Another round of `db.DefaultContext` refactor (#27103) (#27262)

Backport #27103 by @JakobDev

Part of #27065

Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

cmd/admin.go

 			}
 			log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum)
 
-			if err = repo_module.SyncReleasesWithTags(repo, gitRepo); err != nil {
+			if err = repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
 				log.Warn(" SyncReleasesWithTags: %v", err)
 				gitRepo.Close()
 				continue
 	if err := initDB(ctx); err != nil {
 		return err
 	}
-	return asymkey_model.RewriteAllPublicKeys()
+	return asymkey_model.RewriteAllPublicKeys(ctx)
 }
 
 func parseOAuth2Config(c *cli.Context) *oauth2.Source {

cmd/migrate_storage_test.go

 	"strings"
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/packages"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	assert.NoError(t, err)
 	defer buf.Close()
 
-	v, f, err := packages_service.CreatePackageAndAddFile(&packages_service.PackageCreationInfo{
+	v, f, err := packages_service.CreatePackageAndAddFile(db.DefaultContext, &packages_service.PackageCreationInfo{
 		PackageInfo: packages_service.PackageInfo{
 			Owner:       creator,
 			PackageType: packages.TypeGeneric,

models/activities/user_heatmap.go

 package activities
 
 import (
+	"context"
+
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/organization"
 	user_model "code.gitea.io/gitea/models/user"
 }
 
 // GetUserHeatmapDataByUser returns an array of UserHeatmapData
-func GetUserHeatmapDataByUser(user, doer *user_model.User) ([]*UserHeatmapData, error) {
-	return getUserHeatmapData(user, nil, doer)
+func GetUserHeatmapDataByUser(ctx context.Context, user, doer *user_model.User) ([]*UserHeatmapData, error) {
+	return getUserHeatmapData(ctx, user, nil, doer)
 }
 
 // GetUserHeatmapDataByUserTeam returns an array of UserHeatmapData
-func GetUserHeatmapDataByUserTeam(user *user_model.User, team *organization.Team, doer *user_model.User) ([]*UserHeatmapData, error) {
-	return getUserHeatmapData(user, team, doer)
+func GetUserHeatmapDataByUserTeam(ctx context.Context, user *user_model.User, team *organization.Team, doer *user_model.User) ([]*UserHeatmapData, error) {
+	return getUserHeatmapData(ctx, user, team, doer)
 }
 
-func getUserHeatmapData(user *user_model.User, team *organization.Team, doer *user_model.User) ([]*UserHeatmapData, error) {
+func getUserHeatmapData(ctx context.Context, user *user_model.User, team *organization.Team, doer *user_model.User) ([]*UserHeatmapData, error) {
 	hdata := make([]*UserHeatmapData, 0)
 
 	if !ActivityReadable(user, doer) {
 		return nil, err
 	}
 
-	return hdata, db.GetEngine(db.DefaultContext).
+	return hdata, db.GetEngine(ctx).
 		Select(groupBy+" AS timestamp, count(user_id) as contributions").
 		Table("action").
 		Where(cond).

models/activities/user_heatmap_test.go

 		assert.NoError(t, err)
 
 		// Get the heatmap and compare
-		heatmap, err := activities_model.GetUserHeatmapDataByUser(user, doer)
+		heatmap, err := activities_model.GetUserHeatmapDataByUser(db.DefaultContext, user, doer)
 		var contributions int
 		for _, hm := range heatmap {
 			contributions += int(hm.Contributions)

models/asymkey/gpg_key.go

 }
 
 // CountUserGPGKeys return number of gpg keys a user own
-func CountUserGPGKeys(userID int64) (int64, error) {
-	return db.GetEngine(db.DefaultContext).Where("owner_id=? AND primary_key_id=''", userID).Count(&GPGKey{})
+func CountUserGPGKeys(ctx context.Context, userID int64) (int64, error) {
+	return db.GetEngine(ctx).Where("owner_id=? AND primary_key_id=''", userID).Count(&GPGKey{})
 }
 
 // GetGPGKeyByID returns public key by given ID.
-func GetGPGKeyByID(keyID int64) (*GPGKey, error) {
+func GetGPGKeyByID(ctx context.Context, keyID int64) (*GPGKey, error) {
 	key := new(GPGKey)
-	has, err := db.GetEngine(db.DefaultContext).ID(keyID).Get(key)
+	has, err := db.GetEngine(ctx).ID(keyID).Get(key)
 	if err != nil {
 		return nil, err
 	} else if !has {
 }
 
 // GetGPGKeysByKeyID returns public key by given ID.
-func GetGPGKeysByKeyID(keyID string) ([]*GPGKey, error) {
+func GetGPGKeysByKeyID(ctx context.Context, keyID string) ([]*GPGKey, error) {
 	keys := make([]*GPGKey, 0, 1)
-	return keys, db.GetEngine(db.DefaultContext).Where("key_id=?", keyID).Find(&keys)
+	return keys, db.GetEngine(ctx).Where("key_id=?", keyID).Find(&keys)
 }
 
 // GPGKeyToEntity retrieve the imported key and the traducted entity
 }
 
 // DeleteGPGKey deletes GPG key information in database.
-func DeleteGPGKey(doer *user_model.User, id int64) (err error) {
-	key, err := GetGPGKeyByID(id)
+func DeleteGPGKey(ctx context.Context, doer *user_model.User, id int64) (err error) {
+	key, err := GetGPGKeyByID(ctx, id)
 	if err != nil {
 		if IsErrGPGKeyNotExist(err) {
 			return nil
 		return ErrGPGKeyAccessDenied{doer.ID, key.ID}
 	}
 
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
 	}

models/asymkey/gpg_key_add.go

 }
 
 // AddGPGKey adds new public key to database.
-func AddGPGKey(ownerID int64, content, token, signature string) ([]*GPGKey, error) {
+func AddGPGKey(ctx context.Context, ownerID int64, content, token, signature string) ([]*GPGKey, error) {
 	ekeys, err := checkArmoredGPGKeyString(content)
 	if err != nil {
 		return nil, err
 	}
 
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return nil, err
 	}

models/asymkey/gpg_key_commit_verification.go

 	if keyID == "" {
 		return nil
 	}
-	keys, err := GetGPGKeysByKeyID(keyID)
+	keys, err := GetGPGKeysByKeyID(ctx, keyID)
 	if err != nil {
 		log.Error("GetGPGKeysByKeyID: %v", err)
 		return &CommitVerification{
 	for _, key := range keys {
 		var primaryKeys []*GPGKey
 		if key.PrimaryKeyID != "" {
-			primaryKeys, err = GetGPGKeysByKeyID(key.PrimaryKeyID)
+			primaryKeys, err = GetGPGKeysByKeyID(ctx, key.PrimaryKeyID)
 			if err != nil {
 				log.Error("GetGPGKeysByKeyID: %v", err)
 				return &CommitVerification{

models/asymkey/gpg_key_test.go

 	"testing"
 	"time"
 
+	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/timeutil"
 =zHo9
 -----END PGP PUBLIC KEY BLOCK-----`
 
-	keys, err := AddGPGKey(1, testEmailWithUpperCaseLetters, "", "")
+	keys, err := AddGPGKey(db.DefaultContext, 1, testEmailWithUpperCaseLetters, "", "")
 	assert.NoError(t, err)
 	if assert.NotEmpty(t, keys) {
 		key := keys[0]

models/asymkey/ssh_key_authorized_keys.go

 // RewriteAllPublicKeys removes any authorized key and rewrite all keys from database again.
 // Note: db.GetEngine(db.DefaultContext).Iterate does not get latest data after insert/delete, so we have to call this function
 // outside any session scope independently.
-func RewriteAllPublicKeys() error {
+func RewriteAllPublicKeys(ctx context.Context) error {
 	// Don't rewrite key if internal server
 	if setting.SSH.StartBuiltinServer || !setting.SSH.CreateAuthorizedKeysFile {
 		return nil
 		}
 	}
 
-	if err := RegeneratePublicKeys(db.DefaultContext, t); err != nil {
+	if err := RegeneratePublicKeys(ctx, t); err != nil {
 		return err
 	}
 

models/issues/issue_index.go

 
 package issues
 
-import "code.gitea.io/gitea/models/db"
+import (
+	"context"
+
+	"code.gitea.io/gitea/models/db"
+)
 
 // RecalculateIssueIndexForRepo create issue_index for repo if not exist and
 // update it based on highest index of existing issues assigned to a repo
-func RecalculateIssueIndexForRepo(repoID int64) error {
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+func RecalculateIssueIndexForRepo(ctx context.Context, repoID int64) error {
+	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
 	}

models/issues/issue_stats.go

 }
 
 // GetIssueStats returns issue statistic information by given conditions.
-func GetIssueStats(opts *IssuesOptions) (*IssueStats, error) {
+func GetIssueStats(ctx context.Context, opts *IssuesOptions) (*IssueStats, error) {
 	if len(opts.IssueIDs) <= MaxQueryParameters {
-		return getIssueStatsChunk(opts, opts.IssueIDs)
+		return getIssueStatsChunk(ctx, opts, opts.IssueIDs)
 	}
 
 	// If too long a list of IDs is provided, we get the statistics in
 		if chunk > len(opts.IssueIDs) {
 			chunk = len(opts.IssueIDs)
 		}
-		stats, err := getIssueStatsChunk(opts, opts.IssueIDs[i:chunk])
+		stats, err := getIssueStatsChunk(ctx, opts, opts.IssueIDs[i:chunk])
 		if err != nil {
 			return nil, err
 		}
 	return accum, nil
 }
 
-func getIssueStatsChunk(opts *IssuesOptions, issueIDs []int64) (*IssueStats, error) {
+func getIssueStatsChunk(ctx context.Context, opts *IssuesOptions, issueIDs []int64) (*IssueStats, error) {
 	stats := &IssueStats{}
 
-	sess := db.GetEngine(db.DefaultContext).
+	sess := db.GetEngine(ctx).
 		Join("INNER", "repository", "`issue`.repo_id = `repository`.id")
 
 	var err error

models/issues/issue_test.go

 
 	// Now we will call the GetIssueStats with these IDs and if working,
 	// get the correct stats back.
-	issueStats, err := issues_model.GetIssueStats(&issues_model.IssuesOptions{
+	issueStats, err := issues_model.GetIssueStats(db.DefaultContext, &issues_model.IssuesOptions{
 		RepoIDs:  []int64{1},
 		IssueIDs: ids,
 	})

models/issues/pull.go

 		return nil
 	}
 
-	reviews, err := GetReviewsByIssueID(pr.Issue.ID)
+	reviews, err := GetReviewsByIssueID(ctx, pr.Issue.ID)
 	if err != nil {
 		return err
 	}

models/issues/reaction.go

 }
 
 // LoadUser load user of reaction
-func (r *Reaction) LoadUser() (*user_model.User, error) {
+func (r *Reaction) LoadUser(ctx context.Context) (*user_model.User, error) {
 	if r.User != nil {
 		return r.User, nil
 	}
-	user, err := user_model.GetUserByID(db.DefaultContext, r.UserID)
+	user, err := user_model.GetUserByID(ctx, r.UserID)
 	if err != nil {
 		return nil, err
 	}
 }
 
