GitBucket 4.3 release

Update README.md for 4.3 release
(refs #1250 ) Bump markedj
2025-11-05 04:56:02 +01:00 · 2016-07-30 10:34:40 +09:00 · 2016-07-30 10:21:01 +09:00 · 2016-07-30 10:14:05 +09:00 · 2016-07-29 01:26:31 +09:00 · 2016-07-28 17:37:35 +09:00
415 changed files with 39523 additions and 18919 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,7 @@
+# Guideline for Issues
+
+- At first, See [FAQ](https://github.com/gitbucket/gitbucket/wiki/FAQ) and check issues whether there is a same question or request in the past.
+- If you can't find same question and report, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
+- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- Write an issue in English. At least, write subject in English.
+- First priority of GitBucket is easy installation and reproduce GitHub behavior, so we might reject if your request is against it.
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,19 @@
+### Before submitting an issue to Gitbucket I have first:
+
+- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/.github/CONTRIBUTING.md)
+- [] searched for similar already existing issue
+- [] read the documentation and [wiki](https://github.com/gitbucket/gitbucket/wiki) 
+
+*(if you have performed all the above, remove the paragraph and continue describing the issue with template below)*
+
+## Issue
+**Impacted version**: xxxx
+
+**Deployment mode**: *explain here how you use gitbucket : standalone app, under webcontainer (which one), with an http frontend (nginx, httpd, ...)*
+
+**Problem description**:
+- *be as explicit has you can*
+- *describe the problem and its symptoms*
+- *explain how to reproduce*
+- *attach whatever information that can help understanding the context (screen capture, log files)*
+- *do your best to use a correct english (re-read yourself)*
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,8 @@
+### Before submitting a pull-request to Gitbucket I have first:
+
+- [] read the [contribution guidelines](https://github.com/gitbucket/gitbucket/blob/master/.github/CONTRIBUTING.md)
+- [] rebased my branch over master
+- [] verified that project is compiling
+- [] verified that tests are passing
+- [] squashed my commits as appropriate *(keep several commits if it is relevant to understand the PR)*
+- [] [marked as closed](https://help.github.com/articles/closing-issues-via-commit-messages/) all issue ID that this PR should correct
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,11 @@
 language: scala
-sudo: false
+sudo: true
 script:
-  - . env.sh
  - sbt test
+jdk:
+  - oraclejdk8
+before_script:
+  - sudo apt-get install libaio1
+  - sudo /etc/init.d/mysql stop
+  - sudo /etc/init.d/postgresql stop
+
--- a/README.md
+++ b/README.md
@@ -1,8 +1,10 @@
-GitBucket [![Gitter chat](https://badges.gitter.im/takezoe/gitbucket.png)](https://gitter.im/takezoe/gitbucket) [![Build Status](https://travis-ci.org/takezoe/gitbucket.svg?branch=master)](https://travis-ci.org/takezoe/gitbucket)
+GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.png)](https://gitter.im/gitbucket/gitbucket) [![Build Status](https://travis-ci.org/gitbucket/gitbucket.svg?branch=master)](https://travis-ci.org/gitbucket/gitbucket)
 =========

-GitBucket is the easily installable GitHub clone powered by Scala.
-
+GitBucket is a Git platform powered by Scala offering:
+- easy installation
+- high extensibility by plugins
+- API compatibility with Github

 Features
 --------
@@ -10,35 +12,21 @@ The current version of GitBucket provides a basic features below:

 - Public / Private Git repository (http and ssh access)
 - Repository viewer and online file editing
- Repository search (Code and Issues)
 - Wiki
- Issues
- Fork / Pull request
- Mail notification
- Activity timeline
- User management (for Administrators)
- Group (like Organization in Github)
- LDAP integration
- Gravatar support
+- Issues / Pull request
+- Email notification
+- Simple user and group management with LDAP integration
+- Plug-in system

-Following features are not implemented, but we will make them in the future release!
-
- Network graph
- Statistics
- Watch / Star
-
-If you want to try the development version of GitBucket, see the documentation for developers at [Wiki](https://github.com/takezoe/gitbucket/wiki).
+If you want to try the development version of GitBucket, see [Developer's Guide](https://github.com/gitbucket/gitbucket/blob/master/doc/how_to_run.md).

 Installation
 --------
+GitBucket requires **Java8**. You have to install beforehand when it's not installed.

-1. Download latest **gitbucket.war** from [the release page](https://github.com/takezoe/gitbucket/releases).
+1. Download latest **gitbucket.war** from [the release page](https://github.com/gitbucket/gitbucket/releases).
 2. Deploy it to the Servlet 3.0 container such as Tomcat 7.x, Jetty 8.x, GlassFish 3.x or higher.
-3. Access **http://[hostname]:[port]/gitbucket/** using your web browser.
-
-If you are using Gitbucket behind a webserver please make sure you have increased the **client_max_body_size** (on nignx)
-
-The default administrator account is **root** and password is **root**.
+3. Access **http://[hostname]:[port]/gitbucket/** using your web browser and logged-in with **root** / **root**.

 or you can start GitBucket by `java -jar gitbucket.war` without servlet container. In this case, GitBucket URL is **http://[hostname]:8080/**. You can specify following options.

@@ -47,45 +35,138 @@ or you can start GitBucket by `java -jar gitbucket.war` without servlet containe
 - --host=[HOSTNAME]
 - --gitbucket.home=[DATA_DIR]

-To upgrade GitBucket, only replace gitbucket.war. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.
+To upgrade GitBucket, only replace gitbucket.war after stop GitBucket. All GitBucket data is stored in HOME/.gitbucket. So if you want to back up GitBucket data, copy this directory to the other disk.

-For Installation on Windows Server with IIS see [this wiki page](https://github.com/takezoe/gitbucket/wiki/Installation-on-IIS-and-Helicontech-Zoo)
+About installation on Mac or Windows Server (with IIS), configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).

-### Mac OS X
-#### Installing Via Homebrew
+Plug-ins
+--------
+GitBucket has the plug-in system to extend GitBucket from outside of GitBucket. Some plug-ins are available now:

-```
-$ brew install gitbucket
-==> Downloading https://github.com/takezoe/gitbucket/releases/download/1.10/gitbucket.war
-######################################################################## 100.0%
-==> Caveats
-Note: When using launchctl the port will be 8080.
+- [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)
+- [gitbucket-announce-plugin](https://github.com/gitbucket-plugins/gitbucket-announce-plugin)
+- [gitbucket-h2-backup-plugin](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin)
+- [gitbucket-desktopnotify-plugin](https://github.com/yoshiyoshifujii/gitbucket-desktopnotify-plugin)
+- [gitbucket-commitgraphs-plugin](https://github.com/yoshiyoshifujii/gitbucket-commitgraphs-plugin)
+- [gitbucket-asciidoctor-plugin](https://github.com/lefou/gitbucket-asciidoctor-plugin)
+- [gitbucket-network-plugin](https://github.com/mrkm4ntr/gitbucket-network-plugin)
+- [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)

-To have launchd start gitbucket at login:
-    ln -sfv /usr/local/opt/gitbucket/*.plist ~/Library/LaunchAgents
-Then to load gitbucket now:
-    launchctl load ~/Library/LaunchAgents/homebrew.mxcl.gitbucket.plist
-Or, if you don't want/need launchctl, you can just run:
-    java -jar /usr/local/opt/gitbucket/libexec/gitbucket.war
-==> Summary
-/usr/local/Cellar/gitbucket/1.10: 3 files, 42M, built in 11 seconds
-```
+You can find community plugins other than them at [gitbucket community plugins](http://gitbucket-plugins.github.io/).

-#### Manual Installation
-On OS X, copy the [gitbucket.plist](https://raw.github.com/takezoe/gitbucket/master/contrib/macosx/gitbucket.plist) file to `~/Library/LaunchAgents/`
+Support
+--------

-Run the following commands in `Terminal` to
-
- start gitbucket: `launchctl load ~/Library/LaunchAgents/gitbucket.plist`
- stop gitbucket: `launchctl unload ~/Library/LaunchAgents/gitbucket.plist`
+- If you have any question about GitBucket, send it to [gitter room](https://gitter.im/gitbucket/gitbucket) before raise an issue.
+- Make sure check whether there is a same question or request in the past.
+- When raise a new issue, write subject in **English** at least.
+- We can also support in Japaneses other than English at [gitter room for Japanese](https://gitter.im/gitbucket/gitbucket_ja).
+- First priority of GitBucket is easy installation and API compatibility with GitHub, so we might reject if your request is against it.

 Release Notes
--------
+-------------
+### 4.3 - 30 Jul 2016
+- Emoji support by [gitbucket-emoji-plugin](https://github.com/gitbucket/gitbucket-emoji-plugin)
+- User name suggestion
+- Add new web APIs and basic authentication support for API access
+- Root Endpoint
+  - [List endpoints](https://developer.github.com/v3/#root-endpoint)
+  - [List Branches](https://developer.github.com/v3/repos/branches/#list-branches)
+  - [Get contents](https://developer.github.com/v3/repos/contents/#get-contents)
+  - [Get a Reference](https://developer.github.com/v3/git/refs/#get-a-reference)
+  - [List Collaborators](https://developer.github.com/v3/repos/collaborators/#list-collaborators)
+  - [List user repositories](https://developer.github.com/v3/repos/#list-user-repositories)
+  - [Get a group](https://developer.github.com/v3/orgs/#get-an-organization)
+  - [List group repositories](https://developer.github.com/v3/repos/#list-organization-repositories)
+- Add new extension points
+  - `assetsMapping` : Supplies resources in plugin classpath as web assets
+  - `suggestionProvider` : Provides suggestion in the Markdown editing textarea 
+  - `textDecorator` : Decorate text nodes in HTML which is converted from Markdown
+
+### 4.2.1 - 3 Jul 2016
+- Fix migration bug
+
+This is hotfix for a critical bug in migration. If you are new installation, use 4.2.0. But if you have an exisiting installation and it had been updated to 4.0 from 3.x, you must update to 4.2.1.
+
+### 4.2 - 2 Jul 2016
+- New UI based on [AdminLTE](https://github.com/almasaeed2010/AdminLTE)
+- git gc
+- Issues and Wiki have been possible to be disabled
+- SMTP configuration test mail
+
+### 4.1 - 4 Jun 2016
+- Generic ssh user
+- Improve branch protection UI
+- Default value of pull request title
+
+### 4.0 - 30 Apr 2016
+- MySQL and PostgreSQL support
+- Data export and import
+- Migration system has been switched to [solidbase](https://github.com/gitbucket/solidbase)
+
+**Note:** You can upgrade to GitBucket 4.0 from 3.14. If your GitBucket is 3.13 or before, you have to upgrade 3.14 at first.
+
+### 3.14 - 30 Apr 2016
+- File attachment and search for wiki pages
+- New extension points to add menus
+- Content-Type of webhooks has been choosable
+
+### 3.13 - 1 Apr 2016
+- Refresh user interface for wide screen
+- Add `pull_request` key in list issues API for pull requests
+- Add `X-Hub-Signature` security to webhooks
+- Provide SHA-256 checksum for `gitbucket.war`
+
+### 3.12 - 27 Feb 2016
+- New GitHub UI
+- Improve mobile view
+- Improve printing style
+- Individual URL for pull request tabs
+- SSH host configuration is separated from HTTP base URL
+
+### 3.11 - 30 Jan 2016
+- Upgrade Scalatra to 2.4
+- Sidebar and Footer for Wiki
+- Branch protection and receive hook extension point for plug-in
+- Limit recent updated repositories list
+- Issue actions look-alike GitHub
+- Web API for labels
+- Requires Java 8
+
+### 3.10 - 30 Dec 2015
+- Move to Bootstrap3
+- New URL for raw contents (`raw/master/doc/activity.md` instead of `blob/master/doc/activity.md?raw=true`)
+- Update xsbt-web-plugin
+- Update H2 database
+
+### 3.9 - 5 Dec 2015
+- GFM inline breaks support in Markdown
+- WebHook on create review comment is available
+- WebHook event trigger is selectable
+
+### 3.8 - 31 Oct 2015
+- Moved to GitHub organization
+- Omit diff view for large differences
+- Repository creation API
+- Render url as link in repository description
+- Expand attachable file types
+
+### 3.7 - 3 Oct 2015
+- Markdown processor has been switched to [markedj](https://github.com/gitbucket/markedj) from pegdown
+- Clone in desktop button
+- Providing MD5 and SHA-1 checksum for `gitbucket.war` has started
+
+### 3.6 - 30 Aug 2015
+- User interface Improvements: Especially, commit list, issues and pull request have been updated largely.
+- Installed plugins list has been available at the system administration console.
+- Pages and repository list in the sidebar have been limited and more pages and repositories link is available.
+- More reference link notation in Markdown has been supported.
+
 ### 3.5 - 1 Aug 2015
 - Octicons has been applied
 - Global header has been enhanced. Now it's further similar to GitHub.
 - Default compare / pull request target has been changed to the parent repository
- A lot of updates for [gitbucket-gist-plugin](https://github.com/takezoe/gitbucket-gist-plugin)
+- A lot of updates for [gitbucket-gist-plugin](https://github.com/gitbucket/gitbucket-gist-plugin)

 ### 3.4 - 27 Jun 2015
 - Declarative style plug-in definition
@@ -299,7 +380,3 @@ Release Notes

 ### 1.0 - 04 Jul 2013
 - This is a first public release
-
-Sponsors
--------
-[![IntelliJ IDEA](https://www.jetbrains.com/idea/docs/logo_intellij_idea.png)](https://www.jetbrains.com/idea/)
--- a/build.sbt
+++ b/build.sbt
@@ -0,0 +1,172 @@
+val Organization = "gitbucket"
+val Name = "gitbucket"
+val GitBucketVersion = "4.3.0"
+val ScalatraVersion = "2.4.1"
+val JettyVersion = "9.3.9.v20160517"
+
+lazy val root = (project in file(".")).enablePlugins(SbtTwirl, JettyPlugin)
+
+sourcesInBase := false
+organization := Organization
+name := Name
+version := GitBucketVersion
+scalaVersion := "2.11.8"
+
+// dependency settings
+resolvers ++= Seq(
+  Classpaths.typesafeReleases,
+  "amateras" at "http://amateras.sourceforge.jp/mvn/",
+  "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/",
+  "amateras-snapshot" at "http://amateras.sourceforge.jp/mvn-snapshot/"
+)
+libraryDependencies ++= Seq(
+  "org.scala-lang.modules"   %% "scala-java8-compat"           % "0.7.0",
+  "org.eclipse.jgit"          % "org.eclipse.jgit.http.server" % "4.1.2.201602141800-r",
+  "org.eclipse.jgit"          % "org.eclipse.jgit.archive"     % "4.1.2.201602141800-r",
+  "org.scalatra"             %% "scalatra"                     % ScalatraVersion,
+  "org.scalatra"             %% "scalatra-json"                % ScalatraVersion,
+  "org.json4s"               %% "json4s-jackson"               % "3.3.0",
+  "io.github.gitbucket"      %% "scalatra-forms"               % "1.0.0",
+  "commons-io"                % "commons-io"                   % "2.4",
+  "io.github.gitbucket"       % "solidbase"                    % "1.0.0",
+  "io.github.gitbucket"       % "markedj"                      % "1.0.9",
+  "org.apache.commons"        % "commons-compress"             % "1.11",
+  "org.apache.commons"        % "commons-email"                % "1.4",
+  "org.apache.httpcomponents" % "httpclient"                   % "4.5.1",
+  "org.apache.sshd"           % "apache-sshd"                  % "1.0.0",
+  "org.apache.tika"           % "tika-core"                    % "1.13",
+  "com.typesafe.slick"       %% "slick"                        % "2.1.0",
+  "com.novell.ldap"           % "jldap"                        % "2009-10-07",
+  "com.h2database"            % "h2"                           % "1.4.192",
+  "mysql"                     % "mysql-connector-java"         % "5.1.39",
+  "org.postgresql"            % "postgresql"                   % "9.4.1208",
+  "ch.qos.logback"            % "logback-classic"              % "1.1.7",
+  "com.zaxxer"                % "HikariCP"                     % "2.4.6",
+  "com.typesafe"              % "config"                       % "1.3.0",
+  "com.typesafe.akka"        %% "akka-actor"                   % "2.3.15",
+  "fr.brouillard.oss.security.xhub" % "xhub4j-core"            % "1.0.0",
+  "com.enragedginger"        %% "akka-quartz-scheduler"        % "1.4.0-akka-2.3.x" exclude("c3p0","c3p0"),
+  "org.eclipse.jetty"         % "jetty-webapp"                 % JettyVersion     % "provided",
+  "javax.servlet"             % "javax.servlet-api"            % "3.1.0"          % "provided",
+  "junit"                     % "junit"                        % "4.12"           % "test",
+  "org.scalatra"             %% "scalatra-scalatest"           % ScalatraVersion  % "test",
+  "org.scalaz"               %% "scalaz-core"                  % "7.2.4"          % "test",
+  "com.wix"                   % "wix-embedded-mysql"           % "1.0.3"          % "test",
+  "ru.yandex.qatools.embed"   % "postgresql-embedded"          % "1.14"           % "test"
+)
+
+// Compiler settings
+scalacOptions := Seq("-deprecation", "-language:postfixOps", "-Ybackend:GenBCode", "-Ydelambdafy:method", "-target:jvm-1.8")
+javacOptions in compile ++= Seq("-target", "8", "-source", "8")
+javaOptions in Jetty += "-Dlogback.configurationFile=/logback-dev.xml"
+
+// Test settings
+//testOptions in Test += Tests.Argument("-l", "ExternalDBTest")
+javaOptions in Test += "-Dgitbucket.home=target/gitbucket_home_for_test"
+testOptions in Test += Tests.Setup( () => new java.io.File("target/gitbucket_home_for_test").mkdir() )
+fork in Test := true
+
+// Packaging options
+packageOptions += Package.MainClass("JettyLauncher")
+
+// Assembly settings
+test in assembly := {}
+assemblyMergeStrategy in assembly := {
+  case PathList("META-INF", xs @ _*) =>
+    (xs map {_.toLowerCase}) match {
+      case ("manifest.mf" :: Nil) => MergeStrategy.discard
+      case _ => MergeStrategy.discard
+    }
+  case x => MergeStrategy.first
+}
+
+// JRebel
+Seq(jrebelSettings: _*)
+
+jrebel.webLinks += (target in webappPrepare).value
+jrebel.enabled := System.getenv().get("JREBEL") != null
+javaOptions in Jetty ++= Option(System.getenv().get("JREBEL")).toSeq.flatMap { path =>
+  Seq("-noverify", "-XX:+UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", s"-javaagent:${path}")
+}
+
+// Create executable war file
+val executableConfig = config("executable").hide
+Keys.ivyConfigurations += executableConfig
+libraryDependencies ++= Seq(
+  "org.eclipse.jetty" % "jetty-security"     % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-webapp"       % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-continuation" % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-server"       % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-xml"          % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-http"         % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-servlet"      % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-io"           % JettyVersion % "executable",
+  "org.eclipse.jetty" % "jetty-util"         % JettyVersion % "executable"
+)
+
+val executableKey = TaskKey[File]("executable")
+executableKey := {
+  import org.apache.ivy.util.ChecksumHelper
+  import java.util.jar.{ Manifest => JarManifest }
+  import java.util.jar.Attributes.{ Name => AttrName }
+
+  val workDir   = Keys.target.value / "executable"
+  val warName   = Keys.name.value + ".war"
+
+  val log       = streams.value.log
+  log info s"building executable webapp in ${workDir}"
+
+  // initialize temp directory
+  val temp  = workDir / "webapp"
+  IO delete temp
+
+  // include jetty classes
+  val jettyJars = Keys.update.value select configurationFilter(name = executableConfig.name)
+  jettyJars foreach { jar =>
+    IO unzip (jar, temp, (name:String) =>
+      (name startsWith "javax/") ||
+      (name startsWith "org/")
+    )
+  }
+
+  // include original war file
+  val warFile   = (Keys.`package`).value
+  IO unzip (warFile, temp)
+
+  // include launcher classes
+  val classDir      = (Keys.classDirectory in Compile).value
+  val launchClasses = Seq("JettyLauncher.class" /*, "HttpsSupportConnector.class" */)
+  launchClasses foreach { name =>
+    IO copyFile (classDir / name, temp / name)
+  }
+
+  // zip it up
+  IO delete (temp / "META-INF" / "MANIFEST.MF")
+  val contentMappings   = (temp.*** --- PathFinder(temp)).get pair relativeTo(temp)
+  val manifest          = new JarManifest
+  manifest.getMainAttributes put (AttrName.MANIFEST_VERSION,    "1.0")
+  manifest.getMainAttributes put (AttrName.MAIN_CLASS,          "JettyLauncher")
+  val outputFile    = workDir / warName
+  IO jar (contentMappings, outputFile, manifest)
+
+  // generate checksums
+  Seq(
+    "md5"    -> "MD5",
+    "sha1"   -> "SHA-1",
+    "sha256" -> "SHA-256"
+  )
+  .foreach { case (extension, algorithm) =>
+    val checksumFile = workDir / (warName + "." + extension)
+    Checksums generate (outputFile, checksumFile, algorithm)
+  }
+
+  // done
+  log info s"built executable webapp ${outputFile}"
+  outputFile
+}
+/*
+Keys.artifact in (Compile, executableKey) ~= {
+    _ copy (`type` = "war", extension = "war"))
+}
+addArtifact(Keys.artifact in (Compile, executableKey), executableKey)
+*/
--- a/contrib/gitbucket.conf
+++ b/contrib/gitbucket.conf
@@ -44,7 +44,7 @@ GITBUCKET_WAR_DIR=$GITBUCKET_DIR/lib
 GITBUCKET_WAR_FILE=$GITBUCKET_WAR_DIR/gitbucket.war

 # GitBucket version to fetch when installing
-GITBUCKET_VERSION=2.1
+GITBUCKET_VERSION=3.5

 #
 # End of configuration section. Ignore this part
--- a/contrib/install
+++ b/contrib/install
@@ -38,7 +38,7 @@ createDir "$GITBUCKET_DIR"
 createDir "$GITBUCKET_LOG_DIR"

 echo "Fetching GitBucket v$GITBUCKET_VERSION and saving as $GITBUCKET_WAR_FILE"
-sudo wget -qO "$GITBUCKET_WAR_FILE" https://github.com/takezoe/gitbucket/releases/download/$GITBUCKET_VERSION/gitbucket.war
+sudo wget -qO "$GITBUCKET_WAR_FILE" https://github.com/gitbucket/gitbucket/releases/download/$GITBUCKET_VERSION/gitbucket.war

 sudo rm -f "$GITBUCKET_LOG_DIR/run.log"

--- a/contrib/linux/redhat/gitbucket.spec
+++ b/contrib/linux/redhat/gitbucket.spec
@@ -3,7 +3,7 @@ Summary:	GitHub clone written with Scala.
 Version:	2.6
 Release:	1%{?dist}
 License:	Apache
-URL:		https://github.com/takezoe/gitbucket
+URL:		https://github.com/gitbucket/gitbucket
 Group:		System/Servers
 Source0:	%{name}.war
 Source1:	%{name}.init
--- a/doc/authenticator.md
+++ b/doc/authenticator.md
@@ -0,0 +1,60 @@
+Authentication in Controller
+========
+GitBucket provides many [authenticators](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/util/Authenticator.scala) to access controlling in the controller.
+
+For example, in the case of `RepositoryViwerController`,
+it references three authenticators: `ReadableUsersAuthenticator`, `ReferrerAuthenticator` and `CollaboratorsAuthenticator`.
+
+```scala
+class RepositoryViewerController extends RepositoryViewerControllerBase
+  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with WebHookPullRequestService with WebHookPullRequestReviewCommentService
+
+trait RepositoryViewerControllerBase extends ControllerBase {
+  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with WebHookPullRequestService with WebHookPullRequestReviewCommentService =>
+
+  ...
+```
+
+Authenticators provides a method to add guard to actions in the controller:
+
+- `ReadableUsersAuthenticator` provides `readableUsersOnly` method
+- `ReferrerAuthenticator` provides `referrersOnly` method
+- `CollaboratorsAuthenticator` provides `collaboratorsOnly` method
+
+These methods are available in each actions as below:
+
+```scala
+// Allows only the repository owner (or manager for group repository) and administrators.
+get("/:owner/:repository/tree/*")(referrersOnly { repository =>
+  ...
+})
+
+// Allows only collaborators and administrators.
+get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
+  ...
+})
+
+// Allows only signed in users which can access the repository.
+post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
+  ...
+})
+```
+
+Currently, GitBucket provides below authenticators:
+
+|Trait                     | Method          | Description                                                                          |
+|--------------------------|-----------------|--------------------------------------------------------------------------------------|
+|OneselfAuthenticator      |oneselfOnly      |Allows only oneself and administrators.                                               |
+|OwnerAuthenticator        |ownerOnly        |Allows only the repository owner and administrators.                                  |
+|UsersAuthenticator        |usersOnly        |Allows only signed in users.                                                          |
+|AdminAuthenticator        |adminOnly        |Allows only administrators.                                                           |
+|CollaboratorsAuthenticator|collaboratorsOnly|Allows only collaborators and administrators.                                         |
+|ReferrerAuthenticator     |referrersOnly    |Allows only the repository owner (or manager for group repository) and administrators.|
+|ReadableUsersAuthenticator|readableUsersOnly|Allows only signed in users which can access the repository.                          |
+|GroupManagerAuthenticator |managersOnly     |Allows only the group managers.                                                       |
+
+Of course, if you make a new plugin, you can define a your own authenticator according to requirement in your plugin.
--- a/doc/auto_update.md
+++ b/doc/auto_update.md
@@ -1,37 +1,54 @@
 Automatic Schema Updating
 ========
-GitBucket uses H2 database to manage project and account data. GitBucket updates database schema automatically in the first run after the upgrading.
+GitBucket updates database schema automatically using [Solidbase](https://github.com/gitbucket/solidbase) in the first run after the upgrading.

-To release a new version of GitBucket, add the version definition to the [servlet.AutoUpdate](https://github.com/takezoe/gitbucket/blob/master/src/main/scala/servlet/AutoUpdateListener.scala) at first.
+To release a new version of GitBucket, add the version definition to the [gitbucket.core.GitBucketCoreModule](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/GitBucketCoreModule.scala) at first.

 ```scala
-object AutoUpdate {
-  ...
-  /**
-   * The history of versions. A head of this sequence is the current BitBucket version.
-   */
-  val versions = Seq(
-      Version(1, 0)
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  new Version("4.1.0"),
+  new Version("4.2.0",
+    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
  )
-  ...
-```
-
-Next, add a SQL file which updates database schema into [/src/main/resources/update/](https://github.com/takezoe/gitbucket/tree/master/src/main/resources/update) as ```MAJOR_MINOR.sql```.
-
-GitBucket stores the current version to ```GITBUCKET_HOME/version``` and checks it at start-up. If the stored version differs from the actual version, it executes differences of SQL files between the stored version and the actual version. And ```GITBUCKET_HOME/version``` is updated by the actual version.
-
-We can also add any Scala code for upgrade GitBucket which modifies ｒesources other than database. Override ```Version.update``` like below:
-
-```scala
-val versions = Seq(
-  new Version(1, 3){
-    override def update(conn: Connection): Unit = {
-      super.update(conn)
-      // Add any code here!
-    }
-  },
-  Version(1, 2),
-  Version(1, 1),
-  Version(1, 0)
 )
 ```
+
+Next, add a XML file which updates database schema into [/src/main/resources/update/](https://github.com/gitbucket/gitbucket/tree/master/src/main/resources/update) with a filenane defined in `GitBucketCoreModule`.
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
+        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
+    </addColumn>
+</changeSet>
+```
+
+Solidbase stores the current version to `VERSIONS` table and checks it at start-up. If the stored version differs from the actual version, it executes differences between the stored version and the actual version.
+
+We can add the SQL file instead of the XML file using `SqlMigration`. It try to load a SQL file from classpath as following order:
+
+1. Specified path (if specified)
+2. `${moduleId}_${version}_${database}.sql`
+3. `${moduleId}_${version}.sql`
+
+Also we can add any code by extending `Migration`:
+
+```scala
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0", new Migration(){
+    override def migrate(moduleId: String, version: String, context: java.util.Map[String, String]): Unit = {
+      ...
+    }
+  })
+)
+```
+
+See more details [README of Solidbase](https://github.com/gitbucket/solidbase).
--- a/doc/comment_action.md
+++ b/doc/comment_action.md
@@ -1,48 +1,56 @@
 About Action in Issue Comment
 ========
 After the issue creation at GitBucket, users can add comments or close it.
-The details are saved at ```ISSUE_COMMENT``` table.
+The details are saved at `ISSUE_COMMENT` table.

-To determine if it was any operation, you see the ```ACTION``` column.
+To determine if it was any operation, you see the `ACTION` column.
+And in the case of some actions, `CONTENT` column value contains additional information.

-|ACTION|
-|--------|
-|comment|
-|close_comment|
-|reopen_comment|
-|close|
-|reopen|
-|commit|
-|merge|
-|delete_branch|
-|refer|
+|ACTION         |CONTENT          |
+|---------------|-----------------|
+|comment        |comment          |
+|close_comment  |comment          |
+|reopen_comment |comment          |
+|close          |"Close"          |
+|reopen         |"Reopen"         |
+|commit         |comment commitId |
+|merge          |comment          |
+|delete_branch  |branchName       |
+|refer          |issueId:title    |
+
+### comment

-#####comment
 This value is saved when users have made a normal comment.

-#####close_comment, reopen_comment
+### close_comment, reopen_comment
+
 These values are saved when users have reopened or closed the issue with comments.

-#####close, reopen
+### close, reopen
+
 These values are saved when users have reopened or closed the issue.
-At the same time, store the fixed value(i.e. "Close" or "Reopen") to the ```CONTENT``` column.
+At the same time, store the fixed value(i.e. "Close" or "Reopen") to the `CONTENT` column.
 Therefore, this comment is not displayed, and not counted as a comment.

-#####commit
-This value is saved when users have pushed including the ```#issueId``` to the commit message.
-At the same time, store it to the ```CONTENT``` column with its commit id.
+### commit
+
+This value is saved when users have pushed including the `#issueId` to the commit message.
+At the same time, store it to the `CONTENT` column with its commit id.
 This comment is displayed. But it can not be edited by all users, and also not counted as a comment.

