Version 1.23.12

luckily, sshd does not error if the interface has no IPv6 address

CHANGELOG

@@ -761,3 +761,201 @@
 * Fix milestone counters on new issue (#16183) (#16224)
 * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)
 
+[1.21.5]
+* Update Gitea to 1.14.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.5)
+* Hide mirror passwords on repo settings page (#16022) (#16355)
+* Update bluemonday to v1.0.15 (#16379) (#16380)
+* Retry rename on lock induced failures (#16435) (#16439)
+* Validate issue index before querying DB (#16406) (#16410)
+* Fix crash following ldap authentication update (#16447) (#16449)
+* Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
+
+[1.21.6]
+* Update Gitea to 1.14.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.14.6)
+* SECURITY
+  * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
+  * Switch to maintained JWT lib (#16532) (#16535)
+  * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
+
+[1.22.0]
+* Update Gitea to 1.15.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.0)
+
+[1.22.1]
+* Update Gitea to 1.15.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.1)
+
+[1.22.2]
+* Update Gitea to 1.15.2
+* Add unique constraint back into issue_index (#16938)
+* Close storage objects before cleaning (#16934) (#16942)
+
+[1.22.3]
+* Update Gitea to 1.15.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.3)
+* Add fluid to ui container class to remove margin (#16396) (#16976)
+* Add caller to cat-file batch calls (#17082) (#17089)
+* Many bug fixes
+
+[1.22.4]
+* Update Gitea to 1.15.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.4)
+* Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
+* Don't allow merged PRs to be reopened (#17192) (#17271)
+* Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
+* Fix unwanted team review request deletion (#17257) (#17264)
+* Fix broken Activities link in team dashboard (#17255) (#17258)
+* API pull's head/base have correct permission(#17214) (#17245)
+* Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
+* Upgrade xorm to v1.2.5 (#17177) (#17188)
+* Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
+* Fix bug of get context user (#17169) (#17172)
+* Nicely handle missing user in collaborations (#17049) (#17166)
+* Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
+* Fix wrong i18n keys (#17150) (#17153)
+* Fix Archive Creation: correct transaction ending (#17151)
+* Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
+* Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
+
+[1.22.5]
+* Update Gitea to 1.15.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.5)
+* Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
+* Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
+* Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
+* Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
+* Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
+* Ensure popup text is aligned left (backport for 1.15) (#17343)
+* Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
+* Disable core.protectNTFS (#17300) (#17302)
+* Use pointer for wrappedConn methods (#17295) (#17296)
+* AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
+* Handle duplicate keys on GPG key ring (#17242) (#17284)
+* Fix SVG side by side comparison link (#17375) (#17391)
+
+[1.22.6]
+* Update Gitea to 1.15.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.6)
+* Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
+* Fix CSV render error (#17406) (#17431)
+* Read expected buffer size (#17409) (#17430)
+* Ensure that restricted users can access repos for which they are members (#17460) (#17464)
+* Make commit-statuses popup show correctly (#17447) (#17466)
+
+[1.23.0]
+* Update Gitea to 1.15.7
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.7)
+* Enable rendering of jupyter notebooks, rst, asciidoc by default
+* Only allow webhook to send requests to allowed hosts (#17482) (#17510)
+* Fix login redirection links (#17451) (#17473)
+
+[1.23.1]
+* Update Gitea to 1.15.8
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.8)
+* Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
+* Fix delete u2f keys bug (#18040) (#18042)
+* Reset Session ID on login (#18018) (#18041)
+* Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
+* Stop printing 03d after escaped characters in logs (#18030) (#18034)
