Merge branch 'forgejo' into forgejo-federated-star

2024-11-22 09:54:24 +01:00 · 2024-05-16 18:28:43 +02:00 · 2024-05-16 18:28:43 +02:00 · 86db5f612c
parent 307b27bbaa 45a41811de
commit 86db5f612c
35 changed files with 450 additions and 352 deletions
--- a/2
+++ b/2
@ -32,7 +32,7 @@ GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.6.0 # renovate: datasource=go
 GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.58.1 # renovate: datasource=go
 GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11 # renovate: datasource=go
 MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.5.1 # renovate: datasource=go
-SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.30.6-0.20240201115257-bcc7c78b7786 # renovate: datasource=go
+SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0 # renovate: datasource=go
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
 GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0 # renovate: datasource=go
 GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1 # renovate: datasource=go
--- a/cmd/hook.go
+++ b/cmd/hook.go
@ -316,12 +316,12 @@ func runHookUpdate(c *cli.Context) error {
 		return nil
 	}

-	// Deletion of the ref means that the new commit ID is only composed of '0'.
-	if strings.ContainsFunc(newCommitID, func(e rune) bool { return e != '0' }) {
-		return nil
+	// Empty new commit ID means deletion.
+	if git.IsEmptyCommitID(newCommitID, nil) {
+		return fail(ctx, fmt.Sprintf("The deletion of %s is skipped as it's an internal reference.", refFullName), "")
 	}

-	return fail(ctx, fmt.Sprintf("The deletion of %s is skipped as it's an internal reference.", refFullName), "")
+	return nil
 }

 func runHookPostReceive(c *cli.Context) error {
@ -405,8 +405,7 @@ Forgejo or set your environment appropriately.`, "")
 		newCommitIDs[count] = string(fields[1])
 		refFullNames[count] = git.RefName(fields[2])

-		commitID, _ := git.NewIDFromString(newCommitIDs[count])
-		if refFullNames[count] == git.BranchPrefix+"master" && !commitID.IsZero() && count == total {
+		if refFullNames[count] == git.BranchPrefix+"master" && !git.IsEmptyCommitID(newCommitIDs[count], nil) && count == total {
 			masterPushed = true
 		}
 		count++
@ -697,8 +696,7 @@ Forgejo or set your environment appropriately.`, "")
 		if err != nil {
 			return err
 		}
-		commitID, _ := git.NewIDFromString(rs.OldOID)
-		if !commitID.IsZero() {
+		if !git.IsEmptyCommitID(rs.OldOID, nil) {
 			err = writeDataPktLine(ctx, os.Stdout, []byte("option old-oid "+rs.OldOID))
 			if err != nil {
 				return err
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@ -332,7 +332,7 @@ func (repo *Repository) HTMLURL() string {
 // CommitLink make link to by commit full ID
 // note: won't check whether it's an right id
 func (repo *Repository) CommitLink(commitID string) (result string) {
-	if git.IsEmptyCommitID(commitID) {
+	if git.IsEmptyCommitID(commitID, nil) {
 		result = ""
 	} else {
 		result = repo.Link() + "/commit/" + url.PathEscape(commitID)
--- a/modules/git/object_format.go
+++ b/modules/git/object_format.go
@ -122,6 +122,7 @@ func (h Sha256ObjectFormatImpl) ComputeHash(t ObjectType, content []byte) Object
 var (
 	Sha1ObjectFormat   ObjectFormat = Sha1ObjectFormatImpl{}
 	Sha256ObjectFormat ObjectFormat = Sha256ObjectFormatImpl{}
+	// any addition must be reflected in IsEmptyCommitID
 )

 var SupportedObjectFormats = []ObjectFormat{
--- a/modules/git/object_id.go
+++ b/modules/git/object_id.go
@ -79,17 +79,25 @@ func NewIDFromString(hexHash string) (ObjectID, error) {
 	return theObjectFormat.MustID(b), nil
 }

-func IsEmptyCommitID(commitID string) bool {
+// IsEmptyCommitID checks if an hexadecimal string represents an empty commit according to git (only '0').
+// If objectFormat is not nil, the length will be checked as well (otherwise the lenght must match the sha1 or sha256 length).
+func IsEmptyCommitID(commitID string, objectFormat ObjectFormat) bool {
 	if commitID == "" {
 		return true
 	}
-
-	id, err := NewIDFromString(commitID)
-	if err != nil {
+	if objectFormat == nil {
+		if Sha1ObjectFormat.FullLength() != len(commitID) && Sha256ObjectFormat.FullLength() != len(commitID) {
 			return false
 		}
-
-	return id.IsZero()
+	} else if objectFormat.FullLength() != len(commitID) {
+		return false
+	}
+	for _, c := range commitID {
+		if c != '0' {
+			return false
+		}
+	}
+	return true
 }

