to that handles auto merges
 func Init() error {
 	notify_service.RegisterNotifier(NewNotifier())
 
-	prAutoMergeQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "pr_auto_merge", handler)
-	if prAutoMergeQueue == nil {
-		return fmt.Errorf("unable to create pr_auto_merge queue")
+	automergequeue.AutoMergeQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "pr_auto_merge", handler)
+	if automergequeue.AutoMergeQueue == nil {
+		return errors.New("unable to create pr_auto_merge queue")
 	}
-	go graceful.GetManager().RunWithCancel(prAutoMergeQueue)
+	go graceful.GetManager().RunWithCancel(automergequeue.AutoMergeQueue)
 	return nil
 }
 
@@ -56,24 +54,23 @@ func handler(items ...string) []string {
 	return nil
 }
 
-func addToQueue(pr *issues_model.PullRequest, sha string) {
-	log.Trace("Adding pullID: %d to the pull requests patch checking queue with sha %s", pr.ID, sha)
-	if err := prAutoMergeQueue.Push(fmt.Sprintf("%d_%s", pr.ID, sha)); err != nil {
-		log.Error("Error adding pullID: %d to the pull requests patch checking queue %v", pr.ID, err)
-	}
-}
-
 // ScheduleAutoMerge if schedule is false and no error, pull can be merged directly
 func ScheduleAutoMerge(ctx context.Context, doer *user_model.User, pull *issues_model.PullRequest, style repo_model.MergeStyle, message string, deleteBranchAfterMerge bool) (scheduled bool, err error) {
 	err = db.WithTx(ctx, func(ctx context.Context) error {
 		if err := pull_model.ScheduleAutoMerge(ctx, doer, pull.ID, style, message, deleteBranchAfterMerge); err != nil {
 			return err
 		}
-		scheduled = true
-
 		_, err = issues_model.CreateAutoMergeComment(ctx, issues_model.CommentTypePRScheduledToAutoMerge, pull, doer)
 		return err
 	})
+	// Old code made "scheduled" to be true after "ScheduleAutoMerge", but it's not right:
+	// If the transaction rolls back, then the pull request is not scheduled to auto merge.
+	// So we should only set "scheduled" to true if there is no error.
+	scheduled = err == nil
+	if scheduled {
+		log.Trace("Pull request [%d] scheduled for auto merge with style [%s] and message [%s]", pull.ID, style, message)
+		automergequeue.StartPRCheckAndAutoMerge(ctx, pull)
+	}
 	return scheduled, err
 }
 
@@ -99,38 +96,12 @@ func StartPRCheckAndAutoMergeBySHA(ctx context.Context, sha string, repo *repo_m
 	}
 
 	for _, pr := range pulls {
-		addToQueue(pr, sha)
+		automergequeue.AddToQueue(pr, sha)
 	}
 
 	return nil
 }
 
-// StartPRCheckAndAutoMerge start an automerge check and auto merge task for a pull request
-func StartPRCheckAndAutoMerge(ctx context.Context, pull *issues_model.PullRequest) {
-	if pull == nil || pull.HasMerged || !pull.CanAutoMerge() {
-		return
-	}
-
-	if err := pull.LoadBaseRepo(ctx); err != nil {
-		log.Error("LoadBaseRepo: %v", err)
-		return
-	}
-
-	gitRepo, err := gitrepo.OpenRepository(ctx, pull.BaseRepo)
-	if err != nil {
-		log.Error("OpenRepository: %v", err)
-		return
-	}
-	defer gitRepo.Close()
-	commitID, err := gitRepo.GetRefCommitID(pull.GetGitRefName())
-	if err != nil {
-		log.Error("GetRefCommitID: %v", err)
-		return
-	}
-
-	addToQueue(pull, commitID)
-}
-
 func getPullRequestsByHeadSHA(ctx context.Context, sha string, repo *repo_model.Repository, filter func(*issues_model.PullRequest) bool) (map[int64]*issues_model.PullRequest, error) {
 	gitRepo, err := gitrepo.OpenRepository(ctx, repo)
 	if err != nil {
@@ -216,7 +187,7 @@ func handlePullRequestAutoMerge(pullID int64, sha string) {
 	}
 	defer baseGitRepo.Close()
 
-	headCommitID, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+	headCommitID, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	if err != nil {
 		log.Error("GetRefCommitID: %v", err)
 		return
@@ -254,7 +225,7 @@ func handlePullRequestAutoMerge(pullID int64, sha string) {
 			return
 		}
 	case issues_model.PullRequestFlowAGit:
-		headBranchExist := gitrepo.IsReferenceExist(ctx, pr.BaseRepo, pr.GetGitRefName())
+		headBranchExist := gitrepo.IsReferenceExist(ctx, pr.BaseRepo, pr.GetGitHeadRefName())
 		if !headBranchExist {
 			log.Warn("Head branch of auto merge %-v does not exist [HeadRepoID: %d, Branch(Agit): %s]", pr, pr.HeadRepoID, pr.HeadBranch)
 			return
@@ -289,7 +260,7 @@ func handlePullRequestAutoMerge(pullID int64, sha string) {
 	}
 
 	if err := pull_service.CheckPullMergeable(ctx, doer, &perm, pr, pull_service.MergeCheckTypeGeneral, false); err != nil {
-		if errors.Is(err, pull_service.ErrUserNotAllowedToMerge) {
+		if errors.Is(err, pull_service.ErrNotReadyToMerge) {
 			log.Info("%-v was scheduled to automerge by an unauthorized user", pr)
 			return
 		}
diff --git a/services/automerge/notify.go b/services/automerge/notify.go
index b6bbca333b..8a1bb5fc90 100644
--- a/services/automerge/notify.go
+++ b/services/automerge/notify.go
@@ -12,6 +12,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/repository"
+	"code.gitea.io/gitea/services/automergequeue"
 	notify_service "code.gitea.io/gitea/services/notify"
 )
 
@@ -45,7 +46,7 @@ func (n *automergeNotifier) PullReviewDismiss(ctx context.Context, doer *user_mo
 		return
 	}
 	// as reviews could have blocked a pending automerge let's recheck
-	StartPRCheckAndAutoMerge(ctx, review.Issue.PullRequest)
+	automergequeue.StartPRCheckAndAutoMerge(ctx, review.Issue.PullRequest)
 }
 
 func (n *automergeNotifier) CreateCommitStatus(ctx context.Context, repo *repo_model.Repository, commit *repository.PushCommit, sender *user_model.User, status *git_model.CommitStatus) {
diff --git a/services/automergequeue/automergequeue.go b/services/automergequeue/automergequeue.go
new file mode 100644
index 0000000000..fa9c04da87
--- /dev/null
+++ b/services/automergequeue/automergequeue.go
@@ -0,0 +1,49 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package automergequeue
+
+import (
+	"context"
+	"fmt"
+
+	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/queue"
+)
+
+var AutoMergeQueue *queue.WorkerPoolQueue[string]
+
+var AddToQueue = func(pr *issues_model.PullRequest, sha string) {
+	log.Trace("Adding pullID: %d to the pull requests patch checking queue with sha %s", pr.ID, sha)
+	if err := AutoMergeQueue.Push(fmt.Sprintf("%d_%s", pr.ID, sha)); err != nil {
+		log.Error("Error adding pullID: %d to the pull requests patch checking queue %v", pr.ID, err)
+	}
+}
+
+// StartPRCheckAndAutoMerge start an automerge check and auto merge task for a pull request
+func StartPRCheckAndAutoMerge(ctx context.Context, pull *issues_model.PullRequest) {
+	if pull == nil || pull.HasMerged || !pull.CanAutoMerge() {
+		return
+	}
+
+	if err := pull.LoadBaseRepo(ctx); err != nil {
+		log.Error("LoadBaseRepo: %v", err)
+		return
+	}
+
+	gitRepo, err := gitrepo.OpenRepository(ctx, pull.BaseRepo)
+	if err != nil {
+		log.Error("OpenRepository: %v", err)
+		return
+	}
+	defer gitRepo.Close()
+	commitID, err := gitRepo.GetRefCommitID(pull.GetGitHeadRefName())
+	if err != nil {
+		log.Error("GetRefCommitID: %v", err)
+		return
+	}
+
+	AddToQueue(pull, commitID)
+}
diff --git a/services/context/access_log.go b/services/context/access_log.go
index 925e4a3056..caade113a7 100644
--- a/services/context/access_log.go
+++ b/services/context/access_log.go
@@ -5,7 +5,6 @@ package context
 
 import (
 	"bytes"
-	"fmt"
 	"net"
 	"net/http"
 	"strings"
@@ -47,7 +46,7 @@ func parseRequestIDFromRequestHeader(req *http.Request) string {
 		}
 	}
 	if len(requestID) > maxRequestIDByteLength {
-		requestID = fmt.Sprintf("%s...", requestID[:maxRequestIDByteLength])
+		requestID = requestID[:maxRequestIDByteLength] + "..."
 	}
 	return requestID
 }
diff --git a/services/context/access_log_test.go b/services/context/access_log_test.go
index c40ef9acd1..139a6eb217 100644
--- a/services/context/access_log_test.go
+++ b/services/context/access_log_test.go
@@ -59,7 +59,7 @@ func TestAccessLogger(t *testing.T) {
 	recorder.logger = mockLogger
 	req := &http.Request{
 		RemoteAddr: "remote-addr",
-		Method:     "GET",
+		Method:     http.MethodGet,
 		Proto:      "https",
 		URL:        &url.URL{Path: "/path"},
 	}
diff --git a/services/context/api.go b/services/context/api.go
index 10fad419ba..ab50a360f4 100644
--- a/services/context/api.go
+++ b/services/context/api.go
@@ -9,11 +9,14 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"slices"
+	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/httpcache"
 	"code.gitea.io/gitea/modules/log"
@@ -168,7 +171,7 @@ func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
 	if paginater.HasNext() {
 		u := *curURL
 		queries := u.Query()
-		queries.Set("page", fmt.Sprintf("%d", paginater.Next()))
+		queries.Set("page", strconv.Itoa(paginater.Next()))
 		u.RawQuery = queries.Encode()
 
 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"next\"", setting.AppURL, u.RequestURI()[1:]))
@@ -176,7 +179,7 @@ func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
 	if !paginater.IsLast() {
 		u := *curURL
 		queries := u.Query()
-		queries.Set("page", fmt.Sprintf("%d", paginater.TotalPages()))
+		queries.Set("page", strconv.Itoa(paginater.TotalPages()))
 		u.RawQuery = queries.Encode()
 
 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"last\"", setting.AppURL, u.RequestURI()[1:]))
@@ -192,7 +195,7 @@ func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
 	if paginater.HasPrevious() {
 		u := *curURL
 		queries := u.Query()
-		queries.Set("page", fmt.Sprintf("%d", paginater.Previous()))
+		queries.Set("page", strconv.Itoa(paginater.Previous()))
 		u.RawQuery = queries.Encode()
 
 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"prev\"", setting.AppURL, u.RequestURI()[1:]))
@@ -225,7 +228,7 @@ func APIContexter() func(http.Handler) http.Handler {
 			ctx.SetContextValue(apiContextKey, ctx)
 
 			// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
-			if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
+			if ctx.Req.Method == http.MethodPost && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
 				if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
 					ctx.APIErrorInternal(err)
 					return
@@ -243,8 +246,8 @@ func APIContexter() func(http.Handler) http.Handler {
 // APIErrorNotFound handles 404s for APIContext
 // String will replace message, errors will be added to a slice
 func (ctx *APIContext) APIErrorNotFound(objs ...any) {
-	message := ctx.Locale.TrString("error.not_found")
-	var errors []string
+	var message string
+	var errs []string
 	for _, obj := range objs {
 		// Ignore nil
 		if obj == nil {
@@ -252,16 +255,15 @@ func (ctx *APIContext) APIErrorNotFound(objs ...any) {
 		}
 
 		if err, ok := obj.(error); ok {
-			errors = append(errors, err.Error())
+			errs = append(errs, err.Error())
 		} else {
 			message = obj.(string)
 		}
 	}
-
 	ctx.JSON(http.StatusNotFound, map[string]any{
-		"message": message,
+		"message": util.IfZero(message, "not found"), // do not use locale in API
 		"url":     setting.API.SwaggerURL,
-		"errors":  errors,
+		"errors":  errs,
 	})
 }
 
@@ -297,39 +299,27 @@ func RepoRefForAPI(next http.Handler) http.Handler {
 		}
 
 		if ctx.Repo.GitRepo == nil {
-			ctx.APIErrorInternal(fmt.Errorf("no open git repo"))
-			return
+			panic("no GitRepo, forgot to call the middleware?") // it is a programming error
 		}
 
-		refName, _, _ := getRefNameLegacy(ctx.Base, ctx.Repo, ctx.PathParam("*"), ctx.FormTrim("ref"))
+		refName, refType, _ := getRefNameLegacy(ctx.Base, ctx.Repo, ctx.PathParam("*"), ctx.FormTrim("ref"))
 		var err error
-
-		if gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, refName) {
+		switch refType {
+		case git.RefTypeBranch:
 			ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName)
-			if err != nil {
-				ctx.APIErrorInternal(err)
-				return
-			}
-			ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
-		} else if gitrepo.IsTagExist(ctx, ctx.Repo.Repository, refName) {
+		case git.RefTypeTag:
 			ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetTagCommit(refName)
-			if err != nil {
-				ctx.APIErrorInternal(err)
-				return
-			}
-			ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
-		} else if len(refName) == ctx.Repo.GetObjectFormat().FullLength() {
-			ctx.Repo.CommitID = refName
+		case git.RefTypeCommit:
 			ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetCommit(refName)
-			if err != nil {
-				ctx.APIErrorNotFound("GetCommit", err)
-				return
-			}
-		} else {
-			ctx.APIErrorNotFound(fmt.Errorf("not exist: '%s'", ctx.PathParam("*")))
+		}
+		if ctx.Repo.Commit == nil || errors.Is(err, util.ErrNotExist) {
+			ctx.APIErrorNotFound("unable to find a git ref")
+			return
+		} else if err != nil {
+			ctx.APIErrorInternal(err)
 			return
 		}
-
+		ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
 		next.ServeHTTP(w, req)
 	})
 }
@@ -375,11 +365,5 @@ func (ctx *APIContext) IsUserRepoAdmin() bool {
 
 // IsUserRepoWriter returns true if current user has "write" privilege in current repo
 func (ctx *APIContext) IsUserRepoWriter(unitTypes []unit.Type) bool {
-	for _, unitType := range unitTypes {
-		if ctx.Repo.CanWrite(unitType) {
-			return true
-		}
-	}
-
-	return false
+	return slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite)
 }
diff --git a/services/context/api_test.go b/services/context/api_test.go
index 911a49949e..87d74004db 100644
--- a/services/context/api_test.go
+++ b/services/context/api_test.go
@@ -45,6 +45,6 @@ func TestGenAPILinks(t *testing.T) {
 
 		links := genAPILinks(u, 100, 20, curPage)
 
-		assert.EqualValues(t, links, response)
+		assert.Equal(t, links, response)
 	}
 }
diff --git a/services/context/base.go b/services/context/base.go
index 3701668bf6..28d6656fd1 100644
--- a/services/context/base.go
+++ b/services/context/base.go
@@ -8,6 +8,7 @@ import (
 	"html/template"
 	"io"
 	"net/http"
+	"strconv"
 	"strings"
 
 	"code.gitea.io/gitea/modules/httplib"
@@ -53,7 +54,7 @@ func (b *Base) AppendAccessControlExposeHeaders(names ...string) {
 
 // SetTotalCountHeader set "X-Total-Count" header
 func (b *Base) SetTotalCountHeader(total int64) {
-	b.RespHeader().Set("X-Total-Count", fmt.Sprint(total))
+	b.RespHeader().Set("X-Total-Count", strconv.FormatInt(total, 10))
 	b.AppendAccessControlExposeHeaders("X-Total-Count")
 }
 
@@ -82,6 +83,7 @@ func (b *Base) RespHeader() http.Header {
 }
 
 // HTTPError returned an error to web browser
+// FIXME: many calls to this HTTPError are not right: it shouldn't expose err.Error() directly, it doesn't accept more than one content
 func (b *Base) HTTPError(status int, contents ...string) {
 	v := http.StatusText(status)
 	if len(contents) > 0 {
diff --git a/services/context/base_form.go b/services/context/base_form.go
index 5b8cae9e99..81fd7cd328 100644
--- a/services/context/base_form.go
+++ b/services/context/base_form.go
@@ -12,6 +12,8 @@ import (
 )
 
 // FormString returns the first value matching the provided key in the form as a string
+// It works the same as http.Request.FormValue:
+// try urlencoded request body first, then query string, then multipart form body
 func (b *Base) FormString(key string, def ...string) string {
 	s := b.Req.FormValue(key)
 	if s == "" {
@@ -20,7 +22,7 @@ func (b *Base) FormString(key string, def ...string) string {
 	return s
 }
 
-// FormStrings returns a string slice for the provided key from the form
+// FormStrings returns a values for the key in the form (including query parameters), similar to FormString
 func (b *Base) FormStrings(key string) []string {
 	if b.Req.Form == nil {
 		if err := b.Req.ParseMultipartForm(32 << 20); err != nil {
diff --git a/services/context/base_test.go b/services/context/base_test.go
index b936b76f58..2a4f86dddf 100644
--- a/services/context/base_test.go
+++ b/services/context/base_test.go
@@ -15,7 +15,7 @@ import (
 
 func TestRedirect(t *testing.T) {
 	setting.IsInTesting = true
-	req, _ := http.NewRequest("GET", "/", nil)
+	req, _ := http.NewRequest(http.MethodGet, "/", nil)
 
 	cases := []struct {
 		url  string
@@ -36,7 +36,7 @@ func TestRedirect(t *testing.T) {
 		assert.Equal(t, c.keep, has, "url = %q", c.url)
 	}
 
-	req, _ = http.NewRequest("GET", "/", nil)
+	req, _ = http.NewRequest(http.MethodGet, "/", nil)
 	resp := httptest.NewRecorder()
 	req.Header.Add("HX-Request", "true")
 	b := NewBaseContextForTest(resp, req)
diff --git a/services/context/context.go b/services/context/context.go
index 79bc5da920..32ec260aab 100644
--- a/services/context/context.go
+++ b/services/context/context.go
@@ -23,6 +23,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/translation"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/modules/web/middleware"
 	web_types "code.gitea.io/gitea/modules/web/types"
@@ -184,7 +185,7 @@ func Contexter() func(next http.Handler) http.Handler {
 			})
 
 			// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
-			if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
+			if ctx.Req.Method == http.MethodPost && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
 				if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
 					ctx.ServerError("ParseMultipartForm", err)
 					return
@@ -196,6 +197,8 @@ func Contexter() func(next http.Handler) http.Handler {
 
 			ctx.Data["SystemConfig"] = setting.Config()
 
+			ctx.Data["ShowTwoFactorRequiredMessage"] = ctx.DoerNeedTwoFactorAuth()
+
 			// FIXME: do we really always need these setting? There should be someway to have to avoid having to always set these
 			ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 			ctx.Data["DisableStars"] = setting.Repository.DisableStars
@@ -209,6 +212,13 @@ func Contexter() func(next http.Handler) http.Handler {
 	}
 }
 
+func (ctx *Context) DoerNeedTwoFactorAuth() bool {
+	if !setting.TwoFactorAuthEnforced {
+		return false
+	}
+	return ctx.Session.Get(session.KeyUserHasTwoFactorAuth) == false
+}
+
 // HasError returns true if error occurs in form validation.
 // Attention: this function changes ctx.Data and ctx.Flash
 // If HasError is called, then before Redirect, the error message should be stored by ctx.Flash.Error(ctx.GetErrMsg()) again.
@@ -252,3 +262,11 @@ func (ctx *Context) JSONError(msg any) {
 		panic(fmt.Sprintf("unsupported type: %T", msg))
 	}
 }
+
+func (ctx *Context) JSONErrorNotFound(optMsg ...string) {
+	msg := util.OptionalArg(optMsg)
+	if msg == "" {
+		msg = ctx.Locale.TrString("error.not_found")
+	}
+	ctx.JSON(http.StatusNotFound, map[string]any{"errorMessage": msg, "renderFormat": "text"})
+}
diff --git a/services/context/context_response.go b/services/context/context_response.go
index 61b432395a..3f64fc7352 100644
--- a/services/context/context_response.go
+++ b/services/context/context_response.go
@@ -92,7 +92,7 @@ func (ctx *Context) HTML(status int, name templates.TplName) {
 }
 
 // JSONTemplate renders the template as JSON response
-// keep in mind that the template is processed in HTML context, so JSON-things should be handled carefully, eg: by JSEscape
+// keep in mind that the template is processed in HTML context, so JSON things should be handled carefully, e.g.: use JSEscape
 func (ctx *Context) JSONTemplate(tmpl templates.TplName) {
 	t, err := ctx.Render.TemplateLookup(string(tmpl), nil)
 	if err != nil {
@@ -150,7 +150,7 @@ func (ctx *Context) notFoundInternal(logMsg string, logErr error) {
 
 	ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
 	ctx.Data["Title"] = "Page Not Found"
-	ctx.HTML(http.StatusNotFound, templates.TplName("status/404"))
+	ctx.HTML(http.StatusNotFound, "status/404")
 }
 
 // ServerError displays a 500 (Internal Server Error) page and prints the given error, if any.
diff --git a/services/context/org.go b/services/context/org.go
index 992a48afa0..1cd8923178 100644
--- a/services/context/org.go
+++ b/services/context/org.go
@@ -182,7 +182,7 @@ func OrgAssignment(opts OrgAssignmentOptions) func(ctx *Context) {
 					return
 				}
 				for _, team := range teams {
-					if team.IncludesAllRepositories && team.AccessMode >= perm.AccessModeAdmin {
+					if team.IncludesAllRepositories && team.HasAdminAccess() {
 						shouldSeeAllTeams = true
 						break
 					}
@@ -208,7 +208,7 @@ func OrgAssignment(opts OrgAssignmentOptions) func(ctx *Context) {
 		if len(teamName) > 0 {
 			teamExists := false
 			for _, team := range ctx.Org.Teams {
-				if team.LowerName == strings.ToLower(teamName) {
+				if strings.EqualFold(team.LowerName, teamName) {
 					teamExists = true
 					ctx.Org.Team = team
 					ctx.Org.IsTeamMember = true
@@ -228,7 +228,7 @@ func OrgAssignment(opts OrgAssignmentOptions) func(ctx *Context) {
 				return
 			}
 
-			ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.AccessMode >= perm.AccessModeAdmin
+			ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.HasAdminAccess()
 			ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin
 			if opts.RequireTeamAdmin && !ctx.Org.IsTeamAdmin {
 				ctx.NotFound(err)
diff --git a/services/context/package.go b/services/context/package.go
index 64bb4f3ecd..8b722932b1 100644
--- a/services/context/package.go
+++ b/services/context/package.go
@@ -93,7 +93,7 @@ func packageAssignment(ctx *packageAssignmentCtx, errCb func(int, any)) *Package
 }
 
 func determineAccessMode(ctx *Base, pkg *Package, doer *user_model.User) (perm.AccessMode, error) {
-	if setting.Service.RequireSignInView && (doer == nil || doer.IsGhost()) {
+	if setting.Service.RequireSignInViewStrict && (doer == nil || doer.IsGhost()) {
 		return perm.AccessModeNone, nil
 	}
 
diff --git a/services/context/pagination.go b/services/context/pagination.go
index 25a9298e01..2a9805db05 100644
--- a/services/context/pagination.go
+++ b/services/context/pagination.go
@@ -33,8 +33,8 @@ func (p *Pagination) WithCurRows(n int) *Pagination {
 	return p
 }
 
-func (p *Pagination) AddParamFromRequest(req *http.Request) {
-	for key, values := range req.URL.Query() {
+func (p *Pagination) AddParamFromQuery(q url.Values) {
+	for key, values := range q {
 		if key == "page" || len(values) == 0 || (len(values) == 1 && values[0] == "") {
 			continue
 		}
@@ -45,6 +45,10 @@ func (p *Pagination) AddParamFromRequest(req *http.Request) {
 	}
 }
 
+func (p *Pagination) AddParamFromRequest(req *http.Request) {
+	p.AddParamFromQuery(req.URL.Query())
+}
+
 // GetParams returns the configured URL params
 func (p *Pagination) GetParams() template.URL {
 	return template.URL(strings.Join(p.urlParams, "&"))
diff --git a/services/context/permission.go b/services/context/permission.go
index 7055f798da..c0a5a98724 100644
--- a/services/context/permission.go
+++ b/services/context/permission.go
@@ -5,6 +5,7 @@ package context
 
 import (
 	"net/http"
+	"slices"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -34,10 +35,8 @@ func CanWriteToBranch() func(ctx *Context) {
 // RequireUnitWriter returns a middleware for requiring repository write to one of the unit permission
 func RequireUnitWriter(unitTypes ...unit.Type) func(ctx *Context) {
 	return func(ctx *Context) {
-		for _, unitType := range unitTypes {
-			if ctx.Repo.CanWrite(unitType) {
-				return
-			}
+		if slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite) {
+			return
 		}
 		ctx.NotFound(nil)
 	}
diff --git a/services/context/private.go b/services/context/private.go
index 51857da8fe..d20e49f588 100644
--- a/services/context/private.go
+++ b/services/context/private.go
@@ -5,7 +5,6 @@ package context
 
 import (
 	"context"
-	"fmt"
 	"net/http"
 	"time"
 
@@ -29,7 +28,6 @@ func init() {
 	})
 }
 
-// Deadline is part of the interface for context.Context and we pass this to the request context
 func (ctx *PrivateContext) Deadline() (deadline time.Time, ok bool) {
 	if ctx.Override != nil {
 		return ctx.Override.Deadline()
@@ -37,7 +35,6 @@ func (ctx *PrivateContext) Deadline() (deadline time.Time, ok bool) {
 	return ctx.Base.Deadline()
 }
 
-// Done is part of the interface for context.Context and we pass this to the request context
 func (ctx *PrivateContext) Done() <-chan struct{} {
 	if ctx.Override != nil {
 		return ctx.Override.Done()
@@ -45,7 +42,6 @@ func (ctx *PrivateContext) Done() <-chan struct{} {
 	return ctx.Base.Done()
 }
 
-// Err is part of the interface for context.Context and we pass this to the request context
 func (ctx *PrivateContext) Err() error {
 	if ctx.Override != nil {
 		return ctx.Override.Err()
@@ -53,14 +49,14 @@ func (ctx *PrivateContext) Err() error {
 	return ctx.Base.Err()
 }
 
-var privateContextKey any = "default_private_context"
+type privateContextKeyType struct{}
+
+var privateContextKey privateContextKeyType
 
-// GetPrivateContext returns a context for Private routes
 func GetPrivateContext(req *http.Request) *PrivateContext {
 	return req.Context().Value(privateContextKey).(*PrivateContext)
 }
 
-// PrivateContexter returns apicontext as middleware
 func PrivateContexter() func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
@@ -82,7 +78,7 @@ func OverrideContext() func(http.Handler) http.Handler {
 			// We now need to override the request context as the base for our work because even if the request is cancelled we have to continue this work
 			ctx := GetPrivateContext(req)
 			var finished func()
-			ctx.Override, _, finished = process.GetManager().AddTypedContext(graceful.GetManager().HammerContext(), fmt.Sprintf("PrivateContext: %s", ctx.Req.RequestURI), process.RequestProcessType, true)
+			ctx.Override, _, finished = process.GetManager().AddTypedContext(graceful.GetManager().HammerContext(), "PrivateContext: "+ctx.Req.RequestURI, process.RequestProcessType, true)
 			defer finished()
 			next.ServeHTTP(ctx.Resp, ctx.Req)
 		})
diff --git a/services/context/repo.go b/services/context/repo.go
index 6eccd1312a..afc6de9b16 100644
--- a/services/context/repo.go
+++ b/services/context/repo.go
@@ -71,11 +71,6 @@ func (r *Repository) CanWriteToBranch(ctx context.Context, user *user_model.User
 	return issues_model.CanMaintainerWriteToBranch(ctx, r.Permission, branch, user)
 }
 
-// CanEnableEditor returns true if repository is editable and user has proper access level.
-func (r *Repository) CanEnableEditor(ctx context.Context, user *user_model.User) bool {
-	return r.RefFullName.IsBranch() && r.CanWriteToBranch(ctx, user, r.BranchName) && r.Repository.CanEnableEditor() && !r.Repository.IsArchived
-}
-
 // CanCreateBranch returns true if repository is editable and user has proper access level.
 func (r *Repository) CanCreateBranch() bool {
 	return r.Permission.CanWrite(unit_model.TypeCode) && r.Repository.CanCreateBranch()
@@ -94,58 +89,100 @@ func RepoMustNotBeArchived() func(ctx *Context) {
 	}
 }
 
-// CanCommitToBranchResults represents the results of CanCommitToBranch
-type CanCommitToBranchResults struct {
-	CanCommitToBranch bool
-	EditorEnabled     bool
-	UserCanPush       bool
-	RequireSigned     bool
-	WillSign          bool
-	SigningKey        string
-	WontSignReason    string
+type CommitFormOptions struct {
+	NeedFork bool
+
+	TargetRepo               *repo_model.Repository
+	TargetFormAction         string
+	WillSubmitToFork         bool
+	CanCommitToBranch        bool
+	UserCanPush              bool
+	RequireSigned            bool
+	WillSign                 bool
+	SigningKey               *git.SigningKey
+	WontSignReason           string
+	CanCreatePullRequest     bool
+	CanCreateBasePullRequest bool
 }
 
-// CanCommitToBranch returns true if repository is editable and user has proper access level
-//
-// and branch is not protected for push
-func (r *Repository) CanCommitToBranch(ctx context.Context, doer *user_model.User) (CanCommitToBranchResults, error) {
-	protectedBranch, err := git_model.GetFirstMatchProtectedBranchRule(ctx, r.Repository.ID, r.BranchName)
+func PrepareCommitFormOptions(ctx *Context, doer *user_model.User, targetRepo *repo_model.Repository, doerRepoPerm access_model.Permission, refName git.RefName) (*CommitFormOptions, error) {
+	if !refName.IsBranch() {
+		// it shouldn't happen because middleware already checks
+		return nil, util.NewInvalidArgumentErrorf("ref %q is not a branch", refName)
+	}
+
+	originRepo := targetRepo
+	branchName := refName.ShortName()
+	// TODO: CanMaintainerWriteToBranch is a bad name, but it really does what "CanWriteToBranch" does
+	if !issues_model.CanMaintainerWriteToBranch(ctx, doerRepoPerm, branchName, doer) {
+		targetRepo = repo_model.GetForkedRepo(ctx, doer.ID, targetRepo.ID)
+		if targetRepo == nil {
+			return &CommitFormOptions{NeedFork: true}, nil
+		}
+		// now, we get our own forked repo; it must be writable by us.
+	}
+	submitToForkedRepo := targetRepo.ID != originRepo.ID
+	err := targetRepo.GetBaseRepo(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	protectedBranch, err := git_model.GetFirstMatchProtectedBranchRule(ctx, targetRepo.ID, branchName)
 	if err != nil {
-		return CanCommitToBranchResults{}, err
+		return nil, err
 	}
-	userCanPush := true
-	requireSigned := false
+	canPushWithProtection := true
+	protectionRequireSigned := false
 	if protectedBranch != nil {
-		protectedBranch.Repo = r.Repository
-		userCanPush = protectedBranch.CanUserPush(ctx, doer)
-		requireSigned = protectedBranch.RequireSignedCommits
+		protectedBranch.Repo = targetRepo
+		canPushWithProtection = protectedBranch.CanUserPush(ctx, doer)
+		protectionRequireSigned = protectedBranch.RequireSignedCommits
 	}
 
-	sign, keyID, _, err := asymkey_service.SignCRUDAction(ctx, r.Repository.RepoPath(), doer, r.Repository.RepoPath(), git.BranchPrefix+r.BranchName)
-
-	canCommit := r.CanEnableEditor(ctx, doer) && userCanPush
-	if requireSigned {
-		canCommit = canCommit && sign
-	}
+	willSign, signKeyID, _, err := asymkey_service.SignCRUDAction(ctx, targetRepo.RepoPath(), doer, targetRepo.RepoPath(), refName.String())
 	wontSignReason := ""
-	if err != nil {
-		if asymkey_service.IsErrWontSign(err) {
-			wontSignReason = string(err.(*asymkey_service.ErrWontSign).Reason)
-			err = nil
-		} else {
-			wontSignReason = "error"
-		}
+	if asymkey_service.IsErrWontSign(err) {
+		wontSignReason = string(err.(*asymkey_service.ErrWontSign).Reason)
+	} else if err != nil {
+		return nil, err
 	}
 
-	return CanCommitToBranchResults{
-		CanCommitToBranch: canCommit,
-		EditorEnabled:     r.CanEnableEditor(ctx, doer),
-		UserCanPush:       userCanPush,
-		RequireSigned:     requireSigned,
-		WillSign:          sign,
-		SigningKey:        keyID,
+	canCommitToBranch := !submitToForkedRepo /* same repo */ && targetRepo.CanEnableEditor() && canPushWithProtection
+	if protectionRequireSigned {
+		canCommitToBranch = canCommitToBranch && willSign
+	}
+
+	canCreateBasePullRequest := targetRepo.BaseRepo != nil && targetRepo.BaseRepo.UnitEnabled(ctx, unit_model.TypePullRequests)
+	canCreatePullRequest := targetRepo.UnitEnabled(ctx, unit_model.TypePullRequests) || canCreateBasePullRequest
+
+	opts := &CommitFormOptions{
+		TargetRepo:        targetRepo,
+		WillSubmitToFork:  submitToForkedRepo,
+		CanCommitToBranch: canCommitToBranch,
+		UserCanPush:       canPushWithProtection,
+		RequireSigned:     protectionRequireSigned,
+		WillSign:          willSign,
+		SigningKey:        signKeyID,
 		WontSignReason:    wontSignReason,
-	}, err
+
+		CanCreatePullRequest:     canCreatePullRequest,
+		CanCreateBasePullRequest: canCreateBasePullRequest,
+	}
+	editorAction := ctx.PathParam("editor_action")
+	editorPathParamRemaining := util.PathEscapeSegments(branchName) + "/" + util.PathEscapeSegments(ctx.Repo.TreePath)
+	if submitToForkedRepo {
+		// there is only "default branch" in forked repo, we will use "from_base_branch" to get a new branch from base repo
+		editorPathParamRemaining = util.PathEscapeSegments(targetRepo.DefaultBranch) + "/" + util.PathEscapeSegments(ctx.Repo.TreePath) + "?from_base_branch=" + url.QueryEscape(branchName)
+	}
+	if editorAction == "_cherrypick" {
+		opts.TargetFormAction = targetRepo.Link() + "/" + editorAction + "/" + ctx.PathParam("sha") + "/" + editorPathParamRemaining
+	} else {
+		opts.TargetFormAction = targetRepo.Link() + "/" + editorAction + "/" + editorPathParamRemaining
+	}
+	if ctx.Req.URL.RawQuery != "" {
+		opts.TargetFormAction += util.Iif(strings.Contains(opts.TargetFormAction, "?"), "&", "?") + ctx.Req.URL.RawQuery
+	}
+	return opts, nil
 }
 
 // CanUseTimetracker returns whether a user can use the timetracker.
@@ -328,7 +365,9 @@ func RedirectToRepo(ctx *Base, redirectRepoID int64) {
 	if ctx.Req.URL.RawQuery != "" {
 		redirectPath += "?" + ctx.Req.URL.RawQuery
 	}
-	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusTemporaryRedirect)
+	// Git client needs a 301 redirect by default to follow the new location
+	// It's not documentated in git documentation, but it's the behavior of git client
+	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusMovedPermanently)
 }
 
 func repoAssignment(ctx *Context, repo *repo_model.Repository) {
@@ -338,13 +377,17 @@ func repoAssignment(ctx *Context, repo *repo_model.Repository) {
 		return
 	}
 
-	ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
-	if err != nil {
-		ctx.ServerError("GetUserRepoPermission", err)
-		return
+	if ctx.DoerNeedTwoFactorAuth() {
+		ctx.Repo.Permission = access_model.PermissionNoAccess()
+	} else {
+		ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
+		if err != nil {
+			ctx.ServerError("GetUserRepoPermission", err)
+			return
+		}
 	}
 
-	if !ctx.Repo.Permission.HasAnyUnitAccessOrEveryoneAccess() && !canWriteAsMaintainer(ctx) {
+	if !ctx.Repo.Permission.HasAnyUnitAccessOrPublicAccess() && !canWriteAsMaintainer(ctx) {
 		if ctx.FormString("go-get") == "1" {
 			EarlyResponseForGoGetMeta(ctx)
 			return
@@ -386,7 +429,7 @@ func RepoAssignment(ctx *Context) {
 	}
 
 	// Check if the user is the same as the repository owner
-	if ctx.IsSigned && ctx.Doer.LowerName == strings.ToLower(userName) {
+	if ctx.IsSigned && strings.EqualFold(ctx.Doer.LowerName, userName) {
 		ctx.Repo.Owner = ctx.Doer
 	} else {
 		ctx.Repo.Owner, err = user_model.GetUserByName(ctx, userName)
@@ -667,12 +710,6 @@ func RepoAssignment(ctx *Context) {
 
 const headRefName = "HEAD"
 
-func RepoRef() func(*Context) {
-	// old code does: return RepoRefByType(git.RefTypeBranch)
-	// in most cases, it is an abuse, so we just disable it completely and fix the abuses one by one (if there is anything wrong)
-	return nil
-}
-
 func getRefNameFromPath(repo *Repository, path string, isExist func(string) bool) string {
 	refName := ""
 	parts := strings.Split(path, "/")
@@ -795,8 +832,8 @@ func RepoRefByType(detectRefType git.RefType) func(*Context) {
 	return func(ctx *Context) {
 		var err error
 		refType := detectRefType
-		if ctx.Repo.Repository.IsBeingCreated() {
-			return // no git repo, so do nothing, users will see a "migrating" UI provided by "migrate/migrating.tmpl"
+		if ctx.Repo.Repository.IsBeingCreated() || ctx.Repo.Repository.IsBroken() {
+			return // no git repo, so do nothing, users will see a "migrating" UI provided by "migrate/migrating.tmpl", or empty repo guide
 		}
 		// Empty repository does not have reference information.
 		if ctx.Repo.Repository.IsEmpty {
@@ -815,9 +852,9 @@ func RepoRefByType(detectRefType git.RefType) func(*Context) {
 		if reqPath == "" {
 			refShortName = ctx.Repo.Repository.DefaultBranch
 			if !gitrepo.IsBranchExist(ctx, ctx.Repo.Repository, refShortName) {
-				brs, _, err := ctx.Repo.GitRepo.GetBranches(0, 1)
+				brs, _, err := ctx.Repo.GitRepo.GetBranchNames(0, 1)
 				if err == nil && len(brs) != 0 {
-					refShortName = brs[0].Name
+					refShortName = brs[0]
 				} else if len(brs) == 0 {
 					log.Error("No branches in non-empty repository %s", ctx.Repo.GitRepo.Path)
 				} else {
@@ -936,6 +973,15 @@ func RepoRefByType(detectRefType git.RefType) func(*Context) {
 			ctx.ServerError("GetCommitsCount", err)
 			return
 		}
+		if ctx.Repo.RefFullName.IsTag() {
+			rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, ctx.Repo.RefFullName.TagName())
+			if err == nil && rel.NumCommits <= 0 {
+				rel.NumCommits = ctx.Repo.CommitsCount
+				if err := repo_model.UpdateReleaseNumCommits(ctx, rel); err != nil {
+					log.Error("UpdateReleaseNumCommits", err)
+				}
+			}
+		}
 		ctx.Data["CommitsCount"] = ctx.Repo.CommitsCount
 		ctx.Repo.GitRepo.LastCommitCache = git.NewLastCommitCache(ctx.Repo.CommitsCount, ctx.Repo.Repository.FullName(), ctx.Repo.GitRepo, cache.GetCache())
 	}
diff --git a/services/context/upload/upload.go b/services/context/upload/upload.go
index da4370a433..23707950d4 100644
--- a/services/context/upload/upload.go
+++ b/services/context/upload/upload.go
@@ -11,7 +11,9 @@ import (
 	"regexp"
 	"strings"
 
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/reqctx"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/services/context"
 )
@@ -39,7 +41,7 @@ func Verify(buf []byte, fileName, allowedTypesStr string) error {
 	allowedTypesStr = strings.ReplaceAll(allowedTypesStr, "|", ",") // compat for old config format
 
 	allowedTypes := []string{}
-	for _, entry := range strings.Split(allowedTypesStr, ",") {
+	for entry := range strings.SplitSeq(allowedTypesStr, ",") {
 		entry = strings.ToLower(strings.TrimSpace(entry))
 		if entry != "" {
 			allowedTypes = append(allowedTypes, entry)
@@ -87,14 +89,15 @@ func Verify(buf []byte, fileName, allowedTypesStr string) error {
 
 // AddUploadContext renders template values for dropzone
 func AddUploadContext(ctx *context.Context, uploadType string) {
-	if uploadType == "release" {
+	switch uploadType {
+	case "release":
 		ctx.Data["UploadUrl"] = ctx.Repo.RepoLink + "/releases/attachments"
 		ctx.Data["UploadRemoveUrl"] = ctx.Repo.RepoLink + "/releases/attachments/remove"
 		ctx.Data["UploadLinkUrl"] = ctx.Repo.RepoLink + "/releases/attachments"
 		ctx.Data["UploadAccepts"] = strings.ReplaceAll(setting.Repository.Release.AllowedTypes, "|", ",")
 		ctx.Data["UploadMaxFiles"] = setting.Attachment.MaxFiles
 		ctx.Data["UploadMaxSize"] = setting.Attachment.MaxSize
-	} else if uploadType == "comment" {
+	case "comment":
 		ctx.Data["UploadUrl"] = ctx.Repo.RepoLink + "/issues/attachments"
 		ctx.Data["UploadRemoveUrl"] = ctx.Repo.RepoLink + "/issues/attachments/remove"
 		if len(ctx.PathParam("index")) > 0 {
@@ -105,12 +108,17 @@ func AddUploadContext(ctx *context.Context, uploadType string) {
 		ctx.Data["UploadAccepts"] = strings.ReplaceAll(setting.Attachment.AllowedTypes, "|", ",")
 		ctx.Data["UploadMaxFiles"] = setting.Attachment.MaxFiles
 		ctx.Data["UploadMaxSize"] = setting.Attachment.MaxSize
-	} else if uploadType == "repo" {
-		ctx.Data["UploadUrl"] = ctx.Repo.RepoLink + "/upload-file"
-		ctx.Data["UploadRemoveUrl"] = ctx.Repo.RepoLink + "/upload-remove"
-		ctx.Data["UploadLinkUrl"] = ctx.Repo.RepoLink + "/upload-file"
-		ctx.Data["UploadAccepts"] = strings.ReplaceAll(setting.Repository.Upload.AllowedTypes, "|", ",")
-		ctx.Data["UploadMaxFiles"] = setting.Repository.Upload.MaxFiles
-		ctx.Data["UploadMaxSize"] = setting.Repository.Upload.FileMaxSize
+	default:
+		setting.PanicInDevOrTesting("Invalid upload type: %s", uploadType)
 	}
 }
+
+func AddUploadContextForRepo(ctx reqctx.RequestContext, repo *repo_model.Repository) {
+	ctxData, repoLink := ctx.GetData(), repo.Link()
+	ctxData["UploadUrl"] = repoLink + "/upload-file"
+	ctxData["UploadRemoveUrl"] = repoLink + "/upload-remove"
+	ctxData["UploadLinkUrl"] = repoLink + "/upload-file"
+	ctxData["UploadAccepts"] = strings.ReplaceAll(setting.Repository.Upload.AllowedTypes, "|", ",")
+	ctxData["UploadMaxFiles"] = setting.Repository.Upload.MaxFiles
+	ctxData["UploadMaxSize"] = setting.Repository.Upload.FileMaxSize
+}
diff --git a/services/context/user.go b/services/context/user.go
index c09ded8339..f1a3035ee9 100644
--- a/services/context/user.go
+++ b/services/context/user.go
@@ -61,7 +61,7 @@ func UserAssignmentAPI() func(ctx *APIContext) {
 func userAssignment(ctx *Base, doer *user_model.User, errCb func(int, any)) (contextUser *user_model.User) {
 	username := ctx.PathParam("username")
 
-	if doer != nil && doer.LowerName == strings.ToLower(username) {
+	if doer != nil && strings.EqualFold(doer.LowerName, username) {
 		contextUser = doer
 	} else {
 		var err error
diff --git a/services/contexttest/context_tests.go b/services/contexttest/context_tests.go
index c895de3569..44d9f4a70f 100644
--- a/services/contexttest/context_tests.go
+++ b/services/contexttest/context_tests.go
@@ -49,7 +49,7 @@ func mockRequest(t *testing.T, reqPath string) *http.Request {
 
 type MockContextOption struct {
 	Render       context.Render
-	SessionStore *session.MockStore
+	SessionStore session.Store
 }
 
 // MockContext mock context for unit tests
@@ -170,10 +170,19 @@ func LoadUser(t *testing.T, ctx gocontext.Context, userID int64) {
 
 // LoadGitRepo load a git repo into a test context. Requires that ctx.Repo has
 // already been populated.
-func LoadGitRepo(t *testing.T, ctx *context.Context) {
-	assert.NoError(t, ctx.Repo.Repository.LoadOwner(ctx))
+func LoadGitRepo(t *testing.T, ctx gocontext.Context) {
+	var repo *context.Repository
+	switch ctx := any(ctx).(type) {
+	case *context.Context:
+		repo = ctx.Repo
+	case *context.APIContext:
+		repo = ctx.Repo
+	default:
+		assert.FailNow(t, "context is not *context.Context or *context.APIContext")
+	}
+	assert.NoError(t, repo.Repository.LoadOwner(ctx))
 	var err error
-	ctx.Repo.GitRepo, err = gitrepo.OpenRepository(ctx, ctx.Repo.Repository)
+	repo.GitRepo, err = gitrepo.OpenRepository(ctx, repo.Repository)
 	assert.NoError(t, err)
 }
 
diff --git a/services/convert/convert.go b/services/convert/convert.go
index ac2680766c..0de3822140 100644
--- a/services/convert/convert.go
+++ b/services/convert/convert.go
@@ -5,8 +5,11 @@
 package convert
 
 import (
+	"bytes"
 	"context"
 	"fmt"
+	"net/url"
+	"path"
 	"strconv"
 	"strings"
 	"time"
@@ -14,6 +17,7 @@ import (
 	actions_model "code.gitea.io/gitea/models/actions"
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/organization"
@@ -22,6 +26,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/actions"
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
@@ -30,6 +35,9 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
 	"code.gitea.io/gitea/services/gitdiff"
+
+	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
+	"github.com/nektos/act/pkg/model"
 )
 
 // ToEmail convert models.EmailAddress to api.Email
@@ -141,7 +149,7 @@ func ToBranchProtection(ctx context.Context, bp *git_model.ProtectedBranch, repo
 	mergeWhitelistUsernames := getWhitelistEntities(readers, bp.MergeWhitelistUserIDs)
 	approvalsWhitelistUsernames := getWhitelistEntities(readers, bp.ApprovalsWhitelistUserIDs)
 
-	teamReaders, err := organization.OrgFromUser(repo.Owner).TeamsWithAccessToRepo(ctx, repo.ID, perm.AccessModeRead)
+	teamReaders, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.Owner.ID, repo.ID, perm.AccessModeRead, unit.TypeCode, unit.TypePullRequests)
 	if err != nil {
 		log.Error("Repo.Owner.TeamsWithAccessToRepo: %v", err)
 	}
@@ -195,13 +203,22 @@ func ToBranchProtection(ctx context.Context, bp *git_model.ProtectedBranch, repo
 
 // ToTag convert a git.Tag to an api.Tag
 func ToTag(repo *repo_model.Repository, t *git.Tag) *api.Tag {
+	tarballURL := util.URLJoin(repo.HTMLURL(), "archive", t.Name+".tar.gz")
+	zipballURL := util.URLJoin(repo.HTMLURL(), "archive", t.Name+".zip")
+
+	// Archive URLs are "" if the download feature is disabled
+	if setting.Repository.DisableDownloadSourceArchives {
+		tarballURL = ""
+		zipballURL = ""
+	}
+
 	return &api.Tag{
 		Name:       t.Name,
 		Message:    strings.TrimSpace(t.Message),
 		ID:         t.ID.String(),
 		Commit:     ToCommitMeta(repo, t),
-		ZipballURL: util.URLJoin(repo.HTMLURL(), "archive", t.Name+".zip"),
-		TarballURL: util.URLJoin(repo.HTMLURL(), "archive", t.Name+".tar.gz"),
+		ZipballURL: zipballURL,
+		TarballURL: tarballURL,
 	}
 }
 
@@ -230,6 +247,242 @@ func ToActionTask(ctx context.Context, t *actions_model.ActionTask) (*api.Action
 	}, nil
 }
 
+func ToActionWorkflowRun(ctx context.Context, repo *repo_model.Repository, run *actions_model.ActionRun) (*api.ActionWorkflowRun, error) {
+	err := run.LoadAttributes(ctx)
+	if err != nil {
+		return nil, err
+	}
+	status, conclusion := ToActionsStatus(run.Status)
+	return &api.ActionWorkflowRun{
+		ID:           run.ID,
+		URL:          fmt.Sprintf("%s/actions/runs/%d", repo.APIURL(), run.ID),
+		HTMLURL:      run.HTMLURL(),
+		RunNumber:    run.Index,
+		StartedAt:    run.Started.AsLocalTime(),
+		CompletedAt:  run.Stopped.AsLocalTime(),
+		Event:        string(run.Event),
+		DisplayTitle: run.Title,
+		HeadBranch:   git.RefName(run.Ref).BranchName(),
+		HeadSha:      run.CommitSHA,
+		Status:       status,
+		Conclusion:   conclusion,
+		Path:         fmt.Sprintf("%s@%s", run.WorkflowID, run.Ref),
+		Repository:   ToRepo(ctx, repo, access_model.Permission{AccessMode: perm.AccessModeNone}),
+		TriggerActor: ToUser(ctx, run.TriggerUser, nil),
+		// We do not have a way to get a different User for the actor than the trigger user
+		Actor: ToUser(ctx, run.TriggerUser, nil),
+	}, nil
+}
+
+func ToWorkflowRunAction(status actions_model.Status) string {
+	var action string
+	switch status {
+	case actions_model.StatusWaiting, actions_model.StatusBlocked:
+		action = "requested"
+	case actions_model.StatusRunning:
+		action = "in_progress"
+	}
+	if status.IsDone() {
+		action = "completed"
+	}
+	return action
+}
+
+func ToActionsStatus(status actions_model.Status) (string, string) {
+	var action string
+	var conclusion string
+	switch status {
+	// This is a naming conflict of the webhook between Gitea and GitHub Actions
+	case actions_model.StatusWaiting:
+		action = "queued"
+	case actions_model.StatusBlocked:
+		action = "waiting"
+	case actions_model.StatusRunning:
+		action = "in_progress"
+	}
+	if status.IsDone() {
+		action = "completed"
+		switch status {
+		case actions_model.StatusSuccess:
+			conclusion = "success"
+		case actions_model.StatusCancelled:
+			conclusion = "cancelled"
+		case actions_model.StatusFailure:
+			conclusion = "failure"
+		case actions_model.StatusSkipped:
+			conclusion = "skipped"
+		}
+	}
+	return action, conclusion
+}
+
+// ToActionWorkflowJob convert a actions_model.ActionRunJob to an api.ActionWorkflowJob
+// task is optional and can be nil
+func ToActionWorkflowJob(ctx context.Context, repo *repo_model.Repository, task *actions_model.ActionTask, job *actions_model.ActionRunJob) (*api.ActionWorkflowJob, error) {
+	err := job.LoadAttributes(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	jobIndex := 0
+	jobs, err := actions_model.GetRunJobsByRunID(ctx, job.RunID)
+	if err != nil {
+		return nil, err
+	}
+	for i, j := range jobs {
+		if j.ID == job.ID {
+			jobIndex = i
+			break
+		}
+	}
+
+	status, conclusion := ToActionsStatus(job.Status)
+	var runnerID int64
+	var runnerName string
+	var steps []*api.ActionWorkflowStep
+
+	if job.TaskID != 0 {
+		if task == nil {
+			task, _, err = db.GetByID[actions_model.ActionTask](ctx, job.TaskID)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		runnerID = task.RunnerID
+		if runner, ok, _ := db.GetByID[actions_model.ActionRunner](ctx, runnerID); ok {
+			runnerName = runner.Name
+		}
+		for i, step := range task.Steps {
+			stepStatus, stepConclusion := ToActionsStatus(job.Status)
+			steps = append(steps, &api.ActionWorkflowStep{
+				Name:        step.Name,
+				Number:      int64(i),
+				Status:      stepStatus,
+				Conclusion:  stepConclusion,
+				StartedAt:   step.Started.AsTime().UTC(),
+				CompletedAt: step.Stopped.AsTime().UTC(),
+			})
+		}
+	}
+
+	return &api.ActionWorkflowJob{
+		ID: job.ID,
+		// missing api endpoint for this location
+		URL:     fmt.Sprintf("%s/actions/jobs/%d", repo.APIURL(), job.ID),
+		HTMLURL: fmt.Sprintf("%s/jobs/%d", job.Run.HTMLURL(), jobIndex),
+		RunID:   job.RunID,
+		// Missing api endpoint for this location, artifacts are available under a nested url
+		RunURL:      fmt.Sprintf("%s/actions/runs/%d", repo.APIURL(), job.RunID),
+		Name:        job.Name,
+		Labels:      job.RunsOn,
+		RunAttempt:  job.Attempt,
+		HeadSha:     job.Run.CommitSHA,
+		HeadBranch:  git.RefName(job.Run.Ref).BranchName(),
+		Status:      status,
+		Conclusion:  conclusion,
+		RunnerID:    runnerID,
+		RunnerName:  runnerName,
+		Steps:       steps,
+		CreatedAt:   job.Created.AsTime().UTC(),
+		StartedAt:   job.Started.AsTime().UTC(),
+		CompletedAt: job.Stopped.AsTime().UTC(),
+	}, nil
+}
+
+func getActionWorkflowEntry(ctx context.Context, repo *repo_model.Repository, commit *git.Commit, folder string, entry *git.TreeEntry) *api.ActionWorkflow {
+	cfgUnit := repo.MustGetUnit(ctx, unit.TypeActions)
+	cfg := cfgUnit.ActionsConfig()
+
+	defaultBranch, _ := commit.GetBranchName()
+
+	workflowURL := fmt.Sprintf("%s/actions/workflows/%s", repo.APIURL(), util.PathEscapeSegments(entry.Name()))
+	workflowRepoURL := fmt.Sprintf("%s/src/branch/%s/%s/%s", repo.HTMLURL(ctx), util.PathEscapeSegments(defaultBranch), util.PathEscapeSegments(folder), util.PathEscapeSegments(entry.Name()))
+	badgeURL := fmt.Sprintf("%s/actions/workflows/%s/badge.svg?branch=%s", repo.HTMLURL(ctx), util.PathEscapeSegments(entry.Name()), url.QueryEscape(repo.DefaultBranch))
+
+	// See https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#get-a-workflow
+	// State types:
+	// - active
+	// - deleted
+	// - disabled_fork
+	// - disabled_inactivity
+	// - disabled_manually
+	state := "active"
+	if cfg.IsWorkflowDisabled(entry.Name()) {
+		state = "disabled_manually"
+	}
+
+	// The CreatedAt and UpdatedAt fields currently reflect the timestamp of the latest commit, which can later be refined
+	// by retrieving the first and last commits for the file history. The first commit would indicate the creation date,
+	// while the last commit would represent the modification date. The DeletedAt could be determined by identifying
+	// the last commit where the file existed. However, this implementation has not been done here yet, as it would likely
+	// cause a significant performance degradation.
+	createdAt := commit.Author.When
+	updatedAt := commit.Author.When
+
+	content, err := actions.GetContentFromEntry(entry)
+	name := entry.Name()
+	if err == nil {
+		workflow, err := model.ReadWorkflow(bytes.NewReader(content))
+		if err == nil {
+			// Only use the name when specified in the workflow file
+			if workflow.Name != "" {
+				name = workflow.Name
+			}
+		} else {
+			log.Error("getActionWorkflowEntry: Failed to parse workflow: %v", err)
+		}
+	} else {
+		log.Error("getActionWorkflowEntry: Failed to get content from entry: %v", err)
+	}
+
+	return &api.ActionWorkflow{
+		ID:        entry.Name(),
+		Name:      name,
+		Path:      path.Join(folder, entry.Name()),
+		State:     state,
+		CreatedAt: createdAt,
+		UpdatedAt: updatedAt,
+		URL:       workflowURL,
+		HTMLURL:   workflowRepoURL,
+		BadgeURL:  badgeURL,
+	}
+}
+
+func ListActionWorkflows(ctx context.Context, gitrepo *git.Repository, repo *repo_model.Repository) ([]*api.ActionWorkflow, error) {
+	defaultBranchCommit, err := gitrepo.GetBranchCommit(repo.DefaultBranch)
+	if err != nil {
+		return nil, err
+	}
+
+	folder, entries, err := actions.ListWorkflows(defaultBranchCommit)
+	if err != nil {
+		return nil, err
+	}
+
+	workflows := make([]*api.ActionWorkflow, len(entries))
+	for i, entry := range entries {
+		workflows[i] = getActionWorkflowEntry(ctx, repo, defaultBranchCommit, folder, entry)
+	}
+
+	return workflows, nil
+}
+
+func GetActionWorkflow(ctx context.Context, gitrepo *git.Repository, repo *repo_model.Repository, workflowID string) (*api.ActionWorkflow, error) {
+	entries, err := ListActionWorkflows(ctx, gitrepo, repo)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, entry := range entries {
+		if entry.ID == workflowID {
+			return entry, nil
+		}
+	}
+
+	return nil, util.NewNotExistErrorf("workflow %q not found", workflowID)
+}
+
 // ToActionArtifact convert a actions_model.ActionArtifact to an api.ActionArtifact
 func ToActionArtifact(repo *repo_model.Repository, art *actions_model.ActionArtifact) (*api.ActionArtifact, error) {
 	url := fmt.Sprintf("%s/actions/artifacts/%d", repo.APIURL(), art.ID)
@@ -252,6 +505,30 @@ func ToActionArtifact(repo *repo_model.Repository, art *actions_model.ActionArti
 	}, nil
 }
 
+func ToActionRunner(ctx context.Context, runner *actions_model.ActionRunner) *api.ActionRunner {
+	status := runner.Status()
+	apiStatus := "offline"
+	if runner.IsOnline() {
+		apiStatus = "online"
+	}
+	labels := make([]*api.ActionRunnerLabel, len(runner.AgentLabels))
+	for i, label := range runner.AgentLabels {
+		labels[i] = &api.ActionRunnerLabel{
+			ID:   int64(i),
+			Name: label,
+			Type: "custom",
+		}
+	}
+	return &api.ActionRunner{
+		ID:        runner.ID,
+		Name:      runner.Name,
+		Status:    apiStatus,
+		Busy:      status == runnerv1.RunnerStatus_RUNNER_STATUS_ACTIVE,
+		Ephemeral: runner.Ephemeral,
+		Labels:    labels,
+	}
+}
+
 // ToVerification convert a git.Commit.Signature to an api.PayloadCommitVerification
 func ToVerification(ctx context.Context, c *git.Commit) *api.PayloadCommitVerification {
 	verif := asymkey_service.ParseCommitWithSignature(ctx, c)
@@ -281,6 +558,7 @@ func ToPublicKey(apiLink string, key *asymkey_model.PublicKey) *api.PublicKey {
 		Title:       key.Name,
 		Fingerprint: key.Fingerprint,
 		Created:     key.CreatedUnix.AsTime(),
+		Updated:     key.UpdatedUnix.AsTime(),
 	}
 }
 
@@ -449,7 +727,7 @@ func ToTagProtection(ctx context.Context, pt *git_model.ProtectedTag, repo *repo
 
 	whitelistUsernames := getWhitelistEntities(readers, pt.AllowlistUserIDs)
 
-	teamReaders, err := organization.OrgFromUser(repo.Owner).TeamsWithAccessToRepo(ctx, repo.ID, perm.AccessModeRead)
+	teamReaders, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.Owner.ID, repo.ID, perm.AccessModeRead, unit.TypeCode, unit.TypePullRequests)
 	if err != nil {
 		log.Error("Repo.Owner.TeamsWithAccessToRepo: %v", err)
 	}
diff --git a/services/convert/git_commit_test.go b/services/convert/git_commit_test.go
index 73cb5e8c71..ad1cc0eca3 100644
--- a/services/convert/git_commit_test.go
+++ b/services/convert/git_commit_test.go
@@ -33,7 +33,7 @@ func TestToCommitMeta(t *testing.T) {
 	commitMeta := ToCommitMeta(headRepo, tag)
 
 	assert.NotNil(t, commitMeta)
-	assert.EqualValues(t, &api.CommitMeta{
+	assert.Equal(t, &api.CommitMeta{
 		SHA:     sha1.EmptyObjectID().String(),
 		URL:     util.URLJoin(headRepo.APIURL(), "git/commits", sha1.EmptyObjectID().String()),
 		Created: time.Unix(0, 0),
diff --git a/services/convert/pull.go b/services/convert/pull.go
index 928534ce5e..4acbd880dc 100644
--- a/services/convert/pull.go
+++ b/services/convert/pull.go
@@ -14,6 +14,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/cachegroup"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
@@ -28,8 +29,8 @@ import (
 // Optional - Merger
 func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User) *api.PullRequest {
 	var (
-		baseBranch *git.Branch
-		headBranch *git.Branch
+		baseBranch string
+		headBranch string
 		baseCommit *git.Commit
 		err        error
 	)
@@ -60,14 +61,14 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 		doerID = doer.ID
 	}
 
-	const repoDoerPermCacheKey = "repo_doer_perm_cache"
-	p, err := cache.GetWithContextCache(ctx, repoDoerPermCacheKey, fmt.Sprintf("%d_%d", pr.BaseRepoID, doerID),
-		func() (access_model.Permission, error) {
+	repoUserPerm, err := cache.GetWithContextCache(ctx, cachegroup.RepoUserPermission, fmt.Sprintf("%d-%d", pr.BaseRepoID, doerID),
+		func(ctx context.Context, _ string) (access_model.Permission, error) {
 			return access_model.GetUserRepoPermission(ctx, pr.BaseRepo, doer)
-		})
+		},
+	)
 	if err != nil {
 		log.Error("GetUserRepoPermission[%d]: %v", pr.BaseRepoID, err)
-		p.AccessMode = perm.AccessModeNone
+		repoUserPerm.AccessMode = perm.AccessModeNone
 	}
 
 	apiPullRequest := &api.PullRequest{
@@ -107,11 +108,11 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 			Name:       pr.BaseBranch,
 			Ref:        pr.BaseBranch,
 			RepoID:     pr.BaseRepoID,
-			Repository: ToRepo(ctx, pr.BaseRepo, p),
+			Repository: ToRepo(ctx, pr.BaseRepo, repoUserPerm),
 		},
 		Head: &api.PRBranchInfo{
 			Name:   pr.HeadBranch,
-			Ref:    fmt.Sprintf("%s%d/head", git.PullPrefix, pr.Index),
+			Ref:    pr.GetGitHeadRefName(),
 			RepoID: -1,
 		},
 	}
@@ -150,16 +151,16 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 	}
 	defer gitRepo.Close()
 
-	baseBranch, err = gitRepo.GetBranch(pr.BaseBranch)
-	if err != nil && !git.IsErrBranchNotExist(err) {
+	exist, err := git_model.IsBranchExist(ctx, pr.BaseRepoID, pr.BaseBranch)
+	if err != nil {
 		log.Error("GetBranch[%s]: %v", pr.BaseBranch, err)
 		return nil
 	}
 
-	if err == nil {
-		baseCommit, err = baseBranch.GetCommit()
+	if exist {
+		baseCommit, err = gitRepo.GetBranchCommit(pr.BaseBranch)
 		if err != nil && !git.IsErrNotExist(err) {
-			log.Error("GetCommit[%s]: %v", baseBranch.Name, err)
+			log.Error("GetCommit[%s]: %v", baseBranch, err)
 			return nil
 		}
 
@@ -169,16 +170,9 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 	}
 
 	if pr.Flow == issues_model.PullRequestFlowAGit {
-		gitRepo, err := gitrepo.OpenRepository(ctx, pr.BaseRepo)
-		if err != nil {
-			log.Error("OpenRepository[%s]: %v", pr.GetGitRefName(), err)
-			return nil
-		}
-		defer gitRepo.Close()
-
-		apiPullRequest.Head.Sha, err = gitRepo.GetRefCommitID(pr.GetGitRefName())
+		apiPullRequest.Head.Sha, err = gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
-			log.Error("GetRefCommitID[%s]: %v", pr.GetGitRefName(), err)
+			log.Error("GetRefCommitID[%s]: %v", pr.GetGitHeadRefName(), err)
 			return nil
 		}
 		apiPullRequest.Head.RepoID = pr.BaseRepoID
@@ -203,8 +197,8 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 		}
 		defer headGitRepo.Close()
 
-		headBranch, err = headGitRepo.GetBranch(pr.HeadBranch)
-		if err != nil && !git.IsErrBranchNotExist(err) {
+		exist, err = git_model.IsBranchExist(ctx, pr.HeadRepoID, pr.HeadBranch)
+		if err != nil {
 			log.Error("GetBranch[%s]: %v", pr.HeadBranch, err)
 			return nil
 		}
@@ -215,7 +209,7 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 			endCommitID   string
 		)
 
-		if git.IsErrBranchNotExist(err) {
+		if !exist {
 			headCommitID, err := headGitRepo.GetRefCommitID(apiPullRequest.Head.Ref)
 			if err != nil && !git.IsErrNotExist(err) {
 				log.Error("GetCommit[%s]: %v", pr.HeadBranch, err)
@@ -226,9 +220,9 @@ func ToAPIPullRequest(ctx context.Context, pr *issues_model.PullRequest, doer *u
 				endCommitID = headCommitID
 			}
 		} else {
-			commit, err := headBranch.GetCommit()
+			commit, err := headGitRepo.GetBranchCommit(pr.HeadBranch)
 			if err != nil && !git.IsErrNotExist(err) {
-				log.Error("GetCommit[%s]: %v", headBranch.Name, err)
+				log.Error("GetCommit[%s]: %v", headBranch, err)
 				return nil
 			}
 			if err == nil {
@@ -389,7 +383,7 @@ func ToAPIPullRequests(ctx context.Context, baseRepo *repo_model.Repository, prs
 			},
 			Head: &api.PRBranchInfo{
 				Name:   pr.HeadBranch,
-				Ref:    fmt.Sprintf("%s%d/head", git.PullPrefix, pr.Index),
+				Ref:    pr.GetGitHeadRefName(),
 				RepoID: -1,
 			},
 		}
@@ -422,72 +416,43 @@ func ToAPIPullRequests(ctx context.Context, baseRepo *repo_model.Repository, prs
 				return nil, err
 			}
 		}
-
 		if baseBranch != nil {
 			apiPullRequest.Base.Sha = baseBranch.CommitID
 		}
+		if pr.HeadRepoID == pr.BaseRepoID {
+			apiPullRequest.Head.Repository = apiPullRequest.Base.Repository
+		}
 
-		if pr.Flow == issues_model.PullRequestFlowAGit {
-			apiPullRequest.Head.Sha, err = gitRepo.GetRefCommitID(pr.GetGitRefName())
+		// pull request head branch, both repository and branch could not exist
+		if pr.HeadRepo != nil {
+			apiPullRequest.Head.RepoID = pr.HeadRepo.ID
+			exist, err := git_model.IsBranchExist(ctx, pr.HeadRepo.ID, pr.HeadBranch)
 			if err != nil {
-				log.Error("GetRefCommitID[%s]: %v", pr.GetGitRefName(), err)
+				log.Error("IsBranchExist[%d]: %v", pr.HeadRepo.ID, err)
 				return nil, err
 			}
-			apiPullRequest.Head.RepoID = pr.BaseRepoID
-			apiPullRequest.Head.Repository = apiPullRequest.Base.Repository
-			apiPullRequest.Head.Name = ""
-		}
-
-		var headGitRepo *git.Repository
-		if pr.HeadRepo != nil && pr.Flow == issues_model.PullRequestFlowGithub {
-			if pr.HeadRepoID == pr.BaseRepoID {
-				apiPullRequest.Head.RepoID = pr.HeadRepo.ID
-				apiPullRequest.Head.Repository = apiRepo
-				headGitRepo = gitRepo
-			} else {
+			if exist {
+				apiPullRequest.Head.Ref = pr.HeadBranch
+			}
+			if pr.HeadRepoID != pr.BaseRepoID {
 				p, err := access_model.GetUserRepoPermission(ctx, pr.HeadRepo, doer)
 				if err != nil {
 					log.Error("GetUserRepoPermission[%d]: %v", pr.HeadRepoID, err)
 					p.AccessMode = perm.AccessModeNone
 				}
-
-				apiPullRequest.Head.RepoID = pr.HeadRepo.ID
 				apiPullRequest.Head.Repository = ToRepo(ctx, pr.HeadRepo, p)
-
-				headGitRepo, err = gitrepo.OpenRepository(ctx, pr.HeadRepo)
-				if err != nil {
-					log.Error("OpenRepository[%s]: %v", pr.HeadRepo.RepoPath(), err)
-					return nil, err
-				}
-				defer headGitRepo.Close()
-			}
-
-			headBranch, err := headGitRepo.GetBranch(pr.HeadBranch)
-			if err != nil && !git.IsErrBranchNotExist(err) {
-				log.Error("GetBranch[%s]: %v", pr.HeadBranch, err)
-				return nil, err
 			}
+		}
+		if apiPullRequest.Head.Ref == "" {
+			apiPullRequest.Head.Ref = pr.GetGitHeadRefName()
+		}
 
-			if git.IsErrBranchNotExist(err) {
-				headCommitID, err := headGitRepo.GetRefCommitID(apiPullRequest.Head.Ref)
-				if err != nil && !git.IsErrNotExist(err) {
-					log.Error("GetCommit[%s]: %v", pr.HeadBranch, err)
-					return nil, err
-				}
-				if err == nil {
-					apiPullRequest.Head.Sha = headCommitID
-				}
-			} else {
-				commit, err := headBranch.GetCommit()
-				if err != nil && !git.IsErrNotExist(err) {
-					log.Error("GetCommit[%s]: %v", headBranch.Name, err)
-					return nil, err
-				}
-				if err == nil {
-					apiPullRequest.Head.Ref = pr.HeadBranch
-					apiPullRequest.Head.Sha = commit.ID.String()
-				}
-			}
+		if pr.Flow == issues_model.PullRequestFlowAGit {
+			apiPullRequest.Head.Name = ""
+		}
+		apiPullRequest.Head.Sha, err = gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
+		if err != nil {
+			log.Error("GetRefCommitID[%s]: %v", pr.GetGitHeadRefName(), err)
 		}
 
 		if len(apiPullRequest.Head.Sha) == 0 && len(apiPullRequest.Head.Ref) != 0 {
diff --git a/services/convert/pull_review_test.go b/services/convert/pull_review_test.go
index a1296fafd4..d0a077ab24 100644
--- a/services/convert/pull_review_test.go
+++ b/services/convert/pull_review_test.go
@@ -19,8 +19,8 @@ func Test_ToPullReview(t *testing.T) {
 
 	reviewer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 	review := unittest.AssertExistsAndLoadBean(t, &issues_model.Review{ID: 6})
-	assert.EqualValues(t, reviewer.ID, review.ReviewerID)
-	assert.EqualValues(t, issues_model.ReviewTypePending, review.Type)
+	assert.Equal(t, reviewer.ID, review.ReviewerID)
+	assert.Equal(t, issues_model.ReviewTypePending, review.Type)
 
 	reviewList := []*issues_model.Review{review}
 
diff --git a/services/convert/pull_test.go b/services/convert/pull_test.go
index e069fa4a68..dfbe24d184 100644
--- a/services/convert/pull_test.go
+++ b/services/convert/pull_test.go
@@ -27,7 +27,7 @@ func TestPullRequest_APIFormat(t *testing.T) {
 	assert.NoError(t, pr.LoadIssue(db.DefaultContext))
 	apiPullRequest := ToAPIPullRequest(git.DefaultContext, pr, nil)
 	assert.NotNil(t, apiPullRequest)
-	assert.EqualValues(t, &structs.PRBranchInfo{
+	assert.Equal(t, &structs.PRBranchInfo{
 		Name:       "branch1",
 		Ref:        "refs/pull/2/head",
 		Sha:        "4a357436d925b5c974181ff12a994538ddc5a269",
@@ -46,4 +46,11 @@ func TestPullRequest_APIFormat(t *testing.T) {
 	assert.NotNil(t, apiPullRequest)
 	assert.Nil(t, apiPullRequest.Head.Repository)
 	assert.EqualValues(t, -1, apiPullRequest.Head.RepoID)
+
+	apiPullRequests, err := ToAPIPullRequests(git.DefaultContext, pr.BaseRepo, []*issues_model.PullRequest{pr}, nil)
+	assert.NoError(t, err)
+	assert.Len(t, apiPullRequests, 1)
+	assert.NotNil(t, apiPullRequests[0])
+	assert.Nil(t, apiPullRequests[0].Head.Repository)
+	assert.EqualValues(t, -1, apiPullRequests[0].Head.RepoID)
 }
diff --git a/services/convert/release_test.go b/services/convert/release_test.go
index 201b27e16d..bb618c9ca3 100644
--- a/services/convert/release_test.go
+++ b/services/convert/release_test.go
@@ -23,6 +23,6 @@ func TestRelease_ToRelease(t *testing.T) {
 	apiRelease := ToAPIRelease(db.DefaultContext, repo1, release1)
 	assert.NotNil(t, apiRelease)
 	assert.EqualValues(t, 1, apiRelease.ID)
-	assert.EqualValues(t, "https://try.gitea.io/api/v1/repos/user2/repo1/releases/1", apiRelease.URL)
-	assert.EqualValues(t, "https://try.gitea.io/api/v1/repos/user2/repo1/releases/1/assets", apiRelease.UploadURL)
+	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/releases/1", apiRelease.URL)
+	assert.Equal(t, "https://try.gitea.io/api/v1/repos/user2/repo1/releases/1/assets", apiRelease.UploadURL)
 }
diff --git a/services/convert/repository.go b/services/convert/repository.go
index 7dfdfd2179..a364591bb8 100644
--- a/services/convert/repository.go
+++ b/services/convert/repository.go
@@ -98,6 +98,8 @@ func innerToRepo(ctx context.Context, repo *repo_model.Repository, permissionInR
 	allowSquash := false
 	allowFastForwardOnly := false
 	allowRebaseUpdate := false
+	allowManualMerge := true
+	autodetectManualMerge := false
 	defaultDeleteBranchAfterMerge := false
 	defaultMergeStyle := repo_model.MergeStyleMerge
 	defaultAllowMaintainerEdit := false
@@ -111,6 +113,8 @@ func innerToRepo(ctx context.Context, repo *repo_model.Repository, permissionInR
 		allowSquash = config.AllowSquash
 		allowFastForwardOnly = config.AllowFastForwardOnly
 		allowRebaseUpdate = config.AllowRebaseUpdate
+		allowManualMerge = config.AllowManualMerge
+		autodetectManualMerge = config.AutodetectManualMerge
 		defaultDeleteBranchAfterMerge = config.DefaultDeleteBranchAfterMerge
 		defaultMergeStyle = config.GetDefaultMergeStyle()
 		defaultAllowMaintainerEdit = config.DefaultAllowMaintainerEdit
@@ -235,6 +239,8 @@ func innerToRepo(ctx context.Context, repo *repo_model.Repository, permissionInR
 		AllowSquash:                   allowSquash,
 		AllowFastForwardOnly:          allowFastForwardOnly,
 		AllowRebaseUpdate:             allowRebaseUpdate,
+		AllowManualMerge:              allowManualMerge,
+		AutodetectManualMerge:         autodetectManualMerge,
 		DefaultDeleteBranchAfterMerge: defaultDeleteBranchAfterMerge,
 		DefaultMergeStyle:             string(defaultMergeStyle),
 		DefaultAllowMaintainerEdit:    defaultAllowMaintainerEdit,
@@ -245,7 +251,7 @@ func innerToRepo(ctx context.Context, repo *repo_model.Repository, permissionInR
 		RepoTransfer:                  transfer,
 		Topics:                        util.SliceNilAsEmpty(repo.Topics),
 		ObjectFormatName:              repo.ObjectFormatName,
-		Licenses:                      repoLicenses.StringList(),
+		Licenses:                      util.SliceNilAsEmpty(repoLicenses.StringList()),
 	}
 }
 
diff --git a/services/convert/status.go b/services/convert/status.go
index 6cef63c1cd..b4864a0307 100644
--- a/services/convert/status.go
+++ b/services/convert/status.go
@@ -5,6 +5,7 @@ package convert
 
 import (
 	"context"
+	"net/url"
 
 	git_model "code.gitea.io/gitea/models/git"
 	user_model "code.gitea.io/gitea/models/user"
@@ -32,34 +33,29 @@ func ToCommitStatus(ctx context.Context, status *git_model.CommitStatus) *api.Co
 	return apiStatus
 }
 
+func ToCommitStatuses(ctx context.Context, statuses []*git_model.CommitStatus) []*api.CommitStatus {
+	apiStatuses := make([]*api.CommitStatus, len(statuses))
+	for i, status := range statuses {
+		apiStatuses[i] = ToCommitStatus(ctx, status)
+	}
+	return apiStatuses
+}
+
 // ToCombinedStatus converts List of CommitStatus to a CombinedStatus
 func ToCombinedStatus(ctx context.Context, statuses []*git_model.CommitStatus, repo *api.Repository) *api.CombinedStatus {
 	if len(statuses) == 0 {
 		return nil
 	}
 
-	retStatus := &api.CombinedStatus{
-		SHA:        statuses[0].SHA,
+	combinedStatus := git_model.CalcCommitStatus(statuses)
+
+	return &api.CombinedStatus{
+		State:      combinedStatus.State,
+		Statuses:   ToCommitStatuses(ctx, statuses),
+		SHA:        combinedStatus.SHA,
 		TotalCount: len(statuses),
 		Repository: repo,
-		URL:        "",
+		CommitURL:  repo.URL + "/commits/" + url.PathEscape(combinedStatus.SHA),
+		URL:        repo.URL + "/commits/" + url.PathEscape(combinedStatus.SHA) + "/status",
 	}
-
-	retStatus.Statuses = make([]*api.CommitStatus, 0, len(statuses))
-	for _, status := range statuses {
-		retStatus.Statuses = append(retStatus.Statuses, ToCommitStatus(ctx, status))
-		if retStatus.State == "" || status.State.NoBetterThan(retStatus.State) {
-			retStatus.State = status.State
-		}
-	}
-	// According to https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#get-the-combined-status-for-a-specific-reference
-	// > Additionally, a combined state is returned. The state is one of:
-	// > failure if any of the contexts report as error or failure
-	// > pending if there are no statuses or a context is pending
-	// > success if the latest status for all contexts is success
-	if retStatus.State.IsError() {
-		retStatus.State = api.CommitStatusFailure
-	}
-
-	return retStatus
 }
diff --git a/services/convert/user_test.go b/services/convert/user_test.go
index 4b1effc7aa..199d500732 100644
--- a/services/convert/user_test.go
+++ b/services/convert/user_test.go
@@ -30,11 +30,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(db.DefaultContext, user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.EqualValues(t, api.VisibleTypePublic.String(), apiUser.Visibility)
+	assert.Equal(t, api.VisibleTypePublic.String(), apiUser.Visibility)
 
 	user31 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate})
 
 	apiUser = toUser(db.DefaultContext, user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
-	assert.EqualValues(t, api.VisibleTypePrivate.String(), apiUser.Visibility)
+	assert.Equal(t, api.VisibleTypePrivate.String(), apiUser.Visibility)
 }
diff --git a/services/convert/utils_test.go b/services/convert/utils_test.go
index a8363ec6bd..7965624e2b 100644
--- a/services/convert/utils_test.go
+++ b/services/convert/utils_test.go
@@ -10,10 +10,10 @@ import (
 )
 
 func TestToCorrectPageSize(t *testing.T) {
-	assert.EqualValues(t, 30, ToCorrectPageSize(0))
-	assert.EqualValues(t, 30, ToCorrectPageSize(-10))
-	assert.EqualValues(t, 20, ToCorrectPageSize(20))
-	assert.EqualValues(t, 50, ToCorrectPageSize(100))
+	assert.Equal(t, 30, ToCorrectPageSize(0))
+	assert.Equal(t, 30, ToCorrectPageSize(-10))
+	assert.Equal(t, 20, ToCorrectPageSize(20))
+	assert.Equal(t, 50, ToCorrectPageSize(100))
 }
 
 func TestToGitServiceType(t *testing.T) {
diff --git a/services/doctor/actions.go b/services/doctor/actions.go
index 7c44fb8392..28e26c88eb 100644
--- a/services/doctor/actions.go
+++ b/services/doctor/actions.go
@@ -19,7 +19,7 @@ func disableMirrorActionsUnit(ctx context.Context, logger log.Logger, autofix bo
 	var reposToFix []*repo_model.Repository
 
 	for page := 1; ; page++ {
-		repos, _, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+		repos, _, err := repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: repo_model.RepositoryListDefaultPageSize,
 				Page:     page,
diff --git a/services/doctor/authorizedkeys.go b/services/doctor/authorizedkeys.go
index 8d6fc9cb5e..46e7099dce 100644
--- a/services/doctor/authorizedkeys.go
+++ b/services/doctor/authorizedkeys.go
@@ -7,6 +7,7 @@ import (
 	"bufio"
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -78,7 +79,7 @@ func checkAuthorizedKeys(ctx context.Context, logger log.Logger, autofix bool) e
 				fPath,
 				"gitea admin regenerate keys",
 				"gitea doctor --run authorized-keys --fix")
-			return fmt.Errorf(`authorized_keys is out of date and should be regenerated with "gitea admin regenerate keys" or "gitea doctor --run authorized-keys --fix"`)
+			return errors.New(`authorized_keys is out of date and should be regenerated with "gitea admin regenerate keys" or "gitea doctor --run authorized-keys --fix"`)
 		}
 		logger.Warn("authorized_keys is out of date. Attempting rewrite...")
 		err = asymkey_service.RewriteAllPublicKeys(ctx)
diff --git a/services/doctor/dbconsistency.go b/services/doctor/dbconsistency.go
index 62326ed07c..d5a133d8b2 100644
--- a/services/doctor/dbconsistency.go
+++ b/services/doctor/dbconsistency.go
@@ -15,6 +15,7 @@ import (
 	secret_model "code.gitea.io/gitea/models/secret"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	issue_service "code.gitea.io/gitea/services/issue"
 )
 
 type consistencyCheck struct {
@@ -93,7 +94,7 @@ func prepareDBConsistencyChecks() []consistencyCheck {
 			// find issues without existing repository
 			Name:    "Orphaned Issues without existing repository",
 			Counter: issues_model.CountOrphanedIssues,
-			Fixer:   asFixer(issues_model.DeleteOrphanedIssues),
+			Fixer:   asFixer(issue_service.DeleteOrphanedIssues),
 		},
 		// find releases without existing repository
 		genericOrphanCheck("Orphaned Releases without existing repository",
diff --git a/services/doctor/fix16961_test.go b/services/doctor/fix16961_test.go
index 498ed9c8d5..11a128620c 100644
--- a/services/doctor/fix16961_test.go
+++ b/services/doctor/fix16961_test.go
@@ -19,12 +19,6 @@ func Test_fixUnitConfig_16961(t *testing.T) {
 		wantErr   bool
 	}{
 		{
-			name:      "empty",
-			bs:        "",
-			wantFixed: true,
-			wantErr:   false,
-		},
-		{
 			name:      "normal: {}",
 			bs:        "{}",
 			wantFixed: false,
@@ -221,7 +215,7 @@ func Test_fixPullRequestsConfig_16961(t *testing.T) {
 			if gotFixed != tt.wantFixed {
 				t.Errorf("fixPullRequestsConfig_16961() = %v, want %v", gotFixed, tt.wantFixed)
 			}
-			assert.EqualValues(t, &tt.expected, cfg)
+			assert.Equal(t, &tt.expected, cfg)
 		})
 	}
 }
@@ -265,7 +259,7 @@ func Test_fixIssuesConfig_16961(t *testing.T) {
 			if gotFixed != tt.wantFixed {
 				t.Errorf("fixIssuesConfig_16961() = %v, want %v", gotFixed, tt.wantFixed)
 			}
-			assert.EqualValues(t, &tt.expected, cfg)
+			assert.Equal(t, &tt.expected, cfg)
 		})
 	}
 }
diff --git a/services/doctor/lfs.go b/services/doctor/lfs.go
index 5f110b8f97..a90f394450 100644
--- a/services/doctor/lfs.go
+++ b/services/doctor/lfs.go
@@ -5,7 +5,7 @@ package doctor
 
 import (
 	"context"
-	"fmt"
+	"errors"
 	"time"
 
 	"code.gitea.io/gitea/modules/log"
@@ -27,7 +27,7 @@ func init() {
 
 func garbageCollectLFSCheck(ctx context.Context, logger log.Logger, autofix bool) error {
 	if !setting.LFS.StartServer {
-		return fmt.Errorf("LFS support is disabled")
+		return errors.New("LFS support is disabled")
 	}
 
 	if err := repository.GarbageCollectLFSMetaObjects(ctx, repository.GarbageCollectLFSMetaObjectsOptions{
diff --git a/services/doctor/mergebase.go b/services/doctor/mergebase.go
index 482bcd0a46..cbd8aa59fd 100644
--- a/services/doctor/mergebase.go
+++ b/services/doctor/mergebase.go
@@ -42,7 +42,7 @@ func checkPRMergeBase(ctx context.Context, logger log.Logger, autofix bool) erro
 
 			if !pr.HasMerged {
 				var err error
-				pr.MergeBase, _, err = git.NewCommand("merge-base").AddDashesAndList(pr.BaseBranch, pr.GetGitRefName()).RunStdString(ctx, &git.RunOpts{Dir: repoPath})
+				pr.MergeBase, _, err = git.NewCommand("merge-base").AddDashesAndList(pr.BaseBranch, pr.GetGitHeadRefName()).RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 				if err != nil {
 					var err2 error
 					pr.MergeBase, _, err2 = git.NewCommand("rev-parse").AddDynamicArguments(git.BranchPrefix+pr.BaseBranch).RunStdString(ctx, &git.RunOpts{Dir: repoPath})
@@ -63,7 +63,7 @@ func checkPRMergeBase(ctx context.Context, logger log.Logger, autofix bool) erro
 				}
 
 				refs := append([]string{}, parents[1:]...)
-				refs = append(refs, pr.GetGitRefName())
+				refs = append(refs, pr.GetGitHeadRefName())
 				cmd := git.NewCommand("merge-base").AddDashesAndList(refs...)
 				pr.MergeBase, _, err = cmd.RunStdString(ctx, &git.RunOpts{Dir: repoPath})
 				if err != nil {
diff --git a/services/doctor/misc.go b/services/doctor/misc.go
index d934640af5..1269d088c3 100644
--- a/services/doctor/misc.go
+++ b/services/doctor/misc.go
@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"os"
 	"os/exec"
-	"path"
+	"path/filepath"
 	"strings"
 
 	"code.gitea.io/gitea/models"
@@ -148,7 +148,7 @@ func checkDaemonExport(ctx context.Context, logger log.Logger, autofix bool) err
 		}
 
 		// Create/Remove git-daemon-export-ok for git-daemon...
-		daemonExportFile := path.Join(repo.RepoPath(), `git-daemon-export-ok`)
+		daemonExportFile := filepath.Join(repo.RepoPath(), `git-daemon-export-ok`)
 		isExist, err := util.IsExist(daemonExportFile)
 		if err != nil {
 			log.Error("Unable to check if %s exists. Error: %v", daemonExportFile, err)
@@ -196,7 +196,7 @@ func checkCommitGraph(ctx context.Context, logger log.Logger, autofix bool) erro
 
 		commitGraphExists := func() (bool, error) {
 			// Check commit-graph exists
-			commitGraphFile := path.Join(repo.RepoPath(), `objects/info/commit-graph`)
+			commitGraphFile := filepath.Join(repo.RepoPath(), `objects/info/commit-graph`)
 			isExist, err := util.IsExist(commitGraphFile)
 			if err != nil {
 				logger.Error("Unable to check if %s exists. Error: %v", commitGraphFile, err)
@@ -204,7 +204,7 @@ func checkCommitGraph(ctx context.Context, logger log.Logger, autofix bool) erro
 			}
 
 			if !isExist {
-				commitGraphsDir := path.Join(repo.RepoPath(), `objects/info/commit-graphs`)
+				commitGraphsDir := filepath.Join(repo.RepoPath(), `objects/info/commit-graphs`)
 				isExist, err = util.IsExist(commitGraphsDir)
 				if err != nil {
 					logger.Error("Unable to check if %s exists. Error: %v", commitGraphsDir, err)
diff --git a/services/doctor/paths.go b/services/doctor/paths.go
index 3f62d587ab..4214c36b1a 100644
--- a/services/doctor/paths.go
+++ b/services/doctor/paths.go
@@ -99,15 +99,14 @@ func checkConfigurationFiles(ctx context.Context, logger log.Logger, autofix boo
 func isWritableDir(path string) error {
 	// There's no platform-independent way of checking if a directory is writable
 	// https://stackoverflow.com/questions/20026320/how-to-tell-if-folder-exists-and-is-writable
-
 	tmpFile, err := os.CreateTemp(path, "doctors-order")
 	if err != nil {
 		return err
 	}
 	if err := os.Remove(tmpFile.Name()); err != nil {
-		fmt.Printf("Warning: can't remove temporary file: '%s'\n", tmpFile.Name()) //nolint:forbidigo
+		log.Warn("can't remove temporary file: %q", tmpFile.Name())
 	}
-	tmpFile.Close()
+	_ = tmpFile.Close()
 	return nil
 }
 
diff --git a/services/doctor/repository.go b/services/doctor/repository.go
index 6c33426636..359c4a17e0 100644
--- a/services/doctor/repository.go
+++ b/services/doctor/repository.go
@@ -7,7 +7,6 @@ import (
 	"context"
 
 	"code.gitea.io/gitea/models/db"
-	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/storage"
 	repo_service "code.gitea.io/gitea/services/repository"
@@ -39,7 +38,6 @@ func deleteOrphanedRepos(ctx context.Context) (int64, error) {
 	batchSize := db.MaxBatchInsertSize("repository")
 	e := db.GetEngine(ctx)
 	var deleted int64
-	adminUser := &user_model.User{IsAdmin: true}
 
 	for {
 		select {
@@ -60,7 +58,7 @@ func deleteOrphanedRepos(ctx context.Context) (int64, error) {
 			}
 
 			for _, id := range ids {
-				if err := repo_service.DeleteRepositoryDirectly(ctx, adminUser, id, true); err != nil {
+				if err := repo_service.DeleteRepositoryDirectly(ctx, id, true); err != nil {
 					return deleted, err
 				}
 				deleted++
diff --git a/services/doctor/storage.go b/services/doctor/storage.go
index 3f3b562c37..77fc6d65df 100644
--- a/services/doctor/storage.go
+++ b/services/doctor/storage.go
@@ -121,7 +121,7 @@ func checkStorage(opts *checkStorageOptions) func(ctx context.Context, logger lo
 					storer: storage.LFS,
 					isOrphaned: func(path string, obj storage.Object, stat fs.FileInfo) (bool, error) {
 						// The oid of an LFS stored object is the name but with all the path.Separators removed
-						oid := strings.ReplaceAll(path, "/", "")
+						oid := strings.ReplaceAll(strings.ReplaceAll(path, "\\", ""), "/", "")
 						exists, err := git.ExistsLFSObject(ctx, oid)
 						return !exists, err
 					},
diff --git a/services/externalaccount/link.go b/services/externalaccount/link.go
deleted file mode 100644
index d6e2ea7e94..0000000000
--- a/services/externalaccount/link.go
+++ /dev/null
@@ -1,30 +0,0 @@
-// Copyright 2021 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package externalaccount
-
-import (
-	"context"
-	"fmt"
-
-	user_model "code.gitea.io/gitea/models/user"
-
-	"github.com/markbates/goth"
-)
-
-// Store represents a thing that stores things
-type Store interface {
-	Get(any) any
-	Set(any, any) error
-	Release() error
-}
-
-// LinkAccountFromStore links the provided user with a stored external user
-func LinkAccountFromStore(ctx context.Context, store Store, user *user_model.User) error {
-	gothUser := store.Get("linkAccountGothUser")
-	if gothUser == nil {
-		return fmt.Errorf("not in LinkAccount session")
-	}
-
-	return LinkAccountToUser(ctx, user, gothUser.(goth.User))
-}
diff --git a/services/externalaccount/user.go b/services/externalaccount/user.go
index b53e33654a..1eddc4a5df 100644
--- a/services/externalaccount/user.go
+++ b/services/externalaccount/user.go
@@ -8,7 +8,6 @@ import (
 	"strconv"
 	"strings"
 
-	"code.gitea.io/gitea/models/auth"
 	issues_model "code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
@@ -17,15 +16,11 @@ import (
 	"github.com/markbates/goth"
 )
 
-func toExternalLoginUser(ctx context.Context, user *user_model.User, gothUser goth.User) (*user_model.ExternalLoginUser, error) {
-	authSource, err := auth.GetActiveOAuth2SourceByName(ctx, gothUser.Provider)
-	if err != nil {
-		return nil, err
-	}
+func toExternalLoginUser(authSourceID int64, user *user_model.User, gothUser goth.User) *user_model.ExternalLoginUser {
 	return &user_model.ExternalLoginUser{
 		ExternalID:        gothUser.UserID,
 		UserID:            user.ID,
-		LoginSourceID:     authSource.ID,
+		LoginSourceID:     authSourceID,
 		RawData:           gothUser.RawData,
 		Provider:          gothUser.Provider,
 		Email:             gothUser.Email,
@@ -40,15 +35,12 @@ func toExternalLoginUser(ctx context.Context, user *user_model.User, gothUser go
 		AccessTokenSecret: gothUser.AccessTokenSecret,
 		RefreshToken:      gothUser.RefreshToken,
 		ExpiresAt:         gothUser.ExpiresAt,
-	}, nil
+	}
 }
 
 // LinkAccountToUser link the gothUser to the user
-func LinkAccountToUser(ctx context.Context, user *user_model.User, gothUser goth.User) error {
-	externalLoginUser, err := toExternalLoginUser(ctx, user, gothUser)
-	if err != nil {
-		return err
-	}
+func LinkAccountToUser(ctx context.Context, authSourceID int64, user *user_model.User, gothUser goth.User) error {
+	externalLoginUser := toExternalLoginUser(authSourceID, user, gothUser)
 
 	if err := user_model.LinkExternalToUser(ctx, user, externalLoginUser); err != nil {
 		return err
@@ -72,12 +64,8 @@ func LinkAccountToUser(ctx context.Context, user *user_model.User, gothUser goth
 }
 
 // EnsureLinkExternalToUser link the gothUser to the user
-func EnsureLinkExternalToUser(ctx context.Context, user *user_model.User, gothUser goth.User) error {
-	externalLoginUser, err := toExternalLoginUser(ctx, user, gothUser)
-	if err != nil {
-		return err
-	}
-
+func EnsureLinkExternalToUser(ctx context.Context, authSourceID int64, user *user_model.User, gothUser goth.User) error {
+	externalLoginUser := toExternalLoginUser(authSourceID, user, gothUser)
 	return user_model.EnsureLinkExternalToUser(ctx, externalLoginUser)
 }
 
diff --git a/services/feed/feed.go b/services/feed/feed.go
index 214e9b5765..1dbd2e0e26 100644
--- a/services/feed/feed.go
+++ b/services/feed/feed.go
@@ -6,6 +6,7 @@ package feed
 import (
 	"context"
 	"fmt"
+	"strings"
 
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
@@ -13,15 +14,10 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 )
 
-func userFeedCacheKey(userID int64) string {
-	return fmt.Sprintf("user_feed_%d", userID)
-}
-
 func GetFeedsForDashboard(ctx context.Context, opts activities_model.GetFeedsOptions) (activities_model.ActionList, int, error) {
 	opts.DontCount = opts.RequestedTeam == nil && opts.Date == ""
 	results, cnt, err := activities_model.GetFeeds(ctx, opts)
@@ -39,7 +35,18 @@ func GetFeeds(ctx context.Context, opts activities_model.GetFeedsOptions) (activ
 // * Organization action: UserID=100 (the repo's org), ActUserID=1
 // * Watcher action: UserID=20 (a user who is watching a repo), ActUserID=1
 func notifyWatchers(ctx context.Context, act *activities_model.Action, watchers []*repo_model.Watch, permCode, permIssue, permPR []bool) error {
-	// Add feed for actioner.
+	// MySQL has TEXT length limit 65535.
+	// Sometimes the content is "field1|field2|field3", sometimes the content is JSON (ActionMirrorSyncPush, ActionCommitRepo, ActionPushTag, etc...)
+	if left, right := util.EllipsisDisplayStringX(act.Content, 65535); right != "" {
+		if strings.HasPrefix(act.Content, `{"`) && strings.HasSuffix(act.Content, `}`) {
+			// FIXME: at the moment we can do nothing if the content is JSON and it is too long
+			act.Content = "{}"
+		} else {
+			act.Content = left
+		}
+	}
+
+	// Add feed for actor.
 	act.UserID = act.ActUserID
 	if err := db.Insert(ctx, act); err != nil {
 		return fmt.Errorf("insert new actioner: %w", err)
@@ -75,24 +82,18 @@ func notifyWatchers(ctx context.Context, act *activities_model.Action, watchers
 			if !permPR[i] {
 				continue
 			}
+		default:
 		}
 
 		if err := db.Insert(ctx, act); err != nil {
 			return fmt.Errorf("insert new action: %w", err)
 		}
-
-		total, err := activities_model.CountUserFeeds(ctx, act.UserID)
-		if err != nil {
-			return fmt.Errorf("count user feeds: %w", err)
-		}
-
-		_ = cache.GetCache().Put(userFeedCacheKey(act.UserID), fmt.Sprintf("%d", total), setting.CacheService.TTLSeconds())
 	}
 
 	return nil
 }
 
-// NotifyWatchersActions creates batch of actions for every watcher.
+// NotifyWatchers creates batch of actions for every watcher.
 func NotifyWatchers(ctx context.Context, acts ...*activities_model.Action) error {
 	return db.WithTx(ctx, func(ctx context.Context) error {
 		if len(acts) == 0 {
diff --git a/services/feed/feed_test.go b/services/feed/feed_test.go
index 243bc046b0..705d42a2eb 100644
--- a/services/feed/feed_test.go
+++ b/services/feed/feed_test.go
@@ -30,7 +30,7 @@ func TestGetFeeds(t *testing.T) {
 	assert.NoError(t, err)
 	if assert.Len(t, actions, 1) {
 		assert.EqualValues(t, 1, actions[0].ID)
-		assert.EqualValues(t, user.ID, actions[0].UserID)
+		assert.Equal(t, user.ID, actions[0].UserID)
 	}
 	assert.Equal(t, int64(1), count)
 
@@ -107,7 +107,7 @@ func TestGetFeeds2(t *testing.T) {
 	assert.Len(t, actions, 1)
 	if assert.Len(t, actions, 1) {
 		assert.EqualValues(t, 2, actions[0].ID)
-		assert.EqualValues(t, org.ID, actions[0].UserID)
+		assert.Equal(t, org.ID, actions[0].UserID)
 	}
 	assert.Equal(t, int64(1), count)
 
@@ -147,7 +147,7 @@ func TestRepoActions(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
 	_ = db.TruncateBeans(db.DefaultContext, &activities_model.Action{})
-	for i := 0; i < 3; i++ {
+	for i := range 3 {
 		_ = db.Insert(db.DefaultContext, &activities_model.Action{
 			UserID:    2 + int64(i),
 			ActUserID: 2,
diff --git a/services/forms/auth_form.go b/services/forms/auth_form.go
index c9f3182b3a..886110236c 100644
--- a/services/forms/auth_form.go
+++ b/services/forms/auth_form.go
@@ -14,47 +14,58 @@ import (
 
 // AuthenticationForm form for authentication
 type AuthenticationForm struct {
-	ID                            int64
-	Type                          int    `binding:"Range(2,7)"`
-	Name                          string `binding:"Required;MaxSize(30)"`
-	Host                          string
-	Port                          int
-	BindDN                        string
-	BindPassword                  string
-	UserBase                      string
-	UserDN                        string
-	AttributeUsername             string
-	AttributeName                 string
-	AttributeSurname              string
-	AttributeMail                 string
-	AttributeSSHPublicKey         string
-	AttributeAvatar               string
-	AttributesInBind              bool
-	UsePagedSearch                bool
-	SearchPageSize                int
-	Filter                        string
-	AdminFilter                   string
-	GroupsEnabled                 bool
-	GroupDN                       string
-	GroupFilter                   string
-	GroupMemberUID                string
-	UserUID                       string
-	RestrictedFilter              string
-	AllowDeactivateAll            bool
-	IsActive                      bool
-	IsSyncEnabled                 bool
-	SMTPAuth                      string
-	SMTPHost                      string
-	SMTPPort                      int
-	AllowedDomains                string
-	SecurityProtocol              int `binding:"Range(0,2)"`
-	TLS                           bool
-	SkipVerify                    bool
-	HeloHostname                  string
-	DisableHelo                   bool
-	ForceSMTPS                    bool
-	PAMServiceName                string
-	PAMEmailDomain                string
+	ID              int64
+	Type            int    `binding:"Range(2,7)"`
+	Name            string `binding:"Required;MaxSize(30)"`
+	TwoFactorPolicy string
+	IsActive        bool
+	IsSyncEnabled   bool
+
+	// LDAP
+	Host                  string
+	Port                  int
+	BindDN                string
+	BindPassword          string
+	UserBase              string
+	UserDN                string
+	AttributeUsername     string
+	AttributeName         string
+	AttributeSurname      string
+	AttributeMail         string
+	AttributeSSHPublicKey string
+	AttributeAvatar       string
+	AttributesInBind      bool
+	UsePagedSearch        bool
+	SearchPageSize        int
+	Filter                string
+	AdminFilter           string
+	GroupsEnabled         bool
+	GroupDN               string
+	GroupFilter           string
+	GroupMemberUID        string
+	UserUID               string
+	RestrictedFilter      string
+	AllowDeactivateAll    bool
+	GroupTeamMap          string `binding:"ValidGroupTeamMap"`
+	GroupTeamMapRemoval   bool
+
+	// SMTP
+	SMTPAuth         string
+	SMTPHost         string
+	SMTPPort         int
+	AllowedDomains   string
+	SecurityProtocol int `binding:"Range(0,2)"`
+	TLS              bool
+	SkipVerify       bool
+	HeloHostname     string
+	DisableHelo      bool
+	ForceSMTPS       bool
+
+	// PAM
+	PAMServiceName string
+	PAMEmailDomain string
+
+	// Oauth2 & OIDC
 	Oauth2Provider                string
 	Oauth2Key                     string
 	Oauth2Secret                  string
@@ -74,14 +85,15 @@ type AuthenticationForm struct {
 	Oauth2RestrictedGroup         string
 	Oauth2GroupTeamMap            string `binding:"ValidGroupTeamMap"`
 	Oauth2GroupTeamMapRemoval     bool
-	SkipLocalTwoFA                bool
-	SSPIAutoCreateUsers           bool
-	SSPIAutoActivateUsers         bool
-	SSPIStripDomainNames          bool
-	SSPISeparatorReplacement      string `binding:"AlphaDashDot;MaxSize(5)"`
-	SSPIDefaultLanguage           string
-	GroupTeamMap                  string `binding:"ValidGroupTeamMap"`
-	GroupTeamMapRemoval           bool
+	Oauth2SSHPublicKeyClaimName   string
+	Oauth2FullNameClaimName       string
+
+	// SSPI
+	SSPIAutoCreateUsers      bool
+	SSPIAutoActivateUsers    bool
+	SSPIStripDomainNames     bool
+	SSPISeparatorReplacement string `binding:"AlphaDashDot;MaxSize(5)"`
+	SSPIDefaultLanguage      string
 }
 
 // Validate validates fields
diff --git a/services/forms/org.go b/services/forms/org.go
index db182f7e96..2ac18ef25c 100644
--- a/services/forms/org.go
+++ b/services/forms/org.go
@@ -36,7 +36,6 @@ func (f *CreateOrgForm) Validate(req *http.Request, errs binding.Errors) binding
 
 // UpdateOrgSettingForm form for updating organization settings
 type UpdateOrgSettingForm struct {
-	Name                      string `binding:"Required;Username;MaxSize(40)" locale:"org.org_name_holder"`
 	FullName                  string `binding:"MaxSize(100)"`
 	Email                     string `binding:"MaxSize(255)"`
 	Description               string `binding:"MaxSize(255)"`
@@ -53,6 +52,11 @@ func (f *UpdateOrgSettingForm) Validate(req *http.Request, errs binding.Errors)
 	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
+type RenameOrgForm struct {
+	OrgName    string `binding:"Required"`
+	NewOrgName string `binding:"Required;Username;MaxSize(40)" locale:"org.org_name_holder"`
+}
+
 // ___________
 // \__    ___/___ _____    _____
 //   |    |_/ __ \\__  \  /     \
diff --git a/services/forms/repo_form.go b/services/forms/repo_form.go
index 1366d30b1f..cb267f891c 100644
--- a/services/forms/repo_form.go
+++ b/services/forms/repo_form.go
@@ -10,7 +10,6 @@ import (
 
 	issues_model "code.gitea.io/gitea/models/issues"
 	project_model "code.gitea.io/gitea/models/project"
-	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
 	"code.gitea.io/gitea/services/context"
@@ -110,17 +109,14 @@ type RepoSettingForm struct {
 	EnablePrune            bool
 
 	// Advanced settings
-	EnableCode                bool
-	DefaultCodeEveryoneAccess string
+	EnableCode bool
 
-	EnableWiki                bool
-	EnableExternalWiki        bool
-	DefaultWikiBranch         string
-	DefaultWikiEveryoneAccess string
-	ExternalWikiURL           string
+	EnableWiki         bool
+	EnableExternalWiki bool
+	DefaultWikiBranch  string
+	ExternalWikiURL    string
 
 	EnableIssues                          bool
-	DefaultIssuesEveryoneAccess           string
 	EnableExternalTracker                 bool
 	ExternalTrackerURL                    string
 	TrackerURLFormat                      string
@@ -237,10 +233,12 @@ type WebhookForm struct {
 	Release                  bool
 	Package                  bool
 	Status                   bool
+	WorkflowRun              bool
 	WorkflowJob              bool
 	Active                   bool
 	BranchFilter             string `binding:"GlobPattern"`
 	AuthorizationHeader      string
+	Secret                   string
 }
 
 // PushOnly if the hook will be triggered when push
@@ -263,7 +261,6 @@ type NewWebhookForm struct {
 	PayloadURL  string `binding:"Required;ValidUrl"`
 	HTTPMethod  string `binding:"Required;In(POST,GET)"`
 	ContentType int    `binding:"Required"`
-	Secret      string
 	WebhookForm
 }
 
@@ -277,7 +274,6 @@ func (f *NewWebhookForm) Validate(req *http.Request, errs binding.Errors) bindin
 type NewGogshookForm struct {
 	PayloadURL  string `binding:"Required;ValidUrl"`
 	ContentType int    `binding:"Required"`
-	Secret      string
 	WebhookForm
 }
 
@@ -476,22 +472,6 @@ func (i *IssueLockForm) Validate(req *http.Request, errs binding.Errors) binding
 	return middleware.Validate(errs, ctx.Data, i, ctx.Locale)
 }
 
-// HasValidReason checks to make sure that the reason submitted in
-// the form matches any of the values in the config
-func (i IssueLockForm) HasValidReason() bool {
-	if strings.TrimSpace(i.Reason) == "" {
-		return true
-	}
-
-	for _, v := range setting.Repository.Issue.LockReasons {
-		if v == i.Reason {
-			return true
-		}
-	}
-
-	return false
-}
-
 // CreateProjectForm form for creating a project
 type CreateProjectForm struct {
 	Title        string `binding:"Required;MaxSize(100)"`
@@ -522,12 +502,13 @@ func (f *CreateMilestoneForm) Validate(req *http.Request, errs binding.Errors) b
 
 // CreateLabelForm form for creating label
 type CreateLabelForm struct {
-	ID          int64
-	Title       string `binding:"Required;MaxSize(50)" locale:"repo.issues.label_title"`
-	Exclusive   bool   `form:"exclusive"`
-	IsArchived  bool   `form:"is_archived"`
-	Description string `binding:"MaxSize(200)" locale:"repo.issues.label_description"`
-	Color       string `binding:"Required;MaxSize(7)" locale:"repo.issues.label_color"`
+	ID             int64
+	Title          string `binding:"Required;MaxSize(50)" locale:"repo.issues.label_title"`
+	Exclusive      bool   `form:"exclusive"`
+	ExclusiveOrder int    `form:"exclusive_order"`
+	IsArchived     bool   `form:"is_archived"`
+	Description    string `binding:"MaxSize(200)" locale:"repo.issues.label_description"`
+	Color          string `binding:"Required;MaxSize(7)" locale:"repo.issues.label_color"`
 }
 
 // Validate validates the fields
@@ -698,129 +679,6 @@ func (f *NewWikiForm) Validate(req *http.Request, errs binding.Errors) binding.E
 	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
-// ___________    .___.__  __
-// \_   _____/  __| _/|__|/  |_
-//  |    __)_  / __ | |  \   __\
-//  |        \/ /_/ | |  ||  |
-// /_______  /\____ | |__||__|
-//         \/      \/
-
-// EditRepoFileForm form for changing repository file
-type EditRepoFileForm struct {
-	TreePath      string `binding:"Required;MaxSize(500)"`
-	Content       string
-	CommitSummary string `binding:"MaxSize(100)"`
-	CommitMessage string
-	CommitChoice  string `binding:"Required;MaxSize(50)"`
-	NewBranchName string `binding:"GitRefName;MaxSize(100)"`
-	LastCommit    string
-	Signoff       bool
-	CommitEmail   string
-}
-
-// Validate validates the fields
-func (f *EditRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
-// EditPreviewDiffForm form for changing preview diff
-type EditPreviewDiffForm struct {
-	Content string
-}
-
-// Validate validates the fields
-func (f *EditPreviewDiffForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
-// _________ .__                                 __________.__        __
-// \_   ___ \|  |__   __________________ ___.__. \______   \__| ____ |  | __
-// /    \  \/|  |  \_/ __ \_  __ \_  __ <   |  |  |     ___/  |/ ___\|  |/ /
-// \     \___|   Y  \  ___/|  | \/|  | \/\___  |  |    |   |  \  \___|    <
-//  \______  /___|  /\___  >__|   |__|   / ____|  |____|   |__|\___  >__|_ \
-//         \/     \/     \/              \/                        \/     \/
-
-// CherryPickForm form for changing repository file
-type CherryPickForm struct {
-	CommitSummary string `binding:"MaxSize(100)"`
-	CommitMessage string
-	CommitChoice  string `binding:"Required;MaxSize(50)"`
-	NewBranchName string `binding:"GitRefName;MaxSize(100)"`
-	LastCommit    string
-	Revert        bool
-	Signoff       bool
-	CommitEmail   string
-}
-
-// Validate validates the fields
-func (f *CherryPickForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
-//  ____ ___        .__                    .___
-// |    |   \______ |  |   _________     __| _/
-// |    |   /\____ \|  |  /  _ \__  \   / __ |
-// |    |  / |  |_> >  |_(  <_> ) __ \_/ /_/ |
-// |______/  |   __/|____/\____(____  /\____ |
-//           |__|                   \/      \/
-//
-
-// UploadRepoFileForm form for uploading repository file
-type UploadRepoFileForm struct {
-	TreePath      string `binding:"MaxSize(500)"`
-	CommitSummary string `binding:"MaxSize(100)"`
-	CommitMessage string
-	CommitChoice  string `binding:"Required;MaxSize(50)"`
-	NewBranchName string `binding:"GitRefName;MaxSize(100)"`
-	Files         []string
-	Signoff       bool
-	CommitEmail   string
-}
-
-// Validate validates the fields
-func (f *UploadRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
-// RemoveUploadFileForm form for removing uploaded file
-type RemoveUploadFileForm struct {
-	File string `binding:"Required;MaxSize(50)"`
-}
-
-// Validate validates the fields
-func (f *RemoveUploadFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
-// ________         .__          __
-// \______ \   ____ |  |   _____/  |_  ____
-// |    |  \_/ __ \|  | _/ __ \   __\/ __ \
-// |    `   \  ___/|  |_\  ___/|  | \  ___/
-// /_______  /\___  >____/\___  >__|  \___  >
-//         \/     \/          \/          \/
-
-// DeleteRepoFileForm form for deleting repository file
-type DeleteRepoFileForm struct {
-	CommitSummary string `binding:"MaxSize(100)"`
-	CommitMessage string
-	CommitChoice  string `binding:"Required;MaxSize(50)"`
-	NewBranchName string `binding:"GitRefName;MaxSize(100)"`
-	LastCommit    string
-	Signoff       bool
-	CommitEmail   string
-}
-
-// Validate validates the fields
-func (f *DeleteRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
-	ctx := context.GetValidateContext(req)
-	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
-}
-
 // ___________.__                 ___________                     __
 // \__    ___/|__| _____   ____   \__    ___/___________    ____ |  | __ ___________
 // |    |   |  |/     \_/ __ \    |    |  \_  __ \__  \ _/ ___\|  |/ // __ \_  __ \
diff --git a/services/forms/repo_form_editor.go b/services/forms/repo_form_editor.go
new file mode 100644
index 0000000000..3ad2eae75d
--- /dev/null
+++ b/services/forms/repo_form_editor.go
@@ -0,0 +1,57 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package forms
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/context"
+
+	"gitea.com/go-chi/binding"
+)
+
+type CommitCommonForm struct {
+	TreePath      string `binding:"MaxSize(500)"`
+	CommitSummary string `binding:"MaxSize(100)"`
+	CommitMessage string
+	CommitChoice  string `binding:"Required;MaxSize(50)"`
+	NewBranchName string `binding:"GitRefName;MaxSize(100)"`
+	LastCommit    string
+	Signoff       bool
+	CommitEmail   string
+}
+
+func (f *CommitCommonForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
+	ctx := context.GetValidateContext(req)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
+}
+
+type CommitCommonFormInterface interface {
+	GetCommitCommonForm() *CommitCommonForm
+}
+
+func (f *CommitCommonForm) GetCommitCommonForm() *CommitCommonForm {
+	return f
+}
+
+type EditRepoFileForm struct {
+	CommitCommonForm
+	Content optional.Option[string]
+}
+
+type DeleteRepoFileForm struct {
+	CommitCommonForm
+}
+
+type UploadRepoFileForm struct {
+	CommitCommonForm
+	Files []string
+}
+
+type CherryPickForm struct {
+	CommitCommonForm
+	Revert bool
+}
diff --git a/services/forms/repo_form_test.go b/services/forms/repo_form_test.go
index 2c5a8e2c0f..a0c67fe0f8 100644
--- a/services/forms/repo_form_test.go
+++ b/services/forms/repo_form_test.go
@@ -6,8 +6,6 @@ package forms
 import (
 	"testing"
 
-	"code.gitea.io/gitea/modules/setting"
-
 	"github.com/stretchr/testify/assert"
 )
 
@@ -39,26 +37,3 @@ func TestSubmitReviewForm_IsEmpty(t *testing.T) {
 		assert.Equal(t, v.expected, v.form.HasEmptyContent())
 	}
 }
-
-func TestIssueLock_HasValidReason(t *testing.T) {
-	// Init settings
-	_ = setting.Repository
-
-	cases := []struct {
-		form     IssueLockForm
-		expected bool
-	}{
-		{IssueLockForm{""}, true}, // an empty reason is accepted
-		{IssueLockForm{"Off-topic"}, true},
-		{IssueLockForm{"Too heated"}, true},
-		{IssueLockForm{"Spam"}, true},
-		{IssueLockForm{"Resolved"}, true},
-
-		{IssueLockForm{"ZZZZ"}, false},
-		{IssueLockForm{"I want to lock this issue"}, false},
-	}
-
-	for _, v := range cases {
-		assert.Equal(t, v.expected, v.form.HasValidReason())
-	}
-}
diff --git a/services/forms/user_form_test.go b/services/forms/user_form_test.go
index b4120f20ed..09e9ec0f65 100644
--- a/services/forms/user_form_test.go
+++ b/services/forms/user_form_test.go
@@ -7,6 +7,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/gobwas/glob"
 	"github.com/stretchr/testify/assert"
@@ -26,12 +27,7 @@ func TestRegisterForm_IsDomainAllowed_Empty(t *testing.T) {
 }
 
 func TestRegisterForm_IsDomainAllowed_InvalidEmail(t *testing.T) {
-	oldService := setting.Service
-	defer func() {
-		setting.Service = oldService
-	}()
-
-	setting.Service.EmailDomainAllowList = []glob.Glob{glob.MustCompile("gitea.io")}
+	defer test.MockVariableValue(&setting.Service.EmailDomainAllowList, []glob.Glob{glob.MustCompile("gitea.io")})()
 
 	tt := []struct {
 		email string
@@ -48,12 +44,7 @@ func TestRegisterForm_IsDomainAllowed_InvalidEmail(t *testing.T) {
 }
 
 func TestRegisterForm_IsDomainAllowed_AllowedEmail(t *testing.T) {
-	oldService := setting.Service
-	defer func() {
-		setting.Service = oldService
-	}()
-
-	setting.Service.EmailDomainAllowList = []glob.Glob{glob.MustCompile("gitea.io"), glob.MustCompile("*.allow")}
+	defer test.MockVariableValue(&setting.Service.EmailDomainAllowList, []glob.Glob{glob.MustCompile("gitea.io"), glob.MustCompile("*.allow")})()
 
 	tt := []struct {
 		email string
@@ -76,13 +67,7 @@ func TestRegisterForm_IsDomainAllowed_AllowedEmail(t *testing.T) {
 }
 
 func TestRegisterForm_IsDomainAllowed_BlockedEmail(t *testing.T) {
-	oldService := setting.Service
-	defer func() {
-		setting.Service = oldService
-	}()
-
-	setting.Service.EmailDomainAllowList = nil
-	setting.Service.EmailDomainBlockList = []glob.Glob{glob.MustCompile("gitea.io"), glob.MustCompile("*.block")}
+	defer test.MockVariableValue(&setting.Service.EmailDomainBlockList, []glob.Glob{glob.MustCompile("gitea.io"), glob.MustCompile("*.block")})()
 
 	tt := []struct {
 		email string
diff --git a/services/git/commit.go b/services/git/commit.go
index 8ab8f3d369..e4755ef93d 100644
--- a/services/git/commit.go
+++ b/services/git/commit.go
@@ -17,7 +17,7 @@ import (
 )
 
 // ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys.
-func ParseCommitsWithSignature(ctx context.Context, oldCommits []*user_model.UserCommit, repoTrustModel repo_model.TrustModelType, isOwnerMemberCollaborator func(*user_model.User) (bool, error)) ([]*asymkey_model.SignCommit, error) {
+func ParseCommitsWithSignature(ctx context.Context, repo *repo_model.Repository, oldCommits []*user_model.UserCommit, repoTrustModel repo_model.TrustModelType) ([]*asymkey_model.SignCommit, error) {
 	newCommits := make([]*asymkey_model.SignCommit, 0, len(oldCommits))
 	keyMap := map[string]bool{}
 
@@ -34,17 +34,14 @@ func ParseCommitsWithSignature(ctx context.Context, oldCommits []*user_model.Use
 	}
 
 	for _, c := range oldCommits {
-		committer, ok := emailUsers[c.Committer.Email]
-		if !ok && c.Committer != nil {
-			committer = &user_model.User{
-				Name:  c.Committer.Name,
-				Email: c.Committer.Email,
-			}
-		}
-
+		committerUser := emailUsers.GetByEmail(c.Committer.Email) // FIXME: why ValidateCommitsWithEmails uses "Author", but ParseCommitsWithSignature uses "Committer"?
 		signCommit := &asymkey_model.SignCommit{
 			UserCommit:   c,
-			Verification: asymkey_service.ParseCommitWithSignatureCommitter(ctx, c.Commit, committer),
+			Verification: asymkey_service.ParseCommitWithSignatureCommitter(ctx, c.Commit, committerUser),
+		}
+
+		isOwnerMemberCollaborator := func(user *user_model.User) (bool, error) {
+			return repo_model.IsOwnerMemberCollaborator(ctx, repo, user.ID)
 		}
 
 		_ = asymkey_model.CalculateTrustStatus(signCommit.Verification, repoTrustModel, isOwnerMemberCollaborator, &keyMap)
@@ -62,11 +59,9 @@ func ConvertFromGitCommit(ctx context.Context, commits []*git.Commit, repo *repo
 	}
 	signedCommits, err := ParseCommitsWithSignature(
 		ctx,
+		repo,
 		validatedCommits,
 		repo.GetTrustModel(),
-		func(user *user_model.User) (bool, error) {
-			return repo_model.IsOwnerMemberCollaborator(ctx, repo, user.ID)
-		},
 	)
 	if err != nil {
 		return nil, err
@@ -82,7 +77,7 @@ func ParseCommitsWithStatus(ctx context.Context, oldCommits []*asymkey_model.Sig
 		commit := &git_model.SignCommitWithStatuses{
 			SignCommit: c,
 		}
-		statuses, _, err := git_model.GetLatestCommitStatus(ctx, repo.ID, commit.ID.String(), db.ListOptions{})
+		statuses, err := git_model.GetLatestCommitStatus(ctx, repo.ID, commit.ID.String(), db.ListOptionsAll)
 		if err != nil {
 			return nil, err
 		}
diff --git a/services/gitdiff/csv.go b/services/gitdiff/csv.go
index 8db73c56a3..c10ee14490 100644
--- a/services/gitdiff/csv.go
+++ b/services/gitdiff/csv.go
@@ -134,7 +134,7 @@ func createCsvDiffSingle(reader *csv.Reader, celltype TableDiffCellType) ([]*Tab
 			return nil, err
 		}
 		cells := make([]*TableDiffCell, len(row))
-		for j := 0; j < len(row); j++ {
+		for j := range row {
 			if celltype == TableDiffCellDel {
 				cells[j] = &TableDiffCell{LeftCell: row[j], Type: celltype}
 			} else {
@@ -365,11 +365,11 @@ func getColumnMapping(baseCSVReader, headCSVReader *csvReader) ([]int, []int) {
 	}
 
 	// Loops through the baseRow and see if there is a match in the head row
-	for i := 0; i < len(baseRow); i++ {
+	for i := range baseRow {
 		base2HeadColMap[i] = unmappedColumn
 		baseCell, err := getCell(baseRow, i)
 		if err == nil {
-			for j := 0; j < len(headRow); j++ {
+			for j := range headRow {
 				if head2BaseColMap[j] == -1 {
 					headCell, err := getCell(headRow, j)
 					if err == nil && baseCell == headCell {
@@ -390,7 +390,7 @@ func getColumnMapping(baseCSVReader, headCSVReader *csvReader) ([]int, []int) {
 
 // tryMapColumnsByContent tries to map missing columns by the content of the first lines.
 func tryMapColumnsByContent(baseCSVReader *csvReader, base2HeadColMap []int, headCSVReader *csvReader, head2BaseColMap []int) {
-	for i := 0; i < len(base2HeadColMap); i++ {
+	for i := range base2HeadColMap {
 		headStart := 0
 		for base2HeadColMap[i] == unmappedColumn && headStart < len(head2BaseColMap) {
 			if head2BaseColMap[headStart] == unmappedColumn {
@@ -424,7 +424,7 @@ func getCell(row []string, column int) (string, error) {
 // countUnmappedColumns returns the count of unmapped columns.
 func countUnmappedColumns(mapping []int) int {
 	count := 0
-	for i := 0; i < len(mapping); i++ {
+	for i := range mapping {
 		if mapping[i] == unmappedColumn {
 			count++
 		}
diff --git a/services/gitdiff/git_diff_tree.go b/services/gitdiff/git_diff_tree.go
index 035210a31d..ed94bfbfe4 100644
--- a/services/gitdiff/git_diff_tree.go
+++ b/services/gitdiff/git_diff_tree.go
@@ -6,6 +6,7 @@ package gitdiff
 import (
 	"bufio"
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"strconv"
@@ -71,7 +72,7 @@ func runGitDiffTree(ctx context.Context, gitRepo *git.Repository, useMergeBase b
 func validateGitDiffTreeArguments(gitRepo *git.Repository, useMergeBase bool, baseSha, headSha string) (shouldUseMergeBase bool, resolvedBaseSha, resolvedHeadSha string, err error) {
 	// if the head is empty its an error
 	if headSha == "" {
-		return false, "", "", fmt.Errorf("headSha is empty")
+		return false, "", "", errors.New("headSha is empty")
 	}
 
 	// if the head commit doesn't exist its and error
@@ -207,7 +208,7 @@ func parseGitDiffTreeLine(line string) (*DiffTreeRecord, error) {
 
 func statusFromLetter(rawStatus string) (status string, score uint8, err error) {
 	if len(rawStatus) < 1 {
-		return "", 0, fmt.Errorf("empty status letter")
+		return "", 0, errors.New("empty status letter")
 	}
 	switch rawStatus[0] {
 	case 'A':
@@ -235,7 +236,7 @@ func statusFromLetter(rawStatus string) (status string, score uint8, err error)
 
 func tryParseStatusScore(rawStatus string) (uint8, error) {
 	if len(rawStatus) < 2 {
-		return 0, fmt.Errorf("status score missing")
+		return 0, errors.New("status score missing")
 	}
 
 	score, err := strconv.ParseUint(rawStatus[1:], 10, 8)
diff --git a/services/gitdiff/gitdiff.go b/services/gitdiff/gitdiff.go
index b9781cf8d0..7c99e049d5 100644
--- a/services/gitdiff/gitdiff.go
+++ b/services/gitdiff/gitdiff.go
@@ -25,6 +25,7 @@ import (
 	"code.gitea.io/gitea/modules/analyze"
 	"code.gitea.io/gitea/modules/charset"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/highlight"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
@@ -178,7 +179,7 @@ func (d *DiffLine) GetExpandDirection() DiffLineExpandDirection {
 }
 
 func getDiffLineSectionInfo(treePath, line string, lastLeftIdx, lastRightIdx int) *DiffLineSectionInfo {
-	leftLine, leftHunk, rightLine, righHunk := git.ParseDiffHunkString(line)
+	leftLine, leftHunk, rightLine, rightHunk := git.ParseDiffHunkString(line)
 
 	return &DiffLineSectionInfo{
 		Path:          treePath,
@@ -187,7 +188,7 @@ func getDiffLineSectionInfo(treePath, line string, lastLeftIdx, lastRightIdx int
 		LeftIdx:       leftLine,
 		RightIdx:      rightLine,
 		LeftHunkSize:  leftHunk,
-		RightHunkSize: righHunk,
+		RightHunkSize: rightHunk,
 	}
 }
 
@@ -213,51 +214,6 @@ func (diffSection *DiffSection) GetLine(idx int) *DiffLine {
 	return diffSection.Lines[idx]
 }
 
-// GetLine gets a specific line by type (add or del) and file line number
-// This algorithm is not quite right.
-// Actually now we have "Match" field, it is always right, so use it instead in new GetLine
-func (diffSection *DiffSection) getLineLegacy(lineType DiffLineType, idx int) *DiffLine { //nolint:unused
-	var (
-		difference    = 0
-		addCount      = 0
-		delCount      = 0
-		matchDiffLine *DiffLine
-	)
-
-LOOP:
-	for _, diffLine := range diffSection.Lines {
-		switch diffLine.Type {
-		case DiffLineAdd:
-			addCount++
-		case DiffLineDel:
-			delCount++
-		default:
-			if matchDiffLine != nil {
-				break LOOP
-			}
-			difference = diffLine.RightIdx - diffLine.LeftIdx
-			addCount = 0
-			delCount = 0
-		}
-
-		switch lineType {
-		case DiffLineDel:
-			if diffLine.RightIdx == 0 && diffLine.LeftIdx == idx-difference {
-				matchDiffLine = diffLine
-			}
-		case DiffLineAdd:
-			if diffLine.LeftIdx == 0 && diffLine.RightIdx == idx+difference {
-				matchDiffLine = diffLine
-			}
-		}
-	}
-
-	if addCount == delCount {
-		return matchDiffLine
-	}
-	return nil
-}
-
 func defaultDiffMatchPatch() *diffmatchpatch.DiffMatchPatch {
 	dmp := diffmatchpatch.New()
 	dmp.DiffEditCost = 100
@@ -334,7 +290,7 @@ func (diffSection *DiffSection) GetComputedInlineDiffFor(diffLine *DiffLine, loc
 	// try to find equivalent diff line. ignore, otherwise
 	switch diffLine.Type {
 	case DiffLineSection:
-		return getLineContent(diffLine.Content[1:], locale)
+		return getLineContent(diffLine.Content, locale)
 	case DiffLineAdd:
 		compareDiffLine := diffSection.GetLine(diffLine.Match)
 		return diffSection.getDiffLineForRender(DiffLineAdd, compareDiffLine, diffLine, locale)
@@ -539,10 +495,7 @@ func ParsePatch(ctx context.Context, maxLines, maxLineCharacters, maxFiles int,
 
 	// OK let's set a reasonable buffer size.
 	// This should be at least the size of maxLineCharacters or 4096 whichever is larger.
-	readerSize := maxLineCharacters
-	if readerSize < 4096 {
-		readerSize = 4096
-	}
+	readerSize := max(maxLineCharacters, 4096)
 
 	input := bufio.NewReaderSize(reader, readerSize)
 	line, err := input.ReadString('\n')
@@ -903,6 +856,7 @@ func parseHunks(ctx context.Context, curFile *DiffFile, maxLines, maxLineCharact
 			lastLeftIdx = -1
 			curFile.Sections = append(curFile.Sections, curSection)
 
+			// FIXME: the "-1" can't be right, these "line idx" are all 1-based, maybe there are other bugs that covers this bug.
 			lineSectionInfo := getDiffLineSectionInfo(curFile.Name, line, leftLine-1, rightLine-1)
 			diffLine := &DiffLine{
 				Type:        DiffLineSection,
@@ -1231,36 +1185,35 @@ func GetDiffForAPI(ctx context.Context, gitRepo *git.Repository, opts *DiffOptio
 	return diff, err
 }
 
-func GetDiffForRender(ctx context.Context, gitRepo *git.Repository, opts *DiffOptions, files ...string) (*Diff, error) {
+func GetDiffForRender(ctx context.Context, repoLink string, gitRepo *git.Repository, opts *DiffOptions, files ...string) (*Diff, error) {
 	diff, beforeCommit, afterCommit, err := getDiffBasic(ctx, gitRepo, opts, files...)
 	if err != nil {
 		return nil, err
 	}
 
-	checker, deferrable := gitRepo.CheckAttributeReader(opts.AfterCommitID)
-	defer deferrable()
+	checker, err := attribute.NewBatchChecker(gitRepo, opts.AfterCommitID, []string{attribute.LinguistVendored, attribute.LinguistGenerated, attribute.LinguistLanguage, attribute.GitlabLanguage, attribute.Diff})
+	if err != nil {
+		return nil, err
+	}
+	defer checker.Close()
 
 	for _, diffFile := range diff.Files {
 		isVendored := optional.None[bool]()
 		isGenerated := optional.None[bool]()
-		if checker != nil {
-			attrs, err := checker.CheckPath(diffFile.Name)
-			if err == nil {
-				isVendored = git.AttributeToBool(attrs, git.AttributeLinguistVendored)
-				isGenerated = git.AttributeToBool(attrs, git.AttributeLinguistGenerated)
-
-				language := git.TryReadLanguageAttribute(attrs)
-				if language.Has() {
-					diffFile.Language = language.Value()
-				}
-			} else {
-				checker = nil // CheckPath fails, it's not impossible to "check" anymore
+		attrDiff := optional.None[string]()
+		attrs, err := checker.CheckPath(diffFile.Name)
+		if err == nil {
+			isVendored, isGenerated = attrs.GetVendored(), attrs.GetGenerated()
+			language := attrs.GetLanguage()
+			if language.Has() {
+				diffFile.Language = language.Value()
 			}
+			attrDiff = attrs.Get(attribute.Diff).ToString()
 		}
 
 		// Populate Submodule URLs
 		if diffFile.SubmoduleDiffInfo != nil {
-			diffFile.SubmoduleDiffInfo.PopulateURL(diffFile, beforeCommit, afterCommit)
+			diffFile.SubmoduleDiffInfo.PopulateURL(repoLink, diffFile, beforeCommit, afterCommit)
 		}
 
 		if !isVendored.Has() {
@@ -1277,7 +1230,8 @@ func GetDiffForRender(ctx context.Context, gitRepo *git.Repository, opts *DiffOp
 			diffFile.Sections = append(diffFile.Sections, tailSection)
 		}
 
-		if !setting.Git.DisableDiffHighlight {
+		shouldFullFileHighlight := !setting.Git.DisableDiffHighlight && attrDiff.Value() == ""
+		if shouldFullFileHighlight {
 			if limitedContent.LeftContent != nil && limitedContent.LeftContent.buf.Len() < MaxDiffHighlightEntireFileSize {
 				diffFile.highlightedLeftLines = highlightCodeLines(diffFile, true /* left */, limitedContent.LeftContent.buf.String())
 			}
@@ -1339,10 +1293,13 @@ func GetDiffShortStat(gitRepo *git.Repository, beforeCommitID, afterCommitID str
 
 // SyncUserSpecificDiff inserts user-specific data such as which files the user has already viewed on the given diff
 // Additionally, the database is updated asynchronously if files have changed since the last review
-func SyncUserSpecificDiff(ctx context.Context, userID int64, pull *issues_model.PullRequest, gitRepo *git.Repository, diff *Diff, opts *DiffOptions, files ...string) error {
+func SyncUserSpecificDiff(ctx context.Context, userID int64, pull *issues_model.PullRequest, gitRepo *git.Repository, diff *Diff, opts *DiffOptions) (*pull_model.ReviewState, error) {
 	review, err := pull_model.GetNewestReviewState(ctx, userID, pull.ID)
-	if err != nil || review == nil || review.UpdatedFiles == nil {
-		return err
+	if err != nil {
+		return nil, err
+	}
+	if review == nil || len(review.UpdatedFiles) == 0 {
+		return review, nil
 	}
 
 	latestCommit := opts.AfterCommitID
@@ -1350,13 +1307,13 @@ func SyncUserSpecificDiff(ctx context.Context, userID int64, pull *issues_model.
 		latestCommit = pull.HeadBranch // opts.AfterCommitID is preferred because it handles PRs from forks correctly and the branch name doesn't
 	}
 
-	changedFiles, err := gitRepo.GetFilesChangedBetween(review.CommitSHA, latestCommit)
+	changedFiles, errIgnored := gitRepo.GetFilesChangedBetween(review.CommitSHA, latestCommit)
 	// There are way too many possible errors.
 	// Examples are various git errors such as the commit the review was based on was gc'ed and hence doesn't exist anymore as well as unrecoverable errors where we should serve a 500 response
 	// Due to the current architecture and physical limitation of needing to compare explicit error messages, we can only choose one approach without the code getting ugly
 	// For SOME of the errors such as the gc'ed commit, it would be best to mark all files as changed
 	// But as that does not work for all potential errors, we simply mark all files as unchanged and drop the error which always works, even if not as good as possible
-	if err != nil {
+	if errIgnored != nil {
 		log.Error("Could not get changed files between %s and %s for pull request %d in repo with path %s. Assuming no changes. Error: %w", review.CommitSHA, latestCommit, pull.Index, gitRepo.Path, err)
 	}
 
@@ -1395,11 +1352,11 @@ outer:
 		err := pull_model.UpdateReviewState(ctx, review.UserID, review.PullID, review.CommitSHA, filesChangedSinceLastDiff)
 		if err != nil {
 			log.Warn("Could not update review for user %d, pull %d, commit %s and the changed files %v: %v", review.UserID, review.PullID, review.CommitSHA, filesChangedSinceLastDiff, err)
-			return err
+			return nil, err
 		}
 	}
 
-	return nil
+	return review, nil
 }
 
 // CommentAsDiff returns c.Patch as *Diff
diff --git a/services/gitdiff/gitdiff_test.go b/services/gitdiff/gitdiff_test.go
index 71394b1915..b84530043a 100644
--- a/services/gitdiff/gitdiff_test.go
+++ b/services/gitdiff/gitdiff_test.go
@@ -416,7 +416,7 @@ index 0000000..6bb8f39
 `
 	diffBuilder.WriteString(diff)
 
-	for i := 0; i < 35; i++ {
+	for i := range 35 {
 		diffBuilder.WriteString("+line" + strconv.Itoa(i) + "\n")
 	}
 	diff = diffBuilder.String()
@@ -453,11 +453,11 @@ index 0000000..6bb8f39
 	diffBuilder.Reset()
 	diffBuilder.WriteString(diff)
 
-	for i := 0; i < 33; i++ {
+	for i := range 33 {
 		diffBuilder.WriteString("+line" + strconv.Itoa(i) + "\n")
 	}
 	diffBuilder.WriteString("+line33")
-	for i := 0; i < 512; i++ {
+	for range 512 {
 		diffBuilder.WriteString("0123456789ABCDEF")
 	}
 	diffBuilder.WriteByte('\n')
diff --git a/services/gitdiff/highlightdiff.go b/services/gitdiff/highlightdiff.go
index 6e18651d83..e8be063e69 100644
--- a/services/gitdiff/highlightdiff.go
+++ b/services/gitdiff/highlightdiff.go
@@ -14,13 +14,14 @@ import (
 // token is a html tag or entity, eg: "<span ...>", "</span>", "&lt;"
 func extractHTMLToken(s string) (before, token, after string, valid bool) {
 	for pos1 := 0; pos1 < len(s); pos1++ {
-		if s[pos1] == '<' {
+		switch s[pos1] {
+		case '<':
 			pos2 := strings.IndexByte(s[pos1:], '>')
 			if pos2 == -1 {
 				return "", "", s, false
 			}
 			return s[:pos1], s[pos1 : pos1+pos2+1], s[pos1+pos2+1:], true
-		} else if s[pos1] == '&' {
+		case '&':
 			pos2 := strings.IndexByte(s[pos1:], ';')
 			if pos2 == -1 {
 				return "", "", s, false
diff --git a/services/gitdiff/highlightdiff_test.go b/services/gitdiff/highlightdiff_test.go
index c2584dc622..aebe38ae7c 100644
--- a/services/gitdiff/highlightdiff_test.go
+++ b/services/gitdiff/highlightdiff_test.go
@@ -38,15 +38,15 @@ func TestDiffWithHighlight(t *testing.T) {
 		hcd.placeholderTokenMap['O'], hcd.placeholderTokenMap['C'] = "<span>", "</span>"
 		assert.Equal(t, "<span></span>", string(hcd.recoverOneDiff("OC")))
 		assert.Equal(t, "<span></span>", string(hcd.recoverOneDiff("O")))
-		assert.Equal(t, "", string(hcd.recoverOneDiff("C")))
+		assert.Empty(t, string(hcd.recoverOneDiff("C")))
 	})
 }
 
 func TestDiffWithHighlightPlaceholder(t *testing.T) {
 	hcd := newHighlightCodeDiff()
 	output := hcd.diffLineWithHighlight(DiffLineDel, "a='\U00100000'", "a='\U0010FFFD''")
-	assert.Equal(t, "", hcd.placeholderTokenMap[0x00100000])
-	assert.Equal(t, "", hcd.placeholderTokenMap[0x0010FFFD])
+	assert.Empty(t, hcd.placeholderTokenMap[0x00100000])
+	assert.Empty(t, hcd.placeholderTokenMap[0x0010FFFD])
 	expected := fmt.Sprintf(`a='<span class="removed-code">%s</span>'`, "\U00100000")
 	assert.Equal(t, expected, string(output))
 
diff --git a/services/gitdiff/submodule.go b/services/gitdiff/submodule.go
index 02ca666544..4347743e3d 100644
--- a/services/gitdiff/submodule.go
+++ b/services/gitdiff/submodule.go
@@ -20,7 +20,7 @@ type SubmoduleDiffInfo struct {
 	PreviousRefID string
 }
 
-func (si *SubmoduleDiffInfo) PopulateURL(diffFile *DiffFile, leftCommit, rightCommit *git.Commit) {
+func (si *SubmoduleDiffInfo) PopulateURL(repoLink string, diffFile *DiffFile, leftCommit, rightCommit *git.Commit) {
 	si.SubmoduleName = diffFile.Name
 	submoduleCommit := rightCommit // If the submodule is added or updated, check at the right commit
 	if diffFile.IsDeleted {
@@ -30,18 +30,19 @@ func (si *SubmoduleDiffInfo) PopulateURL(diffFile *DiffFile, leftCommit, rightCo
 		return
 	}
 
-	submodule, err := submoduleCommit.GetSubModule(diffFile.GetDiffFileName())
+	submoduleFullPath := diffFile.GetDiffFileName()
+	submodule, err := submoduleCommit.GetSubModule(submoduleFullPath)
 	if err != nil {
-		log.Error("Unable to PopulateURL for submodule %q: GetSubModule: %v", diffFile.GetDiffFileName(), err)
+		log.Error("Unable to PopulateURL for submodule %q: GetSubModule: %v", submoduleFullPath, err)
 		return // ignore the error, do not cause 500 errors for end users
 	}
 	if submodule != nil {
-		si.SubmoduleFile = git.NewCommitSubmoduleFile(submodule.URL, submoduleCommit.ID.String())
+		si.SubmoduleFile = git.NewCommitSubmoduleFile(repoLink, submoduleFullPath, submodule.URL, submoduleCommit.ID.String())
 	}
 }
 
 func (si *SubmoduleDiffInfo) CommitRefIDLinkHTML(ctx context.Context, commitID string) template.HTML {
-	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx, commitID)
+	webLink := si.SubmoduleFile.SubmoduleWebLinkTree(ctx, commitID)
 	if webLink == nil {
 		return htmlutil.HTMLFormat("%s", base.ShortSha(commitID))
 	}
@@ -49,7 +50,7 @@ func (si *SubmoduleDiffInfo) CommitRefIDLinkHTML(ctx context.Context, commitID s
 }
 
 func (si *SubmoduleDiffInfo) CompareRefIDLinkHTML(ctx context.Context) template.HTML {
-	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx, si.PreviousRefID, si.NewRefID)
+	webLink := si.SubmoduleFile.SubmoduleWebLinkCompare(ctx, si.PreviousRefID, si.NewRefID)
 	if webLink == nil {
 		return htmlutil.HTMLFormat("%s...%s", base.ShortSha(si.PreviousRefID), base.ShortSha(si.NewRefID))
 	}
@@ -57,7 +58,7 @@ func (si *SubmoduleDiffInfo) CompareRefIDLinkHTML(ctx context.Context) template.
 }
 
 func (si *SubmoduleDiffInfo) SubmoduleRepoLinkHTML(ctx context.Context) template.HTML {
-	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx)
+	webLink := si.SubmoduleFile.SubmoduleWebLinkTree(ctx)
 	if webLink == nil {
 		return htmlutil.HTMLFormat("%s", si.SubmoduleName)
 	}
diff --git a/services/gitdiff/submodule_test.go b/services/gitdiff/submodule_test.go
index 3047b23103..c793969f0e 100644
--- a/services/gitdiff/submodule_test.go
+++ b/services/gitdiff/submodule_test.go
@@ -203,7 +203,6 @@ index 0000000..68972a9
 	}
 
 	for _, testcase := range tests {
-		testcase := testcase
 		t.Run(testcase.name, func(t *testing.T) {
 			diff, err := ParsePatch(db.DefaultContext, setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, strings.NewReader(testcase.gitdiff), "")
 			assert.NoError(t, err)
@@ -228,7 +227,7 @@ func TestSubmoduleInfo(t *testing.T) {
 	assert.EqualValues(t, "aaaa...bbbb", sdi.CompareRefIDLinkHTML(ctx))
 	assert.EqualValues(t, "name", sdi.SubmoduleRepoLinkHTML(ctx))
 
-	sdi.SubmoduleFile = git.NewCommitSubmoduleFile("https://github.com/owner/repo", "1234")
+	sdi.SubmoduleFile = git.NewCommitSubmoduleFile("/any/repo-link", "fullpath", "https://github.com/owner/repo", "1234")
 	assert.EqualValues(t, `<a href="https://github.com/owner/repo/tree/1111">1111</a>`, sdi.CommitRefIDLinkHTML(ctx, "1111"))
 	assert.EqualValues(t, `<a href="https://github.com/owner/repo/compare/aaaa...bbbb">aaaa...bbbb</a>`, sdi.CompareRefIDLinkHTML(ctx))
 	assert.EqualValues(t, `<a href="https://github.com/owner/repo">name</a>`, sdi.SubmoduleRepoLinkHTML(ctx))
diff --git a/services/issue/assignee.go b/services/issue/assignee.go
index c7e2495568..ba9c91e0ed 100644
--- a/services/issue/assignee.go
+++ b/services/issue/assignee.go
@@ -54,6 +54,8 @@ func ToggleAssigneeWithNotify(ctx context.Context, issue *issues_model.Issue, do
 	if err != nil {
 		return false, nil, err
 	}
+	issue.AssigneeID = assigneeID
+	issue.Assignee = assignee
 
 	notify_service.IssueChangeAssignee(ctx, doer, issue, assignee, removed, comment)
 
@@ -302,7 +304,7 @@ func CanDoerChangeReviewRequests(ctx context.Context, doer *user_model.User, rep
 
 	// If the repo's owner is an organization, members of teams with read permission on pull requests can change reviewers
 	if repo.Owner.IsOrganization() {
-		teams, err := organization.GetTeamsWithAccessToRepo(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead)
+		teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead, unit.TypePullRequests)
 		if err != nil {
 			log.Error("GetTeamsWithAccessToRepo: %v", err)
 			return false
diff --git a/services/issue/comments.go b/services/issue/comments.go
index 46f92f7cd2..10c81198d5 100644
--- a/services/issue/comments.go
+++ b/services/issue/comments.go
@@ -5,6 +5,7 @@ package issue
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/models/db"
@@ -22,7 +23,7 @@ import (
 // CreateRefComment creates a commit reference comment to issue.
 func CreateRefComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content, commitSHA string) error {
 	if len(commitSHA) == 0 {
-		return fmt.Errorf("cannot create reference with empty commit SHA")
+		return errors.New("cannot create reference with empty commit SHA")
 	}
 
 	if user_model.IsUserBlockedBy(ctx, doer, issue.PosterID, repo.OwnerID) {
diff --git a/services/issue/issue.go b/services/issue/issue.go
index 455a1ec297..f03be3e18f 100644
--- a/services/issue/issue.go
+++ b/services/issue/issue.go
@@ -190,13 +190,17 @@ func DeleteIssue(ctx context.Context, doer *user_model.User, gitRepo *git.Reposi
 	}
 
 	// delete entries in database
-	if err := deleteIssue(ctx, issue); err != nil {
+	attachmentPaths, err := deleteIssue(ctx, issue)
+	if err != nil {
 		return err
 	}
+	for _, attachmentPath := range attachmentPaths {
+		system_model.RemoveStorageWithNotice(ctx, storage.Attachments, "Delete issue attachment", attachmentPath)
+	}
 
 	// delete pull request related git data
 	if issue.IsPull && gitRepo != nil {
-		if err := gitRepo.RemoveReference(fmt.Sprintf("%s%d/head", git.PullPrefix, issue.PullRequest.Index)); err != nil {
+		if err := gitRepo.RemoveReference(issue.PullRequest.GetGitHeadRefName()); err != nil {
 			return err
 		}
 	}
@@ -256,45 +260,45 @@ func GetRefEndNamesAndURLs(issues []*issues_model.Issue, repoLink string) (map[i
 }
 
 // deleteIssue deletes the issue
-func deleteIssue(ctx context.Context, issue *issues_model.Issue) error {
+func deleteIssue(ctx context.Context, issue *issues_model.Issue) ([]string, error) {
 	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	defer committer.Close()
 
-	e := db.GetEngine(ctx)
-	if _, err := e.ID(issue.ID).NoAutoCondition().Delete(issue); err != nil {
-		return err
+	if _, err := db.GetEngine(ctx).ID(issue.ID).NoAutoCondition().Delete(issue); err != nil {
+		return nil, err
 	}
 
 	// update the total issue numbers
 	if err := repo_model.UpdateRepoIssueNumbers(ctx, issue.RepoID, issue.IsPull, false); err != nil {
-		return err
+		return nil, err
 	}
 	// if the issue is closed, update the closed issue numbers
 	if issue.IsClosed {
 		if err := repo_model.UpdateRepoIssueNumbers(ctx, issue.RepoID, issue.IsPull, true); err != nil {
-			return err
+			return nil, err
 		}
 	}
 
 	if err := issues_model.UpdateMilestoneCounters(ctx, issue.MilestoneID); err != nil {
-		return fmt.Errorf("error updating counters for milestone id %d: %w",
+		return nil, fmt.Errorf("error updating counters for milestone id %d: %w",
 			issue.MilestoneID, err)
 	}
 
 	if err := activities_model.DeleteIssueActions(ctx, issue.RepoID, issue.ID, issue.Index); err != nil {
-		return err
+		return nil, err
 	}
 
 	// find attachments related to this issue and remove them
-	if err := issue.LoadAttributes(ctx); err != nil {
-		return err
+	if err := issue.LoadAttachments(ctx); err != nil {
+		return nil, err
 	}
 
+	var attachmentPaths []string
 	for i := range issue.Attachments {
-		system_model.RemoveStorageWithNotice(ctx, storage.Attachments, "Delete issue attachment", issue.Attachments[i].RelativePath())
+		attachmentPaths = append(attachmentPaths, issue.Attachments[i].RelativePath())
 	}
 
 	// delete all database data still assigned to this issue
@@ -318,8 +322,68 @@ func deleteIssue(ctx context.Context, issue *issues_model.Issue) error {
 		&issues_model.Comment{DependentIssueID: issue.ID},
 		&issues_model.IssuePin{IssueID: issue.ID},
 	); err != nil {
+		return nil, err
+	}
+
+	if err := committer.Commit(); err != nil {
+		return nil, err
+	}
+	return attachmentPaths, nil
+}
+
+// DeleteOrphanedIssues delete issues without a repo
+func DeleteOrphanedIssues(ctx context.Context) error {
+	var attachmentPaths []string
+	err := db.WithTx(ctx, func(ctx context.Context) error {
+		repoIDs, err := issues_model.GetOrphanedIssueRepoIDs(ctx)
+		if err != nil {
+			return err
+		}
+		for i := range repoIDs {
+			paths, err := DeleteIssuesByRepoID(ctx, repoIDs[i])
+			if err != nil {
+				return err
+			}
+			attachmentPaths = append(attachmentPaths, paths...)
+		}
+		return nil
+	})
+	if err != nil {
 		return err
 	}
 
-	return committer.Commit()
+	// Remove issue attachment files.
+	for i := range attachmentPaths {
+		system_model.RemoveStorageWithNotice(ctx, storage.Attachments, "Delete issue attachment", attachmentPaths[i])
+	}
+	return nil
+}
+
+// DeleteIssuesByRepoID deletes issues by repositories id
+func DeleteIssuesByRepoID(ctx context.Context, repoID int64) (attachmentPaths []string, err error) {
+	for {
+		issues := make([]*issues_model.Issue, 0, db.DefaultMaxInSize)
+		if err := db.GetEngine(ctx).
+			Where("repo_id = ?", repoID).
+			OrderBy("id").
+			Limit(db.DefaultMaxInSize).
+			Find(&issues); err != nil {
+			return nil, err
+		}
+
+		if len(issues) == 0 {
+			break
+		}
+
+		for _, issue := range issues {
+			issueAttachPaths, err := deleteIssue(ctx, issue)
+			if err != nil {
+				return nil, fmt.Errorf("deleteIssue [issue_id: %d]: %w", issue.ID, err)
+			}
+
+			attachmentPaths = append(attachmentPaths, issueAttachPaths...)
+		}
+	}
+
+	return attachmentPaths, err
 }
diff --git a/services/issue/issue_test.go b/services/issue/issue_test.go
index 8806cec0e7..bad0d65d1e 100644
--- a/services/issue/issue_test.go
+++ b/services/issue/issue_test.go
@@ -24,8 +24,8 @@ func TestGetRefEndNamesAndURLs(t *testing.T) {
 	repoLink := "/foo/bar"
 
 	endNames, urls := GetRefEndNamesAndURLs(issues, repoLink)
-	assert.EqualValues(t, map[int64]string{1: "branch1", 2: "tag1", 3: "c0ffee"}, endNames)
-	assert.EqualValues(t, map[int64]string{
+	assert.Equal(t, map[int64]string{1: "branch1", 2: "tag1", 3: "c0ffee"}, endNames)
+	assert.Equal(t, map[int64]string{
 		1: repoLink + "/src/branch/branch1",
 		2: repoLink + "/src/tag/tag1",
 		3: repoLink + "/src/commit/c0ffee",
@@ -44,7 +44,7 @@ func TestIssue_DeleteIssue(t *testing.T) {
 		ID:     issueIDs[2],
 	}
 
-	err = deleteIssue(db.DefaultContext, issue)
+	_, err = deleteIssue(db.DefaultContext, issue)
 	assert.NoError(t, err)
 	issueIDs, err = issues_model.GetIssueIDsByRepoID(db.DefaultContext, 1)
 	assert.NoError(t, err)
@@ -55,7 +55,7 @@ func TestIssue_DeleteIssue(t *testing.T) {
 	assert.NoError(t, err)
 	issue, err = issues_model.GetIssueByID(db.DefaultContext, 4)
 	assert.NoError(t, err)
-	err = deleteIssue(db.DefaultContext, issue)
+	_, err = deleteIssue(db.DefaultContext, issue)
 	assert.NoError(t, err)
 	assert.Len(t, attachments, 2)
 	for i := range attachments {
@@ -78,7 +78,7 @@ func TestIssue_DeleteIssue(t *testing.T) {
 	assert.NoError(t, err)
 	assert.False(t, left)
 
-	err = deleteIssue(db.DefaultContext, issue2)
+	_, err = deleteIssue(db.DefaultContext, issue2)
 	assert.NoError(t, err)
 	left, err = issues_model.IssueNoDependenciesLeft(db.DefaultContext, issue1)
 	assert.NoError(t, err)
diff --git a/services/issue/label.go b/services/issue/label.go
index 6b8070d8aa..e30983df37 100644
--- a/services/issue/label.go
+++ b/services/issue/label.go
@@ -46,32 +46,24 @@ func AddLabels(ctx context.Context, issue *issues_model.Issue, doer *user_model.
 
 // RemoveLabel removes a label from issue by given ID.
 func RemoveLabel(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, label *issues_model.Label) error {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := issue.LoadRepo(dbCtx); err != nil {
-		return err
-	}
-
-	perm, err := access_model.GetUserRepoPermission(dbCtx, issue.Repo, doer)
-	if err != nil {
-		return err
-	}
-	if !perm.CanWriteIssuesOrPulls(issue.IsPull) {
-		if label.OrgID > 0 {
-			return issues_model.ErrOrgLabelNotExist{}
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		if err := issue.LoadRepo(ctx); err != nil {
+			return err
 		}
-		return issues_model.ErrRepoLabelNotExist{}
-	}
 
-	if err := issues_model.DeleteIssueLabel(dbCtx, issue, label, doer); err != nil {
-		return err
-	}
+		perm, err := access_model.GetUserRepoPermission(ctx, issue.Repo, doer)
+		if err != nil {
+			return err
+		}
+		if !perm.CanWriteIssuesOrPulls(issue.IsPull) {
+			if label.OrgID > 0 {
+				return issues_model.ErrOrgLabelNotExist{}
+			}
+			return issues_model.ErrRepoLabelNotExist{}
+		}
 
-	if err := committer.Commit(); err != nil {
+		return issues_model.DeleteIssueLabel(ctx, issue, label, doer)
+	}); err != nil {
 		return err
 	}
 
diff --git a/services/issue/milestone.go b/services/issue/milestone.go
index beb6f131a9..05aefad752 100644
--- a/services/issue/milestone.go
+++ b/services/issue/milestone.go
@@ -5,6 +5,7 @@ package issue
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"code.gitea.io/gitea/models/db"
@@ -21,7 +22,7 @@ func changeMilestoneAssign(ctx context.Context, doer *user_model.User, issue *is
 			return fmt.Errorf("HasMilestoneByRepoID: %w", err)
 		}
 		if !has {
-			return fmt.Errorf("HasMilestoneByRepoID: issue doesn't exist")
+			return errors.New("HasMilestoneByRepoID: issue doesn't exist")
 		}
 	}
 
@@ -68,21 +69,12 @@ func changeMilestoneAssign(ctx context.Context, doer *user_model.User, issue *is
 
 // ChangeMilestoneAssign changes assignment of milestone for issue.
 func ChangeMilestoneAssign(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, oldMilestoneID int64) (err error) {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
+	if err := db.WithTx(ctx, func(dbCtx context.Context) error {
+		return changeMilestoneAssign(dbCtx, doer, issue, oldMilestoneID)
+	}); err != nil {
 		return err
 	}
-	defer committer.Close()
-
-	if err = changeMilestoneAssign(dbCtx, doer, issue, oldMilestoneID); err != nil {
-		return err
-	}
-
-	if err = committer.Commit(); err != nil {
-		return fmt.Errorf("Commit: %w", err)
-	}
 
 	notify_service.IssueChangeMilestone(ctx, doer, issue, oldMilestoneID)
-
 	return nil
 }
diff --git a/services/issue/pull.go b/services/issue/pull.go
index bd19c25436..512fdf78e8 100644
--- a/services/issue/pull.go
+++ b/services/issue/pull.go
@@ -48,10 +48,6 @@ func IsCodeOwnerFile(f string) bool {
 }
 
 func PullRequestCodeOwnersReview(ctx context.Context, pr *issues_model.PullRequest) ([]*ReviewRequestNotifier, error) {
-	return PullRequestCodeOwnersReviewSpecialCommits(ctx, pr, "", "") // no commit is provided, then it uses PR's base&head branch
-}
-
-func PullRequestCodeOwnersReviewSpecialCommits(ctx context.Context, pr *issues_model.PullRequest, startCommitID, endCommitID string) ([]*ReviewRequestNotifier, error) {
 	if err := pr.LoadIssue(ctx); err != nil {
 		return nil, err
 	}
@@ -100,19 +96,15 @@ func PullRequestCodeOwnersReviewSpecialCommits(ctx context.Context, pr *issues_m
 		return nil, nil
 	}
 
-	if startCommitID == "" && endCommitID == "" {
-		// get the mergebase
-		mergeBase, err := getMergeBase(repo, pr, git.BranchPrefix+pr.BaseBranch, pr.GetGitRefName())
-		if err != nil {
-			return nil, err
-		}
-		startCommitID = mergeBase
-		endCommitID = pr.GetGitRefName()
+	// get the mergebase
+	mergeBase, err := getMergeBase(repo, pr, git.BranchPrefix+pr.BaseBranch, pr.GetGitHeadRefName())
+	if err != nil {
+		return nil, err
 	}
 
 	// https://github.com/go-gitea/gitea/issues/29763, we need to get the files changed
 	// between the merge base and the head commit but not the base branch and the head commit
-	changedFiles, err := repo.GetFilesChangedBetween(startCommitID, endCommitID)
+	changedFiles, err := repo.GetFilesChangedBetween(mergeBase, pr.GetGitHeadRefName())
 	if err != nil {
 		return nil, err
 	}
@@ -138,13 +130,31 @@ func PullRequestCodeOwnersReviewSpecialCommits(ctx context.Context, pr *issues_m
 		return nil, err
 	}
 
+	// load all reviews from database
+	latestReivews, _, err := issues_model.GetReviewsByIssueID(ctx, pr.IssueID)
+	if err != nil {
+		return nil, err
+	}
+
+	contain := func(list issues_model.ReviewList, u *user_model.User) bool {
+		for _, review := range list {
+			if review.ReviewerTeamID == 0 && review.ReviewerID == u.ID {
+				return true
+			}
+		}
+		return false
+	}
+
 	for _, u := range uniqUsers {
-		if u.ID != issue.Poster.ID {
+		if u.ID != issue.Poster.ID && !contain(latestReivews, u) {
 			comment, err := issues_model.AddReviewRequest(ctx, issue, u, issue.Poster)
 			if err != nil {
 				log.Warn("Failed add assignee user: %s to PR review: %s#%d, error: %s", u.Name, pr.BaseRepo.Name, pr.ID, err)
 				return nil, err
 			}
+			if comment == nil { // comment maybe nil if review type is ReviewTypeRequest
+				continue
+			}
 			notifiers = append(notifiers, &ReviewRequestNotifier{
 				Comment:  comment,
 				IsAdd:    true,
@@ -152,12 +162,16 @@ func PullRequestCodeOwnersReviewSpecialCommits(ctx context.Context, pr *issues_m
 			})
 		}
 	}
+
 	for _, t := range uniqTeams {
 		comment, err := issues_model.AddTeamReviewRequest(ctx, issue, t, issue.Poster)
 		if err != nil {
 			log.Warn("Failed add assignee team: %s to PR review: %s#%d, error: %s", t.Name, pr.BaseRepo.Name, pr.ID, err)
 			return nil, err
 		}
+		if comment == nil { // comment maybe nil if review type is ReviewTypeRequest
+			continue
+		}
 		notifiers = append(notifiers, &ReviewRequestNotifier{
 			Comment:    comment,
 			IsAdd:      true,
diff --git a/services/issue/status.go b/services/issue/status.go
index e18b891175..fa59df93ba 100644
--- a/services/issue/status.go
+++ b/services/issue/status.go
@@ -15,30 +15,24 @@ import (
 
 // CloseIssue close an issue.
 func CloseIssue(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, commitID string) error {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	comment, err := issues_model.CloseIssue(dbCtx, issue, doer)
-	if err != nil {
-		if issues_model.IsErrDependenciesLeft(err) {
-			if err := issues_model.FinishIssueStopwatchIfPossible(dbCtx, doer, issue); err != nil {
-				log.Error("Unable to stop stopwatch for issue[%d]#%d: %v", issue.ID, issue.Index, err)
+	var comment *issues_model.Comment
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		var err error
+		comment, err = issues_model.CloseIssue(ctx, issue, doer)
+		if err != nil {
+			if issues_model.IsErrDependenciesLeft(err) {
+				if _, err := issues_model.FinishIssueStopwatch(ctx, doer, issue); err != nil {
+					log.Error("Unable to stop stopwatch for issue[%d]#%d: %v", issue.ID, issue.Index, err)
+				}
 			}
+			return err
 		}
-		return err
-	}
 
-	if err := issues_model.FinishIssueStopwatchIfPossible(dbCtx, doer, issue); err != nil {
+		_, err = issues_model.FinishIssueStopwatch(ctx, doer, issue)
 		return err
-	}
-
-	if err := committer.Commit(); err != nil {
+	}); err != nil {
 		return err
 	}
-	committer.Close()
 
 	notify_service.IssueChangeStatus(ctx, doer, commitID, issue, comment, true)
 
diff --git a/services/issue/suggestion_test.go b/services/issue/suggestion_test.go
index 84cfd520ac..a5b39d27bb 100644
--- a/services/issue/suggestion_test.go
+++ b/services/issue/suggestion_test.go
@@ -51,7 +51,7 @@ func Test_Suggestion(t *testing.T) {
 			for _, issue := range issues {
 				issueIndexes = append(issueIndexes, issue.Index)
 			}
-			assert.EqualValues(t, testCase.expectedIndexes, issueIndexes)
+			assert.Equal(t, testCase.expectedIndexes, issueIndexes)
 		})
 	}
 }
diff --git a/services/lfs/locks.go b/services/lfs/locks.go
index 1d464f4a66..264001f0f9 100644
--- a/services/lfs/locks.go
+++ b/services/lfs/locks.go
@@ -74,10 +74,7 @@ func GetListLockHandler(ctx *context.Context) {
 	}
 	ctx.Resp.Header().Set("Content-Type", lfs_module.MediaType)
 
-	cursor := ctx.FormInt("cursor")
-	if cursor < 0 {
-		cursor = 0
-	}
+	cursor := max(ctx.FormInt("cursor"), 0)
 	limit := ctx.FormInt("limit")
 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {
 		limit = setting.LFS.LocksPagingNum
@@ -239,10 +236,7 @@ func VerifyLockHandler(ctx *context.Context) {
 
 	ctx.Resp.Header().Set("Content-Type", lfs_module.MediaType)
 
-	cursor := ctx.FormInt("cursor")
-	if cursor < 0 {
-		cursor = 0
-	}
+	cursor := max(ctx.FormInt("cursor"), 0)
 	limit := ctx.FormInt("limit")
 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {
 		limit = setting.LFS.LocksPagingNum
diff --git a/services/lfs/server.go b/services/lfs/server.go
index c4866edaab..c9d9f164bf 100644
--- a/services/lfs/server.go
+++ b/services/lfs/server.go
@@ -11,6 +11,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"maps"
 	"net/http"
 	"net/url"
 	"path"
@@ -26,6 +27,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/auth/httpauth"
 	"code.gitea.io/gitea/modules/json"
 	lfs_module "code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
@@ -41,6 +43,7 @@ type requestContext struct {
 	User          string
 	Repo          string
 	Authorization string
+	Method        string
 }
 
 // Claims is a JWT Token Claims
@@ -164,11 +167,12 @@ func BatchHandler(ctx *context.Context) {
 	}
 
 	var isUpload bool
-	if br.Operation == "upload" {
+	switch br.Operation {
+	case "upload":
 		isUpload = true
-	} else if br.Operation == "download" {
+	case "download":
 		isUpload = false
-	} else {
+	default:
 		log.Trace("Attempt to BATCH with invalid operation: %s", br.Operation)
 		writeStatus(ctx, http.StatusBadRequest)
 		return
@@ -201,7 +205,7 @@ func BatchHandler(ctx *context.Context) {
 
 		exists, err := contentStore.Exists(p)
 		if err != nil {
-			log.Error("Unable to check if LFS OID[%s] exist. Error: %v", p.Oid, rc.User, rc.Repo, err)
+			log.Error("Unable to check if LFS object with ID '%s' exists for %s/%s. Error: %v", p.Oid, rc.User, rc.Repo, err)
 			writeStatus(ctx, http.StatusInternalServerError)
 			return
 		}
@@ -394,6 +398,7 @@ func getRequestContext(ctx *context.Context) *requestContext {
 		User:          ctx.PathParam("username"),
 		Repo:          strings.TrimSuffix(ctx.PathParam("reponame"), ".git"),
 		Authorization: ctx.Req.Header.Get("Authorization"),
+		Method:        ctx.Req.Method,
 	}
 }
 
@@ -462,7 +467,7 @@ func buildObjectResponse(rc *requestContext, pointer lfs_module.Pointer, downloa
 			var link *lfs_module.Link
 			if setting.LFS.Storage.ServeDirect() {
 				// If we have a signed url (S3, object storage), redirect to this directly.
-				u, err := storage.LFS.URL(pointer.RelativePath(), pointer.Oid, nil)
+				u, err := storage.LFS.URL(pointer.RelativePath(), pointer.Oid, rc.Method, nil)
 				if u != nil && err == nil {
 					// Presigned url does not need the Authorization header
 					// https://github.com/go-gitea/gitea/issues/21525
@@ -479,9 +484,7 @@ func buildObjectResponse(rc *requestContext, pointer lfs_module.Pointer, downloa
 			rep.Actions["upload"] = &lfs_module.Link{Href: rc.UploadLink(pointer), Header: header}
 
 			verifyHeader := make(map[string]string)
-			for key, value := range header {
-				verifyHeader[key] = value
-			}
+			maps.Copy(verifyHeader, header)
 
 			// This is only needed to workaround https://github.com/git-lfs/git-lfs/issues/3662
 			verifyHeader["Accept"] = lfs_module.AcceptHeader
@@ -571,15 +574,15 @@ func handleLFSToken(ctx stdCtx.Context, tokenSHA string, target *repo_model.Repo
 
 	claims, claimsOk := token.Claims.(*Claims)
 	if !token.Valid || !claimsOk {
-		return nil, fmt.Errorf("invalid token claim")
+		return nil, errors.New("invalid token claim")
 	}
 
 	if claims.RepoID != target.ID {
-		return nil, fmt.Errorf("invalid token claim")
+		return nil, errors.New("invalid token claim")
 	}
 
 	if mode == perm_model.AccessModeWrite && claims.Op != "upload" {
-		return nil, fmt.Errorf("invalid token claim")
+		return nil, errors.New("invalid token claim")
 	}
 
 	u, err := user_model.GetUserByID(ctx, claims.UserID)
@@ -592,21 +595,13 @@ func handleLFSToken(ctx stdCtx.Context, tokenSHA string, target *repo_model.Repo
 
 func parseToken(ctx stdCtx.Context, authorization string, target *repo_model.Repository, mode perm_model.AccessMode) (*user_model.User, error) {
 	if authorization == "" {
-		return nil, fmt.Errorf("no token")
-	}
-
-	parts := strings.SplitN(authorization, " ", 2)
-	if len(parts) != 2 {
-		return nil, fmt.Errorf("no token")
+		return nil, errors.New("no token")
 	}
-	tokenSHA := parts[1]
-	switch strings.ToLower(parts[0]) {
-	case "bearer":
-		fallthrough
-	case "token":
-		return handleLFSToken(ctx, tokenSHA, target, mode)
+	parsed, ok := httpauth.ParseAuthorizationHeader(authorization)
+	if !ok || parsed.BearerToken == nil {
+		return nil, errors.New("token not found")
 	}
-	return nil, fmt.Errorf("token not found")
+	return handleLFSToken(ctx, parsed.BearerToken.Token, target, mode)
 }
 
 func requireAuth(ctx *context.Context) {
diff --git a/services/mailer/mail.go b/services/mailer/mail.go
index f7e5b0c9f0..d81b6d10af 100644
--- a/services/mailer/mail.go
+++ b/services/mailer/mail.go
@@ -8,13 +8,14 @@ import (
 	"bytes"
 	"context"
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"html/template"
 	"io"
 	"mime"
 	"regexp"
 	"strings"
-	texttmpl "text/template"
+	"sync/atomic"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
@@ -22,6 +23,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/typesniffer"
 	sender_service "code.gitea.io/gitea/services/mailer/sender"
 
@@ -30,11 +32,13 @@ import (
 
 const mailMaxSubjectRunes = 256 // There's no actual limit for subject in RFC 5322
 
-var (
-	bodyTemplates       *template.Template
-	subjectTemplates    *texttmpl.Template
-	subjectRemoveSpaces = regexp.MustCompile(`[\s]+`)
-)
+var loadedTemplates atomic.Pointer[templates.MailTemplates]
+
+var subjectRemoveSpaces = regexp.MustCompile(`[\s]+`)
+
+func LoadedTemplates() *templates.MailTemplates {
+	return loadedTemplates.Load()
+}
 
 // SendTestMail sends a test mail
 func SendTestMail(email string) error {
@@ -117,7 +121,7 @@ func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ct
 			attachmentUUID, ok = strings.CutPrefix(parsedSrc.RepoSubPath, "/attachments/")
 		}
 		if !ok {
-			return "", fmt.Errorf("not an attachment")
+			return "", errors.New("not an attachment")
 		}
 	}
 	attachment, err := repo_model.GetAttachmentByUUID(ctx, attachmentUUID)
@@ -126,10 +130,10 @@ func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ct
 	}
 
 	if attachment.RepoID != b64embedder.repo.ID {
-		return "", fmt.Errorf("attachment does not belong to the repository")
+		return "", errors.New("attachment does not belong to the repository")
 	}
 	if attachment.Size+b64embedder.estimateSize > b64embedder.maxSize {
-		return "", fmt.Errorf("total embedded images exceed max limit")
+		return "", errors.New("total embedded images exceed max limit")
 	}
 
 	fr, err := storage.Attachments.Open(attachment.RelativePath())
@@ -146,7 +150,7 @@ func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ct
 
 	mimeType := typesniffer.DetectContentType(content)
 	if !mimeType.IsImage() {
-		return "", fmt.Errorf("not an image")
+		return "", errors.New("not an image")
 	}
 
 	encoded := base64.StdEncoding.EncodeToString(content)
@@ -170,3 +174,41 @@ func fromDisplayName(u *user_model.User) string {
 	}
 	return u.GetCompleteName()
 }
+
+func generateMetadataHeaders(repo *repo_model.Repository) map[string]string {
+	return map[string]string{
+		// https://datatracker.ietf.org/doc/html/rfc2919
+		"List-ID": fmt.Sprintf("%s <%s.%s.%s>", repo.FullName(), repo.Name, repo.OwnerName, setting.Domain),
+
+		// https://datatracker.ietf.org/doc/html/rfc2369
+		"List-Archive": fmt.Sprintf("<%s>", repo.HTMLURL()),
+
+		"X-Mailer": "Gitea",
+
+		"X-Gitea-Repository":      repo.Name,
+		"X-Gitea-Repository-Path": repo.FullName(),
+		"X-Gitea-Repository-Link": repo.HTMLURL(),
+
+		"X-GitLab-Project":      repo.Name,
+		"X-GitLab-Project-Path": repo.FullName(),
+	}
+}
+
+func generateSenderRecipientHeaders(doer, recipient *user_model.User) map[string]string {
+	return map[string]string{
+		"X-Gitea-Sender":             doer.Name,
+		"X-Gitea-Recipient":          recipient.Name,
+		"X-Gitea-Recipient-Address":  recipient.Email,
+		"X-GitHub-Sender":            doer.Name,
+		"X-GitHub-Recipient":         recipient.Name,
+		"X-GitHub-Recipient-Address": recipient.Email,
+	}
+}
+
+func generateReasonHeaders(reason string) map[string]string {
+	return map[string]string{
+		"X-Gitea-Reason":              reason,
+		"X-GitHub-Reason":             reason,
+		"X-GitLab-NotificationReason": reason,
+	}
+}
diff --git a/services/mailer/mail_issue_common.go b/services/mailer/mail_issue_common.go
index ebfd52162c..a34d8a68c9 100644
--- a/services/mailer/mail_issue_common.go
+++ b/services/mailer/mail_issue_common.go
@@ -7,6 +7,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
+	"maps"
 	"strconv"
 	"strings"
 	"time"
@@ -29,7 +30,7 @@ import (
 // Many e-mail service providers have limitations on the size of the email body, it's usually from 10MB to 25MB
 const maxEmailBodySize = 9_000_000
 
-func fallbackMailSubject(issue *issues_model.Issue) string {
+func fallbackIssueMailSubject(issue *issues_model.Issue) string {
 	return fmt.Sprintf("[%s] %s (#%d)", issue.Repo.FullName(), issue.Title, issue.Index)
 }
 
@@ -86,7 +87,7 @@ func composeIssueCommentMessages(ctx context.Context, comment *mailComment, lang
 	if actName != "new" {
 		prefix = "Re: "
 	}
-	fallback = prefix + fallbackMailSubject(comment.Issue)
+	fallback = prefix + fallbackIssueMailSubject(comment.Issue)
 
 	if comment.Comment != nil && comment.Comment.Review != nil {
 		reviewComments = make([]*issues_model.Comment, 0, 10)
@@ -119,7 +120,7 @@ func composeIssueCommentMessages(ctx context.Context, comment *mailComment, lang
 	}
 
 	var mailSubject bytes.Buffer
-	if err := subjectTemplates.ExecuteTemplate(&mailSubject, tplName, mailMeta); err == nil {
+	if err := LoadedTemplates().SubjectTemplates.ExecuteTemplate(&mailSubject, tplName, mailMeta); err == nil {
 		subject = sanitizeSubject(mailSubject.String())
 		if subject == "" {
 			subject = fallback
@@ -134,7 +135,7 @@ func composeIssueCommentMessages(ctx context.Context, comment *mailComment, lang
 
 	var mailBody bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&mailBody, tplName, mailMeta); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&mailBody, tplName, mailMeta); err != nil {
 		log.Error("ExecuteTemplate [%s]: %v", tplName+"/body", err)
 	}
 
@@ -202,7 +203,7 @@ func composeIssueCommentMessages(ctx context.Context, comment *mailComment, lang
 		msg.SetHeader("References", references...)
 		msg.SetHeader("List-Unsubscribe", listUnsubscribe...)
 
-		for key, value := range generateAdditionalHeaders(comment, actType, recipient) {
+		for key, value := range generateAdditionalHeadersForIssue(comment, actType, recipient) {
 			msg.SetHeader(key, value)
 		}
 
@@ -260,14 +261,14 @@ func actionToTemplate(issue *issues_model.Issue, actionType activities_model.Act
 	}
 
 	template = typeName + "/" + name
-	ok := bodyTemplates.Lookup(template) != nil
+	ok := LoadedTemplates().BodyTemplates.Lookup(template) != nil
 	if !ok && typeName != "issue" {
 		template = "issue/" + name
-		ok = bodyTemplates.Lookup(template) != nil
+		ok = LoadedTemplates().BodyTemplates.Lookup(template) != nil
 	}
 	if !ok {
 		template = typeName + "/default"
-		ok = bodyTemplates.Lookup(template) != nil
+		ok = LoadedTemplates().BodyTemplates.Lookup(template) != nil
 	}
 	if !ok {
 		template = "issue/default"
@@ -302,35 +303,18 @@ func generateMessageIDForIssue(issue *issues_model.Issue, comment *issues_model.
 	return fmt.Sprintf("<%s/%s/%d%s@%s>", issue.Repo.FullName(), path, issue.Index, extra, setting.Domain)
 }
 
-func generateAdditionalHeaders(ctx *mailComment, reason string, recipient *user_model.User) map[string]string {
+func generateAdditionalHeadersForIssue(ctx *mailComment, reason string, recipient *user_model.User) map[string]string {
 	repo := ctx.Issue.Repo
 
-	return map[string]string{
-		// https://datatracker.ietf.org/doc/html/rfc2919
-		"List-ID": fmt.Sprintf("%s <%s.%s.%s>", repo.FullName(), repo.Name, repo.OwnerName, setting.Domain),
-
-		// https://datatracker.ietf.org/doc/html/rfc2369
-		"List-Archive": fmt.Sprintf("<%s>", repo.HTMLURL()),
-
-		"X-Mailer":                  "Gitea",
-		"X-Gitea-Reason":            reason,
-		"X-Gitea-Sender":            ctx.Doer.Name,
-		"X-Gitea-Recipient":         recipient.Name,
-		"X-Gitea-Recipient-Address": recipient.Email,
-		"X-Gitea-Repository":        repo.Name,
-		"X-Gitea-Repository-Path":   repo.FullName(),
-		"X-Gitea-Repository-Link":   repo.HTMLURL(),
-		"X-Gitea-Issue-ID":          strconv.FormatInt(ctx.Issue.Index, 10),
-		"X-Gitea-Issue-Link":        ctx.Issue.HTMLURL(),
-
-		"X-GitHub-Reason":            reason,
-		"X-GitHub-Sender":            ctx.Doer.Name,
-		"X-GitHub-Recipient":         recipient.Name,
-		"X-GitHub-Recipient-Address": recipient.Email,
-
-		"X-GitLab-NotificationReason": reason,
-		"X-GitLab-Project":            repo.Name,
-		"X-GitLab-Project-Path":       repo.FullName(),
-		"X-GitLab-Issue-IID":          strconv.FormatInt(ctx.Issue.Index, 10),
-	}
+	issueID := strconv.FormatInt(ctx.Issue.Index, 10)
+	headers := generateMetadataHeaders(repo)
+
+	maps.Copy(headers, generateSenderRecipientHeaders(ctx.Doer, recipient))
+	maps.Copy(headers, generateReasonHeaders(reason))
+
+	headers["X-Gitea-Issue-ID"] = issueID
+	headers["X-Gitea-Issue-Link"] = ctx.Issue.HTMLURL()
+	headers["X-GitLab-Issue-IID"] = issueID
+
+	return headers
 }
diff --git a/services/mailer/mail_release.go b/services/mailer/mail_release.go
index bfff73c39c..fd97fb5312 100644
--- a/services/mailer/mail_release.go
+++ b/services/mailer/mail_release.go
@@ -79,7 +79,7 @@ func mailNewRelease(ctx context.Context, lang string, tos []*user_model.User, re
 
 	var mailBody bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&mailBody, string(tplNewReleaseMail), mailMeta); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&mailBody, string(tplNewReleaseMail), mailMeta); err != nil {
 		log.Error("ExecuteTemplate [%s]: %v", string(tplNewReleaseMail)+"/body", err)
 		return
 	}
diff --git a/services/mailer/mail_repo.go b/services/mailer/mail_repo.go
index b6b2d5ca07..1ec7995ab9 100644
--- a/services/mailer/mail_repo.go
+++ b/services/mailer/mail_repo.go
@@ -78,7 +78,7 @@ func sendRepoTransferNotifyMailPerLang(lang string, newOwner, doer *user_model.U
 		"Destination": destination,
 	}
 
-	if err := bodyTemplates.ExecuteTemplate(&content, string(mailRepoTransferNotify), data); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&content, string(mailRepoTransferNotify), data); err != nil {
 		return err
 	}
 
diff --git a/services/mailer/mail_team_invite.go b/services/mailer/mail_team_invite.go
index 1fbade7e23..034dc14e3d 100644
--- a/services/mailer/mail_team_invite.go
+++ b/services/mailer/mail_team_invite.go
@@ -6,6 +6,7 @@ package mailer
 import (
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 	"net/url"
 
@@ -38,10 +39,10 @@ func MailTeamInvite(ctx context.Context, inviter *user_model.User, team *org_mod
 	if err != nil && !user_model.IsErrUserNotExist(err) {
 		return err
 	} else if user != nil && user.ProhibitLogin {
-		return fmt.Errorf("login is prohibited for the invited user")
+		return errors.New("login is prohibited for the invited user")
 	}
 
-	inviteRedirect := url.QueryEscape(fmt.Sprintf("/org/invite/%s", invite.Token))
+	inviteRedirect := url.QueryEscape("/org/invite/" + invite.Token)
 	inviteURL := fmt.Sprintf("%suser/sign_up?redirect_to=%s", setting.AppURL, inviteRedirect)
 
 	if (err == nil && user != nil) || setting.Service.DisableRegistration || setting.Service.AllowOnlyExternalRegistration {
@@ -61,7 +62,7 @@ func MailTeamInvite(ctx context.Context, inviter *user_model.User, team *org_mod
 	}
 
 	var mailBody bytes.Buffer
-	if err := bodyTemplates.ExecuteTemplate(&mailBody, string(tplTeamInviteMail), mailMeta); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&mailBody, string(tplTeamInviteMail), mailMeta); err != nil {
 		log.Error("ExecuteTemplate [%s]: %v", string(tplTeamInviteMail)+"/body", err)
 		return err
 	}
diff --git a/services/mailer/mail_test.go b/services/mailer/mail_test.go
index 6aced705f3..24f5d39d50 100644
--- a/services/mailer/mail_test.go
+++ b/services/mailer/mail_test.go
@@ -16,6 +16,7 @@ import (
 	"testing"
 	texttmpl "text/template"
 
+	actions_model "code.gitea.io/gitea/models/actions"
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
@@ -25,6 +26,7 @@ import (
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/services/attachment"
 	sender_service "code.gitea.io/gitea/services/mailer/sender"
@@ -95,6 +97,13 @@ func prepareMailerBase64Test(t *testing.T) (doer *user_model.User, repo *repo_mo
 	return user, repo, issue, att1, att2
 }
 
+func prepareMailTemplates(name, subjectTmpl, bodyTmpl string) {
+	loadedTemplates.Store(&templates.MailTemplates{
+		SubjectTemplates: texttmpl.Must(texttmpl.New(name).Parse(subjectTmpl)),
+		BodyTemplates:    template.Must(template.New(name).Parse(bodyTmpl)),
+	})
+}
+
 func TestComposeIssueComment(t *testing.T) {
 	doer, _, issue, comment := prepareMailerTest(t)
 
@@ -107,8 +116,7 @@ func TestComposeIssueComment(t *testing.T) {
 	setting.IncomingEmail.Enabled = true
 	defer func() { setting.IncomingEmail.Enabled = false }()
 
-	subjectTemplates = texttmpl.Must(texttmpl.New("issue/comment").Parse(subjectTpl))
-	bodyTemplates = template.Must(template.New("issue/comment").Parse(bodyTpl))
+	prepareMailTemplates("issue/comment", subjectTpl, bodyTpl)
 
 	recipients := []*user_model.User{{Name: "Test", Email: "test@gitea.com"}, {Name: "Test2", Email: "test2@gitea.com"}}
 	msgs, err := composeIssueCommentMessages(t.Context(), &mailComment{
@@ -153,8 +161,7 @@ func TestComposeIssueComment(t *testing.T) {
 func TestMailMentionsComment(t *testing.T) {
 	doer, _, issue, comment := prepareMailerTest(t)
 	comment.Poster = doer
-	subjectTemplates = texttmpl.Must(texttmpl.New("issue/comment").Parse(subjectTpl))
-	bodyTemplates = template.Must(template.New("issue/comment").Parse(bodyTpl))
+	prepareMailTemplates("issue/comment", subjectTpl, bodyTpl)
 	mails := 0
 
 	defer test.MockVariableValue(&SendAsync, func(msgs ...*sender_service.Message) {
@@ -169,9 +176,7 @@ func TestMailMentionsComment(t *testing.T) {
 func TestComposeIssueMessage(t *testing.T) {
 	doer, _, issue, _ := prepareMailerTest(t)
 
-	subjectTemplates = texttmpl.Must(texttmpl.New("issue/new").Parse(subjectTpl))
-	bodyTemplates = template.Must(template.New("issue/new").Parse(bodyTpl))
-
+	prepareMailTemplates("issue/new", subjectTpl, bodyTpl)
 	recipients := []*user_model.User{{Name: "Test", Email: "test@gitea.com"}, {Name: "Test2", Email: "test2@gitea.com"}}
 	msgs, err := composeIssueCommentMessages(t.Context(), &mailComment{
 		Issue: issue, Doer: doer, ActionType: activities_model.ActionCreateIssue,
@@ -200,15 +205,14 @@ func TestTemplateSelection(t *testing.T) {
 	doer, repo, issue, comment := prepareMailerTest(t)
 	recipients := []*user_model.User{{Name: "Test", Email: "test@gitea.com"}}
 
-	subjectTemplates = texttmpl.Must(texttmpl.New("issue/default").Parse("issue/default/subject"))
-	texttmpl.Must(subjectTemplates.New("issue/new").Parse("issue/new/subject"))
-	texttmpl.Must(subjectTemplates.New("pull/comment").Parse("pull/comment/subject"))
-	texttmpl.Must(subjectTemplates.New("issue/close").Parse("")) // Must default to fallback subject
+	prepareMailTemplates("issue/default", "issue/default/subject", "issue/default/body")
 
-	bodyTemplates = template.Must(template.New("issue/default").Parse("issue/default/body"))
-	template.Must(bodyTemplates.New("issue/new").Parse("issue/new/body"))
-	template.Must(bodyTemplates.New("pull/comment").Parse("pull/comment/body"))
-	template.Must(bodyTemplates.New("issue/close").Parse("issue/close/body"))
+	texttmpl.Must(LoadedTemplates().SubjectTemplates.New("issue/new").Parse("issue/new/subject"))
+	texttmpl.Must(LoadedTemplates().SubjectTemplates.New("pull/comment").Parse("pull/comment/subject"))
+	texttmpl.Must(LoadedTemplates().SubjectTemplates.New("issue/close").Parse("")) // Must default to a fallback subject
+	template.Must(LoadedTemplates().BodyTemplates.New("issue/new").Parse("issue/new/body"))
+	template.Must(LoadedTemplates().BodyTemplates.New("pull/comment").Parse("pull/comment/body"))
+	template.Must(LoadedTemplates().BodyTemplates.New("issue/close").Parse("issue/close/body"))
 
 	expect := func(t *testing.T, msg *sender_service.Message, expSubject, expBody string) {
 		subject := msg.ToMessage().GetGenHeader("Subject")
@@ -253,9 +257,7 @@ func TestTemplateServices(t *testing.T) {
 	expect := func(t *testing.T, issue *issues_model.Issue, comment *issues_model.Comment, doer *user_model.User,
 		actionType activities_model.ActionType, fromMention bool, tplSubject, tplBody, expSubject, expBody string,
 	) {
-		subjectTemplates = texttmpl.Must(texttmpl.New("issue/default").Parse(tplSubject))
-		bodyTemplates = template.Must(template.New("issue/default").Parse(tplBody))
-
+		prepareMailTemplates("issue/default", tplSubject, tplBody)
 		recipients := []*user_model.User{{Name: "Test", Email: "test@gitea.com"}}
 		msg := testComposeIssueCommentMessage(t, &mailComment{
 			Issue: issue, Doer: doer, ActionType: actionType,
@@ -297,13 +299,13 @@ func testComposeIssueCommentMessage(t *testing.T, ctx *mailComment, recipients [
 	return msgs[0]
 }
 
-func TestGenerateAdditionalHeaders(t *testing.T) {
+func TestGenerateAdditionalHeadersForIssue(t *testing.T) {
 	doer, _, issue, _ := prepareMailerTest(t)
 
 	comment := &mailComment{Issue: issue, Doer: doer}
 	recipient := &user_model.User{Name: "test", Email: "test@gitea.com"}
 
-	headers := generateAdditionalHeaders(comment, "dummy-reason", recipient)
+	headers := generateAdditionalHeadersForIssue(comment, "dummy-reason", recipient)
 
 	expected := map[string]string{
 		"List-ID":                   "user2/repo1 <repo1.user2.localhost>",
@@ -440,6 +442,16 @@ func TestGenerateMessageIDForRelease(t *testing.T) {
 	assert.Equal(t, "<owner/repo/releases/1@localhost>", msgID)
 }
 
+func TestGenerateMessageIDForActionsWorkflowRunStatusEmail(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
+	run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{ID: 795, RepoID: repo.ID})
+	assert.NoError(t, run.LoadAttributes(db.DefaultContext))
+	msgID := generateMessageIDForActionsWorkflowRunStatusEmail(repo, run)
+	assert.Equal(t, "<user2/repo2/actions/runs/191@localhost>", msgID)
+}
+
 func TestFromDisplayName(t *testing.T) {
 	tmpl, err := texttmpl.New("mailFrom").Parse("{{ .DisplayName }}")
 	assert.NoError(t, err)
@@ -467,7 +479,7 @@ func TestFromDisplayName(t *testing.T) {
 		t.Run(tc.userDisplayName, func(t *testing.T) {
 			user := &user_model.User{FullName: tc.userDisplayName, Name: "tmp"}
 			got := fromDisplayName(user)
-			assert.EqualValues(t, tc.fromDisplayName, got)
+			assert.Equal(t, tc.fromDisplayName, got)
 		})
 	}
 
@@ -484,7 +496,7 @@ func TestFromDisplayName(t *testing.T) {
 			setting.Domain = oldDomain
 		}()
 
-		assert.EqualValues(t, "Mister X (by Code IT on [code.it])", fromDisplayName(&user_model.User{FullName: "Mister X", Name: "tmp"}))
+		assert.Equal(t, "Mister X (by Code IT on [code.it])", fromDisplayName(&user_model.User{FullName: "Mister X", Name: "tmp"}))
 	})
 }
 
@@ -512,8 +524,7 @@ func TestEmbedBase64Images(t *testing.T) {
 	att2ImgBase64 := fmt.Sprintf(`<img src="%s"/>`, att2Base64)
 
 	t.Run("ComposeMessage", func(t *testing.T) {
-		subjectTemplates = texttmpl.Must(texttmpl.New("issue/new").Parse(subjectTpl))
-		bodyTemplates = template.Must(template.New("issue/new").Parse(bodyTpl))
+		prepareMailTemplates("issue/new", subjectTpl, bodyTpl)
 
 		issue.Content = fmt.Sprintf(`MSG-BEFORE <image src="attachments/%s"> MSG-AFTER`, att1.UUID)
 		require.NoError(t, issues_model.UpdateIssueCols(t.Context(), issue, "content"))
@@ -528,7 +539,7 @@ func TestEmbedBase64Images(t *testing.T) {
 		require.NoError(t, err)
 
 		mailBody := msgs[0].Body
-		assert.Regexp(t, `MSG-BEFORE <a[^>]+><img src="data:image/png;base64,iVBORw0KGgo="/></a> MSG-AFTER`, mailBody)
+		assert.Regexp(t, `MSG-BEFORE <a[^>]+><img src="data:image/png;base64,iVBORw0KGgo=".*/></a> MSG-AFTER`, mailBody)
 	})
 
 	t.Run("EmbedInstanceImageSkipExternalImage", func(t *testing.T) {
diff --git a/services/mailer/mail_user.go b/services/mailer/mail_user.go
index 5a200a5fa7..68df81f6a3 100644
--- a/services/mailer/mail_user.go
+++ b/services/mailer/mail_user.go
@@ -39,7 +39,7 @@ func sendUserMail(language string, u *user_model.User, tpl templates.TplName, co
 
 	var content bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&content, string(tpl), data); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&content, string(tpl), data); err != nil {
 		log.Error("Template: %v", err)
 		return
 	}
@@ -90,7 +90,7 @@ func SendActivateEmailMail(u *user_model.User, email string) {
 
 	var content bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&content, string(mailAuthActivateEmail), data); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&content, string(mailAuthActivateEmail), data); err != nil {
 		log.Error("Template: %v", err)
 		return
 	}
@@ -118,7 +118,7 @@ func SendRegisterNotifyMail(u *user_model.User) {
 
 	var content bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&content, string(mailAuthRegisterNotify), data); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&content, string(mailAuthRegisterNotify), data); err != nil {
 		log.Error("Template: %v", err)
 		return
 	}
@@ -149,7 +149,7 @@ func SendCollaboratorMail(u, doer *user_model.User, repo *repo_model.Repository)
 
 	var content bytes.Buffer
 
-	if err := bodyTemplates.ExecuteTemplate(&content, string(mailNotifyCollaborator), data); err != nil {
+	if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&content, string(mailNotifyCollaborator), data); err != nil {
 		log.Error("Template: %v", err)
 		return
 	}
diff --git a/services/mailer/mail_workflow_run.go b/services/mailer/mail_workflow_run.go
new file mode 100644
index 0000000000..29b3abda8e
--- /dev/null
+++ b/services/mailer/mail_workflow_run.go
@@ -0,0 +1,165 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package mailer
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"sort"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/translation"
+	"code.gitea.io/gitea/services/convert"
+	sender_service "code.gitea.io/gitea/services/mailer/sender"
+)
+
+const tplWorkflowRun = "notify/workflow_run"
+
+type convertedWorkflowJob struct {
+	HTMLURL string
+	Status  actions_model.Status
+	Name    string
+	Attempt int64
+}
+
+func generateMessageIDForActionsWorkflowRunStatusEmail(repo *repo_model.Repository, run *actions_model.ActionRun) string {
+	return fmt.Sprintf("<%s/actions/runs/%d@%s>", repo.FullName(), run.Index, setting.Domain)
+}
+
+func composeAndSendActionsWorkflowRunStatusEmail(ctx context.Context, repo *repo_model.Repository, run *actions_model.ActionRun, sender *user_model.User, recipients []*user_model.User) {
+	subject := "Run"
+	switch run.Status {
+	case actions_model.StatusFailure:
+		subject += " failed"
+	case actions_model.StatusCancelled:
+		subject += " cancelled"
+	case actions_model.StatusSuccess:
+		subject += " succeeded"
+	}
+	subject = fmt.Sprintf("%s: %s (%s)", subject, run.WorkflowID, base.ShortSha(run.CommitSHA))
+	displayName := fromDisplayName(sender)
+	messageID := generateMessageIDForActionsWorkflowRunStatusEmail(repo, run)
+	metadataHeaders := generateMetadataHeaders(repo)
+
+	jobs, err := actions_model.GetRunJobsByRunID(ctx, run.ID)
+	if err != nil {
+		log.Error("GetRunJobsByRunID: %v", err)
+		return
+	}
+	sort.SliceStable(jobs, func(i, j int) bool {
+		si, sj := jobs[i].Status, jobs[j].Status
+		/*
+			If both i and j are/are not success, leave it to si < sj.
+			If i is success and j is not, since the desired is j goes "smaller" and i goes "bigger", this func should return false.
+			If j is success and i is not, since the desired is i goes "smaller" and j goes "bigger", this func should return true.
+		*/
+		if si.IsSuccess() != sj.IsSuccess() {
+			return !si.IsSuccess()
+		}
+		return si < sj
+	})
+
+	convertedJobs := make([]convertedWorkflowJob, 0, len(jobs))
+	for _, job := range jobs {
+		converted0, err := convert.ToActionWorkflowJob(ctx, repo, nil, job)
+		if err != nil {
+			log.Error("convert.ToActionWorkflowJob: %v", err)
+			continue
+		}
+		convertedJobs = append(convertedJobs, convertedWorkflowJob{
+			HTMLURL: converted0.HTMLURL,
+			Name:    converted0.Name,
+			Status:  job.Status,
+			Attempt: converted0.RunAttempt,
+		})
+	}
+
+	langMap := make(map[string][]*user_model.User)
+	for _, user := range recipients {
+		langMap[user.Language] = append(langMap[user.Language], user)
+	}
+	for lang, tos := range langMap {
+		locale := translation.NewLocale(lang)
+		var runStatusText string
+		switch run.Status {
+		case actions_model.StatusSuccess:
+			runStatusText = "All jobs have succeeded"
+		case actions_model.StatusFailure:
+			runStatusText = "All jobs have failed"
+			for _, job := range jobs {
+				if !job.Status.IsFailure() {
+					runStatusText = "Some jobs were not successful"
+					break
+				}
+			}
+		case actions_model.StatusCancelled:
+			runStatusText = "All jobs have been cancelled"
+		}
+		var mailBody bytes.Buffer
+		if err := LoadedTemplates().BodyTemplates.ExecuteTemplate(&mailBody, tplWorkflowRun, map[string]any{
+			"Subject":       subject,
+			"Repo":          repo,
+			"Run":           run,
+			"RunStatusText": runStatusText,
+			"Jobs":          convertedJobs,
+			"locale":        locale,
+		}); err != nil {
+			log.Error("ExecuteTemplate [%s]: %v", tplWorkflowRun, err)
+			return
+		}
+		msgs := make([]*sender_service.Message, 0, len(tos))
+		for _, rec := range tos {
+			msg := sender_service.NewMessageFrom(
+				rec.Email,
+				displayName,
+				setting.MailService.FromEmail,
+				subject,
+				mailBody.String(),
+			)
+			msg.Info = subject
+			for k, v := range generateSenderRecipientHeaders(sender, rec) {
+				msg.SetHeader(k, v)
+			}
+			for k, v := range metadataHeaders {
+				msg.SetHeader(k, v)
+			}
+			msg.SetHeader("Message-ID", messageID)
+			msgs = append(msgs, msg)
+		}
+		SendAsync(msgs...)
+	}
+}
+
+func MailActionsTrigger(ctx context.Context, sender *user_model.User, repo *repo_model.Repository, run *actions_model.ActionRun) {
+	if setting.MailService == nil {
+		return
+	}
+	if run.Status.IsSkipped() {
+		return
+	}
+
+	recipients := make([]*user_model.User, 0)
+
+	if !sender.IsGiteaActions() && !sender.IsGhost() && sender.IsMailable() {
+		notifyPref, err := user_model.GetUserSetting(ctx, sender.ID,
+			user_model.SettingsKeyEmailNotificationGiteaActions, user_model.SettingEmailNotificationGiteaActionsFailureOnly)
+		if err != nil {
+			log.Error("GetUserSetting: %v", err)
+			return
+		}
+		if notifyPref == user_model.SettingEmailNotificationGiteaActionsAll || !run.Status.IsSuccess() && notifyPref != user_model.SettingEmailNotificationGiteaActionsDisabled {
+			recipients = append(recipients, sender)
+		}
+	}
+
+	if len(recipients) > 0 {
+		composeAndSendActionsWorkflowRunStatusEmail(ctx, repo, run, sender, recipients)
+	}
+}
diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go
index bcd4facca9..db00aac4f1 100644
--- a/services/mailer/mailer.go
+++ b/services/mailer/mailer.go
@@ -43,7 +43,7 @@ func NewContext(ctx context.Context) {
 		sender = &sender_service.SMTPSender{}
 	}
 
-	subjectTemplates, bodyTemplates = templates.Mailer(ctx)
+	templates.LoadMailTemplates(ctx, &loadedTemplates)
 
 	mailQueue = queue.CreateSimpleQueue(graceful.GetManager().ShutdownContext(), "mail", func(items ...*sender_service.Message) []*sender_service.Message {
 		for _, msg := range items {
diff --git a/services/mailer/notify.go b/services/mailer/notify.go
index a27177e8f5..c008685e13 100644
--- a/services/mailer/notify.go
+++ b/services/mailer/notify.go
@@ -7,6 +7,7 @@ import (
 	"context"
 	"fmt"
 
+	actions_model "code.gitea.io/gitea/models/actions"
 	activities_model "code.gitea.io/gitea/models/activities"
 	issues_model "code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -31,15 +32,16 @@ func (m *mailNotifier) CreateIssueComment(ctx context.Context, doer *user_model.
 	issue *issues_model.Issue, comment *issues_model.Comment, mentions []*user_model.User,
 ) {
 	var act activities_model.ActionType
-	if comment.Type == issues_model.CommentTypeClose {
+	switch comment.Type {
+	case issues_model.CommentTypeClose:
 		act = activities_model.ActionCloseIssue
-	} else if comment.Type == issues_model.CommentTypeReopen {
+	case issues_model.CommentTypeReopen:
 		act = activities_model.ActionReopenIssue
-	} else if comment.Type == issues_model.CommentTypeComment {
+	case issues_model.CommentTypeComment:
 		act = activities_model.ActionCommentIssue
-	} else if comment.Type == issues_model.CommentTypeCode {
+	case issues_model.CommentTypeCode:
 		act = activities_model.ActionCommentIssue
-	} else if comment.Type == issues_model.CommentTypePullRequestPush {
+	case issues_model.CommentTypePullRequestPush:
 		act = 0
 	}
 
@@ -95,11 +97,12 @@ func (m *mailNotifier) NewPullRequest(ctx context.Context, pr *issues_model.Pull
 
 func (m *mailNotifier) PullRequestReview(ctx context.Context, pr *issues_model.PullRequest, r *issues_model.Review, comment *issues_model.Comment, mentions []*user_model.User) {
 	var act activities_model.ActionType
-	if comment.Type == issues_model.CommentTypeClose {
+	switch comment.Type {
+	case issues_model.CommentTypeClose:
 		act = activities_model.ActionCloseIssue
-	} else if comment.Type == issues_model.CommentTypeReopen {
+	case issues_model.CommentTypeReopen:
 		act = activities_model.ActionReopenIssue
-	} else if comment.Type == issues_model.CommentTypeComment {
+	case issues_model.CommentTypeComment:
 		act = activities_model.ActionCommentPull
 	}
 	if err := MailParticipantsComment(ctx, comment, act, pr.Issue, mentions); err != nil {
@@ -203,3 +206,10 @@ func (m *mailNotifier) RepoPendingTransfer(ctx context.Context, doer, newOwner *
 		log.Error("SendRepoTransferNotifyMail: %v", err)
 	}
 }
+
+func (m *mailNotifier) WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun) {
+	if !run.Status.IsDone() {
+		return
+	}
+	MailActionsTrigger(ctx, sender, repo, run)
+}
diff --git a/services/mailer/sender/message_test.go b/services/mailer/sender/message_test.go
index 63d0bc349a..ae153ebf05 100644
--- a/services/mailer/sender/message_test.go
+++ b/services/mailer/sender/message_test.go
@@ -108,9 +108,9 @@ func extractMailHeaderAndContent(t *testing.T, mail string) (map[string]string,
 	}
 	content := strings.TrimSpace("boundary=" + parts[1])
 
-	hParts := strings.Split(parts[0], "\n")
+	hParts := strings.SplitSeq(parts[0], "\n")
 
-	for _, hPart := range hParts {
+	for hPart := range hParts {
 		parts := strings.SplitN(hPart, ":", 2)
 		hk := strings.TrimSpace(parts[0])
 		if hk != "" {
diff --git a/services/mailer/sender/smtp.go b/services/mailer/sender/smtp.go
index c53c3da997..8dc1b40b74 100644
--- a/services/mailer/sender/smtp.go
+++ b/services/mailer/sender/smtp.go
@@ -5,6 +5,7 @@ package sender
 
 import (
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"io"
 	"net"
@@ -99,7 +100,7 @@ func (s *SMTPSender) Send(from string, to []string, msg io.WriterTo) error {
 	canAuth, options := client.Extension("AUTH")
 	if len(opts.User) > 0 {
 		if !canAuth {
-			return fmt.Errorf("SMTP server does not support AUTH, but credentials provided")
+			return errors.New("SMTP server does not support AUTH, but credentials provided")
 		}
 
 		var auth smtp.Auth
diff --git a/services/mailer/sender/smtp_auth.go b/services/mailer/sender/smtp_auth.go
index 260b12437b..c60e0dbfbb 100644
--- a/services/mailer/sender/smtp_auth.go
+++ b/services/mailer/sender/smtp_auth.go
@@ -4,6 +4,7 @@
 package sender
 
 import (
+	"errors"
 	"fmt"
 
 	"github.com/Azure/go-ntlmssp"
@@ -60,7 +61,7 @@ func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
 func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) {
 	if more {
 		if len(fromServer) == 0 {
-			return nil, fmt.Errorf("ntlm ChallengeMessage is empty")
+			return nil, errors.New("ntlm ChallengeMessage is empty")
 		}
 		authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded)
 		return authenticateMessage, err
diff --git a/services/markup/renderhelper_codepreview.go b/services/markup/renderhelper_codepreview.go
index d638af7ff0..fa1eb824a2 100644
--- a/services/markup/renderhelper_codepreview.go
+++ b/services/markup/renderhelper_codepreview.go
@@ -6,7 +6,7 @@ package markup
 import (
 	"bufio"
 	"context"
-	"fmt"
+	"errors"
 	"html/template"
 	"strings"
 
@@ -14,13 +14,13 @@ import (
 	"code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/charset"
+	"code.gitea.io/gitea/modules/git/languagestats"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/indexer/code"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 	gitea_context "code.gitea.io/gitea/services/context"
-	"code.gitea.io/gitea/services/repository/files"
 )
 
 func renderRepoFileCodePreview(ctx context.Context, opts markup.RenderCodePreviewOptions) (template.HTML, error) {
@@ -38,7 +38,7 @@ func renderRepoFileCodePreview(ctx context.Context, opts markup.RenderCodePrevie
 
 	webCtx := gitea_context.GetWebContext(ctx)
 	if webCtx == nil {
-		return "", fmt.Errorf("context is not a web context")
+		return "", errors.New("context is not a web context")
 	}
 	doer := webCtx.Doer
 
@@ -61,14 +61,14 @@ func renderRepoFileCodePreview(ctx context.Context, opts markup.RenderCodePrevie
 		return "", err
 	}
 
-	language, _ := files.TryGetContentLanguage(gitRepo, opts.CommitID, opts.FilePath)
+	language, _ := languagestats.GetFileLanguage(ctx, gitRepo, opts.CommitID, opts.FilePath)
 	blob, err := commit.GetBlobByPath(opts.FilePath)
 	if err != nil {
 		return "", err
 	}
 
 	if blob.Size() > setting.UI.MaxDisplayFileSize {
-		return "", fmt.Errorf("file is too large")
+		return "", errors.New("file is too large")
 	}
 
 	dataRc, err := blob.DataAsync()
diff --git a/services/markup/renderhelper_issueicontitle.go b/services/markup/renderhelper_issueicontitle.go
index fd8f9d43fa..27b5595fa9 100644
--- a/services/markup/renderhelper_issueicontitle.go
+++ b/services/markup/renderhelper_issueicontitle.go
@@ -5,6 +5,7 @@ package markup
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"html/template"
 
@@ -20,7 +21,7 @@ import (
 func renderRepoIssueIconTitle(ctx context.Context, opts markup.RenderIssueIconTitleOptions) (_ template.HTML, err error) {
 	webCtx := gitea_context.GetWebContext(ctx)
 	if webCtx == nil {
-		return "", fmt.Errorf("context is not a web context")
+		return "", errors.New("context is not a web context")
 	}
 
 	textIssueIndex := fmt.Sprintf("(#%d)", opts.IssueIndex)
diff --git a/services/markup/renderhelper_mention_test.go b/services/markup/renderhelper_mention_test.go
index d05fbb6fba..d54ab13a48 100644
--- a/services/markup/renderhelper_mention_test.go
+++ b/services/markup/renderhelper_mention_test.go
@@ -37,7 +37,7 @@ func TestRenderHelperMention(t *testing.T) {
 	assert.False(t, FormalRenderHelperFuncs().IsUsernameMentionable(t.Context(), userNoSuch))
 
 	// when using web context, use user.IsUserVisibleToViewer to check
-	req, err := http.NewRequest("GET", "/", nil)
+	req, err := http.NewRequest(http.MethodGet, "/", nil)
 	assert.NoError(t, err)
 	base := gitea_context.NewBaseContextForTest(httptest.NewRecorder(), req)
 	giteaCtx := gitea_context.NewWebContext(base, &contexttest.MockRender{}, nil)
diff --git a/services/migrations/codebase.go b/services/migrations/codebase.go
index 880dd21497..240c7bcdc9 100644
--- a/services/migrations/codebase.go
+++ b/services/migrations/codebase.go
@@ -134,7 +134,7 @@ func (d *CodebaseDownloader) callAPI(ctx context.Context, endpoint string, param
 		u.RawQuery = query.Encode()
 	}
 
-	req, err := http.NewRequestWithContext(ctx, "GET", u.String(), nil)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, u.String(), nil)
 	if err != nil {
 		return err
 	}
diff --git a/services/migrations/codecommit.go b/services/migrations/codecommit.go
index c45f9e5943..d08b2e6d4a 100644
--- a/services/migrations/codecommit.go
+++ b/services/migrations/codecommit.go
@@ -5,7 +5,7 @@ package migrations
 
 import (
 	"context"
-	"fmt"
+	"errors"
 	"net/url"
 	"strconv"
 	"strings"
@@ -42,13 +42,13 @@ func (c *CodeCommitDownloaderFactory) New(ctx context.Context, opts base.Migrate
 
 	hostElems := strings.Split(u.Host, ".")
 	if len(hostElems) != 4 {
-		return nil, fmt.Errorf("cannot get the region from clone URL")
+		return nil, errors.New("cannot get the region from clone URL")
 	}
 	region := hostElems[1]
 
 	pathElems := strings.Split(u.Path, "/")
 	if len(pathElems) == 0 {
-		return nil, fmt.Errorf("cannot get the repo name from clone URL")
+		return nil, errors.New("cannot get the repo name from clone URL")
 	}
 	repoName := pathElems[len(pathElems)-1]
 
@@ -155,10 +155,7 @@ func (c *CodeCommitDownloader) GetPullRequests(ctx context.Context, page, perPag
 	}
 
 	startIndex := (page - 1) * perPage
-	endIndex := page * perPage
-	if endIndex > len(allPullRequestIDs) {
-		endIndex = len(allPullRequestIDs)
-	}
+	endIndex := min(page*perPage, len(allPullRequestIDs))
 	batch := allPullRequestIDs[startIndex:endIndex]
 
 	prs := make([]*base.PullRequest, 0, len(batch))
@@ -180,11 +177,15 @@ func (c *CodeCommitDownloader) GetPullRequests(ctx context.Context, page, perPag
 			continue
 		}
 		target := orig.PullRequestTargets[0]
+		description := ""
+		if orig.Description != nil {
+			description = *orig.Description
+		}
 		pr := &base.PullRequest{
 			Number:     number,
 			Title:      *orig.Title,
 			PosterName: c.getUsernameFromARN(*orig.AuthorArn),
-			Content:    *orig.Description,
+			Content:    description,
 			State:      "open",
 			Created:    *orig.CreationDate,
 			Updated:    *orig.LastActivityDate,
@@ -206,6 +207,10 @@ func (c *CodeCommitDownloader) GetPullRequests(ctx context.Context, page, perPag
 			pr.State = "closed"
 			pr.Closed = orig.LastActivityDate
 		}
+		if pr.Merged {
+			pr.MergeCommitSHA = *target.MergeMetadata.MergeCommitId
+			pr.MergedTime = orig.LastActivityDate
+		}
 
 		_ = CheckAndEnsureSafePR(pr, c.baseURL, c)
 		prs = append(prs, pr)
diff --git a/services/migrations/dump.go b/services/migrations/dump.go
index b4ca1e41e0..8edd567b08 100644
--- a/services/migrations/dump.go
+++ b/services/migrations/dump.go
@@ -488,7 +488,7 @@ func (g *RepositoryDumper) handlePullRequest(ctx context.Context, pr *base.PullR
 	if pr.Head.CloneURL == "" || pr.Head.Ref == "" {
 		// Set head information if pr.Head.SHA is available
 		if pr.Head.SHA != "" {
-			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
+			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
 			if err != nil {
 				log.Error("PR #%d in %s/%s unable to update-ref for pr HEAD: %v", pr.Number, g.repoOwner, g.repoName, err)
 			}
@@ -518,7 +518,7 @@ func (g *RepositoryDumper) handlePullRequest(ctx context.Context, pr *base.PullR
 	if !ok {
 		// Set head information if pr.Head.SHA is available
 		if pr.Head.SHA != "" {
-			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
+			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
 			if err != nil {
 				log.Error("PR #%d in %s/%s unable to update-ref for pr HEAD: %v", pr.Number, g.repoOwner, g.repoName, err)
 			}
@@ -577,7 +577,7 @@ func (g *RepositoryDumper) handlePullRequest(ctx context.Context, pr *base.PullR
 		pr.Head.SHA = headSha
 	}
 	if pr.Head.SHA != "" {
-		_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
+		_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.gitPath()})
 		if err != nil {
 			log.Error("unable to set %s as the local head for PR #%d from %s in %s/%s. Error: %v", pr.Head.SHA, pr.Number, pr.Head.Ref, g.repoOwner, g.repoName, err)
 		}
diff --git a/services/migrations/error.go b/services/migrations/error.go
index c7d912f50b..9b470149bf 100644
--- a/services/migrations/error.go
+++ b/services/migrations/error.go
@@ -7,7 +7,7 @@ package migrations
 import (
 	"errors"
 
-	"github.com/google/go-github/v61/github"
+	"github.com/google/go-github/v71/github"
 )
 
 // ErrRepoNotCreated returns the error that repository not created
diff --git a/services/migrations/gitea_downloader.go b/services/migrations/gitea_downloader.go
index f92f318293..5d48d2f003 100644
--- a/services/migrations/gitea_downloader.go
+++ b/services/migrations/gitea_downloader.go
@@ -298,7 +298,7 @@ func (g *GiteaDownloader) convertGiteaRelease(rel *gitea_sdk.Release) *base.Rele
 				}
 
 				// FIXME: for a private download?
-				req, err := http.NewRequest("GET", assetDownloadURL, nil)
+				req, err := http.NewRequest(http.MethodGet, assetDownloadURL, nil)
 				if err != nil {
 					return nil, err
 				}
diff --git a/services/migrations/gitea_downloader_test.go b/services/migrations/gitea_downloader_test.go
index da56120065..bb1760e889 100644
--- a/services/migrations/gitea_downloader_test.go
+++ b/services/migrations/gitea_downloader_test.go
@@ -47,7 +47,7 @@ func TestGiteaDownloadRepo(t *testing.T) {
 	topics, err := downloader.GetTopics(ctx)
 	assert.NoError(t, err)
 	sort.Strings(topics)
-	assert.EqualValues(t, []string{"ci", "gitea", "migration", "test"}, topics)
+	assert.Equal(t, []string{"ci", "gitea", "migration", "test"}, topics)
 
 	labels, err := downloader.GetLabels(ctx)
 	assert.NoError(t, err)
@@ -134,7 +134,7 @@ func TestGiteaDownloadRepo(t *testing.T) {
 	assert.NoError(t, err)
 	assert.True(t, isEnd)
 	assert.Len(t, issues, 7)
-	assert.EqualValues(t, "open", issues[0].State)
+	assert.Equal(t, "open", issues[0].State)
 
 	issues, isEnd, err = downloader.GetIssues(ctx, 3, 2)
 	assert.NoError(t, err)
diff --git a/services/migrations/gitea_uploader.go b/services/migrations/gitea_uploader.go
index b17cc3ce41..75eb06d01f 100644
--- a/services/migrations/gitea_uploader.go
+++ b/services/migrations/gitea_uploader.go
@@ -107,7 +107,7 @@ func (g *GiteaLocalUploader) CreateRepo(ctx context.Context, repo *base.Reposito
 			IsPrivate:      opts.Private || setting.Repository.ForcePrivate,
 			IsMirror:       opts.Mirror,
 			Status:         repo_model.RepositoryBeingMigrated,
-		})
+		}, false)
 	} else {
 		r, err = repo_model.GetRepositoryByID(ctx, opts.MigrateToRepoID)
 	}
@@ -148,7 +148,7 @@ func (g *GiteaLocalUploader) CreateRepo(ctx context.Context, repo *base.Reposito
 		return err
 	}
 	g.repo.ObjectFormatName = objectFormat.Name()
-	return repo_model.UpdateRepositoryCols(ctx, g.repo, "object_format_name")
+	return repo_model.UpdateRepositoryColsNoAutoTime(ctx, g.repo, "object_format_name")
 }
 
 // Close closes this uploader
@@ -556,7 +556,7 @@ func (g *GiteaLocalUploader) CreatePullRequests(ctx context.Context, prs ...*bas
 	}
 	for _, pr := range gprs {
 		g.issues[pr.Issue.Index] = pr.Issue
-		pull.AddToTaskQueue(ctx, pr)
+		pull.StartPullRequestCheckImmediately(ctx, pr)
 	}
 	return nil
 }
@@ -681,7 +681,7 @@ func (g *GiteaLocalUploader) updateGitForPullRequest(ctx context.Context, pr *ba
 			pr.Head.SHA = headSha
 		}
 
-		_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.repo.RepoPath()})
+		_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.repo.RepoPath()})
 		if err != nil {
 			return "", err
 		}
@@ -701,10 +701,10 @@ func (g *GiteaLocalUploader) updateGitForPullRequest(ctx context.Context, pr *ba
 		_, _, err = git.NewCommand("rev-list", "--quiet", "-1").AddDynamicArguments(pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.repo.RepoPath()})
 		if err != nil {
 			// Git update-ref remove bad references with a relative path
-			log.Warn("Deprecated local head %s for PR #%d in %s/%s, removing  %s", pr.Head.SHA, pr.Number, g.repoOwner, g.repoName, pr.GetGitRefName())
+			log.Warn("Deprecated local head %s for PR #%d in %s/%s, removing  %s", pr.Head.SHA, pr.Number, g.repoOwner, g.repoName, pr.GetGitHeadRefName())
 		} else {
 			// set head information
-			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.repo.RepoPath()})
+			_, _, err = git.NewCommand("update-ref", "--no-deref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.Head.SHA).RunStdString(ctx, &git.RunOpts{Dir: g.repo.RepoPath()})
 			if err != nil {
 				log.Error("unable to set %s as the local head for PR #%d from %s in %s/%s. Error: %v", pr.Head.SHA, pr.Number, pr.Head.Ref, g.repoOwner, g.repoName, err)
 			}
@@ -765,7 +765,7 @@ func (g *GiteaLocalUploader) newPullRequest(ctx context.Context, pr *base.PullRe
 	issue := issues_model.Issue{
 		RepoID:      g.repo.ID,
 		Repo:        g.repo,
-		Title:       prTitle,
+		Title:       util.TruncateRunes(prTitle, 255),
 		Index:       pr.Number,
 		Content:     pr.Content,
 		MilestoneID: milestoneID,
@@ -880,9 +880,9 @@ func (g *GiteaLocalUploader) CreateReviews(ctx context.Context, reviews ...*base
 			continue
 		}
 
-		headCommitID, err := g.gitRepo.GetRefCommitID(pr.GetGitRefName())
+		headCommitID, err := g.gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
-			log.Warn("PR #%d GetRefCommitID[%s] in %s/%s: %v, all review comments will be ignored", pr.Index, pr.GetGitRefName(), g.repoOwner, g.repoName, err)
+			log.Warn("PR #%d GetRefCommitID[%s] in %s/%s: %v, all review comments will be ignored", pr.Index, pr.GetGitHeadRefName(), g.repoOwner, g.repoName, err)
 			continue
 		}
 
@@ -975,7 +975,7 @@ func (g *GiteaLocalUploader) Finish(ctx context.Context) error {
 	}
 
 	g.repo.Status = repo_model.RepositoryReady
-	return repo_model.UpdateRepositoryCols(ctx, g.repo, "status")
+	return repo_model.UpdateRepositoryColsWithAutoTime(ctx, g.repo, "status")
 }
 
 func (g *GiteaLocalUploader) remapUser(ctx context.Context, source user_model.ExternalUserMigrated, target user_model.ExternalUserRemappable) error {
@@ -1017,7 +1017,7 @@ func (g *GiteaLocalUploader) remapLocalUser(ctx context.Context, source user_mod
 func (g *GiteaLocalUploader) remapExternalUser(ctx context.Context, source user_model.ExternalUserMigrated) (userid int64, err error) {
 	userid, ok := g.userMap[source.GetExternalID()]
 	if !ok {
-		userid, err = user_model.GetUserIDByExternalUserID(ctx, g.gitServiceType.Name(), fmt.Sprintf("%d", source.GetExternalID()))
+		userid, err = user_model.GetUserIDByExternalUserID(ctx, g.gitServiceType.Name(), strconv.FormatInt(source.GetExternalID(), 10))
 		if err != nil {
 			log.Error("GetUserIDByExternalUserID: %v", err)
 			return 0, err
diff --git a/services/migrations/gitea_uploader_test.go b/services/migrations/gitea_uploader_test.go
index f52d4157c8..1970c0550c 100644
--- a/services/migrations/gitea_uploader_test.go
+++ b/services/migrations/gitea_uploader_test.go
@@ -64,7 +64,7 @@ func TestGiteaUploadRepo(t *testing.T) {
 
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: user.ID, Name: repoName})
 	assert.True(t, repo.HasWiki())
-	assert.EqualValues(t, repo_model.RepositoryReady, repo.Status)
+	assert.Equal(t, repo_model.RepositoryReady, repo.Status)
 
 	milestones, err := db.Find[issues_model.Milestone](db.DefaultContext, issues_model.FindMilestoneOptions{
 		RepoID:   repo.ID,
@@ -152,7 +152,7 @@ func TestGiteaUploadRemapLocalUser(t *testing.T) {
 	uploader.userMap = make(map[int64]int64)
 	err := uploader.remapUser(ctx, &source, &target)
 	assert.NoError(t, err)
-	assert.EqualValues(t, doer.ID, target.GetUserID())
+	assert.Equal(t, doer.ID, target.GetUserID())
 
 	//
 	// The externalID matches a known user but the name does not match,
@@ -163,7 +163,7 @@ func TestGiteaUploadRemapLocalUser(t *testing.T) {
 	uploader.userMap = make(map[int64]int64)
 	err = uploader.remapUser(ctx, &source, &target)
 	assert.NoError(t, err)
-	assert.EqualValues(t, doer.ID, target.GetUserID())
+	assert.Equal(t, doer.ID, target.GetUserID())
 
 	//
 	// The externalID and externalName match an existing user, everything
@@ -174,7 +174,7 @@ func TestGiteaUploadRemapLocalUser(t *testing.T) {
 	uploader.userMap = make(map[int64]int64)
 	err = uploader.remapUser(ctx, &source, &target)
 	assert.NoError(t, err)
-	assert.EqualValues(t, user.ID, target.GetUserID())
+	assert.Equal(t, user.ID, target.GetUserID())
 }
 
 func TestGiteaUploadRemapExternalUser(t *testing.T) {
@@ -202,7 +202,7 @@ func TestGiteaUploadRemapExternalUser(t *testing.T) {
 	target := repo_model.Release{}
 	err := uploader.remapUser(ctx, &source, &target)
 	assert.NoError(t, err)
-	assert.EqualValues(t, doer.ID, target.GetUserID())
+	assert.Equal(t, doer.ID, target.GetUserID())
 
 	//
 	// Link the external ID to an existing user
@@ -225,7 +225,7 @@ func TestGiteaUploadRemapExternalUser(t *testing.T) {
 	target = repo_model.Release{}
 	err = uploader.remapUser(ctx, &source, &target)
 	assert.NoError(t, err)
-	assert.EqualValues(t, linkedUser.ID, target.GetUserID())
+	assert.Equal(t, linkedUser.ID, target.GetUserID())
 }
 
 func TestGiteaUploadUpdateGitForPullRequest(t *testing.T) {
@@ -239,7 +239,7 @@ func TestGiteaUploadUpdateGitForPullRequest(t *testing.T) {
 	assert.NoError(t, git.InitRepository(git.DefaultContext, fromRepo.RepoPath(), false, fromRepo.ObjectFormatName))
 	err := git.NewCommand("symbolic-ref").AddDynamicArguments("HEAD", git.BranchPrefix+baseRef).Run(git.DefaultContext, &git.RunOpts{Dir: fromRepo.RepoPath()})
 	assert.NoError(t, err)
-	assert.NoError(t, os.WriteFile(filepath.Join(fromRepo.RepoPath(), "README.md"), []byte(fmt.Sprintf("# Testing Repository\n\nOriginally created in: %s", fromRepo.RepoPath())), 0o644))
+	assert.NoError(t, os.WriteFile(filepath.Join(fromRepo.RepoPath(), "README.md"), []byte("# Testing Repository\n\nOriginally created in: "+fromRepo.RepoPath()), 0o644))
 	assert.NoError(t, git.AddChanges(fromRepo.RepoPath(), true))
 	signature := git.Signature{
 		Email: "test@example.com",
@@ -287,7 +287,7 @@ func TestGiteaUploadUpdateGitForPullRequest(t *testing.T) {
 	}))
 	_, _, err = git.NewCommand("checkout", "-b").AddDynamicArguments(forkHeadRef).RunStdString(git.DefaultContext, &git.RunOpts{Dir: forkRepo.RepoPath()})
 	assert.NoError(t, err)
-	assert.NoError(t, os.WriteFile(filepath.Join(forkRepo.RepoPath(), "README.md"), []byte(fmt.Sprintf("# branch2 %s", forkRepo.RepoPath())), 0o644))
+	assert.NoError(t, os.WriteFile(filepath.Join(forkRepo.RepoPath(), "README.md"), []byte("# branch2 "+forkRepo.RepoPath()), 0o644))
 	assert.NoError(t, git.AddChanges(forkRepo.RepoPath(), true))
 	assert.NoError(t, git.CommitChanges(forkRepo.RepoPath(), git.CommitChangesOptions{
 		Committer: &signature,
@@ -508,14 +508,14 @@ func TestGiteaUploadUpdateGitForPullRequest(t *testing.T) {
 
 			head, err := uploader.updateGitForPullRequest(ctx, &testCase.pr)
 			assert.NoError(t, err)
-			assert.EqualValues(t, testCase.head, head)
+			assert.Equal(t, testCase.head, head)
 
 			log.Info(stopMark)
 
 			logFiltered, logStopped := logChecker.Check(5 * time.Second)
 			assert.True(t, logStopped)
 			if len(testCase.logFilter) > 0 {
-				assert.EqualValues(t, testCase.logFiltered, logFiltered, "for log message filters: %v", testCase.logFilter)
+				assert.Equal(t, testCase.logFiltered, logFiltered, "for log message filters: %v", testCase.logFilter)
 			}
 		})
 	}
diff --git a/services/migrations/github.go b/services/migrations/github.go
index b00d6ed27f..c6cd6ea173 100644
--- a/services/migrations/github.go
+++ b/services/migrations/github.go
@@ -20,7 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/proxy"
 	"code.gitea.io/gitea/modules/structs"
 
-	"github.com/google/go-github/v61/github"
+	"github.com/google/go-github/v71/github"
 	"golang.org/x/oauth2"
 )
 
@@ -89,8 +89,8 @@ func NewGithubDownloaderV3(_ context.Context, baseURL, userName, password, token
 	}
 
 	if token != "" {
-		tokens := strings.Split(token, ",")
-		for _, token := range tokens {
+		tokens := strings.SplitSeq(token, ",")
+		for token := range tokens {
 			token = strings.TrimSpace(token)
 			ts := oauth2.StaticTokenSource(
 				&oauth2.Token{AccessToken: token},
@@ -133,7 +133,7 @@ func (g *GithubDownloaderV3) LogString() string {
 func (g *GithubDownloaderV3) addClient(client *http.Client, baseURL string) {
 	githubClient := github.NewClient(client)
 	if baseURL != "https://github.com" {
-		githubClient, _ = github.NewClient(client).WithEnterpriseURLs(baseURL, baseURL)
+		githubClient, _ = githubClient.WithEnterpriseURLs(baseURL, baseURL)
 	}
 	g.clients = append(g.clients, githubClient)
 	g.rates = append(g.rates, nil)
@@ -322,7 +322,10 @@ func (g *GithubDownloaderV3) convertGithubRelease(ctx context.Context, rel *gith
 	httpClient := NewMigrationHTTPClient()
 
 	for _, asset := range rel.Assets {
-		assetID := *asset.ID // Don't optimize this, for closure we need a local variable
+		assetID := asset.GetID() // Don't optimize this, for closure we need a local variable TODO: no need to do so in new Golang
+		if assetID == 0 {
+			continue
+		}
 		r.Assets = append(r.Assets, &base.ReleaseAsset{
 			ID:            asset.GetID(),
 			Name:          asset.GetName(),
@@ -358,7 +361,7 @@ func (g *GithubDownloaderV3) convertGithubRelease(ctx context.Context, rel *gith
 				}
 
 				g.waitAndPickClient(ctx)
-				req, err := http.NewRequestWithContext(ctx, "GET", redirectURL, nil)
+				req, err := http.NewRequestWithContext(ctx, http.MethodGet, redirectURL, nil)
 				if err != nil {
 					return nil, err
 				}
@@ -441,9 +444,11 @@ func (g *GithubDownloaderV3) GetIssues(ctx context.Context, page, perPage int) (
 		if !g.SkipReactions {
 			for i := 1; ; i++ {
 				g.waitAndPickClient(ctx)
-				res, resp, err := g.getClient().Reactions.ListIssueReactions(ctx, g.repoOwner, g.repoName, issue.GetNumber(), &github.ListOptions{
-					Page:    i,
-					PerPage: perPage,
+				res, resp, err := g.getClient().Reactions.ListIssueReactions(ctx, g.repoOwner, g.repoName, issue.GetNumber(), &github.ListReactionOptions{
+					ListOptions: github.ListOptions{
+						Page:    i,
+						PerPage: perPage,
+					},
 				})
 				if err != nil {
 					return nil, false, err
@@ -527,9 +532,11 @@ func (g *GithubDownloaderV3) getComments(ctx context.Context, commentable base.C
 			if !g.SkipReactions {
 				for i := 1; ; i++ {
 					g.waitAndPickClient(ctx)
-					res, resp, err := g.getClient().Reactions.ListIssueCommentReactions(ctx, g.repoOwner, g.repoName, comment.GetID(), &github.ListOptions{
-						Page:    i,
-						PerPage: g.maxPerPage,
+					res, resp, err := g.getClient().Reactions.ListIssueCommentReactions(ctx, g.repoOwner, g.repoName, comment.GetID(), &github.ListReactionOptions{
+						ListOptions: github.ListOptions{
+							Page:    i,
+							PerPage: g.maxPerPage,
+						},
 					})
 					if err != nil {
 						return nil, err
@@ -602,9 +609,11 @@ func (g *GithubDownloaderV3) GetAllComments(ctx context.Context, page, perPage i
 		if !g.SkipReactions {
 			for i := 1; ; i++ {
 				g.waitAndPickClient(ctx)
-				res, resp, err := g.getClient().Reactions.ListIssueCommentReactions(ctx, g.repoOwner, g.repoName, comment.GetID(), &github.ListOptions{
-					Page:    i,
-					PerPage: g.maxPerPage,
+				res, resp, err := g.getClient().Reactions.ListIssueCommentReactions(ctx, g.repoOwner, g.repoName, comment.GetID(), &github.ListReactionOptions{
+					ListOptions: github.ListOptions{
+						Page:    i,
+						PerPage: g.maxPerPage,
+					},
 				})
 				if err != nil {
 					return nil, false, err
@@ -673,9 +682,11 @@ func (g *GithubDownloaderV3) GetPullRequests(ctx context.Context, page, perPage
 		if !g.SkipReactions {
 			for i := 1; ; i++ {
 				g.waitAndPickClient(ctx)
-				res, resp, err := g.getClient().Reactions.ListIssueReactions(ctx, g.repoOwner, g.repoName, pr.GetNumber(), &github.ListOptions{
-					Page:    i,
-					PerPage: perPage,
+				res, resp, err := g.getClient().Reactions.ListIssueReactions(ctx, g.repoOwner, g.repoName, pr.GetNumber(), &github.ListReactionOptions{
+					ListOptions: github.ListOptions{
+						Page:    i,
+						PerPage: perPage,
+					},
 				})
 				if err != nil {
 					return nil, false, err
@@ -760,9 +771,11 @@ func (g *GithubDownloaderV3) convertGithubReviewComments(ctx context.Context, cs
 		if !g.SkipReactions {
 			for i := 1; ; i++ {
 				g.waitAndPickClient(ctx)
-				res, resp, err := g.getClient().Reactions.ListPullRequestCommentReactions(ctx, g.repoOwner, g.repoName, c.GetID(), &github.ListOptions{
-					Page:    i,
-					PerPage: g.maxPerPage,
+				res, resp, err := g.getClient().Reactions.ListPullRequestCommentReactions(ctx, g.repoOwner, g.repoName, c.GetID(), &github.ListReactionOptions{
+					ListOptions: github.ListOptions{
+						Page:    i,
+						PerPage: g.maxPerPage,
+					},
 				})
 				if err != nil {
 					return nil, err
@@ -872,3 +885,18 @@ func (g *GithubDownloaderV3) GetReviews(ctx context.Context, reviewable base.Rev
 	}
 	return allReviews, nil
 }
+
+// FormatCloneURL add authentication into remote URLs
+func (g *GithubDownloaderV3) FormatCloneURL(opts MigrateOptions, remoteAddr string) (string, error) {
+	u, err := url.Parse(remoteAddr)
+	if err != nil {
+		return "", err
+	}
+	if len(opts.AuthToken) > 0 {
+		// "multiple tokens" are used to benefit more "API rate limit quota"
+		// git clone doesn't count for rate limits, so only use the first token.
+		// source: https://github.com/orgs/community/discussions/44515
+		u.User = url.UserPassword("oauth2", strings.Split(opts.AuthToken, ",")[0])
+	}
+	return u.String(), nil
+}
diff --git a/services/migrations/github_test.go b/services/migrations/github_test.go
index 2625fb62ec..6d1a5378b9 100644
--- a/services/migrations/github_test.go
+++ b/services/migrations/github_test.go
@@ -12,6 +12,7 @@ import (
 	base "code.gitea.io/gitea/modules/migration"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestGitHubDownloadRepo(t *testing.T) {
@@ -429,3 +430,36 @@ func TestGitHubDownloadRepo(t *testing.T) {
 		},
 	}, reviews)
 }
+
+func TestGithubMultiToken(t *testing.T) {
+	testCases := []struct {
+		desc             string
+		token            string
+		expectedCloneURL string
+	}{
+		{
+			desc:             "Single Token",
+			token:            "single_token",
+			expectedCloneURL: "https://oauth2:single_token@github.com",
+		},
+		{
+			desc:             "Multi Token",
+			token:            "token1,token2",
+			expectedCloneURL: "https://oauth2:token1@github.com",
+		},
+	}
+	factory := GithubDownloaderV3Factory{}
+
+	for _, tC := range testCases {
+		t.Run(tC.desc, func(t *testing.T) {
+			opts := base.MigrateOptions{CloneAddr: "https://github.com/go-gitea/gitea", AuthToken: tC.token}
+			client, err := factory.New(t.Context(), opts)
+			require.NoError(t, err)
+
+			cloneURL, err := client.FormatCloneURL(opts, "https://github.com")
+			require.NoError(t, err)
+
+			assert.Equal(t, tC.expectedCloneURL, cloneURL)
+		})
+	}
+}
diff --git a/services/migrations/gitlab.go b/services/migrations/gitlab.go
index efc5b960cf..a19a04bc44 100644
--- a/services/migrations/gitlab.go
+++ b/services/migrations/gitlab.go
@@ -16,6 +16,7 @@ import (
 	"time"
 
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/log"
 	base "code.gitea.io/gitea/modules/migration"
@@ -340,7 +341,7 @@ func (g *GitlabDownloader) convertGitlabRelease(ctx context.Context, rel *gitlab
 					return io.NopCloser(strings.NewReader(link.URL)), nil
 				}
 
-				req, err := http.NewRequest("GET", link.URL, nil)
+				req, err := http.NewRequest(http.MethodGet, link.URL, nil)
 				if err != nil {
 					return nil, err
 				}
@@ -535,11 +536,15 @@ func (g *GitlabDownloader) GetComments(ctx context.Context, commentable base.Com
 		}
 
 		for _, stateEvent := range stateEvents {
+			posterUserID, posterUsername := user.GhostUserID, user.GhostUserName
+			if stateEvent.User != nil {
+				posterUserID, posterUsername = int64(stateEvent.User.ID), stateEvent.User.Username
+			}
 			comment := &base.Comment{
 				IssueIndex: commentable.GetLocalIndex(),
 				Index:      int64(stateEvent.ID),
-				PosterID:   int64(stateEvent.User.ID),
-				PosterName: stateEvent.User.Username,
+				PosterID:   posterUserID,
+				PosterName: posterUsername,
 				Content:    "",
 				Created:    *stateEvent.CreatedAt,
 			}
diff --git a/services/migrations/gitlab_test.go b/services/migrations/gitlab_test.go
index 52f5827dfe..73a1b6a276 100644
--- a/services/migrations/gitlab_test.go
+++ b/services/migrations/gitlab_test.go
@@ -50,7 +50,7 @@ func TestGitlabDownloadRepo(t *testing.T) {
 	topics, err := downloader.GetTopics(ctx)
 	assert.NoError(t, err)
 	assert.Len(t, topics, 2)
-	assert.EqualValues(t, []string{"migration", "test"}, topics)
+	assert.Equal(t, []string{"migration", "test"}, topics)
 
 	milestones, err := downloader.GetMilestones(ctx)
 	assert.NoError(t, err)
@@ -501,7 +501,7 @@ func TestAwardsToReactions(t *testing.T) {
 	assert.NoError(t, json.Unmarshal([]byte(testResponse), &awards))
 
 	reactions := downloader.awardsToReactions(awards)
-	assert.EqualValues(t, []*base.Reaction{
+	assert.Equal(t, []*base.Reaction{
 		{
 			UserName: "lafriks",
 			UserID:   1241334,
@@ -593,7 +593,7 @@ func TestNoteToComment(t *testing.T) {
 
 	for i, note := range notes {
 		actualComment := *downloader.convertNoteToComment(17, &note)
-		assert.EqualValues(t, actualComment, comments[i])
+		assert.Equal(t, actualComment, comments[i])
 	}
 }
 
diff --git a/services/migrations/migrate.go b/services/migrations/migrate.go
index 5dda12286f..eba9c79df5 100644
--- a/services/migrations/migrate.go
+++ b/services/migrations/migrate.go
@@ -6,6 +6,7 @@ package migrations
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"net"
 	"net/url"
@@ -74,11 +75,9 @@ func IsMigrateURLAllowed(remoteURL string, doer *user_model.User) error {
 		return &git.ErrInvalidCloneAddr{Host: u.Host, IsProtocolInvalid: true, IsPermissionDenied: true, IsURLError: true}
 	}
 
-	hostName, _, err := net.SplitHostPort(u.Host)
-	if err != nil {
-		// u.Host can be "host" or "host:port"
-		err = nil //nolint
-		hostName = u.Host
+	hostName, _, errIgnored := net.SplitHostPort(u.Host)
+	if errIgnored != nil {
+		hostName = u.Host // u.Host can be "host" or "host:port"
 	}
 
 	// some users only use proxy, there is no DNS resolver. it's safe to ignore the LookupIP error
@@ -211,7 +210,7 @@ func migrateRepository(ctx context.Context, doer *user_model.User, downloader ba
 
 		if cloneURL.Scheme == "file" || cloneURL.Scheme == "" {
 			if cloneAddrURL.Scheme != "file" && cloneAddrURL.Scheme != "" {
-				return fmt.Errorf("repo info has changed from external to local filesystem")
+				return errors.New("repo info has changed from external to local filesystem")
 			}
 		}
 
diff --git a/services/migrations/onedev.go b/services/migrations/onedev.go
index 4ce35dd12e..e052cba0cc 100644
--- a/services/migrations/onedev.go
+++ b/services/migrations/onedev.go
@@ -128,7 +128,7 @@ func (d *OneDevDownloader) callAPI(ctx context.Context, endpoint string, paramet
 		u.RawQuery = query.Encode()
 	}
 
-	req, err := http.NewRequestWithContext(ctx, "GET", u.String(), nil)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, u.String(), nil)
 	if err != nil {
 		return err
 	}
diff --git a/services/mirror/mirror.go b/services/mirror/mirror.go
index e029bbb1d6..7fb7fabb75 100644
--- a/services/mirror/mirror.go
+++ b/services/mirror/mirror.go
@@ -5,7 +5,7 @@ package mirror
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/log"
@@ -29,7 +29,7 @@ func doMirrorSync(ctx context.Context, req *SyncRequest) {
 	}
 }
 
-var errLimit = fmt.Errorf("reached limit")
+var errLimit = errors.New("reached limit")
 
 // Update checks and updates mirror repositories.
 func Update(ctx context.Context, pullLimit, pushLimit int) error {
@@ -68,7 +68,7 @@ func Update(ctx context.Context, pullLimit, pushLimit int) error {
 		// Check we've not been cancelled
 		select {
 		case <-ctx.Done():
-			return fmt.Errorf("aborted")
+			return errors.New("aborted")
 		default:
 		}
 
diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go
index 658747e7c8..cb90af5894 100644
--- a/services/mirror/mirror_pull.go
+++ b/services/mirror/mirror_pull.go
@@ -71,7 +71,7 @@ func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error
 	// erase authentication before storing in database
 	u.User = nil
 	m.Repo.OriginalURL = u.String()
-	return repo_model.UpdateRepositoryCols(ctx, m.Repo, "original_url")
+	return repo_model.UpdateRepositoryColsNoAutoTime(ctx, m.Repo, "original_url")
 }
 
 // mirrorSyncResult contains information of a updated reference.
@@ -235,6 +235,24 @@ func pruneBrokenReferences(ctx context.Context,
 	return pruneErr
 }
 
+// checkRecoverableSyncError takes an error message from a git fetch command and returns false if it should be a fatal/blocking error
+func checkRecoverableSyncError(stderrMessage string) bool {
+	switch {
+	case strings.Contains(stderrMessage, "unable to resolve reference") && strings.Contains(stderrMessage, "reference broken"):
+		return true
+	case strings.Contains(stderrMessage, "remote error") && strings.Contains(stderrMessage, "not our ref"):
+		return true
+	case strings.Contains(stderrMessage, "cannot lock ref") && strings.Contains(stderrMessage, "but expected"):
+		return true
+	case strings.Contains(stderrMessage, "cannot lock ref") && strings.Contains(stderrMessage, "unable to resolve reference"):
+		return true
+	case strings.Contains(stderrMessage, "Unable to create") && strings.Contains(stderrMessage, ".lock"):
+		return true
+	default:
+		return false
+	}
+}
+
 // runSync returns true if sync finished without error.
 func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bool) {
 	repoPath := m.Repo.RepoPath()
@@ -275,7 +293,7 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo
 		stdoutMessage := util.SanitizeCredentialURLs(stdout)
 
 		// Now check if the error is a resolve reference due to broken reference
-		if strings.Contains(stderr, "unable to resolve reference") && strings.Contains(stderr, "reference broken") {
+		if checkRecoverableSyncError(stderr) {
 			log.Warn("SyncMirrors [repo: %-v]: failed to update mirror repository due to broken references:\nStdout: %s\nStderr: %s\nErr: %v\nAttempting Prune", m.Repo, stdoutMessage, stderrMessage, err)
 			err = nil
 
@@ -324,6 +342,15 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo
 		return nil, false
 	}
 
+	if m.LFS && setting.LFS.StartServer {
+		log.Trace("SyncMirrors [repo: %-v]: syncing LFS objects...", m.Repo)
+		endpoint := lfs.DetermineEndpoint(remoteURL.String(), m.LFSEndpoint)
+		lfsClient := lfs.NewClient(endpoint, nil)
+		if err = repo_module.StoreMissingLfsObjectsInRepository(ctx, m.Repo, gitRepo, lfsClient); err != nil {
+			log.Error("SyncMirrors [repo: %-v]: failed to synchronize LFS objects for repository: %v", m.Repo, err)
+		}
+	}
+
 	log.Trace("SyncMirrors [repo: %-v]: syncing branches...", m.Repo)
 	if _, err = repo_module.SyncRepoBranchesWithRepo(ctx, m.Repo, gitRepo, 0); err != nil {
 		log.Error("SyncMirrors [repo: %-v]: failed to synchronize branches: %v", m.Repo, err)
@@ -333,15 +360,6 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo
 	if err = repo_module.SyncReleasesWithTags(ctx, m.Repo, gitRepo); err != nil {
 		log.Error("SyncMirrors [repo: %-v]: failed to synchronize tags to releases: %v", m.Repo, err)
 	}
-
-	if m.LFS && setting.LFS.StartServer {
-		log.Trace("SyncMirrors [repo: %-v]: syncing LFS objects...", m.Repo)
-		endpoint := lfs.DetermineEndpoint(remoteURL.String(), m.LFSEndpoint)
-		lfsClient := lfs.NewClient(endpoint, nil)
-		if err = repo_module.StoreMissingLfsObjectsInRepository(ctx, m.Repo, gitRepo, lfsClient); err != nil {
-			log.Error("SyncMirrors [repo: %-v]: failed to synchronize LFS objects for repository: %v", m.Repo, err)
-		}
-	}
 	gitRepo.Close()
 
 	log.Trace("SyncMirrors [repo: %-v]: updating size of repository", m.Repo)
@@ -368,7 +386,7 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo
 			stdoutMessage := util.SanitizeCredentialURLs(stdout)
 
 			// Now check if the error is a resolve reference due to broken reference
-			if strings.Contains(stderrMessage, "unable to resolve reference") && strings.Contains(stderrMessage, "reference broken") {
+			if checkRecoverableSyncError(stderrMessage) {
 				log.Warn("SyncMirrors [repo: %-v Wiki]: failed to update mirror wiki repository due to broken references:\nStdout: %s\nStderr: %s\nErr: %v\nAttempting Prune", m.Repo, stdoutMessage, stderrMessage, err)
 				err = nil
 
@@ -419,7 +437,7 @@ func runSync(ctx context.Context, m *repo_model.Mirror) ([]*mirrorSyncResult, bo
 	}
 
 	for _, branch := range branches {
-		cache.Remove(m.Repo.GetCommitsCountCacheKey(branch.Name, true))
+		cache.Remove(m.Repo.GetCommitsCountCacheKey(branch, true))
 	}
 
 	m.UpdatedUnix = timeutil.TimeStampNow()
@@ -635,7 +653,7 @@ func checkAndUpdateEmptyRepository(ctx context.Context, m *repo_model.Mirror, re
 		}
 		m.Repo.IsEmpty = false
 		// Update the is empty and default_branch columns
-		if err := repo_model.UpdateRepositoryCols(ctx, m.Repo, "default_branch", "is_empty"); err != nil {
+		if err := repo_model.UpdateRepositoryColsWithAutoTime(ctx, m.Repo, "default_branch", "is_empty"); err != nil {
 			log.Error("Failed to update default branch of repository %-v. Error: %v", m.Repo, err)
 			desc := fmt.Sprintf("Failed to update default branch of repository '%s': %v", m.Repo.RepoPath(), err)
 			if err = system_model.CreateRepositoryNotice(desc); err != nil {
diff --git a/services/mirror/mirror_pull_test.go b/services/mirror/mirror_pull_test.go
new file mode 100644
index 0000000000..97859be5b0
--- /dev/null
+++ b/services/mirror/mirror_pull_test.go
@@ -0,0 +1,94 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package mirror
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_parseRemoteUpdateOutput(t *testing.T) {
+	output := `
+ * [new tag]         v0.1.8     -> v0.1.8
+ * [new branch]      master     -> origin/master
+ - [deleted]         (none)     -> origin/test1
+ - [deleted]         (none)     -> tag1
+ + f895a1e...957a993 test2      -> origin/test2  (forced update)
+   957a993..a87ba5f  test3      -> origin/test3
+ * [new ref]               refs/pull/26595/head  -> refs/pull/26595/head
+ * [new ref]               refs/pull/26595/merge -> refs/pull/26595/merge
+   e0639e38fb..6db2410489  refs/pull/25873/head  -> refs/pull/25873/head
+ + 1c97ebc746...976d27d52f refs/pull/25873/merge -> refs/pull/25873/merge  (forced update)
+`
+	results := parseRemoteUpdateOutput(output, "origin")
+	assert.Len(t, results, 10)
+	assert.Equal(t, "refs/tags/v0.1.8", results[0].refName.String())
+	assert.Equal(t, gitShortEmptySha, results[0].oldCommitID)
+	assert.Empty(t, results[0].newCommitID)
+
+	assert.Equal(t, "refs/heads/master", results[1].refName.String())
+	assert.Equal(t, gitShortEmptySha, results[1].oldCommitID)
+	assert.Empty(t, results[1].newCommitID)
+
+	assert.Equal(t, "refs/heads/test1", results[2].refName.String())
+	assert.Empty(t, results[2].oldCommitID)
+	assert.Equal(t, gitShortEmptySha, results[2].newCommitID)
+
+	assert.Equal(t, "refs/tags/tag1", results[3].refName.String())
+	assert.Empty(t, results[3].oldCommitID)
+	assert.Equal(t, gitShortEmptySha, results[3].newCommitID)
+
+	assert.Equal(t, "refs/heads/test2", results[4].refName.String())
+	assert.Equal(t, "f895a1e", results[4].oldCommitID)
+	assert.Equal(t, "957a993", results[4].newCommitID)
+
+	assert.Equal(t, "refs/heads/test3", results[5].refName.String())
+	assert.Equal(t, "957a993", results[5].oldCommitID)
+	assert.Equal(t, "a87ba5f", results[5].newCommitID)
+
+	assert.Equal(t, "refs/pull/26595/head", results[6].refName.String())
+	assert.Equal(t, gitShortEmptySha, results[6].oldCommitID)
+	assert.Empty(t, results[6].newCommitID)
+
+	assert.Equal(t, "refs/pull/26595/merge", results[7].refName.String())
+	assert.Equal(t, gitShortEmptySha, results[7].oldCommitID)
+	assert.Empty(t, results[7].newCommitID)
+
+	assert.Equal(t, "refs/pull/25873/head", results[8].refName.String())
+	assert.Equal(t, "e0639e38fb", results[8].oldCommitID)
+	assert.Equal(t, "6db2410489", results[8].newCommitID)
+
+	assert.Equal(t, "refs/pull/25873/merge", results[9].refName.String())
+	assert.Equal(t, "1c97ebc746", results[9].oldCommitID)
+	assert.Equal(t, "976d27d52f", results[9].newCommitID)
+}
+
+func Test_checkRecoverableSyncError(t *testing.T) {
+	cases := []struct {
+		recoverable bool
+		message     string
+	}{
+		// A race condition in http git-fetch where certain refs were listed on the remote and are no longer there, would exit status 128
+		{true, "fatal: remote error: upload-pack: not our ref 988881adc9fc3655077dc2d4d757d480b5ea0e11"},
+		// A race condition where a local gc/prune removes a named ref during a git-fetch  would exit status 1
+		{true, "cannot lock ref 'refs/pull/123456/merge': unable to resolve reference 'refs/pull/134153/merge'"},
+		// A race condition in http git-fetch where named refs were listed on the remote and are no longer there
+		{true, "error: cannot lock ref 'refs/remotes/origin/foo': unable to resolve reference 'refs/remotes/origin/foo': reference broken"},
+		// A race condition in http git-fetch where named refs were force-pushed during the update, would exit status 128
+		{true, "error: cannot lock ref 'refs/pull/123456/merge': is at 988881adc9fc3655077dc2d4d757d480b5ea0e11 but expected 7f894307ffc9553edbd0b671cab829786866f7b2"},
+		// A race condition with other local git operations, such as git-maintenance, would exit status 128 (well, "Unable" the "U" is uppercase)
+		{true, "fatal: Unable to create '/data/gitea-repositories/foo-org/bar-repo.git/./objects/info/commit-graphs/commit-graph-chain.lock': File exists."},
+		// Missing or unauthorized credentials, would exit status 128
+		{false, "fatal: Authentication failed for 'https://example.com/foo-does-not-exist/bar.git/'"},
+		// A non-existent remote repository, would exit status 128
+		{false, "fatal: Could not read from remote repository."},
+		// A non-functioning proxy, would exit status 128
+		{false, "fatal: unable to access 'https://example.com/foo-does-not-exist/bar.git/': Failed to connect to configured-https-proxy port 1080 after 0 ms: Couldn't connect to server"},
+	}
+
+	for _, c := range cases {
+		assert.Equal(t, c.recoverable, checkRecoverableSyncError(c.message), "test case: %s", c.message)
+	}
+}
diff --git a/services/mirror/mirror_test.go b/services/mirror/mirror_test.go
deleted file mode 100644
index 76632b6872..0000000000
--- a/services/mirror/mirror_test.go
+++ /dev/null
@@ -1,66 +0,0 @@
-// Copyright 2023 The Gitea Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package mirror
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func Test_parseRemoteUpdateOutput(t *testing.T) {
-	output := `
- * [new tag]         v0.1.8     -> v0.1.8
- * [new branch]      master     -> origin/master
- - [deleted]         (none)     -> origin/test1
- - [deleted]         (none)     -> tag1
- + f895a1e...957a993 test2      -> origin/test2  (forced update)
-   957a993..a87ba5f  test3      -> origin/test3
- * [new ref]               refs/pull/26595/head  -> refs/pull/26595/head
- * [new ref]               refs/pull/26595/merge -> refs/pull/26595/merge
-   e0639e38fb..6db2410489  refs/pull/25873/head  -> refs/pull/25873/head
- + 1c97ebc746...976d27d52f refs/pull/25873/merge -> refs/pull/25873/merge  (forced update)
-`
-	results := parseRemoteUpdateOutput(output, "origin")
-	assert.Len(t, results, 10)
-	assert.EqualValues(t, "refs/tags/v0.1.8", results[0].refName.String())
-	assert.EqualValues(t, gitShortEmptySha, results[0].oldCommitID)
-	assert.EqualValues(t, "", results[0].newCommitID)
-
-	assert.EqualValues(t, "refs/heads/master", results[1].refName.String())
-	assert.EqualValues(t, gitShortEmptySha, results[1].oldCommitID)
-	assert.EqualValues(t, "", results[1].newCommitID)
-
-	assert.EqualValues(t, "refs/heads/test1", results[2].refName.String())
-	assert.EqualValues(t, "", results[2].oldCommitID)
-	assert.EqualValues(t, gitShortEmptySha, results[2].newCommitID)
-
-	assert.EqualValues(t, "refs/tags/tag1", results[3].refName.String())
-	assert.EqualValues(t, "", results[3].oldCommitID)
-	assert.EqualValues(t, gitShortEmptySha, results[3].newCommitID)
-
-	assert.EqualValues(t, "refs/heads/test2", results[4].refName.String())
-	assert.EqualValues(t, "f895a1e", results[4].oldCommitID)
-	assert.EqualValues(t, "957a993", results[4].newCommitID)
-
-	assert.EqualValues(t, "refs/heads/test3", results[5].refName.String())
-	assert.EqualValues(t, "957a993", results[5].oldCommitID)
-	assert.EqualValues(t, "a87ba5f", results[5].newCommitID)
-
-	assert.EqualValues(t, "refs/pull/26595/head", results[6].refName.String())
-	assert.EqualValues(t, gitShortEmptySha, results[6].oldCommitID)
-	assert.EqualValues(t, "", results[6].newCommitID)
-
-	assert.EqualValues(t, "refs/pull/26595/merge", results[7].refName.String())
-	assert.EqualValues(t, gitShortEmptySha, results[7].oldCommitID)
-	assert.EqualValues(t, "", results[7].newCommitID)
-
-	assert.EqualValues(t, "refs/pull/25873/head", results[8].refName.String())
-	assert.EqualValues(t, "e0639e38fb", results[8].oldCommitID)
-	assert.EqualValues(t, "6db2410489", results[8].newCommitID)
-
-	assert.EqualValues(t, "refs/pull/25873/merge", results[9].refName.String())
-	assert.EqualValues(t, "1c97ebc746", results[9].oldCommitID)
-	assert.EqualValues(t, "976d27d52f", results[9].newCommitID)
-}
diff --git a/services/notify/notifier.go b/services/notify/notifier.go
index 40428454be..875a70e564 100644
--- a/services/notify/notifier.go
+++ b/services/notify/notifier.go
@@ -79,5 +79,7 @@ type Notifier interface {
 
 	CreateCommitStatus(ctx context.Context, repo *repo_model.Repository, commit *repository.PushCommit, sender *user_model.User, status *git_model.CommitStatus)
 
+	WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun)
+
 	WorkflowJobStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, job *actions_model.ActionRunJob, task *actions_model.ActionTask)
 }
diff --git a/services/notify/notify.go b/services/notify/notify.go
index 9f8be4b577..2416cbd2e0 100644
--- a/services/notify/notify.go
+++ b/services/notify/notify.go
@@ -46,10 +46,25 @@ func DeleteWikiPage(ctx context.Context, doer *user_model.User, repo *repo_model
 	}
 }
 
+func shouldSendCommentChangeNotification(ctx context.Context, comment *issues_model.Comment) bool {
+	if err := comment.LoadReview(ctx); err != nil {
+		log.Error("LoadReview: %v", err)
+		return false
+	} else if comment.Review != nil && comment.Review.Type == issues_model.ReviewTypePending {
+		// Pending review comments updating should not triggered
+		return false
+	}
+	return true
+}
+
 // CreateIssueComment notifies issue comment related message to notifiers
 func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository,
 	issue *issues_model.Issue, comment *issues_model.Comment, mentions []*user_model.User,
 ) {
+	if !shouldSendCommentChangeNotification(ctx, comment) {
+		return
+	}
+
 	for _, notifier := range notifiers {
 		notifier.CreateIssueComment(ctx, doer, repo, issue, comment, mentions)
 	}
@@ -156,6 +171,10 @@ func PullReviewDismiss(ctx context.Context, doer *user_model.User, review *issue
 
 // UpdateComment notifies update comment to notifiers
 func UpdateComment(ctx context.Context, doer *user_model.User, c *issues_model.Comment, oldContent string) {
+	if !shouldSendCommentChangeNotification(ctx, c) {
+		return
+	}
+
 	for _, notifier := range notifiers {
 		notifier.UpdateComment(ctx, doer, c, oldContent)
 	}
@@ -163,6 +182,10 @@ func UpdateComment(ctx context.Context, doer *user_model.User, c *issues_model.C
 
 // DeleteComment notifies delete comment to notifiers
 func DeleteComment(ctx context.Context, doer *user_model.User, c *issues_model.Comment) {
+	if !shouldSendCommentChangeNotification(ctx, c) {
+		return
+	}
+
 	for _, notifier := range notifiers {
 		notifier.DeleteComment(ctx, doer, c)
 	}
@@ -376,6 +399,12 @@ func CreateCommitStatus(ctx context.Context, repo *repo_model.Repository, commit
 	}
 }
 
+func WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun) {
+	for _, notifier := range notifiers {
+		notifier.WorkflowRunStatusUpdate(ctx, repo, sender, run)
+	}
+}
+
 func WorkflowJobStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, job *actions_model.ActionRunJob, task *actions_model.ActionTask) {
 	for _, notifier := range notifiers {
 		notifier.WorkflowJobStatusUpdate(ctx, repo, sender, job, task)
diff --git a/services/notify/null.go b/services/notify/null.go
index 9c794a2342..c3085d7c9e 100644
--- a/services/notify/null.go
+++ b/services/notify/null.go
@@ -214,5 +214,8 @@ func (*NullNotifier) ChangeDefaultBranch(ctx context.Context, repo *repo_model.R
 func (*NullNotifier) CreateCommitStatus(ctx context.Context, repo *repo_model.Repository, commit *repository.PushCommit, sender *user_model.User, status *git_model.CommitStatus) {
 }
 
+func (*NullNotifier) WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun) {
+}
+
 func (*NullNotifier) WorkflowJobStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, job *actions_model.ActionRunJob, task *actions_model.ActionTask) {
 }
diff --git a/services/oauth2_provider/access_token.go b/services/oauth2_provider/access_token.go
index 5cb6fb64c5..5a190d8616 100644
--- a/services/oauth2_provider/access_token.go
+++ b/services/oauth2_provider/access_token.go
@@ -1,12 +1,13 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package oauth2_provider //nolint
+package oauth2_provider
 
 import (
 	"context"
 	"fmt"
 	"slices"
+	"strconv"
 	"strings"
 
 	auth "code.gitea.io/gitea/models/auth"
@@ -15,7 +16,9 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/golang-jwt/jwt/v5"
 )
@@ -82,7 +85,7 @@ func GrantAdditionalScopes(grantScopes string) auth.AccessTokenScope {
 	}
 
 	var accessScopes []string // the scopes for access control, but not for general information
-	for _, scope := range strings.Split(grantScopes, " ") {
+	for scope := range strings.SplitSeq(grantScopes, " ") {
 		if scope != "" && !slices.Contains(generalScopesSupported, scope) {
 			accessScopes = append(accessScopes, scope)
 		}
@@ -103,6 +106,20 @@ func GrantAdditionalScopes(grantScopes string) auth.AccessTokenScope {
 	return auth.AccessTokenScopeAll
 }
 
+func NewJwtRegisteredClaimsFromUser(clientID string, grantUserID int64, exp *jwt.NumericDate) jwt.RegisteredClaims {
+	// https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
+	// The issuer value returned MUST be identical to the Issuer URL that was used as the prefix to /.well-known/openid-configuration
+	// to retrieve the configuration information. This MUST also be identical to the "iss" Claim value in ID Tokens issued from this Issuer.
+	// * https://accounts.google.com/.well-known/openid-configuration
+	// * https://github.com/login/oauth/.well-known/openid-configuration
+	return jwt.RegisteredClaims{
+		Issuer:    strings.TrimSuffix(setting.AppURL, "/"),
+		Audience:  []string{clientID},
+		Subject:   strconv.FormatInt(grantUserID, 10),
+		ExpiresAt: exp,
+	}
+}
+
 func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, serverKey, clientKey JWTSigningKey) (*AccessTokenResponse, *AccessTokenError) {
 	if setting.OAuth2.InvalidateRefreshTokens {
 		if err := grant.IncreaseCounter(ctx); err != nil {
@@ -173,13 +190,8 @@ func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, server
 		}
 
 		idToken := &OIDCToken{
-			RegisteredClaims: jwt.RegisteredClaims{
-				ExpiresAt: jwt.NewNumericDate(expirationDate.AsTime()),
-				Issuer:    setting.AppURL,
-				Audience:  []string{app.ClientID},
-				Subject:   fmt.Sprint(grant.UserID),
-			},
-			Nonce: grant.Nonce,
+			RegisteredClaims: NewJwtRegisteredClaimsFromUser(app.ClientID, grant.UserID, jwt.NewNumericDate(expirationDate.AsTime())),
+			Nonce:            grant.Nonce,
 		}
 		if grant.ScopeContains("profile") {
 			idToken.Name = user.DisplayName()
@@ -230,12 +242,11 @@ func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, server
 	}, nil
 }
 
-// returns a list of "org" and "org:team" strings,
-// that the given user is a part of.
+// GetOAuthGroupsForUser returns a list of "org" and "org:team" strings, that the given user is a part of.
 func GetOAuthGroupsForUser(ctx context.Context, user *user_model.User, onlyPublicGroups bool) ([]string, error) {
 	orgs, err := db.Find[org_model.Organization](ctx, org_model.FindOrgOptions{
-		UserID:         user.ID,
-		IncludePrivate: !onlyPublicGroups,
+		UserID:            user.ID,
+		IncludeVisibility: util.Iif(onlyPublicGroups, api.VisibleTypePublic, api.VisibleTypePrivate),
 	})
 	if err != nil {
 		return nil, fmt.Errorf("GetUserOrgList: %w", err)
diff --git a/services/oauth2_provider/additional_scopes_test.go b/services/oauth2_provider/additional_scopes_test.go
index 2d4df7aea2..5f375346dc 100644
--- a/services/oauth2_provider/additional_scopes_test.go
+++ b/services/oauth2_provider/additional_scopes_test.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package oauth2_provider //nolint
+package oauth2_provider
 
 import (
 	"testing"
diff --git a/services/oauth2_provider/init.go b/services/oauth2_provider/init.go
index e5958099a6..c412bd6433 100644
--- a/services/oauth2_provider/init.go
+++ b/services/oauth2_provider/init.go
@@ -1,7 +1,7 @@
 // Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package oauth2_provider //nolint
+package oauth2_provider
 
 import (
 	"context"
diff --git a/services/oauth2_provider/jwtsigningkey.go b/services/oauth2_provider/jwtsigningkey.go
index 6c668db463..03c7403f75 100644
--- a/services/oauth2_provider/jwtsigningkey.go
+++ b/services/oauth2_provider/jwtsigningkey.go
@@ -1,7 +1,7 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package oauth2_provider //nolint
+package oauth2_provider
 
 import (
 	"crypto/ecdsa"
@@ -31,7 +31,7 @@ type ErrInvalidAlgorithmType struct {
 }
 
 func (err ErrInvalidAlgorithmType) Error() string {
-	return fmt.Sprintf("JWT signing algorithm is not supported: %s", err.Algorithm)
+	return "JWT signing algorithm is not supported: " + err.Algorithm
 }
 
 // JWTSigningKey represents a algorithm/key pair to sign JWTs
diff --git a/services/oauth2_provider/token.go b/services/oauth2_provider/token.go
index b71b11906e..935c4cc01f 100644
--- a/services/oauth2_provider/token.go
+++ b/services/oauth2_provider/token.go
@@ -1,9 +1,10 @@
 // Copyright 2021 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package oauth2_provider //nolint
+package oauth2_provider
 
 import (
+	"errors"
 	"fmt"
 	"time"
 
@@ -44,12 +45,12 @@ func ParseToken(jwtToken string, signingKey JWTSigningKey) (*Token, error) {
 		return nil, err
 	}
 	if !parsedToken.Valid {
-		return nil, fmt.Errorf("invalid token")
+		return nil, errors.New("invalid token")
 	}
 	var token *Token
 	var ok bool
 	if token, ok = parsedToken.Claims.(*Token); !ok || !parsedToken.Valid {
-		return nil, fmt.Errorf("invalid token")
+		return nil, errors.New("invalid token")
 	}
 	return token, nil
 }
diff --git a/services/org/team.go b/services/org/team.go
index ee3bd898ea..773bd11f49 100644
--- a/services/org/team.go
+++ b/services/org/team.go
@@ -54,39 +54,33 @@ func NewTeam(ctx context.Context, t *organization.Team) (err error) {
 		return organization.ErrTeamAlreadyExist{OrgID: t.OrgID, Name: t.LowerName}
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = db.Insert(ctx, t); err != nil {
-		return err
-	}
-
-	// insert units for team
-	if len(t.Units) > 0 {
-		for _, unit := range t.Units {
-			unit.TeamID = t.ID
-		}
-		if err = db.Insert(ctx, &t.Units); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = db.Insert(ctx, t); err != nil {
 			return err
 		}
-	}
 
-	// Add all repositories to the team if it has access to all of them.
-	if t.IncludesAllRepositories {
-		err = repo_service.AddAllRepositoriesToTeam(ctx, t)
-		if err != nil {
-			return fmt.Errorf("addAllRepositories: %w", err)
+		// insert units for team
+		if len(t.Units) > 0 {
+			for _, unit := range t.Units {
+				unit.TeamID = t.ID
+			}
+			if err = db.Insert(ctx, &t.Units); err != nil {
+				return err
+			}
+		}
+
+		// Add all repositories to the team if it has access to all of them.
+		if t.IncludesAllRepositories {
+			err = repo_service.AddAllRepositoriesToTeam(ctx, t)
+			if err != nil {
+				return fmt.Errorf("addAllRepositories: %w", err)
+			}
 		}
-	}
 
-	// Update organization number of teams.
-	if _, err = db.Exec(ctx, "UPDATE `user` SET num_teams=num_teams+1 WHERE id = ?", t.OrgID); err != nil {
+		// Update organization number of teams.
+		_, err = db.Exec(ctx, "UPDATE `user` SET num_teams=num_teams+1 WHERE id = ?", t.OrgID)
 		return err
-	}
-	return committer.Commit()
+	})
 }
 
 // UpdateTeam updates information of team.
@@ -99,128 +93,117 @@ func UpdateTeam(ctx context.Context, t *organization.Team, authChanged, includeA
 		t.Description = t.Description[:255]
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	t.LowerName = strings.ToLower(t.Name)
-	has, err := db.Exist[organization.Team](ctx, builder.Eq{
-		"org_id":     t.OrgID,
-		"lower_name": t.LowerName,
-	}.And(builder.Neq{"id": t.ID}),
-	)
-	if err != nil {
-		return err
-	} else if has {
-		return organization.ErrTeamAlreadyExist{OrgID: t.OrgID, Name: t.LowerName}
-	}
-
-	sess := db.GetEngine(ctx)
-	if _, err = sess.ID(t.ID).Cols("name", "lower_name", "description",
-		"can_create_org_repo", "authorize", "includes_all_repositories").Update(t); err != nil {
-		return fmt.Errorf("update: %w", err)
-	}
-
-	// update units for team
-	if len(t.Units) > 0 {
-		for _, unit := range t.Units {
-			unit.TeamID = t.ID
-		}
-		// Delete team-unit.
-		if _, err := sess.
-			Where("team_id=?", t.ID).
-			Delete(new(organization.TeamUnit)); err != nil {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		t.LowerName = strings.ToLower(t.Name)
+		has, err := db.Exist[organization.Team](ctx, builder.Eq{
+			"org_id":     t.OrgID,
+			"lower_name": t.LowerName,
+		}.And(builder.Neq{"id": t.ID}),
+		)
+		if err != nil {
 			return err
+		} else if has {
+			return organization.ErrTeamAlreadyExist{OrgID: t.OrgID, Name: t.LowerName}
 		}
-		if _, err = sess.Cols("org_id", "team_id", "type", "access_mode").Insert(&t.Units); err != nil {
-			return err
+
+		sess := db.GetEngine(ctx)
+		if _, err = sess.ID(t.ID).Cols("name", "lower_name", "description",
+			"can_create_org_repo", "authorize", "includes_all_repositories").Update(t); err != nil {
+			return fmt.Errorf("update: %w", err)
 		}
-	}
 
-	// Update access for team members if needed.
-	if authChanged {
-		repos, err := repo_model.GetTeamRepositories(ctx, &repo_model.SearchTeamRepoOptions{
-			TeamID: t.ID,
-		})
-		if err != nil {
-			return fmt.Errorf("GetTeamRepositories: %w", err)
+		// update units for team
+		if len(t.Units) > 0 {
+			for _, unit := range t.Units {
+				unit.TeamID = t.ID
+			}
+			// Delete team-unit.
+			if _, err := sess.
+				Where("team_id=?", t.ID).
+				Delete(new(organization.TeamUnit)); err != nil {
+				return err
+			}
+			if _, err = sess.Cols("org_id", "team_id", "type", "access_mode").Insert(&t.Units); err != nil {
+				return err
+			}
 		}
 
-		for _, repo := range repos {
-			if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
-				return fmt.Errorf("recalculateTeamAccesses: %w", err)
+		// Update access for team members if needed.
+		if authChanged {
+			repos, err := repo_model.GetTeamRepositories(ctx, &repo_model.SearchTeamRepoOptions{
+				TeamID: t.ID,
+			})
+			if err != nil {
+				return fmt.Errorf("GetTeamRepositories: %w", err)
+			}
+
+			for _, repo := range repos {
+				if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
+					return fmt.Errorf("recalculateTeamAccesses: %w", err)
+				}
 			}
 		}
-	}
 
-	// Add all repositories to the team if it has access to all of them.
-	if includeAllChanged && t.IncludesAllRepositories {
-		err = repo_service.AddAllRepositoriesToTeam(ctx, t)
-		if err != nil {
-			return fmt.Errorf("addAllRepositories: %w", err)
+		// Add all repositories to the team if it has access to all of them.
+		if includeAllChanged && t.IncludesAllRepositories {
+			err = repo_service.AddAllRepositoriesToTeam(ctx, t)
+			if err != nil {
+				return fmt.Errorf("addAllRepositories: %w", err)
+			}
 		}
-	}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 // DeleteTeam deletes given team.
 // It's caller's responsibility to assign organization ID.
 func DeleteTeam(ctx context.Context, t *organization.Team) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := t.LoadMembers(ctx); err != nil {
-		return err
-	}
-
-	// update branch protections
-	{
-		protections := make([]*git_model.ProtectedBranch, 0, 10)
-		err := db.GetEngine(ctx).In("repo_id",
-			builder.Select("id").From("repository").Where(builder.Eq{"owner_id": t.OrgID})).
-			Find(&protections)
-		if err != nil {
-			return fmt.Errorf("findProtectedBranches: %w", err)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err := t.LoadMembers(ctx); err != nil {
+			return err
 		}
-		for _, p := range protections {
-			if err := git_model.RemoveTeamIDFromProtectedBranch(ctx, p, t.ID); err != nil {
-				return err
+
+		// update branch protections
+		{
+			protections := make([]*git_model.ProtectedBranch, 0, 10)
+			err := db.GetEngine(ctx).In("repo_id",
+				builder.Select("id").From("repository").Where(builder.Eq{"owner_id": t.OrgID})).
+				Find(&protections)
+			if err != nil {
+				return fmt.Errorf("findProtectedBranches: %w", err)
+			}
+			for _, p := range protections {
+				if err := git_model.RemoveTeamIDFromProtectedBranch(ctx, p, t.ID); err != nil {
+					return err
+				}
 			}
 		}
-	}
-
-	if err := repo_service.RemoveAllRepositoriesFromTeam(ctx, t); err != nil {
-		return err
-	}
 
-	if err := db.DeleteBeans(ctx,
-		&organization.Team{ID: t.ID},
-		&organization.TeamUser{OrgID: t.OrgID, TeamID: t.ID},
-		&organization.TeamUnit{TeamID: t.ID},
-		&organization.TeamInvite{TeamID: t.ID},
-		&issues_model.Review{Type: issues_model.ReviewTypeRequest, ReviewerTeamID: t.ID}, // batch delete the binding relationship between team and PR (request review from team)
-	); err != nil {
-		return err
-	}
+		if err := repo_service.RemoveAllRepositoriesFromTeam(ctx, t); err != nil {
+			return err
+		}
 
-	for _, tm := range t.Members {
-		if err := removeInvalidOrgUser(ctx, t.OrgID, tm); err != nil {
+		if err := db.DeleteBeans(ctx,
+			&organization.Team{ID: t.ID},
+			&organization.TeamUser{OrgID: t.OrgID, TeamID: t.ID},
+			&organization.TeamUnit{TeamID: t.ID},
+			&organization.TeamInvite{TeamID: t.ID},
+			&issues_model.Review{Type: issues_model.ReviewTypeRequest, ReviewerTeamID: t.ID}, // batch delete the binding relationship between team and PR (request review from team)
+		); err != nil {
 			return err
 		}
-	}
 
-	// Update organization number of teams.
-	if _, err := db.Exec(ctx, "UPDATE `user` SET num_teams=num_teams-1 WHERE id=?", t.OrgID); err != nil {
-		return err
-	}
+		for _, tm := range t.Members {
+			if err := removeInvalidOrgUser(ctx, t.OrgID, tm); err != nil {
+				return err
+			}
+		}
 
-	return committer.Commit()
+		// Update organization number of teams.
+		_, err := db.Exec(ctx, "UPDATE `user` SET num_teams=num_teams-1 WHERE id=?", t.OrgID)
+		return err
+	})
 }
 
 // AddTeamMember adds new membership of given team to given organization,
@@ -259,37 +242,6 @@ func AddTeamMember(ctx context.Context, team *organization.Team, user *user_mode
 		}
 
 		team.NumMembers++
-
-		// Give access to team repositories.
-		// update exist access if mode become bigger
-		subQuery := builder.Select("repo_id").From("team_repo").
-			Where(builder.Eq{"team_id": team.ID})
-
-		if _, err := sess.Where("user_id=?", user.ID).
-			In("repo_id", subQuery).
-			And("mode < ?", team.AccessMode).
-			SetExpr("mode", team.AccessMode).
-			Update(new(access_model.Access)); err != nil {
-			return fmt.Errorf("update user accesses: %w", err)
-		}
-
-		// for not exist access
-		var repoIDs []int64
-		accessSubQuery := builder.Select("repo_id").From("access").Where(builder.Eq{"user_id": user.ID})
-		if err := sess.SQL(subQuery.And(builder.NotIn("repo_id", accessSubQuery))).Find(&repoIDs); err != nil {
-			return fmt.Errorf("select id accesses: %w", err)
-		}
-
-		accesses := make([]*access_model.Access, 0, 100)
-		for i, repoID := range repoIDs {
-			accesses = append(accesses, &access_model.Access{RepoID: repoID, UserID: user.ID, Mode: team.AccessMode})
-			if (i%100 == 0 || i == len(repoIDs)-1) && len(accesses) > 0 {
-				if err = db.Insert(ctx, accesses); err != nil {
-					return fmt.Errorf("insert new user accesses: %w", err)
-				}
-				accesses = accesses[:0]
-			}
-		}
 		return nil
 	})
 	if err != nil {
@@ -394,13 +346,7 @@ func removeInvalidOrgUser(ctx context.Context, orgID int64, user *user_model.Use
 
 // RemoveTeamMember removes member from given team of given organization.
 func RemoveTeamMember(ctx context.Context, team *organization.Team, user *user_model.User) error {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-	if err := removeTeamMember(ctx, team, user); err != nil {
-		return err
-	}
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return removeTeamMember(ctx, team, user)
+	})
 }
diff --git a/services/org/team_test.go b/services/org/team_test.go
index 3791776e46..c1a69d8ee7 100644
--- a/services/org/team_test.go
+++ b/services/org/team_test.go
@@ -88,7 +88,7 @@ func TestUpdateTeam(t *testing.T) {
 	assert.True(t, strings.HasPrefix(team.Description, "A long description!"))
 
 	access := unittest.AssertExistsAndLoadBean(t, &access_model.Access{UserID: 4, RepoID: 3})
-	assert.EqualValues(t, perm.AccessModeAdmin, access.Mode)
+	assert.Equal(t, perm.AccessModeAdmin, access.Mode)
 
 	unittest.CheckConsistencyFor(t, &organization.Team{ID: team.ID})
 }
@@ -166,24 +166,6 @@ func TestRemoveTeamMember(t *testing.T) {
 	assert.True(t, organization.IsErrLastOrgOwner(err))
 }
 
-func TestRepository_RecalculateAccesses3(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
-	team5 := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 5})
-	user29 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 29})
-
-	has, err := db.GetEngine(db.DefaultContext).Get(&access_model.Access{UserID: user29.ID, RepoID: 23})
-	assert.NoError(t, err)
-	assert.False(t, has)
-
-	// adding user29 to team5 should add an explicit access row for repo 23
-	// even though repo 23 is public
-	assert.NoError(t, AddTeamMember(db.DefaultContext, team5, user29))
-
-	has, err = db.GetEngine(db.DefaultContext).Get(&access_model.Access{UserID: user29.ID, RepoID: 23})
-	assert.NoError(t, err)
-	assert.True(t, has)
-}
-
 func TestIncludesAllRepositoriesTeams(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
@@ -222,8 +204,9 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
 
 	// Create repos.
 	repoIDs := make([]int64, 0)
-	for i := 0; i < 3; i++ {
-		r, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, org.AsUser(), repo_service.CreateRepoOptions{Name: fmt.Sprintf("repo-%d", i)})
+	for i := range 3 {
+		r, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, org.AsUser(),
+			repo_service.CreateRepoOptions{Name: fmt.Sprintf("repo-%d", i)}, true)
 		assert.NoError(t, err, "CreateRepository %d", i)
 		if r != nil {
 			repoIDs = append(repoIDs, r.ID)
@@ -285,7 +268,7 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
 	}
 
 	// Create repo and check teams repositories.
-	r, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, org.AsUser(), repo_service.CreateRepoOptions{Name: "repo-last"})
+	r, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, org.AsUser(), repo_service.CreateRepoOptions{Name: "repo-last"}, true)
 	assert.NoError(t, err, "CreateRepository last")
 	if r != nil {
 		repoIDs = append(repoIDs, r.ID)
@@ -298,7 +281,7 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
 	}
 
 	// Remove repo and check teams repositories.
-	assert.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repoIDs[0]), "DeleteRepository")
+	assert.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, repoIDs[0]), "DeleteRepository")
 	teamRepos[0] = repoIDs[1:]
 	teamRepos[1] = repoIDs[1:]
 	teamRepos[3] = repoIDs[1:3]
@@ -310,7 +293,7 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
 	// Wipe created items.
 	for i, rid := range repoIDs {
 		if i > 0 { // first repo already deleted.
-			assert.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, rid), "DeleteRepository %d", i)
+			assert.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, rid), "DeleteRepository %d", i)
 		}
 	}
 	assert.NoError(t, DeleteOrganization(db.DefaultContext, org, false), "DeleteOrganization")
diff --git a/services/org/user.go b/services/org/user.go
index 3565ecc2fc..26927253d2 100644
--- a/services/org/user.go
+++ b/services/org/user.go
@@ -64,10 +64,11 @@ func RemoveOrgUser(ctx context.Context, org *organization.Organization, user *us
 	if err != nil {
 		return fmt.Errorf("AccessibleReposEnv: %w", err)
 	}
-	repoIDs, err := env.RepoIDs(ctx, 1, org.NumRepos)
+	repoIDs, err := env.RepoIDs(ctx)
 	if err != nil {
 		return fmt.Errorf("GetUserRepositories [%d]: %w", user.ID, err)
 	}
+
 	for _, repoID := range repoIDs {
 		repo, err := repo_model.GetRepositoryByID(ctx, repoID)
 		if err != nil {
diff --git a/services/org/user_test.go b/services/org/user_test.go
index 96d1a1c8ca..c61d600d90 100644
--- a/services/org/user_test.go
+++ b/services/org/user_test.go
@@ -53,7 +53,7 @@ func TestRemoveOrgUser(t *testing.T) {
 		assert.NoError(t, RemoveOrgUser(db.DefaultContext, org, user))
 		unittest.AssertNotExistsBean(t, &organization.OrgUser{OrgID: org.ID, UID: user.ID})
 		org = unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: org.ID})
-		assert.EqualValues(t, expectedNumMembers, org.NumMembers)
+		assert.Equal(t, expectedNumMembers, org.NumMembers)
 	}
 
 	org3 := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3})
diff --git a/services/packages/alpine/repository.go b/services/packages/alpine/repository.go
index 27e6391980..277c188874 100644
--- a/services/packages/alpine/repository.go
+++ b/services/packages/alpine/repository.go
@@ -290,7 +290,7 @@ func buildPackagesIndex(ctx context.Context, ownerID int64, repoVersion *package
 
 	privPem, _ := pem.Decode([]byte(priv))
 	if privPem == nil {
-		return fmt.Errorf("failed to decode private key pem")
+		return errors.New("failed to decode private key pem")
 	}
 
 	privKey, err := x509.ParsePKCS1PrivateKey(privPem.Bytes)
diff --git a/services/packages/arch/repository.go b/services/packages/arch/repository.go
index a12af82ba5..438bb10837 100644
--- a/services/packages/arch/repository.go
+++ b/services/packages/arch/repository.go
@@ -13,6 +13,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"strconv"
 	"strings"
 
 	packages_model "code.gitea.io/gitea/models/packages"
@@ -372,8 +373,8 @@ func writeDescription(tw *tar.Writer, opts *entryOptions) error {
 		{"MD5SUM", opts.Blob.HashMD5},
 		{"SHA256SUM", opts.Blob.HashSHA256},
 		{"PGPSIG", opts.Signature},
-		{"CSIZE", fmt.Sprintf("%d", opts.Blob.Size)},
-		{"ISIZE", fmt.Sprintf("%d", opts.FileMetadata.InstalledSize)},
+		{"CSIZE", strconv.FormatInt(opts.Blob.Size, 10)},
+		{"ISIZE", strconv.FormatInt(opts.FileMetadata.InstalledSize, 10)},
 		{"NAME", opts.Package.Name},
 		{"BASE", opts.FileMetadata.Base},
 		{"ARCH", opts.FileMetadata.Architecture},
@@ -382,7 +383,7 @@ func writeDescription(tw *tar.Writer, opts *entryOptions) error {
 		{"URL", opts.VersionMetadata.ProjectURL},
 		{"LICENSE", strings.Join(opts.VersionMetadata.Licenses, "\n")},
 		{"GROUPS", strings.Join(opts.FileMetadata.Groups, "\n")},
-		{"BUILDDATE", fmt.Sprintf("%d", opts.FileMetadata.BuildDate)},
+		{"BUILDDATE", strconv.FormatInt(opts.FileMetadata.BuildDate, 10)},
 		{"PACKAGER", opts.FileMetadata.Packager},
 		{"PROVIDES", strings.Join(opts.FileMetadata.Provides, "\n")},
 		{"REPLACES", strings.Join(opts.FileMetadata.Replaces, "\n")},
diff --git a/services/packages/arch/vercmp.go b/services/packages/arch/vercmp.go
index 0d33dda0f1..d44aa530f0 100644
--- a/services/packages/arch/vercmp.go
+++ b/services/packages/arch/vercmp.go
@@ -34,13 +34,8 @@ func parseEVR(evr string) (epoch, version, release string) {
 
 func compareSegments(a, b []string) int {
 	lenA, lenB := len(a), len(b)
-	var l int
-	if lenA > lenB {
-		l = lenB
-	} else {
-		l = lenA
-	}
-	for i := 0; i < l; i++ {
+	l := min(lenA, lenB)
+	for i := range l {
 		if r := compare(a[i], b[i]); r != 0 {
 			return r
 		}
diff --git a/services/packages/auth.go b/services/packages/auth.go
index 4526a8e303..6e87643e29 100644
--- a/services/packages/auth.go
+++ b/services/packages/auth.go
@@ -4,6 +4,7 @@
 package packages
 
 import (
+	"errors"
 	"fmt"
 	"net/http"
 	"strings"
@@ -58,7 +59,7 @@ func ParseAuthorizationRequest(req *http.Request) (*PackageMeta, error) {
 	parts := strings.SplitN(h, " ", 2)
 	if len(parts) != 2 {
 		log.Error("split token failed: %s", h)
-		return nil, fmt.Errorf("split token failed")
+		return nil, errors.New("split token failed")
 	}
 
 	return ParseAuthorizationToken(parts[1])
@@ -77,7 +78,7 @@ func ParseAuthorizationToken(tokenStr string) (*PackageMeta, error) {
 
 	c, ok := token.Claims.(*packageClaims)
 	if !token.Valid || !ok {
-		return nil, fmt.Errorf("invalid token claim")
+		return nil, errors.New("invalid token claim")
 	}
 
 	return &c.PackageMeta, nil
diff --git a/services/packages/cargo/index.go b/services/packages/cargo/index.go
index 0c8a98c40f..605335d0f1 100644
--- a/services/packages/cargo/index.go
+++ b/services/packages/cargo/index.go
@@ -213,7 +213,7 @@ func getOrCreateIndexRepository(ctx context.Context, doer, owner *user_model.Use
 		if errors.Is(err, util.ErrNotExist) {
 			repo, err = repo_service.CreateRepositoryDirectly(ctx, doer, owner, repo_service.CreateRepoOptions{
 				Name: IndexRepositoryName,
-			})
+			}, true)
 			if err != nil {
 				return nil, fmt.Errorf("CreateRepository: %w", err)
 			}
@@ -247,7 +247,7 @@ func createOrUpdateConfigFile(ctx context.Context, repo *repo_model.Repository,
 		"Initialize Cargo Config",
 		func(t *files_service.TemporaryUploadRepository) error {
 			var b bytes.Buffer
-			err := json.NewEncoder(&b).Encode(BuildConfig(owner, setting.Service.RequireSignInView || owner.Visibility != structs.VisibleTypePublic || repo.IsPrivate))
+			err := json.NewEncoder(&b).Encode(BuildConfig(owner, setting.Service.RequireSignInViewStrict || owner.Visibility != structs.VisibleTypePublic || repo.IsPrivate))
 			if err != nil {
 				return err
 			}
@@ -310,7 +310,7 @@ func alterRepositoryContent(ctx context.Context, doer *user_model.User, repo *re
 }
 
 func writeObjectToIndex(ctx context.Context, t *files_service.TemporaryUploadRepository, path string, r io.Reader) error {
-	hash, err := t.HashObject(ctx, r)
+	hash, err := t.HashObjectAndWrite(ctx, r)
 	if err != nil {
 		return err
 	}
diff --git a/services/packages/cleanup/cleanup.go b/services/packages/cleanup/cleanup.go
index b7ba2b6ac4..ec860db1bb 100644
--- a/services/packages/cleanup/cleanup.go
+++ b/services/packages/cleanup/cleanup.go
@@ -32,165 +32,170 @@ func CleanupTask(ctx context.Context, olderThan time.Duration) error {
 	return CleanupExpiredData(ctx, olderThan)
 }
 
-func ExecuteCleanupRules(outerCtx context.Context) error {
-	ctx, committer, err := db.TxContext(outerCtx)
+func executeCleanupOneRulePackage(ctx context.Context, pcr *packages_model.PackageCleanupRule, p *packages_model.Package) (versionDeleted bool, err error) {
+	olderThan := time.Now().AddDate(0, 0, -pcr.RemoveDays)
+	pvs, _, err := packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
+		PackageID:  p.ID,
+		IsInternal: optional.Some(false),
+		Sort:       packages_model.SortCreatedDesc,
+	})
 	if err != nil {
-		return err
+		return false, fmt.Errorf("CleanupRule [%d]: SearchVersions failed: %w", pcr.ID, err)
 	}
-	defer committer.Close()
-
-	err = packages_model.IterateEnabledCleanupRules(ctx, func(ctx context.Context, pcr *packages_model.PackageCleanupRule) error {
-		select {
-		case <-outerCtx.Done():
-			return db.ErrCancelledf("While processing package cleanup rules")
-		default:
+	if pcr.KeepCount > 0 {
+		if pcr.KeepCount < len(pvs) {
+			pvs = pvs[pcr.KeepCount:]
+		} else {
+			pvs = nil
 		}
-
-		if err := pcr.CompiledPattern(); err != nil {
-			return fmt.Errorf("CleanupRule [%d]: CompilePattern failed: %w", pcr.ID, err)
+	}
+	for _, pv := range pvs {
+		if pcr.Type == packages_model.TypeContainer {
+			if skip, err := container_service.ShouldBeSkipped(ctx, pcr, p, pv); err != nil {
+				return false, fmt.Errorf("CleanupRule [%d]: container.ShouldBeSkipped failed: %w", pcr.ID, err)
+			} else if skip {
+				log.Debug("Rule[%d]: keep '%s/%s' (container)", pcr.ID, p.Name, pv.Version)
+				continue
+			}
 		}
-
-		olderThan := time.Now().AddDate(0, 0, -pcr.RemoveDays)
-
-		packages, err := packages_model.GetPackagesByType(ctx, pcr.OwnerID, pcr.Type)
-		if err != nil {
-			return fmt.Errorf("CleanupRule [%d]: GetPackagesByType failed: %w", pcr.ID, err)
+		toMatch := pv.LowerVersion
+		if pcr.MatchFullName {
+			toMatch = p.LowerName + "/" + pv.LowerVersion
+		}
+		if pcr.KeepPatternMatcher != nil && pcr.KeepPatternMatcher.MatchString(toMatch) {
+			log.Debug("Rule[%d]: keep '%s/%s' (keep pattern)", pcr.ID, p.Name, pv.Version)
+			continue
+		}
+		if pv.CreatedUnix.AsLocalTime().After(olderThan) {
+			log.Debug("Rule[%d]: keep '%s/%s' (remove days) %v", pcr.ID, p.Name, pv.Version, pv.CreatedUnix.FormatDate())
+			continue
 		}
+		if pcr.RemovePatternMatcher != nil && !pcr.RemovePatternMatcher.MatchString(toMatch) {
+			log.Debug("Rule[%d]: keep '%s/%s' (remove pattern)", pcr.ID, p.Name, pv.Version)
+			continue
+		}
+		log.Debug("Rule[%d]: remove '%s/%s'", pcr.ID, p.Name, pv.Version)
+		if err := packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
+			log.Error("CleanupRule [%d]: DeletePackageVersionAndReferences failed: %v", pcr.ID, err)
+			continue
+		}
+		versionDeleted = true
+	}
+	return versionDeleted, nil
+}
 
-		anyVersionDeleted := false
-		for _, p := range packages {
-			pvs, _, err := packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
-				PackageID:  p.ID,
-				IsInternal: optional.Some(false),
-				Sort:       packages_model.SortCreatedDesc,
-				Paginator:  db.NewAbsoluteListOptions(pcr.KeepCount, 200),
-			})
-			if err != nil {
-				return fmt.Errorf("CleanupRule [%d]: SearchVersions failed: %w", pcr.ID, err)
-			}
-			versionDeleted := false
-			for _, pv := range pvs {
-				if pcr.Type == packages_model.TypeContainer {
-					if skip, err := container_service.ShouldBeSkipped(ctx, pcr, p, pv); err != nil {
-						return fmt.Errorf("CleanupRule [%d]: container.ShouldBeSkipped failed: %w", pcr.ID, err)
-					} else if skip {
-						log.Debug("Rule[%d]: keep '%s/%s' (container)", pcr.ID, p.Name, pv.Version)
-						continue
-					}
-				}
+func executeCleanupOneRule(ctx context.Context, pcr *packages_model.PackageCleanupRule) error {
+	if err := pcr.CompiledPattern(); err != nil {
+		return fmt.Errorf("CleanupRule [%d]: CompilePattern failed: %w", pcr.ID, err)
+	}
 
-				toMatch := pv.LowerVersion
-				if pcr.MatchFullName {
-					toMatch = p.LowerName + "/" + pv.LowerVersion
-				}
+	packages, err := packages_model.GetPackagesByType(ctx, pcr.OwnerID, pcr.Type)
+	if err != nil {
+		return fmt.Errorf("CleanupRule [%d]: GetPackagesByType failed: %w", pcr.ID, err)
+	}
 
-				if pcr.KeepPatternMatcher != nil && pcr.KeepPatternMatcher.MatchString(toMatch) {
-					log.Debug("Rule[%d]: keep '%s/%s' (keep pattern)", pcr.ID, p.Name, pv.Version)
-					continue
-				}
-				if pv.CreatedUnix.AsLocalTime().After(olderThan) {
-					log.Debug("Rule[%d]: keep '%s/%s' (remove days)", pcr.ID, p.Name, pv.Version)
-					continue
-				}
-				if pcr.RemovePatternMatcher != nil && !pcr.RemovePatternMatcher.MatchString(toMatch) {
-					log.Debug("Rule[%d]: keep '%s/%s' (remove pattern)", pcr.ID, p.Name, pv.Version)
-					continue
+	anyVersionDeleted := false
+	for _, p := range packages {
+		versionDeleted := false
+		err = db.WithTx(ctx, func(ctx context.Context) (err error) {
+			versionDeleted, err = executeCleanupOneRulePackage(ctx, pcr, p)
+			return err
+		})
+		if err != nil {
+			log.Error("CleanupRule [%d]: executeCleanupOneRulePackage(%d) failed: %v", pcr.ID, p.ID, err)
+			continue
+		}
+		anyVersionDeleted = anyVersionDeleted || versionDeleted
+		if versionDeleted {
+			if pcr.Type == packages_model.TypeCargo {
+				owner, err := user_model.GetUserByID(ctx, pcr.OwnerID)
+				if err != nil {
+					return fmt.Errorf("GetUserByID failed: %w", err)
 				}
-
-				log.Debug("Rule[%d]: remove '%s/%s'", pcr.ID, p.Name, pv.Version)
-
-				if err := packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
-					return fmt.Errorf("CleanupRule [%d]: DeletePackageVersionAndReferences failed: %w", pcr.ID, err)
+				if err := cargo_service.UpdatePackageIndexIfExists(ctx, owner, owner, p.ID); err != nil {
+					return fmt.Errorf("CleanupRule [%d]: cargo.UpdatePackageIndexIfExists failed: %w", pcr.ID, err)
 				}
+			}
+		}
+	}
 
-				versionDeleted = true
-				anyVersionDeleted = true
+	if anyVersionDeleted {
+		switch pcr.Type {
+		case packages_model.TypeDebian:
+			if err := debian_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
+				return fmt.Errorf("CleanupRule [%d]: debian.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
+			}
+		case packages_model.TypeAlpine:
+			if err := alpine_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
+				return fmt.Errorf("CleanupRule [%d]: alpine.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
+			}
+		case packages_model.TypeRpm:
+			if err := rpm_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
+				return fmt.Errorf("CleanupRule [%d]: rpm.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
 			}
+		case packages_model.TypeArch:
+			release, err := arch_service.AquireRegistryLock(ctx, pcr.OwnerID)
+			if err != nil {
+				return err
+			}
+			defer release()
 
-			if versionDeleted {
-				if pcr.Type == packages_model.TypeCargo {
-					owner, err := user_model.GetUserByID(ctx, pcr.OwnerID)
-					if err != nil {
-						return fmt.Errorf("GetUserByID failed: %w", err)
-					}
-					if err := cargo_service.UpdatePackageIndexIfExists(ctx, owner, owner, p.ID); err != nil {
-						return fmt.Errorf("CleanupRule [%d]: cargo.UpdatePackageIndexIfExists failed: %w", pcr.ID, err)
-					}
-				}
+			if err := arch_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
+				return fmt.Errorf("CleanupRule [%d]: arch.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
 			}
 		}
+	}
+	return nil
+}
 
-		if anyVersionDeleted {
-			switch pcr.Type {
-			case packages_model.TypeDebian:
-				if err := debian_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
-					return fmt.Errorf("CleanupRule [%d]: debian.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
-				}
-			case packages_model.TypeAlpine:
-				if err := alpine_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
-					return fmt.Errorf("CleanupRule [%d]: alpine.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
-				}
-			case packages_model.TypeRpm:
-				if err := rpm_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
-					return fmt.Errorf("CleanupRule [%d]: rpm.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
-				}
-			case packages_model.TypeArch:
-				release, err := arch_service.AquireRegistryLock(ctx, pcr.OwnerID)
-				if err != nil {
-					return err
-				}
-				defer release()
+func ExecuteCleanupRules(ctx context.Context) error {
+	return packages_model.IterateEnabledCleanupRules(ctx, func(ctx context.Context, pcr *packages_model.PackageCleanupRule) error {
+		select {
+		case <-ctx.Done():
+			return db.ErrCancelledf("While processing package cleanup rules")
+		default:
+		}
 
-				if err := arch_service.BuildAllRepositoryFiles(ctx, pcr.OwnerID); err != nil {
-					return fmt.Errorf("CleanupRule [%d]: arch.BuildAllRepositoryFiles failed: %w", pcr.ID, err)
-				}
-			}
+		err := executeCleanupOneRule(ctx, pcr)
+		if err != nil {
+			log.Error("CleanupRule [%d]: executeCleanupOneRule failed: %v", pcr.ID, err)
 		}
 		return nil
 	})
-	if err != nil {
-		return err
-	}
-
-	return committer.Commit()
 }
 
-func CleanupExpiredData(outerCtx context.Context, olderThan time.Duration) error {
-	ctx, committer, err := db.TxContext(outerCtx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err := container_service.Cleanup(ctx, olderThan); err != nil {
-		return err
-	}
-
-	ps, err := packages_model.FindUnreferencedPackages(ctx)
-	if err != nil {
-		return err
-	}
-	for _, p := range ps {
-		if err := packages_model.DeleteAllProperties(ctx, packages_model.PropertyTypePackage, p.ID); err != nil {
+func CleanupExpiredData(ctx context.Context, olderThan time.Duration) error {
+	pbs := make([]*packages_model.PackageBlob, 0, 100)
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		if err := container_service.Cleanup(ctx, olderThan); err != nil {
 			return err
 		}
-		if err := packages_model.DeletePackageByID(ctx, p.ID); err != nil {
+
+		ps, err := packages_model.FindUnreferencedPackages(ctx)
+		if err != nil {
 			return err
 		}
-	}
-
-	pbs, err := packages_model.FindExpiredUnreferencedBlobs(ctx, olderThan)
-	if err != nil {
-		return err
-	}
+		for _, p := range ps {
+			if err := packages_model.DeleteAllProperties(ctx, packages_model.PropertyTypePackage, p.ID); err != nil {
+				return err
+			}
+			if err := packages_model.DeletePackageByID(ctx, p.ID); err != nil {
+				return err
+			}
+		}
 
-	for _, pb := range pbs {
-		if err := packages_model.DeleteBlobByID(ctx, pb.ID); err != nil {
+		pbs, err = packages_model.FindExpiredUnreferencedBlobs(ctx, olderThan)
+		if err != nil {
 			return err
 		}
-	}
 
-	if err := committer.Commit(); err != nil {
+		for _, pb := range pbs {
+			if err := packages_model.DeleteBlobByID(ctx, pb.ID); err != nil {
+				return err
+			}
+		}
+		return nil
+	}); err != nil {
 		return err
 	}
 
diff --git a/services/packages/container/blob_uploader.go b/services/packages/container/blob_uploader.go
index bae2e2d6af..27bc4a5421 100644
--- a/services/packages/container/blob_uploader.go
+++ b/services/packages/container/blob_uploader.go
@@ -12,7 +12,7 @@ import (
 	packages_model "code.gitea.io/gitea/models/packages"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/tempdir"
 )
 
 var (
@@ -30,8 +30,12 @@ type BlobUploader struct {
 	reading bool
 }
 
-func buildFilePath(id string) string {
-	return util.FilePathJoinAbs(setting.Packages.ChunkedUploadPath, id)
+func uploadPathTempDir() *tempdir.TempDir {
+	return setting.AppDataTempDir("package-upload")
+}
+
+func buildFilePath(uploadPath *tempdir.TempDir, id string) string {
+	return uploadPath.JoinPath(id)
 }
 
 // NewBlobUploader creates a new blob uploader for the given id
@@ -48,7 +52,12 @@ func NewBlobUploader(ctx context.Context, id string) (*BlobUploader, error) {
 		}
 	}
 
-	f, err := os.OpenFile(buildFilePath(model.ID), os.O_RDWR|os.O_CREATE, 0o666)
+	uploadPath := uploadPathTempDir()
+	_, err = uploadPath.MkdirAllSub("")
+	if err != nil {
+		return nil, err
+	}
+	f, err := os.OpenFile(buildFilePath(uploadPath, model.ID), os.O_RDWR|os.O_CREATE, 0o666)
 	if err != nil {
 		return nil, err
 	}
@@ -118,13 +127,13 @@ func (u *BlobUploader) Read(p []byte) (int, error) {
 	return u.file.Read(p)
 }
 
-// Remove deletes the data and the model of a blob upload
+// RemoveBlobUploadByID Remove deletes the data and the model of a blob upload
 func RemoveBlobUploadByID(ctx context.Context, id string) error {
 	if err := packages_model.DeleteBlobUploadByID(ctx, id); err != nil {
 		return err
 	}
 
-	err := os.Remove(buildFilePath(id))
+	err := os.Remove(buildFilePath(uploadPathTempDir(), id))
 	if err != nil && !os.IsNotExist(err) {
 		return err
 	}
diff --git a/services/packages/container/cleanup.go b/services/packages/container/cleanup.go
index 3f5f43bbc0..263562a396 100644
--- a/services/packages/container/cleanup.go
+++ b/services/packages/container/cleanup.go
@@ -13,7 +13,7 @@ import (
 	container_module "code.gitea.io/gitea/modules/packages/container"
 	packages_service "code.gitea.io/gitea/services/packages"
 
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 )
 
 // Cleanup removes expired container data
@@ -57,7 +57,7 @@ func cleanupExpiredUploadedBlobs(ctx context.Context, olderThan time.Duration) e
 		Type: packages_model.TypeContainer,
 		Version: packages_model.SearchValue{
 			ExactMatch: true,
-			Value:      container_model.UploadVersion,
+			Value:      container_module.UploadVersion,
 		},
 		IsInternal: optional.Some(true),
 		HasFiles:   optional.Some(false),
diff --git a/services/packages/container/common.go b/services/packages/container/common.go
index 5a14ed5b7a..02cbff2286 100644
--- a/services/packages/container/common.go
+++ b/services/packages/container/common.go
@@ -5,11 +5,17 @@ package container
 
 import (
 	"context"
+	"io"
 	"strings"
 
 	packages_model "code.gitea.io/gitea/models/packages"
+	container_service "code.gitea.io/gitea/models/packages/container"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/packages"
 	container_module "code.gitea.io/gitea/modules/packages/container"
+
+	"github.com/opencontainers/image-spec/specs-go/v1"
 )
 
 // UpdateRepositoryNames updates the repository name property for all packages of the specific owner
@@ -22,7 +28,7 @@ func UpdateRepositoryNames(ctx context.Context, owner *user_model.User, newOwner
 	newOwnerName = strings.ToLower(newOwnerName)
 
 	for _, p := range ps {
-		if err := packages_model.DeletePropertyByName(ctx, packages_model.PropertyTypePackage, p.ID, container_module.PropertyRepository); err != nil {
+		if err := packages_model.DeletePropertiesByName(ctx, packages_model.PropertyTypePackage, p.ID, container_module.PropertyRepository); err != nil {
 			return err
 		}
 
@@ -33,3 +39,26 @@ func UpdateRepositoryNames(ctx context.Context, owner *user_model.User, newOwner
 
 	return nil
 }
+
+func ParseManifestMetadata(ctx context.Context, rd io.Reader, ownerID int64, imageName string) (*v1.Manifest, *packages_model.PackageFileDescriptor, *container_module.Metadata, error) {
+	var manifest v1.Manifest
+	if err := json.NewDecoder(rd).Decode(&manifest); err != nil {
+		return nil, nil, nil, err
+	}
+	configDescriptor, err := container_service.GetContainerBlob(ctx, &container_service.BlobSearchOptions{
+		OwnerID: ownerID,
+		Image:   imageName,
+		Digest:  manifest.Config.Digest.String(),
+	})
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	configReader, err := packages.NewContentStore().OpenBlob(packages.BlobHash256Key(configDescriptor.Blob.HashSHA256))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+	defer configReader.Close()
+	metadata, err := container_module.ParseImageConfig(manifest.Config.MediaType, configReader)
+	return &manifest, configDescriptor, metadata, err
+}
diff --git a/services/packages/packages.go b/services/packages/packages.go
index bd1d460fd3..22b26b6563 100644
--- a/services/packages/packages.go
+++ b/services/packages/packages.go
@@ -9,6 +9,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net/http"
 	"net/url"
 	"strings"
 
@@ -468,24 +469,15 @@ func RemovePackageVersionByNameAndVersion(ctx context.Context, doer *user_model.
 