 // FindCommentReactions returns a ReactionList of all reactions from an comment
-func FindCommentReactions(issueID, commentID int64) (ReactionList, int64, error) {
-	return FindReactions(db.DefaultContext, FindReactionsOptions{
+func FindCommentReactions(ctx context.Context, issueID, commentID int64) (ReactionList, int64, error) {
+	return FindReactions(ctx, FindReactionsOptions{
 		IssueID:   issueID,
 		CommentID: commentID,
 	})
 }
 
 // FindIssueReactions returns a ReactionList of all reactions from an issue
-func FindIssueReactions(issueID int64, listOptions db.ListOptions) (ReactionList, int64, error) {
-	return FindReactions(db.DefaultContext, FindReactionsOptions{
+func FindIssueReactions(ctx context.Context, issueID int64, listOptions db.ListOptions) (ReactionList, int64, error) {
+	return FindReactions(ctx, FindReactionsOptions{
 		ListOptions: listOptions,
 		IssueID:     issueID,
 		CommentID:   -1,
 }
 
 // CreateReaction creates reaction for issue or comment.
-func CreateReaction(opts *ReactionOptions) (*Reaction, error) {
+func CreateReaction(ctx context.Context, opts *ReactionOptions) (*Reaction, error) {
 	if !setting.UI.ReactionsLookup.Contains(opts.Type) {
 		return nil, ErrForbiddenIssueReaction{opts.Type}
 	}
 
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return nil, err
 	}
 }
 
 // CreateIssueReaction creates a reaction on issue.
-func CreateIssueReaction(doerID, issueID int64, content string) (*Reaction, error) {
-	return CreateReaction(&ReactionOptions{
+func CreateIssueReaction(ctx context.Context, doerID, issueID int64, content string) (*Reaction, error) {
+	return CreateReaction(ctx, &ReactionOptions{
 		Type:    content,
 		DoerID:  doerID,
 		IssueID: issueID,
 }
 
 // CreateCommentReaction creates a reaction on comment.
-func CreateCommentReaction(doerID, issueID, commentID int64, content string) (*Reaction, error) {
-	return CreateReaction(&ReactionOptions{
+func CreateCommentReaction(ctx context.Context, doerID, issueID, commentID int64, content string) (*Reaction, error) {
+	return CreateReaction(ctx, &ReactionOptions{
 		Type:      content,
 		DoerID:    doerID,
 		IssueID:   issueID,
 }
 
 // DeleteIssueReaction deletes a reaction on issue.
-func DeleteIssueReaction(doerID, issueID int64, content string) error {
-	return DeleteReaction(db.DefaultContext, &ReactionOptions{
+func DeleteIssueReaction(ctx context.Context, doerID, issueID int64, content string) error {
+	return DeleteReaction(ctx, &ReactionOptions{
 		Type:      content,
 		DoerID:    doerID,
 		IssueID:   issueID,
 }
 
 // DeleteCommentReaction deletes a reaction on comment.
-func DeleteCommentReaction(doerID, issueID, commentID int64, content string) error {
-	return DeleteReaction(db.DefaultContext, &ReactionOptions{
+func DeleteCommentReaction(ctx context.Context, doerID, issueID, commentID int64, content string) error {
+	return DeleteReaction(ctx, &ReactionOptions{
 		Type:      content,
 		DoerID:    doerID,
 		IssueID:   issueID,

models/issues/reaction_test.go

 	var reaction *issues_model.Reaction
 	var err error
 	if commentID == 0 {
-		reaction, err = issues_model.CreateIssueReaction(doerID, issueID, content)
+		reaction, err = issues_model.CreateIssueReaction(db.DefaultContext, doerID, issueID, content)
 	} else {
-		reaction, err = issues_model.CreateCommentReaction(doerID, issueID, commentID, content)
+		reaction, err = issues_model.CreateCommentReaction(db.DefaultContext, doerID, issueID, commentID, content)
 	}
 	assert.NoError(t, err)
 	assert.NotNil(t, reaction)
 
 	addReaction(t, user1.ID, issue1ID, 0, "heart")
 
-	reaction, err := issues_model.CreateReaction(&issues_model.ReactionOptions{
+	reaction, err := issues_model.CreateReaction(db.DefaultContext, &issues_model.ReactionOptions{
 		DoerID:  user1.ID,
 		IssueID: issue1ID,
 		Type:    "heart",
 
 	addReaction(t, user1.ID, issue1ID, 0, "heart")
 
-	err := issues_model.DeleteIssueReaction(user1.ID, issue1ID, "heart")
+	err := issues_model.DeleteIssueReaction(db.DefaultContext, user1.ID, issue1ID, "heart")
 	assert.NoError(t, err)
 
 	unittest.AssertNotExistsBean(t, &issues_model.Reaction{Type: "heart", UserID: user1.ID, IssueID: issue1ID})
 	var comment1ID int64 = 1
 
 	addReaction(t, user1.ID, issue1ID, comment1ID, "heart")
-	assert.NoError(t, issues_model.DeleteCommentReaction(user1.ID, issue1ID, comment1ID, "heart"))
+	assert.NoError(t, issues_model.DeleteCommentReaction(db.DefaultContext, user1.ID, issue1ID, comment1ID, "heart"))
 
 	unittest.AssertNotExistsBean(t, &issues_model.Reaction{Type: "heart", UserID: user1.ID, IssueID: issue1ID, CommentID: comment1ID})
 }

models/issues/review_list.go

 }
 
 // CountReviews returns count of reviews passing FindReviewOptions
-func CountReviews(opts FindReviewOptions) (int64, error) {
-	return db.GetEngine(db.DefaultContext).Where(opts.toCond()).Count(&Review{})
+func CountReviews(ctx context.Context, opts FindReviewOptions) (int64, error) {
+	return db.GetEngine(ctx).Where(opts.toCond()).Count(&Review{})
 }
 
 // GetReviewersFromOriginalAuthorsByIssueID gets the latest review of each original authors for a pull request
-func GetReviewersFromOriginalAuthorsByIssueID(issueID int64) (ReviewList, error) {
+func GetReviewersFromOriginalAuthorsByIssueID(ctx context.Context, issueID int64) (ReviewList, error) {
 	reviews := make([]*Review, 0, 10)
 
 	// Get latest review of each reviewer, sorted in order they were made
-	if err := db.GetEngine(db.DefaultContext).SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id = 0 AND type in (?, ?, ?) AND original_author_id <> 0 GROUP BY issue_id, original_author_id) ORDER BY review.updated_unix ASC",
+	if err := db.GetEngine(ctx).SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id = 0 AND type in (?, ?, ?) AND original_author_id <> 0 GROUP BY issue_id, original_author_id) ORDER BY review.updated_unix ASC",
 		issueID, ReviewTypeApprove, ReviewTypeReject, ReviewTypeRequest).
 		Find(&reviews); err != nil {
 		return nil, err
 }
 
 // GetReviewsByIssueID gets the latest review of each reviewer for a pull request
-func GetReviewsByIssueID(issueID int64) (ReviewList, error) {
+func GetReviewsByIssueID(ctx context.Context, issueID int64) (ReviewList, error) {
 	reviews := make([]*Review, 0, 10)
 
-	sess := db.GetEngine(db.DefaultContext)
+	sess := db.GetEngine(ctx)
 
 	// Get latest review of each reviewer, sorted in order they were made
 	if err := sess.SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id = 0 AND type in (?, ?, ?) AND dismissed = ? AND original_author_id = 0 GROUP BY issue_id, reviewer_id) ORDER BY review.updated_unix ASC",

models/issues/review_test.go

 			UpdatedUnix: 946684814,
 		})
 
-	allReviews, err := issues_model.GetReviewsByIssueID(issue.ID)
+	allReviews, err := issues_model.GetReviewsByIssueID(db.DefaultContext, issue.ID)
 	assert.NoError(t, err)
 	for _, review := range allReviews {
 		assert.NoError(t, review.LoadReviewer(db.DefaultContext))
 		}
 	}
 
-	allReviews, err = issues_model.GetReviewsByIssueID(issue.ID)
+	allReviews, err = issues_model.GetReviewsByIssueID(db.DefaultContext, issue.ID)
 	assert.NoError(t, err)
 	assert.NoError(t, allReviews.LoadReviewers(db.DefaultContext))
 	if assert.Len(t, allReviews, 3) {

models/organization/team_list.go

 }
 
 // SearchTeam search for teams. Caller is responsible to check permissions.
-func SearchTeam(opts *SearchTeamOptions) (TeamList, int64, error) {
-	sess := db.GetEngine(db.DefaultContext)
+func SearchTeam(ctx context.Context, opts *SearchTeamOptions) (TeamList, int64, error) {
+	sess := db.GetEngine(ctx)
 
 	opts.SetDefaultValues()
 	cond := opts.toCond()

models/organization/team_test.go

 func TestGetUserTeams(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	test := func(userID int64) {
-		teams, _, err := organization.SearchTeam(&organization.SearchTeamOptions{UserID: userID})
+		teams, _, err := organization.SearchTeam(db.DefaultContext, &organization.SearchTeamOptions{UserID: userID})
 		assert.NoError(t, err)
 		for _, team := range teams {
 			unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{TeamID: team.ID, UID: userID})

models/repo/release.go

 }
 
 // GetRelease returns release by given ID.
-func GetRelease(repoID int64, tagName string) (*Release, error) {
+func GetRelease(ctx context.Context, repoID int64, tagName string) (*Release, error) {
 	rel := &Release{RepoID: repoID, LowerTagName: strings.ToLower(tagName)}
-	has, err := db.GetEngine(db.DefaultContext).Get(rel)
+	has, err := db.GetEngine(ctx).Get(rel)
 	if err != nil {
 		return nil, err
 	} else if !has {
 }
 
 // CountReleasesByRepoID returns a number of releases matching FindReleaseOptions and RepoID.
-func CountReleasesByRepoID(repoID int64, opts FindReleasesOptions) (int64, error) {
-	return db.GetEngine(db.DefaultContext).Where(opts.toConds(repoID)).Count(new(Release))
+func CountReleasesByRepoID(ctx context.Context, repoID int64, opts FindReleasesOptions) (int64, error) {
+	return db.GetEngine(ctx).Where(opts.toConds(repoID)).Count(new(Release))
 }
 