 // ComputeBlobHash compute the hash for a given blob content
--- a/modules/git/object_id_test.go
+++ b/modules/git/object_id_test.go
@ -23,3 +23,27 @@ func TestIsValidSHAPattern(t *testing.T) {
 	assert.Equal(t, "d5c6407415d85df49592672aa421aed39b9db5e3", ComputeBlobHash(Sha1ObjectFormat, []byte("same length blob")).String())
 	assert.Equal(t, "df0b5174ed06ae65aea40d43316bcbc21d82c9e3158ce2661df2ad28d7931dd6", ComputeBlobHash(Sha256ObjectFormat, []byte("some random blob")).String())
 }
+
+func TestIsEmptyCommitID(t *testing.T) {
+	assert.True(t, IsEmptyCommitID("", nil))
+	assert.True(t, IsEmptyCommitID("", Sha1ObjectFormat))
+	assert.True(t, IsEmptyCommitID("", Sha256ObjectFormat))
+
+	assert.False(t, IsEmptyCommitID("79ee38a6416c1ede423ec7ee0a8639ceea4aad20", Sha1ObjectFormat))
+	assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000", nil))
+	assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000", Sha1ObjectFormat))
+	assert.False(t, IsEmptyCommitID("0000000000000000000000000000000000000000", Sha256ObjectFormat))
+
+	assert.False(t, IsEmptyCommitID("00000000000000000000000000000000000000000", nil))
+
+	assert.False(t, IsEmptyCommitID("0f0b5174ed06ae65aea40d43316bcbc21d82c9e3158ce2661df2ad28d7931dd6", nil))
+	assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", nil))
+	assert.False(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", Sha1ObjectFormat))
+	assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", Sha256ObjectFormat))
+
+	assert.False(t, IsEmptyCommitID("1", nil))
+	assert.False(t, IsEmptyCommitID("0", nil))
+
+	assert.False(t, IsEmptyCommitID("010", nil))
+	assert.False(t, IsEmptyCommitID("0 0", nil))
+}
--- a/modules/repository/push.go
+++ b/modules/repository/push.go
@ -21,14 +21,12 @@ type PushUpdateOptions struct {

 // IsNewRef return true if it's a first-time push to a branch, tag or etc.
 func (opts *PushUpdateOptions) IsNewRef() bool {
-	commitID, err := git.NewIDFromString(opts.OldCommitID)
-	return err == nil && commitID.IsZero()
+	return git.IsEmptyCommitID(opts.OldCommitID, nil)
 }

 // IsDelRef return true if it's a deletion to a branch or tag
 func (opts *PushUpdateOptions) IsDelRef() bool {
-	commitID, err := git.NewIDFromString(opts.NewCommitID)
-	return err == nil && commitID.IsZero()
+	return git.IsEmptyCommitID(opts.NewCommitID, nil)
 }

 // IsUpdateRef return true if it's an update operation
--- a/package-lock.json
+++ b/package-lock.json
@ -33,7 +33,7 @@
        "jquery": "3.7.1",
        "katex": "0.16.10",
        "license-checker-webpack-plugin": "0.2.1",
-        "mermaid": "10.9.0",
+        "mermaid": "10.9.1",
        "mini-css-extract-plugin": "2.9.0",
        "minimatch": "9.0.4",
        "monaco-editor": "0.47.0",
@ -8412,9 +8412,9 @@
      }
    },
    "node_modules/mermaid": {
-      "version": "10.9.0",
-      "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.0.tgz",
-      "integrity": "sha512-swZju0hFox/B/qoLKK0rOxxgh8Cf7rJSfAUc1u8fezVihYMvrJAS45GzAxTVf4Q+xn9uMgitBcmWk7nWGXOs/g==",
+      "version": "10.9.1",
+      "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.1.tgz",
+      "integrity": "sha512-Mx45Obds5W1UkW1nv/7dHRsbfMM1aOKA2+Pxs/IGHNonygDHwmng8xTHyS9z4KWVi0rbko8gjiBmuwwXQ7tiNA==",
      "dependencies": {
        "@braintree/sanitize-url": "^6.0.1",
        "@types/d3-scale": "^4.0.3",
--- a/package.json
+++ b/package.json
@ -32,7 +32,7 @@
    "jquery": "3.7.1",
    "katex": "0.16.10",
    "license-checker-webpack-plugin": "0.2.1",
-    "mermaid": "10.9.0",
+    "mermaid": "10.9.1",
    "mini-css-extract-plugin": "2.9.0",
    "minimatch": "9.0.4",
    "monaco-editor": "0.47.0",
--- a/release-notes/8.0.0/fix/3776.md
+++ b/release-notes/8.0.0/fix/3776.md
@ -0,0 +1 @@
+- backticks in [mermaid](https://mermaid.js.org/) block diagram labels [are not sanitized properly](https://github.com/mermaid-js/mermaid/commit/c7fe9a646574597adefe3e6fb2b3707112a151aa)
--- a/routers/private/hook_post_receive.go
+++ b/routers/private/hook_post_receive.go
@ -239,7 +239,7 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
 		}

