Update package version to 1.38.1

| datasource      | package        | from   | to     |
| --------------- | -------------- | ------ | ------ |
| github-releases | go-gitea/gitea | 1.26.0 | 1.26.1 |

.gitignore

@@ -1,2 +1,4 @@
 node_modules/
 
+test/test-results.xml
+test/screenshots/

CHANGELOG.md

@@ -1610,3 +1610,401 @@
 * Customizable "Open with" applications for repository clone (#29320)
 * Allow options to disable user deletion from the interface on app.ini (#29275)
 * Extend issue template YAML engine (#29274)
+
+[1.33.1]
+* Update Gitea to 1.22.1
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.1)
+
+[1.33.2]
+* Update Gitea to 1.22.2
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.2)
+* Replace v-html with v-text in search inputbox (#31966) (#31973)
+* Fix nuget/conan/container packages upload bugs (#31967) (#31982)
+* Refactor the usage of batch catfile (#31754) (#31889)
+* Fix overflowing content in action run log (#31842) (#31853)
+* Scroll images in project issues separately from the remaining issue (#31683) (#31823)
+* Add :focus-visible style to buttons (#31799) (#31819)
+* Fix the display of project type for deleted projects (#31732) (#31734)
+* Fix API owner ID should be zero when created repo secret (#31715) (#31811)
+* Set owner id to zero when GetRegistrationToken for repo (#31725) (#31729)
+* Fix API endpoint for registration-token (#31722) (#31728)
+* Add permission check when creating PR (#31033) (#31720)
+
+[1.33.3]
+* Update Gitea to 1.22.3
+* [Full changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.3)
+* Fix bug when a token is given public only (#32204) (#32218)
+* Increase cacheContextLifetime to reduce false reports (#32011) (#32023)
+* Don't join repository when loading action table data (#32127) (#32143)
+* Fix javascript error when an anonymous user visits migration page (#32144) (#32179)
+* Don't init signing keys if oauth2 provider is disabled (#32177)
+* Fix wrong status of Set up Job when first step is skipped (#32120) (#32125)
+* Fix bug when deleting a migrated branch (#32075) (#32123)
+* Truncate commit message during Discord webhook push events (#31970) (#32121)
+* Allow to set branch protection in an empty repository (#32095) (#32119)
+* Fix panic when cloning with wrong ssh format. (#32076) (#32118)
+[1.33.4]
+* Update gitea to 1.22.4
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.4)
+* Fix basic auth with webauthn (#32531) (#32536)
+* Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479)
+
+[1.33.5]
+* Update gitea to 1.22.5
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.5)
+* Upgrade crypto library ([#​32791](https://github.com/go-gitea/gitea/issues/32791))
+* Fix delete branch perm checking ([#​32654](https://github.com/go-gitea/gitea/issues/32654)) ([#​32707](https://github.com/go-gitea/gitea/issues/32707))
+* Add standard-compliant route to serve outdated R packages ([#​32783](https://github.com/go-gitea/gitea/issues/32783)) ([#​32789](https://github.com/go-gitea/gitea/issues/32789))
+* Fix internal server error when updating labels without write permission ([#​32776](https://github.com/go-gitea/gitea/issues/32776)) ([#​32785](https://github.com/go-gitea/gitea/issues/32785))
+* Add Swift login endpoint ([#​32693](https://github.com/go-gitea/gitea/issues/32693)) ([#​32701](https://github.com/go-gitea/gitea/issues/32701))
+* Fix fork page branch selection ([#​32711](https://github.com/go-gitea/gitea/issues/32711)) ([#​32725](https://github.com/go-gitea/gitea/issues/32725))
+* Fix word overflow in file search page ([#​32695](https://github.com/go-gitea/gitea/issues/32695)) ([#​32699](https://github.com/go-gitea/gitea/issues/32699))
+* Fix gogit `GetRefCommitID` ([#​32705](https://github.com/go-gitea/gitea/issues/32705)) ([#​32712](https://github.com/go-gitea/gitea/issues/32712))
+* Fix race condition in mermaid observer ([#​32599](https://github.com/go-gitea/gitea/issues/32599)) ([#​32673](https://github.com/go-gitea/gitea/issues/32673))
+* Fixe a keystring misuse and refactor duplicates keystrings ([#​32668](https://github.com/go-gitea/gitea/issues/32668)) ([#​32792](https://github.com/go-gitea/gitea/issues/32792))
+* Bump relative-time-element to v4.4.4 ([#​32739](https://github.com/go-gitea/gitea/issues/32739))
+* Make wiki pages visit fast ([#​32732](https://github.com/go-gitea/gitea/issues/32732)) ([#​32745](https://github.com/go-gitea/gitea/issues/32745))
+* Don't create action when syncing mirror pull refs ([#​32659](https://github.com/go-gitea/gitea/issues/32659)) ([#​32664](https://github.com/go-gitea/gitea/issues/32664))
+
+[1.33.6]
+* Update gitea to 1.22.6
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.22.6)
+* Fix misuse of PublicKeyCallback([#​32810](https://github.com/go-gitea/gitea/issues/32810))
+* Fix lfs migration ([#​32812](https://github.com/go-gitea/gitea/issues/32812)) ([#​32818](https://github.com/go-gitea/gitea/issues/32818))
+* Add missing two sync feed for refs/pull ([#​32815](https://github.com/go-gitea/gitea/issues/32815))
+* Avoid MacOS keychain dialog in integration tests ([#​32813](https://github.com/go-gitea/gitea/issues/32813)) ([#​32816](https://github.com/go-gitea/gitea/issues/32816))
+
+[1.34.0]
+* Update gitea to 1.23.0
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.0)
+* Rename config option `[camo].Allways` to `[camo].Always` ([#​32097](https://github.com/go-gitea/gitea/issues/32097))
+* Remove SHA1 for support for SSH RSA signing ([#​31857](https://github.com/go-gitea/gitea/issues/31857))
+* Use UTC as the default timezone when scheduling Actions cron tasks ([#​31742](https://github.com/go-gitea/gitea/issues/31742))
+* Delete Actions logs older than 1 year by default ([#​31735](https://github.com/go-gitea/gitea/issues/31735))
+* Make OIDC introspection authentication strictly require Client ID and secret ([#​31632](https://github.com/go-gitea/gitea/issues/31632))
+* Include file extension checks in attachment API ([#​32151](https://github.com/go-gitea/gitea/issues/32151))
+
+[1.34.1]
+* Update gitea to 1.23.1
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.1)
+* Move repo size to sidebar ([#​33155](https://github.com/go-gitea/gitea/issues/33155))
+* Fix editor markdown not incrementing in a numbered list ([#​33187](https://github.com/go-gitea/gitea/issues/33187)) [#​33193](https://github.com/go-gitea/gitea/issues/33193)
+
+[1.34.2]
+* Update gitea to 1.23.3
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.3)
+* Build Gitea with Golang v1.23.6 to fix security bugs
+* Fix a bug caused by status webhook template #33512
+
+[1.34.3]
+* Update gitea to 1.23.4
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.4)
+* Enhance routers for the Actions variable operations (#33547) (#33553)
+* Enhance routers for the Actions runner operations (#33549) (#33555)
+* Fix project issues list and counting (#33594) #33619
+* Add a transaction to pickTask (#33543) (#33563)
+* Fix mirror bug (#33597) (#33607)
+* Use default Git timeout when checking repo health (#33593) (#33598)
+* Fix PR's target branch dropdown (#33589) (#33591)
+* Fix various problems (artifact order, api empty slice, assignee check, fuzzy prompt, mirror proxy, adopt git) (#33569) (#33577)
+* Rework suggestion backend (#33538) (#33546)
+* Fix context usage (#33554) (#33557)
+
+[1.34.4]
+* Update gitea to 1.23.5
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.5)
+* Compile with Go 1.24.1
+* Bump x/oauth2 & x/crypto (#33704) (#33727)
+* Optimize user dashboard loading (#33686) (#33708)
+* Fix navbar dropdown item align (#33782)
+* Fix inconsistent closed issue list icon (#33722) (#33728)
+* Fix for Maven Package Naming Convention Handling (#33678) (#33679)
+* Improve Open-with URL encoding (#33666) (#33680)
+* Deleting repository should unlink all related packages (#33653) (#33673)
+* Fix omitempty bug (#33663) (#33670)
+* Upgrade go-crypto from 1.1.4 to 1.1.6 (#33745) (#33754)
+* Fix OCI image.version annotation for releases to use full semver (#33698) (#33701)
+* Try to fix ACME path when renew (#33668) (#33693)
+* Fix mCaptcha bug (#33659) (#33661)
+* Git graph: don't show detached commits (#33645) (#33650)
+
+[1.35.0]
+* Base image 5
+
+[1.35.1]
+* Fix hard coded mysql hostname
+
+[1.35.2]
+* Update gitea to 1.23.6
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.6)
+* Fix LFS URL (#33840) (#33843)
+* Update jwt and redis packages (#33984) (#33987)
+* Update golang crypto and net (#33989)
+* Drop timeout for requests made to the internal hook api (#33947) (#33970)
+* Fix maven panic when no package exists (#33888) (#33889)
+* Fix markdown render (#33870) (#33875)
+* Fix auto concurrency cancellation skips commit status updates (#33764) (#33849)
+* Fix oauth2 auth (#33961) (#33962)
+
+[1.35.3]
+* Update gitea to 1.23.7
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.7)
+* Compile with Go 1.23.8
+* Add a config option to block "expensive" pages for anonymous users ([#​34024](https://github.com/go-gitea/gitea/issues/34024)) ([#​34071](https://github.com/go-gitea/gitea/issues/34071))
