3.11 Release

(refs #1080 )Fix commit count presentation when over 10000
Merge pull request #1077 from ritschwumm/patch-1
2025-11-04 20:45:58 +01:00 · 2016-01-30 09:51:30 +09:00 · 2016-01-30 02:01:04 +09:00 · 2016-01-29 01:53:10 +09:00 · 2016-01-28 12:10:32 +01:00 · 2016-01-27 01:18:16 +09:00
466 changed files with 45120 additions and 23301 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,7 @@
 *.class
 *.log
+.ensime
+.ensime_cache

 # sbt specific
 dist/*
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,6 @@
 language: scala
-scala:
-  - 2.11.2
+sudo: false
+script:
+  - sbt test
+jdk:
+  - oraclejdk8
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -0,0 +1,7 @@
+# Guideline for Issues
+
+- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
+- Make sure check whether there is a same question or request in the past.
+- When raise a new issue, write subject in **English** at least.
+- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.
--- a/README.md
+++ b/README.md
@@ -1,8 +1,7 @@
-GitBucket [![Gitter chat](https://badges.gitter.im/takezoe/gitbucket.png)](https://gitter.im/takezoe/gitbucket) [![Build Status](https://travis-ci.org/takezoe/gitbucket.svg?branch=master)](https://travis-ci.org/takezoe/gitbucket)
+GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](https://gitter.im/gitbucket/gitbucket) [![Build Status](https://travis-ci.org/gitbucket/gitbucket.svg?branch=master)](https://travis-ci.org/gitbucket/gitbucket)
 =========

-GitBucket is the easily installable GitHub clone powered by Scala.
-
+GitBucket is a GitHub clone powered by Scala which has easy installation and high extensibility.

 Features
 --------
@@ -10,35 +9,21 @@ The current version of GitBucket provides a basic features below:

 - Public / Private Git repository (http and ssh access)
 - Repository viewer and online file editing
- Repository search (Code and Issues)
 - Wiki
- Issues
- Fork / Pull request
- Mail notification
- Activity timeline
- User management (for Administrators)
- Group (like Organization in Github)
- LDAP integration
- Gravatar support
+- Issues / Pull request
+- Email notification
+- Simple user and group management with LDAP integration
+- Plug-in system

-Following features are not implemented, but we will make them in the future release!
-
- Network graph
- Statistics
- Watch / Star
-
-If you want to try the development version of GitBucket, see the documentation for developers at [Wiki](https://github.com/takezoe/gitbucket/wiki).
+If you want to try the development version of GitBucket, see [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).

 Installation
 --------
+GitBucket requires **Java8**. You have to install beforehand when it's not installed.

-1. Download latest **gitbucket.war** from [the release page](https://github.com/takezoe/gitbucket/releases).
+1. Download latest **gitbucket.war** from [the release page](https://github.com/gitbucket/gitbucket/releases).
 2. Deploy it to the Servlet 3.0 container such as Tomcat 7.x, Jetty 8.x, GlassFish 3.x or higher.
-3. Access **http://[hostname]:[port]/gitbucket/** using your web browser.
-
-If you are using Gitbucket behind a webserver please make sure you have increased the **client_max_body_size** (on nignx)
-
-The default administrator account is **root** and password is **root**.
+3. Access **http://[hostname]:[port]/gitbucket/** using your web browser and logged-in with **root** / **root**.

 or you can start GitBucket by `java -jar gitbucket.war` without servlet container. In this case, GitBucket URL is **http://[hostname]:8080/**. You can specify following options.

@@ -47,38 +32,109 @@ or you can start GitBucket by `java -jar gitbucket.war` without servlet containe
 - --host=[HOSTNAME]
 - --gitbucket.home=[DATA_DIR]

-To upgrade GitBucket, only replace gitbucket.war. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.
+To upgrade GitBucket, only replace gitbucket.war after stop GitBucket. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.

-For Installation on Windows Server with IIS see [this wiki page](https://github.com/takezoe/gitbucket/wiki/Installation-on-IIS-and-Helicontech-Zoo)
+About installation on Mac or Windows Server (with IIS), configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).

-### Mac OS X
-#### Installing Via Homebrew
+Plug-ins
+--------
+GitBucket has the plug-in system to extend GitBucket from outside of GitBucket. Some plug-ins are available now:

-    $ brew install gitbucket
-    ==> Downloading https://github.com/takezoe/gitbucket/releases/download/1.10/gitbucket.war
-    ######################################################################## 100.0%
-    ==> Caveats
-    Note: When using launchctl the port will be 8080.
+- [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
+- [gitbucket-announce-plugin](https://github.com/gitbucket-plugins/gitbucket-announce-plugin)
+- [gitbucket-h2-backup-plugin](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin)
+- [gitbucket-desktopnotify-plugin](https://github.com/yoshiyoshifujii/gitbucket-desktopnotify-plugin)
+- [gitbucket-commitgraphs-plugin](https://github.com/yoshiyoshifujii/gitbucket-commitgraphs-plugin)
+- [gitbucket-asciidoctor-plugin](https://github.com/lefou/gitbucket-asciidoctor-plugin)

-    To have launchd start gitbucket at login:
-        ln -sfv /usr/local/opt/gitbucket/*.plist ~/Library/LaunchAgents
-    Then to load gitbucket now:
-        launchctl load ~/Library/LaunchAgents/homebrew.mxcl.gitbucket.plist
-    Or, if you don't want/need launchctl, you can just run:
-        java -jar /usr/local/opt/gitbucket/libexec/gitbucket.war
-    ==> Summary
-    /usr/local/Cellar/gitbucket/1.10: 3 files, 42M, built in 11 seconds
+You can find community plugins other than them at [gitbucket community plugins](http://gitbucket-plugins.github.io/).

-#### Manual Installation
-On OS X, copy the [gitbucket.plist](https://raw.github.com/takezoe/gitbucket/master/contrib/macosx/gitbucket.plist) file to `~/Library/LaunchAgents/`
+Support
+--------

-Run the following commands in `Terminal` to
-
- start gitbucket: `launchctl load ~/Library/LaunchAgents/gitbucket.plist`
- stop gitbucket: `launchctl unload ~/Library/LaunchAgents/gitbucket.plist`
+- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
+- Make sure check whether there is a same question or request in the past.
+- When raise a new issue, write subject in **English** at least.
+- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.

 Release Notes
 --------
+### 3.11 - 30 Jan 2016
+- Upgrade Scalatra to 2.4
+- Sidebar and Footer for Wiki
+- Branch protection and receive hook extension point for plug-in
+- Limit recent updated repositories list
+- Issue actions look-alike GitHub
+- Web API for labels
+
+### 3.10 - 30 Dec 2015
+- Move to Bootstrap3
+- New URL for raw contents (`raw/master/doc/activity.md` instead of `blob/master/doc/activity.md?raw=true`)
+- Update xsbt-web-plugin
+- Update H2 database
+
+### 3.9 - 5 Dec 2015
+- GFM inline breaks support in Markdown
+- WebHook on create review comment is available
+- WebHook event trigger is selectable
+
+### 3.8 - 31 Oct 2015
+- Moved to GitHub organization
+- Omit diff view for large differences
+- Repository creation API
+- Render url as link in repository description
+- Expand attachable file types
+
+### 3.7 - 3 Oct 2015
+- Markdown processor has been switched to [markedj](https://github.com/gitbucket/markedj) from pegdown
+- Clone in desktop button
+- Providing MD5 and SHA-1 checksum for `gitbucket.war` has started
+
+### 3.6 - 30 Aug 2015
+- User interface Improvements: Especially, commit list, issues and pull request have been updated largely.
+- Installed plugins list has been available at the system administration console.
+- Pages and repository list in the sidebar have been limited and more pages and repositories link is available.
+- More reference link notation in Markdown has been supported.
+
+### 3.5 - 1 Aug 2015
+- Octicons has been applied
+- Global header has been enhanced. Now it's further similar to GitHub.
+- Default compare / pull request target has been changed to the parent repository
+- A lot of updates for [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
+
+### 3.4 - 27 Jun 2015
+- Declarative style plug-in definition
+- New extension point to add markup render
+- go-import support
+
+### 3.3 - 31 May 2015
+- Rich graphical diff for images
+- File finder is available in the repository viewer
+- Blame is displayed at the source viewer
+- Remain user data and repositories even if user is disabled
+- Mobile view improvement
+
+### 3.2 - 3 May 2015
+- Directory history button
+- Compare / pull request button
+- Limit of activity log
+
+### 3.1.1 - 4 Apr 2015
+- Rolled back H2 version to avoid version compatibility issue
+- Plug-ins became possible to access ServletContext
+
+### 3.1 - 28 Mar 2015
+- Web APIs for Jenkins github pull-request builder
+- Improved diff view
+- Bump Scalatra to 2.3.1, sbt to 0.13.8
+
+### 3.0 - 3 Mar 2015
+- New plug-in system is available
+- Connection pooling by c3p0
+- New branch UI
+- Compare between specified commit ids
+
 ### 2.8 - 1 Feb 2015
 - New logo and icons
 - New system setting options to control visibility
--- a/build.sbt
+++ b/build.sbt
@@ -0,0 +1,159 @@
+val Organization = "gitbucket"
+val Name = "gitbucket"
+val GitBucketVersion = "3.11.0"
+val ScalatraVersion = "2.4.0"
+val JettyVersion = "9.3.6.v20151106"
+
+lazy val root = (project in file(".")).enablePlugins(SbtTwirl, JettyPlugin)
+
+sourcesInBase := false
+organization := Organization
+name := Name
+version := GitBucketVersion
+scalaVersion := "2.11.6"
+
+// dependency settings
+resolvers ++= Seq(
+  Classpaths.typesafeReleases,
+  "amateras-repo" at "http://amateras.sourceforge.jp/mvn/",
+  "amateras-snapshot-repo" at "http://amateras.sourceforge.jp/mvn-snapshot/"
+)
+libraryDependencies ++= Seq(
+  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.1.1.201511131810-r",
+  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.1.1.201511131810-r",
+  "org.scalatra"             %% "scalatra"                     % ScalatraVersion,
+  "org.scalatra"             %% "scalatra-json"                % ScalatraVersion,
+  "org.json4s"               %% "json4s-jackson"               % "3.3.0",
+  "io.github.gitbucket"      %% "scalatra-forms"               % "1.0.0",
+  "commons-io"                % "commons-io"                   % "2.4",
+  "io.github.gitbucket"       % "markedj"                      % "1.0.6",
+  "org.apache.commons"        % "commons-compress"             % "1.10",
+  "org.apache.commons"        % "commons-email"                % "1.4",
+  "org.apache.httpcomponents" % "httpclient"                   % "4.5.1",
+  "org.apache.sshd"           % "apache-sshd"                  % "1.0.0",
+  "org.apache.tika"           % "tika-core"                    % "1.11",
+  "com.typesafe.slick"       %% "slick"                        % "2.1.0",
+  "com.novell.ldap"           % "jldap"                        % "2009-10-07",
+  "com.h2database"            % "h2"                           % "1.4.190",
+  "ch.qos.logback"            % "logback-classic"              % "1.1.1",
+  "com.mchange"               % "c3p0"                         % "0.9.5.2",
+  "com.typesafe"              % "config"                       % "1.3.0",
+  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.14",
+  "com.enragedginger"        %% "akka-quartz-scheduler"        % "1.4.0-akka-2.3.x" exclude("c3p0","c3p0"),
+  "org.eclipse.jetty"         % "jetty-webapp"                 % JettyVersion     % "provided",
+  "javax.servlet"             % "javax.servlet-api"            % "3.1.0"          % "provided",
+  "junit"                     % "junit"                        % "4.12"           % "test",
+  "org.scalatra"             %% "scalatra-specs2"              % ScalatraVersion  % "test",
+  "org.specs2"               %% "specs2-junit"                 % "3.6.6"          % "test"
+)
+
+// Twirl settings
+play.twirl.sbt.Import.TwirlKeys.templateImports += "gitbucket.core._"
+
+// Compiler settings
+scalacOptions := Seq("-deprecation", "-language:postfixOps")
+javacOptions in compile ++= Seq("-target", "7", "-source", "7")
+javaOptions in Jetty += "-Dlogback.configurationFile=/logback-dev.xml"
+testOptions in Test += Tests.Argument(TestFrameworks.Specs2, "junitxml", "console")
+javaOptions in Test += "-Dgitbucket.home=target/gitbucket_home_for_test"
+testOptions in Test += Tests.Setup( () => new java.io.File("target/gitbucket_home_for_test").mkdir() )
+fork in Test := true
+packageOptions += Package.MainClass("JettyLauncher")
+
+// Assembly settings
+test in assembly := {}
+assemblyMergeStrategy in assembly := {
+  case PathList("META-INF", xs @ _*) =>
+    (xs map {_.toLowerCase}) match {
+      case ("manifest.mf" :: Nil) => MergeStrategy.discard
+      case _ => MergeStrategy.discard
+    }
+  case x => MergeStrategy.first
+}
+
+// JRebel
+jrebel.webLinks += (target in webappPrepare).value
+jrebel.enabled := System.getenv().get("JREBEL") != null
+javaOptions in Jetty ++= Option(System.getenv().get("JREBEL")).toSeq.flatMap { path =>
+  Seq("-noverify", "-XX:+UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", s"-javaagent:${path}")
+}
+jrebelSettings
+
+// Create executable war file
+val executableConfig = config("executable").hide
+Keys.ivyConfigurations += executableConfig
+libraryDependencies	++= Seq(
+  "org.eclipse.jetty"	%	"jetty-security"     % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-webapp"       % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-continuation" % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-server"       % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-xml"          % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-http"         % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-servlet"      % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-io"           % JettyVersion % "executable",
+  "org.eclipse.jetty"	%	"jetty-util"         % JettyVersion % "executable"
+)
+
+val executableKey	= TaskKey[File]("executable")
+executableKey	:= {
+  import org.apache.ivy.util.ChecksumHelper
+  import java.util.jar.{ Manifest => JarManifest }
+  import java.util.jar.Attributes.{ Name => AttrName }
+
+  val workDir	= Keys.target.value / "executable"
+  val warName	= Keys.name.value + ".war"
+
+  val log		= streams.value.log
+  log info s"building executable webapp in ${workDir}"
+
+  // initialize temp directory
+  val temp	= workDir / "webapp"
+  IO delete temp
+
+  // include jetty classes
+  val jettyJars	= Keys.update.value select configurationFilter(name = executableConfig.name)
+  jettyJars foreach { jar =>
+    IO unzip (jar, temp, (name:String) =>
+      (name startsWith "javax/") ||
+      (name startsWith "org/")
+    )
+  }
+
+  // include original war file
+  val warFile	= (Keys.`package`).value
+  IO unzip (warFile, temp)
+
+  // include launcher classes
+  val classDir		= (Keys.classDirectory in Compile).value
+  val launchClasses	= Seq("JettyLauncher.class" /*, "HttpsSupportConnector.class" */)
+  launchClasses foreach { name =>
+    IO copyFile (classDir / name, temp / name)
+  }
+
+  // zip it up
+  IO delete (temp / "META-INF" / "MANIFEST.MF")
+  val contentMappings	= (temp.*** --- PathFinder(temp)).get pair relativeTo(temp)
+  val manifest		= new JarManifest
+  manifest.getMainAttributes put (AttrName.MANIFEST_VERSION,	"1.0")
+  manifest.getMainAttributes put (AttrName.MAIN_CLASS,		"JettyLauncher")
+  val outputFile		= workDir / warName
+  IO jar (contentMappings, outputFile, manifest)
+
+  // generate checksums
+  Seq("md5", "sha1") foreach { algorithm =>
+    IO.write(
+      workDir / (warName + "." + algorithm),
+      ChecksumHelper computeAsString (outputFile, algorithm)
+    )
+  }
+
+  // done
+  log info s"built executable webapp ${outputFile}"
+  outputFile
+}
+/*
+Keys.artifact in (Compile, executableKey) ~= {
+	_ copy (`type` = "war", extension = "war"))
+}
+addArtifact(Keys.artifact in (Compile, executableKey), executableKey)
+*/
--- a/build.xml
+++ b/build.xml
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<project name="gitbucket" default="all" basedir=".">
-
-  <property name="target.dir" value="target"/>
-  <property name="embed.classes.dir" value="${target.dir}/embed-classes"/>
-  <property name="jetty.dir" value="embed-jetty"/>
-  <property name="scala.version" value="2.11"/>
-  <property name="gitbucket.version" value="0.0.1"/>
-  <property name="jetty.version" value="8.1.8.v20121106"/>
-  <property name="servlet.version" value="3.0.0.v201112011016"/>
-
-  <condition property="sbt.exec" value="sbt.bat" else="sbt.sh">
-    <os family="windows" />
-  </condition>
-
-  <target name="clean">
-    <delete dir="${embed.classes.dir}"/>
-    <delete file="${target.dir}/scala-${scala.version}/gitbucket.war"/>
-  </target>
-
-  <target name="war" depends="clean">
-    <exec executable="${sbt.exec}" resolveexecutable="true" failonerror="true">
-      <arg line="clean compile test package" />
-    </exec>
-  </target>
-
-  <target name="embed" depends="war">
-    <mkdir dir="${embed.classes.dir}"/>
-
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/javax.servlet-${servlet.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-continuation-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-http-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-io-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-security-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-server-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-servlet-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-util-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-webapp-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-xml-${jetty.version}.jar" />
-
-    <zip destfile="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-         basedir="${embed.classes.dir}"
-         update = "true"
-         includes="javax/**,org/**"/>
-
-    <zip destfile="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-         basedir="${target.dir}/scala-${scala.version}/classes"
-         update = "true"
-         includes="JettyLauncher.class,HttpsSupportConnector.class"/>
-  </target>
-
-  <target name="rename" depends="embed">
-    <move file="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-            tofile="${target.dir}/scala-${scala.version}/gitbucket.war"/>
-  </target>
-
-  <target name="all" depends="rename">
-  </target>
-
-
-</project>
--- a/contrib/gitbucket.conf
+++ b/contrib/gitbucket.conf
@@ -44,7 +44,7 @@ GITBUCKET_WAR_DIR=$GITBUCKET_DIR/lib
 GITBUCKET_WAR_FILE=$GITBUCKET_WAR_DIR/gitbucket.war

 # GitBucket version to fetch when installing
-GITBUCKET_VERSION=2.1
+GITBUCKET_VERSION=3.5

 #
 # End of configuration section. Ignore this part
--- a/contrib/install
+++ b/contrib/install
@@ -38,7 +38,7 @@ createDir "$GITBUCKET_DIR"
 createDir "$GITBUCKET_LOG_DIR"

 echo "Fetching GitBucket v$GITBUCKET_VERSION and saving as $GITBUCKET_WAR_FILE"
-sudo wget -qO "$GITBUCKET_WAR_FILE" https://github.com/takezoe/gitbucket/releases/download/$GITBUCKET_VERSION/gitbucket.war
+sudo wget -qO "$GITBUCKET_WAR_FILE" https://github.com/gitbucket/gitbucket/releases/download/$GITBUCKET_VERSION/gitbucket.war

 sudo rm -f "$GITBUCKET_LOG_DIR/run.log"