 		// If we've pushed a branch (and not deleted it)
-		if !git.IsEmptyCommitID(newCommitID) && refFullName.IsBranch() {
+		if !git.IsEmptyCommitID(newCommitID, nil) && refFullName.IsBranch() {
 			// First ensure we have the repository loaded, we're allowed pulls requests and we can get the base repo
 			if repo == nil {
 				repo = loadRepository(ctx, ownerName, repoName)
--- a/services/actions/notifier.go
+++ b/services/actions/notifier.go
@ -515,8 +515,7 @@ func (*actionsNotifier) MergePullRequest(ctx context.Context, doer *user_model.U
 }

 func (n *actionsNotifier) PushCommits(ctx context.Context, pusher *user_model.User, repo *repo_model.Repository, opts *repository.PushUpdateOptions, commits *repository.PushCommits) {
-	commitID, _ := git.NewIDFromString(opts.NewCommitID)
-	if commitID.IsZero() {
+	if git.IsEmptyCommitID(opts.NewCommitID, nil) {
 		log.Trace("new commitID is empty")
 		return
 	}
--- a/templates/install.tmpl
+++ b/templates/install.tmpl
@ -174,7 +174,7 @@
 						<div class="inline field {{if .Err_SMTPFrom}}error{{end}}">
 							<label for="smtp_from">{{ctx.Locale.Tr "install.smtp_from"}}</label>
 							<input id="smtp_from" name="smtp_from" value="{{.smtp_from}}">
-							<span class="help">{{ctx.Locale.Tr "install.smtp_from_helper"}}</span>
+							<span class="help">{{ctx.Locale.TrString "install.smtp_from_helper"}}{{/* it contains lt/gt chars*/}}</span>
 						</div>
 						<div class="inline field {{if .Err_SMTPUser}}error{{end}}">
 							<label for="smtp_user">{{ctx.Locale.Tr "install.mailer_user"}}</label>
@ -320,6 +320,8 @@
 						</div>
 					</details>

+					<div class="divider"></div>
+
 					{{if .EnvConfigKeys}}
 					<!-- Environment Config -->
 					<h4 class="ui dividing header">{{ctx.Locale.Tr "install.env_config_keys"}}</h4>
@ -333,12 +335,11 @@
 					</div>
 					{{end}}

-					<div class="divider"></div>
 					<div class="inline field">
 						<div class="right-content">
 							{{ctx.Locale.Tr "install.config_location_hint"}} {{.CustomConfFile}}
 						</div>
-						<div class="right-content tw-mt-2">
+						<div class="tw-mt-4 tw-mb-2 tw-text-center">
 							<button class="ui primary button">{{ctx.Locale.Tr "install.install_btn_confirm"}}</button>
 						</div>
 					</div>
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@ -49,14 +49,17 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
 						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
--- a/templates/repo/migrate/codebase.tmpl
+++ b/templates/repo/migrate/codebase.tmpl
@ -88,14 +88,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/git.tmpl
+++ b/templates/repo/migrate/git.tmpl
@ -62,14 +62,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/gitbucket.tmpl
+++ b/templates/repo/migrate/gitbucket.tmpl
@ -104,14 +104,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/gitea.tmpl
+++ b/templates/repo/migrate/gitea.tmpl
@ -100,14 +100,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}} checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/github.tmpl
+++ b/templates/repo/migrate/github.tmpl
@ -102,14 +102,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/gitlab.tmpl
+++ b/templates/repo/migrate/gitlab.tmpl
@ -99,14 +99,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/gogs.tmpl
+++ b/templates/repo/migrate/gogs.tmpl
@ -102,14 +102,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}} checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/migrate/onedev.tmpl
+++ b/templates/repo/migrate/onedev.tmpl
@ -88,14 +88,18 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
+							<input name="private" type="checkbox"
 								{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked readonly>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+									checked disabled
 								{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+									{{if .private}}checked{{end}}
+								{{end}}>
 							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
 						</div>
+						{{if .IsForcedPrivate}}
+							<span class="help">{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</span>
+						{{end}}
+						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
 					</div>
 					<div class="inline field {{if .Err_Description}}error{{end}}">
 						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
--- a/templates/repo/settings/deploy_keys.tmpl
+++ b/templates/repo/settings/deploy_keys.tmpl
@ -28,7 +28,7 @@
 					<div class="field">
 						<div class="ui checkbox {{if .Err_IsWritable}}error{{end}}">
 							<input id="ssh-key-is-writable" name="is_writable" type="checkbox" value="1">
-							<label for="is_writable">
+							<label for="ssh-key-is-writable">
 								{{ctx.Locale.Tr "repo.settings.is_writable"}}
 							</label>
 							<small class="tw-pl-[26px]">{{ctx.Locale.Tr "repo.settings.is_writable_info"}}</small>
--- a/tests/integration/api_branch_test.go
+++ b/tests/integration/api_branch_test.go
@ -11,6 +11,7 @@ import (
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/modules/git"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"