-#####merge
+### merge
+
 This value is saved when users have merged the pull request.
-At the same time, store the message to the ```CONTENT``` column.
+At the same time, store the message to the `CONTENT` column.
 This comment is displayed. But it can not be edited by all users, and also not counted as a comment.

-#####delete_branch
+### delete_branch
+
 This value is saved when users have deleted the branch. Users can delete branch after merging pull request which is requested from the same repository.
-At the same time, store it to the ```CONTENT``` column with the deleted branch name.
+At the same time, store it to the `CONTENT` column with the deleted branch name.
 Therefore, this comment is not displayed, and not counted as a comment.

-#####refer
-This value is saved when other issue or issue comment contains reference to the issue like ```#issueId```.
-At the same time, store id and title of the referrer issue as ```id:title```.
+### refer
+
+This value is saved when other issue or issue comment contains reference to the issue like `#issueId`.
+At the same time, store id and title of the referrer issue as `id:title`.
--- a/doc/directory.md
+++ b/doc/directory.md
@@ -8,10 +8,10 @@ This directory has following structure:
 * /HOME/gitbucket
  * /repositories 
    * /USER_NAME
-      * / REPO_NAME.git (substance of repository. GitServlet sees this directory)
-      * / REPO_NAME
+      * /REPO_NAME.git (substance of repository. GitServlet sees this directory)
+      * /REPO_NAME
        * /issues (files which are attached to issue)
-      * / REPO_NAME.wiki.git (wiki repository)
+      * /REPO_NAME.wiki.git (wiki repository)
  * /data
    * /USER_NAME
      * /files
--- a/doc/how_to_run.md
+++ b/doc/how_to_run.md
@@ -1,63 +1,42 @@
 How to run from the source tree
 ========

-for Testers
+Run for Development
 --------

 If you want to test GitBucket, input following command at the root directory of the source tree.

 ```
-C:\gitbucket> sbt ~container:start
+$ sbt ~jetty:start
 ```

 Then access to `http://localhost:8080/` by your browser. The default administrator account is `root` and password is `root`.

-for Developers
--------
-If you want to modify source code and confirm it, you can run GitBucket in auto reloading mode as following:
-
-Windows:
-
-```
-C:\gitbucket> sbt
-...
-> container:start
-...
-> ~ ;copy-resources;aux-compile
-```
-
-Linux:
-
-```
-~/gitbucket$ ./sbt.sh
-...
-> container:start
-...
-> ~ ;copy-resources;aux-compile
-```
+Source code modification is detected and reloaded automatically. You can modify logging configuration by editing `src/main/resources/logback-dev.xml`.

 Build war file
 --------

 To build war file, run the following command:

-Windows:
-
 ```
-C:\gitbucket> sbt package
-```
-
-Linux:
-
-```
-~/gitbucket$ ./sbt.sh package
+$ sbt package
 ```

 `gitbucket_2.11-x.x.x.war` is generated into `target/scala-2.11`.

 To build executable war file, run

-*  Windows: Not available
-*  Linux: `./release/make-release-war.sh`
+```
+$ sbt executable
+```

-at the top of the source tree. It generates executable `gitbucket.war` into `target/scala-2.11`. We release this war file as release artifact.
+at the top of the source tree. It generates executable `gitbucket.war` into `target/executable`. We release this war file as release artifact.
+
+Run tests spec
+---------
+To run the full serie of tests, run the following command:
+
+```
+sbt test
+```
--- a/doc/jrebel.md
+++ b/doc/jrebel.md
@@ -0,0 +1,148 @@
+JRebel integration (optional)
+=============================
+
+[JRebel](http://zeroturnaround.com/software/jrebel/) is a JVM plugin that makes developing web apps much faster.
+JRebel is generally able to eliminate the need for the following slow "app restart" in sbt following a code change:
+
+```
+> jetty:start
+```
+
+While JRebel is not open source, it does reload your code faster than the `~;copy-resources;aux-compile` way of doing things using `sbt`.
+
+It's only used during development, and doesn't change your deployed app in any way.
+
+JRebel used to be free for Scala developers, but that changed recently, and now there's a cost associated with usage for Scala. There are trial plans and free non-commercial licenses available if you just want to try it out.
+
+----
+
+## 1. Get a JRebel license
+
+Sign up for a [usage plan](https://my.jrebel.com/). You will need to create an account.
+
+## 2. Download JRebel
+
+Download the most recent ["nosetup" JRebel zip](http://zeroturnaround.com/software/jrebel/download/prev-releases/).
+Next, unzip the downloaded file.
+
+## 3. Activate
+
+Follow the [instructions on the JRebel website](http://zeroturnaround.com/software/jrebel/download/prev-releases/) to activate your downloaded JRebel.
+
+You can use the default settings for all the configurations.
+
+You don't need to integrate with your IDE, since we're using sbt to do the servlet deployment.
+
+## 4. Tell jvm where JRebel is
+
+Fortunately, the gitbucket project is already set up to use JRebel.
+You only need to tell jvm where to find the jrebel jar.
+
+To do so, edit your shell resource file (usually `~/.bash_profile` on Mac, and `~/.bashrc` on Linux), and add the following line:
+
+```bash
+export JREBEL=/path/to/jrebel/jrebel.jar
+```
+
+For example, if you unzipped your JRebel download in your home directory, you whould use:
+
+```bash
+export JREBEL=~/jrebel/jrebel.jar
+```
+
+Now reload your shell:
+
+```
+$ source ~/.bash_profile # on Mac
+$ source ~/.bashrc       # on Linux
+```
+
+## 5. See it in action!
+
+Now you're ready to use JRebel with the gitbucket.
+When you run sbt as normal, you will see a long message from JRebel, indicating it has loaded.
+Here's an abbreviated version of what you will see:
+
+```
+$ ./sbt
+[info] Loading project definition from /git/gitbucket/project
+[info] Set current project to gitbucket (in build file:/git/gitbucket/)
+>
+```
+
+You will start the servlet container slightly differently now that you're using sbt.
+
+```
+> jetty:start
+:
+[info] starting server ...
+[success] Total time: 3 s, completed Jan 3, 2016 9:47:55 PM
+2016-01-03 21:47:57 JRebel:
+2016-01-03 21:47:57 JRebel: A newer version '6.3.1' is available for download
+2016-01-03 21:47:57 JRebel: from http://zeroturnaround.com/software/jrebel/download/
+2016-01-03 21:47:57 JRebel:
+2016-01-03 21:47:58 JRebel: Contacting myJRebel server ..
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/scala-2.11/classes' will be monitored for changes.
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/scala-2.11/test-classes' will be monitored for changes.
+2016-01-03 21:47:59 JRebel: Directory '/git/gitbucket/target/webapp' will be monitored for changes.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  #############################################################
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  JRebel Legacy Agent 6.2.5 (201509291538)
+2016-01-03 21:48:00 JRebel:  (c) Copyright ZeroTurnaround AS, Estonia, Tartu.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Over the last 30 days JRebel prevented
+2016-01-03 21:48:00 JRebel:  at least 182 redeploys/restarts saving you about 7.4 hours.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Over the last 324 days JRebel prevented
+2016-01-03 21:48:00 JRebel:  at least 1538 redeploys/restarts saving you about 62.4 hours.
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  Licensed to nazo king (using myJRebel).
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:
+2016-01-03 21:48:00 JRebel:  #############################################################
+2016-01-03 21:48:00 JRebel:
+:
+
+> ~ copy-resources
+[success] Total time: 0 s, completed Jan 3, 2016 9:13:54 PM
+1. Waiting for source changes... (press enter to interrupt)
+```
+
+Finally, change your code.
+For example, you can change the title on `src/main/twirl/gitbucket/core/main.scala.html` like this:
+
+```html
+:
+  <a class="navbar-brand" href="@path/">
+    <img src="@assets/common/images/gitbucket.png" style="width: 24px; height: 24px;"/>GitBucket
+    @defining(AutoUpdate.getCurrentVersion){ version =>
+      <span class="header-version">@version.majorVersion.@version.minorVersion</span>
+    }
+    change code !!!!!!!!!!!!!!!!
+  </a>
+:
+```
+
+If JRebel is doing is correctly installed you will see a notice for you:
+
+```
+1. Waiting for source changes... (press enter to interrupt)
+2016-01-03 21:48:42 JRebel: Reloading class 'gitbucket.core.html.main$'.
+[info] Wrote rebel.xml to /git/gitbucket/target/scala-2.11/resource_managed/main/rebel.xml
+[info] Compiling 1 Scala source to /git/gitbucket/target/scala-2.11/classes...
+[success] Total time: 3 s, completed Jan 3, 2016 9:48:55 PM
+2. Waiting for source changes... (press enter to interrupt)
+```
+
+And you reload browser, JRebel give notice of that it has reloaded classes:
+
+```
+[success] Total time: 3 s, completed Jan 3, 2016 9:48:55 PM
+2. Waiting for source changes... (press enter to interrupt)
+2016-01-03 21:49:13 JRebel: Reloading class 'gitbucket.core.html.main$'.
+```
+
+## 6. Limitations
+
+JRebel is nearly always able to eliminate the need to explicitly reload your container after a code change. However, if you change any of your routes patterns, there is nothing JRebel can do, you will have to run `jetty:start`.
--- a/doc/readme.md
+++ b/doc/readme.md
@@ -3,9 +3,10 @@ Developer's Guide
 * [How to run from source tree](how_to_run.md)
 * [Directory Structure](directory.md)
 * [Mapping and Validation](validation.md)
- * Authentication in Controller (not yet)
+ * [Authentication in Controller](authenticator.md)
 * [About Action in Issue Comment](comment_action.md)
 * [Activity Types](activity.md)
 * [Notification Email](notification.md)
 * [Automatic Schema Updating](auto_update.md)
 * [Release Operation](release.md)
+ * [JRebel integration (optional)](jrebel.md)
--- a/doc/release.md
+++ b/doc/release.md
@@ -6,28 +6,29 @@ Update version number

 Note to update version number in files below:

-### project/build.scala
+### build.sbt

 ```scala
-object MyBuild extends Build {
-  val Organization = "gitbucket"
-  val Name = "gitbucket"
-  val Version = "3.3.0" // <---- update version!!
-  val ScalaVersion = "2.11.6"
-  val ScalatraVersion = "2.3.1"
+val Organization = "gitbucket"
+val Name = "gitbucket"
+val GitBucketVersion = "4.0.0" // <---- update version!!
+val ScalatraVersion = "2.4.0"
+val JettyVersion = "9.3.6.v20151106"
 ```

-### src/main/scala/gitbucket/core/servlet/AutoUpdate.scala
+### src/main/scala/gitbucket/core/GitBucketCoreModule.scala

 ```scala
-object AutoUpdate {
-
-  /**
-   * The history of versions. A head of this sequence is the current BitBucket version.
-   */
-  val versions = Seq(
-    new Version(3, 3), // <---- add this line!!
-    new Version(3, 2),
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  // add new version definition
+  new Version("4.1.0",
+    new LiquibaseMigration("update/gitbucket-core_4.1.xml")
+  )
+)
 ```

 Generate release files
@@ -37,11 +38,10 @@ Note: Release operation requires [Ant](http://ant.apache.org/) and [Maven](https

 ### Make release war file

-Run `release/make-release-war.sh`. The release war file is generated into `target/scala-2.11/gitbucket.war`.
+Run `sbt executable`. The release war file and fingerprint are generated into `target/executable/gitbucket.war`.

 ```bash
-$ cd release
-$ ./make-release-war.sh
+$ sbt executable
 ```

 ### Deploy assembly jar file
--- a/embed-jetty/javax.servlet-3.0.0.v201112011016.jar
+++ b/embed-jetty/javax.servlet-3.0.0.v201112011016.jar
--- a/embed-jetty/jetty-continuation-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-continuation-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-http-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-http-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-io-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-io-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-security-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-security-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-server-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-server-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-servlet-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-servlet-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-util-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-util-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-webapp-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-webapp-8.1.16.v20140903.jar
--- a/embed-jetty/jetty-xml-8.1.16.v20140903.jar
+++ b/embed-jetty/jetty-xml-8.1.16.v20140903.jar
--- a/embed-jetty/update.sh
+++ b/embed-jetty/update.sh
@@ -1,11 +0,0 @@
-#!/bin/bash
-version=$1
-output_dir=`dirname $0`
-git rm -f ${output_dir}/jetty-*.jar
-for name in 'io' 'servlet' 'xml' 'continuation' 'security' 'util' 'http' 'server' 'webapp'
-do
-  jar_filename="jetty-${name}-${version}.jar"
-  wget "http://repo1.maven.org/maven2/org/eclipse/jetty/jetty-${name}/${version}/${jar_filename}" -O ${output_dir}/${jar_filename}
-done
-git add ${output_dir}/*.jar
-git commit
--- a/env.sh
+++ b/env.sh
@@ -1,3 +0,0 @@
-#!/bin/sh
-export GITBUCKET_VERSION=`cat project/build.scala | grep 'val Version' | cut -d \" -f 2`
-echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"
--- a/gitbucket-assembly.iml
+++ b/gitbucket-assembly.iml
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
-    <content url="file://$MODULE_DIR$">
-      <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
-      <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
-      <excludeFolder url="file://$MODULE_DIR$/target" />
-    </content>
-    <orderEntry type="inheritedJdk" />
-    <orderEntry type="sourceFolder" forTests="false" />
-  </component>
-</module>
--- a/project/Checksums.scala
+++ b/project/Checksums.scala
@@ -0,0 +1,34 @@
+import java.security.MessageDigest;
+import scala.annotation._
+import sbt._
+import sbt.Using._
+
+object Checksums {
+  private val bufferSize = 2048
+
+  def generate(source:File, target:File, algorithm:String):Unit =
+      IO write (target, compute(source, algorithm))
+
+  def compute(file:File, algorithm:String):String =
+      hex(raw(file, algorithm))
+
+  def raw(file:File, algorithm:String):Array[Byte]    =
+      (Using fileInputStream file) { is =>
+        val md  = MessageDigest getInstance algorithm
+        val buf = new Array[Byte](bufferSize)
+        md.reset()
+        @tailrec
+        def loop() {
+          val len = is read buf
+          if (len != -1) {
+            md update (buf, 0, len)
+            loop()
+          }
+        }
+        loop()
+        md.digest()
+      }
+
+  def hex(bytes:Array[Byte]):String =
+      bytes map { it => "%02x" format (it.toInt & 0xff) } mkString ""
+}
--- a/project/build.properties
+++ b/project/build.properties
@@ -1 +1 @@
-sbt.version=0.13.8
+sbt.version=0.13.11
--- a/project/build.scala
+++ b/project/build.scala
@@ -1,79 +0,0 @@
-import sbt._
-import Keys._
-import org.scalatra.sbt._
-import com.typesafe.sbteclipse.plugin.EclipsePlugin.EclipseKeys
-import play.twirl.sbt.SbtTwirl
-import play.twirl.sbt.Import.TwirlKeys._
-import sbtassembly._
-import sbtassembly.AssemblyKeys._
-
-object MyBuild extends Build {
-  val Organization = "gitbucket"
-  val Name = "gitbucket"
-  val Version = "3.5.0"
-  val ScalaVersion = "2.11.6"
-  val ScalatraVersion = "2.3.1"
-
-  lazy val project = Project (
-    "gitbucket",
-    file(".")
-  )
-  .settings(ScalatraPlugin.scalatraWithJRebel: _*)
-  .settings(
-    test in assembly := {},
-    assemblyMergeStrategy in assembly := {
-      case PathList("META-INF", xs @ _*) =>
-        (xs map {_.toLowerCase}) match {
-          case ("manifest.mf" :: Nil) => MergeStrategy.discard
-          case _ => MergeStrategy.discard
-      }
-      case x => MergeStrategy.first
-    }
-  )
-  .settings(
-    sourcesInBase := false,
-    organization := Organization,
-    name := Name,
-    version := Version,
-    scalaVersion := ScalaVersion,
-    resolvers ++= Seq(
-      Classpaths.typesafeReleases,
-      "amateras-repo" at "http://amateras.sourceforge.jp/mvn/"
-    ),
-    scalacOptions := Seq("-deprecation", "-language:postfixOps"),
-    libraryDependencies ++= Seq(
-      "org.eclipse.jgit" % "org.eclipse.jgit.http.server" % "3.4.2.201412180340-r",
-      "org.eclipse.jgit" % "org.eclipse.jgit.archive" % "3.4.2.201412180340-r",
-      "org.scalatra" %% "scalatra" % ScalatraVersion,
-      "org.scalatra" %% "scalatra-specs2" % ScalatraVersion % "test",
-      "org.scalatra" %% "scalatra-json" % ScalatraVersion,
-      "org.json4s" %% "json4s-jackson" % "3.2.11",
-      "jp.sf.amateras" %% "scalatra-forms" % "0.1.0",
-      "commons-io" % "commons-io" % "2.4",
-      "org.pegdown" % "pegdown" % "1.5.0",
-      "org.apache.commons" % "commons-compress" % "1.9",
-      "org.apache.commons" % "commons-email" % "1.3.3",
-      "org.apache.httpcomponents" % "httpclient" % "4.3.6",
-      "org.apache.sshd" % "apache-sshd" % "0.11.0",
-      "com.typesafe.slick" %% "slick" % "2.1.0",
-      "com.novell.ldap" % "jldap" % "2009-10-07",
-      "com.h2database" % "h2" % "1.4.180",
-//      "ch.qos.logback" % "logback-classic" % "1.0.13" % "runtime",
-      "org.eclipse.jetty" % "jetty-webapp" % "8.1.16.v20140903" % "container;provided",
-      "org.eclipse.jetty.orbit" % "javax.servlet" % "3.0.0.v201112011016" % "container;provided;test" artifacts Artifact("javax.servlet", "jar", "jar"),
-      "junit" % "junit" % "4.12" % "test",
-      "com.mchange" % "c3p0" % "0.9.5",
-      "com.typesafe" % "config" % "1.2.1",
-      "com.typesafe.akka" %% "akka-actor" % "2.3.10",
-      "com.enragedginger" %% "akka-quartz-scheduler" % "1.3.0-akka-2.3.x"  exclude("c3p0","c3p0")
-    ),
-    play.twirl.sbt.Import.TwirlKeys.templateImports += "gitbucket.core._",
-    EclipseKeys.withSource := true,
-    javacOptions in compile ++= Seq("-target", "7", "-source", "7"),
-    testOptions in Test += Tests.Argument(TestFrameworks.Specs2, "junitxml", "console"),
-    javaOptions in Test += "-Dgitbucket.home=target/gitbucket_home_for_test",
-    testOptions in Test += Tests.Setup( () => new java.io.File("target/gitbucket_home_for_test").mkdir() ),
-    fork in Test := true,
-    packageOptions += Package.MainClass("JettyLauncher")
-  ).enablePlugins(SbtTwirl)
-}
--- a/project/plugins.sbt
+++ b/project/plugins.sbt
@@ -1,8 +1,6 @@
 scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")

-addSbtPlugin("com.typesafe.sbteclipse" % "sbteclipse-plugin" % "2.4.0")
-addSbtPlugin("com.github.mpeltonen"    % "sbt-idea"          % "1.6.0")
-addSbtPlugin("org.scalatra.sbt"        % "scalatra-sbt"      % "0.3.5")
-addSbtPlugin("com.typesafe.sbt"        % "sbt-twirl"         % "1.0.4")
-addSbtPlugin("com.timushev.sbt"        % "sbt-updates"       % "0.1.8")
-addSbtPlugin("com.eed3si9n"            % "sbt-assembly"      % "0.12.0")
+addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"       % "1.0.4")
+addSbtPlugin("com.eed3si9n"     % "sbt-assembly"    % "0.12.0")
+addSbtPlugin("com.earldouglas"  % "xsbt-web-plugin" % "2.1.0")
+addSbtPlugin("fi.gekkio.sbtplugins" % "sbt-jrebel-plugin" % "0.10.0")
--- a/release/build.xml
+++ b/release/build.xml
@@ -1,62 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<project name="gitbucket" default="all" basedir="..">
-
-  <property environment="env"/>
-  <property name="target.dir" value="target"/>
-  <property name="embed.classes.dir" value="${target.dir}/embed-classes"/>
-  <property name="jetty.dir" value="embed-jetty"/>
-  <property name="scala.version" value="2.11"/>
-  <property name="gitbucket.version" value="${env.GITBUCKET_VERSION}"/>
-  <property name="jetty.version" value="8.1.16.v20140903"/>
-  <property name="servlet.version" value="3.0.0.v201112011016"/>
-
-  <condition property="sbt.exec" value="sbt.bat" else="sbt.sh">
-    <os family="windows" />
-  </condition>
-
-  <target name="clean">
-    <delete dir="${embed.classes.dir}"/>
-    <delete file="${target.dir}/scala-${scala.version}/gitbucket.war"/>
-  </target>
-
-  <target name="war" depends="clean">
-    <exec executable="${sbt.exec}" resolveexecutable="true" failonerror="true">
-      <arg line="clean compile test package" />
-    </exec>
-  </target>
-
-  <target name="embed" depends="war">
-    <mkdir dir="${embed.classes.dir}"/>
-
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/javax.servlet-${servlet.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-continuation-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-http-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-io-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-security-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-server-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-servlet-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-util-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-webapp-${jetty.version}.jar" />
-    <unzip dest="${embed.classes.dir}" src="${jetty.dir}/jetty-xml-${jetty.version}.jar" />
-
-    <zip destfile="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-         basedir="${embed.classes.dir}"
-         update = "true"
-         includes="javax/**,org/**"/>
-
-    <zip destfile="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-         basedir="${target.dir}/scala-${scala.version}/classes"
-         update = "true"
-         includes="JettyLauncher.class,HttpsSupportConnector.class"/>
-  </target>
-
-  <target name="rename" depends="embed">
-    <move file="${target.dir}/scala-${scala.version}/gitbucket_${scala.version}-${gitbucket.version}.war"
-            tofile="${target.dir}/scala-${scala.version}/gitbucket.war"/>
-  </target>
-
-  <target name="all" depends="rename">
-  </target>
-
-
-</project>
--- a/release/deploy-assembly-jar.sh
+++ b/release/deploy-assembly-jar.sh
@@ -1,10 +1,19 @@
 #!/bin/sh
-. ../env.sh
+. ./env.sh

 cd ../
 ./sbt.sh clean assembly

 cd release
+
+if [[ "$GITBUCKET_VERSION" =~ -SNAPSHOT$ ]]; then
+  MVN_DEPLOY_PATH=mvn-snapshot
+else
+  MVN_DEPLOY_PATH=mvn
+fi
+
+echo $MVN_DEPLOY_PATH
+
 mvn deploy:deploy-file \
  -DgroupId=gitbucket\
  -DartifactId=gitbucket-assembly\
@@ -12,4 +21,4 @@ mvn deploy:deploy-file \
  -Dpackaging=jar\
  -Dfile=../target/scala-2.11/gitbucket-assembly-$GITBUCKET_VERSION.jar\
  -DrepositoryId=sourceforge.jp\
-  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/mvn/
+  -Durl=scp://shell.sourceforge.jp/home/groups/a/am/amateras/htdocs/$MVN_DEPLOY_PATH/
--- a/release/env.sh
+++ b/release/env.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+export GITBUCKET_VERSION=`cat ../build.sbt | grep 'val GitBucketVersion' | cut -d \" -f 2`
+echo "GITBUCKET_VERSION: $GITBUCKET_VERSION"
--- a/release/make-release-war.sh
+++ b/release/make-release-war.sh
@@ -1,15 +0,0 @@
-#!/bin/sh
-D="$(dirname "$0")"
-D="$(cd "${D}"; pwd)"
-DD="$(dirname "${D}")"
-(
-  for f in "${DD}/env.sh" "${D}/build.xml"; do
-    if [ ! -s "${f}" ]; then
-      echo >&2 "$0: Unable to access file '${f}'"
-      exit 1
-    fi
-  done
-  cd "${DD}"
-  . "${DD}/env.sh"
-  ant -f "${D}/build.xml" all
-)
--- a/release/pom.xml
+++ b/release/pom.xml
@@ -10,7 +10,7 @@
            <extension>
                <groupId>org.apache.maven.wagon</groupId>
                <artifactId>wagon-ssh</artifactId>
-                <version>1.0-beta-6</version>
+                <version>2.10</version>
            </extension>
        </extensions>
    </build>
--- a/sbt-launch-0.13.9.jar
+++ b/sbt-launch-0.13.9.jar
--- a/sbt.bat
+++ b/sbt.bat
@@ -1,2 +1,2 @@
 set SCRIPT_DIR=%~dp0
-java -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.8.jar" %*
+java %JAVA_OPTS% -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar "%SCRIPT_DIR%\sbt-launch-0.13.9.jar" %*
--- a/sbt.sh
+++ b/sbt.sh
@@ -1,2 +1,2 @@
 #!/bin/sh
-java -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -XX:MaxPermSize=256m -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.8.jar "$@"
+java $JAVA_OPTS -Dsbt.log.noformat=true -XX:+CMSClassUnloadingEnabled -Xmx512M -Xss2M -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005 -jar `dirname $0`/sbt-launch-0.13.9.jar "$@"
--- a/src/main/java/JettyLauncher.java
+++ b/src/main/java/JettyLauncher.java
@@ -1,5 +1,4 @@
 import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
 import org.eclipse.jetty.webapp.WebAppContext;

 import java.io.File;
@@ -30,24 +29,23 @@ public class JettyLauncher {
            }
        }

-        Server server = new Server();
+        Server server = new Server(port);

-        SelectChannelConnector connector = new SelectChannelConnector();
-        if(host != null) {
-            connector.setHost(host);
-        }
-        connector.setMaxIdleTime(1000 * 60 * 60);
-        connector.setSoLingerTime(-1);
-        connector.setPort(port);
-        server.addConnector(connector);
+//        SelectChannelConnector connector = new SelectChannelConnector();
+//        if(host != null) {
+//            connector.setHost(host);
+//        }
+//        connector.setMaxIdleTime(1000 * 60 * 60);
+//        connector.setSoLingerTime(-1);
+//        connector.setPort(port);
+//        server.addConnector(connector);

        WebAppContext context = new WebAppContext();

        File tmpDir = new File(getGitBucketHome(), "tmp");
-        if(tmpDir.exists()){
-            deleteDirectory(tmpDir);
+        if(!tmpDir.exists()){
+            tmpDir.mkdirs();
        }
-        tmpDir.mkdirs();
        context.setTempDirectory(tmpDir);

        ProtectionDomain domain = JettyLauncher.class.getProtectionDomain();
--- a/src/main/java/org/postgresql/Driver2.java
+++ b/src/main/java/org/postgresql/Driver2.java
@@ -0,0 +1,52 @@
+package org.postgresql;
+
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.Properties;
+
+/**
+ * Wraps the PostgreSQL JDBC driver to convert the returning column names to lower case.
+ */
+public class Driver2 extends Driver {
+
+    @Override
+    public java.sql.Connection connect(String url, Properties info) throws SQLException {
+        Connection conn =  super.connect(url, info);
+
+        Object proxy = Proxy.newProxyInstance(
+                conn.getClass().getClassLoader(),
+                new Class[]{ Connection.class },
+                new ConnectionProxyHandler(conn)
+        );
+
+        return Connection.class.cast(proxy);
+    }
+
+
+    private static class ConnectionProxyHandler implements InvocationHandler {
+
+        private Connection conn;
+
+        public ConnectionProxyHandler(Connection conn){
+            this.conn = conn;
+        }
+
+        @Override
+        public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
+            if(method.getName().equals("prepareStatement")){
+                if(args != null && args.length == 2 && args[1].getClass().isArray()){
+                    String[] keys = (String[]) args[1];
+                    for(int i = 0; i < keys.length; i++){
+                        keys[i] = keys[i].toLowerCase();
+                    }
+                }
+            }
+            return method.invoke(conn, args);
+        }
+    }
+
+}
+
--- a/src/main/resources/database.conf
+++ b/src/main/resources/database.conf
@@ -1,6 +0,0 @@
-db {
-  driver = "org.h2.Driver"
-  url = "jdbc:h2:${DatabaseHome};MVCC=true"
-  user = "sa"
-  password = "sa"
-}
--- a/src/main/resources/logback-dev.xml
+++ b/src/main/resources/logback-dev.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+    <file>gitbucket.log</file>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+
+  <root level="INFO">
+    <appender-ref ref="STDOUT" />
+  </root>
+
+  <!--
+  <logger name="service.WebHookService" level="DEBUG" />
+  <logger name="servlet" level="DEBUG" />
+  <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
+  -->
+
+</configuration>
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -6,12 +6,23 @@
    </encoder>
  </appender>