+
+[1.23.2]
+* Update Gitea to 1.15.9
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.9)
+* Fix wrong redirect on org labels (#18128) (#18134)
+* Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
+* Revert "Fix delete u2f keys bug (#18042)" (#18107)
+* Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
+* Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
+* Reset locale on login (#17734) (#18100)
+* Correctly handle failed migrations (#17575) (#18099)
+* Instead of using routerCtx just escape the url before routing (#18086) (#18098)
+* Quote references to the user table in consistency checks (#18072) (#18073)
+* Add NotFound handler (#18062) (#18067)
+* Ensure that git repository is closed before transfer (#18049) (#18057)
+* Use common sessioner for API and web routes (#18114)
+
+[1.23.3]
+* Update Gitea to 1.15.10
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.15.10)
+* Fix inconsistent PR comment counts (#18260) (#18261)
+* Fix release link broken (#18252) (#18253)
+* Fix update user from site administration page bug (#18250) (#18251)
+* Set HeadCommit when creating tags (#18116) (#18173)
+* Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
+* Fix purple color in suggested label colors (#18241) (#18242)
+* Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
+
+[1.23.4]
+* Update Gitea to 1.16.0
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.0)
+
+[1.23.5]
+* Update Gitea to 1.16.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.1)
+* Update JS dependencies, fix lint (#18389) (#18540)
+* Add dropdown icon to label set template dropdown (#18564) (#18571)
+* Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
+* Stop logging an error when notes are not found (#18626) (#18635)
+* Ensure that blob-excerpt links work for wiki (#18587) (#18624)
+* Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
+
+[1.23.6]
+* Update Gitea to 1.16.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.2)
+* Show fullname on issue edits and gpg/ssh signing info (#18828)
+* Immediately Hammer if second kill is sent (#18823) (#18826)
+* Allow mermaid render error to wrap (#18791)
+
+[1.23.7]
+* Update Gitea to 1.16.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.3)
+
+[1.23.8]
+* Update Gitea to 1.16.4
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.4)
+* Restrict email address validation (#17688) (#19085)
+* Fix lfs bug (#19072) (#19080)
+
+[1.23.9]
+* Update Gitea to 1.16.5
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.5)
+* Prevent redirect to Host (2) (#19175) (#19186)
+* Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
+* Clean paths when looking in Storage (#19124) (#19179)
+* Do not send notification emails to inactive users (#19131) (#19139)
+* Do not send activation email if manual confirm is set (#19119) (#19122)
+
+[1.23.10]
+* Update Gitea to 1.16.6
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.6)
+
+[1.23.11]
+* Update Gitea to 1.16.7
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.7)
+* Escape git fetch remote (#19487) (#19490)
+* On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
+* Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
+* Don't error when branch's commit doesn't exist (#19547) (#19548)
+* Support hostname:port to pass host matcher's check (#19543) (#19544)
+* Prevent dangling archiver goroutine (#19516) (#19526)
+* Fix migrate release from github (#19510) (#19523)
+* When view _Siderbar or _Footer, just display once (#19501) (#19522)
+* Fix blame page select range error and some typos (#19503)
+* Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
+* User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
+* Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
+* RepoAssignment ensure to close before overwrite (#19449) (#19460)
+* Set correct PR status on 3way on conflict checking (#19457) (#19458)
+* Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
+
+[1.23.12]
+* Update Gitea to 1.16.8
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.16.8)
+* Add doctor check/fix for bogus action rows (#19656) (#19669)
+* Make .cs highlighting legible on dark themes (#19604) (#19605)
+* Delete user related oauth stuff on user deletion too (#19677) (#19680)
+* Fix new release from tags list UI (#19670) (#19673)
+* Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
+