@ -110,11 +111,11 @@ func TestAPICreateBranch(t *testing.T) {
 }

 func testAPICreateBranches(t *testing.T, giteaURL *url.URL) {
-	username := "user2"
-	ctx := NewAPITestContext(t, username, "my-noo-repo", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+	forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
+		ctx := NewAPITestContext(t, "user2", "my-noo-repo-"+objectFormat.Name(), auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
 		giteaURL.Path = ctx.GitPath()

-	t.Run("CreateRepo", doAPICreateRepository(ctx, false))
+		t.Run("CreateRepo", doAPICreateRepository(ctx, false, objectFormat))
 		testCases := []struct {
 			OldBranch          string
 			NewBranch          string
@ -162,9 +163,10 @@ func testAPICreateBranches(t *testing.T, giteaURL *url.URL) {
 		for _, test := range testCases {
 			session := ctx.Session
 			t.Run(test.NewBranch, func(t *testing.T) {
-			testAPICreateBranch(t, session, "user2", "my-noo-repo", test.OldBranch, test.NewBranch, test.ExpectedHTTPStatus)
+				testAPICreateBranch(t, session, ctx.Username, ctx.Reponame, test.OldBranch, test.NewBranch, test.ExpectedHTTPStatus)
 			})
 		}
+	})
 }

 func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBranch, newBranch string, status int) bool {
--- a/tests/integration/api_helper_for_declarative_test.go
+++ b/tests/integration/api_helper_for_declarative_test.go
@ -16,6 +16,7 @@ import (
 	"code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/perm"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/queue"
 	api "code.gitea.io/gitea/modules/structs"
@ -47,7 +48,7 @@ func (ctx APITestContext) GitPath() string {
 	return fmt.Sprintf("%s/%s.git", ctx.Username, ctx.Reponame)
 }

-func doAPICreateRepository(ctx APITestContext, empty bool, callback ...func(*testing.T, api.Repository)) func(*testing.T) {
+func doAPICreateRepository(ctx APITestContext, empty bool, objectFormat git.ObjectFormat, callback ...func(*testing.T, api.Repository)) func(*testing.T) {
 	return func(t *testing.T) {
 		createRepoOption := &api.CreateRepoOption{
 			AutoInit:         !empty,
@ -58,6 +59,7 @@ func doAPICreateRepository(ctx APITestContext, empty bool, callback ...func(*tes
 			Gitignores:       "",
 			License:          "WTFPL",
 			Readme:           "Default",
+			ObjectFormatName: objectFormat.Name(),
 		}
 		req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos", createRepoOption).
 			AddTokenAuth(ctx.Token)
--- a/tests/integration/api_repo_file_create_test.go
+++ b/tests/integration/api_repo_file_create_test.go
@ -17,6 +17,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
@ -52,6 +53,10 @@ func getCreateFileOptions() api.CreateFileOptions {

 func getExpectedFileResponseForCreate(repoFullName, commitID, treePath, latestCommitSHA string) *api.FileResponse {
 	sha := "a635aa942442ddfdba07468cf9661c08fbdf0ebf"
+	if len(latestCommitSHA) > len(sha) {
+		// repository is in SHA256 format
+		sha = "3edd190f61237b7a0a5c49aa47fb58b2ec14d53a2afc90803bc713fab5d5aec0"
+	}
 	encoding := "base64"
 	content := "VGhpcyBpcyBuZXcgdGV4dA=="
 	selfURL := setting.AppURL + "api/v1/repos/" + repoFullName + "/contents/" + treePath + "?ref=master"
@ -277,18 +282,20 @@ func TestAPICreateFile(t *testing.T) {
 		MakeRequest(t, req, http.StatusForbidden)