+* Also check default ssh-cert location for host ([#​34099](https://github.com/go-gitea/gitea/issues/34099)) ([#​34100](https://github.com/go-gitea/gitea/issues/34100)) ([#​34116](https://github.com/go-gitea/gitea/issues/34116))
+* Fix discord webhook 400 status code when description limit is exceeded ([#​34084](https://github.com/go-gitea/gitea/issues/34084)) ([#​34124](https://github.com/go-gitea/gitea/issues/34124))
+* Get changed files based on merge base when checking `pull_request` actions trigger ([#​34106](https://github.com/go-gitea/gitea/issues/34106)) ([#​34120](https://github.com/go-gitea/gitea/issues/34120))
+* Fix invalid version in RPM package path ([#​34112](https://github.com/go-gitea/gitea/issues/34112)) ([#​34115](https://github.com/go-gitea/gitea/issues/34115))
+* Return default avatar url when user id is zero rather than updating database ([#​34094](https://github.com/go-gitea/gitea/issues/34094)) ([#​34095](https://github.com/go-gitea/gitea/issues/34095))
+* Add additional ReplaceAll in pathsep to cater for different pathsep ([#​34061](https://github.com/go-gitea/gitea/issues/34061)) ([#​34070](https://github.com/go-gitea/gitea/issues/34070))
+* Try to fix check-attr bug ([#​34029](https://github.com/go-gitea/gitea/issues/34029)) ([#​34033](https://github.com/go-gitea/gitea/issues/34033))
+* Git client will follow 301 but 307 ([#​34005](https://github.com/go-gitea/gitea/issues/34005)) ([#​34010](https://github.com/go-gitea/gitea/issues/34010))
+
+[1.35.4]
+* Update gitea to 1.23.8
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.8)
+* Fix a bug when uploading file via lfs ssh command ([#34408](https://github.com/go-gitea/gitea/issues/34408)) ([#34411](https://github.com/go-gitea/gitea/issues/34411))
+* Update net package ([#34228](https://github.com/go-gitea/gitea/issues/34228)) ([#34232](https://github.com/go-gitea/gitea/issues/34232))
+* Fix releases sidebar navigation link ([#34436](https://github.com/go-gitea/gitea/issues/34436)) [#34439](https://github.com/go-gitea/gitea/issues/34439)
+* Fix bug webhook milestone is not right. ([#34419](https://github.com/go-gitea/gitea/issues/34419)) [#34429](https://github.com/go-gitea/gitea/issues/34429)
+* Fix two missed null value checks on the wiki page. ([#34205](https://github.com/go-gitea/gitea/issues/34205)) ([#34215](https://github.com/go-gitea/gitea/issues/34215))
+* Swift files can be passed either as file or as form value ([#34068](https://github.com/go-gitea/gitea/issues/34068)) ([#34236](https://github.com/go-gitea/gitea/issues/34236))
+* Fix bug when API get pull changed files for deleted head repository ([#34333](https://github.com/go-gitea/gitea/issues/34333)) ([#34368](https://github.com/go-gitea/gitea/issues/34368))
+* Upgrade github v61 -> v71 to fix migrating bug ([#34389](https://github.com/go-gitea/gitea/issues/34389))
+* Fix bug when visiting comparation page ([#34334](https://github.com/go-gitea/gitea/issues/34334)) ([#34364](https://github.com/go-gitea/gitea/issues/34364))
+* Fix wrong review requests when updating the pull request ([#34286](https://github.com/go-gitea/gitea/issues/34286)) ([#34304](https://github.com/go-gitea/gitea/issues/34304))
+
+[1.35.5]
+* Update gitea to 1.23.8
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.23.8)
+* Fix a bug when uploading file via lfs ssh command ([#34408](https://github.com/go-gitea/gitea/issues/34408)) ([#34411](https://github.com/go-gitea/gitea/issues/34411))
+* Update net package ([#34228](https://github.com/go-gitea/gitea/issues/34228)) ([#34232](https://github.com/go-gitea/gitea/issues/34232))
+* Fix releases sidebar navigation link ([#34436](https://github.com/go-gitea/gitea/issues/34436)) [#34439](https://github.com/go-gitea/gitea/issues/34439)
+* Fix bug webhook milestone is not right. ([#34419](https://github.com/go-gitea/gitea/issues/34419)) [#34429](https://github.com/go-gitea/gitea/issues/34429)
+* Fix two missed null value checks on the wiki page. ([#34205](https://github.com/go-gitea/gitea/issues/34205)) ([#34215](https://github.com/go-gitea/gitea/issues/34215))
+* Swift files can be passed either as file or as form value ([#34068](https://github.com/go-gitea/gitea/issues/34068)) ([#34236](https://github.com/go-gitea/gitea/issues/34236))
+* Fix bug when API get pull changed files for deleted head repository ([#34333](https://github.com/go-gitea/gitea/issues/34333)) ([#34368](https://github.com/go-gitea/gitea/issues/34368))
+* Upgrade github v61 -> v71 to fix migrating bug ([#34389](https://github.com/go-gitea/gitea/issues/34389))
+* Fix bug when visiting comparation page ([#34334](https://github.com/go-gitea/gitea/issues/34334)) ([#34364](https://github.com/go-gitea/gitea/issues/34364))
+* Fix wrong review requests when updating the pull request ([#34286](https://github.com/go-gitea/gitea/issues/34286)) ([#34304](https://github.com/go-gitea/gitea/issues/34304))
+
+[1.36.0]
+* Update gitea to 1.24.0
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.0)
+* Make Gitea always use its internal config, ignore `/etc/gitconfig` ([#33076](https://github.com/go-gitea/gitea/issues/33076))
+* Improve log format ([#33814](https://github.com/go-gitea/gitea/issues/33814))
+* Fix markdown render behaviors ([#34122](https://github.com/go-gitea/gitea/issues/34122))
+* Add package version api endpoints ([#34173](https://github.com/go-gitea/gitea/issues/34173))
+* Enforce two-factor auth (2FA: TOTP or WebAuthn) ([#34187](https://github.com/go-gitea/gitea/issues/34187))
+* Add fullscreen mode as a more efficient operation way to view projects ([#34081](https://github.com/go-gitea/gitea/issues/34081))
+* Add anonymous access support for private/unlisted repositories ([#34051](https://github.com/go-gitea/gitea/issues/34051))
+* Support public code/issue access for private repositories ([#33127](https://github.com/go-gitea/gitea/issues/33127))
+* Add middleware for request prioritization ([#33951](https://github.com/go-gitea/gitea/issues/33951))
+* Add cli flags LDAP group configuration ([#33933](https://github.com/go-gitea/gitea/issues/33933))
+
+[1.36.1]
+* Update gitea to 1.24.1
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.1)
+* Improve alignment of commit status icon on commit page ([#​34750](https://github.com/go-gitea/gitea/issues/34750)) ([#​34757](https://github.com/go-gitea/gitea/issues/34757))
+* Support title and body query parameters for new MRs ([#​34537](https://github.com/go-gitea/gitea/issues/34537)) ([#​34752](https://github.com/go-gitea/gitea/issues/34752))
+* When using rules to delete packages, remove unclean bugs ([#​34632](https://github.com/go-gitea/gitea/issues/34632)) ([#​34761](https://github.com/go-gitea/gitea/issues/34761))
+* Fix ghost user in feeds when pushing in an actions, it should be gitea-actions ([#​34703](https://github.com/go-gitea/gitea/issues/34703)) ([#​34756](https://github.com/go-gitea/gitea/issues/34756))
+* Prevent double markdown link brackets when pasting URL ([#​34745](https://github.com/go-gitea/gitea/issues/34745)) ([#​34748](https://github.com/go-gitea/gitea/issues/34748))
+* Prevent duplicate form submissions when creating forks ([#​34714](https://github.com/go-gitea/gitea/issues/34714)) ([#​34735](https://github.com/go-gitea/gitea/issues/34735))
+* Fix markdown wrap ([#​34697](https://github.com/go-gitea/gitea/issues/34697)) ([#​34702](https://github.com/go-gitea/gitea/issues/34702))
+* Fix pull requests API convert panic when head repository is deleted. ([#​34685](https://github.com/go-gitea/gitea/issues/34685)) ([#​34687](https://github.com/go-gitea/gitea/issues/34687))
+* Fix commit message rendering and some UI problems ([#​34680](https://github.com/go-gitea/gitea/issues/34680)) ([#​34683](https://github.com/go-gitea/gitea/issues/34683))
+* Fix container range bug ([#​34725](https://github.com/go-gitea/gitea/issues/34725)) ([#​34732](https://github.com/go-gitea/gitea/issues/34732))
+
+[1.36.2]
+* Update gitea to 1.24.2
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.2)
+* Fix container range bug ([#​34795](https://github.com/go-gitea/gitea/issues/34795)) ([#​34796](https://github.com/go-gitea/gitea/issues/34796))
+* Upgrade chi to v5.2.2 ([#​34798](https://github.com/go-gitea/gitea/issues/34798)) ([#​34799](https://github.com/go-gitea/gitea/issues/34799))
+
+[1.36.3]
+* With Cloudron OIDC, disable registration by default on new installation
+* Without Cloudron OIDC, enable registration by default and add checklist item
+
+[1.36.4]
+* Update gitea to 1.24.3
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.3)
+* Fix form property assignment edge case ([#​35073](https://github.com/go-gitea/gitea/issues/35073)) ([#​35078](https://github.com/go-gitea/gitea/issues/35078))
+* Improve submodule relative path handling ([#​35056](https://github.com/go-gitea/gitea/issues/35056)) ([#​35075](https://github.com/go-gitea/gitea/issues/35075))
+* Fix incorrect comment diff hunk parsing, fix github asset ID nil panic ([#​35046](https://github.com/go-gitea/gitea/issues/35046)) ([#​35055](https://github.com/go-gitea/gitea/issues/35055))
+* Fix updating user visibility ([#​35036](https://github.com/go-gitea/gitea/issues/35036)) ([#​35044](https://github.com/go-gitea/gitea/issues/35044))