+  <!--
+  <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+    <file>gitbucket.log</file>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+    </encoder>
+  </appender>
+  -->
+
  <root level="INFO">
    <appender-ref ref="STDOUT" />
  </root>
-  
+
  <!--
  <logger name="service.WebHookService" level="DEBUG" />
  <logger name="servlet" level="DEBUG" />
+  <logger name="scala.slick.jdbc.JdbcBackend.statement" level="DEBUG" />
  -->
+
 </configuration>
--- a/src/main/resources/update/1_0.sql
+++ b/src/main/resources/update/1_0.sql
@@ -1,135 +0,0 @@
-CREATE TABLE ACCOUNT(
-		USER_NAME VARCHAR(100) NOT NULL,
-		MAIL_ADDRESS VARCHAR(100) NOT NULL,
-		PASSWORD VARCHAR(40) NOT NULL,
-		ADMINISTRATOR BOOLEAN NOT NULL,
-		URL VARCHAR(200),
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL,
-		LAST_LOGIN_DATE TIMESTAMP
-);
-
-CREATE TABLE REPOSITORY(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		PRIVATE BOOLEAN NOT NULL,
-		DESCRIPTION TEXT,
-		DEFAULT_BRANCH VARCHAR(100),
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL,
-		LAST_ACTIVITY_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE COLLABORATOR(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		COLLABORATOR_NAME VARCHAR(100) NOT NULL
-);
-
-CREATE TABLE ISSUE(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		OPENED_USER_NAME VARCHAR(100) NOT NULL,
-		MILESTONE_ID INT,
-		ASSIGNED_USER_NAME VARCHAR(100),
-		TITLE TEXT NOT NULL,
-		CONTENT TEXT,
-		CLOSED BOOLEAN NOT NULL,
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE ISSUE_ID(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL
-);
-
-CREATE TABLE ISSUE_COMMENT(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		COMMENT_ID INT AUTO_INCREMENT,
-		ACTION VARCHAR(10),
-		COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
-		CONTENT TEXT NOT NULL,
-		REGISTERED_DATE TIMESTAMP NOT NULL,
-		UPDATED_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE LABEL(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		LABEL_ID INT AUTO_INCREMENT,
-		LABEL_NAME VARCHAR(100) NOT NULL,
-		COLOR CHAR(6) NOT NULL
-);
-
-CREATE TABLE ISSUE_LABEL(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		LABEL_ID INT NOT NULL
-);
-
-CREATE TABLE MILESTONE(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		MILESTONE_ID INT AUTO_INCREMENT,
-		TITLE VARCHAR(100) NOT NULL,
-		DESCRIPTION TEXT,
-		DUE_DATE TIMESTAMP,
-		CLOSED_DATE TIMESTAMP
-);
-
-ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_PK PRIMARY KEY (USER_NAME);
-ALTER TABLE ACCOUNT ADD CONSTRAINT IDX_ACCOUNT_1 UNIQUE (MAIL_ADDRESS);
-
-ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE REPOSITORY ADD CONSTRAINT IDX_REPOSITORY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_PK PRIMARY KEY (ISSUE_ID, USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK1 FOREIGN KEY (OPENED_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-ALTER TABLE ISSUE ADD CONSTRAINT IDX_ISSUE_FK2 FOREIGN KEY (MILESTONE_ID) REFERENCES MILESTONE (MILESTONE_ID);
-
-ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ISSUE_ID ADD CONSTRAINT IDX_ISSUE_ID_FK1 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_PK PRIMARY KEY (COMMENT_ID);
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID, COMMENT_ID);
-ALTER TABLE ISSUE_COMMENT ADD CONSTRAINT IDX_ISSUE_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, LABEL_ID);
-ALTER TABLE LABEL ADD CONSTRAINT IDX_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID);
-ALTER TABLE ISSUE_LABEL ADD CONSTRAINT IDX_ISSUE_LABEL_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, MILESTONE_ID);
-ALTER TABLE MILESTONE ADD CONSTRAINT IDX_MILESTONE_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
-INSERT INTO ACCOUNT (
-  USER_NAME,
-  MAIL_ADDRESS,
-  PASSWORD,
-  ADMINISTRATOR,
-  URL,
-  REGISTERED_DATE,
-  UPDATED_DATE,
-  LAST_LOGIN_DATE
-) VALUES (
-  'root',
-  'root@localhost',
-  'dc76e9f0c0006e8f919e0c515c66dbba3982f785',
-  true,
-  'https://github.com/takezoe/gitbucket',
-  SYSDATE,
-  SYSDATE,
-  NULL
-);
--- a/src/main/resources/update/1_1.sql
+++ b/src/main/resources/update/1_1.sql
@@ -1,8 +0,0 @@
-- Fix COLLABORATOR constraints
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK1 IF EXISTS;
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_FK0 IF EXISTS;
-ALTER TABLE COLLABORATOR DROP CONSTRAINT IDX_COLLABORATOR_PK IF EXISTS;
-
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COLLABORATOR ADD CONSTRAINT IDX_COLLABORATOR_FK1 FOREIGN KEY (COLLABORATOR_NAME) REFERENCES ACCOUNT (USER_NAME);
--- a/src/main/resources/update/1_12.sql
+++ b/src/main/resources/update/1_12.sql
@@ -1,11 +0,0 @@
-ALTER TABLE GROUP_MEMBER ADD COLUMN MANAGER BOOLEAN DEFAULT FALSE;
-
-CREATE TABLE SSH_KEY (
-  USER_NAME VARCHAR(100) NOT NULL,
-  SSH_KEY_ID INT AUTO_INCREMENT,
-  TITLE VARCHAR(100) NOT NULL,
-  PUBLIC_KEY TEXT NOT NULL
-);
-
-ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_PK PRIMARY KEY (USER_NAME, SSH_KEY_ID);
-ALTER TABLE SSH_KEY ADD CONSTRAINT IDX_SSH_KEY_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
--- a/src/main/resources/update/1_13.sql
+++ b/src/main/resources/update/1_13.sql
@@ -1 +0,0 @@
-DROP TABLE COMMIT_LOG;
--- a/src/main/resources/update/1_2.sql
+++ b/src/main/resources/update/1_2.sql
@@ -1,24 +0,0 @@
-CREATE TABLE ACTIVITY(
-		ACTIVITY_ID INT AUTO_INCREMENT,
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ACTIVITY_USER_NAME VARCHAR(100) NOT NULL,
-		ACTIVITY_TYPE VARCHAR(100) NOT NULL,
-		MESSAGE TEXT NOT NULL,
-		ADDITIONAL_INFO TEXT,
-		ACTIVITY_DATE TIMESTAMP NOT NULL
-);
-
-CREATE TABLE COMMIT_LOG (
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		COMMIT_ID VARCHAR(40) NOT NULL
-);
-
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_PK PRIMARY KEY (ACTIVITY_ID);
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE ACTIVITY ADD CONSTRAINT IDX_ACTIVITY_FK1 FOREIGN KEY (ACTIVITY_USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, COMMIT_ID);
-ALTER TABLE COMMIT_LOG ADD CONSTRAINT IDX_COMMIT_LOG_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-
--- a/src/main/resources/update/1_3.sql
+++ b/src/main/resources/update/1_3.sql
@@ -1,8 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN IMAGE VARCHAR(100);
-
-UPDATE ISSUE_COMMENT SET ACTION = 'comment' WHERE ACTION IS NULL;
-
-ALTER TABLE ISSUE_COMMENT ALTER COLUMN ACTION VARCHAR(20) NOT NULL;
-
-UPDATE ISSUE_COMMENT SET ACTION = 'close_comment'  WHERE ACTION = 'close';
-UPDATE ISSUE_COMMENT SET ACTION = 'reopen_comment' WHERE ACTION = 'reopen';
--- a/src/main/resources/update/1_4.sql
+++ b/src/main/resources/update/1_4.sql
@@ -1,24 +0,0 @@
-CREATE TABLE GROUP_MEMBER(
-  GROUP_NAME VARCHAR(100) NOT NULL,
-  USER_NAME  VARCHAR(100) NOT NULL
-);
-
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_PK PRIMARY KEY (GROUP_NAME, USER_NAME);
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK0 FOREIGN KEY (GROUP_NAME) REFERENCES ACCOUNT (USER_NAME);
-ALTER TABLE GROUP_MEMBER ADD CONSTRAINT IDX_GROUP_MEMBER_FK1 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME);
-
-ALTER TABLE ACCOUNT ADD COLUMN GROUP_ACCOUNT BOOLEAN NOT NULL DEFAULT FALSE;
-
-CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
- SELECT
-   A.USER_NAME,
-   A.REPOSITORY_NAME,
-   A.ISSUE_ID,
-   NVL(B.COMMENT_COUNT, 0) AS COMMENT_COUNT
- FROM ISSUE A
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
-   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) B
- ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID);
--- a/src/main/resources/update/1_5.sql
+++ b/src/main/resources/update/1_5.sql
@@ -1,21 +0,0 @@
-ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_USER_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN ORIGIN_REPOSITORY_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN PARENT_USER_NAME VARCHAR(100);
-ALTER TABLE REPOSITORY ADD COLUMN PARENT_REPOSITORY_NAME VARCHAR(100);
-
-CREATE TABLE PULL_REQUEST(
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		ISSUE_ID INT NOT NULL,
-		BRANCH VARCHAR(100) NOT NULL,
-		REQUEST_USER_NAME VARCHAR(100) NOT NULL,
-		REQUEST_REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		REQUEST_BRANCH VARCHAR(100) NOT NULL,
-		COMMIT_ID_FROM VARCHAR(40) NOT NULL,
-		COMMIT_ID_TO VARCHAR(40) NOT NULL
-);
-
-ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-ALTER TABLE PULL_REQUEST ADD CONSTRAINT IDX_PULL_REQUEST_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME, ISSUE_ID) REFERENCES ISSUE (USER_NAME, REPOSITORY_NAME, ISSUE_ID);
-
-ALTER TABLE ISSUE ADD COLUMN PULL_REQUEST BOOLEAN NOT NULL DEFAULT FALSE;
--- a/src/main/resources/update/1_6.sql
+++ b/src/main/resources/update/1_6.sql
@@ -1,8 +0,0 @@
-CREATE TABLE WEB_HOOK (
-		USER_NAME VARCHAR(100) NOT NULL,
-		REPOSITORY_NAME VARCHAR(100) NOT NULL,
-		URL VARCHAR(200) NOT NULL
-);
-
-ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_PK PRIMARY KEY (USER_NAME, REPOSITORY_NAME, URL);
-ALTER TABLE WEB_HOOK ADD CONSTRAINT IDX_WEB_HOOK_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
--- a/src/main/resources/update/1_7.sql
+++ b/src/main/resources/update/1_7.sql
@@ -1,5 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN FULL_NAME VARCHAR(100);
-
-UPDATE ACCOUNT SET FULL_NAME = USER_NAME WHERE FULL_NAME IS NULL;
-
-ALTER TABLE ACCOUNT ALTER COLUMN FULL_NAME SET NOT NULL;
--- a/src/main/resources/update/1_8.sql
+++ b/src/main/resources/update/1_8.sql
@@ -1 +0,0 @@
-ALTER TABLE ACCOUNT ADD COLUMN REMOVED BOOLEAN DEFAULT FALSE;
--- a/src/main/resources/update/2_3.sql
+++ b/src/main/resources/update/2_3.sql
@@ -1,6 +0,0 @@
-CREATE TABLE PLUGIN (
-  PLUGIN_ID VARCHAR(100) NOT NULL,
-  VERSION   VARCHAR(100) NOT NULL
-);
-
-ALTER TABLE PLUGIN ADD CONSTRAINT IDX_PLUGIN_PK PRIMARY KEY (PLUGIN_ID);
--- a/src/main/resources/update/2_7.sql
+++ b/src/main/resources/update/2_7.sql
@@ -1,18 +0,0 @@
-CREATE TABLE COMMIT_COMMENT (
-    USER_NAME VARCHAR(100) NOT NULL,
-    REPOSITORY_NAME VARCHAR(100) NOT NULL,
-    COMMIT_ID VARCHAR(100) NOT NULL,
-    COMMENT_ID INT AUTO_INCREMENT,
-    COMMENTED_USER_NAME VARCHAR(100) NOT NULL,
-    CONTENT TEXT NOT NULL,
-    FILE_NAME NVARCHAR(100),
-    OLD_LINE_NUMBER INT,
-    NEW_LINE_NUMBER INT,
-    REGISTERED_DATE TIMESTAMP NOT NULL,
-    UPDATED_DATE TIMESTAMP NOT NULL,
-    PULL_REQUEST BOOLEAN NOT NULL
-);
-
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_PK PRIMARY KEY (COMMENT_ID);
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_FK0 FOREIGN KEY (USER_NAME, REPOSITORY_NAME) REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME);
-ALTER TABLE COMMIT_COMMENT ADD CONSTRAINT IDX_COMMIT_COMMENT_1 UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, COMMENT_ID);
--- a/src/main/resources/update/2_8.sql
+++ b/src/main/resources/update/2_8.sql
@@ -1 +0,0 @@
-ALTER TABLE COMMIT_COMMENT ALTER COLUMN FILE_NAME NVARCHAR(260);
--- a/src/main/resources/update/3_1.sql
+++ b/src/main/resources/update/3_1.sql
@@ -1,42 +0,0 @@
-DROP TABLE IF EXISTS ACCESS_TOKEN;
-
-CREATE TABLE ACCESS_TOKEN (
-   ACCESS_TOKEN_ID INT NOT NULL AUTO_INCREMENT,
-   TOKEN_HASH VARCHAR(40) NOT NULL,
-   USER_NAME VARCHAR(100) NOT NULL,
-   NOTE TEXT NOT NULL
-);
-
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_PK PRIMARY KEY (ACCESS_TOKEN_ID);
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_FK0 FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE ACCESS_TOKEN ADD CONSTRAINT IDX_ACCESS_TOKEN_TOKEN_HASH UNIQUE(TOKEN_HASH);
-
-
-DROP TABLE IF EXISTS COMMIT_STATUS;
-CREATE TABLE COMMIT_STATUS(
-  COMMIT_STATUS_ID INT AUTO_INCREMENT,
-  USER_NAME VARCHAR(100) NOT NULL,
-  REPOSITORY_NAME VARCHAR(100) NOT NULL,
-  COMMIT_ID VARCHAR(40) NOT NULL,
-  CONTEXT VARCHAR(255) NOT NULL, -- context is too long (maximum is 255 characters)
-  STATE VARCHAR(10) NOT NULL, -- pending, success, error, or failure
-  TARGET_URL VARCHAR(200),
-  DESCRIPTION TEXT,
-  CREATOR VARCHAR(100) NOT NULL,
-  REGISTERED_DATE TIMESTAMP NOT NULL, -- CREATED_AT
-  UPDATED_DATE TIMESTAMP NOT NULL -- UPDATED_AT
-);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_PK PRIMARY KEY (COMMIT_STATUS_ID);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_1
-  UNIQUE (USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT);
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK1
-  FOREIGN KEY (USER_NAME, REPOSITORY_NAME)
-  REFERENCES REPOSITORY (USER_NAME, REPOSITORY_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK2
-  FOREIGN KEY (USER_NAME) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
-ALTER TABLE COMMIT_STATUS ADD CONSTRAINT IDX_COMMIT_STATUS_FK3
-  FOREIGN KEY (CREATOR) REFERENCES ACCOUNT (USER_NAME)
-  ON DELETE CASCADE ON UPDATE CASCADE;
--- a/src/main/resources/update/gitbucket-core_4.0.sql
+++ b/src/main/resources/update/gitbucket-core_4.0.sql
@@ -0,0 +1,18 @@
+CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
+ SELECT
+   A.USER_NAME,
+   A.REPOSITORY_NAME,
+   A.ISSUE_ID,
+   COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
+ FROM ISSUE A
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
+   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) B
+ ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
+ LEFT OUTER JOIN (
+   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
+   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+ ) C
+ ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);
--- a/src/main/resources/update/gitbucket-core_4.0.xml
+++ b/src/main/resources/update/gitbucket-core_4.0.xml
@@ -0,0 +1,351 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+
+  <!--================================================================================================-->
+  <!-- ACCOUNT -->
+  <!--================================================================================================-->
+  <createTable tableName="ACCOUNT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MAIL_ADDRESS" type="varchar(100)" nullable="false"/>
+    <column name="PASSWORD" type="varchar(40)" nullable="false"/>
+    <column name="ADMINISTRATOR" type="boolean" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="LAST_LOGIN_DATE" type="datetime" nullable="true"/>
+    <column name="IMAGE" type="varchar(100)" nullable="true"/>
+    <column name="GROUP_ACCOUNT" type="boolean" nullable="false"/>
+    <column name="FULL_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REMOVED" type="boolean" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACCOUNT_PK" tableName="ACCOUNT" columnNames="USER_NAME"/>
+  <addUniqueConstraint constraintName="IDX_ACCOUNT_1" tableName="ACCOUNT" columnNames="MAIL_ADDRESS"/>
+
+  <insert tableName="ACCOUNT">
+    <column name="USER_NAME" value="root"/>
+    <column name="FULL_NAME" value="root"/>
+    <column name="MAIL_ADDRESS" value="root@localhost"/>
+    <column name="PASSWORD" value="dc76e9f0c0006e8f919e0c515c66dbba3982f785"/>
+    <column name="ADMINISTRATOR" valueBoolean="true"/>
+    <column name="URL" value="https://github.com/gitbucket/gitbucket"/>
+    <column name="GROUP_ACCOUNT" valueBoolean="false"/>
+    <column name="REMOVED" valueBoolean="false"/>
+    <column name="REGISTERED_DATE" valueDate="${currentDateTime}"/>
+    <column name="UPDATED_DATE" valueDate="${currentDateTime}"/>
+  </insert>
+
+  <!--================================================================================================-->
+  <!-- REPOSITORY -->
+  <!--================================================================================================-->
+  <createTable tableName="REPOSITORY">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="PRIVATE" type="boolean" nullable="false"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="DEFAULT_BRANCH" type="varchar(100)" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="LAST_ACTIVITY_DATE" type="datetime" nullable="false"/>
+    <column name="ORIGIN_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="ORIGIN_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
+    <column name="PARENT_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="PARENT_REPOSITORY_NAME" type="varchar(100)" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_REPOSITORY_PK" tableName="REPOSITORY" columnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_REPOSITORY_FK0" baseTableName="REPOSITORY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ACCESS_TOKEN -->
+  <!--================================================================================================-->
+  <createTable tableName="ACCESS_TOKEN">
+    <column name="ACCESS_TOKEN_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TOKEN_HASH" type="varchar(40)" nullable="false"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="NOTE" type="text" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACCESS_TOKEN_PK" tableName="ACCESS_TOKEN" columnNames="ACCESS_TOKEN_ID"/>
+  <addUniqueConstraint constraintName="IDX_ACCESS_TOKEN_TOKEN_HASH" tableName="ACCESS_TOKEN" columnNames="TOKEN_HASH"/>
+  <addForeignKeyConstraint constraintName="IDX_ACCESS_TOKEN_FK0" baseTableName="ACCESS_TOKEN" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- ACTIVITY -->
+  <!--================================================================================================-->
+  <createTable tableName="ACTIVITY">
+    <column name="ACTIVITY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ACTIVITY_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ACTIVITY_TYPE" type="varchar(100)" nullable="false"/>
+    <column name="MESSAGE" type="text" nullable="false"/>
+    <column name="ADDITIONAL_INFO" type="text" nullable="true"/>
+    <column name="ACTIVITY_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ACTIVITY_PK" tableName="ACTIVITY" columnNames="ACTIVITY_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK1" baseTableName="ACTIVITY" baseColumnNames="ACTIVITY_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ACTIVITY_FK0" baseTableName="ACTIVITY" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COLLABORATOR -->
+  <!--================================================================================================-->
+  <createTable tableName="COLLABORATOR">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COLLABORATOR_NAME" type="varchar(100)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COLLABORATOR_PK" tableName="COLLABORATOR" columnNames="USER_NAME, REPOSITORY_NAME, COLLABORATOR_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK1" baseTableName="COLLABORATOR" baseColumnNames="COLLABORATOR_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_COLLABORATOR_FK0" baseTableName="COLLABORATOR" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COMMIT_COMMENT -->
+  <!--================================================================================================-->
+  <createTable tableName="COMMIT_COMMENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID" type="varchar(100)" nullable="false"/>
+    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="false"/>
+    <column name="FILE_NAME" type="varchar(260)" nullable="true"/>
+    <column name="OLD_LINE_NUMBER" type="int" nullable="true"/>
+    <column name="NEW_LINE_NUMBER" type="int" nullable="true"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COMMIT_COMMENT_PK" tableName="COMMIT_COMMENT" columnNames="COMMENT_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_COMMENT_FK0" baseTableName="COMMIT_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- COMMIT_STATUS -->
+  <!--================================================================================================-->
+  <createTable tableName="COMMIT_STATUS">
+    <column name="COMMIT_STATUS_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID" type="varchar(40)" nullable="false"/>
+    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
+    <column name="STATE" type="varchar(10)" nullable="false"/>
+    <column name="TARGET_URL" type="varchar(200)" nullable="true"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="CREATOR" type="varchar(100)" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_COMMIT_STATUS_PK" tableName="COMMIT_STATUS" columnNames="COMMIT_STATUS_ID"/>
+  <addUniqueConstraint constraintName="IDX_COMMIT_STATUS_1" tableName="COMMIT_STATUS" columnNames="USER_NAME, REPOSITORY_NAME, COMMIT_ID, CONTEXT"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK3" baseTableName="COMMIT_STATUS" baseColumnNames="CREATOR" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK2" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+  <addForeignKeyConstraint constraintName="IDX_COMMIT_STATUS_FK1" baseTableName="COMMIT_STATUS" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- GROUP_MEMBER -->
+  <!--================================================================================================-->
+  <createTable tableName="GROUP_MEMBER">
+    <column name="GROUP_NAME" type="varchar(100)" nullable="false"/>
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MANAGER" type="boolean" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_GROUP_MEMBER_PK" tableName="GROUP_MEMBER" columnNames="GROUP_NAME, USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK1" baseTableName="GROUP_MEMBER" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_GROUP_MEMBER_FK0" baseTableName="GROUP_MEMBER" baseColumnNames="GROUP_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- LABEL -->
+  <!--================================================================================================-->
+  <createTable tableName="LABEL">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="LABEL_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="LABEL_NAME" type="varchar(100)" nullable="false"/>
+    <column name="COLOR" type="char(6)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_LABEL_PK" tableName="LABEL" columnNames="USER_NAME, REPOSITORY_NAME, LABEL_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_LABEL_FK0" baseTableName="LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- MILESTONE -->
+  <!--================================================================================================-->
+  <createTable tableName="MILESTONE">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MILESTONE_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TITLE" type="varchar(100)" nullable="false"/>
+    <column name="DESCRIPTION" type="text" nullable="true"/>
+    <column name="DUE_DATE" type="datetime" nullable="true"/>
+    <column name="CLOSED_DATE" type="datetime" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_MILESTONE_PK" tableName="MILESTONE" columnNames="USER_NAME, REPOSITORY_NAME, MILESTONE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_MILESTONE_FK0" baseTableName="MILESTONE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="OPENED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="MILESTONE_ID" type="int" nullable="true"/>
+    <column name="ASSIGNED_USER_NAME" type="varchar(100)" nullable="true"/>
+    <column name="TITLE" type="text" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="true"/>
+    <column name="CLOSED" type="boolean" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+    <column name="PULL_REQUEST" type="boolean" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_PK" tableName="ISSUE" columnNames="ISSUE_ID, USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK0" baseTableName="ISSUE" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK2" baseTableName="ISSUE" baseColumnNames="MILESTONE_ID" referencedTableName="MILESTONE" referencedColumnNames="MILESTONE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_FK1" baseTableName="ISSUE" baseColumnNames="OPENED_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_COMMENT -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_COMMENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="COMMENT_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="ACTION" type="varchar(20)" nullable="false"/>
+    <column name="COMMENTED_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="CONTENT" type="text" nullable="false"/>
+    <column name="REGISTERED_DATE" type="datetime" nullable="false"/>
+    <column name="UPDATED_DATE" type="datetime" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_COMMENT_PK" tableName="ISSUE_COMMENT" columnNames="COMMENT_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_COMMENT_FK0" baseTableName="ISSUE_COMMENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_ID -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_ID">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_ID_PK" tableName="ISSUE_ID" columnNames="USER_NAME, REPOSITORY_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_ID_FK1" baseTableName="ISSUE_ID" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_ID -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_LABEL">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="LABEL_ID" type="int" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_ISSUE_LABEL_PK" tableName="ISSUE_LABEL" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID, LABEL_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_LABEL_FK0" baseTableName="ISSUE_LABEL" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- PLUGIN -->
+  <!--================================================================================================-->
+  <createTable tableName="PLUGIN">
+    <column name="PLUGIN_ID" type="varchar(100)" nullable="false"/>
+    <column name="VERSION" type="varchar(100)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PLUGIN_PK" tableName="PLUGIN" columnNames="PLUGIN_ID"/>
+
+  <!--================================================================================================-->
+  <!-- PULL_REQUEST -->
+  <!--================================================================================================-->
+  <createTable tableName="PULL_REQUEST">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REQUEST_BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="COMMIT_ID_FROM" type="varchar(40)" nullable="false"/>
+    <column name="COMMIT_ID_TO" type="varchar(40)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PULL_REQUEST_PK" tableName="PULL_REQUEST" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_PULL_REQUEST_FK0" baseTableName="PULL_REQUEST" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+
+  <!--================================================================================================-->
+  <!-- SSH_KEY -->
+  <!--================================================================================================-->
+  <createTable tableName="SSH_KEY">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="SSH_KEY_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="TITLE" type="varchar(100)" nullable="false"/>
+    <column name="PUBLIC_KEY" type="text" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_SSH_KEY_PK" tableName="SSH_KEY" columnNames="USER_NAME, SSH_KEY_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_SSH_KEY_FK0" baseTableName="SSH_KEY" baseColumnNames="USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- WEB_HOOK -->
+  <!--================================================================================================-->
+  <createTable tableName="WEB_HOOK">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="false"/>
+    <column name="TOKEN" type="varchar(100)" nullable="true"/>
+    <column name="CTYPE" type="varchar(10)" nullable="true"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_WEB_HOOK_PK" tableName="WEB_HOOK" columnNames="USER_NAME, REPOSITORY_NAME, URL"/>
+  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_FK0" baseTableName="WEB_HOOK" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- WEB_HOOK_EVENT -->
+  <!--================================================================================================-->
+  <createTable tableName="WEB_HOOK_EVENT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="URL" type="varchar(200)" nullable="false"/>
+    <column name="EVENT" type="varchar(30)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_WEB_HOOK_EVENT_PK" tableName="WEB_HOOK_EVENT" columnNames="USER_NAME, REPOSITORY_NAME, URL, EVENT"/>
+  <addForeignKeyConstraint constraintName="IDX_WEB_HOOK_EVENT_FK0" baseTableName="WEB_HOOK_EVENT" baseColumnNames="USER_NAME, REPOSITORY_NAME, URL" referencedTableName="WEB_HOOK" referencedColumnNames="USER_NAME, REPOSITORY_NAME, URL" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- PROTECTED_BRANCH -->
+  <!--================================================================================================-->
+  <createTable tableName="PROTECTED_BRANCH">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="STATUS_CHECK_ADMIN" type="boolean" nullable="false" defaultValueBoolean="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_PK" tableName="PROTECTED_BRANCH" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH"/>
+  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_FK0" baseTableName="PROTECTED_BRANCH" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+  <!--================================================================================================-->
+  <!-- PROTECTED_BRANCH_REQUIRE_CONTEXT -->
+  <!--================================================================================================-->
+  <createTable tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="BRANCH" type="varchar(100)" nullable="false"/>
+    <column name="CONTEXT" type="varchar(255)" nullable="false"/>
+  </createTable>
+
+  <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK" tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT"/>
+  <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0" baseTableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" baseColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" referencedTableName="PROTECTED_BRANCH" referencedColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" onDelete="CASCADE" onUpdate="CASCADE"/>
+
+</changeSet>
--- a/src/main/resources/update/gitbucket-core_4.2.xml
+++ b/src/main/resources/update/gitbucket-core_4.2.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+    <addColumn tableName="REPOSITORY">
+        <column name="ENABLE_ISSUES" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="EXTERNAL_ISSUES_URL" type="varchar(200)" nullable="true"/>
+        <column name="ENABLE_WIKI" type="boolean" nullable="false" defaultValueBoolean="true"/>
+        <column name="ALLOW_WIKI_EDITING" type="boolean" nullable="false" defaultValueBoolean="false"/>
+        <column name="EXTERNAL_WIKI_URL" type="varchar(200)" nullable="true"/>
+    </addColumn>
+</changeSet>
--- a/src/main/scala/ScalatraBootstrap.scala
+++ b/src/main/scala/ScalatraBootstrap.scala
@@ -1,7 +1,7 @@

 import gitbucket.core.controller._
 import gitbucket.core.plugin.PluginRegistry
-import gitbucket.core.servlet.{AccessTokenAuthenticationFilter, BasicAuthenticationFilter, Database, TransactionFilter}
+import gitbucket.core.servlet.{ApiAuthenticationFilter, GitAuthenticationFilter, Database, TransactionFilter}
 import gitbucket.core.util.Directory

 import java.util.EnumSet
@@ -15,10 +15,10 @@ class ScalatraBootstrap extends LifeCycle {
    // Register TransactionFilter and BasicAuthenticationFilter at first
    context.addFilter("transactionFilter", new TransactionFilter)
    context.getFilterRegistration("transactionFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/*")
-    context.addFilter("basicAuthenticationFilter", new BasicAuthenticationFilter)
-    context.getFilterRegistration("basicAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
-    context.addFilter("accessTokenAuthenticationFilter", new AccessTokenAuthenticationFilter)
-    context.getFilterRegistration("accessTokenAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
+    context.addFilter("gitAuthenticationFilter", new GitAuthenticationFilter)
+    context.getFilterRegistration("gitAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/git/*")
+    context.addFilter("apiAuthenticationFilter", new ApiAuthenticationFilter)
+    context.getFilterRegistration("apiAuthenticationFilter").addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*")
    // Register controllers
    context.mount(new AnonymousAccessController, "/*")