 		// Test creating a file in an empty repository
-		doAPICreateRepository(NewAPITestContext(t, "user2", "empty-repo", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser), true)(t)
+		forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
+			reponame := "empty-repo-" + objectFormat.Name()
+			doAPICreateRepository(NewAPITestContext(t, "user2", reponame, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser), true, objectFormat)(t)
 			createFileOptions = getCreateFileOptions()
 			fileID++
 			treePath = fmt.Sprintf("new/file%d.txt", fileID)
-		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user2.Name, "empty-repo", treePath), &createFileOptions).
+			req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user2.Name, reponame, treePath), &createFileOptions).
 				AddTokenAuth(token2)
 			resp = MakeRequest(t, req, http.StatusCreated)
-		emptyRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user2", Name: "empty-repo"}) // public repo
+			emptyRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{OwnerName: "user2", Name: reponame}) // public repo
 			gitRepo, _ := gitrepo.OpenRepository(stdCtx.Background(), emptyRepo)
 			commitID, _ := gitRepo.GetBranchCommitID(createFileOptions.NewBranchName)
 			latestCommit, _ := gitRepo.GetCommitByPath(treePath)
-		expectedFileResponse := getExpectedFileResponseForCreate("user2/empty-repo", commitID, treePath, latestCommit.ID.String())
+			expectedFileResponse := getExpectedFileResponseForCreate("user2/"+reponame, commitID, treePath, latestCommit.ID.String())
 			DecodeJSON(t, resp, &fileResponse)
 			assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
 			assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
@ -301,4 +308,5 @@ func TestAPICreateFile(t *testing.T) {
 			assert.EqualValues(t, expectedFileResponse.Commit.Committer.Date, fileResponse.Commit.Committer.Date)
 			gitRepo.Close()
 		})
+	})
 }
--- a/tests/integration/api_repo_file_get_test.go
+++ b/tests/integration/api_repo_file_get_test.go
@ -9,6 +9,7 @@ import (
 	"testing"

 	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/git"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"

@ -26,7 +27,7 @@ func TestAPIGetRawFileOrLFS(t *testing.T) {
 	// Test with LFS
 	onGiteaRun(t, func(t *testing.T, u *url.URL) {
 		httpContext := NewAPITestContext(t, "user2", "repo-lfs-test", auth_model.AccessTokenScopeWriteRepository)
-		doAPICreateRepository(httpContext, false, func(t *testing.T, repository api.Repository) {
+		doAPICreateRepository(httpContext, false, git.Sha1ObjectFormat, func(t *testing.T, repository api.Repository) { // FIXME: use forEachObjectFormat
 			u.Path = httpContext.GitPath()
 			dstPath := t.TempDir()

--- a/tests/integration/api_repo_lfs_test.go
+++ b/tests/integration/api_repo_lfs_test.go
@ -17,6 +17,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/lfs"
 	"code.gitea.io/gitea/modules/setting"
@ -61,7 +62,7 @@ func TestAPILFSMediaType(t *testing.T) {

 func createLFSTestRepository(t *testing.T, name string) *repo_model.Repository {
 	ctx := NewAPITestContext(t, "user2", "lfs-"+name+"-repo", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-	t.Run("CreateRepo", doAPICreateRepository(ctx, false))
+	t.Run("CreateRepo", doAPICreateRepository(ctx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat

 	repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, "user2", "lfs-"+name+"-repo")
 	assert.NoError(t, err)
--- a/tests/integration/api_repo_test.go
+++ b/tests/integration/api_repo_test.go
@ -16,6 +16,7 @@ import (
 	unit_model "code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	repo_service "code.gitea.io/gitea/services/repository"
@ -427,7 +428,7 @@ func testAPIRepoMigrateConflict(t *testing.T, u *url.URL) {
 		httpContext := baseAPITestContext

 		httpContext.Reponame = "repo-tmp-17"
-		t.Run("CreateRepo", doAPICreateRepository(httpContext, false))
+		t.Run("CreateRepo", doAPICreateRepository(httpContext, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat

 		user, err := user_model.GetUserByName(db.DefaultContext, httpContext.Username)
 		assert.NoError(t, err)
@ -510,7 +511,7 @@ func testAPIRepoCreateConflict(t *testing.T, u *url.URL) {
 		httpContext := baseAPITestContext

 		httpContext.Reponame = "repo-tmp-17"
-		t.Run("CreateRepo", doAPICreateRepository(httpContext, false))
+		t.Run("CreateRepo", doAPICreateRepository(httpContext, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat

 		req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos",
 			&api.CreateRepoOption{
--- a/tests/integration/git_helper_for_declarative_test.go
+++ b/tests/integration/git_helper_for_declarative_test.go
@ -117,10 +117,10 @@ func doGitCloneFail(u *url.URL) func(*testing.T) {
 	}
 }