+* Support base64-encoded agit push options ([#​35037](https://github.com/go-gitea/gitea/issues/35037)) ([#​35041](https://github.com/go-gitea/gitea/issues/35041))
+* Make submodule link work with relative path ([#​35034](https://github.com/go-gitea/gitea/issues/35034)) ([#​35038](https://github.com/go-gitea/gitea/issues/35038))
+* Fix bug when displaying git user avatar in commits list ([#​35006](https://github.com/go-gitea/gitea/issues/35006))
+* Fix API response for swagger spec ([#​35029](https://github.com/go-gitea/gitea/issues/35029))
+* Start automerge check again after the conflict check and the schedule ([#​34988](https://github.com/go-gitea/gitea/issues/34988)) ([#​35002](https://github.com/go-gitea/gitea/issues/35002))
+* Fix the response format for actions/workflows ([#​35009](https://github.com/go-gitea/gitea/issues/35009)) ([#​35016](https://github.com/go-gitea/gitea/issues/35016))
+
+[1.36.5]
+* Update gitea to 1.24.4
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.4)
+* Fix various bugs (1.24) ([#​35186](https://github.com/go-gitea/gitea/issues/35186))
+* Fix migrate input box bug ([#​35166](https://github.com/go-gitea/gitea/issues/35166)) ([#​35171](https://github.com/go-gitea/gitea/issues/35171))
+* Only hide dropzone when no files have been uploaded ([#​35156](https://github.com/go-gitea/gitea/issues/35156)) ([#​35167](https://github.com/go-gitea/gitea/issues/35167))
+* Fix review comment/dimiss comment x reference can be refereced back ([#​35094](https://github.com/go-gitea/gitea/issues/35094)) ([#​35099](https://github.com/go-gitea/gitea/issues/35099))
+* Fix submodule nil check ([#​35096](https://github.com/go-gitea/gitea/issues/35096)) ([#​35098](https://github.com/go-gitea/gitea/issues/35098))
+* Don't use full-file highlight when there is a git diff textconv ([#​35114](https://github.com/go-gitea/gitea/issues/35114)) ([#​35119](https://github.com/go-gitea/gitea/issues/35119))
+* Increase gap on latest commit ([#​35104](https://github.com/go-gitea/gitea/issues/35104)) ([#​35113](https://github.com/go-gitea/gitea/issues/35113))
+
+[1.36.6]
+* Update gitea to 1.24.5
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.5)
+* Fix a bug where lfs gc never worked. (#35198) (#35255)
+* Reload issue when sending webhook to make num comments is right. (#35243) (#35248)
+* Fix bug when review pull request commits (#35192) (#35246)
+
+[1.36.7]
+* Update gitea to 1.24.6
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.6)
+* Upgrade xz to v0.5.15 ([#35385](https://github.com/go-gitea/gitea/issues/35385))
+* Fix a compare page 404 bug when the pull request disabled ([#35441](https://github.com/go-gitea/gitea/issues/35441)) ([#35453](https://github.com/go-gitea/gitea/issues/35453))
+* Fix bug when issue disabled, pull request number in the commit message cannot be redirected ([#35420](https://github.com/go-gitea/gitea/issues/35420)) ([#35442](https://github.com/go-gitea/gitea/issues/35442))
+* Add author.name field to Swift Package Registry API response ([#35410](https://github.com/go-gitea/gitea/issues/35410)) ([#35431](https://github.com/go-gitea/gitea/issues/35431))
+* Remove usernames when empty in discord webhook ([#35412](https://github.com/go-gitea/gitea/issues/35412)) ([#35417](https://github.com/go-gitea/gitea/issues/35417))
+* Allow foreachref parser to grow its buffer ([#35365](https://github.com/go-gitea/gitea/issues/35365)) ([#35376](https://github.com/go-gitea/gitea/issues/35376))
+* Allow deleting comment with content via API like web did ([#35346](https://github.com/go-gitea/gitea/issues/35346)) ([#35354](https://github.com/go-gitea/gitea/issues/35354))
+* Fix atom/rss mixed error ([#35345](https://github.com/go-gitea/gitea/issues/35345)) ([#35347](https://github.com/go-gitea/gitea/issues/35347))
+* Fix review request webhook bug ([#35339](https://github.com/go-gitea/gitea/issues/35339))
+* Remove duplicate html IDs ([#35210](https://github.com/go-gitea/gitea/issues/35210)) ([#35325](https://github.com/go-gitea/gitea/issues/35325))
+
+[1.36.8]
+* Update gitea to 1.24.7
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.24.7)
+* Refactor legacy code ([#​35708](https://github.com/go-gitea/gitea/issues/35708)) ([#​35713](https://github.com/go-gitea/gitea/issues/35713))
+* Fixing issue [#​35530](https://github.com/go-gitea/gitea/issues/35530): Password Leak in Log Messages ([#​35584](https://github.com/go-gitea/gitea/issues/35584)) ([#​35665](https://github.com/go-gitea/gitea/issues/35665))
+* Fix a bug missed return ([#​35655](https://github.com/go-gitea/gitea/issues/35655)) ([#​35671](https://github.com/go-gitea/gitea/issues/35671))
+* Fix inputing review comment will remove reviewer ([#​35591](https://github.com/go-gitea/gitea/issues/35591)) ([#​35664](https://github.com/go-gitea/gitea/issues/35664))
+* Mock external service in hcaptcha TestCaptcha ([#​35604](https://github.com/go-gitea/gitea/issues/35604)) ([#​35663](https://github.com/go-gitea/gitea/issues/35663))
+* Fix build ([#​35669](https://github.com/go-gitea/gitea/issues/35669))
+
+[1.37.0]
+* Update gitea to 1.25.0
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.0)
+* Return 201 Created for CreateVariable API responses ([#​34517](https://github.com/go-gitea/gitea/issues/34517))
+* Add label 'state' to metric 'gitea\_users' ([#​34326](https://github.com/go-gitea/gitea/issues/34326))
+* Upgrade security public key ([#​34956](https://github.com/go-gitea/gitea/issues/34956))
+* Also include all security fixes in 1.24.x after 1.25.0-rc0
+* Stream repo zip/tar.gz/bundle achives by default ([#​35487](https://github.com/go-gitea/gitea/issues/35487))
+* Fix possible panic ([#​34508](https://github.com/go-gitea/gitea/issues/34508))
+* Fix autofocus behavior ([#​34397](https://github.com/go-gitea/gitea/issues/34397))
+* Fix Actions API ([#​35204](https://github.com/go-gitea/gitea/issues/35204))
+* Fix ListWorkflowRuns OpenAPI response model. ([#​35026](https://github.com/go-gitea/gitea/issues/35026))
+* Small fix in Merge Requests page ([#​34612](https://github.com/go-gitea/gitea/issues/34612))
+* Fix http auth header parsing ([#​34936](https://github.com/go-gitea/gitea/issues/34936))
+* Fix modal + form abuse ([#​34921](https://github.com/go-gitea/gitea/issues/34921))
+* Fix MR toggle WIP ([#​34920](https://github.com/go-gitea/gitea/issues/34920))
+* Fix log fmt ([#​34810](https://github.com/go-gitea/gitea/issues/34810))
+* Replace stopwatch toggle with explicit start/stop actions ([#​34818](https://github.com/go-gitea/gitea/issues/34818))
+* Fix some package registry problems ([#​34759](https://github.com/go-gitea/gitea/issues/34759))
+* Fix RPM package download routing & missing package version count ([#​34909](https://github.com/go-gitea/gitea/issues/34909))
+* Fix repo search input height ([#​34330](https://github.com/go-gitea/gitea/issues/34330))
+* Fix "The sidebar of the repository file list does not have a fixed height [#​34298](https://github.com/go-gitea/gitea/issues/34298)" ([#​34321](https://github.com/go-gitea/gitea/issues/34321))
+* Fix minor typos in two files #HSFDPMUW ([#​34944](https://github.com/go-gitea/gitea/issues/34944))
+* Fix actions skipped commit status indicator ([#​34507](https://github.com/go-gitea/gitea/issues/34507))
+* Fix job status aggregation logic ([#​35000](https://github.com/go-gitea/gitea/issues/35000))
+* Fix broken OneDev migration caused by various REST API changes in OneDev 7.8.0 and later ([#​35216](https://github.com/go-gitea/gitea/issues/35216))
+* Fix typo in locale\_en-US.ini ([#​35196](https://github.com/go-gitea/gitea/issues/35196))
+
+[1.37.1]
+* Update gitea to 1.25.1
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.1)
+* Make ACME email optional ([#35849](https://github.com/go-gitea/gitea/issues/35849)) [#35857](https://github.com/go-gitea/gitea/issues/35857))
+* Add a doctor command to fix inconsistent run status ([#35840](https://github.com/go-gitea/gitea/issues/35840)) ([#35845](https://github.com/go-gitea/gitea/issues/35845))
+* Remove wrong code ([#35846](https://github.com/go-gitea/gitea/issues/35846))
+* Fix viewed files number is not right if not all files loaded ([#35821](https://github.com/go-gitea/gitea/issues/35821)) ([#35844](https://github.com/go-gitea/gitea/issues/35844))
+* Fix incorrect pull request counter ([#35819](https://github.com/go-gitea/gitea/issues/35819)) ([#35841](https://github.com/go-gitea/gitea/issues/35841))
+* Upgrade go mail to 0.7.2 and fix the bug ([#35833](https://github.com/go-gitea/gitea/issues/35833)) ([#35837](https://github.com/go-gitea/gitea/issues/35837))
+* Revert gomail to v0.7.0 to fix sending mail failed ([#35816](https://github.com/go-gitea/gitea/issues/35816)) ([#35824](https://github.com/go-gitea/gitea/issues/35824))
+* Fix clone mixed bug ([#35810](https://github.com/go-gitea/gitea/issues/35810)) ([#35822](https://github.com/go-gitea/gitea/issues/35822))
+* Fix cli "Before" handling ([#35797](https://github.com/go-gitea/gitea/issues/35797)) ([#35808](https://github.com/go-gitea/gitea/issues/35808))