CloudronManifest.json

@@ -4,7 +4,8 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.21.4",
+  "version": "1.23.12",
+  "upstreamVersion": "1.16.8",
   "healthCheckPath": "/explore",
   "httpPort": 3000,
   "memoryLimit": 536870912,
@@ -36,7 +37,7 @@
   "tags": [ "version control", "git", "code hosting", "development", "github", "bitbucket", "gitlab" ],
   "changelog": "file://CHANGELOG",
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "5.3.0",
+  "minBoxVersion": "7.1.2",
   "forumUrl": "https://forum.cloudron.io/category/19/gitea",
   "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
 }

DESCRIPTION.md

@@ -1,5 +1,3 @@
-This app packages Gitea <upstream>1.14.4</upstream>
-
 Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab.
 
 ### Purpose

Dockerfile

@@ -1,9 +1,10 @@
-FROM cloudron/base:3.0.0@sha256:455c70428723e3a823198c57472785437eb6eab082e79b3ff04ea584faf46e92
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
 
 RUN apt-get update && \
-    apt-get install -y openssh-server git && \
+    apt-get install -y openssh-server git asciidoctor pandoc && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
+RUN pip3 install jupyter
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
@@ -15,7 +16,7 @@ RUN passwd -d git
 RUN mkdir -p /home/git/gitea
 WORKDIR /home/git
 
-ARG VERSION=1.14.4
+ARG VERSION=1.16.8
 
 RUN curl -L https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea

app.ini.template

@@ -103,3 +103,24 @@ COOKIE_SECURE = true
 COOKIE_NAME = cloudron_gitea
 GC_INTERVAL_TIME = 2592000
 
+[markup.asciidoc]
+ENABLED = true
+FILE_EXTENSIONS = .adoc,.asciidoc
+RENDER_COMMAND = "asciidoctor -s -a showtitle --out-file=- -"
+; Input is not a standard input but a file
+IS_INPUT_FILE = false
+
+[markup.restructuredtext]
+ENABLED = true
+FILE_EXTENSIONS = .rst
+RENDER_COMMAND = "timeout 30s pandoc +RTS -M512M -RTS -f rst"
+IS_INPUT_FILE = false
+
+[markup.jupyter]
+ENABLED = true
+FILE_EXTENSIONS = .ipynb
+RENDER_COMMAND = "jupyter nbconvert --stdin --stdout --to html --template basic"
+IS_INPUT_FILE = false
+
+[markup.sanitizer.jupyter.img]
+ALLOW_DATA_URI_IMAGES = true

sshd_config

@@ -5,6 +5,7 @@
 Port 29418
 # Use these options to restrict which interfaces/protocols sshd will bind to
 ListenAddress 0.0.0.0
+ListenAddress ::
 Protocol 2
 # HostKeys for protocol version 2
 HostKey /app/data/sshd/ssh_host_rsa_key

start.sh

@@ -7,15 +7,17 @@ mkdir -p /run/gitea/tmp/uploads /run/sshd /run/gitea/sessions
 setup_ldap_source() {
     set -eu
 
+    echo "==> Setup LDAP source"
+
     # Get the existing LDAP source status. This allows the user to disable LDAP
     # Note that this method is deprecated since this app now supports optionalSso
-    ldap_status=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "select is_actived from login_source WHERE name='cloudron';")
+    ldap_status=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "select is_active from login_source WHERE name='cloudron';")
     [[ -z "${ldap_status}" ]] && ldap_status="1"
 
     now=$(date +%s)
 
     if mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" \
-        -e "REPLACE INTO login_source (id, type, name, is_actived, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${CLOUDRON_LDAP_SERVER}\",\"Port\":${CLOUDRON_LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${CLOUDRON_LDAP_BIND_DN}\",\"BindPassword\":\"${CLOUDRON_LDAP_BIND_PASSWORD}\",\"UserBase\":\"${CLOUDRON_LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\"}','${now}','${now}');"; then
+        -e "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,2,'cloudron',${ldap_status},'{\"Name\":\"cloudron\",\"Host\":\"${CLOUDRON_LDAP_SERVER}\",\"Port\":${CLOUDRON_LDAP_PORT},\"UseSSL\":false,\"SkipVerify\":true,\"BindDN\":\"${CLOUDRON_LDAP_BIND_DN}\",\"BindPassword\":\"${CLOUDRON_LDAP_BIND_PASSWORD}\",\"UserBase\":\"${CLOUDRON_LDAP_USERS_BASE_DN}\",\"AttributeUsername\":\"username\",\"AttributeName\":\"displayname\",\"AttributeSurname\":\"\",\"AttributeMail\":\"mail\",\"Filter\":\"(\\\\u007C(mail=%[1]s)(username=%[1]s))\"}','${now}','${now}');"; then
         echo "==> LDAP Authentication was setup with activation status ${ldap_status}"
     else
         echo "==> Failed to setup LDAP authentication"
@@ -26,7 +28,7 @@ setup_ldap_source() {
 setup_root_user() {
     set -eu
 