-func doGitInitTestRepository(dstPath string) func(*testing.T) {
+func doGitInitTestRepository(dstPath string, objectFormat git.ObjectFormat) func(*testing.T) {
 	return func(t *testing.T) {
 		// Init repository in dstPath
-		assert.NoError(t, git.InitRepository(git.DefaultContext, dstPath, false, git.Sha1ObjectFormat.Name()))
+		assert.NoError(t, git.InitRepository(git.DefaultContext, dstPath, false, objectFormat.Name()))
 		// forcibly set default branch to master
 		_, _, err := git.NewCommand(git.DefaultContext, "symbolic-ref", "HEAD", git.BranchPrefix+"master").RunStdString(&git.RunOpts{Dir: dstPath})
 		assert.NoError(t, err)
@ -148,6 +148,7 @@ func doGitAddRemote(dstPath, remoteName string, u *url.URL) func(*testing.T) {

 func doGitPushTestRepository(dstPath string, args ...string) func(*testing.T) {
 	return func(t *testing.T) {
+		t.Helper()
 		_, _, err := git.NewCommand(git.DefaultContext, "push", "-u").AddArguments(git.ToTrustedCmdArgs(args)...).RunStdString(&git.RunOpts{Dir: dstPath})
 		assert.NoError(t, err)
 	}
--- a/tests/integration/git_push_test.go
+++ b/tests/integration/git_push_test.go
@ -24,13 +24,22 @@ import (
 	"github.com/stretchr/testify/require"
 )

+func forEachObjectFormat(t *testing.T, f func(t *testing.T, objectFormat git.ObjectFormat)) {
+	for _, objectFormat := range []git.ObjectFormat{git.Sha256ObjectFormat, git.Sha1ObjectFormat} {
+		t.Run(objectFormat.Name(), func(t *testing.T) {
+			f(t, objectFormat)
+		})
+	}
+}
+
 func TestGitPush(t *testing.T) {
 	onGiteaRun(t, testGitPush)
 }

 func testGitPush(t *testing.T, u *url.URL) {
+	forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
 		t.Run("Push branches at once", func(t *testing.T) {
-		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
+			runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
 				for i := 0; i < 100; i++ {
 					branchName := fmt.Sprintf("branch-%d", i)
 					pushed = append(pushed, branchName)
@ -43,7 +52,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 		})

 		t.Run("Push branches one by one", func(t *testing.T) {
-		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
+			runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
 				for i := 0; i < 100; i++ {
 					branchName := fmt.Sprintf("branch-%d", i)
 					doGitCreateBranch(gitPath, branchName)(t)
@ -55,7 +64,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 		})

 		t.Run("Delete branches", func(t *testing.T) {
-		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
+			runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
 				doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete
 				pushed = append(pushed, "master")

@ -76,7 +85,7 @@ func testGitPush(t *testing.T, u *url.URL) {
 		})

 		t.Run("Push to deleted branch", func(t *testing.T) {
-		runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) {
+			runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
 				doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete
 				pushed = append(pushed, "master")

@ -91,9 +100,10 @@ func testGitPush(t *testing.T, u *url.URL) {
 				return pushed, deleted
 			})
 		})
+	})
 }

-func runTestGitPush(t *testing.T, u *url.URL, gitOperation func(t *testing.T, gitPath string) (pushed, deleted []string)) {
+func runTestGitPush(t *testing.T, u *url.URL, objectFormat git.ObjectFormat, gitOperation func(t *testing.T, gitPath string) (pushed, deleted []string)) {
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 	repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
 		Name:             "repo-to-push",
@ -101,13 +111,14 @@ func runTestGitPush(t *testing.T, u *url.URL, gitOperation func(t *testing.T, gi
 		AutoInit:         false,
 		DefaultBranch:    "main",
 		IsPrivate:        false,
+		ObjectFormatName: objectFormat.Name(),
 	})
 	require.NoError(t, err)
 	require.NotEmpty(t, repo)

 	gitPath := t.TempDir()

-	doGitInitTestRepository(gitPath)(t)
+	doGitInitTestRepository(gitPath, objectFormat)(t)

 	oldPath := u.Path
 	oldUser := u.User
@ -158,19 +169,22 @@ func TestOptionsGitPush(t *testing.T) {

 func testOptionsGitPush(t *testing.T, u *url.URL) {
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+
+	forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
 		repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
 			Name:             "repo-to-push",
 			Description:      "test git push",
 			AutoInit:         false,
 			DefaultBranch:    "main",
 			IsPrivate:        false,
+			ObjectFormatName: objectFormat.Name(),
 		})
 		require.NoError(t, err)
 		require.NotEmpty(t, repo)

 		gitPath := t.TempDir()

-	doGitInitTestRepository(gitPath)(t)
+		doGitInitTestRepository(gitPath, objectFormat)(t)

 		u.Path = repo.FullName() + ".git"
 		u.User = url.UserPassword(user.LowerName, userPassword)
@ -237,4 +251,5 @@ func testOptionsGitPush(t *testing.T, u *url.URL) {
 		})

 		require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repo.ID))
+	})
 }
--- a/tests/integration/git_test.go
+++ b/tests/integration/git_test.go
@ -64,7 +64,7 @@ func testGit(t *testing.T, u *url.URL) {

 		dstPath := t.TempDir()