 // RemovePackageVersion deletes the package version and all associated files
 func RemovePackageVersion(ctx context.Context, doer *user_model.User, pv *packages_model.PackageVersion) error {
-	dbCtx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	pd, err := packages_model.GetPackageDescriptor(dbCtx, pv)
+	pd, err := packages_model.GetPackageDescriptor(ctx, pv)
 	if err != nil {
 		return err
 	}
 
-	log.Trace("Deleting package: %v", pv.ID)
-
-	if err := DeletePackageVersionAndReferences(dbCtx, pv); err != nil {
-		return err
-	}
-
-	if err := committer.Commit(); err != nil {
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		log.Trace("Deleting package: %v", pv.ID)
+		return DeletePackageVersionAndReferences(ctx, pv)
+	}); err != nil {
 		return err
 	}
 
@@ -563,8 +555,8 @@ func DeletePackageFile(ctx context.Context, pf *packages_model.PackageFile) erro
 	return packages_model.DeleteFileByID(ctx, pf.ID)
 }
 
-// GetFileStreamByPackageNameAndVersion returns the content of the specific package file
-func GetFileStreamByPackageNameAndVersion(ctx context.Context, pvi *PackageInfo, pfi *PackageFileInfo) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
+// OpenFileForDownloadByPackageNameAndVersion returns the content of the specific package file and increases the download counter.
+func OpenFileForDownloadByPackageNameAndVersion(ctx context.Context, pvi *PackageInfo, pfi *PackageFileInfo, method string) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
 	log.Trace("Getting package file stream: %v, %v, %s, %s, %s, %s", pvi.Owner.ID, pvi.PackageType, pvi.Name, pvi.Version, pfi.Filename, pfi.CompositeKey)
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, pvi.Owner.ID, pvi.PackageType, pvi.Name, pvi.Version)
@@ -576,32 +568,38 @@ func GetFileStreamByPackageNameAndVersion(ctx context.Context, pvi *PackageInfo,
 		return nil, nil, nil, err
 	}
 
-	return GetFileStreamByPackageVersion(ctx, pv, pfi)
+	return OpenFileForDownloadByPackageVersion(ctx, pv, pfi, method)
 }
 
-// GetFileStreamByPackageVersion returns the content of the specific package file
-func GetFileStreamByPackageVersion(ctx context.Context, pv *packages_model.PackageVersion, pfi *PackageFileInfo) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
+// OpenFileForDownloadByPackageVersion returns the content of the specific package file and increases the download counter.
+func OpenFileForDownloadByPackageVersion(ctx context.Context, pv *packages_model.PackageVersion, pfi *PackageFileInfo, method string) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
 	pf, err := packages_model.GetFileForVersionByName(ctx, pv.ID, pfi.Filename, pfi.CompositeKey)
 	if err != nil {
 		return nil, nil, nil, err
 	}
 
-	return GetPackageFileStream(ctx, pf)
+	return OpenFileForDownload(ctx, pf, method)
 }
 
-// GetPackageFileStream returns the content of the specific package file
-func GetPackageFileStream(ctx context.Context, pf *packages_model.PackageFile) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
+// OpenFileForDownload returns the content of the specific package file and increases the download counter.
+func OpenFileForDownload(ctx context.Context, pf *packages_model.PackageFile, method string) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
 	pb, err := packages_model.GetBlobByID(ctx, pf.BlobID)
 	if err != nil {
 		return nil, nil, nil, err
 	}
 
-	return GetPackageBlobStream(ctx, pf, pb, nil)
+	return OpenBlobForDownload(ctx, pf, pb, method, nil)
+}
+
+func OpenBlobStream(pb *packages_model.PackageBlob) (io.ReadSeekCloser, error) {
+	cs := packages_module.NewContentStore()
+	key := packages_module.BlobHash256Key(pb.HashSHA256)
+	return cs.OpenBlob(key)
 }
 
-// GetPackageBlobStream returns the content of the specific package blob
+// OpenBlobForDownload returns the content of the specific package blob and increases the download counter.
 // If the storage supports direct serving and it's enabled, only the direct serving url is returned.
-func GetPackageBlobStream(ctx context.Context, pf *packages_model.PackageFile, pb *packages_model.PackageBlob, serveDirectReqParams url.Values) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
+func OpenBlobForDownload(ctx context.Context, pf *packages_model.PackageFile, pb *packages_model.PackageBlob, method string, serveDirectReqParams url.Values) (io.ReadSeekCloser, *url.URL, *packages_model.PackageFile, error) {
 	key := packages_module.BlobHash256Key(pb.HashSHA256)
 
 	cs := packages_module.NewContentStore()
@@ -611,23 +609,24 @@ func GetPackageBlobStream(ctx context.Context, pf *packages_model.PackageFile, p
 	var err error
 
 	if cs.ShouldServeDirect() {
-		u, err = cs.GetServeDirectURL(key, pf.Name, serveDirectReqParams)
+		u, err = cs.GetServeDirectURL(key, pf.Name, method, serveDirectReqParams)
 		if err != nil && !errors.Is(err, storage.ErrURLNotSupported) {
-			log.Error("Error getting serve direct url: %v", err)
+			log.Error("Error getting serve direct url (fallback to local reader): %v", err)
 		}
 	}
 	if u == nil {
-		s, err = cs.Get(key)
+		s, err = cs.OpenBlob(key)
+	}
+	if err != nil {
+		return nil, nil, nil, err
 	}
 
-	if err == nil {
-		if pf.IsLead {
-			if err := packages_model.IncrementDownloadCounter(ctx, pf.VersionID); err != nil {
-				log.Error("Error incrementing download counter: %v", err)
-			}
+	if pf.IsLead && method == http.MethodGet {
+		if err := packages_model.IncrementDownloadCounter(ctx, pf.VersionID); err != nil {
+			log.Error("Error incrementing download counter: %v", err)
 		}
 	}
-	return s, u, pf, err
+	return s, u, pf, nil
 }
 
 // RemoveAllPackages for User
diff --git a/services/packages/rpm/repository.go b/services/packages/rpm/repository.go
index a7d196c15c..fbbf8d7dad 100644
--- a/services/packages/rpm/repository.go
+++ b/services/packages/rpm/repository.go
@@ -408,7 +408,6 @@ func buildPrimary(ctx context.Context, pv *packages_model.PackageVersion, pfs []
 				files = append(files, f)
 			}
 		}
-		packageVersion := fmt.Sprintf("%s-%s", pd.FileMetadata.Version, pd.FileMetadata.Release)
 		packages = append(packages, &Package{
 			Type:         "rpm",
 			Name:         pd.Package.Name,
@@ -437,7 +436,7 @@ func buildPrimary(ctx context.Context, pv *packages_model.PackageVersion, pfs []
 				Archive:   pd.FileMetadata.ArchiveSize,
 			},
 			Location: Location{
-				Href: fmt.Sprintf("package/%s/%s/%s/%s-%s.%s.rpm", pd.Package.Name, packageVersion, pd.FileMetadata.Architecture, pd.Package.Name, packageVersion, pd.FileMetadata.Architecture),
+				Href: fmt.Sprintf("package/%s/%s/%s/%s-%s.%s.rpm", pd.Package.Name, pd.Version.Version, pd.FileMetadata.Architecture, pd.Package.Name, pd.Version.Version, pd.FileMetadata.Architecture),
 			},
 			Format: Format{
 				License:   pd.VersionMetadata.License,
@@ -471,7 +470,7 @@ func buildPrimary(ctx context.Context, pv *packages_model.PackageVersion, pfs []
 }
 
 // https://docs.pulpproject.org/en/2.19/plugins/pulp_rpm/tech-reference/rpm.html#filelists-xml
-func buildFilelists(ctx context.Context, pv *packages_model.PackageVersion, pfs []*packages_model.PackageFile, c packageCache, group string) (*repoData, error) { //nolint:dupl
+func buildFilelists(ctx context.Context, pv *packages_model.PackageVersion, pfs []*packages_model.PackageFile, c packageCache, group string) (*repoData, error) { //nolint:dupl // duplicates with buildOther
 	type Version struct {
 		Epoch   string `xml:"epoch,attr"`
 		Version string `xml:"ver,attr"`
@@ -518,7 +517,7 @@ func buildFilelists(ctx context.Context, pv *packages_model.PackageVersion, pfs
 }
 
 // https://docs.pulpproject.org/en/2.19/plugins/pulp_rpm/tech-reference/rpm.html#other-xml
-func buildOther(ctx context.Context, pv *packages_model.PackageVersion, pfs []*packages_model.PackageFile, c packageCache, group string) (*repoData, error) { //nolint:dupl
+func buildOther(ctx context.Context, pv *packages_model.PackageVersion, pfs []*packages_model.PackageFile, c packageCache, group string) (*repoData, error) { //nolint:dupl // duplicates with buildFilelists
 	type Version struct {
 		Epoch   string `xml:"epoch,attr"`
 		Version string `xml:"ver,attr"`
diff --git a/services/projects/issue.go b/services/projects/issue.go
index 090d19d2f4..590fe960d5 100644
--- a/services/projects/issue.go
+++ b/services/projects/issue.go
@@ -5,7 +5,7 @@ package project
 
 import (
 	"context"
-	"fmt"
+	"errors"
 
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
@@ -29,7 +29,7 @@ func MoveIssuesOnProjectColumn(ctx context.Context, doer *user_model.User, colum
 			return err
 		}
 		if int(count) != len(sortedIssueIDs) {
-			return fmt.Errorf("all issues have to be added to a project first")
+			return errors.New("all issues have to be added to a project first")
 		}
 
 		issues, err := issues_model.GetIssuesByIDs(ctx, issueIDs)
diff --git a/services/projects/issue_test.go b/services/projects/issue_test.go
index b6f0b1dae1..e76d31e757 100644
--- a/services/projects/issue_test.go
+++ b/services/projects/issue_test.go
@@ -130,7 +130,7 @@ func Test_Projects(t *testing.T) {
 		})
 		assert.NoError(t, err)
 		assert.Len(t, projects, 1)
-		assert.EqualValues(t, project1.ID, projects[0].ID)
+		assert.Equal(t, project1.ID, projects[0].ID)
 
 		t.Run("Authenticated user", func(t *testing.T) {
 			columnIssues, err := LoadIssuesFromProject(db.DefaultContext, projects[0], &issues_model.IssuesOptions{
diff --git a/services/pull/check.go b/services/pull/check.go
index 9b159891d7..7fcec22f49 100644
--- a/services/pull/check.go
+++ b/services/pull/check.go
@@ -1,5 +1,4 @@
-// Copyright 2019 The Gitea Authors.
-// All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package pull
@@ -10,11 +9,13 @@ import (
 	"fmt"
 	"strconv"
 	"strings"
+	"time"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	access_model "code.gitea.io/gitea/models/perm/access"
+	"code.gitea.io/gitea/models/pull"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
@@ -25,8 +26,10 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/queue"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
+	"code.gitea.io/gitea/services/automergequeue"
 	notify_service "code.gitea.io/gitea/services/notify"
 )
 
@@ -34,27 +37,88 @@ import (
 var prPatchCheckerQueue *queue.WorkerPoolQueue[string]
 
 var (
-	ErrIsClosed              = errors.New("pull is closed")
-	ErrUserNotAllowedToMerge = ErrDisallowedToMerge{}
-	ErrHasMerged             = errors.New("has already been merged")
-	ErrIsWorkInProgress      = errors.New("work in progress PRs cannot be merged")
-	ErrIsChecking            = errors.New("cannot merge while conflict checking is in progress")
-	ErrNotMergeableState     = errors.New("not in mergeable state")
-	ErrDependenciesLeft      = errors.New("is blocked by an open dependency")
+	ErrIsClosed            = errors.New("pull is closed")
+	ErrNoPermissionToMerge = errors.New("no permission to merge")
+	ErrNotReadyToMerge     = errors.New("not ready to merge")
+	ErrHasMerged           = errors.New("has already been merged")
+	ErrIsWorkInProgress    = errors.New("work in progress PRs cannot be merged")
+	ErrIsChecking          = errors.New("cannot merge while conflict checking is in progress")
+	ErrNotMergeableState   = errors.New("not in mergeable state")
+	ErrDependenciesLeft    = errors.New("is blocked by an open dependency")
 )
 
-// AddToTaskQueue adds itself to pull request test task queue.
-func AddToTaskQueue(ctx context.Context, pr *issues_model.PullRequest) {
+func markPullRequestStatusAsChecking(ctx context.Context, pr *issues_model.PullRequest) bool {
 	pr.Status = issues_model.PullRequestStatusChecking
 	err := pr.UpdateColsIfNotMerged(ctx, "status")
 	if err != nil {
-		log.Error("AddToTaskQueue(%-v).UpdateCols.(add to queue): %v", pr, err)
+		log.Error("UpdateColsIfNotMerged failed, pr: %-v, err: %v", pr, err)
+		return false
+	}
+	pr, err = issues_model.GetPullRequestByID(ctx, pr.ID)
+	if err != nil {
+		log.Error("GetPullRequestByID failed, pr: %-v, err: %v", pr, err)
+		return false
+	}
+	return pr.Status == issues_model.PullRequestStatusChecking
+}
+
+var AddPullRequestToCheckQueue = realAddPullRequestToCheckQueue
+
+func realAddPullRequestToCheckQueue(prID int64) {
+	err := prPatchCheckerQueue.Push(strconv.FormatInt(prID, 10))
+	if err != nil && !errors.Is(err, queue.ErrAlreadyInQueue) {
+		log.Error("Error adding %v to the pull requests check queue: %v", prID, err)
+	}
+}
+
+func StartPullRequestCheckImmediately(ctx context.Context, pr *issues_model.PullRequest) {
+	if !markPullRequestStatusAsChecking(ctx, pr) {
 		return
 	}
-	log.Trace("Adding %-v to the test pull requests queue", pr)
-	err = prPatchCheckerQueue.Push(strconv.FormatInt(pr.ID, 10))
-	if err != nil && err != queue.ErrAlreadyInQueue {
-		log.Error("Error adding %-v to the test pull requests queue: %v", pr, err)
+	AddPullRequestToCheckQueue(pr.ID)
+}
+
+// StartPullRequestCheckDelayable will delay the check if the pull request was not updated recently.
+// When the "base" branch gets updated, all PRs targeting that "base" branch need to re-check whether
+// they are mergeable.
+// When there are too many stale PRs, each "base" branch update will consume a lot of system resources.
+// So we can delay the checks for PRs that were not updated recently, only mark their status as
+// "checking", and then next time when these PRs are updated or viewed, the real checks will run.
+func StartPullRequestCheckDelayable(ctx context.Context, pr *issues_model.PullRequest) {
+	if !markPullRequestStatusAsChecking(ctx, pr) {
+		return
+	}
+
+	if setting.Repository.PullRequest.DelayCheckForInactiveDays >= 0 {
+		if err := pr.LoadIssue(ctx); err != nil {
+			return
+		}
+		duration := 24 * time.Hour * time.Duration(setting.Repository.PullRequest.DelayCheckForInactiveDays)
+		if pr.Issue.UpdatedUnix.AddDuration(duration) <= timeutil.TimeStampNow() {
+			return
+		}
+	}
+
+	AddPullRequestToCheckQueue(pr.ID)
+}
+
+func StartPullRequestCheckOnView(ctx context.Context, pr *issues_model.PullRequest) {
+	// TODO: its correctness totally depends on the "unique queue" feature and the global lock.
+	// So duplicate "start" requests will be ignored if there is already a task in the queue or one is running.
+	// Ideally in the future we should decouple the "unique queue" feature from the "start" request.
+	if pr.Status == issues_model.PullRequestStatusChecking {
+		if setting.IsInTesting {
+			// In testing mode, there might be an "immediate" queue, which is not a real queue, everything is executed in the same goroutine
+			// So we can't use the global lock here, otherwise it will cause a deadlock.
+			AddPullRequestToCheckQueue(pr.ID)
+		} else {
+			// When a PR check starts, the task is popped from the queue and the task handler acquires the global lock
+			// So we need to acquire the global lock here to prevent from duplicate tasks
+			_, _ = globallock.TryLockAndDo(ctx, getPullWorkingLockKey(pr.ID), func(ctx context.Context) error {
+				AddPullRequestToCheckQueue(pr.ID) // the queue is a unique queue and won't add the same task again
+				return nil
+			})
+		}
 	}
 }
 
@@ -84,7 +148,7 @@ func CheckPullMergeable(stdCtx context.Context, doer *user_model.User, perm *acc
 			log.Error("Error whilst checking if %-v is allowed to merge %-v: %v", doer, pr, err)
 			return err
 		} else if !allowedMerge {
-			return ErrUserNotAllowedToMerge
+			return ErrNoPermissionToMerge
 		}
 
 		if mergeCheckType == MergeCheckTypeManually {
@@ -105,7 +169,7 @@ func CheckPullMergeable(stdCtx context.Context, doer *user_model.User, perm *acc
 		}
 
 		if err := CheckPullBranchProtections(ctx, pr, false); err != nil {
-			if !IsErrDisallowedToMerge(err) {
+			if !errors.Is(err, ErrNotReadyToMerge) {
 				log.Error("Error whilst checking pull branch protection for %-v: %v", pr, err)
 				return err
 			}
@@ -167,15 +231,15 @@ func isSignedIfRequired(ctx context.Context, pr *issues_model.PullRequest, doer
 		return true, nil
 	}
 
-	sign, _, _, err := asymkey_service.SignMerge(ctx, pr, doer, pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitRefName())
+	sign, _, _, err := asymkey_service.SignMerge(ctx, pr, doer, pr.BaseRepo.RepoPath(), pr.BaseBranch, pr.GetGitHeadRefName())
 
 	return sign, err
 }
 
-// checkAndUpdateStatus checks if pull request is possible to leaving checking status,
+// markPullRequestAsMergeable checks if pull request is possible to leaving checking status,
 // and set to be either conflict or mergeable.
-func checkAndUpdateStatus(ctx context.Context, pr *issues_model.PullRequest) {
-	// If status has not been changed to conflict by testPatch then we are mergeable
+func markPullRequestAsMergeable(ctx context.Context, pr *issues_model.PullRequest) {
+	// If the status has not been changed to conflict by testPullRequestTmpRepoBranchMergeable then we are mergeable
 	if pr.Status == issues_model.PullRequestStatusChecking {
 		pr.Status = issues_model.PullRequestStatusMergeable
 	}
@@ -194,6 +258,16 @@ func checkAndUpdateStatus(ctx context.Context, pr *issues_model.PullRequest) {
 	if err := pr.UpdateColsIfNotMerged(ctx, "merge_base", "status", "conflicted_files", "changed_protected_files"); err != nil {
 		log.Error("Update[%-v]: %v", pr, err)
 	}
+
+	// if there is a scheduled merge for this pull request, start the auto merge check (again)
+	exist, _, err := pull.GetScheduledMergeByPullID(ctx, pr.ID)
+	if err != nil {
+		log.Error("GetScheduledMergeByPullID[%-v]: %v", pr, err)
+		return
+	} else if !exist {
+		return
+	}
+	automergequeue.StartPRCheckAndAutoMerge(ctx, pr)
 }
 
 // getMergeCommit checks if a pull request has been merged
@@ -203,7 +277,7 @@ func getMergeCommit(ctx context.Context, pr *issues_model.PullRequest) (*git.Com
 		return nil, fmt.Errorf("unable to load base repo for %s: %w", pr, err)
 	}
 
-	prHeadRef := pr.GetGitRefName()
+	prHeadRef := pr.GetGitHeadRefName()
 
 	// Check if the pull request is merged into BaseBranch
 	if _, _, err := git.NewCommand("merge-base", "--is-ancestor").
@@ -310,6 +384,10 @@ func manuallyMerged(ctx context.Context, pr *issues_model.PullRequest) bool {
 
 // InitializePullRequests checks and tests untested patches of pull requests.
 func InitializePullRequests(ctx context.Context) {
+	// If we prefer to delay the checks, then no need to do any check during startup, there should be not much difference
+	if setting.Repository.PullRequest.DelayCheckForInactiveDays >= 0 {
+		return
+	}
 	prs, err := issues_model.GetPullRequestIDsByCheckStatus(ctx, issues_model.PullRequestStatusChecking)
 	if err != nil {
 		log.Error("Find Checking PRs: %v", err)
@@ -320,24 +398,12 @@ func InitializePullRequests(ctx context.Context) {
 		case <-ctx.Done():
 			return
 		default:
-			log.Trace("Adding PR[%d] to the pull requests patch checking queue", prID)
-			if err := prPatchCheckerQueue.Push(strconv.FormatInt(prID, 10)); err != nil {
-				log.Error("Error adding PR[%d] to the pull requests patch checking queue %v", prID, err)
-			}
+			AddPullRequestToCheckQueue(prID)
 		}
 	}
 }
 
-// handle passed PR IDs and test the PRs
-func handler(items ...string) []string {
-	for _, s := range items {
-		id, _ := strconv.ParseInt(s, 10, 64)
-		testPR(id)
-	}
-	return nil
-}
-
-func testPR(id int64) {
+func checkPullRequestMergeable(id int64) {
 	ctx := graceful.GetManager().HammerContext()
 	releaser, err := globallock.Lock(ctx, getPullWorkingLockKey(id))
 	if err != nil {
@@ -351,7 +417,7 @@ func testPR(id int64) {
 
 	pr, err := issues_model.GetPullRequestByID(ctx, id)
 	if err != nil {
-		log.Error("Unable to GetPullRequestByID[%d] for testPR: %v", id, err)
+		log.Error("Unable to GetPullRequestByID[%d] for checkPullRequestMergeable: %v", id, err)
 		return
 	}
 
@@ -370,15 +436,15 @@ func testPR(id int64) {
 		return
 	}
 
-	if err := TestPatch(pr); err != nil {
-		log.Error("testPatch[%-v]: %v", pr, err)
+	if err := testPullRequestBranchMergeable(pr); err != nil {
+		log.Error("testPullRequestTmpRepoBranchMergeable[%-v]: %v", pr, err)
 		pr.Status = issues_model.PullRequestStatusError
 		if err := pr.UpdateCols(ctx, "status"); err != nil {
 			log.Error("update pr [%-v] status to PullRequestStatusError failed: %v", pr, err)
 		}
 		return
 	}
-	checkAndUpdateStatus(ctx, pr)
+	markPullRequestAsMergeable(ctx, pr)
 }
 
 // CheckPRsForBaseBranch check all pulls with baseBrannch
@@ -387,20 +453,24 @@ func CheckPRsForBaseBranch(ctx context.Context, baseRepo *repo_model.Repository,
 	if err != nil {
 		return err
 	}
-
 	for _, pr := range prs {
-		AddToTaskQueue(ctx, pr)
+		StartPullRequestCheckImmediately(ctx, pr)
 	}
-
 	return nil
 }
 
 // Init runs the task queue to test all the checking status pull requests
 func Init() error {
-	prPatchCheckerQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "pr_patch_checker", handler)
+	prPatchCheckerQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "pr_patch_checker", func(items ...string) []string {
+		for _, s := range items {
+			id, _ := strconv.ParseInt(s, 10, 64)
+			checkPullRequestMergeable(id)
+		}
+		return nil
+	})
 
 	if prPatchCheckerQueue == nil {
-		return fmt.Errorf("unable to create pr_patch_checker queue")
+		return errors.New("unable to create pr_patch_checker queue")
 	}
 
 	go graceful.GetManager().RunWithCancel(prPatchCheckerQueue)
diff --git a/services/pull/check_test.go b/services/pull/check_test.go
index 5508a70f45..eb66615dcf 100644
--- a/services/pull/check_test.go
+++ b/services/pull/check_test.go
@@ -1,5 +1,4 @@
-// Copyright 2019 The Gitea Authors.
-// All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package pull
@@ -11,11 +10,18 @@ import (
 
 	"code.gitea.io/gitea/models/db"
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/models/pull"
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/queue"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/services/automergequeue"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestPullRequest_AddToTaskQueue(t *testing.T) {
@@ -36,7 +42,7 @@ func TestPullRequest_AddToTaskQueue(t *testing.T) {
 	assert.NoError(t, err)
 
 	pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
-	AddToTaskQueue(db.DefaultContext, pr)
+	StartPullRequestCheckImmediately(db.DefaultContext, pr)
 
 	assert.Eventually(t, func() bool {
 		pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
@@ -51,7 +57,7 @@ func TestPullRequest_AddToTaskQueue(t *testing.T) {
 
 	select {
 	case id := <-idChan:
-		assert.EqualValues(t, pr.ID, id)
+		assert.Equal(t, pr.ID, id)
 	case <-time.After(time.Second):
 		assert.FailNow(t, "Timeout: nothing was added to pullRequestQueue")
 	}
@@ -63,6 +69,46 @@ func TestPullRequest_AddToTaskQueue(t *testing.T) {
 	pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
 	assert.Equal(t, issues_model.PullRequestStatusChecking, pr.Status)
 
-	prPatchCheckerQueue.ShutdownWait(5 * time.Second)
+	prPatchCheckerQueue.ShutdownWait(time.Second)
 	prPatchCheckerQueue = nil
 }
+
+func TestMarkPullRequestAsMergeable(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	prPatchCheckerQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "pr_patch_checker", func(items ...string) []string { return nil })
+	go prPatchCheckerQueue.Run()
+	defer func() {
+		prPatchCheckerQueue.ShutdownWait(time.Second)
+		prPatchCheckerQueue = nil
+	}()
+
+	addToQueueShaChan := make(chan string, 1)
+	defer test.MockVariableValue(&automergequeue.AddToQueue, func(pr *issues_model.PullRequest, sha string) {
+		addToQueueShaChan <- sha
+	})()
+	ctx := t.Context()
+	_, _ = db.GetEngine(ctx).ID(2).Update(&issues_model.PullRequest{Status: issues_model.PullRequestStatusChecking})
+	pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
+	require.False(t, pr.HasMerged)
+	require.Equal(t, issues_model.PullRequestStatusChecking, pr.Status)
+
+	err := pull.ScheduleAutoMerge(ctx, &user_model.User{ID: 99999}, pr.ID, repo_model.MergeStyleMerge, "test msg", true)
+	require.NoError(t, err)
+
+	exist, scheduleMerge, err := pull.GetScheduledMergeByPullID(ctx, pr.ID)
+	require.NoError(t, err)
+	assert.True(t, exist)
+	assert.True(t, scheduleMerge.Doer.IsGhost())
+
+	markPullRequestAsMergeable(ctx, pr)
+	pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
+	require.Equal(t, issues_model.PullRequestStatusMergeable, pr.Status)
+
+	select {
+	case sha := <-addToQueueShaChan:
+		assert.Equal(t, "985f0301dba5e7b34be866819cd15ad3d8f508ee", sha) // ref: refs/pull/3/head
+	case <-time.After(1 * time.Second):
+		assert.FailNow(t, "Timeout: nothing was added to automergequeue")
+	}
+}
diff --git a/services/pull/commit_status.go b/services/pull/commit_status.go
index 0bfff21746..d15d318149 100644
--- a/services/pull/commit_status.go
+++ b/services/pull/commit_status.go
@@ -10,93 +10,59 @@ import (
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/structs"
 
 	"github.com/gobwas/glob"
 	"github.com/pkg/errors"
 )
 
 // MergeRequiredContextsCommitStatus returns a commit status state for given required contexts
-func MergeRequiredContextsCommitStatus(commitStatuses []*git_model.CommitStatus, requiredContexts []string) structs.CommitStatusState {
-	// matchedCount is the number of `CommitStatus.Context` that match any context of `requiredContexts`
-	matchedCount := 0
-	returnedStatus := structs.CommitStatusSuccess
-
-	if len(requiredContexts) > 0 {
-		requiredContextsGlob := make(map[string]glob.Glob, len(requiredContexts))
-		for _, ctx := range requiredContexts {
-			if gp, err := glob.Compile(ctx); err != nil {
-				log.Error("glob.Compile %s failed. Error: %v", ctx, err)
-			} else {
-				requiredContextsGlob[ctx] = gp
-			}
-		}
-
-		for _, gp := range requiredContextsGlob {
-			var targetStatus structs.CommitStatusState
-			for _, commitStatus := range commitStatuses {
-				if gp.Match(commitStatus.Context) {
-					targetStatus = commitStatus.State
-					matchedCount++
-					break
-				}
-			}
-
-			// If required rule not match any action, then it is pending
-			if targetStatus == "" {
-				if structs.CommitStatusPending.NoBetterThan(returnedStatus) {
-					returnedStatus = structs.CommitStatusPending
-				}
-				break
-			}
-
-			if targetStatus.NoBetterThan(returnedStatus) {
-				returnedStatus = targetStatus
-			}
-		}
+func MergeRequiredContextsCommitStatus(commitStatuses []*git_model.CommitStatus, requiredContexts []string) commitstatus.CommitStatusState {
+	if len(commitStatuses) == 0 {
+		return commitstatus.CommitStatusPending
 	}
 
-	if matchedCount == 0 && returnedStatus == structs.CommitStatusSuccess {
-		status := git_model.CalcCommitStatus(commitStatuses)
-		if status != nil {
-			return status.State
-		}
-		return structs.CommitStatusSuccess
+	if len(requiredContexts) == 0 {
+		return git_model.CalcCommitStatus(commitStatuses).State
 	}
 
-	return returnedStatus
-}
-
-// IsCommitStatusContextSuccess returns true if all required status check contexts succeed.
-func IsCommitStatusContextSuccess(commitStatuses []*git_model.CommitStatus, requiredContexts []string) bool {
-	// If no specific context is required, require that last commit status is a success
-	if len(requiredContexts) == 0 {
-		status := git_model.CalcCommitStatus(commitStatuses)
-		if status == nil || status.State != structs.CommitStatusSuccess {
-			return false
+	requiredContextsGlob := make(map[string]glob.Glob, len(requiredContexts))
+	for _, ctx := range requiredContexts {
+		if gp, err := glob.Compile(ctx); err != nil {
+			log.Error("glob.Compile %s failed. Error: %v", ctx, err)
+		} else {
+			requiredContextsGlob[ctx] = gp
 		}
-		return true
 	}
 
-	for _, ctx := range requiredContexts {
-		var found bool
+	requiredCommitStatuses := make([]*git_model.CommitStatus, 0, len(commitStatuses))
+	allRequiredContextsMatched := true
+	for _, gp := range requiredContextsGlob {
+		requiredContextMatched := false
 		for _, commitStatus := range commitStatuses {
-			if commitStatus.Context == ctx {
-				if commitStatus.State != structs.CommitStatusSuccess {
-					return false
-				}
-
-				found = true
-				break
+			if gp.Match(commitStatus.Context) {
+				requiredCommitStatuses = append(requiredCommitStatuses, commitStatus)
+				requiredContextMatched = true
 			}
 		}
-		if !found {
-			return false
-		}
+		allRequiredContextsMatched = allRequiredContextsMatched && requiredContextMatched
+	}
+	if len(requiredCommitStatuses) == 0 {
+		return commitstatus.CommitStatusPending
+	}
+
+	returnedStatus := git_model.CalcCommitStatus(requiredCommitStatuses).State
+	if allRequiredContextsMatched {
+		return returnedStatus
+	}
+
+	if returnedStatus == commitstatus.CommitStatusFailure {
+		return commitstatus.CommitStatusFailure
 	}
-	return true
+	// even if part of success, return pending
+	return commitstatus.CommitStatusPending
 }
 
 // IsPullCommitStatusPass returns if all required status checks PASS
@@ -117,7 +83,7 @@ func IsPullCommitStatusPass(ctx context.Context, pr *issues_model.PullRequest) (
 }
 
 // GetPullRequestCommitStatusState returns pull request merged commit status state
-func GetPullRequestCommitStatusState(ctx context.Context, pr *issues_model.PullRequest) (structs.CommitStatusState, error) {
+func GetPullRequestCommitStatusState(ctx context.Context, pr *issues_model.PullRequest) (commitstatus.CommitStatusState, error) {
 	// Ensure HeadRepo is loaded
 	if err := pr.LoadHeadRepo(ctx); err != nil {
 		return "", errors.Wrap(err, "LoadHeadRepo")
@@ -133,7 +99,7 @@ func GetPullRequestCommitStatusState(ctx context.Context, pr *issues_model.PullR
 	if pr.Flow == issues_model.PullRequestFlowGithub && !gitrepo.IsBranchExist(ctx, pr.HeadRepo, pr.HeadBranch) {
 		return "", errors.New("Head branch does not exist, can not merge")
 	}
-	if pr.Flow == issues_model.PullRequestFlowAGit && !gitrepo.IsReferenceExist(ctx, pr.HeadRepo, pr.GetGitRefName()) {
+	if pr.Flow == issues_model.PullRequestFlowAGit && !gitrepo.IsReferenceExist(ctx, pr.HeadRepo, pr.GetGitHeadRefName()) {
 		return "", errors.New("Head branch does not exist, can not merge")
 	}
 
@@ -141,7 +107,7 @@ func GetPullRequestCommitStatusState(ctx context.Context, pr *issues_model.PullR
 	if pr.Flow == issues_model.PullRequestFlowGithub {
 		sha, err = headGitRepo.GetBranchCommitID(pr.HeadBranch)
 	} else {
-		sha, err = headGitRepo.GetRefCommitID(pr.GetGitRefName())
+		sha, err = headGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	}
 	if err != nil {
 		return "", err
@@ -151,7 +117,7 @@ func GetPullRequestCommitStatusState(ctx context.Context, pr *issues_model.PullR
 		return "", errors.Wrap(err, "LoadBaseRepo")
 	}
 
-	commitStatuses, _, err := git_model.GetLatestCommitStatus(ctx, pr.BaseRepo.ID, sha, db.ListOptionsAll)
+	commitStatuses, err := git_model.GetLatestCommitStatus(ctx, pr.BaseRepo.ID, sha, db.ListOptionsAll)
 	if err != nil {
 		return "", errors.Wrap(err, "GetLatestCommitStatus")
 	}
diff --git a/services/pull/commit_status_test.go b/services/pull/commit_status_test.go
index 592acdd55c..a58e788c04 100644
--- a/services/pull/commit_status_test.go
+++ b/services/pull/commit_status_test.go
@@ -8,58 +8,85 @@ import (
 	"testing"
 
 	git_model "code.gitea.io/gitea/models/git"
-	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/commitstatus"
 
 	"github.com/stretchr/testify/assert"
 )
 
 func TestMergeRequiredContextsCommitStatus(t *testing.T) {
-	testCases := [][]*git_model.CommitStatus{
+	cases := []struct {
+		commitStatuses   []*git_model.CommitStatus
+		requiredContexts []string
+		expected         commitstatus.CommitStatusState
+	}{
 		{
-			{Context: "Build 1", State: structs.CommitStatusSuccess},
-			{Context: "Build 2", State: structs.CommitStatusSuccess},
-			{Context: "Build 3", State: structs.CommitStatusSuccess},
+			commitStatuses:   []*git_model.CommitStatus{},
+			requiredContexts: []string{},
+			expected:         commitstatus.CommitStatusPending,
 		},
 		{
-			{Context: "Build 1", State: structs.CommitStatusSuccess},
-			{Context: "Build 2", State: structs.CommitStatusSuccess},
-			{Context: "Build 2t", State: structs.CommitStatusPending},
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build xxx", State: commitstatus.CommitStatusSkipped},
+			},
+			requiredContexts: []string{"Build*"},
+			expected:         commitstatus.CommitStatusSuccess,
 		},
 		{
-			{Context: "Build 1", State: structs.CommitStatusSuccess},
-			{Context: "Build 2", State: structs.CommitStatusSuccess},
-			{Context: "Build 2t", State: structs.CommitStatusFailure},
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSkipped},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 3", State: commitstatus.CommitStatusSuccess},
+			},
+			requiredContexts: []string{"Build*"},
+			expected:         commitstatus.CommitStatusSuccess,
 		},
 		{
-			{Context: "Build 1", State: structs.CommitStatusSuccess},
-			{Context: "Build 2", State: structs.CommitStatusSuccess},
-			{Context: "Build 2t", State: structs.CommitStatusSuccess},
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2t", State: commitstatus.CommitStatusPending},
+			},
+			requiredContexts: []string{"Build*", "Build 2t*"},
+			expected:         commitstatus.CommitStatusPending,
 		},
 		{
-			{Context: "Build 1", State: structs.CommitStatusSuccess},
-			{Context: "Build 2", State: structs.CommitStatusSuccess},
-			{Context: "Build 2t", State: structs.CommitStatusSuccess},
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2t", State: commitstatus.CommitStatusFailure},
+			},
+			requiredContexts: []string{"Build*", "Build 2t*"},
+			expected:         commitstatus.CommitStatusFailure,
+		},
+		{
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2t", State: commitstatus.CommitStatusFailure},
+			},
+			requiredContexts: []string{"Build*"},
+			expected:         commitstatus.CommitStatusFailure,
+		},
+		{
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2t", State: commitstatus.CommitStatusSuccess},
+			},
+			requiredContexts: []string{"Build*", "Build 2t*", "Build 3*"},
+			expected:         commitstatus.CommitStatusPending,
+		},
+		{
+			commitStatuses: []*git_model.CommitStatus{
+				{Context: "Build 1", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2", State: commitstatus.CommitStatusSuccess},
+				{Context: "Build 2t", State: commitstatus.CommitStatusSuccess},
+			},
+			requiredContexts: []string{"Build*", "Build *", "Build 2t*", "Build 1*"},
+			expected:         commitstatus.CommitStatusSuccess,
 		},
 	}
-	testCasesRequiredContexts := [][]string{
-		{"Build*"},
-		{"Build*", "Build 2t*"},
-		{"Build*", "Build 2t*"},
-		{"Build*", "Build 2t*", "Build 3*"},
-		{"Build*", "Build *", "Build 2t*", "Build 1*"},
-	}
-
-	testCasesExpected := []structs.CommitStatusState{
-		structs.CommitStatusSuccess,
-		structs.CommitStatusPending,
-		structs.CommitStatusFailure,
-		structs.CommitStatusPending,
-		structs.CommitStatusSuccess,
-	}
-
-	for i, commitStatuses := range testCases {
-		if MergeRequiredContextsCommitStatus(commitStatuses, testCasesRequiredContexts[i]) != testCasesExpected[i] {
-			assert.Fail(t, "Test case failed", "Test case %d failed", i+1)
-		}
+	for i, c := range cases {
+		assert.Equal(t, c.expected, MergeRequiredContextsCommitStatus(c.commitStatuses, c.requiredContexts), "case %d", i)
 	}
 }
diff --git a/services/pull/merge.go b/services/pull/merge.go
index 1e1ca55bc1..a941c20435 100644
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@@ -6,12 +6,15 @@ package pull
 
 import (
 	"context"
+	"errors"
 	"fmt"
+	"maps"
 	"os"
 	"path/filepath"
 	"regexp"
 	"strconv"
 	"strings"
+	"unicode"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
@@ -59,7 +62,7 @@ func getMergeMessage(ctx context.Context, baseGitRepo *git.Repository, pr *issue
 		issueReference = "!"
 	}
 
-	reviewedOn := fmt.Sprintf("Reviewed-on: %s", httplib.MakeAbsoluteURL(ctx, pr.Issue.Link()))
+	reviewedOn := "Reviewed-on: " + httplib.MakeAbsoluteURL(ctx, pr.Issue.Link())
 	reviewedBy := pr.GetApprovers(ctx)
 
 	if mergeStyle != "" {
@@ -93,9 +96,7 @@ func getMergeMessage(ctx context.Context, baseGitRepo *git.Repository, pr *issue
 				vars["HeadRepoOwnerName"] = pr.HeadRepo.OwnerName
 				vars["HeadRepoName"] = pr.HeadRepo.Name
 			}
-			for extraKey, extraValue := range extraVars {
-				vars[extraKey] = extraValue
-			}
+			maps.Copy(vars, extraVars)
 			refs, err := pr.ResolveCrossReferences(ctx)
 			if err == nil {
 				closeIssueIndexes := make([]string, 0, len(refs))
@@ -160,6 +161,41 @@ func GetDefaultMergeMessage(ctx context.Context, baseGitRepo *git.Repository, pr
 	return getMergeMessage(ctx, baseGitRepo, pr, mergeStyle, nil)
 }
 
+func AddCommitMessageTailer(message, tailerKey, tailerValue string) string {
+	tailerLine := tailerKey + ": " + tailerValue
+	message = strings.ReplaceAll(message, "\r\n", "\n")
+	message = strings.ReplaceAll(message, "\r", "\n")
+	if strings.Contains(message, "\n"+tailerLine+"\n") || strings.HasSuffix(message, "\n"+tailerLine) {
+		return message
+	}
+
+	if !strings.HasSuffix(message, "\n") {
+		message += "\n"
+	}
+	pos1 := strings.LastIndexByte(message[:len(message)-1], '\n')
+	pos2 := -1
+	if pos1 != -1 {
+		pos2 = strings.IndexByte(message[pos1:], ':')
+		if pos2 != -1 {
+			pos2 += pos1
+		}
+	}
+	var lastLineKey string
+	if pos1 != -1 && pos2 != -1 {
+		lastLineKey = message[pos1+1 : pos2]
+	}
+
+	isLikelyTailerLine := lastLineKey != "" && unicode.IsUpper(rune(lastLineKey[0])) && strings.Contains(message, "-")
+	for i := 0; isLikelyTailerLine && i < len(lastLineKey); i++ {
+		r := rune(lastLineKey[i])
+		isLikelyTailerLine = unicode.IsLetter(r) || unicode.IsDigit(r) || r == '-'
+	}
+	if !strings.HasSuffix(message, "\n\n") && !isLikelyTailerLine {
+		message += "\n"
+	}
+	return message + tailerLine
+}
+
 // ErrInvalidMergeStyle represents an error if merging with disabled merge strategy
 type ErrInvalidMergeStyle struct {
 	ID    int64
@@ -289,7 +325,7 @@ func handleCloseCrossReferences(ctx context.Context, pr *issues_model.PullReques
 }
 
 // doMergeAndPush performs the merge operation without changing any pull information in database and pushes it up to the base repository
-func doMergeAndPush(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, mergeStyle repo_model.MergeStyle, expectedHeadCommitID, message string, pushTrigger repo_module.PushTrigger) (string, error) { //nolint:unparam
+func doMergeAndPush(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, mergeStyle repo_model.MergeStyle, expectedHeadCommitID, message string, pushTrigger repo_module.PushTrigger) (string, error) { //nolint:unparam // non-error result is never used
 	// Clone base repo.
 	mergeCtx, cancel, err := createTemporaryRepoForMerge(ctx, pr, doer, expectedHeadCommitID)
 	if err != nil {
@@ -395,10 +431,13 @@ func doMergeAndPush(ctx context.Context, pr *issues_model.PullRequest, doer *use
 
 func commitAndSignNoAuthor(ctx *mergeContext, message string) error {
 	cmdCommit := git.NewCommand("commit").AddOptionFormat("--message=%s", message)
-	if ctx.signKeyID == "" {
+	if ctx.signKey == nil {
 		cmdCommit.AddArguments("--no-gpg-sign")
 	} else {
-		cmdCommit.AddOptionFormat("-S%s", ctx.signKeyID)
+		if ctx.signKey.Format != "" {
+			cmdCommit.AddConfig("gpg.format", ctx.signKey.Format)
+		}
+		cmdCommit.AddOptionFormat("-S%s", ctx.signKey.KeyID)
 	}
 	if err := cmdCommit.Run(ctx, ctx.RunOpts()); err != nil {
 		log.Error("git commit %-v: %v\n%s\n%s", ctx.pr, err, ctx.outbuf.String(), ctx.errbuf.String())
@@ -517,25 +556,6 @@ func IsUserAllowedToMerge(ctx context.Context, pr *issues_model.PullRequest, p a
 	return false, nil
 }
 
-// ErrDisallowedToMerge represents an error that a branch is protected and the current user is not allowed to modify it.
-type ErrDisallowedToMerge struct {
-	Reason string
-}
-
-// IsErrDisallowedToMerge checks if an error is an ErrDisallowedToMerge.
-func IsErrDisallowedToMerge(err error) bool {
-	_, ok := err.(ErrDisallowedToMerge)
-	return ok
-}
-
-func (err ErrDisallowedToMerge) Error() string {
-	return fmt.Sprintf("not allowed to merge [reason: %s]", err.Reason)
-}
-
-func (err ErrDisallowedToMerge) Unwrap() error {
-	return util.ErrPermissionDenied
-}
-
 // CheckPullBranchProtections checks whether the PR is ready to be merged (reviews and status checks)
 func CheckPullBranchProtections(ctx context.Context, pr *issues_model.PullRequest, skipProtectedFilesCheck bool) (err error) {
 	if err = pr.LoadBaseRepo(ctx); err != nil {
@@ -555,31 +575,21 @@ func CheckPullBranchProtections(ctx context.Context, pr *issues_model.PullReques
 		return err
 	}
 	if !isPass {
-		return ErrDisallowedToMerge{
-			Reason: "Not all required status checks successful",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "Not all required status checks successful")
 	}
 
 	if !issues_model.HasEnoughApprovals(ctx, pb, pr) {
-		return ErrDisallowedToMerge{
-			Reason: "Does not have enough approvals",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "Does not have enough approvals")
 	}
 	if issues_model.MergeBlockedByRejectedReview(ctx, pb, pr) {
-		return ErrDisallowedToMerge{
-			Reason: "There are requested changes",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "There are requested changes")
 	}
 	if issues_model.MergeBlockedByOfficialReviewRequests(ctx, pb, pr) {
-		return ErrDisallowedToMerge{
-			Reason: "There are official review requests",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "There are official review requests")
 	}
 
 	if issues_model.MergeBlockedByOutdatedBranch(pb, pr) {
-		return ErrDisallowedToMerge{
-			Reason: "The head branch is behind the base branch",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "The head branch is behind the base branch")
 	}
 
 	if skipProtectedFilesCheck {
@@ -587,9 +597,7 @@ func CheckPullBranchProtections(ctx context.Context, pr *issues_model.PullReques
 	}
 
 	if pb.MergeBlockedByProtectedFiles(pr.ChangedProtectedFiles) {
-		return ErrDisallowedToMerge{
-			Reason: "Changed protected files",
-		}
+		return util.ErrorWrap(ErrNotReadyToMerge, "Changed protected files")
 	}
 
 	return nil
@@ -621,13 +629,13 @@ func MergedManually(ctx context.Context, pr *issues_model.PullRequest, doer *use
 
 		objectFormat := git.ObjectFormatFromName(pr.BaseRepo.ObjectFormatName)
 		if len(commitID) != objectFormat.FullLength() {
-			return fmt.Errorf("Wrong commit ID")
+			return errors.New("Wrong commit ID")
 		}
 
 		commit, err := baseGitRepo.GetCommit(commitID)
 		if err != nil {
 			if git.IsErrNotExist(err) {
-				return fmt.Errorf("Wrong commit ID")
+				return errors.New("Wrong commit ID")
 			}
 			return err
 		}
@@ -638,14 +646,14 @@ func MergedManually(ctx context.Context, pr *issues_model.PullRequest, doer *use
 			return err
 		}
 		if !ok {
-			return fmt.Errorf("Wrong commit ID")
+			return errors.New("Wrong commit ID")
 		}
 
 		var merged bool
 		if merged, err = SetMerged(ctx, pr, commitID, timeutil.TimeStamp(commit.Author.When.Unix()), doer, issues_model.PullRequestStatusManuallyMerged); err != nil {
 			return err
 		} else if !merged {
-			return fmt.Errorf("SetMerged failed")
+			return errors.New("SetMerged failed")
 		}
 		return nil
 	})
@@ -679,48 +687,40 @@ func SetMerged(ctx context.Context, pr *issues_model.PullRequest, mergedCommitID
 		return false, fmt.Errorf("unable to merge PullRequest[%d], some required fields are empty", pr.Index)
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return false, err
-	}
-	defer committer.Close()
-
-	pr.Issue = nil
-	if err := pr.LoadIssue(ctx); err != nil {
-		return false, err
-	}
-
-	if err := pr.Issue.LoadRepo(ctx); err != nil {
-		return false, err
-	}
+	return db.WithTx2(ctx, func(ctx context.Context) (bool, error) {
+		pr.Issue = nil
+		if err := pr.LoadIssue(ctx); err != nil {
+			return false, err
+		}
 
-	if err := pr.Issue.Repo.LoadOwner(ctx); err != nil {
-		return false, err
-	}
+		if err := pr.Issue.LoadRepo(ctx); err != nil {
+			return false, err
+		}
 
-	// Removing an auto merge pull and ignore if not exist
-	if err := pull_model.DeleteScheduledAutoMerge(ctx, pr.ID); err != nil && !db.IsErrNotExist(err) {
-		return false, fmt.Errorf("DeleteScheduledAutoMerge[%d]: %v", pr.ID, err)
-	}
+		if err := pr.Issue.Repo.LoadOwner(ctx); err != nil {
+			return false, err
+		}
 
-	// Set issue as closed
-	if _, err := issues_model.SetIssueAsClosed(ctx, pr.Issue, pr.Merger, true); err != nil {
-		return false, fmt.Errorf("ChangeIssueStatus: %w", err)
-	}
+		// Removing an auto merge pull and ignore if not exist
+		if err := pull_model.DeleteScheduledAutoMerge(ctx, pr.ID); err != nil && !db.IsErrNotExist(err) {
+			return false, fmt.Errorf("DeleteScheduledAutoMerge[%d]: %v", pr.ID, err)
+		}
 
-	// We need to save all of the data used to compute this merge as it may have already been changed by TestPatch. FIXME: need to set some state to prevent TestPatch from running whilst we are merging.
-	if cnt, err := db.GetEngine(ctx).Where("id = ?", pr.ID).
-		And("has_merged = ?", false).
-		Cols("has_merged, status, merge_base, merged_commit_id, merger_id, merged_unix, conflicted_files").
-		Update(pr); err != nil {
-		return false, fmt.Errorf("failed to update pr[%d]: %w", pr.ID, err)
-	} else if cnt != 1 {
-		return false, issues_model.ErrIssueAlreadyChanged
-	}
+		// Set issue as closed
+		if _, err := issues_model.SetIssueAsClosed(ctx, pr.Issue, pr.Merger, true); err != nil {
+			return false, fmt.Errorf("ChangeIssueStatus: %w", err)
+		}
 
-	if err := committer.Commit(); err != nil {
-		return false, err
-	}
+		// We need to save all of the data used to compute this merge as it may have already been changed by testPullRequestBranchMergeable. FIXME: need to set some state to prevent testPullRequestBranchMergeable from running whilst we are merging.
+		if cnt, err := db.GetEngine(ctx).Where("id = ?", pr.ID).
+			And("has_merged = ?", false).
+			Cols("has_merged, status, merge_base, merged_commit_id, merger_id, merged_unix, conflicted_files").
+			Update(pr); err != nil {
+			return false, fmt.Errorf("failed to update pr[%d]: %w", pr.ID, err)
+		} else if cnt != 1 {
+			return false, issues_model.ErrIssueAlreadyChanged
+		}
 
-	return true, nil
+		return true, nil
+	})
 }
diff --git a/services/pull/merge_prepare.go b/services/pull/merge_prepare.go
index 593cba550a..31a1e13734 100644
--- a/services/pull/merge_prepare.go
+++ b/services/pull/merge_prepare.go
@@ -23,11 +23,11 @@ import (
 )
 
 type mergeContext struct {
-	*prContext
+	*prTmpRepoContext
 	doer      *user_model.User
 	sig       *git.Signature
 	committer *git.Signature
-	signKeyID string // empty for no-sign, non-empty to sign
+	signKey   *git.SigningKey
 	env       []string
 }
 
@@ -68,8 +68,8 @@ func createTemporaryRepoForMerge(ctx context.Context, pr *issues_model.PullReque
 	}
 
 	mergeCtx = &mergeContext{
-		prContext: prCtx,
-		doer:      doer,
+		prTmpRepoContext: prCtx,
+		doer:             doer,
 	}
 
 	if expectedHeadCommitID != "" {
@@ -99,9 +99,9 @@ func createTemporaryRepoForMerge(ctx context.Context, pr *issues_model.PullReque
 	mergeCtx.committer = mergeCtx.sig
 
 	// Determine if we should sign
-	sign, keyID, signer, _ := asymkey_service.SignMerge(ctx, mergeCtx.pr, mergeCtx.doer, mergeCtx.tmpBasePath, "HEAD", trackingBranch)
+	sign, key, signer, _ := asymkey_service.SignMerge(ctx, mergeCtx.pr, mergeCtx.doer, mergeCtx.tmpBasePath, "HEAD", trackingBranch)
 	if sign {
-		mergeCtx.signKeyID = keyID
+		mergeCtx.signKey = key
 		if pr.BaseRepo.GetTrustModel() == repo_model.CommitterTrustModel || pr.BaseRepo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
 			mergeCtx.committer = signer
 		}
diff --git a/services/pull/merge_squash.go b/services/pull/merge_squash.go
index 076189fd7a..0049c0b117 100644
--- a/services/pull/merge_squash.go
+++ b/services/pull/merge_squash.go
@@ -5,7 +5,6 @@ package pull
 
 import (
 	"fmt"
-	"strings"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
@@ -66,18 +65,19 @@ func doMergeStyleSquash(ctx *mergeContext, message string) error {
 
 	if setting.Repository.PullRequest.AddCoCommitterTrailers && ctx.committer.String() != sig.String() {
 		// add trailer
-		if !strings.Contains(message, fmt.Sprintf("Co-authored-by: %s", sig.String())) {
-			message += fmt.Sprintf("\nCo-authored-by: %s", sig.String())
-		}
-		message += fmt.Sprintf("\nCo-committed-by: %s\n", sig.String())
+		message = AddCommitMessageTailer(message, "Co-authored-by", sig.String())
+		message = AddCommitMessageTailer(message, "Co-committed-by", sig.String()) // FIXME: this one should be removed, it is not really used or widely used
 	}
 	cmdCommit := git.NewCommand("commit").
 		AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email).
 		AddOptionFormat("--message=%s", message)
-	if ctx.signKeyID == "" {
+	if ctx.signKey == nil {
 		cmdCommit.AddArguments("--no-gpg-sign")
 	} else {
-		cmdCommit.AddOptionFormat("-S%s", ctx.signKeyID)
+		if ctx.signKey.Format != "" {
+			cmdCommit.AddConfig("gpg.format", ctx.signKey.Format)
+		}
+		cmdCommit.AddOptionFormat("-S%s", ctx.signKey.KeyID)
 	}
 	if err := cmdCommit.Run(ctx, ctx.RunOpts()); err != nil {
 		log.Error("git commit %-v: %v\n%s\n%s", ctx.pr, err, ctx.outbuf.String(), ctx.errbuf.String())
diff --git a/services/pull/merge_test.go b/services/pull/merge_test.go
index 6df6f55d46..91abeb9d9c 100644
--- a/services/pull/merge_test.go
+++ b/services/pull/merge_test.go
@@ -65,3 +65,28 @@ func Test_expandDefaultMergeMessage(t *testing.T) {
 		})
 	}
 }
+
+func TestAddCommitMessageTailer(t *testing.T) {
+	// add tailer for empty message
+	assert.Equal(t, "\n\nTest-tailer: TestValue", AddCommitMessageTailer("", "Test-tailer", "TestValue"))
+
+	// add tailer for message without newlines
+	assert.Equal(t, "title\n\nTest-tailer: TestValue", AddCommitMessageTailer("title", "Test-tailer", "TestValue"))
+	assert.Equal(t, "title\n\nNot tailer: xxx\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n\nNot tailer: xxx", "Test-tailer", "TestValue"))
+	assert.Equal(t, "title\n\nNotTailer: xxx\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n\nNotTailer: xxx", "Test-tailer", "TestValue"))
+	assert.Equal(t, "title\n\nnot-tailer: xxx\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n\nnot-tailer: xxx", "Test-tailer", "TestValue"))
+
+	// add tailer for message with one EOL
+	assert.Equal(t, "title\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n", "Test-tailer", "TestValue"))
+
+	// add tailer for message with two EOLs
+	assert.Equal(t, "title\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n\n", "Test-tailer", "TestValue"))
+
+	// add tailer for message with existing tailer (won't duplicate)
+	assert.Equal(t, "title\n\nTest-tailer: TestValue", AddCommitMessageTailer("title\n\nTest-tailer: TestValue", "Test-tailer", "TestValue"))
+	assert.Equal(t, "title\n\nTest-tailer: TestValue\n", AddCommitMessageTailer("title\n\nTest-tailer: TestValue\n", "Test-tailer", "TestValue"))
+
+	// add tailer for message with existing tailer and different value (will append)
+	assert.Equal(t, "title\n\nTest-tailer: v1\nTest-tailer: v2", AddCommitMessageTailer("title\n\nTest-tailer: v1", "Test-tailer", "v2"))
+	assert.Equal(t, "title\n\nTest-tailer: v1\nTest-tailer: v2", AddCommitMessageTailer("title\n\nTest-tailer: v1\n", "Test-tailer", "v2"))
+}
diff --git a/services/pull/patch.go b/services/pull/patch.go
index 29f2f992ab..9d9b8d0d07 100644
--- a/services/pull/patch.go
+++ b/services/pull/patch.go
@@ -41,7 +41,7 @@ func DownloadDiffOrPatch(ctx context.Context, pr *issues_model.PullRequest, w io
 	}
 	defer closer.Close()
 
-	compareArg := pr.MergeBase + "..." + pr.GetGitRefName()
+	compareArg := pr.MergeBase + "..." + pr.GetGitHeadRefName()
 	switch {
 	case patch:
 		err = gitRepo.GetPatch(compareArg, w)
@@ -67,9 +67,8 @@ var patchErrorSuffices = []string{
 	": does not exist in index",
 }
 
-// TestPatch will test whether a simple patch will apply
-func TestPatch(pr *issues_model.PullRequest) error {
-	ctx, _, finished := process.GetManager().AddContext(graceful.GetManager().HammerContext(), fmt.Sprintf("TestPatch: %s", pr))
+func testPullRequestBranchMergeable(pr *issues_model.PullRequest) error {
+	ctx, _, finished := process.GetManager().AddContext(graceful.GetManager().HammerContext(), fmt.Sprintf("testPullRequestBranchMergeable: %s", pr))
 	defer finished()
 
 	prCtx, cancel, err := createTemporaryRepoForPR(ctx, pr)
@@ -81,10 +80,10 @@ func TestPatch(pr *issues_model.PullRequest) error {
 	}
 	defer cancel()
 
-	return testPatch(ctx, prCtx, pr)
+	return testPullRequestTmpRepoBranchMergeable(ctx, prCtx, pr)
 }
 
-func testPatch(ctx context.Context, prCtx *prContext, pr *issues_model.PullRequest) error {
+func testPullRequestTmpRepoBranchMergeable(ctx context.Context, prCtx *prTmpRepoContext, pr *issues_model.PullRequest) error {
 	gitRepo, err := git.OpenRepository(ctx, prCtx.tmpBasePath)
 	if err != nil {
 		return fmt.Errorf("OpenRepository: %w", err)
@@ -134,7 +133,7 @@ type errMergeConflict struct {
 }
 
 func (e *errMergeConflict) Error() string {
-	return fmt.Sprintf("conflict detected at: %s", e.filename)
+	return "conflict detected at: " + e.filename
 }
 
 func attemptMerge(ctx context.Context, file *unmergedFile, tmpBasePath string, filesToRemove *[]string, filesToAdd *[]git.IndexObjectInfo) error {
@@ -355,23 +354,19 @@ func checkConflicts(ctx context.Context, pr *issues_model.PullRequest, gitRepo *
 	}
 
 	// 3b. Create a plain patch from head to base
-	tmpPatchFile, err := os.CreateTemp("", "patch")
+	tmpPatchFile, cleanup, err := setting.AppDataTempDir("git-repo-content").CreateTempFileRandom("patch")
 	if err != nil {
 		log.Error("Unable to create temporary patch file! Error: %v", err)
 		return false, fmt.Errorf("unable to create temporary patch file! Error: %w", err)
 	}
-	defer func() {
-		_ = util.Remove(tmpPatchFile.Name())
-	}()
+	defer cleanup()
 
 	if err := gitRepo.GetDiffBinary(pr.MergeBase+"...tracking", tmpPatchFile); err != nil {
-		tmpPatchFile.Close()
 		log.Error("Unable to get patch file from %s to %s in %s Error: %v", pr.MergeBase, pr.HeadBranch, pr.BaseRepo.FullName(), err)
 		return false, fmt.Errorf("unable to get patch file from %s to %s in %s Error: %w", pr.MergeBase, pr.HeadBranch, pr.BaseRepo.FullName(), err)
 	}
 	stat, err := tmpPatchFile.Stat()
 	if err != nil {
-		tmpPatchFile.Close()
 		return false, fmt.Errorf("unable to stat patch file: %w", err)
 	}
 	patchPath := tmpPatchFile.Name()
@@ -384,7 +379,7 @@ func checkConflicts(ctx context.Context, pr *issues_model.PullRequest, gitRepo *
 		return false, nil
 	}
 
-	log.Trace("PullRequest[%d].testPatch (patchPath): %s", pr.ID, patchPath)
+	log.Trace("PullRequest[%d].testPullRequestTmpRepoBranchMergeable (patchPath): %s", pr.ID, patchPath)
 
 	// 4. Read the base branch in to the index of the temporary repository
 	_, _, err = git.NewCommand("read-tree", "base").RunStdString(gitRepo.Ctx, &git.RunOpts{Dir: tmpBasePath})
@@ -454,7 +449,7 @@ func checkConflicts(ctx context.Context, pr *issues_model.PullRequest, gitRepo *
 			scanner := bufio.NewScanner(stderrReader)
 			for scanner.Scan() {
 				line := scanner.Text()
-				log.Trace("PullRequest[%d].testPatch: stderr: %s", pr.ID, line)
+				log.Trace("PullRequest[%d].testPullRequestTmpRepoBranchMergeable: stderr: %s", pr.ID, line)
 				if strings.HasPrefix(line, prefix) {
 					conflict = true
 					filepath := strings.TrimSpace(strings.Split(line[len(prefix):], ":")[0])
diff --git a/services/pull/pull.go b/services/pull/pull.go
index 4641d4ac40..e55d4f5bb1 100644
--- a/services/pull/pull.go
+++ b/services/pull/pull.go
@@ -33,7 +33,6 @@ import (
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
-	gitea_context "code.gitea.io/gitea/services/context"
 	issue_service "code.gitea.io/gitea/services/issue"
 	notify_service "code.gitea.io/gitea/services/notify"
 )
@@ -96,7 +95,7 @@ func NewPullRequest(ctx context.Context, opts *NewPullRequestOptions) error {
 	}
 	defer cancel()
 
-	if err := testPatch(ctx, prCtx, pr); err != nil {
+	if err := testPullRequestTmpRepoBranchMergeable(ctx, prCtx, pr); err != nil {
 		return err
 	}
 
@@ -143,7 +142,7 @@ func NewPullRequest(ctx context.Context, opts *NewPullRequestOptions) error {
 		}
 
 		compareInfo, err := baseGitRepo.GetCompareInfo(pr.BaseRepo.RepoPath(),
-			git.BranchPrefix+pr.BaseBranch, pr.GetGitRefName(), false, false)
+			git.BranchPrefix+pr.BaseBranch, pr.GetGitHeadRefName(), false, false)
 		if err != nil {
 			return err
 		}
@@ -184,7 +183,7 @@ func NewPullRequest(ctx context.Context, opts *NewPullRequestOptions) error {
 		return nil
 	}); err != nil {
 		// cleanup: this will only remove the reference, the real commit will be clean up when next GC
-		if err1 := baseGitRepo.RemoveReference(pr.GetGitRefName()); err1 != nil {
+		if err1 := baseGitRepo.RemoveReference(pr.GetGitHeadRefName()); err1 != nil {
 			log.Error("RemoveReference: %v", err1)
 		}
 		return err
@@ -314,12 +313,12 @@ func ChangeTargetBranch(ctx context.Context, pr *issues_model.PullRequest, doer
 	pr.BaseBranch = targetBranch
 
 	// Refresh patch
-	if err := TestPatch(pr); err != nil {
+	if err := testPullRequestBranchMergeable(pr); err != nil {
 		return err
 	}
 
 	// Update target branch, PR diff and status
-	// This is the same as checkAndUpdateStatus in check service, but also updates base_branch
+	// This is the same as markPullRequestAsMergeable in check service, but also updates base_branch
 	if pr.Status == issues_model.PullRequestStatusChecking {
 		pr.Status = issues_model.PullRequestStatusMergeable
 	}
@@ -409,7 +408,7 @@ func AddTestPullRequestTask(opts TestPullRequestOptions) {
 				continue
 			}
 
-			AddToTaskQueue(ctx, pr)
+			StartPullRequestCheckImmediately(ctx, pr)
 			comment, err := CreatePushPullComment(ctx, opts.Doer, pr, opts.OldCommitID, opts.NewCommitID)
 			if err == nil && comment != nil {
 				notify_service.PullRequestPushCommits(ctx, opts.Doer, pr, comment)
@@ -463,12 +462,7 @@ func AddTestPullRequestTask(opts TestPullRequestOptions) {
 					}
 
 					if !pr.IsWorkInProgress(ctx) {
-						var reviewNotifiers []*issue_service.ReviewRequestNotifier
-						if opts.IsForcePush {
-							reviewNotifiers, err = issue_service.PullRequestCodeOwnersReview(ctx, pr)
-						} else {
-							reviewNotifiers, err = issue_service.PullRequestCodeOwnersReviewSpecialCommits(ctx, pr, opts.OldCommitID, opts.NewCommitID)
-						}
+						reviewNotifiers, err := issue_service.PullRequestCodeOwnersReview(ctx, pr)
 						if err != nil {
 							log.Error("PullRequestCodeOwnersReview: %v", err)
 						}
@@ -502,7 +496,7 @@ func AddTestPullRequestTask(opts TestPullRequestOptions) {
 					log.Error("UpdateCommitDivergence: %v", err)
 				}
 			}
-			AddToTaskQueue(ctx, pr)
+			StartPullRequestCheckDelayable(ctx, pr)
 		}
 	})
 }
@@ -572,7 +566,7 @@ func PushToBaseRepo(ctx context.Context, pr *issues_model.PullRequest) (err erro
 }
 
 func pushToBaseRepoHelper(ctx context.Context, pr *issues_model.PullRequest, prefixHeadBranch string) (err error) {
-	log.Trace("PushToBaseRepo[%d]: pushing commits to base repo '%s'", pr.BaseRepoID, pr.GetGitRefName())
+	log.Trace("PushToBaseRepo[%d]: pushing commits to base repo '%s'", pr.BaseRepoID, pr.GetGitHeadRefName())
 
 	if err := pr.LoadHeadRepo(ctx); err != nil {
 		log.Error("Unable to load head repository for PR[%d] Error: %v", pr.ID, err)
@@ -593,7 +587,7 @@ func pushToBaseRepoHelper(ctx context.Context, pr *issues_model.PullRequest, pre
 		return fmt.Errorf("unable to load poster %d for pr %d: %w", pr.Issue.PosterID, pr.ID, err)
 	}
 
-	gitRefName := pr.GetGitRefName()
+	gitRefName := pr.GetGitHeadRefName()
 
 	if err := git.Push(ctx, headRepoPath, git.PushOptions{
 		Remote: baseRepoPath,
@@ -647,13 +641,13 @@ func UpdatePullsRefs(ctx context.Context, repo *repo_model.Repository, update *r
 
 // UpdateRef update refs/pull/id/head directly for agit flow pull request
 func UpdateRef(ctx context.Context, pr *issues_model.PullRequest) (err error) {
-	log.Trace("UpdateRef[%d]: upgate pull request ref in base repo '%s'", pr.ID, pr.GetGitRefName())
+	log.Trace("UpdateRef[%d]: upgate pull request ref in base repo '%s'", pr.ID, pr.GetGitHeadRefName())
 	if err := pr.LoadBaseRepo(ctx); err != nil {
 		log.Error("Unable to load base repository for PR[%d] Error: %v", pr.ID, err)
 		return err
 	}
 
-	_, _, err = git.NewCommand("update-ref").AddDynamicArguments(pr.GetGitRefName(), pr.HeadCommitID).RunStdString(ctx, &git.RunOpts{Dir: pr.BaseRepo.RepoPath()})
+	_, _, err = git.NewCommand("update-ref").AddDynamicArguments(pr.GetGitHeadRefName(), pr.HeadCommitID).RunStdString(ctx, &git.RunOpts{Dir: pr.BaseRepo.RepoPath()})
 	if err != nil {
 		log.Error("Unable to update ref in base repository for PR[%d] Error: %v", pr.ID, err)
 	}
@@ -763,7 +757,7 @@ func CloseRepoBranchesPulls(ctx context.Context, doer *user_model.User, repo *re
 
 	var errs []error
 	for _, branch := range branches {
-		prs, err := issues_model.GetUnmergedPullRequestsByHeadInfo(ctx, repo.ID, branch.Name)
+		prs, err := issues_model.GetUnmergedPullRequestsByHeadInfo(ctx, repo.ID, branch)
 		if err != nil {
 			return err
 		}
@@ -821,9 +815,9 @@ func GetSquashMergeCommitMessages(ctx context.Context, pr *issues_model.PullRequ
 	if pr.Flow == issues_model.PullRequestFlowGithub {
 		headCommit, err = gitRepo.GetBranchCommit(pr.HeadBranch)
 	} else {
-		pr.HeadCommitID, err = gitRepo.GetRefCommitID(pr.GetGitRefName())
+		pr.HeadCommitID, err = gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
-			log.Error("Unable to get head commit: %s Error: %v", pr.GetGitRefName(), err)
+			log.Error("Unable to get head commit: %s Error: %v", pr.GetGitHeadRefName(), err)
 			return ""
 		}
 		headCommit, err = gitRepo.GetCommit(pr.HeadCommitID)
@@ -950,12 +944,6 @@ func GetSquashMergeCommitMessages(ctx context.Context, pr *issues_model.PullRequ
 	return stringBuilder.String()
 }
 
-// GetIssuesLastCommitStatus returns a map of issue ID to the most recent commit's latest status
-func GetIssuesLastCommitStatus(ctx context.Context, issues issues_model.IssueList) (map[int64]*git_model.CommitStatus, error) {
-	_, lastStatus, err := GetIssuesAllCommitStatus(ctx, issues)
-	return lastStatus, err
-}
-
 // GetIssuesAllCommitStatus returns a map of issue ID to a list of all statuses for the most recent commit as well as a map of issue ID to only the commit's latest status
 func GetIssuesAllCommitStatus(ctx context.Context, issues issues_model.IssueList) (map[int64][]*git_model.CommitStatus, map[int64]*git_model.CommitStatus, error) {
 	if err := issues.LoadPullRequests(ctx); err != nil {
@@ -1004,12 +992,12 @@ func GetIssuesAllCommitStatus(ctx context.Context, issues issues_model.IssueList
 
 // getAllCommitStatus get pr's commit statuses.
 func getAllCommitStatus(ctx context.Context, gitRepo *git.Repository, pr *issues_model.PullRequest) (statuses []*git_model.CommitStatus, lastStatus *git_model.CommitStatus, err error) {
-	sha, shaErr := gitRepo.GetRefCommitID(pr.GetGitRefName())
+	sha, shaErr := gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 	if shaErr != nil {
 		return nil, nil, shaErr
 	}
 
-	statuses, _, err = git_model.GetLatestCommitStatus(ctx, pr.BaseRepo.ID, sha, db.ListOptionsAll)
+	statuses, err = git_model.GetLatestCommitStatus(ctx, pr.BaseRepo.ID, sha, db.ListOptionsAll)
 	lastStatus = git_model.CalcCommitStatus(statuses)
 	return statuses, lastStatus, err
 }
@@ -1054,7 +1042,7 @@ func IsHeadEqualWithBranch(ctx context.Context, pr *issues_model.PullRequest, br
 			return false, err
 		}
 	} else {
-		pr.HeadCommitID, err = baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+		pr.HeadCommitID, err = baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
 			return false, err
 		}
@@ -1076,11 +1064,9 @@ type CommitInfo struct {
 // GetPullCommits returns all commits on given pull request and the last review commit sha
 // Attention: The last review commit sha must be from the latest review whose commit id is not empty.
 // So the type of the latest review cannot be "ReviewTypeRequest".
-func GetPullCommits(ctx *gitea_context.Context, issue *issues_model.Issue) ([]CommitInfo, string, error) {
+func GetPullCommits(ctx context.Context, baseGitRepo *git.Repository, doer *user_model.User, issue *issues_model.Issue) ([]CommitInfo, string, error) {
 	pull := issue.PullRequest
 
-	baseGitRepo := ctx.Repo.GitRepo
-
 	if err := pull.LoadBaseRepo(ctx); err != nil {
 		return nil, "", err
 	}
@@ -1088,7 +1074,7 @@ func GetPullCommits(ctx *gitea_context.Context, issue *issues_model.Issue) ([]Co
 	if pull.HasMerged {
 		baseBranch = pull.MergeBase
 	}
-	prInfo, err := baseGitRepo.GetCompareInfo(pull.BaseRepo.RepoPath(), baseBranch, pull.GetGitRefName(), true, false)
+	prInfo, err := baseGitRepo.GetCompareInfo(pull.BaseRepo.RepoPath(), baseBranch, pull.GetGitHeadRefName(), true, false)
 	if err != nil {
 		return nil, "", err
 	}
@@ -1116,11 +1102,11 @@ func GetPullCommits(ctx *gitea_context.Context, issue *issues_model.Issue) ([]Co
 	}
 
 	var lastReviewCommitID string
-	if ctx.IsSigned {
+	if doer != nil {
 		// get last review of current user and store information in context (if available)
 		lastreview, err := issues_model.FindLatestReviews(ctx, issues_model.FindReviewOptions{
 			IssueID:    issue.ID,
-			ReviewerID: ctx.Doer.ID,
+			ReviewerID: doer.ID,
 			Types: []issues_model.ReviewType{
 				issues_model.ReviewTypeApprove,
 				issues_model.ReviewTypeComment,
diff --git a/services/pull/review.go b/services/pull/review.go
index 78723a58ae..ee18db3859 100644
--- a/services/pull/review.go
+++ b/services/pull/review.go
@@ -200,7 +200,7 @@ func createCodeComment(ctx context.Context, doer *user_model.User, repo *repo_mo
 	defer closer.Close()
 
 	invalidated := false
-	head := pr.GetGitRefName()
+	head := pr.GetGitHeadRefName()
 	if line > 0 {
 		if reviewID != 0 {
 			first, err := issues_model.FindComments(ctx, &issues_model.FindCommentsOptions{
@@ -237,16 +237,16 @@ func createCodeComment(ctx context.Context, doer *user_model.User, repo *repo_mo
 			if err == nil {
 				commitID = commit.ID.String()
 			} else if !(strings.Contains(err.Error(), "exit status 128 - fatal: no such path") || notEnoughLines.MatchString(err.Error())) {
-				return nil, fmt.Errorf("LineBlame[%s, %s, %s, %d]: %w", pr.GetGitRefName(), gitRepo.Path, treePath, line, err)
+				return nil, fmt.Errorf("LineBlame[%s, %s, %s, %d]: %w", pr.GetGitHeadRefName(), gitRepo.Path, treePath, line, err)
 			}
 		}
 	}
 
 	// Only fetch diff if comment is review comment
 	if len(patch) == 0 && reviewID != 0 {
-		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitRefName())
+		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
-			return nil, fmt.Errorf("GetRefCommitID[%s]: %w", pr.GetGitRefName(), err)
+			return nil, fmt.Errorf("GetRefCommitID[%s]: %w", pr.GetGitHeadRefName(), err)
 		}
 		if len(commitID) == 0 {
 			commitID = headCommitID
@@ -301,7 +301,7 @@ func SubmitReview(ctx context.Context, doer *user_model.User, gitRepo *git.Repos
 			return nil, nil, ErrSubmitReviewOnClosedPR
 		}
 
-		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitRefName())
+		headCommitID, err := gitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		if err != nil {
 			return nil, nil, err
 		}
@@ -395,7 +395,7 @@ func DismissReview(ctx context.Context, reviewID, repoID int64, message string,
 	}
 
 	if review.Type != issues_model.ReviewTypeApprove && review.Type != issues_model.ReviewTypeReject {
-		return nil, fmt.Errorf("not need to dismiss this review because it's type is not Approve or change request")
+		return nil, errors.New("not need to dismiss this review because it's type is not Approve or change request")
 	}
 
 	// load data for notify
@@ -405,7 +405,7 @@ func DismissReview(ctx context.Context, reviewID, repoID int64, message string,
 
 	// Check if the review's repoID is the one we're currently expecting.
 	if review.Issue.RepoID != repoID {
-		return nil, fmt.Errorf("reviews's repository is not the same as the one we expect")
+		return nil, errors.New("reviews's repository is not the same as the one we expect")
 	}
 
 	issue := review.Issue
diff --git a/services/pull/reviewer.go b/services/pull/reviewer.go
index bf0d8cb298..52f2f3401c 100644
--- a/services/pull/reviewer.go
+++ b/services/pull/reviewer.go
@@ -85,5 +85,5 @@ func GetReviewerTeams(ctx context.Context, repo *repo_model.Repository) ([]*orga
 		return nil, nil
 	}
 
-	return organization.GetTeamsWithAccessToRepoUnit(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead, unit.TypePullRequests)
+	return organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead, unit.TypePullRequests)
 }
diff --git a/services/pull/temp_repo.go b/services/pull/temp_repo.go
index 3f33370798..89f150fd92 100644
--- a/services/pull/temp_repo.go
+++ b/services/pull/temp_repo.go
@@ -28,7 +28,7 @@ const (
 	stagingBranch  = "staging"  // this is used for a working branch
 )
 
-type prContext struct {
+type prTmpRepoContext struct {
 	context.Context
 	tmpBasePath string
 	pr          *issues_model.PullRequest
@@ -36,7 +36,7 @@ type prContext struct {
 	errbuf      *strings.Builder // any use should be preceded by a Reset and preferably after use
 }
 
-func (ctx *prContext) RunOpts() *git.RunOpts {
+func (ctx *prTmpRepoContext) RunOpts() *git.RunOpts {
 	ctx.outbuf.Reset()
 	ctx.errbuf.Reset()
 	return &git.RunOpts{
@@ -48,7 +48,7 @@ func (ctx *prContext) RunOpts() *git.RunOpts {
 
 // createTemporaryRepoForPR creates a temporary repo with "base" for pr.BaseBranch and "tracking" for  pr.HeadBranch
 // it also create a second base branch called "original_base"
-func createTemporaryRepoForPR(ctx context.Context, pr *issues_model.PullRequest) (prCtx *prContext, cancel context.CancelFunc, err error) {
+func createTemporaryRepoForPR(ctx context.Context, pr *issues_model.PullRequest) (prCtx *prTmpRepoContext, cancel context.CancelFunc, err error) {
 	if err := pr.LoadHeadRepo(ctx); err != nil {
 		log.Error("%-v LoadHeadRepo: %v", pr, err)
 		return nil, nil, fmt.Errorf("%v LoadHeadRepo: %w", pr, err)
@@ -74,23 +74,20 @@ func createTemporaryRepoForPR(ctx context.Context, pr *issues_model.PullRequest)
 	}
 
 	// Clone base repo.
-	tmpBasePath, err := repo_module.CreateTemporaryPath("pull")
+	tmpBasePath, cleanup, err := repo_module.CreateTemporaryPath("pull")
 	if err != nil {
 		log.Error("CreateTemporaryPath[%-v]: %v", pr, err)
 		return nil, nil, err
 	}
-	prCtx = &prContext{
+	cancel = cleanup
+
+	prCtx = &prTmpRepoContext{
 		Context:     ctx,
 		tmpBasePath: tmpBasePath,
 		pr:          pr,
 		outbuf:      &strings.Builder{},
 		errbuf:      &strings.Builder{},
 	}
-	cancel = func() {
-		if err := repo_module.RemoveTemporaryPath(tmpBasePath); err != nil {
-			log.Error("Error whilst removing removing temporary repo for %-v: %v", pr, err)
-		}
-	}
 
 	baseRepoPath := pr.BaseRepo.RepoPath()
 	headRepoPath := pr.HeadRepo.RepoPath()
@@ -177,7 +174,7 @@ func createTemporaryRepoForPR(ctx context.Context, pr *issues_model.PullRequest)
 	} else if len(pr.HeadCommitID) == objectFormat.FullLength() { // for not created pull request
 		headBranch = pr.HeadCommitID
 	} else {
-		headBranch = pr.GetGitRefName()
+		headBranch = pr.GetGitHeadRefName()
 	}
 	if err := git.NewCommand("fetch").AddArguments(fetchArgs...).AddDynamicArguments(remoteRepoName, headBranch+":"+trackingBranch).
 		Run(ctx, prCtx.RunOpts()); err != nil {
diff --git a/services/pull/update.go b/services/pull/update.go
index 3e00dd4e65..b8f84e3d65 100644
--- a/services/pull/update.go
+++ b/services/pull/update.go
@@ -5,6 +5,7 @@ package pull
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	git_model "code.gitea.io/gitea/models/git"
@@ -23,7 +24,7 @@ import (
 func Update(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, message string, rebase bool) error {
 	if pr.Flow == issues_model.PullRequestFlowAGit {
 		// TODO: update of agit flow pull request's head branch is unsupported
-		return fmt.Errorf("update of agit flow pull request's head branch is unsupported")
+		return errors.New("update of agit flow pull request's head branch is unsupported")
 	}
 
 	releaser, err := globallock.Lock(ctx, getPullWorkingLockKey(pr.ID))
@@ -40,22 +41,6 @@ func Update(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.
 		return fmt.Errorf("HeadBranch of PR %d is up to date", pr.Index)
 	}
 
-	if rebase {
-		defer func() {
-			go AddTestPullRequestTask(TestPullRequestOptions{
-				RepoID:      pr.BaseRepo.ID,
-				Doer:        doer,
-				Branch:      pr.BaseBranch,
-				IsSync:      false,
-				IsForcePush: false,
-				OldCommitID: "",
-				NewCommitID: "",
-			})
-		}()
-
-		return updateHeadByRebaseOnToBase(ctx, pr, doer)
-	}
-
 	if err := pr.LoadBaseRepo(ctx); err != nil {
 		log.Error("unable to load BaseRepo for %-v during update-by-merge: %v", pr, err)
 		return fmt.Errorf("unable to load BaseRepo for PR[%d] during update-by-merge: %w", pr.ID, err)
@@ -73,6 +58,22 @@ func Update(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.
 		return fmt.Errorf("unable to load HeadRepo for PR[%d] during update-by-merge: %w", pr.ID, err)
 	}
 
+	defer func() {
+		go AddTestPullRequestTask(TestPullRequestOptions{
+			RepoID:      pr.BaseRepo.ID,
+			Doer:        doer,
+			Branch:      pr.BaseBranch,
+			IsSync:      false,
+			IsForcePush: false,
+			OldCommitID: "",
+			NewCommitID: "",
+		})
+	}()
+
+	if rebase {
+		return updateHeadByRebaseOnToBase(ctx, pr, doer)
+	}
+
 	// TODO: FakePR: it is somewhat hacky, but it is the only way to "merge" at the moment
 	// ideally in the future the "merge" functions should be refactored to decouple from the PullRequest
 	// now use a fake reverse PR to switch head&base repos/branches
@@ -89,19 +90,6 @@ func Update(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.
 	}
 
 	_, err = doMergeAndPush(ctx, reversePR, doer, repo_model.MergeStyleMerge, "", message, repository.PushTriggerPRUpdateWithBase)
-
-	defer func() {
-		go AddTestPullRequestTask(TestPullRequestOptions{
-			RepoID:      reversePR.HeadRepo.ID,
-			Doer:        doer,
-			Branch:      reversePR.HeadBranch,
-			IsSync:      false,
-			IsForcePush: false,
-			OldCommitID: "",
-			NewCommitID: "",
-		})
-	}()
-
 	return err
 }
 
diff --git a/services/release/release_test.go b/services/release/release_test.go
index 95a54832b9..36a9f667d6 100644
--- a/services/release/release_test.go
+++ b/services/release/release_test.go
@@ -250,9 +250,9 @@ func TestRelease_Update(t *testing.T) {
 	assert.NoError(t, UpdateRelease(db.DefaultContext, user, gitRepo, release, []string{attach.UUID}, nil, nil))
 	assert.NoError(t, repo_model.GetReleaseAttachments(db.DefaultContext, release))
 	assert.Len(t, release.Attachments, 1)
-	assert.EqualValues(t, attach.UUID, release.Attachments[0].UUID)
-	assert.EqualValues(t, release.ID, release.Attachments[0].ReleaseID)
-	assert.EqualValues(t, attach.Name, release.Attachments[0].Name)
+	assert.Equal(t, attach.UUID, release.Attachments[0].UUID)
+	assert.Equal(t, release.ID, release.Attachments[0].ReleaseID)
+	assert.Equal(t, attach.Name, release.Attachments[0].Name)
 
 	// update the attachment name
 	assert.NoError(t, UpdateRelease(db.DefaultContext, user, gitRepo, release, nil, nil, map[string]string{
@@ -261,9 +261,9 @@ func TestRelease_Update(t *testing.T) {
 	release.Attachments = nil
 	assert.NoError(t, repo_model.GetReleaseAttachments(db.DefaultContext, release))
 	assert.Len(t, release.Attachments, 1)
-	assert.EqualValues(t, attach.UUID, release.Attachments[0].UUID)
-	assert.EqualValues(t, release.ID, release.Attachments[0].ReleaseID)
-	assert.EqualValues(t, "test2.txt", release.Attachments[0].Name)
+	assert.Equal(t, attach.UUID, release.Attachments[0].UUID)
+	assert.Equal(t, release.ID, release.Attachments[0].ReleaseID)
+	assert.Equal(t, "test2.txt", release.Attachments[0].Name)
 
 	// delete the attachment
 	assert.NoError(t, UpdateRelease(db.DefaultContext, user, gitRepo, release, nil, []string{attach.UUID}, nil))
diff --git a/services/repository/adopt.go b/services/repository/adopt.go
index b7321156d9..2bd1c55de4 100644
--- a/services/repository/adopt.go
+++ b/services/repository/adopt.go
@@ -16,7 +16,6 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/container"
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
@@ -28,18 +27,30 @@ import (
 	"github.com/gobwas/glob"
 )
 
+func deleteFailedAdoptRepository(repoID int64) error {
+	return db.WithTx(db.DefaultContext, func(ctx context.Context) error {
+		if err := deleteDBRepository(ctx, repoID); err != nil {
+			return fmt.Errorf("deleteDBRepository: %w", err)
+		}
+		if err := git_model.DeleteRepoBranches(ctx, repoID); err != nil {
+			return fmt.Errorf("deleteRepoBranches: %w", err)
+		}
+		return repo_model.DeleteRepoReleases(ctx, repoID)
+	})
+}
+
 // AdoptRepository adopts pre-existing repository files for the user/organization.
-func AdoptRepository(ctx context.Context, doer, u *user_model.User, opts CreateRepoOptions) (*repo_model.Repository, error) {
-	if !doer.IsAdmin && !u.CanCreateRepo() {
+func AdoptRepository(ctx context.Context, doer, owner *user_model.User, opts CreateRepoOptions) (*repo_model.Repository, error) {
+	if !doer.CanCreateRepoIn(owner) {
 		return nil, repo_model.ErrReachLimitOfRepo{
-			Limit: u.MaxRepoCreation,
+			Limit: owner.MaxRepoCreation,
 		}
 	}
 
 	repo := &repo_model.Repository{
-		OwnerID:                         u.ID,
-		Owner:                           u,
-		OwnerName:                       u.Name,
+		OwnerID:                         owner.ID,
+		Owner:                           owner,
+		OwnerName:                       owner.Name,
 		Name:                            opts.Name,
 		LowerName:                       strings.ToLower(opts.Name),
 		Description:                     opts.Description,
@@ -48,59 +59,52 @@ func AdoptRepository(ctx context.Context, doer, u *user_model.User, opts CreateR
 		IsPrivate:                       opts.IsPrivate,
 		IsFsckEnabled:                   !opts.IsMirror,
 		CloseIssuesViaCommitInAnyBranch: setting.Repository.DefaultCloseIssuesViaCommitsInAnyBranch,
-		Status:                          opts.Status,
+		Status:                          repo_model.RepositoryBeingMigrated,
 		IsEmpty:                         !opts.AutoInit,
 	}
 
-	if err := db.WithTx(ctx, func(ctx context.Context) error {
-		isExist, err := gitrepo.IsRepositoryExist(ctx, repo)
+	// 1 - create the repository database operations first
+	err := db.WithTx(ctx, func(ctx context.Context) error {
+		return createRepositoryInDB(ctx, doer, owner, repo, false)
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// last - clean up if something goes wrong
+	// WARNING: Don't override all later err with local variables
+	defer func() {
 		if err != nil {
-			log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
-			return err
-		}
-		if !isExist {
-			return repo_model.ErrRepoNotExist{
-				OwnerName: u.Name,
-				Name:      repo.Name,
+			// we can not use the ctx because it maybe canceled or timeout
+			if errDel := deleteFailedAdoptRepository(repo.ID); errDel != nil {
+				log.Error("Failed to delete repository %s that could not be adopted: %v", repo.FullName(), errDel)
 			}
 		}
+	}()
 
-		if err := CreateRepositoryByExample(ctx, doer, u, repo, true, false); err != nil {
-			return err
-		}
-
-		// Re-fetch the repository from database before updating it (else it would
-		// override changes that were done earlier with sql)
-		if repo, err = repo_model.GetRepositoryByID(ctx, repo.ID); err != nil {
-			return fmt.Errorf("getRepositoryByID: %w", err)
-		}
-		return nil
-	}); err != nil {
-		return nil, err
+	// Re-fetch the repository from database before updating it (else it would
+	// override changes that were done earlier with sql)
+	if repo, err = repo_model.GetRepositoryByID(ctx, repo.ID); err != nil {
+		return nil, fmt.Errorf("getRepositoryByID: %w", err)
 	}
 
-	if err := func() error {
-		if err := adoptRepository(ctx, repo, opts.DefaultBranch); err != nil {
-			return fmt.Errorf("adoptRepository: %w", err)
-		}
+	// 2 - adopt the repository from disk
+	if err = adoptRepository(ctx, repo, opts.DefaultBranch); err != nil {
+		return nil, fmt.Errorf("adoptRepository: %w", err)
+	}
 
-		if err := repo_module.CheckDaemonExportOK(ctx, repo); err != nil {
-			return fmt.Errorf("checkDaemonExportOK: %w", err)
-		}
+	// 3 - Update the git repository
+	if err = updateGitRepoAfterCreate(ctx, repo); err != nil {
+		return nil, fmt.Errorf("updateGitRepoAfterCreate: %w", err)
+	}
 
-		if stdout, _, err := git.NewCommand("update-server-info").
-			RunStdString(ctx, &git.RunOpts{Dir: repo.RepoPath()}); err != nil {
-			log.Error("CreateRepository(git update-server-info) in %v: Stdout: %s\nError: %v", repo, stdout, err)
-			return fmt.Errorf("CreateRepository(git update-server-info): %w", err)
-		}
-		return nil
-	}(); err != nil {
-		if errDel := DeleteRepository(ctx, doer, repo, false /* no notify */); errDel != nil {
-			log.Error("Failed to delete repository %s that could not be adopted: %v", repo.FullName(), errDel)
-		}
-		return nil, err
+	// 4 - update repository status
+	repo.Status = repo_model.RepositoryReady
+	if err = repo_model.UpdateRepositoryColsWithAutoTime(ctx, repo, "status"); err != nil {
+		return nil, fmt.Errorf("UpdateRepositoryCols: %w", err)
 	}
-	notify_service.AdoptRepository(ctx, doer, u, repo)
+
+	notify_service.AdoptRepository(ctx, doer, owner, repo)
 
 	return repo, nil
 }
@@ -192,8 +196,13 @@ func adoptRepository(ctx context.Context, repo *repo_model.Repository, defaultBr
 			return fmt.Errorf("setDefaultBranch: %w", err)
 		}
 	}
-	if err = repo_module.UpdateRepository(ctx, repo, false); err != nil {
-		return fmt.Errorf("updateRepository: %w", err)
+
+	if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_empty", "default_branch"); err != nil {
+		return fmt.Errorf("UpdateRepositoryCols: %w", err)
+	}
+
+	if err = repo_module.UpdateRepoSize(ctx, repo); err != nil {
+		log.Error("Failed to update size for repository: %v", err)
 	}
 
 	return nil
@@ -256,7 +265,7 @@ func checkUnadoptedRepositories(ctx context.Context, userName string, repoNamesT
 		}
 		return err
 	}
-	repos, _, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+	repos, _, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 		Actor:   ctxUser,
 		Private: true,
 		ListOptions: db.ListOptions{
diff --git a/services/repository/adopt_test.go b/services/repository/adopt_test.go
index 123cedc1f2..86f586c748 100644
--- a/services/repository/adopt_test.go
+++ b/services/repository/adopt_test.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -28,7 +29,7 @@ func TestCheckUnadoptedRepositories_Add(t *testing.T) {
 	}
 
 	total := 30
-	for i := 0; i < total; i++ {
+	for range total {
 		unadopted.add("something")
 	}
 
@@ -71,7 +72,7 @@ func TestListUnadoptedRepositories_ListOptions(t *testing.T) {
 	username := "user2"
 	unadoptedList := []string{path.Join(username, "unadopted1"), path.Join(username, "unadopted2")}
 	for _, unadopted := range unadoptedList {
-		_ = os.Mkdir(path.Join(setting.RepoRootPath, unadopted+".git"), 0o755)
+		_ = os.Mkdir(filepath.Join(setting.RepoRootPath, unadopted+".git"), 0o755)
 	}
 
 	opts := db.ListOptions{Page: 1, PageSize: 1}
@@ -89,10 +90,36 @@ func TestListUnadoptedRepositories_ListOptions(t *testing.T) {
 
 func TestAdoptRepository(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
-	assert.NoError(t, unittest.SyncDirs(filepath.Join(setting.RepoRootPath, "user2", "repo1.git"), filepath.Join(setting.RepoRootPath, "user2", "test-adopt.git")))
+
 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-	_, err := AdoptRepository(db.DefaultContext, user2, user2, CreateRepoOptions{Name: "test-adopt"})
+
+	// a successful adopt
+	destDir := filepath.Join(setting.RepoRootPath, user2.Name, "test-adopt.git")
+	assert.NoError(t, unittest.SyncDirs(filepath.Join(setting.RepoRootPath, user2.Name, "repo1.git"), destDir))
+
+	adoptedRepo, err := AdoptRepository(db.DefaultContext, user2, user2, CreateRepoOptions{Name: "test-adopt"})
 	assert.NoError(t, err)
 	repoTestAdopt := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: "test-adopt"})
 	assert.Equal(t, "sha1", repoTestAdopt.ObjectFormatName)
+
+	// just delete the adopted repo's db records
+	err = deleteFailedAdoptRepository(adoptedRepo.ID)
+	assert.NoError(t, err)
+
+	unittest.AssertNotExistsBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: "test-adopt"})
+
+	// a failed adopt because some mock data
+	// remove the hooks directory and create a file so that we cannot create the hooks successfully
+	_ = os.RemoveAll(filepath.Join(destDir, "hooks", "update.d"))
+	assert.NoError(t, os.WriteFile(filepath.Join(destDir, "hooks", "update.d"), []byte("tests"), os.ModePerm))
+
+	adoptedRepo, err = AdoptRepository(db.DefaultContext, user2, user2, CreateRepoOptions{Name: "test-adopt"})
+	assert.Error(t, err)
+	assert.Nil(t, adoptedRepo)
+
+	unittest.AssertNotExistsBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: "test-adopt"})
+
+	exist, err := util.IsExist(repo_model.RepoPath(user2.Name, "test-adopt"))
+	assert.NoError(t, err)
+	assert.True(t, exist) // the repository should be still in the disk
 }
diff --git a/services/repository/archiver/archiver.go b/services/repository/archiver/archiver.go
index d39acc080d..a657e3884c 100644
--- a/services/repository/archiver/archiver.go
+++ b/services/repository/archiver/archiver.go
@@ -44,7 +44,7 @@ type ErrUnknownArchiveFormat struct {
 
 // Error implements error
 func (err ErrUnknownArchiveFormat) Error() string {
-	return fmt.Sprintf("unknown format: %s", err.RequestNameType)
+	return "unknown format: " + err.RequestNameType
 }
 
 // Is implements error
@@ -60,7 +60,7 @@ type RepoRefNotFoundError struct {
 
 // Error implements error.
 func (e RepoRefNotFoundError) Error() string {
-	return fmt.Sprintf("unrecognized repository reference: %s", e.RefShortName)
+	return "unrecognized repository reference: " + e.RefShortName
 }
 
 func (e RepoRefNotFoundError) Is(err error) bool {
diff --git a/services/repository/archiver/archiver_test.go b/services/repository/archiver/archiver_test.go
index 522f90558a..87324ad38c 100644
--- a/services/repository/archiver/archiver_test.go
+++ b/services/repository/archiver/archiver_test.go
@@ -33,7 +33,7 @@ func TestArchive_Basic(t *testing.T) {
 	bogusReq, err := NewRequest(ctx.Repo.Repository.ID, ctx.Repo.GitRepo, firstCommit+".zip")
 	assert.NoError(t, err)
 	assert.NotNil(t, bogusReq)
-	assert.EqualValues(t, firstCommit+".zip", bogusReq.GetArchiveName())
+	assert.Equal(t, firstCommit+".zip", bogusReq.GetArchiveName())
 
 	// Check a series of bogus requests.
 	// Step 1, valid commit with a bad extension.
@@ -54,12 +54,12 @@ func TestArchive_Basic(t *testing.T) {
 	bogusReq, err = NewRequest(ctx.Repo.Repository.ID, ctx.Repo.GitRepo, "master.zip")
 	assert.NoError(t, err)
 	assert.NotNil(t, bogusReq)
-	assert.EqualValues(t, "master.zip", bogusReq.GetArchiveName())
+	assert.Equal(t, "master.zip", bogusReq.GetArchiveName())
 
 	bogusReq, err = NewRequest(ctx.Repo.Repository.ID, ctx.Repo.GitRepo, "test/archive.zip")
 	assert.NoError(t, err)
 	assert.NotNil(t, bogusReq)
-	assert.EqualValues(t, "test-archive.zip", bogusReq.GetArchiveName())
+	assert.Equal(t, "test-archive.zip", bogusReq.GetArchiveName())
 
 	// Now two valid requests, firstCommit with valid extensions.
 	zipReq, err := NewRequest(ctx.Repo.Repository.ID, ctx.Repo.GitRepo, firstCommit+".zip")
diff --git a/services/repository/avatar.go b/services/repository/avatar.go
index 15e51d4a25..998ac42230 100644
--- a/services/repository/avatar.go
+++ b/services/repository/avatar.go
@@ -29,35 +29,30 @@ func UploadAvatar(ctx context.Context, repo *repo_model.Repository, data []byte)
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	oldAvatarPath := repo.CustomAvatarRelativePath()
-
-	// Users can upload the same image to other repo - prefix it with ID
-	// Then repo will be removed - only it avatar file will be removed
-	repo.Avatar = newAvatar
-	if err := repo_model.UpdateRepositoryCols(ctx, repo, "avatar"); err != nil {
-		return fmt.Errorf("UploadAvatar: Update repository avatar: %w", err)
-	}
-
-	if err := storage.SaveFrom(storage.RepoAvatars, repo.CustomAvatarRelativePath(), func(w io.Writer) error {
-		_, err := w.Write(avatarData)
-		return err
-	}); err != nil {
-		return fmt.Errorf("UploadAvatar %s failed: Failed to remove old repo avatar %s: %w", repo.RepoPath(), newAvatar, err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		oldAvatarPath := repo.CustomAvatarRelativePath()
+
+		// Users can upload the same image to other repo - prefix it with ID
+		// Then repo will be removed - only it avatar file will be removed
+		repo.Avatar = newAvatar
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "avatar"); err != nil {
+			return fmt.Errorf("UploadAvatar: Update repository avatar: %w", err)
+		}
 
-	if len(oldAvatarPath) > 0 {
-		if err := storage.RepoAvatars.Delete(oldAvatarPath); err != nil {
-			return fmt.Errorf("UploadAvatar: Failed to remove old repo avatar %s: %w", oldAvatarPath, err)
+		if err := storage.SaveFrom(storage.RepoAvatars, repo.CustomAvatarRelativePath(), func(w io.Writer) error {
+			_, err := w.Write(avatarData)
+			return err
+		}); err != nil {
+			return fmt.Errorf("UploadAvatar %s failed: Failed to remove old repo avatar %s: %w", repo.RepoPath(), newAvatar, err)
 		}
-	}
 
-	return committer.Commit()
+		if len(oldAvatarPath) > 0 {
+			if err := storage.RepoAvatars.Delete(oldAvatarPath); err != nil {
+				return fmt.Errorf("UploadAvatar: Failed to remove old repo avatar %s: %w", oldAvatarPath, err)
+			}
+		}
+		return nil
+	})
 }
 
 // DeleteAvatar deletes the repos's custom avatar.
@@ -70,22 +65,17 @@ func DeleteAvatar(ctx context.Context, repo *repo_model.Repository) error {
 	avatarPath := repo.CustomAvatarRelativePath()
 	log.Trace("DeleteAvatar[%d]: %s", repo.ID, avatarPath)
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	repo.Avatar = ""
-	if err := repo_model.UpdateRepositoryCols(ctx, repo, "avatar"); err != nil {
-		return fmt.Errorf("DeleteAvatar: Update repository avatar: %w", err)
-	}
-
-	if err := storage.RepoAvatars.Delete(avatarPath); err != nil {
-		return fmt.Errorf("DeleteAvatar: Failed to remove %s: %w", avatarPath, err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		repo.Avatar = ""
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "avatar"); err != nil {
+			return fmt.Errorf("DeleteAvatar: Update repository avatar: %w", err)
+		}
 
-	return committer.Commit()
+		if err := storage.RepoAvatars.Delete(avatarPath); err != nil {
+			return fmt.Errorf("DeleteAvatar: Failed to remove %s: %w", avatarPath, err)
+		}
+		return nil
+	})
 }
 
 // RemoveRandomAvatars removes the randomly generated avatars that were created for repositories
@@ -112,5 +102,5 @@ func generateAvatar(ctx context.Context, templateRepo, generateRepo *repo_model.
 		return err
 	}
 
-	return repo_model.UpdateRepositoryCols(ctx, generateRepo, "avatar")
+	return repo_model.UpdateRepositoryColsNoAutoTime(ctx, generateRepo, "avatar")
 }
diff --git a/services/repository/avatar_test.go b/services/repository/avatar_test.go
index bea820e85f..2dc5173eec 100644
--- a/services/repository/avatar_test.go
+++ b/services/repository/avatar_test.go
@@ -59,7 +59,7 @@ func TestDeleteAvatar(t *testing.T) {
 	err = DeleteAvatar(db.DefaultContext, repo)
 	assert.NoError(t, err)
 
-	assert.Equal(t, "", repo.Avatar)
+	assert.Empty(t, repo.Avatar)
 }
 
 func TestGenerateAvatar(t *testing.T) {
diff --git a/services/repository/branch.go b/services/repository/branch.go
index 8804778bd5..6e0065b277 100644
--- a/services/repository/branch.go
+++ b/services/repository/branch.go
@@ -233,7 +233,7 @@ func loadOneBranch(ctx context.Context, repo *repo_model.Repository, dbBranch *g
 				defer baseGitRepo.Close()
 				repoIDToGitRepo[pr.BaseRepoID] = baseGitRepo
 			}
-			pullCommit, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+			pullCommit, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 			if err != nil && !git.IsErrNotExist(err) {
 				return nil, fmt.Errorf("GetBranchCommitID: %v", err)
 			}
@@ -303,7 +303,7 @@ func SyncBranchesToDB(ctx context.Context, repoID, pusherID int64, branchNames,
 	// For other batches, it will hit optimization 4.
 
 	if len(branchNames) != len(commitIDs) {
-		return fmt.Errorf("branchNames and commitIDs length not match")
+		return errors.New("branchNames and commitIDs length not match")
 	}
 
 	return db.WithTx(ctx, func(ctx context.Context) error {
@@ -663,6 +663,11 @@ func SetRepoDefaultBranch(ctx context.Context, repo *repo_model.Repository, newB
 		}
 	}
 
+	// clear divergence cache
+	if err := DelRepoDivergenceFromCache(ctx, repo.ID); err != nil {
+		log.Error("DelRepoDivergenceFromCache: %v", err)
+	}
+
 	notify_service.ChangeDefaultBranch(ctx, repo)
 
 	return nil
diff --git a/services/repository/check.go b/services/repository/check.go
index b475fbc487..ffcd5ac749 100644
--- a/services/repository/check.go
+++ b/services/repository/check.go
@@ -162,7 +162,7 @@ func DeleteMissingRepositories(ctx context.Context, doer *user_model.User) error
 		default:
 		}
 		log.Trace("Deleting %d/%d...", repo.OwnerID, repo.ID)
-		if err := DeleteRepositoryDirectly(ctx, doer, repo.ID); err != nil {
+		if err := DeleteRepositoryDirectly(ctx, repo.ID); err != nil {
 			log.Error("Failed to DeleteRepository %-v: Error: %v", repo, err)
 			if err2 := system_model.CreateRepositoryNotice("Failed to DeleteRepository %s [%d]: Error: %v", repo.FullName(), repo.ID, err); err2 != nil {
 				log.Error("CreateRepositoryNotice: %v", err)
diff --git a/services/repository/collaboration.go b/services/repository/collaboration.go
index b5fc523623..53b3c2e203 100644
--- a/services/repository/collaboration.go
+++ b/services/repository/collaboration.go
@@ -71,40 +71,32 @@ func DeleteCollaboration(ctx context.Context, repo *repo_model.Repository, colla
 		UserID: collaborator.ID,
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if has, err := db.GetEngine(ctx).Delete(collaboration); err != nil {
-		return err
-	} else if has == 0 {
-		return committer.Commit()
-	}
-
-	if err := repo.LoadOwner(ctx); err != nil {
-		return err
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if has, err := db.GetEngine(ctx).Delete(collaboration); err != nil {
+			return err
+		} else if has == 0 {
+			return nil
+		}
 
-	if err = access_model.RecalculateAccesses(ctx, repo); err != nil {
-		return err
-	}
+		if err := repo.LoadOwner(ctx); err != nil {
+			return err
+		}
 
-	if err = repo_model.WatchRepo(ctx, collaborator, repo, false); err != nil {
-		return err
-	}
+		if err = access_model.RecalculateAccesses(ctx, repo); err != nil {
+			return err
+		}
 
-	if err = ReconsiderWatches(ctx, repo, collaborator); err != nil {
-		return err
-	}
+		if err = repo_model.WatchRepo(ctx, collaborator, repo, false); err != nil {
+			return err
+		}
 
-	// Unassign a user from any issue (s)he has been assigned to in the repository
-	if err := ReconsiderRepoIssuesAssignee(ctx, repo, collaborator); err != nil {
-		return err
-	}
+		if err = ReconsiderWatches(ctx, repo, collaborator); err != nil {
+			return err
+		}
 
-	return committer.Commit()
+		// Unassign a user from any issue (s)he has been assigned to in the repository
+		return ReconsiderRepoIssuesAssignee(ctx, repo, collaborator)
+	})
 }
 
 func ReconsiderRepoIssuesAssignee(ctx context.Context, repo *repo_model.Repository, user *user_model.User) error {
diff --git a/services/repository/commitstatus/commitstatus.go b/services/repository/commitstatus/commitstatus.go
index f369a303e6..fa7a89882a 100644
--- a/services/repository/commitstatus/commitstatus.go
+++ b/services/repository/commitstatus/commitstatus.go
@@ -14,17 +14,17 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
 	repo_module "code.gitea.io/gitea/modules/repository"
-	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/services/notify"
 )
 
 func getCacheKey(repoID int64, brancheName string) string {
-	hashBytes := sha256.Sum256([]byte(fmt.Sprintf("%d:%s", repoID, brancheName)))
+	hashBytes := sha256.Sum256(fmt.Appendf(nil, "%d:%s", repoID, brancheName))
 	return fmt.Sprintf("commit_status:%x", hashBytes)
 }
 
@@ -47,7 +47,7 @@ func getCommitStatusCache(repoID int64, branchName string) *commitStatusCacheVal
 	return nil
 }
 
-func updateCommitStatusCache(repoID int64, branchName string, state api.CommitStatusState, targetURL string) error {
+func updateCommitStatusCache(repoID int64, branchName string, state commitstatus.CommitStatusState, targetURL string) error {
 	c := cache.GetCache()
 	bs, err := json.Marshal(commitStatusCacheValue{
 		State:     state.String(),
@@ -127,7 +127,7 @@ func FindReposLastestCommitStatuses(ctx context.Context, repos []*repo_model.Rep
 	for i, repo := range repos {
 		if cv := getCommitStatusCache(repo.ID, repo.DefaultBranch); cv != nil {
 			results[i] = &git_model.CommitStatus{
-				State:     api.CommitStatusState(cv.State),
+				State:     commitstatus.CommitStatusState(cv.State),
 				TargetURL: cv.TargetURL,
 			}
 		} else {
diff --git a/services/repository/contributors_graph_test.go b/services/repository/contributors_graph_test.go
index 6db93f6a64..7d32b1c931 100644
--- a/services/repository/contributors_graph_test.go
+++ b/services/repository/contributors_graph_test.go
@@ -38,14 +38,14 @@ func TestRepository_ContributorsGraph(t *testing.T) {
 		keys = append(keys, k)
 	}
 	slices.Sort(keys)
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"ethantkoenig@gmail.com",
 		"jimmy.praet@telenet.be",
 		"jon@allspice.io",
 		"total", // generated summary
 	}, keys)
 
-	assert.EqualValues(t, &ContributorData{
+	assert.Equal(t, &ContributorData{
 		Name:         "Ethan Koenig",
 		AvatarLink:   "/assets/img/avatar_default.png",
 		TotalCommits: 1,
@@ -58,7 +58,7 @@ func TestRepository_ContributorsGraph(t *testing.T) {
 			},
 		},
 	}, data["ethantkoenig@gmail.com"])
-	assert.EqualValues(t, &ContributorData{
+	assert.Equal(t, &ContributorData{
 		Name:         "Total",
 		AvatarLink:   "",
 		TotalCommits: 3,
diff --git a/services/repository/create.go b/services/repository/create.go
index 1a6a68b35a..bed02e5d7e 100644
--- a/services/repository/create.go
+++ b/services/repository/create.go
@@ -17,6 +17,7 @@ import (
 	"code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
+	system_model "code.gitea.io/gitea/models/system"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/models/webhook"
@@ -28,7 +29,6 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/templates/vars"
-	"code.gitea.io/gitea/modules/util"
 )
 
 // CreateRepoOptions contains the create repository options
@@ -100,8 +100,8 @@ func prepareRepoCommit(ctx context.Context, repo *repo_model.Repository, tmpDir
 	// .gitignore
 	if len(opts.Gitignores) > 0 {
 		var buf bytes.Buffer
-		names := strings.Split(opts.Gitignores, ",")
-		for _, name := range names {
+		names := strings.SplitSeq(opts.Gitignores, ",")
+		for name := range names {
 			data, err = options.Gitignore(name)
 			if err != nil {
 				return fmt.Errorf("GetRepoInitFile[%s]: %w", name, err)
@@ -140,21 +140,20 @@ func prepareRepoCommit(ctx context.Context, repo *repo_model.Repository, tmpDir
 
 // InitRepository initializes README and .gitignore if needed.
 func initRepository(ctx context.Context, u *user_model.User, repo *repo_model.Repository, opts CreateRepoOptions) (err error) {
-	if err = repo_module.CheckInitRepository(ctx, repo); err != nil {
-		return err
+	// Init git bare new repository.
+	if err = git.InitRepository(ctx, repo.RepoPath(), true, repo.ObjectFormatName); err != nil {
+		return fmt.Errorf("git.InitRepository: %w", err)
+	} else if err = gitrepo.CreateDelegateHooks(ctx, repo); err != nil {
+		return fmt.Errorf("createDelegateHooks: %w", err)
 	}
 
 	// Initialize repository according to user's choice.
 	if opts.AutoInit {
-		tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-"+repo.Name)
+		tmpDir, cleanup, err := setting.AppDataTempDir("git-repo-content").MkdirTempRandom("repos-" + repo.Name)
 		if err != nil {
-			return fmt.Errorf("Failed to create temp dir for repository %s: %w", repo.FullName(), err)
+			return fmt.Errorf("failed to create temp dir for repository %s: %w", repo.FullName(), err)
 		}
-		defer func() {
-			if err := util.RemoveAll(tmpDir); err != nil {
-				log.Warn("Unable to remove temporary directory: %s: Error: %v", tmpDir, err)
-			}
-		}()
+		defer cleanup()
 
 		if err = prepareRepoCommit(ctx, repo, tmpDir, opts); err != nil {
 			return fmt.Errorf("prepareRepoCommit: %w", err)
@@ -192,18 +191,25 @@ func initRepository(ctx context.Context, u *user_model.User, repo *repo_model.Re
 		}
 	}
 
-	if err = UpdateRepository(ctx, repo, false); err != nil {
+	if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_empty", "default_branch", "default_wiki_branch"); err != nil {
 		return fmt.Errorf("updateRepository: %w", err)
 	}
 
+	if err = repo_module.UpdateRepoSize(ctx, repo); err != nil {
+		log.Error("Failed to update size for repository: %v", err)
+	}
+
 	return nil
 }
 
 // CreateRepositoryDirectly creates a repository for the user/organization.
-func CreateRepositoryDirectly(ctx context.Context, doer, u *user_model.User, opts CreateRepoOptions) (*repo_model.Repository, error) {
-	if !doer.IsAdmin && !u.CanCreateRepo() {
+// if needsUpdateToReady is true, it will update the repository status to ready when success
+func CreateRepositoryDirectly(ctx context.Context, doer, owner *user_model.User,
+	opts CreateRepoOptions, needsUpdateToReady bool,
+) (*repo_model.Repository, error) {
+	if !doer.CanCreateRepoIn(owner) {
 		return nil, repo_model.ErrReachLimitOfRepo{
-			Limit: u.MaxRepoCreation,
+			Limit: owner.MaxRepoCreation,
 		}
 	}
 
@@ -223,9 +229,9 @@ func CreateRepositoryDirectly(ctx context.Context, doer, u *user_model.User, opt
 	}
 
 	repo := &repo_model.Repository{
-		OwnerID:                         u.ID,
-		Owner:                           u,
-		OwnerName:                       u.Name,
+		OwnerID:                         owner.ID,
+		Owner:                           owner,
+		OwnerName:                       owner.Name,
 		Name:                            opts.Name,
 		LowerName:                       strings.ToLower(opts.Name),
 		Description:                     opts.Description,
@@ -244,100 +250,91 @@ func CreateRepositoryDirectly(ctx context.Context, doer, u *user_model.User, opt
 		ObjectFormatName:                opts.ObjectFormatName,
 	}
 
-	var rollbackRepo *repo_model.Repository
-
-	if err := db.WithTx(ctx, func(ctx context.Context) error {
-		if err := CreateRepositoryByExample(ctx, doer, u, repo, false, false); err != nil {
-			return err
-		}
-
-		// No need for init mirror.
-		if opts.IsMirror {
-			return nil
-		}
+	// 1 - create the repository database operations first
+	err := db.WithTx(ctx, func(ctx context.Context) error {
+		return createRepositoryInDB(ctx, doer, owner, repo, false)
+	})
+	if err != nil {
+		return nil, err
+	}
 
-		isExist, err := gitrepo.IsRepositoryExist(ctx, repo)
+	// last - clean up if something goes wrong
+	// WARNING: Don't override all later err with local variables
+	defer func() {
 		if err != nil {
-			log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
-			return err
-		}
-		if isExist {
-			// repo already exists - We have two or three options.
-			// 1. We fail stating that the directory exists
-			// 2. We create the db repository to go with this data and adopt the git repo
-			// 3. We delete it and start afresh
-			//
-			// Previously Gitea would just delete and start afresh - this was naughty.
-			// So we will now fail and delegate to other functionality to adopt or delete
-			log.Error("Files already exist in %s and we are not going to adopt or delete.", repo.FullName())
-			return repo_model.ErrRepoFilesAlreadyExist{
-				Uname: u.Name,
-				Name:  repo.Name,
-			}
+			// we can not use the ctx because it maybe canceled or timeout
+			cleanupRepository(repo.ID)
 		}
+	}()
 
-		if err = initRepository(ctx, doer, repo, opts); err != nil {
-			if err2 := gitrepo.DeleteRepository(ctx, repo); err2 != nil {
-				log.Error("initRepository: %v", err)
-				return fmt.Errorf(
-					"delete repo directory %s/%s failed(2): %v", u.Name, repo.Name, err2)
-			}
-			return fmt.Errorf("initRepository: %w", err)
-		}
+	// No need for init mirror.
+	if opts.IsMirror {
+		return repo, nil
+	}
 
-		// Initialize Issue Labels if selected
-		if len(opts.IssueLabels) > 0 {
-			if err = repo_module.InitializeLabels(ctx, repo.ID, opts.IssueLabels, false); err != nil {
-				rollbackRepo = repo
-				rollbackRepo.OwnerID = u.ID
-				return fmt.Errorf("InitializeLabels: %w", err)
-			}
+	// 2 - check whether the repository with the same storage exists
+	var isExist bool
+	isExist, err = gitrepo.IsRepositoryExist(ctx, repo)
+	if err != nil {
+		log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
+		return nil, err
+	}
+	if isExist {
+		log.Error("Files already exist in %s and we are not going to adopt or delete.", repo.FullName())
+		// Don't return directly, we need err in defer to cleanupRepository
+		err = repo_model.ErrRepoFilesAlreadyExist{
+			Uname: repo.OwnerName,
+			Name:  repo.Name,
 		}
+		return nil, err
+	}
 
-		if err := repo_module.CheckDaemonExportOK(ctx, repo); err != nil {
-			return fmt.Errorf("checkDaemonExportOK: %w", err)
-		}
+	// 3 - init git repository in storage
+	if err = initRepository(ctx, doer, repo, opts); err != nil {
+		return nil, fmt.Errorf("initRepository: %w", err)
+	}
 
-		if stdout, _, err := git.NewCommand("update-server-info").
-			RunStdString(ctx, &git.RunOpts{Dir: repo.RepoPath()}); err != nil {
-			log.Error("CreateRepository(git update-server-info) in %v: Stdout: %s\nError: %v", repo, stdout, err)
-			rollbackRepo = repo
-			rollbackRepo.OwnerID = u.ID
-			return fmt.Errorf("CreateRepository(git update-server-info): %w", err)
+	// 4 - Initialize Issue Labels if selected
+	if len(opts.IssueLabels) > 0 {
+		if err = repo_module.InitializeLabels(ctx, repo.ID, opts.IssueLabels, false); err != nil {
+			return nil, fmt.Errorf("InitializeLabels: %w", err)
 		}
+	}
 
-		// update licenses
-		var licenses []string
-		if len(opts.License) > 0 {
-			licenses = append(licenses, opts.License)
+	// 5 - Update the git repository
+	if err = updateGitRepoAfterCreate(ctx, repo); err != nil {
+		return nil, fmt.Errorf("updateGitRepoAfterCreate: %w", err)
+	}
 
-			stdout, _, err := git.NewCommand("rev-parse", "HEAD").RunStdString(ctx, &git.RunOpts{Dir: repo.RepoPath()})
-			if err != nil {
-				log.Error("CreateRepository(git rev-parse HEAD) in %v: Stdout: %s\nError: %v", repo, stdout, err)
-				rollbackRepo = repo
-				rollbackRepo.OwnerID = u.ID
-				return fmt.Errorf("CreateRepository(git rev-parse HEAD): %w", err)
-			}
-			if err := repo_model.UpdateRepoLicenses(ctx, repo, stdout, licenses); err != nil {
-				return err
-			}
+	// 6 - update licenses
+	var licenses []string
+	if len(opts.License) > 0 {
+		licenses = append(licenses, opts.License)
+
+		var stdout string
+		stdout, _, err = git.NewCommand("rev-parse", "HEAD").RunStdString(ctx, &git.RunOpts{Dir: repo.RepoPath()})
+		if err != nil {
+			log.Error("CreateRepository(git rev-parse HEAD) in %v: Stdout: %s\nError: %v", repo, stdout, err)
+			return nil, fmt.Errorf("CreateRepository(git rev-parse HEAD): %w", err)
 		}
-		return nil
-	}); err != nil {
-		if rollbackRepo != nil {
-			if errDelete := DeleteRepositoryDirectly(ctx, doer, rollbackRepo.ID); errDelete != nil {
-				log.Error("Rollback deleteRepository: %v", errDelete)
-			}
+		if err = repo_model.UpdateRepoLicenses(ctx, repo, stdout, licenses); err != nil {
+			return nil, err
 		}
+	}
 
-		return nil, err
+	// 7 - update repository status to be ready
+	if needsUpdateToReady {
+		repo.Status = repo_model.RepositoryReady
+		if err = repo_model.UpdateRepositoryColsWithAutoTime(ctx, repo, "status"); err != nil {
+			return nil, fmt.Errorf("UpdateRepositoryCols: %w", err)
+		}
 	}
 
 	return repo, nil
 }
 
-// CreateRepositoryByExample creates a repository for the user/organization.
-func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, repo *repo_model.Repository, overwriteOrAdopt, isFork bool) (err error) {
+// createRepositoryInDB creates a repository for the user/organization.
+func createRepositoryInDB(ctx context.Context, doer, u *user_model.User, repo *repo_model.Repository, isFork bool) (err error) {
 	if err = repo_model.IsUsableRepoName(repo.Name); err != nil {
 		return err
 	}
@@ -352,19 +349,6 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re
 		}
 	}
 
-	isExist, err := gitrepo.IsRepositoryExist(ctx, repo)
-	if err != nil {
-		log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
-		return err
-	}
-	if !overwriteOrAdopt && isExist {
-		log.Error("Files already exist in %s and we are not going to adopt or delete.", repo.FullName())
-		return repo_model.ErrRepoFilesAlreadyExist{
-			Uname: u.Name,
-			Name:  repo.Name,
-		}
-	}
-
 	if err = db.Insert(ctx, repo); err != nil {
 		return err
 	}
@@ -384,7 +368,8 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re
 	}
 	units := make([]repo_model.RepoUnit, 0, len(defaultUnits))
 	for _, tp := range defaultUnits {
-		if tp == unit.TypeIssues {
+		switch tp {
+		case unit.TypeIssues:
 			units = append(units, repo_model.RepoUnit{
 				RepoID: repo.ID,
 				Type:   tp,
@@ -394,7 +379,7 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re
 					EnableDependencies:               setting.Service.DefaultEnableDependencies,
 				},
 			})
-		} else if tp == unit.TypePullRequests {
+		case unit.TypePullRequests:
 			units = append(units, repo_model.RepoUnit{
 				RepoID: repo.ID,
 				Type:   tp,
@@ -404,13 +389,13 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re
 					AllowRebaseUpdate: true,
 				},
 			})
-		} else if tp == unit.TypeProjects {
+		case unit.TypeProjects:
 			units = append(units, repo_model.RepoUnit{
 				RepoID: repo.ID,
 				Type:   tp,
 				Config: &repo_model.ProjectsConfig{ProjectsMode: repo_model.ProjectsModeAll},
 			})
-		} else {
+		default:
 			units = append(units, repo_model.RepoUnit{
 				RepoID: repo.ID,
 				Type:   tp,
@@ -472,3 +457,26 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re
 
 	return nil
 }
+
+func cleanupRepository(repoID int64) {
+	if errDelete := DeleteRepositoryDirectly(db.DefaultContext, repoID); errDelete != nil {
+		log.Error("cleanupRepository failed: %v", errDelete)
+		// add system notice
+		if err := system_model.CreateRepositoryNotice("DeleteRepositoryDirectly failed when cleanup repository: %v", errDelete); err != nil {
+			log.Error("CreateRepositoryNotice: %v", err)
+		}
+	}
+}
+
+func updateGitRepoAfterCreate(ctx context.Context, repo *repo_model.Repository) error {
+	if err := checkDaemonExportOK(ctx, repo); err != nil {
+		return fmt.Errorf("checkDaemonExportOK: %w", err)
+	}
+
+	if stdout, _, err := git.NewCommand("update-server-info").
+		RunStdString(ctx, &git.RunOpts{Dir: repo.RepoPath()}); err != nil {
+		log.Error("CreateRepository(git update-server-info) in %v: Stdout: %s\nError: %v", repo, stdout, err)
+		return fmt.Errorf("CreateRepository(git update-server-info): %w", err)
+	}
+	return nil
+}
diff --git a/services/repository/create_test.go b/services/repository/create_test.go
new file mode 100644
index 0000000000..fe464c1441
--- /dev/null
+++ b/services/repository/create_test.go
@@ -0,0 +1,57 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repository
+
+import (
+	"os"
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/util"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCreateRepositoryDirectly(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	// a successful creating repository
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+
+	createdRepo, err := CreateRepositoryDirectly(git.DefaultContext, user2, user2, CreateRepoOptions{
+		Name: "created-repo",
+	}, true)
+	assert.NoError(t, err)
+	assert.NotNil(t, createdRepo)
+
+	exist, err := util.IsExist(repo_model.RepoPath(user2.Name, createdRepo.Name))
+	assert.NoError(t, err)
+	assert.True(t, exist)
+
+	unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: createdRepo.Name})
+
+	err = DeleteRepositoryDirectly(db.DefaultContext, createdRepo.ID)
+	assert.NoError(t, err)
+
+	// a failed creating because some mock data
+	// create the repository directory so that the creation will fail after database record created.
+	assert.NoError(t, os.MkdirAll(repo_model.RepoPath(user2.Name, createdRepo.Name), os.ModePerm))
+
+	createdRepo2, err := CreateRepositoryDirectly(db.DefaultContext, user2, user2, CreateRepoOptions{
+		Name: "created-repo",
+	}, true)
+	assert.Nil(t, createdRepo2)
+	assert.Error(t, err)
+
+	// assert the cleanup is successful
+	unittest.AssertNotExistsBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: createdRepo.Name})
+
+	exist, err = util.IsExist(repo_model.RepoPath(user2.Name, createdRepo.Name))
+	assert.NoError(t, err)
+	assert.False(t, exist)
+}
diff --git a/services/repository/delete.go b/services/repository/delete.go
index ff74a20817..c48d6e1d56 100644
--- a/services/repository/delete.go
+++ b/services/repository/delete.go
@@ -27,14 +27,29 @@ import (
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/storage"
+	actions_service "code.gitea.io/gitea/services/actions"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
+	issue_service "code.gitea.io/gitea/services/issue"
 
 	"xorm.io/builder"
 )
 
+func deleteDBRepository(ctx context.Context, repoID int64) error {
+	if cnt, err := db.GetEngine(ctx).ID(repoID).Delete(&repo_model.Repository{}); err != nil {
+		return err
+	} else if cnt != 1 {
+		return repo_model.ErrRepoNotExist{
+			ID:        repoID,
+			OwnerName: "",
+			Name:      "",
+		}
+	}
+	return nil
+}
+
 // DeleteRepository deletes a repository for a user or organization.
 // make sure if you call this func to close open sessions (sqlite will otherwise get a deadlock)
-func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID int64, ignoreOrgTeams ...bool) error {
+func DeleteRepositoryDirectly(ctx context.Context, repoID int64, ignoreOrgTeams ...bool) error {
 	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
@@ -82,14 +97,8 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID
 	}
 	needRewriteKeysFile := deleted > 0
 
-	if cnt, err := sess.ID(repoID).Delete(&repo_model.Repository{}); err != nil {
+	if err := deleteDBRepository(ctx, repoID); err != nil {
 		return err
-	} else if cnt != 1 {
-		return repo_model.ErrRepoNotExist{
-			ID:        repoID,
-			OwnerName: "",
-			Name:      "",
-		}
 	}
 
 	if org != nil && org.IsOrganization() {
@@ -126,6 +135,14 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID
 		return err
 	}
 
+	// CleanupEphemeralRunnersByPickedTaskOfRepo deletes ephemeral global/org/user that have started any task of this repo
+	// The cannot pick a second task hardening for ephemeral runners expect that task objects remain available until runner deletion
+	// This method will delete affected ephemeral global/org/user runners
+	// &actions_model.ActionRunner{RepoID: repoID} does only handle ephemeral repository runners
+	if err := actions_service.CleanupEphemeralRunnersByPickedTaskOfRepo(ctx, repoID); err != nil {
+		return fmt.Errorf("cleanupEphemeralRunners: %w", err)
+	}
+
 	if err := db.DeleteBeans(ctx,
 		&access_model.Access{RepoID: repo.ID},
 		&activities_model.Action{RepoID: repo.ID},
@@ -177,7 +194,7 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID
 
 	// Delete Issues and related objects
 	var attachmentPaths []string
-	if attachmentPaths, err = issues_model.DeleteIssuesByRepoID(ctx, repoID); err != nil {
+	if attachmentPaths, err = issue_service.DeleteIssuesByRepoID(ctx, repoID); err != nil {
 		return err
 	}
 
@@ -358,7 +375,7 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, repoID
 // DeleteOwnerRepositoriesDirectly calls DeleteRepositoryDirectly for all repos of the given owner
 func DeleteOwnerRepositoriesDirectly(ctx context.Context, owner *user_model.User) error {
 	for {
-		repos, _, err := repo_model.GetUserRepositories(ctx, &repo_model.SearchRepoOptions{
+		repos, _, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{
 			ListOptions: db.ListOptions{
 				PageSize: repo_model.RepositoryListDefaultPageSize,
 				Page:     1,
@@ -374,7 +391,7 @@ func DeleteOwnerRepositoriesDirectly(ctx context.Context, owner *user_model.User
 			break
 		}
 		for _, repo := range repos {
-			if err := DeleteRepositoryDirectly(ctx, owner, repo.ID); err != nil {
+			if err := DeleteRepositoryDirectly(ctx, repo.ID); err != nil {
 				return fmt.Errorf("unable to delete repository %s for %s[%d]. Error: %w", repo.Name, owner.Name, owner.ID, err)
 			}
 		}
diff --git a/services/repository/files/cherry_pick.go b/services/repository/files/cherry_pick.go
index 0e069fb2ce..6818bb343d 100644
--- a/services/repository/files/cherry_pick.go
+++ b/services/repository/files/cherry_pick.go
@@ -5,6 +5,7 @@ package files
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -100,7 +101,7 @@ func CherryPick(ctx context.Context, repo *repo_model.Repository, doer *user_mod
 	}
 
 	if conflict {
-		return nil, fmt.Errorf("failed to merge due to conflicts")
+		return nil, errors.New("failed to merge due to conflicts")
 	}
 
 	treeHash, err := t.WriteTree(ctx)
diff --git a/services/repository/files/content.go b/services/repository/files/content.go
index 0ab7422ce2..2c1e88bb59 100644
--- a/services/repository/files/content.go
+++ b/services/repository/files/content.go
@@ -5,17 +5,18 @@ package files
 
 import (
 	"context"
-	"fmt"
+	"io"
 	"net/url"
 	"path"
 	"strings"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/api/v1/utils"
 )
 
 // ContentType repo content type
@@ -23,14 +24,10 @@ type ContentType string
 
 // The string representations of different content types
 const (
-	// ContentTypeRegular regular content type (file)
-	ContentTypeRegular ContentType = "file"
-	// ContentTypeDir dir content type (dir)
-	ContentTypeDir ContentType = "dir"
-	// ContentLink link content type (symlink)
-	ContentTypeLink ContentType = "symlink"
-	// ContentTag submodule content type (submodule)
-	ContentTypeSubmodule ContentType = "submodule"
+	ContentTypeRegular   ContentType = "file"      // regular content type (file)
+	ContentTypeDir       ContentType = "dir"       // dir content type (dir)
+	ContentTypeLink      ContentType = "symlink"   // link content type (symlink)
+	ContentTypeSubmodule ContentType = "submodule" // submodule content type (submodule)
 )
 
 // String gets the string of ContentType
@@ -38,67 +35,52 @@ func (ct *ContentType) String() string {
 	return string(*ct)
 }
 
-// GetContentsOrList gets the meta data of a file's contents (*ContentsResponse) if treePath not a tree
-// directory, otherwise a listing of file contents ([]*ContentsResponse). Ref can be a branch, commit or tag
-func GetContentsOrList(ctx context.Context, repo *repo_model.Repository, treePath, ref string) (any, error) {
-	if repo.IsEmpty {
-		return make([]any, 0), nil
-	}
-	if ref == "" {
-		ref = repo.DefaultBranch
-	}
-	origRef := ref
-
-	// Check that the path given in opts.treePath is valid (not a git path)
-	cleanTreePath := CleanUploadFileName(treePath)
-	if cleanTreePath == "" && treePath != "" {
-		return nil, ErrFilenameInvalid{
-			Path: treePath,
-		}
-	}
-	treePath = cleanTreePath
-
-	gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, repo)
-	if err != nil {
-		return nil, err
-	}
-	defer closer.Close()
+type GetContentsOrListOptions struct {
+	TreePath                 string
+	IncludeSingleFileContent bool // include the file's content when the tree path is a file
+	IncludeLfsMetadata       bool
+	IncludeCommitMetadata    bool
+	IncludeCommitMessage     bool
+}
 
-	// Get the commit object for the ref
-	commit, err := gitRepo.GetCommit(ref)
-	if err != nil {
-		return nil, err
+// GetContentsOrList gets the metadata of a file's contents (*ContentsResponse) if treePath not a tree
+// directory, otherwise a listing of file contents ([]*ContentsResponse). Ref can be a branch, commit or tag
+func GetContentsOrList(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, refCommit *utils.RefCommit, opts GetContentsOrListOptions) (ret api.ContentsExtResponse, _ error) {
+	entry, err := prepareGetContentsEntry(refCommit, &opts.TreePath)
+	if repo.IsEmpty && opts.TreePath == "" {
+		return api.ContentsExtResponse{DirContents: make([]*api.ContentsResponse, 0)}, nil
 	}
-
-	entry, err := commit.GetTreeEntryByPath(treePath)
 	if err != nil {
-		return nil, err
+		return ret, err
 	}
 
+	// get file contents
 	if entry.Type() != "tree" {
-		return GetContents(ctx, repo, treePath, origRef, false)
+		ret.FileContents, err = getFileContentsByEntryInternal(ctx, repo, gitRepo, refCommit, entry, opts)
+		return ret, err
 	}
 
-	// We are in a directory, so we return a list of FileContentResponse objects
-	var fileList []*api.ContentsResponse
-
-	gitTree, err := commit.SubTree(treePath)
+	// list directory contents
+	gitTree, err := refCommit.Commit.SubTree(opts.TreePath)
 	if err != nil {
-		return nil, err
+		return ret, err
 	}
 	entries, err := gitTree.ListEntries()
 	if err != nil {
-		return nil, err
+		return ret, err
 	}
+	ret.DirContents = make([]*api.ContentsResponse, 0, len(entries))
 	for _, e := range entries {
-		subTreePath := path.Join(treePath, e.Name())
-		fileContentResponse, err := GetContents(ctx, repo, subTreePath, origRef, true)
+		subOpts := opts
+		subOpts.TreePath = path.Join(opts.TreePath, e.Name())
+		subOpts.IncludeSingleFileContent = false // never include file content when listing a directory
+		fileContentResponse, err := GetFileContents(ctx, repo, gitRepo, refCommit, subOpts)
 		if err != nil {
-			return nil, err
+			return ret, err
 		}
-		fileList = append(fileList, fileContentResponse)
+		ret.DirContents = append(ret.DirContents, fileContentResponse)
 	}
-	return fileList, nil
+	return ret, nil
 }
 
 // GetObjectTypeFromTreeEntry check what content is behind it
@@ -117,86 +99,96 @@ func GetObjectTypeFromTreeEntry(entry *git.TreeEntry) ContentType {
 	}
 }
 
-// GetContents gets the meta data on a file's contents. Ref can be a branch, commit or tag
-func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref string, forList bool) (*api.ContentsResponse, error) {
-	if ref == "" {
-		ref = repo.DefaultBranch
-	}
-	origRef := ref
-
+func prepareGetContentsEntry(refCommit *utils.RefCommit, treePath *string) (*git.TreeEntry, error) {
 	// Check that the path given in opts.treePath is valid (not a git path)
-	cleanTreePath := CleanUploadFileName(treePath)
-	if cleanTreePath == "" && treePath != "" {
-		return nil, ErrFilenameInvalid{
-			Path: treePath,
-		}
+	cleanTreePath := CleanGitTreePath(*treePath)
+	if cleanTreePath == "" && *treePath != "" {
+		return nil, ErrFilenameInvalid{Path: *treePath}
 	}
-	treePath = cleanTreePath
+	*treePath = cleanTreePath
 
-	gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, repo)
-	if err != nil {
-		return nil, err
+	// Only allow safe ref types
+	refType := refCommit.RefName.RefType()
+	if refType != git.RefTypeBranch && refType != git.RefTypeTag && refType != git.RefTypeCommit {
+		return nil, util.NewNotExistErrorf("no commit found for the ref [ref: %s]", refCommit.RefName)
 	}
-	defer closer.Close()
 
-	// Get the commit object for the ref
-	commit, err := gitRepo.GetCommit(ref)
-	if err != nil {
-		return nil, err
-	}
-	commitID := commit.ID.String()
-	if len(ref) >= 4 && strings.HasPrefix(commitID, ref) {
-		ref = commit.ID.String()
-	}
+	return refCommit.Commit.GetTreeEntryByPath(*treePath)
+}
 
-	entry, err := commit.GetTreeEntryByPath(treePath)
+// GetFileContents gets the metadata on a file's contents. Ref can be a branch, commit or tag
+func GetFileContents(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, refCommit *utils.RefCommit, opts GetContentsOrListOptions) (*api.ContentsResponse, error) {
+	entry, err := prepareGetContentsEntry(refCommit, &opts.TreePath)
 	if err != nil {
 		return nil, err
 	}
+	return getFileContentsByEntryInternal(ctx, repo, gitRepo, refCommit, entry, opts)
+}
 
-	refType := gitRepo.GetRefType(ref)
-	if refType == "invalid" {
-		return nil, fmt.Errorf("no commit found for the ref [ref: %s]", ref)
-	}
-
-	selfURL, err := url.Parse(repo.APIURL() + "/contents/" + util.PathEscapeSegments(treePath) + "?ref=" + url.QueryEscape(origRef))
+func getFileContentsByEntryInternal(_ context.Context, repo *repo_model.Repository, gitRepo *git.Repository, refCommit *utils.RefCommit, entry *git.TreeEntry, opts GetContentsOrListOptions) (*api.ContentsResponse, error) {
+	refType := refCommit.RefName.RefType()
+	commit := refCommit.Commit
+	selfURL, err := url.Parse(repo.APIURL() + "/contents/" + util.PathEscapeSegments(opts.TreePath) + "?ref=" + url.QueryEscape(refCommit.InputRef))
 	if err != nil {
 		return nil, err
 	}
 	selfURLString := selfURL.String()
 
-	err = gitRepo.AddLastCommitCache(repo.GetCommitsCountCacheKey(ref, refType != git.ObjectCommit), repo.FullName(), commitID)
-	if err != nil {
-		return nil, err
-	}
-
-	lastCommit, err := commit.GetCommitByPath(treePath)
-	if err != nil {
-		return nil, err
-	}
-
 	// All content types have these fields in populated
 	contentsResponse := &api.ContentsResponse{
-		Name:          entry.Name(),
-		Path:          treePath,
-		SHA:           entry.ID.String(),
-		LastCommitSHA: lastCommit.ID.String(),
-		Size:          entry.Size(),
-		URL:           &selfURLString,
+		Name: entry.Name(),
+		Path: opts.TreePath,
+		SHA:  entry.ID.String(),
+		Size: entry.Size(),
+		URL:  &selfURLString,
 		Links: &api.FileLinksResponse{
 			Self: &selfURLString,
 		},
 	}
 
-	// Now populate the rest of the ContentsResponse based on entry type
+	if opts.IncludeCommitMetadata || opts.IncludeCommitMessage {
+		err = gitRepo.AddLastCommitCache(repo.GetCommitsCountCacheKey(refCommit.InputRef, refType != git.RefTypeCommit), repo.FullName(), refCommit.CommitID)
+		if err != nil {
+			return nil, err
+		}
+
+		lastCommit, err := refCommit.Commit.GetCommitByPath(opts.TreePath)
+		if err != nil {
+			return nil, err
+		}
+
+		if opts.IncludeCommitMetadata {
+			contentsResponse.LastCommitSHA = util.ToPointer(lastCommit.ID.String())
+			// GitHub doesn't have these fields in the response, but we could follow other similar APIs to name them
+			// https://docs.github.com/en/rest/commits/commits?apiVersion=2022-11-28#list-commits
+			if lastCommit.Committer != nil {
+				contentsResponse.LastCommitterDate = util.ToPointer(lastCommit.Committer.When)
+			}
+			if lastCommit.Author != nil {
+				contentsResponse.LastAuthorDate = util.ToPointer(lastCommit.Author.When)
+			}
+		}
+		if opts.IncludeCommitMessage {
+			contentsResponse.LastCommitMessage = util.ToPointer(lastCommit.Message())
+		}
+	}
+
+	// Now populate the rest of the ContentsResponse based on the entry type
 	if entry.IsRegular() || entry.IsExecutable() {
 		contentsResponse.Type = string(ContentTypeRegular)
-		if blobResponse, err := GetBlobBySHA(ctx, repo, gitRepo, entry.ID.String()); err != nil {
-			return nil, err
-		} else if !forList {
-			// We don't show the content if we are getting a list of FileContentResponses
-			contentsResponse.Encoding = &blobResponse.Encoding
-			contentsResponse.Content = &blobResponse.Content
+		// if it is listing the repo root dir, don't waste system resources on reading content
+		if opts.IncludeSingleFileContent {
+			blobResponse, err := GetBlobBySHA(repo, gitRepo, entry.ID.String())
+			if err != nil {
+				return nil, err
+			}
+			contentsResponse.Encoding, contentsResponse.Content = blobResponse.Encoding, blobResponse.Content
+			contentsResponse.LfsOid, contentsResponse.LfsSize = blobResponse.LfsOid, blobResponse.LfsSize
+		} else if opts.IncludeLfsMetadata {
+			contentsResponse.LfsOid, contentsResponse.LfsSize, err = parsePossibleLfsPointerBlob(gitRepo, entry.ID.String())
+			if err != nil {
+				return nil, err
+			}
 		}
 	} else if entry.IsDir() {
 		contentsResponse.Type = string(ContentTypeDir)
@@ -210,7 +202,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.Target = &targetFromContent
 	} else if entry.IsSubModule() {
 		contentsResponse.Type = string(ContentTypeSubmodule)
-		submodule, err := commit.GetSubModule(treePath)
+		submodule, err := commit.GetSubModule(opts.TreePath)
 		if err != nil {
 			return nil, err
 		}
@@ -220,7 +212,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 	}
 	// Handle links
 	if entry.IsRegular() || entry.IsLink() || entry.IsExecutable() {
-		downloadURL, err := url.Parse(repo.HTMLURL() + "/raw/" + url.PathEscape(string(refType)) + "/" + util.PathEscapeSegments(ref) + "/" + util.PathEscapeSegments(treePath))
+		downloadURL, err := url.Parse(repo.HTMLURL() + "/raw/" + refCommit.RefName.RefWebLinkPath() + "/" + util.PathEscapeSegments(opts.TreePath))
 		if err != nil {
 			return nil, err
 		}
@@ -228,7 +220,7 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 		contentsResponse.DownloadURL = &downloadURLString
 	}
 	if !entry.IsSubModule() {
-		htmlURL, err := url.Parse(repo.HTMLURL() + "/src/" + url.PathEscape(string(refType)) + "/" + util.PathEscapeSegments(ref) + "/" + util.PathEscapeSegments(treePath))
+		htmlURL, err := url.Parse(repo.HTMLURL() + "/src/" + refCommit.RefName.RefWebLinkPath() + "/" + util.PathEscapeSegments(opts.TreePath))
 		if err != nil {
 			return nil, err
 		}
@@ -248,49 +240,59 @@ func GetContents(ctx context.Context, repo *repo_model.Repository, treePath, ref
 	return contentsResponse, nil
 }
 
-// GetBlobBySHA get the GitBlobResponse of a repository using a sha hash.
-func GetBlobBySHA(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, sha string) (*api.GitBlobResponse, error) {
+func GetBlobBySHA(repo *repo_model.Repository, gitRepo *git.Repository, sha string) (*api.GitBlobResponse, error) {
 	gitBlob, err := gitRepo.GetBlob(sha)
 	if err != nil {
 		return nil, err
 	}
-	content := ""
-	if gitBlob.Size() <= setting.API.DefaultMaxBlobSize {
-		content, err = gitBlob.GetBlobContentBase64()
-		if err != nil {
-			return nil, err
-		}
+	ret := &api.GitBlobResponse{
+		SHA:  gitBlob.ID.String(),
+		URL:  repo.APIURL() + "/git/blobs/" + url.PathEscape(gitBlob.ID.String()),
+		Size: gitBlob.Size(),
 	}
-	return &api.GitBlobResponse{
-		SHA:      gitBlob.ID.String(),
-		URL:      repo.APIURL() + "/git/blobs/" + url.PathEscape(gitBlob.ID.String()),
-		Size:     gitBlob.Size(),
-		Encoding: "base64",
-		Content:  content,
-	}, nil
-}
 
-// TryGetContentLanguage tries to get the (linguist) language of the file content
-func TryGetContentLanguage(gitRepo *git.Repository, commitID, treePath string) (string, error) {
-	indexFilename, worktree, deleteTemporaryFile, err := gitRepo.ReadTreeToTemporaryIndex(commitID)
-	if err != nil {
-		return "", err
+	blobSize := gitBlob.Size()
+	if blobSize > setting.API.DefaultMaxBlobSize {
+		return ret, nil
 	}
 
-	defer deleteTemporaryFile()
+	var originContent *strings.Builder
+	if 0 < blobSize && blobSize < lfs.MetaFileMaxSize {
+		originContent = &strings.Builder{}
+	}
 
-	filename2attribute2info, err := gitRepo.CheckAttribute(git.CheckAttributeOpts{
-		CachedOnly: true,
-		Attributes: []string{git.AttributeLinguistLanguage, git.AttributeGitlabLanguage},
-		Filenames:  []string{treePath},
-		IndexFile:  indexFilename,
-		WorkTree:   worktree,
-	})
+	content, err := gitBlob.GetBlobContentBase64(originContent)
 	if err != nil {
-		return "", err
+		return nil, err
+	}
+
+	ret.Encoding, ret.Content = util.ToPointer("base64"), &content
+	if originContent != nil {
+		ret.LfsOid, ret.LfsSize = parsePossibleLfsPointerBuffer(strings.NewReader(originContent.String()))
 	}
+	return ret, nil
+}
 
-	language := git.TryReadLanguageAttribute(filename2attribute2info[treePath])
+func parsePossibleLfsPointerBuffer(r io.Reader) (*string, *int64) {
+	p, _ := lfs.ReadPointer(r)
+	if p.IsValid() {
+		return &p.Oid, &p.Size
+	}
+	return nil, nil
+}
 
-	return language.Value(), nil
+func parsePossibleLfsPointerBlob(gitRepo *git.Repository, sha string) (*string, *int64, error) {
+	gitBlob, err := gitRepo.GetBlob(sha)
+	if err != nil {
+		return nil, nil, err
+	}
+	if gitBlob.Size() > lfs.MetaFileMaxSize {
+		return nil, nil, nil // not a LFS pointer
+	}
+	buf, err := gitBlob.GetBlobContent(lfs.MetaFileMaxSize)
+	if err != nil {
+		return nil, nil, err
+	}
+	oid, size := parsePossibleLfsPointerBuffer(strings.NewReader(buf))
+	return oid, size, nil
 }
diff --git a/services/repository/files/content_test.go b/services/repository/files/content_test.go
index 7cb46c0bb6..d72f918074 100644
--- a/services/repository/files/content_test.go
+++ b/services/repository/files/content_test.go
@@ -7,8 +7,8 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models/unittest"
-	"code.gitea.io/gitea/modules/gitrepo"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/contexttest"
 
 	_ "code.gitea.io/gitea/models/actions"
@@ -20,36 +20,6 @@ func TestMain(m *testing.M) {
 	unittest.MainTest(m)
 }
 
-func getExpectedReadmeContentsResponse() *api.ContentsResponse {
-	treePath := "README.md"
-	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
-	encoding := "base64"
-	content := "IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"
-	selfURL := "https://try.gitea.io/api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
-	htmlURL := "https://try.gitea.io/user2/repo1/src/branch/master/" + treePath
-	gitURL := "https://try.gitea.io/api/v1/repos/user2/repo1/git/blobs/" + sha
-	downloadURL := "https://try.gitea.io/user2/repo1/raw/branch/master/" + treePath
-	return &api.ContentsResponse{
-		Name:          treePath,
-		Path:          treePath,
-		SHA:           "4b4851ad51df6a7d9f25c979345979eaeb5b349f",
-		LastCommitSHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
-		Type:          "file",
-		Size:          30,
-		Encoding:      &encoding,
-		Content:       &content,
-		URL:           &selfURL,
-		HTMLURL:       &htmlURL,
-		GitURL:        &gitURL,
-		DownloadURL:   &downloadURL,
-		Links: &api.FileLinksResponse{
-			Self:    &selfURL,
-			GitURL:  &gitURL,
-			HTMLURL: &htmlURL,
-		},
-	}
-}
-
 func TestGetContents(t *testing.T) {
 	unittest.PrepareTestEnv(t)
 	ctx, _ := contexttest.MockContext(t, "user2/repo1")
@@ -58,195 +28,22 @@ func TestGetContents(t *testing.T) {
 	contexttest.LoadRepoCommit(t, ctx)
 	contexttest.LoadUser(t, ctx, 2)
 	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	treePath := "README.md"
-	ref := ctx.Repo.Repository.DefaultBranch
-
-	expectedContentsResponse := getExpectedReadmeContentsResponse()
-
-	t.Run("Get README.md contents with GetContents(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContents(ctx, ctx.Repo.Repository, treePath, ref, false)
-		assert.EqualValues(t, expectedContentsResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-
-	t.Run("Get README.md contents with ref as empty string (should then use the repo's default branch) with GetContents(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContents(ctx, ctx.Repo.Repository, treePath, "", false)
-		assert.EqualValues(t, expectedContentsResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-}
-
-func TestGetContentsOrListForDir(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	treePath := "" // root dir
-	ref := ctx.Repo.Repository.DefaultBranch
-
-	readmeContentsResponse := getExpectedReadmeContentsResponse()
-	// because will be in a list, doesn't have encoding and content
-	readmeContentsResponse.Encoding = nil
-	readmeContentsResponse.Content = nil
-
-	expectedContentsListResponse := []*api.ContentsResponse{
-		readmeContentsResponse,
-	}
-
-	t.Run("Get root dir contents with GetContentsOrList(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContentsOrList(ctx, ctx.Repo.Repository, treePath, ref)
-		assert.EqualValues(t, expectedContentsListResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-
-	t.Run("Get root dir contents with ref as empty string (should then use the repo's default branch) with GetContentsOrList(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContentsOrList(ctx, ctx.Repo.Repository, treePath, "")
-		assert.EqualValues(t, expectedContentsListResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-}
-
-func TestGetContentsOrListForFile(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	treePath := "README.md"
-	ref := ctx.Repo.Repository.DefaultBranch
-
-	expectedContentsResponse := getExpectedReadmeContentsResponse()
-
-	t.Run("Get README.md contents with GetContentsOrList(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContentsOrList(ctx, ctx.Repo.Repository, treePath, ref)
-		assert.EqualValues(t, expectedContentsResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-
-	t.Run("Get README.md contents with ref as empty string (should then use the repo's default branch) with GetContentsOrList(ctx, )", func(t *testing.T) {
-		fileContentResponse, err := GetContentsOrList(ctx, ctx.Repo.Repository, treePath, "")
-		assert.EqualValues(t, expectedContentsResponse, fileContentResponse)
-		assert.NoError(t, err)
-	})
-}
-
-func TestGetContentsErrors(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	repo := ctx.Repo.Repository
-	treePath := "README.md"
-	ref := repo.DefaultBranch
-
-	t.Run("bad treePath", func(t *testing.T) {
-		badTreePath := "bad/tree.md"
-		fileContentResponse, err := GetContents(ctx, repo, badTreePath, ref, false)
-		assert.Error(t, err)
-		assert.EqualError(t, err, "object does not exist [id: , rel_path: bad]")
-		assert.Nil(t, fileContentResponse)
-	})
-
-	t.Run("bad ref", func(t *testing.T) {
-		badRef := "bad_ref"
-		fileContentResponse, err := GetContents(ctx, repo, treePath, badRef, false)
-		assert.Error(t, err)
-		assert.EqualError(t, err, "object does not exist [id: "+badRef+", rel_path: ]")
-		assert.Nil(t, fileContentResponse)
-	})
-}
-
-func TestGetContentsOrListErrors(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
 
-	repo := ctx.Repo.Repository
-	treePath := "README.md"
-	ref := repo.DefaultBranch
-
-	t.Run("bad treePath", func(t *testing.T) {
-		badTreePath := "bad/tree.md"
-		fileContentResponse, err := GetContentsOrList(ctx, repo, badTreePath, ref)
-		assert.Error(t, err)
-		assert.EqualError(t, err, "object does not exist [id: , rel_path: bad]")
-		assert.Nil(t, fileContentResponse)
-	})
-
-	t.Run("bad ref", func(t *testing.T) {
-		badRef := "bad_ref"
-		fileContentResponse, err := GetContentsOrList(ctx, repo, treePath, badRef)
-		assert.Error(t, err)
-		assert.EqualError(t, err, "object does not exist [id: "+badRef+", rel_path: ]")
-		assert.Nil(t, fileContentResponse)
-	})
-}
-
-func TestGetContentsOrListOfEmptyRepos(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user30/empty")
-	ctx.SetPathParam("id", "52")
-	contexttest.LoadRepo(t, ctx, 52)
-	contexttest.LoadUser(t, ctx, 30)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	repo := ctx.Repo.Repository
-
-	t.Run("empty repo", func(t *testing.T) {
-		contents, err := GetContentsOrList(ctx, repo, "", "")
+	// GetContentsOrList's behavior is fully tested in integration tests, so we don't need to test it here.
+
+	t.Run("GetBlobBySHA", func(t *testing.T) {
+		sha := "65f1bf27bc3bf70f64657658635e66094edbcb4d"
+		ctx.SetPathParam("id", "1")
+		ctx.SetPathParam("sha", sha)
+		gbr, err := GetBlobBySHA(ctx.Repo.Repository, ctx.Repo.GitRepo, ctx.PathParam("sha"))
+		expectedGBR := &api.GitBlobResponse{
+			Content:  util.ToPointer("dHJlZSAyYTJmMWQ0NjcwNzI4YTJlMTAwNDllMzQ1YmQ3YTI3NjQ2OGJlYWI2CmF1dGhvciB1c2VyMSA8YWRkcmVzczFAZXhhbXBsZS5jb20+IDE0ODk5NTY0NzkgLTA0MDAKY29tbWl0dGVyIEV0aGFuIEtvZW5pZyA8ZXRoYW50a29lbmlnQGdtYWlsLmNvbT4gMTQ4OTk1NjQ3OSAtMDQwMAoKSW5pdGlhbCBjb21taXQK"),
+			Encoding: util.ToPointer("base64"),
+			URL:      "https://try.gitea.io/api/v1/repos/user2/repo1/git/blobs/65f1bf27bc3bf70f64657658635e66094edbcb4d",
+			SHA:      "65f1bf27bc3bf70f64657658635e66094edbcb4d",
+			Size:     180,
+		}
 		assert.NoError(t, err)
-		assert.Empty(t, contents)
+		assert.Equal(t, expectedGBR, gbr)
 	})
 }
-
-func TestGetBlobBySHA(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	sha := "65f1bf27bc3bf70f64657658635e66094edbcb4d"
-	ctx.SetPathParam("id", "1")
-	ctx.SetPathParam("sha", sha)
-
-	gitRepo, err := gitrepo.OpenRepository(ctx, ctx.Repo.Repository)
-	if err != nil {
-		t.Fail()
-	}
-
-	gbr, err := GetBlobBySHA(ctx, ctx.Repo.Repository, gitRepo, ctx.PathParam("sha"))
-	expectedGBR := &api.GitBlobResponse{
-		Content:  "dHJlZSAyYTJmMWQ0NjcwNzI4YTJlMTAwNDllMzQ1YmQ3YTI3NjQ2OGJlYWI2CmF1dGhvciB1c2VyMSA8YWRkcmVzczFAZXhhbXBsZS5jb20+IDE0ODk5NTY0NzkgLTA0MDAKY29tbWl0dGVyIEV0aGFuIEtvZW5pZyA8ZXRoYW50a29lbmlnQGdtYWlsLmNvbT4gMTQ4OTk1NjQ3OSAtMDQwMAoKSW5pdGlhbCBjb21taXQK",
-		Encoding: "base64",
-		URL:      "https://try.gitea.io/api/v1/repos/user2/repo1/git/blobs/65f1bf27bc3bf70f64657658635e66094edbcb4d",
-		SHA:      "65f1bf27bc3bf70f64657658635e66094edbcb4d",
-		Size:     180,
-	}
-	assert.NoError(t, err)
-	assert.Equal(t, expectedGBR, gbr)
-}
diff --git a/services/repository/files/diff.go b/services/repository/files/diff.go
index 0b3550452a..50d01f9d7c 100644
--- a/services/repository/files/diff.go
+++ b/services/repository/files/diff.go
@@ -29,7 +29,7 @@ func GetDiffPreview(ctx context.Context, repo *repo_model.Repository, branch, tr
 	}
 
 	// Add the object to the database
-	objectHash, err := t.HashObject(ctx, strings.NewReader(content))
+	objectHash, err := t.HashObjectAndWrite(ctx, strings.NewReader(content))
 	if err != nil {
 		return nil, err
 	}
diff --git a/services/repository/files/diff_test.go b/services/repository/files/diff_test.go
index a8514791cc..ae702e4189 100644
--- a/services/repository/files/diff_test.go
+++ b/services/repository/files/diff_test.go
@@ -118,7 +118,7 @@ func TestGetDiffPreview(t *testing.T) {
 		assert.NoError(t, err)
 		bs, err := json.Marshal(diff)
 		assert.NoError(t, err)
-		assert.EqualValues(t, string(expectedBs), string(bs))
+		assert.Equal(t, string(expectedBs), string(bs))
 	})
 
 	t.Run("empty branch, same results", func(t *testing.T) {
@@ -128,7 +128,7 @@ func TestGetDiffPreview(t *testing.T) {
 		assert.NoError(t, err)
 		bs, err := json.Marshal(diff)
 		assert.NoError(t, err)
-		assert.EqualValues(t, expectedBs, bs)
+		assert.Equal(t, expectedBs, bs)
 	})
 }
 
diff --git a/services/repository/files/file.go b/services/repository/files/file.go
index 2caa1b4946..f48e32b427 100644
--- a/services/repository/files/file.go
+++ b/services/repository/files/file.go
@@ -5,6 +5,7 @@ package files
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"net/url"
 	"strings"
@@ -12,18 +13,40 @@ import (
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/api/v1/utils"
 )
 
-func GetFilesResponseFromCommit(ctx context.Context, repo *repo_model.Repository, commit *git.Commit, branch string, treeNames []string) (*api.FilesResponse, error) {
-	files := []*api.ContentsResponse{}
-	for _, file := range treeNames {
-		fileContents, _ := GetContents(ctx, repo, file, branch, false) // ok if fails, then will be nil
+func GetContentsListFromTreePaths(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, refCommit *utils.RefCommit, treePaths []string) (files []*api.ContentsResponse) {
+	var size int64
+	for _, treePath := range treePaths {
+		// ok if fails, then will be nil
+		fileContents, _ := GetFileContents(ctx, repo, gitRepo, refCommit, GetContentsOrListOptions{
+			TreePath:                 treePath,
+			IncludeSingleFileContent: true,
+			IncludeCommitMetadata:    true,
+		})
+		if fileContents != nil && fileContents.Content != nil && *fileContents.Content != "" {
+			// if content isn't empty (e.g., due to the single blob being too large), add file size to response size
+			size += int64(len(*fileContents.Content))
+		}
+		if size > setting.API.DefaultMaxResponseSize {
+			break // stop if max response size would be exceeded
+		}
 		files = append(files, fileContents)
+		if len(files) == setting.API.DefaultPagingNum {
+			break // stop if paging num reached
+		}
 	}
-	fileCommitResponse, _ := GetFileCommitResponse(repo, commit) // ok if fails, then will be nil
-	verification := GetPayloadCommitVerification(ctx, commit)
+	return files
+}
+
+func GetFilesResponseFromCommit(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, refCommit *utils.RefCommit, treeNames []string) (*api.FilesResponse, error) {
+	files := GetContentsListFromTreePaths(ctx, repo, gitRepo, refCommit, treeNames)
+	fileCommitResponse, _ := GetFileCommitResponse(repo, refCommit.Commit) // ok if fails, then will be nil
+	verification := GetPayloadCommitVerification(ctx, refCommit.Commit)
 	filesResponse := &api.FilesResponse{
 		Files:        files,
 		Commit:       fileCommitResponse,
@@ -32,19 +55,6 @@ func GetFilesResponseFromCommit(ctx context.Context, repo *repo_model.Repository
 	return filesResponse, nil
 }
 
-// GetFileResponseFromCommit Constructs a FileResponse from a Commit object
-func GetFileResponseFromCommit(ctx context.Context, repo *repo_model.Repository, commit *git.Commit, branch, treeName string) (*api.FileResponse, error) {
-	fileContents, _ := GetContents(ctx, repo, treeName, branch, false) // ok if fails, then will be nil
-	fileCommitResponse, _ := GetFileCommitResponse(repo, commit)       // ok if fails, then will be nil
-	verification := GetPayloadCommitVerification(ctx, commit)
-	fileResponse := &api.FileResponse{
-		Content:      fileContents,
-		Commit:       fileCommitResponse,
-		Verification: verification,
-	}
-	return fileResponse, nil
-}
-
 // constructs a FileResponse with the file at the index from FilesResponse
 func GetFileResponseFromFilesResponse(filesResponse *api.FilesResponse, index int) *api.FileResponse {
 	content := &api.ContentsResponse{}
@@ -62,10 +72,10 @@ func GetFileResponseFromFilesResponse(filesResponse *api.FilesResponse, index in
 // GetFileCommitResponse Constructs a FileCommitResponse from a Commit object
 func GetFileCommitResponse(repo *repo_model.Repository, commit *git.Commit) (*api.FileCommitResponse, error) {
 	if repo == nil {
-		return nil, fmt.Errorf("repo cannot be nil")
+		return nil, errors.New("repo cannot be nil")
 	}
 	if commit == nil {
-		return nil, fmt.Errorf("commit cannot be nil")
+		return nil, errors.New("commit cannot be nil")
 	}
 	commitURL, _ := url.Parse(repo.APIURL() + "/git/commits/" + url.PathEscape(commit.ID.String()))
 	commitTreeURL, _ := url.Parse(repo.APIURL() + "/git/trees/" + url.PathEscape(commit.Tree.ID.String()))
@@ -129,15 +139,17 @@ func (err ErrFilenameInvalid) Unwrap() error {
 	return util.ErrInvalidArgument
 }
 
-// CleanUploadFileName Trims a filename and returns empty string if it is a .git directory
-func CleanUploadFileName(name string) string {
-	// Rebase the filename
+// CleanGitTreePath cleans a tree path for git, it returns an empty string the path is invalid (e.g.: contains ".git" part)
+func CleanGitTreePath(name string) string {
 	name = util.PathJoinRel(name)
 	// Git disallows any filenames to have a .git directory in them.
-	for _, part := range strings.Split(name, "/") {
-		if strings.ToLower(part) == ".git" {
+	for part := range strings.SplitSeq(name, "/") {
+		if strings.EqualFold(part, ".git") {
 			return ""
 		}
 	}
+	if name == "." {
+		name = ""
+	}
 	return name
 }
diff --git a/services/repository/files/file_test.go b/services/repository/files/file_test.go
index 52c0574883..cdb6a266ff 100644
--- a/services/repository/files/file_test.go
+++ b/services/repository/files/file_test.go
@@ -6,115 +6,22 @@ package files
 import (
 	"testing"
 
-	"code.gitea.io/gitea/models/unittest"
-	"code.gitea.io/gitea/modules/gitrepo"
-	"code.gitea.io/gitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
-	"code.gitea.io/gitea/services/contexttest"
-
 	"github.com/stretchr/testify/assert"
 )
 
 func TestCleanUploadFileName(t *testing.T) {
-	t.Run("Clean regular file", func(t *testing.T) {
-		name := "this/is/test"
-		cleanName := CleanUploadFileName(name)
-		expectedCleanName := name
-		assert.EqualValues(t, expectedCleanName, cleanName)
-	})
-
-	t.Run("Clean a .git path", func(t *testing.T) {
-		name := "this/is/test/.git"
-		cleanName := CleanUploadFileName(name)
-		expectedCleanName := ""
-		assert.EqualValues(t, expectedCleanName, cleanName)
-	})
-}
-
-func getExpectedFileResponse() *api.FileResponse {
-	treePath := "README.md"
-	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
-	encoding := "base64"
-	content := "IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"
-	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
-	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
-	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
-	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
-	return &api.FileResponse{
-		Content: &api.ContentsResponse{
-			Name:          treePath,
-			Path:          treePath,
-			SHA:           sha,
-			LastCommitSHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
-			Type:          "file",
-			Size:          30,
-			Encoding:      &encoding,
-			Content:       &content,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
-			Links: &api.FileLinksResponse{
-				Self:    &selfURL,
-				GitURL:  &gitURL,
-				HTMLURL: &htmlURL,
-			},
-		},
-		Commit: &api.FileCommitResponse{
-			CommitMeta: api.CommitMeta{
-				URL: "https://try.gitea.io/api/v1/repos/user2/repo1/git/commits/65f1bf27bc3bf70f64657658635e66094edbcb4d",
-				SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
-			},
-			HTMLURL: "https://try.gitea.io/user2/repo1/commit/65f1bf27bc3bf70f64657658635e66094edbcb4d",
-			Author: &api.CommitUser{
-				Identity: api.Identity{
-					Name:  "user1",
-					Email: "address1@example.com",
-				},
-				Date: "2017-03-19T20:47:59Z",
-			},
-			Committer: &api.CommitUser{
-				Identity: api.Identity{
-					Name:  "Ethan Koenig",
-					Email: "ethantkoenig@gmail.com",
-				},
-				Date: "2017-03-19T20:47:59Z",
-			},
-			Parents: []*api.CommitMeta{},
-			Message: "Initial commit\n",
-			Tree: &api.CommitMeta{
-				URL: "https://try.gitea.io/api/v1/repos/user2/repo1/git/trees/2a2f1d4670728a2e10049e345bd7a276468beab6",
-				SHA: "2a2f1d4670728a2e10049e345bd7a276468beab6",
-			},
-		},
-		Verification: &api.PayloadCommitVerification{
-			Verified:  false,
-			Reason:    "gpg.error.not_signed_commit",
-			Signature: "",
-			Payload:   "",
-		},
+	cases := []struct {
+		input, expected string
+	}{
+		{"", ""},
+		{".", ""},
+		{"a/./b", "a/b"},
+		{"a.git", "a.git"},
+		{".git/b", ""},
+		{"a/.git", ""},
+		{"/a/../../b", "b"},
+	}
+	for _, c := range cases {
+		assert.Equal(t, c.expected, CleanGitTreePath(c.input), "input: %q", c.input)
 	}
-}
-
-func TestGetFileResponseFromCommit(t *testing.T) {
-	unittest.PrepareTestEnv(t)
-	ctx, _ := contexttest.MockContext(t, "user2/repo1")
-	ctx.SetPathParam("id", "1")
-	contexttest.LoadRepo(t, ctx, 1)
-	contexttest.LoadRepoCommit(t, ctx)
-	contexttest.LoadUser(t, ctx, 2)
-	contexttest.LoadGitRepo(t, ctx)
-	defer ctx.Repo.GitRepo.Close()
-
-	repo := ctx.Repo.Repository
-	branch := repo.DefaultBranch
-	treePath := "README.md"
-	gitRepo, _ := gitrepo.OpenRepository(ctx, repo)
-	defer gitRepo.Close()
-	commit, _ := gitRepo.GetBranchCommit(branch)
-	expectedFileResponse := getExpectedFileResponse()
-
-	fileResponse, err := GetFileResponseFromCommit(ctx, repo, commit, branch, treePath)
-	assert.NoError(t, err)
-	assert.EqualValues(t, expectedFileResponse, fileResponse)
 }
diff --git a/services/repository/files/patch.go b/services/repository/files/patch.go
index 1941adb86a..11a8744b7f 100644
--- a/services/repository/files/patch.go
+++ b/services/repository/files/patch.go
@@ -12,7 +12,6 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
@@ -45,7 +44,6 @@ type ApplyDiffPatchOptions struct {
 	NewBranch    string
 	Message      string
 	Content      string
-	SHA          string
 	Author       *IdentityOptions
 	Committer    *IdentityOptions
 	Dates        *CommitDateOptions
@@ -62,29 +60,26 @@ func (opts *ApplyDiffPatchOptions) Validate(ctx context.Context, repo *repo_mode
 		opts.NewBranch = opts.OldBranch
 	}
 
-	gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, repo)
-	if err != nil {
-		return err
-	}
-	defer closer.Close()
-
 	// oldBranch must exist for this operation
-	if _, err := gitRepo.GetBranch(opts.OldBranch); err != nil {
+	if exist, err := git_model.IsBranchExist(ctx, repo.ID, opts.OldBranch); err != nil {
 		return err
+	} else if !exist {
+		return git_model.ErrBranchNotExist{
+			BranchName: opts.OldBranch,
+		}
 	}
 	// A NewBranch can be specified for the patch to be applied to.
 	// Check to make sure the branch does not already exist, otherwise we can't proceed.
 	// If we aren't branching to a new branch, make sure user can commit to the given branch
 	if opts.NewBranch != opts.OldBranch {
-		existingBranch, err := gitRepo.GetBranch(opts.NewBranch)
-		if existingBranch != nil {
+		exist, err := git_model.IsBranchExist(ctx, repo.ID, opts.NewBranch)
+		if err != nil {
+			return err
+		} else if exist {
 			return git_model.ErrBranchAlreadyExists{
 				BranchName: opts.NewBranch,
 			}
 		}
-		if err != nil && !git.IsErrBranchNotExist(err) {
-			return err
-		}
 	} else {
 		protectedBranch, err := git_model.GetFirstMatchProtectedBranchRule(ctx, repo.ID, opts.OldBranch)
 		if err != nil {
diff --git a/services/repository/files/temp_repo.go b/services/repository/files/temp_repo.go
index d2c70a7a34..c2f61c8223 100644
--- a/services/repository/files/temp_repo.go
+++ b/services/repository/files/temp_repo.go
@@ -6,6 +6,7 @@ package files
 import (
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@@ -29,23 +30,24 @@ type TemporaryUploadRepository struct {
 	repo     *repo_model.Repository
 	gitRepo  *git.Repository
 	basePath string
+	cleanup  func()
 }
 
 // NewTemporaryUploadRepository creates a new temporary upload repository
 func NewTemporaryUploadRepository(repo *repo_model.Repository) (*TemporaryUploadRepository, error) {
-	basePath, err := repo_module.CreateTemporaryPath("upload")
+	basePath, cleanup, err := repo_module.CreateTemporaryPath("upload")
 	if err != nil {
 		return nil, err
 	}
-	t := &TemporaryUploadRepository{repo: repo, basePath: basePath}
+	t := &TemporaryUploadRepository{repo: repo, basePath: basePath, cleanup: cleanup}
 	return t, nil
 }
 
 // Close the repository cleaning up all files
 func (t *TemporaryUploadRepository) Close() {
 	defer t.gitRepo.Close()
-	if err := repo_module.RemoveTemporaryPath(t.basePath); err != nil {
-		log.Error("Failed to remove temporary path %s: %v", t.basePath, err)
+	if t.cleanup != nil {
+		t.cleanup()
 	}
 }
 
@@ -126,7 +128,7 @@ func (t *TemporaryUploadRepository) LsFiles(ctx context.Context, filenames ...st
 	}
 
 	fileList := make([]string, 0, len(filenames))
-	for _, line := range bytes.Split(stdOut.Bytes(), []byte{'\000'}) {
+	for line := range bytes.SplitSeq(stdOut.Bytes(), []byte{'\000'}) {
 		fileList = append(fileList, string(line))
 	}
 
@@ -162,8 +164,8 @@ func (t *TemporaryUploadRepository) RemoveFilesFromIndex(ctx context.Context, fi
 	return nil
 }
 
-// HashObject writes the provided content to the object db and returns its hash
-func (t *TemporaryUploadRepository) HashObject(ctx context.Context, content io.Reader) (string, error) {
+// HashObjectAndWrite writes the provided content to the object db and returns its hash
+func (t *TemporaryUploadRepository) HashObjectAndWrite(ctx context.Context, content io.Reader) (string, error) {
 	stdOut := new(bytes.Buffer)
 	stdErr := new(bytes.Buffer)
 
@@ -291,15 +293,18 @@ func (t *TemporaryUploadRepository) CommitTree(ctx context.Context, opts *Commit
 	}
 
 	var sign bool
-	var keyID string
+	var key *git.SigningKey
 	var signer *git.Signature
 	if opts.ParentCommitID != "" {
-		sign, keyID, signer, _ = asymkey_service.SignCRUDAction(ctx, t.repo.RepoPath(), opts.DoerUser, t.basePath, opts.ParentCommitID)
+		sign, key, signer, _ = asymkey_service.SignCRUDAction(ctx, t.repo.RepoPath(), opts.DoerUser, t.basePath, opts.ParentCommitID)
 	} else {
-		sign, keyID, signer, _ = asymkey_service.SignInitialCommit(ctx, t.repo.RepoPath(), opts.DoerUser)
+		sign, key, signer, _ = asymkey_service.SignInitialCommit(ctx, t.repo.RepoPath(), opts.DoerUser)
 	}
 	if sign {
-		cmdCommitTree.AddOptionFormat("-S%s", keyID)
+		if key.Format != "" {
+			cmdCommitTree.AddConfig("gpg.format", key.Format)
+		}
+		cmdCommitTree.AddOptionFormat("-S%s", key.KeyID)
 		if t.repo.GetTrustModel() == repo_model.CommitterTrustModel || t.repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
 			if committerSig.Name != authorSig.Name || committerSig.Email != authorSig.Email {
 				// Add trailers
@@ -414,7 +419,7 @@ func (t *TemporaryUploadRepository) DiffIndex(ctx context.Context) (*gitdiff.Dif
 // GetBranchCommit Gets the commit object of the given branch
 func (t *TemporaryUploadRepository) GetBranchCommit(branch string) (*git.Commit, error) {
 	if t.gitRepo == nil {
-		return nil, fmt.Errorf("repository has not been cloned")
+		return nil, errors.New("repository has not been cloned")
 	}
 	return t.gitRepo.GetBranchCommit(branch)
 }
@@ -422,7 +427,7 @@ func (t *TemporaryUploadRepository) GetBranchCommit(branch string) (*git.Commit,
 // GetCommit Gets the commit object of the given commit ID
 func (t *TemporaryUploadRepository) GetCommit(commitID string) (*git.Commit, error) {
 	if t.gitRepo == nil {
-		return nil, fmt.Errorf("repository has not been cloned")
+		return nil, errors.New("repository has not been cloned")
 	}
 	return t.gitRepo.GetCommit(commitID)
 }
diff --git a/services/repository/files/tree.go b/services/repository/files/tree.go
index 9142416347..e481a3e7d2 100644
--- a/services/repository/files/tree.go
+++ b/services/repository/files/tree.go
@@ -6,12 +6,14 @@ package files
 import (
 	"context"
 	"fmt"
+	"html/template"
 	"net/url"
 	"path"
 	"sort"
 	"strings"
 
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -88,15 +90,8 @@ func GetTreeBySHA(ctx context.Context, repo *repo_model.Repository, gitRepo *git
 	if rangeStart >= len(entries) {
 		return tree, nil
 	}
-	var rangeEnd int
-	if len(entries) > perPage {
-		tree.Truncated = true
-	}
-	if rangeStart+perPage < len(entries) {
-		rangeEnd = rangeStart + perPage
-	} else {
-		rangeEnd = len(entries)
-	}
+	rangeEnd := min(rangeStart+perPage, len(entries))
+	tree.Truncated = rangeEnd < len(entries)
 	tree.Entries = make([]api.GitEntry, rangeEnd-rangeStart)
 	for e := rangeStart; e < rangeEnd; e++ {
 		i := e - rangeStart
@@ -140,8 +135,13 @@ func entryModeString(entryMode git.EntryMode) string {
 }
 
 type TreeViewNode struct {
-	EntryName    string          `json:"entryName"`
-	EntryMode    string          `json:"entryMode"`
+	EntryName     string        `json:"entryName"`
+	EntryMode     string        `json:"entryMode"`
+	EntryIcon     template.HTML `json:"entryIcon"`
+	EntryIconOpen template.HTML `json:"entryIconOpen,omitempty"`
+
+	SymLinkedToMode string `json:"symLinkedToMode,omitempty"` // TODO: for the EntryMode="symlink"
+
 	FullPath     string          `json:"fullPath"`
 	SubmoduleURL string          `json:"submoduleUrl,omitempty"`
 	Children     []*TreeViewNode `json:"children,omitempty"`
@@ -151,20 +151,29 @@ func (node *TreeViewNode) sortLevel() int {
 	return util.Iif(node.EntryMode == "tree" || node.EntryMode == "commit", 0, 1)
 }
 
-func newTreeViewNodeFromEntry(ctx context.Context, commit *git.Commit, parentDir string, entry *git.TreeEntry) *TreeViewNode {
+func newTreeViewNodeFromEntry(ctx context.Context, repoLink string, renderedIconPool *fileicon.RenderedIconPool, commit *git.Commit, parentDir string, entry *git.TreeEntry) *TreeViewNode {
 	node := &TreeViewNode{
 		EntryName: entry.Name(),
 		EntryMode: entryModeString(entry.Mode()),
 		FullPath:  path.Join(parentDir, entry.Name()),
 	}
 
+	entryInfo := fileicon.EntryInfoFromGitTreeEntry(commit, node.FullPath, entry)
+	node.EntryIcon = fileicon.RenderEntryIconHTML(renderedIconPool, entryInfo)
+	if entryInfo.EntryMode.IsDir() {
+		entryInfo.IsOpen = true
+		node.EntryIconOpen = fileicon.RenderEntryIconHTML(renderedIconPool, entryInfo)
+	}
+
 	if node.EntryMode == "commit" {
 		if subModule, err := commit.GetSubModule(node.FullPath); err != nil {
 			log.Error("GetSubModule: %v", err)
 		} else if subModule != nil {
-			submoduleFile := git.NewCommitSubmoduleFile(subModule.URL, entry.ID.String())
-			webLink := submoduleFile.SubmoduleWebLink(ctx)
-			node.SubmoduleURL = webLink.CommitWebLink
+			submoduleFile := git.NewCommitSubmoduleFile(repoLink, node.FullPath, subModule.URL, entry.ID.String())
+			webLink := submoduleFile.SubmoduleWebLinkTree(ctx)
+			if webLink != nil {
+				node.SubmoduleURL = webLink.CommitWebLink
+			}
 		}
 	}
 
@@ -182,7 +191,7 @@ func sortTreeViewNodes(nodes []*TreeViewNode) {
 	})
 }
 
-func listTreeNodes(ctx context.Context, commit *git.Commit, tree *git.Tree, treePath, subPath string) ([]*TreeViewNode, error) {
+func listTreeNodes(ctx context.Context, repoLink string, renderedIconPool *fileicon.RenderedIconPool, commit *git.Commit, tree *git.Tree, treePath, subPath string) ([]*TreeViewNode, error) {
 	entries, err := tree.ListEntries()
 	if err != nil {
 		return nil, err
@@ -191,14 +200,14 @@ func listTreeNodes(ctx context.Context, commit *git.Commit, tree *git.Tree, tree
 	subPathDirName, subPathRemaining, _ := strings.Cut(subPath, "/")
 	nodes := make([]*TreeViewNode, 0, len(entries))
 	for _, entry := range entries {
-		node := newTreeViewNodeFromEntry(ctx, commit, treePath, entry)
+		node := newTreeViewNodeFromEntry(ctx, repoLink, renderedIconPool, commit, treePath, entry)
 		nodes = append(nodes, node)
 		if entry.IsDir() && subPathDirName == entry.Name() {
 			subTreePath := treePath + "/" + node.EntryName
 			if subTreePath[0] == '/' {
 				subTreePath = subTreePath[1:]
 			}
-			subNodes, err := listTreeNodes(ctx, commit, entry.Tree(), subTreePath, subPathRemaining)
+			subNodes, err := listTreeNodes(ctx, repoLink, renderedIconPool, commit, entry.Tree(), subTreePath, subPathRemaining)
 			if err != nil {
 				log.Error("listTreeNodes: %v", err)
 			} else {
@@ -210,10 +219,10 @@ func listTreeNodes(ctx context.Context, commit *git.Commit, tree *git.Tree, tree
 	return nodes, nil
 }
 
-func GetTreeViewNodes(ctx context.Context, commit *git.Commit, treePath, subPath string) ([]*TreeViewNode, error) {
+func GetTreeViewNodes(ctx context.Context, repoLink string, renderedIconPool *fileicon.RenderedIconPool, commit *git.Commit, treePath, subPath string) ([]*TreeViewNode, error) {
 	entry, err := commit.GetTreeEntryByPath(treePath)
 	if err != nil {
 		return nil, err
 	}
-	return listTreeNodes(ctx, commit, entry.Tree(), treePath, subPath)
+	return listTreeNodes(ctx, repoLink, renderedIconPool, commit, entry.Tree(), treePath, subPath)
 }
diff --git a/services/repository/files/tree_test.go b/services/repository/files/tree_test.go
index 8ea54969ce..38ac9f25fc 100644
--- a/services/repository/files/tree_test.go
+++ b/services/repository/files/tree_test.go
@@ -4,9 +4,11 @@
 package files
 
 import (
+	"html/template"
 	"testing"
 
 	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/fileicon"
 	"code.gitea.io/gitea/modules/git"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/services/contexttest"
@@ -49,7 +51,7 @@ func TestGetTreeBySHA(t *testing.T) {
 		TotalCount: 1,
 	}
 
-	assert.EqualValues(t, expectedTree, tree)
+	assert.Equal(t, expectedTree, tree)
 }
 
 func TestGetTreeViewNodes(t *testing.T) {
@@ -62,40 +64,57 @@ func TestGetTreeViewNodes(t *testing.T) {
 	contexttest.LoadGitRepo(t, ctx)
 	defer ctx.Repo.GitRepo.Close()
 
-	treeNodes, err := GetTreeViewNodes(ctx, ctx.Repo.Commit, "", "")
+	curRepoLink := "/any/repo-link"
+	renderedIconPool := fileicon.NewRenderedIconPool()
+	mockIconForFile := func(id string) template.HTML {
+		return template.HTML(`<svg class="svg git-entry-icon octicon-file" width="16" height="16" aria-hidden="true"><use xlink:href="#` + id + `"></use></svg>`)
+	}
+	mockIconForFolder := func(id string) template.HTML {
+		return template.HTML(`<svg class="svg git-entry-icon octicon-file-directory-fill" width="16" height="16" aria-hidden="true"><use xlink:href="#` + id + `"></use></svg>`)
+	}
+	mockOpenIconForFolder := func(id string) template.HTML {
+		return template.HTML(`<svg class="svg git-entry-icon octicon-file-directory-open-fill" width="16" height="16" aria-hidden="true"><use xlink:href="#` + id + `"></use></svg>`)
+	}
+	treeNodes, err := GetTreeViewNodes(ctx, curRepoLink, renderedIconPool, ctx.Repo.Commit, "", "")
 	assert.NoError(t, err)
 	assert.Equal(t, []*TreeViewNode{
 		{
-			EntryName: "docs",
-			EntryMode: "tree",
-			FullPath:  "docs",
+			EntryName:     "docs",
+			EntryMode:     "tree",
+			FullPath:      "docs",
+			EntryIcon:     mockIconForFolder(`svg-mfi-folder-docs`),
+			EntryIconOpen: mockOpenIconForFolder(`svg-mfi-folder-docs`),
 		},
 	}, treeNodes)
 
-	treeNodes, err = GetTreeViewNodes(ctx, ctx.Repo.Commit, "", "docs/README.md")
+	treeNodes, err = GetTreeViewNodes(ctx, curRepoLink, renderedIconPool, ctx.Repo.Commit, "", "docs/README.md")
 	assert.NoError(t, err)
 	assert.Equal(t, []*TreeViewNode{
 		{
-			EntryName: "docs",
-			EntryMode: "tree",
-			FullPath:  "docs",
+			EntryName:     "docs",
+			EntryMode:     "tree",
+			FullPath:      "docs",
+			EntryIcon:     mockIconForFolder(`svg-mfi-folder-docs`),
+			EntryIconOpen: mockOpenIconForFolder(`svg-mfi-folder-docs`),
 			Children: []*TreeViewNode{
 				{
 					EntryName: "README.md",
 					EntryMode: "blob",
 					FullPath:  "docs/README.md",
+					EntryIcon: mockIconForFile(`svg-mfi-readme`),
 				},
 			},
 		},
 	}, treeNodes)
 
-	treeNodes, err = GetTreeViewNodes(ctx, ctx.Repo.Commit, "docs", "README.md")
+	treeNodes, err = GetTreeViewNodes(ctx, curRepoLink, renderedIconPool, ctx.Repo.Commit, "docs", "README.md")
 	assert.NoError(t, err)
 	assert.Equal(t, []*TreeViewNode{
 		{
 			EntryName: "README.md",
 			EntryMode: "blob",
 			FullPath:  "docs/README.md",
+			EntryIcon: mockIconForFile(`svg-mfi-readme`),
 		},
 	}, treeNodes)
 }
diff --git a/services/repository/files/update.go b/services/repository/files/update.go
index cade7ba2bf..e871f777e5 100644
--- a/services/repository/files/update.go
+++ b/services/repository/files/update.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"path"
+	"slices"
 	"strings"
 	"time"
 
@@ -15,12 +16,14 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/attribute"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/api/v1/utils"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
 	pull_service "code.gitea.io/gitea/services/pull"
 )
@@ -85,14 +88,32 @@ func (err ErrRepoFileDoesNotExist) Unwrap() error {
 	return util.ErrNotExist
 }
 
+type LazyReadSeeker interface {
+	io.ReadSeeker
+	io.Closer
+	OpenLazyReader() error
+}
+
 // ChangeRepoFiles adds, updates or removes multiple files in the given repository
-func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, opts *ChangeRepoFilesOptions) (*structs.FilesResponse, error) {
+func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, opts *ChangeRepoFilesOptions) (_ *structs.FilesResponse, errRet error) {
+	var addedLfsPointers []lfs.Pointer
+	defer func() {
+		if errRet != nil {
+			for _, lfsPointer := range addedLfsPointers {
+				_, err := git_model.RemoveLFSMetaObjectByOid(ctx, repo.ID, lfsPointer.Oid)
+				if err != nil {
+					log.Error("ChangeRepoFiles: RemoveLFSMetaObjectByOid failed: %v", err)
+				}
+			}
+		}
+	}()
+
 	err := repo.MustNotBeArchived()
 	if err != nil {
 		return nil, err
 	}
 
-	// If no branch name is set, assume default branch
+	// If no branch name is set, assume the default branch
 	if opts.OldBranch == "" {
 		opts.OldBranch = repo.DefaultBranch
 	}
@@ -107,8 +128,13 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 	defer closer.Close()
 
 	// oldBranch must exist for this operation
-	if _, err := gitRepo.GetBranch(opts.OldBranch); err != nil && !repo.IsEmpty {
+	if exist, err := git_model.IsBranchExist(ctx, repo.ID, opts.OldBranch); err != nil {
 		return nil, err
+	} else if !exist && !repo.IsEmpty {
+		return nil, git_model.ErrBranchNotExist{
+			RepoID:     repo.ID,
+			BranchName: opts.OldBranch,
+		}
 	}
 
 	var treePaths []string
@@ -119,14 +145,14 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 		}
 
 		// Check that the path given in opts.treePath is valid (not a git path)
-		treePath := CleanUploadFileName(file.TreePath)
+		treePath := CleanGitTreePath(file.TreePath)
 		if treePath == "" {
 			return nil, ErrFilenameInvalid{
 				Path: file.TreePath,
 			}
 		}
 		// If there is a fromTreePath (we are copying it), also clean it up
-		fromTreePath := CleanUploadFileName(file.FromTreePath)
+		fromTreePath := CleanGitTreePath(file.FromTreePath)
 		if fromTreePath == "" && file.FromTreePath != "" {
 			return nil, ErrFilenameInvalid{
 				Path: file.FromTreePath,
@@ -145,15 +171,15 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 	// Check to make sure the branch does not already exist, otherwise we can't proceed.
 	// If we aren't branching to a new branch, make sure user can commit to the given branch
 	if opts.NewBranch != opts.OldBranch {
-		existingBranch, err := gitRepo.GetBranch(opts.NewBranch)
-		if existingBranch != nil {
+		exist, err := git_model.IsBranchExist(ctx, repo.ID, opts.NewBranch)
+		if err != nil {
+			return nil, err
+		}
+		if exist {
 			return nil, git_model.ErrBranchAlreadyExists{
 				BranchName: opts.NewBranch,
 			}
 		}
-		if err != nil && !git.IsErrBranchNotExist(err) {
-			return nil, err
-		}
 	} else if err := VerifyBranchProtection(ctx, repo, doer, opts.OldBranch, treePaths); err != nil {
 		return nil, err
 	}
@@ -196,13 +222,7 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 			}
 
 			// Find the file we want to delete in the index
-			inFilelist := false
-			for _, indexFile := range filesInIndex {
-				if indexFile == file.TreePath {
-					inFilelist = true
-					break
-				}
-			}
+			inFilelist := slices.Contains(filesInIndex, file.TreePath)
 			if !inFilelist {
 				return nil, ErrRepoFileDoesNotExist{
 					Path: file.TreePath,
@@ -218,7 +238,7 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 			return nil, err // Couldn't get a commit for the branch
 		}
 
-		// Assigned LastCommitID in opts if it hasn't been set
+		// Assigned LastCommitID in "opts" if it hasn't been set
 		if opts.LastCommitID == "" {
 			opts.LastCommitID = commit.ID.String()
 		} else {
@@ -230,22 +250,25 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 		}
 
 		for _, file := range opts.Files {
-			if err := handleCheckErrors(file, commit, opts); err != nil {
+			if err = handleCheckErrors(file, commit, opts); err != nil {
 				return nil, err
 			}
 		}
 	}
 
-	contentStore := lfs.NewContentStore()
+	lfsContentStore := lfs.NewContentStore()
 	for _, file := range opts.Files {
 		switch file.Operation {
-		case "create", "update":
-			if err := CreateOrUpdateFile(ctx, t, file, contentStore, repo.ID, hasOldBranch); err != nil {
+		case "create", "update", "rename", "upload":
+			addedLfsPointer, err := modifyFile(ctx, t, file, lfsContentStore, repo.ID)
+			if err != nil {
 				return nil, err
 			}
+			if addedLfsPointer != nil {
+				addedLfsPointers = append(addedLfsPointers, *addedLfsPointer)
+			}
 		case "delete":
-			// Remove the file from the index
-			if err := t.RemoveFilesFromIndex(ctx, file.TreePath); err != nil {
+			if err = t.RemoveFilesFromIndex(ctx, file.TreePath); err != nil {
 				return nil, err
 			}
 		default:
@@ -290,14 +313,16 @@ func ChangeRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
 		return nil, err
 	}
 
-	filesResponse, err := GetFilesResponseFromCommit(ctx, repo, commit, opts.NewBranch, treePaths)
+	// FIXME: this call seems not right, why it needs to read the file content again
+	// FIXME: why it uses the NewBranch as "ref", it should use the commit ID because the response is only for this commit
+	filesResponse, err := GetFilesResponseFromCommit(ctx, repo, gitRepo, utils.NewRefCommit(git.RefNameFromBranch(opts.NewBranch), commit), treePaths)
 	if err != nil {
 		return nil, err
 	}
 
 	if repo.IsEmpty {
 		if isEmpty, err := gitRepo.IsEmpty(); err == nil && !isEmpty {
-			_ = repo_model.UpdateRepositoryCols(ctx, &repo_model.Repository{ID: repo.ID, IsEmpty: false, DefaultBranch: opts.NewBranch}, "is_empty", "default_branch")
+			_ = repo_model.UpdateRepositoryColsWithAutoTime(ctx, &repo_model.Repository{ID: repo.ID, IsEmpty: false, DefaultBranch: opts.NewBranch}, "is_empty", "default_branch")
 		}
 	}
 
@@ -363,22 +388,33 @@ func (err ErrSHAOrCommitIDNotProvided) Error() string {
 
 // handles the check for various issues for ChangeRepoFiles
 func handleCheckErrors(file *ChangeRepoFile, commit *git.Commit, opts *ChangeRepoFilesOptions) error {
-	if file.Operation == "update" || file.Operation == "delete" {
-		fromEntry, err := commit.GetTreeEntryByPath(file.Options.fromTreePath)
-		if err != nil {
-			return err
+	// check old entry (fromTreePath/fromEntry)
+	if file.Operation == "update" || file.Operation == "upload" || file.Operation == "delete" || file.Operation == "rename" {
+		var fromEntryIDString string
+		{
+			fromEntry, err := commit.GetTreeEntryByPath(file.Options.fromTreePath)
+			if file.Operation == "upload" && git.IsErrNotExist(err) {
+				fromEntry = nil
+			} else if err != nil {
+				return err
+			}
+			if fromEntry != nil {
+				fromEntryIDString = fromEntry.ID.String()
+				file.Options.executable = fromEntry.IsExecutable() // FIXME: legacy hacky approach, it shouldn't prepare the "Options" in the "check" function
+			}
 		}
+
 		if file.SHA != "" {
-			// If a SHA was given and the SHA given doesn't match the SHA of the fromTreePath, throw error
-			if file.SHA != fromEntry.ID.String() {
+			// If the SHA given doesn't match the SHA of the fromTreePath, throw error
+			if file.SHA != fromEntryIDString {
 				return pull_service.ErrSHADoesNotMatch{
 					Path:       file.Options.treePath,
 					GivenSHA:   file.SHA,
-					CurrentSHA: fromEntry.ID.String(),
+					CurrentSHA: fromEntryIDString,
 				}
 			}
 		} else if opts.LastCommitID != "" {
-			// If a lastCommitID was given and it doesn't match the commitID of the head of the branch throw
+			// If a lastCommitID given doesn't match the branch head's commitID throw
 			// an error, but only if we aren't creating a new branch.
 			if commit.ID.String() != opts.LastCommitID && opts.OldBranch == opts.NewBranch {
 				if changed, err := commit.FileChangedSinceCommit(file.Options.treePath, opts.LastCommitID); err != nil {
@@ -396,13 +432,13 @@ func handleCheckErrors(file *ChangeRepoFile, commit *git.Commit, opts *ChangeRep
 			// haven't been made. We throw an error if one wasn't provided.
 			return ErrSHAOrCommitIDNotProvided{}
 		}
-		file.Options.executable = fromEntry.IsExecutable()
 	}
-	if file.Operation == "create" || file.Operation == "update" {
-		// For the path where this file will be created/updated, we need to make
-		// sure no parts of the path are existing files or links except for the last
-		// item in the path which is the file name, and that shouldn't exist IF it is
-		// a new file OR is being moved to a new path.
+
+	// check new entry (treePath/treeEntry)
+	if file.Operation == "create" || file.Operation == "update" || file.Operation == "upload" || file.Operation == "rename" {
+		// For operation's target path, we need to make sure no parts of the path are existing files or links
+		// except for the last item in the path (which is the file name).
+		// And that shouldn't exist IF it is a new file OR is being moved to a new path.
 		treePathParts := strings.Split(file.Options.treePath, "/")
 		subTreePath := ""
 		for index, part := range treePathParts {
@@ -439,7 +475,7 @@ func handleCheckErrors(file *ChangeRepoFile, commit *git.Commit, opts *ChangeRep
 					Type:    git.EntryModeTree,
 				}
 			} else if file.Options.fromTreePath != file.Options.treePath || file.Operation == "create" {
-				// The entry shouldn't exist if we are creating new file or moving to a new path
+				// The entry shouldn't exist if we are creating the new file or moving to a new path
 				return ErrRepoFileAlreadyExists{
 					Path: file.Options.treePath,
 				}
@@ -450,21 +486,23 @@ func handleCheckErrors(file *ChangeRepoFile, commit *git.Commit, opts *ChangeRep
 	return nil
 }
 
-// CreateOrUpdateFile handles creating or updating a file for ChangeRepoFiles
-func CreateOrUpdateFile(ctx context.Context, t *TemporaryUploadRepository, file *ChangeRepoFile, contentStore *lfs.ContentStore, repoID int64, hasOldBranch bool) error {
+func modifyFile(ctx context.Context, t *TemporaryUploadRepository, file *ChangeRepoFile, contentStore *lfs.ContentStore, repoID int64) (addedLfsPointer *lfs.Pointer, _ error) {
+	if rd, ok := file.ContentReader.(LazyReadSeeker); ok {
+		if err := rd.OpenLazyReader(); err != nil {
+			return nil, fmt.Errorf("OpenLazyReader: %w", err)
+		}
+		defer rd.Close()
+	}
+
 	// Get the two paths (might be the same if not moving) from the index if they exist
 	filesInIndex, err := t.LsFiles(ctx, file.TreePath, file.FromTreePath)
 	if err != nil {
-		return fmt.Errorf("UpdateRepoFile: %w", err)
+		return nil, fmt.Errorf("LsFiles: %w", err)
 	}
 	// If is a new file (not updating) then the given path shouldn't exist
 	if file.Operation == "create" {
-		for _, indexFile := range filesInIndex {
-			if indexFile == file.TreePath {
-				return ErrRepoFileAlreadyExists{
-					Path: file.TreePath,
-				}
-			}
+		if slices.Contains(filesInIndex, file.TreePath) {
+			return nil, ErrRepoFileAlreadyExists{Path: file.TreePath}
 		}
 	}
 
@@ -472,79 +510,178 @@ func CreateOrUpdateFile(ctx context.Context, t *TemporaryUploadRepository, file
 	if file.Options.fromTreePath != file.Options.treePath && len(filesInIndex) > 0 {
 		for _, indexFile := range filesInIndex {
 			if indexFile == file.Options.fromTreePath {
-				if err := t.RemoveFilesFromIndex(ctx, file.FromTreePath); err != nil {
-					return err
+				if err = t.RemoveFilesFromIndex(ctx, file.FromTreePath); err != nil {
+					return nil, err
 				}
 			}
 		}
 	}
 
-	treeObjectContentReader := file.ContentReader
-	var lfsMetaObject *git_model.LFSMetaObject
-	if setting.LFS.StartServer && hasOldBranch {
-		// Check there is no way this can return multiple infos
-		filename2attribute2info, err := t.gitRepo.CheckAttribute(git.CheckAttributeOpts{
-			Attributes: []string{"filter"},
-			Filenames:  []string{file.Options.treePath},
-			CachedOnly: true,
-		})
+	var writeObjectRet *writeRepoObjectRet
+	switch file.Operation {
+	case "create", "update", "upload":
+		writeObjectRet, err = writeRepoObjectForModify(ctx, t, file)
+	case "rename":
+		writeObjectRet, err = writeRepoObjectForRename(ctx, t, file)
+	default:
+		return nil, util.NewInvalidArgumentErrorf("unknown file modification operation: '%s'", file.Operation)
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	// Add the object to the index, the "file.Options.executable" is set in handleCheckErrors by the caller (legacy hacky approach)
+	if err = t.AddObjectToIndex(ctx, util.Iif(file.Options.executable, "100755", "100644"), writeObjectRet.ObjectHash, file.Options.treePath); err != nil {
+		return nil, err
+	}
+
+	if writeObjectRet.LfsContent == nil {
+		return nil, nil // No LFS pointer, so nothing to do
+	}
+	defer writeObjectRet.LfsContent.Close()
+
+	// Now we must store the content into an LFS object
+	lfsMetaObject, err := git_model.NewLFSMetaObject(ctx, repoID, writeObjectRet.LfsPointer)
+	if err != nil {
+		return nil, err
+	}
+	exist, err := contentStore.Exists(lfsMetaObject.Pointer)
+	if err != nil {
+		return nil, err
+	}
+	if !exist {
+		err = contentStore.Put(lfsMetaObject.Pointer, writeObjectRet.LfsContent)
 		if err != nil {
-			return err
+			if _, errRemove := git_model.RemoveLFSMetaObjectByOid(ctx, repoID, lfsMetaObject.Oid); errRemove != nil {
+				return nil, fmt.Errorf("unable to remove failed inserted LFS object %s: %v (Prev Error: %w)", lfsMetaObject.Oid, errRemove, err)
+			}
+			return nil, err
 		}
+	}
+	return &lfsMetaObject.Pointer, nil
+}
+
+func checkIsLfsFileInGitAttributes(ctx context.Context, t *TemporaryUploadRepository, paths []string) (ret []bool, err error) {
+	attributesMap, err := attribute.CheckAttributes(ctx, t.gitRepo, "" /* use temp repo's working dir */, attribute.CheckAttributeOpts{
+		Attributes: []string{attribute.Filter},
+		Filenames:  paths,
+	})
+	if err != nil {
+		return nil, err
+	}
+	for _, p := range paths {
+		isLFSFile := attributesMap[p] != nil && attributesMap[p].Get(attribute.Filter).ToString().Value() == "lfs"
+		ret = append(ret, isLFSFile)
+	}
+	return ret, nil
+}
 
-		if filename2attribute2info[file.Options.treePath] != nil && filename2attribute2info[file.Options.treePath]["filter"] == "lfs" {
-			// OK so we are supposed to LFS this data!
-			pointer, err := lfs.GeneratePointer(treeObjectContentReader)
+type writeRepoObjectRet struct {
+	ObjectHash string
+	LfsContent io.ReadCloser // if not nil, then the caller should store its content in LfsPointer, then close it
+	LfsPointer lfs.Pointer
+}
+
+// writeRepoObjectForModify hashes the git object for create or update operations
+func writeRepoObjectForModify(ctx context.Context, t *TemporaryUploadRepository, file *ChangeRepoFile) (ret *writeRepoObjectRet, err error) {
+	ret = &writeRepoObjectRet{}
+	treeObjectContentReader := file.ContentReader
+	if setting.LFS.StartServer {
+		checkIsLfsFiles, err := checkIsLfsFileInGitAttributes(ctx, t, []string{file.Options.treePath})
+		if err != nil {
+			return nil, err
+		}
+		if checkIsLfsFiles[0] {
+			// OK, so we are supposed to LFS this data!
+			ret.LfsPointer, err = lfs.GeneratePointer(file.ContentReader)
 			if err != nil {
-				return err
+				return nil, err
 			}
-			lfsMetaObject = &git_model.LFSMetaObject{Pointer: pointer, RepositoryID: repoID}
-			treeObjectContentReader = strings.NewReader(pointer.StringContent())
+			if _, err = file.ContentReader.Seek(0, io.SeekStart); err != nil {
+				return nil, err
+			}
+			ret.LfsContent = io.NopCloser(file.ContentReader)
+			treeObjectContentReader = strings.NewReader(ret.LfsPointer.StringContent())
 		}
 	}
 
-	// Add the object to the database
-	objectHash, err := t.HashObject(ctx, treeObjectContentReader)
+	ret.ObjectHash, err = t.HashObjectAndWrite(ctx, treeObjectContentReader)
 	if err != nil {
-		return err
+		return nil, err
 	}
+	return ret, nil
+}
 
-	// Add the object to the index
-	if file.Options.executable {
-		if err := t.AddObjectToIndex(ctx, "100755", objectHash, file.Options.treePath); err != nil {
-			return err
-		}
-	} else {
-		if err := t.AddObjectToIndex(ctx, "100644", objectHash, file.Options.treePath); err != nil {
-			return err
+// writeRepoObjectForRename the same as writeRepoObjectForModify buf for "rename"
+func writeRepoObjectForRename(ctx context.Context, t *TemporaryUploadRepository, file *ChangeRepoFile) (ret *writeRepoObjectRet, err error) {
+	lastCommitID, err := t.GetLastCommit(ctx)
+	if err != nil {
+		return nil, err
+	}
+	commit, err := t.GetCommit(lastCommitID)
+	if err != nil {
+		return nil, err
+	}
+	oldEntry, err := commit.GetTreeEntryByPath(file.Options.fromTreePath)
+	if err != nil {
+		return nil, err
+	}
+
+	ret = &writeRepoObjectRet{ObjectHash: oldEntry.ID.String()}
+	if !setting.LFS.StartServer {
+		return ret, nil
+	}
+
+	checkIsLfsFiles, err := checkIsLfsFileInGitAttributes(ctx, t, []string{file.Options.fromTreePath, file.Options.treePath})
+	if err != nil {
+		return nil, err
+	}
+	oldIsLfs, newIsLfs := checkIsLfsFiles[0], checkIsLfsFiles[1]
+
+	// If the old and new paths are both in lfs or both not in lfs, the object hash of the old file can be used directly
+	// as the object doesn't change
+	if oldIsLfs == newIsLfs {
+		return ret, nil
+	}
+
+	oldEntryBlobPointerBy := func(f func(r io.Reader) (lfs.Pointer, error)) (lfsPointer lfs.Pointer, err error) {
+		r, err := oldEntry.Blob().DataAsync()
+		if err != nil {
+			return lfsPointer, err
 		}
+		defer r.Close()
+		return f(r)
 	}
 
-	if lfsMetaObject != nil {
-		// We have an LFS object - create it
-		lfsMetaObject, err = git_model.NewLFSMetaObject(ctx, lfsMetaObject.RepositoryID, lfsMetaObject.Pointer)
+	var treeObjectContentReader io.ReadCloser
+	if oldIsLfs {
+		// If the old is in lfs but the new isn't, read the content from lfs and add it as a normal git object
+		pointer, err := oldEntryBlobPointerBy(lfs.ReadPointer)
 		if err != nil {
-			return err
+			return nil, err
 		}
-		exist, err := contentStore.Exists(lfsMetaObject.Pointer)
+		treeObjectContentReader, err = lfs.ReadMetaObject(pointer)
 		if err != nil {
-			return err
+			return nil, err
 		}
-		if !exist {
-			_, err := file.ContentReader.Seek(0, io.SeekStart)
-			if err != nil {
-				return err
-			}
-			if err := contentStore.Put(lfsMetaObject.Pointer, file.ContentReader); err != nil {
-				if _, err2 := git_model.RemoveLFSMetaObjectByOid(ctx, repoID, lfsMetaObject.Oid); err2 != nil {
-					return fmt.Errorf("unable to remove failed inserted LFS object %s: %v (Prev Error: %w)", lfsMetaObject.Oid, err2, err)
-				}
-				return err
-			}
+		defer treeObjectContentReader.Close()
+	} else {
+		// If the new is in lfs but the old isn't, read the content from the git object and generate a lfs pointer of it
+		ret.LfsPointer, err = oldEntryBlobPointerBy(lfs.GeneratePointer)
+		if err != nil {
+			return nil, err
+		}
+		ret.LfsContent, err = oldEntry.Blob().DataAsync()
+		if err != nil {
+			return nil, err
 		}
+		treeObjectContentReader = io.NopCloser(strings.NewReader(ret.LfsPointer.StringContent()))
 	}
-
-	return nil
+	ret.ObjectHash, err = t.HashObjectAndWrite(ctx, treeObjectContentReader)
+	if err != nil {
+		return nil, err
+	}
+	return ret, nil
 }
 
 // VerifyBranchProtection verify the branch protection for modifying the given treePath on the given branch
diff --git a/services/repository/files/upload.go b/services/repository/files/upload.go
index 2e4ed1744e..b783cbd01d 100644
--- a/services/repository/files/upload.go
+++ b/services/repository/files/upload.go
@@ -8,14 +8,11 @@ import (
 	"fmt"
 	"os"
 	"path"
-	"strings"
+	"sync"
 
-	git_model "code.gitea.io/gitea/models/git"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/lfs"
-	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/log"
 )
 
 // UploadRepoFileOptions contains the uploaded repository file options
@@ -31,202 +28,84 @@ type UploadRepoFileOptions struct {
 	Committer    *IdentityOptions
 }
 
-type uploadInfo struct {
-	upload        *repo_model.Upload
-	lfsMetaObject *git_model.LFSMetaObject
+type lazyLocalFileReader struct {
+	*os.File
+	localFilename string
+	counter       int
+	mu            sync.Mutex
 }
 
-func cleanUpAfterFailure(ctx context.Context, infos *[]uploadInfo, t *TemporaryUploadRepository, original error) error {
-	for _, info := range *infos {
-		if info.lfsMetaObject == nil {
-			continue
-		}
-		if !info.lfsMetaObject.Existing {
-			if _, err := git_model.RemoveLFSMetaObjectByOid(ctx, t.repo.ID, info.lfsMetaObject.Oid); err != nil {
-				original = fmt.Errorf("%w, %v", original, err) // We wrap the original error - as this is the underlying error that required the fallback
-			}
-		}
-	}
-	return original
-}
-
-// UploadRepoFiles uploads files to the given repository
-func UploadRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, opts *UploadRepoFileOptions) error {
-	if len(opts.Files) == 0 {
-		return nil
-	}
+var _ LazyReadSeeker = (*lazyLocalFileReader)(nil)
 
-	uploads, err := repo_model.GetUploadsByUUIDs(ctx, opts.Files)
-	if err != nil {
-		return fmt.Errorf("GetUploadsByUUIDs [uuids: %v]: %w", opts.Files, err)
-	}
+func (l *lazyLocalFileReader) Close() error {
+	l.mu.Lock()
+	defer l.mu.Unlock()
 
-	names := make([]string, len(uploads))
-	infos := make([]uploadInfo, len(uploads))
-	for i, upload := range uploads {
-		// Check file is not lfs locked, will return nil if lock setting not enabled
-		filepath := path.Join(opts.TreePath, upload.Name)
-		lfsLock, err := git_model.GetTreePathLock(ctx, repo.ID, filepath)
-		if err != nil {
-			return err
-		}
-		if lfsLock != nil && lfsLock.OwnerID != doer.ID {
-			u, err := user_model.GetUserByID(ctx, lfsLock.OwnerID)
-			if err != nil {
-				return err
+	if l.counter > 0 {
+		l.counter--
+		if l.counter == 0 {
+			if err := l.File.Close(); err != nil {
+				return fmt.Errorf("close file %s: %w", l.localFilename, err)
 			}
-			return git_model.ErrLFSFileLocked{RepoID: repo.ID, Path: filepath, UserName: u.Name}
-		}
-
-		names[i] = upload.Name
-		infos[i] = uploadInfo{upload: upload}
-	}
-
-	t, err := NewTemporaryUploadRepository(repo)
-	if err != nil {
-		return err
-	}
-	defer t.Close()
-
-	hasOldBranch := true
-	if err = t.Clone(ctx, opts.OldBranch, true); err != nil {
-		if !git.IsErrBranchNotExist(err) || !repo.IsEmpty {
-			return err
-		}
-		if err = t.Init(ctx, repo.ObjectFormatName); err != nil {
-			return err
-		}
-		hasOldBranch = false
-		opts.LastCommitID = ""
-	}
-	if hasOldBranch {
-		if err = t.SetDefaultIndex(ctx); err != nil {
-			return err
-		}
-	}
-
-	var filename2attribute2info map[string]map[string]string
-	if setting.LFS.StartServer {
-		filename2attribute2info, err = t.gitRepo.CheckAttribute(git.CheckAttributeOpts{
-			Attributes: []string{"filter"},
-			Filenames:  names,
-			CachedOnly: true,
-		})
-		if err != nil {
-			return err
+			l.File = nil
 		}
+		return nil
 	}
+	return fmt.Errorf("file %s already closed", l.localFilename)
+}
 
-	// Copy uploaded files into repository.
-	for i := range infos {
-		if err := copyUploadedLFSFileIntoRepository(ctx, &infos[i], filename2attribute2info, t, opts.TreePath); err != nil {
-			return err
-		}
-	}
+func (l *lazyLocalFileReader) OpenLazyReader() error {
+	l.mu.Lock()
+	defer l.mu.Unlock()
 
-	// Now write the tree
-	treeHash, err := t.WriteTree(ctx)
-	if err != nil {
-		return err
+	if l.File != nil {
+		l.counter++
+		return nil
 	}
 
-	// Now commit the tree
-	commitOpts := &CommitTreeUserOptions{
-		ParentCommitID:    opts.LastCommitID,
-		TreeHash:          treeHash,
-		CommitMessage:     opts.Message,
-		SignOff:           opts.Signoff,
-		DoerUser:          doer,
-		AuthorIdentity:    opts.Author,
-		CommitterIdentity: opts.Committer,
-	}
-	commitHash, err := t.CommitTree(ctx, commitOpts)
+	file, err := os.Open(l.localFilename)
 	if err != nil {
 		return err
 	}
+	l.File = file
+	l.counter = 1
+	return nil
+}
 
-	// Now deal with LFS objects
-	for i := range infos {
-		if infos[i].lfsMetaObject == nil {
-			continue
-		}
-		infos[i].lfsMetaObject, err = git_model.NewLFSMetaObject(ctx, infos[i].lfsMetaObject.RepositoryID, infos[i].lfsMetaObject.Pointer)
-		if err != nil {
-			// OK Now we need to cleanup
-			return cleanUpAfterFailure(ctx, &infos, t, err)
-		}
-		// Don't move the files yet - we need to ensure that
-		// everything can be inserted first
-	}
-
-	// OK now we can insert the data into the store - there's no way to clean up the store
-	// once it's in there, it's in there.
-	contentStore := lfs.NewContentStore()
-	for _, info := range infos {
-		if err := uploadToLFSContentStore(info, contentStore); err != nil {
-			return cleanUpAfterFailure(ctx, &infos, t, err)
-		}
-	}
-
-	// Then push this tree to NewBranch
-	if err := t.Push(ctx, doer, commitHash, opts.NewBranch); err != nil {
-		return err
+// UploadRepoFiles uploads files to the given repository
+func UploadRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, opts *UploadRepoFileOptions) error {
+	if len(opts.Files) == 0 {
+		return nil
 	}
 
-	return repo_model.DeleteUploads(ctx, uploads...)
-}
-
-func copyUploadedLFSFileIntoRepository(ctx context.Context, info *uploadInfo, filename2attribute2info map[string]map[string]string, t *TemporaryUploadRepository, treePath string) error {
-	file, err := os.Open(info.upload.LocalPath())
+	uploads, err := repo_model.GetUploadsByUUIDs(ctx, opts.Files)
 	if err != nil {
-		return err
+		return fmt.Errorf("GetUploadsByUUIDs [uuids: %v]: %w", opts.Files, err)
 	}
-	defer file.Close()
 
-	var objectHash string
-	if setting.LFS.StartServer && filename2attribute2info[info.upload.Name] != nil && filename2attribute2info[info.upload.Name]["filter"] == "lfs" {
-		// Handle LFS
-		// FIXME: Inefficient! this should probably happen in models.Upload
-		pointer, err := lfs.GeneratePointer(file)
-		if err != nil {
-			return err
-		}
-
-		info.lfsMetaObject = &git_model.LFSMetaObject{Pointer: pointer, RepositoryID: t.repo.ID}
-
-		if objectHash, err = t.HashObject(ctx, strings.NewReader(pointer.StringContent())); err != nil {
-			return err
-		}
-	} else if objectHash, err = t.HashObject(ctx, file); err != nil {
-		return err
+	changeOpts := &ChangeRepoFilesOptions{
+		LastCommitID: opts.LastCommitID,
+		OldBranch:    opts.OldBranch,
+		NewBranch:    opts.NewBranch,
+		Message:      opts.Message,
+		Signoff:      opts.Signoff,
+		Author:       opts.Author,
+		Committer:    opts.Committer,
+	}
+	for _, upload := range uploads {
+		changeOpts.Files = append(changeOpts.Files, &ChangeRepoFile{
+			Operation:     "upload",
+			TreePath:      path.Join(opts.TreePath, upload.Name),
+			ContentReader: &lazyLocalFileReader{localFilename: upload.LocalPath()},
+		})
 	}
 
-	// Add the object to the index
-	return t.AddObjectToIndex(ctx, "100644", objectHash, path.Join(treePath, info.upload.Name))
-}
-
-func uploadToLFSContentStore(info uploadInfo, contentStore *lfs.ContentStore) error {
-	if info.lfsMetaObject == nil {
-		return nil
-	}
-	exist, err := contentStore.Exists(info.lfsMetaObject.Pointer)
+	_, err = ChangeRepoFiles(ctx, repo, doer, changeOpts)
 	if err != nil {
 		return err
 	}
-	if !exist {
-		file, err := os.Open(info.upload.LocalPath())
-		if err != nil {
-			return err
-		}
-
-		defer file.Close()
-		// FIXME: Put regenerates the hash and copies the file over.
-		// I guess this strictly ensures the soundness of the store but this is inefficient.
-		if err := contentStore.Put(info.lfsMetaObject.Pointer, file); err != nil {
-			// OK Now we need to cleanup
-			// Can't clean up the store, once uploaded there they're there.
-			return err
-		}
+	if err := repo_model.DeleteUploads(ctx, uploads...); err != nil {
+		log.Error("DeleteUploads: %v", err)
 	}
 	return nil
 }
diff --git a/services/repository/fork.go b/services/repository/fork.go
index 5b1ba7a418..8bd3498b17 100644
--- a/services/repository/fork.go
+++ b/services/repository/fork.go
@@ -65,7 +65,7 @@ func ForkRepository(ctx context.Context, doer, owner *user_model.User, opts Fork
 	}
 
 	// Fork is prohibited, if user has reached maximum limit of repositories
-	if !owner.CanForkRepo() {
+	if !doer.CanForkRepoIn(owner) {
 		return nil, repo_model.ErrReachLimitOfRepo{
 			Limit: owner.MaxRepoCreation,
 		}
@@ -100,114 +100,106 @@ func ForkRepository(ctx context.Context, doer, owner *user_model.User, opts Fork
 		IsFork:           true,
 		ForkID:           opts.BaseRepo.ID,
 		ObjectFormatName: opts.BaseRepo.ObjectFormatName,
+		Status:           repo_model.RepositoryBeingMigrated,
 	}
 
-	oldRepoPath := opts.BaseRepo.RepoPath()
-
-	needsRollback := false
-	rollbackFn := func() {
-		if !needsRollback {
-			return
-		}
-
-		if exists, _ := gitrepo.IsRepositoryExist(ctx, repo); !exists {
-			return
-		}
-
-		// As the transaction will be failed and hence database changes will be destroyed we only need
-		// to delete the related repository on the filesystem
-		if errDelete := gitrepo.DeleteRepository(ctx, repo); errDelete != nil {
-			log.Error("Failed to remove fork repo")
-		}
-	}
-
-	needsRollbackInPanic := true
-	defer func() {
-		panicErr := recover()
-		if panicErr == nil {
-			return
-		}
-
-		if needsRollbackInPanic {
-			rollbackFn()
-		}
-		panic(panicErr)
-	}()
-
-	err = db.WithTx(ctx, func(txCtx context.Context) error {
-		if err = CreateRepositoryByExample(txCtx, doer, owner, repo, false, true); err != nil {
+	// 1 - Create the repository in the database
+	err = db.WithTx(ctx, func(ctx context.Context) error {
+		if err = createRepositoryInDB(ctx, doer, owner, repo, true); err != nil {
 			return err
 		}
-
-		if err = repo_model.IncrementRepoForkNum(txCtx, opts.BaseRepo.ID); err != nil {
+		if err = repo_model.IncrementRepoForkNum(ctx, opts.BaseRepo.ID); err != nil {
 			return err
 		}
 
 		// copy lfs files failure should not be ignored
-		if err = git_model.CopyLFS(txCtx, repo, opts.BaseRepo); err != nil {
-			return err
-		}
-
-		needsRollback = true
+		return git_model.CopyLFS(ctx, repo, opts.BaseRepo)
+	})
+	if err != nil {
+		return nil, err
+	}
 
-		cloneCmd := git.NewCommand("clone", "--bare")
-		if opts.SingleBranch != "" {
-			cloneCmd.AddArguments("--single-branch", "--branch").AddDynamicArguments(opts.SingleBranch)
-		}
-		if stdout, _, err := cloneCmd.AddDynamicArguments(oldRepoPath, repo.RepoPath()).
-			RunStdBytes(txCtx, &git.RunOpts{Timeout: 10 * time.Minute}); err != nil {
-			log.Error("Fork Repository (git clone) Failed for %v (from %v):\nStdout: %s\nError: %v", repo, opts.BaseRepo, stdout, err)
-			return fmt.Errorf("git clone: %w", err)
+	// last - clean up if something goes wrong
+	// WARNING: Don't override all later err with local variables
+	defer func() {
+		if err != nil {
+			// we can not use the ctx because it maybe canceled or timeout
+			cleanupRepository(repo.ID)
 		}
+	}()
 
-		if err := repo_module.CheckDaemonExportOK(txCtx, repo); err != nil {
-			return fmt.Errorf("checkDaemonExportOK: %w", err)
+	// 2 - check whether the repository with the same storage exists
+	var isExist bool
+	isExist, err = gitrepo.IsRepositoryExist(ctx, repo)
+	if err != nil {
+		log.Error("Unable to check if %s exists. Error: %v", repo.FullName(), err)
+		return nil, err
+	}
+	if isExist {
+		log.Error("Files already exist in %s and we are not going to adopt or delete.", repo.FullName())
+		// Don't return directly, we need err in defer to cleanupRepository
+		err = repo_model.ErrRepoFilesAlreadyExist{
+			Uname: repo.OwnerName,
+			Name:  repo.Name,
 		}
+		return nil, err
+	}
 
-		if stdout, _, err := git.NewCommand("update-server-info").
-			RunStdString(txCtx, &git.RunOpts{Dir: repo.RepoPath()}); err != nil {
-			log.Error("Fork Repository (git update-server-info) failed for %v:\nStdout: %s\nError: %v", repo, stdout, err)
-			return fmt.Errorf("git update-server-info: %w", err)
-		}
+	// 3 - Clone the repository
+	cloneCmd := git.NewCommand("clone", "--bare")
+	if opts.SingleBranch != "" {
+		cloneCmd.AddArguments("--single-branch", "--branch").AddDynamicArguments(opts.SingleBranch)
+	}
+	var stdout []byte
+	if stdout, _, err = cloneCmd.AddDynamicArguments(opts.BaseRepo.RepoPath(), repo.RepoPath()).
+		RunStdBytes(ctx, &git.RunOpts{Timeout: 10 * time.Minute}); err != nil {
+		log.Error("Fork Repository (git clone) Failed for %v (from %v):\nStdout: %s\nError: %v", repo, opts.BaseRepo, stdout, err)
+		return nil, fmt.Errorf("git clone: %w", err)
+	}
 
-		if err = gitrepo.CreateDelegateHooks(ctx, repo); err != nil {
-			return fmt.Errorf("createDelegateHooks: %w", err)
-		}
+	// 4 - Update the git repository
+	if err = updateGitRepoAfterCreate(ctx, repo); err != nil {
+		return nil, fmt.Errorf("updateGitRepoAfterCreate: %w", err)
+	}
 
-		gitRepo, err := gitrepo.OpenRepository(txCtx, repo)
-		if err != nil {
-			return fmt.Errorf("OpenRepository: %w", err)
-		}
-		defer gitRepo.Close()
+	// 5 - Create hooks
+	if err = gitrepo.CreateDelegateHooks(ctx, repo); err != nil {
+		return nil, fmt.Errorf("createDelegateHooks: %w", err)
+	}
 
-		_, err = repo_module.SyncRepoBranchesWithRepo(txCtx, repo, gitRepo, doer.ID)
-		return err
-	})
-	needsRollbackInPanic = false
+	// 6 - Sync the repository branches and tags
+	var gitRepo *git.Repository
+	gitRepo, err = gitrepo.OpenRepository(ctx, repo)
 	if err != nil {
-		rollbackFn()
-		return nil, err
+		return nil, fmt.Errorf("OpenRepository: %w", err)
 	}
+	defer gitRepo.Close()
 
+	if _, err = repo_module.SyncRepoBranchesWithRepo(ctx, repo, gitRepo, doer.ID); err != nil {
+		return nil, fmt.Errorf("SyncRepoBranchesWithRepo: %w", err)
+	}
+	if err = repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
+		return nil, fmt.Errorf("Sync releases from git tags failed: %v", err)
+	}
+
+	// 7 - Update the repository
 	// even if below operations failed, it could be ignored. And they will be retried
-	if err := repo_module.UpdateRepoSize(ctx, repo); err != nil {
+	if err = repo_module.UpdateRepoSize(ctx, repo); err != nil {
 		log.Error("Failed to update size for repository: %v", err)
+		err = nil
 	}
-	if err := repo_model.CopyLanguageStat(ctx, opts.BaseRepo, repo); err != nil {
+	if err = repo_model.CopyLanguageStat(ctx, opts.BaseRepo, repo); err != nil {
 		log.Error("Copy language stat from oldRepo failed: %v", err)
+		err = nil
 	}
-	if err := repo_model.CopyLicense(ctx, opts.BaseRepo, repo); err != nil {
+	if err = repo_model.CopyLicense(ctx, opts.BaseRepo, repo); err != nil {
 		return nil, err
 	}
 
-	gitRepo, err := gitrepo.OpenRepository(ctx, repo)
-	if err != nil {
-		log.Error("Open created git repository failed: %v", err)
-	} else {
-		defer gitRepo.Close()
-		if err := repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
-			log.Error("Sync releases from git tags failed: %v", err)
-		}
+	// 8 - update repository status to be ready
+	repo.Status = repo_model.RepositoryReady
+	if err = repo_model.UpdateRepositoryColsWithAutoTime(ctx, repo, "status"); err != nil {
+		return nil, fmt.Errorf("UpdateRepositoryCols: %w", err)
 	}
 
 	notify_service.ForkRepository(ctx, doer, opts.BaseRepo, repo)
@@ -217,7 +209,7 @@ func ForkRepository(ctx context.Context, doer, owner *user_model.User, opts Fork
 
 // ConvertForkToNormalRepository convert the provided repo from a forked repo to normal repo
 func ConvertForkToNormalRepository(ctx context.Context, repo *repo_model.Repository) error {
-	err := db.WithTx(ctx, func(ctx context.Context) error {
+	return db.WithTx(ctx, func(ctx context.Context) error {
 		repo, err := repo_model.GetRepositoryByID(ctx, repo.ID)
 		if err != nil {
 			return err
@@ -234,16 +226,8 @@ func ConvertForkToNormalRepository(ctx context.Context, repo *repo_model.Reposit
 
 		repo.IsFork = false
 		repo.ForkID = 0
-
-		if err := repo_module.UpdateRepository(ctx, repo, false); err != nil {
-			log.Error("Unable to update repository %-v whilst converting from fork. Error: %v", repo, err)
-			return err
-		}
-
-		return nil
+		return repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_fork", "fork_id")
 	})
-
-	return err
 }
 
 type findForksOptions struct {
diff --git a/services/repository/fork_test.go b/services/repository/fork_test.go
index 452798b25b..5375f79028 100644
--- a/services/repository/fork_test.go
+++ b/services/repository/fork_test.go
@@ -4,13 +4,17 @@
 package repository
 
 import (
+	"os"
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -35,7 +39,7 @@ func TestForkRepository(t *testing.T) {
 	assert.False(t, repo_model.IsErrReachLimitOfRepo(err))
 
 	// change AllowForkWithoutMaximumLimit to false for the test
-	setting.Repository.AllowForkWithoutMaximumLimit = false
+	defer test.MockVariableValue(&setting.Repository.AllowForkWithoutMaximumLimit, false)()
 	// user has reached maximum limit of repositories
 	user.MaxRepoCreation = 0
 	fork2, err := ForkRepository(git.DefaultContext, user, user, ForkRepoOptions{
@@ -46,3 +50,43 @@ func TestForkRepository(t *testing.T) {
 	assert.Nil(t, fork2)
 	assert.True(t, repo_model.IsErrReachLimitOfRepo(err))
 }
+
+func TestForkRepositoryCleanup(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	// a successful fork
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	repo10 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 10})
+
+	fork, err := ForkRepository(git.DefaultContext, user2, user2, ForkRepoOptions{
+		BaseRepo: repo10,
+		Name:     "test",
+	})
+	assert.NoError(t, err)
+	assert.NotNil(t, fork)
+
+	exist, err := util.IsExist(repo_model.RepoPath(user2.Name, "test"))
+	assert.NoError(t, err)
+	assert.True(t, exist)
+
+	err = DeleteRepositoryDirectly(db.DefaultContext, fork.ID)
+	assert.NoError(t, err)
+
+	// a failed creating because some mock data
+	// create the repository directory so that the creation will fail after database record created.
+	assert.NoError(t, os.MkdirAll(repo_model.RepoPath(user2.Name, "test"), os.ModePerm))
+
+	fork2, err := ForkRepository(db.DefaultContext, user2, user2, ForkRepoOptions{
+		BaseRepo: repo10,
+		Name:     "test",
+	})
+	assert.Nil(t, fork2)
+	assert.Error(t, err)
+
+	// assert the cleanup is successful
+	unittest.AssertNotExistsBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: "test"})
+
+	exist, err = util.IsExist(repo_model.RepoPath(user2.Name, "test"))
+	assert.NoError(t, err)
+	assert.False(t, exist)
+}
diff --git a/services/repository/generate.go b/services/repository/generate.go
index 9d2bbb1f7f..867b5d7855 100644
--- a/services/repository/generate.go
+++ b/services/repository/generate.go
@@ -17,11 +17,11 @@ import (
 
 	git_model "code.gitea.io/gitea/models/git"
 	repo_model "code.gitea.io/gitea/models/repo"
-	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/log"
 	repo_module "code.gitea.io/gitea/modules/repository"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/gobwas/glob"
@@ -42,10 +42,8 @@ type expansion struct {
 var defaultTransformers = []transformer{
 	{Name: "SNAKE", Transform: xstrings.ToSnakeCase},
 	{Name: "KEBAB", Transform: xstrings.ToKebabCase},
-	{Name: "CAMEL", Transform: func(str string) string {
-		return xstrings.FirstRuneToLower(xstrings.ToCamelCase(str))
-	}},
-	{Name: "PASCAL", Transform: xstrings.ToCamelCase},
+	{Name: "CAMEL", Transform: xstrings.ToCamelCase},
+	{Name: "PASCAL", Transform: xstrings.ToPascalCase},
 	{Name: "LOWER", Transform: strings.ToLower},
 	{Name: "UPPER", Transform: strings.ToUpper},
 	{Name: "TITLE", Transform: util.ToTitleCase},
@@ -255,48 +253,35 @@ func generateRepoCommit(ctx context.Context, repo, templateRepo, generateRepo *r
 	return initRepoCommit(ctx, tmpDir, repo, repo.Owner, defaultBranch)
 }
 
-func generateGitContent(ctx context.Context, repo, templateRepo, generateRepo *repo_model.Repository) (err error) {
-	tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-"+repo.Name)
+// GenerateGitContent generates git content from a template repository
+func GenerateGitContent(ctx context.Context, templateRepo, generateRepo *repo_model.Repository) (err error) {
+	tmpDir, cleanup, err := setting.AppDataTempDir("git-repo-content").MkdirTempRandom("gitea-" + generateRepo.Name)
 	if err != nil {
-		return fmt.Errorf("Failed to create temp dir for repository %s: %w", repo.FullName(), err)
+		return fmt.Errorf("failed to create temp dir for repository %s: %w", generateRepo.FullName(), err)
 	}
+	defer cleanup()
 
-	defer func() {
-		if err := util.RemoveAll(tmpDir); err != nil {
-			log.Error("RemoveAll: %v", err)
-		}
-	}()
-
-	if err = generateRepoCommit(ctx, repo, templateRepo, generateRepo, tmpDir); err != nil {
+	if err = generateRepoCommit(ctx, generateRepo, templateRepo, generateRepo, tmpDir); err != nil {
 		return fmt.Errorf("generateRepoCommit: %w", err)
 	}
 
 	// re-fetch repo
-	if repo, err = repo_model.GetRepositoryByID(ctx, repo.ID); err != nil {
+	if generateRepo, err = repo_model.GetRepositoryByID(ctx, generateRepo.ID); err != nil {
 		return fmt.Errorf("getRepositoryByID: %w", err)
 	}
 
 	// if there was no default branch supplied when generating the repo, use the default one from the template
-	if strings.TrimSpace(repo.DefaultBranch) == "" {
-		repo.DefaultBranch = templateRepo.DefaultBranch
+	if strings.TrimSpace(generateRepo.DefaultBranch) == "" {
+		generateRepo.DefaultBranch = templateRepo.DefaultBranch
 	}
 
-	if err = gitrepo.SetDefaultBranch(ctx, repo, repo.DefaultBranch); err != nil {
+	if err = gitrepo.SetDefaultBranch(ctx, generateRepo, generateRepo.DefaultBranch); err != nil {
 		return fmt.Errorf("setDefaultBranch: %w", err)
 	}
-	if err = UpdateRepository(ctx, repo, false); err != nil {
+	if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, generateRepo, "default_branch"); err != nil {
 		return fmt.Errorf("updateRepository: %w", err)
 	}
 
-	return nil
-}
-
-// GenerateGitContent generates git content from a template repository
-func GenerateGitContent(ctx context.Context, templateRepo, generateRepo *repo_model.Repository) error {
-	if err := generateGitContent(ctx, generateRepo, templateRepo, generateRepo); err != nil {
-		return err
-	}
-
 	if err := repo_module.UpdateRepoSize(ctx, generateRepo); err != nil {
 		return fmt.Errorf("failed to update size for repository: %w", err)
 	}
@@ -328,57 +313,6 @@ func (gro GenerateRepoOptions) IsValid() bool {
 		gro.IssueLabels || gro.ProtectedBranch // or other items as they are added
 }
 
-// generateRepository generates a repository from a template
-func generateRepository(ctx context.Context, doer, owner *user_model.User, templateRepo *repo_model.Repository, opts GenerateRepoOptions) (_ *repo_model.Repository, err error) {
-	generateRepo := &repo_model.Repository{
-		OwnerID:          owner.ID,
-		Owner:            owner,
-		OwnerName:        owner.Name,
-		Name:             opts.Name,
-		LowerName:        strings.ToLower(opts.Name),
-		Description:      opts.Description,
-		DefaultBranch:    opts.DefaultBranch,
-		IsPrivate:        opts.Private,
-		IsEmpty:          !opts.GitContent || templateRepo.IsEmpty,
-		IsFsckEnabled:    templateRepo.IsFsckEnabled,
-		TemplateID:       templateRepo.ID,
-		TrustModel:       templateRepo.TrustModel,
-		ObjectFormatName: templateRepo.ObjectFormatName,
-	}
-
-	if err = CreateRepositoryByExample(ctx, doer, owner, generateRepo, false, false); err != nil {
-		return nil, err
-	}
-
-	isExist, err := gitrepo.IsRepositoryExist(ctx, generateRepo)
-	if err != nil {
-		log.Error("Unable to check if %s exists. Error: %v", generateRepo.FullName(), err)
-		return nil, err
-	}
-	if isExist {
-		return nil, repo_model.ErrRepoFilesAlreadyExist{
-			Uname: generateRepo.OwnerName,
-			Name:  generateRepo.Name,
-		}
-	}
-
-	if err = repo_module.CheckInitRepository(ctx, generateRepo); err != nil {
-		return generateRepo, err
-	}
-
-	if err = repo_module.CheckDaemonExportOK(ctx, generateRepo); err != nil {
-		return generateRepo, fmt.Errorf("checkDaemonExportOK: %w", err)
-	}
-
-	if stdout, _, err := git.NewCommand("update-server-info").
-		RunStdString(ctx, &git.RunOpts{Dir: generateRepo.RepoPath()}); err != nil {
-		log.Error("GenerateRepository(git update-server-info) in %v: Stdout: %s\nError: %v", generateRepo, stdout, err)
-		return generateRepo, fmt.Errorf("error in GenerateRepository(git update-server-info): %w", err)
-	}
-
-	return generateRepo, nil
-}
-
 var fileNameSanitizeRegexp = regexp.MustCompile(`(?i)\.\.|[<>:\"/\\|?*\x{0000}-\x{001F}]|^(con|prn|aux|nul|com\d|lpt\d)$`)
 
 // Sanitize user input to valid OS filenames
diff --git a/services/repository/generate_test.go b/services/repository/generate_test.go
index b0f97d0ffb..1163c392c9 100644
--- a/services/repository/generate_test.go
+++ b/services/repository/generate_test.go
@@ -7,6 +7,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 var giteaTemplate = []byte(`
@@ -65,3 +66,26 @@ func TestFileNameSanitize(t *testing.T) {
 	assert.Equal(t, "_", fileNameSanitize("\u0000"))
 	assert.Equal(t, "目标", fileNameSanitize("目标"))
 }
+
+func TestTransformers(t *testing.T) {
+	cases := []struct {
+		name     string
+		expected string
+	}{
+		{"SNAKE", "abc_def_xyz"},
+		{"KEBAB", "abc-def-xyz"},
+		{"CAMEL", "abcDefXyz"},
+		{"PASCAL", "AbcDefXyz"},
+		{"LOWER", "abc_def-xyz"},
+		{"UPPER", "ABC_DEF-XYZ"},
+		{"TITLE", "Abc_def-Xyz"},
+	}
+
+	input := "Abc_Def-XYZ"
+	assert.Len(t, defaultTransformers, len(cases))
+	for i, c := range cases {
+		tf := defaultTransformers[i]
+		require.Equal(t, c.name, tf.Name)
+		assert.Equal(t, c.expected, tf.Transform(input), "case %s", c.name)
+	}
+}
diff --git a/services/repository/gitgraph/graph_models.go b/services/repository/gitgraph/graph_models.go
index c45662836b..02b0268cd9 100644
--- a/services/repository/gitgraph/graph_models.go
+++ b/services/repository/gitgraph/graph_models.go
@@ -121,7 +121,7 @@ func (graph *Graph) LoadAndProcessCommits(ctx context.Context, repository *repo_
 			return repo_model.IsOwnerMemberCollaborator(ctx, repository, user.ID)
 		}, &keyMap)
 
-		statuses, _, err := git_model.GetLatestCommitStatus(ctx, repository.ID, c.Commit.ID.String(), db.ListOptions{})
+		statuses, err := git_model.GetLatestCommitStatus(ctx, repository.ID, c.Commit.ID.String(), db.ListOptionsAll)
 		if err != nil {
 			log.Error("GetLatestCommitStatus: %v", err)
 		} else {
@@ -232,8 +232,8 @@ func newRefsFromRefNames(refNames []byte) []git.Reference {
 			continue
 		}
 		refName := string(refNameBytes)
-		if strings.HasPrefix(refName, "tag: ") {
-			refName = strings.TrimPrefix(refName, "tag: ")
+		if after, ok := strings.CutPrefix(refName, "tag: "); ok {
+			refName = after
 		} else {
 			refName = strings.TrimPrefix(refName, "HEAD -> ")
 		}
diff --git a/services/repository/gitgraph/graph_test.go b/services/repository/gitgraph/graph_test.go
index 4c48b94aa2..93fa1aec6a 100644
--- a/services/repository/gitgraph/graph_test.go
+++ b/services/repository/gitgraph/graph_test.go
@@ -6,6 +6,7 @@ package gitgraph
 import (
 	"bytes"
 	"fmt"
+	"slices"
 	"strings"
 	"testing"
 
@@ -117,13 +118,7 @@ func TestReleaseUnusedColors(t *testing.T) {
 		if parser.firstAvailable == -1 {
 			// All in use
 			for _, color := range parser.availableColors {
-				found := false
-				for _, oldColor := range parser.oldColors {
-					if oldColor == color {
-						found = true
-						break
-					}
-				}
+				found := slices.Contains(parser.oldColors, color)
 				if !found {
 					t.Errorf("In testcase:\n%d\t%d\t%d %d =>\n%d\t%d\t%d %d: %d should be available but is not",
 						testcase.availableColors,
@@ -141,13 +136,7 @@ func TestReleaseUnusedColors(t *testing.T) {
 			// Some in use
 			for i := parser.firstInUse; i != parser.firstAvailable; i = (i + 1) % len(parser.availableColors) {
 				color := parser.availableColors[i]
-				found := false
-				for _, oldColor := range parser.oldColors {
-					if oldColor == color {
-						found = true
-						break
-					}
-				}
+				found := slices.Contains(parser.oldColors, color)
 				if !found {
 					t.Errorf("In testcase:\n%d\t%d\t%d %d =>\n%d\t%d\t%d %d: %d should be available but is not",
 						testcase.availableColors,
@@ -163,13 +152,7 @@ func TestReleaseUnusedColors(t *testing.T) {
 			}
 			for i := parser.firstAvailable; i != parser.firstInUse; i = (i + 1) % len(parser.availableColors) {
 				color := parser.availableColors[i]
-				found := false
-				for _, oldColor := range parser.oldColors {
-					if oldColor == color {
-						found = true
-						break
-					}
-				}
+				found := slices.Contains(parser.oldColors, color)
 				if found {
 					t.Errorf("In testcase:\n%d\t%d\t%d %d =>\n%d\t%d\t%d %d: %d should not be available but is",
 						testcase.availableColors,
diff --git a/services/repository/init.go b/services/repository/init.go
index bd777b8a2f..1eeeb4aa4f 100644
--- a/services/repository/init.go
+++ b/services/repository/init.go
@@ -42,9 +42,12 @@ func initRepoCommit(ctx context.Context, tmpPath string, repo *repo_model.Reposi
 	cmd := git.NewCommand("commit", "--message=Initial commit").
 		AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)
 
-	sign, keyID, signer, _ := asymkey_service.SignInitialCommit(ctx, tmpPath, u)
+	sign, key, signer, _ := asymkey_service.SignInitialCommit(ctx, tmpPath, u)
 	if sign {
-		cmd.AddOptionFormat("-S%s", keyID)
+		if key.Format != "" {
+			cmd.AddConfig("gpg.format", key.Format)
+		}
+		cmd.AddOptionFormat("-S%s", key.KeyID)
 
 		if repo.GetTrustModel() == repo_model.CommitterTrustModel || repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
 			// need to set the committer to the KeyID owner
diff --git a/services/repository/license_test.go b/services/repository/license_test.go
index 9e74a268f5..eb897f3c03 100644
--- a/services/repository/license_test.go
+++ b/services/repository/license_test.go
@@ -4,7 +4,6 @@
 package repository
 
 import (
-	"fmt"
 	"strings"
 	"testing"
 
@@ -45,7 +44,7 @@ func Test_detectLicense(t *testing.T) {
 		assert.NoError(t, err)
 
 		tests = append(tests, DetectLicenseTest{
-			name: fmt.Sprintf("single license test: %s", licenseName),
+			name: "single license test: " + licenseName,
 			arg:  string(license),
 			want: []string{licenseName},
 		})
diff --git a/services/repository/merge_upstream.go b/services/repository/merge_upstream.go
index 34e01df723..8d6f11372c 100644
--- a/services/repository/merge_upstream.go
+++ b/services/repository/merge_upstream.go
@@ -18,7 +18,7 @@ import (
 )
 
 // MergeUpstream merges the base repository's default branch into the fork repository's current branch.
-func MergeUpstream(ctx reqctx.RequestContext, doer *user_model.User, repo *repo_model.Repository, branch string) (mergeStyle string, err error) {
+func MergeUpstream(ctx reqctx.RequestContext, doer *user_model.User, repo *repo_model.Repository, branch string, ffOnly bool) (mergeStyle string, err error) {
 	if err = repo.MustNotBeArchived(); err != nil {
 		return "", err
 	}
@@ -45,6 +45,11 @@ func MergeUpstream(ctx reqctx.RequestContext, doer *user_model.User, repo *repo_
 		return "", err
 	}
 
+	// If ff_only is requested and fast-forward failed, return error
+	if ffOnly {
+		return "", util.NewInvalidArgumentErrorf("fast-forward merge not possible: branch has diverged")
+	}
+
 	// TODO: FakePR: it is somewhat hacky, but it is the only way to "merge" at the moment
 	// ideally in the future the "merge" functions should be refactored to decouple from the PullRequest
 	fakeIssue := &issue_model.Issue{
diff --git a/services/repository/migrate.go b/services/repository/migrate.go
index 5b6feccb8d..0a3dc45339 100644
--- a/services/repository/migrate.go
+++ b/services/repository/migrate.go
@@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/organization"
 	repo_model "code.gitea.io/gitea/models/repo"
+	unit_model "code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
@@ -117,14 +118,8 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 		repo.Owner = u
 	}
 
-	if err := repo_module.CheckDaemonExportOK(ctx, repo); err != nil {
-		return repo, fmt.Errorf("checkDaemonExportOK: %w", err)
-	}
-
-	if stdout, _, err := git.NewCommand("update-server-info").
-		RunStdString(ctx, &git.RunOpts{Dir: repoPath}); err != nil {
-		log.Error("MigrateRepositoryGitData(git update-server-info) in %v: Stdout: %s\nError: %v", repo, stdout, err)
-		return repo, fmt.Errorf("error in MigrateRepositoryGitData(git update-server-info): %w", err)
+	if err := updateGitRepoAfterCreate(ctx, repo); err != nil {
+		return nil, fmt.Errorf("updateGitRepoAfterCreate: %w", err)
 	}
 
 	gitRepo, err := git.OpenRepository(ctx, repoPath)
@@ -141,12 +136,12 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 	if !repo.IsEmpty {
 		if len(repo.DefaultBranch) == 0 {
 			// Try to get HEAD branch and set it as default branch.
-			headBranch, err := gitRepo.GetHEADBranch()
+			headBranchName, err := git.GetDefaultBranch(ctx, repoPath)
 			if err != nil {
 				return repo, fmt.Errorf("GetHEADBranch: %w", err)
 			}
-			if headBranch != nil {
-				repo.DefaultBranch = headBranch.Name
+			if headBranchName != "" {
+				repo.DefaultBranch = headBranchName
 			}
 		}
 
@@ -154,9 +149,9 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 			return repo, fmt.Errorf("SyncRepoBranchesWithRepo: %v", err)
 		}
 
+		// if releases migration are not requested, we will sync all tags here
+		// otherwise, the releases sync will be done out of this function
 		if !opts.Releases {
-			// note: this will greatly improve release (tag) sync
-			// for pull-mirrors with many tags
 			repo.IsMirror = opts.Mirror
 			if err = repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
 				log.Error("Failed to synchronize tags to releases for repository: %v", err)
@@ -225,10 +220,14 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 		}
 
 		repo.IsMirror = true
-		if err = UpdateRepository(ctx, repo, false); err != nil {
+		if err = repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "num_watches", "is_empty", "default_branch", "default_wiki_branch", "is_mirror"); err != nil {
 			return nil, err
 		}
 
+		if err = repo_module.UpdateRepoSize(ctx, repo); err != nil {
+			log.Error("Failed to update size for repository: %v", err)
+		}
+
 		// this is necessary for sync local tags from remote
 		configName := fmt.Sprintf("remote.%s.fetch", mirrorModel.GetRemoteName())
 		if stdout, _, err := git.NewCommand("config").
@@ -246,6 +245,19 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 		}
 	}
 
+	var enableRepoUnits []repo_model.RepoUnit
+	if opts.Releases && !unit_model.TypeReleases.UnitGlobalDisabled() {
+		enableRepoUnits = append(enableRepoUnits, repo_model.RepoUnit{RepoID: repo.ID, Type: unit_model.TypeReleases})
+	}
+	if opts.Wiki && !unit_model.TypeWiki.UnitGlobalDisabled() {
+		enableRepoUnits = append(enableRepoUnits, repo_model.RepoUnit{RepoID: repo.ID, Type: unit_model.TypeWiki})
+	}
+	if len(enableRepoUnits) > 0 {
+		err = UpdateRepositoryUnits(ctx, repo, enableRepoUnits, nil)
+		if err != nil {
+			return nil, err
+		}
+	}
 	return repo, committer.Commit()
 }
 
diff --git a/services/repository/push.go b/services/repository/push.go
index 6d3b9dd252..7c68a7f176 100644
--- a/services/repository/push.go
+++ b/services/repository/push.go
@@ -66,7 +66,7 @@ func PushUpdates(opts []*repo_module.PushUpdateOptions) error {
 
 	for _, opt := range opts {
 		if opt.IsNewRef() && opt.IsDelRef() {
-			return fmt.Errorf("Old and new revisions are both NULL")
+			return errors.New("Old and new revisions are both NULL")
 		}
 	}
 