+* Improve and fix markup code preview rendering ([#35777](https://github.com/go-gitea/gitea/issues/35777)) ([#35787](https://github.com/go-gitea/gitea/issues/35787))
+
+[1.37.2]
+* Update gitea to 1.25.2
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.2)
+* Upgrade golang.org/x/crypto to 0.45.0 ([#35985](https://github.com/go-gitea/gitea/issues/35985)) ([#35988](https://github.com/go-gitea/gitea/issues/35988))
+* Fix various permission & login related bugs ([#36002](https://github.com/go-gitea/gitea/issues/36002)) ([#36004](https://github.com/go-gitea/gitea/issues/36004))
+* Display source code downloads last for release attachments ([#35897](https://github.com/go-gitea/gitea/issues/35897)) ([#35903](https://github.com/go-gitea/gitea/issues/35903))
+* Change project default column icon to 'star' ([#35967](https://github.com/go-gitea/gitea/issues/35967)) ([#35979](https://github.com/go-gitea/gitea/issues/35979))
+* Allow empty commit when merging pull request with squash style ([#35989](https://github.com/go-gitea/gitea/issues/35989)) ([#36003](https://github.com/go-gitea/gitea/issues/36003))
+* Fix container push tag overwriting ([#35936](https://github.com/go-gitea/gitea/issues/35936)) ([#35954](https://github.com/go-gitea/gitea/issues/35954))
+* Fix corrupted external render content ([#35946](https://github.com/go-gitea/gitea/issues/35946)) and upgrade golang.org/x packages ([#35950](https://github.com/go-gitea/gitea/issues/35950))
+* Limit reading bytes instead of ReadAll ([#35928](https://github.com/go-gitea/gitea/issues/35928)) ([#35934](https://github.com/go-gitea/gitea/issues/35934))
+* Use correct form field for allowed force push users in branch protection API ([#35894](https://github.com/go-gitea/gitea/issues/35894)) ([#35908](https://github.com/go-gitea/gitea/issues/35908))
+* Fix team member access check ([#35899](https://github.com/go-gitea/gitea/issues/35899)) ([#35905](https://github.com/go-gitea/gitea/issues/35905))
+
+[1.37.3]
+* Update gitea to 1.25.3
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.3)
+* SECURITY Bump toolchain to go1.25.5, misc fixes ([#​36082](https://github.com/go-gitea/gitea/issues/36082))
+* ENHANCEMENTS Add strikethrough button to markdown editor ([#​36087](https://github.com/go-gitea/gitea/issues/36087)) ([#​36104](https://github.com/go-gitea/gitea/issues/36104))
+* ENHANCEMENTS Add "site admin" back to profile menu ([#​36010](https://github.com/go-gitea/gitea/issues/36010)) ([#​36013](https://github.com/go-gitea/gitea/issues/36013))
+* ENHANCEMENTS Improve math rendering ([#​36124](https://github.com/go-gitea/gitea/issues/36124)) ([#​36125](https://github.com/go-gitea/gitea/issues/36125))
+* BUGFIXES Check user visibility when redirecting to a renamed user ([#​36148](https://github.com/go-gitea/gitea/issues/36148)) ([#​36159](https://github.com/go-gitea/gitea/issues/36159))
+* BUGFIXES Fix various bugs ([#​36139](https://github.com/go-gitea/gitea/issues/36139)) ([#​36151](https://github.com/go-gitea/gitea/issues/36151))
+* BUGFIXES Fix bug when viewing the commit diff page with non-ANSI files ([#​36149](https://github.com/go-gitea/gitea/issues/36149)) ([#​36150](https://github.com/go-gitea/gitea/issues/36150))
+* BUGFIXES Hide RSS icon when viewing a file not under a branch ([#​36135](https://github.com/go-gitea/gitea/issues/36135)) ([#​36141](https://github.com/go-gitea/gitea/issues/36141))
+* BUGFIXES Fix SVG size calulation, only use `style` attribute ([#​36133](https://github.com/go-gitea/gitea/issues/36133)) ([#​36134](https://github.com/go-gitea/gitea/issues/36134))
+* BUGFIXES Make Golang correctly delete temp files during uploading ([#​36128](https://github.com/go-gitea/gitea/issues/36128)) ([#​36129](https://github.com/go-gitea/gitea/issues/36129))
+
+[1.37.4]
+* Update gitea to 1.25.4
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.4)
+* Release attachments must belong to the intended repo ([#36347](https://github.com/go-gitea/gitea/issues/36347)) ([#36375](https://github.com/go-gitea/gitea/issues/36375))
+* Fix permission check on org project operations ([#36318](https://github.com/go-gitea/gitea/issues/36318)) ([#36373](https://github.com/go-gitea/gitea/issues/36373))
+* Clean watches when make a repository private and check permission when send release emails ([#36319](https://github.com/go-gitea/gitea/issues/36319)) ([#36370](https://github.com/go-gitea/gitea/issues/36370))
+* Add more check for stopwatch read or list ([#36340](https://github.com/go-gitea/gitea/issues/36340)) ([#36368](https://github.com/go-gitea/gitea/issues/36368))
+* Fix openid setting check ([#36346](https://github.com/go-gitea/gitea/issues/36346)) ([#36361](https://github.com/go-gitea/gitea/issues/36361))
+* Fix cancel auto merge bug ([#36341](https://github.com/go-gitea/gitea/issues/36341)) ([#36356](https://github.com/go-gitea/gitea/issues/36356))
+* Fix delete attachment check ([#36320](https://github.com/go-gitea/gitea/issues/36320)) ([#36355](https://github.com/go-gitea/gitea/issues/36355))
+* LFS locks must belong to the intended repo ([#36344](https://github.com/go-gitea/gitea/issues/36344)) ([#36349](https://github.com/go-gitea/gitea/issues/36349))
+* Fix bug on notification read ([#36339](https://github.com/go-gitea/gitea/issues/36339)) [#36387](https://github.com/go-gitea/gitea/issues/36387)
+* Add more routes to the "expensive" list ([#36290](https://github.com/go-gitea/gitea/issues/36290))
+
+[1.37.5]
+* Update gitea to 1.25.5
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.25.5)
+* Make `security-check` informational only
+* Upgrade to github.com/cloudflare/circl 1.6.3, svgo 4.0.1, markdownlint-cli 0.48.0
+* Add some validation on values provided to USER_DISABLED_FEATURES and EXTERNAL_USER_DISABLED_FEATURES
+* Upgrade gogit to 5.16.5
+* Add wrap to runner label list
+* Add dnf5 command for Fedora in RPM package instructions
+* Allow scroll propagation outside code editor
+* Fix non-admins unable to automerge MRs from forks
+* Fix bug when pushing mirror with wiki
+* Fix artifacts v4 backend upload problems
+
+[1.38.0]
+* Update gitea to 1.26.0
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.26.0)
+* Correct swagger annotations for enums, status codes, and notification state ([#37030](https://github.com/go-gitea/gitea/issues/37030))
+* Remove GET API registration-token ([#36801](https://github.com/go-gitea/gitea/issues/36801))
+* Support Actions `concurrency` syntax ([#32751](https://github.com/go-gitea/gitea/issues/32751))
+* Make PUBLIC_URL_DETECTION default to "auto" ([#36955](https://github.com/go-gitea/gitea/issues/36955))
+* Add terraform state registry ([#36710](https://github.com/go-gitea/gitea/issues/36710))
+* Instance-wide (global) info banner and maintenance mode ([#36571](https://github.com/go-gitea/gitea/issues/36571))
+* Support rendering OpenAPI spec ([#36449](https://github.com/go-gitea/gitea/issues/36449))
+* Add keyboard shortcuts for repository file and code search ([#36416](https://github.com/go-gitea/gitea/issues/36416))
+* Automatic generation of release notes ([#35977](https://github.com/go-gitea/gitea/issues/35977))
+* Add button to re-run failed jobs in Actions ([#36924](https://github.com/go-gitea/gitea/issues/36924))
+
+[1.38.1]
+* Update gitea to 1.26.1
+* [Full Changelog](https://github.com/go-gitea/gitea/releases/tag/v1.26.1)
+* Add event.schedule context for schedule actions task ([#37320](https://github.com/go-gitea/gitea/issues/37320)) ([#37348](https://github.com/go-gitea/gitea/issues/37348))
+* Fix an issue where changing an organization's visibility caused problems when users had forked its repositories. ([#37324](https://github.com/go-gitea/gitea/issues/37324)) ([#37344](https://github.com/go-gitea/gitea/issues/37344))
+* Use modern "git update-index --cacheinfo" syntax to support more file names ([#37338](https://github.com/go-gitea/gitea/issues/37338)) ([#37343](https://github.com/go-gitea/gitea/issues/37343))
+* Fix URL related escaping for oauth2 ([#37334](https://github.com/go-gitea/gitea/issues/37334)) ([#37340](https://github.com/go-gitea/gitea/issues/37340))
+* When the requested arch rpm is missing fall back to noarch ([#37236](https://github.com/go-gitea/gitea/issues/37236)) ([#37339](https://github.com/go-gitea/gitea/issues/37339))
+* Fix actions concurrency groups cross-branch leak ([#37311](https://github.com/go-gitea/gitea/issues/37311)) ([#37331](https://github.com/go-gitea/gitea/issues/37331))
+* Fix bug when accessing user badges ([#37321](https://github.com/go-gitea/gitea/issues/37321)) ([#37329](https://github.com/go-gitea/gitea/issues/37329))
+* Fix container auth for public instance ([#37290](https://github.com/go-gitea/gitea/issues/37290)) ([#37294](https://github.com/go-gitea/gitea/issues/37294))
+* Fix Mermaid diagrams failing when node labels contain line breaks ([#37296](https://github.com/go-gitea/gitea/issues/37296)) ([#37299](https://github.com/go-gitea/gitea/issues/37299))
+* Fix: dump with default zip type produces uncompressed zip ([#37401](https://github.com/go-gitea/gitea/issues/37401)) [#37402](https://github.com/go-gitea/gitea/issues/37402)
+

