Update `CONTRIBUTING.md` (#24492)

Previously, the `CONTRIBUTING` was severely outdated in certain aspects
such as workflows.
These sections have been brought up to date.
Furthermore, the `CONTRIBUTING` now mentions the TOC, how it is
structured, elected, and its duties.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: delvh <dev.lh@web.de>
This commit is contained in:
John Olheiser 2023-05-23 07:22:40 -05:00 committed by GitHub
parent 16a766cba1
commit 116066ecfa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 387 additions and 266 deletions

View File

@ -1,75 +1,157 @@
# Contribution Guidelines # Contribution Guidelines
## Table of Contents <details><summary>Table of Contents</summary>
- [Contribution Guidelines](#contribution-guidelines) - [Contribution Guidelines](#contribution-guidelines)
- [Table of Contents](#table-of-contents)
- [Introduction](#introduction) - [Introduction](#introduction)
- [Bug reports](#bug-reports) - [Issues](#issues)
- [Discuss your design](#discuss-your-design) - [How to report issues](#how-to-report-issues)
- [Testing redux](#testing-redux) - [Types of issues](#types-of-issues)
- [Vendoring](#vendoring) - [Discuss your design before the implementation](#discuss-your-design-before-the-implementation)
- [Translation](#translation)
- [Building Gitea](#building-gitea) - [Building Gitea](#building-gitea)
- [Code review](#code-review) - [Dependencies](#dependencies)
- [Styleguide](#styleguide) - [Backend](#backend)
- [Frontend](#frontend)
- [Design guideline](#design-guideline) - [Design guideline](#design-guideline)
- [Styleguide](#styleguide)
- [Copyright](#copyright)
- [Testing](#testing)
- [Translation](#translation)
- [Code review](#code-review)
- [Pull request format](#pull-request-format)
- [PR title and summary](#pr-title-and-summary)
- [Milestone](#milestone)
- [Labels](#labels)
- [Breaking PRs](#breaking-prs)
- [What is a breaking PR?](#what-is-a-breaking-pr)
- [How to handle breaking PRs?](#how-to-handle-breaking-prs)
- [Maintaining open PRs](#maintaining-open-prs)
- [Getting PRs merged](#getting-prs-merged)
- [Final call](#final-call)
- [Commit messages](#commit-messages)
- [PR Co-authors](#pr-co-authors)
- [PRs targeting `main`](#prs-targeting-main)
- [Backport PRs](#backport-prs)
- [Documentation](#documentation)
- [API v1](#api-v1) - [API v1](#api-v1)
- [GitHub API compatability](#github-api-compatability)
- [Adding/Maintaining API routes](#addingmaintaining-api-routes)
- [When to use what HTTP method](#when-to-use-what-http-method)
- [Requirements for API routes](#requirements-for-api-routes)
- [Backports and Frontports](#backports-and-frontports)
- [What is backported?](#what-is-backported)
- [How to backport?](#how-to-backport)
- [Format of backport PRs](#format-of-backport-prs)
- [Frontports](#frontports)
- [Developer Certificate of Origin (DCO)](#developer-certificate-of-origin-dco) - [Developer Certificate of Origin (DCO)](#developer-certificate-of-origin-dco)
- [Release Cycle](#release-cycle) - [Release Cycle](#release-cycle)
- [Maintainers](#maintainers) - [Maintainers](#maintainers)
- [Owners](#owners) - [Technical Oversight Committee (TOC)](#technical-oversight-committee-toc)
- [Current TOC members](#current-toc-members)
- [Previous TOC/owners members](#previous-tocowners-members)
- [Governance Compensation](#governance-compensation)
- [TOC \& Working groups](#toc--working-groups)
- [Roadmap](#roadmap)
- [Versions](#versions) - [Versions](#versions)
- [Releasing Gitea](#releasing-gitea) - [Releasing Gitea](#releasing-gitea)
- [Copyright](#copyright)
</details>
## Introduction ## Introduction
This document explains how to contribute changes to the Gitea project. This document explains how to contribute changes to the Gitea project. \
It assumes you have followed the It assumes you have followed the [installation instructions](https://docs.gitea.io/en-us/). \
[installation instructions](https://docs.gitea.io/en-us/). Sensitive security-related issues should be reported to [security@gitea.io](mailto:security@gitea.io).