--- a/contrib/linux/redhat/gitbucket.spec
+++ b/contrib/linux/redhat/gitbucket.spec
@@ -3,7 +3,7 @@ Summary:	GitHub clone written with Scala.
 Version:	2.6
 Release:	1%{?dist}
 License:	Apache
-URL:		https://github.com/takezoe/gitbucket
+URL:		https://github.com/gitbucket/gitbucket
 Group:		System/Servers
 Source0:	%{name}.war
 Source1:	%{name}.init
--- a/doc/activity.md
+++ b/doc/activity.md
@@ -0,0 +1,22 @@
+Activity Timeline
+========
+GitBucket records several types of user activity to ```ACTIVITY``` table. Activity types are shown below:
+
+type              | message                                              | additional information
+------------------|------------------------------------------------------|------------------------
+create_repository |$user created $owner/$repo                            |-
+open_issue        |$user opened issue $owner/$repo#$issueId              |-
+close_issue       |$user closed issue $owner/$repo#$issueId              |-
+close_issue       |$user closed pull request $owner/$repo#$issueId       |-
+reopen_issue      |$user reopened issue $owner/$repo#$issueId            |-
+comment_issue     |$user commented on issue $owner/$repo#$issueId        |-
+comment_issue     |$user commented on pull request $owner/$repo#$issueId |-
+create_wiki       |$user created the $owner/$repo wiki                   |$page
+edit_wiki         |$user edited the $owner/$repo wiki                    |$page<br>$page:$commitId(since 1.5)
+push              |$user pushed to $owner/$repo#$branch to $owner/$repo  |$commitId:$shortMessage\n*
+create_tag        |$user created tag $tag at $owner/$repo                |-
+create_branch     |$user created branch $branch at $owner/$repo          |-
+delete_branch     |$user deleted branch $branch at $owner/$repo          |-
+fork              |$user forked $owner/$repo to $owner/$repo             |-
+open_pullreq      |$user opened pull request $owner/$repo#issueId        |-
+merge_pullreq     |$user merge pull request $owner/$repo#issueId         |-
--- a/doc/authenticator.md
+++ b/doc/authenticator.md
@@ -0,0 +1,60 @@
+Authentication in Controller
+========
+GitBucket provides many [authenticators](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/util/Authenticator.scala) to access controlling in the controller.
+
+For example, in the case of `RepositoryViwerController`,
+it references three authenticators: `ReadableUsersAuthenticator`, `ReferrerAuthenticator` and `CollaboratorsAuthenticator`.
+
+```scala
+class RepositoryViewerController extends RepositoryViewerControllerBase
+  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with WebHookPullRequestService with WebHookPullRequestReviewCommentService
+
+trait RepositoryViewerControllerBase extends ControllerBase {
+  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with WebHookPullRequestService with WebHookPullRequestReviewCommentService =>
+
+  ...
+```
+
+Authenticators provides a method to add guard to actions in the controller:
+
+- `ReadableUsersAuthenticator` provides `readableUsersOnly` method
+- `ReferrerAuthenticator` provides `referrersOnly` method
+- `CollaboratorsAuthenticator` provides `collaboratorsOnly` method
+
+These methods are available in each actions as below:
+
+```scala
+// Allows only the repository owner (or manager for group repository) and administrators.
+get("/:owner/:repository/tree/*")(referrersOnly { repository =>
+  ...
+})
+
+// Allows only collaborators and administrators.
+get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
+  ...
+})
+
+// Allows only signed in users which can access the repository.
+post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
+  ...
+})
+```
+
+Currently, GitBucket provides below authenticators:
+
+|Trait                     | Method          | Description                                                                          |
+|--------------------------|-----------------|--------------------------------------------------------------------------------------|
+|OneselfAuthenticator      |oneselfOnly      |Allows only oneself and administrators.                                               |
+|OwnerAuthenticator        |ownerOnly        |Allows only the repository owner and administrators.                                  |
+|UsersAuthenticator        |usersOnly        |Allows only signed in users.                                                          |
+|AdminAuthenticator        |adminOnly        |Allows only administrators.                                                           |
+|CollaboratorsAuthenticator|collaboratorsOnly|Allows only collaborators and administrators.                                         |
+|ReferrerAuthenticator     |referrersOnly    |Allows only the repository owner (or manager for group repository) and administrators.|
+|ReadableUsersAuthenticator|readableUsersOnly|Allows only signed in users which can access the repository.                          |
+|GroupManagerAuthenticator |managersOnly     |Allows only the group managers.                                                       |
+
+Of course, if you make a new plugin, you can define a your own authenticator according to requirement in your plugin.
--- a/doc/auto_update.md
+++ b/doc/auto_update.md
@@ -0,0 +1,37 @@
+Automatic Schema Updating
+========
+GitBucket uses H2 database to manage project and account data. GitBucket updates database schema automatically in the first run after the upgrading.
+
+To release a new version of GitBucket, add the version definition to the [gitbucket.core.servlet.AutoUpdate](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/servlet/AutoUpdate.scala) at first.
+
+```scala
+object AutoUpdate {
+  ...
+  /**
+   * The history of versions. A head of this sequence is the current GitBucket version.
+   */
+  val versions = Seq(
+      Version(1, 0)
+  )
+  ...
+```
+
+Next, add a SQL file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) as ```MAJOR_MINOR.sql```.
+
+GitBucket stores the current version to ```GITBUCKET_HOME/version``` and checks it at start-up. If the stored version differs from the actual version, it executes differences of SQL files between the stored version and the actual version. And ```GITBUCKET_HOME/version``` is updated by the actual version.
+
+We can also add any Scala code for upgrade GitBucket which modifies resources other than database. Override ```Version.update``` like below:
+
+```scala
+val versions = Seq(
+  new Version(1, 3){
+    override def update(conn: Connection): Unit = {
+      super.update(conn)
+      // Add any code here!
+    }
+  },
+  Version(1, 2),
+  Version(1, 1),
+  Version(1, 0)
+)
+```
--- a/doc/comment_action.md
+++ b/doc/comment_action.md
@@ -0,0 +1,56 @@
+About Action in Issue Comment
+========
+After the issue creation at GitBucket, users can add comments or close it.
+The details are saved at `ISSUE_COMMENT` table.
+
+To determine if it was any operation, you see the `ACTION` column.
+And in the case of some actions, `CONTENT` column value contains additional information.
+
+|ACTION         |CONTENT          |
+|---------------|-----------------|
+|comment        |comment          |
+|close_comment  |comment          |
+|reopen_comment |comment          |
+|close          |"Close"          |
+|reopen         |"Reopen"         |
+|commit         |comment commitId |
+|merge          |comment          |
+|delete_branch  |branchName       |
+|refer          |issueId:title    |
+
+### comment
+
+This value is saved when users have made a normal comment.
+
+### close_comment, reopen_comment
+
+These values are saved when users have reopened or closed the issue with comments.
+
+### close, reopen
+
+These values are saved when users have reopened or closed the issue.
+At the same time, store the fixed value(i.e. "Close" or "Reopen") to the `CONTENT` column.
+Therefore, this comment is not displayed, and not counted as a comment.
+
+### commit
+
+This value is saved when users have pushed including the `#issueId` to the commit message.
+At the same time, store it to the `CONTENT` column with its commit id.
+This comment is displayed. But it can not be edited by all users, and also not counted as a comment.
+
+### merge
+
+This value is saved when users have merged the pull request.
+At the same time, store the message to the `CONTENT` column.
+This comment is displayed. But it can not be edited by all users, and also not counted as a comment.
+
+### delete_branch
+
+This value is saved when users have deleted the branch. Users can delete branch after merging pull request which is requested from the same repository.
+At the same time, store it to the `CONTENT` column with the deleted branch name.
+Therefore, this comment is not displayed, and not counted as a comment.
+
+### refer
+
+This value is saved when other issue or issue comment contains reference to the issue like `#issueId`.
+At the same time, store id and title of the referrer issue as `id:title`.
--- a/doc/directory.md
+++ b/doc/directory.md
@@ -0,0 +1,44 @@
+Directory Structure
+========
+GitBucket persists all data into __HOME/.gitbucket__ in default (In 1.9 or before, HOME/gitbucket is default).
+
+This directory has following structure:
+
+```
+* /HOME/gitbucket
+  * /repositories 
+    * /USER_NAME
+      * /REPO_NAME.git (substance of repository. GitServlet sees this directory)
+      * /REPO_NAME
+        * /issues (files which are attached to issue)
+      * /REPO_NAME.wiki.git (wiki repository)
+  * /data
+    * /USER_NAME
+      * /files
+        * avatar.xxx (image file of user avatar)
+  * /plugins
+    * /PLUGIN_NAME
+      * plugin.js
+  * /tmp
+    * /_upload
+      * /SESSION_ID (removed at session timeout)
+        * current time millis + random 10 alphanumeric chars (temporary file for file uploading)
+    * /USER_NAME
+      * /init-REPO_NAME (used in repository creation and removed after it) ... unused since 1.8
+      * /REPO_NAME.wiki (working directory for wiki repository) ... unused since 1.8
+      * /REPO_NAME
+         * /download (temporary directories are created under this directory)
+```
+
+There are some ways to specify the data directory instead of the default location.
+
+1. Environment variable __GITBUCKET_HOME__
+2. System property __gitbucket.home__ (e.g. ```-Dgitbucket.home=PATH_TO_DATADIR```)
+3. Command line option for embedded Jetty (e.g. ```java -jar gitbucket.war --data=PATH_TO_DATADIR```)
+4. Context parameter __gitbucket.home__ in web.xml like below:
+```xml
+<context-param>
+  <param-name>gitbucket.home</param-name>
+  <param-value>PATH_TO_DATADIR</param-value>
+</context-param>
+```
--- a/doc/gitbucket.erd
+++ b/doc/gitbucket.erd
--- a/doc/how_to_run.md
+++ b/doc/how_to_run.md
@@ -0,0 +1,34 @@
+How to run from the source tree
+========
+
+Run for Development
+--------
+
+If you want to test GitBucket, input following command at the root directory of the source tree.
+
+```
+$ sbt ~jetty:start
+```
+
+Then access to `http://localhost:8080/` by your browser. The default administrator account is `root` and password is `root`.
+
+Source code modification is detected and reloaded automatically. You can modify logging configuration by editing `src/main/resources/logback-dev.xml`.
+
+Build war file
+--------
+
+To build war file, run the following command:
+
+```
+$ sbt package
+```
+
+`gitbucket_2.11-x.x.x.war` is generated into `target/scala-2.11`.
+
+To build executable war file, run
+
+```
+$ sbt executable
+```
+
+at the top of the source tree. It generates executable `gitbucket.war` into `target/executable`. We release this war file as release artifact.
--- a/doc/icons.svg
+++ b/doc/icons.svg
@@ -379,21 +379,21 @@
      <path d="M588.909,926.673 L560.094,910.545 L564.713,935.73 L588.909,926.673 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="1.313" stroke-linecap="round"/>
    </g>
    <g id="rect3075-11">
-      <path d="M779.562,898.094 C779.396,912.75 779.229,927.406 779.062,942.062 C781.26,942.084 783.458,942.104 785.656,942.125 C784.104,943.688 782.552,945.25 781,946.813 C801.708,967.521 822.417,988.229 843.125,1008.938 C858.531,993.531 873.938,978.125 889.344,962.719 C868.635,942 847.927,921.281 827.219,900.563 C825.49,902.302 823.76,904.042 822.031,905.781 C822.052,903.386 822.073,900.99 822.094,898.594 C807.917,898.427 793.74,898.261 779.563,898.094 z" fill="#FFFFFF"/>
-      <path d="M779.562,898.094 C779.396,912.75 779.229,927.406 779.062,942.062 C781.26,942.084 783.458,942.104 785.656,942.125 C784.104,943.688 782.552,945.25 781,946.813 C801.708,967.521 822.417,988.229 843.125,1008.938 C858.531,993.531 873.938,978.125 889.344,962.719 C868.635,942 847.927,921.281 827.219,900.563 C825.49,902.302 823.76,904.042 822.031,905.781 C822.052,903.386 822.073,900.99 822.094,898.594 C807.917,898.427 793.74,898.261 779.563,898.094 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="9" stroke-linecap="round"/>
+      <path d="M1389.845,733.625 C1389.679,748.281 1389.512,762.937 1389.345,777.593 C1391.543,777.615 1393.741,777.635 1395.939,777.656 C1394.387,779.219 1392.835,780.781 1391.283,782.344 C1411.991,803.052 1432.7,823.76 1453.408,844.469 C1468.814,829.062 1484.221,813.656 1499.627,798.25 C1478.918,777.531 1458.21,756.812 1437.502,736.094 C1435.773,737.833 1434.043,739.573 1432.314,741.312 C1432.335,738.917 1432.356,736.521 1432.377,734.125 C1418.2,733.958 1404.023,733.792 1389.846,733.625 z" fill="#FFFFFF"/>
+      <path d="M1389.845,733.625 C1389.679,748.281 1389.512,762.937 1389.345,777.593 C1391.543,777.615 1393.741,777.635 1395.939,777.656 C1394.387,779.219 1392.835,780.781 1391.283,782.344 C1411.991,803.052 1432.7,823.76 1453.408,844.469 C1468.814,829.062 1484.221,813.656 1499.627,798.25 C1478.918,777.531 1458.21,756.812 1437.502,736.094 C1435.773,737.833 1434.043,739.573 1432.314,741.312 C1432.335,738.917 1432.356,736.521 1432.377,734.125 C1418.2,733.958 1404.023,733.792 1389.846,733.625 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="9" stroke-linecap="round"/>
    </g>
    <path d="M606.483,964.91 L606.483,951.243 L672.089,951.243 L672.089,964.91 z" fill="#B3B3B3" id="rect2995-0-2-8-6"/>
    <g id="rect3075-11-7">
-      <path d="M786.383,905.075 C786.256,916.229 786.129,927.383 786.003,938.537 C787.675,938.553 789.348,938.568 791.021,938.584 C789.839,939.773 788.658,940.963 787.477,942.152 C803.237,957.911 818.997,973.671 834.756,989.431 C846.481,977.706 858.206,965.982 869.93,954.257 C854.171,938.489 838.411,922.722 822.651,906.954 C821.335,908.278 820.019,909.602 818.703,910.926 C818.719,909.102 818.734,907.279 818.751,905.456 C807.961,905.329 797.172,905.202 786.383,905.075 z" fill="#FFFFFF"/>
-      <path d="M786.383,905.075 C786.256,916.229 786.129,927.383 786.003,938.537 C787.675,938.553 789.348,938.568 791.021,938.584 C789.839,939.773 788.658,940.963 787.477,942.152 C803.237,957.911 818.997,973.671 834.756,989.431 C846.481,977.706 858.206,965.982 869.93,954.257 C854.171,938.489 838.411,922.722 822.651,906.954 C821.335,908.278 820.019,909.602 818.703,910.926 C818.719,909.102 818.734,907.279 818.751,905.456 C807.961,905.329 797.172,905.202 786.383,905.075 z" fill-opacity="0" stroke="#FFFFFF" stroke-width="6.849" stroke-linecap="round"/>
+      <path d="M1396.666,740.606 C1396.539,751.76 1396.412,762.914 1396.286,774.068 C1397.958,774.084 1399.631,774.099 1401.304,774.115 C1400.122,775.304 1398.941,776.494 1397.76,777.683 C1413.52,793.442 1429.28,809.202 1445.039,824.962 C1456.764,813.237 1468.489,801.513 1480.213,789.788 C1464.454,774.02 1448.694,758.253 1432.934,742.485 C1431.618,743.809 1430.302,745.133 1428.986,746.457 C1429.002,744.633 1429.017,742.81 1429.034,740.987 C1418.244,740.86 1407.455,740.733 1396.666,740.606 z" fill="#FFFFFF"/>
+      <path d="M1396.666,740.606 C1396.539,751.76 1396.412,762.914 1396.286,774.068 C1397.958,774.084 1399.631,774.099 1401.304,774.115 C1400.122,775.304 1398.941,776.494 1397.76,777.683 C1413.52,793.442 1429.28,809.202 1445.039,824.962 C1456.764,813.237 1468.489,801.513 1480.213,789.788 C1464.454,774.02 1448.694,758.253 1432.934,742.485 C1431.618,743.809 1430.302,745.133 1428.986,746.457 C1429.002,744.633 1429.017,742.81 1429.034,740.987 C1418.244,740.86 1407.455,740.733 1396.666,740.606 z" fill-opacity="0" stroke="#FFFFFF" stroke-width="6.849" stroke-linecap="round"/>
    </g>
    <g id="path3100-2">
-      <path d="M813.748,916.688 C818.255,921.195 818.255,928.501 813.748,933.008 C809.242,937.514 801.935,937.514 797.429,933.008 C792.922,928.501 792.922,921.195 797.429,916.688 C801.935,912.182 809.242,912.182 813.748,916.688 z" fill="#FFFFFF"/>
-      <path d="M813.748,916.688 C818.255,921.195 818.255,928.501 813.748,933.008 C809.242,937.514 801.935,937.514 797.429,933.008 C792.922,928.501 792.922,921.195 797.429,916.688 C801.935,912.182 809.242,912.182 813.748,916.688 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="7.585" stroke-linecap="round"/>
+      <path d="M1424.031,752.219 C1428.538,756.726 1428.538,764.032 1424.031,768.539 C1419.525,773.045 1412.218,773.045 1407.712,768.539 C1403.205,764.032 1403.205,756.726 1407.712,752.219 C1412.218,747.713 1419.525,747.713 1424.031,752.219 z" fill="#FFFFFF"/>
+      <path d="M1424.031,752.219 C1428.538,756.726 1428.538,764.032 1424.031,768.539 C1419.525,773.045 1412.218,773.045 1407.712,768.539 C1403.205,764.032 1403.205,756.726 1407.712,752.219 C1412.218,747.713 1419.525,747.713 1424.031,752.219 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="7.585" stroke-linecap="round"/>
    </g>
    <g id="rect4114">
-      <path d="M813.845,955.107 L834.888,934.064 L864.012,963.188 L842.969,984.231 z" fill="#FFFFFF"/>
-      <path d="M813.845,955.107 L834.888,934.064 L864.012,963.188 L842.969,984.231 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="7.133"/>
+      <path d="M1424.128,790.638 L1445.171,769.595 L1474.295,798.719 L1453.252,819.762 z" fill="#FFFFFF"/>
+      <path d="M1424.128,790.638 L1445.171,769.595 L1474.295,798.719 L1453.252,819.762 z" fill-opacity="0" stroke="#B3B3B3" stroke-width="7.133"/>
    </g>
    <g id="path2991-7-6">
      <path d="M969.889,84.636 C969.889,122.652 939.072,153.469 901.056,153.469 C863.04,153.469 832.223,122.652 832.223,84.636 C832.223,46.62 863.04,15.803 901.056,15.803 C939.072,15.803 969.889,46.62 969.889,84.636 z" fill="#A0A0A0"/>
@@ -750,5 +750,45 @@
    </g>
    <path d="M1396.792,592.168 C1426.908,592.168 1450.613,610.989 1450.613,639.54" fill-opacity="0" stroke="#A0A0A0" stroke-width="20" stroke-linecap="round"/>
    <path d="M1397.792,545.653 C1453.613,544.493 1499.627,588.735 1499.627,636.54" fill-opacity="0" stroke="#A0A0A0" stroke-width="20" stroke-linecap="round"/>
+    <path d="M871.125,1039.025 C871.125,1039.025 873.794,1016.889 908.043,1011.524 C919.748,1009.691 945.861,1005.107 945.861,978.522" fill-opacity="0" stroke="#A0A0A0" stroke-width="17.059" id="path3207"/>
+    <g id="rect3818-4-8-4">
+      <path d="M869.474,950.497 L871.997,950.497 L871.997,1031.308 L869.474,1031.308 z" fill="#A0A0A0"/>
+      <g>
+        <path d="M869.474,950.497 L871.997,950.497 L871.997,1031.308 L869.474,1031.308 z" fill="#A0A0A0"/>
+        <path d="M869.474,950.497 L871.997,950.497 L871.997,1031.308 L869.474,1031.308 z" fill-opacity="0" stroke="#A0A0A0" stroke-width="15"/>
+      </g>
+    </g>
+    <g id="path3795-4-8-7-8">
+      <path d="M888.074,1051.656 C888.074,1060.906 880.5,1068.405 871.159,1068.405 C861.817,1068.405 854.243,1060.906 854.243,1051.656 C854.243,1042.406 861.817,1034.908 871.159,1034.908 C880.5,1034.908 888.074,1042.406 888.074,1051.656 z" fill="#FFFFFF"/>
+      <path d="M888.074,1051.656 C888.074,1060.906 880.5,1068.405 871.159,1068.405 C861.817,1068.405 854.243,1060.906 854.243,1051.656 C854.243,1042.406 861.817,1034.908 871.159,1034.908 C880.5,1034.908 888.074,1042.406 888.074,1051.656 z" fill-opacity="0" stroke="#A0A0A0" stroke-width="7.989"/>
+    </g>
+    <g id="path3795-8-4-8">
+      <path d="M886.883,935.155 C886.883,944.404 879.31,951.903 869.968,951.903 C860.626,951.903 853.054,944.404 853.054,935.155 C853.054,925.904 860.626,918.405 869.968,918.405 C879.31,918.405 886.883,925.904 886.883,935.155 z" fill="#FFFFFF"/>
+      <path d="M886.883,935.155 C886.883,944.404 879.31,951.903 869.968,951.903 C860.626,951.903 853.054,944.404 853.054,935.155 C853.054,925.904 860.626,918.405 869.968,918.405 C879.31,918.405 886.883,925.904 886.883,935.155 z" fill-opacity="0" stroke="#A0A0A0" stroke-width="7.989"/>
+    </g>
+    <g id="path3795-8-4-8-2">
+      <path d="M965.046,971.602 C965.046,980.852 957.472,988.351 948.13,988.351 C938.789,988.351 931.215,980.852 931.215,971.602 C931.215,962.352 938.789,954.854 948.13,954.854 C957.472,954.854 965.046,962.352 965.046,971.602 z" fill="#FFFFFF"/>
+      <path d="M965.046,971.602 C965.046,980.852 957.472,988.351 948.13,988.351 C938.789,988.351 931.215,980.852 931.215,971.602 C931.215,962.352 938.789,954.854 948.13,954.854 C957.472,954.854 965.046,962.352 965.046,971.602 z" fill-opacity="0" stroke="#A0A0A0" stroke-width="7.989"/>
+    </g>
+    <path d="M1114.353,1042.412 C1114.353,1042.412 1117.022,1020.275 1151.271,1014.91 C1162.976,1013.077 1189.089,1008.493 1189.089,981.909" fill-opacity="0" stroke="#000000" stroke-width="17.059" id="path3207"/>
+    <g id="rect3818-4-8-4">
+      <path d="M1112.701,953.884 L1115.225,953.884 L1115.225,1034.695 L1112.701,1034.695 z" fill="#A0A0A0"/>
+      <g>
+        <path d="M1112.701,953.884 L1115.225,953.884 L1115.225,1034.695 L1112.701,1034.695 z" fill="#A0A0A0"/>
+        <path d="M1112.701,953.884 L1115.225,953.884 L1115.225,1034.695 L1112.701,1034.695 z" fill-opacity="0" stroke="#000000" stroke-width="15"/>
+      </g>
+    </g>
+    <g id="path3795-4-8-7-8">
+      <path d="M1131.302,1055.043 C1131.302,1064.293 1123.728,1071.791 1114.386,1071.791 C1105.045,1071.791 1097.471,1064.293 1097.471,1055.043 C1097.471,1045.792 1105.045,1038.294 1114.386,1038.294 C1123.728,1038.294 1131.302,1045.792 1131.302,1055.043 z" fill="#FFFFFF"/>
+      <path d="M1131.302,1055.043 C1131.302,1064.293 1123.728,1071.791 1114.386,1071.791 C1105.045,1071.791 1097.471,1064.293 1097.471,1055.043 C1097.471,1045.792 1105.045,1038.294 1114.386,1038.294 C1123.728,1038.294 1131.302,1045.792 1131.302,1055.043 z" fill-opacity="0" stroke="#000000" stroke-width="7.989"/>
+    </g>
+    <g id="path3795-8-4-8">
+      <path d="M1130.111,938.542 C1130.111,947.791 1122.537,955.29 1113.196,955.29 C1103.854,955.29 1096.282,947.791 1096.282,938.542 C1096.282,929.291 1103.854,921.792 1113.196,921.792 C1122.537,921.792 1130.111,929.291 1130.111,938.542 z" fill="#FFFFFF"/>
+      <path d="M1130.111,938.542 C1130.111,947.791 1122.537,955.29 1113.196,955.29 C1103.854,955.29 1096.282,947.791 1096.282,938.542 C1096.282,929.291 1103.854,921.792 1113.196,921.792 C1122.537,921.792 1130.111,929.291 1130.111,938.542 z" fill-opacity="0" stroke="#000000" stroke-width="7.989"/>
+    </g>
+    <g id="path3795-8-4-8-2">
+      <path d="M1208.274,974.989 C1208.274,984.239 1200.7,991.738 1191.358,991.738 C1182.016,991.738 1174.443,984.239 1174.443,974.989 C1174.443,965.739 1182.016,958.241 1191.358,958.241 C1200.7,958.241 1208.274,965.739 1208.274,974.989 z" fill="#FFFFFF"/>
+      <path d="M1208.274,974.989 C1208.274,984.239 1200.7,991.738 1191.358,991.738 C1182.016,991.738 1174.443,984.239 1174.443,974.989 C1174.443,965.739 1182.016,958.241 1191.358,958.241 C1200.7,958.241 1208.274,965.739 1208.274,974.989 z" fill-opacity="0" stroke="#000000" stroke-width="7.989"/>
+    </g>
  </g>
 </svg>
--- a/doc/jrebel.md
+++ b/doc/jrebel.md
@@ -0,0 +1,148 @@
+JRebel integration (optional)
+=============================
+
+[JRebel](http://zeroturnaround.com/software/jrebel/) is a JVM plugin that makes developing web apps much faster.
+JRebel is generally able to eliminate the need for the following slow "app restart" in sbt following a code change:
+
+```
+> jetty:start
+```
+
+While JRebel is not open source, it does reload your code faster than the `~;copy-resources;aux-compile` way of doing things using `sbt`.
+
+It's only used during development, and doesn't change your deployed app in any way.
+
+JRebel used to be free for Scala developers, but that changed recently, and now there's a cost associated with usage for Scala. There are trial plans and free non-commercial licenses available if you just want to try it out.
+
+----
+
+## 1. Get a JRebel license
+
+Sign up for a [usage plan](https://my.jrebel.com/). You will need to create an account.
+
+## 2. Download JRebel
+
+Download the most recent ["nosetup" JRebel zip](http://zeroturnaround.com/software/jrebel/download/prev-releases/).
+Next, unzip the downloaded file.
+
+## 3. Activate
+
+Follow the [instructions on the JRebel website](http://zeroturnaround.com/software/jrebel/download/prev-releases/) to activate your downloaded JRebel.
+
+You can use the default settings for all the configurations.
+
+You don't need to integrate with your IDE, since we're using sbt to do the servlet deployment.
+
+## 4. Tell jvm where JRebel is
+
+Fortunately, the gitbucket project is already set up to use JRebel.
+You only need to tell jvm where to find the jrebel jar.
+
+To do so, edit your shell resource file (usually `~/.bash_profile` on Mac, and `~/.bashrc` on Linux), and add the following line:
+
+```bash
+export JREBEL=/path/to/jrebel/jrebel.jar
+```
+
+For example, if you unzipped your JRebel download in your home directory, you whould use:
+
+```bash
+export JREBEL=~/jrebel/jrebel.jar
+```
+
+Now reload your shell:
+
+```
+$ source ~/.bash_profile # on Mac
+$ source ~/.bashrc       # on Linux
+```
+
+## 5. See it in action!
+
+Now you're ready to use JRebel with the gitbucket.
+When you run sbt as normal, you will see a long message from JRebel, indicating it has loaded.
+Here's an abbreviated version of what you will see:
+
+```
+$ ./sbt
+[info] Loading project definition from /git/gitbucket/project
+[info] Set current project to gitbucket (in build file:/git/gitbucket/)
+>
+```
+
+You will start the servlet container slightly differently now that you're using sbt.
+
+```
+> jetty:start
+:
+[info] starting server ...
+[success] Total time: 3 s, completed Jan 3, 2016 9:47:55 PM
+2016-01-03 21:47:57 JRebel:
+2016-01-03 21:47:57 JRebel: A newer version '6.3.1' is available for download
+2016-01-03 21:47:57 JRebel: from http://zeroturnaround.com/software/jrebel/download/
+2016-01-03 21:47:57 JRebel:
+2016-01-03 21:47:58 JRebel: Contacting myJRebel server ..
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/scala-2.11/classes' will be monitored for changes.
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/scala-2.11/test-classes' will be monitored for changes.
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/webapp' will be monitored for changes.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  #############################################################
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  JRebel Legacy Agent 6.2.5 (201509291538)
+2016-01-03 21:48:00 JRebel:  (c) Copyright ZeroTurnaround AS, Estonia, Tartu.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Over the last 30 days JRebel prevented
+2016-01-03 21:48:00 JRebel:  at least 182 redeploys/restarts saving you about 7.4 hours.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Over the last 324 days JRebel prevented
+2016-01-03 21:48:00 JRebel:  at least 1538 redeploys/restarts saving you about 62.4 hours.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Licensed to nazo king (using myJRebel).
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  #############################################################
+2016-01-03 21:48:00 JRebel:
+:
+
+> ~ copy-resources
+[success] Total time: 0 s, completed Jan 3, 2016 9:13:54 PM
+1. Waiting for source changes... (press enter to interrupt)
+```
+
+Finally, change your code.
+For example, you can change the title on `src/main/twirl/gitbucket/core/main.scala.html` like this:
+
+```html
+:
+  <a class="navbar-brand" href="@path/">
+    <img src="@assets/common/images/gitbucket.png" style="width: 24px; height: 24px;"/>GitBucket
+    @defining(AutoUpdate.getCurrentVersion){ version =>
+      <span class="header-version">@version.majorVersion.@version.minorVersion</span>
+    }
+    change code !!!!!!!!!!!!!!!!
+  </a>
+:
+```
+
+If JRebel is doing is correctly installed you will see a notice for you:
+
+```
+1. Waiting for source changes... (press enter to interrupt)
+2016-01-03 21:48:42 JRebel: Reloading class 'gitbucket.core.html.main$'.
+[info] Wrote rebel.xml to /git/gitbucket/target/scala-2.11/resource_managed/main/rebel.xml
+[info] Compiling 1 Scala source to /git/gitbucket/target/scala-2.11/classes...
+[success] Total time: 3 s, completed Jan 3, 2016 9:48:55 PM
+2. Waiting for source changes... (press enter to interrupt)
+```
+
+And you reload browser, JRebel give notice of that it has reloaded classes:
+
+```
+[success] Total time: 3 s, completed Jan 3, 2016 9:48:55 PM
+2. Waiting for source changes... (press enter to interrupt)
+2016-01-03 21:49:13 JRebel: Reloading class 'gitbucket.core.html.main$'.
+```
+
+## 6. Limitations
+
+JRebel is nearly always able to eliminate the need to explicitly reload your container after a code change. However, if you change any of your routes patterns, there is nothing JRebel can do, you will have to run `jetty:start`.
--- a/doc/notification.md
+++ b/doc/notification.md
@@ -0,0 +1,23 @@
+Notification Email
+========
+
+GitBucket sends email to target users by enabling the notification email by an administrator.
+
+The timing of the notification are as follows:
+
+##### at the issue registration (new issue, new pull request)
+When a record is saved into the ```ISSUE``` table, GitBucket does the notification.
+
+##### at the comment registration
+Among the records in the ```ISSUE_COMMENT``` table, them to be counted as a comment (i.e. the record ```ACTION``` column value is "comment" or "close_comment" or "reopen_comment") are saved, GitBucket does the notification.
+
+##### at the status update (close, reopen, merge)
+When the ```CLOSED``` column value is updated, GitBucket does the notification.
+
+Notified users are as follows:
+
+* individual repository's owner
+* collaborators
+* participants
+
+However, the operation in person is excluded from the target.
--- a/doc/readme.md
+++ b/doc/readme.md
@@ -0,0 +1,12 @@
+Developer's Guide
+========
+ * [How to run from source tree](how_to_run.md)
+ * [Directory Structure](directory.md)
+ * [Mapping and Validation](validation.md)
+ * [Authentication in Controller](authenticator.md)
+ * [About Action in Issue Comment](comment_action.md)
+ * [Activity Types](activity.md)
+ * [Notification Email](notification.md)
+ * [Automatic Schema Updating](auto_update.md)
+ * [Release Operation](release.md)
+ * [JRebel integration (optional)](jrebel.md)
--- a/doc/release.md
+++ b/doc/release.md
@@ -0,0 +1,53 @@
+Release Operation
+========
+
+Update version number
+--------
+
+Note to update version number in files below:
+
+### project/build.scala
+
+```scala
+object MyBuild extends Build {
+  val Organization = "gitbucket"
+  val Name = "gitbucket"
+  val Version = "3.3.0" // <---- update version!!
+  val ScalaVersion = "2.11.6"
+  val ScalatraVersion = "2.3.1"
+```
+
+### src/main/scala/gitbucket/core/servlet/AutoUpdate.scala
+
+```scala
+object AutoUpdate {
+
+  /**
+   * The history of versions. A head of this sequence is the current GitBucket version.
+   */
+  val versions = Seq(
+    new Version(3, 3), // <---- add this line!!
+    new Version(3, 2),
+```
+
+Generate release files
+--------
+
+Note: Release operation requires [Ant](http://ant.apache.org/) and [Maven](https://maven.apache.org/).
+
+### Make release war file
+
+Run `sbt executable`. The release war file and fingerprint are generated into `target/executable/gitbucket.war`.
+
+```bash
+$sbt executable
+```
+
+### Deploy assembly jar file
+
+For plug-in development, we have to publish the assembly jar file to the public Maven repository by `release/deploy-assembly-jar.sh`.
+
+```bash
+$ cd release/
+$ ./deploy-assembly-jar.sh
+```
--- a/doc/validation.md
+++ b/doc/validation.md
@@ -0,0 +1,71 @@
+Mapping and Validation
+========
+GitBucket uses [scalatra-forms](https://github.com/takezoe/scalatra-forms) to validate request parameters and map them to the scala object. This is inspired by Play2 form mapping / validation.
+
+At first, define the mapping as following:
+
+```scala
+import jp.sf.amateras.scalatra.forms._
+
+case class RegisterForm(name: String, description: String)
+
+val form = mapping(
+  "name"        -> text(required, maxlength(40)),
+  "description" -> text()
+)(RegisterForm.apply)
+```
+
+The servlet have to mixed in ```jp.sf.amateras.scalatra.forms.ClientSideValidationFormSupport``` to validate request parameters and take mapped object. It validates request parameters before action. If any errors are detected, it throws an exception.
+
+```scala
+class RegisterServlet extends ScalatraServlet with ClientSideValidationFormSupport {
+  post("/register", form) { form: RegisterForm =>
+    ...
+  }
+}
+```
+
+In the view template, you can add client-side validation by adding ```validate="true"``` to your form. Error messages are set to ```span#error-<fieldname>```.
+
+```html
+<form method="POST" action="/register" validate="true">
+  Name: <input type="name" type="text">
+  <span class="error" id="error-name"></span>
+  <br/>
+  Description: <input type="description" type="text">
+  <span class="error" id="error-description"></span>
+  <br/>
+  <input type="submit" value="Register"/>
+</form>
+```
+
+Client-side validation calls ```<form-action>/validate``` to validate form contents. It returns a validation result as JSON. In this case, form action is ```/register```, so ```/register/validate``` is called before submitting a form. ```ClientSideValidationFormSupport``` adds this JSON API automatically.
+
+For Ajax request, you have to use '''ajaxGet''' or '''ajaxPost''' to define action. It almost same as '''get''' or '''post'''. You can implement actions which handle Ajax request as same as normal actions.
+Small difference is they return validation errors as JSON.
+
+```scala
+ajaxPost("/register", form){ form =>
+  ...
+}
+```
+
+You can call these actions using jQuery as below:
+
+```javascript
+$('#register').click(function(e){
+  $.ajax($(this).attr('action'), {
+    type: 'POST',
+    data: {
+      name: $('#name').val(),
+      mail: $('#mail').val()
+    }
+  })
+  .done(function(data){
+    $('#result').text('Registered!');
+  })
+  .fail(function(data, status){
+    displayErrors($.parseJSON(data.responseText));
+  });
+});
+```
--- a/embed-jetty/javax.servlet-3.0.0.v201112011016.jar
+++ b/embed-jetty/javax.servlet-3.0.0.v201112011016.jar
--- a/embed-jetty/jetty-continuation-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-continuation-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-http-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-http-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-io-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-io-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-security-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-security-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-server-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-server-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-servlet-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-servlet-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-util-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-util-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-webapp-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-webapp-8.1.8.v20121106.jar
--- a/embed-jetty/jetty-xml-8.1.8.v20121106.jar
+++ b/embed-jetty/jetty-xml-8.1.8.v20121106.jar
--- a/project/build.properties
+++ b/project/build.properties
@@ -1 +1 @@
-sbt.version=0.13.5
+sbt.version=0.13.8
--- a/project/build.scala
+++ b/project/build.scala
@@ -1,59 +0,0 @@
-import sbt._
-import Keys._
-import org.scalatra.sbt._
-import com.typesafe.sbteclipse.plugin.EclipsePlugin.EclipseKeys
-import play.twirl.sbt.SbtTwirl
-import play.twirl.sbt.Import.TwirlKeys._
-
-object MyBuild extends Build {
-  val Organization = "jp.sf.amateras"
-  val Name = "gitbucket"
-  val Version = "0.0.1"
-  val ScalaVersion = "2.11.2"
-  val ScalatraVersion = "2.3.0"
-
-  lazy val project = Project (
-    "gitbucket",
-    file(".")
-  )
-  .settings(ScalatraPlugin.scalatraWithJRebel: _*)
-  .settings(
-    sourcesInBase := false,
-    organization := Organization,
-    name := Name,
-    version := Version,
-    scalaVersion := ScalaVersion,
-    resolvers ++= Seq(
-      Classpaths.typesafeReleases,
-      "amateras-repo" at "http://amateras.sourceforge.jp/mvn/"
-    ),
-    scalacOptions := Seq("-deprecation", "-language:postfixOps"),
-    libraryDependencies ++= Seq(
-      "org.eclipse.jgit" % "org.eclipse.jgit.http.server" % "3.4.1.201406201815-r",
-      "org.eclipse.jgit" % "org.eclipse.jgit.archive" % "3.4.1.201406201815-r",
-      "org.scalatra" %% "scalatra" % ScalatraVersion,
-      "org.scalatra" %% "scalatra-specs2" % ScalatraVersion % "test",
-      "org.scalatra" %% "scalatra-json" % ScalatraVersion,
-      "org.json4s" %% "json4s-jackson" % "3.2.10",
-      "jp.sf.amateras" %% "scalatra-forms" % "0.1.0",
-      "commons-io" % "commons-io" % "2.4",
-      "org.pegdown" % "pegdown" % "1.4.1",
-      "org.apache.commons" % "commons-compress" % "1.5",
-      "org.apache.commons" % "commons-email" % "1.3.1",
-      "org.apache.httpcomponents" % "httpclient" % "4.3",
-      "org.apache.sshd" % "apache-sshd" % "0.11.0",
-      "com.typesafe.slick" %% "slick" % "2.1.0",
-      "com.novell.ldap" % "jldap" % "2009-10-07",
-      "com.h2database" % "h2" % "1.4.180",
-      "ch.qos.logback" % "logback-classic" % "1.0.13" % "runtime",
-      "org.eclipse.jetty" % "jetty-webapp" % "8.1.8.v20121106" % "container;provided",
-      "org.eclipse.jetty.orbit" % "javax.servlet" % "3.0.0.v201112011016" % "container;provided;test" artifacts Artifact("javax.servlet", "jar", "jar"),
-      "junit" % "junit" % "4.11" % "test",
-      "com.typesafe.play" %% "twirl-compiler" % "1.0.2"
-    ),
-    EclipseKeys.withSource := true,
-    javacOptions in compile ++= Seq("-target", "7", "-source", "7"),
-    testOptions in Test += Tests.Argument(TestFrameworks.Specs2, "junitxml", "console"),
-    packageOptions += Package.MainClass("JettyLauncher")
-  ).enablePlugins(SbtTwirl)
-}
--- a/project/plugins.sbt
+++ b/project/plugins.sbt
@@ -1,9 +1,6 @@
-addSbtPlugin("com.typesafe.sbteclipse" % "sbteclipse-plugin" % "2.4.0")
+scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")

-addSbtPlugin("com.github.mpeltonen" % "sbt-idea" % "1.6.0")
-
-addSbtPlugin("org.scalatra.sbt" % "scalatra-sbt" % "0.3.5")
-
-addSbtPlugin("com.typesafe.sbt" % "sbt-twirl" % "1.0.2")
-
-addSbtPlugin("com.timushev.sbt" % "sbt-updates" % "0.1.4")
+addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"       % "1.0.4")
+addSbtPlugin("com.eed3si9n"     % "sbt-assembly"    % "0.12.0")
+addSbtPlugin("com.earldouglas"  % "xsbt-web-plugin" % "2.1.0")
+addSbtPlugin("fi.gekkio.sbtplugins" % "sbt-jrebel-plugin" % "0.10.0")
--- a/release/deploy-assembly-jar.sh
+++ b/release/deploy-assembly-jar.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+. ./env.sh
+
+cd ../
+./sbt.sh clean assembly
+
+cd release
+
+if [[ "$GITBUCKET_VERSION" =~ -SNAPSHOT$ ]]; then
+  MVN_DEPLOY_PATH=mvn-snapshot
+else
+  MVN_DEPLOY_PATH=mvn
+fi
+
+echo $MVN_DEPLOY_PATH
+
+mvn deploy:deploy-file \
+  -DgroupId=gitbucket\
+  -DartifactId=gitbucket-assembly\
+  -Dversion=$GITBUCKET_VERSION\
+  -Dpackaging=jar\
+  -Dfile=../target/scala-2.11/gitbucket-assembly-$GITBUCKET_VERSION.jar\
+  -DrepositoryId=sourceforge.jp\
+  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/$MVN_DEPLOY_PATH/
--- a/release/env.sh
+++ b/release/env.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+export GITBUCKET_VERSION=`cat ../project/build.scala | grep 'val Version' | cut -d \" -f 2`
+echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"
--- a/release/pom.xml
+++ b/release/pom.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>jp.sf.amateras</groupId>
+    <artifactId>gitbucket-assembly</artifactId>
+    <version>0.0.1</version>
+    <build>
+        <extensions>
+            <extension>
+                <groupId>org.apache.maven.wagon</groupId>
+                <artifactId>wagon-ssh</artifactId>
+                <version>1.0-beta-6</version>
+            </extension>
+        </extensions>
+    </build>
+</project>
--- a/sbt-launch-0.13.5.jar
+++ b/sbt-launch-0.13.5.jar
--- a/sbt-launch-0.13.8.jar
+++ b/sbt-launch-0.13.8.jar
--- a/sbt.bat
+++ b/sbt.bat
@@ -1,2 +1,2 @@
 set SCRIPT_DIR=%~dp0
-java -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.5.jar" %*
+java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.8.jar" %*
--- a/sbt.sh
+++ b/sbt.sh
@@ -1,2 +1,2 @@
 #!/bin/sh
-java -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.5.jar "$@"
+java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.8.jar "$@"
--- a/src/main/java/JettyLauncher.java
+++ b/src/main/java/JettyLauncher.java
@@ -1,5 +1,4 @@
 import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
 import org.eclipse.jetty.webapp.WebAppContext;

 import java.io.File;
@@ -30,16 +29,16 @@ public class JettyLauncher {
            }
        }

-        Server server = new Server();
+        Server server = new Server(port);