-		t.Run("CreateRepoInDifferentUser", doAPICreateRepository(forkedUserCtx, false))
+		t.Run("CreateRepoInDifferentUser", doAPICreateRepository(forkedUserCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 		t.Run("AddUserAsCollaborator", doAPIAddCollaborator(forkedUserCtx, httpContext.Username, perm.AccessModeRead))

 		t.Run("ForkFromDifferentUser", doAPIForkRepository(httpContext, forkedUserCtx.Username))
@ -103,7 +103,7 @@ func testGit(t *testing.T, u *url.URL) {
 		sshContext.Reponame = "repo-tmp-18"
 		keyname := "my-testing-key"
 		forkedUserCtx.Reponame = sshContext.Reponame
-		t.Run("CreateRepoInDifferentUser", doAPICreateRepository(forkedUserCtx, false))
+		t.Run("CreateRepoInDifferentUser", doAPICreateRepository(forkedUserCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 		t.Run("AddUserAsCollaborator", doAPIAddCollaborator(forkedUserCtx, sshContext.Username, perm.AccessModeRead))
 		t.Run("ForkFromDifferentUser", doAPIForkRepository(sshContext, forkedUserCtx.Username))

@ -598,7 +598,7 @@ func doPushCreate(ctx APITestContext, u *url.URL) func(t *testing.T) {
 		tmpDir := t.TempDir()

 		// Now create local repository to push as our test and set its origin
-		t.Run("InitTestRepository", doGitInitTestRepository(tmpDir))
+		t.Run("InitTestRepository", doGitInitTestRepository(tmpDir, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 		t.Run("AddRemote", doGitAddRemote(tmpDir, "origin", u))

 		// Disable "Push To Create" and attempt to push
--- a/tests/integration/gpg_git_test.go
+++ b/tests/integration/gpg_git_test.go
@ -13,6 +13,7 @@ import (
 	auth_model "code.gitea.io/gitea/models/auth"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
@ -56,7 +57,7 @@ func TestGPGGit(t *testing.T) {
 		t.Run("Unsigned-Initial", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 			testCtx := NewAPITestContext(t, username, "initial-unsigned", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
+			t.Run("CreateRepository", doAPICreateRepository(testCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 			t.Run("CheckMasterBranchUnsigned", doAPIGetBranch(testCtx, "master", func(t *testing.T, branch api.Branch) {
 				assert.NotNil(t, branch.Commit)
 				assert.NotNil(t, branch.Commit.Verification)
@ -149,7 +150,7 @@ func TestGPGGit(t *testing.T) {
 		t.Run("AlwaysSign-Initial", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 			testCtx := NewAPITestContext(t, username, "initial-always", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
+			t.Run("CreateRepository", doAPICreateRepository(testCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 			t.Run("CheckMasterBranchSigned", doAPIGetBranch(testCtx, "master", func(t *testing.T, branch api.Branch) {
 				assert.NotNil(t, branch.Commit)
 				if branch.Commit == nil {
@ -171,7 +172,7 @@ func TestGPGGit(t *testing.T) {
 		t.Run("AlwaysSign-Initial-CRUD-Never", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 			testCtx := NewAPITestContext(t, username, "initial-always-never", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
+			t.Run("CreateRepository", doAPICreateRepository(testCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 			t.Run("CreateCRUDFile-Never", crudActionCreateFile(
 				t, testCtx, user, "master", "never", "unsigned-never.txt", func(t *testing.T, response api.FileResponse) {
 					assert.False(t, response.Verification.Verified)
@ -182,7 +183,7 @@ func TestGPGGit(t *testing.T) {
 		t.Run("AlwaysSign-Initial-CRUD-ParentSigned-On-Always", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 			testCtx := NewAPITestContext(t, username, "initial-always-parent", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
+			t.Run("CreateRepository", doAPICreateRepository(testCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 			t.Run("CreateCRUDFile-ParentSigned", crudActionCreateFile(
 				t, testCtx, user, "master", "parentsigned", "signed-parent.txt", func(t *testing.T, response api.FileResponse) {
 					assert.True(t, response.Verification.Verified)
@ -198,7 +199,7 @@ func TestGPGGit(t *testing.T) {
 		t.Run("AlwaysSign-Initial-CRUD-Always", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
 			testCtx := NewAPITestContext(t, username, "initial-always-always", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-			t.Run("CreateRepository", doAPICreateRepository(testCtx, false))
+			t.Run("CreateRepository", doAPICreateRepository(testCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
 			t.Run("CreateCRUDFile-Always", crudActionCreateFile(
 				t, testCtx, user, "master", "always", "signed-always.txt", func(t *testing.T, response api.FileResponse) {
 					assert.True(t, response.Verification.Verified)
--- a/tests/integration/ssh_key_test.go
+++ b/tests/integration/ssh_key_test.go
@ -47,14 +47,14 @@ func TestPushDeployKeyOnEmptyRepo(t *testing.T) {
 }