CloudronManifest.json

@@ -4,22 +4,27 @@
   "author": "Gitea developers",
   "description": "file://DESCRIPTION.md",
   "tagline": "A painless self-hosted Git Service",
-  "version": "1.33.0",
-  "upstreamVersion": "1.22.0",
+  "version": "1.38.1",
+  "upstreamVersion": "1.26.1",
   "healthCheckPath": "/explore",
   "httpPort": 3000,
   "memoryLimit": 536870912,
   "addons": {
     "mysql": {},
-    "sendmail": { "supportsDisplayName": true },
+    "sendmail": {
+      "supportsDisplayName": true
+    },
     "localstorage": {},
-    "oidc": { "loginRedirectUri": "/user/oauth2/cloudron/callback" }
+    "oidc": {
+      "loginRedirectUri": "/user/oauth2/cloudron/callback"
+    }
   },
   "tcpPorts": {
     "SSH_PORT": {
       "title": "SSH Port",
       "description": "SSH Port over which repos can be pushed & pulled",
-      "defaultValue": 29418
+      "defaultValue": 29418,
+      "enabledByDefault": true
     }
   },
   "manifestVersion": 2,
@@ -34,10 +39,27 @@
     "https://screenshots.cloudron.io/io.gitea.cloudronapp/4.png",
     "https://screenshots.cloudron.io/io.gitea.cloudronapp/5.png"
   ],
-  "tags": [ "version control", "git", "code hosting", "development", "github", "bitbucket", "gitlab" ],
+  "tags": [
+    "version control",
+    "git",
+    "code hosting",
+    "development",
+    "github",
+    "bitbucket",
+    "gitlab"
+  ],
   "changelog": "file://CHANGELOG.md",
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "7.5.1",
-  "forumUrl": "https://forum.cloudron.io/category/19/gitea",
-  "documentationUrl": "https://docs.cloudron.io/apps/gitea/"
+  "checklist": {
+    "change-default-password": {
+      "message": "Change the default admin password"
+    },
+    "disable-registration": {
+      "message": "Disable registration, if required, to prevent misuse",
+      "sso": false
+    }
+  },
+  "minBoxVersion": "9.0.0",
+  "forumUrl": "https://forum.cloudron.io/category/19/gitea",
+  "documentationUrl": "https://docs.cloudron.io/packages/gitea/"
 }

Dockerfile

@@ -1,27 +1,27 @@
-FROM cloudron/base:4.2.0@sha256:46da2fffb36353ef714f97ae8e962bd2c212ca091108d768ba473078319a47f4
+FROM cloudron/base:5.0.0@sha256:04fd70dbd8ad6149c19de39e35718e024417c3e01dc9c6637eaf4a41ec4e596c
 
 RUN apt-get update && \
-    apt-get install -y openssh-server git asciidoctor pandoc && \
+    apt-get install -y openssh-server git asciidoctor pandoc pipx && \
     rm -rf /etc/ssh_host_* && \
     rm -r /var/cache/apt /var/lib/apt/lists
-RUN pip3 install jupyter
+
+# pipx --global does not work, not sure why
+RUN PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install jupyter docutils --include-deps
 