@@ -27,11 +27,10 @@ class ScalatraBootstrap extends LifeCycle {
    }

    context.mount(new IndexController, "/")
-    context.mount(new SearchController, "/")
+    context.mount(new ApiController, "/api/v3")
    context.mount(new FileUploadController, "/upload")
+    context.mount(new SystemSettingsController, "/admin")
    context.mount(new DashboardController, "/*")
-    context.mount(new UserManagementController, "/*")
-    context.mount(new SystemSettingsController, "/*")
    context.mount(new AccountController, "/*")
    context.mount(new RepositoryViewerController, "/*")
    context.mount(new WikiController, "/*")
--- a/src/main/scala/gitbucket/core/GitBucketCoreModule.scala
+++ b/src/main/scala/gitbucket/core/GitBucketCoreModule.scala
@@ -0,0 +1,17 @@
+package gitbucket.core
+
+import io.github.gitbucket.solidbase.migration.{SqlMigration, LiquibaseMigration}
+import io.github.gitbucket.solidbase.model.{Version, Module}
+
+object GitBucketCoreModule extends Module("gitbucket-core",
+  new Version("4.0.0",
+    new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
+    new SqlMigration("update/gitbucket-core_4.0.sql")
+  ),
+  new Version("4.1.0"),
+  new Version("4.2.0",
+    new LiquibaseMigration("update/gitbucket-core_4.2.xml")
+  ),
+  new Version("4.2.1"),
+  new Version("4.3.0")
+)
--- a/src/main/scala/gitbucket/core/api/ApiBranch.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranch.scala
@@ -0,0 +1,23 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.RepositoryName
+
+/**
+ * https://developer.github.com/v3/repos/#get-branch
+ * https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection
+ */
+case class ApiBranch(
+  name: String,
+  // commit: ApiBranchCommit,
+  protection: ApiBranchProtection)(repositoryName:RepositoryName) extends FieldSerializable {
+  def _links = Map(
+   "self" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/branches/${name}"),
+   "html" -> ApiPath(s"/${repositoryName.fullName}/tree/${name}"))
+}
+
+case class ApiBranchCommit(sha: String)
+
+case class ApiBranchForList(
+  name: String,
+  commit: ApiBranchCommit
+)
--- a/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
+++ b/src/main/scala/gitbucket/core/api/ApiBranchProtection.scala
@@ -0,0 +1,46 @@
+package gitbucket.core.api
+
+import gitbucket.core.service.ProtectedBranchService
+import org.json4s._
+
+/** https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection */
+case class ApiBranchProtection(enabled: Boolean, required_status_checks: Option[ApiBranchProtection.Status]){
+  def status: ApiBranchProtection.Status = required_status_checks.getOrElse(ApiBranchProtection.statusNone)
+}
+
+object ApiBranchProtection{
+  /** form for enabling-and-disabling-branch-protection */
+  case class EnablingAndDisabling(protection: ApiBranchProtection)
+
+  def apply(info: ProtectedBranchService.ProtectedBranchInfo): ApiBranchProtection = ApiBranchProtection(
+    enabled = info.enabled,
+    required_status_checks = Some(Status(EnforcementLevel(info.enabled && info.contexts.nonEmpty, info.includeAdministrators), info.contexts)))
+  val statusNone = Status(Off, Seq.empty)
+  case class Status(enforcement_level: EnforcementLevel, contexts: Seq[String])
+  sealed class EnforcementLevel(val name: String)
+  case object Off extends EnforcementLevel("off")
+  case object NonAdmins extends EnforcementLevel("non_admins")
+  case object Everyone extends EnforcementLevel("everyone")
+  object EnforcementLevel {
+    def apply(enabled: Boolean, includeAdministrators: Boolean): EnforcementLevel = if(enabled){
+      if(includeAdministrators){
+        Everyone
+      }else{
+        NonAdmins
+      }
+    }else{
+      Off
+    }
+  }
+
+  implicit val enforcementLevelSerializer = new CustomSerializer[EnforcementLevel](format => (
+   {
+     case JString("off") => Off
+     case JString("non_admins") => NonAdmins
+     case JString("everyone") => Everyone
+   },
+   {
+     case x: EnforcementLevel => JString(x.name)
+   }
+ ))
+}
--- a/src/main/scala/gitbucket/core/api/ApiComment.scala
+++ b/src/main/scala/gitbucket/core/api/ApiComment.scala
@@ -14,16 +14,16 @@ case class ApiComment(
  user: ApiUser,
  body: String,
  created_at: Date,
-  updated_at: Date)(repositoryName: RepositoryName, issueId: Int){
-  val html_url = ApiPath(s"/${repositoryName.fullName}/issues/${issueId}#comment-${id}")
+  updated_at: Date)(repositoryName: RepositoryName, issueId: Int, isPullRequest: Boolean){
+  val html_url = ApiPath(s"/${repositoryName.fullName}/${if(isPullRequest){ "pull" }else{ "issues" }}/${issueId}#comment-${id}")
 }

 object ApiComment{
-  def apply(comment: IssueComment, repositoryName: RepositoryName, issueId: Int, user: ApiUser): ApiComment =
+  def apply(comment: IssueComment, repositoryName: RepositoryName, issueId: Int, user: ApiUser, isPullRequest: Boolean): ApiComment =
    ApiComment(
      id = comment.commentId,
      user = user,
      body = comment.content,
      created_at = comment.registeredDate,
-      updated_at = comment.updatedDate)(repositoryName, issueId)
+      updated_at = comment.updatedDate)(repositoryName, issueId, isPullRequest)
 }
--- a/src/main/scala/gitbucket/core/api/ApiCommit.scala
+++ b/src/main/scala/gitbucket/core/api/ApiCommit.scala
@@ -20,13 +20,21 @@ case class ApiCommit(
  removed: List[String],
  modified: List[String],
  author: ApiPersonIdent,
-  committer: ApiPersonIdent)(repositoryName:RepositoryName){
-  val url = ApiPath(s"/api/v3/${repositoryName.fullName}/commits/${id}")
-  val html_url = ApiPath(s"/${repositoryName.fullName}/commit/${id}")
+  committer: ApiPersonIdent)(repositoryName:RepositoryName, urlIsHtmlUrl: Boolean) extends FieldSerializable{
+  val url = if(urlIsHtmlUrl){
+    ApiPath(s"/${repositoryName.fullName}/commit/${id}")
+  }else{
+    ApiPath(s"/api/v3/${repositoryName.fullName}/commits/${id}")
+  }
+  val html_url = if(urlIsHtmlUrl){
+    None
+  }else{
+    Some(ApiPath(s"/${repositoryName.fullName}/commit/${id}"))
+  }
 }

 object ApiCommit{
-  def apply(git: Git, repositoryName: RepositoryName, commit: CommitInfo): ApiCommit = {
+  def apply(git: Git, repositoryName: RepositoryName, commit: CommitInfo, urlIsHtmlUrl: Boolean = false): ApiCommit = {
    val diffs = JGitUtil.getDiffs(git, commit.id, false)
    ApiCommit(
      id        = commit.id,
@@ -43,6 +51,7 @@ object ApiCommit{
      },
      author    = ApiPersonIdent.author(commit),
      committer = ApiPersonIdent.committer(commit)
-    )(repositoryName)
+    )(repositoryName, urlIsHtmlUrl)
  }
+  def forPushPayload(git: Git, repositoryName: RepositoryName, commit: CommitInfo): ApiCommit = apply(git, repositoryName, commit, true)
 }
--- a/src/main/scala/gitbucket/core/api/ApiContents.scala
+++ b/src/main/scala/gitbucket/core/api/ApiContents.scala
@@ -0,0 +1,11 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.JGitUtil.FileInfo
+
+case class ApiContents(`type`: String, name: String)
+
+object ApiContents{
+  def apply(fileInfo: FileInfo): ApiContents =
+    if(fileInfo.isDirectory) ApiContents("dir", fileInfo.name)
+    else ApiContents("file", fileInfo.name)
+}
--- a/src/main/scala/gitbucket/core/api/ApiEndPoint.scala
+++ b/src/main/scala/gitbucket/core/api/ApiEndPoint.scala
@@ -0,0 +1,3 @@
+package gitbucket.core.api
+
+case class ApiEndPoint(rate_limit_url: ApiPath = ApiPath("/api/v3/rate_limit"))
--- a/src/main/scala/gitbucket/core/api/ApiIssue.scala
+++ b/src/main/scala/gitbucket/core/api/ApiIssue.scala
@@ -17,9 +17,19 @@ case class ApiIssue(
  state: String,
  created_at: Date,
  updated_at: Date,
-  body: String)(repositoryName: RepositoryName){
+  body: String)(repositoryName: RepositoryName, isPullRequest: Boolean){
  val comments_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/issues/${number}/comments")
-  val html_url = ApiPath(s"/${repositoryName.fullName}/issues/${number}")
+  val html_url = ApiPath(s"/${repositoryName.fullName}/${if(isPullRequest){ "pull" }else{ "issues" }}/${number}")
+  val pull_request = if (isPullRequest) {
+    Some(Map(
+      "url" -> ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/${number}"),
+      "html_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}")
+      // "diff_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}.diff"),
+      // "patch_url" -> ApiPath(s"/${repositoryName.fullName}/pull/${number}.patch")
+    ))
+  } else {
+    None
+  }
 }

 object ApiIssue{
@@ -31,5 +41,5 @@ object ApiIssue{
      state  = if(issue.closed){ "closed" }else{ "open" },
      body   = issue.content.getOrElse(""),
      created_at = issue.registeredDate,
-      updated_at = issue.updatedDate)(repositoryName)
+      updated_at = issue.updatedDate)(repositoryName, issue.isPullRequest)
 }
--- a/src/main/scala/gitbucket/core/api/ApiLabel.scala
+++ b/src/main/scala/gitbucket/core/api/ApiLabel.scala
@@ -0,0 +1,21 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Label
+import gitbucket.core.util.RepositoryName
+
+/**
+  * https://developer.github.com/v3/issues/labels/
+  */
+case class ApiLabel(
+  name: String,
+  color: String)(repositoryName: RepositoryName){
+  var url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/labels/${name}")
+}
+
+object ApiLabel{
+  def apply(label:Label, repositoryName: RepositoryName): ApiLabel =
+    ApiLabel(
+      name = label.labelName,
+      color = label.color
+    )(repositoryName)
+}
--- a/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPullRequest.scala
@@ -31,7 +31,8 @@ case class ApiPullRequest(
 }

 object ApiPullRequest{
-  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest = ApiPullRequest(
+  def apply(issue: Issue, pullRequest: PullRequest, headRepo: ApiRepository, baseRepo: ApiRepository, user: ApiUser): ApiPullRequest =
+    ApiPullRequest(
      number     = issue.issueId,
      updated_at = issue.updatedDate,
      created_at = issue.registeredDate,
--- a/src/main/scala/gitbucket/core/api/ApiPullRequestReviewComment.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPullRequestReviewComment.scala
@@ -0,0 +1,61 @@
+package gitbucket.core.api
+
+import gitbucket.core.util.RepositoryName
+import gitbucket.core.model.CommitComment
+
+import java.util.Date
+
+/**
+ * https://developer.github.com/v3/activity/events/types/#pullrequestreviewcommentevent
+ */
+case class ApiPullRequestReviewComment(
+  id: Int, // 29724692
+  // "diff_hunk": "@@ -1 +1 @@\n-# public-repo",
+  path: String, // "README.md",
+  // "position": 1,
+  // "original_position": 1,
+  commit_id: String, // "0d1a26e67d8f5eaf1f6ba5c57fc3c7d91ac0fd1c",
+  // "original_commit_id": "0d1a26e67d8f5eaf1f6ba5c57fc3c7d91ac0fd1c",
+  user: ApiUser,
+  body: String, // "Maybe you should use more emojji on this line.",
+  created_at: Date,  // "2015-05-05T23:40:27Z",
+  updated_at: Date // "2015-05-05T23:40:27Z",
+)(repositoryName:RepositoryName, issueId: Int) extends FieldSerializable {
+  // "url": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/comments/29724692",
+  val url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/comments/${id}")
+  // "html_url": "https://github.com/baxterthehacker/public-repo/pull/1#discussion_r29724692",
+  val html_url = ApiPath(s"/${repositoryName.fullName}/pull/${issueId}#discussion_r${id}")
+  // "pull_request_url": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/1",
+  val pull_request_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/pulls/${issueId}")
+
+  /*
+    "_links": {
+      "self": {
+        "href": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/comments/29724692"
+      },
+      "html": {
+        "href": "https://github.com/baxterthehacker/public-repo/pull/1#discussion_r29724692"
+      },
+      "pull_request": {
+        "href": "https://api.github.com/repos/baxterthehacker/public-repo/pulls/1"
+      }
+    }
+  */
+  val _links = Map(
+    "self" -> Map("href" -> url),
+    "html" -> Map("href" -> html_url),
+    "pull_request" -> Map("href" -> pull_request_url))
+}
+
+object ApiPullRequestReviewComment{
+  def apply(comment: CommitComment, commentedUser: ApiUser, repositoryName: RepositoryName, issueId: Int): ApiPullRequestReviewComment =
+    new ApiPullRequestReviewComment(
+     id = comment.commentId,
+     path = comment.fileName.getOrElse(""),
+     commit_id = comment.commitId,
+     user = commentedUser,
+     body = comment.content,
+     created_at = comment.registeredDate,
+     updated_at = comment.updatedDate
+  )(repositoryName, issueId)
+}
--- a/src/main/scala/gitbucket/core/api/ApiPusher.scala
+++ b/src/main/scala/gitbucket/core/api/ApiPusher.scala
@@ -0,0 +1,11 @@
+package gitbucket.core.api
+
+import gitbucket.core.model.Account
+
+case class ApiPusher(name: String, email: String)
+
+object ApiPusher {
+  def apply(user: Account): ApiPusher = ApiPusher(
+    name  = user.userName,
+    email = user.mailAddress)
+}
--- a/src/main/scala/gitbucket/core/api/ApiRef.scala
+++ b/src/main/scala/gitbucket/core/api/ApiRef.scala
@@ -0,0 +1,5 @@
+package gitbucket.core.api
+
+case class ApiObject(sha: String)
+
+case class ApiRef(ref: String, `object`: ApiObject)
--- a/src/main/scala/gitbucket/core/api/ApiRepository.scala
+++ b/src/main/scala/gitbucket/core/api/ApiRepository.scala
@@ -13,10 +13,14 @@ case class ApiRepository(
  forks: Int,
  `private`: Boolean,
  default_branch: String,
-  owner: ApiUser) {
-  val forks_count   = forks
-  val watchers_coun = watchers
-  val url       = ApiPath(s"/api/v3/repos/${full_name}")
+  owner: ApiUser)(urlIsHtmlUrl: Boolean) {
+  val forks_count = forks
+  val watchers_count = watchers
+  val url = if(urlIsHtmlUrl){
+    ApiPath(s"/${full_name}")
+  } else {
+    ApiPath(s"/api/v3/repos/${full_name}")
+  }
  val http_url  = ApiPath(s"/git/${full_name}.git")
  val clone_url = ApiPath(s"/git/${full_name}.git")
  val html_url  = ApiPath(s"/${full_name}")
@@ -27,17 +31,18 @@ object ApiRepository{
      repository: Repository,
      owner: ApiUser,
      forkedCount: Int =0,
-      watchers: Int = 0): ApiRepository =
+      watchers: Int = 0,
+      urlIsHtmlUrl: Boolean = false): ApiRepository =
    ApiRepository(
-      name        = repository.repositoryName,
-      full_name   = s"${repository.userName}/${repository.repositoryName}",
-      description = repository.description.getOrElse(""),
-      watchers    = 0,
-      forks       = forkedCount,
-      `private`   = repository.isPrivate,
+      name           = repository.repositoryName,
+      full_name      = s"${repository.userName}/${repository.repositoryName}",
+      description    = repository.description.getOrElse(""),
+      watchers       = 0,
+      forks          = forkedCount,
+      `private`      = repository.isPrivate,
      default_branch = repository.defaultBranch,
-      owner       = owner
-    )
+      owner          = owner
+    )(urlIsHtmlUrl)

  def apply(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =
    ApiRepository(repositoryInfo.repository, owner, forkedCount=repositoryInfo.forkedCount)
@@ -45,4 +50,7 @@ object ApiRepository{
  def apply(repositoryInfo: RepositoryInfo, owner: Account): ApiRepository =
    this(repositoryInfo.repository, ApiUser(owner))

+  def forPushPayload(repositoryInfo: RepositoryInfo, owner: ApiUser): ApiRepository =
+    ApiRepository(repositoryInfo.repository, owner, forkedCount=repositoryInfo.forkedCount, urlIsHtmlUrl=true)
+
 }
--- a/src/main/scala/gitbucket/core/api/ApiUser.scala
+++ b/src/main/scala/gitbucket/core/api/ApiUser.scala
@@ -13,6 +13,7 @@ case class ApiUser(
  created_at: Date) {
  val url                 = ApiPath(s"/api/v3/users/${login}")
  val html_url            = ApiPath(s"/${login}")
+  val avatar_url          = ApiPath(s"/${login}/_avatar")
  // val followers_url       = ApiPath(s"/api/v3/users/${login}/followers")
  // val following_url       = ApiPath(s"/api/v3/users/${login}/following{/other_user}")
  // val gists_url           = ApiPath(s"/api/v3/users/${login}/gists{/gist_id}")
--- a/src/main/scala/gitbucket/core/api/CreateALabel.scala
+++ b/src/main/scala/gitbucket/core/api/CreateALabel.scala
@@ -0,0 +1,18 @@
+package gitbucket.core.api
+
+/**
+  * https://developer.github.com/v3/issues/labels/#create-a-label
+  * api form
+  */
+case class CreateALabel(
+    name: String,
+    color: String
+) {
+  def isValid: Boolean = {
+    name.length<=100 &&
+      !name.startsWith("_") &&
+      !name.startsWith("-") &&
+      color.length==6 &&
+      color.matches("[a-fA-F0-9+_.]+")
+  }
+}
--- a/src/main/scala/gitbucket/core/api/CreateARepository.scala
+++ b/src/main/scala/gitbucket/core/api/CreateARepository.scala
@@ -0,0 +1,19 @@
+package gitbucket.core.api
+
+/**
+ * https://developer.github.com/v3/repos/#create
+ * api form
+ */
+case class CreateARepository(
+    name: String,
+    description: Option[String],
+    `private`: Boolean = false,
+    auto_init: Boolean = false
+) {
+  def isValid: Boolean = {
+    name.length<=40 &&
+        name.matches("[a-zA-Z0-9\\-\\+_.]+") &&
+        !name.startsWith("_") &&
+        !name.startsWith("-")
+  }
+}
--- a/src/main/scala/gitbucket/core/api/FieldSerializable.scala
+++ b/src/main/scala/gitbucket/core/api/FieldSerializable.scala
@@ -0,0 +1,4 @@
+package gitbucket.core.api
+
+/** export fields for json */
+trait FieldSerializable
--- a/src/main/scala/gitbucket/core/api/JsonFormat.scala
+++ b/src/main/scala/gitbucket/core/api/JsonFormat.scala
@@ -5,40 +5,50 @@ import org.joda.time.DateTimeZone
 import org.joda.time.format._
 import org.json4s._
 import org.json4s.jackson.Serialization
-
 import java.util.Date
-
 import scala.util.Try

-
 object JsonFormat {
-  case class Context(baseUrl:String)
+
+  case class Context(baseUrl: String)
+
  val parserISO = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss'Z'")
+
  val jsonFormats = Serialization.formats(NoTypeHints) + new CustomSerializer[Date](format =>
    (
-      { case JString(s) => Try(parserISO.parseDateTime(s)).toOption.map(_.toDate)
-        .getOrElse(throw new MappingException("Can't convert " + s + " to Date")) },
+      { case JString(s) => Try(parserISO.parseDateTime(s)).toOption.map(_.toDate).getOrElse(throw new MappingException("Can't convert " + s + " to Date")) },
      { case x: Date => JString(parserISO.print(new DateTime(x).withZone(DateTimeZone.UTC))) }
    )
-  ) + FieldSerializer[ApiUser]() + FieldSerializer[ApiPullRequest]() + FieldSerializer[ApiRepository]() +
-    FieldSerializer[ApiCommitListItem.Parent]() + FieldSerializer[ApiCommitListItem]() + FieldSerializer[ApiCommitListItem.Commit]() +
-    FieldSerializer[ApiCommitStatus]() + FieldSerializer[ApiCommit]() + FieldSerializer[ApiCombinedCommitStatus]() +
-    FieldSerializer[ApiPullRequest.Commit]() + FieldSerializer[ApiIssue]() + FieldSerializer[ApiComment]()
-
+  ) + FieldSerializer[ApiUser]() +
+    FieldSerializer[ApiPullRequest]() +
+    FieldSerializer[ApiRepository]() +
+    FieldSerializer[ApiCommitListItem.Parent]() +
+    FieldSerializer[ApiCommitListItem]() +
+    FieldSerializer[ApiCommitListItem.Commit]() +
+    FieldSerializer[ApiCommitStatus]() +
+    FieldSerializer[FieldSerializable]() +
+    FieldSerializer[ApiCombinedCommitStatus]() +
+    FieldSerializer[ApiPullRequest.Commit]() +
+    FieldSerializer[ApiIssue]() +
+    FieldSerializer[ApiComment]() +
+    FieldSerializer[ApiLabel]() +
+    ApiBranchProtection.enforcementLevelSerializer

  def apiPathSerializer(c: Context) = new CustomSerializer[ApiPath](format =>
-      (
-        {
-          case JString(s) if s.startsWith(c.baseUrl) => ApiPath(s.substring(c.baseUrl.length))
-          case JString(s) => throw new MappingException("Can't convert " + s + " to ApiPath")
-        },
-        {
-          case ApiPath(path) => JString(c.baseUrl+path)
-        }
-      )
+    (
+      {
+        case JString(s) if s.startsWith(c.baseUrl) => ApiPath(s.substring(c.baseUrl.length))
+        case JString(s) => throw new MappingException("Can't convert " + s + " to ApiPath")
+      },
+      {
+        case ApiPath(path) => JString(c.baseUrl + path)
+      }
    )
+  )
+
  /**
   * convert object to json string
   */
  def apply(obj: AnyRef)(implicit c: Context): String = Serialization.write(obj)(jsonFormats + apiPathSerializer(c))
+
 }
--- a/src/main/scala/gitbucket/core/controller/AccountController.scala
+++ b/src/main/scala/gitbucket/core/controller/AccountController.scala
@@ -1,7 +1,6 @@
 package gitbucket.core.controller

 import gitbucket.core.account.html
-import gitbucket.core.api._
 import gitbucket.core.helper
 import gitbucket.core.model.GroupMember
 import gitbucket.core.service._
@@ -12,24 +11,21 @@ import gitbucket.core.util.Implicits._
 import gitbucket.core.util.StringUtil._
 import gitbucket.core.util._

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
-import org.eclipse.jgit.api.Git
-import org.eclipse.jgit.dircache.DirCache
-import org.eclipse.jgit.lib.{FileMode, Constants}
 import org.scalatra.i18n.Messages


 class AccountController extends AccountControllerBase
  with AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
  with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
-  with AccessTokenService with WebHookService
+  with AccessTokenService with WebHookService with RepositoryCreationService


 trait AccountControllerBase extends AccountManagementControllerBase {
  self: AccountService with RepositoryService with ActivityService with WikiService with LabelsService with SshKeyService
    with OneselfAuthenticator with UsersAuthenticator with GroupManagerAuthenticator with ReadableUsersAuthenticator
-    with AccessTokenService with WebHookService =>
+    with AccessTokenService with WebHookService with RepositoryCreationService =>

  case class AccountNewForm(userName: String, password: String, fullName: String, mailAddress: String,
                            url: Option[String], fileId: Option[String])
@@ -90,8 +86,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  case class ForkRepositoryForm(owner: String, name: String)

  val newRepositoryForm = mapping(
-    "owner"        -> trim(label("Owner"          , text(required, maxlength(40), identifier, existsAccount))),
-    "name"         -> trim(label("Repository name", text(required, maxlength(40), repository, uniqueRepository))),
+    "owner"        -> trim(label("Owner"          , text(required, maxlength(100), identifier, existsAccount))),
+    "name"         -> trim(label("Repository name", text(required, maxlength(100), repository, uniqueRepository))),
    "description"  -> trim(label("Description"    , optional(text()))),
    "isPrivate"    -> trim(label("Repository Type", boolean())),
    "createReadme" -> trim(label("Create README"  , boolean()))
@@ -133,7 +129,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
          val members = getGroupMembers(account.userName)
          gitbucket.core.account.html.repositories(account,
            if(account.isGroupAccount) Nil else getGroupsByUserName(userName),
-            getVisibleRepositories(context.loginAccount, context.baseUrl, Some(userName)),
+            getVisibleRepositories(context.loginAccount, Some(userName)),
            context.loginAccount.exists(x => members.exists { member => member.userName == x.userName && member.isManager }))
        }
      }
@@ -156,29 +152,10 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    }
  }

-  /**
-   * https://developer.github.com/v3/users/#get-a-single-user
-   */
-  get("/api/v3/users/:userName") {
-    getAccountByUserName(params("userName")).map { account =>
-      JsonFormat(ApiUser(account))
-    } getOrElse NotFound
-  }
-
-  /**
-   * https://developer.github.com/v3/users/#get-the-authenticated-user
-   */
-  get("/api/v3/user") {
-    context.loginAccount.map { account =>
-      JsonFormat(ApiUser(account))
-    } getOrElse Unauthorized
-  }
-
-
  get("/:userName/_edit")(oneselfOnly {
    val userName = params("userName")
    getAccountByUserName(userName).map { x =>
-      html.edit(x, flash.get("info"))
+      html.edit(x, flash.get("info"), flash.get("error"))
    } getOrElse NotFound
  })

@@ -201,7 +178,11 @@ trait AccountControllerBase extends AccountManagementControllerBase {
  get("/:userName/_delete")(oneselfOnly {
    val userName = params("userName")

-    getAccountByUserName(userName, true).foreach { account =>
+    getAccountByUserName(userName, true).map { account =>
+      if(isLastAdministrator(account)){
+        flash += "error" -> "Account can't be removed because this is last one administrator."
+        redirect(s"/${userName}/_edit")
+      } else {
 //      // Remove repositories
 //      getRepositoryNamesOfUser(userName).foreach { repositoryName =>
 //        deleteRepository(userName, repositoryName)
@@ -210,13 +191,12 @@ trait AccountControllerBase extends AccountManagementControllerBase {
 //        FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
 //      }
 //      // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-//      removeUserRelatedData(userName)
-
-      updateAccount(account.copy(isRemoved = true))
-    }
-
-    session.invalidate
-    redirect("/")
+        removeUserRelatedData(userName)
+        updateAccount(account.copy(isRemoved = true))
+        session.invalidate
+        redirect("/")
+      }
+    } getOrElse NotFound
  })

  get("/:userName/_ssh")(oneselfOnly {
@@ -365,57 +345,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   */
  post("/new", newRepositoryForm)(usersOnly { form =>
    LockUtil.lock(s"${form.owner}/${form.name}"){
-      if(getRepository(form.owner, form.name, context.baseUrl).isEmpty){
-        val ownerAccount  = getAccountByUserName(form.owner).get
-        val loginAccount  = context.loginAccount.get
-        val loginUserName = loginAccount.userName
-
-        // Insert to the database at first
-        createRepository(form.name, form.owner, form.description, form.isPrivate)
-
-        // Add collaborators for group repository
-        if(ownerAccount.isGroupAccount){
-          getGroupMembers(form.owner).foreach { member =>
-            addCollaborator(form.owner, form.name, member.userName)
-          }
-        }
-
-        // Insert default labels
-        insertDefaultLabels(form.owner, form.name)
-
-        // Create the actual repository
-        val gitdir = getRepositoryDir(form.owner, form.name)
-        JGitUtil.initRepository(gitdir)
-
-        if(form.createReadme){
-          using(Git.open(gitdir)){ git =>
-            val builder  = DirCache.newInCore.builder()
-            val inserter = git.getRepository.newObjectInserter()
-            val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
-            val content  = if(form.description.nonEmpty){
-              form.name + "\n" +
-              "===============\n" +
-              "\n" +
-              form.description.get
-            } else {
-              form.name + "\n" +
-              "===============\n"
-            }
-
-            builder.add(JGitUtil.createDirCacheEntry("README.md", FileMode.REGULAR_FILE,
-              inserter.insert(Constants.OBJ_BLOB, content.getBytes("UTF-8"))))
-            builder.finish()
-
-            JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
-              Constants.HEAD, loginAccount.fullName, loginAccount.mailAddress, "Initial commit")
-          }
-        }
-
-        // Create Wiki repository
-        createWikiRepository(loginAccount, form.owner, form.name)
-
-        // Record activity
-        recordCreateRepositoryActivity(form.owner, form.name, loginUserName)
+      if(getRepository(form.owner, form.name).isEmpty){
+        createRepository(context.loginAccount.get, form.owner, form.name, form.description, form.isPrivate, form.createReadme)
      }

      // redirect to the repository
@@ -447,7 +378,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    val accountName   = form.accountName

    LockUtil.lock(s"${accountName}/${repository.name}"){
-      if(getRepository(accountName, repository.name, baseUrl).isDefined ||
+      if(getRepository(accountName, repository.name).isDefined ||
          (accountName != loginUserName && !getGroupsByUserName(loginUserName).contains(accountName))){
        // redirect to the repository if repository already exists
        redirect(s"/${accountName}/${repository.name}")
@@ -456,7 +387,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
        val originUserName = repository.repository.originUserName.getOrElse(repository.owner)
        val originRepositoryName = repository.repository.originRepositoryName.getOrElse(repository.name)

-        createRepository(
+        insertRepository(
          repositoryName       = repository.name,
          userName             = accountName,
          description          = repository.repository.description,
@@ -496,15 +427,6 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    }
  })

-  private def insertDefaultLabels(userName: String, repositoryName: String): Unit = {
-    createLabel(userName, repositoryName, "bug", "fc2929")
-    createLabel(userName, repositoryName, "duplicate", "cccccc")
-    createLabel(userName, repositoryName, "enhancement", "84b6eb")
-    createLabel(userName, repositoryName, "invalid", "e6e6e6")
-    createLabel(userName, repositoryName, "question", "cc317c")
-    createLabel(userName, repositoryName, "wontfix", "ffffff")
-  }
-
  private def existsAccount: Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] =
      if(getAccountByUserName(value).isEmpty) Some("User or group does not exist.") else None
@@ -527,8 +449,8 @@ trait AccountControllerBase extends AccountManagementControllerBase {

  private def validPublicKey: Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] = SshUtil.str2PublicKey(value) match {
-     case Some(_) => None
-     case None => Some("Key is invalid.")
+     case Some(_) if !getAllKeys().exists(_.publicKey == value) => None
+     case _ => Some("Key is invalid.")
    }
  }