 // GetLatestReleaseByRepoID returns the latest release for a repository
-func GetLatestReleaseByRepoID(repoID int64) (*Release, error) {
+func GetLatestReleaseByRepoID(ctx context.Context, repoID int64) (*Release, error) {
 	cond := builder.NewCond().
 		And(builder.Eq{"repo_id": repoID}).
 		And(builder.Eq{"is_draft": false}).
 		And(builder.Eq{"is_tag": false})
 
 	rel := new(Release)
-	has, err := db.GetEngine(db.DefaultContext).
+	has, err := db.GetEngine(ctx).
 		Desc("created_unix", "id").
 		Where(cond).
 		Get(rel)
 }
 
 // UpdateReleasesMigrationsByType updates all migrated repositories' releases from gitServiceType to replace originalAuthorID to posterID
-func UpdateReleasesMigrationsByType(gitServiceType structs.GitServiceType, originalAuthorID string, posterID int64) error {
-	_, err := db.GetEngine(db.DefaultContext).Table("release").
+func UpdateReleasesMigrationsByType(ctx context.Context, gitServiceType structs.GitServiceType, originalAuthorID string, posterID int64) error {
+	_, err := db.GetEngine(ctx).Table("release").
 		Where("repo_id IN (SELECT id FROM repository WHERE original_service_type = ?)", gitServiceType).
 		And("original_author_id = ?", originalAuthorID).
 		Update(map[string]any{
 }
 
 // PushUpdateDeleteTag must be called for any push actions to delete tag
-func PushUpdateDeleteTag(repo *Repository, tagName string) error {
-	rel, err := GetRelease(repo.ID, tagName)
+func PushUpdateDeleteTag(ctx context.Context, repo *Repository, tagName string) error {
+	rel, err := GetRelease(ctx, repo.ID, tagName)
 	if err != nil {
 		if IsErrReleaseNotExist(err) {
 			return nil
 		return fmt.Errorf("GetRelease: %w", err)
 	}
 	if rel.IsTag {
-		if _, err = db.GetEngine(db.DefaultContext).ID(rel.ID).Delete(new(Release)); err != nil {
+		if _, err = db.GetEngine(ctx).ID(rel.ID).Delete(new(Release)); err != nil {
 			return fmt.Errorf("Delete: %w", err)
 		}
 	} else {
 		rel.IsDraft = true
 		rel.NumCommits = 0
 		rel.Sha1 = ""
-		if _, err = db.GetEngine(db.DefaultContext).ID(rel.ID).AllCols().Update(rel); err != nil {
+		if _, err = db.GetEngine(ctx).ID(rel.ID).AllCols().Update(rel); err != nil {
 			return fmt.Errorf("Update: %w", err)
 		}
 	}
 }
 
 // SaveOrUpdateTag must be called for any push actions to add tag
-func SaveOrUpdateTag(repo *Repository, newRel *Release) error {
-	rel, err := GetRelease(repo.ID, newRel.TagName)
+func SaveOrUpdateTag(ctx context.Context, repo *Repository, newRel *Release) error {
+	rel, err := GetRelease(ctx, repo.ID, newRel.TagName)
 	if err != nil && !IsErrReleaseNotExist(err) {
 		return fmt.Errorf("GetRelease: %w", err)
 	}
 
 	if rel == nil {
 		rel = newRel
-		if _, err = db.GetEngine(db.DefaultContext).Insert(rel); err != nil {
+		if _, err = db.GetEngine(ctx).Insert(rel); err != nil {
 			return fmt.Errorf("InsertOne: %w", err)
 		}
 	} else {
 		if rel.IsTag && newRel.PublisherID > 0 {
 			rel.PublisherID = newRel.PublisherID
 		}
-		if _, err = db.GetEngine(db.DefaultContext).ID(rel.ID).AllCols().Update(rel); err != nil {
+		if _, err = db.GetEngine(ctx).ID(rel.ID).AllCols().Update(rel); err != nil {
 			return fmt.Errorf("Update: %w", err)
 		}
 	}
 func (r *Release) GetExternalID() int64 { return r.OriginalAuthorID }
 
 // InsertReleases migrates release
-func InsertReleases(rels ...*Release) error {
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+func InsertReleases(ctx context.Context, rels ...*Release) error {
+	ctx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
 	}

models/repo/release_test.go

 import (
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 
 	"github.com/stretchr/testify/assert"
 		Attachments: []*Attachment{a},
 	}
 
-	err := InsertReleases(r)
+	err := InsertReleases(db.DefaultContext, r)
 	assert.NoError(t, err)
 }

models/system/notice.go

 }
 
 // Notices returns notices in given page.
-func Notices(page, pageSize int) ([]*Notice, error) {
+func Notices(ctx context.Context, page, pageSize int) ([]*Notice, error) {
 	notices := make([]*Notice, 0, pageSize)
-	return notices, db.GetEngine(db.DefaultContext).
+	return notices, db.GetEngine(ctx).
 		Limit(pageSize, (page-1)*pageSize).
 		Desc("created_unix").
 		Find(&notices)
 }
 
 // DeleteNotice deletes a system notice by given ID.
-func DeleteNotice(id int64) error {
-	_, err := db.GetEngine(db.DefaultContext).ID(id).Delete(new(Notice))
+func DeleteNotice(ctx context.Context, id int64) error {
+	_, err := db.GetEngine(ctx).ID(id).Delete(new(Notice))
 	return err
 }
 
 // DeleteNotices deletes all notices with ID from start to end (inclusive).
-func DeleteNotices(start, end int64) error {
+func DeleteNotices(ctx context.Context, start, end int64) error {
 	if start == 0 && end == 0 {
-		_, err := db.GetEngine(db.DefaultContext).Exec("DELETE FROM notice")
+		_, err := db.GetEngine(ctx).Exec("DELETE FROM notice")
 		return err
 	}
 
-	sess := db.GetEngine(db.DefaultContext).Where("id >= ?", start)
+	sess := db.GetEngine(ctx).Where("id >= ?", start)
 	if end > 0 {
 		sess.And("id <= ?", end)
 	}
 }
 
 // DeleteNoticesByIDs deletes notices by given IDs.
-func DeleteNoticesByIDs(ids []int64) error {
+func DeleteNoticesByIDs(ctx context.Context, ids []int64) error {
 	if len(ids) == 0 {
 		return nil
 	}
-	_, err := db.GetEngine(db.DefaultContext).
+	_, err := db.GetEngine(ctx).
 		In("id", ids).
 		Delete(new(Notice))
 	return err
 }
 
 // DeleteOldSystemNotices deletes all old system notices from database.
-func DeleteOldSystemNotices(olderThan time.Duration) (err error) {
+func DeleteOldSystemNotices(ctx context.Context, olderThan time.Duration) (err error) {
 	if olderThan <= 0 {
 		return nil
 	}
 
-	_, err = db.GetEngine(db.DefaultContext).Where("created_unix < ?", time.Now().Add(-olderThan).Unix()).Delete(&Notice{})
+	_, err = db.GetEngine(ctx).Where("created_unix < ?", time.Now().Add(-olderThan).Unix()).Delete(&Notice{})
 	return err
 }

models/system/notice_test.go

 func TestNotices(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
-	notices, err := system.Notices(1, 2)
+	notices, err := system.Notices(db.DefaultContext, 1, 2)
 	assert.NoError(t, err)
 	if assert.Len(t, notices, 2) {
 		assert.Equal(t, int64(3), notices[0].ID)
 		assert.Equal(t, int64(2), notices[1].ID)
 	}
 
-	notices, err = system.Notices(2, 2)
+	notices, err = system.Notices(db.DefaultContext, 2, 2)
 	assert.NoError(t, err)
 	if assert.Len(t, notices, 1) {
 		assert.Equal(t, int64(1), notices[0].ID)
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
-	assert.NoError(t, system.DeleteNotice(3))
+	assert.NoError(t, system.DeleteNotice(db.DefaultContext, 3))
 	unittest.AssertNotExistsBean(t, &system.Notice{ID: 3})
 }
 
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 1})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 2})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
-	assert.NoError(t, system.DeleteNotices(1, 2))
+	assert.NoError(t, system.DeleteNotices(db.DefaultContext, 1, 2))
 	unittest.AssertNotExistsBean(t, &system.Notice{ID: 1})
 	unittest.AssertNotExistsBean(t, &system.Notice{ID: 2})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 1})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 2})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
-	assert.NoError(t, system.DeleteNotices(3, 2))
+	assert.NoError(t, system.DeleteNotices(db.DefaultContext, 3, 2))
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 1})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 2})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 1})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 2})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 3})
-	assert.NoError(t, system.DeleteNoticesByIDs([]int64{1, 3}))
+	assert.NoError(t, system.DeleteNoticesByIDs(db.DefaultContext, []int64{1, 3}))
 	unittest.AssertNotExistsBean(t, &system.Notice{ID: 1})
 	unittest.AssertExistsAndLoadBean(t, &system.Notice{ID: 2})
 	unittest.AssertNotExistsBean(t, &system.Notice{ID: 3})

models/user/redirect.go

 }
 
 // LookupUserRedirect look up userID if a user has a redirect name
-func LookupUserRedirect(userName string) (int64, error) {
+func LookupUserRedirect(ctx context.Context, userName string) (int64, error) {
 	userName = strings.ToLower(userName)
 	redirect := &Redirect{LowerName: userName}
-	if has, err := db.GetEngine(db.DefaultContext).Get(redirect); err != nil {
+	if has, err := db.GetEngine(ctx).Get(redirect); err != nil {
 		return 0, err
 	} else if !has {
 		return 0, ErrUserRedirectNotExist{Name: userName}

models/user/redirect_test.go

 import (
 	"testing"
 
+	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 
 func TestLookupUserRedirect(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
-	userID, err := user_model.LookupUserRedirect("olduser1")
+	userID, err := user_model.LookupUserRedirect(db.DefaultContext, "olduser1")
 	assert.NoError(t, err)
 	assert.EqualValues(t, 1, userID)
 