-        SelectChannelConnector connector = new SelectChannelConnector();
-        if(host != null) {
-            connector.setHost(host);
-        }
-        connector.setMaxIdleTime(1000 * 60 * 60);
-        connector.setSoLingerTime(-1);
-        connector.setPort(port);
-        server.addConnector(connector);
+//        SelectChannelConnector connector = new SelectChannelConnector();
+//        if(host != null) {
+//            connector.setHost(host);
+//        }
+//        connector.setMaxIdleTime(1000 * 60 * 60);
+//        connector.setSoLingerTime(-1);
+//        connector.setPort(port);
+//        server.addConnector(connector);

        WebAppContext context = new WebAppContext();

--- a/src/main/java/gitbucket/core/util/PatchUtil.java
+++ b/src/main/java/gitbucket/core/util/PatchUtil.java
@@ -1,4 +1,4 @@
-package util;
+package gitbucket.core.util;

 import org.eclipse.jgit.api.errors.PatchApplyException;
 import org.eclipse.jgit.diff.RawText;
--- a/src/main/resources/database.conf
+++ b/src/main/resources/database.conf
@@ -0,0 +1,6 @@
+db {
+  driver = "org.h2.Driver"
+  url = "jdbc:h2:${DatabaseHome};MVCC=true"
+  user = "sa"
+  password = "sa"
+}
--- a/src/main/resources/logback-dev.xml
+++ b/src/main/resources/logback-dev.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+    <file>gitbucket.log</file>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+
+  <root level="INFO">
+    <appender-ref ref="STDOUT" />
+  </root>
+
+  <!--
+  <logger name="service.WebHookService" level="DEBUG" />
+  <logger name="servlet" level="DEBUG" />
+  -->
+  <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
+
+</configuration>
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -6,12 +6,23 @@
    </encoder>
  </appender>

+  <!--
+  <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+    <file>gitbucket.log</file>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+  -->
+
  <root level="INFO">
    <appender-ref ref="STDOUT" />
  </root>
-  
+
  <!--
  <logger name="service.WebHookService" level="DEBUG" />
  <logger name="servlet" level="DEBUG" />
+  <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
  -->
+
 </configuration>
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -0,0 +1,5 @@
+c3p0 {
+  privilegeSpawnedThreads=true
+  contextClassLoaderSource=library
+}
+
--- a/src/main/resources/update/1_0.sql
+++ b/src/main/resources/update/1_0.sql
@@ -128,7 +128,7 @@ INSERT INTO ACCOUNT (
  'root@localhost',
  'dc76e9f0c0006e8f919e0c515c66dbba3982f785',
  true,
-  'https://github.com/takezoe/gitbucket',
+  'https://github.com/gitbucket/gitbucket',
  SYSDATE,
  SYSDATE,
  NULL
--- a/src/main/resources/update/3_1.sql
+++ b/src/main/resources/update/3_1.sql
@@ -0,0 +1,42 @@
+DROP TABLE IF EXISTS ACCESS_TOKEN;
+
+CREATE TABLE ACCESS_TOKEN (
+   ACCESS_TOKEN_ID INT NOT NULL AUTO_INCREMENT,
+   TOKEN_HASH VARCHAR(40) NOT NULL,
+   USER_NAME VARCHAR(100) NOT NULL,
+   NOTE TEXT NOT NULL
+);
+
+ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_PK PRIMARY KEY (ACCESS_TOKEN_ID);
+ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
+  ON DELETE CASCADE ON UPDATE CASCADE;
+ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_TOKEN_HASH UNIQUE(TOKEN_HASH);
+
+
+DROP TABLE IF EXISTS COMMIT_STATUS;
+CREATE TABLE COMMIT_STATUS(
+  COMMIT_STATUS_ID INT AUTO_INCREMENT,
+  USER_NAME VARCHAR(100) NOT NULL,
+  REPOSITORY_NAME VARCHAR(100) NOT NULL,
+  COMMIT_ID VARCHAR(40) NOT NULL,
+  CONTEXT VARCHAR(255) NOT NULL, -- context is too long (maximum is 255 characters)
+  STATE VARCHAR(10) NOT NULL, -- pending, success, error, or failure
+  TARGET_URL VARCHAR(200),
+  DESCRIPTION TEXT,
+  CREATOR VARCHAR(100) NOT NULL,
+  REGISTERED_DATE TIMESTAMP NOT NULL, -- CREATED_AT
+  UPDATED_DATE TIMESTAMP NOT NULL -- UPDATED_AT
+);
+ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_PK PRIMARY KEY (COMMIT_STATUS_ID);
+ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_1
+  UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT);
+ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK1
+  FOREIGN KEY (USER_NAME, REPOSITORY_NAME)
+  REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
+  ON DELETE CASCADE ON UPDATE CASCADE;
+ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK2
+  FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
+  ON DELETE CASCADE ON UPDATE CASCADE;
+ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK3
+  FOREIGN KEY (CREATOR) REFERENCES ACCOUNT (USER_NAME)
+  ON DELETE CASCADE ON UPDATE CASCADE;
--- a/src/main/resources/update/3_11.sql
+++ b/src/main/resources/update/3_11.sql
@@ -0,0 +1,25 @@
+DROP TABLE IF EXISTS PROTECTED_BRANCH;
+
+CREATE TABLE PROTECTED_BRANCH(
+    USER_NAME VARCHAR(100) NOT NULL,
+    REPOSITORY_NAME VARCHAR(100) NOT NULL,
+    BRANCH VARCHAR(100) NOT NULL,
+    STATUS_CHECK_ADMIN BOOLEAN NOT NULL DEFAULT false
+);
+
+ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH);
+ALTER TABLE PROTECTED_BRANCH ADD CONSTRAINT IDX_PROTECTED_BRANCH_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
+  ON DELETE CASCADE ON UPDATE CASCADE;
+
+
+DROP TABLE IF EXISTS PROTECTED_BRANCH_REQUIRE_CONTEXT;
+CREATE TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT(
+    USER_NAME VARCHAR(100) NOT NULL,
+    REPOSITORY_NAME VARCHAR(100) NOT NULL,
+    BRANCH VARCHAR(100) NOT NULL,
+    CONTEXT VARCHAR(255) NOT NULL
+);
+
+ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT);
+ALTER TABLE PROTECTED_BRANCH_REQUIRE_CONTEXT ADD CONSTRAINT IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, BRANCH) REFERENCES PROTECTED_BRANCH (USER_NAME, REPOSITORY_NAME, BRANCH)
+  ON DELETE CASCADE ON UPDATE CASCADE;
--- a/src/main/resources/update/3_9.sql
+++ b/src/main/resources/update/3_9.sql
@@ -0,0 +1,55 @@
+DROP TABLE IF EXISTS WEB_HOOK_EVENT;
+
+CREATE TABLE WEB_HOOK_EVENT(
+    USER_NAME VARCHAR(100) NOT NULL,
+    REPOSITORY_NAME VARCHAR(100) NOT NULL,
+    URL VARCHAR(200) NOT NULL,
+    EVENT VARCHAR(30) NOT NULL
+);
+
+ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL, EVENT);
+ALTER TABLE WEB_HOOK_EVENT ADD CONSTRAINT IDX_WEB_HOOK_EVENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, URL) REFERENCES WEB_HOOK (USER_NAME, REPOSITORY_NAME, URL)
+  ON DELETE CASCADE ON UPDATE CASCADE;
+
+CREATE TEMPORARY TABLE TMP_EVENTS (EVENT VARCHAR(30));
+
+INSERT INTO TMP_EVENTS VALUES ('push'),('issue_comment'),('issues'),('pull_request');
+
+INSERT INTO WEB_HOOK_EVENT (USER_NAME, REPOSITORY_NAME, URL, EVENT)
+  SELECT USER_NAME, REPOSITORY_NAME, URL, EVENT
+    FROM WEB_HOOK, TMP_EVENTS;
+
+DROP TABLE TMP_EVENTS;
+
+ALTER TABLE COMMIT_COMMENT ADD COLUMN ISSUE_ID INT;
+
+CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
+ SELECT
+   A.USER_NAME,
+   A.REPOSITORY_NAME,
+   A.ISSUE_ID,
+   NVL(B.COMMENT_COUNT, 0) + NVL(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
+ FROM ISSUE A
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
+   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) B
+ ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) C
+ ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);
+
+
+UPDATE COMMIT_COMMENT C SET (ISSUE_ID) = (
+  SELECT MAX(P.ISSUE_ID)
+  FROM PULL_REQUEST P
+  WHERE
+    C.USER_NAME       = P.USER_NAME AND
+    C.REPOSITORY_NAME = P.REPOSITORY_NAME AND
+    C.COMMIT_ID       = P.COMMIT_ID_TO
+);
+
+ALTER TABLE COMMIT_COMMENT DROP COLUMN PULL_REQUEST;
--- a/src/main/scala/ScalatraBootstrap.scala
+++ b/src/main/scala/ScalatraBootstrap.scala
@@ -1,9 +1,14 @@
-import _root_.servlet.{BasicAuthenticationFilter, TransactionFilter}
-import app._
-//import jp.sf.amateras.scalatra.forms.ValidationJavaScriptProvider
-import org.scalatra._
-import javax.servlet._
+
+import gitbucket.core.controller._
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.servlet.{AccessTokenAuthenticationFilter, BasicAuthenticationFilter, Database, TransactionFilter}
+import gitbucket.core.util.Directory
+
 import java.util.EnumSet
+import javax.servlet._
+
+import org.scalatra._
+

 class ScalatraBootstrap extends LifeCycle {
  override def init(context: ServletContext) {
@@ -12,15 +17,22 @@ class ScalatraBootstrap extends LifeCycle {
    context.getFilterRegistration("transactionFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
    context.addFilter("basicAuthenticationFilter", new BasicAuthenticationFilter)
    context.getFilterRegistration("basicAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
-
+    context.addFilter("accessTokenAuthenticationFilter", new AccessTokenAuthenticationFilter)
+    context.getFilterRegistration("accessTokenAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
    // Register controllers
    context.mount(new AnonymousAccessController, "/*")
+
+    PluginRegistry().getControllers.foreach { case (controller, path) =>
+      context.mount(controller, path)
+    }
+
    context.mount(new IndexController, "/")
    context.mount(new SearchController, "/")
    context.mount(new FileUploadController, "/upload")
    context.mount(new DashboardController, "/*")
    context.mount(new UserManagementController, "/*")
    context.mount(new SystemSettingsController, "/*")
+    context.mount(new PluginsController, "/*")
    context.mount(new AccountController, "/*")
    context.mount(new RepositoryViewerController, "/*")
    context.mount(new WikiController, "/*")
@@ -31,9 +43,13 @@ class ScalatraBootstrap extends LifeCycle {
    context.mount(new RepositorySettingsController, "/*")