@@ -232,7 +232,7 @@ func pushUpdates(optsList []*repo_module.PushUpdateOptions) error {
 	}
 
 	if len(addTags)+len(delTags) > 0 {
-		if err := PushUpdateAddDeleteTags(ctx, repo, gitRepo, addTags, delTags); err != nil {
+		if err := PushUpdateAddDeleteTags(ctx, repo, gitRepo, pusher, addTags, delTags); err != nil {
 			return fmt.Errorf("PushUpdateAddDeleteTags: %w", err)
 		}
 	}
@@ -283,7 +283,7 @@ func pushNewBranch(ctx context.Context, repo *repo_model.Repository, pusher *use
 			}
 		}
 		// Update the is empty and default_branch columns
-		if err := repo_model.UpdateRepositoryCols(ctx, repo, "default_branch", "is_empty"); err != nil {
+		if err := repo_model.UpdateRepositoryColsWithAutoTime(ctx, repo, "default_branch", "is_empty"); err != nil {
 			return nil, fmt.Errorf("UpdateRepositoryCols: %w", err)
 		}
 	}
@@ -342,17 +342,17 @@ func pushDeleteBranch(ctx context.Context, repo *repo_model.Repository, pusher *
 }
 
 // PushUpdateAddDeleteTags updates a number of added and delete tags
-func PushUpdateAddDeleteTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, addTags, delTags []string) error {
+func PushUpdateAddDeleteTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, pusher *user_model.User, addTags, delTags []string) error {
 	return db.WithTx(ctx, func(ctx context.Context) error {
-		if err := repo_model.PushUpdateDeleteTagsContext(ctx, repo, delTags); err != nil {
+		if err := repo_model.PushUpdateDeleteTags(ctx, repo, delTags); err != nil {
 			return err
 		}
-		return pushUpdateAddTags(ctx, repo, gitRepo, addTags)
+		return pushUpdateAddTags(ctx, repo, gitRepo, pusher, addTags)
 	})
 }
 
 // pushUpdateAddTags updates a number of add tags
-func pushUpdateAddTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, tags []string) error {
+func pushUpdateAddTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository, pusher *user_model.User, tags []string) error {
 	if len(tags) == 0 {
 		return nil
 	}
@@ -378,14 +378,12 @@ func pushUpdateAddTags(ctx context.Context, repo *repo_model.Repository, gitRepo
 
 	newReleases := make([]*repo_model.Release, 0, len(lowerTags)-len(relMap))
 
-	emailToUser := make(map[string]*user_model.User)
-
 	for i, lowerTag := range lowerTags {
 		tag, err := gitRepo.GetTag(tags[i])
 		if err != nil {
 			return fmt.Errorf("GetTag: %w", err)
 		}
-		commit, err := tag.Commit(gitRepo)
+		commit, err := gitRepo.GetTagCommit(tag.Name)
 		if err != nil {
 			return fmt.Errorf("Commit: %w", err)
 		}
@@ -397,69 +395,42 @@ func pushUpdateAddTags(ctx context.Context, repo *repo_model.Repository, gitRepo
 		if sig == nil {
 			sig = commit.Committer
 		}
-		var author *user_model.User
-		createdAt := time.Unix(1, 0)
 
+		createdAt := time.Unix(1, 0)
 		if sig != nil {
-			var ok bool
-			author, ok = emailToUser[sig.Email]
-			if !ok {
-				author, err = user_model.GetUserByEmail(ctx, sig.Email)
-				if err != nil && !user_model.IsErrUserNotExist(err) {
-					return fmt.Errorf("GetUserByEmail: %w", err)
-				}
-				if author != nil {
-					emailToUser[sig.Email] = author
-				}
-			}
 			createdAt = sig.When
 		}
 
-		commitsCount, err := commit.CommitsCount()
-		if err != nil {
-			return fmt.Errorf("CommitsCount: %w", err)
-		}
-
 		rel, has := relMap[lowerTag]
-
-		parts := strings.SplitN(tag.Message, "\n", 2)
-		note := ""
-		if len(parts) > 1 {
-			note = parts[1]
-		}
+		title, note := git.SplitCommitTitleBody(tag.Message, 255)
 		if !has {
 			rel = &repo_model.Release{
 				RepoID:       repo.ID,
-				Title:        parts[0],
+				Title:        title,
 				TagName:      tags[i],
 				LowerTagName: lowerTag,
 				Target:       "",
 				Sha1:         commit.ID.String(),
-				NumCommits:   commitsCount,
+				NumCommits:   -1, // the commits count will be updated when the UI needs it
 				Note:         note,
 				IsDraft:      false,
 				IsPrerelease: false,
 				IsTag:        true,
+				PublisherID:  pusher.ID,
 				CreatedUnix:  timeutil.TimeStamp(createdAt.Unix()),
 			}
-			if author != nil {
-				rel.PublisherID = author.ID
-			}
 
 			newReleases = append(newReleases, rel)
 		} else {
 			rel.Sha1 = commit.ID.String()
 			rel.CreatedUnix = timeutil.TimeStamp(createdAt.Unix())
-			rel.NumCommits = commitsCount
 			if rel.IsTag {
-				rel.Title = parts[0]
+				rel.Title = title
 				rel.Note = note
-				if author != nil {
-					rel.PublisherID = author.ID
-				}
 			} else {
 				rel.IsDraft = false
 			}
+			rel.PublisherID = pusher.ID
 			if err = repo_model.UpdateRelease(ctx, rel); err != nil {
 				return fmt.Errorf("Update: %w", err)
 			}
diff --git a/services/repository/repo_team.go b/services/repository/repo_team.go
index 672ee49fea..8ea186f8cc 100644
--- a/services/repository/repo_team.go
+++ b/services/repository/repo_team.go
@@ -86,17 +86,9 @@ func RemoveAllRepositoriesFromTeam(ctx context.Context, t *organization.Team) (e
 		return nil
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = removeAllRepositoriesFromTeam(ctx, t); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return removeAllRepositoriesFromTeam(ctx, t)
+	})
 }
 
 // removeAllRepositoriesFromTeam removes all repositories from team and recalculates access
@@ -167,17 +159,9 @@ func RemoveRepositoryFromTeam(ctx context.Context, t *organization.Team, repoID
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = removeRepositoryFromTeam(ctx, t, repo, true); err != nil {
-		return err
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		return removeRepositoryFromTeam(ctx, t, repo, true)
+	})
 }
 
 // removeRepositoryFromTeam removes a repository from a team and recalculates access
diff --git a/services/repository/repository.go b/services/repository/repository.go
index fcc617979e..e574dc6c01 100644
--- a/services/repository/repository.go
+++ b/services/repository/repository.go
@@ -5,22 +5,29 @@ package repository
 
 import (
 	"context"
+	"errors"
 	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
 
+	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/organization"
+	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
-	system_model "code.gitea.io/gitea/models/system"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/graceful"
+	issue_indexer "code.gitea.io/gitea/modules/indexer/issues"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/queue"
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	notify_service "code.gitea.io/gitea/services/notify"
 	pull_service "code.gitea.io/gitea/services/pull"
 )
@@ -40,7 +47,7 @@ type WebSearchResults struct {
 
 // CreateRepository creates a repository for the user/organization.
 func CreateRepository(ctx context.Context, doer, owner *user_model.User, opts CreateRepoOptions) (*repo_model.Repository, error) {
-	repo, err := CreateRepositoryDirectly(ctx, doer, owner, opts)
+	repo, err := CreateRepositoryDirectly(ctx, doer, owner, opts, true)
 	if err != nil {
 		// No need to rollback here we should do this in CreateRepository...
 		return nil, err
@@ -62,7 +69,7 @@ func DeleteRepository(ctx context.Context, doer *user_model.User, repo *repo_mod
 		notify_service.DeleteRepository(ctx, doer, repo)
 	}
 
-	return DeleteRepositoryDirectly(ctx, doer, repo.ID)
+	return DeleteRepositoryDirectly(ctx, repo.ID)
 }
 
 // PushCreateRepo creates a repository when a new repository is pushed to an appropriate namespace
@@ -72,10 +79,10 @@ func PushCreateRepo(ctx context.Context, authUser, owner *user_model.User, repoN
 			if ok, err := organization.CanCreateOrgRepo(ctx, owner.ID, authUser.ID); err != nil {
 				return nil, err
 			} else if !ok {
-				return nil, fmt.Errorf("cannot push-create repository for org")
+				return nil, errors.New("cannot push-create repository for org")
 			}
 		} else if authUser.ID != owner.ID {
-			return nil, fmt.Errorf("cannot push-create repository for another user")
+			return nil, errors.New("cannot push-create repository for another user")
 		}
 	}
 
@@ -94,15 +101,13 @@ func PushCreateRepo(ctx context.Context, authUser, owner *user_model.User, repoN
 func Init(ctx context.Context) error {
 	licenseUpdaterQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "repo_license_updater", repoLicenseUpdater)
 	if licenseUpdaterQueue == nil {
-		return fmt.Errorf("unable to create repo_license_updater queue")
+		return errors.New("unable to create repo_license_updater queue")
 	}
 	go graceful.GetManager().RunWithCancel(licenseUpdaterQueue)
 
 	if err := repo_module.LoadRepoConfig(); err != nil {
 		return err
 	}
-	system_model.RemoveAllWithNotice(ctx, "Clean up temporary repository uploads", setting.Repository.Upload.TempPath)
-	system_model.RemoveAllWithNotice(ctx, "Clean up temporary repositories", repo_module.LocalCopyPath())
 	if err := initPushQueue(); err != nil {
 		return err
 	}
@@ -111,42 +116,107 @@ func Init(ctx context.Context) error {
 
 // UpdateRepository updates a repository
 func UpdateRepository(ctx context.Context, repo *repo_model.Repository, visibilityChanged bool) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	if err = repo_module.UpdateRepository(ctx, repo, visibilityChanged); err != nil {
-		return fmt.Errorf("updateRepository: %w", err)
-	}
-
-	return committer.Commit()
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		if err = updateRepository(ctx, repo, visibilityChanged); err != nil {
+			return fmt.Errorf("updateRepository: %w", err)
+		}
+		return nil
+	})
 }
 
-func UpdateRepositoryVisibility(ctx context.Context, repo *repo_model.Repository, isPrivate bool) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
+func MakeRepoPublic(ctx context.Context, repo *repo_model.Repository) (err error) {
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		repo.IsPrivate = false
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_private"); err != nil {
+			return err
+		}
 
-	defer committer.Close()
+		if err = repo.LoadOwner(ctx); err != nil {
+			return fmt.Errorf("LoadOwner: %w", err)
+		}
+		if repo.Owner.IsOrganization() {
+			// Organization repository need to recalculate access table when visibility is changed.
+			if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
+				return fmt.Errorf("recalculateTeamAccesses: %w", err)
+			}
+		}
 
-	repo.IsPrivate = isPrivate
+		// Create/Remove git-daemon-export-ok for git-daemon...
+		if err := checkDaemonExportOK(ctx, repo); err != nil {
+			return err
+		}
 
-	if err = repo_module.UpdateRepository(ctx, repo, true); err != nil {
-		return fmt.Errorf("UpdateRepositoryVisibility: %w", err)
-	}
+		forkRepos, err := repo_model.GetRepositoriesByForkID(ctx, repo.ID)
+		if err != nil {
+			return fmt.Errorf("getRepositoriesByForkID: %w", err)
+		}
 
-	return committer.Commit()
-}
+		if repo.Owner.Visibility != structs.VisibleTypePrivate {
+			for i := range forkRepos {
+				if err = MakeRepoPublic(ctx, forkRepos[i]); err != nil {
+					return fmt.Errorf("MakeRepoPublic[%d]: %w", forkRepos[i].ID, err)
+				}
+			}
+		}
 
-func MakeRepoPublic(ctx context.Context, repo *repo_model.Repository) (err error) {
-	return UpdateRepositoryVisibility(ctx, repo, false)
+		// If visibility is changed, we need to update the issue indexer.
+		// Since the data in the issue indexer have field to indicate if the repo is public or not.
+		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
+
+		return nil
+	})
 }
 
 func MakeRepoPrivate(ctx context.Context, repo *repo_model.Repository) (err error) {
-	return UpdateRepositoryVisibility(ctx, repo, true)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		repo.IsPrivate = true
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "is_private"); err != nil {
+			return err
+		}
+
+		if err = repo.LoadOwner(ctx); err != nil {
+			return fmt.Errorf("LoadOwner: %w", err)
+		}
+		if repo.Owner.IsOrganization() {
+			// Organization repository need to recalculate access table when visibility is changed.
+			if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
+				return fmt.Errorf("recalculateTeamAccesses: %w", err)
+			}
+		}
+
+		// If repo has become private, we need to set its actions to private.
+		_, err = db.GetEngine(ctx).Where("repo_id = ?", repo.ID).Cols("is_private").Update(&activities_model.Action{
+			IsPrivate: true,
+		})
+		if err != nil {
+			return err
+		}
+
+		if err = repo_model.ClearRepoStars(ctx, repo.ID); err != nil {
+			return err
+		}
+
+		// Create/Remove git-daemon-export-ok for git-daemon...
+		if err := checkDaemonExportOK(ctx, repo); err != nil {
+			return err
+		}
+
+		forkRepos, err := repo_model.GetRepositoriesByForkID(ctx, repo.ID)
+		if err != nil {
+			return fmt.Errorf("getRepositoriesByForkID: %w", err)
+		}
+		for i := range forkRepos {
+			if err = MakeRepoPrivate(ctx, forkRepos[i]); err != nil {
+				return fmt.Errorf("MakeRepoPrivate[%d]: %w", forkRepos[i].ID, err)
+			}
+		}
+
+		// If visibility is changed, we need to update the issue indexer.
+		// Since the data in the issue indexer have field to indicate if the repo is public or not.
+		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
+
+		return nil
+	})
 }
 
 // LinkedRepository returns the linked repo if any
@@ -172,3 +242,97 @@ func LinkedRepository(ctx context.Context, a *repo_model.Attachment) (*repo_mode
 	}
 	return nil, -1, nil
 }
+
+// checkDaemonExportOK creates/removes git-daemon-export-ok for git-daemon...
+func checkDaemonExportOK(ctx context.Context, repo *repo_model.Repository) error {
+	if err := repo.LoadOwner(ctx); err != nil {
+		return err
+	}
+
+	// Create/Remove git-daemon-export-ok for git-daemon...
+	daemonExportFile := filepath.Join(repo.RepoPath(), `git-daemon-export-ok`)
+
+	isExist, err := util.IsExist(daemonExportFile)
+	if err != nil {
+		log.Error("Unable to check if %s exists. Error: %v", daemonExportFile, err)
+		return err
+	}
+
+	isPublic := !repo.IsPrivate && repo.Owner.Visibility == structs.VisibleTypePublic
+	if !isPublic && isExist {
+		if err = util.Remove(daemonExportFile); err != nil {
+			log.Error("Failed to remove %s: %v", daemonExportFile, err)
+		}
+	} else if isPublic && !isExist {
+		if f, err := os.Create(daemonExportFile); err != nil {
+			log.Error("Failed to create %s: %v", daemonExportFile, err)
+		} else {
+			f.Close()
+		}
+	}
+
+	return nil
+}
+
+// updateRepository updates a repository with db context
+func updateRepository(ctx context.Context, repo *repo_model.Repository, visibilityChanged bool) (err error) {
+	repo.LowerName = strings.ToLower(repo.Name)
+
+	e := db.GetEngine(ctx)
+
+	if _, err = e.ID(repo.ID).NoAutoTime().AllCols().Update(repo); err != nil {
+		return fmt.Errorf("update: %w", err)
+	}
+
+	if err = repo_module.UpdateRepoSize(ctx, repo); err != nil {
+		log.Error("Failed to update size for repository: %v", err)
+	}
+
+	if visibilityChanged {
+		if err = repo.LoadOwner(ctx); err != nil {
+			return fmt.Errorf("LoadOwner: %w", err)
+		}
+		if repo.Owner.IsOrganization() {
+			// Organization repository need to recalculate access table when visibility is changed.
+			if err = access_model.RecalculateTeamAccesses(ctx, repo, 0); err != nil {
+				return fmt.Errorf("recalculateTeamAccesses: %w", err)
+			}
+		}
+
+		// If repo has become private, we need to set its actions to private.
+		if repo.IsPrivate {
+			_, err = e.Where("repo_id = ?", repo.ID).Cols("is_private").Update(&activities_model.Action{
+				IsPrivate: true,
+			})
+			if err != nil {
+				return err
+			}
+
+			if err = repo_model.ClearRepoStars(ctx, repo.ID); err != nil {
+				return err
+			}
+		}
+
+		// Create/Remove git-daemon-export-ok for git-daemon...
+		if err := checkDaemonExportOK(ctx, repo); err != nil {
+			return err
+		}
+
+		forkRepos, err := repo_model.GetRepositoriesByForkID(ctx, repo.ID)
+		if err != nil {
+			return fmt.Errorf("getRepositoriesByForkID: %w", err)
+		}
+		for i := range forkRepos {
+			forkRepos[i].IsPrivate = repo.IsPrivate || repo.Owner.Visibility == structs.VisibleTypePrivate
+			if err = updateRepository(ctx, forkRepos[i], true); err != nil {
+				return fmt.Errorf("updateRepository[%d]: %w", forkRepos[i].ID, err)
+			}
+		}
+
+		// If visibility is changed, we need to update the issue indexer.
+		// Since the data in the issue indexer have field to indicate if the repo is public or not.
+		issue_indexer.UpdateRepoIndexer(ctx, repo.ID)
+	}
+
+	return nil
+}
diff --git a/services/repository/repository_test.go b/services/repository/repository_test.go
index 892a11a23e..8f9fdf8fa1 100644
--- a/services/repository/repository_test.go
+++ b/services/repository/repository_test.go
@@ -6,6 +6,7 @@ package repository
 import (
 	"testing"
 
+	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
@@ -40,3 +41,23 @@ func TestLinkedRepository(t *testing.T) {
 		})
 	}
 }
+
+func TestUpdateRepositoryVisibilityChanged(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+
+	// Get sample repo and change visibility
+	repo, err := repo_model.GetRepositoryByID(db.DefaultContext, 9)
+	assert.NoError(t, err)
+	repo.IsPrivate = true
+
+	// Update it
+	err = updateRepository(db.DefaultContext, repo, true)
+	assert.NoError(t, err)
+
+	// Check visibility of action has become private
+	act := activities_model.Action{}
+	_, err = db.GetEngine(db.DefaultContext).ID(3).Get(&act)
+
+	assert.NoError(t, err)
+	assert.True(t, act.IsPrivate)
+}
diff --git a/services/repository/setting.go b/services/repository/setting.go
index e0c787dd2d..b6873691eb 100644
--- a/services/repository/setting.go
+++ b/services/repository/setting.go
@@ -16,41 +16,37 @@ import (
 
 // UpdateRepositoryUnits updates a repository's units
 func UpdateRepositoryUnits(ctx context.Context, repo *repo_model.Repository, units []repo_model.RepoUnit, deleteUnitTypes []unit.Type) (err error) {
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	// Delete existing settings of units before adding again
-	for _, u := range units {
-		deleteUnitTypes = append(deleteUnitTypes, u.Type)
-	}
-
-	if slices.Contains(deleteUnitTypes, unit.TypeActions) {
-		if err := actions_service.CleanRepoScheduleTasks(ctx, repo); err != nil {
-			log.Error("CleanRepoScheduleTasks: %v", err)
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		// Delete existing settings of units before adding again
+		for _, u := range units {
+			deleteUnitTypes = append(deleteUnitTypes, u.Type)
 		}
-	}
 
-	for _, u := range units {
-		if u.Type == unit.TypeActions {
-			if err := actions_service.DetectAndHandleSchedules(ctx, repo); err != nil {
-				log.Error("DetectAndHandleSchedules: %v", err)
+		if slices.Contains(deleteUnitTypes, unit.TypeActions) {
+			if err := actions_service.CleanRepoScheduleTasks(ctx, repo); err != nil {
+				log.Error("CleanRepoScheduleTasks: %v", err)
 			}
-			break
 		}
-	}
 
-	if _, err = db.GetEngine(ctx).Where("repo_id = ?", repo.ID).In("type", deleteUnitTypes).Delete(new(repo_model.RepoUnit)); err != nil {
-		return err
-	}
+		for _, u := range units {
+			if u.Type == unit.TypeActions {
+				if err := actions_service.DetectAndHandleSchedules(ctx, repo); err != nil {
+					log.Error("DetectAndHandleSchedules: %v", err)
+				}
+				break
+			}
+		}
 
-	if len(units) > 0 {
-		if err = db.Insert(ctx, units); err != nil {
+		if _, err = db.GetEngine(ctx).Where("repo_id = ?", repo.ID).In("type", deleteUnitTypes).Delete(new(repo_model.RepoUnit)); err != nil {
 			return err
 		}
-	}
 
-	return committer.Commit()
+		if len(units) > 0 {
+			if err = db.Insert(ctx, units); err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
 }
diff --git a/services/repository/template.go b/services/repository/template.go
index 36a680c8e2..6906a60083 100644
--- a/services/repository/template.go
+++ b/services/repository/template.go
@@ -5,12 +5,17 @@ package repository
 
 import (
 	"context"
+	"fmt"
+	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/log"
 	notify_service "code.gitea.io/gitea/services/notify"
 )
 
@@ -63,70 +68,124 @@ func GenerateProtectedBranch(ctx context.Context, templateRepo, generateRepo *re
 
 // GenerateRepository generates a repository from a template
 func GenerateRepository(ctx context.Context, doer, owner *user_model.User, templateRepo *repo_model.Repository, opts GenerateRepoOptions) (_ *repo_model.Repository, err error) {
-	if !doer.IsAdmin && !owner.CanCreateRepo() {
+	if !doer.CanCreateRepoIn(owner) {
 		return nil, repo_model.ErrReachLimitOfRepo{
 			Limit: owner.MaxRepoCreation,
 		}
 	}
 
-	var generateRepo *repo_model.Repository
-	if err = db.WithTx(ctx, func(ctx context.Context) error {
-		generateRepo, err = generateRepository(ctx, doer, owner, templateRepo, opts)
+	generateRepo := &repo_model.Repository{
+		OwnerID:          owner.ID,
+		Owner:            owner,
+		OwnerName:        owner.Name,
+		Name:             opts.Name,
+		LowerName:        strings.ToLower(opts.Name),
+		Description:      opts.Description,
+		DefaultBranch:    opts.DefaultBranch,
+		IsPrivate:        opts.Private,
+		IsEmpty:          !opts.GitContent || templateRepo.IsEmpty,
+		IsFsckEnabled:    templateRepo.IsFsckEnabled,
+		TemplateID:       templateRepo.ID,
+		TrustModel:       templateRepo.TrustModel,
+		ObjectFormatName: templateRepo.ObjectFormatName,
+		Status:           repo_model.RepositoryBeingMigrated,
+	}
+
+	// 1 - Create the repository in the database
+	if err := db.WithTx(ctx, func(ctx context.Context) error {
+		return createRepositoryInDB(ctx, doer, owner, generateRepo, false)
+	}); err != nil {
+		return nil, err
+	}
+
+	// last - clean up the repository if something goes wrong
+	defer func() {
 		if err != nil {
-			return err
+			// we can not use the ctx because it maybe canceled or timeout
+			cleanupRepository(generateRepo.ID)
 		}
+	}()
 
-		// Git Content
-		if opts.GitContent && !templateRepo.IsEmpty {
-			if err = GenerateGitContent(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// 2 - check whether the repository with the same storage exists
+	isExist, err := gitrepo.IsRepositoryExist(ctx, generateRepo)
+	if err != nil {
+		log.Error("Unable to check if %s exists. Error: %v", generateRepo.FullName(), err)
+		return nil, err
+	}
+	if isExist {
+		// Don't return directly, we need err in defer to cleanupRepository
+		err = repo_model.ErrRepoFilesAlreadyExist{
+			Uname: generateRepo.OwnerName,
+			Name:  generateRepo.Name,
 		}
+		return nil, err
+	}
 
-		// Topics
-		if opts.Topics {
-			if err = repo_model.GenerateTopics(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// 3 -Init git bare new repository.
+	if err = git.InitRepository(ctx, generateRepo.RepoPath(), true, generateRepo.ObjectFormatName); err != nil {
+		return nil, fmt.Errorf("git.InitRepository: %w", err)
+	} else if err = gitrepo.CreateDelegateHooks(ctx, generateRepo); err != nil {
+		return nil, fmt.Errorf("createDelegateHooks: %w", err)
+	}
+
+	// 4 - Update the git repository
+	if err = updateGitRepoAfterCreate(ctx, generateRepo); err != nil {
+		return nil, fmt.Errorf("updateGitRepoAfterCreate: %w", err)
+	}
+
+	// 5 - generate the repository contents according to the template
+	// Git Content
+	if opts.GitContent && !templateRepo.IsEmpty {
+		if err = GenerateGitContent(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		// Git Hooks
-		if opts.GitHooks {
-			if err = GenerateGitHooks(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// Topics
+	if opts.Topics {
+		if err = repo_model.GenerateTopics(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		// Webhooks
-		if opts.Webhooks {
-			if err = GenerateWebhooks(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// Git Hooks
+	if opts.GitHooks {
+		if err = GenerateGitHooks(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		// Avatar
-		if opts.Avatar && len(templateRepo.Avatar) > 0 {
-			if err = generateAvatar(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// Webhooks
+	if opts.Webhooks {
+		if err = GenerateWebhooks(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		// Issue Labels
-		if opts.IssueLabels {
-			if err = GenerateIssueLabels(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// Avatar
+	if opts.Avatar && len(templateRepo.Avatar) > 0 {
+		if err = generateAvatar(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		if opts.ProtectedBranch {
-			if err = GenerateProtectedBranch(ctx, templateRepo, generateRepo); err != nil {
-				return err
-			}
+	// Issue Labels
+	if opts.IssueLabels {
+		if err = GenerateIssueLabels(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
 		}
+	}
 
-		return nil
-	}); err != nil {
-		return nil, err
+	if opts.ProtectedBranch {
+		if err = GenerateProtectedBranch(ctx, templateRepo, generateRepo); err != nil {
+			return nil, err
+		}
+	}
+
+	// 6 - update repository status to be ready
+	generateRepo.Status = repo_model.RepositoryReady
+	if err = repo_model.UpdateRepositoryColsWithAutoTime(ctx, generateRepo, "status"); err != nil {
+		return nil, fmt.Errorf("UpdateRepositoryCols: %w", err)
 	}
 
 	notify_service.CreateRepository(ctx, doer, owner, generateRepo)
diff --git a/services/repository/transfer.go b/services/repository/transfer.go
index a589bc469d..5ad63cca67 100644
--- a/services/repository/transfer.go
+++ b/services/repository/transfer.go
@@ -20,10 +20,22 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/globallock"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 	notify_service "code.gitea.io/gitea/services/notify"
 )
 
+type LimitReachedError struct{ Limit int }
+
+func (LimitReachedError) Error() string {
+	return "Repository limit has been reached"
+}
+
+func IsRepositoryLimitReached(err error) bool {
+	_, ok := err.(LimitReachedError)
+	return ok
+}
+
 func getRepoWorkingLockKey(repoID int64) string {
 	return fmt.Sprintf("repo_working_%d", repoID)
 }
@@ -49,6 +61,11 @@ func AcceptTransferOwnership(ctx context.Context, repo *repo_model.Repository, d
 			return err
 		}
 
+		if !doer.CanCreateRepoIn(repoTransfer.Recipient) {
+			limit := util.Iif(repoTransfer.Recipient.MaxRepoCreation >= 0, repoTransfer.Recipient.MaxRepoCreation, setting.Repository.MaxCreationLimit)
+			return LimitReachedError{Limit: limit}
+		}
+
 		if !repoTransfer.CanUserAcceptOrRejectTransfer(ctx, doer) {
 			return util.ErrPermissionDenied
 		}
@@ -143,7 +160,7 @@ func transferOwnership(ctx context.Context, doer *user_model.User, newOwnerName
 	repo.OwnerName = newOwner.Name
 
 	// Update repository.
-	if err := repo_model.UpdateRepositoryCols(ctx, repo, "owner_id", "owner_name"); err != nil {
+	if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "owner_id", "owner_name"); err != nil {
 		return fmt.Errorf("update owner: %w", err)
 	}
 
@@ -287,7 +304,7 @@ func transferOwnership(ctx context.Context, doer *user_model.User, newOwnerName
 		return fmt.Errorf("deleteRepositoryTransfer: %w", err)
 	}
 	repo.Status = repo_model.RepositoryReady
-	if err := repo_model.UpdateRepositoryCols(ctx, repo, "status"); err != nil {
+	if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "status"); err != nil {
 		return err
 	}
 
@@ -399,6 +416,11 @@ func StartRepositoryTransfer(ctx context.Context, doer, newOwner *user_model.Use
 		return err
 	}
 
+	if !doer.CanForkRepoIn(newOwner) {
+		limit := util.Iif(newOwner.MaxRepoCreation >= 0, newOwner.MaxRepoCreation, setting.Repository.MaxCreationLimit)
+		return LimitReachedError{Limit: limit}
+	}
+
 	var isDirectTransfer bool
 	oldOwnerName := repo.OwnerName
 
@@ -473,7 +495,7 @@ func RejectRepositoryTransfer(ctx context.Context, repo *repo_model.Repository,
 		}
 
 		repo.Status = repo_model.RepositoryReady
-		if err := repo_model.UpdateRepositoryCols(ctx, repo, "status"); err != nil {
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "status"); err != nil {
 			return err
 		}
 
@@ -521,7 +543,7 @@ func CancelRepositoryTransfer(ctx context.Context, repoTransfer *repo_model.Repo
 		}
 
 		repoTransfer.Repo.Status = repo_model.RepositoryReady
-		if err := repo_model.UpdateRepositoryCols(ctx, repoTransfer.Repo, "status"); err != nil {
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repoTransfer.Repo, "status"); err != nil {
 			return err
 		}
 
diff --git a/services/repository/transfer_test.go b/services/repository/transfer_test.go
index 16a8fb6e1e..80a073e9f9 100644
--- a/services/repository/transfer_test.go
+++ b/services/repository/transfer_test.go
@@ -1,4 +1,4 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
+// Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package repository
@@ -14,11 +14,14 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/feed"
 	notify_service "code.gitea.io/gitea/services/notify"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 var notifySync sync.Once
@@ -125,3 +128,40 @@ func TestRepositoryTransfer(t *testing.T) {
 	err = RejectRepositoryTransfer(db.DefaultContext, repo2, doer)
 	assert.True(t, repo_model.IsErrNoPendingTransfer(err))
 }
+
+// Test transfer rejections
+func TestRepositoryTransferRejection(t *testing.T) {
+	require.NoError(t, unittest.PrepareTestDatabase())
+	// Set limit to 0 repositories so no repositories can be transferred
+	defer test.MockVariableValue(&setting.Repository.MaxCreationLimit, 0)()
+
+	// Admin case
+	doerAdmin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 5})
+
+	transfer, err := repo_model.GetPendingRepositoryTransfer(db.DefaultContext, repo)
+	require.NoError(t, err)
+	require.NotNil(t, transfer)
+	require.NoError(t, transfer.LoadRecipient(db.DefaultContext))
+
+	require.True(t, doerAdmin.CanCreateRepoIn(transfer.Recipient)) // admin is not subject to limits
+
+	// Administrator should not be affected by the limits so transfer should be successful
+	assert.NoError(t, AcceptTransferOwnership(db.DefaultContext, repo, doerAdmin))
+
+	// Non admin user case
+	doer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10})
+	repo = unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 21})
+
+	transfer, err = repo_model.GetPendingRepositoryTransfer(db.DefaultContext, repo)
+	require.NoError(t, err)
+	require.NotNil(t, transfer)
+	require.NoError(t, transfer.LoadRecipient(db.DefaultContext))
+
+	require.False(t, doer.CanCreateRepoIn(transfer.Recipient)) // regular user is subject to limits
+
+	// Cannot accept because of the limit
+	err = AcceptTransferOwnership(db.DefaultContext, repo, doer)
+	assert.Error(t, err)
+	assert.True(t, IsRepositoryLimitReached(err))
+}
diff --git a/services/task/task.go b/services/task/task.go
index c90ee91270..ee5fa1f348 100644
--- a/services/task/task.go
+++ b/services/task/task.go
@@ -5,6 +5,7 @@ package task
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	admin_model "code.gitea.io/gitea/models/admin"
@@ -41,7 +42,7 @@ func Run(ctx context.Context, t *admin_model.Task) error {
 func Init() error {
 	taskQueue = queue.CreateSimpleQueue(graceful.GetManager().ShutdownContext(), "task", handler)
 	if taskQueue == nil {
-		return fmt.Errorf("unable to create task queue")
+		return errors.New("unable to create task queue")
 	}
 	go graceful.GetManager().RunWithCancel(taskQueue)
 	return nil
@@ -110,7 +111,7 @@ func CreateMigrateTask(ctx context.Context, doer, u *user_model.User, opts base.
 		IsPrivate:      opts.Private || setting.Repository.ForcePrivate,
 		IsMirror:       opts.Mirror,
 		Status:         repo_model.RepositoryBeingMigrated,
-	})
+	}, false)
 	if err != nil {
 		task.EndTime = timeutil.TimeStampNow()
 		task.Status = structs.TaskStatusFailed
diff --git a/services/user/avatar.go b/services/user/avatar.go
index 3f87466eaa..df188e5adc 100644
--- a/services/user/avatar.go
+++ b/services/user/avatar.go
@@ -24,26 +24,22 @@ func UploadAvatar(ctx context.Context, u *user_model.User, data []byte) error {
 		return err
 	}
 
-	ctx, committer, err := db.TxContext(ctx)
-	if err != nil {
-		return err
-	}
-	defer committer.Close()
-
-	u.UseCustomAvatar = true
-	u.Avatar = avatar.HashAvatar(u.ID, data)
-	if err = user_model.UpdateUserCols(ctx, u, "use_custom_avatar", "avatar"); err != nil {
-		return fmt.Errorf("updateUser: %w", err)
-	}
+	return db.WithTx(ctx, func(ctx context.Context) error {
+		u.UseCustomAvatar = true
+		u.Avatar = avatar.HashAvatar(u.ID, data)
+		if err = user_model.UpdateUserCols(ctx, u, "use_custom_avatar", "avatar"); err != nil {
+			return fmt.Errorf("updateUser: %w", err)
+		}
 
-	if err := storage.SaveFrom(storage.Avatars, u.CustomAvatarRelativePath(), func(w io.Writer) error {
-		_, err := w.Write(avatarData)
-		return err
-	}); err != nil {
-		return fmt.Errorf("Failed to create dir %s: %w", u.CustomAvatarRelativePath(), err)
-	}
+		if err := storage.SaveFrom(storage.Avatars, u.CustomAvatarRelativePath(), func(w io.Writer) error {
+			_, err := w.Write(avatarData)
+			return err
+		}); err != nil {
+			return fmt.Errorf("Failed to create dir %s: %w", u.CustomAvatarRelativePath(), err)
+		}
 
-	return committer.Commit()
+		return nil
+	})
 }
 
 // DeleteAvatar deletes the user's custom avatar.
diff --git a/services/user/update.go b/services/user/update.go
index 4a39f4f783..d7354542bf 100644
--- a/services/user/update.go
+++ b/services/user/update.go
@@ -15,6 +15,26 @@ import (
 	"code.gitea.io/gitea/modules/structs"
 )
 
+type UpdateOptionField[T any] struct {
+	FieldValue T
+	FromSync   bool
+}
+
+func UpdateOptionFieldFromValue[T any](value T) optional.Option[UpdateOptionField[T]] {
+	return optional.Some(UpdateOptionField[T]{FieldValue: value})
+}
+
+func UpdateOptionFieldFromSync[T any](value T) optional.Option[UpdateOptionField[T]] {
+	return optional.Some(UpdateOptionField[T]{FieldValue: value, FromSync: true})
+}
+
+func UpdateOptionFieldFromPtr[T any](value *T) optional.Option[UpdateOptionField[T]] {
+	if value == nil {
+		return optional.None[UpdateOptionField[T]]()
+	}
+	return UpdateOptionFieldFromValue(*value)
+}
+
 type UpdateOptions struct {
 	KeepEmailPrivate             optional.Option[bool]
 	FullName                     optional.Option[string]
@@ -32,7 +52,7 @@ type UpdateOptions struct {
 	DiffViewStyle                optional.Option[string]
 	AllowCreateOrganization      optional.Option[bool]
 	IsActive                     optional.Option[bool]
-	IsAdmin                      optional.Option[bool]
+	IsAdmin                      optional.Option[UpdateOptionField[bool]]
 	EmailNotificationsPreference optional.Option[string]
 	SetLastLogin                 bool
 	RepoAdminChangeTeamAccess    optional.Option[bool]
@@ -111,13 +131,18 @@ func UpdateUser(ctx context.Context, u *user_model.User, opts *UpdateOptions) er
 		cols = append(cols, "is_restricted")
 	}
 	if opts.IsAdmin.Has() {
-		if !opts.IsAdmin.Value() && user_model.IsLastAdminUser(ctx, u) {
-			return user_model.ErrDeleteLastAdminUser{UID: u.ID}
+		if opts.IsAdmin.Value().FieldValue /* true */ {
+			u.IsAdmin = opts.IsAdmin.Value().FieldValue // set IsAdmin=true
+			cols = append(cols, "is_admin")
+		} else if !user_model.IsLastAdminUser(ctx, u) /* not the last admin */ {
+			u.IsAdmin = opts.IsAdmin.Value().FieldValue // it's safe to change it from false to true (not the last admin)
+			cols = append(cols, "is_admin")
+		} else /* IsAdmin=false but this is the last admin user */ { //nolint:gocritic // make it easier to read
+			if !opts.IsAdmin.Value().FromSync {
+				return user_model.ErrDeleteLastAdminUser{UID: u.ID}
+			}
+			// else: syncing from external-source, this user is the last admin, so skip the "IsAdmin=false" change
 		}
-
-		u.IsAdmin = opts.IsAdmin.Value()
-
-		cols = append(cols, "is_admin")
 	}
 
 	if opts.Visibility.Has() {
diff --git a/services/user/update_test.go b/services/user/update_test.go
index fc24a6c212..27513e8040 100644
--- a/services/user/update_test.go
+++ b/services/user/update_test.go
@@ -22,7 +22,11 @@ func TestUpdateUser(t *testing.T) {
 	admin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
 
 	assert.Error(t, UpdateUser(db.DefaultContext, admin, &UpdateOptions{
-		IsAdmin: optional.Some(false),
+		IsAdmin: UpdateOptionFieldFromValue(false),
+	}))
+
+	assert.NoError(t, UpdateUser(db.DefaultContext, admin, &UpdateOptions{
+		IsAdmin: UpdateOptionFieldFromSync(false),
 	}))
 
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 28})
@@ -38,7 +42,7 @@ func TestUpdateUser(t *testing.T) {
 		MaxRepoCreation:              optional.Some(10),
 		IsRestricted:                 optional.Some(true),
 		IsActive:                     optional.Some(false),
-		IsAdmin:                      optional.Some(true),
+		IsAdmin:                      UpdateOptionFieldFromValue(true),
 		Visibility:                   optional.Some(structs.VisibleTypePrivate),
 		KeepActivityPrivate:          optional.Some(true),
 		Language:                     optional.Some("lang"),
@@ -60,7 +64,7 @@ func TestUpdateUser(t *testing.T) {
 	assert.Equal(t, opts.MaxRepoCreation.Value(), user.MaxRepoCreation)
 	assert.Equal(t, opts.IsRestricted.Value(), user.IsRestricted)
 	assert.Equal(t, opts.IsActive.Value(), user.IsActive)
-	assert.Equal(t, opts.IsAdmin.Value(), user.IsAdmin)
+	assert.Equal(t, opts.IsAdmin.Value().FieldValue, user.IsAdmin)
 	assert.Equal(t, opts.Visibility.Value(), user.Visibility)
 	assert.Equal(t, opts.KeepActivityPrivate.Value(), user.KeepActivityPrivate)
 	assert.Equal(t, opts.Language.Value(), user.Language)
@@ -80,7 +84,7 @@ func TestUpdateUser(t *testing.T) {
 	assert.Equal(t, opts.MaxRepoCreation.Value(), user.MaxRepoCreation)
 	assert.Equal(t, opts.IsRestricted.Value(), user.IsRestricted)
 	assert.Equal(t, opts.IsActive.Value(), user.IsActive)
-	assert.Equal(t, opts.IsAdmin.Value(), user.IsAdmin)
+	assert.Equal(t, opts.IsAdmin.Value().FieldValue, user.IsAdmin)
 	assert.Equal(t, opts.Visibility.Value(), user.Visibility)
 	assert.Equal(t, opts.KeepActivityPrivate.Value(), user.KeepActivityPrivate)
 	assert.Equal(t, opts.Language.Value(), user.Language)
diff --git a/services/user/user.go b/services/user/user.go
index 1aeebff142..c7252430de 100644
--- a/services/user/user.go
+++ b/services/user/user.go
@@ -20,6 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/agit"
 	asymkey_service "code.gitea.io/gitea/services/asymkey"
@@ -177,8 +178,8 @@ func DeleteUser(ctx context.Context, u *user_model.User, purge bool) error {
 					PageSize: repo_model.RepositoryListDefaultPageSize,
 					Page:     1,
 				},
-				UserID:         u.ID,
-				IncludePrivate: true,
+				UserID:            u.ID,
+				IncludeVisibility: structs.VisibleTypePrivate,
 			})
 			if err != nil {
 				return fmt.Errorf("unable to find org list for %s[%d]. Error: %w", u.Name, u.ID, err)
diff --git a/services/user/user_test.go b/services/user/user_test.go
index 162a735cd4..28a0df8628 100644
--- a/services/user/user_test.go
+++ b/services/user/user_test.go
@@ -150,7 +150,7 @@ func TestRenameUser(t *testing.T) {
 
 		redirectUID, err := user_model.LookupUserRedirect(db.DefaultContext, oldUsername)
 		assert.NoError(t, err)
-		assert.EqualValues(t, user.ID, redirectUID)
+		assert.Equal(t, user.ID, redirectUID)
 
 		unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: user.ID, OwnerName: user.Name})
 	})
diff --git a/services/versioned_migration/migration.go b/services/versioned_migration/migration.go
index daec89d7c1..b66d853531 100644
--- a/services/versioned_migration/migration.go
+++ b/services/versioned_migration/migration.go
@@ -1,7 +1,7 @@
 // Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-package versioned_migration //nolint
+package versioned_migration
 
 import (
 	"context"
diff --git a/services/webhook/deliver.go b/services/webhook/deliver.go
index df32d5741e..e8e6ed19c1 100644
--- a/services/webhook/deliver.go
+++ b/services/webhook/deliver.go
@@ -10,6 +10,7 @@ import (
 	"crypto/sha256"
 	"crypto/tls"
 	"encoding/hex"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -41,7 +42,7 @@ func newDefaultRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook
 	case http.MethodPost:
 		switch w.ContentType {
 		case webhook_model.ContentTypeJSON:
-			req, err = http.NewRequest("POST", w.URL, strings.NewReader(t.PayloadContent))
+			req, err = http.NewRequest(http.MethodPost, w.URL, strings.NewReader(t.PayloadContent))
 			if err != nil {
 				return nil, nil, err
 			}
@@ -52,7 +53,7 @@ func newDefaultRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook
 				"payload": []string{t.PayloadContent},
 			}
 
-			req, err = http.NewRequest("POST", w.URL, strings.NewReader(forms.Encode()))
+			req, err = http.NewRequest(http.MethodPost, w.URL, strings.NewReader(forms.Encode()))
 			if err != nil {
 				return nil, nil, err
 			}
@@ -69,7 +70,7 @@ func newDefaultRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook
 		vals := u.Query()
 		vals["payload"] = []string{t.PayloadContent}
 		u.RawQuery = vals.Encode()
-		req, err = http.NewRequest("GET", u.String(), nil)
+		req, err = http.NewRequest(http.MethodGet, u.String(), nil)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -81,7 +82,7 @@ func newDefaultRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook
 				return nil, nil, err
 			}
 			url := fmt.Sprintf("%s/%s", w.URL, url.PathEscape(txnID))
-			req, err = http.NewRequest("PUT", url, strings.NewReader(t.PayloadContent))
+			req, err = http.NewRequest(http.MethodPut, url, strings.NewReader(t.PayloadContent))
 			if err != nil {
 				return nil, nil, err
 			}
@@ -328,7 +329,7 @@ func Init() error {
 
 	hookQueue = queue.CreateUniqueQueue(graceful.GetManager().ShutdownContext(), "webhook_sender", handler)
 	if hookQueue == nil {
-		return fmt.Errorf("unable to create webhook_sender queue")
+		return errors.New("unable to create webhook_sender queue")
 	}
 	go graceful.GetManager().RunWithCancel(hookQueue)
 
diff --git a/services/webhook/deliver_test.go b/services/webhook/deliver_test.go
index 6a74b1455c..1d32d7b772 100644
--- a/services/webhook/deliver_test.go
+++ b/services/webhook/deliver_test.go
@@ -64,7 +64,7 @@ func TestWebhookProxy(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.req, func(t *testing.T) {
-			req, err := http.NewRequest("POST", tt.req, nil)
+			req, err := http.NewRequest(http.MethodPost, tt.req, nil)
 			require.NoError(t, err)
 
 			u, err := webhookProxy(allowedHostMatcher)(req)
@@ -91,7 +91,7 @@ func TestWebhookDeliverAuthorizationHeader(t *testing.T) {
 	s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		assert.Equal(t, "/webhook", r.URL.Path)
 		assert.Equal(t, "Bearer s3cr3t-t0ken", r.Header.Get("Authorization"))
-		w.WriteHeader(200)
+		w.WriteHeader(http.StatusOK)
 		done <- struct{}{}
 	}))
 	t.Cleanup(s.Close)
@@ -138,7 +138,7 @@ func TestWebhookDeliverHookTask(t *testing.T) {
 		case "/webhook/66d222a5d6349e1311f551e50722d837e30fce98":
 			// Version 1
 			assert.Equal(t, "push", r.Header.Get("X-GitHub-Event"))
-			assert.Equal(t, "", r.Header.Get("Content-Type"))
+			assert.Empty(t, r.Header.Get("Content-Type"))
 			body, err := io.ReadAll(r.Body)
 			assert.NoError(t, err)
 			assert.Equal(t, `{"data": 42}`, string(body))
@@ -152,11 +152,11 @@ func TestWebhookDeliverHookTask(t *testing.T) {
 			assert.Len(t, body, 2147)
 
 		default:
-			w.WriteHeader(404)
+			w.WriteHeader(http.StatusNotFound)
 			t.Fatalf("unexpected url path %s", r.URL.Path)
 			return
 		}
-		w.WriteHeader(200)
+		w.WriteHeader(http.StatusOK)
 		done <- struct{}{}
 	}))
 	t.Cleanup(s.Close)
diff --git a/services/webhook/dingtalk.go b/services/webhook/dingtalk.go
index 5afca8d65a..5bbc610fe5 100644
--- a/services/webhook/dingtalk.go
+++ b/services/webhook/dingtalk.go
@@ -30,7 +30,7 @@ func (dc dingtalkConvertor) Create(p *api.CreatePayload) (DingtalkPayload, error
 	refName := git.RefName(p.Ref).ShortName()
 	title := fmt.Sprintf("[%s] %s %s created", p.Repo.FullName, p.RefType, refName)
 
-	return createDingtalkPayload(title, title, fmt.Sprintf("view ref %s", refName), p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName)), nil
+	return createDingtalkPayload(title, title, "view ref "+refName, p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName)), nil
 }
 
 // Delete implements PayloadConvertor Delete method
@@ -39,14 +39,14 @@ func (dc dingtalkConvertor) Delete(p *api.DeletePayload) (DingtalkPayload, error
 	refName := git.RefName(p.Ref).ShortName()
 	title := fmt.Sprintf("[%s] %s %s deleted", p.Repo.FullName, p.RefType, refName)
 
-	return createDingtalkPayload(title, title, fmt.Sprintf("view ref %s", refName), p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName)), nil
+	return createDingtalkPayload(title, title, "view ref "+refName, p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName)), nil
 }
 
 // Fork implements PayloadConvertor Fork method
 func (dc dingtalkConvertor) Fork(p *api.ForkPayload) (DingtalkPayload, error) {
 	title := fmt.Sprintf("%s is forked to %s", p.Forkee.FullName, p.Repo.FullName)
 
-	return createDingtalkPayload(title, title, fmt.Sprintf("view forked repo %s", p.Repo.FullName), p.Repo.HTMLURL), nil
+	return createDingtalkPayload(title, title, "view forked repo "+p.Repo.FullName, p.Repo.HTMLURL), nil
 }
 
 // Push implements PayloadConvertor Push method
@@ -176,6 +176,12 @@ func (dc dingtalkConvertor) Status(p *api.CommitStatusPayload) (DingtalkPayload,
 	return createDingtalkPayload(text, text, "Status Changed", p.TargetURL), nil
 }
 
+func (dingtalkConvertor) WorkflowRun(p *api.WorkflowRunPayload) (DingtalkPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, noneLinkFormatter, true)
+
+	return createDingtalkPayload(text, text, "Workflow Run", p.WorkflowRun.HTMLURL), nil
+}
+
 func (dingtalkConvertor) WorkflowJob(p *api.WorkflowJobPayload) (DingtalkPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, noneLinkFormatter, true)
 
diff --git a/services/webhook/discord.go b/services/webhook/discord.go
index 0a7eb0b166..0426964181 100644
--- a/services/webhook/discord.go
+++ b/services/webhook/discord.go
@@ -101,6 +101,13 @@ var (
 	redColor         = color("ff3232")
 )
 
+// https://discord.com/developers/docs/resources/message#embed-object-embed-limits
+// Discord has some limits in place for the embeds.
+// According to some tests, there is no consistent limit for different character sets.
+// For example: 4096 ASCII letters are allowed, but only 2490 emoji characters are allowed.
+// To keep it simple, we currently truncate at 2000.
+const discordDescriptionCharactersLimit = 2000
+
 type discordConvertor struct {
 	Username  string
 	AvatarURL string
@@ -271,6 +278,12 @@ func (d discordConvertor) Status(p *api.CommitStatusPayload) (DiscordPayload, er
 	return d.createPayload(p.Sender, text, "", p.TargetURL, color), nil
 }
 
+func (d discordConvertor) WorkflowRun(p *api.WorkflowRunPayload) (DiscordPayload, error) {
+	text, color := getWorkflowRunPayloadInfo(p, noneLinkFormatter, false)
+
+	return d.createPayload(p.Sender, text, "", p.WorkflowRun.HTMLURL, color), nil
+}
+
 func (d discordConvertor) WorkflowJob(p *api.WorkflowJobPayload) (DiscordPayload, error) {
 	text, color := getWorkflowJobPayloadInfo(p, noneLinkFormatter, false)
 
@@ -298,7 +311,7 @@ func parseHookPullRequestEventType(event webhook_module.HookEventType) (string,
 	case webhook_module.HookEventPullRequestReviewApproved:
 		return "approved", nil
 	case webhook_module.HookEventPullRequestReviewRejected:
-		return "rejected", nil
+		return "requested changes", nil
 	case webhook_module.HookEventPullRequestReviewComment:
 		return "comment", nil
 	default:
@@ -313,7 +326,7 @@ func (d discordConvertor) createPayload(s *api.User, title, text, url string, co
 		Embeds: []DiscordEmbed{
 			{
 				Title:       title,
-				Description: text,
+				Description: util.TruncateRunes(text, discordDescriptionCharactersLimit),
 				URL:         url,
 				Color:       color,
 				Author: DiscordEmbedAuthor{
diff --git a/services/webhook/feishu.go b/services/webhook/feishu.go
index 274aaf90b3..b6ee80c44c 100644
--- a/services/webhook/feishu.go
+++ b/services/webhook/feishu.go
@@ -5,9 +5,13 @@ package webhook
 
 import (
 	"context"
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/base64"
 	"fmt"
 	"net/http"
 	"strings"
+	"time"
 
 	webhook_model "code.gitea.io/gitea/models/webhook"
 	"code.gitea.io/gitea/modules/git"
@@ -16,10 +20,12 @@ import (
 )
 
 type (
-	// FeishuPayload represents
+	// FeishuPayload represents the payload for Feishu webhook
 	FeishuPayload struct {
-		MsgType string `json:"msg_type"` // text / post / image / share_chat / interactive / file /audio / media
-		Content struct {
+		Timestamp int64  `json:"timestamp,omitempty"` // Unix timestamp for signature verification
+		Sign      string `json:"sign,omitempty"`      // Signature for verification
+		MsgType   string `json:"msg_type"`            // text / post / image / share_chat / interactive / file /audio / media
+		Content   struct {
 			Text string `json:"text"`
 		} `json:"content"`
 	}
@@ -172,15 +178,41 @@ func (fc feishuConvertor) Status(p *api.CommitStatusPayload) (FeishuPayload, err
 	return newFeishuTextPayload(text), nil
 }
 
+func (feishuConvertor) WorkflowRun(p *api.WorkflowRunPayload) (FeishuPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, noneLinkFormatter, true)
+
+	return newFeishuTextPayload(text), nil
+}
+
 func (feishuConvertor) WorkflowJob(p *api.WorkflowJobPayload) (FeishuPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, noneLinkFormatter, true)
 
 	return newFeishuTextPayload(text), nil
 }
 
+// feishuGenSign generates a signature for Feishu webhook
+// https://open.feishu.cn/document/client-docs/bot-v3/add-custom-bot
+func feishuGenSign(secret string, timestamp int64) string {
+	// key="{timestamp}\n{secret}", then hmac-sha256, then base64 encode
+	stringToSign := fmt.Sprintf("%d\n%s", timestamp, secret)
+	h := hmac.New(sha256.New, []byte(stringToSign))
+	return base64.StdEncoding.EncodeToString(h.Sum(nil))
+}
+
 func newFeishuRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
-	var pc payloadConvertor[FeishuPayload] = feishuConvertor{}
-	return newJSONRequest(pc, w, t, true)
+	payload, err := newPayload(feishuConvertor{}, []byte(t.PayloadContent), t.EventType)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// Add timestamp and signature if secret is provided
+	if w.Secret != "" {
+		timestamp := time.Now().Unix()
+		payload.Timestamp = timestamp
+		payload.Sign = feishuGenSign(w.Secret, timestamp)
+	}
+
+	return prepareJSONRequest(payload, w, t, false /* no default headers */)
 }
 
 func init() {
diff --git a/services/webhook/feishu_test.go b/services/webhook/feishu_test.go
index c4249bdb30..7e200ea132 100644
--- a/services/webhook/feishu_test.go
+++ b/services/webhook/feishu_test.go
@@ -168,6 +168,7 @@ func TestFeishuJSONPayload(t *testing.T) {
 		URL:        "https://feishu.example.com/",
 		Meta:       `{}`,
 		HTTPMethod: "POST",
+		Secret:     "secret",
 	}
 	task := &webhook_model.HookTask{
 		HookID:         hook.ID,
@@ -183,10 +184,13 @@ func TestFeishuJSONPayload(t *testing.T) {
 
 	assert.Equal(t, "POST", req.Method)
 	assert.Equal(t, "https://feishu.example.com/", req.URL.String())
-	assert.Equal(t, "sha256=", req.Header.Get("X-Hub-Signature-256"))
 	assert.Equal(t, "application/json", req.Header.Get("Content-Type"))
 	var body FeishuPayload
 	err = json.NewDecoder(req.Body).Decode(&body)
 	assert.NoError(t, err)
 	assert.Equal(t, "[test/repo:test] \r\n[2020558](http://localhost:3000/test/repo/commit/2020558fe2e34debb818a514715839cabd25e778) commit message - user1\r\n[2020558](http://localhost:3000/test/repo/commit/2020558fe2e34debb818a514715839cabd25e778) commit message - user1", body.Content.Text)
+	assert.Equal(t, feishuGenSign(hook.Secret, body.Timestamp), body.Sign)
+
+	// a separate sign test, the result is generated by official python code, so the algo must be correct
+	assert.Equal(t, "rWZ84lcag1x9aBFhn1gtV4ZN+4gme3pilfQNMk86vKg=", feishuGenSign("a", 1))
 }
diff --git a/services/webhook/general.go b/services/webhook/general.go
index ea75038faf..be457e46f5 100644
--- a/services/webhook/general.go
+++ b/services/webhook/general.go
@@ -39,19 +39,20 @@ func getPullRequestInfo(p *api.PullRequestPayload) (title, link, by, operator, o
 	for i, user := range assignList {
 		assignStringList[i] = user.UserName
 	}
-	if p.Action == api.HookIssueAssigned {
+	switch p.Action {
+	case api.HookIssueAssigned:
 		operateResult = fmt.Sprintf("%s assign this to %s", p.Sender.UserName, assignList[len(assignList)-1].UserName)
-	} else if p.Action == api.HookIssueUnassigned {
-		operateResult = fmt.Sprintf("%s unassigned this for someone", p.Sender.UserName)
-	} else if p.Action == api.HookIssueMilestoned {
+	case api.HookIssueUnassigned:
+		operateResult = p.Sender.UserName + " unassigned this for someone"
+	case api.HookIssueMilestoned:
 		operateResult = fmt.Sprintf("%s/milestone/%d", p.Repository.HTMLURL, p.PullRequest.Milestone.ID)
 	}
 	link = p.PullRequest.HTMLURL
-	by = fmt.Sprintf("PullRequest by %s", p.PullRequest.Poster.UserName)
+	by = "PullRequest by " + p.PullRequest.Poster.UserName
 	if len(assignStringList) > 0 {
-		assignees = fmt.Sprintf("Assignees: %s", strings.Join(assignStringList, ", "))
+		assignees = "Assignees: " + strings.Join(assignStringList, ", ")
 	}
-	operator = fmt.Sprintf("Operator: %s", p.Sender.UserName)
+	operator = "Operator: " + p.Sender.UserName
 	return title, link, by, operator, operateResult, assignees
 }
 
@@ -64,19 +65,20 @@ func getIssuesInfo(p *api.IssuePayload) (issueTitle, link, by, operator, operate
 	for i, user := range assignList {
 		assignStringList[i] = user.UserName
 	}
-	if p.Action == api.HookIssueAssigned {
+	switch p.Action {
+	case api.HookIssueAssigned:
 		operateResult = fmt.Sprintf("%s assign this to %s", p.Sender.UserName, assignList[len(assignList)-1].UserName)
-	} else if p.Action == api.HookIssueUnassigned {
-		operateResult = fmt.Sprintf("%s unassigned this for someone", p.Sender.UserName)
-	} else if p.Action == api.HookIssueMilestoned {
+	case api.HookIssueUnassigned:
+		operateResult = p.Sender.UserName + " unassigned this for someone"
+	case api.HookIssueMilestoned:
 		operateResult = fmt.Sprintf("%s/milestone/%d", p.Repository.HTMLURL, p.Issue.Milestone.ID)
 	}
 	link = p.Issue.HTMLURL
-	by = fmt.Sprintf("Issue by %s", p.Issue.Poster.UserName)
+	by = "Issue by " + p.Issue.Poster.UserName
 	if len(assignStringList) > 0 {
-		assignees = fmt.Sprintf("Assignees: %s", strings.Join(assignStringList, ", "))
+		assignees = "Assignees: " + strings.Join(assignStringList, ", ")
 	}
-	operator = fmt.Sprintf("Operator: %s", p.Sender.UserName)
+	operator = "Operator: " + p.Sender.UserName
 	return issueTitle, link, by, operator, operateResult, assignees
 }
 
@@ -85,11 +87,11 @@ func getIssuesCommentInfo(p *api.IssueCommentPayload) (title, link, by, operator
 	title = fmt.Sprintf("[Comment-%s #%d]: %s\n%s", p.Repository.FullName, p.Issue.Index, p.Action, p.Issue.Title)
 	link = p.Issue.HTMLURL
 	if p.IsPull {
-		by = fmt.Sprintf("PullRequest by %s", p.Issue.Poster.UserName)
+		by = "PullRequest by " + p.Issue.Poster.UserName
 	} else {
-		by = fmt.Sprintf("Issue by %s", p.Issue.Poster.UserName)
+		by = "Issue by " + p.Issue.Poster.UserName
 	}
-	operator = fmt.Sprintf("Operator: %s", p.Sender.UserName)
+	operator = "Operator: " + p.Sender.UserName
 	return title, link, by, operator
 }
 
@@ -133,7 +135,7 @@ func getIssuesPayloadInfo(p *api.IssuePayload, linkFormatter linkFormatter, with
 		text = fmt.Sprintf("[%s] Issue milestone cleared: %s", repoLink, titleLink)
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	if p.Action == api.HookIssueOpened || p.Action == api.HookIssueEdited {
@@ -198,7 +200,7 @@ func getPullRequestPayloadInfo(p *api.PullRequestPayload, linkFormatter linkForm
 		text = fmt.Sprintf("[%s] Pull request review request removed: %s", repoLink, titleLink)
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+p.Sender.UserName, p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+p.Sender.UserName, p.Sender.UserName)
 	}
 
 	return text, issueTitle, extraMarkdown, color
@@ -220,7 +222,7 @@ func getReleasePayloadInfo(p *api.ReleasePayload, linkFormatter linkFormatter, w
 		color = redColor
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	return text, color
@@ -249,7 +251,7 @@ func getWikiPayloadInfo(p *api.WikiPayload, linkFormatter linkFormatter, withSen
 	}
 
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	return text, color, pageLink
@@ -285,7 +287,7 @@ func getIssueCommentPayloadInfo(p *api.IssueCommentPayload, linkFormatter linkFo
 		color = redColor
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	return text, issueTitle, color
@@ -296,14 +298,14 @@ func getPackagePayloadInfo(p *api.PackagePayload, linkFormatter linkFormatter, w
 
 	switch p.Action {
 	case api.HookPackageCreated:
-		text = fmt.Sprintf("Package created: %s", refLink)
+		text = "Package created: " + refLink
 		color = greenColor
 	case api.HookPackageDeleted:
-		text = fmt.Sprintf("Package deleted: %s", refLink)
+		text = "Package deleted: " + refLink
 		color = redColor
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	return text, color
@@ -316,15 +318,46 @@ func getStatusPayloadInfo(p *api.CommitStatusPayload, linkFormatter linkFormatte
 	color = greenColor
 	if withSender {
 		if user_model.IsGiteaActionsUserName(p.Sender.UserName) {
-			text += fmt.Sprintf(" by %s", p.Sender.FullName)
+			text += " by " + p.Sender.FullName
 		} else {
-			text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+			text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 		}
 	}
 
 	return text, color
 }
 
+func getWorkflowRunPayloadInfo(p *api.WorkflowRunPayload, linkFormatter linkFormatter, withSender bool) (text string, color int) {
+	description := p.WorkflowRun.Conclusion
+	if description == "" {
+		description = p.WorkflowRun.Status
+	}
+	refLink := linkFormatter(p.WorkflowRun.HTMLURL, fmt.Sprintf("%s(#%d)", p.WorkflowRun.DisplayTitle, p.WorkflowRun.ID)+"["+base.ShortSha(p.WorkflowRun.HeadSha)+"]:"+description)
+
+	text = fmt.Sprintf("Workflow Run %s: %s", p.Action, refLink)
+	switch description {
+	case "waiting":
+		color = orangeColor
+	case "queued":
+		color = orangeColorLight
+	case "success":
+		color = greenColor
+	case "failure":
+		color = redColor
+	case "cancelled":
+		color = yellowColor
+	case "skipped":
+		color = purpleColor
+	default:
+		color = greyColor
+	}
+	if withSender {
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
+	}
+
+	return text, color
+}
+
 func getWorkflowJobPayloadInfo(p *api.WorkflowJobPayload, linkFormatter linkFormatter, withSender bool) (text string, color int) {
 	description := p.WorkflowJob.Conclusion
 	if description == "" {
@@ -350,7 +383,7 @@ func getWorkflowJobPayloadInfo(p *api.WorkflowJobPayload, linkFormatter linkForm
 		color = greyColor
 	}
 	if withSender {
-		text += fmt.Sprintf(" by %s", linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName))
+		text += " by " + linkFormatter(setting.AppURL+url.PathEscape(p.Sender.UserName), p.Sender.UserName)
 	}
 
 	return text, color
diff --git a/services/webhook/matrix.go b/services/webhook/matrix.go
index 5bc7ba097e..3e9163f78c 100644
--- a/services/webhook/matrix.go
+++ b/services/webhook/matrix.go
@@ -252,6 +252,12 @@ func (m matrixConvertor) Status(p *api.CommitStatusPayload) (MatrixPayload, erro
 	return m.newPayload(text)
 }
 
+func (m matrixConvertor) WorkflowRun(p *api.WorkflowRunPayload) (MatrixPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, htmlLinkFormatter, true)
+
+	return m.newPayload(text)
+}
+
 func (m matrixConvertor) WorkflowJob(p *api.WorkflowJobPayload) (MatrixPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, htmlLinkFormatter, true)
 
diff --git a/services/webhook/msteams.go b/services/webhook/msteams.go
index f70e235f20..450a544b42 100644
--- a/services/webhook/msteams.go
+++ b/services/webhook/msteams.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 
 	webhook_model "code.gitea.io/gitea/models/webhook"
@@ -73,7 +74,7 @@ func (m msteamsConvertor) Create(p *api.CreatePayload) (MSTeamsPayload, error) {
 		"",
 		p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName),
 		greenColor,
-		&MSTeamsFact{fmt.Sprintf("%s:", p.RefType), refName},
+		&MSTeamsFact{p.RefType + ":", refName},
 	), nil
 }
 
@@ -90,7 +91,7 @@ func (m msteamsConvertor) Delete(p *api.DeletePayload) (MSTeamsPayload, error) {
 		"",
 		p.Repo.HTMLURL+"/src/"+util.PathEscapeSegments(refName),
 		yellowColor,
-		&MSTeamsFact{fmt.Sprintf("%s:", p.RefType), refName},
+		&MSTeamsFact{p.RefType + ":", refName},
 	), nil
 }
 
@@ -148,7 +149,7 @@ func (m msteamsConvertor) Push(p *api.PushPayload) (MSTeamsPayload, error) {
 		text,
 		titleLink,
 		greenColor,
-		&MSTeamsFact{"Commit count:", fmt.Sprintf("%d", p.TotalCommits)},
+		&MSTeamsFact{"Commit count:", strconv.Itoa(p.TotalCommits)},
 	), nil
 }
 
@@ -163,7 +164,7 @@ func (m msteamsConvertor) Issue(p *api.IssuePayload) (MSTeamsPayload, error) {
 		extraMarkdown,
 		p.Issue.HTMLURL,
 		color,
-		&MSTeamsFact{"Issue #:", fmt.Sprintf("%d", p.Issue.ID)},
+		&MSTeamsFact{"Issue #:", strconv.FormatInt(p.Issue.ID, 10)},
 	), nil
 }
 
@@ -178,7 +179,7 @@ func (m msteamsConvertor) IssueComment(p *api.IssueCommentPayload) (MSTeamsPaylo
 		p.Comment.Body,
 		p.Comment.HTMLURL,
 		color,
-		&MSTeamsFact{"Issue #:", fmt.Sprintf("%d", p.Issue.ID)},
+		&MSTeamsFact{"Issue #:", strconv.FormatInt(p.Issue.ID, 10)},
 	), nil
 }
 
@@ -193,7 +194,7 @@ func (m msteamsConvertor) PullRequest(p *api.PullRequestPayload) (MSTeamsPayload
 		extraMarkdown,
 		p.PullRequest.HTMLURL,
 		color,
-		&MSTeamsFact{"Pull request #:", fmt.Sprintf("%d", p.PullRequest.ID)},
+		&MSTeamsFact{"Pull request #:", strconv.FormatInt(p.PullRequest.ID, 10)},
 	), nil
 }
 
@@ -230,7 +231,7 @@ func (m msteamsConvertor) Review(p *api.PullRequestPayload, event webhook_module
 		text,
 		p.PullRequest.HTMLURL,
 		color,
-		&MSTeamsFact{"Pull request #:", fmt.Sprintf("%d", p.PullRequest.ID)},
+		&MSTeamsFact{"Pull request #:", strconv.FormatInt(p.PullRequest.ID, 10)},
 	), nil
 }
 
@@ -317,6 +318,20 @@ func (m msteamsConvertor) Status(p *api.CommitStatusPayload) (MSTeamsPayload, er
 	), nil
 }
 
+func (msteamsConvertor) WorkflowRun(p *api.WorkflowRunPayload) (MSTeamsPayload, error) {
+	title, color := getWorkflowRunPayloadInfo(p, noneLinkFormatter, false)
+
+	return createMSTeamsPayload(
+		p.Repo,
+		p.Sender,
+		title,
+		"",
+		p.WorkflowRun.HTMLURL,
+		color,
+		&MSTeamsFact{"WorkflowRun:", p.WorkflowRun.DisplayTitle},
+	), nil
+}
+
 func (msteamsConvertor) WorkflowJob(p *api.WorkflowJobPayload) (MSTeamsPayload, error) {
 	title, color := getWorkflowJobPayloadInfo(p, noneLinkFormatter, false)
 
diff --git a/services/webhook/msteams_test.go b/services/webhook/msteams_test.go
index d5020d3ff5..0d98b94bad 100644
--- a/services/webhook/msteams_test.go
+++ b/services/webhook/msteams_test.go
@@ -335,7 +335,7 @@ func TestMSTeamsPayload(t *testing.T) {
 		assert.Equal(t, "[test/repo] New wiki page 'index' (Wiki change comment)", pl.Summary)
 		assert.Len(t, pl.Sections, 1)
 		assert.Equal(t, "user1", pl.Sections[0].ActivitySubtitle)
-		assert.Equal(t, "", pl.Sections[0].Text)
+		assert.Empty(t, pl.Sections[0].Text)
 		assert.Len(t, pl.Sections[0].Facts, 2)
 		for _, fact := range pl.Sections[0].Facts {
 			if fact.Name == "Repository:" {
@@ -356,7 +356,7 @@ func TestMSTeamsPayload(t *testing.T) {
 		assert.Equal(t, "[test/repo] Wiki page 'index' edited (Wiki change comment)", pl.Summary)
 		assert.Len(t, pl.Sections, 1)
 		assert.Equal(t, "user1", pl.Sections[0].ActivitySubtitle)
-		assert.Equal(t, "", pl.Sections[0].Text)
+		assert.Empty(t, pl.Sections[0].Text)
 		assert.Len(t, pl.Sections[0].Facts, 2)
 		for _, fact := range pl.Sections[0].Facts {
 			if fact.Name == "Repository:" {
diff --git a/services/webhook/notifier.go b/services/webhook/notifier.go
index 9e3f21de29..672abd5c95 100644
--- a/services/webhook/notifier.go
+++ b/services/webhook/notifier.go
@@ -5,10 +5,8 @@ package webhook
 
 import (
 	"context"
-	"fmt"
 
 	actions_model "code.gitea.io/gitea/models/actions"
-	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/organization"
@@ -18,6 +16,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/repository"
@@ -295,6 +294,43 @@ func (m *webhookNotifier) NewIssue(ctx context.Context, issue *issues_model.Issu
 	}
 }
 
+func (m *webhookNotifier) DeleteIssue(ctx context.Context, doer *user_model.User, issue *issues_model.Issue) {
+	permission, _ := access_model.GetUserRepoPermission(ctx, issue.Repo, doer)
+	if issue.IsPull {
+		if err := issue.LoadPullRequest(ctx); err != nil {
+			log.Error("LoadPullRequest: %v", err)
+			return
+		}
+		if err := PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, webhook_module.HookEventPullRequest, &api.PullRequestPayload{
+			Action:      api.HookIssueDeleted,
+			Index:       issue.Index,
+			PullRequest: convert.ToAPIPullRequest(ctx, issue.PullRequest, doer),
+			Repository:  convert.ToRepo(ctx, issue.Repo, permission),
+			Sender:      convert.ToUser(ctx, doer, nil),
+		}); err != nil {
+			log.Error("PrepareWebhooks: %v", err)
+		}
+	} else {
+		if err := issue.LoadRepo(ctx); err != nil {
+			log.Error("issue.LoadRepo: %v", err)
+			return
+		}
+		if err := issue.LoadPoster(ctx); err != nil {
+			log.Error("issue.LoadPoster: %v", err)
+			return
+		}
+		if err := PrepareWebhooks(ctx, EventSource{Repository: issue.Repo}, webhook_module.HookEventIssues, &api.IssuePayload{
+			Action:     api.HookIssueDeleted,
+			Index:      issue.Index,
+			Issue:      convert.ToAPIIssue(ctx, issue.Poster, issue),
+			Repository: convert.ToRepo(ctx, issue.Repo, permission),
+			Sender:     convert.ToUser(ctx, doer, nil),
+		}); err != nil {
+			log.Error("PrepareWebhooks: %v", err)
+		}
+	}
+}
+
 func (m *webhookNotifier) NewPullRequest(ctx context.Context, pull *issues_model.PullRequest, mentions []*user_model.User) {
 	if err := pull.LoadIssue(ctx); err != nil {
 		log.Error("pull.LoadIssue: %v", err)
@@ -956,72 +992,61 @@ func (*webhookNotifier) WorkflowJobStatusUpdate(ctx context.Context, repo *repo_
 		org = convert.ToOrganization(ctx, organization.OrgFromUser(repo.Owner))
 	}
 
-	err := job.LoadAttributes(ctx)
+	status, _ := convert.ToActionsStatus(job.Status)
+
+	convertedJob, err := convert.ToActionWorkflowJob(ctx, repo, task, job)
 	if err != nil {
-		log.Error("Error loading job attributes: %v", err)
+		log.Error("ToActionWorkflowJob: %v", err)
 		return
 	}
 
-	jobIndex := 0
-	jobs, err := actions_model.GetRunJobsByRunID(ctx, job.RunID)
+	if err := PrepareWebhooks(ctx, source, webhook_module.HookEventWorkflowJob, &api.WorkflowJobPayload{
+		Action:       status,
+		WorkflowJob:  convertedJob,
+		Organization: org,
+		Repo:         convert.ToRepo(ctx, repo, access_model.Permission{AccessMode: perm.AccessModeOwner}),
+		Sender:       convert.ToUser(ctx, sender, nil),
+	}); err != nil {
+		log.Error("PrepareWebhooks: %v", err)
+	}
+}
+
+func (*webhookNotifier) WorkflowRunStatusUpdate(ctx context.Context, repo *repo_model.Repository, sender *user_model.User, run *actions_model.ActionRun) {
+	source := EventSource{
+		Repository: repo,
+		Owner:      repo.Owner,
+	}
+
+	var org *api.Organization
+	if repo.Owner.IsOrganization() {
+		org = convert.ToOrganization(ctx, organization.OrgFromUser(repo.Owner))
+	}
+
+	status := convert.ToWorkflowRunAction(run.Status)
+
+	gitRepo, err := gitrepo.OpenRepository(ctx, repo)
 	if err != nil {
-		log.Error("Error loading getting run jobs: %v", err)
+		log.Error("OpenRepository: %v", err)
 		return
 	}
-	for i, j := range jobs {
-		if j.ID == job.ID {
-			jobIndex = i
-			break
-		}
-	}
+	defer gitRepo.Close()
 
-	status, conclusion := toActionStatus(job.Status)
-	var runnerID int64
-	var runnerName string
-	var steps []*api.ActionWorkflowStep
+	convertedWorkflow, err := convert.GetActionWorkflow(ctx, gitRepo, repo, run.WorkflowID)
+	if err != nil {
+		log.Error("GetActionWorkflow: %v", err)
+		return
+	}
 
-	if task != nil {
-		runnerID = task.RunnerID
-		if runner, ok, _ := db.GetByID[actions_model.ActionRunner](ctx, runnerID); ok {
-			runnerName = runner.Name
-		}
-		for i, step := range task.Steps {
-			stepStatus, stepConclusion := toActionStatus(job.Status)
-			steps = append(steps, &api.ActionWorkflowStep{
-				Name:        step.Name,
-				Number:      int64(i),
-				Status:      stepStatus,
-				Conclusion:  stepConclusion,
-				StartedAt:   step.Started.AsTime().UTC(),
-				CompletedAt: step.Stopped.AsTime().UTC(),
-			})
-		}
+	convertedRun, err := convert.ToActionWorkflowRun(ctx, repo, run)
+	if err != nil {
+		log.Error("ToActionWorkflowRun: %v", err)
+		return
 	}
 
-	if err := PrepareWebhooks(ctx, source, webhook_module.HookEventWorkflowJob, &api.WorkflowJobPayload{
-		Action: status,
-		WorkflowJob: &api.ActionWorkflowJob{
-			ID: job.ID,
-			// missing api endpoint for this location
-			URL:     fmt.Sprintf("%s/actions/runs/%d/jobs/%d", repo.APIURL(), job.RunID, job.ID),
-			HTMLURL: fmt.Sprintf("%s/jobs/%d", job.Run.HTMLURL(), jobIndex),
-			RunID:   job.RunID,
-			// Missing api endpoint for this location, artifacts are available under a nested url
-			RunURL:      fmt.Sprintf("%s/actions/runs/%d", repo.APIURL(), job.RunID),
-			Name:        job.Name,
-			Labels:      job.RunsOn,
-			RunAttempt:  job.Attempt,
-			HeadSha:     job.Run.CommitSHA,
-			HeadBranch:  git.RefName(job.Run.Ref).BranchName(),
-			Status:      status,
-			Conclusion:  conclusion,
-			RunnerID:    runnerID,
-			RunnerName:  runnerName,
-			Steps:       steps,
-			CreatedAt:   job.Created.AsTime().UTC(),
-			StartedAt:   job.Started.AsTime().UTC(),
-			CompletedAt: job.Stopped.AsTime().UTC(),
-		},
+	if err := PrepareWebhooks(ctx, source, webhook_module.HookEventWorkflowRun, &api.WorkflowRunPayload{
+		Action:       status,
+		Workflow:     convertedWorkflow,
+		WorkflowRun:  convertedRun,
 		Organization: org,
 		Repo:         convert.ToRepo(ctx, repo, access_model.Permission{AccessMode: perm.AccessModeOwner}),
 		Sender:       convert.ToUser(ctx, sender, nil),
@@ -1029,29 +1054,3 @@ func (*webhookNotifier) WorkflowJobStatusUpdate(ctx context.Context, repo *repo_
 		log.Error("PrepareWebhooks: %v", err)
 	}
 }
-
-func toActionStatus(status actions_model.Status) (string, string) {
-	var action string
-	var conclusion string
-	switch status {
-	// This is a naming conflict of the webhook between Gitea and GitHub Actions
-	case actions_model.StatusWaiting:
-		action = "queued"
-	case actions_model.StatusBlocked:
-		action = "waiting"
-	case actions_model.StatusRunning:
-		action = "in_progress"
-	}
-	if status.IsDone() {
-		action = "completed"
-		switch status {
-		case actions_model.StatusSuccess:
-			conclusion = "success"
-		case actions_model.StatusCancelled:
-			conclusion = "cancelled"
-		case actions_model.StatusFailure:
-			conclusion = "failure"
-		}
-	}
-	return action, conclusion
-}
diff --git a/services/webhook/packagist.go b/services/webhook/packagist.go
index 8829d95da6..e6a00b0293 100644
--- a/services/webhook/packagist.go
+++ b/services/webhook/packagist.go
@@ -114,6 +114,10 @@ func (pc packagistConvertor) Status(_ *api.CommitStatusPayload) (PackagistPayloa
 	return PackagistPayload{}, nil
 }
 
+func (pc packagistConvertor) WorkflowRun(_ *api.WorkflowRunPayload) (PackagistPayload, error) {
+	return PackagistPayload{}, nil
+}
+
 func (pc packagistConvertor) WorkflowJob(_ *api.WorkflowJobPayload) (PackagistPayload, error) {
 	return PackagistPayload{}, nil
 }
diff --git a/services/webhook/packagist_test.go b/services/webhook/packagist_test.go
index 638dcfd302..4e77f29edc 100644
--- a/services/webhook/packagist_test.go
+++ b/services/webhook/packagist_test.go
@@ -210,5 +210,5 @@ func TestPackagistEmptyPayload(t *testing.T) {
 	var body PackagistPayload
 	err = json.NewDecoder(req.Body).Decode(&body)
 	assert.NoError(t, err)
-	assert.Equal(t, "", body.PackagistRepository.URL)
+	assert.Empty(t, body.PackagistRepository.URL)
 }
diff --git a/services/webhook/payloader.go b/services/webhook/payloader.go
index adb7243fb1..b607bf3250 100644
--- a/services/webhook/payloader.go
+++ b/services/webhook/payloader.go
@@ -29,6 +29,7 @@ type payloadConvertor[T any] interface {
 	Wiki(*api.WikiPayload) (T, error)
 	Package(*api.PackagePayload) (T, error)
 	Status(*api.CommitStatusPayload) (T, error)
+	WorkflowRun(*api.WorkflowRunPayload) (T, error)
 	WorkflowJob(*api.WorkflowJobPayload) (T, error)
 }
 
@@ -81,6 +82,8 @@ func newPayload[T any](rc payloadConvertor[T], data []byte, event webhook_module
 		return convertUnmarshalledJSON(rc.Package, data)
 	case webhook_module.HookEventStatus:
 		return convertUnmarshalledJSON(rc.Status, data)
+	case webhook_module.HookEventWorkflowRun:
+		return convertUnmarshalledJSON(rc.WorkflowRun, data)
 	case webhook_module.HookEventWorkflowJob:
 		return convertUnmarshalledJSON(rc.WorkflowJob, data)
 	}
@@ -92,7 +95,10 @@ func newJSONRequest[T any](pc payloadConvertor[T], w *webhook_model.Webhook, t *
 	if err != nil {
 		return nil, nil, err
 	}
+	return prepareJSONRequest(payload, w, t, withDefaultHeaders)
+}
 
+func prepareJSONRequest[T any](payload T, w *webhook_model.Webhook, t *webhook_model.HookTask, withDefaultHeaders bool) (*http.Request, []byte, error) {
 	body, err := json.MarshalIndent(payload, "", "  ")
 	if err != nil {
 		return nil, nil, err
diff --git a/services/webhook/slack.go b/services/webhook/slack.go
index 589ef3fe9b..3d645a55d0 100644
--- a/services/webhook/slack.go
+++ b/services/webhook/slack.go
@@ -173,6 +173,12 @@ func (s slackConvertor) Status(p *api.CommitStatusPayload) (SlackPayload, error)
 	return s.createPayload(text, nil), nil
 }
 
+func (s slackConvertor) WorkflowRun(p *api.WorkflowRunPayload) (SlackPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, SlackLinkFormatter, true)
+
+	return s.createPayload(text, nil), nil
+}
+
 func (s slackConvertor) WorkflowJob(p *api.WorkflowJobPayload) (SlackPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, SlackLinkFormatter, true)
 
diff --git a/services/webhook/telegram.go b/services/webhook/telegram.go
index ca74eabe1c..fdd428b45c 100644
--- a/services/webhook/telegram.go
+++ b/services/webhook/telegram.go
@@ -180,6 +180,12 @@ func (t telegramConvertor) Status(p *api.CommitStatusPayload) (TelegramPayload,
 	return createTelegramPayloadHTML(text), nil
 }
 
+func (telegramConvertor) WorkflowRun(p *api.WorkflowRunPayload) (TelegramPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, htmlLinkFormatter, true)
+
+	return createTelegramPayloadHTML(text), nil
+}
+
 func (telegramConvertor) WorkflowJob(p *api.WorkflowJobPayload) (TelegramPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, htmlLinkFormatter, true)
 
@@ -189,7 +195,7 @@ func (telegramConvertor) WorkflowJob(p *api.WorkflowJobPayload) (TelegramPayload
 func createTelegramPayloadHTML(msgHTML string) TelegramPayload {
 	// https://core.telegram.org/bots/api#formatting-options
 	return TelegramPayload{
-		Message:           strings.TrimSpace(markup.Sanitize(msgHTML)),
+		Message:           strings.TrimSpace(string(markup.Sanitize(msgHTML))),
 		ParseMode:         "HTML",
 		DisableWebPreview: true,
 	}
diff --git a/services/webhook/webhook_test.go b/services/webhook/webhook_test.go
index 6bac02712b..5a805347e3 100644
--- a/services/webhook/webhook_test.go
+++ b/services/webhook/webhook_test.go
@@ -13,6 +13,7 @@ import (
 	webhook_model "code.gitea.io/gitea/models/webhook"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/convert"
 
@@ -84,7 +85,8 @@ func TestPrepareWebhooksBranchFilterNoMatch(t *testing.T) {
 
 func TestWebhookUserMail(t *testing.T) {
 	require.NoError(t, unittest.PrepareTestDatabase())
-	setting.Service.NoReplyAddress = "no-reply.com"
+	defer test.MockVariableValue(&setting.Service.NoReplyAddress, "no-reply.com")()
+
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
 	assert.Equal(t, user.GetPlaceholderEmail(), convert.ToUser(db.DefaultContext, user, nil).Email)
 	assert.Equal(t, user.Email, convert.ToUser(db.DefaultContext, user, user).Email)
diff --git a/services/webhook/wechatwork.go b/services/webhook/wechatwork.go
index 2b19822caf..1875317406 100644
--- a/services/webhook/wechatwork.go
+++ b/services/webhook/wechatwork.go
@@ -181,6 +181,12 @@ func (wc wechatworkConvertor) Status(p *api.CommitStatusPayload) (WechatworkPayl
 	return newWechatworkMarkdownPayload(text), nil
 }
 
+func (wc wechatworkConvertor) WorkflowRun(p *api.WorkflowRunPayload) (WechatworkPayload, error) {
+	text, _ := getWorkflowRunPayloadInfo(p, noneLinkFormatter, true)
+
+	return newWechatworkMarkdownPayload(text), nil
+}
+
 func (wc wechatworkConvertor) WorkflowJob(p *api.WorkflowJobPayload) (WechatworkPayload, error) {
 	text, _ := getWorkflowJobPayloadInfo(p, noneLinkFormatter, true)
 
diff --git a/services/webtheme/webtheme.go b/services/webtheme/webtheme.go
index 58aea3bc74..4e89d6dbac 100644
--- a/services/webtheme/webtheme.go
+++ b/services/webtheme/webtheme.go
@@ -70,11 +70,11 @@ func parseThemeMetaInfoToMap(cssContent string) map[string]string {
 	m := map[string]string{}
 	for _, item := range matchedItems {
 		v := item[3]
-		if strings.HasPrefix(v, `"`) {
-			v = strings.TrimSuffix(strings.TrimPrefix(v, `"`), `"`)
+		if after, ok := strings.CutPrefix(v, `"`); ok {
+			v = strings.TrimSuffix(after, `"`)
 			v = strings.ReplaceAll(v, `\"`, `"`)
-		} else if strings.HasPrefix(v, `'`) {
-			v = strings.TrimSuffix(strings.TrimPrefix(v, `'`), `'`)
+		} else if after, ok := strings.CutPrefix(v, `'`); ok {
+			v = strings.TrimSuffix(after, `'`)
 			v = strings.ReplaceAll(v, `\'`, `'`)
 		}
 		m[item[2]] = v
diff --git a/services/wiki/wiki.go b/services/wiki/wiki.go
index b21f46639d..0a955406e2 100644
--- a/services/wiki/wiki.go
+++ b/services/wiki/wiki.go
@@ -102,15 +102,11 @@ func updateWikiPage(ctx context.Context, doer *user_model.User, repo *repo_model
 
 	hasDefaultBranch := gitrepo.IsBranchExist(ctx, repo.WikiStorageRepo(), repo.DefaultWikiBranch)
 
-	basePath, err := repo_module.CreateTemporaryPath("update-wiki")
+	basePath, cleanup, err := repo_module.CreateTemporaryPath("update-wiki")
 	if err != nil {
 		return err
 	}
-	defer func() {
-		if err := repo_module.RemoveTemporaryPath(basePath); err != nil {
-			log.Error("Merge: RemoveTemporaryPath: %s", err)
-		}
-	}()
+	defer cleanup()
 
 	cloneOpts := git.CloneRepoOptions{
 		Bare:   true,
@@ -198,7 +194,7 @@ func updateWikiPage(ctx context.Context, doer *user_model.User, repo *repo_model
 
 	sign, signingKey, signer, _ := asymkey_service.SignWikiCommit(ctx, repo, doer)
 	if sign {
-		commitTreeOpts.KeyID = signingKey
+		commitTreeOpts.Key = signingKey
 		if repo.GetTrustModel() == repo_model.CommitterTrustModel || repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
 			committer = signer
 		}
@@ -264,15 +260,11 @@ func DeleteWikiPage(ctx context.Context, doer *user_model.User, repo *repo_model
 		return fmt.Errorf("InitWiki: %w", err)
 	}
 
-	basePath, err := repo_module.CreateTemporaryPath("update-wiki")
+	basePath, cleanup, err := repo_module.CreateTemporaryPath("update-wiki")
 	if err != nil {
 		return err
 	}
-	defer func() {
-		if err := repo_module.RemoveTemporaryPath(basePath); err != nil {
-			log.Error("Merge: RemoveTemporaryPath: %s", err)
-		}
-	}()
+	defer cleanup()
 
 	if err := git.Clone(ctx, repo.WikiPath(), basePath, git.CloneRepoOptions{
 		Bare:   true,
@@ -324,7 +316,7 @@ func DeleteWikiPage(ctx context.Context, doer *user_model.User, repo *repo_model
 
 	sign, signingKey, signer, _ := asymkey_service.SignWikiCommit(ctx, repo, doer)
 	if sign {
-		commitTreeOpts.KeyID = signingKey
+		commitTreeOpts.Key = signingKey
 		if repo.GetTrustModel() == repo_model.CommitterTrustModel || repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
 			committer = signer
 		}
@@ -373,7 +365,7 @@ func ChangeDefaultWikiBranch(ctx context.Context, repo *repo_model.Repository, n
 	}
 	return db.WithTx(ctx, func(ctx context.Context) error {
 		repo.DefaultWikiBranch = newBranch
-		if err := repo_model.UpdateRepositoryCols(ctx, repo, "default_wiki_branch"); err != nil {
+		if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, repo, "default_wiki_branch"); err != nil {
 			return fmt.Errorf("unable to update database: %w", err)
 		}
 
diff --git a/services/wiki/wiki_test.go b/services/wiki/wiki_test.go
index 288d258279..6ea3ca9c1b 100644
--- a/services/wiki/wiki_test.go
+++ b/services/wiki/wiki_test.go
@@ -26,7 +26,7 @@ func TestMain(m *testing.M) {
 
 func TestWebPathSegments(t *testing.T) {
 	a := WebPathSegments("a%2Fa/b+c/d-e/f-g.-")
-	assert.EqualValues(t, []string{"a/a", "b c", "d e", "f-g"}, a)
+	assert.Equal(t, []string{"a/a", "b c", "d e", "f-g"}, a)
 }
 
 func TestUserTitleToWebPath(t *testing.T) {
@@ -63,7 +63,7 @@ func TestWebPathToDisplayName(t *testing.T) {
 		{"a b", "a%20b.md"},
 	} {
 		_, displayName := WebPathToUserTitle(test.WebPath)
-		assert.EqualValues(t, test.Expected, displayName)
+		assert.Equal(t, test.Expected, displayName)
 	}
 }
 
@@ -80,7 +80,7 @@ func TestWebPathToGitPath(t *testing.T) {
 		{"2000-01-02-meeting.md", "2000-01-02+meeting"},
 		{"2000-01-02 meeting.-.md", "2000-01-02%20meeting.-"},
 	} {
-		assert.EqualValues(t, test.Expected, WebPathToGitPath(test.WikiName))
+		assert.Equal(t, test.Expected, WebPathToGitPath(test.WikiName))
 	}
 }
 
@@ -116,9 +116,9 @@ func TestGitPathToWebPath(t *testing.T) {
 func TestUserWebGitPathConsistency(t *testing.T) {
 	maxLen := 20
 	b := make([]byte, maxLen)
-	for i := 0; i < 1000; i++ {
+	for range 1000 {
 		l := rand.Intn(maxLen)
-		for j := 0; j < l; j++ {
+		for j := range l {
 			r := rand.Intn(0x80-0x20) + 0x20
 			b[j] = byte(r)
 		}
@@ -134,9 +134,9 @@ func TestUserWebGitPathConsistency(t *testing.T) {
 		_, userTitle1 := WebPathToUserTitle(webPath1)
 		gitPath1 := WebPathToGitPath(webPath1)
 
-		assert.EqualValues(t, userTitle, userTitle1, "UserTitle for userTitle: %q", userTitle)
-		assert.EqualValues(t, webPath, webPath1, "WebPath for userTitle: %q", userTitle)
-		assert.EqualValues(t, gitPath, gitPath1, "GitPath for userTitle: %q", userTitle)
+		assert.Equal(t, userTitle, userTitle1, "UserTitle for userTitle: %q", userTitle)
+		assert.Equal(t, webPath, webPath1, "WebPath for userTitle: %q", userTitle)
+		assert.Equal(t, gitPath, gitPath1, "GitPath for userTitle: %q", userTitle)
 	}
 }
 
@@ -175,7 +175,7 @@ func TestRepository_AddWikiPage(t *testing.T) {
 			gitPath := WebPathToGitPath(webPath)
 			entry, err := masterTree.GetTreeEntryByPath(gitPath)
 			assert.NoError(t, err)
-			assert.EqualValues(t, gitPath, entry.Name(), "%s not added correctly", userTitle)
+			assert.Equal(t, gitPath, entry.Name(), "%s not added correctly", userTitle)
 		})
 	}
 
@@ -220,7 +220,7 @@ func TestRepository_EditWikiPage(t *testing.T) {
 		gitPath := WebPathToGitPath(webPath)
 		entry, err := masterTree.GetTreeEntryByPath(gitPath)
 		assert.NoError(t, err)
-		assert.EqualValues(t, gitPath, entry.Name(), "%s not edited correctly", newWikiName)
+		assert.Equal(t, gitPath, entry.Name(), "%s not edited correctly", newWikiName)
 
 		if newWikiName != "Home" {
 			_, err := masterTree.GetTreeEntryByPath("Home.md")
@@ -290,7 +290,7 @@ func TestPrepareWikiFileName(t *testing.T) {
 					t.Errorf("expect to find an escaped file but we could not detect one")
 				}
 			}
-			assert.EqualValues(t, tt.wikiPath, newWikiPath)
+			assert.Equal(t, tt.wikiPath, newWikiPath)
 		})
 	}
 }
@@ -312,13 +312,13 @@ func TestPrepareWikiFileName_FirstPage(t *testing.T) {
 	existence, newWikiPath, err := prepareGitPath(gitRepo, "master", "Home")
 	assert.False(t, existence)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "Home.md", newWikiPath)
+	assert.Equal(t, "Home.md", newWikiPath)
 }
 
 func TestWebPathConversion(t *testing.T) {
 	assert.Equal(t, "path/wiki", WebPathToURLPath(WebPath("path/wiki")))
 	assert.Equal(t, "wiki", WebPathToURLPath(WebPath("wiki")))
-	assert.Equal(t, "", WebPathToURLPath(WebPath("")))
+	assert.Empty(t, WebPathToURLPath(WebPath("")))
 }
 
 func TestWebPathFromRequest(t *testing.T) {
diff --git a/tailwind.config.js b/tailwind.config.js
index fe285432f3..fa233a9814 100644
--- a/tailwind.config.js
+++ b/tailwind.config.js
@@ -29,11 +29,10 @@ export default {
   important: true, // the frameworks are mixed together, so tailwind needs to override other framework's styles
   content: [
     isProduction && '!./templates/devtest/**/*',
-    isProduction && '!./web_src/js/standalone/devtest.js',
+    isProduction && '!./web_src/js/standalone/devtest.ts',
     '!./templates/swagger/v1_json.tmpl',
     '!./templates/user/auth/oidc_wellknown.tmpl',
     '!**/*_test.go',
-    '!./modules/{public,options,templates}/bindata.go',
     './{build,models,modules,routers,services}/**/*.go',
     './templates/**/*.tmpl',
     './web_src/js/**/*.{ts,js,vue}',
diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl
index 660f0d0881..7b96b4e94f 100644
--- a/templates/admin/auth/edit.tmpl
+++ b/templates/admin/auth/edit.tmpl
@@ -15,7 +15,14 @@
 				</div>
 				<div class="required inline field {{if .Err_Name}}error{{end}}">
 					<label for="auth_name">{{ctx.Locale.Tr "admin.auths.auth_name"}}</label>
-					<input id="auth_name" name="name" value="{{.Source.Name}}" autofocus required>
+					<input id="auth_name" name="name" value="{{.Source.Name}}" required>
+				</div>
+				<div class="inline field">
+					<div class="ui checkbox">
+						<label ><strong>{{ctx.Locale.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
+						<input name="two_factor_policy" type="checkbox" value="skip" {{if eq .Source.TwoFactorPolicy "skip"}}checked{{end}}>
+						<p class="help">{{ctx.Locale.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
+					</div>
 				</div>
 
 				<!-- LDAP and DLDAP -->
@@ -159,13 +166,6 @@
 							</div>
 						</div>
 					{{end}}
-					<div class="optional field">
-						<div class="ui checkbox">
-							<label for="skip_local_two_fa"><strong>{{ctx.Locale.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
-							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
-							<p class="help">{{ctx.Locale.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
-						</div>
-					</div>
 					<div class="inline field">
 						<div class="ui checkbox">
 							<label for="allow_deactivate_all"><strong>{{ctx.Locale.Tr "admin.auths.allow_deactivate_all"}}</strong></label>
@@ -227,13 +227,6 @@
 						<input id="allowed_domains" name="allowed_domains" value="{{$cfg.AllowedDomains}}">
 						<p class="help">{{ctx.Locale.Tr "admin.auths.allowed_domains_helper"}}</p>
 					</div>
-					<div class="optional field">
-						<div class="ui checkbox">
-							<label for="skip_local_two_fa"><strong>{{ctx.Locale.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
-							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
-							<p class="help">{{ctx.Locale.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
-						</div>
-					</div>
 				{{end}}
 
 				<!-- PAM -->
@@ -247,13 +240,6 @@
 						<label for="pam_email_domain">{{ctx.Locale.Tr "admin.auths.pam_email_domain"}}</label>
 						<input id="pam_email_domain" name="pam_email_domain" value="{{$cfg.EmailDomain}}">
 					</div>
-					<div class="optional field">
-						<div class="ui checkbox">
-							<label for="skip_local_two_fa"><strong>{{ctx.Locale.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
-							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
-							<p class="help">{{ctx.Locale.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
-						</div>
-					</div>
 				{{end}}
 
 				<!-- OAuth2 -->
@@ -288,13 +274,6 @@
 						<label for="open_id_connect_auto_discovery_url">{{ctx.Locale.Tr "admin.auths.openIdConnectAutoDiscoveryURL"}}</label>
 						<input id="open_id_connect_auto_discovery_url" name="open_id_connect_auto_discovery_url" value="{{$cfg.OpenIDConnectAutoDiscoveryURL}}">
 					</div>
-					<div class="optional field">
-						<div class="ui checkbox">
-							<label for="skip_local_two_fa"><strong>{{ctx.Locale.Tr "admin.auths.skip_local_two_fa"}}</strong></label>
-							<input id="skip_local_two_fa" name="skip_local_two_fa" type="checkbox" {{if $cfg.SkipLocalTwoFA}}checked{{end}}>
-							<p class="help">{{ctx.Locale.Tr "admin.auths.skip_local_two_fa_helper"}}</p>
-						</div>
-					</div>
 					<div class="oauth2_use_custom_url inline field">
 						<div class="ui checkbox">
 							<label><strong>{{ctx.Locale.Tr "admin.auths.oauth2_use_custom_url"}}</strong></label>
@@ -322,20 +301,31 @@
 						<input id="oauth2_tenant" name="oauth2_tenant" value="{{if $cfg.CustomURLMapping}}{{$cfg.CustomURLMapping.Tenant}}{{end}}">
 					</div>
 
-					{{range .OAuth2Providers}}{{if .CustomURLSettings}}
+					{{range .OAuth2Providers}}
+						<input id="{{.Name}}_SupportSSHPublicKey" value="{{.SupportSSHPublicKey}}" type="hidden">
+						{{if .CustomURLSettings}}
 						<input id="{{.Name}}_customURLSettings" type="hidden" data-required="{{.CustomURLSettings.Required}}" data-available="true">
 						<input id="{{.Name}}_token_url" value="{{.CustomURLSettings.TokenURL.Value}}" data-available="{{.CustomURLSettings.TokenURL.Available}}" data-required="{{.CustomURLSettings.TokenURL.Required}}" type="hidden">
 						<input id="{{.Name}}_auth_url" value="{{.CustomURLSettings.AuthURL.Value}}" data-available="{{.CustomURLSettings.AuthURL.Available}}" data-required="{{.CustomURLSettings.AuthURL.Required}}" type="hidden">
 						<input id="{{.Name}}_profile_url" value="{{.CustomURLSettings.ProfileURL.Value}}" data-available="{{.CustomURLSettings.ProfileURL.Available}}" data-required="{{.CustomURLSettings.ProfileURL.Required}}" type="hidden">
 						<input id="{{.Name}}_email_url" value="{{.CustomURLSettings.EmailURL.Value}}" data-available="{{.CustomURLSettings.EmailURL.Available}}" data-required="{{.CustomURLSettings.EmailURL.Required}}" type="hidden">
 						<input id="{{.Name}}_tenant" value="{{.CustomURLSettings.Tenant.Value}}" data-available="{{.CustomURLSettings.Tenant.Available}}" data-required="{{.CustomURLSettings.Tenant.Required}}" type="hidden">
-					{{end}}{{end}}
+						{{end}}
+				{{end}}
 
 					<div class="field">
 						<label for="oauth2_scopes">{{ctx.Locale.Tr "admin.auths.oauth2_scopes"}}</label>
 						<input id="oauth2_scopes" name="oauth2_scopes" value="{{if $cfg.Scopes}}{{StringUtils.Join $cfg.Scopes ","}}{{end}}">
 					</div>
 					<div class="field">
+						<label>{{ctx.Locale.Tr "admin.auths.oauth2_full_name_claim_name"}}</label>
+						<input name="oauth2_full_name_claim_name" value="{{$cfg.FullNameClaimName}}" placeholder="name">
+					</div>
+					<div class="field oauth2_ssh_public_key_claim_name">
+						<label>{{ctx.Locale.Tr "admin.auths.oauth2_ssh_public_key_claim_name"}}</label>
+						<input name="oauth2_ssh_public_key_claim_name" value="{{$cfg.SSHPublicKeyClaimName}}" placeholder="sshpubkey">
+					</div>
+					<div class="field">
 						<label for="oauth2_required_claim_name">{{ctx.Locale.Tr "admin.auths.oauth2_required_claim_name"}}</label>
 						<input id="oauth2_required_claim_name" name="oauth2_required_claim_name" value="{{$cfg.RequiredClaimName}}">
 						<p class="help">{{ctx.Locale.Tr "admin.auths.oauth2_required_claim_name_helper"}}</p>
@@ -429,7 +419,10 @@
 
 				<div class="field">
 					<button class="ui primary button">{{ctx.Locale.Tr "admin.auths.update"}}</button>
-					<button class="ui red button delete-button" data-url="{{$.Link}}/delete" data-id="{{.Source.ID}}">{{ctx.Locale.Tr "admin.auths.delete"}}</button>
+					<button class="ui red button link-action" data-url="{{$.Link}}/delete?id={{.Source.ID}}"
+						data-modal-confirm-header="{{ctx.Locale.Tr "admin.auths.delete_auth_title"}}"
+						data-modal-confirm-content="{{ctx.Locale.Tr "admin.auths.delete_auth_desc"}}"
+					>{{ctx.Locale.Tr "admin.auths.delete"}}</button>
 				</div>
 			</form>
 		</div>
@@ -445,16 +438,4 @@
 			<p class="oauth2">{{ctx.Locale.Tr "admin.auths.tips.oauth2.general.tip"}} <b id="oauth2-callback-url"></b></p>
 		</div>
 	</div>
-
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "admin.auths.delete_auth_title"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "admin.auths.delete_auth_desc"}}</p>
-	</div>
-	{{template "base/modal_actions_confirm" .}}
-</div>
-
 {{template "admin/layout_footer" .}}
diff --git a/templates/admin/auth/source/oauth.tmpl b/templates/admin/auth/source/oauth.tmpl
index f02c5bdf30..69590635e4 100644
--- a/templates/admin/auth/source/oauth.tmpl
+++ b/templates/admin/auth/source/oauth.tmpl
@@ -63,19 +63,31 @@
 		<input id="oauth2_tenant" name="oauth2_tenant" value="{{.oauth2_tenant}}">
 	</div>
 
-	{{range .OAuth2Providers}}{{if .CustomURLSettings}}
+	{{range .OAuth2Providers}}
+		<input id="{{.Name}}_SupportSSHPublicKey" value="{{.SupportSSHPublicKey}}" type="hidden">
+		{{if .CustomURLSettings}}
 		<input id="{{.Name}}_customURLSettings" type="hidden" data-required="{{.CustomURLSettings.Required}}" data-available="true">
 		<input id="{{.Name}}_token_url" value="{{.CustomURLSettings.TokenURL.Value}}" data-available="{{.CustomURLSettings.TokenURL.Available}}" data-required="{{.CustomURLSettings.TokenURL.Required}}" type="hidden">
 		<input id="{{.Name}}_auth_url" value="{{.CustomURLSettings.AuthURL.Value}}" data-available="{{.CustomURLSettings.AuthURL.Available}}" data-required="{{.CustomURLSettings.AuthURL.Required}}" type="hidden">
 		<input id="{{.Name}}_profile_url" value="{{.CustomURLSettings.ProfileURL.Value}}" data-available="{{.CustomURLSettings.ProfileURL.Available}}" data-required="{{.CustomURLSettings.ProfileURL.Required}}" type="hidden">
 		<input id="{{.Name}}_email_url" value="{{.CustomURLSettings.EmailURL.Value}}" data-available="{{.CustomURLSettings.EmailURL.Available}}" data-required="{{.CustomURLSettings.EmailURL.Required}}" type="hidden">
 		<input id="{{.Name}}_tenant" value="{{.CustomURLSettings.Tenant.Value}}" data-available="{{.CustomURLSettings.Tenant.Available}}" data-required="{{.CustomURLSettings.Tenant.Required}}" type="hidden">
-	{{end}}{{end}}
+		{{end}}
+	{{end}}
 
 	<div class="field">
 		<label for="oauth2_scopes">{{ctx.Locale.Tr "admin.auths.oauth2_scopes"}}</label>
 		<input id="oauth2_scopes" name="oauth2_scopes" value="{{.oauth2_scopes}}">
 	</div>
+
+	<div class="field">
+		<label>{{ctx.Locale.Tr "admin.auths.oauth2_full_name_claim_name"}}</label>
+		<input name="oauth2_full_name_claim_name" value="{{.oauth2_full_name_claim_name}}" placeholder="name">
+	</div>
+	<div class="field oauth2_ssh_public_key_claim_name">
+		<label>{{ctx.Locale.Tr "admin.auths.oauth2_ssh_public_key_claim_name"}}</label>
+		<input name="oauth2_ssh_public_key_claim_name" value="{{.oauth2_ssh_public_key_claim_name}}" placeholder="sshpubkey">
+	</div>
 	<div class="field">
 		<label for="oauth2_required_claim_name">{{ctx.Locale.Tr "admin.auths.oauth2_required_claim_name"}}</label>
 		<input id="oauth2_required_claim_name" name="oauth2_required_claim_name" value="{{.oauth2_required_claim_name}}">
diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl
index 29a5e1b473..806347c720 100644
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -69,10 +69,6 @@
 					{{if not .SSH.StartBuiltinServer}}
 						<dt>{{ctx.Locale.Tr "admin.config.ssh_root_path"}}</dt>
 						<dd>{{.SSH.RootPath}}</dd>
-						<dt>{{ctx.Locale.Tr "admin.config.ssh_key_test_path"}}</dt>
-						<dd>{{.SSH.KeyTestPath}}</dd>
-						<dt>{{ctx.Locale.Tr "admin.config.ssh_keygen_path"}}</dt>
-						<dd>{{.SSH.KeygenPath}}</dd>
 						<dt>{{ctx.Locale.Tr "admin.config.ssh_minimum_key_size_check"}}</dt>
 						<dd>{{svg (Iif .SSH.MinimumKeySizeCheck "octicon-check" "octicon-x")}}</dd>
 						{{if .SSH.MinimumKeySizeCheck}}
@@ -148,7 +144,7 @@
 				<dt>{{ctx.Locale.Tr "admin.config.enable_openid_signin"}}</dt>
 				<dd>{{svg (Iif .Service.EnableOpenIDSignIn "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.require_sign_in_view"}}</dt>
-				<dd>{{svg (Iif .Service.RequireSignInView "octicon-check" "octicon-x")}}</dd>
+				<dd>{{svg (Iif .Service.RequireSignInViewStrict "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.mail_notify"}}</dt>
 				<dd>{{svg (Iif .Service.EnableNotifyMail "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.enable_captcha"}}</dt>
diff --git a/templates/admin/hooks.tmpl b/templates/admin/hooks.tmpl
index c77d27dbd0..d5fdef6850 100644
--- a/templates/admin/hooks.tmpl
+++ b/templates/admin/hooks.tmpl
@@ -1,9 +1,6 @@
 {{template "admin/layout_head" (dict "ctxData" . "pageClass" "admin hooks")}}
 	<div class="admin-setting-content">
-
 		{{template "repo/settings/webhook/base_list" .SystemWebhooks}}
 		{{template "repo/settings/webhook/base_list" .DefaultWebhooks}}
-
-		{{template "repo/settings/webhook/delete_modal" .}}
 	</div>
 {{template "admin/layout_footer" .}}
diff --git a/templates/admin/packages/list.tmpl b/templates/admin/packages/list.tmpl
index 0c6889b599..4817f2681b 100644
--- a/templates/admin/packages/list.tmpl
+++ b/templates/admin/packages/list.tmpl
@@ -72,7 +72,12 @@
 							</td>
 							<td>{{FileSize .CalculateBlobSize}}</td>
 							<td>{{DateUtils.AbsoluteShort .Version.CreatedUnix}}</td>
-							<td><a class="delete-button" href="" data-url="{{$.Link}}/delete?page={{$.Page.Paginater.Current}}&sort={{$.SortType}}" data-id="{{.Version.ID}}" data-name="{{.Package.Name}}" data-data-version="{{.Version.Version}}">{{svg "octicon-trash"}}</a></td>
+							<td>
+								<a class="text red show-modal" href data-modal="#admin-package-delete-modal"
+									data-modal-form.action="{{$.Link}}/delete?page={{$.Page.Paginater.Current}}&sort={{$.SortType}}&id={{.Version.ID}}"
+									data-modal-package-name="{{.Package.Name}}" data-modal-package-version="{{.Version.Version}}"
+								>{{svg "octicon-trash"}}</a>
+							</td>
 						</tr>
 					{{else}}
 						<tr><td class="tw-text-center" colspan="10">{{ctx.Locale.Tr "no_results_found"}}</td></tr>
@@ -84,15 +89,13 @@
 		{{template "base/paginate" .}}
 	</div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "packages.settings.delete"}}
-	</div>
+<form class="ui small modal form-fetch-action" method="post" id="admin-package-delete-modal">
+	{{.CsrfTokenHtml}}
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "packages.settings.delete"}}</div>
 	<div class="content">
-		{{ctx.Locale.Tr "packages.settings.delete.notice" (`<span class="name"></span>`|SafeHTML) (`<span class="dataVersion"></span>`|SafeHTML)}}
+		{{ctx.Locale.Tr "packages.settings.delete.notice" (HTMLFormat `<span class="%s"></span>` "package-name") (HTMLFormat `<span class="%s"></span>` "package-version")}}
 	</div>
 	{{template "base/modal_actions_confirm" .}}
-</div>
+</form>
 
 {{template "admin/layout_footer" .}}
diff --git a/templates/admin/repo/list.tmpl b/templates/admin/repo/list.tmpl
index 762013af47..767d00fa74 100644
--- a/templates/admin/repo/list.tmpl
+++ b/templates/admin/repo/list.tmpl
@@ -7,10 +7,10 @@
 			</div>
 		</h4>
 		<div class="ui attached segment">
-			{{template "shared/repo_search" .}}
+			{{template "shared/repo/search" .}}
 		</div>
 		<div class="ui attached table segment">
-			<table class="ui very basic striped table unstackable">
+			<table class="ui very basic striped table selectable unstackable">
 				<thead>
 					<tr>
 						<th data-sortt-asc="oldest" data-sortt-desc="newest">ID{{SortArrow "oldest" "newest" $.SortType false}}</th>
@@ -84,7 +84,12 @@
 							<td>{{FileSize .LFSSize}}</td>
 							<td>{{DateUtils.AbsoluteShort .UpdatedUnix}}</td>
 							<td>{{DateUtils.AbsoluteShort .CreatedUnix}}</td>
-							<td><a class="delete-button" href="" data-url="{{$.Link}}/delete?page={{$.Page.Paginater.Current}}&sort={{$.SortType}}" data-id="{{.ID}}" data-name="{{.Name}}">{{svg "octicon-trash"}}</a></td>
+							<td>
+								<a class="text red show-modal" href data-modal="#admin-repo-delete-modal"
+									data-modal-form.action="{{$.Link}}/delete?page={{$.Page.Paginater.Current}}&sort={{$.SortType}}&id={{.ID}}"
+									data-modal-repo-name="{{.Name}}"
+								>{{svg "octicon-trash"}}</a>
+							</td>
 						</tr>
 					{{else}}
 						<tr><td class="tw-text-center" colspan="12">{{ctx.Locale.Tr "no_results_found"}}</td></tr>
@@ -96,17 +101,15 @@
 		{{template "base/paginate" .}}
 	</div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.settings.delete"}}
-	</div>
+<form class="ui small modal form-fetch-action" id="admin-repo-delete-modal" method="post">
+	{{.CsrfTokenHtml}}
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.settings.delete"}}</div>
 	<div class="content">
 		<p>{{ctx.Locale.Tr "repo.settings.delete_desc"}}</p>
-		{{ctx.Locale.Tr "repo.settings.delete_notices_2" (`<span class="name"></span>`|SafeHTML)}}<br>
+		{{ctx.Locale.Tr "repo.settings.delete_notices_2" (HTMLFormat `<span class="%s"></span>` "repo-name")}}<br>
 		{{ctx.Locale.Tr "repo.settings.delete_notices_fork_1"}}<br>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
-</div>
+</form>
 
 {{template "admin/layout_footer" .}}
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index c04d332660..879b5cb550 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -9,7 +9,7 @@
 				{{.CsrfTokenHtml}}
 				<div class="field {{if .Err_UserName}}error{{end}}">
 					<label for="user_name">{{ctx.Locale.Tr "username"}}</label>
-					<input id="user_name" name="user_name" value="{{.User.Name}}" autofocus {{if not .User.IsLocal}}disabled{{end}} maxlength="40">
+					<input id="user_name" name="user_name" value="{{.User.Name}}" {{if not .User.IsLocal}}disabled{{end}} maxlength="40">
 				</div>
 				<!-- Types and name -->
 				<div class="inline required field {{if .Err_LoginType}}error{{end}}">
@@ -55,7 +55,7 @@
 
 				<div class="required non-local field {{if .Err_LoginName}}error{{end}} {{if eq .User.LoginSource 0}}tw-hidden{{end}}">
 					<label for="login_name">{{ctx.Locale.Tr "admin.users.auth_login_name"}}</label>
-					<input id="login_name" name="login_name" value="{{.User.LoginName}}" autofocus>
+					<input id="login_name" name="login_name" value="{{.User.LoginName}}">
 				</div>
 				<div class="field {{if .Err_FullName}}error{{end}}">
 					<label for="full_name">{{ctx.Locale.Tr "settings.full_name"}}</label>
@@ -63,7 +63,7 @@
 				</div>
 				<div class="required field {{if .Err_Email}}error{{end}}">
 					<label for="email">{{ctx.Locale.Tr "email"}}</label>
-					<input id="email" name="email" type="email" value="{{.User.Email}}" autofocus required>
+					<input id="email" name="email" type="email" value="{{.User.Email}}" required>
 				</div>
 				<div class="local field {{if .Err_Password}}error{{end}} {{if not (or (.User.IsLocal) (.User.IsOAuth2))}}tw-hidden{{end}}">
 					<label for="password">{{ctx.Locale.Tr "password"}}</label>
diff --git a/templates/admin/user/list.tmpl b/templates/admin/user/list.tmpl
index eb3f6cd720..49f62dda74 100644
--- a/templates/admin/user/list.tmpl
+++ b/templates/admin/user/list.tmpl
@@ -56,7 +56,7 @@
 			</form>
 		</div>
 		<div class="ui attached table segment">
-			<table class="ui very basic striped table unstackable">
+			<table class="ui very basic striped selectable table unstackable">
 				<thead>
 					<tr>
 						<th data-sortt-asc="oldest" data-sortt-desc="newest">ID{{SortArrow "oldest" "newest" .SortType false}}</th>
diff --git a/templates/admin/user/view.tmpl b/templates/admin/user/view.tmpl
index 21943a8382..67f9148e64 100644
--- a/templates/admin/user/view.tmpl
+++ b/templates/admin/user/view.tmpl
@@ -15,10 +15,7 @@
 		</div>
 		<div class="tw-flex-1">
 			<h4 class="ui top attached header">
-				{{ctx.Locale.Tr "admin.emails"}}
-				<div class="ui right">
-					{{.EmailsTotal}}
-				</div>
+				{{ctx.Locale.Tr "admin.emails"}} ({{ctx.Locale.Tr "admin.total" .EmailsTotal}})
 			</h4>
 			<div class="ui attached segment">
 				{{template "admin/user/view_emails" .}}
@@ -26,19 +23,13 @@
 		</div>
 	</div>
 	<h4 class="ui top attached header">
-		{{ctx.Locale.Tr "admin.repositories"}}
-		<div class="ui right">
-			{{.ReposTotal}}
-		</div>
+		{{ctx.Locale.Tr "admin.repositories"}} ({{ctx.Locale.Tr "admin.total" .ReposTotal}})
 	</h4>
 	<div class="ui attached segment">
-		{{template "explore/repo_list" .}}
+		{{template "shared/repo/list" .}}
 	</div>
 	<h4 class="ui top attached header">
-		{{ctx.Locale.Tr "settings.organization"}}
-		<div class="ui right">
-			{{.OrgsTotal}}
-		</div>
+		{{ctx.Locale.Tr "settings.organization"}} ({{ctx.Locale.Tr "admin.total" .OrgsTotal}})
 	</h4>
 	<div class="ui attached segment">
 		{{template "explore/user_list" .}}
diff --git a/templates/base/alert.tmpl b/templates/base/alert.tmpl
index 3f6d77a645..5ebe191771 100644
--- a/templates/base/alert.tmpl
+++ b/templates/base/alert.tmpl
@@ -18,3 +18,8 @@
 		<p>{{.Flash.WarningMsg | SanitizeHTML}}</p>
 	</div>
 {{- end -}}
+{{- if .ShowTwoFactorRequiredMessage -}}
+<div class="ui negative message flash-message flash-error">
+	<p><a href="{{AppSubUrl}}/user/settings/security/two_factor/enroll">{{ctx.Locale.Tr "auth.twofa_required"}}</a></p>
+</div>
+{{- end -}}
diff --git a/templates/base/footer.tmpl b/templates/base/footer.tmpl
index fed426a469..3af66e7369 100644
--- a/templates/base/footer.tmpl
+++ b/templates/base/footer.tmpl
@@ -5,16 +5,10 @@
 	<div>
 {{end}}
 
-	{{template "custom/body_inner_post" .}}
-
+		{{template "custom/body_inner_post" .}}
 	</div>
-
 	{{template "custom/body_outer_post" .}}
-
 	{{template "base/footer_content" .}}
-
-	<script src="{{AssetUrlPrefix}}/js/index.js?v={{AssetVersion}}" onerror="alert('Failed to load asset files from ' + this.src + '. Please make sure the asset files can be accessed.')"></script>
-
 	{{template "custom/footer" .}}
 </body>
 </html>
diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index eab6c00840..b721779c95 100644
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -1,8 +1,3 @@
-{{$notificationUnreadCount := 0}}
-{{if and .IsSigned .NotificationUnreadCount}}
-	{{$notificationUnreadCount = call .NotificationUnreadCount}}
-{{end}}
-
 <nav id="navbar" aria-label="{{ctx.Locale.Tr "aria.navbar"}}">
 	<div class="navbar-left">
 		<!-- the logo -->
@@ -12,22 +7,7 @@
 
 		<!-- mobile right menu, it must be here because in mobile view, each item is a flex column, the first item is a full row column -->
 		<div class="ui secondary menu navbar-mobile-right only-mobile">
-			{{if and .IsSigned EnableTimetracking .ActiveStopwatch}}
-			<a id="mobile-stopwatch-icon" class="active-stopwatch item" href="{{.ActiveStopwatch.IssueLink}}" title="{{ctx.Locale.Tr "active_stopwatch"}}" data-seconds="{{.ActiveStopwatch.Seconds}}">
-				<div class="tw-relative">
-					{{svg "octicon-stopwatch"}}
-					<span class="header-stopwatch-dot"></span>
-				</div>
-			</a>
-			{{end}}
-			{{if .IsSigned}}
-			<a id="mobile-notifications-icon" class="item" href="{{AppSubUrl}}/notifications" data-tooltip-content="{{ctx.Locale.Tr "notifications"}}" aria-label="{{ctx.Locale.Tr "notifications"}}">
-				<div class="tw-relative">
-					{{svg "octicon-bell"}}
-					<span class="notification_count{{if not $notificationUnreadCount}} tw-hidden{{end}}">{{$notificationUnreadCount}}</span>
-				</div>
-			</a>
-			{{end}}
+			{{template "base/head_navbar_icons" dict "PageGlobalData" .PageGlobalData}}
 			<button class="item ui icon mini button tw-m-0" id="navbar-expand-toggle" aria-label="{{ctx.Locale.Tr "home.nav_menu"}}">{{svg "octicon-three-bars"}}</button>
 		</div>
 
@@ -82,22 +62,7 @@
 				</div><!-- end content avatar menu -->
 			</div><!-- end dropdown avatar menu -->
 		{{else if .IsSigned}}
-			{{if and EnableTimetracking .ActiveStopwatch}}
-			<a class="item not-mobile active-stopwatch" href="{{.ActiveStopwatch.IssueLink}}" title="{{ctx.Locale.Tr "active_stopwatch"}}" data-seconds="{{.ActiveStopwatch.Seconds}}">
-				<div class="tw-relative">
-					{{svg "octicon-stopwatch"}}
-					<span class="header-stopwatch-dot"></span>
-				</div>
-			</a>
-			{{end}}
-
-			<a class="item not-mobile" href="{{AppSubUrl}}/notifications" data-tooltip-content="{{ctx.Locale.Tr "notifications"}}" aria-label="{{ctx.Locale.Tr "notifications"}}">
-				<div class="tw-relative">
-					{{svg "octicon-bell"}}
-					<span class="notification_count{{if not $notificationUnreadCount}} tw-hidden{{end}}">{{$notificationUnreadCount}}</span>
-				</div>
-			</a>
-
+			{{template "base/head_navbar_icons" dict "ItemExtraClass" "not-mobile" "PageGlobalData" .PageGlobalData}}
 			<div class="ui dropdown jump item" data-tooltip-content="{{ctx.Locale.Tr "create_new"}}">
 				<span class="text">
 					{{svg "octicon-plus"}}
@@ -127,8 +92,6 @@
 					<span class="only-mobile">{{.SignedUser.Name}}</span>
 					<span class="not-mobile">{{svg "octicon-triangle-down"}}</span>
 				</span>
-				{{/* do not localize it, here it needs the fixed length (width) to make UI comfortable */}}
-				{{if .IsAdmin}}<span class="navbar-profile-admin">admin</span>{{end}}
 				<div class="menu user-menu">
 					<div class="header">
 						{{ctx.Locale.Tr "signed_in_as"}} <strong>{{.SignedUser.Name}}</strong>
@@ -157,14 +120,6 @@
 						{{svg "octicon-question"}}
 						{{ctx.Locale.Tr "help"}}
 					</a>
-					{{if .IsAdmin}}
-						<div class="divider"></div>
-						<a class="{{if .PageIsAdmin}}active {{end}}item" href="{{AppSubUrl}}/-/admin">
-							{{svg "octicon-server"}}
-							{{ctx.Locale.Tr "admin_panel"}}
-						</a>
-					{{end}}
-
 					<div class="divider"></div>
 					<a class="item link-action" href data-url="{{AppSubUrl}}/user/logout">
 						{{svg "octicon-sign-out"}}
@@ -186,15 +141,16 @@
 		{{end}}
 	</div><!-- end full right menu -->
 
-	{{if and .IsSigned EnableTimetracking .ActiveStopwatch}}
+	{{$activeStopwatch := and .PageGlobalData (call .PageGlobalData.GetActiveStopwatch)}}
+	{{if $activeStopwatch}}
 		<div class="active-stopwatch-popup tippy-target">
 			<div class="tw-flex tw-items-center tw-gap-2 tw-p-3">
-				<a class="stopwatch-link tw-flex tw-items-center tw-gap-2 muted" href="{{.ActiveStopwatch.IssueLink}}">
+				<a class="stopwatch-link tw-flex tw-items-center tw-gap-2 muted" href="{{$activeStopwatch.IssueLink}}">
 					{{svg "octicon-issue-opened" 16}}
-					<span class="stopwatch-issue">{{.ActiveStopwatch.RepoSlug}}#{{.ActiveStopwatch.IssueIndex}}</span>
+					<span class="stopwatch-issue">{{$activeStopwatch.RepoSlug}}#{{$activeStopwatch.IssueIndex}}</span>
 				</a>
 				<div class="tw-flex tw-gap-1">
-					<form class="stopwatch-commit form-fetch-action" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/toggle">
+					<form class="stopwatch-commit form-fetch-action" method="post" action="{{$activeStopwatch.IssueLink}}/times/stopwatch/stop">
 						{{.CsrfTokenHtml}}
 						<button
 							type="submit"
@@ -202,7 +158,7 @@
 							data-tooltip-content="{{ctx.Locale.Tr "repo.issues.stop_tracking"}}"
 						>{{svg "octicon-square-fill"}}</button>
 					</form>
-					<form class="stopwatch-cancel form-fetch-action" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/cancel">
+					<form class="stopwatch-cancel form-fetch-action" method="post" action="{{$activeStopwatch.IssueLink}}/times/stopwatch/cancel">
 						{{.CsrfTokenHtml}}
 						<button
 							type="submit"
diff --git a/templates/base/head_navbar_icons.tmpl b/templates/base/head_navbar_icons.tmpl
new file mode 100644
index 0000000000..e3bdd27992
--- /dev/null
+++ b/templates/base/head_navbar_icons.tmpl
@@ -0,0 +1,25 @@
+{{- $itemExtraClass := .ItemExtraClass -}}
+{{- $data := .PageGlobalData -}}
+{{if and $data $data.IsSigned}}{{/* data may not exist, for example: rendering 503 page before the PageGlobalData middleware */}}
+	{{- $activeStopwatch := call $data.GetActiveStopwatch -}}
+	{{- $notificationUnreadCount := call $data.GetNotificationUnreadCount -}}
+	{{if $activeStopwatch}}
+	<a class="item active-stopwatch {{$itemExtraClass}}" href="{{$activeStopwatch.IssueLink}}" title="{{ctx.Locale.Tr "active_stopwatch"}}" data-seconds="{{$activeStopwatch.Seconds}}">
+		<div class="tw-relative">
+			{{svg "octicon-stopwatch"}}
+			<span class="header-stopwatch-dot"></span>
+		</div>
+	</a>
+	{{end}}
+	<a class="item {{$itemExtraClass}}" href="{{AppSubUrl}}/notifications" data-tooltip-content="{{ctx.Locale.Tr "notifications"}}">
+		<div class="tw-relative">
+			{{svg "octicon-bell"}}
+			<span class="notification_count{{if not $notificationUnreadCount}} tw-hidden{{end}}">{{$notificationUnreadCount}}</span>
+		</div>
+	</a>
+	{{if $data.IsSiteAdmin}}
+	<a class="item {{$itemExtraClass}}" href="{{AppSubUrl}}/-/admin" data-tooltip-content="{{ctx.Locale.Tr "admin_panel"}}">
+		{{svg "octicon-server"}}
+	</a>
+	{{end}}
+{{end}}
diff --git a/templates/base/head_script.tmpl b/templates/base/head_script.tmpl
index 7c931e7404..f6648b59d8 100644
--- a/templates/base/head_script.tmpl
+++ b/templates/base/head_script.tmpl
@@ -46,4 +46,4 @@ If you introduce mistakes in it, Gitea JavaScript code wouldn't run correctly.
 	{{/* in case some pages don't render the pageData, we make sure it is an object to prevent null access */}}
 	window.config.pageData = window.config.pageData || {};
 </script>
-<script src="{{AssetUrlPrefix}}/js/webcomponents.js?v={{AssetVersion}}"></script>
+<script src="{{AssetUrlPrefix}}/js/index.js?v={{AssetVersion}}" onerror="alert('Failed to load asset files from ' + this.src + '. Please make sure the asset files can be accessed.')"></script>
diff --git a/templates/devtest/badge-actions-svg.tmpl b/templates/devtest/badge-actions-svg.tmpl
new file mode 100644
index 0000000000..5be4fb3131
--- /dev/null
+++ b/templates/devtest/badge-actions-svg.tmpl
@@ -0,0 +1,25 @@
+{{template "devtest/devtest-header"}}
+<div class="page-content devtest ui container">
+	<div>
+		<h1>Actions SVG</h1>
+		<form class="tw-my-3">
+			<div class="tw-mb-2">
+				{{range $fontName := .BadgeFontFamilyNames}}
+					<label><input name="font" type="radio" value="{{$fontName}}" {{Iif (eq $.SelectedFontFamilyName $fontName) "checked"}}>{{$fontName}}</label>
+				{{end}}
+			</div>
+			<div class="tw-mb-2">
+				{{range $style := .BadgeStyles}}
+					<label><input name="style" type="radio" value="{{$style}}" {{Iif (eq $.SelectedStyle $style) "checked"}}>{{$style}}</label>
+				{{end}}
+			</div>
+			<button>submit</button>
+		</form>
+		<div class="flex-text-block tw-flex-wrap">
+		{{range $badgeSVG := .BadgeSVGs}}
+			<div>{{$badgeSVG}}</div>
+		{{end}}
+		</div>
+	</div>
+</div>
+{{template "devtest/devtest-footer"}}
diff --git a/templates/devtest/commit-sign-badge.tmpl b/templates/devtest/badge-commit-sign.tmpl
index a6677c4495..a6677c4495 100644
--- a/templates/devtest/commit-sign-badge.tmpl
+++ b/templates/devtest/badge-commit-sign.tmpl
diff --git a/templates/devtest/devtest-header.tmpl b/templates/devtest/devtest-header.tmpl
index ee08545640..0775dccc2d 100644
--- a/templates/devtest/devtest-header.tmpl
+++ b/templates/devtest/devtest-header.tmpl
@@ -1,2 +1,3 @@
 {{template "base/head" ctx.RootData}}
 <link rel="stylesheet" href="{{AssetUrlPrefix}}/css/devtest.css?v={{AssetVersion}}">
+{{template "base/alert" .}}
diff --git a/templates/devtest/flex-list.tmpl b/templates/devtest/flex-list.tmpl
index 11d71d56a9..0db84b0c59 100644
--- a/templates/devtest/flex-list.tmpl
+++ b/templates/devtest/flex-list.tmpl
@@ -68,7 +68,7 @@
 							<a class="text primary" href="{{$.Link}}">
 								gitea-org / gitea
 							</a>
-							<span data-tooltip-content="{{ctx.Locale.Tr "repo.fork"}}">{{svg "octicon-repo-forked"}}</span>
+							<span class="flex-text-inline" data-tooltip-content="{{ctx.Locale.Tr "repo.fork"}}">{{svg "octicon-repo-forked"}}</span>
 						</div>
 						<div class="flex-item-trailing">
 							<a class="muted" href="{{$.Link}}">
diff --git a/templates/devtest/fomantic-dropdown.tmpl b/templates/devtest/fomantic-dropdown.tmpl
index d41a161e86..a10dc890ce 100644
--- a/templates/devtest/fomantic-dropdown.tmpl
+++ b/templates/devtest/fomantic-dropdown.tmpl
@@ -75,12 +75,12 @@
 		<h2>Selection</h2>
 		<div>
 			{{/* the "selection" class is optional, it will be added by JS automatically */}}
-			<select class="ui dropdown selection ellipsis-items-nowrap">
+			<select class="ui dropdown selection ellipsis-text-items">
 				<option>a</option>
 				<option>abcdefuvwxyz</option>
 				<option>loooooooooooooooooooooooooooooooooooooooooooooooooooooooooong</option>
 			</select>
-			<select class="ui dropdown ellipsis-items-nowrap tw-max-w-[8em]">
+			<select class="ui dropdown ellipsis-text-items tw-max-w-[8em]">
 				<option>loooooooooooooooooooooooooooooooooooooooooooooooooooooooooong</option>
 				<option>abcdefuvwxyz</option>
 				<option>a</option>
diff --git a/templates/devtest/fomantic-modal.tmpl b/templates/devtest/fomantic-modal.tmpl
index 838c6893a4..8e769790b2 100644
--- a/templates/devtest/fomantic-modal.tmpl
+++ b/templates/devtest/fomantic-modal.tmpl
@@ -2,13 +2,15 @@
 <div class="page-content devtest ui container">
 	{{template "base/alert" .}}
 	<div class="modal-buttons flex-text-block tw-flex-wrap"></div>
-	<script type="module">
-		for (const el of $('.ui.modal:not([data-skip-button])')) {
-			const $btn = $('<button class="ui button">').text(`${el.id}`).on('click', () => {
-				$(el).modal({onApprove() {alert('confirmed')}}).modal('show');
-			});
-			$('.modal-buttons').append($btn);
-		}
+	<script>
+		document.addEventListener('gitea:index-ready', () => {
+			for (const el of $('.ui.modal:not([data-skip-button])')) {
+				const $btn = $('<button class="ui button">').text(`${el.id}`).on('click', () => {
+					$(el).modal({onApprove() {alert('confirmed')}}).modal('show');
+				});
+				$('.modal-buttons').append($btn);
+			}
+		});
 	</script>
 
 	<div id="test-modal-form-1" class="ui mini modal">
diff --git a/templates/devtest/gitea-ui.tmpl b/templates/devtest/gitea-ui.tmpl
index 5b40268761..cb5aad7b0c 100644
--- a/templates/devtest/gitea-ui.tmpl
+++ b/templates/devtest/gitea-ui.tmpl
@@ -9,16 +9,16 @@
 			<a class="silenced" href="#">silenced</a>
 		</div>
 		<h1>Button</h1>
-		<div>
-			Style:
-			<label><input type="checkbox" name="button-style-compact" value="compact">compact</label>
-			<label><input type="radio" name="button-style-size" value="">(normal)</label>
-			<label><input type="radio" name="button-style-size" value="tiny">tiny</label>
-			<label><input type="radio" name="button-style-size" value="mini">mini</label>
+		".ui.button" styles:
+		<div class="flex-text-block tw-gap-4">
+			<label class="gt-checkbox"><input type="radio" name="button-style-size" value="">(normal)</label>
+			<label class="gt-checkbox"><input type="radio" name="button-style-size" value="small">small</label>
+			<label class="gt-checkbox"><input type="radio" name="button-style-size" value="tiny">tiny</label>
+			<label class="gt-checkbox"><input type="radio" name="button-style-size" value="mini">mini</label>
 		</div>
-		<div>
-			State:
-			<label><input type="checkbox" name="button-state-disabled" value="disabled">disabled</label>
+		<div class="flex-text-block tw-gap-4">
+			<label class="gt-checkbox"><input type="checkbox" name="button-style-compact" value="compact">compact</label>
+			<label class="gt-checkbox"><input type="checkbox" name="button-state-disabled" value="disabled">disabled</label>
 		</div>
 		<div id="devtest-button-samples">
 			<ul class="button-sample-groups">
@@ -45,14 +45,16 @@
 					</div>
 				</li>
 			</ul>
-			<script type="module">
-				const $buttons = $('#devtest-button-samples').find('button.ui');
+			<script>
+				document.addEventListener('gitea:index-ready', () => {
+					const $buttons = $('#devtest-button-samples').find('button.ui');
 
-				const $buttonStyles = $('input[name*="button-style"]');
-				$buttonStyles.on('click', () => $buttonStyles.map((_ ,el) => $buttons.toggleClass(el.value, el.checked)));
+					const $buttonStyles = $('input[name*="button-style"]');
+					$buttonStyles.on('click', () => $buttonStyles.map((_, el) => $buttons.toggleClass(el.value, el.checked)));
 
-				const $buttonStates = $('input[name*="button-state"]');
-				$buttonStates.on('click', () => $buttonStates.map((_ ,el) => $buttons.prop(el.value, el.checked)));
+					const $buttonStates = $('input[name*="button-state"]');
+					$buttonStates.on('click', () => $buttonStates.map((_, el) => $buttons.prop(el.value, el.checked)));
+				});
 			</script>
 		</div>
 	</div>
diff --git a/templates/devtest/mail-preview.tmpl b/templates/devtest/mail-preview.tmpl
new file mode 100644
index 0000000000..9a3d792904
--- /dev/null
+++ b/templates/devtest/mail-preview.tmpl
@@ -0,0 +1,27 @@
+{{template "devtest/devtest-header"}}
+<div class="page-content devtest ui container">
+	<div class="flex-text-block tw-flex-wrap">
+		{{range $templateName := .MailTemplateNames}}
+			<a class="ui button" href="?tmpl={{$templateName}}">{{$templateName}}</a>
+		{{else}}
+			<p>Mailer service is not enabled or no template is found</p>
+		{{end}}
+	</div>
+
+	{{if .RenderMailTemplateName}}
+	<div class="tw-my-2">
+		<div>Preview of: {{.RenderMailTemplateName}}</div>
+		<div>Subject: {{.RenderMailSubject}}</div>
+		<iframe src="{{AppSubUrl}}/devtest/mail-preview/{{.RenderMailTemplateName}}" class="mail-preview-body"></iframe>
+		<style>
+			.mail-preview-body {
+				border: 1px solid #ccc;
+				width: 100%;
+				height: 400px;
+				overflow: auto;
+			}
+		</style>
+	</div>
+	{{end}}
+</div>
+{{template "devtest/devtest-footer"}}
diff --git a/templates/devtest/markup-render.tmpl b/templates/devtest/markup-render.tmpl
new file mode 100644
index 0000000000..69d29d7829
--- /dev/null
+++ b/templates/devtest/markup-render.tmpl
@@ -0,0 +1,71 @@
+{{template "devtest/devtest-header"}}
+<div class="page-content devtest ui container">
+	{{$longCode := "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"}}
+	<div class="tw-flex">
+		<div class="tw-w-[50%] tw-p-4">
+			<div class="markup render-content">
+				Inline <code>code</code> content
+			</div>
+
+			<div class="divider"></div>
+
+			<div class="markup render-content">
+				<p>content before</p>
+				<pre><code>Very long line with no code block or container: {{$longCode}}</code></pre>
+				<p>content after</p>
+			</div>
+
+			<div class="divider"></div>
+
+			<div class="markup render-content">
+				<p>content before</p>
+				<div class="code-block-container code-overflow-wrap">
+					<pre class="code-block"><code>Very long line with wrap: {{$longCode}}</code></pre>
+				</div>
+				<p>content after</p>
+			</div>
+
+			<div class="divider"></div>
+
+			<div class="markup render-content">
+				<p>content before</p>
+				<div class="code-block-container code-overflow-scroll">
+					<pre class="code-block"><code>Short line in scroll container</code></pre>
+				</div>
+				<div class="code-block-container code-overflow-scroll">
+					<pre class="code-block"><code>Very long line with scroll: {{$longCode}}</code></pre>
+				</div>
+				<p>content after</p>
+			</div>
+		</div>
+
+		<div class="tw-w-[50%] tw-p-4">
+			<div class="markup render-content">
+				<p>content before</p>
+				<div class="code-block-container">
+					<pre class="code-block"><code class="language-math">
+	\lim\limits_{n\rightarrow\infty}{\left(1+\frac{1}{n}\right)^n}
+					</code></pre>
+				</div>
+				<p>content after</p>
+			</div>
+
+			<div class="divider"></div>
+
+			<div class="markup render-content">
+				<p>content before</p>
+				<div class="code-block-container">
+					<pre class="code-block"><code class="language-mermaid is-loading">
+	graph LR
+			A[Square Rect] -- Link text --> B((Circle))
+			A --> C(Round Rect)
+			B --> D{Rhombus}
+			C --> D
+					</code></pre>
+				</div>
+				<p>content after</p>
+			</div>
+		</div>
+	</div>
+</div>
+{{template "devtest/devtest-footer"}}
diff --git a/templates/explore/repos.tmpl b/templates/explore/repos.tmpl
index 53742bf0d9..68da398306 100644
--- a/templates/explore/repos.tmpl
+++ b/templates/explore/repos.tmpl
@@ -2,8 +2,8 @@
 <div role="main" aria-label="{{.Title}}" class="page-content explore repositories">
 	{{template "explore/navbar" .}}
 	<div class="ui container">
-		{{template "shared/repo_search" .}}
-		{{template "explore/repo_list" .}}
+		{{template "shared/repo/search" .}}
+		{{template "shared/repo/list" .}}
 		{{template "base/paginate" .}}
 	</div>
 </div>
diff --git a/templates/home.tmpl b/templates/home.tmpl
index 116dc487dc..cc9da82605 100644
--- a/templates/home.tmpl
+++ b/templates/home.tmpl
@@ -4,10 +4,10 @@
 		<div class="center">
 			<img class="logo" width="220" height="220" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
 			<div class="hero">
-				<h1 class="ui icon header title">
+				<h1 class="ui icon header title tw-text-balance">
 					{{AppName}}
 				</h1>
-				<h2>{{ctx.Locale.Tr "startpage.app_desc"}}</h2>
+				<h2 class="tw-text-balance">{{ctx.Locale.Tr "startpage.app_desc"}}</h2>
 			</div>
 		</div>
 	</div>
@@ -16,7 +16,7 @@
 			<h1 class="hero ui icon header">
 				{{svg "octicon-flame"}} {{ctx.Locale.Tr "startpage.install"}}
 			</h1>
-			<p class="large">
+			<p class="large tw-text-balance">
 				{{ctx.Locale.Tr "startpage.install_desc" "https://docs.gitea.com/installation/install-from-binary" "https://github.com/go-gitea/gitea/tree/master/docker" "https://docs.gitea.com/installation/install-from-package"}}
 			</p>
 		</div>
@@ -24,7 +24,7 @@
 			<h1 class="hero ui icon header">
 				{{svg "octicon-device-desktop"}} {{ctx.Locale.Tr "startpage.platform"}}
 			</h1>
-			<p class="large">
+			<p class="large tw-text-balance">
 				{{ctx.Locale.Tr "startpage.platform_desc" "https://go.dev/"}}
 			</p>
 		</div>
@@ -34,7 +34,7 @@
 			<h1 class="hero ui icon header">
 				{{svg "octicon-rocket"}} {{ctx.Locale.Tr "startpage.lightweight"}}
 			</h1>
-			<p class="large">
+			<p class="large tw-text-balance">
 				{{ctx.Locale.Tr "startpage.lightweight_desc"}}
 			</p>
 		</div>
@@ -42,7 +42,7 @@
 			<h1 class="hero ui icon header">
 				{{svg "octicon-code"}} {{ctx.Locale.Tr "startpage.license"}}
 			</h1>
-			<p class="large">
+			<p class="large tw-text-balance">
 				{{ctx.Locale.Tr "startpage.license_desc" "https://code.gitea.io/gitea" "code.gitea.io/gitea" "https://github.com/go-gitea/gitea"}}
 			</p>
 		</div>
diff --git a/templates/install.tmpl b/templates/install.tmpl
index 058822a6f6..0aec52f27b 100644
--- a/templates/install.tmpl
+++ b/templates/install.tmpl
@@ -351,5 +351,4 @@
 		</div>
 	</div>
 </div>
-<img class="tw-hidden" src="{{AssetUrlPrefix}}/img/loading.png">
 {{template "base/footer" .}}
diff --git a/templates/mail/auth/activate.devtest.yml b/templates/mail/auth/activate.devtest.yml
new file mode 100644
index 0000000000..f5519a6f6c
--- /dev/null
+++ b/templates/mail/auth/activate.devtest.yml
@@ -0,0 +1,3 @@
+DisplayName: User Display Name
+Code: The-Activation-Code
+ActiveCodeLives: 24h
diff --git a/templates/mail/notify/workflow_run.devtest.yml b/templates/mail/notify/workflow_run.devtest.yml
new file mode 100644
index 0000000000..1e285be328
--- /dev/null
+++ b/templates/mail/notify/workflow_run.devtest.yml
@@ -0,0 +1,18 @@
+RunStatusText: run status text ....
+
+Repo:
+  FullName: RepoName
+
+Run:
+  WorkflowID: WorkflowID
+  HTMLURL: http://localhost/run/1
+
+Jobs:
+  - Name: Job-Name-1
+    Status: success
+    Attempt: 1
+    HTMLURL: http://localhost/job/1
+  - Name: Job-Name-2
+    Status: failed
+    Attempt: 2
+    HTMLURL: http://localhost/job/2
diff --git a/templates/mail/notify/workflow_run.tmpl b/templates/mail/notify/workflow_run.tmpl
new file mode 100644
index 0000000000..f6dd8ad510
--- /dev/null
+++ b/templates/mail/notify/workflow_run.tmpl
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+	<meta name="format-detection" content="telephone=no,date=no,address=no,email=no,url=no">
+	<title>{{.Subject}}</title>
+</head>
+<body style="background-color: #f5f7fa; margin: 20px;">
+
+	<h2 style="color: #2c3e50; margin-bottom: 20px;">
+		{{.Repo.FullName}} {{.Run.WorkflowID}}: {{.RunStatusText}}
+	</h2>
+
+	<ul style="list-style: none; padding: 0; margin: 0 0 30px 0;">
+	{{range $job := .Jobs}}
+		<li style="background-color: #ffffff; border: 1px solid #ddd; border-radius: 6px; padding: 12px 16px; margin-bottom: 10px; box-shadow: 0 1px 3px rgba(0, 0, 0, 0.05); transition: box-shadow 0.2s ease;">
+			<a href="{{$job.HTMLURL}}" style="color: #0073e6; text-decoration: none; font-weight: bold;">
+				{{$job.Status}}: {{$job.Name}}{{if gt $job.Attempt 1}}, Attempt #{{$job.Attempt}}{{end}}
+			</a>
+		</li>
+	{{end}}
+	</ul>
+
+	<br/>
+
+	<div style="text-align: center; margin-top: 30px;">
+		<a href="{{.Run.HTMLURL}}" style="display: inline-block; background-color: #28a745; color: #ffffff !important; text-decoration: none; padding: 10px 20px; border-radius: 5px; font-weight: bold; box-shadow: 0 2px 4px rgba(0,0,0,0.1); transition: background-color 0.3s ease;">
+			{{.locale.Tr "mail.view_it_on" AppName}}
+		</a>
+	</div>
+
+</body>
+</html>
diff --git a/templates/org/create.tmpl b/templates/org/create.tmpl
index 7934d5b722..2d6dca5440 100644
--- a/templates/org/create.tmpl
+++ b/templates/org/create.tmpl
@@ -18,15 +18,15 @@
 					<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
 					<div class="inline-right">
 						<div class="ui radio checkbox">
-							<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if .DefaultOrgVisibilityMode.IsPublic}}checked{{end}}>
+							<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if .visibility.IsPublic}}checked{{end}}>
 							<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
 						</div>
 						<div class="ui radio checkbox">
-							<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if .DefaultOrgVisibilityMode.IsLimited}}checked{{end}}>
+							<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if .visibility.IsLimited}}checked{{end}}>
 							<label>{{ctx.Locale.Tr "org.settings.visibility.limited"}}</label>
 						</div>
 						<div class="ui radio checkbox">
-							<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if .DefaultOrgVisibilityMode.IsPrivate}}checked{{end}}>
+							<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if .visibility.IsPrivate}}checked{{end}}>
 							<label>{{ctx.Locale.Tr "org.settings.visibility.private"}}</label>
 						</div>
 					</div>
@@ -35,7 +35,7 @@
 				<div class="inline field" id="permission_box">
 					<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
 					<div class="ui checkbox">
-						<input type="checkbox" name="repo_admin_change_team_access" checked>
+						<input type="checkbox" name="repo_admin_change_team_access" {{if .repo_admin_change_team_access}}checked{{end}}>
 						<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
 					</div>
 				</div>
diff --git a/templates/org/header.tmpl b/templates/org/header.tmpl
index 80519361fd..90798b5d7c 100644
--- a/templates/org/header.tmpl
+++ b/templates/org/header.tmpl
@@ -18,7 +18,7 @@
 				{{end}}
 			</span>
 		</div>
-		{{if .RenderedDescription}}<div class="render-content markup tw-break-anywhere">{{.RenderedDescription}}</div>{{end}}
+		{{if .RenderedDescription}}<div class="render-content markup">{{.RenderedDescription}}</div>{{end}}
 		<div class="text light meta tw-mt-1">
 			{{if .Org.Location}}<div class="flex-text-block">{{svg "octicon-location"}} <span>{{.Org.Location}}</span></div>{{end}}
 			{{if .Org.Website}}<div class="flex-text-block">{{svg "octicon-link"}} <a class="muted" target="_blank" rel="noopener noreferrer me" href="{{.Org.Website}}">{{.Org.Website}}</a></div>{{end}}
diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl
index cffdfabfaa..3cde3554c9 100644
--- a/templates/org/home.tmpl
+++ b/templates/org/home.tmpl
@@ -8,8 +8,8 @@
 				{{if .ProfileReadmeContent}}
 					<div id="readme_profile" class="render-content markup" data-profile-view-as-member="{{.IsViewingOrgAsMember}}">{{.ProfileReadmeContent}}</div>
 				{{end}}
-				{{template "shared/repo_search" .}}
-				{{template "explore/repo_list" .}}
+				{{template "shared/repo/search" .}}
+				{{template "shared/repo/list" .}}
 				{{template "base/paginate" .}}
 			</div>
 
diff --git a/templates/org/member/members.tmpl b/templates/org/member/members.tmpl
index 4388dc9520..2d0f4bc423 100644
--- a/templates/org/member/members.tmpl
+++ b/templates/org/member/members.tmpl
@@ -73,7 +73,7 @@
 		{{ctx.Locale.Tr "org.members.leave"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.members.leave.detail" (`<span class="dataOrganizationName"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.members.leave.detail" (HTMLFormat `<span class="%s"></span>` "dataOrganizationName")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
@@ -82,7 +82,7 @@
 		{{ctx.Locale.Tr "org.members.remove"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.members.remove.detail" (`<span class="name"></span>`|SafeHTML) (`<span class="dataOrganizationName"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.members.remove.detail" (HTMLFormat `<span class="%s"></span>` "name") (HTMLFormat `<span class="%s"></span>` "dataOrganizationName")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
diff --git a/templates/org/menu.tmpl b/templates/org/menu.tmpl
index 2d3af2d559..d876dabb44 100644
--- a/templates/org/menu.tmpl
+++ b/templates/org/menu.tmpl
@@ -44,7 +44,7 @@
 				{{end}}
 			</a>
 			{{end}}
-			{{if .IsOrganizationOwner}}
+			{{if and EnableTimetracking .IsOrganizationOwner}}
 			<a class="{{if $.PageIsOrgTimes}}active{{end}} item" href="{{$.OrgLink}}/worktime">
 				{{svg "octicon-clock"}} {{ctx.Locale.Tr "org.worktime"}}
 			</a>
diff --git a/templates/org/projects/new.tmpl b/templates/org/projects/new.tmpl
index fc52130f68..c021c5a0fe 100644
--- a/templates/org/projects/new.tmpl
+++ b/templates/org/projects/new.tmpl
@@ -1,9 +1,24 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content organization projects edit-project new">
-	{{template "shared/user/org_profile_avatar" .}}
+{{if .ContextUser.IsOrganization}}
+<div role="main" aria-label="{{.Title}}" class="page-content organization projects">
+	{{template "org/header" .}}
 	<div class="ui container">
-	{{template "user/overview/header" .}}
-	{{template "projects/new" .}}
+		{{template "projects/new" .}}
 	</div>
 </div>
+{{else}}
+<div role="main" aria-label="{{.Title}}" class="page-content user profile">
+	<div class="ui container">
+		<div class="ui stackable grid">
+			<div class="ui four wide column">
+				{{template "shared/user/profile_big_avatar" .}}
+			</div>
+			<div class="ui twelve wide column tw-mb-4">
+				{{template "user/overview/header" .}}
+				{{template "projects/new" .}}
+			</div>
+		</div>
+	</div>
+</div>
+{{end}}
 {{template "base/footer" .}}
diff --git a/templates/org/projects/view.tmpl b/templates/org/projects/view.tmpl
index bd74114fe2..1bfbc8d8b4 100644
--- a/templates/org/projects/view.tmpl
+++ b/templates/org/projects/view.tmpl
@@ -8,8 +8,6 @@
 			{{template "user/overview/header" .}}
 		</div>
 	{{end}}
-	<div class="ui container fluid padded">
-		{{template "projects/view" .}}
-	</div>
+	{{template "projects/view" .}}
 </div>
 {{template "base/footer" .}}
diff --git a/templates/org/settings/delete.tmpl b/templates/org/settings/delete.tmpl
deleted file mode 100644
index e1ef471e34..0000000000
--- a/templates/org/settings/delete.tmpl
+++ /dev/null
@@ -1,35 +0,0 @@
-{{template "org/settings/layout_head" (dict "ctxData" . "pageClass" "organization settings delete")}}
-
-			<div class="org-setting-content">
-				<h4 class="ui top attached error header">
-					{{ctx.Locale.Tr "org.settings.delete_account"}}
-				</h4>
-				<div class="ui attached error segment">
-					<div class="ui red message">
-						<p class="text left">{{svg "octicon-alert"}} {{ctx.Locale.Tr "org.settings.delete_prompt"}}</p>
-					</div>
-					<form class="ui form ignore-dirty" id="delete-form" action="{{.Link}}" method="post">
-						{{.CsrfTokenHtml}}
-						<div class="inline required field {{if .Err_OrgName}}error{{end}}">
-							<label for="org_name">{{ctx.Locale.Tr "org.org_name_holder"}}</label>
-							<input id="org_name" name="org_name" value="" autocomplete="off" autofocus required>
-						</div>
-						<button class="ui red button delete-button" data-type="form" data-form="#delete-form">
-							{{ctx.Locale.Tr "org.settings.confirm_delete_account"}}
-						</button>
-					</form>
-				</div>
-			</div>
-
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "org.settings.delete_org_title"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "org.settings.delete_org_desc"}}</p>
-	</div>
-	{{template "base/modal_actions_confirm" .}}
-</div>
-
-{{template "org/settings/layout_footer" .}}
diff --git a/templates/org/settings/hooks.tmpl b/templates/org/settings/hooks.tmpl
index 9f307968f8..b05e22fe20 100644
--- a/templates/org/settings/hooks.tmpl
+++ b/templates/org/settings/hooks.tmpl
@@ -1,5 +1,5 @@
 {{template "org/settings/layout_head" (dict "ctxData" . "pageClass" "organization settings webhooks")}}
 			<div class="org-setting-content">
-				{{template "repo/settings/webhook/list" .}}
+				{{template "repo/settings/webhook/base_list" .}}
 			</div>
 {{template "org/settings/layout_footer" .}}
diff --git a/templates/org/settings/navbar.tmpl b/templates/org/settings/navbar.tmpl
index ce792f667c..58475de7e7 100644
--- a/templates/org/settings/navbar.tmpl
+++ b/templates/org/settings/navbar.tmpl
@@ -41,8 +41,5 @@
 			</div>
 		</details>
 		{{end}}
-		<a class="{{if .PageIsSettingsDelete}}active {{end}}item" href="{{.OrgLink}}/settings/delete">
-			{{ctx.Locale.Tr "org.settings.delete"}}
-		</a>
 	</div>
 </div>
diff --git a/templates/org/settings/options.tmpl b/templates/org/settings/options.tmpl
index 76315f3eac..d94bb4c62b 100644
--- a/templates/org/settings/options.tmpl
+++ b/templates/org/settings/options.tmpl
@@ -1,101 +1,97 @@
 {{template "org/settings/layout_head" (dict "ctxData" . "pageClass" "organization settings options")}}
-			<div class="org-setting-content">
-				<h4 class="ui top attached header">
-					{{ctx.Locale.Tr "org.settings.options"}}
-				</h4>
-				<div class="ui attached segment">
-					<form class="ui form" action="{{.Link}}" method="post">
-						{{.CsrfTokenHtml}}
-						<div class="required field {{if .Err_Name}}error{{end}}">
-							<label for="org_name">{{ctx.Locale.Tr "org.org_name_holder"}}
-								<span class="text red tw-hidden" id="org-name-change-prompt">
-									<br>{{ctx.Locale.Tr "org.settings.change_orgname_prompt"}}<br>{{ctx.Locale.Tr "org.settings.change_orgname_redirect_prompt"}}
-								</span>
-							</label>
-							<input id="org_name" name="name" value="{{.Org.Name}}" data-org-name="{{.Org.Name}}" autofocus required maxlength="40">
-						</div>
-						<div class="field {{if .Err_FullName}}error{{end}}">
-							<label for="full_name">{{ctx.Locale.Tr "org.org_full_name_holder"}}</label>
-							<input id="full_name" name="full_name" value="{{.Org.FullName}}" maxlength="100">
-						</div>
-						<div class="field {{if .Err_Email}}error{{end}}">
-							<label for="email">{{ctx.Locale.Tr "org.settings.email"}}</label>
-							<input id="email" name="email" type="email" value="{{.Org.Email}}" maxlength="255">
-						</div>
-						<div class="field {{if .Err_Description}}error{{end}}">
-							{{/* it is rendered as markdown, but the length is limited, so at the moment we do not use the markdown editor here */}}
-							<label for="description">{{ctx.Locale.Tr "org.org_desc"}}</label>
-							<textarea id="description" name="description" rows="2" maxlength="255">{{.Org.Description}}</textarea>
-						</div>
-						<div class="field {{if .Err_Website}}error{{end}}">
-							<label for="website">{{ctx.Locale.Tr "org.settings.website"}}</label>
-							<input id="website" name="website" type="url" value="{{.Org.Website}}" maxlength="255">
-						</div>
-						<div class="field">
-							<label for="location">{{ctx.Locale.Tr "org.settings.location"}}</label>
-							<input id="location" name="location"  value="{{.Org.Location}}" maxlength="50">
-						</div>
 
-						<div class="divider"></div>
-						<div class="field" id="visibility_box">
-							<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
-							<div class="field">
-								<div class="ui radio checkbox">
-									<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if eq .CurrentVisibility 0}}checked{{end}}>
-									<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
-								</div>
-							</div>
-							<div class="field">
-								<div class="ui radio checkbox">
-									<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if eq .CurrentVisibility 1}}checked{{end}}>
-									<label>{{ctx.Locale.Tr "org.settings.visibility.limited"}}</label>
-								</div>
-							</div>
-							<div class="field">
-								<div class="ui radio checkbox">
-									<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if eq .CurrentVisibility 2}}checked{{end}}>
-									<label>{{ctx.Locale.Tr "org.settings.visibility.private"}}</label>
-								</div>
-							</div>
-						</div>
+<div class="ui segments org-setting-content">
+	<h4 class="ui top attached header">
+		{{ctx.Locale.Tr "org.settings.options"}}
+	</h4>
+	<div class="ui attached segment">
+		<form class="ui form" action="{{.Link}}" method="post">
+			{{.CsrfTokenHtml}}
+			<div class="field {{if .Err_FullName}}error{{end}}">
+				<label for="full_name">{{ctx.Locale.Tr "org.org_full_name_holder"}}</label>
+				<input id="full_name" name="full_name" value="{{.Org.FullName}}" maxlength="100">
+			</div>
+			<div class="field {{if .Err_Email}}error{{end}}">
+				<label for="email">{{ctx.Locale.Tr "org.settings.email"}}</label>
+				<input id="email" name="email" type="email" value="{{.Org.Email}}" maxlength="255">
+			</div>
+			<div class="field {{if .Err_Description}}error{{end}}">
+				{{/* it is rendered as markdown, but the length is limited, so at the moment we do not use the markdown editor here */}}
+				<label for="description">{{ctx.Locale.Tr "org.org_desc"}}</label>
+				<textarea id="description" name="description" rows="2" maxlength="255">{{.Org.Description}}</textarea>
+			</div>
+			<div class="field {{if .Err_Website}}error{{end}}">
+				<label for="website">{{ctx.Locale.Tr "org.settings.website"}}</label>
+				<input id="website" name="website" type="url" value="{{.Org.Website}}" maxlength="255">
+			</div>
+			<div class="field">
+				<label for="location">{{ctx.Locale.Tr "org.settings.location"}}</label>
+				<input id="location" name="location"  value="{{.Org.Location}}" maxlength="50">
+			</div>
+
+			<div class="divider"></div>
+			<div class="field" id="visibility_box">
+				<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
+				<div class="field">
+					<div class="ui radio checkbox">
+						<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if eq .CurrentVisibility 0}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
+					</div>
+				</div>
+				<div class="field">
+					<div class="ui radio checkbox">
+						<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if eq .CurrentVisibility 1}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "org.settings.visibility.limited"}}</label>
+					</div>
+				</div>
+				<div class="field">
+					<div class="ui radio checkbox">
+						<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if eq .CurrentVisibility 2}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "org.settings.visibility.private"}}</label>
+					</div>
+				</div>
+			</div>
 
-						<div class="field" id="permission_box">
-							<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
-							<div class="field">
-								<div class="ui checkbox">
-									<input type="checkbox" name="repo_admin_change_team_access" {{if .RepoAdminChangeTeamAccess}}checked{{end}}>
-									<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
-								</div>
-							</div>
-						</div>
+			<div class="field" id="permission_box">
+				<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
+				<div class="field">
+					<div class="ui checkbox">
+						<input type="checkbox" name="repo_admin_change_team_access" {{if .RepoAdminChangeTeamAccess}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
+					</div>
+				</div>
+			</div>
 
-						{{if .SignedUser.IsAdmin}}
-						<div class="divider"></div>
+			{{if .SignedUser.IsAdmin}}
+			<div class="divider"></div>
 
-						<div class="inline field {{if .Err_MaxRepoCreation}}error{{end}}">
-							<label for="max_repo_creation">{{ctx.Locale.Tr "admin.users.max_repo_creation"}}</label>
-							<input id="max_repo_creation" name="max_repo_creation" type="number" min="-1" value="{{.Org.MaxRepoCreation}}">
-							<p class="help">{{ctx.Locale.Tr "admin.users.max_repo_creation_desc"}}</p>
-						</div>
-						{{end}}
+			<div class="inline field {{if .Err_MaxRepoCreation}}error{{end}}">
+				<label for="max_repo_creation">{{ctx.Locale.Tr "admin.users.max_repo_creation"}}</label>
+				<input id="max_repo_creation" name="max_repo_creation" type="number" min="-1" value="{{.Org.MaxRepoCreation}}">
+				<p class="help">{{ctx.Locale.Tr "admin.users.max_repo_creation_desc"}}</p>
+			</div>
+			{{end}}
 
-						<div class="field">
-							<button class="ui primary button">{{ctx.Locale.Tr "org.settings.update_settings"}}</button>
-						</div>
-					</form>
+			<div class="field">
+				<button class="ui primary button">{{ctx.Locale.Tr "org.settings.update_settings"}}</button>
+			</div>
+		</form>
 
-					<div class="divider"></div>
+		<div class="divider"></div>
 
-					<form class="ui form" action="{{.Link}}/avatar" method="post" enctype="multipart/form-data">
-						{{.CsrfTokenHtml}}
-						<div class="inline field">
-							{{template "shared/avatar_upload_crop" dict "LabelText" (ctx.Locale.Tr "settings.choose_new_avatar")}}
-						</div>
-						<div class="field">
-							<button class="ui primary button">{{ctx.Locale.Tr "settings.update_avatar"}}</button>
-							<button class="ui red button link-action" data-url="{{.Link}}/avatar/delete">{{ctx.Locale.Tr "settings.delete_current_avatar"}}</button>
-						</div>
-					</form>
-				</div>
+		<form class="ui form" action="{{.Link}}/avatar" method="post" enctype="multipart/form-data">
+			{{.CsrfTokenHtml}}
+			<div class="inline field">
+				{{template "shared/avatar_upload_crop" dict "LabelText" (ctx.Locale.Tr "settings.choose_new_avatar")}}
+			</div>
+			<div class="field">
+				<button class="ui primary button">{{ctx.Locale.Tr "settings.update_avatar"}}</button>
+				<button class="ui red button link-action" data-url="{{.Link}}/avatar/delete">{{ctx.Locale.Tr "settings.delete_current_avatar"}}</button>
 			</div>
+		</form>
+	</div>
+</div>
+
+{{template "org/settings/options_dangerzone" .}}
+
 {{template "org/settings/layout_footer" .}}
diff --git a/templates/org/settings/options_dangerzone.tmpl b/templates/org/settings/options_dangerzone.tmpl
new file mode 100644
index 0000000000..01cf3fd405
--- /dev/null
+++ b/templates/org/settings/options_dangerzone.tmpl
@@ -0,0 +1,93 @@
+<h4 class="ui top attached error header">
+	{{ctx.Locale.Tr "repo.settings.danger_zone"}}
+</h4>
+<div class="ui attached error danger segment">
+	<div class="flex-list">
+		<div class="flex-item tw-items-center">
+			<div class="flex-item-main">
+				<div class="flex-item-title">{{ctx.Locale.Tr "org.settings.rename"}}</div>
+				<div class="flex-item-body">{{ctx.Locale.Tr "org.settings.rename_desc"}}</div>
+			</div>
+			<div class="flex-item-trailing">
+				<button class="ui basic red show-modal button" data-modal="#rename-org-modal">{{ctx.Locale.Tr "org.settings.rename"}}</button>
+			</div>
+		</div>
+
+		<div class="flex-item">
+			<div class="flex-item-main">
+				<div class="flex-item-title">{{ctx.Locale.Tr "org.settings.delete_account"}}</div>
+				<div class="flex-item-body">{{ctx.Locale.Tr "org.settings.delete_prompt"}}</div>
+			</div>
+			<div class="flex-item-trailing">
+				<button class="ui basic red show-modal button" data-modal="#delete-org-modal">{{ctx.Locale.Tr "org.settings.delete_account"}}</button>
+			</div>
+		</div>
+	</div>
+</div>
+
+<div class="ui small modal" id="rename-org-modal">
+	<div class="header">
+		{{ctx.Locale.Tr "org.settings.rename"}}
+	</div>
+	<div class="content">
+		<ul class="ui warning message">
+			<li>{{ctx.Locale.Tr "org.settings.rename_notices_1"}}</li>
+			<li>{{ctx.Locale.Tr "org.settings.rename_notices_2"}}</li>
+		</ul>
+		<form class="ui form form-fetch-action" action="{{.Link}}/rename" method="post">
+			{{.CsrfTokenHtml}}
+			<div class="field">
+				<label>
+					{{ctx.Locale.Tr "org.settings.name_confirm"}}
+					<span class="text red">{{.Org.Name}}</span>
+				</label>
+			</div>
+			<div class="required field">
+				<label for="org_name_to_rename">{{ctx.Locale.Tr "org.org_name_holder"}}</label>
+				<input id="org_name_to_rename" name="org_name" required>
+			</div>
+
+			<div class="required field">
+				<label>{{ctx.Locale.Tr "org.settings.rename_new_org_name"}}</label>
+				<input name="new_org_name" required>
+			</div>
+
+			<div class="actions">
+				<button class="ui cancel button">{{ctx.Locale.Tr "settings.cancel"}}</button>
+				<button class="ui red button">{{ctx.Locale.Tr "org.settings.rename"}}</button>
+			</div>
+		</form>
+	</div>
+</div>
+
+<div class="ui small modal" id="delete-org-modal">
+	<div class="header">
+		{{ctx.Locale.Tr "org.settings.delete_account"}}
+	</div>
+	<div class="content">
+		<ul class="ui warning message">
+			<li>{{ctx.Locale.Tr "org.settings.delete_notices_1"}}</li>
+			<li>{{ctx.Locale.Tr "org.settings.delete_notices_2" .Org.Name}}</li>
+			<li>{{ctx.Locale.Tr "org.settings.delete_notices_3" .Org.Name}}</li>
+			<li>{{ctx.Locale.Tr "org.settings.delete_notices_4" .Org.Name}}</li>
+		</ul>
+		<form class="ui form form-fetch-action" action="{{.Link}}/delete" method="post">
+			{{.CsrfTokenHtml}}
+			<div class="field">
+				<label>
+					{{ctx.Locale.Tr "org.settings.name_confirm"}}
+					<span class="text red">{{.Org.Name}}</span>
+				</label>
+			</div>
+			<div class="required field">
+				<label>{{ctx.Locale.Tr "org.org_name_holder"}}</label>
+				<input name="org_name" required>
+			</div>
+
+			<div class="actions">
+				<button class="ui cancel button">{{ctx.Locale.Tr "settings.cancel"}}</button>
+				<button class="ui red button">{{ctx.Locale.Tr "org.settings.delete_account"}}</button>
+			</div>
+		</form>
+	</div>
+</div>
diff --git a/templates/org/team/members.tmpl b/templates/org/team/members.tmpl
index 5433f01530..4bc063f90c 100644
--- a/templates/org/team/members.tmpl
+++ b/templates/org/team/members.tmpl
@@ -81,7 +81,7 @@
 		{{ctx.Locale.Tr "org.members.remove"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.members.remove.detail" (`<span class="name"></span>`|SafeHTML) (`<span class="dataTeamName"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.members.remove.detail" (HTMLFormat `<span class="%s"></span>` "name") (HTMLFormat `<span class="%s"></span>` "dataTeamName")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
diff --git a/templates/org/team/new.tmpl b/templates/org/team/new.tmpl
index b67c18dd7d..67529ddfba 100644
--- a/templates/org/team/new.tmpl
+++ b/templates/org/team/new.tmpl
@@ -56,7 +56,7 @@
 								<br>
 								<div class="field">
 									<div class="ui radio checkbox">
-										<input type="radio" name="permission" value="read" {{if or .PageIsOrgTeamsNew (eq .Team.AccessMode 1) (eq .Team.AccessMode 2)}}checked{{end}}>
+										<input type="radio" name="permission" value="read" {{if or .PageIsOrgTeamsNew (eq .Team.AccessMode 0) (eq .Team.AccessMode 1) (eq .Team.AccessMode 2)}}checked{{end}}>
 										<label>{{ctx.Locale.Tr "org.teams.general_access"}}</label>
 										<span class="help">{{ctx.Locale.Tr "org.teams.general_access_helper"}}</span>
 									</div>
diff --git a/templates/org/team/sidebar.tmpl b/templates/org/team/sidebar.tmpl
index c4acd8da24..6dd5cb3eeb 100644
--- a/templates/org/team/sidebar.tmpl
+++ b/templates/org/team/sidebar.tmpl
@@ -42,10 +42,12 @@
 						<li>{{ctx.Locale.Tr "org.teams.can_create_org_repo"}}</li>
 					{{end}}
 				</ul>
-				{{if (eq .Team.AccessMode 2)}}
+				{{/* the AccessMode should be either none or admin/owner, the real permissions are provided by each team unit */}}
+				{{if false}}{{/*(eq .Team.AccessMode 2)*/}}
 					<h3>{{ctx.Locale.Tr "org.settings.permission"}}</h3>
 					{{ctx.Locale.Tr "org.teams.write_permission_desc"}}
 				{{else if (eq .Team.AccessMode 3)}}
+					{{/* FIXME: here might not right, see "FIXME: TEAM-UNIT-PERMISSION", new units might not have correct admin permission*/}}
 					<h3>{{ctx.Locale.Tr "org.settings.permission"}}</h3>
 					{{ctx.Locale.Tr "org.teams.admin_permission_desc"}}
 				{{else}}
@@ -88,7 +90,7 @@
 		{{ctx.Locale.Tr "org.teams.leave"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.teams.leave.detail" (`<span class="name"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.teams.leave.detail" (HTMLFormat `<span class="%s"></span>` "name")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
diff --git a/templates/org/team/teams.tmpl b/templates/org/team/teams.tmpl
index 4e3e388cb6..cdd2789128 100644
--- a/templates/org/team/teams.tmpl
+++ b/templates/org/team/teams.tmpl
@@ -4,7 +4,7 @@
 	<div class="ui container">
 		{{template "base/alert" .}}
 		{{if .IsOrganizationOwner}}
-			<div class="tw-text-right">
+			<div class="flex-text-block tw-justify-end">
 				<a class="ui primary button" href="{{.OrgLink}}/teams/new">{{svg "octicon-plus"}} {{ctx.Locale.Tr "org.create_new_team"}}</a>
 			</div>
 			<div class="divider"></div>
@@ -49,7 +49,7 @@
 		{{ctx.Locale.Tr "org.teams.leave"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.teams.leave.detail" (`<span class="name"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.teams.leave.detail" (HTMLFormat `<span class="%s"></span>` "name")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
diff --git a/templates/package/content/container.tmpl b/templates/package/content/container.tmpl
index 7d89f8c6e2..1a1335aaa6 100644
--- a/templates/package/content/container.tmpl
+++ b/templates/package/content/container.tmpl
@@ -16,7 +16,17 @@
 			</div>
 			<div class="field">
 				<label>{{svg "octicon-code"}} {{ctx.Locale.Tr "packages.container.digest"}}</label>
-				<div class="markup"><pre class="code-block"><code>{{range .PackageDescriptor.Files}}{{if eq .File.LowerName "manifest.json"}}{{.Properties.GetByName "container.digest"}}{{end}}{{end}}</code></pre></div>
+				<div class="markup">
+					<div class="code-block-container code-overflow-scroll">
+						<pre class="code-block"><code>
+							{{- range .PackageDescriptor.Files -}}
+								{{- if eq .File.LowerName "manifest.json" -}}
+									{{- .Properties.GetByName "container.digest" -}}{{"\n"}}
+								{{- end -}}
+							{{- end -}}
+						</code></pre>
+					</div>
+				</div>
 			</div>
 			<div class="field">
 				<label>{{ctx.Locale.Tr "packages.registry.documentation" "Container" "https://docs.gitea.com/usage/packages/container/"}}</label>
@@ -39,7 +49,11 @@
 						{{/* "unknown/unknown" is attestation-manifest, so we should skip it */}}
 						{{if ne .Platform "unknown/unknown"}}
 						<tr>
-							<td><a class="tw-font-mono" href="{{$.PackageDescriptor.PackageWebLink}}/{{PathEscape .Digest}}">{{StringUtils.TrimPrefix .Digest "sha256:" | ShortSha}}</a></td>
+							<td>
+								<a class="tw-font-mono" href="{{$.PackageDescriptor.PackageWebLink}}/{{$.PackageDescriptor.Version.LowerVersion}}/{{PathEscape .Digest}}">
+									{{StringUtils.TrimPrefix .Digest "sha256:" | ShortSha}}
+								</a>
+							</td>
 							<td>{{.Platform}}</td>
 							<td>{{FileSize .Size}}</td>
 						</tr>
@@ -55,12 +69,24 @@
 			{{.PackageDescriptor.Metadata.Description}}
 		</div>
 	{{end}}
-	{{if .PackageDescriptor.Metadata.ImageLayers}}
-		<h4 class="ui top attached header">{{ctx.Locale.Tr "packages.container.layers"}}</h4>
+
+	{{/* a container manifest may contain sub manifests, so here we try to display some information of the sub manifest,
+		not perfect, just better than before */}}
+	{{$imageMetadata := .ContainerImageMetadata}}
+	{{if $imageMetadata.ImageLayers}}
+		<h4 class="ui top attached header flex-text-block">
+			{{ctx.Locale.Tr "packages.container.layers"}}
+			{{/* only show the platform if the image metadata is not the package's, which means that it is a sub manifest */}}
+			{{if ne .ContainerImageMetadata .PackageDescriptor.Metadata}}
+				<span class="tw-text-sm flex-text-inline" title="{{ctx.Locale.Tr "packages.container.details.platform"}}">
+					({{svg "octicon-cpu" 12}} {{.ContainerImageMetadata.Platform}})
+				</span>
+			{{end}}
+		</h4>
 		<div class="ui attached segment tw-break-anywhere">
-			<table class="ui very basic compact table">
+			<table class="ui very basic compact table tw-font-mono">
 				<tbody>
-					{{range .PackageDescriptor.Metadata.ImageLayers}}
+					{{range $imageMetadata.ImageLayers}}
 						<tr>
 							<td>{{.}}</td>
 						</tr>
@@ -69,10 +95,10 @@
 			</table>
 		</div>
 	{{end}}
-	{{if .PackageDescriptor.Metadata.Labels}}
+	{{if $imageMetadata.Labels}}
 		<h4 class="ui top attached header">{{ctx.Locale.Tr "packages.container.labels"}}</h4>
 		<div class="ui attached segment">
-			<table class="ui very basic compact table">
+			<table class="ui very basic compact table tw-font-mono">
 				<thead>
 					<tr>
 						<th>{{ctx.Locale.Tr "packages.container.labels.key"}}</th>
@@ -80,7 +106,7 @@
 					</tr>
 				</thead>
 				<tbody>
-					{{range $key, $value := .PackageDescriptor.Metadata.Labels}}
+					{{range $key, $value := $imageMetadata.Labels}}
 						<tr>
 							<td class="tw-align-top">{{$key}}</td>
 							<td class="tw-break-anywhere">{{$value}}</td>
diff --git a/templates/package/content/pypi.tmpl b/templates/package/content/pypi.tmpl
index 2a22a6ed71..2625c160fe 100644
--- a/templates/package/content/pypi.tmpl
+++ b/templates/package/content/pypi.tmpl
@@ -4,7 +4,7 @@
 		<div class="ui form">
 			<div class="field">
 				<label>{{svg "octicon-terminal"}} {{ctx.Locale.Tr "packages.pypi.install"}}</label>
-				<div class="markup"><pre class="code-block"><code>pip install --index-url <origin-url data-url="{{AppSubUrl}}/api/packages/{{.PackageDescriptor.Owner.Name}}/pypi/simple/"></origin-url> {{.PackageDescriptor.Package.Name}}</code></pre></div>
+				<div class="markup"><pre class="code-block"><code>pip install --index-url <origin-url data-url="{{AppSubUrl}}/api/packages/{{.PackageDescriptor.Owner.Name}}/pypi/simple/"></origin-url> --extra-index-url https://pypi.org/ {{.PackageDescriptor.Package.Name}}</code></pre></div>
 			</div>
 			<div class="field">
 				<label>{{ctx.Locale.Tr "packages.registry.documentation" "PyPI" "https://docs.gitea.com/usage/packages/pypi/"}}</label>
diff --git a/templates/package/shared/view.tmpl b/templates/package/shared/view.tmpl
new file mode 100644
index 0000000000..52673accf9
--- /dev/null
+++ b/templates/package/shared/view.tmpl
@@ -0,0 +1,107 @@
+<div class="issue-title-header">
+	{{$packageVersionLink := print $.PackageDescriptor.PackageWebLink "/" (PathEscape .PackageDescriptor.Version.LowerVersion)}}
+	<h1>{{.PackageDescriptor.Package.Name}} ({{.PackageDescriptor.Version.Version}})</h1>
+	<div>
+		{{$timeStr := DateUtils.TimeSince .PackageDescriptor.Version.CreatedUnix}}
+		{{if .HasRepositoryAccess}}
+		{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName .PackageDescriptor.Repository.Link .PackageDescriptor.Repository.FullName}}
+		{{else}}
+		{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName}}
+		{{end}}
+	</div>
+</div>
+<div class="packages-content">
+	<div class="packages-content-left">
+		{{template "package/content/alpine" .}}
+		{{template "package/content/arch" .}}
+		{{template "package/content/cargo" .}}
+		{{template "package/content/chef" .}}
+		{{template "package/content/composer" .}}
+		{{template "package/content/conan" .}}
+		{{template "package/content/conda" .}}
+		{{template "package/content/container" .}}
+		{{template "package/content/cran" .}}
+		{{template "package/content/debian" .}}
+		{{template "package/content/generic" .}}
+		{{template "package/content/go" .}}
+		{{template "package/content/helm" .}}
+		{{template "package/content/maven" .}}
+		{{template "package/content/npm" .}}
+		{{template "package/content/nuget" .}}
+		{{template "package/content/pub" .}}
+		{{template "package/content/pypi" .}}
+		{{template "package/content/rpm" .}}
+		{{template "package/content/rubygems" .}}
+		{{template "package/content/swift" .}}
+		{{template "package/content/vagrant" .}}
+	</div>
+	<div class="ui segment packages-content-right">
+		<strong>{{ctx.Locale.Tr "packages.details"}}</strong>
+		<div class="ui relaxed list flex-items-block">
+			<div class="item">{{svg .PackageDescriptor.Package.Type.SVGName}} {{.PackageDescriptor.Package.Type.Name}}</div>
+			{{if .HasRepositoryAccess}}
+			<div class="item">{{svg "octicon-repo"}} <a href="{{.PackageDescriptor.Repository.Link}}">{{.PackageDescriptor.Repository.FullName}}</a></div>
+			{{end}}
+			<div class="item">{{svg "octicon-calendar"}} {{DateUtils.TimeSince .PackageDescriptor.Version.CreatedUnix}}</div>
+			<div class="item">{{svg "octicon-download"}} {{.PackageDescriptor.Version.DownloadCount}}</div>
+			{{template "package/metadata/alpine" .}}
+			{{template "package/metadata/arch" .}}
+			{{template "package/metadata/cargo" .}}
+			{{template "package/metadata/chef" .}}
+			{{template "package/metadata/composer" .}}
+			{{template "package/metadata/conan" .}}
+			{{template "package/metadata/conda" .}}
+			{{template "package/metadata/container" .}}
+			{{template "package/metadata/cran" .}}
+			{{template "package/metadata/debian" .}}
+			{{template "package/metadata/generic" .}}
+			{{template "package/metadata/helm" .}}
+			{{template "package/metadata/maven" .}}
+			{{template "package/metadata/npm" .}}
+			{{template "package/metadata/nuget" .}}
+			{{template "package/metadata/pub" .}}
+			{{template "package/metadata/pypi" .}}
+			{{template "package/metadata/rpm" .}}
+			{{template "package/metadata/rubygems" .}}
+			{{template "package/metadata/swift" .}}
+			{{template "package/metadata/vagrant" .}}
+			{{if not (and (eq .PackageDescriptor.Package.Type "container") .PackageDescriptor.Metadata.Manifests)}}
+			<div class="item">{{svg "octicon-database"}} {{FileSize .PackageDescriptor.CalculateBlobSize}}</div>
+			{{end}}
+		</div>
+		{{if not (eq .PackageDescriptor.Package.Type "container")}}
+		<div class="divider"></div>
+		<strong>{{ctx.Locale.Tr "packages.assets"}} ({{len .PackageDescriptor.Files}})</strong>
+		<div class="ui relaxed list">
+			{{range .PackageDescriptor.Files}}
+			<div class="item">
+				<a href="{{$packageVersionLink}}/files/{{.File.ID}}">{{.File.Name}}</a>
+				<span class="text small tw-whitespace-nowrap">{{FileSize .Blob.Size}}</span>
+			</div>
+			{{end}}
+		</div>
+		{{end}}
+		<div class="divider"></div>
+		<strong>{{ctx.Locale.Tr "packages.versions"}} ({{.TotalVersionCount}})</strong>
+		<a class="tw-float-right" href="{{$.PackageDescriptor.PackageWebLink}}/versions">{{ctx.Locale.Tr "packages.versions.view_all"}}</a>
+		<div class="ui relaxed list">
+			{{range .LatestVersions}}
+			<div class="item tw-flex">
+				<a class="tw-flex-1 gt-ellipsis" title="{{.Version}}" href="{{$.PackageDescriptor.PackageWebLink}}/{{PathEscape .LowerVersion}}">{{.Version}}</a>
+				<span class="text small">{{DateUtils.AbsoluteShort .CreatedUnix}}</span>
+			</div>
+			{{end}}
+		</div>
+		{{if or .CanWritePackages .HasRepositoryAccess}}
+		<div class="divider"></div>
+		<div class="ui relaxed list flex-items-block">
+			{{if .HasRepositoryAccess}}
+			<div class="item">{{svg "octicon-issue-opened"}} <a href="{{.PackageDescriptor.Repository.Link}}/issues">{{ctx.Locale.Tr "repo.issues"}}</a></div>
+			{{end}}
+			{{if .CanWritePackages}}
+			<div class="item">{{svg "octicon-tools"}} <a href="{{$packageVersionLink}}/settings">{{ctx.Locale.Tr "repo.settings"}}</a></div>
+			{{end}}
+		</div>
+		{{end}}
+	</div>
+</div>
diff --git a/templates/package/view.tmpl b/templates/package/view.tmpl
index 9e92207466..9067f44296 100644
--- a/templates/package/view.tmpl
+++ b/templates/package/view.tmpl
@@ -1,114 +1,24 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content repository packages">
-	{{template "shared/user/org_profile_avatar" .}}
+{{if .ContextUser.IsOrganization}}
+<div role="main" aria-label="{{.Title}}" class="page-content organization packages">
+	{{template "org/header" .}}
 	<div class="ui container">
-		{{template "user/overview/header" .}}
-		<div class="issue-title-header">
-			<h1>{{.PackageDescriptor.Package.Name}} ({{.PackageDescriptor.Version.Version}})</h1>
-			<div>
-				{{$timeStr := DateUtils.TimeSince .PackageDescriptor.Version.CreatedUnix}}
-				{{if .HasRepositoryAccess}}
-					{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName .PackageDescriptor.Repository.Link .PackageDescriptor.Repository.FullName}}
-				{{else}}
-					{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName}}
-				{{end}}
-			</div>
-		</div>
-		<div class="issue-content">
-			<div class="issue-content-left">
-				{{template "package/content/alpine" .}}
-				{{template "package/content/arch" .}}
-				{{template "package/content/cargo" .}}
-				{{template "package/content/chef" .}}
-				{{template "package/content/composer" .}}
-				{{template "package/content/conan" .}}
-				{{template "package/content/conda" .}}
-				{{template "package/content/container" .}}
-				{{template "package/content/cran" .}}
-				{{template "package/content/debian" .}}
-				{{template "package/content/generic" .}}
-				{{template "package/content/go" .}}
-				{{template "package/content/helm" .}}
-				{{template "package/content/maven" .}}
-				{{template "package/content/npm" .}}
-				{{template "package/content/nuget" .}}
-				{{template "package/content/pub" .}}
-				{{template "package/content/pypi" .}}
-				{{template "package/content/rpm" .}}
-				{{template "package/content/rubygems" .}}
-				{{template "package/content/swift" .}}
-				{{template "package/content/vagrant" .}}
+		{{template "package/shared/view" .}}
+	</div>
+</div>
+{{else}}
+<div role="main" aria-label="{{.Title}}" class="page-content user profile packages">
+	<div class="ui container">
+		<div class="ui stackable grid">
+			<div class="ui four wide column">
+				{{template "shared/user/profile_big_avatar" .}}
 			</div>
-			<div class="issue-content-right ui segment">
-				<strong>{{ctx.Locale.Tr "packages.details"}}</strong>
-				<div class="ui relaxed list flex-items-block">
-					<div class="item">{{svg .PackageDescriptor.Package.Type.SVGName}} {{.PackageDescriptor.Package.Type.Name}}</div>
-					{{if .HasRepositoryAccess}}
-					<div class="item">{{svg "octicon-repo"}} <a href="{{.PackageDescriptor.Repository.Link}}">{{.PackageDescriptor.Repository.FullName}}</a></div>
-					{{end}}
-					<div class="item">{{svg "octicon-calendar"}} {{DateUtils.TimeSince .PackageDescriptor.Version.CreatedUnix}}</div>
-					<div class="item">{{svg "octicon-download"}} {{.PackageDescriptor.Version.DownloadCount}}</div>
-					{{template "package/metadata/alpine" .}}
-					{{template "package/metadata/arch" .}}
-					{{template "package/metadata/cargo" .}}
-					{{template "package/metadata/chef" .}}
-					{{template "package/metadata/composer" .}}
-					{{template "package/metadata/conan" .}}
-					{{template "package/metadata/conda" .}}
-					{{template "package/metadata/container" .}}
-					{{template "package/metadata/cran" .}}
-					{{template "package/metadata/debian" .}}
-					{{template "package/metadata/generic" .}}
-					{{template "package/metadata/helm" .}}
-					{{template "package/metadata/maven" .}}
-					{{template "package/metadata/npm" .}}
-					{{template "package/metadata/nuget" .}}
-					{{template "package/metadata/pub" .}}
-					{{template "package/metadata/pypi" .}}
-					{{template "package/metadata/rpm" .}}
-					{{template "package/metadata/rubygems" .}}
-					{{template "package/metadata/swift" .}}
-					{{template "package/metadata/vagrant" .}}
-					{{if not (and (eq .PackageDescriptor.Package.Type "container") .PackageDescriptor.Metadata.Manifests)}}
-					<div class="item">{{svg "octicon-database"}} {{FileSize .PackageDescriptor.CalculateBlobSize}}</div>
-					{{end}}
-				</div>
-				{{if not (eq .PackageDescriptor.Package.Type "container")}}
-					<div class="divider"></div>
-					<strong>{{ctx.Locale.Tr "packages.assets"}} ({{len .PackageDescriptor.Files}})</strong>
-					<div class="ui relaxed list">
-					{{range .PackageDescriptor.Files}}
-						<div class="item">
-							<a href="{{$.Link}}/files/{{.File.ID}}">{{.File.Name}}</a>
-							<span class="text small file-size">{{FileSize .Blob.Size}}</span>
-						</div>
-					{{end}}
-					</div>
-				{{end}}
-				<div class="divider"></div>
-				<strong>{{ctx.Locale.Tr "packages.versions"}} ({{.TotalVersionCount}})</strong>
-				<a class="tw-float-right" href="{{$.PackageDescriptor.PackageWebLink}}/versions">{{ctx.Locale.Tr "packages.versions.view_all"}}</a>
-				<div class="ui relaxed list">
-				{{range .LatestVersions}}
-					<div class="item tw-flex">
-						<a class="tw-flex-1 gt-ellipsis" title="{{.Version}}" href="{{$.PackageDescriptor.PackageWebLink}}/{{PathEscape .LowerVersion}}">{{.Version}}</a>
-						<span class="text small">{{DateUtils.AbsoluteShort .CreatedUnix}}</span>
-					</div>
-				{{end}}
-				</div>
-				{{if or .CanWritePackages .HasRepositoryAccess}}
-					<div class="divider"></div>
-					<div class="ui relaxed list flex-items-block">
-						{{if .HasRepositoryAccess}}
-						<div class="item">{{svg "octicon-issue-opened"}} <a href="{{.PackageDescriptor.Repository.Link}}/issues">{{ctx.Locale.Tr "repo.issues"}}</a></div>
-						{{end}}
-						{{if .CanWritePackages}}
-						<div class="item">{{svg "octicon-tools"}} <a href="{{.Link}}/settings">{{ctx.Locale.Tr "repo.settings"}}</a></div>
-						{{end}}
-					</div>
-				{{end}}
+			<div class="ui twelve wide column tw-mb-4">
+				{{template "user/overview/header" .}}
+				{{template "package/shared/view" .}}
 			</div>
 		</div>
 	</div>
 </div>
+{{end}}
 {{template "base/footer" .}}
diff --git a/templates/post-install.tmpl b/templates/post-install.tmpl
index fa10827295..9baac4f84c 100644
--- a/templates/post-install.tmpl
+++ b/templates/post-install.tmpl
@@ -2,9 +2,9 @@
 <div role="main" aria-label="{{.Title}}" class="page-content install post-install tw-h-full">
 	<div class="home tw-text-center tw-h-full tw-flex tw-flex-col tw-justify-center"><!-- the "home" class makes the links green -->
 		<!-- the "cup" has a handler, so move it a little leftward to make it visually in the center -->
-		<div class="tw-ml-[-30px]"><img width="160" src="{{AssetUrlPrefix}}/img/loading.png" alt="" aria-hidden="true"></div>
+		<div class="tw-ml-[-30px]"><img width="160" src="{{AssetUrlPrefix}}/img/loading.png" alt aria-hidden="true"></div>
 		<div class="tw-my-[2em] tw-text-[18px]">
-			<a id="goto-user-login" href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "install.installing_desc"}}</a>
+			<a id="goto-after-install" href="{{AppSubUrl}}{{Iif .IsAccountCreated "/user/login" "/user/sign_up"}}">{{ctx.Locale.Tr "install.installing_desc"}}</a>
 		</div>
 	</div>
 </div>
diff --git a/templates/projects/list.tmpl b/templates/projects/list.tmpl
index 48083811e7..e769543f6a 100644
--- a/templates/projects/list.tmpl
+++ b/templates/projects/list.tmpl
@@ -1,5 +1,5 @@
 {{if and $.CanWriteProjects (not $.Repository.IsArchived)}}
-	<div class="tw-flex tw-justify-between tw-mb-4">
+	<div class="flex-text-block tw-justify-between tw-mb-4">
 		<div class="small-menu-items ui compact tiny menu list-header-toggle">
 			<a class="item{{if not .IsShowClosed}} active{{end}}" href="?state=open&q={{$.Keyword}}">
 				{{svg "octicon-project-symlink" 16 "tw-mr-2"}}
@@ -10,9 +10,7 @@
 				{{ctx.Locale.PrettyNumber .ClosedCount}}&nbsp;{{ctx.Locale.Tr "repo.issues.closed_title"}}
 			</a>
 		</div>
-		<div class="tw-text-right">
-			<a class="ui small primary button" href="{{$.Link}}/new">{{ctx.Locale.Tr "repo.projects.new"}}</a>
-		</div>
+		<a class="ui small primary button" href="{{$.Link}}/new">{{ctx.Locale.Tr "repo.projects.new"}}</a>
 	</div>
 {{end}}
 
@@ -69,7 +67,7 @@
 					{{else}}
 						<a class="link-action flex-text-inline" href data-url="{{.Link ctx}}/close">{{svg "octicon-skip" 14}}{{ctx.Locale.Tr "repo.projects.close"}}</a>
 					{{end}}
-					<a class="delete-button flex-text-inline" href="#" data-url="{{.Link ctx}}/delete">{{svg "octicon-trash" 14}}{{ctx.Locale.Tr "repo.issues.label_delete"}}</a>
+					<a class="link-action flex-text-inline text red" href data-modal-confirm="#repo-project-delete-modal" data-url="{{.Link ctx}}/delete">{{svg "octicon-trash" 14}}{{ctx.Locale.Tr "repo.issues.label_delete"}}</a>
 				</div>
 				{{end}}
 			</div>
@@ -83,14 +81,9 @@
 </div>
 
 {{if and $.CanWriteProjects (not $.Repository.IsArchived)}}
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.projects.deletion"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.projects.deletion_desc"}}</p>
-	</div>
+<div class="ui small modal" id="repo-project-delete-modal">
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.projects.deletion"}}</div>
+	<div class="content"><p>{{ctx.Locale.Tr "repo.projects.deletion_desc"}}</p></div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
 {{end}}
diff --git a/templates/projects/new.tmpl b/templates/projects/new.tmpl
index a936079c46..f2630be09b 100644
--- a/templates/projects/new.tmpl
+++ b/templates/projects/new.tmpl
@@ -64,7 +64,7 @@
 		</div>
 	</div>
 	<div class="divider"></div>
-	<div class="tw-text-right">
+	<div class="flex-text-block tw-justify-end">
 		<a class="ui cancel button" href="{{$.CancelLink}}">
 			{{ctx.Locale.Tr "repo.milestones.cancel"}}
 		</a>
diff --git a/templates/projects/view.tmpl b/templates/projects/view.tmpl
index f4478d544a..692808a32d 100644
--- a/templates/projects/view.tmpl
+++ b/templates/projects/view.tmpl
@@ -1,27 +1,32 @@
 {{$canWriteProject := and .CanWriteProjects (or (not .Repository) (not .Repository.IsArchived))}}
 
-<div class="ui container tw-max-w-full">
-	<div class="tw-flex tw-justify-between tw-items-center tw-mb-4 tw-gap-3">
-		<h2 class="tw-mb-0 tw-flex-1 tw-break-anywhere">{{.Project.Title}}</h2>
-			<div class="project-toolbar-right">
-				<div class="ui secondary filter menu labels">
-					{{$queryLink := QueryBuild "?" "labels" .SelectLabels "assignee" $.AssigneeID "archived_labels" (Iif $.ShowArchivedLabels "true")}}
-
-					{{template "repo/issue/filter_item_label" dict "Labels" .Labels "QueryLink" $queryLink "SupportArchivedLabel" true}}
-
-					{{template "repo/issue/filter_item_user_assign" dict
-						"QueryParamKey" "assignee"
-						"QueryLink" $queryLink
-						"UserSearchList" $.Assignees
-						"SelectedUserId" $.AssigneeID
-						"TextFilterTitle" (ctx.Locale.Tr "repo.issues.filter_assignee")
-						"TextFilterMatchNone" (ctx.Locale.Tr "repo.issues.filter_assginee_no_assignee")
-						"TextFilterMatchAny" (ctx.Locale.Tr "repo.issues.filter_assignee_any_assignee")
-					}}
-				</div>
-			</div>
+<div class="ui container fluid padded projects-view">
+	<div class="ui container flex-text-block project-header">
+		<h2>{{.Project.Title}}</h2>
+		<div class="tw-flex-1"></div>
+		<div class="ui secondary menu tw-m-0">
+			{{$queryLink := QueryBuild "?" "labels" .SelectLabels "assignee" $.AssigneeID "archived_labels" (Iif $.ShowArchivedLabels "true")}}
+			{{template "repo/issue/filter_item_label" dict "Labels" .Labels "QueryLink" $queryLink "SupportArchivedLabel" true}}
+			{{template "repo/issue/filter_item_user_assign" dict
+				"QueryParamKey" "assignee"
+				"QueryLink" $queryLink
+				"UserSearchList" $.Assignees
+				"SelectedUserId" $.AssigneeID
+				"TextFilterTitle" (ctx.Locale.Tr "repo.issues.filter_assignee")
+				"TextFilterMatchNone" (ctx.Locale.Tr "repo.issues.filter_assignee_no_assignee")
+				"TextFilterMatchAny" (ctx.Locale.Tr "repo.issues.filter_assignee_any_assignee")
+			}}
+		</div>
 		{{if $canWriteProject}}
 			<div class="ui compact mini menu">
+				<a class="item screen-full">
+					{{svg "octicon-screen-full"}}
+					{{ctx.Locale.Tr "projects.enter_fullscreen"}}
+				</a>
+				<a class="item screen-normal tw-hidden">
+					{{svg "octicon-screen-normal"}}
+					{{ctx.Locale.Tr "projects.exit_fullscreen"}}
+				</a>
 				<a class="item" href="{{.Link}}/edit?redirect=project">
 					{{svg "octicon-pencil"}}
 					{{ctx.Locale.Tr "repo.issues.label_edit"}}
@@ -59,13 +64,12 @@
 		{{end}}
 	</div>
 
-	<div class="content">{{$.Project.RenderedContent}}</div>
-
-	<div class="divider"></div>
-</div>
+	<div class="ui container project-description">
+		{{$.Project.RenderedContent}}
+		<div class="divider"></div>
+	</div>
 
-<div id="project-board" data-project-borad-writable="{{$canWriteProject}}">
-	<div class="board {{if $canWriteProject}}sortable{{end}}" {{if $canWriteProject}}data-url="{{$.Link}}/move"{{end}}>
+	<div id="project-board" class="board {{if $canWriteProject}}sortable{{end}}" data-project-borad-writable="{{$canWriteProject}}" {{if $canWriteProject}}data-url="{{$.Link}}/move"{{end}}>
 		{{range .Columns}}
 			<div class="project-column" {{if .Color}}style="background: {{.Color}} !important; color: {{ContrastColor .Color}} !important"{{end}} data-id="{{.ID}}" data-sorting="{{.Sorting}}" data-url="{{$.Link}}/{{.ID}}">
 				<div class="project-column-header{{if $canWriteProject}} tw-cursor-grab{{end}}">
@@ -126,12 +130,12 @@
 			<input class="project-column-id" type="hidden" name="id">
 			<div class="required field">
 				<label class="project-column-title-label" for="project-column-title-input">title</label>
-				<input id="project-column-title-input" name="title" value="{{.Title}}" required>
+				<input id="project-column-title-input" name="title" required>
 			</div>
 			<div class="field">
 				<label class="project-column-color-label" for="project-column-color-input">color</label>
-				<div class="js-color-picker-input column">
-					<input maxlength="7" placeholder="#c320f6" id="project-column-color-input" name="color" value="{{.Color}}">
+				<div class="color-picker-combo" data-global-init="initColorPicker">
+					<input maxlength="7" placeholder="#c320f6" id="project-column-color-input" name="color">
 					{{template "repo/issue/label_precolors"}}
 				</div>
 			</div>
diff --git a/templates/repo/actions/runs_list.tmpl b/templates/repo/actions/runs_list.tmpl
index fa1adb3e3b..23df61a43c 100644
--- a/templates/repo/actions/runs_list.tmpl
+++ b/templates/repo/actions/runs_list.tmpl
@@ -5,36 +5,55 @@
 		<h2>{{if $.IsFiltered}}{{ctx.Locale.Tr "actions.runs.no_results"}}{{else}}{{ctx.Locale.Tr "actions.runs.no_runs"}}{{end}}</h2>
 	</div>
 	{{end}}
-	{{range .Runs}}
+	{{range $run := .Runs}}
 		<div class="flex-item tw-items-center">
 			<div class="flex-item-leading">
-				{{template "repo/actions/status" (dict "status" .Status.String)}}
+				{{template "repo/actions/status" (dict "status" $run.Status.String)}}
 			</div>
 			<div class="flex-item-main">
-				<a class="flex-item-title" title="{{.Title}}" href="{{if .Link}}{{.Link}}{{else}}{{$.Link}}/{{.Index}}{{end}}">
-					{{if .Title}}{{.Title}}{{else}}{{ctx.Locale.Tr "actions.runs.empty_commit_message"}}{{end}}
+				<a class="flex-item-title" title="{{$run.Title}}" href="{{$run.Link}}">
+					{{or $run.Title (ctx.Locale.Tr "actions.runs.empty_commit_message")}}
 				</a>
 				<div class="flex-item-body">
-					<span><b>{{if not $.CurWorkflow}}{{.WorkflowID}} {{end}}#{{.Index}}</b>:</span>
-					{{- if .ScheduleID -}}
+					<span><b>{{if not $.CurWorkflow}}{{$run.WorkflowID}} {{end}}#{{$run.Index}}</b>:</span>
+					{{- if $run.ScheduleID -}}
 						{{ctx.Locale.Tr "actions.runs.scheduled"}}
 					{{- else -}}
 						{{ctx.Locale.Tr "actions.runs.commit"}}
-						<a href="{{$.RepoLink}}/commit/{{.CommitSHA}}">{{ShortSha .CommitSHA}}</a>
+						<a href="{{$.RepoLink}}/commit/{{$run.CommitSHA}}">{{ShortSha $run.CommitSHA}}</a>
 						{{ctx.Locale.Tr "actions.runs.pushed_by"}}
-						<a href="{{.TriggerUser.HomeLink}}">{{.TriggerUser.GetDisplayName}}</a>
+						<a href="{{$run.TriggerUser.HomeLink}}">{{$run.TriggerUser.GetDisplayName}}</a>
 					{{- end -}}
 				</div>
 			</div>
 			<div class="flex-item-trailing">
-				{{if .IsRefDeleted}}
-					<span class="ui label run-list-ref gt-ellipsis tw-line-through" data-tooltip-content="{{.PrettyRef}}">{{.PrettyRef}}</span>
+				{{if $run.IsRefDeleted}}
+					<span class="ui label run-list-ref gt-ellipsis tw-line-through" data-tooltip-content="{{$run.PrettyRef}}">{{$run.PrettyRef}}</span>
 				{{else}}
-					<a class="ui label run-list-ref gt-ellipsis" href="{{.RefLink}}" data-tooltip-content="{{.PrettyRef}}">{{.PrettyRef}}</a>
+					<a class="ui label run-list-ref gt-ellipsis" href="{{$run.RefLink}}" data-tooltip-content="{{$run.PrettyRef}}">{{$run.PrettyRef}}</a>
 				{{end}}
 				<div class="run-list-item-right">
-					<div class="run-list-meta">{{svg "octicon-calendar" 16}}{{DateUtils.TimeSince .Updated}}</div>
-					<div class="run-list-meta">{{svg "octicon-stopwatch" 16}}{{.Duration}}</div>
+					<div class="run-list-meta">{{svg "octicon-calendar" 16}}{{DateUtils.TimeSince $run.Updated}}</div>
+					<div class="run-list-meta">{{svg "octicon-stopwatch" 16}}{{$run.Duration}}</div>
+				</div>
+				<div class="ui dropdown jump tw-p-2">
+					{{svg "octicon-kebab-horizontal"}}
+					<div class="menu flex-items-menu">
+						<a class="item" href="{{$run.Link}}/workflow">{{svg "octicon-play"}}{{ctx.Locale.Tr "actions.runs.view_workflow_file"}}</a>
+						{{if and $.CanWriteRepoUnitActions (not $run.Status.IsDone)}}
+							<a class="item link-action" data-url="{{$run.Link}}/cancel">
+								{{svg "octicon-x"}}{{ctx.Locale.Tr "actions.runs.cancel"}}
+							</a>
+						{{end}}
+						{{if and $.CanWriteRepoUnitActions $run.Status.IsDone}}
+							<a class="item link-action"
+								data-url="{{$run.Link}}/delete"
+								data-modal-confirm="{{ctx.Locale.Tr "actions.runs.delete.description"}}"
+							>
+								{{svg "octicon-trash"}}{{ctx.Locale.Tr "actions.runs.delete"}}
+							</a>
+						{{end}}
+					</div>
 				</div>
 			</div>
 		</div>
diff --git a/templates/repo/actions/status.tmpl b/templates/repo/actions/status.tmpl
index 64c2543302..f2020bc160 100644
--- a/templates/repo/actions/status.tmpl
+++ b/templates/repo/actions/status.tmpl
@@ -16,7 +16,7 @@
 {{else if eq .status "blocked"}}
 	{{svg "octicon-blocked" $size (printf "text yellow %s" $className)}}
 {{else if eq .status "running"}}
-	{{svg "octicon-meter" $size (printf "text yellow job-status-rotate %s" $className)}}
+	{{svg "octicon-meter" $size (printf "text yellow circular-spin %s" $className)}}
 {{else}}{{/*failure, unknown*/}}
 	{{svg "octicon-x-circle-fill" $size (printf "text red %s" $className)}}
 {{end}}
diff --git a/templates/repo/actions/view_component.tmpl b/templates/repo/actions/view_component.tmpl
index 8d1de41f70..4e338ffcfc 100644
--- a/templates/repo/actions/view_component.tmpl
+++ b/templates/repo/actions/view_component.tmpl
@@ -4,7 +4,7 @@
 		data-actions-url="{{.ActionsURL}}"
 
 		data-locale-approve="{{ctx.Locale.Tr "repo.diff.review.approve"}}"
-		data-locale-cancel="{{ctx.Locale.Tr "cancel"}}"
+		data-locale-cancel="{{ctx.Locale.Tr "actions.runs.cancel"}}"
 		data-locale-rerun="{{ctx.Locale.Tr "rerun"}}"
 		data-locale-rerun-all="{{ctx.Locale.Tr "rerun_all"}}"
 		data-locale-runs-scheduled="{{ctx.Locale.Tr "actions.runs.scheduled"}}"
@@ -19,6 +19,7 @@
 		data-locale-status-skipped="{{ctx.Locale.Tr "actions.status.skipped"}}"
 		data-locale-status-blocked="{{ctx.Locale.Tr "actions.status.blocked"}}"
 		data-locale-artifacts-title="{{ctx.Locale.Tr "artifacts"}}"
+		data-locale-artifact-expired="{{ctx.Locale.Tr "expired"}}"
 		data-locale-confirm-delete-artifact="{{ctx.Locale.Tr "confirm_delete_artifact"}}"
 		data-locale-show-timestamps="{{ctx.Locale.Tr "show_timestamps"}}"
 		data-locale-show-log-seconds="{{ctx.Locale.Tr "show_log_seconds"}}"
diff --git a/templates/repo/actions/workflow_dispatch.tmpl b/templates/repo/actions/workflow_dispatch.tmpl
index 55fe122419..540bbe9162 100644
--- a/templates/repo/actions/workflow_dispatch.tmpl
+++ b/templates/repo/actions/workflow_dispatch.tmpl
@@ -10,7 +10,7 @@
 				<span class="ui inline required field">
 					<label>{{ctx.Locale.Tr "actions.workflow.from_ref"}}:</label>
 				</span>
-				<div class="ui inline field dropdown button select-branch branch-selector-dropdown ellipsis-items-nowrap">
+				<div class="ui inline field dropdown button select-branch branch-selector-dropdown ellipsis-text-items">
 					<input type="hidden" name="ref" hx-sync="this:replace" hx-target="#runWorkflowDispatchModalInputs" hx-swap="innerHTML" hx-get="{{$.Link}}/workflow-dispatch-inputs?workflow={{$.CurWorkflow}}" hx-trigger="change" value="refs/heads/{{index .Branches 0}}">
 					{{svg "octicon-git-branch" 14}}
 					<div class="default text">{{index .Branches 0}}</div>
diff --git a/templates/repo/actions/workflow_dispatch_inputs.tmpl b/templates/repo/actions/workflow_dispatch_inputs.tmpl
index 8b8292af1d..37538a318f 100644
--- a/templates/repo/actions/workflow_dispatch_inputs.tmpl
+++ b/templates/repo/actions/workflow_dispatch_inputs.tmpl
@@ -33,7 +33,8 @@
 		</div>
 	{{end}}
 	<div class="ui field">
-		<button class="ui tiny primary button" type="submit">{{ctx.Locale.Tr "actions.workflow.run"}}</button>
+		{{/* use autofocus here to prevent the "branch selection" dropdown from getting focus, otherwise it will auto popup */}}
+		<button class="ui tiny primary button" autofocus type="submit">{{ctx.Locale.Tr "actions.workflow.run"}}</button>
 	</div>
 {{end}}
 {{range .workflows}}
diff --git a/templates/repo/blame.tmpl b/templates/repo/blame.tmpl
index 05f79612bd..c4d9f0741f 100644
--- a/templates/repo/blame.tmpl
+++ b/templates/repo/blame.tmpl
@@ -10,7 +10,7 @@
 		</div>
 	{{end}}
 {{end}}
-<div class="{{TabSizeClass .Editorconfig .FileName}} non-diff-file-content">
+<div class="{{TabSizeClass .Editorconfig .FileTreePath}} non-diff-file-content">
 	<h4 class="file-header ui top attached header tw-flex tw-items-center tw-justify-between tw-flex-wrap">
 		<div class="file-header-left tw-flex tw-items-center tw-py-2 tw-pr-4">
 			{{template "repo/file_info" .}}
@@ -82,6 +82,8 @@
 			</table>
 			{{end}}{{/* end if .IsFileTooLarge */}}
 			<div class="code-line-menu tippy-target">
+				{{/*FIXME: the "HasSourceRenderedToggle" is never set on blame page, it should mean "whether the file is renderable".
+				If the file is renderable, then it must has the "display=source" parameter to make sure the file view page shows the source code, then line number works. */}}
 				{{if $.Permission.CanRead ctx.Consts.RepoUnitTypeIssues}}
 					<a class="item ref-in-new-issue" role="menuitem" data-url-issue-new="{{.RepoLink}}/issues/new" data-url-param-body-link="{{.Repository.Link}}/src/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}{{if $.HasSourceRenderedToggle}}?display=source{{end}}" rel="nofollow noindex">{{ctx.Locale.Tr "repo.issues.context.reference_issue"}}</a>
 				{{end}}
diff --git a/templates/repo/branch/list.tmpl b/templates/repo/branch/list.tmpl
index f4f3c2e5c5..9e86641c6f 100644
--- a/templates/repo/branch/list.tmpl
+++ b/templates/repo/branch/list.tmpl
@@ -20,14 +20,14 @@
 						<tr>
 							<td>
 								<div class="flex-text-block">
-									<a class="gt-ellipsis" href="{{.RepoLink}}/src/branch/{{PathEscapeSegments .DefaultBranchBranch.DBBranch.Name}}">{{.DefaultBranchBranch.DBBranch.Name}}</a>
+									<a class="gt-ellipsis branch-name" href="{{.RepoLink}}/src/branch/{{PathEscapeSegments .DefaultBranchBranch.DBBranch.Name}}">{{.DefaultBranchBranch.DBBranch.Name}}</a>
 									{{if .DefaultBranchBranch.IsProtected}}
 										<span data-tooltip-content="{{ctx.Locale.Tr "repo.settings.protected_branch"}}">{{svg "octicon-shield-lock"}}</span>
 									{{end}}
 									<button class="btn interact-fg tw-px-1" data-clipboard-text="{{.DefaultBranchBranch.DBBranch.Name}}" data-tooltip-content="{{ctx.Locale.Tr "copy_branch"}}">{{svg "octicon-copy" 14}}</button>
 									{{template "repo/commit_statuses" dict "Status" (index $.CommitStatus .DefaultBranchBranch.DBBranch.CommitID) "Statuses" (index $.CommitStatuses .DefaultBranchBranch.DBBranch.CommitID)}}
 								</div>
-								<p class="info tw-flex tw-items-center tw-my-1">{{svg "octicon-git-commit" 16 "tw-mr-1"}}<a href="{{.RepoLink}}/commit/{{PathEscape .DefaultBranchBranch.DBBranch.CommitID}}">{{ShortSha .DefaultBranchBranch.DBBranch.CommitID}}</a> · <span class="commit-message">{{ctx.RenderUtils.RenderCommitMessage .DefaultBranchBranch.DBBranch.CommitMessage (.Repository.ComposeMetas ctx)}}</span> · {{ctx.Locale.Tr "org.repo_updated"}} {{DateUtils.TimeSince .DefaultBranchBranch.DBBranch.CommitTime}}{{if .DefaultBranchBranch.DBBranch.Pusher}} &nbsp;{{template "shared/user/avatarlink" dict "user" .DefaultBranchBranch.DBBranch.Pusher}}{{template "shared/user/namelink" .DefaultBranchBranch.DBBranch.Pusher}}{{end}}</p>
+								<p class="info tw-flex tw-items-center tw-my-1">{{svg "octicon-git-commit" 16 "tw-mr-1"}}<a href="{{.RepoLink}}/commit/{{PathEscape .DefaultBranchBranch.DBBranch.CommitID}}">{{ShortSha .DefaultBranchBranch.DBBranch.CommitID}}</a> · <span class="commit-message">{{ctx.RenderUtils.RenderCommitMessage .DefaultBranchBranch.DBBranch.CommitMessage .Repository}}</span> · {{ctx.Locale.Tr "org.repo_updated"}} {{DateUtils.TimeSince .DefaultBranchBranch.DBBranch.CommitTime}}{{if .DefaultBranchBranch.DBBranch.Pusher}} &nbsp;{{template "shared/user/avatarlink" dict "user" .DefaultBranchBranch.DBBranch.Pusher}}{{template "shared/user/namelink" .DefaultBranchBranch.DBBranch.Pusher}}{{end}}</p>
 							</td>
 							{{/* FIXME: here and below, the tw-overflow-visible is not quite right but it is still needed the moment: to show the important buttons when the width is narrow */}}
 							<td class="tw-text-right tw-overflow-visible">
@@ -90,25 +90,31 @@
 							<td class="eight wide">
 							{{if .DBBranch.IsDeleted}}
 								<div class="flex-text-block">
-									<span class="gt-ellipsis">{{.DBBranch.Name}}</span>
+									<span class="gt-ellipsis branch-name">{{.DBBranch.Name}}</span>
 									<button class="btn interact-fg tw-px-1" data-clipboard-text="{{.DBBranch.Name}}" data-tooltip-content="{{ctx.Locale.Tr "copy_branch"}}">{{svg "octicon-copy" 14}}</button>
 								</div>
 								<p class="info">{{ctx.Locale.Tr "repo.branch.deleted_by" .DBBranch.DeletedBy.Name}} {{DateUtils.TimeSince .DBBranch.DeletedUnix}}</p>
 							{{else}}
 								<div class="flex-text-block">
-									<a class="gt-ellipsis" href="{{$.RepoLink}}/src/branch/{{PathEscapeSegments .DBBranch.Name}}">{{.DBBranch.Name}}</a>
+									<a class="gt-ellipsis branch-name" href="{{$.RepoLink}}/src/branch/{{PathEscapeSegments .DBBranch.Name}}">{{.DBBranch.Name}}</a>
 									{{if .IsProtected}}
 										<span data-tooltip-content="{{ctx.Locale.Tr "repo.settings.protected_branch"}}">{{svg "octicon-shield-lock"}}</span>
 									{{end}}
 									<button class="btn interact-fg tw-px-1" data-clipboard-text="{{.DBBranch.Name}}" data-tooltip-content="{{ctx.Locale.Tr "copy_branch"}}">{{svg "octicon-copy" 14}}</button>
 									{{template "repo/commit_statuses" dict "Status" (index $.CommitStatus .DBBranch.CommitID) "Statuses" (index $.CommitStatuses .DBBranch.CommitID)}}
 								</div>
-								<p class="info tw-flex tw-items-center tw-my-1">{{svg "octicon-git-commit" 16 "tw-mr-1"}}<a href="{{$.RepoLink}}/commit/{{PathEscape .DBBranch.CommitID}}">{{ShortSha .DBBranch.CommitID}}</a> · <span class="commit-message">{{ctx.RenderUtils.RenderCommitMessage .DBBranch.CommitMessage ($.Repository.ComposeMetas ctx)}}</span> · {{ctx.Locale.Tr "org.repo_updated"}} {{DateUtils.TimeSince .DBBranch.CommitTime}}{{if .DBBranch.Pusher}} &nbsp;{{template "shared/user/avatarlink" dict "user" .DBBranch.Pusher}} &nbsp;{{template "shared/user/namelink" .DBBranch.Pusher}}{{end}}</p>
+								<p class="info tw-flex tw-items-center tw-my-1">{{svg "octicon-git-commit" 16 "tw-mr-1"}}<a href="{{$.RepoLink}}/commit/{{PathEscape .DBBranch.CommitID}}">{{ShortSha .DBBranch.CommitID}}</a> · <span class="commit-message">{{ctx.RenderUtils.RenderCommitMessage .DBBranch.CommitMessage $.Repository}}</span> · {{ctx.Locale.Tr "org.repo_updated"}} {{DateUtils.TimeSince .DBBranch.CommitTime}}{{if .DBBranch.Pusher}} &nbsp;{{template "shared/user/avatarlink" dict "user" .DBBranch.Pusher}} &nbsp;{{template "shared/user/namelink" .DBBranch.Pusher}}{{end}}</p>
 							{{end}}
 							</td>
 							<td class="two wide ui">
-								{{if and (not .DBBranch.IsDeleted) $.DefaultBranchBranch}}
-								<div class="commit-divergence">
+							{{if and (not .DBBranch.IsDeleted) $.DefaultBranchBranch}}
+								{{$tooltipDivergence := ""}}
+								{{if or .CommitsBehind .CommitsAhead}}
+									{{$tooltipDivergence = ctx.Locale.Tr "repo.branch.commits_divergence_from" .CommitsBehind .CommitsAhead $.DefaultBranchBranch.DBBranch.Name}}
+								{{else}}
+									{{$tooltipDivergence = ctx.Locale.Tr "repo.branch.commits_no_divergence" $.DefaultBranchBranch.DBBranch.Name}}
+								{{end}}
+								<div class="commit-divergence" data-tooltip-content="{{$tooltipDivergence}}">
 									<div class="bar-group">
 										<div class="count count-behind">{{.CommitsBehind}}</div>
 										{{/* old code bears 0/0.0 = NaN output, so it might output invalid "width: NaNpx", it just works and doesn't caues any problem. */}}
@@ -119,7 +125,7 @@
 										<div class="bar bar-ahead" style="width: {{Eval 100 "*" .CommitsAhead "/" "(" .CommitsBehind "+" .CommitsAhead "+" 0.0 ")"}}%"></div>
 									</div>
 								</div>
-								{{end}}
+							{{end}}
 							</td>
 							<td class="two wide tw-text-right">
 								{{if not .LatestPullRequest}}
@@ -128,13 +134,13 @@
 											{{svg "octicon-git-pull-request"}} {{ctx.Locale.Tr "repo.branch.included"}}
 										</span>
 									{{else if and (not .DBBranch.IsDeleted) $.AllowsPulls (gt .CommitsAhead 0)}}
-									<a href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.DefaultBranchBranch.DBBranch.Name}}...{{if ne $.Repository.Owner.Name $.Owner.Name}}{{PathEscape $.Owner.Name}}:{{end}}{{PathEscapeSegments .DBBranch.Name}}">
+									<a href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.DefaultBranchBranch.DBBranch.Name}}...{{if ne $.Repository.Owner.Name $.Owner.Name}}{{PathEscape $.Owner.Name}}:{{end}}{{PathEscapeSegments .DBBranch.Name}}?expand=1">
 										<button id="new-pull-request" class="ui compact basic button tw-mr-0">{{if $.CanPull}}{{ctx.Locale.Tr "repo.pulls.compare_changes"}}{{else}}{{ctx.Locale.Tr "action.compare_branch"}}{{end}}</button>
 									</a>
 									{{end}}
 								{{else if and .LatestPullRequest.HasMerged .MergeMovedOn}}
 									{{if and (not .DBBranch.IsDeleted) $.AllowsPulls (gt .CommitsAhead 0)}}
-									<a href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.DefaultBranchBranch.DBBranch.Name}}...{{if ne $.Repository.Owner.Name $.Owner.Name}}{{PathEscape $.Owner.Name}}:{{end}}{{PathEscapeSegments .DBBranch.Name}}">
+									<a href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.DefaultBranchBranch.DBBranch.Name}}...{{if ne $.Repository.Owner.Name $.Owner.Name}}{{PathEscape $.Owner.Name}}:{{end}}{{PathEscapeSegments .DBBranch.Name}}?expand=1">
 										<button id="new-pull-request" class="ui compact basic button tw-mr-0">{{if $.CanPull}}{{ctx.Locale.Tr "repo.pulls.compare_changes"}}{{else}}{{ctx.Locale.Tr "action.compare_branch"}}{{end}}</button>
 									</a>
 									{{end}}
diff --git a/templates/repo/branch_dropdown.tmpl b/templates/repo/branch_dropdown.tmpl
index f679b8744b..36dc047c23 100644
--- a/templates/repo/branch_dropdown.tmpl
+++ b/templates/repo/branch_dropdown.tmpl
@@ -46,17 +46,21 @@ Search "repo/branch_dropdown" in the template directory to find all occurrences.
 	data-enable-feed="{{ctx.RootData.EnableFeed}}"
 >
 	{{/* show dummy elements before Vue componment is mounted, this code must match the code in BranchTagSelector.vue */}}
-	<div class="ui dropdown custom branch-selector-dropdown ellipsis-items-nowrap">
-		<div class="ui button branch-dropdown-button">
+	<div class="ui dropdown custom branch-selector-dropdown ellipsis-text-items">
+		<div class="ui compact button branch-dropdown-button">
 			<span class="flex-text-block gt-ellipsis">
-				{{if not .DropdownFixedText}}
-					{{if .ShowTabTags}}
+				{{if .DropdownFixedText}}
+					{{.DropdownFixedText}}
+				{{else}}
+					{{if eq .CurrentRefType "tag"}}
 						{{svg "octicon-tag"}}
-					{{else if .ShowTabBranches}}
+					{{else if eq .CurrentRefType "branch"}}
 						{{svg "octicon-git-branch"}}
+					{{else}}
+						{{svg "octicon-git-commit"}}
 					{{end}}
+					<strong class="tw-inline-block gt-ellipsis">{{.CurrentRefShortName}}</strong>
 				{{end}}
-				<strong class="tw-ml-2 tw-inline-block gt-ellipsis">{{Iif .DropdownFixedText .SelectedRefShortName}}</strong>
 			</span>
 			{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 		</div>
diff --git a/templates/repo/clone_panel.tmpl b/templates/repo/clone_panel.tmpl
index 2ed8f52fbe..e23bc8a19a 100644
--- a/templates/repo/clone_panel.tmpl
+++ b/templates/repo/clone_panel.tmpl
@@ -1,6 +1,6 @@
-<button class="ui primary button js-btn-clone-panel">
+<button class="ui compact primary button js-btn-clone-panel">
 	{{svg "octicon-code" 16}}
-	<span>Code</span>
+	<span>{{ctx.Locale.Tr "repo.code"}}</span>
 	{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 </button>
 <div class="clone-panel-popup tippy-target">
diff --git a/templates/repo/code/recently_pushed_new_branches.tmpl b/templates/repo/code/recently_pushed_new_branches.tmpl
index f0edf6065b..8569bd6c13 100644
--- a/templates/repo/code/recently_pushed_new_branches.tmpl
+++ b/templates/repo/code/recently_pushed_new_branches.tmpl
@@ -1,12 +1,18 @@
-{{range .RecentlyPushedNewBranches}}
-	<div class="ui positive message tw-flex tw-items-center tw-gap-2">
-		<div class="tw-flex-1 tw-break-anywhere">
-			{{$timeSince := DateUtils.TimeSince .CommitTime}}
-			{{$branchLink := HTMLFormat `<a href="%s">%s</a>` .BranchLink .BranchDisplayName}}
+{{/* Template Attributes:
+* RecentBranchesPromptData
+*/}}
+{{$data := .RecentBranchesPromptData}}
+{{if $data}}
+	{{range $recentBranch := $data.RecentlyPushedNewBranches}}
+	<div class="ui positive message flex-text-block">
+		<div class="tw-flex-1">
+			{{$timeSince := DateUtils.TimeSince $recentBranch.CommitTime}}
+			{{$branchLink := HTMLFormat `<a href="%s">%s</a>` $recentBranch.BranchLink .BranchDisplayName}}
 			{{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" $branchLink $timeSince}}
 		</div>
-		<a role="button" class="ui compact green button tw-m-0" href="{{.BranchCompareURL}}">
+		<a role="button" class="ui compact green button" href="{{QueryBuild $recentBranch.BranchCompareURL "expand" 1}}">
 			{{ctx.Locale.Tr "repo.pulls.compare_changes"}}
 		</a>
 	</div>
+	{{end}}
 {{end}}
diff --git a/templates/repo/commit_load_branches_and_tags.tmpl b/templates/repo/commit_load_branches_and_tags.tmpl
index ffa0e530e8..ecb210c575 100644
--- a/templates/repo/commit_load_branches_and_tags.tmpl
+++ b/templates/repo/commit_load_branches_and_tags.tmpl
@@ -1,5 +1,12 @@
 {{if not .PageIsWiki}}
 <div class="branch-and-tag-area" data-text-default-branch-tooltip="{{ctx.Locale.Tr "repo.commit.contained_in_default_branch"}}">
+	{{if .MergedPRIssueNumber}}
+	{{$prLink := HTMLFormat `<a href="%s/pulls/%d">#%d</a>` $.RepoLink $.MergedPRIssueNumber $.MergedPRIssueNumber}}
+	<div>
+		<div class="divider"></div>
+		<div>{{ctx.Locale.Tr "repo.commit.merged_in_pr" $prLink}}</div>
+	</div>
+	{{end}}
 	<button class="ui button ellipsis-button load-branches-and-tags tw-mt-2" aria-expanded="false"
 		data-fetch-url="{{.RepoLink}}/commit/{{.CommitID}}/load-branches-and-tags"
 		data-tooltip-content="{{ctx.Locale.Tr "repo.commit.load_referencing_branches_and_tags"}}"
diff --git a/templates/repo/commit_page.tmpl b/templates/repo/commit_page.tmpl
index ff3dccd534..68ccf9d275 100644
--- a/templates/repo/commit_page.tmpl
+++ b/templates/repo/commit_page.tmpl
@@ -5,7 +5,7 @@
 	<div class="ui container fluid padded">
 		<div class="ui top attached header clearing segment tw-relative commit-header">
 			<div class="tw-flex tw-mb-4 tw-gap-1">
-				<h3 class="tw-mb-0 tw-flex-1"><span class="commit-summary" title="{{.Commit.Summary}}">{{ctx.RenderUtils.RenderCommitMessage .Commit.Message ($.Repository.ComposeMetas ctx)}}</span>{{template "repo/commit_statuses" dict "Status" .CommitStatus "Statuses" .CommitStatuses}}</h3>
+				<h3 class="tw-mb-0 tw-flex-1"><span class="commit-summary" title="{{.Commit.Summary}}">{{ctx.RenderUtils.RenderCommitMessage .Commit.Message $.Repository}}</span>{{template "repo/commit_statuses" dict "Status" .CommitStatus "Statuses" .CommitStatuses "AdditionalClasses" "tw-inline"}}</h3>
 				{{if not $.PageIsWiki}}
 					<div class="commit-header-buttons">
 						<a class="ui primary tiny button" href="{{.SourcePath}}">
@@ -75,7 +75,7 @@
 												{{.CsrfTokenHtml}}
 												<div class="field">
 													<label>
-														{{ctx.Locale.Tr "repo.branch.new_branch_from" (`<span class="text" id="modal-create-branch-from-span"></span>`|SafeHTML)}}
+														{{ctx.Locale.Tr "repo.branch.new_branch_from" (HTMLFormat `<span class="%s" id="%s"></span>` "text" "modal-create-branch-from-span")}}
 													</label>
 												</div>
 												<div class="required field">
@@ -100,7 +100,7 @@
 												<input type="hidden" name="create_tag" value="true">
 												<div class="field">
 													<label>
-														{{ctx.Locale.Tr "repo.tag.create_tag_from" (`<span class="text" id="modal-create-tag-from-span"></span>`|SafeHTML)}}
+														{{ctx.Locale.Tr "repo.tag.create_tag_from" (HTMLFormat `<span class="%s" id="%s"></span>` "text" "modal-create-tag-from-span")}}
 													</label>
 												</div>
 												<div class="required field">
@@ -122,7 +122,7 @@
 				{{end}}
 			</div>
 			{{if IsMultilineCommitMessage .Commit.Message}}
-				<pre class="commit-body">{{ctx.RenderUtils.RenderCommitBody .Commit.Message ($.Repository.ComposeMetas ctx)}}</pre>
+				<pre class="commit-body">{{ctx.RenderUtils.RenderCommitBody .Commit.Message $.Repository}}</pre>
 			{{end}}
 			{{template "repo/commit_load_branches_and_tags" .}}
 		</div>
@@ -147,7 +147,7 @@
 			<div class="flex-text-inline">
 				{{if or (ne .Commit.Committer.Name .Commit.Author.Name) (ne .Commit.Committer.Email .Commit.Author.Email)}}
 					<span class="text grey">{{ctx.Locale.Tr "repo.diff.committed_by"}}</span>
-					{{if ne .Verification.CommittingUser.ID 0}}
+					{{if and .Verification.CommittingUser .Verification.CommittingUser.ID}}
 						{{ctx.AvatarUtils.Avatar .Verification.CommittingUser 20}}
 						<a href="{{.Verification.CommittingUser.HomeLink}}"><strong>{{.Commit.Committer.Name}}</strong></a>
 					{{else}}
diff --git a/templates/repo/commit_status.tmpl b/templates/repo/commit_status.tmpl
index eb700ab2bb..7184f5f8eb 100644
--- a/templates/repo/commit_status.tmpl
+++ b/templates/repo/commit_status.tmpl
@@ -14,3 +14,6 @@
 {{if eq .State "warning"}}
 	{{svg "gitea-exclamation" 18 "commit-status icon text yellow"}}
 {{end}}
+{{if eq .State "skipped"}}
+	{{svg "octicon-skip" 18 "commit-status icon text grey"}}
+{{end}}
diff --git a/templates/repo/commit_statuses.tmpl b/templates/repo/commit_statuses.tmpl
index a6f75584a3..1bbfb33105 100644
--- a/templates/repo/commit_statuses.tmpl
+++ b/templates/repo/commit_statuses.tmpl
@@ -1,10 +1,10 @@
 {{if .Statuses}}
 	{{if and (eq (len .Statuses) 1) .Status.TargetURL}}
-		<a class="flex-text-inline tw-no-underline {{.AdditionalClasses}}" data-tippy="commit-statuses" href="{{.Status.TargetURL}}">
+		<a class="flex-text-inline tw-no-underline {{.AdditionalClasses}}" data-global-init="initCommitStatuses" href="{{.Status.TargetURL}}">
 			{{template "repo/commit_status" .Status}}
 		</a>
 	{{else}}
-		<span class="flex-text-inline {{.AdditionalClasses}}" data-tippy="commit-statuses" tabindex="0">
+		<span class="flex-text-inline {{.AdditionalClasses}}" data-global-init="initCommitStatuses" tabindex="0">
 			{{template "repo/commit_status" .Status}}
 		</span>
 	{{end}}
diff --git a/templates/repo/commits_list.tmpl b/templates/repo/commits_list.tmpl
index e1bd6b73ae..959f2a9398 100644
--- a/templates/repo/commits_list.tmpl
+++ b/templates/repo/commits_list.tmpl
@@ -44,7 +44,7 @@
 							<span class="commit-summary {{if gt .ParentCount 1}} grey text{{end}}" title="{{.Summary}}">{{.Summary | ctx.RenderUtils.RenderEmoji}}</span>
 						{{else}}
 							{{$commitLink:= printf "%s/commit/%s" $commitRepoLink (PathEscape .ID.String)}}
-							<span class="commit-summary {{if gt .ParentCount 1}} grey text{{end}}" title="{{.Summary}}">{{ctx.RenderUtils.RenderCommitMessageLinkSubject .Message $commitLink ($.Repository.ComposeMetas ctx)}}</span>
+							<span class="commit-summary {{if gt .ParentCount 1}} grey text{{end}}" title="{{.Summary}}">{{ctx.RenderUtils.RenderCommitMessageLinkSubject .Message $commitLink $.Repository}}</span>
 						{{end}}
 						</span>
 						{{if IsMultilineCommitMessage .Message}}
@@ -52,11 +52,11 @@
 						{{end}}
 						{{template "repo/commit_statuses" dict "Status" .Status "Statuses" .Statuses}}
 						{{if IsMultilineCommitMessage .Message}}
-						<pre class="commit-body tw-hidden">{{ctx.RenderUtils.RenderCommitBody .Message ($.Repository.ComposeMetas ctx)}}</pre>
+						<pre class="commit-body tw-hidden">{{ctx.RenderUtils.RenderCommitBody .Message $.Repository}}</pre>
 						{{end}}
 						{{if $.CommitsTagsMap}}
 							{{range (index $.CommitsTagsMap .ID.String)}}
-								{{- template "repo/tag/name" dict "RepoLink" $.Repository.Link "TagName" .TagName "IsRelease" (not .IsTag) -}}
+								{{- template "repo/tag/name" dict "AdditionalClasses" "tw-py-0" "RepoLink" $.Repository.Link "TagName" .TagName "IsRelease" (not .IsTag) -}}
 							{{end}}
 						{{end}}
 					</td>
@@ -70,15 +70,15 @@
 						{{/* at the moment, wiki doesn't support these "view" links like "view at history point" */}}
 						{{if not $.PageIsWiki}}
 							{{/* view single file diff */}}
-							{{if $.FileName}}
+							{{if $.FileTreePath}}
 							<a class="btn interact-bg tw-p-2 view-single-diff" data-tooltip-content="{{ctx.Locale.Tr "repo.commits.view_file_diff"}}"
-								href="{{$commitRepoLink}}/commit/{{.ID.String}}?files={{$.FileName}}"
+								href="{{$commitRepoLink}}/commit/{{.ID.String}}?files={{$.FileTreePath}}"
 							>{{svg "octicon-file-diff"}}</a>
 							{{end}}
 
 							{{/* view at history point */}}
 							{{$viewCommitLink := printf "%s/src/commit/%s" $commitRepoLink (PathEscape .ID.String)}}
-							{{if $.FileName}}{{$viewCommitLink = printf "%s/%s" $viewCommitLink (PathEscapeSegments $.FileName)}}{{end}}
+							{{if $.FileTreePath}}{{$viewCommitLink = printf "%s/%s" $viewCommitLink (PathEscapeSegments $.FileTreePath)}}{{end}}
 							<a class="btn interact-bg tw-p-2 view-commit-path" data-tooltip-content="{{ctx.Locale.Tr "repo.commits.view_path"}}" href="{{$viewCommitLink}}">{{svg "octicon-file-code"}}</a>
 						{{end}}
 					</td>
diff --git a/templates/repo/commits_list_small.tmpl b/templates/repo/commits_list_small.tmpl
index 2acf7c58b8..0470d1e9f5 100644
--- a/templates/repo/commits_list_small.tmpl
+++ b/templates/repo/commits_list_small.tmpl
@@ -15,21 +15,21 @@
 		{{$commitLink:= printf "%s/%s" $commitBaseLink (PathEscape .ID.String)}}
 
 		<span class="tw-flex-1 tw-font-mono gt-ellipsis" title="{{.Summary}}">
-			{{- ctx.RenderUtils.RenderCommitMessageLinkSubject .Message $commitLink ($.comment.Issue.PullRequest.BaseRepo.ComposeMetas ctx) -}}
+			{{- ctx.RenderUtils.RenderCommitMessageLinkSubject .Message $commitLink $.comment.Issue.PullRequest.BaseRepo -}}
 		</span>
 
 		{{if IsMultilineCommitMessage .Message}}
 			<button class="ui button ellipsis-button show-panel toggle" data-panel="[data-singular-commit-body-for='{{$tag}}']">...</button>
 		{{end}}
 
-		<span class="tw-flex tw-items-center tw-gap-2">
+		<span class="flex-text-block">
 			{{template "repo/commit_statuses" dict "Status" .Status "Statuses" .Statuses}}
 			{{template "repo/commit_sign_badge" dict "Commit" . "CommitBaseLink" $commitBaseLink "CommitSignVerification" .Verification}}
 		</span>
 	</div>
 	{{if IsMultilineCommitMessage .Message}}
 	<pre class="commit-body tw-ml-[33px] tw-hidden" data-singular-commit-body-for="{{$tag}}">
-		{{- ctx.RenderUtils.RenderCommitBody .Message ($.comment.Issue.PullRequest.BaseRepo.ComposeMetas ctx) -}}
+		{{- ctx.RenderUtils.RenderCommitBody .Message $.comment.Issue.PullRequest.BaseRepo -}}
 	</pre>
 	{{end}}
 {{end}}
diff --git a/templates/repo/create.tmpl b/templates/repo/create.tmpl
index ad308c857c..ada7e0c092 100644
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@@ -7,32 +7,28 @@
 		<div class="ui attached segment">
 			{{template "base/alert" .}}
 			{{template "repo/create_helper" .}}
-
-			{{if not .CanCreateRepo}}
-			<div class="ui negative message">
-				<p>{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimit}}</p>
-			</div>
-			{{end}}
 			<form class="ui form left-right-form new-repo-form" action="{{.Link}}" method="post">
 				{{.CsrfTokenHtml}}
+				<div id="create-repo-error-message" class="ui negative message tw-text-center tw-hidden"></div>
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
-						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-						</span>
+					<div class="ui selection dropdown ellipsis-text-items" id="repo_owner_dropdown">
+						<input type="hidden" name="uid" value="{{.ContextUser.ID}}">
+						<span class="text"></span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
+							<div class="item" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}"
+								{{if not .CanCreateRepoInDoer}}
+									data-create-repo-disallowed-prompt="{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimitOfDoer}}"
+								{{end}}
+							>
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
@@ -212,7 +208,7 @@
 				<br>
 				<div class="inline field">
 					<label></label>
-					<button class="ui primary button{{if not .CanCreateRepo}} disabled{{end}}">
+					<button class="ui primary button">
 						{{ctx.Locale.Tr "repo.create_repo"}}
 					</button>
 				</div>
diff --git a/templates/repo/diff/box.tmpl b/templates/repo/diff/box.tmpl
index 19f2efecb7..e4d1efac57 100644
--- a/templates/repo/diff/box.tmpl
+++ b/templates/repo/diff/box.tmpl
@@ -35,9 +35,9 @@
 			{{template "repo/diff/whitespace_dropdown" .}}
 			{{template "repo/diff/options_dropdown" .}}
 			{{if .PageIsPullFiles}}
-				<div id="diff-commit-select" data-issuelink="{{$.Issue.Link}}" data-queryparams="?style={{if $.IsSplitStyle}}split{{else}}unified{{end}}&whitespace={{$.WhitespaceBehavior}}&show-outdated={{$.ShowOutdatedComments}}" data-filter_changes_by_commit="{{ctx.Locale.Tr "repo.pulls.filter_changes_by_commit"}}">
+				<div id="diff-commit-select" data-merge-base="{{.MergeBase}}" data-issuelink="{{$.Issue.Link}}" data-queryparams="?style={{if $.IsSplitStyle}}split{{else}}unified{{end}}&whitespace={{$.WhitespaceBehavior}}&show-outdated={{$.ShowOutdatedComments}}" data-filter_changes_by_commit="{{ctx.Locale.Tr "repo.pulls.filter_changes_by_commit"}}">
 					{{/* the following will be replaced by vue component, but this avoids any loading artifacts till the vue component is initialized */}}
-					<div class="ui jump dropdown basic button custom">
+					<div class="ui jump dropdown tiny basic button custom">
 						{{svg "octicon-git-commit"}}
 					</div>
 				</div>
@@ -60,6 +60,7 @@
 	{{end}}
 	<div id="diff-container">
 		{{if $showFileTree}}
+			{{$.FileIconPoolHTML}}
 			<div id="diff-file-tree" class="tw-hidden not-mobile"></div>
 			<script>
 				if (diffTreeVisible) document.getElementById('diff-file-tree').classList.remove('tw-hidden');
@@ -100,8 +101,8 @@
 									{{end}}
 								</div>
 								<span class="file tw-flex tw-items-center tw-font-mono tw-flex-1"><a class="muted file-link" title="{{if $file.IsRenamed}}{{$file.OldName}} → {{end}}{{$file.Name}}" href="#diff-{{$file.NameHash}}">{{if $file.IsRenamed}}{{$file.OldName}} → {{end}}{{$file.Name}}</a>
-									{{if .IsLFSFile}} ({{ctx.Locale.Tr "repo.stored_lfs"}}){{end}}
 									<button class="btn interact-fg tw-p-2" data-clipboard-text="{{$file.Name}}" data-tooltip-content="{{ctx.Locale.Tr "copy_path"}}">{{svg "octicon-copy" 14}}</button>
+									{{if .IsLFSFile}}<span class="ui label">LFS</span>{{end}}
 									{{if $file.IsGenerated}}
 										<span class="ui label">{{ctx.Locale.Tr "repo.diff.generated"}}</span>
 									{{end}}
@@ -147,7 +148,7 @@
 												<a class="item" rel="nofollow" href="{{$.BeforeSourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
 											{{else}}
 												<a class="item" rel="nofollow" href="{{$.SourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
-												{{if and $.Repository.CanEnableEditor $.CanEditFile (not $file.IsLFSFile) (not $file.IsBin)}}
+												{{if and $.Repository.CanEnableEditor $.CanEditFile}}
 													<a class="item" rel="nofollow" href="{{$.HeadRepoLink}}/_edit/{{PathEscapeSegments $.HeadBranchName}}/{{PathEscapeSegments $file.Name}}?return_uri={{print $.BackToLink "#diff-" $file.NameHash | QueryEscape}}">{{ctx.Locale.Tr "repo.editor.edit_this_file"}}</a>
 												{{end}}
 											{{end}}
@@ -223,6 +224,7 @@
 	{{if and (not $.Repository.IsArchived) (not .DiffNotAvailable)}}
 		<template id="issue-comment-editor-template">
 			<form class="ui form comment">
+				<div class="field">
 				{{template "shared/combomarkdowneditor" (dict
 					"CustomInit" true
 					"MarkdownPreviewInRepo" $.Repository
@@ -230,12 +232,13 @@
 					"TextareaName" "content"
 					"DropzoneParentContainer" ".ui.form"
 				)}}
+				</div>
 				{{if .IsAttachmentEnabled}}
 					<div class="field">
 						{{template "repo/upload" .}}
 					</div>
 				{{end}}
-				<div class="tw-text-right edit buttons">
+				<div class="field flex-text-block tw-justify-end">
 					<button class="ui cancel button">{{ctx.Locale.Tr "repo.issues.cancel"}}</button>
 					<button class="ui primary button">{{ctx.Locale.Tr "repo.issues.save"}}</button>
 				</div>
diff --git a/templates/repo/diff/comment_form.tmpl b/templates/repo/diff/comment_form.tmpl
index 964dc2adc7..58b675467c 100644
--- a/templates/repo/diff/comment_form.tmpl
+++ b/templates/repo/diff/comment_form.tmpl
@@ -27,7 +27,7 @@
 		{{end}}
 
 		<div class="field footer">
-			<div class="tw-text-right">
+			<div class="flex-text-block tw-justify-end">
 				{{if $.reply}}
 					<button class="ui submit primary tiny button btn-reply" type="submit">{{ctx.Locale.Tr "repo.diff.comment.reply"}}</button>
 					<input type="hidden" name="reply" value="{{$.reply}}">
diff --git a/templates/repo/diff/comments.tmpl b/templates/repo/diff/comments.tmpl
index 2e8261e479..22829fbf8a 100644
--- a/templates/repo/diff/comments.tmpl
+++ b/templates/repo/diff/comments.tmpl
@@ -2,14 +2,16 @@
 
 {{$createdStr:= DateUtils.TimeSince .CreatedUnix}}
 <div class="comment" id="{{.HashTag}}">
-	{{if .OriginalAuthor}}
-		<span class="avatar">{{ctx.AvatarUtils.Avatar nil}}</span>
-	{{else}}
-		{{template "shared/user/avatarlink" dict "user" .Poster}}
-	{{end}}
+	<div class="tw-mt-2 tw-mr-4">
+		{{if .OriginalAuthor}}
+			<span class="avatar">{{ctx.AvatarUtils.Avatar nil}}</span>
+		{{else}}
+			{{template "shared/user/avatarlink" dict "user" .Poster}}
+		{{end}}
+	</div>
 	<div class="content comment-container">
-		<div class="comment-header">
-			<div class="comment-header-left tw-flex tw-items-center">
+		<div class="comment-header avatar-content-left-arrow">
+			<div class="comment-header-left">
 				{{if .OriginalAuthor}}
 					<span class="text black tw-font-semibold tw-mr-1">
 						{{svg (MigrationIcon $.root.Repository.GetOriginalURLHostname)}}
@@ -30,7 +32,7 @@
 					</span>
 				{{end}}
 			</div>
-			<div class="comment-header-right actions tw-flex tw-items-center">
+			<div class="comment-header-right">
 				{{if .Invalidated}}
 					{{$referenceUrl := printf "%s#%s" $.root.Issue.Link .HashTag}}
 					<a href="{{$referenceUrl}}" class="ui label basic small" data-tooltip-content="{{ctx.Locale.Tr "repo.issues.review.outdated_description"}}">
diff --git a/templates/repo/diff/compare.tmpl b/templates/repo/diff/compare.tmpl
index 9a7a04a328..4e8ad1326c 100644
--- a/templates/repo/diff/compare.tmpl
+++ b/templates/repo/diff/compare.tmpl
@@ -32,7 +32,7 @@
 			<a class="tw-mr-2" href="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments $.HeadBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{end}}{{PathEscapeSegments $.BaseBranch}}" title="{{ctx.Locale.Tr "repo.pulls.switch_head_and_base"}}">{{svg "octicon-git-compare"}}</a>
 			<div class="ui dropdown jump select-branch">
 				<div class="ui basic small button">
-					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_base"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_base"}}{{end}}: {{$BaseCompareName}}:{{$.BaseBranch}}</span>
+					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_base"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_base"}}{{end}}: <strong>{{$BaseCompareName}}:{{$.BaseBranch}}</strong></span>
 					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 				</div>
 				<div class="menu">
@@ -103,7 +103,7 @@
 
 			<div class="ui dropdown jump select-branch">
 				<div class="ui basic small button">
-					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_compare"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_head"}}{{end}}: {{$HeadCompareName}}:{{$.HeadBranch}}</span>
+					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_compare"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_head"}}{{end}}: <strong>{{$HeadCompareName}}:{{$.HeadBranch}}</strong></span>
 					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 				</div>
 				<div class="menu">
@@ -189,7 +189,7 @@
 				<div class="ui segment flex-text-block tw-gap-4">
 					{{template "shared/issueicon" .}}
 					<div class="issue-title tw-break-anywhere">
-						{{ctx.RenderUtils.RenderIssueTitle .PullRequest.Issue.Title ($.Repository.ComposeMetas ctx)}}
+						{{ctx.RenderUtils.RenderIssueTitle .PullRequest.Issue.Title $.Repository}}
 						<span class="index">#{{.PullRequest.Issue.Index}}</span>
 					</div>
 					<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui compact button primary">
@@ -205,10 +205,10 @@
 					{{end}}
 				</div>
 			{{else if $allowCreatePR}}
-				<div class="ui info message pullrequest-form-toggle {{if .Flash}}tw-hidden{{end}}">
+				<div class="ui info message pullrequest-form-toggle {{if .ExpandNewPrForm}}tw-hidden{{end}}">
 					<button class="ui button primary show-panel toggle" data-panel=".pullrequest-form-toggle, .pullrequest-form">{{ctx.Locale.Tr "repo.pulls.new"}}</button>
 				</div>
-				<div class="pullrequest-form {{if not .Flash}}tw-hidden{{end}}">
+				<div class="pullrequest-form {{if not .ExpandNewPrForm}}tw-hidden{{end}}">
 					{{template "repo/issue/new_form" .}}
 				</div>
 			{{end}}
diff --git a/templates/repo/diff/conversation.tmpl b/templates/repo/diff/conversation.tmpl
index 08f60644b3..eb2abfa7e9 100644
--- a/templates/repo/diff/conversation.tmpl
+++ b/templates/repo/diff/conversation.tmpl
@@ -8,9 +8,9 @@
 	{{$referenceUrl := printf "%s#%s" $.Issue.Link $comment.HashTag}}
 	<div class="conversation-holder" data-path="{{$comment.TreePath}}" data-side="{{if lt $comment.Line 0}}left{{else}}right{{end}}" data-idx="{{$comment.UnsignedLine}}">
 		{{if $resolved}}
-			<div class="ui attached header resolved-placeholder tw-flex tw-items-center tw-justify-between">
-				<div class="ui grey text tw-flex tw-items-center tw-flex-wrap tw-gap-1">
-					{{svg "octicon-check" 16 "icon tw-mr-1"}}
+			<div class="resolved-placeholder">
+				<div class="flex-text-block tw-flex-wrap grey text">
+					{{svg "octicon-check"}}
 					<b>{{$resolveDoer.Name}}</b> {{ctx.Locale.Tr "repo.issues.review.resolved_by"}}
 					{{if $invalid}}
 						<!--
@@ -22,35 +22,33 @@
 						</a>
 					{{end}}
 				</div>
-				<div class="tw-flex tw-items-center tw-gap-2">
-					<button id="show-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="ui tiny labeled button show-outdated tw-flex tw-items-center">
-						{{svg "octicon-unfold" 16 "tw-mr-2"}}
-						{{ctx.Locale.Tr "repo.issues.review.show_resolved"}}
+				<div class="flex-text-block">
+					<button id="show-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="btn tiny show-outdated">
+						{{svg "octicon-unfold" 16 "tw-mr-2"}}{{ctx.Locale.Tr "repo.issues.review.show_resolved"}}
 					</button>
-					<button id="hide-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="ui tiny labeled button hide-outdated tw-flex tw-items-center tw-hidden">
-						{{svg "octicon-fold" 16 "tw-mr-2"}}
-						{{ctx.Locale.Tr "repo.issues.review.hide_resolved"}}
+					<button id="hide-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="btn tiny hide-outdated tw-hidden">
+						{{svg "octicon-fold" 16 "tw-mr-2"}}{{ctx.Locale.Tr "repo.issues.review.hide_resolved"}}
 					</button>
 				</div>
 			</div>
 		{{end}}
 		<div id="code-comments-{{$comment.ID}}" class="field comment-code-cloud {{if $resolved}}tw-hidden{{end}}">
 			<div class="comment-list">
-				<ui class="ui comments">
+				<div class="ui comments">
 					{{template "repo/diff/comments" dict "root" $ "comments" .comments}}
-				</ui>
+				</div>
 			</div>
-			<div class="tw-flex tw-justify-end tw-items-center tw-gap-2 tw-mt-2 tw-flex-wrap">
+			<div class="flex-text-block tw-mt-2 tw-flex-wrap tw-justify-end">
 				<div class="ui buttons">
 					<button class="ui icon tiny basic button previous-conversation">
-						{{svg "octicon-arrow-up" 12 "icon"}} {{ctx.Locale.Tr "repo.issues.previous"}}
+						{{svg "octicon-arrow-up" 12}} {{ctx.Locale.Tr "repo.issues.previous"}}
 					</button>
 					<button class="ui icon tiny basic button next-conversation">
-						{{svg "octicon-arrow-down" 12 "icon"}} {{ctx.Locale.Tr "repo.issues.next"}}
+						{{svg "octicon-arrow-down" 12}} {{ctx.Locale.Tr "repo.issues.next"}}
 					</button>
 				</div>
 				{{if and $.CanMarkConversation $hasReview (not $isReviewPending)}}
-					<button class="ui icon tiny basic button resolve-conversation tw-mr-0" data-origin="diff" data-action="{{if not $resolved}}Resolve{{else}}UnResolve{{end}}" data-comment-id="{{$comment.ID}}" data-update-url="{{$.RepoLink}}/issues/resolve_conversation">
+					<button class="ui icon tiny basic button resolve-conversation" data-origin="diff" data-action="{{if not $resolved}}Resolve{{else}}UnResolve{{end}}" data-comment-id="{{$comment.ID}}" data-update-url="{{$.RepoLink}}/issues/resolve_conversation">
 						{{if $resolved}}
 							{{ctx.Locale.Tr "repo.issues.review.un_resolve_conversation"}}
 						{{else}}
@@ -59,8 +57,8 @@
 					</button>
 				{{end}}
 				{{if and $.SignedUserID (not $.Repository.IsArchived)}}
-					<button class="comment-form-reply ui primary tiny labeled icon button tw-mr-0">
-						{{svg "octicon-reply" 16 "reply icon tw-mr-1"}}{{ctx.Locale.Tr "repo.diff.comment.reply"}}
+					<button class="comment-form-reply ui primary icon tiny button">
+						{{svg "octicon-reply" 12}}{{ctx.Locale.Tr "repo.diff.comment.reply"}}
 					</button>
 				{{end}}
 			</div>
diff --git a/templates/repo/diff/image_diff.tmpl b/templates/repo/diff/image_diff.tmpl
index bbd8d4a2ec..7557129c64 100644
--- a/templates/repo/diff/image_diff.tmpl
+++ b/templates/repo/diff/image_diff.tmpl
@@ -22,7 +22,7 @@
 						{{if .blobBase}}
 						<span class="side">
 							<p class="side-header">{{ctx.Locale.Tr "repo.diff.file_before"}}</p>
-							<span class="before-container"><img class="image-before"></span>
+							<span class="before-container"><img alt class="image-before"></span>
 							<p>
 								<span class="bounds-info-before">
 									{{ctx.Locale.Tr "repo.diff.file_image_width"}}: <span class="text bounds-info-width"></span>
@@ -37,7 +37,7 @@
 						{{if .blobHead}}
 						<span class="side">
 							<p class="side-header">{{ctx.Locale.Tr "repo.diff.file_after"}}</p>
-							<span class="after-container"><img class="image-after"></span>
+							<span class="after-container"><img alt class="image-after"></span>
 							<p>
 								<span class="bounds-info-after">
 									{{ctx.Locale.Tr "repo.diff.file_image_width"}}: <span class="text bounds-info-width"></span>
@@ -55,9 +55,9 @@
 				<div class="ui bottom attached tab image-diff-container" data-tab="diff-swipe-{{.file.NameHash}}">
 					<div class="diff-swipe">
 						<div class="swipe-frame">
-							<span class="before-container"><img class="image-before"></span>
+							<span class="before-container"><img alt class="image-before"></span>
 							<span class="swipe-container">
-								<span class="after-container"><img class="image-after"></span>
+								<span class="after-container"><img alt class="image-after"></span>
 							</span>
 							<span class="swipe-bar">
 								<span class="handle top-handle"></span>
@@ -70,8 +70,8 @@
 					<div class="diff-overlay">
 						<input type="range" min="0" max="100" value="50">
 						<div class="overlay-frame">
-							<span class="before-container"><img class="image-before"></span>
-							<span class="after-container"><img class="image-after"></span>
+							<span class="before-container"><img alt class="image-before"></span>
+							<span class="after-container"><img alt class="image-after"></span>
 						</div>
 					</div>
 				</div>
diff --git a/templates/repo/editor/cherry_pick.tmpl b/templates/repo/editor/cherry_pick.tmpl
index f9c9eef5aa..7981fd0761 100644
--- a/templates/repo/editor/cherry_pick.tmpl
+++ b/templates/repo/editor/cherry_pick.tmpl
@@ -3,15 +3,14 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<form class="ui edit form" method="post" action="{{.RepoLink}}/_cherrypick/{{.SHA}}/{{.BranchName | PathEscapeSegments}}">
+		<form class="ui edit form form-fetch-action" method="post" action="{{.CommitFormOptions.TargetFormAction}}">
 			{{.CsrfTokenHtml}}
-			<input type="hidden" name="last_commit" value="{{.last_commit}}">
-			<input type="hidden" name="page_has_posted" value="true">
+			{{template "repo/editor/common_top" .}}
 			<input type="hidden" name="revert" value="{{if eq .CherryPickType "revert"}}true{{else}}false{{end}}">
 			<div class="repo-editor-header">
-				<div class="ui breadcrumb field {{if .Err_TreePath}}error{{end}}">
-					{{$shaurl := printf "%s/commit/%s" $.RepoLink (PathEscape .SHA)}}
-					{{$shalink := HTMLFormat `<a class="ui primary sha label" href="%s">%s</a>` $shaurl (ShortSha .SHA)}}
+				<div class="breadcrumb">
+					{{$shaurl := printf "%s/commit/%s" $.RepoLink (PathEscape .FromCommitID)}}
+					{{$shalink := HTMLFormat `<a class="ui primary sha label" href="%s">%s</a>` $shaurl (ShortSha .FromCommitID)}}
 					{{if eq .CherryPickType "revert"}}
 						{{ctx.Locale.Tr "repo.editor.revert" $shalink}}
 					{{else}}
diff --git a/templates/repo/editor/commit_form.tmpl b/templates/repo/editor/commit_form.tmpl
index 8f46c47b96..3e4482f9e2 100644
--- a/templates/repo/editor/commit_form.tmpl
+++ b/templates/repo/editor/commit_form.tmpl
@@ -1,11 +1,11 @@
 <div class="commit-form-wrapper">
 	{{ctx.AvatarUtils.Avatar .SignedUser 40 "commit-avatar"}}
-	<div class="commit-form">
-		<h3>{{- if .CanCommitToBranch.WillSign}}
-			<span title="{{ctx.Locale.Tr "repo.signing.will_sign" .CanCommitToBranch.SigningKey}}">{{svg "octicon-lock" 24}}</span>
+	<div class="commit-form avatar-content-left-arrow">
+		<h3>{{- if .CommitFormOptions.WillSign}}
+			<span title="{{ctx.Locale.Tr "repo.signing.will_sign" .CommitFormOptions.SigningKey}}">{{svg "octicon-lock" 24}}</span>
 			{{ctx.Locale.Tr "repo.editor.commit_signed_changes"}}
 		{{- else}}
-			<span title="{{ctx.Locale.Tr (printf "repo.signing.wont_sign.%s" .CanCommitToBranch.WontSignReason)}}">{{svg "octicon-unlock" 24}}</span>
+			<span title="{{ctx.Locale.Tr (printf "repo.signing.wont_sign.%s" .CommitFormOptions.WontSignReason)}}">{{svg "octicon-unlock" 24}}</span>
 			{{ctx.Locale.Tr "repo.editor.commit_changes"}}
 		{{- end}}</h3>
 		<div class="field">
@@ -22,17 +22,17 @@
 		</div>
 		<div class="quick-pull-choice js-quick-pull-choice">
 			<div class="field">
-				<div class="ui radio checkbox {{if not .CanCommitToBranch.CanCommitToBranch}}disabled{{end}}">
+				<div class="ui radio checkbox {{if not .CommitFormOptions.CanCommitToBranch}}disabled{{end}}">
 					<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" data-button-text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "direct"}}checked{{end}}>
 					<label>
 						{{svg "octicon-git-commit"}}
 						{{ctx.Locale.Tr "repo.editor.commit_directly_to_this_branch" .BranchName}}
-						{{if not .CanCommitToBranch.CanCommitToBranch}}
+						{{if not .CommitFormOptions.CanCommitToBranch}}
 						<div class="ui visible small warning message">
 							{{ctx.Locale.Tr "repo.editor.no_commit_to_branch"}}
 							<ul>
-								{{if not .CanCommitToBranch.UserCanPush}}<li>{{ctx.Locale.Tr "repo.editor.user_no_push_to_branch"}}</li>{{end}}
-								{{if and .CanCommitToBranch.RequireSigned (not .CanCommitToBranch.WillSign)}}<li>{{ctx.Locale.Tr "repo.editor.require_signed_commit"}}</li>{{end}}
+								{{if not .CommitFormOptions.UserCanPush}}<li>{{ctx.Locale.Tr "repo.editor.user_no_push_to_branch"}}</li>{{end}}
+								{{if and .CommitFormOptions.RequireSigned (not .CommitFormOptions.WillSign)}}<li>{{ctx.Locale.Tr "repo.editor.require_signed_commit"}}</li>{{end}}
 							</ul>
 						</div>
 						{{end}}
@@ -42,14 +42,14 @@
 			{{if and (not .Repository.IsEmpty) (not .IsEditingFileOnly)}}
 				<div class="field">
 					<div class="ui radio checkbox">
-						{{if .CanCreatePullRequest}}
+						{{if .CommitFormOptions.CanCreatePullRequest}}
 							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" data-button-text="{{ctx.Locale.Tr "repo.editor.propose_file_change"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
 						{{else}}
 							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" data-button-text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
 						{{end}}
 						<label>
 							{{svg "octicon-git-pull-request"}}
-							{{if .CanCreatePullRequest}}
+							{{if .CommitFormOptions.CanCreatePullRequest}}
 								{{ctx.Locale.Tr "repo.editor.create_new_branch"}}
 							{{else}}
 								{{ctx.Locale.Tr "repo.editor.create_new_branch_np"}}
@@ -58,7 +58,7 @@
 					</div>
 				</div>
 				<div class="quick-pull-branch-name {{if not (eq .commit_choice "commit-to-new-branch")}}tw-hidden{{end}}">
-					<div class="new-branch-name-input field {{if .Err_NewBranchName}}error{{end}}">
+					<div class="new-branch-name-input field">
 						{{svg "octicon-git-branch"}}
 						<input type="text" name="new_branch_name" maxlength="100" value="{{.new_branch_name}}" class="input-contrast tw-mr-1 js-quick-pull-new-branch-name" placeholder="{{ctx.Locale.Tr "repo.editor.new_branch_name_desc"}}" {{if eq .commit_choice "commit-to-new-branch"}}required{{end}} title="{{ctx.Locale.Tr "repo.editor.new_branch_name"}}">
 						<span class="text-muted js-quick-pull-normalization-info"></span>
@@ -67,7 +67,7 @@
 			{{end}}
 		</div>
 		{{if and .CommitCandidateEmails (gt (len .CommitCandidateEmails) 1)}}
-			<div class="field {{if .Err_CommitEmail}}error{{end}}">
+			<div class="field">
 				<label>{{ctx.Locale.Tr "repo.editor.commit_email"}}</label>
 				<select class="ui selection dropdown" name="commit_email">
 					{{- range $email := .CommitCandidateEmails -}}
@@ -77,6 +77,7 @@
 			</div>
 		{{end}}
 	</div>
+	<input type="hidden" name="last_commit" value="{{.last_commit}}">
 	<button id="commit-button" type="submit" class="ui primary button">
 		{{if eq .commit_choice "commit-to-new-branch"}}{{ctx.Locale.Tr "repo.editor.propose_file_change"}}{{else}}{{ctx.Locale.Tr "repo.editor.commit_changes"}}{{end}}
 	</button>
diff --git a/templates/repo/editor/common_breadcrumb.tmpl b/templates/repo/editor/common_breadcrumb.tmpl
new file mode 100644
index 0000000000..8cfbe09d3e
--- /dev/null
+++ b/templates/repo/editor/common_breadcrumb.tmpl
@@ -0,0 +1,16 @@
+<div class="breadcrumb">
+	<a class="section" href="{{$.BranchLink}}">{{.Repository.Name}}</a>
+	{{$n := len .TreeNames}}
+	{{$l := Eval $n "-" 1}}
+	{{range $i, $v := .TreeNames}}
+		<div class="breadcrumb-divider">/</div>
+		{{if eq $i $l}}
+			<input id="file-name" maxlength="255" value="{{$v}}" placeholder="{{ctx.Locale.Tr (Iif $.PageIsUpload "repo.editor.add_subdir" "repo.editor.name_your_file")}}" data-editorconfig="{{$.EditorconfigJson}}" {{Iif $.PageIsUpload "" "required"}} autofocus>
+			<span data-tooltip-content="{{ctx.Locale.Tr "repo.editor.filename_help"}}">{{svg "octicon-info"}}</span>
+		{{else}}
+			<span class="section"><a href="{{$.BranchLink}}/{{index $.TreePaths $i | PathEscapeSegments}}">{{$v}}</a></span>
+		{{end}}
+	{{end}}
+	<span>{{ctx.Locale.Tr "repo.editor.or"}} <a href="{{or .ReturnURI (print $.BranchLink "/" (PathEscapeSegments .TreePath))}}">{{ctx.Locale.Tr "repo.editor.cancel_lower"}}</a></span>
+	<input type="hidden" id="tree_path" name="tree_path" value="{{.TreePath}}">
+</div>
diff --git a/templates/repo/editor/common_top.tmpl b/templates/repo/editor/common_top.tmpl
new file mode 100644
index 0000000000..23280ed565
--- /dev/null
+++ b/templates/repo/editor/common_top.tmpl
@@ -0,0 +1,6 @@
+{{if .CommitFormOptions.WillSubmitToFork}}
+<div class="ui blue message">
+	{{$repoLinkHTML := HTMLFormat `<a href="%s">%s</a>` .CommitFormOptions.TargetRepo.Link .CommitFormOptions.TargetRepo.FullName}}
+	{{ctx.Locale.Tr "repo.editor.fork_edit_description" $repoLinkHTML}}
+</div>
+{{end}}
diff --git a/templates/repo/editor/delete.tmpl b/templates/repo/editor/delete.tmpl
index 2c0c2fc792..bf6143f1cb 100644
--- a/templates/repo/editor/delete.tmpl
+++ b/templates/repo/editor/delete.tmpl
@@ -3,9 +3,9 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<form class="ui form" method="post">
+		<form class="ui form form-fetch-action" method="post" action="{{.CommitFormOptions.TargetFormAction}}">
 			{{.CsrfTokenHtml}}
-			<input type="hidden" name="last_commit" value="{{.last_commit}}">
+			{{template "repo/editor/common_top" .}}
 			{{template "repo/editor/commit_form" .}}
 		</form>
 	</div>
diff --git a/templates/repo/editor/edit.tmpl b/templates/repo/editor/edit.tmpl
index ae8a60c20c..0911d02e1f 100644
--- a/templates/repo/editor/edit.tmpl
+++ b/templates/repo/editor/edit.tmpl
@@ -3,56 +3,49 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<form class="ui edit form" method="post"
+		<form class="ui edit form form-fetch-action" method="post" action="{{.CommitFormOptions.TargetFormAction}}"
 					data-text-empty-confirm-header="{{ctx.Locale.Tr "repo.editor.commit_empty_file_header"}}"
 					data-text-empty-confirm-content="{{ctx.Locale.Tr "repo.editor.commit_empty_file_text"}}"
 		>
 			{{.CsrfTokenHtml}}
-			<input type="hidden" name="last_commit" value="{{.last_commit}}">
-			<input type="hidden" name="page_has_posted" value="{{.PageHasPosted}}">
+			{{template "repo/editor/common_top" .}}
 			<div class="repo-editor-header">
-				<div class="ui breadcrumb field{{if .Err_TreePath}} error{{end}}">
-					<a class="section" href="{{$.BranchLink}}">{{.Repository.Name}}</a>
-					{{$n := len .TreeNames}}
-					{{$l := Eval $n "-" 1}}
-					{{range $i, $v := .TreeNames}}
-						<div class="breadcrumb-divider">/</div>
-						{{if eq $i $l}}
-							<input id="file-name" maxlength="255" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.name_your_file"}}" data-editorconfig="{{$.EditorconfigJson}}" required autofocus>
-							<span data-tooltip-content="{{ctx.Locale.Tr "repo.editor.filename_help"}}">{{svg "octicon-info"}}</span>
-						{{else}}
-							<span class="section"><a href="{{$.BranchLink}}/{{index $.TreePaths $i | PathEscapeSegments}}">{{$v}}</a></span>
-						{{end}}
-					{{end}}
-					<span>{{ctx.Locale.Tr "repo.editor.or"}} <a href="{{if .ReturnURI}}{{.ReturnURI}}{{else}}{{$.BranchLink}}{{if not .IsNewFile}}/{{PathEscapeSegments .TreePath}}{{end}}{{end}}">{{ctx.Locale.Tr "repo.editor.cancel_lower"}}</a></span>
-					<input type="hidden" id="tree_path" name="tree_path" value="{{.TreePath}}" required>
-				</div>
+				{{template "repo/editor/common_breadcrumb" .}}
 			</div>
-			<div class="field">
-				<div class="ui top attached header">
-					<div class="ui compact small menu small-menu-items repo-editor-menu">
-						<a class="active item" data-tab="write">{{svg "octicon-code"}} {{if .IsNewFile}}{{ctx.Locale.Tr "repo.editor.new_file"}}{{else}}{{ctx.Locale.Tr "repo.editor.edit_file"}}{{end}}</a>
-						<a class="item" data-tab="preview" data-preview-url="{{.Repository.Link}}/markup" data-preview-context-ref="{{.RepoLink}}/src/{{.RefTypeNameSubURL}}">{{svg "octicon-eye"}} {{ctx.Locale.Tr "preview"}}</a>
-						{{if not .IsNewFile}}
-						<a class="item" data-tab="diff" hx-params="context,content" hx-vals='{"context":"{{.BranchLink}}"}' hx-include="#edit_area" hx-swap="innerHTML" hx-target=".tab[data-tab='diff']" hx-indicator=".tab[data-tab='diff']" hx-post="{{.RepoLink}}/_preview/{{.BranchName | PathEscapeSegments}}/{{.TreePath | PathEscapeSegments}}">{{svg "octicon-diff"}} {{ctx.Locale.Tr "repo.editor.preview_changes"}}</a>
-						{{end}}
-					</div>
-				</div>
-				<div class="ui bottom attached segment tw-p-0">
-					<div class="ui active tab tw-rounded-b" data-tab="write">
-						<textarea id="edit_area" name="content" class="tw-hidden" data-id="repo-{{.Repository.Name}}-{{.TreePath}}"
-							data-previewable-extensions="{{.PreviewableExtensions}}"
-							data-line-wrap-extensions="{{.LineWrapExtensions}}">{{.FileContent}}</textarea>
-						<div class="editor-loading is-loading"></div>
+			{{if not .NotEditableReason}}
+				<div class="field">
+					<div class="ui top attached header">
+						<div class="ui compact small menu small-menu-items repo-editor-menu">
+							<a class="active item" data-tab="write">{{svg "octicon-code"}} {{if .IsNewFile}}{{ctx.Locale.Tr "repo.editor.new_file"}}{{else}}{{ctx.Locale.Tr "repo.editor.edit_file"}}{{end}}</a>
+							<a class="item" data-tab="preview" data-preview-url="{{.Repository.Link}}/markup" data-preview-context-ref="{{.RepoLink}}/src/{{.RefTypeNameSubURL}}">{{svg "octicon-eye"}} {{ctx.Locale.Tr "preview"}}</a>
+							{{if not .IsNewFile}}
+							<a class="item" data-tab="diff" hx-params="context,content" hx-vals='{"context":"{{.BranchLink}}"}' hx-include="#edit_area" hx-swap="innerHTML" hx-target=".tab[data-tab='diff']" hx-indicator=".tab[data-tab='diff']" hx-post="{{.RepoLink}}/_preview/{{.BranchName | PathEscapeSegments}}/{{.TreePath | PathEscapeSegments}}">{{svg "octicon-diff"}} {{ctx.Locale.Tr "repo.editor.preview_changes"}}</a>
+							{{end}}
+						</div>
 					</div>
-					<div class="ui tab tw-px-4 tw-py-3" data-tab="preview">
-						{{ctx.Locale.Tr "loading"}}
+					<div class="ui bottom attached segment tw-p-0">
+						<div class="ui active tab tw-rounded-b" data-tab="write">
+							<textarea id="edit_area" name="content" class="tw-hidden" data-id="repo-{{.Repository.Name}}-{{.TreePath}}"
+								data-previewable-extensions="{{.PreviewableExtensions}}"
+								data-line-wrap-extensions="{{.LineWrapExtensions}}">{{.FileContent}}</textarea>
+							<div class="editor-loading is-loading"></div>
+						</div>
+						<div class="ui tab tw-px-4 tw-py-3" data-tab="preview">
+							{{ctx.Locale.Tr "loading"}}
+						</div>
+						<div class="ui tab" data-tab="diff">
+							<div class="tw-p-16"></div>
+						</div>
 					</div>
-					<div class="ui tab" data-tab="diff">
-						<div class="tw-p-16"></div>
+				</div>
+			{{else}}
+				<div class="field">
+					<div class="ui segment tw-text-center">
+						<h4 class="tw-font-semibold tw-mb-2">{{.NotEditableReason}}</h4>
+						<p>{{ctx.Locale.Tr "repo.editor.file_not_editable_hint"}}</p>
 					</div>
 				</div>
-			</div>
+			{{end}}
 			{{template "repo/editor/commit_form" .}}
 		</form>
 	</div>
diff --git a/templates/repo/editor/fork.tmpl b/templates/repo/editor/fork.tmpl
new file mode 100644
index 0000000000..e28b2ba7a2
--- /dev/null
+++ b/templates/repo/editor/fork.tmpl
@@ -0,0 +1,18 @@
+{{template "base/head" .}}
+<div role="main" aria-label="{{.Title}}" class="page-content repository">
+	{{template "repo/header" .}}
+	<div class="ui container">
+		{{template "base/alert" .}}
+		<form class="ui form form-fetch-action" method="post" action="{{.RepoLink}}/_fork/{{.BranchName | PathEscapeSegments}}">
+			{{.CsrfTokenHtml}}
+			<div class="tw-text-center">
+				<div class="tw-my-[40px]">
+					<h3>{{ctx.Locale.Tr "repo.editor.fork_create"}}</h3>
+					<p>{{ctx.Locale.Tr "repo.editor.fork_create_description"}}</p>
+				</div>
+				<button class="ui primary button">{{ctx.Locale.Tr "repo.fork_repo"}}</button>
+			</div>
+		</form>
+	</div>
+</div>
+{{template "base/footer" .}}
diff --git a/templates/repo/editor/patch.tmpl b/templates/repo/editor/patch.tmpl
index 33a7c2a89d..fa00edd92e 100644
--- a/templates/repo/editor/patch.tmpl
+++ b/templates/repo/editor/patch.tmpl
@@ -3,15 +3,14 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<form class="ui edit form" method="post" action="{{.RepoLink}}/_diffpatch/{{.BranchName | PathEscapeSegments}}"
+		<form class="ui edit form form-fetch-action" method="post" action="{{.CommitFormOptions.TargetFormAction}}"
 					data-text-empty-confirm-header="{{ctx.Locale.Tr "repo.editor.commit_empty_file_header"}}"
 					data-text-empty-confirm-content="{{ctx.Locale.Tr "repo.editor.commit_empty_file_text"}}"
 		>
 			{{.CsrfTokenHtml}}
-			<input type="hidden" name="last_commit" value="{{.last_commit}}">
-			<input type="hidden" name="page_has_posted" value="{{.PageHasPosted}}">
+			{{template "repo/editor/common_top" .}}
 			<div class="repo-editor-header">
-				<div class="ui breadcrumb field {{if .Err_TreePath}}error{{end}}">
+				<div class="breadcrumb">
 					{{ctx.Locale.Tr "repo.editor.patching"}}
 					<a class="section" href="{{$.RepoLink}}">{{.Repository.FullName}}</a>
 					<div class="breadcrumb-divider">:</div>
diff --git a/templates/repo/editor/upload.tmpl b/templates/repo/editor/upload.tmpl
index 5725020406..3e36c77b3b 100644
--- a/templates/repo/editor/upload.tmpl
+++ b/templates/repo/editor/upload.tmpl
@@ -3,25 +3,11 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<form class="ui comment form" method="post">
+		<form class="ui comment form form-fetch-action" method="post" action="{{.CommitFormOptions.TargetFormAction}}">
 			{{.CsrfTokenHtml}}
+			{{template "repo/editor/common_top" .}}
 			<div class="repo-editor-header">
-				<div class="ui breadcrumb field {{if .Err_TreePath}}error{{end}}">
-					<a class="section" href="{{$.BranchLink}}">{{.Repository.Name}}</a>
-					{{$n := len .TreeNames}}
-					{{$l := Eval $n "-" 1}}
-					{{range $i, $v := .TreeNames}}
-						<div class="breadcrumb-divider">/</div>
-						{{if eq $i $l}}
-							<input type="text" id="file-name" maxlength="255" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.add_subdir"}}" autofocus>
-							<span data-tooltip-content="{{ctx.Locale.Tr "repo.editor.filename_help"}}">{{svg "octicon-info"}}</span>
-						{{else}}
-							<span class="section"><a href="{{$.BranchLink}}/{{index $.TreePaths $i | PathEscapeSegments}}">{{$v}}</a></span>
-						{{end}}
-					{{end}}
-					<span>{{ctx.Locale.Tr "repo.editor.or"}} <a href="{{$.BranchLink}}{{if not .IsNewFile}}/{{.TreePath | PathEscapeSegments}}{{end}}">{{ctx.Locale.Tr "repo.editor.cancel_lower"}}</a></span>
-					<input type="hidden" id="tree_path" name="tree_path" value="{{.TreePath}}" required>
-				</div>
+				{{template "repo/editor/common_breadcrumb" .}}
 			</div>
 			<div class="field">
 				{{template "repo/upload" .}}
diff --git a/templates/repo/empty.tmpl b/templates/repo/empty.tmpl
index ae3f95045b..32b5c8401b 100644
--- a/templates/repo/empty.tmpl
+++ b/templates/repo/empty.tmpl
@@ -47,7 +47,7 @@
 								<h3>{{ctx.Locale.Tr "repo.create_new_repo_command"}}</h3>
 								<div class="markup">
 									<pre><code>touch README.md
-git init
+git init{{if ne .Repository.ObjectFormatName "sha1"}} --object-format={{.Repository.ObjectFormatName}}{{end}}{{/* for sha256 repo, it needs to set "object-format" explicitly*/}}
 {{if ne .Repository.DefaultBranch "master"}}git checkout -b {{.Repository.DefaultBranch}}{{end}}
 git add README.md
 git commit -m "first commit"
diff --git a/templates/repo/file_info.tmpl b/templates/repo/file_info.tmpl
index b63af68973..38133bde2b 100644
--- a/templates/repo/file_info.tmpl
+++ b/templates/repo/file_info.tmpl
@@ -11,7 +11,7 @@
 	{{end}}
 	{{if ne .FileSize nil}}
 		<div class="file-info-entry">
-			{{FileSize .FileSize}}{{if .IsLFSFile}} ({{ctx.Locale.Tr "repo.stored_lfs"}}){{end}}
+			{{FileSize .FileSize}}{{if .IsLFSFile}}<span class="ui label">LFS</span>{{end}}
 		</div>
 	{{end}}
 	{{if .LFSLock}}
diff --git a/templates/repo/forks.tmpl b/templates/repo/forks.tmpl
index 725b67c651..6e46457893 100644
--- a/templates/repo/forks.tmpl
+++ b/templates/repo/forks.tmpl
@@ -1,20 +1,12 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository forks">
 	{{template "repo/header" .}}
-	<div class="ui container">
+	<div class="ui container fork-list">
 		<h2 class="ui dividing header">
 			{{ctx.Locale.Tr "repo.forks"}}
 		</h2>
-		<div class="flex-list">
-		{{range .Forks}}
-			<div class="flex-item tw-border-0 repo-fork-item">
-				<span>{{ctx.AvatarUtils.Avatar .Owner}}</span>
-				<span><a href="{{.Owner.HomeLink}}">{{.Owner.Name}}</a> / <a href="{{.Link}}">{{.Name}}</a></span>
-			</div>
-		{{end}}
-		</div>
+		{{template "shared/repo/list" .}}
+		{{template "base/paginate" .}}
 	</div>
-
-	{{template "base/paginate" .}}
 </div>
 {{template "base/footer" .}}
diff --git a/templates/repo/graph.tmpl b/templates/repo/graph.tmpl
index 9eb4bd4ecb..cd115f95dc 100644
--- a/templates/repo/graph.tmpl
+++ b/templates/repo/graph.tmpl
@@ -2,7 +2,7 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository commits">
 	{{template "repo/header" .}}
 	<div class="ui container">
-		<div id="git-graph-container" class="ui segment{{if eq .Mode "monochrome"}} monochrome{{end}}">
+		<div id="git-graph-container" class="ui segment {{if eq .Mode "monochrome"}}monochrome{{end}}">
 			<h2 class="ui header dividing">
 				{{ctx.Locale.Tr "repo.commit_graph"}}
 				<div class="ui icon buttons tiny color-buttons">
@@ -11,52 +11,45 @@
 						<div class="default text">{{ctx.Locale.Tr "repo.commit_graph.select"}}</div>
 						<div class="menu">
 							<div class="item" data-value="...flow-hide-pr-refs">
-								<span class="truncate">
-									{{svg "octicon-eye-closed" 16 "tw-mr-1"}}<span title="{{ctx.Locale.Tr "repo.commit_graph.hide_pr_refs"}}">{{ctx.Locale.Tr "repo.commit_graph.hide_pr_refs"}}</span>
-								</span>
+								{{svg "octicon-eye-closed"}}
+								<span class="gt-ellipsis" title="{{ctx.Locale.Tr "repo.commit_graph.hide_pr_refs"}}">{{ctx.Locale.Tr "repo.commit_graph.hide_pr_refs"}}</span>
 							</div>
 							{{range .AllRefs}}
 								{{$refGroup := .RefGroup}}
 								{{if eq $refGroup "pull"}}
 									<div class="item" data-value="{{.Name}}">
-										<span class="truncate">
-											{{svg "octicon-git-pull-request" 16 "tw-mr-1"}}<span title="{{.ShortName}}">#{{.ShortName}}</span>
-										</span>
+										{{svg "octicon-git-pull-request"}}
+										<span class="gt-ellipsis" title="{{.ShortName}}">#{{.ShortName}}</span>
 									</div>
 								{{else if eq $refGroup "tags"}}
 									<div class="item" data-value="{{.Name}}">
-										<span class="truncate">
-											{{svg "octicon-tag" 16 "tw-mr-1"}}<span title="{{.ShortName}}">{{.ShortName}}</span>
-										</span>
+										{{svg "octicon-tag"}}
+										<span class="gt-ellipsis" title="{{.ShortName}}">{{.ShortName}}</span>
 									</div>
 								{{else if eq $refGroup "remotes"}}
 									<div class="item" data-value="{{.Name}}">
-										<span class="truncate">
-											{{svg "octicon-cross-reference" 16 "tw-mr-1"}}<span title="{{.ShortName}}">{{.ShortName}}</span>
-										</span>
+										{{svg "octicon-cross-reference"}}
+										<span class="gt-ellipsis" title="{{.ShortName}}">{{.ShortName}}</span>
 									</div>
 								{{else if eq $refGroup "heads"}}
 									<div class="item" data-value="{{.Name}}">
-										<span class="truncate">
-											{{svg "octicon-git-branch" 16 "tw-mr-1"}}<span title="{{.ShortName}}">{{.ShortName}}</span>
-										</span>
+										{{svg "octicon-git-branch"}}
+										<span class="gt-ellipsis" title="{{.ShortName}}">{{.ShortName}}</span>
 									</div>
 								{{end}}
 							{{end}}
 						</div>
 					</div>
-					<button id="flow-color-monochrome" class="ui labelled icon button{{if eq .Mode "monochrome"}} active{{end}}" title="{{ctx.Locale.Tr "repo.commit_graph.monochrome"}}">{{svg "material-invert-colors" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.commit_graph.monochrome"}}</button>
-					<button id="flow-color-colored" class="ui labelled icon button{{if ne .Mode "monochrome"}} active{{end}}" title="{{ctx.Locale.Tr "repo.commit_graph.color"}}">{{svg "material-palette" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.commit_graph.color"}}</button>
+					<button id="flow-color-monochrome" class="ui icon button{{if eq .Mode "monochrome"}} active{{end}}" title="{{ctx.Locale.Tr "repo.commit_graph.monochrome"}}">{{svg "material-invert-colors" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.commit_graph.monochrome"}}</button>
+					<button id="flow-color-colored" class="ui icon button{{if ne .Mode "monochrome"}} active{{end}}" title="{{ctx.Locale.Tr "repo.commit_graph.color"}}">{{svg "material-palette" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.commit_graph.color"}}</button>
 				</div>
 			</h2>
-			<div class="ui dividing"></div>
-			<div class="is-loading tw-py-32 tw-hidden" id="loading-indicator"></div>
-			{{template "repo/graph/svgcontainer" .}}
-			{{template "repo/graph/commits" .}}
+			<div id="git-graph-body">
+				{{template "repo/graph/svgcontainer" .}}
+				{{template "repo/graph/commits" .}}
+				{{template "base/paginate" .}}
+			</div>
 		</div>
 	</div>
 </div>
-<div id="pagination">
-	{{template "base/paginate" .}}
-</div>
 {{template "base/footer" .}}
diff --git a/templates/repo/graph/commits.tmpl b/templates/repo/graph/commits.tmpl
index 6af0ba1f0f..07ec076697 100644
--- a/templates/repo/graph/commits.tmpl
+++ b/templates/repo/graph/commits.tmpl
@@ -5,10 +5,13 @@
 				{{if $commit.OnlyRelation}}
 					<span></span>
 				{{else}}
-					{{template "repo/commit_sign_badge" dict "Commit" $commit.Commit "CommitBaseLink" (print $.RepoLink "/commit") "CommitSignVerification" $commit.Verification}}
+					{{/* every field must be in a span to get correctly styled */}}
+					<span>
+						{{template "repo/commit_sign_badge" dict "Commit" $commit.Commit "CommitBaseLink" (print $.RepoLink "/commit") "CommitSignVerification" $commit.Verification}}
+					</span>
 