 func testPushDeployKeyOnEmptyRepo(t *testing.T, u *url.URL) {
+	forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
 		// OK login
-	ctx := NewAPITestContext(t, "user2", "deploy-key-empty-repo-1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
-	ctxWithDeleteRepo := NewAPITestContext(t, "user2", "deploy-key-empty-repo-1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
+		ctx := NewAPITestContext(t, "user2", "deploy-key-empty-repo-"+objectFormat.Name(), auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)

 		keyname := fmt.Sprintf("%s-push", ctx.Reponame)
 		u.Path = ctx.GitPath()

-	t.Run("CreateEmptyRepository", doAPICreateRepository(ctx, true))
+		t.Run("CreateEmptyRepository", doAPICreateRepository(ctx, true, objectFormat))

 		t.Run("CheckIsEmpty", doCheckRepositoryEmptyStatus(ctx, true))

@ -64,7 +64,7 @@ func testPushDeployKeyOnEmptyRepo(t *testing.T, u *url.URL) {
 			// Setup the testing repository
 			dstPath := t.TempDir()

-		t.Run("InitTestRepository", doGitInitTestRepository(dstPath))
+			t.Run("InitTestRepository", doGitInitTestRepository(dstPath, objectFormat))

 			// Setup remote link
 			sshURL := createSSHUrl(ctx.GitPath(), u)
@ -75,7 +75,8 @@ func testPushDeployKeyOnEmptyRepo(t *testing.T, u *url.URL) {

 			t.Run("CheckIsNotEmpty", doCheckRepositoryEmptyStatus(ctx, false))

-		t.Run("DeleteRepository", doAPIDeleteRepository(ctxWithDeleteRepo))
+			t.Run("DeleteRepository", doAPIDeleteRepository(ctx))
+		})
 	})
 }

@ -103,8 +104,8 @@ func testKeyOnlyOneType(t *testing.T, u *url.URL) {
 	failCtx := ctx
 	failCtx.ExpectedCode = http.StatusUnprocessableEntity

-	t.Run("CreateRepository", doAPICreateRepository(ctx, false))
-	t.Run("CreateOtherRepository", doAPICreateRepository(otherCtx, false))
+	t.Run("CreateRepository", doAPICreateRepository(ctx, false, git.Sha1ObjectFormat))           // FIXME: use forEachObjectFormat
+	t.Run("CreateOtherRepository", doAPICreateRepository(otherCtx, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat

 	withKeyFile(t, keyname, func(keyFile string) {
 		var userKeyPublicKeyID int64
@ -178,7 +179,7 @@ func testKeyOnlyOneType(t *testing.T, u *url.URL) {

 			t.Run("DeleteOtherRepository", doAPIDeleteRepository(otherCtxWithDeleteRepo))

-			t.Run("RecreateRepository", doAPICreateRepository(ctxWithDeleteRepo, false))
+			t.Run("RecreateRepository", doAPICreateRepository(ctxWithDeleteRepo, false, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat

 			t.Run("CreateUserKey", doAPICreateUserKey(ctx, keyname, keyFile, func(t *testing.T, publicKey api.PublicKey) {
 				userKeyPublicKeyID = publicKey.ID
--- a/web_src/css/install.css
+++ b/web_src/css/install.css
@ -13,8 +13,7 @@
 .page-content.install .ui.form .field > .help,
 .page-content.install .ui.form .field > .ui.checkbox:first-child,
 .page-content.install .ui.form .field > .right-content {
-  margin-left: 30%;
-  padding-left: 5px;
+  margin-left: calc(30% + 5px);
  width: auto;
 }

@ -24,10 +23,11 @@
 }

 .page-content.install form.ui.form details.optional.field[open] {
-  border-bottom: 1px dashed var(--color-secondary);
  padding-bottom: 10px;
 }
-
+.page-content.install form.ui.form details.optional.field[open]:not(:last-child) {
+  border-bottom: 1px dashed var(--color-secondary);
+}
 .page-content.install form.ui.form details.optional.field[open] summary {
  margin-bottom: 10px;
 }
				`@ -0,0 +1 @@`
				`- backticks in [mermaid](https://mermaid.js.org/) block diagram labels [are not sanitized properly](https://github.com/mermaid-js/mermaid/commit/c7fe9a646574597adefe3e6fb2b3707112a151aa)`