 ADD supervisor/ /etc/supervisor/conf.d/
 
-RUN adduser --disabled-login --gecos 'Gitea' git
-# by default, git account is created as inactive which prevents login via openssh
-# https://github.com/gitlabhq/gitlabhq/issues/5304
-RUN passwd -d git
-
-RUN mkdir -p /home/git/gitea
+RUN useradd --comment "Gogs" --create-home --shell /bin/bash git
+RUN passwd -d git # by default, git account is created as inactive which prevents login via openssh. this disables password for account
 WORKDIR /home/git
 
 # for autosign feature
 ENV GNUPGHOME="/app/data/gnupg"
 
-ARG VERSION=1.22.0
+# renovate: datasource=github-releases depName=go-gitea/gitea versioning=semver extractVersion=^v(?<version>.+)$
+ARG GITEA_VERSION=1.26.1
 
-RUN curl -L https://dl.gitea.io/gitea/${VERSION}/gitea-${VERSION}-linux-amd64 -o /home/git/gitea/gitea \
+RUN mkdir -p /home/git/gitea && \
+    curl -L https://github.com/go-gitea/gitea/releases/download/v${GITEA_VERSION}/gitea-${GITEA_VERSION}-linux-amd64 -o /home/git/gitea/gitea \
     && chmod +x /home/git/gitea/gitea
 
 # setup config paths
@@ -31,10 +31,10 @@ ADD app.ini.template /home/git/app.ini.template
 RUN mkdir -p /run/gitea && chown -R git:git /run/gitea
 RUN sed -e 's,^logfile=.*$,logfile=/run/gitea/supervisord.log,' -i /etc/supervisor/supervisord.conf
 
-RUN ln -s /app/data/ssh /home/git/.ssh
-RUN ln -s /app/data/gitconfig /home/git/.gitconfig
+RUN ln -s /app/data/ssh /home/git/.ssh && \
+    ln -s /app/data/gitconfig /home/git/.gitconfig
 
-ADD start.sh /home/git/start.sh
+COPY start.sh /home/git/
 
 COPY sshd_config /etc/ssh/sshd_config
 

POSTINSTALL.md

@@ -3,8 +3,7 @@ This app is pre-setup with an admin account. The initial credentials are:
 **Username**: root<br/>
 **Password**: changeme<br/>
 
-Please change the admin password immediately.
-
 <sso>
 Use the `Local` authentication source for logging in as admin.
 </sso>
+

app.ini.template

@@ -75,7 +75,7 @@ REVERSE_PROXY_LIMIT = 1
 REVERSE_PROXY_TRUSTED_PROXIES = *
 
 [service]
-DISABLE_REGISTRATION = false
+DISABLE_REGISTRATION = true
 SHOW_REGISTRATION_BUTTON = false
 ENABLE_NOTIFY_MAIL = true
 
@@ -91,8 +91,6 @@ ROOT_PATH = /run/gitea
 ; APP_DATA_PATH/avatars
 AVATAR_UPLOAD_PATH =
 GRAVATAR_SOURCE = gravatar
-DISABLE_GRAVATAR = false
-
 
 [attachment]
 ENABLE = true

renovate.json5

@@ -0,0 +1,4 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "extends": ["local>devops/renovator//default.renovate.json5"]
+}

sshd_config

@@ -1,80 +1,37 @@
-# Package generated configuration file
-# See the sshd_config(5) manpage for details
-
-# What ports, IPs and protocols we listen for
 Port 29418
-# Use these options to restrict which interfaces/protocols sshd will bind to
+
+AddressFamily any
 ListenAddress 0.0.0.0
 ListenAddress ::
-Protocol 2
-# HostKeys for protocol version 2
+
 HostKey /app/data/sshd/ssh_host_rsa_key
-HostKey /app/data/sshd/ssh_host_dsa_key
 HostKey /app/data/sshd/ssh_host_ecdsa_key
 HostKey /app/data/sshd/ssh_host_ed25519_key
 
-# Logging
-SyslogFacility AUTH
 LogLevel INFO
 
-# Authentication:
-LoginGraceTime 120
-PermitRootLogin prohibit-password
-StrictModes yes
-
-PubkeyAuthentication yes
-#AuthorizedKeysFile	%h/.ssh/authorized_keys
-
-# Don't read the user's ~/.rhosts and ~/.shosts files
-IgnoreRhosts yes
-# similar for protocol version 2
-HostbasedAuthentication no
-# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
-#IgnoreUserKnownHosts yes
-
-# To enable empty passwords, change to yes (NOT RECOMMENDED)
-PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Change to no to disable tunnelled clear text passwords
-#PasswordAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosGetAFSToken no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-X11Forwarding yes
-X11DisplayOffset 10
-PrintMotd no
-PrintLastLog yes
-TCPKeepAlive yes
-#UseLogin no
-
-#MaxStartups 10:30:60
-#Banner /etc/issue.net
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM no
+# no reverse DNS lookup
 UseDNS no
+UsePAM no
+AllowAgentForwarding no
+AllowTcpForwarding no
+PrintMotd no
+PrintLastLog no
+
+LoginGraceTime 120
+StrictModes yes
+PubkeyAuthentication yes
+PermitUserEnvironment yes
+PermitRootLogin no
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+PermitEmptyPasswords no
+HostbasedAuthentication no
+
+AllowUsers git
+
+Banner none
+Subsystem sftp /usr/lib/ssh/sftp-server
+
+AcceptEnv GIT_PROTOCOL LANG LC_*
+

start.sh

@@ -4,27 +4,17 @@ set -eu -o pipefail
 
 mkdir -p /run/gitea/tmp/uploads /run/sshd /run/gitea/sessions
 
+# CLOUDRON_OIDC_PROVIDER_NAME not supported as it will be used in rest route!
 setup_oidc_source() {
     set -eu
 
     echo "==> Setup OIDC source"
 
     now=$(date +%s)
-    mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -e \
+    mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h"${CLOUDRON_MYSQL_HOST}" -P"${CLOUDRON_MYSQL_PORT}" --database="${CLOUDRON_MYSQL_DATABASE}" -e \
         "REPLACE INTO login_source (id, type, name, is_active, cfg, created_unix, updated_unix) VALUES (1,6,'cloudron', 1,'{\"Provider\":\"openidConnect\",\"ClientID\":\"${CLOUDRON_OIDC_CLIENT_ID}\",\"ClientSecret\":\"${CLOUDRON_OIDC_CLIENT_SECRET}\",\"OpenIDConnectAutoDiscoveryURL\":\"${CLOUDRON_OIDC_ISSUER}/.well-known/openid-configuration\",\"CustomURLMapping\":null,\"IconURL\":\"\",\"Scopes\":[\"openid email profile\"],\"RequiredClaimName\":\"\",\"RequiredClaimValue\":\"\",\"GroupClaimName\":\"\",\"AdminGroup\":\"\",\"GroupTeamMap\":\"\",\"GroupTeamMapRemoval\":false,\"RestrictedGroup\":\"\"}','${now}','${now}')"
 }
 
-setup_root_user() {
-    set -eu
-
-    if sudo -H -u git /home/git/gitea/gitea admin user create --username root --password changeme --email admin@cloudron.local --admin -c /run/gitea/app.ini; then
-        echo "==> root user added"
-    else
-        echo "==> Failed to add root user"
-        exit 1
-    fi
-}
-
 setup_auth() {
     set -eu
 
@@ -40,11 +30,16 @@ setup_auth() {
         setup_oidc_source
     fi
 
-    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h mysql --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user")
+    user_count=$(mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h"${CLOUDRON_MYSQL_HOST}" -P"${CLOUDRON_MYSQL_PORT}" --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user")
     # be careful, not to create root user for existing LDAP based installs
     if [[ "${user_count}" == "0" ]]; then
         echo "==> Setting up root user for first run"
-        setup_root_user
+        if sudo -H -u git /home/git/gitea/gitea admin user create --username root --password changeme --email admin@cloudron.local --admin -c /run/gitea/app.ini; then
+            echo "==> root user added"
+        else
+            echo "==> Failed to add root user"
+            exit 1
+        fi
     fi
 }
 
@@ -77,6 +72,11 @@ if [[ ! -f /app/data/app.ini ]]; then
 
     echo "==> Generating new SECRET_KEY"
     crudini --set "/app/data/app.ini" security SECRET_KEY $(pwgen -1 -s)
+
+    if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
+        crudini --set "/app/data/app.ini" service DISABLE_REGISTRATION false
+        crudini --set "/app/data/app.ini" service SHOW_REGISTRATION_BUTTON true
+    fi
 fi
 