 					<span class="message tw-inline-block gt-ellipsis">
-						<span>{{ctx.RenderUtils.RenderCommitMessage $commit.Subject ($.Repository.ComposeMetas ctx)}}</span>
+						{{ctx.RenderUtils.RenderCommitMessage $commit.Subject $.Repository}}
 					</span>
 
 					<span class="commit-refs flex-text-inline">
@@ -17,18 +20,18 @@
 							{{if eq $refGroup "pull"}}
 								{{if or (not $.HidePRRefs) (SliceUtils.Contains $.SelectedBranches .Name)}}
 									<!-- it's intended to use issues not pulls, if it's a pull you will get redirected -->
-									<a class="ui labelled basic tiny button" href="{{$.RepoLink}}/{{if $.Repository.UnitEnabled ctx ctx.Consts.RepoUnitTypePullRequests}}pulls{{else}}issues{{end}}/{{.ShortName|PathEscape}}">
+									<a class="ui basic tiny button" href="{{$.RepoLink}}/{{if $.Repository.UnitEnabled ctx ctx.Consts.RepoUnitTypePullRequests}}pulls{{else}}issues{{end}}/{{.ShortName|PathEscape}}">
 										{{svg "octicon-git-pull-request"}} #{{.ShortName}}
 									</a>
 								{{end}}
 							{{else if eq $refGroup "tags"}}
-								{{- template "repo/tag/name" dict "RepoLink" $.Repository.Link "TagName" .ShortName -}}
+								{{- template "repo/tag/name" dict "AdditionalClasses" "tag-label" "RepoLink" $.Repository.Link "TagName" .ShortName -}}
 							{{else if eq $refGroup "remotes"}}
-								<a class="ui labelled basic tiny button" href="{{$.RepoLink}}/src/commit/{{$commit.Rev|PathEscape}}">
+								<a class="ui basic tiny button" href="{{$.RepoLink}}/src/commit/{{$commit.Rev|PathEscape}}">
 									{{svg "octicon-cross-reference"}} {{.ShortName}}
 								</a>
 							{{else if eq $refGroup "heads"}}
-								<a class="ui labelled basic tiny button" href="{{$.RepoLink}}/src/branch/{{.ShortName|PathEscape}}">
+								<a class="ui basic tiny button" href="{{$.RepoLink}}/src/branch/{{.ShortName|PathEscape}}">
 									{{svg "octicon-git-branch"}} {{.ShortName}}
 								</a>
 							{{else}}
diff --git a/templates/repo/graph/div.tmpl b/templates/repo/graph/div.tmpl
index c0bd4e269a..12c2869cd8 100644
--- a/templates/repo/graph/div.tmpl
+++ b/templates/repo/graph/div.tmpl
@@ -1,7 +1,3 @@
-<div>
-	{{template "repo/graph/svgcontainer" .}}
-	{{template "repo/graph/commits" .}}
-	<div id="pagination">
-		{{template "base/paginate" .}}
-	</div>
-</div>
+{{template "repo/graph/svgcontainer" .}}
+{{template "repo/graph/commits" .}}
+{{template "base/paginate" .}}
diff --git a/templates/repo/header.tmpl b/templates/repo/header.tmpl
index 8c2a0da8d0..b61076ff46 100644
--- a/templates/repo/header.tmpl
+++ b/templates/repo/header.tmpl
@@ -25,6 +25,9 @@
 							<div class="repo-icon only-mobile" data-tooltip-content="{{ctx.Locale.Tr "repo.desc.internal"}}">{{svg "octicon-shield-lock" 18}}</div>
 						{{end}}
 					{{end}}
+					{{if $.Permission.HasAnyUnitPublicAccess}}
+						<span class="ui basic orange label">{{ctx.Locale.Tr "repo.desc.public_access"}}</span>
+					{{end}}
 					{{if .IsTemplate}}
 						<span class="ui basic label not-mobile">{{ctx.Locale.Tr "repo.desc.template"}}</span>
 						<div class="repo-icon only-mobile" data-tooltip-content="{{ctx.Locale.Tr "repo.desc.template"}}">{{svg "octicon-repo-template" 18}}</div>
@@ -35,20 +38,20 @@
 				</div>
 			</div>
 			{{if not (or .IsBeingCreated .IsBroken)}}
-				<div class="repo-buttons">
+				<div class="flex-text-block tw-flex-wrap">
 					{{if $.RepoTransfer}}
 						<form method="post" action="{{$.RepoLink}}/action/accept_transfer?redirect_to={{$.RepoLink}}">
 							{{$.CsrfTokenHtml}}
-							<div data-tooltip-content="{{if $.CanUserAcceptOrRejectTransfer}}{{ctx.Locale.Tr "repo.transfer.accept_desc" $.RepoTransfer.Recipient.DisplayName}}{{else}}{{ctx.Locale.Tr "repo.transfer.no_permission_to_accept"}}{{end}}">
-								<button type="submit" class="ui basic button {{if $.CanUserAcceptOrRejectTransfer}}primary {{end}} ok small"{{if not $.CanUserAcceptOrRejectTransfer}} disabled{{end}}>
+							<div class="flex-text-inline" data-tooltip-content="{{if $.CanUserAcceptOrRejectTransfer}}{{ctx.Locale.Tr "repo.transfer.accept_desc" $.RepoTransfer.Recipient.DisplayName}}{{else}}{{ctx.Locale.Tr "repo.transfer.no_permission_to_accept"}}{{end}}">
+								<button type="submit" class="ui compact small basic button {{if $.CanUserAcceptOrRejectTransfer}}primary {{end}} ok small"{{if not $.CanUserAcceptOrRejectTransfer}} disabled{{end}}>
 									{{ctx.Locale.Tr "repo.transfer.accept"}}
 								</button>
 							</div>
 						</form>
 						<form method="post" action="{{$.RepoLink}}/action/reject_transfer?redirect_to={{$.RepoLink}}">
 							{{$.CsrfTokenHtml}}
-							<div data-tooltip-content="{{if $.CanUserAcceptOrRejectTransfer}}{{ctx.Locale.Tr "repo.transfer.reject_desc" $.RepoTransfer.Recipient.DisplayName}}{{else}}{{ctx.Locale.Tr "repo.transfer.no_permission_to_reject"}}{{end}}">
-								<button type="submit" class="ui basic button {{if $.CanUserAcceptOrRejectTransfer}}red {{end}}ok small"{{if not $.CanUserAcceptOrRejectTransfer}} disabled{{end}}>
+							<div class="flex-text-inline" data-tooltip-content="{{if $.CanUserAcceptOrRejectTransfer}}{{ctx.Locale.Tr "repo.transfer.reject_desc" $.RepoTransfer.Recipient.DisplayName}}{{else}}{{ctx.Locale.Tr "repo.transfer.no_permission_to_reject"}}{{end}}">
+								<button type="submit" class="ui compact small basic button {{if $.CanUserAcceptOrRejectTransfer}}red {{end}}ok small"{{if not $.CanUserAcceptOrRejectTransfer}} disabled{{end}}>
 									{{ctx.Locale.Tr "repo.transfer.reject"}}
 								</button>
 							</div>
@@ -208,7 +211,7 @@
 						</a>
 					{{end}}
 
-					{{if and (.Permission.CanReadAny ctx.Consts.RepoUnitTypePullRequests ctx.Consts.RepoUnitTypeIssues ctx.Consts.RepoUnitTypeReleases) (not .IsEmptyRepo)}}
+					{{if and (.Permission.CanReadAny ctx.Consts.RepoUnitTypePullRequests ctx.Consts.RepoUnitTypeIssues ctx.Consts.RepoUnitTypeReleases ctx.Consts.RepoUnitTypeCode) (not .IsEmptyRepo)}}
 						<a class="{{if .PageIsActivity}}active {{end}}item" href="{{.RepoLink}}/activity">
 							{{svg "octicon-pulse"}} {{ctx.Locale.Tr "repo.activity"}}
 						</a>
@@ -223,11 +226,19 @@
 						</a>
 					{{end}}
 				</div>
-			{{else if .Permission.IsAdmin}}
+			{{else}}
 				<div class="overflow-menu-items">
+					{{if(and .Repository.IsBeingCreated (.Permission.CanRead ctx.Consts.RepoUnitTypeCode))}}
+					<a class="{{if not .PageIsRepoSettings}}active {{end}}item" href="{{.RepoLink}}">
+						{{svg "octicon-clock"}} {{ctx.Locale.Tr "repo.migration_status"}}
+					</a>
+					{{end}}
+
+					{{if .Permission.IsAdmin}}
 					<a class="{{if .PageIsRepoSettings}}active {{end}} item" href="{{.RepoLink}}/settings">
 						{{svg "octicon-tools"}} {{ctx.Locale.Tr "repo.settings"}}
 					</a>
+					{{end}}
 				</div>
 			{{end}}
 		</overflow-menu>
diff --git a/templates/repo/home.tmpl b/templates/repo/home.tmpl
index f86b90502d..2a6c0d2fe5 100644
--- a/templates/repo/home.tmpl
+++ b/templates/repo/home.tmpl
@@ -15,7 +15,7 @@
 			</div>
 		{{end}}
 
-		{{template "repo/code/recently_pushed_new_branches" .}}
+		{{template "repo/code/recently_pushed_new_branches" dict "RecentBranchesPromptData" .RecentBranchesPromptData}}
 
 		<div class="{{Iif $showSidebar "repo-grid-filelist-sidebar" "repo-grid-filelist-only"}}">
 			<div class="repo-home-filelist">
diff --git a/templates/repo/home_sidebar_bottom.tmpl b/templates/repo/home_sidebar_bottom.tmpl
index f780dc122d..01e630ccbf 100644
--- a/templates/repo/home_sidebar_bottom.tmpl
+++ b/templates/repo/home_sidebar_bottom.tmpl
@@ -4,14 +4,14 @@
 		<div class="flex-item">
 			<div class="flex-item-main">
 				<div class="flex-item-title">
-					<a class="item muted" href="{{.Link}}/releases">
+					<a class="item muted" href="{{.RepoLink}}/releases">
 						{{ctx.Locale.Tr "repo.releases"}}
 						<span class="ui small label">{{.NumReleases}}</span>
 					</a>
 				</div>
 				<div class="flex-item">
-					<div class="flex-item-icon">
-						{{svg "octicon-tag" 16}}
+					<div class="flex-item-leading">
+						<div class="tw-mt-1">{{svg "octicon-tag" 16}}</div>
 					</div>
 					<div class="flex-item-main">
 						<div class="flex-item-header">
diff --git a/templates/repo/home_sidebar_top.tmpl b/templates/repo/home_sidebar_top.tmpl
index 8d3d7c6f86..8c2089c839 100644
--- a/templates/repo/home_sidebar_top.tmpl
+++ b/templates/repo/home_sidebar_top.tmpl
@@ -45,7 +45,7 @@
 						{{end}}
 
 						{{if .ReadmeExist}}
-							<a class="flex-text-block muted" href="{{.TreeLink}}/{{.FileName}}">
+							<a class="flex-text-block muted" href="{{.RepoLink}}/src/{{.RefTypeNameSubURL}}/{{PathEscapeSegments .FileTreePath}}">
 								{{svg "octicon-book"}} {{ctx.Locale.Tr "readme"}}
 							</a>
 						{{end}}
diff --git a/templates/repo/icon.tmpl b/templates/repo/icon.tmpl
index e5e0bd68e7..e4a904c46b 100644
--- a/templates/repo/icon.tmpl
+++ b/templates/repo/icon.tmpl
@@ -1,6 +1,6 @@
 {{$avatarLink := (.RelAvatarLink ctx)}}
 {{if $avatarLink}}
-	<img class="ui avatar tw-align-middle" src="{{$avatarLink}}" width="24" height="24" alt="{{.FullName}}">
+	<img class="ui avatar tw-align-middle" src="{{$avatarLink}}" width="24" height="24" alt aria-hidden="true">
 {{else if $.IsMirror}}
 	{{svg "octicon-mirror" 24}}
 {{else if $.IsFork}}
diff --git a/templates/repo/issue/branch_selector_field.tmpl b/templates/repo/issue/branch_selector_field.tmpl
index 9183b7b46a..c8b67490ac 100644
--- a/templates/repo/issue/branch_selector_field.tmpl
+++ b/templates/repo/issue/branch_selector_field.tmpl
@@ -14,7 +14,7 @@ Still needs to figure out:
 */}}
 {{if and (not .Issue.IsPull) (not .PageIsComparePull)}}
 <input id="ref_selector" name="ref" type="hidden" value="{{.Reference}}">
-<div class="ui dropdown select-branch branch-selector-dropdown ellipsis-items-nowrap {{if not .HasIssuesOrPullsWritePermission}}disabled{{end}}"
+<div class="ui dropdown select-branch branch-selector-dropdown ellipsis-text-items {{if not .HasIssuesOrPullsWritePermission}}disabled{{end}}"
 	data-no-results="{{ctx.Locale.Tr "no_results_found"}}"
 	{{if and .Issue (or .IsIssueWriter .HasIssuesOrPullsWritePermission)}}data-url-update-issueref="{{$.RepoLink}}/issues/{{.Issue.Index}}/ref"{{end}}
 >
diff --git a/templates/repo/issue/card.tmpl b/templates/repo/issue/card.tmpl
index c7bbe91885..6dae49c455 100644
--- a/templates/repo/issue/card.tmpl
+++ b/templates/repo/issue/card.tmpl
@@ -4,7 +4,7 @@
 		{{if $attachments}}
 		<div class="card-attachment-images">
 			{{range $attachments}}
-				<img src="{{.DownloadURL}}" alt="{{.Name}}" />
+				<img loading="lazy" src="{{.DownloadURL}}" alt="{{.Name}}" />
 			{{end}}
 		</div>
 		{{end}}
@@ -45,7 +45,7 @@
 		{{if $.Page.LinkedPRs}}
 		{{range index $.Page.LinkedPRs .ID}}
 		<div class="meta tw-my-1">
-			<a href="{{$.Issue.Repo.Link}}/pulls/{{.Index}}">
+			<a href="{{.Repo.Link}}/pulls/{{.Index}}">
 				<span class="tw-m-0 text {{if .PullRequest.HasMerged}}purple{{else if .IsClosed}}red{{else}}green{{end}}">{{svg "octicon-git-merge" 16 "tw-mr-1 tw-align-middle"}}</span>
 				<span class="tw-align-middle">{{.Title}} <span class="text light grey">#{{.Index}}</span></span>
 			</a>
@@ -63,16 +63,21 @@
 
 	{{if or .Labels .Assignees}}
 	<div class="issue-card-bottom">
-		<div class="labels-list">
-			{{range .Labels}}
-				<a target="_blank" href="{{$.Issue.Repo.Link}}/issues?labels={{.ID}}">{{ctx.RenderUtils.RenderLabel .}}</a>
+		{{/* the labels container must always be present, to help the assignees list right-aligned */}}
+		<div class="issue-card-bottom-part labels-list">
+			{{range $label := .Labels}}
+				{{$link := print $.Issue.Repo.Link "/issues"}}
+				{{$link = QueryBuild $link "labels" $label.ID}}
+				{{ctx.RenderUtils.RenderLabelWithLink $label $link}}
 			{{end}}
 		</div>
-		<div class="issue-card-assignees">
+		{{if .Assignees}}
+		<div class="issue-card-bottom-part tw-justify-end">
 			{{range .Assignees}}
-				<a target="_blank" href="{{.HomeLink}}" data-tooltip-content="{{ctx.Locale.Tr "repo.projects.column.assigned_to"}} {{.Name}}">{{ctx.AvatarUtils.Avatar . 28}}</a>
+				<a target="_blank" href="{{.HomeLink}}" data-tooltip-content="{{ctx.Locale.Tr "repo.projects.column.assigned_to"}} {{.Name}}">{{ctx.AvatarUtils.Avatar . 24}}</a>
 			{{end}}
 		</div>
+		{{end}}
 	</div>
 	{{end}}
 {{end}}
diff --git a/templates/repo/issue/filter_item_label.tmpl b/templates/repo/issue/filter_item_label.tmpl
index 0883d93804..04c3605a6a 100644
--- a/templates/repo/issue/filter_item_label.tmpl
+++ b/templates/repo/issue/filter_item_label.tmpl
@@ -22,7 +22,7 @@
 		<span class="label-filter-exclude-info">{{ctx.Locale.Tr "repo.issues.filter_label_exclude"}}</span>
 		<div class="divider"></div>
 		<a class="item label-filter-query-default" href="{{QueryBuild $queryLink "labels" NIL}}">{{ctx.Locale.Tr "repo.issues.filter_label_no_select"}}</a>
-		<a class="item label-filter-query-not-set" href="{{QueryBuild $queryLink "labels" 0}}">{{ctx.Locale.Tr "repo.issues.filter_label_select_no_label"}}</a>
+		<a class="item label-filter-query-not-set" href="{{QueryBuild $queryLink "labels" "0"}}">{{ctx.Locale.Tr "repo.issues.filter_label_select_no_label"}}</a>
 		{{/* The logic here is not the same as the label selector in the issue sidebar.
 		The one in the issue sidebar renders "repo labels | divider | org labels".
 		Maybe the logic should be updated to be consistent.*/}}
diff --git a/templates/repo/issue/filter_list.tmpl b/templates/repo/issue/filter_list.tmpl
index 58ca4a7c00..bfdf94513e 100644
--- a/templates/repo/issue/filter_list.tmpl
+++ b/templates/repo/issue/filter_list.tmpl
@@ -15,7 +15,7 @@
 			<input type="text" placeholder="{{ctx.Locale.Tr "repo.issues.filter_milestone"}}">
 		</div>
 		<div class="divider"></div>
-		<a class="{{if not $.MilestoneID}}active selected {{end}}item" href="{{QueryBuild $queryLink "milestone" 0}}">{{ctx.Locale.Tr "repo.issues.filter_milestone_all"}}</a>
+		<a class="{{if not $.MilestoneID}}active selected {{end}}item" href="{{QueryBuild $queryLink "milestone" NIL}}">{{ctx.Locale.Tr "repo.issues.filter_milestone_all"}}</a>
 		<a class="{{if $.MilestoneID}}{{if eq $.MilestoneID -1}}active selected {{end}}{{end}}item" href="{{QueryBuild $queryLink "milestone" -1}}">{{ctx.Locale.Tr "repo.issues.filter_milestone_none"}}</a>
 		{{if .OpenMilestones}}
 			<div class="divider"></div>
@@ -94,7 +94,7 @@
 	"UserSearchList" $.Assignees
 	"SelectedUserId" $.AssigneeID
 	"TextFilterTitle" (ctx.Locale.Tr "repo.issues.filter_assignee")
-	"TextFilterMatchNone" (ctx.Locale.Tr "repo.issues.filter_assginee_no_assignee")
+	"TextFilterMatchNone" (ctx.Locale.Tr "repo.issues.filter_assignee_no_assignee")
 	"TextFilterMatchAny" (ctx.Locale.Tr "repo.issues.filter_assignee_any_assignee")
 }}
 
@@ -106,7 +106,7 @@
 		</span>
 		{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 		<div class="menu">
-			<a class="{{if eq .ViewType "all"}}active {{end}}item" href="{{QueryBuild $queryLink "type" "all"}}">{{ctx.Locale.Tr "repo.issues.filter_type.all_issues"}}</a>
+			<a class="{{if eq .ViewType "all"}}active {{end}}item" href="{{QueryBuild $queryLink "type" "all"}}">{{if .PageIsPullList}}{{ctx.Locale.Tr "repo.issues.filter_type.all_pull_requests"}}{{else}}{{ctx.Locale.Tr "repo.issues.filter_type.all_issues"}}{{end}}</a>
 			<a class="{{if eq .ViewType "assigned"}}active {{end}}item" href="{{QueryBuild $queryLink "type" "assigned"}}">{{ctx.Locale.Tr "repo.issues.filter_type.assigned_to_you"}}</a>
 			<a class="{{if eq .ViewType "created_by"}}active {{end}}item" href="{{QueryBuild $queryLink "type" "created_by"}}">{{ctx.Locale.Tr "repo.issues.filter_type.created_by_you"}}</a>
 			{{if .PageIsPullList}}
@@ -133,5 +133,11 @@
 		<a class="{{if eq .SortType "leastcomment"}}active {{end}}item" href="{{QueryBuild $queryLink "sort" "leastcomment"}}">{{ctx.Locale.Tr "repo.issues.filter_sort.leastcomment"}}</a>
 		<a class="{{if eq .SortType "nearduedate"}}active {{end}}item" href="{{QueryBuild $queryLink "sort" "nearduedate"}}">{{ctx.Locale.Tr "repo.issues.filter_sort.nearduedate"}}</a>
 		<a class="{{if eq .SortType "farduedate"}}active {{end}}item" href="{{QueryBuild $queryLink "sort" "farduedate"}}">{{ctx.Locale.Tr "repo.issues.filter_sort.farduedate"}}</a>
+		<div class="divider"></div>
+		<div class="header">{{ctx.Locale.Tr "repo.issues.filter_label"}}</div>
+		{{range $scope := .ExclusiveLabelScopes}}
+			{{$sortType := (printf "scope-%s" $scope)}}
+			<a class="{{if eq $.SortType $sortType}}active {{end}}item" href="{{QueryBuild $queryLink "sort" $sortType}}">{{$scope}}</a>
+		{{end}}
 	</div>
 </div>
diff --git a/templates/repo/issue/label_precolors.tmpl b/templates/repo/issue/label_precolors.tmpl
index 80007662c0..7be3f40350 100644
--- a/templates/repo/issue/label_precolors.tmpl
+++ b/templates/repo/issue/label_precolors.tmpl
@@ -1,22 +1,27 @@
 <div class="precolors">
-	<div class="tw-flex">
-		<a class="color" style="background-color:#e11d21" data-color-hex="#e11d21"></a>
-		<a class="color" style="background-color:#eb6420" data-color-hex="#eb6420"></a>
-		<a class="color" style="background-color:#fbca04" data-color-hex="#fbca04"></a>
-		<a class="color" style="background-color:#009800" data-color-hex="#009800"></a>
-		<a class="color" style="background-color:#006b75" data-color-hex="#006b75"></a>
-		<a class="color" style="background-color:#207de5" data-color-hex="#207de5"></a>
-		<a class="color" style="background-color:#0052cc" data-color-hex="#0052cc"></a>
-		<a class="color" style="background-color:#5319e7" data-color-hex="#5319e7"></a>
-	</div>
-	<div class="tw-flex">
-		<a class="color" style="background-color:#f6c6c7" data-color-hex="#f6c6c7"></a>
-		<a class="color" style="background-color:#fad8c7" data-color-hex="#fad8c7"></a>
-		<a class="color" style="background-color:#fef2c0" data-color-hex="#fef2c0"></a>
-		<a class="color" style="background-color:#bfe5bf" data-color-hex="#bfe5bf"></a>
-		<a class="color" style="background-color:#bfdadc" data-color-hex="#bfdadc"></a>
-		<a class="color" style="background-color:#c7def8" data-color-hex="#c7def8"></a>
-		<a class="color" style="background-color:#bfd4f2" data-color-hex="#bfd4f2"></a>
-		<a class="color" style="background-color:#d4c5f9" data-color-hex="#d4c5f9"></a>
+	<button type="button" class="ui button generate-random-color">
+		{{svg "octicon-sync"}}
+	</button>
+	<div>
+		<div class="tw-flex">
+			<a class="color" style="background-color:#e11d21" data-color-hex="#e11d21"></a>
+			<a class="color" style="background-color:#eb6420" data-color-hex="#eb6420"></a>
+			<a class="color" style="background-color:#fbca04" data-color-hex="#fbca04"></a>
+			<a class="color" style="background-color:#009800" data-color-hex="#009800"></a>
+			<a class="color" style="background-color:#006b75" data-color-hex="#006b75"></a>
+			<a class="color" style="background-color:#207de5" data-color-hex="#207de5"></a>
+			<a class="color" style="background-color:#0052cc" data-color-hex="#0052cc"></a>
+			<a class="color" style="background-color:#5319e7" data-color-hex="#5319e7"></a>
+		</div>
+		<div class="tw-flex">
+			<a class="color" style="background-color:#f6c6c7" data-color-hex="#f6c6c7"></a>
+			<a class="color" style="background-color:#fad8c7" data-color-hex="#fad8c7"></a>
+			<a class="color" style="background-color:#fef2c0" data-color-hex="#fef2c0"></a>
+			<a class="color" style="background-color:#bfe5bf" data-color-hex="#bfe5bf"></a>
+			<a class="color" style="background-color:#bfdadc" data-color-hex="#bfdadc"></a>
+			<a class="color" style="background-color:#c7def8" data-color-hex="#c7def8"></a>
+			<a class="color" style="background-color:#bfd4f2" data-color-hex="#bfd4f2"></a>
+			<a class="color" style="background-color:#d4c5f9" data-color-hex="#d4c5f9"></a>
+		</div>
 	</div>
 </div>
diff --git a/templates/repo/issue/labels/label_edit_modal.tmpl b/templates/repo/issue/labels/label_edit_modal.tmpl
index 527b7ff900..ec57de2f3f 100644
--- a/templates/repo/issue/labels/label_edit_modal.tmpl
+++ b/templates/repo/issue/labels/label_edit_modal.tmpl
@@ -5,7 +5,7 @@
 >
 	<div class="header"></div>
 	<div class="content">
-		<form class="ui form ignore-dirty" method="post">
+		<form class="ui form ignore-dirty form-fetch-action" method="post">
 			{{.CsrfTokenHtml}}
 			<input name="id" type="hidden">
 			<div class="required field">
@@ -24,7 +24,13 @@
 				<div class="desc tw-ml-1 tw-mt-2 tw-hidden label-exclusive-warning">
 					{{svg "octicon-alert"}} {{ctx.Locale.Tr "repo.issues.label_exclusive_warning"}}
 				</div>
-				<br>
+				<div class="field label-exclusive-order-input-field tw-mt-2">
+					<label class="flex-text-block">
+						{{ctx.Locale.Tr "repo.issues.label_exclusive_order"}}
+						<span data-tooltip-content="{{ctx.Locale.Tr "repo.issues.label_exclusive_order_tooltip"}}">{{svg "octicon-info"}}</span>
+					</label>
+					<input class="label-exclusive-order-input" name="exclusive_order" type="number" maxlength="4">
+				</div>
 			</div>
 			<div class="field label-is-archived-input-field">
 				<div class="ui checkbox">
@@ -43,8 +49,9 @@
 			</div>
 			<div class="field">
 				<label for="color">{{ctx.Locale.Tr "repo.issues.label_color"}}</label>
-				<div class="column js-color-picker-input">
-					<input name="color" value="#70c24a"placeholder="#c320f6" required maxlength="7">
+				<div class="color-picker-combo" data-global-init="initColorPicker">
+					<!-- the "#" is optional because backend NormalizeColor is able to handle it, API also accepts both formats, and it is easier for users to directly copy-paste a hex value -->
+					<input name="color" value="#70c24a" placeholder="#c320f6" required pattern="^#?([\dA-Fa-f]{3}|[\dA-Fa-f]{6})$" maxlength="7">
 					{{template "repo/issue/label_precolors"}}
 				</div>
 			</div>
diff --git a/templates/repo/issue/labels/label_list.tmpl b/templates/repo/issue/labels/label_list.tmpl
index cdbcc456f0..c8a6b46cc4 100644
--- a/templates/repo/issue/labels/label_list.tmpl
+++ b/templates/repo/issue/labels/label_list.tmpl
@@ -26,7 +26,7 @@
 		<div class="divider"></div>
 	{{end}}
 
-	<ul class="issue-label-list">
+	<ul class="issue-label-list muted-links">
 		{{$canEditLabel := and (not $.PageIsOrgSettingsLabels) (not $.Repository.IsArchived) (or $.CanWriteIssues $.CanWritePulls)}}
 		{{$canEditLabel = or $canEditLabel $.PageIsOrgSettingsLabels}}
 		{{range .Labels}}
@@ -42,21 +42,20 @@
 					<a class="open-issues" href="{{$.RepoLink}}/issues?labels={{.ID}}">{{svg "octicon-issue-opened"}} {{ctx.Locale.Tr "repo.issues.label_open_issues" .NumOpenIssues}}</a>
 				{{end}}
 			</div>
-			<div class="label-operation tw-flex">
+			<div class="label-operation">
 				{{template "repo/issue/labels/label_archived" .}}
-				<div class="tw-flex tw-ml-auto">
 					{{if $canEditLabel}}
 						<a class="edit-label-button" href="#"
 							data-label-id="{{.ID}}" data-label-name="{{.Name}}" data-label-color="{{.Color}}"
 							data-label-exclusive="{{.Exclusive}}" data-label-is-archived="{{gt .ArchivedUnix 0}}"
 							data-label-num-issues="{{.NumIssues}}" data-label-description="{{.Description}}"
+							data-label-exclusive-order="{{.ExclusiveOrder}}"
 						>{{svg "octicon-pencil"}} {{ctx.Locale.Tr "repo.issues.label_edit"}}</a>
 						<a class="link-action" href="#" data-url="{{$.Link}}/delete?id={{.ID}}"
 							data-modal-confirm-header="{{ctx.Locale.Tr "repo.issues.label_deletion"}}"
 							data-modal-confirm-content="{{ctx.Locale.Tr "repo.issues.label_deletion_desc"}}"
 						>{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.issues.label_delete"}}</a>
 					{{end}}
-				</div>
 			</div>
 		</li>
 		{{end}}
diff --git a/templates/repo/issue/list.tmpl b/templates/repo/issue/list.tmpl
index 53d0eca171..1fe220e1b8 100644
--- a/templates/repo/issue/list.tmpl
+++ b/templates/repo/issue/list.tmpl
@@ -4,6 +4,8 @@
 	<div class="ui container">
 	{{template "base/alert" .}}
 
+	{{template "repo/code/recently_pushed_new_branches" dict "RecentBranchesPromptData" .RecentBranchesPromptData}}
+
 	{{if .PinnedIssues}}
 		<div id="issue-pins" {{if .IsRepoAdmin}}data-is-repo-admin{{end}}>
 			{{range .PinnedIssues}}
@@ -14,9 +16,10 @@
 		</div>
 	{{end}}
 
-		<div class="list-header">
-			{{template "repo/issue/navbar" .}}
+		<div class="list-header flex-text-block">
 			{{template "repo/issue/search" .}}
+			<a class="ui small button" href="{{.RepoLink}}/labels">{{ctx.Locale.Tr "repo.labels"}}</a>
+			<a class="ui small button" href="{{.RepoLink}}/milestones">{{ctx.Locale.Tr "repo.milestones"}}</a>
 			{{if not .Repository.IsArchived}}
 				{{if .PageIsIssueList}}
 					<a class="ui small primary button issue-list-new" href="{{.RepoLink}}/issues/new{{if .NewIssueChooseTemplate}}/choose{{end}}">{{ctx.Locale.Tr "repo.issues.new"}}</a>
diff --git a/templates/repo/issue/milestone_issues.tmpl b/templates/repo/issue/milestone_issues.tmpl
index 85068102e6..591820080f 100644
--- a/templates/repo/issue/milestone_issues.tmpl
+++ b/templates/repo/issue/milestone_issues.tmpl
@@ -3,10 +3,10 @@
 	{{template "repo/header" .}}
 	<div class="ui container">
 		{{template "base/alert" .}}
-		<div class="tw-flex">
-			<h1 class="tw-mb-2">{{.Milestone.Name}}</h1>
+		<div class="flex-text-block tw-flex-wrap tw-mb-2">
+			<h1 class="tw-flex-1 tw-m-0">{{.Milestone.Name}}</h1>
 			{{if not .Repository.IsArchived}}
-				<div class="tw-text-right tw-flex-1">
+				<div>
 					{{if or .CanWriteIssues .CanWritePulls}}
 						{{if .Milestone.IsClosed}}
 							<a class="ui primary basic button link-action" href data-url="{{$.RepoLink}}/milestones/{{.MilestoneID}}/open">{{ctx.Locale.Tr "repo.milestones.open"}}
@@ -28,8 +28,8 @@
 		{{end}}
 		<div class="tw-flex tw-flex-col tw-gap-2">
 			<progress class="milestone-progress-big" value="{{.Milestone.Completeness}}" max="100"></progress>
-			<div class="tw-flex tw-gap-4">
-				<div classs="tw-flex tw-items-center">
+			<div class="flex-text-block tw-gap-4">
+				<div class="flex-text-inline">
 					{{$closedDate:= DateUtils.TimeSince .Milestone.ClosedDateUnix}}
 					{{if .IsClosed}}
 						{{svg "octicon-clock"}} {{ctx.Locale.Tr "repo.milestones.closed" $closedDate}}
@@ -46,7 +46,7 @@
 						{{end}}
 					{{end}}
 				</div>
-				<div class="tw-mr-2">{{ctx.Locale.Tr "repo.milestones.completeness" .Milestone.Completeness}}</div>
+				<div>{{ctx.Locale.Tr "repo.milestones.completeness" .Milestone.Completeness}}</div>
 				{{if .TotalTrackedTime}}
 					<div data-tooltip-content='{{ctx.Locale.Tr "tracked_time_summary"}}'>
 						{{svg "octicon-clock"}}
diff --git a/templates/repo/issue/milestone_new.tmpl b/templates/repo/issue/milestone_new.tmpl
index 4809149a21..9bcced6f54 100644
--- a/templates/repo/issue/milestone_new.tmpl
+++ b/templates/repo/issue/milestone_new.tmpl
@@ -44,7 +44,7 @@
 						"TextareaPlaceholder" (ctx.Locale.Tr "repo.milestones.desc")
 					)}}
 				</div>
-				<div class="tw-text-right">
+				<div class="flex-text-block tw-justify-end">
 					{{if .PageIsEditMilestone}}
 						<a class="ui primary basic button" href="{{.RepoLink}}/milestones">
 							{{ctx.Locale.Tr "repo.milestones.cancel"}}
diff --git a/templates/repo/issue/milestones.tmpl b/templates/repo/issue/milestones.tmpl
index 5701c1faa6..8805c709a0 100644
--- a/templates/repo/issue/milestones.tmpl
+++ b/templates/repo/issue/milestones.tmpl
@@ -76,7 +76,7 @@
 								{{else}}
 									<a class="link-action flex-text-inline" href data-url="{{$.Link}}/{{.ID}}/close">{{svg "octicon-x" 14}}{{ctx.Locale.Tr "repo.milestones.close"}}</a>
 								{{end}}
-								<a class="delete-button flex-text-inline" href="#" data-url="{{$.RepoLink}}/milestones/delete" data-id="{{.ID}}">{{svg "octicon-trash" 14}}{{ctx.Locale.Tr "repo.issues.label_delete"}}</a>
+								<a class="link-action flex-text-inline text red" href data-modal-confirm="#repo-milestone-delete-modal" data-url="{{$.RepoLink}}/milestones/delete?id={{.ID}}">{{svg "octicon-trash" 14}}{{ctx.Locale.Tr "repo.issues.label_delete"}}</a>
 							</div>
 						{{end}}
 					</div>
@@ -92,15 +92,11 @@
 </div>
 
 {{if or .CanWriteIssues .CanWritePulls}}
-	<div class="ui g-modal-confirm delete modal">
-		<div class="header">
-			{{svg "octicon-trash"}}
-			{{ctx.Locale.Tr "repo.milestones.deletion"}}
-		</div>
-		<div class="content">
-			<p>{{ctx.Locale.Tr "repo.milestones.deletion_desc"}}</p>
-		</div>
+	<div class="ui small modal" id="repo-milestone-delete-modal">
+		<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.milestones.deletion"}}</div>
+		<div class="content"><p>{{ctx.Locale.Tr "repo.milestones.deletion_desc"}}</p></div>
 		{{template "base/modal_actions_confirm" .}}
 	</div>
 {{end}}
+
 {{template "base/footer" .}}
diff --git a/templates/repo/issue/new_form.tmpl b/templates/repo/issue/new_form.tmpl
index 73cf8c6324..b63cbcfc0d 100644
--- a/templates/repo/issue/new_form.tmpl
+++ b/templates/repo/issue/new_form.tmpl
@@ -4,8 +4,8 @@
 	<div class="issue-content-left">
 		<div class="ui comments">
 			<div class="comment">
-				{{ctx.AvatarUtils.Avatar .SignedUser 40}}
-				<div class="ui segment content tw-my-0">
+				<div class=" tw-mr-4 not-mobile">{{ctx.AvatarUtils.Avatar .SignedUser 40}}</div>
+				<div class="ui segment content tw-my-0 avatar-content-left-arrow">
 					<div class="field">
 						<input name="title" data-global-init="initInputAutoFocusEnd" id="issue_title" required maxlength="255" autocomplete="off"
 								placeholder="{{ctx.Locale.Tr "repo.milestones.title"}}"
@@ -33,7 +33,7 @@
 					{{else}}
 						{{template "repo/issue/comment_tab" .}}
 					{{end}}
-					<div class="tw-text-right">
+					<div class="flex-text-block tw-justify-end">
 						<button class="ui primary button">
 							{{if .PageIsComparePull}}
 								{{ctx.Locale.Tr "repo.pulls.create"}}
diff --git a/templates/repo/issue/search.tmpl b/templates/repo/issue/search.tmpl
index 07732ab5e7..de6c194ee8 100644
--- a/templates/repo/issue/search.tmpl
+++ b/templates/repo/issue/search.tmpl
@@ -8,6 +8,7 @@
 			<input type="hidden" name="project" value="{{$.ProjectID}}">
 			<input type="hidden" name="assignee" value="{{$.AssigneeID}}">
 			<input type="hidden" name="poster" value="{{$.PosterUsername}}">
+			<input type="hidden" name="sort" value="{{$.SortType}}">
 		{{end}}
 		{{template "shared/search/input" dict "Value" .Keyword}}
 		{{if .PageIsIssueList}}
diff --git a/templates/repo/issue/sidebar/assignee_list.tmpl b/templates/repo/issue/sidebar/assignee_list.tmpl
index 19927cbd41..1d2279a45d 100644
--- a/templates/repo/issue/sidebar/assignee_list.tmpl
+++ b/templates/repo/issue/sidebar/assignee_list.tmpl
@@ -6,8 +6,8 @@
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/assignee?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
 	<input class="combo-value" name="assignee_ids" type="hidden" value="{{$data.SelectedAssigneeIDs}}">
-	<div class="ui dropdown text-flex-grow {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
-		<a class="text muted">
+	<div class="ui dropdown full-width {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
+		<a class="fixed-text muted">
 			<strong>{{ctx.Locale.Tr "repo.issues.new.assignees"}}</strong> {{if $pageMeta.CanModifyIssueOrPull}}{{svg "octicon-gear"}}{{end}}
 		</a>
 		<div class="menu">
@@ -16,7 +16,7 @@
 				<input type="text" placeholder="{{ctx.Locale.Tr "repo.issues.filter_assignees"}}">
 			</div>
 			<div class="scrolling menu flex-items-block">
-				<div class="item clear-selection">{{ctx.Locale.Tr "repo.issues.new.clear_assignees"}}</div>
+				<div class="item clear-selection" data-text="">{{ctx.Locale.Tr "repo.issues.new.clear_assignees"}}</div>
 				<div class="divider"></div>
 				{{range $data.CandidateAssignees}}
 					<a class="item" href="#" data-value="{{.ID}}">
@@ -27,7 +27,7 @@
 			</div>
 		</div>
 	</div>
-	<div class="ui list muted-links flex-items-block tw-flex tw-flex-col tw-gap-2">
+	<div class="ui relaxed list muted-links flex-items-block">
 		<span class="item empty-list {{if $issueAssignees}}tw-hidden{{end}}">{{ctx.Locale.Tr "repo.issues.new.no_assignees"}}</span>
 		{{range $issueAssignees}}
 			<a class="item" href="{{$pageMeta.RepoLink}}/{{if $pageMeta.IsPullRequest}}pulls{{else}}issues{{end}}?assignee={{.ID}}">
diff --git a/templates/repo/issue/sidebar/issue_management.tmpl b/templates/repo/issue/sidebar/issue_management.tmpl
index b4922ed04b..8876a5054e 100644
--- a/templates/repo/issue/sidebar/issue_management.tmpl
+++ b/templates/repo/issue/sidebar/issue_management.tmpl
@@ -1,6 +1,7 @@
 {{if and .IsRepoAdmin (not .Repository.IsArchived)}}
 	<div class="divider"></div>
 
+	{{/* Pin issue */}}
 	{{if or .PinEnabled .Issue.IsPinned}}
 		<form class="tw-mt-1 form-fetch-action single-button-form" method="post" {{if $.NewPinAllowed}}action="{{.Issue.Link}}/pin"{{else}}data-tooltip-content="{{ctx.Locale.Tr "repo.issues.max_pinned"}}"{{end}}>
 			{{$.CsrfTokenHtml}}
@@ -16,16 +17,15 @@
 		</form>
 	{{end}}
 
-	<button class="tw-mt-1 fluid ui show-modal button{{if .Issue.IsLocked}} red{{end}}" data-modal="#lock">
+	{{/* Lock/unlock conversation */}}
+	<button class="tw-mt-1 fluid ui show-modal button{{if .Issue.IsLocked}} red{{end}}" data-modal="#lock-conversation">
 		{{if .Issue.IsLocked}}
-			{{svg "octicon-key"}}
-			{{ctx.Locale.Tr "repo.issues.unlock"}}
+			{{svg "octicon-key"}} {{ctx.Locale.Tr "repo.issues.unlock"}}
 		{{else}}
-			{{svg "octicon-lock"}}
-			{{ctx.Locale.Tr "repo.issues.lock"}}
+			{{svg "octicon-lock"}} {{ctx.Locale.Tr "repo.issues.lock"}}
 		{{end}}
 	</button>
-	<div class="ui tiny modal" id="lock">
+	<div class="ui tiny modal" id="lock-conversation">
 		<div class="header">
 			{{if .Issue.IsLocked}}
 				{{ctx.Locale.Tr "repo.issues.unlock.title"}}
@@ -45,29 +45,20 @@
 				{{end}}
 			</div>
 
-			<form class="ui form form-fetch-action" action="{{.Issue.Link}}{{if .Issue.IsLocked}}/unlock{{else}}/lock{{end}}"
-				method="post">
+			<form class="ui form form-fetch-action" method="post" action="{{.Issue.Link}}{{if .Issue.IsLocked}}/unlock{{else}}/lock{{end}}">
 				{{.CsrfTokenHtml}}
 
 				{{if not .Issue.IsLocked}}
 					<div class="field">
-						<strong> {{ctx.Locale.Tr "repo.issues.lock.reason"}} </strong>
+						<strong>{{ctx.Locale.Tr "repo.issues.lock.reason"}}</strong>
 					</div>
 
 					<div class="field">
 						<div class="ui fluid dropdown selection">
-
-							<select name="reason">
-								<option value=""> </option>
-								{{range .LockReasons}}
-									<option value="{{.}}">{{.}}</option>
-								{{end}}
-							</select>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-
-							<div class="default text"> </div>
-
+							<input type="hidden" name="reason">
+							<div class="text"></div> {{svg "octicon-triangle-down" 14 "dropdown icon"}}
 							<div class="menu">
+								<div class="item" data-value=""></div>
 								{{range .LockReasons}}
 									<div class="item" data-value="{{.}}">{{.}}</div>
 								{{end}}
@@ -78,7 +69,8 @@
 
 				<div class="actions">
 					<button class="ui cancel button">{{ctx.Locale.Tr "settings.cancel"}}</button>
-					<button class="ui red button">
+					{{/* explicitly focus the submit button, to avoid Fomantic modal focuses and popups the dropdown */}}
+					<button class="ui red button" autofocus>
 						{{if .Issue.IsLocked}}
 							{{ctx.Locale.Tr "repo.issues.unlock_confirm"}}
 						{{else}}
diff --git a/templates/repo/issue/sidebar/label_list.tmpl b/templates/repo/issue/sidebar/label_list.tmpl
index 7d4ad264c2..15c8760d1a 100644
--- a/templates/repo/issue/sidebar/label_list.tmpl
+++ b/templates/repo/issue/sidebar/label_list.tmpl
@@ -4,8 +4,8 @@
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/labels?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
 	<input class="combo-value" name="label_ids" type="hidden" value="{{$data.SelectedLabelIDs}}">
-	<div class="ui dropdown text-flex-grow {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
-		<a class="text muted">
+	<div class="ui dropdown full-width {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
+		<a class="fixed-text muted">
 			<strong>{{ctx.Locale.Tr "repo.issues.new.labels"}}</strong> {{if $pageMeta.CanModifyIssueOrPull}}{{svg "octicon-gear"}}{{end}}
 		</a>
 		<div class="menu">
@@ -17,7 +17,7 @@
 					<input type="text" placeholder="{{ctx.Locale.Tr "repo.issues.filter_labels"}}">
 				</div>
 				<div class="scrolling menu">
-					<a class="item clear-selection" href="#">{{ctx.Locale.Tr "repo.issues.new.clear_labels"}}</a>
+					<a class="item clear-selection" data-text="" href="#">{{ctx.Locale.Tr "repo.issues.new.clear_labels"}}</a>
 					<div class="divider"></div>
 					{{$previousExclusiveScope := "_no_scope"}}
 					{{range $data.RepoLabels}}
@@ -43,7 +43,7 @@
 		</div>
 	</div>
 
-	<div class="ui list labels-list tw-my-2 tw-flex tw-gap-2">
+	<div class="ui list labels-list">
 		<span class="item empty-list {{if $data.SelectedLabelIDs}}tw-hidden{{end}}">{{ctx.Locale.Tr "repo.issues.new.no_label"}}</span>
 		{{range $data.AllLabels}}
 			{{if .IsChecked}}
diff --git a/templates/repo/issue/sidebar/milestone_list.tmpl b/templates/repo/issue/sidebar/milestone_list.tmpl
index 4ca0d1bd3a..5bc961ed3c 100644
--- a/templates/repo/issue/sidebar/milestone_list.tmpl
+++ b/templates/repo/issue/sidebar/milestone_list.tmpl
@@ -6,8 +6,8 @@
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/milestone?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
 	<input class="combo-value" name="milestone_id" type="hidden" value="{{$data.SelectedMilestoneID}}">
-	<div class="ui dropdown text-flex-grow {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
-		<a class="text muted">
+	<div class="ui dropdown full-width {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
+		<a class="fixed-text muted">
 			<strong>{{ctx.Locale.Tr "repo.issues.new.milestone"}}</strong> {{if $pageMeta.CanModifyIssueOrPull}}{{svg "octicon-gear"}}{{end}}
 		</a>
 		<div class="menu">
@@ -19,7 +19,7 @@
 					<input type="text" placeholder="{{ctx.Locale.Tr "repo.issues.filter_milestones"}}">
 				</div>
 				<div class="scrolling menu">
-					<div class="item clear-selection">{{ctx.Locale.Tr "repo.issues.new.clear_milestone"}}</div>
+					<div class="item clear-selection" data-text="">{{ctx.Locale.Tr "repo.issues.new.clear_milestone"}}</div>
 					<div class="divider"></div>
 					{{if $data.OpenMilestones}}
 						<div class="header">{{ctx.Locale.Tr "repo.issues.filter_milestone_open"}}</div>
diff --git a/templates/repo/issue/sidebar/project_list.tmpl b/templates/repo/issue/sidebar/project_list.tmpl
index 0d8a88e8fa..a212261a22 100644
--- a/templates/repo/issue/sidebar/project_list.tmpl
+++ b/templates/repo/issue/sidebar/project_list.tmpl
@@ -6,8 +6,8 @@
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/projects?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
 	<input class="combo-value" name="project_id" type="hidden" value="{{$data.SelectedProjectID}}">
-	<div class="ui dropdown text-flex-grow {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
-		<a class="text muted">
+	<div class="ui dropdown full-width {{if not $pageMeta.CanModifyIssueOrPull}}disabled{{end}}">
+		<a class="fixed-text muted">
 			<strong>{{ctx.Locale.Tr "repo.issues.new.projects"}}</strong> {{if $pageMeta.CanModifyIssueOrPull}}{{svg "octicon-gear"}}{{end}}
 		</a>
 		<div class="menu">
@@ -18,7 +18,7 @@
 			</div>
 			{{end}}
 			<div class="scrolling menu">
-				<div class="item clear-selection">{{ctx.Locale.Tr "repo.issues.new.clear_projects"}}</div>
+				<div class="item clear-selection" data-text="">{{ctx.Locale.Tr "repo.issues.new.clear_projects"}}</div>
 				<div class="divider"></div>
 				{{if $data.OpenProjects}}
 					<div class="header">{{ctx.Locale.Tr "repo.issues.new.open_projects"}}</div>
diff --git a/templates/repo/issue/sidebar/reviewer_list.tmpl b/templates/repo/issue/sidebar/reviewer_list.tmpl
index 82e3c0c86a..2b5ca80fe7 100644
--- a/templates/repo/issue/sidebar/reviewer_list.tmpl
+++ b/templates/repo/issue/sidebar/reviewer_list.tmpl
@@ -6,8 +6,8 @@
 		{{if $pageMeta.Issue}}data-update-url="{{$pageMeta.RepoLink}}/issues/request_review?issue_ids={{$pageMeta.Issue.ID}}"{{end}}
 >
 	<input type="hidden" class="combo-value" name="reviewer_ids">{{/* match CreateIssueForm */}}
-	<div class="ui dropdown text-flex-grow {{if or (not $hasCandidates) (not $data.CanChooseReviewer)}}disabled{{end}}">
-		<a class="text muted">
+	<div class="ui dropdown full-width {{if or (not $hasCandidates) (not $data.CanChooseReviewer)}}disabled{{end}}">
+		<a class="fixed-text muted">
 			<strong>{{ctx.Locale.Tr "repo.issues.review.reviewers"}}</strong> {{if $data.CanChooseReviewer}}{{svg "octicon-gear"}}{{end}}
 		</a>
 		<div class="menu flex-items-menu">
@@ -43,7 +43,7 @@
 		</div>
 	</div>
 
-	<div class="ui relaxed list flex-items-block tw-my-4">
+	<div class="ui relaxed list flex-items-block">
 		<span class="item empty-list {{if or $data.OriginalReviews $data.CurrentPullReviewers}}tw-hidden{{end}}">
 			{{ctx.Locale.Tr "repo.issues.new.no_reviewers"}}
 		</span>
diff --git a/templates/repo/issue/sidebar/stopwatch_timetracker.tmpl b/templates/repo/issue/sidebar/stopwatch_timetracker.tmpl
index a72749a9f3..6168b06e17 100644
--- a/templates/repo/issue/sidebar/stopwatch_timetracker.tmpl
+++ b/templates/repo/issue/sidebar/stopwatch_timetracker.tmpl
@@ -2,34 +2,28 @@
 	{{if and .CanUseTimetracker (not .Repository.IsArchived)}}
 		<div class="divider"></div>
 		<div>
-			<div class="ui dropdown text-flex-grow jump">
-				<a class="text muted">
-					<div>
-						<strong>{{ctx.Locale.Tr "repo.issues.tracker"}}</strong> {{if $.IsStopwatchRunning}}{{svg "octicon-stopwatch"}}{{end}}
-					</div>
-					{{svg "octicon-gear"}}
-				</a>
-				<div class="menu">
-					<a class="item issue-set-time-estimate show-modal" data-modal="#issue-time-set-estimate-modal">
-						{{svg "octicon-pencil"}} {{ctx.Locale.Tr "repo.issues.time_estimate_set"}}
-					</a>
-					<div class="divider"></div>
-					{{if $.IsStopwatchRunning}}
-					<a class="item issue-stop-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/toggle">
-						{{svg "octicon-stopwatch"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_stop"}}
-					</a>
-					<a class="item issue-cancel-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/cancel">
-						{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_discard"}}
-					</a>
-					{{else}}
-					<a class="item issue-start-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/toggle">
-						{{svg "octicon-stopwatch"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_start"}}
-					</a>
-					<a class="item issue-add-time show-modal" data-modal="#issue-time-manually-add-modal">
-						{{svg "octicon-plus"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_manually_add"}}
-					</a>
-					{{end}}
-				</div>
+			<div class="flex-text-block">
+				<strong class="tw-flex-1">{{ctx.Locale.Tr "repo.issues.tracker"}}</strong>
+				<button class="btn interact-fg show-modal" data-tooltip-content="{{ctx.Locale.Tr "repo.issues.time_estimate_set"}}" data-modal="#issue-time-set-estimate-modal">
+					{{svg "octicon-pencil"}}
+				</button>
+			</div>
+			<div class="ui buttons tw-mt-2 tw-w-full">
+			{{if $.IsStopwatchRunning}}
+				<button class="ui button tw-flex-1 issue-stop-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/stop">
+					{{svg "octicon-stopwatch"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_stop"}}
+				</button>
+				<button class="ui icon button issue-cancel-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/cancel" data-tooltip-content="{{ctx.Locale.Tr "repo.issues.timetracker_timer_discard"}}">
+					{{svg "octicon-trash"}}
+				</button>
+			{{else}}
+				<button class="ui button tw-flex-1 issue-start-time link-action" data-url="{{.Issue.Link}}/times/stopwatch/start">
+					{{svg "octicon-stopwatch"}} {{ctx.Locale.Tr "repo.issues.timetracker_timer_start"}}
+				</button>
+				<button class="ui icon button issue-add-time show-modal" data-modal="#issue-time-manually-add-modal" data-tooltip-content="{{ctx.Locale.Tr "repo.issues.timetracker_timer_manually_add"}}">
+					{{svg "octicon-plus"}}
+				</button>
+			{{end}}
 			</div>
 
 			{{if and (not $.IsStopwatchRunning) .HasUserStopwatch}}
@@ -73,23 +67,19 @@
 		</div>
 	{{end}}
 	{{if .WorkingUsers}}
-		<div class="ui comments tw-mt-2">
+		<div class="tw-mt-2">
 			{{ctx.Locale.Tr "repo.issues.time_spent_from_all_authors" ($.Issue.TotalTrackedTime | Sec2Hour)}}
-			<div>
-				{{range $user, $trackedtime := .WorkingUsers}}
-					<div class="comment tw-mt-2">
-						<a class="avatar">
-							{{ctx.AvatarUtils.Avatar $user}}
-						</a>
-						<div class="content">
-							{{template "shared/user/authorlink" $user}}
-							<div class="text">
-								{{$trackedtime|Sec2Hour}}
-							</div>
-						</div>
+		</div>
+		<div class="ui list flex-items-block">
+			{{range $user, $trackedtime := .WorkingUsers}}
+				<div class="item tw-gap-3">
+					{{template "shared/user/avatarlink" dict "user" $user}}
+					<div>
+						{{template "shared/user/authorlink" $user}}
+						<div class="text">{{$trackedtime|Sec2Hour}}</div>
 					</div>
-				{{end}}
-			</div>
+				</div>
+			{{end}}
 		</div>
 	{{end}}
 {{end}}
diff --git a/templates/repo/issue/sidebar/wip_switch.tmpl b/templates/repo/issue/sidebar/wip_switch.tmpl
index b007399deb..8c40908f62 100644
--- a/templates/repo/issue/sidebar/wip_switch.tmpl
+++ b/templates/repo/issue/sidebar/wip_switch.tmpl
@@ -1,5 +1,5 @@
 {{if and (or .HasIssuesOrPullsWritePermission .IsIssuePoster) (not .HasMerged) (not .Issue.IsClosed) (not .IsPullWorkInProgress)}}
-	<a class="toggle-wip tw-block tw-mt-2" data-title="{{.Issue.Title}}" data-wip-prefix="{{index .PullRequestWorkInProgressPrefixes 0}}" data-update-url="{{.Issue.Link}}/title">
+	<a data-global-init="initPullRequestWipToggle" data-title="{{.Issue.Title}}" data-wip-prefix="{{index .PullRequestWorkInProgressPrefixes 0}}" data-update-url="{{.Issue.Link}}/title">
 		{{ctx.Locale.Tr "repo.pulls.still_in_progress"}} {{ctx.Locale.Tr "repo.pulls.add_prefix" (index .PullRequestWorkInProgressPrefixes 0)}}
 	</a>
 {{end}}
diff --git a/templates/repo/issue/view_content.tmpl b/templates/repo/issue/view_content.tmpl
index 1a7c0716bc..a51a7f4fb1 100644
--- a/templates/repo/issue/view_content.tmpl
+++ b/templates/repo/issue/view_content.tmpl
@@ -13,8 +13,8 @@
 				</a>
 				{{end}}
 				<div class="content comment-container">
-					<div class="comment-header" role="heading" aria-level="3">
-						<div class="comment-header-left tw-flex tw-items-center">
+					<div class="comment-header avatar-content-left-arrow" role="heading" aria-level="3">
+						<div class="comment-header-left">
 							{{if .Issue.OriginalAuthor}}
 								<span class="text black tw-font-semibold">
 									{{svg (MigrationIcon .Repository.GetOriginalURLHostname)}}
@@ -36,7 +36,7 @@
 								</span>
 							{{end}}
 						</div>
-						<div class="comment-header-right actions tw-flex tw-items-center">
+						<div class="comment-header-right">
 							{{template "repo/issue/view_content/show_role" dict "ShowRole" .Issue.ShowRole "IgnorePoster" true}}
 							{{if not $.Repository.IsArchived}}
 								{{template "repo/issue/view_content/add_reaction" dict "ActionURL" (printf "%s/issues/%d/reactions" $.RepoLink .Issue.Index)}}
@@ -68,7 +68,7 @@
 			{{template "repo/issue/view_content/comments" .}}
 
 			{{if and .Issue.IsPull (not $.Repository.IsArchived)}}
-				{{template "repo/issue/view_content/pull".}}
+				{{template "repo/issue/view_content/pull_merge_box".}}
 			{{end}}
 
 			{{if .IsSigned}}
@@ -78,12 +78,12 @@
 						{{ctx.AvatarUtils.Avatar .SignedUser 40}}
 					</a>
 					<div class="content">
-						<div class="ui segment">
+						<div class="ui segment avatar-content-left-arrow">
 							<form class="ui form form-fetch-action" id="comment-form" action="{{$.RepoLink}}/issues/{{.Issue.Index}}/comments" method="post">
 								{{template "repo/issue/comment_tab" .}}
 								{{.CsrfTokenHtml}}
 								<div class="field footer">
-									<div class="tw-text-right">
+									<div class="flex-text-block tw-justify-end">
 										{{if and (or .HasIssuesOrPullsWritePermission .IsIssuePoster) (not .DisableStatusChange)}}
 											{{if .Issue.IsClosed}}
 												<button id="status-button" class="ui primary basic button" data-status="{{ctx.Locale.Tr "repo.issues.reopen_issue"}}" data-status-and-comment="{{ctx.Locale.Tr "repo.issues.reopen_comment_issue"}}" name="status" value="reopen">
@@ -157,7 +157,7 @@
 		{{end}}
 
 		<div class="field">
-			<div class="tw-text-right edit">
+			<div class="flex-text-block tw-justify-end">
 				<button type="button" class="ui cancel button">{{ctx.Locale.Tr "repo.issues.cancel"}}</button>
 				<button type="submit" class="ui primary button">{{ctx.Locale.Tr "repo.issues.save"}}</button>
 			</div>
diff --git a/templates/repo/issue/view_content/attachments.tmpl b/templates/repo/issue/view_content/attachments.tmpl
index 2155f78656..e865050559 100644
--- a/templates/repo/issue/view_content/attachments.tmpl
+++ b/templates/repo/issue/view_content/attachments.tmpl
@@ -31,7 +31,7 @@
 				{{if FilenameIsImage .Name}}
 					{{if not (StringUtils.Contains (StringUtils.ToString $.RenderedContent) .UUID)}}
 					<a target="_blank" rel="noopener noreferrer" href="{{.DownloadURL}}">
-						<img alt="{{.Name}}" src="{{.DownloadURL}}" title="{{ctx.Locale.Tr "repo.issues.attachment.open_tab" .Name}}">
+						<img loading="lazy" alt="{{.Name}}" src="{{.DownloadURL}}" title="{{ctx.Locale.Tr "repo.issues.attachment.open_tab" .Name}}">
 					</a>
 					{{end}}
 				{{end}}
diff --git a/templates/repo/issue/view_content/comments.tmpl b/templates/repo/issue/view_content/comments.tmpl
index f2f3d1c9cc..089cdf2ccd 100644
--- a/templates/repo/issue/view_content/comments.tmpl
+++ b/templates/repo/issue/view_content/comments.tmpl
@@ -26,14 +26,14 @@
 				</a>
 			{{end}}
 				<div class="content comment-container">
-					<div class="comment-header" role="heading" aria-level="3">
-						<div class="comment-header-left tw-flex tw-items-center">
+					<div class="comment-header avatar-content-left-arrow" role="heading" aria-level="3">
+						<div class="comment-header-left">
 							{{if .OriginalAuthor}}
 								<span class="text black tw-font-semibold tw-mr-1">
 									{{svg (MigrationIcon $.Repository.GetOriginalURLHostname)}}
 									{{.OriginalAuthor}}
 								</span>
-								<span class="text grey muted-links">
+								<span class="comment-text-line">
 									{{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}} {{if $.Repository.OriginalURL}}
 								</span>
 								<span class="text migrate">
@@ -45,13 +45,13 @@
 										{{ctx.AvatarUtils.Avatar .Poster 24}}
 									</a>
 								{{end}}
-								<span class="text grey muted-links">
+								<span class="comment-text-line">
 									{{template "shared/user/authorlink" .Poster}}
 									{{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}}
 								</span>
 							{{end}}
 						</div>
-						<div class="comment-header-right actions tw-flex tw-items-center">
+						<div class="comment-header-right">
 							{{template "repo/issue/view_content/show_role" dict "ShowRole" .ShowRole}}
 							{{if not $.Repository.IsArchived}}
 								{{template "repo/issue/view_content/add_reaction" dict "ActionURL" (printf "%s/comments/%d/reactions" $.RepoLink .ID)}}
@@ -85,7 +85,7 @@
 				{{if not .OriginalAuthor}}
 					{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{end}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 					{{if .Issue.IsPull}}
 						{{ctx.Locale.Tr "repo.pulls.reopened_at" .EventTag $createdStr}}
@@ -100,7 +100,7 @@
 				{{if not .OriginalAuthor}}
 					{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{end}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 					{{if .Issue.IsPull}}
 						{{ctx.Locale.Tr "repo.pulls.closed_at" .EventTag $createdStr}}
@@ -115,7 +115,7 @@
 				{{if not .OriginalAuthor}}
 					{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{end}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 					{{$link := printf "%s/commit/%s" $.Repository.Link ($.Issue.PullRequest.MergedCommitID|PathEscape)}}
 					{{if eq $.Issue.PullRequest.Status 3}}
@@ -143,35 +143,36 @@
 				<span class="badge">{{svg "octicon-bookmark"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{if eq .RefAction 3}}<del>{{end}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr $refTr .EventTag $createdStr (.RefCommentLink ctx) $refFrom}}
 				</span>
 				{{if eq .RefAction 3}}</del>{{end}}
 
 				<div class="detail flex-text-block">
-					<span class="text grey muted-links"><a href="{{.RefIssueLink ctx}}"><b>{{.RefIssueTitle ctx}}</b> {{.RefIssueIdent ctx}}</a></span>
+					<span class="comment-text-line"><a href="{{.RefIssueLink ctx}}"><b>{{.RefIssueTitle ctx}}</b> {{.RefIssueIdent ctx}}</a></span>
 				</div>
 			</div>
 		{{else if eq .Type 4}}
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-bookmark"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.commit_ref_at" .EventTag $createdStr}}
 				</span>
 				<div class="detail flex-text-block">
 					{{svg "octicon-git-commit"}}
-					<span class="text grey muted-links">{{.Content | SanitizeHTML}}</span>
+					{{/* the content is a link like <a href="{RepoLink}/commit/{CommitID}">message title</a> (from CreateRefComment) */}}
+					<span class="comment-text-line">{{.Content | SanitizeHTML}}</span>
 				</div>
 			</div>
 		{{else if eq .Type 7}}
 			{{if or .AddedLabels .RemovedLabels}}
-				<div class="timeline-item event" id="{{.HashTag}}">
+				<div class="timeline-item event with-labels-list-inline" id="{{.HashTag}}">
 					<span class="badge">{{svg "octicon-tag"}}</span>
 					{{template "shared/user/avatarlink" dict "user" .Poster}}
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Poster}}
 						{{if and .AddedLabels (not .RemovedLabels)}}
 							{{ctx.Locale.TrN (len .AddedLabels) "repo.issues.add_label" "repo.issues.add_labels" (ctx.RenderUtils.RenderLabels .AddedLabels $.RepoLink .Issue) $createdStr}}
@@ -187,7 +188,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-milestone"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{if gt .OldMilestoneID 0}}{{if gt .MilestoneID 0}}{{ctx.Locale.Tr "repo.issues.change_milestone_at" .OldMilestone.Name .Milestone.Name $createdStr}}{{else}}{{ctx.Locale.Tr "repo.issues.remove_milestone_at" .OldMilestone.Name $createdStr}}{{end}}{{else if gt .MilestoneID 0}}{{ctx.Locale.Tr "repo.issues.add_milestone_at" .Milestone.Name $createdStr}}{{end}}
 				</span>
@@ -197,7 +198,7 @@
 				<span class="badge">{{svg "octicon-person"}}</span>
 				{{if .RemovedAssignee}}
 					{{template "shared/user/avatarlink" dict "user" .Assignee}}
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Assignee}}
 						{{if eq .Poster.ID .Assignee.ID}}
 							{{ctx.Locale.Tr "repo.issues.remove_self_assignment" $createdStr}}
@@ -207,7 +208,7 @@
 					</span>
 				{{else}}
 					{{template "shared/user/avatarlink" dict "user" .Assignee}}
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Assignee}}
 						{{if eq .Poster.ID .AssigneeID}}
 							{{ctx.Locale.Tr "repo.issues.self_assign_at" $createdStr}}
@@ -221,7 +222,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-pencil"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.change_title_at" (.OldTitle|ctx.RenderUtils.RenderEmoji) (.NewTitle|ctx.RenderUtils.RenderEmoji) $createdStr}}
 				</span>
@@ -230,7 +231,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-git-branch"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$oldRef := HTMLFormat `<span class="tw-line-through">%s</span>` .OldRef}}
 					{{ctx.Locale.Tr "repo.issues.delete_branch_at" $oldRef $createdStr}}
@@ -240,7 +241,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.start_tracking_history" $createdStr}}
 				</span>
@@ -249,7 +250,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$timeStr := .RenderedContent}} {{/* compatibility with time comments made before v1.21 */}}
 					{{if not $timeStr}}{{$timeStr = .Content|Sec2Hour}}{{end}}
@@ -261,7 +262,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$timeStr := .RenderedContent}} {{/* compatibility with time comments made before v1.21 */}}
 					{{if not $timeStr}}{{$timeStr = .Content|Sec2Hour}}{{end}}
@@ -273,7 +274,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.cancel_tracking_history" $createdStr}}
 				</span>
@@ -282,7 +283,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$dueDate := DateUtils.AbsoluteLong (.Content|DateUtils.ParseLegacy)}}
 					{{ctx.Locale.Tr "repo.issues.due_date_added" $dueDate $createdStr}}
@@ -292,7 +293,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$parsedDeadline := StringUtils.Split .Content "|"}}
 					{{if eq (len $parsedDeadline) 2}}
@@ -306,7 +307,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$dueDate := DateUtils.AbsoluteLong (.Content|DateUtils.ParseLegacy)}}
 					{{ctx.Locale.Tr "repo.issues.due_date_remove" $dueDate $createdStr}}
@@ -316,14 +317,14 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-package-dependents"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.dependency.added_dependency" $createdStr}}
 				</span>
 				{{if .DependentIssue}}
 					<div class="detail flex-text-block">
 						{{svg "octicon-plus"}}
-						<span class="text grey muted-links">
+						<span class="comment-text-line">
 							<a href="{{.DependentIssue.Link}}">
 								{{if eq .DependentIssue.RepoID .Issue.RepoID}}
 									#{{.DependentIssue.Index}} {{.DependentIssue.Title}}
@@ -339,14 +340,14 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-package-dependents"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.dependency.removed_dependency" $createdStr}}
 				</span>
 				{{if .DependentIssue}}
 					<div class="detail flex-text-block">
 						{{svg "octicon-trash"}}
-						<span class="text grey muted-links">
+						<span class="comment-text-line">
 							<a href="{{.DependentIssue.Link}}">
 								{{if eq .DependentIssue.RepoID .Issue.RepoID}}
 									#{{.DependentIssue.Index}} {{.DependentIssue.Title}}
@@ -374,7 +375,7 @@
 					<span class="badge tw-text-white{{if eq $reviewType 1}}{{if .Review.Official}} tw-bg-green {{else}} tw-bg-grey{{end}}{{else if eq $reviewType 3}} tw-bg-red{{end}}">
 						{{if .Review}}{{svg (printf "octicon-%s" .Review.Type.Icon)}}{{end}}
 					</span>
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 						{{if eq $reviewType 1}}
 							{{ctx.Locale.Tr "repo.issues.review.approve" $createdStr}}
@@ -393,20 +394,20 @@
 				{{if or .Content .Attachments}}
 				<div class="timeline-item comment">
 					<div class="content comment-container">
-						<div class="comment-header">
-							<div class="comment-header-left tw-flex tw-items-center">
+						<div class="comment-header avatar-content-left-arrow">
+							<div class="comment-header-left">
 								{{if gt .Poster.ID 0}}
 									<a class="inline-timeline-avatar" href="{{.Poster.HomeLink}}">
 										{{ctx.AvatarUtils.Avatar .Poster 24}}
 									</a>
 								{{end}}
-								<span class="text grey muted-links">
+								<span class="comment-text-line">
 									{{if .OriginalAuthor}}
 										<span class="text black tw-font-semibold">
 											{{svg (MigrationIcon $.Repository.GetOriginalURLHostname)}}
 											{{.OriginalAuthor}}
 										</span>
-										<span class="text grey muted-links"> {{if $.Repository.OriginalURL}}</span>
+										<span class="comment-text-line"> {{if $.Repository.OriginalURL}}</span>
 										<span class="text migrate">({{ctx.Locale.Tr "repo.migrated_from" $.Repository.OriginalURL $.Repository.GetOriginalURLHostname}}){{end}}</span>
 									{{else}}
 										{{template "shared/user/authorlink" .Poster}}
@@ -415,7 +416,7 @@
 									{{ctx.Locale.Tr "repo.issues.review.left_comment"}}
 								</span>
 							</div>
-							<div class="comment-header-right actions tw-flex tw-items-center">
+							<div class="comment-header-right">
 								{{template "repo/issue/view_content/show_role" dict "ShowRole" .ShowRole}}
 								{{if not $.Repository.IsArchived}}
 									{{template "repo/issue/view_content/add_reaction" dict "ActionURL" (printf "%s/comments/%d/reactions" $.RepoLink .ID)}}
@@ -460,12 +461,12 @@
 				<span class="badge">{{svg "octicon-lock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{if .Content}}
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Poster}}
 						{{ctx.Locale.Tr "repo.issues.lock_with_reason" .Content $createdStr}}
 					</span>
 				{{else}}
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Poster}}
 						{{ctx.Locale.Tr "repo.issues.lock_no_reason" $createdStr}}
 					</span>
@@ -475,7 +476,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-key"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{ctx.Locale.Tr "repo.issues.unlock_comment" $createdStr}}
 				</span>
@@ -486,7 +487,7 @@
 				{{if not .OriginalAuthor}}
 					{{template "shared/user/avatarlink" dict "user" .Poster}}
 				{{end}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 					{{ctx.Locale.Tr "repo.pulls.change_target_branch_at" .OldRef .NewRef $createdStr}}
 				</span>
@@ -495,7 +496,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 
 					{{ctx.Locale.Tr "repo.issues.del_time_history" $createdStr}}
@@ -504,9 +505,9 @@
 					{{svg "octicon-clock"}}
 					{{if .RenderedContent}}
 						{{/* compatibility with time comments made before v1.21 */}}
-						<span class="text grey muted-links">{{.RenderedContent}}</span>
+						<span class="comment-text-line">{{.RenderedContent}}</span>
 					{{else}}
-						<span class="text grey muted-links">- {{.Content|Sec2Hour}}</span>
+						<span class="comment-text-line">- {{.Content|Sec2Hour}}</span>
 					{{end}}
 				</div>
 			</div>
@@ -514,7 +515,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-eye"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{if (gt .AssigneeID 0)}}
 						{{if .RemovedAssignee}}
@@ -547,7 +548,7 @@
 			{{end}}
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-repo-push"}}</span>
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{if .IsForcePush}}
 						{{ctx.Locale.Tr "repo.issues.force_push_codes" $.Issue.PullRequest.HeadBranch (ShortSha .OldCommit) ($.Issue.Repo.CommitLink .OldCommit) (ShortSha .NewCommit) ($.Issue.Repo.CommitLink .NewCommit) $createdStr}}
@@ -556,9 +557,7 @@
 					{{end}}
 				</span>
 				{{if and .IsForcePush $.Issue.PullRequest.BaseRepo.Name}}
-				<span class="tw-float-right comparebox">
-					<a href="{{$.Issue.PullRequest.BaseRepo.Link}}/compare/{{PathEscape .OldCommit}}..{{PathEscape .NewCommit}}" rel="nofollow" class="ui compare label">{{ctx.Locale.Tr "repo.issues.force_push_compare"}}</a>
-				</span>
+					<a class="ui label comment-text-label tw-float-right" href="{{$.Issue.PullRequest.BaseRepo.Link}}/compare/{{PathEscape .OldCommit}}..{{PathEscape .NewCommit}}" rel="nofollow">{{ctx.Locale.Tr "repo.issues.force_push_compare"}}</a>
 				{{end}}
 			</div>
 			{{if not .IsForcePush}}
@@ -568,7 +567,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-project"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$oldProjectDisplayHtml := "Unknown Project"}}
 					{{if .OldProject}}
@@ -600,7 +599,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-project"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$newProjectDisplay := .CommentMetaData.ProjectTitle}}
 					{{if .Project}}
@@ -615,10 +614,10 @@
 			<div class="timeline-item-group">
 				<div class="timeline-item event" id="{{.HashTag}}">
 					<a class="timeline-avatar"{{if gt .Poster.ID 0}} href="{{.Poster.HomeLink}}"{{end}}>
-						<img src="{{.Poster.AvatarLink ctx}}" width="40" height="40">
+						{{ctx.AvatarUtils.Avatar .Poster 40}}
 					</a>
 					<span class="badge grey">{{svg "octicon-x" 16}}</span>
-					<span class="text grey muted-links">
+					<span class="comment-text-line">
 						{{template "shared/user/authorlink" .Poster}}
 						{{$reviewerName := ""}}
 						{{if .Review}}
@@ -634,13 +633,13 @@
 				{{if .Content}}
 					<div class="timeline-item comment">
 						<div class="content comment-container">
-							<div class="comment-header arrow-top">
+							<div class="comment-header avatar-content-left-arrow arrow-top">
 								{{if gt .Poster.ID 0}}
 									<a class="inline-timeline-avatar" href="{{.Poster.HomeLink}}">
 										{{ctx.AvatarUtils.Avatar .Poster 24}}
 									</a>
 								{{end}}
-								<span class="text grey muted-links">
+								<span class="comment-text-line">
 									{{ctx.Locale.Tr "action.review_dismissed_reason"}}
 								</span>
 							</div>
@@ -661,7 +660,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-git-branch"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{if and .OldRef .NewRef}}
 						{{ctx.Locale.Tr "repo.issues.change_ref_at" .OldRef .NewRef $createdStr}}
@@ -675,7 +674,7 @@
 		{{else if or (eq .Type 34) (eq .Type 35)}}
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-git-merge" 16}}</span>
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "repo/issue/view_content/comments_authorlink" dict "ctxData" $ "comment" .}}
 					{{if eq .Type 34}}{{ctx.Locale.Tr "repo.pulls.auto_merge_newly_scheduled_comment" $createdStr}}
 					{{else}}{{ctx.Locale.Tr "repo.pulls.auto_merge_canceled_schedule_comment" $createdStr}}{{end}}
@@ -685,7 +684,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-pin" 16}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{if eq .Type 36}}{{ctx.Locale.Tr "repo.issues.pin_comment" $createdStr}}
 					{{else}}{{ctx.Locale.Tr "repo.issues.unpin_comment" $createdStr}}{{end}}
@@ -695,7 +694,7 @@
 			<div class="timeline-item event" id="{{.HashTag}}">
 				<span class="badge">{{svg "octicon-clock"}}</span>
 				{{template "shared/user/avatarlink" dict "user" .Poster}}
-				<span class="text grey muted-links">
+				<span class="comment-text-line">
 					{{template "shared/user/authorlink" .Poster}}
 					{{$timeStr := .Content|TimeEstimateString}}
 					{{if $timeStr}}
diff --git a/templates/repo/issue/view_content/conversation.tmpl b/templates/repo/issue/view_content/conversation.tmpl
index 32e9811335..189b9d6259 100644
--- a/templates/repo/issue/view_content/conversation.tmpl
+++ b/templates/repo/issue/view_content/conversation.tmpl
@@ -15,9 +15,9 @@
 					</span>
 				{{end}}
 			</div>
-			<div>
+			<div class="tw-flex tw-items-center">
 				{{if or $invalid $resolved}}
-					<button id="show-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="{{if not $resolved}}tw-hidden {{end}}ui compact labeled button show-outdated tw-flex tw-items-center">
+					<button id="show-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="{{if not $resolved}}tw-hidden{{end}} btn tiny show-outdated">
 						{{svg "octicon-unfold" 16 "tw-mr-2"}}
 						{{if $resolved}}
 							{{ctx.Locale.Tr "repo.issues.review.show_resolved"}}
@@ -25,7 +25,7 @@
 							{{ctx.Locale.Tr "repo.issues.review.show_outdated"}}
 						{{end}}
 					</button>
-					<button id="hide-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="{{if $resolved}}tw-hidden {{end}}ui compact labeled button hide-outdated tw-flex tw-items-center">
+					<button id="hide-outdated-{{$comment.ID}}" data-comment="{{$comment.ID}}" class="{{if $resolved}}tw-hidden {{end}} btn tiny hide-outdated">
 						{{svg "octicon-fold" 16 "tw-mr-2"}}
 						{{if $resolved}}
 							{{ctx.Locale.Tr "repo.issues.review.hide_resolved"}}
@@ -58,7 +58,7 @@
 					<div class="comment code-comment" id="{{.HashTag}}">
 						<div class="content comment-container">
 							<div class="comment-header">
-								<div class="comment-header-left tw-flex tw-items-center">
+								<div class="comment-header-left">
 									{{if not .OriginalAuthor}}
 										<a class="avatar">
 											{{ctx.AvatarUtils.Avatar .Poster 20}}
@@ -79,7 +79,7 @@
 										{{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdSubStr}}
 									</span>
 								</div>
-								<div class="comment-header-right actions tw-flex tw-items-center">
+								<div class="comment-header-right">
 									{{template "repo/issue/view_content/show_role" dict "ShowRole" .ShowRole}}
 									{{if not $.Repository.IsArchived}}
 										{{template "repo/issue/view_content/add_reaction" dict "ActionURL" (printf "%s/comments/%d/reactions" $.RepoLink .ID)}}
@@ -109,7 +109,7 @@
 					</div>
 				{{end}}
 			</div>
-			<div class="code-comment-buttons tw-flex tw-items-center tw-flex-wrap tw-mt-2 tw-mb-1 tw-mx-2">
+			<div class="flex-text-block tw-flex-wrap tw-my-2">
 				<div class="tw-flex-1">
 					{{if $resolved}}
 						<div class="ui grey text">
@@ -118,7 +118,7 @@
 						</div>
 					{{end}}
 				</div>
-				<div class="code-comment-buttons-buttons">
+				<div class="flex-text-block">
 					{{if and $.CanMarkConversation $hasReview (not $isReviewPending)}}
 						<button class="ui tiny basic button resolve-conversation" data-origin="timeline" data-action="{{if not $resolved}}Resolve{{else}}UnResolve{{end}}" data-comment-id="{{$comment.ID}}" data-update-url="{{$.RepoLink}}/issues/resolve_conversation">
 							{{if $resolved}}
@@ -129,8 +129,8 @@
 						</button>
 					{{end}}
 					{{if and $.SignedUserID (not $.Repository.IsArchived)}}
-						<button class="comment-form-reply ui primary tiny labeled icon button tw-ml-1 tw-mr-0">
-							{{svg "octicon-reply" 16 "reply icon tw-mr-1"}}{{ctx.Locale.Tr "repo.diff.comment.reply"}}
+						<button class="comment-form-reply ui primary icon tiny button">
+							{{svg "octicon-reply" 12}}{{ctx.Locale.Tr "repo.diff.comment.reply"}}
 						</button>
 					{{end}}
 				</div>
diff --git a/templates/repo/issue/view_content/pull.tmpl b/templates/repo/issue/view_content/pull_merge_box.tmpl
index 064b62e128..113bfb732e 100644
--- a/templates/repo/issue/view_content/pull.tmpl
+++ b/templates/repo/issue/view_content/pull_merge_box.tmpl
@@ -1,7 +1,13 @@
 {{if and .Issue.PullRequest.HasMerged (not .IsPullBranchDeletable)}}
 {{/* Then the merge box will not be displayed because this page already contains enough information */}}
 {{else}}
-<div class="timeline-item comment merge box">
+<div class="timeline-item comment pull-merge-box"
+	data-global-init="initRepoPullMergeBox"
+	{{if .PullMergeBoxReloadingInterval}}
+		data-pull-merge-box-reloading-interval="{{.PullMergeBoxReloadingInterval}}"
+		data-pull-link="{{.Issue.Link}}"
+	{{end}}
+>
 	<div class="timeline-avatar text {{if .Issue.PullRequest.HasMerged}}purple
 	{{- else if .Issue.IsClosed}}grey
 	{{- else if .IsPullWorkInProgress}}grey
@@ -32,7 +38,7 @@
 		</div>
 		{{end}}
 		{{$showGeneralMergeForm := false}}
-		<div class="ui attached segment merge-section {{if not $.LatestCommitStatus}}no-header{{end}} flex-items-block">
+		<div class="ui attached segment merge-section {{if not $.LatestCommitStatus}}avatar-content-left-arrow{{end}} flex-items-block">
 			{{if .Issue.PullRequest.HasMerged}}
 				{{if .IsPullBranchDeletable}}
 					<div class="item item-section text tw-flex-1">
@@ -89,7 +95,7 @@
 						{{ctx.Locale.Tr "repo.pulls.cannot_merge_work_in_progress"}}
 					</div>
 					{{if or .HasIssuesOrPullsWritePermission .IsIssuePoster}}
-						<button class="ui compact button toggle-wip" data-title="{{.Issue.Title}}" data-wip-prefix="{{.WorkInProgressPrefix}}" data-update-url="{{.Issue.Link}}/title">
+						<button class="ui compact button" data-global-init="initPullRequestWipToggle" data-title="{{.Issue.Title}}" data-wip-prefix="{{.WorkInProgressPrefix}}" data-update-url="{{.Issue.Link}}/title">
 							{{ctx.Locale.Tr "repo.pulls.remove_prefix" .WorkInProgressPrefix}}
 						</button>
 					{{end}}
@@ -97,7 +103,7 @@
 				{{template "repo/issue/view_content/update_branch_by_merge" $}}
 			{{else if .Issue.PullRequest.IsChecking}}
 				<div class="item">
-					{{svg "octicon-sync"}}
+					{{svg "octicon-sync" 16 "circular-spin"}}
 					{{ctx.Locale.Tr "repo.pulls.is_checking"}}
 				</div>
 			{{else if .Issue.PullRequest.IsAncestor}}
@@ -191,10 +197,11 @@
 						</div>
 					{{end}}
 				{{end}}
+
 				{{template "repo/issue/view_content/update_branch_by_merge" $}}
+
 				{{if .Issue.PullRequest.IsEmpty}}
 					<div class="divider"></div>
-
 					<div class="item">
 						{{svg "octicon-alert"}}
 						{{ctx.Locale.Tr "repo.pulls.is_empty"}}
@@ -216,7 +223,7 @@
 							const defaultMergeMessage = {{.DefaultMergeBody}};
 							const defaultSquashMergeMessage = {{.DefaultSquashMergeBody}};
 							const mergeForm = {
-								'baseLink': {{.Link}},
+								'baseLink': {{.Issue.Link}},
 								'textCancel': {{ctx.Locale.Tr "cancel"}},
 								'textDeleteBranch': {{ctx.Locale.Tr "repo.branch.delete" .HeadTarget}},
 								'textAutoMergeButtonWhenSucceed': {{ctx.Locale.Tr "repo.pulls.auto_merge_button_when_succeed"}},
@@ -318,7 +325,7 @@
 				{{if .IsBlockedByApprovals}}
 					<div class="item text red">
 						{{svg "octicon-x"}}
-					{{ctx.Locale.Tr "repo.pulls.blocked_by_approvals" .GrantedApprovals .ProtectedBranch.RequiredApprovals}}
+						{{ctx.Locale.Tr "repo.pulls.blocked_by_approvals" .GrantedApprovals .ProtectedBranch.RequiredApprovals}}
 					</div>
 				{{else if .IsBlockedByRejection}}
 					<div class="item text red">
@@ -377,7 +384,7 @@
 			*/}}
 			{{if and $.StillCanManualMerge (not $showGeneralMergeForm)}}
 				<div class="divider"></div>
-				<form class="ui form form-fetch-action" action="{{.Link}}/merge" method="post">{{/* another similar form is in PullRequestMergeForm.vue*/}}
+				<form class="ui form form-fetch-action" action="{{.Issue.Link}}/merge" method="post">{{/* another similar form is in PullRequestMergeForm.vue*/}}
 					{{.CsrfTokenHtml}}
 					<div class="field">
 						<input type="text" name="merge_commit_id" placeholder="{{ctx.Locale.Tr "repo.pulls.merge_commit_id"}}">
diff --git a/templates/repo/issue/view_content/pull_merge_instruction.tmpl b/templates/repo/issue/view_content/pull_merge_instruction.tmpl
index a1cff41a3a..9dbcbeee21 100644
--- a/templates/repo/issue/view_content/pull_merge_instruction.tmpl
+++ b/templates/repo/issue/view_content/pull_merge_instruction.tmpl
@@ -7,11 +7,11 @@
 		{{if ne .PullRequest.HeadRepo.ID .PullRequest.BaseRepo.ID}}
 			{{$localBranch = print .PullRequest.HeadRepo.OwnerName "-" .PullRequest.HeadBranch}}
 		{{end}}
-		<div class="ui secondary segment">
+		<div class="ui secondary segment tw-font-mono">
 			{{if eq .PullRequest.Flow 0}}
 			<div>git fetch -u {{if ne .PullRequest.HeadRepo.ID .PullRequest.BaseRepo.ID}}<origin-url data-url="{{.PullRequest.HeadRepo.Link}}"></origin-url>{{else}}origin{{end}} {{.PullRequest.HeadBranch}}:{{$localBranch}}</div>
 			{{else}}
-			<div>git fetch -u origin {{.PullRequest.GetGitRefName}}:{{$localBranch}}</div>
+			<div>git fetch -u origin {{.PullRequest.GetGitHeadRefName}}:{{$localBranch}}</div>
 			{{end}}
 			<div>git checkout {{$localBranch}}</div>
 		</div>
@@ -23,7 +23,7 @@
 				<div>{{ctx.Locale.Tr "repo.pulls.cmd_instruction_merge_warning"}}</div>
 			{{end}}
 		</div>
-		<div class="ui secondary segment">
+		<div class="ui secondary segment tw-font-mono">
 			<div data-pull-merge-style="merge">
 				<div>git checkout {{.PullRequest.BaseBranch}}</div>
 				<div>git merge --no-ff {{$localBranch}}</div>
diff --git a/templates/repo/issue/view_content/reference_issue_dialog.tmpl b/templates/repo/issue/view_content/reference_issue_dialog.tmpl
index f6ffeef26d..0b28bdc811 100644
--- a/templates/repo/issue/view_content/reference_issue_dialog.tmpl
+++ b/templates/repo/issue/view_content/reference_issue_dialog.tmpl
@@ -7,7 +7,7 @@
 			{{.CsrfTokenHtml}}
 			<div class="field">
 				<label><strong>{{ctx.Locale.Tr "repository"}}</strong></label>
-				<div class="ui search selection dropdown issue_reference_repository_search ellipsis-items-nowrap">
+				<div class="ui search selection dropdown issue_reference_repository_search ellipsis-text-items">
 					<div class="default text gt-ellipsis">{{.Repository.FullName}}</div>
 					<div class="menu"></div>
 				</div>
@@ -20,7 +20,7 @@
 				<label><strong>{{ctx.Locale.Tr "repo.issues.reference_issue.body"}}</strong></label>
 				<textarea name="content"></textarea>
 			</div>
-			<div class="tw-text-right">
+			<div class="flex-text-block tw-justify-end">
 				<button class="ui primary button">{{ctx.Locale.Tr "repo.issues.create"}}</button>
 			</div>
 		</form>
diff --git a/templates/repo/issue/view_content/update_branch_by_merge.tmpl b/templates/repo/issue/view_content/update_branch_by_merge.tmpl
index e0ed262f17..5d959bf0b3 100644
--- a/templates/repo/issue/view_content/update_branch_by_merge.tmpl
+++ b/templates/repo/issue/view_content/update_branch_by_merge.tmpl
@@ -9,7 +9,7 @@
 			{{if and $.UpdateAllowed $.UpdateByRebaseAllowed}}
 				<div class="tw-inline-block">
 					<div id="update-pr-branch-with-base" class="ui buttons">
-						<button class="ui button" data-do="{{$.Link}}/update" data-redirect="{{$.Link}}">
+						<button class="ui button" data-do="{{$.Issue.Link}}/update" data-redirect="{{$.Issue.Link}}">
 							<span class="button-text">
 								{{ctx.Locale.Tr "repo.pulls.update_branch"}}
 							</span>
@@ -17,15 +17,15 @@
 						<div class="ui dropdown icon button">
 							{{svg "octicon-triangle-down"}}
 							<div class="menu">
-								<a class="item active selected" data-do="{{$.Link}}/update">{{ctx.Locale.Tr "repo.pulls.update_branch"}}</a>
-								<a class="item" data-do="{{$.Link}}/update?style=rebase">{{ctx.Locale.Tr "repo.pulls.update_branch_rebase"}}</a>
+								<a class="item active selected" data-do="{{$.Issue.Link}}/update">{{ctx.Locale.Tr "repo.pulls.update_branch"}}</a>
+								<a class="item" data-do="{{$.Issue.Link}}/update?style=rebase">{{ctx.Locale.Tr "repo.pulls.update_branch_rebase"}}</a>
 							</div>
 						</div>
 					</div>
 				</div>
 			{{end}}
 			{{if and $.UpdateAllowed (not $.UpdateByRebaseAllowed)}}
-				<form action="{{$.Link}}/update" method="post" class="ui update-branch-form">
+				<form action="{{$.Issue.Link}}/update" method="post" class="ui update-branch-form">
 					{{$.CsrfTokenHtml}}
 					<button class="ui compact button">
 						<span class="ui text">{{ctx.Locale.Tr "repo.pulls.update_branch"}}</span>
diff --git a/templates/repo/issue/view_title.tmpl b/templates/repo/issue/view_title.tmpl
index dcc1f48c2c..103fa5de53 100644
--- a/templates/repo/issue/view_title.tmpl
+++ b/templates/repo/issue/view_title.tmpl
@@ -12,8 +12,8 @@
 <div class="issue-title-header">
 	{{$canEditIssueTitle := and (or .HasIssuesOrPullsWritePermission .IsIssuePoster) (not .Repository.IsArchived)}}
 	<div class="issue-title" id="issue-title-display">
-		<h1 class="tw-break-anywhere">
-			{{ctx.RenderUtils.RenderIssueTitle .Issue.Title ($.Repository.ComposeMetas ctx)}}
+		<h1>
+			{{ctx.RenderUtils.RenderIssueTitle .Issue.Title $.Repository}}
 			<span class="index">#{{.Issue.Index}}</span>
 		</h1>
 		<div class="issue-title-buttons">
diff --git a/templates/repo/latest_commit.tmpl b/templates/repo/latest_commit.tmpl
index 0341d60eb2..cff338949f 100644
--- a/templates/repo/latest_commit.tmpl
+++ b/templates/repo/latest_commit.tmpl
@@ -21,10 +21,10 @@
 	{{template "repo/commit_statuses" dict "Status" .LatestCommitStatus "Statuses" .LatestCommitStatuses}}
 
 	{{$commitLink:= printf "%s/commit/%s" .RepoLink (PathEscape .LatestCommit.ID.String)}}
-	<span class="grey commit-summary" title="{{.LatestCommit.Summary}}"><span class="message-wrapper">{{ctx.RenderUtils.RenderCommitMessageLinkSubject .LatestCommit.Message $commitLink ($.Repository.ComposeMetas ctx)}}</span>
+	<span class="grey commit-summary" title="{{.LatestCommit.Summary}}"><span class="message-wrapper">{{ctx.RenderUtils.RenderCommitMessageLinkSubject .LatestCommit.Message $commitLink $.Repository}}</span>
 		{{if IsMultilineCommitMessage .LatestCommit.Message}}
 			<button class="ui button ellipsis-button" aria-expanded="false" data-global-click="onRepoEllipsisButtonClick">...</button>
-			<pre class="commit-body tw-hidden">{{ctx.RenderUtils.RenderCommitBody .LatestCommit.Message ($.Repository.ComposeMetas ctx)}}</pre>
+			<pre class="commit-body tw-hidden">{{ctx.RenderUtils.RenderCommitBody .LatestCommit.Message $.Repository}}</pre>
 		{{end}}
 	</span>
 {{end}}
diff --git a/templates/repo/migrate/codebase.tmpl b/templates/repo/migrate/codebase.tmpl
index d4ca269f02..f4de8ff236 100644
--- a/templates/repo/migrate/codebase.tmpl
+++ b/templates/repo/migrate/codebase.tmpl
@@ -60,22 +60,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/codecommit.tmpl b/templates/repo/migrate/codecommit.tmpl
index 53ca7dda3d..275a2aef09 100644
--- a/templates/repo/migrate/codecommit.tmpl
+++ b/templates/repo/migrate/codecommit.tmpl
@@ -61,22 +61,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/git.tmpl b/templates/repo/migrate/git.tmpl
index 3f447f76eb..41139d4fd6 100644
--- a/templates/repo/migrate/git.tmpl
+++ b/templates/repo/migrate/git.tmpl
@@ -34,22 +34,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar .}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/gitbucket.tmpl b/templates/repo/migrate/gitbucket.tmpl
index 559988951b..c89aa6c744 100644
--- a/templates/repo/migrate/gitbucket.tmpl
+++ b/templates/repo/migrate/gitbucket.tmpl
@@ -76,22 +76,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/gitea.tmpl b/templates/repo/migrate/gitea.tmpl
index 3d692129d5..55cf61a77f 100644
--- a/templates/repo/migrate/gitea.tmpl
+++ b/templates/repo/migrate/gitea.tmpl
@@ -72,22 +72,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-							<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+							<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 								{{ctx.AvatarUtils.Avatar .}}
-								<span class="truncated-item-name">{{.ShortName 40}}</span>
+								{{.ShortName 40}}
 							</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/github.tmpl b/templates/repo/migrate/github.tmpl
index 850a2b3c71..86b585b861 100644
--- a/templates/repo/migrate/github.tmpl
+++ b/templates/repo/migrate/github.tmpl
@@ -74,22 +74,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/gitlab.tmpl b/templates/repo/migrate/gitlab.tmpl
index 9bafa122f1..edd69f0027 100644
--- a/templates/repo/migrate/gitlab.tmpl
+++ b/templates/repo/migrate/gitlab.tmpl
@@ -71,22 +71,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/gogs.tmpl b/templates/repo/migrate/gogs.tmpl
index 0495ce67fb..9149c43239 100644
--- a/templates/repo/migrate/gogs.tmpl
+++ b/templates/repo/migrate/gogs.tmpl
@@ -74,22 +74,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-							<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+							<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 								{{ctx.AvatarUtils.Avatar .}}
-								<span class="truncated-item-name">{{.ShortName 40}}</span>
+								{{.ShortName 40}}
 							</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/migrate/migrate.tmpl b/templates/repo/migrate/migrate.tmpl
index c5c697edff..79ac5cc8a1 100644
--- a/templates/repo/migrate/migrate.tmpl
+++ b/templates/repo/migrate/migrate.tmpl
@@ -19,7 +19,7 @@
 							<div class="header tw-text-center">
 								{{.Title}}
 							</div>
-							<div class="description tw-text-center">
+							<div class="description tw-text-center tw-text-balance">
 								{{ctx.Locale.Tr (printf "repo.migrate.%s.description" .Name)}}
 							</div>
 						</div>
diff --git a/templates/repo/migrate/migrating.tmpl b/templates/repo/migrate/migrating.tmpl
index 8b83816b9b..e73e3a9790 100644
--- a/templates/repo/migrate/migrating.tmpl
+++ b/templates/repo/migrate/migrating.tmpl
@@ -9,12 +9,12 @@
 					<div class="ui stackable middle very relaxed page grid">
 						<div id="repo_migrating" class="sixteen wide tw-text-center centered column" data-migrating-repo-link="{{.Link}}">
 							<div>
-								<img src="{{AssetUrlPrefix}}/img/loading.png">
+								<img alt src="{{AssetUrlPrefix}}/img/loading.png">
 							</div>
 						</div>
 						<div id="repo_migrating_failed_image" class="sixteen wide tw-text-center centered column tw-hidden">
 							<div>
-								<img src="{{AssetUrlPrefix}}/img/failed.png">
+								<img alt src="{{AssetUrlPrefix}}/img/failed.png">
 							</div>
 						</div>
 					</div>
diff --git a/templates/repo/migrate/onedev.tmpl b/templates/repo/migrate/onedev.tmpl
index 55945154ef..a25ccf9438 100644
--- a/templates/repo/migrate/onedev.tmpl
+++ b/templates/repo/migrate/onedev.tmpl
@@ -61,22 +61,22 @@
 
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu" title="{{.SignedUser.Name}}">
-							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+							<div class="item" data-value="{{.SignedUser.ID}}">
 								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								{{.SignedUser.ShortName 40}}
 							</div>
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
diff --git a/templates/repo/navbar.tmpl b/templates/repo/navbar.tmpl
index b2471dc17e..e004c5254b 100644
--- a/templates/repo/navbar.tmpl
+++ b/templates/repo/navbar.tmpl
@@ -1,14 +1,19 @@
+{{$canReadCode := $.Permission.CanRead ctx.Consts.RepoUnitTypeCode}}
+
 <div class="ui fluid vertical menu">
+	{{/* the default activity page "pulse" could work with any permission: code, issue, pr, release*/}}
 	<a class="{{if .PageIsPulse}}active {{end}}item" href="{{.RepoLink}}/activity">
 		{{ctx.Locale.Tr "repo.activity.navbar.pulse"}}
 	</a>
-	<a class="{{if .PageIsContributors}}active {{end}}item" href="{{.RepoLink}}/activity/contributors">
-		{{ctx.Locale.Tr "repo.activity.navbar.contributors"}}
-	</a>
-	<a class="{{if .PageIsCodeFrequency}}active{{end}} item" href="{{.RepoLink}}/activity/code-frequency">
-		{{ctx.Locale.Tr "repo.activity.navbar.code_frequency"}}
-	</a>
-	<a class="{{if .PageIsRecentCommits}}active{{end}} item" href="{{.RepoLink}}/activity/recent-commits">
-		{{ctx.Locale.Tr "repo.activity.navbar.recent_commits"}}
-	</a>
+	{{if $canReadCode}}
+		<a class="{{if .PageIsContributors}}active {{end}}item" href="{{.RepoLink}}/activity/contributors">
+			{{ctx.Locale.Tr "repo.activity.navbar.contributors"}}
+		</a>
+		<a class="{{if .PageIsCodeFrequency}}active{{end}} item" href="{{.RepoLink}}/activity/code-frequency">
+			{{ctx.Locale.Tr "repo.activity.navbar.code_frequency"}}
+		</a>
+		<a class="{{if .PageIsRecentCommits}}active{{end}} item" href="{{.RepoLink}}/activity/recent-commits">
+			{{ctx.Locale.Tr "repo.activity.navbar.recent_commits"}}
+		</a>
+	{{end}}
 </div>
diff --git a/templates/repo/projects/view.tmpl b/templates/repo/projects/view.tmpl
index 05ad7264bf..1acaaf8b4b 100644
--- a/templates/repo/projects/view.tmpl
+++ b/templates/repo/projects/view.tmpl
@@ -2,14 +2,13 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository projects view-project">
 	{{template "repo/header" .}}
 	<div class="ui container padded">
-		<div class="tw-flex tw-justify-between tw-items-center tw-mb-4">
-			{{template "repo/issue/navbar" .}}
+		<div class="flex-text-block tw-justify-end tw-mb-4">
+			<a class="ui small button" href="{{.RepoLink}}/labels">{{ctx.Locale.Tr "repo.labels"}}</a>
+			<a class="ui small button" href="{{.RepoLink}}/milestones">{{ctx.Locale.Tr "repo.milestones"}}</a>
 			<a class="ui small primary button" href="{{.RepoLink}}/issues/new/choose?project={{.Project.ID}}">{{ctx.Locale.Tr "repo.issues.new"}}</a>
 		</div>
 	</div>
-	<div class="ui container fluid padded">
-		{{template "projects/view" .}}
-	</div>
+	{{template "projects/view" .}}
 </div>
 
 {{template "base/footer" .}}
diff --git a/templates/repo/pulls/fork.tmpl b/templates/repo/pulls/fork.tmpl
index 879e5328f2..0d775ed6a0 100644
--- a/templates/repo/pulls/fork.tmpl
+++ b/templates/repo/pulls/fork.tmpl
@@ -6,28 +6,28 @@
 		</h3>
 		<div class="ui attached segment">
 			{{template "base/alert" .}}
-			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+			<form class="ui form form-fetch-action left-right-form" action="{{.Link}}" method="post">
 				{{.CsrfTokenHtml}}
 				<div class="inline required field {{if .Err_Owner}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-					<div class="ui selection owner dropdown">
+					<div class="ui selection owner dropdown ellipsis-text-items">
 						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+						<span class="text" title="{{.ContextUser.Name}}">
 							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+							{{.ContextUser.ShortName 40}}
 						</span>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
 							{{if .CanForkToUser}}
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
+								<div class="item" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
 									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+									{{.SignedUser.ShortName 40}}
 								</div>
 							{{end}}
 							{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								<div class="item" data-value="{{.ID}}" title="{{.Name}}">
 									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
+									{{.ShortName 40}}
 								</div>
 							{{end}}
 						</div>
@@ -52,10 +52,10 @@
 				</div>
 				<div class="inline field">
 					<label>{{ctx.Locale.Tr "repo.fork_branch"}}</label>
-					<div class="ui selection dropdown ellipsis-items-nowrap">
+					<div class="ui selection dropdown ellipsis-text-items">
 						<input type="hidden" id="fork_single_branch" name="fork_single_branch" value="" required>
 						<div class="text" title="{{ctx.Locale.Tr "repo.all_branches"}}">
-							<span class="truncated-item-name">{{ctx.Locale.Tr "repo.all_branches"}}</span>
+							{{ctx.Locale.Tr "repo.all_branches"}}
 						</div>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
@@ -75,7 +75,7 @@
 
 				<div class="inline field">
 					<label></label>
-					<button class="ui primary button{{if not .CanForkRepo}} disabled{{end}}">
+					<button class="ui primary button{{if not .CanForkRepoInNewOwner}} disabled{{end}}">
 						{{ctx.Locale.Tr "repo.fork_repo"}}
 					</button>
 				</div>
diff --git a/templates/repo/pulse.tmpl b/templates/repo/pulse.tmpl
index 12fbb85410..cbafee9ba9 100644
--- a/templates/repo/pulse.tmpl
+++ b/templates/repo/pulse.tmpl
@@ -1,12 +1,12 @@
 <h2 class="ui header activity-header">
 	<span>{{DateUtils.AbsoluteLong .DateFrom}} - {{DateUtils.AbsoluteLong .DateUntil}}</span>
 	<!-- Period -->
-	<div class="ui floating dropdown jump filter">
+	<div class="ui floating dropdown jump">
 		<div class="ui basic compact button">
 			{{ctx.Locale.Tr "repo.activity.period.filter_label"}} <strong>{{.PeriodText}}</strong>
 			{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 		</div>
-		<div class="menu">
+		<div class="left menu">
 			<a class="{{if eq .Period "daily"}}active {{end}}item" href="{{$.RepoLink}}/activity/daily">{{ctx.Locale.Tr "repo.activity.period.daily"}}</a>
 			<a class="{{if eq .Period "halfweekly"}}active {{end}}item" href="{{$.RepoLink}}/activity/halfweekly">{{ctx.Locale.Tr "repo.activity.period.halfweekly"}}</a>
 			<a class="{{if eq .Period "weekly"}}active {{end}}item" href="{{$.RepoLink}}/activity/weekly">{{ctx.Locale.Tr "repo.activity.period.weekly"}}</a>
diff --git a/templates/repo/release/list.tmpl b/templates/repo/release/list.tmpl
index 432c3309ce..882ffe40b7 100644
--- a/templates/repo/release/list.tmpl
+++ b/templates/repo/release/list.tmpl
@@ -50,7 +50,11 @@
 								{{svg (MigrationIcon $release.Repo.GetOriginalURLHostname) 20 "tw-mr-1"}}{{$release.OriginalAuthor}}
 							{{else if $release.Publisher}}
 								{{ctx.AvatarUtils.Avatar $release.Publisher 20 "tw-mr-1"}}
-								<a href="{{$release.Publisher.HomeLink}}">{{$release.Publisher.GetDisplayName}}</a>
+								{{if gt $release.PublisherID 0}}
+									<a href="{{$release.Publisher.HomeLink}}">{{$release.Publisher.GetDisplayName}}</a>
+								{{else}}
+									{{$release.Publisher.GetDisplayName}}
+								{{end}}
 							{{else}}
 								Ghost
 							{{end}}
@@ -61,7 +65,7 @@
 							{{if $release.CreatedUnix}}
 								<span class="time">{{DateUtils.TimeSince $release.CreatedUnix}}</span>
 							{{end}}
-							{{if and (not $release.IsDraft) ($.Permission.CanRead ctx.Consts.RepoUnitTypeCode)}}
+							{{if and (gt $release.NumCommits 0) (not $release.IsDraft) ($.Permission.CanRead ctx.Consts.RepoUnitTypeCode)}}
 								| <span class="ahead"><a href="{{$.RepoLink}}/compare/{{$release.TagName | PathEscapeSegments}}...{{$release.TargetBehind | PathEscapeSegments}}">{{ctx.Locale.Tr "repo.release.ahead.commits" $release.NumCommitsBehind}}</a> {{ctx.Locale.Tr "repo.release.ahead.target" $release.TargetBehind}}</span>
 							{{end}}
 						</p>
@@ -73,25 +77,31 @@
 							<summary>
 								{{ctx.Locale.Tr "repo.release.downloads"}}
 							</summary>
-							<ul class="list">
+							<ul class="ui divided list attachment-list">
 								{{if and (not $.DisableDownloadSourceArchives) (not $release.IsDraft) ($.Permission.CanRead ctx.Consts.RepoUnitTypeCode)}}
-									<li>
-										<a class="archive-link" href="{{$.RepoLink}}/archive/{{$release.TagName | PathEscapeSegments}}.zip" rel="nofollow"><strong>{{svg "octicon-file-zip" 16 "download-icon"}}{{ctx.Locale.Tr "repo.release.source_code"}} (ZIP)</strong></a>
+									<li class="item">
+										<a class="archive-link" download href="{{$.RepoLink}}/archive/{{$release.TagName | PathEscapeSegments}}.zip" rel="nofollow">
+											<strong class="flex-text-inline">{{svg "octicon-file-zip" 16 "download-icon"}}{{ctx.Locale.Tr "repo.release.source_code"}} (ZIP)</strong>
+										</a>
 									</li>
-									<li>
-										<a class="archive-link" href="{{$.RepoLink}}/archive/{{$release.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow"><strong>{{svg "octicon-file-zip" 16 "download-icon"}}{{ctx.Locale.Tr "repo.release.source_code"}} (TAR.GZ)</strong></a>
+									<li class="item">
+										<a class="archive-link" download href="{{$.RepoLink}}/archive/{{$release.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">
+											<strong class="flex-text-inline">{{svg "octicon-file-zip" 16 "download-icon"}}{{ctx.Locale.Tr "repo.release.source_code"}} (TAR.GZ)</strong>
+										</a>
 									</li>
 								{{end}}
-								{{range $release.Attachments}}
-									<li>
-										<a target="_blank" rel="nofollow" href="{{.DownloadURL}}" download>
-											<strong>{{svg "octicon-package" 16 "download-icon"}}{{.Name}}</strong>
+								{{range $att := $release.Attachments}}
+									<li class="item">
+										<a target="_blank" class="tw-flex-1 gt-ellipsis" rel="nofollow" download href="{{$att.DownloadURL}}">
+											<strong class="flex-text-inline">{{svg "octicon-package" 16 "download-icon"}}<span class="gt-ellipsis">{{$att.Name}}</span></strong>
 										</a>
-										<div>
-											<span class="text grey">{{.Size | FileSize}}</span>
-											<span data-tooltip-content="{{ctx.Locale.Tr "repo.release.download_count" (ctx.Locale.PrettyNumber .DownloadCount)}}">
+										<div class="attachment-right-info flex-text-inline">
+											<span class="tw-pl-5">{{$att.Size | FileSize}}</span>
+											<span class="flex-text-inline" data-tooltip-content="{{ctx.Locale.Tr "repo.release.download_count" (ctx.Locale.PrettyNumber $att.DownloadCount)}}">
 												{{svg "octicon-info"}}
 											</span>
+											<div class="tw-flex-1"></div>
+											{{DateUtils.TimeSince $att.CreatedUnix}}
 										</div>
 									</li>
 								{{end}}
diff --git a/templates/repo/release/new.tmpl b/templates/repo/release/new.tmpl
index 8b6aa252af..109a18fa0e 100644
--- a/templates/repo/release/new.tmpl
+++ b/templates/repo/release/new.tmpl
@@ -100,12 +100,12 @@
 					</div>
 					<span class="help">{{ctx.Locale.Tr "repo.release.prerelease_helper"}}</span>
 					<div class="divider tw-mt-0"></div>
-					<div class="tw-flex tw-justify-end">
+					<div class="flex-text-block tw-justify-end">
 						{{if .PageIsEditRelease}}
 							<a class="ui small button" href="{{.RepoLink}}/releases">
 								{{ctx.Locale.Tr "repo.release.cancel"}}
 							</a>
-							<a class="ui small red button delete-button" data-url="{{$.RepoLink}}/releases/delete" data-id="{{.ID}}">
+							<a class="ui small red button link-action" data-modal-confirm="#repo-release-delete-modal" data-url="{{$.RepoLink}}/releases/delete?id={{.ID}}">
 								{{ctx.Locale.Tr "repo.release.delete_release"}}
 							</a>
 							{{if .IsDraft}}
@@ -129,15 +129,11 @@
 </div>
 
 {{if .PageIsEditRelease}}
-	<div class="ui g-modal-confirm delete modal">
-		<div class="header">
-			{{svg "octicon-trash"}}
-			{{ctx.Locale.Tr "repo.release.deletion"}}
-		</div>
-		<div class="content">
-			<p>{{ctx.Locale.Tr "repo.release.deletion_desc"}}</p>
-		</div>
+	<div class="ui small modal" id="repo-release-delete-modal">
+		<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.release.deletion"}}</div>
+		<div class="content"><p>{{ctx.Locale.Tr "repo.release.deletion_desc"}}</p></div>
 		{{template "base/modal_actions_confirm" .}}
 	</div>
 {{end}}
+
 {{template "base/footer" .}}
diff --git a/templates/repo/release_tag_header.tmpl b/templates/repo/release_tag_header.tmpl
index fb17cf44c4..12acf4bfeb 100644
--- a/templates/repo/release_tag_header.tmpl
+++ b/templates/repo/release_tag_header.tmpl
@@ -2,7 +2,7 @@
 {{$canReadCode := $.Permission.CanRead ctx.Consts.RepoUnitTypeCode}}
 
 {{if $canReadReleases}}
-	<div class="tw-flex">
+	<div class="flex-text-block">
 		<div class="tw-flex-1 tw-flex tw-items-center">
 			<h2 class="ui compact small menu small-menu-items">
 				<a class="{{if and .PageIsReleaseList (not .PageIsSingleTag)}}active {{end}}item" href="{{.RepoLink}}/releases">{{ctx.Locale.PrettyNumber .NumReleases}} {{ctx.Locale.TrN .NumReleases "repo.release" "repo.releases"}}</a>
diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl
index ef4732540b..e8e7a3f1c2 100644
--- a/templates/repo/settings/branches.tmpl
+++ b/templates/repo/settings/branches.tmpl
@@ -49,8 +49,8 @@
 								</div>
 							</div>
 							<div class="flex-item-trailing">
-								<a class="rm ui tiny button" href="{{$.Repository.Link}}/settings/branches/edit?rule_name={{.RuleName}}">{{ctx.Locale.Tr "repo.settings.edit_protected_branch"}}</a>
-								<button class="ui red tiny button delete-button" data-url="{{$.Repository.Link}}/settings/branches/{{.ID}}/delete" data-id="{{.ID}}">
+								<a class="ui tiny button" href="{{$.Repository.Link}}/settings/branches/edit?rule_name={{.RuleName}}">{{ctx.Locale.Tr "repo.settings.edit_protected_branch"}}</a>
+								<button class="ui red tiny button link-action" data-modal-confirm="#repo-branch-protection-delete-modal" data-url="{{$.Repository.Link}}/settings/branches/{{.ID}}/delete?id={{.ID}}">
 									{{ctx.Locale.Tr "repo.settings.protected_branch.delete_rule"}}
 								</button>
 							</div>
@@ -65,14 +65,9 @@
 		{{end}}
 	</div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.settings.protected_branch_deletion"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.settings.protected_branch_deletion_desc"}}</p>
-	</div>
+<div class="ui small modal" id="repo-branch-protection-delete-modal">
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.settings.protected_branch_deletion"}}</div>
+	<div class="content"><p>{{ctx.Locale.Tr "repo.settings.protected_branch_deletion_desc"}}</p></div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
 
diff --git a/templates/repo/settings/collaboration.tmpl b/templates/repo/settings/collaboration.tmpl
index 4461398258..62903e1cfb 100644
--- a/templates/repo/settings/collaboration.tmpl
+++ b/templates/repo/settings/collaboration.tmpl
@@ -29,7 +29,7 @@
 									</div>
 								</div>
 							</div>
-							<button class="ui red tiny button inline delete-button" data-url="{{$.Link}}/delete" data-id="{{.ID}}">
+							<button class="ui red tiny button link-action" data-modal-confirm="#repo-collaborator-delete-modal" data-url="{{$.Link}}/delete?id={{.ID}}">
 								{{ctx.Locale.Tr "repo.settings.delete_collaborator"}}
 							</button>
 						</div>
@@ -63,19 +63,39 @@
 									{{.Name}}
 								</a>
 								<div class="flex-item-body flex-text-block">
+									{{/*FIXME: TEAM-UNIT-PERMISSION this display is not right, search the fixme keyword to see more details */}}
 									{{svg "octicon-shield-lock"}}
-									{{if eq .AccessMode 1}}{{ctx.Locale.Tr "repo.settings.collaboration.read"}}{{else if eq .AccessMode 2}}{{ctx.Locale.Tr "repo.settings.collaboration.write"}}{{else if eq .AccessMode 3}}{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}{{else if eq .AccessMode 4}}{{ctx.Locale.Tr "repo.settings.collaboration.owner"}}{{else}}{{ctx.Locale.Tr "repo.settings.collaboration.undefined"}}{{end}}
+									{{if eq .AccessMode 0}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.per_unit"}}
+									{{else if eq .AccessMode 1}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.read"}}
+									{{else if eq .AccessMode 2}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.write"}}
+									{{else if eq .AccessMode 3}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}
+									{{else if eq .AccessMode 4}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.owner"}}
+									{{else}}
+										{{ctx.Locale.Tr "repo.settings.collaboration.undefined"}}
+									{{end}}
 								</div>
-								{{if or (eq .AccessMode 1) (eq .AccessMode 2)}}
+								{{if or (eq .AccessMode 0) (eq .AccessMode 1) (eq .AccessMode 2)}}
 									{{$first := true}}
 									<div class="flex-item-body" data-tooltip-content="{{ctx.Locale.Tr "repo.settings.change_team_permission_tip"}}">
-										Sections: {{range $u, $unit := $.Units}}{{if and ($.Repo.UnitEnabled ctx $unit.Type) ($team.UnitEnabled ctx $unit.Type)}}{{if $first}}{{$first = false}}{{else}}, {{end}}{{ctx.Locale.Tr $unit.NameKey}}{{end}}{{end}} {{if $first}}None{{end}}
+										Units:
+										{{range $u, $unit := $.Units}}
+											{{- if and ($.Repo.UnitEnabled ctx $unit.Type) ($team.UnitEnabled ctx $unit.Type) -}}
+												{{- Iif $first "" ", "}}{{ctx.Locale.Tr $unit.NameKey -}}
+												{{- $first = false -}}
+											{{- end -}}
+										{{end}}
+										{{if $first}}None{{end}}
 									</div>
 								{{end}}
 							</div>
 							{{if $allowedToChangeTeams}}
 								<div class="flex-item-trailing" {{if .IncludesAllRepositories}} data-tooltip-content="{{ctx.Locale.Tr "repo.settings.delete_team_tip"}}"{{end}}>
-									<button class="ui red tiny button inline delete-button {{if .IncludesAllRepositories}}disabled{{end}}" data-url="{{$.Link}}/team/delete" data-id="{{.ID}}">
+									<button class="ui red tiny button link-action {{if .IncludesAllRepositories}}disabled{{end}}" data-modal-confirm="#repo-collaborator-delete-modal" data-url="{{$.Link}}/team/delete?id={{.ID}}">
 											{{ctx.Locale.Tr "repo.settings.delete_collaborator"}}
 									</button>
 								</div>
@@ -90,7 +110,7 @@
 					<form class="ui form" id="repo-collab-team-form" action="{{.Link}}/team" method="post">
 						{{.CsrfTokenHtml}}
 						<div id="search-team-box" class="ui search input tw-align-middle" data-org-name="{{.OrgName}}">
-							<input class="prompt" name="team" placeholder="{{ctx.Locale.Tr "search.team_kind"}}" autocomplete="off" autofocus required>
+							<input class="prompt" name="team" placeholder="{{ctx.Locale.Tr "search.team_kind"}}" autocomplete="off" required>
 						</div>
 						<button class="ui primary button">{{ctx.Locale.Tr "repo.settings.add_team"}}</button>
 					</form>
@@ -103,14 +123,9 @@
 		{{end}}
 	</div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.settings.collaborator_deletion"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.settings.collaborator_deletion_desc"}}</p>
-	</div>
+<div class="ui small modal" id="repo-collaborator-delete-modal">
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.settings.collaborator_deletion"}}</div>
+	<div class="content"><p>{{ctx.Locale.Tr "repo.settings.collaborator_deletion_desc"}}</p></div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
 
diff --git a/templates/repo/settings/deploy_keys.tmpl b/templates/repo/settings/deploy_keys.tmpl
index 5eb2a47e5a..b82d584b22 100644
--- a/templates/repo/settings/deploy_keys.tmpl
+++ b/templates/repo/settings/deploy_keys.tmpl
@@ -59,7 +59,7 @@
 								</div>
 							</div>
 							<div class="flex-item-trailing">
-								<button class="ui red tiny button delete-button" data-url="{{$.Link}}/delete" data-id="{{.ID}}">
+								<button class="ui red tiny button link-action" data-modal-confirm="#repo-deploy-key-delete-modal" data-url="{{$.Link}}/delete?id={{.ID}}">
 									{{ctx.Locale.Tr "settings.delete_key"}}
 								</button>
 							</div>
@@ -72,14 +72,9 @@
 		</div>
 	</div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.settings.deploy_key_deletion"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.settings.deploy_key_deletion_desc"}}</p>
-	</div>
+<div class="ui small modal" id="repo-deploy-key-delete-modal">
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.settings.deploy_key_deletion"}}</div>
+	<div class="content"><p>{{ctx.Locale.Tr "repo.settings.deploy_key_deletion_desc"}}</p></div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
 
diff --git a/templates/repo/settings/githooks.tmpl b/templates/repo/settings/githooks.tmpl
index 1a603f9fe8..9b17af1406 100644
--- a/templates/repo/settings/githooks.tmpl
+++ b/templates/repo/settings/githooks.tmpl
@@ -4,18 +4,14 @@
 			{{ctx.Locale.Tr "repo.settings.githooks"}}
 		</h4>
 		<div class="ui attached segment">
-			<div class="ui list">
+			<div class="ui list flex-items-block">
+				<div class="item"><span>{{ctx.Locale.Tr "repo.settings.githooks_desc"}}</span></div>
+				{{range .Hooks}}
 				<div class="item">
-					{{ctx.Locale.Tr "repo.settings.githooks_desc"}}
+					<span class="text {{if .IsActive}}green{{else}}grey{{end}}">{{svg "octicon-dot-fill" 22}}</span>
+					<span class="gt-ellipsis tw-flex-1">{{.Name}}</span>
+					<a class="muted tw-p-2" href="{{$.RepoLink}}/settings/hooks/git/{{.Name|PathEscape}}">{{svg "octicon-pencil"}}</a>
 				</div>
-				{{range .Hooks}}
-					<div class="item truncated-item-container">
-						<span class="text {{if .IsActive}}green{{else}}grey{{end}} tw-mr-2">{{svg "octicon-dot-fill" 22}}</span>
-						<span class="text truncate tw-flex-1 tw-mr-2">{{.Name}}</span>
-						<a class="muted tw-float-right tw-p-2" href="{{$.RepoLink}}/settings/hooks/git/{{.Name|PathEscape}}">
-							{{svg "octicon-pencil"}}
-						</a>
-					</div>
 				{{end}}
 			</div>
 		</div>
diff --git a/templates/repo/settings/lfs_file.tmpl b/templates/repo/settings/lfs_file.tmpl
index 9f72d764ae..cd1b168401 100644
--- a/templates/repo/settings/lfs_file.tmpl
+++ b/templates/repo/settings/lfs_file.tmpl
@@ -21,7 +21,7 @@
 					{{else if not .IsTextFile}}
 						<div class="view-raw">
 							{{if .IsImageFile}}
-								<img src="{{$.RawFileLink}}">
+								<img loading="lazy" alt="{{$.RawFileLink}}" src="{{$.RawFileLink}}">
 							{{else if .IsVideoFile}}
 								<video controls src="{{$.RawFileLink}}">
 									<strong>{{ctx.Locale.Tr "repo.video_not_supported_in_browser"}}</strong>
@@ -30,8 +30,6 @@
 								<audio controls src="{{$.RawFileLink}}">
 									<strong>{{ctx.Locale.Tr "repo.audio_not_supported_in_browser"}}</strong>
 								</audio>
-							{{else if .IsPDFFile}}
-								<div class="pdf-content is-loading" data-global-init="initPdfViewer" data-src="{{$.RawFileLink}}" data-fallback-button-text="{{ctx.Locale.Tr "diff.view_file"}}"></div>
 							{{else}}
 								<a href="{{$.RawFileLink}}" rel="nofollow" class="tw-p-4">{{ctx.Locale.Tr "repo.file_view_raw"}}</a>
 							{{end}}
diff --git a/templates/repo/settings/navbar.tmpl b/templates/repo/settings/navbar.tmpl
index 3e127ccbb3..3dd86d1f6a 100644
--- a/templates/repo/settings/navbar.tmpl
+++ b/templates/repo/settings/navbar.tmpl
@@ -4,6 +4,11 @@
 		<a class="{{if .PageIsSettingsOptions}}active {{end}}item" href="{{.RepoLink}}/settings">
 			{{ctx.Locale.Tr "repo.settings.options"}}
 		</a>
+		{{if or .Repository.IsPrivate .Permission.HasAnyUnitPublicAccess}}
+		<a class="{{if .PageIsSettingsPublicAccess}}active {{end}}item" href="{{.RepoLink}}/settings/public_access">
+			{{ctx.Locale.Tr "repo.settings.public_access"}}
+		</a>
+		{{end}}
 		<a class="{{if .PageIsSettingsCollaboration}}active {{end}}item" href="{{.RepoLink}}/settings/collaboration">
 			{{ctx.Locale.Tr "repo.settings.collaboration"}}
 		</a>
diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl
index aade734a1d..fc42056e0a 100644
--- a/templates/repo/settings/options.tmpl
+++ b/templates/repo/settings/options.tmpl
@@ -10,7 +10,7 @@
 				<input type="hidden" name="action" value="update">
 				<div class="required field {{if .Err_RepoName}}error{{end}}">
 					<label>{{ctx.Locale.Tr "repo.repo_name"}}</label>
-					<input name="repo_name" value="{{.Repository.Name}}" data-repo-name="{{.Repository.Name}}" autofocus required>
+					<input name="repo_name" value="{{.Repository.Name}}" data-repo-name="{{.Repository.Name}}" required>
 				</div>
 				<div class="inline field">
 					<label>{{ctx.Locale.Tr "repo.repo_size"}}</label>
@@ -310,15 +310,6 @@
 						<input class="enable-system" name="enable_code" type="checkbox"{{if $isCodeEnabled}} checked{{end}}>
 						<label>{{ctx.Locale.Tr "repo.code.desc"}}</label>
 					</div>
-					<div class="inline field tw-pl-4">
-						{{$unitCode := .Repository.MustGetUnit ctx ctx.Consts.RepoUnitTypeCode}}
-						<label>{{ctx.Locale.Tr "repo.settings.default_permission_everyone_access"}}</label>
-						<select name="default_code_everyone_access" class="ui selection dropdown">
-							{{/* everyone access mode is different from others, none means it is unset and won't be applied */}}
-							<option value="none" {{Iif (eq $unitCode.EveryoneAccessMode 0) "selected"}}>{{ctx.Locale.Tr "settings.permission_not_set"}}</option>
-							<option value="read" {{Iif (eq $unitCode.EveryoneAccessMode 1) "selected"}}>{{ctx.Locale.Tr "settings.permission_read"}}</option>
-						</select>
-					</div>
 				</div>
 
 				{{$isInternalWikiEnabled := .Repository.UnitEnabled ctx ctx.Consts.RepoUnitTypeWiki}}
@@ -346,16 +337,6 @@
 							<label>{{ctx.Locale.Tr "repo.settings.default_wiki_branch_name"}}</label>
 							<input name="default_wiki_branch" value="{{.Repository.DefaultWikiBranch}}">
 						</div>
-						<div class="inline field">
-							{{$unitInternalWiki := .Repository.MustGetUnit ctx ctx.Consts.RepoUnitTypeWiki}}
-							<label>{{ctx.Locale.Tr "repo.settings.default_permission_everyone_access"}}</label>
-							<select name="default_wiki_everyone_access" class="ui selection dropdown">
-								{{/* everyone access mode is different from others, none means it is unset and won't be applied */}}
-								<option value="none" {{Iif (eq $unitInternalWiki.EveryoneAccessMode 0) "selected"}}>{{ctx.Locale.Tr "settings.permission_not_set"}}</option>
-								<option value="read" {{Iif (eq $unitInternalWiki.EveryoneAccessMode 1) "selected"}}>{{ctx.Locale.Tr "settings.permission_read"}}</option>
-								<option value="write" {{Iif (eq $unitInternalWiki.EveryoneAccessMode 2) "selected"}}>{{ctx.Locale.Tr "settings.permission_write"}}</option>
-							</select>
-						</div>
 					</div>
 					<div class="field">
 						<div class="ui radio checkbox{{if $isExternalWikiGlobalDisabled}} disabled{{end}}"{{if $isExternalWikiGlobalDisabled}} data-tooltip-content="{{ctx.Locale.Tr "repo.unit_disabled"}}"{{end}}>
@@ -391,15 +372,6 @@
 						</div>
 					</div>
 					<div class="field tw-pl-4 {{if (.Repository.UnitEnabled ctx ctx.Consts.RepoUnitTypeExternalTracker)}}disabled{{end}}" id="internal_issue_box">
-						<div class="inline field">
-							{{$unitIssue := .Repository.MustGetUnit ctx ctx.Consts.RepoUnitTypeIssues}}
-							<label>{{ctx.Locale.Tr "repo.settings.default_permission_everyone_access"}}</label>
-							<select name="default_issues_everyone_access" class="ui selection dropdown">
-								{{/* everyone access mode is different from others, none means it is unset and won't be applied */}}
-								<option value="none" {{Iif (eq $unitIssue.EveryoneAccessMode 0) "selected"}}>{{ctx.Locale.Tr "settings.permission_not_set"}}</option>
-								<option value="read" {{Iif (eq $unitIssue.EveryoneAccessMode 1) "selected"}}>{{ctx.Locale.Tr "settings.permission_read"}}</option>
-							</select>
-						</div>
 						{{if .Repository.CanEnableTimetracker}}
 							<div class="field">
 								<div class="ui checkbox">
@@ -830,7 +802,7 @@
 						</div>
 					</div>
 				{{end}}
-				{{if and .Repository.IsFork .Repository.Owner.CanCreateRepo}}
+				{{if .CanConvertFork}}
 					<div class="flex-item">
 						<div class="flex-item-main">
 							<div class="flex-item-title">{{ctx.Locale.Tr "repo.settings.convert_fork"}}</div>
@@ -944,7 +916,7 @@
 			</div>
 		</div>
 	{{end}}
-	{{if and .Repository.IsFork .Repository.Owner.CanCreateRepo}}
+	{{if .CanConvertFork}}
 		<div class="ui small modal" id="convert-fork-repo-modal">
 			<div class="header">
 				{{ctx.Locale.Tr "repo.settings.convert_fork"}}
diff --git a/templates/repo/settings/protected_branch.tmpl b/templates/repo/settings/protected_branch.tmpl
index 61cc6077a1..3c311c18c3 100644
--- a/templates/repo/settings/protected_branch.tmpl
+++ b/templates/repo/settings/protected_branch.tmpl
@@ -2,13 +2,17 @@
 	<div class="repo-setting-content">
 		<form class="ui form" action="{{.Link}}" method="post">
 			<h4 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.settings.branch_protection" .Rule.RuleName}}
+				{{if .Rule.RuleName}}
+					{{ctx.Locale.Tr "repo.settings.branch_protection" .Rule.RuleName}}
+				{{else}}
+					{{ctx.Locale.Tr "repo.settings.branches.add_new_rule"}}
+				{{end}}
 			</h4>
 			<div class="ui attached segment branch-protection">
 				<h5 class="ui dividing header">{{ctx.Locale.Tr "repo.settings.protect_patterns"}}</h5>
-				<div class="field">
+				<div class="field required">
 					<label>{{ctx.Locale.Tr "repo.settings.protect_branch_name_pattern"}}</label>
-					<input name="rule_name" type="text" value="{{.Rule.RuleName}}">
+					<input name="rule_name" type="text" value="{{.Rule.RuleName}}" required>
 					<input name="rule_id" type="hidden" value="{{.Rule.ID}}">
 					<p class="help tw-ml-0">{{ctx.Locale.Tr "repo.settings.protect_branch_name_pattern_desc" "https://github.com/gobwas/glob"}}</p>
 				</div>
diff --git a/templates/repo/settings/public_access.tmpl b/templates/repo/settings/public_access.tmpl
new file mode 100644
index 0000000000..c1c198bcce
--- /dev/null
+++ b/templates/repo/settings/public_access.tmpl
@@ -0,0 +1,54 @@
+{{template "repo/settings/layout_head" (dict "ctxData" . "pageClass" "repository settings")}}
+<div class="repo-setting-content">
+	<h4 class="ui top attached header">
+		{{ctx.Locale.Tr "repo.settings.public_access"}}
+	</h4>
+	<div class="ui attached segment">
+		<p>
+			{{ctx.Locale.Tr "repo.settings.public_access_desc"}}
+		</p>
+		{{$paNotSet := "not-set"}}
+		{{$paAnonymousRead := "anonymous-read"}}
+		{{$paEveryoneRead := "everyone-read"}}
+		{{$paEveryoneWrite := "everyone-write"}}
+		<form class="ui form" method="post">
+			{{.CsrfTokenHtml}}
+			<table class="ui table unstackable tw-my-2">
+				<thead>
+					<tr>
+						<th>{{ctx.Locale.Tr "units.unit"}}</th>
+						<th class="tw-text-center">{{ctx.Locale.Tr "settings.permission_not_set"}}</th>
+						<th class="tw-text-center">{{ctx.Locale.Tr "settings.permission_anonymous_read"}}</th>
+						<th class="tw-text-center">{{ctx.Locale.Tr "settings.permission_everyone_read"}}</th>
+						<th class="tw-text-center">{{ctx.Locale.Tr "settings.permission_everyone_write"}}</th>
+					</tr>
+				</thead>
+				<tbody>
+				{{range $ua := .RepoUnitPublicAccesses}}
+					<tr>
+						<td>{{$ua.DisplayName}}</td>
+						<td class="tw-text-center"><label><input type="radio" name="{{$ua.FormKey}}" value="{{$paNotSet}}" {{Iif (eq $paNotSet $ua.UnitPublicAccess) "checked"}}></label></td>
+						<td class="tw-text-center"><label><input type="radio" name="{{$ua.FormKey}}" value="{{$paAnonymousRead}}" {{Iif (eq $paAnonymousRead $ua.UnitPublicAccess) "checked"}}></label></td>
+						<td class="tw-text-center"><label><input type="radio" name="{{$ua.FormKey}}" value="{{$paEveryoneRead}}" {{Iif (eq $paEveryoneRead $ua.UnitPublicAccess) "checked"}}></label></td>
+						<td class="tw-text-center">
+							{{if SliceUtils.Contains $ua.PublicAccessTypes $paEveryoneWrite}}
+								<label><input type="radio" name="{{$ua.FormKey}}" value="{{$paEveryoneWrite}}" {{Iif (eq $paEveryoneWrite $ua.UnitPublicAccess) "checked"}}></label>
+							{{else}}
+								-
+							{{end}}
+						</td>
+					</tr>
+				{{end}}
+				</tbody>
+			</table>
+			<ul class="tw-my-3 tw-pl-5 tw-flex tw-flex-col tw-gap-3">
+				<li>{{ctx.Locale.Tr "repo.settings.public_access.docs.not_set"}}</li>
+				<li>{{ctx.Locale.Tr "repo.settings.public_access.docs.anonymous_read"}}</li>
+				<li>{{ctx.Locale.Tr "repo.settings.public_access.docs.everyone_read"}}</li>
+				<li>{{ctx.Locale.Tr "repo.settings.public_access.docs.everyone_write"}}</li>
+			</ul>
+			<button class="ui primary button {{if .GlobalForcePrivate}}disabled{{end}}">{{ctx.Locale.Tr "repo.settings.update_settings"}}</button>
+		</form>
+	</div>
+</div>
+{{template "repo/settings/layout_footer" .}}
diff --git a/templates/repo/settings/webhook/base.tmpl b/templates/repo/settings/webhook/base.tmpl
index d524722454..39bb7a9fe0 100644
--- a/templates/repo/settings/webhook/base.tmpl
+++ b/templates/repo/settings/webhook/base.tmpl
@@ -1,5 +1,5 @@
 {{template "repo/settings/layout_head" (dict "ctxData" . "pageClass" "repository settings webhooks")}}
 	<div class="repo-setting-content">
-		{{template "repo/settings/webhook/list" .}}
+		{{template "repo/settings/webhook/base_list" .}}
 	</div>
 {{template "repo/settings/layout_footer" .}}
diff --git a/templates/repo/settings/webhook/base_list.tmpl b/templates/repo/settings/webhook/base_list.tmpl
index 36e75a7eb5..a808d4122f 100644
--- a/templates/repo/settings/webhook/base_list.tmpl
+++ b/templates/repo/settings/webhook/base_list.tmpl
@@ -8,18 +8,19 @@
 	</div>
 </h4>
 <div class="ui attached segment">
-	<div class="ui list">
-		<div class="item">
-			{{.Description}}
-		</div>
+	<div class="ui list flex-items-block">
+		<div class="item"><span>{{.Description}}</span></div>
 		{{range .Webhooks}}
-			<div class="item truncated-item-container">
-				<span class="text {{if eq .LastStatus 1}}green{{else if eq .LastStatus 2}}red{{else}}grey{{end}} tw-mr-2">{{svg "octicon-dot-fill" 22}}</span>
-				<div class="text truncate tw-flex-1 tw-mr-2">
+			<div class="item">
+				<span class="text {{if eq .LastStatus 1}}green{{else if eq .LastStatus 2}}red{{else}}grey{{end}}">{{svg "octicon-dot-fill" 22}}</span>
+				<div class="gt-ellipsis tw-flex-1">
 					<a title="{{.URL}}" href="{{$.BaseLink}}/{{.ID}}">{{.URL}}</a>
 				</div>
 				<a class="muted tw-p-2" href="{{$.BaseLink}}/{{.ID}}">{{svg "octicon-pencil"}}</a>
-				<a class="delete-button tw-p-2" data-url="{{$.Link}}/delete" data-id="{{.ID}}">{{svg "octicon-trash"}}</a>
+				<a class="text red tw-p-2 link-action"
+					data-url="{{$.Link}}/delete?id={{.ID}}"
+					data-modal-confirm="{{ctx.Locale.Tr "repo.settings.webhook_deletion_desc"}}"
+				>{{svg "octicon-trash"}}</a>
 			</div>
 		{{end}}
 	</div>
diff --git a/templates/repo/settings/webhook/delete_modal.tmpl b/templates/repo/settings/webhook/delete_modal.tmpl
deleted file mode 100644
index 9955ed3a2f..0000000000
--- a/templates/repo/settings/webhook/delete_modal.tmpl
+++ /dev/null
@@ -1,10 +0,0 @@
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.settings.webhook_deletion"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.settings.webhook_deletion_desc"}}</p>
-	</div>
-	{{template "base/modal_actions_confirm" .}}
-</div>
diff --git a/templates/repo/settings/webhook/dingtalk.tmpl b/templates/repo/settings/webhook/dingtalk.tmpl
index 0ba99e98ee..dd208cde17 100644
--- a/templates/repo/settings/webhook/dingtalk.tmpl
+++ b/templates/repo/settings/webhook/dingtalk.tmpl
@@ -6,6 +6,7 @@
 			<label for="payload_url">{{ctx.Locale.Tr "repo.settings.payload_url"}}</label>
 			<input id="payload_url" name="payload_url" type="url" value="{{.Webhook.URL}}" autofocus required>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/discord.tmpl b/templates/repo/settings/webhook/discord.tmpl
index 104346e042..fa66249fa5 100644
--- a/templates/repo/settings/webhook/discord.tmpl
+++ b/templates/repo/settings/webhook/discord.tmpl
@@ -14,6 +14,7 @@
 			<label for="icon_url">{{ctx.Locale.Tr "repo.settings.discord_icon_url"}}</label>
 			<input id="icon_url" name="icon_url" value="{{.DiscordHook.IconURL}}" placeholder="https://example.com/assets/img/logo.svg">
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/feishu.tmpl b/templates/repo/settings/webhook/feishu.tmpl
index d80deab26f..13bd0d92a1 100644
--- a/templates/repo/settings/webhook/feishu.tmpl
+++ b/templates/repo/settings/webhook/feishu.tmpl
@@ -1,12 +1,14 @@
 {{if eq .HookType "feishu"}}
-	<p>{{ctx.Locale.Tr "repo.settings.add_web_hook_desc" "https://feishu.cn" (ctx.Locale.Tr "repo.settings.web_hook_name_feishu")}}</p>
-	<p>{{ctx.Locale.Tr "repo.settings.add_web_hook_desc" "https://larksuite.com" (ctx.Locale.Tr "repo.settings.web_hook_name_larksuite")}}</p>
+	<p>
+		{{ctx.Locale.Tr "repo.settings.add_web_hook_desc" "https://feishu.cn" (ctx.Locale.Tr "repo.settings.web_hook_name_feishu")}}
+		{{ctx.Locale.Tr "repo.settings.add_web_hook_desc" "https://larksuite.com" (ctx.Locale.Tr "repo.settings.web_hook_name_larksuite")}}
+	</p>
 	<form class="ui form" action="{{.BaseLink}}/feishu/{{or .Webhook.ID "new"}}" method="post">
 		{{.CsrfTokenHtml}}
 		<div class="required field {{if .Err_PayloadURL}}error{{end}}">
 			<label for="payload_url">{{ctx.Locale.Tr "repo.settings.payload_url"}}</label>
 			<input id="payload_url" name="payload_url" type="url" value="{{.Webhook.URL}}" autofocus required>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseRequestSecret" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/gitea.tmpl b/templates/repo/settings/webhook/gitea.tmpl
index e6eb61ea92..30f14d609b 100644
--- a/templates/repo/settings/webhook/gitea.tmpl
+++ b/templates/repo/settings/webhook/gitea.tmpl
@@ -31,10 +31,11 @@
 				</div>
 			</div>
 		</div>
-		<div class="field {{if .Err_Secret}}error{{end}}">
-			<label for="secret">{{ctx.Locale.Tr "repo.settings.secret"}}</label>
-			<input id="secret" name="secret" type="password" value="{{.Webhook.Secret}}" autocomplete="off">
-		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{template "repo/settings/webhook/settings" dict
+			"BaseLink" .BaseLink
+			"Webhook" .Webhook
+			"UseAuthorizationHeader" "optional"
+			"UseRequestSecret" "optional"
+		}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/gogs.tmpl b/templates/repo/settings/webhook/gogs.tmpl
index e91a3279e4..c0e054602a 100644
--- a/templates/repo/settings/webhook/gogs.tmpl
+++ b/templates/repo/settings/webhook/gogs.tmpl
@@ -19,10 +19,11 @@
 				</div>
 			</div>
 		</div>
-		<div class="field {{if .Err_Secret}}error{{end}}">
-			<label for="secret">{{ctx.Locale.Tr "repo.settings.secret"}}</label>
-			<input id="secret" name="secret" type="password" value="{{.Webhook.Secret}}" autocomplete="off">
-		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{template "repo/settings/webhook/settings" dict
+			"BaseLink" .BaseLink
+			"Webhook" .Webhook
+			"UseAuthorizationHeader" "optional"
+			"UseRequestSecret" "optional"
+		}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/history.tmpl b/templates/repo/settings/webhook/history.tmpl
index ea3c037813..953ba69670 100644
--- a/templates/repo/settings/webhook/history.tmpl
+++ b/templates/repo/settings/webhook/history.tmpl
@@ -26,7 +26,7 @@
 							{{else}}
 								<span class="text red">{{svg "octicon-alert"}}</span>
 							{{end}}
-							<a class="ui primary sha label toggle button show-panel" data-panel="#info-{{.ID}}">{{.UUID}}</a>
+							<button class="btn interact-bg tw-p-2 toggle show-panel" data-panel="#info-{{.ID}}">{{.UUID}}</button>
 						</div>
 						<span class="text grey">
 							{{DateUtils.TimeSince .Delivered}}
diff --git a/templates/repo/settings/webhook/list.tmpl b/templates/repo/settings/webhook/list.tmpl
deleted file mode 100644
index b24159fccb..0000000000
--- a/templates/repo/settings/webhook/list.tmpl
+++ /dev/null
@@ -1,4 +0,0 @@
-
-{{template "repo/settings/webhook/base_list" .}}
-
-{{template "repo/settings/webhook/delete_modal" .}}
diff --git a/templates/repo/settings/webhook/matrix.tmpl b/templates/repo/settings/webhook/matrix.tmpl
index 7f1c9f08e6..e0aad2d807 100644
--- a/templates/repo/settings/webhook/matrix.tmpl
+++ b/templates/repo/settings/webhook/matrix.tmpl
@@ -22,6 +22,6 @@
 				</div>
 			</div>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "required"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/msteams.tmpl b/templates/repo/settings/webhook/msteams.tmpl
index 62ea24e763..17718a1064 100644
--- a/templates/repo/settings/webhook/msteams.tmpl
+++ b/templates/repo/settings/webhook/msteams.tmpl
@@ -6,6 +6,7 @@
 			<label for="payload_url">{{ctx.Locale.Tr "repo.settings.payload_url"}}</label>
 			<input id="payload_url" name="payload_url" type="url" value="{{.Webhook.URL}}" autofocus required>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/packagist.tmpl b/templates/repo/settings/webhook/packagist.tmpl
index 25aba2a435..c813e7c2af 100644
--- a/templates/repo/settings/webhook/packagist.tmpl
+++ b/templates/repo/settings/webhook/packagist.tmpl
@@ -14,6 +14,7 @@
 			<label for="package_url">{{ctx.Locale.Tr "repo.settings.packagist_package_url"}}</label>
 			<input id="package_url" name="package_url" value="{{.PackagistHook.PackageURL}}" placeholder="https://packagist.org/packages/laravel/framework" required>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/settings.tmpl b/templates/repo/settings/webhook/settings.tmpl
index 16ad263e42..a8ad1d6c9e 100644
--- a/templates/repo/settings/webhook/settings.tmpl
+++ b/templates/repo/settings/webhook/settings.tmpl
@@ -1,4 +1,52 @@
-{{$isNew:=or .PageIsSettingsHooksNew .PageIsAdminDefaultHooksNew .PageIsAdminSystemHooksNew}}
+{{/* Template attributes:
+- BaseLink: Base URL for the repository settings
+- WebHook: Webhook object containing details about the webhook
+- UseAuthorizationHeader: optional or required
+- UseRequestSecret: optional or required
+*/}}
+{{$isNew := not .Webhook.ID}}
+
+<div class="inline field">
+	<div class="ui checkbox">
+		<input name="active" type="checkbox" {{if or $isNew .Webhook.IsActive}}checked{{end}}>
+		<label>{{ctx.Locale.Tr "repo.settings.active"}}</label>
+		<span class="help">{{ctx.Locale.Tr "repo.settings.active_helper"}}</span>
+	</div>
+</div>
+
+<!-- Authorization Header -->
+{{if .UseAuthorizationHeader}}
+	{{$attributeValid := or (eq .UseAuthorizationHeader "optional") (eq .UseAuthorizationHeader "required")}}
+	{{if not $attributeValid}}<div class="ui error message">Invalid UseAuthorizationHeader: {{.UseAuthorizationHeader}}}</div>{{end}}
+	{{$required := eq .UseAuthorizationHeader "required"}}
+	<div class="field {{if $required}}required{{end}}">
+		<label>{{ctx.Locale.Tr "repo.settings.authorization_header"}}</label>
+		<input name="authorization_header" type="text" value="{{.Webhook.HeaderAuthorization}}" {{if $required}}required placeholder="Bearer $access_token"{{end}}>
+		{{if not $required}}
+			<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" (HTMLFormat "<code>%s</code>, <code>%s</code>" "Bearer token123456" "Basic YWxhZGRpbjpvcGVuc2VzYW1l")}}</span>
+		{{end}}
+	</div>
+{{end}}
+
+<!-- Secret -->
+{{if .UseRequestSecret}}
+	{{$attributeValid := or (eq .UseRequestSecret "optional") (eq .UseRequestSecret "required")}}
+	{{if not $attributeValid}}<div class="ui error message">Invalid UseRequestSecret: {{.UseRequestSecret}}}</div>{{end}}
+	{{$required := eq .UseRequestSecret "required"}}
+	<div class="field {{if $required}}required{{end}}">
+		<label>{{ctx.Locale.Tr "repo.settings.secret"}}</label>
+		<input name="secret" type="password" value="{{.Webhook.Secret}}" autocomplete="off" {{if $required}}required{{end}}>
+		<span class="help">{{ctx.Locale.Tr "repo.settings.webhook_secret_desc"}}</span>
+	</div>
+{{end}}
+
+<!-- Branch filter -->
+<div class="field">
+	<label>{{ctx.Locale.Tr "repo.settings.branch_filter"}}</label>
+	<input name="branch_filter" type="text" value="{{or .Webhook.BranchFilter "*"}}">
+	<span class="help">{{ctx.Locale.Tr "repo.settings.branch_filter_desc" "https://pkg.go.dev/github.com/gobwas/glob#Compile" "github.com/gobwas/glob"}}</span>
+</div>
+
 <div class="field">
 	<h4>{{ctx.Locale.Tr "repo.settings.event_desc"}}</h4>
 	<div class="grouped event type fields">
@@ -263,6 +311,16 @@
 		<div class="fourteen wide column">
 			<label>{{ctx.Locale.Tr "repo.settings.event_header_workflow"}}</label>
 		</div>
+		<!-- Workflow Run Event -->
+		<div class="seven wide column">
+			<div class="field">
+				<div class="ui checkbox">
+					<input name="workflow_run" type="checkbox" {{if .Webhook.HookEvents.Get "workflow_run"}}checked{{end}}>
+					<label>{{ctx.Locale.Tr "repo.settings.event_workflow_run"}}</label>
+					<span class="help">{{ctx.Locale.Tr "repo.settings.event_workflow_run_desc"}}</span>
+				</div>
+			</div>
+		</div>
 		<!-- Workflow Job Event -->
 		<div class="seven wide column">
 			<div class="field">
@@ -276,38 +334,14 @@
 	</div>
 </div>
 
-<!-- Branch filter -->
-<div class="field">
-	<label for="branch_filter">{{ctx.Locale.Tr "repo.settings.branch_filter"}}</label>
-	<input id="branch_filter" name="branch_filter" type="text" value="{{or .Webhook.BranchFilter "*"}}">
-	<span class="help">{{ctx.Locale.Tr "repo.settings.branch_filter_desc" "https://pkg.go.dev/github.com/gobwas/glob#Compile" "github.com/gobwas/glob"}}</span>
-</div>
-
-<!-- Authorization Header -->
-<div class="field{{if eq .HookType "matrix"}} required{{end}}">
-	<label for="authorization_header">{{ctx.Locale.Tr "repo.settings.authorization_header"}}</label>
-	<input id="authorization_header" name="authorization_header" type="text" value="{{.Webhook.HeaderAuthorization}}"{{if eq .HookType "matrix"}} placeholder="Bearer $access_token" required{{end}}>
-	{{if ne .HookType "matrix"}}{{/* Matrix doesn't make the authorization optional but it is implied by the help string, should be changed.*/}}
-		<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" ("<code>Bearer token123456</code>, <code>Basic YWxhZGRpbjpvcGVuc2VzYW1l</code>" | SafeHTML)}}</span>
-	{{end}}
-</div>
-
-<div class="divider"></div>
-
-<div class="inline field">
-	<div class="ui checkbox">
-		<input name="active" type="checkbox" {{if or $isNew .Webhook.IsActive}}checked{{end}}>
-		<label>{{ctx.Locale.Tr "repo.settings.active"}}</label>
-		<span class="help">{{ctx.Locale.Tr "repo.settings.active_helper"}}</span>
-	</div>
-</div>
 <div class="field">
 	{{if $isNew}}
 		<button class="ui primary button">{{ctx.Locale.Tr "repo.settings.add_webhook"}}</button>
 	{{else}}
 		<button class="ui primary button">{{ctx.Locale.Tr "repo.settings.update_webhook"}}</button>
-		<a class="ui red delete-button button" data-url="{{.BaseLink}}/delete" data-id="{{.Webhook.ID}}">{{ctx.Locale.Tr "repo.settings.delete_webhook"}}</a>
+		<a class="ui red button link-action"
+			data-url="{{.BaseLink}}/delete?id={{.Webhook.ID}}"
+			data-modal-confirm="{{ctx.Locale.Tr "repo.settings.webhook_deletion_desc"}}"
+		>{{ctx.Locale.Tr "repo.settings.delete_webhook"}}</a>
 	{{end}}
 </div>
-
-{{template "repo/settings/webhook/delete_modal" .}}
diff --git a/templates/repo/settings/webhook/slack.tmpl b/templates/repo/settings/webhook/slack.tmpl
index e7cae92d4b..519d6afa1a 100644
--- a/templates/repo/settings/webhook/slack.tmpl
+++ b/templates/repo/settings/webhook/slack.tmpl
@@ -23,6 +23,7 @@
 			<label for="color">{{ctx.Locale.Tr "repo.settings.slack_color"}}</label>
 			<input id="color" name="color" value="{{.SlackHook.Color}}" placeholder="#dd4b39, good, warning, danger">
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/telegram.tmpl b/templates/repo/settings/webhook/telegram.tmpl
index f92c2be0db..5ab89b72cc 100644
--- a/templates/repo/settings/webhook/telegram.tmpl
+++ b/templates/repo/settings/webhook/telegram.tmpl
@@ -14,6 +14,7 @@
 			<label for="thread_id">{{ctx.Locale.Tr "repo.settings.thread_id"}}</label>
 			<input id="thread_id" name="thread_id" type="text" value="{{.TelegramHook.ThreadID}}">
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/settings/webhook/wechatwork.tmpl b/templates/repo/settings/webhook/wechatwork.tmpl
index 78a1617123..cbc29b4610 100644
--- a/templates/repo/settings/webhook/wechatwork.tmpl
+++ b/templates/repo/settings/webhook/wechatwork.tmpl
@@ -6,6 +6,7 @@
 			<label for="payload_url">{{ctx.Locale.Tr "repo.settings.payload_url"}}</label>
 			<input id="payload_url" name="payload_url" type="url" value="{{.Webhook.URL}}" autofocus required>
 		</div>
-		{{template "repo/settings/webhook/settings" .}}
+		{{/* FIXME: support authorization header or not? */}}
+		{{template "repo/settings/webhook/settings" dict "BaseLink" .BaseLink "Webhook" .Webhook "UseAuthorizationHeader" "optional"}}
 	</form>
 {{end}}
diff --git a/templates/repo/star_unstar.tmpl b/templates/repo/star_unstar.tmpl
index 9234a0d196..dea965ab30 100644
--- a/templates/repo/star_unstar.tmpl
+++ b/templates/repo/star_unstar.tmpl
@@ -1,10 +1,10 @@
-<form hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if $.IsStaringRepo}}unstar{{else}}star{{end}}">
+<form class="flex-text-inline" hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if $.IsStaringRepo}}unstar{{else}}star{{end}}">
 	<div class="ui labeled button" {{if not $.IsSigned}}data-tooltip-content="{{ctx.Locale.Tr "repo.star_guest_user"}}"{{end}}>
 		{{$buttonText := ctx.Locale.Tr "repo.star"}}
 		{{if $.IsStaringRepo}}{{$buttonText = ctx.Locale.Tr "repo.unstar"}}{{end}}
 		<button type="submit" class="ui compact small basic button"{{if not $.IsSigned}} disabled{{end}} aria-label="{{$buttonText}}">
 			{{svg (Iif $.IsStaringRepo "octicon-star-fill" "octicon-star")}}
-			<span aria-hidden="true">{{$buttonText}}</span>
+			<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
 		</button>
 		<a hx-boost="false" class="ui basic label" href="{{$.RepoLink}}/stars">
 			{{CountFmt .Repository.NumStars}}
diff --git a/templates/repo/tag/list.tmpl b/templates/repo/tag/list.tmpl
index 9789943b49..8b33b96f86 100644
--- a/templates/repo/tag/list.tmpl
+++ b/templates/repo/tag/list.tmpl
@@ -5,9 +5,7 @@
 		{{template "base/alert" .}}
 		{{template "repo/release_tag_header" .}}
 		<h4 class="ui top attached header">
-			<div class="five wide column tw-flex tw-items-center">
-				{{.TagCount}} {{ctx.Locale.Tr "repo.release.tags"}}
-			</div>
+			{{.TagCount}} {{ctx.Locale.Tr "repo.release.tags"}}
 		</h4>
 		{{$canReadReleases := $.Permission.CanRead ctx.Consts.RepoUnitTypeReleases}}
 		<div class="ui attached segment">
@@ -15,53 +13,49 @@
 				{{template "shared/search/combo" dict "Value" .Keyword "Placeholder" (ctx.Locale.Tr "search.tag_kind") "Tooltip" (ctx.Locale.Tr "search.tag_tooltip")}}
 			</form>
 		</div>
-		<div class="ui attached table segment">
+		<div class="ui attached segment tw-p-0">
 			{{if .Releases}}
-			<table class="ui very basic striped fixed table single line" id="tags-table">
-				<tbody class="tag-list">
-					{{range $idx, $release := .Releases}}
-						<tr>
-							<td class="tag-list-row">
-								<h3 class="tag-list-row-title tw-mb-2">
-									{{if $canReadReleases}}
-										<a class="tag-list-row-link tw-flex tw-items-center" href="{{$.RepoLink}}/releases/tag/{{.TagName | PathEscapeSegments}}" rel="nofollow">{{.TagName}}</a>
-									{{else}}
-										<a class="tag-list-row-link tw-flex tw-items-center" href="{{$.RepoLink}}/src/tag/{{.TagName | PathEscapeSegments}}" rel="nofollow">{{.TagName}}</a>
-									{{end}}
-								</h3>
-								<div class="download tw-flex tw-items-center">
-									{{if $.Permission.CanRead ctx.Consts.RepoUnitTypeCode}}
-										{{if .CreatedUnix}}
-											<span class="tw-mr-2">{{svg "octicon-clock" 16 "tw-mr-1"}}{{DateUtils.TimeSince .CreatedUnix}}</span>
-										{{end}}
+				<div class="ui divided list" id="tags-table">
+				{{range $idx, $release := .Releases}}
+					<div class="item tag-list-row tw-p-4">
+						<h3 class="tag-list-row-title tw-mb-2">
+							{{if $canReadReleases}}
+								<a class="tag-list-row-link" href="{{$.RepoLink}}/releases/tag/{{.TagName | PathEscapeSegments}}" rel="nofollow">{{.TagName}}</a>
+							{{else}}
+								<a class="tag-list-row-link" href="{{$.RepoLink}}/src/tag/{{.TagName | PathEscapeSegments}}" rel="nofollow">{{.TagName}}</a>
+							{{end}}
+						</h3>
+						<div class="flex-text-block muted-links tw-gap-4 tw-flex-wrap">
+							{{if $.Permission.CanRead ctx.Consts.RepoUnitTypeCode}}
+								{{if .CreatedUnix}}
+									<span class="flex-text-inline">{{svg "octicon-clock"}}{{DateUtils.TimeSince .CreatedUnix}}</span>
+								{{end}}
 
-										<a class="tw-mr-2 tw-font-mono muted" href="{{$.RepoLink}}/src/commit/{{.Sha1}}" rel="nofollow">{{svg "octicon-git-commit" 16 "tw-mr-1"}}{{ShortSha .Sha1}}</a>
+								<a class="flex-text-inline tw-font-mono" href="{{$.RepoLink}}/src/commit/{{.Sha1}}" rel="nofollow">{{svg "octicon-git-commit"}}{{ShortSha .Sha1}}</a>
 
-										{{if not $.DisableDownloadSourceArchives}}
-											<a class="archive-link tw-mr-2 muted" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip" 16 "tw-mr-1"}}ZIP</a>
-											<a class="archive-link tw-mr-2 muted" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip" 16 "tw-mr-1"}}TAR.GZ</a>
-										{{end}}
+								{{if not $.DisableDownloadSourceArchives}}
+									<a class="archive-link flex-text-inline" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip"}}ZIP</a>
+									<a class="archive-link flex-text-inline" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip"}}TAR.GZ</a>
+								{{end}}
 
-										{{if (and $canReadReleases $.CanCreateRelease $release.IsTag)}}
-											<a class="tw-mr-2 muted" href="{{$.RepoLink}}/releases/new?tag={{.TagName}}">{{svg "octicon-tag" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.release.new_release"}}</a>
-										{{end}}
+								{{if (and $canReadReleases $.CanCreateRelease $release.IsTag)}}
+									<a class="flex-text-inline" href="{{$.RepoLink}}/releases/new?tag={{.TagName}}">{{svg "octicon-tag"}}{{ctx.Locale.Tr "repo.release.new_release"}}</a>
+								{{end}}
 
-										{{if (and ($.Permission.CanWrite ctx.Consts.RepoUnitTypeCode) $release.IsTag)}}
-											<a class="ui delete-button tw-mr-2 muted" data-url="{{$.RepoLink}}/tags/delete" data-id="{{.ID}}">
-												{{svg "octicon-trash" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.release.delete_tag"}}
-											</a>
-										{{end}}
+								{{if (and ($.Permission.CanWrite ctx.Consts.RepoUnitTypeCode) $release.IsTag)}}
+									<a class="flex-text-inline link-action" data-url="{{$.RepoLink}}/tags/delete?id={{.ID}}" data-modal-confirm="#confirm-delete-tag-modal">
+										{{svg "octicon-trash"}}{{ctx.Locale.Tr "repo.release.delete_tag"}}
+									</a>
+								{{end}}
 
-										{{if and $canReadReleases (not $release.IsTag)}}
-											<a class="tw-mr-2 muted" href="{{$.RepoLink}}/releases/tag/{{.TagName | PathEscapeSegments}}">{{svg "octicon-tag" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.release.detail"}}</a>
-										{{end}}
-									{{end}}
-								</div>
-							</td>
-						</tr>
-					{{end}}
-				</tbody>
-			</table>
+								{{if and $canReadReleases (not $release.IsTag)}}
+									<a class="flex-text-inline" href="{{$.RepoLink}}/releases/tag/{{.TagName | PathEscapeSegments}}">{{svg "octicon-tag"}}{{ctx.Locale.Tr "repo.release.detail"}}</a>
+								{{end}}
+							{{end}}
+						</div>
+					</div>
+				{{end}}
+				</div>
 			{{else}}
 				{{if .NumTags}}
 					<p class="tw-p-4">{{ctx.Locale.Tr "no_results_found"}}</p>
@@ -73,9 +67,8 @@
 </div>
 
 {{if $.Permission.CanWrite ctx.Consts.RepoUnitTypeCode}}
-<div class="ui g-modal-confirm delete modal">
+<div id="confirm-delete-tag-modal" class="ui small modal">
 	<div class="header">
-		{{svg "octicon-trash"}}
 		{{ctx.Locale.Tr "repo.release.delete_tag"}}
 	</div>
 	<div class="content">
diff --git a/templates/repo/tag/name.tmpl b/templates/repo/tag/name.tmpl
index c3042014d3..24e7de046d 100644
--- a/templates/repo/tag/name.tmpl
+++ b/templates/repo/tag/name.tmpl
@@ -1,3 +1,3 @@
-<a class="ui label basic tiny button{{if .IsRelease}} primary{{end}}" href="{{.RepoLink}}/src/tag/{{.TagName|PathEscape}}">
+<a class="ui basic label {{if .IsRelease}}primary{{end}} {{.AdditionalClasses}}" href="{{.RepoLink}}/src/tag/{{.TagName|PathEscape}}">
 {{svg "octicon-tag"}} {{.TagName}}
 </a>
diff --git a/templates/repo/unicode_escape_prompt.tmpl b/templates/repo/unicode_escape_prompt.tmpl
index 8bceafa8bb..f8226ec728 100644
--- a/templates/repo/unicode_escape_prompt.tmpl
+++ b/templates/repo/unicode_escape_prompt.tmpl
@@ -1,22 +1,22 @@
 {{if .EscapeStatus}}
 	{{if .EscapeStatus.HasInvisible}}
-		<div class="ui warning message unicode-escape-prompt tw-text-left">
+		<div class="ui warning message unicode-escape-prompt">
 			<button class="btn close icon hide-panel" data-panel-closest=".message">{{svg "octicon-x" 16 "close inside"}}</button>
 			<div class="header">
 				{{ctx.Locale.Tr "repo.invisible_runes_header"}}
 			</div>
-			<p>{{ctx.Locale.Tr "repo.invisible_runes_description"}}</p>
+			<div>{{ctx.Locale.Tr "repo.invisible_runes_description"}}</div>
 			{{if .EscapeStatus.HasAmbiguous}}
-				<p>{{ctx.Locale.Tr "repo.ambiguous_runes_description"}}</p>
+				<div>{{ctx.Locale.Tr "repo.ambiguous_runes_description"}}</div>
 			{{end}}
 		</div>
 	{{else if .EscapeStatus.HasAmbiguous}}
-		<div class="ui warning message unicode-escape-prompt tw-text-left">
+		<div class="ui warning message unicode-escape-prompt">
 			<button class="btn close icon hide-panel" data-panel-closest=".message">{{svg "octicon-x" 16 "close inside"}}</button>
 			<div class="header">
 				{{ctx.Locale.Tr "repo.ambiguous_runes_header"}}
 			</div>
-			<p>{{ctx.Locale.Tr "repo.ambiguous_runes_description"}}</p>
+			<div>{{ctx.Locale.Tr "repo.ambiguous_runes_description"}}</div>
 		</div>
 	{{end}}
 {{end}}
diff --git a/templates/repo/view.tmpl b/templates/repo/view.tmpl
index c3d562003d..f99fe2f57a 100644
--- a/templates/repo/view.tmpl
+++ b/templates/repo/view.tmpl
@@ -14,10 +14,10 @@
 			</div>
 		{{end}}
 
-		{{template "repo/code/recently_pushed_new_branches" .}}
+		{{template "repo/code/recently_pushed_new_branches" dict "RecentBranchesPromptData" .RecentBranchesPromptData}}
 
 		<div class="repo-view-container">
-			<div class="repo-view-file-tree-container not-mobile {{if not .UserSettingCodeViewShowFileTree}}tw-hidden{{end}}" {{if .IsSigned}}data-user-is-signed-in{{end}}>
+			<div class="tw-flex tw-flex-col repo-view-file-tree-container not-mobile {{if not .UserSettingCodeViewShowFileTree}}tw-hidden{{end}}" {{if .IsSigned}}data-user-is-signed-in{{end}}>
 				{{template "repo/view_file_tree" .}}
 			</div>
 			<div class="repo-view-content">
diff --git a/templates/repo/view_content.tmpl b/templates/repo/view_content.tmpl
index 06e9f8515c..3ba04a9974 100644
--- a/templates/repo/view_content.tmpl
+++ b/templates/repo/view_content.tmpl
@@ -30,7 +30,7 @@
 		{{end}}
 		{{$cmpBranch = print $cmpBranch (.BranchName|PathEscapeSegments)}}
 		{{$compareLink := printf "%s/compare/%s...%s" .BaseRepo.Link (.BaseRepo.DefaultBranch|PathEscapeSegments) $cmpBranch}}
-		<a id="new-pull-request" role="button" class="ui compact basic button" href="{{$compareLink}}"
+		<a id="new-pull-request" role="button" class="ui compact basic button" href="{{QueryBuild $compareLink "expand" 1}}"
 			data-tooltip-content="{{if .PullRequestCtx.Allowed}}{{ctx.Locale.Tr "repo.pulls.compare_changes"}}{{else}}{{ctx.Locale.Tr "action.compare_branch"}}{{end}}">
 			{{svg "octicon-git-pull-request"}}
 		</a>
@@ -41,8 +41,8 @@
 		<a href="{{.Repository.Link}}/find/{{.RefTypeNameSubURL}}" class="ui compact basic button">{{ctx.Locale.Tr "repo.find_file.go_to_file"}}</a>
 	{{end}}
 
-	{{if and .CanWriteCode .RefFullName.IsBranch (not .Repository.IsMirror) (not .Repository.IsArchived) (not .IsViewFile)}}
-		<button class="ui dropdown basic compact jump button"{{if not .Repository.CanEnableEditor}} disabled{{end}}>
+	{{if and .RefFullName.IsBranch (not .IsViewFile)}}
+		<button class="ui dropdown basic compact jump button repo-add-file" {{if not .Repository.CanEnableEditor}}disabled{{end}}>
 			{{ctx.Locale.Tr "repo.editor.add_file"}}
 			{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 			<div class="menu">
@@ -69,7 +69,7 @@
 
 	{{if not $isTreePathRoot}}
 		{{$treeNameIdxLast := Eval (len .TreeNames) "-" 1}}
-		<span class="breadcrumb repo-path tw-ml-1">
+		<span class="breadcrumb">
 			<a class="section" href="{{.RepoLink}}/src/{{.RefTypeNameSubURL}}" title="{{.Repository.Name}}">{{StringUtils.EllipsisString .Repository.Name 30}}</a>
 			{{- range $i, $v := .TreeNames -}}
 				<span class="breadcrumb-divider">/</span>
diff --git a/templates/repo/view_file.tmpl b/templates/repo/view_file.tmpl
index 51a8f7d501..1486d7181d 100644
--- a/templates/repo/view_file.tmpl
+++ b/templates/repo/view_file.tmpl
@@ -1,4 +1,6 @@
-<div {{if .ReadmeInList}}id="readme" {{end}}class="{{TabSizeClass .Editorconfig .FileName}} non-diff-file-content">
+<div {{if .ReadmeInList}}id="readme"{{end}} class="{{TabSizeClass .Editorconfig .FileTreePath}} non-diff-file-content"
+	data-global-init="initRepoFileView" data-raw-file-link="{{.RawFileLink}}">
+
 	{{- if .FileError}}
 		<div class="ui error message">
 			<div class="text left tw-whitespace-pre">{{.FileError}}</div>
@@ -27,18 +29,19 @@
 		<div class="file-header-left tw-flex tw-items-center tw-py-2 tw-pr-4">
 			{{if .ReadmeInList}}
 				{{svg "octicon-book" 16 "tw-mr-2"}}
-				<strong><a class="muted" href="#readme">{{.FileName}}</a></strong>
+				<strong><a class="muted" href="#readme">{{.ReadmeInList}}</a></strong>
 			{{else}}
 				{{template "repo/file_info" .}}
 			{{end}}
 		</div>
-		<div class="file-header-right file-actions tw-flex tw-items-center tw-flex-wrap">
-			{{if .HasSourceRenderedToggle}}
-				<div class="ui compact icon buttons">
-					<a href="?display=source" class="ui mini basic button {{if .IsDisplayingSource}}active{{end}}" data-tooltip-content="{{ctx.Locale.Tr "repo.file_view_source"}}">{{svg "octicon-code" 15}}</a>
-					<a href="{{$.Link}}" class="ui mini basic button {{if .IsDisplayingRendered}}active{{end}}" data-tooltip-content="{{ctx.Locale.Tr "repo.file_view_rendered"}}">{{svg "octicon-file" 15}}</a>
-				</div>
-			{{end}}
+		<div class="file-header-right file-actions flex-text-block tw-flex-wrap">
+			{{/* this componment is also controlled by frontend plugin renders */}}
+			<div class="ui compact icon buttons file-view-toggle-buttons {{Iif .HasSourceRenderedToggle "" "tw-hidden"}}">
+				{{if .IsRepresentableAsText}}
+				<a href="?display=source" class="ui mini basic button file-view-toggle-source {{if .IsDisplayingSource}}active{{end}}" data-tooltip-content="{{ctx.Locale.Tr "repo.file_view_source"}}">{{svg "octicon-code" 15}}</a>
+				{{end}}
+				<a href="?display=rendered" class="ui mini basic button file-view-toggle-rendered {{if not .IsDisplayingSource}}active{{end}}" data-tooltip-content="{{ctx.Locale.Tr "repo.file_view_rendered"}}">{{svg "octicon-file" 15}}</a>
+			</div>
 			{{if not .ReadmeInList}}
 				<div class="ui buttons tw-mr-1">
 					<a class="ui mini basic button" href="{{$.RawFileLink}}">{{ctx.Locale.Tr "repo.file_raw"}}</a>
@@ -55,7 +58,10 @@
 					{{end}}
 				</div>
 				<a download class="btn-octicon" data-tooltip-content="{{ctx.Locale.Tr "repo.download_file"}}" href="{{$.RawFileLink}}">{{svg "octicon-download"}}</a>
-				<a class="btn-octicon {{if not .CanCopyContent}} disabled{{end}}" data-global-click="onCopyContentButtonClick" {{if or .IsImageFile (and .HasSourceRenderedToggle (not .IsDisplayingSource))}} data-link="{{$.RawFileLink}}"{{end}} data-tooltip-content="{{if .CanCopyContent}}{{ctx.Locale.Tr "copy_content"}}{{else}}{{ctx.Locale.Tr "copy_type_unsupported"}}{{end}}">{{svg "octicon-copy"}}</a>
+				<a class="btn-octicon {{if not .CanCopyContent}}disabled{{end}}" data-global-click="onCopyContentButtonClick"
+					{{if not .IsDisplayingSource}}data-raw-file-link="{{$.RawFileLink}}"{{end}}
+					data-tooltip-content="{{if .CanCopyContent}}{{ctx.Locale.Tr "copy_content"}}{{else}}{{ctx.Locale.Tr "copy_type_unsupported"}}{{end}}"
+				>{{svg "octicon-copy"}}</a>
 				{{if .EnableFeed}}
 				<a class="btn-octicon" href="{{$.RepoLink}}/rss/{{$.RefTypeNameSubURL}}/{{PathEscapeSegments .TreePath}}" data-tooltip-content="{{ctx.Locale.Tr "rss_feed"}}">
 					{{svg "octicon-rss"}}
@@ -78,45 +84,28 @@
 				<button class="ui mini basic button escape-button tw-mr-1">{{ctx.Locale.Tr "repo.escape_control_characters"}}</button>
 			{{end}}
 			{{if and .ReadmeInList .CanEditReadmeFile}}
-				<a class="btn-octicon" data-tooltip-content="{{ctx.Locale.Tr "repo.editor.edit_this_file"}}" href="{{.RepoLink}}/_edit/{{PathEscapeSegments .BranchName}}/{{PathEscapeSegments .TreePath}}/{{PathEscapeSegments .FileName}}">{{svg "octicon-pencil"}}</a>
+				<a class="btn-octicon" data-tooltip-content="{{ctx.Locale.Tr "repo.editor.edit_this_file"}}" href="{{.RepoLink}}/_edit/{{PathEscapeSegments .BranchName}}/{{PathEscapeSegments .FileTreePath}}">{{svg "octicon-pencil"}}</a>
 			{{end}}
 		</div>
 	</h4>
+
 	<div class="ui bottom attached table unstackable segment">
-		{{if not (or .IsMarkup .IsRenderedHTML)}}
-			{{template "repo/unicode_escape_prompt" dict "EscapeStatus" .EscapeStatus "root" $}}
+		{{if not .IsMarkup}}
+			{{template "repo/unicode_escape_prompt" dict "EscapeStatus" .EscapeStatus}}
 		{{end}}
-		<div class="file-view{{if .IsMarkup}} markup {{.MarkupType}}{{else if .IsPlainText}} plain-text{{else if .IsTextSource}} code-view{{end}}">
+		<div class="file-view {{if .IsMarkup}}markup {{.MarkupType}}{{else if .IsPlainText}}plain-text{{else if .IsDisplayingSource}}code-view{{end}}">
 			{{if .IsFileTooLarge}}
 				{{template "shared/filetoolarge" dict "RawFileLink" .RawFileLink}}
 			{{else if not .FileSize}}
 				{{template "shared/fileisempty"}}
 			{{else if .IsMarkup}}
-				{{if .FileContent}}{{.FileContent}}{{end}}
+				{{.FileContent}}
 			{{else if .IsPlainText}}
 				<pre>{{if .FileContent}}{{.FileContent}}{{end}}</pre>
-			{{else if not .IsTextSource}}
-				<div class="view-raw">
-					{{if .IsImageFile}}
-						<img src="{{$.RawFileLink}}">
-					{{else if .IsVideoFile}}
-						<video controls src="{{$.RawFileLink}}">
-							<strong>{{ctx.Locale.Tr "repo.video_not_supported_in_browser"}}</strong>
-						</video>
-					{{else if .IsAudioFile}}
-						<audio controls src="{{$.RawFileLink}}">
-							<strong>{{ctx.Locale.Tr "repo.audio_not_supported_in_browser"}}</strong>
-						</audio>
-					{{else if .IsPDFFile}}
-						<div class="pdf-content is-loading" data-global-init="initPdfViewer" data-src="{{$.RawFileLink}}" data-fallback-button-text="{{ctx.Locale.Tr "repo.diff.view_file"}}"></div>
-					{{else}}
-						<a href="{{$.RawFileLink}}" rel="nofollow" class="tw-p-4">{{ctx.Locale.Tr "repo.file_view_raw"}}</a>
-					{{end}}
-				</div>
-			{{else if .FileSize}}
+			{{else if .FileContent}}
 				<table>
 					<tbody>
-						{{range $idx, $code := .FileContent}}
+					{{range $idx, $code := .FileContent}}
 						{{$line := Eval $idx "+" 1}}
 						<tr>
 							<td id="L{{$line}}" class="lines-num"><span id="L{{$line}}" data-line-number="{{$line}}"></span></td>
@@ -125,17 +114,38 @@
 							{{end}}
 							<td rel="L{{$line}}" class="lines-code chroma"><code class="code-inner">{{$code}}</code></td>
 						</tr>
-						{{end}}
+					{{end}}
 					</tbody>
 				</table>
-				<div class="code-line-menu tippy-target">
-					{{if $.Permission.CanRead ctx.Consts.RepoUnitTypeIssues}}
-						<a class="item ref-in-new-issue" role="menuitem" data-url-issue-new="{{.RepoLink}}/issues/new" data-url-param-body-link="{{.Repository.Link}}/src/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}{{if $.HasSourceRenderedToggle}}?display=source{{end}}" rel="nofollow noindex">{{ctx.Locale.Tr "repo.issues.context.reference_issue"}}</a>
+			{{else}}
+				<div class="view-raw">
+					{{if .IsImageFile}}
+						<img alt="{{$.RawFileLink}}" src="{{$.RawFileLink}}">
+					{{else if .IsVideoFile}}
+						<video controls src="{{$.RawFileLink}}">
+							<strong>{{ctx.Locale.Tr "repo.video_not_supported_in_browser"}}</strong>
+						</video>
+					{{else if .IsAudioFile}}
+						<audio controls src="{{$.RawFileLink}}">
+							<strong>{{ctx.Locale.Tr "repo.audio_not_supported_in_browser"}}</strong>
+						</audio>
+					{{else}}
+						<div class="file-view-render-container">
+							<div class="file-view-raw-prompt tw-p-4">
+								<a href="{{$.RawFileLink}}" rel="nofollow">{{ctx.Locale.Tr "repo.file_view_raw"}}</a>
+							</div>
+						</div>
 					{{end}}
-					<a class="item view_git_blame" role="menuitem" href="{{.Repository.Link}}/blame/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}">{{ctx.Locale.Tr "repo.view_git_blame"}}</a>
-					<a class="item copy-line-permalink" role="menuitem" data-url="{{.Repository.Link}}/src/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}{{if $.HasSourceRenderedToggle}}?display=source{{end}}">{{ctx.Locale.Tr "repo.file_copy_permalink"}}</a>
 				</div>
 			{{end}}
 		</div>
+
+		<div class="code-line-menu tippy-target">
+			{{if $.Permission.CanRead ctx.Consts.RepoUnitTypeIssues}}
+			<a class="item ref-in-new-issue" role="menuitem" data-url-issue-new="{{.RepoLink}}/issues/new" data-url-param-body-link="{{.Repository.Link}}/src/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}{{if $.HasSourceRenderedToggle}}?display=source{{end}}" rel="nofollow noindex">{{ctx.Locale.Tr "repo.issues.context.reference_issue"}}</a>
+			{{end}}
+			<a class="item view_git_blame" role="menuitem" href="{{.Repository.Link}}/blame/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}">{{ctx.Locale.Tr "repo.view_git_blame"}}</a>
+			<a class="item copy-line-permalink" role="menuitem" data-url="{{.Repository.Link}}/src/commit/{{PathEscape .CommitID}}/{{PathEscapeSegments .TreePath}}{{if $.HasSourceRenderedToggle}}?display=source{{end}}">{{ctx.Locale.Tr "repo.file_copy_permalink"}}</a>
+		</div>
 	</div>
 </div>
diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl
index 4745110dd2..145494aa1a 100644
--- a/templates/repo/view_list.tmpl
+++ b/templates/repo/view_list.tmpl
@@ -4,9 +4,10 @@
 		{{template "repo/latest_commit" .}}
 		<div>{{if and .LatestCommit .LatestCommit.Committer}}{{DateUtils.TimeSince .LatestCommit.Committer.When}}{{end}}</div>
 	</div>
+	{{$.FileIconPoolHTML}}
 	{{if .HasParentPath}}
 	<a class="repo-file-line parent-link silenced" href="{{.BranchLink}}{{if .ParentPath}}{{PathEscapeSegments .ParentPath}}{{end}}">
-		{{svg "octicon-file-directory-fill"}} ..
+		{{index $.FileIcons ".."}} ..
 	</a>
 	{{end}}
 	{{range $item := .Files}}
@@ -15,9 +16,9 @@
 			{{$commit := $item.Commit}}
 			{{$submoduleFile := $item.SubmoduleFile}}
 			<div class="repo-file-cell name muted-links {{if not $commit}}notready{{end}}">
-				{{ctx.RenderUtils.RenderFileIcon $entry}}
+				{{index $.FileIcons $entry.Name}}
 				{{if $entry.IsSubModule}}
-					{{$submoduleLink := $submoduleFile.SubmoduleWebLink ctx}}
+					{{$submoduleLink := $submoduleFile.SubmoduleWebLinkTree ctx}}
 					{{if $submoduleLink}}
 						<a class="entry-name" href="{{$submoduleLink.RepoWebLink}}" title="{{$entry.Name}}">{{$entry.Name}}</a>
 						@ <a class="text primary" href="{{$submoduleLink.CommitWebLink}}">{{ShortSha $submoduleFile.RefID}}</a>
@@ -40,13 +41,16 @@
 						</a>
 					{{else}}
 						<a class="entry-name" href="{{$.TreeLink}}/{{PathEscapeSegments $entry.Name}}" title="{{$entry.Name}}">{{$entry.Name}}</a>
+						{{if $entry.IsLink}}
+							<a class="entry-symbol-link flex-text-inline" data-tooltip-content title="{{ctx.Locale.Tr "repo.find_file.follow_symlink"}}" href="{{$.TreeLink}}/{{PathEscapeSegments $entry.Name}}?follow_symlink=1">{{svg "octicon-link" 12}}</a>
+						{{end}}
 					{{end}}
 				{{end}}
 			</div>
 			<div class="repo-file-cell message loading-icon-2px">
 				{{if $commit}}
 					{{$commitLink := printf "%s/commit/%s" $.RepoLink (PathEscape $commit.ID.String)}}
-					{{ctx.RenderUtils.RenderCommitMessageLinkSubject $commit.Message $commitLink ($.Repository.ComposeMetas ctx)}}
+					{{ctx.RenderUtils.RenderCommitMessageLinkSubject $commit.Message $commitLink $.Repository}}
 				{{else}}
 					… {{/* will be loaded again by LastCommitLoaderURL */}}
 				{{end}}
diff --git a/templates/repo/watch_unwatch.tmpl b/templates/repo/watch_unwatch.tmpl
index 465cd91c2b..6f2e5b7a19 100644
--- a/templates/repo/watch_unwatch.tmpl
+++ b/templates/repo/watch_unwatch.tmpl
@@ -1,10 +1,10 @@
-<form hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if $.IsWatchingRepo}}unwatch{{else}}watch{{end}}">
+<form class="flex-text-inline" hx-boost="true" hx-target="this" method="post" action="{{$.RepoLink}}/action/{{if $.IsWatchingRepo}}unwatch{{else}}watch{{end}}">
 	<div class="ui labeled button" {{if not $.IsSigned}}data-tooltip-content="{{ctx.Locale.Tr "repo.watch_guest_user"}}"{{end}}>
 		{{$buttonText := ctx.Locale.Tr "repo.watch"}}
 		{{if $.IsWatchingRepo}}{{$buttonText = ctx.Locale.Tr "repo.unwatch"}}{{end}}
 		<button type="submit" class="ui compact small basic button"{{if not $.IsSigned}} disabled{{end}} aria-label="{{$buttonText}}">
 			{{svg "octicon-eye"}}
-			<span aria-hidden="true">{{$buttonText}}</span>
+			<span class="not-mobile" aria-hidden="true">{{$buttonText}}</span>
 		</button>
 		<a hx-boost="false" class="ui basic label" href="{{.RepoLink}}/watchers">
 			{{CountFmt .Repository.NumWatches}}
diff --git a/templates/repo/wiki/new.tmpl b/templates/repo/wiki/new.tmpl
index 9b5e7b907d..12f0983904 100644
--- a/templates/repo/wiki/new.tmpl
+++ b/templates/repo/wiki/new.tmpl
@@ -18,7 +18,7 @@
 				{{ctx.Locale.Tr "repo.wiki.page_name_desc"}}
 			</div>
 
-			{{$content := .content}}
+			{{$content := .WikiEditContent}}
 			{{if not .PageIsWikiEdit}}
 				{{$content = ctx.Locale.Tr "repo.wiki.welcome"}}
 			{{end}}
@@ -35,7 +35,7 @@
 				<input name="message" aria-label="{{ctx.Locale.Tr "repo.wiki.default_commit_message"}}" placeholder="{{ctx.Locale.Tr "repo.wiki.default_commit_message"}}">
 			</div>
 			<div class="divider"></div>
-			<div class="tw-text-right">
+			<div class="flex-text-block tw-justify-end">
 				<a class="ui basic cancel button" href="{{.Link}}">{{ctx.Locale.Tr "cancel"}}</a>
 				<button class="ui primary button">{{ctx.Locale.Tr "repo.wiki.save_page"}}</button>
 			</div>
diff --git a/templates/repo/wiki/revision.tmpl b/templates/repo/wiki/revision.tmpl
index 80179ce46b..108e378937 100644
--- a/templates/repo/wiki/revision.tmpl
+++ b/templates/repo/wiki/revision.tmpl
@@ -3,18 +3,18 @@
 	{{template "repo/header" .}}
 	{{$title := .title}}
 	<div class="ui container">
-		<div class="ui stackable grid">
-			<div class="ui eight wide column">
-				<div class="ui header">
-					<a class="file-revisions-btn ui basic button" title="{{ctx.Locale.Tr "repo.wiki.back_to_wiki"}}" href="{{.RepoLink}}/wiki/{{.PageURL}}"><span>{{.revision}}</span> {{svg "octicon-home"}}</a>
+		<div class="ui dividing header flex-text-block tw-flex-wrap tw-justify-between">
+			<div class="flex-text-block">
+				<a class="ui basic button tw-px-3" title="{{ctx.Locale.Tr "repo.wiki.back_to_wiki"}}" href="{{.RepoLink}}/wiki/{{.PageURL}}">{{svg "octicon-home"}}</a>
+				<div class="tw-flex-1 gt-ellipsis">
 					{{$title}}
-					<div class="ui sub header tw-break-anywhere">
+					<div class="ui sub header gt-ellipsis">
 						{{$timeSince := DateUtils.TimeSince .Author.When}}
 						{{ctx.Locale.Tr "repo.wiki.last_commit_info" .Author.Name $timeSince}}
 					</div>
 				</div>
 			</div>
-			<div class="ui eight wide column tw-text-right">
+			<div class="flex-text-block">
 				{{template "repo/clone_panel" .}}
 			</div>
 		</div>
diff --git a/templates/repo/wiki/start.tmpl b/templates/repo/wiki/start.tmpl
index 1b3c3d538a..e622db5eb5 100644
--- a/templates/repo/wiki/start.tmpl
+++ b/templates/repo/wiki/start.tmpl
@@ -7,7 +7,7 @@
 			<h2>{{ctx.Locale.Tr "repo.wiki.welcome"}}</h2>
 			<p>{{ctx.Locale.Tr "repo.wiki.welcome_desc"}}</p>
 			{{if and .CanWriteWiki (not .Repository.IsMirror)}}
-				<a class="ui primary button" href="{{.RepoLink}}/wiki?action=_new">{{ctx.Locale.Tr "repo.wiki.create_first_page"}}</a>
+				<a class="ui primary button tw-mr-0" href="{{.RepoLink}}/wiki?action=_new">{{ctx.Locale.Tr "repo.wiki.create_first_page"}}</a>
 			{{end}}
 		</div>
 	</div>
diff --git a/templates/repo/wiki/view.tmpl b/templates/repo/wiki/view.tmpl
index efb614280a..4c7ef364d2 100644
--- a/templates/repo/wiki/view.tmpl
+++ b/templates/repo/wiki/view.tmpl
@@ -33,7 +33,7 @@
 		<div class="ui dividing header">
 			<div class="flex-text-block tw-flex-wrap tw-justify-end">
 				<div class="flex-text-block tw-flex-1 tw-min-w-[300px]">
-					<a class="file-revisions-btn ui basic button" title="{{ctx.Locale.Tr "repo.wiki.file_revision"}}" href="{{.RepoLink}}/wiki/{{.PageURL}}?action=_revision" ><span>{{.CommitCount}}</span> {{svg "octicon-history"}}</a>
+					<a class="ui basic button tw-px-3 tw-gap-3" title="{{ctx.Locale.Tr "repo.wiki.file_revision"}}" href="{{.RepoLink}}/wiki/{{.PageURL}}?action=_revision" >{{if .CommitCount}}<span>{{.CommitCount}}</span> {{end}}{{svg "octicon-history"}}</a>
 					<div class="tw-flex-1 gt-ellipsis">
 						{{$title}}
 						<div class="ui sub header gt-ellipsis">
@@ -50,7 +50,7 @@
 					{{if and .CanWriteWiki (not .Repository.IsMirror)}}
 						<a class="ui small button" href="{{.RepoLink}}/wiki/{{.PageURL}}?action=_edit">{{ctx.Locale.Tr "repo.wiki.edit_page_button"}}</a>
 						<a class="ui small primary button" href="{{.RepoLink}}/wiki?action=_new">{{ctx.Locale.Tr "repo.wiki.new_page_button"}}</a>
-						<a class="ui small red button delete-button" href="" data-url="{{.RepoLink}}/wiki/{{.PageURL}}?action=_delete" data-id="{{.PageURL}}">{{ctx.Locale.Tr "repo.wiki.delete_page_button"}}</a>
+						<a class="ui small red button link-action" href data-modal-confirm="#repo-wiki-delete-page-modal" data-url="{{.RepoLink}}/wiki/{{.PageURL}}?action=_delete">{{ctx.Locale.Tr "repo.wiki.delete_page_button"}}</a>
 					{{end}}
 				</div>
 			</div>
@@ -62,50 +62,43 @@
 		{{end}}
 
 		<div class="wiki-content-parts">
-			{{if .sidebarTocContent}}
+			{{if .WikiSidebarTocHTML}}
 			<div class="render-content markup wiki-content-sidebar wiki-content-toc">
-				{{.sidebarTocContent | SafeHTML}}
+				{{.WikiSidebarTocHTML}}
 			</div>
 			{{end}}
 
-			<div class="render-content markup wiki-content-main {{if or .sidebarTocContent .sidebarPresent}}with-sidebar{{end}}">
-				{{template "repo/unicode_escape_prompt" dict "EscapeStatus" .EscapeStatus "root" $}}
-				{{.content | SafeHTML}}
+			<div class="render-content markup wiki-content-main {{if or .WikiSidebarTocHTML .WikiSidebarHTML}}with-sidebar{{end}}">
+				{{template "repo/unicode_escape_prompt" dict "EscapeStatus" .EscapeStatus}}
+				{{.WikiContentHTML}}
 			</div>
 
-			{{if .sidebarPresent}}
+			{{if .WikiSidebarHTML}}
 			<div class="render-content markup wiki-content-sidebar">
 				{{if and .CanWriteWiki (not .Repository.IsMirror)}}
 					<a class="tw-float-right muted" href="{{.RepoLink}}/wiki/_Sidebar?action=_edit" aria-label="{{ctx.Locale.Tr "repo.wiki.edit_page_button"}}">{{svg "octicon-pencil"}}</a>
 				{{end}}
-				{{template "repo/unicode_escape_prompt" dict "EscapeStatus" .sidebarEscapeStatus "root" $}}
-				{{.sidebarContent | SafeHTML}}
+				{{.WikiSidebarHTML}}
 			</div>
 			{{end}}
 
 			<div class="tw-clear-both"></div>
 
-			{{if .footerPresent}}
+			{{if .WikiFooterHTML}}
 			<div class="render-content markup wiki-content-footer">
 				{{if and .CanWriteWiki (not .Repository.IsMirror)}}
 					<a class="tw-float-right muted" href="{{.RepoLink}}/wiki/_Footer?action=_edit" aria-label="{{ctx.Locale.Tr "repo.wiki.edit_page_button"}}">{{svg "octicon-pencil"}}</a>
 				{{end}}
-				{{template "repo/unicode_escape_prompt" dict "footerEscapeStatus" .sidebarEscapeStatus "root" $}}
-				{{.footerContent | SafeHTML}}
+				{{.WikiFooterHTML}}
 			</div>
 			{{end}}
 		</div>
 	</div>
 </div>
 
-<div class="ui g-modal-confirm delete modal">
-	<div class="header">
-		{{svg "octicon-trash"}}
-		{{ctx.Locale.Tr "repo.wiki.delete_page_button"}}
-	</div>
-	<div class="content">
-		<p>{{ctx.Locale.Tr "repo.wiki.delete_page_notice_1" $title}}</p>
-	</div>
+<div class="ui small modal" id="repo-wiki-delete-page-modal">
+	<div class="header">{{svg "octicon-trash"}} {{ctx.Locale.Tr "repo.wiki.delete_page_button"}}</div>
+	<div class="content"><p>{{ctx.Locale.Tr "repo.wiki.delete_page_notice_1" $title}}</p></div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
 
diff --git a/templates/shared/actions/runner_badge.tmpl b/templates/shared/actions/runner_badge.tmpl
deleted file mode 100644
index 816e87e177..0000000000
--- a/templates/shared/actions/runner_badge.tmpl
+++ /dev/null
@@ -1,25 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="{{.Badge.Width}}" height="18"
-	role="img" aria-label="{{.Badge.Label.Text}}: {{.Badge.Message.Text}}">
-	<title>{{.Badge.Label.Text}}: {{.Badge.Message.Text}}</title>
-	<linearGradient id="s" x2="0" y2="100%">
-		<stop offset="0" stop-color="#fff" stop-opacity=".7" />
-		<stop offset=".1" stop-color="#aaa" stop-opacity=".1" />
-		<stop offset=".9" stop-color="#000" stop-opacity=".3" />
-		<stop offset="1" stop-color="#000" stop-opacity=".5" />
-	</linearGradient>
-	<clipPath id="r">
-		<rect width="{{.Badge.Width}}" height="18" rx="4" fill="#fff" />
-	</clipPath>
-	<g clip-path="url(#r)">
-		<rect width="{{.Badge.Label.Width}}" height="18" fill="#555" />
-		<rect x="{{.Badge.Label.Width}}" width="{{.Badge.Message.Width}}" height="18" fill="{{.Badge.Color}}" />
-		<rect width="{{.Badge.Width}}" height="18" fill="url(#s)" />
-	</g>
-	<g fill="#fff" text-anchor="middle" font-family="Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision"
-		font-size="{{.Badge.FontSize}}"><text aria-hidden="true" x="{{.Badge.Label.X}}" y="140" fill="#010101" fill-opacity=".3"
-			transform="scale(.1)" textLength="{{.Badge.Label.TextLength}}">{{.Badge.Label.Text}}</text><text x="{{.Badge.Label.X}}" y="130"
-			transform="scale(.1)" fill="#fff" textLength="{{.Badge.Label.TextLength}}">{{.Badge.Label.Text}}</text><text aria-hidden="true"
-			x="{{.Badge.Message.X}}" y="140" fill="#010101" fill-opacity=".3" transform="scale(.1)"
-			textLength="{{.Badge.Message.TextLength}}">{{.Badge.Message.Text}}</text><text x="{{.Badge.Message.X}}" y="130" transform="scale(.1)"
-			fill="#fff" textLength="{{.Badge.Message.TextLength}}">{{.Badge.Message.Text}}</text></g>
-</svg>
diff --git a/templates/shared/actions/runner_badge_flat-square.tmpl b/templates/shared/actions/runner_badge_flat-square.tmpl
new file mode 100644
index 0000000000..cc1dc1e8f3
--- /dev/null
+++ b/templates/shared/actions/runner_badge_flat-square.tmpl
@@ -0,0 +1,15 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="{{.Badge.Width}}" height="20"
+	role="img" aria-label="{{.Badge.Label.Text}}: {{.Badge.Message.Text}}">
+	<title>{{.Badge.Label.Text}}: {{.Badge.Message.Text}}</title>
+	<g shape-rendering="crispEdges">
+		<rect width="{{.Badge.Label.Width}}" height="20" fill="#555" />
+		<rect x="{{.Badge.Label.Width}}" width="{{.Badge.Message.Width}}" height="20" fill="{{.Badge.Color}}" />
+	</g>
+	<g fill="#fff" text-anchor="middle" font-family="{{.Badge.FontFamily}}"
+		text-rendering="geometricPrecision" font-size="{{.Badge.FontSize}}">
+		<text x="{{.Badge.Label.X}}" y="140"
+			transform="scale(.1)" fill="#fff" textLength="{{.Badge.Label.TextLength}}">{{.Badge.Label.Text}}</text>
+		<text x="{{.Badge.Message.X}}" y="140" transform="scale(.1)" fill="#fff"
+			textLength="{{.Badge.Message.TextLength}}">{{.Badge.Message.Text}}</text>
+	</g>
+</svg>
diff --git a/templates/shared/actions/runner_badge_flat.tmpl b/templates/shared/actions/runner_badge_flat.tmpl
new file mode 100644
index 0000000000..1ba9be09fb
--- /dev/null
+++ b/templates/shared/actions/runner_badge_flat.tmpl
@@ -0,0 +1,27 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="{{.Badge.Width}}" height="20"
+	role="img" aria-label="{{.Badge.Label.Text}}: {{.Badge.Message.Text}}">
+	<title>{{.Badge.Label.Text}}: {{.Badge.Message.Text}}</title>
+	<linearGradient id="{{.Badge.IDPrefix}}s" x2="0" y2="100%">
+		<stop offset="0" stop-color="#bbb" stop-opacity=".1" />
+		<stop offset="1" stop-opacity=".1" />
+	</linearGradient>
+	<clipPath id="{{.Badge.IDPrefix}}r">
+		<rect width="{{.Badge.Width}}" height="20" rx="3" fill="#fff" />
+	</clipPath>
+	<g clip-path="url(#{{.Badge.IDPrefix}}r)">
+		<rect width="{{.Badge.Label.Width}}" height="20" fill="#555" />
+		<rect x="{{.Badge.Label.Width}}" width="{{.Badge.Message.Width}}" height="20" fill="{{.Badge.Color}}" />
+		<rect width="{{.Badge.Width}}" height="20" fill="url(#{{.Badge.IDPrefix}}s)" />
+	</g>
+	<g fill="#fff" text-anchor="middle" font-family="{{.Badge.FontFamily}}"
+		text-rendering="geometricPrecision" font-size="{{.Badge.FontSize}}">
+		<text aria-hidden="true" x="{{.Badge.Label.X}}" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)"
+			textLength="{{.Badge.Label.TextLength}}">{{.Badge.Label.Text}}</text>
+		<text x="{{.Badge.Label.X}}" y="140"
+			transform="scale(.1)" fill="#fff" textLength="{{.Badge.Label.TextLength}}">{{.Badge.Label.Text}}</text>
+		<text aria-hidden="true" x="{{.Badge.Message.X}}" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)"
+			textLength="{{.Badge.Message.TextLength}}">{{.Badge.Message.Text}}</text>
+		<text x="{{.Badge.Message.X}}" y="140" transform="scale(.1)" fill="#fff"
+			textLength="{{.Badge.Message.TextLength}}">{{.Badge.Message.Text}}</text>
+	</g>
+</svg>
diff --git a/templates/shared/actions/runner_list.tmpl b/templates/shared/actions/runner_list.tmpl
index 6436643ee7..43321a8dc5 100644
--- a/templates/shared/actions/runner_list.tmpl
+++ b/templates/shared/actions/runner_list.tmpl
@@ -16,7 +16,7 @@
 					<div class="header">
 						Registration Token
 					</div>
-					<div class="ui input">
+					<div class="ui action input">
 						<input type="text" value="{{.RegistrationToken}}" readonly>
 						<button class="ui basic label button" aria-label="{{ctx.Locale.Tr "copy"}}" data-clipboard-text="{{.RegistrationToken}}">
 							{{svg "octicon-copy" 14}}
@@ -64,27 +64,23 @@
 				</tr>
 			</thead>
 			<tbody>
-				{{if .Runners}}
-					{{range .Runners}}
+				{{range .Runners}}
 					<tr>
-						<td>
-							<span class="ui {{if .IsOnline}}green{{end}} label">{{.StatusLocaleName ctx.Locale}}</span>
-						</td>
+						<td><span class="ui label {{if .IsOnline}}green{{end}}">{{.StatusLocaleName ctx.Locale}}</span></td>
 						<td>{{.ID}}</td>
 						<td><p data-tooltip-content="{{.Description}}">{{.Name}}</p></td>
 						<td>{{if .Version}}{{.Version}}{{else}}{{ctx.Locale.Tr "unknown"}}{{end}}</td>
 						<td><span data-tooltip-content="{{.BelongsToOwnerName}}">{{.BelongsToOwnerType.LocaleString ctx.Locale}}</span></td>
-						<td class="tw-flex tw-flex-wrap tw-gap-2 runner-tags">
-							{{range .AgentLabels}}<span class="ui label">{{.}}</span>{{end}}
+						<td>
+							<span class="flex-text-inline">{{range .AgentLabels}}<span class="ui label">{{.}}</span>{{end}}</span>
 						</td>
 						<td>{{if .LastOnline}}{{DateUtils.TimeSince .LastOnline}}{{else}}{{ctx.Locale.Tr "never"}}{{end}}</td>
-						<td class="runner-ops">
-							{{if .Editable $.RunnerOwnerID $.RunnerRepoID}}
-							<a href="{{$.Link}}/{{.ID}}">{{svg "octicon-pencil"}}</a>
+						<td>
+							{{if .EditableInContext $.RunnerOwnerID $.RunnerRepoID}}
+								<a href="{{$.Link}}/{{.ID}}">{{svg "octicon-pencil"}}</a>
 							{{end}}
 						</td>
 					</tr>
-					{{end}}
 				{{else}}
 					<tr>
 						<td class="tw-text-center" colspan="8">{{ctx.Locale.Tr "actions.runners.none"}}</td>
diff --git a/templates/shared/avatar_upload_crop.tmpl b/templates/shared/avatar_upload_crop.tmpl
index 2c4166fa9c..3bc012dd99 100644
--- a/templates/shared/avatar_upload_crop.tmpl
+++ b/templates/shared/avatar_upload_crop.tmpl
@@ -1,6 +1,6 @@
 {{- /* we do not need to set for/id here, global aria init code will add them automatically */ -}}
 <label>{{.LabelText}}</label>
-<input class="avatar-file-with-cropper" name="avatar" type="file" accept="image/png,image/jpeg,image/gif,image/webp">
+<input class="avatar-file-with-cropper" name="avatar" type="file" accept="image/png,image/jpeg,image/gif,image/webp" data-global-init="initAvatarUploader">
 {{- /* the cropper-panel must be next sibling of the input "avatar" */ -}}
 <div class="cropper-panel tw-hidden">
 	<div class="tw-my-2">{{ctx.Locale.Tr "settings.cropper_prompt"}}</div>
diff --git a/templates/shared/issuelist.tmpl b/templates/shared/issuelist.tmpl
index 30670c3b0f..98c26b32dc 100644
--- a/templates/shared/issuelist.tmpl
+++ b/templates/shared/issuelist.tmpl
@@ -3,11 +3,14 @@
 	{{range .Issues}}
 		<div class="flex-item">
 
-			<div class="flex-item-icon">
-				{{if $.CanWriteIssuesOrPulls}}
-				<input type="checkbox" autocomplete="off" class="issue-checkbox tw-mr-4" data-issue-id={{.ID}} aria-label="{{ctx.Locale.Tr "repo.issues.action_check"}} &quot;{{.Title}}&quot;">
-				{{end}}
-				{{template "shared/issueicon" .}}
+			<div class="flex-item-leading">
+				{{/* using some tw helpers is the only way to align the checkbox */}}
+				<div class="flex-text-inline tw-mt-[2px]">
+					{{if $.CanWriteIssuesOrPulls}}
+						<input type="checkbox" autocomplete="off" class="issue-checkbox tw-mr-[14px]" data-issue-id={{.ID}} aria-label="{{ctx.Locale.Tr "repo.issues.action_check"}} &quot;{{.Title}}&quot;">
+					{{end}}
+					{{template "shared/issueicon" .}}
+				</div>
 			</div>
 
 			<div class="flex-item-main">
@@ -19,7 +22,7 @@
 								{{template "repo/commit_statuses" dict "Status" (index $.CommitLastStatus .PullRequest.ID) "Statuses" (index $.CommitStatuses .PullRequest.ID)}}
 							{{end}}
 						{{end}}
-						<span class="labels-list tw-ml-1">
+						<span class="labels-list">
 							{{range .Labels}}
 								<a href="?q={{$.Keyword}}&type={{$.ViewType}}&state={{$.State}}&labels={{.ID}}{{if ne $.listType "milestone"}}&milestone={{$.MilestoneID}}{{end}}&assignee={{$.AssigneeID}}&poster={{$.PosterID}}{{if $.ShowArchivedLabels}}&archived=true{{end}}">{{ctx.RenderUtils.RenderLabel .}}</a>
 							{{end}}
diff --git a/templates/explore/repo_list.tmpl b/templates/shared/repo/list.tmpl
index 219b1255c0..2c8af14f9c 100644
--- a/templates/explore/repo_list.tmpl
+++ b/templates/shared/repo/list.tmpl
@@ -2,12 +2,16 @@
 	{{range .Repos}}
 		<div class="flex-item">
 			<div class="flex-item-leading">
-				{{template "repo/icon" .}}
+				{{if $.ShowRepoOwnerAvatar}}
+					{{ctx.AvatarUtils.Avatar .Owner 24}}
+				{{else}}
+					{{template "repo/icon" .}}
+				{{end}}
 			</div>
 			<div class="flex-item-main">
 				<div class="flex-item-header">
 					<div class="flex-item-title">
-						{{if and (or $.PageIsExplore $.PageIsProfileStarList) .Owner}}
+						{{if and $.ShowRepoOwnerOnList .Owner}}
 						<a class="text primary name" href="{{.Owner.HomeLink}}">{{.Owner.Name}}</a>/
 						{{end}}
 						<a class="text primary name" href="{{.Link}}">{{.Name}}</a>
@@ -39,12 +43,12 @@
 						{{end}}
 						{{if not $.DisableStars}}
 							<a class="flex-text-inline" href="{{.Link}}/stars">
-								<span aria-label="{{ctx.Locale.Tr "repo.stars"}}">{{svg "octicon-star" 16}}</span>
+								<span class="tw-contents" aria-label="{{ctx.Locale.Tr "repo.stars"}}">{{svg "octicon-star" 16}}</span>
 								<span {{if ge .NumStars 1000}}data-tooltip-content="{{.NumStars}}"{{end}}>{{CountFmt .NumStars}}</span>
 							</a>
 						{{end}}
 						<a class="flex-text-inline" href="{{.Link}}/forks">
-							<span aria-label="{{ctx.Locale.Tr "repo.forks"}}">{{svg "octicon-git-branch" 16}}</span>
+							<span class="tw-contents" aria-label="{{ctx.Locale.Tr "repo.forks"}}">{{svg "octicon-git-branch" 16}}</span>
 							<span {{if ge .NumForks 1000}}data-tooltip-content="{{.NumForks}}"{{end}}>{{CountFmt .NumForks}}</span>
 						</a>
 					</div>
diff --git a/templates/shared/repo_search.tmpl b/templates/shared/repo/search.tmpl
index 7fcb5d2361..a909061184 100644
--- a/templates/shared/repo_search.tmpl
+++ b/templates/shared/repo/search.tmpl
@@ -1,5 +1,5 @@
 <div class="ui small secondary filter menu">
-	<form id="repo-search-form" class="ui form ignore-dirty tw-flex-1 tw-flex tw-gap-x-2">
+	<form id="repo-search-form" class="ui form ignore-dirty tw-flex-1 tw-flex tw-items-center tw-gap-x-2">
 		{{if .Language}}<input type="hidden" name="language" value="{{.Language}}">{{end}}
 		{{if .PageIsExploreRepositories}}<input type="hidden" name="only_show_relevant" value="{{.OnlyShowRelevant}}">{{end}}
 		{{if .TabName}}<input type="hidden" name="tab" value="{{.TabName}}">{{end}}
diff --git a/templates/shared/secrets/add_list.tmpl b/templates/shared/secrets/add_list.tmpl
index 977f308b71..44305e9502 100644
--- a/templates/shared/secrets/add_list.tmpl
+++ b/templates/shared/secrets/add_list.tmpl
@@ -4,9 +4,13 @@
 		<button class="ui primary tiny button show-modal"
 			data-modal="#add-secret-modal"
 			data-modal-form.action="{{.Link}}"
-			data-modal-header="{{ctx.Locale.Tr "secrets.creation"}}"
+			data-modal-header="{{ctx.Locale.Tr "secrets.add_secret"}}"
+			data-modal-secret-name.value=""
+			data-modal-secret-name.read-only="false"
+			data-modal-secret-data=""
+			data-modal-secret-description=""
 		>
-			{{ctx.Locale.Tr "secrets.creation"}}
+			{{ctx.Locale.Tr "secrets.add_secret"}}
 		</button>
 	</div>
 </h4>
@@ -33,7 +37,19 @@
 				<span class="color-text-light-2">
 					{{ctx.Locale.Tr "settings.added_on" (DateUtils.AbsoluteShort .CreatedUnix)}}
 				</span>
-				<button class="ui btn interact-bg link-action tw-p-2"
+				<button class="btn interact-bg show-modal tw-p-2"
+					data-modal="#add-secret-modal"
+					data-modal-form.action="{{$.Link}}"
+					data-modal-header="{{ctx.Locale.Tr "secrets.edit_secret"}}"
+					data-tooltip-content="{{ctx.Locale.Tr "secrets.edit_secret"}}"
+					data-modal-secret-name.value="{{.Name}}"
+					data-modal-secret-name.read-only="true"
+					data-modal-secret-data=""
+					data-modal-secret-description="{{if .Description}}{{.Description}}{{end}}"
+				>
+					{{svg "octicon-pencil"}}
+				</button>
+				<button class="btn interact-bg link-action tw-p-2"
 					data-url="{{$.Link}}/delete?id={{.ID}}"
 					data-modal-confirm="{{ctx.Locale.Tr "secrets.deletion.description"}}"
 					data-tooltip-content="{{ctx.Locale.Tr "secrets.deletion"}}"
@@ -51,9 +67,7 @@
 
 {{/* Add secret dialog */}}
 <div class="ui small modal" id="add-secret-modal">
-	<div class="header">
-		<span id="actions-modal-header"></span>
-	</div>
+	<div class="header"></div>
 	<form class="ui form form-fetch-action" method="post">
 		<div class="content">
 			{{.CsrfTokenHtml}}
diff --git a/templates/shared/user/avatarlink.tmpl b/templates/shared/user/avatarlink.tmpl
index 5e3ed7a68c..5d56fef430 100644
--- a/templates/shared/user/avatarlink.tmpl
+++ b/templates/shared/user/avatarlink.tmpl
@@ -1 +1 @@
-<a class="avatar"{{if gt .user.ID 0}} href="{{.user.HomeLink}}"{{end}}>{{ctx.AvatarUtils.Avatar .user}}</a>
+<a class="avatar-with-link" {{if gt .user.ID 0}}href="{{.user.HomeLink}}"{{end}}>{{ctx.AvatarUtils.Avatar .user}}</a>
diff --git a/templates/shared/user/profile_big_avatar.tmpl b/templates/shared/user/profile_big_avatar.tmpl
index 91f04e0b53..1190dc54ec 100644
--- a/templates/shared/user/profile_big_avatar.tmpl
+++ b/templates/shared/user/profile_big_avatar.tmpl
@@ -103,7 +103,7 @@
 				<ul class="user-badges">
 				{{range .Badges}}
 					<li>
-						<img width="64" height="64" src="{{.ImageURL}}" alt="{{.Description}}" data-tooltip-content="{{.Description}}">
+						<img loading="lazy" width="64" height="64" src="{{.ImageURL}}" alt="{{.Description}}" data-tooltip-content="{{.Description}}">
 					</li>
 				{{end}}
 				</ul>
diff --git a/templates/shared/webhook/icon.tmpl b/templates/shared/webhook/icon.tmpl
index 245ed16505..105212eb56 100644
--- a/templates/shared/webhook/icon.tmpl
+++ b/templates/shared/webhook/icon.tmpl
@@ -5,23 +5,23 @@
 {{if eq .HookType "gitea"}}
 	{{svg "gitea-gitea" $size "img"}}
 {{else if eq .HookType "gogs"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/gogs.ico">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/gogs.ico">
 {{else if eq .HookType "slack"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/slack.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/slack.png">
 {{else if eq .HookType "discord"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/discord.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/discord.png">
 {{else if eq .HookType "dingtalk"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/dingtalk.ico">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/dingtalk.ico">
 {{else if eq .HookType "telegram"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/telegram.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/telegram.png">
 {{else if eq .HookType "msteams"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/msteams.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/msteams.png">
 {{else if eq .HookType "feishu"}}
 	{{svg "gitea-feishu" $size "img"}}
 {{else if eq .HookType "matrix"}}
 	{{svg "gitea-matrix" $size "img"}}
 {{else if eq .HookType "wechatwork"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/wechatwork.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/wechatwork.png">
 {{else if eq .HookType "packagist"}}
-	<img width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/packagist.png">
+	<img alt width="{{$size}}" height="{{$size}}" src="{{AssetUrlPrefix}}/img/packagist.png">
 {{end}}
diff --git a/templates/status/404.tmpl b/templates/status/404.tmpl
index 6cfc88a0d7..e83dcf463b 100644
--- a/templates/status/404.tmpl
+++ b/templates/status/404.tmpl
@@ -2,6 +2,7 @@
 <div role="main" aria-label="{{.Title}}" class="page-content {{if .IsRepo}}repository{{end}}">
 	{{if .IsRepo}}{{template "repo/header" .}}{{end}}
 	<div class="ui container">
+		{{template "base/alert" .}}
 		<div class="status-page-error">
 			<div class="status-page-error-title">404 Not Found</div>
 			<div class="tw-text-center">
diff --git a/templates/status/500.tmpl b/templates/status/500.tmpl
index 198f1ea898..6dfa2d8a8c 100644
--- a/templates/status/500.tmpl
+++ b/templates/status/500.tmpl
@@ -38,7 +38,7 @@
 					{{if .ErrorMsg}}
 					<div class="tw-mt-8">
 						<p>{{ctx.Locale.Tr "error.occurred"}}:</p>
-						<pre class="tw-whitespace-pre-wrap tw-break-all">{{.ErrorMsg}}</pre>
+						<pre class="tw-whitespace-pre-wrap tw-wrap-anywhere">{{.ErrorMsg}}</pre>
 					</div>
 					{{end}}
 					<div class="tw-mt-8 tw-text-center">
diff --git a/templates/status/503.tmpl b/templates/status/503.tmpl
new file mode 100644
index 0000000000..5b1db9fc07
--- /dev/null
+++ b/templates/status/503.tmpl
@@ -0,0 +1,12 @@
+{{template "base/head" .}}
+<div role="main" aria-label="503 Service Unavailable" class="page-content">
+	<div class="ui container">
+		<div class="status-page-error">
+			<div class="status-page-error-title">503 Service Unavailable</div>
+			<div class="tw-text-center">
+				<div class="tw-my-4">{{ctx.Locale.Tr "error503"}}</div>
+			</div>
+		</div>
+	</div>
+</div>
+{{template "base/footer" .}}
diff --git a/templates/swagger/ui.tmpl b/templates/swagger/ui.tmpl
index 9935ab9c5a..4ff3472807 100644
--- a/templates/swagger/ui.tmpl
+++ b/templates/swagger/ui.tmpl
@@ -5,8 +5,10 @@
 		<link href="{{AssetUrlPrefix}}/css/swagger.css?v={{AssetVersion}}" rel="stylesheet">
 	</head>
 	<body>
+		{{/* TODO: add Help & Glossary to help users understand the API, and explain some concepts like "Owner" */}}
 		<a class="swagger-back-link" href="{{AppSubUrl}}/">{{svg "octicon-reply"}}{{ctx.Locale.Tr "return_to_gitea"}}</a>
 		<div id="swagger-ui" data-source="{{AppSubUrl}}/swagger.{{.APIJSONVersion}}.json"></div>
+		<footer class="page-footer"></footer>
 		<script src="{{AssetUrlPrefix}}/js/swagger.js?v={{AssetVersion}}"></script>
 	</body>
 </html>
diff --git a/templates/swagger/v1_input.json b/templates/swagger/v1_input.json
index 1979febebb..e74c8fc9c4 100644
--- a/templates/swagger/v1_input.json
+++ b/templates/swagger/v1_input.json
@@ -1,6 +1,6 @@
 {
   "info": {
-    "version": "{{AppVer | JSEscape}}"
+    "version": "{{.SwaggerAppVer}}"
   },
-  "basePath": "{{AppSubUrl | JSEscape}}/api/v1"
+  "basePath": "{{.SwaggerAppSubUrl}}/api/v1"
 }
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 1efaf1a875..35c743dcd4 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -19,9 +19,9 @@
       "name": "MIT",
       "url": "http://opensource.org/licenses/MIT"
     },
-    "version": "{{AppVer | JSEscape}}"
+    "version": "{{.SwaggerAppVer}}"
   },
-  "basePath": "{{AppSubUrl | JSEscape}}/api/v1",
+  "basePath": "{{.SwaggerAppSubUrl}}/api/v1",
   "paths": {
     "/activitypub/user-id/{user-id}": {
       "get": {
@@ -75,6 +75,218 @@
         }
       }
     },
+    "/admin/actions/jobs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Lists all jobs",
+        "operationId": "listAdminWorkflowJobs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJobsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/admin/actions/runners": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Get all runners",
+        "operationId": "getAdminRunners",
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunnersResponse"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/admin/actions/runners/registration-token": {
+      "post": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Get an global actions runner registration token",
+        "operationId": "adminCreateRunnerRegistrationToken",
+        "responses": {
+          "200": {
+            "$ref": "#/responses/RegistrationToken"
+          }
+        }
+      }
+    },
+    "/admin/actions/runners/{runner_id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Get an global runner",
+        "operationId": "getAdminRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunner"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Delete an global runner",
+        "operationId": "deleteAdminRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "runner has been deleted"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/admin/actions/runs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Lists all runs",
+        "operationId": "listAdminWorkflowRuns",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "workflow event name",
+            "name": "event",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow branch",
+            "name": "branch",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggered by user",
+            "name": "actor",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggering sha of the workflow run",
+            "name": "head_sha",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowRunsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/admin/cron": {
       "get": {
         "produces": [
@@ -554,7 +766,7 @@
           },
           {
             "type": "string",
-            "description": "user's login name to search for",
+            "description": "identifier of the user, provided by the external authenticator",
             "name": "login_name",
             "in": "query"
           },
@@ -630,7 +842,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to delete",
+            "description": "username of the user to delete",
             "name": "username",
             "in": "path",
             "required": true
@@ -672,7 +884,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to edit",
+            "description": "username of the user whose data is to be edited",
             "name": "username",
             "in": "path",
             "required": true
@@ -714,7 +926,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose badges are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -744,7 +956,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user to whom a badge is to be added",
             "name": "username",
             "in": "path",
             "required": true
@@ -778,7 +990,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose badge is to be deleted",
             "name": "username",
             "in": "path",
             "required": true
@@ -820,7 +1032,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user who is to receive a public key",
             "name": "username",
             "in": "path",
             "required": true
@@ -859,7 +1071,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose public key is to be deleted",
             "name": "username",
             "in": "path",
             "required": true
@@ -902,7 +1114,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of the user that will own the created organization",
+            "description": "username of the user who will own the created organization",
             "name": "username",
             "in": "path",
             "required": true
@@ -942,7 +1154,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "existing username of user",
+            "description": "current username of the user",
             "name": "username",
             "in": "path",
             "required": true
@@ -985,7 +1197,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of the user. This user will own the created repository",
+            "description": "username of the user who will own the created repository",
             "name": "username",
             "in": "path",
             "required": true
@@ -1697,6 +1909,88 @@
         }
       }
     },
+    "/orgs/{org}/actions/jobs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Get org-level workflow jobs",
+        "operationId": "getOrgWorkflowJobs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJobsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/orgs/{org}/actions/runners": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Get org-level runners",
+        "operationId": "getOrgRunners",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunnersResponse"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/orgs/{org}/actions/runners/registration-token": {
       "get": {
         "produces": [
@@ -1721,6 +2015,180 @@
             "$ref": "#/responses/RegistrationToken"
           }
         }
+      },
+      "post": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Get an organization's actions runner registration token",
+        "operationId": "orgCreateRunnerRegistrationToken",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/RegistrationToken"
+          }
+        }
+      }
+    },
+    "/orgs/{org}/actions/runners/{runner_id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Get an org-level runner",
+        "operationId": "getOrgRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunner"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Delete an org-level runner",
+        "operationId": "deleteOrgRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "runner has been deleted"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/orgs/{org}/actions/runs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "organization"
+        ],
+        "summary": "Get org-level workflow runs",
+        "operationId": "getOrgWorkflowRuns",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "name of the organization",
+            "name": "org",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "workflow event name",
+            "name": "event",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow branch",
+            "name": "branch",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggered by user",
+            "name": "actor",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggering sha of the workflow run",
+            "name": "head_sha",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowRunsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
       }
     },
     "/orgs/{org}/actions/secrets": {
@@ -2025,16 +2493,16 @@
         ],
         "responses": {
           "201": {
-            "description": "response when creating an org-level variable"
-          },
-          "204": {
-            "description": "response when creating an org-level variable"
+            "description": "successfully created the org-level variable"
           },
           "400": {
             "$ref": "#/responses/error"
           },
-          "404": {
-            "$ref": "#/responses/notFound"
+          "409": {
+            "description": "variable name already exists."
+          },
+          "500": {
+            "$ref": "#/responses/error"
           }
         }
       },
@@ -2248,7 +2716,7 @@
           },
           {
             "type": "string",
-            "description": "user to check",
+            "description": "username of the user to check",
             "name": "username",
             "in": "path",
             "required": true
@@ -2279,7 +2747,7 @@
           },
           {
             "type": "string",
-            "description": "user to block",
+            "description": "username of the user to block",
             "name": "username",
             "in": "path",
             "required": true
@@ -2319,7 +2787,7 @@
           },
           {
             "type": "string",
-            "description": "user to unblock",
+            "description": "username of the user to unblock",
             "name": "username",
             "in": "path",
             "required": true
@@ -2790,7 +3258,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user to check for an organization membership",
             "name": "username",
             "in": "path",
             "required": true
@@ -2827,7 +3295,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user to remove from the organization",
             "name": "username",
             "in": "path",
             "required": true
@@ -2901,7 +3369,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user to check for a public organization membership",
             "name": "username",
             "in": "path",
             "required": true
@@ -2935,7 +3403,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user whose membership is to be publicized",
             "name": "username",
             "in": "path",
             "required": true
@@ -2972,7 +3440,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user whose membership is to be concealed",
             "name": "username",
             "in": "path",
             "required": true
@@ -3339,6 +3807,104 @@
         }
       }
     },
+    "/packages/{owner}/{type}/{name}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "package"
+        ],
+        "summary": "Gets all versions of a package",
+        "operationId": "listPackageVersions",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the package",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "type of the package",
+            "name": "type",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the package",
+            "name": "name",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/PackageList"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/packages/{owner}/{type}/{name}/-/latest": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "package"
+        ],
+        "summary": "Gets the latest version of a package",
+        "operationId": "getLatestPackageVersion",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the package",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "type of the package",
+            "name": "type",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the package",
+            "name": "name",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/Package"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/packages/{owner}/{type}/{name}/-/link/{repo_name}": {
       "post": {
         "tags": [
@@ -4019,7 +4585,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4064,7 +4630,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4108,7 +4674,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4154,7 +4720,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4187,6 +4753,194 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/actions/jobs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Lists all jobs for a repository",
+        "operationId": "listWorkflowJobs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJobsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/jobs/{job_id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Gets a specific workflow job for a workflow run",
+        "operationId": "getWorkflowJob",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the job",
+            "name": "job_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJob"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/jobs/{job_id}/logs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Downloads the job logs for a workflow run",
+        "operationId": "downloadActionsRunJobLogs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "id of the job",
+            "name": "job_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "output blob content"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/runners": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get repo-level runners",
+        "operationId": "getRepoRunners",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunnersResponse"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/actions/runners/registration-token": {
       "get": {
         "produces": [
@@ -4218,6 +4972,298 @@
             "$ref": "#/responses/RegistrationToken"
           }
         }
+      },
+      "post": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get a repository's actions runner registration token",
+        "operationId": "repoCreateRunnerRegistrationToken",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/RegistrationToken"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/runners/{runner_id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get an repo-level runner",
+        "operationId": "getRepoRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunner"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Delete an repo-level runner",
+        "operationId": "deleteRepoRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "runner has been deleted"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/runs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Lists all runs for a repository run",
+        "operationId": "getWorkflowRuns",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "workflow event name",
+            "name": "event",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow branch",
+            "name": "branch",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggered by user",
+            "name": "actor",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggering sha of the workflow run",
+            "name": "head_sha",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowRunsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/actions/runs/{run}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Gets a specific workflow run",
+        "operationId": "GetWorkflowRun",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "id of the run",
+            "name": "run",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowRun"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Delete a workflow run",
+        "operationId": "deleteActionRun",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "runid of the workflow run",
+            "name": "run",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
       }
     },
     "/repos/{owner}/{repo}/actions/runs/{run}/artifacts": {
@@ -4233,7 +5279,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4272,6 +5318,70 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/actions/runs/{run}/jobs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Lists all jobs for a workflow run",
+        "operationId": "listWorkflowRunJobs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repository",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "runid of the workflow run",
+            "name": "run",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJobsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/actions/secrets": {
       "get": {
         "produces": [
@@ -4285,7 +5395,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "owner of the repository",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4415,7 +5525,7 @@
         ],
         "responses": {
           "204": {
-            "description": "delete one secret of the organization"
+            "description": "delete one secret of the repository"
           },
           "400": {
             "$ref": "#/responses/error"
@@ -4499,7 +5609,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4550,7 +5660,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4594,7 +5704,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4648,7 +5758,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -4679,14 +5789,14 @@
           "201": {
             "description": "response when creating a repo-level variable"
           },
-          "204": {
-            "description": "response when creating a repo-level variable"
-          },
           "400": {
             "$ref": "#/responses/error"
           },
-          "404": {
-            "$ref": "#/responses/notFound"
+          "409": {
+            "description": "variable name already exists."
+          },
+          "500": {
+            "$ref": "#/responses/error"
           }
         }
       },
@@ -4702,7 +5812,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the owner",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -5820,7 +6930,7 @@
           },
           {
             "type": "string",
-            "description": "username of the collaborator",
+            "description": "username of the user to check for being a collaborator",
             "name": "collaborator",
             "in": "path",
             "required": true
@@ -5864,7 +6974,7 @@
           },
           {
             "type": "string",
-            "description": "username of the collaborator to add",
+            "description": "username of the user to add or update as a collaborator",
             "name": "collaborator",
             "in": "path",
             "required": true
@@ -5964,7 +7074,7 @@
           },
           {
             "type": "string",
-            "description": "username of the collaborator",
+            "description": "username of the collaborator whose permissions are to be obtained",
             "name": "collaborator",
             "in": "path",
             "required": true
@@ -6021,6 +7131,20 @@
             "in": "query"
           },
           {
+            "type": "string",
+            "format": "date-time",
+            "description": "Only commits after this date will be returned (ISO 8601 format)",
+            "name": "since",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "format": "date-time",
+            "description": "Only commits before this date will be returned (ISO 8601 format)",
+            "name": "until",
+            "in": "query"
+          },
+          {
             "type": "boolean",
             "description": "include diff stats for every commit (disable for speedup, default 'true')",
             "name": "stat",
@@ -6300,13 +7424,14 @@
     },
     "/repos/{owner}/{repo}/contents": {
       "get": {
+        "description": "This API follows GitHub's design, and it is not easy to use. Recommend users to use our \"contents-ext\" API instead.",
         "produces": [
           "application/json"
         ],
         "tags": [
           "repository"
         ],
-        "summary": "Gets the metadata of all the entries of the root dir",
+        "summary": "Gets the metadata of all the entries of the root dir.",
         "operationId": "repoGetContentsList",
         "parameters": [
           {
@@ -6325,7 +7450,7 @@
           },
           {
             "type": "string",
-            "description": "The name of the commit/branch/tag. Default the repository’s default branch (usually master)",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch.",
             "name": "ref",
             "in": "query"
           }
@@ -6394,15 +7519,72 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/contents-ext/{filepath}": {
+      "get": {
+        "description": "It guarantees that only one of the response fields is set if the request succeeds. Users can pass \"includes=file_content\" or \"includes=lfs_metadata\" to retrieve more fields. \"includes=file_content\" only works for single file, if you need to retrieve file contents in batch, use \"file-contents\" API after listing the directory.",
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "The extended \"contents\" API, to get file metadata and/or content, or list a directory.",
+        "operationId": "repoGetContentsExt",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "path of the dir, file, symlink or submodule in the repo. Swagger requires path parameter to be \"required\", you can leave it empty or pass a single dot (\".\") to get the root directory.",
+            "name": "filepath",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "the name of the commit/branch/tag, default to the repository’s default branch.",
+            "name": "ref",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "By default this API's response only contains file's metadata. Use comma-separated \"includes\" options to retrieve more fields. Option \"file_content\" will try to retrieve the file content, \"lfs_metadata\" will try to retrieve LFS metadata, \"commit_metadata\" will try to retrieve commit metadata, and \"commit_message\" will try to retrieve commit message.",
+            "name": "includes",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/ContentsExtResponse"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/contents/{filepath}": {
       "get": {
+        "description": "This API follows GitHub's design, and it is not easy to use. Recommend users to use the \"contents-ext\" API instead.",
         "produces": [
           "application/json"
         ],
         "tags": [
           "repository"
         ],
-        "summary": "Gets the metadata and contents (if a file) of an entry in a repository, or a list of entries if a dir",
+        "summary": "Gets the metadata and contents (if a file) of an entry in a repository, or a list of entries if a dir.",
         "operationId": "repoGetContents",
         "parameters": [
           {
@@ -6428,7 +7610,7 @@
           },
           {
             "type": "string",
-            "description": "The name of the commit/branch/tag. Default the repository’s default branch (usually master)",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch.",
             "name": "ref",
             "in": "query"
           }
@@ -6620,6 +7802,9 @@
           "404": {
             "$ref": "#/responses/error"
           },
+          "422": {
+            "$ref": "#/responses/error"
+          },
           "423": {
             "$ref": "#/responses/repoArchivedError"
           }
@@ -6710,7 +7895,7 @@
           },
           {
             "type": "string",
-            "description": "The name of the commit/branch/tag. Default the repository’s default branch (usually master)",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch.",
             "name": "ref",
             "in": "query"
           }
@@ -6725,6 +7910,105 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/file-contents": {
+      "get": {
+        "description": "See the POST method. This GET method supports using JSON encoded request body in query parameter.",
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get the metadata and contents of requested files",
+        "operationId": "repoGetFileContents",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch.",
+            "name": "ref",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "The JSON encoded body (see the POST request): {\"files\": [\"filename1\", \"filename2\"]}",
+            "name": "body",
+            "in": "query",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/ContentsListResponse"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "post": {
+        "description": "Uses automatic pagination based on default page size and max response size and returns the maximum allowed number of files. Files which could not be retrieved are null. Files which are too large are being returned with `encoding == null`, `content == null` and `size \u003e 0`, they can be requested separately by using the `download_url`.",
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get the metadata and contents of requested files",
+        "operationId": "repoGetFileContentsPost",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch.",
+            "name": "ref",
+            "in": "query"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/GetFilesOptions"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/ContentsListResponse"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/forks": {
       "get": {
         "produces": [
@@ -9946,6 +11230,111 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/issues/{index}/lock": {
+      "put": {
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "issue"
+        ],
+        "summary": "Lock an issue",
+        "operationId": "issueLockIssue",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "format": "int64",
+            "description": "index of the issue",
+            "name": "index",
+            "in": "path",
+            "required": true
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "schema": {
+              "$ref": "#/definitions/LockIssueOption"
+            }
+          }
+        ],
+        "responses": {
+          "204": {
+            "$ref": "#/responses/empty"
+          },
+          "403": {
+            "$ref": "#/responses/forbidden"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "issue"
+        ],
+        "summary": "Unlock an issue",
+        "operationId": "issueUnlockIssue",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "format": "int64",
+            "description": "index of the issue",
+            "name": "index",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "$ref": "#/responses/empty"
+          },
+          "403": {
+            "$ref": "#/responses/forbidden"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/issues/{index}/pin": {
       "post": {
         "tags": [
@@ -10307,7 +11696,7 @@
             "$ref": "#/responses/notFound"
           },
           "409": {
-            "description": "Cannot cancel a non existent stopwatch"
+            "description": "Cannot cancel a non-existent stopwatch"
           }
         }
       }
@@ -10413,7 +11802,7 @@
             "$ref": "#/responses/notFound"
           },
           "409": {
-            "description": "Cannot stop a non existent stopwatch"
+            "description": "Cannot stop a non-existent stopwatch"
           }
         }
       }
@@ -10562,7 +11951,7 @@
           },
           {
             "type": "string",
-            "description": "user to subscribe",
+            "description": "username of the user to subscribe the issue to",
             "name": "user",
             "in": "path",
             "required": true
@@ -10620,7 +12009,7 @@
           },
           {
             "type": "string",
-            "description": "user witch unsubscribe",
+            "description": "username of the user to unsubscribe from an issue",
             "name": "user",
             "in": "path",
             "required": true
@@ -11490,7 +12879,7 @@
           },
           {
             "type": "string",
-            "description": "The name of the commit/branch/tag. Default the repository’s default branch",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch",
             "name": "ref",
             "in": "query"
           }
@@ -12035,7 +13424,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "Owner of the repo",
+            "description": "owner of the repo",
             "name": "owner",
             "in": "path",
             "required": true
@@ -12069,6 +13458,7 @@
             "enum": [
               "oldest",
               "recentupdate",
+              "recentclose",
               "leastupdate",
               "mostcomment",
               "leastcomment",
@@ -13633,7 +15023,7 @@
           },
           {
             "type": "string",
-            "description": "The name of the commit/branch/tag. Default the repository’s default branch",
+            "description": "The name of the commit/branch/tag. Default to the repository’s default branch",
             "name": "ref",
             "in": "query"
           }
@@ -14361,6 +15751,42 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/signing-key.pub": {
+      "get": {
+        "produces": [
+          "text/plain"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get signing-key.pub for given repository",
+        "operationId": "repoSigningKeySSH",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "ssh public key",
+            "schema": {
+              "type": "string"
+            }
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/stargazers": {
       "get": {
         "produces": [
@@ -15395,7 +16821,7 @@
           },
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose tracked times are to be listed",
             "name": "user",
             "in": "path",
             "required": true
@@ -16037,7 +17463,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "name of the template repository owner",
+            "description": "owner of the template repository",
             "name": "template_owner",
             "in": "path",
             "required": true
@@ -16194,6 +17620,26 @@
         }
       }
     },
+    "/signing-key.pub": {
+      "get": {
+        "produces": [
+          "text/plain"
+        ],
+        "tags": [
+          "miscellaneous"
+        ],
+        "summary": "Get default signing-key.pub",
+        "operationId": "getSigningKeySSH",
+        "responses": {
+          "200": {
+            "description": "ssh public key",
+            "schema": {
+              "type": "string"
+            }
+          }
+        }
+      }
+    },
     "/teams/{id}": {
       "get": {
         "produces": [
@@ -16398,7 +17844,7 @@
           },
           {
             "type": "string",
-            "description": "username of the member to list",
+            "description": "username of the user whose data is to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -16433,7 +17879,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user to add",
+            "description": "username of the user to add to a team",
             "name": "username",
             "in": "path",
             "required": true
@@ -16471,7 +17917,7 @@
           },
           {
             "type": "string",
-            "description": "username of the user to remove",
+            "description": "username of the user to remove from a team",
             "name": "username",
             "in": "path",
             "required": true
@@ -16725,6 +18171,72 @@
         }
       }
     },
+    "/user/actions/jobs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get workflow jobs",
+        "operationId": "getUserWorkflowJobs",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowJobsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/user/actions/runners": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get user-level runners",
+        "operationId": "getUserRunners",
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunnersResponse"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
     "/user/actions/runners/registration-token": {
       "get": {
         "produces": [
@@ -16740,6 +18252,150 @@
             "$ref": "#/responses/RegistrationToken"
           }
         }
+      },
+      "post": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get an user's actions runner registration token",
+        "operationId": "userCreateRunnerRegistrationToken",
+        "responses": {
+          "200": {
+            "$ref": "#/responses/RegistrationToken"
+          }
+        }
+      }
+    },
+    "/user/actions/runners/{runner_id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get an user-level runner",
+        "operationId": "getUserRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/definitions/ActionRunner"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Delete an user-level runner",
+        "operationId": "deleteUserRunner",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "id of the runner",
+            "name": "runner_id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "runner has been deleted"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/user/actions/runs": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get workflow runs",
+        "operationId": "getUserWorkflowRuns",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "workflow event name",
+            "name": "event",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow branch",
+            "name": "branch",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "workflow status (pending, queued, in_progress, failure, success, skipped)",
+            "name": "status",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggered by user",
+            "name": "actor",
+            "in": "query"
+          },
+          {
+            "type": "string",
+            "description": "triggering sha of the workflow run",
+            "name": "head_sha",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page number of results to return (1-based)",
+            "name": "page",
+            "in": "query"
+          },
+          {
+            "type": "integer",
+            "description": "page size of results",
+            "name": "limit",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/WorkflowRunsList"
+          },
+          "400": {
+            "$ref": "#/responses/error"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
       }
     },
     "/user/actions/secrets/{secretname}": {
@@ -16961,16 +18617,13 @@
         ],
         "responses": {
           "201": {
-            "description": "response when creating a variable"
-          },
-          "204": {
-            "description": "response when creating a variable"
+            "description": "successfully created the user-level variable"
           },
           "400": {
             "$ref": "#/responses/error"
           },
-          "404": {
-            "$ref": "#/responses/notFound"
+          "409": {
+            "description": "variable name already exists."
           }
         }
       },
@@ -17243,7 +18896,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "user to check",
+            "description": "username of the user to check",
             "name": "username",
             "in": "path",
             "required": true
@@ -17267,7 +18920,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "user to block",
+            "description": "username of the user to block",
             "name": "username",
             "in": "path",
             "required": true
@@ -17300,7 +18953,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "user to unblock",
+            "description": "username of the user to unblock",
             "name": "username",
             "in": "path",
             "required": true
@@ -17462,7 +19115,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of followed user",
+            "description": "username of the user to check for authenticated followers",
             "name": "username",
             "in": "path",
             "required": true
@@ -17486,7 +19139,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to follow",
+            "description": "username of the user to follow",
             "name": "username",
             "in": "path",
             "required": true
@@ -17513,7 +19166,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to unfollow",
+            "description": "username of the user to unfollow",
             "name": "username",
             "in": "path",
             "required": true
@@ -18467,7 +20120,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to get",
+            "description": "username of the user whose data is to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18496,7 +20149,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose activity feeds are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18550,7 +20203,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose followers are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18591,7 +20244,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose followed users are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18629,14 +20282,14 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of following user",
+            "description": "username of the following user",
             "name": "username",
             "in": "path",
             "required": true
           },
           {
             "type": "string",
-            "description": "username of followed user",
+            "description": "username of the followed user",
             "name": "target",
             "in": "path",
             "required": true
@@ -18665,7 +20318,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose GPG key list is to be obtained",
             "name": "username",
             "in": "path",
             "required": true
@@ -18706,7 +20359,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user to get",
+            "description": "username of the user whose heatmap is to be obtained",
             "name": "username",
             "in": "path",
             "required": true
@@ -18735,7 +20388,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose public keys are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18782,7 +20435,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose organizations are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18823,7 +20476,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose permissions are to be obtained",
             "name": "username",
             "in": "path",
             "required": true
@@ -18862,7 +20515,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose owned repos are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18903,7 +20556,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose starred repos are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18947,7 +20600,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of the user",
+            "description": "username of the user whose watched repos are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -18988,7 +20641,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of to user whose access tokens are to be listed",
             "name": "username",
             "in": "path",
             "required": true
@@ -19030,7 +20683,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose token is to be created",
             "name": "username",
             "in": "path",
             "required": true
@@ -19069,7 +20722,7 @@
         "parameters": [
           {
             "type": "string",
-            "description": "username of user",
+            "description": "username of the user whose token is to be deleted",
             "name": "username",
             "in": "path",
             "required": true
@@ -19136,11 +20789,21 @@
       "type": "object",
       "title": "AccessToken represents an API access token.",
       "properties": {
+        "created_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Created"
+        },
         "id": {
           "type": "integer",
           "format": "int64",
           "x-go-name": "ID"
         },
+        "last_used_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Updated"
+        },
         "name": {
           "type": "string",
           "x-go-name": "Name"
@@ -19233,6 +20896,80 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "ActionRunner": {
+      "description": "ActionRunner represents a Runner",
+      "type": "object",
+      "properties": {
+        "busy": {
+          "type": "boolean",
+          "x-go-name": "Busy"
+        },
+        "ephemeral": {
+          "type": "boolean",
+          "x-go-name": "Ephemeral"
+        },
+        "id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "ID"
+        },
+        "labels": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionRunnerLabel"
+          },
+          "x-go-name": "Labels"
+        },
+        "name": {
+          "type": "string",
+          "x-go-name": "Name"
+        },
+        "status": {
+          "type": "string",
+          "x-go-name": "Status"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionRunnerLabel": {
+      "description": "ActionRunnerLabel represents a Runner Label",
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "ID"
+        },
+        "name": {
+          "type": "string",
+          "x-go-name": "Name"
+        },
+        "type": {
+          "type": "string",
+          "x-go-name": "Type"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionRunnersResponse": {
+      "description": "ActionRunnersResponse returns Runners",
+      "type": "object",
+      "properties": {
+        "runners": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionRunner"
+          },
+          "x-go-name": "Entries"
+        },
+        "total_count": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "TotalCount"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "ActionTask": {
       "description": "ActionTask represents a ActionTask",
       "type": "object",
@@ -19400,23 +21137,270 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "ActionWorkflowJob": {
+      "description": "ActionWorkflowJob represents a WorkflowJob",
+      "type": "object",
+      "properties": {
+        "completed_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "CompletedAt"
+        },
+        "conclusion": {
+          "type": "string",
+          "x-go-name": "Conclusion"
+        },
+        "created_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "CreatedAt"
+        },
+        "head_branch": {
+          "type": "string",
+          "x-go-name": "HeadBranch"
+        },
+        "head_sha": {
+          "type": "string",
+          "x-go-name": "HeadSha"
+        },
+        "html_url": {
+          "type": "string",
+          "x-go-name": "HTMLURL"
+        },
+        "id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "ID"
+        },
+        "labels": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "Labels"
+        },
+        "name": {
+          "type": "string",
+          "x-go-name": "Name"
+        },
+        "run_attempt": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "RunAttempt"
+        },
+        "run_id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "RunID"
+        },
+        "run_url": {
+          "type": "string",
+          "x-go-name": "RunURL"
+        },
+        "runner_id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "RunnerID"
+        },
+        "runner_name": {
+          "type": "string",
+          "x-go-name": "RunnerName"
+        },
+        "started_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "StartedAt"
+        },
+        "status": {
+          "type": "string",
+          "x-go-name": "Status"
+        },
+        "steps": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionWorkflowStep"
+          },
+          "x-go-name": "Steps"
+        },
+        "url": {
+          "type": "string",
+          "x-go-name": "URL"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionWorkflowJobsResponse": {
+      "description": "ActionWorkflowJobsResponse returns ActionWorkflowJobs",
+      "type": "object",
+      "properties": {
+        "jobs": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionWorkflowJob"
+          },
+          "x-go-name": "Entries"
+        },
+        "total_count": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "TotalCount"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionWorkflowResponse": {
+      "description": "ActionWorkflowResponse returns a ActionWorkflow",
+      "type": "object",
+      "properties": {
+        "total_count": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "TotalCount"
+        },
+        "workflows": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionWorkflow"
+          },
+          "x-go-name": "Workflows"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "ActionWorkflowRun": {
       "description": "ActionWorkflowRun represents a WorkflowRun",
       "type": "object",
       "properties": {
+        "actor": {
+          "$ref": "#/definitions/User"
+        },
+        "completed_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "CompletedAt"
+        },
+        "conclusion": {
+          "type": "string",
+          "x-go-name": "Conclusion"
+        },
+        "display_title": {
+          "type": "string",
+          "x-go-name": "DisplayTitle"
+        },
+        "event": {
+          "type": "string",
+          "x-go-name": "Event"
+        },
+        "head_branch": {
+          "type": "string",
+          "x-go-name": "HeadBranch"
+        },
+        "head_repository": {
+          "$ref": "#/definitions/Repository"
+        },
         "head_sha": {
           "type": "string",
           "x-go-name": "HeadSha"
         },
+        "html_url": {
+          "type": "string",
+          "x-go-name": "HTMLURL"
+        },
         "id": {
           "type": "integer",
           "format": "int64",
           "x-go-name": "ID"
         },
+        "path": {
+          "type": "string",
+          "x-go-name": "Path"
+        },
+        "repository": {
+          "$ref": "#/definitions/Repository"
+        },
         "repository_id": {
           "type": "integer",
           "format": "int64",
           "x-go-name": "RepositoryID"
+        },
+        "run_attempt": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "RunAttempt"
+        },
+        "run_number": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "RunNumber"
+        },
+        "started_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "StartedAt"
+        },
+        "status": {
+          "type": "string",
+          "x-go-name": "Status"
+        },
+        "trigger_actor": {
+          "$ref": "#/definitions/User"
+        },
+        "url": {
+          "type": "string",
+          "x-go-name": "URL"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionWorkflowRunsResponse": {
+      "description": "ActionWorkflowRunsResponse returns ActionWorkflowRuns",
+      "type": "object",
+      "properties": {
+        "total_count": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "TotalCount"
+        },
+        "workflow_runs": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ActionWorkflowRun"
+          },
+          "x-go-name": "Entries"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
+    "ActionWorkflowStep": {
+      "description": "ActionWorkflowStep represents a step of a WorkflowJob",
+      "type": "object",
+      "properties": {
+        "completed_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "CompletedAt"
+        },
+        "conclusion": {
+          "type": "string",
+          "x-go-name": "Conclusion"
+        },
+        "name": {
+          "type": "string",
+          "x-go-name": "Name"
+        },
+        "number": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "Number"
+        },
+        "started_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "StartedAt"
+        },
+        "status": {
+          "type": "string",
+          "x-go-name": "Status"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -19558,7 +21542,7 @@
           "x-go-name": "Time"
         },
         "user_name": {
-          "description": "User who spent the time (optional)",
+          "description": "username of the user who spent the time working on the issue (optional)",
           "type": "string",
           "x-go-name": "User"
         }
@@ -19905,7 +21889,7 @@
       ],
       "properties": {
         "content": {
-          "description": "new or updated file content, must be base64 encoded",
+          "description": "new or updated file content, it must be base64 encoded",
           "type": "string",
           "x-go-name": "ContentBase64"
         },
@@ -19915,11 +21899,13 @@
           "x-go-name": "FromPath"
         },
         "operation": {
-          "description": "indicates what to do with the file",
+          "description": "indicates what to do with the file: \"create\" for creating a new file, \"update\" for updating an existing file,\n\"upload\" for creating or updating a file, \"rename\" for renaming a file, and \"delete\" for deleting an existing file.",
           "type": "string",
           "enum": [
             "create",
             "update",
+            "upload",
+            "rename",
             "delete"
           ],
           "x-go-name": "Operation"
@@ -19930,7 +21916,7 @@
           "x-go-name": "Path"
         },
         "sha": {
-          "description": "sha is the SHA for the file that already exists, required for update or delete",
+          "description": "the blob ID (SHA) for the file that already exists, required for changing existing files",
           "type": "string",
           "x-go-name": "SHA"
         }
@@ -20046,7 +22032,17 @@
           "x-go-name": "SHA"
         },
         "state": {
-          "$ref": "#/definitions/CommitStatusState"
+          "type": "string",
+          "enum": [
+            "pending",
+            "success",
+            "error",
+            "failure",
+            "warning",
+            "skipped"
+          ],
+          "x-go-enum-desc": "pending CommitStatusPending  CommitStatusPending is for when the CommitStatus is Pending\nsuccess CommitStatusSuccess  CommitStatusSuccess is for when the CommitStatus is Success\nerror CommitStatusError  CommitStatusError is for when the CommitStatus is Error\nfailure CommitStatusFailure  CommitStatusFailure is for when the CommitStatus is Failure\nwarning CommitStatusWarning  CommitStatusWarning is for when the CommitStatus is Warning\nskipped CommitStatusSkipped  CommitStatusSkipped is for when CommitStatus is Skipped",
+          "x-go-name": "State"
         },
         "statuses": {
           "type": "array",
@@ -20274,7 +22270,17 @@
           "x-go-name": "ID"
         },
         "status": {
-          "$ref": "#/definitions/CommitStatusState"
+          "type": "string",
+          "enum": [
+            "pending",
+            "success",
+            "error",
+            "failure",
+            "warning",
+            "skipped"
+          ],
+          "x-go-enum-desc": "pending CommitStatusPending  CommitStatusPending is for when the CommitStatus is Pending\nsuccess CommitStatusSuccess  CommitStatusSuccess is for when the CommitStatus is Success\nerror CommitStatusError  CommitStatusError is for when the CommitStatus is Error\nfailure CommitStatusFailure  CommitStatusFailure is for when the CommitStatus is Failure\nwarning CommitStatusWarning  CommitStatusWarning is for when the CommitStatus is Warning\nskipped CommitStatusSkipped  CommitStatusSkipped is for when CommitStatus is Skipped",
+          "x-go-name": "State"
         },
         "target_url": {
           "type": "string",
@@ -20292,11 +22298,6 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
-    "CommitStatusState": {
-      "description": "CommitStatusState holds the state of a CommitStatus\nIt can be \"pending\", \"success\", \"error\" and \"failure\"",
-      "type": "string",
-      "x-go-package": "code.gitea.io/gitea/modules/structs"
-    },
     "CommitUser": {
       "type": "object",
       "title": "CommitUser contains information of a user in the context of a commit.",
@@ -20336,6 +22337,22 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "ContentsExtResponse": {
+      "type": "object",
+      "properties": {
+        "dir_contents": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ContentsResponse"
+          },
+          "x-go-name": "DirContents"
+        },
+        "file_contents": {
+          "$ref": "#/definitions/ContentsResponse"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "ContentsResponse": {
       "description": "ContentsResponse contains information about a repo's entry's (dir, file, symlink, submodule) metadata and content",
       "type": "object",
@@ -20365,10 +22382,33 @@
           "type": "string",
           "x-go-name": "HTMLURL"
         },
+        "last_author_date": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "LastAuthorDate"
+        },
+        "last_commit_message": {
+          "type": "string",
+          "x-go-name": "LastCommitMessage"
+        },
         "last_commit_sha": {
           "type": "string",
           "x-go-name": "LastCommitSHA"
         },
+        "last_committer_date": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "LastCommitterDate"
+        },
+        "lfs_oid": {
+          "type": "string",
+          "x-go-name": "LfsOid"
+        },
+        "lfs_size": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "LfsSize"
+        },
         "name": {
           "type": "string",
           "x-go-name": "Name"
@@ -20424,7 +22464,18 @@
           "items": {
             "type": "string"
           },
-          "x-go-name": "Scopes"
+          "x-go-name": "Scopes",
+          "example": [
+            "all",
+            "read:activitypub",
+            "read:issue",
+            "write:misc",
+            "read:notification",
+            "read:organization",
+            "read:package",
+            "read:repository",
+            "read:user"
+          ]
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -21030,6 +23081,7 @@
           "x-go-name": "RepoAdminChangeTeamAccess"
         },
         "username": {
+          "description": "username of the organization",
           "type": "string",
           "x-go-name": "UserName"
         },
@@ -21219,6 +23271,10 @@
           "type": "boolean",
           "x-go-name": "IsPrerelease"
         },
+        "tag_message": {
+          "type": "string",
+          "x-go-name": "TagMessage"
+        },
         "tag_name": {
           "type": "string",
           "x-go-name": "TagName"
@@ -21324,7 +23380,17 @@
           "x-go-name": "Description"
         },
         "state": {
-          "$ref": "#/definitions/CommitStatusState"
+          "type": "string",
+          "enum": [
+            "pending",
+            "success",
+            "error",
+            "failure",
+            "warning",
+            "skipped"
+          ],
+          "x-go-enum-desc": "pending CommitStatusPending  CommitStatusPending is for when the CommitStatus is Pending\nsuccess CommitStatusSuccess  CommitStatusSuccess is for when the CommitStatus is Success\nerror CommitStatusError  CommitStatusError is for when the CommitStatus is Error\nfailure CommitStatusFailure  CommitStatusFailure is for when the CommitStatus is Failure\nwarning CommitStatusWarning  CommitStatusWarning is for when the CommitStatus is Warning\nskipped CommitStatusSkipped  CommitStatusSkipped is for when CommitStatus is Skipped",
+          "x-go-name": "State"
         },
         "target_url": {
           "type": "string",
@@ -21466,7 +23532,9 @@
           "x-go-name": "FullName"
         },
         "login_name": {
+          "description": "identifier of the user, provided by the external authenticator (if configured)",
           "type": "string",
+          "default": "empty",
           "x-go-name": "LoginName"
         },
         "must_change_password": {
@@ -21491,6 +23559,7 @@
           "x-go-name": "SourceID"
         },
         "username": {
+          "description": "username of the user",
           "type": "string",
           "x-go-name": "Username"
         },
@@ -21620,7 +23689,7 @@
           "x-go-name": "NewBranchName"
         },
         "sha": {
-          "description": "sha is the SHA for the file that already exists",
+          "description": "the blob ID (SHA) for the file that already exists, it is required for changing existing files",
           "type": "string",
           "x-go-name": "SHA"
         },
@@ -22476,7 +24545,9 @@
           "x-go-name": "Location"
         },
         "login_name": {
+          "description": "identifier of the user, provided by the external authenticator (if configured)",
           "type": "string",
+          "default": "empty",
           "x-go-name": "LoginName"
         },
         "max_repo_creation": {
@@ -22535,6 +24606,7 @@
           "x-go-name": "UserID"
         },
         "username": {
+          "description": "username of the user",
           "type": "string",
           "x-go-name": "UserName"
         },
@@ -22796,6 +24868,11 @@
           "format": "int64",
           "x-go-name": "DefaultMaxBlobSize"
         },
+        "default_max_response_size": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "DefaultMaxResponseSize"
+        },
         "default_paging_num": {
           "type": "integer",
           "format": "int64",
@@ -22891,7 +24968,7 @@
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
     "GenerateRepoOption": {
-      "description": "GenerateRepoOption options when creating repository using a template",
+      "description": "GenerateRepoOption options when creating a repository using a template",
       "type": "object",
       "required": [
         "owner",
@@ -22929,13 +25006,12 @@
           "x-go-name": "Labels"
         },
         "name": {
-          "description": "Name of the repository to create",
           "type": "string",
           "uniqueItems": true,
           "x-go-name": "Name"
         },
         "owner": {
-          "description": "The organization or person who will own the new repository",
+          "description": "the organization's name or individual user's name who will own the new repository",
           "type": "string",
           "x-go-name": "Owner"
         },
@@ -22962,6 +25038,20 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "GetFilesOptions": {
+      "description": "GetFilesOptions options for retrieving metadate and content of multiple files",
+      "type": "object",
+      "properties": {
+        "files": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "Files"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "GitBlobResponse": {
       "description": "GitBlobResponse represents a git blob",
       "type": "object",
@@ -22974,6 +25064,15 @@
           "type": "string",
           "x-go-name": "Encoding"
         },
+        "lfs_oid": {
+          "type": "string",
+          "x-go-name": "LfsOid"
+        },
+        "lfs_size": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "LfsSize"
+        },
         "sha": {
           "type": "string",
           "x-go-name": "SHA"
@@ -23445,6 +25544,7 @@
           "x-go-name": "Index"
         },
         "owner": {
+          "description": "owner of the issue's repo",
           "type": "string",
           "x-go-name": "Owner"
         },
@@ -23616,6 +25716,17 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "LockIssueOption": {
+      "description": "LockIssueOption options to lock an issue",
+      "type": "object",
+      "properties": {
+        "lock_reason": {
+          "type": "string",
+          "x-go-name": "Reason"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "MarkdownOption": {
       "description": "MarkdownOption markdown options",
       "type": "object",
@@ -23719,6 +25830,10 @@
         "branch": {
           "type": "string",
           "x-go-name": "Branch"
+        },
+        "ff_only": {
+          "type": "boolean",
+          "x-go-name": "FfOnly"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -23814,7 +25929,7 @@
           "x-go-name": "RepoName"
         },
         "repo_owner": {
-          "description": "Name of User or Organisation who will own Repo after migration",
+          "description": "the organization's name or individual user's name who will own the migrated repository",
           "type": "string",
           "x-go-name": "RepoOwner"
         },
@@ -23828,12 +25943,13 @@
             "gogs",
             "onedev",
             "gitbucket",
-            "codebase"
+            "codebase",
+            "codecommit"
           ],
           "x-go-name": "Service"
         },
         "uid": {
-          "description": "deprecated (only for backwards compatibility)",
+          "description": "deprecated (only for backwards compatibility, use repo_owner instead)",
           "type": "integer",
           "format": "int64",
           "x-go-name": "RepoOwnerID"
@@ -24215,7 +26331,7 @@
           "x-go-name": "RepoAdminChangeTeamAccess"
         },
         "username": {
-          "description": "deprecated",
+          "description": "username of the organization\ndeprecated",
           "type": "string",
           "x-go-name": "UserName"
         },
@@ -24330,10 +26446,6 @@
       "description": "PackageFile represents a package file",
       "type": "object",
       "properties": {
-        "Size": {
-          "type": "integer",
-          "format": "int64"
-        },
         "id": {
           "type": "integer",
           "format": "int64",
@@ -24358,6 +26470,11 @@
         "sha512": {
           "type": "string",
           "x-go-name": "HashSHA512"
+        },
+        "size": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "Size"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -24458,6 +26575,7 @@
           "x-go-name": "Name"
         },
         "username": {
+          "description": "username of the user",
           "type": "string",
           "x-go-name": "UserName"
         }
@@ -24509,6 +26627,11 @@
           "type": "string",
           "x-go-name": "KeyType"
         },
+        "last_used_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Updated"
+        },
         "read_only": {
           "type": "boolean",
           "x-go-name": "ReadOnly"
@@ -25155,6 +27278,10 @@
           "type": "boolean",
           "x-go-name": "AllowFastForwardOnly"
         },
+        "allow_manual_merge": {
+          "type": "boolean",
+          "x-go-name": "AllowManualMerge"
+        },
         "allow_merge_commits": {
           "type": "boolean",
           "x-go-name": "AllowMerge"
@@ -25184,6 +27311,10 @@
           "format": "date-time",
           "x-go-name": "ArchivedAt"
         },
+        "autodetect_manual_merge": {
+          "type": "boolean",
+          "x-go-name": "AutodetectManualMerge"
+        },
         "avatar_url": {
           "type": "string",
           "x-go-name": "AvatarURL"
@@ -25908,6 +28039,7 @@
           "x-go-name": "UserID"
         },
         "user_name": {
+          "description": "username of the user",
           "type": "string",
           "x-go-name": "UserName"
         }
@@ -26011,7 +28143,7 @@
           "x-go-name": "NewBranchName"
         },
         "sha": {
-          "description": "sha is the SHA for the file that already exists",
+          "description": "the blob ID (SHA) for the file that already exists, it is required for changing existing files",
           "type": "string",
           "x-go-name": "SHA"
         },
@@ -26149,12 +28281,12 @@
           "x-go-name": "Location"
         },
         "login": {
-          "description": "the user's username",
+          "description": "login of the user, same as `username`",
           "type": "string",
           "x-go-name": "UserName"
         },
         "login_name": {
-          "description": "the user's authentication sign-in name.",
+          "description": "identifier of the user, provided by the external authenticator (if configured)",
           "type": "string",
           "default": "empty",
           "x-go-name": "LoginName"
@@ -26479,10 +28611,7 @@
     "ActionWorkflowList": {
       "description": "ActionWorkflowList",
       "schema": {
-        "type": "array",
-        "items": {
-          "$ref": "#/definitions/ActionWorkflow"
-        }
+        "$ref": "#/definitions/ActionWorkflowResponse"
       }
     },
     "ActivityFeedsList": {
@@ -26690,6 +28819,12 @@
         "$ref": "#/definitions/Compare"
       }
     },
+    "ContentsExtResponse": {
+      "description": "",
+      "schema": {
+        "$ref": "#/definitions/ContentsExtResponse"
+      }
+    },
     "ContentsListResponse": {
       "description": "ContentsListResponse",
       "schema": {
@@ -27254,6 +29389,18 @@
         }
       }
     },
+    "Runner": {
+      "description": "Runner",
+      "schema": {
+        "$ref": "#/definitions/ActionRunner"
+      }
+    },
+    "RunnerList": {
+      "description": "RunnerList",
+      "schema": {
+        "$ref": "#/definitions/ActionRunnersResponse"
+      }
+    },
     "SearchResults": {
       "description": "SearchResults",
       "schema": {
@@ -27464,6 +29611,30 @@
         }
       }
     },
+    "WorkflowJob": {
+      "description": "WorkflowJob",
+      "schema": {
+        "$ref": "#/definitions/ActionWorkflowJob"
+      }
+    },
+    "WorkflowJobsList": {
+      "description": "WorkflowJobsList",
+      "schema": {
+        "$ref": "#/definitions/ActionWorkflowJobsResponse"
+      }
+    },
+    "WorkflowRun": {
+      "description": "WorkflowRun",
+      "schema": {
+        "$ref": "#/definitions/ActionWorkflowRun"
+      }
+    },
+    "WorkflowRunsList": {
+      "description": "WorkflowRunsList",
+      "schema": {
+        "$ref": "#/definitions/ActionWorkflowRunsResponse"
+      }
+    },
     "conflict": {
       "description": "APIConflict is a conflict empty response"
     },
@@ -27512,7 +29683,7 @@
     "parameterBodies": {
       "description": "parameterBodies",
       "schema": {
-        "$ref": "#/definitions/UpdateVariableOption"
+        "$ref": "#/definitions/LockIssueOption"
       }
     },
     "redirect": {
diff --git a/templates/user/auth/oidc_wellknown.tmpl b/templates/user/auth/oidc_wellknown.tmpl
index 54bb4a763d..52c9a1b788 100644
--- a/templates/user/auth/oidc_wellknown.tmpl
+++ b/templates/user/auth/oidc_wellknown.tmpl
@@ -1,16 +1,16 @@
 {
-    "issuer": "{{AppUrl | JSEscape}}",
-    "authorization_endpoint": "{{AppUrl | JSEscape}}login/oauth/authorize",
-    "token_endpoint": "{{AppUrl | JSEscape}}login/oauth/access_token",
-    "jwks_uri": "{{AppUrl | JSEscape}}login/oauth/keys",
-    "userinfo_endpoint": "{{AppUrl | JSEscape}}login/oauth/userinfo",
-    "introspection_endpoint": "{{AppUrl | JSEscape}}login/oauth/introspect",
+    "issuer": "{{.OidcIssuer}}",
+    "authorization_endpoint": "{{.OidcBaseUrl}}/login/oauth/authorize",
+    "token_endpoint": "{{.OidcBaseUrl}}/login/oauth/access_token",
+    "jwks_uri": "{{.OidcBaseUrl}}/login/oauth/keys",
+    "userinfo_endpoint": "{{.OidcBaseUrl}}/login/oauth/userinfo",
+    "introspection_endpoint": "{{.OidcBaseUrl}}/login/oauth/introspect",
     "response_types_supported": [
         "code",
         "id_token"
     ],
     "id_token_signing_alg_values_supported": [
-        "{{.SigningKey.SigningMethod.Alg | JSEscape}}"
+        "{{.SigningKeyMethodAlg}}"
     ],
     "subject_types_supported": [
         "public"
diff --git a/templates/user/auth/signup_inner.tmpl b/templates/user/auth/signup_inner.tmpl
index d66568199d..a3f6e1471f 100644
--- a/templates/user/auth/signup_inner.tmpl
+++ b/templates/user/auth/signup_inner.tmpl
@@ -7,6 +7,9 @@
 		{{end}}
 	</h4>
 	<div class="ui attached segment">
+		{{if .IsFirstTimeRegistration}}
+			<p>{{ctx.Locale.Tr "auth.sign_up_tip"}}</p>
+		{{end}}
 		<form class="ui form" action="{{.SignUpLink}}" method="post">
 			{{.CsrfTokenHtml}}
 			{{if or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeRegister)}}
diff --git a/templates/user/dashboard/feeds.tmpl b/templates/user/dashboard/feeds.tmpl
index 47686dd442..37dede7af6 100644
--- a/templates/user/dashboard/feeds.tmpl
+++ b/templates/user/dashboard/feeds.tmpl
@@ -91,10 +91,10 @@
 						{{range $push.Commits}}
 							{{$commitLink := printf "%s/commit/%s" $repoLink .Sha1}}
 							<div class="flex-text-block">
-								<img class="ui avatar" src="{{$push.AvatarLink ctx .AuthorEmail}}" title="{{.AuthorName}}" width="16" height="16">
+								<img loading="lazy" alt class="ui avatar" src="{{$push.AvatarLink ctx .AuthorEmail}}" title="{{.AuthorName}}" width="16" height="16">
 								<a class="ui sha label" href="{{$commitLink}}">{{ShortSha .Sha1}}</a>
 								<span class="text truncate">
-									{{ctx.RenderUtils.RenderCommitMessage .Message ($repo.ComposeMetas ctx)}}
+									{{ctx.RenderUtils.RenderCommitMessage .Message $repo}}
 								</span>
 							</div>
 						{{end}}
diff --git a/templates/user/dashboard/milestones.tmpl b/templates/user/dashboard/milestones.tmpl
index d0fe0abbc9..15b1b9e30b 100644
--- a/templates/user/dashboard/milestones.tmpl
+++ b/templates/user/dashboard/milestones.tmpl
@@ -116,7 +116,7 @@
 											{{ctx.Locale.Tr "repo.milestones.closed" $closedDate}}
 										{{else}}
 											{{if .DeadlineString}}
-												<span{{if .IsOverdue}} class="text red"{{end}}>
+												<span class="flex-text-inline {{if .IsOverdue}}text red{{end}}">
 													{{svg "octicon-calendar" 14}}
 													{{DateUtils.AbsoluteShort (.DeadlineString|DateUtils.ParseLegacy)}}
 												</span>
diff --git a/templates/user/dashboard/navbar.tmpl b/templates/user/dashboard/navbar.tmpl
index a828bc90e4..7eb845833f 100644
--- a/templates/user/dashboard/navbar.tmpl
+++ b/templates/user/dashboard/navbar.tmpl
@@ -2,32 +2,32 @@
 	<div class="ui secondary stackable menu">
 		<div class="item">
 			<div class="ui floating dropdown jump">
-				<span class="text truncated-item-container">
+				<span class="text">
 					{{ctx.AvatarUtils.Avatar .ContextUser 24 "tw-mr-1"}}
-					<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+					<span class="gt-ellipsis">{{.ContextUser.ShortName 40}}</span>
 					<span class="org-visibility">
 						{{if .ContextUser.Visibility.IsLimited}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.limited_shortname"}}</div>{{end}}
 						{{if .ContextUser.Visibility.IsPrivate}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.private_shortname"}}</div>{{end}}
 					</span>
 					{{svg "octicon-triangle-down" 14 "dropdown icon tw-ml-1"}}
 				</span>
-				<div class="context user overflow menu">
+				<div class="menu context-user-switch">
 					<div class="header">
 						{{ctx.Locale.Tr "home.switch_dashboard_context"}}
 					</div>
-					<div class="scrolling menu items">
-						<a class="{{if eq .ContextUser.ID .SignedUser.ID}}active selected{{end}} item truncated-item-container" href="{{AppSubUrl}}/{{if .PageIsIssues}}issues{{else if .PageIsPulls}}pulls{{else if .PageIsMilestonesDashboard}}milestones{{end}}">
+					<div class="scrolling menu">
+						<a class="{{if eq .ContextUser.ID .SignedUser.ID}}active selected{{end}} item" href="{{AppSubUrl}}/{{if .PageIsIssues}}issues{{else if .PageIsPulls}}pulls{{else if .PageIsMilestonesDashboard}}milestones{{end}}">
 							{{ctx.AvatarUtils.Avatar .SignedUser}}
-							<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+							<span class="gt-ellipsis">{{.SignedUser.ShortName 40}}</span>
 							<span class="org-visibility">
 								{{if .SignedUser.Visibility.IsLimited}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.limited_shortname"}}</div>{{end}}
 								{{if .SignedUser.Visibility.IsPrivate}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.private_shortname"}}</div>{{end}}
 							</span>
 						</a>
 						{{range .Orgs}}
-							<a class="{{if eq $.ContextUser.ID .ID}}active selected{{end}} item truncated-item-container" title="{{.Name}}" href="{{.OrganisationLink}}/{{if $.PageIsIssues}}issues{{else if $.PageIsPulls}}pulls{{else if $.PageIsMilestonesDashboard}}milestones{{else}}dashboard{{end}}">
+							<a class="{{if eq $.ContextUser.ID .ID}}active selected{{end}} item" title="{{.Name}}" href="{{.OrganisationLink}}/{{if $.PageIsIssues}}issues{{else if $.PageIsPulls}}pulls{{else if $.PageIsMilestonesDashboard}}milestones{{else}}dashboard{{end}}">
 								{{ctx.AvatarUtils.Avatar .}}
-								<span class="truncated-item-name">{{.ShortName 40}}</span>
+								<span class="gt-ellipsis">{{.ShortName 40}}</span>
 								<span class="org-visibility">
 									{{if .Visibility.IsLimited}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.limited_shortname"}}</div>{{end}}
 									{{if .Visibility.IsPrivate}}<div class="ui basic tiny horizontal label">{{ctx.Locale.Tr "org.settings.visibility.private_shortname"}}</div>{{end}}
@@ -37,7 +37,7 @@
 					</div>
 					{{if .SignedUser.CanCreateOrganization}}
 					<a class="item" href="{{AppSubUrl}}/org/create">
-						{{svg "octicon-plus"}}&nbsp;&nbsp;&nbsp;{{ctx.Locale.Tr "new_org"}}
+						{{svg "octicon-plus" 16 "tw-ml-1 tw-mr-5"}}{{ctx.Locale.Tr "new_org"}}
 					</a>
 					{{end}}
 				</div>
@@ -77,7 +77,7 @@
 		{{end}}
 