-    if sudo -H -u git /home/git/gitea/gitea admin user create --name root --password changeme --email test@cloudron.io --admin -c /run/gitea/app.ini; then
+    if sudo -H -u git /home/git/gitea/gitea admin user create --username root --password changeme --email test@cloudron.io --admin -c /run/gitea/app.ini; then
         echo "==> root user added"
     else
         echo "==> Failed to add root user"

test/package.json

@@ -9,11 +9,11 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^91.0.1",
+    "chromedriver": "^101.0.0",
     "expect.js": "^0.3.1",
-    "mocha": "^9.0.2",
+    "mocha": "^10.0.0",
     "rimraf": "^3.0.2",
-    "selenium-webdriver": "^3.6.0",
-    "superagent": "^6.1.0"
+    "selenium-webdriver": "^4.1.2",
+    "superagent": "^7.1.3"
   }
 }

test/test.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 
-/* jslint node:true */
+/* jshint esversion: 8 */
 /* global it:false */
 /* global xit:false */
 /* global describe:false */
@@ -11,11 +11,10 @@
 
 require('chromedriver');
 
-var execSync = require('child_process').execSync,
+const execSync = require('child_process').execSync,
     expect = require('expect.js'),
     fs = require('fs'),
     path = require('path'),
-    rimraf = require('rimraf'),
     superagent = require('superagent'),
     { Builder, By, until } = require('selenium-webdriver'),
     { Options } = require('selenium-webdriver/chrome');
@@ -49,252 +48,136 @@ describe('Application life cycle test', function () {
 
     after(function () {
         browser.quit();
-        rimraf.sync(repodir);
+        fs.rmSync(repodir, { recursive: true, force: true });
     });
 
     function getAppInfo() {
         var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
         expect(app).to.be.an('object');
     }
 
-    function setAvatarOld(done) {
-        browser.get('https://' + app.fqdn + '/user/settings/avatar').then(function () {
-            return browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        }).then(function () {
-            return browser.findElement(By.xpath('//button[contains(text(), "Update Avatar Setting")]')).click();
-        }).then(function () {
-            if (app.manifest.version === '1.0.3') {
-                return browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"updated successfully")]')), TIMEOUT);
-            } else {
-                return browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar setting has been updated.")]')), TIMEOUT);
-            }
-        }).then(function () {
-            done();
-        });
+    function sleep(millis) {
+        return new Promise(resolve => setTimeout(resolve, millis));
     }
 
-    function setAvatar(done) {
-        if (app.manifest.version === '1.5.4') return setAvatarOld(done);
+    async function setAvatar() {
+        await browser.get('https://' + app.fqdn + '/user/settings');
 
-        browser.get('https://' + app.fqdn + '/user/settings').then(function () {
-            var button = browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        }).then(function () {
-            return browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
-        }).then(function () {
-            return browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        }).then(function () {
-            return browser.findElement(By.xpath('//button[contains(text(), "Update Avatar")]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+        var button = await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
+        await browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
+        await browser.findElement(By.xpath('//button[contains(text(), "Update Avatar")]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
     }
 
-    function checkAvatar(done) {
-return done();
-        superagent.get('https://' + app.fqdn + '/avatars/a3e6f3316fc1738e29d621e6a26e93d3').end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.statusCode).to.be(200);
-            done();
-        });
+    async function checkAvatar() {
+        await browser.get(`https://${app.fqdn}/${username}`);
+
+        var avatarSrc = await browser.findElement(By.xpath('//a[@id="profile-avatar"]/img')).getAttribute('src');
+
+        var avatar = await superagent.get(avatarSrc);
+        expect(avatar.statusCode).to.equal(200);
     }
 