 # merge user config file
@@ -118,7 +118,12 @@ echo "==> Creating dirs and changing permissions"
 mkdir -p /app/data/repository /app/data/ssh /app/data/custom /app/data/gnupg
 chown -R git:git /app/data /run/gitea
 
-# this expects app.ini to be available
+# OIDC creds are read from the db at gitea startup, so if migrations have already
+# run (i.e. the user table exists), refresh the OIDC source synchronously now.
+if mysql -u"${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -h"${CLOUDRON_MYSQL_HOST}" -P"${CLOUDRON_MYSQL_PORT}" --database="${CLOUDRON_MYSQL_DATABASE}" -N -B -e "SELECT count(*) FROM user" >/dev/null 2>&1; then
+    [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]] && setup_oidc_source
+else
     ( setup_auth ) &
+fi
 
 exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Gitea

test/package.json

@@ -1,18 +0,0 @@
-{
-  "name": "test",
-  "version": "1.0.0",
-  "description": "",
-  "main": "test.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
-  "author": "",
-  "license": "ISC",
-  "dependencies": {
-    "chromedriver": "^125.0.2",
-    "expect.js": "^0.3.1",
-    "mocha": "^10.4.0",
-    "selenium-webdriver": "^4.21.0",
-    "superagent": "^9.0.2"
-  }
-}

test/test.js

@@ -1,319 +1,176 @@
 #!/usr/bin/env node
 
-/* jshint esversion: 8 */
-/* global it:false */
-/* global xit:false */
-/* global describe:false */
-/* global before:false */
-/* global after:false */
+import assert from 'node:assert/strict';
+import { execSync } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
+import {
+    app,
+    clearCache,
+    click,
+    cloudronCli,
+    goto,
+    loginOIDC,
+    sendKeys,
+    setupBrowser,
+    takeScreenshot,
+    teardownBrowser,
+    username,
+    waitFor,
+    waitForUrl,
+    press
+} from '@cloudron/charlie';
 
-'use strict';
+/* global it, describe, before, after, afterEach */
 
-require('chromedriver');
-
-const execSync = require('child_process').execSync,
-    expect = require('expect.js'),
-    fs = require('fs'),
-    path = require('path'),
-    superagent = require('superagent'),
-    { Builder, By, until } = require('selenium-webdriver'),
-    { Options } = require('selenium-webdriver/chrome');
-
-if (!process.env.USERNAME || !process.env.PASSWORD || !process.env.EMAIL) {
-    console.log('USERNAME, PASSWORD and EMAIL env vars need to be set');
-    process.exit(1);
-}
-
-describe('Application life cycle test', function () {
-    this.timeout(0);
-
-    const TIMEOUT = parseInt(process.env.TIMEOUT, 10) || 5000;
-    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
-    const LOCATION = 'test';
 const SSH_PORT = 29420;
-
-    let app, browser;
-    var athenticated_by_oidc = false;
-
+const INSTALL_TCP_FLAGS = { SSH_PORT };
 const repodir = '/tmp/testrepo';
 const reponame = 'testrepo';
 
-    const username = process.env.USERNAME;
-    const password = process.env.PASSWORD;
-    const email = process.env.EMAIL;
-
-    before(function () {
-        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
-    });
-
-    after(function () {
-        browser.quit();
+describe('Application life cycle test', function () {
+    before(setupBrowser);
+    after(async function () {
+        await teardownBrowser();
         fs.rmSync(repodir, { recursive: true, force: true });
     });
 
-    function getAppInfo() {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
-        expect(app).to.be.an('object');
-    }
+    afterEach(async function () {
+        await takeScreenshot(this.currentTest.title);
+    });
 
-    async function waitForElement(elem) {
-        await browser.wait(until.elementLocated(elem), TIMEOUT);
-        await browser.wait(until.elementIsVisible(browser.findElement(elem)), TIMEOUT);
-    }
-
-    function sleep(millis) {
-        return new Promise(resolve => setTimeout(resolve, millis));
-    }
-
-    async function setAvatar() {
-        await browser.get('https://' + app.fqdn + '/user/settings');
-
-        var button = await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]'));
-        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        await browser.findElement(By.xpath('//label[contains(text(), "Use Custom Avatar")]')).click();
-        await browser.findElement(By.xpath('//input[@type="file" and @name="avatar"]')).sendKeys(path.resolve(__dirname, '../logo.png'));
-        await browser.findElement(By.xpath('//button[contains(text(), "Update Avatar")]')).click();
-        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(),"Your avatar has been updated.")]')), TIMEOUT);
-    }
-
-    async function checkAvatar() {
-        await browser.get(`https://${app.fqdn}/${username}`);
-
-        const avatarSrc = await browser.findElement(By.xpath('//div[@id="profile-avatar"]/a/img')).getAttribute('src');
-
-        const response = await superagent.get(avatarSrc);
-        expect(response.statusCode).to.equal(200);
-    }
-
-    async function login(username, password) {
-        await browser.get('https://' + app.fqdn + '/user/login');
-
-        await browser.findElement(By.id('user_name')).sendKeys(username);
-        await browser.findElement(By.id('password')).sendKeys(password);
-        await browser.findElement(By.xpath('//form[@action="/user/login"]//button')).click();
-        await browser.wait(until.elementLocated(By.xpath('//img[contains(@class, "avatar")]')), TIMEOUT);
+    async function login(user, passwd) {
+        await goto(`https://${app.fqdn}/user/login`, 'label=Username or Email Address');
+        await sendKeys('label=Username or Email Address', user);
+        await sendKeys('label=Password', passwd);
+        await click('Sign In', { role: 'button' }); // there is a sign in link at the top
+        await waitFor('Milestones');
     }
 
     async function adminLogin() {
         await login('root', 'changeme');
     }
 
-    async function loginOIDC(username, password) {
-        browser.manage().deleteAllCookies();
-        await browser.get(`https://${app.fqdn}/user/login`);
-        await browser.sleep(2000);
-
-
-        await browser.findElement(By.xpath('//a[contains(@class, "openidConnect") and contains(., "Sign in with cloudron")]')).click();
-        await browser.sleep(2000);
-
-        if (!athenticated_by_oidc) {
-            await waitForElement(By.xpath('//input[@name="username"]'));
-            await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
-            await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
-            await browser.sleep(2000);
-            await browser.findElement(By.id('loginSubmitButton')).click();
-            await browser.sleep(2000);
-
-            athenticated_by_oidc = true;
-        }
-
-        await waitForElement(By.xpath('//img[contains(@class, "avatar")]'));
+    async function loginGiteaOIDC() {
+        await clearCache();
+        await goto(`https://${app.fqdn}/user/login`, /Sign in with/);
+        await click(/Sign in with/);
+        await loginOIDC('Milestones');
     }
 
     async function logout() {
-        await browser.get('https://' + app.fqdn);
-
-        await browser.findElement(By.xpath('//img[contains(@class, "avatar")]')).click();
-        await sleep(2000);
-        await browser.findElement(By.xpath('//a[@data-url="/user/logout"]')).click();
-        await sleep(2000);
+        await clearCache();
     }
 
     async function addPublicKey() {
-        var publicKey = fs.readFileSync(__dirname + '/id_ed25519.pub', 'utf8');
+        const keyPath = path.join(import.meta.dirname, 'id_ed25519');
+        fs.chmodSync(keyPath, 0o600);
 