-	_, err = user_model.LookupUserRedirect("doesnotexist")
+	_, err = user_model.LookupUserRedirect(db.DefaultContext, "doesnotexist")
 	assert.True(t, user_model.IsErrUserRedirectNotExist(err))
 }

modules/context/org.go

 	ctx.Org.Organization, err = organization.GetOrgByName(ctx, orgName)
 	if err != nil {
 		if organization.IsErrOrgNotExist(err) {
-			redirectUserID, err := user_model.LookupUserRedirect(orgName)
+			redirectUserID, err := user_model.LookupUserRedirect(ctx, orgName)
 			if err == nil {
 				RedirectToUser(ctx.Base, orgName, redirectUserID)
 			} else if user_model.IsErrUserRedirectNotExist(err) {

modules/context/repo.go

 					return nil
 				}
 
-				if redirectUserID, err := user_model.LookupUserRedirect(userName); err == nil {
+				if redirectUserID, err := user_model.LookupUserRedirect(ctx, userName); err == nil {
 					RedirectToUser(ctx.Base, userName, redirectUserID)
 				} else if user_model.IsErrUserRedirectNotExist(err) {
 					ctx.NotFound("GetUserByName", nil)

modules/doctor/authorizedkeys.go

 			return fmt.Errorf("Unable to open authorized_keys file. ERROR: %w", err)
 		}
 		logger.Warn("Unable to open authorized_keys. (ERROR: %v). Attempting to rewrite...", err)
-		if err = asymkey_model.RewriteAllPublicKeys(); err != nil {
+		if err = asymkey_model.RewriteAllPublicKeys(ctx); err != nil {
 			logger.Critical("Unable to rewrite authorized_keys file. ERROR: %v", err)
 			return fmt.Errorf("Unable to rewrite authorized_keys file. ERROR: %w", err)
 		}
 			return fmt.Errorf(`authorized_keys is out of date and should be regenerated with "gitea admin regenerate keys" or "gitea doctor --run authorized-keys --fix"`)
 		}
 		logger.Warn("authorized_keys is out of date. Attempting rewrite...")
-		err = asymkey_model.RewriteAllPublicKeys()
+		err = asymkey_model.RewriteAllPublicKeys(ctx)
 		if err != nil {
 			logger.Critical("Unable to rewrite authorized_keys file. ERROR: %v", err)
 			return fmt.Errorf("Unable to rewrite authorized_keys file. ERROR: %w", err)

modules/gitgraph/graph_models.go

 			return repo_model.IsOwnerMemberCollaborator(repository, user.ID)
 		}, &keyMap)
 
-		statuses, _, err := git_model.GetLatestCommitStatus(db.DefaultContext, repository.ID, c.Commit.ID.String(), db.ListOptions{})
+		statuses, _, err := git_model.GetLatestCommitStatus(ctx, repository.ID, c.Commit.ID.String(), db.ListOptions{})
 		if err != nil {
 			log.Error("GetLatestCommitStatus: %v", err)
 		} else {

modules/repository/delete.go

 package repository
 
 import (
-	"code.gitea.io/gitea/models/db"
+	"context"
+
 	"code.gitea.io/gitea/models/organization"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 )
 
 // CanUserDelete returns true if user could delete the repository
-func CanUserDelete(repo *repo_model.Repository, user *user_model.User) (bool, error) {
+func CanUserDelete(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error) {
 	if user.IsAdmin || user.ID == repo.OwnerID {
 		return true, nil
 	}
 
-	if err := repo.LoadOwner(db.DefaultContext); err != nil {
+	if err := repo.LoadOwner(ctx); err != nil {
 		return false, err
 	}
 

modules/repository/repo.go

 			// note: this will greatly improve release (tag) sync
 			// for pull-mirrors with many tags
 			repo.IsMirror = opts.Mirror
-			if err = SyncReleasesWithTags(repo, gitRepo); err != nil {
+			if err = SyncReleasesWithTags(ctx, repo, gitRepo); err != nil {
 				log.Error("Failed to synchronize tags to releases for repository: %v", err)
 			}
 		}
 }
 
 // SyncReleasesWithTags synchronizes release table with repository tags
-func SyncReleasesWithTags(repo *repo_model.Repository, gitRepo *git.Repository) error {
+func SyncReleasesWithTags(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository) error {
 	log.Debug("SyncReleasesWithTags: in Repo[%d:%s/%s]", repo.ID, repo.OwnerName, repo.Name)
 
 	// optimized procedure for pull-mirrors which saves a lot of time (in
 	// particular for repos with many tags).
 	if repo.IsMirror {
-		return pullMirrorReleaseSync(repo, gitRepo)
+		return pullMirrorReleaseSync(ctx, repo, gitRepo)
 	}
 
 	existingRelTags := make(container.Set[string])
 				return fmt.Errorf("unable to GetTagCommitID for %q in Repo[%d:%s/%s]: %w", rel.TagName, repo.ID, repo.OwnerName, repo.Name, err)
 			}
 			if git.IsErrNotExist(err) || commitID != rel.Sha1 {
-				if err := repo_model.PushUpdateDeleteTag(repo, rel.TagName); err != nil {
+				if err := repo_model.PushUpdateDeleteTag(ctx, repo, rel.TagName); err != nil {
 					return fmt.Errorf("unable to PushUpdateDeleteTag: %q in Repo[%d:%s/%s]: %w", rel.TagName, repo.ID, repo.OwnerName, repo.Name, err)
 				}
 			} else {
 			return nil
 		}
 
-		if err := PushUpdateAddTag(db.DefaultContext, repo, gitRepo, tagName, sha1, refname); err != nil {
+		if err := PushUpdateAddTag(ctx, repo, gitRepo, tagName, sha1, refname); err != nil {
 			return fmt.Errorf("unable to PushUpdateAddTag: %q to Repo[%d:%s/%s]: %w", tagName, repo.ID, repo.OwnerName, repo.Name, err)
 		}
 
 		rel.PublisherID = author.ID
 	}
 
-	return repo_model.SaveOrUpdateTag(repo, &rel)
+	return repo_model.SaveOrUpdateTag(ctx, repo, &rel)
 }
 
 // StoreMissingLfsObjectsInRepository downloads missing LFS objects
 // upstream. Hence, after each sync we want the pull-mirror release set to be
 // identical to the upstream tag set. This is much more efficient for
 // repositories like https://github.com/vim/vim (with over 13000 tags).
-func pullMirrorReleaseSync(repo *repo_model.Repository, gitRepo *git.Repository) error {
+func pullMirrorReleaseSync(ctx context.Context, repo *repo_model.Repository, gitRepo *git.Repository) error {
 	log.Trace("pullMirrorReleaseSync: rebuilding releases for pull-mirror Repo[%d:%s/%s]", repo.ID, repo.OwnerName, repo.Name)
 	tags, numTags, err := gitRepo.GetTagInfos(0, 0)
 	if err != nil {
 		return fmt.Errorf("unable to GetTagInfos in pull-mirror Repo[%d:%s/%s]: %w", repo.ID, repo.OwnerName, repo.Name, err)
 	}
-	err = db.WithTx(db.DefaultContext, func(ctx context.Context) error {
+	err = db.WithTx(ctx, func(ctx context.Context) error {
 		//
 		// clear out existing releases
 		//

routers/api/packages/alpine/alpine.go

 }
 
 func GetRepositoryFile(ctx *context.Context) {
-	pv, err := alpine_service.GetOrCreateRepositoryVersion(ctx.Package.Owner.ID)
+	pv, err := alpine_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 		return
 	}
 
-	if err := packages_service.RemovePackageFileAndVersionIfUnreferenced(ctx.Doer, pfs[0]); err != nil {
+	if err := packages_service.RemovePackageFileAndVersionIfUnreferenced(ctx, ctx.Doer, pfs[0]); err != nil {
 		if errors.Is(err, util.ErrNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {

routers/api/packages/cargo/cargo.go

 	}
 
 	pv, _, err := packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/chef/chef.go

 	}
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 	packageVersion := ctx.Params("version")
 
 	err := packages_service.RemovePackageVersionByNameAndVersion(
+		ctx,
 		ctx.Doer,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
 	}
 
 	for _, pv := range pvs {
-		if err := packages_service.RemovePackageVersion(ctx.Doer, pv); err != nil {
+		if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
 		}

routers/api/packages/composer/composer.go

 	}
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/conan/conan.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		pci,
 		pfci,
 	)

routers/api/packages/conda/conda.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/container/container.go

 	}
 
 	for _, pv := range pvs {
-		if err := packages_service.RemovePackageVersion(ctx.Doer, pv); err != nil {
+		if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
 		}

routers/api/packages/cran/cran.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/debian/debian.go

 // https://wiki.debian.org/DebianRepository/Format#A.22Release.22_files
 // https://wiki.debian.org/DebianRepository/Format#A.22Packages.22_Indices
 func GetRepositoryFile(ctx *context.Context) {
-	pv, err := debian_service.GetOrCreateRepositoryVersion(ctx.Package.Owner.ID)
+	pv, err := debian_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
 
 // https://wiki.debian.org/DebianRepository/Format#indices_acquisition_via_hashsums_.28by-hash.29
 func GetRepositoryFileByHash(ctx *context.Context) {
-	pv, err := debian_service.GetOrCreateRepositoryVersion(ctx.Package.Owner.ID)
+	pv, err := debian_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/generic/generic.go

 	defer buf.Close()
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 // DeletePackage deletes the specific generic package.
 func DeletePackage(ctx *context.Context) {
 	err := packages_service.RemovePackageVersionByNameAndVersion(
+		ctx,
 		ctx.Doer,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
 	}
 
 	if len(pfs) == 1 {
-		if err := packages_service.RemovePackageVersion(ctx.Doer, pv); err != nil {
+		if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
 		}

routers/api/packages/goproxy/goproxy.go

 	}
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/helm/helm.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/maven/maven.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		pvci,
 		pfci,
 	)

routers/api/packages/npm/npm.go

 	defer buf.Close()
 
 	pv, _, err := packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 	packageVersion := ctx.Params("version")
 
 	err := packages_service.RemovePackageVersionByNameAndVersion(
+		ctx,
 		ctx.Doer,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,
 	}
 
 	for _, pv := range pvs {
-		if err := packages_service.RemovePackageVersion(ctx.Doer, pv); err != nil {
+		if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
 		}

routers/api/packages/nuget/nuget.go

 	}
 
 	_, _, err := packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 	}
 
 	_, err = packages_service.AddFileToExistingPackage(
+		ctx,
 		pi,
 		&packages_service.PackageFileCreationInfo{
 			PackageFileInfo: packages_service.PackageFileInfo{
 
 	for _, pdb := range pdbs {
 		_, err := packages_service.AddFileToExistingPackage(
+			ctx,
 			pi,
 			&packages_service.PackageFileCreationInfo{
 				PackageFileInfo: packages_service.PackageFileInfo{
 	packageVersion := ctx.Params("version")
 
 	err := packages_service.RemovePackageVersionByNameAndVersion(
+		ctx,
 		ctx.Doer,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,

routers/api/packages/pub/pub.go

 	}
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/pypi/pypi.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/rpm/rpm.go