--- a/src/main/scala/gitbucket/core/controller/ApiController.scala
+++ b/src/main/scala/gitbucket/core/controller/ApiController.scala
@@ -0,0 +1,489 @@
+package gitbucket.core.controller
+
+import gitbucket.core.api._
+import gitbucket.core.model._
+import gitbucket.core.service.IssuesService.IssueSearchCondition
+import gitbucket.core.service.PullRequestService._
+import gitbucket.core.service._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.JGitUtil.{CommitInfo, getFileList, getBranches, getDefaultBranch}
+import gitbucket.core.util._
+import gitbucket.core.util.Implicits._
+import org.eclipse.jgit.api.Git
+import org.scalatra.{NoContent, UnprocessableEntity, Created}
+import scala.collection.JavaConverters._
+
+class ApiController extends ApiControllerBase
+  with RepositoryService
+  with AccountService
+  with ProtectedBranchService
+  with IssuesService
+  with LabelsService
+  with PullRequestService
+  with CommitStatusService
+  with RepositoryCreationService
+  with HandleCommentService
+  with WebHookService
+  with WebHookPullRequestService
+  with WebHookIssueCommentService
+  with WikiService
+  with ActivityService
+  with OwnerAuthenticator
+  with UsersAuthenticator
+  with GroupManagerAuthenticator
+  with ReferrerAuthenticator
+  with ReadableUsersAuthenticator
+  with CollaboratorsAuthenticator
+
+trait ApiControllerBase extends ControllerBase {
+  self: RepositoryService
+    with AccountService
+    with ProtectedBranchService
+    with IssuesService
+    with LabelsService
+    with PullRequestService
+    with CommitStatusService
+    with RepositoryCreationService
+    with HandleCommentService
+    with OwnerAuthenticator
+    with UsersAuthenticator
+    with GroupManagerAuthenticator
+    with ReferrerAuthenticator
+    with ReadableUsersAuthenticator
+    with CollaboratorsAuthenticator =>
+
+  /**
+    * https://developer.github.com/v3/#root-endpoint
+    */
+  get("/api/v3/") {
+    JsonFormat(ApiEndPoint())
+  }
+
+  /**
+    * https://developer.github.com/v3/orgs/#get-an-organization
+    */
+  get("/api/v3/orgs/:groupName") {
+    getAccountByUserName(params("groupName")).filter(account => account.isGroupAccount).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound
+  }
+
+  /**
+   * https://developer.github.com/v3/users/#get-a-single-user
+   */
+  get("/api/v3/users/:userName") {
+    getAccountByUserName(params("userName")).filterNot(account => account.isGroupAccount).map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse NotFound
+  }
+
+  /**
+    * https://developer.github.com/v3/repos/#list-organization-repositories
+    */
+  get("/api/v3/orgs/:orgName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("orgName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+  /**
+   * https://developer.github.com/v3/repos/#list-user-repositories
+   */
+  get("/api/v3/users/:userName/repos") {
+    JsonFormat(getVisibleRepositories(context.loginAccount, Some(params("userName"))).map{ r => ApiRepository(r, getAccountByUserName(r.owner).get)})
+  }
+
+  /*
+   * https://developer.github.com/v3/repos/branches/#list-branches
+   */
+  get ("/api/v3/repos/:owner/:repo/branches")(referrersOnly { repository =>
+    JsonFormat(JGitUtil.getBranches(
+      owner         = repository.owner,
+      name          = repository.name,
+      defaultBranch = repository.repository.defaultBranch,
+      origin        = repository.repository.originUserName.isEmpty
+    ).map { br =>
+        ApiBranchForList(br.name, ApiBranchCommit(br.commitId))
+    })
+  })
+
+  /*
+   * https://developer.github.com/v3/repos/contents/#get-contents
+   */
+  get("/api/v3/repos/:owner/:repo/contents/*")(referrersOnly { repository =>
+    val (id, path) = repository.splitPath(multiParams("splat").head)
+    val refStr = params("ref")
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))){ git =>
+      if (path.isEmpty) {
+        JsonFormat(getFileList(git, refStr, ".").map{f => ApiContents(f)})
+      } else {
+        JsonFormat(getFileList(git, refStr, path).map{f => ApiContents(f)})
+      }
+    }
+  })
+
+  /*
+   * https://developer.github.com/v3/git/refs/#get-a-reference
+   */
+  get("/api/v3/repos/:owner/:repo/git/*") (referrersOnly { repository =>
+    val revstr = multiParams("splat").head
+    using(Git.open(getRepositoryDir(params("owner"), params("repo")))) { git =>
+      //JsonFormat( (revstr, git.getRepository().resolve(revstr)) )
+      // getRef is deprecated by jgit-4.2. use exactRef() or findRef()
+      val sha = git.getRepository().getRef(revstr).getObjectId().name()
+      JsonFormat(ApiRef(revstr, ApiObject(sha)))
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/collaborators/#list-collaborators
+   */
+  get("/api/v3/repos/:owner/:repo/collaborators") (referrersOnly { repository =>
+    JsonFormat(getCollaborators(params("owner"), params("repo")).map(u => ApiUser(getAccountByUserName(u).get)))
+  })
+
+  /**
+   * https://developer.github.com/v3/users/#get-the-authenticated-user
+   */
+  get("/api/v3/user") {
+    context.loginAccount.map { account =>
+      JsonFormat(ApiUser(account))
+    } getOrElse Unauthorized
+  }
+
+  /**
+   * List user's own repository
+   * https://developer.github.com/v3/repos/#list-your-repositories
+   */
+  get("/api/v3/user/repos")(usersOnly{
+    JsonFormat(getVisibleRepositories(context.loginAccount, Option(context.loginAccount.get.userName)).map{
+      r => ApiRepository(r, getAccountByUserName(r.owner).get)
+    })
+  })
+
+  /**
+   * Create user repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/user/repos")(usersOnly {
+    val owner = context.loginAccount.get.userName
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${owner}/${data.name}") {
+        if(getRepository(owner, data.name).isEmpty){
+          createRepository(context.loginAccount.get, owner, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(owner, data.name).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(owner).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists on this account",
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound
+  })
+
+  /**
+   * Create group repository
+   * https://developer.github.com/v3/repos/#create
+   */
+  post("/api/v3/orgs/:org/repos")(managersOnly {
+    val groupName = params("org")
+    (for {
+      data <- extractFromJsonBody[CreateARepository] if data.isValid
+    } yield {
+      LockUtil.lock(s"${groupName}/${data.name}") {
+        if(getRepository(groupName, data.name).isEmpty){
+          createRepository(context.loginAccount.get, groupName, data.name, data.description, data.`private`, data.auto_init)
+          val repository = getRepository(groupName, data.name).get
+          JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(groupName).get)))
+        } else {
+          ApiError(
+            "A repository with this name already exists for this group",
+            Some("https://developer.github.com/v3/repos/#create")
+          )
+        }
+      }
+    }) getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/#enabling-and-disabling-branch-protection
+   */
+  patch("/api/v3/repos/:owner/:repo/branches/:branch")(ownerOnly { repository =>
+    import gitbucket.core.api._
+    (for{
+      branch <- params.get("branch") if repository.branchList.find(_ == branch).isDefined
+      protection <- extractFromJsonBody[ApiBranchProtection.EnablingAndDisabling].map(_.protection)
+    } yield {
+      if(protection.enabled){
+        enableBranchProtection(repository.owner, repository.name, branch, protection.status.enforcement_level == ApiBranchProtection.Everyone, protection.status.contexts)
+      } else {
+        disableBranchProtection(repository.owner, repository.name, branch)
+      }
+      JsonFormat(ApiBranch(branch, protection)(RepositoryName(repository)))
+    }) getOrElse NotFound
+  })
+
+  /**
+   * @see https://developer.github.com/v3/rate_limit/#get-your-current-rate-limit-status
+   * but not enabled.
+   */
+  get("/api/v3/rate_limit"){
+    contentType = formats("json")
+    // this message is same as github enterprise...
+    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
+  }
+
+  /**
+   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
+   */
+  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
+    (for{
+      issueId <- params("id").toIntOpt
+      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
+    } yield {
+      JsonFormat(comments.map{ case (issueComment, user, issue) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user), issue.isPullRequest) })
+    }).getOrElse(NotFound)
+  })
+
+  /**
+   * https://developer.github.com/v3/issues/comments/#create-a-comment
+   */
+  post("/api/v3/repos/:owner/:repository/issues/:id/comments")(readableUsersOnly { repository =>
+    (for{
+      issueId      <- params("id").toIntOpt
+      issue        <- getIssue(repository.owner, repository.name, issueId.toString)
+      body         <- extractFromJsonBody[CreateAComment].map(_.body) if ! body.isEmpty
+      action       =  params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      (issue, id)  <- handleComment(issue, Some(body), repository, action)
+      issueComment <- getComment(repository.owner, repository.name, id.toString())
+    } yield {
+      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get), issue.isPullRequest))
+    }) getOrElse NotFound
+  })
+
+  /**
+   * List all labels for this repository
+   * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
+   */
+  get("/api/v3/repos/:owner/:repository/labels")(referrersOnly { repository =>
+    JsonFormat(getLabels(repository.owner, repository.name).map { label =>
+      ApiLabel(label, RepositoryName(repository))
+    })
+  })
+
+  /**
+   * Get a single label
+   * https://developer.github.com/v3/issues/labels/#get-a-single-label
+   */
+  get("/api/v3/repos/:owner/:repository/labels/:labelName")(referrersOnly { repository =>
+    getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+      JsonFormat(ApiLabel(label, RepositoryName(repository)))
+    } getOrElse NotFound()
+  })
+
+  /**
+   * Create a label
+   * https://developer.github.com/v3/issues/labels/#create-a-label
+   */
+  post("/api/v3/repos/:owner/:repository/labels")(collaboratorsOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+          val labelId = createLabel(repository.owner, repository.name, data.name, data.color)
+          getLabel(repository.owner, repository.name, labelId).map { label =>
+            Created(JsonFormat(ApiLabel(label, RepositoryName(repository))))
+          } getOrElse NotFound()
+        } else {
+          // TODO ApiError should support errors field to enhance compatibility of GitHub API
+          UnprocessableEntity(ApiError(
+            "Validation Failed",
+            Some("https://developer.github.com/v3/issues/labels/#create-a-label")
+          ))
+        }
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * Update a label
+   * https://developer.github.com/v3/issues/labels/#update-a-label
+   */
+  patch("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+    (for{
+      data <- extractFromJsonBody[CreateALabel] if data.isValid
+    } yield {
+      LockUtil.lock(RepositoryName(repository).fullName) {
+        getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+          if (getLabel(repository.owner, repository.name, data.name).isEmpty) {
+            updateLabel(repository.owner, repository.name, label.labelId, data.name, data.color)
+            JsonFormat(ApiLabel(
+              getLabel(repository.owner, repository.name, label.labelId).get,
+              RepositoryName(repository)))
+          } else {
+            // TODO ApiError should support errors field to enhance compatibility of GitHub API
+            UnprocessableEntity(ApiError(
+              "Validation Failed",
+              Some("https://developer.github.com/v3/issues/labels/#create-a-label")))
+          }
+        } getOrElse NotFound()
+      }
+    }) getOrElse NotFound()
+  })
+
+  /**
+   * Delete a label
+   * https://developer.github.com/v3/issues/labels/#delete-a-label
+   */
+  delete("/api/v3/repos/:owner/:repository/labels/:labelName")(collaboratorsOnly { repository =>
+    LockUtil.lock(RepositoryName(repository).fullName) {
+      getLabel(repository.owner, repository.name, params("labelName")).map { label =>
+        deleteLabel(repository.owner, repository.name, label.labelId)
+        NoContent()
+      } getOrElse NotFound()
+    }
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-pull-requests
+   */
+  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
+    val page = IssueSearchCondition.page(request)
+    // TODO: more api spec condition
+    val condition = IssueSearchCondition(request)
+    val baseOwner = getAccountByUserName(repository.owner).get
+
+    val issues: List[(Issue, Account, Int, PullRequest, Repository, Account)] =
+      searchPullRequestByApi(
+        condition = condition,
+        offset    = (page - 1) * PullRequestLimit,
+        limit     = PullRequestLimit,
+        repos     = repository.owner -> repository.name
+      )
+
+    JsonFormat(issues.map { case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
+      ApiPullRequest(
+        issue,
+        pullRequest,
+        ApiRepository(headRepo, ApiUser(headOwner)),
+        ApiRepository(repository, ApiUser(baseOwner)),
+        ApiUser(issueUser)
+      )
+    })
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#get-a-single-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
+    (for{
+      issueId <- params("id").toIntOpt
+      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
+      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
+      baseOwner <- users.get(repository.owner)
+      headOwner <- users.get(pullRequest.requestUserName)
+      issueUser <- users.get(issue.openedUserName)
+      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
+    } yield {
+      JsonFormat(ApiPullRequest(
+        issue,
+        pullRequest,
+        ApiRepository(headRepo, ApiUser(headOwner)),
+        ApiRepository(repository, ApiUser(baseOwner)),
+        ApiUser(issueUser)))
+    }).getOrElse(NotFound)
+  })
+
+  /**
+   * https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request
+   */
+  get("/api/v3/repos/:owner/:repository/pulls/:id/commits")(referrersOnly { repository =>
+    val owner = repository.owner
+    val name = repository.name
+    params("id").toIntOpt.flatMap{ issueId =>
+      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
+        using(Git.open(getRepositoryDir(owner, name))){ git =>
+          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
+          val newId = git.getRepository.resolve(pullreq.commitIdTo)
+          val repoFullName = RepositoryName(repository)
+          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
+          JsonFormat(commits)
+        }
+      }
+    } getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/#get
+   */
+  get("/api/v3/repos/:owner/:repository")(referrersOnly { repository =>
+    JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(repository.owner).get)))
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#create-a-status
+   */
+  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
+    (for{
+      ref <- params.get("sha")
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+      data <- extractFromJsonBody[CreateAStatus] if data.isValid
+      creator <- context.loginAccount
+      state <- CommitState.valueOf(data.state)
+      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
+        state, data.target_url, data.description, new java.util.Date(), creator)
+      status <- getCommitStatus(repository.owner, repository.name, statusId)
+    } yield {
+      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
+    }) getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  val listStatusesRoute = get("/api/v3/repos/:owner/:repo/commits/:ref/statuses")(referrersOnly { repository =>
+    (for{
+      ref <- params.get("ref")
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
+        ApiCommitStatus(status, ApiUser(creator))
+      })
+    }) getOrElse NotFound
+  })
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
+   *
+   * legacy route
+   */
+  get("/api/v3/repos/:owner/:repo/statuses/:ref"){
+    listStatusesRoute.action()
+  }
+
+  /**
+   * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
+   *
+   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
+   */
+  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
+    (for{
+      ref <- params.get("ref")
+      owner <- getAccountByUserName(repository.owner)
+      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
+    } yield {
+      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
+      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
+    }) getOrElse NotFound
+  })
+
+  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
+    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+
+}
+
--- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala
+++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala
@@ -8,7 +8,7 @@ import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util._

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.json4s._
 import org.scalatra._
@@ -28,7 +28,11 @@ abstract class ControllerBase extends ScalatraFilter
  with ClientSideValidationFormSupport with JacksonJsonSupport with I18nSupport with FlashMapSupport with Validations
  with SystemSettingsService {

-  implicit val jsonFormats = DefaultFormats
+  implicit val jsonFormats = gitbucket.core.api.JsonFormat.jsonFormats
+
+  before("/api/v3/*") {
+    contentType = formats("json")
+  }

 // TODO Scala 2.11
 //  // Don't set content type via Accept header.
@@ -176,11 +180,17 @@ abstract class ControllerBase extends ScalatraFilter
 * Context object for the current request.
 */
 case class Context(settings: SystemSettingsService.SystemSettings, loginAccount: Option[Account], request: HttpServletRequest){
-
  val path = settings.baseUrl.getOrElse(request.getContextPath)
  val currentPath = request.getRequestURI.substring(request.getContextPath.length)
  val baseUrl = settings.baseUrl(request)
  val host = new java.net.URL(baseUrl).getHost
+  val platform = request.getHeader("User-Agent") match {
+    case null => null
+    case agent if agent.contains("Mac") => "mac"
+    case agent if agent.contains("Linux") => "linux"
+    case agent if agent.contains("Win") => "windows"
+    case _ => null
+  }

  /**
   * Get object from cache.
--- a/src/main/scala/gitbucket/core/controller/DashboardController.scala
+++ b/src/main/scala/gitbucket/core/controller/DashboardController.scala
@@ -83,9 +83,9 @@ trait DashboardControllerBase extends ControllerBase {
    } else session.getAs[IssueSearchCondition](key).getOrElse(IssueSearchCondition()))

    filter match {
-      case "assigned"  => condition.copy(assigned = Some(userName), author = None          , mentioned = None)
-      case "mentioned" => condition.copy(assigned = None          , author = None          , mentioned = Some(userName))
-      case _           => condition.copy(assigned = None          , author = Some(userName), mentioned = None)
+      case "assigned"  => condition.copy(assigned = Some(Some(userName)), author = None, mentioned = None)
+      case "mentioned" => condition.copy(assigned = None, author = None, mentioned = Some(userName))
+      case _           => condition.copy(assigned = None, author = Some(userName), mentioned = None)
    }
  }

@@ -94,7 +94,7 @@ trait DashboardControllerBase extends ControllerBase {

    val userName  = context.loginAccount.get.userName
    val condition = getOrCreateCondition(Keys.Session.DashboardIssues, filter, userName)
-    val userRepos = getUserRepositories(userName, context.baseUrl, true).map(repo => repo.owner -> repo.name)
+    val userRepos = getUserRepositories(userName, true).map(repo => repo.owner -> repo.name)
    val page      = IssueSearchCondition.page(request)

    html.issues(
@@ -103,12 +103,14 @@ trait DashboardControllerBase extends ControllerBase {
      countIssue(condition.copy(state = "open"  ), false, userRepos: _*),
      countIssue(condition.copy(state = "closed"), false, userRepos: _*),
      filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
        case "mentioned" => condition.copy(mentioned = Some(userName))
        case _           => condition.copy(author    = Some(userName))
      },
      filter,
-      getGroupNames(userName))
+      getGroupNames(userName),
+      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      getUserRepositories(userName, withoutPhysicalInfo = true))
  }

  private def searchPullRequests(filter: String) = {
@@ -126,12 +128,14 @@ trait DashboardControllerBase extends ControllerBase {
      countIssue(condition.copy(state = "open"  ), true, allRepos: _*),
      countIssue(condition.copy(state = "closed"), true, allRepos: _*),
      filter match {
-        case "assigned"  => condition.copy(assigned  = Some(userName))
+        case "assigned"  => condition.copy(assigned  = Some(Some(userName)))
        case "mentioned" => condition.copy(mentioned = Some(userName))
        case _           => condition.copy(author    = Some(userName))
      },
      filter,
-      getGroupNames(userName))
+      getGroupNames(userName),
+      getVisibleRepositories(context.loginAccount, withoutPhysicalInfo = true),
+      getUserRepositories(userName, withoutPhysicalInfo = true))
  }


--- a/src/main/scala/gitbucket/core/controller/FileUploadController.scala
+++ b/src/main/scala/gitbucket/core/controller/FileUploadController.scala
@@ -1,38 +1,109 @@
 package gitbucket.core.controller

-import gitbucket.core.util.{Keys, FileUtil}
+import gitbucket.core.model.Account
+import gitbucket.core.service.{AccountService, RepositoryService}
+import gitbucket.core.servlet.Database
+import gitbucket.core.util._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Directory._
+import gitbucket.core.util.Implicits._
+import org.eclipse.jgit.api.Git
+import org.eclipse.jgit.dircache.DirCache
+import org.eclipse.jgit.lib.{FileMode, Constants}
+import org.scalatra
 import org.scalatra._
 import org.scalatra.servlet.{MultipartConfig, FileUploadSupport, FileItem}
-import org.apache.commons.io.FileUtils
+import org.apache.commons.io.{IOUtils, FileUtils}

 /**
 * Provides Ajax based file upload functionality.
 *
 * This servlet saves uploaded file.
 */
-class FileUploadController extends ScalatraServlet with FileUploadSupport {
+class FileUploadController extends ScalatraServlet with FileUploadSupport with RepositoryService with AccountService {

  configureMultipartHandling(MultipartConfig(maxFileSize = Some(3 * 1024 * 1024)))

  post("/image"){
-    execute { (file, fileId) =>
+    execute({ (file, fileId) =>
      FileUtils.writeByteArrayToFile(new java.io.File(getTemporaryDir(session.getId), fileId), file.get)
      session += Keys.Session.Upload(fileId) -> file.name
-    }
+    }, FileUtil.isImage)
  }

-  post("/image/:owner/:repository"){
-    execute { (file, fileId) =>
+  post("/file/:owner/:repository"){
+    execute({ (file, fileId) =>
      FileUtils.writeByteArrayToFile(new java.io.File(
        getAttachedDir(params("owner"), params("repository")),
        fileId + "." + FileUtil.getExtension(file.getName)), file.get)
+    }, FileUtil.isUploadableType)
+  }
+
+  post("/wiki/:owner/:repository"){
+    // Don't accept not logged-in users
+    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account =>
+      val owner      = params("owner")
+      val repository = params("repository")
+
+      // Check whether logged-in user is collaborator
+      collaboratorsOnly(owner, repository, loginAccount){
+        execute({ (file, fileId) =>
+          val fileName   = file.getName
+          LockUtil.lock(s"${owner}/${repository}/wiki") {
+            using(Git.open(Directory.getWikiRepositoryDir(owner, repository))) { git =>
+              val builder  = DirCache.newInCore.builder()
+              val inserter = git.getRepository.newObjectInserter()
+              val headId   = git.getRepository.resolve(Constants.HEAD + "^{commit}")
+
+              if(headId != null){
+                JGitUtil.processTree(git, headId){ (path, tree) =>
+                  if(path != fileName){
+                    builder.add(JGitUtil.createDirCacheEntry(path, tree.getEntryFileMode, tree.getEntryObjectId))
+                  }
+                }
+              }
+
+              val bytes = IOUtils.toByteArray(file.getInputStream)
+              builder.add(JGitUtil.createDirCacheEntry(fileName, FileMode.REGULAR_FILE, inserter.insert(Constants.OBJ_BLOB, bytes)))
+              builder.finish()
+
+              val newHeadId = JGitUtil.createNewCommit(git, inserter, headId, builder.getDirCache.writeTree(inserter),
+                Constants.HEAD, loginAccount.userName, loginAccount.mailAddress, s"Uploaded ${fileName}")
+
+              fileName
+            }
+          }
+        }, FileUtil.isUploadableType)
+      }
+    } getOrElse BadRequest
+  }
+
+  post("/import") {
+    session.get(Keys.Session.LoginAccount).collect { case loginAccount: Account if loginAccount.isAdmin =>
+      execute({ (file, fileId) =>
+        if(file.getName.endsWith(".xml")){
+          import JDBCUtil._
+          val conn = request2Session(request).conn
+          conn.importAsXML(file.getInputStream)
+        } else {
+          throw new RuntimeException("Import is available for only the XML file.")
+        }
+      }, _ => true)
+    }
+    redirect("/admin/data")
+  }
+
+  private def collaboratorsOnly(owner: String, repository: String, loginAccount: Account)(action: => Any): Any = {
+    implicit val session = Database.getSession(request)
+    loginAccount match {
+      case x if(x.isAdmin) => action
+      case x if(getCollaborators(owner, repository).contains(x.userName)) => action
+      case _ => BadRequest
    }
  }

-  private def execute(f: (FileItem, String) => Unit) = fileParams.get("file") match {
-    case Some(file) if(FileUtil.isImage(file.name)) =>
+  private def execute(f: (FileItem, String) => Unit, mimeTypeChcker: (String) => Boolean) = fileParams.get("file") match {
+    case Some(file) if(mimeTypeChcker(file.name)) =>
      defining(FileUtil.generateFileId){ fileId =>
        f(file, fileId)

--- a/src/main/scala/gitbucket/core/controller/IndexController.scala
+++ b/src/main/scala/gitbucket/core/controller/IndexController.scala
@@ -1,36 +1,46 @@
 package gitbucket.core.controller

-import gitbucket.core.api._
 import gitbucket.core.helper.xml
-import gitbucket.core.html
 import gitbucket.core.model.Account
-import gitbucket.core.service.{RepositoryService, ActivityService, AccountService}
+import gitbucket.core.service._
 import gitbucket.core.util.Implicits._
-import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator}
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.{LDAPUtil, Keys, UsersAuthenticator, ReferrerAuthenticator, StringUtil}

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._


 class IndexController extends IndexControllerBase 
-  with RepositoryService with ActivityService with AccountService with UsersAuthenticator
+  with RepositoryService with ActivityService with AccountService with RepositorySearchService with IssuesService
+  with UsersAuthenticator with ReferrerAuthenticator


 trait IndexControllerBase extends ControllerBase {
-  self: RepositoryService with ActivityService with AccountService with UsersAuthenticator =>
+  self: RepositoryService with ActivityService with AccountService with RepositorySearchService
+    with UsersAuthenticator with ReferrerAuthenticator =>

  case class SignInForm(userName: String, password: String)

-  val form = mapping(
+  val signinForm = mapping(
    "userName" -> trim(label("Username", text(required))),
    "password" -> trim(label("Password", text(required)))
  )(SignInForm.apply)

+  val searchForm = mapping(
+    "query"      -> trim(text(required)),
+    "owner"      -> trim(text(required)),
+    "repository" -> trim(text(required))
+  )(SearchForm.apply)
+
+  case class SearchForm(query: String, owner: String, repository: String)
+
+
  get("/"){
    val loginAccount = context.loginAccount
    if(loginAccount.isEmpty) {
-        html.index(getRecentActivities(),
-            getVisibleRepositories(loginAccount, context.baseUrl, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, context.baseUrl, withoutPhysicalInfo = true) }.getOrElse(Nil)
+        gitbucket.core.html.index(getRecentActivities(),
+            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
+            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil)
        )
    } else {
        val loginUserName = loginAccount.get.userName
@@ -39,9 +49,9 @@ trait IndexControllerBase extends ControllerBase {
        
        visibleOwnerSet ++= loginUserGroups

-        html.index(getRecentActivitiesByOwners(visibleOwnerSet),
-            getVisibleRepositories(loginAccount, context.baseUrl, withoutPhysicalInfo = true),
-            loginAccount.map{ account => getUserRepositories(account.userName, context.baseUrl, withoutPhysicalInfo = true) }.getOrElse(Nil) 
+        gitbucket.core.html.index(getRecentActivitiesByOwners(visibleOwnerSet),
+            getVisibleRepositories(loginAccount, withoutPhysicalInfo = true),
+            loginAccount.map{ account => getUserRepositories(account.userName, withoutPhysicalInfo = true) }.getOrElse(Nil) 
        )
    }
  }
@@ -51,10 +61,10 @@ trait IndexControllerBase extends ControllerBase {
    if(redirect.isDefined && redirect.get.startsWith("/")){
      flash += Keys.Flash.Redirect -> redirect.get
    }
-    html.signin()
+    gitbucket.core.html.signin()
  }

-  post("/signin", form){ form =>
+  post("/signin", signinForm){ form =>
    authenticate(context.settings, form.userName, form.password) match {
      case Some(account) => signin(account)
      case None          => redirect("/signin")
@@ -104,19 +114,48 @@ trait IndexControllerBase extends ControllerBase {
  })

  /**
-   * JSON APU for checking user existence.
+   * JSON API for checking user existence.
   */
  post("/_user/existence")(usersOnly {
-    getAccountByUserName(params("userName")).isDefined
+    getAccountByUserName(params("userName")).map { account =>
+      if(params.get("userOnly").isDefined) !account.isGroupAccount else true
+    } getOrElse false
  })

-  /**
-   * @see https://developer.github.com/v3/rate_limit/#get-your-current-rate-limit-status
-   * but not enabled.
-   */
-  get("/api/v3/rate_limit"){
-    contentType = formats("json")
-    // this message is same as github enterprise...
-    org.scalatra.NotFound(ApiError("Rate limiting is not enabled."))
+  // TODO Move to RepositoryViwerController?
+  post("/search", searchForm){ form =>
+    redirect(s"/${form.owner}/${form.repository}/search?q=${StringUtil.urlEncode(form.query)}")
  }
+
+  // TODO Move to RepositoryViwerController?
+  get("/:owner/:repository/search")(referrersOnly { repository =>
+    defining(params("q").trim, params.getOrElse("type", "code")){ case (query, target) =>
+      val page   = try {
+        val i = params.getOrElse("page", "1").toInt
+        if(i <= 0) 1 else i
+      } catch {
+        case e: NumberFormatException => 1
+      }
+
+      target.toLowerCase match {
+        case "issue" => gitbucket.core.search.html.issues(
+          countFiles(repository.owner, repository.name, query),
+          searchIssues(repository.owner, repository.name, query),
+          countWikiPages(repository.owner, repository.name, query),
+          query, page, repository)
+
+        case "wiki" => gitbucket.core.search.html.wiki(
+          countFiles(repository.owner, repository.name, query),
+          countIssues(repository.owner, repository.name, query),
+          searchWikiPages(repository.owner, repository.name, query),
+          query, page, repository)
+
+        case _ => gitbucket.core.search.html.code(
+          searchFiles(repository.owner, repository.name, query),
+          countIssues(repository.owner, repository.name, query),
+          countWikiPages(repository.owner, repository.name, query),
+          query, page, repository)
+      }
+    }
+  })
 }
--- a/src/main/scala/gitbucket/core/controller/IssuesController.scala
+++ b/src/main/scala/gitbucket/core/controller/IssuesController.scala
@@ -1,8 +1,6 @@
 package gitbucket.core.controller

-import gitbucket.core.api._
 import gitbucket.core.issues.html
-import gitbucket.core.model.Issue
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service._
 import gitbucket.core.util.ControlUtil._
@@ -11,16 +9,16 @@ import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.Markdown

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.scalatra.Ok


 class IssuesController extends IssuesControllerBase
-  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
+  with IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService

 trait IssuesControllerBase extends ControllerBase {
-  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService
+  self: IssuesService with RepositoryService with AccountService with LabelsService with MilestonesService with ActivityService with HandleCommentService
    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with WebHookIssueCommentService =>

  case class IssueCreateForm(title: String, content: Option[String],
@@ -78,18 +76,6 @@ trait IssuesControllerBase extends ControllerBase {
    }
  })

-  /**
-   * https://developer.github.com/v3/issues/comments/#list-comments-on-an-issue
-   */
-  get("/api/v3/repos/:owner/:repository/issues/:id/comments")(referrersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      comments = getCommentsForApi(repository.owner, repository.name, issueId.toInt)
-    } yield {
-      JsonFormat(comments.map{ case (issueComment, user) => ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(user)) })
-    }).getOrElse(NotFound)
-  })
-
  get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
    defining(repository.owner, repository.name){ case (owner, name) =>
      html.create(
@@ -128,7 +114,7 @@ trait IssuesControllerBase extends ControllerBase {

      getIssue(owner, name, issueId.toString).foreach { issue =>
        // extract references and create refer comment
-        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""))
+        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)