Sensitive security-related issues should be reported to
[security@gitea.io](mailto:security@gitea.io).
For configuring IDE or code editor to develop Gitea see [IDE and code editor configuration](contrib/ide/) For configuring IDEs for Gitea development, see the [contributed IDE configurations](contrib/ide/).
## Bug reports ## Issues
Please search the issues on the issue tracker with a variety of keywords ### How to report issues
to ensure your bug is not already reported.
If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new) Please search the issues on the issue tracker with a variety of related keywords to ensure that your issue has not already been reported.
and answer the questions so we can understand and reproduce the
problematic behavior.
To show us that the issue you are having is in Gitea itself, please If your issue has not been reported yet, [open an issue](https://github.com/go-gitea/gitea/issues/new)
write clear, concise instructions so we can reproduce the behavior— and answer the questions so we can understand and reproduce the problematic behavior. \
even if it seems obvious. The more detailed and specific you are, Please write clear and concise instructions so that we can reproduce the behavior — even if it seems obvious. \
the faster we can fix the issue. Check out [How to Report Bugs The more detailed and specific you are, the faster we can fix the issue. \
Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html). It is really helpful if you can reproduce your problem on a site running on the latest commits, i.e. <https://try.gitea.io>, as perhaps your problem has already been fixed on a current version. \
Please follow the guidelines described in [How to Report Bugs Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html) for your report.
Please be kind, remember that Gitea comes at no cost to you, and you're Please be kind, remember that Gitea comes at no cost to you, and you're getting free help.
getting free help.
## Discuss your design ### Types of issues
The project welcomes submissions. If you want to change or add something, Typically, issues fall in one of the following categories:
please let everyone know what you're working on—[file an issue](https://github.com/go-gitea/gitea/issues/new)!
Significant changes must go through the change proposal process
before they can be accepted. To create a proposal, file an issue with
your proposed changes documented, and make sure to note in the title
of the issue that it is a proposal.
This process gives everyone a chance to validate the design, helps - `bug`: Something in the frontend or backend behaves unexpectedly
prevent duplication of effort, and ensures that the idea fits inside - `security issue`: bug that has serious implications such as leaking another users data. Please do not file such issues on the public tracker and send a mail to security@gitea.io instead
the goals for the project and tools. It also checks that the design is - `feature`: Completely new functionality. You should describe this feature in enough detail that anyone who reads the issue can understand how it is supposed to be implemented
sound before code is written; the code review tool is not the place for - `enhancement`: An existing feature should get an upgrade
high-level discussions. - `refactoring`: Parts of the code base don't conform with other parts and should be changed to improve Gitea's maintainability
## Testing redux ### Discuss your design before the implementation
Before submitting a pull request, run all the tests for the whole tree We welcome submissions. \
to make sure your changes don't cause regression elsewhere. If you want to change or add something, please let everyone know what you're working on — [file an issue](https://github.com/go-gitea/gitea/issues/new) or comment on an existing one before starting your work!
Significant changes such as new features must go through the change proposal process before they can be accepted. \
This is mainly to save yourself the trouble of implementing it, only to find out that your proposed implementation has some potential problems. \
Furthermore, this process gives everyone a chance to validate the design, helps prevent duplication of effort, and ensures that the idea fits inside
the goals for the project and tools.
Pull requests should not be the place for architecture discussions.
## Building Gitea
See the [development setup instructions](https://docs.gitea.com/development/hacking-on-gitea).
## Dependencies
### Backend
Go dependencies are managed using [Go Modules](https://golang.org/cmd/go/#hdr-Module_maintenance). \
You can find more details in the [go mod documentation](https://go.dev/ref/mod) and the [Go Modules Wiki](https://github.com/golang/go/wiki/Modules).
Pull requests should only modify `go.mod` and `go.sum` where it is related to your change, be it a bugfix or a new feature. \
Apart from that, these files should only be modified by Pull Requests whose only purpose is to update dependencies.
The `go.mod`, `go.sum` update needs to be justified as part of the PR description,
and must be verified by the reviewers and/or merger to always reference
an existing upstream commit.
### Frontend
For the frontend, we use [npm](https://www.npmjs.com/).
The same restrictions apply for frontend dependencies as for backend dependencies, with the exceptions that the files for it are `package.json` and `package-lock.json`, and that new versions must always reference an existing version.