 
 // Gets a pre-generated repository metadata file
 func GetRepositoryFile(ctx *context.Context) {
-	pv, err := rpm_service.GetOrCreateRepositoryVersion(ctx.Package.Owner.ID)
+	pv, err := rpm_service.GetOrCreateRepositoryVersion(ctx, ctx.Package.Owner.ID)
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/rubygems/rubygems.go

 	}
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,
 	packageVersion := ctx.FormString("version")
 
 	err := packages_service.RemovePackageVersionByNameAndVersion(
+		ctx,
 		ctx.Doer,
 		&packages_service.PackageInfo{
 			Owner:       ctx.Package.Owner,

routers/api/packages/swift/swift.go

 	}
 
 	pv, _, err := packages_service.CreatePackageAndAddFile(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/packages/vagrant/vagrant.go

 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
+		ctx,
 		&packages_service.PackageCreationInfo{
 			PackageInfo: packages_service.PackageInfo{
 				Owner:       ctx.Package.Owner,

routers/api/v1/admin/user.go

 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	if err := asymkey_service.DeletePublicKey(ctx.ContextUser, ctx.ParamsInt64(":id")); err != nil {
+	if err := asymkey_service.DeletePublicKey(ctx, ctx.ContextUser, ctx.ParamsInt64(":id")); err != nil {
 		if asymkey_model.IsErrKeyNotExist(err) {
 			ctx.NotFound()
 		} else if asymkey_model.IsErrKeyAccessDenied(err) {

routers/api/v1/api.go

 			owner, err = user_model.GetUserByName(ctx, userName)
 			if err != nil {
 				if user_model.IsErrUserNotExist(err) {
-					if redirectUserID, err := user_model.LookupUserRedirect(userName); err == nil {
+					if redirectUserID, err := user_model.LookupUserRedirect(ctx, userName); err == nil {
 						context.RedirectToUser(ctx.Base, userName, redirectUserID)
 					} else if user_model.IsErrUserRedirectNotExist(err) {
 						ctx.NotFound("GetUserByName", err)
 			ctx.Org.Organization, err = organization.GetOrgByName(ctx, ctx.Params(":org"))
 			if err != nil {
 				if organization.IsErrOrgNotExist(err) {
-					redirectUserID, err := user_model.LookupUserRedirect(ctx.Params(":org"))
+					redirectUserID, err := user_model.LookupUserRedirect(ctx, ctx.Params(":org"))
 					if err == nil {
 						context.RedirectToUser(ctx.Base, ctx.Params(":org"), redirectUserID)
 					} else if user_model.IsErrUserRedirectNotExist(err) {

routers/api/v1/org/team.go

 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	teams, count, err := organization.SearchTeam(&organization.SearchTeamOptions{
+	teams, count, err := organization.SearchTeam(ctx, &organization.SearchTeamOptions{
 		ListOptions: utils.GetListOptions(ctx),
 		OrgID:       ctx.Org.Organization.ID,
 	})
 	//   "200":
 	//     "$ref": "#/responses/TeamList"
 
-	teams, count, err := organization.SearchTeam(&organization.SearchTeamOptions{
+	teams, count, err := organization.SearchTeam(ctx, &organization.SearchTeamOptions{
 		ListOptions: utils.GetListOptions(ctx),
 		UserID:      ctx.Doer.ID,
 	})
 		opts.UserID = ctx.Doer.ID
 	}
 
-	teams, maxResults, err := organization.SearchTeam(opts)
+	teams, maxResults, err := organization.SearchTeam(ctx, opts)
 	if err != nil {
 		log.Error("SearchTeam failed: %v", err)
 		ctx.JSON(http.StatusInternalServerError, map[string]any{

routers/api/v1/packages/package.go

 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	err := packages_service.RemovePackageVersion(ctx.Doer, ctx.Package.Descriptor.Version)
+	err := packages_service.RemovePackageVersion(ctx, ctx.Doer, ctx.Package.Descriptor.Version)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "RemovePackageVersion", err)
 		return

routers/api/v1/repo/issue_reaction.go

 		return
 	}
 
-	reactions, _, err := issues_model.FindCommentReactions(comment.IssueID, comment.ID)
+	reactions, _, err := issues_model.FindCommentReactions(ctx, comment.IssueID, comment.ID)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "FindCommentReactions", err)
 		return
 
 	if isCreateType {
 		// PostIssueCommentReaction part
-		reaction, err := issues_model.CreateCommentReaction(ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Reaction)
+		reaction, err := issues_model.CreateCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Reaction)
 		if err != nil {
 			if issues_model.IsErrForbiddenIssueReaction(err) {
 				ctx.Error(http.StatusForbidden, err.Error(), err)
 		})
 	} else {
 		// DeleteIssueCommentReaction part
-		err = issues_model.DeleteCommentReaction(ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Reaction)
+		err = issues_model.DeleteCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Reaction)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "DeleteCommentReaction", err)
 			return
 		return
 	}
 
-	reactions, count, err := issues_model.FindIssueReactions(issue.ID, utils.GetListOptions(ctx))
+	reactions, count, err := issues_model.FindIssueReactions(ctx, issue.ID, utils.GetListOptions(ctx))
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "FindIssueReactions", err)
 		return
 
 	if isCreateType {
 		// PostIssueReaction part
-		reaction, err := issues_model.CreateIssueReaction(ctx.Doer.ID, issue.ID, form.Reaction)
+		reaction, err := issues_model.CreateIssueReaction(ctx, ctx.Doer.ID, issue.ID, form.Reaction)
 		if err != nil {
 			if issues_model.IsErrForbiddenIssueReaction(err) {
 				ctx.Error(http.StatusForbidden, err.Error(), err)
 		})
 	} else {
 		// DeleteIssueReaction part
-		err = issues_model.DeleteIssueReaction(ctx.Doer.ID, issue.ID, form.Reaction)
+		err = issues_model.DeleteIssueReaction(ctx, ctx.Doer.ID, issue.ID, form.Reaction)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "DeleteIssueReaction", err)
 			return

routers/api/v1/repo/key.go

 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	if err := asymkey_service.DeleteDeployKey(ctx.Doer, ctx.ParamsInt64(":id")); err != nil {
+	if err := asymkey_service.DeleteDeployKey(ctx, ctx.Doer, ctx.ParamsInt64(":id")); err != nil {
 		if asymkey_model.IsErrKeyAccessDenied(err) {
 			ctx.Error(http.StatusForbidden, "", "You do not have access to this key")
 		} else {

routers/api/v1/repo/pull_review.go

 		return
 	}
 
-	count, err := issues_model.CountReviews(opts)
+	count, err := issues_model.CountReviews(ctx, opts)
 	if err != nil {
 		ctx.InternalServerError(err)
 		return

routers/api/v1/repo/release.go

 	//     "$ref": "#/responses/Release"
 	//   "404":
 	//     "$ref": "#/responses/notFound"
-	release, err := repo_model.GetLatestReleaseByRepoID(ctx.Repo.Repository.ID)
+	release, err := repo_model.GetLatestReleaseByRepoID(ctx, ctx.Repo.Repository.ID)
 	if err != nil && !repo_model.IsErrReleaseNotExist(err) {
 		ctx.Error(http.StatusInternalServerError, "GetLatestRelease", err)
 		return
 		rels[i] = convert.ToAPIRelease(ctx, ctx.Repo.Repository, release)
 	}
 
-	filteredCount, err := repo_model.CountReleasesByRepoID(ctx.Repo.Repository.ID, opts)
+	filteredCount, err := repo_model.CountReleasesByRepoID(ctx, ctx.Repo.Repository.ID, opts)
 	if err != nil {
 		ctx.InternalServerError(err)
 		return
 	//   "409":
 	//     "$ref": "#/responses/error"
 	form := web.GetForm(ctx).(*api.CreateReleaseOption)
-	rel, err := repo_model.GetRelease(ctx.Repo.Repository.ID, form.TagName)
+	rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, form.TagName)
 	if err != nil {
 		if !repo_model.IsErrReleaseNotExist(err) {
 			ctx.Error(http.StatusInternalServerError, "GetRelease", err)
 		rel.Publisher = ctx.Doer
 		rel.Target = form.Target
 
-		if err = release_service.UpdateRelease(ctx.Doer, ctx.Repo.GitRepo, rel, nil, nil, nil); err != nil {
+		if err = release_service.UpdateRelease(ctx, ctx.Doer, ctx.Repo.GitRepo, rel, nil, nil, nil); err != nil {
 			ctx.Error(http.StatusInternalServerError, "UpdateRelease", err)
 			return
 		}
 	if form.IsPrerelease != nil {
 		rel.IsPrerelease = *form.IsPrerelease
 	}
-	if err := release_service.UpdateRelease(ctx.Doer, ctx.Repo.GitRepo, rel, nil, nil, nil); err != nil {
+	if err := release_service.UpdateRelease(ctx, ctx.Doer, ctx.Repo.GitRepo, rel, nil, nil, nil); err != nil {
 		ctx.Error(http.StatusInternalServerError, "UpdateRelease", err)
 		return
 	}

routers/api/v1/repo/release_tags.go

 
 	tag := ctx.Params(":tag")
 
-	release, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tag)
+	release, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tag)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound()
 
 	tag := ctx.Params(":tag")
 
-	release, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tag)
+	release, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tag)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound()

routers/api/v1/repo/repo.go

 	owner := ctx.Repo.Owner
 	repo := ctx.Repo.Repository
 
-	canDelete, err := repo_module.CanUserDelete(repo, ctx.Doer)
+	canDelete, err := repo_module.CanUserDelete(ctx, repo, ctx.Doer)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "CanUserDelete", err)
 		return

routers/api/v1/repo/tag.go

 	//     "$ref": "#/responses/conflict"
 	tagName := ctx.Params("*")
 
-	tag, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tagName)
+	tag, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tagName)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound()

routers/api/v1/user/gpg_key.go

 		apiKeys[i] = convert.ToGPGKey(keys[i])
 	}
 
-	total, err := asymkey_model.CountUserGPGKeys(uid)
+	total, err := asymkey_model.CountUserGPGKeys(ctx, uid)
 	if err != nil {
 		ctx.InternalServerError(err)
 		return
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	key, err := asymkey_model.GetGPGKeyByID(ctx.ParamsInt64(":id"))
+	key, err := asymkey_model.GetGPGKeyByID(ctx, ctx.ParamsInt64(":id"))
 	if err != nil {
 		if asymkey_model.IsErrGPGKeyNotExist(err) {
 			ctx.NotFound()
 	token := asymkey_model.VerificationToken(ctx.Doer, 1)
 	lastToken := asymkey_model.VerificationToken(ctx.Doer, 0)
 