        // call web hooks
        callIssuesWebHook("opened", repository, issue, context.baseUrl, context.loginAccount.get)
@@ -150,7 +136,7 @@ trait IssuesControllerBase extends ControllerBase {
          // update issue
          updateIssue(owner, name, issue.issueId, title, issue.content)
          // extract references and create refer comment
-          createReferComment(owner, name, issue.copy(title = title), title)
+          createReferComment(owner, name, issue.copy(title = title), title, context.loginAccount.get)

          redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
        } else Unauthorized
@@ -165,7 +151,7 @@ trait IssuesControllerBase extends ControllerBase {
          // update issue
          updateIssue(owner, name, issue.issueId, issue.title, content)
          // extract references and create refer comment
-          createReferComment(owner, name, issue, content.getOrElse(""))
+          createReferComment(owner, name, issue, content.getOrElse(""), context.loginAccount.get)

          redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}")
        } else Unauthorized
@@ -174,30 +160,22 @@ trait IssuesControllerBase extends ControllerBase {
  })

  post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) =>
-    handleComment(form.issueId, Some(form.content), repository)() map { case (issue, id) =>
-      redirect(s"/${repository.owner}/${repository.name}/${
-        if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
+      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      handleComment(issue, Some(form.content), repository, actionOpt) map { case (issue, id) =>
+        redirect(s"/${repository.owner}/${repository.name}/${
+          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+      }
    } getOrElse NotFound
  })

-  /**
-   * https://developer.github.com/v3/issues/comments/#create-a-comment
-   */
-  post("/api/v3/repos/:owner/:repository/issues/:id/comments")(readableUsersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      body <- extractFromJsonBody[CreateAComment].map(_.body) if ! body.isEmpty
-      (issue, id) <- handleComment(issueId, Some(body), repository)()
-      issueComment <- getComment(repository.owner, repository.name, id.toString())
-    } yield {
-      JsonFormat(ApiComment(issueComment, RepositoryName(repository), issueId, ApiUser(context.loginAccount.get)))
-    }) getOrElse NotFound
-  })
-
  post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
-    handleComment(form.issueId, form.content, repository)() map { case (issue, id) =>
-      redirect(s"/${repository.owner}/${repository.name}/${
-        if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+    getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
+      val actionOpt = params.get("action").filter(_ => isEditable(issue.userName, issue.repositoryName, issue.openedUserName))
+      handleComment(issue, form.content, repository, actionOpt) map { case (issue, id) =>
+        redirect(s"/${repository.owner}/${repository.name}/${
+          if(issue.isPullRequest) "pull" else "issues"}/${form.issueId}#comment-${id}")
+      }
    } getOrElse NotFound
  })

@@ -226,15 +204,24 @@ trait IssuesControllerBase extends ControllerBase {
    getIssue(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.openedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editissue(
-              x.content, x.issueId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editissue(x.content, x.issueId, repository)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-              Map("title"   -> x.title,
-                  "content" -> Markdown.toHtml(x.content getOrElse "No description given.",
-                      repository, false, true, true, isEditable(x.userName, x.repositoryName, x.openedUserName))
-              ))
+            Map(
+              "title"   -> x.title,
+              "content" -> Markdown.toHtml(
+                markdown = x.content getOrElse "No description given.",
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                enableTaskList = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.openedUserName)
+              )
+            )
+          )
        }
      } else Unauthorized
    } getOrElse NotFound
@@ -244,19 +231,34 @@ trait IssuesControllerBase extends ControllerBase {
    getComment(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-              x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-              Map("content" -> view.Markdown.toHtml(x.content,
-                  repository, false, true, true, isEditable(x.userName, x.repositoryName, x.commentedUserName))
-              ))
+            Map(
+              "content" -> view.Markdown.toHtml(
+                markdown = x.content,
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                enableTaskList = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+              )
+            )
+          )
        }
      } else Unauthorized
    } getOrElse NotFound
  })

+  ajaxPost("/:owner/:repository/issues/new/label")(collaboratorsOnly { repository =>
+    val labelNames = params("labelNames").split(",")
+    val labels = getLabels(repository.owner, repository.name).filter(x => labelNames.contains(x.labelName))
+    html.labellist(labels)
+  })
+
  ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { repository =>
    defining(params("id").toInt){ issueId =>
      registerIssueLabel(repository.owner, repository.name, issueId, params("labelId").toInt)
@@ -289,8 +291,16 @@ trait IssuesControllerBase extends ControllerBase {
  post("/:owner/:repository/issues/batchedit/state")(collaboratorsOnly { repository =>
    defining(params.get("value")){ action =>
      action match {
-        case Some("open")  => executeBatch(repository) { handleComment(_, None, repository)( _ => Some("reopen")) }
-        case Some("close") => executeBatch(repository) { handleComment(_, None, repository)( _ => Some("close"))  }
+        case Some("open")  => executeBatch(repository) { issueId =>
+          getIssue(repository.owner, repository.name, issueId.toString).foreach { issue =>
+            handleComment(issue, None, repository, Some("reopen"))
+          }
+        }
+        case Some("close") => executeBatch(repository) { issueId =>
+          getIssue(repository.owner, repository.name, issueId.toString).foreach { issue =>
+            handleComment(issue, None, repository, Some("close"))
+          }
+        }
        case _ => // TODO BadRequest
      }
    }
@@ -326,6 +336,7 @@ trait IssuesControllerBase extends ControllerBase {
    (Directory.getAttachedDir(repository.owner, repository.name) match {
      case dir if(dir.exists && dir.isDirectory) =>
        dir.listFiles.find(_.getName.startsWith(params("file") + ".")).map { file =>
+          response.setHeader("Content-Disposition", f"""inline; filename=${file.getName}""")
          RawData(FileUtil.getMimeType(file.getName), file)
        }
      case _ => None
@@ -346,98 +357,6 @@ trait IssuesControllerBase extends ControllerBase {
    }
  }

-  private def createReferComment(owner: String, repository: String, fromIssue: Issue, message: String) = {
-    StringUtil.extractIssueId(message).foreach { issueId =>
-      val content = fromIssue.issueId + ":" + fromIssue.title
-      if(getIssue(owner, repository, issueId).isDefined){
-        // Not add if refer comment already exist.
-        if(!getComments(owner, repository, issueId.toInt).exists { x => x.action == "refer" && x.content == content }) {
-          createComment(owner, repository, context.loginAccount.get.userName, issueId.toInt, content, "refer")
-        }
-      }
-    }
-  }
-
-  /**
-   * @see [[https://github.com/takezoe/gitbucket/wiki/CommentAction]]
-   */
-  private def handleComment(issueId: Int, content: Option[String], repository: RepositoryService.RepositoryInfo)
-      (getAction: Issue => Option[String] =
-           p1 => params.get("action").filter(_ => isEditable(p1.userName, p1.repositoryName, p1.openedUserName))) = {
-
-    defining(repository.owner, repository.name){ case (owner, name) =>
-      val userName = context.loginAccount.get.userName
-
-      getIssue(owner, name, issueId.toString) flatMap { issue =>
-        val (action, recordActivity) =
-          getAction(issue)
-            .collect {
-              case "close" if(!issue.closed) => true  ->
-                (Some("close")  -> Some(if(issue.isPullRequest) recordClosePullRequestActivity _ else recordCloseIssueActivity _))
-              case "reopen" if(issue.closed) => false ->
-                (Some("reopen") -> Some(recordReopenIssueActivity _))
-            }
-            .map { case (closed, t) =>
-              updateClosed(owner, name, issueId, closed)
-              t
-            }
-            .getOrElse(None -> None)
-
-        val commentId = (content, action) match {
-          case (None, None) => None
-          case (None, Some(action)) => Some(createComment(owner, name, userName, issueId, action.capitalize, action))
-          case (Some(content), _) => Some(createComment(owner, name, userName, issueId, content, action.map(_+ "_comment").getOrElse("comment")))
-        }
-
-        // record comment activity if comment is entered
-        content foreach {
-          (if(issue.isPullRequest) recordCommentPullRequestActivity _ else recordCommentIssueActivity _)
-          (owner, name, userName, issueId, _)
-        }
-        recordActivity foreach ( _ (owner, name, userName, issueId, issue.title) )
-
-        // extract references and create refer comment
-        content.map { content =>
-          createReferComment(owner, name, issue, content)
-        }
-
-        // call web hooks
-        action match {
-          case None => commentId.map{ commentIdSome => callIssueCommentWebHook(repository, issue, commentIdSome, context.loginAccount.get) }
-          case Some(act) => val webHookAction = act match {
-            case "open"   => "opened"
-            case "reopen" => "reopened"
-            case "close"  => "closed"
-            case _ => act
-          }
-          if(issue.isPullRequest){
-            callPullRequestWebHook(webHookAction, repository, issue.issueId, context.baseUrl, context.loginAccount.get)
-          } else {
-            callIssuesWebHook(webHookAction, repository, issue, context.baseUrl, context.loginAccount.get)
-          }
-        }
-
-        // notifications
-        Notifier() match {
-          case f =>
-            content foreach {
-              f.toNotify(repository, issue, _){
-                Notifier.msgComment(s"${context.baseUrl}/${owner}/${name}/${
-                  if(issue.isPullRequest) "pull" else "issues"}/${issueId}#comment-${commentId.get}")
-              }
-            }
-            action foreach {
-              f.toNotify(repository, issue, _){
-                Notifier.msgStatus(s"${context.baseUrl}/${owner}/${name}/issues/${issueId}")
-              }
-            }
-        }
-
-        commentId.map( issue -> _ )
-      }
-    }
-  }
-
  private def searchIssues(repository: RepositoryService.RepositoryInfo) = {
    defining(repository.owner, repository.name){ case (owner, repoName) =>
      val page       = IssueSearchCondition.page(request)
@@ -459,7 +378,11 @@ trait IssuesControllerBase extends ControllerBase {
          "issues",
          searchIssue(condition, false, (page - 1) * IssueLimit, IssueLimit, owner -> repoName),
          page,
-          (getCollaborators(owner, repoName) :+ owner).sorted,
+          if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+            (getCollaborators(owner, repoName) :+ owner).sorted
+          } else {
+            getCollaborators(owner, repoName)
+          },
          getMilestones(owner, repoName),
          getLabels(owner, repoName),
          countIssue(condition.copy(state = "open"  ), false, owner -> repoName),
--- a/src/main/scala/gitbucket/core/controller/LabelsController.scala
+++ b/src/main/scala/gitbucket/core/controller/LabelsController.scala
@@ -4,7 +4,7 @@ import gitbucket.core.issues.labels.html
 import gitbucket.core.service.{RepositoryService, AccountService, IssuesService, LabelsService}
 import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
 import gitbucket.core.util.Implicits._
-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.scalatra.i18n.Messages
 import org.scalatra.Ok

@@ -19,10 +19,11 @@ trait LabelsControllerBase extends ControllerBase {
  case class LabelForm(labelName: String, color: String)

  val labelForm = mapping(
-    "labelName"  -> trim(label("Label name", text(required, labelName, maxlength(100)))),
+    "labelName"  -> trim(label("Label name", text(required, labelName, uniqueLabelName, maxlength(100)))),
    "labelColor" -> trim(label("Color",      text(required, color)))
  )(LabelForm.apply)

+
  get("/:owner/:repository/issues/labels")(referrersOnly { repository =>
    html.list(
      getLabels(repository.owner, repository.name),
@@ -80,4 +81,16 @@ trait LabelsControllerBase extends ControllerBase {
      }
  }

+  private def uniqueLabelName: Constraint = new Constraint(){
+    override def validate(name: String, value: String, params: Map[String, String], messages: Messages): Option[String] = {
+      val owner = params("owner")
+      val repository = params("repository")
+      params.get("labelId").map { labelId =>
+        getLabel(owner, repository, value).filter(_.labelId != labelId.toInt).map(_ => "Name has already been taken.")
+      }.getOrElse {
+        getLabel(owner, repository, value).map(_ => "Name has already been taken.")
+      }
+    }
+  }
+
 }
--- a/src/main/scala/gitbucket/core/controller/MilestonesController.scala
+++ b/src/main/scala/gitbucket/core/controller/MilestonesController.scala
@@ -4,7 +4,7 @@ import gitbucket.core.issues.milestones.html
 import gitbucket.core.service.{RepositoryService, MilestonesService, AccountService}
 import gitbucket.core.util.{ReferrerAuthenticator, CollaboratorsAuthenticator}
 import gitbucket.core.util.Implicits._
-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._

 class MilestonesController extends MilestonesControllerBase
  with MilestonesService with RepositoryService with AccountService
--- a/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
+++ b/src/main/scala/gitbucket/core/controller/PullRequestsController.scala
@@ -1,7 +1,6 @@
 package gitbucket.core.controller

-import gitbucket.core.api._
-import gitbucket.core.model.{Account, CommitState, Repository, PullRequest, Issue}
+import gitbucket.core.model.WebHook
 import gitbucket.core.pulls.html
 import gitbucket.core.service.CommitStatusService
 import gitbucket.core.service.MergeService
@@ -16,7 +15,7 @@ import gitbucket.core.util._
 import gitbucket.core.view
 import gitbucket.core.view.helpers

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.PersonIdent
 import org.slf4j.LoggerFactory
@@ -27,13 +26,13 @@ import scala.collection.JavaConverters._
 class PullRequestsController extends PullRequestsControllerBase
  with RepositoryService with AccountService with IssuesService with PullRequestService with MilestonesService with LabelsService
  with CommitsService with ActivityService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
-  with CommitStatusService with MergeService
+  with CommitStatusService with MergeService with ProtectedBranchService


 trait PullRequestsControllerBase extends ControllerBase {
  self: RepositoryService with AccountService with IssuesService with MilestonesService with LabelsService
    with CommitsService with ActivityService with PullRequestService with WebHookPullRequestService with ReferrerAuthenticator with CollaboratorsAuthenticator
-    with CommitStatusService with MergeService =>
+    with CommitStatusService with MergeService with ProtectedBranchService =>

  private val logger = LoggerFactory.getLogger(classOf[PullRequestsControllerBase])

@@ -46,7 +45,10 @@ trait PullRequestsControllerBase extends ControllerBase {
    "requestRepositoryName" -> trim(text(required, maxlength(100))),
    "requestBranch"         -> trim(text(required, maxlength(100))),
    "commitIdFrom"          -> trim(text(required, maxlength(40))),
-    "commitIdTo"            -> trim(text(required, maxlength(40)))
+    "commitIdTo"            -> trim(text(required, maxlength(40))),
+    "assignedUserName"      -> trim(optional(text())),
+    "milestoneId"           -> trim(optional(number())),
+    "labelNames"            -> trim(optional(text()))
  )(PullRequestForm.apply)

  val mergeForm = mapping(
@@ -62,7 +64,11 @@ trait PullRequestsControllerBase extends ControllerBase {
    requestRepositoryName: String,
    requestBranch: String,
    commitIdFrom: String,
-    commitIdTo: String)
+    commitIdTo: String,
+    assignedUserName: Option[String],
+    milestoneId: Option[Int],
+    labelNames: Option[String]
+  )

  case class MergeForm(message: String)

@@ -75,24 +81,6 @@ trait PullRequestsControllerBase extends ControllerBase {
    }
  })

-  /**
-   * https://developer.github.com/v3/pulls/#list-pull-requests
-   */
-  get("/api/v3/repos/:owner/:repository/pulls")(referrersOnly { repository =>
-    val page       = IssueSearchCondition.page(request)
-    // TODO: more api spec condition
-    val condition = IssueSearchCondition(request)
-    val baseOwner = getAccountByUserName(repository.owner).get
-    val issues:List[(Issue, Account, Int, PullRequest, Repository, Account)] = searchPullRequestByApi(condition, (page - 1) * PullRequestLimit, PullRequestLimit, repository.owner -> repository.name)
-    JsonFormat(issues.map{case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner) =>
-      ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)) })
-  })
-
  get("/:owner/:repository/pull/:id")(referrersOnly { repository =>
    params("id").toIntOpt.flatMap{ issueId =>
      val owner = repository.owner
@@ -112,71 +100,43 @@ trait PullRequestsControllerBase extends ControllerBase {
            commits,
            diffs,
            hasWritePermission(owner, name, context.loginAccount),
-            repository)
+            repository,
+            flash.toMap.map(f => f._1 -> f._2.toString))
        }
      }
    } getOrElse NotFound
  })

-  /**
-   * https://developer.github.com/v3/pulls/#get-a-single-pull-request
-   */
-  get("/api/v3/repos/:owner/:repository/pulls/:id")(referrersOnly { repository =>
-    (for{
-      issueId <- params("id").toIntOpt
-      (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
-      users = getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set())
-      baseOwner <- users.get(repository.owner)
-      headOwner <- users.get(pullRequest.requestUserName)
-      issueUser <- users.get(issue.openedUserName)
-      headRepo  <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName, baseUrl)
-    } yield {
-      JsonFormat(ApiPullRequest(
-        issue,
-        pullRequest,
-        ApiRepository(headRepo, ApiUser(headOwner)),
-        ApiRepository(repository, ApiUser(baseOwner)),
-        ApiUser(issueUser)))
-    }).getOrElse(NotFound)
-  })
-
-  /**
-   * https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request
-   */
-  get("/api/v3/repos/:owner/:repository/pulls/:id/commits")(referrersOnly { repository =>
-    val owner = repository.owner
-    val name = repository.name
-    params("id").toIntOpt.flatMap{ issueId =>
-      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
-        using(Git.open(getRepositoryDir(owner, name))){ git =>
-          val oldId = git.getRepository.resolve(pullreq.commitIdFrom)
-          val newId = git.getRepository.resolve(pullreq.commitIdTo)
-          val repoFullName = RepositoryName(repository)
-          val commits = git.log.addRange(oldId, newId).call.iterator.asScala.map(c => ApiCommitListItem(new CommitInfo(c), repoFullName)).toList
-          JsonFormat(commits)
-        }
-      }
-    } getOrElse NotFound
-  })
-
-  ajaxGet("/:owner/:repository/pull/:id/mergeguide")(collaboratorsOnly { repository =>
+  ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
    params("id").toIntOpt.flatMap{ issueId =>
      val owner = repository.owner
      val name  = repository.name
      getPullRequest(owner, name, issueId) map { case(issue, pullreq) =>
-        val statuses = getCommitStatues(owner, name, pullreq.commitIdTo)
-        val hasConfrict = LockUtil.lock(s"${owner}/${name}"){
+        val hasConflict = LockUtil.lock(s"${owner}/${name}"){
          checkConflict(owner, name, pullreq.branch, issueId)
        }
-        val hasProblem = hasConfrict || (!statuses.isEmpty && CommitState.combine(statuses.map(_.state).toSet) != CommitState.SUCCESS)
+        val hasMergePermission = hasWritePermission(owner, name, context.loginAccount)
+        val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch)
+        val mergeStatus = PullRequestService.MergeStatus(
+           hasConflict         = hasConflict,
+           commitStatues       = getCommitStatues(owner, name, pullreq.commitIdTo),
+           branchProtection    = branchProtection,
+           branchIsOutOfDate   = JGitUtil.getShaByRef(owner, name, pullreq.branch) != Some(pullreq.commitIdFrom),
+           needStatusCheck     = context.loginAccount.map{ u =>
+                                   branchProtection.needStatusCheck(u.userName)
+                                 }.getOrElse(true),
+           hasUpdatePermission = hasWritePermission(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount) &&
+                                   context.loginAccount.map{ u =>
+                                     !getProtectedBranchInfo(pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.requestBranch).needStatusCheck(u.userName)
+                                   }.getOrElse(false),
+           hasMergePermission  = hasMergePermission,
+           commitIdTo          = pullreq.commitIdTo)
        html.mergeguide(
-          hasConfrict,
-          hasProblem,
+          mergeStatus,
          issue,
          pullreq,
-          statuses,
          repository,
-          s"${context.baseUrl}/git/${pullreq.requestUserName}/${pullreq.requestRepositoryName}.git")
+          getRepository(pullreq.requestUserName, pullreq.requestRepositoryName).get)
      }
    } getOrElse NotFound
  })
@@ -196,6 +156,75 @@ trait PullRequestsControllerBase extends ControllerBase {
    } getOrElse NotFound
  })

+  post("/:owner/:repository/pull/:id/update_branch")(referrersOnly { baseRepository =>
+    (for {
+      issueId <- params("id").toIntOpt
+      loginAccount <- context.loginAccount
+      (issue, pullreq) <- getPullRequest(baseRepository.owner, baseRepository.name, issueId)
+      owner = pullreq.requestUserName
+      name  = pullreq.requestRepositoryName
+      if hasWritePermission(owner, name, context.loginAccount)
+    } yield {
+      val branchProtection = getProtectedBranchInfo(owner, name, pullreq.requestBranch)
+      if(branchProtection.needStatusCheck(loginAccount.userName)){
+        flash += "error" -> s"branch ${pullreq.requestBranch} is protected need status check."
+      } else {
+        val repository = getRepository(owner, name).get
+        LockUtil.lock(s"${owner}/${name}"){
+          val alias = if(pullreq.repositoryName == pullreq.requestRepositoryName && pullreq.userName == pullreq.requestUserName){
+            pullreq.branch
+          }else{
+            s"${pullreq.userName}:${pullreq.branch}"
+          }
+          val existIds = using(Git.open(Directory.getRepositoryDir(owner, name))) { git => JGitUtil.getAllCommitIds(git) }.toSet
+          pullRemote(owner, name, pullreq.requestBranch, pullreq.userName, pullreq.repositoryName, pullreq.branch, loginAccount,
+                     s"Merge branch '${alias}' into ${pullreq.requestBranch}") match {
+            case None => // conflict
+              flash += "error" -> s"Can't automatic merging branch '${alias}' into ${pullreq.requestBranch}."
+            case Some(oldId) =>
+              // update pull request
+              updatePullRequests(owner, name, pullreq.requestBranch)
+
+              using(Git.open(Directory.getRepositoryDir(owner, name))) { git =>
+                //  after update branch
+
+                val newCommitId = git.getRepository.resolve(s"refs/heads/${pullreq.requestBranch}")
+                val commits = git.log.addRange(oldId, newCommitId).call.iterator.asScala.map(c => new JGitUtil.CommitInfo(c)).toList
+
+                commits.foreach{ commit =>
+                  if(!existIds.contains(commit.id)){
+                    createIssueComment(owner, name, commit)
+                  }
+                }
+
+                // record activity
+                recordPushActivity(owner, name, loginAccount.userName, pullreq.branch, commits)
+
+                // close issue by commit message
+                if(pullreq.requestBranch == repository.repository.defaultBranch){
+                  commits.map { commit =>
+                    closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
+                  }
+                }
+
+                // call web hook
+                callPullRequestWebHookByRequestBranch("synchronize", repository, pullreq.requestBranch, baseUrl, loginAccount)
+                callWebHookOf(owner, name, WebHook.Push) {
+                  for {
+                    ownerAccount <- getAccountByUserName(owner)
+                  } yield {
+                    WebHookService.WebHookPushPayload(git, loginAccount, pullreq.requestBranch, repository, commits, ownerAccount, oldId = oldId, newId = newCommitId)
+                  }
+                }
+              }
+              flash += "info" -> s"Merge branch '${alias}' into ${pullreq.requestBranch}"
+          }
+        }
+        redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+      }
+    }) getOrElse NotFound
+  })
+
  post("/:owner/:repository/pull/:id/merge", mergeForm)(collaboratorsOnly { (form, repository) =>
    params("id").toIntOpt.flatMap { issueId =>
      val owner = repository.owner
@@ -221,17 +250,17 @@ trait PullRequestsControllerBase extends ControllerBase {
              pullreq.requestUserName, pullreq.requestRepositoryName, pullreq.commitIdTo)

            // close issue by content of pull request
-            val defaultBranch = getRepository(owner, name, context.baseUrl).get.repository.defaultBranch
+            val defaultBranch = getRepository(owner, name).get.repository.defaultBranch
            if(pullreq.branch == defaultBranch){
              commits.flatten.foreach { commit =>
                closeIssuesFromMessage(commit.fullMessage, loginAccount.userName, owner, name)
              }
-              issue.content match {
-                case Some(content) => closeIssuesFromMessage(content, loginAccount.userName, owner, name)
-                case _ =>
-              }
+              closeIssuesFromMessage(issue.title + " " + issue.content.getOrElse(""), loginAccount.userName, owner, name)
              closeIssuesFromMessage(form.message, loginAccount.userName, owner, name)
            }
+
+            updatePullRequests(owner, name, pullreq.branch)
+
            // call web hook
            callPullRequestWebHook("closed", repository, issueId, context.baseUrl, context.loginAccount.get)

@@ -251,7 +280,7 @@ trait PullRequestsControllerBase extends ControllerBase {
    val headBranch:Option[String] = params.get("head")
    (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
      case (Some(originUserName), Some(originRepositoryName)) => {
-        getRepository(originUserName, originRepositoryName, context.baseUrl).map { originRepository =>
+        getRepository(originUserName, originRepositoryName).map { originRepository =>
          using(
            Git.open(getRepositoryDir(originUserName, originRepositoryName)),
            Git.open(getRepositoryDir(forkedRepository.owner, forkedRepository.name))
@@ -284,17 +313,20 @@ trait PullRequestsControllerBase extends ControllerBase {
      originRepositoryName <- if(originOwner == forkedOwner) {
        // Self repository
        Some(forkedRepository.name)
+      } else if(forkedRepository.repository.originUserName.isEmpty){
+        // when ForkedRepository is the original repository
+        getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
      } else if(Some(originOwner) == forkedRepository.repository.originUserName){
        // Original repository
        forkedRepository.repository.originRepositoryName
      } else {
        // Sibling repository
-        getUserRepositories(originOwner, context.baseUrl).find { x =>
+        getUserRepositories(originOwner).find { x =>
          x.repository.originUserName == forkedRepository.repository.originUserName &&
            x.repository.originRepositoryName == forkedRepository.repository.originRepositoryName
        }.map(_.repository.repositoryName)
      };
-      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
+      originRepository <- getRepository(originOwner, originRepositoryName)
    ) yield {
      using(
        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
@@ -307,32 +339,52 @@ trait PullRequestsControllerBase extends ControllerBase {
              originRepository.owner, originRepository.name, originId,
              forkedRepository.owner, forkedRepository.name, forkedId)

-            (oldGit.getRepository.resolve(rootId),  newGit.getRepository.resolve(forkedId))
+            (Option(oldGit.getRepository.resolve(rootId)),  Option(newGit.getRepository.resolve(forkedId)))
          } else {
            // Commit id
-            (oldGit.getRepository.resolve(originId), newGit.getRepository.resolve(forkedId))
+            (Option(oldGit.getRepository.resolve(originId)), Option(newGit.getRepository.resolve(forkedId)))
          }

-        val (commits, diffs) = getRequestCompareInfo(
-          originRepository.owner, originRepository.name, oldId.getName,
-          forkedRepository.owner, forkedRepository.name, newId.getName)
+        (oldId, newId) match {
+          case (Some(oldId), Some(newId)) => {
+            val (commits, diffs) = getRequestCompareInfo(
+              originRepository.owner, originRepository.name, oldId.getName,
+              forkedRepository.owner, forkedRepository.name, newId.getName)

-        html.compare(
-          commits,
-          diffs,
-          (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
-            case (Some(userName), Some(repositoryName)) => (userName, repositoryName) :: getForkedRepositories(userName, repositoryName)
-            case _ => (forkedRepository.owner, forkedRepository.name) :: getForkedRepositories(forkedRepository.owner, forkedRepository.name)
-          },
-          commits.flatten.map(commit => getCommitComments(forkedRepository.owner, forkedRepository.name, commit.id, false)).flatten.toList,
-          originId,
-          forkedId,
-          oldId.getName,
-          newId.getName,
-          forkedRepository,
-          originRepository,
-          forkedRepository,
-          hasWritePermission(forkedRepository.owner, forkedRepository.name, context.loginAccount))
+            val title = if(commits.flatten.length == 1){
+              commits.flatten.head.shortMessage
+            } else {
+              val text = forkedId.replaceAll("[\\-_]", " ")
+              text.substring(0, 1).toUpperCase + text.substring(1)
+            }
+
+            html.compare(
+              title,
+              commits,
+              diffs,
+              (forkedRepository.repository.originUserName, forkedRepository.repository.originRepositoryName) match {
+                case (Some(userName), Some(repositoryName)) => (userName, repositoryName) :: getForkedRepositories(userName, repositoryName)
+                case _ => (forkedRepository.owner, forkedRepository.name) :: getForkedRepositories(forkedRepository.owner, forkedRepository.name)
+              },
+              commits.flatten.map(commit => getCommitComments(forkedRepository.owner, forkedRepository.name, commit.id, false)).flatten.toList,
+              originId,
+              forkedId,
+              oldId.getName,
+              newId.getName,
+              forkedRepository,
+              originRepository,
+              forkedRepository,
+              hasWritePermission(originRepository.owner, originRepository.name, context.loginAccount),
+              (getCollaborators(originRepository.owner, originRepository.name) ::: (if(getAccountByUserName(originRepository.owner).get.isGroupAccount) Nil else List(originRepository.owner))).sorted,
+              getMilestones(originRepository.owner, originRepository.name),
+              getLabels(originRepository.owner, originRepository.name)
+            )
+          }
+          case (oldId, newId) =>
+            redirect(s"/${forkedRepository.owner}/${forkedRepository.name}/compare/" +
+                     s"${originOwner}:${oldId.map(_ => originId).getOrElse(originRepository.repository.defaultBranch)}..." +
+                     s"${forkedOwner}:${newId.map(_ => forkedId).getOrElse(forkedRepository.repository.defaultBranch)}")
+        }
      }
    }) getOrElse NotFound
  })
@@ -350,7 +402,7 @@ trait PullRequestsControllerBase extends ControllerBase {
          getForkedRepositories(forkedRepository.owner, forkedRepository.name).find(_._1 == originOwner).map(_._2)
        }
      };
-      originRepository <- getRepository(originOwner, originRepositoryName, context.baseUrl)
+      originRepository <- getRepository(originOwner, originRepositoryName)
    ) yield {
      using(
        Git.open(getRepositoryDir(originRepository.owner, originRepository.name)),
@@ -368,46 +420,64 @@ trait PullRequestsControllerBase extends ControllerBase {
  })

  post("/:owner/:repository/pulls/new", pullRequestForm)(referrersOnly { (form, repository) =>
-    val loginUserName = context.loginAccount.get.userName
+    defining(repository.owner, repository.name){ case (owner, name) =>
+      val writable = hasWritePermission(owner, name, context.loginAccount)
+      val loginUserName = context.loginAccount.get.userName