 	{{if .ContextUser.IsOrganization}}
-		<div class="right menu">
+		<div class="right menu tw-flex-wrap tw-justify-end">
 			<a class="{{if .PageIsNews}}active {{end}}item tw-ml-auto" href="{{.ContextUser.DashboardLink}}{{if .Team}}/{{PathEscape .Team.Name}}{{end}}">
 				{{svg "octicon-rss"}}&nbsp;{{ctx.Locale.Tr "activities"}}
 			</a>
@@ -98,7 +98,7 @@
 			{{end}}
 			<div class="item">
 				<a class="ui primary basic button" href="{{.ContextUser.HomeLink}}" title="{{ctx.Locale.Tr "home.view_home" .ContextUser.Name}}">
-					{{ctx.Locale.Tr "home.view_home" (.ContextUser.ShortName 40)}}
+					{{ctx.Locale.Tr "home.view_home" (.ContextUser.ShortName 20)}}
 				</a>
 			</div>
 		</div>
diff --git a/templates/user/notification/notification_div.tmpl b/templates/user/notification/notification_div.tmpl
index 0d2371a358..b9faba2b90 100644
--- a/templates/user/notification/notification_div.tmpl
+++ b/templates/user/notification/notification_div.tmpl
@@ -1,124 +1,96 @@
 <div role="main" aria-label="{{.Title}}" class="page-content user notification" id="notification_div" data-sequence-number="{{.SequenceNumber}}">
 	<div class="ui container">
-		{{$notificationUnreadCount := call .NotificationUnreadCount}}
-		<div class="tw-flex tw-items-center tw-justify-between tw-mb-[--page-spacing]">
+		{{$statusUnread := 1}}{{$statusRead := 2}}{{$statusPinned := 3}}
+		{{$notificationUnreadCount := call .PageGlobalData.GetNotificationUnreadCount}}
+		{{$pageTypeIsRead := eq $.PageType "read"}}
+		<div class="flex-text-block tw-justify-between tw-mb-[--page-spacing]">
 			<div class="small-menu-items ui compact tiny menu">
-				<a class="{{if eq .Status 1}}active {{end}}item" href="{{AppSubUrl}}/notifications?q=unread">
+				<a class="{{if not $pageTypeIsRead}}active{{end}} item" href="{{AppSubUrl}}/notifications?type=unread">
 					{{ctx.Locale.Tr "notification.unread"}}
 					<div class="notifications-unread-count ui label {{if not $notificationUnreadCount}}tw-hidden{{end}}">{{$notificationUnreadCount}}</div>
 				</a>
-				<a class="{{if eq .Status 2}}active {{end}}item" href="{{AppSubUrl}}/notifications?q=read">
+				<a class="{{if $pageTypeIsRead}}active{{end}} item" href="{{AppSubUrl}}/notifications?type=read">
 					{{ctx.Locale.Tr "notification.read"}}
 				</a>
 			</div>
-			{{if and (eq .Status 1)}}
+			{{if and (not $pageTypeIsRead) $notificationUnreadCount}}
 				<form action="{{AppSubUrl}}/notifications/purge" method="post">
 					{{$.CsrfTokenHtml}}
-					<div class="{{if not $notificationUnreadCount}}tw-hidden{{end}}">
-						<button class="ui mini button primary tw-mr-0" title="{{ctx.Locale.Tr "notification.mark_all_as_read"}}">
-							{{svg "octicon-checklist"}}
-						</button>
-					</div>
+					<button class="ui mini button primary tw-mr-0" title="{{ctx.Locale.Tr "notification.mark_all_as_read"}}">
+						{{svg "octicon-checklist"}}
+					</button>
 				</form>
 			{{end}}
 		</div>
-		<div class="tw-p-0">
-			<div id="notification_table">
-				{{if not .Notifications}}
-					<div class="tw-flex tw-items-center tw-flex-col tw-p-4">
-						{{svg "octicon-inbox" 56 "tw-mb-4"}}
-						{{if eq .Status 1}}
-							{{ctx.Locale.Tr "notification.no_unread"}}
+		<div id="notification_table">
+			{{range $one := .Notifications}}
+				<div class="notifications-item" id="notification_{{$one.ID}}" data-status="{{$one.Status}}">
+					<div class="tw-self-start tw-mt-[2px]">
+						{{if $one.Issue}}
+							{{template "shared/issueicon" $one.Issue}}
 						{{else}}
-							{{ctx.Locale.Tr "notification.no_read"}}
+							{{svg "octicon-repo" 16 "text grey"}}
 						{{end}}
 					</div>
-				{{else}}
-					{{range $notification := .Notifications}}
-						<div class="notifications-item tw-flex tw-items-center tw-flex-wrap tw-gap-2 tw-p-2" id="notification_{{.ID}}" data-status="{{.Status}}">
-							<div class="notifications-icon tw-ml-2 tw-mr-1 tw-self-start tw-mt-1">
-								{{if .Issue}}
-									{{template "shared/issueicon" .Issue}}
-								{{else}}
-									{{svg "octicon-repo" 16 "text grey"}}
-								{{end}}
-							</div>
-							<a class="notifications-link tw-flex tw-flex-1 tw-flex-col silenced" href="{{.Link ctx}}">
-								<div class="notifications-top-row tw-text-13 tw-break-anywhere">
-									{{.Repository.FullName}} {{if .Issue}}<span class="text light-3">#{{.Issue.Index}}</span>{{end}}
-									{{if eq .Status 3}}
-										{{svg "octicon-pin" 13 "text blue tw-mt-0.5 tw-ml-1"}}
-									{{end}}
-								</div>
-								<div class="notifications-bottom-row tw-text-16 tw-py-0.5">
-									<span class="issue-title tw-break-anywhere">
-										{{if .Issue}}
-											{{.Issue.Title | ctx.RenderUtils.RenderIssueSimpleTitle}}
-										{{else}}
-											{{.Repository.FullName}}
-										{{end}}
-									</span>
-								</div>
-							</a>
-							<div class="notifications-updated tw-items-center tw-mr-2">
-								{{if .Issue}}
-									{{DateUtils.TimeSince .Issue.UpdatedUnix}}
-								{{else}}
-									{{DateUtils.TimeSince .UpdatedUnix}}
-								{{end}}
-							</div>
-							<div class="notifications-buttons tw-items-center tw-justify-end tw-gap-1 tw-px-1">
-								{{if ne .Status 3}}
-									<form action="{{AppSubUrl}}/notifications/status" method="post">
-										{{$.CsrfTokenHtml}}
-										<input type="hidden" name="notification_id" value="{{.ID}}">
-										<input type="hidden" name="status" value="pinned">
-										<button class="btn interact-bg tw-p-2" title="{{ctx.Locale.Tr "notification.pin"}}"
-											data-url="{{AppSubUrl}}/notifications/status"
-											data-status="pinned"
-											data-page="{{$.Page.Paginater.Current}}"
-											data-notification-id="{{.ID}}"
-											data-q="{{$.Keyword}}">
-											{{svg "octicon-pin"}}
-										</button>
-									</form>
-								{{end}}
-								{{if or (eq .Status 1) (eq .Status 3)}}
-									<form action="{{AppSubUrl}}/notifications/status" method="post">
-										{{$.CsrfTokenHtml}}
-										<input type="hidden" name="notification_id" value="{{.ID}}">
-										<input type="hidden" name="status" value="read">
-										<input type="hidden" name="page" value="{{$.Page.Paginater.Current}}">
-										<button class="btn interact-bg tw-p-2" title="{{ctx.Locale.Tr "notification.mark_as_read"}}"
-											data-url="{{AppSubUrl}}/notifications/status"
-											data-status="read"
-											data-page="{{$.Page.Paginater.Current}}"
-											data-notification-id="{{.ID}}"
-											data-q="{{$.Keyword}}">
-											{{svg "octicon-check"}}
-										</button>
-									</form>
-								{{else if eq .Status 2}}
-									<form action="{{AppSubUrl}}/notifications/status" method="post">
-										{{$.CsrfTokenHtml}}
-										<input type="hidden" name="notification_id" value="{{.ID}}">
-										<input type="hidden" name="status" value="unread">
-										<input type="hidden" name="page" value="{{$.Page.Paginater.Current}}">
-										<button class="btn interact-bg tw-p-2" title="{{ctx.Locale.Tr "notification.mark_as_unread"}}"
-											data-url="{{AppSubUrl}}/notifications/status"
-											data-status="unread"
-											data-page="{{$.Page.Paginater.Current}}"
-											data-notification-id="{{.ID}}"
-											data-q="{{$.Keyword}}">
-											{{svg "octicon-bell"}}
-										</button>
-									</form>
-								{{end}}
-							</div>
+					<a class="notifications-link silenced tw-flex-1" href="{{$one.Link ctx}}">
+						<div class="flex-text-block tw-text-[0.95em]">
+							{{$one.Repository.FullName}} {{if $one.Issue}}<span class="text light-3">#{{$one.Issue.Index}}</span>{{end}}
+							{{if eq $one.Status $statusPinned}}
+								{{svg "octicon-pin" 13 "text blue"}}
+							{{end}}
+						</div>
+						<div class="tw-text-16 tw-py-0.5">
+							{{if $one.Issue}}
+								{{$one.Issue.Title | ctx.RenderUtils.RenderIssueSimpleTitle}}
+							{{else}}
+								{{$one.Repository.FullName}}
+							{{end}}
 						</div>
+					</a>
+					<div class="notifications-updated flex-text-inline">
+						{{if $one.Issue}}
+							{{DateUtils.TimeSince $one.Issue.UpdatedUnix}}
+						{{else}}
+							{{DateUtils.TimeSince $one.UpdatedUnix}}
+						{{end}}
+					</div>
+					<form class="notifications-buttons" action="{{AppSubUrl}}/notifications/status?type={{$.PageType}}&page={{$.Page.Paginater.Current}}&perPage={{$.Page.Paginater.PagingNum}}" method="post"
+								hx-boost="true" hx-target="#notification_div" hx-swap="outerHTML"
+					>
+						{{$.CsrfTokenHtml}}
+						<input type="hidden" name="notification_id" value="{{$one.ID}}">
+						{{if ne $one.Status $statusPinned}}
+							<button class="btn interact-bg tw-p-2" data-tooltip-content="{{ctx.Locale.Tr "notification.pin"}}"
+											name="notification_action" value="pin"
+							>
+								{{svg "octicon-pin"}}
+							</button>
+						{{end}}
+						{{if or (eq $one.Status $statusUnread) (eq $one.Status $statusPinned)}}
+							<button class="btn interact-bg tw-p-2" data-tooltip-content="{{ctx.Locale.Tr "notification.mark_as_read"}}"
+											name="notification_action" value="mark_as_read"
+							>
+								{{svg "octicon-check"}}
+							</button>
+						{{else if eq $one.Status $statusRead}}
+							<button class="btn interact-bg tw-p-2" data-tooltip-content="{{ctx.Locale.Tr "notification.mark_as_unread"}}"
+											name="notification_action" value="mark_as_unread"
+							>
+								{{svg "octicon-bell"}}
+							</button>
+						{{end}}
+					</form>
+				</div>
+			{{else}}
+				<div class="empty-placeholder">
+					{{svg "octicon-inbox" 56 "tw-mb-4"}}
+					{{if $pageTypeIsRead}}
+						{{ctx.Locale.Tr "notification.no_read"}}
+					{{else}}
+						{{ctx.Locale.Tr "notification.no_unread"}}
 					{{end}}
-				{{end}}
-			</div>
+				</div>
+			{{end}}
 		</div>
 		{{template "base/paginate" .}}
 	</div>
diff --git a/templates/user/notification/notification_subscriptions.tmpl b/templates/user/notification/notification_subscriptions.tmpl
index 6ef53ab654..e4dd27e63b 100644
--- a/templates/user/notification/notification_subscriptions.tmpl
+++ b/templates/user/notification/notification_subscriptions.tmpl
@@ -69,8 +69,8 @@
 					{{template "shared/issuelist" dict "." . "listType" "dashboard"}}
 				{{end}}
 			{{else}}
-				{{template "shared/repo_search" .}}
-				{{template "explore/repo_list" .}}
+				{{template "shared/repo/search" .}}
+				{{template "shared/repo/list" .}}
 				{{template "base/paginate" .}}
 			{{end}}
 		</div>
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index e5c3412ddd..74a53b937d 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -17,8 +17,8 @@
 					{{template "user/dashboard/feeds" .}}
 				{{else if eq .TabName "stars"}}
 					<div class="stars">
-						{{template "shared/repo_search" .}}
-						{{template "explore/repo_list" .}}
+						{{template "shared/repo/search" .}}
+						{{template "shared/repo/list" .}}
 						{{template "base/paginate" .}}
 					</div>
 				{{else if eq .TabName "following"}}
@@ -30,8 +30,8 @@
 				{{else if eq .TabName "organizations"}}
 					{{template "repo/user_cards" .}}
 				{{else}}
-					{{template "shared/repo_search" .}}
-					{{template "explore/repo_list" .}}
+					{{template "shared/repo/search" .}}
+					{{template "shared/repo/list" .}}
 					{{template "base/paginate" .}}
 				{{end}}
 			</div>
diff --git a/templates/user/settings/account.tmpl b/templates/user/settings/account.tmpl
index 27b0ef10c7..7dbac0ebd4 100644
--- a/templates/user/settings/account.tmpl
+++ b/templates/user/settings/account.tmpl
@@ -35,35 +35,12 @@
 			{{end}}
 		</div>
 
-		{{if not (and ($.UserDisabledFeatures.Contains "manage_credentials") (not $.EnableNotifyMail))}}
+		{{if not ($.UserDisabledFeatures.Contains "manage_credentials")}}
 		<h4 class="ui top attached header">
 			{{ctx.Locale.Tr "settings.manage_emails"}}
 		</h4>
 		<div class="ui attached segment">
 			<div class="ui list flex-items-block">
-				{{if $.EnableNotifyMail}}
-				<div class="item">
-					<div class="tw-mb-2">{{ctx.Locale.Tr "settings.email_desc"}}</div>
-					<form action="{{AppSubUrl}}/user/settings/account/email" class="ui form" method="post">
-						{{$.CsrfTokenHtml}}
-						<input name="_method" type="hidden" value="NOTIFICATION">
-						<div class="tw-flex tw-flex-wrap tw-gap-2">
-							<div class="ui selection dropdown">
-								<input name="preference" type="hidden" value="{{.EmailNotificationsPreference}}">
-								{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-								<div class="text"></div>
-								<div class="menu">
-									<div data-value="enabled" class="{{if eq .EmailNotificationsPreference "enabled"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.enable"}}</div>
-									<div data-value="andyourown" class="{{if eq .EmailNotificationsPreference "andyourown"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.andyourown"}}</div>
-									<div data-value="onmention" class="{{if eq .EmailNotificationsPreference "onmention"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.onmention"}}</div>
-									<div data-value="disabled" class="{{if eq .EmailNotificationsPreference "disabled"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.disable"}}</div>
-								</div>
-							</div>
-							<button class="ui primary button">{{ctx.Locale.Tr "settings.email_notifications.submit"}}</button>
-						</div>
-					</form>
-				</div>
-				{{end}}
 				{{if not ($.UserDisabledFeatures.Contains "manage_credentials")}}
 					{{range .Emails}}
 						<div class="item tw-flex-wrap">
diff --git a/templates/user/settings/applications.tmpl b/templates/user/settings/applications.tmpl
index 501f238c7a..8c24da7fc9 100644
--- a/templates/user/settings/applications.tmpl
+++ b/templates/user/settings/applications.tmpl
@@ -68,7 +68,7 @@
 						</label>
 					</div>
 					<div>
-						<div class="tw-my-2">{{ctx.Locale.Tr "settings.access_token_desc" (HTMLFormat `href="%s/api/swagger" target="_blank"` AppSubUrl) (`href="https://docs.gitea.com/development/oauth2-provider#scopes" target="_blank"`|SafeHTML)}}</div>
+						<div class="tw-my-2">{{ctx.Locale.Tr "settings.access_token_desc" (HTMLFormat `href="%s/api/swagger" target="_blank"` AppSubUrl) (HTMLFormat `href="%s" target="_blank"` "https://docs.gitea.com/development/oauth2-provider#scopes")}}</div>
 						<table class="ui table unstackable tw-my-2">
 						{{range $category := .TokenCategories}}
 							<tr>
diff --git a/templates/user/settings/hooks.tmpl b/templates/user/settings/hooks.tmpl
index 477c333220..e2d18001f2 100644
--- a/templates/user/settings/hooks.tmpl
+++ b/templates/user/settings/hooks.tmpl
@@ -1,5 +1,5 @@
 {{template "user/settings/layout_head" (dict "ctxData" . "pageClass" "user settings webhooks")}}
 	<div class="user-setting-content">
-		{{template "repo/settings/webhook/list" .}}
+		{{template "repo/settings/webhook/base_list" .}}
 	</div>
 {{template "user/settings/layout_footer" .}}
diff --git a/templates/user/settings/navbar.tmpl b/templates/user/settings/navbar.tmpl
index c6c15512ab..34e089a68a 100644
--- a/templates/user/settings/navbar.tmpl
+++ b/templates/user/settings/navbar.tmpl
@@ -4,11 +4,16 @@
 		<a class="{{if .PageIsSettingsProfile}}active {{end}}item" href="{{AppSubUrl}}/user/settings">
 			{{ctx.Locale.Tr "settings.profile"}}
 		</a>
-		{{if not (and ($.UserDisabledFeatures.Contains "manage_credentials" "deletion") (not $.EnableNotifyMail))}}
+		{{if not ($.UserDisabledFeatures.Contains "manage_credentials" "deletion")}}
 		<a class="{{if .PageIsSettingsAccount}}active {{end}}item" href="{{AppSubUrl}}/user/settings/account">
 			{{ctx.Locale.Tr "settings.account"}}
 		</a>
 		{{end}}
+		{{if $.EnableNotifyMail}}
+		<a class="{{if .PageIsSettingsNotifications}}active {{end}}item" href="{{AppSubUrl}}/user/settings/notifications">
+			{{ctx.Locale.Tr "notifications"}}
+		</a>
+		{{end}}
 		<a class="{{if .PageIsSettingsAppearance}}active {{end}}item" href="{{AppSubUrl}}/user/settings/appearance">
 			{{ctx.Locale.Tr "settings.appearance"}}
 		</a>
diff --git a/templates/user/settings/notifications.tmpl b/templates/user/settings/notifications.tmpl
new file mode 100644
index 0000000000..40094aab4c
--- /dev/null
+++ b/templates/user/settings/notifications.tmpl
@@ -0,0 +1,65 @@
+{{template "user/settings/layout_head" (dict "ctxData" . "pageClass" "user settings")}}
+	<div class="user-setting-content">
+		<h4 class="ui top attached header">
+			{{ctx.Locale.Tr "notifications"}}
+		</h4>
+		<div class="ui attached segment">
+			<div class="ui list flex-items-block">
+				<div class="item">
+					<form class="ui form tw-w-full" action="{{AppSubUrl}}/user/settings/notifications/email" method="post">
+						{{$.CsrfTokenHtml}}
+						<div class="field">
+							<label>{{ctx.Locale.Tr "settings.email_desc"}}</label>
+							<div class="ui selection dropdown">
+								<input name="preference" type="hidden" value="{{.EmailNotificationsPreference}}">
+								{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+								<div class="text"></div>
+								<div class="menu">
+									<div data-value="enabled" class="{{if eq .EmailNotificationsPreference "enabled"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.enable"}}</div>
+									<div data-value="andyourown" class="{{if eq .EmailNotificationsPreference "andyourown"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.andyourown"}}</div>
+									<div data-value="onmention" class="{{if eq .EmailNotificationsPreference "onmention"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.onmention"}}</div>
+									<div data-value="disabled" class="{{if eq .EmailNotificationsPreference "disabled"}}active selected {{end}}item">{{ctx.Locale.Tr "settings.email_notifications.disable"}}</div>
+								</div>
+							</div>
+						</div>
+						<div class="field">
+							<button class="ui primary button">{{ctx.Locale.Tr "settings.email_notifications.submit"}}</button>
+						</div>
+					</form>
+				</div>
+			</div>
+		</div>
+
+		{{if .EnableActions}}
+		<h4 class="ui top attached header">
+			{{ctx.Locale.Tr "actions.actions"}}
+		</h4>
+		<div class="ui attached segment">
+			<div class="ui list flex-items-block">
+				<div class="item">
+					<form class="ui form tw-w-full" action="{{AppSubUrl}}/user/settings/notifications/actions" method="post">
+						{{$.CsrfTokenHtml}}
+						<div class="field">
+							<label>{{ctx.Locale.Tr "settings.email_notifications.actions.desc" "https://docs.gitea.com/usage/actions/overview/"}}</label>
+							<div class="ui selection dropdown">
+								<input name="preference" type="hidden" value="{{.ActionsEmailNotificationsPreference}}">
+								{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+								<div class="text"></div>
+								<div class="menu">
+									<div data-value="all" class="item">{{ctx.Locale.Tr "all"}}</div>
+									<div data-value="failure-only" class="item">{{ctx.Locale.Tr "settings.email_notifications.actions.failure_only"}}</div>
+									<div data-value="disabled" class="item">{{ctx.Locale.Tr "disabled"}}</div>
+								</div>
+							</div>
+						</div>
+						<div class="field">
+							<button class="ui primary button">{{ctx.Locale.Tr "settings.email_notifications.submit"}}</button>
+						</div>
+					</form>
+				</div>
+			</div>
+		</div>
+		{{end}}
+	</div>
+
+{{template "user/settings/layout_footer" .}}
diff --git a/templates/user/settings/organization.tmpl b/templates/user/settings/organization.tmpl
index 16c27b52cd..a48ca9ec9b 100644
--- a/templates/user/settings/organization.tmpl
+++ b/templates/user/settings/organization.tmpl
@@ -47,7 +47,7 @@
 		{{ctx.Locale.Tr "org.members.leave"}}
 	</div>
 	<div class="content">
-		<p>{{ctx.Locale.Tr "org.members.leave.detail" (`<span class="dataOrganizationName"></span>`|SafeHTML)}}</p>
+		<p>{{ctx.Locale.Tr "org.members.leave.detail" (HTMLFormat `<span class="%s"></span>` "dataOrganizationName")}}</p>
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 03c3c18f28..d8e5e27b89 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -12,7 +12,7 @@
 						<span class="text red tw-hidden" id="name-change-prompt"> {{ctx.Locale.Tr "settings.change_username_prompt"}}</span>
 						<span class="text red tw-hidden" id="name-change-redirect-prompt"> {{ctx.Locale.Tr "settings.change_username_redirect_prompt"}}</span>
 					</label>
-					<input id="username" name="name" value="{{.SignedUser.Name}}" data-name="{{.SignedUser.Name}}" autofocus required {{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}disabled{{end}} maxlength="40">
+					<input id="username" name="name" value="{{.SignedUser.Name}}" data-name="{{.SignedUser.Name}}" required {{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}disabled{{end}} maxlength="40">
 					{{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}
 					<p class="help text blue">{{ctx.Locale.Tr "settings.password_username_disabled"}}</p>
 					{{end}}
diff --git a/tests/e2e/e2e_test.go b/tests/e2e/e2e_test.go
index ece136be50..4a408dbd7b 100644
--- a/tests/e2e/e2e_test.go
+++ b/tests/e2e/e2e_test.go
@@ -4,7 +4,7 @@
 // This is primarily coped from /tests/integration/integration_test.go
 //   TODO: Move common functions to shared file
 
-//nolint:forbidigo
+//nolint:forbidigo // use of print functions is allowed in tests
 package e2e
 
 import (
@@ -94,7 +94,7 @@ func TestE2e(t *testing.T) {
 			onGiteaRun(t, func(*testing.T, *url.URL) {
 				cmd := exec.Command(runArgs[0], runArgs...)
 				cmd.Env = os.Environ()
-				cmd.Env = append(cmd.Env, fmt.Sprintf("GITEA_URL=%s", setting.AppURL))
+				cmd.Env = append(cmd.Env, "GITEA_URL="+setting.AppURL)
 
 				var stdout, stderr bytes.Buffer
 				cmd.Stdout = &stdout
diff --git a/tests/integration/actions_delete_run_test.go b/tests/integration/actions_delete_run_test.go
new file mode 100644
index 0000000000..22f9a1f740
--- /dev/null
+++ b/tests/integration/actions_delete_run_test.go
@@ -0,0 +1,181 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"testing"
+	"time"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/routers/web/repo/actions"
+
+	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
+	"github.com/stretchr/testify/assert"
+	"google.golang.org/protobuf/types/known/timestamppb"
+)
+
+func TestActionsDeleteRun(t *testing.T) {
+	now := time.Now()
+	testCase := struct {
+		treePath         string
+		fileContent      string
+		outcomes         map[string]*mockTaskOutcome
+		expectedStatuses map[string]string
+	}{
+		treePath: ".gitea/workflows/test1.yml",
+		fileContent: `name: test1
+on:
+  push:
+    paths:
+      - .gitea/workflows/test1.yml
+jobs:
+  job1:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo job1
+  job2:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo job2
+  job3:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo job3
+`,
+		outcomes: map[string]*mockTaskOutcome{
+			"job1": {
+				result: runnerv1.Result_RESULT_SUCCESS,
+				logRows: []*runnerv1.LogRow{
+					{
+						Time:    timestamppb.New(now.Add(4 * time.Second)),
+						Content: "  \U0001F433  docker create image",
+					},
+					{
+						Time:    timestamppb.New(now.Add(5 * time.Second)),
+						Content: "job1",
+					},
+					{
+						Time:    timestamppb.New(now.Add(6 * time.Second)),
+						Content: "\U0001F3C1  Job succeeded",
+					},
+				},
+			},
+			"job2": {
+				result: runnerv1.Result_RESULT_SUCCESS,
+				logRows: []*runnerv1.LogRow{
+					{
+						Time:    timestamppb.New(now.Add(4 * time.Second)),
+						Content: "  \U0001F433  docker create image",
+					},
+					{
+						Time:    timestamppb.New(now.Add(5 * time.Second)),
+						Content: "job2",
+					},
+					{
+						Time:    timestamppb.New(now.Add(6 * time.Second)),
+						Content: "\U0001F3C1  Job succeeded",
+					},
+				},
+			},
+			"job3": {
+				result: runnerv1.Result_RESULT_SUCCESS,
+				logRows: []*runnerv1.LogRow{
+					{
+						Time:    timestamppb.New(now.Add(4 * time.Second)),
+						Content: "  \U0001F433  docker create image",
+					},
+					{
+						Time:    timestamppb.New(now.Add(5 * time.Second)),
+						Content: "job3",
+					},
+					{
+						Time:    timestamppb.New(now.Add(6 * time.Second)),
+						Content: "\U0001F3C1  Job succeeded",
+					},
+				},
+			},
+		},
+		expectedStatuses: map[string]string{
+			"job1": actions_model.StatusSuccess.String(),
+			"job2": actions_model.StatusSuccess.String(),
+			"job3": actions_model.StatusSuccess.String(),
+		},
+	}
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+		session := loginUser(t, user2.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+
+		apiRepo := createActionsTestRepo(t, token, "actions-delete-run-test", false)
+		runner := newMockRunner()
+		runner.registerAsRepoRunner(t, user2.Name, apiRepo.Name, "mock-runner", []string{"ubuntu-latest"}, false)
+
+		opts := getWorkflowCreateFileOptions(user2, apiRepo.DefaultBranch, "create "+testCase.treePath, testCase.fileContent)
+		createWorkflowFile(t, token, user2.Name, apiRepo.Name, testCase.treePath, opts)
+
+		runIndex := ""
+		for i := 0; i < len(testCase.outcomes); i++ {
+			task := runner.fetchTask(t)
+			jobName := getTaskJobNameByTaskID(t, token, user2.Name, apiRepo.Name, task.Id)
+			outcome := testCase.outcomes[jobName]
+			assert.NotNil(t, outcome)
+			runner.execTask(t, task, outcome)
+			runIndex = task.Context.GetFields()["run_number"].GetStringValue()
+			assert.Equal(t, "1", runIndex)
+		}
+
+		for i := 0; i < len(testCase.outcomes); i++ {
+			req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/%d", user2.Name, apiRepo.Name, runIndex, i), map[string]string{
+				"_csrf": GetUserCSRFToken(t, session),
+			})
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			var listResp actions.ViewResponse
+			err := json.Unmarshal(resp.Body.Bytes(), &listResp)
+			assert.NoError(t, err)
+			assert.Len(t, listResp.State.Run.Jobs, 3)
+
+			req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/%d/logs", user2.Name, apiRepo.Name, runIndex, i)).
+				AddTokenAuth(token)
+			MakeRequest(t, req, http.StatusOK)
+		}
+
+		req := NewRequestWithValues(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s", user2.Name, apiRepo.Name, runIndex), map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+		})
+		session.MakeRequest(t, req, http.StatusOK)
+
+		req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/actions/runs/%s/delete", user2.Name, apiRepo.Name, runIndex), map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+		})
+		session.MakeRequest(t, req, http.StatusOK)
+
+		req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/actions/runs/%s/delete", user2.Name, apiRepo.Name, runIndex), map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+		})
+		session.MakeRequest(t, req, http.StatusNotFound)
+
+		req = NewRequestWithValues(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s", user2.Name, apiRepo.Name, runIndex), map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+		})
+		session.MakeRequest(t, req, http.StatusNotFound)
+
+		for i := 0; i < len(testCase.outcomes); i++ {
+			req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/%d", user2.Name, apiRepo.Name, runIndex, i), map[string]string{
+				"_csrf": GetUserCSRFToken(t, session),
+			})
+			session.MakeRequest(t, req, http.StatusNotFound)
+
+			req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/%d/logs", user2.Name, apiRepo.Name, runIndex, i)).
+				AddTokenAuth(token)
+			MakeRequest(t, req, http.StatusNotFound)
+		}
+	})
+}
diff --git a/tests/integration/actions_job_test.go b/tests/integration/actions_job_test.go
index 89c93e7a75..4f4456a4e5 100644
--- a/tests/integration/actions_job_test.go
+++ b/tests/integration/actions_job_test.go
@@ -9,6 +9,7 @@ import (
 	"net/http"
 	"net/url"
 	"reflect"
+	"strconv"
 	"testing"
 	"time"
 
@@ -137,9 +138,9 @@ jobs:
 		runner.registerAsRepoRunner(t, user2.Name, apiRepo.Name, "mock-runner", []string{"ubuntu-latest"}, false)
 
 		for _, tc := range testCases {
-			t.Run(fmt.Sprintf("test %s", tc.treePath), func(t *testing.T) {
+			t.Run("test "+tc.treePath, func(t *testing.T) {
 				// create the workflow file
-				opts := getWorkflowCreateFileOptions(user2, apiRepo.DefaultBranch, fmt.Sprintf("create %s", tc.treePath), tc.fileContent)
+				opts := getWorkflowCreateFileOptions(user2, apiRepo.DefaultBranch, "create "+tc.treePath, tc.fileContent)
 				fileResp := createWorkflowFile(t, token, user2.Name, apiRepo.Name, tc.treePath, opts)
 
 				// fetch and execute task
@@ -320,8 +321,8 @@ jobs:
 		runner.registerAsRepoRunner(t, user2.Name, apiRepo.Name, "mock-runner", []string{"ubuntu-latest"}, false)
 
 		for _, tc := range testCases {
-			t.Run(fmt.Sprintf("test %s", tc.treePath), func(t *testing.T) {
-				opts := getWorkflowCreateFileOptions(user2, apiRepo.DefaultBranch, fmt.Sprintf("create %s", tc.treePath), tc.fileContent)
+			t.Run("test "+tc.treePath, func(t *testing.T) {
+				opts := getWorkflowCreateFileOptions(user2, apiRepo.DefaultBranch, "create "+tc.treePath, tc.fileContent)
 				createWorkflowFile(t, token, user2.Name, apiRepo.Name, tc.treePath, opts)
 
 				for i := 0; i < len(tc.outcomes); i++ {
@@ -371,7 +372,7 @@ jobs:
     steps:
       - run: echo 'test the pull'
 `
-		opts := getWorkflowCreateFileOptions(user2, baseRepo.DefaultBranch, fmt.Sprintf("create %s", wfTreePath), wfFileContent)
+		opts := getWorkflowCreateFileOptions(user2, baseRepo.DefaultBranch, "create "+wfTreePath, wfFileContent)
 		createWorkflowFile(t, user2Token, baseRepo.OwnerName, baseRepo.Name, wfTreePath, opts)
 		// user2 creates a pull request
 		doAPICreateFile(user2APICtx, "user2-patch.txt", &api.CreateFileOptions{
@@ -418,9 +419,9 @@ jobs:
 		assert.Equal(t, actionRun.Repo.OwnerName+"/"+actionRun.Repo.Name, gtCtx["repository"].GetStringValue())
 		assert.Equal(t, actionRun.Repo.OwnerName, gtCtx["repository_owner"].GetStringValue())
 		assert.Equal(t, actionRun.Repo.HTMLURL(), gtCtx["repositoryUrl"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRunJob.RunID), gtCtx["run_id"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRun.Index), gtCtx["run_number"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRunJob.Attempt), gtCtx["run_attempt"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRunJob.RunID, 10), gtCtx["run_id"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRun.Index, 10), gtCtx["run_number"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRunJob.Attempt, 10), gtCtx["run_attempt"].GetStringValue())
 		assert.Equal(t, "Actions", gtCtx["secret_source"].GetStringValue())
 		assert.Equal(t, setting.AppURL, gtCtx["server_url"].GetStringValue())
 		assert.Equal(t, actionRun.CommitSHA, gtCtx["sha"].GetStringValue())
@@ -463,7 +464,7 @@ jobs:
     steps:
       - run: echo 'test the pull'
 `
-		opts := getWorkflowCreateFileOptions(user2, baseRepo.DefaultBranch, fmt.Sprintf("create %s", wfTreePath), wfFileContent)
+		opts := getWorkflowCreateFileOptions(user2, baseRepo.DefaultBranch, "create "+wfTreePath, wfFileContent)
 		createWorkflowFile(t, user2Token, baseRepo.OwnerName, baseRepo.Name, wfTreePath, opts)
 		// user2 creates a pull request
 		doAPICreateFile(user2APICtx, "user2-patch.txt", &api.CreateFileOptions{
@@ -510,9 +511,9 @@ jobs:
 		assert.Equal(t, actionRun.Repo.OwnerName+"/"+actionRun.Repo.Name, gtCtx["repository"].GetStringValue())
 		assert.Equal(t, actionRun.Repo.OwnerName, gtCtx["repository_owner"].GetStringValue())
 		assert.Equal(t, actionRun.Repo.HTMLURL(), gtCtx["repositoryUrl"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRunJob.RunID), gtCtx["run_id"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRun.Index), gtCtx["run_number"].GetStringValue())
-		assert.Equal(t, fmt.Sprint(actionRunJob.Attempt), gtCtx["run_attempt"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRunJob.RunID, 10), gtCtx["run_id"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRun.Index, 10), gtCtx["run_number"].GetStringValue())
+		assert.Equal(t, strconv.FormatInt(actionRunJob.Attempt, 10), gtCtx["run_attempt"].GetStringValue())
 		assert.Equal(t, "Actions", gtCtx["secret_source"].GetStringValue())
 		assert.Equal(t, setting.AppURL, gtCtx["server_url"].GetStringValue())
 		assert.Equal(t, actionRun.CommitSHA, gtCtx["sha"].GetStringValue())
diff --git a/tests/integration/actions_log_test.go b/tests/integration/actions_log_test.go
index 5e99e5026d..503bda97c9 100644
--- a/tests/integration/actions_log_test.go
+++ b/tests/integration/actions_log_test.go
@@ -7,10 +7,12 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 	"testing"
 	"time"
 
+	actions_model "code.gitea.io/gitea/models/actions"
 	auth_model "code.gitea.io/gitea/models/auth"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
@@ -29,7 +31,7 @@ func TestDownloadTaskLogs(t *testing.T) {
 	testCases := []struct {
 		treePath    string
 		fileContent string
-		outcome     *mockTaskOutcome
+		outcome     []*mockTaskOutcome
 		zstdEnabled bool
 	}{
 		{
@@ -44,21 +46,44 @@ jobs:
       runs-on: ubuntu-latest
       steps:
         - run: echo job1 with zstd enabled
+    job2:
+      runs-on: ubuntu-latest
+      steps:
+        - run: echo job2 with zstd enabled
 `,
-			outcome: &mockTaskOutcome{
-				result: runnerv1.Result_RESULT_SUCCESS,
-				logRows: []*runnerv1.LogRow{
-					{
-						Time:    timestamppb.New(now.Add(1 * time.Second)),
-						Content: "  \U0001F433  docker create image",
+			outcome: []*mockTaskOutcome{
+				{
+					result: runnerv1.Result_RESULT_SUCCESS,
+					logRows: []*runnerv1.LogRow{
+						{
+							Time:    timestamppb.New(now.Add(1 * time.Second)),
+							Content: "  \U0001F433  docker create image",
+						},
+						{
+							Time:    timestamppb.New(now.Add(2 * time.Second)),
+							Content: "job1 zstd enabled",
+						},
+						{
+							Time:    timestamppb.New(now.Add(3 * time.Second)),
+							Content: "\U0001F3C1  Job succeeded",
+						},
 					},
-					{
-						Time:    timestamppb.New(now.Add(2 * time.Second)),
-						Content: "job1 zstd enabled",
-					},
-					{
-						Time:    timestamppb.New(now.Add(3 * time.Second)),
-						Content: "\U0001F3C1  Job succeeded",
+				},
+				{
+					result: runnerv1.Result_RESULT_SUCCESS,
+					logRows: []*runnerv1.LogRow{
+						{
+							Time:    timestamppb.New(now.Add(1 * time.Second)),
+							Content: "  \U0001F433  docker create image",
+						},
+						{
+							Time:    timestamppb.New(now.Add(2 * time.Second)),
+							Content: "job2 zstd enabled",
+						},
+						{
+							Time:    timestamppb.New(now.Add(3 * time.Second)),
+							Content: "\U0001F3C1  Job succeeded",
+						},
 					},
 				},
 			},
@@ -76,21 +101,44 @@ jobs:
       runs-on: ubuntu-latest
       steps:
         - run: echo job1 with zstd disabled
+    job2:
+      runs-on: ubuntu-latest
+      steps:
+        - run: echo job2 with zstd disabled
 `,
-			outcome: &mockTaskOutcome{
-				result: runnerv1.Result_RESULT_SUCCESS,
-				logRows: []*runnerv1.LogRow{
-					{
-						Time:    timestamppb.New(now.Add(4 * time.Second)),
-						Content: "  \U0001F433  docker create image",
-					},
-					{
-						Time:    timestamppb.New(now.Add(5 * time.Second)),
-						Content: "job1 zstd disabled",
+			outcome: []*mockTaskOutcome{
+				{
+					result: runnerv1.Result_RESULT_SUCCESS,
+					logRows: []*runnerv1.LogRow{
+						{
+							Time:    timestamppb.New(now.Add(4 * time.Second)),
+							Content: "  \U0001F433  docker create image",
+						},
+						{
+							Time:    timestamppb.New(now.Add(5 * time.Second)),
+							Content: "job1 zstd disabled",
+						},
+						{
+							Time:    timestamppb.New(now.Add(6 * time.Second)),
+							Content: "\U0001F3C1  Job succeeded",
+						},
 					},
-					{
-						Time:    timestamppb.New(now.Add(6 * time.Second)),
-						Content: "\U0001F3C1  Job succeeded",
+				},
+				{
+					result: runnerv1.Result_RESULT_SUCCESS,
+					logRows: []*runnerv1.LogRow{
+						{
+							Time:    timestamppb.New(now.Add(4 * time.Second)),
+							Content: "  \U0001F433  docker create image",
+						},
+						{
+							Time:    timestamppb.New(now.Add(5 * time.Second)),
+							Content: "job2 zstd disabled",
+						},
+						{
+							Time:    timestamppb.New(now.Add(6 * time.Second)),
+							Content: "\U0001F3C1  Job succeeded",
+						},
 					},
 				},
 			},
@@ -108,7 +156,7 @@ jobs:
 		runner.registerAsRepoRunner(t, user2.Name, repo.Name, "mock-runner", []string{"ubuntu-latest"}, false)
 
 		for _, tc := range testCases {
-			t.Run(fmt.Sprintf("test %s", tc.treePath), func(t *testing.T) {
+			t.Run("test "+tc.treePath, func(t *testing.T) {
 				var resetFunc func()
 				if tc.zstdEnabled {
 					resetFunc = test.MockVariableValue(&setting.Actions.LogCompression, "zstd")
@@ -119,36 +167,58 @@ jobs:
 				}
 
 				// create the workflow file
-				opts := getWorkflowCreateFileOptions(user2, repo.DefaultBranch, fmt.Sprintf("create %s", tc.treePath), tc.fileContent)
+				opts := getWorkflowCreateFileOptions(user2, repo.DefaultBranch, "create "+tc.treePath, tc.fileContent)
 				createWorkflowFile(t, token, user2.Name, repo.Name, tc.treePath, opts)
 
-				// fetch and execute task
-				task := runner.fetchTask(t)
-				runner.execTask(t, task, tc.outcome)
+				// fetch and execute tasks
+				for jobIndex, outcome := range tc.outcome {
+					task := runner.fetchTask(t)
+					runner.execTask(t, task, outcome)
 
-				// check whether the log file exists
-				logFileName := fmt.Sprintf("%s/%02x/%d.log", repo.FullName(), task.Id%256, task.Id)
-				if setting.Actions.LogCompression.IsZstd() {
-					logFileName += ".zst"
-				}
-				_, err := storage.Actions.Stat(logFileName)
-				assert.NoError(t, err)
+					// check whether the log file exists
+					logFileName := fmt.Sprintf("%s/%02x/%d.log", repo.FullName(), task.Id%256, task.Id)
+					if setting.Actions.LogCompression.IsZstd() {
+						logFileName += ".zst"
+					}
+					_, err := storage.Actions.Stat(logFileName)
+					assert.NoError(t, err)
 
-				// download task logs and check content
-				runIndex := task.Context.GetFields()["run_number"].GetStringValue()
-				req := NewRequest(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/0/logs", user2.Name, repo.Name, runIndex)).
-					AddTokenAuth(token)
-				resp := MakeRequest(t, req, http.StatusOK)
-				logTextLines := strings.Split(strings.TrimSpace(resp.Body.String()), "\n")
-				assert.Len(t, logTextLines, len(tc.outcome.logRows))
-				for idx, lr := range tc.outcome.logRows {
-					assert.Equal(
-						t,
-						fmt.Sprintf("%s %s", lr.Time.AsTime().Format("2006-01-02T15:04:05.0000000Z07:00"), lr.Content),
-						logTextLines[idx],
-					)
-				}
+					// download task logs and check content
+					runIndex := task.Context.GetFields()["run_number"].GetStringValue()
+					req := NewRequest(t, "GET", fmt.Sprintf("/%s/%s/actions/runs/%s/jobs/%d/logs", user2.Name, repo.Name, runIndex, jobIndex)).
+						AddTokenAuth(token)
+					resp := MakeRequest(t, req, http.StatusOK)
+					logTextLines := strings.Split(strings.TrimSpace(resp.Body.String()), "\n")
+					assert.Len(t, logTextLines, len(outcome.logRows))
+					for idx, lr := range outcome.logRows {
+						assert.Equal(
+							t,
+							fmt.Sprintf("%s %s", lr.Time.AsTime().Format("2006-01-02T15:04:05.0000000Z07:00"), lr.Content),
+							logTextLines[idx],
+						)
+					}
 
+					runID, _ := strconv.ParseInt(task.Context.GetFields()["run_id"].GetStringValue(), 10, 64)
+
+					jobs, err := actions_model.GetRunJobsByRunID(t.Context(), runID)
+					assert.NoError(t, err)
+					assert.Len(t, jobs, len(tc.outcome))
+					jobID := jobs[jobIndex].ID
+
+					// download task logs from API and check content
+					req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/%s/actions/jobs/%d/logs", user2.Name, repo.Name, jobID)).
+						AddTokenAuth(token)
+					resp = MakeRequest(t, req, http.StatusOK)
+					logTextLines = strings.Split(strings.TrimSpace(resp.Body.String()), "\n")
+					assert.Len(t, logTextLines, len(outcome.logRows))
+					for idx, lr := range outcome.logRows {
+						assert.Equal(
+							t,
+							fmt.Sprintf("%s %s", lr.Time.AsTime().Format("2006-01-02T15:04:05.0000000Z07:00"), lr.Content),
+							logTextLines[idx],
+						)
+					}
+				}
 				resetFunc()
 			})
 		}
diff --git a/tests/integration/actions_runner_test.go b/tests/integration/actions_runner_test.go
index ee92032e9f..6cc5a10e0f 100644
--- a/tests/integration/actions_runner_test.go
+++ b/tests/integration/actions_runner_test.go
@@ -37,7 +37,7 @@ func newMockRunner() *mockRunner {
 }
 
 func newMockRunnerClient(uuid, token string) *mockRunnerClient {
-	baseURL := fmt.Sprintf("%sapi/actions", setting.AppURL)
+	baseURL := setting.AppURL + "api/actions"
 
 	opt := connect.WithInterceptors(connect.UnaryInterceptorFunc(func(next connect.UnaryFunc) connect.UnaryFunc {
 		return func(ctx context.Context, req connect.AnyRequest) (connect.AnyResponse, error) {
@@ -115,10 +115,9 @@ func (r *mockRunner) fetchTask(t *testing.T, timeout ...time.Duration) *runnerv1
 }
 
 type mockTaskOutcome struct {
-	result   runnerv1.Result
-	outputs  map[string]string
-	logRows  []*runnerv1.LogRow
-	execTime time.Duration
+	result  runnerv1.Result
+	outputs map[string]string
+	logRows []*runnerv1.LogRow
 }
 
 func (r *mockRunner) execTask(t *testing.T, task *runnerv1.Task, outcome *mockTaskOutcome) {
@@ -145,7 +144,6 @@ func (r *mockRunner) execTask(t *testing.T, task *runnerv1.Task, outcome *mockTa
 		sentOutputKeys = append(sentOutputKeys, outputKey)
 		assert.ElementsMatch(t, sentOutputKeys, resp.Msg.SentOutputs)
 	}
-	time.Sleep(outcome.execTime)
 	resp, err := r.client.runnerServiceClient.UpdateTask(t.Context(), connect.NewRequest(&runnerv1.UpdateTaskRequest{
 		State: &runnerv1.TaskState{
 			Id:        task.Id,
diff --git a/tests/integration/actions_trigger_test.go b/tests/integration/actions_trigger_test.go
index 096f51dfc0..088491d570 100644
--- a/tests/integration/actions_trigger_test.go
+++ b/tests/integration/actions_trigger_test.go
@@ -4,6 +4,7 @@
 package integration
 
 import (
+	"encoding/base64"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -21,6 +22,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	actions_module "code.gitea.io/gitea/modules/actions"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/json"
@@ -28,6 +30,7 @@ import (
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/util"
 	issue_service "code.gitea.io/gitea/services/issue"
 	pull_service "code.gitea.io/gitea/services/pull"
 	release_service "code.gitea.io/gitea/services/release"
@@ -286,7 +289,7 @@ jobs:
 					ContentReader: strings.NewReader("bar"),
 				},
 			},
-			Message:   fmt.Sprintf("%s add bar", setting.Actions.SkipWorkflowStrings[0]),
+			Message:   setting.Actions.SkipWorkflowStrings[0] + " add bar",
 			OldBranch: "master",
 			NewBranch: "master",
 			Author: &files_service.IdentityOptions{
@@ -631,12 +634,12 @@ jobs:
 		assert.NotEmpty(t, addFileResp)
 		sha = addFileResp.Commit.SHA
 		assert.Eventually(t, func() bool {
-			latestCommitStatuses, _, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
+			latestCommitStatuses, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
 			assert.NoError(t, err)
 			if len(latestCommitStatuses) == 0 {
 				return false
 			}
-			if latestCommitStatuses[0].State == api.CommitStatusPending {
+			if latestCommitStatuses[0].State == commitstatus.CommitStatusPending {
 				insertFakeStatus(t, repo, sha, latestCommitStatuses[0].TargetURL, latestCommitStatuses[0].Context)
 				return true
 			}
@@ -674,17 +677,17 @@ jobs:
 }
 
 func checkCommitStatusAndInsertFakeStatus(t *testing.T, repo *repo_model.Repository, sha string) {
-	latestCommitStatuses, _, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
+	latestCommitStatuses, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
 	assert.NoError(t, err)
 	assert.Len(t, latestCommitStatuses, 1)
-	assert.Equal(t, api.CommitStatusPending, latestCommitStatuses[0].State)
+	assert.Equal(t, commitstatus.CommitStatusPending, latestCommitStatuses[0].State)
 
 	insertFakeStatus(t, repo, sha, latestCommitStatuses[0].TargetURL, latestCommitStatuses[0].Context)
 }
 
 func insertFakeStatus(t *testing.T, repo *repo_model.Repository, sha, targetURL, context string) {
 	err := commitstatus_service.CreateCommitStatus(db.DefaultContext, repo, user_model.NewActionsUser(), sha, &git_model.CommitStatus{
-		State:     api.CommitStatusSuccess,
+		State:     commitstatus.CommitStatusSuccess,
 		TargetURL: targetURL,
 		Context:   context,
 	})
@@ -717,7 +720,7 @@ func TestWorkflowDispatchPublicApi(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch
 jobs:
@@ -797,7 +800,7 @@ func TestWorkflowDispatchPublicApiWithInputs(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch: { inputs: { myinput: { default: def }, myinput2: { default: def2 }, myinput3: { type: boolean, default: false } } }
 jobs:
@@ -888,7 +891,7 @@ func TestWorkflowDispatchPublicApiJSON(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch: { inputs: { myinput: { default: def }, myinput2: { default: def2 }, myinput3: { type: boolean, default: false } } }
 jobs:
@@ -974,7 +977,7 @@ func TestWorkflowDispatchPublicApiWithInputsJSON(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch: { inputs: { myinput: { default: def }, myinput2: { default: def2 }, myinput3: { type: boolean, default: false } } }
 jobs:
@@ -1068,7 +1071,7 @@ func TestWorkflowDispatchPublicApiWithInputsNonDefaultBranchJSON(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch
 jobs:
@@ -1104,7 +1107,7 @@ jobs:
 				{
 					Operation: "update",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch: { inputs: { myinput: { default: def }, myinput2: { default: def2 }, myinput3: { type: boolean, default: false } } }
 jobs:
@@ -1154,6 +1157,7 @@ jobs:
 		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
 			Title:      "add workflow",
 			RepoID:     repo.ID,
+			Repo:       repo,
 			Event:      "workflow_dispatch",
 			Ref:        "refs/heads/dispatch",
 			WorkflowID: "dispatch.yml",
@@ -1205,7 +1209,7 @@ func TestWorkflowApi(t *testing.T) {
 				{
 					Operation: "create",
 					TreePath:  ".gitea/workflows/dispatch.yml",
-					ContentReader: strings.NewReader(`name: test
+					ContentReader: strings.NewReader(`
 on:
   workflow_dispatch: { inputs: { myinput: { default: def }, myinput2: { default: def2 }, myinput3: { type: boolean, default: false } } }
 jobs:
@@ -1368,3 +1372,235 @@ jobs:
 		assert.Equal(t, "true", dispatchPayload.Inputs["myinput3"])
 	})
 }
+
+func TestClosePullRequestWithPath(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		// user2 is the owner of the base repo
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+		user2Token := getTokenForLoggedInUser(t, loginUser(t, user2.Name), auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+		// user4 is the owner of the fork repo
+		user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})
+		user4Token := getTokenForLoggedInUser(t, loginUser(t, user4.Name), auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+
+		// create the base repo
+		apiBaseRepo := createActionsTestRepo(t, user2Token, "close-pull-request-with-path", false)
+		baseRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: apiBaseRepo.ID})
+		user2APICtx := NewAPITestContext(t, baseRepo.OwnerName, baseRepo.Name, auth_model.AccessTokenScopeWriteRepository)
+
+		// init the workflow
+		wfTreePath := ".gitea/workflows/pull.yml"
+		wfFileContent := `name: Pull Request
+on:
+  pull_request:
+    types:
+      - closed
+    paths:
+      - 'app/**'
+jobs:
+  echo:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo 'Hello World'
+`
+		opts1 := getWorkflowCreateFileOptions(user2, baseRepo.DefaultBranch, "create "+wfTreePath, wfFileContent)
+		createWorkflowFile(t, user2Token, baseRepo.OwnerName, baseRepo.Name, wfTreePath, opts1)
+
+		// user4 forks the repo
+		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/forks", baseRepo.OwnerName, baseRepo.Name),
+			&api.CreateForkOption{
+				Name: util.ToPointer("close-pull-request-with-path-fork"),
+			}).AddTokenAuth(user4Token)
+		resp := MakeRequest(t, req, http.StatusAccepted)
+		var apiForkRepo api.Repository
+		DecodeJSON(t, resp, &apiForkRepo)
+		forkRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: apiForkRepo.ID})
+		user4APICtx := NewAPITestContext(t, user4.Name, forkRepo.Name, auth_model.AccessTokenScopeWriteRepository)
+
+		// user4 creates a pull request to add file "app/main.go"
+		doAPICreateFile(user4APICtx, "app/main.go", &api.CreateFileOptions{
+			FileOptions: api.FileOptions{
+				NewBranchName: "user4/add-main",
+				Message:       "create main.go",
+				Author: api.Identity{
+					Name:  user4.Name,
+					Email: user4.Email,
+				},
+				Committer: api.Identity{
+					Name:  user4.Name,
+					Email: user4.Email,
+				},
+				Dates: api.CommitDateOptions{
+					Author:    time.Now(),
+					Committer: time.Now(),
+				},
+			},
+			ContentBase64: base64.StdEncoding.EncodeToString([]byte("// main.go")),
+		})(t)
+		apiPull, err := doAPICreatePullRequest(user4APICtx, baseRepo.OwnerName, baseRepo.Name, baseRepo.DefaultBranch, user4.Name+":user4/add-main")(t)
+		assert.NoError(t, err)
+
+		doAPIMergePullRequest(user2APICtx, baseRepo.OwnerName, baseRepo.Name, apiPull.Index)(t)
+
+		pullRequest := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: apiPull.ID})
+
+		// load and compare ActionRun
+		assert.Equal(t, 1, unittest.GetCount(t, &actions_model.ActionRun{RepoID: baseRepo.ID}))
+		actionRun := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{RepoID: baseRepo.ID})
+		assert.Equal(t, actions_module.GithubEventPullRequest, actionRun.TriggerEvent)
+		assert.Equal(t, pullRequest.MergedCommitID, actionRun.CommitSHA)
+	})
+}
+
+func TestActionRunNameWithContextVariables(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+
+		// create the repo
+		repo, err := repo_service.CreateRepository(db.DefaultContext, user2, user2, repo_service.CreateRepoOptions{
+			Name:          "action-run-name-with-variables",
+			Description:   "test action run name",
+			AutoInit:      true,
+			Gitignores:    "Go",
+			License:       "MIT",
+			Readme:        "Default",
+			DefaultBranch: "main",
+			IsPrivate:     false,
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, repo)
+
+		// add workflow file to the repo
+		addWorkflowToBaseResp, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			Files: []*files_service.ChangeRepoFile{
+				{
+					Operation: "create",
+					TreePath:  ".gitea/workflows/runname.yml",
+					ContentReader: strings.NewReader(`name: test
+on:
+  [create,delete]
+run-name: ${{ gitea.actor }} is running this workflow
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo helloworld
+`),
+				},
+			},
+			Message:   "add workflow with run-name",
+			OldBranch: "main",
+			NewBranch: "main",
+			Author: &files_service.IdentityOptions{
+				GitUserName:  user2.Name,
+				GitUserEmail: user2.Email,
+			},
+			Committer: &files_service.IdentityOptions{
+				GitUserName:  user2.Name,
+				GitUserEmail: user2.Email,
+			},
+			Dates: &files_service.CommitDateOptions{
+				Author:    time.Now(),
+				Committer: time.Now(),
+			},
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, addWorkflowToBaseResp)
+
+		// Get the commit ID of the default branch
+		gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo)
+		assert.NoError(t, err)
+		defer gitRepo.Close()
+		branch, err := git_model.GetBranch(db.DefaultContext, repo.ID, repo.DefaultBranch)
+		assert.NoError(t, err)
+
+		// create a branch
+		err = repo_service.CreateNewBranchFromCommit(db.DefaultContext, user2, repo, gitRepo, branch.CommitID, "test-action-run-name-with-variables")
+		assert.NoError(t, err)
+		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
+			Title:      user2.LoginName + " is running this workflow",
+			RepoID:     repo.ID,
+			Event:      "create",
+			Ref:        "refs/heads/test-action-run-name-with-variables",
+			WorkflowID: "runname.yml",
+			CommitSHA:  branch.CommitID,
+		})
+		assert.NotNil(t, run)
+	})
+}
+
+func TestActionRunName(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+
+		// create the repo
+		repo, err := repo_service.CreateRepository(db.DefaultContext, user2, user2, repo_service.CreateRepoOptions{
+			Name:          "action-run-name",
+			Description:   "test action run-name",
+			AutoInit:      true,
+			Gitignores:    "Go",
+			License:       "MIT",
+			Readme:        "Default",
+			DefaultBranch: "main",
+			IsPrivate:     false,
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, repo)
+
+		// add workflow file to the repo
+		addWorkflowToBaseResp, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			Files: []*files_service.ChangeRepoFile{
+				{
+					Operation: "create",
+					TreePath:  ".gitea/workflows/runname.yml",
+					ContentReader: strings.NewReader(`name: test
+on:
+  [create,delete]
+run-name: run name without variables
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo helloworld
+`),
+				},
+			},
+			Message:   "add workflow with run name",
+			OldBranch: "main",
+			NewBranch: "main",
+			Author: &files_service.IdentityOptions{
+				GitUserName:  user2.Name,
+				GitUserEmail: user2.Email,
+			},
+			Committer: &files_service.IdentityOptions{
+				GitUserName:  user2.Name,
+				GitUserEmail: user2.Email,
+			},
+			Dates: &files_service.CommitDateOptions{
+				Author:    time.Now(),
+				Committer: time.Now(),
+			},
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, addWorkflowToBaseResp)
+
+		// Get the commit ID of the default branch
+		gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo)
+		assert.NoError(t, err)
+		defer gitRepo.Close()
+		branch, err := git_model.GetBranch(db.DefaultContext, repo.ID, repo.DefaultBranch)
+		assert.NoError(t, err)
+
+		// create a branch
+		err = repo_service.CreateNewBranchFromCommit(db.DefaultContext, user2, repo, gitRepo, branch.CommitID, "test-action-run-name")
+		assert.NoError(t, err)
+		run := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRun{
+			Title:      "run name without variables",
+			RepoID:     repo.ID,
+			Event:      "create",
+			Ref:        "refs/heads/test-action-run-name",
+			WorkflowID: "runname.yml",
+			CommitSHA:  branch.CommitID,
+		})
+		assert.NotNil(t, run)
+	})
+}
diff --git a/tests/integration/admin_user_test.go b/tests/integration/admin_user_test.go
index d5d7e70bc7..95e03ab750 100644
--- a/tests/integration/admin_user_test.go
+++ b/tests/integration/admin_user_test.go
@@ -4,6 +4,7 @@
 package integration
 
 import (
+	"fmt"
 	"net/http"
 	"strconv"
 	"testing"
@@ -72,12 +73,37 @@ func TestAdminDeleteUser(t *testing.T) {
 
 	session := loginUser(t, "user1")
 
-	csrf := GetUserCSRFToken(t, session)
-	req := NewRequestWithValues(t, "POST", "/-/admin/users/8/delete", map[string]string{
-		"_csrf": csrf,
-	})
-	session.MakeRequest(t, req, http.StatusSeeOther)
-
-	assertUserDeleted(t, 8)
-	unittest.CheckConsistencyFor(t, &user_model.User{})
+	usersToDelete := []struct {
+		userID int64
+		purge  bool
+	}{
+		{
+			userID: 2,
+			purge:  true,
+		},
+		{
+			userID: 8,
+		},
+	}
+
+	for _, entry := range usersToDelete {
+		t.Run(fmt.Sprintf("DeleteUser%d", entry.userID), func(t *testing.T) {
+			user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: entry.userID})
+			assert.NotNil(t, user)
+
+			var query string
+			if entry.purge {
+				query = "?purge=true"
+			}
+
+			csrf := GetUserCSRFToken(t, session)
+			req := NewRequestWithValues(t, "POST", fmt.Sprintf("/-/admin/users/%d/delete%s", entry.userID, query), map[string]string{
+				"_csrf": csrf,
+			})
+			session.MakeRequest(t, req, http.StatusSeeOther)
+
+			assertUserDeleted(t, entry.userID)
+			unittest.CheckConsistencyFor(t, &user_model.User{})
+		})
+	}
 }
diff --git a/tests/integration/api_actions_artifact_v4_test.go b/tests/integration/api_actions_artifact_v4_test.go
index b6dfa6e799..3db8bbb82e 100644
--- a/tests/integration/api_actions_artifact_v4_test.go
+++ b/tests/integration/api_actions_artifact_v4_test.go
@@ -557,6 +557,26 @@ func TestActionsArtifactV4Delete(t *testing.T) {
 	var deleteResp actions.DeleteArtifactResponse
 	protojson.Unmarshal(resp.Body.Bytes(), &deleteResp)
 	assert.True(t, deleteResp.Ok)
+
+	// confirm artifact is no longer accessible by GetSignedArtifactURL
+	req = NewRequestWithBody(t, "POST", "/twirp/github.actions.results.api.v1.ArtifactService/GetSignedArtifactURL", toProtoJSON(&actions.GetSignedArtifactURLRequest{
+		Name:                    "artifact-v4-download",
+		WorkflowRunBackendId:    "792",
+		WorkflowJobRunBackendId: "193",
+	})).
+		AddTokenAuth(token)
+	_ = MakeRequest(t, req, http.StatusNotFound)
+
+	// confirm artifact is no longer enumerateable by ListArtifacts and returns length == 0 without error
+	req = NewRequestWithBody(t, "POST", "/twirp/github.actions.results.api.v1.ArtifactService/ListArtifacts", toProtoJSON(&actions.ListArtifactsRequest{
+		NameFilter:              wrapperspb.String("artifact-v4-download"),
+		WorkflowRunBackendId:    "792",
+		WorkflowJobRunBackendId: "193",
+	})).AddTokenAuth(token)
+	resp = MakeRequest(t, req, http.StatusOK)
+	var listResp actions.ListArtifactsResponse
+	protojson.Unmarshal(resp.Body.Bytes(), &listResp)
+	assert.Empty(t, listResp.Artifacts)
 }
 
 func TestActionsArtifactV4DeletePublicApi(t *testing.T) {
diff --git a/tests/integration/api_actions_run_test.go b/tests/integration/api_actions_run_test.go
new file mode 100644
index 0000000000..a0292f8f8b
--- /dev/null
+++ b/tests/integration/api_actions_run_test.go
@@ -0,0 +1,136 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/json"
+	api "code.gitea.io/gitea/modules/structs"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAPIActionsGetWorkflowRun(t *testing.T) {
+	defer prepareTestEnvActionsArtifacts(t)()
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+	session := loginUser(t, user.Name)
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/runs/802802", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNotFound)
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/runs/802", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNotFound)
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/runs/803", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusOK)
+}
+
+func TestAPIActionsGetWorkflowJob(t *testing.T) {
+	defer prepareTestEnvActionsArtifacts(t)()
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+	session := loginUser(t, user.Name)
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/jobs/198198", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNotFound)
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/jobs/198", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusOK)
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/jobs/196", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNotFound)
+}
+
+func TestAPIActionsDeleteRunCheckPermission(t *testing.T) {
+	defer prepareTestEnvActionsArtifacts(t)()
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+	session := loginUser(t, user.Name)
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+	testAPIActionsDeleteRun(t, repo, token, http.StatusNotFound)
+}
+
+func TestAPIActionsDeleteRun(t *testing.T) {
+	defer prepareTestEnvActionsArtifacts(t)()
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+	session := loginUser(t, user.Name)
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+	testAPIActionsDeleteRunListArtifacts(t, repo, token, 2)
+	testAPIActionsDeleteRunListTasks(t, repo, token, true)
+	testAPIActionsDeleteRun(t, repo, token, http.StatusNoContent)
+
+	testAPIActionsDeleteRunListArtifacts(t, repo, token, 0)
+	testAPIActionsDeleteRunListTasks(t, repo, token, false)
+	testAPIActionsDeleteRun(t, repo, token, http.StatusNotFound)
+}
+
+func TestAPIActionsDeleteRunRunning(t *testing.T) {
+	defer prepareTestEnvActionsArtifacts(t)()
+
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+	session := loginUser(t, user.Name)
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+	req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/%s/actions/runs/793", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusBadRequest)
+}
+
+func testAPIActionsDeleteRun(t *testing.T, repo *repo_model.Repository, token string, expected int) {
+	req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/%s/actions/runs/795", repo.FullName())).
+		AddTokenAuth(token)
+	MakeRequest(t, req, expected)
+}
+
+func testAPIActionsDeleteRunListArtifacts(t *testing.T, repo *repo_model.Repository, token string, artifacts int) {
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/runs/795/artifacts", repo.FullName())).
+		AddTokenAuth(token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var listResp api.ActionArtifactsResponse
+	err := json.Unmarshal(resp.Body.Bytes(), &listResp)
+	assert.NoError(t, err)
+	assert.Len(t, listResp.Entries, artifacts)
+}
+
+func testAPIActionsDeleteRunListTasks(t *testing.T, repo *repo_model.Repository, token string, expected bool) {
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/actions/tasks", repo.FullName())).
+		AddTokenAuth(token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var listResp api.ActionTaskResponse
+	err := json.Unmarshal(resp.Body.Bytes(), &listResp)
+	assert.NoError(t, err)
+	findTask1 := false
+	findTask2 := false
+	for _, entry := range listResp.Entries {
+		if entry.ID == 53 {
+			findTask1 = true
+			continue
+		}
+		if entry.ID == 54 {
+			findTask2 = true
+			continue
+		}
+	}
+	assert.Equal(t, expected, findTask1)
+	assert.Equal(t, expected, findTask2)
+}
diff --git a/tests/integration/api_actions_runner_test.go b/tests/integration/api_actions_runner_test.go
new file mode 100644
index 0000000000..fb9ba5b0c2
--- /dev/null
+++ b/tests/integration/api_actions_runner_test.go
@@ -0,0 +1,342 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"slices"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestAPIActionsRunner(t *testing.T) {
+	t.Run("AdminRunner", testActionsRunnerAdmin)
+	t.Run("UserRunner", testActionsRunnerUser)
+	t.Run("OwnerRunner", testActionsRunnerOwner)
+	t.Run("RepoRunner", testActionsRunnerRepo)
+}
+
+func testActionsRunnerAdmin(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+	adminUsername := "user1"
+	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
+	req := NewRequest(t, "POST", "/api/v1/admin/actions/runners/registration-token").AddTokenAuth(token)
+	tokenResp := MakeRequest(t, req, http.StatusOK)
+	var registrationToken struct {
+		Token string `json:"token"`
+	}
+	DecodeJSON(t, tokenResp, &registrationToken)
+	assert.NotEmpty(t, registrationToken.Token)
+
+	req = NewRequest(t, "GET", "/api/v1/admin/actions/runners").AddTokenAuth(token)
+	runnerListResp := MakeRequest(t, req, http.StatusOK)
+	runnerList := api.ActionRunnersResponse{}
+	DecodeJSON(t, runnerListResp, &runnerList)
+
+	idx := slices.IndexFunc(runnerList.Entries, func(e *api.ActionRunner) bool { return e.ID == 34349 })
+	require.NotEqual(t, -1, idx)
+	expectedRunner := runnerList.Entries[idx]
+	assert.Equal(t, "runner_to_be_deleted", expectedRunner.Name)
+	assert.False(t, expectedRunner.Ephemeral)
+	assert.Len(t, expectedRunner.Labels, 2)
+	assert.Equal(t, "runner_to_be_deleted", expectedRunner.Labels[0].Name)
+	assert.Equal(t, "linux", expectedRunner.Labels[1].Name)
+
+	// Verify all returned runners can be requested and deleted
+	for _, runnerEntry := range runnerList.Entries {
+		// Verify get the runner by id
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/admin/actions/runners/%d", runnerEntry.ID)).AddTokenAuth(token)
+		runnerResp := MakeRequest(t, req, http.StatusOK)
+
+		runner := api.ActionRunner{}
+		DecodeJSON(t, runnerResp, &runner)
+
+		assert.Equal(t, runnerEntry.Name, runner.Name)
+		assert.Equal(t, runnerEntry.ID, runner.ID)
+		assert.Equal(t, runnerEntry.Ephemeral, runner.Ephemeral)
+		assert.ElementsMatch(t, runnerEntry.Labels, runner.Labels)
+
+		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/admin/actions/runners/%d", runnerEntry.ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+
+		// Verify runner deletion
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/admin/actions/runners/%d", runnerEntry.ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	}
+}
+
+func testActionsRunnerUser(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+	userUsername := "user1"
+	token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteUser)
+	req := NewRequest(t, "POST", "/api/v1/user/actions/runners/registration-token").AddTokenAuth(token)
+	tokenResp := MakeRequest(t, req, http.StatusOK)
+	var registrationToken struct {
+		Token string `json:"token"`
+	}
+	DecodeJSON(t, tokenResp, &registrationToken)
+	assert.NotEmpty(t, registrationToken.Token)
+
+	req = NewRequest(t, "GET", "/api/v1/user/actions/runners").AddTokenAuth(token)
+	runnerListResp := MakeRequest(t, req, http.StatusOK)
+	runnerList := api.ActionRunnersResponse{}
+	DecodeJSON(t, runnerListResp, &runnerList)
+
+	assert.Len(t, runnerList.Entries, 1)
+	assert.Equal(t, "runner_to_be_deleted-user", runnerList.Entries[0].Name)
+	assert.Equal(t, int64(34346), runnerList.Entries[0].ID)
+	assert.False(t, runnerList.Entries[0].Ephemeral)
+	assert.Len(t, runnerList.Entries[0].Labels, 2)
+	assert.Equal(t, "runner_to_be_deleted", runnerList.Entries[0].Labels[0].Name)
+	assert.Equal(t, "linux", runnerList.Entries[0].Labels[1].Name)
+
+	// Verify get the runner by id
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+	runnerResp := MakeRequest(t, req, http.StatusOK)
+
+	runner := api.ActionRunner{}
+	DecodeJSON(t, runnerResp, &runner)
+
+	assert.Equal(t, "runner_to_be_deleted-user", runner.Name)
+	assert.Equal(t, int64(34346), runner.ID)
+	assert.False(t, runner.Ephemeral)
+	assert.Len(t, runner.Labels, 2)
+	assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
+	assert.Equal(t, "linux", runner.Labels[1].Name)
+
+	// Verify delete the runner by id
+	req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNoContent)
+
+	// Verify runner deletion
+	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNotFound)
+}
+
+func testActionsRunnerOwner(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	t.Run("GetRunner", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
+		// Verify get the runner by id with read scope
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
+		runnerResp := MakeRequest(t, req, http.StatusOK)
+
+		runner := api.ActionRunner{}
+		DecodeJSON(t, runnerResp, &runner)
+
+		assert.Equal(t, "runner_to_be_deleted-org", runner.Name)
+		assert.Equal(t, int64(34347), runner.ID)
+		assert.False(t, runner.Ephemeral)
+		assert.Len(t, runner.Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
+		assert.Equal(t, "linux", runner.Labels[1].Name)
+	})
+
+	t.Run("Access", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteOrganization)
+		req := NewRequest(t, "POST", "/api/v1/orgs/org3/actions/runners/registration-token").AddTokenAuth(token)
+		tokenResp := MakeRequest(t, req, http.StatusOK)
+		var registrationToken struct {
+			Token string `json:"token"`
+		}
+		DecodeJSON(t, tokenResp, &registrationToken)
+		assert.NotEmpty(t, registrationToken.Token)
+
+		req = NewRequest(t, "GET", "/api/v1/orgs/org3/actions/runners").AddTokenAuth(token)
+		runnerListResp := MakeRequest(t, req, http.StatusOK)
+		runnerList := api.ActionRunnersResponse{}
+		DecodeJSON(t, runnerListResp, &runnerList)
+
+		idx := slices.IndexFunc(runnerList.Entries, func(e *api.ActionRunner) bool { return e.ID == 34347 })
+		require.NotEqual(t, -1, idx)
+		expectedRunner := runnerList.Entries[idx]
+
+		require.NotNil(t, expectedRunner)
+		assert.Equal(t, "runner_to_be_deleted-org", expectedRunner.Name)
+		assert.Equal(t, int64(34347), expectedRunner.ID)
+		assert.False(t, expectedRunner.Ephemeral)
+		assert.Len(t, expectedRunner.Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", expectedRunner.Labels[0].Name)
+		assert.Equal(t, "linux", expectedRunner.Labels[1].Name)
+
+		// Verify get the runner by id
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", expectedRunner.ID)).AddTokenAuth(token)
+		runnerResp := MakeRequest(t, req, http.StatusOK)
+
+		runner := api.ActionRunner{}
+		DecodeJSON(t, runnerResp, &runner)
+
+		assert.Equal(t, "runner_to_be_deleted-org", runner.Name)
+		assert.Equal(t, int64(34347), runner.ID)
+		assert.False(t, runner.Ephemeral)
+		assert.Len(t, runner.Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
+		assert.Equal(t, "linux", runner.Labels[1].Name)
+
+		// Verify delete the runner by id
+		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", expectedRunner.ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+
+		// Verify runner deletion
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", expectedRunner.ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("DeleteReadScopeForbidden", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
+
+		// Verify delete the runner by id is forbidden with read scope
+		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("GetRepoScopeForbidden", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadRepository)
+		// Verify get the runner by id with read scope
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("GetAdminRunner", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
+		// Verify get a runner by id of different entity is not found
+		// runner.EditableInContext(ownerID, repoID) false
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34349)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("DeleteAdminRunner", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteOrganization)
+		// Verify delete a runner by id of different entity is not found
+		// runner.EditableInContext(ownerID, repoID) false
+		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34349)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+}
+
+func testActionsRunnerRepo(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	t.Run("GetRunner", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadRepository)
+		// Verify get the runner by id with read scope
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 34348)).AddTokenAuth(token)
+		runnerResp := MakeRequest(t, req, http.StatusOK)
+
+		runner := api.ActionRunner{}
+		DecodeJSON(t, runnerResp, &runner)
+
+		assert.Equal(t, "runner_to_be_deleted-repo1", runner.Name)
+		assert.Equal(t, int64(34348), runner.ID)
+		assert.False(t, runner.Ephemeral)
+		assert.Len(t, runner.Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
+		assert.Equal(t, "linux", runner.Labels[1].Name)
+	})
+
+	t.Run("Access", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteRepository)
+		req := NewRequest(t, "POST", "/api/v1/repos/user2/repo1/actions/runners/registration-token").AddTokenAuth(token)
+		tokenResp := MakeRequest(t, req, http.StatusOK)
+		var registrationToken struct {
+			Token string `json:"token"`
+		}
+		DecodeJSON(t, tokenResp, &registrationToken)
+		assert.NotEmpty(t, registrationToken.Token)
+
+		req = NewRequest(t, "GET", "/api/v1/repos/user2/repo1/actions/runners").AddTokenAuth(token)
+		runnerListResp := MakeRequest(t, req, http.StatusOK)
+		runnerList := api.ActionRunnersResponse{}
+		DecodeJSON(t, runnerListResp, &runnerList)
+
+		assert.Len(t, runnerList.Entries, 1)
+		assert.Equal(t, "runner_to_be_deleted-repo1", runnerList.Entries[0].Name)
+		assert.Equal(t, int64(34348), runnerList.Entries[0].ID)
+		assert.False(t, runnerList.Entries[0].Ephemeral)
+		assert.Len(t, runnerList.Entries[0].Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", runnerList.Entries[0].Labels[0].Name)
+		assert.Equal(t, "linux", runnerList.Entries[0].Labels[1].Name)
+
+		// Verify get the runner by id
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+		runnerResp := MakeRequest(t, req, http.StatusOK)
+
+		runner := api.ActionRunner{}
+		DecodeJSON(t, runnerResp, &runner)
+
+		assert.Equal(t, "runner_to_be_deleted-repo1", runner.Name)
+		assert.Equal(t, int64(34348), runner.ID)
+		assert.False(t, runner.Ephemeral)
+		assert.Len(t, runner.Labels, 2)
+		assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
+		assert.Equal(t, "linux", runner.Labels[1].Name)
+
+		// Verify delete the runner by id
+		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+
+		// Verify runner deletion
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("DeleteReadScopeForbidden", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadRepository)
+
+		// Verify delete the runner by id is forbidden with read scope
+		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 34348)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("GetOrganizationScopeForbidden", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
+		// Verify get the runner by id with read scope
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 34348)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("GetAdminRunnerNotFound", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadRepository)
+		// Verify get a runner by id of different entity is not found
+		// runner.EditableInContext(ownerID, repoID) false
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 34349)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("DeleteAdminRunnerNotFound", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteRepository)
+		// Verify delete a runner by id of different entity is not found
+		// runner.EditableInContext(ownerID, repoID) false
+		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 34349)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("DeleteAdminRunnerNotFoundUnknownID", func(t *testing.T) {
+		userUsername := "user2"
+		token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteRepository)
+		// Verify delete a runner by unknown id is not found
+		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/user2/repo1/actions/runners/%d", 4384797347934)).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+}
diff --git a/tests/integration/api_activitypub_person_test.go b/tests/integration/api_activitypub_person_test.go
index 17d628a483..9bb1f2736e 100644
--- a/tests/integration/api_activitypub_person_test.go
+++ b/tests/integration/api_activitypub_person_test.go
@@ -72,10 +72,10 @@ func TestActivityPubPerson(t *testing.T) {
 		ctx := t.Context()
 		user1, err := user_model.GetUserByName(ctx, username1)
 		assert.NoError(t, err)
-		user1url := fmt.Sprintf("%s/api/v1/activitypub/user-id/1#main-key", srv.URL)
+		user1url := srv.URL + "/api/v1/activitypub/user-id/1#main-key"
 		c, err := activitypub.NewClient(db.DefaultContext, user1, user1url)
 		assert.NoError(t, err)
-		user2inboxurl := fmt.Sprintf("%s/api/v1/activitypub/user-id/2/inbox", srv.URL)
+		user2inboxurl := srv.URL + "/api/v1/activitypub/user-id/2/inbox"
 
 		// Signed request succeeds
 		resp, err := c.Post([]byte{}, user2inboxurl)
diff --git a/tests/integration/api_admin_test.go b/tests/integration/api_admin_test.go
index b42f05fc55..d28a103e59 100644
--- a/tests/integration/api_admin_test.go
+++ b/tests/integration/api_admin_test.go
@@ -88,7 +88,7 @@ func TestAPISudoUser(t *testing.T) {
 	normalUsername := "user2"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeReadUser)
 
-	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user?sudo=%s", normalUsername)).
+	req := NewRequest(t, "GET", "/api/v1/user?sudo="+normalUsername).
 		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
 	var user api.User
@@ -103,7 +103,7 @@ func TestAPISudoUserForbidden(t *testing.T) {
 	normalUsername := "user2"
 
 	token := getUserToken(t, normalUsername, auth_model.AccessTokenScopeReadAdmin)
-	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user?sudo=%s", adminUsername)).
+	req := NewRequest(t, "GET", "/api/v1/user?sudo="+adminUsername).
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusForbidden)
 }
@@ -193,7 +193,7 @@ func TestAPIEditUser(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s", "user2")
+	urlStr := "/api/v1/admin/users/" + "user2"
 
 	fullNameToChange := "Full Name User 2"
 	req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{
@@ -217,7 +217,7 @@ func TestAPIEditUser(t *testing.T) {
 
 	errMap := make(map[string]any)
 	json.Unmarshal(resp.Body.Bytes(), &errMap)
-	assert.EqualValues(t, "e-mail invalid [email: ]", errMap["message"].(string))
+	assert.Equal(t, "e-mail invalid [email: ]", errMap["message"].(string))
 
 	user2 = unittest.AssertExistsAndLoadBean(t, &user_model.User{LoginName: "user2"})
 	assert.False(t, user2.IsRestricted)
@@ -374,7 +374,7 @@ func TestAPIEditUser_NotAllowedEmailDomain(t *testing.T) {
 
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s", "user2")
+	urlStr := "/api/v1/admin/users/" + "user2"
 
 	newEmail := "user2@example1.com"
 	req := NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{
diff --git a/tests/integration/api_branch_test.go b/tests/integration/api_branch_test.go
index d64dd97f93..16e1f2812e 100644
--- a/tests/integration/api_branch_test.go
+++ b/tests/integration/api_branch_test.go
@@ -24,13 +24,13 @@ func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
 		AddTokenAuth(token)
 	resp := MakeRequest(t, req, NoExpectedStatus)
 	if !exists {
-		assert.EqualValues(t, http.StatusNotFound, resp.Code)
+		assert.Equal(t, http.StatusNotFound, resp.Code)
 		return
 	}
-	assert.EqualValues(t, http.StatusOK, resp.Code)
+	assert.Equal(t, http.StatusOK, resp.Code)
 	var branch api.Branch
 	DecodeJSON(t, resp, &branch)
-	assert.EqualValues(t, branchName, branch.Name)
+	assert.Equal(t, branchName, branch.Name)
 	assert.True(t, branch.UserCanPush)
 	assert.True(t, branch.UserCanMerge)
 }
@@ -44,7 +44,7 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta
 	if resp.Code == http.StatusOK {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
-		assert.EqualValues(t, branchName, branchProtection.RuleName)
+		assert.Equal(t, branchName, branchProtection.RuleName)
 		return &branchProtection
 	}
 	return nil
@@ -60,7 +60,7 @@ func testAPICreateBranchProtection(t *testing.T, branchName string, expectedPrio
 	if resp.Code == http.StatusCreated {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
-		assert.EqualValues(t, branchName, branchProtection.RuleName)
+		assert.Equal(t, branchName, branchProtection.RuleName)
 		assert.EqualValues(t, expectedPriority, branchProtection.Priority)
 	}
 }
@@ -74,7 +74,7 @@ func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.Bran
 	if resp.Code == http.StatusOK {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
-		assert.EqualValues(t, branchName, branchProtection.RuleName)
+		assert.Equal(t, branchName, branchProtection.RuleName)
 	}
 }
 
@@ -181,7 +181,7 @@ func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBran
 	DecodeJSON(t, resp, &branch)
 
 	if resp.Result().StatusCode == http.StatusCreated {
-		assert.EqualValues(t, newBranch, branch.Name)
+		assert.Equal(t, newBranch, branch.Name)
 	}
 
 	return resp.Result().StatusCode == status
@@ -303,7 +303,7 @@ func TestAPICreateBranchWithSyncBranches(t *testing.T) {
 		RepoID: 1,
 	})
 	assert.NoError(t, err)
-	assert.Len(t, branches, 4)
+	assert.Len(t, branches, 6)
 
 	// make a broke repository with no branch on database
 	_, err = db.DeleteByBean(db.DefaultContext, git_model.Branch{RepoID: 1})
@@ -320,7 +320,7 @@ func TestAPICreateBranchWithSyncBranches(t *testing.T) {
 		RepoID: 1,
 	})
 	assert.NoError(t, err)
-	assert.Len(t, branches, 5)
+	assert.Len(t, branches, 7)
 
 	branches, err = db.Find[git_model.Branch](db.DefaultContext, git_model.FindBranchOptions{
 		RepoID:  1,
diff --git a/tests/integration/api_comment_test.go b/tests/integration/api_comment_test.go
index 255b8332b2..9842c358f6 100644
--- a/tests/integration/api_comment_test.go
+++ b/tests/integration/api_comment_test.go
@@ -106,7 +106,7 @@ func TestAPICreateComment(t *testing.T) {
 
 	var updatedComment api.Comment
 	DecodeJSON(t, resp, &updatedComment)
-	assert.EqualValues(t, commentBody, updatedComment.Body)
+	assert.Equal(t, commentBody, updatedComment.Body)
 	unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{ID: updatedComment.ID, IssueID: issue.ID, Content: commentBody})
 
 	t.Run("BlockedByRepoOwner", func(t *testing.T) {
@@ -174,7 +174,7 @@ func TestAPIGetSystemUserComment(t *testing.T) {
 		user_model.NewGhostUser(),
 		user_model.NewActionsUser(),
 	} {
-		body := fmt.Sprintf("Hello %s", systemUser.Name)
+		body := "Hello " + systemUser.Name
 		comment, err := issues_model.CreateComment(db.DefaultContext, &issues_model.CreateCommentOptions{
 			Type:    issues_model.CommentTypeComment,
 			Doer:    systemUser,
@@ -233,8 +233,8 @@ func TestAPIEditComment(t *testing.T) {
 
 	var updatedComment api.Comment
 	DecodeJSON(t, resp, &updatedComment)
-	assert.EqualValues(t, comment.ID, updatedComment.ID)
-	assert.EqualValues(t, newCommentBody, updatedComment.Body)
+	assert.Equal(t, comment.ID, updatedComment.ID)
+	assert.Equal(t, newCommentBody, updatedComment.Body)
 	unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{ID: comment.ID, IssueID: issue.ID, Content: newCommentBody})
 }
 
diff --git a/tests/integration/api_fork_test.go b/tests/integration/api_fork_test.go
index 69f37f4574..2837c3b93e 100644
--- a/tests/integration/api_fork_test.go
+++ b/tests/integration/api_fork_test.go
@@ -34,7 +34,7 @@ func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
 
 	// fork into a limited org
 	limitedOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 22})
-	assert.EqualValues(t, api.VisibleTypeLimited, limitedOrg.Visibility)
+	assert.Equal(t, api.VisibleTypeLimited, limitedOrg.Visibility)
 
 	ownerTeam1, err := org_model.OrgFromUser(limitedOrg).GetOwnerTeam(db.DefaultContext)
 	assert.NoError(t, err)
@@ -49,7 +49,7 @@ func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
 	user4Sess := loginUser(t, "user4")
 	user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user4"})
 	privateOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23})
-	assert.EqualValues(t, api.VisibleTypePrivate, privateOrg.Visibility)
+	assert.Equal(t, api.VisibleTypePrivate, privateOrg.Visibility)
 
 	ownerTeam2, err := org_model.OrgFromUser(privateOrg).GetOwnerTeam(db.DefaultContext)
 	assert.NoError(t, err)
@@ -70,7 +70,7 @@ func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
 		DecodeJSON(t, resp, &forks)
 
 		assert.Empty(t, forks)
-		assert.EqualValues(t, "0", resp.Header().Get("X-Total-Count"))
+		assert.Equal(t, "0", resp.Header().Get("X-Total-Count"))
 	})
 
 	t.Run("Logged in", func(t *testing.T) {
@@ -83,7 +83,7 @@ func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
 		DecodeJSON(t, resp, &forks)
 
 		assert.Len(t, forks, 2)
-		assert.EqualValues(t, "2", resp.Header().Get("X-Total-Count"))
+		assert.Equal(t, "2", resp.Header().Get("X-Total-Count"))
 
 		assert.NoError(t, org_service.AddTeamMember(db.DefaultContext, ownerTeam2, user1))
 
@@ -94,7 +94,7 @@ func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
 		DecodeJSON(t, resp, &forks)
 
 		assert.Len(t, forks, 2)
-		assert.EqualValues(t, "2", resp.Header().Get("X-Total-Count"))
+		assert.Equal(t, "2", resp.Header().Get("X-Total-Count"))
 	})
 }
 
@@ -121,7 +121,7 @@ func TestGetPrivateReposForks(t *testing.T) {
 	forks := []*api.Repository{}
 	DecodeJSON(t, resp, &forks)
 	assert.Len(t, forks, 1)
-	assert.EqualValues(t, "1", resp.Header().Get("X-Total-Count"))
-	assert.EqualValues(t, "forked-repo", forks[0].Name)
-	assert.EqualValues(t, privateOrg.Name, forks[0].Owner.UserName)
+	assert.Equal(t, "1", resp.Header().Get("X-Total-Count"))
+	assert.Equal(t, "forked-repo", forks[0].Name)
+	assert.Equal(t, privateOrg.Name, forks[0].Owner.UserName)
 }
diff --git a/tests/integration/api_gitignore_templates_test.go b/tests/integration/api_gitignore_templates_test.go
index c58f5eebfe..1c56d51344 100644
--- a/tests/integration/api_gitignore_templates_test.go
+++ b/tests/integration/api_gitignore_templates_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"testing"
 
@@ -38,7 +37,7 @@ func TestAPIGetGitignoreTemplateInfo(t *testing.T) {
 	// Use the first template for the test
 	templateName := repo_module.Gitignores[0]
 
-	urlStr := fmt.Sprintf("/api/v1/gitignore/templates/%s", templateName)
+	urlStr := "/api/v1/gitignore/templates/" + templateName
 	req := NewRequest(t, "GET", urlStr)
 	resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_gpg_keys_test.go b/tests/integration/api_gpg_keys_test.go
index ec0dafc2d6..edfb9e6eca 100644
--- a/tests/integration/api_gpg_keys_test.go
+++ b/tests/integration/api_gpg_keys_test.go
@@ -86,13 +86,13 @@ func TestGPGKeys(t *testing.T) {
 		assert.Len(t, keys, 1)
 
 		primaryKey1 := keys[0] // Primary key 1
-		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
+		assert.Equal(t, "38EA3BCED732982C", primaryKey1.KeyID)
 		assert.Len(t, primaryKey1.Emails, 1)
-		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)
+		assert.Equal(t, "user2@example.com", primaryKey1.Emails[0].Email)
 		assert.True(t, primaryKey1.Emails[0].Verified)
 
 		subKey := primaryKey1.SubsKey[0] // Subkey of 38EA3BCED732982C
-		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
+		assert.Equal(t, "70D7C694D17D03AD", subKey.KeyID)
 		assert.Empty(t, subKey.Emails)
 
 		var key api.GPGKey
@@ -100,16 +100,16 @@ func TestGPGKeys(t *testing.T) {
 														AddTokenAuth(tokenWithGPGKeyScope)
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &key)
-		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)
+		assert.Equal(t, "38EA3BCED732982C", key.KeyID)
 		assert.Len(t, key.Emails, 1)
-		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)
+		assert.Equal(t, "user2@example.com", key.Emails[0].Email)
 		assert.True(t, key.Emails[0].Verified)
 
 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)). // Subkey of 38EA3BCED732982C
 													AddTokenAuth(tokenWithGPGKeyScope)
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &key)
-		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
+		assert.Equal(t, "70D7C694D17D03AD", key.KeyID)
 		assert.Empty(t, key.Emails)
 	})
 
diff --git a/tests/integration/api_helper_for_declarative_test.go b/tests/integration/api_helper_for_declarative_test.go
index f3a595540f..b30cdfd0fc 100644
--- a/tests/integration/api_helper_for_declarative_test.go
+++ b/tests/integration/api_helper_for_declarative_test.go
@@ -263,7 +263,7 @@ func doAPIMergePullRequest(ctx APITestContext, owner, repo string, index int64)
 		var req *RequestWrapper
 		var resp *httptest.ResponseRecorder
 
-		for i := 0; i < 6; i++ {
+		for range 6 {
 			req = NewRequestWithJSON(t, http.MethodPost, urlStr, &forms.MergePullRequestForm{
 				MergeMessageField: "doAPIMergePullRequest Merge",
 				Do:                string(repo_model.MergeStyleMerge),
@@ -276,7 +276,7 @@ func doAPIMergePullRequest(ctx APITestContext, owner, repo string, index int64)
 			}
 			err := api.APIError{}
 			DecodeJSON(t, resp, &err)
-			assert.EqualValues(t, "Please try again later", err.Message)
+			assert.Equal(t, "Please try again later", err.Message)
 			queue.GetManager().FlushAll(t.Context(), 5*time.Second)
 			<-time.After(1 * time.Second)
 		}
@@ -286,7 +286,7 @@ func doAPIMergePullRequest(ctx APITestContext, owner, repo string, index int64)
 			expected = http.StatusOK
 		}
 
-		if !assert.EqualValues(t, expected, resp.Code,
+		if !assert.Equal(t, expected, resp.Code,
 			"Request: %s %s", req.Method, req.URL.String()) {
 			logUnexpectedResponse(t, resp)
 		}
diff --git a/tests/integration/api_issue_label_test.go b/tests/integration/api_issue_label_test.go
index c9cdd46b9a..4324fd37d9 100644
--- a/tests/integration/api_issue_label_test.go
+++ b/tests/integration/api_issue_label_test.go
@@ -38,8 +38,8 @@ func TestAPIModifyLabels(t *testing.T) {
 	apiLabel := new(api.Label)
 	DecodeJSON(t, resp, &apiLabel)
 	dbLabel := unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: apiLabel.ID, RepoID: repo.ID})
-	assert.EqualValues(t, dbLabel.Name, apiLabel.Name)
-	assert.EqualValues(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
+	assert.Equal(t, dbLabel.Name, apiLabel.Name)
+	assert.Equal(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
 
 	req = NewRequestWithJSON(t, "POST", urlStr, &api.CreateLabelOption{
 		Name:        "TestL 2",
@@ -67,7 +67,7 @@ func TestAPIModifyLabels(t *testing.T) {
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiLabel)
-	assert.EqualValues(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
+	assert.Equal(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
 
 	// EditLabel
 	newName := "LabelNewName"
@@ -79,7 +79,7 @@ func TestAPIModifyLabels(t *testing.T) {
 	}).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiLabel)
-	assert.EqualValues(t, newColor, apiLabel.Color)
+	assert.Equal(t, newColor, apiLabel.Color)
 	req = NewRequestWithJSON(t, "PATCH", singleURLStr, &api.EditLabelOption{
 		Color: &newColorWrong,
 	}).AddTokenAuth(token)
@@ -165,7 +165,7 @@ func TestAPIReplaceIssueLabels(t *testing.T) {
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
 	if assert.Len(t, apiLabels, 1) {
-		assert.EqualValues(t, label.ID, apiLabels[0].ID)
+		assert.Equal(t, label.ID, apiLabels[0].ID)
 	}
 
 	unittest.AssertCount(t, &issues_model.IssueLabel{IssueID: issue.ID}, 1)
@@ -191,7 +191,7 @@ func TestAPIReplaceIssueLabelsWithLabelNames(t *testing.T) {
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
 	if assert.Len(t, apiLabels, 1) {
-		assert.EqualValues(t, label.Name, apiLabels[0].Name)
+		assert.Equal(t, label.Name, apiLabels[0].Name)
 	}
 }
 
@@ -215,8 +215,8 @@ func TestAPIModifyOrgLabels(t *testing.T) {
 	apiLabel := new(api.Label)
 	DecodeJSON(t, resp, &apiLabel)
 	dbLabel := unittest.AssertExistsAndLoadBean(t, &issues_model.Label{ID: apiLabel.ID, OrgID: owner.ID})
-	assert.EqualValues(t, dbLabel.Name, apiLabel.Name)
-	assert.EqualValues(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
+	assert.Equal(t, dbLabel.Name, apiLabel.Name)
+	assert.Equal(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
 
 	req = NewRequestWithJSON(t, "POST", urlStr, &api.CreateLabelOption{
 		Name:        "TestL 2",
@@ -244,7 +244,7 @@ func TestAPIModifyOrgLabels(t *testing.T) {
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiLabel)
-	assert.EqualValues(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
+	assert.Equal(t, strings.TrimLeft(dbLabel.Color, "#"), apiLabel.Color)
 
 	// EditLabel
 	newName := "LabelNewName"
@@ -256,7 +256,7 @@ func TestAPIModifyOrgLabels(t *testing.T) {
 	}).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiLabel)
-	assert.EqualValues(t, newColor, apiLabel.Color)
+	assert.Equal(t, newColor, apiLabel.Color)
 	req = NewRequestWithJSON(t, "PATCH", singleURLStr, &api.EditLabelOption{
 		Color: &newColorWrong,
 	}).AddTokenAuth(token)
diff --git a/tests/integration/api_issue_lock_test.go b/tests/integration/api_issue_lock_test.go
new file mode 100644
index 0000000000..47b1f2cf0d
--- /dev/null
+++ b/tests/integration/api_issue_lock_test.go
@@ -0,0 +1,74 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	issues_model "code.gitea.io/gitea/models/issues"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAPILockIssue(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	t.Run("Lock", func(t *testing.T) {
+		issueBefore := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+		assert.False(t, issueBefore.IsLocked)
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: issueBefore.RepoID})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+		urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/lock", owner.Name, repo.Name, issueBefore.Index)
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue)
+
+		// check lock issue
+		req := NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+		issueAfter := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+		assert.True(t, issueAfter.IsLocked)
+
+		// check with other user
+		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
+		session34 := loginUser(t, user34.Name)
+		token34 := getTokenForLoggedInUser(t, session34, auth_model.AccessTokenScopeAll)
+		req = NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token34)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("Unlock", func(t *testing.T) {
+		issueBefore := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: issueBefore.RepoID})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+		urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/lock", owner.Name, repo.Name, issueBefore.Index)
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue)
+
+		lockReq := NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
+		MakeRequest(t, lockReq, http.StatusNoContent)
+
+		// check unlock issue
+		req := NewRequest(t, "DELETE", urlStr).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+		issueAfter := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+		assert.False(t, issueAfter.IsLocked)
+
+		// check with other user
+		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
+		session34 := loginUser(t, user34.Name)
+		token34 := getTokenForLoggedInUser(t, session34, auth_model.AccessTokenScopeAll)
+		req = NewRequest(t, "DELETE", urlStr).AddTokenAuth(token34)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+}
diff --git a/tests/integration/api_issue_milestone_test.go b/tests/integration/api_issue_milestone_test.go
index 2d00752302..1196c8d358 100644
--- a/tests/integration/api_issue_milestone_test.go
+++ b/tests/integration/api_issue_milestone_test.go
@@ -73,7 +73,7 @@ func TestAPIIssuesMilestone(t *testing.T) {
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiMilestone)
-	assert.EqualValues(t, apiMilestones[2], apiMilestone)
+	assert.Equal(t, apiMilestones[2], apiMilestone)
 
 	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/%s/milestones?state=%s&name=%s", owner.Name, repo.Name, "all", "milestone2")).
 		AddTokenAuth(token)
diff --git a/tests/integration/api_issue_stopwatch_test.go b/tests/integration/api_issue_stopwatch_test.go
index 4765787e6f..3606d9a228 100644
--- a/tests/integration/api_issue_stopwatch_test.go
+++ b/tests/integration/api_issue_stopwatch_test.go
@@ -35,11 +35,11 @@ func TestAPIListStopWatches(t *testing.T) {
 	stopwatch := unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: owner.ID})
 	issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: stopwatch.IssueID})
 	if assert.Len(t, apiWatches, 1) {
-		assert.EqualValues(t, stopwatch.CreatedUnix.AsTime().Unix(), apiWatches[0].Created.Unix())
-		assert.EqualValues(t, issue.Index, apiWatches[0].IssueIndex)
-		assert.EqualValues(t, issue.Title, apiWatches[0].IssueTitle)
-		assert.EqualValues(t, repo.Name, apiWatches[0].RepoName)
-		assert.EqualValues(t, repo.OwnerName, apiWatches[0].RepoOwnerName)
+		assert.Equal(t, stopwatch.CreatedUnix.AsTime().Unix(), apiWatches[0].Created.Unix())
+		assert.Equal(t, issue.Index, apiWatches[0].IssueIndex)
+		assert.Equal(t, issue.Title, apiWatches[0].IssueTitle)
+		assert.Equal(t, repo.Name, apiWatches[0].RepoName)
+		assert.Equal(t, repo.OwnerName, apiWatches[0].RepoOwnerName)
 		assert.Positive(t, apiWatches[0].Seconds)
 	}
 }
diff --git a/tests/integration/api_issue_subscription_test.go b/tests/integration/api_issue_subscription_test.go
index 7a716301c4..74ba171c01 100644
--- a/tests/integration/api_issue_subscription_test.go
+++ b/tests/integration/api_issue_subscription_test.go
@@ -43,11 +43,11 @@ func TestAPIIssueSubscriptions(t *testing.T) {
 		wi := new(api.WatchInfo)
 		DecodeJSON(t, resp, wi)
 
-		assert.EqualValues(t, isWatching, wi.Subscribed)
-		assert.EqualValues(t, !isWatching, wi.Ignored)
-		assert.EqualValues(t, issue.APIURL(db.DefaultContext)+"/subscriptions", wi.URL)
+		assert.Equal(t, isWatching, wi.Subscribed)
+		assert.Equal(t, !isWatching, wi.Ignored)
+		assert.Equal(t, issue.APIURL(db.DefaultContext)+"/subscriptions", wi.URL)
 		assert.EqualValues(t, issue.CreatedUnix, wi.CreatedAt.Unix())
-		assert.EqualValues(t, issueRepo.APIURL(), wi.RepositoryURL)
+		assert.Equal(t, issueRepo.APIURL(), wi.RepositoryURL)
 	}
 
 	testSubscription(issue1, true)
diff --git a/tests/integration/api_issue_test.go b/tests/integration/api_issue_test.go
index d8394a33d9..370c90a100 100644
--- a/tests/integration/api_issue_test.go
+++ b/tests/integration/api_issue_test.go
@@ -166,7 +166,7 @@ func TestAPICreateIssueParallel(t *testing.T) {
 	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues", owner.Name, repoBefore.Name)
 
 	var wg sync.WaitGroup
-	for i := 0; i < 10; i++ {
+	for i := range 10 {
 		wg.Add(1)
 		go func(parentT *testing.T, i int) {
 			parentT.Run(fmt.Sprintf("ParallelCreateIssue_%d", i), func(t *testing.T) {
@@ -267,10 +267,7 @@ func TestAPISearchIssues(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	// as this API was used in the frontend, it uses UI page size
-	expectedIssueCount := 20 // from the fixtures
-	if expectedIssueCount > setting.UI.IssuePagingNum {
-		expectedIssueCount = setting.UI.IssuePagingNum
-	}
+	expectedIssueCount := min(20, setting.UI.IssuePagingNum) // 20 is from the fixtures
 
 	link, _ := url.Parse("/api/v1/repos/issues/search")
 	token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadIssue)
@@ -313,7 +310,7 @@ func TestAPISearchIssues(t *testing.T) {
 	req = NewRequest(t, "GET", link.String()).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiIssues)
-	assert.EqualValues(t, "22", resp.Header().Get("X-Total-Count"))
+	assert.Equal(t, "22", resp.Header().Get("X-Total-Count"))
 	assert.Len(t, apiIssues, 20)
 
 	query.Add("limit", "10")
@@ -321,7 +318,7 @@ func TestAPISearchIssues(t *testing.T) {
 	req = NewRequest(t, "GET", link.String()).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiIssues)
-	assert.EqualValues(t, "22", resp.Header().Get("X-Total-Count"))
+	assert.Equal(t, "22", resp.Header().Get("X-Total-Count"))
 	assert.Len(t, apiIssues, 10)
 
 	query = url.Values{"assigned": {"true"}, "state": {"all"}}
@@ -371,10 +368,7 @@ func TestAPISearchIssuesWithLabels(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	// as this API was used in the frontend, it uses UI page size
-	expectedIssueCount := 20 // from the fixtures
-	if expectedIssueCount > setting.UI.IssuePagingNum {
-		expectedIssueCount = setting.UI.IssuePagingNum
-	}
+	expectedIssueCount := min(20, setting.UI.IssuePagingNum) // 20 is from the fixtures
 
 	link, _ := url.Parse("/api/v1/repos/issues/search")
 	token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadIssue)
diff --git a/tests/integration/api_issue_tracked_time_test.go b/tests/integration/api_issue_tracked_time_test.go
index fd2c452b20..bd562b602e 100644
--- a/tests/integration/api_issue_tracked_time_test.go
+++ b/tests/integration/api_issue_tracked_time_test.go
@@ -41,8 +41,8 @@ func TestAPIGetTrackedTimes(t *testing.T) {
 
 	for i, time := range expect {
 		assert.Equal(t, time.ID, apiTimes[i].ID)
-		assert.EqualValues(t, issue2.Title, apiTimes[i].Issue.Title)
-		assert.EqualValues(t, issue2.ID, apiTimes[i].IssueID)
+		assert.Equal(t, issue2.Title, apiTimes[i].Issue.Title)
+		assert.Equal(t, issue2.ID, apiTimes[i].IssueID)
 		assert.Equal(t, time.Created.Unix(), apiTimes[i].Created.Unix())
 		assert.Equal(t, time.Time, apiTimes[i].Time)
 		user, err := user_model.GetUserByID(db.DefaultContext, time.UserID)
@@ -125,6 +125,6 @@ func TestAPIAddTrackedTimes(t *testing.T) {
 	DecodeJSON(t, resp, &apiNewTime)
 
 	assert.EqualValues(t, 33, apiNewTime.Time)
-	assert.EqualValues(t, user2.ID, apiNewTime.UserID)
+	assert.Equal(t, user2.ID, apiNewTime.UserID)
 	assert.EqualValues(t, 947688818, apiNewTime.Created.Unix())
 }
diff --git a/tests/integration/api_keys_test.go b/tests/integration/api_keys_test.go
index 2276b955cf..3162051acc 100644
--- a/tests/integration/api_keys_test.go
+++ b/tests/integration/api_keys_test.go
@@ -143,7 +143,7 @@ func TestCreateUserKey(t *testing.T) {
 	})
 
 	// Search by fingerprint
-	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/keys?fingerprint=%s", newPublicKey.Fingerprint)).
+	req = NewRequest(t, "GET", "/api/v1/user/keys?fingerprint="+newPublicKey.Fingerprint).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 
@@ -183,7 +183,7 @@ func TestCreateUserKey(t *testing.T) {
 	token2 := getTokenForLoggedInUser(t, session2, auth_model.AccessTokenScopeWriteUser)
 
 	// Should find key even though not ours, but we shouldn't know whose it is
-	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/keys?fingerprint=%s", newPublicKey.Fingerprint)).
+	req = NewRequest(t, "GET", "/api/v1/user/keys?fingerprint="+newPublicKey.Fingerprint).
 		AddTokenAuth(token2)
 	resp = MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_label_templates_test.go b/tests/integration/api_label_templates_test.go
index 007e979011..3e637daba6 100644
--- a/tests/integration/api_label_templates_test.go
+++ b/tests/integration/api_label_templates_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"net/url"
 	"strings"
@@ -42,7 +41,7 @@ func TestAPIGetLabelTemplateInfo(t *testing.T) {
 	// Use the first template for the test
 	templateName := repo_module.LabelTemplateFiles[0].DisplayName
 
-	urlStr := fmt.Sprintf("/api/v1/label/templates/%s", url.PathEscape(templateName))
+	urlStr := "/api/v1/label/templates/" + url.PathEscape(templateName)
 	req := NewRequest(t, "GET", urlStr)
 	resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_license_templates_test.go b/tests/integration/api_license_templates_test.go
index e12aab7c2c..52e240f9a7 100644
--- a/tests/integration/api_license_templates_test.go
+++ b/tests/integration/api_license_templates_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"net/url"
 	"testing"
@@ -39,7 +38,7 @@ func TestAPIGetLicenseTemplateInfo(t *testing.T) {
 	// Use the first template for the test
 	licenseName := repo_module.Licenses[0]
 
-	urlStr := fmt.Sprintf("/api/v1/licenses/%s", url.PathEscape(licenseName))
+	urlStr := "/api/v1/licenses/" + url.PathEscape(licenseName)
 	req := NewRequest(t, "GET", urlStr)
 	resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_notification_test.go b/tests/integration/api_notification_test.go
index dc4ba83ecc..e6bc142476 100644
--- a/tests/integration/api_notification_test.go
+++ b/tests/integration/api_notification_test.go
@@ -35,7 +35,7 @@ func TestAPINotification(t *testing.T) {
 	// -- GET /notifications --
 	// test filter
 	since := "2000-01-01T00%3A50%3A01%2B00%3A00" // 946687801
-	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/notifications?since=%s", since)).
+	req := NewRequest(t, "GET", "/api/v1/notifications?since="+since).
 		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
 	var apiNL []api.NotificationThread
@@ -104,10 +104,10 @@ func TestAPINotification(t *testing.T) {
 	assert.EqualValues(t, 5, apiN.ID)
 	assert.False(t, apiN.Pinned)
 	assert.True(t, apiN.Unread)
-	assert.EqualValues(t, "issue4", apiN.Subject.Title)
+	assert.Equal(t, "issue4", apiN.Subject.Title)
 	assert.EqualValues(t, "Issue", apiN.Subject.Type)
-	assert.EqualValues(t, thread5.Issue.APIURL(db.DefaultContext), apiN.Subject.URL)
-	assert.EqualValues(t, thread5.Repository.HTMLURL(), apiN.Repository.HTMLURL)
+	assert.Equal(t, thread5.Issue.APIURL(db.DefaultContext), apiN.Subject.URL)
+	assert.Equal(t, thread5.Repository.HTMLURL(), apiN.Repository.HTMLURL)
 
 	MakeRequest(t, NewRequest(t, "GET", "/api/v1/notifications/new"), http.StatusUnauthorized)
 
diff --git a/tests/integration/api_oauth2_apps_test.go b/tests/integration/api_oauth2_apps_test.go
index 7a17b4ca88..13f64fd69e 100644
--- a/tests/integration/api_oauth2_apps_test.go
+++ b/tests/integration/api_oauth2_apps_test.go
@@ -43,12 +43,12 @@ func testAPICreateOAuth2Application(t *testing.T) {
 	var createdApp *api.OAuth2Application
 	DecodeJSON(t, resp, &createdApp)
 
-	assert.EqualValues(t, appBody.Name, createdApp.Name)
+	assert.Equal(t, appBody.Name, createdApp.Name)
 	assert.Len(t, createdApp.ClientSecret, 56)
 	assert.Len(t, createdApp.ClientID, 36)
 	assert.True(t, createdApp.ConfidentialClient)
 	assert.NotEmpty(t, createdApp.Created)
-	assert.EqualValues(t, appBody.RedirectURIs[0], createdApp.RedirectURIs[0])
+	assert.Equal(t, appBody.RedirectURIs[0], createdApp.RedirectURIs[0])
 	unittest.AssertExistsAndLoadBean(t, &auth_model.OAuth2Application{UID: user.ID, Name: createdApp.Name})
 }
 
@@ -74,12 +74,12 @@ func testAPIListOAuth2Applications(t *testing.T) {
 	DecodeJSON(t, resp, &appList)
 	expectedApp := appList[0]
 
-	assert.EqualValues(t, expectedApp.Name, existApp.Name)
-	assert.EqualValues(t, expectedApp.ClientID, existApp.ClientID)
+	assert.Equal(t, expectedApp.Name, existApp.Name)
+	assert.Equal(t, expectedApp.ClientID, existApp.ClientID)
 	assert.Equal(t, expectedApp.ConfidentialClient, existApp.ConfidentialClient)
 	assert.Len(t, expectedApp.ClientID, 36)
 	assert.Empty(t, expectedApp.ClientSecret)
-	assert.EqualValues(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0])
+	assert.Equal(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0])
 	unittest.AssertExistsAndLoadBean(t, &auth_model.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
 }
 
@@ -128,13 +128,13 @@ func testAPIGetOAuth2Application(t *testing.T) {
 	DecodeJSON(t, resp, &app)
 	expectedApp := app
 
-	assert.EqualValues(t, expectedApp.Name, existApp.Name)
-	assert.EqualValues(t, expectedApp.ClientID, existApp.ClientID)
+	assert.Equal(t, expectedApp.Name, existApp.Name)
+	assert.Equal(t, expectedApp.ClientID, existApp.ClientID)
 	assert.Equal(t, expectedApp.ConfidentialClient, existApp.ConfidentialClient)
 	assert.Len(t, expectedApp.ClientID, 36)
 	assert.Empty(t, expectedApp.ClientSecret)
 	assert.Len(t, expectedApp.RedirectURIs, 1)
-	assert.EqualValues(t, expectedApp.RedirectURIs[0], existApp.RedirectURIs[0])
+	assert.Equal(t, expectedApp.RedirectURIs[0], existApp.RedirectURIs[0])
 	unittest.AssertExistsAndLoadBean(t, &auth_model.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
 }
 
@@ -168,8 +168,8 @@ func testAPIUpdateOAuth2Application(t *testing.T) {
 	expectedApp := app
 
 	assert.Len(t, expectedApp.RedirectURIs, 2)
-	assert.EqualValues(t, expectedApp.RedirectURIs[0], appBody.RedirectURIs[0])
-	assert.EqualValues(t, expectedApp.RedirectURIs[1], appBody.RedirectURIs[1])
+	assert.Equal(t, expectedApp.RedirectURIs[0], appBody.RedirectURIs[0])
+	assert.Equal(t, expectedApp.RedirectURIs[1], appBody.RedirectURIs[1])
 	assert.Equal(t, expectedApp.ConfidentialClient, appBody.ConfidentialClient)
 	unittest.AssertExistsAndLoadBean(t, &auth_model.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
 }
diff --git a/tests/integration/api_org_test.go b/tests/integration/api_org_test.go
index d766b1e8be..6577bd1684 100644
--- a/tests/integration/api_org_test.go
+++ b/tests/integration/api_org_test.go
@@ -22,6 +22,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestAPIOrgCreateRename(t *testing.T) {
@@ -59,7 +60,7 @@ func TestAPIOrgCreateRename(t *testing.T) {
 	req = NewRequestf(t, "GET", "/api/v1/orgs/%s", org.UserName).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiOrg)
-	assert.EqualValues(t, org.UserName, apiOrg.Name)
+	assert.Equal(t, org.UserName, apiOrg.Name)
 
 	t.Run("CheckPermission", func(t *testing.T) {
 		// Check owner team permission
@@ -86,7 +87,7 @@ func TestAPIOrgCreateRename(t *testing.T) {
 		var users []*api.User
 		DecodeJSON(t, resp, &users)
 		assert.Len(t, users, 1)
-		assert.EqualValues(t, "user1", users[0].UserName)
+		assert.Equal(t, "user1", users[0].UserName)
 	})
 
 	t.Run("RenameOrg", func(t *testing.T) {
@@ -110,121 +111,142 @@ func TestAPIOrgCreateRename(t *testing.T) {
 	})
 }
 
-func TestAPIOrgEdit(t *testing.T) {
+func TestAPIOrgGeneral(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-	session := loginUser(t, "user1")
-
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization)
-	org := api.EditOrgOption{
-		FullName:    "Org3 organization new full name",
-		Description: "A new description",
-		Website:     "https://try.gitea.io/new",
-		Location:    "Beijing",
-		Visibility:  "private",
-	}
-	req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
+	user1Session := loginUser(t, "user1")
+	user1Token := getTokenForLoggedInUser(t, user1Session, auth_model.AccessTokenScopeWriteOrganization)
+
+	t.Run("OrgGetAll", func(t *testing.T) {
+		// accessing with a token will return all orgs
+		req := NewRequest(t, "GET", "/api/v1/orgs").AddTokenAuth(user1Token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiOrgList []*api.Organization
+
+		DecodeJSON(t, resp, &apiOrgList)
+		assert.Len(t, apiOrgList, 13)
+		assert.Equal(t, "Limited Org 36", apiOrgList[1].FullName)
+		assert.Equal(t, "limited", apiOrgList[1].Visibility)
+
+		// accessing without a token will return only public orgs
+		req = NewRequest(t, "GET", "/api/v1/orgs")
+		resp = MakeRequest(t, req, http.StatusOK)
 
-	var apiOrg api.Organization
-	DecodeJSON(t, resp, &apiOrg)
+		DecodeJSON(t, resp, &apiOrgList)
+		assert.Len(t, apiOrgList, 9)
+		assert.Equal(t, "org 17", apiOrgList[0].FullName)
+		assert.Equal(t, "public", apiOrgList[0].Visibility)
+	})
 
-	assert.Equal(t, "org3", apiOrg.Name)
-	assert.Equal(t, org.FullName, apiOrg.FullName)
-	assert.Equal(t, org.Description, apiOrg.Description)
-	assert.Equal(t, org.Website, apiOrg.Website)
-	assert.Equal(t, org.Location, apiOrg.Location)
-	assert.Equal(t, org.Visibility, apiOrg.Visibility)
-}
+	t.Run("OrgEdit", func(t *testing.T) {
+		org := api.EditOrgOption{
+			FullName:    "Org3 organization new full name",
+			Description: "A new description",
+			Website:     "https://try.gitea.io/new",
+			Location:    "Beijing",
+			Visibility:  "private",
+		}
+		req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).AddTokenAuth(user1Token)
+		resp := MakeRequest(t, req, http.StatusOK)
+
+		var apiOrg api.Organization
+		DecodeJSON(t, resp, &apiOrg)
+
+		assert.Equal(t, "org3", apiOrg.Name)
+		assert.Equal(t, org.FullName, apiOrg.FullName)
+		assert.Equal(t, org.Description, apiOrg.Description)
+		assert.Equal(t, org.Website, apiOrg.Website)
+		assert.Equal(t, org.Location, apiOrg.Location)
+		assert.Equal(t, org.Visibility, apiOrg.Visibility)
+	})
 
-func TestAPIOrgEditBadVisibility(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-	session := loginUser(t, "user1")
-
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization)
-	org := api.EditOrgOption{
-		FullName:    "Org3 organization new full name",
-		Description: "A new description",
-		Website:     "https://try.gitea.io/new",
-		Location:    "Beijing",
-		Visibility:  "badvisibility",
-	}
-	req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusUnprocessableEntity)
-}
+	t.Run("OrgEditBadVisibility", func(t *testing.T) {
+		org := api.EditOrgOption{
+			FullName:    "Org3 organization new full name",
+			Description: "A new description",
+			Website:     "https://try.gitea.io/new",
+			Location:    "Beijing",
+			Visibility:  "badvisibility",
+		}
+		req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).AddTokenAuth(user1Token)
+		MakeRequest(t, req, http.StatusUnprocessableEntity)
+	})
 
-func TestAPIOrgDeny(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-	defer test.MockVariableValue(&setting.Service.RequireSignInView, true)()
+	t.Run("OrgDeny", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
 
-	orgName := "user1_org"
-	req := NewRequestf(t, "GET", "/api/v1/orgs/%s", orgName)
-	MakeRequest(t, req, http.StatusNotFound)
+		orgName := "user1_org"
+		req := NewRequestf(t, "GET", "/api/v1/orgs/%s", orgName)
+		MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", orgName)
-	MakeRequest(t, req, http.StatusNotFound)
+		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", orgName)
+		MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", orgName)
-	MakeRequest(t, req, http.StatusNotFound)
-}
+		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", orgName)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
 
-func TestAPIGetAll(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-	token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadOrganization)
+	t.Run("OrgSearchEmptyTeam", func(t *testing.T) {
+		orgName := "org_with_empty_team"
+		// create org
+		req := NewRequestWithJSON(t, "POST", "/api/v1/orgs", &api.CreateOrgOption{
+			UserName: orgName,
+		}).AddTokenAuth(user1Token)
+		MakeRequest(t, req, http.StatusCreated)
+
+		// create team with no member
+		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", orgName), &api.CreateTeamOption{
+			Name:                    "Empty",
+			IncludesAllRepositories: true,
+			Permission:              "read",
+			Units:                   []string{"repo.code", "repo.issues", "repo.ext_issues", "repo.wiki", "repo.pulls"},
+		}).AddTokenAuth(user1Token)
+		MakeRequest(t, req, http.StatusCreated)
+
+		// case-insensitive search for teams that have no members
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/%s/teams/search?q=%s", orgName, "empty")).
+			AddTokenAuth(user1Token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		data := struct {
+			Ok   bool
+			Data []*api.Team
+		}{}
+		DecodeJSON(t, resp, &data)
+		assert.True(t, data.Ok)
+		if assert.Len(t, data.Data, 1) {
+			assert.Equal(t, "Empty", data.Data[0].Name)
+		}
+	})
 
-	// accessing with a token will return all orgs
-	req := NewRequest(t, "GET", "/api/v1/orgs").
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiOrgList []*api.Organization
+	t.Run("User2ChangeStatus", func(t *testing.T) {
+		user2Session := loginUser(t, "user2")
+		user2Token := getTokenForLoggedInUser(t, user2Session, auth_model.AccessTokenScopeWriteOrganization)
 
-	DecodeJSON(t, resp, &apiOrgList)
-	assert.Len(t, apiOrgList, 13)
-	assert.Equal(t, "Limited Org 36", apiOrgList[1].FullName)
-	assert.Equal(t, "limited", apiOrgList[1].Visibility)
+		req := NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user2").AddTokenAuth(user2Token)
+		MakeRequest(t, req, http.StatusNoContent)
+		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user2").AddTokenAuth(user2Token)
+		MakeRequest(t, req, http.StatusNoContent)
 
-	// accessing without a token will return only public orgs
-	req = NewRequest(t, "GET", "/api/v1/orgs")
-	resp = MakeRequest(t, req, http.StatusOK)
+		// non admin but org owner could also change other member's status
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})
+		require.False(t, user2.IsAdmin)
+		req = NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user2Token)
+		MakeRequest(t, req, http.StatusNoContent)
+		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user2Token)
+		MakeRequest(t, req, http.StatusNoContent)
+	})
 
-	DecodeJSON(t, resp, &apiOrgList)
-	assert.Len(t, apiOrgList, 9)
-	assert.Equal(t, "org 17", apiOrgList[0].FullName)
-	assert.Equal(t, "public", apiOrgList[0].Visibility)
-}
+	t.Run("User4ChangeStatus", func(t *testing.T) {
+		user4Session := loginUser(t, "user4")
+		user4Token := getTokenForLoggedInUser(t, user4Session, auth_model.AccessTokenScopeWriteOrganization)
 
-func TestAPIOrgSearchEmptyTeam(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-	token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteOrganization)
-	orgName := "org_with_empty_team"
-
-	// create org
-	req := NewRequestWithJSON(t, "POST", "/api/v1/orgs", &api.CreateOrgOption{
-		UserName: orgName,
-	}).AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusCreated)
-
-	// create team with no member
-	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", orgName), &api.CreateTeamOption{
-		Name:                    "Empty",
-		IncludesAllRepositories: true,
-		Permission:              "read",
-		Units:                   []string{"repo.code", "repo.issues", "repo.ext_issues", "repo.wiki", "repo.pulls"},
-	}).AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusCreated)
-
-	// case-insensitive search for teams that have no members
-	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/%s/teams/search?q=%s", orgName, "empty")).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	data := struct {
-		Ok   bool
-		Data []*api.Team
-	}{}
-	DecodeJSON(t, resp, &data)
-	assert.True(t, data.Ok)
-	if assert.Len(t, data.Data, 1) {
-		assert.EqualValues(t, "Empty", data.Data[0].Name)
-	}
+		// user4 is a normal team member, they could change their own status
+		req := NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user4").AddTokenAuth(user4Token)
+		MakeRequest(t, req, http.StatusNoContent)
+		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user4").AddTokenAuth(user4Token)
+		MakeRequest(t, req, http.StatusNoContent)
+		req = NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user4Token)
+		MakeRequest(t, req, http.StatusForbidden)
+		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user4Token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
 }
diff --git a/tests/integration/api_packages_arch_test.go b/tests/integration/api_packages_arch_test.go
index b9064ca3d1..e5778b4203 100644
--- a/tests/integration/api_packages_arch_test.go
+++ b/tests/integration/api_packages_arch_test.go
@@ -163,7 +163,7 @@ license = MIT`)
 					assert.Condition(t, func() bool {
 						seen := false
 						expectedFilename := fmt.Sprintf("%s-%s-aarch64.pkg.tar.%s", packageName, packageVersion, compression)
-						expectedCompositeKey := fmt.Sprintf("%s|aarch64", repository)
+						expectedCompositeKey := repository + "|aarch64"
 						for _, pf := range pfs {
 							if pf.Name == expectedFilename && pf.CompositeKey == expectedCompositeKey {
 								if seen {
@@ -321,7 +321,7 @@ license = MIT`)
 		_, has = content["gitea-test-1.0.1/desc"]
 		assert.True(t, has)
 
-		req = NewRequest(t, "DELETE", fmt.Sprintf("%s/gitea-test/1.0.1/aarch64", rootURL)).
+		req = NewRequest(t, "DELETE", rootURL+"/gitea-test/1.0.1/aarch64").
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, http.StatusNoContent)
 
diff --git a/tests/integration/api_packages_cargo_test.go b/tests/integration/api_packages_cargo_test.go
index 3fb9687653..8b5caa7ea7 100644
--- a/tests/integration/api_packages_cargo_test.go
+++ b/tests/integration/api_packages_cargo_test.go
@@ -94,7 +94,7 @@ func testPackageCargo(t *testing.T, _ *neturl.URL) {
 	}
 
 	root := fmt.Sprintf("%sapi/packages/%s/cargo", setting.AppURL, user.Name)
-	url := fmt.Sprintf("%s/api/v1/crates", root)
+	url := root + "/api/v1/crates"
 
 	t.Run("Index", func(t *testing.T) {
 		t.Run("Git/Config", func(t *testing.T) {
diff --git a/tests/integration/api_packages_chef_test.go b/tests/integration/api_packages_chef_test.go
index 6efb2708af..8f2c2592e7 100644
--- a/tests/integration/api_packages_chef_test.go
+++ b/tests/integration/api_packages_chef_test.go
@@ -181,7 +181,7 @@ nwIDAQAB
 
 				var data []byte
 				if version == "1.3" {
-					data = []byte(fmt.Sprintf(
+					data = fmt.Appendf(nil,
 						"Method:%s\nPath:%s\nX-Ops-Content-Hash:%s\nX-Ops-Sign:version=%s\nX-Ops-Timestamp:%s\nX-Ops-UserId:%s\nX-Ops-Server-API-Version:%s",
 						req.Method,
 						path.Clean(req.URL.Path),
@@ -190,17 +190,17 @@ nwIDAQAB
 						req.Header.Get("X-Ops-Timestamp"),
 						username,
 						req.Header.Get("X-Ops-Server-Api-Version"),
-					))
+					)
 				} else {
 					sum := sha1.Sum([]byte(path.Clean(req.URL.Path)))
-					data = []byte(fmt.Sprintf(
+					data = fmt.Appendf(nil,
 						"Method:%s\nHashed Path:%s\nX-Ops-Content-Hash:%s\nX-Ops-Timestamp:%s\nX-Ops-UserId:%s",
 						req.Method,
 						base64.StdEncoding.EncodeToString(sum[:]),
 						req.Header.Get("X-Ops-Content-Hash"),
 						req.Header.Get("X-Ops-Timestamp"),
 						username,
-					))
+					)
 				}
 
 				for k := range req.Header {
@@ -274,7 +274,7 @@ nwIDAQAB
 	uploadPackage := func(t *testing.T, version string, expectedStatus int) {
 		var body bytes.Buffer
 		mpw := multipart.NewWriter(&body)
-		part, _ := mpw.CreateFormFile("tarball", fmt.Sprintf("%s.tar.gz", version))
+		part, _ := mpw.CreateFormFile("tarball", version+".tar.gz")
 		zw := gzip.NewWriter(part)
 		tw := tar.NewWriter(zw)
 
@@ -320,7 +320,7 @@ nwIDAQAB
 		pfs, err := packages.GetFilesByVersionID(db.DefaultContext, pvs[0].ID)
 		assert.NoError(t, err)
 		assert.Len(t, pfs, 1)
-		assert.Equal(t, fmt.Sprintf("%s.tar.gz", packageVersion), pfs[0].Name)
+		assert.Equal(t, packageVersion+".tar.gz", pfs[0].Name)
 		assert.True(t, pfs[0].IsLead)
 
 		uploadPackage(t, packageVersion, http.StatusConflict)
diff --git a/tests/integration/api_packages_composer_test.go b/tests/integration/api_packages_composer_test.go
index bc858c7476..54f61d91d9 100644
--- a/tests/integration/api_packages_composer_test.go
+++ b/tests/integration/api_packages_composer_test.go
@@ -64,7 +64,7 @@ func TestPackageComposer(t *testing.T) {
 	t.Run("ServiceIndex", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/packages.json", url)).
+		req := NewRequest(t, "GET", url+"/packages.json").
 			AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_packages_conan_test.go b/tests/integration/api_packages_conan_test.go
index 3055e57a2e..4e83c998b8 100644
--- a/tests/integration/api_packages_conan_test.go
+++ b/tests/integration/api_packages_conan_test.go
@@ -91,18 +91,18 @@ func uploadConanPackageV1(t *testing.T, baseURL, token, name, version, user, cha
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/digest", recipeURL)).
+	req = NewRequest(t, "GET", recipeURL+"/digest").
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/download_urls", recipeURL)).
+	req = NewRequest(t, "GET", recipeURL+"/download_urls").
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "POST", fmt.Sprintf("%s/upload_urls", recipeURL))
+	req = NewRequest(t, "POST", recipeURL+"/upload_urls")
 	MakeRequest(t, req, http.StatusUnauthorized)
 
-	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/upload_urls", recipeURL), map[string]int64{
+	req = NewRequestWithJSON(t, "POST", recipeURL+"/upload_urls", map[string]int64{
 		conanfileName: int64(len(contentConanfile)),
 		"removed.txt": 0,
 	}).AddTokenAuth(token)
@@ -127,18 +127,18 @@ func uploadConanPackageV1(t *testing.T, baseURL, token, name, version, user, cha
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/digest", packageURL)).
+	req = NewRequest(t, "GET", packageURL+"/digest").
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/download_urls", packageURL)).
+	req = NewRequest(t, "GET", packageURL+"/download_urls").
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
-	req = NewRequest(t, "POST", fmt.Sprintf("%s/upload_urls", packageURL))
+	req = NewRequest(t, "POST", packageURL+"/upload_urls")
 	MakeRequest(t, req, http.StatusUnauthorized)
 
-	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/upload_urls", packageURL), map[string]int64{
+	req = NewRequestWithJSON(t, "POST", packageURL+"/upload_urls", map[string]int64{
 		conaninfoName: int64(len(contentConaninfo)),
 		"removed.txt": 0,
 	}).AddTokenAuth(token)
@@ -167,7 +167,7 @@ func uploadConanPackageV2(t *testing.T, baseURL, token, name, version, user, cha
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusCreated)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/files", recipeURL)).
+	req = NewRequest(t, "GET", recipeURL+"/files").
 		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
 
@@ -180,7 +180,7 @@ func uploadConanPackageV2(t *testing.T, baseURL, token, name, version, user, cha
 
 	packageURL := fmt.Sprintf("%s/packages/%s/revisions/%s", recipeURL, conanPackageReference, packageRevision)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/files", packageURL)).
+	req = NewRequest(t, "GET", packageURL+"/files").
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 
@@ -188,7 +188,7 @@ func uploadConanPackageV2(t *testing.T, baseURL, token, name, version, user, cha
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusCreated)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("%s/files", packageURL)).
+	req = NewRequest(t, "GET", packageURL+"/files").
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 
@@ -219,7 +219,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("Ping", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/ping", url))
+			req := NewRequest(t, "GET", url+"/v1/ping")
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			assert.Equal(t, "revisions", resp.Header().Get("X-Conan-Server-Capabilities"))
@@ -230,7 +230,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("UserName/Password Authenticate", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/users/authenticate", url)).
+			req := NewRequest(t, "GET", url+"/v1/users/authenticate").
 				AddBasicAuth(user.Name)
 			resp := MakeRequest(t, req, http.StatusOK)
 
@@ -256,7 +256,7 @@ func TestPackageConan(t *testing.T) {
 
 				token := getTokenForLoggedInUser(t, session, scope)
 
-				req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/users/authenticate", url)).
+				req := NewRequest(t, "GET", url+"/v1/users/authenticate").
 					AddTokenAuth(token)
 				resp := MakeRequest(t, req, expectedAuthStatusCode)
 				if expectedAuthStatusCode != http.StatusOK {
@@ -273,7 +273,7 @@ func TestPackageConan(t *testing.T) {
 
 				recipeURL := fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s", url, "TestScope", version1, "testing", channel1)
 
-				req = NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/upload_urls", recipeURL), map[string]int64{
+				req = NewRequestWithJSON(t, "POST", recipeURL+"/upload_urls", map[string]int64{
 					conanfileName: 64,
 					"removed.txt": 0,
 				}).AddTokenAuth(token)
@@ -308,7 +308,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("CheckCredentials", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/users/check_credentials", url)).
+			req := NewRequest(t, "GET", url+"/v1/users/check_credentials").
 				AddTokenAuth(token)
 			MakeRequest(t, req, http.StatusOK)
 		})
@@ -356,7 +356,7 @@ func TestPackageConan(t *testing.T) {
 
 						assert.Equal(t, int64(len(contentConaninfo)), pb.Size)
 					} else {
-						assert.FailNow(t, "unknown file: %s", pf.Name)
+						assert.FailNow(t, "unknown file", "unknown file: %s", pf.Name)
 					}
 				}
 			})
@@ -376,14 +376,14 @@ func TestPackageConan(t *testing.T) {
 			assert.Contains(t, fileHashes, conanfileName)
 			assert.Equal(t, "7abc52241c22090782c54731371847a8", fileHashes[conanfileName])
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%s/digest", recipeURL))
+			req = NewRequest(t, "GET", recipeURL+"/digest")
 			resp = MakeRequest(t, req, http.StatusOK)
 
 			downloadURLs := make(map[string]string)
 			DecodeJSON(t, resp, &downloadURLs)
 			assert.Contains(t, downloadURLs, conanfileName)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%s/download_urls", recipeURL))
+			req = NewRequest(t, "GET", recipeURL+"/download_urls")
 			resp = MakeRequest(t, req, http.StatusOK)
 
 			DecodeJSON(t, resp, &downloadURLs)
@@ -404,14 +404,14 @@ func TestPackageConan(t *testing.T) {
 			assert.Contains(t, fileHashes, conaninfoName)
 			assert.Equal(t, "7628bfcc5b17f1470c468621a78df394", fileHashes[conaninfoName])
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%s/digest", packageURL))
+			req = NewRequest(t, "GET", packageURL+"/digest")
 			resp = MakeRequest(t, req, http.StatusOK)
 
 			downloadURLs = make(map[string]string)
 			DecodeJSON(t, resp, &downloadURLs)
 			assert.Contains(t, downloadURLs, conaninfoName)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%s/download_urls", packageURL))
+			req = NewRequest(t, "GET", packageURL+"/download_urls")
 			resp = MakeRequest(t, req, http.StatusOK)
 
 			DecodeJSON(t, resp, &downloadURLs)
@@ -550,7 +550,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("Ping", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/ping", url))
+			req := NewRequest(t, "GET", url+"/v2/ping")
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			assert.Equal(t, "revisions", resp.Header().Get("X-Conan-Server-Capabilities"))
@@ -561,7 +561,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("UserName/Password Authenticate", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/users/authenticate", url)).
+			req := NewRequest(t, "GET", url+"/v2/users/authenticate").
 				AddBasicAuth(user.Name)
 			resp := MakeRequest(t, req, http.StatusOK)
 
@@ -573,7 +573,7 @@ func TestPackageConan(t *testing.T) {
 			assert.Equal(t, user.ID, pkgMeta.UserID)
 			assert.Equal(t, auth_model.AccessTokenScopeAll, pkgMeta.Scope)
 
-			token = fmt.Sprintf("Bearer %s", body)
+			token = "Bearer " + body
 		})
 
 		badToken := ""
@@ -590,7 +590,7 @@ func TestPackageConan(t *testing.T) {
 
 				token := getTokenForLoggedInUser(t, session, scope)
 
-				req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/users/authenticate", url)).
+				req := NewRequest(t, "GET", url+"/v2/users/authenticate").
 					AddTokenAuth(token)
 				resp := MakeRequest(t, req, expectedAuthStatusCode)
 				if expectedAuthStatusCode != http.StatusOK {
@@ -640,7 +640,7 @@ func TestPackageConan(t *testing.T) {
 		t.Run("CheckCredentials", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/users/check_credentials", url)).
+			req := NewRequest(t, "GET", url+"/v2/users/check_credentials").
 				AddTokenAuth(token)
 			MakeRequest(t, req, http.StatusOK)
 		})
@@ -664,7 +664,7 @@ func TestPackageConan(t *testing.T) {
 
 			recipeURL := fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s", url, name, version1, user1, channel1)
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/latest", recipeURL))
+			req := NewRequest(t, "GET", recipeURL+"/latest")
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			obj := make(map[string]string)
diff --git a/tests/integration/api_packages_conda_test.go b/tests/integration/api_packages_conda_test.go
index 272a660d45..32f55e5435 100644
--- a/tests/integration/api_packages_conda_test.go
+++ b/tests/integration/api_packages_conda_test.go
@@ -193,19 +193,19 @@ func TestPackageConda(t *testing.T) {
 			Removed       map[string]*PackageInfo `json:"removed"`
 		}
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/noarch/repodata.json", root))
+		req := NewRequest(t, "GET", root+"/noarch/repodata.json")
 		resp := MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "application/json", resp.Header().Get("Content-Type"))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%s/noarch/repodata.json.bz2", root))
+		req = NewRequest(t, "GET", root+"/noarch/repodata.json.bz2")
 		resp = MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "application/x-bzip2", resp.Header().Get("Content-Type"))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%s/noarch/current_repodata.json", root))
+		req = NewRequest(t, "GET", root+"/noarch/current_repodata.json")
 		resp = MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "application/json", resp.Header().Get("Content-Type"))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%s/noarch/current_repodata.json.bz2", root))
+		req = NewRequest(t, "GET", root+"/noarch/current_repodata.json.bz2")
 		resp = MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "application/x-bzip2", resp.Header().Get("Content-Type"))
 
@@ -218,7 +218,7 @@ func TestPackageConda(t *testing.T) {
 			pd, err := packages.GetPackageDescriptor(db.DefaultContext, pv)
 			assert.NoError(t, err)
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/noarch/repodata.json", root))
+			req := NewRequest(t, "GET", root+"/noarch/repodata.json")
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			var result RepoData
diff --git a/tests/integration/api_packages_container_test.go b/tests/integration/api_packages_container_test.go
index 3905ad1b70..204f099bbe 100644
--- a/tests/integration/api_packages_container_test.go
+++ b/tests/integration/api_packages_container_test.go
@@ -7,8 +7,10 @@ import (
 	"bytes"
 	"crypto/sha256"
 	"encoding/base64"
+	"encoding/hex"
 	"fmt"
 	"net/http"
+	"strconv"
 	"strings"
 	"sync"
 	"testing"
@@ -16,7 +18,6 @@ import (
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	packages_model "code.gitea.io/gitea/models/packages"
-	container_model "code.gitea.io/gitea/models/packages/container"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	container_module "code.gitea.io/gitea/modules/packages/container"
@@ -56,7 +57,7 @@ func TestPackageContainer(t *testing.T) {
 		return values
 	}
 
-	images := []string{"test", "te/st"}
+	images := []string{"test", "sub/name"}
 	tags := []string{"latest", "main"}
 	multiTag := "multi"
 
@@ -69,7 +70,8 @@ func TestPackageContainer(t *testing.T) {
 	configContent := `{"architecture":"amd64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/true"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"container":"b89fe92a887d55c0961f02bdfbfd8ac3ddf66167db374770d2d9e9fab3311510","container_config":{"Hostname":"b89fe92a887d","Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/true\"]"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"created":"2022-01-01T00:00:00.000000000Z","docker_version":"20.10.12","history":[{"created":"2022-01-01T00:00:00.000000000Z","created_by":"/bin/sh -c #(nop) COPY file:0e7589b0c800daaf6fa460d2677101e4676dd9491980210cb345480e513f3602 in /true "},{"created":"2022-01-01T00:00:00.000000001Z","created_by":"/bin/sh -c #(nop)  CMD [\"/true\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:0ff3b91bdf21ecdf2f2f3d4372c2098a14dbe06cd678e8f0a85fd4902d00e2e2"]}}`
 
 	manifestDigest := "sha256:4f10484d1c1bb13e3956b4de1cd42db8e0f14a75be1617b60f2de3cd59c803c6"
-	manifestContent := `{"schemaVersion":2,"mediaType":"application/vnd.docker.distribution.manifest.v2+json","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`
+	manifestContent := `{"schemaVersion":2,"mediaType":"` + container_module.ContentTypeDockerDistributionManifestV2 + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`
+	manifestContentType := container_module.ContentTypeDockerDistributionManifestV2
 
 	untaggedManifestDigest := "sha256:4305f5f5572b9a426b88909b036e52ee3cf3d7b9c1b01fac840e90747f56623d"
 	untaggedManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`
@@ -92,12 +94,12 @@ func TestPackageContainer(t *testing.T) {
 		t.Run("Anonymous", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
+			req := NewRequest(t, "GET", setting.AppURL+"v2")
 			resp := MakeRequest(t, req, http.StatusUnauthorized)
 
 			assert.ElementsMatch(t, defaultAuthenticateValues, resp.Header().Values("WWW-Authenticate"))
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
+			req = NewRequest(t, "GET", setting.AppURL+"v2/token")
 			resp = MakeRequest(t, req, http.StatusOK)
 
 			tokenResponse := &TokenResponse{}
@@ -105,18 +107,18 @@ func TestPackageContainer(t *testing.T) {
 
 			assert.NotEmpty(t, tokenResponse.Token)
 
-			anonymousToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)
+			anonymousToken = "Bearer " + tokenResponse.Token
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
+			req = NewRequest(t, "GET", setting.AppURL+"v2").
 				AddTokenAuth(anonymousToken)
 			MakeRequest(t, req, http.StatusOK)
 
-			defer test.MockVariableValue(&setting.Service.RequireSignInView, true)()
+			defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
+			req = NewRequest(t, "GET", setting.AppURL+"v2")
 			MakeRequest(t, req, http.StatusUnauthorized)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
+			req = NewRequest(t, "GET", setting.AppURL+"v2/token")
 			MakeRequest(t, req, http.StatusUnauthorized)
 
 			defer test.MockVariableValue(&setting.AppURL, "https://domain:8443/sub-path/")()
@@ -129,12 +131,12 @@ func TestPackageContainer(t *testing.T) {
 		t.Run("UserName/Password", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
+			req := NewRequest(t, "GET", setting.AppURL+"v2")
 			resp := MakeRequest(t, req, http.StatusUnauthorized)
 
 			assert.ElementsMatch(t, defaultAuthenticateValues, resp.Header().Values("WWW-Authenticate"))
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL)).
+			req = NewRequest(t, "GET", setting.AppURL+"v2/token").
 				AddBasicAuth(user.Name)
 			resp = MakeRequest(t, req, http.StatusOK)
 
@@ -147,9 +149,9 @@ func TestPackageContainer(t *testing.T) {
 			assert.Equal(t, user.ID, pkgMeta.UserID)
 			assert.Equal(t, auth_model.AccessTokenScopeAll, pkgMeta.Scope)
 
-			userToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)
+			userToken = "Bearer " + tokenResponse.Token
 
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
+			req = NewRequest(t, "GET", setting.AppURL+"v2").
 				AddTokenAuth(userToken)
 			MakeRequest(t, req, http.StatusOK)
 		})
@@ -161,23 +163,23 @@ func TestPackageContainer(t *testing.T) {
 			session := loginUser(t, user.Name)
 
 			readToken = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadPackage)
-			req := NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
+			req := NewRequest(t, "GET", setting.AppURL+"v2/token")
 			req.Request.SetBasicAuth(user.Name, readToken)
 			resp := MakeRequest(t, req, http.StatusOK)
 			tokenResponse := &TokenResponse{}
 			DecodeJSON(t, resp, &tokenResponse)
 
-			readToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)
+			readToken = "Bearer " + tokenResponse.Token
 
 			badToken = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadNotification)
-			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
+			req = NewRequest(t, "GET", setting.AppURL+"v2/token")
 			req.Request.SetBasicAuth(user.Name, badToken)
 			MakeRequest(t, req, http.StatusUnauthorized)
 
 			testCase := func(scope auth_model.AccessTokenScope, expectedAuthStatus, expectedStatus int) {
 				token := getTokenForLoggedInUser(t, session, scope)
 
-				req := NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
+				req := NewRequest(t, "GET", setting.AppURL+"v2/token")
 				req.SetBasicAuth(user.Name, token)
 
 				resp := MakeRequest(t, req, expectedAuthStatus)
@@ -190,8 +192,8 @@ func TestPackageContainer(t *testing.T) {
 
 				assert.NotEmpty(t, tokenResponse.Token)
 
-				req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
-					AddTokenAuth(fmt.Sprintf("Bearer %s", tokenResponse.Token))
+				req = NewRequest(t, "GET", setting.AppURL+"v2").
+					AddTokenAuth("Bearer " + tokenResponse.Token)
 				MakeRequest(t, req, expectedStatus)
 			}
 			testCase(auth_model.AccessTokenScopeReadPackage, http.StatusOK, http.StatusOK)
@@ -204,17 +206,17 @@ func TestPackageContainer(t *testing.T) {
 	t.Run("DetermineSupport", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
+		req := NewRequest(t, "GET", setting.AppURL+"v2").
 			AddTokenAuth(userToken)
 		resp := MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "registry/2.0", resp.Header().Get("Docker-Distribution-Api-Version"))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
+		req = NewRequest(t, "GET", setting.AppURL+"v2").
 			AddTokenAuth(readToken)
 		resp = MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "registry/2.0", resp.Header().Get("Docker-Distribution-Api-Version"))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)).
+		req = NewRequest(t, "GET", setting.AppURL+"v2").
 			AddTokenAuth(badToken)
 		MakeRequest(t, req, http.StatusUnauthorized)
 	})
@@ -226,15 +228,15 @@ func TestPackageContainer(t *testing.T) {
 			t.Run("UploadBlob/Monolithic", func(t *testing.T) {
 				defer tests.PrintCurrentTest(t)()
 
-				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req := NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(anonymousToken)
 				MakeRequest(t, req, http.StatusUnauthorized)
 
-				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req = NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(readToken)
 				MakeRequest(t, req, http.StatusUnauthorized)
 
-				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req = NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(badToken)
 				MakeRequest(t, req, http.StatusUnauthorized)
 
@@ -249,7 +251,7 @@ func TestPackageContainer(t *testing.T) {
 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))
 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))
 
-				pv, err := packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, container_model.UploadVersion)
+				pv, err := packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, container_module.UploadVersion)
 				assert.NoError(t, err)
 
 				pfs, err := packages_model.GetFilesByVersionID(db.DefaultContext, pv.ID)
@@ -264,15 +266,15 @@ func TestPackageContainer(t *testing.T) {
 			t.Run("UploadBlob/Chunked", func(t *testing.T) {
 				defer tests.PrintCurrentTest(t)()
 
-				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req := NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(readToken)
 				MakeRequest(t, req, http.StatusUnauthorized)
 
-				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req = NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(badToken)
 				MakeRequest(t, req, http.StatusUnauthorized)
 
-				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+				req = NewRequest(t, "POST", url+"/blobs/uploads").
 					AddTokenAuth(userToken)
 				resp := MakeRequest(t, req, http.StatusAccepted)
 
@@ -295,11 +297,22 @@ func TestPackageContainer(t *testing.T) {
 					SetHeader("Content-Range", "1-10")
 				MakeRequest(t, req, http.StatusRequestedRangeNotSatisfiable)
 
-				contentRange := fmt.Sprintf("0-%d", len(blobContent)-1)
-				req.SetHeader("Content-Range", contentRange)
+				// first patch without Content-Range
+				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:], bytes.NewReader(blobContent[:1])).
+					AddTokenAuth(userToken)
+				resp = MakeRequest(t, req, http.StatusAccepted)
+				assert.NotEmpty(t, resp.Header().Get("Location"))
+				assert.Equal(t, "0-0", resp.Header().Get("Range"))
+
+				// then send remaining content with Content-Range
+				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:], bytes.NewReader(blobContent[1:])).
+					SetHeader("Content-Range", fmt.Sprintf("1-%d", len(blobContent)-1)).
+					AddTokenAuth(userToken)
 				resp = MakeRequest(t, req, http.StatusAccepted)
 
+				contentRange := fmt.Sprintf("0-%d", len(blobContent)-1)
 				assert.Equal(t, uuid, resp.Header().Get("Docker-Upload-Uuid"))
+				assert.NotEmpty(t, resp.Header().Get("Location"))
 				assert.Equal(t, contentRange, resp.Header().Get("Range"))
 
 				uploadURL = resp.Header().Get("Location")
@@ -309,7 +322,8 @@ func TestPackageContainer(t *testing.T) {
 				resp = MakeRequest(t, req, http.StatusNoContent)
 
 				assert.Equal(t, uuid, resp.Header().Get("Docker-Upload-Uuid"))
-				assert.Equal(t, fmt.Sprintf("0-%d", len(blobContent)), resp.Header().Get("Range"))
+				assert.Equal(t, uploadURL, resp.Header().Get("Location"))
+				assert.Equal(t, contentRange, resp.Header().Get("Range"))
 
 				pbu, err = packages_model.GetBlobUploadByID(db.DefaultContext, uuid)
 				assert.NoError(t, err)
@@ -325,7 +339,7 @@ func TestPackageContainer(t *testing.T) {
 				t.Run("Cancel", func(t *testing.T) {
 					defer tests.PrintCurrentTest(t)()
 
-					req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url)).
+					req := NewRequest(t, "POST", url+"/blobs/uploads").
 						AddTokenAuth(userToken)
 					resp := MakeRequest(t, req, http.StatusAccepted)
 
@@ -340,7 +354,8 @@ func TestPackageContainer(t *testing.T) {
 					resp = MakeRequest(t, req, http.StatusNoContent)
 
 					assert.Equal(t, uuid, resp.Header().Get("Docker-Upload-Uuid"))
-					assert.Equal(t, "0-0", resp.Header().Get("Range"))
+					// FIXME: undefined behavior when the uploaded content is empty: https://github.com/opencontainers/distribution-spec/issues/578
+					assert.Nil(t, resp.Header().Values("Range"))
 
 					req = NewRequest(t, "DELETE", setting.AppURL+uploadURL[1:]).
 						AddTokenAuth(userToken)
@@ -428,7 +443,7 @@ func TestPackageContainer(t *testing.T) {
 						assert.Len(t, pd.Files, 3)
 						for _, pfd := range pd.Files {
 							switch pfd.File.Name {
-							case container_model.ManifestFilename:
+							case container_module.ManifestFilename:
 								assert.True(t, pfd.File.IsLead)
 								assert.Equal(t, "application/vnd.docker.distribution.manifest.v2+json", pfd.Properties.GetByName(container_module.PropertyMediaType))
 								assert.Equal(t, manifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))
@@ -441,7 +456,7 @@ func TestPackageContainer(t *testing.T) {
 								assert.Equal(t, "application/vnd.docker.image.rootfs.diff.tar.gzip", pfd.Properties.GetByName(container_module.PropertyMediaType))
 								assert.Equal(t, blobDigest, pfd.Properties.GetByName(container_module.PropertyDigest))
 							default:
-								assert.FailNow(t, "unknown file: %s", pfd.File.Name)
+								assert.FailNow(t, "unknown file", "unknown file: %s", pfd.File.Name)
 							}
 						}
 
@@ -467,7 +482,7 @@ func TestPackageContainer(t *testing.T) {
 					t.Run("HeadManifest", func(t *testing.T) {
 						defer tests.PrintCurrentTest(t)()
 
-						req := NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/unknown-tag", url)).
+						req := NewRequest(t, "HEAD", url+"/manifests/unknown-tag").
 							AddTokenAuth(userToken)
 						MakeRequest(t, req, http.StatusNotFound)
 
@@ -475,14 +490,14 @@ func TestPackageContainer(t *testing.T) {
 							AddTokenAuth(userToken)
 						resp := MakeRequest(t, req, http.StatusOK)
 
-						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))
+						assert.Equal(t, strconv.Itoa(len(manifestContent)), resp.Header().Get("Content-Length"))
 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))
 					})
 
 					t.Run("GetManifest", func(t *testing.T) {
 						defer tests.PrintCurrentTest(t)()
 
-						req := NewRequest(t, "GET", fmt.Sprintf("%s/manifests/unknown-tag", url)).
+						req := NewRequest(t, "GET", url+"/manifests/unknown-tag").
 							AddTokenAuth(userToken)
 						MakeRequest(t, req, http.StatusNotFound)
 
@@ -490,8 +505,8 @@ func TestPackageContainer(t *testing.T) {
 							AddTokenAuth(userToken)
 						resp := MakeRequest(t, req, http.StatusOK)
 
-						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))
-						assert.Equal(t, oci.MediaTypeImageManifest, resp.Header().Get("Content-Type"))
+						assert.Equal(t, strconv.Itoa(len(manifestContent)), resp.Header().Get("Content-Length"))
+						assert.Equal(t, manifestContentType, resp.Header().Get("Content-Type"))
 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))
 						assert.Equal(t, manifestContent, resp.Body.String())
 					})
@@ -512,7 +527,7 @@ func TestPackageContainer(t *testing.T) {
 					AddTokenAuth(userToken)
 				resp = MakeRequest(t, req, http.StatusOK)
 
-				assert.Equal(t, fmt.Sprintf("%d", len(untaggedManifestContent)), resp.Header().Get("Content-Length"))
+				assert.Equal(t, strconv.Itoa(len(untaggedManifestContent)), resp.Header().Get("Content-Length"))
 				assert.Equal(t, untaggedManifestDigest, resp.Header().Get("Docker-Content-Digest"))
 
 				pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, untaggedManifestDigest)
@@ -530,7 +545,7 @@ func TestPackageContainer(t *testing.T) {
 
 				assert.Len(t, pd.Files, 3)
 				for _, pfd := range pd.Files {
-					if pfd.File.Name == container_model.ManifestFilename {
+					if pfd.File.Name == container_module.ManifestFilename {
 						assert.True(t, pfd.File.IsLead)
 						assert.Equal(t, oci.MediaTypeImageManifest, pfd.Properties.GetByName(container_module.PropertyMediaType))
 						assert.Equal(t, untaggedManifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))
@@ -598,7 +613,7 @@ func TestPackageContainer(t *testing.T) {
 					AddTokenAuth(userToken)
 				resp := MakeRequest(t, req, http.StatusOK)
 
-				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))
+				assert.Equal(t, strconv.Itoa(len(blobContent)), resp.Header().Get("Content-Length"))
 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))
 
 				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, blobDigest)).
@@ -617,11 +632,27 @@ func TestPackageContainer(t *testing.T) {
 					AddTokenAuth(userToken)
 				resp := MakeRequest(t, req, http.StatusOK)
 
-				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))
+				assert.Equal(t, strconv.Itoa(len(blobContent)), resp.Header().Get("Content-Length"))
 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))
 				assert.Equal(t, blobContent, resp.Body.Bytes())
 			})
 
+			t.Run("GetBlob/Empty", func(t *testing.T) {
+				defer tests.PrintCurrentTest(t)()
+				emptyDigestBuf := sha256.Sum256(nil)
+				emptyDigest := "sha256:" + hex.EncodeToString(emptyDigestBuf[:])
+				req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, emptyDigest), strings.NewReader("")).AddTokenAuth(userToken)
+				MakeRequest(t, req, http.StatusCreated)
+
+				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, emptyDigest)).AddTokenAuth(userToken)
+				resp := MakeRequest(t, req, http.StatusOK)
+				assert.Equal(t, "0", resp.Header().Get("Content-Length"))
+
+				req = NewRequest(t, "GET", fmt.Sprintf("%s/blobs/%s", url, emptyDigest)).AddTokenAuth(userToken)
+				resp = MakeRequest(t, req, http.StatusOK)
+				assert.Equal(t, "0", resp.Header().Get("Content-Length"))
+			})
+
 			t.Run("GetTagList", func(t *testing.T) {
 				defer tests.PrintCurrentTest(t)()
 
@@ -631,27 +662,27 @@ func TestPackageContainer(t *testing.T) {
 					ExpectedLink string
 				}{
 					{
-						URL:          fmt.Sprintf("%s/tags/list", url),
+						URL:          url + "/tags/list",
 						ExpectedTags: []string{"latest", "main", "multi"},
 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),
 					},
 					{
-						URL:          fmt.Sprintf("%s/tags/list?n=0", url),
+						URL:          url + "/tags/list?n=0",
 						ExpectedTags: []string{},
 						ExpectedLink: "",
 					},
 					{
-						URL:          fmt.Sprintf("%s/tags/list?n=2", url),
+						URL:          url + "/tags/list?n=2",
 						ExpectedTags: []string{"latest", "main"},
 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=2>; rel="next"`, user.Name, image),
 					},
 					{
-						URL:          fmt.Sprintf("%s/tags/list?last=main", url),
+						URL:          url + "/tags/list?last=main",
 						ExpectedTags: []string{"multi"},
 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),
 					},
 					{
-						URL:          fmt.Sprintf("%s/tags/list?n=1&last=latest", url),
+						URL:          url + "/tags/list?n=1&last=latest",
 						ExpectedTags: []string{"main"},
 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=1>; rel="next"`, user.Name, image),
 					},
@@ -731,7 +762,7 @@ func TestPackageContainer(t *testing.T) {
 		url := fmt.Sprintf("%sv2/%s/parallel", setting.AppURL, user.Name)
 
 		var wg sync.WaitGroup
-		for i := 0; i < 10; i++ {
+		for i := range 10 {
 			wg.Add(1)
 
 			content := []byte{byte(i)}
@@ -757,7 +788,7 @@ func TestPackageContainer(t *testing.T) {
 			return func(t *testing.T) {
 				defer tests.PrintCurrentTest(t)()
 
-				req := NewRequest(t, "GET", fmt.Sprintf("%sv2/_catalog", setting.AppURL)).
+				req := NewRequest(t, "GET", setting.AppURL+"v2/_catalog").
 					AddTokenAuth(userToken)
 				resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_packages_cran_test.go b/tests/integration/api_packages_cran_test.go
index 667ba0908c..bd4a99f331 100644
--- a/tests/integration/api_packages_cran_test.go
+++ b/tests/integration/api_packages_cran_test.go
@@ -133,8 +133,8 @@ func TestPackageCran(t *testing.T) {
 			assert.Contains(t, resp.Header().Get("Content-Type"), "text/plain")
 
 			body := resp.Body.String()
-			assert.Contains(t, body, fmt.Sprintf("Package: %s", packageName))
-			assert.Contains(t, body, fmt.Sprintf("Version: %s", packageVersion))
+			assert.Contains(t, body, "Package: "+packageName)
+			assert.Contains(t, body, "Version: "+packageVersion)
 
 			req = NewRequest(t, "GET", url+"/src/contrib/PACKAGES.gz").
 				AddBasicAuth(user.Name)
@@ -230,8 +230,8 @@ func TestPackageCran(t *testing.T) {
 			assert.Contains(t, resp.Header().Get("Content-Type"), "text/plain")
 
 			body := resp.Body.String()
-			assert.Contains(t, body, fmt.Sprintf("Package: %s", packageName))
-			assert.Contains(t, body, fmt.Sprintf("Version: %s", packageVersion))
+			assert.Contains(t, body, "Package: "+packageName)
+			assert.Contains(t, body, "Version: "+packageVersion)
 
 			req = NewRequest(t, "GET", url+"/bin/windows/contrib/4.2/PACKAGES.gz").
 				AddBasicAuth(user.Name)
diff --git a/tests/integration/api_packages_debian_test.go b/tests/integration/api_packages_debian_test.go
index 98027d774c..3ae60d2aa2 100644
--- a/tests/integration/api_packages_debian_test.go
+++ b/tests/integration/api_packages_debian_test.go
@@ -284,7 +284,7 @@ func TestPackageDebian(t *testing.T) {
 		// because "Iterate" keeps a dangling SQL session but the callback function still uses the same session to execute statements.
 		// The "Iterate" problem has been checked by TestContextSafety now, so here we only need to check the cleanup logic with a small number
 		packagesCount := 2
-		for i := 0; i < packagesCount; i++ {
+		for i := range packagesCount {
 			uploadURL := fmt.Sprintf("%s/pool/%s/%s/upload", rootURL, "test", "main")
 			req := NewRequestWithBody(t, "PUT", uploadURL, createArchive(packageName, "1.0."+strconv.Itoa(i), "all")).AddBasicAuth(user.Name)
 			MakeRequest(t, req, http.StatusCreated)
diff --git a/tests/integration/api_packages_generic_test.go b/tests/integration/api_packages_generic_test.go
index baa8dd66c8..94e2c6072c 100644
--- a/tests/integration/api_packages_generic_test.go
+++ b/tests/integration/api_packages_generic_test.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
@@ -131,11 +132,7 @@ func TestPackageGeneric(t *testing.T) {
 
 		t.Run("RequireSignInView", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
-
-			setting.Service.RequireSignInView = true
-			defer func() {
-				setting.Service.RequireSignInView = false
-			}()
+			defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
 
 			req = NewRequest(t, "GET", url+"/dummy.bin")
 			MakeRequest(t, req, http.StatusUnauthorized)
@@ -144,37 +141,25 @@ func TestPackageGeneric(t *testing.T) {
 		t.Run("ServeDirect", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 
-			if setting.Packages.Storage.Type != setting.MinioStorageType && setting.Packages.Storage.Type != setting.AzureBlobStorageType {
-				t.Skip("Test skipped for non-Minio-storage and non-AzureBlob-storage.")
-				return
-			}
-
 			if setting.Packages.Storage.Type == setting.MinioStorageType {
-				if !setting.Packages.Storage.MinioConfig.ServeDirect {
-					old := setting.Packages.Storage.MinioConfig.ServeDirect
-					defer func() {
-						setting.Packages.Storage.MinioConfig.ServeDirect = old
-					}()
-
-					setting.Packages.Storage.MinioConfig.ServeDirect = true
-				}
+				defer test.MockVariableValue(&setting.Packages.Storage.MinioConfig.ServeDirect, true)()
 			} else if setting.Packages.Storage.Type == setting.AzureBlobStorageType {
-				if !setting.Packages.Storage.AzureBlobConfig.ServeDirect {
-					old := setting.Packages.Storage.AzureBlobConfig.ServeDirect
-					defer func() {
-						setting.Packages.Storage.AzureBlobConfig.ServeDirect = old
-					}()
-
-					setting.Packages.Storage.AzureBlobConfig.ServeDirect = true
-				}
+				defer test.MockVariableValue(&setting.Packages.Storage.AzureBlobConfig.ServeDirect, true)()
+			} else {
+				t.Skip("Test skipped for non-Minio-storage and non-AzureBlob-storage.")
 			}
 
-			req := NewRequest(t, "GET", url+"/"+filename)
-			resp := MakeRequest(t, req, http.StatusSeeOther)
+			req = NewRequest(t, "HEAD", url+"/"+filename)
+			resp = MakeRequest(t, req, http.StatusSeeOther)
+			location := resp.Header().Get("Location")
+			assert.NotEmpty(t, location)
+			checkDownloadCount(2)
 
+			req = NewRequest(t, "GET", url+"/"+filename)
+			resp = MakeRequest(t, req, http.StatusSeeOther)
 			checkDownloadCount(3)
 
-			location := resp.Header().Get("Location")
+			location = resp.Header().Get("Location")
 			assert.NotEmpty(t, location)
 
 			resp2, err := (&http.Client{}).Get(location)
diff --git a/tests/integration/api_packages_goproxy_test.go b/tests/integration/api_packages_goproxy_test.go
index dab9fefc5e..fa0ee5b901 100644
--- a/tests/integration/api_packages_goproxy_test.go
+++ b/tests/integration/api_packages_goproxy_test.go
@@ -87,7 +87,7 @@ func TestPackageGo(t *testing.T) {
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, http.StatusConflict)
 
-		time.Sleep(time.Second)
+		time.Sleep(time.Second) // Ensure the timestamp is different, then the "list" below can have stable order
 
 		content = createArchive(map[string][]byte{
 			packageName + "@" + packageVersion2 + "/go.mod": []byte(goModContent),
diff --git a/tests/integration/api_packages_helm_test.go b/tests/integration/api_packages_helm_test.go
index 76285add11..8f5c6ac571 100644
--- a/tests/integration/api_packages_helm_test.go
+++ b/tests/integration/api_packages_helm_test.go
@@ -52,7 +52,7 @@ dependencies:
 	zw := gzip.NewWriter(&buf)
 	archive := tar.NewWriter(zw)
 	archive.WriteHeader(&tar.Header{
-		Name: fmt.Sprintf("%s/Chart.yaml", packageName),
+		Name: packageName + "/Chart.yaml",
 		Mode: 0o600,
 		Size: int64(len(chartContent)),
 	})
@@ -122,7 +122,7 @@ dependencies:
 	t.Run("Index", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/index.yaml", url)).
+		req := NewRequest(t, "GET", url+"/index.yaml").
 			AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/tests/integration/api_packages_maven_test.go b/tests/integration/api_packages_maven_test.go
index 408c8805c2..30ef1884cd 100644
--- a/tests/integration/api_packages_maven_test.go
+++ b/tests/integration/api_packages_maven_test.go
@@ -321,7 +321,7 @@ func TestPackageMavenConcurrent(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
 		var wg sync.WaitGroup
-		for i := 0; i < 10; i++ {
+		for i := range 10 {
 			wg.Add(1)
 			go func(i int) {
 				putFile(t, fmt.Sprintf("/%s/%s.jar", packageVersion, strconv.Itoa(i)), "test", http.StatusCreated)
diff --git a/tests/integration/api_packages_npm_test.go b/tests/integration/api_packages_npm_test.go
index ae1dd876f7..a190ed679d 100644
--- a/tests/integration/api_packages_npm_test.go
+++ b/tests/integration/api_packages_npm_test.go
@@ -28,7 +28,7 @@ func TestPackageNpm(t *testing.T) {
 
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 
-	token := fmt.Sprintf("Bearer %s", getTokenForLoggedInUser(t, loginUser(t, user.Name), auth_model.AccessTokenScopeWritePackage))
+	token := "Bearer " + getTokenForLoggedInUser(t, loginUser(t, user.Name), auth_model.AccessTokenScopeWritePackage)
 
 	packageName := "@scope/test-package"
 	packageVersion := "1.0.1-pre"
diff --git a/tests/integration/api_packages_nuget_test.go b/tests/integration/api_packages_nuget_test.go
index 622c2c4394..529b540062 100644
--- a/tests/integration/api_packages_nuget_test.go
+++ b/tests/integration/api_packages_nuget_test.go
@@ -14,6 +14,7 @@ import (
 	"net/http/httptest"
 	neturl "net/url"
 	"strconv"
+	"strings"
 	"testing"
 	"time"
 
@@ -46,21 +47,30 @@ func TestPackageNuGet(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	type FeedEntryProperties struct {
-		Version                  string                      `xml:"Version"`
-		NormalizedVersion        string                      `xml:"NormalizedVersion"`
 		Authors                  string                      `xml:"Authors"`
+		Copyright                string                      `xml:"Copyright,omitempty"`
+		Created                  nuget.TypedValue[time.Time] `xml:"Created"`
 		Dependencies             string                      `xml:"Dependencies"`
 		Description              string                      `xml:"Description"`
-		VersionDownloadCount     nuget.TypedValue[int64]     `xml:"VersionDownloadCount"`
+		DevelopmentDependency    nuget.TypedValue[bool]      `xml:"DevelopmentDependency"`
 		DownloadCount            nuget.TypedValue[int64]     `xml:"DownloadCount"`
-		PackageSize              nuget.TypedValue[int64]     `xml:"PackageSize"`
-		Created                  nuget.TypedValue[time.Time] `xml:"Created"`
+		ID                       string                      `xml:"Id"`
+		IconURL                  string                      `xml:"IconUrl,omitempty"`
+		Language                 string                      `xml:"Language,omitempty"`
 		LastUpdated              nuget.TypedValue[time.Time] `xml:"LastUpdated"`
-		Published                nuget.TypedValue[time.Time] `xml:"Published"`
+		LicenseURL               string                      `xml:"LicenseUrl,omitempty"`
+		MinClientVersion         string                      `xml:"MinClientVersion,omitempty"`
+		NormalizedVersion        string                      `xml:"NormalizedVersion"`
+		Owners                   string                      `xml:"Owners,omitempty"`
+		PackageSize              nuget.TypedValue[int64]     `xml:"PackageSize"`
 		ProjectURL               string                      `xml:"ProjectUrl,omitempty"`
+		Published                nuget.TypedValue[time.Time] `xml:"Published"`
 		ReleaseNotes             string                      `xml:"ReleaseNotes,omitempty"`
 		RequireLicenseAcceptance nuget.TypedValue[bool]      `xml:"RequireLicenseAcceptance"`
+		Tags                     string                      `xml:"Tags,omitempty"`
 		Title                    string                      `xml:"Title"`
+		Version                  string                      `xml:"Version"`
+		VersionDownloadCount     nuget.TypedValue[int64]     `xml:"VersionDownloadCount"`
 	}
 
 	type FeedEntry struct {
@@ -86,28 +96,62 @@ func TestPackageNuGet(t *testing.T) {
 	readToken := getUserToken(t, user.Name, auth_model.AccessTokenScopeReadPackage)
 	badToken := getUserToken(t, user.Name, auth_model.AccessTokenScopeReadNotification)
 
-	packageName := "test.package"
+	packageName := "test.package" // id
+	packageID := packageName
 	packageVersion := "1.0.3"
 	packageAuthors := "KN4CK3R"
 	packageDescription := "Gitea Test Package"
+	isPrerelease := strings.Contains(packageVersion, "-")
+
 	symbolFilename := "test.pdb"
 	symbolID := "d910bb6948bd4c6cb40155bcf52c3c94"
 
+	packageCopyright := "Package Copyright"
+	packageIconURL := "https://gitea.io/favicon.png"
+	packageLanguage := "Package Language"
+	packageLicenseURL := "https://gitea.io/license"
+	packageMinClientVersion := "1.0.0.0"
+	packageOwners := "Package Owners"
+	packageProjectURL := "https://gitea.io"
+	packageReleaseNotes := "Package Release Notes"
+	summary := "This is a test package."
+	packageTags := "tag_1 tag_2 tag_3"
+	packageTitle := "Package Title"
+	packageDevelopmentDependency := true
+	packageRequireLicenseAcceptance := true
+
+	dependencyCount := 1
+	dependencyTargetFramework := ".NETStandard2.0"
+	dependencyID := "Microsoft.CSharp"
+	dependencyVersion := "4.5.0"
+
 	createNuspec := func(id, version string) string {
 		return `<?xml version="1.0" encoding="utf-8"?>
-<package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
-	<metadata>
-		<id>` + id + `</id>
-		<version>` + version + `</version>
-		<authors>` + packageAuthors + `</authors>
-		<description>` + packageDescription + `</description>
-		<dependencies>
-			<group targetFramework=".NETStandard2.0">
-				<dependency id="Microsoft.CSharp" version="4.5.0" />
-			</group>
-		</dependencies>
-	</metadata>
-</package>`
+		<package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
+			<metadata minClientVersion="` + packageMinClientVersion + `">
+				<authors>` + packageAuthors + `</authors>
+				<copyright>` + packageCopyright + `</copyright>
+				<description>` + packageDescription + `</description>
+				<developmentDependency>true</developmentDependency>
+				<iconUrl>` + packageIconURL + `</iconUrl>
+				<id>` + id + `</id>
+				<language>` + packageLanguage + `</language>
+				<licenseUrl>` + packageLicenseURL + `</licenseUrl>
+				<owners>` + packageOwners + `</owners>
+				<projectUrl>` + packageProjectURL + `</projectUrl>
+				<releaseNotes>` + packageReleaseNotes + `</releaseNotes>
+				<requireLicenseAcceptance>true</requireLicenseAcceptance>
+				<summary>` + summary + `</summary>
+				<tags>` + packageTags + `</tags>
+				<title>` + packageTitle + `</title>
+				<version>` + version + `</version>
+				<dependencies>
+					<group targetFramework="` + dependencyTargetFramework + `">
+						<dependency id="` + dependencyID + `" version="` + dependencyVersion + `" />
+					</group>
+				</dependencies>
+			</metadata>
+		</package>`
 	}
 
 	createPackage := func(id, version string) *bytes.Buffer {
@@ -198,7 +242,7 @@ func TestPackageNuGet(t *testing.T) {
 				t.Run(c.Owner, func(t *testing.T) {
 					url := fmt.Sprintf("/api/packages/%s/nuget", c.Owner)
 
-					req := NewRequest(t, "GET", fmt.Sprintf("%s/index.json", url))
+					req := NewRequest(t, "GET", url+"/index.json")
 					if c.UseBasicAuth {
 						req.AddBasicAuth(user.Name)
 					} else if c.token != "" {
@@ -273,10 +317,10 @@ func TestPackageNuGet(t *testing.T) {
 					pb, err := packages.GetBlobByID(db.DefaultContext, pf.BlobID)
 					assert.NoError(t, err)
 					assert.Equal(t, int64(len(content)), pb.Size)
-				case fmt.Sprintf("%s.nuspec", packageName):
+				case packageName + ".nuspec":
 					assert.False(t, pf.IsLead)
 				default:
-					assert.Fail(t, "unexpected filename: %v", pf.Name)
+					assert.Fail(t, "unexpected filename", "unexpected filename: %v", pf.Name)
 				}
 			}
 
@@ -319,10 +363,10 @@ func TestPackageNuGet(t *testing.T) {
 					pb, err := packages.GetBlobByID(db.DefaultContext, pf.BlobID)
 					assert.NoError(t, err)
 					assert.Equal(t, int64(len(content)), pb.Size)
-				case fmt.Sprintf("%s.nuspec", packageName):
+				case packageName + ".nuspec":
 					assert.False(t, pf.IsLead)
 				default:
-					assert.Fail(t, "unexpected filename: %v", pf.Name)
+					assert.Fail(t, "unexpected filename", "unexpected filename: %v", pf.Name)
 				}
 			}
 
@@ -360,15 +404,15 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 				return &buf
 			}
 
-			req := NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/symbolpackage", url), createSymbolPackage("unknown-package", "SymbolsPackage")).
+			req := NewRequestWithBody(t, "PUT", url+"/symbolpackage", createSymbolPackage("unknown-package", "SymbolsPackage")).
 				AddBasicAuth(user.Name)
 			MakeRequest(t, req, http.StatusNotFound)
 
-			req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/symbolpackage", url), createSymbolPackage(packageName, "DummyPackage")).
+			req = NewRequestWithBody(t, "PUT", url+"/symbolpackage", createSymbolPackage(packageName, "DummyPackage")).
 				AddBasicAuth(user.Name)
 			MakeRequest(t, req, http.StatusBadRequest)
 
-			req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/symbolpackage", url), createSymbolPackage(packageName, "SymbolsPackage")).
+			req = NewRequestWithBody(t, "PUT", url+"/symbolpackage", createSymbolPackage(packageName, "SymbolsPackage")).
 				AddBasicAuth(user.Name)
 			MakeRequest(t, req, http.StatusCreated)
 
@@ -393,19 +437,19 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 
 					pb, err := packages.GetBlobByID(db.DefaultContext, pf.BlobID)
 					assert.NoError(t, err)
-					assert.Equal(t, int64(412), pb.Size)
+					assert.Equal(t, int64(633), pb.Size)
 				case fmt.Sprintf("%s.%s.snupkg", packageName, packageVersion):
 					assert.False(t, pf.IsLead)
 
 					pb, err := packages.GetBlobByID(db.DefaultContext, pf.BlobID)
 					assert.NoError(t, err)
 					assert.Equal(t, int64(616), pb.Size)
-				case fmt.Sprintf("%s.nuspec", packageName):
+				case packageName + ".nuspec":
 					assert.False(t, pf.IsLead)
 
 					pb, err := packages.GetBlobByID(db.DefaultContext, pf.BlobID)
 					assert.NoError(t, err)
-					assert.Equal(t, int64(427), pb.Size)
+					assert.Equal(t, int64(1043), pb.Size)
 				case symbolFilename:
 					assert.False(t, pf.IsLead)
 
@@ -419,11 +463,11 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 					assert.Equal(t, nuget_module.PropertySymbolID, pps[0].Name)
 					assert.Equal(t, symbolID, pps[0].Value)
 				default:
-					assert.FailNow(t, "unexpected file: %v", pf.Name)
+					assert.FailNow(t, "unexpected file", "unexpected file: %v", pf.Name)
 				}
 			}
 
-			req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/symbolpackage", url), createSymbolPackage(packageName, "SymbolsPackage")).
+			req = NewRequestWithBody(t, "PUT", url+"/symbolpackage", createSymbolPackage(packageName, "SymbolsPackage")).
 				AddBasicAuth(user.Name)
 			MakeRequest(t, req, http.StatusConflict)
 		})
@@ -631,7 +675,7 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 			})
 
 			t.Run("Next", func(t *testing.T) {
-				req := NewRequest(t, "GET", fmt.Sprintf("%s/Search()?searchTerm='test'&$skip=0&$top=1", url)).
+				req := NewRequest(t, "GET", url+"/Search()?searchTerm='test'&$skip=0&$top=1").
 					AddBasicAuth(user.Name)
 				resp := MakeRequest(t, req, http.StatusOK)
 
@@ -712,17 +756,39 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 			assert.Equal(t, indexURL, result.RegistrationIndexURL)
 			assert.Equal(t, 1, result.Count)
 			assert.Len(t, result.Pages, 1)
-			assert.Equal(t, indexURL, result.Pages[0].RegistrationPageURL)
-			assert.Equal(t, packageVersion, result.Pages[0].Lower)
-			assert.Equal(t, packageVersion, result.Pages[0].Upper)
-			assert.Equal(t, 1, result.Pages[0].Count)
-			assert.Len(t, result.Pages[0].Items, 1)
-			assert.Equal(t, packageName, result.Pages[0].Items[0].CatalogEntry.ID)
-			assert.Equal(t, packageVersion, result.Pages[0].Items[0].CatalogEntry.Version)
-			assert.Equal(t, packageAuthors, result.Pages[0].Items[0].CatalogEntry.Authors)
-			assert.Equal(t, packageDescription, result.Pages[0].Items[0].CatalogEntry.Description)
-			assert.Equal(t, leafURL, result.Pages[0].Items[0].CatalogEntry.CatalogLeafURL)
-			assert.Equal(t, contentURL, result.Pages[0].Items[0].CatalogEntry.PackageContentURL)
+
+			page := result.Pages[0]
+			assert.Equal(t, indexURL, page.RegistrationPageURL)
+			assert.Equal(t, packageVersion, page.Lower)
+			assert.Equal(t, packageVersion, page.Upper)
+			assert.Equal(t, 1, page.Count)
+			assert.Len(t, page.Items, 1)
+
+			item := page.Items[0]
+			assert.Equal(t, packageName, item.CatalogEntry.ID)
+			assert.Equal(t, packageVersion, item.CatalogEntry.Version)
+			assert.Equal(t, packageAuthors, item.CatalogEntry.Authors)
+			assert.Equal(t, packageDescription, item.CatalogEntry.Description)
+			assert.Equal(t, leafURL, item.CatalogEntry.CatalogLeafURL)
+			assert.Equal(t, contentURL, item.CatalogEntry.PackageContentURL)
+			assert.Equal(t, packageIconURL, item.CatalogEntry.IconURL)
+			assert.Equal(t, packageLanguage, item.CatalogEntry.Language)
+			assert.Equal(t, packageLicenseURL, item.CatalogEntry.LicenseURL)
+			assert.Equal(t, packageProjectURL, item.CatalogEntry.ProjectURL)
+			assert.Equal(t, packageReleaseNotes, item.CatalogEntry.ReleaseNotes)
+			assert.Equal(t, packageRequireLicenseAcceptance, item.CatalogEntry.RequireLicenseAcceptance)
+			assert.Equal(t, packageTags, item.CatalogEntry.Tags)
+			assert.Equal(t, summary, item.CatalogEntry.Summary)
+			assert.Equal(t, isPrerelease, item.CatalogEntry.IsPrerelease)
+			assert.Len(t, item.CatalogEntry.DependencyGroups, dependencyCount)
+
+			dependencyGroup := item.CatalogEntry.DependencyGroups[0]
+			assert.Equal(t, dependencyTargetFramework, dependencyGroup.TargetFramework)
+			assert.Len(t, dependencyGroup.Dependencies, dependencyCount)
+
+			dependency := dependencyGroup.Dependencies[0]
+			assert.Equal(t, dependencyID, dependency.ID)
+			assert.Equal(t, dependencyVersion, dependency.Range)
 		})
 
 		t.Run("RegistrationLeaf", func(t *testing.T) {
@@ -736,11 +802,26 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 				var result FeedEntry
 				decodeXML(t, resp, &result)
 
-				assert.Equal(t, packageName, result.Properties.Title)
-				assert.Equal(t, packageVersion, result.Properties.Version)
 				assert.Equal(t, packageAuthors, result.Properties.Authors)
 				assert.Equal(t, packageDescription, result.Properties.Description)
-				assert.Equal(t, "Microsoft.CSharp:4.5.0:.NETStandard2.0", result.Properties.Dependencies)
+				assert.Equal(t, packageID, result.Properties.ID)
+				assert.Equal(t, packageVersion, result.Properties.Version)
+
+				assert.Equal(t, packageCopyright, result.Properties.Copyright)
+				assert.Equal(t, packageDevelopmentDependency, result.Properties.DevelopmentDependency.Value)
+				assert.Equal(t, packageIconURL, result.Properties.IconURL)
+				assert.Equal(t, packageLanguage, result.Properties.Language)
+				assert.Equal(t, packageLicenseURL, result.Properties.LicenseURL)
+				assert.Equal(t, packageMinClientVersion, result.Properties.MinClientVersion)
+				assert.Equal(t, packageOwners, result.Properties.Owners)
+				assert.Equal(t, packageProjectURL, result.Properties.ProjectURL)
+				assert.Equal(t, packageReleaseNotes, result.Properties.ReleaseNotes)
+				assert.Equal(t, packageRequireLicenseAcceptance, result.Properties.RequireLicenseAcceptance.Value)
+				assert.Equal(t, packageTags, result.Properties.Tags)
+				assert.Equal(t, packageTitle, result.Properties.Title)
+
+				packageVersion := strings.Join([]string{dependencyID, dependencyVersion, dependencyTargetFramework}, ":")
+				assert.Equal(t, packageVersion, result.Properties.Dependencies)
 			})
 
 			t.Run("v3", func(t *testing.T) {
@@ -754,8 +835,30 @@ AAAjQmxvYgAAAGm7ENm9SGxMtAFVvPUsPJTF6PbtAAAAAFcVogEJAAAAAQAAAA==`)
 				DecodeJSON(t, resp, &result)
 
 				assert.Equal(t, leafURL, result.RegistrationLeafURL)
-				assert.Equal(t, contentURL, result.PackageContentURL)
 				assert.Equal(t, indexURL, result.RegistrationIndexURL)
+				assert.Equal(t, packageAuthors, result.CatalogEntry.Authors)
+				assert.Equal(t, packageCopyright, result.CatalogEntry.Copyright)
+
+				dependencyGroup := result.CatalogEntry.DependencyGroups[0]
+				assert.Equal(t, dependencyTargetFramework, dependencyGroup.TargetFramework)
+				assert.Len(t, dependencyGroup.Dependencies, dependencyCount)
+
+				dependency := dependencyGroup.Dependencies[0]
+				assert.Equal(t, dependencyID, dependency.ID)
+				assert.Equal(t, dependencyVersion, dependency.Range)
+
+				assert.Equal(t, packageDescription, result.CatalogEntry.Description)
+				assert.Equal(t, packageID, result.CatalogEntry.ID)
+				assert.Equal(t, packageIconURL, result.CatalogEntry.IconURL)
+				assert.Equal(t, isPrerelease, result.CatalogEntry.IsPrerelease)
+				assert.Equal(t, packageLanguage, result.CatalogEntry.Language)
+				assert.Equal(t, packageLicenseURL, result.CatalogEntry.LicenseURL)
+				assert.Equal(t, contentURL, result.PackageContentURL)
+				assert.Equal(t, packageProjectURL, result.CatalogEntry.ProjectURL)
+				assert.Equal(t, packageRequireLicenseAcceptance, result.CatalogEntry.RequireLicenseAcceptance)
+				assert.Equal(t, summary, result.CatalogEntry.Summary)
+				assert.Equal(t, packageTags, result.CatalogEntry.Tags)
+				assert.Equal(t, packageVersion, result.CatalogEntry.Version)
 			})
 		})
 	})
diff --git a/tests/integration/api_packages_pub_test.go b/tests/integration/api_packages_pub_test.go
index 11da894ddf..3c1bca908e 100644
--- a/tests/integration/api_packages_pub_test.go
+++ b/tests/integration/api_packages_pub_test.go
@@ -37,7 +37,7 @@ func TestPackagePub(t *testing.T) {
 	packageVersion := "1.0.1"
 	packageDescription := "Test Description"
 
-	filename := fmt.Sprintf("%s.tar.gz", packageVersion)
+	filename := packageVersion + ".tar.gz"
 
 	pubspecContent := `name: ` + packageName + `
 version: ` + packageVersion + `
diff --git a/tests/integration/api_packages_pypi_test.go b/tests/integration/api_packages_pypi_test.go
index 2dabb5005b..54db45f1ac 100644
--- a/tests/integration/api_packages_pypi_test.go
+++ b/tests/integration/api_packages_pypi_test.go
@@ -67,7 +67,7 @@ func TestPackagePyPI(t *testing.T) {
 		body, writer, closeFunc := createBasicMultipartFile(filename, packageName, content)
 
 		writer.WriteField("project_urls", "DOCUMENTATION , https://readthedocs.org")
-		writer.WriteField("project_urls", fmt.Sprintf("Home-page, %s", projectURL))
+		writer.WriteField("project_urls", "Home-page, "+projectURL)
 
 		_ = closeFunc()
 
diff --git a/tests/integration/api_packages_rpm_test.go b/tests/integration/api_packages_rpm_test.go
index 6feceaeb78..bd1959f64e 100644
--- a/tests/integration/api_packages_rpm_test.go
+++ b/tests/integration/api_packages_rpm_test.go
@@ -157,9 +157,14 @@ gpgkey=%sapi/packages/%s/rpm/repository.key`,
 			t.Run("Download", func(t *testing.T) {
 				defer tests.PrintCurrentTest(t)()
 
+				// download the package without the file name
 				req := NewRequest(t, "GET", fmt.Sprintf("%s/package/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture))
 				resp := MakeRequest(t, req, http.StatusOK)
+				assert.Equal(t, content, resp.Body.Bytes())
 
+				// download the package with a file name (it can be anything)
+				req = NewRequest(t, "GET", fmt.Sprintf("%s/package/%s/%s/%s/any-file-name", groupURL, packageName, packageVersion, packageArchitecture))
+				resp = MakeRequest(t, req, http.StatusOK)
 				assert.Equal(t, content, resp.Body.Bytes())
 			})
 
@@ -317,7 +322,7 @@ gpgkey=%sapi/packages/%s/rpm/repository.key`,
 					var result Metadata
 					decodeGzipXML(t, resp, &result)
 
-					assert.EqualValues(t, 1, result.PackageCount)
+					assert.Equal(t, 1, result.PackageCount)
 					assert.Len(t, result.Packages, 1)
 					p := result.Packages[0]
 					assert.Equal(t, "rpm", p.Type)
@@ -366,7 +371,7 @@ gpgkey=%sapi/packages/%s/rpm/repository.key`,
 					var result Filelists
 					decodeGzipXML(t, resp, &result)
 
-					assert.EqualValues(t, 1, result.PackageCount)
+					assert.Equal(t, 1, result.PackageCount)
 					assert.Len(t, result.Packages, 1)
 					p := result.Packages[0]
 					assert.NotEmpty(t, p.Pkgid)
@@ -403,7 +408,7 @@ gpgkey=%sapi/packages/%s/rpm/repository.key`,
 					var result Other
 					decodeGzipXML(t, resp, &result)
 
-					assert.EqualValues(t, 1, result.PackageCount)
+					assert.Equal(t, 1, result.PackageCount)
 					assert.Len(t, result.Packages, 1)
 					p := result.Packages[0]
 					assert.NotEmpty(t, p.Pkgid)
@@ -447,7 +452,8 @@ gpgkey=%sapi/packages/%s/rpm/repository.key`,
 				pub, err := openpgp.ReadArmoredKeyRing(gpgResp.Body)
 				require.NoError(t, err)
 
-				req = NewRequest(t, "GET", fmt.Sprintf("%s/package/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture))
+				rpmFileName := fmt.Sprintf("%s-%s.%s.rpm", packageName, packageVersion, packageArchitecture)
+				req = NewRequest(t, "GET", fmt.Sprintf("%s/package/%s/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture, rpmFileName))
 				resp := MakeRequest(t, req, http.StatusOK)
 
 				_, sigs, err := rpmutils.Verify(resp.Body, pub)
diff --git a/tests/integration/api_packages_rubygems_test.go b/tests/integration/api_packages_rubygems_test.go
index fe9283df4d..ab76c52440 100644
--- a/tests/integration/api_packages_rubygems_test.go
+++ b/tests/integration/api_packages_rubygems_test.go
@@ -185,7 +185,7 @@ func TestPackageRubyGems(t *testing.T) {
 	root := fmt.Sprintf("/api/packages/%s/rubygems", user.Name)
 
 	uploadFile := func(t *testing.T, content []byte, expectedStatus int) {
-		req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/api/v1/gems", root), bytes.NewReader(content)).
+		req := NewRequestWithBody(t, "POST", root+"/api/v1/gems", bytes.NewReader(content)).
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, expectedStatus)
 	}
@@ -293,7 +293,7 @@ gAAAAP//MS06Gw==`)
 
 	t.Run("Versions", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/versions", root)).AddBasicAuth(user.Name)
+		req := NewRequest(t, "GET", root+"/versions").AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, `---
 gitea 1.0.5 08843c2dd0ea19910e6b056b98e38f1c
@@ -307,7 +307,7 @@ gitea-another 0.99 8b639e4048d282941485368ec42609be
 		_ = writer.WriteField("gem_name", packageName)
 		_ = writer.WriteField("version", packageVersion)
 		_ = writer.Close()
-		req := NewRequestWithBody(t, "DELETE", fmt.Sprintf("%s/api/v1/gems/yank", root), &body).
+		req := NewRequestWithBody(t, "DELETE", root+"/api/v1/gems/yank", &body).
 			SetHeader("Content-Type", writer.FormDataContentType()).
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, http.StatusOK)
@@ -330,7 +330,7 @@ gitea-another 0.99 8b639e4048d282941485368ec42609be
 
 	t.Run("VersionsAfterDelete", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/versions", root)).AddBasicAuth(user.Name)
+		req := NewRequest(t, "GET", root+"/versions").AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 		assert.Equal(t, "---\n", resp.Body.String())
 	})
diff --git a/tests/integration/api_packages_swift_test.go b/tests/integration/api_packages_swift_test.go
index c0e0dccfab..b29e8459ff 100644
--- a/tests/integration/api_packages_swift_test.go
+++ b/tests/integration/api_packages_swift_test.go
@@ -23,6 +23,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestPackageSwift(t *testing.T) {
@@ -34,6 +35,7 @@ func TestPackageSwift(t *testing.T) {
 	packageName := "test_package"
 	packageID := packageScope + "." + packageName
 	packageVersion := "1.0.3"
+	packageVersion2 := "1.0.4"
 	packageAuthor := "KN4CK3R"
 	packageDescription := "Gitea Test Package"
 	packageRepositoryURL := "https://gitea.io/gitea/gitea"
@@ -183,6 +185,94 @@ func TestPackageSwift(t *testing.T) {
 		)
 	})
 
+	t.Run("UploadMultipart", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		uploadPackage := func(t *testing.T, url string, expectedStatus int, sr io.Reader, metadata string) {
+			var body bytes.Buffer
+			mpw := multipart.NewWriter(&body)
+
+			// Read the source archive content
+			sourceContent, err := io.ReadAll(sr)
+			assert.NoError(t, err)
+			mpw.WriteField("source-archive", string(sourceContent))
+
+			if metadata != "" {
+				mpw.WriteField("metadata", metadata)
+			}
+
+			mpw.Close()
+
+			req := NewRequestWithBody(t, "PUT", url, &body).
+				SetHeader("Content-Type", mpw.FormDataContentType()).
+				SetHeader("Accept", swift_router.AcceptJSON).
+				AddBasicAuth(user.Name)
+			MakeRequest(t, req, expectedStatus)
+		}
+
+		createArchive := func(files map[string]string) *bytes.Buffer {
+			var buf bytes.Buffer
+			zw := zip.NewWriter(&buf)
+			for filename, content := range files {
+				w, _ := zw.Create(filename)
+				w.Write([]byte(content))
+			}
+			zw.Close()
+			return &buf
+		}
+
+		uploadURL := fmt.Sprintf("%s/%s/%s/%s", url, packageScope, packageName, packageVersion2)
+
+		req := NewRequestWithBody(t, "PUT", uploadURL, bytes.NewReader([]byte{}))
+		MakeRequest(t, req, http.StatusUnauthorized)
+
+		// Test with metadata as form field
+		uploadPackage(
+			t,
+			uploadURL,
+			http.StatusCreated,
+			createArchive(map[string]string{
+				"Package.swift":           contentManifest1,
+				"Package@swift-5.6.swift": contentManifest2,
+			}),
+			`{"name":"`+packageName+`","version":"`+packageVersion2+`","description":"`+packageDescription+`","codeRepository":"`+packageRepositoryURL+`","author":{"givenName":"`+packageAuthor+`"},"repositoryURLs":["`+packageRepositoryURL+`"]}`,
+		)
+
+		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeSwift)
+		assert.NoError(t, err)
+		require.Len(t, pvs, 2) // ATTENTION: many subtests are unable to run separately, they depend on the results of previous tests
+		thisPackageVersion := pvs[0]
+		pd, err := packages.GetPackageDescriptor(db.DefaultContext, thisPackageVersion)
+		assert.NoError(t, err)
+		assert.NotNil(t, pd.SemVer)
+		assert.Equal(t, packageID, pd.Package.Name)
+		assert.Equal(t, packageVersion2, pd.Version.Version)
+		assert.IsType(t, &swift_module.Metadata{}, pd.Metadata)
+		metadata := pd.Metadata.(*swift_module.Metadata)
+		assert.Equal(t, packageDescription, metadata.Description)
+		assert.Len(t, metadata.Manifests, 2)
+		assert.Equal(t, contentManifest1, metadata.Manifests[""].Content)
+		assert.Equal(t, contentManifest2, metadata.Manifests["5.6"].Content)
+		assert.Len(t, pd.VersionProperties, 1)
+		assert.Equal(t, packageRepositoryURL, pd.VersionProperties.GetByName(swift_module.PropertyRepositoryURL))
+
+		pfs, err := packages.GetFilesByVersionID(db.DefaultContext, thisPackageVersion.ID)
+		assert.NoError(t, err)
+		assert.Len(t, pfs, 1)
+		assert.Equal(t, fmt.Sprintf("%s-%s.zip", packageName, packageVersion2), pfs[0].Name)
+		assert.True(t, pfs[0].IsLead)
+
+		uploadPackage(
+			t,
+			uploadURL,
+			http.StatusConflict,
+			createArchive(map[string]string{
+				"Package.swift": contentManifest1,
+			}),
+			"",
+		)
+	})
+
 	t.Run("Download", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
@@ -211,7 +301,7 @@ func TestPackageSwift(t *testing.T) {
 			SetHeader("Accept", swift_router.AcceptJSON)
 		resp := MakeRequest(t, req, http.StatusOK)
 
-		versionURL := setting.AppURL + url[1:] + fmt.Sprintf("/%s/%s/%s", packageScope, packageName, packageVersion)
+		versionURL := setting.AppURL + url[1:] + fmt.Sprintf("/%s/%s/%s", packageScope, packageName, packageVersion2)
 
 		assert.Equal(t, "1", resp.Header().Get("Content-Version"))
 		assert.Equal(t, fmt.Sprintf(`<%s>; rel="latest-version"`, versionURL), resp.Header().Get("Link"))
@@ -221,9 +311,9 @@ func TestPackageSwift(t *testing.T) {
 		var result *swift_router.EnumeratePackageVersionsResponse
 		DecodeJSON(t, resp, &result)
 
-		assert.Len(t, result.Releases, 1)
-		assert.Contains(t, result.Releases, packageVersion)
-		assert.Equal(t, versionURL, result.Releases[packageVersion].URL)
+		assert.Len(t, result.Releases, 2)
+		assert.Contains(t, result.Releases, packageVersion2)
+		assert.Equal(t, versionURL, result.Releases[packageVersion2].URL)
 
 		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s.json", url, packageScope, packageName)).
 			AddBasicAuth(user.Name)
diff --git a/tests/integration/api_packages_test.go b/tests/integration/api_packages_test.go
index 978a690302..f10b098885 100644
--- a/tests/integration/api_packages_test.go
+++ b/tests/integration/api_packages_test.go
@@ -15,9 +15,9 @@ import (
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	packages_model "code.gitea.io/gitea/models/packages"
-	container_model "code.gitea.io/gitea/models/packages/container"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	container_module "code.gitea.io/gitea/modules/packages/container"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/util"
@@ -49,7 +49,7 @@ func TestPackageAPI(t *testing.T) {
 	t.Run("ListPackages", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s", user.Name)).
+		req := NewRequest(t, "GET", "/api/v1/packages/"+user.Name).
 			AddTokenAuth(tokenReadPackage)
 		resp := MakeRequest(t, req, http.StatusOK)
 
@@ -83,70 +83,101 @@ func TestPackageAPI(t *testing.T) {
 		assert.Equal(t, packageVersion, p.Version)
 		assert.NotNil(t, p.Creator)
 		assert.Equal(t, user.Name, p.Creator.UserName)
+	})
 
-		t.Run("RepositoryLink", func(t *testing.T) {
-			defer tests.PrintCurrentTest(t)()
+	t.Run("ListPackageVersions", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
 
-			_, err := packages_model.GetPackageByName(db.DefaultContext, user.ID, packages_model.TypeGeneric, packageName)
-			assert.NoError(t, err)
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s", user.Name, packageName)).
+			AddTokenAuth(tokenReadPackage)
+		resp := MakeRequest(t, req, http.StatusOK)
 
-			// no repository link
-			req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
-				AddTokenAuth(tokenReadPackage)
-			resp := MakeRequest(t, req, http.StatusOK)
+		var apiPackages []*api.Package
+		DecodeJSON(t, resp, &apiPackages)
 
-			var ap1 *api.Package
-			DecodeJSON(t, resp, &ap1)
-			assert.Nil(t, ap1.Repository)
+		assert.Len(t, apiPackages, 1)
+		assert.Equal(t, string(packages_model.TypeGeneric), apiPackages[0].Type)
+		assert.Equal(t, packageName, apiPackages[0].Name)
+		assert.Equal(t, packageVersion, apiPackages[0].Version)
+	})
 
-			// create a repository
-			newRepo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
-				Name: "repo4",
-			})
-			assert.NoError(t, err)
+	t.Run("LatestPackageVersion", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
 
-			// link to public repository
-			req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/link/%s", user.Name, packageName, newRepo.Name)).AddTokenAuth(tokenWritePackage)
-			MakeRequest(t, req, http.StatusCreated)
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/latest", user.Name, packageName)).
+			AddTokenAuth(tokenReadPackage)
+		resp := MakeRequest(t, req, http.StatusOK)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
-				AddTokenAuth(tokenReadPackage)
-			resp = MakeRequest(t, req, http.StatusOK)
+		var apiPackage *api.Package
+		DecodeJSON(t, resp, &apiPackage)
 
-			var ap2 *api.Package
-			DecodeJSON(t, resp, &ap2)
-			assert.NotNil(t, ap2.Repository)
-			assert.EqualValues(t, newRepo.ID, ap2.Repository.ID)
+		assert.Equal(t, string(packages_model.TypeGeneric), apiPackage.Type)
+		assert.Equal(t, packageName, apiPackage.Name)
+		assert.Equal(t, packageVersion, apiPackage.Version)
+	})
 
-			// link to repository without write access, should fail
-			req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/link/%s", user.Name, packageName, "repo3")).AddTokenAuth(tokenWritePackage)
-			MakeRequest(t, req, http.StatusNotFound)
+	t.Run("RepositoryLink", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
 
-			// remove link
-			req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/unlink", user.Name, packageName)).AddTokenAuth(tokenWritePackage)
-			MakeRequest(t, req, http.StatusNoContent)
+		_, err := packages_model.GetPackageByName(db.DefaultContext, user.ID, packages_model.TypeGeneric, packageName)
+		assert.NoError(t, err)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
-				AddTokenAuth(tokenReadPackage)
-			resp = MakeRequest(t, req, http.StatusOK)
+		// no repository link
+		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
+			AddTokenAuth(tokenReadPackage)
+		resp := MakeRequest(t, req, http.StatusOK)
 
-			var ap3 *api.Package
-			DecodeJSON(t, resp, &ap3)
-			assert.Nil(t, ap3.Repository)
+		var ap1 *api.Package
+		DecodeJSON(t, resp, &ap1)
+		assert.Nil(t, ap1.Repository)
 
-			// force link to a repository the currently logged-in user doesn't have access to
-			privateRepoID := int64(6)
-			assert.NoError(t, packages_model.SetRepositoryLink(db.DefaultContext, p.ID, privateRepoID))
+		// create a repository
+		newRepo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
+			Name: "repo4",
+		})
+		assert.NoError(t, err)
 
-			req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).AddTokenAuth(tokenReadPackage)
-			resp = MakeRequest(t, req, http.StatusOK)
+		// link to public repository
+		req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/link/%s", user.Name, packageName, newRepo.Name)).AddTokenAuth(tokenWritePackage)
+		MakeRequest(t, req, http.StatusCreated)
 
-			var ap4 *api.Package
-			DecodeJSON(t, resp, &ap4)
-			assert.Nil(t, ap4.Repository)
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
+			AddTokenAuth(tokenReadPackage)
+		resp = MakeRequest(t, req, http.StatusOK)
 
-			assert.NoError(t, packages_model.UnlinkRepositoryFromAllPackages(db.DefaultContext, privateRepoID))
-		})
+		var ap2 *api.Package
+		DecodeJSON(t, resp, &ap2)
+		assert.NotNil(t, ap2.Repository)
+		assert.Equal(t, newRepo.ID, ap2.Repository.ID)
+
+		// link to repository without write access, should fail
+		req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/link/%s", user.Name, packageName, "repo3")).AddTokenAuth(tokenWritePackage)
+		MakeRequest(t, req, http.StatusNotFound)
+
+		// remove link
+		req = NewRequest(t, "POST", fmt.Sprintf("/api/v1/packages/%s/generic/%s/-/unlink", user.Name, packageName)).AddTokenAuth(tokenWritePackage)
+		MakeRequest(t, req, http.StatusNoContent)
+
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).
+			AddTokenAuth(tokenReadPackage)
+		resp = MakeRequest(t, req, http.StatusOK)
+
+		var ap3 *api.Package
+		DecodeJSON(t, resp, &ap3)
+		assert.Nil(t, ap3.Repository)
+
+		// force link to a repository the currently logged-in user doesn't have access to
+		privateRepoID := int64(6)
+		assert.NoError(t, packages_model.SetRepositoryLink(db.DefaultContext, ap1.ID, privateRepoID))
+
+		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s/generic/%s/%s", user.Name, packageName, packageVersion)).AddTokenAuth(tokenReadPackage)
+		resp = MakeRequest(t, req, http.StatusOK)
+
+		var ap4 *api.Package
+		DecodeJSON(t, resp, &ap4)
+		assert.Nil(t, ap4.Repository)
+
+		assert.NoError(t, packages_model.UnlinkRepositoryFromAllPackages(db.DefaultContext, privateRepoID))
 	})
 
 	t.Run("ListPackageFiles", func(t *testing.T) {
@@ -408,7 +439,7 @@ func TestPackageAccess(t *testing.T) {
 			{limitedOrgNoMember, http.StatusOK},
 			{publicOrgNoMember, http.StatusOK},
 		} {
-			req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s", target.Owner.Name)).
+			req := NewRequest(t, "GET", "/api/v1/packages/"+target.Owner.Name).
 				AddTokenAuth(tokenReadPackage)
 			MakeRequest(t, req, target.ExpectedStatus)
 		}
@@ -507,7 +538,7 @@ func TestPackageCleanup(t *testing.T) {
 		assert.NoError(t, err)
 		assert.NotEmpty(t, pbs)
 
-		_, err = packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, "cleanup-test", container_model.UploadVersion)
+		_, err = packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, "cleanup-test", container_module.UploadVersion)
 		assert.NoError(t, err)
 
 		err = packages_cleanup_service.CleanupTask(db.DefaultContext, duration)
@@ -517,7 +548,7 @@ func TestPackageCleanup(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Empty(t, pbs)
 
-		_, err = packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, "cleanup-test", container_model.UploadVersion)
+		_, err = packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, "cleanup-test", container_module.UploadVersion)
 		assert.ErrorIs(t, err, packages_model.ErrPackageNotExist)
 	})
 
@@ -605,12 +636,16 @@ func TestPackageCleanup(t *testing.T) {
 			},
 			{
 				Name: "Mixed",
-				Versions: []version{
-					{Version: "keep", ShouldExist: true, Created: time.Now().Add(time.Duration(10000)).Unix()},
-					{Version: "dummy", ShouldExist: true, Created: 1},
-					{Version: "test-3", ShouldExist: true},
-					{Version: "test-4", ShouldExist: false, Created: 1},
-				},
+				Versions: func(limit, removeDays int) []version {
+					aa := []version{
+						{Version: "keep", ShouldExist: true, Created: time.Now().Add(time.Duration(10000)).Unix()},
+						{Version: "dummy", ShouldExist: true, Created: 1},
+					}
+					for i := range limit {
+						aa = append(aa, version{Version: fmt.Sprintf("test-%v", i+3), ShouldExist: util.Iif(i < removeDays, true, false), Created: time.Now().AddDate(0, 0, -i).Unix()})
+					}
+					return aa
+				}(220, 7),
 				Rule: &packages_model.PackageCleanupRule{
 					Enabled:       true,
 					KeepCount:     1,
@@ -655,7 +690,7 @@ func TestPackageCleanup(t *testing.T) {
 						err = packages_service.DeletePackageVersionAndReferences(db.DefaultContext, pv)
 						assert.NoError(t, err)
 					} else {
-						assert.ErrorIs(t, err, packages_model.ErrPackageNotExist)
+						assert.ErrorIs(t, err, packages_model.ErrPackageNotExist, v.Version)
 					}
 				}
 
diff --git a/tests/integration/api_packages_vagrant_test.go b/tests/integration/api_packages_vagrant_test.go
index a5e954f3a2..1743e37222 100644
--- a/tests/integration/api_packages_vagrant_test.go
+++ b/tests/integration/api_packages_vagrant_test.go
@@ -35,7 +35,7 @@ func TestPackageVagrant(t *testing.T) {
 	packageDescription := "Test Description"
 	packageProvider := "virtualbox"
 
-	filename := fmt.Sprintf("%s.box", packageProvider)
+	filename := packageProvider + ".box"
 
 	infoContent, _ := json.Marshal(map[string]string{
 		"description": packageDescription,
@@ -59,7 +59,7 @@ func TestPackageVagrant(t *testing.T) {
 	t.Run("Authenticate", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		authenticateURL := fmt.Sprintf("%s/authenticate", root)
+		authenticateURL := root + "/authenticate"
 
 		req := NewRequest(t, "GET", authenticateURL)
 		MakeRequest(t, req, http.StatusUnauthorized)
diff --git a/tests/integration/api_pull_review_test.go b/tests/integration/api_pull_review_test.go
index b85882a510..1fc65ddea8 100644
--- a/tests/integration/api_pull_review_test.go
+++ b/tests/integration/api_pull_review_test.go
@@ -43,17 +43,17 @@ func TestAPIPullReview(t *testing.T) {
 	require.Len(t, reviews, 8)
 
 	for _, r := range reviews {
-		assert.EqualValues(t, pullIssue.HTMLURL(), r.HTMLPullURL)
+		assert.Equal(t, pullIssue.HTMLURL(), r.HTMLPullURL)
 	}
 	assert.EqualValues(t, 8, reviews[3].ID)
 	assert.EqualValues(t, "APPROVED", reviews[3].State)
-	assert.EqualValues(t, 0, reviews[3].CodeCommentsCount)
+	assert.Equal(t, 0, reviews[3].CodeCommentsCount)
 	assert.True(t, reviews[3].Stale)
 	assert.False(t, reviews[3].Official)
 
 	assert.EqualValues(t, 10, reviews[5].ID)
 	assert.EqualValues(t, "REQUEST_CHANGES", reviews[5].State)
-	assert.EqualValues(t, 1, reviews[5].CodeCommentsCount)
+	assert.Equal(t, 1, reviews[5].CodeCommentsCount)
 	assert.EqualValues(t, -1, reviews[5].Reviewer.ID) // ghost user
 	assert.False(t, reviews[5].Stale)
 	assert.True(t, reviews[5].Official)
@@ -64,13 +64,13 @@ func TestAPIPullReview(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 	var review api.PullReview
 	DecodeJSON(t, resp, &review)
-	assert.EqualValues(t, *reviews[3], review)
+	assert.Equal(t, *reviews[3], review)
 
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/pulls/%d/reviews/%d", repo.OwnerName, repo.Name, pullIssue.Index, reviews[5].ID).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &review)
-	assert.EqualValues(t, *reviews[5], review)
+	assert.Equal(t, *reviews[5], review)
 
 	// test GetPullReviewComments
 	comment := unittest.AssertExistsAndLoadBean(t, &issues_model.Comment{ID: 7})
@@ -80,11 +80,11 @@ func TestAPIPullReview(t *testing.T) {
 	var reviewComments []*api.PullReviewComment
 	DecodeJSON(t, resp, &reviewComments)
 	assert.Len(t, reviewComments, 1)
-	assert.EqualValues(t, "Ghost", reviewComments[0].Poster.UserName)
-	assert.EqualValues(t, "a review from a deleted user", reviewComments[0].Body)
-	assert.EqualValues(t, comment.ID, reviewComments[0].ID)
+	assert.Equal(t, "Ghost", reviewComments[0].Poster.UserName)
+	assert.Equal(t, "a review from a deleted user", reviewComments[0].Body)
+	assert.Equal(t, comment.ID, reviewComments[0].ID)
 	assert.EqualValues(t, comment.UpdatedUnix, reviewComments[0].Updated.Unix())
-	assert.EqualValues(t, comment.HTMLURL(db.DefaultContext), reviewComments[0].HTMLURL)
+	assert.Equal(t, comment.HTMLURL(db.DefaultContext), reviewComments[0].HTMLURL)
 
 	// test CreatePullReview
 	req = NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls/%d/reviews", repo.OwnerName, repo.Name, pullIssue.Index), &api.CreatePullReviewOptions{
@@ -113,7 +113,7 @@ func TestAPIPullReview(t *testing.T) {
 	DecodeJSON(t, resp, &review)
 	assert.EqualValues(t, 6, review.ID)
 	assert.EqualValues(t, "PENDING", review.State)
-	assert.EqualValues(t, 3, review.CodeCommentsCount)
+	assert.Equal(t, 3, review.CodeCommentsCount)
 
 	// test SubmitPullReview
 	req = NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls/%d/reviews/%d", repo.OwnerName, repo.Name, pullIssue.Index, review.ID), &api.SubmitPullReviewOptions{
@@ -124,7 +124,7 @@ func TestAPIPullReview(t *testing.T) {
 	DecodeJSON(t, resp, &review)
 	assert.EqualValues(t, 6, review.ID)
 	assert.EqualValues(t, "APPROVED", review.State)
-	assert.EqualValues(t, 3, review.CodeCommentsCount)
+	assert.Equal(t, 3, review.CodeCommentsCount)
 
 	// test dismiss review
 	req = NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls/%d/reviews/%d/dismissals", repo.OwnerName, repo.Name, pullIssue.Index, review.ID), &api.DismissPullReviewOptions{
@@ -151,7 +151,7 @@ func TestAPIPullReview(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &review)
 	assert.EqualValues(t, "COMMENT", review.State)
-	assert.EqualValues(t, 0, review.CodeCommentsCount)
+	assert.Equal(t, 0, review.CodeCommentsCount)
 	req = NewRequestf(t, http.MethodDelete, "/api/v1/repos/%s/%s/pulls/%d/reviews/%d", repo.OwnerName, repo.Name, pullIssue.Index, review.ID).
 		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
@@ -179,7 +179,7 @@ func TestAPIPullReview(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &commentReview)
 	assert.EqualValues(t, "COMMENT", commentReview.State)
-	assert.EqualValues(t, 2, commentReview.CodeCommentsCount)
+	assert.Equal(t, 2, commentReview.CodeCommentsCount)
 	assert.Empty(t, commentReview.Body)
 	assert.False(t, commentReview.Dismissed)
 
@@ -194,8 +194,8 @@ func TestAPIPullReview(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &commentReview)
 	assert.EqualValues(t, "COMMENT", commentReview.State)
-	assert.EqualValues(t, 0, commentReview.CodeCommentsCount)
-	assert.EqualValues(t, commentBody, commentReview.Body)
+	assert.Equal(t, 0, commentReview.CodeCommentsCount)
+	assert.Equal(t, commentBody, commentReview.Body)
 	assert.False(t, commentReview.Dismissed)
 
 	// test CreatePullReview Comment without body and no comments
@@ -207,7 +207,7 @@ func TestAPIPullReview(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusUnprocessableEntity)
 	errMap := make(map[string]any)
 	json.Unmarshal(resp.Body.Bytes(), &errMap)
-	assert.EqualValues(t, "review event COMMENT requires a body or a comment", errMap["message"].(string))
+	assert.Equal(t, "review event COMMENT requires a body or a comment", errMap["message"].(string))
 
 	// test get review requests
 	// to make it simple, use same api with get review
@@ -221,14 +221,14 @@ func TestAPIPullReview(t *testing.T) {
 	DecodeJSON(t, resp, &reviews)
 	assert.EqualValues(t, 11, reviews[0].ID)
 	assert.EqualValues(t, "REQUEST_REVIEW", reviews[0].State)
-	assert.EqualValues(t, 0, reviews[0].CodeCommentsCount)
+	assert.Equal(t, 0, reviews[0].CodeCommentsCount)
 	assert.False(t, reviews[0].Stale)
 	assert.True(t, reviews[0].Official)
-	assert.EqualValues(t, "test_team", reviews[0].ReviewerTeam.Name)
+	assert.Equal(t, "test_team", reviews[0].ReviewerTeam.Name)
 
 	assert.EqualValues(t, 12, reviews[1].ID)
 	assert.EqualValues(t, "REQUEST_REVIEW", reviews[1].State)
-	assert.EqualValues(t, 0, reviews[0].CodeCommentsCount)
+	assert.Equal(t, 0, reviews[0].CodeCommentsCount)
 	assert.False(t, reviews[1].Stale)
 	assert.True(t, reviews[1].Official)
 	assert.EqualValues(t, 1, reviews[1].Reviewer.ID)
diff --git a/tests/integration/api_pull_test.go b/tests/integration/api_pull_test.go
index 39c6c34a30..f2df6021e1 100644
--- a/tests/integration/api_pull_test.go
+++ b/tests/integration/api_pull_test.go
@@ -8,7 +8,10 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
+	"strings"
 	"testing"
+	"time"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
@@ -17,11 +20,15 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/services/convert"
 	"code.gitea.io/gitea/services/forms"
 	"code.gitea.io/gitea/services/gitdiff"
 	issue_service "code.gitea.io/gitea/services/issue"
+	pull_service "code.gitea.io/gitea/services/pull"
+	files_service "code.gitea.io/gitea/services/repository/files"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
@@ -61,8 +68,8 @@ func TestAPIViewPulls(t *testing.T) {
 			assert.Equal(t, "File-WoW", patch.Files[0].Name)
 			// FIXME: The old name should be empty if it's a file add type
 			assert.Equal(t, "File-WoW", patch.Files[0].OldName)
-			assert.EqualValues(t, 1, patch.Files[0].Addition)
-			assert.EqualValues(t, 0, patch.Files[0].Deletion)
+			assert.Equal(t, 1, patch.Files[0].Addition)
+			assert.Equal(t, 0, patch.Files[0].Deletion)
 			assert.Equal(t, gitdiff.DiffFileAdd, patch.Files[0].Type)
 		}
 
@@ -71,9 +78,9 @@ func TestAPIViewPulls(t *testing.T) {
 				if assert.Len(t, files, 1) {
 					assert.Equal(t, "File-WoW", files[0].Filename)
 					assert.Empty(t, files[0].PreviousFilename)
-					assert.EqualValues(t, 1, files[0].Additions)
-					assert.EqualValues(t, 1, files[0].Changes)
-					assert.EqualValues(t, 0, files[0].Deletions)
+					assert.Equal(t, 1, files[0].Additions)
+					assert.Equal(t, 1, files[0].Changes)
+					assert.Equal(t, 0, files[0].Deletions)
 					assert.Equal(t, "added", files[0].Status)
 				}
 			}))
@@ -97,8 +104,8 @@ func TestAPIViewPulls(t *testing.T) {
 		if assert.Len(t, patch.Files, 1) {
 			assert.Equal(t, "README.md", patch.Files[0].Name)
 			assert.Equal(t, "README.md", patch.Files[0].OldName)
-			assert.EqualValues(t, 4, patch.Files[0].Addition)
-			assert.EqualValues(t, 1, patch.Files[0].Deletion)
+			assert.Equal(t, 4, patch.Files[0].Addition)
+			assert.Equal(t, 1, patch.Files[0].Deletion)
 			assert.Equal(t, gitdiff.DiffFileChange, patch.Files[0].Type)
 		}
 
@@ -107,9 +114,9 @@ func TestAPIViewPulls(t *testing.T) {
 				if assert.Len(t, files, 1) {
 					assert.Equal(t, "README.md", files[0].Filename)
 					// FIXME: The PreviousFilename name should be the same as Filename if it's a file change
-					assert.Equal(t, "", files[0].PreviousFilename)
-					assert.EqualValues(t, 4, files[0].Additions)
-					assert.EqualValues(t, 1, files[0].Deletions)
+					assert.Empty(t, files[0].PreviousFilename)
+					assert.Equal(t, 4, files[0].Additions)
+					assert.Equal(t, 1, files[0].Deletions)
 					assert.Equal(t, "changed", files[0].Status)
 				}
 			}))
@@ -193,7 +200,7 @@ func TestAPICreatePullSuccess(t *testing.T) {
 	session := loginUser(t, owner11.Name)
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 	req := NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls", owner10.Name, repo10.Name), &api.CreatePullRequestOption{
-		Head:  fmt.Sprintf("%s:master", owner11.Name),
+		Head:  owner11.Name + ":master",
 		Base:  "master",
 		Title: "create a failure pr",
 	}).AddTokenAuth(token)
@@ -213,7 +220,7 @@ func TestAPICreatePullBasePermission(t *testing.T) {
 	session := loginUser(t, user4.Name)
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 	opts := &api.CreatePullRequestOption{
-		Head:  fmt.Sprintf("%s:master", repo11.OwnerName),
+		Head:  repo11.OwnerName + ":master",
 		Base:  "master",
 		Title: "create a failure pr",
 	}
@@ -241,7 +248,7 @@ func TestAPICreatePullHeadPermission(t *testing.T) {
 	session := loginUser(t, user4.Name)
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 	opts := &api.CreatePullRequestOption{
-		Head:  fmt.Sprintf("%s:master", repo11.OwnerName),
+		Head:  repo11.OwnerName + ":master",
 		Base:  "master",
 		Title: "create a failure pr",
 	}
@@ -269,7 +276,7 @@ func TestAPICreatePullSameRepoSuccess(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 
 	req := NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls", owner.Name, repo.Name), &api.CreatePullRequestOption{
-		Head:  fmt.Sprintf("%s:pr-to-update", owner.Name),
+		Head:  owner.Name + ":pr-to-update",
 		Base:  "master",
 		Title: "successfully create a PR between branches of the same repository",
 	}).AddTokenAuth(token)
@@ -290,7 +297,7 @@ func TestAPICreatePullWithFieldsSuccess(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 
 	opts := &api.CreatePullRequestOption{
-		Head:      fmt.Sprintf("%s:master", owner11.Name),
+		Head:      owner11.Name + ":master",
 		Base:      "master",
 		Title:     "create a failure pr",
 		Body:      "foobaaar",
@@ -307,12 +314,12 @@ func TestAPICreatePullWithFieldsSuccess(t *testing.T) {
 	DecodeJSON(t, res, pull)
 
 	assert.NotNil(t, pull.Milestone)
-	assert.EqualValues(t, opts.Milestone, pull.Milestone.ID)
+	assert.Equal(t, opts.Milestone, pull.Milestone.ID)
 	if assert.Len(t, pull.Assignees, 1) {
-		assert.EqualValues(t, opts.Assignees[0], owner10.Name)
+		assert.Equal(t, opts.Assignees[0], owner10.Name)
 	}
 	assert.NotNil(t, pull.Labels)
-	assert.EqualValues(t, opts.Labels[0], pull.Labels[0].ID)
+	assert.Equal(t, opts.Labels[0], pull.Labels[0].ID)
 }
 
 func TestAPICreatePullWithFieldsFailure(t *testing.T) {
@@ -328,7 +335,7 @@ func TestAPICreatePullWithFieldsFailure(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 
 	opts := &api.CreatePullRequestOption{
-		Head: fmt.Sprintf("%s:master", owner11.Name),
+		Head: owner11.Name + ":master",
 		Base: "master",
 	}
 
@@ -366,7 +373,7 @@ func TestAPIEditPull(t *testing.T) {
 	apiPull := new(api.PullRequest)
 	resp := MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, apiPull)
-	assert.EqualValues(t, "master", apiPull.Base.Name)
+	assert.Equal(t, "master", apiPull.Base.Name)
 
 	newTitle := "edit a this pr"
 	newBody := "edited body"
@@ -377,7 +384,7 @@ func TestAPIEditPull(t *testing.T) {
 	}).AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, apiPull)
-	assert.EqualValues(t, "feature/1", apiPull.Base.Name)
+	assert.Equal(t, "feature/1", apiPull.Base.Name)
 	// check comment history
 	pull := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: apiPull.ID})
 	err := pull.LoadIssue(db.DefaultContext)
@@ -424,3 +431,94 @@ func TestAPICommitPullRequest(t *testing.T) {
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/commits/%s/pull", owner.Name, repo.Name, invalidCommitSHA).AddTokenAuth(ctx.Token)
 	ctx.Session.MakeRequest(t, req, http.StatusNotFound)
 }
+
+func TestAPIViewPullFilesWithHeadRepoDeleted(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		baseRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
+
+		ctx := NewAPITestContext(t, "user1", baseRepo.Name, auth_model.AccessTokenScopeAll)
+
+		doAPIForkRepository(ctx, "user2")(t)
+
+		forkedRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ForkID: baseRepo.ID, OwnerName: "user1"})
+
+		// add a new file to the forked repo
+		addFileToForkedResp, err := files_service.ChangeRepoFiles(git.DefaultContext, forkedRepo, user1, &files_service.ChangeRepoFilesOptions{
+			Files: []*files_service.ChangeRepoFile{
+				{
+					Operation:     "create",
+					TreePath:      "file_1.txt",
+					ContentReader: strings.NewReader("file1"),
+				},
+			},
+			Message:   "add file1",
+			OldBranch: "master",
+			NewBranch: "fork-branch-1",
+			Author: &files_service.IdentityOptions{
+				GitUserName:  user1.Name,
+				GitUserEmail: user1.Email,
+			},
+			Committer: &files_service.IdentityOptions{
+				GitUserName:  user1.Name,
+				GitUserEmail: user1.Email,
+			},
+			Dates: &files_service.CommitDateOptions{
+				Author:    time.Now(),
+				Committer: time.Now(),
+			},
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, addFileToForkedResp)
+
+		// create Pull
+		pullIssue := &issues_model.Issue{
+			RepoID:   baseRepo.ID,
+			Title:    "Test pull-request-target-event",
+			PosterID: user1.ID,
+			Poster:   user1,
+			IsPull:   true,
+		}
+		pullRequest := &issues_model.PullRequest{
+			HeadRepoID: forkedRepo.ID,
+			BaseRepoID: baseRepo.ID,
+			HeadBranch: "fork-branch-1",
+			BaseBranch: "master",
+			HeadRepo:   forkedRepo,
+			BaseRepo:   baseRepo,
+			Type:       issues_model.PullRequestGitea,
+		}
+
+		prOpts := &pull_service.NewPullRequestOptions{Repo: baseRepo, Issue: pullIssue, PullRequest: pullRequest}
+		err = pull_service.NewPullRequest(git.DefaultContext, prOpts)
+		assert.NoError(t, err)
+		pr := convert.ToAPIPullRequest(t.Context(), pullRequest, user1)
+
+		ctx = NewAPITestContext(t, "user2", baseRepo.Name, auth_model.AccessTokenScopeAll)
+		doAPIGetPullFiles(ctx, pr, func(t *testing.T, files []*api.ChangedFile) {
+			if assert.Len(t, files, 1) {
+				assert.Equal(t, "file_1.txt", files[0].Filename)
+				assert.Empty(t, files[0].PreviousFilename)
+				assert.Equal(t, 1, files[0].Additions)
+				assert.Equal(t, 1, files[0].Changes)
+				assert.Equal(t, 0, files[0].Deletions)
+				assert.Equal(t, "added", files[0].Status)
+			}
+		})(t)
+
+		// delete the head repository of the pull request
+		forkCtx := NewAPITestContext(t, "user1", forkedRepo.Name, auth_model.AccessTokenScopeAll)
+		doAPIDeleteRepository(forkCtx)(t)
+
+		doAPIGetPullFiles(ctx, pr, func(t *testing.T, files []*api.ChangedFile) {
+			if assert.Len(t, files, 1) {
+				assert.Equal(t, "file_1.txt", files[0].Filename)
+				assert.Empty(t, files[0].PreviousFilename)
+				assert.Equal(t, 1, files[0].Additions)
+				assert.Equal(t, 1, files[0].Changes)
+				assert.Equal(t, 0, files[0].Deletions)
+				assert.Equal(t, "added", files[0].Status)
+			}
+		})(t)
+	})
+}
diff --git a/tests/integration/api_releases_test.go b/tests/integration/api_releases_test.go
index b3d4928b7b..a3dbc0363b 100644
--- a/tests/integration/api_releases_test.go
+++ b/tests/integration/api_releases_test.go
@@ -97,7 +97,7 @@ func createNewReleaseUsingAPI(t *testing.T, token string, owner *user_model.User
 		Title:   newRelease.Title,
 	}
 	unittest.AssertExistsAndLoadBean(t, rel)
-	assert.EqualValues(t, newRelease.Note, rel.Note)
+	assert.Equal(t, newRelease.Note, rel.Note)
 
 	return &newRelease
 }
@@ -151,7 +151,7 @@ func TestAPICreateAndUpdateRelease(t *testing.T) {
 		Title:   newRelease.Title,
 	}
 	unittest.AssertExistsAndLoadBean(t, rel)
-	assert.EqualValues(t, rel.Note, newRelease.Note)
+	assert.Equal(t, rel.Note, newRelease.Note)
 }
 
 func TestAPICreateProtectedTagRelease(t *testing.T) {
@@ -329,7 +329,7 @@ func TestAPIUploadAssetRelease(t *testing.T) {
 		var attachment *api.Attachment
 		DecodeJSON(t, resp, &attachment)
 
-		assert.EqualValues(t, filename, attachment.Name)
+		assert.Equal(t, filename, attachment.Name)
 		assert.EqualValues(t, 104, attachment.Size)
 
 		req = NewRequestWithBody(t, http.MethodPost, assetURL+"?name=test-asset", bytes.NewReader(body.Bytes())).
@@ -340,7 +340,7 @@ func TestAPIUploadAssetRelease(t *testing.T) {
 		var attachment2 *api.Attachment
 		DecodeJSON(t, resp, &attachment2)
 
-		assert.EqualValues(t, "test-asset", attachment2.Name)
+		assert.Equal(t, "test-asset", attachment2.Name)
 		assert.EqualValues(t, 104, attachment2.Size)
 	})
 
@@ -358,7 +358,7 @@ func TestAPIUploadAssetRelease(t *testing.T) {
 		var attachment *api.Attachment
 		DecodeJSON(t, resp, &attachment)
 
-		assert.EqualValues(t, "stream.bin", attachment.Name)
+		assert.Equal(t, "stream.bin", attachment.Name)
 		assert.EqualValues(t, 104, attachment.Size)
 	})
 }
diff --git a/tests/integration/api_repo_archive_test.go b/tests/integration/api_repo_archive_test.go
index 8589199da3..97c2c0d54b 100644
--- a/tests/integration/api_repo_archive_test.go
+++ b/tests/integration/api_repo_archive_test.go
@@ -12,7 +12,9 @@ import (
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/perm"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/tests"
@@ -48,7 +50,7 @@ func TestAPIDownloadArchive(t *testing.T) {
 	bs2, err := io.ReadAll(resp.Body)
 	assert.NoError(t, err)
 	// The locked URL should give the same bytes as the non-locked one
-	assert.EqualValues(t, bs, bs2)
+	assert.Equal(t, bs, bs2)
 
 	link, _ = url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/archive/master.bundle", user2.Name, repo.Name))
 	resp = MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK)
@@ -58,9 +60,12 @@ func TestAPIDownloadArchive(t *testing.T) {
 
 	link, _ = url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/archive/master", user2.Name, repo.Name))
 	MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusBadRequest)
+
+	t.Run("GitHubStyle", testAPIDownloadArchiveGitHubStyle)
+	t.Run("PrivateRepo", testAPIDownloadArchivePrivateRepo)
 }
 
-func TestAPIDownloadArchive2(t *testing.T) {
+func testAPIDownloadArchiveGitHubStyle(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
@@ -88,14 +93,20 @@ func TestAPIDownloadArchive2(t *testing.T) {
 	bs2, err := io.ReadAll(resp.Body)
 	assert.NoError(t, err)
 	// The locked URL should give the same bytes as the non-locked one
-	assert.EqualValues(t, bs, bs2)
+	assert.Equal(t, bs, bs2)
 
 	link, _ = url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/bundle/master", user2.Name, repo.Name))
 	resp = MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK)
 	bs, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
 	assert.Len(t, bs, 382)
+}
 
-	link, _ = url.Parse(fmt.Sprintf("/api/v1/repos/%s/%s/archive/master", user2.Name, repo.Name))
-	MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusBadRequest)
+func testAPIDownloadArchivePrivateRepo(t *testing.T) {
+	_ = repo_model.UpdateRepositoryColsNoAutoTime(t.Context(), &repo_model.Repository{ID: 1, IsPrivate: true}, "is_private")
+	MakeRequest(t, NewRequest(t, "HEAD", "/api/v1/repos/user2/repo1/archive/master.zip"), http.StatusNotFound)
+	MakeRequest(t, NewRequest(t, "HEAD", "/api/v1/repos/user2/repo1/zipball/master"), http.StatusNotFound)
+	_ = repo_model.UpdateRepoUnitPublicAccess(t.Context(), &repo_model.RepoUnit{RepoID: 1, Type: unit.TypeCode, AnonymousAccessMode: perm.AccessModeRead})
+	MakeRequest(t, NewRequest(t, "HEAD", "/api/v1/repos/user2/repo1/archive/master.zip"), http.StatusOK)
+	MakeRequest(t, NewRequest(t, "HEAD", "/api/v1/repos/user2/repo1/zipball/master"), http.StatusOK)
 }
diff --git a/tests/integration/api_repo_branch_test.go b/tests/integration/api_repo_branch_test.go
index 63080b308c..066eb366b1 100644
--- a/tests/integration/api_repo_branch_test.go
+++ b/tests/integration/api_repo_branch_test.go
@@ -4,11 +4,11 @@
 package integration
 
 import (
-	"bytes"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
+	"strings"
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
@@ -42,8 +42,8 @@ func TestAPIRepoBranchesPlain(t *testing.T) {
 		var branches []*api.Branch
 		assert.NoError(t, json.Unmarshal(bs, &branches))
 		assert.Len(t, branches, 2)
-		assert.EqualValues(t, "test_branch", branches[0].Name)
-		assert.EqualValues(t, "master", branches[1].Name)
+		assert.Equal(t, "test_branch", branches[0].Name)
+		assert.Equal(t, "master", branches[1].Name)
 
 		link2, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch", repo3.Name))
 		MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden)
@@ -53,20 +53,20 @@ func TestAPIRepoBranchesPlain(t *testing.T) {
 		assert.NoError(t, err)
 		var branch api.Branch
 		assert.NoError(t, json.Unmarshal(bs, &branch))
-		assert.EqualValues(t, "test_branch", branch.Name)
+		assert.Equal(t, "test_branch", branch.Name)
 
 		MakeRequest(t, NewRequest(t, "POST", link.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden)
 
 		req := NewRequest(t, "POST", link.String()).AddTokenAuth(token)
 		req.Header.Add("Content-Type", "application/json")
-		req.Body = io.NopCloser(bytes.NewBufferString(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`))
+		req.Body = io.NopCloser(strings.NewReader(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`))
 		resp = MakeRequest(t, req, http.StatusCreated)
 		bs, err = io.ReadAll(resp.Body)
 		assert.NoError(t, err)
 		var branch2 api.Branch
 		assert.NoError(t, json.Unmarshal(bs, &branch2))
-		assert.EqualValues(t, "test_branch2", branch2.Name)
-		assert.EqualValues(t, branch.Commit.ID, branch2.Commit.ID)
+		assert.Equal(t, "test_branch2", branch2.Name)
+		assert.Equal(t, branch.Commit.ID, branch2.Commit.ID)
 
 		resp = MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK)
 		bs, err = io.ReadAll(resp.Body)
@@ -75,9 +75,9 @@ func TestAPIRepoBranchesPlain(t *testing.T) {
 		branches = []*api.Branch{}
 		assert.NoError(t, json.Unmarshal(bs, &branches))
 		assert.Len(t, branches, 3)
-		assert.EqualValues(t, "test_branch", branches[0].Name)
-		assert.EqualValues(t, "test_branch2", branches[1].Name)
-		assert.EqualValues(t, "master", branches[2].Name)
+		assert.Equal(t, "test_branch", branches[0].Name)
+		assert.Equal(t, "test_branch2", branches[1].Name)
+		assert.Equal(t, "master", branches[2].Name)
 
 		link3, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch2", repo3.Name))
 		MakeRequest(t, NewRequest(t, "DELETE", link3.String()), http.StatusNotFound)
@@ -104,8 +104,8 @@ func TestAPIRepoBranchesMirror(t *testing.T) {
 	var branches []*api.Branch
 	assert.NoError(t, json.Unmarshal(bs, &branches))
 	assert.Len(t, branches, 2)
-	assert.EqualValues(t, "test_branch", branches[0].Name)
-	assert.EqualValues(t, "master", branches[1].Name)
+	assert.Equal(t, "test_branch", branches[0].Name)
+	assert.Equal(t, "master", branches[1].Name)
 
 	link2, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch", repo5.Name))
 	resp = MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(token), http.StatusOK)
@@ -113,18 +113,18 @@ func TestAPIRepoBranchesMirror(t *testing.T) {
 	assert.NoError(t, err)
 	var branch api.Branch
 	assert.NoError(t, json.Unmarshal(bs, &branch))
-	assert.EqualValues(t, "test_branch", branch.Name)
+	assert.Equal(t, "test_branch", branch.Name)
 
 	req := NewRequest(t, "POST", link.String()).AddTokenAuth(token)
 	req.Header.Add("Content-Type", "application/json")
-	req.Body = io.NopCloser(bytes.NewBufferString(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`))
+	req.Body = io.NopCloser(strings.NewReader(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`))
 	resp = MakeRequest(t, req, http.StatusForbidden)
 	bs, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs))
+	assert.Equal(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs))
 
 	resp = MakeRequest(t, NewRequest(t, "DELETE", link2.String()).AddTokenAuth(token), http.StatusForbidden)
 	bs, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs))
+	assert.Equal(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs))
 }
diff --git a/tests/integration/api_repo_edit_test.go b/tests/integration/api_repo_edit_test.go
index 7de8910ee0..e228da26e9 100644
--- a/tests/integration/api_repo_edit_test.go
+++ b/tests/integration/api_repo_edit_test.go
@@ -53,9 +53,8 @@ func getRepoEditOptionFromRepo(repo *repo_model.Repository) *api.EditRepoOption
 		hasWiki = true
 	} else if unit, err := repo.GetUnit(db.DefaultContext, unit_model.TypeExternalWiki); err == nil {
 		hasWiki = true
-		config := unit.ExternalWikiConfig()
 		externalWiki = &api.ExternalWiki{
-			ExternalWikiURL: config.ExternalWikiURL,
+			ExternalWikiURL: unit.ExternalWikiConfig().ExternalWikiURL,
 		}
 	}
 	defaultBranch := repo.DefaultBranch
diff --git a/tests/integration/api_repo_file_create_test.go b/tests/integration/api_repo_file_create_test.go
index 2bf4a81280..af3bc54680 100644
--- a/tests/integration/api_repo_file_create_test.go
+++ b/tests/integration/api_repo_file_create_test.go
@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
-	"path/filepath"
+	"path"
 	"testing"
 	"time"
 
@@ -19,6 +19,7 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 
 	"github.com/stretchr/testify/assert"
@@ -49,28 +50,42 @@ func getCreateFileOptions() api.CreateFileOptions {
 	}
 }
 
-func getExpectedFileResponseForCreate(repoFullName, commitID, treePath, latestCommitSHA string) *api.FileResponse {
+func normalizeFileContentResponseCommitTime(c *api.ContentsResponse) {
+	// decoded JSON response may contain different timezone from the one parsed by git commit
+	// so we need to normalize the time to UTC to make "assert.Equal" pass
+	c.LastCommitterDate = util.ToPointer(c.LastCommitterDate.UTC())
+	c.LastAuthorDate = util.ToPointer(c.LastAuthorDate.UTC())
+}
+
+type apiFileResponseInfo struct {
+	repoFullName, commitID, treePath, lastCommitSHA string
+	lastCommitterWhen, lastAuthorWhen               time.Time
+}
+
+func getExpectedFileResponseForCreate(info apiFileResponseInfo) *api.FileResponse {
 	sha := "a635aa942442ddfdba07468cf9661c08fbdf0ebf"
 	encoding := "base64"
 	content := "VGhpcyBpcyBuZXcgdGV4dA=="
-	selfURL := setting.AppURL + "api/v1/repos/" + repoFullName + "/contents/" + treePath + "?ref=master"
-	htmlURL := setting.AppURL + repoFullName + "/src/branch/master/" + treePath
-	gitURL := setting.AppURL + "api/v1/repos/" + repoFullName + "/git/blobs/" + sha
-	downloadURL := setting.AppURL + repoFullName + "/raw/branch/master/" + treePath
-	return &api.FileResponse{
+	selfURL := setting.AppURL + "api/v1/repos/" + info.repoFullName + "/contents/" + info.treePath + "?ref=master"
+	htmlURL := setting.AppURL + info.repoFullName + "/src/branch/master/" + info.treePath
+	gitURL := setting.AppURL + "api/v1/repos/" + info.repoFullName + "/git/blobs/" + sha
+	downloadURL := setting.AppURL + info.repoFullName + "/raw/branch/master/" + info.treePath
+	ret := &api.FileResponse{
 		Content: &api.ContentsResponse{
-			Name:          filepath.Base(treePath),
-			Path:          treePath,
-			SHA:           sha,
-			LastCommitSHA: latestCommitSHA,
-			Size:          16,
-			Type:          "file",
-			Encoding:      &encoding,
-			Content:       &content,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
+			Name:              path.Base(info.treePath),
+			Path:              info.treePath,
+			SHA:               sha,
+			LastCommitSHA:     util.ToPointer(info.lastCommitSHA),
+			LastCommitterDate: util.ToPointer(info.lastCommitterWhen),
+			LastAuthorDate:    util.ToPointer(info.lastAuthorWhen),
+			Size:              16,
+			Type:              "file",
+			Encoding:          &encoding,
+			Content:           &content,
+			URL:               &selfURL,
+			HTMLURL:           &htmlURL,
+			GitURL:            &gitURL,
+			DownloadURL:       &downloadURL,
 			Links: &api.FileLinksResponse{
 				Self:    &selfURL,
 				GitURL:  &gitURL,
@@ -79,10 +94,10 @@ func getExpectedFileResponseForCreate(repoFullName, commitID, treePath, latestCo
 		},
 		Commit: &api.FileCommitResponse{
 			CommitMeta: api.CommitMeta{
-				URL: setting.AppURL + "api/v1/repos/" + repoFullName + "/git/commits/" + commitID,
-				SHA: commitID,
+				URL: setting.AppURL + "api/v1/repos/" + info.repoFullName + "/git/commits/" + info.commitID,
+				SHA: info.commitID,
 			},
-			HTMLURL: setting.AppURL + repoFullName + "/commit/" + commitID,
+			HTMLURL: setting.AppURL + info.repoFullName + "/commit/" + info.commitID,
 			Author: &api.CommitUser{
 				Identity: api.Identity{
 					Name:  "Anne Doe",
@@ -106,6 +121,8 @@ func getExpectedFileResponseForCreate(repoFullName, commitID, treePath, latestCo
 			Payload:   "",
 		},
 	}
+	normalizeFileContentResponseCommitTime(ret.Content)
+	return ret
 }
 
 func BenchmarkAPICreateFileSmall(b *testing.B) {
@@ -114,7 +131,7 @@ func BenchmarkAPICreateFileSmall(b *testing.B) {
 		repo1 := unittest.AssertExistsAndLoadBean(b, &repo_model.Repository{ID: 1}) // public repo
 
 		b.ResetTimer()
-		for n := 0; n < b.N; n++ {
+		for n := 0; b.Loop(); n++ {
 			treePath := fmt.Sprintf("update/file%d.txt", n)
 			_, _ = createFileInBranch(user2, repo1, treePath, repo1.DefaultBranch, treePath)
 		}
@@ -129,7 +146,7 @@ func BenchmarkAPICreateFileMedium(b *testing.B) {
 		repo1 := unittest.AssertExistsAndLoadBean(b, &repo_model.Repository{ID: 1}) // public repo
 
 		b.ResetTimer()
-		for n := 0; n < b.N; n++ {
+		for n := 0; b.Loop(); n++ {
 			treePath := fmt.Sprintf("update/file%d.txt", n)
 			copy(data, treePath)
 			_, _ = createFileInBranch(user2, repo1, treePath, repo1.DefaultBranch, treePath)
@@ -167,21 +184,29 @@ func TestAPICreateFile(t *testing.T) {
 				AddTokenAuth(token2)
 			resp := MakeRequest(t, req, http.StatusCreated)
 			gitRepo, _ := gitrepo.OpenRepository(t.Context(), repo1)
+			defer gitRepo.Close()
 			commitID, _ := gitRepo.GetBranchCommitID(createFileOptions.NewBranchName)
-			latestCommit, _ := gitRepo.GetCommitByPath(treePath)
-			expectedFileResponse := getExpectedFileResponseForCreate("user2/repo1", commitID, treePath, latestCommit.ID.String())
+			lastCommit, _ := gitRepo.GetCommitByPath(treePath)
+			expectedFileResponse := getExpectedFileResponseForCreate(apiFileResponseInfo{
+				repoFullName:      "user2/repo1",
+				commitID:          commitID,
+				treePath:          treePath,
+				lastCommitSHA:     lastCommit.ID.String(),
+				lastCommitterWhen: lastCommit.Committer.When,
+				lastAuthorWhen:    lastCommit.Author.When,
+			})
 			var fileResponse api.FileResponse
 			DecodeJSON(t, resp, &fileResponse)
-			assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
-			assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
-			assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Date, fileResponse.Commit.Author.Date)
-			assert.EqualValues(t, expectedFileResponse.Commit.Committer.Email, fileResponse.Commit.Committer.Email)
-			assert.EqualValues(t, expectedFileResponse.Commit.Committer.Name, fileResponse.Commit.Committer.Name)
-			assert.EqualValues(t, expectedFileResponse.Commit.Committer.Date, fileResponse.Commit.Committer.Date)
-			gitRepo.Close()
+			normalizeFileContentResponseCommitTime(fileResponse.Content)
+			assert.Equal(t, expectedFileResponse.Content, fileResponse.Content)
+			assert.Equal(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
+			assert.Equal(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Date, fileResponse.Commit.Author.Date)
+			assert.Equal(t, expectedFileResponse.Commit.Committer.Email, fileResponse.Commit.Committer.Email)
+			assert.Equal(t, expectedFileResponse.Commit.Committer.Name, fileResponse.Commit.Committer.Name)
+			assert.Equal(t, expectedFileResponse.Commit.Committer.Date, fileResponse.Commit.Committer.Date)
 		}
 
 		// Test creating a file in a new branch
@@ -198,10 +223,10 @@ func TestAPICreateFile(t *testing.T) {
 		expectedSHA := "a635aa942442ddfdba07468cf9661c08fbdf0ebf"
 		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/new_branch/new/file%d.txt", fileID)
 		expectedDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/new/file%d.txt", fileID)
-		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
-		assert.EqualValues(t, createFileOptions.Message+"\n", fileResponse.Commit.Message)
+		assert.Equal(t, expectedSHA, fileResponse.Content.SHA)
+		assert.Equal(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.Equal(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
+		assert.Equal(t, createFileOptions.Message+"\n", fileResponse.Commit.Message)
 
 		// Test creating a file without a message
 		createFileOptions = getCreateFileOptions()
@@ -213,7 +238,7 @@ func TestAPICreateFile(t *testing.T) {
 		resp = MakeRequest(t, req, http.StatusCreated)
 		DecodeJSON(t, resp, &fileResponse)
 		expectedMessage := "Add " + treePath + "\n"
-		assert.EqualValues(t, expectedMessage, fileResponse.Commit.Message)
+		assert.Equal(t, expectedMessage, fileResponse.Commit.Message)
 
 		// Test trying to create a file that already exists, should fail
 		createFileOptions = getCreateFileOptions()
@@ -285,19 +310,27 @@ func TestAPICreateFile(t *testing.T) {
 		resp = MakeRequest(t, req, http.StatusCreated)
 		emptyRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user2", Name: "empty-repo"}) // public repo
 		gitRepo, _ := gitrepo.OpenRepository(t.Context(), emptyRepo)
+		defer gitRepo.Close()
 		commitID, _ := gitRepo.GetBranchCommitID(createFileOptions.NewBranchName)
 		latestCommit, _ := gitRepo.GetCommitByPath(treePath)
-		expectedFileResponse := getExpectedFileResponseForCreate("user2/empty-repo", commitID, treePath, latestCommit.ID.String())
+		expectedFileResponse := getExpectedFileResponseForCreate(apiFileResponseInfo{
+			repoFullName:      "user2/empty-repo",
+			commitID:          commitID,
+			treePath:          treePath,
+			lastCommitSHA:     latestCommit.ID.String(),
+			lastCommitterWhen: latestCommit.Committer.When,
+			lastAuthorWhen:    latestCommit.Author.When,
+		})
 		DecodeJSON(t, resp, &fileResponse)
-		assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
-		assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
-		assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Date, fileResponse.Commit.Author.Date)
-		assert.EqualValues(t, expectedFileResponse.Commit.Committer.Email, fileResponse.Commit.Committer.Email)
-		assert.EqualValues(t, expectedFileResponse.Commit.Committer.Name, fileResponse.Commit.Committer.Name)
-		assert.EqualValues(t, expectedFileResponse.Commit.Committer.Date, fileResponse.Commit.Committer.Date)
-		gitRepo.Close()
+		normalizeFileContentResponseCommitTime(fileResponse.Content)
+		assert.Equal(t, expectedFileResponse.Content, fileResponse.Content)
+		assert.Equal(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
+		assert.Equal(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Date, fileResponse.Commit.Author.Date)
+		assert.Equal(t, expectedFileResponse.Commit.Committer.Email, fileResponse.Commit.Committer.Email)
+		assert.Equal(t, expectedFileResponse.Commit.Committer.Name, fileResponse.Commit.Committer.Name)
+		assert.Equal(t, expectedFileResponse.Commit.Committer.Date, fileResponse.Commit.Committer.Date)
 	})
 }
diff --git a/tests/integration/api_repo_file_delete_test.go b/tests/integration/api_repo_file_delete_test.go
index 7c93307e19..9dd47f93e6 100644
--- a/tests/integration/api_repo_file_delete_test.go
+++ b/tests/integration/api_repo_file_delete_test.go
@@ -20,20 +20,22 @@ import (
 
 func getDeleteFileOptions() *api.DeleteFileOptions {
 	return &api.DeleteFileOptions{
-		FileOptions: api.FileOptions{
-			BranchName:    "master",
-			NewBranchName: "master",
-			Message:       "Removing the file new/file.txt",
-			Author: api.Identity{
-				Name:  "John Doe",
-				Email: "johndoe@example.com",
-			},
-			Committer: api.Identity{
-				Name:  "Jane Doe",
-				Email: "janedoe@example.com",
+		FileOptionsWithSHA: api.FileOptionsWithSHA{
+			FileOptions: api.FileOptions{
+				BranchName:    "master",
+				NewBranchName: "master",
+				Message:       "Removing the file new/file.txt",
+				Author: api.Identity{
+					Name:  "John Doe",
+					Email: "johndoe@example.com",
+				},
+				Committer: api.Identity{
+					Name:  "Jane Doe",
+					Email: "janedoe@example.com",
+				},
 			},
+			SHA: "103ff9234cefeee5ec5361d22b49fbb04d385885",
 		},
-		SHA: "103ff9234cefeee5ec5361d22b49fbb04d385885",
 	}
 }
 
@@ -87,7 +89,7 @@ func TestAPIDeleteFile(t *testing.T) {
 		DecodeJSON(t, resp, &fileResponse)
 		assert.NotNil(t, fileResponse)
 		assert.Nil(t, fileResponse.Content)
-		assert.EqualValues(t, deleteFileOptions.Message+"\n", fileResponse.Commit.Message)
+		assert.Equal(t, deleteFileOptions.Message+"\n", fileResponse.Commit.Message)
 
 		// Test deleting file without a message
 		fileID++
@@ -100,7 +102,7 @@ func TestAPIDeleteFile(t *testing.T) {
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &fileResponse)
 		expectedMessage := "Delete " + treePath + "\n"
-		assert.EqualValues(t, expectedMessage, fileResponse.Commit.Message)
+		assert.Equal(t, expectedMessage, fileResponse.Commit.Message)
 
 		// Test deleting a file with the wrong SHA
 		fileID++
@@ -110,7 +112,7 @@ func TestAPIDeleteFile(t *testing.T) {
 		deleteFileOptions.SHA = "badsha"
 		req = NewRequestWithJSON(t, "DELETE", fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath), &deleteFileOptions).
 			AddTokenAuth(token2)
-		MakeRequest(t, req, http.StatusBadRequest)
+		MakeRequest(t, req, http.StatusUnprocessableEntity)
 
 		// Test creating a file in repo16 by user4 who does not have write access
 		fileID++
diff --git a/tests/integration/api_repo_file_update_test.go b/tests/integration/api_repo_file_update_test.go
index c8ce94a3f5..9a56711da6 100644
--- a/tests/integration/api_repo_file_update_test.go
+++ b/tests/integration/api_repo_file_update_test.go
@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
-	"path/filepath"
+	"path"
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
@@ -18,6 +18,7 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 
 	"github.com/stretchr/testify/assert"
@@ -27,7 +28,7 @@ func getUpdateFileOptions() *api.UpdateFileOptions {
 	content := "This is updated text"
 	contentEncoded := base64.StdEncoding.EncodeToString([]byte(content))
 	return &api.UpdateFileOptions{
-		DeleteFileOptions: api.DeleteFileOptions{
+		FileOptionsWithSHA: api.FileOptionsWithSHA{
 			FileOptions: api.FileOptions{
 				BranchName:    "master",
 				NewBranchName: "master",
@@ -47,28 +48,30 @@ func getUpdateFileOptions() *api.UpdateFileOptions {
 	}
 }
 
-func getExpectedFileResponseForUpdate(commitID, treePath, lastCommitSHA string) *api.FileResponse {
+func getExpectedFileResponseForUpdate(info apiFileResponseInfo) *api.FileResponse {
 	sha := "08bd14b2e2852529157324de9c226b3364e76136"
 	encoding := "base64"
 	content := "VGhpcyBpcyB1cGRhdGVkIHRleHQ="
-	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
-	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + info.treePath + "?ref=master"
+	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + info.treePath
 	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
-	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
-	return &api.FileResponse{
+	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + info.treePath
+	ret := &api.FileResponse{
 		Content: &api.ContentsResponse{
-			Name:          filepath.Base(treePath),
-			Path:          treePath,
-			SHA:           sha,
-			LastCommitSHA: lastCommitSHA,
-			Type:          "file",
-			Size:          20,
-			Encoding:      &encoding,
-			Content:       &content,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
+			Name:              path.Base(info.treePath),
+			Path:              info.treePath,
+			SHA:               sha,
+			LastCommitSHA:     util.ToPointer(info.lastCommitSHA),
+			LastCommitterDate: util.ToPointer(info.lastCommitterWhen),
+			LastAuthorDate:    util.ToPointer(info.lastAuthorWhen),
+			Type:              "file",
+			Size:              20,
+			Encoding:          &encoding,
+			Content:           &content,
+			URL:               &selfURL,
+			HTMLURL:           &htmlURL,
+			GitURL:            &gitURL,
+			DownloadURL:       &downloadURL,
 			Links: &api.FileLinksResponse{
 				Self:    &selfURL,
 				GitURL:  &gitURL,
@@ -77,10 +80,10 @@ func getExpectedFileResponseForUpdate(commitID, treePath, lastCommitSHA string)
 		},
 		Commit: &api.FileCommitResponse{
 			CommitMeta: api.CommitMeta{
-				URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,
-				SHA: commitID,
+				URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + info.commitID,
+				SHA: info.commitID,
 			},
-			HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,
+			HTMLURL: setting.AppURL + "user2/repo1/commit/" + info.commitID,
 			Author: &api.CommitUser{
 				Identity: api.Identity{
 					Name:  "John Doe",
@@ -102,6 +105,8 @@ func getExpectedFileResponseForUpdate(commitID, treePath, lastCommitSHA string)
 			Payload:   "",
 		},
 	}
+	normalizeFileContentResponseCommitTime(ret.Content)
+	return ret
 }
 
 func TestAPIUpdateFile(t *testing.T) {
@@ -135,17 +140,24 @@ func TestAPIUpdateFile(t *testing.T) {
 				AddTokenAuth(token2)
 			resp := MakeRequest(t, req, http.StatusOK)
 			gitRepo, _ := gitrepo.OpenRepository(t.Context(), repo1)
+			defer gitRepo.Close()
 			commitID, _ := gitRepo.GetBranchCommitID(updateFileOptions.NewBranchName)
 			lasCommit, _ := gitRepo.GetCommitByPath(treePath)
-			expectedFileResponse := getExpectedFileResponseForUpdate(commitID, treePath, lasCommit.ID.String())
+			expectedFileResponse := getExpectedFileResponseForUpdate(apiFileResponseInfo{
+				commitID:          commitID,
+				treePath:          treePath,
+				lastCommitSHA:     lasCommit.ID.String(),
+				lastCommitterWhen: lasCommit.Committer.When,
+				lastAuthorWhen:    lasCommit.Author.When,
+			})
 			var fileResponse api.FileResponse
 			DecodeJSON(t, resp, &fileResponse)
-			assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
-			assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
-			assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
-			gitRepo.Close()
+			normalizeFileContentResponseCommitTime(fileResponse.Content)
+			assert.Equal(t, expectedFileResponse.Content, fileResponse.Content)
+			assert.Equal(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
+			assert.Equal(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
 		}
 
 		// Test updating a file in a new branch
@@ -163,10 +175,10 @@ func TestAPIUpdateFile(t *testing.T) {
 		expectedSHA := "08bd14b2e2852529157324de9c226b3364e76136"
 		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/new_branch/update/file%d.txt", fileID)
 		expectedDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/update/file%d.txt", fileID)
-		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
-		assert.EqualValues(t, updateFileOptions.Message+"\n", fileResponse.Commit.Message)
+		assert.Equal(t, expectedSHA, fileResponse.Content.SHA)
+		assert.Equal(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.Equal(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
+		assert.Equal(t, updateFileOptions.Message+"\n", fileResponse.Commit.Message)
 
 		// Test updating a file and renaming it
 		updateFileOptions = getUpdateFileOptions()
@@ -183,9 +195,9 @@ func TestAPIUpdateFile(t *testing.T) {
 		expectedSHA = "08bd14b2e2852529157324de9c226b3364e76136"
 		expectedHTMLURL = fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/master/rename/update/file%d.txt", fileID)
 		expectedDownloadURL = fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/master/rename/update/file%d.txt", fileID)
-		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
+		assert.Equal(t, expectedSHA, fileResponse.Content.SHA)
+		assert.Equal(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.Equal(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
 
 		// Test updating a file without a message
 		updateFileOptions = getUpdateFileOptions()
@@ -199,7 +211,7 @@ func TestAPIUpdateFile(t *testing.T) {
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &fileResponse)
 		expectedMessage := "Update " + treePath + "\n"
-		assert.EqualValues(t, expectedMessage, fileResponse.Commit.Message)
+		assert.Equal(t, expectedMessage, fileResponse.Commit.Message)
 
 		// Test updating a file with the wrong SHA
 		fileID++
diff --git a/tests/integration/api_repo_files_change_test.go b/tests/integration/api_repo_files_change_test.go
index aca58025d2..999bcdc680 100644
--- a/tests/integration/api_repo_files_change_test.go
+++ b/tests/integration/api_repo_files_change_test.go
@@ -77,51 +77,56 @@ func TestAPIChangeFiles(t *testing.T) {
 		token4 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
 
 		// Test changing files in repo1 which user2 owns, try both with branch and empty branch
-		for _, branch := range [...]string{
-			"master", // Branch
-			"",       // Empty branch
-		} {
-			fileID++
-			createTreePath := fmt.Sprintf("new/file%d.txt", fileID)
-			updateTreePath := fmt.Sprintf("update/file%d.txt", fileID)
-			deleteTreePath := fmt.Sprintf("delete/file%d.txt", fileID)
-			createFile(user2, repo1, updateTreePath)
-			createFile(user2, repo1, deleteTreePath)
-			changeFilesOptions := getChangeFilesOptions()
-			changeFilesOptions.BranchName = branch
-			changeFilesOptions.Files[0].Path = createTreePath
-			changeFilesOptions.Files[1].Path = updateTreePath
-			changeFilesOptions.Files[2].Path = deleteTreePath
-			req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/contents", user2.Name, repo1.Name), &changeFilesOptions).
-				AddTokenAuth(token2)
-			resp := MakeRequest(t, req, http.StatusCreated)
-			gitRepo, _ := gitrepo.OpenRepository(t.Context(), repo1)
-			commitID, _ := gitRepo.GetBranchCommitID(changeFilesOptions.NewBranchName)
-			createLasCommit, _ := gitRepo.GetCommitByPath(createTreePath)
-			updateLastCommit, _ := gitRepo.GetCommitByPath(updateTreePath)
-			expectedCreateFileResponse := getExpectedFileResponseForCreate(fmt.Sprintf("%v/%v", user2.Name, repo1.Name), commitID, createTreePath, createLasCommit.ID.String())
-			expectedUpdateFileResponse := getExpectedFileResponseForUpdate(commitID, updateTreePath, updateLastCommit.ID.String())
-			var filesResponse api.FilesResponse
-			DecodeJSON(t, resp, &filesResponse)
-
-			// check create file
-			assert.EqualValues(t, expectedCreateFileResponse.Content, filesResponse.Files[0])
-
-			// check update file
-			assert.EqualValues(t, expectedUpdateFileResponse.Content, filesResponse.Files[1])
-
-			// test commit info
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.SHA, filesResponse.Commit.SHA)
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.Committer.Email, filesResponse.Commit.Committer.Email)
-			assert.EqualValues(t, expectedCreateFileResponse.Commit.Committer.Name, filesResponse.Commit.Committer.Name)
-
-			// test delete file
-			assert.Nil(t, filesResponse.Files[2])
-
-			gitRepo.Close()
+		for _, branch := range []string{"master", ""} {
+			t.Run("Branch-"+branch, func(t *testing.T) {
+				fileID++
+				createTreePath := fmt.Sprintf("new/file%d.txt", fileID)
+				updateTreePath := fmt.Sprintf("update/file%d.txt", fileID)
+				deleteTreePath := fmt.Sprintf("delete/file%d.txt", fileID)
+				_, _ = createFile(user2, repo1, updateTreePath)
+				_, _ = createFile(user2, repo1, deleteTreePath)
+				changeFilesOptions := getChangeFilesOptions()
+				changeFilesOptions.BranchName = branch
+				changeFilesOptions.Files[0].Path = createTreePath
+				changeFilesOptions.Files[1].Path = updateTreePath
+				changeFilesOptions.Files[2].Path = deleteTreePath
+				req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/contents", user2.Name, repo1.Name), &changeFilesOptions).
+					AddTokenAuth(token2)
+				resp := MakeRequest(t, req, http.StatusCreated)
+				gitRepo, _ := gitrepo.OpenRepository(t.Context(), repo1)
+				defer gitRepo.Close()
+				commitID, _ := gitRepo.GetBranchCommitID(changeFilesOptions.NewBranchName)
+				createLasCommit, _ := gitRepo.GetCommitByPath(createTreePath)
+				updateLastCommit, _ := gitRepo.GetCommitByPath(updateTreePath)
+				expectedCreateFileResponse := getExpectedFileResponseForCreate(apiFileResponseInfo{
+					repoFullName:      fmt.Sprintf("%s/%s", user2.Name, repo1.Name),
+					commitID:          commitID,
+					treePath:          createTreePath,
+					lastCommitSHA:     createLasCommit.ID.String(),
+					lastCommitterWhen: createLasCommit.Committer.When,
+					lastAuthorWhen:    createLasCommit.Author.When,
+				})
+				expectedUpdateFileResponse := getExpectedFileResponseForUpdate(apiFileResponseInfo{
+					commitID:          commitID,
+					treePath:          updateTreePath,
+					lastCommitSHA:     updateLastCommit.ID.String(),
+					lastCommitterWhen: updateLastCommit.Committer.When,
+					lastAuthorWhen:    updateLastCommit.Author.When,
+				})
+				var filesResponse api.FilesResponse
+				DecodeJSON(t, resp, &filesResponse)
+				normalizeFileContentResponseCommitTime(filesResponse.Files[0])
+				normalizeFileContentResponseCommitTime(filesResponse.Files[1])
+				assert.Equal(t, expectedCreateFileResponse.Content, filesResponse.Files[0]) // check create file
+				assert.Equal(t, expectedUpdateFileResponse.Content, filesResponse.Files[1]) // check update file
+				assert.Equal(t, expectedCreateFileResponse.Commit.SHA, filesResponse.Commit.SHA)
+				assert.Equal(t, expectedCreateFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
+				assert.Equal(t, expectedCreateFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
+				assert.Equal(t, expectedCreateFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
+				assert.Equal(t, expectedCreateFileResponse.Commit.Committer.Email, filesResponse.Commit.Committer.Email)
+				assert.Equal(t, expectedCreateFileResponse.Commit.Committer.Name, filesResponse.Commit.Committer.Name)
+				assert.Nil(t, filesResponse.Files[2]) // test delete file
+			})
 		}
 
 		// Test changing files in a new branch
@@ -149,15 +154,15 @@ func TestAPIChangeFiles(t *testing.T) {
 		expectedUpdateSHA := "08bd14b2e2852529157324de9c226b3364e76136"
 		expectedUpdateHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/new_branch/update/file%d.txt", fileID)
 		expectedUpdateDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/update/file%d.txt", fileID)
-		assert.EqualValues(t, expectedCreateSHA, filesResponse.Files[0].SHA)
-		assert.EqualValues(t, expectedCreateHTMLURL, *filesResponse.Files[0].HTMLURL)
-		assert.EqualValues(t, expectedCreateDownloadURL, *filesResponse.Files[0].DownloadURL)
-		assert.EqualValues(t, expectedUpdateSHA, filesResponse.Files[1].SHA)
-		assert.EqualValues(t, expectedUpdateHTMLURL, *filesResponse.Files[1].HTMLURL)
-		assert.EqualValues(t, expectedUpdateDownloadURL, *filesResponse.Files[1].DownloadURL)
+		assert.Equal(t, expectedCreateSHA, filesResponse.Files[0].SHA)
+		assert.Equal(t, expectedCreateHTMLURL, *filesResponse.Files[0].HTMLURL)
+		assert.Equal(t, expectedCreateDownloadURL, *filesResponse.Files[0].DownloadURL)
+		assert.Equal(t, expectedUpdateSHA, filesResponse.Files[1].SHA)
+		assert.Equal(t, expectedUpdateHTMLURL, *filesResponse.Files[1].HTMLURL)
+		assert.Equal(t, expectedUpdateDownloadURL, *filesResponse.Files[1].DownloadURL)
 		assert.Nil(t, filesResponse.Files[2])
 
-		assert.EqualValues(t, changeFilesOptions.Message+"\n", filesResponse.Commit.Message)
+		assert.Equal(t, changeFilesOptions.Message+"\n", filesResponse.Commit.Message)
 
 		// Test updating a file and renaming it
 		changeFilesOptions = getChangeFilesOptions()
@@ -175,9 +180,9 @@ func TestAPIChangeFiles(t *testing.T) {
 		expectedUpdateSHA = "08bd14b2e2852529157324de9c226b3364e76136"
 		expectedUpdateHTMLURL = fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/master/rename/update/file%d.txt", fileID)
 		expectedUpdateDownloadURL = fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/master/rename/update/file%d.txt", fileID)
-		assert.EqualValues(t, expectedUpdateSHA, filesResponse.Files[0].SHA)
-		assert.EqualValues(t, expectedUpdateHTMLURL, *filesResponse.Files[0].HTMLURL)
-		assert.EqualValues(t, expectedUpdateDownloadURL, *filesResponse.Files[0].DownloadURL)
+		assert.Equal(t, expectedUpdateSHA, filesResponse.Files[0].SHA)
+		assert.Equal(t, expectedUpdateHTMLURL, *filesResponse.Files[0].HTMLURL)
+		assert.Equal(t, expectedUpdateDownloadURL, *filesResponse.Files[0].DownloadURL)
 
 		// Test updating a file without a message
 		changeFilesOptions = getChangeFilesOptions()
@@ -197,7 +202,7 @@ func TestAPIChangeFiles(t *testing.T) {
 		resp = MakeRequest(t, req, http.StatusCreated)
 		DecodeJSON(t, resp, &filesResponse)
 		expectedMessage := fmt.Sprintf("Add %v\nUpdate %v\nDelete %v\n", createTreePath, updateTreePath, deleteTreePath)
-		assert.EqualValues(t, expectedMessage, filesResponse.Commit.Message)
+		assert.Equal(t, expectedMessage, filesResponse.Commit.Message)
 
 		// Test updating a file with the wrong SHA
 		fileID++
diff --git a/tests/integration/api_repo_files_get_test.go b/tests/integration/api_repo_files_get_test.go
new file mode 100644
index 0000000000..a4ded7da3f
--- /dev/null
+++ b/tests/integration/api_repo_files_get_test.go
@@ -0,0 +1,157 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestAPIGetRequestedFiles(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})         // owner of the repo1 & repo16
+	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})          // owner of the repo3, is an org
+	user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})         // owner of neither repos
+	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})   // public repo
+	repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3})   // public repo
+	repo16 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 16}) // private repo
+
+	// Get user2's token
+	session := loginUser(t, user2.Name)
+	token2 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+	// Get user4's token
+	session = loginUser(t, user4.Name)
+	token4 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+	gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo1)
+	assert.NoError(t, err)
+	defer gitRepo.Close()
+	lastCommit, _ := gitRepo.GetCommitByPath("README.md")
+
+	requestFiles := func(t *testing.T, url string, files []string, expectedStatusCode ...int) (ret []*api.ContentsResponse) {
+		req := NewRequestWithJSON(t, "POST", url, &api.GetFilesOptions{Files: files})
+		resp := MakeRequest(t, req, util.OptionalArg(expectedStatusCode, http.StatusOK))
+		if resp.Code != http.StatusOK {
+			return nil
+		}
+		DecodeJSON(t, resp, &ret)
+		return ret
+	}
+
+	t.Run("User2Get", func(t *testing.T) {
+		reqBodyOpt := &api.GetFilesOptions{Files: []string{"README.md"}}
+		reqBodyParam, _ := json.Marshal(reqBodyOpt)
+		req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/file-contents?body="+url.QueryEscape(string(reqBodyParam)))
+		resp := MakeRequest(t, req, http.StatusOK)
+		var ret []*api.ContentsResponse
+		DecodeJSON(t, resp, &ret)
+		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}
+		assert.Equal(t, expected, ret)
+	})
+	t.Run("User2NoRef", func(t *testing.T) {
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents", []string{"README.md"})
+		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}
+		assert.Equal(t, expected, ret)
+	})
+	t.Run("User2RefBranch", func(t *testing.T) {
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=master", []string{"README.md"})
+		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}
+		assert.Equal(t, expected, ret)
+	})
+	t.Run("User2RefTag", func(t *testing.T) {
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=v1.1", []string{"README.md"})
+		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents("v1.1", "tag", lastCommit.ID.String())}
+		assert.Equal(t, expected, ret)
+	})
+	t.Run("User2RefCommit", func(t *testing.T) {
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=65f1bf27bc3bf70f64657658635e66094edbcb4d", []string{"README.md"})
+		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents("65f1bf27bc3bf70f64657658635e66094edbcb4d", "commit", lastCommit.ID.String())}
+		assert.Equal(t, expected, ret)
+	})
+	t.Run("User2RefNotExist", func(t *testing.T) {
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=not-exist", []string{"README.md"}, http.StatusNotFound)
+		assert.Empty(t, ret)
+	})
+
+	t.Run("PermissionCheck", func(t *testing.T) {
+		filesOptions := &api.GetFilesOptions{Files: []string{"README.md"}}
+		// Test accessing private ref with user token that does not have access - should fail
+		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", user2.Name, repo16.Name), &filesOptions).AddTokenAuth(token4)
+		MakeRequest(t, req, http.StatusNotFound)
+		// Test access private ref of owner of token
+		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", user2.Name, repo16.Name), &filesOptions).AddTokenAuth(token2)
+		MakeRequest(t, req, http.StatusOK)
+		// Test access of org org3 private repo file by owner user2
+		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", org3.Name, repo3.Name), &filesOptions).AddTokenAuth(token2)
+		MakeRequest(t, req, http.StatusOK)
+	})
+
+	t.Run("ResponseList", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.API.DefaultPagingNum)()
+		defer test.MockVariableValue(&setting.API.DefaultMaxBlobSize)()
+		defer test.MockVariableValue(&setting.API.DefaultMaxResponseSize)()
+
+		type expected struct {
+			Name       string
+			HasContent bool
+		}
+		assertResponse := func(t *testing.T, expected []*expected, ret []*api.ContentsResponse) {
+			require.Len(t, ret, len(expected))
+			for i, e := range expected {
+				if e == nil {
+					assert.Nil(t, ret[i], "item %d", i)
+					continue
+				}
+				assert.Equal(t, e.Name, ret[i].Name, "item %d name", i)
+				if e.HasContent {
+					require.NotNil(t, ret[i].Content, "item %d content", i)
+					assert.NotEmpty(t, *ret[i].Content, "item %d content", i)
+				} else {
+					assert.Nil(t, ret[i].Content, "item %d content", i)
+				}
+			}
+		}
+
+		// repo1 "DefaultBranch" has 2 files: LICENSE (1064 bytes), README.md (30 bytes)
+		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})
+		assertResponse(t, []*expected{nil, {"LICENSE", true}, {"README.md", true}}, ret)
+
+		// the returned file list is limited by the DefaultPagingNum
+		setting.API.DefaultPagingNum = 2
+		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})
+		assertResponse(t, []*expected{nil, {"LICENSE", true}}, ret)
+		setting.API.DefaultPagingNum = 100
+
+		// if a file exceeds the DefaultMaxBlobSize, the content is not returned
+		setting.API.DefaultMaxBlobSize = 200
+		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})
+		assertResponse(t, []*expected{nil, {"LICENSE", false}, {"README.md", true}}, ret)
+		setting.API.DefaultMaxBlobSize = 20000
+
+		// if the total response size would exceed the DefaultMaxResponseSize, then the list stops
+		setting.API.DefaultMaxResponseSize = ret[1].Size*4/3 + 10
+		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})
+		assertResponse(t, []*expected{nil, {"LICENSE", true}}, ret)
+		setting.API.DefaultMaxBlobSize = 20000
+	})
+}
diff --git a/tests/integration/api_repo_get_contents_list_test.go b/tests/integration/api_repo_get_contents_list_test.go
index 1ba74490a3..563d6fcc10 100644
--- a/tests/integration/api_repo_get_contents_list_test.go
+++ b/tests/integration/api_repo_get_contents_list_test.go
@@ -6,8 +6,9 @@ package integration
 import (
 	"net/http"
 	"net/url"
-	"path/filepath"
+	"path"
 	"testing"
+	"time"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -17,6 +18,7 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	repo_service "code.gitea.io/gitea/services/repository"
 
 	"github.com/stretchr/testify/assert"
@@ -31,16 +33,18 @@ func getExpectedContentsListResponseForContents(ref, refType, lastCommitSHA stri
 	downloadURL := setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath
 	return []*api.ContentsResponse{
 		{
-			Name:          filepath.Base(treePath),
-			Path:          treePath,
-			SHA:           sha,
-			LastCommitSHA: lastCommitSHA,
-			Type:          "file",
-			Size:          30,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
+			Name:              path.Base(treePath),
+			Path:              treePath,
+			SHA:               sha,
+			LastCommitSHA:     util.ToPointer(lastCommitSHA),
+			LastCommitterDate: util.ToPointer(time.Date(2017, time.March, 19, 16, 47, 59, 0, time.FixedZone("", -14400))),
+			LastAuthorDate:    util.ToPointer(time.Date(2017, time.March, 19, 16, 47, 59, 0, time.FixedZone("", -14400))),
+			Type:              "file",
+			Size:              30,
+			URL:               &selfURL,
+			HTMLURL:           &htmlURL,
+			GitURL:            &gitURL,
+			DownloadURL:       &downloadURL,
 			Links: &api.FileLinksResponse{
 				Self:    &selfURL,
 				GitURL:  &gitURL,
@@ -62,7 +66,6 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})   // public repo
 	repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3})   // public repo
 	repo16 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 16}) // private repo
-	treePath := ""                                                                // root dir
 
 	// Get user2's token
 	session := loginUser(t, user2.Name)
@@ -91,7 +94,7 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 	// ref is default ref
 	ref := repo1.DefaultBranch
 	refType := "branch"
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents?ref=%s", user2.Name, repo1.Name, ref)
 	resp := MakeRequest(t, req, http.StatusOK)
 	var contentsListResponse []*api.ContentsResponse
 	DecodeJSON(t, resp, &contentsListResponse)
@@ -99,22 +102,22 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 	lastCommit, err := gitRepo.GetCommitByPath("README.md")
 	assert.NoError(t, err)
 	expectedContentsListResponse := getExpectedContentsListResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+	assert.Equal(t, expectedContentsListResponse, contentsListResponse)
 
 	// No ref
 	refType = "branch"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/", user2.Name, repo1.Name)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsListResponse)
 	assert.NotNil(t, contentsListResponse)
 
 	expectedContentsListResponse = getExpectedContentsListResponseForContents(repo1.DefaultBranch, refType, lastCommit.ID.String())
-	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+	assert.Equal(t, expectedContentsListResponse, contentsListResponse)
 
 	// ref is the branch we created above in setup
 	ref = newBranch
 	refType = "branch"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents?ref=%s", user2.Name, repo1.Name, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsListResponse)
 	assert.NotNil(t, contentsListResponse)
@@ -123,12 +126,12 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 	lastCommit, err = branchCommit.GetCommitByPath("README.md")
 	assert.NoError(t, err)
 	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+	assert.Equal(t, expectedContentsListResponse, contentsListResponse)
 
 	// ref is the new tag we created above in setup
 	ref = newTag
 	refType = "tag"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/?ref=%s", user2.Name, repo1.Name, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsListResponse)
 	assert.NotNil(t, contentsListResponse)
@@ -137,35 +140,35 @@ func testAPIGetContentsList(t *testing.T, u *url.URL) {
 	lastCommit, err = tagCommit.GetCommitByPath("README.md")
 	assert.NoError(t, err)
 	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+	assert.Equal(t, expectedContentsListResponse, contentsListResponse)
 
 	// ref is a commit
 	ref = commitID
 	refType = "commit"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/?ref=%s", user2.Name, repo1.Name, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsListResponse)
 	assert.NotNil(t, contentsListResponse)
 	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType, commitID)
-	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+	assert.Equal(t, expectedContentsListResponse, contentsListResponse)
 
 	// Test file contents a file with a bad ref
 	ref = "badref"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/?ref=%s", user2.Name, repo1.Name, ref)
 	MakeRequest(t, req, http.StatusNotFound)
 
 	// Test accessing private ref with user token that does not have access - should fail
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo16.Name, treePath).
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/", user2.Name, repo16.Name).
 		AddTokenAuth(token4)
 	MakeRequest(t, req, http.StatusNotFound)
 