-    function login(username, password, done) {
-        browser.get('https://' + app.fqdn + '/user/login').then(function () {
-            return browser.findElement(By.id('user_name')).sendKeys(username);
-        }).then(function () {
-            return browser.findElement(By.id('password')).sendKeys(password);
-        }).then(function () {
-            return browser.findElement(By.tagName('form')).submit();
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.linkText('Dashboard')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function login(username, password) {
+        await browser.get('https://' + app.fqdn + '/user/login');
+
+        await browser.findElement(By.id('user_name')).sendKeys(username);
+        await browser.findElement(By.id('password')).sendKeys(password);
+        await browser.findElement(By.xpath('//form[@action="/user/login"]//button')).click();
+        await browser.wait(until.elementLocated(By.xpath('//img[contains(@class, "avatar")]')), TIMEOUT);
     }
 
-    function adminLogin(done) {
-        login('root', 'changeme', done);
+    async function adminLogin() {
+        await login('root', 'changeme');
     }
 
-    function logout(done) {
-        browser.get('https://' + app.fqdn).then(function () {
-            return browser.findElement(By.xpath('//img[contains(@class, "avatar")]')).click();
-        }).then(function () {
-            browser.sleep(2000);
-        }).then(function () {
-            return browser.findElement(By.xpath('//a[@data-url="/user/logout"]')).click();
-        }).then(function () {
-            browser.sleep(2000);
-        }).then(function () {
-            done();
-        });
+    async function logout() {
+        await browser.get('https://' + app.fqdn);
+
+        await browser.findElement(By.xpath('//img[contains(@class, "avatar")]')).click();
+        await sleep(2000);
+        await browser.findElement(By.xpath('//a[@data-url="/user/logout"]')).click();
+        await sleep(2000);
     }
 
-    function addPublicKey(done) {
+    async function addPublicKey() {
         var publicKey = fs.readFileSync(__dirname + '/id_rsa.pub', 'utf8');
 
         const sshPage = 'https://' + app.fqdn + '/user/settings/keys';
 
-        browser.get(sshPage).then(function () {
-            return browser.findElement(By.xpath('//div[text()="Add Key"]')).click();
-        }).then(function () {
-            return browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
-        }).then(function () {
-            return browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
-        }).then(function () {
-            var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        }).then(function () {
-            return browser.findElement(By.xpath('//button[contains(text(), "Add Key")]')).click();
-        }).then(function () {
-            if (app.manifest.version === '1.0.3') {
-                return browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "added successfully!")]')), TIMEOUT);
-            } else {
-                return browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
-            }
-        }).then(function () {
-            done();
-        });
+        await browser.get(sshPage);
+
+        await browser.wait(until.elementLocated(By.id('add-ssh-button')), TIMEOUT);
+        await browser.findElement(By.id('add-ssh-button')).click();
+        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
+        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
+        await browser.findElement(By.xpath('//button[contains(text(), "Add Key")]')).click();
+
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
     }
 
-    function createRepo(done) {
-        var getRepoPage;
-        if (app.manifest.version === '1.0.3') {
-            getRepoPage = browser.get('https://' + app.fqdn).then(function () {
-                return browser.findElement(By.linkText('New Repository')).click();
-            }).then(function () {
-                return browser.wait(until.elementLocated(By.xpath('//*[contains(text(), "New Repository")]')), TIMEOUT);
+    async function createRepo() {
+        var getRepoPage = await browser.get('https://' + app.fqdn + '/repo/create');
+
+        await browser.findElement(By.id('repo_name')).sendKeys(reponame);
+        var button = browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.id('auto-init')).click();
+        await browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]')).click();
+
+        await browser.wait(function () {
+            return browser.getCurrentUrl().then(function (url) {
+                return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
             });
-        } else {
-            getRepoPage = browser.get('https://' + app.fqdn + '/repo/create');
-        }
-
-        getRepoPage.then(function () {
-            return browser.findElement(By.id('repo_name')).sendKeys(reponame);
-        }).then(function () {
-            var button = browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]'));
-            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        }).then(function () {
-            return browser.findElement(By.id('auto-init')).click();
-        }).then(function () {
-            return browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]')).click();
-        }).then(function () {
-            browser.wait(function () {
-                return browser.getCurrentUrl().then(function (url) {
-                    return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
-                });
-            }, TIMEOUT);
-        }).then(function () {
-            done();
-        });
+        }, TIMEOUT);
     }
 