## Design guideline
Depending on your change, please read the
- [backend development guideline](https://docs.gitea.com/contributing/guidelines-backend)
- [frontend development guideline](https://docs.gitea.com/contributing/guidelines-frontend)
- [refactoring guideline](https://docs.gitea.com/contributing/guidelines-refactoring)
## Styleguide
You should always run `make fmt` before committing to conform to Gitea's styleguide.
## Copyright
New code files that you contribute should use the standard copyright header:
```
// Copyright <current year> The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
```
Afterwards, copyright should only be modified when the copyright author changes.
## Testing
Before submitting a pull request, run all tests to make sure your changes don't cause a regression elsewhere.
Here's how to run the test suite: Here's how to run the test suite:
@ -77,256 +159,304 @@ Here's how to run the test suite:
| | | | | |
| :-------------------- | :---------------------------------------------------------------- | | :-------------------- | :---------------------------------------------------------------- |
|``make lint`` | lint everything (not suggest if you only change one type code) | |``make lint`` | lint everything (not needed if you only change the front- **or** backend) |
|``make lint-frontend`` | lint frontend files | |``make lint-frontend`` | lint frontend files |
|``make lint-backend`` | lint backend files | |``make lint-backend`` | lint backend files |
- run test code (Suggest run in Linux) - run tests (we suggest running them on Linux)
| | | | Command | Action | |
| :------------------------------------- | :----------------------------------------------- | | :------------------------------------- | :----------------------------------------------- | ------------ |
|``make test[\#TestSpecificName]`` | run unit test | |``make test[\#SpecificTestName]`` | run unit test(s) |
|``make test-sqlite[\#TestSpecificName]``| run [integration](tests/integration) test for SQLite | |``make test-sqlite[\#SpecificTestName]``| run [integration](tests/integration) test(s) for SQLite |[More details](tests/integration/README.md) |
|[More details about integration tests](tests/integration/README.md) | |``make test-e2e-sqlite[\#SpecificTestName]``| run [end-to-end](tests/e2e) test(s) for SQLite |[More details](tests/e2e/README.md) |
|``make test-e2e-sqlite[\#TestSpecificFileName]``| run [end-to-end](tests/e2e) test for SQLite |
|[More details about e2e tests](tests/e2e/README.md) |
## Vendoring
We manage dependencies via [Go Modules](https://golang.org/cmd/go/#hdr-Module_maintenance), more details: [go mod](https://go.dev/ref/mod).
Pull requests should only include `go.mod`, `go.sum` updates if they are part of
the same change, be it a bugfix or a feature addition.
The `go.mod`, `go.sum` update needs to be justified as part of the PR description,
and must be verified by the reviewers and/or merger to always reference
an existing upstream commit.
You can find more information on how to get started with it on the [Modules Wiki](https://github.com/golang/go/wiki/Modules).
## Translation ## Translation
We do all translation work inside [Crowdin](https://crowdin.com/project/gitea). All translation work happens on [Crowdin](https://crowdin.com/project/gitea).
The only translation that is maintained in this Git repository is The only translation that is maintained in this repository is [the English translation](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini).
[`en_US.ini`](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini) It is synced regularly with Crowdin. \
and is synced regularly to Crowdin. Once a translation has reached Other locales on main branch **should not** be updated manually as they will be overwritten with each sync. \
A SATISFACTORY PERCENTAGE it will be synced back into this repo and Once a language has reached a **satisfactory percentage** of translated keys (~25%), it will be synced back into this repo and included in the next released version.
included in the next released version.
## Building Gitea The tool `go run build/backport-locale.go` can be used to backport locales from the main branch to release branches that were missed.
See the [hacking instructions](https://docs.gitea.io/en-us/hacking-on-gitea/).
## Code review ## Code review
Changes to Gitea must be reviewed before they are accepted—no matter who ### Pull request format
makes the change, even if they are an owner or a maintainer. We use GitHub's
pull request workflow to do that. Every PR is reviewed by at least 2 maintainers.
Please try to make your pull request easy to review for us. And, please read Please try to make your pull request easy to review for us. \
the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews)* guide; For that, please read the [*Best Practices for Faster Reviews*](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews) guide. \
it has lots of useful tips for any project you may want to contribute. It has lots of useful tips for any project you may want to contribute to. \
Some of the key points: Some of the key points:
- Make small pull requests. The smaller, the faster to review and the - Make small pull requests. \
more likely it will be merged soon. The smaller, the faster to review and the more likely it will be merged soon.