    // Create GITBUCKET_HOME directory if it does not exist
-    val dir = new java.io.File(_root_.util.Directory.GitBucketHome)
+    val dir = new java.io.File(Directory.GitBucketHome)
    if(!dir.exists){
      dir.mkdirs()
    }
  }
-}
+
+  override def destroy(context: ServletContext): Unit = {
+    Database.closeDataSource()
+  }
+}
--- a/src/main/scala/app/LabelsController.scala
+++ b/src/main/scala/app/LabelsController.scala
@@ -1,82 +0,0 @@
-package app
-
-import jp.sf.amateras.scalatra.forms._
-import service._
-import util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
-import util.Implicits._
-import org.scalatra.i18n.Messages
-import org.scalatra.Ok
-
-class LabelsController extends LabelsControllerBase
-  with LabelsService with IssuesService with RepositoryService with AccountService
-with ReferrerAuthenticator with CollaboratorsAuthenticator
-
-trait LabelsControllerBase extends ControllerBase {
-  self: LabelsService with IssuesService with RepositoryService
-    with ReferrerAuthenticator with CollaboratorsAuthenticator =>
-
-  case class LabelForm(labelName: String, color: String)
-
-  val labelForm = mapping(
-    "labelName"  -> trim(label("Label name", text(required, labelName, maxlength(100)))),
-    "labelColor" -> trim(label("Color",      text(required, color)))
-  )(LabelForm.apply)
-
-  get("/:owner/:repository/issues/labels")(referrersOnly { repository =>
-    issues.labels.html.list(
-      getLabels(repository.owner, repository.name),
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
-      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
-  })
-
-  ajaxGet("/:owner/:repository/issues/labels/new")(collaboratorsOnly { repository =>
-    issues.labels.html.edit(None, repository)
-  })
-
-  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(collaboratorsOnly { (form, repository) =>
-    val labelId = createLabel(repository.owner, repository.name, form.labelName, form.color.substring(1))
-    issues.labels.html.label(
-      getLabel(repository.owner, repository.name, labelId).get,
-      // TODO futility
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
-      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
-  })
-
-  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(collaboratorsOnly { repository =>
-    getLabel(repository.owner, repository.name, params("labelId").toInt).map { label =>
-      issues.labels.html.edit(Some(label), repository)
-    } getOrElse NotFound()
-  })
-
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(collaboratorsOnly { (form, repository) =>
-    updateLabel(repository.owner, repository.name, params("labelId").toInt, form.labelName, form.color.substring(1))
-    issues.labels.html.label(
-      getLabel(repository.owner, repository.name, params("labelId").toInt).get,
-      // TODO futility
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
-      repository,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
-  })
-
-  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(collaboratorsOnly { repository =>
-    deleteLabel(repository.owner, repository.name, params("labelId").toInt)
-    Ok()
-  })
-
-  /**
-   * Constraint for the identifier such as user name, repository name or page name.
-   */
-  private def labelName: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      if(value.contains(',')){
-        Some(s"${name} contains invalid character.")
-      } else if(value.startsWith("_") || value.startsWith("-")){
-        Some(s"${name} starts with invalid character.")
-      } else {
-        None
-      }
-  }
-
-}
--- a/src/main/scala/app/PullRequestsController.scala
+++ b/src/main/scala/app/PullRequestsController.scala
@@ -1,483 +0,0 @@
-package app
-
-import util._
-import util.Directory._
-import util.Implicits._
-import util.ControlUtil._
-import service._
-import org.eclipse.jgit.api.Git
-import jp.sf.amateras.scalatra.forms._
-import org.eclipse.jgit.transport.RefSpec
-import scala.collection.JavaConverters._
-import org.eclipse.jgit.lib.{ObjectId, CommitBuilder, PersonIdent}
-import service.IssuesService._
-import service.PullRequestService._
-import org.slf4j.LoggerFactory
-import org.eclipse.jgit.merge.MergeStrategy
-import org.eclipse.jgit.errors.NoMergeBaseException
-import service.WebHookService.WebHookPayload
-import util.JGitUtil.DiffInfo
-import util.JGitUtil.CommitInfo
-
-
-class PullRequestsController extends PullRequestsControllerBase
-  with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
-  with CommitsService with ActivityService with WebHookService with ReferrerAuthenticator with CollaboratorsAuthenticator
-
-trait PullRequestsControllerBase extends ControllerBase {
-  self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
-    with CommitsService with ActivityService with PullRequestService with WebHookService with ReferrerAuthenticator with CollaboratorsAuthenticator =>
-
-  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])
-
-  val pullRequestForm = mapping(
-    "title"                 -> trim(label("Title"  , text(required, maxlength(100)))),
-    "content"               -> trim(label("Content", optional(text()))),
-    "targetUserName"        -> trim(text(required, maxlength(100))),
-    "targetBranch"          -> trim(text(required, maxlength(100))),
-    "requestUserName"       -> trim(text(required, maxlength(100))),
-    "requestRepositoryName" -> trim(text(required, maxlength(100))),
-    "requestBranch"         -> trim(text(required, maxlength(100))),
-    "commitIdFrom"          -> trim(text(required, maxlength(40))),
-    "commitIdTo"            -> trim(text(required, maxlength(40)))
-  )(PullRequestForm.apply)
-
-  val mergeForm = mapping(
-    "message" -> trim(label("Message", text(required)))
-  )(MergeForm.apply)
-
-  case class PullRequestForm(
-    title: String,
-    content: Option[String],
-    targetUserName: String,
-    targetBranch: String,
-    requestUserName: String,
-    requestRepositoryName: String,
-    requestBranch: String,
-    commitIdFrom: String,
-    commitIdTo: String)
-
-  case class MergeForm(message: String)
-
-  get("/:owner/:repository/pulls")(referrersOnly { repository =>
-    val q = request.getParameter("q")
-    if(Option(q).exists(_.contains("is:issue"))){
-      redirect(s"/${repository.owner}/${repository.name}/issues?q=" + StringUtil.urlEncode(q))
-    } else {
-      searchPullRequests(None, repository)
-    }
-  })
-
-  get("/:owner/:repository/pull/:id")(referrersOnly { repository =>
-    params("id").toIntOpt.flatMap{ issueId =>
-      val owner = repository.owner
-      val name = repository.name
-      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
-        using(Git.open(getRepositoryDir(owner, name))){ git =>
-          val (commits, diffs) =
-            getRequestCompareInfo(owner, name, pullreq.commitIdFrom, owner, name, pullreq.commitIdTo)
-
-          pulls.html.pullreq(
-            issue, pullreq,
-            (commits.flatten.map(commit => getCommitComments(owner, name, commit.id, true)).flatten.toList ::: getComments(owner, name, issueId))
-              .sortWith((a, b) => a.registeredDate before b.registeredDate),
-            getIssueLabels(owner, name, issueId),
-            (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
-            getMilestonesWithIssueCount(owner, name),
-            getLabels(owner, name),
-            commits,
-            diffs,
-            hasWritePermission(owner, name, context.loginAccount),
-            repository)
-        }
-      }
-    } getOrElse NotFound
-  })
-
-  ajaxGet("/:owner/:repository/pull/:id/mergeguide")(collaboratorsOnly { repository =>
-    params("id").toIntOpt.flatMap{ issueId =>
-      val owner = repository.owner
-      val name  = repository.name
-      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
-        pulls.html.mergeguide(
-          checkConflictInPullRequest(owner, name, pullreq.branch, pullreq.requestUserName, name, pullreq.requestBranch, issueId),
-          pullreq,
-          s"${context.baseUrl}/git/${pullreq.requestUserName}/${pullreq.requestRepositoryName}.git")
-      }
-    } getOrElse NotFound
-  })
-
-  get("/:owner/:repository/pull/:id/delete/*")(collaboratorsOnly { repository =>
-    params("id").toIntOpt.map { issueId =>
-      val branchName = multiParams("splat").head
-      val userName   = context.loginAccount.get.userName
-      if(repository.repository.defaultBranch != branchName){
-        using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-          git.branchDelete().setForce(true).setBranchNames(branchName).call()
-          recordDeleteBranchActivity(repository.owner, repository.name, userName, branchName)
-        }
-      }
-      createComment(repository.owner, repository.name, userName, issueId, branchName, "delete_branch")
-      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-    } getOrElse NotFound
-  })
-
-  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
-    params("id").toIntOpt.flatMap { issueId =>
-      val owner = repository.owner
-      val name  = repository.name
-      LockUtil.lock(s"${owner}/${name}"){
-        getPullRequest(owner, name, issueId).map { case (issue, pullreq) =>
-          using(Git.open(getRepositoryDir(owner, name))) { git =>
-            // mark issue as merged and close.
-            val loginAccount = context.loginAccount.get
-            createComment(owner, name, loginAccount.userName, issueId, form.message, "merge")
-            createComment(owner, name, loginAccount.userName, issueId, "Close", "close")
-            updateClosed(owner, name, issueId, true)
-
-            // record activity
-            recordMergeActivity(owner, name, loginAccount.userName, issueId, form.message)
-
-            // merge
-            val mergeBaseRefName = s"refs/heads/${pullreq.branch}"
-            val merger = MergeStrategy.RECURSIVE.newMerger(git.getRepository, true)
-            val mergeBaseTip = git.getRepository.resolve(mergeBaseRefName)
-            val mergeTip = git.getRepository.resolve(s"refs/pull/${issueId}/head")
-            val conflicted = try {
-              !merger.merge(mergeBaseTip, mergeTip)
-            } catch {
-              case e: NoMergeBaseException => true
-            }
-            if (conflicted) {
-              throw new RuntimeException("This pull request can't merge automatically.")
-            }
-
-            // creates merge commit
-            val mergeCommit = new CommitBuilder()
-            mergeCommit.setTreeId(merger.getResultTreeId)
-            mergeCommit.setParentIds(Array[ObjectId](mergeBaseTip, mergeTip): _*)
-            val personIdent = new PersonIdent(loginAccount.fullName, loginAccount.mailAddress)
-            mergeCommit.setAuthor(personIdent)
-            mergeCommit.setCommitter(personIdent)
-            mergeCommit.setMessage(s"Merge pull request #${issueId} from ${pullreq.requestUserName}/${pullreq.requestBranch}\n\n" +
-                                   form.message)
-
-            // insertObject and got mergeCommit Object Id
-            val inserter = git.getRepository.newObjectInserter
-            val mergeCommitId = inserter.insert(mergeCommit)
-            inserter.flush()
-            inserter.release()
-
-            // update refs
-            val refUpdate = git.getRepository.updateRef(mergeBaseRefName)
-            refUpdate.setNewObjectId(mergeCommitId)
-            refUpdate.setForceUpdate(false)
-            refUpdate.setRefLogIdent(personIdent)
-            refUpdate.setRefLogMessage("merged", true)
-            refUpdate.update()
-
-            val (commits, _) = getRequestCompareInfo(owner, name, pullreq.commitIdFrom,
-              pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.commitIdTo)
-
-            // close issue by content of pull request
-            val defaultBranch = getRepository(owner, name, context.baseUrl).get.repository.defaultBranch
-            if(pullreq.branch == defaultBranch){
-              commits.flatten.foreach { commit =>
-                closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
-              }
-              issue.content match {
-                case Some(content) => closeIssuesFromMessage(content, loginAccount.userName, owner, name)
-                case _ =>
-              }
-              closeIssuesFromMessage(form.message, loginAccount.userName, owner, name)
-            }
-            // call web hook
-            getWebHookURLs(owner, name) match {
-              case webHookURLs if(webHookURLs.nonEmpty) =>
-                for(ownerAccount <- getAccountByUserName(owner)){
-                  callWebHook(owner, name, webHookURLs,
-                    WebHookPayload(git, loginAccount, mergeBaseRefName, repository, commits.flatten.toList, ownerAccount))
-                }
-              case _ =>
-            }
-
-            // notifications
-            Notifier().toNotify(repository, issueId, "merge"){
-              Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
-            }
-
-            redirect(s"/${owner}/${name}/pull/${issueId}")
-          }
-        }
-      }
-    } getOrElse NotFound
-  })
-
-  get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
-    (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
-      case (Some(originUserName), Some(originRepositoryName)) => {
-        getRepository(originUserName, originRepositoryName, context.baseUrl).map { originRepository =>
-          using(
-            Git.open(getRepositoryDir(originUserName, originRepositoryName)),
-            Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
-          ){ (oldGit, newGit) =>
-            val oldBranch = JGitUtil.getDefaultBranch(oldGit, originRepository).get._2
-            val newBranch = JGitUtil.getDefaultBranch(newGit, forkedRepository).get._2
-
-            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${originUserName}:${oldBranch}...${newBranch}")
-          }
-        } getOrElse NotFound
-      }
-      case _ => {
-        using(Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))){ git =>
-          JGitUtil.getDefaultBranch(git, forkedRepository).map { case (_, defaultBranch) =>
-            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${defaultBranch}...${defaultBranch}")
-          } getOrElse {
-            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}")
-          }
-        }
-      }
-    }
-  })
-
-  get("/:owner/:repository/compare/*...*")(referrersOnly { forkedRepository =>
-    val Seq(origin, forked) = multiParams("splat")
-    val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
-    val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
-
-    (for(
-      originRepositoryName <- if(originOwner == forkedOwner){
-        Some(forkedRepository.name)
-      } else {
-        forkedRepository.repository.originRepositoryName.orElse {
-          getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
-        }
-      };
-      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
-    ) yield {
-      using(
-        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
-        Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
-      ){ case (oldGit, newGit) =>
-        val originBranch = JGitUtil.getDefaultBranch(oldGit, originRepository, tmpOriginBranch).get._2
-        val forkedBranch = JGitUtil.getDefaultBranch(newGit, forkedRepository, tmpForkedBranch).get._2
-
-        val forkedId = JGitUtil.getForkedCommitId(oldGit, newGit,
-          originRepository.owner, originRepository.name, originBranch,
-          forkedRepository.owner, forkedRepository.name, forkedBranch)
-
-        val oldId = oldGit.getRepository.resolve(forkedId)
-        val newId = newGit.getRepository.resolve(forkedBranch)
-
-        val (commits, diffs) = getRequestCompareInfo(
-          originRepository.owner, originRepository.name, oldId.getName,
-          forkedRepository.owner, forkedRepository.name, newId.getName)
-
-        pulls.html.compare(
-          commits,
-          diffs,
-          (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
-            case (Some(userName), Some(repositoryName)) => (userName, repositoryName) :: getForkedRepositories(userName, repositoryName)
-            case _ => (forkedRepository.owner, forkedRepository.name) :: getForkedRepositories(forkedRepository.owner, forkedRepository.name)
-          },
-          commits.flatten.map(commit => getCommitComments(forkedRepository.owner, forkedRepository.name, commit.id, false)).flatten.toList,
-          originBranch,
-          forkedBranch,
-          oldId.getName,
-          newId.getName,
-          forkedRepository,
-          originRepository,
-          forkedRepository,
-          hasWritePermission(forkedRepository.owner, forkedRepository.name, context.loginAccount))
-      }
-    }) getOrElse NotFound
-  })
-
-  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(collaboratorsOnly { forkedRepository =>
-    val Seq(origin, forked) = multiParams("splat")
-    val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
-    val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
-
-    (for(
-      originRepositoryName <- if(originOwner == forkedOwner){
-        Some(forkedRepository.name)
-      } else {
-        forkedRepository.repository.originRepositoryName.orElse {
-          getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
-        }
-      };
-      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
-    ) yield {
-      using(
-        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
-        Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
-      ){ case (oldGit, newGit) =>
-        val originBranch = JGitUtil.getDefaultBranch(oldGit, originRepository, tmpOriginBranch).get._2
-        val forkedBranch = JGitUtil.getDefaultBranch(newGit, forkedRepository, tmpForkedBranch).get._2
-
-        pulls.html.mergecheck(
-          checkConflict(originRepository.owner, originRepository.name, originBranch,
-                        forkedRepository.owner, forkedRepository.name, forkedBranch))
-      }
-    }) getOrElse NotFound
-  })
-
-  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
-    val loginUserName = context.loginAccount.get.userName
-
-    val issueId = createIssue(
-      owner            = repository.owner,
-      repository       = repository.name,
-      loginUser        = loginUserName,
-      title            = form.title,
-      content          = form.content,
-      assignedUserName = None,
-      milestoneId      = None,
-      isPullRequest    = true)
-
-    createPullRequest(
-      originUserName        = repository.owner,
-      originRepositoryName  = repository.name,
-      issueId               = issueId,
-      originBranch          = form.targetBranch,
-      requestUserName       = form.requestUserName,
-      requestRepositoryName = form.requestRepositoryName,
-      requestBranch         = form.requestBranch,
-      commitIdFrom          = form.commitIdFrom,
-      commitIdTo            = form.commitIdTo)
-
-    // fetch requested branch
-    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      git.fetch
-        .setRemote(getRepositoryDir(form.requestUserName, form.requestRepositoryName).toURI.toString)
-        .setRefSpecs(new RefSpec(s"refs/heads/${form.requestBranch}:refs/pull/${issueId}/head"))
-        .call
-    }
-
-    // record activity
-    recordPullRequestActivity(repository.owner, repository.name, loginUserName, issueId, form.title)
-
-    // notifications
-    Notifier().toNotify(repository, issueId, form.content.getOrElse("")){
-      Notifier.msgPullRequest(s"${context.baseUrl}/${repository.owner}/${repository.name}/pull/${issueId}")
-    }
-
-    redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-  })
-
-  /**
-   * Checks whether conflict will be caused in merging. Returns true if conflict will be caused.
-   */
-  private def checkConflict(userName: String, repositoryName: String, branch: String,
-                            requestUserName: String, requestRepositoryName: String, requestBranch: String): Boolean = {
-    LockUtil.lock(s"${userName}/${repositoryName}"){
-      using(Git.open(getRepositoryDir(requestUserName, requestRepositoryName))) { git =>
-        val remoteRefName = s"refs/heads/${branch}"
-        val tmpRefName = s"refs/merge-check/${userName}/${branch}"
-        val refSpec = new RefSpec(s"${remoteRefName}:${tmpRefName}").setForceUpdate(true)
-        try {
-          // fetch objects from origin repository branch
-          git.fetch
-             .setRemote(getRepositoryDir(userName, repositoryName).toURI.toString)
-             .setRefSpecs(refSpec)
-             .call
-
-          // merge conflict check
-          val merger = MergeStrategy.RECURSIVE.newMerger(git.getRepository, true)
-          val mergeBaseTip = git.getRepository.resolve(s"refs/heads/${requestBranch}")
-          val mergeTip = git.getRepository.resolve(tmpRefName)
-          try {
-            !merger.merge(mergeBaseTip, mergeTip)
-          } catch {
-            case e: NoMergeBaseException =>  true
-          }
-        } finally {
-          val refUpdate = git.getRepository.updateRef(refSpec.getDestination)
-          refUpdate.setForceUpdate(true)
-          refUpdate.delete()
-        }
-      }
-    }
-  }
-
-  /**
-   * Checks whether conflict will be caused in merging within pull request. Returns true if conflict will be caused.
-   */
-  private def checkConflictInPullRequest(userName: String, repositoryName: String, branch: String,
-                                         requestUserName: String, requestRepositoryName: String, requestBranch: String,
-                                         issueId: Int): Boolean = {
-    LockUtil.lock(s"${userName}/${repositoryName}") {
-      using(Git.open(getRepositoryDir(userName, repositoryName))) { git =>
-        // merge
-        val merger = MergeStrategy.RECURSIVE.newMerger(git.getRepository, true)
-        val mergeBaseTip = git.getRepository.resolve(s"refs/heads/${branch}")
-        val mergeTip = git.getRepository.resolve(s"refs/pull/${issueId}/head")
-        try {
-          !merger.merge(mergeBaseTip, mergeTip)
-        } catch {
-          case e: NoMergeBaseException => true
-        }
-      }
-    }
-  }
-
-  /**
-   * Parses branch identifier and extracts owner and branch name as tuple.
-   *
-   * - "owner:branch" to ("owner", "branch")
-   * - "branch" to ("defaultOwner", "branch")
-   */
-  private def parseCompareIdentifie(value: String, defaultOwner: String): (String, String) =
-    if(value.contains(':')){
-      val array = value.split(":")
-      (array(0), array(1))
-    } else {
-      (defaultOwner, value)
-    }
-
-  private def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
-      requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
-    using(
-      Git.open(getRepositoryDir(userName, repositoryName)),
-      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
-    ){ (oldGit, newGit) =>
-      val oldId = oldGit.getRepository.resolve(branch)
-      val newId = newGit.getRepository.resolve(requestCommitId)
-
-      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
-        new CommitInfo(revCommit)
-      }.toList.splitWith { (commit1, commit2) =>
-        view.helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
-      }
-
-      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
-
-      (commits, diffs)
-    }
-
-  private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) =
-    defining(repository.owner, repository.name){ case (owner, repoName) =>
-      val page       = IssueSearchCondition.page(request)
-      val sessionKey = Keys.Session.Pulls(owner, repoName)
-
-      // retrieve search condition
-      val condition = session.putAndGet(sessionKey,
-        if(request.hasQueryString) IssueSearchCondition(request)
-        else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
-      )
-
-      issues.html.list(
-        "pulls",
-        searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
-        page,
-        (getCollaborators(owner, repoName) :+ owner).sorted,
-        getMilestones(owner, repoName),
-        getLabels(owner, repoName),
-        countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
-        countIssue(condition.copy(state = "closed"), true, owner -> repoName),
-        condition,
-        repository,
-        hasWritePermission(owner, repoName, context.loginAccount))
-    }
-
-}
--- a/src/main/scala/app/RepositorySettingsController.scala
+++ b/src/main/scala/app/RepositorySettingsController.scala
@@ -1,274 +0,0 @@
-package app
-
-import service._
-import util.Directory._
-import util.Implicits._
-import util.{LockUtil, UsersAuthenticator, OwnerAuthenticator}
-import jp.sf.amateras.scalatra.forms._
-import org.apache.commons.io.FileUtils
-import org.scalatra.i18n.Messages
-import service.WebHookService.WebHookPayload
-import util.JGitUtil.CommitInfo
-import util.ControlUtil._
-import org.eclipse.jgit.api.Git
-import org.eclipse.jgit.lib.Constants
-
-class RepositorySettingsController extends RepositorySettingsControllerBase
-  with RepositoryService with AccountService with WebHookService
-  with OwnerAuthenticator with UsersAuthenticator
-
-trait RepositorySettingsControllerBase extends ControllerBase {
-  self: RepositoryService with AccountService with WebHookService
-    with OwnerAuthenticator with UsersAuthenticator =>
-
-  // for repository options
-  case class OptionsForm(repositoryName: String, description: Option[String], defaultBranch: String, isPrivate: Boolean)
-  
-  val optionsForm = mapping(
-    "repositoryName" -> trim(label("Description"    , text(required, maxlength(40), identifier, renameRepositoryName))),
-    "description"    -> trim(label("Description"    , optional(text()))),
-    "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100)))),
-    "isPrivate"      -> trim(label("Repository Type", boolean()))
-  )(OptionsForm.apply)
-
-  // for collaborator addition
-  case class CollaboratorForm(userName: String)
-
-  val collaboratorForm = mapping(
-    "userName" -> trim(label("Username", text(required, collaborator)))
-  )(CollaboratorForm.apply)
-
-  // for web hook url addition
-  case class WebHookForm(url: String)
-
-  val webHookForm = mapping(
-    "url" -> trim(label("url", text(required, webHook)))
-  )(WebHookForm.apply)
-
-  // for transfer ownership
-  case class TransferOwnerShipForm(newOwner: String)
-
-  val transferForm = mapping(
-    "newOwner" -> trim(label("New owner", text(required, transferUser)))
-  )(TransferOwnerShipForm.apply)
-
-  /**
-   * Redirect to the Options page.
-   */
-  get("/:owner/:repository/settings")(ownerOnly { repository =>
-    redirect(s"/${repository.owner}/${repository.name}/settings/options")
-  })
-  
-  /**
-   * Display the Options page.
-   */
-  get("/:owner/:repository/settings/options")(ownerOnly {
-    settings.html.options(_, flash.get("info"))
-  })
-  
-  /**
-   * Save the repository options.
-   */
-  post("/:owner/:repository/settings/options", optionsForm)(ownerOnly { (form, repository) =>
-    val defaultBranch = if(repository.branchList.isEmpty) "master" else form.defaultBranch
-    saveRepositoryOptions(
-      repository.owner,
-      repository.name,
-      form.description,
-      defaultBranch,
-      repository.repository.parentUserName.map { _ =>
-        repository.repository.isPrivate
-      } getOrElse form.isPrivate
-    )
-    // Change repository name
-    if(repository.name != form.repositoryName){
-      // Update database
-      renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
-      // Move git repository
-      defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
-      }
-      // Move wiki repository
-      defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-        FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
-      }
-    }
-    // Change repository HEAD
-    using(Git.open(getRepositoryDir(repository.owner, form.repositoryName))) { git =>
-      git.getRepository.updateRef(Constants.HEAD, true).link(Constants.R_HEADS + defaultBranch)
-    }
-    flash += "info" -> "Repository settings has been updated."
-    redirect(s"/${repository.owner}/${form.repositoryName}/settings/options")
-  })
-  
-  /**
-   * Display the Collaborators page.
-   */
-  get("/:owner/:repository/settings/collaborators")(ownerOnly { repository =>
-    settings.html.collaborators(
-      getCollaborators(repository.owner, repository.name),
-      getAccountByUserName(repository.owner).get.isGroupAccount,
-      repository)
-  })
-
-  /**
-   * Add the collaborator.
-   */
-  post("/:owner/:repository/settings/collaborators/add", collaboratorForm)(ownerOnly { (form, repository) =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      addCollaborator(repository.owner, repository.name, form.userName)
-    }
-    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
-  })
-
-  /**
-   * Add the collaborator.
-   */
-  get("/:owner/:repository/settings/collaborators/remove")(ownerOnly { repository =>
-    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
-      removeCollaborator(repository.owner, repository.name, params("name"))
-    }
-    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
-  })
-
-  /**
-   * Display the web hook page.
-   */
-  get("/:owner/:repository/settings/hooks")(ownerOnly { repository =>
-    settings.html.hooks(getWebHookURLs(repository.owner, repository.name), flash.get("url"), repository, flash.get("info"))
-  })
-
-  /**
-   * Add the web hook URL.
-   */
-  post("/:owner/:repository/settings/hooks/add", webHookForm)(ownerOnly { (form, repository) =>
-    addWebHookURL(repository.owner, repository.name, form.url)
-    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
-  })
-
-  /**
-   * Delete the web hook URL.
-   */
-  get("/:owner/:repository/settings/hooks/delete")(ownerOnly { repository =>
-    deleteWebHookURL(repository.owner, repository.name, params("url"))
-    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
-  })
-
-  /**
-   * Send the test request to registered web hook URLs.
-   */
-  post("/:owner/:repository/settings/hooks/test", webHookForm)(ownerOnly { (form, repository) =>
-    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      import scala.collection.JavaConverters._
-      val commits = git.log
-        .add(git.getRepository.resolve(repository.repository.defaultBranch))
-        .setMaxCount(3)
-        .call.iterator.asScala.map(new CommitInfo(_))
-
-      getAccountByUserName(repository.owner).foreach { ownerAccount =>
-        callWebHook(repository.owner, repository.name,
-          List(model.WebHook(repository.owner, repository.name, form.url)),
-          WebHookPayload(git, ownerAccount, "refs/heads/" + repository.repository.defaultBranch, repository, commits.toList, ownerAccount)
-        )
-      }
-      flash += "url"  -> form.url
-      flash += "info" -> "Test payload deployed!"
-    }
-    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
-  })
-
-  /**
-   * Display the danger zone.
-   */
-  get("/:owner/:repository/settings/danger")(ownerOnly {
-    settings.html.danger(_)
-  })
-
-  /**
-   * Transfer repository ownership.
-   */
-  post("/:owner/:repository/settings/transfer", transferForm)(ownerOnly { (form, repository) =>
-    // Change repository owner
-    if(repository.owner != form.newOwner){
-      LockUtil.lock(s"${repository.owner}/${repository.name}"){
-        // Update database
-        renameRepository(repository.owner, repository.name, form.newOwner, repository.name)
-        // Move git repository
-        defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
-        }
-        // Move wiki repository
-        defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
-          FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
-        }
-      }
-    }
-    redirect(s"/${form.newOwner}/${repository.name}")
-  })
-
-  /**
-   * Delete the repository.
-   */
-  post("/:owner/:repository/settings/delete")(ownerOnly { repository =>
-    LockUtil.lock(s"${repository.owner}/${repository.name}"){
-      deleteRepository(repository.owner, repository.name)
-
-      FileUtils.deleteDirectory(getRepositoryDir(repository.owner, repository.name))
-      FileUtils.deleteDirectory(getWikiRepositoryDir(repository.owner, repository.name))
-      FileUtils.deleteDirectory(getTemporaryDir(repository.owner, repository.name))
-    }
-    redirect(s"/${repository.owner}")
-  })
-
-  /**
-   * Provides duplication check for web hook url.
-   */
-  private def webHook: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getWebHookURLs(params("owner"), params("repository")).map(_.url).find(_ == value).map(_ => "URL had been registered already.")
-  }
-
-  /**
-   * Provides Constraint to validate the collaborator name.
-   */
-  private def collaborator: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getAccountByUserName(value) match {
-        case None => Some("User does not exist.")
-        case Some(x) if(x.isGroupAccount)
-                  => Some("User does not exist.")
-        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
-                  => Some("User can access this repository already.")
-        case _    => None
-      }
-  }
-
-  /**
-   * Duplicate check for the rename repository name.
-   */
-  private def renameRepositoryName: Constraint = new Constraint(){
-    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] =
-      params.get("repository").filter(_ != value).flatMap { _ =>
-        params.get("owner").flatMap { userName =>
-          getRepositoryNamesOfUser(userName).find(_ == value).map(_ => "Repository already exists.")
-        }
-      }
-  }
-
-  /**
-   * Provides Constraint to validate the repository transfer user.
-   */
-  private def transferUser: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getAccountByUserName(value) match {
-        case None    => Some("User does not exist.")
-        case Some(x) => if(x.userName == params("owner")){
-          Some("This is current repository owner.")
-        } else {
-          params.get("repository").flatMap { repositoryName =>
-            getRepositoryNamesOfUser(x.userName).find(_ == repositoryName).map{ _ => "User already has same repository." }
-          }
-        }
-      }
-  }
-}
--- a/src/main/scala/gitbucket/core/api/ApiBranch.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranch.scala
@@ -0,0 +1,16 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.RepositoryName
+
+/**
+ * https://developer.github.com/v3/repos/#get-branch
+ * https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection
+ */
+case class ApiBranch(
+  name: String,
+  // commit: ApiBranchCommit,
+  protection: ApiBranchProtection)(repositoryName:RepositoryName) extends FieldSerializable {
+  def _links = Map(
+   "self" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/branches/${name}"),
+   "html" -> ApiPath(s"/${repositoryName.fullName}/tree/${name}"))
+}
--- a/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
@@ -0,0 +1,47 @@
+package gitbucket.core.api
+
+import gitbucket.core.service.ProtectedBranchService
+import org.json4s._
+
+/** https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection */
+case class ApiBranchProtection(enabled: Boolean, required_status_checks: Option[ApiBranchProtection.Status]){
+  def status: ApiBranchProtection.Status = required_status_checks.getOrElse(ApiBranchProtection.statusNone)
+}
+
+object ApiBranchProtection{
+  /** form for enabling-and-disabling-branch-protection */
+  case class EnablingAndDisabling(protection: ApiBranchProtection)
+
+  def apply(info: ProtectedBranchService.ProtectedBranchInfo): ApiBranchProtection = ApiBranchProtection(
+    enabled = info.enabled,
+    required_status_checks = Some(Status(EnforcementLevel(info.enabled, info.includeAdministrators), info.contexts)))
+  val statusNone = Status(Off, Seq.empty)
+  case class Status(enforcement_level: EnforcementLevel, contexts: Seq[String])
+  sealed class EnforcementLevel(val name: String)
+  case object Off extends EnforcementLevel("off")
+  case object NonAdmins extends EnforcementLevel("non_admins")
+  case object Everyone extends EnforcementLevel("everyone")
+  object EnforcementLevel {
+    def apply(enabled: Boolean, includeAdministrators: Boolean): EnforcementLevel = if(enabled){
+      if(includeAdministrators){
+        Everyone
+      }else{
+        NonAdmins
+      }
+    }else{
+      Off
+    }
+  }
+
+  implicit val enforcementLevelSerializer = new CustomSerializer[EnforcementLevel](format => (
+   {
+     case JString("off") => Off
+     case JString("non_admins") => NonAdmins
+     case JString("everyone") => Everyone
+   },
+   {
+     case x: EnforcementLevel => JString(x.name)
+   }
+ ))
+}
+
--- a/src/main/scala/gitbucket/core/api/ApiCombinedCommitStatus.scala
+++ b/src/main/scala/gitbucket/core/api/ApiCombinedCommitStatus.scala
@@ -0,0 +1,25 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.{Account, CommitState, CommitStatus}
+
+
+/**
+ * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
+ */
+case class ApiCombinedCommitStatus(
+  state: String,
+  sha: String,
+  total_count: Int,
+  statuses: Iterable[ApiCommitStatus],
+  repository: ApiRepository){
+  // val commit_url = ApiPath(s"/api/v3/repos/${repository.full_name}/${sha}")
+  val url = ApiPath(s"/api/v3/repos/${repository.full_name}/commits/${sha}/status")
+}
+object ApiCombinedCommitStatus {
+  def apply(sha:String, statuses: Iterable[(CommitStatus, Account)], repository:ApiRepository): ApiCombinedCommitStatus = ApiCombinedCommitStatus(
+    state      = CommitState.combine(statuses.map(_._1.state).toSet).name,
+    sha        = sha,
+    total_count= statuses.size,
+    statuses   = statuses.map{ case (s, a)=> ApiCommitStatus(s, ApiUser(a)) },
+    repository = repository)
+}
--- a/src/main/scala/gitbucket/core/api/ApiComment.scala
+++ b/src/main/scala/gitbucket/core/api/ApiComment.scala
@@ -0,0 +1,29 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.IssueComment
+import gitbucket.core.util.RepositoryName
+
+import java.util.Date
+
+
+/**
+ * https://developer.github.com/v3/issues/comments/
+ */
+case class ApiComment(
+  id: Int,
+  user: ApiUser,
+  body: String,
+  created_at: Date,
+  updated_at: Date)(repositoryName: RepositoryName, issueId: Int, isPullRequest: Boolean){
+  val html_url = ApiPath(s"/${repositoryName.fullName}/${if(isPullRequest){ "pull" }else{ "issues" }}/${issueId}#comment-${id}")
+}
+
+object ApiComment{
+  def apply(comment: IssueComment, repositoryName: RepositoryName, issueId: Int, user: ApiUser, isPullRequest: Boolean): ApiComment =
+    ApiComment(
+      id = comment.commentId,
+      user = user,
+      body = comment.content,
+      created_at = comment.registeredDate,
+      updated_at = comment.updatedDate)(repositoryName, issueId, isPullRequest)
+}
--- a/src/main/scala/gitbucket/core/api/ApiCommit.scala
+++ b/src/main/scala/gitbucket/core/api/ApiCommit.scala
@@ -0,0 +1,57 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.JGitUtil
+import gitbucket.core.util.JGitUtil.CommitInfo
+import gitbucket.core.util.RepositoryName
+
+import org.eclipse.jgit.diff.DiffEntry
+import org.eclipse.jgit.api.Git
+
+import java.util.Date
+
+/**
+ * https://developer.github.com/v3/repos/commits/
+ */
+case class ApiCommit(
+  id: String,
+  message: String,
+  timestamp: Date,
+  added: List[String],
+  removed: List[String],
+  modified: List[String],
+  author: ApiPersonIdent,
+  committer: ApiPersonIdent)(repositoryName:RepositoryName, urlIsHtmlUrl: Boolean) extends FieldSerializable{
+  val url = if(urlIsHtmlUrl){
+    ApiPath(s"/${repositoryName.fullName}/commit/${id}")
+  }else{
+    ApiPath(s"/api/v3/${repositoryName.fullName}/commits/${id}")
+  }
+  val html_url = if(urlIsHtmlUrl){
+    None
+  }else{
+    Some(ApiPath(s"/${repositoryName.fullName}/commit/${id}"))
+  }
+}
+
+object ApiCommit{
+  def apply(git: Git, repositoryName: RepositoryName, commit: CommitInfo, urlIsHtmlUrl: Boolean = false): ApiCommit = {
+    val diffs = JGitUtil.getDiffs(git, commit.id, false)
+    ApiCommit(
+      id        = commit.id,
+      message   = commit.fullMessage,
+      timestamp = commit.commitTime,
+      added     = diffs._1.collect {
+        case x if x.changeType == DiffEntry.ChangeType.ADD    => x.newPath
+      },
+      removed   = diffs._1.collect {
+        case x if x.changeType == DiffEntry.ChangeType.DELETE => x.oldPath
+      },
+      modified  = diffs._1.collect {
+        case x if x.changeType != DiffEntry.ChangeType.ADD && x.changeType != DiffEntry.ChangeType.DELETE => x.newPath
+      },
+      author    = ApiPersonIdent.author(commit),
+      committer = ApiPersonIdent.committer(commit)
+    )(repositoryName, urlIsHtmlUrl)
+  }
+  def forPushPayload(git: Git, repositoryName: RepositoryName, commit: CommitInfo): ApiCommit = apply(git, repositoryName, commit, true)
+}
--- a/src/main/scala/gitbucket/core/api/ApiCommitListItem.scala
+++ b/src/main/scala/gitbucket/core/api/ApiCommitListItem.scala
@@ -0,0 +1,42 @@
+package gitbucket.core.api
+
+import gitbucket.core.api.ApiCommitListItem._
+import gitbucket.core.util.JGitUtil.CommitInfo
+import gitbucket.core.util.RepositoryName
+
+
+/**
+ * https://developer.github.com/v3/repos/commits/
+ */
+case class ApiCommitListItem(
+  sha: String,
+  commit: Commit,
+  author: Option[ApiUser],
+  committer: Option[ApiUser],
+  parents: Seq[Parent])(repositoryName: RepositoryName) {
+  val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${sha}")
+}
+
+object ApiCommitListItem {
+  def apply(commit: CommitInfo, repositoryName: RepositoryName): ApiCommitListItem = ApiCommitListItem(
+    sha    = commit.id,
+    commit = Commit(
+      message   = commit.fullMessage,
+      author    = ApiPersonIdent.author(commit),
+      committer = ApiPersonIdent.committer(commit)
+      )(commit.id, repositoryName),
+    author    = None,
+    committer = None,
+    parents   = commit.parents.map(Parent(_)(repositoryName)))(repositoryName)
+
+  case class Parent(sha: String)(repositoryName: RepositoryName){
+    val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${sha}")
+  }
+
+  case class Commit(
+    message: String,
+    author: ApiPersonIdent,
+    committer: ApiPersonIdent)(sha:String, repositoryName: RepositoryName) {
+    val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/git/commits/${sha}")
+  }
+}
--- a/src/main/scala/gitbucket/core/api/ApiCommitStatus.scala
+++ b/src/main/scala/gitbucket/core/api/ApiCommitStatus.scala
@@ -0,0 +1,38 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.CommitStatus
+import gitbucket.core.util.RepositoryName
+
+import java.util.Date
+
+
+/**
+ * https://developer.github.com/v3/repos/statuses/#create-a-status
+ * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+ */
+case class ApiCommitStatus(
+  created_at: Date,
+  updated_at: Date,
+  state: String,
+  target_url: Option[String],
+  description: Option[String],
+  id: Int,
+  context: String,
+  creator: ApiUser
+)(sha: String, repositoryName: RepositoryName) {
+  val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${sha}/statuses")
+}
+
+
+object ApiCommitStatus {
+  def apply(status: CommitStatus, creator:ApiUser): ApiCommitStatus = ApiCommitStatus(
+    created_at = status.registeredDate,
+    updated_at = status.updatedDate,
+    state      = status.state.name,
+    target_url = status.targetUrl,
+    description= status.description,
+    id         = status.commitStatusId,
+    context    = status.context,
+    creator    = creator
+  )(status.commitId, RepositoryName(status))
+}
--- a/src/main/scala/gitbucket/core/api/ApiError.scala
+++ b/src/main/scala/gitbucket/core/api/ApiError.scala
@@ -0,0 +1,5 @@
+package gitbucket.core.api
+
+case class ApiError(
+  message: String,
+  documentation_url: Option[String] = None)
--- a/src/main/scala/gitbucket/core/api/ApiIssue.scala
+++ b/src/main/scala/gitbucket/core/api/ApiIssue.scala
@@ -0,0 +1,35 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Issue
+import gitbucket.core.util.RepositoryName
+
+import java.util.Date
+
+
+/**
+ * https://developer.github.com/v3/issues/
+ */
+case class ApiIssue(
+  number: Int,
+  title: String,
+  user: ApiUser,
+  // labels,
+  state: String,
+  created_at: Date,
+  updated_at: Date,
+  body: String)(repositoryName: RepositoryName, isPullRequest: Boolean){
+  val comments_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/issues/${number}/comments")
+  val html_url = ApiPath(s"/${repositoryName.fullName}/${if(isPullRequest){ "pull" }else{ "issues" }}/${number}")
+}
+
+object ApiIssue{
+  def apply(issue: Issue, repositoryName: RepositoryName, user: ApiUser): ApiIssue =
+    ApiIssue(
+      number = issue.issueId,
+      title  = issue.title,
+      user   = user,
+      state  = if(issue.closed){ "closed" }else{ "open" },
+      body   = issue.content.getOrElse(""),
+      created_at = issue.registeredDate,
+      updated_at = issue.updatedDate)(repositoryName, issue.isPullRequest)
+}
--- a/src/main/scala/gitbucket/core/api/ApiLabel.scala
+++ b/src/main/scala/gitbucket/core/api/ApiLabel.scala
@@ -0,0 +1,21 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Label
+import gitbucket.core.util.RepositoryName
+
+/**
+  * https://developer.github.com/v3/issues/labels/
+  */
+case class ApiLabel(
+  name: String,
+  color: String)(repositoryName: RepositoryName){
+  var url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/labels/${name}")
+}
+
+object ApiLabel{
+  def apply(label:Label, repositoryName: RepositoryName): ApiLabel =
+    ApiLabel(
+      name = label.labelName,
+      color = label.color
+    )(repositoryName)
+}
--- a/src/main/scala/gitbucket/core/api/ApiPath.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPath.scala
@@ -0,0 +1,6 @@
+package gitbucket.core.api
+
+/**
+ * path for api url. if set path '/repos/aa/bb' then, expand 'http://server:post/repos/aa/bb' when converted to json.
+ */
+case class ApiPath(path: String)
--- a/src/main/scala/gitbucket/core/api/ApiPersonIdent.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPersonIdent.scala
@@ -0,0 +1,25 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.JGitUtil.CommitInfo
+
+import java.util.Date
+
+
+case class ApiPersonIdent(
+  name: String,
+  email: String,
+  date: Date)
+
+
+object ApiPersonIdent {
+  def author(commit: CommitInfo): ApiPersonIdent =
+    ApiPersonIdent(
+      name  = commit.authorName,
+      email = commit.authorEmailAddress,
+      date  = commit.authorTime)
+  def committer(commit: CommitInfo): ApiPersonIdent =
+    ApiPersonIdent(
+      name  = commit.committerName,
+      email = commit.committerEmailAddress,
+      date  = commit.commitTime)
+}
--- a/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
@@ -0,0 +1,59 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.{Issue, PullRequest}
+
+import java.util.Date
+
+
+/**
+ * https://developer.github.com/v3/pulls/
+ */
+case class ApiPullRequest(
+  number: Int,
+  updated_at: Date,
+  created_at: Date,
+  head: ApiPullRequest.Commit,
+  base: ApiPullRequest.Commit,
+  mergeable: Option[Boolean],
+  title: String,
+  body: String,
+  user: ApiUser) {
+  val html_url            = ApiPath(s"${base.repo.html_url.path}/pull/${number}")
+  //val diff_url            = ApiPath(s"${base.repo.html_url.path}/pull/${number}.diff")
+  //val patch_url           = ApiPath(s"${base.repo.html_url.path}/pull/${number}.patch")
+  val url                 = ApiPath(s"${base.repo.url.path}/pulls/${number}")
+  //val issue_url           = ApiPath(s"${base.repo.url.path}/issues/${number}")
+  val commits_url         = ApiPath(s"${base.repo.url.path}/pulls/${number}/commits")
+  val review_comments_url = ApiPath(s"${base.repo.url.path}/pulls/${number}/comments")
+  val review_comment_url  = ApiPath(s"${base.repo.url.path}/pulls/comments/{number}")
+  val comments_url        = ApiPath(s"${base.repo.url.path}/issues/${number}/comments")
+  val statuses_url        = ApiPath(s"${base.repo.url.path}/statuses/${head.sha}")
+}
+
+object ApiPullRequest{
+  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest = ApiPullRequest(
+      number     = issue.issueId,
+      updated_at = issue.updatedDate,
+      created_at = issue.registeredDate,
+      head       = Commit(
+                     sha  = pullRequest.commitIdTo,
+                     ref  = pullRequest.requestBranch,
+                     repo = headRepo)(issue.userName),
+      base       = Commit(
+                     sha  = pullRequest.commitIdFrom,
+                     ref  = pullRequest.branch,
+                     repo = baseRepo)(issue.userName),
+      mergeable  = None, // TODO: need check mergeable.
+      title      = issue.title,
+      body       = issue.content.getOrElse(""),
+      user       = user
+    )
+
+  case class Commit(
+    sha: String,
+    ref: String,
+    repo: ApiRepository)(baseOwner:String){
+    val label = if( baseOwner == repo.owner.login ){ ref }else{ s"${repo.owner.login}:${ref}" }
+    val user = repo.owner
+  }
+}
--- a/src/main/scala/gitbucket/core/api/ApiPullRequestReviewComment.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPullRequestReviewComment.scala
@@ -0,0 +1,61 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.RepositoryName
+import gitbucket.core.model.CommitComment
+
+import java.util.Date
+
+/**
+ * https://developer.github.com/v3/activity/events/types/#pullrequestreviewcommentevent
+ */
+case class ApiPullRequestReviewComment(
+  id: Int, // 29724692
+  // "diff_hunk": "@@ -1 +1 @@\n-# public-repo",
+  path: String, // "README.md",
+  // "position": 1,
+  // "original_position": 1,
+  commit_id: String, // "0d1a26e67d8f5eaf1f6ba5c57fc3c7d91ac0fd1c",
+  // "original_commit_id": "0d1a26e67d8f5eaf1f6ba5c57fc3c7d91ac0fd1c",
+  user: ApiUser,
+  body: String, // "Maybe you should use more emojji on this line.",
+  created_at: Date,  // "2015-05-05T23:40:27Z",
+  updated_at: Date // "2015-05-05T23:40:27Z",
+)(repositoryName:RepositoryName, issueId: Int) extends FieldSerializable {
+  // "url": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/comments/29724692",
+  val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/comments/${id}")
+  // "html_url": "https://github.com/baxterthehacker/public-repo/pull/1#discussion_r29724692",
+  val html_url = ApiPath(s"/${repositoryName.fullName}/pull/${issueId}#discussion_r${id}")
+  // "pull_request_url": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/1",
+  val pull_request_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/${issueId}")
+
+  /*
+    "_links": {
+      "self": {
+        "href": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/comments/29724692"
+      },
+      "html": {
+        "href": "https://github.com/baxterthehacker/public-repo/pull/1#discussion_r29724692"
+      },
+      "pull_request": {
+        "href": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/1"
+      }
+    }
+  */
+  val _links = Map(
+    "self" -> Map("href" -> url),
+    "html" -> Map("href" -> html_url),
+    "pull_request" -> Map("href" -> pull_request_url))
+}
+
+object ApiPullRequestReviewComment{
+  def apply(comment: CommitComment, commentedUser: ApiUser, repositoryName: RepositoryName, issueId: Int): ApiPullRequestReviewComment =
+    new ApiPullRequestReviewComment(
+     id = comment.commentId,
+     path = comment.fileName.getOrElse(""),
+     commit_id = comment.commitId,
+     user = commentedUser,
+     body = comment.content,
+     created_at = comment.registeredDate,
+     updated_at = comment.updatedDate
+  )(repositoryName, issueId)
+}
--- a/src/main/scala/gitbucket/core/api/ApiPusher.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPusher.scala
@@ -0,0 +1,11 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Account
+
+case class ApiPusher(name: String, email: String)
+
+object ApiPusher {
+  def apply(user: Account): ApiPusher = ApiPusher(
+    name  = user.userName,
+    email = user.mailAddress)
+}
--- a/src/main/scala/gitbucket/core/api/ApiRepository.scala
+++ b/src/main/scala/gitbucket/core/api/ApiRepository.scala
@@ -0,0 +1,56 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.{Account, Repository}
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+
+
+// https://developer.github.com/v3/repos/
+case class ApiRepository(
+  name: String,
+  full_name: String,
+  description: String,
+  watchers: Int,
+  forks: Int,
+  `private`: Boolean,
+  default_branch: String,
+  owner: ApiUser)(urlIsHtmlUrl: Boolean) {
+  val forks_count   = forks
+  val watchers_count = watchers
+  val url       = if(urlIsHtmlUrl){
+    ApiPath(s"/${full_name}")
+  }else{
+    ApiPath(s"/api/v3/repos/${full_name}")
+  }
+  val http_url  = ApiPath(s"/git/${full_name}.git")
+  val clone_url = ApiPath(s"/git/${full_name}.git")
+  val html_url  = ApiPath(s"/${full_name}")
+}
+
+object ApiRepository{
+  def apply(
+      repository: Repository,
+      owner: ApiUser,
+      forkedCount: Int =0,
+      watchers: Int = 0,
+      urlIsHtmlUrl: Boolean = false): ApiRepository =
+    ApiRepository(
+      name        = repository.repositoryName,
+      full_name   = s"${repository.userName}/${repository.repositoryName}",
+      description = repository.description.getOrElse(""),
+      watchers    = 0,
+      forks       = forkedCount,
+      `private`   = repository.isPrivate,
+      default_branch = repository.defaultBranch,
+      owner       = owner
+    )(urlIsHtmlUrl)
+
+  def apply(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =
+    ApiRepository(repositoryInfo.repository, owner, forkedCount=repositoryInfo.forkedCount)
+
+  def apply(repositoryInfo: RepositoryInfo, owner: Account): ApiRepository =
+    this(repositoryInfo.repository, ApiUser(owner))
+
+  def forPushPayload(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =
+    ApiRepository(repositoryInfo.repository, owner, forkedCount=repositoryInfo.forkedCount, urlIsHtmlUrl=true)
+
+}
--- a/src/main/scala/gitbucket/core/api/ApiUser.scala
+++ b/src/main/scala/gitbucket/core/api/ApiUser.scala
@@ -0,0 +1,36 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Account
+
+import java.util.Date
+
+
+case class ApiUser(
+  login: String,
+  email: String,
+  `type`: String,
+  site_admin: Boolean,
+  created_at: Date) {
+  val url                 = ApiPath(s"/api/v3/users/${login}")
+  val html_url            = ApiPath(s"/${login}")
+  // val followers_url       = ApiPath(s"/api/v3/users/${login}/followers")
+  // val following_url       = ApiPath(s"/api/v3/users/${login}/following{/other_user}")
+  // val gists_url           = ApiPath(s"/api/v3/users/${login}/gists{/gist_id}")
+  // val starred_url         = ApiPath(s"/api/v3/users/${login}/starred{/owner}{/repo}")
+  // val subscriptions_url   = ApiPath(s"/api/v3/users/${login}/subscriptions")
+  // val organizations_url   = ApiPath(s"/api/v3/users/${login}/orgs")
+  // val repos_url           = ApiPath(s"/api/v3/users/${login}/repos")
+  // val events_url          = ApiPath(s"/api/v3/users/${login}/events{/privacy}")
+  // val received_events_url = ApiPath(s"/api/v3/users/${login}/received_events")
+}
+
+
+object ApiUser{
+  def apply(user: Account): ApiUser = ApiUser(
+    login      = user.userName,
+    email      = user.mailAddress,
+    `type`     = if(user.isGroupAccount){ "Organization" }else{ "User" },
+    site_admin = user.isAdmin,
+    created_at = user.registeredDate
+  )
+}
--- a/src/main/scala/gitbucket/core/api/CreateAComment.scala
+++ b/src/main/scala/gitbucket/core/api/CreateAComment.scala
@@ -0,0 +1,7 @@
+package gitbucket.core.api
+
+/**
+ * https://developer.github.com/v3/issues/comments/#create-a-comment
+ * api form
+ */
+case class CreateAComment(body: String)
--- a/src/main/scala/gitbucket/core/api/CreateALabel.scala
+++ b/src/main/scala/gitbucket/core/api/CreateALabel.scala
@@ -0,0 +1,18 @@
+package gitbucket.core.api
+
+/**
+  * https://developer.github.com/v3/issues/labels/#create-a-label
+  * api form
+  */
+case class CreateALabel(
+    name: String,
+    color: String
+) {
+  def isValid: Boolean = {
+    name.length<=100 &&
+      !name.startsWith("_") &&
+      !name.startsWith("-") &&
+      color.length==6 &&
+      color.matches("[a-fA-F0-9+_.]+")
+  }
+}
--- a/src/main/scala/gitbucket/core/api/CreateARepository.scala
+++ b/src/main/scala/gitbucket/core/api/CreateARepository.scala
@@ -0,0 +1,19 @@
+package gitbucket.core.api
+
+/**
+ * https://developer.github.com/v3/repos/#create
+ * api form
+ */
+case class CreateARepository(
+    name: String,
+    description: Option[String],
+    `private`: Boolean = false,
+    auto_init: Boolean = false
+) {
+  def isValid: Boolean = {
+    name.length<=40 &&
+        name.matches("[a-zA-Z0-9\\-\\+_.]+") &&
+        !name.startsWith("_") &&
+        !name.startsWith("-")
+  }
+}
--- a/src/main/scala/gitbucket/core/api/CreateAStatus.scala
+++ b/src/main/scala/gitbucket/core/api/CreateAStatus.scala
@@ -0,0 +1,26 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.CommitState
+
+/**
+ * https://developer.github.com/v3/repos/statuses/#create-a-status
+ * api form
+ */
+case class CreateAStatus(
+  /* state is Required. The state of the status. Can be one of pending, success, error, or failure. */
+  state: String,
+  /* context is a string label to differentiate this status from the status of other systems. Default: "default" */
+  context: Option[String],
+  /* The target URL to associate with this status. This URL will be linked from the GitHub UI to allow users to easily see the ‘source’ of the Status. */
+  target_url: Option[String],
+  /* description is a short description of the status.*/
+  description: Option[String]
+) {
+  def isValid: Boolean = {
+    CommitState.valueOf(state).isDefined &&
+      // only http
+      target_url.filterNot(f => "\\Ahttps?://".r.findPrefixOf(f).isDefined && f.length<255).isEmpty &&
+      context.filterNot(f => f.length<255).isEmpty &&
+      description.filterNot(f => f.length<1000).isEmpty
+  }
+}
--- a/src/main/scala/gitbucket/core/api/FieldSerializable.scala
+++ b/src/main/scala/gitbucket/core/api/FieldSerializable.scala
@@ -0,0 +1,4 @@
+package gitbucket.core.api
+
+/** export fields for json */
+trait FieldSerializable
--- a/src/main/scala/gitbucket/core/api/JsonFormat.scala
+++ b/src/main/scala/gitbucket/core/api/JsonFormat.scala
@@ -0,0 +1,54 @@
+package gitbucket.core.api
+
+import org.joda.time.DateTime
+import org.joda.time.DateTimeZone
+import org.joda.time.format._
+import org.json4s._
+import org.json4s.jackson.Serialization
+import java.util.Date
+import scala.util.Try
+
+object JsonFormat {
+
+  case class Context(baseUrl: String)
+
+  val parserISO = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss'Z'")
+
+  val jsonFormats = Serialization.formats(NoTypeHints) + new CustomSerializer[Date](format =>
+    (
+      { case JString(s) => Try(parserISO.parseDateTime(s)).toOption.map(_.toDate).getOrElse(throw new MappingException("Can't convert " + s + " to Date")) },
+      { case x: Date => JString(parserISO.print(new DateTime(x).withZone(DateTimeZone.UTC))) }
+    )
+  ) + FieldSerializer[ApiUser]() +
+    FieldSerializer[ApiPullRequest]() +
+    FieldSerializer[ApiRepository]() +
+    FieldSerializer[ApiCommitListItem.Parent]() +
+    FieldSerializer[ApiCommitListItem]() +
+    FieldSerializer[ApiCommitListItem.Commit]() +
+    FieldSerializer[ApiCommitStatus]() +
+    FieldSerializer[FieldSerializable]() +
+    FieldSerializer[ApiCombinedCommitStatus]() +
+    FieldSerializer[ApiPullRequest.Commit]() +
+    FieldSerializer[ApiIssue]() +
+    FieldSerializer[ApiComment]() +
+    FieldSerializer[ApiLabel]() +
+    ApiBranchProtection.enforcementLevelSerializer
+
+  def apiPathSerializer(c: Context) = new CustomSerializer[ApiPath](format =>
+    (
+      {
+        case JString(s) if s.startsWith(c.baseUrl) => ApiPath(s.substring(c.baseUrl.length))
+        case JString(s) => throw new MappingException("Can't convert " + s + " to ApiPath")
+      },
+      {
+        case ApiPath(path) => JString(c.baseUrl + path)
+      }
+    )
+  )
+
+  /**
+   * convert object to json string
+   */
+  def apply(obj: AnyRef)(implicit c: Context): String = Serialization.write(obj)(jsonFormats + apiPathSerializer(c))
+
+}
--- a/src/main/scala/gitbucket/core/controller/AccountController.scala
+++ b/src/main/scala/gitbucket/core/controller/AccountController.scala
@@ -1,27 +1,35 @@
-package app
+package gitbucket.core.controller