-	keys, err := asymkey_model.AddGPGKey(uid, form.ArmoredKey, token, form.Signature)
+	keys, err := asymkey_model.AddGPGKey(ctx, uid, form.ArmoredKey, token, form.Signature)
 	if err != nil && asymkey_model.IsErrGPGInvalidTokenSignature(err) {
-		keys, err = asymkey_model.AddGPGKey(uid, form.ArmoredKey, lastToken, form.Signature)
+		keys, err = asymkey_model.AddGPGKey(ctx, uid, form.ArmoredKey, lastToken, form.Signature)
 	}
 	if err != nil {
 		HandleAddGPGKeyError(ctx, err, token)
 		ctx.Error(http.StatusInternalServerError, "VerifyUserGPGKey", err)
 	}
 
-	key, err := asymkey_model.GetGPGKeysByKeyID(form.KeyID)
+	key, err := asymkey_model.GetGPGKeysByKeyID(ctx, form.KeyID)
 	if err != nil {
 		if asymkey_model.IsErrGPGKeyNotExist(err) {
 			ctx.NotFound()
 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	if err := asymkey_model.DeleteGPGKey(ctx.Doer, ctx.ParamsInt64(":id")); err != nil {
+	if err := asymkey_model.DeleteGPGKey(ctx, ctx.Doer, ctx.ParamsInt64(":id")); err != nil {
 		if asymkey_model.IsErrGPGKeyAccessDenied(err) {
 			ctx.Error(http.StatusForbidden, "", "You do not have access to this key")
 		} else {

routers/api/v1/user/helper.go

 	user, err := user_model.GetUserByName(ctx, username)
 	if err != nil {
 		if user_model.IsErrUserNotExist(err) {
-			if redirectUserID, err2 := user_model.LookupUserRedirect(username); err2 == nil {
+			if redirectUserID, err2 := user_model.LookupUserRedirect(ctx, username); err2 == nil {
 				context.RedirectToUser(ctx.Base, username, redirectUserID)
 			} else {
 				ctx.NotFound("GetUserByName", err)

routers/api/v1/user/key.go

 		return
 	}
 
-	if err := asymkey_service.DeletePublicKey(ctx.Doer, id); err != nil {
+	if err := asymkey_service.DeletePublicKey(ctx, ctx.Doer, id); err != nil {
 		if asymkey_model.IsErrKeyAccessDenied(err) {
 			ctx.Error(http.StatusForbidden, "", "You do not have access to this key")
 		} else {

routers/api/v1/user/user.go

 	//   "404":
 	//     "$ref": "#/responses/notFound"
 
-	heatmap, err := activities_model.GetUserHeatmapDataByUser(ctx.ContextUser, ctx.Doer)
+	heatmap, err := activities_model.GetUserHeatmapDataByUser(ctx, ctx.ContextUser, ctx.Doer)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "GetUserHeatmapDataByUser", err)
 		return

routers/init.go

 		mustInitCtx(ctx, repo_service.SyncRepositoryHooks)
 
 		log.Info("re-write ssh public keys ...")
-		mustInit(asymkey_model.RewriteAllPublicKeys)
+		mustInitCtx(ctx, asymkey_model.RewriteAllPublicKeys)
 
 		return system.AppState.Set(runtimeState)
 	}

routers/web/admin/notice.go

 		page = 1
 	}
 
-	notices, err := system_model.Notices(page, setting.UI.Admin.NoticePagingNum)
+	notices, err := system_model.Notices(ctx, page, setting.UI.Admin.NoticePagingNum)
 	if err != nil {
 		ctx.ServerError("Notices", err)
 		return
 		}
 	}
 
-	if err := system_model.DeleteNoticesByIDs(ids); err != nil {
+	if err := system_model.DeleteNoticesByIDs(ctx, ids); err != nil {
 		ctx.Flash.Error("DeleteNoticesByIDs: " + err.Error())
 		ctx.Status(http.StatusInternalServerError)
 	} else {
 
 // EmptyNotices delete all the notices
 func EmptyNotices(ctx *context.Context) {
-	if err := system_model.DeleteNotices(0, 0); err != nil {
+	if err := system_model.DeleteNotices(ctx, 0, 0); err != nil {
 		ctx.ServerError("DeleteNotices", err)
 		return
 	}

routers/web/admin/packages.go

 		return
 	}
 
-	if err := packages_service.RemovePackageVersion(ctx.Doer, pv); err != nil {
+	if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
 		ctx.ServerError("RemovePackageVersion", err)
 		return
 	}

routers/web/auth/2fa.go

 		}
 
 		if ctx.Session.Get("linkAccount") != nil {
-			err = externalaccount.LinkAccountFromStore(ctx.Session, u)
+			err = externalaccount.LinkAccountFromStore(ctx, ctx.Session, u)
 			if err != nil {
 				ctx.ServerError("UserSignIn", err)
 				return

routers/web/auth/linkaccount.go

 			return
 		}
 
-		err = externalaccount.LinkAccountToUser(u, gothUser)
+		err = externalaccount.LinkAccountToUser(ctx, u, gothUser)
 		if err != nil {
 			ctx.ServerError("UserLinkAccount", err)
 			return

routers/web/auth/oauth.go

 	if u == nil {
 		if ctx.Doer != nil {
 			// attach user to already logged in user
-			err = externalaccount.LinkAccountToUser(ctx.Doer, gothUser)
+			err = externalaccount.LinkAccountToUser(ctx, ctx.Doer, gothUser)
 			if err != nil {
 				ctx.ServerError("UserLinkAccount", err)
 				return

routers/web/auth/webauthn.go

 
 	// Now handle account linking if that's requested
 	if ctx.Session.Get("linkAccount") != nil {
-		if err := externalaccount.LinkAccountFromStore(ctx.Session, user); err != nil {
+		if err := externalaccount.LinkAccountFromStore(ctx, ctx.Session, user); err != nil {
 			ctx.ServerError("LinkAccountFromStore", err)
 			return
 		}

routers/web/org/teams.go

 		ListOptions: listOptions,
 	}
 
-	teams, maxResults, err := org_model.SearchTeam(opts)
+	teams, maxResults, err := org_model.SearchTeam(ctx, opts)
 	if err != nil {
 		log.Error("SearchTeam failed: %v", err)
 		ctx.JSON(http.StatusInternalServerError, map[string]any{

routers/web/repo/issue.go

 		} else {
 			// So it did search with the keyword, and found some issues. It needs to get issueStats of these issues.
 			// Or the keyword is empty, so it doesn't need issueIDs as filter, just get issueStats with statsOpts.
-			issueStats, err = issues_model.GetIssueStats(statsOpts)
+			issueStats, err = issues_model.GetIssueStats(ctx, statsOpts)
 			if err != nil {
 				ctx.ServerError("GetIssueStats", err)
 				return
 func RetrieveRepoReviewers(ctx *context.Context, repo *repo_model.Repository, issue *issues_model.Issue, canChooseReviewer bool) {
 	ctx.Data["CanChooseReviewer"] = canChooseReviewer
 
-	originalAuthorReviews, err := issues_model.GetReviewersFromOriginalAuthorsByIssueID(issue.ID)
+	originalAuthorReviews, err := issues_model.GetReviewersFromOriginalAuthorsByIssueID(ctx, issue.ID)
 	if err != nil {
 		ctx.ServerError("GetReviewersFromOriginalAuthorsByIssueID", err)
 		return
 	}
 	ctx.Data["OriginalReviews"] = originalAuthorReviews
 
-	reviews, err := issues_model.GetReviewsByIssueID(issue.ID)
+	reviews, err := issues_model.GetReviewsByIssueID(ctx, issue.ID)
 	if err != nil {
 		ctx.ServerError("GetReviewersByIssueID", err)
 		return
 
 	switch ctx.Params(":action") {
 	case "react":
-		reaction, err := issues_model.CreateIssueReaction(ctx.Doer.ID, issue.ID, form.Content)
+		reaction, err := issues_model.CreateIssueReaction(ctx, ctx.Doer.ID, issue.ID, form.Content)
 		if err != nil {
 			if issues_model.IsErrForbiddenIssueReaction(err) {
 				ctx.ServerError("ChangeIssueReaction", err)
 
 		log.Trace("Reaction for issue created: %d/%d/%d", ctx.Repo.Repository.ID, issue.ID, reaction.ID)
 	case "unreact":
-		if err := issues_model.DeleteIssueReaction(ctx.Doer.ID, issue.ID, form.Content); err != nil {
+		if err := issues_model.DeleteIssueReaction(ctx, ctx.Doer.ID, issue.ID, form.Content); err != nil {
 			ctx.ServerError("DeleteIssueReaction", err)
 			return
 		}
 
 	switch ctx.Params(":action") {
 	case "react":
-		reaction, err := issues_model.CreateCommentReaction(ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content)
+		reaction, err := issues_model.CreateCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content)
 		if err != nil {
 			if issues_model.IsErrForbiddenIssueReaction(err) {
 				ctx.ServerError("ChangeIssueReaction", err)
 
 		log.Trace("Reaction for comment created: %d/%d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID, reaction.ID)
 	case "unreact":
-		if err := issues_model.DeleteCommentReaction(ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content); err != nil {
+		if err := issues_model.DeleteCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content); err != nil {
 			ctx.ServerError("DeleteCommentReaction", err)
 			return
 		}

routers/web/repo/release.go

 	writeAccess := ctx.Repo.CanWrite(unit.TypeReleases)
 	ctx.Data["CanCreateRelease"] = writeAccess && !ctx.Repo.Repository.IsArchived
 
-	release, err := repo_model.GetRelease(ctx.Repo.Repository.ID, ctx.Params("*"))
+	release, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, ctx.Params("*"))
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound("GetRelease", err)
 
 // LatestRelease redirects to the latest release
 func LatestRelease(ctx *context.Context) {
-	release, err := repo_model.GetLatestReleaseByRepoID(ctx.Repo.Repository.ID)
+	release, err := repo_model.GetLatestReleaseByRepoID(ctx, ctx.Repo.Repository.ID)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound("LatestRelease", err)
 	ctx.Data["PageIsReleaseList"] = true
 	ctx.Data["tag_target"] = ctx.Repo.Repository.DefaultBranch
 	if tagName := ctx.FormString("tag"); len(tagName) > 0 {
-		rel, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tagName)
+		rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tagName)
 		if err != nil && !repo_model.IsErrReleaseNotExist(err) {
 			ctx.ServerError("GetRelease", err)
 			return
 		attachmentUUIDs = form.Files
 	}
 
-	rel, err := repo_model.GetRelease(ctx.Repo.Repository.ID, form.TagName)
+	rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, form.TagName)
 	if err != nil {
 		if !repo_model.IsErrReleaseNotExist(err) {
 			ctx.ServerError("GetRelease", err)
 		rel.PublisherID = ctx.Doer.ID
 		rel.IsTag = false
 