 	// Test access private ref of owner of token
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/readme.md", user2.Name, repo16.Name).
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/", user2.Name, repo16.Name).
 		AddTokenAuth(token2)
 	MakeRequest(t, req, http.StatusOK)
 
 	// Test access of org org3 private repo file by owner user2
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", org3.Name, repo3.Name, treePath).
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/", org3.Name, repo3.Name).
 		AddTokenAuth(token2)
 	MakeRequest(t, req, http.StatusOK)
 }
diff --git a/tests/integration/api_repo_get_contents_test.go b/tests/integration/api_repo_get_contents_test.go
index d0f61da0c0..33df74f6ee 100644
--- a/tests/integration/api_repo_get_contents_test.go
+++ b/tests/integration/api_repo_get_contents_test.go
@@ -7,7 +7,9 @@ import (
 	"io"
 	"net/http"
 	"net/url"
+	"slices"
 	"testing"
+	"time"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -17,34 +19,33 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	repo_service "code.gitea.io/gitea/services/repository"
-	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func getExpectedContentsResponseForContents(ref, refType, lastCommitSHA string) *api.ContentsResponse {
 	treePath := "README.md"
-	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
-	encoding := "base64"
-	content := "IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"
 	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=" + ref
 	htmlURL := setting.AppURL + "user2/repo1/src/" + refType + "/" + ref + "/" + treePath
-	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
-	downloadURL := setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/4b4851ad51df6a7d9f25c979345979eaeb5b349f"
 	return &api.ContentsResponse{
-		Name:          treePath,
-		Path:          treePath,
-		SHA:           sha,
-		LastCommitSHA: lastCommitSHA,
-		Type:          "file",
-		Size:          30,
-		Encoding:      &encoding,
-		Content:       &content,
-		URL:           &selfURL,
-		HTMLURL:       &htmlURL,
-		GitURL:        &gitURL,
-		DownloadURL:   &downloadURL,
+		Name:              treePath,
+		Path:              treePath,
+		SHA:               "4b4851ad51df6a7d9f25c979345979eaeb5b349f",
+		LastCommitSHA:     util.ToPointer(lastCommitSHA),
+		LastCommitterDate: util.ToPointer(time.Date(2017, time.March, 19, 16, 47, 59, 0, time.FixedZone("", -14400))),
+		LastAuthorDate:    util.ToPointer(time.Date(2017, time.March, 19, 16, 47, 59, 0, time.FixedZone("", -14400))),
+		Type:              "file",
+		Size:              30,
+		Encoding:          util.ToPointer("base64"),
+		Content:           util.ToPointer("IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"),
+		URL:               &selfURL,
+		HTMLURL:           &htmlURL,
+		GitURL:            &gitURL,
+		DownloadURL:       util.ToPointer(setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath),
 		Links: &api.FileLinksResponse{
 			Self:    &selfURL,
 			GitURL:  &gitURL,
@@ -54,7 +55,11 @@ func getExpectedContentsResponseForContents(ref, refType, lastCommitSHA string)
 }
 
 func TestAPIGetContents(t *testing.T) {
-	onGiteaRun(t, testAPIGetContents)
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		testAPIGetContentsRefFormats(t)
+		testAPIGetContents(t, u)
+		testAPIGetContentsExt(t)
+	})
 }
 
 func testAPIGetContents(t *testing.T, u *url.URL) {
@@ -76,54 +81,56 @@ func testAPIGetContents(t *testing.T, u *url.URL) {
 
 	// Get the commit ID of the default branch
 	gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo1)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	defer gitRepo.Close()
 
 	// Make a new branch in repo1
 	newBranch := "test_branch"
 	err = repo_service.CreateNewBranch(git.DefaultContext, user2, repo1, gitRepo, repo1.DefaultBranch, newBranch)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 
 	commitID, err := gitRepo.GetBranchCommitID(repo1.DefaultBranch)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	// Make a new tag in repo1
 	newTag := "test_tag"
 	err = gitRepo.CreateTag(newTag, commitID)
-	assert.NoError(t, err)
+	require.NoError(t, err)
 	/*** END SETUP ***/
 
+	// not found
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/no-such/file.md", user2.Name, repo1.Name)
+	resp := MakeRequest(t, req, http.StatusNotFound)
+	assert.Contains(t, resp.Body.String(), "object does not exist [id: , rel_path: no-such]")
+
 	// ref is default ref
 	ref := repo1.DefaultBranch
 	refType := "branch"
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
-	resp := MakeRequest(t, req, http.StatusOK)
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = MakeRequest(t, req, http.StatusOK)
 	var contentsResponse api.ContentsResponse
 	DecodeJSON(t, resp, &contentsResponse)
-	assert.NotNil(t, contentsResponse)
 	lastCommit, _ := gitRepo.GetCommitByPath("README.md")
 	expectedContentsResponse := getExpectedContentsResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+	assert.Equal(t, *expectedContentsResponse, contentsResponse)
 
 	// No ref
 	refType = "branch"
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsResponse)
-	assert.NotNil(t, contentsResponse)
 	expectedContentsResponse = getExpectedContentsResponseForContents(repo1.DefaultBranch, refType, lastCommit.ID.String())
-	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+	assert.Equal(t, *expectedContentsResponse, contentsResponse)
 
-	// ref is the branch we created above  in setup
+	// ref is the branch we created above in setup
 	ref = newBranch
 	refType = "branch"
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsResponse)
-	assert.NotNil(t, contentsResponse)
 	branchCommit, _ := gitRepo.GetBranchCommit(ref)
 	lastCommit, _ = branchCommit.GetCommitByPath("README.md")
 	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+	assert.Equal(t, *expectedContentsResponse, contentsResponse)
 
 	// ref is the new tag we created above in setup
 	ref = newTag
@@ -131,11 +138,10 @@ func testAPIGetContents(t *testing.T, u *url.URL) {
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsResponse)
-	assert.NotNil(t, contentsResponse)
 	tagCommit, _ := gitRepo.GetTagCommit(ref)
 	lastCommit, _ = tagCommit.GetCommitByPath("README.md")
 	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType, lastCommit.ID.String())
-	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+	assert.Equal(t, *expectedContentsResponse, contentsResponse)
 
 	// ref is a commit
 	ref = commitID
@@ -143,9 +149,8 @@ func testAPIGetContents(t *testing.T, u *url.URL) {
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &contentsResponse)
-	assert.NotNil(t, contentsResponse)
 	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType, commitID)
-	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+	assert.Equal(t, *expectedContentsResponse, contentsResponse)
 
 	// Test file contents a file with a bad ref
 	ref = "badref"
@@ -168,9 +173,7 @@ func testAPIGetContents(t *testing.T, u *url.URL) {
 	MakeRequest(t, req, http.StatusOK)
 }
 
-func TestAPIGetContentsRefFormats(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
+func testAPIGetContentsRefFormats(t *testing.T) {
 	file := "README.md"
 	sha := "65f1bf27bc3bf70f64657658635e66094edbcb4d"
 	content := "# repo1\n\nDescription for repo1"
@@ -178,22 +181,22 @@ func TestAPIGetContentsRefFormats(t *testing.T) {
 	resp := MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/"+file), http.StatusOK)
 	raw, err := io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, content, string(raw))
+	assert.Equal(t, content, string(raw))
 
 	resp = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/"+sha+"/"+file), http.StatusOK)
 	raw, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, content, string(raw))
+	assert.Equal(t, content, string(raw))
 
 	resp = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/"+file+"?ref="+sha), http.StatusOK)
 	raw, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, content, string(raw))
+	assert.Equal(t, content, string(raw))
 
 	resp = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/"+file+"?ref=master"), http.StatusOK)
 	raw, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, content, string(raw))
+	assert.Equal(t, content, string(raw))
 
 	_ = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/docs/README.md?ref=main"), http.StatusNotFound)
 	_ = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/README.md?ref=main"), http.StatusOK)
@@ -203,3 +206,98 @@ func TestAPIGetContentsRefFormats(t *testing.T) {
 	// FIXME: this is an incorrect behavior, non-existing branch falls back to default branch
 	_ = MakeRequest(t, NewRequest(t, http.MethodGet, "/api/v1/repos/user2/repo1/raw/README.md?ref=no-such"), http.StatusOK)
 }
+
+func testAPIGetContentsExt(t *testing.T) {
+	session := loginUser(t, "user2")
+	token2 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+	t.Run("DirContents", func(t *testing.T) {
+		req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext?ref=sub-home-md-img-check")
+		resp := MakeRequest(t, req, http.StatusOK)
+		var contentsResponse api.ContentsExtResponse
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.FileContents)
+		assert.NotNil(t, contentsResponse.DirContents)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext/.?ref=sub-home-md-img-check")
+		resp = MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.FileContents)
+		assert.NotNil(t, contentsResponse.DirContents)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext/docs?ref=sub-home-md-img-check")
+		resp = MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.FileContents)
+		assert.Equal(t, "README.md", contentsResponse.DirContents[0].Name)
+		assert.Nil(t, contentsResponse.DirContents[0].Encoding)
+		assert.Nil(t, contentsResponse.DirContents[0].Content)
+		assert.Nil(t, contentsResponse.DirContents[0].LastCommitSHA)
+		assert.Nil(t, contentsResponse.DirContents[0].LastCommitMessage)
+
+		// "includes=file_content" shouldn't affect directory listing
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext/docs?ref=sub-home-md-img-check&includes=file_content")
+		resp = MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.FileContents)
+		assert.Equal(t, "README.md", contentsResponse.DirContents[0].Name)
+		assert.Nil(t, contentsResponse.DirContents[0].Encoding)
+		assert.Nil(t, contentsResponse.DirContents[0].Content)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/lfs/contents-ext?includes=file_content,lfs_metadata").AddTokenAuth(token2)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.FileContents)
+		respFileIdx := slices.IndexFunc(contentsResponse.DirContents, func(response *api.ContentsResponse) bool { return response.Name == "jpeg.jpg" })
+		require.NotEqual(t, -1, respFileIdx)
+		respFile := contentsResponse.DirContents[respFileIdx]
+		assert.Equal(t, "jpeg.jpg", respFile.Name)
+		assert.Nil(t, respFile.Encoding)
+		assert.Nil(t, respFile.Content)
+		assert.Equal(t, util.ToPointer(int64(107)), respFile.LfsSize)
+		assert.Equal(t, util.ToPointer("0b8d8b5f15046343fd32f451df93acc2bdd9e6373be478b968e4cad6b6647351"), respFile.LfsOid)
+	})
+	t.Run("FileContents", func(t *testing.T) {
+		// by default, no file content or commit info is returned
+		req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext/docs/README.md?ref=sub-home-md-img-check")
+		resp := MakeRequest(t, req, http.StatusOK)
+		var contentsResponse api.ContentsExtResponse
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.DirContents)
+		assert.Equal(t, "README.md", contentsResponse.FileContents.Name)
+		assert.Nil(t, contentsResponse.FileContents.Encoding)
+		assert.Nil(t, contentsResponse.FileContents.Content)
+		assert.Nil(t, contentsResponse.FileContents.LastCommitSHA)
+		assert.Nil(t, contentsResponse.FileContents.LastCommitMessage)
+
+		// file content is only returned when `includes=file_content`
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/contents-ext/docs/README.md?ref=sub-home-md-img-check&includes=file_content,commit_metadata,commit_message")
+		resp = MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.DirContents)
+		assert.Equal(t, "README.md", contentsResponse.FileContents.Name)
+		assert.NotNil(t, contentsResponse.FileContents.Encoding)
+		assert.NotNil(t, contentsResponse.FileContents.Content)
+		assert.Equal(t, "4649299398e4d39a5c09eb4f534df6f1e1eb87cc", *contentsResponse.FileContents.LastCommitSHA)
+		assert.Equal(t, "Test how READMEs render images when found in a subfolder\n", *contentsResponse.FileContents.LastCommitMessage)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/user2/lfs/contents-ext/jpeg.jpg?includes=file_content").AddTokenAuth(token2)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		contentsResponse = api.ContentsExtResponse{}
+		DecodeJSON(t, resp, &contentsResponse)
+		assert.Nil(t, contentsResponse.DirContents)
+		assert.NotNil(t, contentsResponse.FileContents)
+		respFile := contentsResponse.FileContents
+		assert.Equal(t, "jpeg.jpg", respFile.Name)
+		assert.NotNil(t, respFile.Encoding)
+		assert.NotNil(t, respFile.Content)
+		assert.Nil(t, contentsResponse.FileContents.LastCommitSHA)
+		assert.Nil(t, contentsResponse.FileContents.LastCommitMessage)
+		assert.Equal(t, util.ToPointer(int64(107)), respFile.LfsSize)
+		assert.Equal(t, util.ToPointer("0b8d8b5f15046343fd32f451df93acc2bdd9e6373be478b968e4cad6b6647351"), respFile.LfsOid)
+	})
+}
diff --git a/tests/integration/api_repo_git_blobs_test.go b/tests/integration/api_repo_git_blobs_test.go
index 9c4be31396..d4274bdb40 100644
--- a/tests/integration/api_repo_git_blobs_test.go
+++ b/tests/integration/api_repo_git_blobs_test.go
@@ -41,7 +41,7 @@ func TestAPIReposGitBlobs(t *testing.T) {
 	DecodeJSON(t, resp, &gitBlobResponse)
 	assert.NotNil(t, gitBlobResponse)
 	expectedContent := "dHJlZSAyYTJmMWQ0NjcwNzI4YTJlMTAwNDllMzQ1YmQ3YTI3NjQ2OGJlYWI2CmF1dGhvciB1c2VyMSA8YWRkcmVzczFAZXhhbXBsZS5jb20+IDE0ODk5NTY0NzkgLTA0MDAKY29tbWl0dGVyIEV0aGFuIEtvZW5pZyA8ZXRoYW50a29lbmlnQGdtYWlsLmNvbT4gMTQ4OTk1NjQ3OSAtMDQwMAoKSW5pdGlhbCBjb21taXQK"
-	assert.Equal(t, expectedContent, gitBlobResponse.Content)
+	assert.Equal(t, expectedContent, *gitBlobResponse.Content)
 
 	// Tests a private repo with no token so will fail
 	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/blobs/%s", user2.Name, repo16.Name, repo16ReadmeSHA)
diff --git a/tests/integration/api_repo_git_commits_test.go b/tests/integration/api_repo_git_commits_test.go
index c4c626eb49..a1584d4629 100644
--- a/tests/integration/api_repo_git_commits_test.go
+++ b/tests/integration/api_repo_git_commits_test.go
@@ -72,12 +72,12 @@ func TestAPIReposGitCommitList(t *testing.T) {
 	DecodeJSON(t, resp, &apiData)
 
 	assert.Len(t, apiData, 2)
-	assert.EqualValues(t, "cfe3b3c1fd36fba04f9183287b106497e1afe986", apiData[0].CommitMeta.SHA)
+	assert.Equal(t, "cfe3b3c1fd36fba04f9183287b106497e1afe986", apiData[0].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"link_hi", "test.csv"}, apiData[0].Files)
-	assert.EqualValues(t, "c8e31bc7688741a5287fcde4fbb8fc129ca07027", apiData[1].CommitMeta.SHA)
+	assert.Equal(t, "c8e31bc7688741a5287fcde4fbb8fc129ca07027", apiData[1].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"test.csv"}, apiData[1].Files)
 
-	assert.EqualValues(t, "2", resp.Header().Get("X-Total"))
+	assert.Equal(t, "2", resp.Header().Get("X-Total"))
 }
 
 func TestAPIReposGitCommitListNotMaster(t *testing.T) {
@@ -96,14 +96,14 @@ func TestAPIReposGitCommitListNotMaster(t *testing.T) {
 	DecodeJSON(t, resp, &apiData)
 
 	assert.Len(t, apiData, 3)
-	assert.EqualValues(t, "69554a64c1e6030f051e5c3f94bfbd773cd6a324", apiData[0].CommitMeta.SHA)
+	assert.Equal(t, "69554a64c1e6030f051e5c3f94bfbd773cd6a324", apiData[0].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"readme.md"}, apiData[0].Files)
-	assert.EqualValues(t, "27566bd5738fc8b4e3fef3c5e72cce608537bd95", apiData[1].CommitMeta.SHA)
+	assert.Equal(t, "27566bd5738fc8b4e3fef3c5e72cce608537bd95", apiData[1].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"readme.md"}, apiData[1].Files)
-	assert.EqualValues(t, "5099b81332712fe655e34e8dd63574f503f61811", apiData[2].CommitMeta.SHA)
+	assert.Equal(t, "5099b81332712fe655e34e8dd63574f503f61811", apiData[2].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"readme.md"}, apiData[2].Files)
 
-	assert.EqualValues(t, "3", resp.Header().Get("X-Total"))
+	assert.Equal(t, "3", resp.Header().Get("X-Total"))
 }
 
 func TestAPIReposGitCommitListPage2Empty(t *testing.T) {
@@ -177,7 +177,7 @@ func TestDownloadCommitDiffOrPatch(t *testing.T) {
 	reqDiff := NewRequestf(t, "GET", "/api/v1/repos/%s/repo16/git/commits/f27c2b2b03dcab38beaf89b0ab4ff61f6de63441.diff", user.Name).
 		AddTokenAuth(token)
 	resp := MakeRequest(t, reqDiff, http.StatusOK)
-	assert.EqualValues(t,
+	assert.Equal(t,
 		"commit f27c2b2b03dcab38beaf89b0ab4ff61f6de63441\nAuthor: User2 <user2@example.com>\nDate:   Sun Aug 6 19:55:01 2017 +0200\n\n    good signed commit\n\ndiff --git a/readme.md b/readme.md\nnew file mode 100644\nindex 0000000..458121c\n--- /dev/null\n+++ b/readme.md\n@@ -0,0 +1 @@\n+good sign\n",
 		resp.Body.String())
 
@@ -185,7 +185,7 @@ func TestDownloadCommitDiffOrPatch(t *testing.T) {
 	reqPatch := NewRequestf(t, "GET", "/api/v1/repos/%s/repo16/git/commits/f27c2b2b03dcab38beaf89b0ab4ff61f6de63441.patch", user.Name).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, reqPatch, http.StatusOK)
-	assert.EqualValues(t,
+	assert.Equal(t,
 		"From f27c2b2b03dcab38beaf89b0ab4ff61f6de63441 Mon Sep 17 00:00:00 2001\nFrom: User2 <user2@example.com>\nDate: Sun, 6 Aug 2017 19:55:01 +0200\nSubject: [PATCH] good signed commit\n\n---\n readme.md | 1 +\n 1 file changed, 1 insertion(+)\n create mode 100644 readme.md\n\ndiff --git a/readme.md b/readme.md\nnew file mode 100644\nindex 0000000..458121c\n--- /dev/null\n+++ b/readme.md\n@@ -0,0 +1 @@\n+good sign\n",
 		resp.Body.String())
 }
@@ -208,7 +208,7 @@ func TestGetFileHistory(t *testing.T) {
 	assert.Equal(t, "f27c2b2b03dcab38beaf89b0ab4ff61f6de63441", apiData[0].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"readme.md"}, apiData[0].Files)
 
-	assert.EqualValues(t, "1", resp.Header().Get("X-Total"))
+	assert.Equal(t, "1", resp.Header().Get("X-Total"))
 }
 
 func TestGetFileHistoryNotOnMaster(t *testing.T) {
@@ -229,5 +229,5 @@ func TestGetFileHistoryNotOnMaster(t *testing.T) {
 	assert.Equal(t, "c8e31bc7688741a5287fcde4fbb8fc129ca07027", apiData[0].CommitMeta.SHA)
 	compareCommitFiles(t, []string{"test.csv"}, apiData[0].Files)
 
-	assert.EqualValues(t, "1", resp.Header().Get("X-Total"))
+	assert.Equal(t, "1", resp.Header().Get("X-Total"))
 }
diff --git a/tests/integration/api_repo_git_trees_test.go b/tests/integration/api_repo_git_trees_test.go
index 47063d9091..ea7630f414 100644
--- a/tests/integration/api_repo_git_trees_test.go
+++ b/tests/integration/api_repo_git_trees_test.go
@@ -11,7 +11,11 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestAPIReposGitTrees(t *testing.T) {
@@ -32,13 +36,21 @@ func TestAPIReposGitTrees(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
 
 	// Test a public repo that anyone can GET the tree of
-	for _, ref := range [...]string{
-		"master",     // Branch
-		repo1TreeSHA, // Tree SHA
-	} {
-		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s", user2.Name, repo1.Name, ref)
-		MakeRequest(t, req, http.StatusOK)
-	}
+	_ = MakeRequest(t, NewRequest(t, "GET", "/api/v1/repos/user2/repo1/git/trees/master"), http.StatusOK)
+
+	resp := MakeRequest(t, NewRequest(t, "GET", "/api/v1/repos/user2/repo1/git/trees/62fb502a7172d4453f0322a2cc85bddffa57f07a?per_page=1"), http.StatusOK)
+	var respGitTree api.GitTreeResponse
+	DecodeJSON(t, resp, &respGitTree)
+	assert.True(t, respGitTree.Truncated)
+	require.Len(t, respGitTree.Entries, 1)
+	assert.Equal(t, "File-WoW", respGitTree.Entries[0].Path)
+
+	resp = MakeRequest(t, NewRequest(t, "GET", "/api/v1/repos/user2/repo1/git/trees/62fb502a7172d4453f0322a2cc85bddffa57f07a?page=2&per_page=1"), http.StatusOK)
+	respGitTree = api.GitTreeResponse{}
+	DecodeJSON(t, resp, &respGitTree)
+	assert.False(t, respGitTree.Truncated)
+	require.Len(t, respGitTree.Entries, 1)
+	assert.Equal(t, "README.md", respGitTree.Entries[0].Path)
 
 	// Tests a private repo with no token so will fail
 	for _, ref := range [...]string{
diff --git a/tests/integration/api_repo_languages_test.go b/tests/integration/api_repo_languages_test.go
index 1045aef57d..6347a43b4e 100644
--- a/tests/integration/api_repo_languages_test.go
+++ b/tests/integration/api_repo_languages_test.go
@@ -9,6 +9,8 @@ import (
 	"testing"
 	"time"
 
+	"code.gitea.io/gitea/modules/test"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -32,7 +34,8 @@ func TestRepoLanguages(t *testing.T) {
 			"content":       "package main",
 			"commit_choice": "direct",
 		})
-		session.MakeRequest(t, req, http.StatusSeeOther)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.NotEmpty(t, test.RedirectURL(resp))
 
 		// let gitea calculate language stats
 		time.Sleep(time.Second)
diff --git a/tests/integration/api_repo_lfs_locks_test.go b/tests/integration/api_repo_lfs_locks_test.go
index 4ba01e6d9b..161fa45dc6 100644
--- a/tests/integration/api_repo_lfs_locks_test.go
+++ b/tests/integration/api_repo_lfs_locks_test.go
@@ -112,7 +112,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 			var lfsLock api.LFSLockResponse
 			DecodeJSON(t, resp, &lfsLock)
 			assert.Equal(t, test.user.Name, lfsLock.Lock.Owner.Name)
-			assert.EqualValues(t, lfsLock.Lock.LockedAt.Format(time.RFC3339), lfsLock.Lock.LockedAt.Format(time.RFC3339Nano)) // locked at should be rounded to second
+			assert.Equal(t, lfsLock.Lock.LockedAt.Format(time.RFC3339), lfsLock.Lock.LockedAt.Format(time.RFC3339Nano)) // locked at should be rounded to second
 			for _, id := range test.addTime {
 				resultsTests[id].locksTimes = append(resultsTests[id].locksTimes, time.Now())
 			}
@@ -129,9 +129,9 @@ func TestAPILFSLocksLogged(t *testing.T) {
 		DecodeJSON(t, resp, &lfsLocks)
 		assert.Len(t, lfsLocks.Locks, test.totalCount)
 		for i, lock := range lfsLocks.Locks {
-			assert.EqualValues(t, test.locksOwners[i].Name, lock.Owner.Name)
+			assert.Equal(t, test.locksOwners[i].Name, lock.Owner.Name)
 			assert.WithinDuration(t, test.locksTimes[i], lock.LockedAt, 10*time.Second)
-			assert.EqualValues(t, lock.LockedAt.Format(time.RFC3339), lock.LockedAt.Format(time.RFC3339Nano)) // locked at should be rounded to second
+			assert.Equal(t, lock.LockedAt.Format(time.RFC3339), lock.LockedAt.Format(time.RFC3339Nano)) // locked at should be rounded to second
 		}
 
 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks/verify", test.repo.FullName()), map[string]string{})
@@ -143,7 +143,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 		assert.Len(t, lfsLocksVerify.Ours, test.oursCount)
 		assert.Len(t, lfsLocksVerify.Theirs, test.theirsCount)
 		for _, lock := range lfsLocksVerify.Ours {
-			assert.EqualValues(t, test.user.Name, lock.Owner.Name)
+			assert.Equal(t, test.user.Name, lock.Owner.Name)
 			deleteTests = append(deleteTests, struct {
 				user   *user_model.User
 				repo   *repo_model.Repository
diff --git a/tests/integration/api_repo_lfs_migrate_test.go b/tests/integration/api_repo_lfs_migrate_test.go
index 8b4d79db02..6ca6f9afab 100644
--- a/tests/integration/api_repo_lfs_migrate_test.go
+++ b/tests/integration/api_repo_lfs_migrate_test.go
@@ -40,7 +40,7 @@ func TestAPIRepoLFSMigrateLocal(t *testing.T) {
 		LFS:         true,
 	}).AddTokenAuth(token)
 	resp := MakeRequest(t, req, NoExpectedStatus)
-	assert.EqualValues(t, http.StatusCreated, resp.Code)
+	assert.Equal(t, http.StatusCreated, resp.Code)
 
 	store := lfs.NewContentStore()
 	ok, _ := store.Verify(lfs.Pointer{Oid: "fb8f7d8435968c4f82a726a92395be4d16f2f63116caf36c8ad35c60831ab041", Size: 6})
diff --git a/tests/integration/api_repo_lfs_test.go b/tests/integration/api_repo_lfs_test.go
index 6b42b83bc5..ec6a3a3b57 100644
--- a/tests/integration/api_repo_lfs_test.go
+++ b/tests/integration/api_repo_lfs_test.go
@@ -20,6 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
@@ -226,9 +227,7 @@ func TestAPILFSBatch(t *testing.T) {
 
 		t.Run("FileTooBig", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
-
-			oldMaxFileSize := setting.LFS.MaxFileSize
-			setting.LFS.MaxFileSize = 2
+			defer test.MockVariableValue(&setting.LFS.MaxFileSize, 2)()
 
 			req := newRequest(t, &lfs.BatchRequest{
 				Operation: "upload",
@@ -243,8 +242,6 @@ func TestAPILFSBatch(t *testing.T) {
 			assert.NotNil(t, br.Objects[0].Error)
 			assert.Equal(t, http.StatusUnprocessableEntity, br.Objects[0].Error.Code)
 			assert.Equal(t, "Size must be less than or equal to 2", br.Objects[0].Error.Message)
-
-			setting.LFS.MaxFileSize = oldMaxFileSize
 		})
 
 		t.Run("AddMeta", func(t *testing.T) {
diff --git a/tests/integration/api_repo_license_test.go b/tests/integration/api_repo_license_test.go
index 52d3085694..fb4450a2bd 100644
--- a/tests/integration/api_repo_license_test.go
+++ b/tests/integration/api_repo_license_test.go
@@ -12,12 +12,13 @@ import (
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
 )
 
 var testLicenseContent = `
-Copyright (c) 2024 Gitea 
+Copyright (c) 2024 Gitea
 
 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
 
@@ -48,7 +49,8 @@ func TestAPIRepoLicense(t *testing.T) {
 			"content":       testLicenseContent,
 			"commit_choice": "direct",
 		})
-		session.MakeRequest(t, req, http.StatusSeeOther)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.NotEmpty(t, test.RedirectURL(resp))
 
 		// let gitea update repo license
 		time.Sleep(time.Second)
diff --git a/tests/integration/api_repo_raw_test.go b/tests/integration/api_repo_raw_test.go
index e5f83d1c80..e9d741925f 100644
--- a/tests/integration/api_repo_raw_test.go
+++ b/tests/integration/api_repo_raw_test.go
@@ -30,11 +30,11 @@ func TestAPIReposRaw(t *testing.T) {
 		req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md", user.Name, ref).
 			AddTokenAuth(token)
 		resp := MakeRequest(t, req, http.StatusOK)
-		assert.EqualValues(t, "file", resp.Header().Get("x-gitea-object-type"))
+		assert.Equal(t, "file", resp.Header().Get("x-gitea-object-type"))
 	}
 	// Test default branch
 	req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md", user.Name).
 		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, "file", resp.Header().Get("x-gitea-object-type"))
+	assert.Equal(t, "file", resp.Header().Get("x-gitea-object-type"))
 }
diff --git a/tests/integration/api_repo_tags_test.go b/tests/integration/api_repo_tags_test.go
index a7f021ca4f..3932a8ba2b 100644
--- a/tests/integration/api_repo_tags_test.go
+++ b/tests/integration/api_repo_tags_test.go
@@ -48,10 +48,10 @@ func TestAPIRepoTags(t *testing.T) {
 	assert.Len(t, tags, 2)
 	for _, tag := range tags {
 		if tag.Name != "v1.1" {
-			assert.EqualValues(t, newTag.Name, tag.Name)
-			assert.EqualValues(t, newTag.Message, tag.Message)
-			assert.EqualValues(t, "nice!\nand some text", tag.Message)
-			assert.EqualValues(t, newTag.Commit.SHA, tag.Commit.SHA)
+			assert.Equal(t, newTag.Name, tag.Name)
+			assert.Equal(t, newTag.Message, tag.Message)
+			assert.Equal(t, "nice!\nand some text", tag.Message)
+			assert.Equal(t, newTag.Commit.SHA, tag.Commit.SHA)
 		}
 	}
 
@@ -61,7 +61,7 @@ func TestAPIRepoTags(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 	var tag *api.Tag
 	DecodeJSON(t, resp, &tag)
-	assert.EqualValues(t, newTag, tag)
+	assert.Equal(t, newTag, tag)
 
 	// delete tag
 	delReq := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/tags/%s", user.Name, repoName, newTag.Name).
diff --git a/tests/integration/api_repo_teams_test.go b/tests/integration/api_repo_teams_test.go
index 07d065b02b..143e3dd29f 100644
--- a/tests/integration/api_repo_teams_test.go
+++ b/tests/integration/api_repo_teams_test.go
@@ -37,15 +37,15 @@ func TestAPIRepoTeams(t *testing.T) {
 	var teams []*api.Team
 	DecodeJSON(t, res, &teams)
 	if assert.Len(t, teams, 2) {
-		assert.EqualValues(t, "Owners", teams[0].Name)
+		assert.Equal(t, "Owners", teams[0].Name)
 		assert.True(t, teams[0].CanCreateOrgRepo)
 		assert.True(t, util.SliceSortedEqual(unit.AllUnitKeyNames(), teams[0].Units), "%v == %v", unit.AllUnitKeyNames(), teams[0].Units)
-		assert.EqualValues(t, "owner", teams[0].Permission)
+		assert.Equal(t, "owner", teams[0].Permission)
 
-		assert.EqualValues(t, "test_team", teams[1].Name)
+		assert.Equal(t, "test_team", teams[1].Name)
 		assert.False(t, teams[1].CanCreateOrgRepo)
-		assert.EqualValues(t, []string{"repo.issues"}, teams[1].Units)
-		assert.EqualValues(t, "write", teams[1].Permission)
+		assert.Equal(t, []string{"repo.issues"}, teams[1].Units)
+		assert.Equal(t, "write", teams[1].Permission)
 	}
 
 	// IsTeam
@@ -54,7 +54,7 @@ func TestAPIRepoTeams(t *testing.T) {
 	res = MakeRequest(t, req, http.StatusOK)
 	var team *api.Team
 	DecodeJSON(t, res, &team)
-	assert.EqualValues(t, teams[1], team)
+	assert.Equal(t, teams[1], team)
 
 	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/teams/%s", publicOrgRepo.FullName(), "NonExistingTeam")).
 		AddTokenAuth(token)
diff --git a/tests/integration/api_repo_test.go b/tests/integration/api_repo_test.go
index 22f26d87d4..a2c3a467c6 100644
--- a/tests/integration/api_repo_test.go
+++ b/tests/integration/api_repo_test.go
@@ -37,7 +37,7 @@ func TestAPIUserReposNotLogin(t *testing.T) {
 		unittest.Cond("is_private = ?", false))
 	assert.Len(t, apiRepos, expectedLen)
 	for _, repo := range apiRepos {
-		assert.EqualValues(t, user.ID, repo.Owner.ID)
+		assert.Equal(t, user.ID, repo.Owner.ID)
 		assert.False(t, repo.Private)
 	}
 }
@@ -45,7 +45,7 @@ func TestAPIUserReposNotLogin(t *testing.T) {
 func TestAPIUserReposWithWrongToken(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-	wrongToken := fmt.Sprintf("Bearer %s", "wrong_token")
+	wrongToken := "Bearer " + "wrong_token"
 	req := NewRequestf(t, "GET", "/api/v1/users/%s/repos", user.Name).
 		AddTokenAuth(wrongToken)
 	resp := MakeRequest(t, req, http.StatusUnauthorized)
@@ -266,25 +266,25 @@ func TestAPIViewRepo(t *testing.T) {
 	resp := MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &repo)
 	assert.EqualValues(t, 1, repo.ID)
-	assert.EqualValues(t, "repo1", repo.Name)
-	assert.EqualValues(t, 2, repo.Releases)
-	assert.EqualValues(t, 1, repo.OpenIssues)
-	assert.EqualValues(t, 3, repo.OpenPulls)
+	assert.Equal(t, "repo1", repo.Name)
+	assert.Equal(t, 2, repo.Releases)
+	assert.Equal(t, 1, repo.OpenIssues)
+	assert.Equal(t, 3, repo.OpenPulls)
 
 	req = NewRequest(t, "GET", "/api/v1/repos/user12/repo10")
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &repo)
 	assert.EqualValues(t, 10, repo.ID)
-	assert.EqualValues(t, "repo10", repo.Name)
-	assert.EqualValues(t, 1, repo.OpenPulls)
-	assert.EqualValues(t, 1, repo.Forks)
+	assert.Equal(t, "repo10", repo.Name)
+	assert.Equal(t, 1, repo.OpenPulls)
+	assert.Equal(t, 1, repo.Forks)
 
 	req = NewRequest(t, "GET", "/api/v1/repos/user5/repo4")
 	resp = MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &repo)
 	assert.EqualValues(t, 4, repo.ID)
-	assert.EqualValues(t, "repo4", repo.Name)
-	assert.EqualValues(t, 1, repo.Stars)
+	assert.Equal(t, "repo4", repo.Name)
+	assert.Equal(t, 1, repo.Stars)
 }
 
 func TestAPIOrgRepos(t *testing.T) {
@@ -337,9 +337,9 @@ func TestAPIOrgReposWithCodeUnitDisabled(t *testing.T) {
 	var units []unit_model.Type
 	units = append(units, unit_model.TypeCode)
 
-	if err := repo_service.UpdateRepositoryUnits(db.DefaultContext, repo21, nil, units); err != nil {
-		assert.Fail(t, "should have been able to delete code repository unit; failed to %v", err)
-	}
+	err := repo_service.UpdateRepositoryUnits(db.DefaultContext, repo21, nil, units)
+	assert.NoError(t, err, "should have been able to delete code repository unit")
+
 	assert.False(t, repo21.UnitEnabled(db.DefaultContext, unit_model.TypeCode))
 
 	session := loginUser(t, "user2")
@@ -403,12 +403,12 @@ func TestAPIRepoMigrate(t *testing.T) {
 			case "Remote visit addressed rate limitation.":
 				t.Log("test hit github rate limitation")
 			case "You can not import from disallowed hosts.":
-				assert.EqualValues(t, "private-ip", testCase.repoName)
+				assert.Equal(t, "private-ip", testCase.repoName)
 			default:
-				assert.FailNow(t, "unexpected error '%v' on url '%s'", respJSON["message"], testCase.cloneURL)
+				assert.FailNow(t, "unexpected error", "unexpected error '%v' on url '%s'", respJSON["message"], testCase.cloneURL)
 			}
 		} else {
-			assert.EqualValues(t, testCase.expectedStatus, resp.Code)
+			assert.Equal(t, testCase.expectedStatus, resp.Code)
 		}
 	}
 }
@@ -586,7 +586,7 @@ func TestAPIRepoTransfer(t *testing.T) {
 
 	// cleanup
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: apiRepo.ID})
-	_ = repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repo.ID)
+	_ = repo_service.DeleteRepositoryDirectly(db.DefaultContext, repo.ID)
 }
 
 func transfer(t *testing.T) *repo_model.Repository {
diff --git a/tests/integration/api_repo_topic_test.go b/tests/integration/api_repo_topic_test.go
index a10e159b78..82d0c54ca8 100644
--- a/tests/integration/api_repo_topic_test.go
+++ b/tests/integration/api_repo_topic_test.go
@@ -30,7 +30,7 @@ func TestAPITopicSearch(t *testing.T) {
 	res := MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 6)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// pagination search topics first page
 	topics.TopicNames = nil
@@ -40,7 +40,7 @@ func TestAPITopicSearch(t *testing.T) {
 	res = MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 4)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// pagination search topics second page
 	topics.TopicNames = nil
@@ -50,7 +50,7 @@ func TestAPITopicSearch(t *testing.T) {
 	res = MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 2)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// add keyword search
 	query = url.Values{"page": []string{"1"}, "limit": []string{"4"}}
@@ -66,8 +66,8 @@ func TestAPITopicSearch(t *testing.T) {
 	DecodeJSON(t, res, &topics)
 	if assert.Len(t, topics.TopicNames, 1) {
 		assert.EqualValues(t, 2, topics.TopicNames[0].ID)
-		assert.EqualValues(t, "database", topics.TopicNames[0].Name)
-		assert.EqualValues(t, 1, topics.TopicNames[0].RepoCount)
+		assert.Equal(t, "database", topics.TopicNames[0].Name)
+		assert.Equal(t, 1, topics.TopicNames[0].RepoCount)
 	}
 }
 
diff --git a/tests/integration/api_repo_variables_test.go b/tests/integration/api_repo_variables_test.go
index 7847962b07..b5c88af279 100644
--- a/tests/integration/api_repo_variables_test.go
+++ b/tests/integration/api_repo_variables_test.go
@@ -35,11 +35,11 @@ func TestAPIRepoVariables(t *testing.T) {
 			},
 			{
 				Name:           "_",
-				ExpectedStatus: http.StatusNoContent,
+				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "TEST_VAR",
-				ExpectedStatus: http.StatusNoContent,
+				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "test_var",
@@ -81,7 +81,7 @@ func TestAPIRepoVariables(t *testing.T) {
 		req := NewRequestWithJSON(t, "POST", url, api.CreateVariableOption{
 			Value: "initial_val",
 		}).AddTokenAuth(token)
-		MakeRequest(t, req, http.StatusNoContent)
+		MakeRequest(t, req, http.StatusCreated)
 
 		cases := []struct {
 			Name           string
@@ -138,7 +138,7 @@ func TestAPIRepoVariables(t *testing.T) {
 		req := NewRequestWithJSON(t, "POST", url, api.CreateVariableOption{
 			Value: "initial_val",
 		}).AddTokenAuth(token)
-		MakeRequest(t, req, http.StatusNoContent)
+		MakeRequest(t, req, http.StatusCreated)
 
 		req = NewRequest(t, "DELETE", url).AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNoContent)
diff --git a/tests/integration/api_settings_test.go b/tests/integration/api_settings_test.go
index 9881578fba..743dbb0481 100644
--- a/tests/integration/api_settings_test.go
+++ b/tests/integration/api_settings_test.go
@@ -30,11 +30,12 @@ func TestAPIExposedSettings(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 
 	DecodeJSON(t, resp, &apiSettings)
-	assert.EqualValues(t, &api.GeneralAPISettings{
+	assert.Equal(t, &api.GeneralAPISettings{
 		MaxResponseItems:       setting.API.MaxResponseItems,
 		DefaultPagingNum:       setting.API.DefaultPagingNum,
 		DefaultGitTreesPerPage: setting.API.DefaultGitTreesPerPage,
 		DefaultMaxBlobSize:     setting.API.DefaultMaxBlobSize,
+		DefaultMaxResponseSize: setting.API.DefaultMaxResponseSize,
 	}, apiSettings)
 
 	repo := new(api.GeneralRepoSettings)
@@ -42,7 +43,7 @@ func TestAPIExposedSettings(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 
 	DecodeJSON(t, resp, &repo)
-	assert.EqualValues(t, &api.GeneralRepoSettings{
+	assert.Equal(t, &api.GeneralRepoSettings{
 		MirrorsDisabled:      !setting.Mirror.Enabled,
 		HTTPGitDisabled:      setting.Repository.DisableHTTPGit,
 		MigrationsDisabled:   setting.Repository.DisableMigrations,
@@ -55,7 +56,7 @@ func TestAPIExposedSettings(t *testing.T) {
 	resp = MakeRequest(t, req, http.StatusOK)
 
 	DecodeJSON(t, resp, &attachment)
-	assert.EqualValues(t, &api.GeneralAttachmentSettings{
+	assert.Equal(t, &api.GeneralAttachmentSettings{
 		Enabled:      setting.Attachment.Enabled,
 		AllowedTypes: setting.Attachment.AllowedTypes,
 		MaxFiles:     setting.Attachment.MaxFiles,
diff --git a/tests/integration/api_team_test.go b/tests/integration/api_team_test.go
index d14c66ff2c..e54203ed50 100644
--- a/tests/integration/api_team_test.go
+++ b/tests/integration/api_team_test.go
@@ -40,9 +40,9 @@ func TestAPITeam(t *testing.T) {
 
 	var apiTeam api.Team
 	DecodeJSON(t, resp, &apiTeam)
-	assert.EqualValues(t, team.ID, apiTeam.ID)
+	assert.Equal(t, team.ID, apiTeam.ID)
 	assert.Equal(t, team.Name, apiTeam.Name)
-	assert.EqualValues(t, convert.ToOrganization(db.DefaultContext, org), apiTeam.Organization)
+	assert.Equal(t, convert.ToOrganization(db.DefaultContext, org), apiTeam.Organization)
 
 	// non team member user will not access the teams details
 	teamUser2 := unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{ID: 3})
@@ -78,9 +78,9 @@ func TestAPITeam(t *testing.T) {
 	apiTeam = api.Team{}
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "CreateTeam1", &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units, nil)
+		"none", teamToCreate.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units, nil)
+		"none", teamToCreate.Units, nil)
 	teamID := apiTeam.ID
 
 	// Edit team.
@@ -149,9 +149,9 @@ func TestAPITeam(t *testing.T) {
 	apiTeam = api.Team{}
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "CreateTeam2", &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		"read", nil, teamToCreate.UnitsMap)
+		"none", nil, teamToCreate.UnitsMap)
 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		"read", nil, teamToCreate.UnitsMap)
+		"none", nil, teamToCreate.UnitsMap)
 	teamID = apiTeam.ID
 
 	// Edit team.
@@ -171,9 +171,9 @@ func TestAPITeam(t *testing.T) {
 	apiTeam = api.Team{}
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "EditTeam2", &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
-		"read", nil, teamToEdit.UnitsMap)
+		"none", nil, teamToEdit.UnitsMap)
 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,
-		"read", nil, teamToEdit.UnitsMap)
+		"none", nil, teamToEdit.UnitsMap)
 
 	// Edit team Description only
 	editDescription = "second team"
@@ -184,9 +184,9 @@ func TestAPITeam(t *testing.T) {
 	apiTeam = api.Team{}
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "EditTeam2_DescOnly", &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
-		"read", nil, teamToEdit.UnitsMap)
+		"none", nil, teamToEdit.UnitsMap)
 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,
-		"read", nil, teamToEdit.UnitsMap)
+		"none", nil, teamToEdit.UnitsMap)
 
 	// Read team.
 	teamRead = unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamID})
@@ -247,10 +247,10 @@ func checkTeamResponse(t *testing.T, testName string, apiTeam *api.Team, name, d
 		if units != nil {
 			sort.StringSlice(units).Sort()
 			sort.StringSlice(apiTeam.Units).Sort()
-			assert.EqualValues(t, units, apiTeam.Units, "units")
+			assert.Equal(t, units, apiTeam.Units, "units")
 		}
 		if unitsMap != nil {
-			assert.EqualValues(t, unitsMap, apiTeam.UnitsMap, "unitsMap")
+			assert.Equal(t, unitsMap, apiTeam.UnitsMap, "unitsMap")
 		}
 	})
 }
diff --git a/tests/integration/api_team_user_test.go b/tests/integration/api_team_user_test.go
index 6c80bc9f80..cbbbe00a9e 100644
--- a/tests/integration/api_team_user_test.go
+++ b/tests/integration/api_team_user_test.go
@@ -21,29 +21,31 @@ import (
 
 func TestAPITeamUser(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	normalUsername := "user2"
-	session := loginUser(t, normalUsername)
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadOrganization)
-	req := NewRequest(t, "GET", "/api/v1/teams/1/members/user1").
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusNotFound)
-
-	req = NewRequest(t, "GET", "/api/v1/teams/1/members/user2").
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var user2 *api.User
-	DecodeJSON(t, resp, &user2)
-	user2.Created = user2.Created.In(time.Local)
-	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})
-
-	expectedUser := convert.ToUser(db.DefaultContext, user, user)
-
-	// test time via unix timestamp
-	assert.EqualValues(t, expectedUser.LastLogin.Unix(), user2.LastLogin.Unix())
-	assert.EqualValues(t, expectedUser.Created.Unix(), user2.Created.Unix())
-	expectedUser.LastLogin = user2.LastLogin
-	expectedUser.Created = user2.Created
-
-	assert.Equal(t, expectedUser, user2)
+	user2Session := loginUser(t, "user2")
+	user2Token := getTokenForLoggedInUser(t, user2Session, auth_model.AccessTokenScopeWriteOrganization)
+
+	t.Run("User2ReadUser1", func(t *testing.T) {
+		req := NewRequest(t, "GET", "/api/v1/teams/1/members/user1").AddTokenAuth(user2Token)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("User2ReadSelf", func(t *testing.T) {
+		// read self user
+		req := NewRequest(t, "GET", "/api/v1/teams/1/members/user2").AddTokenAuth(user2Token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var user2 *api.User
+		DecodeJSON(t, resp, &user2)
+		user2.Created = user2.Created.In(time.Local)
+		user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})
+
+		expectedUser := convert.ToUser(db.DefaultContext, user, user)
+
+		// test time via unix timestamp
+		assert.Equal(t, expectedUser.LastLogin.Unix(), user2.LastLogin.Unix())
+		assert.Equal(t, expectedUser.Created.Unix(), user2.Created.Unix())
+		expectedUser.LastLogin = user2.LastLogin
+		expectedUser.Created = user2.Created
+
+		assert.Equal(t, expectedUser, user2)
+	})
 }
diff --git a/tests/integration/api_token_test.go b/tests/integration/api_token_test.go
index 01d18ef6f1..1770358d21 100644
--- a/tests/integration/api_token_test.go
+++ b/tests/integration/api_token_test.go
@@ -507,7 +507,7 @@ func runTestCase(t *testing.T, testCase *requiredScopeTestCase, user *user_model
 				} else if minRequiredLevel == auth_model.Write {
 					unauthorizedLevel = auth_model.Read
 				} else {
-					assert.FailNow(t, "Invalid test case: Unknown access token scope level: %v", minRequiredLevel)
+					assert.FailNow(t, "Invalid test case", "Unknown access token scope level: %v", minRequiredLevel)
 				}
 			}
 
diff --git a/tests/integration/api_twofa_test.go b/tests/integration/api_twofa_test.go
index 18e6fa91b7..938feba61a 100644
--- a/tests/integration/api_twofa_test.go
+++ b/tests/integration/api_twofa_test.go
@@ -94,7 +94,7 @@ func TestBasicAuthWithWebAuthn(t *testing.T) {
 	}
 	var userParsed userResponse
 	DecodeJSON(t, resp, &userParsed)
-	assert.EqualValues(t, "Basic authorization is not allowed while webAuthn enrolled", userParsed.Message)
+	assert.Equal(t, "basic authorization is not allowed while WebAuthn enrolled", userParsed.Message)
 
 	// user32 has webauthn enrolled, he can't request git protocol with basic auth
 	req = NewRequest(t, "GET", "/user2/repo1/info/refs")
diff --git a/tests/integration/api_user_block_test.go b/tests/integration/api_user_block_test.go
index ae6b9eb849..6f73b089df 100644
--- a/tests/integration/api_user_block_test.go
+++ b/tests/integration/api_user_block_test.go
@@ -76,7 +76,7 @@ func TestBlockUser(t *testing.T) {
 		blockeeName := "user10"
 
 		t.Run("Block", func(t *testing.T) {
-			req := NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName))
+			req := NewRequest(t, "PUT", "/api/v1/user/blocks/"+blockeeName)
 			MakeRequest(t, req, http.StatusUnauthorized)
 
 			assert.EqualValues(t, 1, countStars(t, blockerID, blockeeID))
@@ -84,7 +84,7 @@ func TestBlockUser(t *testing.T) {
 			assert.EqualValues(t, 1, countRepositoryTransfers(t, blockerID, blockeeID))
 			assert.EqualValues(t, 1, countCollaborations(t, blockerID, blockeeID))
 
-			req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName)).
+			req = NewRequest(t, "GET", "/api/v1/user/blocks/"+blockeeName).
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusNotFound)
 
@@ -97,15 +97,15 @@ func TestBlockUser(t *testing.T) {
 			assert.EqualValues(t, 0, countRepositoryTransfers(t, blockerID, blockeeID))
 			assert.EqualValues(t, 0, countCollaborations(t, blockerID, blockeeID))
 
-			req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName)).
+			req = NewRequest(t, "GET", "/api/v1/user/blocks/"+blockeeName).
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusNoContent)
 
-			req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName)).
+			req = NewRequest(t, "PUT", "/api/v1/user/blocks/"+blockeeName).
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusBadRequest) // can't block blocked user
 
-			req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/blocks/%s", "org3")).
+			req = NewRequest(t, "PUT", "/api/v1/user/blocks/"+"org3").
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusBadRequest) // can't block organization
 
@@ -124,18 +124,18 @@ func TestBlockUser(t *testing.T) {
 		})
 
 		t.Run("Unblock", func(t *testing.T) {
-			req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName))
+			req := NewRequest(t, "DELETE", "/api/v1/user/blocks/"+blockeeName)
 			MakeRequest(t, req, http.StatusUnauthorized)
 
-			req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName)).
+			req = NewRequest(t, "DELETE", "/api/v1/user/blocks/"+blockeeName).
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusNoContent)
 
-			req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/blocks/%s", blockeeName)).
+			req = NewRequest(t, "DELETE", "/api/v1/user/blocks/"+blockeeName).
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusBadRequest)
 
-			req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/blocks/%s", "org3")).
+			req = NewRequest(t, "DELETE", "/api/v1/user/blocks/"+"org3").
 				AddTokenAuth(blockerToken)
 			MakeRequest(t, req, http.StatusBadRequest)
 
diff --git a/tests/integration/api_user_email_test.go b/tests/integration/api_user_email_test.go
index 6441e2ed8e..5b6f0708ea 100644
--- a/tests/integration/api_user_email_test.go
+++ b/tests/integration/api_user_email_test.go
@@ -28,7 +28,7 @@ func TestAPIListEmails(t *testing.T) {
 	var emails []*api.Email
 	DecodeJSON(t, resp, &emails)
 
-	assert.EqualValues(t, []*api.Email{
+	assert.Equal(t, []*api.Email{
 		{
 			Email:    "user2@example.com",
 			Verified: true,
@@ -66,7 +66,7 @@ func TestAPIAddEmail(t *testing.T) {
 
 	var emails []*api.Email
 	DecodeJSON(t, resp, &emails)
-	assert.EqualValues(t, []*api.Email{
+	assert.Equal(t, []*api.Email{
 		{
 			Email:    "user2@example.com",
 			Verified: true,
@@ -119,7 +119,7 @@ func TestAPIDeleteEmail(t *testing.T) {
 
 	var emails []*api.Email
 	DecodeJSON(t, resp, &emails)
-	assert.EqualValues(t, []*api.Email{
+	assert.Equal(t, []*api.Email{
 		{
 			Email:    "user2@example.com",
 			Verified: true,
diff --git a/tests/integration/api_user_follow_test.go b/tests/integration/api_user_follow_test.go
index fe20af6769..6cb31a6802 100644
--- a/tests/integration/api_user_follow_test.go
+++ b/tests/integration/api_user_follow_test.go
@@ -32,7 +32,7 @@ func TestAPIFollow(t *testing.T) {
 	t.Run("Follow", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/following/%s", user1)).
+		req := NewRequest(t, "PUT", "/api/v1/user/following/"+user1).
 			AddTokenAuth(token2)
 		MakeRequest(t, req, http.StatusNoContent)
 
@@ -110,11 +110,11 @@ func TestAPIFollow(t *testing.T) {
 	t.Run("CheckMyFollowing", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/following/%s", user1)).
+		req := NewRequest(t, "GET", "/api/v1/user/following/"+user1).
 			AddTokenAuth(token2)
 		MakeRequest(t, req, http.StatusNoContent)
 
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/following/%s", user2)).
+		req = NewRequest(t, "GET", "/api/v1/user/following/"+user2).
 			AddTokenAuth(token1)
 		MakeRequest(t, req, http.StatusNotFound)
 	})
@@ -122,7 +122,7 @@ func TestAPIFollow(t *testing.T) {
 	t.Run("Unfollow", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/following/%s", user1)).
+		req := NewRequest(t, "DELETE", "/api/v1/user/following/"+user1).
 			AddTokenAuth(token2)
 		MakeRequest(t, req, http.StatusNoContent)
 	})
diff --git a/tests/integration/api_user_info_test.go b/tests/integration/api_user_info_test.go
index 89f7266859..06353eabe0 100644
--- a/tests/integration/api_user_info_test.go
+++ b/tests/integration/api_user_info_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"testing"
 
@@ -31,7 +30,7 @@ func TestAPIUserInfo(t *testing.T) {
 	t.Run("GetInfo", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s", user2)).
+		req := NewRequest(t, "GET", "/api/v1/users/"+user2).
 			AddTokenAuth(token)
 		resp := MakeRequest(t, req, http.StatusOK)
 
@@ -39,17 +38,17 @@ func TestAPIUserInfo(t *testing.T) {
 		DecodeJSON(t, resp, &u)
 		assert.Equal(t, user2, u.UserName)
 
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s", user2))
+		req = NewRequest(t, "GET", "/api/v1/users/"+user2)
 		MakeRequest(t, req, http.StatusNotFound)
 
 		// test if the placaholder Mail is returned if a User is not logged in
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s", org3.Name))
+		req = NewRequest(t, "GET", "/api/v1/users/"+org3.Name)
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &u)
 		assert.Equal(t, org3.GetPlaceholderEmail(), u.Email)
 
 		// Test if the correct Mail is returned if a User is logged in
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s", org3.Name)).
+		req = NewRequest(t, "GET", "/api/v1/users/"+org3.Name).
 			AddTokenAuth(token)
 		resp = MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &u)
diff --git a/tests/integration/api_user_search_test.go b/tests/integration/api_user_search_test.go
index 5604a14259..97264969eb 100644
--- a/tests/integration/api_user_search_test.go
+++ b/tests/integration/api_user_search_test.go
@@ -66,7 +66,7 @@ func TestAPIUserSearchNotLoggedIn(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		modelUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: user.ID})
-		assert.EqualValues(t, modelUser.GetPlaceholderEmail(), user.Email)
+		assert.Equal(t, modelUser.GetPlaceholderEmail(), user.Email)
 	}
 }
 
@@ -85,8 +85,8 @@ func TestAPIUserSearchSystemUsers(t *testing.T) {
 			assert.NotEmpty(t, results.Data)
 			if assert.Len(t, results.Data, 1) {
 				user := results.Data[0]
-				assert.EqualValues(t, user.UserName, systemUser.Name)
-				assert.EqualValues(t, user.ID, systemUser.ID)
+				assert.Equal(t, user.UserName, systemUser.Name)
+				assert.Equal(t, user.ID, systemUser.ID)
 			}
 		})
 	}
@@ -108,7 +108,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.EqualValues(t, "private", user.Visibility)
+		assert.Equal(t, "private", user.Visibility)
 	}
 }
 
diff --git a/tests/integration/api_user_secrets_test.go b/tests/integration/api_user_secrets_test.go
index 56bf30e804..10024ac090 100644
--- a/tests/integration/api_user_secrets_test.go
+++ b/tests/integration/api_user_secrets_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"testing"
 
@@ -55,7 +54,7 @@ func TestAPIUserSecrets(t *testing.T) {
 		}
 
 		for _, c := range cases {
-			req := NewRequestWithJSON(t, "PUT", fmt.Sprintf("/api/v1/user/actions/secrets/%s", c.Name), api.CreateOrUpdateSecretOption{
+			req := NewRequestWithJSON(t, "PUT", "/api/v1/user/actions/secrets/"+c.Name, api.CreateOrUpdateSecretOption{
 				Data: "data",
 			}).AddTokenAuth(token)
 			MakeRequest(t, req, c.ExpectedStatus)
@@ -64,7 +63,7 @@ func TestAPIUserSecrets(t *testing.T) {
 
 	t.Run("Update", func(t *testing.T) {
 		name := "update_secret"
-		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s", name)
+		url := "/api/v1/user/actions/secrets/" + name
 
 		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
 			Data: "initial",
@@ -79,7 +78,7 @@ func TestAPIUserSecrets(t *testing.T) {
 
 	t.Run("Delete", func(t *testing.T) {
 		name := "delete_secret"
-		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s", name)
+		url := "/api/v1/user/actions/secrets/" + name
 
 		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
 			Data: "initial",
diff --git a/tests/integration/api_user_star_test.go b/tests/integration/api_user_star_test.go
index 368756528a..989e7ab1d1 100644
--- a/tests/integration/api_user_star_test.go
+++ b/tests/integration/api_user_star_test.go
@@ -32,13 +32,13 @@ func TestAPIStar(t *testing.T) {
 	t.Run("Star", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "PUT", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusNoContent)
 
 		// blocked user can't star a repo
 		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
-		req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req = NewRequest(t, "PUT", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(getUserToken(t, user34.Name, auth_model.AccessTokenScopeWriteRepository))
 		MakeRequest(t, req, http.StatusForbidden)
 	})
@@ -76,11 +76,11 @@ func TestAPIStar(t *testing.T) {
 	t.Run("IsStarring", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "GET", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusNoContent)
 
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/starred/%s", repo+"notexisting")).
+		req = NewRequest(t, "GET", "/api/v1/user/starred/"+repo+"notexisting").
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusNotFound)
 	})
@@ -88,7 +88,7 @@ func TestAPIStar(t *testing.T) {
 	t.Run("Unstar", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "DELETE", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusNoContent)
 	})
@@ -109,12 +109,12 @@ func TestAPIStarDisabled(t *testing.T) {
 	t.Run("Star", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "PUT", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusForbidden)
 
 		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
-		req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req = NewRequest(t, "PUT", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(getUserToken(t, user34.Name, auth_model.AccessTokenScopeWriteRepository))
 		MakeRequest(t, req, http.StatusForbidden)
 	})
@@ -138,11 +138,11 @@ func TestAPIStarDisabled(t *testing.T) {
 	t.Run("IsStarring", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "GET", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusForbidden)
 
-		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/starred/%s", repo+"notexisting")).
+		req = NewRequest(t, "GET", "/api/v1/user/starred/"+repo+"notexisting").
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusForbidden)
 	})
@@ -150,7 +150,7 @@ func TestAPIStarDisabled(t *testing.T) {
 	t.Run("Unstar", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+		req := NewRequest(t, "DELETE", "/api/v1/user/starred/"+repo).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusForbidden)
 	})
diff --git a/tests/integration/api_user_variables_test.go b/tests/integration/api_user_variables_test.go
index 9fd84ddf81..d430c9e21d 100644
--- a/tests/integration/api_user_variables_test.go
+++ b/tests/integration/api_user_variables_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"testing"
 
@@ -30,11 +29,11 @@ func TestAPIUserVariables(t *testing.T) {
 			},
 			{
 				Name:           "_",
-				ExpectedStatus: http.StatusNoContent,
+				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "TEST_VAR",
-				ExpectedStatus: http.StatusNoContent,
+				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "test_var",
@@ -63,7 +62,7 @@ func TestAPIUserVariables(t *testing.T) {
 		}
 
 		for _, c := range cases {
-			req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/user/actions/variables/%s", c.Name), api.CreateVariableOption{
+			req := NewRequestWithJSON(t, "POST", "/api/v1/user/actions/variables/"+c.Name, api.CreateVariableOption{
 				Value: "value",
 			}).AddTokenAuth(token)
 			MakeRequest(t, req, c.ExpectedStatus)
@@ -72,11 +71,11 @@ func TestAPIUserVariables(t *testing.T) {
 
 	t.Run("UpdateUserVariable", func(t *testing.T) {
 		variableName := "test_update_var"
-		url := fmt.Sprintf("/api/v1/user/actions/variables/%s", variableName)
+		url := "/api/v1/user/actions/variables/" + variableName
 		req := NewRequestWithJSON(t, "POST", url, api.CreateVariableOption{
 			Value: "initial_val",
 		}).AddTokenAuth(token)
-		MakeRequest(t, req, http.StatusNoContent)
+		MakeRequest(t, req, http.StatusCreated)
 
 		cases := []struct {
 			Name           string
@@ -118,7 +117,7 @@ func TestAPIUserVariables(t *testing.T) {
 		}
 
 		for _, c := range cases {
-			req := NewRequestWithJSON(t, "PUT", fmt.Sprintf("/api/v1/user/actions/variables/%s", c.Name), api.UpdateVariableOption{
+			req := NewRequestWithJSON(t, "PUT", "/api/v1/user/actions/variables/"+c.Name, api.UpdateVariableOption{
 				Name:  c.UpdateName,
 				Value: "updated_val",
 			}).AddTokenAuth(token)
@@ -128,12 +127,12 @@ func TestAPIUserVariables(t *testing.T) {
 
 	t.Run("DeleteRepoVariable", func(t *testing.T) {
 		variableName := "test_delete_var"
-		url := fmt.Sprintf("/api/v1/user/actions/variables/%s", variableName)
+		url := "/api/v1/user/actions/variables/" + variableName
 
 		req := NewRequestWithJSON(t, "POST", url, api.CreateVariableOption{
 			Value: "initial_val",
 		}).AddTokenAuth(token)
-		MakeRequest(t, req, http.StatusNoContent)
+		MakeRequest(t, req, http.StatusCreated)
 
 		req = NewRequest(t, "DELETE", url).AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNoContent)
diff --git a/tests/integration/auth_ldap_test.go b/tests/integration/auth_ldap_test.go
index c00e88b88b..24f0c03bed 100644
--- a/tests/integration/auth_ldap_test.go
+++ b/tests/integration/auth_ldap_test.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/util"
@@ -437,8 +438,8 @@ func TestLDAPGroupTeamSyncAddMember(t *testing.T) {
 			Name: gitLDAPUser.UserName,
 		})
 		usersOrgs, err := db.Find[organization.Organization](db.DefaultContext, organization.FindOrgOptions{
-			UserID:         user.ID,
-			IncludePrivate: true,
+			UserID:            user.ID,
+			IncludeVisibility: structs.VisibleTypePrivate,
 		})
 		assert.NoError(t, err)
 		allOrgTeams, err := organization.GetUserOrgTeams(db.DefaultContext, org.ID, user.ID)
diff --git a/tests/integration/change_default_branch_test.go b/tests/integration/change_default_branch_test.go
index 729eb1e4ce..9b61cff9fd 100644
--- a/tests/integration/change_default_branch_test.go
+++ b/tests/integration/change_default_branch_test.go
@@ -6,12 +6,16 @@ package integration
 import (
 	"fmt"
 	"net/http"
+	"strconv"
 	"testing"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestChangeDefaultBranch(t *testing.T) {
@@ -38,3 +42,96 @@ func TestChangeDefaultBranch(t *testing.T) {
 	})
 	session.MakeRequest(t, req, http.StatusNotFound)
 }
+
+func checkDivergence(t *testing.T, session *TestSession, branchesURL, expectedDefaultBranch string, expectedBranchToDivergence map[string]git.DivergeObject) {
+	req := NewRequest(t, "GET", branchesURL)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+
+	htmlDoc := NewHTMLParser(t, resp.Body)
+
+	branchNodes := htmlDoc.doc.Find(".branch-name").Nodes
+	branchNames := []string{}
+	for _, node := range branchNodes {
+		branchNames = append(branchNames, node.FirstChild.Data)
+	}
+
+	expectBranchCount := len(expectedBranchToDivergence)
+
+	assert.Len(t, branchNames, expectBranchCount+1)
+	assert.Equal(t, expectedDefaultBranch, branchNames[0])
+
+	allCountBehindNodes := htmlDoc.doc.Find(".count-behind").Nodes
+	allCountAheadNodes := htmlDoc.doc.Find(".count-ahead").Nodes
+
+	assert.Len(t, allCountAheadNodes, expectBranchCount)
+	assert.Len(t, allCountBehindNodes, expectBranchCount)
+
+	for i := range expectBranchCount {
+		branchName := branchNames[i+1]
+		assert.Contains(t, expectedBranchToDivergence, branchName)
+
+		expectedCountAhead := expectedBranchToDivergence[branchName].Ahead
+		expectedCountBehind := expectedBranchToDivergence[branchName].Behind
+		countAhead, err := strconv.Atoi(allCountAheadNodes[i].FirstChild.Data)
+		assert.NoError(t, err)
+		countBehind, err := strconv.Atoi(allCountBehindNodes[i].FirstChild.Data)
+		assert.NoError(t, err)
+
+		assert.Equal(t, expectedCountAhead, countAhead)
+		assert.Equal(t, expectedCountBehind, countBehind)
+	}
+}
+
+func TestChangeDefaultBranchDivergence(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 16})
+	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+	session := loginUser(t, owner.Name)
+	branchesURL := fmt.Sprintf("/%s/%s/branches", owner.Name, repo.Name)
+	settingsBranchesURL := fmt.Sprintf("/%s/%s/settings/branches", owner.Name, repo.Name)
+
+	// check branch divergence before switching default branch
+	expectedBranchToDivergenceBefore := map[string]git.DivergeObject{
+		"not-signed": {
+			Ahead:  0,
+			Behind: 0,
+		},
+		"good-sign-not-yet-validated": {
+			Ahead:  0,
+			Behind: 1,
+		},
+		"good-sign": {
+			Ahead:  1,
+			Behind: 3,
+		},
+	}
+	checkDivergence(t, session, branchesURL, "master", expectedBranchToDivergenceBefore)
+
+	// switch default branch
+	newDefaultBranch := "good-sign-not-yet-validated"
+	csrf := GetUserCSRFToken(t, session)
+	req := NewRequestWithValues(t, "POST", settingsBranchesURL, map[string]string{
+		"_csrf":  csrf,
+		"action": "default_branch",
+		"branch": newDefaultBranch,
+	})
+	session.MakeRequest(t, req, http.StatusSeeOther)
+
+	// check branch divergence after switching default branch
+	expectedBranchToDivergenceAfter := map[string]git.DivergeObject{
+		"master": {
+			Ahead:  1,
+			Behind: 0,
+		},
+		"not-signed": {
+			Ahead:  1,
+			Behind: 0,
+		},
+		"good-sign": {
+			Ahead:  1,
+			Behind: 2,
+		},
+	}
+	checkDivergence(t, session, branchesURL, newDefaultBranch, expectedBranchToDivergenceAfter)
+}
diff --git a/tests/integration/cmd_keys_test.go b/tests/integration/cmd_keys_test.go
index 61f11c58b0..3878302ef0 100644
--- a/tests/integration/cmd_keys_test.go
+++ b/tests/integration/cmd_keys_test.go
@@ -13,7 +13,7 @@ import (
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v3"
 )
 
 func Test_CmdKeys(t *testing.T) {
@@ -36,18 +36,21 @@ func Test_CmdKeys(t *testing.T) {
 		}
 		for _, tt := range tests {
 			t.Run(tt.name, func(t *testing.T) {
-				out := new(bytes.Buffer)
-				app := cli.NewApp()
-				app.Writer = out
-				app.Commands = []*cli.Command{cmd.CmdKeys}
+				var stdout, stderr bytes.Buffer
+				app := &cli.Command{
+					Writer:    &stdout,
+					ErrWriter: &stderr,
+					Commands:  []*cli.Command{cmd.CmdKeys},
+				}
 				cmd.CmdKeys.HideHelp = true
-				err := app.Run(append([]string{"prog"}, tt.args...))
+				err := app.Run(t.Context(), append([]string{"prog"}, tt.args...))
 				if tt.wantErr {
 					assert.Error(t, err)
+					assert.Equal(t, tt.expectedOutput, stderr.String())
 				} else {
 					assert.NoError(t, err)
+					assert.Equal(t, tt.expectedOutput, stdout.String())
 				}
-				assert.Equal(t, tt.expectedOutput, out.String())
 			})
 		}
 	})
diff --git a/tests/integration/compare_test.go b/tests/integration/compare_test.go
index cbf927813e..0648777fed 100644
--- a/tests/integration/compare_test.go
+++ b/tests/integration/compare_test.go
@@ -133,7 +133,7 @@ func TestCompareCodeExpand(t *testing.T) {
 			Readme:        "Default",
 			AutoInit:      true,
 			DefaultBranch: "main",
-		})
+		}, true)
 		assert.NoError(t, err)
 
 		session := loginUser(t, user1.Name)
diff --git a/tests/integration/db_collation_test.go b/tests/integration/db_collation_test.go
index acec4aa5d1..339bfce71c 100644
--- a/tests/integration/db_collation_test.go
+++ b/tests/integration/db_collation_test.go
@@ -75,7 +75,7 @@ func TestDatabaseCollation(t *testing.T) {
 		defer test.MockVariableValue(&setting.Database.CharsetCollation, "utf8mb4_bin")()
 		r, err := db.CheckCollations(x)
 		assert.NoError(t, err)
-		assert.EqualValues(t, "utf8mb4_bin", r.ExpectedCollation)
+		assert.Equal(t, "utf8mb4_bin", r.ExpectedCollation)
 		assert.NoError(t, db.ConvertDatabaseTable())
 		r, err = db.CheckCollations(x)
 		assert.NoError(t, err)
diff --git a/tests/integration/delete_user_test.go b/tests/integration/delete_user_test.go
index ad3c882882..4b02c4725a 100644
--- a/tests/integration/delete_user_test.go
+++ b/tests/integration/delete_user_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"testing"
 
@@ -34,7 +33,7 @@ func TestUserDeleteAccount(t *testing.T) {
 
 	session := loginUser(t, "user8")
 	csrf := GetUserCSRFToken(t, session)
-	urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword)
+	urlStr := "/user/settings/account/delete?password=" + userPassword
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
@@ -49,7 +48,7 @@ func TestUserDeleteAccountStillOwnRepos(t *testing.T) {
 
 	session := loginUser(t, "user2")
 	csrf := GetUserCSRFToken(t, session)
-	urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword)
+	urlStr := "/user/settings/account/delete?password=" + userPassword
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
diff --git a/tests/integration/dump_restore_test.go b/tests/integration/dump_restore_test.go
index 54683becaa..d2d43075c3 100644
--- a/tests/integration/dump_restore_test.go
+++ b/tests/integration/dump_restore_test.go
@@ -178,7 +178,7 @@ func (c *compareDump) assertEquals(repoBefore, repoAfter *repo_model.Repository)
 		}).([]*base.Comment)
 		assert.True(c.t, ok)
 		for _, comment := range comments {
-			assert.EqualValues(c.t, issue.Number, comment.IssueIndex)
+			assert.Equal(c.t, issue.Number, comment.IssueIndex)
 		}
 	}
 
@@ -205,7 +205,7 @@ func (c *compareDump) assertEquals(repoBefore, repoAfter *repo_model.Repository)
 		comments, ok := c.assertEqual(filename, []base.Comment{}, compareFields{}).([]*base.Comment)
 		assert.True(c.t, ok)
 		for _, comment := range comments {
-			assert.EqualValues(c.t, pr.Number, comment.IssueIndex)
+			assert.Equal(c.t, pr.Number, comment.IssueIndex)
 		}
 	}
 }
@@ -213,7 +213,7 @@ func (c *compareDump) assertEquals(repoBefore, repoAfter *repo_model.Repository)
 func (c *compareDump) assertLoadYAMLFiles(beforeFilename, afterFilename string, before, after any) {
 	_, beforeErr := os.Stat(beforeFilename)
 	_, afterErr := os.Stat(afterFilename)
-	assert.EqualValues(c.t, errors.Is(beforeErr, os.ErrNotExist), errors.Is(afterErr, os.ErrNotExist))
+	assert.Equal(c.t, errors.Is(beforeErr, os.ErrNotExist), errors.Is(afterErr, os.ErrNotExist))
 	if errors.Is(beforeErr, os.ErrNotExist) {
 		return
 	}
@@ -265,7 +265,7 @@ func (c *compareDump) assertEqual(filename string, kind any, fields compareField
 }
 
 func (c *compareDump) assertEqualSlices(before, after reflect.Value, fields compareFields) any {
-	assert.EqualValues(c.t, before.Len(), after.Len())
+	assert.Equal(c.t, before.Len(), after.Len())
 	if before.Len() == after.Len() {
 		for i := 0; i < before.Len(); i++ {
 			_ = c.assertEqualValues(
@@ -298,15 +298,15 @@ func (c *compareDump) assertEqualValues(before, after reflect.Value, fields comp
 				assert.True(c.t, ok)
 				as, ok := ai.(string)
 				assert.True(c.t, ok)
-				assert.EqualValues(c.t, compare.transform(bs), compare.transform(as))
+				assert.Equal(c.t, compare.transform(bs), compare.transform(as))
 				continue
 			}
 			if compare.before != nil && compare.after != nil {
 				//
 				// The fields are expected to have different values
 				//
-				assert.EqualValues(c.t, compare.before, bi)
-				assert.EqualValues(c.t, compare.after, ai)
+				assert.Equal(c.t, compare.before, bi)
+				assert.Equal(c.t, compare.after, ai)
 				continue
 			}
 			if compare.nested != nil {
@@ -317,7 +317,7 @@ func (c *compareDump) assertEqualValues(before, after reflect.Value, fields comp
 				continue
 			}
 		}
-		assert.EqualValues(c.t, bi, ai)
+		assert.Equal(c.t, bi, ai)
 	}
 	return after.Interface()
 }
diff --git a/tests/integration/editor_test.go b/tests/integration/editor_test.go
index fa58b8df42..8c45d8881c 100644
--- a/tests/integration/editor_test.go
+++ b/tests/integration/editor_test.go
@@ -7,300 +7,296 @@ import (
 	"bytes"
 	"fmt"
 	"io"
+	"maps"
 	"mime/multipart"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"path"
+	"strings"
 	"testing"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
-	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/translation"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func TestCreateFile(t *testing.T) {
+func TestEditor(t *testing.T) {
 	onGiteaRun(t, func(t *testing.T, u *url.URL) {
-		session := loginUser(t, "user2")
-		testCreateFile(t, session, "user2", "repo1", "master", "test.txt", "Content")
+		sessionUser2 := loginUser(t, "user2")
+		t.Run("EditFileNotAllowed", testEditFileNotAllowed)
+		t.Run("DiffPreview", testEditorDiffPreview)
+		t.Run("CreateFile", testEditorCreateFile)
+		t.Run("EditFile", func(t *testing.T) {
+			testEditFile(t, sessionUser2, "user2", "repo1", "master", "README.md", "Hello, World (direct)\n")
+			testEditFileToNewBranch(t, sessionUser2, "user2", "repo1", "master", "feature/test", "README.md", "Hello, World (commit-to-new-branch)\n")
+		})
+		t.Run("PatchFile", testEditorPatchFile)
+		t.Run("DeleteFile", func(t *testing.T) {
+			viewLink := "/user2/repo1/src/branch/branch2/README.md"
+			sessionUser2.MakeRequest(t, NewRequest(t, "GET", viewLink), http.StatusOK)
+			testEditorActionPostRequest(t, sessionUser2, "/user2/repo1/_delete/branch2/README.md", map[string]string{"commit_choice": "direct"})
+			sessionUser2.MakeRequest(t, NewRequest(t, "GET", viewLink), http.StatusNotFound)
+		})
+		t.Run("ForkToEditFile", func(t *testing.T) {
+			testForkToEditFile(t, loginUser(t, "user4"), "user4", "user2", "repo1", "master", "README.md")
+		})
+		t.Run("WebGitCommitEmail", testEditorWebGitCommitEmail)
+		t.Run("ProtectedBranch", testEditorProtectedBranch)
 	})
 }
 
-func testCreateFile(t *testing.T, session *TestSession, user, repo, branch, filePath, content string) *httptest.ResponseRecorder {
-	// Request editor page
-	newURL := fmt.Sprintf("/%s/%s/_new/%s/", user, repo, branch)
-	req := NewRequest(t, "GET", newURL)
-	resp := session.MakeRequest(t, req, http.StatusOK)
-
-	doc := NewHTMLParser(t, resp.Body)
-	lastCommit := doc.GetInputValueByName("last_commit")
-	assert.NotEmpty(t, lastCommit)
+func testEditorCreateFile(t *testing.T) {
+	session := loginUser(t, "user2")
+	testCreateFile(t, session, "user2", "repo1", "master", "", "test.txt", "Content")
+	testEditorActionPostRequestError(t, session, "/user2/repo1/_new/master/", map[string]string{
+		"tree_path":       "test.txt",
+		"commit_choice":   "direct",
+		"new_branch_name": "master",
+	}, `A file named "test.txt" already exists in this repository.`)
+	testEditorActionPostRequestError(t, session, "/user2/repo1/_new/master/", map[string]string{
+		"tree_path":       "test.txt",
+		"commit_choice":   "commit-to-new-branch",
+		"new_branch_name": "master",
+	}, `Branch "master" already exists in this repository.`)
+}
 
-	// Save new file to master branch
-	req = NewRequestWithValues(t, "POST", newURL, map[string]string{
-		"_csrf":         doc.GetCSRF(),
-		"last_commit":   lastCommit,
-		"tree_path":     filePath,
-		"content":       content,
-		"commit_choice": "direct",
+func testCreateFile(t *testing.T, session *TestSession, user, repo, baseBranchName, newBranchName, filePath, content string) {
+	commitChoice := "direct"
+	if newBranchName != "" && newBranchName != baseBranchName {
+		commitChoice = "commit-to-new-branch"
+	}
+	testEditorActionEdit(t, session, user, repo, "_new", baseBranchName, "", map[string]string{
+		"tree_path":       filePath,
+		"content":         content,
+		"commit_choice":   commitChoice,
+		"new_branch_name": newBranchName,
 	})
-	return session.MakeRequest(t, req, http.StatusSeeOther)
 }
 
-func TestCreateFileOnProtectedBranch(t *testing.T) {
-	onGiteaRun(t, func(t *testing.T, u *url.URL) {
-		session := loginUser(t, "user2")
-
-		csrf := GetUserCSRFToken(t, session)
-		// Change master branch to protected
-		req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{
-			"_csrf":       csrf,
-			"rule_name":   "master",
-			"enable_push": "true",
-		})
-		session.MakeRequest(t, req, http.StatusSeeOther)
-		// Check if master branch has been locked successfully
-		flashMsg := session.GetCookieFlashMessage()
-		assert.EqualValues(t, `Branch protection for rule "master" has been updated.`, flashMsg.SuccessMsg)
-
-		// Request editor page
-		req = NewRequest(t, "GET", "/user2/repo1/_new/master/")
-		resp := session.MakeRequest(t, req, http.StatusOK)
-
-		doc := NewHTMLParser(t, resp.Body)
-		lastCommit := doc.GetInputValueByName("last_commit")
-		assert.NotEmpty(t, lastCommit)
-
-		// Save new file to master branch
-		req = NewRequestWithValues(t, "POST", "/user2/repo1/_new/master/", map[string]string{
-			"_csrf":         doc.GetCSRF(),
-			"last_commit":   lastCommit,
-			"tree_path":     "test.txt",
-			"content":       "Content",
-			"commit_choice": "direct",
-		})
-
-		resp = session.MakeRequest(t, req, http.StatusOK)
-		// Check body for error message
-		assert.Contains(t, resp.Body.String(), "Cannot commit to protected branch &#34;master&#34;.")
-
-		// remove the protected branch
-		csrf = GetUserCSRFToken(t, session)
-
-		// Change master branch to protected
-		req = NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/1/delete", map[string]string{
-			"_csrf": csrf,
-		})
-
-		resp = session.MakeRequest(t, req, http.StatusOK)
-
-		res := make(map[string]string)
-		assert.NoError(t, json.NewDecoder(resp.Body).Decode(&res))
-		assert.EqualValues(t, "/user2/repo1/settings/branches", res["redirect"])
-
-		// Check if master branch has been locked successfully
-		flashMsg = session.GetCookieFlashMessage()
-		assert.EqualValues(t, `Removing branch protection rule "1" failed.`, flashMsg.ErrorMsg)
+func testEditorProtectedBranch(t *testing.T) {
+	session := loginUser(t, "user2")
+	// Change the "master" branch to "protected"
+	req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{
+		"_csrf":       GetUserCSRFToken(t, session),
+		"rule_name":   "master",
+		"enable_push": "true",
 	})
+	session.MakeRequest(t, req, http.StatusSeeOther)
+	flashMsg := session.GetCookieFlashMessage()
+	assert.Equal(t, `Branch protection for rule "master" has been updated.`, flashMsg.SuccessMsg)
+
+	// Try to commit a file to the "master" branch and it should fail
+	resp := testEditorActionPostRequest(t, session, "/user2/repo1/_new/master/", map[string]string{"tree_path": "test-protected-branch.txt", "commit_choice": "direct"})
+	assert.Equal(t, http.StatusBadRequest, resp.Code)
+	assert.Equal(t, `Cannot commit to protected branch "master".`, test.ParseJSONError(resp.Body.Bytes()).ErrorMessage)
 }
 
-func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePath, newContent string) *httptest.ResponseRecorder {
-	// Get to the 'edit this file' page
-	req := NewRequest(t, "GET", path.Join(user, repo, "_edit", branch, filePath))
+func testEditorActionPostRequest(t *testing.T, session *TestSession, requestPath string, params map[string]string) *httptest.ResponseRecorder {
+	req := NewRequest(t, "GET", requestPath)
 	resp := session.MakeRequest(t, req, http.StatusOK)
-
 	htmlDoc := NewHTMLParser(t, resp.Body)
-	lastCommit := htmlDoc.GetInputValueByName("last_commit")
-	assert.NotEmpty(t, lastCommit)
-
-	// Submit the edits
-	req = NewRequestWithValues(t, "POST", path.Join(user, repo, "_edit", branch, filePath),
-		map[string]string{
-			"_csrf":         htmlDoc.GetCSRF(),
-			"last_commit":   lastCommit,
-			"tree_path":     filePath,
-			"content":       newContent,
-			"commit_choice": "direct",
-		},
-	)
-	session.MakeRequest(t, req, http.StatusSeeOther)
+	form := map[string]string{
+		"_csrf":       htmlDoc.GetCSRF(),
+		"last_commit": htmlDoc.GetInputValueByName("last_commit"),
+	}
+	maps.Copy(form, params)
+	req = NewRequestWithValues(t, "POST", requestPath, form)
+	return session.MakeRequest(t, req, NoExpectedStatus)
+}
 
-	// Verify the change
-	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", branch, filePath))
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, newContent, resp.Body.String())
+func testEditorActionPostRequestError(t *testing.T, session *TestSession, requestPath string, params map[string]string, errorMessage string) {
+	resp := testEditorActionPostRequest(t, session, requestPath, params)
+	assert.Equal(t, http.StatusBadRequest, resp.Code)
+	assert.Equal(t, errorMessage, test.ParseJSONError(resp.Body.Bytes()).ErrorMessage)
+}
 
+func testEditorActionEdit(t *testing.T, session *TestSession, user, repo, editorAction, branch, filePath string, params map[string]string) *httptest.ResponseRecorder {
+	params["tree_path"] = util.IfZero(params["tree_path"], filePath)
+	newBranchName := util.Iif(params["commit_choice"] == "direct", branch, params["new_branch_name"])
+	resp := testEditorActionPostRequest(t, session, fmt.Sprintf("/%s/%s/%s/%s/%s", user, repo, editorAction, branch, filePath), params)
+	assert.Equal(t, http.StatusOK, resp.Code)
+	assert.NotEmpty(t, test.RedirectURL(resp))
+	req := NewRequest(t, "GET", path.Join(user, repo, "raw/branch", newBranchName, params["tree_path"]))
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	assert.Equal(t, params["content"], resp.Body.String())
 	return resp
 }
 
-func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, branch, targetBranch, filePath, newContent string) *httptest.ResponseRecorder {
-	// Get to the 'edit this file' page
-	req := NewRequest(t, "GET", path.Join(user, repo, "_edit", branch, filePath))
-	resp := session.MakeRequest(t, req, http.StatusOK)
-
-	htmlDoc := NewHTMLParser(t, resp.Body)
-	lastCommit := htmlDoc.GetInputValueByName("last_commit")
-	assert.NotEmpty(t, lastCommit)
-
-	// Submit the edits
-	req = NewRequestWithValues(t, "POST", path.Join(user, repo, "_edit", branch, filePath),
-		map[string]string{
-			"_csrf":           htmlDoc.GetCSRF(),
-			"last_commit":     lastCommit,
-			"tree_path":       filePath,
-			"content":         newContent,
-			"commit_choice":   "commit-to-new-branch",
-			"new_branch_name": targetBranch,
-		},
-	)
-	session.MakeRequest(t, req, http.StatusSeeOther)
-
-	// Verify the change
-	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", targetBranch, filePath))
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, newContent, resp.Body.String())
+func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePath, newContent string) {
+	testEditorActionEdit(t, session, user, repo, "_edit", branch, filePath, map[string]string{
+		"content":       newContent,
+		"commit_choice": "direct",
+	})
+}
 
-	return resp
+func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, branch, targetBranch, filePath, newContent string) {
+	testEditorActionEdit(t, session, user, repo, "_edit", branch, filePath, map[string]string{
+		"content":         newContent,
+		"commit_choice":   "commit-to-new-branch",
+		"new_branch_name": targetBranch,
+	})
 }
 
-func TestEditFile(t *testing.T) {
-	onGiteaRun(t, func(t *testing.T, u *url.URL) {
-		session := loginUser(t, "user2")
-		testEditFile(t, session, "user2", "repo1", "master", "README.md", "Hello, World (Edited)\n")
+func testEditorDiffPreview(t *testing.T) {
+	session := loginUser(t, "user2")
+	req := NewRequestWithValues(t, "POST", "/user2/repo1/_preview/master/README.md", map[string]string{
+		"_csrf":   GetUserCSRFToken(t, session),
+		"content": "Hello, World (Edited)\n",
 	})
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.Contains(t, resp.Body.String(), `<span class="added-code">Hello, World (Edited)</span>`)
 }
 
-func TestEditFileToNewBranch(t *testing.T) {
-	onGiteaRun(t, func(t *testing.T, u *url.URL) {
-		session := loginUser(t, "user2")
-		testEditFileToNewBranch(t, session, "user2", "repo1", "master", "feature/test", "README.md", "Hello, World (Edited)\n")
+func testEditorPatchFile(t *testing.T) {
+	session := loginUser(t, "user2")
+	pathContentCommon := `diff --git a/patch-file-1.txt b/patch-file-1.txt
+new file mode 100644
+index 0000000000..aaaaaaaaaa
+--- /dev/null
++++ b/patch-file-1.txt
+@@ -0,0 +1 @@
++`
+	testEditorActionPostRequest(t, session, "/user2/repo1/_diffpatch/master/", map[string]string{
+		"content":         pathContentCommon + "patched content\n",
+		"commit_choice":   "commit-to-new-branch",
+		"new_branch_name": "patched-branch",
+	})
+	resp := MakeRequest(t, NewRequest(t, "GET", "/user2/repo1/raw/branch/patched-branch/patch-file-1.txt"), http.StatusOK)
+	assert.Equal(t, "patched content\n", resp.Body.String())
+
+	// patch again, it should fail
+	resp = testEditorActionPostRequest(t, session, "/user2/repo1/_diffpatch/patched-branch/", map[string]string{
+		"content":         pathContentCommon + "another patched content\n",
+		"commit_choice":   "commit-to-new-branch",
+		"new_branch_name": "patched-branch-1",
 	})
+	assert.Equal(t, "Unable to apply patch", test.ParseJSONError(resp.Body.Bytes()).ErrorMessage)
 }
 
-func TestWebGitCommitEmail(t *testing.T) {
-	onGiteaRun(t, func(t *testing.T, _ *url.URL) {
-		user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-		require.True(t, user.KeepEmailPrivate)
-
-		repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-		gitRepo, _ := git.OpenRepository(git.DefaultContext, repo1.RepoPath())
-		defer gitRepo.Close()
-		getLastCommit := func(t *testing.T) *git.Commit {
-			c, err := gitRepo.GetBranchCommit("master")
-			require.NoError(t, err)
-			return c
+func testEditorWebGitCommitEmail(t *testing.T) {
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	require.True(t, user.KeepEmailPrivate)
+
+	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+	gitRepo, _ := git.OpenRepository(git.DefaultContext, repo1.RepoPath())
+	defer gitRepo.Close()
+	getLastCommit := func(t *testing.T) *git.Commit {
+		c, err := gitRepo.GetBranchCommit("master")
+		require.NoError(t, err)
+		return c
+	}
+
+	session := loginUser(t, user.Name)
+
+	makeReq := func(t *testing.T, link string, params map[string]string, expectedUserName, expectedEmail string) *httptest.ResponseRecorder {
+		lastCommit := getLastCommit(t)
+		params["_csrf"] = GetUserCSRFToken(t, session)
+		params["last_commit"] = lastCommit.ID.String()
+		params["commit_choice"] = "direct"
+		req := NewRequestWithValues(t, "POST", link, params)
+		resp := session.MakeRequest(t, req, NoExpectedStatus)
+		newCommit := getLastCommit(t)
+		if expectedUserName == "" {
+			require.Equal(t, lastCommit.ID.String(), newCommit.ID.String())
+			respErr := test.ParseJSONError(resp.Body.Bytes())
+			assert.Equal(t, translation.NewLocale("en-US").TrString("repo.editor.invalid_commit_email"), respErr.ErrorMessage)
+		} else {
+			require.NotEqual(t, lastCommit.ID.String(), newCommit.ID.String())
+			assert.Equal(t, expectedUserName, newCommit.Author.Name)
+			assert.Equal(t, expectedEmail, newCommit.Author.Email)
+			assert.Equal(t, expectedUserName, newCommit.Committer.Name)
+			assert.Equal(t, expectedEmail, newCommit.Committer.Email)
 		}
+		return resp
+	}
+
+	uploadFile := func(t *testing.T, name, content string) string {
+		body := &bytes.Buffer{}
+		uploadForm := multipart.NewWriter(body)
+		file, _ := uploadForm.CreateFormFile("file", name)
+		_, _ = io.Copy(file, strings.NewReader(content))
+		_ = uploadForm.WriteField("_csrf", GetUserCSRFToken(t, session))
+		_ = uploadForm.Close()
+
+		req := NewRequestWithBody(t, "POST", "/user2/repo1/upload-file", body)
+		req.Header.Add("Content-Type", uploadForm.FormDataContentType())
+		resp := session.MakeRequest(t, req, http.StatusOK)
 
-		session := loginUser(t, user.Name)
-
-		makeReq := func(t *testing.T, link string, params map[string]string, expectedUserName, expectedEmail string) *httptest.ResponseRecorder {
-			lastCommit := getLastCommit(t)
-			params["_csrf"] = GetUserCSRFToken(t, session)
-			params["last_commit"] = lastCommit.ID.String()
-			params["commit_choice"] = "direct"
-			req := NewRequestWithValues(t, "POST", link, params)
-			resp := session.MakeRequest(t, req, NoExpectedStatus)
-			newCommit := getLastCommit(t)
-			if expectedUserName == "" {
-				require.Equal(t, lastCommit.ID.String(), newCommit.ID.String())
-				htmlDoc := NewHTMLParser(t, resp.Body)
-				errMsg := htmlDoc.doc.Find(".ui.negative.message").Text()
-				assert.Contains(t, errMsg, translation.NewLocale("en-US").Tr("repo.editor.invalid_commit_email"))
-			} else {
-				require.NotEqual(t, lastCommit.ID.String(), newCommit.ID.String())
-				assert.EqualValues(t, expectedUserName, newCommit.Author.Name)
-				assert.EqualValues(t, expectedEmail, newCommit.Author.Email)
-				assert.EqualValues(t, expectedUserName, newCommit.Committer.Name)
-				assert.EqualValues(t, expectedEmail, newCommit.Committer.Email)
-			}
-			return resp
-		}
+		respMap := map[string]string{}
+		DecodeJSON(t, resp, &respMap)
+		return respMap["uuid"]
+	}
+
+	t.Run("EmailInactive", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		email := unittest.AssertExistsAndLoadBean(t, &user_model.EmailAddress{ID: 35, UID: user.ID})
+		require.False(t, email.IsActivated)
+		makeReq(t, "/user2/repo1/_edit/master/README.md", map[string]string{
+			"tree_path":    "README.md",
+			"content":      "test content",
+			"commit_email": email.Email,
+		}, "", "")
+	})
 
-		uploadFile := func(t *testing.T, name, content string) string {
-			body := &bytes.Buffer{}
-			uploadForm := multipart.NewWriter(body)
-			file, _ := uploadForm.CreateFormFile("file", name)
-			_, _ = io.Copy(file, bytes.NewBufferString(content))
-			_ = uploadForm.WriteField("_csrf", GetUserCSRFToken(t, session))
-			_ = uploadForm.Close()
-
-			req := NewRequestWithBody(t, "POST", "/user2/repo1/upload-file", body)
-			req.Header.Add("Content-Type", uploadForm.FormDataContentType())
-			resp := session.MakeRequest(t, req, http.StatusOK)
-
-			respMap := map[string]string{}
-			DecodeJSON(t, resp, &respMap)
-			return respMap["uuid"]
-		}
+	t.Run("EmailInvalid", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		email := unittest.AssertExistsAndLoadBean(t, &user_model.EmailAddress{ID: 1, IsActivated: true})
+		require.NotEqual(t, email.UID, user.ID)
+		makeReq(t, "/user2/repo1/_edit/master/README.md", map[string]string{
+			"tree_path":    "README.md",
+			"content":      "test content",
+			"commit_email": email.Email,
+		}, "", "")
+	})
 
-		t.Run("EmailInactive", func(t *testing.T) {
+	testWebGit := func(t *testing.T, linkForKeepPrivate string, paramsForKeepPrivate map[string]string, linkForChosenEmail string, paramsForChosenEmail map[string]string) (resp1, resp2 *httptest.ResponseRecorder) {
+		t.Run("DefaultEmailKeepPrivate", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
-			email := unittest.AssertExistsAndLoadBean(t, &user_model.EmailAddress{ID: 35, UID: user.ID})
-			require.False(t, email.IsActivated)
-			makeReq(t, "/user2/repo1/_edit/master/README.md", map[string]string{
-				"tree_path":    "README.md",
-				"content":      "test content",
-				"commit_email": email.Email,
-			}, "", "")
+			paramsForKeepPrivate["commit_email"] = ""
+			resp1 = makeReq(t, linkForKeepPrivate, paramsForKeepPrivate, "User Two", "user2@noreply.example.org")
 		})
-
-		t.Run("EmailInvalid", func(t *testing.T) {
+		t.Run("ChooseEmail", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
-			email := unittest.AssertExistsAndLoadBean(t, &user_model.EmailAddress{ID: 1, IsActivated: true})
-			require.NotEqualValues(t, email.UID, user.ID)
-			makeReq(t, "/user2/repo1/_edit/master/README.md", map[string]string{
-				"tree_path":    "README.md",
-				"content":      "test content",
-				"commit_email": email.Email,
-			}, "", "")
-		})
-
-		testWebGit := func(t *testing.T, linkForKeepPrivate string, paramsForKeepPrivate map[string]string, linkForChosenEmail string, paramsForChosenEmail map[string]string) (resp1, resp2 *httptest.ResponseRecorder) {
-			t.Run("DefaultEmailKeepPrivate", func(t *testing.T) {
-				defer tests.PrintCurrentTest(t)()
-				paramsForKeepPrivate["commit_email"] = ""
-				resp1 = makeReq(t, linkForKeepPrivate, paramsForKeepPrivate, "User Two", "user2@noreply.example.org")
-			})
-			t.Run("ChooseEmail", func(t *testing.T) {
-				defer tests.PrintCurrentTest(t)()
-				paramsForChosenEmail["commit_email"] = "user2@example.com"
-				resp2 = makeReq(t, linkForChosenEmail, paramsForChosenEmail, "User Two", "user2@example.com")
-			})
-			return resp1, resp2
-		}
-
-		t.Run("Edit", func(t *testing.T) {
-			testWebGit(t,
-				"/user2/repo1/_edit/master/README.md", map[string]string{"tree_path": "README.md", "content": "for keep private"},
-				"/user2/repo1/_edit/master/README.md", map[string]string{"tree_path": "README.md", "content": "for chosen email"},
-			)
+			paramsForChosenEmail["commit_email"] = "user2@example.com"
+			resp2 = makeReq(t, linkForChosenEmail, paramsForChosenEmail, "User Two", "user2@example.com")
 		})
+		return resp1, resp2
+	}
+
+	t.Run("Edit", func(t *testing.T) {
+		testWebGit(t,
+			"/user2/repo1/_edit/master/README.md", map[string]string{"tree_path": "README.md", "content": "for keep private"},
+			"/user2/repo1/_edit/master/README.md", map[string]string{"tree_path": "README.md", "content": "for chosen email"},
+		)
+	})
 
-		t.Run("UploadDelete", func(t *testing.T) {
-			file1UUID := uploadFile(t, "file1", "File 1")
-			file2UUID := uploadFile(t, "file2", "File 2")
-			testWebGit(t,
-				"/user2/repo1/_upload/master", map[string]string{"files": file1UUID},
-				"/user2/repo1/_upload/master", map[string]string{"files": file2UUID},
-			)
-			testWebGit(t,
-				"/user2/repo1/_delete/master/file1", map[string]string{},
-				"/user2/repo1/_delete/master/file2", map[string]string{},
-			)
-		})
+	t.Run("UploadDelete", func(t *testing.T) {
+		file1UUID := uploadFile(t, "file1", "File 1")
+		file2UUID := uploadFile(t, "file2", "File 2")
+		testWebGit(t,
+			"/user2/repo1/_upload/master", map[string]string{"files": file1UUID},
+			"/user2/repo1/_upload/master", map[string]string{"files": file2UUID},
+		)
+		testWebGit(t,
+			"/user2/repo1/_delete/master/file1", map[string]string{},
+			"/user2/repo1/_delete/master/file2", map[string]string{},
+		)
+	})
 
-		t.Run("ApplyPatchCherryPick", func(t *testing.T) {
-			testWebGit(t,
-				"/user2/repo1/_diffpatch/master", map[string]string{
-					"tree_path": "__dummy__",
-					"content": `diff --git a/patch-file-1.txt b/patch-file-1.txt
+	t.Run("ApplyPatchCherryPick", func(t *testing.T) {
+		testWebGit(t,
+			"/user2/repo1/_diffpatch/master", map[string]string{
+				"tree_path": "__dummy__",
+				"content": `diff --git a/patch-file-1.txt b/patch-file-1.txt
 new file mode 100644
 index 0000000000..aaaaaaaaaa
 --- /dev/null
@@ -308,10 +304,10 @@ index 0000000000..aaaaaaaaaa
 @@ -0,0 +1 @@
 +File 1
 `,
-				},
-				"/user2/repo1/_diffpatch/master", map[string]string{
-					"tree_path": "__dummy__",
-					"content": `diff --git a/patch-file-2.txt b/patch-file-2.txt
+			},
+			"/user2/repo1/_diffpatch/master", map[string]string{
+				"tree_path": "__dummy__",
+				"content": `diff --git a/patch-file-2.txt b/patch-file-2.txt
 new file mode 100644
 index 0000000000..bbbbbbbbbb
 --- /dev/null
@@ -319,20 +315,146 @@ index 0000000000..bbbbbbbbbb
 @@ -0,0 +1 @@
 +File 2
 `,
-				},
-			)
-
-			commit1, err := gitRepo.GetCommitByPath("patch-file-1.txt")
-			require.NoError(t, err)
-			commit2, err := gitRepo.GetCommitByPath("patch-file-2.txt")
-			require.NoError(t, err)
-			resp1, _ := testWebGit(t,
-				"/user2/repo1/_cherrypick/"+commit1.ID.String()+"/master", map[string]string{"revert": "true"},
-				"/user2/repo1/_cherrypick/"+commit2.ID.String()+"/master", map[string]string{"revert": "true"},
-			)
-
-			// By the way, test the "cherrypick" page: a successful revert redirects to the main branch
-			assert.EqualValues(t, "/user2/repo1/src/branch/master", resp1.Header().Get("Location"))
-		})
+			},
+		)
+
+		commit1, err := gitRepo.GetCommitByPath("patch-file-1.txt")
+		require.NoError(t, err)
+		commit2, err := gitRepo.GetCommitByPath("patch-file-2.txt")
+		require.NoError(t, err)
+		resp1, _ := testWebGit(t,
+			"/user2/repo1/_cherrypick/"+commit1.ID.String()+"/master", map[string]string{"revert": "true"},
+			"/user2/repo1/_cherrypick/"+commit2.ID.String()+"/master", map[string]string{"revert": "true"},
+		)
+
+		// By the way, test the "cherrypick" page: a successful revert redirects to the main branch
+		assert.Equal(t, "/user2/repo1/src/branch/master", test.RedirectURL(resp1))
 	})
 }
+
+func testForkToEditFile(t *testing.T, session *TestSession, user, owner, repo, branch, filePath string) {
+	forkToEdit := func(t *testing.T, session *TestSession, owner, repo, operation, branch, filePath string) {
+		// visit the base repo, see the "Add File" button
+		req := NewRequest(t, "GET", path.Join(owner, repo))
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		htmlDoc := NewHTMLParser(t, resp.Body)
+		AssertHTMLElement(t, htmlDoc, ".repo-add-file", 1)
+
+		// attempt to edit a file, see the guideline page
+		req = NewRequest(t, "GET", path.Join(owner, repo, operation, branch, filePath))
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.Contains(t, resp.Body.String(), "Fork Repository to Propose Changes")
+
+		// fork the repository
+		req = NewRequestWithValues(t, "POST", path.Join(owner, repo, "_fork", branch), map[string]string{"_csrf": GetUserCSRFToken(t, session)})
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.JSONEq(t, `{"redirect":""}`, resp.Body.String())
+	}
+
+	t.Run("ForkButArchived", func(t *testing.T) {
+		// Fork repository because we can't edit it
+		forkToEdit(t, session, owner, repo, "_edit", branch, filePath)
+
+		// Archive the repository
+		req := NewRequestWithValues(t, "POST", path.Join(user, repo, "settings"),
+			map[string]string{
+				"_csrf":     GetUserCSRFToken(t, session),
+				"repo_name": repo,
+				"action":    "archive",
+			},
+		)
+		session.MakeRequest(t, req, http.StatusSeeOther)
+
+		// Check editing archived repository is disabled
+		req = NewRequest(t, "GET", path.Join(owner, repo, "_edit", branch, filePath)).SetHeader("Accept", "text/html")
+		resp := session.MakeRequest(t, req, http.StatusNotFound)
+		assert.Contains(t, resp.Body.String(), "You have forked this repository but your fork is not editable.")
+
+		// Unfork the repository
+		req = NewRequestWithValues(t, "POST", path.Join(user, repo, "settings"),
+			map[string]string{
+				"_csrf":     GetUserCSRFToken(t, session),
+				"repo_name": repo,
+				"action":    "convert_fork",
+			},
+		)
+		session.MakeRequest(t, req, http.StatusSeeOther)
+	})
+
+	// Fork repository again, and check the existence of the forked repo with unique name
+	forkToEdit(t, session, owner, repo, "_edit", branch, filePath)
+	session.MakeRequest(t, NewRequestf(t, "GET", "/%s/%s-1", user, repo), http.StatusOK)
+
+	t.Run("CheckBaseRepoForm", func(t *testing.T) {
+		// the base repo's edit form should have the correct action and upload links (pointing to the forked repo)
+		req := NewRequest(t, "GET", path.Join(owner, repo, "_upload", branch, filePath)+"?foo=bar")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		htmlDoc := NewHTMLParser(t, resp.Body)
+
+		uploadForm := htmlDoc.doc.Find(".form-fetch-action")
+		formAction := uploadForm.AttrOr("action", "")
+		assert.Equal(t, fmt.Sprintf("/%s/%s-1/_upload/%s/%s?from_base_branch=%s&foo=bar", user, repo, branch, filePath, branch), formAction)
+		uploadLink := uploadForm.Find(".dropzone").AttrOr("data-link-url", "")
+		assert.Equal(t, fmt.Sprintf("/%s/%s-1/upload-file", user, repo), uploadLink)
+		newBranchName := uploadForm.Find("input[name=new_branch_name]").AttrOr("value", "")
+		assert.Equal(t, user+"-patch-1", newBranchName)
+		commitChoice := uploadForm.Find("input[name=commit_choice][checked]").AttrOr("value", "")
+		assert.Equal(t, "commit-to-new-branch", commitChoice)
+		lastCommit := uploadForm.Find("input[name=last_commit]").AttrOr("value", "")
+		assert.NotEmpty(t, lastCommit)
+	})
+
+	t.Run("ViewBaseEditFormAndCommitToFork", func(t *testing.T) {
+		req := NewRequest(t, "GET", path.Join(owner, repo, "_edit", branch, filePath))
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		htmlDoc := NewHTMLParser(t, resp.Body)
+		editRequestForm := map[string]string{
+			"_csrf":         GetUserCSRFToken(t, session),
+			"last_commit":   htmlDoc.GetInputValueByName("last_commit"),
+			"tree_path":     filePath,
+			"content":       "new content in fork",
+			"commit_choice": "commit-to-new-branch",
+		}
+		// change a file in the forked repo with existing branch name (should fail)
+		editRequestForm["new_branch_name"] = "master"
+		req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s-1/_edit/%s/%s?from_base_branch=%s", user, repo, branch, filePath, branch), editRequestForm)
+		resp = session.MakeRequest(t, req, http.StatusBadRequest)
+		respJSON := test.ParseJSONError(resp.Body.Bytes())
+		assert.Equal(t, `Branch "master" already exists in your fork. Please choose a new branch name.`, respJSON.ErrorMessage)
+
+		// change a file in the forked repo (should succeed)
+		newBranchName := htmlDoc.GetInputValueByName("new_branch_name")
+		editRequestForm["new_branch_name"] = newBranchName
+		req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s-1/_edit/%s/%s?from_base_branch=%s", user, repo, branch, filePath, branch), editRequestForm)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.Equal(t, fmt.Sprintf("/%s/%s/compare/%s...%s/%s-1:%s", owner, repo, branch, user, repo, newBranchName), test.RedirectURL(resp))
+
+		// check the file in the fork's branch is changed
+		req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s-1/src/branch/%s/%s", user, repo, newBranchName, filePath))
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.Contains(t, resp.Body.String(), "new content in fork")
+	})
+}
+
+func testEditFileNotAllowed(t *testing.T) {
+	sessionUser1 := loginUser(t, "user1") // admin, all access
+	sessionUser4 := loginUser(t, "user4")
+	// "_cherrypick" has a different route pattern, so skip its test
+	operations := []string{"_new", "_edit", "_delete", "_upload", "_diffpatch"}
+	for _, operation := range operations {
+		t.Run(operation, func(t *testing.T) {
+			// Branch does not exist
+			targetLink := path.Join("user2", "repo1", operation, "missing", "README.md")
+			sessionUser1.MakeRequest(t, NewRequest(t, "GET", targetLink), http.StatusNotFound)
+
+			// Private repository
+			targetLink = path.Join("user2", "repo2", operation, "master", "Home.md")
+			sessionUser1.MakeRequest(t, NewRequest(t, "GET", targetLink), http.StatusOK)
+			sessionUser4.MakeRequest(t, NewRequest(t, "GET", targetLink), http.StatusNotFound)
+
+			// Empty repository
+			targetLink = path.Join("org41", "repo61", operation, "master", "README.md")
+			sessionUser1.MakeRequest(t, NewRequest(t, "GET", targetLink), http.StatusNotFound)
+		})
+	}
+}
diff --git a/tests/integration/empty_repo_test.go b/tests/integration/empty_repo_test.go
index e122531dc9..127df5919d 100644
--- a/tests/integration/empty_repo_test.go
+++ b/tests/integration/empty_repo_test.go
@@ -10,7 +10,7 @@ import (
 	"io"
 	"mime/multipart"
 	"net/http"
-	"net/http/httptest"
+	"strings"
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
@@ -22,13 +22,14 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func testAPINewFile(t *testing.T, session *TestSession, user, repo, branch, treePath, content string) *httptest.ResponseRecorder {
+func testAPINewFile(t *testing.T, session *TestSession, user, repo, branch, treePath, content string) {
 	url := fmt.Sprintf("/%s/%s/_new/%s", user, repo, branch)
 	req := NewRequestWithValues(t, "POST", url, map[string]string{
 		"_csrf":         GetUserCSRFToken(t, session),
@@ -36,7 +37,8 @@ func testAPINewFile(t *testing.T, session *TestSession, user, repo, branch, tree
 		"tree_path":     treePath,
 		"content":       content,
 	})
-	return session.MakeRequest(t, req, http.StatusSeeOther)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.NotEmpty(t, test.RedirectURL(resp))
 }
 
 func TestEmptyRepo(t *testing.T) {
@@ -73,6 +75,11 @@ func TestEmptyRepoAddFile(t *testing.T) {
 	req = NewRequest(t, "GET", "/api/v1/repos/user30/empty/raw/main/README.md").AddTokenAuth(token)
 	session.MakeRequest(t, req, http.StatusNotFound)
 
+	// test feed
+	req = NewRequest(t, "GET", "/user30/empty/rss/branch/main/README.md").AddTokenAuth(token).SetHeader("Accept", "application/rss+xml")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	assert.Contains(t, resp.Body.String(), "</rss>")
+
 	// create a new file
 	req = NewRequest(t, "GET", "/user30/empty/_new/"+setting.Repository.DefaultBranch)
 	resp = session.MakeRequest(t, req, http.StatusOK)
@@ -85,7 +92,7 @@ func TestEmptyRepoAddFile(t *testing.T) {
 		"content":       "newly-added-test-file",
 	})
 
-	resp = session.MakeRequest(t, req, http.StatusSeeOther)
+	resp = session.MakeRequest(t, req, http.StatusOK)
 	redirect := test.RedirectURL(resp)
 	assert.Equal(t, "/user30/empty/src/branch/"+setting.Repository.DefaultBranch+"/test-file.md", redirect)
 
@@ -99,22 +106,29 @@ func TestEmptyRepoAddFile(t *testing.T) {
 	assert.Contains(t, resp.Body.String(), "test-file.md")
 
 	// if the repo is in incorrect state, it should be able to self-heal (recover to correct state)
-	user30EmptyRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: 30, Name: "empty"})
-	user30EmptyRepo.IsEmpty = true
-	user30EmptyRepo.DefaultBranch = "no-such"
-	_, err := db.GetEngine(db.DefaultContext).ID(user30EmptyRepo.ID).Cols("is_empty", "default_branch").Update(user30EmptyRepo)
-	require.NoError(t, err)
-	user30EmptyRepo = unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: 30, Name: "empty"})
-	assert.True(t, user30EmptyRepo.IsEmpty)
-
-	req = NewRequest(t, "GET", "/user30/empty")
-	resp = session.MakeRequest(t, req, http.StatusSeeOther)
-	redirect = test.RedirectURL(resp)
-	assert.Equal(t, "/user30/empty", redirect)
-
-	req = NewRequest(t, "GET", "/user30/empty")
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	assert.Contains(t, resp.Body.String(), "test-file.md")
+	testEmptyOrBrokenRecover := func(t *testing.T, isEmpty, isBroken bool) {
+		user30EmptyRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: 30, Name: "empty"})
+		user30EmptyRepo.IsEmpty = isEmpty
+		user30EmptyRepo.Status = util.Iif(isBroken, repo_model.RepositoryBroken, repo_model.RepositoryReady)
+		user30EmptyRepo.DefaultBranch = "no-such"
+		_, err := db.GetEngine(db.DefaultContext).ID(user30EmptyRepo.ID).Cols("is_empty", "status", "default_branch").Update(user30EmptyRepo)
+		require.NoError(t, err)
+		user30EmptyRepo = unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerID: 30, Name: "empty"})
+		assert.Equal(t, isEmpty, user30EmptyRepo.IsEmpty)
+		assert.Equal(t, isBroken, user30EmptyRepo.Status == repo_model.RepositoryBroken)
+
+		req = NewRequest(t, "GET", "/user30/empty")
+		resp = session.MakeRequest(t, req, http.StatusSeeOther)
+		redirect = test.RedirectURL(resp)
+		assert.Equal(t, "/user30/empty", redirect)
+
+		req = NewRequest(t, "GET", "/user30/empty")
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.Contains(t, resp.Body.String(), "test-file.md")
+	}
+	testEmptyOrBrokenRecover(t, true, false)
+	testEmptyOrBrokenRecover(t, false, true)
+	testEmptyOrBrokenRecover(t, true, true)
 }
 
 func TestEmptyRepoUploadFile(t *testing.T) {
@@ -130,7 +144,7 @@ func TestEmptyRepoUploadFile(t *testing.T) {
 	mpForm := multipart.NewWriter(body)
 	_ = mpForm.WriteField("_csrf", GetUserCSRFToken(t, session))
 	file, _ := mpForm.CreateFormFile("file", "uploaded-file.txt")
-	_, _ = io.Copy(file, bytes.NewBufferString("newly-uploaded-test-file"))
+	_, _ = io.Copy(file, strings.NewReader("newly-uploaded-test-file"))
 	_ = mpForm.Close()
 
 	req = NewRequestWithBody(t, "POST", "/user30/empty/upload-file", body)
@@ -145,9 +159,9 @@ func TestEmptyRepoUploadFile(t *testing.T) {
 		"files":         respMap["uuid"],
 		"tree_path":     "",
 	})
-	resp = session.MakeRequest(t, req, http.StatusSeeOther)
+	resp = session.MakeRequest(t, req, http.StatusOK)
 	redirect := test.RedirectURL(resp)
-	assert.Equal(t, "/user30/empty/src/branch/"+setting.Repository.DefaultBranch+"/", redirect)
+	assert.Equal(t, "/user30/empty/src/branch/"+setting.Repository.DefaultBranch, redirect)
 
 	req = NewRequest(t, "GET", redirect)
 	resp = session.MakeRequest(t, req, http.StatusOK)
@@ -172,7 +186,7 @@ func TestEmptyRepoAddFileByAPI(t *testing.T) {
 	var fileResponse api.FileResponse
 	DecodeJSON(t, resp, &fileResponse)
 	expectedHTMLURL := setting.AppURL + "user30/empty/src/branch/new_branch/new-file.txt"
-	assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+	assert.Equal(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
 
 	req = NewRequest(t, "GET", "/user30/empty/src/branch/new_branch/new-file.txt")
 	resp = session.MakeRequest(t, req, http.StatusOK)
diff --git a/tests/integration/ephemeral_actions_runner_deletion_test.go b/tests/integration/ephemeral_actions_runner_deletion_test.go
new file mode 100644
index 0000000000..40f8c643a8
--- /dev/null
+++ b/tests/integration/ephemeral_actions_runner_deletion_test.go
@@ -0,0 +1,77 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"testing"
+
+	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/util"
+	repo_service "code.gitea.io/gitea/services/repository"
+	user_service "code.gitea.io/gitea/services/user"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestEphemeralActionsRunnerDeletion(t *testing.T) {
+	t.Run("ByTaskCompletion", testEphemeralActionsRunnerDeletionByTaskCompletion)
+	t.Run("ByRepository", testEphemeralActionsRunnerDeletionByRepository)
+	t.Run("ByUser", testEphemeralActionsRunnerDeletionByUser)
+}
+
+// Test that the ephemeral runner is deleted when the task is finished
+func testEphemeralActionsRunnerDeletionByTaskCompletion(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	_, err := actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.NoError(t, err)
+
+	task := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionTask{ID: 52})
+	assert.Equal(t, actions_model.StatusRunning, task.Status)
+
+	task.Status = actions_model.StatusSuccess
+	err = actions_model.UpdateTask(t.Context(), task, "status")
+	assert.NoError(t, err)
+
+	_, err = actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.ErrorIs(t, err, util.ErrNotExist)
+}
+
+func testEphemeralActionsRunnerDeletionByRepository(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	_, err := actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.NoError(t, err)
+
+	task := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionTask{ID: 52})
+	assert.Equal(t, actions_model.StatusRunning, task.Status)
+
+	err = repo_service.DeleteRepositoryDirectly(t.Context(), task.RepoID, true)
+	assert.NoError(t, err)
+
+	_, err = actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.ErrorIs(t, err, util.ErrNotExist)
+}
+
+// Test that the ephemeral runner is deleted when a user is deleted
+func testEphemeralActionsRunnerDeletionByUser(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	_, err := actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.NoError(t, err)
+
+	task := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionTask{ID: 52})
+	assert.Equal(t, actions_model.StatusRunning, task.Status)
+
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+
+	err = user_service.DeleteUser(t.Context(), user, true)
+	assert.NoError(t, err)
+
+	_, err = actions_model.GetRunnerByID(t.Context(), 34350)
+	assert.ErrorIs(t, err, util.ErrNotExist)
+}
diff --git a/tests/integration/feed_repo_test.go b/tests/integration/feed_repo_test.go
index 132ed32ced..2915b9b3f4 100644
--- a/tests/integration/feed_repo_test.go
+++ b/tests/integration/feed_repo_test.go
@@ -29,7 +29,7 @@ func TestFeedRepo(t *testing.T) {
 		assert.Contains(t, rss.Channel.Link, "/user2/repo1")
 		assert.NotEmpty(t, rss.Channel.PubDate)
 		assert.Len(t, rss.Channel.Items, 1)
-		assert.EqualValues(t, "issue5", rss.Channel.Items[0].Description)
+		assert.Equal(t, "issue5", rss.Channel.Items[0].Description)
 		assert.NotEmpty(t, rss.Channel.Items[0].PubDate)
 	})
 }
diff --git a/tests/integration/git_general_test.go b/tests/integration/git_general_test.go
index 95ffe20c35..e72b7b4ff1 100644
--- a/tests/integration/git_general_test.go
+++ b/tests/integration/git_general_test.go
@@ -11,9 +11,12 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"os/exec"
 	"path"
 	"path/filepath"
+	"slices"
 	"strconv"
+	"strings"
 	"testing"
 	"time"
 
@@ -24,12 +27,14 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"
 
+	"github.com/kballard/go-shellquote"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -105,7 +110,12 @@ func testGitGeneral(t *testing.T, u *url.URL) {
 
 		// Setup key the user ssh key
 		withKeyFile(t, keyname, func(keyFile string) {
-			t.Run("CreateUserKey", doAPICreateUserKey(sshContext, "test-key", keyFile))
+			var keyID int64
+			t.Run("CreateUserKey", doAPICreateUserKey(sshContext, "test-key", keyFile, func(t *testing.T, key api.PublicKey) {
+				keyID = key.ID
+			}))
+			assert.NotZero(t, keyID)
+			t.Run("LFSAccessTest", doSSHLFSAccessTest(sshContext, keyID))
 
 			// Setup remote link
 			// TODO: get url from api
@@ -136,6 +146,36 @@ func testGitGeneral(t *testing.T, u *url.URL) {
 	})
 }
 
+func doSSHLFSAccessTest(_ APITestContext, keyID int64) func(*testing.T) {
+	return func(t *testing.T) {
+		sshCommand := os.Getenv("GIT_SSH_COMMAND")       // it is set in withKeyFile
+		sshCmdParts, err := shellquote.Split(sshCommand) // and parse the ssh command to construct some mocked arguments
+		require.NoError(t, err)
+
+		t.Run("User2AccessOwned", func(t *testing.T) {
+			sshCmdUser2Self := append(slices.Clone(sshCmdParts),
+				"-p", strconv.Itoa(setting.SSH.ListenPort), "git@"+setting.SSH.ListenHost,
+				"git-lfs-authenticate", "user2/repo1.git", "upload", // accessible to own repo
+			)
+			cmd := exec.CommandContext(t.Context(), sshCmdUser2Self[0], sshCmdUser2Self[1:]...)
+			_, err := cmd.Output()
+			assert.NoError(t, err) // accessible, no error
+		})
+
+		t.Run("User2AccessOther", func(t *testing.T) {
+			sshCmdUser2Other := append(slices.Clone(sshCmdParts),
+				"-p", strconv.Itoa(setting.SSH.ListenPort), "git@"+setting.SSH.ListenHost,
+				"git-lfs-authenticate", "user5/repo4.git", "upload", // inaccessible to other's (user5/repo4)
+			)
+			cmd := exec.CommandContext(t.Context(), sshCmdUser2Other[0], sshCmdUser2Other[1:]...)
+			_, err := cmd.Output()
+			var errExit *exec.ExitError
+			require.ErrorAs(t, err, &errExit) // inaccessible, error
+			assert.Contains(t, string(errExit.Stderr), fmt.Sprintf("User: 2:user2 with Key: %d:test-key is not authorized to write to user5/repo4.", keyID))
+		})
+	}
+}
+
 func ensureAnonymousClone(t *testing.T, u *url.URL) {
 	dstLocalPath := t.TempDir()
 	t.Run("CloneAnonymous", doGitClone(dstLocalPath, u))
@@ -450,40 +490,60 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
 }
 
 func doProtectBranch(ctx APITestContext, branch, userToWhitelistPush, userToWhitelistForcePush, unprotectedFilePatterns, protectedFilePatterns string) func(t *testing.T) {
+	return doProtectBranchExt(ctx, branch, doProtectBranchOptions{
+		UserToWhitelistPush:      userToWhitelistPush,
+		UserToWhitelistForcePush: userToWhitelistForcePush,
+		UnprotectedFilePatterns:  unprotectedFilePatterns,
+		ProtectedFilePatterns:    protectedFilePatterns,
+	})
+}
+
+type doProtectBranchOptions struct {
+	UserToWhitelistPush, UserToWhitelistForcePush, UnprotectedFilePatterns, ProtectedFilePatterns string
+
+	StatusCheckPatterns []string
+}
+
+func doProtectBranchExt(ctx APITestContext, ruleName string, opts doProtectBranchOptions) func(t *testing.T) {
 	// We are going to just use the owner to set the protection.
 	return func(t *testing.T) {
 		csrf := GetUserCSRFToken(t, ctx.Session)
 
 		formData := map[string]string{
 			"_csrf":                     csrf,
-			"rule_name":                 branch,
-			"unprotected_file_patterns": unprotectedFilePatterns,
-			"protected_file_patterns":   protectedFilePatterns,
+			"rule_name":                 ruleName,
+			"unprotected_file_patterns": opts.UnprotectedFilePatterns,
+			"protected_file_patterns":   opts.ProtectedFilePatterns,
 		}
 
-		if userToWhitelistPush != "" {
-			user, err := user_model.GetUserByName(db.DefaultContext, userToWhitelistPush)
+		if opts.UserToWhitelistPush != "" {
+			user, err := user_model.GetUserByName(db.DefaultContext, opts.UserToWhitelistPush)
 			assert.NoError(t, err)
 			formData["whitelist_users"] = strconv.FormatInt(user.ID, 10)
 			formData["enable_push"] = "whitelist"
 			formData["enable_whitelist"] = "on"
 		}
 
-		if userToWhitelistForcePush != "" {
-			user, err := user_model.GetUserByName(db.DefaultContext, userToWhitelistForcePush)
+		if opts.UserToWhitelistForcePush != "" {
+			user, err := user_model.GetUserByName(db.DefaultContext, opts.UserToWhitelistForcePush)
 			assert.NoError(t, err)
 			formData["force_push_allowlist_users"] = strconv.FormatInt(user.ID, 10)
 			formData["enable_force_push"] = "whitelist"
 			formData["enable_force_push_allowlist"] = "on"
 		}
 
+		if len(opts.StatusCheckPatterns) > 0 {
+			formData["enable_status_check"] = "on"
+			formData["status_check_contexts"] = strings.Join(opts.StatusCheckPatterns, "\n")
+		}
+
 		// Send the request to update branch protection settings
 		req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings/branches/edit", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame)), formData)
 		ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
 
-		// Check if master branch has been locked successfully
+		// Check if the "master" branch has been locked successfully
 		flashMsg := ctx.Session.GetCookieFlashMessage()
-		assert.EqualValues(t, `Branch protection for rule "`+branch+`" has been updated.`, flashMsg.SuccessMsg)
+		assert.Equal(t, `Branch protection for rule "`+ruleName+`" has been updated.`, flashMsg.SuccessMsg)
 	}
 }
 
@@ -592,7 +652,7 @@ func doPushCreate(ctx APITestContext, u *url.URL) func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
 		// create a context for a currently non-existent repository
-		ctx.Reponame = fmt.Sprintf("repo-tmp-push-create-%s", u.Scheme)
+		ctx.Reponame = "repo-tmp-push-create-" + u.Scheme
 		u.Path = ctx.GitPath()
 
 		// Create a temporary directory
@@ -623,7 +683,7 @@ func doPushCreate(ctx APITestContext, u *url.URL) func(t *testing.T) {
 
 		// Now add a remote that is invalid to "Push To Create"
 		invalidCtx := ctx
-		invalidCtx.Reponame = fmt.Sprintf("invalid/repo-tmp-push-create-%s", u.Scheme)
+		invalidCtx.Reponame = "invalid/repo-tmp-push-create-" + u.Scheme
 		u.Path = invalidCtx.GitPath()
 		t.Run("AddInvalidRemote", doGitAddRemote(tmpDir, "invalid", u))
 
@@ -649,6 +709,10 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
 
 		ctx := NewAPITestContext(t, baseCtx.Username, baseCtx.Reponame, auth_model.AccessTokenScopeWriteRepository)
 
+		// automerge will merge immediately if the PR is mergeable and there is no "status check" because no status check also means "all checks passed"
+		// so we must set up a status check to test the auto merge feature
+		doProtectBranchExt(ctx, "protected", doProtectBranchOptions{StatusCheckPatterns: []string{"*"}})(t)
+
 		t.Run("CheckoutProtected", doGitCheckoutBranch(dstPath, "protected"))
 		t.Run("PullProtected", doGitPull(dstPath, "origin", "protected"))
 		t.Run("GenerateCommit", func(t *testing.T) {
@@ -675,7 +739,7 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
 
 		commitID := path.Base(commitURL)
 
-		addCommitStatus := func(status api.CommitStatusState) func(*testing.T) {
+		addCommitStatus := func(status commitstatus.CommitStatusState) func(*testing.T) {
 			return doAPICreateCommitStatus(ctx, commitID, api.CreateStatusOption{
 				State:       status,
 				TargetURL:   "http://test.ci/",
@@ -685,17 +749,17 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
 		}
 
 		// Call API to add Pending status for commit
-		t.Run("CreateStatus", addCommitStatus(api.CommitStatusPending))
+		t.Run("CreateStatus", addCommitStatus(commitstatus.CommitStatusPending))
 
 		// Cancel not existing auto merge
 		ctx.ExpectedCode = http.StatusNotFound
-		t.Run("CancelAutoMergePR", doAPICancelAutoMergePullRequest(ctx, baseCtx.Username, baseCtx.Reponame, pr.Index))
+		t.Run("CancelAutoMergePRNotExist", doAPICancelAutoMergePullRequest(ctx, baseCtx.Username, baseCtx.Reponame, pr.Index))
 
 		// Add auto merge request
 		ctx.ExpectedCode = http.StatusCreated
 		t.Run("AutoMergePR", doAPIAutoMergePullRequest(ctx, baseCtx.Username, baseCtx.Reponame, pr.Index))
 
-		// Can not create schedule twice
+		// Cannot create schedule twice
 		ctx.ExpectedCode = http.StatusConflict
 		t.Run("AutoMergePRTwice", doAPIAutoMergePullRequest(ctx, baseCtx.Username, baseCtx.Reponame, pr.Index))
 
@@ -714,7 +778,7 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
 		assert.False(t, pr.HasMerged)
 
 		// Call API to add Failure status for commit
-		t.Run("CreateStatus", addCommitStatus(api.CommitStatusFailure))
+		t.Run("CreateStatus", addCommitStatus(commitstatus.CommitStatusFailure))
 
 		// Check pr status
 		pr, err = doAPIGetPullRequest(ctx, baseCtx.Username, baseCtx.Reponame, pr.Index)(t)
@@ -722,7 +786,7 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
 		assert.False(t, pr.HasMerged)
 
 		// Call API to add Success status for commit
-		t.Run("CreateStatus", addCommitStatus(api.CommitStatusSuccess))
+		t.Run("CreateStatus", addCommitStatus(commitstatus.CommitStatusSuccess))
 
 		// wait to let gitea merge stuff
 		time.Sleep(time.Second)
diff --git a/tests/integration/git_helper_for_declarative_test.go b/tests/integration/git_helper_for_declarative_test.go
index 435253c9c7..7d42508bfe 100644
--- a/tests/integration/git_helper_for_declarative_test.go
+++ b/tests/integration/git_helper_for_declarative_test.go
@@ -10,7 +10,6 @@ import (
 	"net/http"
 	"net/url"
 	"os"
-	"path"
 	"path/filepath"
 	"strconv"
 	"testing"
@@ -35,12 +34,12 @@ func withKeyFile(t *testing.T, keyname string, callback func(string)) {
 	err = ssh.GenKeyPair(keyFile)
 	assert.NoError(t, err)
 
-	err = os.WriteFile(path.Join(tmpDir, "ssh"), []byte("#!/bin/bash\n"+
+	err = os.WriteFile(filepath.Join(tmpDir, "ssh"), []byte("#!/bin/bash\n"+
 		"ssh -o \"UserKnownHostsFile=/dev/null\" -o \"StrictHostKeyChecking=no\" -o \"IdentitiesOnly=yes\" -i \""+keyFile+"\" \"$@\""), 0o700)
 	assert.NoError(t, err)
 
 	// Setup ssh wrapper
-	t.Setenv("GIT_SSH", path.Join(tmpDir, "ssh"))
+	t.Setenv("GIT_SSH", filepath.Join(tmpDir, "ssh"))
 	t.Setenv("GIT_SSH_COMMAND",
 		"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -i \""+keyFile+"\"")
 	t.Setenv("GIT_SSH_VARIANT", "ssh")
@@ -124,7 +123,7 @@ func doGitInitTestRepository(dstPath string) func(*testing.T) {
 		// forcibly set default branch to master
 		_, _, err := git.NewCommand("symbolic-ref", "HEAD", git.BranchPrefix+"master").RunStdString(git.DefaultContext, &git.RunOpts{Dir: dstPath})
 		assert.NoError(t, err)
-		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, "README.md"), []byte(fmt.Sprintf("# Testing Repository\n\nOriginally created in: %s", dstPath)), 0o644))
+		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, "README.md"), []byte("# Testing Repository\n\nOriginally created in: "+dstPath), 0o644))
 		assert.NoError(t, git.AddChanges(dstPath, true))
 		signature := git.Signature{
 			Email: "test@example.com",
@@ -164,7 +163,7 @@ func doGitAddSomeCommits(dstPath, branch string) func(*testing.T) {
 	return func(t *testing.T) {
 		doGitCheckoutBranch(dstPath, branch)(t)
 
-		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, fmt.Sprintf("file-%s.txt", branch)), []byte(fmt.Sprintf("file %s", branch)), 0o644))
+		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, fmt.Sprintf("file-%s.txt", branch)), []byte("file "+branch), 0o644))
 		assert.NoError(t, git.AddChanges(dstPath, true))
 		signature := git.Signature{
 			Email: "test@test.test",
@@ -173,7 +172,7 @@ func doGitAddSomeCommits(dstPath, branch string) func(*testing.T) {
 		assert.NoError(t, git.CommitChanges(dstPath, git.CommitChangesOptions{
 			Committer: &signature,
 			Author:    &signature,
-			Message:   fmt.Sprintf("update %s", branch),
+			Message:   "update " + branch,
 		}))
 	}
 }
diff --git a/tests/integration/git_misc_test.go b/tests/integration/git_misc_test.go
index bf9e2c02ab..d5a4af07ba 100644
--- a/tests/integration/git_misc_test.go
+++ b/tests/integration/git_misc_test.go
@@ -135,3 +135,105 @@ func TestAgitPullPush(t *testing.T) {
 		assert.NoError(t, err)
 	})
 }
+
+func TestAgitReviewStaleness(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		baseAPITestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+
+		u.Path = baseAPITestContext.GitPath()
+		u.User = url.UserPassword("user2", userPassword)
+
+		dstPath := t.TempDir()
+		doGitClone(dstPath, u)(t)
+
+		gitRepo, err := git.OpenRepository(t.Context(), dstPath)
+		assert.NoError(t, err)
+		defer gitRepo.Close()
+
+		doGitCreateBranch(dstPath, "test-agit-review")
+
+		// Create initial commit
+		_, err = generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "initial-")
+		assert.NoError(t, err)
+
+		// create PR via agit
+		err = git.NewCommand("push", "origin",
+			"-o", "title=Test agit Review Staleness", "-o", "description=Testing review staleness",
+			"HEAD:refs/for/master/test-agit-review",
+		).Run(git.DefaultContext, &git.RunOpts{Dir: dstPath})
+		assert.NoError(t, err)
+
+		pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{
+			BaseRepoID: 1,
+			Flow:       issues_model.PullRequestFlowAGit,
+			HeadBranch: "user2/test-agit-review",
+		})
+		assert.NoError(t, pr.LoadIssue(db.DefaultContext))
+
+		// Get initial commit ID for the review
+		initialCommitID := pr.HeadCommitID
+		t.Logf("Initial commit ID: %s", initialCommitID)
+
+		// Create a review on the PR (as user1 reviewing user2's PR)
+		reviewer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
+		review, err := issues_model.CreateReview(db.DefaultContext, issues_model.CreateReviewOptions{
+			Type:     issues_model.ReviewTypeApprove,
+			Reviewer: reviewer,
+			Issue:    pr.Issue,
+			CommitID: initialCommitID,
+			Content:  "LGTM! Looks good to merge.",
+			Official: false,
+		})
+		assert.NoError(t, err)
+		assert.False(t, review.Stale, "New review should not be stale")
+
+		// Verify review exists and is not stale
+		reviews, err := issues_model.FindReviews(db.DefaultContext, issues_model.FindReviewOptions{
+			IssueID: pr.IssueID,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, reviews, 1)
+		assert.Equal(t, initialCommitID, reviews[0].CommitID)
+		assert.False(t, reviews[0].Stale, "Review should not be stale initially")
+
+		// Create a new commit and update the agit PR
+		_, err = generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "updated-")
+		assert.NoError(t, err)
+
+		err = git.NewCommand("push", "origin", "HEAD:refs/for/master/test-agit-review").Run(git.DefaultContext, &git.RunOpts{Dir: dstPath})
+		assert.NoError(t, err)
+
+		// Reload PR to get updated commit ID
+		pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{
+			BaseRepoID: 1,
+			Flow:       issues_model.PullRequestFlowAGit,
+			HeadBranch: "user2/test-agit-review",
+		})
+		assert.NoError(t, pr.LoadIssue(db.DefaultContext))
+
+		// For AGit PRs, HeadCommitID must be loaded from git references
+		baseRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		baseGitRepo, err := gitrepo.OpenRepository(db.DefaultContext, baseRepo)
+		assert.NoError(t, err)
+		defer baseGitRepo.Close()
+
+		updatedCommitID, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
+		assert.NoError(t, err)
+		t.Logf("Updated commit ID: %s", updatedCommitID)
+
+		// Verify the PR was updated with new commit
+		assert.NotEqual(t, initialCommitID, updatedCommitID, "PR should have new commit ID after update")
+
+		// Check that the review is now marked as stale
+		reviews, err = issues_model.FindReviews(db.DefaultContext, issues_model.FindReviewOptions{
+			IssueID: pr.IssueID,
+		})
+		assert.NoError(t, err)
+		assert.Len(t, reviews, 1)
+
+		assert.True(t, reviews[0].Stale, "Review should be marked as stale after AGit PR update")
+
+		// The review commit ID should remain the same (pointing to the original commit)
+		assert.Equal(t, initialCommitID, reviews[0].CommitID, "Review commit ID should remain unchanged and point to original commit")
+	})
+}
diff --git a/tests/integration/git_push_test.go b/tests/integration/git_push_test.go
index ee4f203dbe..d716847b54 100644
--- a/tests/integration/git_push_test.go
+++ b/tests/integration/git_push_test.go
@@ -27,7 +27,7 @@ func TestGitPush(t *testing.T) {
 func testGitPush(t *testing.T, u *url.URL) {
 	t.Run("Push branches at once", func(t *testing.T) {
 		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
-			for i := 0; i < 100; i++ {
+			for i := range 100 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				pushed = append(pushed, branchName)
 				doGitCreateBranch(gitPath, branchName)(t)
@@ -40,7 +40,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 
 	t.Run("Push branches exists", func(t *testing.T) {
 		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
-			for i := 0; i < 10; i++ {
+			for i := range 10 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				if i < 5 {
 					pushed = append(pushed, branchName)
@@ -54,7 +54,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 
 			pushed = pushed[:0]
 			// do some changes for the first 5 branches created above
-			for i := 0; i < 5; i++ {
+			for i := range 5 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				pushed = append(pushed, branchName)
 
@@ -75,7 +75,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 
 	t.Run("Push branches one by one", func(t *testing.T) {
 		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
-			for i := 0; i < 100; i++ {
+			for i := range 100 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				doGitCreateBranch(gitPath, branchName)(t)
 				doGitPushTestRepository(gitPath, "origin", branchName)(t)
@@ -101,14 +101,14 @@ func testGitPush(t *testing.T, u *url.URL) {
 			doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete
 			pushed = append(pushed, "master")
 
-			for i := 0; i < 100; i++ {
+			for i := range 100 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				pushed = append(pushed, branchName)
 				doGitCreateBranch(gitPath, branchName)(t)
 			}
 			doGitPushTestRepository(gitPath, "origin", "--all")(t)
 
-			for i := 0; i < 10; i++ {
+			for i := range 10 {
 				branchName := fmt.Sprintf("branch-%d", i)
 				doGitPushTestRepository(gitPath, "origin", "--delete", branchName)(t)
 				deleted = append(deleted, branchName)
@@ -170,7 +170,7 @@ func runTestGitPush(t *testing.T, u *url.URL, gitOperation func(t *testing.T, gi
 
 	dbBranches := make([]*git_model.Branch, 0)
 	require.NoError(t, db.GetEngine(db.DefaultContext).Where("repo_id=?", repo.ID).Find(&dbBranches))
-	assert.Equalf(t, len(pushedBranches), len(dbBranches), "mismatched number of branches in db")
+	assert.Lenf(t, dbBranches, len(pushedBranches), "mismatched number of branches in db")
 	dbBranchesMap := make(map[string]*git_model.Branch, len(dbBranches))
 	for _, branch := range dbBranches {
 		dbBranchesMap[branch.Name] = branch
@@ -191,7 +191,7 @@ func runTestGitPush(t *testing.T, u *url.URL, gitOperation func(t *testing.T, gi
 		assert.Equal(t, commitID, branch.CommitID)
 	}
 
-	require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repo.ID))
+	require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, repo.ID))
 }
 
 func TestPushPullRefs(t *testing.T) {
diff --git a/tests/integration/git_smart_http_test.go b/tests/integration/git_smart_http_test.go
index 55d647672a..e984fd3aad 100644
--- a/tests/integration/git_smart_http_test.go
+++ b/tests/integration/git_smart_http_test.go
@@ -9,6 +9,8 @@ import (
 	"net/url"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/stretchr/testify/assert"
@@ -16,7 +18,10 @@ import (
 )
 
 func TestGitSmartHTTP(t *testing.T) {
-	onGiteaRun(t, testGitSmartHTTP)
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		testGitSmartHTTP(t, u)
+		testRenamedRepoRedirect(t)
+	})
 }
 
 func testGitSmartHTTP(t *testing.T, u *url.URL) {
@@ -67,9 +72,27 @@ func testGitSmartHTTP(t *testing.T, u *url.URL) {
 			resp, err := http.DefaultClient.Do(req)
 			require.NoError(t, err)
 			defer resp.Body.Close()
-			assert.EqualValues(t, kase.code, resp.StatusCode)
+			assert.Equal(t, kase.code, resp.StatusCode)
 			_, err = io.ReadAll(resp.Body)
 			require.NoError(t, err)
 		})
 	}
 }
+
+func testRenamedRepoRedirect(t *testing.T) {
+	defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
+
+	// git client requires to get a 301 redirect response before 401 unauthorized response
+	req := NewRequest(t, "GET", "/user2/oldrepo1/info/refs")
+	resp := MakeRequest(t, req, http.StatusMovedPermanently)
+	redirect := resp.Header().Get("Location")
+	assert.Equal(t, "/user2/repo1/info/refs", redirect)
+
+	req = NewRequest(t, "GET", redirect)
+	resp = MakeRequest(t, req, http.StatusUnauthorized)
+	assert.Equal(t, "Unauthorized\n", resp.Body.String())
+
+	req = NewRequest(t, "GET", redirect).AddBasicAuth("user2")
+	resp = MakeRequest(t, req, http.StatusOK)
+	assert.Contains(t, resp.Body.String(), "65f1bf27bc3bf70f64657658635e66094edbcb4d\trefs/tags/v1.1")
+}
diff --git a/tests/integration/gpg_git_test.go b/tests/integration/gpg_ssh_git_test.go
index 31695fb2e1..56f9f87783 100644
--- a/tests/integration/gpg_git_test.go
+++ b/tests/integration/gpg_ssh_git_test.go
@@ -4,7 +4,10 @@
 package integration
 
 import (
+	"crypto/ed25519"
+	"crypto/rand"
 	"encoding/base64"
+	"encoding/pem"
 	"fmt"
 	"net/url"
 	"os"
@@ -23,6 +26,7 @@ import (
 	"github.com/ProtonMail/go-crypto/openpgp/armor"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"golang.org/x/crypto/ssh"
 )
 
 func TestGPGGit(t *testing.T) {
@@ -42,6 +46,37 @@ func TestGPGGit(t *testing.T) {
 	defer test.MockVariableValue(&setting.Repository.Signing.InitialCommit, []string{"never"})()
 	defer test.MockVariableValue(&setting.Repository.Signing.CRUDActions, []string{"never"})()
 
+	testGitSigning(t)
+}
+
+func TestSSHGit(t *testing.T) {
+	tmpDir := t.TempDir() // use a temp dir to store the SSH keys
+	err := os.Chmod(tmpDir, 0o700)
+	assert.NoError(t, err)
+
+	pub, priv, err := ed25519.GenerateKey(rand.Reader)
+	require.NoError(t, err, "ed25519.GenerateKey")
+	sshPubKey, err := ssh.NewPublicKey(pub)
+	require.NoError(t, err, "ssh.NewPublicKey")
+
+	err = os.WriteFile(tmpDir+"/id_ed25519.pub", ssh.MarshalAuthorizedKey(sshPubKey), 0o600)
+	require.NoError(t, err, "os.WriteFile id_ed25519.pub")
+	block, err := ssh.MarshalPrivateKey(priv, "")
+	require.NoError(t, err, "ssh.MarshalPrivateKey")
+	err = os.WriteFile(tmpDir+"/id_ed25519", pem.EncodeToMemory(block), 0o600)
+	require.NoError(t, err, "os.WriteFile id_ed25519")
+
+	defer test.MockVariableValue(&setting.Repository.Signing.SigningKey, tmpDir+"/id_ed25519.pub")()
+	defer test.MockVariableValue(&setting.Repository.Signing.SigningName, "gitea")()
+	defer test.MockVariableValue(&setting.Repository.Signing.SigningEmail, "gitea@fake.local")()
+	defer test.MockVariableValue(&setting.Repository.Signing.SigningFormat, "ssh")()
+	defer test.MockVariableValue(&setting.Repository.Signing.InitialCommit, []string{"never"})()
+	defer test.MockVariableValue(&setting.Repository.Signing.CRUDActions, []string{"never"})()
+
+	testGitSigning(t)
+}
+
+func testGitSigning(t *testing.T) {
 	username := "user2"
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: username})
 	baseAPITestContext := NewAPITestContext(t, username, "repo1")
@@ -99,26 +134,14 @@ func TestGPGGit(t *testing.T) {
 			testCtx := NewAPITestContext(t, username, "initial-unsigned", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 			t.Run("CreateCRUDFile-Always", crudActionCreateFile(
 				t, testCtx, user, "master", "always", "signed-always.txt", func(t *testing.T, response api.FileResponse) {
-					assert.NotNil(t, response.Verification)
-					if response.Verification == nil {
-						assert.FailNow(t, "no verification provided with response! %v", response)
-					}
-					assert.True(t, response.Verification.Verified)
-					if !response.Verification.Verified {
-						t.FailNow()
-					}
+					require.NotNil(t, response.Verification, "no verification provided with response! %v", response)
+					require.True(t, response.Verification.Verified)
 					assert.Equal(t, "gitea@fake.local", response.Verification.Signer.Email)
 				}))
 			t.Run("CreateCRUDFile-ParentSigned-always", crudActionCreateFile(
 				t, testCtx, user, "parentsigned", "parentsigned-always", "signed-parent2.txt", func(t *testing.T, response api.FileResponse) {
-					assert.NotNil(t, response.Verification)
-					if response.Verification == nil {
-						assert.FailNow(t, "no verification provided with response! %v", response)
-					}
-					assert.True(t, response.Verification.Verified)
-					if !response.Verification.Verified {
-						t.FailNow()
-					}
+					require.NotNil(t, response.Verification, "no verification provided with response! %v", response)
+					require.True(t, response.Verification.Verified)
 					assert.Equal(t, "gitea@fake.local", response.Verification.Signer.Email)
 				}))
 		})
@@ -129,14 +152,8 @@ func TestGPGGit(t *testing.T) {
 			testCtx := NewAPITestContext(t, username, "initial-unsigned", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 			t.Run("CreateCRUDFile-Always-ParentSigned", crudActionCreateFile(
 				t, testCtx, user, "always", "always-parentsigned", "signed-always-parentsigned.txt", func(t *testing.T, response api.FileResponse) {
-					assert.NotNil(t, response.Verification)
-					if response.Verification == nil {
-						assert.FailNow(t, "no verification provided with response! %v", response)
-					}
-					assert.True(t, response.Verification.Verified)
-					if !response.Verification.Verified {
-						t.FailNow()
-					}
+					require.NotNil(t, response.Verification, "no verification provided with response! %v", response)
+					require.True(t, response.Verification.Verified)
 					assert.Equal(t, "gitea@fake.local", response.Verification.Signer.Email)
 				}))
 		})
@@ -147,18 +164,9 @@ func TestGPGGit(t *testing.T) {
 			testCtx := NewAPITestContext(t, username, "initial-always", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
 			t.Run("CheckMasterBranchSigned", doAPIGetBranch(testCtx, "master", func(t *testing.T, branch api.Branch) {
-				assert.NotNil(t, branch.Commit)
-				if branch.Commit == nil {
-					assert.FailNow(t, "no commit provided with branch! %v", branch)
-				}
-				assert.NotNil(t, branch.Commit.Verification)
-				if branch.Commit.Verification == nil {
-					assert.FailNow(t, "no verification provided with branch commit! %v", branch.Commit)
-				}
-				assert.True(t, branch.Commit.Verification.Verified)
-				if !branch.Commit.Verification.Verified {
-					t.FailNow()
-				}
+				require.NotNil(t, branch.Commit, "no commit provided with branch! %v", branch)
+				require.NotNil(t, branch.Commit.Verification, "no verification provided with branch commit! %v", branch.Commit)
+				require.True(t, branch.Commit.Verification.Verified)
 				assert.Equal(t, "gitea@fake.local", branch.Commit.Verification.Signer.Email)
 			}))
 		})
@@ -181,11 +189,7 @@ func TestGPGGit(t *testing.T) {
 			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
 			t.Run("CreateCRUDFile-ParentSigned", crudActionCreateFile(
 				t, testCtx, user, "master", "parentsigned", "signed-parent.txt", func(t *testing.T, response api.FileResponse) {
-					assert.True(t, response.Verification.Verified)
-					if !response.Verification.Verified {
-						t.FailNow()
-						return
-					}
+					require.True(t, response.Verification.Verified)
 					assert.Equal(t, "gitea@fake.local", response.Verification.Signer.Email)
 				}))
 		})
@@ -197,11 +201,7 @@ func TestGPGGit(t *testing.T) {
 			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
 			t.Run("CreateCRUDFile-Always", crudActionCreateFile(
 				t, testCtx, user, "master", "always", "signed-always.txt", func(t *testing.T, response api.FileResponse) {
-					assert.True(t, response.Verification.Verified)
-					if !response.Verification.Verified {
-						t.FailNow()
-						return
-					}
+					require.True(t, response.Verification.Verified)
 					assert.Equal(t, "gitea@fake.local", response.Verification.Signer.Email)
 				}))
 		})
@@ -273,7 +273,7 @@ func crudActionCreateFile(_ *testing.T, ctx APITestContext, user *user_model.Use
 				Email: user.Email,
 			},
 		},
-		ContentBase64: base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("This is new text for %s", path))),
+		ContentBase64: base64.StdEncoding.EncodeToString([]byte("This is new text for " + path)),
 	}, callback...)
 }
 
diff --git a/tests/integration/html_helper.go b/tests/integration/html_helper.go
index 874fc32228..4d589b32e7 100644
--- a/tests/integration/html_helper.go
+++ b/tests/integration/html_helper.go
@@ -42,7 +42,7 @@ func (doc *HTMLDoc) GetCSRF() string {
 	return doc.GetInputValueByName("_csrf")
 }
 
-// AssertHTMLElement check if element by selector exists or does not exist depending on checkExists
+// AssertHTMLElement check if the element by selector exists or does not exist depending on checkExists
 func AssertHTMLElement[T int | bool](t testing.TB, doc *HTMLDoc, selector string, checkExists T) {
 	sel := doc.doc.Find(selector)
 	switch v := any(checkExists).(type) {
diff --git a/tests/integration/incoming_email_test.go b/tests/integration/incoming_email_test.go
index e968a2956e..6ccf82a9eb 100644
--- a/tests/integration/incoming_email_test.go
+++ b/tests/integration/incoming_email_test.go
@@ -50,12 +50,12 @@ func TestIncomingEmail(t *testing.T) {
 			ref, err := incoming_payload.GetReferenceFromPayload(db.DefaultContext, issuePayload)
 			assert.NoError(t, err)
 			assert.IsType(t, ref, new(issues_model.Issue))
-			assert.EqualValues(t, issue.ID, ref.(*issues_model.Issue).ID)
+			assert.Equal(t, issue.ID, ref.(*issues_model.Issue).ID)
 
 			ref, err = incoming_payload.GetReferenceFromPayload(db.DefaultContext, commentPayload)
 			assert.NoError(t, err)
 			assert.IsType(t, ref, new(issues_model.Comment))
-			assert.EqualValues(t, comment.ID, ref.(*issues_model.Comment).ID)
+			assert.Equal(t, comment.ID, ref.(*issues_model.Comment).ID)
 		})
 
 		t.Run("Token", func(t *testing.T) {
diff --git a/tests/integration/integration_test.go b/tests/integration/integration_test.go
index 2f6b7eae31..5896a97ef1 100644
--- a/tests/integration/integration_test.go
+++ b/tests/integration/integration_test.go
@@ -1,7 +1,7 @@
 // Copyright 2017 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-//nolint:forbidigo
+//nolint:forbidigo // use of print functions is allowed in tests
 package integration
 
 import (
@@ -148,6 +148,9 @@ func (s *TestSession) GetCookieFlashMessage() *middleware.Flash {
 
 func (s *TestSession) MakeRequest(t testing.TB, rw *RequestWrapper, expectedStatus int) *httptest.ResponseRecorder {
 	t.Helper()
+	if s == nil {
+		return MakeRequest(t, rw, expectedStatus)
+	}
 	req := rw.Request
 	baseURL, err := url.Parse(setting.AppURL)
 	assert.NoError(t, err)
@@ -310,7 +313,7 @@ func NewRequestWithValues(t testing.TB, method, urlStr string, values map[string
 
 func NewRequestWithURLValues(t testing.TB, method, urlStr string, urlValues url.Values) *RequestWrapper {
 	t.Helper()
-	return NewRequestWithBody(t, method, urlStr, bytes.NewBufferString(urlValues.Encode())).
+	return NewRequestWithBody(t, method, urlStr, strings.NewReader(urlValues.Encode())).
 		SetHeader("Content-Type", "application/x-www-form-urlencoded")
 }
 
@@ -360,7 +363,7 @@ func MakeRequestNilResponseRecorder(t testing.TB, rw *RequestWrapper, expectedSt
 	recorder := NewNilResponseRecorder()
 	testWebRoutes.ServeHTTP(recorder, req)
 	if expectedStatus != NoExpectedStatus {
-		if !assert.EqualValues(t, expectedStatus, recorder.Code,
+		if !assert.Equal(t, expectedStatus, recorder.Code,
 			"Request: %s %s", req.Method, req.URL.String()) {
 			logUnexpectedResponse(t, &recorder.ResponseRecorder)
 		}
@@ -374,7 +377,7 @@ func MakeRequestNilResponseHashSumRecorder(t testing.TB, rw *RequestWrapper, exp
 	recorder := NewNilResponseHashSumRecorder()
 	testWebRoutes.ServeHTTP(recorder, req)
 	if expectedStatus != NoExpectedStatus {
-		if !assert.EqualValues(t, expectedStatus, recorder.Code,
+		if !assert.Equal(t, expectedStatus, recorder.Code,
 			"Request: %s %s", req.Method, req.URL.String()) {
 			logUnexpectedResponse(t, &recorder.ResponseRecorder)
 		}
diff --git a/tests/integration/issue_test.go b/tests/integration/issue_test.go
index dc0c9b1350..b5dca58357 100644
--- a/tests/integration/issue_test.go
+++ b/tests/integration/issue_test.go
@@ -32,7 +32,7 @@ import (
 
 func getIssuesSelection(t testing.TB, htmlDoc *HTMLDoc) *goquery.Selection {
 	issueList := htmlDoc.doc.Find("#issue-list")
-	assert.EqualValues(t, 1, issueList.Length())
+	assert.Equal(t, 1, issueList.Length())
 	return issueList.Find(".flex-item").Find(".issue-title")
 }
 
@@ -76,19 +76,16 @@ func TestViewIssuesSortByType(t *testing.T) {
 
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	issuesSelection := getIssuesSelection(t, htmlDoc)
-	expectedNumIssues := unittest.GetCount(t,
+	expectedNumIssues := min(unittest.GetCount(t,
 		&issues_model.Issue{RepoID: repo.ID, PosterID: user.ID},
 		unittest.Cond("is_closed=?", false),
 		unittest.Cond("is_pull=?", false),
-	)
-	if expectedNumIssues > setting.UI.IssuePagingNum {
-		expectedNumIssues = setting.UI.IssuePagingNum
-	}
-	assert.EqualValues(t, expectedNumIssues, issuesSelection.Length())
+	), setting.UI.IssuePagingNum)
+	assert.Equal(t, expectedNumIssues, issuesSelection.Length())
 
 	issuesSelection.Each(func(_ int, selection *goquery.Selection) {
 		issue := getIssue(t, repo.ID, selection)
-		assert.EqualValues(t, user.ID, issue.PosterID)
+		assert.Equal(t, user.ID, issue.PosterID)
 	})
 }
 
@@ -108,7 +105,7 @@ func TestViewIssuesKeyword(t *testing.T) {
 
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	issuesSelection := getIssuesSelection(t, htmlDoc)
-	assert.EqualValues(t, 1, issuesSelection.Length())
+	assert.Equal(t, 1, issuesSelection.Length())
 	issuesSelection.Each(func(_ int, selection *goquery.Selection) {
 		issue := getIssue(t, repo.ID, selection)
 		assert.False(t, issue.IsClosed)
@@ -151,6 +148,22 @@ func testNewIssue(t *testing.T, session *TestSession, user, repo, title, content
 	return issueURL
 }
 
+func testIssueDelete(t *testing.T, session *TestSession, issueURL string) {
+	req := NewRequestWithValues(t, "POST", path.Join(issueURL, "delete"), map[string]string{
+		"_csrf": GetUserCSRFToken(t, session),
+	})
+	session.MakeRequest(t, req, http.StatusSeeOther)
+}
+
+func testIssueAssign(t *testing.T, session *TestSession, repoLink string, issueID, assigneeID int64) {
+	req := NewRequestWithValues(t, "POST", fmt.Sprintf(repoLink+"/issues/assignee?issue_ids=%d", issueID), map[string]string{
+		"_csrf":  GetUserCSRFToken(t, session),
+		"id":     strconv.FormatInt(assigneeID, 10),
+		"action": "", // empty action means assign
+	})
+	session.MakeRequest(t, req, http.StatusOK)
+}
+
 func testIssueAddComment(t *testing.T, session *TestSession, issueURL, content, status string) int64 {
 	req := NewRequest(t, "GET", issueURL)
 	resp := session.MakeRequest(t, req, http.StatusOK)
@@ -184,6 +197,15 @@ func testIssueAddComment(t *testing.T, session *TestSession, issueURL, content,
 	return int64(id)
 }
 
+func testIssueChangeMilestone(t *testing.T, session *TestSession, repoLink string, issueID, milestoneID int64) {
+	req := NewRequestWithValues(t, "POST", fmt.Sprintf(repoLink+"/issues/milestone?issue_ids=%d", issueID), map[string]string{
+		"_csrf": GetUserCSRFToken(t, session),
+		"id":    strconv.FormatInt(milestoneID, 10),
+	})
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.Equal(t, `{"ok":true}`, strings.TrimSpace(resp.Body.String()))
+}
+
 func TestNewIssue(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	session := loginUser(t, "user2")
@@ -195,21 +217,21 @@ func TestEditIssue(t *testing.T) {
 	session := loginUser(t, "user2")
 	issueURL := testNewIssue(t, session, "user2", "repo1", "Title", "Description")
 
-	req := NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{
+	req := NewRequestWithValues(t, "POST", issueURL+"/content", map[string]string{
 		"_csrf":   GetUserCSRFToken(t, session),
 		"content": "modified content",
 		"context": fmt.Sprintf("/%s/%s", "user2", "repo1"),
 	})
 	session.MakeRequest(t, req, http.StatusOK)
 
-	req = NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{
+	req = NewRequestWithValues(t, "POST", issueURL+"/content", map[string]string{
 		"_csrf":   GetUserCSRFToken(t, session),
 		"content": "modified content",
 		"context": fmt.Sprintf("/%s/%s", "user2", "repo1"),
 	})
 	session.MakeRequest(t, req, http.StatusBadRequest)
 
-	req = NewRequestWithValues(t, "POST", fmt.Sprintf("%s/content", issueURL), map[string]string{
+	req = NewRequestWithValues(t, "POST", issueURL+"/content", map[string]string{
 		"_csrf":           GetUserCSRFToken(t, session),
 		"content":         "modified content",
 		"content_version": "1",
@@ -473,10 +495,7 @@ func TestSearchIssues(t *testing.T) {
 
 	session := loginUser(t, "user2")
 
-	expectedIssueCount := 20 // from the fixtures
-	if expectedIssueCount > setting.UI.IssuePagingNum {
-		expectedIssueCount = setting.UI.IssuePagingNum
-	}
+	expectedIssueCount := min(20, setting.UI.IssuePagingNum) // 20 is from the fixtures
 
 	link, _ := url.Parse("/issues/search")
 	req := NewRequest(t, "GET", link.String())
@@ -510,7 +529,7 @@ func TestSearchIssues(t *testing.T) {
 	req = NewRequest(t, "GET", link.String())
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiIssues)
-	assert.EqualValues(t, "22", resp.Header().Get("X-Total-Count"))
+	assert.Equal(t, "22", resp.Header().Get("X-Total-Count"))
 	assert.Len(t, apiIssues, 20)
 
 	query.Add("limit", "5")
@@ -518,7 +537,7 @@ func TestSearchIssues(t *testing.T) {
 	req = NewRequest(t, "GET", link.String())
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	DecodeJSON(t, resp, &apiIssues)
-	assert.EqualValues(t, "22", resp.Header().Get("X-Total-Count"))
+	assert.Equal(t, "22", resp.Header().Get("X-Total-Count"))
 	assert.Len(t, apiIssues, 5)
 
 	query = url.Values{"assigned": {"true"}, "state": {"all"}}
@@ -567,10 +586,7 @@ func TestSearchIssues(t *testing.T) {
 func TestSearchIssuesWithLabels(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
-	expectedIssueCount := 20 // from the fixtures
-	if expectedIssueCount > setting.UI.IssuePagingNum {
-		expectedIssueCount = setting.UI.IssuePagingNum
-	}
+	expectedIssueCount := min(20, setting.UI.IssuePagingNum) // 20 is from the fixtures
 
 	session := loginUser(t, "user1")
 	link, _ := url.Parse("/issues/search")
@@ -645,7 +661,7 @@ func TestGetIssueInfo(t *testing.T) {
 	}
 	DecodeJSON(t, resp, &respStruct)
 
-	assert.EqualValues(t, issue.ID, respStruct.ConvertedIssue.ID)
+	assert.Equal(t, issue.ID, respStruct.ConvertedIssue.ID)
 	assert.Contains(t, string(respStruct.RenderedLabels), `"labels-list"`)
 }
 
@@ -665,7 +681,7 @@ func TestUpdateIssueDeadline(t *testing.T) {
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{"deadline": "2022-04-06"})
 	session.MakeRequest(t, req, http.StatusOK)
 	issueAfter := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 10})
-	assert.EqualValues(t, "2022-04-06", issueAfter.DeadlineUnix.FormatDate())
+	assert.Equal(t, "2022-04-06", issueAfter.DeadlineUnix.FormatDate())
 
 	req = NewRequestWithValues(t, "POST", urlStr, map[string]string{"deadline": ""})
 	session.MakeRequest(t, req, http.StatusOK)
@@ -686,8 +702,8 @@ func TestIssueReferenceURL(t *testing.T) {
 
 	// the "reference" uses relative URLs, then JS code will convert them to absolute URLs for current origin, in case users are using multiple domains
 	ref, _ := htmlDoc.Find(`.timeline-item.comment.first .reference-issue`).Attr("data-reference")
-	assert.EqualValues(t, "/user2/repo1/issues/1#issue-1", ref)
+	assert.Equal(t, "/user2/repo1/issues/1#issue-1", ref)
 
 	ref, _ = htmlDoc.Find(`.timeline-item.comment:not(.first) .reference-issue`).Attr("data-reference")
-	assert.EqualValues(t, "/user2/repo1/issues/1#issuecomment-2", ref)
+	assert.Equal(t, "/user2/repo1/issues/1#issuecomment-2", ref)
 }
diff --git a/tests/integration/lfs_local_endpoint_test.go b/tests/integration/lfs_local_endpoint_test.go
index d42888bbe1..e67f0712a3 100644
--- a/tests/integration/lfs_local_endpoint_test.go
+++ b/tests/integration/lfs_local_endpoint_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/url"
 	"os"
 	"path/filepath"
@@ -41,55 +40,55 @@ func TestDetermineLocalEndpoint(t *testing.T) {
 		{
 			cloneurl: root,
 			lfsurl:   "",
-			expected: str2url(fmt.Sprintf("file://%s", root)),
+			expected: str2url("file://" + root),
 		},
 		// case 1
 		{
 			cloneurl: root,
 			lfsurl:   lfsroot,
-			expected: str2url(fmt.Sprintf("file://%s", lfsroot)),
+			expected: str2url("file://" + lfsroot),
 		},
 		// case 2
 		{
 			cloneurl: "https://git.com/repo.git",
 			lfsurl:   lfsroot,
-			expected: str2url(fmt.Sprintf("file://%s", lfsroot)),
+			expected: str2url("file://" + lfsroot),
 		},
 		// case 3
 		{
 			cloneurl: rootdotgit,
 			lfsurl:   "",
-			expected: str2url(fmt.Sprintf("file://%s", filepath.Join(rootdotgit, ".git"))),
+			expected: str2url("file://" + filepath.Join(rootdotgit, ".git")),
 		},
 		// case 4
 		{
 			cloneurl: "",
 			lfsurl:   rootdotgit,
-			expected: str2url(fmt.Sprintf("file://%s", filepath.Join(rootdotgit, ".git"))),
+			expected: str2url("file://" + filepath.Join(rootdotgit, ".git")),
 		},
 		// case 5
 		{
 			cloneurl: rootdotgit,
 			lfsurl:   rootdotgit,
-			expected: str2url(fmt.Sprintf("file://%s", filepath.Join(rootdotgit, ".git"))),
+			expected: str2url("file://" + filepath.Join(rootdotgit, ".git")),
 		},
 		// case 6
 		{
-			cloneurl: fmt.Sprintf("file://%s", root),
+			cloneurl: "file://" + root,
 			lfsurl:   "",
-			expected: str2url(fmt.Sprintf("file://%s", root)),
+			expected: str2url("file://" + root),
 		},
 		// case 7
 		{
-			cloneurl: fmt.Sprintf("file://%s", root),
-			lfsurl:   fmt.Sprintf("file://%s", lfsroot),
-			expected: str2url(fmt.Sprintf("file://%s", lfsroot)),
+			cloneurl: "file://" + root,
+			lfsurl:   "file://" + lfsroot,
+			expected: str2url("file://" + lfsroot),
 		},
 		// case 8
 		{
 			cloneurl: root,
-			lfsurl:   fmt.Sprintf("file://%s", lfsroot),
-			expected: str2url(fmt.Sprintf("file://%s", lfsroot)),
+			lfsurl:   "file://" + lfsroot,
+			expected: str2url("file://" + lfsroot),
 		},
 		// case 9
 		{
diff --git a/tests/integration/lfs_view_test.go b/tests/integration/lfs_view_test.go
index 153050dd5e..c26ece22be 100644
--- a/tests/integration/lfs_view_test.go
+++ b/tests/integration/lfs_view_test.go
@@ -38,7 +38,7 @@ func TestLFSRender(t *testing.T) {
 		doc := NewHTMLParser(t, resp.Body).doc
 
 		fileInfo := doc.Find("div.file-info-entry").First().Text()
-		assert.Contains(t, fileInfo, "Stored with Git LFS")
+		assert.Contains(t, fileInfo, "LFS")
 
 		content := doc.Find("div.file-view").Text()
 		assert.Contains(t, content, "Testing documents in LFS")
@@ -54,7 +54,7 @@ func TestLFSRender(t *testing.T) {
 		doc := NewHTMLParser(t, resp.Body).doc
 
 		fileInfo := doc.Find("div.file-info-entry").First().Text()
-		assert.Contains(t, fileInfo, "Stored with Git LFS")
+		assert.Contains(t, fileInfo, "LFS")
 
 		src, exists := doc.Find(".file-view img").Attr("src")
 		assert.True(t, exists, "The image should be in an <img> tag")
@@ -68,14 +68,15 @@ func TestLFSRender(t *testing.T) {
 		req := NewRequest(t, "GET", "/user2/lfs/src/branch/master/crypt.bin")
 		resp := session.MakeRequest(t, req, http.StatusOK)
 
-		doc := NewHTMLParser(t, resp.Body).doc
+		doc := NewHTMLParser(t, resp.Body)
 
 		fileInfo := doc.Find("div.file-info-entry").First().Text()
-		assert.Contains(t, fileInfo, "Stored with Git LFS")
+		assert.Contains(t, fileInfo, "LFS")
 
-		rawLink, exists := doc.Find("div.file-view > div.view-raw > a").Attr("href")
-		assert.True(t, exists, "Download link should render instead of content because this is a binary file")
-		assert.Equal(t, "/user2/lfs/media/branch/master/crypt.bin", rawLink, "The download link should use the proper /media link because it's in LFS")
+		// find new file view container
+		fileViewContainer := doc.Find("[data-global-init=initRepoFileView]")
+		assert.Equal(t, "/user2/lfs/media/branch/master/crypt.bin", fileViewContainer.AttrOr("data-raw-file-link", ""))
+		AssertHTMLElement(t, doc, ".view-raw > .file-view-render-container > .file-view-raw-prompt", 1)
 	})
 
 	// check that a directory with a README file shows its text
diff --git a/tests/integration/links_test.go b/tests/integration/links_test.go
index 6573a47ccc..f80cc6f3f9 100644
--- a/tests/integration/links_test.go
+++ b/tests/integration/links_test.go
@@ -17,43 +17,54 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func TestLinksNoLogin(t *testing.T) {
+func assertLinkPageComplete(t *testing.T, session *TestSession, link string) {
+	req := NewRequest(t, "GET", link)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.True(t, test.IsNormalPageCompleted(resp.Body.String()), "Page did not complete: "+link)
+}
+
+func TestLinks(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
+	t.Run("NoLogin", testLinksNoLogin)
+	t.Run("RedirectsNoLogin", testLinksRedirectsNoLogin)
+	t.Run("NoLoginNotExist", testLinksNoLoginNotExist)
+	t.Run("AsUser", testLinksAsUser)
+	t.Run("RepoCommon", testLinksRepoCommon)
+}
+
+func testLinksNoLogin(t *testing.T) {
 	links := []string{
+		"/",
 		"/explore/repos",
 		"/explore/repos?q=test",
 		"/explore/users",
 		"/explore/users?q=test",
 		"/explore/organizations",
 		"/explore/organizations?q=test",
-		"/",
 		"/user/sign_up",
 		"/user/login",
 		"/user/forgot_password",
-		"/api/swagger",
 		"/user2/repo1",
 		"/user2/repo1/",
 		"/user2/repo1/projects",
 		"/user2/repo1/projects/1",
 		"/user2/repo1/releases/tag/delete-tag", // It's the only one existing record on release.yml which has is_tag: true
-		"/.well-known/security.txt",
+		"/api/swagger",
 	}
-
 	for _, link := range links {
-		req := NewRequest(t, "GET", link)
-		MakeRequest(t, req, http.StatusOK)
+		assertLinkPageComplete(t, nil, link)
 	}
+	MakeRequest(t, NewRequest(t, "GET", "/.well-known/security.txt"), http.StatusOK)
 }
 
-func TestRedirectsNoLogin(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
+func testLinksRedirectsNoLogin(t *testing.T) {
 	redirects := []struct{ from, to string }{
 		{"/user2/repo1/commits/master", "/user2/repo1/commits/branch/master"},
 		{"/user2/repo1/src/master", "/user2/repo1/src/branch/master"},
 		{"/user2/repo1/src/master/a%2fb.txt", "/user2/repo1/src/branch/master/a%2fb.txt"},
 		{"/user2/repo1/src/master/directory/file.txt?a=1", "/user2/repo1/src/branch/master/directory/file.txt?a=1"},
+		{"/user2/repo1/src/branch/master/directory/file.txt?raw=1&other=2", "/user2/repo1/raw/branch/master/directory/file.txt"},
 		{"/user2/repo1/tree/a%2fb?a=1", "/user2/repo1/src/a%2fb?a=1"},
 		{"/user2/repo1/blob/123456/%20?a=1", "/user2/repo1/src/commit/123456/%20?a=1"},
 		{"/user/avatar/GhosT/-1", "/assets/img/avatar_default.png"},
@@ -63,13 +74,11 @@ func TestRedirectsNoLogin(t *testing.T) {
 	for _, c := range redirects {
 		req := NewRequest(t, "GET", c.from)
 		resp := MakeRequest(t, req, http.StatusSeeOther)
-		assert.EqualValues(t, path.Join(setting.AppSubURL, c.to), test.RedirectURL(resp))
+		assert.Equal(t, path.Join(setting.AppSubURL, c.to), test.RedirectURL(resp))
 	}
 }
 
-func TestNoLoginNotExist(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
+func testLinksNoLoginNotExist(t *testing.T) {
 	links := []string{
 		"/user5/repo4/projects",
 		"/user5/repo4/projects/3",
@@ -81,7 +90,8 @@ func TestNoLoginNotExist(t *testing.T) {
 	}
 }
 
-func testLinksAsUser(userName string, t *testing.T) {
+func testLinksAsUser(t *testing.T) {
+	session := loginUser(t, "user2")
 	links := []string{
 		"/explore/repos",
 		"/explore/repos?q=test",
@@ -129,18 +139,14 @@ func testLinksAsUser(userName string, t *testing.T) {
 		"/user/settings/repos",
 	}
 
-	session := loginUser(t, userName)
 	for _, link := range links {
-		req := NewRequest(t, "GET", link)
-		session.MakeRequest(t, req, http.StatusOK)
+		assertLinkPageComplete(t, session, link)
 	}
 
-	reqAPI := NewRequestf(t, "GET", "/api/v1/users/%s/repos", userName)
+	reqAPI := NewRequestf(t, "GET", "/api/v1/users/user2/repos")
 	respAPI := MakeRequest(t, reqAPI, http.StatusOK)
-
 	var apiRepos []*api.Repository
 	DecodeJSON(t, respAPI, &apiRepos)
-
 	repoLinks := []string{
 		"",
 		"/issues",
@@ -163,24 +169,15 @@ func testLinksAsUser(userName string, t *testing.T) {
 		"/wiki/?action=_new",
 		"/activity",
 	}
-
 	for _, repo := range apiRepos {
 		for _, link := range repoLinks {
-			req := NewRequest(t, "GET", fmt.Sprintf("/%s/%s%s", userName, repo.Name, link))
-			session.MakeRequest(t, req, http.StatusOK)
+			link = fmt.Sprintf("/user2/%s%s", repo.Name, link)
+			assertLinkPageComplete(t, session, link)
 		}
 	}
 }
 
-func TestLinksLogin(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	testLinksAsUser("user2", t)
-}
-
-func TestRepoLinks(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
+func testLinksRepoCommon(t *testing.T) {
 	// repo1 has enabled almost features, so we can test most links
 	repoLink := "/user2/repo1"
 	links := []string{
@@ -191,21 +188,18 @@ func TestRepoLinks(t *testing.T) {
 
 	// anonymous user
 	for _, link := range links {
-		req := NewRequest(t, "GET", repoLink+link)
-		MakeRequest(t, req, http.StatusOK)
+		assertLinkPageComplete(t, nil, repoLink+link)
 	}
 
 	// admin/owner user
 	session := loginUser(t, "user1")
 	for _, link := range links {
-		req := NewRequest(t, "GET", repoLink+link)
-		session.MakeRequest(t, req, http.StatusOK)
+		assertLinkPageComplete(t, session, repoLink+link)
 	}
 
 	// non-admin non-owner user
 	session = loginUser(t, "user2")
 	for _, link := range links {
-		req := NewRequest(t, "GET", repoLink+link)
-		session.MakeRequest(t, req, http.StatusOK)
+		assertLinkPageComplete(t, session, repoLink+link)
 	}
 }
diff --git a/tests/integration/markup_external_test.go b/tests/integration/markup_external_test.go
index 2d713b0eb9..47d143a29e 100644
--- a/tests/integration/markup_external_test.go
+++ b/tests/integration/markup_external_test.go
@@ -27,7 +27,7 @@ func TestExternalMarkupRenderer(t *testing.T) {
 
 	req := NewRequest(t, "GET", "/user30/renderer/src/branch/master/README.html")
 	resp := MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
+	assert.Equal(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
 
 	bs, err := io.ReadAll(resp.Body)
 	assert.NoError(t, err)
@@ -36,25 +36,25 @@ func TestExternalMarkupRenderer(t *testing.T) {
 	div := doc.Find("div.file-view")
 	data, err := div.Html()
 	assert.NoError(t, err)
-	assert.EqualValues(t, "<div>\n\ttest external renderer\n</div>", strings.TrimSpace(data))
+	assert.Equal(t, "<div>\n\ttest external renderer\n</div>", strings.TrimSpace(data))
 
 	r := markup.GetRendererByFileName("a.html").(*external.Renderer)
 	r.RenderContentMode = setting.RenderContentModeIframe
 
 	req = NewRequest(t, "GET", "/user30/renderer/src/branch/master/README.html")
 	resp = MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
+	assert.Equal(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
 	bs, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
 	doc = NewHTMLParser(t, bytes.NewBuffer(bs))
 	iframe := doc.Find("iframe")
-	assert.EqualValues(t, "/user30/renderer/render/branch/master/README.html", iframe.AttrOr("src", ""))
+	assert.Equal(t, "/user30/renderer/render/branch/master/README.html", iframe.AttrOr("src", ""))
 
 	req = NewRequest(t, "GET", "/user30/renderer/render/branch/master/README.html")
 	resp = MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
+	assert.Equal(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
 	bs, err = io.ReadAll(resp.Body)
 	assert.NoError(t, err)
-	assert.EqualValues(t, "frame-src 'self'; sandbox allow-scripts", resp.Header().Get("Content-Security-Policy"))
-	assert.EqualValues(t, "<div>\n\ttest external renderer\n</div>\n", string(bs))
+	assert.Equal(t, "frame-src 'self'; sandbox allow-scripts", resp.Header().Get("Content-Security-Policy"))
+	assert.Equal(t, "<div>\n\ttest external renderer\n</div>\n", string(bs))
 }
diff --git a/tests/integration/migrate_test.go b/tests/integration/migrate_test.go
index 59dd6907db..a89dc8b85c 100644
--- a/tests/integration/migrate_test.go
+++ b/tests/integration/migrate_test.go
@@ -9,6 +9,7 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"strconv"
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
@@ -84,7 +85,7 @@ func TestMigrateGiteaForm(t *testing.T) {
 		assert.True(t, exists, "The template has changed")
 		serviceInput, exists := form.Find(`input[name="service"]`).Attr("value")
 		assert.True(t, exists)
-		assert.EqualValues(t, fmt.Sprintf("%d", structs.GiteaService), serviceInput)
+		assert.Equal(t, fmt.Sprintf("%d", structs.GiteaService), serviceInput)
 		// Step 4: submit the migration to only migrate issues
 		migratedRepoName := "otherrepo"
 		req = NewRequestWithValues(t, "POST", link, map[string]string{
@@ -95,12 +96,12 @@ func TestMigrateGiteaForm(t *testing.T) {
 			"issues":      "on",
 			"repo_name":   migratedRepoName,
 			"description": "",
-			"uid":         fmt.Sprintf("%d", repoOwner.ID),
+			"uid":         strconv.FormatInt(repoOwner.ID, 10),
 		})
 		resp = session.MakeRequest(t, req, http.StatusSeeOther)
 		// Step 5: a redirection displays the migrated repository
 		loc := resp.Header().Get("Location")
-		assert.EqualValues(t, fmt.Sprintf("/%s/%s", ownerName, migratedRepoName), loc)
+		assert.Equal(t, fmt.Sprintf("/%s/%s", ownerName, migratedRepoName), loc)
 		// Step 6: check the repo was created
 		unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: migratedRepoName})
 	})
diff --git a/tests/integration/migration-test/migration_test.go b/tests/integration/migration-test/migration_test.go
index 1b42f00604..0fc8a6e24d 100644
--- a/tests/integration/migration-test/migration_test.go
+++ b/tests/integration/migration-test/migration_test.go
@@ -38,7 +38,7 @@ var currentEngine *xorm.Engine
 func initMigrationTest(t *testing.T) func() {
 	testlogger.Init()
 	giteaRoot := test.SetupGiteaRoot()
-	setting.AppPath = path.Join(giteaRoot, "gitea")
+	setting.AppPath = filepath.Join(giteaRoot, "gitea")
 	if _, err := os.Stat(setting.AppPath); err != nil {
 		testlogger.Fatalf(fmt.Sprintf("Could not find gitea binary at %s\n", setting.AppPath))
 	}
@@ -47,15 +47,15 @@ func initMigrationTest(t *testing.T) func() {
 	if giteaConf == "" {
 		testlogger.Fatalf("Environment variable $GITEA_CONF not set\n")
 	} else if !path.IsAbs(giteaConf) {
-		setting.CustomConf = path.Join(giteaRoot, giteaConf)
+		setting.CustomConf = filepath.Join(giteaRoot, giteaConf)
 	} else {
 		setting.CustomConf = giteaConf
 	}
 
-	unittest.InitSettings()
+	unittest.InitSettingsForTesting()
 
 	assert.NotEmpty(t, setting.RepoRootPath)
-	assert.NoError(t, unittest.SyncDirs(path.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath))
+	assert.NoError(t, unittest.SyncDirs(filepath.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath))
 	assert.NoError(t, git.InitFull(t.Context()))
 	setting.LoadDBSetting()
 	setting.InitLoggersForTest()
@@ -140,10 +140,10 @@ func restoreOldDB(t *testing.T, version string) {
 		assert.NoError(t, err)
 		defer db.Close()
 
-		_, err = db.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s", setting.Database.Name))
+		_, err = db.Exec("DROP DATABASE IF EXISTS " + setting.Database.Name)
 		assert.NoError(t, err)
 
-		_, err = db.Exec(fmt.Sprintf("CREATE DATABASE IF NOT EXISTS %s", setting.Database.Name))
+		_, err = db.Exec("CREATE DATABASE IF NOT EXISTS " + setting.Database.Name)
 		assert.NoError(t, err)
 		db.Close()
 
@@ -170,10 +170,10 @@ func restoreOldDB(t *testing.T, version string) {
 		}
 		defer db.Close()
 
-		_, err = db.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s", setting.Database.Name))
+		_, err = db.Exec("DROP DATABASE IF EXISTS " + setting.Database.Name)
 		assert.NoError(t, err)
 
-		_, err = db.Exec(fmt.Sprintf("CREATE DATABASE %s", setting.Database.Name))
+		_, err = db.Exec("CREATE DATABASE " + setting.Database.Name)
 		assert.NoError(t, err)
 		db.Close()
 
@@ -195,7 +195,7 @@ func restoreOldDB(t *testing.T, version string) {
 
 			if !schrows.Next() {
 				// Create and setup a DB schema
-				_, err = db.Exec(fmt.Sprintf("CREATE SCHEMA %s", setting.Database.Schema))
+				_, err = db.Exec("CREATE SCHEMA " + setting.Database.Schema)
 				assert.NoError(t, err)
 			}
 			schrows.Close()
diff --git a/tests/integration/mirror_pull_test.go b/tests/integration/mirror_pull_test.go
index cf6faa7704..c33b2eb04d 100644
--- a/tests/integration/mirror_pull_test.go
+++ b/tests/integration/mirror_pull_test.go
@@ -4,10 +4,12 @@
 package integration
 
 import (
+	"slices"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
@@ -19,11 +21,13 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestMirrorPull(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
+	ctx := t.Context()
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
 	repoPath := repo_model.RepoPath(user.Name, repo.Name)
@@ -35,24 +39,28 @@ func TestMirrorPull(t *testing.T) {
 		Mirror:      true,
 		CloneAddr:   repoPath,
 		Wiki:        true,
-		Releases:    false,
+		Releases:    true,
 	}
 
-	mirrorRepo, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
+	mirrorRepo, err := repo_service.CreateRepositoryDirectly(ctx, user, user, repo_service.CreateRepoOptions{
 		Name:        opts.RepoName,
 		Description: opts.Description,
 		IsPrivate:   opts.Private,
 		IsMirror:    opts.Mirror,
 		Status:      repo_model.RepositoryBeingMigrated,
-	})
+	}, false)
 	assert.NoError(t, err)
 	assert.True(t, mirrorRepo.IsMirror, "expected pull-mirror repo to be marked as a mirror immediately after its creation")
 
-	ctx := t.Context()
-
-	mirror, err := repo_service.MigrateRepositoryGitData(ctx, user, mirrorRepo, opts, nil)
+	mirrorRepo, err = repo_service.MigrateRepositoryGitData(ctx, user, mirrorRepo, opts, nil)
 	assert.NoError(t, err)
 
+	// these units should have been enabled
+	mirrorRepo.Units = nil
+	require.NoError(t, mirrorRepo.LoadUnits(ctx))
+	assert.True(t, slices.ContainsFunc(mirrorRepo.Units, func(u *repo_model.RepoUnit) bool { return u.Type == unit.TypeReleases }))
+	assert.True(t, slices.ContainsFunc(mirrorRepo.Units, func(u *repo_model.RepoUnit) bool { return u.Type == unit.TypeWiki }))
+
 	gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo)
 	assert.NoError(t, err)
 	defer gitRepo.Close()
@@ -60,10 +68,11 @@ func TestMirrorPull(t *testing.T) {
 	findOptions := repo_model.FindReleasesOptions{
 		IncludeDrafts: true,
 		IncludeTags:   true,
-		RepoID:        mirror.ID,
+		RepoID:        mirrorRepo.ID,
 	}
 	initCount, err := db.Count[repo_model.Release](db.DefaultContext, findOptions)
 	assert.NoError(t, err)
+	assert.Zero(t, initCount) // no sync yet, so even though there is a tag in source repo, the mirror's release table is still empty
 
 	assert.NoError(t, release_service.CreateRelease(gitRepo, &repo_model.Release{
 		RepoID:       repo.ID,
@@ -79,24 +88,27 @@ func TestMirrorPull(t *testing.T) {
 		IsTag:        true,
 	}, nil, ""))
 
-	_, err = repo_model.GetMirrorByRepoID(ctx, mirror.ID)
+	_, err = repo_model.GetMirrorByRepoID(ctx, mirrorRepo.ID)
 	assert.NoError(t, err)
 
-	ok := mirror_service.SyncPullMirror(ctx, mirror.ID)
+	ok := mirror_service.SyncPullMirror(ctx, mirrorRepo.ID)
 	assert.True(t, ok)
 
+	// actually there is a tag in the source repo, so after "sync", that tag will also come into the mirror
+	initCount++
+
 	count, err := db.Count[repo_model.Release](db.DefaultContext, findOptions)
 	assert.NoError(t, err)
-	assert.EqualValues(t, initCount+1, count)
+	assert.Equal(t, initCount+1, count)
 
 	release, err := repo_model.GetRelease(db.DefaultContext, repo.ID, "v0.2")
 	assert.NoError(t, err)
 	assert.NoError(t, release_service.DeleteReleaseByID(ctx, repo, release, user, true))
 
-	ok = mirror_service.SyncPullMirror(ctx, mirror.ID)
+	ok = mirror_service.SyncPullMirror(ctx, mirrorRepo.ID)
 	assert.True(t, ok)
 
 	count, err = db.Count[repo_model.Release](db.DefaultContext, findOptions)
 	assert.NoError(t, err)
-	assert.EqualValues(t, initCount, count)
+	assert.Equal(t, initCount, count)
 }
diff --git a/tests/integration/mirror_push_test.go b/tests/integration/mirror_push_test.go
index a8046cdc59..9b6d4c4017 100644
--- a/tests/integration/mirror_push_test.go
+++ b/tests/integration/mirror_push_test.go
@@ -40,7 +40,7 @@ func testMirrorPush(t *testing.T, u *url.URL) {
 
 	mirrorRepo, err := repo_service.CreateRepositoryDirectly(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
 		Name: "test-push-mirror",
-	})
+	}, true)
 	assert.NoError(t, err)
 
 	session := loginUser(t, user.Name)
@@ -128,18 +128,18 @@ func TestRepoSettingPushMirrorUpdate(t *testing.T) {
 	pushMirrors, cnt, err := repo_model.GetPushMirrorsByRepoID(db.DefaultContext, repo2.ID, db.ListOptions{})
 	assert.NoError(t, err)
 	assert.EqualValues(t, 1, cnt)
-	assert.EqualValues(t, 24*time.Hour, pushMirrors[0].Interval)
+	assert.Equal(t, 24*time.Hour, pushMirrors[0].Interval)
 	repo2PushMirrorID := pushMirrors[0].ID
 
 	// update repo2 push mirror
 	assert.True(t, doUpdatePushMirror(t, session, "user2", "repo2", repo2PushMirrorID, "10m0s"))
 	pushMirror := unittest.AssertExistsAndLoadBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
-	assert.EqualValues(t, 10*time.Minute, pushMirror.Interval)
+	assert.Equal(t, 10*time.Minute, pushMirror.Interval)
 
 	// avoid updating repo2 push mirror from repo1
 	assert.False(t, doUpdatePushMirror(t, session, "user2", "repo1", repo2PushMirrorID, "20m0s"))
 	pushMirror = unittest.AssertExistsAndLoadBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
-	assert.EqualValues(t, 10*time.Minute, pushMirror.Interval) // not changed
+	assert.Equal(t, 10*time.Minute, pushMirror.Interval) // not changed
 
 	// avoid deleting repo2 push mirror from repo1
 	assert.False(t, doRemovePushMirror(t, session, "user2", "repo1", repo2PushMirrorID))
diff --git a/tests/integration/oauth_test.go b/tests/integration/oauth_test.go
index d2228bae79..a2247801f7 100644
--- a/tests/integration/oauth_test.go
+++ b/tests/integration/oauth_test.go
@@ -9,9 +9,11 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/http/httptest"
 	"strings"
 	"testing"
 
+	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
@@ -19,31 +21,45 @@ import (
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/auth/source/oauth2"
 	"code.gitea.io/gitea/services/oauth2_provider"
 	"code.gitea.io/gitea/tests"
 
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
-func TestAuthorizeNoClientID(t *testing.T) {
+func TestOAuth2Provider(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
+
+	t.Run("AuthorizeNoClientID", testAuthorizeNoClientID)
+	t.Run("AuthorizeUnregisteredRedirect", testAuthorizeUnregisteredRedirect)
+	t.Run("AuthorizeUnsupportedResponseType", testAuthorizeUnsupportedResponseType)
+	t.Run("AuthorizeUnsupportedCodeChallengeMethod", testAuthorizeUnsupportedCodeChallengeMethod)
+	t.Run("AuthorizeLoginRedirect", testAuthorizeLoginRedirect)
+
+	t.Run("OAuth2WellKnown", testOAuth2WellKnown)
+}
+
+func testAuthorizeNoClientID(t *testing.T) {
 	req := NewRequest(t, "GET", "/login/oauth/authorize")
 	ctx := loginUser(t, "user2")
 	resp := ctx.MakeRequest(t, req, http.StatusBadRequest)
 	assert.Contains(t, resp.Body.String(), "Client ID not registered")
 }
 
-func TestAuthorizeUnregisteredRedirect(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testAuthorizeUnregisteredRedirect(t *testing.T) {
 	req := NewRequest(t, "GET", "/login/oauth/authorize?client_id=da7da3ba-9a13-4167-856f-3899de0b0138&redirect_uri=UNREGISTERED&response_type=code&state=thestate")
 	ctx := loginUser(t, "user1")
 	resp := ctx.MakeRequest(t, req, http.StatusBadRequest)
 	assert.Contains(t, resp.Body.String(), "Unregistered Redirect URI")
 }
 
-func TestAuthorizeUnsupportedResponseType(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testAuthorizeUnsupportedResponseType(t *testing.T) {
 	req := NewRequest(t, "GET", "/login/oauth/authorize?client_id=da7da3ba-9a13-4167-856f-3899de0b0138&redirect_uri=a&response_type=UNEXPECTED&state=thestate")
 	ctx := loginUser(t, "user1")
 	resp := ctx.MakeRequest(t, req, http.StatusSeeOther)
@@ -53,8 +69,7 @@ func TestAuthorizeUnsupportedResponseType(t *testing.T) {
 	assert.Equal(t, "Only code response type is supported.", u.Query().Get("error_description"))
 }
 
-func TestAuthorizeUnsupportedCodeChallengeMethod(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testAuthorizeUnsupportedCodeChallengeMethod(t *testing.T) {
 	req := NewRequest(t, "GET", "/login/oauth/authorize?client_id=da7da3ba-9a13-4167-856f-3899de0b0138&redirect_uri=a&response_type=code&state=thestate&code_challenge_method=UNEXPECTED")
 	ctx := loginUser(t, "user1")
 	resp := ctx.MakeRequest(t, req, http.StatusSeeOther)
@@ -64,8 +79,7 @@ func TestAuthorizeUnsupportedCodeChallengeMethod(t *testing.T) {
 	assert.Equal(t, "unsupported code challenge method", u.Query().Get("error_description"))
 }
 
-func TestAuthorizeLoginRedirect(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testAuthorizeLoginRedirect(t *testing.T) {
 	req := NewRequest(t, "GET", "/login/oauth/authorize")
 	assert.Contains(t, MakeRequest(t, req, http.StatusSeeOther).Body.String(), "/user/login")
 }
@@ -903,3 +917,127 @@ func TestOAuth_GrantScopesClaimAllGroups(t *testing.T) {
 		assert.Contains(t, userinfoParsed.Groups, group)
 	}
 }
+
+func testOAuth2WellKnown(t *testing.T) {
+	urlOpenidConfiguration := "/.well-known/openid-configuration"
+
+	defer test.MockVariableValue(&setting.AppURL, "https://try.gitea.io/")()
+	req := NewRequest(t, "GET", urlOpenidConfiguration)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var respMap map[string]any
+	DecodeJSON(t, resp, &respMap)
+	assert.Equal(t, "https://try.gitea.io", respMap["issuer"])
+	assert.Equal(t, "https://try.gitea.io/login/oauth/authorize", respMap["authorization_endpoint"])
+	assert.Equal(t, "https://try.gitea.io/login/oauth/access_token", respMap["token_endpoint"])
+	assert.Equal(t, "https://try.gitea.io/login/oauth/keys", respMap["jwks_uri"])
+	assert.Equal(t, "https://try.gitea.io/login/oauth/userinfo", respMap["userinfo_endpoint"])
+	assert.Equal(t, "https://try.gitea.io/login/oauth/introspect", respMap["introspection_endpoint"])
+	assert.Equal(t, []any{"RS256"}, respMap["id_token_signing_alg_values_supported"])
+
+	defer test.MockVariableValue(&setting.OAuth2.Enabled, false)()
+	MakeRequest(t, NewRequest(t, "GET", urlOpenidConfiguration), http.StatusNotFound)
+}
+
+func addOAuth2Source(t *testing.T, authName string, cfg oauth2.Source) {
+	cfg.Provider = util.IfZero(cfg.Provider, "gitea")
+	err := auth_model.CreateSource(db.DefaultContext, &auth_model.Source{
+		Type:     auth_model.OAuth2,
+		Name:     authName,
+		IsActive: true,
+		Cfg:      &cfg,
+	})
+	require.NoError(t, err)
+}
+
+func TestSignInOauthCallbackSyncSSHKeys(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	var mockServer *httptest.Server
+	mockServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.URL.Path {
+		case "/.well-known/openid-configuration":
+			_, _ = w.Write([]byte(`{
+				"issuer": "` + mockServer.URL + `",
+				"authorization_endpoint": "` + mockServer.URL + `/authorize",
+				"token_endpoint": "` + mockServer.URL + `/token",
+				"userinfo_endpoint": "` + mockServer.URL + `/userinfo"
+			}`))
+		default:
+			http.NotFound(w, r)
+		}
+	}))
+	defer mockServer.Close()
+
+	ctx := t.Context()
+	oauth2Source := oauth2.Source{
+		Provider:                      "openidConnect",
+		ClientID:                      "test-client-id",
+		SSHPublicKeyClaimName:         "sshpubkey",
+		FullNameClaimName:             "name",
+		OpenIDConnectAutoDiscoveryURL: mockServer.URL + "/.well-known/openid-configuration",
+	}
+	addOAuth2Source(t, "test-oidc-source", oauth2Source)
+	authSource, err := auth_model.GetActiveOAuth2SourceByAuthName(ctx, "test-oidc-source")
+	require.NoError(t, err)
+
+	sshKey1 := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICV0MGX/W9IvLA4FXpIuUcdDcbj5KX4syHgsTy7soVgf"
+	sshKey2 := "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIE7kM1R02+4ertDKGKEDcKG0s+2vyDDcIvceJ0Gqv5f1AAAABHNzaDo="
+	sshKey3 := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHjnNEfE88W1pvBLdV3otv28x760gdmPao3lVD5uAt9"
+	cases := []struct {
+		testName           string
+		mockFullName       string
+		mockRawData        map[string]any
+		expectedSSHPubKeys []string
+	}{
+		{
+			testName:           "Login1",
+			mockFullName:       "FullName1",
+			mockRawData:        map[string]any{"sshpubkey": []any{sshKey1 + " any-comment"}},
+			expectedSSHPubKeys: []string{sshKey1},
+		},
+		{
+			testName:           "Login2",
+			mockFullName:       "FullName2",
+			mockRawData:        map[string]any{"sshpubkey": []any{sshKey2 + " any-comment", sshKey3}},
+			expectedSSHPubKeys: []string{sshKey2, sshKey3},
+		},
+		{
+			testName:           "Login3",
+			mockFullName:       "FullName3",
+			mockRawData:        map[string]any{},
+			expectedSSHPubKeys: []string{},
+		},
+	}
+
+	session := emptyTestSession(t)
+	for _, c := range cases {
+		t.Run(c.testName, func(t *testing.T) {
+			defer test.MockVariableValue(&setting.OAuth2Client.Username, "")()
+			defer test.MockVariableValue(&setting.OAuth2Client.EnableAutoRegistration, true)()
+			defer test.MockVariableValue(&gothic.CompleteUserAuth, func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
+				return goth.User{
+					Provider: authSource.Cfg.(*oauth2.Source).Provider,
+					UserID:   "oidc-userid",
+					Email:    "oidc-email@example.com",
+					RawData:  c.mockRawData,
+					Name:     c.mockFullName,
+				}, nil
+			})()
+			req := NewRequest(t, "GET", "/user/oauth2/test-oidc-source/callback?code=XYZ&state=XYZ")
+			session.MakeRequest(t, req, http.StatusSeeOther)
+			user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "oidc-userid"})
+			keys, _, err := db.FindAndCount[asymkey_model.PublicKey](ctx, asymkey_model.FindPublicKeyOptions{
+				ListOptions:   db.ListOptionsAll,
+				OwnerID:       user.ID,
+				LoginSourceID: authSource.ID,
+			})
+			require.NoError(t, err)
+			var sshPubKeys []string
+			for _, key := range keys {
+				sshPubKeys = append(sshPubKeys, key.Content)
+			}
+			assert.ElementsMatch(t, c.expectedSSHPubKeys, sshPubKeys)
+			assert.Equal(t, c.mockFullName, user.FullName)
+		})
+	}
+}
diff --git a/tests/integration/org_count_test.go b/tests/integration/org_count_test.go
index fb71e690c2..c48008e627 100644
--- a/tests/integration/org_count_test.go
+++ b/tests/integration/org_count_test.go
@@ -120,8 +120,8 @@ func doCheckOrgCounts(username string, orgCounts map[string]int, strict bool, ca
 		})
 
 		orgs, err := db.Find[organization.Organization](db.DefaultContext, organization.FindOrgOptions{
-			UserID:         user.ID,
-			IncludePrivate: true,
+			UserID:            user.ID,
+			IncludeVisibility: api.VisibleTypePrivate,
 		})
 		assert.NoError(t, err)
 
diff --git a/tests/integration/org_team_invite_test.go b/tests/integration/org_team_invite_test.go
index 4c1053702e..7444980ea8 100644
--- a/tests/integration/org_team_invite_test.go
+++ b/tests/integration/org_team_invite_test.go
@@ -58,7 +58,7 @@ func TestOrgTeamEmailInvite(t *testing.T) {
 	session = loginUser(t, user.Name)
 
 	// join the team
-	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
+	inviteURL := "/org/invite/" + invites[0].Token
 	csrf = GetUserCSRFToken(t, session)
 	req = NewRequestWithValues(t, "POST", inviteURL, map[string]string{
 		"_csrf": csrf,
@@ -108,8 +108,8 @@ func TestOrgTeamEmailInviteRedirectsExistingUser(t *testing.T) {
 	assert.Len(t, invites, 1)
 
 	// accept the invite
-	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
-	req = NewRequest(t, "GET", fmt.Sprintf("/user/login?redirect_to=%s", url.QueryEscape(inviteURL)))
+	inviteURL := "/org/invite/" + invites[0].Token
+	req = NewRequest(t, "GET", "/user/login?redirect_to="+url.QueryEscape(inviteURL))
 	resp = MakeRequest(t, req, http.StatusOK)
 
 	doc := NewHTMLParser(t, resp.Body)
@@ -179,8 +179,8 @@ func TestOrgTeamEmailInviteRedirectsNewUser(t *testing.T) {
 	assert.Len(t, invites, 1)
 
 	// accept the invite
-	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
-	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
+	inviteURL := "/org/invite/" + invites[0].Token
+	req = NewRequest(t, "GET", "/user/sign_up?redirect_to="+url.QueryEscape(inviteURL))
 	resp = MakeRequest(t, req, http.StatusOK)
 
 	doc := NewHTMLParser(t, resp.Body)
@@ -260,8 +260,8 @@ func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) {
 	// new user: accept the invite
 	session = emptyTestSession(t)
 
-	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
-	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
+	inviteURL := "/org/invite/" + invites[0].Token
+	req = NewRequest(t, "GET", "/user/sign_up?redirect_to="+url.QueryEscape(inviteURL))
 	session.MakeRequest(t, req, http.StatusOK)
 	req = NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
 		"user_name": "doesnotexist",
@@ -275,7 +275,7 @@ func TestOrgTeamEmailInviteRedirectsNewUserWithActivation(t *testing.T) {
 	assert.NoError(t, err)
 
 	activationCode := user_model.GenerateUserTimeLimitCode(&user_model.TimeLimitCodeOptions{Purpose: user_model.TimeLimitCodeActivateAccount}, user)
-	activateURL := fmt.Sprintf("/user/activate?code=%s", activationCode)
+	activateURL := "/user/activate?code=" + activationCode
 	req = NewRequestWithValues(t, "POST", activateURL, map[string]string{
 		"password": "examplePassword!1",
 	})
@@ -337,8 +337,8 @@ func TestOrgTeamEmailInviteRedirectsExistingUserWithLogin(t *testing.T) {
 	session = loginUser(t, "user5")
 
 	// accept the invite (note: this uses the sign_up url)
-	inviteURL := fmt.Sprintf("/org/invite/%s", invites[0].Token)
-	req = NewRequest(t, "GET", fmt.Sprintf("/user/sign_up?redirect_to=%s", url.QueryEscape(inviteURL)))
+	inviteURL := "/org/invite/" + invites[0].Token
+	req = NewRequest(t, "GET", "/user/sign_up?redirect_to="+url.QueryEscape(inviteURL))
 	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, inviteURL, test.RedirectURL(resp))
 
diff --git a/tests/integration/org_test.go b/tests/integration/org_test.go
index ef4ef2bb9b..3ed7baa5ba 100644
--- a/tests/integration/org_test.go
+++ b/tests/integration/org_test.go
@@ -10,12 +10,17 @@ import (
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/organization"
+	"code.gitea.io/gitea/models/perm"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestOrgRepos(t *testing.T) {
@@ -40,8 +45,8 @@ func TestOrgRepos(t *testing.T) {
 
 				sel := htmlDoc.doc.Find("a.name")
 				assert.Len(t, repos, len(sel.Nodes))
-				for i := 0; i < len(repos); i++ {
-					assert.EqualValues(t, repos[i], strings.TrimSpace(sel.Eq(i).Text()))
+				for i := range repos {
+					assert.Equal(t, repos[i], strings.TrimSpace(sel.Eq(i).Text()))
 				}
 			}
 		})
@@ -151,7 +156,7 @@ func TestOrgRestrictedUser(t *testing.T) {
 
 	// assert restrictedUser cannot see the org or the public repo
 	restrictedSession := loginUser(t, restrictedUser)
-	req := NewRequest(t, "GET", fmt.Sprintf("/%s", orgName))
+	req := NewRequest(t, "GET", "/"+orgName)
 	restrictedSession.MakeRequest(t, req, http.StatusNotFound)
 
 	req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s", orgName, repoName))
@@ -177,9 +182,9 @@ func TestOrgRestrictedUser(t *testing.T) {
 	resp := adminSession.MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, &apiTeam)
 	checkTeamResponse(t, "CreateTeam_codereader", &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units, nil)
+		"none", teamToCreate.Units, nil)
 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,
-		teamToCreate.Permission, teamToCreate.Units, nil)
+		"none", teamToCreate.Units, nil)
 	// teamID := apiTeam.ID
 
 	// Now we need to add the restricted user to the team
@@ -188,7 +193,7 @@ func TestOrgRestrictedUser(t *testing.T) {
 	_ = adminSession.MakeRequest(t, req, http.StatusNoContent)
 
 	// Now we need to check if the restrictedUser can access the repo
-	req = NewRequest(t, "GET", fmt.Sprintf("/%s", orgName))
+	req = NewRequest(t, "GET", "/"+orgName)
 	restrictedSession.MakeRequest(t, req, http.StatusOK)
 
 	req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s", orgName, repoName))
@@ -217,4 +222,32 @@ func TestTeamSearch(t *testing.T) {
 	session = loginUser(t, user5.Name)
 	req = NewRequestf(t, "GET", "/org/%s/teams/-/search?q=%s", org.Name, "team")
 	session.MakeRequest(t, req, http.StatusNotFound)
+
+	t.Run("SearchWithPermission", func(t *testing.T) {
+		ctx := t.Context()
+		const testOrgID int64 = 500
+		const testRepoID int64 = 2000
+		testTeam := &organization.Team{OrgID: testOrgID, LowerName: "test_team", AccessMode: perm.AccessModeNone}
+		require.NoError(t, db.Insert(ctx, testTeam))
+		require.NoError(t, db.Insert(ctx, &organization.TeamRepo{OrgID: testOrgID, TeamID: testTeam.ID, RepoID: testRepoID}))
+		require.NoError(t, db.Insert(ctx, &organization.TeamUnit{OrgID: testOrgID, TeamID: testTeam.ID, Type: unit.TypeCode, AccessMode: perm.AccessModeRead}))
+		require.NoError(t, db.Insert(ctx, &organization.TeamUnit{OrgID: testOrgID, TeamID: testTeam.ID, Type: unit.TypeIssues, AccessMode: perm.AccessModeWrite}))
+
+		teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, testOrgID, testRepoID, perm.AccessModeRead, unit.TypeCode, unit.TypeIssues)
+		require.NoError(t, err)
+		assert.Len(t, teams, 1) // can read "code" or "issues"
+
+		teams, err = organization.GetTeamsWithAccessToAnyRepoUnit(ctx, testOrgID, testRepoID, perm.AccessModeWrite, unit.TypeCode)
+		require.NoError(t, err)
+		assert.Empty(t, teams) // cannot write "code"
+
+		teams, err = organization.GetTeamsWithAccessToAnyRepoUnit(ctx, testOrgID, testRepoID, perm.AccessModeWrite, unit.TypeIssues)
+		require.NoError(t, err)
+		assert.Len(t, teams, 1) // can write "issues"
+
+		_, _ = db.GetEngine(ctx).ID(testTeam.ID).Update(&organization.Team{AccessMode: perm.AccessModeWrite})
+		teams, err = organization.GetTeamsWithAccessToAnyRepoUnit(ctx, testOrgID, testRepoID, perm.AccessModeWrite, unit.TypeCode)
+		require.NoError(t, err)
+		assert.Len(t, teams, 1) // team permission is "write", so can write "code"
+	})
 }
diff --git a/tests/integration/project_test.go b/tests/integration/project_test.go
index 111356b1da..43a489d4c4 100644
--- a/tests/integration/project_test.go
+++ b/tests/integration/project_test.go
@@ -47,7 +47,7 @@ func TestMoveRepoProjectColumns(t *testing.T) {
 	err := project_model.NewProject(db.DefaultContext, &project1)
 	assert.NoError(t, err)
 
-	for i := 0; i < 3; i++ {
+	for i := range 3 {
 		err = project_model.NewColumn(db.DefaultContext, &project_model.Column{
 			Title:     fmt.Sprintf("column %d", i+1),
 			ProjectID: project1.ID,
@@ -79,9 +79,9 @@ func TestMoveRepoProjectColumns(t *testing.T) {
 	columnsAfter, err := project1.GetColumns(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.Len(t, columnsAfter, 3)
-	assert.EqualValues(t, columns[1].ID, columnsAfter[0].ID)
-	assert.EqualValues(t, columns[2].ID, columnsAfter[1].ID)
-	assert.EqualValues(t, columns[0].ID, columnsAfter[2].ID)
+	assert.Equal(t, columns[1].ID, columnsAfter[0].ID)
+	assert.Equal(t, columns[2].ID, columnsAfter[1].ID)
+	assert.Equal(t, columns[0].ID, columnsAfter[2].ID)
 
 	assert.NoError(t, project_model.DeleteProjectByID(db.DefaultContext, project1.ID))
 }
diff --git a/tests/integration/pull_compare_test.go b/tests/integration/pull_compare_test.go
index 106774aa54..f95a2f1690 100644
--- a/tests/integration/pull_compare_test.go
+++ b/tests/integration/pull_compare_test.go
@@ -13,7 +13,6 @@ import (
 	issues_model "code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/test"
 	repo_service "code.gitea.io/gitea/services/repository"
 	"code.gitea.io/gitea/tests"
@@ -24,23 +23,38 @@ import (
 func TestPullCompare(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
-	session := loginUser(t, "user2")
-	req := NewRequest(t, "GET", "/user2/repo1/pulls")
-	resp := session.MakeRequest(t, req, http.StatusOK)
-	htmlDoc := NewHTMLParser(t, resp.Body)
-	link, exists := htmlDoc.doc.Find(".new-pr-button").Attr("href")
-	assert.True(t, exists, "The template has changed")
+	t.Run("PullsNewRedirect", func(t *testing.T) {
+		req := NewRequest(t, "GET", "/user2/repo1/pulls/new/foo")
+		resp := MakeRequest(t, req, http.StatusSeeOther)
+		redirect := test.RedirectURL(resp)
+		assert.Equal(t, "/user2/repo1/compare/master...foo?expand=1", redirect)
 
-	req = NewRequest(t, "GET", link)
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	assert.EqualValues(t, http.StatusOK, resp.Code)
+		req = NewRequest(t, "GET", "/user13/repo11/pulls/new/foo")
+		resp = MakeRequest(t, req, http.StatusSeeOther)
+		redirect = test.RedirectURL(resp)
+		assert.Equal(t, "/user12/repo10/compare/master...user13:foo?expand=1", redirect)
+	})
+
+	t.Run("ButtonsExist", func(t *testing.T) {
+		session := loginUser(t, "user2")
+
+		// test the "New PR" button
+		req := NewRequest(t, "GET", "/user2/repo1/pulls")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		htmlDoc := NewHTMLParser(t, resp.Body)
+		link, exists := htmlDoc.doc.Find(".new-pr-button").Attr("href")
+		assert.True(t, exists, "The template has changed")
+		req = NewRequest(t, "GET", link)
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		assert.Equal(t, http.StatusOK, resp.Code)
 
-	// test the edit button in the PR diff view
-	req = NewRequest(t, "GET", "/user2/repo1/pulls/3/files")
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	doc := NewHTMLParser(t, resp.Body)
-	editButtonCount := doc.doc.Find(".diff-file-header-actions a[href*='/_edit/']").Length()
-	assert.Positive(t, editButtonCount, "Expected to find a button to edit a file in the PR diff view but there were none")
+		// test the edit button in the PR diff view
+		req = NewRequest(t, "GET", "/user2/repo1/pulls/3/files")
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		doc := NewHTMLParser(t, resp.Body)
+		editButtonCount := doc.doc.Find(".diff-file-header-actions a[href*='/_edit/']").Length()
+		assert.Positive(t, editButtonCount, "Expected to find a button to edit a file in the PR diff view but there were none")
+	})
 
 	onGiteaRun(t, func(t *testing.T, u *url.URL) {
 		defer tests.PrepareTestEnv(t)()
@@ -54,24 +68,23 @@ func TestPullCompare(t *testing.T) {
 		repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user2", Name: "repo1"})
 		issueIndex := unittest.AssertExistsAndLoadBean(t, &issues_model.IssueIndex{GroupID: repo1.ID}, unittest.OrderBy("group_id ASC"))
 		prFilesURL := fmt.Sprintf("/user2/repo1/pulls/%d/files", issueIndex.MaxIndex)
-		req = NewRequest(t, "GET", prFilesURL)
-		resp = session.MakeRequest(t, req, http.StatusOK)
+		req := NewRequest(t, "GET", prFilesURL)
+		resp := session.MakeRequest(t, req, http.StatusOK)
 		doc := NewHTMLParser(t, resp.Body)
 		editButtonCount := doc.doc.Find(".diff-file-header-actions a[href*='/_edit/']").Length()
 		assert.Positive(t, editButtonCount, "Expected to find a button to edit a file in the PR diff view but there were none")
 
 		repoForked := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user1", Name: "repo1"})
-		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 
 		// delete the head repository and revisit the PR diff view
-		err := repo_service.DeleteRepositoryDirectly(db.DefaultContext, user2, repoForked.ID)
+		err := repo_service.DeleteRepositoryDirectly(db.DefaultContext, repoForked.ID)
 		assert.NoError(t, err)
 
 		req = NewRequest(t, "GET", prFilesURL)
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		doc = NewHTMLParser(t, resp.Body)
 		editButtonCount = doc.doc.Find(".diff-file-header-actions a[href*='/_edit/']").Length()
-		assert.EqualValues(t, 0, editButtonCount, "Expected not to find a button to edit a file in the PR diff view because head repository has been deleted")
+		assert.Equal(t, 0, editButtonCount, "Expected not to find a button to edit a file in the PR diff view because head repository has been deleted")
 	})
 }
 
@@ -95,7 +108,7 @@ func TestPullCompare_EnableAllowEditsFromMaintainer(t *testing.T) {
 
 		// user2 (admin of repo3) goes to the PR files page
 		user2Session := loginUser(t, "user2")
-		resp = user2Session.MakeRequest(t, NewRequest(t, "GET", fmt.Sprintf("%s/files", prURL)), http.StatusOK)
+		resp = user2Session.MakeRequest(t, NewRequest(t, "GET", prURL+"/files"), http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		nodes := htmlDoc.doc.Find(".diff-file-box[data-new-filename=\"README.md\"] .diff-file-header-actions .tippy-target a")
 		if assert.Equal(t, 1, nodes.Length()) {
@@ -112,14 +125,14 @@ func TestPullCompare_EnableAllowEditsFromMaintainer(t *testing.T) {
 		htmlDoc = NewHTMLParser(t, resp.Body)
 		dataURL, exists := htmlDoc.doc.Find("#allow-edits-from-maintainers").Attr("data-url")
 		assert.True(t, exists)
-		req := NewRequestWithValues(t, "POST", fmt.Sprintf("%s/set_allow_maintainer_edit", dataURL), map[string]string{
+		req := NewRequestWithValues(t, "POST", dataURL+"/set_allow_maintainer_edit", map[string]string{
 			"_csrf":                 htmlDoc.GetCSRF(),
 			"allow_maintainer_edit": "true",
 		})
 		user4Session.MakeRequest(t, req, http.StatusOK)
 
 		// user2 (admin of repo3) goes to the PR files page again
-		resp = user2Session.MakeRequest(t, NewRequest(t, "GET", fmt.Sprintf("%s/files", prURL)), http.StatusOK)
+		resp = user2Session.MakeRequest(t, NewRequest(t, "GET", prURL+"/files"), http.StatusOK)
 		htmlDoc = NewHTMLParser(t, resp.Body)
 		nodes = htmlDoc.doc.Find(".diff-file-box[data-new-filename=\"README.md\"] .diff-file-header-actions .tippy-target a")
 		if assert.Equal(t, 2, nodes.Length()) {
@@ -146,7 +159,8 @@ func TestPullCompare_EnableAllowEditsFromMaintainer(t *testing.T) {
 					"commit_summary": "user2 updated the file",
 					"commit_choice":  "direct",
 				})
-				user2Session.MakeRequest(t, req, http.StatusSeeOther)
+				resp = user2Session.MakeRequest(t, req, http.StatusOK)
+				assert.NotEmpty(t, test.RedirectURL(resp))
 			}
 		}
 	})
diff --git a/tests/integration/pull_create_test.go b/tests/integration/pull_create_test.go
index 461a1400f7..44ef501961 100644
--- a/tests/integration/pull_create_test.go
+++ b/tests/integration/pull_create_test.go
@@ -163,10 +163,10 @@ func TestPullCreate_TitleEscape(t *testing.T) {
 		req = NewRequest(t, "GET", url)
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc = NewHTMLParser(t, resp.Body)
-		titleHTML, err := htmlDoc.doc.Find(".comment-list .timeline-item.event .text b").First().Html()
+		titleHTML, err := htmlDoc.doc.Find(".comment-list .timeline-item.event .comment-text-line b").First().Html()
 		assert.NoError(t, err)
 		assert.Equal(t, "<strike>&lt;i&gt;XSS PR&lt;/i&gt;</strike>", titleHTML)
-		titleHTML, err = htmlDoc.doc.Find(".comment-list .timeline-item.event .text b").Next().Html()
+		titleHTML, err = htmlDoc.doc.Find(".comment-list .timeline-item.event .comment-text-line b").Next().Html()
 		assert.NoError(t, err)
 		assert.Equal(t, "&lt;u&gt;XSS PR&lt;/u&gt;", titleHTML)
 	})
@@ -293,10 +293,10 @@ func TestCreatePullWhenBlocked(t *testing.T) {
 		// sessionBase := loginUser(t, "user2")
 		token := getUserToken(t, RepoOwner, auth_model.AccessTokenScopeWriteUser)
 
-		req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/blocks/%s", ForkOwner)).
+		req := NewRequest(t, "GET", "/api/v1/user/blocks/"+ForkOwner).
 			AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNotFound)
-		req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/blocks/%s", ForkOwner)).
+		req = NewRequest(t, "PUT", "/api/v1/user/blocks/"+ForkOwner).
 			AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNoContent)
 
@@ -308,7 +308,7 @@ func TestCreatePullWhenBlocked(t *testing.T) {
 
 		// Teardown
 		// Unblock user
-		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/blocks/%s", ForkOwner)).
+		req = NewRequest(t, "DELETE", "/api/v1/user/blocks/"+ForkOwner).
 			AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNoContent)
 	})
diff --git a/tests/integration/pull_diff_test.go b/tests/integration/pull_diff_test.go
index 5411250935..0b286fd2b2 100644
--- a/tests/integration/pull_diff_test.go
+++ b/tests/integration/pull_diff_test.go
@@ -25,10 +25,6 @@ func TestPullDiff_CommitRangePRDiff(t *testing.T) {
 	doTestPRDiff(t, "/user2/commitsonpr/pulls/1/files/4ca8bcaf27e28504df7bf996819665986b01c847..23576dd018294e476c06e569b6b0f170d0558705", true, []string{"test2.txt", "test3.txt", "test4.txt"})
 }
 
-func TestPullDiff_StartingFromBaseToCommitPRDiff(t *testing.T) {
-	doTestPRDiff(t, "/user2/commitsonpr/pulls/1/files/c5626fc9eff57eb1bb7b796b01d4d0f2f3f792a2", true, []string{"test1.txt", "test2.txt", "test3.txt"})
-}
-
 func doTestPRDiff(t *testing.T, prDiffURL string, reviewBtnDisabled bool, expectedFilenames []string) {
 	defer tests.PrepareTestEnv(t)()
 
diff --git a/tests/integration/pull_merge_test.go b/tests/integration/pull_merge_test.go
index 1c8318db0d..3afa5f10f1 100644
--- a/tests/integration/pull_merge_test.go
+++ b/tests/integration/pull_merge_test.go
@@ -26,6 +26,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/models/webhook"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/queue"
@@ -34,6 +35,7 @@ import (
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/services/automerge"
+	"code.gitea.io/gitea/services/automergequeue"
 	pull_service "code.gitea.io/gitea/services/pull"
 	repo_service "code.gitea.io/gitea/services/repository"
 	commitstatus_service "code.gitea.io/gitea/services/repository/commitstatus"
@@ -66,7 +68,7 @@ func testPullMerge(t *testing.T, session *TestSession, user, repo, pullnum strin
 	}{}
 	DecodeJSON(t, resp, &respJSON)
 
-	assert.EqualValues(t, fmt.Sprintf("/%s/%s/pulls/%s", user, repo, pullnum), respJSON.Redirect)
+	assert.Equal(t, fmt.Sprintf("/%s/%s/pulls/%s", user, repo, pullnum), respJSON.Redirect)
 
 	return resp
 }
@@ -100,7 +102,7 @@ func TestPullMerge(t *testing.T) {
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "master", "This is a pull title")
 
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleMerge, false)
 
 		hookTasks, err = webhook.HookTasks(db.DefaultContext, 1, 1)
@@ -122,7 +124,7 @@ func TestPullRebase(t *testing.T) {
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "master", "This is a pull title")
 
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleRebase, false)
 
 		hookTasks, err = webhook.HookTasks(db.DefaultContext, 1, 1)
@@ -144,7 +146,7 @@ func TestPullRebaseMerge(t *testing.T) {
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "master", "This is a pull title")
 
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleRebaseMerge, false)
 
 		hookTasks, err = webhook.HookTasks(db.DefaultContext, 1, 1)
@@ -167,7 +169,7 @@ func TestPullSquash(t *testing.T) {
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "master", "This is a pull title")
 
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleSquash, false)
 
 		hookTasks, err = webhook.HookTasks(db.DefaultContext, 1, 1)
@@ -185,7 +187,7 @@ func TestPullCleanUpAfterMerge(t *testing.T) {
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "feature/test", "This is a pull title")
 
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleMerge, false)
 
 		// Check PR branch deletion
@@ -198,7 +200,7 @@ func TestPullCleanUpAfterMerge(t *testing.T) {
 		assert.NotEmpty(t, respJSON.Redirect, "Redirected URL is not found")
 
 		elem = strings.Split(respJSON.Redirect, "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 
 		// Check branch deletion result
 		req := NewRequest(t, "GET", respJSON.Redirect)
@@ -207,7 +209,7 @@ func TestPullCleanUpAfterMerge(t *testing.T) {
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		resultMsg := htmlDoc.doc.Find(".ui.message>p").Text()
 
-		assert.EqualValues(t, "Branch \"user1/repo1:feature/test\" has been deleted.", resultMsg)
+		assert.Equal(t, "Branch \"user1/repo1:feature/test\" has been deleted.", resultMsg)
 	})
 }
 
@@ -296,7 +298,7 @@ func TestCantMergeUnrelated(t *testing.T) {
 		err := git.NewCommand("read-tree", "--empty").Run(git.DefaultContext, &git.RunOpts{Dir: path})
 		assert.NoError(t, err)
 
-		stdin := bytes.NewBufferString("Unrelated File")
+		stdin := strings.NewReader("Unrelated File")
 		var stdout strings.Builder
 		err = git.NewCommand("hash-object", "-w", "--stdin").Run(git.DefaultContext, &git.RunOpts{
 			Dir:    path,
@@ -544,11 +546,11 @@ func TestPullRetargetChildOnBranchDelete(t *testing.T) {
 
 		respBasePR := testPullCreate(t, session, "user2", "repo1", true, "master", "base-pr", "Base Pull Request")
 		elemBasePR := strings.Split(test.RedirectURL(respBasePR), "/")
-		assert.EqualValues(t, "pulls", elemBasePR[3])
+		assert.Equal(t, "pulls", elemBasePR[3])
 
 		respChildPR := testPullCreate(t, session, "user1", "repo1", false, "base-pr", "child-pr", "Child Pull Request")
 		elemChildPR := strings.Split(test.RedirectURL(respChildPR), "/")
-		assert.EqualValues(t, "pulls", elemChildPR[3])
+		assert.Equal(t, "pulls", elemChildPR[3])
 
 		testPullMerge(t, session, elemBasePR[1], elemBasePR[2], elemBasePR[4], repo_model.MergeStyleMerge, true)
 
@@ -564,8 +566,8 @@ func TestPullRetargetChildOnBranchDelete(t *testing.T) {
 		targetBranch := htmlDoc.doc.Find("#branch_target>a").Text()
 		prStatus := strings.TrimSpace(htmlDoc.doc.Find(".issue-title-meta>.issue-state-label").Text())
 
-		assert.EqualValues(t, "master", targetBranch)
-		assert.EqualValues(t, "Open", prStatus)
+		assert.Equal(t, "master", targetBranch)
+		assert.Equal(t, "Open", prStatus)
 	})
 }
 
@@ -578,11 +580,11 @@ func TestPullDontRetargetChildOnWrongRepo(t *testing.T) {
 
 		respBasePR := testPullCreate(t, session, "user1", "repo1", false, "master", "base-pr", "Base Pull Request")
 		elemBasePR := strings.Split(test.RedirectURL(respBasePR), "/")
-		assert.EqualValues(t, "pulls", elemBasePR[3])
+		assert.Equal(t, "pulls", elemBasePR[3])
 
 		respChildPR := testPullCreate(t, session, "user1", "repo1", true, "base-pr", "child-pr", "Child Pull Request")
 		elemChildPR := strings.Split(test.RedirectURL(respChildPR), "/")
-		assert.EqualValues(t, "pulls", elemChildPR[3])
+		assert.Equal(t, "pulls", elemChildPR[3])
 
 		defer test.MockVariableValue(&setting.Repository.PullRequest.RetargetChildrenOnMerge, false)()
 
@@ -601,8 +603,8 @@ func TestPullDontRetargetChildOnWrongRepo(t *testing.T) {
 		targetBranch := htmlDoc.doc.Find("#branch_target>span").Text()
 		prStatus := strings.TrimSpace(htmlDoc.doc.Find(".issue-title-meta>.issue-state-label").Text())
 
-		assert.EqualValues(t, "base-pr", targetBranch)
-		assert.EqualValues(t, "Closed", prStatus)
+		assert.Equal(t, "base-pr", targetBranch)
+		assert.Equal(t, "Closed", prStatus)
 	})
 }
 
@@ -614,7 +616,7 @@ func TestPullRequestMergedWithNoPermissionDeleteBranch(t *testing.T) {
 
 		respBasePR := testPullCreate(t, session, "user4", "repo1", false, "master", "base-pr", "Base Pull Request")
 		elemBasePR := strings.Split(test.RedirectURL(respBasePR), "/")
-		assert.EqualValues(t, "pulls", elemBasePR[3])
+		assert.Equal(t, "pulls", elemBasePR[3])
 
 		// user2 has no permission to delete branch of repo user1/repo1
 		session2 := loginUser(t, "user2")
@@ -665,7 +667,7 @@ func TestPullMergeIndexerNotifier(t *testing.T) {
 
 		// merge the pull request
 		elem := strings.Split(test.RedirectURL(createPullResp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleMerge, false)
 
 		// check if the issue is closed
@@ -699,7 +701,7 @@ func testResetRepo(t *testing.T, repoPath, branch, commitID string) {
 	defer repo.Close()
 	id, err := repo.GetBranchCommitID(branch)
 	assert.NoError(t, err)
-	assert.EqualValues(t, commitID, id)
+	assert.Equal(t, commitID, id)
 }
 
 func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) {
@@ -726,7 +728,7 @@ func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) {
 
 		// add protected branch for commit status
 		csrf := GetUserCSRFToken(t, session)
-		// Change master branch to protected
+		// Change the "master" branch to "protected"
 		req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/edit", map[string]string{
 			"_csrf":                 csrf,
 			"rule_name":             "master",
@@ -736,10 +738,22 @@ func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) {
 		})
 		session.MakeRequest(t, req, http.StatusSeeOther)
 
+		oldAutoMergeAddToQueue := automergequeue.AddToQueue
+		addToQueueShaChan := make(chan string, 1)
+		automergequeue.AddToQueue = func(pr *issues_model.PullRequest, sha string) {
+			addToQueueShaChan <- sha
+		}
 		// first time insert automerge record, return true
 		scheduled, err := automerge.ScheduleAutoMerge(db.DefaultContext, user1, pr, repo_model.MergeStyleMerge, "auto merge test", false)
 		assert.NoError(t, err)
 		assert.True(t, scheduled)
+		// and the pr should be added to automergequeue, in case it is already "mergeable"
+		select {
+		case <-addToQueueShaChan:
+		case <-time.After(time.Second):
+			assert.FailNow(t, "Timeout: nothing was added to automergequeue")
+		}
+		automergequeue.AddToQueue = oldAutoMergeAddToQueue
 
 		// second time insert automerge record, return false because it does exist
 		scheduled, err = automerge.ScheduleAutoMerge(db.DefaultContext, user1, pr, repo_model.MergeStyleMerge, "auto merge test", false)
@@ -754,7 +768,7 @@ func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) {
 		// update commit status to success, then it should be merged automatically
 		baseGitRepo, err := gitrepo.OpenRepository(db.DefaultContext, baseRepo)
 		assert.NoError(t, err)
-		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		assert.NoError(t, err)
 		masterCommitID, err := baseGitRepo.GetBranchCommitID("master")
 		assert.NoError(t, err)
@@ -768,19 +782,17 @@ func TestPullAutoMergeAfterCommitStatusSucceed(t *testing.T) {
 		}()
 
 		err = commitstatus_service.CreateCommitStatus(db.DefaultContext, baseRepo, user1, sha, &git_model.CommitStatus{
-			State:     api.CommitStatusSuccess,
+			State:     commitstatus.CommitStatusSuccess,
 			TargetURL: "https://gitea.com",
 			Context:   "gitea/actions",
 		})
 		assert.NoError(t, err)
 
-		time.Sleep(2 * time.Second)
-
-		// realod pr again
-		pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
-		assert.True(t, pr.HasMerged)
+		assert.Eventually(t, func() bool {
+			pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
+			return pr.HasMerged
+		}, 2*time.Second, 100*time.Millisecond)
 		assert.NotEmpty(t, pr.MergedCommitID)
-
 		unittest.AssertNotExistsBean(t, &pull_model.AutoMerge{PullID: pr.ID})
 	})
 }
@@ -838,7 +850,7 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApproval(t *testing.T) {
 		// update commit status to success, then it should be merged automatically
 		baseGitRepo, err := gitrepo.OpenRepository(db.DefaultContext, baseRepo)
 		assert.NoError(t, err)
-		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		assert.NoError(t, err)
 		masterCommitID, err := baseGitRepo.GetBranchCommitID("master")
 		assert.NoError(t, err)
@@ -848,7 +860,7 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApproval(t *testing.T) {
 		}()
 
 		err = commitstatus_service.CreateCommitStatus(db.DefaultContext, baseRepo, user1, sha, &git_model.CommitStatus{
-			State:     api.CommitStatusSuccess,
+			State:     commitstatus.CommitStatusSuccess,
 			TargetURL: "https://gitea.com",
 			Context:   "gitea/actions",
 		})
@@ -967,7 +979,7 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApprovalForAgitFlow(t *testing.
 		// update commit status to success, then it should be merged automatically
 		baseGitRepo, err := gitrepo.OpenRepository(db.DefaultContext, baseRepo)
 		assert.NoError(t, err)
-		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitRefName())
+		sha, err := baseGitRepo.GetRefCommitID(pr.GetGitHeadRefName())
 		assert.NoError(t, err)
 		masterCommitID, err := baseGitRepo.GetBranchCommitID("master")
 		assert.NoError(t, err)
@@ -977,14 +989,12 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApprovalForAgitFlow(t *testing.
 		}()
 
 		err = commitstatus_service.CreateCommitStatus(db.DefaultContext, baseRepo, user1, sha, &git_model.CommitStatus{
-			State:     api.CommitStatusSuccess,
+			State:     commitstatus.CommitStatusSuccess,
 			TargetURL: "https://gitea.com",
 			Context:   "gitea/actions",
 		})
 		assert.NoError(t, err)
 
-		time.Sleep(2 * time.Second)
-
 		// reload pr again
 		pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
 		assert.False(t, pr.HasMerged)
@@ -997,8 +1007,6 @@ func TestPullAutoMergeAfterCommitStatusSucceedAndApprovalForAgitFlow(t *testing.
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		testSubmitReview(t, approveSession, htmlDoc.GetCSRF(), "user2", "repo1", strconv.Itoa(int(pr.Index)), sha, "approve", http.StatusOK)
 
-		time.Sleep(2 * time.Second)
-
 		// realod pr again
 		pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
 		assert.True(t, pr.HasMerged)
diff --git a/tests/integration/pull_review_test.go b/tests/integration/pull_review_test.go
index cd354e1b6c..1121751c88 100644
--- a/tests/integration/pull_review_test.go
+++ b/tests/integration/pull_review_test.go
@@ -8,7 +8,6 @@ import (
 	"net/http/httptest"
 	"net/url"
 	"path"
-	"sort"
 	"strings"
 	"testing"
 
@@ -58,7 +57,7 @@ func TestPullView_CodeOwner(t *testing.T) {
 			AutoInit:         true,
 			ObjectFormatName: git.Sha1ObjectFormat.Name(),
 			DefaultBranch:    "master",
-		})
+		}, true)
 		assert.NoError(t, err)
 
 		// add CODEOWNERS to default branch
@@ -76,7 +75,7 @@ func TestPullView_CodeOwner(t *testing.T) {
 
 		t.Run("First Pull Request", func(t *testing.T) {
 			// create a new branch to prepare for pull request
-			resp1, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			_, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
 				NewBranch: "codeowner-basebranch",
 				Files: []*files_service.ChangeRepoFile{
 					{
@@ -96,13 +95,8 @@ func TestPullView_CodeOwner(t *testing.T) {
 			unittest.AssertExistsAndLoadBean(t, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 5})
 			assert.NoError(t, pr.LoadIssue(db.DefaultContext))
 
-			reviewNotifiers, err := issue_service.PullRequestCodeOwnersReview(db.DefaultContext, pr)
-			assert.NoError(t, err)
-			assert.Len(t, reviewNotifiers, 1)
-			assert.EqualValues(t, 5, reviewNotifiers[0].Reviewer.ID)
-
 			// update the file on the pr branch
-			resp2, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			_, err = files_service.ChangeRepoFiles(db.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
 				OldBranch: "codeowner-basebranch",
 				Files: []*files_service.ChangeRepoFile{
 					{
@@ -114,14 +108,7 @@ func TestPullView_CodeOwner(t *testing.T) {
 			})
 			assert.NoError(t, err)
 
-			reviewNotifiers, err = issue_service.PullRequestCodeOwnersReview(db.DefaultContext, pr)
-			assert.NoError(t, err)
-			assert.Len(t, reviewNotifiers, 2)
-			reviewerIDs := []int64{reviewNotifiers[0].Reviewer.ID, reviewNotifiers[1].Reviewer.ID}
-			sort.Slice(reviewerIDs, func(i, j int) bool { return reviewerIDs[i] < reviewerIDs[j] })
-			assert.EqualValues(t, []int64{5, 8}, reviewerIDs)
-
-			reviewNotifiers, err = issue_service.PullRequestCodeOwnersReviewSpecialCommits(db.DefaultContext, pr, resp1.Commit.SHA, resp2.Commit.SHA)
+			reviewNotifiers, err := issue_service.PullRequestCodeOwnersReview(db.DefaultContext, pr)
 			assert.NoError(t, err)
 			assert.Len(t, reviewNotifiers, 1)
 			assert.EqualValues(t, 8, reviewNotifiers[0].Reviewer.ID)
@@ -130,13 +117,13 @@ func TestPullView_CodeOwner(t *testing.T) {
 			assert.NoError(t, err)
 			prUpdated1 := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
 			assert.NoError(t, prUpdated1.LoadIssue(db.DefaultContext))
-			assert.EqualValues(t, "[WIP] Test Pull Request", prUpdated1.Issue.Title)
+			assert.Equal(t, "[WIP] Test Pull Request", prUpdated1.Issue.Title)
 
 			err = issue_service.ChangeTitle(db.DefaultContext, prUpdated1.Issue, user2, "Test Pull Request2")
 			assert.NoError(t, err)
 			prUpdated2 := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: pr.ID})
 			assert.NoError(t, prUpdated2.LoadIssue(db.DefaultContext))
-			assert.EqualValues(t, "Test Pull Request2", prUpdated2.Issue.Title)
+			assert.Equal(t, "Test Pull Request2", prUpdated2.Issue.Title)
 		})
 
 		// change the default branch CODEOWNERS file to change README.md's codeowner
@@ -171,11 +158,6 @@ func TestPullView_CodeOwner(t *testing.T) {
 
 			pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: repo.ID, HeadBranch: "codeowner-basebranch2"})
 			unittest.AssertExistsAndLoadBean(t, &issues_model.Review{IssueID: pr.IssueID, Type: issues_model.ReviewTypeRequest, ReviewerID: 8})
-
-			reviewNotifiers, err := issue_service.PullRequestCodeOwnersReview(db.DefaultContext, pr)
-			assert.NoError(t, err)
-			assert.Len(t, reviewNotifiers, 1)
-			assert.EqualValues(t, 8, reviewNotifiers[0].Reviewer.ID)
 		})
 
 		t.Run("Forked Repo Pull Request", func(t *testing.T) {
@@ -229,7 +211,7 @@ func TestPullView_GivenApproveOrRejectReviewOnClosedPR(t *testing.T) {
 			testEditFile(t, user1Session, "user1", "repo1", "master", "README.md", "Hello, World (Edited)\n")
 			resp := testPullCreate(t, user1Session, "user1", "repo1", false, "master", "master", "This is a pull title")
 			elem := strings.Split(test.RedirectURL(resp), "/")
-			assert.EqualValues(t, "pulls", elem[3])
+			assert.Equal(t, "pulls", elem[3])
 			testPullMerge(t, user1Session, elem[1], elem[2], elem[4], repo_model.MergeStyleMerge, false)
 
 			// Grab the CSRF token.
@@ -249,7 +231,7 @@ func TestPullView_GivenApproveOrRejectReviewOnClosedPR(t *testing.T) {
 			testEditFileToNewBranch(t, user1Session, "user1", "repo1", "master", "a-test-branch", "README.md", "Hello, World (Editied...again)\n")
 			resp := testPullCreate(t, user1Session, "user1", "repo1", false, "master", "a-test-branch", "This is a pull title")
 			elem := strings.Split(test.RedirectURL(resp), "/")
-			assert.EqualValues(t, "pulls", elem[3])
+			assert.Equal(t, "pulls", elem[3])
 			testIssueClose(t, user1Session, elem[1], elem[2], elem[4])
 
 			// Grab the CSRF token.
diff --git a/tests/integration/pull_status_test.go b/tests/integration/pull_status_test.go
index ac9036ca96..49326a594a 100644
--- a/tests/integration/pull_status_test.go
+++ b/tests/integration/pull_status_test.go
@@ -13,9 +13,14 @@ import (
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/models/issues"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/commitstatus"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/services/pull"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -51,20 +56,20 @@ func TestPullCreate_CommitStatus(t *testing.T) {
 
 		commitID := path.Base(commitURL)
 
-		statusList := []api.CommitStatusState{
-			api.CommitStatusPending,
-			api.CommitStatusError,
-			api.CommitStatusFailure,
-			api.CommitStatusSuccess,
-			api.CommitStatusWarning,
+		statusList := []commitstatus.CommitStatusState{
+			commitstatus.CommitStatusPending,
+			commitstatus.CommitStatusError,
+			commitstatus.CommitStatusFailure,
+			commitstatus.CommitStatusSuccess,
+			commitstatus.CommitStatusWarning,
 		}
 
-		statesIcons := map[api.CommitStatusState]string{
-			api.CommitStatusPending: "octicon-dot-fill",
-			api.CommitStatusSuccess: "octicon-check",
-			api.CommitStatusError:   "gitea-exclamation",
-			api.CommitStatusFailure: "octicon-x",
-			api.CommitStatusWarning: "gitea-exclamation",
+		statesIcons := map[commitstatus.CommitStatusState]string{
+			commitstatus.CommitStatusPending: "octicon-dot-fill",
+			commitstatus.CommitStatusSuccess: "octicon-check",
+			commitstatus.CommitStatusError:   "gitea-exclamation",
+			commitstatus.CommitStatusFailure: "octicon-x",
+			commitstatus.CommitStatusWarning: "gitea-exclamation",
 		}
 
 		testCtx := NewAPITestContext(t, "user1", "repo1", auth_model.AccessTokenScopeWriteRepository)
@@ -86,7 +91,7 @@ func TestPullCreate_CommitStatus(t *testing.T) {
 			commitURL, exists = doc.doc.Find("#commits-table tbody tr td.sha a").Last().Attr("href")
 			assert.True(t, exists)
 			assert.NotEmpty(t, commitURL)
-			assert.EqualValues(t, commitID, path.Base(commitURL))
+			assert.Equal(t, commitID, path.Base(commitURL))
 
 			cls, ok := doc.doc.Find("#commits-table tbody tr td.message .commit-status").Last().Attr("class")
 			assert.True(t, ok)
@@ -95,7 +100,7 @@ func TestPullCreate_CommitStatus(t *testing.T) {
 
 		repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user1", Name: "repo1"})
 		css := unittest.AssertExistsAndLoadBean(t, &git_model.CommitStatusSummary{RepoID: repo1.ID, SHA: commitID})
-		assert.EqualValues(t, api.CommitStatusWarning, css.State)
+		assert.Equal(t, commitstatus.CommitStatusSuccess, css.State)
 	})
 }
 
@@ -124,7 +129,7 @@ func TestPullCreate_EmptyChangesWithDifferentCommits(t *testing.T) {
 		session := loginUser(t, "user1")
 		testRepoFork(t, session, "user2", "repo1", "user1", "repo1", "")
 		testEditFileToNewBranch(t, session, "user1", "repo1", "master", "status1", "README.md", "status1")
-		testEditFileToNewBranch(t, session, "user1", "repo1", "status1", "status1", "README.md", "# repo1\n\nDescription for repo1")
+		testEditFile(t, session, "user1", "repo1", "status1", "README.md", "# repo1\n\nDescription for repo1")
 
 		url := path.Join("user1", "repo1", "compare", "master...status1")
 		req := NewRequestWithValues(t, "POST", url,
@@ -165,3 +170,74 @@ func TestPullCreate_EmptyChangesWithSameCommits(t *testing.T) {
 		assert.Contains(t, text, "This branch is already included in the target branch. There is nothing to merge.")
 	})
 }
+
+func TestPullStatusDelayCheck(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		defer test.MockVariableValue(&setting.Repository.PullRequest.DelayCheckForInactiveDays, 1)()
+		defer test.MockVariableValue(&pull.AddPullRequestToCheckQueue)()
+
+		session := loginUser(t, "user2")
+
+		run := func(t *testing.T, fn func(*testing.T)) (issue3 *issues.Issue, checkedPrID int64) {
+			pull.AddPullRequestToCheckQueue = func(prID int64) {
+				checkedPrID = prID
+			}
+			fn(t)
+			issue3 = unittest.AssertExistsAndLoadBean(t, &issues.Issue{RepoID: 1, Index: 3})
+			_ = issue3.LoadPullRequest(t.Context())
+			return issue3, checkedPrID
+		}
+
+		assertReloadingInterval := func(t *testing.T, interval string) {
+			req := NewRequest(t, "GET", "/user2/repo1/pulls/3")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			attr := "data-pull-merge-box-reloading-interval"
+			if interval == "" {
+				assert.NotContains(t, resp.Body.String(), attr)
+			} else {
+				assert.Contains(t, resp.Body.String(), fmt.Sprintf(`%s="%v"`, attr, interval))
+			}
+		}
+
+		// PR issue3 is merageable at the beginning
+		issue3, checkedPrID := run(t, func(t *testing.T) {})
+		assert.Equal(t, issues.PullRequestStatusMergeable, issue3.PullRequest.Status)
+		assert.Zero(t, checkedPrID)
+		assertReloadingInterval(t, "") // the PR is mergeable, so no need to reload the merge box
+
+		// setting.IsProd = false // it would cause data-race because the queue handlers might be running and reading its value
+		// assertReloadingInterval(t, "1") // make sure dev mode always do merge box reloading, to make sure the UI logic won't break
+		// setting.IsProd = true
+
+		// when base branch changes, PR status should be updated, but it is inactive for long time, so no real check
+		issue3, checkedPrID = run(t, func(t *testing.T) {
+			testEditFile(t, session, "user2", "repo1", "master", "README.md", "new content 1")
+		})
+		assert.Equal(t, issues.PullRequestStatusChecking, issue3.PullRequest.Status)
+		assert.Zero(t, checkedPrID)
+		assertReloadingInterval(t, "2000") // the PR status is "checking", so try to reload the merge box
+
+		// view a PR with status=checking, it starts the real check
+		issue3, checkedPrID = run(t, func(t *testing.T) {
+			req := NewRequest(t, "GET", "/user2/repo1/pulls/3")
+			session.MakeRequest(t, req, http.StatusOK)
+		})
+		assert.Equal(t, issues.PullRequestStatusChecking, issue3.PullRequest.Status)
+		assert.Equal(t, issue3.PullRequest.ID, checkedPrID)
+
+		// when base branch changes, still so no real check
+		issue3, checkedPrID = run(t, func(t *testing.T) {
+			testEditFile(t, session, "user2", "repo1", "master", "README.md", "new content 2")
+		})
+		assert.Equal(t, issues.PullRequestStatusChecking, issue3.PullRequest.Status)
+		assert.Zero(t, checkedPrID)
+
+		// then allow to check PRs without delay, when base branch changes, the PRs will be checked
+		setting.Repository.PullRequest.DelayCheckForInactiveDays = -1
+		issue3, checkedPrID = run(t, func(t *testing.T) {
+			testEditFile(t, session, "user2", "repo1", "master", "README.md", "new content 3")
+		})
+		assert.Equal(t, issues.PullRequestStatusChecking, issue3.PullRequest.Status)
+		assert.Equal(t, issue3.PullRequest.ID, checkedPrID)
+	})
+}
diff --git a/tests/integration/pull_update_test.go b/tests/integration/pull_update_test.go
index 7ede84127c..d28537112d 100644
--- a/tests/integration/pull_update_test.go
+++ b/tests/integration/pull_update_test.go
@@ -33,8 +33,8 @@ func TestAPIPullUpdate(t *testing.T) {
 		// Test GetDiverging
 		diffCount, err := pull_service.GetDiverging(git.DefaultContext, pr)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 1, diffCount.Behind)
-		assert.EqualValues(t, 1, diffCount.Ahead)
+		assert.Equal(t, 1, diffCount.Behind)
+		assert.Equal(t, 1, diffCount.Ahead)
 		assert.NoError(t, pr.LoadBaseRepo(db.DefaultContext))
 		assert.NoError(t, pr.LoadIssue(db.DefaultContext))
 
@@ -47,8 +47,8 @@ func TestAPIPullUpdate(t *testing.T) {
 		// Test GetDiverging after update
 		diffCount, err = pull_service.GetDiverging(git.DefaultContext, pr)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 0, diffCount.Behind)
-		assert.EqualValues(t, 2, diffCount.Ahead)
+		assert.Equal(t, 0, diffCount.Behind)
+		assert.Equal(t, 2, diffCount.Ahead)
 	})
 }
 
@@ -62,8 +62,8 @@ func TestAPIPullUpdateByRebase(t *testing.T) {
 		// Test GetDiverging
 		diffCount, err := pull_service.GetDiverging(git.DefaultContext, pr)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 1, diffCount.Behind)
-		assert.EqualValues(t, 1, diffCount.Ahead)
+		assert.Equal(t, 1, diffCount.Behind)
+		assert.Equal(t, 1, diffCount.Ahead)
 		assert.NoError(t, pr.LoadBaseRepo(db.DefaultContext))
 		assert.NoError(t, pr.LoadIssue(db.DefaultContext))
 
@@ -76,8 +76,8 @@ func TestAPIPullUpdateByRebase(t *testing.T) {
 		// Test GetDiverging after update
 		diffCount, err = pull_service.GetDiverging(git.DefaultContext, pr)
 		assert.NoError(t, err)
-		assert.EqualValues(t, 0, diffCount.Behind)
-		assert.EqualValues(t, 1, diffCount.Ahead)
+		assert.Equal(t, 0, diffCount.Behind)
+		assert.Equal(t, 1, diffCount.Ahead)
 	})
 }
 
diff --git a/tests/integration/release_test.go b/tests/integration/release_test.go
index 1a7f9e38b5..88a58787af 100644
--- a/tests/integration/release_test.go
+++ b/tests/integration/release_test.go
@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"net/http"
 	"testing"
-	"time"
 
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
@@ -54,12 +53,12 @@ func checkLatestReleaseAndCount(t *testing.T, session *TestSession, repoURL, ver
 
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	labelText := htmlDoc.doc.Find("#release-list > li .detail .label").First().Text()
-	assert.EqualValues(t, label, labelText)
+	assert.Equal(t, label, labelText)
 	titleText := htmlDoc.doc.Find("#release-list > li .detail h4 a").First().Text()
-	assert.EqualValues(t, version, titleText)
+	assert.Equal(t, version, titleText)
 
 	releaseList := htmlDoc.doc.Find("#release-list > li")
-	assert.EqualValues(t, count, releaseList.Length())
+	assert.Equal(t, count, releaseList.Length())
 }
 
 func TestViewReleases(t *testing.T) {
@@ -68,9 +67,6 @@ func TestViewReleases(t *testing.T) {
 	session := loginUser(t, "user2")
 	req := NewRequest(t, "GET", "/user2/repo1/releases")
 	session.MakeRequest(t, req, http.StatusOK)
-
-	// if CI is to slow this test fail, so lets wait a bit
-	time.Sleep(time.Millisecond * 100)
 }
 
 func TestViewReleasesNoLogin(t *testing.T) {
@@ -118,7 +114,7 @@ func TestCreateReleasePaging(t *testing.T) {
 
 	session := loginUser(t, "user2")
 	// Create enough releases to have paging
-	for i := 0; i < 12; i++ {
+	for i := range 12 {
 		version := fmt.Sprintf("v0.0.%d", i)
 		createNewRelease(t, session, "/user2/repo1", version, version, false, false)
 	}
@@ -157,14 +153,14 @@ func TestViewReleaseListNoLogin(t *testing.T) {
 		commitsToMain = append(commitsToMain, s.Find(".ahead > a").Text())
 	})
 
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"/user2/repo-release/releases/tag/empty-target-branch",
 		"/user2/repo-release/releases/tag/non-existing-target-branch",
 		"/user2/repo-release/releases/tag/v2.0",
 		"/user2/repo-release/releases/tag/v1.1",
 		"/user2/repo-release/releases/tag/v1.0",
 	}, links)
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"1 commits", // like v1.1
 		"1 commits", // like v1.1
 		"0 commits",
@@ -182,8 +178,8 @@ func TestViewSingleRelease(t *testing.T) {
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		// check the "number of commits to main since this release"
 		releaseList := htmlDoc.doc.Find("#release-list .ahead > a")
-		assert.EqualValues(t, 1, releaseList.Length())
-		assert.EqualValues(t, "3 commits", releaseList.First().Text())
+		assert.Equal(t, 1, releaseList.Length())
+		assert.Equal(t, "3 commits", releaseList.First().Text())
 	})
 	t.Run("Login", func(t *testing.T) {
 		session := loginUser(t, "user1")
@@ -218,7 +214,7 @@ func TestViewReleaseListLogin(t *testing.T) {
 		links = append(links, link)
 	})
 
-	assert.EqualValues(t, []string{
+	assert.Equal(t, []string{
 		"/user2/repo1/releases/tag/draft-release",
 		"/user2/repo1/releases/tag/v1.0",
 		"/user2/repo1/releases/tag/v1.1",
@@ -245,7 +241,7 @@ func TestViewTagsList(t *testing.T) {
 		tagNames = append(tagNames, s.Text())
 	})
 
-	assert.EqualValues(t, []string{"v1.0", "delete-tag", "v1.1"}, tagNames)
+	assert.Equal(t, []string{"v1.0", "delete-tag", "v1.1"}, tagNames)
 }
 
 func TestDownloadReleaseAttachment(t *testing.T) {
diff --git a/tests/integration/repo_activity_test.go b/tests/integration/repo_activity_test.go
index b04560379d..d5025decba 100644
--- a/tests/integration/repo_activity_test.go
+++ b/tests/integration/repo_activity_test.go
@@ -9,7 +9,9 @@ import (
 	"strings"
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unittest"
 	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
@@ -24,7 +26,7 @@ func TestRepoActivity(t *testing.T) {
 		testEditFile(t, session, "user1", "repo1", "master", "README.md", "Hello, World (Edited)\n")
 		resp := testPullCreate(t, session, "user1", "repo1", false, "master", "master", "This is a pull title")
 		elem := strings.Split(test.RedirectURL(resp), "/")
-		assert.EqualValues(t, "pulls", elem[3])
+		assert.Equal(t, "pulls", elem[3])
 		testPullMerge(t, session, elem[1], elem[2], elem[4], repo_model.MergeStyleMerge, false)
 
 		testEditFileToNewBranch(t, session, "user1", "repo1", "master", "feat/better_readme", "README.md", "Hello, World (Edited Again)\n")
@@ -61,5 +63,14 @@ func TestRepoActivity(t *testing.T) {
 		// Should be 3 new issues
 		list = htmlDoc.doc.Find("#new-issues").Next().Find("p.desc")
 		assert.Len(t, list.Nodes, 3)
+
+		// Non-existing default branch
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: "repo1"})
+		repo1.DefaultBranch = "no-such-branch"
+		_, _ = db.GetEngine(t.Context()).Cols("default_branch").Update(repo1)
+		req = NewRequest(t, "GET", "/user2/repo1/activity")
+		req.Header.Add("Accept", "text/html")
+		resp = session.MakeRequest(t, req, http.StatusNotFound)
+		assert.Contains(t, resp.Body.String(), `Default branch "no-such-branch" does not exist.`)
 	})
 }
diff --git a/tests/integration/repo_branch_test.go b/tests/integration/repo_branch_test.go
index f9cf13112a..50ceb65330 100644
--- a/tests/integration/repo_branch_test.go
+++ b/tests/integration/repo_branch_test.go
@@ -138,7 +138,7 @@ func TestCreateBranchInvalidCSRF(t *testing.T) {
 }
 
 func prepareRecentlyPushedBranchTest(t *testing.T, headSession *TestSession, baseRepo, headRepo *repo_model.Repository) {
-	refSubURL := fmt.Sprintf("branch/%s", headRepo.DefaultBranch)
+	refSubURL := "branch/" + headRepo.DefaultBranch
 	baseRepoPath := baseRepo.OwnerName + "/" + baseRepo.Name
 	headRepoPath := headRepo.OwnerName + "/" + headRepo.Name
 	// Case 1: Normal branch changeset to display pushed message
@@ -168,7 +168,7 @@ func prepareRecentlyPushedBranchTest(t *testing.T, headSession *TestSession, bas
 }
 
 func prepareRecentlyPushedBranchSpecialTest(t *testing.T, session *TestSession, baseRepo, headRepo *repo_model.Repository) {
-	refSubURL := fmt.Sprintf("branch/%s", headRepo.DefaultBranch)
+	refSubURL := "branch/" + headRepo.DefaultBranch
 	baseRepoPath := baseRepo.OwnerName + "/" + baseRepo.Name
 	headRepoPath := headRepo.OwnerName + "/" + headRepo.Name
 	// create branch with no new commit
@@ -196,7 +196,7 @@ func testCreatePullToDefaultBranch(t *testing.T, session *TestSession, baseRepo,
 }
 
 func prepareRepoPR(t *testing.T, baseSession, headSession *TestSession, baseRepo, headRepo *repo_model.Repository) {
-	refSubURL := fmt.Sprintf("branch/%s", headRepo.DefaultBranch)
+	refSubURL := "branch/" + headRepo.DefaultBranch
 	testCreateBranch(t, headSession, headRepo.OwnerName, headRepo.Name, refSubURL, "new-commit", http.StatusSeeOther)
 
 	// create opening PR
diff --git a/tests/integration/repo_commits_search_test.go b/tests/integration/repo_commits_search_test.go
index 74ac25c0f5..9b05e36399 100644
--- a/tests/integration/repo_commits_search_test.go
+++ b/tests/integration/repo_commits_search_test.go
@@ -23,7 +23,7 @@ func testRepoCommitsSearch(t *testing.T, query, commit string) {
 
 	doc := NewHTMLParser(t, resp.Body)
 	sel := doc.doc.Find("#commits-table tbody tr td.sha a")
-	assert.EqualValues(t, commit, strings.TrimSpace(sel.Text()))
+	assert.Equal(t, commit, strings.TrimSpace(sel.Text()))
 }
 
 func TestRepoCommitsSearch(t *testing.T) {
diff --git a/tests/integration/repo_commits_test.go b/tests/integration/repo_commits_test.go
index fbe215eb85..b8f086e2b1 100644
--- a/tests/integration/repo_commits_test.go
+++ b/tests/integration/repo_commits_test.go
@@ -12,8 +12,7 @@ import (
 	"testing"
 
 	auth_model "code.gitea.io/gitea/models/auth"
-	"code.gitea.io/gitea/models/unittest"
-	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/commitstatus"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
@@ -25,55 +24,59 @@ import (
 
 func TestRepoCommits(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
 	session := loginUser(t, "user2")
 
-	// Request repository commits page
-	req := NewRequest(t, "GET", "/user2/repo1/commits/branch/master")
-	resp := session.MakeRequest(t, req, http.StatusOK)
-
-	doc := NewHTMLParser(t, resp.Body)
-	commitURL, exists := doc.doc.Find("#commits-table .commit-id-short").Attr("href")
-	assert.True(t, exists)
-	assert.NotEmpty(t, commitURL)
-}
-
-func Test_ReposGitCommitListNotMaster(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
-	// Login as User2.
-	session := loginUser(t, user.Name)
-
-	// Test getting commits (Page 1)
-	req := NewRequestf(t, "GET", "/%s/repo16/commits/branch/master", user.Name)
-	resp := session.MakeRequest(t, req, http.StatusOK)
+	t.Run("CommitList", func(t *testing.T) {
+		req := NewRequest(t, "GET", "/user2/repo16/commits/branch/master")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+
+		var commits, userHrefs []string
+		doc := NewHTMLParser(t, resp.Body)
+		doc.doc.Find("#commits-table .commit-id-short").Each(func(i int, s *goquery.Selection) {
+			commits = append(commits, path.Base(s.AttrOr("href", "")))
+		})
+		doc.doc.Find("#commits-table .author-wrapper").Each(func(i int, s *goquery.Selection) {
+			userHrefs = append(userHrefs, s.AttrOr("href", ""))
+		})
+		assert.Equal(t, []string{"69554a64c1e6030f051e5c3f94bfbd773cd6a324", "27566bd5738fc8b4e3fef3c5e72cce608537bd95", "5099b81332712fe655e34e8dd63574f503f61811"}, commits)
+		assert.Equal(t, []string{"/user2", "/user21", "/user2"}, userHrefs)
+	})
 
-	doc := NewHTMLParser(t, resp.Body)
-	commits := []string{}
-	doc.doc.Find("#commits-table .commit-id-short").Each(func(i int, s *goquery.Selection) {
-		commitURL, exists := s.Attr("href")
-		assert.True(t, exists)
-		assert.NotEmpty(t, commitURL)
-		commits = append(commits, path.Base(commitURL))
+	t.Run("LastCommit", func(t *testing.T) {
+		req := NewRequest(t, "GET", "/user2/repo16")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		doc := NewHTMLParser(t, resp.Body)
+		commitHref := doc.doc.Find(".latest-commit .commit-id-short").AttrOr("href", "")
+		authorHref := doc.doc.Find(".latest-commit .author-wrapper").AttrOr("href", "")
+		assert.Equal(t, "/user2/repo16/commit/69554a64c1e6030f051e5c3f94bfbd773cd6a324", commitHref)
+		assert.Equal(t, "/user2", authorHref)
 	})
 
-	assert.Len(t, commits, 3)
-	assert.EqualValues(t, "69554a64c1e6030f051e5c3f94bfbd773cd6a324", commits[0])
-	assert.EqualValues(t, "27566bd5738fc8b4e3fef3c5e72cce608537bd95", commits[1])
-	assert.EqualValues(t, "5099b81332712fe655e34e8dd63574f503f61811", commits[2])
-
-	userNames := []string{}
-	doc.doc.Find("#commits-table .author-wrapper").Each(func(i int, s *goquery.Selection) {
-		userPath, exists := s.Attr("href")
-		assert.True(t, exists)
-		assert.NotEmpty(t, userPath)
-		userNames = append(userNames, path.Base(userPath))
+	t.Run("CommitListNonExistingCommiter", func(t *testing.T) {
+		// check the commit list for a repository with no gitea user
+		// * commit 985f0301dba5e7b34be866819cd15ad3d8f508ee (branch2)
+		// * Author: 6543 <6543@obermui.de>
+		req := NewRequest(t, "GET", "/user2/repo1/commits/branch/branch2")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+
+		doc := NewHTMLParser(t, resp.Body)
+		commitHref := doc.doc.Find("#commits-table tr:first-child .commit-id-short").AttrOr("href", "")
+		assert.Equal(t, "/user2/repo1/commit/985f0301dba5e7b34be866819cd15ad3d8f508ee", commitHref)
+		authorElem := doc.doc.Find("#commits-table tr:first-child .author-wrapper")
+		assert.Equal(t, "6543", authorElem.Text())
+		assert.Equal(t, "span", authorElem.Nodes[0].Data)
 	})
 
-	assert.Len(t, userNames, 3)
-	assert.EqualValues(t, "User2", userNames[0])
-	assert.EqualValues(t, "user21", userNames[1])
-	assert.EqualValues(t, "User2", userNames[2])
+	t.Run("LastCommitNonExistingCommiter", func(t *testing.T) {
+		req := NewRequest(t, "GET", "/user2/repo1/src/branch/branch2")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		doc := NewHTMLParser(t, resp.Body)
+		commitHref := doc.doc.Find(".latest-commit .commit-id-short").AttrOr("href", "")
+		assert.Equal(t, "/user2/repo1/commit/985f0301dba5e7b34be866819cd15ad3d8f508ee", commitHref)
+		authorElem := doc.doc.Find(".latest-commit .author-wrapper")
+		assert.Equal(t, "6543", authorElem.Text())
+		assert.Equal(t, "span", authorElem.Nodes[0].Data)
+	})
 }
 
 func doTestRepoCommitWithStatus(t *testing.T, state string, classes ...string) {
@@ -94,7 +97,7 @@ func doTestRepoCommitWithStatus(t *testing.T, state string, classes ...string) {
 	// Call API to add status for commit
 	ctx := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository)
 	t.Run("CreateStatus", doAPICreateCommitStatus(ctx, path.Base(commitURL), api.CreateStatusOption{
-		State:       api.CommitStatusState(state),
+		State:       commitstatus.CommitStatusState(state),
 		TargetURL:   "http://test.ci/",
 		Description: "",
 		Context:     "testci",
@@ -138,10 +141,10 @@ func testRepoCommitsWithStatus(t *testing.T, resp, respOne *httptest.ResponseRec
 	assert.NotNil(t, status)
 
 	if assert.Len(t, statuses, 1) {
-		assert.Equal(t, api.CommitStatusState(state), statuses[0].State)
+		assert.Equal(t, commitstatus.CommitStatusState(state), statuses[0].State)
 		assert.Equal(t, setting.AppURL+"api/v1/repos/user2/repo1/statuses/65f1bf27bc3bf70f64657658635e66094edbcb4d", statuses[0].URL)
 		assert.Equal(t, "http://test.ci/", statuses[0].TargetURL)
-		assert.Equal(t, "", statuses[0].Description)
+		assert.Empty(t, statuses[0].Description)
 		assert.Equal(t, "testci", statuses[0].Context)
 
 		assert.Len(t, status.Statuses, 1)
@@ -186,13 +189,13 @@ func TestRepoCommitsStatusParallel(t *testing.T) {
 	assert.NotEmpty(t, commitURL)
 
 	var wg sync.WaitGroup
-	for i := 0; i < 10; i++ {
+	for i := range 10 {
 		wg.Add(1)
 		go func(parentT *testing.T, i int) {
 			parentT.Run(fmt.Sprintf("ParallelCreateStatus_%d", i), func(t *testing.T) {
 				ctx := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository)
 				runBody := doAPICreateCommitStatus(ctx, path.Base(commitURL), api.CreateStatusOption{
-					State:       api.CommitStatusPending,
+					State:       commitstatus.CommitStatusPending,
 					TargetURL:   "http://test.ci/",
 					Description: "",
 					Context:     "testci",
@@ -223,14 +226,14 @@ func TestRepoCommitsStatusMultiple(t *testing.T) {
 	// Call API to add status for commit
 	ctx := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository)
 	t.Run("CreateStatus", doAPICreateCommitStatus(ctx, path.Base(commitURL), api.CreateStatusOption{
-		State:       api.CommitStatusSuccess,
+		State:       commitstatus.CommitStatusSuccess,
 		TargetURL:   "http://test.ci/",
 		Description: "",
 		Context:     "testci",
 	}))
 
 	t.Run("CreateStatus", doAPICreateCommitStatus(ctx, path.Base(commitURL), api.CreateStatusOption{
-		State:       api.CommitStatusSuccess,
+		State:       commitstatus.CommitStatusSuccess,
 		TargetURL:   "http://test.ci/",
 		Description: "",
 		Context:     "other_context",
@@ -240,7 +243,7 @@ func TestRepoCommitsStatusMultiple(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusOK)
 
 	doc = NewHTMLParser(t, resp.Body)
-	// Check that the data-tippy="commit-statuses" (for trigger) and commit-status (svg) are present
-	sel := doc.doc.Find("#commits-table .message [data-tippy=\"commit-statuses\"] .commit-status")
+	// Check that the data-global-init="initCommitStatuses" (for trigger) and commit-status (svg) are present
+	sel := doc.doc.Find(`#commits-table .message [data-global-init="initCommitStatuses"] .commit-status`)
 	assert.Equal(t, 1, sel.Length())
 }
diff --git a/tests/integration/repo_fork_test.go b/tests/integration/repo_fork_test.go
index cbe5e4bb3f..95325eefeb 100644
--- a/tests/integration/repo_fork_test.go
+++ b/tests/integration/repo_fork_test.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/http/httptest"
+	"strconv"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
@@ -14,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 	org_service "code.gitea.io/gitea/services/org"
 	"code.gitea.io/gitea/tests"
 
@@ -46,11 +48,12 @@ func testRepoFork(t *testing.T, session *TestSession, ownerName, repoName, forkO
 	assert.True(t, exists, "Fork owner '%s' is not present in select box", forkOwnerName)
 	req = NewRequestWithValues(t, "POST", link, map[string]string{
 		"_csrf":              htmlDoc.GetCSRF(),
-		"uid":                fmt.Sprintf("%d", forkOwner.ID),
+		"uid":                strconv.FormatInt(forkOwner.ID, 10),
 		"repo_name":          forkRepoName,
 		"fork_single_branch": forkBranch,
 	})
-	session.MakeRequest(t, req, http.StatusSeeOther)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	assert.Equal(t, fmt.Sprintf("/%s/%s", forkOwnerName, forkRepoName), test.RedirectURL(resp))
 
 	// Step4: check the existence of the forked repo
 	req = NewRequestf(t, "GET", "/%s/%s", forkOwnerName, forkRepoName)
@@ -81,14 +84,14 @@ func TestRepoForkToOrg(t *testing.T) {
 
 func TestForkListLimitedAndPrivateRepos(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-	forkItemSelector := ".repo-fork-item"
+	forkItemSelector := ".fork-list .flex-item"
 
 	user1Sess := loginUser(t, "user1")
 	user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user1"})
 
 	// fork to a limited org
 	limitedOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 22})
-	assert.EqualValues(t, structs.VisibleTypeLimited, limitedOrg.Visibility)
+	assert.Equal(t, structs.VisibleTypeLimited, limitedOrg.Visibility)
 	ownerTeam1, err := org_model.OrgFromUser(limitedOrg).GetOwnerTeam(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.NoError(t, org_service.AddTeamMember(db.DefaultContext, ownerTeam1, user1))
@@ -98,7 +101,7 @@ func TestForkListLimitedAndPrivateRepos(t *testing.T) {
 	user4Sess := loginUser(t, "user4")
 	user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user4"})
 	privateOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23})
-	assert.EqualValues(t, structs.VisibleTypePrivate, privateOrg.Visibility)
+	assert.Equal(t, structs.VisibleTypePrivate, privateOrg.Visibility)
 	ownerTeam2, err := org_model.OrgFromUser(privateOrg).GetOwnerTeam(db.DefaultContext)
 	assert.NoError(t, err)
 	assert.NoError(t, org_service.AddTeamMember(db.DefaultContext, ownerTeam2, user4))
@@ -109,7 +112,7 @@ func TestForkListLimitedAndPrivateRepos(t *testing.T) {
 		req := NewRequest(t, "GET", "/user2/repo1/forks")
 		resp := MakeRequest(t, req, http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
-		assert.EqualValues(t, 0, htmlDoc.Find(forkItemSelector).Length())
+		assert.Equal(t, 0, htmlDoc.Find(forkItemSelector).Length())
 	})
 
 	t.Run("Logged in", func(t *testing.T) {
@@ -119,11 +122,11 @@ func TestForkListLimitedAndPrivateRepos(t *testing.T) {
 		resp := user1Sess.MakeRequest(t, req, http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		// since user1 is an admin, he can get both of the forked repositories
-		assert.EqualValues(t, 2, htmlDoc.Find(forkItemSelector).Length())
+		assert.Equal(t, 2, htmlDoc.Find(forkItemSelector).Length())
 
 		assert.NoError(t, org_service.AddTeamMember(db.DefaultContext, ownerTeam2, user1))
 		resp = user1Sess.MakeRequest(t, req, http.StatusOK)
 		htmlDoc = NewHTMLParser(t, resp.Body)
-		assert.EqualValues(t, 2, htmlDoc.Find(forkItemSelector).Length())
+		assert.Equal(t, 2, htmlDoc.Find(forkItemSelector).Length())
 	})
 }
diff --git a/tests/integration/repo_generate_test.go b/tests/integration/repo_generate_test.go
index ff2aa220d3..fca4e92982 100644
--- a/tests/integration/repo_generate_test.go
+++ b/tests/integration/repo_generate_test.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/http/httptest"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -31,20 +32,20 @@ func testRepoGenerate(t *testing.T, session *TestSession, templateID, templateOw
 
 	// Step2: click the "Use this template" button
 	htmlDoc := NewHTMLParser(t, resp.Body)
-	link, exists := htmlDoc.doc.Find("a.ui.button[href^=\"/repo/create\"]").Attr("href")
+	link, exists := htmlDoc.doc.Find(`a.ui.button[href^="/repo/create"]`).Attr("href")
 	assert.True(t, exists, "The template has changed")
 	req = NewRequest(t, "GET", link)
 	resp = session.MakeRequest(t, req, http.StatusOK)
 
-	// Step3: fill the form of the create
+	// Step3: fill the form on the "create" page
 	htmlDoc = NewHTMLParser(t, resp.Body)
-	link, exists = htmlDoc.doc.Find("form.ui.form[action^=\"/repo/create\"]").Attr("action")
+	link, exists = htmlDoc.doc.Find(`form.ui.form[action^="/repo/create"]`).Attr("action")
 	assert.True(t, exists, "The template has changed")
-	_, exists = htmlDoc.doc.Find(fmt.Sprintf(".owner.dropdown .item[data-value=\"%d\"]", generateOwner.ID)).Attr("data-value")
+	_, exists = htmlDoc.doc.Find(fmt.Sprintf(`#repo_owner_dropdown .item[data-value="%d"]`, generateOwner.ID)).Attr("data-value")
 	assert.True(t, exists, "Generate owner '%s' is not present in select box", generateOwnerName)
 	req = NewRequestWithValues(t, "POST", link, map[string]string{
 		"_csrf":         htmlDoc.GetCSRF(),
-		"uid":           fmt.Sprintf("%d", generateOwner.ID),
+		"uid":           strconv.FormatInt(generateOwner.ID, 10),
 		"repo_name":     generateRepoName,
 		"repo_template": templateID,
 		"git_content":   "true",
diff --git a/tests/integration/repo_merge_upstream_test.go b/tests/integration/repo_merge_upstream_test.go
index e928b04e9b..d33d31c646 100644
--- a/tests/integration/repo_merge_upstream_test.go
+++ b/tests/integration/repo_merge_upstream_test.go
@@ -147,5 +147,37 @@ func TestRepoMergeUpstream(t *testing.T) {
 				return queryMergeUpstreamButtonLink(htmlDoc) == ""
 			}, 5*time.Second, 100*time.Millisecond)
 		})
+
+		t.Run("FastForwardOnly", func(t *testing.T) {
+			// Create a clean branch for fast-forward testing
+			req = NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/test-repo-fork/branches/_new/branch/master", forkUser.Name), map[string]string{
+				"_csrf":           GetUserCSRFToken(t, session),
+				"new_branch_name": "ff-test-branch",
+			})
+			session.MakeRequest(t, req, http.StatusSeeOther)
+
+			// Add content to base repository that can be fast-forwarded
+			require.NoError(t, createOrReplaceFileInBranch(baseUser, baseRepo, "ff-test.txt", "master", "ff-content-1"))
+
+			// ff_only=true with fast-forward possible (should succeed)
+			req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/test-repo-fork/merge-upstream", forkUser.Name), &api.MergeUpstreamRequest{
+				Branch: "ff-test-branch",
+				FfOnly: true,
+			}).AddTokenAuth(token)
+			resp := MakeRequest(t, req, http.StatusOK)
+
+			var mergeResp api.MergeUpstreamResponse
+			DecodeJSON(t, resp, &mergeResp)
+			assert.Equal(t, "fast-forward", mergeResp.MergeStyle)
+
+			// ff_only=true when fast-forward is not possible (should fail)
+			require.NoError(t, createOrReplaceFileInBranch(baseUser, baseRepo, "another-file.txt", "master", "more-content"))
+
+			req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/test-repo-fork/merge-upstream", forkUser.Name), &api.MergeUpstreamRequest{
+				Branch: "fork-branch",
+				FfOnly: true,
+			}).AddTokenAuth(token)
+			MakeRequest(t, req, http.StatusBadRequest)
+		})
 	})
 }
diff --git a/tests/integration/repo_search_test.go b/tests/integration/repo_search_test.go
index 29d1517f4e..36a2e81f3b 100644
--- a/tests/integration/repo_search_test.go
+++ b/tests/integration/repo_search_test.go
@@ -57,5 +57,5 @@ func testSearch(t *testing.T, url string, expected []string) {
 	resp := MakeRequest(t, req, http.StatusOK)
 
 	filenames := resultFilenames(NewHTMLParser(t, resp.Body))
-	assert.EqualValues(t, expected, filenames)
+	assert.Equal(t, expected, filenames)
 }
diff --git a/tests/integration/repo_test.go b/tests/integration/repo_test.go
index a5728ffcbd..adfe07519f 100644
--- a/tests/integration/repo_test.go
+++ b/tests/integration/repo_test.go
@@ -6,21 +6,51 @@ package integration
 import (
 	"fmt"
 	"net/http"
+	"os"
 	"path"
+	"strconv"
 	"strings"
 	"testing"
 	"time"
 
+	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/models/unit"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/util"
+	repo_service "code.gitea.io/gitea/services/repository"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/PuerkitoBio/goquery"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
-func TestViewRepo(t *testing.T) {
+func TestRepoView(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
+	t.Run("ViewRepoPublic", testViewRepoPublic)
+	t.Run("ViewRepoWithCache", testViewRepoWithCache)
+	t.Run("ViewRepoPrivate", testViewRepoPrivate)
+	t.Run("ViewRepo1CloneLinkAnonymous", testViewRepo1CloneLinkAnonymous)
+	t.Run("ViewRepo1CloneLinkAuthorized", testViewRepo1CloneLinkAuthorized)
+	t.Run("ViewRepoWithSymlinks", testViewRepoWithSymlinks)
+	t.Run("ViewFileInRepo", testViewFileInRepo)
+	t.Run("BlameFileInRepo", testBlameFileInRepo)
+	t.Run("ViewRepoDirectory", testViewRepoDirectory)
+	t.Run("ViewRepoDirectoryReadme", testViewRepoDirectoryReadme)
+	t.Run("ViewRepoSymlink", testViewRepoSymlink)
+	t.Run("MarkDownReadmeImage", testMarkDownReadmeImage)
+	t.Run("MarkDownReadmeImageSubfolder", testMarkDownReadmeImageSubfolder)
+	t.Run("GeneratedSourceLink", testGeneratedSourceLink)
+	t.Run("ViewCommit", testViewCommit)
+}
+
+func testViewRepoPublic(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -41,87 +71,118 @@ func TestViewRepo(t *testing.T) {
 	session.MakeRequest(t, req, http.StatusNotFound)
 }
 
-func testViewRepo(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	req := NewRequest(t, "GET", "/org3/repo3")
-	session := loginUser(t, "user2")
-	resp := session.MakeRequest(t, req, http.StatusOK)
-
-	htmlDoc := NewHTMLParser(t, resp.Body)
-	files := htmlDoc.doc.Find("#repo-files-table .repo-file-item")
-
-	type file struct {
-		fileName   string
-		commitID   string
-		commitMsg  string
-		commitTime string
-	}
+func testViewRepoWithCache(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
+	testView := func(t *testing.T) {
+		req := NewRequest(t, "GET", "/org3/repo3")
+		session := loginUser(t, "user2")
+		resp := session.MakeRequest(t, req, http.StatusOK)
 
-	var items []file
-
-	files.Each(func(i int, s *goquery.Selection) {
-		tds := s.Find(".repo-file-cell")
-		var f file
-		tds.Each(func(i int, s *goquery.Selection) {
-			if i == 0 {
-				f.fileName = strings.TrimSpace(s.Text())
-			} else if i == 1 {
-				a := s.Find("a")
-				f.commitMsg = strings.TrimSpace(a.Text())
-				l, _ := a.Attr("href")
-				f.commitID = path.Base(l)
-			}
+		htmlDoc := NewHTMLParser(t, resp.Body)
+		files := htmlDoc.doc.Find("#repo-files-table .repo-file-item")
+
+		type file struct {
+			fileName   string
+			commitID   string
+			commitMsg  string
+			commitTime string
+		}
+
+		var items []file
+
+		files.Each(func(i int, s *goquery.Selection) {
+			tds := s.Find(".repo-file-cell")
+			var f file
+			tds.Each(func(i int, s *goquery.Selection) {
+				if i == 0 {
+					f.fileName = strings.TrimSpace(s.Text())
+				} else if i == 1 {
+					a := s.Find("a")
+					f.commitMsg = strings.TrimSpace(a.Text())
+					l, _ := a.Attr("href")
+					f.commitID = path.Base(l)
+				}
+			})
+
+			// convert "2017-06-14 21:54:21 +0800" to "Wed, 14 Jun 2017 13:54:21 UTC"
+			htmlTimeString, _ := s.Find("relative-time").Attr("datetime")
+			htmlTime, _ := time.Parse(time.RFC3339, htmlTimeString)
+			f.commitTime = htmlTime.In(time.Local).Format(time.RFC1123)
+			items = append(items, f)
 		})
 