-import service._
-import util._
-import util.StringUtil._
-import util.Directory._
-import util.ControlUtil._
-import util.Implicits._
-import ssh.SshUtil
-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.account.html
+import gitbucket.core.api._
+import gitbucket.core.helper
+import gitbucket.core.model.GroupMember
+import gitbucket.core.service._
+import gitbucket.core.ssh.SshUtil
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.StringUtil._
+import gitbucket.core.util._
+
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
-import org.scalatra.i18n.Messages
 import org.eclipse.jgit.api.Git
-import org.eclipse.jgit.lib.{FileMode, Constants}
 import org.eclipse.jgit.dircache.DirCache
-import model.GroupMember
+import org.eclipse.jgit.lib.{FileMode, Constants}
+import org.scalatra.i18n.Messages
+

 class AccountController extends AccountControllerBase
  with AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
  with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
+  with AccessTokenService with WebHookService
+

 trait AccountControllerBase extends AccountManagementControllerBase {
  self: AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
-    with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator =>
+    with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
+    with AccessTokenService with WebHookService =>

  case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
                            url: Option[String], fileId: Option[String])
@@ -31,6 +39,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {

  case class SshKeyForm(title: String, publicKey: String)

+  case class PersonalTokenForm(note: String)
+
  val newForm = mapping(
    "userName"    -> trim(label("User name"    , text(required, maxlength(100), identifier, uniqueUserName))),
    "password"    -> trim(label("Password"     , text(required, maxlength(20)))),
@@ -54,6 +64,10 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    "publicKey" -> trim(label("Key"  , text(required, validPublicKey)))
  )(SshKeyForm.apply)

+  val personalTokenForm = mapping(
+    "note"     -> trim(label("Token", text(required, maxlength(100))))
+  )(PersonalTokenForm.apply)
+
  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String)
  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String], members: String, clearImage: Boolean)

@@ -76,8 +90,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  case class ForkRepositoryForm(owner: String, name: String)

  val newRepositoryForm = mapping(
-    "owner"        -> trim(label("Owner"          , text(required, maxlength(40), identifier, existsAccount))),
-    "name"         -> trim(label("Repository name", text(required, maxlength(40), identifier, uniqueRepository))),
+    "owner"        -> trim(label("Owner"          , text(required, maxlength(100), identifier, existsAccount))),
+    "name"         -> trim(label("Repository name", text(required, maxlength(100), repository, uniqueRepository))),
    "description"  -> trim(label("Description"    , optional(text()))),
    "isPrivate"    -> trim(label("Repository Type", boolean())),
    "createReadme" -> trim(label("Create README"  , boolean()))
@@ -103,21 +117,21 @@ trait AccountControllerBase extends AccountManagementControllerBase {
      params.getOrElse("tab", "repositories") match {
        // Public Activity
        case "activity" =>
-          _root_.account.html.activity(account,
+          gitbucket.core.account.html.activity(account,
            if(account.isGroupAccount) Nil else getGroupsByUserName(userName),
            getActivitiesByUser(userName, true))

        // Members
        case "members" if(account.isGroupAccount) => {
          val members = getGroupMembers(account.userName)
-          _root_.account.html.members(account, members.map(_.userName),
+          gitbucket.core.account.html.members(account, members.map(_.userName),
            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
        }

        // Repositories
        case _ => {
          val members = getGroupMembers(account.userName)
-          _root_.account.html.repositories(account,
+          gitbucket.core.account.html.repositories(account,
            if(account.isGroupAccount) Nil else getGroupsByUserName(userName),
            getVisibleRepositories(context.loginAccount, context.baseUrl, Some(userName)),
            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
@@ -142,10 +156,29 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    }
  }

+  /**
+   * https://developer.github.com/v3/users/#get-a-single-user
+   */
+  get("/api/v3/users/:userName") {
+    getAccountByUserName(params("userName")).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound
+  }
+
+  /**
+   * https://developer.github.com/v3/users/#get-the-authenticated-user
+   */
+  get("/api/v3/user") {
+    context.loginAccount.map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse Unauthorized
+  }
+
+
  get("/:userName/_edit")(oneselfOnly {
    val userName = params("userName")
    getAccountByUserName(userName).map { x =>
-      account.html.edit(x, flash.get("info"))
+      html.edit(x, flash.get("info"))
    } getOrElse NotFound
  })

@@ -169,16 +202,17 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    val userName = params("userName")

    getAccountByUserName(userName, true).foreach { account =>
-      // Remove repositories
-      getRepositoryNamesOfUser(userName).foreach { repositoryName =>
-        deleteRepository(userName, repositoryName)
-        FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
-        FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
-        FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
-      }
-      // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-      removeUserRelatedData(userName)
+//      // Remove repositories
+//      getRepositoryNamesOfUser(userName).foreach { repositoryName =>
+//        deleteRepository(userName, repositoryName)
+//        FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
+//        FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
+//        FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
+//      }
+//      // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
+//      removeUserRelatedData(userName)

+      removeUserRelatedData(userName)
      updateAccount(account.copy(isRemoved = true))
    }

@@ -189,7 +223,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  get("/:userName/_ssh")(oneselfOnly {
    val userName = params("userName")
    getAccountByUserName(userName).map { x =>
-      account.html.ssh(x, getPublicKeys(x.userName))
+      html.ssh(x, getPublicKeys(x.userName))
    } getOrElse NotFound
  })

@@ -206,12 +240,46 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    redirect(s"/${userName}/_ssh")
  })

+  get("/:userName/_application")(oneselfOnly {
+    val userName = params("userName")
+    getAccountByUserName(userName).map { x =>
+      var tokens = getAccessTokens(x.userName)
+      val generatedToken = flash.get("generatedToken") match {
+        case Some((tokenId:Int, token:String)) => {
+          val gt = tokens.find(_.accessTokenId == tokenId)
+          gt.map{ t =>
+            tokens = tokens.filterNot(_ == t)
+            (t, token)
+          }
+        }
+        case _ => None
+      }
+      html.application(x, tokens, generatedToken)
+    } getOrElse NotFound
+  })
+
+  post("/:userName/_personalToken", personalTokenForm)(oneselfOnly { form =>
+    val userName = params("userName")
+    getAccountByUserName(userName).map { x =>
+      val (tokenId, token) = generateAccessToken(userName, form.note)
+      flash += "generatedToken" -> (tokenId, token)
+    }
+    redirect(s"/${userName}/_application")
+  })
+
+  get("/:userName/_personalToken/delete/:id")(oneselfOnly {
+    val userName = params("userName")
+    val tokenId = params("id").toInt
+    deleteAccessToken(userName, tokenId)
+    redirect(s"/${userName}/_application")
+  })
+
  get("/register"){
    if(context.settings.allowAccountRegistration){
      if(context.loginAccount.isDefined){
        redirect("/")
      } else {
-        account.html.register()
+        html.register()
      }
    } else NotFound
  }
@@ -225,7 +293,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  }

  get("/groups/new")(usersOnly {
-    account.html.group(None, List(GroupMember("", context.loginAccount.get.userName, true)))
+    html.group(None, List(GroupMember("", context.loginAccount.get.userName, true)))
  })

  post("/groups/new", newGroupForm)(usersOnly { form =>
@@ -241,7 +309,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {

  get("/:groupName/_editgroup")(managersOnly {
    defining(params("groupName")){ groupName =>
-      account.html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
+      html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
    }
  })

@@ -290,7 +358,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   * Show the new repository form.
   */
  get("/new")(usersOnly {
-    account.html.newrepo(getGroupsByUserName(context.loginAccount.get.userName), context.settings.isCreateRepoOptionPublic)
+    html.newrepo(getGroupsByUserName(context.loginAccount.get.userName), context.settings.isCreateRepoOptionPublic)
  })

  /**
@@ -299,56 +367,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  post("/new", newRepositoryForm)(usersOnly { form =>
    LockUtil.lock(s"${form.owner}/${form.name}"){
      if(getRepository(form.owner, form.name, context.baseUrl).isEmpty){
-        val ownerAccount  = getAccountByUserName(form.owner).get
-        val loginAccount  = context.loginAccount.get
-        val loginUserName = loginAccount.userName
-
-        // Insert to the database at first
-        createRepository(form.name, form.owner, form.description, form.isPrivate)
-
-        // Add collaborators for group repository
-        if(ownerAccount.isGroupAccount){
-          getGroupMembers(form.owner).foreach { member =>
-            addCollaborator(form.owner, form.name, member.userName)
-          }
-        }
-
-        // Insert default labels
-        insertDefaultLabels(form.owner, form.name)
-
-        // Create the actual repository
-        val gitdir = getRepositoryDir(form.owner, form.name)
-        JGitUtil.initRepository(gitdir)
-
-        if(form.createReadme){
-          using(Git.open(gitdir)){ git =>
-            val builder  = DirCache.newInCore.builder()
-            val inserter = git.getRepository.newObjectInserter()
-            val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
-            val content  = if(form.description.nonEmpty){
-              form.name + "\n" +
-              "===============\n" +
-              "\n" +
-              form.description.get
-            } else {
-              form.name + "\n" +
-              "===============\n"
-            }
-
-            builder.add(JGitUtil.createDirCacheEntry("README.md", FileMode.REGULAR_FILE,
-              inserter.insert(Constants.OBJ_BLOB, content.getBytes("UTF-8"))))
-            builder.finish()
-
-            JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
-              Constants.HEAD, loginAccount.fullName, loginAccount.mailAddress, "Initial commit")
-          }
-        }
-
-        // Create Wiki repository
-        createWikiRepository(loginAccount, form.owner, form.name)
-
-        // Record activity
-        recordCreateRepositoryActivity(form.owner, form.name, loginUserName)
+        createRepository(form.owner, form.name, form.description, form.isPrivate, form.createReadme)
      }

      // redirect to the repository
@@ -356,6 +375,54 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    }
  })

+  /**
+   * Create user repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/user/repos")(usersOnly {
+    val owner = context.loginAccount.get.userName
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${owner}/${data.name}") {
+        if(getRepository(owner, data.name, context.baseUrl).isEmpty){
+          createRepository(owner, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(owner, data.name, context.baseUrl).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(owner).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists on this account", 
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound
+  })
+
+  /**
+   * Create group repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/orgs/:org/repos")(managersOnly {
+    val groupName = params("org")
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${groupName}/${data.name}") {
+        if(getRepository(groupName, data.name, context.baseUrl).isEmpty){
+          createRepository(groupName, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(groupName, data.name, context.baseUrl).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(groupName).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists for this group", 
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound
+  })
+
  get("/:owner/:repository/fork")(readableUsersOnly { repository =>
    val loginAccount   = context.loginAccount.get
    val loginUserName  = loginAccount.userName
@@ -366,7 +433,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
          val members = getGroupMembers(group)
          context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager })
        }
-        _root_.helper.html.forkrepository(
+        helper.html.forkrepository(
          repository,
          (groups zip managerPermissions).toMap
        )
@@ -400,6 +467,14 @@ trait AccountControllerBase extends AccountManagementControllerBase {
          parentUserName       = Some(repository.owner)
        )

+        // Add collaborators for group repository
+        val ownerAccount = getAccountByUserName(accountName).get
+        if(ownerAccount.isGroupAccount){
+          getGroupMembers(accountName).foreach { member =>
+            addCollaborator(accountName, repository.name, member.userName)
+          }
+        }
+
        // Insert default labels
        insertDefaultLabels(accountName, repository.name)

@@ -421,6 +496,59 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    }
  })

+  private def createRepository(owner: String, name: String, description: Option[String], isPrivate: Boolean, createReadme: Boolean) {
+    val ownerAccount  = getAccountByUserName(owner).get
+    val loginAccount  = context.loginAccount.get
+    val loginUserName = loginAccount.userName
+
+    // Insert to the database at first
+    createRepository(name, owner, description, isPrivate)
+
+    // Add collaborators for group repository
+    if(ownerAccount.isGroupAccount){
+      getGroupMembers(owner).foreach { member =>
+        addCollaborator(owner, name, member.userName)
+      }
+    }
+
+    // Insert default labels
+    insertDefaultLabels(owner, name)
+
+    // Create the actual repository
+    val gitdir = getRepositoryDir(owner, name)
+    JGitUtil.initRepository(gitdir)
+
+    if(createReadme){
+      using(Git.open(gitdir)){ git =>
+        val builder  = DirCache.newInCore.builder()
+        val inserter = git.getRepository.newObjectInserter()
+        val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
+        val content  = if(description.nonEmpty){
+          name + "\n" +
+          "===============\n" +
+          "\n" +
+          description.get
+        } else {
+          name + "\n" +
+          "===============\n"
+        }
+
+        builder.add(JGitUtil.createDirCacheEntry("README.md", FileMode.REGULAR_FILE,
+          inserter.insert(Constants.OBJ_BLOB, content.getBytes("UTF-8"))))
+        builder.finish()
+
+        JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
+          Constants.HEAD, loginAccount.fullName, loginAccount.mailAddress, "Initial commit")
+      }
+    }
+
+    // Create Wiki repository
+    createWikiRepository(loginAccount, owner, name)
+
+    // Record activity
+    recordCreateRepositoryActivity(owner, name, loginUserName)
+  }
+
  private def insertDefaultLabels(userName: String, repositoryName: String): Unit = {
    createLabel(userName, repositoryName, "bug", "fc2929")
    createLabel(userName, repositoryName, "duplicate", "cccccc")
--- a/src/main/scala/gitbucket/core/controller/AnonymousAccessController.scala
+++ b/src/main/scala/gitbucket/core/controller/AnonymousAccessController.scala
@@ -1,4 +1,4 @@
-package app
+package gitbucket.core.controller

 class AnonymousAccessController extends AnonymousAccessControllerBase

--- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala
+++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala
@@ -1,19 +1,25 @@
-package app
+package gitbucket.core.controller

-import _root_.util.Directory._
-import _root_.util.Implicits._
-import _root_.util.ControlUtil._
-import _root_.util.{StringUtil, FileUtil, Validations, Keys}
-import org.scalatra._
-import org.scalatra.json._
-import org.json4s._
-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.api.ApiError
+import gitbucket.core.model.Account
+import gitbucket.core.service.{AccountService, SystemSettingsService}
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util._
+
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
-import model._
-import service.{SystemSettingsService, AccountService}
+import org.json4s._
+import org.scalatra._
+import org.scalatra.i18n._
+import org.scalatra.json._
+
 import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
 import javax.servlet.{FilterChain, ServletResponse, ServletRequest}
-import org.scalatra.i18n._
+
+import scala.util.Try
+

 /**
 * Provides generic features for controller implementations.
@@ -22,7 +28,11 @@ abstract class ControllerBase extends ScalatraFilter
  with ClientSideValidationFormSupport with JacksonJsonSupport with I18nSupport with FlashMapSupport with Validations
  with SystemSettingsService {

-  implicit val jsonFormats = DefaultFormats
+  implicit val jsonFormats = gitbucket.core.api.JsonFormat.jsonFormats
+
+  before("/api/v3/*") {
+    contentType = formats("json")
+  }

 // TODO Scala 2.11
 //  // Don't set content type via Accept header.
@@ -51,6 +61,9 @@ abstract class ControllerBase extends ScalatraFilter
      // Git repository
      chain.doFilter(request, response)
    } else {
+      if(path.startsWith("/api/v3/")){
+        httpRequest.setAttribute(Keys.Request.APIv3, true)
+      }
      // Scalatra actions
      super.doFilter(request, response, chain)
    }
@@ -74,7 +87,7 @@ abstract class ControllerBase extends ScalatraFilter
    }
  }

-  private def LoginAccount: Option[Account] = session.getAs[Account](Keys.Session.LoginAccount)
+  private def LoginAccount: Option[Account] = request.getAs[Account](Keys.Session.LoginAccount).orElse(session.getAs[Account](Keys.Session.LoginAccount))

  def ajaxGet(path : String)(action : => Any) : Route =
    super.get(path){
@@ -103,13 +116,19 @@ abstract class ControllerBase extends ScalatraFilter
  protected def NotFound() =
    if(request.hasAttribute(Keys.Request.Ajax)){
      org.scalatra.NotFound()
+    } else if(request.hasAttribute(Keys.Request.APIv3)){
+      contentType = formats("json")
+      org.scalatra.NotFound(ApiError("Not Found"))
    } else {
-      org.scalatra.NotFound(html.error("Not Found"))
+      org.scalatra.NotFound(gitbucket.core.html.error("Not Found"))
    }

-  protected def Unauthorized()(implicit context: app.Context) =
+  protected def Unauthorized()(implicit context: Context) =
    if(request.hasAttribute(Keys.Request.Ajax)){
      org.scalatra.Unauthorized()
+    } else if(request.hasAttribute(Keys.Request.APIv3)){
+      contentType = formats("json")
+      org.scalatra.Unauthorized(ApiError("Requires authentication"))
    } else {
      if(context.loginAccount.isDefined){
        org.scalatra.Unauthorized(redirect("/"))
@@ -146,6 +165,15 @@ abstract class ControllerBase extends ScalatraFilter
    response.addHeader("X-Content-Type-Options", "nosniff")
    rawData
  }
+
+  // jenkins send message as 'application/x-www-form-urlencoded' but scalatra already parsed as multi-part-request.
+  def extractFromJsonBody[A](implicit request:HttpServletRequest, mf:Manifest[A]): Option[A] = {
+    (request.contentType.map(_.split(";").head.toLowerCase) match{
+      case Some("application/x-www-form-urlencoded") => multiParams.keys.headOption.map(parse(_))
+      case Some("application/json") => Some(parsedBody)
+      case _ => Some(parse(request.body))
+    }).filterNot(_ == JNothing).flatMap(j => Try(j.extract[A]).toOption)
+  }
 }

 /**
@@ -157,6 +185,13 @@ case class Context(settings: SystemSettingsService.SystemSettings, loginAccount:
  val currentPath = request.getRequestURI.substring(request.getContextPath.length)
  val baseUrl = settings.baseUrl(request)
  val host = new java.net.URL(baseUrl).getHost
+  val platform = request.getHeader("User-Agent") match {
+    case null => null
+    case agent if agent.contains("Mac") => "mac"
+    case agent if agent.contains("Linux") => "linux"
+    case agent if agent.contains("Win") => "windows"
+    case _ => null
+  }

  /**
   * Get object from cache.
--- a/src/main/scala/gitbucket/core/controller/DashboardController.scala
+++ b/src/main/scala/gitbucket/core/controller/DashboardController.scala
@@ -1,9 +1,10 @@
-package app
+package gitbucket.core.controller

-import service._
-import util.{StringUtil, UsersAuthenticator, Keys}
-import util.Implicits._
-import service.IssuesService.IssueSearchCondition
+import gitbucket.core.dashboard.html
+import gitbucket.core.service.{RepositoryService, PullRequestService, AccountService, IssuesService}
+import gitbucket.core.util.{StringUtil, Keys, UsersAuthenticator}
+import gitbucket.core.util.Implicits._
+import gitbucket.core.service.IssuesService._

 class DashboardController extends DashboardControllerBase
  with IssuesService with PullRequestService with RepositoryService with AccountService
@@ -96,7 +97,7 @@ trait DashboardControllerBase extends ControllerBase {
    val userRepos = getUserRepositories(userName, context.baseUrl, true).map(repo => repo.owner -> repo.name)
    val page      = IssueSearchCondition.page(request)

-    dashboard.html.issues(
+    html.issues(
      searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, userRepos: _*),
      page,
      countIssue(condition.copy(state = "open"  ), false, userRepos: _*),
@@ -119,7 +120,7 @@ trait DashboardControllerBase extends ControllerBase {
    val allRepos  = getAllRepositories(userName)
    val page      = IssueSearchCondition.page(request)

-    dashboard.html.pulls(
+    html.pulls(
      searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, allRepos: _*),
      page,
      countIssue(condition.copy(state = "open"  ), true, allRepos: _*),
--- a/src/main/scala/gitbucket/core/controller/FileUploadController.scala
+++ b/src/main/scala/gitbucket/core/controller/FileUploadController.scala
@@ -1,8 +1,8 @@
-package app
+package gitbucket.core.controller

-import util.{Keys, FileUtil}
-import util.ControlUtil._
-import util.Directory._
+import gitbucket.core.util.{Keys, FileUtil}
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
 import org.scalatra._
 import org.scalatra.servlet.{MultipartConfig, FileUploadSupport, FileItem}
 import org.apache.commons.io.FileUtils
@@ -17,22 +17,22 @@ class FileUploadController extends ScalatraServlet with FileUploadSupport {
  configureMultipartHandling(MultipartConfig(maxFileSize = Some(3 * 1024 * 1024)))

  post("/image"){
-    execute { (file, fileId) =>
+    execute({ (file, fileId) =>
      FileUtils.writeByteArrayToFile(new java.io.File(getTemporaryDir(session.getId), fileId), file.get)
      session += Keys.Session.Upload(fileId) -> file.name
-    }
+    }, FileUtil.isImage)
  }

-  post("/image/:owner/:repository"){
-    execute { (file, fileId) =>
+  post("/file/:owner/:repository"){
+    execute({ (file, fileId) =>
      FileUtils.writeByteArrayToFile(new java.io.File(
        getAttachedDir(params("owner"), params("repository")),
        fileId + "." + FileUtil.getExtension(file.getName)), file.get)
-    }
+    }, FileUtil.isUploadableType)
  }

-  private def execute(f: (FileItem, String) => Unit) = fileParams.get("file") match {
-    case Some(file) if(FileUtil.isImage(file.name)) =>
+  private def execute(f: (FileItem, String) => Unit, mimeTypeChcker: (String) => Boolean) = fileParams.get("file") match {
+    case Some(file) if(mimeTypeChcker(file.name)) =>
      defining(FileUtil.generateFileId){ fileId =>
        f(file, fileId)

--- a/src/main/scala/gitbucket/core/controller/IndexController.scala
+++ b/src/main/scala/gitbucket/core/controller/IndexController.scala
@@ -1,13 +1,20 @@
-package app
+package gitbucket.core.controller
+
+import gitbucket.core.api._
+import gitbucket.core.helper.xml
+import gitbucket.core.html
+import gitbucket.core.model.Account
+import gitbucket.core.service.{RepositoryService, ActivityService, AccountService}
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator}
+
+import io.github.gitbucket.scalatra.forms._

-import util._
-import util.Implicits._
-import service._
-import jp.sf.amateras.scalatra.forms._

 class IndexController extends IndexControllerBase 
  with RepositoryService with ActivityService with AccountService with UsersAuthenticator

+
 trait IndexControllerBase extends ControllerBase {
  self: RepositoryService with ActivityService with AccountService with UsersAuthenticator =>

@@ -61,13 +68,13 @@ trait IndexControllerBase extends ControllerBase {

  get("/activities.atom"){
    contentType = "application/atom+xml; type=feed"
-    helper.xml.feed(getRecentActivities())
+    xml.feed(getRecentActivities())
  }

  /**
   * Set account information into HttpSession and redirect.
   */
-  private def signin(account: model.Account) = {
+  private def signin(account: Account) = {
    session.setAttribute(Keys.Session.LoginAccount, account)
    updateLastLoginDate(account.userName)

@@ -92,15 +99,24 @@ trait IndexControllerBase extends ControllerBase {
  get("/_user/proposals")(usersOnly {
    contentType = formats("json")
    org.json4s.jackson.Serialization.write(
-      Map("options" -> getAllUsers().filter(!_.isGroupAccount).map(_.userName).toArray)
+      Map("options" -> getAllUsers(false).filter(!_.isGroupAccount).map(_.userName).toArray)
    )
  })

  /**
-   * JSON APU for checking user existence.
+   * JSON API for checking user existence.
   */
  post("/_user/existence")(usersOnly {
    getAccountByUserName(params("userName")).isDefined
  })

+  /**
+   * @see https://developer.github.com/v3/rate_limit/#get-your-current-rate-limit-status
+   * but not enabled.
+   */
+  get("/api/v3/rate_limit"){
+    contentType = formats("json")
+    // this message is same as github enterprise...
+    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
+  }
 }
--- a/src/main/scala/gitbucket/core/controller/IssuesController.scala
+++ b/src/main/scala/gitbucket/core/controller/IssuesController.scala
@@ -1,22 +1,27 @@
-package app
+package gitbucket.core.controller

-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.api._
+import gitbucket.core.issues.html
+import gitbucket.core.model.Issue
+import gitbucket.core.service.IssuesService._
+import gitbucket.core.service._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util._
+import gitbucket.core.view
+import gitbucket.core.view.Markdown

-import service._
-import IssuesService._
-import util._
-import util.Implicits._
-import util.ControlUtil._
+import io.github.gitbucket.scalatra.forms._
 import org.scalatra.Ok
-import model.Issue
+

 class IssuesController extends IssuesControllerBase
  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService

 trait IssuesControllerBase extends ControllerBase {
  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator =>
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService =>

  case class IssueCreateForm(title: String, content: Option[String],
    assignedUserName: Option[String], milestoneId: Option[Int], labelNames: Option[String])
@@ -60,7 +65,7 @@ trait IssuesControllerBase extends ControllerBase {
  get("/:owner/:repository/issues/:id")(referrersOnly { repository =>
    defining(repository.owner, repository.name, params("id")){ case (owner, name, issueId) =>
      getIssue(owner, name, issueId) map {
-        issues.html.issue(
+        html.issue(
          _,
          getComments(owner, name, issueId.toInt),
          getIssueLabels(owner, name, issueId.toInt),
@@ -73,9 +78,21 @@ trait IssuesControllerBase extends ControllerBase {
    }
  })

+  /**
+   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
+   */
+  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
+    (for{
+      issueId <- params("id").toIntOpt
+      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
+    } yield {
+      JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
+    }).getOrElse(NotFound)
+  })
+
  get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
    defining(repository.owner, repository.name){ case (owner, name) =>
-      issues.html.create(
+      html.create(
        (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
          getMilestones(owner, name),
          getLabels(owner, name),
@@ -109,14 +126,17 @@ trait IssuesControllerBase extends ControllerBase {
      // record activity
      recordCreateIssueActivity(owner, name, userName, issueId, form.title)