-    function checkCloneUrl(done) {
-        browser.get('https://' + app.fqdn + '/' + username + '/' + reponame).then(function () {
-            return browser.findElement(By.id('repo-clone-ssh')).click();
-        }).then(function () {
-            return browser.findElement(By.id('repo-clone-url')).getAttribute('value');
-        }).then(function (cloneUrl) {
-            expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
-            done();
-        });
+    async function checkCloneUrl() {
+        await browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
+        await browser.findElement(By.id('repo-clone-ssh')).click();
+
+        var cloneUrl = await browser.findElement(By.id('repo-clone-url')).getAttribute('value');
+        expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
     }
 
-    function cloneRepo(done) {
-        rimraf.sync(repodir);
+    function cloneRepo() {
+        fs.rmSync(repodir, { recursive: true, force: true });
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
         execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
-        done();
     }
 
-    function pushFile(done) {
+    function pushFile() {
         var env = Object.create(process.env);
         env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
         execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} master`,
                  { env: env, cwd: repodir });
-        rimraf.sync('/tmp/testrepo');
-        done();
-    }
-
-    function addCustomFile(done) {
-        fs.writeFileSync('/tmp/customfile.txt', 'GOGS TEST', 'utf8');
-        execSync(`cloudron exec --app ${app.id} -- mkdir -p /app/data/custom/public`);
-        execSync(`cloudron push --app ${app.id} /tmp/customfile.txt /app/data/custom/public/customfile.txt`);
-        fs.unlinkSync('/tmp/customfile.txt');
-        done();
-    }
-
-    function checkCustomFile(done) {
-        superagent.get('https://' + app.fqdn + '/customfile.txt').end(function (error, result) {
-            if (error) return done(error);
-
-            expect(result.text).to.contain('GOGS TEST');
-            done();
-        });
+        fs.rmSync(repodir, { recursive: true, force: true });
     }
 
     function fileExists() {
         expect(fs.existsSync(repodir + '/newfile')).to.be(true);
     }
 
-    function sendMail(done) {
-        browser.get(`https://${app.fqdn}/admin/config`).then(function () {
-            var button = browser.findElement(By.xpath('//button[@id="test-mail-btn"]'));
-            return browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        }).then(function () {
-            return browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
-        }).then(function () {
-            return browser.findElement(By.xpath('//button[@id="test-mail-btn"]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    async function sendMail() {
+        await browser.get(`https://${app.fqdn}/admin/config`);
+
+        var button = await browser.findElement(By.xpath('//button[@id="test-mail-btn"]'));
+        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
+        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
+        await browser.findElement(By.xpath('//button[@id="test-mail-btn"]')).click();
+        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"A testing email has been sent to \'test@cloudron.io\'")]')), TIMEOUT);
     }
 
     xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
-
-    // it('can login', function (done) {
-    //     var inspect = JSON.parse(execSync('cloudron inspect'));
-
-    //     superagent.post(`https://${inspect.apiEndpoint}/api/v1/developer/login`).send({
-    //         username: username,
-    //         password: password
-    //     }).end(function (error, result) {
-    //         if (error) return done(error);
-    //         if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
-
-    //         token = result.body.accessToken;
-
-    //         superagent.get(`https://${inspect.apiEndpoint}/api/v1/profile`)
-    //             .query({ access_token: token }).end(function (error, result) {
-    //             if (error) return done(error);
-    //             if (result.statusCode !== 200) return done(new Error('Get profile failed with status ' + result.statusCode));
-
-    //             email = result.body.email;
-    //             done();
-    //         });
-    //     });
-    // });
-
     it('install app', function () { execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
-    it('can get the main page', function (done) {
-        superagent.get('https://' + app.fqdn).end(function (error, result) {
-            expect(error).to.be(null);
-            expect(result.status).to.eql(200);
-
-            done();
-        });
-    });
 
     it('can admin login', adminLogin);
     it('can send mail', sendMail);
@@ -314,9 +197,6 @@ return done();
 
     it('can add and push a file', pushFile);
 
-    it('can add custom file', addCustomFile);
-    it('can check custom file', checkCustomFile);
-
     it('can restart app', function () { execSync('cloudron restart  --app ' + app.id); });
 
     xit('can login', login.bind(null, username, password)); // no need to relogin since session persists
@@ -332,18 +212,14 @@ return done();
     it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('move to different location', function (done) {
+    it('move to different location', async function () {
         //browser.manage().deleteAllCookies(); // commented because of error "'Network.deleteCookie' wasn't found"
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron configure --location ' + LOCATION + '2 --app ' + app.id, EXEC_ARGS);
-            var inspect = JSON.parse(execSync('cloudron inspect'));
-            app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-            expect(app).to.be.an('object');
+        await browser.get('about:blank');
 
-            done();
-        });
+        execSync('cloudron configure --location ' + LOCATION + '2 --app ' + app.id, EXEC_ARGS);
     });
+    it('can get app information', getAppInfo);
 
     it('can login', login.bind(null, username, password));
     it('can get avatar', checkAvatar);
@@ -351,57 +227,26 @@ return done();
     it('can clone the url', cloneRepo);
     it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
 
-    it('uninstall app', function (done) {
+    it('uninstall app', async function () {
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
-            done();
-        });
-    });
-
-    // check if the _first_ login via email succeeds
-    it('can login via email', function (done) {
-        execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS);
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        expect(app).to.be.an('object');
-
-        login(email, password, function (error) {
-            if (error) return done(error);
-
-            // ensure we don't hit NXDOMAIN in the mean time
-            browser.get('about:blank').then(function () {
-                execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
-                done();
-            });
-        });
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 
     // No SSO
-    it('install app (no sso)', function () {
-        execSync(`cloudron install --no-sso --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS);
-    });
-
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
+    it('install app (no sso)', function () { execSync(`cloudron install --no-sso --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
+    it('can get app information', getAppInfo);
     it('can admin login (no sso)', adminLogin);
     it('can logout', logout);
 
-    it('uninstall app (no sso)', function () {
+    it('uninstall app (no sso)', async function () {
+        await browser.get('about:blank');
         execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 
     // test update
-    it('can install app', function () {
-        execSync(`cloudron install --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS);
-    });
+    it('can install app', function () { execSync(`cloudron install --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
     it('can login', login.bind(null, username, password));
@@ -412,9 +257,7 @@ return done();
     it('can clone the url', cloneRepo);
     it('can add and push a file', pushFile);
 
-    it('can update', function () {
-        execSync('cloudron update --app ' + app.id, EXEC_ARGS);
-    });
+    it('can update', function () { execSync('cloudron update --app ' + app.id, EXEC_ARGS); });
 
     xit('can admin login', adminLogin);
     xit('can send mail', sendMail);
@@ -425,11 +268,9 @@ return done();
     it('can clone the url', cloneRepo);
     it('file exists in cloned repo', fileExists);
 
-    it('uninstall app', function (done) {
+    it('uninstall app', async function () {
         // ensure we don't hit NXDOMAIN in the mean time
-        browser.get('about:blank').then(function () {
-            execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
-            done();
-        });
+        await browser.get('about:blank');
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
     });
 });