-		// convert "2017-06-14 21:54:21 +0800" to "Wed, 14 Jun 2017 13:54:21 UTC"
-		htmlTimeString, _ := s.Find("relative-time").Attr("datetime")
-		htmlTime, _ := time.Parse(time.RFC3339, htmlTimeString)
-		f.commitTime = htmlTime.In(time.Local).Format(time.RFC1123)
-		items = append(items, f)
-	})
-
-	commitT := time.Date(2017, time.June, 14, 13, 54, 21, 0, time.UTC).In(time.Local).Format(time.RFC1123)
-	assert.EqualValues(t, []file{
-		{
-			fileName:   "doc",
-			commitID:   "2a47ca4b614a9f5a43abbd5ad851a54a616ffee6",
-			commitMsg:  "init project",
-			commitTime: commitT,
-		},
-		{
-			fileName:   "README.md",
-			commitID:   "2a47ca4b614a9f5a43abbd5ad851a54a616ffee6",
-			commitMsg:  "init project",
-			commitTime: commitT,
-		},
-	}, items)
-}
+		commitT := time.Date(2017, time.June, 14, 13, 54, 21, 0, time.UTC).In(time.Local).Format(time.RFC1123)
+		assert.Equal(t, []file{
+			{
+				fileName:   "doc",
+				commitID:   "2a47ca4b614a9f5a43abbd5ad851a54a616ffee6",
+				commitMsg:  "init project",
+				commitTime: commitT,
+			},
+			{
+				fileName:   "README.md",
+				commitID:   "2a47ca4b614a9f5a43abbd5ad851a54a616ffee6",
+				commitMsg:  "init project",
+				commitTime: commitT,
+			},
+		}, items)
+	}
 
-func TestViewRepo2(t *testing.T) {
+	// FIXME: these test don't seem quite right, no enough assert
 	// no last commit cache
-	testViewRepo(t)
-
+	testView(t)
 	// enable last commit cache for all repositories
 	oldCommitsCount := setting.CacheService.LastCommit.CommitsCount
 	setting.CacheService.LastCommit.CommitsCount = 0
 	// first view will not hit the cache
-	testViewRepo(t)
+	testView(t)
 	// second view will hit the cache
-	testViewRepo(t)
+	testView(t)
 	setting.CacheService.LastCommit.CommitsCount = oldCommitsCount
 }
 
-func TestViewRepo3(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepoPrivate(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	req := NewRequest(t, "GET", "/org3/repo3")
-	session := loginUser(t, "user4")
-	session.MakeRequest(t, req, http.StatusOK)
+	MakeRequest(t, req, http.StatusNotFound)
+
+	t.Run("OrgMemberAccess", func(t *testing.T) {
+		req = NewRequest(t, "GET", "/org3/repo3")
+		session := loginUser(t, "user4")
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		assert.Contains(t, resp.Body.String(), `<div id="repo-files-table"`)
+	})
+
+	t.Run("PublicAccess-AnonymousAccess", func(t *testing.T) {
+		session := loginUser(t, "user1")
+
+		// set unit code to "anonymous read"
+		req = NewRequestWithValues(t, "POST", "/org3/repo3/settings/public_access", map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+			"repo-unit-access-" + strconv.Itoa(int(unit.TypeCode)): "anonymous-read",
+		})
+		session.MakeRequest(t, req, http.StatusSeeOther)
+
+		// try to "anonymous read" (ok)
+		req = NewRequest(t, "GET", "/org3/repo3")
+		resp := MakeRequest(t, req, http.StatusOK)
+		assert.Contains(t, resp.Body.String(), `<span class="ui basic orange label">Public Access</span>`)
+
+		// remove "anonymous read"
+		req = NewRequestWithValues(t, "POST", "/org3/repo3/settings/public_access", map[string]string{
+			"_csrf": GetUserCSRFToken(t, session),
+		})
+		session.MakeRequest(t, req, http.StatusSeeOther)
+
+		// try to "anonymous read" (not found)
+		req = NewRequest(t, "GET", "/org3/repo3")
+		MakeRequest(t, req, http.StatusNotFound)
+	})
 }
 
-func TestViewRepo1CloneLinkAnonymous(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepo1CloneLinkAnonymous(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	req := NewRequest(t, "GET", "/user2/repo1")
 	resp := MakeRequest(t, req, http.StatusOK)
@@ -139,8 +200,8 @@ func TestViewRepo1CloneLinkAnonymous(t *testing.T) {
 	assert.Equal(t, "tea clone user2/repo1", link)
 }
 
-func TestViewRepo1CloneLinkAuthorized(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepo1CloneLinkAuthorized(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -162,8 +223,8 @@ func TestViewRepo1CloneLinkAuthorized(t *testing.T) {
 	assert.Equal(t, "tea clone user2/repo1", link)
 }
 
-func TestViewRepoWithSymlinks(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepoWithSymlinks(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 	defer test.MockVariableValue(&setting.UI.FileIconTheme, "basic")()
 	session := loginUser(t, "user2")
 
@@ -186,8 +247,8 @@ func TestViewRepoWithSymlinks(t *testing.T) {
 }
 
 // TestViewFileInRepo repo description, topics and summary should not be displayed when viewing a file
-func TestViewFileInRepo(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewFileInRepo(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -199,14 +260,14 @@ func TestViewFileInRepo(t *testing.T) {
 	repoTopics := htmlDoc.doc.Find("#repo-topics")
 	repoSummary := htmlDoc.doc.Find(".repository-summary")
 
-	assert.EqualValues(t, 0, description.Length())
-	assert.EqualValues(t, 0, repoTopics.Length())
-	assert.EqualValues(t, 0, repoSummary.Length())
+	assert.Equal(t, 0, description.Length())
+	assert.Equal(t, 0, repoTopics.Length())
+	assert.Equal(t, 0, repoSummary.Length())
 }
 
 // TestBlameFileInRepo repo description, topics and summary should not be displayed when running blame on a file
-func TestBlameFileInRepo(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testBlameFileInRepo(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -218,14 +279,14 @@ func TestBlameFileInRepo(t *testing.T) {
 	repoTopics := htmlDoc.doc.Find("#repo-topics")
 	repoSummary := htmlDoc.doc.Find(".repository-summary")
 
-	assert.EqualValues(t, 0, description.Length())
-	assert.EqualValues(t, 0, repoTopics.Length())
-	assert.EqualValues(t, 0, repoSummary.Length())
+	assert.Equal(t, 0, description.Length())
+	assert.Equal(t, 0, repoTopics.Length())
+	assert.Equal(t, 0, repoSummary.Length())
 }
 
 // TestViewRepoDirectory repo description, topics and summary should not be displayed when within a directory
-func TestViewRepoDirectory(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepoDirectory(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -246,8 +307,8 @@ func TestViewRepoDirectory(t *testing.T) {
 }
 
 // ensure that the all the different ways to find and render a README work
-func TestViewRepoDirectoryReadme(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepoDirectoryReadme(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	// there are many combinations:
 	// - READMEs can be .md, .txt, or have no extension
@@ -353,8 +414,23 @@ func TestViewRepoDirectoryReadme(t *testing.T) {
 	missing("symlink-loop", "/user2/readme-test/src/branch/symlink-loop/")
 }
 
-func TestMarkDownReadmeImage(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewRepoSymlink(t *testing.T) {
+	session := loginUser(t, "user2")
+	req := NewRequest(t, "GET", "/user2/readme-test/src/branch/symlink")
+	resp := session.MakeRequest(t, req, http.StatusOK)
+
+	htmlDoc := NewHTMLParser(t, resp.Body)
+	AssertHTMLElement(t, htmlDoc, ".entry-symbol-link", true)
+	followSymbolLinkHref := htmlDoc.Find(".entry-symbol-link").AttrOr("href", "")
+	require.Equal(t, "/user2/readme-test/src/branch/symlink/README.md?follow_symlink=1", followSymbolLinkHref)
+
+	req = NewRequest(t, "GET", followSymbolLinkHref)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
+	assert.Equal(t, "/user2/readme-test/src/branch/symlink/some/other/path/awefulcake.txt?follow_symlink=1", resp.Header().Get("Location"))
+}
+
+func testMarkDownReadmeImage(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -375,8 +451,8 @@ func TestMarkDownReadmeImage(t *testing.T) {
 	assert.Equal(t, "/user2/repo1/media/branch/home-md-img-check/test-fake-img.jpg", src)
 }
 
-func TestMarkDownReadmeImageSubfolder(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testMarkDownReadmeImageSubfolder(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	session := loginUser(t, "user2")
 
@@ -398,8 +474,8 @@ func TestMarkDownReadmeImageSubfolder(t *testing.T) {
 	assert.Equal(t, "/user2/repo1/media/branch/sub-home-md-img-check/docs/test-fake-img.jpg", src)
 }
 
-func TestGeneratedSourceLink(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testGeneratedSourceLink(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	t.Run("Rendered file", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
@@ -434,11 +510,54 @@ func TestGeneratedSourceLink(t *testing.T) {
 	})
 }
 
-func TestViewCommit(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
+func testViewCommit(t *testing.T) {
+	defer tests.PrintCurrentTest(t)()
 
 	req := NewRequest(t, "GET", "/user2/repo1/commit/0123456789012345678901234567890123456789")
 	req.Header.Add("Accept", "text/html")
 	resp := MakeRequest(t, req, http.StatusNotFound)
 	assert.True(t, test.IsNormalPageCompleted(resp.Body.String()), "non-existing commit should render 404 page")
 }
+
+// TestGenerateRepository the test cannot succeed when moved as a unit test
+func TestGenerateRepository(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	// a successful generate from template
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	repo44 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 44})
+
+	generatedRepo, err := repo_service.GenerateRepository(git.DefaultContext, user2, user2, repo44, repo_service.GenerateRepoOptions{
+		Name:       "generated-from-template-44",
+		GitContent: true,
+	})
+	assert.NoError(t, err)
+	assert.NotNil(t, generatedRepo)
+
+	exist, err := util.IsExist(repo_model.RepoPath(user2.Name, generatedRepo.Name))
+	assert.NoError(t, err)
+	assert.True(t, exist)
+
+	unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: generatedRepo.Name})
+
+	err = repo_service.DeleteRepositoryDirectly(db.DefaultContext, generatedRepo.ID)
+	assert.NoError(t, err)
+
+	// a failed creating because some mock data
+	// create the repository directory so that the creation will fail after database record created.
+	assert.NoError(t, os.MkdirAll(repo_model.RepoPath(user2.Name, "generated-from-template-44"), os.ModePerm))
+
+	generatedRepo2, err := repo_service.GenerateRepository(db.DefaultContext, user2, user2, repo44, repo_service.GenerateRepoOptions{
+		Name:       "generated-from-template-44",
+		GitContent: true,
+	})
+	assert.Nil(t, generatedRepo2)
+	assert.Error(t, err)
+
+	// assert the cleanup is successful
+	unittest.AssertNotExistsBean(t, &repo_model.Repository{OwnerName: user2.Name, Name: generatedRepo.Name})
+
+	exist, err = util.IsExist(repo_model.RepoPath(user2.Name, generatedRepo.Name))
+	assert.NoError(t, err)
+	assert.False(t, exist)
+}
diff --git a/tests/integration/repo_topic_test.go b/tests/integration/repo_topic_test.go
index f198397007..7f9594b9fd 100644
--- a/tests/integration/repo_topic_test.go
+++ b/tests/integration/repo_topic_test.go
@@ -25,7 +25,7 @@ func TestTopicSearch(t *testing.T) {
 	res := MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 6)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// pagination search topics
 	topics.TopicNames = nil
@@ -35,7 +35,7 @@ func TestTopicSearch(t *testing.T) {
 	res = MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 4)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// second page
 	topics.TopicNames = nil
@@ -45,7 +45,7 @@ func TestTopicSearch(t *testing.T) {
 	res = MakeRequest(t, NewRequest(t, "GET", searchURL.String()), http.StatusOK)
 	DecodeJSON(t, res, &topics)
 	assert.Len(t, topics.TopicNames, 2)
-	assert.EqualValues(t, "6", res.Header().Get("x-total-count"))
+	assert.Equal(t, "6", res.Header().Get("x-total-count"))
 
 	// add keyword search
 	topics.TopicNames = nil
@@ -63,7 +63,7 @@ func TestTopicSearch(t *testing.T) {
 	DecodeJSON(t, res, &topics)
 	if assert.Len(t, topics.TopicNames, 1) {
 		assert.EqualValues(t, 2, topics.TopicNames[0].ID)
-		assert.EqualValues(t, "database", topics.TopicNames[0].Name)
-		assert.EqualValues(t, 1, topics.TopicNames[0].RepoCount)
+		assert.Equal(t, "database", topics.TopicNames[0].Name)
+		assert.Equal(t, 1, topics.TopicNames[0].RepoCount)
 	}
 }
diff --git a/tests/integration/repo_webhook_test.go b/tests/integration/repo_webhook_test.go
index 7e85c10d4b..f1abac8cfa 100644
--- a/tests/integration/repo_webhook_test.go
+++ b/tests/integration/repo_webhook_test.go
@@ -9,17 +9,20 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"net/url"
+	"path"
 	"strings"
 	"testing"
-	"time"
 
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/models/webhook"
+	"code.gitea.io/gitea/modules/commitstatus"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/tests"
@@ -56,16 +59,21 @@ func TestNewWebHookLink(t *testing.T) {
 	}
 }
 
-func testAPICreateWebhookForRepo(t *testing.T, session *TestSession, userName, repoName, url, event string) {
+func testAPICreateWebhookForRepo(t *testing.T, session *TestSession, userName, repoName, url, event string, branchFilter ...string) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeAll)
+	var branchFilterString string
+	if len(branchFilter) > 0 {
+		branchFilterString = branchFilter[0]
+	}
 	req := NewRequestWithJSON(t, "POST", "/api/v1/repos/"+userName+"/"+repoName+"/hooks", api.CreateHookOption{
 		Type: "gitea",
 		Config: api.CreateHookOptionConfig{
 			"content_type": "json",
 			"url":          url,
 		},
-		Events: []string{event},
-		Active: true,
+		Events:       []string{event},
+		Active:       true,
+		BranchFilter: branchFilterString,
 	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusCreated)
 }
@@ -126,19 +134,19 @@ func (m *mockWebhookProvider) Close() {
 }
 
 func Test_WebhookCreate(t *testing.T) {
-	var payloads []api.CreatePayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.CreatePayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = string(webhook_module.HookEventCreate)
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.CreatePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.CreatePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = string(webhook_module.HookEventCreate)
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -149,28 +157,28 @@ func Test_WebhookCreate(t *testing.T) {
 
 		// 3. validate the webhook is triggered
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, string(webhook_module.HookEventCreate), triggeredEvent)
-		assert.EqualValues(t, "repo1", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repo.FullName)
-		assert.EqualValues(t, "master2", payloads[0].Ref)
-		assert.EqualValues(t, "branch", payloads[0].RefType)
+		assert.Equal(t, string(webhook_module.HookEventCreate), triggeredEvent)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Equal(t, "master2", payloads[0].Ref)
+		assert.Equal(t, "branch", payloads[0].RefType)
 	})
 }
 
 func Test_WebhookDelete(t *testing.T) {
-	var payloads []api.DeletePayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.DeletePayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "delete"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.DeletePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.DeletePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "delete"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -181,29 +189,29 @@ func Test_WebhookDelete(t *testing.T) {
 		testAPIDeleteBranch(t, "master2", http.StatusNoContent)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "delete", triggeredEvent)
+		assert.Equal(t, "delete", triggeredEvent)
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, "repo1", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repo.FullName)
-		assert.EqualValues(t, "master2", payloads[0].Ref)
-		assert.EqualValues(t, "branch", payloads[0].RefType)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Equal(t, "master2", payloads[0].Ref)
+		assert.Equal(t, "branch", payloads[0].RefType)
 	})
 }
 
 func Test_WebhookFork(t *testing.T) {
-	var payloads []api.ForkPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.ForkPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "fork"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.ForkPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.ForkPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "fork"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user1")
 
@@ -213,64 +221,113 @@ func Test_WebhookFork(t *testing.T) {
 		testRepoFork(t, session, "user2", "repo1", "user1", "repo1-fork", "master")
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "fork", triggeredEvent)
+		assert.Equal(t, "fork", triggeredEvent)
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, "repo1-fork", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user1/repo1-fork", payloads[0].Repo.FullName)
-		assert.EqualValues(t, "repo1", payloads[0].Forkee.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Forkee.FullName)
+		assert.Equal(t, "repo1-fork", payloads[0].Repo.Name)
+		assert.Equal(t, "user1/repo1-fork", payloads[0].Repo.FullName)
+		assert.Equal(t, "repo1", payloads[0].Forkee.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Forkee.FullName)
 	})
 }
 
 func Test_WebhookIssueComment(t *testing.T) {
-	var payloads []api.IssueCommentPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.IssueCommentPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "issue_comment"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.IssueCommentPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.IssueCommentPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "issue_comment"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
 		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "issue_comment")
 
-		// 2. trigger the webhook
-		issueURL := testNewIssue(t, session, "user2", "repo1", "Title2", "Description2")
-		testIssueAddComment(t, session, issueURL, "issue title2 comment1", "")
+		t.Run("create comment", func(t *testing.T) {
+			// 2. trigger the webhook
+			issueURL := testNewIssue(t, session, "user2", "repo1", "Title2", "Description2")
+			testIssueAddComment(t, session, issueURL, "issue title2 comment1", "")
+
+			// 3. validate the webhook is triggered
+			assert.Equal(t, "issue_comment", triggeredEvent)
+			assert.Len(t, payloads, 1)
+			assert.EqualValues(t, "created", payloads[0].Action)
+			assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+			assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+			assert.Equal(t, "Title2", payloads[0].Issue.Title)
+			assert.Equal(t, "Description2", payloads[0].Issue.Body)
+			assert.Equal(t, "issue title2 comment1", payloads[0].Comment.Body)
+		})
 
-		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "issue_comment", triggeredEvent)
-		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, "created", payloads[0].Action)
-		assert.EqualValues(t, "repo1", payloads[0].Issue.Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
-		assert.EqualValues(t, "Title2", payloads[0].Issue.Title)
-		assert.EqualValues(t, "Description2", payloads[0].Issue.Body)
-		assert.EqualValues(t, "issue title2 comment1", payloads[0].Comment.Body)
+		t.Run("update comment", func(t *testing.T) {
+			payloads = make([]api.IssueCommentPayload, 0, 2)
+			triggeredEvent = ""
+
+			// 2. trigger the webhook
+			issueURL := testNewIssue(t, session, "user2", "repo1", "Title3", "Description3")
+			commentID := testIssueAddComment(t, session, issueURL, "issue title3 comment1", "")
+			modifiedContent := "issue title2 comment1 - modified"
+			req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{
+				"_csrf":   GetUserCSRFToken(t, session),
+				"content": modifiedContent,
+			})
+			session.MakeRequest(t, req, http.StatusOK)
+
+			// 3. validate the webhook is triggered
+			assert.Equal(t, "issue_comment", triggeredEvent)
+			assert.Len(t, payloads, 2)
+			assert.EqualValues(t, "edited", payloads[1].Action)
+			assert.Equal(t, "repo1", payloads[1].Issue.Repo.Name)
+			assert.Equal(t, "user2/repo1", payloads[1].Issue.Repo.FullName)
+			assert.Equal(t, "Title3", payloads[1].Issue.Title)
+			assert.Equal(t, "Description3", payloads[1].Issue.Body)
+			assert.Equal(t, modifiedContent, payloads[1].Comment.Body)
+		})
+
+		t.Run("Update comment with no content change", func(t *testing.T) {
+			payloads = make([]api.IssueCommentPayload, 0, 2)
+			triggeredEvent = ""
+			commentContent := "issue title3 comment1"
+
+			// 2. trigger the webhook
+			issueURL := testNewIssue(t, session, "user2", "repo1", "Title3", "Description3")
+			commentID := testIssueAddComment(t, session, issueURL, commentContent, "")
+
+			payloads = make([]api.IssueCommentPayload, 0, 2)
+			triggeredEvent = ""
+			req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/comments/%d", "user2", "repo1", commentID), map[string]string{
+				"_csrf":   GetUserCSRFToken(t, session),
+				"content": commentContent,
+			})
+			session.MakeRequest(t, req, http.StatusOK)
+
+			// 3. validate the webhook is not triggered because no content change
+			assert.Empty(t, triggeredEvent)
+			assert.Empty(t, payloads)
+		})
 	})
 }
 
 func Test_WebhookRelease(t *testing.T) {
-	var payloads []api.ReleasePayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.ReleasePayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "release"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.ReleasePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.ReleasePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "release"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -280,17 +337,49 @@ func Test_WebhookRelease(t *testing.T) {
 		createNewRelease(t, session, "/user2/repo1", "v0.0.99", "v0.0.99", false, false)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "release", triggeredEvent)
+		assert.Equal(t, "release", triggeredEvent)
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, "repo1", payloads[0].Repository.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repository.FullName)
-		assert.EqualValues(t, "v0.0.99", payloads[0].Release.TagName)
+		assert.Equal(t, "repo1", payloads[0].Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repository.FullName)
+		assert.Equal(t, "v0.0.99", payloads[0].Release.TagName)
 		assert.False(t, payloads[0].Release.IsDraft)
 		assert.False(t, payloads[0].Release.IsPrerelease)
 	})
 }
 
 func Test_WebhookPush(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.PushPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.PushPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "push"
+		}, http.StatusOK)
+		defer provider.Close()
+
+		// 1. create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "push")
+
+		// 2. trigger the webhook
+		testCreateFile(t, session, "user2", "repo1", "master", "", "test_webhook_push.md", "# a test file for webhook push")
+
+		// 3. validate the webhook is triggered
+		assert.Equal(t, "push", triggeredEvent)
+		assert.Len(t, payloads, 1)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Len(t, payloads[0].Commits, 1)
+		assert.Equal(t, []string{"test_webhook_push.md"}, payloads[0].Commits[0].Added)
+	})
+}
+
+func Test_WebhookPushDevBranch(t *testing.T) {
 	var payloads []api.PushPayload
 	var triggeredEvent string
 	provider := newMockWebhookProvider(func(r *http.Request) {
@@ -307,31 +396,55 @@ func Test_WebhookPush(t *testing.T) {
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
-		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "push")
+		// only for dev branch
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "push", "develop")
 
-		// 2. trigger the webhook
-		testCreateFile(t, session, "user2", "repo1", "master", "test_webhook_push.md", "# a test file for webhook push")
+		// 2. this should not trigger the webhook
+		testCreateFile(t, session, "user2", "repo1", "master", "", "test_webhook_push.md", "# a test file for webhook push")
+		assert.Empty(t, triggeredEvent)
+		assert.Empty(t, payloads)
 
-		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "push", triggeredEvent)
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+		gitRepo, err := gitrepo.OpenRepository(t.Context(), repo1)
+		assert.NoError(t, err)
+		defer gitRepo.Close()
+
+		beforeCommitID, err := gitRepo.GetBranchCommitID("develop")
+		assert.NoError(t, err)
+
+		// 3. trigger the webhook
+		testCreateFile(t, session, "user2", "repo1", "develop", "", "test_webhook_push.md", "# a test file for webhook push")
+
+		afterCommitID, err := gitRepo.GetBranchCommitID("develop")
+		assert.NoError(t, err)
+
+		// 4. validate the webhook is triggered
+		assert.Equal(t, "push", triggeredEvent)
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, "repo1", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Equal(t, "refs/heads/develop", payloads[0].Ref)
+		assert.Equal(t, beforeCommitID, payloads[0].Before)
+		assert.Equal(t, afterCommitID, payloads[0].After)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "develop", payloads[0].Branch())
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
 		assert.Len(t, payloads[0].Commits, 1)
-		assert.EqualValues(t, []string{"test_webhook_push.md"}, payloads[0].Commits[0].Added)
+		assert.Equal(t, afterCommitID, payloads[0].Commits[0].ID)
+		assert.Equal(t, setting.AppURL+"user2/repo1/compare/"+beforeCommitID+"..."+afterCommitID, payloads[0].CompareURL)
+		assert.Equal(t, []string{"test_webhook_push.md"}, payloads[0].Commits[0].Added)
+		assert.Empty(t, payloads[0].Commits[0].Removed)
 	})
 }
 
-func Test_WebhookIssue(t *testing.T) {
-	var payloads []api.IssuePayload
+func Test_WebhookPushToNewBranch(t *testing.T) {
+	var payloads []api.PushPayload
 	var triggeredEvent string
 	provider := newMockWebhookProvider(func(r *http.Request) {
 		content, _ := io.ReadAll(r.Body)
-		var payload api.IssuePayload
+		var payload api.PushPayload
 		err := json.Unmarshal(content, &payload)
 		assert.NoError(t, err)
 		payloads = append(payloads, payload)
-		triggeredEvent = "issues"
+		triggeredEvent = "push"
 	}, http.StatusOK)
 	defer provider.Close()
 
@@ -339,36 +452,232 @@ func Test_WebhookIssue(t *testing.T) {
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
+		// only for dev branch
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "push", "new_branch")
+
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+		gitRepo, err := gitrepo.OpenRepository(t.Context(), repo1)
+		assert.NoError(t, err)
+		defer gitRepo.Close()
+
+		beforeCommitID, err := gitRepo.GetBranchCommitID("master")
+		assert.NoError(t, err)
+
+		// 2. trigger the webhook
+		testCreateFile(t, session, "user2", "repo1", "master", "new_branch", "test_webhook_push.md", "# a new push from new branch")
+
+		afterCommitID, err := gitRepo.GetBranchCommitID("new_branch")
+		assert.NoError(t, err)
+		emptyCommitID := git.Sha1ObjectFormat.EmptyObjectID().String()
+
+		// 4. validate the webhook is triggered
+		assert.Equal(t, "push", triggeredEvent)
+		assert.Len(t, payloads, 1)
+		assert.Equal(t, "refs/heads/new_branch", payloads[0].Ref)
+		assert.Equal(t, emptyCommitID, payloads[0].Before)
+		assert.Equal(t, afterCommitID, payloads[0].After)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "new_branch", payloads[0].Branch())
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Len(t, payloads[0].Commits, 1)
+		assert.Equal(t, afterCommitID, payloads[0].Commits[0].ID)
+		assert.Equal(t, setting.AppURL+"user2/repo1/compare/"+beforeCommitID+"..."+afterCommitID, payloads[0].CompareURL)
+		assert.Equal(t, []string{"test_webhook_push.md"}, payloads[0].Commits[0].Added)
+		assert.Empty(t, payloads[0].Commits[0].Removed)
+	})
+}
+
+func Test_WebhookIssue(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.IssuePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.IssuePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "issues"
+		}, http.StatusOK)
+		defer provider.Close()
+
+		// 1. create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+
 		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "issues")
 
 		// 2. trigger the webhook
 		testNewIssue(t, session, "user2", "repo1", "Title1", "Description1")
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "issues", triggeredEvent)
+		assert.Equal(t, "issues", triggeredEvent)
 		assert.Len(t, payloads, 1)
 		assert.EqualValues(t, "opened", payloads[0].Action)
-		assert.EqualValues(t, "repo1", payloads[0].Issue.Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
-		assert.EqualValues(t, "Title1", payloads[0].Issue.Title)
-		assert.EqualValues(t, "Description1", payloads[0].Issue.Body)
+		assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+		assert.Equal(t, "Title1", payloads[0].Issue.Title)
+		assert.Equal(t, "Description1", payloads[0].Issue.Body)
+		assert.Positive(t, payloads[0].Issue.Created.Unix())
+		assert.Positive(t, payloads[0].Issue.Updated.Unix())
 	})
 }
 
-func Test_WebhookPullRequest(t *testing.T) {
-	var payloads []api.PullRequestPayload
+func Test_WebhookIssueDelete(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.IssuePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.IssuePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "issue"
+		}, http.StatusOK)
+		defer provider.Close()
+
+		// 1. create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "issues")
+		issueURL := testNewIssue(t, session, "user2", "repo1", "Title1", "Description1")
+
+		// 2. trigger the webhook
+		testIssueDelete(t, session, issueURL)
+
+		// 3. validate the webhook is triggered
+		assert.Equal(t, "issue", triggeredEvent)
+		require.Len(t, payloads, 2)
+		assert.EqualValues(t, "deleted", payloads[1].Action)
+		assert.Equal(t, "repo1", payloads[1].Issue.Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[1].Issue.Repo.FullName)
+		assert.Equal(t, "Title1", payloads[1].Issue.Title)
+		assert.Equal(t, "Description1", payloads[1].Issue.Body)
+	})
+}
+
+func Test_WebhookIssueAssign(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.PullRequestPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.PullRequestPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "pull_request_assign"
+		}, http.StatusOK)
+		defer provider.Close()
+
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+
+		// 1. create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "pull_request_assign")
+
+		// 2. trigger the webhook, issue 2 is a pull request
+		testIssueAssign(t, session, repo1.Link(), 2, user2.ID)
+
+		// 3. validate the webhook is triggered
+		assert.Equal(t, "pull_request_assign", triggeredEvent)
+		assert.Len(t, payloads, 1)
+		assert.EqualValues(t, "assigned", payloads[0].Action)
+		assert.Equal(t, "repo1", payloads[0].PullRequest.Base.Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].PullRequest.Base.Repository.FullName)
+		assert.Equal(t, "issue2", payloads[0].PullRequest.Title)
+		assert.Equal(t, "content for the second issue", payloads[0].PullRequest.Body)
+		assert.Equal(t, user2.ID, payloads[0].PullRequest.Assignee.ID)
+	})
+}
+
+func Test_WebhookIssueMilestone(t *testing.T) {
+	var payloads []api.IssuePayload
 	var triggeredEvent string
 	provider := newMockWebhookProvider(func(r *http.Request) {
 		content, _ := io.ReadAll(r.Body)
-		var payload api.PullRequestPayload
+		var payload api.IssuePayload
 		err := json.Unmarshal(content, &payload)
 		assert.NoError(t, err)
 		payloads = append(payloads, payload)
-		triggeredEvent = "pull_request"
+		triggeredEvent = "issues"
 	}, http.StatusOK)
 	defer provider.Close()
 
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		// create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "issue_milestone")
+
+		t.Run("assign a milestone", func(t *testing.T) {
+			// trigger the webhook
+			testIssueChangeMilestone(t, session, repo1.Link(), 1, 1)
+
+			// validate the webhook is triggered
+			assert.Equal(t, "issues", triggeredEvent)
+			assert.Len(t, payloads, 1)
+			assert.Equal(t, "milestoned", string(payloads[0].Action))
+			assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+			assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+			assert.Equal(t, "issue1", payloads[0].Issue.Title)
+			assert.Equal(t, "content for the first issue", payloads[0].Issue.Body)
+			assert.EqualValues(t, 1, payloads[0].Issue.Milestone.ID)
+		})
+
+		t.Run("change a milestong", func(t *testing.T) {
+			// trigger the webhook again
+			triggeredEvent = ""
+			payloads = make([]api.IssuePayload, 0, 1)
+			// change milestone to 2
+			testIssueChangeMilestone(t, session, repo1.Link(), 1, 2)
+
+			// validate the webhook is triggered
+			assert.Equal(t, "issues", triggeredEvent)
+			assert.Len(t, payloads, 1)
+			assert.Equal(t, "milestoned", string(payloads[0].Action))
+			assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+			assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+			assert.Equal(t, "issue1", payloads[0].Issue.Title)
+			assert.Equal(t, "content for the first issue", payloads[0].Issue.Body)
+			assert.EqualValues(t, 2, payloads[0].Issue.Milestone.ID)
+		})
+
+		t.Run("remove a milestone", func(t *testing.T) {
+			// trigger the webhook again
+			triggeredEvent = ""
+			payloads = make([]api.IssuePayload, 0, 1)
+			// change milestone to 0
+			testIssueChangeMilestone(t, session, repo1.Link(), 1, 0)
+
+			// validate the webhook is triggered
+			assert.Equal(t, "issues", triggeredEvent)
+			assert.Len(t, payloads, 1)
+			assert.Equal(t, "demilestoned", string(payloads[0].Action))
+			assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+			assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+			assert.Equal(t, "issue1", payloads[0].Issue.Title)
+			assert.Equal(t, "content for the first issue", payloads[0].Issue.Body)
+			assert.Nil(t, payloads[0].Issue.Milestone)
+		})
+	})
+}
+
+func Test_WebhookPullRequest(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.PullRequestPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.PullRequestPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "pull_request"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -380,32 +689,70 @@ func Test_WebhookPullRequest(t *testing.T) {
 		testCreatePullToDefaultBranch(t, session, repo1, repo1, "master2", "first pull request")
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "pull_request", triggeredEvent)
+		assert.Equal(t, "pull_request", triggeredEvent)
 		require.Len(t, payloads, 1)
-		assert.EqualValues(t, "repo1", payloads[0].PullRequest.Base.Repository.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].PullRequest.Base.Repository.FullName)
-		assert.EqualValues(t, "repo1", payloads[0].PullRequest.Head.Repository.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].PullRequest.Head.Repository.FullName)
-		assert.EqualValues(t, 0, *payloads[0].PullRequest.Additions)
-		assert.EqualValues(t, 0, *payloads[0].PullRequest.ChangedFiles)
-		assert.EqualValues(t, 0, *payloads[0].PullRequest.Deletions)
+		assert.Equal(t, "repo1", payloads[0].PullRequest.Base.Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].PullRequest.Base.Repository.FullName)
+		assert.Equal(t, "repo1", payloads[0].PullRequest.Head.Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].PullRequest.Head.Repository.FullName)
+		assert.Equal(t, 0, *payloads[0].PullRequest.Additions)
+		assert.Equal(t, 0, *payloads[0].PullRequest.ChangedFiles)
+		assert.Equal(t, 0, *payloads[0].PullRequest.Deletions)
 	})
 }
 
-func Test_WebhookPullRequestComment(t *testing.T) {
-	var payloads []api.IssueCommentPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.IssueCommentPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "pull_request_comment"
-	}, http.StatusOK)
-	defer provider.Close()
+func Test_WebhookPullRequestDelete(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.PullRequestPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.PullRequestPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "pull_request"
+		}, http.StatusOK)
+		defer provider.Close()
+
+		// 1. create a new webhook with special webhook for repo1
+		session := loginUser(t, "user2")
+		testAPICreateWebhookForRepo(t, session, "user2", "repo1", provider.URL(), "pull_request")
+
+		testAPICreateBranch(t, session, "user2", "repo1", "master", "master2", http.StatusCreated)
 
+		repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+		issueURL := testCreatePullToDefaultBranch(t, session, repo1, repo1, "master2", "first pull request")
+
+		// 2. trigger the webhook
+		testIssueDelete(t, session, path.Join(repo1.Link(), "pulls", issueURL))
+
+		// 3. validate the webhook is triggered
+		assert.Equal(t, "pull_request", triggeredEvent)
+		require.Len(t, payloads, 2)
+		assert.EqualValues(t, "deleted", payloads[1].Action)
+		assert.Equal(t, "repo1", payloads[1].PullRequest.Base.Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[1].PullRequest.Base.Repository.FullName)
+		assert.Equal(t, 0, *payloads[1].PullRequest.Additions)
+		assert.Equal(t, 0, *payloads[1].PullRequest.ChangedFiles)
+		assert.Equal(t, 0, *payloads[1].PullRequest.Deletions)
+	})
+}
+
+func Test_WebhookPullRequestComment(t *testing.T) {
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.IssueCommentPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.IssueCommentPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "pull_request_comment"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -419,31 +766,31 @@ func Test_WebhookPullRequestComment(t *testing.T) {
 		testIssueAddComment(t, session, "/user2/repo1/pulls/"+prID, "pull title2 comment1", "")
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "pull_request_comment", triggeredEvent)
+		assert.Equal(t, "pull_request_comment", triggeredEvent)
 		assert.Len(t, payloads, 1)
 		assert.EqualValues(t, "created", payloads[0].Action)
-		assert.EqualValues(t, "repo1", payloads[0].Issue.Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
-		assert.EqualValues(t, "first pull request", payloads[0].Issue.Title)
-		assert.EqualValues(t, "", payloads[0].Issue.Body)
-		assert.EqualValues(t, "pull title2 comment1", payloads[0].Comment.Body)
+		assert.Equal(t, "repo1", payloads[0].Issue.Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Issue.Repo.FullName)
+		assert.Equal(t, "first pull request", payloads[0].Issue.Title)
+		assert.Empty(t, payloads[0].Issue.Body)
+		assert.Equal(t, "pull title2 comment1", payloads[0].Comment.Body)
 	})
 }
 
 func Test_WebhookWiki(t *testing.T) {
-	var payloads []api.WikiPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.WikiPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "wiki"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.WikiPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.WikiPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "wiki"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -453,29 +800,29 @@ func Test_WebhookWiki(t *testing.T) {
 		testAPICreateWikiPage(t, session, "user2", "repo1", "Test Wiki Page", http.StatusCreated)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "wiki", triggeredEvent)
+		assert.Equal(t, "wiki", triggeredEvent)
 		assert.Len(t, payloads, 1)
 		assert.EqualValues(t, "created", payloads[0].Action)
-		assert.EqualValues(t, "repo1", payloads[0].Repository.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repository.FullName)
-		assert.EqualValues(t, "Test-Wiki-Page", payloads[0].Page)
+		assert.Equal(t, "repo1", payloads[0].Repository.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repository.FullName)
+		assert.Equal(t, "Test-Wiki-Page", payloads[0].Page)
 	})
 }
 
 func Test_WebhookRepository(t *testing.T) {
-	var payloads []api.RepositoryPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.RepositoryPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "repository"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.RepositoryPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.RepositoryPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "repository"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user1")
 
@@ -485,29 +832,29 @@ func Test_WebhookRepository(t *testing.T) {
 		testAPIOrgCreateRepo(t, session, "org3", "repo_new", http.StatusCreated)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "repository", triggeredEvent)
+		assert.Equal(t, "repository", triggeredEvent)
 		assert.Len(t, payloads, 1)
 		assert.EqualValues(t, "created", payloads[0].Action)
-		assert.EqualValues(t, "org3", payloads[0].Organization.UserName)
-		assert.EqualValues(t, "repo_new", payloads[0].Repository.Name)
-		assert.EqualValues(t, "org3/repo_new", payloads[0].Repository.FullName)
+		assert.Equal(t, "org3", payloads[0].Organization.UserName)
+		assert.Equal(t, "repo_new", payloads[0].Repository.Name)
+		assert.Equal(t, "org3/repo_new", payloads[0].Repository.FullName)
 	})
 }
 
 func Test_WebhookPackage(t *testing.T) {
-	var payloads []api.PackagePayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		content, _ := io.ReadAll(r.Body)
-		var payload api.PackagePayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "package"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.PackagePayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			content, _ := io.ReadAll(r.Body)
+			var payload api.PackagePayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "package"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user1")
 
@@ -521,35 +868,35 @@ func Test_WebhookPackage(t *testing.T) {
 		MakeRequest(t, req, http.StatusCreated)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "package", triggeredEvent)
+		assert.Equal(t, "package", triggeredEvent)
 		assert.Len(t, payloads, 1)
 		assert.EqualValues(t, "created", payloads[0].Action)
-		assert.EqualValues(t, "gitea", payloads[0].Package.Name)
-		assert.EqualValues(t, "generic", payloads[0].Package.Type)
-		assert.EqualValues(t, "org3", payloads[0].Organization.UserName)
-		assert.EqualValues(t, "v1.24.0", payloads[0].Package.Version)
+		assert.Equal(t, "gitea", payloads[0].Package.Name)
+		assert.Equal(t, "generic", payloads[0].Package.Type)
+		assert.Equal(t, "org3", payloads[0].Organization.UserName)
+		assert.Equal(t, "v1.24.0", payloads[0].Package.Version)
 	})
 }
 
 func Test_WebhookStatus(t *testing.T) {
-	var payloads []api.CommitStatusPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		assert.Contains(t, r.Header["X-Github-Event-Type"], "status", "X-GitHub-Event-Type should contain status")
-		assert.Contains(t, r.Header["X-Github-Hook-Installation-Target-Type"], "repository", "X-GitHub-Hook-Installation-Target-Type should contain repository")
-		assert.Contains(t, r.Header["X-Gitea-Event-Type"], "status", "X-Gitea-Event-Type should contain status")
-		assert.Contains(t, r.Header["X-Gitea-Hook-Installation-Target-Type"], "repository", "X-Gitea-Hook-Installation-Target-Type should contain repository")
-		assert.Contains(t, r.Header["X-Gogs-Event-Type"], "status", "X-Gogs-Event-Type should contain status")
-		content, _ := io.ReadAll(r.Body)
-		var payload api.CommitStatusPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "status"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.CommitStatusPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			assert.Contains(t, r.Header["X-Github-Event-Type"], "status", "X-GitHub-Event-Type should contain status")
+			assert.Contains(t, r.Header["X-Github-Hook-Installation-Target-Type"], "repository", "X-GitHub-Hook-Installation-Target-Type should contain repository")
+			assert.Contains(t, r.Header["X-Gitea-Event-Type"], "status", "X-Gitea-Event-Type should contain status")
+			assert.Contains(t, r.Header["X-Gitea-Hook-Installation-Target-Type"], "repository", "X-Gitea-Hook-Installation-Target-Type should contain repository")
+			assert.Contains(t, r.Header["X-Gogs-Event-Type"], "status", "X-Gogs-Event-Type should contain status")
+			content, _ := io.ReadAll(r.Body)
+			var payload api.CommitStatusPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "status"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -567,34 +914,34 @@ func Test_WebhookStatus(t *testing.T) {
 
 		// update a status for a commit via API
 		doAPICreateCommitStatus(testCtx, commitID, api.CreateStatusOption{
-			State:       api.CommitStatusSuccess,
+			State:       commitstatus.CommitStatusSuccess,
 			TargetURL:   "http://test.ci/",
 			Description: "",
 			Context:     "testci",
 		})(t)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "status", triggeredEvent)
+		assert.Equal(t, "status", triggeredEvent)
 		assert.Len(t, payloads, 1)
-		assert.EqualValues(t, commitID, payloads[0].Commit.ID)
-		assert.EqualValues(t, "repo1", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repo.FullName)
-		assert.EqualValues(t, "testci", payloads[0].Context)
-		assert.EqualValues(t, commitID, payloads[0].SHA)
+		assert.Equal(t, commitID, payloads[0].Commit.ID)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+		assert.Equal(t, "testci", payloads[0].Context)
+		assert.Equal(t, commitID, payloads[0].SHA)
 	})
 }
 
 func Test_WebhookStatus_NoWrongTrigger(t *testing.T) {
-	var trigger string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		assert.NotContains(t, r.Header["X-Github-Event-Type"], "status", "X-GitHub-Event-Type should not contain status")
-		assert.NotContains(t, r.Header["X-Gitea-Event-Type"], "status", "X-Gitea-Event-Type should not contain status")
-		assert.NotContains(t, r.Header["X-Gogs-Event-Type"], "status", "X-Gogs-Event-Type should not contain status")
-		trigger = "push"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var trigger string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			assert.NotContains(t, r.Header["X-Github-Event-Type"], "status", "X-GitHub-Event-Type should not contain status")
+			assert.NotContains(t, r.Header["X-Gitea-Event-Type"], "status", "X-Gitea-Event-Type should not contain status")
+			assert.NotContains(t, r.Header["X-Gogs-Event-Type"], "status", "X-Gogs-Event-Type should not contain status")
+			trigger = "push"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		session := loginUser(t, "user2")
 
@@ -602,30 +949,30 @@ func Test_WebhookStatus_NoWrongTrigger(t *testing.T) {
 		testCreateWebhookForRepo(t, session, "gitea", "user2", "repo1", provider.URL(), "push_only")
 
 		// 2. trigger the webhook with a push action
-		testCreateFile(t, session, "user2", "repo1", "master", "test_webhook_push.md", "# a test file for webhook push")
+		testCreateFile(t, session, "user2", "repo1", "master", "", "test_webhook_push.md", "# a test file for webhook push")
 
 		// 3. validate the webhook is triggered with right event
-		assert.EqualValues(t, "push", trigger)
+		assert.Equal(t, "push", trigger)
 	})
 }
 
 func Test_WebhookWorkflowJob(t *testing.T) {
-	var payloads []api.WorkflowJobPayload
-	var triggeredEvent string
-	provider := newMockWebhookProvider(func(r *http.Request) {
-		assert.Contains(t, r.Header["X-Github-Event-Type"], "workflow_job", "X-GitHub-Event-Type should contain workflow_job")
-		assert.Contains(t, r.Header["X-Gitea-Event-Type"], "workflow_job", "X-Gitea-Event-Type should contain workflow_job")
-		assert.Contains(t, r.Header["X-Gogs-Event-Type"], "workflow_job", "X-Gogs-Event-Type should contain workflow_job")
-		content, _ := io.ReadAll(r.Body)
-		var payload api.WorkflowJobPayload
-		err := json.Unmarshal(content, &payload)
-		assert.NoError(t, err)
-		payloads = append(payloads, payload)
-		triggeredEvent = "workflow_job"
-	}, http.StatusOK)
-	defer provider.Close()
-
 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+		var payloads []api.WorkflowJobPayload
+		var triggeredEvent string
+		provider := newMockWebhookProvider(func(r *http.Request) {
+			assert.Contains(t, r.Header["X-Github-Event-Type"], "workflow_job", "X-GitHub-Event-Type should contain workflow_job")
+			assert.Contains(t, r.Header["X-Gitea-Event-Type"], "workflow_job", "X-Gitea-Event-Type should contain workflow_job")
+			assert.Contains(t, r.Header["X-Gogs-Event-Type"], "workflow_job", "X-Gogs-Event-Type should contain workflow_job")
+			content, _ := io.ReadAll(r.Body)
+			var payload api.WorkflowJobPayload
+			err := json.Unmarshal(content, &payload)
+			assert.NoError(t, err)
+			payloads = append(payloads, payload)
+			triggeredEvent = "workflow_job"
+		}, http.StatusOK)
+		defer provider.Close()
+
 		// 1. create a new webhook with special webhook for repo1
 		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 		session := loginUser(t, "user2")
@@ -660,94 +1007,289 @@ jobs:
       - run: echo 'cmd 1'
       - run: echo 'cmd 2'
 `
-		opts := getWorkflowCreateFileOptions(user2, repo1.DefaultBranch, fmt.Sprintf("create %s", wfTreePath), wfFileContent)
+		opts := getWorkflowCreateFileOptions(user2, repo1.DefaultBranch, "create "+wfTreePath, wfFileContent)
 		createWorkflowFile(t, token, "user2", "repo1", wfTreePath, opts)
 
 		commitID, err := gitRepo1.GetBranchCommitID(repo1.DefaultBranch)
 		assert.NoError(t, err)
 
 		// 3. validate the webhook is triggered
-		assert.EqualValues(t, "workflow_job", triggeredEvent)
+		assert.Equal(t, "workflow_job", triggeredEvent)
 		assert.Len(t, payloads, 2)
-		assert.EqualValues(t, "queued", payloads[0].Action)
-		assert.EqualValues(t, "queued", payloads[0].WorkflowJob.Status)
-		assert.EqualValues(t, []string{"ubuntu-latest"}, payloads[0].WorkflowJob.Labels)
-		assert.EqualValues(t, commitID, payloads[0].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[0].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[0].Repo.FullName)
-
-		assert.EqualValues(t, "waiting", payloads[1].Action)
-		assert.EqualValues(t, "waiting", payloads[1].WorkflowJob.Status)
-		assert.EqualValues(t, commitID, payloads[1].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[1].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[1].Repo.FullName)
+		assert.Equal(t, "queued", payloads[0].Action)
+		assert.Equal(t, "queued", payloads[0].WorkflowJob.Status)
+		assert.Equal(t, []string{"ubuntu-latest"}, payloads[0].WorkflowJob.Labels)
+		assert.Equal(t, commitID, payloads[0].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[0].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[0].Repo.FullName)
+
+		assert.Equal(t, "waiting", payloads[1].Action)
+		assert.Equal(t, "waiting", payloads[1].WorkflowJob.Status)
+		assert.Equal(t, commitID, payloads[1].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[1].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[1].Repo.FullName)
 
 		// 4. Execute a single Job
 		task := runner.fetchTask(t)
 		outcome := &mockTaskOutcome{
-			result:   runnerv1.Result_RESULT_SUCCESS,
-			execTime: time.Millisecond,
+			result: runnerv1.Result_RESULT_SUCCESS,
 		}
 		runner.execTask(t, task, outcome)
 
 		// 5. validate the webhook is triggered
-		assert.EqualValues(t, "workflow_job", triggeredEvent)
+		assert.Equal(t, "workflow_job", triggeredEvent)
 		assert.Len(t, payloads, 5)
-		assert.EqualValues(t, "in_progress", payloads[2].Action)
-		assert.EqualValues(t, "in_progress", payloads[2].WorkflowJob.Status)
-		assert.EqualValues(t, "mock-runner", payloads[2].WorkflowJob.RunnerName)
-		assert.EqualValues(t, commitID, payloads[2].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[2].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[2].Repo.FullName)
-
-		assert.EqualValues(t, "completed", payloads[3].Action)
-		assert.EqualValues(t, "completed", payloads[3].WorkflowJob.Status)
-		assert.EqualValues(t, "mock-runner", payloads[3].WorkflowJob.RunnerName)
-		assert.EqualValues(t, "success", payloads[3].WorkflowJob.Conclusion)
-		assert.EqualValues(t, commitID, payloads[3].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[3].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[3].Repo.FullName)
-		assert.Contains(t, payloads[3].WorkflowJob.URL, fmt.Sprintf("/actions/runs/%d/jobs/%d", payloads[3].WorkflowJob.RunID, payloads[3].WorkflowJob.ID))
-		assert.Contains(t, payloads[3].WorkflowJob.URL, payloads[3].WorkflowJob.RunURL)
+		assert.Equal(t, "in_progress", payloads[2].Action)
+		assert.Equal(t, "in_progress", payloads[2].WorkflowJob.Status)
+		assert.Equal(t, "mock-runner", payloads[2].WorkflowJob.RunnerName)
+		assert.Equal(t, commitID, payloads[2].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[2].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[2].Repo.FullName)
+
+		assert.Equal(t, "completed", payloads[3].Action)
+		assert.Equal(t, "completed", payloads[3].WorkflowJob.Status)
+		assert.Equal(t, "mock-runner", payloads[3].WorkflowJob.RunnerName)
+		assert.Equal(t, "success", payloads[3].WorkflowJob.Conclusion)
+		assert.Equal(t, commitID, payloads[3].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[3].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[3].Repo.FullName)
+		assert.Contains(t, payloads[3].WorkflowJob.URL, fmt.Sprintf("/actions/jobs/%d", payloads[3].WorkflowJob.ID))
 		assert.Contains(t, payloads[3].WorkflowJob.HTMLURL, fmt.Sprintf("/jobs/%d", 0))
 		assert.Len(t, payloads[3].WorkflowJob.Steps, 1)
 
-		assert.EqualValues(t, "queued", payloads[4].Action)
-		assert.EqualValues(t, "queued", payloads[4].WorkflowJob.Status)
-		assert.EqualValues(t, []string{"ubuntu-latest"}, payloads[4].WorkflowJob.Labels)
-		assert.EqualValues(t, commitID, payloads[4].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[4].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[4].Repo.FullName)
+		assert.Equal(t, "queued", payloads[4].Action)
+		assert.Equal(t, "queued", payloads[4].WorkflowJob.Status)
+		assert.Equal(t, []string{"ubuntu-latest"}, payloads[4].WorkflowJob.Labels)
+		assert.Equal(t, commitID, payloads[4].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[4].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[4].Repo.FullName)
 
 		// 6. Execute a single Job
 		task = runner.fetchTask(t)
 		outcome = &mockTaskOutcome{
-			result:   runnerv1.Result_RESULT_FAILURE,
-			execTime: time.Millisecond,
+			result: runnerv1.Result_RESULT_FAILURE,
 		}
 		runner.execTask(t, task, outcome)
 
 		// 7. validate the webhook is triggered
-		assert.EqualValues(t, "workflow_job", triggeredEvent)
+		assert.Equal(t, "workflow_job", triggeredEvent)
 		assert.Len(t, payloads, 7)
-		assert.EqualValues(t, "in_progress", payloads[5].Action)
-		assert.EqualValues(t, "in_progress", payloads[5].WorkflowJob.Status)
-		assert.EqualValues(t, "mock-runner", payloads[5].WorkflowJob.RunnerName)
-
-		assert.EqualValues(t, commitID, payloads[5].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[5].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[5].Repo.FullName)
-
-		assert.EqualValues(t, "completed", payloads[6].Action)
-		assert.EqualValues(t, "completed", payloads[6].WorkflowJob.Status)
-		assert.EqualValues(t, "failure", payloads[6].WorkflowJob.Conclusion)
-		assert.EqualValues(t, "mock-runner", payloads[6].WorkflowJob.RunnerName)
-		assert.EqualValues(t, commitID, payloads[6].WorkflowJob.HeadSha)
-		assert.EqualValues(t, "repo1", payloads[6].Repo.Name)
-		assert.EqualValues(t, "user2/repo1", payloads[6].Repo.FullName)
-		assert.Contains(t, payloads[6].WorkflowJob.URL, fmt.Sprintf("/actions/runs/%d/jobs/%d", payloads[6].WorkflowJob.RunID, payloads[6].WorkflowJob.ID))
-		assert.Contains(t, payloads[6].WorkflowJob.URL, payloads[6].WorkflowJob.RunURL)
+		assert.Equal(t, "in_progress", payloads[5].Action)
+		assert.Equal(t, "in_progress", payloads[5].WorkflowJob.Status)
+		assert.Equal(t, "mock-runner", payloads[5].WorkflowJob.RunnerName)
+
+		assert.Equal(t, commitID, payloads[5].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[5].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[5].Repo.FullName)
+
+		assert.Equal(t, "completed", payloads[6].Action)
+		assert.Equal(t, "completed", payloads[6].WorkflowJob.Status)
+		assert.Equal(t, "failure", payloads[6].WorkflowJob.Conclusion)
+		assert.Equal(t, "mock-runner", payloads[6].WorkflowJob.RunnerName)
+		assert.Equal(t, commitID, payloads[6].WorkflowJob.HeadSha)
+		assert.Equal(t, "repo1", payloads[6].Repo.Name)
+		assert.Equal(t, "user2/repo1", payloads[6].Repo.FullName)
+		assert.Contains(t, payloads[6].WorkflowJob.URL, fmt.Sprintf("/actions/jobs/%d", payloads[6].WorkflowJob.ID))
 		assert.Contains(t, payloads[6].WorkflowJob.HTMLURL, fmt.Sprintf("/jobs/%d", 1))
 		assert.Len(t, payloads[6].WorkflowJob.Steps, 2)
 	})
 }
+
+type workflowRunWebhook struct {
+	URL            string
+	payloads       []api.WorkflowRunPayload
+	triggeredEvent string
+}
+
+func Test_WebhookWorkflowRun(t *testing.T) {
+	webhookData := &workflowRunWebhook{}
+	provider := newMockWebhookProvider(func(r *http.Request) {
+		assert.Contains(t, r.Header["X-Github-Event-Type"], "workflow_run", "X-GitHub-Event-Type should contain workflow_run")
+		assert.Contains(t, r.Header["X-Gitea-Event-Type"], "workflow_run", "X-Gitea-Event-Type should contain workflow_run")
+		assert.Contains(t, r.Header["X-Gogs-Event-Type"], "workflow_run", "X-Gogs-Event-Type should contain workflow_run")
+		content, _ := io.ReadAll(r.Body)
+		var payload api.WorkflowRunPayload
+		err := json.Unmarshal(content, &payload)
+		assert.NoError(t, err)
+		webhookData.payloads = append(webhookData.payloads, payload)
+		webhookData.triggeredEvent = "workflow_run"
+	}, http.StatusOK)
+	defer provider.Close()
+	webhookData.URL = provider.URL()
+
+	tests := []struct {
+		name     string
+		callback func(t *testing.T, webhookData *workflowRunWebhook)
+	}{
+		{
+			name:     "WorkflowRun",
+			callback: testWebhookWorkflowRun,
+		},
+		{
+			name:     "WorkflowRunDepthLimit",
+			callback: testWebhookWorkflowRunDepthLimit,
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			webhookData.payloads = nil
+			webhookData.triggeredEvent = ""
+			onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {
+				test.callback(t, webhookData)
+			})
+		})
+	}
+}
+
+func testWebhookWorkflowRun(t *testing.T, webhookData *workflowRunWebhook) {
+	// 1. create a new webhook with special webhook for repo1
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	session := loginUser(t, "user2")
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+
+	testAPICreateWebhookForRepo(t, session, "user2", "repo1", webhookData.URL, "workflow_run")
+
+	repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+
+	gitRepo1, err := gitrepo.OpenRepository(t.Context(), repo1)
+	assert.NoError(t, err)
+
+	runner := newMockRunner()
+	runner.registerAsRepoRunner(t, "user2", "repo1", "mock-runner", []string{"ubuntu-latest"}, false)
+
+	// 2.1 add workflow_run workflow file to the repo
+
+	opts := getWorkflowCreateFileOptions(user2, repo1.DefaultBranch, "create "+"dispatch.yml", `
+on:
+  workflow_run:
+    workflows: ["Push"]
+    types:
+    - completed
+jobs:
+  dispatch:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo 'test the webhook'
+`)
+	createWorkflowFile(t, token, "user2", "repo1", ".gitea/workflows/dispatch.yml", opts)
+
+	// 2.2 trigger the webhooks
+
+	// add workflow file to the repo
+	// init the workflow
+	wfTreePath := ".gitea/workflows/push.yml"
+	wfFileContent := `name: Push
+on: push
+jobs:
+  wf1-job:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo 'test the webhook'
+  wf2-job:
+    runs-on: ubuntu-latest
+    needs: wf1-job
+    steps:
+      - run: echo 'cmd 1'
+      - run: echo 'cmd 2'
+`
+	opts = getWorkflowCreateFileOptions(user2, repo1.DefaultBranch, "create "+wfTreePath, wfFileContent)
+	createWorkflowFile(t, token, "user2", "repo1", wfTreePath, opts)
+
+	commitID, err := gitRepo1.GetBranchCommitID(repo1.DefaultBranch)
+	assert.NoError(t, err)
+
+	// 3. validate the webhook is triggered
+	assert.Equal(t, "workflow_run", webhookData.triggeredEvent)
+	assert.Len(t, webhookData.payloads, 1)
+	assert.Equal(t, "requested", webhookData.payloads[0].Action)
+	assert.Equal(t, "queued", webhookData.payloads[0].WorkflowRun.Status)
+	assert.Equal(t, repo1.DefaultBranch, webhookData.payloads[0].WorkflowRun.HeadBranch)
+	assert.Equal(t, commitID, webhookData.payloads[0].WorkflowRun.HeadSha)
+	assert.Equal(t, "repo1", webhookData.payloads[0].Repo.Name)
+	assert.Equal(t, "user2/repo1", webhookData.payloads[0].Repo.FullName)
+
+	// 4. Execute two Jobs
+	task := runner.fetchTask(t)
+	outcome := &mockTaskOutcome{
+		result: runnerv1.Result_RESULT_SUCCESS,
+	}
+	runner.execTask(t, task, outcome)
+
+	task = runner.fetchTask(t)
+	outcome = &mockTaskOutcome{
+		result: runnerv1.Result_RESULT_FAILURE,
+	}
+	runner.execTask(t, task, outcome)
+
+	// 7. validate the webhook is triggered
+	assert.Equal(t, "workflow_run", webhookData.triggeredEvent)
+	assert.Len(t, webhookData.payloads, 3)
+	assert.Equal(t, "completed", webhookData.payloads[1].Action)
+	assert.Equal(t, "push", webhookData.payloads[1].WorkflowRun.Event)
+
+	// 3. validate the webhook is triggered
+	assert.Equal(t, "workflow_run", webhookData.triggeredEvent)
+	assert.Len(t, webhookData.payloads, 3)
+	assert.Equal(t, "requested", webhookData.payloads[2].Action)
+	assert.Equal(t, "queued", webhookData.payloads[2].WorkflowRun.Status)
+	assert.Equal(t, "workflow_run", webhookData.payloads[2].WorkflowRun.Event)
+	assert.Equal(t, repo1.DefaultBranch, webhookData.payloads[2].WorkflowRun.HeadBranch)
+	assert.Equal(t, commitID, webhookData.payloads[2].WorkflowRun.HeadSha)
+	assert.Equal(t, "repo1", webhookData.payloads[2].Repo.Name)
+	assert.Equal(t, "user2/repo1", webhookData.payloads[2].Repo.FullName)
+}
+
+func testWebhookWorkflowRunDepthLimit(t *testing.T, webhookData *workflowRunWebhook) {
+	// 1. create a new webhook with special webhook for repo1
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	session := loginUser(t, "user2")
+	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+
+	testAPICreateWebhookForRepo(t, session, "user2", "repo1", webhookData.URL, "workflow_run")
+
+	repo1 := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 1})
+
+	gitRepo1, err := gitrepo.OpenRepository(t.Context(), repo1)
+	assert.NoError(t, err)
+
+	// 2. trigger the webhooks
+
+	// add workflow file to the repo
+	// init the workflow
+	wfTreePath := ".gitea/workflows/push.yml"
+	wfFileContent := `name: Endless Loop
+on:
+  push:
+  workflow_run:
+    types:
+    - requested
+jobs:
+  dispatch:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo 'test the webhook'
+`
+	opts := getWorkflowCreateFileOptions(user2, repo1.DefaultBranch, "create "+wfTreePath, wfFileContent)
+	createWorkflowFile(t, token, "user2", "repo1", wfTreePath, opts)
+
+	commitID, err := gitRepo1.GetBranchCommitID(repo1.DefaultBranch)
+	assert.NoError(t, err)
+
+	// 3. validate the webhook is triggered
+	assert.Equal(t, "workflow_run", webhookData.triggeredEvent)
+	// 1x push + 5x workflow_run requested chain
+	assert.Len(t, webhookData.payloads, 6)
+	for i := range 6 {
+		assert.Equal(t, "requested", webhookData.payloads[i].Action)
+		assert.Equal(t, "queued", webhookData.payloads[i].WorkflowRun.Status)
+		assert.Equal(t, repo1.DefaultBranch, webhookData.payloads[i].WorkflowRun.HeadBranch)
+		assert.Equal(t, commitID, webhookData.payloads[i].WorkflowRun.HeadSha)
+		if i == 0 {
+			assert.Equal(t, "push", webhookData.payloads[i].WorkflowRun.Event)
+		} else {
+			assert.Equal(t, "workflow_run", webhookData.payloads[i].WorkflowRun.Event)
+		}
+		assert.Equal(t, "repo1", webhookData.payloads[i].Repo.Name)
+		assert.Equal(t, "user2/repo1", webhookData.payloads[i].Repo.FullName)
+	}
+}
diff --git a/tests/integration/repofiles_change_test.go b/tests/integration/repofiles_change_test.go
index ef520a2e51..dc389f5680 100644
--- a/tests/integration/repofiles_change_test.go
+++ b/tests/integration/repofiles_change_test.go
@@ -4,8 +4,9 @@
 package integration
 
 import (
+	"fmt"
 	"net/url"
-	"path/filepath"
+	"path"
 	"strings"
 	"testing"
 	"time"
@@ -16,6 +17,7 @@ import (
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/contexttest"
 	files_service "code.gitea.io/gitea/services/repository/files"
 
@@ -57,6 +59,40 @@ func getUpdateRepoFilesOptions(repo *repo_model.Repository) *files_service.Chang
 	}
 }
 
+func getUpdateRepoFilesRenameOptions(repo *repo_model.Repository) *files_service.ChangeRepoFilesOptions {
+	return &files_service.ChangeRepoFilesOptions{
+		Files: []*files_service.ChangeRepoFile{
+			// move normally
+			{
+				Operation:    "rename",
+				FromTreePath: "README.md",
+				TreePath:     "README.txt",
+			},
+			// move from in lfs
+			{
+				Operation:    "rename",
+				FromTreePath: "crypt.bin",
+				TreePath:     "crypt1.bin",
+			},
+			// move from lfs to normal
+			{
+				Operation:    "rename",
+				FromTreePath: "jpeg.jpg",
+				TreePath:     "jpeg.jpeg",
+			},
+			// move from normal to lfs
+			{
+				Operation:    "rename",
+				FromTreePath: "CONTRIBUTING.md",
+				TreePath:     "CONTRIBUTING.md.bin",
+			},
+		},
+		OldBranch: repo.DefaultBranch,
+		NewBranch: repo.DefaultBranch,
+		Message:   "Rename files",
+	}
+}
+
 func getDeleteRepoFilesOptions(repo *repo_model.Repository) *files_service.ChangeRepoFilesOptions {
 	return &files_service.ChangeRepoFilesOptions{
 		Files: []*files_service.ChangeRepoFile{
@@ -78,7 +114,7 @@ func getDeleteRepoFilesOptions(repo *repo_model.Repository) *files_service.Chang
 	}
 }
 
-func getExpectedFileResponseForRepofilesDelete() *api.FileResponse {
+func getExpectedFileResponseForRepoFilesDelete() *api.FileResponse {
 	// Just returns fields that don't change, i.e. fields with commit SHAs and dates can't be determined
 	return &api.FileResponse{
 		Content: nil,
@@ -106,7 +142,7 @@ func getExpectedFileResponseForRepofilesDelete() *api.FileResponse {
 	}
 }
 
-func getExpectedFileResponseForRepofilesCreate(commitID, lastCommitSHA string) *api.FileResponse {
+func getExpectedFileResponseForRepoFilesCreate(commitID string, lastCommit *git.Commit) *api.FileResponse {
 	treePath := "new/file.txt"
 	encoding := "base64"
 	content := "VGhpcyBpcyBhIE5FVyBmaWxl"
@@ -116,18 +152,20 @@ func getExpectedFileResponseForRepofilesCreate(commitID, lastCommitSHA string) *
 	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
 	return &api.FileResponse{
 		Content: &api.ContentsResponse{
-			Name:          filepath.Base(treePath),
-			Path:          treePath,
-			SHA:           "103ff9234cefeee5ec5361d22b49fbb04d385885",
-			LastCommitSHA: lastCommitSHA,
-			Type:          "file",
-			Size:          18,
-			Encoding:      &encoding,
-			Content:       &content,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
+			Name:              path.Base(treePath),
+			Path:              treePath,
+			SHA:               "103ff9234cefeee5ec5361d22b49fbb04d385885",
+			LastCommitSHA:     util.ToPointer(lastCommit.ID.String()),
+			LastCommitterDate: util.ToPointer(lastCommit.Committer.When),
+			LastAuthorDate:    util.ToPointer(lastCommit.Author.When),
+			Type:              "file",
+			Size:              18,
+			Encoding:          &encoding,
+			Content:           &content,
+			URL:               &selfURL,
+			HTMLURL:           &htmlURL,
+			GitURL:            &gitURL,
+			DownloadURL:       &downloadURL,
 			Links: &api.FileLinksResponse{
 				Self:    &selfURL,
 				GitURL:  &gitURL,
@@ -160,7 +198,7 @@ func getExpectedFileResponseForRepofilesCreate(commitID, lastCommitSHA string) *
 					SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
 				},
 			},
-			Message: "Updates README.md\n",
+			Message: "Creates new/file.txt\n",
 			Tree: &api.CommitMeta{
 				URL: setting.AppURL + "api/v1/repos/user2/repo1/git/trees/f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
 				SHA: "f93e3a1a1525fb5b91020git dda86e44810c87a2d7bc",
@@ -175,7 +213,7 @@ func getExpectedFileResponseForRepofilesCreate(commitID, lastCommitSHA string) *
 	}
 }
 
-func getExpectedFileResponseForRepofilesUpdate(commitID, filename, lastCommitSHA string) *api.FileResponse {
+func getExpectedFileResponseForRepoFilesUpdate(commitID, filename, lastCommitSHA string, lastCommitterWhen, lastAuthorWhen time.Time) *api.FileResponse {
 	encoding := "base64"
 	content := "VGhpcyBpcyBVUERBVEVEIGNvbnRlbnQgZm9yIHRoZSBSRUFETUUgZmlsZQ=="
 	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + filename + "?ref=master"
@@ -184,18 +222,20 @@ func getExpectedFileResponseForRepofilesUpdate(commitID, filename, lastCommitSHA
 	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + filename
 	return &api.FileResponse{
 		Content: &api.ContentsResponse{
-			Name:          filename,
-			Path:          filename,
-			SHA:           "dbf8d00e022e05b7e5cf7e535de857de57925647",
-			LastCommitSHA: lastCommitSHA,
-			Type:          "file",
-			Size:          43,
-			Encoding:      &encoding,
-			Content:       &content,
-			URL:           &selfURL,
-			HTMLURL:       &htmlURL,
-			GitURL:        &gitURL,
-			DownloadURL:   &downloadURL,
+			Name:              filename,
+			Path:              filename,
+			SHA:               "dbf8d00e022e05b7e5cf7e535de857de57925647",
+			LastCommitSHA:     util.ToPointer(lastCommitSHA),
+			LastCommitterDate: util.ToPointer(lastCommitterWhen),
+			LastAuthorDate:    util.ToPointer(lastAuthorWhen),
+			Type:              "file",
+			Size:              43,
+			Encoding:          &encoding,
+			Content:           &content,
+			URL:               &selfURL,
+			HTMLURL:           &htmlURL,
+			GitURL:            &gitURL,
+			DownloadURL:       &downloadURL,
 			Links: &api.FileLinksResponse{
 				Self:    &selfURL,
 				GitURL:  &gitURL,
@@ -243,6 +283,114 @@ func getExpectedFileResponseForRepofilesUpdate(commitID, filename, lastCommitSHA
 	}
 }
 
+func getExpectedFileResponseForRepoFilesUpdateRename(commitID, lastCommitSHA string) *api.FilesResponse {
+	details := []struct {
+		filename, sha, content string
+		size                   int64
+		lfsOid                 *string
+		lfsSize                *int64
+	}{
+		{
+			filename: "README.txt",
+			sha:      "8276d2a29779af982c0afa976bdb793b52d442a8",
+			size:     22,
+			content:  "IyBBbiBMRlMtZW5hYmxlZCByZXBvCg==",
+		},
+		{
+			filename: "crypt1.bin",
+			sha:      "d4a41a0d4db4949e129bd22f871171ea988103ef",
+			size:     129,
+			content:  "dmVyc2lvbiBodHRwczovL2dpdC1sZnMuZ2l0aHViLmNvbS9zcGVjL3YxCm9pZCBzaGEyNTY6MmVjY2RiNDM4MjVkMmE0OWQ5OWQ1NDJkYWEyMDA3NWNmZjFkOTdkOWQyMzQ5YTg5NzdlZmU5YzAzNjYxNzM3YwpzaXplIDIwNDgK",
+			lfsOid:   util.ToPointer("2eccdb43825d2a49d99d542daa20075cff1d97d9d2349a8977efe9c03661737c"),
+			lfsSize:  util.ToPointer(int64(2048)),
+		},
+		{
+			filename: "jpeg.jpeg",
+			sha:      "71911bf48766c7181518c1070911019fbb00b1fc",
+			size:     107,
+			content:  "/9j/2wBDAAMCAgICAgMCAgIDAwMDBAYEBAQEBAgGBgUGCQgKCgkICQkKDA8MCgsOCwkJDRENDg8QEBEQCgwSExIQEw8QEBD/yQALCAABAAEBAREA/8wABgAQEAX/2gAIAQEAAD8A0s8g/9k=",
+		},
+		{
+			filename: "CONTRIBUTING.md.bin",
+			sha:      "2b6c6c4eaefa24b22f2092c3d54b263ff26feb58",
+			size:     127,
+			content:  "dmVyc2lvbiBodHRwczovL2dpdC1sZnMuZ2l0aHViLmNvbS9zcGVjL3YxCm9pZCBzaGEyNTY6N2I2YjJjODhkYmE5Zjc2MGExYTU4NDY5YjY3ZmVlMmI2OThlZjdlOTM5OWM0Y2E0ZjM0YTE0Y2NiZTM5ZjYyMwpzaXplIDI3Cg==",
+			lfsOid:   util.ToPointer("7b6b2c88dba9f760a1a58469b67fee2b698ef7e9399c4ca4f34a14ccbe39f623"),
+			lfsSize:  util.ToPointer(int64(27)),
+		},
+	}
+
+	var responses []*api.ContentsResponse
+	for _, detail := range details {
+		selfURL := setting.AppURL + "api/v1/repos/user2/lfs/contents/" + detail.filename + "?ref=master"
+		htmlURL := setting.AppURL + "user2/lfs/src/branch/master/" + detail.filename
+		gitURL := setting.AppURL + "api/v1/repos/user2/lfs/git/blobs/" + detail.sha
+		downloadURL := setting.AppURL + "user2/lfs/raw/branch/master/" + detail.filename
+		// don't set time related fields because there might be different time in one operation
+		responses = append(responses, &api.ContentsResponse{
+			Name:          detail.filename,
+			Path:          detail.filename,
+			SHA:           detail.sha,
+			LastCommitSHA: util.ToPointer(lastCommitSHA),
+			Type:          "file",
+			Size:          detail.size,
+			Encoding:      util.ToPointer("base64"),
+			Content:       &detail.content,
+			URL:           &selfURL,
+			HTMLURL:       &htmlURL,
+			GitURL:        &gitURL,
+			DownloadURL:   &downloadURL,
+			Links: &api.FileLinksResponse{
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
+			},
+			LfsOid:  detail.lfsOid,
+			LfsSize: detail.lfsSize,
+		})
+	}
+
+	return &api.FilesResponse{
+		Files: responses,
+		Commit: &api.FileCommitResponse{
+			CommitMeta: api.CommitMeta{
+				URL: setting.AppURL + "api/v1/repos/user2/lfs/git/commits/" + commitID,
+				SHA: commitID,
+			},
+			HTMLURL: setting.AppURL + "user2/lfs/commit/" + commitID,
+			Author: &api.CommitUser{
+				Identity: api.Identity{
+					Name:  "User Two",
+					Email: "user2@noreply.example.org",
+				},
+			},
+			Committer: &api.CommitUser{
+				Identity: api.Identity{
+					Name:  "User Two",
+					Email: "user2@noreply.example.org",
+				},
+			},
+			Parents: []*api.CommitMeta{
+				{
+					URL: setting.AppURL + "api/v1/repos/user2/lfs/git/commits/73cf03db6ece34e12bf91e8853dc58f678f2f82d",
+					SHA: "73cf03db6ece34e12bf91e8853dc58f678f2f82d",
+				},
+			},
+			Message: "Rename files\n",
+			Tree: &api.CommitMeta{
+				URL: setting.AppURL + "api/v1/repos/user2/lfs/git/trees/5307376dc3a5557dc1c403c29a8984668ca9ecb5",
+				SHA: "5307376dc3a5557dc1c403c29a8984668ca9ecb5",
+			},
+		},
+		Verification: &api.PayloadCommitVerification{
+			Verified:  false,
+			Reason:    "gpg.error.not_signed_commit",
+			Signature: "",
+			Payload:   "",
+		},
+	}
+}
+
 func TestChangeRepoFilesForCreate(t *testing.T) {
 	// setup
 	onGiteaRun(t, func(t *testing.T, u *url.URL) {
@@ -268,14 +416,14 @@ func TestChangeRepoFilesForCreate(t *testing.T) {
 
 		commitID, _ := gitRepo.GetBranchCommitID(opts.NewBranch)
 		lastCommit, _ := gitRepo.GetCommitByPath("new/file.txt")
-		expectedFileResponse := getExpectedFileResponseForRepofilesCreate(commitID, lastCommit.ID.String())
+		expectedFileResponse := getExpectedFileResponseForRepoFilesCreate(commitID, lastCommit)
 		assert.NotNil(t, expectedFileResponse)
 		if expectedFileResponse != nil {
-			assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
-			assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
-			assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
-			assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
+			assert.Equal(t, expectedFileResponse.Content, filesResponse.Files[0])
+			assert.Equal(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
+			assert.Equal(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
+			assert.Equal(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
 		}
 	})
 }
@@ -305,12 +453,12 @@ func TestChangeRepoFilesForUpdate(t *testing.T) {
 
 		commit, _ := gitRepo.GetBranchCommit(opts.NewBranch)
 		lastCommit, _ := commit.GetCommitByPath(opts.Files[0].TreePath)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
-		assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
-		assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
-		assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
+		expectedFileResponse := getExpectedFileResponseForRepoFilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String(), lastCommit.Committer.When, lastCommit.Author.When)
+		assert.Equal(t, expectedFileResponse.Content, filesResponse.Files[0])
+		assert.Equal(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
+		assert.Equal(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
 	})
 }
 
@@ -341,7 +489,7 @@ func TestChangeRepoFilesForUpdateWithFileMove(t *testing.T) {
 
 		commit, _ := gitRepo.GetBranchCommit(opts.NewBranch)
 		lastCommit, _ := commit.GetCommitByPath(opts.Files[0].TreePath)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
+		expectedFileResponse := getExpectedFileResponseForRepoFilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String(), lastCommit.Committer.When, lastCommit.Author.When)
 		// assert that the old file no longer exists in the last commit of the branch
 		fromEntry, err := commit.GetTreeEntryByPath(opts.Files[0].FromTreePath)
 		switch err.(type) {
@@ -355,12 +503,44 @@ func TestChangeRepoFilesForUpdateWithFileMove(t *testing.T) {
 		assert.Nil(t, fromEntry)  // Should no longer exist here
 		assert.NotNil(t, toEntry) // Should exist here
 		// assert SHA has remained the same but paths use the new file name
-		assert.EqualValues(t, expectedFileResponse.Content.SHA, filesResponse.Files[0].SHA)
-		assert.EqualValues(t, expectedFileResponse.Content.Name, filesResponse.Files[0].Name)
-		assert.EqualValues(t, expectedFileResponse.Content.Path, filesResponse.Files[0].Path)
-		assert.EqualValues(t, expectedFileResponse.Content.URL, filesResponse.Files[0].URL)
-		assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
-		assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
+		assert.Equal(t, expectedFileResponse.Content.SHA, filesResponse.Files[0].SHA)
+		assert.Equal(t, expectedFileResponse.Content.Name, filesResponse.Files[0].Name)
+		assert.Equal(t, expectedFileResponse.Content.Path, filesResponse.Files[0].Path)
+		assert.Equal(t, expectedFileResponse.Content.URL, filesResponse.Files[0].URL)
+		assert.Equal(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
+		assert.Equal(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
+	})
+}
+
+func TestChangeRepoFilesForUpdateWithFileRename(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		ctx, _ := contexttest.MockContext(t, "user2/lfs")
+		ctx.SetPathParam("id", "54")
+		contexttest.LoadRepo(t, ctx, 54)
+		contexttest.LoadRepoCommit(t, ctx)
+		contexttest.LoadUser(t, ctx, 2)
+		contexttest.LoadGitRepo(t, ctx)
+		defer ctx.Repo.GitRepo.Close()
+
+		repo := ctx.Repo.Repository
+		opts := getUpdateRepoFilesRenameOptions(repo)
+
+		// test
+		filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, ctx.Doer, opts)
+
+		// asserts
+		assert.NoError(t, err)
+		gitRepo, _ := gitrepo.OpenRepository(git.DefaultContext, repo)
+		defer gitRepo.Close()
+
+		commit, _ := gitRepo.GetBranchCommit(repo.DefaultBranch)
+		lastCommit, _ := commit.GetCommitByPath(opts.Files[0].TreePath)
+		expectedFileResponse := getExpectedFileResponseForRepoFilesUpdateRename(commit.ID.String(), lastCommit.ID.String())
+		for _, file := range filesResponse.Files {
+			file.LastCommitterDate, file.LastAuthorDate = nil, nil // there might be different time in one operation, so we ignore them
+		}
+		assert.Len(t, filesResponse.Files, 4)
+		assert.Equal(t, expectedFileResponse.Files, filesResponse.Files)
 	})
 }
 
@@ -392,8 +572,8 @@ func TestChangeRepoFilesWithoutBranchNames(t *testing.T) {
 
 		commit, _ := gitRepo.GetBranchCommit(repo.DefaultBranch)
 		lastCommit, _ := commit.GetCommitByPath(opts.Files[0].TreePath)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
-		assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
+		expectedFileResponse := getExpectedFileResponseForRepoFilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String(), lastCommit.Committer.When, lastCommit.Author.When)
+		assert.Equal(t, expectedFileResponse.Content, filesResponse.Files[0])
 	})
 }
 
@@ -418,13 +598,13 @@ func testDeleteRepoFiles(t *testing.T, u *url.URL) {
 	t.Run("Delete README.md file", func(t *testing.T) {
 		filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
 		assert.NoError(t, err)
-		expectedFileResponse := getExpectedFileResponseForRepofilesDelete()
+		expectedFileResponse := getExpectedFileResponseForRepoFilesDelete()
 		assert.NotNil(t, filesResponse)
 		assert.Nil(t, filesResponse.Files[0])
-		assert.EqualValues(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
-		assert.EqualValues(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
-		assert.EqualValues(t, expectedFileResponse.Verification, filesResponse.Verification)
+		assert.Equal(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
+		assert.Equal(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
+		assert.Equal(t, expectedFileResponse.Verification, filesResponse.Verification)
 	})
 
 	t.Run("Verify README.md has been deleted", func(t *testing.T) {
@@ -460,13 +640,13 @@ func testDeleteRepoFilesWithoutBranchNames(t *testing.T, u *url.URL) {
 	t.Run("Delete README.md without Branch Name", func(t *testing.T) {
 		filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
 		assert.NoError(t, err)
-		expectedFileResponse := getExpectedFileResponseForRepofilesDelete()
+		expectedFileResponse := getExpectedFileResponseForRepoFilesDelete()
 		assert.NotNil(t, filesResponse)
 		assert.Nil(t, filesResponse.Files[0])
-		assert.EqualValues(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
-		assert.EqualValues(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
-		assert.EqualValues(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
-		assert.EqualValues(t, expectedFileResponse.Verification, filesResponse.Verification)
+		assert.Equal(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
+		assert.Equal(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
+		assert.Equal(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
+		assert.Equal(t, expectedFileResponse.Verification, filesResponse.Verification)
 	})
 }
 
@@ -490,7 +670,7 @@ func TestChangeRepoFilesErrors(t *testing.T) {
 			filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
 			assert.Error(t, err)
 			assert.Nil(t, filesResponse)
-			expectedError := "branch does not exist [name: " + opts.OldBranch + "]"
+			expectedError := fmt.Sprintf("branch does not exist [repo_id: %d name: %s]", repo.ID, opts.OldBranch)
 			assert.EqualError(t, err, expectedError)
 		})
 
diff --git a/tests/integration/session_test.go b/tests/integration/session_test.go
index b18a25827d..f72e2e24b7 100644
--- a/tests/integration/session_test.go
+++ b/tests/integration/session_test.go
@@ -27,11 +27,11 @@ func Test_RegenerateSession(t *testing.T) {
 
 	sess, err := auth.RegenerateSession(db.DefaultContext, "", key)
 	assert.NoError(t, err)
-	assert.EqualValues(t, key, sess.Key)
+	assert.Equal(t, key, sess.Key)
 	assert.Empty(t, sess.Data)
 
 	sess, err = auth.ReadSession(db.DefaultContext, key2)
 	assert.NoError(t, err)
-	assert.EqualValues(t, key2, sess.Key)
+	assert.Equal(t, key2, sess.Key)
 	assert.Empty(t, sess.Data)
 }
diff --git a/tests/integration/setting_test.go b/tests/integration/setting_test.go
index 9dad9ca716..64fd28c5e9 100644
--- a/tests/integration/setting_test.go
+++ b/tests/integration/setting_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
@@ -92,8 +93,7 @@ func TestSettingShowUserEmailProfile(t *testing.T) {
 
 func TestSettingLandingPage(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	landingPage := setting.LandingPageURL
+	defer test.MockVariableValue(&setting.LandingPageURL)()
 
 	setting.LandingPageURL = setting.LandingPageHome
 	req := NewRequest(t, "GET", "/")
@@ -113,6 +113,4 @@ func TestSettingLandingPage(t *testing.T) {
 	req = NewRequest(t, "GET", "/")
 	resp = MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "/user/login", resp.Header().Get("Location"))
-
-	setting.LandingPageURL = landingPage
 }
diff --git a/tests/integration/signin_test.go b/tests/integration/signin_test.go
index 5c7555286e..fa37145d98 100644
--- a/tests/integration/signin_test.go
+++ b/tests/integration/signin_test.go
@@ -9,6 +9,7 @@ import (
 	"strings"
 	"testing"
 
+	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
@@ -16,6 +17,8 @@ import (
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/web"
+	"code.gitea.io/gitea/routers"
+	"code.gitea.io/gitea/routers/web/auth"
 	"code.gitea.io/gitea/services/context"
 	"code.gitea.io/gitea/tests"
 
@@ -35,7 +38,7 @@ func testLoginFailed(t *testing.T, username, password, message string) {
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	resultMsg := htmlDoc.doc.Find(".ui.message>p").Text()
 
-	assert.EqualValues(t, message, resultMsg)
+	assert.Equal(t, message, resultMsg)
 }
 
 func TestSignin(t *testing.T) {
@@ -102,8 +105,9 @@ func TestEnablePasswordSignInFormAndEnablePasskeyAuth(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	mockLinkAccount := func(ctx *context.Context) {
+		authSource := auth_model.Source{ID: 1}
 		gothUser := goth.User{Email: "invalid-email", Name: "."}
-		_ = ctx.Session.Set("linkAccountGothUser", gothUser)
+		_ = auth.Oauth2SetLinkAccountData(ctx, auth.LinkAccountData{AuthSourceID: authSource.ID, GothUser: gothUser})
 	}
 
 	t.Run("EnablePasswordSignInForm=false", func(t *testing.T) {
@@ -166,3 +170,32 @@ func TestEnablePasswordSignInFormAndEnablePasskeyAuth(t *testing.T) {
 		AssertHTMLElement(t, doc, ".signin-passkey", true)
 	})
 }
+
+func TestRequireSignInView(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+	t.Run("NoRequireSignInView", func(t *testing.T) {
+		require.False(t, setting.Service.RequireSignInViewStrict)
+		require.False(t, setting.Service.BlockAnonymousAccessExpensive)
+		req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
+		MakeRequest(t, req, http.StatusOK)
+	})
+	t.Run("RequireSignInView", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
+		defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
+		req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
+		resp := MakeRequest(t, req, http.StatusSeeOther)
+		assert.Equal(t, "/user/login", resp.Header().Get("Location"))
+	})
+	t.Run("BlockAnonymousAccessExpensive", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, false)()
+		defer test.MockVariableValue(&setting.Service.BlockAnonymousAccessExpensive, true)()
+		defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
+
+		req := NewRequest(t, "GET", "/user2/repo1")
+		MakeRequest(t, req, http.StatusOK)
+
+		req = NewRequest(t, "GET", "/user2/repo1/src/branch/master")
+		resp := MakeRequest(t, req, http.StatusSeeOther)
+		assert.Equal(t, "/user/login", resp.Header().Get("Location"))
+	})
+}
diff --git a/tests/integration/signup_test.go b/tests/integration/signup_test.go
index e86851352e..c08f57d33e 100644
--- a/tests/integration/signup_test.go
+++ b/tests/integration/signup_test.go
@@ -22,8 +22,7 @@ import (
 
 func TestSignup(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	setting.Service.EnableCaptcha = false
+	defer test.MockVariableValue(&setting.Service.EnableCaptcha, false)()
 
 	req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
 		"user_name": "exampleUser",
@@ -40,9 +39,8 @@ func TestSignup(t *testing.T) {
 
 func TestSignupAsRestricted(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	setting.Service.EnableCaptcha = false
-	setting.Service.DefaultUserIsRestricted = true
+	defer test.MockVariableValue(&setting.Service.EnableCaptcha, false)()
+	defer test.MockVariableValue(&setting.Service.DefaultUserIsRestricted, true)()
 
 	req := NewRequestWithValues(t, "POST", "/user/sign_up", map[string]string{
 		"user_name": "restrictedUser",
@@ -62,8 +60,7 @@ func TestSignupAsRestricted(t *testing.T) {
 
 func TestSignupEmailValidation(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	setting.Service.EnableCaptcha = false
+	defer test.MockVariableValue(&setting.Service.EnableCaptcha, false)()
 
 	tests := []struct {
 		email      string
diff --git a/tests/integration/ssh_key_test.go b/tests/integration/ssh_key_test.go
index eb3a3e926a..b34a986be3 100644
--- a/tests/integration/ssh_key_test.go
+++ b/tests/integration/ssh_key_test.go
@@ -27,7 +27,7 @@ func doCheckRepositoryEmptyStatus(ctx APITestContext, isEmpty bool) func(*testin
 
 func doAddChangesToCheckout(dstPath, filename string) func(*testing.T) {
 	return func(t *testing.T) {
-		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, filename), []byte(fmt.Sprintf("# Testing Repository\n\nOriginally created in: %s at time: %v", dstPath, time.Now())), 0o644))
+		assert.NoError(t, os.WriteFile(filepath.Join(dstPath, filename), fmt.Appendf(nil, "# Testing Repository\n\nOriginally created in: %s at time: %v", dstPath, time.Now()), 0o644))
 		assert.NoError(t, git.AddChanges(dstPath, true))
 		signature := git.Signature{
 			Email: "test@example.com",
@@ -51,7 +51,7 @@ func testPushDeployKeyOnEmptyRepo(t *testing.T, u *url.URL) {
 	ctx := NewAPITestContext(t, "user2", "deploy-key-empty-repo-1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 	ctxWithDeleteRepo := NewAPITestContext(t, "user2", "deploy-key-empty-repo-1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 
-	keyname := fmt.Sprintf("%s-push", ctx.Reponame)
+	keyname := ctx.Reponame + "-push"
 	u.Path = ctx.GitPath()
 
 	t.Run("CreateEmptyRepository", doAPICreateRepository(ctx, true))
@@ -89,7 +89,7 @@ func testKeyOnlyOneType(t *testing.T, u *url.URL) {
 	reponame := "ssh-key-test-repo"
 	username := "user2"
 	u.Path = fmt.Sprintf("%s/%s.git", username, reponame)
-	keyname := fmt.Sprintf("%s-push", reponame)
+	keyname := reponame + "-push"
 
 	// OK login
 	ctx := NewAPITestContext(t, username, reponame, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
diff --git a/tests/integration/timetracking_test.go b/tests/integration/timetracking_test.go
index 8985dfdbce..ebe084ccdc 100644
--- a/tests/integration/timetracking_test.go
+++ b/tests/integration/timetracking_test.go
@@ -46,17 +46,17 @@ func testViewTimetrackingControls(t *testing.T, session *TestSession, user, repo
 	AssertHTMLElement(t, htmlDoc, ".issue-add-time", canTrackTime)
 
 	issueLink := path.Join(user, repo, "issues", issue)
-	req = NewRequestWithValues(t, "POST", path.Join(issueLink, "times", "stopwatch", "toggle"), map[string]string{
+	reqStart := NewRequestWithValues(t, "POST", path.Join(issueLink, "times", "stopwatch", "start"), map[string]string{
 		"_csrf": htmlDoc.GetCSRF(),
 	})
 	if canTrackTime {
-		session.MakeRequest(t, req, http.StatusOK)
+		session.MakeRequest(t, reqStart, http.StatusOK)
 
 		req = NewRequest(t, "GET", issueLink)
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc = NewHTMLParser(t, resp.Body)
 
-		events := htmlDoc.doc.Find(".event > span.text")
+		events := htmlDoc.doc.Find(".event > .comment-text-line")
 		assert.Contains(t, events.Last().Text(), "started working")
 
 		AssertHTMLElement(t, htmlDoc, ".issue-stop-time", true)
@@ -65,18 +65,18 @@ func testViewTimetrackingControls(t *testing.T, session *TestSession, user, repo
 		// Sleep for 1 second to not get wrong order for stopping timer
 		time.Sleep(time.Second)
 
-		req = NewRequestWithValues(t, "POST", path.Join(issueLink, "times", "stopwatch", "toggle"), map[string]string{
+		reqStop := NewRequestWithValues(t, "POST", path.Join(issueLink, "times", "stopwatch", "stop"), map[string]string{
 			"_csrf": htmlDoc.GetCSRF(),
 		})
-		session.MakeRequest(t, req, http.StatusOK)
+		session.MakeRequest(t, reqStop, http.StatusOK)
 
 		req = NewRequest(t, "GET", issueLink)
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc = NewHTMLParser(t, resp.Body)
 
-		events = htmlDoc.doc.Find(".event > span.text")
+		events = htmlDoc.doc.Find(".event > .comment-text-line")
 		assert.Contains(t, events.Last().Text(), "worked for ")
 	} else {
-		session.MakeRequest(t, req, http.StatusNotFound)
+		session.MakeRequest(t, reqStart, http.StatusNotFound)
 	}
 }
diff --git a/tests/integration/user_avatar_test.go b/tests/integration/user_avatar_test.go
index 7b157e6e61..14ea012ac8 100644
--- a/tests/integration/user_avatar_test.go
+++ b/tests/integration/user_avatar_test.go
@@ -5,7 +5,6 @@ package integration
 
 import (
 	"bytes"
-	"fmt"
 	"image/png"
 	"io"
 	"mime/multipart"
@@ -84,9 +83,9 @@ func TestUserAvatar(t *testing.T) {
 }
 
 func testGetAvatarRedirect(t *testing.T, user *user_model.User) {
-	t.Run(fmt.Sprintf("getAvatarRedirect_%s", user.Name), func(t *testing.T) {
+	t.Run("getAvatarRedirect_"+user.Name, func(t *testing.T) {
 		req := NewRequestf(t, "GET", "/%s.png", user.Name)
 		resp := MakeRequest(t, req, http.StatusSeeOther)
-		assert.EqualValues(t, fmt.Sprintf("/avatars/%s", user.Avatar), resp.Header().Get("location"))
+		assert.Equal(t, "/avatars/"+user.Avatar, resp.Header().Get("location"))
 	})
 }
diff --git a/tests/integration/user_test.go b/tests/integration/user_test.go
index fd7996bf8b..34692d9cab 100644
--- a/tests/integration/user_test.go
+++ b/tests/integration/user_test.go
@@ -217,12 +217,12 @@ func TestGetUserRss(t *testing.T) {
 	user34 := "the_34-user.with.all.allowedChars"
 	req := NewRequestf(t, "GET", "/%s.rss", user34)
 	resp := MakeRequest(t, req, http.StatusOK)
-	if assert.EqualValues(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) {
+	if assert.Equal(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) {
 		rssDoc := NewHTMLParser(t, resp.Body).Find("channel")
 		title, _ := rssDoc.ChildrenFiltered("title").Html()
-		assert.EqualValues(t, "Feed of &#34;the_1-user.with.all.allowedChars&#34;", title)
+		assert.Equal(t, "Feed of &#34;the_1-user.with.all.allowedChars&#34;", title)
 		description, _ := rssDoc.ChildrenFiltered("description").Html()
-		assert.EqualValues(t, "&lt;p dir=&#34;auto&#34;&gt;some &lt;a href=&#34;https://commonmark.org/&#34; rel=&#34;nofollow&#34;&gt;commonmark&lt;/a&gt;!&lt;/p&gt;\n", description)
+		assert.Equal(t, "&lt;p dir=&#34;auto&#34;&gt;some &lt;a href=&#34;https://commonmark.org/&#34; rel=&#34;nofollow&#34;&gt;commonmark&lt;/a&gt;!&lt;/p&gt;\n", description)
 	}
 
 	req = NewRequestf(t, "GET", "/non-existent-user.rss")
@@ -247,18 +247,18 @@ func TestListStopWatches(t *testing.T) {
 	stopwatch := unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: owner.ID})
 	issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: stopwatch.IssueID})
 	if assert.Len(t, apiWatches, 1) {
-		assert.EqualValues(t, stopwatch.CreatedUnix.AsTime().Unix(), apiWatches[0].Created.Unix())
-		assert.EqualValues(t, issue.Index, apiWatches[0].IssueIndex)
-		assert.EqualValues(t, issue.Title, apiWatches[0].IssueTitle)
-		assert.EqualValues(t, repo.Name, apiWatches[0].RepoName)
-		assert.EqualValues(t, repo.OwnerName, apiWatches[0].RepoOwnerName)
+		assert.Equal(t, stopwatch.CreatedUnix.AsTime().Unix(), apiWatches[0].Created.Unix())
+		assert.Equal(t, issue.Index, apiWatches[0].IssueIndex)
+		assert.Equal(t, issue.Title, apiWatches[0].IssueTitle)
+		assert.Equal(t, repo.Name, apiWatches[0].RepoName)
+		assert.Equal(t, repo.OwnerName, apiWatches[0].RepoOwnerName)
 		assert.Positive(t, apiWatches[0].Seconds)
 	}
 }
 
 func TestUserLocationMapLink(t *testing.T) {
-	setting.Service.UserLocationMapURL = "https://example/foo/"
 	defer tests.PrepareTestEnv(t)()
+	defer test.MockVariableValue(&setting.Service.UserLocationMapURL, "https://example/foo/")()
 
 	session := loginUser(t, "user2")
 	req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{
diff --git a/tests/integration/webfinger_test.go b/tests/integration/webfinger_test.go
index a1abc8d32b..757d442cd2 100644
--- a/tests/integration/webfinger_test.go
+++ b/tests/integration/webfinger_test.go
@@ -7,11 +7,13 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strconv"
 	"testing"
 
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
@@ -19,11 +21,7 @@ import (
 
 func TestWebfinger(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-
-	setting.Federation.Enabled = true
-	defer func() {
-		setting.Federation.Enabled = false
-	}()
+	defer test.MockVariableValue(&setting.Federation.Enabled, true)()
 
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 
@@ -52,7 +50,7 @@ func TestWebfinger(t *testing.T) {
 	var jrd webfingerJRD
 	DecodeJSON(t, resp, &jrd)
 	assert.Equal(t, "acct:user2@"+appURL.Host, jrd.Subject)
-	assert.ElementsMatch(t, []string{user.HTMLURL(), appURL.String() + "api/v1/activitypub/user-id/" + fmt.Sprint(user.ID)}, jrd.Aliases)
+	assert.ElementsMatch(t, []string{user.HTMLURL(), appURL.String() + "api/v1/activitypub/user-id/" + strconv.FormatInt(user.ID, 10)}, jrd.Aliases)
 
 	req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", user.LowerName, "unknown.host"))
 	MakeRequest(t, req, http.StatusBadRequest)
@@ -63,6 +61,6 @@ func TestWebfinger(t *testing.T) {
 	req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", "user31", appURL.Host))
 	session.MakeRequest(t, req, http.StatusOK)
 
-	req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=mailto:%s", user.Email))
+	req = NewRequest(t, "GET", "/.well-known/webfinger?resource=mailto:"+user.Email)
 	MakeRequest(t, req, http.StatusNotFound)
 }
diff --git a/tests/integration/wiki_test.go b/tests/integration/wiki_test.go
index a571c2da50..ac458af378 100644
--- a/tests/integration/wiki_test.go
+++ b/tests/integration/wiki_test.go
@@ -4,7 +4,6 @@
 package integration
 
 import (
-	"fmt"
 	"net/http"
 	"net/url"
 	"os"
@@ -29,7 +28,7 @@ func assertFileExist(t *testing.T, p string) {
 func assertFileEqual(t *testing.T, p string, content []byte) {
 	bs, err := os.ReadFile(p)
 	assert.NoError(t, err)
-	assert.EqualValues(t, content, bs)
+	assert.Equal(t, content, bs)
 }
 
 func TestRepoCloneWiki(t *testing.T) {
@@ -38,7 +37,7 @@ func TestRepoCloneWiki(t *testing.T) {
 
 		dstPath := t.TempDir()
 
-		r := fmt.Sprintf("%suser2/repo1.wiki.git", u.String())
+		r := u.String() + "user2/repo1.wiki.git"
 		u, _ = url.Parse(r)
 		u.User = url.UserPassword("user2", userPassword)
 		t.Run("Clone", func(t *testing.T) {
@@ -69,6 +68,6 @@ func Test_RepoWikiPages(t *testing.T) {
 		href, _ := firstAnchor.Attr("href")
 		pagePath := strings.TrimPrefix(href, "/user2/repo1/wiki/")
 
-		assert.EqualValues(t, expectedPagePaths[i], pagePath)
+		assert.Equal(t, expectedPagePaths[i], pagePath)
 	})
 }
diff --git a/tests/integration/workflow_run_api_check_test.go b/tests/integration/workflow_run_api_check_test.go
new file mode 100644
index 0000000000..6a80bb5118
--- /dev/null
+++ b/tests/integration/workflow_run_api_check_test.go
@@ -0,0 +1,167 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAPIWorkflowRun(t *testing.T) {
+	t.Run("AdminRuns", func(t *testing.T) {
+		testAPIWorkflowRunBasic(t, "/api/v1/admin/actions", "User1", 802, auth_model.AccessTokenScopeReadAdmin, auth_model.AccessTokenScopeReadRepository)
+	})
+	t.Run("UserRuns", func(t *testing.T) {
+		testAPIWorkflowRunBasic(t, "/api/v1/user/actions", "User2", 803, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopeReadRepository)
+	})
+	t.Run("OrgRuns", func(t *testing.T) {
+		testAPIWorkflowRunBasic(t, "/api/v1/orgs/org3/actions", "User1", 802, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadRepository)
+	})
+	t.Run("RepoRuns", func(t *testing.T) {
+		testAPIWorkflowRunBasic(t, "/api/v1/repos/org3/repo5/actions", "User2", 802, auth_model.AccessTokenScopeReadRepository)
+	})
+}
+
+func testAPIWorkflowRunBasic(t *testing.T, apiRootURL, userUsername string, runID int64, scope ...auth_model.AccessTokenScope) {
+	defer tests.PrepareTestEnv(t)()
+	token := getUserToken(t, userUsername, scope...)
+
+	apiRunsURL := fmt.Sprintf("%s/%s", apiRootURL, "runs")
+	req := NewRequest(t, "GET", apiRunsURL).AddTokenAuth(token)
+	runnerListResp := MakeRequest(t, req, http.StatusOK)
+	runnerList := api.ActionWorkflowRunsResponse{}
+	DecodeJSON(t, runnerListResp, &runnerList)
+
+	foundRun := false
+
+	for _, run := range runnerList.Entries {
+		// Verify filtering works
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, "", run.Status, "", "", "", "")
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, run.Conclusion, "", "", "", "", "")
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, "", "", "", run.HeadBranch, "", "")
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, "", "", run.Event, "", "", "")
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, "", "", "", "", run.TriggerActor.UserName, "")
+		verifyWorkflowRunCanbeFoundWithStatusFilter(t, apiRunsURL, token, run.ID, "", "", "", "", run.TriggerActor.UserName, run.HeadSha)
+
+		// Verify run url works
+		req := NewRequest(t, "GET", run.URL).AddTokenAuth(token)
+		runResp := MakeRequest(t, req, http.StatusOK)
+		apiRun := api.ActionWorkflowRun{}
+		DecodeJSON(t, runResp, &apiRun)
+		assert.Equal(t, run.ID, apiRun.ID)
+		assert.Equal(t, run.Status, apiRun.Status)
+		assert.Equal(t, run.Conclusion, apiRun.Conclusion)
+		assert.Equal(t, run.Event, apiRun.Event)
+
+		// Verify jobs list works
+		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s", run.URL, "jobs")).AddTokenAuth(token)
+		jobsResp := MakeRequest(t, req, http.StatusOK)
+		jobList := api.ActionWorkflowJobsResponse{}
+		DecodeJSON(t, jobsResp, &jobList)
+
+		if run.ID == runID {
+			foundRun = true
+			assert.Len(t, jobList.Entries, 1)
+			for _, job := range jobList.Entries {
+				// Check the jobs list of the run
+				verifyWorkflowJobCanbeFoundWithStatusFilter(t, fmt.Sprintf("%s/%s", run.URL, "jobs"), token, job.ID, "", job.Status)
+				verifyWorkflowJobCanbeFoundWithStatusFilter(t, fmt.Sprintf("%s/%s", run.URL, "jobs"), token, job.ID, job.Conclusion, "")
+				// Check the run independent job list
+				verifyWorkflowJobCanbeFoundWithStatusFilter(t, fmt.Sprintf("%s/%s", apiRootURL, "jobs"), token, job.ID, "", job.Status)
+				verifyWorkflowJobCanbeFoundWithStatusFilter(t, fmt.Sprintf("%s/%s", apiRootURL, "jobs"), token, job.ID, job.Conclusion, "")
+
+				// Verify job url works
+				req := NewRequest(t, "GET", job.URL).AddTokenAuth(token)
+				jobsResp := MakeRequest(t, req, http.StatusOK)
+				apiJob := api.ActionWorkflowJob{}
+				DecodeJSON(t, jobsResp, &apiJob)
+				assert.Equal(t, job.ID, apiJob.ID)
+				assert.Equal(t, job.RunID, apiJob.RunID)
+				assert.Equal(t, job.Status, apiJob.Status)
+				assert.Equal(t, job.Conclusion, apiJob.Conclusion)
+			}
+		}
+	}
+	assert.True(t, foundRun, "Expected to find run with ID %d", runID)
+}
+
+func verifyWorkflowRunCanbeFoundWithStatusFilter(t *testing.T, runAPIURL, token string, id int64, conclusion, status, event, branch, actor, headSHA string) {
+	filter := url.Values{}
+	if conclusion != "" {
+		filter.Add("status", conclusion)
+	}
+	if status != "" {
+		filter.Add("status", status)
+	}
+	if event != "" {
+		filter.Set("event", event)
+	}
+	if branch != "" {
+		filter.Set("branch", branch)
+	}
+	if actor != "" {
+		filter.Set("actor", actor)
+	}
+	if headSHA != "" {
+		filter.Set("head_sha", headSHA)
+	}
+	req := NewRequest(t, "GET", runAPIURL+"?"+filter.Encode()).AddTokenAuth(token)
+	runResp := MakeRequest(t, req, http.StatusOK)
+	runList := api.ActionWorkflowRunsResponse{}
+	DecodeJSON(t, runResp, &runList)
+
+	found := false
+	for _, run := range runList.Entries {
+		if conclusion != "" {
+			assert.Equal(t, conclusion, run.Conclusion)
+		}
+		if status != "" {
+			assert.Equal(t, status, run.Status)
+		}
+		if event != "" {
+			assert.Equal(t, event, run.Event)
+		}
+		if branch != "" {
+			assert.Equal(t, branch, run.HeadBranch)
+		}
+		if actor != "" {
+			assert.Equal(t, actor, run.Actor.UserName)
+		}
+		found = found || run.ID == id
+	}
+	assert.True(t, found, "Expected to find run with ID %d", id)
+}
+
+func verifyWorkflowJobCanbeFoundWithStatusFilter(t *testing.T, runAPIURL, token string, id int64, conclusion, status string) {
+	filter := conclusion
+	if filter == "" {
+		filter = status
+	}
+	if filter == "" {
+		return
+	}
+	req := NewRequest(t, "GET", runAPIURL+"?status="+filter).AddTokenAuth(token)
+	jobListResp := MakeRequest(t, req, http.StatusOK)
+	jobList := api.ActionWorkflowJobsResponse{}
+	DecodeJSON(t, jobListResp, &jobList)
+
+	found := false
+	for _, job := range jobList.Entries {
+		if conclusion != "" {
+			assert.Equal(t, conclusion, job.Conclusion)
+		} else {
+			assert.Equal(t, status, job.Status)
+		}
+		found = found || job.ID == id
+	}
+	assert.True(t, found, "Expected to find job with ID %d", id)
+}
diff --git a/tests/integration/xss_test.go b/tests/integration/xss_test.go
index a8eaa5fc62..9058fc210a 100644
--- a/tests/integration/xss_test.go
+++ b/tests/integration/xss_test.go
@@ -32,8 +32,8 @@ func TestXSSUserFullName(t *testing.T) {
 	req = NewRequestf(t, "GET", "/%s", user.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
-	assert.EqualValues(t, 0, htmlDoc.doc.Find("script.evil").Length())
-	assert.EqualValues(t, fullName,
+	assert.Equal(t, 0, htmlDoc.doc.Find("script.evil").Length())
+	assert.Equal(t, fullName,
 		htmlDoc.doc.Find("div.content").Find(".header.text.center").Text(),
 	)
 }
diff --git a/tests/test_utils.go b/tests/test_utils.go
index 96eb5731b4..ad692058a6 100644
--- a/tests/test_utils.go
+++ b/tests/test_utils.go
@@ -1,7 +1,6 @@
 // Copyright 2017 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
-//nolint:forbidigo
 package tests
 
 import (
@@ -18,7 +17,6 @@ import (
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
-	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/storage"
 	"code.gitea.io/gitea/modules/test"
@@ -56,7 +54,7 @@ func InitTest(requireGitea bool) {
 		// Notice: when doing "ssh push", Gitea executes sub processes, debugger won't work for the sub processes.
 		giteaConf = "tests/sqlite.ini"
 		_ = os.Setenv("GITEA_CONF", giteaConf)
-		fmt.Printf("Environment variable $GITEA_CONF not set, use default: %s\n", giteaConf)
+		_, _ = fmt.Fprintf(os.Stderr, "Environment variable $GITEA_CONF not set - defaulting to %s\n", giteaConf)
 		if !setting.EnableSQLite3 {
 			testlogger.Fatalf(`sqlite3 requires: -tags sqlite,sqlite_unlock_notify` + "\n")
 		}
@@ -67,9 +65,8 @@ func InitTest(requireGitea bool) {
 		setting.CustomConf = giteaConf
 	}
 
-	unittest.InitSettings()
+	unittest.InitSettingsForTesting()
 	setting.Repository.DefaultBranch = "master" // many test code still assume that default branch is called "master"
-	_ = util.RemoveAll(repo_module.LocalCopyPath())
 
 	if err := git.InitFull(context.Background()); err != nil {
 		log.Fatal("git.InitOnceWithSync: %v", err)
@@ -93,7 +90,7 @@ func InitTest(requireGitea bool) {
 		if err != nil {
 			log.Fatal("sql.Open: %v", err)
 		}
-		if _, err = db.Exec(fmt.Sprintf("CREATE DATABASE IF NOT EXISTS %s", setting.Database.Name)); err != nil {
+		if _, err = db.Exec("CREATE DATABASE IF NOT EXISTS " + setting.Database.Name); err != nil {
 			log.Fatal("db.Exec: %v", err)
 		}
 	case setting.Database.Type.IsPostgreSQL():
@@ -118,7 +115,7 @@ func InitTest(requireGitea bool) {
 		defer dbrows.Close()
 
 		if !dbrows.Next() {
-			if _, err = db.Exec(fmt.Sprintf("CREATE DATABASE %s", setting.Database.Name)); err != nil {
+			if _, err = db.Exec("CREATE DATABASE " + setting.Database.Name); err != nil {
 				log.Fatal("db.Exec: CREATE DATABASE: %v", err)
 			}
 		}
@@ -148,7 +145,7 @@ func InitTest(requireGitea bool) {
 
 		if !schrows.Next() {
 			// Create and setup a DB schema
-			if _, err = db.Exec(fmt.Sprintf("CREATE SCHEMA %s", setting.Database.Schema)); err != nil {
+			if _, err = db.Exec("CREATE SCHEMA " + setting.Database.Schema); err != nil {
 				log.Fatal("db.Exec: CREATE SCHEMA: %v", err)
 			}
 		}
diff --git a/tools/generate-svg.js b/tools/generate-svg.js
index ec04bf655e..12f3db039d 100755
--- a/tools/generate-svg.js
+++ b/tools/generate-svg.js
@@ -25,6 +25,7 @@ async function processAssetsSvgFile(file, {prefix, fullName} = {}) {
     plugins: [
       {name: 'preset-default'},
       {name: 'removeDimensions'},
+      {name: 'removeTitle'},
       {name: 'prefixIds', params: {prefix: () => name}},
       {name: 'addClassesToSVGElement', params: {classNames: ['svg', name]}},
       {
diff --git a/tools/lint-go-gopls.sh b/tools/lint-go-gopls.sh
index a222ea14d7..2cd26ca6fe 100755
--- a/tools/lint-go-gopls.sh
+++ b/tools/lint-go-gopls.sh
@@ -11,7 +11,7 @@ IGNORE_PATTERNS=(
 # current absolute path, indicating a error was found. This is necessary
 # because the tool does not set non-zero exit code when errors are found.
 # ref: https://github.com/golang/go/issues/67078
-ERROR_LINES=$("$GO" run "$GOPLS_PACKAGE" check "$@" 2>/dev/null | grep -E "^$PWD" | grep -vFf <(printf '%s\n' "${IGNORE_PATTERNS[@]}"));
+ERROR_LINES=$("$GO" run "$GOPLS_PACKAGE" check -severity=warning "$@" 2>/dev/null | grep -E "^$PWD" | grep -vFf <(printf '%s\n' "${IGNORE_PATTERNS[@]}"));
 NUM_ERRORS=$(echo -n "$ERROR_LINES" | wc -l)
 
 if [ "$NUM_ERRORS" -eq "0" ]; then
diff --git a/updates.config.js b/updates.config.js
index c1dae1875b..4373ab9b95 100644
--- a/updates.config.js
+++ b/updates.config.js
@@ -2,6 +2,7 @@ export default {
   exclude: [
     '@mcaptcha/vanilla-glue', // breaking changes in rc versions need to be handled
     '@stylistic/eslint-plugin-js', // need to migrate to eslint 9
+    'cropperjs', // need to migrate to v2 but v2 is not compatible with v1
     'eslint', // need to migrate to eslint flat config first
     'eslint-plugin-array-func', // need to migrate to eslint flat config first
     'eslint-plugin-github', // need to migrate to eslint 9 - https://github.com/github/eslint-plugin-github/issues/585
diff --git a/uv.lock b/uv.lock
new file mode 100644
index 0000000000..6a6374d3fa
--- /dev/null
+++ b/uv.lock
@@ -0,0 +1,340 @@
+version = 1
+revision = 2
+requires-python = ">=3.10"
+
+[[package]]
+name = "click"
+version = "8.2.1"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "colorama", marker = "sys_platform == 'win32'" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/60/6c/8ca2efa64cf75a977a0d7fac081354553ebe483345c734fb6b6515d96bbc/click-8.2.1.tar.gz", hash = "sha256:27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202", size = 286342, upload-time = "2025-05-20T23:19:49.832Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", hash = "sha256:61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", size = 102215, upload-time = "2025-05-20T23:19:47.796Z" },
+]
+
+[[package]]
+name = "colorama"
+version = "0.4.6"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/d8/53/6f443c9a4a8358a93a6792e2acffb9d9d5cb0a5cfd8802644b7b1c9a02e4/colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", size = 27697, upload-time = "2022-10-25T02:36:22.414Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/d1/d6/3965ed04c63042e047cb6a3e6ed1a63a35087b6a609aa3a15ed8ac56c221/colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6", size = 25335, upload-time = "2022-10-25T02:36:20.889Z" },
+]
+
+[[package]]
+name = "cssbeautifier"
+version = "1.15.4"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "editorconfig" },
+    { name = "jsbeautifier" },
+    { name = "six" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/f7/01/fdf41c1e5f93d359681976ba10410a04b299d248e28ecce1d4e88588dde4/cssbeautifier-1.15.4.tar.gz", hash = "sha256:9bb08dc3f64c101a01677f128acf01905914cf406baf87434dcde05b74c0acf5", size = 25376, upload-time = "2025-02-27T17:53:51.341Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/63/51/ef6c5628e46092f0a54c7cee69acc827adc6b6aab57b55d344fefbdf28f1/cssbeautifier-1.15.4-py3-none-any.whl", hash = "sha256:78c84d5e5378df7d08622bbd0477a1abdbd209680e95480bf22f12d5701efc98", size = 123667, upload-time = "2025-02-27T17:53:43.594Z" },
+]
+
+[[package]]
+name = "djlint"
+version = "1.36.4"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "click" },
+    { name = "colorama" },
+    { name = "cssbeautifier" },
+    { name = "jsbeautifier" },
+    { name = "json5" },
+    { name = "pathspec" },
+    { name = "pyyaml" },
+    { name = "regex" },
+    { name = "tomli", marker = "python_full_version < '3.11'" },
+    { name = "tqdm" },
+    { name = "typing-extensions", marker = "python_full_version < '3.11'" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/74/89/ecf5be9f5c59a0c53bcaa29671742c5e269cc7d0e2622e3f65f41df251bf/djlint-1.36.4.tar.gz", hash = "sha256:17254f218b46fe5a714b224c85074c099bcb74e3b2e1f15c2ddc2cf415a408a1", size = 47849, upload-time = "2024-12-24T13:06:36.36Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/53/71/6a3ce2b49a62e635b85dce30ccf3eb3a18fe79275d45535325a55a63d3a3/djlint-1.36.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a2dfb60883ceb92465201bfd392291a7597c6752baede6fbb6f1980cac8d6c5c", size = 354135, upload-time = "2024-12-24T13:05:49.732Z" },
+    { url = "https://files.pythonhosted.org/packages/72/47/308412dc579e277c910774f41b380308d582862b16763425583e69e0fc14/djlint-1.36.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:4bc6a1320c0030244b530ac200642f883d3daa451a115920ef3d56d08b644292", size = 328501, upload-time = "2024-12-24T13:05:53.861Z" },
+    { url = "https://files.pythonhosted.org/packages/9b/6f/428dc044d1e34363265b1301dc9b53253007acd858879d54b369d233aa96/djlint-1.36.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:3164a048c7bb0baf042387b1e33f9bbbf99d90d1337bb4c3d66eb0f96f5400a1", size = 415849, upload-time = "2024-12-24T13:05:56.377Z" },
+    { url = "https://files.pythonhosted.org/packages/d6/13/0d488e551d73ddf369552fc6f4c7702ea683e4bc1305bcf5c1d198fbdace/djlint-1.36.4-cp310-cp310-win_amd64.whl", hash = "sha256:3196d5277da5934962d67ad6c33a948ba77a7b6eadf064648bef6ee5f216b03c", size = 360969, upload-time = "2024-12-24T13:05:59.582Z" },
+    { url = "https://files.pythonhosted.org/packages/04/68/18ecd1e4d54a523e1d077f01419d669116e5dede97f97f1eb8ddb918a872/djlint-1.36.4-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:3d68da0ed10ee9ca1e32e225cbb8e9b98bf7e6f8b48a8e4836117b6605b88cc7", size = 344261, upload-time = "2024-12-24T13:06:01.136Z" },
+    { url = "https://files.pythonhosted.org/packages/1e/03/005cf5c66e57ca2d26249f8385bc64420b2a95fea81c5eb619c925199029/djlint-1.36.4-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:c0478d5392247f1e6ee29220bbdbf7fb4e1bc0e7e83d291fda6fb926c1787ba7", size = 319580, upload-time = "2024-12-24T13:06:03.824Z" },
+    { url = "https://files.pythonhosted.org/packages/9f/88/aea3c81343a273a87362f30442abc13351dc8ada0b10e51daa285b4dddac/djlint-1.36.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:962f7b83aee166e499eff916d631c6dde7f1447d7610785a60ed2a75a5763483", size = 407070, upload-time = "2024-12-24T13:06:05.356Z" },
+    { url = "https://files.pythonhosted.org/packages/60/77/0f767ac0b72e9a664bb8c92b8940f21bc1b1e806e5bd727584d40a4ca551/djlint-1.36.4-cp311-cp311-win_amd64.whl", hash = "sha256:53cbc450aa425c832f09bc453b8a94a039d147b096740df54a3547fada77ed08", size = 360775, upload-time = "2024-12-24T13:06:10.176Z" },
+    { url = "https://files.pythonhosted.org/packages/53/f5/9ae02b875604755d4d00cebf96b218b0faa3198edc630f56a139581aed87/djlint-1.36.4-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:ff9faffd7d43ac20467493fa71d5355b5b330a00ade1c4d1e859022f4195223b", size = 354886, upload-time = "2024-12-24T13:06:11.571Z" },
+    { url = "https://files.pythonhosted.org/packages/97/51/284443ff2f2a278f61d4ae6ae55eaf820ad9f0fd386d781cdfe91f4de495/djlint-1.36.4-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:79489e262b5ac23a8dfb7ca37f1eea979674cfc2d2644f7061d95bea12c38f7e", size = 323237, upload-time = "2024-12-24T13:06:13.057Z" },
+    { url = "https://files.pythonhosted.org/packages/6d/5e/791f4c5571f3f168ad26fa3757af8f7a05c623fde1134a9c4de814ee33b7/djlint-1.36.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:e58c5fa8c6477144a0be0a87273706a059e6dd0d6efae01146ae8c29cdfca675", size = 411719, upload-time = "2024-12-24T13:06:15.672Z" },
+    { url = "https://files.pythonhosted.org/packages/1f/11/894425add6f84deffcc6e373f2ce250f2f7b01aa58c7f230016ebe7a0085/djlint-1.36.4-cp312-cp312-win_amd64.whl", hash = "sha256:bb6903777bf3124f5efedcddf1f4716aef097a7ec4223fc0fa54b865829a6e08", size = 362076, upload-time = "2024-12-24T13:06:17.517Z" },
+    { url = "https://files.pythonhosted.org/packages/da/83/88b4c885812921739f5529a29085c3762705154d41caf7eb9a8886a3380c/djlint-1.36.4-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:ead475013bcac46095b1bbc8cf97ed2f06e83422335734363f8a76b4ba7e47c2", size = 354384, upload-time = "2024-12-24T13:06:20.809Z" },
+    { url = "https://files.pythonhosted.org/packages/32/38/67695f7a150b3d9d62fadb65242213d96024151570c3cf5d966effa68b0e/djlint-1.36.4-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:6c601dfa68ea253311deb4a29a7362b7a64933bdfcfb5a06618f3e70ad1fa835", size = 322971, upload-time = "2024-12-24T13:06:22.185Z" },
+    { url = "https://files.pythonhosted.org/packages/ac/7a/cd851393291b12e7fe17cf5d4d8874b8ea133aebbe9235f5314aabc96a52/djlint-1.36.4-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:bda5014f295002363381969864addeb2db13955f1b26e772657c3b273ed7809f", size = 410972, upload-time = "2024-12-24T13:06:24.077Z" },
+    { url = "https://files.pythonhosted.org/packages/6c/31/56469120394b970d4f079a552fde21ed27702ca729595ab0ed459eb6d240/djlint-1.36.4-cp313-cp313-win_amd64.whl", hash = "sha256:16ce37e085afe5a30953b2bd87cbe34c37843d94c701fc68a2dda06c1e428ff4", size = 362053, upload-time = "2024-12-24T13:06:25.432Z" },
+    { url = "https://files.pythonhosted.org/packages/4b/67/f7aeea9be6fb3bd984487af8d0d80225a0b1e5f6f7126e3332d349fb13fe/djlint-1.36.4-py3-none-any.whl", hash = "sha256:e9699b8ac3057a6ed04fb90835b89bee954ed1959c01541ce4f8f729c938afdd", size = 52290, upload-time = "2024-12-24T13:06:33.76Z" },
+]
+
+[[package]]
+name = "editorconfig"
+version = "0.17.1"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/88/3a/a61d9a1f319a186b05d14df17daea42fcddea63c213bcd61a929fb3a6796/editorconfig-0.17.1.tar.gz", hash = "sha256:23c08b00e8e08cc3adcddb825251c497478df1dada6aefeb01e626ad37303745", size = 14695, upload-time = "2025-06-09T08:21:37.097Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/96/fd/a40c621ff207f3ce8e484aa0fc8ba4eb6e3ecf52e15b42ba764b457a9550/editorconfig-0.17.1-py3-none-any.whl", hash = "sha256:1eda9c2c0db8c16dbd50111b710572a5e6de934e39772de1959d41f64fc17c82", size = 16360, upload-time = "2025-06-09T08:21:35.654Z" },
+]
+
+[[package]]
+name = "gitea"
+version = "0.0.0"
+source = { virtual = "." }
+
+[package.dev-dependencies]
+dev = [
+    { name = "djlint" },
+    { name = "yamllint" },
+]
+
+[package.metadata]
+
+[package.metadata.requires-dev]
+dev = [
+    { name = "djlint", specifier = "==1.36.4" },
+    { name = "yamllint", specifier = "==1.37.1" },
+]
+
+[[package]]
+name = "jsbeautifier"
+version = "1.15.4"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "editorconfig" },
+    { name = "six" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/ea/98/d6cadf4d5a1c03b2136837a435682418c29fdeb66be137128544cecc5b7a/jsbeautifier-1.15.4.tar.gz", hash = "sha256:5bb18d9efb9331d825735fbc5360ee8f1aac5e52780042803943aa7f854f7592", size = 75257, upload-time = "2025-02-27T17:53:53.252Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/2d/14/1c65fccf8413d5f5c6e8425f84675169654395098000d8bddc4e9d3390e1/jsbeautifier-1.15.4-py3-none-any.whl", hash = "sha256:72f65de312a3f10900d7685557f84cb61a9733c50dcc27271a39f5b0051bf528", size = 94707, upload-time = "2025-02-27T17:53:46.152Z" },
+]
+
+[[package]]
+name = "json5"
+version = "0.12.0"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/12/be/c6c745ec4c4539b25a278b70e29793f10382947df0d9efba2fa09120895d/json5-0.12.0.tar.gz", hash = "sha256:0b4b6ff56801a1c7dc817b0241bca4ce474a0e6a163bfef3fc594d3fd263ff3a", size = 51907, upload-time = "2025-04-03T16:33:13.201Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/41/9f/3500910d5a98549e3098807493851eeef2b89cdd3032227558a104dfe926/json5-0.12.0-py3-none-any.whl", hash = "sha256:6d37aa6c08b0609f16e1ec5ff94697e2cbbfbad5ac112afa05794da9ab7810db", size = 36079, upload-time = "2025-04-03T16:33:11.927Z" },
+]
+
+[[package]]
+name = "pathspec"
+version = "0.12.1"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/ca/bc/f35b8446f4531a7cb215605d100cd88b7ac6f44ab3fc94870c120ab3adbf/pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712", size = 51043, upload-time = "2023-12-10T22:30:45Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/cc/20/ff623b09d963f88bfde16306a54e12ee5ea43e9b597108672ff3a408aad6/pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08", size = 31191, upload-time = "2023-12-10T22:30:43.14Z" },
+]
+
+[[package]]
+name = "pyyaml"
+version = "6.0.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/54/ed/79a089b6be93607fa5cdaedf301d7dfb23af5f25c398d5ead2525b063e17/pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e", size = 130631, upload-time = "2024-08-06T20:33:50.674Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/9b/95/a3fac87cb7158e231b5a6012e438c647e1a87f09f8e0d123acec8ab8bf71/PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086", size = 184199, upload-time = "2024-08-06T20:31:40.178Z" },
+    { url = "https://files.pythonhosted.org/packages/c7/7a/68bd47624dab8fd4afbfd3c48e3b79efe09098ae941de5b58abcbadff5cb/PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf", size = 171758, upload-time = "2024-08-06T20:31:42.173Z" },
+    { url = "https://files.pythonhosted.org/packages/49/ee/14c54df452143b9ee9f0f29074d7ca5516a36edb0b4cc40c3f280131656f/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237", size = 718463, upload-time = "2024-08-06T20:31:44.263Z" },
+    { url = "https://files.pythonhosted.org/packages/4d/61/de363a97476e766574650d742205be468921a7b532aa2499fcd886b62530/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b", size = 719280, upload-time = "2024-08-06T20:31:50.199Z" },
+    { url = "https://files.pythonhosted.org/packages/6b/4e/1523cb902fd98355e2e9ea5e5eb237cbc5f3ad5f3075fa65087aa0ecb669/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed", size = 751239, upload-time = "2024-08-06T20:31:52.292Z" },
+    { url = "https://files.pythonhosted.org/packages/b7/33/5504b3a9a4464893c32f118a9cc045190a91637b119a9c881da1cf6b7a72/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180", size = 695802, upload-time = "2024-08-06T20:31:53.836Z" },
+    { url = "https://files.pythonhosted.org/packages/5c/20/8347dcabd41ef3a3cdc4f7b7a2aff3d06598c8779faa189cdbf878b626a4/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68", size = 720527, upload-time = "2024-08-06T20:31:55.565Z" },
+    { url = "https://files.pythonhosted.org/packages/be/aa/5afe99233fb360d0ff37377145a949ae258aaab831bde4792b32650a4378/PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99", size = 144052, upload-time = "2024-08-06T20:31:56.914Z" },
+    { url = "https://files.pythonhosted.org/packages/b5/84/0fa4b06f6d6c958d207620fc60005e241ecedceee58931bb20138e1e5776/PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e", size = 161774, upload-time = "2024-08-06T20:31:58.304Z" },
+    { url = "https://files.pythonhosted.org/packages/f8/aa/7af4e81f7acba21a4c6be026da38fd2b872ca46226673c89a758ebdc4fd2/PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774", size = 184612, upload-time = "2024-08-06T20:32:03.408Z" },
+    { url = "https://files.pythonhosted.org/packages/8b/62/b9faa998fd185f65c1371643678e4d58254add437edb764a08c5a98fb986/PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee", size = 172040, upload-time = "2024-08-06T20:32:04.926Z" },
+    { url = "https://files.pythonhosted.org/packages/ad/0c/c804f5f922a9a6563bab712d8dcc70251e8af811fce4524d57c2c0fd49a4/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c", size = 736829, upload-time = "2024-08-06T20:32:06.459Z" },
+    { url = "https://files.pythonhosted.org/packages/51/16/6af8d6a6b210c8e54f1406a6b9481febf9c64a3109c541567e35a49aa2e7/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317", size = 764167, upload-time = "2024-08-06T20:32:08.338Z" },
+    { url = "https://files.pythonhosted.org/packages/75/e4/2c27590dfc9992f73aabbeb9241ae20220bd9452df27483b6e56d3975cc5/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85", size = 762952, upload-time = "2024-08-06T20:32:14.124Z" },
+    { url = "https://files.pythonhosted.org/packages/9b/97/ecc1abf4a823f5ac61941a9c00fe501b02ac3ab0e373c3857f7d4b83e2b6/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4", size = 735301, upload-time = "2024-08-06T20:32:16.17Z" },
+    { url = "https://files.pythonhosted.org/packages/45/73/0f49dacd6e82c9430e46f4a027baa4ca205e8b0a9dce1397f44edc23559d/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e", size = 756638, upload-time = "2024-08-06T20:32:18.555Z" },
+    { url = "https://files.pythonhosted.org/packages/22/5f/956f0f9fc65223a58fbc14459bf34b4cc48dec52e00535c79b8db361aabd/PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5", size = 143850, upload-time = "2024-08-06T20:32:19.889Z" },
+    { url = "https://files.pythonhosted.org/packages/ed/23/8da0bbe2ab9dcdd11f4f4557ccaf95c10b9811b13ecced089d43ce59c3c8/PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44", size = 161980, upload-time = "2024-08-06T20:32:21.273Z" },
+    { url = "https://files.pythonhosted.org/packages/86/0c/c581167fc46d6d6d7ddcfb8c843a4de25bdd27e4466938109ca68492292c/PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab", size = 183873, upload-time = "2024-08-06T20:32:25.131Z" },
+    { url = "https://files.pythonhosted.org/packages/a8/0c/38374f5bb272c051e2a69281d71cba6fdb983413e6758b84482905e29a5d/PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725", size = 173302, upload-time = "2024-08-06T20:32:26.511Z" },
+    { url = "https://files.pythonhosted.org/packages/c3/93/9916574aa8c00aa06bbac729972eb1071d002b8e158bd0e83a3b9a20a1f7/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5", size = 739154, upload-time = "2024-08-06T20:32:28.363Z" },
+    { url = "https://files.pythonhosted.org/packages/95/0f/b8938f1cbd09739c6da569d172531567dbcc9789e0029aa070856f123984/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425", size = 766223, upload-time = "2024-08-06T20:32:30.058Z" },
+    { url = "https://files.pythonhosted.org/packages/b9/2b/614b4752f2e127db5cc206abc23a8c19678e92b23c3db30fc86ab731d3bd/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476", size = 767542, upload-time = "2024-08-06T20:32:31.881Z" },
+    { url = "https://files.pythonhosted.org/packages/d4/00/dd137d5bcc7efea1836d6264f049359861cf548469d18da90cd8216cf05f/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48", size = 731164, upload-time = "2024-08-06T20:32:37.083Z" },
+    { url = "https://files.pythonhosted.org/packages/c9/1f/4f998c900485e5c0ef43838363ba4a9723ac0ad73a9dc42068b12aaba4e4/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b", size = 756611, upload-time = "2024-08-06T20:32:38.898Z" },
+    { url = "https://files.pythonhosted.org/packages/df/d1/f5a275fdb252768b7a11ec63585bc38d0e87c9e05668a139fea92b80634c/PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4", size = 140591, upload-time = "2024-08-06T20:32:40.241Z" },
+    { url = "https://files.pythonhosted.org/packages/0c/e8/4f648c598b17c3d06e8753d7d13d57542b30d56e6c2dedf9c331ae56312e/PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8", size = 156338, upload-time = "2024-08-06T20:32:41.93Z" },
+    { url = "https://files.pythonhosted.org/packages/ef/e3/3af305b830494fa85d95f6d95ef7fa73f2ee1cc8ef5b495c7c3269fb835f/PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba", size = 181309, upload-time = "2024-08-06T20:32:43.4Z" },
+    { url = "https://files.pythonhosted.org/packages/45/9f/3b1c20a0b7a3200524eb0076cc027a970d320bd3a6592873c85c92a08731/PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1", size = 171679, upload-time = "2024-08-06T20:32:44.801Z" },
+    { url = "https://files.pythonhosted.org/packages/7c/9a/337322f27005c33bcb656c655fa78325b730324c78620e8328ae28b64d0c/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133", size = 733428, upload-time = "2024-08-06T20:32:46.432Z" },
+    { url = "https://files.pythonhosted.org/packages/a3/69/864fbe19e6c18ea3cc196cbe5d392175b4cf3d5d0ac1403ec3f2d237ebb5/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484", size = 763361, upload-time = "2024-08-06T20:32:51.188Z" },
+    { url = "https://files.pythonhosted.org/packages/04/24/b7721e4845c2f162d26f50521b825fb061bc0a5afcf9a386840f23ea19fa/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5", size = 759523, upload-time = "2024-08-06T20:32:53.019Z" },
+    { url = "https://files.pythonhosted.org/packages/2b/b2/e3234f59ba06559c6ff63c4e10baea10e5e7df868092bf9ab40e5b9c56b6/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc", size = 726660, upload-time = "2024-08-06T20:32:54.708Z" },
+    { url = "https://files.pythonhosted.org/packages/fe/0f/25911a9f080464c59fab9027482f822b86bf0608957a5fcc6eaac85aa515/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652", size = 751597, upload-time = "2024-08-06T20:32:56.985Z" },
+    { url = "https://files.pythonhosted.org/packages/14/0d/e2c3b43bbce3cf6bd97c840b46088a3031085179e596d4929729d8d68270/PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183", size = 140527, upload-time = "2024-08-06T20:33:03.001Z" },
+    { url = "https://files.pythonhosted.org/packages/fa/de/02b54f42487e3d3c6efb3f89428677074ca7bf43aae402517bc7cca949f3/PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563", size = 156446, upload-time = "2024-08-06T20:33:04.33Z" },
+]
+
+[[package]]
+name = "regex"
+version = "2025.7.34"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/0b/de/e13fa6dc61d78b30ba47481f99933a3b49a57779d625c392d8036770a60d/regex-2025.7.34.tar.gz", hash = "sha256:9ead9765217afd04a86822dfcd4ed2747dfe426e887da413b15ff0ac2457e21a", size = 400714, upload-time = "2025-07-31T00:21:16.262Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/50/d2/0a44a9d92370e5e105f16669acf801b215107efea9dea4317fe96e9aad67/regex-2025.7.34-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:d856164d25e2b3b07b779bfed813eb4b6b6ce73c2fd818d46f47c1eb5cd79bd6", size = 484591, upload-time = "2025-07-31T00:18:46.675Z" },
+    { url = "https://files.pythonhosted.org/packages/2e/b1/00c4f83aa902f1048495de9f2f33638ce970ce1cf9447b477d272a0e22bb/regex-2025.7.34-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:2d15a9da5fad793e35fb7be74eec450d968e05d2e294f3e0e77ab03fa7234a83", size = 289293, upload-time = "2025-07-31T00:18:53.069Z" },
+    { url = "https://files.pythonhosted.org/packages/f3/b0/5bc5c8ddc418e8be5530b43ae1f7c9303f43aeff5f40185c4287cf6732f2/regex-2025.7.34-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:95b4639c77d414efa93c8de14ce3f7965a94d007e068a94f9d4997bb9bd9c81f", size = 285932, upload-time = "2025-07-31T00:18:54.673Z" },
+    { url = "https://files.pythonhosted.org/packages/46/c7/a1a28d050b23665a5e1eeb4d7f13b83ea86f0bc018da7b8f89f86ff7f094/regex-2025.7.34-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:5d7de1ceed5a5f84f342ba4a9f4ae589524adf9744b2ee61b5da884b5b659834", size = 780361, upload-time = "2025-07-31T00:18:56.13Z" },
+    { url = "https://files.pythonhosted.org/packages/cb/0d/82e7afe7b2c9fe3d488a6ab6145d1d97e55f822dfb9b4569aba2497e3d09/regex-2025.7.34-cp310-cp310-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:02e5860a250cd350c4933cf376c3bc9cb28948e2c96a8bc042aee7b985cfa26f", size = 849176, upload-time = "2025-07-31T00:18:57.483Z" },
+    { url = "https://files.pythonhosted.org/packages/bf/16/3036e16903d8194f1490af457a7e33b06d9e9edd9576b1fe6c7ac660e9ed/regex-2025.7.34-cp310-cp310-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:0a5966220b9a1a88691282b7e4350e9599cf65780ca60d914a798cb791aa1177", size = 897222, upload-time = "2025-07-31T00:18:58.721Z" },
+    { url = "https://files.pythonhosted.org/packages/5a/c2/010e089ae00d31418e7d2c6601760eea1957cde12be719730c7133b8c165/regex-2025.7.34-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:48fb045bbd4aab2418dc1ba2088a5e32de4bfe64e1457b948bb328a8dc2f1c2e", size = 789831, upload-time = "2025-07-31T00:19:00.436Z" },
+    { url = "https://files.pythonhosted.org/packages/dd/86/b312b7bf5c46d21dbd9a3fdc4a80fde56ea93c9c0b89cf401879635e094d/regex-2025.7.34-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:20ff8433fa45e131f7316594efe24d4679c5449c0ca69d91c2f9d21846fdf064", size = 780665, upload-time = "2025-07-31T00:19:01.828Z" },
+    { url = "https://files.pythonhosted.org/packages/40/e5/674b82bfff112c820b09e3c86a423d4a568143ede7f8440fdcbce259e895/regex-2025.7.34-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:c436fd1e95c04c19039668cfb548450a37c13f051e8659f40aed426e36b3765f", size = 773511, upload-time = "2025-07-31T00:19:03.654Z" },
+    { url = "https://files.pythonhosted.org/packages/2d/18/39e7c578eb6cf1454db2b64e4733d7e4f179714867a75d84492ec44fa9b2/regex-2025.7.34-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:0b85241d3cfb9f8a13cefdfbd58a2843f208f2ed2c88181bf84e22e0c7fc066d", size = 843990, upload-time = "2025-07-31T00:19:05.61Z" },
+    { url = "https://files.pythonhosted.org/packages/b6/d9/522a6715aefe2f463dc60c68924abeeb8ab6893f01adf5720359d94ede8c/regex-2025.7.34-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:075641c94126b064c65ab86e7e71fc3d63e7ff1bea1fb794f0773c97cdad3a03", size = 834676, upload-time = "2025-07-31T00:19:07.023Z" },
+    { url = "https://files.pythonhosted.org/packages/59/53/c4d5284cb40543566542e24f1badc9f72af68d01db21e89e36e02292eee0/regex-2025.7.34-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:70645cad3407d103d1dbcb4841839d2946f7d36cf38acbd40120fee1682151e5", size = 778420, upload-time = "2025-07-31T00:19:08.511Z" },
+    { url = "https://files.pythonhosted.org/packages/ea/4a/b779a7707d4a44a7e6ee9d0d98e40b2a4de74d622966080e9c95e25e2d24/regex-2025.7.34-cp310-cp310-win32.whl", hash = "sha256:3b836eb4a95526b263c2a3359308600bd95ce7848ebd3c29af0c37c4f9627cd3", size = 263999, upload-time = "2025-07-31T00:19:10.072Z" },
+    { url = "https://files.pythonhosted.org/packages/ef/6e/33c7583f5427aa039c28bff7f4103c2de5b6aa5b9edc330c61ec576b1960/regex-2025.7.34-cp310-cp310-win_amd64.whl", hash = "sha256:cbfaa401d77334613cf434f723c7e8ba585df162be76474bccc53ae4e5520b3a", size = 276023, upload-time = "2025-07-31T00:19:11.34Z" },
+    { url = "https://files.pythonhosted.org/packages/9f/fc/00b32e0ac14213d76d806d952826402b49fd06d42bfabacdf5d5d016bc47/regex-2025.7.34-cp310-cp310-win_arm64.whl", hash = "sha256:bca11d3c38a47c621769433c47f364b44e8043e0de8e482c5968b20ab90a3986", size = 268357, upload-time = "2025-07-31T00:19:12.729Z" },
+    { url = "https://files.pythonhosted.org/packages/0d/85/f497b91577169472f7c1dc262a5ecc65e39e146fc3a52c571e5daaae4b7d/regex-2025.7.34-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:da304313761b8500b8e175eb2040c4394a875837d5635f6256d6fa0377ad32c8", size = 484594, upload-time = "2025-07-31T00:19:13.927Z" },
+    { url = "https://files.pythonhosted.org/packages/1c/c5/ad2a5c11ce9e6257fcbfd6cd965d07502f6054aaa19d50a3d7fd991ec5d1/regex-2025.7.34-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:35e43ebf5b18cd751ea81455b19acfdec402e82fe0dc6143edfae4c5c4b3909a", size = 289294, upload-time = "2025-07-31T00:19:15.395Z" },
+    { url = "https://files.pythonhosted.org/packages/8e/01/83ffd9641fcf5e018f9b51aa922c3e538ac9439424fda3df540b643ecf4f/regex-2025.7.34-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:96bbae4c616726f4661fe7bcad5952e10d25d3c51ddc388189d8864fbc1b3c68", size = 285933, upload-time = "2025-07-31T00:19:16.704Z" },
+    { url = "https://files.pythonhosted.org/packages/77/20/5edab2e5766f0259bc1da7381b07ce6eb4401b17b2254d02f492cd8a81a8/regex-2025.7.34-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:9feab78a1ffa4f2b1e27b1bcdaad36f48c2fed4870264ce32f52a393db093c78", size = 792335, upload-time = "2025-07-31T00:19:18.561Z" },
+    { url = "https://files.pythonhosted.org/packages/30/bd/744d3ed8777dce8487b2606b94925e207e7c5931d5870f47f5b643a4580a/regex-2025.7.34-cp311-cp311-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:f14b36e6d4d07f1a5060f28ef3b3561c5d95eb0651741474ce4c0a4c56ba8719", size = 858605, upload-time = "2025-07-31T00:19:20.204Z" },
+    { url = "https://files.pythonhosted.org/packages/99/3d/93754176289718d7578c31d151047e7b8acc7a8c20e7706716f23c49e45e/regex-2025.7.34-cp311-cp311-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:85c3a958ef8b3d5079c763477e1f09e89d13ad22198a37e9d7b26b4b17438b33", size = 905780, upload-time = "2025-07-31T00:19:21.876Z" },
+    { url = "https://files.pythonhosted.org/packages/ee/2e/c689f274a92deffa03999a430505ff2aeace408fd681a90eafa92fdd6930/regex-2025.7.34-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:37555e4ae0b93358fa7c2d240a4291d4a4227cc7c607d8f85596cdb08ec0a083", size = 798868, upload-time = "2025-07-31T00:19:23.222Z" },
+    { url = "https://files.pythonhosted.org/packages/0d/9e/39673688805d139b33b4a24851a71b9978d61915c4d72b5ffda324d0668a/regex-2025.7.34-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:ee38926f31f1aa61b0232a3a11b83461f7807661c062df9eb88769d86e6195c3", size = 781784, upload-time = "2025-07-31T00:19:24.59Z" },
+    { url = "https://files.pythonhosted.org/packages/18/bd/4c1cab12cfabe14beaa076523056b8ab0c882a8feaf0a6f48b0a75dab9ed/regex-2025.7.34-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:a664291c31cae9c4a30589bd8bc2ebb56ef880c9c6264cb7643633831e606a4d", size = 852837, upload-time = "2025-07-31T00:19:25.911Z" },
+    { url = "https://files.pythonhosted.org/packages/cb/21/663d983cbb3bba537fc213a579abbd0f263fb28271c514123f3c547ab917/regex-2025.7.34-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:f3e5c1e0925e77ec46ddc736b756a6da50d4df4ee3f69536ffb2373460e2dafd", size = 844240, upload-time = "2025-07-31T00:19:27.688Z" },
+    { url = "https://files.pythonhosted.org/packages/8e/2d/9beeeb913bc5d32faa913cf8c47e968da936af61ec20af5d269d0f84a100/regex-2025.7.34-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:d428fc7731dcbb4e2ffe43aeb8f90775ad155e7db4347a639768bc6cd2df881a", size = 787139, upload-time = "2025-07-31T00:19:29.475Z" },
+    { url = "https://files.pythonhosted.org/packages/eb/f5/9b9384415fdc533551be2ba805dd8c4621873e5df69c958f403bfd3b2b6e/regex-2025.7.34-cp311-cp311-win32.whl", hash = "sha256:e154a7ee7fa18333ad90b20e16ef84daaeac61877c8ef942ec8dfa50dc38b7a1", size = 264019, upload-time = "2025-07-31T00:19:31.129Z" },
+    { url = "https://files.pythonhosted.org/packages/18/9d/e069ed94debcf4cc9626d652a48040b079ce34c7e4fb174f16874958d485/regex-2025.7.34-cp311-cp311-win_amd64.whl", hash = "sha256:24257953d5c1d6d3c129ab03414c07fc1a47833c9165d49b954190b2b7f21a1a", size = 276047, upload-time = "2025-07-31T00:19:32.497Z" },
+    { url = "https://files.pythonhosted.org/packages/fd/cf/3bafbe9d1fd1db77355e7fbbbf0d0cfb34501a8b8e334deca14f94c7b315/regex-2025.7.34-cp311-cp311-win_arm64.whl", hash = "sha256:3157aa512b9e606586900888cd469a444f9b898ecb7f8931996cb715f77477f0", size = 268362, upload-time = "2025-07-31T00:19:34.094Z" },
+    { url = "https://files.pythonhosted.org/packages/ff/f0/31d62596c75a33f979317658e8d261574785c6cd8672c06741ce2e2e2070/regex-2025.7.34-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:7f7211a746aced993bef487de69307a38c5ddd79257d7be83f7b202cb59ddb50", size = 485492, upload-time = "2025-07-31T00:19:35.57Z" },
+    { url = "https://files.pythonhosted.org/packages/d8/16/b818d223f1c9758c3434be89aa1a01aae798e0e0df36c1f143d1963dd1ee/regex-2025.7.34-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:fb31080f2bd0681484b275461b202b5ad182f52c9ec606052020fe13eb13a72f", size = 290000, upload-time = "2025-07-31T00:19:37.175Z" },
+    { url = "https://files.pythonhosted.org/packages/cd/70/69506d53397b4bd6954061bae75677ad34deb7f6ca3ba199660d6f728ff5/regex-2025.7.34-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:0200a5150c4cf61e407038f4b4d5cdad13e86345dac29ff9dab3d75d905cf130", size = 286072, upload-time = "2025-07-31T00:19:38.612Z" },
+    { url = "https://files.pythonhosted.org/packages/b0/73/536a216d5f66084fb577bb0543b5cb7de3272eb70a157f0c3a542f1c2551/regex-2025.7.34-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:739a74970e736df0773788377969c9fea3876c2fc13d0563f98e5503e5185f46", size = 797341, upload-time = "2025-07-31T00:19:40.119Z" },
+    { url = "https://files.pythonhosted.org/packages/26/af/733f8168449e56e8f404bb807ea7189f59507cbea1b67a7bbcd92f8bf844/regex-2025.7.34-cp312-cp312-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:4fef81b2f7ea6a2029161ed6dea9ae13834c28eb5a95b8771828194a026621e4", size = 862556, upload-time = "2025-07-31T00:19:41.556Z" },
+    { url = "https://files.pythonhosted.org/packages/19/dd/59c464d58c06c4f7d87de4ab1f590e430821345a40c5d345d449a636d15f/regex-2025.7.34-cp312-cp312-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:ea74cf81fe61a7e9d77989050d0089a927ab758c29dac4e8e1b6c06fccf3ebf0", size = 910762, upload-time = "2025-07-31T00:19:43Z" },
+    { url = "https://files.pythonhosted.org/packages/37/a8/b05ccf33ceca0815a1e253693b2c86544932ebcc0049c16b0fbdf18b688b/regex-2025.7.34-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:e4636a7f3b65a5f340ed9ddf53585c42e3ff37101d383ed321bfe5660481744b", size = 801892, upload-time = "2025-07-31T00:19:44.645Z" },
+    { url = "https://files.pythonhosted.org/packages/5f/9a/b993cb2e634cc22810afd1652dba0cae156c40d4864285ff486c73cd1996/regex-2025.7.34-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:6cef962d7834437fe8d3da6f9bfc6f93f20f218266dcefec0560ed7765f5fe01", size = 786551, upload-time = "2025-07-31T00:19:46.127Z" },
+    { url = "https://files.pythonhosted.org/packages/2d/79/7849d67910a0de4e26834b5bb816e028e35473f3d7ae563552ea04f58ca2/regex-2025.7.34-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:cbe1698e5b80298dbce8df4d8d1182279fbdaf1044e864cbc9d53c20e4a2be77", size = 856457, upload-time = "2025-07-31T00:19:47.562Z" },
+    { url = "https://files.pythonhosted.org/packages/91/c6/de516bc082524b27e45cb4f54e28bd800c01efb26d15646a65b87b13a91e/regex-2025.7.34-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:32b9f9bcf0f605eb094b08e8da72e44badabb63dde6b83bd530580b488d1c6da", size = 848902, upload-time = "2025-07-31T00:19:49.312Z" },
+    { url = "https://files.pythonhosted.org/packages/7d/22/519ff8ba15f732db099b126f039586bd372da6cd4efb810d5d66a5daeda1/regex-2025.7.34-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:524c868ba527eab4e8744a9287809579f54ae8c62fbf07d62aacd89f6026b282", size = 788038, upload-time = "2025-07-31T00:19:50.794Z" },
+    { url = "https://files.pythonhosted.org/packages/3f/7d/aabb467d8f57d8149895d133c88eb809a1a6a0fe262c1d508eb9dfabb6f9/regex-2025.7.34-cp312-cp312-win32.whl", hash = "sha256:d600e58ee6d036081c89696d2bdd55d507498a7180df2e19945c6642fac59588", size = 264417, upload-time = "2025-07-31T00:19:52.292Z" },
+    { url = "https://files.pythonhosted.org/packages/3b/39/bd922b55a4fc5ad5c13753274e5b536f5b06ec8eb9747675668491c7ab7a/regex-2025.7.34-cp312-cp312-win_amd64.whl", hash = "sha256:9a9ab52a466a9b4b91564437b36417b76033e8778e5af8f36be835d8cb370d62", size = 275387, upload-time = "2025-07-31T00:19:53.593Z" },
+    { url = "https://files.pythonhosted.org/packages/f7/3c/c61d2fdcecb754a40475a3d1ef9a000911d3e3fc75c096acf44b0dfb786a/regex-2025.7.34-cp312-cp312-win_arm64.whl", hash = "sha256:c83aec91af9c6fbf7c743274fd952272403ad9a9db05fe9bfc9df8d12b45f176", size = 268482, upload-time = "2025-07-31T00:19:55.183Z" },
+    { url = "https://files.pythonhosted.org/packages/15/16/b709b2119975035169a25aa8e4940ca177b1a2e25e14f8d996d09130368e/regex-2025.7.34-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:c3c9740a77aeef3f5e3aaab92403946a8d34437db930a0280e7e81ddcada61f5", size = 485334, upload-time = "2025-07-31T00:19:56.58Z" },
+    { url = "https://files.pythonhosted.org/packages/94/a6/c09136046be0595f0331bc58a0e5f89c2d324cf734e0b0ec53cf4b12a636/regex-2025.7.34-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:69ed3bc611540f2ea70a4080f853741ec698be556b1df404599f8724690edbcd", size = 289942, upload-time = "2025-07-31T00:19:57.943Z" },
+    { url = "https://files.pythonhosted.org/packages/36/91/08fc0fd0f40bdfb0e0df4134ee37cfb16e66a1044ac56d36911fd01c69d2/regex-2025.7.34-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:d03c6f9dcd562c56527c42b8530aad93193e0b3254a588be1f2ed378cdfdea1b", size = 285991, upload-time = "2025-07-31T00:19:59.837Z" },
+    { url = "https://files.pythonhosted.org/packages/be/2f/99dc8f6f756606f0c214d14c7b6c17270b6bbe26d5c1f05cde9dbb1c551f/regex-2025.7.34-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:6164b1d99dee1dfad33f301f174d8139d4368a9fb50bf0a3603b2eaf579963ad", size = 797415, upload-time = "2025-07-31T00:20:01.668Z" },
+    { url = "https://files.pythonhosted.org/packages/62/cf/2fcdca1110495458ba4e95c52ce73b361cf1cafd8a53b5c31542cde9a15b/regex-2025.7.34-cp313-cp313-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:1e4f4f62599b8142362f164ce776f19d79bdd21273e86920a7b604a4275b4f59", size = 862487, upload-time = "2025-07-31T00:20:03.142Z" },
+    { url = "https://files.pythonhosted.org/packages/90/38/899105dd27fed394e3fae45607c1983e138273ec167e47882fc401f112b9/regex-2025.7.34-cp313-cp313-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:72a26dcc6a59c057b292f39d41465d8233a10fd69121fa24f8f43ec6294e5415", size = 910717, upload-time = "2025-07-31T00:20:04.727Z" },
+    { url = "https://files.pythonhosted.org/packages/ee/f6/4716198dbd0bcc9c45625ac4c81a435d1c4d8ad662e8576dac06bab35b17/regex-2025.7.34-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:d5273fddf7a3e602695c92716c420c377599ed3c853ea669c1fe26218867002f", size = 801943, upload-time = "2025-07-31T00:20:07.1Z" },
+    { url = "https://files.pythonhosted.org/packages/40/5d/cff8896d27e4e3dd11dd72ac78797c7987eb50fe4debc2c0f2f1682eb06d/regex-2025.7.34-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:c1844be23cd40135b3a5a4dd298e1e0c0cb36757364dd6cdc6025770363e06c1", size = 786664, upload-time = "2025-07-31T00:20:08.818Z" },
+    { url = "https://files.pythonhosted.org/packages/10/29/758bf83cf7b4c34f07ac3423ea03cee3eb3176941641e4ccc05620f6c0b8/regex-2025.7.34-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:dde35e2afbbe2272f8abee3b9fe6772d9b5a07d82607b5788e8508974059925c", size = 856457, upload-time = "2025-07-31T00:20:10.328Z" },
+    { url = "https://files.pythonhosted.org/packages/d7/30/c19d212b619963c5b460bfed0ea69a092c6a43cba52a973d46c27b3e2975/regex-2025.7.34-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:f3f6e8e7af516a7549412ce57613e859c3be27d55341a894aacaa11703a4c31a", size = 849008, upload-time = "2025-07-31T00:20:11.823Z" },
+    { url = "https://files.pythonhosted.org/packages/9e/b8/3c35da3b12c87e3cc00010ef6c3a4ae787cff0bc381aa3d251def219969a/regex-2025.7.34-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:469142fb94a869beb25b5f18ea87646d21def10fbacb0bcb749224f3509476f0", size = 788101, upload-time = "2025-07-31T00:20:13.729Z" },
+    { url = "https://files.pythonhosted.org/packages/47/80/2f46677c0b3c2b723b2c358d19f9346e714113865da0f5f736ca1a883bde/regex-2025.7.34-cp313-cp313-win32.whl", hash = "sha256:da7507d083ee33ccea1310447410c27ca11fb9ef18c95899ca57ff60a7e4d8f1", size = 264401, upload-time = "2025-07-31T00:20:15.233Z" },
+    { url = "https://files.pythonhosted.org/packages/be/fa/917d64dd074682606a003cba33585c28138c77d848ef72fc77cbb1183849/regex-2025.7.34-cp313-cp313-win_amd64.whl", hash = "sha256:9d644de5520441e5f7e2db63aec2748948cc39ed4d7a87fd5db578ea4043d997", size = 275368, upload-time = "2025-07-31T00:20:16.711Z" },
+    { url = "https://files.pythonhosted.org/packages/65/cd/f94383666704170a2154a5df7b16be28f0c27a266bffcd843e58bc84120f/regex-2025.7.34-cp313-cp313-win_arm64.whl", hash = "sha256:7bf1c5503a9f2cbd2f52d7e260acb3131b07b6273c470abb78568174fe6bde3f", size = 268482, upload-time = "2025-07-31T00:20:18.189Z" },
+    { url = "https://files.pythonhosted.org/packages/ac/23/6376f3a23cf2f3c00514b1cdd8c990afb4dfbac3cb4a68b633c6b7e2e307/regex-2025.7.34-cp314-cp314-macosx_10_13_universal2.whl", hash = "sha256:8283afe7042d8270cecf27cca558873168e771183d4d593e3c5fe5f12402212a", size = 485385, upload-time = "2025-07-31T00:20:19.692Z" },
+    { url = "https://files.pythonhosted.org/packages/73/5b/6d4d3a0b4d312adbfd6d5694c8dddcf1396708976dd87e4d00af439d962b/regex-2025.7.34-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:6c053f9647e3421dd2f5dff8172eb7b4eec129df9d1d2f7133a4386319b47435", size = 289788, upload-time = "2025-07-31T00:20:21.941Z" },
+    { url = "https://files.pythonhosted.org/packages/92/71/5862ac9913746e5054d01cb9fb8125b3d0802c0706ef547cae1e7f4428fa/regex-2025.7.34-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:a16dd56bbcb7d10e62861c3cd000290ddff28ea142ffb5eb3470f183628011ac", size = 286136, upload-time = "2025-07-31T00:20:26.146Z" },
+    { url = "https://files.pythonhosted.org/packages/27/df/5b505dc447eb71278eba10d5ec940769ca89c1af70f0468bfbcb98035dc2/regex-2025.7.34-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:69c593ff5a24c0d5c1112b0df9b09eae42b33c014bdca7022d6523b210b69f72", size = 797753, upload-time = "2025-07-31T00:20:27.919Z" },
+    { url = "https://files.pythonhosted.org/packages/86/38/3e3dc953d13998fa047e9a2414b556201dbd7147034fbac129392363253b/regex-2025.7.34-cp314-cp314-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:98d0ce170fcde1a03b5df19c5650db22ab58af375aaa6ff07978a85c9f250f0e", size = 863263, upload-time = "2025-07-31T00:20:29.803Z" },
+    { url = "https://files.pythonhosted.org/packages/68/e5/3ff66b29dde12f5b874dda2d9dec7245c2051f2528d8c2a797901497f140/regex-2025.7.34-cp314-cp314-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:d72765a4bff8c43711d5b0f5b452991a9947853dfa471972169b3cc0ba1d0751", size = 910103, upload-time = "2025-07-31T00:20:31.313Z" },
+    { url = "https://files.pythonhosted.org/packages/9e/fe/14176f2182125977fba3711adea73f472a11f3f9288c1317c59cd16ad5e6/regex-2025.7.34-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:4494f8fd95a77eb434039ad8460e64d57baa0434f1395b7da44015bef650d0e4", size = 801709, upload-time = "2025-07-31T00:20:33.323Z" },
+    { url = "https://files.pythonhosted.org/packages/5a/0d/80d4e66ed24f1ba876a9e8e31b709f9fd22d5c266bf5f3ab3c1afe683d7d/regex-2025.7.34-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:4f42b522259c66e918a0121a12429b2abcf696c6f967fa37bdc7b72e61469f98", size = 786726, upload-time = "2025-07-31T00:20:35.252Z" },
+    { url = "https://files.pythonhosted.org/packages/12/75/c3ebb30e04a56c046f5c85179dc173818551037daae2c0c940c7b19152cb/regex-2025.7.34-cp314-cp314-musllinux_1_2_ppc64le.whl", hash = "sha256:aaef1f056d96a0a5d53ad47d019d5b4c66fe4be2da87016e0d43b7242599ffc7", size = 857306, upload-time = "2025-07-31T00:20:37.12Z" },
+    { url = "https://files.pythonhosted.org/packages/b1/b2/a4dc5d8b14f90924f27f0ac4c4c4f5e195b723be98adecc884f6716614b6/regex-2025.7.34-cp314-cp314-musllinux_1_2_s390x.whl", hash = "sha256:656433e5b7dccc9bc0da6312da8eb897b81f5e560321ec413500e5367fcd5d47", size = 848494, upload-time = "2025-07-31T00:20:38.818Z" },
+    { url = "https://files.pythonhosted.org/packages/0d/21/9ac6e07a4c5e8646a90b56b61f7e9dac11ae0747c857f91d3d2bc7c241d9/regex-2025.7.34-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:e91eb2c62c39705e17b4d42d4b86c4e86c884c0d15d9c5a47d0835f8387add8e", size = 787850, upload-time = "2025-07-31T00:20:40.478Z" },
+    { url = "https://files.pythonhosted.org/packages/be/6c/d51204e28e7bc54f9a03bb799b04730d7e54ff2718862b8d4e09e7110a6a/regex-2025.7.34-cp314-cp314-win32.whl", hash = "sha256:f978ddfb6216028c8f1d6b0f7ef779949498b64117fc35a939022f67f810bdcb", size = 269730, upload-time = "2025-07-31T00:20:42.253Z" },
+    { url = "https://files.pythonhosted.org/packages/74/52/a7e92d02fa1fdef59d113098cb9f02c5d03289a0e9f9e5d4d6acccd10677/regex-2025.7.34-cp314-cp314-win_amd64.whl", hash = "sha256:4b7dc33b9b48fb37ead12ffc7bdb846ac72f99a80373c4da48f64b373a7abeae", size = 278640, upload-time = "2025-07-31T00:20:44.42Z" },
+    { url = "https://files.pythonhosted.org/packages/d1/78/a815529b559b1771080faa90c3ab401730661f99d495ab0071649f139ebd/regex-2025.7.34-cp314-cp314-win_arm64.whl", hash = "sha256:4b8c4d39f451e64809912c82392933d80fe2e4a87eeef8859fcc5380d0173c64", size = 271757, upload-time = "2025-07-31T00:20:46.355Z" },
+]
+
+[[package]]
+name = "six"
+version = "1.17.0"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/94/e7/b2c673351809dca68a0e064b6af791aa332cf192da575fd474ed7d6f16a2/six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81", size = 34031, upload-time = "2024-12-04T17:35:28.174Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", size = 11050, upload-time = "2024-12-04T17:35:26.475Z" },
+]
+
+[[package]]
+name = "tomli"
+version = "2.2.1"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/18/87/302344fed471e44a87289cf4967697d07e532f2421fdaf868a303cbae4ff/tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff", size = 17175, upload-time = "2024-11-27T22:38:36.873Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/43/ca/75707e6efa2b37c77dadb324ae7d9571cb424e61ea73fad7c56c2d14527f/tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249", size = 131077, upload-time = "2024-11-27T22:37:54.956Z" },
+    { url = "https://files.pythonhosted.org/packages/c7/16/51ae563a8615d472fdbffc43a3f3d46588c264ac4f024f63f01283becfbb/tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6", size = 123429, upload-time = "2024-11-27T22:37:56.698Z" },
+    { url = "https://files.pythonhosted.org/packages/f1/dd/4f6cd1e7b160041db83c694abc78e100473c15d54620083dbd5aae7b990e/tomli-2.2.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ece47d672db52ac607a3d9599a9d48dcb2f2f735c6c2d1f34130085bb12b112a", size = 226067, upload-time = "2024-11-27T22:37:57.63Z" },
+    { url = "https://files.pythonhosted.org/packages/a9/6b/c54ede5dc70d648cc6361eaf429304b02f2871a345bbdd51e993d6cdf550/tomli-2.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6972ca9c9cc9f0acaa56a8ca1ff51e7af152a9f87fb64623e31d5c83700080ee", size = 236030, upload-time = "2024-11-27T22:37:59.344Z" },
+    { url = "https://files.pythonhosted.org/packages/1f/47/999514fa49cfaf7a92c805a86c3c43f4215621855d151b61c602abb38091/tomli-2.2.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c954d2250168d28797dd4e3ac5cf812a406cd5a92674ee4c8f123c889786aa8e", size = 240898, upload-time = "2024-11-27T22:38:00.429Z" },
+    { url = "https://files.pythonhosted.org/packages/73/41/0a01279a7ae09ee1573b423318e7934674ce06eb33f50936655071d81a24/tomli-2.2.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:8dd28b3e155b80f4d54beb40a441d366adcfe740969820caf156c019fb5c7ec4", size = 229894, upload-time = "2024-11-27T22:38:02.094Z" },
+    { url = "https://files.pythonhosted.org/packages/55/18/5d8bc5b0a0362311ce4d18830a5d28943667599a60d20118074ea1b01bb7/tomli-2.2.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e59e304978767a54663af13c07b3d1af22ddee3bb2fb0618ca1593e4f593a106", size = 245319, upload-time = "2024-11-27T22:38:03.206Z" },
+    { url = "https://files.pythonhosted.org/packages/92/a3/7ade0576d17f3cdf5ff44d61390d4b3febb8a9fc2b480c75c47ea048c646/tomli-2.2.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:33580bccab0338d00994d7f16f4c4ec25b776af3ffaac1ed74e0b3fc95e885a8", size = 238273, upload-time = "2024-11-27T22:38:04.217Z" },
+    { url = "https://files.pythonhosted.org/packages/72/6f/fa64ef058ac1446a1e51110c375339b3ec6be245af9d14c87c4a6412dd32/tomli-2.2.1-cp311-cp311-win32.whl", hash = "sha256:465af0e0875402f1d226519c9904f37254b3045fc5084697cefb9bdde1ff99ff", size = 98310, upload-time = "2024-11-27T22:38:05.908Z" },
+    { url = "https://files.pythonhosted.org/packages/6a/1c/4a2dcde4a51b81be3530565e92eda625d94dafb46dbeb15069df4caffc34/tomli-2.2.1-cp311-cp311-win_amd64.whl", hash = "sha256:2d0f2fdd22b02c6d81637a3c95f8cd77f995846af7414c5c4b8d0545afa1bc4b", size = 108309, upload-time = "2024-11-27T22:38:06.812Z" },
+    { url = "https://files.pythonhosted.org/packages/52/e1/f8af4c2fcde17500422858155aeb0d7e93477a0d59a98e56cbfe75070fd0/tomli-2.2.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4a8f6e44de52d5e6c657c9fe83b562f5f4256d8ebbfe4ff922c495620a7f6cea", size = 132762, upload-time = "2024-11-27T22:38:07.731Z" },
+    { url = "https://files.pythonhosted.org/packages/03/b8/152c68bb84fc00396b83e7bbddd5ec0bd3dd409db4195e2a9b3e398ad2e3/tomli-2.2.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8d57ca8095a641b8237d5b079147646153d22552f1c637fd3ba7f4b0b29167a8", size = 123453, upload-time = "2024-11-27T22:38:09.384Z" },
+    { url = "https://files.pythonhosted.org/packages/c8/d6/fc9267af9166f79ac528ff7e8c55c8181ded34eb4b0e93daa767b8841573/tomli-2.2.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e340144ad7ae1533cb897d406382b4b6fede8890a03738ff1683af800d54192", size = 233486, upload-time = "2024-11-27T22:38:10.329Z" },
+    { url = "https://files.pythonhosted.org/packages/5c/51/51c3f2884d7bab89af25f678447ea7d297b53b5a3b5730a7cb2ef6069f07/tomli-2.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2b95f9de79181805df90bedc5a5ab4c165e6ec3fe99f970d0e302f384ad222", size = 242349, upload-time = "2024-11-27T22:38:11.443Z" },
+    { url = "https://files.pythonhosted.org/packages/ab/df/bfa89627d13a5cc22402e441e8a931ef2108403db390ff3345c05253935e/tomli-2.2.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:40741994320b232529c802f8bc86da4e1aa9f413db394617b9a256ae0f9a7f77", size = 252159, upload-time = "2024-11-27T22:38:13.099Z" },
+    { url = "https://files.pythonhosted.org/packages/9e/6e/fa2b916dced65763a5168c6ccb91066f7639bdc88b48adda990db10c8c0b/tomli-2.2.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:400e720fe168c0f8521520190686ef8ef033fb19fc493da09779e592861b78c6", size = 237243, upload-time = "2024-11-27T22:38:14.766Z" },
+    { url = "https://files.pythonhosted.org/packages/b4/04/885d3b1f650e1153cbb93a6a9782c58a972b94ea4483ae4ac5cedd5e4a09/tomli-2.2.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:02abe224de6ae62c19f090f68da4e27b10af2b93213d36cf44e6e1c5abd19fdd", size = 259645, upload-time = "2024-11-27T22:38:15.843Z" },
+    { url = "https://files.pythonhosted.org/packages/9c/de/6b432d66e986e501586da298e28ebeefd3edc2c780f3ad73d22566034239/tomli-2.2.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:b82ebccc8c8a36f2094e969560a1b836758481f3dc360ce9a3277c65f374285e", size = 244584, upload-time = "2024-11-27T22:38:17.645Z" },
+    { url = "https://files.pythonhosted.org/packages/1c/9a/47c0449b98e6e7d1be6cbac02f93dd79003234ddc4aaab6ba07a9a7482e2/tomli-2.2.1-cp312-cp312-win32.whl", hash = "sha256:889f80ef92701b9dbb224e49ec87c645ce5df3fa2cc548664eb8a25e03127a98", size = 98875, upload-time = "2024-11-27T22:38:19.159Z" },
+    { url = "https://files.pythonhosted.org/packages/ef/60/9b9638f081c6f1261e2688bd487625cd1e660d0a85bd469e91d8db969734/tomli-2.2.1-cp312-cp312-win_amd64.whl", hash = "sha256:7fc04e92e1d624a4a63c76474610238576942d6b8950a2d7f908a340494e67e4", size = 109418, upload-time = "2024-11-27T22:38:20.064Z" },
+    { url = "https://files.pythonhosted.org/packages/04/90/2ee5f2e0362cb8a0b6499dc44f4d7d48f8fff06d28ba46e6f1eaa61a1388/tomli-2.2.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f4039b9cbc3048b2416cc57ab3bda989a6fcf9b36cf8937f01a6e731b64f80d7", size = 132708, upload-time = "2024-11-27T22:38:21.659Z" },
+    { url = "https://files.pythonhosted.org/packages/c0/ec/46b4108816de6b385141f082ba99e315501ccd0a2ea23db4a100dd3990ea/tomli-2.2.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:286f0ca2ffeeb5b9bd4fcc8d6c330534323ec51b2f52da063b11c502da16f30c", size = 123582, upload-time = "2024-11-27T22:38:22.693Z" },
+    { url = "https://files.pythonhosted.org/packages/a0/bd/b470466d0137b37b68d24556c38a0cc819e8febe392d5b199dcd7f578365/tomli-2.2.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a92ef1a44547e894e2a17d24e7557a5e85a9e1d0048b0b5e7541f76c5032cb13", size = 232543, upload-time = "2024-11-27T22:38:24.367Z" },
+    { url = "https://files.pythonhosted.org/packages/d9/e5/82e80ff3b751373f7cead2815bcbe2d51c895b3c990686741a8e56ec42ab/tomli-2.2.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9316dc65bed1684c9a98ee68759ceaed29d229e985297003e494aa825ebb0281", size = 241691, upload-time = "2024-11-27T22:38:26.081Z" },
+    { url = "https://files.pythonhosted.org/packages/05/7e/2a110bc2713557d6a1bfb06af23dd01e7dde52b6ee7dadc589868f9abfac/tomli-2.2.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e85e99945e688e32d5a35c1ff38ed0b3f41f43fad8df0bdf79f72b2ba7bc5272", size = 251170, upload-time = "2024-11-27T22:38:27.921Z" },
+    { url = "https://files.pythonhosted.org/packages/64/7b/22d713946efe00e0adbcdfd6d1aa119ae03fd0b60ebed51ebb3fa9f5a2e5/tomli-2.2.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:ac065718db92ca818f8d6141b5f66369833d4a80a9d74435a268c52bdfa73140", size = 236530, upload-time = "2024-11-27T22:38:29.591Z" },
+    { url = "https://files.pythonhosted.org/packages/38/31/3a76f67da4b0cf37b742ca76beaf819dca0ebef26d78fc794a576e08accf/tomli-2.2.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:d920f33822747519673ee656a4b6ac33e382eca9d331c87770faa3eef562aeb2", size = 258666, upload-time = "2024-11-27T22:38:30.639Z" },
+    { url = "https://files.pythonhosted.org/packages/07/10/5af1293da642aded87e8a988753945d0cf7e00a9452d3911dd3bb354c9e2/tomli-2.2.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:a198f10c4d1b1375d7687bc25294306e551bf1abfa4eace6650070a5c1ae2744", size = 243954, upload-time = "2024-11-27T22:38:31.702Z" },
+    { url = "https://files.pythonhosted.org/packages/5b/b9/1ed31d167be802da0fc95020d04cd27b7d7065cc6fbefdd2f9186f60d7bd/tomli-2.2.1-cp313-cp313-win32.whl", hash = "sha256:d3f5614314d758649ab2ab3a62d4f2004c825922f9e370b29416484086b264ec", size = 98724, upload-time = "2024-11-27T22:38:32.837Z" },
+    { url = "https://files.pythonhosted.org/packages/c7/32/b0963458706accd9afcfeb867c0f9175a741bf7b19cd424230714d722198/tomli-2.2.1-cp313-cp313-win_amd64.whl", hash = "sha256:a38aa0308e754b0e3c67e344754dff64999ff9b513e691d0e786265c93583c69", size = 109383, upload-time = "2024-11-27T22:38:34.455Z" },
+    { url = "https://files.pythonhosted.org/packages/6e/c2/61d3e0f47e2b74ef40a68b9e6ad5984f6241a942f7cd3bbfbdbd03861ea9/tomli-2.2.1-py3-none-any.whl", hash = "sha256:cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc", size = 14257, upload-time = "2024-11-27T22:38:35.385Z" },
+]
+
+[[package]]
+name = "tqdm"
+version = "4.67.1"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "colorama", marker = "sys_platform == 'win32'" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/a8/4b/29b4ef32e036bb34e4ab51796dd745cdba7ed47ad142a9f4a1eb8e0c744d/tqdm-4.67.1.tar.gz", hash = "sha256:f8aef9c52c08c13a65f30ea34f4e5aac3fd1a34959879d7e59e63027286627f2", size = 169737, upload-time = "2024-11-24T20:12:22.481Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/d0/30/dc54f88dd4a2b5dc8a0279bdd7270e735851848b762aeb1c1184ed1f6b14/tqdm-4.67.1-py3-none-any.whl", hash = "sha256:26445eca388f82e72884e0d580d5464cd801a3ea01e63e5601bdff9ba6a48de2", size = 78540, upload-time = "2024-11-24T20:12:19.698Z" },
+]
+
+[[package]]
+name = "typing-extensions"
+version = "4.14.1"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/98/5a/da40306b885cc8c09109dc2e1abd358d5684b1425678151cdaed4731c822/typing_extensions-4.14.1.tar.gz", hash = "sha256:38b39f4aeeab64884ce9f74c94263ef78f3c22467c8724005483154c26648d36", size = 107673, upload-time = "2025-07-04T13:28:34.16Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/b5/00/d631e67a838026495268c2f6884f3711a15a9a2a96cd244fdaea53b823fb/typing_extensions-4.14.1-py3-none-any.whl", hash = "sha256:d1e1e3b58374dc93031d6eda2420a48ea44a36c2b4766a4fdeb3710755731d76", size = 43906, upload-time = "2025-07-04T13:28:32.743Z" },
+]
+
+[[package]]
+name = "yamllint"
+version = "1.37.1"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "pathspec" },
+    { name = "pyyaml" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/46/f2/cd8b7584a48ee83f0bc94f8a32fea38734cefcdc6f7324c4d3bfc699457b/yamllint-1.37.1.tar.gz", hash = "sha256:81f7c0c5559becc8049470d86046b36e96113637bcbe4753ecef06977c00245d", size = 141613, upload-time = "2025-05-04T08:25:54.355Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/dd/b9/be7a4cfdf47e03785f657f94daea8123e838d817be76c684298305bd789f/yamllint-1.37.1-py3-none-any.whl", hash = "sha256:364f0d79e81409f591e323725e6a9f4504c8699ddf2d7263d8d2b539cd66a583", size = 68813, upload-time = "2025-05-04T08:25:52.552Z" },
+]
diff --git a/web_src/css/actions.css b/web_src/css/actions.css
index 0ab09f537a..c43ebe21a0 100644
--- a/web_src/css/actions.css
+++ b/web_src/css/actions.css
@@ -6,14 +6,6 @@
   overflow-x: auto;
 }
 
-.runner-container .runner-ops > a {
-  margin-left: 0.5em;
-}
-
-.runner-container .runner-ops-delete {
-  color: var(--color-red-light);
-}
-
 .runner-container .runner-new-text {
   color: var(--color-white);
 }
@@ -67,6 +59,7 @@
 
 .run-list-ref {
   display: inline-block !important;
+  max-width: 105px;
 }
 
 @media (max-width: 767.98px) {
diff --git a/web_src/css/admin.css b/web_src/css/admin.css
index e6866b27a6..cda38c6ddd 100644
--- a/web_src/css/admin.css
+++ b/web_src/css/admin.css
@@ -32,7 +32,7 @@
 .admin code,
 .admin pre {
   white-space: pre-wrap;
-  word-wrap: break-word;
+  overflow-wrap: break-word;
 }
 
 .admin .ui.table.segment {
diff --git a/web_src/css/base.css b/web_src/css/base.css
index 47b4f44a66..3b819e91bc 100644
--- a/web_src/css/base.css
+++ b/web_src/css/base.css
@@ -2,7 +2,10 @@
   /* fonts */
   --fonts-proportional: -apple-system, "Segoe UI", system-ui, Roboto, "Helvetica Neue", Arial;
   --fonts-monospace: ui-monospace, SFMono-Regular, "SF Mono", Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace, var(--fonts-emoji);
-  --fonts-emoji: "Apple Color Emoji", "Segoe UI Emoji", "Noto Color Emoji", "Twemoji Mozilla";
+  /* GitHub explicitly sets font names like: "Apple Color Emoji", "Segoe UI Emoji", "Noto Color Emoji", "Twemoji Mozilla";
+  Actually "Twemoji Mozilla" emoji font is widely used by browsers like Firefox, Pale Moon, and it is more likely up-to-dated than the system emoji font.
+  So not setting emoji font seems to be the best choice, here we just use a non-existing dummy font name and let browsers choose. */
+  --fonts-emoji: -emoji-fallback;
   /* font weights - use between 400 and 600 for general purposes. Avoid 700 as it is perceived too bold */
   --font-weight-light: 300;
   --font-weight-normal: 400;
@@ -26,6 +29,16 @@
   --checkbox-size: 15px; /* height and width of checkbox and radio inputs */
   --page-spacing: 16px; /* space between page elements */
   --page-margin-x: 32px; /* minimum space on left and right side of page */
+  --page-space-bottom: 64px; /* space between last page element and footer */
+
+  /* z-index */
+  --z-index-modal: 1001; /* modal dialog, hard-coded from Fomantic modal.css */
+  --z-index-toast: 1002; /* should be larger than modal */
+
+  --font-size-label: 12px; /* font size of individual labels */
+
+  --gap-inline: 0.25rem; /* gap for inline texts and elements, for example: the spaces for sentence with labels, button text, etc */
+  --gap-block: 0.5rem; /* gap for element blocks, for example: spaces between buttons, menu image & title, header icon & title etc */
 }
 
 @media (min-width: 768px) and (max-width: 1200px) {
@@ -172,10 +185,6 @@ details summary {
   cursor: pointer;
 }
 
-details summary > * {
-  display: inline;
-}
-
 progress {
   background: var(--color-secondary-dark-1);
   border-radius: var(--border-radius);
@@ -224,6 +233,7 @@ progress::-moz-progress-bar {
 }
 
 .unselectable,
+.btn,
 .button,
 .lines-num,
 .lines-commit,
@@ -313,6 +323,16 @@ a.label,
   background: var(--color-hover);
 }
 
+.empty-placeholder {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  padding-top: 40px;
+  padding-bottom: 40px;
+  text-align: center;
+  text-wrap: balance;
+}
+
 .inline-code-block {
   padding: 2px 4px;
   border-radius: .24em;
@@ -347,6 +367,7 @@ a.label,
 
 .ui.dropdown .menu > .item {
   color: var(--color-text);
+  line-height: var(--line-height-default);
 }
 
 .ui.dropdown .menu > .item:hover {
@@ -449,15 +470,6 @@ a.label,
   color: var(--color-text-light-2);
 }
 
-.ui.comments .comment .actions a {
-  color: var(--color-text-light);
-}
-
-.ui.comments .comment .actions a.active,
-.ui.comments .comment .actions a:hover {
-  color: var(--color-primary);
-}
-
 img.ui.avatar,
 .ui.avatar img,
 .ui.avatar svg {
@@ -474,7 +486,7 @@ img.ui.avatar,
 
 .full.height {
   flex-grow: 1;
-  padding-bottom: 80px;
+  padding-bottom: var(--page-space-bottom);
 }
 
 .status-page-error {
@@ -646,10 +658,11 @@ img.ui.avatar,
   border: 1px solid;
 }
 
-.ui.floating.dropdown .overflow.menu .scrolling.menu.items {
+.ui.dropdown .menu.context-user-switch .scrolling.menu {
   border-radius: 0 !important;
   box-shadow: none !important;
   border-bottom: 1px solid var(--color-secondary);
+  max-width: 80vw;
 }
 
 .user-menu > .item {
@@ -745,6 +758,14 @@ overflow-menu .overflow-menu-button {
   padding: 0;
 }
 
+/* match the styles of ".ui.secondary.pointing.menu .active.item" */
+overflow-menu.ui.secondary.pointing.menu .overflow-menu-button.active {
+  padding: 2px 0 0;
+  border-bottom: 2px solid currentcolor;
+  background-color: transparent;
+  font-weight: var(--font-weight-medium);
+}
+
 overflow-menu .overflow-menu-button:hover {
   color: var(--color-text-dark);
 }
@@ -800,10 +821,6 @@ overflow-menu .ui.label {
   display: block;
 }
 
-.code-view .lines-num span::after {
-  cursor: pointer;
-}
-
 .lines-type-marker {
   vertical-align: top;
   white-space: nowrap;
@@ -840,43 +857,16 @@ overflow-menu .ui.label {
 .lines-escape {
   width: 0;
   white-space: nowrap;
+  padding: 0;
 }
 
 .lines-code {
   padding-left: 5px;
 }
 
-.file-view tr.active {
-  color: inherit !important;
-  background: inherit !important;
-}
-
-.file-view tr.active .lines-num,
-.file-view tr.active .lines-code {
-  background: var(--color-highlight-bg) !important;
-}
-
-.file-view tr.active:last-of-type .lines-code {
-  border-bottom-right-radius: var(--border-radius);
-}
-
-.file-view tr.active .lines-num {
-  position: relative;
-}
-
-.file-view tr.active .lines-num::before {
-  content: "";
-  position: absolute;
-  left: 0;
-  width: 2px;
-  height: 100%;
-  background: var(--color-highlight-fg);
-}
-
 .code-inner {
   font: 12px var(--fonts-monospace);
   white-space: pre-wrap;
-  word-break: break-all;
   overflow-wrap: anywhere;
   line-height: inherit; /* needed for inline code preview in markup */
 }
@@ -924,12 +914,12 @@ overflow-menu .ui.label {
   margin-right: 4px;
 }
 
-.top-line-blame {
+tr.top-line-blame {
   border-top: 1px solid var(--color-secondary);
 }
 
-.code-view tr.top-line-blame:first-of-type {
-  border-top: none;
+tr.top-line-blame:first-of-type {
+  border-top: none; /* merge code lines belonging to the same commit into one block */
 }
 
 .lines-code .bottom-line,
@@ -937,15 +927,6 @@ overflow-menu .ui.label {
   border-bottom: 1px solid var(--color-secondary);
 }
 
-.code-view {
-  background: var(--color-code-bg);
-  border-radius: var(--border-radius);
-}
-
-.code-view table {
-  width: 100%;
-}
-
 .migrate .svg.gitea-git {
   color: var(--color-git);
 }
@@ -989,14 +970,7 @@ table th[data-sortt-desc] .svg {
   box-shadow: 0 0 0 1px var(--color-secondary) inset;
 }
 
-.emoji {
-  font-size: 1.25em;
-  line-height: var(--line-height-default);
-  font-style: normal !important;
-  font-weight: var(--font-weight-normal) !important;
-  vertical-align: -0.075em;
-}
-
+/* for "image" emojis like ":git:"  ":gitea:" and ":github:" (see CUSTOM_EMOJIS config option) */
 .emoji img {
   border-width: 0 !important;
   margin: 0 !important;
@@ -1035,39 +1009,13 @@ table th[data-sortt-desc] .svg {
   text-align: left;
 }
 
-.truncated-item-container {
-  display: flex !important;
-  align-items: center;
-}
-
-.ellipsis-button {
-  padding: 0 5px 8px !important;
-  display: inline-block !important;
-  font-weight: var(--font-weight-semibold) !important;
-  line-height: 6px !important;
-  vertical-align: middle !important;
-}
-
-.truncated-item-name {
-  line-height: 2;
-  white-space: nowrap;
-  overflow: hidden;
-  text-overflow: ellipsis;
-  margin-top: -0.5em;
-  margin-bottom: -0.5em;
-}
-
-.precolors {
-  display: flex;
-  flex-direction: column;
-  justify-content: center;
-  margin-left: 1em;
-}
-
-.precolors .color {
+.ui.button.ellipsis-button {
+  padding: 0 5px 8px;
   display: inline-block;
-  width: 15px;
-  height: 15px;
+  font-weight: var(--font-weight-semibold);
+  line-height: 8px;
+  vertical-align: middle;
+  min-height: 0;
 }
 
 .ui.dropdown:not(.button) {
@@ -1121,10 +1069,12 @@ table th[data-sortt-desc] .svg {
 .btn,
 .ui.ui.button,
 .ui.ui.dropdown,
-.flex-text-inline {
+.flex-text-inline,
+.flex-text-inline > a,
+.flex-text-inline > span {
   display: inline-flex;
   align-items: center;
-  gap: .25rem;
+  gap: var(--gap-inline);
   vertical-align: middle;
   min-width: 0; /* make ellipsis work */
 }
@@ -1147,20 +1097,27 @@ table th[data-sortt-desc] .svg {
 }
 
 .ui.list.flex-items-block > .item,
+.ui.form .field > label.flex-text-block, /* override fomantic "block" style */
 .flex-items-block > .item,
 .flex-text-block {
   display: flex;
   align-items: center;
-  gap: .5rem;
+  gap: var(--gap-block);
   min-width: 0;
 }
 
+.ui.dropdown > .ui.button,
+.flex-text-block > .ui.button,
+.flex-text-inline > .ui.button {
+  margin: 0; /* fomantic buttons have default margin, when we use them in a flex container with gap, we do not need these margins */
+}
+
 /* to override Fomantic's default display: block for ".menu .item", and use a slightly larger gap for menu item content
 the "!important" is necessary to override Fomantic UI menu item styles, meanwhile we should keep the "hidden" items still hidden */
 .ui.dropdown .menu.flex-items-menu > .item:not(.hidden, .filtered, .tw-hidden) {
   display: flex !important;
   align-items: center;
-  gap: .5rem;
+  gap: var(--gap-block);
   min-width: 0;
 }
 .ui.dropdown .menu.flex-items-menu > .item img,
@@ -1168,25 +1125,33 @@ the "!important" is necessary to override Fomantic UI menu item styles, meanwhil
   margin: 0; /* use gap, but not margin */
 }
 
-.ui.dropdown.ellipsis-items-nowrap > .text {
+.ui.dropdown.ellipsis-text-items {
+  /* reset y padding and use the line-height below instead, to avoid the "overflow: hidden" clips the larger image in the "text" element */
+  padding-top: 0;
+  padding-bottom: 0;
+}
+
+.ui.dropdown.ellipsis-text-items > .text {
   overflow: hidden;
   white-space: nowrap;
   text-overflow: ellipsis;
+  line-height: 2.71; /* matches fomantic dropdown's default min-height */
 }
 
-.ellipsis-items-nowrap > .item,
-.ui.dropdown.ellipsis-items-nowrap .menu > .item {
+.ui.dropdown.ellipsis-text-items .menu > .item {
   white-space: nowrap !important;
   overflow: hidden !important;
   text-overflow: ellipsis !important;
 }
 
-.ui.dropdown.text-flex-grow {
-  display: flex;
+.svg.octicon-file-directory-fill,
+.svg.octicon-file-directory-open-fill,
+.svg.octicon-file-submodule {
+  color: var(--color-primary);
 }
 
-.ui.dropdown.text-flex-grow > .text {
-  display: flex;
-  flex-grow: 1;
-  justify-content: space-between;
+.svg.octicon-file,
+.svg.octicon-file-symlink-file,
+.svg.octicon-file-directory-symlink {
+  color: var(--color-secondary-dark-7);
 }
diff --git a/web_src/css/editor/combomarkdowneditor.css b/web_src/css/editor/combomarkdowneditor.css
index 835286b795..046010c6c8 100644
--- a/web_src/css/editor/combomarkdowneditor.css
+++ b/web_src/css/editor/combomarkdowneditor.css
@@ -100,67 +100,3 @@
   border-bottom: 1px solid var(--color-secondary);
   padding-bottom: 1rem;
 }
-
-text-expander {
-  display: block;
-  position: relative;
-}
-
-text-expander .suggestions {
-  position: absolute;
-  min-width: 180px;
-  padding: 0;
-  margin-top: 24px;
-  list-style: none;
-  background: var(--color-box-body);
-  border-radius: var(--border-radius);
-  border: 1px solid var(--color-secondary);
-  box-shadow: 0 .5rem 1rem var(--color-shadow);
-  z-index: 100; /* needs to be > 20 to be on top of dropzone's .dz-details */
-}
-
-text-expander .suggestions li {
-  display: flex;
-  align-items: center;
-  cursor: pointer;
-  padding: 4px 8px;
-  font-weight: var(--font-weight-medium);
-}
-
-text-expander .suggestions li + li {
-  border-top: 1px solid var(--color-secondary-alpha-40);
-}
-
-text-expander .suggestions li:first-child {
-  border-radius: var(--border-radius) var(--border-radius) 0 0;
-}
-
-text-expander .suggestions li:last-child {
-  border-radius: 0 0 var(--border-radius) var(--border-radius);
-}
-
-text-expander .suggestions li:only-child {
-  border-radius: var(--border-radius);
-}
-
-text-expander .suggestions li:hover {
-  background: var(--color-hover);
-}
-
-text-expander .suggestions .fullname {
-  font-weight: var(--font-weight-normal);
-  margin-left: 4px;
-  color: var(--color-text-light-1);
-}
-
-text-expander .suggestions li[aria-selected="true"],
-text-expander .suggestions li[aria-selected="true"] span {
-  background: var(--color-primary);
-  color: var(--color-primary-contrast);
-}
-
-text-expander .suggestions img {
-  width: 24px;
-  height: 24px;
-  margin-right: 8px;
-}
diff --git a/web_src/css/features/colorpicker.css b/web_src/css/features/colorpicker.css
index b7436783df..4c517e6348 100644
--- a/web_src/css/features/colorpicker.css
+++ b/web_src/css/features/colorpicker.css
@@ -1,15 +1,13 @@
-.js-color-picker-input {
+.color-picker-combo {
   display: flex;
-  position: relative;
+  position: relative; /* to position the preview square */
 }
 
-.js-color-picker-input input {
-  padding-top: 8px !important;
-  padding-bottom: 8px !important;
+.color-picker-combo input {
   padding-left: 32px !important;
 }
 
-.js-color-picker-input .preview-square {
+.color-picker-combo .preview-square {
   position: absolute;
   aspect-ratio: 1;
   height: 16px;
@@ -22,7 +20,7 @@
   background-size: 8px 8px;
 }
 
-.js-color-picker-input .preview-square::after {
+.color-picker-combo .preview-square::after {
   content: "";
   position: absolute;
   width: 100%;
@@ -31,6 +29,26 @@
   background-color: currentcolor;
 }
 
+.color-picker-combo .precolors {
+  display: flex;
+  margin-left: 1em;
+  align-items: center;
+  gap: 0.125em;
+}
+
+.color-picker-combo .precolors .generate-random-color {
+  padding: 0;
+  width: 30px;
+  height: 30px;
+  min-height: 0;
+}
+
+.color-picker-combo .precolors .color {
+  display: inline-block;
+  width: 15px;
+  height: 15px;
+}
+
 hex-color-picker {
   width: 180px;
   height: 120px;
diff --git a/web_src/css/features/expander.css b/web_src/css/features/expander.css
new file mode 100644
index 0000000000..f560b2a9fd
--- /dev/null
+++ b/web_src/css/features/expander.css
@@ -0,0 +1,96 @@
+text-expander .suggestions,
+.tribute-container {
+  position: absolute;
+  max-height: min(300px, 95vh);
+  max-width: min(500px, 95vw);
+  overflow-x: hidden;
+  overflow-y: auto;
+  white-space: nowrap;
+  background: var(--color-menu);
+  box-shadow: 0 6px 18px var(--color-shadow);
+  border-radius: var(--border-radius);
+  border: 1px solid var(--color-secondary);
+  z-index: 100; /* needs to be > 20 to be on top of dropzone's .dz-details */
+}
+
+text-expander {
+  display: block;
+  position: relative;
+}
+
+text-expander .suggestions {
+  padding: 0;
+  margin-top: 24px;
+  list-style: none;
+}
+
+text-expander .suggestions li,
+.tribute-item {
+  display: flex;
+  align-items: center;
+  cursor: pointer;
+  gap: 6px;
+  font-weight: var(--font-weight-medium);
+}
+
+text-expander .suggestions li,
+.tribute-container li {
+  padding: 3px 6px;
+}
+
+text-expander .suggestions li + li,
+.tribute-container li + li {
+  border-top: 1px solid var(--color-secondary);
+}
+
+text-expander .suggestions li:first-child {
+  border-radius: var(--border-radius) var(--border-radius) 0 0;
+}
+
+text-expander .suggestions li:last-child {
+  border-radius: 0 0 var(--border-radius) var(--border-radius);
+}
+
+text-expander .suggestions li:only-child {
+  border-radius: var(--border-radius);
+}
+
+text-expander .suggestions .fullname,
+.tribute-container li .fullname {
+  font-weight: var(--font-weight-normal);
+  color: var(--color-text-light-1);
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
+
+text-expander .suggestions li:hover,
+text-expander .suggestions li:hover *,
+text-expander .suggestions li[aria-selected="true"],
+text-expander .suggestions li[aria-selected="true"] *,
+.tribute-container li.highlight,
+.tribute-container li.highlight * {
+  background: var(--color-primary);
+  color: var(--color-primary-contrast);
+}
+
+text-expander .suggestions img,
+.tribute-item img {
+  width: 21px;
+  height: 21px;
+  object-fit: contain;
+  aspect-ratio: 1;
+}
+
+.tribute-container {
+  display: block;
+}
+
+.tribute-container ul {
+  margin: 0;
+  padding: 0;
+  list-style: none;
+}
+
+.tribute-container li.no-match {
+  cursor: default;
+}
diff --git a/web_src/css/features/gitgraph.css b/web_src/css/features/gitgraph.css
index 1ed541a695..8bdafc3c99 100644
--- a/web_src/css/features/gitgraph.css
+++ b/web_src/css/features/gitgraph.css
@@ -10,14 +10,6 @@
   align-items: center;
 }
 
-#git-graph-container .color-buttons {
-  margin-right: 0;
-}
-
-#git-graph-container .ui.header.dividing {
-  padding-bottom: 10px;
-}
-
 #git-graph-container #flow-select-refs-dropdown {
   border-top-right-radius: 0;
   border-bottom-right-radius: 0;
@@ -31,25 +23,6 @@
   align-items: center;
 }
 
-#git-graph-container #flow-select-refs-dropdown .ui.label .truncate {
-  display: inline-block;
-  max-width: 140px;
-  overflow: hidden;
-  text-overflow: ellipsis;
-  vertical-align: top;
-  white-space: nowrap;
-}
-
-#git-graph-container #flow-select-refs-dropdown .default.text {
-  padding-top: 4px;
-  padding-bottom: 4px;
-}
-
-#git-graph-container #flow-select-refs-dropdown input.search {
-  position: relative;
-  top: 1px;
-}
-
 #git-graph-container li {
   list-style-type: none;
   height: 24px;
@@ -57,16 +30,20 @@
   white-space: nowrap;
   display: flex;
   align-items: center;
-  gap: 0.25em;
+  gap: 0.5em;
 }
 
-#git-graph-container li .ui.label.commit-id-short {
-  padding-top: 2px;
-  padding-bottom: 2px;
+#git-graph-container li > span {
+  flex-shrink: 0;
 }
 
-#git-graph-container li .node-relation {
-  font-family: var(--fonts-monospace);
+#git-graph-container li > span.message {
+  flex-shrink: 1;
+}
+
+#git-graph-container li .ui.label.commit-id-short {
+  padding: 2px 4px;
+  height: 20px;
 }
 
 #git-graph-container li .author {
@@ -78,17 +55,6 @@
   font-size: 80%;
 }
 
-#git-graph-container li a:not(.ui):hover {
-  text-decoration: underline;
-}
-
-#git-graph-container li a em {
-  color: var(--color-red);
-  border-bottom: 1px dotted var(--color-secondary);
-  text-decoration: none;
-  font-style: normal;
-}
-
 #git-graph-container #rel-container {
   max-width: 30%;
   overflow-x: auto;
@@ -105,21 +71,16 @@
   width: 100%;
 }
 
-#git-graph-container #rev-list li.highlight.hover {
-  background-color: var(--color-secondary-alpha-30);
-}
-
-#git-graph-container #rev-list .commit-refs .button {
+#git-graph-container li .commit-refs .ui.button,
+#git-graph-container li .commit-refs .ui.label.tag-label {
   padding: 2px 4px;
   margin-right: 0.25em;
   display: inline-block;
   max-width: 200px;
   overflow: hidden;
   text-overflow: ellipsis;
-}
-
-#git-graph-container #graph-raw-list {
-  margin: 0;
+  line-height: var(--line-height-default);
+  min-height: 0;
 }
 
 #git-graph-container.monochrome #rel-container .flow-group {
@@ -127,11 +88,6 @@
   fill: var(--color-secondary-dark-5);
 }
 
-#git-graph-container.monochrome #rel-container .flow-group.highlight {
-  stroke: var(--color-secondary-dark-12);
-  fill: var(--color-secondary-dark-12);
-}
-
 #git-graph-container:not(.monochrome) #rel-container .flow-group.flow-color-16-1 {
   stroke: #499a37;
   fill: #499a37;
diff --git a/web_src/css/features/projects.css b/web_src/css/features/projects.css
index 8763d3684e..25cb530f85 100644
--- a/web_src/css/features/projects.css
+++ b/web_src/css/features/projects.css
@@ -1,43 +1,35 @@
-.board {
+#project-board {
   display: flex;
+  align-items: stretch;
   flex-direction: row;
   flex-wrap: nowrap;
-  overflow-x: auto;
-  overflow-y: clip;
-  align-items: stretch;
+  overflow: auto;
   margin: 0 0.5em;
+  min-height: max(calc(100vh - 400px), 300px);
+  max-height: calc(100vh - 120px);
 }
 
-.project-toolbar-right .filter.menu {
-  flex-direction: row;
+.project-header {
+  padding: 0.5em 0;
   flex-wrap: wrap;
 }
 
-@media (max-width: 767.98px) {
-  .project-toolbar-right .dropdown .menu {
-    left: auto !important;
-    right: auto !important;
-  }
+.project-header h2 {
+  white-space: nowrap;
+  margin: 0;
 }
 
 .project-column {
-  background-color: var(--color-project-column-bg) !important;
-  border: 1px solid var(--color-secondary) !important;
-  border-radius: var(--border-radius);
-  margin: 0 0.5rem !important;
-  padding: 0.5rem !important;
-  width: 320px;
-  height: initial;
-  min-height: max(calc(100vh - 400px), 300px);
   flex: 0 0 auto;
-  overflow: visible;
   display: flex;
   flex-direction: column;
-  cursor: default;
-}
-
-.project-column .issue-card {
-  color: var(--color-text);
+  background-color: var(--color-project-column-bg);
+  border: 1px solid var(--color-secondary);
+  border-radius: var(--border-radius);
+  margin: 0 0.5rem;
+  padding: 0.5rem;
+  width: 320px;
+  overflow: visible;
 }
 
 .project-column-header {
@@ -51,16 +43,15 @@
   color: inherit;
 }
 
-.project-column > .cards {
+.project-column > .ui.cards {
   flex: 1;
   display: flex;
-  align-content: baseline;
-  margin: 0 !important;
-  padding: 0 !important;
-  flex-wrap: nowrap !important;
+  flex-wrap: nowrap;
   flex-direction: column;
-  overflow-x: clip;
+  overflow: clip auto;
   gap: .25rem;
+  margin: 0;
+  padding: 0;
 }
 
 .project-column > .divider {
@@ -80,7 +71,7 @@
 .card-attachment-images {
   display: inline-block;
   white-space: nowrap;
-  overflow: scroll;
+  overflow: auto;
   cursor: default;
   scroll-snap-type: x mandatory;
   text-align: center;
@@ -94,6 +85,7 @@
   scroll-snap-align: center;
   margin-right: 2px;
   aspect-ratio: 1;
+  object-fit: contain;
 }
 
 .card-attachment-images img:only-child {
@@ -110,3 +102,21 @@
 .card-ghost * {
   opacity: 0;
 }
+
+.fullscreen.projects-view {
+  position: absolute;
+  inset: 0;
+  display: flex;
+  flex-direction: column;
+}
+
+/* Hide project-description in full-screen due to its variable height. No need to show it for better space use. */
+.fullscreen.projects-view .project-description {
+  display: none;
+}
+
+.fullscreen.projects-view #project-board {
+  flex: 1;
+  max-height: unset;
+  padding-bottom: 0.5em;
+}
diff --git a/web_src/css/features/tribute.css b/web_src/css/features/tribute.css
deleted file mode 100644
index 99a026b9bc..0000000000
--- a/web_src/css/features/tribute.css
+++ /dev/null
@@ -1,32 +0,0 @@
-@import "tributejs/dist/tribute.css";
-
-.tribute-container {
-  box-shadow: 0 0.25rem 0.5rem rgba(0, 0, 0, 0.25);
-  border-radius: var(--border-radius);
-}
-
-.tribute-container ul {
-  margin-top: 0 !important;
-  background: var(--color-body) !important;
-}
-
-.tribute-container li {
-  padding: 3px 0.5rem !important;
-}
-
-.tribute-container li span.fullname {
-  font-weight: var(--font-weight-normal);
-  font-size: 0.8rem;
-}
-
-.tribute-container li.highlight,
-.tribute-container li:hover {
-  background: var(--color-primary) !important;
-  color: var(--color-primary-contrast) !important;
-}
-
-.tribute-item {
-  display: flex;
-  align-items: center;
-  gap: 6px;
-}
diff --git a/web_src/css/form.css b/web_src/css/form.css
index cf8fe96bea..c51eba1bc9 100644
--- a/web_src/css/form.css
+++ b/web_src/css/form.css
@@ -220,6 +220,7 @@ textarea:focus,
   color: var(--color-secondary-dark-5);
   padding-bottom: 0.6em;
   display: inline-block;
+  text-wrap: balance;
 }
 
 .m-captcha-style {
diff --git a/web_src/css/home.css b/web_src/css/home.css
index 77d2ecf92b..195d1f5d96 100644
--- a/web_src/css/home.css
+++ b/web_src/css/home.css
@@ -21,7 +21,7 @@
 }
 
 .home .hero .svg {
-  color: var(--color-green);
+  color: var(--color-logo);
   height: 40px;
   width: 50px;
   vertical-align: bottom;
@@ -40,7 +40,7 @@
 }
 
 .home a {
-  color: var(--color-green);
+  color: var(--color-logo);
 }
 
 .page-footer {
diff --git a/web_src/css/index.css b/web_src/css/index.css
index 84795d6d27..291cd04b2b 100644
--- a/web_src/css/index.css
+++ b/web_src/css/index.css
@@ -39,7 +39,7 @@
 @import "./features/imagediff.css";
 @import "./features/codeeditor.css";
 @import "./features/projects.css";
-@import "./features/tribute.css";
+@import "./features/expander.css";
 @import "./features/cropper.css";
 @import "./features/console.css";
 
@@ -62,7 +62,7 @@
 @import "./repo/issue-label.css";
 @import "./repo/issue-list.css";
 @import "./repo/list-header.css";
-@import "./repo/linebutton.css";
+@import "./repo/file-view.css";
 @import "./repo/wiki.css";
 @import "./repo/header.css";
 @import "./repo/home.css";
@@ -70,6 +70,7 @@
 @import "./repo/reactions.css";
 @import "./repo/clone.css";
 @import "./repo/commit-sign.css";
+@import "./repo/packages.css";
 
 @import "./editor/fileeditor.css";
 @import "./editor/combomarkdowneditor.css";
diff --git a/web_src/css/markup/codecopy.css b/web_src/css/markup/codecopy.css
index e3017ae962..5a7b9955e7 100644
--- a/web_src/css/markup/codecopy.css
+++ b/web_src/css/markup/codecopy.css
@@ -1,8 +1,3 @@
-.markup .code-block,
-.markup .mermaid-block {
-  position: relative;
-}
-
 .markup .code-copy {
   position: absolute;
   top: 8px;
@@ -28,8 +23,8 @@
   background: var(--color-secondary-dark-1) !important;
 }
 
-.markup .code-block:hover .code-copy,
-.markup .mermaid-block:hover .code-copy {
+.markup .code-block-container:hover .code-copy,
+.markup .code-block:hover .code-copy {
   visibility: visible;
   animation: fadein 0.2s both;
 }
diff --git a/web_src/css/markup/content.css b/web_src/css/markup/content.css
index 865ac0536a..c6a89edf25 100644
--- a/web_src/css/markup/content.css
+++ b/web_src/css/markup/content.css
@@ -5,10 +5,6 @@
   overflow-wrap: break-word;
 }
 
-.conversation-holder .markup {
-  overflow-wrap: anywhere; /* prevent overflow in code comments. TODO: properly restrict .conversation-holder width and remove this */
-}
-
 .markup > *:first-child {
   margin-top: 0 !important;
 }
@@ -138,6 +134,13 @@
   margin-bottom: 16px;
 }
 
+/* override p:last-child from base.css.
+Fomantic assumes that <p>/<hX> elements only have margins between elements, but not for the first's top or last's bottom.
+In markup content, we always use bottom margin for all elements */
+.markup p:last-child {
+  margin-bottom: 16px;
+}
+
 .markup hr {
   height: 4px;
   padding: 0;
@@ -313,10 +316,18 @@
   box-sizing: initial;
 }
 
+.file-view.markup {
+  padding: 1em 2em;
+}
+
+.file-view.markup:has(.file-not-rendered-prompt) {
+  padding: 0; /* let the file-not-rendered-prompt layout itself */
+}
+
 /* this background ensures images can break <hr>. We can only do this on
    cases where the background is known and not transparent. */
-.markup.file-view img,
-.markup.file-view video,
+.file-view.markup img,
+.file-view.markup video,
 .comment-body .markup img, /* regular comment */
 .comment-body .markup video,
 .comment-content .markup img, /* code comment */
@@ -336,11 +347,6 @@
   padding-right: 28px;
 }
 
-.markup .emoji {
-  max-width: none;
-  vertical-align: text-top;
-}
-
 .markup span.frame {
   display: block;
   overflow: hidden;
@@ -452,14 +458,25 @@
 }
 
 .markup pre > code {
-  padding: 0;
-  margin: 0;
   font-size: 100%;
+}
+
+.markup .code-block,
+.markup .code-block-container {
+  position: relative;
+}
+
+.markup .code-block-container.code-overflow-wrap pre > code {
   white-space: pre-wrap;
-  word-break: break-all;
-  overflow-wrap: break-word;
-  background: transparent;
-  border: 0;
+}
+
+.markup .code-block-container.code-overflow-scroll pre {
+  overflow-x: auto;
+}
+
+.markup .code-block-container.code-overflow-scroll pre > code {
+  white-space: pre;
+  overflow-wrap: normal;
 }
 
 .markup .highlight {
@@ -480,16 +497,11 @@
   word-break: normal;
 }
 
-.markup pre {
-  word-wrap: normal;
-}
-
 .markup pre code,
 .markup pre tt {
   display: inline;
   padding: 0;
   line-height: inherit;
-  word-wrap: normal;
   background-color: transparent;
   border: 0;
 }
@@ -520,18 +532,16 @@
   padding-left: 2em;
 }
 
-.file-revisions-btn {
-  display: block;
-  float: left;
-  margin-bottom: 2px !important;
-  padding: 11px !important;
-  margin-right: 10px !important;
+.markup details.frontmatter-content summary {
+  text-overflow: ellipsis;
+  overflow: hidden;
+  white-space: nowrap;
+  margin-bottom: 0.25em;
 }
 
-.file-revisions-btn i {
-  -webkit-touch-callout: none;
-  -webkit-user-select: none;
-  user-select: none;
+.markup details.frontmatter-content svg {
+  vertical-align: middle;
+  margin: 0 0.25em;
 }
 
 .markup-content-iframe {
diff --git a/web_src/css/modules/animations.css b/web_src/css/modules/animations.css
index 481e997d4f..deaaf83680 100644
--- a/web_src/css/modules/animations.css
+++ b/web_src/css/modules/animations.css
@@ -52,8 +52,7 @@ form.single-button-form.is-loading .button {
 }
 
 .markup pre.is-loading,
-.editor-loading.is-loading,
-.pdf-content.is-loading {
+.editor-loading.is-loading {
   height: var(--height-loading);
 }
 
@@ -116,3 +115,15 @@ code.language-math.is-loading::after {
   animation-duration: 100ms;
   animation-timing-function: ease-in-out;
 }
+
+/* FIXME: `octicon-sync` is counterclockwise, so this animation is also counterclockwise, it looks somewhat strange.
+Ideally in the future we should use a better image for clockwise animation. */
+.circular-spin {
+  animation: circular-spin-keyframes 1s linear infinite;
+}
+
+@keyframes circular-spin-keyframes {
+  100% {
+    transform: rotate(-360deg);
+  }
+}
diff --git a/web_src/css/modules/breadcrumb.css b/web_src/css/modules/breadcrumb.css
index ca488c2150..77e31ef627 100644
--- a/web_src/css/modules/breadcrumb.css
+++ b/web_src/css/modules/breadcrumb.css
@@ -1,14 +1,10 @@
 .breadcrumb {
   display: flex;
-  flex-wrap: wrap;
   align-items: center;
   gap: 3px;
+  overflow-wrap: anywhere;
 }
 
 .breadcrumb .breadcrumb-divider {
   color: var(--color-text-light-2);
 }
-
-.breadcrumb > * {
-  display: inline;
-}
diff --git a/web_src/css/modules/button.css b/web_src/css/modules/button.css
index c4addd05f0..8e3309474b 100644
--- a/web_src/css/modules/button.css
+++ b/web_src/css/modules/button.css
@@ -1,20 +1,15 @@
-/* based on Fomantic UI checkbox module, with just the parts extracted that we use. If you find any
-   unused rules here after refactoring, please remove them. */
-
 .ui.button {
   cursor: pointer;
-  display: inline-block;
-  min-height: 1em;
+  display: inline-flex;
   outline: none;
-  vertical-align: baseline;
   font-family: var(--fonts-regular);
   margin: 0 0.25em 0 0;
-  padding: 0.78571429em 1.5em;
   font-weight: var(--font-weight-normal);
+  font-size: 1rem;
   text-align: center;
   text-decoration: none;
   line-height: 1;
-  border-radius: 0.28571429rem;
+  border-radius: var(--border-radius);
   user-select: none;
   -webkit-tap-highlight-color: transparent;
   justify-content: center;
@@ -58,12 +53,13 @@
   pointer-events: none !important;
 }
 
+/* there is no "ui labeled icon button" support" because it is not used */
 .ui.labeled.button:not(.icon) {
-  display: inline-flex;
   flex-direction: row;
   background: none;
-  padding: 0 !important;
+  padding: 0;
   border: none;
+  min-height: unset;
 }
 .ui.labeled.button > .button {
   margin: 0;
@@ -102,47 +98,60 @@
   margin: 0 -0.21428571em 0 0.42857143em;
 }
 
+/* reference sizes (not exactly at the moment): normal: padding-x=21, height=38 ; compact: padding-x=15, height=32 */
+.ui.button { /* stylelint-disable-line no-duplicate-selectors */
+  min-height: 38px;
+  padding: 0.57em /* around 8px */ 1.43em /* around 20px */;
+}
 .ui.compact.buttons .button,
 .ui.compact.button {
-  padding: 0.58928571em 1.125em;
+  padding: 0.42em /* around 8px */ 1.07em /* around 15px */;
+  min-height: 32px;
 }
 .ui.compact.icon.buttons .button,
 .ui.compact.icon.button {
-  padding: 0.58928571em;
-}
-.ui.compact.labeled.icon.button {
-  padding: 0.58928571em 3.69642857em;
-}
-.ui.compact.labeled.icon.button > .icon {
-  padding: 0.58928571em 0;
+  padding: 0.57em /* around 8px */;
 }
 
-.ui.buttons .button,
-.ui.button {
-  font-size: 1rem;
-}
+/* reference size: mini: padding-x=16, height=30 ; compact: padding-x=12, height=26 */
 .ui.mini.buttons .dropdown,
 .ui.mini.buttons .dropdown .menu > .item,
 .ui.mini.buttons .button,
 .ui.ui.ui.ui.mini.button {
-  font-size: 0.78571429rem;
+  font-size: 11px;
+  min-height: 30px;
+}
+.ui.ui.ui.ui.mini.button.compact {
+  min-height: 26px;
 }
+
+/* reference size: tiny: padding-x=18, height=32 ; compact: padding-x=13, height=28 */
 .ui.tiny.buttons .dropdown,
 .ui.tiny.buttons .dropdown .menu > .item,
 .ui.tiny.buttons .button,
 .ui.ui.ui.ui.tiny.button {
-  font-size: 0.85714286rem;
+  font-size: 12px;
+  min-height: 32px;
+}
+.ui.ui.ui.ui.tiny.button.compact {
+  min-height: 28px;
 }
+
+/* reference size: small: padding-x=19, height=34 ; compact: padding-x=14, height=30 */
 .ui.small.buttons .dropdown,
 .ui.small.buttons .dropdown .menu > .item,
 .ui.small.buttons .button,
 .ui.ui.ui.ui.small.button {
-  font-size: 0.92857143rem;
+  font-size: 13px;
+  min-height: 34px;
+}
+.ui.ui.ui.ui.small.button.compact {
+  min-height: 30px;
 }
 
 .ui.icon.buttons .button,
 .ui.icon.button:not(.compact) {
-  padding: 0.78571429em;
+  padding: 0.57em;
 }
 .ui.icon.buttons .button > .icon,
 .ui.icon.button > .icon {
@@ -152,12 +161,12 @@
 
 .ui.basic.buttons .button,
 .ui.basic.button {
-  border-radius: 0.28571429rem;
+  border-radius: var(--border-radius);
   background: none;
 }
 .ui.basic.buttons {
   border: 1px solid var(--color-secondary);
-  border-radius: 0.28571429rem;
+  border-radius: var(--border-radius);
 }
 .ui.basic.buttons .button {
   border-radius: 0;
@@ -188,29 +197,6 @@
   background: var(--color-active);
 }
 
-.ui.labeled.icon.button {
-  position: relative;
-  padding-left: 4.07142857em !important;
-  padding-right: 1.5em !important;
-}
-
-.ui.labeled.icon.button > .icon {
-  position: absolute;
-  top: 0;
-  left: 0;
-  height: 100%;
-  line-height: 1;
-  border-radius: 0;
-  border-top-left-radius: inherit;
-  border-bottom-left-radius: inherit;
-  text-align: center;
-  animation: none;
-  padding: 0.78571429em 0;
-  margin: 0;
-  width: 2.57142857em;
-  background: var(--color-hover);
-}
-
 .ui.button.toggle.active {
   background-color: var(--color-green);
   color: var(--color-white);
@@ -366,25 +352,33 @@ a.btn:hover {
   color: inherit;
 }
 
+.btn.tiny {
+  font-size: 12px;
+}
+
+.btn.small {
+  font-size: 13px;
+}
+
 /* By default, Fomantic UI doesn't support "bordered" buttons group, but Gitea would like to use it.
 And the default buttons always have borders now (not the same as Fomantic UI's default buttons, see above).
 It needs some tricks to tweak the left/right borders with active state */
 
 .ui.buttons .button {
   border-right: none;
-  flex: 1 0 auto;
   border-radius: 0;
+  flex-shrink: 0;
   margin: 0;
 }
 .ui.buttons .button:first-child {
   border-left: none;
   margin-left: 0;
-  border-top-left-radius: 0.28571429rem;
-  border-bottom-left-radius: 0.28571429rem;
+  border-top-left-radius: var(--border-radius);
+  border-bottom-left-radius: var(--border-radius);
 }
 .ui.buttons .button:last-child {
-  border-top-right-radius: 0.28571429rem;
-  border-bottom-right-radius: 0.28571429rem;
+  border-top-right-radius: var(--border-radius);
+  border-bottom-right-radius: var(--border-radius);
 }
 
 .ui.buttons .button:hover {
@@ -414,10 +408,3 @@ It needs some tricks to tweak the left/right borders with active state */
 .ui.buttons .button.active + .button {
   border-left: none;
 }
-
-/* apply the vertical padding of .compact to non-compact buttons when they contain a svg as they
-   would otherwise appear too large. Seen on "RSS Feed" button on repo releases tab. */
-.ui.small.button:not(.compact):has(.svg) {
-  padding-top: 0.58928571em;
-  padding-bottom: 0.58928571em;
-}
diff --git a/web_src/css/modules/card.css b/web_src/css/modules/card.css
index d5d5e757d6..c5ca6a1cc1 100644
--- a/web_src/css/modules/card.css
+++ b/web_src/css/modules/card.css
@@ -20,7 +20,7 @@
   background: var(--color-card);
   border: 1px solid var(--color-secondary);
   box-shadow: none;
-  word-wrap: break-word;
+  overflow-wrap: break-word;
   border-radius: var(--border-radius);
 }
 
diff --git a/web_src/css/modules/comment.css b/web_src/css/modules/comment.css
index 9947b15b9a..f0c721eed2 100644
--- a/web_src/css/modules/comment.css
+++ b/web_src/css/modules/comment.css
@@ -56,10 +56,6 @@
   min-width: 0;
 }
 
-.ui.comments .comment > .avatar ~ .content {
-  margin-left: 12px;
-}
-
 .ui.comments .comment .author {
   font-size: 1em;
   font-weight: var(--font-weight-medium);
@@ -87,6 +83,6 @@
 .ui.comments .comment .text {
   margin: 0.25em 0 0.5em;
   font-size: 1em;
-  word-wrap: break-word;
+  overflow-wrap: break-word;
   line-height: 1.3;
 }
diff --git a/web_src/css/modules/dimmer.css b/web_src/css/modules/dimmer.css
index 8924821370..7d1ca6171a 100644
--- a/web_src/css/modules/dimmer.css
+++ b/web_src/css/modules/dimmer.css
@@ -20,7 +20,7 @@
   opacity: 1;
 }
 
-.ui.dimmer > * {
+.ui.dimmer > .ui.modal {
   position: static;
   margin-top: auto !important;
   margin-bottom: auto !important;
diff --git a/web_src/css/modules/label.css b/web_src/css/modules/label.css
index 1e42668aa1..cf850e4c5a 100644
--- a/web_src/css/modules/label.css
+++ b/web_src/css/modules/label.css
@@ -4,25 +4,20 @@
 .ui.label {
   display: inline-flex;
   align-items: center;
-  gap: .25rem;
-  min-width: 0;
   vertical-align: middle;
-  line-height: 1;
+  gap: var(--gap-inline);
+  min-width: 0;
+  max-width: 100%;
   background: var(--color-label-bg);
   color: var(--color-label-text);
-  padding: 0.3em 0.5em;
-  font-size: 0.85714286rem;
+  padding: 2px 6px;
+  font-size: var(--font-size-label);
   font-weight: var(--font-weight-medium);
   border: 0 solid transparent;
-  border-radius: 0.28571429rem;
+  border-radius: var(--border-radius);
   white-space: nowrap;
-}
-
-.ui.label:first-child {
-  margin-left: 0;
-}
-.ui.label:last-child {
-  margin-right: 0;
+  overflow: hidden;
+  text-overflow: ellipsis;
 }
 
 a.ui.label {
@@ -94,15 +89,10 @@ a.ui.label:hover {
   color: var(--color-label-text);
 }
 
-.ui.label.visible:not(.dropdown) {
-  display: inline-block !important;
-}
-
 .ui.basic.label {
   background: var(--color-button);
   border: 1px solid var(--color-light-border);
   color: var(--color-text-light);
-  padding: calc(0.5833em - 1px) calc(0.833em - 1px);
 }
 a.ui.basic.label:hover {
   text-decoration: none;
@@ -263,6 +253,7 @@ a.ui.ui.ui.basic.grey.label:hover {
   color: var(--color-label-hover-bg);
 }
 
+/* "horizontal label" is actually "fat label" which has enough padding spaces to be used standalone in headers */
 .ui.horizontal.label {
   margin: 0 0.5em 0 0;
   padding: 0.4em 0.833em;
@@ -292,3 +283,58 @@ a.ui.ui.ui.basic.grey.label:hover {
 .ui.large.label {
   font-size: 1rem;
 }
+
+/* To let labels break up and wrap across multiple lines (issue title, comment event), use "display: contents here" to apply parent layout.
+If the labels-list itself needs some layouts, use extra classes or "tw" helpers. */
+.labels-list {
+  display: contents;
+  font-size: var(--font-size-label); /* it must match the label font size, otherwise the height mismatches */
+}
+
+.labels-list a {
+  max-width: 100%; /* for ellipsis */
+}
+
+.labels-list .ui.label {
+  min-height: 20px;
+  padding-top: 0;
+  padding-bottom: 0;
+}
+
+.with-labels-list-inline .labels-list .ui.label + .ui.label {
+  margin-left: var(--gap-inline);
+}
+
+.with-labels-list-inline .labels-list .ui.label {
+  line-height: var(--line-height-default);
+}
+
+/* Scoped labels with different colors on left and right */
+.ui.label.scope-parent {
+  background: none !important;
+  padding: 0 !important;
+  gap: 0 !important;
+}
+
+.ui.label.scope-parent > .ui.label {
+  margin: 0 !important; /* scoped label's margin is handled by the parent */
+}
+
+.ui.label.scope-left {
+  border-bottom-right-radius: 0;
+  border-top-right-radius: 0;
+}
+
+.ui.label.scope-middle {
+  border-radius: 0;
+}
+
+.ui.label.scope-right {
+  border-bottom-left-radius: 0;
+  border-top-left-radius: 0;
+}
+
+.ui.label.archived-label {
+  filter: grayscale(0.5);
+  opacity: 0.5;
+}
diff --git a/web_src/css/modules/list.css b/web_src/css/modules/list.css
index 73760390de..46422cb97d 100644
--- a/web_src/css/modules/list.css
+++ b/web_src/css/modules/list.css
@@ -5,7 +5,6 @@
   list-style-type: none;
   margin: 1em 0;
   padding: 0;
-  font-size: 1em;
 }
 
 .ui.list:first-child {
diff --git a/web_src/css/modules/menu.css b/web_src/css/modules/menu.css
index a5efd23053..5072dcbd0e 100644
--- a/web_src/css/modules/menu.css
+++ b/web_src/css/modules/menu.css
@@ -1,5 +1,6 @@
 .ui.menu {
   display: flex;
+  flex-shrink: 0;
   margin: 1rem 0;
   font-family: var(--fonts-regular);
   font-weight: var(--font-weight-normal);
@@ -643,6 +644,7 @@
   display: inline-flex;
   margin: 0;
   vertical-align: middle;
+  flex-shrink: 0;
 }
 .ui.compact.vertical.menu {
   display: inline-block;
diff --git a/web_src/css/modules/navbar.css b/web_src/css/modules/navbar.css
index b09b271ad4..149766a586 100644
--- a/web_src/css/modules/navbar.css
+++ b/web_src/css/modules/navbar.css
@@ -101,19 +101,6 @@
   }
 }
 
-#navbar .ui.dropdown .navbar-profile-admin {
-  display: block;
-  position: absolute;
-  font-size: 9px;
-  font-weight: var(--font-weight-bold);
-  color: var(--color-nav-bg);
-  background: var(--color-primary);
-  padding: 2px 3px;
-  border-radius: 10px;
-  top: -1px;
-  left: 18px;
-}
-
 #navbar a.item:hover .notification_count,
 #navbar a.item:hover .header-stopwatch-dot {
   border-color: var(--color-nav-hover-bg);
@@ -129,8 +116,8 @@
   background: var(--color-primary);
   border: 2px solid var(--color-nav-bg);
   position: absolute;
-  left: 6px;
-  top: -9px;
+  left: calc(100% - 9px);
+  bottom: calc(100% - 9px);
   min-width: 17px;
   height: 17px;
   border-radius: 11px; /* (height + 2 * borderThickness) / 2 */
diff --git a/web_src/css/modules/table.css b/web_src/css/modules/table.css
index eabca31a17..6298471d47 100644
--- a/web_src/css/modules/table.css
+++ b/web_src/css/modules/table.css
@@ -167,6 +167,11 @@
   text-overflow: ellipsis;
 }
 
+.ui.selectable.table > tbody > tr:hover,
+.ui.table tbody tr td.selectable:hover {
+  background: var(--color-hover);
+}
+
 .ui.attached.table {
   top: 0;
   bottom: 0;
@@ -289,6 +294,9 @@
 .ui.basic.striped.table > tbody > tr:nth-child(2n) {
   background: var(--color-light);
 }
+.ui.basic.striped.selectable.table > tbody > tr:nth-child(2n):hover {
+  background: var(--color-hover);
+}
 
 .ui[class*="very basic"].table {
   border: none;
diff --git a/web_src/css/modules/tippy.css b/web_src/css/modules/tippy.css
index 4438a31c9d..3c0d63f2fb 100644
--- a/web_src/css/modules/tippy.css
+++ b/web_src/css/modules/tippy.css
@@ -92,6 +92,10 @@
 }
 
 .tippy-box[data-theme="menu"] .item:focus {
+  background: var(--color-hover);
+}
+
+.tippy-box[data-theme="menu"] .item.active {
   background: var(--color-active);
 }
 
diff --git a/web_src/css/modules/toast.css b/web_src/css/modules/toast.css
index 1145f3b1b5..330d3b176e 100644
--- a/web_src/css/modules/toast.css
+++ b/web_src/css/modules/toast.css
@@ -3,7 +3,7 @@
   position: fixed;
   opacity: 0;
   transition: all .2s ease;
-  z-index: 500;
+  z-index: var(--z-index-toast);
   border-radius: var(--border-radius);
   box-shadow: 0 8px 24px var(--color-shadow);
   display: flex;
diff --git a/web_src/css/repo.css b/web_src/css/repo.css
index 87af299dad..14db7d07e6 100644
--- a/web_src/css/repo.css
+++ b/web_src/css/repo.css
@@ -50,23 +50,44 @@
   width: 300px;
 }
 
-.issue-sidebar-combo .ui.dropdown .item:not(.checked) .item-check-mark {
-  visibility: hidden;
+.issue-content-right .ui.dropdown.full-width {
+  width: 100%;
+}
+
+.issue-content-right .ui.dropdown.full-width > .fixed-text {
+  display: flex;
+  flex-grow: 1;
+  justify-content: space-between;
 }
 
-.issue-content-right .dropdown > .menu {
+.issue-content-right .ui.dropdown > .menu {
   max-width: 270px;
   min-width: 0;
   max-height: 500px;
   overflow-x: auto;
 }
 
-.issue-content-right .dropdown > .menu .item-secondary-info small {
+.issue-content-right .ui.dropdown > .menu .item-secondary-info small {
   display: block;
   text-overflow: ellipsis;
   overflow: hidden;
 }
 
+.issue-content-right .ui.list {
+  margin: 0.5em 0;
+  max-width: 100%;
+}
+
+.issue-sidebar-combo > .ui.dropdown .item:not(.checked) .item-check-mark {
+  visibility: hidden;
+}
+
+.issue-content-right .ui.list.labels-list {
+  display: flex;
+  gap: var(--gap-inline);
+  flex-wrap: wrap;
+}
+
 @media (max-width: 767.98px) {
   .issue-content-left,
   .issue-content-right {
@@ -120,7 +141,7 @@ td .commit-summary {
   align-items: center;
   overflow: hidden;
   text-overflow: ellipsis;
-  gap: 0.25em;
+  gap: 0.5em;
 }
 
 @media (max-width: 767.98px) {
@@ -129,11 +150,6 @@ td .commit-summary {
   }
 }
 
-.repo-path {
-  display: flex;
-  overflow-wrap: anywhere;
-}
-
 .repository.file.list .non-diff-file-content .header .icon {
   font-size: 1em;
 }
@@ -167,42 +183,6 @@ td .commit-summary {
   cursor: default;
 }
 
-.view-raw {
-  display: flex;
-  justify-content: center;
-  align-items: center;
-}
-
-.view-raw > * {
-  max-width: 100%;
-}
-
-.view-raw audio,
-.view-raw video,
-.view-raw img {
-  margin: 1rem 0;
-  border-radius: 0;
-  object-fit: contain;
-}
-
-.view-raw img[src$=".svg" i] {
-  max-height: 600px !important;
-  max-width: 600px !important;
-}
-
-.pdf-content {
-  width: 100%;
-  height: 600px;
-  border: none !important;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-}
-
-.pdf-content .pdf-fallback-button {
-  margin: 50px auto;
-}
-
 .repository.file.list .non-diff-file-content .plain-text {
   padding: 1em 2em;
 }
@@ -225,10 +205,6 @@ td .commit-summary {
   padding: 0 !important;
 }
 
-.non-diff-file-content .pdfobject {
-  border-radius: 0 0 var(--border-radius) var(--border-radius);
-}
-
 .repo-editor-header {
   width: 100%;
 }
@@ -262,8 +238,8 @@ td .commit-summary {
   border-radius: var(--border-radius);
 }
 
-.repository.file.editor .commit-form-wrapper .commit-form::before,
-.repository.file.editor .commit-form-wrapper .commit-form::after {
+.avatar-content-left-arrow::before,
+.avatar-content-left-arrow::after {
   right: 100%;
   top: 20px;
   border: solid transparent;
@@ -274,18 +250,24 @@ td .commit-summary {
   pointer-events: none;
 }
 
-.repository.file.editor .commit-form-wrapper .commit-form::before {
+.avatar-content-left-arrow::before {
   border-right-color: var(--color-secondary);
   border-width: 9px;
   margin-top: -9px;
 }
 
-.repository.file.editor .commit-form-wrapper .commit-form::after {
+.avatar-content-left-arrow::after {
   border-right-color: var(--color-box-body);
   border-width: 8px;
   margin-top: -8px;
 }
 
+@media (max-width: 767.98px) {
+  .avatar-content-left-arrow::before,
+  .avatar-content-left-arrow::after {
+    display: none;
+  }
+}
 .repository.file.editor .commit-form-wrapper .commit-form .quick-pull-choice .branch-name {
   display: inline-block;
   padding: 2px 4px;
@@ -318,30 +300,6 @@ td .commit-summary {
   min-width: 100px;
 }
 
-.repository.new.issue .comment.form .content::before,
-.repository.new.issue .comment.form .content::after {
-  right: 100%;
-  top: 20px;
-  border: solid transparent;
-  content: " ";
-  height: 0;
-  width: 0;
-  position: absolute;
-  pointer-events: none;
-}
-
-.repository.new.issue .comment.form .content::before {
-  border-right-color: var(--color-secondary);
-  border-width: 9px;
-  margin-top: -9px;
-}
-
-.repository.new.issue .comment.form .content::after {
-  border-right-color: var(--color-box-body);
-  border-width: 8px;
-  margin-top: -8px;
-}
-
 .repository.new.issue .comment.form .content .markup {
   font-size: 14px;
 }
@@ -350,21 +308,6 @@ td .commit-summary {
   display: inline-block;
 }
 
-@media (max-width: 767.98px) {
-  .comment.form .issue-content-left .avatar {
-    display: none;
-  }
-  .comment.form .issue-content-left .content {
-    margin-left: 0 !important;
-  }
-  .comment.form .issue-content-left .content::before,
-  .comment.form .issue-content-left .content::after,
-  .comment.form .content .form::before,
-  .comment.form .content .form::after {
-    display: none;
-  }
-}
-
 /* issue title & meta & edit */
 .issue-title-header {
   width: 100%;
@@ -389,10 +332,9 @@ td .commit-summary {
 
 .repository.view.issue .issue-title {
   display: flex;
-  align-items: center;
   gap: 0.5em;
   margin-bottom: 8px;
-  min-height: 40px; /* avoid layout shift on edit */
+  min-height: 36px; /* avoid layout shift on edit */
 }
 
 .repository.view.issue .issue-title h1 {
@@ -400,9 +342,10 @@ td .commit-summary {
   width: 100%;
   font-weight: var(--font-weight-normal);
   font-size: 32px;
-  line-height: 40px;
+  line-height: 36px; /* vertically center single-line text with .issue-title-buttons */
   margin: 0;
   padding-right: 0.25rem;
+  overflow-wrap: anywhere;
 }
 
 @media (max-width: 767.98px) {
@@ -476,14 +419,6 @@ td .commit-summary {
   margin-right: 5px;
 }
 
-.repository.view.issue .merge.box .branch-update.grid .row {
-  padding-bottom: 1rem;
-}
-
-.repository.view.issue .merge.box .branch-update.grid .row .icon {
-  margin-top: 1.1rem;
-}
-
 .repository.view.issue .comment-list:not(.prevent-before-timeline)::before {
   display: block;
   content: "";
@@ -521,7 +456,7 @@ td .commit-summary {
 
 .repository.view.issue .comment-list .timeline-item,
 .repository.view.issue .comment-list .timeline-item-group {
-  padding: 16px 0;
+  padding: 8px 0;
 }
 
 .repository.view.issue .comment-list .timeline-item-group .timeline-item {
@@ -567,6 +502,7 @@ td .commit-summary {
   background-color: var(--color-timeline);
   border-radius: var(--border-radius-full);
   display: flex;
+  flex-shrink: 0;
   float: left;
   margin-left: -33px;
   margin-right: 8px;
@@ -575,6 +511,11 @@ td .commit-summary {
   justify-content: center;
 }
 
+.repository.view.issue .comment-list .timeline-item.commits-list .badge {
+  margin-right: 0;
+  height: 28px;
+}
+
 .repository.view.issue .comment-list .timeline-item .badge .svg {
   width: 22px;
   height: 22px;
@@ -589,9 +530,18 @@ td .commit-summary {
   margin-left: -16px;
 }
 
-.repository.view.issue .comment-list .timeline-item.event > .text {
+.repository.view.issue .comment-list .timeline-item .comment-text-line {
   line-height: 32px;
   vertical-align: middle;
+  color: var(--color-text-light);
+}
+
+.repository.view.issue .comment-list .timeline-item .comment-text-line a {
+  color: inherit;
+}
+
+.repository.view.issue .comment-list .timeline-item .avatar-with-link + .comment-text-line {
+  margin-left: 0.25em;
 }
 
 .repository.view.issue .comment-list .timeline-item.commits-list {
@@ -599,25 +549,17 @@ td .commit-summary {
   padding-top: 0;
 }
 
-.repository.view.issue .comment-list .timeline-item.commits-list .ui.avatar {
-  margin-right: 0.25em;
-}
-
 .repository.view.issue .comment-list .timeline-item.event > .commit-status-link {
   float: right;
   margin-right: 8px;
   margin-top: 4px;
 }
 
-.repository.view.issue .comment-list .timeline-item .comparebox {
-  line-height: 32px;
+.repository.view.issue .comment-list .timeline-item .comment-text-label {
   vertical-align: middle;
-}
-
-.repository.view.issue .comment-list .timeline-item .comparebox .compare.label {
-  font-size: 1rem;
-  margin: 0;
   border: 1px solid var(--color-light-border);
+  height: 26px;
+  margin: 4px 0; /* because this label is beside the comment line, which has "line-height: 34px" */
 }
 
 @media (max-width: 767.98px) {
@@ -681,30 +623,6 @@ td .commit-summary {
   width: calc(100% + 2rem);
 }
 
-.repository.view.issue .comment-list .comment .merge-section.no-header::before,
-.repository.view.issue .comment-list .comment .merge-section.no-header::after {
-  right: 100%;
-  top: 20px;
-  border: solid transparent;
-  content: " ";
-  height: 0;
-  width: 0;
-  position: absolute;
-  pointer-events: none;
-}
-
-.repository.view.issue .comment-list .comment .merge-section.no-header::before {
-  border-right-color: var(--color-secondary);
-  border-width: 9px;
-  margin-top: -9px;
-}
-
-.repository.view.issue .comment-list .comment .merge-section.no-header::after {
-  border-right-color: var(--color-box-body);
-  border-width: 8px;
-  margin-top: -8px;
-}
-
 .merge-section-info code {
   border: 1px solid var(--color-light-border);
   border-radius: var(--border-radius);
@@ -748,19 +666,10 @@ td .commit-summary {
   padding: 0 !important;
 }
 
-.repository.view.issue .comment-list .code-comment .comment-header::after,
-.repository.view.issue .comment-list .code-comment .comment-header::before {
-  display: none;
-}
-
 .repository.view.issue .comment-list .code-comment .comment-content {
   margin-left: 24px;
 }
 
-.repository.view.issue .comment-list .comment > .avatar {
-  margin-top: 6px;
-}
-
 .repository.view.issue .comment-list .comment-code-cloud button.comment-form-reply {
   margin: 0;
 }
@@ -792,30 +701,6 @@ td .commit-summary {
   clear: none;
 }
 
-.repository .comment.form .content .segment::before,
-.repository .comment.form .content .segment::after {
-  right: 100%;
-  top: 20px;
-  border: solid transparent;
-  content: " ";
-  height: 0;
-  width: 0;
-  position: absolute;
-  pointer-events: none;
-}
-
-.repository .comment.form .content .segment::before {
-  border-right-color: var(--color-secondary);
-  border-width: 9px;
-  margin-top: -9px;
-}
-
-.repository .comment.form .content .segment::after {
-  border-right-color: var(--color-box-body);
-  border-width: 8px;
-  margin-top: -8px;
-}
-
 .repository.new.milestone textarea {
   height: 200px;
 }
@@ -838,30 +723,6 @@ td .commit-summary {
   text-align: center;
 }
 
-.repository.compare.pull .comment.form .content::before,
-.repository.compare.pull .comment.form .content::after {
-  right: 100%;
-  top: 20px;
-  border: solid transparent;
-  content: " ";
-  height: 0;
-  width: 0;
-  position: absolute;
-  pointer-events: none;
-}
-
-.repository.compare.pull .comment.form .content::before {
-  border-right-color: var(--color-secondary);
-  border-width: 9px;
-  margin-top: -9px;
-}
-
-.repository.compare.pull .comment.form .content::after {
-  border-right-color: var(--color-box-body);
-  border-width: 8px;
-  margin-top: -8px;
-}
-
 .repository.compare.pull .markup {
   font-size: 14px;
 }
@@ -1224,33 +1085,6 @@ td .commit-summary {
   font-weight: var(--font-weight-normal);
 }
 
-.empty-placeholder {
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  padding-top: 40px;
-  padding-bottom: 40px;
-}
-
-.repository.packages .file-size {
-  white-space: nowrap;
-}
-
-.file-view.markup {
-  padding: 1em 2em;
-}
-
-.file-view.markup:has(.file-not-rendered-prompt) {
-  padding: 0; /* let the file-not-rendered-prompt layout itself */
-}
-
-.file-not-rendered-prompt {
-  padding: 1rem;
-  text-align: center;
-  font-size: 1rem !important; /* use consistent styles for various containers (code, markup, etc) */
-  line-height: var(--line-height-default) !important; /* same as above */
-}
-
 .repository .activity-header {
   display: flex;
   justify-content: space-between;
@@ -1478,37 +1312,15 @@ td .commit-summary {
 .comment-header {
   background: var(--color-box-header);
   border-bottom: 1px solid var(--color-secondary);
-  padding: 0 1rem;
+  padding: 0.5em 1rem;
   position: relative;
   color: var(--color-text);
   min-height: 41px;
   display: flex;
   justify-content: space-between;
   align-items: center;
-}
-
-.comment-header::before,
-.comment-header::after {
-  right: 100%;
-  top: 20px;
-  border: solid transparent;
-  content: " ";
-  height: 0;
-  width: 0;
-  position: absolute;
-  pointer-events: none;
-}
-
-.comment-header::before {
-  border-right-color: var(--color-secondary);
-  border-width: 9px;
-  margin-top: -9px;
-}
-
-.comment-header::after {
-  border-right-color: var(--color-box-header);
-  border-width: 8px;
-  margin-top: -8px;
+  flex-wrap: wrap;
+  gap: 0.25em;
 }
 
 .comment-header.arrow-top::before,
@@ -1526,17 +1338,16 @@ td .commit-summary {
   left: 7px;
 }
 
-.comment-header .actions a:not(.label) {
-  padding: 0.5rem !important;
-}
-
-.comment-header .actions .label {
-  margin: 0 !important;
+.comment-header-left,
+.comment-header-right {
+  display: flex;
+  align-items: center;
+  gap: 0.5em;
 }
 
-.comment-header-left,
 .comment-header-right {
-  gap: 4px;
+  flex: 1;
+  justify-content: end;
 }
 
 .comment-body {
@@ -1573,43 +1384,6 @@ td .commit-summary {
   border-bottom-right-radius: 4px;
 }
 
-.labels-list {
-  display: inline-flex;
-  flex-wrap: wrap;
-  gap: 2.5px;
-  align-items: center;
-}
-
-.labels-list .label, .scope-parent > .label {
-  padding: 0 6px;
-  min-height: 20px;
-  line-height: 1.3; /* there is a `font-size: 1.25em` for inside emoji, so here the line-height needs to be larger slightly */
-}
-
-/* Scoped labels with different colors on left and right */
-.ui.label.scope-parent {
-  background: none !important;
-  padding: 0 !important;
-  gap: 0 !important;
-}
-
-.archived-label {
-  filter: grayscale(0.5);
-  opacity: 0.5;
-}
-
-.ui.label.scope-left {
-  border-bottom-right-radius: 0;
-  border-top-right-radius: 0;
-  margin-right: 0;
-}
-
-.ui.label.scope-right {
-  border-bottom-left-radius: 0;
-  border-top-left-radius: 0;
-  margin-left: 0;
-}
-
 .repo-button-row {
   margin: 8px 0;
   display: flex;
@@ -1623,21 +1397,17 @@ td .commit-summary {
   display: flex;
   align-items: center;
   gap: 0.5rem;
+  flex-wrap: wrap;
 }
 
 .repo-button-row-left {
   flex-grow: 1;
 }
 
-.repo-button-row .button {
-  padding: 6px 10px !important;
-  height: 30px;
+.repo-button-row .ui.button {
   flex-shrink: 0;
   margin: 0;
-}
-
-.repo-button-row .button.dropdown:not(.icon) {
-  padding-right: 22px !important; /* normal buttons have !important paddings, so we need to override it for dropdown (Add File) icons */
+  min-height: 30px;
 }
 
 tbody.commit-list {
@@ -1724,11 +1494,10 @@ tbody.commit-list {
   line-height: 18px;
   margin: 1em;
   white-space: pre-wrap;
-  word-break: break-all;
-  overflow-wrap: break-word;
+  overflow-wrap: anywhere;
 }
 
-.content-history-detail-dialog .header .avatar {
+.content-history-detail-dialog .header .ui.avatar {
   position: relative;
   top: -2px;
 }
@@ -1783,12 +1552,12 @@ tbody.commit-list {
 .resolved-placeholder {
   display: flex;
   align-items: center;
-  font-size: 14px !important;
-  padding: 8px !important;
-  font-weight: var(--font-weight-normal) !important;
-  border: 1px solid var(--color-secondary) !important;
-  border-radius: var(--border-radius) !important;
-  margin: 4px !important;
+  justify-content: space-between;
+  margin: 4px;
+  padding: 8px;
+  border: 1px solid var(--color-secondary);
+  border-radius: var(--border-radius);
+  background: var(--color-box-header);
 }
 
 .resolved-placeholder + .comment-code-cloud {
@@ -1862,6 +1631,7 @@ tbody.commit-list {
   border-radius: 0;
   display: flex;
   flex-direction: column;
+  gap: 0.5em;
 }
 
 /* fomantic's last-child selector does not work with hidden last child */
@@ -1902,7 +1672,7 @@ tbody.commit-list {
 .diff-file-header .file-link {
   max-width: fit-content;
   display: -webkit-box;
-  -webkit-box-orient: vertical;
+  -webkit-box-orient: vertical; /* stylelint-disable property-no-deprecated -- https://github.com/stylelint/stylelint/issues/8698 */
   -webkit-line-clamp: 2;
   overflow: hidden;
   overflow-wrap: anywhere;
@@ -2051,10 +1821,6 @@ tbody.commit-list {
   box-shadow: 0 0.5rem 1rem var(--color-shadow) !important;
 }
 
-.migrate-entry .description {
-  text-wrap: balance;
-}
-
 .commits-table .commits-table-right form {
   display: flex;
   align-items: center;
@@ -2080,10 +1846,6 @@ tbody.commit-list {
   .repository.view.issue .comment-list .timeline .comment-header {
     padding-left: 4px;
   }
-  .repository.view.issue .comment-list .timeline .comment-header::before,
-  .repository.view.issue .comment-list .timeline .comment-header::after {
-    content: unset;
-  }
   /* Don't show the general avatar, we show the inline avatar on mobile.
    * And don't show the role labels, there's no place for that. */
   .repository.view.issue .comment-list .timeline .timeline-avatar,
@@ -2117,15 +1879,6 @@ tbody.commit-list {
   .commit-table th.sha {
     display: none !important;
   }
-  .comment-header {
-    flex-wrap: wrap;
-  }
-  .comment-header .comment-header-left {
-    flex-wrap: wrap;
-  }
-  .comment-header .comment-header-right {
-    margin-left: auto;
-  }
 }
 
 .commit-status-header {
@@ -2216,10 +1969,11 @@ tbody.commit-list {
   max-width: min(400px, 90vw);
 }
 
-.branch-selector-dropdown .branch-dropdown-button {
+.branch-selector-dropdown .ui.button.branch-dropdown-button {
   margin: 0;
   max-width: 340px;
   line-height: var(--line-height-default);
+  padding: 0 0.5em 0 0.75em;
 }
 
 /* FIXME: These media selectors are not ideal (just keep them from old code).
diff --git a/web_src/css/repo/clone.css b/web_src/css/repo/clone.css
index c6887fbf16..53eb8b7b87 100644
--- a/web_src/css/repo/clone.css
+++ b/web_src/css/repo/clone.css
@@ -1,14 +1,16 @@
 /* only used by "repo/empty.tmpl" */
 .clone-buttons-combo {
   display: flex;
-  align-items: center;
+  align-items: stretch;
   flex: 1;
 }
 
-.clone-buttons-combo input {
-  border-left: none !important;
-  border-radius: 0 !important;
-  height: 30px;
+.clone-buttons-combo > .ui.button:not(:last-child) {
+  border-right: none;
+}
+
+.ui.action.input.clone-buttons-combo input {
+  border-radius: 0; /* override fomantic border-radius for ".ui.input > input" */
 }
 
 /* used by the clone-panel popup */
diff --git a/web_src/css/repo/file-view.css b/web_src/css/repo/file-view.css
new file mode 100644
index 0000000000..907f136afe
--- /dev/null
+++ b/web_src/css/repo/file-view.css
@@ -0,0 +1,92 @@
+.file-view tr.active .lines-num,
+.file-view tr.active .lines-escape,
+.file-view tr.active .lines-code {
+  background: var(--color-highlight-bg);
+}
+
+/* set correct border radius on the last active lines, to avoid border overflow */
+.file-view tr.active:last-of-type .lines-code {
+  border-bottom-right-radius: var(--border-radius);
+}
+
+.file-view tr.active .lines-num {
+  position: relative;
+}
+
+/* add a darker "handler" at the beginning of the active line */
+.file-view tr.active .lines-num::before {
+  content: "";
+  position: absolute;
+  left: 0;
+  width: 2px;
+  height: 100%;
+  background: var(--color-highlight-fg);
+}
+
+.file-view .file-not-rendered-prompt {
+  padding: 1rem;
+  text-align: center;
+  font-size: 1rem !important; /* use consistent styles for various containers (code, markup, etc) */
+  line-height: var(--line-height-default) !important; /* same as above */
+}
+
+/* ".code-view" is always used with ".file-view", to show the code of a file */
+.file-view.code-view {
+  background: var(--color-code-bg);
+  border-radius: var(--border-radius);
+}
+
+.file-view.code-view table {
+  width: 100%;
+}
+
+.file-view.code-view .lines-num span::after {
+  cursor: pointer;
+}
+
+.file-view.code-view .lines-num:hover {
+  color: var(--color-text-dark);
+}
+
+.file-view.code-view .ui.button.code-line-button {
+  border: 1px solid var(--color-secondary);
+  padding: 1px 4px;
+  margin: 0;
+  min-height: 0;
+  position: absolute;
+  left: 6px;
+}
+
+.file-view.code-view .ui.button.code-line-button:hover {
+  background: var(--color-secondary);
+}
+
+.view-raw {
+  display: flex;
+  justify-content: center;
+}
+
+.view-raw > * {
+  max-width: 100%;
+}
+
+.view-raw audio,
+.view-raw video,
+.view-raw img {
+  margin: 1rem;
+  border-radius: 0;
+  object-fit: contain;
+}
+
+.view-raw img[src$=".svg" i] {
+  max-height: 600px !important;
+  max-width: 600px !important;
+}
+
+.file-view-render-container {
+  width: 100%;
+}
+
+.file-view-render-container :last-child {
+  border-radius: 0 0 var(--border-radius) var(--border-radius); /* to match the "ui segment" bottom radius */
+}
diff --git a/web_src/css/repo/header.css b/web_src/css/repo/header.css
index b70691435f..910648ea32 100644
--- a/web_src/css/repo/header.css
+++ b/web_src/css/repo/header.css
@@ -27,47 +27,3 @@
 .repo-header .flex-item-trailing {
   flex-wrap: nowrap;
 }
-
-.repo-buttons {
-  align-items: center;
-  display: flex;
-  flex-flow: row wrap;
-  word-break: keep-all;
-  gap: 0.25em;
-}
-
-.repo-buttons button[disabled] ~ .label {
-  opacity: var(--opacity-disabled);
-  color: var(--color-text-dark);
-  background: var(--color-light-mimic-enabled) !important;
-}
-
-.repo-buttons button[disabled] ~ .label:hover {
-  color: var(--color-primary-dark-1);
-}
-
-.repo-buttons .ui.labeled.button.disabled {
-  pointer-events: inherit !important;
-}
-
-.repo-buttons .ui.labeled.button.disabled > .label {
-  color: var(--color-text-dark);
-  background: var(--color-light-mimic-enabled) !important;
-}
-
-.repo-buttons .ui.labeled.button.disabled > .label:hover {
-  color: var(--color-primary-dark-1);
-}
-
-.repo-buttons .ui.labeled.button.disabled > .button {
-  pointer-events: none !important;
-}
-
-@media (max-width: 767.98px) {
-  .repo-buttons .ui.button,
-  .repo-buttons .ui.label {
-    padding-left: 8px;
-    padding-right: 8px;
-    margin: 0;
-  }
-}
diff --git a/web_src/css/repo/home-file-list.css b/web_src/css/repo/home-file-list.css
index 46128457ed..6aa9e4bca3 100644
--- a/web_src/css/repo/home-file-list.css
+++ b/web_src/css/repo/home-file-list.css
@@ -14,17 +14,6 @@
   }
 }
 
-#repo-files-table .svg.octicon-file-directory-fill,
-#repo-files-table .svg.octicon-file-submodule {
-  color: var(--color-primary);
-}
-
-#repo-files-table .svg.octicon-file,
-#repo-files-table .svg.octicon-file-symlink-file,
-#repo-files-table .svg.octicon-file-directory-symlink {
-  color: var(--color-secondary-dark-7);
-}
-
 #repo-files-table .repo-file-item {
   display: contents;
 }
@@ -82,7 +71,7 @@
 
 #repo-files-table .repo-file-cell.name .entry-name {
   flex-shrink: 1;
-  min-width: 3em;
+  min-width: 1ch; /* leave about one letter space when shrinking, need to fine tune the "shrinks" in this grid in the future */
 }
 
 @media (max-width: 767.98px) {
diff --git a/web_src/css/repo/home.css b/web_src/css/repo/home.css
index 69c454d611..ee371f1b1c 100644
--- a/web_src/css/repo/home.css
+++ b/web_src/css/repo/home.css
@@ -58,10 +58,16 @@
   flex: 0 0 15%;
   min-width: 0;
   max-height: 100vh;
+  position: sticky;
+  top: 0;
+  bottom: 0;
+  height: 100%;
+  overflow-y: hidden;
 }
 
 .repo-view-content {
   flex: 1;
+  min-width: 0;
 }
 
 .language-stats {
diff --git a/web_src/css/repo/issue-card.css b/web_src/css/repo/issue-card.css
index fb832bd05a..327919b1fe 100644
--- a/web_src/css/repo/issue-card.css
+++ b/web_src/css/repo/issue-card.css
@@ -7,6 +7,7 @@
   padding: 8px 10px;
   border: 1px solid var(--color-secondary);
   background: var(--color-card);
+  color: var(--color-text); /* it can't inherit from parent because the card already has its own background */
 }
 
 .issue-card-icon,
@@ -28,13 +29,16 @@
   display: flex;
   width: 100%;
   justify-content: space-between;
-  gap: 0.25em;
+  gap: 1em;
 }
 
-.issue-card-assignees {
+.issue-card-bottom-part {
   display: flex;
+  flex: 1;
   align-items: center;
   gap: 0.25em;
-  justify-content: end;
   flex-wrap: wrap;
+  overflow: hidden;
+  max-width: fit-content;
+  max-height: fit-content;
 }
diff --git a/web_src/css/repo/issue-label.css b/web_src/css/repo/issue-label.css
index 0a25d31da9..f75c73b50f 100644
--- a/web_src/css/repo/issue-label.css
+++ b/web_src/css/repo/issue-label.css
@@ -4,41 +4,46 @@
   margin: 0;
 }
 
-.issue-label-list .item {
+.issue-label-list > .item {
   border-bottom: 1px solid var(--color-secondary);
   display: flex;
   padding: 1em 0;
   margin: 0;
 }
 
-.issue-label-list .item:first-child {
+.issue-label-list > .item:first-child {
   padding-top: 0;
 }
 
-.issue-label-list .item:last-child {
+.issue-label-list > .item:last-child {
   border-bottom: none;
   padding-bottom: 0;
 }
 
-.issue-label-list .item .label-title {
+.issue-label-list > .item .label-title {
   width: 33%;
+  padding-right: 1em;
 }
 
-.issue-label-list .item .label-issues {
+.issue-label-list > .item .label-issues {
   width: 33%;
+  padding-right: 1em;
 }
 
-.issue-label-list .item .label-operation {
+.issue-label-list > .item .label-operation {
   width: 33%;
+  display: flex;
+  flex-wrap: wrap;
+  gap: 0.5em;
+  justify-content: end;
+  align-items: center;
 }
 
-.issue-label-list .item a {
+.issue-label-list > .item .label-operation a {
   font-size: 12px;
-  padding-right: 10px;
-  color: var(--color-text-light);
 }
 
-.issue-label-list .item.org-label {
+.issue-label-list > .item.org-label {
   opacity: 0.7;
 }
 
diff --git a/web_src/css/repo/linebutton.css b/web_src/css/repo/linebutton.css
deleted file mode 100644
index e99d0399d1..0000000000
--- a/web_src/css/repo/linebutton.css
+++ /dev/null
@@ -1,18 +0,0 @@
-.code-view .lines-num:hover {
-  color: var(--color-text-dark) !important;
-}
-
-.code-line-button {
-  border: 1px solid var(--color-secondary);
-  border-radius: var(--border-radius);
-  padding: 1px 4px !important;
-  position: absolute;
-  font-family: var(--fonts-regular);
-  left: 0;
-  transform: translateX(calc(-50% + 6px));
-  cursor: pointer;
-}
-
-.code-line-button:hover {
-  background: var(--color-secondary) !important;
-}
diff --git a/web_src/css/repo/list-header.css b/web_src/css/repo/list-header.css
index e666e046d3..9d0b13933a 100644
--- a/web_src/css/repo/list-header.css
+++ b/web_src/css/repo/list-header.css
@@ -1,6 +1,6 @@
 .list-header {
   display: flex;
-  align-items: center;
+  align-items: stretch;
   flex-wrap: wrap;
   gap: .5rem;
 }
@@ -8,9 +8,8 @@
 .list-header-search {
   display: flex;
   flex: 1;
-  align-items: center;
+  align-items: stretch;
   flex-wrap: wrap;
-  justify-content: center;
   min-width: 200px; /* to enable flexbox wrapping on mobile */
 }
 
diff --git a/web_src/css/repo/packages.css b/web_src/css/repo/packages.css
new file mode 100644
index 0000000000..75675f5243
--- /dev/null
+++ b/web_src/css/repo/packages.css
@@ -0,0 +1,25 @@
+.packages-content {
+  display: flex;
+  align-items: flex-start;
+  gap: 16px;
+}
+
+.packages-content-left {
+  margin: 0 !important;
+  width: calc(100% - 250px - 16px);
+}
+
+.packages-content-right {
+  margin: 0 !important;
+  width: 250px;
+}
+
+@media (max-width: 767.98px) {
+  .packages-content {
+    flex-direction: column;
+  }
+  .packages-content-left,
+  .packages-content-right {
+    width: 100%;
+  }
+}
diff --git a/web_src/css/repo/release-tag.css b/web_src/css/repo/release-tag.css
index bf8c1312f1..4b42c992ef 100644
--- a/web_src/css/repo/release-tag.css
+++ b/web_src/css/repo/release-tag.css
@@ -31,6 +31,7 @@
 #release-list .release-entry .detail {
   flex: 1;
   margin: 0;
+  min-width: 0;
 }
 
 @media (max-width: 767.98px) {
@@ -58,17 +59,24 @@
   margin-bottom: 2px; /* the legacy trick to align the avatar vertically, no better solution at the moment */
 }
 
-#release-list .release-entry .detail .download .list {
-  padding-left: 0;
+#release-list .release-entry .attachment-list {
   border: 1px solid var(--color-secondary);
   border-radius: var(--border-radius);
 }
 
-#release-list .release-entry .detail .download .list li {
+#release-list .release-entry .attachment-list > .item {
   display: flex;
-  justify-content: space-between;
   padding: 8px;
-  border-bottom: 1px solid var(--color-secondary);
+  flex-wrap: wrap;
+}
+
+#release-list .release-entry .attachment-list > .item a {
+  min-width: 300px;
+}
+
+#release-list .release-entry .attachment-list .attachment-right-info {
+  flex-shrink: 0;
+  min-width: 300px;
 }
 
 #release-list .release-entry .detail .download[open] summary {
@@ -76,7 +84,6 @@
 }
 
 #release-list .download-icon {
-  margin-right: .25rem;
   color: var(--color-text-light-1);
 }
 
@@ -84,10 +91,6 @@
   border-bottom: none;
 }
 
-#tags-table .tag-list-row {
-  padding: 8px 12px;
-}
-
 #tags-table .tag-list-row-title {
   font-size: 18px;
   font-weight: var(--font-weight-normal);
diff --git a/web_src/css/repo/wiki.css b/web_src/css/repo/wiki.css
index ca59dadb9c..144cb1206c 100644
--- a/web_src/css/repo/wiki.css
+++ b/web_src/css/repo/wiki.css
@@ -39,10 +39,6 @@
   min-width: 150px;
 }
 
-.repository.wiki .wiki-content-sidebar .ui.message.unicode-escape-prompt p {
-  display: none;
-}
-
 .repository.wiki .wiki-content-footer {
   margin-top: 1em;
 }
diff --git a/web_src/css/review.css b/web_src/css/review.css
index 036ad017f8..23383c051c 100644
--- a/web_src/css/review.css
+++ b/web_src/css/review.css
@@ -1,15 +1,8 @@
-.show-outdated,
-.hide-outdated {
-  -webkit-touch-callout: none;
-  -webkit-user-select: none;
-  user-select: none;
-  margin-right: 0 !important;
-}
-
 .ui.button.add-code-comment {
   padding: 2px;
   position: absolute;
   margin-left: -22px;
+  min-height: 0;
   z-index: 5;
   opacity: 0;
   transition: transform 0.1s ease-in-out;
@@ -58,11 +51,6 @@
   margin-bottom: 0.5em;
 }
 
-.show-outdated:hover,
-.hide-outdated:hover {
-  text-decoration: underline;
-}
-
 .comment-code-cloud {
   padding: 0.5rem 1rem !important;
   position: relative;
diff --git a/web_src/css/shared/flex-list.css b/web_src/css/shared/flex-list.css
index 0f54779252..e94e9e9cc2 100644
--- a/web_src/css/shared/flex-list.css
+++ b/web_src/css/shared/flex-list.css
@@ -17,6 +17,7 @@
 .flex-item .flex-item-main {
   display: flex;
   flex-direction: column;
+  gap: 0.25em;
   flex-grow: 1;
   flex-basis: 60%; /* avoid wrapping the "flex-item-trailing" too aggressively */
   min-width: 0; /* make the "text truncate" work, otherwise the flex axis is not limited and the text just overflows */
@@ -33,14 +34,6 @@
   color: var(--color-primary) !important;
 }
 
-.flex-item .flex-item-icon {
-  align-self: baseline; /* mainly used by the issue list, to align the leading icon with the title */
-}
-
-.flex-item .flex-item-icon + .flex-item-main {
-  align-self: baseline;
-}
-
 .flex-item .flex-item-trailing {
   display: flex;
   gap: 0.5rem;
@@ -54,7 +47,9 @@
   display: inline-flex;
   flex-wrap: wrap;
   align-items: center;
-  gap: .25rem;
+  /* labels are under effect of this gap here because they are display:contents. Ideally we should make wrapping
+     of labels work without display: contents and set this to a static value again. */
+  gap: var(--gap-inline);
   max-width: 100%;
   color: var(--color-text);
   font-size: 16px;
diff --git a/web_src/css/themes/theme-gitea-dark.css b/web_src/css/themes/theme-gitea-dark.css
index 5ddee0a746..48fbd14dfb 100644
--- a/web_src/css/themes/theme-gitea-dark.css
+++ b/web_src/css/themes/theme-gitea-dark.css
@@ -185,6 +185,7 @@ gitea-theme-meta-info {
   --color-orange-badge-bg: #f2711c1a;
   --color-orange-badge-hover-bg: #f2711c4d;
   --color-git: #f05133;
+  --color-logo: #609926;
   /* target-based colors */
   --color-body: #1b1f23;
   --color-box-header: #1a1d1f;
diff --git a/web_src/css/themes/theme-gitea-light.css b/web_src/css/themes/theme-gitea-light.css
index 1a4183c0d2..eaff717417 100644
--- a/web_src/css/themes/theme-gitea-light.css
+++ b/web_src/css/themes/theme-gitea-light.css
@@ -185,6 +185,7 @@ gitea-theme-meta-info {
   --color-orange-badge-bg: #f2711c1a;
   --color-orange-badge-hover-bg: #f2711c4d;
   --color-git: #f05133;
+  --color-logo: #609926;
   /* target-based colors */
   --color-body: #ffffff;
   --color-box-header: #f1f3f5;
diff --git a/web_src/css/user.css b/web_src/css/user.css
index caabf1834c..d42e8688fb 100644
--- a/web_src/css/user.css
+++ b/web_src/css/user.css
@@ -114,6 +114,14 @@
   border-radius: var(--border-radius);
 }
 
+.notifications-item {
+  display: flex;
+  align-items: center;
+  flex-wrap: wrap;
+  gap: 0.5em;
+  padding: 0.5em 1em;
+}
+
 .notifications-item:hover {
   background: var(--color-hover);
 }
@@ -129,6 +137,9 @@
 
 .notifications-item:hover .notifications-buttons {
   display: flex;
+  align-items: center;
+  justify-content: end;
+  gap: 0.25em;
 }
 
 .notifications-item:hover .notifications-updated {
diff --git a/web_src/fomantic/build/components/dropdown.css b/web_src/fomantic/build/components/dropdown.css
index 58bdd8e16b..b7b35a2f05 100644
--- a/web_src/fomantic/build/components/dropdown.css
+++ b/web_src/fomantic/build/components/dropdown.css
@@ -1367,7 +1367,7 @@ select.ui.dropdown {
 }
 .ui.simple.dropdown .menu {
   position: absolute;
-  
+
 /* IE hack to make dropdown icons appear inline */
   display: -ms-inline-flexbox !important;
   display: block;
diff --git a/web_src/fomantic/build/components/dropdown.js b/web_src/fomantic/build/components/dropdown.js
index 009b51d8b1..3ad0984865 100644
--- a/web_src/fomantic/build/components/dropdown.js
+++ b/web_src/fomantic/build/components/dropdown.js
@@ -525,6 +525,7 @@ $.fn.dropdown = function(parameters) {
               return true;
             }
             if(settings.onShow.call(element) !== false) {
+              $module.fomanticExt.onDropdownAfterFiltered.call(element); // GITEA-PATCH: callback to correctly handle the filtered items
               module.animate.show(function() {
                 if( module.can.click() ) {
                   module.bind.intent();
@@ -752,6 +753,7 @@ $.fn.dropdown = function(parameters) {
               if(module.is.searchSelection() && module.can.show() && module.is.focusedOnSearch() ) {
                 module.show();
               }
+              $module.fomanticExt.onDropdownAfterFiltered.call(element); // GITEA-PATCH: callback to correctly handle the filtered items
             }
           ;
           if(settings.useLabels && module.has.maxSelections()) {
@@ -4077,7 +4079,7 @@ $.fn.dropdown.settings = {
     search       : 'input.search, .menu > .search > input, .menu input.search',
     sizer        : '> span.sizer',
     text         : '> .text:not(.icon)',
-    unselectable : '.disabled, .filtered',
+    unselectable : '.disabled, .filtered, .tw-hidden', // GITEA-PATCH: tw-hidden hides the item so it is also unselectable
     clearIcon    : '> .remove.icon'
   },
 
diff --git a/web_src/fomantic/build/components/modal.js b/web_src/fomantic/build/components/modal.js
index 420ecc250b..3f578ccfcc 100644
--- a/web_src/fomantic/build/components/modal.js
+++ b/web_src/fomantic/build/components/modal.js
@@ -467,7 +467,7 @@ $.fn.modal = function(parameters) {
             ignoreRepeatedEvents = false;
             return false;
           }
-
+          $module.fomanticExt.onModalBeforeHidden.call(element); // GITEA-PATCH: handle more UI updates before hidden
           if( module.is.animating() || module.is.active() ) {
             if(settings.transition && $.fn.transition !== undefined && $module.transition('is supported')) {
               module.remove.active();
@@ -641,7 +641,7 @@ $.fn.modal = function(parameters) {
               $module
                   .off('mousedown' + elementEventNamespace)
               ;
-            }           
+            }
             $dimmer
               .off('mousedown' + elementEventNamespace)
             ;
@@ -877,7 +877,7 @@ $.fn.modal = function(parameters) {
                       ? $(document).scrollTop() + settings.padding
                       : $(document).scrollTop() + (module.cache.contextHeight - module.cache.height - settings.padding),
                   marginLeft: -(module.cache.width / 2)
-                }) 
+                })
               ;
             } else {
               $module
@@ -886,7 +886,7 @@ $.fn.modal = function(parameters) {
                     ? -(module.cache.height / 2)
                     : settings.padding / 2,
                   marginLeft: -(module.cache.width / 2)
-                }) 
+                })
               ;
             }
             module.verbose('Setting modal offset for legacy mode');
diff --git a/web_src/js/bootstrap.ts b/web_src/js/bootstrap.ts
index 9e41673b86..4d3f39f5bf 100644
--- a/web_src/js/bootstrap.ts
+++ b/web_src/js/bootstrap.ts
@@ -2,6 +2,7 @@
 // to make sure the error handler always works, we should never import `window.config`, because
 // some user's custom template breaks it.
 import type {Intent} from './types.ts';
+import {html} from './utils/html.ts';
 
 // This sets up the URL prefix used in webpack's chunk loading.
 // This file must be imported before any lazy-loading is being attempted.
@@ -19,11 +20,15 @@ function shouldIgnoreError(err: Error) {
 
 export function showGlobalErrorMessage(msg: string, msgType: Intent = 'error') {
   const msgContainer = document.querySelector('.page-content') ?? document.body;
+  if (!msgContainer) {
+    alert(`${msgType}: ${msg}`);
+    return;
+  }
   const msgCompact = msg.replace(/\W/g, '').trim(); // compact the message to a data attribute to avoid too many duplicated messages
   let msgDiv = msgContainer.querySelector<HTMLDivElement>(`.js-global-error[data-global-error-msg-compact="${msgCompact}"]`);
   if (!msgDiv) {
     const el = document.createElement('div');
-    el.innerHTML = `<div class="ui container js-global-error tw-my-[--page-spacing]"><div class="ui ${msgType} message tw-text-center tw-whitespace-pre-line"></div></div>`;
+    el.innerHTML = html`<div class="ui container js-global-error tw-my-[--page-spacing]"><div class="ui ${msgType} message tw-text-center tw-whitespace-pre-line"></div></div>`;
     msgDiv = el.childNodes[0] as HTMLDivElement;
   }
   // merge duplicated messages into "the message (count)" format
diff --git a/web_src/js/components/ActionRunStatus.vue b/web_src/js/components/ActionRunStatus.vue
index 487d2460cc..bc3b99ab89 100644
--- a/web_src/js/components/ActionRunStatus.vue
+++ b/web_src/js/components/ActionRunStatus.vue
@@ -24,7 +24,7 @@ withDefaults(defineProps<{
     <SvgIcon name="octicon-stop" class="text yellow" :size="size" :class="className" v-else-if="status === 'cancelled'"/>
     <SvgIcon name="octicon-clock" class="text yellow" :size="size" :class="className" v-else-if="status === 'waiting'"/>
     <SvgIcon name="octicon-blocked" class="text yellow" :size="size" :class="className" v-else-if="status === 'blocked'"/>
-    <SvgIcon name="octicon-meter" class="text yellow" :size="size" :class="'job-status-rotate ' + className" v-else-if="status === 'running'"/>
+    <SvgIcon name="octicon-meter" class="text yellow" :size="size" :class="'circular-spin ' + className" v-else-if="status === 'running'"/>
     <SvgIcon name="octicon-x-circle-fill" class="text red" :size="size" v-else/><!-- failure, unknown -->
   </span>
 </template>
diff --git a/web_src/js/components/ActivityHeatmap.vue b/web_src/js/components/ActivityHeatmap.vue
index eaa9b0ffb1..296cb61cff 100644
--- a/web_src/js/components/ActivityHeatmap.vue
+++ b/web_src/js/components/ActivityHeatmap.vue
@@ -1,7 +1,7 @@
 <script lang="ts" setup>
 // TODO: Switch to upstream after https://github.com/razorness/vue3-calendar-heatmap/pull/34 is merged
 import {CalendarHeatmap} from '@silverwind/vue3-calendar-heatmap';
-import {onMounted, ref} from 'vue';
+import {onMounted, shallowRef} from 'vue';
 import type {Value as HeatmapValue, Locale as HeatmapLocale} from '@silverwind/vue3-calendar-heatmap';
 
 defineProps<{
@@ -24,7 +24,7 @@ const colorRange = [
   'var(--color-primary-dark-4)',
 ];
 
-const endDate = ref(new Date());
+const endDate = shallowRef(new Date());
 
 onMounted(() => {
   // work around issue with first legend color being rendered twice and legend cut off
diff --git a/web_src/js/components/ContextPopup.vue b/web_src/js/components/ContextPopup.vue
index 0aae202d42..5ec4499e48 100644
--- a/web_src/js/components/ContextPopup.vue
+++ b/web_src/js/components/ContextPopup.vue
@@ -2,16 +2,16 @@
 import {SvgIcon} from '../svg.ts';
 import {GET} from '../modules/fetch.ts';
 import {getIssueColor, getIssueIcon} from '../features/issue.ts';
-import {computed, onMounted, ref} from 'vue';
+import {computed, onMounted, shallowRef, useTemplateRef} from 'vue';
 import type {IssuePathInfo} from '../types.ts';
 
 const {appSubUrl, i18n} = window.config;
 
-const loading = ref(false);
-const issue = ref(null);
-const renderedLabels = ref('');
+const loading = shallowRef(false);
+const issue = shallowRef(null);
+const renderedLabels = shallowRef('');
 const i18nErrorOccurred = i18n.error_occurred;
-const i18nErrorMessage = ref(null);
+const i18nErrorMessage = shallowRef(null);
 
 const createdAt = computed(() => new Date(issue.value.created_at).toLocaleDateString(undefined, {year: 'numeric', month: 'short', day: 'numeric'}));
 const body = computed(() => {
@@ -22,7 +22,7 @@ const body = computed(() => {
   return body;
 });
 
-const root = ref<HTMLElement | null>(null);
+const root = useTemplateRef('root');
 
 onMounted(() => {
   root.value.addEventListener('ce-load-context-popup', (e: CustomEventInit<IssuePathInfo>) => {
diff --git a/web_src/js/components/DashboardRepoList.vue b/web_src/js/components/DashboardRepoList.vue
index fc6a7bd281..e938814ec6 100644
--- a/web_src/js/components/DashboardRepoList.vue
+++ b/web_src/js/components/DashboardRepoList.vue
@@ -6,7 +6,7 @@ import {fomanticQuery} from '../modules/fomantic/base.ts';
 
 const {appSubUrl, assetUrlPrefix, pageData} = window.config;
 
-type CommitStatus = 'pending' | 'success' | 'error' | 'failure' | 'warning';
+type CommitStatus = 'pending' | 'success' | 'error' | 'failure' | 'warning' | 'skipped';
 
 type CommitStatusMap = {
   [status in CommitStatus]: {
@@ -22,6 +22,7 @@ const commitStatus: CommitStatusMap = {
   error: {name: 'gitea-exclamation', color: 'red'},
   failure: {name: 'octicon-x', color: 'red'},
   warning: {name: 'gitea-exclamation', color: 'yellow'},
+  skipped: {name: 'octicon-skip', color: 'grey'},
 };
 
 export default defineComponent({
@@ -38,7 +39,7 @@ export default defineComponent({
     return {
       tab,
       repos: [],
-      reposTotalCount: 0,
+      reposTotalCount: null,
       reposFilter,
       archivedFilter,
       privateFilter,
@@ -112,9 +113,6 @@ export default defineComponent({
     const el = document.querySelector('#dashboard-repo-list');
     this.changeReposFilter(this.reposFilter);
     fomanticQuery(el.querySelector('.ui.dropdown')).dropdown();
-    nextTick(() => {
-      this.$refs.search?.focus();
-    });
 
     this.textArchivedFilterTitles = {
       'archived': this.textShowOnlyArchived,
@@ -218,7 +216,9 @@ export default defineComponent({
       this.searchRepos();
     },
 
-    changePage(page: number) {
+    async changePage(page: number) {
+      if (this.isLoading) return;
+
       this.page = page;
       if (this.page > this.finalPage) {
         this.page = this.finalPage;
@@ -228,7 +228,7 @@ export default defineComponent({
       }
       this.repos = [];
       this.counts[`${this.reposFilter}:${this.archivedFilter}:${this.privateFilter}`] = 0;
-      this.searchRepos();
+      await this.searchRepos();
     },
 
     async searchRepos() {
@@ -240,12 +240,20 @@ export default defineComponent({
 
       let response, json;
       try {
+        const firstLoad = this.reposTotalCount === null;
         if (!this.reposTotalCount) {
           const totalCountSearchURL = `${this.subUrl}/repo/search?count_only=1&uid=${this.uid}&team_id=${this.teamId}&q=&page=1&mode=`;
           response = await GET(totalCountSearchURL);
           this.reposTotalCount = parseInt(response.headers.get('X-Total-Count') ?? '0');
         }
-
+        if (firstLoad && this.reposTotalCount) {
+          nextTick(() => {
+            // MDN: If there's no focused element, this is the Document.body or Document.documentElement.
+            if ((document.activeElement === document.body || document.activeElement === document.documentElement)) {
+              this.$refs.search.focus({preventScroll: true});
+            }
+          });
+        }
         response = await GET(searchedURL);
         json = await response.json();
       } catch {
@@ -298,7 +306,7 @@ export default defineComponent({
       return commitStatus[status].color;
     },
 