-      // extract references and create refer comment
      getIssue(owner, name, issueId.toString).foreach { issue =>
+        // extract references and create refer comment
        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""))
-      }

-      // notifications
-      Notifier().toNotify(repository, issueId, form.content.getOrElse("")){
-        Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
+        // call web hooks
+        callIssuesWebHook("opened", repository, issue, context.baseUrl, context.loginAccount.get)
+
+        // notifications
+        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
+          Notifier.msgIssue(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
+        }
      }

      redirect(s"/${owner}/${name}/issues/${issueId}")
@@ -160,6 +180,20 @@ trait IssuesControllerBase extends ControllerBase {
    } getOrElse NotFound
  })

+  /**
+   * https://developer.github.com/v3/issues/comments/#create-a-comment
+   */
+  post("/api/v3/repos/:owner/:repository/issues/:id/comments")(readableUsersOnly { repository =>
+    (for{
+      issueId <- params("id").toIntOpt
+      body <- extractFromJsonBody[CreateAComment].map(_.body) if ! body.isEmpty
+      (issue, id) <- handleComment(issueId, Some(body), repository)()
+      issueComment <- getComment(repository.owner, repository.name, id.toString())
+    } yield {
+      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
+    }) getOrElse NotFound
+  })
+
  post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
    handleComment(form.issueId, form.content, repository)() map { case (issue, id) =>
      redirect(s"/${repository.owner}/${repository.name}/${
@@ -192,15 +226,25 @@ trait IssuesControllerBase extends ControllerBase {
    getIssue(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.openedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => issues.html.editissue(
+          case t if t == "html" => html.editissue(
              x.content, x.issueId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-              Map("title"   -> x.title,
-                  "content" -> view.Markdown.toHtml(x.content getOrElse "No description given.",
-                      repository, false, true, true, isEditable(x.userName, x.repositoryName, x.openedUserName))
-              ))
+            Map(
+              "title"   -> x.title,
+              "content" -> Markdown.toHtml(
+                markdown = x.content getOrElse "No description given.",
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                enableTaskList = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.openedUserName)
+              )
+            )
+          )
        }
      } else Unauthorized
    } getOrElse NotFound
@@ -210,30 +254,46 @@ trait IssuesControllerBase extends ControllerBase {
    getComment(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => issues.html.editcomment(
+          case t if t == "html" => html.editcomment(
              x.content, x.commentId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-              Map("content" -> view.Markdown.toHtml(x.content,
-                  repository, false, true, true, isEditable(x.userName, x.repositoryName, x.commentedUserName))
-              ))
+            Map(
+              "content" -> view.Markdown.toHtml(
+                markdown = x.content,
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                enableTaskList = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+              )
+            )
+          )
        }
      } else Unauthorized
    } getOrElse NotFound
  })

+  ajaxPost("/:owner/:repository/issues/new/label")(collaboratorsOnly { repository =>
+    val labelNames = params("labelNames").split(",")
+    val labels = getLabels(repository.owner, repository.name).filter(x => labelNames.contains(x.labelName))
+    html.labellist(labels)
+  })
+
  ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { repository =>
    defining(params("id").toInt){ issueId =>
      registerIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
-      issues.html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
+      html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
    }
  })

  ajaxPost("/:owner/:repository/issues/:id/label/delete")(collaboratorsOnly { repository =>
    defining(params("id").toInt){ issueId =>
      deleteIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
-      issues.html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
+      html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
    }
  })

@@ -247,7 +307,7 @@ trait IssuesControllerBase extends ControllerBase {
    milestoneId("milestoneId").map { milestoneId =>
      getMilestonesWithIssueCount(repository.owner, repository.name)
          .find(_._1.milestoneId == milestoneId).map { case (_, openCount, closeCount) =>
-        issues.milestones.html.progress(openCount + closeCount, closeCount)
+        gitbucket.core.issues.milestones.html.progress(openCount + closeCount, closeCount)
      } getOrElse NotFound
    } getOrElse Ok()
  })
@@ -292,6 +352,7 @@ trait IssuesControllerBase extends ControllerBase {
    (Directory.getAttachedDir(repository.owner, repository.name) match {
      case dir if(dir.exists && dir.isDirectory) =>
        dir.listFiles.find(_.getName.startsWith(params("file") + ".")).map { file =>
+          response.setHeader("Content-Disposition", f"""inline; filename=${file.getName}""")
          RawData(FileUtil.getMimeType(file.getName), file)
        }
      case _ => None
@@ -301,7 +362,7 @@ trait IssuesControllerBase extends ControllerBase {
  val assignedUserName = (key: String) => params.get(key) filter (_.trim != "")
  val milestoneId: String => Option[Int] = (key: String) => params.get(key).flatMap(_.toIntOpt)

-  private def isEditable(owner: String, repository: String, author: String)(implicit context: app.Context): Boolean =
+  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName

  private def executeBatch(repository: RepositoryService.RepositoryInfo)(execute: Int => Unit) = {
@@ -312,11 +373,15 @@ trait IssuesControllerBase extends ControllerBase {
    }
  }

+  // TODO Same method exists in PullRequestController. Should it moved to IssueService?
  private def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String) = {
    StringUtil.extractIssueId(message).foreach { issueId =>
+      val content = fromIssue.issueId + ":" + fromIssue.title
      if(getIssue(owner, repository, issueId).isDefined){
-        createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt,
-                      fromIssue.issueId + ":" + fromIssue.title, "refer")
+        // Not add if refer comment already exist.
+        if(!getComments(owner, repository, issueId.toInt).exists { x => x.action == "refer" && x.content == content }) {
+          createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt, content, "refer")
+        }
      }
    }
  }
@@ -325,13 +390,13 @@ trait IssuesControllerBase extends ControllerBase {
   * @see [[https://github.com/takezoe/gitbucket/wiki/CommentAction]]
   */
  private def handleComment(issueId: Int, content: Option[String], repository: RepositoryService.RepositoryInfo)
-      (getAction: model.Issue => Option[String] =
+      (getAction: Issue => Option[String] =
           p1 => params.get("action").filter(_ => isEditable(p1.userName, p1.repositoryName, p1.openedUserName))) = {

    defining(repository.owner, repository.name){ case (owner, name) =>
      val userName = context.loginAccount.get.userName

-      getIssue(owner, name, issueId.toString) map { issue =>
+      getIssue(owner, name, issueId.toString) flatMap { issue =>
        val (action, recordActivity) =
          getAction(issue)
            .collect {
@@ -346,11 +411,10 @@ trait IssuesControllerBase extends ControllerBase {
            }
            .getOrElse(None -> None)

-        val commentId = content
-          .map       ( _ -> action.map( _ + "_comment" ).getOrElse("comment") )
-          .getOrElse ( action.get.capitalize -> action.get )
-        match {
-          case (content, action) => createComment(owner, name, userName, issueId, content, action)
+        val commentId = (content, action) match {
+          case (None, None) => None
+          case (None, Some(action)) => Some(createComment(owner, name, userName, issueId, action.capitalize, action))
+          case (Some(content), _) => Some(createComment(owner, name, userName, issueId, content, action.map(_+ "_comment").getOrElse("comment")))
        }

        // record comment activity if comment is entered
@@ -365,23 +429,39 @@ trait IssuesControllerBase extends ControllerBase {
          createReferComment(owner, name, issue, content)
        }

+        // call web hooks
+        action match {
+          case None => commentId.map{ commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, context.loginAccount.get) }
+          case Some(act) => val webHookAction = act match {
+            case "open"   => "opened"
+            case "reopen" => "reopened"
+            case "close"  => "closed"
+            case _ => act
+          }
+          if(issue.isPullRequest){
+            callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, context.loginAccount.get)
+          } else {
+            callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, context.loginAccount.get)
+          }
+        }
+
        // notifications
        Notifier() match {
          case f =>
            content foreach {
-              f.toNotify(repository, issueId, _){
+              f.toNotify(repository, issue, _){
                Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
-                  if(issue.isPullRequest) "pull" else "issues"}/${issueId}#comment-${commentId}")
+                  if(issue.isPullRequest) "pull" else "issues"}/${issueId}#comment-${commentId.get}")
              }
            }
            action foreach {
-              f.toNotify(repository, issueId, _){
+              f.toNotify(repository, issue, _){
                Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
              }
            }
        }

-        issue -> commentId
+        commentId.map( issue -> _ )
      }
    }
  }
@@ -395,7 +475,7 @@ trait IssuesControllerBase extends ControllerBase {
      val condition = session.putAndGet(sessionKey,
        if(request.hasQueryString){
          val q = request.getParameter("q")
-          if(q == null){
+          if(q == null || q.trim.isEmpty){
            IssueSearchCondition(request)
          } else {
            IssueSearchCondition(q, getMilestones(owner, repoName).map(x => (x.title, x.milestoneId)).toMap)
@@ -403,11 +483,15 @@ trait IssuesControllerBase extends ControllerBase {
        } else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
      )

-      issues.html.list(
+      html.list(
          "issues",
          searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, owner -> repoName),
          page,
-          (getCollaborators(owner, repoName) :+ owner).sorted,
+          if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+            (getCollaborators(owner, repoName) :+ owner).sorted
+          } else {
+            getCollaborators(owner, repoName)
+          },
          getMilestones(owner, repoName),
          getLabels(owner, repoName),
          countIssue(condition.copy(state = "open"  ), false, owner -> repoName),
@@ -417,5 +501,4 @@ trait IssuesControllerBase extends ControllerBase {
          hasWritePermission(owner, repoName, context.loginAccount))
    }
  }
-
 }
--- a/src/main/scala/gitbucket/core/controller/LabelsController.scala
+++ b/src/main/scala/gitbucket/core/controller/LabelsController.scala
@@ -0,0 +1,176 @@
+package gitbucket.core.controller
+
+import gitbucket.core.api.{ApiError, CreateALabel, ApiLabel, JsonFormat}
+import gitbucket.core.issues.labels.html
+import gitbucket.core.service.{RepositoryService, AccountService, IssuesService, LabelsService}
+import gitbucket.core.util.{LockUtil, RepositoryName, ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.Implicits._
+import io.github.gitbucket.scalatra.forms._
+import org.scalatra.i18n.Messages
+import org.scalatra.{NoContent, UnprocessableEntity, Created, Ok}
+
+class LabelsController extends LabelsControllerBase
+  with LabelsService with IssuesService with RepositoryService with AccountService
+with ReferrerAuthenticator with CollaboratorsAuthenticator
+
+trait LabelsControllerBase extends ControllerBase {
+  self: LabelsService with IssuesService with RepositoryService
+    with ReferrerAuthenticator with CollaboratorsAuthenticator =>
+
+  case class LabelForm(labelName: String, color: String)
+
+  val labelForm = mapping(
+    "labelName"  -> trim(label("Label name", text(required, labelName, uniqueLabelName, maxlength(100)))),
+    "labelColor" -> trim(label("Color",      text(required, color)))
+  )(LabelForm.apply)
+
+  get("/:owner/:repository/issues/labels")(referrersOnly { repository =>
+    html.list(
+      getLabels(repository.owner, repository.name),
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      repository,
+      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+  })
+
+  /**
+    * List all labels for this repository
+    * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
+    */
+  get("/api/v3/repos/:owner/:repository/labels")(referrersOnly { repository =>
+    JsonFormat(getLabels(repository.owner, repository.name).map { label =>
+      ApiLabel(label, RepositoryName(repository))
+    })
+  })
+
+  /**
+    * Get a single label
+    * https://developer.github.com/v3/issues/labels/#get-a-single-label
+    */
+  get("/api/v3/repos/:owner/:repository/labels/:labelName")(referrersOnly { repository =>
+    getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+      JsonFormat(ApiLabel(label, RepositoryName(repository)))
+    } getOrElse NotFound()
+  })
+
+  ajaxGet("/:owner/:repository/issues/labels/new")(collaboratorsOnly { repository =>
+    html.edit(None, repository)
+  })
+
+  ajaxPost("/:owner/:repository/issues/labels/new", labelForm)(collaboratorsOnly { (form, repository) =>
+    val labelId = createLabel(repository.owner, repository.name, form.labelName, form.color.substring(1))
+    html.label(
+      getLabel(repository.owner, repository.name, labelId).get,
+      // TODO futility
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      repository,
+      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+  })
+
+  /**
+    * Create a label
+    * https://developer.github.com/v3/issues/labels/#create-a-label
+    */
+  post("/api/v3/repos/:owner/:repository/labels")(collaboratorsOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+          val labelId = createLabel(repository.owner, repository.name, data.name, data.color)
+          getLabel(repository.owner, repository.name, labelId).map { label =>
+            Created(JsonFormat(ApiLabel(label, RepositoryName(repository))))
+          } getOrElse NotFound()
+        } else {
+          // TODO ApiError should support errors field to enhance compatibility of GitHub API
+          UnprocessableEntity(ApiError(
+            "Validation Failed",
+            Some("https://developer.github.com/v3/issues/labels/#create-a-label")
+          ))
+        }
+      }
+    }) getOrElse NotFound()
+  })
+
+  ajaxGet("/:owner/:repository/issues/labels/:labelId/edit")(collaboratorsOnly { repository =>
+    getLabel(repository.owner, repository.name, params("labelId").toInt).map { label =>
+      html.edit(Some(label), repository)
+    } getOrElse NotFound()
+  })
+
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/edit", labelForm)(collaboratorsOnly { (form, repository) =>
+    updateLabel(repository.owner, repository.name, params("labelId").toInt, form.labelName, form.color.substring(1))
+    html.label(
+      getLabel(repository.owner, repository.name, params("labelId").toInt).get,
+      // TODO futility
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      repository,
+      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+  })
+
+  /**
+    * Update a label
+    * https://developer.github.com/v3/issues/labels/#update-a-label
+    */
+  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+          if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+            updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
+            JsonFormat(ApiLabel(
+              getLabel(repository.owner, repository.name, label.labelId).get,
+              RepositoryName(repository)))
+          } else {
+            // TODO ApiError should support errors field to enhance compatibility of GitHub API
+            UnprocessableEntity(ApiError(
+              "Validation Failed",
+              Some("https://developer.github.com/v3/issues/labels/#create-a-label")))
+          }
+        } getOrElse NotFound()
+      }
+    }) getOrElse NotFound()
+  })
+
+  ajaxPost("/:owner/:repository/issues/labels/:labelId/delete")(collaboratorsOnly { repository =>
+    deleteLabel(repository.owner, repository.name, params("labelId").toInt)
+    Ok()
+  })
+
+  /**
+    * Delete a label
+    * https://developer.github.com/v3/issues/labels/#delete-a-label
+    */
+  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+    LockUtil.lock(RepositoryName(repository).fullName) {
+      getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+        deleteLabel(repository.owner, repository.name, label.labelId)
+        NoContent()
+      } getOrElse NotFound()
+    }
+  })
+
+  /**
+   * Constraint for the identifier such as user name, repository name or page name.
+   */
+  private def labelName: Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] =
+      if(value.contains(',')){
+        Some(s"${name} contains invalid character.")
+      } else if(value.startsWith("_") || value.startsWith("-")){
+        Some(s"${name} starts with invalid character.")
+      } else {
+        None
+      }
+  }
+
+  private def uniqueLabelName: Constraint = new Constraint(){
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] = {
+      val owner = params("owner")
+      val repository = params("repository")
+      getLabel(owner, repository, value).map(_ => "Name has already been taken.")
+    }
+  }
+
+}
--- a/src/main/scala/gitbucket/core/controller/MilestonesController.scala
+++ b/src/main/scala/gitbucket/core/controller/MilestonesController.scala
@@ -1,10 +1,10 @@
-package app
+package gitbucket.core.controller

-import jp.sf.amateras.scalatra.forms._
-
-import service._
-import util.{CollaboratorsAuthenticator, ReferrerAuthenticator}
-import util.Implicits._
+import gitbucket.core.issues.milestones.html
+import gitbucket.core.service.{RepositoryService, MilestonesService, AccountService}
+import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
+import gitbucket.core.util.Implicits._
+import io.github.gitbucket.scalatra.forms._

 class MilestonesController extends MilestonesControllerBase
  with MilestonesService with RepositoryService with AccountService
@@ -23,7 +23,7 @@ trait MilestonesControllerBase extends ControllerBase {
  )(MilestoneForm.apply)

  get("/:owner/:repository/issues/milestones")(referrersOnly { repository =>
-    issues.milestones.html.list(
+    html.list(
      params.getOrElse("state", "open"),
      getMilestonesWithIssueCount(repository.owner, repository.name),
      repository,
@@ -31,7 +31,7 @@ trait MilestonesControllerBase extends ControllerBase {
  })

  get("/:owner/:repository/issues/milestones/new")(collaboratorsOnly {
-    issues.milestones.html.edit(None, _)
+    html.edit(None, _)
  })

  post("/:owner/:repository/issues/milestones/new", milestoneForm)(collaboratorsOnly { (form, repository) =>
@@ -41,7 +41,7 @@ trait MilestonesControllerBase extends ControllerBase {

  get("/:owner/:repository/issues/milestones/:milestoneId/edit")(collaboratorsOnly { repository =>
    params("milestoneId").toIntOpt.map{ milestoneId =>
-      issues.milestones.html.edit(getMilestone(repository.owner, repository.name, milestoneId), repository)
+      html.edit(getMilestone(repository.owner, repository.name, milestoneId), repository)
    } getOrElse NotFound
  })