- Don't make changes unrelated to your PR. Maybe there are typos on - Don't make changes unrelated to your PR. \
some comments, maybe refactoring would be welcome on a function... but Maybe there are typos on some comments, maybe refactoring would be welcome on a function... \
if that is not related to your PR, please make *another* PR for that. but if that is not related to your PR, please make *another* PR for that.
- Split big pull requests into multiple small ones. An incremental change - Split big pull requests into multiple small ones. \
will be faster to review than a huge PR. An incremental change will be faster to review than a huge PR.
- Use the first comment as a summary explainer of your PR and you should keep this up-to-date as the PR evolves. - Allow edits by maintainers. This way, the maintainers will take care of merging the PR later on instead of you.
If your PR could cause a breaking change you must add a BREAKING section to this comment e.g.: ### PR title and summary
In the PR title, describe the problem you are fixing, not how you are fixing it. \
Use the first comment as a summary of your PR. \
In the PR summary, you can describe exactly how you are fixing this problem. \
Keep this summary up-to-date as the PR evolves. \
If your PR changes the UI, you must add **after** screenshots in the PR summary. \
If you are not implementing a new feature, you should also post **before** screenshots for comparison. \
If your PR closes some issues, you must note that in a way that both GitHub and Gitea understand, i.e. by appending a paragraph like
```text
Fixes/Closes/Resolves #<ISSUE_NR_X>.
Fixes/Closes/Resolves #<ISSUE_NR_Y>.
```
to your summary. \
Each issue that will be closed must stand on a separate line.
### Milestone
A PR should only be assigned to a milestone if it will likely be merged into the given version. \
As a rule of thumb, assume that a PR will stay open for an additional month for every 100 added lines. \
PRs without a milestone may not be merged.
### Labels
Every PR should be labeled correctly with every label that applies. \
This includes especially the distinction between `bug` (fixing existing functionality), `feature` (new functionality), `enhancement` (upgrades for existing functionality), and `refactoring` (improving the internal code structure without changing the output (much)). \
Furthermore,
- the amount of pending required approvals
- whether this PR is `blocked`, a `backport` or `breaking`
- if it targets the `ui` or `api`
- if it increases the application `speed`
- reduces `memory usage`
are oftentimes notable labels.
### Breaking PRs
#### What is a breaking PR?
A PR is breaking if it meets one of the following criteria:
- It changes API output in an incompatible way for existing users
- It removes a setting that an admin could previously set (i.e. via `app.ini`)
- An admin must do something manually to restore the old behavior
In particular, this means that adding new settings is not breaking.\
Changing the default value of a setting or replacing the setting with another one is breaking, however.
#### How to handle breaking PRs?
If your PR has a breaking change, you must add a `BREAKING` section to your PR summary, e.g.
``` ```
## :warning: BREAKING :warning: ## :warning: BREAKING :warning:
``` ```
To explain how this could affect users and how to mitigate these changes. To explain how this will affect users and how to mitigate these changes.
Once code review starts on your PR, do not rebase nor squash your branch as it makes it ### Maintaining open PRs
difficult to review the new changes. Only if there is a need, sync your branch by merging
the base branch into yours. Don't worry about merge commits messing up your tree as
the final merge process squashes all commits into one, with the visible commit message (first
line) being the PR title + PR index and description being the PR's first comment.
Once your PR gets the `lgtm/done` label, don't worry about keeping it up-to-date or breaking The moment you create a non-draft PR or the moment you convert a draft PR to a non-draft PR is the moment code review starts for it. \
builds (unless there's a merge conflict or a request is made by a maintainer to make Once that happens, do not rebase or squash your branch anymore as it makes it difficult to review the new changes. \
modifications). It is the maintainer team's responsibility from this point to get it merged. Merge the base branch into your branch only when you really need to, i.e. because of conflicting changes in the mean time. \
This reduces unnecessary CI runs. \
Don't worry about merge commits messing up your commit history as every PR will be squash merged. \
This means that all changes are joined into a single new commit whose message is as described below.