-		if err = releaseservice.UpdateRelease(ctx.Doer, ctx.Repo.GitRepo, rel, attachmentUUIDs, nil, nil); err != nil {
+		if err = releaseservice.UpdateRelease(ctx, ctx.Doer, ctx.Repo.GitRepo, rel, attachmentUUIDs, nil, nil); err != nil {
 			ctx.Data["Err_TagName"] = true
 			ctx.ServerError("UpdateRelease", err)
 			return
 	upload.AddUploadContext(ctx, "release")
 
 	tagName := ctx.Params("*")
-	rel, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tagName)
+	rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tagName)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound("GetRelease", err)
 	ctx.Data["PageIsEditRelease"] = true
 
 	tagName := ctx.Params("*")
-	rel, err := repo_model.GetRelease(ctx.Repo.Repository.ID, tagName)
+	rel, err := repo_model.GetRelease(ctx, ctx.Repo.Repository.ID, tagName)
 	if err != nil {
 		if repo_model.IsErrReleaseNotExist(err) {
 			ctx.NotFound("GetRelease", err)
 	rel.Note = form.Content
 	rel.IsDraft = len(form.Draft) > 0
 	rel.IsPrerelease = form.Prerelease
-	if err = releaseservice.UpdateRelease(ctx.Doer, ctx.Repo.GitRepo,
+	if err = releaseservice.UpdateRelease(ctx, ctx.Doer, ctx.Repo.GitRepo,
 		rel, addAttachmentUUIDs, delAttachmentUUIDs, editAttachments); err != nil {
 		ctx.ServerError("UpdateRelease", err)
 		return

routers/web/repo/repo.go

 	} else if len(releases) == 0 && vTag == "latest" {
 		// GitHub supports the alias "latest" for the latest release
 		// We only fetch the latest release if the tag is "latest" and no release with the tag "latest" exists
-		release, err := repo_model.GetLatestReleaseByRepoID(ctx.Repo.Repository.ID)
+		release, err := repo_model.GetLatestReleaseByRepoID(ctx, ctx.Repo.Repository.ID)
 		if err != nil {
 			ctx.Error(http.StatusNotFound)
 			return

routers/web/repo/setting/deploy_key.go

 
 // DeleteDeployKey response for deleting a deploy key
 func DeleteDeployKey(ctx *context.Context) {
-	if err := asymkey_service.DeleteDeployKey(ctx.Doer, ctx.FormInt64("id")); err != nil {
+	if err := asymkey_service.DeleteDeployKey(ctx, ctx.Doer, ctx.FormInt64("id")); err != nil {
 		ctx.Flash.Error("DeleteDeployKey: " + err.Error())
 	} else {
 		ctx.Flash.Success(ctx.Tr("repo.settings.deploy_key_deletion_success"))

routers/web/user/home.go

 	}
 
 	if setting.Service.EnableUserHeatmap {
-		data, err := activities_model.GetUserHeatmapDataByUserTeam(ctxUser, ctx.Org.Team, ctx.Doer)
+		data, err := activities_model.GetUserHeatmapDataByUserTeam(ctx, ctxUser, ctx.Org.Team, ctx.Doer)
 		if err != nil {
 			ctx.ServerError("GetUserHeatmapDataByUserTeam", err)
 			return

routers/web/user/package.go

 		ctx.Redirect(ctx.Link)
 		return
 	case "delete":
-		err := packages_service.RemovePackageVersion(ctx.Doer, ctx.Package.Descriptor.Version)
+		err := packages_service.RemovePackageVersion(ctx, ctx.Doer, ctx.Package.Descriptor.Version)
 		if err != nil {
 			log.Error("Error deleting package: %v", err)
 			ctx.Flash.Error(ctx.Tr("packages.settings.delete.error"))

routers/web/user/profile.go

 
 	// prepare heatmap data
 	if setting.Service.EnableUserHeatmap {
-		data, err := activities_model.GetUserHeatmapDataByUser(ctx.ContextUser, ctx.Doer)
+		data, err := activities_model.GetUserHeatmapDataByUser(ctx, ctx.ContextUser, ctx.Doer)
 		if err != nil {
 			ctx.ServerError("GetUserHeatmapDataByUser", err)
 			return

routers/web/user/setting/keys.go

 		token := asymkey_model.VerificationToken(ctx.Doer, 1)
 		lastToken := asymkey_model.VerificationToken(ctx.Doer, 0)
 
-		keys, err := asymkey_model.AddGPGKey(ctx.Doer.ID, form.Content, token, form.Signature)
+		keys, err := asymkey_model.AddGPGKey(ctx, ctx.Doer.ID, form.Content, token, form.Signature)
 		if err != nil && asymkey_model.IsErrGPGInvalidTokenSignature(err) {
-			keys, err = asymkey_model.AddGPGKey(ctx.Doer.ID, form.Content, lastToken, form.Signature)
+			keys, err = asymkey_model.AddGPGKey(ctx, ctx.Doer.ID, form.Content, lastToken, form.Signature)
 		}
 		if err != nil {
 			ctx.Data["HasGPGError"] = true
 func DeleteKey(ctx *context.Context) {
 	switch ctx.FormString("type") {
 	case "gpg":
-		if err := asymkey_model.DeleteGPGKey(ctx.Doer, ctx.FormInt64("id")); err != nil {
+		if err := asymkey_model.DeleteGPGKey(ctx, ctx.Doer, ctx.FormInt64("id")); err != nil {
 			ctx.Flash.Error("DeleteGPGKey: " + err.Error())
 		} else {
 			ctx.Flash.Success(ctx.Tr("settings.gpg_key_deletion_success"))
 			ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 			return
 		}
-		if err := asymkey_service.DeletePublicKey(ctx.Doer, keyID); err != nil {
+		if err := asymkey_service.DeletePublicKey(ctx, ctx.Doer, keyID); err != nil {
 			ctx.Flash.Error("DeletePublicKey: " + err.Error())
 		} else {
 			ctx.Flash.Success(ctx.Tr("settings.ssh_key_deletion_success"))
 		}
 	case "principal":
-		if err := asymkey_service.DeletePublicKey(ctx.Doer, ctx.FormInt64("id")); err != nil {
+		if err := asymkey_service.DeletePublicKey(ctx, ctx.Doer, ctx.FormInt64("id")); err != nil {
 			ctx.Flash.Error("DeletePublicKey: " + err.Error())
 		} else {
 			ctx.Flash.Success(ctx.Tr("settings.ssh_principal_deletion_success"))

services/asymkey/deploy_key.go

 package asymkey
 
 import (
+	"context"
+
 	"code.gitea.io/gitea/models"
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/db"
 )
 
 // DeleteDeployKey deletes deploy key from its repository authorized_keys file if needed.
-func DeleteDeployKey(doer *user_model.User, id int64) error {
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+func DeleteDeployKey(ctx context.Context, doer *user_model.User, id int64) error {
+	dbCtx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
 	}
 	defer committer.Close()
 
-	if err := models.DeleteDeployKey(ctx, doer, id); err != nil {
+	if err := models.DeleteDeployKey(dbCtx, doer, id); err != nil {
 		return err
 	}
 	if err := committer.Commit(); err != nil {
 		return err
 	}
 
-	return asymkey_model.RewriteAllPublicKeys()
+	return asymkey_model.RewriteAllPublicKeys(ctx)
 }

services/asymkey/ssh_key.go

 package asymkey
 
 import (
+	"context"
+
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/db"
 	user_model "code.gitea.io/gitea/models/user"
 )
 
 // DeletePublicKey deletes SSH key information both in database and authorized_keys file.
-func DeletePublicKey(doer *user_model.User, id int64) (err error) {
+func DeletePublicKey(ctx context.Context, doer *user_model.User, id int64) (err error) {
 	key, err := asymkey_model.GetPublicKeyByID(id)
 	if err != nil {
 		return err
 		}
 	}
 
-	ctx, committer, err := db.TxContext(db.DefaultContext)
+	dbCtx, committer, err := db.TxContext(ctx)
 	if err != nil {
 		return err
 	}
 	defer committer.Close()
 
-	if err = asymkey_model.DeletePublicKeys(ctx, id); err != nil {
+	if err = asymkey_model.DeletePublicKeys(dbCtx, id); err != nil {
 		return err
 	}
 
 	committer.Close()
 
 	if key.Type == asymkey_model.KeyTypePrincipal {
-		return asymkey_model.RewriteAllPrincipalKeys(db.DefaultContext)
+		return asymkey_model.RewriteAllPrincipalKeys(ctx)
 	}
 
-	return asymkey_model.RewriteAllPublicKeys()
+	return asymkey_model.RewriteAllPublicKeys(ctx)
 }

services/asymkey/ssh_key_test.go

 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 
 			assert.Contains(t, kase.keyContents, key.Content)
 		}
 		for _, key := range keys {
-			DeletePublicKey(user, key.ID)
+			DeletePublicKey(db.DefaultContext, user, key.ID)
 		}
 	}
 }

services/auth/auth.go

 	"regexp"
 	"strings"
 
-	"code.gitea.io/gitea/models/db"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/auth/webauthn"
 	gitea_context "code.gitea.io/gitea/modules/context"
 	if len(user.Language) == 0 {
 		lc := middleware.Locale(resp, req)
 		user.Language = lc.Language()
-		if err := user_model.UpdateUserCols(db.DefaultContext, user, "language"); err != nil {
+		if err := user_model.UpdateUserCols(req.Context(), user, "language"); err != nil {
 			log.Error(fmt.Sprintf("Error updating user language [user: %d, locale: %s]", user.ID, user.Language))
 			return
 		}

services/auth/source/ldap/source_authenticate.go

 
 	if user != nil {
 		if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(user, source.authSource, sr.SSHPublicKey) {
-			if err := asymkey_model.RewriteAllPublicKeys(); err != nil {
+			if err := asymkey_model.RewriteAllPublicKeys(ctx); err != nil {
 				return user, err
 			}
 		}
 		}
 
 		if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(user, source.authSource, sr.SSHPublicKey) {
-			if err := asymkey_model.RewriteAllPublicKeys(); err != nil {
+			if err := asymkey_model.RewriteAllPublicKeys(ctx); err != nil {
 				return user, err
 			}
 		}

services/auth/source/ldap/source_sync.go

 			log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.authSource.Name)
 			// Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed
 			if sshKeysNeedUpdate {
-				err = asymkey_model.RewriteAllPublicKeys()
+				err = asymkey_model.RewriteAllPublicKeys(ctx)
 				if err != nil {
 					log.Error("RewriteAllPublicKeys: %v", err)
 				}
 