--- a/src/main/scala/gitbucket/core/controller/PluginsController.scala
+++ b/src/main/scala/gitbucket/core/controller/PluginsController.scala
@@ -0,0 +1,11 @@
+package gitbucket.core.controller
+
+import gitbucket.core.admin.plugins.html
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.util.AdminAuthenticator
+
+class PluginsController extends ControllerBase with AdminAuthenticator {
+  get("/admin/plugins")(adminOnly {
+    html.plugins(PluginRegistry().getPlugins())
+  })
+}
--- a/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
+++ b/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
@@ -0,0 +1,624 @@
+package gitbucket.core.controller
+
+import gitbucket.core.api._
+import gitbucket.core.model.{Account, CommitStatus, CommitState, Repository, PullRequest, Issue, WebHook}
+import gitbucket.core.pulls.html
+import gitbucket.core.service.CommitStatusService
+import gitbucket.core.service.MergeService
+import gitbucket.core.service.IssuesService._
+import gitbucket.core.service.PullRequestService._
+import gitbucket.core.service._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.JGitUtil._
+import gitbucket.core.util._
+import gitbucket.core.view
+import gitbucket.core.view.helpers
+
+import io.github.gitbucket.scalatra.forms._
+import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.lib.PersonIdent
+import org.slf4j.LoggerFactory
+
+import scala.collection.JavaConverters._
+
+
+class PullRequestsController extends PullRequestsControllerBase
+  with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
+  with CommitsService with ActivityService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+  with CommitStatusService with MergeService with ProtectedBranchService
+
+
+trait PullRequestsControllerBase extends ControllerBase {
+  self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
+    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
+    with CommitStatusService with MergeService with ProtectedBranchService =>
+
+  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])
+
+  val pullRequestForm = mapping(
+    "title"                 -> trim(label("Title"  , text(required, maxlength(100)))),
+    "content"               -> trim(label("Content", optional(text()))),
+    "targetUserName"        -> trim(text(required, maxlength(100))),
+    "targetBranch"          -> trim(text(required, maxlength(100))),
+    "requestUserName"       -> trim(text(required, maxlength(100))),
+    "requestRepositoryName" -> trim(text(required, maxlength(100))),
+    "requestBranch"         -> trim(text(required, maxlength(100))),
+    "commitIdFrom"          -> trim(text(required, maxlength(40))),
+    "commitIdTo"            -> trim(text(required, maxlength(40))),
+    "assignedUserName"      -> trim(optional(text())),
+    "milestoneId"           -> trim(optional(number())),
+    "labelNames"            -> trim(optional(text()))
+  )(PullRequestForm.apply)
+
+  val mergeForm = mapping(
+    "message" -> trim(label("Message", text(required)))
+  )(MergeForm.apply)
+
+  case class PullRequestForm(
+    title: String,
+    content: Option[String],
+    targetUserName: String,
+    targetBranch: String,
+    requestUserName: String,
+    requestRepositoryName: String,
+    requestBranch: String,
+    commitIdFrom: String,
+    commitIdTo: String,
+    assignedUserName: Option[String],
+    milestoneId: Option[Int],
+    labelNames: Option[String]
+  )
+
+  case class MergeForm(message: String)
+
+  get("/:owner/:repository/pulls")(referrersOnly { repository =>
+    val q = request.getParameter("q")
+    if(Option(q).exists(_.contains("is:issue"))){
+      redirect(s"/${repository.owner}/${repository.name}/issues?q=" + StringUtil.urlEncode(q))
+    } else {
+      searchPullRequests(None, repository)
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-pull-requests
+   */
+  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
+    val page       = IssueSearchCondition.page(request)
+    // TODO: more api spec condition
+    val condition = IssueSearchCondition(request)
+    val baseOwner = getAccountByUserName(repository.owner).get
+    val issues:List[(Issue, Account, Int, PullRequest, Repository, Account)] = searchPullRequestByApi(condition, (page - 1) * PullRequestLimit, PullRequestLimit, repository.owner -> repository.name)
+    JsonFormat(issues.map{case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
+      ApiPullRequest(
+        issue,
+        pullRequest,
+        ApiRepository(headRepo, ApiUser(headOwner)),
+        ApiRepository(repository, ApiUser(baseOwner)),
+        ApiUser(issueUser)) })
+  })
+
+  get("/:owner/:repository/pull/:id")(referrersOnly { repository =>
+    params("id").toIntOpt.flatMap{ issueId =>
+      val owner = repository.owner
+      val name = repository.name
+      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
+        using(Git.open(getRepositoryDir(owner, name))){ git =>
+          val (commits, diffs) =
+            getRequestCompareInfo(owner, name, pullreq.commitIdFrom, owner, name, pullreq.commitIdTo)
+          html.pullreq(
+            issue, pullreq,
+            (commits.flatten.map(commit => getCommitComments(owner, name, commit.id, true)).flatten.toList ::: getComments(owner, name, issueId))
+              .sortWith((a, b) => a.registeredDate before b.registeredDate),
+            getIssueLabels(owner, name, issueId),
+            (getCollaborators(owner, name) ::: (if(getAccountByUserName(owner).get.isGroupAccount) Nil else List(owner))).sorted,
+            getMilestonesWithIssueCount(owner, name),
+            getLabels(owner, name),
+            commits,
+            diffs,
+            hasWritePermission(owner, name, context.loginAccount),
+            repository,
+            flash.toMap.map(f => f._1 -> f._2.toString))
+        }
+      }
+    } getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#get-a-single-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
+    (for{
+      issueId <- params("id").toIntOpt
+      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
+      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
+      baseOwner <- users.get(repository.owner)
+      headOwner <- users.get(pullRequest.requestUserName)
+      issueUser <- users.get(issue.openedUserName)
+      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName, baseUrl)
+    } yield {
+      JsonFormat(ApiPullRequest(
+        issue,
+        pullRequest,
+        ApiRepository(headRepo, ApiUser(headOwner)),
+        ApiRepository(repository, ApiUser(baseOwner)),
+        ApiUser(issueUser)))
+    }).getOrElse(NotFound)
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id/commits")(referrersOnly { repository =>
+    val owner = repository.owner
+    val name = repository.name
+    params("id").toIntOpt.flatMap{ issueId =>
+      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
+        using(Git.open(getRepositoryDir(owner, name))){ git =>
+          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
+          val newId = git.getRepository.resolve(pullreq.commitIdTo)
+          val repoFullName = RepositoryName(repository)
+          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
+          JsonFormat(commits)
+        }
+      }
+    } getOrElse NotFound
+  })
+
+  ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
+    params("id").toIntOpt.flatMap{ issueId =>
+      val owner = repository.owner
+      val name  = repository.name
+      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
+        val hasConflict = LockUtil.lock(s"${owner}/${name}"){
+          checkConflict(owner, name, pullreq.branch, issueId)
+        }
+        val hasMergePermission = hasWritePermission(owner, name, context.loginAccount)
+        val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch)
+        val mergeStatus = PullRequestService.MergeStatus(
+           hasConflict         = hasConflict,
+           commitStatues       = getCommitStatues(owner, name, pullreq.commitIdTo),
+           branchProtection    = branchProtection,
+           branchIsOutOfDate   = JGitUtil.getShaByRef(owner, name, pullreq.branch) != Some(pullreq.commitIdFrom),
+           needStatusCheck     = context.loginAccount.map{ u =>
+                                   branchProtection.needStatusCheck(u.userName)
+                                 }.getOrElse(true),
+           hasUpdatePermission = hasWritePermission(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
+                                   context.loginAccount.map{ u =>
+                                     !getProtectedBranchInfo(pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch).needStatusCheck(u.userName)
+                                   }.getOrElse(false),
+           hasMergePermission  = hasMergePermission,
+           commitIdTo          = pullreq.commitIdTo)
+        html.mergeguide(
+          mergeStatus,
+          issue,
+          pullreq,
+          repository,
+          getRepository(pullreq.requestUserName, pullreq.requestRepositoryName, context.baseUrl).get)
+      }
+    } getOrElse NotFound
+  })
+
+  get("/:owner/:repository/pull/:id/delete/*")(collaboratorsOnly { repository =>
+    params("id").toIntOpt.map { issueId =>
+      val branchName = multiParams("splat").head
+      val userName   = context.loginAccount.get.userName
+      if(repository.repository.defaultBranch != branchName){
+        using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+          git.branchDelete().setForce(true).setBranchNames(branchName).call()
+          recordDeleteBranchActivity(repository.owner, repository.name, userName, branchName)
+        }
+      }
+      createComment(repository.owner, repository.name, userName, issueId, branchName, "delete_branch")
+      redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+    } getOrElse NotFound
+  })
+
+  post("/:owner/:repository/pull/:id/update_branch")(referrersOnly { baseRepository =>
+    (for {
+      issueId <- params("id").toIntOpt
+      loginAccount <- context.loginAccount
+      (issue, pullreq) <- getPullRequest(baseRepository.owner, baseRepository.name, issueId)
+      owner = pullreq.requestUserName
+      name  = pullreq.requestRepositoryName
+      if hasWritePermission(owner, name, context.loginAccount)
+    } yield {
+      val branchProtection = getProtectedBranchInfo(owner, name, pullreq.requestBranch)
+      if(branchProtection.needStatusCheck(loginAccount.userName)){
+        flash += "error" -> s"branch ${pullreq.requestBranch} is protected need status check."
+      } else {
+        val repository = getRepository(owner, name, context.baseUrl).get
+        LockUtil.lock(s"${owner}/${name}"){
+          val alias = if(pullreq.repositoryName == pullreq.requestRepositoryName && pullreq.userName == pullreq.requestUserName){
+            pullreq.branch
+          }else{
+            s"${pullreq.userName}:${pullreq.branch}"
+          }
+          val existIds = using(Git.open(Directory.getRepositoryDir(owner, name))) { git => JGitUtil.getAllCommitIds(git) }.toSet
+          pullRemote(owner, name, pullreq.requestBranch, pullreq.userName, pullreq.repositoryName, pullreq.branch, loginAccount,
+                     "Merge branch '${alias}' into ${pullreq.requestBranch}") match {
+            case None => // conflict
+              flash += "error" -> s"Can't automatic merging branch '${alias}' into ${pullreq.requestBranch}."
+            case Some(oldId) =>
+              // update pull request
+              updatePullRequests(owner, name, pullreq.requestBranch)
+
+              using(Git.open(Directory.getRepositoryDir(owner, name))) { git =>
+                //  after update branch
+
+                val newCommitId = git.getRepository.resolve(s"refs/heads/${pullreq.requestBranch}")
+                val commits = git.log.addRange(oldId, newCommitId).call.iterator.asScala.map(c => new JGitUtil.CommitInfo(c)).toList
+
+                commits.foreach{ commit =>
+                  if(!existIds.contains(commit.id)){
+                    createIssueComment(owner, name, commit)
+                  }
+                }
+
+                // record activity
+                recordPushActivity(owner, name, loginAccount.userName, pullreq.branch, commits)
+
+                // close issue by commit message
+                if(pullreq.requestBranch == repository.repository.defaultBranch){
+                  commits.map{ commit =>
+                    closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
+                  }
+                }
+
+                // call web hook
+                callPullRequestWebHookByRequestBranch("synchronize", repository, pullreq.requestBranch, baseUrl, loginAccount)
+                callWebHookOf(owner, name, WebHook.Push) {
+                  for {
+                    ownerAccount <- getAccountByUserName(owner)
+                  } yield {
+                    WebHookService.WebHookPushPayload(git, loginAccount, pullreq.requestBranch, repository, commits, ownerAccount, oldId = oldId, newId = newCommitId)
+                  }
+                }
+              }
+              flash += "info" -> s"Merge branch '${alias}' into ${pullreq.requestBranch}"
+          }
+        }
+        redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+      }
+    }) getOrElse NotFound
+  })
+
+  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
+    params("id").toIntOpt.flatMap { issueId =>
+      val owner = repository.owner
+      val name  = repository.name
+      LockUtil.lock(s"${owner}/${name}"){
+        getPullRequest(owner, name, issueId).map { case (issue, pullreq) =>
+          using(Git.open(getRepositoryDir(owner, name))) { git =>
+            // mark issue as merged and close.
+            val loginAccount = context.loginAccount.get
+            createComment(owner, name, loginAccount.userName, issueId, form.message, "merge")
+            createComment(owner, name, loginAccount.userName, issueId, "Close", "close")
+            updateClosed(owner, name, issueId, true)
+
+            // record activity
+            recordMergeActivity(owner, name, loginAccount.userName, issueId, form.message)
+
+            // merge git repository
+            mergePullRequest(git, pullreq.branch, issueId,
+              s"Merge pull request #${issueId} from ${pullreq.requestUserName}/${pullreq.requestBranch}\n\n" + form.message,
+               new PersonIdent(loginAccount.fullName, loginAccount.mailAddress))
+
+            val (commits, _) = getRequestCompareInfo(owner, name, pullreq.commitIdFrom,
+              pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.commitIdTo)
+
+            // close issue by content of pull request
+            val defaultBranch = getRepository(owner, name, context.baseUrl).get.repository.defaultBranch
+            if(pullreq.branch == defaultBranch){
+              commits.flatten.foreach { commit =>
+                closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
+              }
+              issue.content match {
+                case Some(content) => closeIssuesFromMessage(content, loginAccount.userName, owner, name)
+                case _ =>
+              }
+              closeIssuesFromMessage(form.message, loginAccount.userName, owner, name)
+            }
+
+            updatePullRequests(owner, name, pullreq.branch)
+
+            // call web hook
+            callPullRequestWebHook("closed", repository, issueId, context.baseUrl, context.loginAccount.get)
+
+            // notifications
+            Notifier().toNotify(repository, issue, "merge"){
+              Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+            }
+
+            redirect(s"/${owner}/${name}/pull/${issueId}")
+          }
+        }
+      }
+    } getOrElse NotFound
+  })
+
+  get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
+    val headBranch:Option[String] = params.get("head")
+    (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
+      case (Some(originUserName), Some(originRepositoryName)) => {
+        getRepository(originUserName, originRepositoryName, context.baseUrl).map { originRepository =>
+          using(
+            Git.open(getRepositoryDir(originUserName, originRepositoryName)),
+            Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
+          ){ (oldGit, newGit) =>
+            val newBranch = headBranch.getOrElse(JGitUtil.getDefaultBranch(newGit, forkedRepository).get._2)
+            val oldBranch = originRepository.branchList.find( _ == newBranch).getOrElse(JGitUtil.getDefaultBranch(oldGit, originRepository).get._2)
+
+            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${originUserName}:${oldBranch}...${newBranch}")
+          }
+        } getOrElse NotFound
+      }
+      case _ => {
+        using(Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))){ git =>
+          JGitUtil.getDefaultBranch(git, forkedRepository).map { case (_, defaultBranch) =>
+            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/${defaultBranch}...${headBranch.getOrElse(defaultBranch)}")
+          } getOrElse {
+            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}")
+          }
+        }
+      }
+    }
+  })
+
+  get("/:owner/:repository/compare/*...*")(referrersOnly { forkedRepository =>
+    val Seq(origin, forked) = multiParams("splat")
+    val (originOwner, originId) = parseCompareIdentifie(origin, forkedRepository.owner)
+    val (forkedOwner, forkedId) = parseCompareIdentifie(forked, forkedRepository.owner)
+
+    (for(
+      originRepositoryName <- if(originOwner == forkedOwner) {
+        // Self repository
+        Some(forkedRepository.name)
+      } else if(forkedRepository.repository.originUserName.isEmpty){
+        // when ForkedRepository is the original repository
+        getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
+      } else if(Some(originOwner) == forkedRepository.repository.originUserName){
+        // Original repository
+        forkedRepository.repository.originRepositoryName
+      } else {
+        // Sibling repository
+        getUserRepositories(originOwner, context.baseUrl).find { x =>
+          x.repository.originUserName == forkedRepository.repository.originUserName &&
+            x.repository.originRepositoryName == forkedRepository.repository.originRepositoryName
+        }.map(_.repository.repositoryName)
+      };
+      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
+    ) yield {
+      using(
+        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
+        Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
+      ){ case (oldGit, newGit) =>
+        val (oldId, newId) =
+          if(originRepository.branchList.contains(originId) && forkedRepository.branchList.contains(forkedId)){
+            // Branch name
+            val rootId = JGitUtil.getForkedCommitId(oldGit, newGit,
+              originRepository.owner, originRepository.name, originId,
+              forkedRepository.owner, forkedRepository.name, forkedId)
+
+            (Option(oldGit.getRepository.resolve(rootId)),  Option(newGit.getRepository.resolve(forkedId)))
+          } else {
+            // Commit id
+            (Option(oldGit.getRepository.resolve(originId)), Option(newGit.getRepository.resolve(forkedId)))
+          }
+
+        (oldId, newId) match {
+          case (Some(oldId), Some(newId)) => {
+            val (commits, diffs) = getRequestCompareInfo(
+              originRepository.owner, originRepository.name, oldId.getName,
+              forkedRepository.owner, forkedRepository.name, newId.getName)
+
+            html.compare(
+              commits,
+              diffs,
+              (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
+                case (Some(userName), Some(repositoryName)) => (userName, repositoryName) :: getForkedRepositories(userName, repositoryName)
+                case _ => (forkedRepository.owner, forkedRepository.name) :: getForkedRepositories(forkedRepository.owner, forkedRepository.name)
+              },
+              commits.flatten.map(commit => getCommitComments(forkedRepository.owner, forkedRepository.name, commit.id, false)).flatten.toList,
+              originId,
+              forkedId,
+              oldId.getName,
+              newId.getName,
+              forkedRepository,
+              originRepository,
+              forkedRepository,
+              hasWritePermission(originRepository.owner, originRepository.name, context.loginAccount),
+              (getCollaborators(originRepository.owner, originRepository.name) ::: (if(getAccountByUserName(originRepository.owner).get.isGroupAccount) Nil else List(originRepository.owner))).sorted,
+              getMilestones(originRepository.owner, originRepository.name),
+              getLabels(originRepository.owner, originRepository.name)
+            )
+          }
+          case (oldId, newId) =>
+            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/" +
+                     s"${originOwner}:${oldId.map(_ => originId).getOrElse(originRepository.repository.defaultBranch)}..." +
+                     s"${forkedOwner}:${newId.map(_ => forkedId).getOrElse(forkedRepository.repository.defaultBranch)}")
+        }
+      }
+    }) getOrElse NotFound
+  })
+
+  ajaxGet("/:owner/:repository/compare/*...*/mergecheck")(collaboratorsOnly { forkedRepository =>
+    val Seq(origin, forked) = multiParams("splat")
+    val (originOwner, tmpOriginBranch) = parseCompareIdentifie(origin, forkedRepository.owner)
+    val (forkedOwner, tmpForkedBranch) = parseCompareIdentifie(forked, forkedRepository.owner)
+
+    (for(
+      originRepositoryName <- if(originOwner == forkedOwner){
+        Some(forkedRepository.name)
+      } else {
+        forkedRepository.repository.originRepositoryName.orElse {
+          getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
+        }
+      };
+      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
+    ) yield {
+      using(
+        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
+        Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
+      ){ case (oldGit, newGit) =>
+        val originBranch = JGitUtil.getDefaultBranch(oldGit, originRepository, tmpOriginBranch).get._2
+        val forkedBranch = JGitUtil.getDefaultBranch(newGit, forkedRepository, tmpForkedBranch).get._2
+        val conflict = LockUtil.lock(s"${originRepository.owner}/${originRepository.name}"){
+          checkConflict(originRepository.owner, originRepository.name, originBranch,
+                        forkedRepository.owner, forkedRepository.name, forkedBranch)
+        }
+        html.mergecheck(conflict)
+      }
+    }) getOrElse NotFound
+  })
+
+  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
+    defining(repository.owner, repository.name){ case (owner, name) =>
+      val writable = hasWritePermission(owner, name, context.loginAccount)
+      val loginUserName = context.loginAccount.get.userName
+
+      val issueId = createIssue(
+        owner            = repository.owner,
+        repository       = repository.name,
+        loginUser        = loginUserName,
+        title            = form.title,
+        content          = form.content,
+        assignedUserName = if(writable) form.assignedUserName else None,
+        milestoneId      = if(writable) form.milestoneId else None,
+        isPullRequest    = true)
+
+      createPullRequest(
+        originUserName        = repository.owner,
+        originRepositoryName  = repository.name,
+        issueId               = issueId,
+        originBranch          = form.targetBranch,
+        requestUserName       = form.requestUserName,
+        requestRepositoryName = form.requestRepositoryName,
+        requestBranch         = form.requestBranch,
+        commitIdFrom          = form.commitIdFrom,
+        commitIdTo            = form.commitIdTo)
+
+      // insert labels
+      if(writable){
+        form.labelNames.map { value =>
+          val labels = getLabels(owner, name)
+          value.split(",").foreach { labelName =>
+            labels.find(_.labelName == labelName).map { label =>
+              registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
+            }
+          }
+        }
+      }
+
+      // fetch requested branch
+      fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
+
+      // record activity
+      recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
+
+      // call web hook
+      callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
+
+      getIssue(owner, name, issueId.toString) foreach { issue =>
+        // extract references and create refer comment
+        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""))
+
+        // notifications
+        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
+          Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+        }
+      }
+
+      redirect(s"/${owner}/${name}/pull/${issueId}")
+    }
+  })
+
+  // TODO Same method exists in IssueController. Should it moved to IssueService?
+  private def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String) = {
+    StringUtil.extractIssueId(message).foreach { issueId =>
+      val content = fromIssue.issueId + ":" + fromIssue.title
+      if(getIssue(owner, repository, issueId).isDefined){
+        // Not add if refer comment already exist.
+        if(!getComments(owner, repository, issueId.toInt).exists { x => x.action == "refer" && x.content == content }) {
+          createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt, content, "refer")
+        }
+      }
+    }
+  }
+
+  /**
+   * Parses branch identifier and extracts owner and branch name as tuple.
+   *
+   * - "owner:branch" to ("owner", "branch")
+   * - "branch" to ("defaultOwner", "branch")
+   */
+  private def parseCompareIdentifie(value: String, defaultOwner: String): (String, String) =
+    if(value.contains(':')){
+      val array = value.split(":")
+      (array(0), array(1))
+    } else {
+      (defaultOwner, value)
+    }
+
+  private def getRequestCompareInfo(userName: String, repositoryName: String, branch: String,
+      requestUserName: String, requestRepositoryName: String, requestCommitId: String): (Seq[Seq[CommitInfo]], Seq[DiffInfo]) =
+    using(
+      Git.open(getRepositoryDir(userName, repositoryName)),
+      Git.open(getRepositoryDir(requestUserName, requestRepositoryName))
+    ){ (oldGit, newGit) =>
+      val oldId = oldGit.getRepository.resolve(branch)
+      val newId = newGit.getRepository.resolve(requestCommitId)
+
+      val commits = newGit.log.addRange(oldId, newId).call.iterator.asScala.map { revCommit =>
+        new CommitInfo(revCommit)
+      }.toList.splitWith { (commit1, commit2) =>
+        helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
+      }
+
+      val diffs = JGitUtil.getDiffs(newGit, oldId.getName, newId.getName, true)
+
+      (commits, diffs)
+    }
+
+  private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) =
+    defining(repository.owner, repository.name){ case (owner, repoName) =>
+      val page       = IssueSearchCondition.page(request)
+      val sessionKey = Keys.Session.Pulls(owner, repoName)
+
+      // retrieve search condition
+      val condition = session.putAndGet(sessionKey,
+        if(request.hasQueryString) IssueSearchCondition(request)
+        else session.getAs[IssueSearchCondition](sessionKey).getOrElse(IssueSearchCondition())
+      )
+
+      gitbucket.core.issues.html.list(
+        "pulls",
+        searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
+        page,
+        if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+          (getCollaborators(owner, repoName) :+ owner).sorted
+        } else {
+          getCollaborators(owner, repoName)
+        },
+        getMilestones(owner, repoName),
+        getLabels(owner, repoName),
+        countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
+        countIssue(condition.copy(state = "closed"), true, owner -> repoName),
+        condition,
+        repository,
+        hasWritePermission(owner, repoName, context.loginAccount))
+    }
+
+  // TODO: same as gitbucket.core.servlet.CommitLogHook ...
+  private def createIssueComment(owner: String, repository: String, commit: CommitInfo) = {
+    StringUtil.extractIssueId(commit.fullMessage).foreach { issueId =>
+      if(getIssue(owner, repository, issueId).isDefined){
+        getAccountByMailAddress(commit.committerEmailAddress).foreach { account =>
+          createComment(owner, repository, account.userName, issueId.toInt, commit.fullMessage + " " + commit.id, "commit")
+        }
+      }
+    }
+  }
+}
--- a/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
@@ -0,0 +1,417 @@
+package gitbucket.core.controller
+
+import gitbucket.core.settings.html
+import gitbucket.core.model.WebHook
+import gitbucket.core.service.{RepositoryService, AccountService, WebHookService, ProtectedBranchService, CommitStatusService}
+import gitbucket.core.service.WebHookService._
+import gitbucket.core.util._
+import gitbucket.core.util.JGitUtil._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.Directory._
+import io.github.gitbucket.scalatra.forms._
+import org.apache.commons.io.FileUtils
+import org.scalatra.i18n.Messages
+import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.lib.Constants
+import org.eclipse.jgit.lib.ObjectId
+
+
+class RepositorySettingsController extends RepositorySettingsControllerBase
+  with RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
+  with OwnerAuthenticator with UsersAuthenticator
+
+trait RepositorySettingsControllerBase extends ControllerBase {
+  self: RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
+    with OwnerAuthenticator with UsersAuthenticator =>
+
+  // for repository options
+  case class OptionsForm(repositoryName: String, description: Option[String], isPrivate: Boolean)
+  
+  val optionsForm = mapping(
+    "repositoryName" -> trim(label("Repository Name", text(required, maxlength(40), identifier, renameRepositoryName))),
+    "description"    -> trim(label("Description"    , optional(text()))),
+    "isPrivate"      -> trim(label("Repository Type", boolean()))
+  )(OptionsForm.apply)
+
+  // for default branch
+  case class DefaultBranchForm(defaultBranch: String)
+
+  val defaultBranchForm = mapping(
+    "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100))))
+  )(DefaultBranchForm.apply)
+
+  // for collaborator addition
+  case class CollaboratorForm(userName: String)
+
+  val collaboratorForm = mapping(
+    "userName" -> trim(label("Username", text(required, collaborator)))
+  )(CollaboratorForm.apply)
+
+  // for web hook url addition
+  case class WebHookForm(url: String, events: Set[WebHook.Event])
+
+  def webHookForm(update:Boolean) = mapping(
+    "url"    -> trim(label("url", text(required, webHook(update)))),
+    "events" -> webhookEvents
+  )(WebHookForm.apply)
+
+  // for transfer ownership
+  case class TransferOwnerShipForm(newOwner: String)
+
+  val transferForm = mapping(
+    "newOwner" -> trim(label("New owner", text(required, transferUser)))
+  )(TransferOwnerShipForm.apply)
+
+  /**
+   * Redirect to the Options page.
+   */
+  get("/:owner/:repository/settings")(ownerOnly { repository =>
+    redirect(s"/${repository.owner}/${repository.name}/settings/options")
+  })
+  
+  /**
+   * Display the Options page.
+   */
+  get("/:owner/:repository/settings/options")(ownerOnly {
+    html.options(_, flash.get("info"))
+  })
+  
+  /**
+   * Save the repository options.
+   */
+  post("/:owner/:repository/settings/options", optionsForm)(ownerOnly { (form, repository) =>
+    saveRepositoryOptions(
+      repository.owner,
+      repository.name,
+      form.description,
+      repository.repository.parentUserName.map { _ =>
+        repository.repository.isPrivate
+      } getOrElse form.isPrivate
+    )
+    // Change repository name
+    if(repository.name != form.repositoryName){
+      // Update database
+      renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
+      // Move git repository
+      defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
+        FileUtils.moveDirectory(dir, getRepositoryDir(repository.owner, form.repositoryName))
+      }
+      // Move wiki repository
+      defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
+        FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
+      }
+    }
+    flash += "info" -> "Repository settings has been updated."
+    redirect(s"/${repository.owner}/${form.repositoryName}/settings/options")
+  })
+
+  /** branch settings */
+  get("/:owner/:repository/settings/branches")(ownerOnly { repository =>
+    val protecteions = getProtectedBranchList(repository.owner, repository.name)
+    html.branches(repository, protecteions, flash.get("info"))
+  });
+
+  /** Update default branch */
+  post("/:owner/:repository/settings/update_default_branch", defaultBranchForm)(ownerOnly { (form, repository) =>
+    if(repository.branchList.find(_ == form.defaultBranch).isEmpty){
+      redirect(s"/${repository.owner}/${repository.name}/settings/options")
+    } else {
+      saveRepositoryDefaultBranch(repository.owner, repository.name, form.defaultBranch)
+      // Change repository HEAD
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        git.getRepository.updateRef(Constants.HEAD, true).link(Constants.R_HEADS + form.defaultBranch)
+      }
+      flash += "info" -> "Repository default branch has been updated."
+      redirect(s"/${repository.owner}/${repository.name}/settings/branches")
+    }
+  })
+
+  /** Branch protection for branch */
+  get("/:owner/:repository/settings/branches/:branch")(ownerOnly { repository =>
+    import gitbucket.core.api._
+    val branch = params("branch")
+    if(repository.branchList.find(_ == branch).isEmpty){
+      redirect(s"/${repository.owner}/${repository.name}/settings/branches")
+    } else {
+      val protection = ApiBranchProtection(getProtectedBranchInfo(repository.owner, repository.name, branch))
+      val lastWeeks = getRecentStatuesContexts(repository.owner, repository.name, org.joda.time.LocalDateTime.now.minusWeeks(1).toDate).toSet
+      val knownContexts = (lastWeeks ++ protection.status.contexts).toSeq.sortBy(identity)
+      html.branchprotection(repository, branch, protection, knownContexts, flash.get("info"))
+    }
+  })
+
+  /** https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection */
+  patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
+    import gitbucket.core.api._
+    (for{
+      branch <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
+      protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
+    } yield {
+      if(protection.enabled){
+        enableBranchProtection(repository.owner, repository.name, branch, protection.status.enforcement_level == ApiBranchProtection.Everyone, protection.status.contexts)
+      } else {
+        disableBranchProtection(repository.owner, repository.name, branch)
+      }
+      JsonFormat(ApiBranch(branch, protection)(RepositoryName(repository)))
+    }) getOrElse NotFound
+  })
+
+  /**
+   * Display the Collaborators page.
+   */
+  get("/:owner/:repository/settings/collaborators")(ownerOnly { repository =>
+    html.collaborators(
+      getCollaborators(repository.owner, repository.name),
+      getAccountByUserName(repository.owner).get.isGroupAccount,
+      repository)
+  })
+
+  /**
+   * Add the collaborator.
+   */
+  post("/:owner/:repository/settings/collaborators/add", collaboratorForm)(ownerOnly { (form, repository) =>
+    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
+      addCollaborator(repository.owner, repository.name, form.userName)
+    }
+    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
+  })
+
+  /**
+   * Add the collaborator.
+   */
+  get("/:owner/:repository/settings/collaborators/remove")(ownerOnly { repository =>
+    if(!getAccountByUserName(repository.owner).get.isGroupAccount){
+      removeCollaborator(repository.owner, repository.name, params("name"))
+    }
+    redirect(s"/${repository.owner}/${repository.name}/settings/collaborators")
+  })
+
+  /**
+   * Display the web hook page.
+   */
+  get("/:owner/:repository/settings/hooks")(ownerOnly { repository =>
+    html.hooks(getWebHooks(repository.owner, repository.name), repository, flash.get("info"))
+  })
+
+  /**
+   * Display the web hook edit page.
+   */
+  get("/:owner/:repository/settings/hooks/new")(ownerOnly { repository =>
+    val webhook = WebHook(repository.owner, repository.name, "")
+    html.edithooks(webhook, Set(WebHook.Push), repository, flash.get("info"), true)
+  })
+
+  /**
+   * Add the web hook URL.
+   */
+  post("/:owner/:repository/settings/hooks/new", webHookForm(false))(ownerOnly { (form, repository) =>
+    addWebHook(repository.owner, repository.name, form.url, form.events)
+    flash += "info" -> s"Webhook ${form.url} created"
+    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
+  })
+
+  /**
+   * Delete the web hook URL.
+   */
+  get("/:owner/:repository/settings/hooks/delete")(ownerOnly { repository =>
+    deleteWebHook(repository.owner, repository.name, params("url"))
+    flash += "info" -> s"Webhook ${params("url")} deleted"
+    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
+  })
+
+  /**
+   * Send the test request to registered web hook URLs.
+   */
+  ajaxPost("/:owner/:repository/settings/hooks/test")(ownerOnly { repository =>
+    def _headers(h: Array[org.apache.http.Header]): Array[Array[String]] = h.map { h => Array(h.getName, h.getValue) }
+
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      import scala.collection.JavaConverters._
+      import scala.concurrent.duration._
+      import scala.concurrent._
+      import scala.util.control.NonFatal
+      import org.apache.http.util.EntityUtils
+      import scala.concurrent.ExecutionContext.Implicits.global
+
+      val url = params("url")
+      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url)
+      val dummyPayload = {
+        val ownerAccount = getAccountByUserName(repository.owner).get
+        val commits = if(repository.commitCount == 0) List.empty else git.log
+          .add(git.getRepository.resolve(repository.repository.defaultBranch))
+          .setMaxCount(4)
+          .call.iterator.asScala.map(new CommitInfo(_)).toList
+        val pushedCommit = commits.drop(1)
+
+        WebHookPushPayload(
+          git = git,
+          sender = ownerAccount,
+          refName = "refs/heads/" + repository.repository.defaultBranch,
+          repositoryInfo = repository,
+          commits = pushedCommit,
+          repositoryOwner = ownerAccount,
+          oldId = commits.lastOption.map(_.id).map(ObjectId.fromString).getOrElse(ObjectId.zeroId()),
+          newId = commits.headOption.map(_.id).map(ObjectId.fromString).getOrElse(ObjectId.zeroId())
+        )
+      }
+
+      val (webHook, json, reqFuture, resFuture) = callWebHook(WebHook.Push, List(dummyWebHookInfo), dummyPayload).head
+
+      val toErrorMap: PartialFunction[Throwable, Map[String,String]] = {
+        case e: java.net.UnknownHostException => Map("error"-> ("Unknown host " + e.getMessage))
+        case e: java.lang.IllegalArgumentException => Map("error"-> ("invalid url"))
+        case e: org.apache.http.client.ClientProtocolException => Map("error"-> ("invalid url"))
+        case NonFatal(e) => Map("error"-> (e.getClass + " "+ e.getMessage))
+      }
+
+      contentType = formats("json")
+      org.json4s.jackson.Serialization.write(Map(
+        "url" -> url,
+        "request" -> Await.result(reqFuture.map(req => Map(
+          "headers" -> _headers(req.getAllHeaders),
+          "payload" -> json
+        )).recover(toErrorMap), 20 seconds),
+        "responce" -> Await.result(resFuture.map(res => Map(
+          "status"  -> res.getStatusLine(),
+          "body"    -> EntityUtils.toString(res.getEntity()),
+          "headers" -> _headers(res.getAllHeaders())
+        )).recover(toErrorMap), 20 seconds)
+      ))
+    }
+  })
+
+  /**
+   * Display the web hook edit page.
+   */
+  get("/:owner/:repository/settings/hooks/edit")(ownerOnly { repository =>
+    getWebHook(repository.owner, repository.name, params("url")).map{ case (webhook, events) =>
+      html.edithooks(webhook, events, repository, flash.get("info"), false)
+    } getOrElse NotFound
+  })
+
+  /**
+   * Update web hook settings.
+   */
+  post("/:owner/:repository/settings/hooks/edit", webHookForm(true))(ownerOnly { (form, repository) =>
+    updateWebHook(repository.owner, repository.name, form.url, form.events)
+    flash += "info" -> s"webhook ${form.url} updated"
+    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
+  })
+
+  /**
+   * Display the danger zone.
+   */
+  get("/:owner/:repository/settings/danger")(ownerOnly {
+    html.danger(_)
+  })
+
+  /**
+   * Transfer repository ownership.
+   */
+  post("/:owner/:repository/settings/transfer", transferForm)(ownerOnly { (form, repository) =>
+    // Change repository owner
+    if(repository.owner != form.newOwner){
+      LockUtil.lock(s"${repository.owner}/${repository.name}"){
+        // Update database
+        renameRepository(repository.owner, repository.name, form.newOwner, repository.name)
+        // Move git repository
+        defining(getRepositoryDir(repository.owner, repository.name)){ dir =>
+          FileUtils.moveDirectory(dir, getRepositoryDir(form.newOwner, repository.name))
+        }
+        // Move wiki repository
+        defining(getWikiRepositoryDir(repository.owner, repository.name)){ dir =>
+          FileUtils.moveDirectory(dir, getWikiRepositoryDir(form.newOwner, repository.name))
+        }
+      }
+    }
+    redirect(s"/${form.newOwner}/${repository.name}")
+  })
+
+  /**
+   * Delete the repository.
+   */
+  post("/:owner/:repository/settings/delete")(ownerOnly { repository =>
+    LockUtil.lock(s"${repository.owner}/${repository.name}"){
+      deleteRepository(repository.owner, repository.name)
+
+      FileUtils.deleteDirectory(getRepositoryDir(repository.owner, repository.name))
+      FileUtils.deleteDirectory(getWikiRepositoryDir(repository.owner, repository.name))
+      FileUtils.deleteDirectory(getTemporaryDir(repository.owner, repository.name))
+    }
+    redirect(s"/${repository.owner}")
+  })
+
+  /**
+   * Provides duplication check for web hook url.
+   */
+  private def webHook(needExists: Boolean): Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] =
+      if(getWebHook(params("owner"), params("repository"), value).isDefined != needExists){
+        Some(if(needExists){
+          "URL had not been registered yet."
+        } else {
+          "URL had been registered already."
+        })
+      } else {
+        None
+      }
+  }
+
+  private def webhookEvents = new ValueType[Set[WebHook.Event]]{
+    def convert(name: String, params: Map[String, String], messages: Messages): Set[WebHook.Event] = {
+      WebHook.Event.values.flatMap { t =>
+        params.get(name + "." + t.name).map(_ => t)
+      }.toSet
+    }
+    def validate(name: String, params: Map[String, String], messages: Messages): Seq[(String, String)] = if(convert(name,params,messages).isEmpty){
+      Seq(name -> messages("error.required").format(name))
+    } else {
+      Nil
+    }
+  }
+
+  /**
+   * Provides Constraint to validate the collaborator name.
+   */
+  private def collaborator: Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] =
+      getAccountByUserName(value) match {
+        case None => Some("User does not exist.")
+        case Some(x) if(x.isGroupAccount)
+                  => Some("User does not exist.")
+        case Some(x) if(x.userName == params("owner") || getCollaborators(params("owner"), params("repository")).contains(x.userName))
+                  => Some("User can access this repository already.")
+        case _    => None
+      }
+  }
+
+  /**
+   * Duplicate check for the rename repository name.
+   */
+  private def renameRepositoryName: Constraint = new Constraint(){
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] =
+      params.get("repository").filter(_ != value).flatMap { _ =>
+        params.get("owner").flatMap { userName =>
+          getRepositoryNamesOfUser(userName).find(_ == value).map(_ => "Repository already exists.")
+        }
+      }
+  }
+
+  /**
+   * Provides Constraint to validate the repository transfer user.
+   */
+  private def transferUser: Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] =
+      getAccountByUserName(value) match {
+        case None    => Some("User does not exist.")
+        case Some(x) => if(x.userName == params("owner")){
+          Some("This is current repository owner.")
+        } else {
+          params.get("repository").flatMap { repositoryName =>
+            getRepositoryNamesOfUser(x.userName).find(_ == repositoryName).map{ _ => "User already has same repository." }
+          }
+        }
+      }
+  }
+}
--- a/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
@@ -1,35 +1,47 @@
-package app
+package gitbucket.core.controller

-import _root_.util.JGitUtil.CommitInfo
-import util.Directory._
-import util.Implicits._
-import _root_.util.ControlUtil._
-import _root_.util._
-import service._
-import org.scalatra._
-import java.io.File
+import javax.servlet.http.{HttpServletResponse, HttpServletRequest}

+import gitbucket.core.api._
+import gitbucket.core.plugin.PluginRegistry
+import gitbucket.core.repo.html
+import gitbucket.core.helper
+import gitbucket.core.service._
+import gitbucket.core.util._
+import gitbucket.core.util.JGitUtil._
+import gitbucket.core.util.StringUtil._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.Directory._
+import gitbucket.core.model.{Account, CommitState, WebHook}
+import gitbucket.core.service.WebHookService._
+import gitbucket.core.view
+import gitbucket.core.view.helpers
+
+import io.github.gitbucket.scalatra.forms._
+import org.apache.commons.io.FileUtils
 import org.eclipse.jgit.api.{ArchiveCommand, Git}
 import org.eclipse.jgit.archive.{TgzFormat, ZipFormat}
-import org.eclipse.jgit.lib._
-import org.apache.commons.io.FileUtils
-import org.eclipse.jgit.treewalk._
-import jp.sf.amateras.scalatra.forms._
 import org.eclipse.jgit.dircache.DirCache
+import org.eclipse.jgit.errors.MissingObjectException
+import org.eclipse.jgit.lib._
 import org.eclipse.jgit.revwalk.RevCommit
-import service.WebHookService.WebHookPayload
+import org.eclipse.jgit.treewalk._
+import org.scalatra._
+

 class RepositoryViewerController extends RepositoryViewerControllerBase
  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService
-
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService

 /**
 * The repository viewer.
 */
 trait RepositoryViewerControllerBase extends ControllerBase {
  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
-    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService =>
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService =>

  ArchiveCommand.registerFormat("zip", new ZipFormat)
  ArchiveCommand.registerFormat("tar.gz", new TgzFormat)
@@ -91,11 +103,16 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   */
  post("/:owner/:repository/_preview")(referrersOnly { repository =>
    contentType = "text/html"
-    view.helpers.markdown(params("content"), repository,
-      params("enableWikiLink").toBoolean,
-      params("enableRefsLink").toBoolean,
-      params("enableTaskList").toBoolean,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+    helpers.markdown(
+      markdown = params("content"),
+      repository = repository,
+      enableWikiLink = params("enableWikiLink").toBoolean,
+      enableRefsLink = params("enableRefsLink").toBoolean,
+      enableLineBreaks = params("enableLineBreaks").toBoolean,
+      enableTaskList = params("enableTaskList").toBoolean,
+      enableAnchor = false,
+      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount)
+    )
  })

  /**
@@ -105,6 +122,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    fileList(_)
  })

+  /**
+   * https://developer.github.com/v3/repos/#get
+   */
+  get("/api/v3/repos/:owner/:repository")(referrersOnly { repository =>
+    JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(repository.owner).get)))
+  })
+
  /**
   * Displays the file list of the specified path and branch.
   */
@@ -127,7 +151,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      JGitUtil.getCommitLog(git, branchName, page, 30, path) match {
        case Right((logs, hasNext)) =>
-          repo.html.commits(if(path.isEmpty) Nil else path.split("/").toList, branchName, repository,
+          html.commits(if(path.isEmpty) Nil else path.split("/").toList, branchName, repository,
            logs.splitWith{ (commit1, commit2) =>
              view.helpers.date(commit1.commitTime) == view.helpers.date(commit2.commitTime)
            }, page, hasNext, hasWritePermission(repository.owner, repository.name, context.loginAccount))
@@ -136,22 +160,85 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  })

+  /**
+   * https://developer.github.com/v3/repos/statuses/#create-a-status
+   */
+  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
+    (for{
+      ref <- params.get("sha")
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      data <- extractFromJsonBody[CreateAStatus] if data.isValid
+      creator <- context.loginAccount
+      state <- CommitState.valueOf(data.state)
+      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
+                                    state, data.target_url, data.description, new java.util.Date(), creator)
+      status <- getCommitStatus(repository.owner, repository.name, statusId)
+    } yield {
+      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
+    }) getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  val listStatusesRoute = get("/api/v3/repos/:owner/:repo/commits/:ref/statuses")(referrersOnly { repository =>
+    (for{
+      ref <- params.get("ref")
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
+        ApiCommitStatus(status, ApiUser(creator))
+      })
+    }) getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * legacy route
+   */
+  get("/api/v3/repos/:owner/:repo/statuses/:ref"){
+    listStatusesRoute.action()
+  }
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
+    (for{
+      ref <- params.get("ref")
+      owner <- getAccountByUserName(repository.owner)
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
+      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
+    }) getOrElse NotFound
+  })
+
  get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
    val (branch, path) = splitPath(repository, multiParams("splat").head)
-    repo.html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
-      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")))
+    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
+    html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
+      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")),
+      protectedBranch)
  })

  get("/:owner/:repository/edit/*")(collaboratorsOnly { repository =>
    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)