## Styleguide ### Getting PRs merged
For imports you should use the following format (*without* the comments) Changes to Gitea must be reviewed before they are accepted — no matter who
makes the change, even if they are an owner or a maintainer. \
The only exception are critical bugs that prevent Gitea from being compiled or started. \
Specifically, we require two approvals from maintainers for every PR. \
Once this criteria has been met, your PR receives the `lgtm/done` label. \
From this point on, your only responsibility is to fix merge conflicts or respond to/implement requests by maintainers. \
It is the responsibility of the maintainers from this point to get your PR merged.
```go If a PR has the `lgtm/done` label and there are no open discussions or merge conflicts anymore, any maintainer can add the `reviewed/wait-merge` label. \
import ( This label means that the PR is part of the merge queue and will be merged as soon as possible. \
// stdlib The merge queue will be cleared in the order of the list below:
"fmt"
"math"
// local packages <https://github.com/go-gitea/gitea/pulls?q=is%3Apr+label%3Areviewed%2Fwait-merge+sort%3Acreated-asc+is%3Aopen>
"code.gitea.io/gitea/models"
"code.gitea.io/sdk/gitea"
// external packages Gitea uses it's own tool, the <https://github.com/GiteaBot/gitea-backporter> to automate parts of the review process. \
"github.com/foo/bar" This tool does the things listed below automatically:
"gopkg.io/baz.v1"
) - create a backport PR if needed once the initial PR was merged
- remove the PR from the merge queue after the PR merged
- keep the oldest branch in the merge queue up to date with merges
### Final call
If a PR has been ignored for more than 7 days with no comments or reviews, and the author or any maintainer believes it will not survive a long wait (such as a refactoring PR), they can send "final call" to the TOC by mentioning them in a comment.
After another 7 days, if there is still zero approval, this is considered a polite refusal, and the PR will be closed to avoid wasting further time. Therefore, the "final call" has a cost, and should be used cautiously.
However, if there are no objections from maintainers, the PR can be merged with only one approval from the TOC (not the author).
### Commit messages
Mergers are able and required to rewrite the PR title and summary (the first comment of a PR) so that it can produce an easily understandable commit message if necessary. \
The final commit message should no longer contain any uncertainty such as `hopefully, <x> won't happen anymore`. Replace uncertainty with certainty.
#### PR Co-authors
A person counts as a PR co-author the moment they (co-)authored a commit that is not simply a `Merge base branch into branch` commit. \
Mergers are required to remove such "false-positive" co-authors when writing the commit message. \
The true co-authors must remain in the commit message.
#### PRs targeting `main`
The commit message of PRs targeting `main` is always
```bash
$PR_TITLE ($PR_INDEX)
$REWRITTEN_PR_SUMMARY
``` ```
## Design guideline #### Backport PRs
To maintain understandable code and avoid circular dependencies it is important to have a good structure of the code. The Gitea code is divided into the following parts: The commit message of backport PRs is always
- **models:** Contains the data structures used by xorm to construct database tables. It also contains supporting functions to query and update the database. Dependencies to other code in Gitea should be avoided although some modules might be needed (for example for logging). ```bash
- **models/fixtures:** Sample model data used in integration tests. $PR_TITLE ($INITIAL_PR_INDEX) ($BACKPORT_PR_INDEX)
- **models/migrations:** Handling of database migrations between versions. PRs that changes a database structure shall also have a migration step.
- **modules:** Different modules to handle specific functionality in Gitea. Shall only depend on other modules but not other packages (models, services). $REWRITTEN_PR_SUMMARY
- **public:** Frontend files (javascript, images, css, etc.) ```
- **routers:** Handling of server requests. As it uses other Gitea packages to serve the request, other packages (models, modules or services) shall not depend on routers.
- **services:** Support functions for common routing operations. Uses models and modules to handle the request.
- **templates:** Golang templates for generating the html output.
- **tests/e2e:** End to end tests
- **tests/integration:** Integration tests
- **tests/gitea-repositories-meta:** Sample repos used in integration tests. Adding a new repo requires editing `models/fixtures/repositories.yml` and `models/fixtures/repo_unit.yml` to match.
- **tests/gitea-lfs-meta:** Sample LFS objects used in integration tests. Adding a new object requires editing `models/fixtures/lfs_meta_object.yml` to match.
- **vendor:** External code that Gitea depends on.
## Documentation ## Documentation
If you add a new feature or change an existing aspect of Gitea, the documentation for that feature must be created or updated. If you add a new feature or change an existing aspect of Gitea, the documentation for that feature must be created or updated in the same PR.