-    val issueId = createIssue(
-      owner            = repository.owner,
-      repository       = repository.name,
-      loginUser        = loginUserName,
-      title            = form.title,
-      content          = form.content,
-      assignedUserName = None,
-      milestoneId      = None,
-      isPullRequest    = true)
+      val issueId = createIssue(
+        owner            = repository.owner,
+        repository       = repository.name,
+        loginUser        = loginUserName,
+        title            = form.title,
+        content          = form.content,
+        assignedUserName = if(writable) form.assignedUserName else None,
+        milestoneId      = if(writable) form.milestoneId else None,
+        isPullRequest    = true)

-    createPullRequest(
-      originUserName        = repository.owner,
-      originRepositoryName  = repository.name,
-      issueId               = issueId,
-      originBranch          = form.targetBranch,
-      requestUserName       = form.requestUserName,
-      requestRepositoryName = form.requestRepositoryName,
-      requestBranch         = form.requestBranch,
-      commitIdFrom          = form.commitIdFrom,
-      commitIdTo            = form.commitIdTo)
+      createPullRequest(
+        originUserName        = repository.owner,
+        originRepositoryName  = repository.name,
+        issueId               = issueId,
+        originBranch          = form.targetBranch,
+        requestUserName       = form.requestUserName,
+        requestRepositoryName = form.requestRepositoryName,
+        requestBranch         = form.requestBranch,
+        commitIdFrom          = form.commitIdFrom,
+        commitIdTo            = form.commitIdTo)

-    // fetch requested branch
-    fetchAsPullRequest(repository.owner, repository.name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
-
-    // record activity
-    recordPullRequestActivity(repository.owner, repository.name, loginUserName, issueId, form.title)
-
-    // call web hook
-    callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
-
-    // notifications
-    getIssue(repository.owner, repository.name, issueId.toString) foreach { issue =>
-      Notifier().toNotify(repository, issue, form.content.getOrElse("")){
-        Notifier.msgPullRequest(s"${context.baseUrl}/${repository.owner}/${repository.name}/pull/${issueId}")
+      // insert labels
+      if(writable){
+        form.labelNames.map { value =>
+          val labels = getLabels(owner, name)
+          value.split(",").foreach { labelName =>
+            labels.find(_.labelName == labelName).map { label =>
+              registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
+            }
+          }
+        }
      }
-    }

-    redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+      // fetch requested branch
+      fetchAsPullRequest(owner, name, form.requestUserName, form.requestRepositoryName, form.requestBranch, issueId)
+
+      // record activity
+      recordPullRequestActivity(owner, name, loginUserName, issueId, form.title)
+
+      // call web hook
+      callPullRequestWebHook("opened", repository, issueId, context.baseUrl, context.loginAccount.get)
+
+      getIssue(owner, name, issueId.toString) foreach { issue =>
+        // extract references and create refer comment
+        createReferComment(owner, name, issue, form.title + " " + form.content.getOrElse(""), context.loginAccount.get)
+
+        // notifications
+        Notifier().toNotify(repository, issue, form.content.getOrElse("")){
+          Notifier.msgPullRequest(s"${context.baseUrl}/${owner}/${name}/pull/${issueId}")
+        }
+      }
+
+      redirect(s"/${owner}/${name}/pull/${issueId}")
+    }
  })

  /**
@@ -459,7 +529,11 @@ trait PullRequestsControllerBase extends ControllerBase {
        "pulls",
        searchIssue(condition, true, (page - 1) * PullRequestLimit, PullRequestLimit, owner -> repoName),
        page,
-        (getCollaborators(owner, repoName) :+ owner).sorted,
+        if(!getAccountByUserName(owner).exists(_.isGroupAccount)){
+          (getCollaborators(owner, repoName) :+ owner).sorted
+        } else {
+          getCollaborators(owner, repoName)
+        },
        getMilestones(owner, repoName),
        getLabels(owner, repoName),
        countIssue(condition.copy(state = "open"  ), true, owner -> repoName),
@@ -468,4 +542,5 @@ trait PullRequestsControllerBase extends ControllerBase {
        repository,
        hasWritePermission(owner, repoName, context.loginAccount))
    }
+
 }
--- a/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
@@ -2,38 +2,60 @@ package gitbucket.core.controller

 import gitbucket.core.settings.html
 import gitbucket.core.model.WebHook
-import gitbucket.core.service.{RepositoryService, AccountService, WebHookService}
+import gitbucket.core.service.{RepositoryService, AccountService, WebHookService, ProtectedBranchService, CommitStatusService}
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.util._
 import gitbucket.core.util.JGitUtil._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Directory._
-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.scalatra.i18n.Messages
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.Constants
+import org.eclipse.jgit.lib.ObjectId
+import gitbucket.core.model.WebHookContentType


 class RepositorySettingsController extends RepositorySettingsControllerBase
-  with RepositoryService with AccountService with WebHookService
+  with RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
  with OwnerAuthenticator with UsersAuthenticator

 trait RepositorySettingsControllerBase extends ControllerBase {
-  self: RepositoryService with AccountService with WebHookService
+  self: RepositoryService with AccountService with WebHookService with ProtectedBranchService with CommitStatusService
    with OwnerAuthenticator with UsersAuthenticator =>

  // for repository options
-  case class OptionsForm(repositoryName: String, description: Option[String], defaultBranch: String, isPrivate: Boolean)
+  case class OptionsForm(
+    repositoryName: String,
+    description: Option[String],
+    isPrivate: Boolean,
+    enableIssues: Boolean,
+    externalIssuesUrl: Option[String],
+    enableWiki: Boolean,
+    allowWikiEditing: Boolean,
+    externalWikiUrl: Option[String]
+  )
  
  val optionsForm = mapping(
-    "repositoryName" -> trim(label("Description"    , text(required, maxlength(40), identifier, renameRepositoryName))),
-    "description"    -> trim(label("Description"    , optional(text()))),
-    "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100)))),
-    "isPrivate"      -> trim(label("Repository Type", boolean()))
+    "repositoryName"    -> trim(label("Repository Name"    , text(required, maxlength(40), identifier, renameRepositoryName))),
+    "description"       -> trim(label("Description"        , optional(text()))),
+    "isPrivate"         -> trim(label("Repository Type"    , boolean())),
+    "enableIssues"      -> trim(label("Enable Issues"      , boolean())),
+    "externalIssuesUrl" -> trim(label("External Issues URL", optional(text(maxlength(200))))),
+    "enableWiki"        -> trim(label("Enable Wiki"        , boolean())),
+    "allowWikiEditing"  -> trim(label("Allow Wiki Editing" , boolean())),
+    "externalWikiUrl"   -> trim(label("External Wiki URL"  , optional(text(maxlength(200)))))
  )(OptionsForm.apply)

+  // for default branch
+  case class DefaultBranchForm(defaultBranch: String)
+
+  val defaultBranchForm = mapping(
+    "defaultBranch"  -> trim(label("Default Branch" , text(required, maxlength(100))))
+  )(DefaultBranchForm.apply)
+
  // for collaborator addition
  case class CollaboratorForm(userName: String)

@@ -42,11 +64,16 @@ trait RepositorySettingsControllerBase extends ControllerBase {
  )(CollaboratorForm.apply)

  // for web hook url addition
-  case class WebHookForm(url: String)
+  case class WebHookForm(url: String, events: Set[WebHook.Event], ctype: WebHookContentType, token: Option[String])

-  val webHookForm = mapping(
-    "url" -> trim(label("url", text(required, webHook)))
-  )(WebHookForm.apply)
+  def webHookForm(update:Boolean) = mapping(
+    "url"    -> trim(label("url", text(required, webHook(update)))),
+    "events" -> webhookEvents,
+    "ctype" -> label("ctype", text()),
+    "token" -> optional(trim(label("token", text(maxlength(100)))))
+  )(
+    (url, events, ctype, token) => WebHookForm(url, events, WebHookContentType.valueOf(ctype), token)
+  )

  // for transfer ownership
  case class TransferOwnerShipForm(newOwner: String)
@@ -73,15 +100,18 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Save the repository options.
   */
  post("/:owner/:repository/settings/options", optionsForm)(ownerOnly { (form, repository) =>
-    val defaultBranch = if(repository.branchList.isEmpty) "master" else form.defaultBranch
    saveRepositoryOptions(
      repository.owner,
      repository.name,
      form.description,
-      defaultBranch,
      repository.repository.parentUserName.map { _ =>
        repository.repository.isPrivate
-      } getOrElse form.isPrivate
+      } getOrElse form.isPrivate,
+      form.enableIssues,
+      form.externalIssuesUrl,
+      form.enableWiki,
+      form.allowWikiEditing,
+      form.externalWikiUrl
    )
    // Change repository name
    if(repository.name != form.repositoryName){
@@ -96,14 +126,45 @@ trait RepositorySettingsControllerBase extends ControllerBase {
        FileUtils.moveDirectory(dir, getWikiRepositoryDir(repository.owner, form.repositoryName))
      }
    }
-    // Change repository HEAD
-    using(Git.open(getRepositoryDir(repository.owner, form.repositoryName))) { git =>
-      git.getRepository.updateRef(Constants.HEAD, true).link(Constants.R_HEADS + defaultBranch)
-    }
    flash += "info" -> "Repository settings has been updated."
    redirect(s"/${repository.owner}/${form.repositoryName}/settings/options")
  })
-  
+
+  /** branch settings */
+  get("/:owner/:repository/settings/branches")(ownerOnly { repository =>
+    val protecteions = getProtectedBranchList(repository.owner, repository.name)
+    html.branches(repository, protecteions, flash.get("info"))
+  });
+
+  /** Update default branch */
+  post("/:owner/:repository/settings/update_default_branch", defaultBranchForm)(ownerOnly { (form, repository) =>
+    if(repository.branchList.find(_ == form.defaultBranch).isEmpty){
+      redirect(s"/${repository.owner}/${repository.name}/settings/options")
+    } else {
+      saveRepositoryDefaultBranch(repository.owner, repository.name, form.defaultBranch)
+      // Change repository HEAD
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        git.getRepository.updateRef(Constants.HEAD, true).link(Constants.R_HEADS + form.defaultBranch)
+      }
+      flash += "info" -> "Repository default branch has been updated."
+      redirect(s"/${repository.owner}/${repository.name}/settings/branches")
+    }
+  })
+
+  /** Branch protection for branch */
+  get("/:owner/:repository/settings/branches/:branch")(ownerOnly { repository =>
+    import gitbucket.core.api._
+    val branch = params("branch")
+    if(repository.branchList.find(_ == branch).isEmpty){
+      redirect(s"/${repository.owner}/${repository.name}/settings/branches")
+    } else {
+      val protection = ApiBranchProtection(getProtectedBranchInfo(repository.owner, repository.name, branch))
+      val lastWeeks = getRecentStatuesContexts(repository.owner, repository.name, org.joda.time.LocalDateTime.now.minusWeeks(1).toDate).toSet
+      val knownContexts = (lastWeeks ++ protection.status.contexts).toSeq.sortBy(identity)
+      html.branchprotection(repository, branch, protection, knownContexts, flash.get("info"))
+    }
+  })
+
  /**
   * Display the Collaborators page.
   */
@@ -138,14 +199,23 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Display the web hook page.
   */
  get("/:owner/:repository/settings/hooks")(ownerOnly { repository =>
-    html.hooks(getWebHookURLs(repository.owner, repository.name), flash.get("url"), repository, flash.get("info"))
+    html.hooks(getWebHooks(repository.owner, repository.name), repository, flash.get("info"))
+  })
+
+  /**
+   * Display the web hook edit page.
+   */
+  get("/:owner/:repository/settings/hooks/new")(ownerOnly { repository =>
+    val webhook = WebHook(repository.owner, repository.name, "", WebHookContentType.FORM, None)
+    html.edithooks(webhook, Set(WebHook.Push), repository, flash.get("info"), true)
  })

  /**
   * Add the web hook URL.
   */
-  post("/:owner/:repository/settings/hooks/add", webHookForm)(ownerOnly { (form, repository) =>
-    addWebHookURL(repository.owner, repository.name, form.url)
+  post("/:owner/:repository/settings/hooks/new", webHookForm(false))(ownerOnly { (form, repository) =>
+    addWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
+    flash += "info" -> s"Webhook ${form.url} created"
    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
  })

@@ -153,30 +223,89 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Delete the web hook URL.
   */
  get("/:owner/:repository/settings/hooks/delete")(ownerOnly { repository =>
-    deleteWebHookURL(repository.owner, repository.name, params("url"))
+    deleteWebHook(repository.owner, repository.name, params("url"))
+    flash += "info" -> s"Webhook ${params("url")} deleted"
    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
  })

  /**
   * Send the test request to registered web hook URLs.
   */
-  post("/:owner/:repository/settings/hooks/test", webHookForm)(ownerOnly { (form, repository) =>
+  ajaxPost("/:owner/:repository/settings/hooks/test")(ownerOnly { repository =>
+    def _headers(h: Array[org.apache.http.Header]): Array[Array[String]] = h.map { h => Array(h.getName, h.getValue) }
+
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      import scala.collection.JavaConverters._
-      val commits = if(repository.commitCount == 0) List.empty else git.log
-        .add(git.getRepository.resolve(repository.repository.defaultBranch))
-        .setMaxCount(3)
-        .call.iterator.asScala.map(new CommitInfo(_))
+      import scala.concurrent.duration._
+      import scala.concurrent._
+      import scala.util.control.NonFatal
+      import org.apache.http.util.EntityUtils
+      import scala.concurrent.ExecutionContext.Implicits.global

-      getAccountByUserName(repository.owner).foreach { ownerAccount =>
-        callWebHook("push",
-          List(WebHook(repository.owner, repository.name, form.url)),
-          WebHookPushPayload(git, ownerAccount, "refs/heads/" + repository.repository.defaultBranch, repository, commits.toList, ownerAccount)
+      val url = params("url")
+      val token = Some(params("token"))
+      val ctype = WebHookContentType.valueOf(params("ctype"))
+      val dummyWebHookInfo = WebHook(repository.owner, repository.name, url, ctype, token)
+      val dummyPayload = {
+        val ownerAccount = getAccountByUserName(repository.owner).get
+        val commits = if(repository.commitCount == 0) List.empty else git.log
+          .add(git.getRepository.resolve(repository.repository.defaultBranch))
+          .setMaxCount(4)
+          .call.iterator.asScala.map(new CommitInfo(_)).toList
+        val pushedCommit = commits.drop(1)
+
+        WebHookPushPayload(
+          git = git,
+          sender = ownerAccount,
+          refName = "refs/heads/" + repository.repository.defaultBranch,
+          repositoryInfo = repository,
+          commits = pushedCommit,
+          repositoryOwner = ownerAccount,
+          oldId = commits.lastOption.map(_.id).map(ObjectId.fromString).getOrElse(ObjectId.zeroId()),
+          newId = commits.headOption.map(_.id).map(ObjectId.fromString).getOrElse(ObjectId.zeroId())
        )
      }
-      flash += "url"  -> form.url
-      flash += "info" -> "Test payload deployed!"
+
+      val (webHook, json, reqFuture, resFuture) = callWebHook(WebHook.Push, List(dummyWebHookInfo), dummyPayload).head
+
+      val toErrorMap: PartialFunction[Throwable, Map[String,String]] = {
+        case e: java.net.UnknownHostException => Map("error"-> ("Unknown host " + e.getMessage))
+        case e: java.lang.IllegalArgumentException => Map("error"-> ("invalid url"))
+        case e: org.apache.http.client.ClientProtocolException => Map("error"-> ("invalid url"))
+        case NonFatal(e) => Map("error"-> (e.getClass + " "+ e.getMessage))
+      }
+
+      contentType = formats("json")
+      org.json4s.jackson.Serialization.write(Map(
+        "url" -> url,
+        "request" -> Await.result(reqFuture.map(req => Map(
+          "headers" -> _headers(req.getAllHeaders),
+          "payload" -> json
+        )).recover(toErrorMap), 20 seconds),
+        "responce" -> Await.result(resFuture.map(res => Map(
+          "status"  -> res.getStatusLine(),
+          "body"    -> EntityUtils.toString(res.getEntity()),
+          "headers" -> _headers(res.getAllHeaders())
+        )).recover(toErrorMap), 20 seconds)
+      ))
    }
+  })
+
+  /**
+   * Display the web hook edit page.
+   */
+  get("/:owner/:repository/settings/hooks/edit")(ownerOnly { repository =>
+    getWebHook(repository.owner, repository.name, params("url")).map{ case (webhook, events) =>
+      html.edithooks(webhook, events, repository, flash.get("info"), false)
+    } getOrElse NotFound
+  })
+
+  /**
+   * Update web hook settings.
+   */
+  post("/:owner/:repository/settings/hooks/edit", webHookForm(true))(ownerOnly { (form, repository) =>
+    updateWebHook(repository.owner, repository.name, form.url, form.events, form.ctype, form.token)
+    flash += "info" -> s"webhook ${form.url} updated"
    redirect(s"/${repository.owner}/${repository.name}/settings/hooks")
  })

@@ -184,7 +313,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   * Display the danger zone.
   */
  get("/:owner/:repository/settings/danger")(ownerOnly {
-    html.danger(_)
+    html.danger(_, flash.get("info"))
  })

  /**
@@ -223,12 +352,46 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    redirect(s"/${repository.owner}")
  })

+  /**
+   * Run GC
+   */
+  post("/:owner/:repository/settings/gc")(ownerOnly { repository =>
+    LockUtil.lock(s"${repository.owner}/${repository.name}") {
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        git.gc();
+      }
+    }
+    flash += "info" -> "Garbage collection has been executed."
+    redirect(s"/${repository.owner}/${repository.name}/settings/danger")
+  })
+
  /**
   * Provides duplication check for web hook url.
   */
-  private def webHook: Constraint = new Constraint(){
+  private def webHook(needExists: Boolean): Constraint = new Constraint(){
    override def validate(name: String, value: String, messages: Messages): Option[String] =
-      getWebHookURLs(params("owner"), params("repository")).map(_.url).find(_ == value).map(_ => "URL had been registered already.")
+      if(getWebHook(params("owner"), params("repository"), value).isDefined != needExists){
+        Some(if(needExists){
+          "URL had not been registered yet."
+        } else {
+          "URL had been registered already."
+        })
+      } else {
+        None
+      }
+  }
+
+  private def webhookEvents = new ValueType[Set[WebHook.Event]]{
+    def convert(name: String, params: Map[String, String], messages: Messages): Set[WebHook.Event] = {
+      WebHook.Event.values.flatMap { t =>
+        params.get(name + "." + t.name).map(_ => t)
+      }.toSet
+    }
+    def validate(name: String, params: Map[String, String], messages: Messages): Seq[(String, String)] = if(convert(name,params,messages).isEmpty){
+      Seq(name -> messages("error.required").format(name))
+    } else {
+      Nil
+    }
  }

  /**
--- a/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
+++ b/src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
@@ -1,6 +1,7 @@
 package gitbucket.core.controller

-import gitbucket.core.api._
+import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
+
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.repo.html
 import gitbucket.core.helper
@@ -11,17 +12,17 @@ import gitbucket.core.util.StringUtil._
 import gitbucket.core.util.ControlUtil._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.Directory._
-import gitbucket.core.model.{Account, CommitState}
-import gitbucket.core.service.CommitStatusService
+import gitbucket.core.model.{Account, WebHook}
 import gitbucket.core.service.WebHookService._
 import gitbucket.core.view
 import gitbucket.core.view.helpers

-import jp.sf.amateras.scalatra.forms._
+import io.github.gitbucket.scalatra.forms._
 import org.apache.commons.io.FileUtils
 import org.eclipse.jgit.api.{ArchiveCommand, Git}
 import org.eclipse.jgit.archive.{TgzFormat, ZipFormat}
 import org.eclipse.jgit.dircache.DirCache
+import org.eclipse.jgit.errors.MissingObjectException
 import org.eclipse.jgit.lib._
 import org.eclipse.jgit.revwalk.RevCommit
 import org.eclipse.jgit.treewalk._
@@ -31,7 +32,7 @@ import org.scalatra._
 class RepositoryViewerController extends RepositoryViewerControllerBase
  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
-  with WebHookPullRequestService
+  with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService

 /**
 * The repository viewer.
@@ -39,7 +40,7 @@ class RepositoryViewerController extends RepositoryViewerControllerBase
 trait RepositoryViewerControllerBase extends ControllerBase {
  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
-    with WebHookPullRequestService =>
+    with WebHookPullRequestService with WebHookPullRequestReviewCommentService with ProtectedBranchService =>

  ArchiveCommand.registerFormat("zip", new ZipFormat)
  ArchiveCommand.registerFormat("tar.gz", new TgzFormat)
@@ -101,11 +102,16 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   */
  post("/:owner/:repository/_preview")(referrersOnly { repository =>
    contentType = "text/html"
-    helpers.markdown(params("content"), repository,
-      params("enableWikiLink").toBoolean,
-      params("enableRefsLink").toBoolean,
-      params("enableTaskList").toBoolean,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount))
+    helpers.markdown(
+      markdown = params("content"),
+      repository = repository,
+      enableWikiLink = params("enableWikiLink").toBoolean,
+      enableRefsLink = params("enableRefsLink").toBoolean,
+      enableLineBreaks = params("enableLineBreaks").toBoolean,
+      enableTaskList = params("enableTaskList").toBoolean,
+      enableAnchor = false,
+      hasWritePermission = hasWritePermission(repository.owner, repository.name, context.loginAccount)
+    )
  })

  /**
@@ -115,18 +121,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    fileList(_)
  })

-  /**
-   * https://developer.github.com/v3/repos/#get
-   */
-  get("/api/v3/repos/:owner/:repository")(referrersOnly { repository =>
-    JsonFormat(ApiRepository(repository, ApiUser(getAccountByUserName(repository.owner).get)))
-  })
-
  /**
   * Displays the file list of the specified path and branch.
   */
  get("/:owner/:repository/tree/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    if(path.isEmpty){
      fileList(repository, id)
    } else {
@@ -138,7 +137,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays the commit list of the specified resource.
   */
  get("/:owner/:repository/commits/*")(referrersOnly { repository =>
-    val (branchName, path) = splitPath(repository, multiParams("splat").head)
+    val (branchName, path) = repository.splitPath(multiParams("splat").head)
    val page = params.get("page").flatMap(_.toIntOpt).getOrElse(1)

    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
@@ -153,64 +152,17 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  })

-  /**
-   * https://developer.github.com/v3/repos/statuses/#create-a-status
-   */
-  post("/api/v3/repos/:owner/:repo/statuses/:sha")(collaboratorsOnly { repository =>
-    (for{
-      ref <- params.get("sha")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-      data <- extractFromJsonBody[CreateAStatus] if data.isValid
-      creator <- context.loginAccount
-      state <- CommitState.valueOf(data.state)
-      statusId = createCommitStatus(repository.owner, repository.name, sha, data.context.getOrElse("default"),
-                                    state, data.target_url, data.description, new java.util.Date(), creator)
-      status <- getCommitStatus(repository.owner, repository.name, statusId)
-    } yield {
-      JsonFormat(ApiCommitStatus(status, ApiUser(creator)))
-    }) getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/repos/statuses/#list-statuses-for-a-specific-ref
-   *
-   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
-   */
-  get("/api/v3/repos/:owner/:repo/commits/:ref/statuses")(referrersOnly { repository =>
-    (for{
-      ref <- params.get("ref")
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-    } yield {
-      JsonFormat(getCommitStatuesWithCreator(repository.owner, repository.name, sha).map{ case(status, creator) =>
-        ApiCommitStatus(status, ApiUser(creator))
-      })
-    }) getOrElse NotFound
-  })
-
-  /**
-   * https://developer.github.com/v3/repos/statuses/#get-the-combined-status-for-a-specific-ref
-   *
-   * ref is Ref to list the statuses from. It can be a SHA, a branch name, or a tag name.
-   */
-  get("/api/v3/repos/:owner/:repo/commits/:ref/status")(referrersOnly { repository =>
-    (for{
-      ref <- params.get("ref")
-      owner <- getAccountByUserName(repository.owner)
-      sha <- JGitUtil.getShaByRef(repository.owner, repository.name, ref)
-    } yield {
-      val statuses = getCommitStatuesWithCreator(repository.owner, repository.name, sha)
-      JsonFormat(ApiCombinedCommitStatus(sha, statuses, ApiRepository(repository, owner)))
-    }) getOrElse NotFound
-  })
-
  get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
+    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)
    html.editor(branch, repository, if(path.length == 0) Nil else path.split("/").toList,
-      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")))
+      None, JGitUtil.ContentInfo("text", None, Some("UTF-8")),
+      protectedBranch)
  })

  get("/:owner/:repository/edit/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
+    val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch).needStatusCheck(context.loginAccount.get.userName)

    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
@@ -218,13 +170,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      getPathObjectId(git, path, revCommit).map { objectId =>
        val paths = path.split("/")
        html.editor(branch, repository, paths.take(paths.size - 1).toList, Some(paths.last),
-          JGitUtil.getContentInfo(git, path, objectId))
+          JGitUtil.getContentInfo(git, path, objectId),
+          protectedBranch)
      } getOrElse NotFound
    }
  })

  get("/:owner/:repository/remove/*")(collaboratorsOnly { repository =>
-    val (branch, path) = splitPath(repository, multiParams("splat").head)
+    val (branch, path) = repository.splitPath(multiParams("splat").head)
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))

@@ -249,7 +202,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    )

    redirect(s"/${repository.owner}/${repository.name}/blob/${form.branch}/${
-      if(form.path.length == 0) form.newFileName else s"${form.path}/${form.newFileName}"
+      if(form.path.length == 0) urlEncode(form.newFileName) else s"${form.path}/${urlEncode(form.newFileName)}"
    }")
  })

@@ -270,7 +223,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    )

    redirect(s"/${repository.owner}/${repository.name}/blob/${form.branch}/${
-      if(form.path.length == 0) form.newFileName else s"${form.path}/${form.newFileName}"
+      if(form.path.length == 0) urlEncode(form.newFileName) else s"${form.path}/${urlEncode(form.newFileName)}"
    }")
  })

@@ -281,19 +234,37 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}${if(form.path.length == 0) "" else form.path}")
  })

+  get("/:owner/:repository/raw/*")(referrersOnly { repository =>
+    val (id, path) = repository.splitPath(multiParams("splat").head)
+    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
+      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
+      getPathObjectId(git, path, revCommit).flatMap { objectId =>
+        JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+          contentType = FileUtil.getMimeType(path)
+          response.setContentLength(loader.getSize.toInt)
+          loader.copyTo(response.outputStream)
+          ()
+        }
+      } getOrElse NotFound
+    }
+  })
+
  /**
   * Displays the file content of the specified branch or commit.
   */
  val blobRoute = get("/:owner/:repository/blob/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    val raw = params.get("raw").getOrElse("false").toBoolean
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
      getPathObjectId(git, path, revCommit).map { objectId =>
        if(raw){
-          // Download
-          JGitUtil.getContentFromId(git, objectId, true).map { bytes =>
-            RawData("application/octet-stream", bytes)
+          // Download (This route is left for backword compatibility)
+          JGitUtil.getObjectLoaderFromId(git, objectId){ loader =>
+            contentType = FileUtil.getMimeType(path)
+            response.setContentLength(loader.getSize.toInt)
+            loader.copyTo(response.outputStream)
+            ()
          } getOrElse NotFound
        } else {
          html.blob(id, repository, path.split("/").toList,
@@ -314,7 +285,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Blame data.
   */
  ajaxGet("/:owner/:repository/get-blame/*")(referrersOnly { repository =>
-    val (id, path) = splitPath(repository, multiParams("splat").head)
+    val (id, path) = repository.splitPath(multiParams("splat").head)
    contentType = formats("json")
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
      val last = git.log.add(git.getRepository.resolve(id)).addPath(path).setMaxCount(1).call.iterator.next.name
@@ -344,23 +315,28 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  get("/:owner/:repository/commit/:id")(referrersOnly { repository =>
    val id = params("id")

-    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      defining(JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))){ revCommit =>
-        JGitUtil.getDiffs(git, id) match { case (diffs, oldCommitId) =>
-          html.commit(id, new JGitUtil.CommitInfo(revCommit),
-            JGitUtil.getBranchesOfCommit(git, revCommit.getName),
-            JGitUtil.getTagsOfCommit(git, revCommit.getName),
-            getCommitComments(repository.owner, repository.name, id, false),
-            repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+    try {
+      using(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
+        defining(JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))) { revCommit =>
+          JGitUtil.getDiffs(git, id) match {
+            case (diffs, oldCommitId) =>
+              html.commit(id, new JGitUtil.CommitInfo(revCommit),
+                JGitUtil.getBranchesOfCommit(git, revCommit.getName),
+                JGitUtil.getTagsOfCommit(git, revCommit.getName),
+                getCommitComments(repository.owner, repository.name, id, false),
+                repository, diffs, oldCommitId, hasWritePermission(repository.owner, repository.name, context.loginAccount))
+          }
        }
      }
+    } catch {
+      case e:MissingObjectException => NotFound
    }
  })

  post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
    val id = params("id")
    createCommitComment(repository.owner, repository.name, id, context.loginAccount.get.userName, form.content,
-      form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId.isDefined)
+      form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId)
    form.issueId match {
      case Some(issueId) => recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
      case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
@@ -385,26 +361,35 @@ trait RepositoryViewerControllerBase extends ControllerBase {
  ajaxPost("/:owner/:repository/commit/:id/comment/_data/new", commentForm)(readableUsersOnly { (form, repository) =>
    val id = params("id")
    val commentId = createCommitComment(repository.owner, repository.name, id, context.loginAccount.get.userName,
-      form.content, form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId.isDefined)
+      form.content, form.fileName, form.oldLineNumber, form.newLineNumber, form.issueId)
+    val comment = getCommitComment(repository.owner, repository.name, commentId.toString).get
    form.issueId match {
-      case Some(issueId) => recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
+      case Some(issueId) =>
+        recordCommentPullRequestActivity(repository.owner, repository.name, context.loginAccount.get.userName, issueId, form.content)
+        callPullRequestReviewCommentWebHook("create", comment, repository, issueId, context.baseUrl, context.loginAccount.get)
      case None => recordCommentCommitActivity(repository.owner, repository.name, context.loginAccount.get.userName, id, form.content)
    }
-    helper.html.commitcomment(getCommitComment(repository.owner, repository.name, commentId.toString).get,
-      hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
+    helper.html.commitcomment(comment, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
  })

  ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
    getCommitComment(repository.owner, repository.name, params("id")) map { x =>
      if(isEditable(x.userName, x.repositoryName, x.commentedUserName)){
        params.get("dataType") collect {
-          case t if t == "html" => html.editcomment(
-            x.content, x.commentId, x.userName, x.repositoryName)
+          case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
        } getOrElse {
          contentType = formats("json")
          org.json4s.jackson.Serialization.write(
-            Map("content" -> view.Markdown.toHtml(x.content,
-              repository, false, true, true, isEditable(x.userName, x.repositoryName, x.commentedUserName))
+            Map(
+              "content" -> view.Markdown.toHtml(
+                markdown = x.content,
+                repository = repository,
+                enableWikiLink = false,
+                enableRefsLink = true,
+                enableAnchor = true,
+                enableLineBreaks = true,
+                hasWritePermission = isEditable(x.userName, x.repositoryName, x.commentedUserName)
+              )
            ))
        }
      } else Unauthorized
@@ -436,6 +421,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   * Displays branches.
   */
  get("/:owner/:repository/branches")(referrersOnly { repository =>
+    val protectedBranches = getProtectedBranchList(repository.owner, repository.name).toSet
    val branches = JGitUtil.getBranches(
      owner         = repository.owner,
      name          = repository.name,
@@ -443,7 +429,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
      origin        = repository.repository.originUserName.isEmpty
    )
    .sortBy(br => (br.mergeInfo.isEmpty, br.commitTime))
-    .map(br => br -> getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId))
+    .map(br => (br, getPullRequestByRequestCommit(repository.owner, repository.name, repository.repository.defaultBranch, br.name, br.commitId), protectedBranches.contains(br.name)))
    .reverse

    html.branches(branches, hasWritePermission(repository.owner, repository.name, context.loginAccount), repository)
@@ -506,27 +492,25 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    html.forked(
      getRepository(
        repository.repository.originUserName.getOrElse(repository.owner),
-        repository.repository.originRepositoryName.getOrElse(repository.name),
-        context.baseUrl),
+        repository.repository.originRepositoryName.getOrElse(repository.name)),
      getForkedRepositories(
        repository.repository.originUserName.getOrElse(repository.owner),
        repository.repository.originRepositoryName.getOrElse(repository.name)),
+      context.loginAccount match {
+        case None => List()
+        case account: Option[Account] => getGroupsByUserName(account.get.userName)
+      }, // groups of current user
      repository)
  })

  /**
   * Displays the file find of branch.
   */
-  get("/:owner/:repository/find/:ref")(referrersOnly { repository =>
+  get("/:owner/:repository/find/*")(referrersOnly { repository =>
    using(Git.open(getRepositoryDir(repository.owner, repository.name))){ git =>
-      JGitUtil.getTreeId(git, params("ref")).map{ treeId =>
-        html.find(params("ref"),
-                  treeId,
-                  repository,
-                  context.loginAccount match {
-                    case None => List()
-                    case account: Option[Account] => getGroupsByUserName(account.get.userName)
-                  })
+      val ref = multiParams("splat").head
+      JGitUtil.getTreeId(git, ref).map{ treeId =>
+        html.find(ref, treeId, repository)
      } getOrElse NotFound
    }
  })
@@ -542,17 +526,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
    }
  })

-  private def splitPath(repository: RepositoryService.RepositoryInfo, path: String): (String, String) = {
-    val id = repository.branchList.collectFirst {
-      case branch if(path == branch || path.startsWith(branch + "/")) => branch
-    } orElse repository.tags.collectFirst {
-      case tag if(path == tag.name || path.startsWith(tag.name + "/")) => tag.name
-    } getOrElse path.split("/")(0)
-
-    (id, path.substring(id.length).stripPrefix("/"))
-  }
-
-
  private val readmeFiles = PluginRegistry().renderableExtensions.map { extension =>
    s"readme.${extension}"
  } ++ Seq("readme.txt", "readme")
@@ -579,7 +552,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
            val parentPath = if (path == ".") Nil else path.split("/").toList
            // process README.md or README.markdown
            val readme = files.find { file =>
-              readmeFiles.contains(file.name.toLowerCase)
+              !file.isDirectory && readmeFiles.contains(file.name.toLowerCase)
            }.map { file =>
              val path = (file.name :: parentPath.reverse).reverse
              path -> StringUtil.convertFromByteArray(JGitUtil.getContentFromId(
@@ -588,10 +561,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {

            html.files(revision, repository,
              if(path == ".") Nil else path.split("/").toList, // current path
-              context.loginAccount match {
-                case None => List()
-                case account: Option[Account] => getGroupsByUserName(account.get.userName)
-              }, // groups of current user
              new JGitUtil.CommitInfo(lastModifiedCommit), // last modified commit
              files, readme, hasWritePermission(repository.owner, repository.name, context.loginAccount),
              getPullRequestFromBranch(repository.owner, repository.name, revstr, repository.repository.defaultBranch),
@@ -633,7 +602,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
          headName, loginAccount.fullName, loginAccount.mailAddress, message)

        inserter.flush()
-        inserter.release()
+        inserter.close()

        // update refs
        val refUpdate = git.getRepository.updateRef(headName)
@@ -656,9 +625,10 @@ trait RepositoryViewerControllerBase extends ControllerBase {
        // call web hook
        callPullRequestWebHookByRequestBranch("synchronize", repository, branch, context.baseUrl, loginAccount)
        val commit = new JGitUtil.CommitInfo(JGitUtil.getRevCommitFromId(git, commitId))
-        callWebHookOf(repository.owner, repository.name, "push") {
+        callWebHookOf(repository.owner, repository.name, WebHook.Push) {
          getAccountByUserName(repository.owner).map{ ownerAccount =>
-            WebHookPushPayload(git, loginAccount, headName, repository, List(commit), ownerAccount)
+            WebHookPushPayload(git, loginAccount, headName, repository, List(commit), ownerAccount,
+                               oldId = headTip, newId = commitId)
          }
        }
      }
@@ -703,11 +673,14 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         .setTree(revCommit.getTree)
         .setOutputStream(response.getOutputStream)
         .call()
-
-      Unit
    }
  }

  private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean =
    hasWritePermission(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName
+
+  override protected def renderUncaughtException(e: Throwable)(implicit request: HttpServletRequest, response: HttpServletResponse): Unit = {
+    e.printStackTrace()
+  }
+
 }
--- a/src/main/scala/gitbucket/core/controller/SearchController.scala
+++ b/src/main/scala/gitbucket/core/controller/SearchController.scala
@@ -1,51 +0,0 @@
-package gitbucket.core.controller
-
-import gitbucket.core.search.html
-import gitbucket.core.service._
-import gitbucket.core.util.{StringUtil, ControlUtil, ReferrerAuthenticator, Implicits}
-import ControlUtil._
-import Implicits._
-import jp.sf.amateras.scalatra.forms._
-
-class SearchController extends SearchControllerBase
-  with RepositoryService with AccountService with ActivityService with RepositorySearchService with IssuesService with ReferrerAuthenticator
-
-trait SearchControllerBase extends ControllerBase { self: RepositoryService
-  with ActivityService with RepositorySearchService with ReferrerAuthenticator =>
-
-  val searchForm = mapping(
-    "query"      -> trim(text(required)),
-    "owner"      -> trim(text(required)),
-    "repository" -> trim(text(required))
-  )(SearchForm.apply)
-
-  case class SearchForm(query: String, owner: String, repository: String)
-
-  post("/search", searchForm){ form =>
-    redirect(s"/${form.owner}/${form.repository}/search?q=${StringUtil.urlEncode(form.query)}")
-  }
-
-  get("/:owner/:repository/search")(referrersOnly { repository =>
-    defining(params("q").trim, params.getOrElse("type", "code")){ case (query, target) =>
-      val page   = try {
-        val i = params.getOrElse("page", "1").toInt
-        if(i <= 0) 1 else i
-      } catch {
-        case e: NumberFormatException => 1
-      }
-
-      target.toLowerCase match {
-        case "issue" => html.issues(
-          searchIssues(repository.owner, repository.name, query),
-          countFiles(repository.owner, repository.name, query),
-          query, page, repository)
-
-        case _ => html.code(
-          searchFiles(repository.owner, repository.name, query),
-          countIssues(repository.owner, repository.name, query),
-          query, page, repository)
-      }
-    }
-  })
-
-}
--- a/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
+++ b/src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
@@ -1,17 +1,28 @@
 package gitbucket.core.controller

+import java.io.FileInputStream
+
 import gitbucket.core.admin.html
-import gitbucket.core.service.{AccountService, SystemSettingsService}
-import gitbucket.core.util.AdminAuthenticator
+import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService}
+import gitbucket.core.util.{AdminAuthenticator, Mailer}
 import gitbucket.core.ssh.SshServer
+import gitbucket.core.plugin.PluginRegistry
 import SystemSettingsService._
-import jp.sf.amateras.scalatra.forms._
+import gitbucket.core.util.Implicits._
+import gitbucket.core.util.ControlUtil._
+import gitbucket.core.util.Directory._
+import gitbucket.core.util.StringUtil._
+import io.github.gitbucket.scalatra.forms._
+import io.github.gitbucket.solidbase.manager.JDBCVersionManager
+import org.apache.commons.io.{FileUtils, IOUtils}
+import org.apache.commons.mail.{DefaultAuthenticator, HtmlEmail}
+import org.scalatra.i18n.Messages

 class SystemSettingsController extends SystemSettingsControllerBase
-  with AccountService with AdminAuthenticator
+  with AccountService with RepositoryService with AdminAuthenticator

-trait SystemSettingsControllerBase extends ControllerBase {
-  self: AccountService with AdminAuthenticator =>
+trait SystemSettingsControllerBase extends AccountManagementControllerBase {
+  self: AccountService with RepositoryService with AdminAuthenticator =>

  private val form = mapping(
    "baseUrl"                  -> trim(label("Base URL", optional(text()))),
@@ -23,8 +34,10 @@ trait SystemSettingsControllerBase extends ControllerBase {
    "notification"             -> trim(label("Notification", boolean())),
    "activityLogLimit"         -> trim(label("Limit of activity logs", optional(number()))),
    "ssh"                      -> trim(label("SSH access", boolean())),
+    "sshHost"                  -> trim(label("SSH host", optional(text()))),
    "sshPort"                  -> trim(label("SSH port", optional(number()))),
-    "smtp"                     -> optionalIfNotChecked("notification", mapping(
+    "useSMTP"                  -> trim(label("SMTP", boolean())),
+    "smtp"                     -> optionalIfNotChecked("useSMTP", mapping(
        "host"                     -> trim(label("SMTP Host", text(required))),
        "port"                     -> trim(label("SMTP Port", optional(number()))),
        "user"                     -> trim(label("SMTP User", optional(text()))),
@@ -49,16 +62,86 @@ trait SystemSettingsControllerBase extends ControllerBase {
        "keystore"                 -> trim(label("Keystore", optional(text())))
    )(Ldap.apply))
  )(SystemSettings.apply).verifying { settings =>
-    if(settings.ssh && settings.baseUrl.isEmpty){
-      Seq("baseUrl" -> "Base URL is required if SSH access is enabled.")
-    } else Nil
+    Vector(
+      if(settings.ssh && settings.baseUrl.isEmpty){
+        Some("baseUrl" -> "Base URL is required if SSH access is enabled.")
+      } else None,
+      if(settings.ssh && settings.sshHost.isEmpty){
+        Some("sshHost" -> "SSH host is required if SSH access is enabled.")
+      } else None
+    ).flatten
  }

-  private val pluginForm = mapping(
-    "pluginId" -> list(trim(label("", text())))
-  )(PluginForm.apply)
+  private val sendMailForm = mapping(
+    "smtp"        -> mapping(
+      "host"        -> trim(label("SMTP Host", text(required))),
+      "port"        -> trim(label("SMTP Port", optional(number()))),
+      "user"        -> trim(label("SMTP User", optional(text()))),
+      "password"    -> trim(label("SMTP Password", optional(text()))),
+      "ssl"         -> trim(label("Enable SSL", optional(boolean()))),
+      "fromAddress" -> trim(label("FROM Address", optional(text()))),
+      "fromName"    -> trim(label("FROM Name", optional(text())))
+    )(Smtp.apply),
+    "testAddress" -> trim(label("", text(required)))
+  )(SendMailForm.apply)
+
+  case class SendMailForm(smtp: Smtp, testAddress: String)
+
+  case class DataExportForm(tableNames: List[String])
+
+  case class NewUserForm(userName: String, password: String, fullName: String,
+                         mailAddress: String, isAdmin: Boolean,
+                         url: Option[String], fileId: Option[String])
+
+  case class EditUserForm(userName: String, password: Option[String], fullName: String,
+                          mailAddress: String, isAdmin: Boolean, url: Option[String],
+                          fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
+
+  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+                          members: String)
+
+  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String],
+                           members: String, clearImage: Boolean, isRemoved: Boolean)
+
+
+  val newUserForm = mapping(
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
+    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
+    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
+    "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"      ,optional(text())))
+  )(NewUserForm.apply)
+
+  val editUserForm = mapping(
+    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier))),
+    "password"    -> trim(label("Password"     ,optional(text(maxlength(20))))),
+    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
+    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
+    "isAdmin"     -> trim(label("User Type"    ,boolean())),
+    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
+    "fileId"      -> trim(label("File ID"      ,optional(text()))),
+    "clearImage"  -> trim(label("Clear image"  ,boolean())),
+    "removed"     -> trim(label("Disable"      ,boolean(disableByNotYourself("userName"))))
+  )(EditUserForm.apply)
+
+  val newGroupForm = mapping(
+    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
+    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
+    "fileId"    -> trim(label("File ID"    ,optional(text()))),
+    "members"   -> trim(label("Members"    ,text(required, members)))
+  )(NewGroupForm.apply)
+
+  val editGroupForm = mapping(
+    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
+    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
+    "fileId"     -> trim(label("File ID"     ,optional(text()))),
+    "members"    -> trim(label("Members"     ,text(required, members))),
+    "clearImage" -> trim(label("Clear image" ,boolean())),
+    "removed"    -> trim(label("Disable"     ,boolean()))
+  )(EditGroupForm.apply)

-  case class PluginForm(pluginIds: List[String])

  get("/admin/system")(adminOnly {
    html.system(flash.get("info"))
@@ -67,20 +150,200 @@ trait SystemSettingsControllerBase extends ControllerBase {
  post("/admin/system", form)(adminOnly { form =>
    saveSystemSettings(form)

-    if(form.ssh && SshServer.isActive && context.settings.sshPort != form.sshPort){
-      SshServer.stop()
-    }
-
-    if(form.ssh && !SshServer.isActive && form.baseUrl.isDefined){
-      SshServer.start(
-        form.sshPort.getOrElse(SystemSettingsService.DefaultSshPort),
-        form.baseUrl.get)
-    } else if(!form.ssh && SshServer.isActive){
+    if (form.sshAddress != context.settings.sshAddress) {
      SshServer.stop()
+       for {
+         sshAddress <- form.sshAddress
+         baseUrl    <- form.baseUrl
+       }
+       SshServer.start(sshAddress, baseUrl)
    }

    flash += "info" -> "System settings has been updated."
    redirect("/admin/system")
  })

+  post("/admin/system/sendmail", sendMailForm)(adminOnly { form =>
+    try {
+      new Mailer(form.smtp).send(form.testAddress,
+        "Test message from GitBucket", "This is a test message from GitBucket.")
+
+      "Test mail has been sent to: " + form.testAddress
+
+    } catch {
+      case e: Exception => "[Error] " + e.toString
+    }
+  })
+
+  get("/admin/plugins")(adminOnly {
+    val manager = new JDBCVersionManager(request2Session(request).conn)
+    val plugins = PluginRegistry().getPlugins().map { plugin =>
+      (plugin, manager.getCurrentVersion(plugin.pluginId))
+    }
+    html.plugins(plugins)
+  })
+
+
+  get("/admin/users")(adminOnly {
+    val includeRemoved = params.get("includeRemoved").map(_.toBoolean).getOrElse(false)
+    val users          = getAllUsers(includeRemoved)
+    val members        = users.collect { case account if(account.isGroupAccount) =>
+      account.userName -> getGroupMembers(account.userName).map(_.userName)
+    }.toMap
+
+    html.userlist(users, members, includeRemoved)
+  })
+
+  get("/admin/users/_newuser")(adminOnly {
+    html.user(None)
+  })
+
+  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
+    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.url)
+    updateImage(form.userName, form.fileId, false)
+    redirect("/admin/users")
+  })
+
+  get("/admin/users/:userName/_edituser")(adminOnly {
+    val userName = params("userName")
+    html.user(getAccountByUserName(userName, true), flash.get("error"))
+  })
+
+  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
+    val userName = params("userName")
+    getAccountByUserName(userName, true).map { account =>
+      if(account.isAdmin && (form.isRemoved || !form.isAdmin) && isLastAdministrator(account)){
+        flash += "error" -> "Account can't be turned off because this is last one administrator."
+        redirect(s"/admin/users/${userName}/_edituser")
+      } else {
+        if(form.isRemoved){
+          // Remove repositories
+          //        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
+          //          deleteRepository(userName, repositoryName)
+          //          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
+          //          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
+          //          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
+          //        }
+          // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
+          removeUserRelatedData(userName)
+        }
+
+        updateAccount(account.copy(
+          password     = form.password.map(sha1).getOrElse(account.password),
+          fullName     = form.fullName,
+          mailAddress  = form.mailAddress,
+          isAdmin      = form.isAdmin,
+          url          = form.url,
+          isRemoved    = form.isRemoved))
+
+        updateImage(userName, form.fileId, form.clearImage)
+        redirect("/admin/users")
+      }
+    } getOrElse NotFound
+  })
+
+  get("/admin/users/_newgroup")(adminOnly {
+    html.usergroup(None, Nil)
+  })
+
+  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
+    createGroup(form.groupName, form.url)
+    updateGroupMembers(form.groupName, form.members.split(",").map {
+      _.split(":") match {
+        case Array(userName, isManager) => (userName, isManager.toBoolean)
+      }
+    }.toList)
+    updateImage(form.groupName, form.fileId, false)
+    redirect("/admin/users")
+  })
+
+  get("/admin/users/:groupName/_editgroup")(adminOnly {
+    defining(params("groupName")){ groupName =>
+      html.usergroup(getAccountByUserName(groupName, true), getGroupMembers(groupName))
+    }
+  })
+
+  post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form =>
+    defining(params("groupName"), form.members.split(",").map {
+      _.split(":") match {
+        case Array(userName, isManager) => (userName, isManager.toBoolean)
+      }
+    }.toList){ case (groupName, members) =>
+      getAccountByUserName(groupName, true).map { account =>
+        updateGroup(groupName, form.url, form.isRemoved)
+
+        if(form.isRemoved){
+          // Remove from GROUP_MEMBER
+          updateGroupMembers(form.groupName, Nil)
+          // Remove repositories
+          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+            deleteRepository(groupName, repositoryName)
+            FileUtils.deleteDirectory(getRepositoryDir(groupName, repositoryName))
+            FileUtils.deleteDirectory(getWikiRepositoryDir(groupName, repositoryName))
+            FileUtils.deleteDirectory(getTemporaryDir(groupName, repositoryName))
+          }
+        } else {
+          // Update GROUP_MEMBER
+          updateGroupMembers(form.groupName, members)
+          // Update COLLABORATOR for group repositories
+          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
+            removeCollaborators(form.groupName, repositoryName)
+            members.foreach { case (userName, isManager) =>
+              addCollaborator(form.groupName, repositoryName, userName)
+            }
+          }
+        }
+
+        updateImage(form.groupName, form.fileId, form.clearImage)
+        redirect("/admin/users")
+
+      } getOrElse NotFound
+    }
+  })
+
+  get("/admin/data")(adminOnly {
+    import gitbucket.core.util.JDBCUtil._
+    val session = request2Session(request)
+    html.data(session.conn.allTableNames())
+  })
+
+  post("/admin/export")(adminOnly {
+    import gitbucket.core.util.JDBCUtil._
+    val session = request2Session(request)
+    val file = if(params("type") == "sql"){
+      session.conn.exportAsSQL(request.getParameterValues("tableNames").toSeq)
+    } else {
+      session.conn.exportAsXML(request.getParameterValues("tableNames").toSeq)
+    }
+
+    contentType = "application/octet-stream"
+    response.setHeader("Content-Disposition", "attachment; filename=" + file.getName)
+    response.setContentLength(file.length.toInt)
+
+    using(new FileInputStream(file)){ in =>
+      IOUtils.copy(in, response.outputStream)
+    }
+
+    ()
+  })
+
+  private def members: Constraint = new Constraint(){
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      if(value.split(",").exists {
+        _.split(":") match { case Array(userName, isManager) => isManager.toBoolean }
+      }) None else Some("Must select one manager at least.")
+    }
+  }
+
+  protected def disableByNotYourself(paramName: String): Constraint = new Constraint() {
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      params.get(paramName).flatMap { userName =>
+        if(userName == context.loginAccount.get.userName && params.get("removed") == Some("true"))
+          Some("You can't disable your account yourself")
+        else
+          None
+      }
+    }
+  }
+
 }
--- a/src/main/scala/gitbucket/core/controller/UserManagementController.scala
+++ b/src/main/scala/gitbucket/core/controller/UserManagementController.scala
@@ -1,204 +0,0 @@
-package gitbucket.core.controller
-
-import gitbucket.core.service.{RepositoryService, AccountService}
-import gitbucket.core.admin.users.html
-import gitbucket.core.util._
-import gitbucket.core.util.ControlUtil._
-import gitbucket.core.util.StringUtil._
-import gitbucket.core.util.Implicits._
-import gitbucket.core.util.Directory._
-import jp.sf.amateras.scalatra.forms._
-import org.scalatra.i18n.Messages
-import org.apache.commons.io.FileUtils
-
-class UserManagementController extends UserManagementControllerBase
-  with AccountService with RepositoryService with AdminAuthenticator
-
-trait UserManagementControllerBase extends AccountManagementControllerBase {
-  self: AccountService with RepositoryService with AdminAuthenticator =>
-  
-  case class NewUserForm(userName: String, password: String, fullName: String,
-                         mailAddress: String, isAdmin: Boolean,
-                         url: Option[String], fileId: Option[String])
-
-  case class EditUserForm(userName: String, password: Option[String], fullName: String,
-                          mailAddress: String, isAdmin: Boolean, url: Option[String],
-                          fileId: Option[String], clearImage: Boolean, isRemoved: Boolean)
-
-  case class NewGroupForm(groupName: String, url: Option[String], fileId: Option[String],
-                          members: String)
-
-  case class EditGroupForm(groupName: String, url: Option[String], fileId: Option[String],
-                           members: String, clearImage: Boolean, isRemoved: Boolean)
-
-  val newUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier, uniqueUserName))),
-    "password"    -> trim(label("Password"     ,text(required, maxlength(20)))),
-    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
-    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress()))),
-    "isAdmin"     -> trim(label("User Type"    ,boolean())),
-    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
-    "fileId"      -> trim(label("File ID"      ,optional(text())))
-  )(NewUserForm.apply)
-
-  val editUserForm = mapping(
-    "userName"    -> trim(label("Username"     ,text(required, maxlength(100), identifier))),
-    "password"    -> trim(label("Password"     ,optional(text(maxlength(20))))),
-    "fullName"    -> trim(label("Full Name"    ,text(required, maxlength(100)))),
-    "mailAddress" -> trim(label("Mail Address" ,text(required, maxlength(100), uniqueMailAddress("userName")))),
-    "isAdmin"     -> trim(label("User Type"    ,boolean())),
-    "url"         -> trim(label("URL"          ,optional(text(maxlength(200))))),
-    "fileId"      -> trim(label("File ID"      ,optional(text()))),
-    "clearImage"  -> trim(label("Clear image"  ,boolean())),
-    "removed"     -> trim(label("Disable"      ,boolean(disableByNotYourself("userName"))))
-  )(EditUserForm.apply)
-
-  val newGroupForm = mapping(
-    "groupName" -> trim(label("Group name" ,text(required, maxlength(100), identifier, uniqueUserName))),
-    "url"       -> trim(label("URL"        ,optional(text(maxlength(200))))),
-    "fileId"    -> trim(label("File ID"    ,optional(text()))),
-    "members"   -> trim(label("Members"    ,text(required, members)))
-  )(NewGroupForm.apply)
-
-  val editGroupForm = mapping(
-    "groupName"  -> trim(label("Group name"  ,text(required, maxlength(100), identifier))),
-    "url"        -> trim(label("URL"         ,optional(text(maxlength(200))))),
-    "fileId"     -> trim(label("File ID"     ,optional(text()))),
-    "members"    -> trim(label("Members"     ,text(required, members))),
-    "clearImage" -> trim(label("Clear image" ,boolean())),
-    "removed"    -> trim(label("Disable"     ,boolean()))
-  )(EditGroupForm.apply)
-
-  get("/admin/users")(adminOnly {
-    val includeRemoved = params.get("includeRemoved").map(_.toBoolean).getOrElse(false)
-    val users          = getAllUsers(includeRemoved)
-    val members        = users.collect { case account if(account.isGroupAccount) =>
-      account.userName -> getGroupMembers(account.userName).map(_.userName)
-    }.toMap
-
-    html.list(users, members, includeRemoved)
-  })
-  
-  get("/admin/users/_newuser")(adminOnly {
-    html.user(None)
-  })
-  
-  post("/admin/users/_newuser", newUserForm)(adminOnly { form =>
-    createAccount(form.userName, sha1(form.password), form.fullName, form.mailAddress, form.isAdmin, form.url)
-    updateImage(form.userName, form.fileId, false)
-    redirect("/admin/users")
-  })
-  
-  get("/admin/users/:userName/_edituser")(adminOnly {
-    val userName = params("userName")
-    html.user(getAccountByUserName(userName, true))
-  })
-  
-  post("/admin/users/:name/_edituser", editUserForm)(adminOnly { form =>
-    val userName = params("userName")
-    getAccountByUserName(userName, true).map { account =>
-
-      if(form.isRemoved){
-        // Remove repositories
-        getRepositoryNamesOfUser(userName).foreach { repositoryName =>
-          deleteRepository(userName, repositoryName)
-          FileUtils.deleteDirectory(getRepositoryDir(userName, repositoryName))
-          FileUtils.deleteDirectory(getWikiRepositoryDir(userName, repositoryName))
-          FileUtils.deleteDirectory(getTemporaryDir(userName, repositoryName))
-        }
-        // Remove from GROUP_MEMBER, COLLABORATOR and REPOSITORY
-        removeUserRelatedData(userName)
-      }
-
-      updateAccount(account.copy(
-        password     = form.password.map(sha1).getOrElse(account.password),
-        fullName     = form.fullName,
-        mailAddress  = form.mailAddress,
-        isAdmin      = form.isAdmin,
-        url          = form.url,
-        isRemoved    = form.isRemoved))
-
-      updateImage(userName, form.fileId, form.clearImage)
-      redirect("/admin/users")
-
-    } getOrElse NotFound
-  })
-
-  get("/admin/users/_newgroup")(adminOnly {
-    html.group(None, Nil)
-  })
-
-  post("/admin/users/_newgroup", newGroupForm)(adminOnly { form =>
-    createGroup(form.groupName, form.url)
-    updateGroupMembers(form.groupName, form.members.split(",").map {
-      _.split(":") match {
-        case Array(userName, isManager) => (userName, isManager.toBoolean)
-      }
-    }.toList)
-    updateImage(form.groupName, form.fileId, false)
-    redirect("/admin/users")
-  })
-
-  get("/admin/users/:groupName/_editgroup")(adminOnly {
-    defining(params("groupName")){ groupName =>
-      html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName))
-    }
-  })
-
-  post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form =>
-    defining(params("groupName"), form.members.split(",").map {
-      _.split(":") match {
-        case Array(userName, isManager) => (userName, isManager.toBoolean)
-      }
-    }.toList){ case (groupName, members) =>
-      getAccountByUserName(groupName, true).map { account =>
-        updateGroup(groupName, form.url, form.isRemoved)
-
-        if(form.isRemoved){
-          // Remove from GROUP_MEMBER
-          updateGroupMembers(form.groupName, Nil)
-          // Remove repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            deleteRepository(groupName, repositoryName)
-            FileUtils.deleteDirectory(getRepositoryDir(groupName, repositoryName))
-            FileUtils.deleteDirectory(getWikiRepositoryDir(groupName, repositoryName))
-            FileUtils.deleteDirectory(getTemporaryDir(groupName, repositoryName))
-          }
-        } else {
-          // Update GROUP_MEMBER
-          updateGroupMembers(form.groupName, members)
-          // Update COLLABORATOR for group repositories
-          getRepositoryNamesOfUser(form.groupName).foreach { repositoryName =>
-            removeCollaborators(form.groupName, repositoryName)
-            members.foreach { case (userName, isManager) =>
-              addCollaborator(form.groupName, repositoryName, userName)
-            }
-          }
-        }
-
-        updateImage(form.groupName, form.fileId, form.clearImage)
-        redirect("/admin/users")
-
-      } getOrElse NotFound
-    }
-  })
-
-  private def members: Constraint = new Constraint(){
-    override def validate(name: String, value: String, messages: Messages): Option[String] = {
-      if(value.split(",").exists {
-        _.split(":") match { case Array(userName, isManager) => isManager.toBoolean }
-      }) None else Some("Must select one manager at least.")
-    }
-  }
-
-  protected def disableByNotYourself(paramName: String): Constraint = new Constraint() {
-    override def validate(name: String, value: String, messages: Messages): Option[String] = {
-      params.get(paramName).flatMap { userName =>
-        if(userName == context.loginAccount.get.userName && params.get("removed") == Some("true"))
-          Some("You can't disable your account yourself")
-        else
-          None
-      }
-    }
-  }
-}
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`ALTER TABLE ACCOUNT ADD COLUMN REMOVED BOOLEAN DEFAULT FALSE;`
				`@@ -1 +0,0 @@`
				`ALTER TABLE COMMIT_COMMENT ALTER COLUMN FILE_NAME NVARCHAR(260);`