 	// Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed
 	if sshKeysNeedUpdate {
-		err = asymkey_model.RewriteAllPublicKeys()
+		err = asymkey_model.RewriteAllPublicKeys(ctx)
 		if err != nil {
 			log.Error("RewriteAllPublicKeys: %v", err)
 		}

services/context/user.go

 		contextUser, err = user_model.GetUserByName(ctx, username)
 		if err != nil {
 			if user_model.IsErrUserNotExist(err) {
-				if redirectUserID, err := user_model.LookupUserRedirect(username); err == nil {
+				if redirectUserID, err := user_model.LookupUserRedirect(ctx, username); err == nil {
 					context.RedirectToUser(ctx, username, redirectUserID)
 				} else if user_model.IsErrUserRedirectNotExist(err) {
 					errCb(http.StatusNotFound, "GetUserByName", err)

services/convert/convert.go

 
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
 	"code.gitea.io/gitea/models/auth"
-	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/organization"
 		if loadOrgs {
 			apiOrg, ok := cache[teams[i].OrgID]
 			if !ok {
-				org, err := organization.GetOrgByID(db.DefaultContext, teams[i].OrgID)
+				org, err := organization.GetOrgByID(ctx, teams[i].OrgID)
 				if err != nil {
 					return nil, err
 				}

services/cron/tasks_extended.go

 
 	activities_model "code.gitea.io/gitea/models/activities"
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
-	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/system"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/git"
 		Enabled:    false,
 		RunAtStart: false,
 		Schedule:   "@every 72h",
-	}, func(_ context.Context, _ *user_model.User, _ Config) error {
-		return asymkey_model.RewriteAllPublicKeys()
+	}, func(ctx context.Context, _ *user_model.User, _ Config) error {
+		return asymkey_model.RewriteAllPublicKeys(ctx)
 	})
 }
 
 		Enabled:    false,
 		RunAtStart: false,
 		Schedule:   "@every 72h",
-	}, func(_ context.Context, _ *user_model.User, _ Config) error {
-		return asymkey_model.RewriteAllPrincipalKeys(db.DefaultContext)
+	}, func(ctx context.Context, _ *user_model.User, _ Config) error {
+		return asymkey_model.RewriteAllPrincipalKeys(ctx)
 	})
 }
 
 		OlderThan: 365 * 24 * time.Hour,
 	}, func(ctx context.Context, _ *user_model.User, config Config) error {
 		olderThanConfig := config.(*OlderThanConfig)
-		return system.DeleteOldSystemNotices(olderThanConfig.OlderThan)
+		return system.DeleteOldSystemNotices(ctx, olderThanConfig.OlderThan)
 	})
 }
 

services/externalaccount/link.go

 package externalaccount
 
 import (
+	"context"
 	"fmt"
 
 	user_model "code.gitea.io/gitea/models/user"
 }
 
 // LinkAccountFromStore links the provided user with a stored external user
-func LinkAccountFromStore(store Store, user *user_model.User) error {
+func LinkAccountFromStore(ctx context.Context, store Store, user *user_model.User) error {
 	gothUser := store.Get("linkAccountGothUser")
 	if gothUser == nil {
 		return fmt.Errorf("not in LinkAccount session")
 	}
 
-	return LinkAccountToUser(user, gothUser.(goth.User))
+	return LinkAccountToUser(ctx, user, gothUser.(goth.User))
 }

services/externalaccount/user.go

 package externalaccount
 
 import (
+	"context"
 	"strings"
 
 	"code.gitea.io/gitea/models/auth"
 }
 
 // LinkAccountToUser link the gothUser to the user
-func LinkAccountToUser(user *user_model.User, gothUser goth.User) error {
+func LinkAccountToUser(ctx context.Context, user *user_model.User, gothUser goth.User) error {
 	externalLoginUser, err := toExternalLoginUser(user, gothUser)
 	if err != nil {
 		return err
 	}
 
 	if tp.Name() != "" {
-		return UpdateMigrationsByType(tp, externalID, user.ID)
+		return UpdateMigrationsByType(ctx, tp, externalID, user.ID)
 	}
 
 	return nil
 }
 
 // UpdateMigrationsByType updates all migrated repositories' posterid from gitServiceType to replace originalAuthorID to posterID
-func UpdateMigrationsByType(tp structs.GitServiceType, externalUserID string, userID int64) error {
+func UpdateMigrationsByType(ctx context.Context, tp structs.GitServiceType, externalUserID string, userID int64) error {
 	if err := issues_model.UpdateIssuesMigrationsByType(tp, externalUserID, userID); err != nil {
 		return err
 	}
 		return err
 	}
 
-	if err := repo_model.UpdateReleasesMigrationsByType(tp, externalUserID, userID); err != nil {
+	if err := repo_model.UpdateReleasesMigrationsByType(ctx, tp, externalUserID, userID); err != nil {
 		return err
 	}
 

services/migrations/gitea_uploader.go

 		rels = append(rels, &rel)
 	}
 
-	return repo_model.InsertReleases(rels...)
+	return repo_model.InsertReleases(g.ctx, rels...)
 }
 
 // SyncTags syncs releases with tags in the database
 func (g *GiteaLocalUploader) SyncTags() error {
-	return repo_module.SyncReleasesWithTags(g.repo, g.gitRepo)
+	return repo_module.SyncReleasesWithTags(g.ctx, g.repo, g.gitRepo)
 }
 
 // CreateIssues creates issues
 	}
 
 	// update issue_index
-	if err := issues_model.RecalculateIssueIndexForRepo(g.repo.ID); err != nil {
+	if err := issues_model.RecalculateIssueIndexForRepo(g.ctx, g.repo.ID); err != nil {
 		return err
 	}
 

services/migrations/update.go

 			default:
 			}
 			externalUserID := user.ExternalID
-			if err := externalaccount.UpdateMigrationsByType(tp, externalUserID, user.UserID); err != nil {
+			if err := externalaccount.UpdateMigrationsByType(ctx, tp, externalUserID, user.UserID); err != nil {
 				log.Error("UpdateMigrationsByType type %s external user id %v to local user id %v failed: %v", tp.Name(), user.ExternalID, user.UserID, err)
 			}
 		}

services/mirror/mirror_pull.go

 	}
 
 	log.Trace("SyncMirrors [repo: %-v]: syncing releases with tags...", m.Repo)
-	if err = repo_module.SyncReleasesWithTags(m.Repo, gitRepo); err != nil {
+	if err = repo_module.SyncReleasesWithTags(ctx, m.Repo, gitRepo); err != nil {
 		log.Error("SyncMirrors [repo: %-v]: failed to synchronize tags to releases: %v", m.Repo, err)
 	}
 

services/packages/alpine/repository.go

 
 // GetOrCreateRepositoryVersion gets or creates the internal repository package
 // The Alpine registry needs multiple index files which are stored in this package.
-func GetOrCreateRepositoryVersion(ownerID int64) (*packages_model.PackageVersion, error) {
-	return packages_service.GetOrCreateInternalPackageVersion(ownerID, packages_model.TypeAlpine, alpine_module.RepositoryPackage, alpine_module.RepositoryVersion)
+func GetOrCreateRepositoryVersion(ctx context.Context, ownerID int64) (*packages_model.PackageVersion, error) {
+	return packages_service.GetOrCreateInternalPackageVersion(ctx, ownerID, packages_model.TypeAlpine, alpine_module.RepositoryPackage, alpine_module.RepositoryVersion)
 }
 
 // GetOrCreateKeyPair gets or creates the RSA keys used to sign repository files
 
 // BuildAllRepositoryFiles (re)builds all repository files for every available distributions, components and architectures
 func BuildAllRepositoryFiles(ctx context.Context, ownerID int64) error {
-	pv, err := GetOrCreateRepositoryVersion(ownerID)
+	pv, err := GetOrCreateRepositoryVersion(ctx, ownerID)
 	if err != nil {
 		return err
 	}
 
 // BuildSpecificRepositoryFiles builds index files for the repository
 func BuildSpecificRepositoryFiles(ctx context.Context, ownerID int64, branch, repository, architecture string) error {
-	pv, err := GetOrCreateRepositoryVersion(ownerID)
+	pv, err := GetOrCreateRepositoryVersion(ctx, ownerID)
 	if err != nil {
 		return err
 	}
 	}
 
 	_, err = packages_service.AddFileToPackageVersionInternal(
+		ctx,
 		repoVersion,
 		&packages_service.PackageFileCreationInfo{
 			PackageFileInfo: packages_service.PackageFileInfo{

services/packages/debian/repository.go

 
 // GetOrCreateRepositoryVersion gets or creates the internal repository package
 // The Debian registry needs multiple index files which are stored in this package.
-func GetOrCreateRepositoryVersion(ownerID int64) (*packages_model.PackageVersion, error) {
-	return packages_service.GetOrCreateInternalPackageVersion(ownerID, packages_model.TypeDebian, debian_module.RepositoryPackage, debian_module.RepositoryVersion)
+func GetOrCreateRepositoryVersion(ctx context.Context, ownerID int64) (*packages_model.PackageVersion, error) {
+	return packages_service.GetOrCreateInternalPackageVersion(ctx, ownerID, packages_model.TypeDebian, debian_module.RepositoryPackage, debian_module.RepositoryVersion)
 }
 
 // GetOrCreateKeyPair gets or creates the PGP keys used to sign repository files
 
 // BuildAllRepositoryFiles (re)builds all repository files for every available distributions, components and architectures
 func BuildAllRepositoryFiles(ctx context.Context, ownerID int64) error {
-	pv, err := GetOrCreateRepositoryVersion(ownerID)
+	pv, err := GetOrCreateRepositoryVersion(ctx, ownerID)
 	if err != nil {
 		return err
 	}
 
 // BuildSpecificRepositoryFiles builds index files for the repository
 func BuildSpecificRepositoryFiles(ctx context.Context, ownerID int64, distribution, component, architecture string) error {
-	pv, err := GetOrCreateRepositoryVersion(ownerID)
+	pv, err := GetOrCreateRepositoryVersion(ctx, ownerID)
 	if err != nil {
 		return err
 	}
 		{"Packages.xz", packagesXzContent},
 	} {
 		_, err = packages_service.AddFileToPackageVersionInternal(
+			ctx,
 			repoVersion,
 			&packages_service.PackageFileCreationInfo{
 				PackageFileInfo: packages_service.PackageFileInfo{
 		{"InRelease", inReleaseContent},
 	} {
 		_, err = packages_service.AddFileToPackageVersionInternal(
+			ctx,
 			repoVersion,
 			&packages_service.PackageFileCreationInfo{
 				PackageFileInfo: packages_service.PackageFileInfo{