    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))

      getPathObjectId(git, path, revCommit).map { objectId =>
        val paths = path.split("/")
-        repo.html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
-          JGitUtil.getContentInfo(git, path, objectId))
+        html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
+          JGitUtil.getContentInfo(git, path, objectId),
+          protectedBranch)
      } getOrElse NotFound
    }
  })
@@ -163,33 +250,47 @@ trait RepositoryViewerControllerBase extends ControllerBase {

      getPathObjectId(git, path, revCommit).map { objectId =>
        val paths = path.split("/")
-        repo.html.delete(branch, repository, paths.take(paths.size - 1).toList, paths.last,
+        html.delete(branch, repository, paths.take(paths.size - 1).toList, paths.last,
          JGitUtil.getContentInfo(git, path, objectId))
      } getOrElse NotFound
    }
  })

  post("/:owner/:repository/create", editorForm)(collaboratorsOnly { (form, repository) =>
-    commitFile(repository, form.branch, form.path, Some(form.newFileName), None,
-      StringUtil.convertLineSeparator(form.content, form.lineSeparator), form.charset,
-      form.message.getOrElse(s"Create ${form.newFileName}"))
+    commitFile(
+      repository  = repository,
+      branch      = form.branch,
+      path        = form.path,
+      newFileName = Some(form.newFileName),
+      oldFileName = None,
+      content     = appendNewLine(convertLineSeparator(form.content, form.lineSeparator), form.lineSeparator),
+      charset     = form.charset,
+      message     = form.message.getOrElse(s"Create ${form.newFileName}")
+    )

    redirect(s"/${repository.owner}/${repository.name}/blob/${form.branch}/${
-      if(form.path.length == 0) form.newFileName else s"${form.path}/${form.newFileName}"
+      if(form.path.length == 0) urlEncode(form.newFileName) else s"${form.path}/${urlEncode(form.newFileName)}"
    }")
  })

  post("/:owner/:repository/update", editorForm)(collaboratorsOnly { (form, repository) =>
-    commitFile(repository, form.branch, form.path, Some(form.newFileName), form.oldFileName,
-      StringUtil.convertLineSeparator(form.content, form.lineSeparator), form.charset,
-      if(form.oldFileName.exists(_ == form.newFileName)){
+    commitFile(
+      repository  = repository,
+      branch      = form.branch,
+      path        = form.path,
+      newFileName = Some(form.newFileName),
+      oldFileName = form.oldFileName,
+      content     = appendNewLine(convertLineSeparator(form.content, form.lineSeparator), form.lineSeparator),
+      charset     = form.charset,
+      message     = if(form.oldFileName.exists(_ == form.newFileName)){
        form.message.getOrElse(s"Update ${form.newFileName}")
      } else {
        form.message.getOrElse(s"Rename ${form.oldFileName.get} to ${form.newFileName}")
-      })
+      }
+    )

    redirect(s"/${repository.owner}/${repository.name}/blob/${form.branch}/${
-      if(form.path.length == 0) form.newFileName else s"${form.path}/${form.newFileName}"
+      if(form.path.length == 0) urlEncode(form.newFileName) else s"${form.path}/${urlEncode(form.newFileName)}"
    }")
  })

@@ -200,53 +301,109 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}${if(form.path.length == 0) "" else form.path}")
  })

+  get("/:owner/:repository/raw/*")(referrersOnly { repository =>
+    val (id, path) = splitPath(repository, multiParams("splat").head)
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
+      getPathObjectId(git, path, revCommit).flatMap { objectId =>
+        JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+          contentType = FileUtil.getMimeType(path)
+          response.setContentLength(loader.getSize.toInt)
+          loader.copyTo(response.outputStream)
+          ()
+        }
+      } getOrElse NotFound
+    }
+  })
+
  /**
   * Displays the file content of the specified branch or commit.
   */
-  get("/:owner/:repository/blob/*")(referrersOnly { repository =>
+  val blobRoute = get("/:owner/:repository/blob/*")(referrersOnly { repository =>
    val (id, path) = splitPath(repository, multiParams("splat").head)
    val raw = params.get("raw").getOrElse("false").toBoolean
-
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
-      val lastModifiedCommit = JGitUtil.getLastModifiedCommit(git, revCommit, path)
      getPathObjectId(git, path, revCommit).map { objectId =>
        if(raw){
-          // Download
-          defining(JGitUtil.getContentFromId(git, objectId, false).get){ bytes =>
-            RawData(FileUtil.getContentType(path, bytes), bytes)
-          }
+          // Download (This route is left for backword compatibility)
+          JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+            contentType = FileUtil.getMimeType(path)
+            response.setContentLength(loader.getSize.toInt)
+            loader.copyTo(response.outputStream)
+            ()
+          } getOrElse NotFound
        } else {
-          repo.html.blob(id, repository, path.split("/").toList, JGitUtil.getContentInfo(git, path, objectId),
-            new JGitUtil.CommitInfo(lastModifiedCommit), hasWritePermission(repository.owner, repository.name, context.loginAccount))
+          html.blob(id, repository, path.split("/").toList,
+            JGitUtil.getContentInfo(git, path, objectId),
+            new JGitUtil.CommitInfo(JGitUtil.getLastModifiedCommit(git, revCommit, path)),
+            hasWritePermission(repository.owner, repository.name, context.loginAccount),
+            request.paths(2) == "blame")
        }
      } getOrElse NotFound
    }
  })

+  get("/:owner/:repository/blame/*"){
+    blobRoute.action()
+  }
+
+  /**
+   * Blame data.
+   */
+  ajaxGet("/:owner/:repository/get-blame/*")(referrersOnly { repository =>
+    val (id, path) = splitPath(repository, multiParams("splat").head)
+    contentType = formats("json")
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val last = git.log.add(git.getRepository.resolve(id)).addPath(path).setMaxCount(1).call.iterator.next.name
+      Map(
+        "root"  -> s"${context.baseUrl}/${repository.owner}/${repository.name}",
+        "id"    -> id,
+        "path"  -> path,
+        "last"  -> last,
+        "blame" -> JGitUtil.getBlame(git, id, path).map{ blame =>
+          Map(
+            "id"       -> blame.id,
+            "author"   -> view.helpers.user(blame.authorName, blame.authorEmailAddress).toString,
+            "avatar"   -> view.helpers.avatarLink(blame.authorName, 32, blame.authorEmailAddress).toString,
+            "authed"   -> helper.html.datetimeago(blame.authorTime).toString,
+            "prev"     -> blame.prev,
+            "prevPath" -> blame.prevPath,
+            "commited" -> blame.commitTime.getTime,
+            "message"  -> blame.message,
+            "lines"    -> blame.lines)
+        })
+    }
+  })
+
  /**
   * Displays details of the specified commit.
   */
  get("/:owner/:repository/commit/:id")(referrersOnly { repository =>
    val id = params("id")

-    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      defining(JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))){ revCommit =>
-        JGitUtil.getDiffs(git, id) match { case (diffs, oldCommitId) =>
-          repo.html.commit(id, new JGitUtil.CommitInfo(revCommit),
-            JGitUtil.getBranchesOfCommit(git, revCommit.getName),
-            JGitUtil.getTagsOfCommit(git, revCommit.getName),
-            getCommitComments(repository.owner, repository.name, id, false),
-            repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+    try {
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        defining(JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))) { revCommit =>
+          JGitUtil.getDiffs(git, id) match {
+            case (diffs, oldCommitId) =>
+              html.commit(id, new JGitUtil.CommitInfo(revCommit),
+                JGitUtil.getBranchesOfCommit(git, revCommit.getName),
+                JGitUtil.getTagsOfCommit(git, revCommit.getName),
+                getCommitComments(repository.owner, repository.name, id, false),
+                repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+          }
        }
      }
+    } catch {
+      case e:MissingObjectException => NotFound
    }
  })

  post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
    val id = params("id")
    createCommitComment(repository.owner, repository.name, id, context.loginAccount.get.userName, form.content,
-      form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId.isDefined)
+      form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId)
    form.issueId match {
      case Some(issueId) => recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
      case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
@@ -260,7 +417,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    val oldLineNumber = params.get("oldLineNumber") map (_.toInt)
    val newLineNumber = params.get("newLineNumber") map (_.toInt)
    val issueId   = params.get("issueId") map (_.toInt)
-    repo.html.commentform(
+    html.commentform(
      commitId = id,
      fileName, oldLineNumber, newLineNumber, issueId,
      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount),
@@ -271,26 +428,36 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  ajaxPost("/:owner/:repository/commit/:id/comment/_data/new", commentForm)(readableUsersOnly { (form, repository) =>
    val id = params("id")
    val commentId = createCommitComment(repository.owner, repository.name, id, context.loginAccount.get.userName,
-      form.content, form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId.isDefined)
+      form.content, form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId)
+    val comment = getCommitComment(repository.owner, repository.name, commentId.toString).get
    form.issueId match {
-      case Some(issueId) => recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
+      case Some(issueId) =>
+        recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
+        callPullRequestReviewCommentWebHook("create", comment, repository, issueId, context.baseUrl, context.loginAccount.get)
      case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
    }
-    helper.html.commitcomment(getCommitComment(repository.owner, repository.name, commentId.toString).get,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    helper.html.commitcomment(comment, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
  })

  ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
    getCommitComment(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => repo.html.editcomment(
+          case t if t == "html" => html.editcomment(
            x.content, x.commentId, x.userName, x.repositoryName)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-            Map("content" -> view.Markdown.toHtml(x.content,
-              repository, false, true, true, isEditable(x.userName, x.repositoryName, x.commentedUserName))
+            Map(
+              "content" -> view.Markdown.toHtml(
+                markdown = x.content,
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+              )
            ))
        }
      } else Unauthorized
@@ -322,14 +489,18 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays branches.
   */
  get("/:owner/:repository/branches")(referrersOnly { repository =>
-    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      // retrieve latest update date of each branch
-      val branchInfo = repository.branchList.map { branchName =>
-        val revCommit = git.log.add(git.getRepository.resolve(branchName)).setMaxCount(1).call.iterator.next
-        (branchName, revCommit.getCommitterIdent.getWhen)
-      }
-      repo.html.branches(branchInfo, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
-    }
+    val protectedBranches = getProtectedBranchList(repository.owner, repository.name).toSet
+    val branches = JGitUtil.getBranches(
+      owner         = repository.owner,
+      name          = repository.name,
+      defaultBranch = repository.repository.defaultBranch,
+      origin        = repository.repository.originUserName.isEmpty
+    )
+    .sortBy(br => (br.mergeInfo.isEmpty, br.commitTime))
+    .map(br => (br, getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId), protectedBranches.contains(br.name)))
+    .reverse
+
+    html.branches(branches, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
  })

  /**
@@ -369,7 +540,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays tags.
   */
  get("/:owner/:repository/tags")(referrersOnly {
-    repo.html.tags(_)
+    html.tags(_)
  })

  /**
@@ -386,7 +557,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  })

  get("/:owner/:repository/network/members")(referrersOnly { repository =>
-    repo.html.forked(
+    html.forked(
      getRepository(
        repository.repository.originUserName.getOrElse(repository.owner),
        repository.repository.originRepositoryName.getOrElse(repository.name),
@@ -397,7 +568,36 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      repository)
  })

-  private def splitPath(repository: service.RepositoryService.RepositoryInfo, path: String): (String, String) = {
+  /**
+   * Displays the file find of branch.
+   */
+  get("/:owner/:repository/find/*")(referrersOnly { repository =>
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val ref = multiParams("splat").head
+      JGitUtil.getTreeId(git, ref).map{ treeId =>
+        html.find(ref,
+                  treeId,
+                  repository,
+                  context.loginAccount match {
+                    case None => List()
+                    case account: Option[Account] => getGroupsByUserName(account.get.userName)
+                  })
+      } getOrElse NotFound
+    }
+  })
+
+  /**
+   * Get all file list of branch.
+   */
+  ajaxGet("/:owner/:repository/tree-list/:tree")(referrersOnly { repository =>
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val treeId = params("tree")
+      contentType = formats("json")
+      Map("paths" -> JGitUtil.getAllFileListByTreeId(git, treeId))
+    }
+  })
+
+  private def splitPath(repository: RepositoryService.RepositoryInfo, path: String): (String, String) = {
    val id = repository.branchList.collectFirst {
      case branch if(path == branch || path.startsWith(branch + "/")) => branch
    } orElse repository.tags.collectFirst {
@@ -408,7 +608,9 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  }


-  private val readmeFiles = view.helpers.renderableSuffixes.map(suffix => s"readme${suffix}") ++ Seq("readme.txt", "readme")
+  private val readmeFiles = PluginRegistry().renderableExtensions.map { extension =>
+    s"readme.${extension}"
+  } ++ Seq("readme.txt", "readme")

  /**
   * Provides HTML of the file list.
@@ -420,7 +622,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   */
  private def fileList(repository: RepositoryService.RepositoryInfo, revstr: String = "", path: String = ".") = {
    if(repository.commitCount == 0){
-      repo.html.guide(repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      html.guide(repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
    } else {
      using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
        // get specified commit
@@ -432,21 +634,22 @@ trait RepositoryViewerControllerBase extends ControllerBase {
            val parentPath = if (path == ".") Nil else path.split("/").toList
            // process README.md or README.markdown
            val readme = files.find { file =>
-              readmeFiles.contains(file.name.toLowerCase)
+              !file.isDirectory && readmeFiles.contains(file.name.toLowerCase)
            }.map { file =>
              val path = (file.name :: parentPath.reverse).reverse
              path -> StringUtil.convertFromByteArray(JGitUtil.getContentFromId(
                Git.open(getRepositoryDir(repository.owner, repository.name)), file.id, true).get)
            }

-            repo.html.files(revision, repository,
+            html.files(revision, repository,
              if(path == ".") Nil else path.split("/").toList, // current path
              context.loginAccount match {
                case None => List()
-                case account: Option[model.Account] => getGroupsByUserName(account.get.userName)
+                case account: Option[Account] => getGroupsByUserName(account.get.userName)
              }, // groups of current user
              new JGitUtil.CommitInfo(lastModifiedCommit), // last modified commit
              files, readme, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+              getPullRequestFromBranch(repository.owner, repository.name, revstr, repository.repository.defaultBranch),
              flash.get("info"), flash.get("error"))
          }
        } getOrElse NotFound
@@ -454,7 +657,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  }

-  private def commitFile(repository: service.RepositoryService.RepositoryInfo,
+  private def commitFile(repository: RepositoryService.RepositoryInfo,
                         branch: String, path: String, newFileName: Option[String], oldFileName: Option[String],
                         content: String, charset: String, message: String) = {

@@ -485,7 +688,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
          headName, loginAccount.fullName, loginAccount.mailAddress, message)

        inserter.flush()
-        inserter.release()
+        inserter.close()

        // update refs
        val refUpdate = git.getRepository.updateRef(headName)
@@ -506,14 +709,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        closeIssuesFromMessage(message, loginAccount.userName, repository.owner, repository.name)

        // call web hook
+        callPullRequestWebHookByRequestBranch("synchronize", repository, branch, context.baseUrl, loginAccount)
        val commit = new JGitUtil.CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))
-        getWebHookURLs(repository.owner, repository.name) match {
-          case webHookURLs if(webHookURLs.nonEmpty) =>
-            for(ownerAccount <- getAccountByUserName(repository.owner)){
-              callWebHook(repository.owner, repository.name, webHookURLs,
-                WebHookPayload(git, loginAccount, headName, repository, List(commit), ownerAccount))
-            }
-          case _ =>
+        callWebHookOf(repository.owner, repository.name, WebHook.Push) {
+          getAccountByUserName(repository.owner).map{ ownerAccount =>
+            WebHookPushPayload(git, loginAccount, headName, repository, List(commit), ownerAccount,
+                               oldId = headTip, newId = commitId)
+          }
        }
      }
    }
@@ -562,6 +764,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  }

-  private def isEditable(owner: String, repository: String, author: String)(implicit context: app.Context): Boolean =
+  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+
+
+
+  override protected def renderUncaughtException(e: Throwable)(implicit request: HttpServletRequest, response: HttpServletResponse): Unit = {
+    e.printStackTrace()
+  }
+
 }
--- a/src/main/scala/gitbucket/core/controller/SearchController.scala
+++ b/src/main/scala/gitbucket/core/controller/SearchController.scala
@@ -1,10 +1,11 @@
-package app
+package gitbucket.core.controller

-import util._
+import gitbucket.core.search.html
+import gitbucket.core.service._
+import gitbucket.core.util.{StringUtil, ControlUtil, ReferrerAuthenticator, Implicits}
 import ControlUtil._
 import Implicits._
-import service._
-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._

 class SearchController extends SearchControllerBase
  with RepositoryService with AccountService with ActivityService with RepositorySearchService with IssuesService with ReferrerAuthenticator
@@ -34,12 +35,12 @@ trait SearchControllerBase extends ControllerBase { self: RepositoryService
      }

      target.toLowerCase match {
-        case "issue" => search.html.issues(
+        case "issue" => html.issues(
          searchIssues(repository.owner, repository.name, query),
          countFiles(repository.owner, repository.name, query),
          query, page, repository)

-        case _ => search.html.code(
+        case _ => html.code(
          searchFiles(repository.owner, repository.name, query),
          countIssues(repository.owner, repository.name, query),
          query, page, repository)
--- a/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
@@ -1,10 +1,11 @@
-package app
+package gitbucket.core.controller

-import service.{AccountService, SystemSettingsService}
+import gitbucket.core.admin.html
+import gitbucket.core.service.{AccountService, SystemSettingsService}
+import gitbucket.core.util.AdminAuthenticator
+import gitbucket.core.ssh.SshServer
 import SystemSettingsService._
-import util.AdminAuthenticator
-import jp.sf.amateras.scalatra.forms._
-import ssh.SshServer
+import io.github.gitbucket.scalatra.forms._

 class SystemSettingsController extends SystemSettingsControllerBase
  with AccountService with AdminAuthenticator
@@ -20,9 +21,11 @@ trait SystemSettingsControllerBase extends ControllerBase {
    "isCreateRepoOptionPublic" -> trim(label("Default option to create a new repository", boolean())),
    "gravatar"                 -> trim(label("Gravatar", boolean())),
    "notification"             -> trim(label("Notification", boolean())),
+    "activityLogLimit"         -> trim(label("Limit of activity logs", optional(number()))),
    "ssh"                      -> trim(label("SSH access", boolean())),
    "sshPort"                  -> trim(label("SSH port", optional(number()))),
-    "smtp"                     -> optionalIfNotChecked("notification", mapping(
+    "useSMTP"                  -> trim(label("SMTP", boolean())),
+    "smtp"                     -> optionalIfNotChecked("useSMTP", mapping(
        "host"                     -> trim(label("SMTP Host", text(required))),
        "port"                     -> trim(label("SMTP Port", optional(number()))),
        "user"                     -> trim(label("SMTP User", optional(text()))),
@@ -59,7 +62,7 @@ trait SystemSettingsControllerBase extends ControllerBase {
  case class PluginForm(pluginIds: List[String])

  get("/admin/system")(adminOnly {
-    admin.html.system(flash.get("info"))
+    html.system(flash.get("info"))
  })

  post("/admin/system", form)(adminOnly { form =>
@@ -70,7 +73,7 @@ trait SystemSettingsControllerBase extends ControllerBase {
    }

    if(form.ssh && !SshServer.isActive && form.baseUrl.isDefined){
-      SshServer.start(request.getServletContext,
+      SshServer.start(
        form.sshPort.getOrElse(SystemSettingsService.DefaultSshPort),
        form.baseUrl.get)
    } else if(!form.ssh && SshServer.isActive){
--- a/src/main/scala/gitbucket/core/controller/UserManagementController.scala
+++ b/src/main/scala/gitbucket/core/controller/UserManagementController.scala
@@ -1,12 +1,13 @@
-package app
+package gitbucket.core.controller

-import service._
-import util.AdminAuthenticator
-import util.StringUtil._
-import util.ControlUtil._
-import util.Directory._
-import util.Implicits._
-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.service.{RepositoryService, AccountService}
+import gitbucket.core.admin.users.html
+import gitbucket.core.util._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.StringUtil._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.Directory._
+import io.github.gitbucket.scalatra.forms._
 import org.scalatra.i18n.Messages
 import org.apache.commons.io.FileUtils

@@ -75,11 +76,11 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {
      account.userName -> getGroupMembers(account.userName).map(_.userName)
    }.toMap

-    admin.users.html.list(users, members, includeRemoved)
+    html.list(users, members, includeRemoved)
  })
  
  get("/admin/users/_newuser")(adminOnly {
-    admin.users.html.user(None)
+    html.user(None)
  })
  
  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
@@ -90,7 +91,7 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {
  
  get("/admin/users/:userName/_edituser")(adminOnly {
    val userName = params("userName")
-    admin.users.html.user(getAccountByUserName(userName, true))
+    html.user(getAccountByUserName(userName, true))
  })
  
  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
@@ -99,12 +100,12 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {

      if(form.isRemoved){
        // Remove repositories
-        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
-          deleteRepository(userName, repositoryName)
-          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
-          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
-          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
-        }
+//        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
+//          deleteRepository(userName, repositoryName)
+//          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
+//          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
+//          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
+//        }
        // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
        removeUserRelatedData(userName)
      }
@@ -124,7 +125,7 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {
  })

  get("/admin/users/_newgroup")(adminOnly {
-    admin.users.html.group(None, Nil)
+    html.group(None, Nil)
  })

  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
@@ -140,7 +141,7 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {

  get("/admin/users/:groupName/_editgroup")(adminOnly {
    defining(params("groupName")){ groupName =>
-      admin.users.html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
+      html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
    }
  })

@@ -193,7 +194,7 @@ trait UserManagementControllerBase extends AccountManagementControllerBase {
  protected def disableByNotYourself(paramName: String): Constraint = new Constraint() {
    override def validate(name: String, value: String, messages: Messages): Option[String] = {
      params.get(paramName).flatMap { userName =>
-        if(userName == context.loginAccount.get.userName)
+        if(userName == context.loginAccount.get.userName && params.get("removed") == Some("true"))
          Some("You can't disable your account yourself")
        else
          None
--- a/src/main/scala/gitbucket/core/controller/WikiController.scala
+++ b/src/main/scala/gitbucket/core/controller/WikiController.scala
@@ -1,14 +1,15 @@
-package app
+package gitbucket.core.controller

-import service._
-import util._
-import util.Directory._
-import util.ControlUtil._
-import util.Implicits._
-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.wiki.html
+import gitbucket.core.service.{RepositoryService, WikiService, ActivityService, AccountService}
+import gitbucket.core.util._
+import gitbucket.core.util.StringUtil._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.Directory._
+import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.scalatra.i18n.Messages
-import java.util.ResourceBundle

 class WikiController extends WikiControllerBase 
  with WikiService with RepositoryService with AccountService with ActivityService with CollaboratorsAuthenticator with ReferrerAuthenticator
@@ -36,8 +37,10 @@ trait WikiControllerBase extends ControllerBase {
  
  get("/:owner/:repository/wiki")(referrersOnly { repository =>
    getWikiPage(repository.owner, repository.name, "Home").map { page =>
-      wiki.html.page("Home", page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      html.page("Home", page, getWikiPageList(repository.owner, repository.name),
+        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        getWikiPage(repository.owner, repository.name, "_Sidebar"),
+        getWikiPage(repository.owner, repository.name, "_Footer"))
    } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/Home/_edit")
  })
  
@@ -45,8 +48,10 @@ trait WikiControllerBase extends ControllerBase {
    val pageName = StringUtil.urlDecode(params("page"))

    getWikiPage(repository.owner, repository.name, pageName).map { page =>
-      wiki.html.page(pageName, page, getWikiPageList(repository.owner, repository.name),
-        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+      html.page(pageName, page, getWikiPageList(repository.owner, repository.name),
+        repository, hasWritePermission(repository.owner, repository.name, context.loginAccount),
+        getWikiPage(repository.owner, repository.name, "_Sidebar"),
+        getWikiPage(repository.owner, repository.name, "_Footer"))
    } getOrElse redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}/_edit")
  })
  
@@ -55,7 +60,7 @@ trait WikiControllerBase extends ControllerBase {

    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      JGitUtil.getCommitLog(git, "master", path = pageName + ".md") match {
-        case Right((logs, hasNext)) => wiki.html.history(Some(pageName), logs, repository)
+        case Right((logs, hasNext)) => html.history(Some(pageName), logs, repository)
        case Left(_) => NotFound
      }
    }
@@ -66,7 +71,7 @@ trait WikiControllerBase extends ControllerBase {
    val Array(from, to) = params("commitId").split("\\.\\.\\.")

    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
-      wiki.html.compare(Some(pageName), from, to, JGitUtil.getDiffs(git, from, to, true).filter(_.newPath == pageName + ".md"), repository,
+      html.compare(Some(pageName), from, to, JGitUtil.getDiffs(git, from, to, true).filter(_.newPath == pageName + ".md"), repository,
        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
    }
  })
@@ -75,7 +80,7 @@ trait WikiControllerBase extends ControllerBase {
    val Array(from, to) = params("commitId").split("\\.\\.\\.")

    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
-      wiki.html.compare(None, from, to, JGitUtil.getDiffs(git, from, to, true), repository,
+      html.compare(None, from, to, JGitUtil.getDiffs(git, from, to, true), repository,
        hasWritePermission(repository.owner, repository.name, context.loginAccount), flash.get("info"))
    }
  })
@@ -105,22 +110,34 @@ trait WikiControllerBase extends ControllerBase {

  get("/:owner/:repository/wiki/:page/_edit")(collaboratorsOnly { repository =>
    val pageName = StringUtil.urlDecode(params("page"))
-    wiki.html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
+    html.edit(pageName, getWikiPage(repository.owner, repository.name, pageName), repository)
  })
  
  post("/:owner/:repository/wiki/_edit", editForm)(collaboratorsOnly { (form, repository) =>
    defining(context.loginAccount.get){ loginAccount =>
-      saveWikiPage(repository.owner, repository.name, form.currentPageName, form.pageName,
-          form.content, loginAccount, form.message.getOrElse(""), Some(form.id)).map { commitId =>
+      saveWikiPage(
+        repository.owner,
+        repository.name,
+        form.currentPageName,
+        form.pageName,
+        appendNewLine(convertLineSeparator(form.content, "LF"), "LF"),
+        loginAccount,
+        form.message.getOrElse(""),
+        Some(form.id)
+      ).map { commitId =>
        updateLastActivityDate(repository.owner, repository.name)
        recordEditWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName, commitId)
      }
-      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+      if(notReservedPageName(form.pageName)) {
+        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+      } else {
+        redirect(s"/${repository.owner}/${repository.name}/wiki")
+      }
    }
  })
  
  get("/:owner/:repository/wiki/_new")(collaboratorsOnly {
-    wiki.html.edit("", None, _)
+    html.edit("", None, _)
  })
  
  post("/:owner/:repository/wiki/_new", newForm)(collaboratorsOnly { (form, repository) =>
@@ -131,7 +148,11 @@ trait WikiControllerBase extends ControllerBase {
      updateLastActivityDate(repository.owner, repository.name)
      recordCreateWikiPageActivity(repository.owner, repository.name, loginAccount.userName, form.pageName)

-      redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+      if(notReservedPageName(form.pageName)) {
+        redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(form.pageName)}")
+      } else {
+        redirect(s"/${repository.owner}/${repository.name}/wiki")
+      }
    }
  })
  
@@ -147,14 +168,14 @@ trait WikiControllerBase extends ControllerBase {
  })
  
  get("/:owner/:repository/wiki/_pages")(referrersOnly { repository =>
-    wiki.html.pages(getWikiPageList(repository.owner, repository.name), repository,
+    html.pages(getWikiPageList(repository.owner, repository.name), repository,
      hasWritePermission(repository.owner, repository.name, context.loginAccount))
  })
  
  get("/:owner/:repository/wiki/_history")(referrersOnly { repository =>
    using(Git.open(getWikiRepositoryDir(repository.owner, repository.name))){ git =>
      JGitUtil.getCommitLog(git, "master") match {
-        case Right((logs, hasNext)) => wiki.html.history(None, logs, repository)
+        case Right((logs, hasNext)) => html.history(None, logs, repository)
        case Left(_) => NotFound
      }
    }
@@ -177,13 +198,15 @@ trait WikiControllerBase extends ControllerBase {
    override def validate(name: String, value: String, messages: Messages): Option[String] =
      if(value.exists("\\/:*?\"<>|".contains(_))){
        Some(s"${name} contains invalid character.")
-      } else if(value.startsWith("_") || value.startsWith("-")){
+      } else if(notReservedPageName(value) && (value.startsWith("_") || value.startsWith("-"))){
        Some(s"${name} starts with invalid character.")
      } else {
        None
      }
  }

+  private def notReservedPageName(value: String) = ! (Array[String]("_Sidebar","_Footer") contains value)
+
  private def conflictForNew: Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] = {
      targetWikiPage.map { _ =>
--- a/src/main/scala/gitbucket/core/model/AccessToken.scala
+++ b/src/main/scala/gitbucket/core/model/AccessToken.scala
@@ -0,0 +1,21 @@
+package gitbucket.core.model
+
+
+trait AccessTokenComponent { self: Profile =>
+  import profile.simple._
+  lazy val AccessTokens = TableQuery[AccessTokens]
+
+  class AccessTokens(tag: Tag) extends Table[AccessToken](tag, "ACCESS_TOKEN") {
+    val accessTokenId = column[Int]("ACCESS_TOKEN_ID", O AutoInc)
+    val userName = column[String]("USER_NAME")
+    val tokenHash = column[String]("TOKEN_HASH")
+    val note = column[String]("NOTE")
+    def * = (accessTokenId, userName, tokenHash, note) <> (AccessToken.tupled, AccessToken.unapply)
+  }
+}
+case class AccessToken(
+  accessTokenId: Int = 0,
+  userName: String,
+  tokenHash: String,
+  note: String
+)
--- a/src/main/scala/gitbucket/core/model/Account.scala
+++ b/src/main/scala/gitbucket/core/model/Account.scala
@@ -1,4 +1,4 @@
-package model
+package gitbucket.core.model

 trait AccountComponent { self: Profile =>
  import profile.simple._
--- a/src/main/scala/gitbucket/core/model/Activity.scala
+++ b/src/main/scala/gitbucket/core/model/Activity.scala
@@ -1,4 +1,4 @@
-package model
+package gitbucket.core.model

 trait ActivityComponent extends TemplateComponent { self: Profile =>
  import profile.simple._
--- a/src/main/scala/gitbucket/core/model/BasicTemplate.scala
+++ b/src/main/scala/gitbucket/core/model/BasicTemplate.scala
@@ -1,4 +1,4 @@
-package model
+package gitbucket.core.model

 protected[model] trait TemplateComponent { self: Profile =>
  import profile.simple._
@@ -26,12 +26,16 @@ protected[model] trait TemplateComponent { self: Profile =>

  trait LabelTemplate extends BasicTemplate { self: Table[_] =>
    val labelId = column[Int]("LABEL_ID")
+    val labelName = column[String]("LABEL_NAME")

    def byLabel(owner: String, repository: String, labelId: Int) =
      byRepository(owner, repository) && (this.labelId === labelId.bind)

    def byLabel(userName: Column[String], repositoryName: Column[String], labelId: Column[Int]) =
      byRepository(userName, repositoryName) && (this.labelId === labelId)
+
+    def byLabel(owner: String, repository: String, labelName: String) =
+      byRepository(userName, repositoryName) && (this.labelName === labelName.bind)
  }

  trait MilestoneTemplate extends BasicTemplate { self: Table[_] =>
@@ -49,6 +53,14 @@ protected[model] trait TemplateComponent { self: Profile =>

    def byCommit(owner: String, repository: String, commitId: String) =
      byRepository(owner, repository) && (this.commitId === commitId)
+
+    def byCommit(owner: Column[String], repository: Column[String], commitId: Column[String]) =
+      byRepository(userName, repositoryName) && (this.commitId === commitId)
  }

+  trait BranchTemplate extends BasicTemplate{ self: Table[_] =>
+    val branch = column[String]("BRANCH")
+    def byBranch(owner: String, repository: String, branchName: String) = byRepository(owner, repository) && (branch === branchName.bind)
+    def byBranch(owner: Column[String], repository: Column[String], branchName: Column[String]) = byRepository(owner, repository) && (this.branch === branchName)
+  }
 }
--- a/Show More
+++ b/Show More