-        await browser.get('https://' + app.fqdn + '/user/settings/keys');
-
-        await browser.wait(until.elementLocated(By.id('add-ssh-button')), TIMEOUT);
-        await browser.findElement(By.id('add-ssh-button')).click();
-        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
-        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
-        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
-        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        await browser.findElement(By.xpath('//form//button[contains(text(),"Add Key")]')).click();
-
-        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
-    }
-
-    async function addPublicKeyOld() {
-        var publicKey = fs.readFileSync(__dirname + '/id_ed25519.pub', 'utf8');
-
-        await browser.get('https://' + app.fqdn + '/user/settings/keys');
-
-        await browser.wait(until.elementLocated(By.id('add-ssh-button')), TIMEOUT);
-        await browser.findElement(By.id('add-ssh-button')).click();
-        await browser.findElement(By.id('ssh-key-title')).sendKeys('testkey');
-        await browser.findElement(By.id('ssh-key-content')).sendKeys(publicKey.trim()); // #3480
-        var button = browser.findElement(By.xpath('//button[contains(text(), "Add Key")]'));
-        await browser.executeScript('arguments[0].scrollIntoView(false)', button);
-        await browser.findElement(By.xpath('//button[contains(text(), "Add Key") and contains(@class, "green")]')).click();
-
-        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "has been added.")]')), TIMEOUT);
+        await goto(`https://${app.fqdn}/user/settings/keys`, 'css=#add-ssh-button');
+        await click('css=#add-ssh-button'); // there are two Add key buttons
+        await sendKeys('label=Content', fs.readFileSync(`${import.meta.dirname}/id_ed25519.pub`, 'utf8').trim()); // there are two Content labels
+        await sendKeys('label=Key Name', 'testkey');
+        await press('label=Key Name', 'Enter');
+        await waitFor(/has been added/);
     }
 
     async function createRepo() {
-        var getRepoPage = await browser.get('https://' + app.fqdn + '/repo/create');
-
-        await browser.findElement(By.id('repo_name')).sendKeys(reponame);
-        var button = browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]'));
-        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        await browser.findElement(By.id('auto-init')).click();
-        await browser.findElement(By.xpath('//button[contains(text(), "Create Repository")]')).click();
-
-        await browser.wait(function () {
-            return browser.getCurrentUrl().then(function (url) {
-                return url === 'https://' + app.fqdn + '/' + username + '/' + reponame;
-            });
-        }, TIMEOUT);
-    }
-
-    async function checkCloneUrl() {
-        await browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
-        await browser.findElement(By.id('repo-clone-ssh')).click();
-
-        var cloneUrl = await browser.findElement(By.id('repo-clone-url')).getAttribute('value');
-        expect(cloneUrl).to.be(`ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git`);
+        await goto(`https://${app.fqdn}/repo/create`, 'label=Repository Name');
+        await sendKeys('label=Repository Name', reponame);
+        await click(/Initialize Repository/);
+        await click('Create Repository');
+        await waitForUrl(`https://${app.fqdn}/${username}/${reponame}`);
     }
 
     function cloneRepo() {
         fs.rmSync(repodir, { recursive: true, force: true });
-        var env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env: env });
+        const env = Object.create(process.env);
+        env.GIT_SSH = path.join(import.meta.dirname, 'git_ssh_wrapper.sh');
+        execSync(`git clone ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame}.git ${repodir}`, { env });
     }
 
     function pushFile() {
         const env = Object.create(process.env);
-        env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
-        execSync(`touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} main`,
-                 { env: env, cwd: repodir });
+        env.GIT_SSH = path.join(import.meta.dirname, 'git_ssh_wrapper.sh');
+        execSync(
+            `touch newfile && git add newfile && git commit -a -mx && git push ssh://git@${app.fqdn}:${SSH_PORT}/${username}/${reponame} main`,
+            { env, cwd: repodir }
+        );
         fs.rmSync(repodir, { recursive: true, force: true });
     }
 
     function fileExists() {
-        expect(fs.existsSync(repodir + '/newfile')).to.be(true);
+        assert.strictEqual(fs.existsSync(`${repodir}/newfile`), true);
     }
 
-    async function sendMail() {
-        await browser.get(`https://${app.fqdn}/admin/config`);
-
-        var button = await browser.findElement(By.xpath('//button[contains(text(), "Send")]'));
-        await browser.executeScript('arguments[0].scrollIntoView(true)', button);
-        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys('test@cloudron.io');
-        await browser.findElement(By.xpath('//button[contains(text(), "Send")]')).click();
-        await browser.wait(until.elementLocated(By.xpath('//p[contains(text(), "A testing email has been sent")]')), TIMEOUT);
-    }
-
-    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
-    it('install app', function () { execSync(`cloudron install --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
-
-    it('can get app information', getAppInfo);
+    it('install app', function () {
+        cloudronCli.install({ tcpPortFlags: INSTALL_TCP_FLAGS });
+    });
 
     it('can admin login', adminLogin);
-    it('can send mail', sendMail);
     it('can logout', logout);
 
-    it('can login', loginOIDC.bind(null, username, password));
-    it('can set avatar', setAvatar);
-    it('can get avatar', checkAvatar);
+    it('can login', loginGiteaOIDC);
 
     it('can add public key', addPublicKey);
 
     it('can create repo', createRepo);
 
-    it('displays correct clone url', checkCloneUrl);
-
     it('can clone the url', cloneRepo);
 
     it('can add and push a file', pushFile);
 
-    it('can restart app', function () { execSync('cloudron restart  --app ' + app.id); });
+    it('can restart app', cloudronCli.restart);
 
-    xit('can login', loginOIDC.bind(null, username, password)); // no need to relogin since session persists
-    it('displays correct clone url', checkCloneUrl);
     it('can clone the url', cloneRepo);
     it('file exists in repo', fileExists);
 
-    it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
-    it('restore app', function () { execSync('cloudron restore --app ' + app.id, EXEC_ARGS); });
+    it('backup app', cloudronCli.createBackup);
+    it('restore app', cloudronCli.restoreFromLatestBackup);
 
-    it('can login', loginOIDC.bind(null, username, password));
-    it('can get avatar', checkAvatar);
+    it('can login', loginGiteaOIDC);
     it('can clone the url', cloneRepo);
-    it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
-
-    it('move to different location', async function () {
-        //browser.manage().deleteAllCookies(); // commented because of error "'Network.deleteCookie' wasn't found"
-        // ensure we don't hit NXDOMAIN in the mean time
-        await browser.get('about:blank');
-
-        execSync('cloudron configure --location ' + LOCATION + '2 --app ' + app.id, EXEC_ARGS);
-    });
-    it('can get app information', getAppInfo);
-
-    it('can login', loginOIDC.bind(null, username, password));
-    it('can get avatar', checkAvatar);
-    it('displays correct clone url', checkCloneUrl);
-    it('can clone the url', cloneRepo);
-    it('file exists in repo', function () { expect(fs.existsSync(repodir + '/newfile')).to.be(true); });
-
-    it('uninstall app', async function () {
-        // ensure we don't hit NXDOMAIN in the mean time
-        await browser.get('about:blank');
-        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+    it('file exists in repo', function () {
+        assert.strictEqual(fs.existsSync(`${repodir}/newfile`), true);
     });
 
-    // No SSO
-    it('install app (no sso)', function () { execSync(`cloudron install --no-sso --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
+    it('move to different location', cloudronCli.changeLocation);
+
+    it('can login', loginGiteaOIDC);
+    it('can clone the url', cloneRepo);
+    it('file exists in repo', function () {
+        assert.strictEqual(fs.existsSync(`${repodir}/newfile`), true);
+    });
+
+    it('uninstall app', cloudronCli.uninstall);
+
+    it('install app (no sso)', function () {
+        cloudronCli.install({ noSso: true, tcpPortFlags: INSTALL_TCP_FLAGS });
+    });
 
-    it('can get app information', getAppInfo);
     it('can admin login (no sso)', adminLogin);
     it('can logout', logout);
 
-    it('uninstall app (no sso)', async function () {
-        await browser.get('about:blank');
-        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+    it('uninstall app (no sso)', cloudronCli.uninstall);
+
+    it('can install app from appstore', async function () {
+        await cloudronCli.appstoreInstall({ tcpPortFlags: INSTALL_TCP_FLAGS });
     });
 
-    // test update
-    it('can install app', function () { execSync(`cloudron install --appstore-id ${app.manifest.id} --location ${LOCATION} -p SSH_PORT=${SSH_PORT}`, EXEC_ARGS); });
-
-    it('can get app information', getAppInfo);
-    it('can login', loginOIDC.bind(null, username, password));
-    it('can set avatar', setAvatar);
-    it('can get avatar', checkAvatar);
+    it('can login', loginGiteaOIDC);
     it('can add public key', addPublicKey);
     it('can create repo', createRepo);
     it('can clone the url', cloneRepo);
     it('can add and push a file', pushFile);
 
-    it('can update', function () { execSync('cloudron update --app ' + app.id, EXEC_ARGS); });
-    it('can get app information', getAppInfo);
+    it('can update', cloudronCli.update);
 
     it('can admin login', adminLogin);
-    it('can send mail', sendMail);
     it('can logout', logout);
 
-    it('can login', loginOIDC.bind(null, username, password));
-    it('can get avatar', checkAvatar);
+    it('can login', loginGiteaOIDC);
     it('can clone the url', cloneRepo);
     it('file exists in cloned repo', fileExists);
 
-    it('uninstall app', async function () {
-        // ensure we don't hit NXDOMAIN in the mean time
-        await browser.get('about:blank');
-        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
-    });
+    it('uninstall app', cloudronCli.uninstall);
 });