-    reposFilterKeyControl(e: KeyboardEvent) {
+    async reposFilterKeyControl(e: KeyboardEvent) {
       switch (e.key) {
         case 'Enter':
           document.querySelector<HTMLAnchorElement>('.repo-owner-name-list li.active a')?.click();
@@ -307,7 +315,7 @@ export default defineComponent({
           if (this.activeIndex > 0) {
             this.activeIndex--;
           } else if (this.page > 1) {
-            this.changePage(this.page - 1);
+            await this.changePage(this.page - 1);
             this.activeIndex = this.searchLimit - 1;
           }
           break;
@@ -316,17 +324,17 @@ export default defineComponent({
             this.activeIndex++;
           } else if (this.page < this.finalPage) {
             this.activeIndex = 0;
-            this.changePage(this.page + 1);
+            await this.changePage(this.page + 1);
           }
           break;
         case 'ArrowRight':
           if (this.page < this.finalPage) {
-            this.changePage(this.page + 1);
+            await this.changePage(this.page + 1);
           }
           break;
         case 'ArrowLeft':
           if (this.page > 1) {
-            this.changePage(this.page - 1);
+            await this.changePage(this.page - 1);
           }
           break;
       }
@@ -347,7 +355,7 @@ export default defineComponent({
       <h4 class="ui top attached header tw-flex tw-items-center">
         <div class="tw-flex-1 tw-flex tw-items-center">
           {{ textMyRepos }}
-          <span class="ui grey label tw-ml-2">{{ reposTotalCount }}</span>
+          <span v-if="reposTotalCount" class="ui grey label tw-ml-2">{{ reposTotalCount }}</span>
         </div>
         <a class="tw-flex tw-items-center muted" :href="subUrl + '/repo/create' + (isOrganization ? '?org=' + organizationId : '')" :data-tooltip-content="textNewRepo">
           <svg-icon name="octicon-plus"/>
@@ -418,7 +426,7 @@ export default defineComponent({
       </div>
       <div v-if="repos.length" class="ui attached table segment tw-rounded-b">
         <ul class="repo-owner-name-list">
-          <li class="tw-flex tw-items-center tw-py-2" v-for="repo, index in repos" :class="{'active': index === activeIndex}" :key="repo.id">
+          <li class="tw-flex tw-items-center tw-py-2" v-for="(repo, index) in repos" :class="{'active': index === activeIndex}" :key="repo.id">
             <a class="repo-list-link muted" :href="repo.link">
               <svg-icon :name="repoIcon(repo)" :size="16" class="repo-list-icon"/>
               <div class="text truncate">{{ repo.full_name }}</div>
@@ -426,7 +434,7 @@ export default defineComponent({
                 <svg-icon name="octicon-archive" :size="16"/>
               </div>
             </a>
-            <a class="tw-flex tw-items-center" v-if="repo.latest_commit_status_state" :href="repo.latest_commit_status_state_link" :data-tooltip-content="repo.locale_latest_commit_status_state">
+            <a class="tw-flex tw-items-center" v-if="repo.latest_commit_status_state" :href="repo.latest_commit_status_state_link || null" :data-tooltip-content="repo.locale_latest_commit_status_state">
               <!-- the commit status icon logic is taken from templates/repo/commit_status.tmpl -->
               <svg-icon :name="statusIcon(repo.latest_commit_status_state)" :class="'tw-ml-2 commit-status icon text ' + statusColor(repo.latest_commit_status_state)" :size="16"/>
             </a>
diff --git a/web_src/js/components/DiffCommitSelector.vue b/web_src/js/components/DiffCommitSelector.vue
index 16760d1cb1..e9aa3c6744 100644
--- a/web_src/js/components/DiffCommitSelector.vue
+++ b/web_src/js/components/DiffCommitSelector.vue
@@ -2,7 +2,7 @@
 import {defineComponent} from 'vue';
 import {SvgIcon} from '../svg.ts';
 import {GET} from '../modules/fetch.ts';
-import {generateAriaId} from '../modules/fomantic/base.ts';
+import {generateElemId} from '../utils/dom.ts';
 
 type Commit = {
   id: string,
@@ -32,11 +32,12 @@ export default defineComponent({
       locale: {
         filter_changes_by_commit: el.getAttribute('data-filter_changes_by_commit'),
       } as Record<string, string>,
+      mergeBase: el.getAttribute('data-merge-base'),
       commits: [] as Array<Commit>,
       hoverActivated: false,
       lastReviewCommitSha: '',
-      uniqueIdMenu: generateAriaId(),
-      uniqueIdShowAll: generateAriaId(),
+      uniqueIdMenu: generateElemId('diff-commit-selector-menu-'),
+      uniqueIdShowAll: generateElemId('diff-commit-selector-show-all-'),
     };
   },
   computed: {
@@ -176,32 +177,38 @@ export default defineComponent({
       }
     },
     /**
-     * When a commit is clicked with shift this enables the range
-     * selection. Second click (with shift) defines the end of the
-     * range. This opens the diff of this range
-     * Exception: first commit is the first commit of this PR. Then
-     * the diff from beginning of PR up to the second clicked commit is
-     * opened
+     * When a commit is clicked while holding Shift, it enables range selection.
+     * - The range selection is a half-open, half-closed range, meaning it excludes the start commit but includes the end commit.
+     * - The start of the commit range is always the previous commit of the first clicked commit.
+     * - If the first commit in the list is clicked, the mergeBase will be used as the start of the range instead.
+     * - The second Shift-click defines the end of the range.
+     * - Once both are selected, the diff view for the selected commit range will open.
      */
     commitClickedShift(commit: Commit) {
       this.hoverActivated = !this.hoverActivated;
       commit.selected = true;
       // Second click -> determine our range and open links accordingly
       if (!this.hoverActivated) {
+        // since at least one commit is selected, we can determine the range
         // find all selected commits and generate a link
-        if (this.commits[0].selected) {
-          // first commit is selected - generate a short url with only target sha
-          const lastCommitIdx = this.commits.findLastIndex((x) => x.selected);
-          if (lastCommitIdx === this.commits.length - 1) {
-            // user selected all commits - just show the normal diff page
-            window.location.assign(`${this.issueLink}/files${this.queryParams}`);
-          } else {
-            window.location.assign(`${this.issueLink}/files/${this.commits[lastCommitIdx].id}${this.queryParams}`);
-          }
+        const firstSelected = this.commits.findIndex((x) => x.selected);
+        const lastSelected = this.commits.findLastIndex((x) => x.selected);
+        let beforeCommitID: string;
+        if (firstSelected === 0) {
+          beforeCommitID = this.mergeBase;
         } else {
-          const start = this.commits[this.commits.findIndex((x) => x.selected) - 1].id;
-          const end = this.commits.findLast((x) => x.selected).id;
-          window.location.assign(`${this.issueLink}/files/${start}..${end}${this.queryParams}`);
+          beforeCommitID = this.commits[firstSelected - 1].id;
+        }
+        const afterCommitID = this.commits[lastSelected].id;
+
+        if (firstSelected === lastSelected) {
+          // if the start and end are the same, we show this single commit
+          window.location.assign(`${this.issueLink}/commits/${afterCommitID}${this.queryParams}`);
+        } else if (beforeCommitID === this.mergeBase && afterCommitID === this.commits.at(-1).id) {
+          // if the first commit is selected and the last commit is selected, we show all commits
+          window.location.assign(`${this.issueLink}/files${this.queryParams}`);
+        } else {
+          window.location.assign(`${this.issueLink}/files/${beforeCommitID}..${afterCommitID}${this.queryParams}`);
         }
       }
     },
@@ -212,7 +219,7 @@ export default defineComponent({
   <div class="ui scrolling dropdown custom diff-commit-selector">
     <button
       ref="expandBtn"
-      class="ui basic button"
+      class="ui tiny basic button"
       @click.stop="toggleMenu()"
       :data-tooltip-content="locale.filter_changes_by_commit"
       aria-haspopup="true"
diff --git a/web_src/js/components/DiffFileTree.vue b/web_src/js/components/DiffFileTree.vue
index 381a1c3ca4..981d10c1c1 100644
--- a/web_src/js/components/DiffFileTree.vue
+++ b/web_src/js/components/DiffFileTree.vue
@@ -1,21 +1,14 @@
 <script lang="ts" setup>
 import DiffFileTreeItem from './DiffFileTreeItem.vue';
 import {toggleElem} from '../utils/dom.ts';
-import {diffTreeStore} from '../modules/stores.ts';
+import {diffTreeStore} from '../modules/diff-file.ts';
 import {setFileFolding} from '../features/file-fold.ts';
-import {computed, onMounted, onUnmounted} from 'vue';
-import {pathListToTree, mergeChildIfOnlyOneDir} from '../utils/filetree.ts';
+import {onMounted, onUnmounted} from 'vue';
 
 const LOCAL_STORAGE_KEY = 'diff_file_tree_visible';
 
 const store = diffTreeStore();
 
-const fileTree = computed(() => {
-  const result = pathListToTree(store.files);
-  mergeChildIfOnlyOneDir(result); // mutation
-  return result;
-});
-
 onMounted(() => {
   // Default to true if unset
   store.fileTreeIsVisible = localStorage.getItem(LOCAL_STORAGE_KEY) !== 'false';
@@ -50,7 +43,7 @@ function toggleVisibility() {
 
 function updateVisibility(visible: boolean) {
   store.fileTreeIsVisible = visible;
-  localStorage.setItem(LOCAL_STORAGE_KEY, store.fileTreeIsVisible);
+  localStorage.setItem(LOCAL_STORAGE_KEY, store.fileTreeIsVisible.toString());
   updateState(store.fileTreeIsVisible);
 }
 
@@ -67,9 +60,9 @@ function updateState(visible: boolean) {
 </script>
 
 <template>
+  <!-- only render the tree if we're visible. in many cases this is something that doesn't change very often -->
   <div v-if="store.fileTreeIsVisible" class="diff-file-tree-items">
-    <!-- only render the tree if we're visible. in many cases this is something that doesn't change very often -->
-    <DiffFileTreeItem v-for="item in fileTree" :key="item.name" :item="item"/>
+    <DiffFileTreeItem v-for="item in store.diffFileTree.TreeRoot.Children" :key="item.FullName" :item="item"/>
   </div>
 </template>
 
diff --git a/web_src/js/components/DiffFileTreeItem.vue b/web_src/js/components/DiffFileTreeItem.vue
index 5ee0e5bcaa..f15f093ff8 100644
--- a/web_src/js/components/DiffFileTreeItem.vue
+++ b/web_src/js/components/DiffFileTreeItem.vue
@@ -1,18 +1,18 @@
 <script lang="ts" setup>
 import {SvgIcon, type SvgName} from '../svg.ts';
-import {diffTreeStore} from '../modules/stores.ts';
-import {ref} from 'vue';
-import type {Item, File, FileStatus} from '../utils/filetree.ts';
+import {shallowRef} from 'vue';
+import {type DiffStatus, type DiffTreeEntry, diffTreeStore} from '../modules/diff-file.ts';
 
-defineProps<{
-  item: Item,
+const props = defineProps<{
+  item: DiffTreeEntry,
 }>();
 
 const store = diffTreeStore();
-const collapsed = ref(false);
+const collapsed = shallowRef(props.item.IsViewed);
 
-function getIconForDiffStatus(pType: FileStatus) {
-  const diffTypes: Record<FileStatus, { name: SvgName, classes: Array<string> }> = {
+function getIconForDiffStatus(pType: DiffStatus) {
+  const diffTypes: Record<DiffStatus, { name: SvgName, classes: Array<string> }> = {
+    '': {name: 'octicon-blocked', classes: ['text', 'red']}, // unknown case
     'added': {name: 'octicon-diff-added', classes: ['text', 'green']},
     'modified': {name: 'octicon-diff-modified', classes: ['text', 'yellow']},
     'deleted': {name: 'octicon-diff-removed', classes: ['text', 'red']},
@@ -20,49 +20,40 @@ function getIconForDiffStatus(pType: FileStatus) {
     'copied': {name: 'octicon-diff-renamed', classes: ['text', 'green']},
     'typechange': {name: 'octicon-diff-modified', classes: ['text', 'green']}, // there is no octicon for copied, so renamed should be ok
   };
-  return diffTypes[pType];
-}
-
-function fileIcon(file: File) {
-  if (file.IsSubmodule) {
-    return 'octicon-file-submodule';
-  }
-  return 'octicon-file';
+  return diffTypes[pType] ?? diffTypes[''];
 }
 </script>
 
 <template>
-  <!--title instead of tooltip above as the tooltip needs too much work with the current methods, i.e. not being loaded or staying open for "too long"-->
-  <a
-    v-if="item.isFile" class="item-file"
-    :class="{ 'selected': store.selectedItem === '#diff-' + item.file.NameHash, 'viewed': item.file.IsViewed }"
-    :title="item.name" :href="'#diff-' + item.file.NameHash"
-  >
-    <!-- file -->
-    <SvgIcon :name="fileIcon(item.file)"/>
-    <span class="gt-ellipsis tw-flex-1">{{ item.name }}</span>
-    <SvgIcon
-      :name="getIconForDiffStatus(item.file.Status).name"
-      :class="getIconForDiffStatus(item.file.Status).classes"
-    />
-  </a>
-
-  <template v-else-if="item.isFile === false">
-    <div class="item-directory" :title="item.name" @click.stop="collapsed = !collapsed">
+  <template v-if="item.EntryMode === 'tree'">
+    <div class="item-directory" :class="{ 'viewed': item.IsViewed }" :title="item.DisplayName" @click.stop="collapsed = !collapsed">
       <!-- directory -->
       <SvgIcon :name="collapsed ? 'octicon-chevron-right' : 'octicon-chevron-down'"/>
-      <SvgIcon
-        class="text primary"
-        :name="collapsed ? 'octicon-file-directory-fill' : 'octicon-file-directory-open-fill'"
-      />
-      <span class="gt-ellipsis">{{ item.name }}</span>
+      <!-- eslint-disable-next-line vue/no-v-html -->
+      <span class="tw-contents" v-html="collapsed ? store.folderIcon : store.folderOpenIcon"/>
+      <span class="gt-ellipsis">{{ item.DisplayName }}</span>
     </div>
 
     <div v-show="!collapsed" class="sub-items">
-      <DiffFileTreeItem v-for="childItem in item.children" :key="childItem.name" :item="childItem"/>
+      <DiffFileTreeItem v-for="childItem in item.Children" :key="childItem.DisplayName" :item="childItem"/>
     </div>
   </template>
+  <a
+    v-else
+    class="item-file" :class="{ 'selected': store.selectedItem === '#diff-' + item.NameHash, 'viewed': item.IsViewed }"
+    :title="item.DisplayName" :href="'#diff-' + item.NameHash"
+  >
+    <!-- file -->
+    <!-- eslint-disable-next-line vue/no-v-html -->
+    <span class="tw-contents" v-html="item.FileIcon"/>
+    <span class="gt-ellipsis tw-flex-1">{{ item.DisplayName }}</span>
+    <SvgIcon
+      :name="getIconForDiffStatus(item.DiffStatus).name"
+      :class="getIconForDiffStatus(item.DiffStatus).classes"
+    />
+  </a>
 </template>
+
 <style scoped>
 a,
 a:hover {
@@ -88,7 +79,8 @@ a:hover {
   border-radius: 4px;
 }
 
-.item-file.viewed {
+.item-file.viewed,
+.item-directory.viewed {
   color: var(--color-text-light-3);
 }
 
diff --git a/web_src/js/components/PullRequestMergeForm.vue b/web_src/js/components/PullRequestMergeForm.vue
index 4f291f5ca1..b2c28414c0 100644
--- a/web_src/js/components/PullRequestMergeForm.vue
+++ b/web_src/js/components/PullRequestMergeForm.vue
@@ -1,19 +1,19 @@
 <script lang="ts" setup>
-import {computed, onMounted, onUnmounted, ref, watch} from 'vue';
+import {computed, onMounted, onUnmounted, shallowRef, watch} from 'vue';
 import {SvgIcon} from '../svg.ts';
 import {toggleElem} from '../utils/dom.ts';
 
 const {csrfToken, pageData} = window.config;
 
-const mergeForm = ref(pageData.pullRequestMergeForm);
+const mergeForm = pageData.pullRequestMergeForm;
 
-const mergeTitleFieldValue = ref('');
-const mergeMessageFieldValue = ref('');
-const deleteBranchAfterMerge = ref(false);
-const autoMergeWhenSucceed = ref(false);
+const mergeTitleFieldValue = shallowRef('');
+const mergeMessageFieldValue = shallowRef('');
+const deleteBranchAfterMerge = shallowRef(false);
+const autoMergeWhenSucceed = shallowRef(false);
 
-const mergeStyle = ref('');
-const mergeStyleDetail = ref({
+const mergeStyle = shallowRef('');
+const mergeStyleDetail = shallowRef({
   hideMergeMessageTexts: false,
   textDoMerge: '',
   mergeTitleFieldText: '',
@@ -21,33 +21,33 @@ const mergeStyleDetail = ref({
   hideAutoMerge: false,
 });
 
-const mergeStyleAllowedCount = ref(0);
+const mergeStyleAllowedCount = shallowRef(0);
 
-const showMergeStyleMenu = ref(false);
-const showActionForm = ref(false);
+const showMergeStyleMenu = shallowRef(false);
+const showActionForm = shallowRef(false);
 
 const mergeButtonStyleClass = computed(() => {
-  if (mergeForm.value.allOverridableChecksOk) return 'primary';
+  if (mergeForm.allOverridableChecksOk) return 'primary';
   return autoMergeWhenSucceed.value ? 'primary' : 'red';
 });
 
 const forceMerge = computed(() => {
-  return mergeForm.value.canMergeNow && !mergeForm.value.allOverridableChecksOk;
+  return mergeForm.canMergeNow && !mergeForm.allOverridableChecksOk;
 });
 
 watch(mergeStyle, (val) => {
-  mergeStyleDetail.value = mergeForm.value.mergeStyles.find((e: any) => e.name === val);
+  mergeStyleDetail.value = mergeForm.mergeStyles.find((e: any) => e.name === val);
   for (const elem of document.querySelectorAll('[data-pull-merge-style]')) {
     toggleElem(elem, elem.getAttribute('data-pull-merge-style') === val);
   }
 });
 
 onMounted(() => {
-  mergeStyleAllowedCount.value = mergeForm.value.mergeStyles.reduce((v: any, msd: any) => v + (msd.allowed ? 1 : 0), 0);
+  mergeStyleAllowedCount.value = mergeForm.mergeStyles.reduce((v: any, msd: any) => v + (msd.allowed ? 1 : 0), 0);
 
-  let mergeStyle = mergeForm.value.mergeStyles.find((e: any) => e.allowed && e.name === mergeForm.value.defaultMergeStyle)?.name;
-  if (!mergeStyle) mergeStyle = mergeForm.value.mergeStyles.find((e: any) => e.allowed)?.name;
-  switchMergeStyle(mergeStyle, !mergeForm.value.canMergeNow);
+  let mergeStyle = mergeForm.mergeStyles.find((e: any) => e.allowed && e.name === mergeForm.defaultMergeStyle)?.name;
+  if (!mergeStyle) mergeStyle = mergeForm.mergeStyles.find((e: any) => e.allowed)?.name;
+  switchMergeStyle(mergeStyle, !mergeForm.canMergeNow);
 
   document.addEventListener('mouseup', hideMergeStyleMenu);
 });
@@ -63,7 +63,7 @@ function hideMergeStyleMenu() {
 function toggleActionForm(show: boolean) {
   showActionForm.value = show;
   if (!show) return;
-  deleteBranchAfterMerge.value = mergeForm.value.defaultDeleteBranchAfterMerge;
+  deleteBranchAfterMerge.value = mergeForm.defaultDeleteBranchAfterMerge;
   mergeTitleFieldValue.value = mergeStyleDetail.value.mergeTitleFieldText;
   mergeMessageFieldValue.value = mergeStyleDetail.value.mergeMessageFieldText;
 }
@@ -74,7 +74,7 @@ function switchMergeStyle(name: string, autoMerge = false) {
 }
 
 function clearMergeMessage() {
-  mergeMessageFieldValue.value = mergeForm.value.defaultMergeMessage;
+  mergeMessageFieldValue.value = mergeForm.defaultMergeMessage;
 }
 </script>
 
diff --git a/web_src/js/components/RepoActionView.vue b/web_src/js/components/RepoActionView.vue
index 2ef528620d..2eb2211269 100644
--- a/web_src/js/components/RepoActionView.vue
+++ b/web_src/js/components/RepoActionView.vue
@@ -7,6 +7,7 @@ import {formatDatetime} from '../utils/time.ts';
 import {renderAnsi} from '../render/ansi.ts';
 import {POST, DELETE} from '../modules/fetch.ts';
 import type {IntervalId} from '../types.ts';
+import {toggleFullScreen} from '../utils.ts';
 
 // see "models/actions/status.go", if it needs to be used somewhere else, move it to a shared file like "types/actions.ts"
 type RunStatus = 'unknown' | 'waiting' | 'running' | 'success' | 'failure' | 'cancelled' | 'skipped' | 'blocked';
@@ -176,7 +177,7 @@ export default defineComponent({
     },
   },
 
-  async mounted() { // eslint-disable-line @typescript-eslint/no-misused-promises
+  async mounted() {
     // load job data and then auto-reload periodically
     // need to await first loadJob so this.currentJobStepsStates is initialized and can be used in hashChangeListener
     await this.loadJob();
@@ -416,21 +417,7 @@ export default defineComponent({
 
     toggleFullScreen() {
       this.isFullScreen = !this.isFullScreen;
-      const fullScreenEl = document.querySelector('.action-view-right');
-      const outerEl = document.querySelector('.full.height');
-      const actionBodyEl = document.querySelector('.action-view-body');
-      const headerEl = document.querySelector('#navbar');
-      const contentEl = document.querySelector('.page-content');
-      const footerEl = document.querySelector('.page-footer');
-      toggleElem(headerEl, !this.isFullScreen);
-      toggleElem(contentEl, !this.isFullScreen);
-      toggleElem(footerEl, !this.isFullScreen);
-      // move .action-view-right to new parent
-      if (this.isFullScreen) {
-        outerEl.append(fullScreenEl);
-      } else {
-        actionBodyEl.append(fullScreenEl);
-      }
+      toggleFullScreen('.action-view-right', this.isFullScreen, '.action-view-body');
     },
     async hashChangeListener() {
       const selectedLogStep = window.location.hash;
@@ -452,7 +439,8 @@ export default defineComponent({
 });
 </script>
 <template>
-  <div class="ui container action-view-container">
+  <!-- make the view container full width to make users easier to read logs -->
+  <div class="ui fluid container">
     <div class="action-view-header">
       <div class="action-info-summary">
         <div class="action-info-summary-title">
@@ -508,14 +496,24 @@ export default defineComponent({
             {{ locale.artifactsTitle }}
           </div>
           <ul class="job-artifacts-list">
-            <li class="job-artifacts-item" v-for="artifact in artifacts" :key="artifact.name">
-              <a class="job-artifacts-link" target="_blank" :href="run.link+'/artifacts/'+artifact.name">
-                <SvgIcon name="octicon-file" class="ui text black job-artifacts-icon"/>{{ artifact.name }}
-              </a>
-              <a v-if="run.canDeleteArtifact" @click="deleteArtifact(artifact.name)" class="job-artifacts-delete">
-                <SvgIcon name="octicon-trash" class="ui text black job-artifacts-icon"/>
-              </a>
-            </li>
+            <template v-for="artifact in artifacts" :key="artifact.name">
+              <li class="job-artifacts-item">
+                <template v-if="artifact.status !== 'expired'">
+                  <a class="flex-text-inline" target="_blank" :href="run.link+'/artifacts/'+artifact.name">
+                    <SvgIcon name="octicon-file" class="text black"/>
+                    <span class="gt-ellipsis">{{ artifact.name }}</span>
+                  </a>
+                  <a v-if="run.canDeleteArtifact" @click="deleteArtifact(artifact.name)">
+                    <SvgIcon name="octicon-trash" class="text black"/>
+                  </a>
+                </template>
+                <span v-else class="flex-text-inline text light grey">
+                  <SvgIcon name="octicon-file"/>
+                  <span class="gt-ellipsis">{{ artifact.name }}</span>
+                  <span class="ui label text light grey tw-flex-shrink-0">{{ locale.artifactExpired }}</span>
+                </span>
+              </li>
+            </template>
           </ul>
         </div>
       </div>
@@ -574,7 +572,7 @@ export default defineComponent({
               <!-- If the job is done and the job step log is loaded for the first time, show the loading icon
                 currentJobStepsStates[i].cursor === null means the log is loaded for the first time
               -->
-              <SvgIcon v-if="isDone(run.status) && currentJobStepsStates[i].expanded && currentJobStepsStates[i].cursor === null" name="octicon-sync" class="tw-mr-2 job-status-rotate"/>
+              <SvgIcon v-if="isDone(run.status) && currentJobStepsStates[i].expanded && currentJobStepsStates[i].cursor === null" name="octicon-sync" class="tw-mr-2 circular-spin"/>
               <SvgIcon v-else :name="currentJobStepsStates[i].expanded ? 'octicon-chevron-down': 'octicon-chevron-right'" :class="['tw-mr-2', !isExpandable(jobStep.status) && 'tw-invisible']"/>
               <ActionRunStatus :status="jobStep.status" class="tw-mr-2"/>
 
@@ -677,6 +675,7 @@ export default defineComponent({
   padding: 6px;
   display: flex;
   justify-content: space-between;
+  align-items: center;
 }
 
 .job-artifacts-list {
@@ -684,10 +683,6 @@ export default defineComponent({
   list-style: none;
 }
 
-.job-artifacts-icon {
-  padding-right: 3px;
-}
-
 .job-brief-list {
   display: flex;
   flex-direction: column;
@@ -896,16 +891,6 @@ export default defineComponent({
 
 <style> /* eslint-disable-line vue-scoped-css/enforce-style-type */
 /* some elements are not managed by vue, so we need to use global style */
-.job-status-rotate {
-  animation: job-status-rotate-keyframes 1s linear infinite;
-}
-
-@keyframes job-status-rotate-keyframes {
-  100% {
-    transform: rotate(-360deg);
-  }
-}
-
 .job-step-section {
   margin: 10px;
 }
@@ -955,7 +940,6 @@ export default defineComponent({
 
 .job-step-logs .job-log-line .log-msg {
   flex: 1;
-  word-break: break-all;
   white-space: break-spaces;
   margin-left: 10px;
   overflow-wrap: anywhere;
diff --git a/web_src/js/components/RepoActivityTopAuthors.vue b/web_src/js/components/RepoActivityTopAuthors.vue
index 77b85bd7e2..5a925f9943 100644
--- a/web_src/js/components/RepoActivityTopAuthors.vue
+++ b/web_src/js/components/RepoActivityTopAuthors.vue
@@ -1,9 +1,9 @@
 <script lang="ts" setup>
 // @ts-expect-error - module exports no types
 import {VueBarGraph} from 'vue-bar-graph';
-import {computed, onMounted, ref} from 'vue';
+import {computed, onMounted, shallowRef, useTemplateRef} from 'vue';
 
-const colors = ref({
+const colors = shallowRef({
   barColor: 'green',
   textColor: 'black',
   textAltColor: 'white',
@@ -41,8 +41,8 @@ const graphWidth = computed(() => {
   return activityTopAuthors.length * 40;
 });
 
-const styleElement = ref<HTMLElement | null>(null);
-const altStyleElement = ref<HTMLElement | null>(null);
+const styleElement = useTemplateRef('styleElement');
+const altStyleElement = useTemplateRef('altStyleElement');
 
 onMounted(() => {
   const refStyle = window.getComputedStyle(styleElement.value);
@@ -58,8 +58,8 @@ onMounted(() => {
 
 <template>
   <div>
-    <div class="activity-bar-graph" ref="styleElement" style="width: 0; height: 0;"/>
-    <div class="activity-bar-graph-alt" ref="altStyleElement" style="width: 0; height: 0;"/>
+    <div class="activity-bar-graph tw-w-0 tw-h-0" ref="styleElement"/>
+    <div class="activity-bar-graph-alt tw-w-0 tw-h-0" ref="altStyleElement"/>
     <vue-bar-graph
       :points="graphPoints"
       :show-x-axis="true"
diff --git a/web_src/js/components/RepoBranchTagSelector.vue b/web_src/js/components/RepoBranchTagSelector.vue
index 820e69d9ab..8e3a29a0e0 100644
--- a/web_src/js/components/RepoBranchTagSelector.vue
+++ b/web_src/js/components/RepoBranchTagSelector.vue
@@ -216,14 +216,15 @@ export default defineComponent({
 });
 </script>
 <template>
-  <div class="ui dropdown custom branch-selector-dropdown ellipsis-items-nowrap">
-    <div tabindex="0" class="ui button branch-dropdown-button" @click="menuVisible = !menuVisible">
+  <div class="ui dropdown custom branch-selector-dropdown ellipsis-text-items">
+    <div tabindex="0" class="ui compact button branch-dropdown-button" @click="menuVisible = !menuVisible">
       <span class="flex-text-block gt-ellipsis">
         <template v-if="dropdownFixedText">{{ dropdownFixedText }}</template>
         <template v-else>
           <svg-icon v-if="currentRefType === 'tag'" name="octicon-tag"/>
-          <svg-icon v-else name="octicon-git-branch"/>
-          <strong ref="dropdownRefName" class="tw-ml-2 tw-inline-block gt-ellipsis">{{ currentRefShortName }}</strong>
+          <svg-icon v-else-if="currentRefType === 'branch'" name="octicon-git-branch"/>
+          <svg-icon v-else name="octicon-git-commit"/>
+          <strong ref="dropdownRefName" class="tw-inline-block gt-ellipsis">{{ currentRefShortName }}</strong>
         </template>
       </span>
       <svg-icon name="octicon-triangle-down" :size="14" class="dropdown icon"/>
diff --git a/web_src/js/components/RepoCodeFrequency.vue b/web_src/js/components/RepoCodeFrequency.vue
index 7696996cf6..f331a26fe9 100644
--- a/web_src/js/components/RepoCodeFrequency.vue
+++ b/web_src/js/components/RepoCodeFrequency.vue
@@ -23,7 +23,7 @@ import {
 import {chartJsColors} from '../utils/color.ts';
 import {sleep} from '../utils.ts';
 import 'chartjs-adapter-dayjs-4/dist/chartjs-adapter-dayjs-4.esm';
-import {onMounted, ref} from 'vue';
+import {onMounted, shallowRef} from 'vue';
 
 const {pageData} = window.config;
 
@@ -47,10 +47,10 @@ defineProps<{
   };
 }>();
 
-const isLoading = ref(false);
-const errorText = ref('');
-const repoLink = ref(pageData.repoLink || []);
-const data = ref<DayData[]>([]);
+const isLoading = shallowRef(false);
+const errorText = shallowRef('');
+const repoLink = pageData.repoLink;
+const data = shallowRef<DayData[]>([]);
 
 onMounted(() => {
   fetchGraphData();
@@ -61,7 +61,7 @@ async function fetchGraphData() {
   try {
     let response: Response;
     do {
-      response = await GET(`${repoLink.value}/activity/code-frequency/data`);
+      response = await GET(`${repoLink}/activity/code-frequency/data`);
       if (response.status === 202) {
         await sleep(1000); // wait for 1 second before retrying
       }
@@ -150,7 +150,7 @@ const options: ChartOptions<'line'> = {
     <div class="tw-flex ui segment main-graph">
       <div v-if="isLoading || errorText !== ''" class="gt-tc tw-m-auto">
         <div v-if="isLoading">
-          <SvgIcon name="octicon-sync" class="tw-mr-2 job-status-rotate"/>
+          <SvgIcon name="octicon-sync" class="tw-mr-2 circular-spin"/>
           {{ locale.loadingInfo }}
         </div>
         <div v-else class="text red">
diff --git a/web_src/js/components/RepoContributors.vue b/web_src/js/components/RepoContributors.vue
index 6ad2c848b1..754acb997d 100644
--- a/web_src/js/components/RepoContributors.vue
+++ b/web_src/js/components/RepoContributors.vue
@@ -353,12 +353,12 @@ export default defineComponent({
       </div>
       <div>
         <!-- Contribution type -->
-        <div class="ui dropdown jump" id="repo-contributors">
+        <div class="ui floating dropdown jump" id="repo-contributors">
           <div class="ui basic compact button">
             <span class="not-mobile">{{ locale.filterLabel }}</span> <strong>{{ locale.contributionType[type] }}</strong>
             <svg-icon name="octicon-triangle-down" :size="14"/>
           </div>
-          <div class="menu">
+          <div class="left menu">
             <div :class="['item', {'selected': type === 'commits'}]" data-value="commits">
               {{ locale.contributionType.commits }}
             </div>
@@ -375,7 +375,7 @@ export default defineComponent({
     <div class="tw-flex ui segment main-graph">
       <div v-if="isLoading || errorText !== ''" class="gt-tc tw-m-auto">
         <div v-if="isLoading">
-          <SvgIcon name="octicon-sync" class="tw-mr-2 job-status-rotate"/>
+          <SvgIcon name="octicon-sync" class="tw-mr-2 circular-spin"/>
           {{ locale.loadingInfo }}
         </div>
         <div v-else class="text red">
@@ -397,7 +397,7 @@ export default defineComponent({
         <div class="ui top attached header tw-flex tw-flex-1">
           <b class="ui right">#{{ index + 1 }}</b>
           <a :href="contributor.home_link">
-            <img class="ui avatar tw-align-middle" height="40" width="40" :src="contributor.avatar_link" alt="">
+            <img loading="lazy" class="ui avatar tw-align-middle" height="40" width="40" :src="contributor.avatar_link" alt="">
           </a>
           <div class="tw-ml-2">
             <a v-if="contributor.home_link !== ''" :href="contributor.home_link"><h4>{{ contributor.name }}</h4></a>
diff --git a/web_src/js/components/RepoRecentCommits.vue b/web_src/js/components/RepoRecentCommits.vue
index 10e1fdd70c..27aa27dfc3 100644
--- a/web_src/js/components/RepoRecentCommits.vue
+++ b/web_src/js/components/RepoRecentCommits.vue
@@ -21,7 +21,7 @@ import {
 import {chartJsColors} from '../utils/color.ts';
 import {sleep} from '../utils.ts';
 import 'chartjs-adapter-dayjs-4/dist/chartjs-adapter-dayjs-4.esm';
-import {onMounted, ref} from 'vue';
+import {onMounted, ref, shallowRef} from 'vue';
 
 const {pageData} = window.config;
 
@@ -43,9 +43,9 @@ defineProps<{
   };
 }>();
 
-const isLoading = ref(false);
-const errorText = ref('');
-const repoLink = ref(pageData.repoLink || []);
+const isLoading = shallowRef(false);
+const errorText = shallowRef('');
+const repoLink = pageData.repoLink;
 const data = ref<DayData[]>([]);
 
 onMounted(() => {
@@ -57,7 +57,7 @@ async function fetchGraphData() {
   try {
     let response: Response;
     do {
-      response = await GET(`${repoLink.value}/activity/recent-commits/data`);
+      response = await GET(`${repoLink}/activity/recent-commits/data`);
       if (response.status === 202) {
         await sleep(1000); // wait for 1 second before retrying
       }
@@ -128,7 +128,7 @@ const options: ChartOptions<'bar'> = {
     <div class="tw-flex ui segment main-graph">
       <div v-if="isLoading || errorText !== ''" class="gt-tc tw-m-auto">
         <div v-if="isLoading">
-          <SvgIcon name="octicon-sync" class="tw-mr-2 job-status-rotate"/>
+          <SvgIcon name="octicon-sync" class="tw-mr-2 circular-spin"/>
           {{ locale.loadingInfo }}
         </div>
         <div v-else class="text red">
diff --git a/web_src/js/components/ViewFileTree.vue b/web_src/js/components/ViewFileTree.vue
index 1820c47e7a..1f90f92586 100644
--- a/web_src/js/components/ViewFileTree.vue
+++ b/web_src/js/components/ViewFileTree.vue
@@ -1,10 +1,9 @@
 <script lang="ts" setup>
 import ViewFileTreeItem from './ViewFileTreeItem.vue';
-import {onMounted, ref} from 'vue';
-import {pathEscapeSegments} from '../utils/url.ts';
-import {GET} from '../modules/fetch.ts';
+import {onMounted, useTemplateRef} from 'vue';
+import {createViewFileTreeStore} from './ViewFileTreeStore.ts';
 
-const elRoot = ref<HTMLElement | null>(null);
+const elRoot = useTemplateRef('elRoot');
 
 const props = defineProps({
   repoLink: {type: String, required: true},
@@ -12,43 +11,20 @@ const props = defineProps({
   currentRefNameSubURL: {type: String, required: true},
 });
 
-const files = ref([]);
-const selectedItem = ref('');
-
-async function loadChildren(treePath: string, subPath: string = '') {
-  const response = await GET(`${props.repoLink}/tree-view/${props.currentRefNameSubURL}/${pathEscapeSegments(treePath)}?sub_path=${encodeURIComponent(subPath)}`);
-  const json = await response.json();
-  return json.fileTreeNodes ?? null;
-}
-
-async function loadViewContent(url: string) {
-  url = url.includes('?') ? url.replace('?', '?only_content=true') : `${url}?only_content=true`;
-  const response = await GET(url);
-  document.querySelector('.repo-view-content').innerHTML = await response.text();
-}
-
-async function navigateTreeView(treePath: string) {
-  const url = `${props.repoLink}/src/${props.currentRefNameSubURL}/${pathEscapeSegments(treePath)}`;
-  window.history.pushState({treePath, url}, null, url);
-  selectedItem.value = treePath;
-  await loadViewContent(url);
-}
-
+const store = createViewFileTreeStore(props);
 onMounted(async () => {
-  selectedItem.value = props.treePath;
-  files.value = await loadChildren('', props.treePath);
+  store.rootFiles = await store.loadChildren('', props.treePath);
   elRoot.value.closest('.is-loading')?.classList?.remove('is-loading');
   window.addEventListener('popstate', (e) => {
-    selectedItem.value = e.state?.treePath || '';
-    if (e.state?.url) loadViewContent(e.state.url);
+    store.selectedItem = e.state?.treePath || '';
+    if (e.state?.url) store.loadViewContent(e.state.url);
   });
 });
 </script>
 
 <template>
   <div class="view-file-tree-items" ref="elRoot">
-    <!-- only render the tree if we're visible. in many cases this is something that doesn't change very often -->
-    <ViewFileTreeItem v-for="item in files" :key="item.name" :item="item" :selected-item="selectedItem" :navigate-view-content="navigateTreeView" :load-children="loadChildren"/>
+    <ViewFileTreeItem v-for="item in store.rootFiles" :key="item.name" :item="item" :store="store"/>
   </div>
 </template>
 
diff --git a/web_src/js/components/ViewFileTreeItem.vue b/web_src/js/components/ViewFileTreeItem.vue
index 4dffc86a1b..5173c7eb46 100644
--- a/web_src/js/components/ViewFileTreeItem.vue
+++ b/web_src/js/components/ViewFileTreeItem.vue
@@ -1,10 +1,14 @@
 <script lang="ts" setup>
 import {SvgIcon} from '../svg.ts';
-import {ref} from 'vue';
+import {isPlainClick} from '../utils/dom.ts';
+import {shallowRef} from 'vue';
+import {type createViewFileTreeStore} from './ViewFileTreeStore.ts';
 
 type Item = {
   entryName: string;
-  entryMode: string;
+  entryMode: 'blob' | 'exec' | 'tree' | 'commit' | 'symlink' | 'unknown';
+  entryIcon: string;
+  entryIconOpen: string;
   fullPath: string;
   submoduleUrl?: string;
   children?: Item[];
@@ -12,99 +16,67 @@ type Item = {
 
 const props = defineProps<{
   item: Item,
-  navigateViewContent:(treePath: string) => void,
-  loadChildren:(treePath: string, subPath?: string) => Promise<Item[]>,
-  selectedItem?: string,
+  store: ReturnType<typeof createViewFileTreeStore>
 }>();
 
-const isLoading = ref(false);
-const children = ref(props.item.children);
-const collapsed = ref(!props.item.children);
+const store = props.store;
+const isLoading = shallowRef(false);
+const children = shallowRef(props.item.children);
+const collapsed = shallowRef(!props.item.children);
 
 const doLoadChildren = async () => {
   collapsed.value = !collapsed.value;
-  if (!collapsed.value && props.loadChildren) {
+  if (!collapsed.value) {
     isLoading.value = true;
     try {
-      children.value = await props.loadChildren(props.item.fullPath);
+      children.value = await store.loadChildren(props.item.fullPath);
     } finally {
       isLoading.value = false;
     }
   }
 };
 
-const doLoadDirContent = () => {
-  doLoadChildren();
-  props.navigateViewContent(props.item.fullPath);
+const onItemClick = (e: MouseEvent) => {
+  // only handle the click event with page partial reloading if the user didn't press any special key
+  // let browsers handle special keys like "Ctrl+Click"
+  if (!isPlainClick(e)) return;
+  e.preventDefault();
+  if (props.item.entryMode === 'tree') doLoadChildren();
+  store.navigateTreeView(props.item.fullPath);
 };
 
-const doLoadFileContent = () => {
-  props.navigateViewContent(props.item.fullPath);
-};
-
-const doGotoSubModule = () => {
-  location.href = props.item.submoduleUrl;
-};
 </script>
 
-<!--title instead of tooltip above as the tooltip needs too much work with the current methods, i.e. not being loaded or staying open for "too long"-->
 <template>
-  <div
-    v-if="item.entryMode === 'commit'" class="tree-item type-submodule"
+  <a
+    class="tree-item silenced"
+    :class="{
+      'selected': store.selectedItem === item.fullPath,
+      'type-submodule': item.entryMode === 'commit',
+      'type-directory': item.entryMode === 'tree',
+      'type-symlink': item.entryMode === 'symlink',
+      'type-file': item.entryMode === 'blob' || item.entryMode === 'exec',
+    }"
     :title="item.entryName"
-    @click.stop="doGotoSubModule"
+    :href="store.buildTreePathWebUrl(item.fullPath)"
+    @click.stop="onItemClick"
   >
-    <!-- submodule -->
-    <div class="item-content">
-      <SvgIcon class="text primary" name="octicon-file-submodule"/>
-      <span class="gt-ellipsis tw-flex-1">{{ item.entryName }}</span>
+    <div v-if="item.entryMode === 'tree'" class="item-toggle">
+      <SvgIcon v-if="isLoading" name="octicon-sync" class="circular-spin"/>
+      <SvgIcon v-else :name="collapsed ? 'octicon-chevron-right' : 'octicon-chevron-down'" @click.stop.prevent="doLoadChildren"/>
     </div>
-  </div>
-  <div
-    v-else-if="item.entryMode === 'symlink'" class="tree-item type-symlink"
-    :class="{'selected': selectedItem === item.fullPath}"
-    :title="item.entryName"
-    @click.stop="doLoadFileContent"
-  >
-    <!-- symlink -->
     <div class="item-content">
-      <SvgIcon name="octicon-file-symlink-file"/>
-      <span class="gt-ellipsis tw-flex-1">{{ item.entryName }}</span>
-    </div>
-  </div>
-  <div
-    v-else-if="item.entryMode !== 'tree'" class="tree-item type-file"
-    :class="{'selected': selectedItem === item.fullPath}"
-    :title="item.entryName"
-    @click.stop="doLoadFileContent"
-  >
-    <!-- file -->
-    <div class="item-content">
-      <SvgIcon name="octicon-file"/>
-      <span class="gt-ellipsis tw-flex-1">{{ item.entryName }}</span>
-    </div>
-  </div>
-  <div
-    v-else class="tree-item type-directory"
-    :class="{'selected': selectedItem === item.fullPath}"
-    :title="item.entryName"
-    @click.stop="doLoadDirContent"
-  >
-    <!-- directory -->
-    <div class="item-toggle">
-      <SvgIcon v-if="isLoading" name="octicon-sync" class="job-status-rotate"/>
-      <SvgIcon v-else :name="collapsed ? 'octicon-chevron-right' : 'octicon-chevron-down'" @click.stop="doLoadChildren"/>
-    </div>
-    <div class="item-content">
-      <SvgIcon class="text primary" :name="collapsed ? 'octicon-file-directory-fill' : 'octicon-file-directory-open-fill'"/>
+      <!-- eslint-disable-next-line vue/no-v-html -->
+      <span class="tw-contents" v-html="(!collapsed && item.entryIconOpen) ? item.entryIconOpen : item.entryIcon"/>
       <span class="gt-ellipsis">{{ item.entryName }}</span>
     </div>
-  </div>
+  </a>
 
   <div v-if="children?.length" v-show="!collapsed" class="sub-items">
-    <ViewFileTreeItem v-for="childItem in children" :key="childItem.entryName" :item="childItem" :selected-item="selectedItem" :navigate-view-content="navigateViewContent" :load-children="loadChildren"/>
+    <ViewFileTreeItem v-for="childItem in children" :key="childItem.entryName" :item="childItem" :store="store"/>
   </div>
 </template>
+
 <style scoped>
 .sub-items {
   display: flex;
@@ -149,7 +121,7 @@ const doGotoSubModule = () => {
   grid-area: content;
   display: flex;
   align-items: center;
-  gap: 0.25em;
+  gap: 0.5em;
   text-overflow: ellipsis;
   min-width: 0;
 }
diff --git a/web_src/js/components/ViewFileTreeStore.ts b/web_src/js/components/ViewFileTreeStore.ts
new file mode 100644
index 0000000000..e2155bd58a
--- /dev/null
+++ b/web_src/js/components/ViewFileTreeStore.ts
@@ -0,0 +1,45 @@
+import {reactive} from 'vue';
+import {GET} from '../modules/fetch.ts';
+import {pathEscapeSegments} from '../utils/url.ts';
+import {createElementFromHTML} from '../utils/dom.ts';
+import {html} from '../utils/html.ts';
+
+export function createViewFileTreeStore(props: { repoLink: string, treePath: string, currentRefNameSubURL: string}) {
+  const store = reactive({
+    rootFiles: [],
+    selectedItem: props.treePath,
+
+    async loadChildren(treePath: string, subPath: string = '') {
+      const response = await GET(`${props.repoLink}/tree-view/${props.currentRefNameSubURL}/${pathEscapeSegments(treePath)}?sub_path=${encodeURIComponent(subPath)}`);
+      const json = await response.json();
+      const poolSvgs = [];
+      for (const [svgId, svgContent] of Object.entries(json.renderedIconPool ?? {})) {
+        if (!document.querySelector(`.global-svg-icon-pool #${svgId}`)) poolSvgs.push(svgContent);
+      }
+      if (poolSvgs.length) {
+        const svgContainer = createElementFromHTML(html`<div class="global-svg-icon-pool tw-hidden"></div>`);
+        svgContainer.innerHTML = poolSvgs.join('');
+        document.body.append(svgContainer);
+      }
+      return json.fileTreeNodes ?? null;
+    },
+
+    async loadViewContent(url: string) {
+      url = url.includes('?') ? url.replace('?', '?only_content=true') : `${url}?only_content=true`;
+      const response = await GET(url);
+      document.querySelector('.repo-view-content').innerHTML = await response.text();
+    },
+
+    async navigateTreeView(treePath: string) {
+      const url = store.buildTreePathWebUrl(treePath);
+      window.history.pushState({treePath, url}, null, url);
+      store.selectedItem = treePath;
+      await store.loadViewContent(url);
+    },
+
+    buildTreePathWebUrl(treePath: string) {
+      return `${props.repoLink}/src/${props.currentRefNameSubURL}/${pathEscapeSegments(treePath)}`;
+    },
+  });
+  return store;
+}
diff --git a/web_src/js/features/admin/common.ts b/web_src/js/features/admin/common.ts
index 3652ea7d39..dd5b1f464d 100644
--- a/web_src/js/features/admin/common.ts
+++ b/web_src/js/features/admin/common.ts
@@ -1,7 +1,6 @@
 import {checkAppUrl} from '../common-page.ts';
 import {hideElem, queryElems, showElem, toggleElem} from '../../utils/dom.ts';
 import {POST} from '../../modules/fetch.ts';
-import {initAvatarUploaderWithCropper} from '../comp/Cropper.ts';
 import {fomanticQuery} from '../../modules/fomantic/base.ts';
 
 const {appSubUrl} = window.config;
@@ -23,8 +22,6 @@ export function initAdminCommon(): void {
   initAdminUser();
   initAdminAuthentication();
   initAdminNotice();
-
-  queryElems(document, '.avatar-file-with-cropper', initAvatarUploaderWithCropper);
 }
 
 function initAdminUser() {
@@ -105,6 +102,9 @@ function initAdminAuthentication() {
         break;
       }
     }
+
+    const supportSshPublicKey = document.querySelector<HTMLInputElement>(`#${provider}_SupportSSHPublicKey`)?.value === 'true';
+    toggleElem('.field.oauth2_ssh_public_key_claim_name', supportSshPublicKey);
     onOAuth2UseCustomURLChange(applyDefaultValues);
   }
 
diff --git a/web_src/js/features/colorpicker.ts b/web_src/js/features/colorpicker.ts
index b99e2f8c45..66d1fcb72a 100644
--- a/web_src/js/features/colorpicker.ts
+++ b/web_src/js/features/colorpicker.ts
@@ -1,18 +1,19 @@
 import {createTippy} from '../modules/tippy.ts';
 import type {DOMEvent} from '../utils/dom.ts';
+import {registerGlobalInitFunc} from '../modules/observer.ts';
 
 export async function initColorPickers() {
-  const els = document.querySelectorAll<HTMLElement>('.js-color-picker-input');
-  if (!els.length) return;
-
-  await Promise.all([
-    import(/* webpackChunkName: "colorpicker" */'vanilla-colorful/hex-color-picker.js'),
-    import(/* webpackChunkName: "colorpicker" */'../../css/features/colorpicker.css'),
-  ]);
-
-  for (const el of els) {
+  let imported = false;
+  registerGlobalInitFunc('initColorPicker', async (el) => {
+    if (!imported) {
+      await Promise.all([
+        import(/* webpackChunkName: "colorpicker" */'vanilla-colorful/hex-color-picker.js'),
+        import(/* webpackChunkName: "colorpicker" */'../../css/features/colorpicker.css'),
+      ]);
+      imported = true;
+    }
     initPicker(el);
-  }
+  });
 }
 
 function updateSquare(el: HTMLElement, newValue: string): void {
@@ -55,13 +56,20 @@ function initPicker(el: HTMLElement): void {
     },
   });
 
-  // init precolors
+  // init random color & precolors
+  const setSelectedColor = (color: string) => {
+    input.value = color;
+    input.dispatchEvent(new Event('input', {bubbles: true}));
+    updateSquare(square, color);
+  };
+  el.querySelector('.generate-random-color').addEventListener('click', () => {
+    const newValue = `#${Math.floor(Math.random() * 0xFFFFFF).toString(16).padStart(6, '0')}`;
+    setSelectedColor(newValue);
+  });
   for (const colorEl of el.querySelectorAll<HTMLElement>('.precolors .color')) {
     colorEl.addEventListener('click', (e: DOMEvent<MouseEvent, HTMLAnchorElement>) => {
       const newValue = e.target.getAttribute('data-color-hex');
-      input.value = newValue;
-      input.dispatchEvent(new Event('input', {bubbles: true}));
-      updateSquare(square, newValue);
+      setSelectedColor(newValue);
     });
   }
 }
diff --git a/web_src/js/features/common-button.test.ts b/web_src/js/features/common-button.test.ts
new file mode 100644
index 0000000000..4ae1f74897
--- /dev/null
+++ b/web_src/js/features/common-button.test.ts
@@ -0,0 +1,25 @@
+import {assignElementProperty, type ElementWithAssignableProperties} from './common-button.ts';
+
+test('assignElementProperty', () => {
+  const elForm = document.createElement('form');
+  assignElementProperty(elForm, 'action', '/test-link');
+  expect(elForm.action).contains('/test-link'); // the DOM always returns absolute URL
+  expect(elForm.getAttribute('action')).eq('/test-link');
+  assignElementProperty(elForm, 'text-content', 'dummy');
+  expect(elForm.textContent).toBe('dummy');
+
+  // mock a form with its property "action" overwritten by an input element
+  const elFormWithAction = new class implements ElementWithAssignableProperties {
+    action = document.createElement('input'); // now "form.action" is not string, but an input element
+    _attrs: Record<string, string> = {};
+    setAttribute(name: string, value: string) { this._attrs[name] = value }
+    getAttribute(name: string): string | null { return this._attrs[name] }
+  }();
+  assignElementProperty(elFormWithAction, 'action', '/bar');
+  expect(elFormWithAction.getAttribute('action')).eq('/bar');
+
+  const elInput = document.createElement('input');
+  expect(elInput.readOnly).toBe(false);
+  assignElementProperty(elInput, 'read-only', 'true');
+  expect(elInput.readOnly).toBe(true);
+});
diff --git a/web_src/js/features/common-button.ts b/web_src/js/features/common-button.ts
index 003bfbce5d..0326956222 100644
--- a/web_src/js/features/common-button.ts
+++ b/web_src/js/features/common-button.ts
@@ -1,5 +1,5 @@
 import {POST} from '../modules/fetch.ts';
-import {addDelegatedEventListener, hideElem, showElem, toggleElem} from '../utils/dom.ts';
+import {addDelegatedEventListener, hideElem, isElemVisible, showElem, toggleElem} from '../utils/dom.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 import {camelize} from 'vue';
 
@@ -43,13 +43,16 @@ export function initGlobalDeleteButton(): void {
 
       fomanticQuery(modal).modal({
         closable: false,
-        onApprove: async () => {
+        onApprove: () => {
           // if `data-type="form"` exists, then submit the form by the selector provided by `data-form="..."`
           if (btn.getAttribute('data-type') === 'form') {
             const formSelector = btn.getAttribute('data-form');
             const form = document.querySelector<HTMLFormElement>(formSelector);
             if (!form) throw new Error(`no form named ${formSelector} found`);
+            modal.classList.add('is-loading'); // the form is not in the modal, so also add loading indicator to the modal
+            form.classList.add('is-loading');
             form.submit();
+            return false; // prevent modal from closing automatically
           }
 
           // prepare an AJAX form by data attributes
@@ -62,12 +65,15 @@ export function initGlobalDeleteButton(): void {
               postData.append('id', value);
             }
           }
-
-          const response = await POST(btn.getAttribute('data-url'), {data: postData});
-          if (response.ok) {
-            const data = await response.json();
-            window.location.href = data.redirect;
-          }
+          (async () => {
+            const response = await POST(btn.getAttribute('data-url'), {data: postData});
+            if (response.ok) {
+              const data = await response.json();
+              window.location.href = data.redirect;
+            }
+          })();
+          modal.classList.add('is-loading'); // the request is in progress, so also add loading indicator to the modal
+          return false; // prevent modal from closing automatically
         },
       }).modal('show');
     });
@@ -79,10 +85,11 @@ function onShowPanelClick(el: HTMLElement, e: MouseEvent) {
   // if it has "toggle" class, it toggles the panel
   e.preventDefault();
   const sel = el.getAttribute('data-panel');
-  if (el.classList.contains('toggle')) {
-    toggleElem(sel);
-  } else {
-    showElem(sel);
+  const elems = el.classList.contains('toggle') ? toggleElem(sel) : showElem(sel);
+  for (const elem of elems) {
+    if (isElemVisible(elem as HTMLElement)) {
+      elem.querySelector<HTMLElement>('[autofocus]')?.focus();
+    }
   }
 }
 
@@ -102,6 +109,29 @@ function onHidePanelClick(el: HTMLElement, e: MouseEvent) {
   throw new Error('no panel to hide'); // should never happen, otherwise there is a bug in code
 }
 
+export type ElementWithAssignableProperties = {
+  getAttribute: (name: string) => string | null;
+  setAttribute: (name: string, value: string) => void;
+} & Record<string, any>
+
+export function assignElementProperty(el: ElementWithAssignableProperties, kebabName: string, val: string) {
+  const camelizedName = camelize(kebabName);
+  const old = el[camelizedName];
+  if (typeof old === 'boolean') {
+    el[camelizedName] = val === 'true';
+  } else if (typeof old === 'number') {
+    el[camelizedName] = parseFloat(val);
+  } else if (typeof old === 'string') {
+    el[camelizedName] = val;
+  } else if (old?.nodeName) {
+    // "form" has an edge case: its "<input name=action>" element overwrites the "action" property, we can only set attribute
+    el.setAttribute(kebabName, val);
+  } else {
+    // in the future, we could introduce a better typing system like `data-modal-form.action:string="..."`
+    throw new Error(`cannot assign element property "${camelizedName}" by value "${val}"`);
+  }
+}
+
 function onShowModalClick(el: HTMLElement, e: MouseEvent) {
   // A ".show-modal" button will show a modal dialog defined by its "data-modal" attribute.
   // Each "data-modal-{target}" attribute will be filled to target element's value or text-content.
@@ -109,7 +139,7 @@ function onShowModalClick(el: HTMLElement, e: MouseEvent) {
   // * Then, try to query '[name=target]'
   // * Then, try to query '.target'
   // * Then, try to query 'target' as HTML tag
-  // If there is a ".{attr}" part like "data-modal-form.action", then the form's "action" attribute will be set.
+  // If there is a ".{prop-name}" part like "data-modal-form.action", the "form" element's "action" property will be set, the "prop-name" will be camel-cased to "propName".
   e.preventDefault();
   const modalSelector = el.getAttribute('data-modal');
   const elModal = document.querySelector(modalSelector);
@@ -122,19 +152,20 @@ function onShowModalClick(el: HTMLElement, e: MouseEvent) {
     }
 
     const attrTargetCombo = attrib.name.substring(modalAttrPrefix.length);
-    const [attrTargetName, attrTargetAttr] = attrTargetCombo.split('.');
-    // try to find target by: "#target" -> "[name=target]" -> ".target" -> "<target> tag"
+    const [attrTargetName, attrTargetProp] = attrTargetCombo.split('.');
+    // try to find target by: "#target" -> "[name=target]" -> ".target" -> "<target> tag", and then try the modal itself
     const attrTarget = elModal.querySelector(`#${attrTargetName}`) ||
       elModal.querySelector(`[name=${attrTargetName}]`) ||
       elModal.querySelector(`.${attrTargetName}`) ||
-      elModal.querySelector(`${attrTargetName}`);
+      elModal.querySelector(`${attrTargetName}`) ||
+      (elModal.matches(`${attrTargetName}`) || elModal.matches(`#${attrTargetName}`) || elModal.matches(`.${attrTargetName}`) ? elModal : null);
     if (!attrTarget) {
       if (!window.config.runModeIsProd) throw new Error(`attr target "${attrTargetCombo}" not found for modal`);
       continue;
     }
 
-    if (attrTargetAttr) {
-      (attrTarget as any)[camelize(attrTargetAttr)] = attrib.value;
+    if (attrTargetProp) {
+      assignElementProperty(attrTarget, attrTargetProp, attrib.value);
     } else if (attrTarget.matches('input, textarea')) {
       (attrTarget as HTMLInputElement | HTMLTextAreaElement).value = attrib.value; // FIXME: add more supports like checkbox
     } else {
@@ -142,13 +173,7 @@ function onShowModalClick(el: HTMLElement, e: MouseEvent) {
     }
   }
 
-  fomanticQuery(elModal).modal('setting', {
-    onApprove: () => {
-      // "form-fetch-action" can handle network errors gracefully,
-      // so keep the modal dialog to make users can re-submit the form if anything wrong happens.
-      if (elModal.querySelector('.form-fetch-action')) return false;
-    },
-  }).modal('show');
+  fomanticQuery(elModal).modal('show');
 }
 
 export function initGlobalButtons(): void {
diff --git a/web_src/js/features/common-fetch-action.ts b/web_src/js/features/common-fetch-action.ts
index 2da481e521..3ca361b6e2 100644
--- a/web_src/js/features/common-fetch-action.ts
+++ b/web_src/js/features/common-fetch-action.ts
@@ -1,11 +1,11 @@
 import {request} from '../modules/fetch.ts';
-import {showErrorToast} from '../modules/toast.ts';
-import {addDelegatedEventListener, submitEventSubmitter} from '../utils/dom.ts';
-import {confirmModal} from './comp/ConfirmModal.ts';
+import {hideToastsAll, showErrorToast} from '../modules/toast.ts';
+import {addDelegatedEventListener, createElementFromHTML, submitEventSubmitter} from '../utils/dom.ts';
+import {confirmModal, createConfirmModal} from './comp/ConfirmModal.ts';
 import type {RequestOpts} from '../types.ts';
 import {ignoreAreYouSure} from '../vendor/jquery.are-you-sure.ts';
 
-const {appSubUrl, i18n} = window.config;
+const {appSubUrl} = window.config;
 
 // fetchActionDoRedirect does real redirection to bypass the browser's limitations of "location"
 // more details are in the backend's fetch-redirect handler
@@ -23,10 +23,20 @@ function fetchActionDoRedirect(redirect: string) {
 }
 
 async function fetchActionDoRequest(actionElem: HTMLElement, url: string, opt: RequestOpts) {
+  const showErrorForResponse = (code: number, message: string) => {
+    showErrorToast(`Error ${code || 'request'}: ${message}`);
+  };
+
+  let respStatus = 0;
+  let respText = '';
   try {
+    hideToastsAll();
     const resp = await request(url, opt);
-    if (resp.status === 200) {
-      let {redirect} = await resp.json();
+    respStatus = resp.status;
+    respText = await resp.text();
+    const respJson = JSON.parse(respText);
+    if (respStatus === 200) {
+      let {redirect} = respJson;
       redirect = redirect || actionElem.getAttribute('data-redirect');
       ignoreAreYouSure(actionElem); // ignore the areYouSure check before reloading
       if (redirect) {
@@ -35,29 +45,32 @@ async function fetchActionDoRequest(actionElem: HTMLElement, url: string, opt: R
         window.location.reload();
       }
       return;
-    } else if (resp.status >= 400 && resp.status < 500) {
-      const data = await resp.json();
+    }
+
+    if (respStatus >= 400 && respStatus < 500 && respJson?.errorMessage) {
       // the code was quite messy, sometimes the backend uses "err", sometimes it uses "error", and even "user_error"
       // but at the moment, as a new approach, we only use "errorMessage" here, backend can use JSONError() to respond.
-      if (data.errorMessage) {
-        showErrorToast(data.errorMessage, {useHtmlBody: data.renderFormat === 'html'});
-      } else {
-        showErrorToast(`server error: ${resp.status}`);
-      }
+      showErrorToast(respJson.errorMessage, {useHtmlBody: respJson.renderFormat === 'html'});
     } else {
-      showErrorToast(`server error: ${resp.status}`);
+      showErrorForResponse(respStatus, respText);
     }
   } catch (e) {
-    if (e.name !== 'AbortError') {
-      console.error('error when doRequest', e);
-      showErrorToast(`${i18n.network_error} ${e}`);
+    if (e.name === 'SyntaxError') {
+      showErrorForResponse(respStatus, (respText || '').substring(0, 100));
+    } else if (e.name !== 'AbortError') {
+      console.error('fetchActionDoRequest error', e);
+      showErrorForResponse(respStatus, `${e}`);
     }
   }
   actionElem.classList.remove('is-loading', 'loading-icon-2px');
 }
 
-async function formFetchAction(formEl: HTMLFormElement, e: SubmitEvent) {
+async function onFormFetchActionSubmit(formEl: HTMLFormElement, e: SubmitEvent) {
   e.preventDefault();
+  await submitFormFetchAction(formEl, submitEventSubmitter(e));
+}
+
+export async function submitFormFetchAction(formEl: HTMLFormElement, formSubmitter?: HTMLElement) {
   if (formEl.classList.contains('is-loading')) return;
 
   formEl.classList.add('is-loading');
@@ -66,9 +79,8 @@ async function formFetchAction(formEl: HTMLFormElement, e: SubmitEvent) {
   }
 
   const formMethod = formEl.getAttribute('method') || 'get';
-  const formActionUrl = formEl.getAttribute('action');
+  const formActionUrl = formEl.getAttribute('action') || window.location.href;
   const formData = new FormData(formEl);
-  const formSubmitter = submitEventSubmitter(e);
   const [submitterName, submitterValue] = [formSubmitter?.getAttribute('name'), formSubmitter?.getAttribute('value')];
   if (submitterName) {
     formData.append(submitterName, submitterValue || '');
@@ -96,36 +108,52 @@ async function formFetchAction(formEl: HTMLFormElement, e: SubmitEvent) {
   await fetchActionDoRequest(formEl, reqUrl, reqOpt);
 }
 
-async function linkAction(el: HTMLElement, e: Event) {
+async function onLinkActionClick(el: HTMLElement, e: Event) {
   // A "link-action" can post AJAX request to its "data-url"
   // Then the browser is redirected to: the "redirect" in response, or "data-redirect" attribute, or current URL by reloading.
-  // If the "link-action" has "data-modal-confirm" attribute, a confirm modal dialog will be shown before taking action.
+  // If the "link-action" has "data-modal-confirm" attribute, a "confirm modal dialog" will be shown before taking action.
+  // Attribute "data-modal-confirm" can be a modal element by "#the-modal-id", or a string content for the modal dialog.
   e.preventDefault();
   const url = el.getAttribute('data-url');
   const doRequest = async () => {
-    if ('disabled' in el) el.disabled = true; // el could be A or BUTTON, but A doesn't have disabled attribute
+    if ('disabled' in el) el.disabled = true; // el could be A or BUTTON, but "A" doesn't have the "disabled" attribute
     await fetchActionDoRequest(el, url, {method: el.getAttribute('data-link-action-method') || 'POST'});
     if ('disabled' in el) el.disabled = false;
   };
 
-  const modalConfirmContent = el.getAttribute('data-modal-confirm') ||
-    el.getAttribute('data-modal-confirm-content') || '';
-  if (!modalConfirmContent) {
+  let elModal: HTMLElement | null = null;
+  const dataModalConfirm = el.getAttribute('data-modal-confirm') || '';
+  if (dataModalConfirm.startsWith('#')) {
+    // eslint-disable-next-line unicorn/prefer-query-selector
+    elModal = document.getElementById(dataModalConfirm.substring(1));
+    if (elModal) {
+      elModal = createElementFromHTML(elModal.outerHTML);
+      elModal.removeAttribute('id');
+    }
+  }
+  if (!elModal) {
+    const modalConfirmContent = dataModalConfirm || el.getAttribute('data-modal-confirm-content') || '';
+    if (modalConfirmContent) {
+      const isRisky = el.classList.contains('red') || el.classList.contains('negative');
+      elModal = createConfirmModal({
+        header: el.getAttribute('data-modal-confirm-header') || '',
+        content: modalConfirmContent,
+        confirmButtonColor: isRisky ? 'red' : 'primary',
+      });
+    }
+  }
+
+  if (!elModal) {
     await doRequest();
     return;
   }
 
-  const isRisky = el.classList.contains('red') || el.classList.contains('negative');
-  if (await confirmModal({
-    header: el.getAttribute('data-modal-confirm-header') || '',
-    content: modalConfirmContent,
-    confirmButtonColor: isRisky ? 'red' : 'primary',
-  })) {
+  if (await confirmModal(elModal)) {
     await doRequest();
   }
 }
 
 export function initGlobalFetchAction() {
-  addDelegatedEventListener(document, 'submit', '.form-fetch-action', formFetchAction);
-  addDelegatedEventListener(document, 'click', '.link-action', linkAction);
+  addDelegatedEventListener(document, 'submit', '.form-fetch-action', onFormFetchActionSubmit);
+  addDelegatedEventListener(document, 'click', '.link-action', onLinkActionClick);
 }
diff --git a/web_src/js/features/common-issue-list.ts b/web_src/js/features/common-issue-list.ts
index e207364794..037529bd10 100644
--- a/web_src/js/features/common-issue-list.ts
+++ b/web_src/js/features/common-issue-list.ts
@@ -1,4 +1,4 @@
-import {isElemHidden, onInputDebounce, submitEventSubmitter, toggleElem} from '../utils/dom.ts';
+import {isElemVisible, onInputDebounce, submitEventSubmitter, toggleElem} from '../utils/dom.ts';
 import {GET} from '../modules/fetch.ts';
 
 const {appSubUrl} = window.config;
@@ -28,7 +28,7 @@ export function parseIssueListQuickGotoLink(repoLink: string, searchText: string
 }
 
 export function initCommonIssueListQuickGoto() {
-  const goto = document.querySelector('#issue-list-quick-goto');
+  const goto = document.querySelector<HTMLElement>('#issue-list-quick-goto');
   if (!goto) return;
 
   const form = goto.closest('form');
@@ -37,7 +37,7 @@ export function initCommonIssueListQuickGoto() {
 
   form.addEventListener('submit', (e) => {
     // if there is no goto button, or the form is submitted by non-quick-goto elements, submit the form directly
-    let doQuickGoto = !isElemHidden(goto);
+    let doQuickGoto = isElemVisible(goto);
     const submitter = submitEventSubmitter(e);
     if (submitter !== form && submitter !== input && submitter !== goto) doQuickGoto = false;
     if (!doQuickGoto) return;
diff --git a/web_src/js/features/common-organization.ts b/web_src/js/features/common-organization.ts
index 9d5964c4c7..a1f19bedea 100644
--- a/web_src/js/features/common-organization.ts
+++ b/web_src/js/features/common-organization.ts
@@ -1,6 +1,5 @@
 import {initCompLabelEdit} from './comp/LabelEdit.ts';
-import {queryElems, toggleElem} from '../utils/dom.ts';
-import {initAvatarUploaderWithCropper} from './comp/Cropper.ts';
+import {toggleElem} from '../utils/dom.ts';
 
 export function initCommonOrganization() {
   if (!document.querySelectorAll('.organization').length) {
@@ -14,6 +13,4 @@ export function initCommonOrganization() {
 
   // Labels
   initCompLabelEdit('.page-content.organization.settings.labels');
-
-  queryElems(document, '.avatar-file-with-cropper', initAvatarUploaderWithCropper);
 }
diff --git a/web_src/js/features/common-page.ts b/web_src/js/features/common-page.ts
index 6aabfc5d4f..5a02ee7a6a 100644
--- a/web_src/js/features/common-page.ts
+++ b/web_src/js/features/common-page.ts
@@ -3,6 +3,7 @@ import {showGlobalErrorMessage} from '../bootstrap.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 import {queryElems} from '../utils/dom.ts';
 import {registerGlobalInitFunc, registerGlobalSelectorFunc} from '../modules/observer.ts';
+import {initAvatarUploaderWithCropper} from './comp/Cropper.ts';
 
 const {appUrl} = window.config;
 
@@ -80,6 +81,10 @@ export function initGlobalTabularMenu() {
   fomanticQuery('.ui.menu.tabular:not(.custom) .item').tab();
 }
 
+export function initGlobalAvatarUploader() {
+  registerGlobalInitFunc('initAvatarUploader', initAvatarUploaderWithCropper);
+}
+
 // for performance considerations, it only uses performant syntax
 function attachInputDirAuto(el: Partial<HTMLInputElement | HTMLTextAreaElement>) {
   if (el.type !== 'hidden' &&
diff --git a/web_src/js/features/comp/ComboMarkdownEditor.ts b/web_src/js/features/comp/ComboMarkdownEditor.ts
index d3773a89c4..afa3957e21 100644
--- a/web_src/js/features/comp/ComboMarkdownEditor.ts
+++ b/web_src/js/features/comp/ComboMarkdownEditor.ts
@@ -1,7 +1,7 @@
 import '@github/markdown-toolbar-element';
 import '@github/text-expander-element';
 import {attachTribute} from '../tribute.ts';
-import {hideElem, showElem, autosize, isElemVisible} from '../../utils/dom.ts';
+import {hideElem, showElem, autosize, isElemVisible, generateElemId} from '../../utils/dom.ts';
 import {
   EventUploadStateChanged,
   initEasyMDEPaste,
@@ -25,8 +25,6 @@ import {createTippy} from '../../modules/tippy.ts';
 import {fomanticQuery} from '../../modules/fomantic/base.ts';
 import type EasyMDE from 'easymde';
 
-let elementIdCounter = 0;
-
 /**
  * validate if the given textarea is non-empty.
  * @param {HTMLTextAreaElement} textarea - The textarea element to be validated.
@@ -125,7 +123,7 @@ export class ComboMarkdownEditor {
   setupTextarea() {
     this.textarea = this.container.querySelector('.markdown-text-editor');
     this.textarea._giteaComboMarkdownEditor = this;
-    this.textarea.id = `_combo_markdown_editor_${String(elementIdCounter++)}`;
+    this.textarea.id = generateElemId(`_combo_markdown_editor_`);
     this.textarea.addEventListener('input', () => triggerEditorContentChanged(this.container));
     this.applyEditorHeights(this.textarea, this.options.editorHeights);
 
@@ -213,16 +211,16 @@ export class ComboMarkdownEditor {
 
     // Fomantic Tab requires the "data-tab" to be globally unique.
     // So here it uses our defined "data-tab-for" and "data-tab-panel" to generate the "data-tab" attribute for Fomantic.
+    const tabIdSuffix = generateElemId();
     this.tabEditor = Array.from(tabs).find((tab) => tab.getAttribute('data-tab-for') === 'markdown-writer');
     this.tabPreviewer = Array.from(tabs).find((tab) => tab.getAttribute('data-tab-for') === 'markdown-previewer');
-    this.tabEditor.setAttribute('data-tab', `markdown-writer-${elementIdCounter}`);
-    this.tabPreviewer.setAttribute('data-tab', `markdown-previewer-${elementIdCounter}`);
+    this.tabEditor.setAttribute('data-tab', `markdown-writer-${tabIdSuffix}`);
+    this.tabPreviewer.setAttribute('data-tab', `markdown-previewer-${tabIdSuffix}`);
 
     const panelEditor = this.container.querySelector('.ui.tab[data-tab-panel="markdown-writer"]');
     const panelPreviewer = this.container.querySelector('.ui.tab[data-tab-panel="markdown-previewer"]');
-    panelEditor.setAttribute('data-tab', `markdown-writer-${elementIdCounter}`);
-    panelPreviewer.setAttribute('data-tab', `markdown-previewer-${elementIdCounter}`);
-    elementIdCounter++;
+    panelEditor.setAttribute('data-tab', `markdown-writer-${tabIdSuffix}`);
+    panelPreviewer.setAttribute('data-tab', `markdown-previewer-${tabIdSuffix}`);
 
     this.tabEditor.addEventListener('click', () => {
       requestAnimationFrame(() => {
diff --git a/web_src/js/features/comp/ConfirmModal.ts b/web_src/js/features/comp/ConfirmModal.ts
index 1ce490ec2e..97a73eace6 100644
--- a/web_src/js/features/comp/ConfirmModal.ts
+++ b/web_src/js/features/comp/ConfirmModal.ts
@@ -1,24 +1,33 @@
 import {svg} from '../../svg.ts';
-import {htmlEscape} from 'escape-goat';
+import {html, htmlRaw} from '../../utils/html.ts';
 import {createElementFromHTML} from '../../utils/dom.ts';
 import {fomanticQuery} from '../../modules/fomantic/base.ts';
 
 const {i18n} = window.config;
 
-export function confirmModal({header = '', content = '', confirmButtonColor = 'primary'} = {}): Promise<boolean> {
-  return new Promise((resolve) => {
-    const headerHtml = header ? `<div class="header">${htmlEscape(header)}</div>` : '';
-    const modal = createElementFromHTML(`
-      <div class="ui g-modal-confirm modal">
-        ${headerHtml}
-        <div class="content">${htmlEscape(content)}</div>
-        <div class="actions">
-          <button class="ui cancel button">${svg('octicon-x')} ${htmlEscape(i18n.modal_cancel)}</button>
-          <button class="ui ${confirmButtonColor} ok button">${svg('octicon-check')} ${htmlEscape(i18n.modal_confirm)}</button>
-        </div>
+type ConfirmModalOptions = {
+  header?: string;
+  content?: string;
+  confirmButtonColor?: 'primary' | 'red' | 'green' | 'blue';
+}
+
+export function createConfirmModal({header = '', content = '', confirmButtonColor = 'primary'}:ConfirmModalOptions = {}): HTMLElement {
+  const headerHtml = header ? html`<div class="header">${header}</div>` : '';
+  return createElementFromHTML(html`
+    <div class="ui g-modal-confirm modal">
+      ${htmlRaw(headerHtml)}
+      <div class="content">${content}</div>
+      <div class="actions">
+        <button class="ui cancel button">${htmlRaw(svg('octicon-x'))} ${i18n.modal_cancel}</button>
+        <button class="ui ${confirmButtonColor} ok button">${htmlRaw(svg('octicon-check'))} ${i18n.modal_confirm}</button>
       </div>
-    `);
-    document.body.append(modal);
+    </div>
+  `.trim());
+}
+
+export function confirmModal(modal: HTMLElement | ConfirmModalOptions): Promise<boolean> {
+  if (!(modal instanceof HTMLElement)) modal = createConfirmModal(modal);
+  return new Promise((resolve) => {
     const $modal = fomanticQuery(modal);
     $modal.modal({
       onApprove() {
diff --git a/web_src/js/features/comp/EditorUpload.test.ts b/web_src/js/features/comp/EditorUpload.test.ts
index 55f3f74389..e6e5f4de13 100644
--- a/web_src/js/features/comp/EditorUpload.test.ts
+++ b/web_src/js/features/comp/EditorUpload.test.ts
@@ -1,4 +1,4 @@
-import {removeAttachmentLinksFromMarkdown} from './EditorUpload.ts';
+import {pasteAsMarkdownLink, removeAttachmentLinksFromMarkdown} from './EditorUpload.ts';
 
 test('removeAttachmentLinksFromMarkdown', () => {
   expect(removeAttachmentLinksFromMarkdown('a foo b', 'foo')).toBe('a foo b');
@@ -12,3 +12,13 @@ test('removeAttachmentLinksFromMarkdown', () => {
   expect(removeAttachmentLinksFromMarkdown('a <img src="/attachments/foo"> b', 'foo')).toBe('a  b');
   expect(removeAttachmentLinksFromMarkdown('a <img src="/attachments/foo" width="100"/> b', 'foo')).toBe('a  b');
 });
+
+test('preparePasteAsMarkdownLink', () => {
+  expect(pasteAsMarkdownLink({value: 'foo', selectionStart: 0, selectionEnd: 0}, 'bar')).toBeNull();
+  expect(pasteAsMarkdownLink({value: 'foo', selectionStart: 0, selectionEnd: 0}, 'https://gitea.com')).toBeNull();
+  expect(pasteAsMarkdownLink({value: 'foo', selectionStart: 0, selectionEnd: 3}, 'bar')).toBeNull();
+  expect(pasteAsMarkdownLink({value: 'foo', selectionStart: 0, selectionEnd: 3}, 'https://gitea.com')).toBe('[foo](https://gitea.com)');
+  expect(pasteAsMarkdownLink({value: '..(url)', selectionStart: 3, selectionEnd: 6}, 'https://gitea.com')).toBe('[url](https://gitea.com)');
+  expect(pasteAsMarkdownLink({value: '[](url)', selectionStart: 3, selectionEnd: 6}, 'https://gitea.com')).toBeNull();
+  expect(pasteAsMarkdownLink({value: 'https://example.com', selectionStart: 0, selectionEnd: 19}, 'https://gitea.com')).toBeNull();
+});
diff --git a/web_src/js/features/comp/EditorUpload.ts b/web_src/js/features/comp/EditorUpload.ts
index f6d5731422..bf78f58daf 100644
--- a/web_src/js/features/comp/EditorUpload.ts
+++ b/web_src/js/features/comp/EditorUpload.ts
@@ -114,21 +114,30 @@ async function handleUploadFiles(editor: CodeMirrorEditor | TextareaEditor, drop
 
 export function removeAttachmentLinksFromMarkdown(text: string, fileUuid: string) {
   text = text.replace(new RegExp(`!?\\[([^\\]]+)\\]\\(/?attachments/${fileUuid}\\)`, 'g'), '');
-  text = text.replace(new RegExp(`<img[^>]+src="/?attachments/${fileUuid}"[^>]*>`, 'g'), '');
+  text = text.replace(new RegExp(`[<]img[^>]+src="/?attachments/${fileUuid}"[^>]*>`, 'g'), '');
   return text;
 }
 
-function handleClipboardText(textarea: HTMLTextAreaElement, e: ClipboardEvent, text: string, isShiftDown: boolean) {
+export function pasteAsMarkdownLink(textarea: {value: string, selectionStart: number, selectionEnd: number}, pastedText: string): string | null {
+  const {value, selectionStart, selectionEnd} = textarea;
+  const selectedText = value.substring(selectionStart, selectionEnd);
+  const trimmedText = pastedText.trim();
+  const beforeSelection = value.substring(0, selectionStart);
+  const afterSelection = value.substring(selectionEnd);
+  const isInMarkdownLink = beforeSelection.endsWith('](') && afterSelection.startsWith(')');
+  const asMarkdownLink = selectedText && isUrl(trimmedText) && !isUrl(selectedText) && !isInMarkdownLink;
+  return asMarkdownLink ? `[${selectedText}](${trimmedText})` : null;
+}
+
+function handleClipboardText(textarea: HTMLTextAreaElement, e: ClipboardEvent, pastedText: string, isShiftDown: boolean) {
   // pasting with "shift" means "paste as original content" in most applications
   if (isShiftDown) return; // let the browser handle it
 
   // when pasting links over selected text, turn it into [text](link)
-  const {value, selectionStart, selectionEnd} = textarea;
-  const selectedText = value.substring(selectionStart, selectionEnd);
-  const trimmedText = text.trim();
-  if (selectedText && isUrl(trimmedText) && !isUrl(selectedText)) {
+  const pastedAsMarkdown = pasteAsMarkdownLink(textarea, pastedText);
+  if (pastedAsMarkdown) {
     e.preventDefault();
-    replaceTextareaSelection(textarea, `[${selectedText}](${trimmedText})`);
+    replaceTextareaSelection(textarea, pastedAsMarkdown);
   }
   // else, let the browser handle it
 }
diff --git a/web_src/js/features/comp/LabelEdit.ts b/web_src/js/features/comp/LabelEdit.ts
index 7bceb636bb..3e27eac1c5 100644
--- a/web_src/js/features/comp/LabelEdit.ts
+++ b/web_src/js/features/comp/LabelEdit.ts
@@ -1,5 +1,6 @@
 import {toggleElem} from '../../utils/dom.ts';
 import {fomanticQuery} from '../../modules/fomantic/base.ts';
+import {submitFormFetchAction} from '../common-fetch-action.ts';
 
 function nameHasScope(name: string): boolean {
   return /.*[^/]\/[^/].*/.test(name);
@@ -18,10 +19,12 @@ export function initCompLabelEdit(pageSelector: string) {
   const elExclusiveField = elModal.querySelector('.label-exclusive-input-field');
   const elExclusiveInput = elModal.querySelector<HTMLInputElement>('.label-exclusive-input');
   const elExclusiveWarning = elModal.querySelector('.label-exclusive-warning');
+  const elExclusiveOrderField = elModal.querySelector<HTMLInputElement>('.label-exclusive-order-input-field');
+  const elExclusiveOrderInput = elModal.querySelector<HTMLInputElement>('.label-exclusive-order-input');
   const elIsArchivedField = elModal.querySelector('.label-is-archived-input-field');
   const elIsArchivedInput = elModal.querySelector<HTMLInputElement>('.label-is-archived-input');
   const elDescInput = elModal.querySelector<HTMLInputElement>('.label-desc-input');
-  const elColorInput = elModal.querySelector<HTMLInputElement>('.js-color-picker-input input');
+  const elColorInput = elModal.querySelector<HTMLInputElement>('.color-picker-combo input');
 
   const syncModalUi = () => {
     const hasScope = nameHasScope(elNameInput.value);
@@ -29,6 +32,13 @@ export function initCompLabelEdit(pageSelector: string) {
     const showExclusiveWarning = hasScope && elExclusiveInput.checked && elModal.hasAttribute('data-need-warn-exclusive');
     toggleElem(elExclusiveWarning, showExclusiveWarning);
     if (!hasScope) elExclusiveInput.checked = false;
+    toggleElem(elExclusiveOrderField, elExclusiveInput.checked);
+
+    if (parseInt(elExclusiveOrderInput.value) <= 0) {
+      elExclusiveOrderInput.style.color = 'var(--color-placeholder-text) !important';
+    } else {
+      elExclusiveOrderInput.style.color = null;
+    }
   };
 
   const showLabelEditModal = (btn:HTMLElement) => {
@@ -36,6 +46,7 @@ export function initCompLabelEdit(pageSelector: string) {
     const form = elModal.querySelector<HTMLFormElement>('form');
     elLabelId.value = btn.getAttribute('data-label-id') || '';
     elNameInput.value = btn.getAttribute('data-label-name') || '';
+    elExclusiveOrderInput.value = btn.getAttribute('data-label-exclusive-order') || '0';
     elIsArchivedInput.checked = btn.getAttribute('data-label-is-archived') === 'true';
     elExclusiveInput.checked = btn.getAttribute('data-label-exclusive') === 'true';
     elDescInput.value = btn.getAttribute('data-label-description') || '';
@@ -60,7 +71,8 @@ export function initCompLabelEdit(pageSelector: string) {
           form.reportValidity();
           return false;
         }
-        form.submit();
+        submitFormFetchAction(form);
+        return false;
       },
     }).modal('show');
   };
diff --git a/web_src/js/features/comp/SearchUserBox.ts b/web_src/js/features/comp/SearchUserBox.ts
index 9fedb3ed24..4b13a2141f 100644
--- a/web_src/js/features/comp/SearchUserBox.ts
+++ b/web_src/js/features/comp/SearchUserBox.ts
@@ -1,4 +1,4 @@
-import {htmlEscape} from 'escape-goat';
+import {htmlEscape} from '../../utils/html.ts';
 import {fomanticQuery} from '../../modules/fomantic/base.ts';
 
 const {appSubUrl} = window.config;
diff --git a/web_src/js/features/comp/TextExpander.ts b/web_src/js/features/comp/TextExpander.ts
index 5be234629d..2d79fe5029 100644
--- a/web_src/js/features/comp/TextExpander.ts
+++ b/web_src/js/features/comp/TextExpander.ts
@@ -97,6 +97,7 @@ export function initTextExpander(expander: TextExpanderElement) {
         li.append(img);
 
         const nameSpan = document.createElement('span');
+        nameSpan.classList.add('name');
         nameSpan.textContent = name;
         li.append(nameSpan);
 
diff --git a/web_src/js/features/copycontent.ts b/web_src/js/features/copycontent.ts
index d58f6c8246..0fec2a6235 100644
--- a/web_src/js/features/copycontent.ts
+++ b/web_src/js/features/copycontent.ts
@@ -9,17 +9,17 @@ const {i18n} = window.config;
 export function initCopyContent() {
   registerGlobalEventFunc('click', 'onCopyContentButtonClick', async (btn: HTMLElement) => {
     if (btn.classList.contains('disabled') || btn.classList.contains('is-loading')) return;
-    let content;
-    let isRasterImage = false;
-    const link = btn.getAttribute('data-link');
+    const rawFileLink = btn.getAttribute('data-raw-file-link');
 
-    // when data-link is present, we perform a fetch. this is either because
-    // the text to copy is not in the DOM, or it is an image which should be
+    let content, isRasterImage = false;
+
+    // when "data-raw-link" is present, we perform a fetch. this is either because
+    // the text to copy is not in the DOM, or it is an image that should be
     // fetched to copy in full resolution
-    if (link) {
+    if (rawFileLink) {
       btn.classList.add('is-loading', 'loading-icon-2px');
       try {
-        const res = await GET(link, {credentials: 'include', redirect: 'follow'});
+        const res = await GET(rawFileLink, {credentials: 'include', redirect: 'follow'});
         const contentType = res.headers.get('content-type');
 
         if (contentType.startsWith('image/') && !contentType.startsWith('image/svg')) {
diff --git a/web_src/js/features/dropzone.ts b/web_src/js/features/dropzone.ts
index b2ba7651c4..20f7ceb6c3 100644
--- a/web_src/js/features/dropzone.ts
+++ b/web_src/js/features/dropzone.ts
@@ -1,5 +1,5 @@
 import {svg} from '../svg.ts';
-import {htmlEscape} from 'escape-goat';
+import {html} from '../utils/html.ts';
 import {clippie} from 'clippie';
 import {showTemporaryTooltip} from '../modules/tippy.ts';
 import {GET, POST} from '../modules/fetch.ts';
@@ -33,14 +33,14 @@ export function generateMarkdownLinkForAttachment(file: Partial<CustomDropzoneFi
       // Scale down images from HiDPI monitors. This uses the <img> tag because it's the only
       // method to change image size in Markdown that is supported by all implementations.
       // Make the image link relative to the repo path, then the final URL is "/sub-path/owner/repo/attachments/{uuid}"
-      fileMarkdown = `<img width="${Math.round(width / dppx)}" alt="${htmlEscape(file.name)}" src="attachments/${htmlEscape(file.uuid)}">`;
+      fileMarkdown = html`<img width="${Math.round(width / dppx)}" alt="${file.name}" src="attachments/${file.uuid}">`;
     } else {
       // Markdown always renders the image with a relative path, so the final URL is "/sub-path/owner/repo/attachments/{uuid}"
       // TODO: it should also use relative path for consistency, because absolute is ambiguous for "/sub-path/attachments" or "/attachments"
       fileMarkdown = `![${file.name}](/attachments/${file.uuid})`;
     }
   } else if (isVideoFile(file)) {
-    fileMarkdown = `<video src="attachments/${htmlEscape(file.uuid)}" title="${htmlEscape(file.name)}" controls></video>`;
+    fileMarkdown = html`<video src="attachments/${file.uuid}" title="${file.name}" controls></video>`;
   }
   return fileMarkdown;
 }
diff --git a/web_src/js/features/emoji.ts b/web_src/js/features/emoji.ts
index 135620e51e..69afe491e2 100644
--- a/web_src/js/features/emoji.ts
+++ b/web_src/js/features/emoji.ts
@@ -1,4 +1,5 @@
 import emojis from '../../../assets/emoji.json' with {type: 'json'};
+import {html} from '../utils/html.ts';
 
 const {assetUrlPrefix, customEmojis} = window.config;
 
@@ -24,12 +25,11 @@ for (const key of emojiKeys) {
 export function emojiHTML(name: string) {
   let inner;
   if (Object.hasOwn(customEmojis, name)) {
-    inner = `<img alt=":${name}:" src="${assetUrlPrefix}/img/emoji/${name}.png">`;
+    inner = html`<img alt=":${name}:" src="${assetUrlPrefix}/img/emoji/${name}.png">`;
   } else {
     inner = emojiString(name);
   }
-
-  return `<span class="emoji" title=":${name}:">${inner}</span>`;
+  return html`<span class="emoji" title=":${name}:">${inner}</span>`;
 }
 
 // retrieve string for given emoji name
diff --git a/web_src/js/features/file-fold.ts b/web_src/js/features/file-fold.ts
index 19950d9b9f..74b36c0096 100644
--- a/web_src/js/features/file-fold.ts
+++ b/web_src/js/features/file-fold.ts
@@ -5,7 +5,7 @@ import {svg} from '../svg.ts';
 // The fold arrow is the icon displayed on the upper left of the file box, especially intended for components having the 'fold-file' class.
 // The file content box is the box that should be hidden or shown, especially intended for components having the 'file-content' class.
 //
-export function setFileFolding(fileContentBox: HTMLElement, foldArrow: HTMLElement, newFold: boolean) {
+export function setFileFolding(fileContentBox: Element, foldArrow: HTMLElement, newFold: boolean) {
   foldArrow.innerHTML = svg(`octicon-chevron-${newFold ? 'right' : 'down'}`, 18);
   fileContentBox.setAttribute('data-folded', String(newFold));
   if (newFold && fileContentBox.getBoundingClientRect().top < 0) {
diff --git a/web_src/js/features/file-view.ts b/web_src/js/features/file-view.ts
new file mode 100644
index 0000000000..67f4381468
--- /dev/null
+++ b/web_src/js/features/file-view.ts
@@ -0,0 +1,76 @@
+import type {FileRenderPlugin} from '../render/plugin.ts';
+import {newRenderPlugin3DViewer} from '../render/plugins/3d-viewer.ts';
+import {newRenderPluginPdfViewer} from '../render/plugins/pdf-viewer.ts';
+import {registerGlobalInitFunc} from '../modules/observer.ts';
+import {createElementFromHTML, showElem, toggleElemClass} from '../utils/dom.ts';
+import {html} from '../utils/html.ts';
+import {basename} from '../utils.ts';
+
+const plugins: FileRenderPlugin[] = [];
+
+function initPluginsOnce(): void {
+  if (plugins.length) return;
+  plugins.push(newRenderPlugin3DViewer(), newRenderPluginPdfViewer());
+}
+
+function findFileRenderPlugin(filename: string, mimeType: string): FileRenderPlugin | null {
+  return plugins.find((plugin) => plugin.canHandle(filename, mimeType)) || null;
+}
+
+function showRenderRawFileButton(elFileView: HTMLElement, renderContainer: HTMLElement | null): void {
+  const toggleButtons = elFileView.querySelector('.file-view-toggle-buttons');
+  showElem(toggleButtons);
+  const displayingRendered = Boolean(renderContainer);
+  toggleElemClass(toggleButtons.querySelectorAll('.file-view-toggle-source'), 'active', !displayingRendered); // it may not exist
+  toggleElemClass(toggleButtons.querySelector('.file-view-toggle-rendered'), 'active', displayingRendered);
+  // TODO: if there is only one button, hide it?
+}
+
+async function renderRawFileToContainer(container: HTMLElement, rawFileLink: string, mimeType: string) {
+  const elViewRawPrompt = container.querySelector('.file-view-raw-prompt');
+  if (!rawFileLink || !elViewRawPrompt) throw new Error('unexpected file view container');
+
+  let rendered = false, errorMsg = '';
+  try {
+    const plugin = findFileRenderPlugin(basename(rawFileLink), mimeType);
+    if (plugin) {
+      container.classList.add('is-loading');
+      container.setAttribute('data-render-name', plugin.name); // not used yet
+      await plugin.render(container, rawFileLink);
+      rendered = true;
+    }
+  } catch (e) {
+    errorMsg = `${e}`;
+  } finally {
+    container.classList.remove('is-loading');
+  }
+
+  if (rendered) {
+    elViewRawPrompt.remove();
+    return;
+  }
+
+  // remove all children from the container, and only show the raw file link
+  container.replaceChildren(elViewRawPrompt);
+
+  if (errorMsg) {
+    const elErrorMessage = createElementFromHTML(html`<div class="ui error message">${errorMsg}</div>`);
+    elViewRawPrompt.insertAdjacentElement('afterbegin', elErrorMessage);
+  }
+}
+
+export function initRepoFileView(): void {
+  registerGlobalInitFunc('initRepoFileView', async (elFileView: HTMLElement) => {
+    initPluginsOnce();
+    const rawFileLink = elFileView.getAttribute('data-raw-file-link');
+    const mimeType = elFileView.getAttribute('data-mime-type') || ''; // not used yet
+    // TODO: we should also provide the prefetched file head bytes to let the plugin decide whether to render or not
+    const plugin = findFileRenderPlugin(basename(rawFileLink), mimeType);
+    if (!plugin) return;
+
+    const renderContainer = elFileView.querySelector<HTMLElement>('.file-view-render-container');
+    showRenderRawFileButton(elFileView, renderContainer);
+    // maybe in the future multiple plugins can render the same file, so we should not assume only one plugin will render it
+    if (renderContainer) await renderRawFileToContainer(renderContainer, rawFileLink, mimeType);
+  });
+}
diff --git a/web_src/js/features/install.ts b/web_src/js/features/install.ts
index 34df4757f9..ca4bcce881 100644
--- a/web_src/js/features/install.ts
+++ b/web_src/js/features/install.ts
@@ -104,7 +104,7 @@ function initPreInstall() {
 }
 
 function initPostInstall() {
-  const el = document.querySelector('#goto-user-login');
+  const el = document.querySelector('#goto-after-install');
   if (!el) return;
 
   const targetUrl = el.getAttribute('href');
diff --git a/web_src/js/features/notification.ts b/web_src/js/features/notification.ts
index dc0acb0244..4a1aa3ede9 100644
--- a/web_src/js/features/notification.ts
+++ b/web_src/js/features/notification.ts
@@ -1,40 +1,13 @@
 import {GET} from '../modules/fetch.ts';
-import {toggleElem, type DOMEvent, createElementFromHTML} from '../utils/dom.ts';
+import {toggleElem, createElementFromHTML} from '../utils/dom.ts';
 import {logoutFromWorker} from '../modules/worker.ts';
 
 const {appSubUrl, notificationSettings, assetVersionEncoded} = window.config;
 let notificationSequenceNumber = 0;
 
-export function initNotificationsTable() {
-  const table = document.querySelector('#notification_table');
-  if (!table) return;
-
-  // when page restores from bfcache, delete previously clicked items
-  window.addEventListener('pageshow', (e) => {
-    if (e.persisted) { // page was restored from bfcache
-      const table = document.querySelector('#notification_table');
-      const unreadCountEl = document.querySelector<HTMLElement>('.notifications-unread-count');
-      let unreadCount = parseInt(unreadCountEl.textContent);
-      for (const item of table.querySelectorAll('.notifications-item[data-remove="true"]')) {
-        item.remove();
-        unreadCount -= 1;
-      }
-      unreadCountEl.textContent = String(unreadCount);
-    }
-  });
-
-  // mark clicked unread links for deletion on bfcache restore
-  for (const link of table.querySelectorAll<HTMLAnchorElement>('.notifications-item[data-status="1"] .notifications-link')) {
-    link.addEventListener('click', (e: DOMEvent<MouseEvent>) => {
-      e.target.closest('.notifications-item').setAttribute('data-remove', 'true');
-    });
-  }
-}
-
-async function receiveUpdateCount(event: MessageEvent) {
+async function receiveUpdateCount(event: MessageEvent<{type: string, data: string}>) {
   try {
-    const data = JSON.parse(event.data);
-
+    const data = JSON.parse(event.data.data);
     for (const count of document.querySelectorAll('.notification_count')) {
       count.classList.toggle('tw-hidden', data.Count === 0);
       count.textContent = `${data.Count}`;
@@ -71,7 +44,7 @@ export function initNotificationCount() {
       type: 'start',
       url: `${window.location.origin}${appSubUrl}/user/events`,
     });
-    worker.port.addEventListener('message', (event: MessageEvent) => {
+    worker.port.addEventListener('message', (event: MessageEvent<{type: string, data: string}>) => {
       if (!event.data || !event.data.type) {
         console.error('unknown worker message event', event);
         return;
@@ -144,11 +117,11 @@ async function updateNotificationCountWithCallback(callback: (timeout: number, n
 }
 
 async function updateNotificationTable() {
-  const notificationDiv = document.querySelector('#notification_div');
+  let notificationDiv = document.querySelector('#notification_div');
   if (notificationDiv) {
     try {
       const params = new URLSearchParams(window.location.search);
-      params.set('div-only', String(true));
+      params.set('div-only', 'true');
       params.set('sequence-number', String(++notificationSequenceNumber));
       const response = await GET(`${appSubUrl}/notifications?${params.toString()}`);
 
@@ -160,7 +133,8 @@ async function updateNotificationTable() {
       const el = createElementFromHTML(data);
       if (parseInt(el.getAttribute('data-sequence-number')) === notificationSequenceNumber) {
         notificationDiv.outerHTML = data;
-        initNotificationsTable();
+        notificationDiv = document.querySelector('#notification_div');
+        window.htmx.process(notificationDiv); // when using htmx, we must always remember to process the new content changed by us
       }
     } catch (error) {
       console.error(error);
diff --git a/web_src/js/features/pull-view-file.ts b/web_src/js/features/pull-view-file.ts
index 16ccf00084..1124886238 100644
--- a/web_src/js/features/pull-view-file.ts
+++ b/web_src/js/features/pull-view-file.ts
@@ -1,4 +1,4 @@
-import {diffTreeStore} from '../modules/stores.ts';
+import {diffTreeStore, diffTreeStoreSetViewed} from '../modules/diff-file.ts';
 import {setFileFolding} from './file-fold.ts';
 import {POST} from '../modules/fetch.ts';
 
@@ -58,11 +58,8 @@ export function initViewedCheckboxListenerFor() {
 
       const fileName = checkbox.getAttribute('name');
 
-      // check if the file is in our difftreestore and if we find it -> change the IsViewed status
-      const fileInPageData = diffTreeStore().files.find((x: Record<string, any>) => x.Name === fileName);
-      if (fileInPageData) {
-        fileInPageData.IsViewed = this.checked;
-      }
+      // check if the file is in our diffTreeStore and if we find it -> change the IsViewed status
+      diffTreeStoreSetViewed(diffTreeStore(), fileName, this.checked);
 
       // Unfortunately, actual forms cause too many problems, hence another approach is needed
       const files: Record<string, boolean> = {};
diff --git a/web_src/js/features/repo-actions.ts b/web_src/js/features/repo-actions.ts
index cbd0429c04..8d93fce53f 100644
--- a/web_src/js/features/repo-actions.ts
+++ b/web_src/js/features/repo-actions.ts
@@ -24,6 +24,7 @@ export function initRepositoryActionView() {
       pushedBy: el.getAttribute('data-locale-runs-pushed-by'),
       artifactsTitle: el.getAttribute('data-locale-artifacts-title'),
       areYouSure: el.getAttribute('data-locale-are-you-sure'),
+      artifactExpired: el.getAttribute('data-locale-artifact-expired'),
       confirmDeleteArtifact: el.getAttribute('data-locale-confirm-delete-artifact'),
       showTimeStamps: el.getAttribute('data-locale-show-timestamps'),
       showLogSeconds: el.getAttribute('data-locale-show-log-seconds'),
diff --git a/web_src/js/features/repo-code.ts b/web_src/js/features/repo-code.ts
index 207022ca42..bf7fd762b0 100644
--- a/web_src/js/features/repo-code.ts
+++ b/web_src/js/features/repo-code.ts
@@ -1,6 +1,5 @@
 import {svg} from '../svg.ts';
 import {createTippy} from '../modules/tippy.ts';
-import {clippie} from 'clippie';
 import {toAbsoluteUrl} from '../utils.ts';
 import {addDelegatedEventListener} from '../utils/dom.ts';
 
@@ -43,7 +42,8 @@ function selectRange(range: string): Element {
     if (!copyPermalink) return;
     let link = copyPermalink.getAttribute('data-url');
     link = `${link.replace(/#L\d+$|#L\d+-L\d+$/, '')}#${anchor}`;
-    copyPermalink.setAttribute('data-url', link);
+    copyPermalink.setAttribute('data-clipboard-text', link);
+    copyPermalink.setAttribute('data-clipboard-text-type', 'url');
   };
 
   const rangeFields = range ? range.split('-') : [];
@@ -110,10 +110,15 @@ function showLineButton() {
 }
 
 export function initRepoCodeView() {
-  if (!document.querySelector('.code-view .lines-num')) return;
+  // When viewing a file or blame, there is always a ".file-view" element,
+  // but the ".code-view" class is only present when viewing the "code" of a file; it is not present when viewing a PDF file.
+  // Since the ".file-view" will be dynamically reloaded when navigating via the left file tree (eg: view a PDF file, then view a source code file, etc.)
+  // the "code-view" related event listeners should always be added when the current page contains ".file-view" element.
+  if (!document.querySelector('.repo-view-container .file-view')) return;
 
+  // "file code view" and "blame" pages need this "line number button" feature
   let selRangeStart: string;
-  addDelegatedEventListener(document, 'click', '.lines-num span', (el: HTMLElement, e: KeyboardEvent) => {
+  addDelegatedEventListener(document, 'click', '.code-view .lines-num span', (el: HTMLElement, e: KeyboardEvent) => {
     if (!selRangeStart || !e.shiftKey) {
       selRangeStart = el.getAttribute('id');
       selectRange(selRangeStart);
@@ -125,12 +130,14 @@ export function initRepoCodeView() {
     showLineButton();
   });
 
+  // apply the selected range from the URL hash
   const onHashChange = () => {
     if (!window.location.hash) return;
+    if (!document.querySelector('.code-view .lines-num')) return;
     const range = window.location.hash.substring(1);
     const first = selectRange(range);
     if (first) {
-      // set scrollRestoration to 'manual' when there is a hash in url, so that the scroll position will not be remembered after refreshing
+      // set scrollRestoration to 'manual' when there is a hash in the URL, so that the scroll position will not be remembered after refreshing
       if (window.history.scrollRestoration !== 'manual') window.history.scrollRestoration = 'manual';
       first.scrollIntoView({block: 'start'});
       showLineButton();
@@ -138,8 +145,4 @@ export function initRepoCodeView() {
   };
   onHashChange();
   window.addEventListener('hashchange', onHashChange);
-
-  addDelegatedEventListener(document, 'click', '.copy-line-permalink', (el) => {
-    clippie(toAbsoluteUrl(el.getAttribute('data-url')));
-  });
 }
diff --git a/web_src/js/features/repo-commit.ts b/web_src/js/features/repo-commit.ts
index e6d1112778..98ec2328ec 100644
--- a/web_src/js/features/repo-commit.ts
+++ b/web_src/js/features/repo-commit.ts
@@ -1,6 +1,6 @@
 import {createTippy} from '../modules/tippy.ts';
 import {toggleElem} from '../utils/dom.ts';
-import {registerGlobalEventFunc} from '../modules/observer.ts';
+import {registerGlobalEventFunc, registerGlobalInitFunc} from '../modules/observer.ts';
 
 export function initRepoEllipsisButton() {
   registerGlobalEventFunc('click', 'onRepoEllipsisButtonClick', async (el: HTMLInputElement, e: Event) => {
@@ -12,15 +12,15 @@ export function initRepoEllipsisButton() {
 }
 
 export function initCommitStatuses() {
-  for (const element of document.querySelectorAll('[data-tippy="commit-statuses"]')) {
-    const top = document.querySelector('.repository.file.list') || document.querySelector('.repository.diff');
-
-    createTippy(element, {
-      content: element.nextElementSibling,
-      placement: top ? 'top-start' : 'bottom-start',
+  registerGlobalInitFunc('initCommitStatuses', (el: HTMLElement) => {
+    const nextEl = el.nextElementSibling;
+    if (!nextEl.matches('.tippy-target')) throw new Error('Expected next element to be a tippy target');
+    createTippy(el, {
+      content: nextEl,
+      placement: 'bottom-start',
       interactive: true,
       role: 'dialog',
       theme: 'box-with-header',
     });
-  }
+  });
 }
diff --git a/web_src/js/features/repo-common.test.ts b/web_src/js/features/repo-common.test.ts
index 009dfc86b1..33a29ecb2c 100644
--- a/web_src/js/features/repo-common.test.ts
+++ b/web_src/js/features/repo-common.test.ts
@@ -1,7 +1,22 @@
-import {substituteRepoOpenWithUrl} from './repo-common.ts';
+import {sanitizeRepoName, substituteRepoOpenWithUrl} from './repo-common.ts';
 
 test('substituteRepoOpenWithUrl', () => {
   // For example: "x-github-client://openRepo/https://github.com/go-gitea/gitea"
   expect(substituteRepoOpenWithUrl('proto://a/{url}', 'https://gitea')).toEqual('proto://a/https://gitea');
   expect(substituteRepoOpenWithUrl('proto://a?link={url}', 'https://gitea')).toEqual('proto://a?link=https%3A%2F%2Fgitea');
 });
+
+test('sanitizeRepoName', () => {
+  expect(sanitizeRepoName(' a b ')).toEqual('a-b');
+  expect(sanitizeRepoName('a-b_c.git ')).toEqual('a-b_c');
+  expect(sanitizeRepoName('/x.git/')).toEqual('-x.git-');
+  expect(sanitizeRepoName('.profile')).toEqual('.profile');
+  expect(sanitizeRepoName('.profile.')).toEqual('.profile');
+  expect(sanitizeRepoName('.pro..file')).toEqual('.pro.file');
+
+  expect(sanitizeRepoName('foo.rss.atom.git.wiki')).toEqual('foo');
+
+  expect(sanitizeRepoName('.')).toEqual('');
+  expect(sanitizeRepoName('..')).toEqual('');
+  expect(sanitizeRepoName('-')).toEqual('');
+});
diff --git a/web_src/js/features/repo-common.ts b/web_src/js/features/repo-common.ts
index 4362a2c713..ebb6881c67 100644
--- a/web_src/js/features/repo-common.ts
+++ b/web_src/js/features/repo-common.ts
@@ -159,3 +159,19 @@ export async function updateIssuesMeta(url: string, action: string, issue_ids: s
     console.error(error);
   }
 }
+
+export function sanitizeRepoName(name: string): string {
+  name = name.trim().replace(/[^-.\w]/g, '-');
+  for (let lastName = ''; lastName !== name;) {
+    lastName = name;
+    name = name.replace(/\.+$/g, '');
+    name = name.replace(/\.{2,}/g, '.');
+    for (const ext of ['.git', '.wiki', '.rss', '.atom']) {
+      if (name.endsWith(ext)) {
+        name = name.substring(0, name.length - ext.length);
+      }
+    }
+  }
+  if (['.', '..', '-'].includes(name)) name = '';
+  return name;
+}
diff --git a/web_src/js/features/repo-diff.ts b/web_src/js/features/repo-diff.ts
index ad1da5c2fa..bde7ec0324 100644
--- a/web_src/js/features/repo-diff.ts
+++ b/web_src/js/features/repo-diff.ts
@@ -138,7 +138,14 @@ function initDiffHeaderPopup() {
     btn.setAttribute('data-header-popup-initialized', '');
     const popup = btn.nextElementSibling;
     if (!popup?.matches('.tippy-target')) throw new Error('Popup element not found');
-    createTippy(btn, {content: popup, theme: 'menu', placement: 'bottom', trigger: 'click', interactive: true, hideOnClick: true});
+    createTippy(btn, {
+      content: popup,
+      theme: 'menu',
+      placement: 'bottom-end',
+      trigger: 'click',
+      interactive: true,
+      hideOnClick: true,
+    });
   }
 }
 
diff --git a/web_src/js/features/repo-editor.ts b/web_src/js/features/repo-editor.ts
index 0f77508f70..f3ca13460c 100644
--- a/web_src/js/features/repo-editor.ts
+++ b/web_src/js/features/repo-editor.ts
@@ -1,4 +1,4 @@
-import {htmlEscape} from 'escape-goat';
+import {html, htmlRaw} from '../utils/html.ts';
 import {createCodeEditor} from './codeeditor.ts';
 import {hideElem, queryElems, showElem, createElementFromHTML} from '../utils/dom.ts';
 import {attachRefIssueContextPopup} from './contextpopup.ts';
@@ -7,6 +7,7 @@ import {initDropzone} from './dropzone.ts';
 import {confirmModal} from './comp/ConfirmModal.ts';
 import {applyAreYouSure, ignoreAreYouSure} from '../vendor/jquery.are-you-sure.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
+import {submitFormFetchAction} from './common-fetch-action.ts';
 
 function initEditPreviewTab(elForm: HTMLFormElement) {
   const elTabMenu = elForm.querySelector('.repo-editor-menu');
@@ -86,10 +87,10 @@ export function initRepoEditor() {
         if (i < parts.length - 1) {
           if (trimValue.length) {
             const linkElement = createElementFromHTML(
-              `<span class="section"><a href="#">${htmlEscape(value)}</a></span>`,
+              html`<span class="section"><a href="#">${value}</a></span>`,
             );
             const dividerElement = createElementFromHTML(
-              `<div class="breadcrumb-divider">/</div>`,
+              html`<div class="breadcrumb-divider">/</div>`,
             );
             links.push(linkElement);
             dividers.push(dividerElement);
@@ -112,7 +113,7 @@ export function initRepoEditor() {
       if (!warningDiv) {
         warningDiv = document.createElement('div');
         warningDiv.classList.add('ui', 'warning', 'message', 'flash-message', 'flash-warning', 'space-related');
-        warningDiv.innerHTML = '<p>File path contains leading or trailing whitespace.</p>';
+        warningDiv.innerHTML = html`<p>File path contains leading or trailing whitespace.</p>`;
         // Add display 'block' because display is set to 'none' in formantic\build\semantic.css
         warningDiv.style.display = 'block';
         const inputContainer = document.querySelector('.repo-editor-header');
@@ -141,38 +142,36 @@ export function initRepoEditor() {
     }
   });
 
+  const elForm = document.querySelector<HTMLFormElement>('.repository.editor .edit.form');
+
   // on the upload page, there is no editor(textarea)
   const editArea = document.querySelector<HTMLTextAreaElement>('.page-content.repository.editor textarea#edit_area');
   if (!editArea) return;
 
-  const elForm = document.querySelector<HTMLFormElement>('.repository.editor .edit.form');
+  // Using events from https://github.com/codedance/jquery.AreYouSure#advanced-usage
+  // to enable or disable the commit button
+  const commitButton = document.querySelector<HTMLButtonElement>('#commit-button');
+  const dirtyFileClass = 'dirty-file';
+
+  const syncCommitButtonState = () => {
+    const dirty = elForm.classList.contains(dirtyFileClass);
+    commitButton.disabled = !dirty;
+  };
+  // Registering a custom listener for the file path and the file content
+  // FIXME: it is not quite right here (old bug), it causes double-init, the global areYouSure "dirty" class will also be added
+  applyAreYouSure(elForm, {
+    silent: true,
+    dirtyClass: dirtyFileClass,
+    fieldSelector: ':input:not(.commit-form-wrapper :input)',
+    change: syncCommitButtonState,
+  });
+  syncCommitButtonState(); // disable the "commit" button when no content changes
+
   initEditPreviewTab(elForm);
 
   (async () => {
     const editor = await createCodeEditor(editArea, filenameInput);
 
-    // Using events from https://github.com/codedance/jquery.AreYouSure#advanced-usage
-    // to enable or disable the commit button
-    const commitButton = document.querySelector<HTMLButtonElement>('#commit-button');
-    const dirtyFileClass = 'dirty-file';
-
-    // Disabling the button at the start
-    if (document.querySelector<HTMLInputElement>('input[name="page_has_posted"]').value !== 'true') {
-      commitButton.disabled = true;
-    }
-
-    // Registering a custom listener for the file path and the file content
-    // FIXME: it is not quite right here (old bug), it causes double-init, the global areYouSure "dirty" class will also be added
-    applyAreYouSure(elForm, {
-      silent: true,
-      dirtyClass: dirtyFileClass,
-      fieldSelector: ':input:not(.commit-form-wrapper :input)',
-      change($form: any) {
-        const dirty = $form[0]?.classList.contains(dirtyFileClass);
-        commitButton.disabled = !dirty;
-      },
-    });
-
     // Update the editor from query params, if available,
     // only after the dirtyFileClass initialization
     const params = new URLSearchParams(window.location.search);
@@ -181,7 +180,7 @@ export function initRepoEditor() {
       editor.setValue(value);
     }
 
-    commitButton?.addEventListener('click', async (e) => {
+    commitButton.addEventListener('click', async (e) => {
       // A modal which asks if an empty file should be committed
       if (!editArea.value) {
         e.preventDefault();
@@ -190,14 +189,15 @@ export function initRepoEditor() {
           content: elForm.getAttribute('data-text-empty-confirm-content'),
         })) {
           ignoreAreYouSure(elForm);
-          elForm.submit();
+          submitFormFetchAction(elForm);
         }
       }
     });
   })();
 }
 
-export function renderPreviewPanelContent(previewPanel: Element, content: string) {
-  previewPanel.innerHTML = `<div class="render-content markup">${content}</div>`;
+export function renderPreviewPanelContent(previewPanel: Element, htmlContent: string) {
+  // the content is from the server, so it is safe to use innerHTML
+  previewPanel.innerHTML = html`<div class="render-content markup">${htmlRaw(htmlContent)}</div>`;
   attachRefIssueContextPopup(previewPanel.querySelectorAll('p .ref-issue'));
 }
diff --git a/web_src/js/features/repo-graph.ts b/web_src/js/features/repo-graph.ts
index 7579ee42c6..ebca6e212a 100644
--- a/web_src/js/features/repo-graph.ts
+++ b/web_src/js/features/repo-graph.ts
@@ -1,4 +1,4 @@
-import {hideElem, showElem, type DOMEvent} from '../utils/dom.ts';
+import {toggleElemClass} from '../utils/dom.ts';
 import {GET} from '../modules/fetch.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 
@@ -6,87 +6,59 @@ export function initRepoGraphGit() {
   const graphContainer = document.querySelector<HTMLElement>('#git-graph-container');
   if (!graphContainer) return;
 
-  document.querySelector('#flow-color-monochrome')?.addEventListener('click', () => {
-    document.querySelector('#flow-color-monochrome').classList.add('active');
-    document.querySelector('#flow-color-colored')?.classList.remove('active');
-    graphContainer.classList.remove('colored');
-    graphContainer.classList.add('monochrome');
+  const elColorMonochrome = document.querySelector<HTMLElement>('#flow-color-monochrome');
+  const elColorColored = document.querySelector<HTMLElement>('#flow-color-colored');
+  const toggleColorMode = (mode: 'monochrome' | 'colored') => {
+    toggleElemClass(graphContainer, 'monochrome', mode === 'monochrome');
+    toggleElemClass(graphContainer, 'colored', mode === 'colored');
+
+    toggleElemClass(elColorMonochrome, 'active', mode === 'monochrome');
+    toggleElemClass(elColorColored, 'active', mode === 'colored');
+
     const params = new URLSearchParams(window.location.search);
-    params.set('mode', 'monochrome');
-    const queryString = params.toString();
-    if (queryString) {
-      window.history.replaceState({}, '', `?${queryString}`);
-    } else {
-      window.history.replaceState({}, '', window.location.pathname);
-    }
-    for (const link of document.querySelectorAll('.pagination a')) {
+    params.set('mode', mode);
+    window.history.replaceState(null, '', `?${params.toString()}`);
+    for (const link of document.querySelectorAll('#git-graph-body .pagination a')) {
       const href = link.getAttribute('href');
       if (!href) continue;
       const url = new URL(href, window.location.href);
       const params = url.searchParams;
-      params.set('mode', 'monochrome');
+      params.set('mode', mode);
       url.search = `?${params.toString()}`;
       link.setAttribute('href', url.href);
     }
-  });
+  };
+  elColorMonochrome.addEventListener('click', () => toggleColorMode('monochrome'));
+  elColorColored.addEventListener('click', () => toggleColorMode('colored'));
 
-  document.querySelector('#flow-color-colored')?.addEventListener('click', () => {
-    document.querySelector('#flow-color-colored').classList.add('active');
-    document.querySelector('#flow-color-monochrome')?.classList.remove('active');
-    graphContainer.classList.add('colored');
-    graphContainer.classList.remove('monochrome');
-    for (const link of document.querySelectorAll('.pagination a')) {
-      const href = link.getAttribute('href');
-      if (!href) continue;
-      const url = new URL(href, window.location.href);
-      const params = url.searchParams;
-      params.delete('mode');
-      url.search = `?${params.toString()}`;
-      link.setAttribute('href', url.href);
-    }
-    const params = new URLSearchParams(window.location.search);
-    params.delete('mode');
-    const queryString = params.toString();
-    if (queryString) {
-      window.history.replaceState({}, '', `?${queryString}`);
-    } else {
-      window.history.replaceState({}, '', window.location.pathname);
-    }
-  });
+  const elGraphBody = document.querySelector<HTMLElement>('#git-graph-body');
   const url = new URL(window.location.href);
   const params = url.searchParams;
-  const updateGraph = () => {
+  const loadGitGraph = async () => {
     const queryString = params.toString();
     const ajaxUrl = new URL(url);
     ajaxUrl.searchParams.set('div-only', 'true');
-    window.history.replaceState({}, '', queryString ? `?${queryString}` : window.location.pathname);
-    document.querySelector('#pagination').innerHTML = '';
-    hideElem('#rel-container');
-    hideElem('#rev-container');
-    showElem('#loading-indicator');
-    (async () => {
-      const response = await GET(String(ajaxUrl));
-      const html = await response.text();
-      const div = document.createElement('div');
-      div.innerHTML = html;
-      document.querySelector('#pagination').innerHTML = div.querySelector('#pagination').innerHTML;
-      document.querySelector('#rel-container').innerHTML = div.querySelector('#rel-container').innerHTML;
-      document.querySelector('#rev-container').innerHTML = div.querySelector('#rev-container').innerHTML;
-      hideElem('#loading-indicator');
-      showElem('#rel-container');
-      showElem('#rev-container');
-    })();
+    window.history.replaceState(null, '', queryString ? `?${queryString}` : window.location.pathname);
+
+    elGraphBody.classList.add('is-loading');
+    try {
+      const resp = await GET(ajaxUrl.toString());
+      elGraphBody.innerHTML = await resp.text();
+    } finally {
+      elGraphBody.classList.remove('is-loading');
+    }
   };
+
   const dropdownSelected = params.getAll('branch');
   if (params.has('hide-pr-refs') && params.get('hide-pr-refs') === 'true') {
     dropdownSelected.splice(0, 0, '...flow-hide-pr-refs');
   }
 
-  const flowSelectRefsDropdown = document.querySelector('#flow-select-refs-dropdown');
-  const $dropdown = fomanticQuery(flowSelectRefsDropdown);
-  $dropdown.dropdown({
-    clearable: true,
-    fullTextSeach: 'exact',
+  const $dropdown = fomanticQuery('#flow-select-refs-dropdown');
+  $dropdown.dropdown({clearable: true});
+  $dropdown.dropdown('set selected', dropdownSelected);
+  // must add the callback after setting the selected items, otherwise each "selected" item will trigger the callback
+  $dropdown.dropdown('setting', {
     onRemove(toRemove: string) {
       if (toRemove === '...flow-hide-pr-refs') {
         params.delete('hide-pr-refs');
@@ -99,7 +71,7 @@ export function initRepoGraphGit() {
           }
         }
       }
-      updateGraph();
+      loadGitGraph();
     },
     onAdd(toAdd: string) {
       if (toAdd === '...flow-hide-pr-refs') {
@@ -107,50 +79,7 @@ export function initRepoGraphGit() {
       } else {
         params.append('branch', toAdd);
       }
-      updateGraph();
+      loadGitGraph();
     },
   });
-  $dropdown.dropdown('set selected', dropdownSelected);
-
-  graphContainer.addEventListener('mouseenter', (e: DOMEvent<MouseEvent>) => {
-    if (e.target.matches('#rev-list li')) {
-      const flow = e.target.getAttribute('data-flow');
-      if (flow === '0') return;
-      document.querySelector(`#flow-${flow}`)?.classList.add('highlight');
-      e.target.classList.add('hover');
-      for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
-        item.classList.add('highlight');
-      }
-    } else if (e.target.matches('#rel-container .flow-group')) {
-      e.target.classList.add('highlight');
-      const flow = e.target.getAttribute('data-flow');
-      for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
-        item.classList.add('highlight');
-      }
-    } else if (e.target.matches('#rel-container .flow-commit')) {
-      const rev = e.target.getAttribute('data-rev');
-      document.querySelector(`#rev-list li#commit-${rev}`)?.classList.add('hover');
-    }
-  });
-
-  graphContainer.addEventListener('mouseleave', (e: DOMEvent<MouseEvent>) => {
-    if (e.target.matches('#rev-list li')) {
-      const flow = e.target.getAttribute('data-flow');
-      if (flow === '0') return;
-      document.querySelector(`#flow-${flow}`)?.classList.remove('highlight');
-      e.target.classList.remove('hover');
-      for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
-        item.classList.remove('highlight');
-      }
-    } else if (e.target.matches('#rel-container .flow-group')) {
-      e.target.classList.remove('highlight');
-      const flow = e.target.getAttribute('data-flow');
-      for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
-        item.classList.remove('highlight');
-      }
-    } else if (e.target.matches('#rel-container .flow-commit')) {
-      const rev = e.target.getAttribute('data-rev');
-      document.querySelector(`#rev-list li#commit-${rev}`)?.classList.remove('hover');
-    }
-  });
 }
diff --git a/web_src/js/features/repo-issue-edit.ts b/web_src/js/features/repo-issue-edit.ts
index b3de91c3bd..e89e5a787a 100644
--- a/web_src/js/features/repo-issue-edit.ts
+++ b/web_src/js/features/repo-issue-edit.ts
@@ -132,7 +132,7 @@ async function tryOnQuoteReply(e: Event) {
   const targetMarkupToQuote = targetRawToQuote.parentElement.querySelector<HTMLElement>('.render-content.markup');
   let contentToQuote = extractSelectedMarkdown(targetMarkupToQuote);
   if (!contentToQuote) contentToQuote = targetRawToQuote.textContent;
-  const quotedContent = `${contentToQuote.replace(/^/mg, '> ')}\n`;
+  const quotedContent = `${contentToQuote.replace(/^/mg, '> ')}\n\n`;
 
   let editor;
   if (clickTarget.classList.contains('quote-reply-diff')) {
diff --git a/web_src/js/features/repo-issue-list.ts b/web_src/js/features/repo-issue-list.ts
index 01d4bb6f78..762fbf51bb 100644
--- a/web_src/js/features/repo-issue-list.ts
+++ b/web_src/js/features/repo-issue-list.ts
@@ -1,6 +1,6 @@
 import {updateIssuesMeta} from './repo-common.ts';
-import {toggleElem, isElemHidden, queryElems} from '../utils/dom.ts';
-import {htmlEscape} from 'escape-goat';
+import {toggleElem, queryElems, isElemVisible} from '../utils/dom.ts';
+import {html} from '../utils/html.ts';
 import {confirmModal} from './comp/ConfirmModal.ts';
 import {showErrorToast} from '../modules/toast.ts';
 import {createSortable} from '../modules/sortable.ts';
@@ -33,8 +33,8 @@ function initRepoIssueListCheckboxes() {
     toggleElem('#issue-filters', !anyChecked);
     toggleElem('#issue-actions', anyChecked);
     // there are two panels but only one select-all checkbox, so move the checkbox to the visible panel
-    const panels = document.querySelectorAll('#issue-filters, #issue-actions');
-    const visiblePanel = Array.from(panels).find((el) => !isElemHidden(el));
+    const panels = document.querySelectorAll<HTMLElement>('#issue-filters, #issue-actions');
+    const visiblePanel = Array.from(panels).find((el) => isElemVisible(el));
     const toolbarLeft = visiblePanel.querySelector('.issue-list-toolbar-left');
     toolbarLeft.prepend(issueSelectAll);
   };
@@ -138,10 +138,10 @@ function initDropdownUserRemoteSearch(el: Element) {
         // the content is provided by backend IssuePosters handler
         processedResults.length = 0;
         for (const item of resp.results) {
-          let html = `<img class="ui avatar tw-align-middle" src="${htmlEscape(item.avatar_link)}" aria-hidden="true" alt="" width="20" height="20"><span class="gt-ellipsis">${htmlEscape(item.username)}</span>`;
-          if (item.full_name) html += `<span class="search-fullname tw-ml-2">${htmlEscape(item.full_name)}</span>`;
+          let nameHtml = html`<img class="ui avatar tw-align-middle" src="${item.avatar_link}" aria-hidden="true" alt width="20" height="20"><span class="gt-ellipsis">${item.username}</span>`;
+          if (item.full_name) nameHtml += html`<span class="search-fullname tw-ml-2">${item.full_name}</span>`;
           if (selectedUsername.toLowerCase() === item.username.toLowerCase()) selectedUsername = item.username;
-          processedResults.push({value: item.username, name: html});
+          processedResults.push({value: item.username, name: nameHtml});
         }
         resp.results = processedResults;
         return resp;
diff --git a/web_src/js/features/repo-issue-pr-form.ts b/web_src/js/features/repo-issue-pr-form.ts
deleted file mode 100644
index 94a2857340..0000000000
--- a/web_src/js/features/repo-issue-pr-form.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-import {createApp} from 'vue';
-import PullRequestMergeForm from '../components/PullRequestMergeForm.vue';
-
-export function initRepoPullRequestMergeForm() {
-  const el = document.querySelector('#pull-request-merge-form');
-  if (!el) return;
-
-  const view = createApp(PullRequestMergeForm);
-  view.mount(el);
-}
diff --git a/web_src/js/features/repo-issue-pr-status.ts b/web_src/js/features/repo-issue-pr-status.ts
deleted file mode 100644
index 8426b389f0..0000000000
--- a/web_src/js/features/repo-issue-pr-status.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-export function initRepoPullRequestCommitStatus() {
-  for (const btn of document.querySelectorAll('.commit-status-hide-checks')) {
-    const panel = btn.closest('.commit-status-panel');
-    const list = panel.querySelector<HTMLElement>('.commit-status-list');
-    btn.addEventListener('click', () => {
-      list.style.maxHeight = list.style.maxHeight ? '' : '0px'; // toggle
-      btn.textContent = btn.getAttribute(list.style.maxHeight ? 'data-show-all' : 'data-hide-all');
-    });
-  }
-}
diff --git a/web_src/js/features/repo-issue-pull.ts b/web_src/js/features/repo-issue-pull.ts
new file mode 100644
index 0000000000..c415dad08f
--- /dev/null
+++ b/web_src/js/features/repo-issue-pull.ts
@@ -0,0 +1,133 @@
+import {createApp} from 'vue';
+import PullRequestMergeForm from '../components/PullRequestMergeForm.vue';
+import {GET, POST} from '../modules/fetch.ts';
+import {fomanticQuery} from '../modules/fomantic/base.ts';
+import {createElementFromHTML} from '../utils/dom.ts';
+
+function initRepoPullRequestUpdate(el: HTMLElement) {
+  const prUpdateButtonContainer = el.querySelector('#update-pr-branch-with-base');
+  if (!prUpdateButtonContainer) return;
+
+  const prUpdateButton = prUpdateButtonContainer.querySelector<HTMLButtonElement>(':scope > button');
+  const prUpdateDropdown = prUpdateButtonContainer.querySelector(':scope > .ui.dropdown');
+  prUpdateButton.addEventListener('click', async function (e) {
+    e.preventDefault();
+    const redirect = this.getAttribute('data-redirect');
+    this.classList.add('is-loading');
+    let response: Response;
+    try {
+      response = await POST(this.getAttribute('data-do'));
+    } catch (error) {
+      console.error(error);
+    } finally {
+      this.classList.remove('is-loading');
+    }
+    let data: Record<string, any>;
+    try {
+      data = await response?.json(); // the response is probably not a JSON
+    } catch (error) {
+      console.error(error);
+    }
+    if (data?.redirect) {
+      window.location.href = data.redirect;
+    } else if (redirect) {
+      window.location.href = redirect;
+    } else {
+      window.location.reload();
+    }
+  });
+
+  fomanticQuery(prUpdateDropdown).dropdown({
+    onChange(_text: string, _value: string, $choice: any) {
+      const choiceEl = $choice[0];
+      const url = choiceEl.getAttribute('data-do');
+      if (url) {
+        const buttonText = prUpdateButton.querySelector('.button-text');
+        if (buttonText) {
+          buttonText.textContent = choiceEl.textContent;
+        }
+        prUpdateButton.setAttribute('data-do', url);
+      }
+    },
+  });
+}
+
+function initRepoPullRequestCommitStatus(el: HTMLElement) {
+  for (const btn of el.querySelectorAll('.commit-status-hide-checks')) {
+    const panel = btn.closest('.commit-status-panel');
+    const list = panel.querySelector<HTMLElement>('.commit-status-list');
+    btn.addEventListener('click', () => {
+      list.style.maxHeight = list.style.maxHeight ? '' : '0px'; // toggle
+      btn.textContent = btn.getAttribute(list.style.maxHeight ? 'data-show-all' : 'data-hide-all');
+    });
+  }
+}
+
+function initRepoPullRequestMergeForm(box: HTMLElement) {
+  const el = box.querySelector('#pull-request-merge-form');
+  if (!el) return;
+
+  const view = createApp(PullRequestMergeForm);
+  view.mount(el);
+}
+
+function executeScripts(elem: HTMLElement) {
+  for (const oldScript of elem.querySelectorAll('script')) {
+    // TODO: that's the only way to load the data for the merge form. In the future
+    //  we need to completely decouple the page data and embedded script
+    // eslint-disable-next-line github/no-dynamic-script-tag
+    const newScript = document.createElement('script');
+    for (const attr of oldScript.attributes) {
+      if (attr.name === 'type' && attr.value === 'module') continue;
+      newScript.setAttribute(attr.name, attr.value);
+    }
+    newScript.text = oldScript.text;
+    document.body.append(newScript);
+  }
+}
+
+export function initRepoPullMergeBox(el: HTMLElement) {
+  initRepoPullRequestCommitStatus(el);
+  initRepoPullRequestUpdate(el);
+  initRepoPullRequestMergeForm(el);
+
+  const reloadingIntervalValue = el.getAttribute('data-pull-merge-box-reloading-interval');
+  if (!reloadingIntervalValue) return;
+
+  const reloadingInterval = parseInt(reloadingIntervalValue);
+  const pullLink = el.getAttribute('data-pull-link');
+  let timerId: number;
+
+  let reloadMergeBox: () => Promise<void>;
+  const stopReloading = () => {
+    if (!timerId) return;
+    clearTimeout(timerId);
+    timerId = null;
+  };
+  const startReloading = () => {
+    if (timerId) return;
+    setTimeout(reloadMergeBox, reloadingInterval);
+  };
+  const onVisibilityChange = () => {
+    if (document.hidden) {
+      stopReloading();
+    } else {
+      startReloading();
+    }
+  };
+  reloadMergeBox = async () => {
+    const resp = await GET(`${pullLink}/merge_box`);
+    stopReloading();
+    if (!resp.ok) {
+      startReloading();
+      return;
+    }
+    document.removeEventListener('visibilitychange', onVisibilityChange);
+    const newElem = createElementFromHTML(await resp.text());
+    executeScripts(newElem);
+    el.replaceWith(newElem);
+  };
+
+  document.addEventListener('visibilitychange', onVisibilityChange);
+  startReloading();
+}
diff --git a/web_src/js/features/repo-issue-sidebar-combolist.ts b/web_src/js/features/repo-issue-sidebar-combolist.ts
index c30d4fe50d..f25c0a77c6 100644
--- a/web_src/js/features/repo-issue-sidebar-combolist.ts
+++ b/web_src/js/features/repo-issue-sidebar-combolist.ts
@@ -1,6 +1,6 @@
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 import {POST} from '../modules/fetch.ts';
-import {queryElemChildren, queryElems, toggleElem} from '../utils/dom.ts';
+import {addDelegatedEventListener, queryElemChildren, queryElems, toggleElem} from '../utils/dom.ts';
 
 // if there are draft comments, confirm before reloading, to avoid losing comments
 function issueSidebarReloadConfirmDraftComment() {
@@ -22,7 +22,7 @@ function issueSidebarReloadConfirmDraftComment() {
   window.location.reload();
 }
 
-class IssueSidebarComboList {
+export class IssueSidebarComboList {
   updateUrl: string;
   updateAlgo: string;
   selectionMode: string;
@@ -95,9 +95,7 @@ class IssueSidebarComboList {
     }
   }
 
-  async onItemClick(e: Event) {
-    const elItem = (e.target as HTMLElement).closest('.item');
-    if (!elItem) return;
+  async onItemClick(elItem: HTMLElement, e: Event) {
     e.preventDefault();
     if (elItem.hasAttribute('data-can-change') && elItem.getAttribute('data-can-change') !== 'true') return;
 
@@ -146,16 +144,13 @@ class IssueSidebarComboList {
     }
     this.initialValues = this.collectCheckedValues();
 
-    this.elDropdown.addEventListener('click', (e) => this.onItemClick(e));
+    addDelegatedEventListener(this.elDropdown, 'click', '.item', (el, e) => this.onItemClick(el, e));
 
     fomanticQuery(this.elDropdown).dropdown('setting', {
       action: 'nothing', // do not hide the menu if user presses Enter
       fullTextSearch: 'exact',
+      hideDividers: 'empty',
       onHide: () => this.onHide(),
     });
   }
 }
-
-export function initIssueSidebarComboList(container: HTMLElement) {
-  new IssueSidebarComboList(container).init();
-}
diff --git a/web_src/js/features/repo-issue-sidebar.ts b/web_src/js/features/repo-issue-sidebar.ts
index f84bed127f..290e1ae000 100644
--- a/web_src/js/features/repo-issue-sidebar.ts
+++ b/web_src/js/features/repo-issue-sidebar.ts
@@ -1,6 +1,6 @@
 import {POST} from '../modules/fetch.ts';
 import {queryElems, toggleElem} from '../utils/dom.ts';
-import {initIssueSidebarComboList} from './repo-issue-sidebar-combolist.ts';
+import {IssueSidebarComboList} from './repo-issue-sidebar-combolist.ts';
 
 function initBranchSelector() {
   // TODO: RemoveIssueRef: see "repo/issue/branch_selector_field.tmpl"
@@ -48,5 +48,5 @@ export function initRepoIssueSidebar() {
   initRepoIssueDue();
 
   // init the combo list: a dropdown for selecting items, and a list for showing selected items and related actions
-  queryElems<HTMLElement>(document, '.issue-sidebar-combo', (el) => initIssueSidebarComboList(el));
+  queryElems<HTMLElement>(document, '.issue-sidebar-combo', (el) => new IssueSidebarComboList(el).init());
 }
diff --git a/web_src/js/features/repo-issue.ts b/web_src/js/features/repo-issue.ts
index ed79cbfe50..b330b4869b 100644
--- a/web_src/js/features/repo-issue.ts
+++ b/web_src/js/features/repo-issue.ts
@@ -1,4 +1,4 @@
-import {htmlEscape} from 'escape-goat';
+import {html, htmlEscape} from '../utils/html.ts';
 import {createTippy, showTemporaryTooltip} from '../modules/tippy.ts';
 import {
   addDelegatedEventListener,
@@ -17,6 +17,7 @@ import {showErrorToast} from '../modules/toast.ts';
 import {initRepoIssueSidebar} from './repo-issue-sidebar.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 import {ignoreAreYouSure} from '../vendor/jquery.are-you-sure.ts';
+import {registerGlobalInitFunc} from '../modules/observer.ts';
 
 const {appSubUrl} = window.config;
 
@@ -45,8 +46,7 @@ export function initRepoIssueSidebarDependency() {
           if (String(issue.id) === currIssueId) continue;
           filteredResponse.results.push({
             value: issue.id,
-            name: `<div class="gt-ellipsis">#${issue.number} ${htmlEscape(issue.title)}</div>
-<div class="text small tw-break-anywhere">${htmlEscape(issue.repository.full_name)}</div>`,
+            name: html`<div class="gt-ellipsis">#${issue.number} ${issue.title}</div><div class="text small tw-break-anywhere">${issue.repository.full_name}</div>`,
           });
         }
         return filteredResponse;
@@ -197,54 +197,6 @@ export function initRepoIssueCodeCommentCancel() {
   });
 }
 
-export function initRepoPullRequestUpdate() {
-  const prUpdateButtonContainer = document.querySelector('#update-pr-branch-with-base');
-  if (!prUpdateButtonContainer) return;
-
-  const prUpdateButton = prUpdateButtonContainer.querySelector<HTMLButtonElement>(':scope > button');
-  const prUpdateDropdown = prUpdateButtonContainer.querySelector(':scope > .ui.dropdown');
-  prUpdateButton.addEventListener('click', async function (e) {
-    e.preventDefault();
-    const redirect = this.getAttribute('data-redirect');
-    this.classList.add('is-loading');
-    let response: Response;
-    try {
-      response = await POST(this.getAttribute('data-do'));
-    } catch (error) {
-      console.error(error);
-    } finally {
-      this.classList.remove('is-loading');
-    }
-    let data: Record<string, any>;
-    try {
-      data = await response?.json(); // the response is probably not a JSON
-    } catch (error) {
-      console.error(error);
-    }
-    if (data?.redirect) {
-      window.location.href = data.redirect;
-    } else if (redirect) {
-      window.location.href = redirect;
-    } else {
-      window.location.reload();
-    }
-  });
-
-  fomanticQuery(prUpdateDropdown).dropdown({
-    onChange(_text: string, _value: string, $choice: any) {
-      const choiceEl = $choice[0];
-      const url = choiceEl.getAttribute('data-do');
-      if (url) {
-        const buttonText = prUpdateButton.querySelector('.button-text');
-        if (buttonText) {
-          buttonText.textContent = choiceEl.textContent;
-        }
-        prUpdateButton.setAttribute('data-do', url);
-      }
-    },
-  });
-}
-
 export function initRepoPullRequestAllowMaintainerEdit() {
   const wrapper = document.querySelector('#allow-edits-from-maintainers');
   if (!wrapper) return;
@@ -464,25 +416,20 @@ export function initRepoIssueWipNewTitle() {
 
 export function initRepoIssueWipToggle() {
   // Toggle WIP for existing PR
-  queryElems(document, '.toggle-wip', (el) => el.addEventListener('click', async (e) => {
+  registerGlobalInitFunc('initPullRequestWipToggle', (toggleWip) => toggleWip.addEventListener('click', async (e) => {
     e.preventDefault();
-    const toggleWip = el;
     const title = toggleWip.getAttribute('data-title');
     const wipPrefix = toggleWip.getAttribute('data-wip-prefix');
     const updateUrl = toggleWip.getAttribute('data-update-url');
 
-    try {
-      const params = new URLSearchParams();
-      params.append('title', title?.startsWith(wipPrefix) ? title.slice(wipPrefix.length).trim() : `${wipPrefix.trim()} ${title}`);
-
-      const response = await POST(updateUrl, {data: params});
-      if (!response.ok) {
-        throw new Error('Failed to toggle WIP status');
-      }
-      window.location.reload();
-    } catch (error) {
-      console.error(error);
+    const params = new URLSearchParams();
+    params.append('title', title?.startsWith(wipPrefix) ? title.slice(wipPrefix.length).trim() : `${wipPrefix.trim()} ${title}`);
+    const response = await POST(updateUrl, {data: params});
+    if (!response.ok) {
+      showErrorToast(`Failed to toggle 'work in progress' status`);
+      return;
     }
+    window.location.reload();
   }));
 }
 
@@ -595,7 +542,12 @@ function initIssueTemplateCommentEditors(commentForm: HTMLFormElement) {
       // deactivate all markdown editors
       showElem(commentForm.querySelectorAll('.combo-editor-dropzone .form-field-real'));
       hideElem(commentForm.querySelectorAll('.combo-editor-dropzone .combo-markdown-editor'));
-      hideElem(commentForm.querySelectorAll('.combo-editor-dropzone .form-field-dropzone'));
+      queryElems(commentForm, '.combo-editor-dropzone .form-field-dropzone', (dropzoneContainer) => {
+        // if "form-field-dropzone" exists, then "dropzone" must also exist
+        const dropzone = dropzoneContainer.querySelector<HTMLElement>('.dropzone').dropzone;
+        const hasUploadedFiles = dropzone.files.length !== 0;
+        toggleElem(dropzoneContainer, hasUploadedFiles);
+      });
 
       // activate this markdown editor
       hideElem(fieldTextarea);
diff --git a/web_src/js/features/repo-legacy.ts b/web_src/js/features/repo-legacy.ts
index 0ff6feba2d..249d181b25 100644
--- a/web_src/js/features/repo-legacy.ts
+++ b/web_src/js/features/repo-legacy.ts
@@ -4,7 +4,6 @@ import {
   initRepoIssueBranchSelect, initRepoIssueCodeCommentCancel, initRepoIssueCommentDelete,
   initRepoIssueComments, initRepoIssueReferenceIssue,
   initRepoIssueTitleEdit, initRepoIssueWipNewTitle, initRepoIssueWipToggle,
-  initRepoPullRequestUpdate,
 } from './repo-issue.ts';
 import {initUnicodeEscapeButton} from './repo-unicode-escape.ts';
 import {initRepoCloneButtons} from './repo-common.ts';
@@ -12,14 +11,13 @@ import {initCitationFileCopyContent} from './citation.ts';
 import {initCompLabelEdit} from './comp/LabelEdit.ts';
 import {initCompReactionSelector} from './comp/ReactionSelector.ts';
 import {initRepoSettings} from './repo-settings.ts';
-import {initRepoPullRequestMergeForm} from './repo-issue-pr-form.ts';
-import {initRepoPullRequestCommitStatus} from './repo-issue-pr-status.ts';
 import {hideElem, queryElemChildren, queryElems, showElem} from '../utils/dom.ts';
 import {initRepoIssueCommentEdit} from './repo-issue-edit.ts';
 import {initRepoMilestone} from './repo-milestone.ts';
 import {initRepoNew} from './repo-new.ts';
 import {createApp} from 'vue';
 import RepoBranchTagSelector from '../components/RepoBranchTagSelector.vue';
+import {initRepoPullMergeBox} from './repo-issue-pull.ts';
 
 function initRepoBranchTagSelector() {
   registerGlobalInitFunc('initRepoBranchTagSelector', async (elRoot: HTMLInputElement) => {
@@ -69,11 +67,9 @@ export function initRepository() {
 
     initRepoIssueCommentDelete();
     initRepoIssueCodeCommentCancel();
-    initRepoPullRequestUpdate();
     initCompReactionSelector();
 
-    initRepoPullRequestMergeForm();
-    initRepoPullRequestCommitStatus();
+    registerGlobalInitFunc('initRepoPullMergeBox', initRepoPullMergeBox);
   }
 
   initUnicodeEscapeButton();
diff --git a/web_src/js/features/repo-migration.ts b/web_src/js/features/repo-migration.ts
index fb9c822f98..0b348b45fb 100644
--- a/web_src/js/features/repo-migration.ts
+++ b/web_src/js/features/repo-migration.ts
@@ -1,4 +1,5 @@
 import {hideElem, showElem, toggleElem} from '../utils/dom.ts';
+import {sanitizeRepoName} from './repo-common.ts';
 
 const service = document.querySelector<HTMLInputElement>('#service_type');
 const user = document.querySelector<HTMLInputElement>('#auth_username');
@@ -25,13 +26,23 @@ export function initRepoMigration() {
   });
   lfs?.addEventListener('change', setLFSSettingsVisibility);
 
-  const cloneAddr = document.querySelector<HTMLInputElement>('#clone_addr');
-  cloneAddr?.addEventListener('change', () => {
-    const repoName = document.querySelector<HTMLInputElement>('#repo_name');
-    if (cloneAddr.value && !repoName?.value) { // Only modify if repo_name input is blank
-      repoName.value = /^(.*\/)?((.+?)(\.git)?)$/.exec(cloneAddr.value)[3];
-    }
-  });
+  const elCloneAddr = document.querySelector<HTMLInputElement>('#clone_addr');
+  const elRepoName = document.querySelector<HTMLInputElement>('#repo_name');
+  if (elCloneAddr && elRepoName) {
+    let repoNameChanged = false;
+    elRepoName.addEventListener('input', () => {repoNameChanged = true});
+    elCloneAddr.addEventListener('input', () => {
+      if (repoNameChanged) return;
+      let repoNameFromUrl = elCloneAddr.value.split(/[?#]/)[0];
+      const parts = /^(.*\/)?((.+?)\/?)$/.exec(repoNameFromUrl);
+      if (!parts || parts.length < 4) {
+        elRepoName.value = '';
+        return;
+      }
+      repoNameFromUrl = parts[3].split(/[?#]/)[0];
+      elRepoName.value = sanitizeRepoName(repoNameFromUrl);
+    });
+  }
 }
 
 function checkAuth() {
diff --git a/web_src/js/features/repo-new.ts b/web_src/js/features/repo-new.ts
index f2c5eba62c..e2aa13f490 100644
--- a/web_src/js/features/repo-new.ts
+++ b/web_src/js/features/repo-new.ts
@@ -1,11 +1,14 @@
-import {hideElem, showElem, toggleElem} from '../utils/dom.ts';
-import {htmlEscape} from 'escape-goat';
+import {hideElem, querySingleVisibleElem, showElem, toggleElem} from '../utils/dom.ts';
+import {htmlEscape} from '../utils/html.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
+import {sanitizeRepoName} from './repo-common.ts';
 
 const {appSubUrl} = window.config;
 
 function initRepoNewTemplateSearch(form: HTMLFormElement) {
-  const inputRepoOwnerUid = form.querySelector<HTMLInputElement>('#uid');
+  const elSubmitButton = querySingleVisibleElem<HTMLInputElement>(form, '.ui.primary.button');
+  const elCreateRepoErrorMessage = form.querySelector('#create-repo-error-message');
+  const elRepoOwnerDropdown = form.querySelector('#repo_owner_dropdown');
   const elRepoTemplateDropdown = form.querySelector<HTMLInputElement>('#repo_template_search');
   const inputRepoTemplate = form.querySelector<HTMLInputElement>('#repo_template');
   const elTemplateUnits = form.querySelector('#template_units');
@@ -18,11 +21,23 @@ function initRepoNewTemplateSearch(form: HTMLFormElement) {
   inputRepoTemplate.addEventListener('change', checkTemplate);
   checkTemplate();
 
-  const $dropdown = fomanticQuery(elRepoTemplateDropdown);
+  const $repoOwnerDropdown = fomanticQuery(elRepoOwnerDropdown);
+  const $repoTemplateDropdown = fomanticQuery(elRepoTemplateDropdown);
   const onChangeOwner = function () {
-    $dropdown.dropdown('setting', {
+    const ownerId = $repoOwnerDropdown.dropdown('get value');
+    const $ownerItem = $repoOwnerDropdown.dropdown('get item', ownerId);
+    hideElem(elCreateRepoErrorMessage);
+    elSubmitButton.disabled = false;
+    if ($ownerItem?.length) {
+      const elOwnerItem = $ownerItem[0];
+      elCreateRepoErrorMessage.textContent = elOwnerItem.getAttribute('data-create-repo-disallowed-prompt') ?? '';
+      const hasError = Boolean(elCreateRepoErrorMessage.textContent);
+      toggleElem(elCreateRepoErrorMessage, hasError);
+      elSubmitButton.disabled = hasError;
+    }
+    $repoTemplateDropdown.dropdown('setting', {
       apiSettings: {
-        url: `${appSubUrl}/repo/search?q={query}&template=true&priority_owner_id=${inputRepoOwnerUid.value}`,
+        url: `${appSubUrl}/repo/search?q={query}&template=true&priority_owner_id=${ownerId}`,
         onResponse(response: any) {
           const results = [];
           results.push({name: '', value: ''}); // empty item means not using template
@@ -32,14 +47,14 @@ function initRepoNewTemplateSearch(form: HTMLFormElement) {
               value: String(tmplRepo.repository.id),
             });
           }
-          $dropdown.fomanticExt.onResponseKeepSelectedItem($dropdown, inputRepoTemplate.value);
+          $repoTemplateDropdown.fomanticExt.onResponseKeepSelectedItem($repoTemplateDropdown, inputRepoTemplate.value);
           return {results};
         },
         cache: false,
       },
     });
   };
-  inputRepoOwnerUid.addEventListener('change', onChangeOwner);
+  $repoOwnerDropdown.dropdown('setting', 'onChange', onChangeOwner);
   onChangeOwner();
 }
 
@@ -74,6 +89,10 @@ export function initRepoNew() {
     }
   };
   inputRepoName.addEventListener('input', updateUiRepoName);
+  inputRepoName.addEventListener('change', () => {
+    inputRepoName.value = sanitizeRepoName(inputRepoName.value);
+    updateUiRepoName();
+  });
   updateUiRepoName();
 
   initRepoNewTemplateSearch(form);
diff --git a/web_src/js/features/repo-projects.ts b/web_src/js/features/repo-projects.ts
index 11f5c19c8d..ad0feb6101 100644
--- a/web_src/js/features/repo-projects.ts
+++ b/web_src/js/features/repo-projects.ts
@@ -2,8 +2,9 @@ import {contrastColor} from '../utils/color.ts';
 import {createSortable} from '../modules/sortable.ts';
 import {POST, request} from '../modules/fetch.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
-import {queryElemChildren, queryElems} from '../utils/dom.ts';
+import {queryElemChildren, queryElems, toggleElem} from '../utils/dom.ts';
 import type {SortableEvent} from 'sortablejs';
+import {toggleFullScreen} from '../utils.ts';
 
 function updateIssueCount(card: HTMLElement): void {
   const parent = card.parentElement;
@@ -34,8 +35,8 @@ async function moveIssue({item, from, to, oldIndex}: SortableEvent): Promise<voi
 }
 
 async function initRepoProjectSortable(): Promise<void> {
-  // the HTML layout is: #project-board > .board > .project-column .cards > .issue-card
-  const mainBoard = document.querySelector('#project-board > .board.sortable');
+  // the HTML layout is: #project-board.board > .project-column .cards > .issue-card
+  const mainBoard = document.querySelector('#project-board');
   let boardColumns = mainBoard.querySelectorAll<HTMLElement>('.project-column');
   createSortable(mainBoard, {
     group: 'project-column',
@@ -113,7 +114,6 @@ function initRepoProjectColumnEdit(writableProjectBoard: Element): void {
         window.location.reload(); // newly added column, need to reload the page
         return;
       }
-      fomanticQuery(elModal).modal('hide');
 
       // update the newly saved column title and color in the project board (to avoid reload)
       const elEditButton = writableProjectBoard.querySelector<HTMLButtonElement>(`.show-project-column-modal-edit[${attrDataColumnId}="${columnId}"]`);
@@ -133,13 +133,32 @@ function initRepoProjectColumnEdit(writableProjectBoard: Element): void {
         elBoardColumn.style.removeProperty('color');
         queryElemChildren<HTMLElement>(elBoardColumn, '.divider', (divider) => divider.style.removeProperty('color'));
       }
+
+      fomanticQuery(elModal).modal('hide');
     } finally {
       elForm.classList.remove('is-loading');
     }
   });
 }
 
+function initRepoProjectToggleFullScreen(): void {
+  const enterFullscreenBtn = document.querySelector('.screen-full');
+  const exitFullscreenBtn = document.querySelector('.screen-normal');
+  if (!enterFullscreenBtn || !exitFullscreenBtn) return;
+
+  const toggleFullscreenState = (isFullScreen: boolean) => {
+    toggleFullScreen('.projects-view', isFullScreen);
+    toggleElem(enterFullscreenBtn, !isFullScreen);
+    toggleElem(exitFullscreenBtn, isFullScreen);
+  };
+
+  enterFullscreenBtn.addEventListener('click', () => toggleFullscreenState(true));
+  exitFullscreenBtn.addEventListener('click', () => toggleFullscreenState(false));
+}
+
 export function initRepoProject(): void {
+  initRepoProjectToggleFullScreen();
+
   const writableProjectBoard = document.querySelector('#project-board[data-project-borad-writable="true"]');
   if (!writableProjectBoard) return;
 
diff --git a/web_src/js/features/repo-settings.ts b/web_src/js/features/repo-settings.ts
index 80f897069e..5c81cf5ecd 100644
--- a/web_src/js/features/repo-settings.ts
+++ b/web_src/js/features/repo-settings.ts
@@ -2,7 +2,6 @@ import {minimatch} from 'minimatch';
 import {createMonaco} from './codeeditor.ts';
 import {onInputDebounce, queryElems, toggleElem} from '../utils/dom.ts';
 import {POST} from '../modules/fetch.ts';
-import {initAvatarUploaderWithCropper} from './comp/Cropper.ts';
 import {initRepoSettingsBranchesDrag} from './repo-settings-branches.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 
@@ -125,22 +124,18 @@ function initRepoSettingsOptions() {
   const pageContent = document.querySelector('.page-content.repository.settings.options');
   if (!pageContent) return;
 
-  const toggleClass = (elems: NodeListOf<Element>, className: string, value: boolean) => {
-    for (const el of elems) el.classList.toggle(className, value);
+  // toggle related panels for the checkbox/radio inputs, the "selector" may not exist
+  const toggleTargetContextPanel = (selector: string, enabled: boolean) => {
+    if (!selector) return;
+    queryElems(document, selector, (el) => el.classList.toggle('disabled', !enabled));
   };
-
-  // Enable or select internal/external wiki system and issue tracker.
   queryElems<HTMLInputElement>(pageContent, '.enable-system', (el) => el.addEventListener('change', () => {
-    const elTargets = document.querySelectorAll(el.getAttribute('data-target'));
-    const elContexts = document.querySelectorAll(el.getAttribute('data-context'));
-    toggleClass(elTargets, 'disabled', !el.checked);
-    toggleClass(elContexts, 'disabled', el.checked);
+    toggleTargetContextPanel(el.getAttribute('data-target'), el.checked);
+    toggleTargetContextPanel(el.getAttribute('data-context'), !el.checked);
   }));
   queryElems<HTMLInputElement>(pageContent, '.enable-system-radio', (el) => el.addEventListener('change', () => {
-    const elTargets = document.querySelectorAll(el.getAttribute('data-target'));
-    const elContexts = document.querySelectorAll(el.getAttribute('data-context'));
-    toggleClass(elTargets, 'disabled', el.value === 'false');
-    toggleClass(elContexts, 'disabled', el.value === 'true');
+    toggleTargetContextPanel(el.getAttribute('data-target'), el.value === 'true');
+    toggleTargetContextPanel(el.getAttribute('data-context'), el.value === 'false');
   }));
 
   queryElems<HTMLInputElement>(pageContent, '.js-tracker-issue-style', (el) => el.addEventListener('change', () => {
@@ -157,6 +152,4 @@ export function initRepoSettings() {
   initRepoSettingsSearchTeamBox();
   initRepoSettingsGitHook();
   initRepoSettingsBranchesDrag();
-
-  queryElems(document, '.avatar-file-with-cropper', initAvatarUploaderWithCropper);
 }
diff --git a/web_src/js/features/repo-wiki.ts b/web_src/js/features/repo-wiki.ts
index f94d3ef3d1..6ae0947077 100644
--- a/web_src/js/features/repo-wiki.ts
+++ b/web_src/js/features/repo-wiki.ts
@@ -2,6 +2,7 @@ import {validateTextareaNonEmpty, initComboMarkdownEditor} from './comp/ComboMar
 import {fomanticMobileScreen} from '../modules/fomantic.ts';
 import {POST} from '../modules/fetch.ts';
 import type {ComboMarkdownEditor} from './comp/ComboMarkdownEditor.ts';
+import {html, htmlRaw} from '../utils/html.ts';
 
 async function initRepoWikiFormEditor() {
   const editArea = document.querySelector<HTMLTextAreaElement>('.repository.wiki .combo-markdown-editor textarea');
@@ -30,7 +31,7 @@ async function initRepoWikiFormEditor() {
         const response = await POST(editor.previewUrl, {data: formData});
         const data = await response.text();
         lastContent = newContent;
-        previewTarget.innerHTML = `<div class="render-content markup ui segment">${data}</div>`;
+        previewTarget.innerHTML = html`<div class="render-content markup ui segment">${htmlRaw(data)}</div>`;
       } catch (error) {
         console.error('Error rendering preview:', error);
       } finally {
diff --git a/web_src/js/features/stopwatch.ts b/web_src/js/features/stopwatch.ts
index a5cd5ae7c4..07f9c435b8 100644
--- a/web_src/js/features/stopwatch.ts
+++ b/web_src/js/features/stopwatch.ts
@@ -134,7 +134,7 @@ function updateStopwatchData(data: any) {
     const {repo_owner_name, repo_name, issue_index, seconds} = watch;
     const issueUrl = `${appSubUrl}/${repo_owner_name}/${repo_name}/issues/${issue_index}`;
     document.querySelector('.stopwatch-link')?.setAttribute('href', issueUrl);
-    document.querySelector('.stopwatch-commit')?.setAttribute('action', `${issueUrl}/times/stopwatch/toggle`);
+    document.querySelector('.stopwatch-commit')?.setAttribute('action', `${issueUrl}/times/stopwatch/stop`);
     document.querySelector('.stopwatch-cancel')?.setAttribute('action', `${issueUrl}/times/stopwatch/cancel`);
     const stopwatchIssue = document.querySelector('.stopwatch-issue');
     if (stopwatchIssue) stopwatchIssue.textContent = `${repo_owner_name}/${repo_name}#${issue_index}`;
diff --git a/web_src/js/features/tribute.ts b/web_src/js/features/tribute.ts
index de1c3e97cd..43c21ebe6d 100644
--- a/web_src/js/features/tribute.ts
+++ b/web_src/js/features/tribute.ts
@@ -1,5 +1,5 @@
 import {emojiKeys, emojiHTML, emojiString} from './emoji.ts';
-import {htmlEscape} from 'escape-goat';
+import {html, htmlRaw} from '../utils/html.ts';
 
 type TributeItem = Record<string, any>;
 
@@ -26,17 +26,18 @@ export async function attachTribute(element: HTMLElement) {
         return emojiString(item.original);
       },
       menuItemTemplate: (item: TributeItem) => {
-        return `<div class="tribute-item">${emojiHTML(item.original)}<span>${htmlEscape(item.original)}</span></div>`;
+        return html`<div class="tribute-item">${htmlRaw(emojiHTML(item.original))}<span>${item.original}</span></div>`;
       },
     }, { // mentions
       values: window.config.mentionValues ?? [],
       requireLeadingSpace: true,
       menuItemTemplate: (item: TributeItem) => {
-        return `
+        const fullNameHtml = item.original.fullname && item.original.fullname !== '' ? html`<span class="fullname">${item.original.fullname}</span>` : '';
+        return html`
           <div class="tribute-item">
-            <img src="${htmlEscape(item.original.avatar)}" width="21" height="21"/>
-            <span class="name">${htmlEscape(item.original.name)}</span>
-            ${item.original.fullname && item.original.fullname !== '' ? `<span class="fullname">${htmlEscape(item.original.fullname)}</span>` : ''}
+            <img alt src="${item.original.avatar}" width="21" height="21"/>
+            <span class="name">${item.original.name}</span>
+            ${htmlRaw(fullNameHtml)}
           </div>
         `;
       },
diff --git a/web_src/js/features/user-settings.ts b/web_src/js/features/user-settings.ts
index 21d20e676f..6fbb56e540 100644
--- a/web_src/js/features/user-settings.ts
+++ b/web_src/js/features/user-settings.ts
@@ -1,11 +1,8 @@
-import {hideElem, queryElems, showElem} from '../utils/dom.ts';
-import {initAvatarUploaderWithCropper} from './comp/Cropper.ts';
+import {hideElem, showElem} from '../utils/dom.ts';
 
 export function initUserSettings() {
   if (!document.querySelector('.user.settings.profile')) return;
 
-  queryElems(document, '.avatar-file-with-cropper', initAvatarUploaderWithCropper);
-
   const usernameInput = document.querySelector<HTMLInputElement>('#username');
   if (!usernameInput) return;
   usernameInput.addEventListener('input', function () {
diff --git a/web_src/js/globals.d.ts b/web_src/js/globals.d.ts
index 9e97ec0492..00f1744a95 100644
--- a/web_src/js/globals.d.ts
+++ b/web_src/js/globals.d.ts
@@ -25,11 +25,6 @@ declare module 'htmx.org/dist/htmx.esm.js' {
   export default value;
 }
 
-declare module 'uint8-to-base64' {
-  export function encode(arrayBuffer: Uint8Array): string;
-  export function decode(base64str: string): Uint8Array;
-}
-
 declare module 'swagger-ui-dist/swagger-ui-es-bundle.js' {
   const value = await import('swagger-ui-dist');
   export default value.SwaggerUIBundle;
@@ -55,17 +50,12 @@ interface Element {
   _tippy: import('tippy.js').Instance;
 }
 
-type Writable<T> = { -readonly [K in keyof T]: T[K] };
-
 interface Window {
   __webpack_public_path__: string;
   config: import('./web_src/js/types.ts').Config;
   $: typeof import('@types/jquery'),
   jQuery: typeof import('@types/jquery'),
-  htmx: Omit<typeof import('htmx.org/dist/htmx.esm.js').default, 'config'> & {
-    config?: Writable<typeof import('htmx.org').default.config>,
-    process?: (elt: Element | string) => void,
-  },
+  htmx: typeof import('htmx.org').default,
   _globalHandlerErrors: Array<ErrorEvent & PromiseRejectionEvent> & {
     _inited: boolean,
     push: (e: ErrorEvent & PromiseRejectionEvent) => void | number,
diff --git a/web_src/js/globals.ts b/web_src/js/globals.ts
index 24974da90e..955515d250 100644
--- a/web_src/js/globals.ts
+++ b/web_src/js/globals.ts
@@ -1,5 +1,2 @@
 import jquery from 'jquery';
-import htmx from 'htmx.org/dist/htmx.esm.js';
-
-window.$ = window.jQuery = jquery;
-window.htmx = htmx;
+window.$ = window.jQuery = jquery; // only for Fomantic UI
diff --git a/web_src/js/htmx.ts b/web_src/js/htmx.ts
index c23c3a21fa..9d433dfd57 100644
--- a/web_src/js/htmx.ts
+++ b/web_src/js/htmx.ts
@@ -1,21 +1,26 @@
-import {showErrorToast} from './modules/toast.ts';
+import htmx from 'htmx.org';
 import 'idiomorph/htmx';
 import type {HtmxResponseInfo} from 'htmx.org';
+import {showErrorToast} from './modules/toast.ts';
 
 type HtmxEvent = Event & {detail: HtmxResponseInfo};
 
-// https://htmx.org/reference/#config
-window.htmx.config.requestClass = 'is-loading';
-window.htmx.config.scrollIntoViewOnBoost = false;
+export function initHtmx() {
+  window.htmx = htmx;
+
+  // https://htmx.org/reference/#config
+  htmx.config.requestClass = 'is-loading';
+  htmx.config.scrollIntoViewOnBoost = false;
 
-// https://htmx.org/events/#htmx:sendError
-document.body.addEventListener('htmx:sendError', (event: Partial<HtmxEvent>) => {
-  // TODO: add translations
-  showErrorToast(`Network error when calling ${event.detail.requestConfig.path}`);
-});
+  // https://htmx.org/events/#htmx:sendError
+  document.body.addEventListener('htmx:sendError', (event: Partial<HtmxEvent>) => {
+    // TODO: add translations
+    showErrorToast(`Network error when calling ${event.detail.requestConfig.path}`);
+  });
 
-// https://htmx.org/events/#htmx:responseError
-document.body.addEventListener('htmx:responseError', (event: Partial<HtmxEvent>) => {
-  // TODO: add translations
-  showErrorToast(`Error ${event.detail.xhr.status} when calling ${event.detail.requestConfig.path}`);
-});
+  // https://htmx.org/events/#htmx:responseError
+  document.body.addEventListener('htmx:responseError', (event: Partial<HtmxEvent>) => {
+    // TODO: add translations
+    showErrorToast(`Error ${event.detail.xhr.status} when calling ${event.detail.requestConfig.path}`);
+  });
+}
diff --git a/web_src/js/index-domready.ts b/web_src/js/index-domready.ts
new file mode 100644
index 0000000000..770c7fc00c
--- /dev/null
+++ b/web_src/js/index-domready.ts
@@ -0,0 +1,178 @@
+import './globals.ts';
+import '../fomantic/build/fomantic.js';
+import '../../node_modules/easymde/dist/easymde.min.css'; // TODO: lazy load in "switchToEasyMDE"
+
+import {initHtmx} from './htmx.ts';
+import {initDashboardRepoList} from './features/dashboard.ts';
+import {initGlobalCopyToClipboardListener} from './features/clipboard.ts';
+import {initContextPopups} from './features/contextpopup.ts';
+import {initRepoGraphGit} from './features/repo-graph.ts';
+import {initHeatmap} from './features/heatmap.ts';
+import {initImageDiff} from './features/imagediff.ts';
+import {initRepoMigration} from './features/repo-migration.ts';
+import {initRepoProject} from './features/repo-projects.ts';
+import {initTableSort} from './features/tablesort.ts';
+import {initAdminUserListSearchForm} from './features/admin/users.ts';
+import {initAdminConfigs} from './features/admin/config.ts';
+import {initMarkupAnchors} from './markup/anchors.ts';
+import {initNotificationCount} from './features/notification.ts';
+import {initRepoIssueContentHistory} from './features/repo-issue-content.ts';
+import {initStopwatch} from './features/stopwatch.ts';
+import {initFindFileInRepo} from './features/repo-findfile.ts';
+import {initMarkupContent} from './markup/content.ts';
+import {initRepoFileView} from './features/file-view.ts';
+import {initUserAuthOauth2, initUserCheckAppUrl} from './features/user-auth.ts';
+import {initRepoPullRequestAllowMaintainerEdit, initRepoPullRequestReview, initRepoIssueSidebarDependency, initRepoIssueFilterItemLabel} from './features/repo-issue.ts';
+import {initRepoEllipsisButton, initCommitStatuses} from './features/repo-commit.ts';
+import {initRepoTopicBar} from './features/repo-home.ts';
+import {initAdminCommon} from './features/admin/common.ts';
+import {initRepoCodeView} from './features/repo-code.ts';
+import {initSshKeyFormParser} from './features/sshkey-helper.ts';
+import {initUserSettings} from './features/user-settings.ts';
+import {initRepoActivityTopAuthorsChart, initRepoArchiveLinks} from './features/repo-common.ts';
+import {initRepoMigrationStatusChecker} from './features/repo-migrate.ts';
+import {initRepoDiffView} from './features/repo-diff.ts';
+import {initOrgTeam} from './features/org-team.ts';
+import {initUserAuthWebAuthn, initUserAuthWebAuthnRegister} from './features/user-auth-webauthn.ts';
+import {initRepoRelease, initRepoReleaseNew} from './features/repo-release.ts';
+import {initRepoEditor} from './features/repo-editor.ts';
+import {initCompSearchUserBox} from './features/comp/SearchUserBox.ts';
+import {initInstall} from './features/install.ts';
+import {initCompWebHookEditor} from './features/comp/WebHookEditor.ts';
+import {initRepoBranchButton} from './features/repo-branch.ts';
+import {initCommonOrganization} from './features/common-organization.ts';
+import {initRepoWikiForm} from './features/repo-wiki.ts';
+import {initRepository, initBranchSelectorTabs} from './features/repo-legacy.ts';
+import {initCopyContent} from './features/copycontent.ts';
+import {initCaptcha} from './features/captcha.ts';
+import {initRepositoryActionView} from './features/repo-actions.ts';
+import {initGlobalTooltips} from './modules/tippy.ts';
+import {initGiteaFomantic} from './modules/fomantic.ts';
+import {initSubmitEventPolyfill} from './utils/dom.ts';
+import {initRepoIssueList} from './features/repo-issue-list.ts';
+import {initCommonIssueListQuickGoto} from './features/common-issue-list.ts';
+import {initRepoContributors} from './features/contributors.ts';
+import {initRepoCodeFrequency} from './features/code-frequency.ts';
+import {initRepoRecentCommits} from './features/recent-commits.ts';
+import {initRepoDiffCommitBranchesAndTags} from './features/repo-diff-commit.ts';
+import {initGlobalSelectorObserver} from './modules/observer.ts';
+import {initRepositorySearch} from './features/repo-search.ts';
+import {initColorPickers} from './features/colorpicker.ts';
+import {initAdminSelfCheck} from './features/admin/selfcheck.ts';
+import {initOAuth2SettingsDisableCheckbox} from './features/oauth2-settings.ts';
+import {initGlobalFetchAction} from './features/common-fetch-action.ts';
+import {initFootLanguageMenu, initGlobalAvatarUploader, initGlobalDropdown, initGlobalInput, initGlobalTabularMenu, initHeadNavbarContentToggle} from './features/common-page.ts';
+import {initGlobalButtonClickOnEnter, initGlobalButtons, initGlobalDeleteButton} from './features/common-button.ts';
+import {initGlobalComboMarkdownEditor, initGlobalEnterQuickSubmit, initGlobalFormDirtyLeaveConfirm} from './features/common-form.ts';
+import {callInitFunctions} from './modules/init.ts';
+import {initRepoViewFileTree} from './features/repo-view-file-tree.ts';
+
+const initStartTime = performance.now();
+const initPerformanceTracer = callInitFunctions([
+  initHtmx,
+  initSubmitEventPolyfill,
+  initGiteaFomantic,
+
+  initGlobalAvatarUploader,
+  initGlobalDropdown,
+  initGlobalTabularMenu,
+  initGlobalFetchAction,
+  initGlobalTooltips,
+  initGlobalButtonClickOnEnter,
+  initGlobalButtons,
+  initGlobalCopyToClipboardListener,
+  initGlobalEnterQuickSubmit,
+  initGlobalFormDirtyLeaveConfirm,
+  initGlobalComboMarkdownEditor,
+  initGlobalDeleteButton,
+  initGlobalInput,
+
+  initCommonOrganization,
+  initCommonIssueListQuickGoto,
+
+  initCompSearchUserBox,
+  initCompWebHookEditor,
+
+  initInstall,
+
+  initHeadNavbarContentToggle,
+  initFootLanguageMenu,
+
+  initContextPopups,
+  initHeatmap,
+  initImageDiff,
+  initMarkupAnchors,
+  initMarkupContent,
+  initSshKeyFormParser,
+  initStopwatch,
+  initTableSort,
+  initFindFileInRepo,
+  initCopyContent,
+
+  initAdminCommon,
+  initAdminUserListSearchForm,
+  initAdminConfigs,
+  initAdminSelfCheck,
+
+  initDashboardRepoList,
+
+  initNotificationCount,
+
+  initOrgTeam,
+
+  initRepoActivityTopAuthorsChart,
+  initRepoArchiveLinks,
+  initRepoBranchButton,
+  initRepoCodeView,
+  initBranchSelectorTabs,
+  initRepoEllipsisButton,
+  initRepoDiffCommitBranchesAndTags,
+  initRepoEditor,
+  initRepoGraphGit,
+  initRepoIssueContentHistory,
+  initRepoIssueList,
+  initRepoIssueFilterItemLabel,
+  initRepoIssueSidebarDependency,
+  initRepoMigration,
+  initRepoMigrationStatusChecker,
+  initRepoProject,
+  initRepoPullRequestAllowMaintainerEdit,
+  initRepoPullRequestReview,
+  initRepoRelease,
+  initRepoReleaseNew,
+  initRepoTopicBar,
+  initRepoViewFileTree,
+  initRepoWikiForm,
+  initRepository,
+  initRepositoryActionView,
+  initRepositorySearch,
+  initRepoContributors,
+  initRepoCodeFrequency,
+  initRepoRecentCommits,
+
+  initCommitStatuses,
+  initCaptcha,
+
+  initUserCheckAppUrl,
+  initUserAuthOauth2,
+  initUserAuthWebAuthn,
+  initUserAuthWebAuthnRegister,
+  initUserSettings,
+  initRepoDiffView,
+  initColorPickers,
+
+  initOAuth2SettingsDisableCheckbox,
+
+  initRepoFileView,
+]);
+
+// it must be the last one, then the "querySelectorAll" only needs to be executed once for global init functions.
+initGlobalSelectorObserver(initPerformanceTracer);
+if (initPerformanceTracer) initPerformanceTracer.printResults();
+
+const initDur = performance.now() - initStartTime;
+if (initDur > 500) {
+  console.error(`slow init functions took ${initDur.toFixed(3)}ms`);
+}
+
+document.dispatchEvent(new CustomEvent('gitea:index-ready'));
diff --git a/web_src/js/index.ts b/web_src/js/index.ts
index 839a160168..af53cc488c 100644
--- a/web_src/js/index.ts
+++ b/web_src/js/index.ts
@@ -1,175 +1,23 @@
 // bootstrap module must be the first one to be imported, it handles webpack lazy-loading and global errors
 import './bootstrap.ts';
-import './htmx.ts';
-
-import {initDashboardRepoList} from './features/dashboard.ts';
-import {initGlobalCopyToClipboardListener} from './features/clipboard.ts';
-import {initContextPopups} from './features/contextpopup.ts';
-import {initRepoGraphGit} from './features/repo-graph.ts';
-import {initHeatmap} from './features/heatmap.ts';
-import {initImageDiff} from './features/imagediff.ts';
-import {initRepoMigration} from './features/repo-migration.ts';
-import {initRepoProject} from './features/repo-projects.ts';
-import {initTableSort} from './features/tablesort.ts';
-import {initAdminUserListSearchForm} from './features/admin/users.ts';
-import {initAdminConfigs} from './features/admin/config.ts';
-import {initMarkupAnchors} from './markup/anchors.ts';
-import {initNotificationCount, initNotificationsTable} from './features/notification.ts';
-import {initRepoIssueContentHistory} from './features/repo-issue-content.ts';
-import {initStopwatch} from './features/stopwatch.ts';
-import {initFindFileInRepo} from './features/repo-findfile.ts';
-import {initMarkupContent} from './markup/content.ts';
-import {initPdfViewer} from './render/pdf.ts';
-import {initUserAuthOauth2, initUserCheckAppUrl} from './features/user-auth.ts';
-import {initRepoPullRequestAllowMaintainerEdit, initRepoPullRequestReview, initRepoIssueSidebarDependency, initRepoIssueFilterItemLabel} from './features/repo-issue.ts';
-import {initRepoEllipsisButton, initCommitStatuses} from './features/repo-commit.ts';
-import {initRepoTopicBar} from './features/repo-home.ts';
-import {initAdminCommon} from './features/admin/common.ts';
-import {initRepoCodeView} from './features/repo-code.ts';
-import {initSshKeyFormParser} from './features/sshkey-helper.ts';
-import {initUserSettings} from './features/user-settings.ts';
-import {initRepoActivityTopAuthorsChart, initRepoArchiveLinks} from './features/repo-common.ts';
-import {initRepoMigrationStatusChecker} from './features/repo-migrate.ts';
-import {initRepoDiffView} from './features/repo-diff.ts';
-import {initOrgTeam} from './features/org-team.ts';
-import {initUserAuthWebAuthn, initUserAuthWebAuthnRegister} from './features/user-auth-webauthn.ts';
-import {initRepoRelease, initRepoReleaseNew} from './features/repo-release.ts';
-import {initRepoEditor} from './features/repo-editor.ts';
-import {initCompSearchUserBox} from './features/comp/SearchUserBox.ts';
-import {initInstall} from './features/install.ts';
-import {initCompWebHookEditor} from './features/comp/WebHookEditor.ts';
-import {initRepoBranchButton} from './features/repo-branch.ts';
-import {initCommonOrganization} from './features/common-organization.ts';
-import {initRepoWikiForm} from './features/repo-wiki.ts';
-import {initRepository, initBranchSelectorTabs} from './features/repo-legacy.ts';
-import {initCopyContent} from './features/copycontent.ts';
-import {initCaptcha} from './features/captcha.ts';
-import {initRepositoryActionView} from './features/repo-actions.ts';
-import {initGlobalTooltips} from './modules/tippy.ts';
-import {initGiteaFomantic} from './modules/fomantic.ts';
-import {initSubmitEventPolyfill, onDomReady} from './utils/dom.ts';
-import {initRepoIssueList} from './features/repo-issue-list.ts';
-import {initCommonIssueListQuickGoto} from './features/common-issue-list.ts';
-import {initRepoContributors} from './features/contributors.ts';
-import {initRepoCodeFrequency} from './features/code-frequency.ts';
-import {initRepoRecentCommits} from './features/recent-commits.ts';
-import {initRepoDiffCommitBranchesAndTags} from './features/repo-diff-commit.ts';
-import {initGlobalSelectorObserver} from './modules/observer.ts';
-import {initRepositorySearch} from './features/repo-search.ts';
-import {initColorPickers} from './features/colorpicker.ts';
-import {initAdminSelfCheck} from './features/admin/selfcheck.ts';
-import {initOAuth2SettingsDisableCheckbox} from './features/oauth2-settings.ts';
-import {initGlobalFetchAction} from './features/common-fetch-action.ts';
-import {initFootLanguageMenu, initGlobalDropdown, initGlobalInput, initGlobalTabularMenu, initHeadNavbarContentToggle} from './features/common-page.ts';
-import {initGlobalButtonClickOnEnter, initGlobalButtons, initGlobalDeleteButton} from './features/common-button.ts';
-import {initGlobalComboMarkdownEditor, initGlobalEnterQuickSubmit, initGlobalFormDirtyLeaveConfirm} from './features/common-form.ts';
-import {callInitFunctions} from './modules/init.ts';
-import {initRepoViewFileTree} from './features/repo-view-file-tree.ts';
-
-initGiteaFomantic();
-initSubmitEventPolyfill();
-
-onDomReady(() => {
-  const initStartTime = performance.now();
-  const initPerformanceTracer = callInitFunctions([
-    initGlobalDropdown,
-    initGlobalTabularMenu,
-    initGlobalFetchAction,
-    initGlobalTooltips,
-    initGlobalButtonClickOnEnter,
-    initGlobalButtons,
-    initGlobalCopyToClipboardListener,
-    initGlobalEnterQuickSubmit,
-    initGlobalFormDirtyLeaveConfirm,
-    initGlobalComboMarkdownEditor,
-    initGlobalDeleteButton,
-    initGlobalInput,
-
-    initCommonOrganization,
-    initCommonIssueListQuickGoto,
-
-    initCompSearchUserBox,
-    initCompWebHookEditor,
-
-    initInstall,
-
-    initHeadNavbarContentToggle,
-    initFootLanguageMenu,
-
-    initContextPopups,
-    initHeatmap,
-    initImageDiff,
-    initMarkupAnchors,
-    initMarkupContent,
-    initSshKeyFormParser,
-    initStopwatch,
-    initTableSort,
-    initFindFileInRepo,
-    initCopyContent,
-
-    initAdminCommon,
-    initAdminUserListSearchForm,
-    initAdminConfigs,
-    initAdminSelfCheck,
-
-    initDashboardRepoList,
-
-    initNotificationCount,
-    initNotificationsTable,
-
-    initOrgTeam,
-
-    initRepoActivityTopAuthorsChart,
-    initRepoArchiveLinks,
-    initRepoBranchButton,
-    initRepoCodeView,
-    initBranchSelectorTabs,
-    initRepoEllipsisButton,
-    initRepoDiffCommitBranchesAndTags,
-    initRepoEditor,
-    initRepoGraphGit,
-    initRepoIssueContentHistory,
-    initRepoIssueList,
-    initRepoIssueFilterItemLabel,
-    initRepoIssueSidebarDependency,
-    initRepoMigration,
-    initRepoMigrationStatusChecker,
-    initRepoProject,
-    initRepoPullRequestAllowMaintainerEdit,
-    initRepoPullRequestReview,
-    initRepoRelease,
-    initRepoReleaseNew,
-    initRepoTopicBar,
-    initRepoViewFileTree,
-    initRepoWikiForm,
-    initRepository,
-    initRepositoryActionView,
-    initRepositorySearch,
-    initRepoContributors,
-    initRepoCodeFrequency,
-    initRepoRecentCommits,
-
-    initCommitStatuses,
-    initCaptcha,
-
-    initUserCheckAppUrl,
-    initUserAuthOauth2,
-    initUserAuthWebAuthn,
-    initUserAuthWebAuthnRegister,
-    initUserSettings,
-    initRepoDiffView,
-    initPdfViewer,
-    initColorPickers,
-
-    initOAuth2SettingsDisableCheckbox,
-  ]);
-
-  // it must be the last one, then the "querySelectorAll" only needs to be executed once for global init functions.
-  initGlobalSelectorObserver(initPerformanceTracer);
-  if (initPerformanceTracer) initPerformanceTracer.printResults();
-
-  const initDur = performance.now() - initStartTime;
-  if (initDur > 500) {
-    console.error(`slow init functions took ${initDur.toFixed(3)}ms`);
+import './webcomponents/index.ts';
+import {onDomReady} from './utils/dom.ts';
+
+// TODO: There is a bug in htmx, it incorrectly checks "readyState === 'complete'" when the DOM tree is ready and won't trigger DOMContentLoaded
+// Then importing the htmx in our onDomReady will make htmx skip its initialization.
+// If the bug would be fixed (https://github.com/bigskysoftware/htmx/pull/3365), then we can only import htmx in "onDomReady"
+import 'htmx.org';
+
+onDomReady(async () => {
+  // when navigate before the import complete, there will be an error from webpack chunk loader:
+  // JavaScript promise rejection: Loading chunk index-domready failed.
+  try {
+    await import(/* webpackChunkName: "index-domready" */'./index-domready.ts');
+  } catch (e) {
+    if (e.name === 'ChunkLoadError') {
+      console.error('Error loading index-domready:', e);
+    } else {
+      throw e;
+    }
   }
 });
diff --git a/web_src/js/markup/anchors.ts b/web_src/js/markup/anchors.ts
index 483d72bd5b..a0d49911fe 100644
--- a/web_src/js/markup/anchors.ts
+++ b/web_src/js/markup/anchors.ts
@@ -5,21 +5,24 @@ const removePrefix = (str: string): string => str.replace(/^user-content-/, '');
 const hasPrefix = (str: string): boolean => str.startsWith('user-content-');
 
 // scroll to anchor while respecting the `user-content` prefix that exists on the target
-function scrollToAnchor(encodedId: string): void {
-  if (!encodedId) return;
-  const id = decodeURIComponent(encodedId);
-  const prefixedId = addPrefix(id);
-  let el = document.querySelector(`#${prefixedId}`);
+function scrollToAnchor(encodedId?: string): void {
+  // FIXME: need to rewrite this function with new a better markup anchor generation logic, too many tricks here
+  let elemId: string;
+  try {
+    elemId = decodeURIComponent(encodedId ?? '');
+  } catch {} // ignore the errors, since the "encodedId" is from user's input
+  if (!elemId) return;
+
+  const prefixedId = addPrefix(elemId);
+  // eslint-disable-next-line unicorn/prefer-query-selector
+  let el = document.getElementById(prefixedId);
 
   // check for matching user-generated `a[name]`
-  if (!el) {
-    el = document.querySelector(`a[name="${CSS.escape(prefixedId)}"]`);
-  }
+  el = el ?? document.querySelector(`a[name="${CSS.escape(prefixedId)}"]`);
 
   // compat for links with old 'user-content-' prefixed hashes
-  if (!el && hasPrefix(id)) {
-    return document.querySelector(`#${id}`)?.scrollIntoView();
-  }
+  // eslint-disable-next-line unicorn/prefer-query-selector
+  el = (!el && hasPrefix(elemId)) ? document.getElementById(elemId) : el;
 
   el?.scrollIntoView();
 }
diff --git a/web_src/js/markup/asciicast.ts b/web_src/js/markup/asciicast.ts
index 22dbff2d46..125bba447b 100644
--- a/web_src/js/markup/asciicast.ts
+++ b/web_src/js/markup/asciicast.ts
@@ -1,16 +1,17 @@
-export async function initMarkupRenderAsciicast(elMarkup: HTMLElement): Promise<void> {
-  const el = elMarkup.querySelector('.asciinema-player-container');
-  if (!el) return;
+import {queryElems} from '../utils/dom.ts';
 
-  const [player] = await Promise.all([
-    // @ts-expect-error: module exports no types
-    import(/* webpackChunkName: "asciinema-player" */'asciinema-player'),
-    import(/* webpackChunkName: "asciinema-player" */'asciinema-player/dist/bundle/asciinema-player.css'),
-  ]);
+export async function initMarkupRenderAsciicast(elMarkup: HTMLElement): Promise<void> {
+  queryElems(elMarkup, '.asciinema-player-container', async (el) => {
+    const [player] = await Promise.all([
+      // @ts-expect-error: module exports no types
+      import(/* webpackChunkName: "asciinema-player" */'asciinema-player'),
+      import(/* webpackChunkName: "asciinema-player" */'asciinema-player/dist/bundle/asciinema-player.css'),
+    ]);
 
-  player.create(el.getAttribute('data-asciinema-player-src'), el, {
-    // poster (a preview frame) to display until the playback is started.
-    // Set it to 1 hour (also means the end if the video is shorter) to make the preview frame show more.
-    poster: 'npt:1:0:0',
+    player.create(el.getAttribute('data-asciinema-player-src'), el, {
+      // poster (a preview frame) to display until the playback is started.
+      // Set it to 1 hour (also means the end if the video is shorter) to make the preview frame show more.
+      poster: 'npt:1:0:0',
+    });
   });
 }
diff --git a/web_src/js/markup/codecopy.ts b/web_src/js/markup/codecopy.ts
index 4430256848..b37aa3a236 100644
--- a/web_src/js/markup/codecopy.ts
+++ b/web_src/js/markup/codecopy.ts
@@ -1,4 +1,5 @@
 import {svg} from '../svg.ts';
+import {queryElems} from '../utils/dom.ts';
 
 export function makeCodeCopyButton(): HTMLButtonElement {
   const button = document.createElement('button');
@@ -8,11 +9,14 @@ export function makeCodeCopyButton(): HTMLButtonElement {
 }
 
 export function initMarkupCodeCopy(elMarkup: HTMLElement): void {
-  const el = elMarkup.querySelector('.code-block code'); // .markup .code-block code
-  if (!el || !el.textContent) return;
-
-  const btn = makeCodeCopyButton();
-  // remove final trailing newline introduced during HTML rendering
-  btn.setAttribute('data-clipboard-text', el.textContent.replace(/\r?\n$/, ''));
-  el.after(btn);
+  // .markup .code-block code
+  queryElems(elMarkup, '.code-block code', (el) => {
+    if (!el.textContent) return;
+    const btn = makeCodeCopyButton();
+    // remove final trailing newline introduced during HTML rendering
+    btn.setAttribute('data-clipboard-text', el.textContent.replace(/\r?\n$/, ''));
+    // we only want to use `.code-block-container` if it exists, no matter `.code-block` exists or not.
+    const btnContainer = el.closest('.code-block-container') ?? el.closest('.code-block');
+    btnContainer.append(btn);
+  });
 }
diff --git a/web_src/js/markup/html2markdown.ts b/web_src/js/markup/html2markdown.ts
index 8c2d2f8c86..5866d0d259 100644
--- a/web_src/js/markup/html2markdown.ts
+++ b/web_src/js/markup/html2markdown.ts
@@ -1,4 +1,4 @@
-import {htmlEscape} from 'escape-goat';
+import {html, htmlRaw} from '../utils/html.ts';
 
 type Processor = (el: HTMLElement) => string | HTMLElement | void;
 
@@ -38,10 +38,10 @@ function prepareProcessors(ctx:ProcessorContext): Processors {
     IMG(el: HTMLElement) {
       const alt = el.getAttribute('alt') || 'image';
       const src = el.getAttribute('src');
-      const widthAttr = el.hasAttribute('width') ? ` width="${htmlEscape(el.getAttribute('width') || '')}"` : '';
-      const heightAttr = el.hasAttribute('height') ? ` height="${htmlEscape(el.getAttribute('height') || '')}"` : '';
+      const widthAttr = el.hasAttribute('width') ? htmlRaw` width="${el.getAttribute('width') || ''}"` : '';
+      const heightAttr = el.hasAttribute('height') ? htmlRaw` height="${el.getAttribute('height') || ''}"` : '';
       if (widthAttr || heightAttr) {
-        return `<img alt="${htmlEscape(alt)}"${widthAttr}${heightAttr} src="${htmlEscape(src)}">`;
+        return html`<img alt="${alt}"${widthAttr}${heightAttr} src="${src}">`;
       }
       return `![${alt}](${src})`;
     },
diff --git a/web_src/js/markup/math.ts b/web_src/js/markup/math.ts
index 2a4468bf2e..bc118137a1 100644
--- a/web_src/js/markup/math.ts
+++ b/web_src/js/markup/math.ts
@@ -1,4 +1,5 @@
 import {displayError} from './common.ts';
+import {queryElems} from '../utils/dom.ts';
 
 function targetElement(el: Element): {target: Element, displayAsBlock: boolean} {
   // The target element is either the parent "code block with loading indicator", or itself
@@ -12,35 +13,35 @@ function targetElement(el: Element): {target: Element, displayAsBlock: boolean}
 }
 
 export async function initMarkupCodeMath(elMarkup: HTMLElement): Promise<void> {
-  const el = elMarkup.querySelector('code.language-math'); // .markup code.language-math'
-  if (!el) return;
+  // .markup code.language-math'
+  queryElems(elMarkup, 'code.language-math', async (el) => {
+    const [{default: katex}] = await Promise.all([
+      import(/* webpackChunkName: "katex" */'katex'),
+      import(/* webpackChunkName: "katex" */'katex/dist/katex.css'),
+    ]);
 
-  const [{default: katex}] = await Promise.all([
-    import(/* webpackChunkName: "katex" */'katex'),
-    import(/* webpackChunkName: "katex" */'katex/dist/katex.css'),
-  ]);
+    const MAX_CHARS = 1000;
+    const MAX_SIZE = 25;
+    const MAX_EXPAND = 1000;
 
-  const MAX_CHARS = 1000;
-  const MAX_SIZE = 25;
-  const MAX_EXPAND = 1000;
+    const {target, displayAsBlock} = targetElement(el);
+    if (target.hasAttribute('data-render-done')) return;
+    const source = el.textContent;
 
-  const {target, displayAsBlock} = targetElement(el);
-  if (target.hasAttribute('data-render-done')) return;
-  const source = el.textContent;
-
-  if (source.length > MAX_CHARS) {
-    displayError(target, new Error(`Math source of ${source.length} characters exceeds the maximum allowed length of ${MAX_CHARS}.`));
-    return;
-  }
-  try {
-    const tempEl = document.createElement(displayAsBlock ? 'p' : 'span');
-    katex.render(source, tempEl, {
-      maxSize: MAX_SIZE,
-      maxExpand: MAX_EXPAND,
-      displayMode: displayAsBlock, // katex: true for display (block) mode, false for inline mode
-    });
-    target.replaceWith(tempEl);
-  } catch (error) {
-    displayError(target, error);
-  }
+    if (source.length > MAX_CHARS) {
+      displayError(target, new Error(`Math source of ${source.length} characters exceeds the maximum allowed length of ${MAX_CHARS}.`));
+      return;
+    }
+    try {
+      const tempEl = document.createElement(displayAsBlock ? 'p' : 'span');
+      katex.render(source, tempEl, {
+        maxSize: MAX_SIZE,
+        maxExpand: MAX_EXPAND,
+        displayMode: displayAsBlock, // katex: true for display (block) mode, false for inline mode
+      });
+      target.replaceWith(tempEl);
+    } catch (error) {
+      displayError(target, error);
+    }
+  });
 }
diff --git a/web_src/js/markup/mermaid.ts b/web_src/js/markup/mermaid.ts
index b4bf3153ea..33d9a1ed9b 100644
--- a/web_src/js/markup/mermaid.ts
+++ b/web_src/js/markup/mermaid.ts
@@ -1,6 +1,8 @@
 import {isDarkTheme} from '../utils.ts';
 import {makeCodeCopyButton} from './codecopy.ts';
 import {displayError} from './common.ts';
+import {queryElems} from '../utils/dom.ts';
+import {html, htmlRaw} from '../utils/html.ts';
 
 const {mermaidMaxSourceCharacters} = window.config;
 
@@ -11,77 +13,77 @@ body {margin: 0; padding: 0; overflow: hidden}
 blockquote, dd, dl, figure, h1, h2, h3, h4, h5, h6, hr, p, pre {margin: 0}`;
 
 export async function initMarkupCodeMermaid(elMarkup: HTMLElement): Promise<void> {
-  const el = elMarkup.querySelector('code.language-mermaid'); // .markup code.language-mermaid
-  if (!el) return;
-
-  const {default: mermaid} = await import(/* webpackChunkName: "mermaid" */'mermaid');
-
-  mermaid.initialize({
-    startOnLoad: false,
-    theme: isDarkTheme() ? 'dark' : 'neutral',
-    securityLevel: 'strict',
-    suppressErrorRendering: true,
-  });
-
-  const pre = el.closest('pre');
-  if (pre.hasAttribute('data-render-done')) return;
-
-  const source = el.textContent;
-  if (mermaidMaxSourceCharacters >= 0 && source.length > mermaidMaxSourceCharacters) {
-    displayError(pre, new Error(`Mermaid source of ${source.length} characters exceeds the maximum allowed length of ${mermaidMaxSourceCharacters}.`));
-    return;
-  }
-
-  try {
-    await mermaid.parse(source);
-  } catch (err) {
-    displayError(pre, err);
-    return;
-  }
-
-  try {
-    // can't use bindFunctions here because we can't cross the iframe boundary. This
-    // means js-based interactions won't work but they aren't intended to work either
-    const {svg} = await mermaid.render('mermaid', source);
-
-    const iframe = document.createElement('iframe');
-    iframe.classList.add('markup-content-iframe', 'tw-invisible');
-    iframe.srcdoc = `<html><head><style>${iframeCss}</style></head><body>${svg}</body></html>`;
-
-    const mermaidBlock = document.createElement('div');
-    mermaidBlock.classList.add('mermaid-block', 'is-loading', 'tw-hidden');
-    mermaidBlock.append(iframe);
-
-    const btn = makeCodeCopyButton();
-    btn.setAttribute('data-clipboard-text', source);
-    mermaidBlock.append(btn);
-
-    const updateIframeHeight = () => {
-      const body = iframe.contentWindow?.document?.body;
-      if (body) {
-        iframe.style.height = `${body.clientHeight}px`;
-      }
-    };
-
-    iframe.addEventListener('load', () => {
-      pre.replaceWith(mermaidBlock);
-      mermaidBlock.classList.remove('tw-hidden');
-      updateIframeHeight();
-      setTimeout(() => { // avoid flash of iframe background
-        mermaidBlock.classList.remove('is-loading');
-        iframe.classList.remove('tw-invisible');
-      }, 0);
-
-      // update height when element's visibility state changes, for example when the diagram is inside
-      // a <details> + <summary> block and the <details> block becomes visible upon user interaction, it
-      // would initially set a incorrect height and the correct height is set during this callback.
-      (new IntersectionObserver(() => {
-        updateIframeHeight();
-      }, {root: document.documentElement})).observe(iframe);
+  // .markup code.language-mermaid
+  queryElems(elMarkup, 'code.language-mermaid', async (el) => {
+    const {default: mermaid} = await import(/* webpackChunkName: "mermaid" */'mermaid');
+
+    mermaid.initialize({
+      startOnLoad: false,
+      theme: isDarkTheme() ? 'dark' : 'neutral',
+      securityLevel: 'strict',
+      suppressErrorRendering: true,
     });
 
-    document.body.append(mermaidBlock);
-  } catch (err) {
-    displayError(pre, err);
-  }
+    const pre = el.closest('pre');
+    if (pre.hasAttribute('data-render-done')) return;
+
+    const source = el.textContent;
+    if (mermaidMaxSourceCharacters >= 0 && source.length > mermaidMaxSourceCharacters) {
+      displayError(pre, new Error(`Mermaid source of ${source.length} characters exceeds the maximum allowed length of ${mermaidMaxSourceCharacters}.`));
+      return;
+    }
+
+    try {
+      await mermaid.parse(source);
+    } catch (err) {
+      displayError(pre, err);
+      return;
+    }
+
+    try {
+      // can't use bindFunctions here because we can't cross the iframe boundary. This
+      // means js-based interactions won't work but they aren't intended to work either
+      const {svg} = await mermaid.render('mermaid', source);
+
+      const iframe = document.createElement('iframe');
+      iframe.classList.add('markup-content-iframe', 'tw-invisible');
+      iframe.srcdoc = html`<html><head><style>${htmlRaw(iframeCss)}</style></head><body>${htmlRaw(svg)}</body></html>`;
+
+      const mermaidBlock = document.createElement('div');
+      mermaidBlock.classList.add('mermaid-block', 'is-loading', 'tw-hidden');
+      mermaidBlock.append(iframe);
+
+      const btn = makeCodeCopyButton();
+      btn.setAttribute('data-clipboard-text', source);
+      mermaidBlock.append(btn);
+
+      const updateIframeHeight = () => {
+        const body = iframe.contentWindow?.document?.body;
+        if (body) {
+          iframe.style.height = `${body.clientHeight}px`;
+        }
+      };
+
+      iframe.addEventListener('load', () => {
+        pre.replaceWith(mermaidBlock);
+        mermaidBlock.classList.remove('tw-hidden');
+        updateIframeHeight();
+        setTimeout(() => { // avoid flash of iframe background
+          mermaidBlock.classList.remove('is-loading');
+          iframe.classList.remove('tw-invisible');
+        }, 0);
+
+        // update height when element's visibility state changes, for example when the diagram is inside
+        // a <details> + <summary> block and the <details> block becomes visible upon user interaction, it
+        // would initially set a incorrect height and the correct height is set during this callback.
+        (new IntersectionObserver(() => {
+          updateIframeHeight();
+        }, {root: document.documentElement})).observe(iframe);
+      });
+
+      document.body.append(mermaidBlock);
+    } catch (err) {
+      displayError(pre, err);
+    }
+  });
 }
diff --git a/web_src/js/modules/diff-file.test.ts b/web_src/js/modules/diff-file.test.ts
new file mode 100644
index 0000000000..f0438538a0
--- /dev/null
+++ b/web_src/js/modules/diff-file.test.ts
@@ -0,0 +1,51 @@
+import {diffTreeStoreSetViewed, reactiveDiffTreeStore} from './diff-file.ts';
+
+test('diff-tree', () => {
+  const store = reactiveDiffTreeStore({
+    'TreeRoot': {
+      'FullName': '',
+      'DisplayName': '',
+      'EntryMode': '',
+      'IsViewed': false,
+      'NameHash': '....',
+      'DiffStatus': '',
+      'FileIcon': '',
+      'Children': [
+        {
+          'FullName': 'dir1',
+          'DisplayName': 'dir1',
+          'EntryMode': 'tree',
+          'IsViewed': false,
+          'NameHash': '....',
+          'DiffStatus': '',
+          'FileIcon': '',
+          'Children': [
+            {
+              'FullName': 'dir1/test.txt',
+              'DisplayName': 'test.txt',
+              'DiffStatus': 'added',
+              'NameHash': '....',
+              'EntryMode': '',
+              'IsViewed': false,
+              'FileIcon': '',
+              'Children': null,
+            },
+          ],
+        },
+        {
+          'FullName': 'other.txt',
+          'DisplayName': 'other.txt',
+          'NameHash': '........',
+          'DiffStatus': 'added',
+          'EntryMode': '',
+          'IsViewed': false,
+          'FileIcon': '',
+          'Children': null,
+        },
+      ],
+    },
+  }, '', '');
+  diffTreeStoreSetViewed(store, 'dir1/test.txt', true);
+  expect(store.fullNameMap['dir1/test.txt'].IsViewed).toBe(true);
+  expect(store.fullNameMap['dir1'].IsViewed).toBe(true);
+});
diff --git a/web_src/js/modules/diff-file.ts b/web_src/js/modules/diff-file.ts
new file mode 100644
index 0000000000..2cec7bc6b3
--- /dev/null
+++ b/web_src/js/modules/diff-file.ts
@@ -0,0 +1,82 @@
+import {reactive} from 'vue';
+import type {Reactive} from 'vue';
+
+const {pageData} = window.config;
+
+export type DiffStatus = '' | 'added' | 'modified' | 'deleted' | 'renamed' | 'copied' | 'typechange';
+
+export type DiffTreeEntry = {
+  FullName: string,
+  DisplayName: string,
+  NameHash: string,
+  DiffStatus: DiffStatus,
+  EntryMode: string,
+  IsViewed: boolean,
+  Children: DiffTreeEntry[],
+  FileIcon: string,
+  ParentEntry?: DiffTreeEntry,
+}
+
+type DiffFileTreeData = {
+  TreeRoot: DiffTreeEntry,
+};
+
+type DiffFileTree = {
+  folderIcon: string;
+  folderOpenIcon: string;
+  diffFileTree: DiffFileTreeData;
+  fullNameMap?: Record<string, DiffTreeEntry>
+  fileTreeIsVisible: boolean;
+  selectedItem: string;
+}
+
+let diffTreeStoreReactive: Reactive<DiffFileTree>;
+export function diffTreeStore() {
+  if (!diffTreeStoreReactive) {
+    diffTreeStoreReactive = reactiveDiffTreeStore(pageData.DiffFileTree, pageData.FolderIcon, pageData.FolderOpenIcon);
+  }
+  return diffTreeStoreReactive;
+}
+
+export function diffTreeStoreSetViewed(store: Reactive<DiffFileTree>, fullName: string, viewed: boolean) {
+  const entry = store.fullNameMap[fullName];
+  if (!entry) return;
+  entry.IsViewed = viewed;
+  for (let parent = entry.ParentEntry; parent; parent = parent.ParentEntry) {
+    parent.IsViewed = isEntryViewed(parent);
+  }
+}
+
+function fillFullNameMap(map: Record<string, DiffTreeEntry>, entry: DiffTreeEntry) {
+  map[entry.FullName] = entry;
+  if (!entry.Children) return;
+  entry.IsViewed = isEntryViewed(entry);
+  for (const child of entry.Children) {
+    child.ParentEntry = entry;
+    fillFullNameMap(map, child);
+  }
+}
+
+export function reactiveDiffTreeStore(data: DiffFileTreeData, folderIcon: string, folderOpenIcon: string): Reactive<DiffFileTree> {
+  const store = reactive({
+    diffFileTree: data,
+    folderIcon,
+    folderOpenIcon,
+    fileTreeIsVisible: false,
+    selectedItem: '',
+    fullNameMap: {},
+  });
+  fillFullNameMap(store.fullNameMap, data.TreeRoot);
+  return store;
+}
+
+function isEntryViewed(entry: DiffTreeEntry): boolean {
+  if (entry.Children) {
+    let count = 0;
+    for (const child of entry.Children) {
+      if (child.IsViewed) count++;
+    }
+    return count === entry.Children.length;
+  }
+  return entry.IsViewed;
+}
diff --git a/web_src/js/modules/fomantic/base.ts b/web_src/js/modules/fomantic/base.ts
index 18f91932a9..1970941e18 100644
--- a/web_src/js/modules/fomantic/base.ts
+++ b/web_src/js/modules/fomantic/base.ts
@@ -1,9 +1,5 @@
 import $ from 'jquery';
-let ariaIdCounter = 0;
-
-export function generateAriaId() {
-  return `_aria_auto_id_${ariaIdCounter++}`;
-}
+import {generateElemId} from '../../utils/dom.ts';
 
 export function linkLabelAndInput(label: Element, input: Element) {
   const labelFor = label.getAttribute('for');
@@ -12,7 +8,7 @@ export function linkLabelAndInput(label: Element, input: Element) {
   if (inputId && !labelFor) { // missing "for"
     label.setAttribute('for', inputId);
   } else if (!inputId && !labelFor) { // missing both "id" and "for"
-    const id = generateAriaId();
+    const id = generateElemId('_aria_label_input_');
     input.setAttribute('id', id);
     label.setAttribute('for', id);
   }
diff --git a/web_src/js/modules/fomantic/dropdown.test.ts b/web_src/js/modules/fomantic/dropdown.test.ts
index 587e0bca7c..dd3497c8fc 100644
--- a/web_src/js/modules/fomantic/dropdown.test.ts
+++ b/web_src/js/modules/fomantic/dropdown.test.ts
@@ -23,7 +23,27 @@ test('hideScopedEmptyDividers-simple', () => {
 `);
 });
 
-test('hideScopedEmptyDividers-hidden1', () => {
+test('hideScopedEmptyDividers-items-all-filtered', () => {
+  const container = createElementFromHTML(`<div>
+<div class="any"></div>
+<div class="divider"></div>
+<div class="item filtered">a</div>
+<div class="item filtered">b</div>
+<div class="divider"></div>
+<div class="any"></div>
+</div>`);
+  hideScopedEmptyDividers(container);
+  expect(container.innerHTML).toEqual(`
+<div class="any"></div>
+<div class="divider hidden transition"></div>
+<div class="item filtered">a</div>
+<div class="item filtered">b</div>
+<div class="divider"></div>
+<div class="any"></div>
+`);
+});
+
+test('hideScopedEmptyDividers-hide-last', () => {
   const container = createElementFromHTML(`<div>
 <div class="item">a</div>
 <div class="divider" data-scope="b"></div>
@@ -37,7 +57,7 @@ test('hideScopedEmptyDividers-hidden1', () => {
 `);
 });
 
-test('hideScopedEmptyDividers-hidden2', () => {
+test('hideScopedEmptyDividers-scoped-items', () => {
   const container = createElementFromHTML(`<div>
 <div class="item" data-scope="">a</div>
 <div class="divider" data-scope="b"></div>
diff --git a/web_src/js/modules/fomantic/dropdown.ts b/web_src/js/modules/fomantic/dropdown.ts
index 8736e041df..2af428f24e 100644
--- a/web_src/js/modules/fomantic/dropdown.ts
+++ b/web_src/js/modules/fomantic/dropdown.ts
@@ -1,7 +1,6 @@
 import $ from 'jquery';
-import {generateAriaId} from './base.ts';
 import type {FomanticInitFunction} from '../../types.ts';
-import {queryElems} from '../../utils/dom.ts';
+import {generateElemId, queryElems} from '../../utils/dom.ts';
 
 const ariaPatchKey = '_giteaAriaPatchDropdown';
 const fomanticDropdownFn = $.fn.dropdown;
@@ -11,24 +10,34 @@ export function initAriaDropdownPatch() {
   if ($.fn.dropdown === ariaDropdownFn) throw new Error('initAriaDropdownPatch could only be called once');
   $.fn.dropdown = ariaDropdownFn;
   $.fn.fomanticExt.onResponseKeepSelectedItem = onResponseKeepSelectedItem;
+  $.fn.fomanticExt.onDropdownAfterFiltered = onDropdownAfterFiltered;
   (ariaDropdownFn as FomanticInitFunction).settings = fomanticDropdownFn.settings;
 }
 
 // the patched `$.fn.dropdown` function, it passes the arguments to Fomantic's `$.fn.dropdown` function, and:
-// * it does the one-time attaching on the first call
-// * it delegates the `onLabelCreate` to the patched `onLabelCreate` to add necessary aria attributes
+// * it does the one-time element event attaching on the first call
+// * it delegates the module internal functions like `onLabelCreate` to the patched functions to add more features.
 function ariaDropdownFn(this: any, ...args: Parameters<FomanticInitFunction>) {
   const ret = fomanticDropdownFn.apply(this, args);
 
-  // if the `$().dropdown()` call is without arguments, or it has non-string (object) argument,
-  // it means that this call will reset the dropdown internal settings, then we need to re-delegate the callbacks.
-  const needDelegate = (!args.length || typeof args[0] !== 'string');
-  for (const el of this) {
+  for (let el of this) {
+    // dropdown will replace '<select class="ui dropdown"/>' to '<div class="ui dropdown"><select (hidden)></select><div class="menu">...</div></div>'
+    // so we need to correctly find the closest '.ui.dropdown' element, it is the real fomantic dropdown module.
+    el = el.closest('.ui.dropdown');
     if (!el[ariaPatchKey]) {
-      attachInit(el);
+      // the elements don't belong to the dropdown "module" and won't be reset
+      // so we only need to initialize them once.
+      attachInitElements(el);
     }
-    if (needDelegate) {
-      delegateOne($(el));
+
+    // if the `$().dropdown()` is called without arguments, or it has non-string (object) argument,
+    // it means that such call will reset the dropdown "module" including internal settings,
+    // then we need to re-delegate the callbacks.
+    const $dropdown = $(el);
+    const dropdownModule = $dropdown.data('module-dropdown');
+    if (!dropdownModule.giteaDelegated) {
+      dropdownModule.giteaDelegated = true;
+      delegateDropdownModule($dropdown);
     }
   }
   return ret;
@@ -37,7 +46,7 @@ function ariaDropdownFn(this: any, ...args: Parameters<FomanticInitFunction>) {
 // make the item has role=option/menuitem, add an id if there wasn't one yet, make items as non-focusable
 // the elements inside the dropdown menu item should not be focusable, the focus should always be on the dropdown primary element.
 function updateMenuItem(dropdown: HTMLElement, item: HTMLElement) {
-  if (!item.id) item.id = generateAriaId();
+  if (!item.id) item.id = generateElemId('_aria_dropdown_item_');
   item.setAttribute('role', (dropdown as any)[ariaPatchKey].listItemRole);
   item.setAttribute('tabindex', '-1');
   for (const el of item.querySelectorAll('a, input, button')) el.setAttribute('tabindex', '-1');
@@ -49,7 +58,7 @@ function updateMenuItem(dropdown: HTMLElement, item: HTMLElement) {
 function updateSelectionLabel(label: HTMLElement) {
   // the "label" is like this: "<a|div class="ui label" data-value="1">the-label-name <i|svg class="delete icon"/></a>"
   if (!label.id) {
-    label.id = generateAriaId();
+    label.id = generateElemId('_aria_dropdown_label_');
   }
   label.tabIndex = -1;
 
@@ -61,37 +70,17 @@ function updateSelectionLabel(label: HTMLElement) {
   }
 }
 
-function processMenuItems($dropdown: any, dropdownCall: any) {
-  const hideEmptyDividers = dropdownCall('setting', 'hideDividers') === 'empty';
+function onDropdownAfterFiltered(this: any) {
+  const $dropdown = $(this).closest('.ui.dropdown'); // "this" can be the "ui dropdown" or "<select>"
+  const hideEmptyDividers = $dropdown.dropdown('setting', 'hideDividers') === 'empty';
   const itemsMenu = $dropdown[0].querySelector('.scrolling.menu') || $dropdown[0].querySelector('.menu');
-  if (hideEmptyDividers) hideScopedEmptyDividers(itemsMenu);
+  if (hideEmptyDividers && itemsMenu) hideScopedEmptyDividers(itemsMenu);
 }
 
 // delegate the dropdown's template functions and callback functions to add aria attributes.
-function delegateOne($dropdown: any) {
+function delegateDropdownModule($dropdown: any) {
   const dropdownCall = fomanticDropdownFn.bind($dropdown);
 
-  // If there is a "search input" in the "menu", Fomantic will only "focus the input" but not "toggle the menu" when the "dropdown icon" is clicked.
-  // Actually, Fomantic UI doesn't support such layout/usage. It needs to patch the "focusSearch" / "blurSearch" functions to make sure it toggles the menu.
-  const oldFocusSearch = dropdownCall('internal', 'focusSearch');
-  const oldBlurSearch = dropdownCall('internal', 'blurSearch');
-  // * If the "dropdown icon" is clicked, Fomantic calls "focusSearch", so show the menu
-  dropdownCall('internal', 'focusSearch', function (this: any) { dropdownCall('show'); oldFocusSearch.call(this) });
-  // * If the "dropdown icon" is clicked again when the menu is visible, Fomantic calls "blurSearch", so hide the menu
-  dropdownCall('internal', 'blurSearch', function (this: any) { oldBlurSearch.call(this); dropdownCall('hide') });
-
-  const oldFilterItems = dropdownCall('internal', 'filterItems');
-  dropdownCall('internal', 'filterItems', function (this: any, ...args: any[]) {
-    oldFilterItems.call(this, ...args);
-    processMenuItems($dropdown, dropdownCall);
-  });
-
-  const oldShow = dropdownCall('internal', 'show');
-  dropdownCall('internal', 'show', function (this: any, ...args: any[]) {
-    oldShow.call(this, ...args);
-    processMenuItems($dropdown, dropdownCall);
-  });
-
   // the "template" functions are used for dynamic creation (eg: AJAX)
   const dropdownTemplates = {...dropdownCall('setting', 'templates'), t: performance.now()};
   const dropdownTemplatesMenuOld = dropdownTemplates.menu;
@@ -137,7 +126,7 @@ function delegateOne($dropdown: any) {
 function attachStaticElements(dropdown: HTMLElement, focusable: HTMLElement, menu: HTMLElement) {
   // prepare static dropdown menu list popup
   if (!menu.id) {
-    menu.id = generateAriaId();
+    menu.id = generateElemId('_aria_dropdown_menu_');
   }
 
   $(menu).find('> .item').each((_, item) => updateMenuItem(dropdown, item));
@@ -163,9 +152,8 @@ function attachStaticElements(dropdown: HTMLElement, focusable: HTMLElement, men
   }
 }
 
-function attachInit(dropdown: HTMLElement) {
+function attachInitElements(dropdown: HTMLElement) {
   (dropdown as any)[ariaPatchKey] = {};
-  if (dropdown.classList.contains('custom')) return;
 
   // Dropdown has 2 different focusing behaviors
   // * with search input: the input is focused, and it works with aria-activedescendant pointing another sibling element.
@@ -239,12 +227,13 @@ function attachDomEvents(dropdown: HTMLElement, focusable: HTMLElement, menu: HT
   dropdown.addEventListener('keydown', (e: KeyboardEvent) => {
     // here it must use keydown event before dropdown's keyup handler, otherwise there is no Enter event in our keyup handler
     if (e.key === 'Enter') {
-      const dropdownCall = fomanticDropdownFn.bind($(dropdown));
-      let $item = dropdownCall('get item', dropdownCall('get value'));
-      if (!$item) $item = $(menu).find('> .item.selected'); // when dropdown filters items by input, there is no "value", so query the "selected" item
+      const elItem = menu.querySelector<HTMLElement>(':scope > .item.selected, .menu > .item.selected');
       // if the selected item is clickable, then trigger the click event.
       // we can not click any item without check, because Fomantic code might also handle the Enter event. that would result in double click.
-      if ($item?.[0]?.matches('a, .js-aria-clickable')) $item[0].click();
+      if (elItem?.matches('a, .js-aria-clickable') && !elItem.matches('.tw-hidden, .filtered')) {
+        e.preventDefault();
+        elItem.click();
+      }
     }
   });
 
@@ -305,9 +294,11 @@ export function hideScopedEmptyDividers(container: Element) {
   const visibleItems: Element[] = [];
   const curScopeVisibleItems: Element[] = [];
   let curScope: string = '', lastVisibleScope: string = '';
-  const isScopedDivider = (item: Element) => item.matches('.divider') && item.hasAttribute('data-scope');
+  const isDivider = (item: Element) => item.classList.contains('divider');
+  const isScopedDivider = (item: Element) => isDivider(item) && item.hasAttribute('data-scope');
   const hideDivider = (item: Element) => item.classList.add('hidden', 'transition'); // dropdown has its own classes to hide items
-
+  const showDivider = (item: Element) => item.classList.remove('hidden', 'transition');
+  const isHidden = (item: Element) => item.classList.contains('hidden') || item.classList.contains('filtered') || item.classList.contains('tw-hidden');
   const handleScopeSwitch = (itemScope: string) => {
     if (curScopeVisibleItems.length === 1 && isScopedDivider(curScopeVisibleItems[0])) {
       hideDivider(curScopeVisibleItems[0]);
@@ -323,13 +314,16 @@ export function hideScopedEmptyDividers(container: Element) {
     curScopeVisibleItems.length = 0;
   };
 
+  // reset hidden dividers
+  queryElems(container, '.divider', showDivider);
+
   // hide the scope dividers if the scope items are empty
   for (const item of container.children) {
     const itemScope = item.getAttribute('data-scope') || '';
     if (itemScope !== curScope) {
       handleScopeSwitch(itemScope);
     }
-    if (!item.classList.contains('filtered') && !item.classList.contains('tw-hidden')) {
+    if (!isHidden(item)) {
       curScopeVisibleItems.push(item as HTMLElement);
     }
   }
@@ -337,20 +331,20 @@ export function hideScopedEmptyDividers(container: Element) {
 
   // hide all leading and trailing dividers
   while (visibleItems.length) {
-    if (!visibleItems[0].matches('.divider')) break;
+    if (!isDivider(visibleItems[0])) break;
     hideDivider(visibleItems[0]);
     visibleItems.shift();
   }
   while (visibleItems.length) {
-    if (!visibleItems[visibleItems.length - 1].matches('.divider')) break;
+    if (!isDivider(visibleItems[visibleItems.length - 1])) break;
     hideDivider(visibleItems[visibleItems.length - 1]);
     visibleItems.pop();
   }
   // hide all duplicate dividers, hide current divider if next sibling is still divider
   // no need to update "visibleItems" array since this is the last loop
-  for (const item of visibleItems) {
-    if (!item.matches('.divider')) continue;
-    if (item.nextElementSibling?.matches('.divider')) hideDivider(item);
+  for (let i = 0; i < visibleItems.length - 1; i++) {
+    if (!visibleItems[i].matches('.divider')) continue;
+    if (visibleItems[i + 1].matches('.divider')) hideDivider(visibleItems[i]);
   }
 }
 
diff --git a/web_src/js/modules/fomantic/modal.ts b/web_src/js/modules/fomantic/modal.ts
index 6a2c558890..a96c7785e1 100644
--- a/web_src/js/modules/fomantic/modal.ts
+++ b/web_src/js/modules/fomantic/modal.ts
@@ -1,5 +1,7 @@
 import $ from 'jquery';
 import type {FomanticInitFunction} from '../../types.ts';
+import {queryElems} from '../../utils/dom.ts';
+import {hideToastsFrom} from '../toast.ts';
 
 const fomanticModalFn = $.fn.modal;
 
@@ -8,6 +10,8 @@ export function initAriaModalPatch() {
   if ($.fn.modal === ariaModalFn) throw new Error('initAriaModalPatch could only be called once');
   $.fn.modal = ariaModalFn;
   (ariaModalFn as FomanticInitFunction).settings = fomanticModalFn.settings;
+  $.fn.fomanticExt.onModalBeforeHidden = onModalBeforeHidden;
+  $.fn.modal.settings.onApprove = onModalApproveDefault;
 }
 
 // the patched `$.fn.modal` modal function
@@ -27,3 +31,33 @@ function ariaModalFn(this: any, ...args: Parameters<FomanticInitFunction>) {
   }
   return ret;
 }
+
+function onModalBeforeHidden(this: any) {
+  const $modal = $(this);
+  const elModal = $modal[0];
+  hideToastsFrom(elModal.closest('.ui.dimmer') ?? document.body);
+
+  // reset the form after the modal is hidden, after other modal events and handlers (e.g. "onApprove", form submit)
+  setTimeout(() => {
+    queryElems(elModal, 'form', (form: HTMLFormElement) => form.reset());
+  }, 0);
+}
+
+function onModalApproveDefault(this: any) {
+  const $modal = $(this);
+  const selectors = $modal.modal('setting', 'selector');
+  const elModal = $modal[0];
+  const elApprove = elModal.querySelector(selectors.approve);
+  const elForm = elApprove?.closest('form');
+  if (!elForm) return true; // no form, just allow closing the modal
+
+  // "form-fetch-action" can handle network errors gracefully,
+  // so keep the modal dialog to make users can re-submit the form if anything wrong happens.
+  if (elForm.matches('.form-fetch-action')) return false;
+
+  // There is an abuse for the "modal" + "form" combination, the "Approve" button is a traditional form submit button in the form.
+  // Then "approve" and "submit" occur at the same time, the modal will be closed immediately before the form is submitted.
+  // So here we prevent the modal from closing automatically by returning false, add the "is-loading" class to the form element.
+  elForm.classList.add('is-loading');
+  return false;
+}
diff --git a/web_src/js/modules/observer.ts b/web_src/js/modules/observer.ts
index 06208d0507..3305c2f29d 100644
--- a/web_src/js/modules/observer.ts
+++ b/web_src/js/modules/observer.ts
@@ -46,9 +46,11 @@ function callGlobalInitFunc(el: HTMLElement) {
   const func = globalInitFuncs[initFunc];
   if (!func) throw new Error(`Global init function "${initFunc}" not found`);
 
+  // when an element node is removed and added again, it should not be re-initialized again.
   type GiteaGlobalInitElement = Partial<HTMLElement> & {_giteaGlobalInited: boolean};
-  if ((el as GiteaGlobalInitElement)._giteaGlobalInited) throw new Error(`Global init function "${initFunc}" already executed`);
+  if ((el as GiteaGlobalInitElement)._giteaGlobalInited) return;
   (el as GiteaGlobalInitElement)._giteaGlobalInited = true;
+
   func(el);
 }
 
diff --git a/web_src/js/modules/stores.ts b/web_src/js/modules/stores.ts
deleted file mode 100644
index 65da1e044a..0000000000
--- a/web_src/js/modules/stores.ts
+++ /dev/null
@@ -1,16 +0,0 @@
-import {reactive} from 'vue';
-import type {Reactive} from 'vue';
-
-const {pageData} = window.config;
-
-let diffTreeStoreReactive: Reactive<Record<string, any>>;
-export function diffTreeStore() {
-  if (!diffTreeStoreReactive) {
-    diffTreeStoreReactive = reactive({
-      files: pageData.DiffFiles,
-      fileTreeIsVisible: false,
-      selectedItem: '',
-    });
-  }
-  return diffTreeStoreReactive;
-}
diff --git a/web_src/js/modules/tippy.ts b/web_src/js/modules/tippy.ts
index af715f48b9..2a1d998d76 100644
--- a/web_src/js/modules/tippy.ts
+++ b/web_src/js/modules/tippy.ts
@@ -2,6 +2,7 @@ import tippy, {followCursor} from 'tippy.js';
 import {isDocumentFragmentOrElementNode} from '../utils/dom.ts';
 import {formatDatetime} from '../utils/time.ts';
 import type {Content, Instance, Placement, Props} from 'tippy.js';
+import {html} from '../utils/html.ts';
 
 type TippyOpts = {
   role?: string,
@@ -9,7 +10,7 @@ type TippyOpts = {
 } & Partial<Props>;
 
 const visibleInstances = new Set<Instance>();
-const arrowSvg = `<svg width="16" height="7"><path d="m0 7 8-7 8 7Z" class="tippy-svg-arrow-outer"/><path d="m0 8 8-7 8 7Z" class="tippy-svg-arrow-inner"/></svg>`;
+const arrowSvg = html`<svg width="16" height="7"><path d="m0 7 8-7 8 7Z" class="tippy-svg-arrow-outer"/><path d="m0 8 8-7 8 7Z" class="tippy-svg-arrow-inner"/></svg>`;
 
 export function createTippy(target: Element, opts: TippyOpts = {}): Instance {
   // the callback functions should be destructured from opts,
@@ -40,6 +41,7 @@ export function createTippy(target: Element, opts: TippyOpts = {}): Instance {
         }
       }
       visibleInstances.add(instance);
+      target.setAttribute('aria-controls', instance.popper.id);
       return onShow?.(instance);
     },
     arrow: arrow ?? (theme === 'bare' ? false : arrowSvg),
@@ -180,13 +182,25 @@ export function initGlobalTooltips(): void {
 }
 
 export function showTemporaryTooltip(target: Element, content: Content): void {
-  // if the target is inside a dropdown, the menu will be hidden soon
-  // so display the tooltip on the dropdown instead
-  target = target.closest('.ui.dropdown') || target;
-  const tippy = target._tippy ?? attachTooltip(target, content);
-  tippy.setContent(content);
-  if (!tippy.state.isShown) tippy.show();
-  tippy.setProps({
+  // if the target is inside a dropdown or tippy popup, the menu will be hidden soon
+  // so display the tooltip on the "aria-controls" element or dropdown instead
+  let refClientRect: DOMRect;
+  const popupTippyId = target.closest(`[data-tippy-root]`)?.id;
+  if (popupTippyId) {
+    // for example, the "Copy Permalink" button in the "File View" page for the selected lines
+    target = document.body;
+    refClientRect = document.querySelector(`[aria-controls="${CSS.escape(popupTippyId)}"]`)?.getBoundingClientRect();
+    refClientRect = refClientRect ?? new DOMRect(0, 0, 0, 0); // fallback to empty rect if not found, tippy doesn't accept null
+  } else {
+    // for example, the "Copy Link" button in the issue header dropdown menu
+    target = target.closest('.ui.dropdown') ?? target;
+    refClientRect = target.getBoundingClientRect();
+  }
+  const tooltipTippy = target._tippy ?? attachTooltip(target, content);
+  tooltipTippy.setContent(content);
+  tooltipTippy.setProps({getReferenceClientRect: () => refClientRect});
+  if (!tooltipTippy.state.isShown) tooltipTippy.show();
+  tooltipTippy.setProps({
     onHidden: (tippy) => {
       // reset the default tooltip content, if no default, then this temporary tooltip could be destroyed
       if (!attachTooltip(target)) {
diff --git a/web_src/js/modules/toast.ts b/web_src/js/modules/toast.ts
index 36e2321743..c28fe746b0 100644
--- a/web_src/js/modules/toast.ts
+++ b/web_src/js/modules/toast.ts
@@ -1,6 +1,6 @@
-import {htmlEscape} from 'escape-goat';
+import {htmlEscape} from '../utils/html.ts';
 import {svg} from '../svg.ts';
-import {animateOnce, showElem} from '../utils/dom.ts';
+import {animateOnce, queryElems, showElem} from '../utils/dom.ts';
 import Toastify from 'toastify-js'; // don't use "async import", because when network error occurs, the "async import" also fails and nothing is shown
 import type {Intent} from '../types.ts';
 import type {SvgName} from '../svg.ts';
@@ -37,17 +37,20 @@ const levels: ToastLevels = {
 
 type ToastOpts = {
   useHtmlBody?: boolean,
-  preventDuplicates?: boolean,
+  preventDuplicates?: boolean | string,
 } & Options;
 
-// See https://github.com/apvarun/toastify-js#api for options
+type ToastifyElement = HTMLElement & {_giteaToastifyInstance?: Toast };
+
+/** See https://github.com/apvarun/toastify-js#api for options */
 function showToast(message: string, level: Intent, {gravity, position, duration, useHtmlBody, preventDuplicates = true, ...other}: ToastOpts = {}): Toast {
-  const body = useHtmlBody ? String(message) : htmlEscape(message);
-  const key = `${level}-${body}`;
+  const body = useHtmlBody ? message : htmlEscape(message);
+  const parent = document.querySelector('.ui.dimmer.active') ?? document.body;
+  const duplicateKey = preventDuplicates ? (preventDuplicates === true ? `${level}-${body}` : preventDuplicates) : '';
 
-  // prevent showing duplicate toasts with same level and message, and give a visual feedback for end users
+  // prevent showing duplicate toasts with the same level and message, and give visual feedback for end users
   if (preventDuplicates) {
-    const toastEl = document.querySelector(`.toastify[data-toast-unique-key="${CSS.escape(key)}"]`);
+    const toastEl = parent.querySelector(`:scope > .toastify.on[data-toast-unique-key="${CSS.escape(duplicateKey)}"]`);
     if (toastEl) {
       const toastDupNumEl = toastEl.querySelector('.toast-duplicate-number');
       showElem(toastDupNumEl);
@@ -59,6 +62,7 @@ function showToast(message: string, level: Intent, {gravity, position, duration,
 
   const {icon, background, duration: levelDuration} = levels[level ?? 'info'];
   const toast = Toastify({
+    selector: parent,
     text: `
       <div class='toast-icon'>${svg(icon)}</div>
       <div class='toast-body'><span class="toast-duplicate-number tw-hidden">1</span>${body}</div>
@@ -74,7 +78,8 @@ function showToast(message: string, level: Intent, {gravity, position, duration,
 
   toast.showToast();
   toast.toastElement.querySelector('.toast-close').addEventListener('click', () => toast.hideToast());
-  toast.toastElement.setAttribute('data-toast-unique-key', key);
+  toast.toastElement.setAttribute('data-toast-unique-key', duplicateKey);
+  (toast.toastElement as ToastifyElement)._giteaToastifyInstance = toast;
   return toast;
 }
 
@@ -89,3 +94,15 @@ export function showWarningToast(message: string, opts?: ToastOpts): Toast {
 export function showErrorToast(message: string, opts?: ToastOpts): Toast {
   return showToast(message, 'error', opts);
 }
+
+function hideToastByElement(el: Element): void {
+  (el as ToastifyElement)?._giteaToastifyInstance?.hideToast();
+}
+
+export function hideToastsFrom(parent: Element): void {
+  queryElems(parent, ':scope > .toastify.on', hideToastByElement);
+}
+
+export function hideToastsAll(): void {
+  queryElems(document, '.toastify.on', hideToastByElement);
+}
diff --git a/web_src/js/render/pdf.ts b/web_src/js/render/pdf.ts
deleted file mode 100644
index 283b4ed85c..0000000000
--- a/web_src/js/render/pdf.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-import {htmlEscape} from 'escape-goat';
-import {registerGlobalInitFunc} from '../modules/observer.ts';
-
-export async function initPdfViewer() {
-  registerGlobalInitFunc('initPdfViewer', async (el: HTMLInputElement) => {
-    const pdfobject = await import(/* webpackChunkName: "pdfobject" */'pdfobject');
-
-    const src = el.getAttribute('data-src');
-    const fallbackText = el.getAttribute('data-fallback-button-text');
-    pdfobject.embed(src, el, {
-      fallbackLink: htmlEscape`
-        <a role="button" class="ui basic button pdf-fallback-button" href="[url]">${fallbackText}</a>
-      `,
-    });
-    el.classList.remove('is-loading');
-  });
-}
diff --git a/web_src/js/render/plugin.ts b/web_src/js/render/plugin.ts
new file mode 100644
index 0000000000..a8dd0a7c05
--- /dev/null
+++ b/web_src/js/render/plugin.ts
@@ -0,0 +1,10 @@
+export type FileRenderPlugin = {
+  // unique plugin name
+  name: string;
+
+  // test if plugin can handle a specified file
+  canHandle: (filename: string, mimeType: string) => boolean;
+
+  // render file content
+  render: (container: HTMLElement, fileUrl: string, options?: any) => Promise<void>;
+}
diff --git a/web_src/js/render/plugins/3d-viewer.ts b/web_src/js/render/plugins/3d-viewer.ts
new file mode 100644
index 0000000000..6f3ee15d26
--- /dev/null
+++ b/web_src/js/render/plugins/3d-viewer.ts
@@ -0,0 +1,59 @@
+import type {FileRenderPlugin} from '../plugin.ts';
+import {extname} from '../../utils.ts';
+
+// support common 3D model file formats, use online-3d-viewer library for rendering
+
+/* a simple text STL file example:
+solid SimpleTriangle
+  facet normal 0 0 1
+    outer loop
+      vertex 0 0 0
+      vertex 1 0 0
+      vertex 0 1 0
+    endloop
+  endfacet
+endsolid SimpleTriangle
+*/
+
+export function newRenderPlugin3DViewer(): FileRenderPlugin {
+  // Some extensions are text-based formats:
+  // .3mf .amf .brep: XML
+  // .fbx: XML or BINARY
+  // .dae .gltf: JSON
+  // .ifc, .igs, .iges, .stp, .step are: TEXT
+  // .stl .ply: TEXT or BINARY
+  // .obj .off .wrl: TEXT
+  // So we need to be able to render when the file is recognized as plaintext file by backend.
+  //
+  // It needs more logic to make it overall right (render a text 3D model automatically):
+  // we need to distinguish the ambiguous filename extensions.
+  // For example: "*.obj, *.off, *.step" might be or not be a 3D model file.
+  // So when it is a text file, we can't assume that "we only render it by 3D plugin",
+  // otherwise the end users would be impossible to view its real content when the file is not a 3D model.
+  const SUPPORTED_EXTENSIONS = [
+    '.3dm', '.3ds', '.3mf', '.amf', '.bim', '.brep',
+    '.dae', '.fbx', '.fcstd', '.glb', '.gltf',
+    '.ifc', '.igs', '.iges', '.stp', '.step',
+    '.stl', '.obj', '.off', '.ply', '.wrl',
+  ];
+
+  return {
+    name: '3d-model-viewer',
+
+    canHandle(filename: string, _mimeType: string): boolean {
+      const ext = extname(filename).toLowerCase();
+      return SUPPORTED_EXTENSIONS.includes(ext);
+    },
+
+    async render(container: HTMLElement, fileUrl: string): Promise<void> {
+      // TODO: height and/or max-height?
+      const OV = await import(/* webpackChunkName: "online-3d-viewer" */'online-3d-viewer');
+      const viewer = new OV.EmbeddedViewer(container, {
+        backgroundColor: new OV.RGBAColor(59, 68, 76, 0),
+        defaultColor: new OV.RGBColor(65, 131, 196),
+        edgeSettings: new OV.EdgeSettings(false, new OV.RGBColor(0, 0, 0), 1),
+      });
+      viewer.LoadModelFromUrlList([fileUrl]);
+    },
+  };
+}
diff --git a/web_src/js/render/plugins/pdf-viewer.ts b/web_src/js/render/plugins/pdf-viewer.ts
new file mode 100644
index 0000000000..40623be055
--- /dev/null
+++ b/web_src/js/render/plugins/pdf-viewer.ts
@@ -0,0 +1,20 @@
+import type {FileRenderPlugin} from '../plugin.ts';
+
+export function newRenderPluginPdfViewer(): FileRenderPlugin {
+  return {
+    name: 'pdf-viewer',
+
+    canHandle(filename: string, _mimeType: string): boolean {
+      return filename.toLowerCase().endsWith('.pdf');
+    },
+
+    async render(container: HTMLElement, fileUrl: string): Promise<void> {
+      const PDFObject = await import(/* webpackChunkName: "pdfobject" */'pdfobject');
+      // TODO: the PDFObject library does not support dynamic height adjustment,
+      container.style.height = `${window.innerHeight - 100}px`;
+      if (!PDFObject.default.embed(fileUrl, container)) {
+        throw new Error('Unable to render the PDF file');
+      }
+    },
+  };
+}
diff --git a/web_src/js/standalone/devtest.ts b/web_src/js/standalone/devtest.ts
index e6baf6c9ce..faa38dc467 100644
--- a/web_src/js/standalone/devtest.ts
+++ b/web_src/js/standalone/devtest.ts
@@ -11,4 +11,5 @@ function initDevtestToast() {
   }
 }
 
+// NOTICE: keep in mind that this file is not in "index.js", they do not share the same module system.
 initDevtestToast();
diff --git a/web_src/js/svg.ts b/web_src/js/svg.ts
index 7b377e1ab4..50c9536f37 100644
--- a/web_src/js/svg.ts
+++ b/web_src/js/svg.ts
@@ -1,5 +1,6 @@
 import {defineComponent, h, type PropType} from 'vue';
 import {parseDom, serializeXml} from './utils.ts';
+import {html, htmlRaw} from './utils/html.ts';
 import giteaDoubleChevronLeft from '../../public/assets/img/svg/gitea-double-chevron-left.svg';
 import giteaDoubleChevronRight from '../../public/assets/img/svg/gitea-double-chevron-right.svg';
 import giteaEmptyCheckbox from '../../public/assets/img/svg/gitea-empty-checkbox.svg';
@@ -220,7 +221,7 @@ export const SvgIcon = defineComponent({
     const classes = Array.from(svgOuter.classList);
     if (this.symbolId) {
       classes.push('tw-hidden', 'svg-symbol-container');
-      svgInnerHtml = `<symbol id="${this.symbolId}" viewBox="${attrs['^viewBox']}">${svgInnerHtml}</symbol>`;
+      svgInnerHtml = html`<symbol id="${this.symbolId}" viewBox="${attrs['^viewBox']}">${htmlRaw(svgInnerHtml)}</symbol>`;
     }
     // create VNode
     return h('svg', {
diff --git a/web_src/js/utils.ts b/web_src/js/utils.ts
index b825a9339d..5e2f4d5106 100644
--- a/web_src/js/utils.ts
+++ b/web_src/js/utils.ts
@@ -1,19 +1,20 @@
 import {decode, encode} from 'uint8-to-base64';
 import type {IssuePageInfo, IssuePathInfo, RepoOwnerPathInfo} from './types.ts';
+import {toggleElemClass, toggleElem} from './utils/dom.ts';
 
-// transform /path/to/file.ext to /path/to
+/** transform /path/to/file.ext to /path/to */
 export function dirname(path: string): string {
   const lastSlashIndex = path.lastIndexOf('/');
   return lastSlashIndex < 0 ? '' : path.substring(0, lastSlashIndex);
 }
 
-// transform /path/to/file.ext to file.ext
+/** transform /path/to/file.ext to file.ext */
 export function basename(path: string): string {
   const lastSlashIndex = path.lastIndexOf('/');
   return lastSlashIndex < 0 ? path : path.substring(lastSlashIndex + 1);
 }
 
-// transform /path/to/file.ext to .ext
+/** transform /path/to/file.ext to .ext */
 export function extname(path: string): string {
   const lastSlashIndex = path.lastIndexOf('/');
   const lastPointIndex = path.lastIndexOf('.');
@@ -21,18 +22,18 @@ export function extname(path: string): string {
   return lastPointIndex < 0 ? '' : path.substring(lastPointIndex);
 }
 
-// test whether a variable is an object
+/** test whether a variable is an object */
 export function isObject(obj: any): boolean {
   return Object.prototype.toString.call(obj) === '[object Object]';
 }
 
-// returns whether a dark theme is enabled
+/** returns whether a dark theme is enabled */
 export function isDarkTheme(): boolean {
   const style = window.getComputedStyle(document.documentElement);
   return style.getPropertyValue('--is-dark-theme').trim().toLowerCase() === 'true';
 }
 
-// strip <tags> from a string
+/** strip <tags> from a string */
 export function stripTags(text: string): string {
   return text.replace(/<[^>]*>?/g, '');
 }
@@ -61,27 +62,27 @@ export function parseIssuePageInfo(): IssuePageInfo {
   };
 }
 
-// parse a URL, either relative '/path' or absolute 'https://localhost/path'
+/** parse a URL, either relative '/path' or absolute 'https://localhost/path' */
 export function parseUrl(str: string): URL {
   return new URL(str, str.startsWith('http') ? undefined : window.location.origin);
 }
 
-// return current locale chosen by user
+/** return current locale chosen by user */
 export function getCurrentLocale(): string {
   return document.documentElement.lang;
 }
 
-// given a month (0-11), returns it in the documents language
+/** given a month (0-11), returns it in the documents language */
 export function translateMonth(month: number) {
   return new Date(Date.UTC(2022, month, 12)).toLocaleString(getCurrentLocale(), {month: 'short', timeZone: 'UTC'});
 }
 
-// given a weekday (0-6, Sunday to Saturday), returns it in the documents language
+/** given a weekday (0-6, Sunday to Saturday), returns it in the documents language */
 export function translateDay(day: number) {
   return new Date(Date.UTC(2022, 7, day)).toLocaleString(getCurrentLocale(), {weekday: 'short', timeZone: 'UTC'});
 }
 
-// convert a Blob to a DataURI
+/** convert a Blob to a DataURI */
 export function blobToDataURI(blob: Blob): Promise<string> {
   return new Promise((resolve, reject) => {
     try {
@@ -99,7 +100,7 @@ export function blobToDataURI(blob: Blob): Promise<string> {
   });
 }
 
-// convert image Blob to another mime-type format.
+/** convert image Blob to another mime-type format. */
 export function convertImage(blob: Blob, mime: string): Promise<Blob> {
   return new Promise(async (resolve, reject) => {
     try {
@@ -142,7 +143,7 @@ export function toAbsoluteUrl(url: string): string {
   return `${window.location.origin}${url}`;
 }
 
-// Encode an Uint8Array into a URLEncoded base64 string.
+/** Encode an Uint8Array into a URLEncoded base64 string. */
 export function encodeURLEncodedBase64(uint8Array: Uint8Array): string {
   return encode(uint8Array)
     .replace(/\+/g, '-')
@@ -150,7 +151,7 @@ export function encodeURLEncodedBase64(uint8Array: Uint8Array): string {
     .replace(/=/g, '');
 }
 
-// Decode a URLEncoded base64 to an Uint8Array.
+/** Decode a URLEncoded base64 to an Uint8Array. */
 export function decodeURLEncodedBase64(base64url: string): Uint8Array {
   return decode(base64url
     .replace(/_/g, '/')
@@ -179,3 +180,24 @@ export function isImageFile({name, type}: {name?: string, type?: string}): boole
 export function isVideoFile({name, type}: {name?: string, type?: string}): boolean {
   return /\.(mpe?g|mp4|mkv|webm)$/i.test(name || '') || type?.startsWith('video/');
 }
+
+export function toggleFullScreen(fullscreenElementsSelector: string, isFullScreen: boolean, sourceParentSelector?: string): void {
+  // hide other elements
+  const headerEl = document.querySelector('#navbar');
+  const contentEl = document.querySelector('.page-content');
+  const footerEl = document.querySelector('.page-footer');
+  toggleElem(headerEl, !isFullScreen);
+  toggleElem(contentEl, !isFullScreen);
+  toggleElem(footerEl, !isFullScreen);
+
+  const sourceParentEl = sourceParentSelector ? document.querySelector(sourceParentSelector) : contentEl;
+
+  const fullScreenEl = document.querySelector(fullscreenElementsSelector);
+  const outerEl = document.querySelector('.full.height');
+  toggleElemClass(fullscreenElementsSelector, 'fullscreen', isFullScreen);
+  if (isFullScreen) {
+    outerEl.append(fullScreenEl);
+  } else {
+    sourceParentEl.append(fullScreenEl);
+  }
+}
diff --git a/web_src/js/utils/color.ts b/web_src/js/utils/color.ts
index a0409353d2..57c909b8a0 100644
--- a/web_src/js/utils/color.ts
+++ b/web_src/js/utils/color.ts
@@ -1,7 +1,7 @@
 import tinycolor from 'tinycolor2';
 import type {ColorInput} from 'tinycolor2';
 
-// Returns relative luminance for a SRGB color - https://en.wikipedia.org/wiki/Relative_luminance
+/** Returns relative luminance for a SRGB color - https://en.wikipedia.org/wiki/Relative_luminance */
 // Keep this in sync with modules/util/color.go
 function getRelativeLuminance(color: ColorInput): number {
   const {r, g, b} = tinycolor(color).toRgb();
@@ -12,8 +12,9 @@ function useLightText(backgroundColor: ColorInput): boolean {
   return getRelativeLuminance(backgroundColor) < 0.453;
 }
 
-// Given a background color, returns a black or white foreground color that the highest
-// contrast ratio. In the future, the APCA contrast function, or CSS `contrast-color` will be better.
+/** Given a background color, returns a black or white foreground color that the highest
+ *  contrast ratio. */
+// In the future, the APCA contrast function, or CSS `contrast-color` will be better.
 // https://github.com/color-js/color.js/blob/eb7b53f7a13bb716ec8b28c7a56f052cd599acd9/src/contrast/APCA.js#L42
 export function contrastColor(backgroundColor: ColorInput): string {
   return useLightText(backgroundColor) ? '#fff' : '#000';
diff --git a/web_src/js/utils/dom.test.ts b/web_src/js/utils/dom.test.ts
index 6e71596850..057ea9808c 100644
--- a/web_src/js/utils/dom.test.ts
+++ b/web_src/js/utils/dom.test.ts
@@ -1,4 +1,10 @@
-import {createElementFromAttrs, createElementFromHTML, queryElemChildren, querySingleVisibleElem} from './dom.ts';
+import {
+  createElementFromAttrs,
+  createElementFromHTML,
+  queryElemChildren,
+  querySingleVisibleElem,
+  toggleElem,
+} from './dom.ts';
 
 test('createElementFromHTML', () => {
   expect(createElementFromHTML('<a>foo<span>bar</span></a>').outerHTML).toEqual('<a>foo<span>bar</span></a>');
@@ -19,10 +25,14 @@ test('createElementFromAttrs', () => {
 });
 
 test('querySingleVisibleElem', () => {
-  let el = createElementFromHTML('<div><span>foo</span></div>');
+  let el = createElementFromHTML('<div></div>');
+  expect(querySingleVisibleElem(el, 'span')).toBeNull();
+  el = createElementFromHTML('<div><span>foo</span></div>');
   expect(querySingleVisibleElem(el, 'span').textContent).toEqual('foo');
   el = createElementFromHTML('<div><span style="display: none;">foo</span><span>bar</span></div>');
   expect(querySingleVisibleElem(el, 'span').textContent).toEqual('bar');
+  el = createElementFromHTML('<div><span class="some-class tw-hidden">foo</span><span>bar</span></div>');
+  expect(querySingleVisibleElem(el, 'span').textContent).toEqual('bar');
   el = createElementFromHTML('<div><span>foo</span><span>bar</span></div>');
   expect(() => querySingleVisibleElem(el, 'span')).toThrowError('Expected exactly one visible element');
 });
@@ -32,3 +42,13 @@ test('queryElemChildren', () => {
   const children = queryElemChildren(el, '.a');
   expect(children.length).toEqual(1);
 });
+
+test('toggleElem', () => {
+  const el = createElementFromHTML('<p><div>a</div><div class="tw-hidden">b</div></p>');
+  toggleElem(el.children);
+  expect(el.outerHTML).toEqual('<p><div class="tw-hidden">a</div><div class="">b</div></p>');
+  toggleElem(el.children, false);
+  expect(el.outerHTML).toEqual('<p><div class="tw-hidden">a</div><div class="tw-hidden">b</div></p>');
+  toggleElem(el.children, true);
+  expect(el.outerHTML).toEqual('<p><div class="">a</div><div class="">b</div></p>');
+});
diff --git a/web_src/js/utils/dom.ts b/web_src/js/utils/dom.ts
index 4d15784e6e..8b7219c678 100644
--- a/web_src/js/utils/dom.ts
+++ b/web_src/js/utils/dom.ts
@@ -9,55 +9,50 @@ type ElementsCallback<T extends Element> = (el: T) => Promisable<any>;
 type ElementsCallbackWithArgs = (el: Element, ...args: any[]) => Promisable<any>;
 export type DOMEvent<E extends Event, T extends Element = HTMLElement> = E & { target: Partial<T>; };
 
-function elementsCall(el: ElementArg, func: ElementsCallbackWithArgs, ...args: any[]) {
+function elementsCall(el: ElementArg, func: ElementsCallbackWithArgs, ...args: any[]): ArrayLikeIterable<Element> {
   if (typeof el === 'string' || el instanceof String) {
     el = document.querySelectorAll(el as string);
   }
   if (el instanceof Node) {
     func(el, ...args);
+    return [el];
   } else if (el.length !== undefined) {
     // this works for: NodeList, HTMLCollection, Array, jQuery
-    for (const e of (el as ArrayLikeIterable<Element>)) {
-      func(e, ...args);
-    }
-  } else {
-    throw new Error('invalid argument to be shown/hidden');
+    const elems = el as ArrayLikeIterable<Element>;
+    for (const elem of elems) func(elem, ...args);
+    return elems;
   }
+  throw new Error('invalid argument to be shown/hidden');
+}
+
+export function toggleElemClass(el: ElementArg, className: string, force?: boolean): ArrayLikeIterable<Element> {
+  return elementsCall(el, (e: Element) => {
+    if (force === true) {
+      e.classList.add(className);
+    } else if (force === false) {
+      e.classList.remove(className);
+    } else if (force === undefined) {
+      e.classList.toggle(className);
+    } else {
+      throw new Error('invalid force argument');
+    }
+  });
 }
 
 /**
- * @param el Element
+ * @param el ElementArg
  * @param force force=true to show or force=false to hide, undefined to toggle
  */
-function toggleShown(el: Element, force: boolean) {
-  if (force === true) {
-    el.classList.remove('tw-hidden');
-  } else if (force === false) {
-    el.classList.add('tw-hidden');
-  } else if (force === undefined) {
-    el.classList.toggle('tw-hidden');
-  } else {
-    throw new Error('invalid force argument');
-  }
-}
-
-export function showElem(el: ElementArg) {
-  elementsCall(el, toggleShown, true);
-}
-
-export function hideElem(el: ElementArg) {
-  elementsCall(el, toggleShown, false);
+export function toggleElem(el: ElementArg, force?: boolean): ArrayLikeIterable<Element> {
+  return toggleElemClass(el, 'tw-hidden', force === undefined ? force : !force);
 }
 
-export function toggleElem(el: ElementArg, force?: boolean) {
-  elementsCall(el, toggleShown, force);
+export function showElem(el: ElementArg): ArrayLikeIterable<Element> {
+  return toggleElem(el, true);
 }
 
-export function isElemHidden(el: ElementArg) {
-  const res: boolean[] = [];
-  elementsCall(el, (e) => res.push(e.classList.contains('tw-hidden')));
-  if (res.length > 1) throw new Error(`isElemHidden doesn't work for multiple elements`);
-  return res[0];
+export function hideElem(el: ElementArg): ArrayLikeIterable<Element> {
+  return toggleElem(el, false);
 }
 
 function applyElemsCallback<T extends Element>(elems: ArrayLikeIterable<T>, fn?: ElementsCallback<T>): ArrayLikeIterable<T> {
@@ -76,7 +71,7 @@ export function queryElemSiblings<T extends Element>(el: Element, selector = '*'
   }), fn);
 }
 
-// it works like jQuery.children: only the direct children are selected
+/** it works like jQuery.children: only the direct children are selected */
 export function queryElemChildren<T extends Element>(parent: Element | ParentNode, selector = '*', fn?: ElementsCallback<T>): ArrayLikeIterable<T> {
   if (isInFrontendUnitTest()) {
     // https://github.com/capricorn86/happy-dom/issues/1620 : ":scope" doesn't work
@@ -86,8 +81,8 @@ export function queryElemChildren<T extends Element>(parent: Element | ParentNod
   return applyElemsCallback<T>(parent.querySelectorAll(`:scope > ${selector}`), fn);
 }
 
-// it works like parent.querySelectorAll: all descendants are selected
-// in the future, all "queryElems(document, ...)" should be refactored to use a more specific parent
+/** it works like parent.querySelectorAll: all descendants are selected */
+// in the future, all "queryElems(document, ...)" should be refactored to use a more specific parent if the targets are not for page-level components.
 export function queryElems<T extends HTMLElement>(parent: Element | ParentNode, selector: string, fn?: ElementsCallback<T>): ArrayLikeIterable<T> {
   return applyElemsCallback<T>(parent.querySelectorAll(selector), fn);
 }
@@ -100,8 +95,8 @@ export function onDomReady(cb: () => Promisable<void>) {
   }
 }
 
-// checks whether an element is owned by the current document, and whether it is a document fragment or element node
-// if it is, it means it is a "normal" element managed by us, which can be modified safely.
+/** checks whether an element is owned by the current document, and whether it is a document fragment or element node
+ *  if it is, it means it is a "normal" element managed by us, which can be modified safely. */
 export function isDocumentFragmentOrElementNode(el: Node) {
   try {
     return el.ownerDocument === document && el.nodeType === Node.ELEMENT_NODE || el.nodeType === Node.DOCUMENT_FRAGMENT_NODE;
@@ -111,8 +106,8 @@ export function isDocumentFragmentOrElementNode(el: Node) {
   }
 }
 
-// autosize a textarea to fit content. Based on
-// https://github.com/github/textarea-autosize
+/** autosize a textarea to fit content. */
+// Based on https://github.com/github/textarea-autosize
 // ---------------------------------------------------------------------
 // Copyright (c) 2018 GitHub, Inc.
 //
@@ -166,6 +161,7 @@ export function autosize(textarea: HTMLTextAreaElement, {viewportMarginBottom =
   function resizeToFit() {
     if (isUserResized) return;
     if (textarea.offsetWidth <= 0 && textarea.offsetHeight <= 0) return;
+    const previousMargin = textarea.style.marginBottom;
 
     try {
       const {top, bottom} = overflowOffset();
@@ -181,6 +177,9 @@ export function autosize(textarea: HTMLTextAreaElement, {viewportMarginBottom =
       const curHeight = parseFloat(computedStyle.height);
       const maxHeight = curHeight + bottom - adjustedViewportMarginBottom;
 
+      // In Firefox, setting auto height momentarily may cause the page to scroll up
+      // unexpectedly, prevent this by setting a temporary margin.
+      textarea.style.marginBottom = `${textarea.clientHeight}px`;
       textarea.style.height = 'auto';
       let newHeight = textarea.scrollHeight + borderAddOn;
 
@@ -201,6 +200,12 @@ export function autosize(textarea: HTMLTextAreaElement, {viewportMarginBottom =
       textarea.style.height = `${newHeight}px`;
       lastStyleHeight = textarea.style.height;
     } finally {
+      // restore previous margin
+      if (previousMargin) {
+        textarea.style.marginBottom = previousMargin;
+      } else {
+        textarea.style.removeProperty('margin-bottom');
+      }
       // ensure that the textarea is fully scrolled to the end, when the cursor
       // is at the end during an input event
       if (textarea.selectionStart === textarea.selectionEnd &&
@@ -241,8 +246,8 @@ export function onInputDebounce(fn: () => Promisable<any>) {
 
 type LoadableElement = HTMLEmbedElement | HTMLIFrameElement | HTMLImageElement | HTMLScriptElement | HTMLTrackElement;
 
-// Set the `src` attribute on an element and returns a promise that resolves once the element
-// has loaded or errored.
+/** Set the `src` attribute on an element and returns a promise that resolves once the element
+ *  has loaded or errored. */
 export function loadElem(el: LoadableElement, src: string) {
   return new Promise((resolve) => {
     el.addEventListener('load', () => resolve(true), {once: true});
@@ -273,28 +278,24 @@ export function initSubmitEventPolyfill() {
   document.body.addEventListener('focus', submitEventPolyfillListener);
 }
 
-/**
- * Check if an element is visible, equivalent to jQuery's `:visible` pseudo.
- * Note: This function doesn't account for all possible visibility scenarios.
- */
-export function isElemVisible(element: HTMLElement): boolean {
-  if (!element) return false;
-  // checking element.style.display is not necessary for browsers, but it is required by some tests with happy-dom because happy-dom doesn't really do layout
-  return Boolean((element.offsetWidth || element.offsetHeight || element.getClientRects().length) && element.style.display !== 'none');
+export function isElemVisible(el: HTMLElement): boolean {
+  // Check if an element is visible, equivalent to jQuery's `:visible` pseudo.
+  // This function DOESN'T account for all possible visibility scenarios, its behavior is covered by the tests of "querySingleVisibleElem"
+  if (!el) return false;
+  // checking el.style.display is not necessary for browsers, but it is required by some tests with happy-dom because happy-dom doesn't really do layout
+  return !el.classList.contains('tw-hidden') && (el.offsetWidth || el.offsetHeight || el.getClientRects().length) && el.style.display !== 'none';
 }
 
-// replace selected text in a textarea while preserving editor history, e.g. CTRL-Z works after this
+/** replace selected text in a textarea while preserving editor history, e.g. CTRL-Z works after this */
 export function replaceTextareaSelection(textarea: HTMLTextAreaElement, text: string) {
   const before = textarea.value.slice(0, textarea.selectionStart ?? undefined);
   const after = textarea.value.slice(textarea.selectionEnd ?? undefined);
-  let success = true;
+  let success = false;
 
   textarea.contentEditable = 'true';
   try {
     success = document.execCommand('insertText', false, text); // eslint-disable-line @typescript-eslint/no-deprecated
-  } catch {
-    success = false;
-  }
+  } catch {} // ignore the error if execCommand is not supported or failed
   textarea.contentEditable = 'false';
 
   if (success && !textarea.value.slice(0, textarea.selectionStart ?? undefined).endsWith(text)) {
@@ -307,10 +308,10 @@ export function replaceTextareaSelection(textarea: HTMLTextAreaElement, text: st
   }
 }
 
-// Warning: Do not enter any unsanitized variables here
 export function createElementFromHTML<T extends HTMLElement>(htmlString: string): T {
   htmlString = htmlString.trim();
-  // some tags like "tr" are special, it must use a correct parent container to create
+  // There is no way to create some elements without a proper parent, jQuery's approach: https://github.com/jquery/jquery/blob/main/src/manipulation/wrapMap.js
+  // eslint-disable-next-line github/unescaped-html-literal
   if (htmlString.startsWith('<tr')) {
     const container = document.createElement('table');
     container.innerHTML = htmlString;
@@ -358,7 +359,21 @@ export function querySingleVisibleElem<T extends HTMLElement>(parent: Element, s
 export function addDelegatedEventListener<T extends HTMLElement, E extends Event>(parent: Node, type: string, selector: string, listener: (elem: T, e: E) => Promisable<void>, options?: boolean | AddEventListenerOptions) {
   parent.addEventListener(type, (e: Event) => {
     const elem = (e.target as HTMLElement).closest(selector);
-    if (!elem) return;
+    // It strictly checks "parent contains the target elem" to avoid side effects of selector running on outside the parent.
+    // Keep in mind that the elem could have been removed from parent by other event handlers before this event handler is called.
+    // For example, tippy popup item, the tippy popup could be hidden and removed from DOM before this.
+    // It is the caller's responsibility to make sure the elem is still in parent's DOM when this event handler is called.
+    if (!elem || (parent !== document && !parent.contains(elem))) return;
     listener(elem as T, e as E);
   }, options);
 }
+
+/** Returns whether a click event is a left-click without any modifiers held */
+export function isPlainClick(e: MouseEvent) {
+  return e.button === 0 && !e.ctrlKey && !e.metaKey && !e.altKey && !e.shiftKey;
+}
+
+let elemIdCounter = 0;
+export function generateElemId(prefix: string = ''): string {
+  return `${prefix}${elemIdCounter++}`;
+}
diff --git a/web_src/js/utils/filetree.test.ts b/web_src/js/utils/filetree.test.ts
deleted file mode 100644
index f561cb75f0..0000000000
--- a/web_src/js/utils/filetree.test.ts
+++ /dev/null
@@ -1,86 +0,0 @@
-import {mergeChildIfOnlyOneDir, pathListToTree, type File} from './filetree.ts';
-
-const emptyList: File[] = [];
-const singleFile = [{Name: 'file1'}] as File[];
-const singleDir = [{Name: 'dir1/file1'}] as File[];
-const nestedDir = [{Name: 'dir1/dir2/file1'}] as File[];
-const multiplePathsDisjoint = [{Name: 'dir1/dir2/file1'}, {Name: 'dir3/file2'}] as File[];
-const multiplePathsShared = [{Name: 'dir1/dir2/dir3/file1'}, {Name: 'dir1/file2'}] as File[];
-
-test('pathListToTree', () => {
-  expect(pathListToTree(emptyList)).toEqual([]);
-  expect(pathListToTree(singleFile)).toEqual([
-    {isFile: true, name: 'file1', path: 'file1', file: {Name: 'file1'}},
-  ]);
-  expect(pathListToTree(singleDir)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: true, name: 'file1', path: 'dir1/file1', file: {Name: 'dir1/file1'}},
-    ]},
-  ]);
-  expect(pathListToTree(nestedDir)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: false, name: 'dir2', path: 'dir1/dir2', children: [
-        {isFile: true, name: 'file1', path: 'dir1/dir2/file1', file: {Name: 'dir1/dir2/file1'}},
-      ]},
-    ]},
-  ]);
-  expect(pathListToTree(multiplePathsDisjoint)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: false, name: 'dir2', path: 'dir1/dir2', children: [
-        {isFile: true, name: 'file1', path: 'dir1/dir2/file1', file: {Name: 'dir1/dir2/file1'}},
-      ]},
-    ]},
-    {isFile: false, name: 'dir3', path: 'dir3', children: [
-      {isFile: true, name: 'file2', path: 'dir3/file2', file: {Name: 'dir3/file2'}},
-    ]},
-  ]);
-  expect(pathListToTree(multiplePathsShared)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: false, name: 'dir2', path: 'dir1/dir2', children: [
-        {isFile: false, name: 'dir3', path: 'dir1/dir2/dir3', children: [
-          {isFile: true, name: 'file1', path: 'dir1/dir2/dir3/file1', file: {Name: 'dir1/dir2/dir3/file1'}},
-        ]},
-      ]},
-      {isFile: true, name: 'file2', path: 'dir1/file2', file: {Name: 'dir1/file2'}},
-    ]},
-  ]);
-});
-
-const mergeChildWrapper = (testCase: File[]) => {
-  const tree = pathListToTree(testCase);
-  mergeChildIfOnlyOneDir(tree);
-  return tree;
-};
-
-test('mergeChildIfOnlyOneDir', () => {
-  expect(mergeChildWrapper(emptyList)).toEqual([]);
-  expect(mergeChildWrapper(singleFile)).toEqual([
-    {isFile: true, name: 'file1', path: 'file1', file: {Name: 'file1'}},
-  ]);
-  expect(mergeChildWrapper(singleDir)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: true, name: 'file1', path: 'dir1/file1', file: {Name: 'dir1/file1'}},
-    ]},
-  ]);
-  expect(mergeChildWrapper(nestedDir)).toEqual([
-    {isFile: false, name: 'dir1/dir2', path: 'dir1/dir2', children: [
-      {isFile: true, name: 'file1', path: 'dir1/dir2/file1', file: {Name: 'dir1/dir2/file1'}},
-    ]},
-  ]);
-  expect(mergeChildWrapper(multiplePathsDisjoint)).toEqual([
-    {isFile: false, name: 'dir1/dir2', path: 'dir1/dir2', children: [
-      {isFile: true, name: 'file1', path: 'dir1/dir2/file1', file: {Name: 'dir1/dir2/file1'}},
-    ]},
-    {isFile: false, name: 'dir3', path: 'dir3', children: [
-      {isFile: true, name: 'file2', path: 'dir3/file2', file: {Name: 'dir3/file2'}},
-    ]},
-  ]);
-  expect(mergeChildWrapper(multiplePathsShared)).toEqual([
-    {isFile: false, name: 'dir1', path: 'dir1', children: [
-      {isFile: false, name: 'dir2/dir3', path: 'dir1/dir2/dir3', children: [
-        {isFile: true, name: 'file1', path: 'dir1/dir2/dir3/file1', file: {Name: 'dir1/dir2/dir3/file1'}},
-      ]},
-      {isFile: true, name: 'file2', path: 'dir1/file2', file: {Name: 'dir1/file2'}},
-    ]},
-  ]);
-});
diff --git a/web_src/js/utils/filetree.ts b/web_src/js/utils/filetree.ts
deleted file mode 100644
index 35f9f58189..0000000000
--- a/web_src/js/utils/filetree.ts
+++ /dev/null
@@ -1,85 +0,0 @@
-import {dirname, basename} from '../utils.ts';
-
-export type FileStatus = 'added' | 'modified' | 'deleted' | 'renamed' | 'copied' | 'typechange';
-
-export type File = {
-  Name: string;
-  NameHash: string;
-  Status: FileStatus;
-  IsViewed: boolean;
-  IsSubmodule: boolean;
-}
-
-type DirItem = {
-    isFile: false;
-    name: string;
-    path: string;
-
-    children: Item[];
-}
-
-type FileItem = {
-    isFile: true;
-    name: string;
-    path: string;
-    file: File;
-}
-
-export type Item = DirItem | FileItem;
-
-export function pathListToTree(fileEntries: File[]): Item[] {
-  const pathToItem = new Map<string, DirItem>();
-
-    // init root node
-  const root: DirItem = {name: '', path: '', isFile: false, children: []};
-  pathToItem.set('', root);
-
-  for (const fileEntry of fileEntries) {
-    const [parentPath, fileName] = [dirname(fileEntry.Name), basename(fileEntry.Name)];
-
-    let parentItem = pathToItem.get(parentPath);
-    if (!parentItem) {
-      parentItem = constructParents(pathToItem, parentPath);
-    }
-
-    const fileItem: FileItem = {name: fileName, path: fileEntry.Name, isFile: true, file: fileEntry};
-
-    parentItem.children.push(fileItem);
-  }
-
-  return root.children;
-}
-
-function constructParents(pathToItem: Map<string, DirItem>, dirPath: string): DirItem {
-  const [dirParentPath, dirName] = [dirname(dirPath), basename(dirPath)];
-
-  let parentItem = pathToItem.get(dirParentPath);
-  if (!parentItem) {
-    // if the parent node does not exist, create it
-    parentItem = constructParents(pathToItem, dirParentPath);
-  }
-
-  const dirItem: DirItem = {name: dirName, path: dirPath, isFile: false, children: []};
-  parentItem.children.push(dirItem);
-  pathToItem.set(dirPath, dirItem);
-
-  return dirItem;
-}
-
-export function mergeChildIfOnlyOneDir(nodes: Item[]): void {
-  for (const node of nodes) {
-    if (node.isFile) {
-      continue;
-    }
-    const dir = node as DirItem;
-
-    mergeChildIfOnlyOneDir(dir.children);
-
-    if (dir.children.length === 1 && dir.children[0].isFile === false) {
-      const child = dir.children[0];
-      dir.name = `${dir.name}/${child.name}`;
-      dir.path = child.path;
-      dir.children = child.children;
-    }
-  }
-}
diff --git a/web_src/js/utils/html.test.ts b/web_src/js/utils/html.test.ts
new file mode 100644
index 0000000000..3028b7bb0a
--- /dev/null
+++ b/web_src/js/utils/html.test.ts
@@ -0,0 +1,8 @@
+import {html, htmlEscape, htmlRaw} from './html.ts';
+
+test('html', async () => {
+  expect(html`<a>${'<>&\'"'}</a>`).toBe(`<a>&lt;&gt;&amp;&#39;&quot;</a>`);
+  expect(html`<a>${htmlRaw('<img>')}</a>`).toBe(`<a><img></a>`);
+  expect(html`<a>${htmlRaw`<img ${'&'}>`}</a>`).toBe(`<a><img &amp;></a>`);
+  expect(htmlEscape(`<a></a>`)).toBe(`&lt;a&gt;&lt;/a&gt;`);
+});
diff --git a/web_src/js/utils/html.ts b/web_src/js/utils/html.ts
new file mode 100644
index 0000000000..1252032ee0
--- /dev/null
+++ b/web_src/js/utils/html.ts
@@ -0,0 +1,32 @@
+export function htmlEscape(s: string, ...args: Array<any>): string {
+  if (args.length !== 0) throw new Error('use html or htmlRaw instead of htmlEscape'); // check legacy usages
+  return s.replace(/&/g, '&amp;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&#39;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;');
+}
+
+class rawObject {
+  private readonly value: string;
+  constructor(v: string) { this.value = v }
+  toString(): string { return this.value }
+}
+
+export function html(tmpl: TemplateStringsArray, ...parts: Array<any>): string {
+  let output = tmpl[0];
+  for (let i = 0; i < parts.length; i++) {
+    const value = parts[i];
+    const valueEscaped = (value instanceof rawObject) ? value.toString() : htmlEscape(String(value));
+    output = output + valueEscaped + tmpl[i + 1];
+  }
+  return output;
+}
+
+export function htmlRaw(s: string|TemplateStringsArray, ...tmplParts: Array<any>): rawObject {
+  if (typeof s === 'string') {
+    if (tmplParts.length !== 0) throw new Error("either htmlRaw('str') or htmlRaw`tmpl`");
+    return new rawObject(s);
+  }
+  return new rawObject(html(s, ...tmplParts));
+}
diff --git a/web_src/js/utils/image.ts b/web_src/js/utils/image.ts
index 558a63f22e..5cd5052b40 100644
--- a/web_src/js/utils/image.ts
+++ b/web_src/js/utils/image.ts
@@ -29,8 +29,8 @@ type ImageInfo = {
   dppx?: number,
 }
 
-// decode a image and try to obtain width and dppx. It will never throw but instead
-// return default values.
+/** decode a image and try to obtain width and dppx. It will never throw but instead
+ *  return default values. */
 export async function imageInfo(blob: Blob): Promise<ImageInfo> {
   let width = 0, dppx = 1; // dppx: 1 dot per pixel for non-HiDPI screens
 
diff --git a/web_src/js/utils/time.ts b/web_src/js/utils/time.ts
index c63498345f..262cc23a52 100644
--- a/web_src/js/utils/time.ts
+++ b/web_src/js/utils/time.ts
@@ -65,8 +65,8 @@ export function fillEmptyStartDaysWithZeroes(startDays: number[], data: DayDataO
 
 let dateFormat: Intl.DateTimeFormat;
 
-// format a Date object to document's locale, but with 24h format from user's current locale because this
-// option is a personal preference of the user, not something that the document's locale should dictate.
+/** Format a Date object to document's locale, but with 24h format from user's current locale because this
+ *  option is a personal preference of the user, not something that the document's locale should dictate. */
 export function formatDatetime(date: Date | number): string {
   if (!dateFormat) {
     // TODO: replace `hour12` with `Intl.Locale.prototype.getHourCycles` once there is broad browser support
diff --git a/web_src/js/utils/url.ts b/web_src/js/utils/url.ts
index a7d61c5e83..9991da7472 100644
--- a/web_src/js/utils/url.ts
+++ b/web_src/js/utils/url.ts
@@ -14,8 +14,8 @@ export function isUrl(url: string): boolean {
   }
 }
 
-// Convert an absolute or relative URL to an absolute URL with the current origin. It only
-// processes absolute HTTP/HTTPS URLs or relative URLs like '/xxx' or '//host/xxx'.
+/** Convert an absolute or relative URL to an absolute URL with the current origin. It only
+ *  processes absolute HTTP/HTTPS URLs or relative URLs like '/xxx' or '//host/xxx'. */
 export function toOriginUrl(urlStr: string) {
   try {
     if (urlStr.startsWith('http://') || urlStr.startsWith('https://') || urlStr.startsWith('/')) {
diff --git a/web_src/js/webcomponents/overflow-menu.ts b/web_src/js/webcomponents/overflow-menu.ts
index 4e729a268a..ae93f2b758 100644
--- a/web_src/js/webcomponents/overflow-menu.ts
+++ b/web_src/js/webcomponents/overflow-menu.ts
@@ -1,6 +1,6 @@
 import {throttle} from 'throttle-debounce';
 import {createTippy} from '../modules/tippy.ts';
-import {isDocumentFragmentOrElementNode} from '../utils/dom.ts';
+import {addDelegatedEventListener, isDocumentFragmentOrElementNode} from '../utils/dom.ts';
 import octiconKebabHorizontal from '../../../public/assets/img/svg/octicon-kebab-horizontal.svg';
 
 window.customElements.define('overflow-menu', class extends HTMLElement {
@@ -12,10 +12,14 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
   mutationObserver: MutationObserver;
   lastWidth: number;
 
+  updateButtonActivationState() {
+    if (!this.button || !this.tippyContent) return;
+    this.button.classList.toggle('active', Boolean(this.tippyContent.querySelector('.item.active')));
+  }
+
   updateItems = throttle(100, () => {
     if (!this.tippyContent) {
       const div = document.createElement('div');
-      div.classList.add('tippy-target');
       div.tabIndex = -1; // for initial focus, programmatic focus only
       div.addEventListener('keydown', (e) => {
         if (e.key === 'Tab') {
@@ -64,9 +68,10 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
           }
         }
       });
-      this.append(div);
+      div.classList.add('tippy-target');
+      this.handleItemClick(div, '.tippy-target > .item');
       this.tippyContent = div;
-    }
+    } // end if: no tippyContent and create a new one
 
     const itemFlexSpace = this.menuItemsEl.querySelector<HTMLSpanElement>('.item-flex-space');
     const itemOverFlowMenuButton = this.querySelector<HTMLButtonElement>('.overflow-menu-button');
@@ -88,7 +93,7 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
     const menuRight = this.offsetLeft + this.offsetWidth;
     const menuItems = this.menuItemsEl.querySelectorAll<HTMLElement>('.item, .item-flex-space');
     let afterFlexSpace = false;
-    for (const item of menuItems) {
+    for (const [idx, item] of menuItems.entries()) {
       if (item.classList.contains('item-flex-space')) {
         afterFlexSpace = true;
         continue;
@@ -96,7 +101,10 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
       if (afterFlexSpace) item.setAttribute('data-after-flex-space', 'true');
       const itemRight = item.offsetLeft + item.offsetWidth;
       if (menuRight - itemRight < 38) { // roughly the width of .overflow-menu-button with some extra space
-        this.tippyItems.push(item);
+        const onlyLastItem = idx === menuItems.length - 1 && this.tippyItems.length === 0;
+        const lastItemFit = onlyLastItem && menuRight - itemRight > 0;
+        const moveToPopup = !onlyLastItem || !lastItemFit;
+        if (moveToPopup) this.tippyItems.push(item);
       }
     }
     itemFlexSpace?.style.removeProperty('display');
@@ -107,6 +115,7 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
       const btn = this.querySelector('.overflow-menu-button');
       btn?._tippy?.destroy();
       btn?.remove();
+      this.button = null;
       return;
     }
 
@@ -126,18 +135,17 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
     // update existing tippy
     if (this.button?._tippy) {
       this.button._tippy.setContent(this.tippyContent);
+      this.updateButtonActivationState();
       return;
     }
 
     // create button initially
-    const btn = document.createElement('button');
-    btn.classList.add('overflow-menu-button');
-    btn.setAttribute('aria-label', window.config.i18n.more_items);
-    btn.innerHTML = octiconKebabHorizontal;
-    this.append(btn);
-    this.button = btn;
-
-    createTippy(btn, {
+    this.button = document.createElement('button');
+    this.button.classList.add('overflow-menu-button');
+    this.button.setAttribute('aria-label', window.config.i18n.more_items);
+    this.button.innerHTML = octiconKebabHorizontal;
+    this.append(this.button);
+    createTippy(this.button, {
       trigger: 'click',
       hideOnClick: true,
       interactive: true,
@@ -151,6 +159,7 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
         }, 0);
       },
     });
+    this.updateButtonActivationState();
   });
 
   init() {
@@ -187,6 +196,14 @@ window.customElements.define('overflow-menu', class extends HTMLElement {
       }
     });
     this.resizeObserver.observe(this);
+    this.handleItemClick(this, '.overflow-menu-items > .item');
+  }
+
+  handleItemClick(el: Element, selector: string) {
+    addDelegatedEventListener(el, 'click', selector, () => {
+      this.button?._tippy?.hide();
+      this.updateButtonActivationState();
+    });
   }
 
   connectedCallback() {
diff --git a/web_src/js/webcomponents/polyfill.test.ts b/web_src/js/webcomponents/polyfill.test.ts
new file mode 100644
index 0000000000..4fb4621547
--- /dev/null
+++ b/web_src/js/webcomponents/polyfill.test.ts
@@ -0,0 +1,7 @@
+import {weakRefClass} from './polyfills.ts';
+
+test('polyfillWeakRef', () => {
+  const WeakRef = weakRefClass();
+  const r = new WeakRef(123);
+  expect(r.deref()).toEqual(123);
+});
diff --git a/web_src/js/webcomponents/polyfills.ts b/web_src/js/webcomponents/polyfills.ts
index 4a84ee9562..9575324b5a 100644
--- a/web_src/js/webcomponents/polyfills.ts
+++ b/web_src/js/webcomponents/polyfills.ts
@@ -16,3 +16,19 @@ try {
     return intlNumberFormat(locales, options);
   };
 }
+
+export function weakRefClass() {
+  const weakMap = new WeakMap();
+  return class {
+    constructor(target: any) {
+      weakMap.set(this, target);
+    }
+    deref() {
+      return weakMap.get(this);
+    }
+  };
+}
+
+if (!window.WeakRef) {
+  window.WeakRef = weakRefClass() as any;
+}
diff --git a/webpack.config.js b/webpack.config.js
index 931bf67071..92f479bc0c 100644
--- a/webpack.config.js
+++ b/webpack.config.js
@@ -76,16 +76,10 @@ export default {
   mode: isProduction ? 'production' : 'development',
   entry: {
     index: [
-      fileURLToPath(new URL('web_src/js/globals.ts', import.meta.url)),
-      fileURLToPath(new URL('web_src/fomantic/build/fomantic.js', import.meta.url)),
       fileURLToPath(new URL('web_src/js/index.ts', import.meta.url)),
-      fileURLToPath(new URL('node_modules/easymde/dist/easymde.min.css', import.meta.url)),
       fileURLToPath(new URL('web_src/fomantic/build/fomantic.css', import.meta.url)),
       fileURLToPath(new URL('web_src/css/index.css', import.meta.url)),
     ],
-    webcomponents: [
-      fileURLToPath(new URL('web_src/js/webcomponents/index.ts', import.meta.url)),
-    ],
     swagger: [
       fileURLToPath(new URL('web_src/js/standalone/swagger.ts', import.meta.url)),
       fileURLToPath(new URL('web_src/css/standalone/swagger.css', import.meta.url)),