## API v1 ## API v1
The API is documented by [swagger](http://try.gitea.io/api/swagger) and is based on [GitHub API v3](https://developer.github.com/v3/). The API is documented by [swagger](http://try.gitea.io/api/swagger) and is based on [the GitHub API](https://docs.github.com/en/rest).
Thus, Gitea´s API should use the same endpoints and fields as GitHub´s API as far as possible, unless there are good reasons to deviate. ### GitHub API compatability
If Gitea provides functionality that GitHub does not, a new endpoint can be created. Gitea's API should use the same endpoints and fields as the GitHub API as far as possible, unless there are good reasons to deviate. \
If Gitea provides functionality that GitHub does not, a new endpoint can be created. \
If information is provided by Gitea that is not provided by the GitHub API, a new field can be used that doesn't collide with any GitHub fields. \
Updating an existing API should not remove existing fields unless there is a really good reason to do so. \
The same applies to status responses. If you notice a problem, feel free to leave a comment in the code for future refactoring to API v2 (which is currently not planned).
If information is provided by Gitea that is not provided by the GitHub API, a new field can be used that doesn't collide with any GitHub fields. ### Adding/Maintaining API routes
Updating an existing API should not remove existing fields unless there is a really good reason to do so. All expected results (errors, success, fail messages) must be documented ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L319-L327)). \
All JSON input types must be defined as a struct in [modules/structs/](modules/structs/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L76-L91)) \
and referenced in [routers/api/v1/swagger/options.go](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/options.go). \
They can then be used like [this example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L318). \
All JSON responses must be defined as a struct in [modules/structs/](modules/structs/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L36-L68)) \
and referenced in its category in [routers/api/v1/swagger/](routers/api/v1/swagger/) ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/issue.go#L11-L16)) \
They can be used like [this example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L277-L279).
The same applies to status responses. If you notice a problem, feel free to leave a comment in the code for future refactoring to APIv2 (which is currently not planned). ### When to use what HTTP method
All expected results (errors, success, fail messages) should be documented
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L319-L327)).
All JSON input types must be defined as a struct in [modules/structs/](modules/structs/)
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L76-L91))
and referenced in
[routers/api/v1/swagger/options.go](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/options.go).
They can then be used like the following:
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L318)).
All JSON responses must be defined as a struct in [modules/structs/](modules/structs/)
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L36-L68))
and referenced in its category in [routers/api/v1/swagger/](routers/api/v1/swagger/)
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/issue.go#L11-L16))
They can be used like the following:
([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L277-L279))
In general, HTTP methods are chosen as follows: In general, HTTP methods are chosen as follows:
- **GET** endpoints return requested object and status **OK (200)** - **GET** endpoints return the requested object(s) and status **OK (200)**
- **DELETE** endpoints return status **No Content (204)** - **DELETE** endpoints return the status **No Content (204)** and no content either
- **POST** endpoints return status **Created (201)**, used to **create** new objects (e.g. a User) - **POST** endpoints are used to **create** new objects (e.g. a User) and return the status **Created (201)** and the created object
- **PUT** endpoints return status **No Content (204)**, used to **add/assign** existing Objects (e.g. User) to something (e.g. Org-Team) - **PUT** endpoints are used to **add/assign** existing Objects (e.g. a user to a team) and return the status **No Content (204)** and no content either
- **PATCH** endpoints return changed object and status **OK (200)**, used to **edit/change** an existing object - **PATCH** endpoints are used to **edit/change** an existing object and return the changed object and the status **OK (200)**
An endpoint which changes/edits an object expects all fields to be optional (except ones to identify the object, which are required). ### Requirements for API routes
### Endpoints returning lists should All parameters of endpoints changing/editing an object must be optional (except the ones to identify the object, which are required).
Endpoints returning lists must
- support pagination (`page` & `limit` options in query) - support pagination (`page` & `limit` options in query)
- set `X-Total-Count` header via **SetTotalCountHeader** ([example](https://github.com/go-gitea/gitea/blob/7aae98cc5d4113f1e9918b7ee7dd09f67c189e3e/routers/api/v1/repo/issue.go#L444)) - set `X-Total-Count` header via **SetTotalCountHeader** ([example](https://github.com/go-gitea/gitea/blob/7aae98cc5d4113f1e9918b7ee7dd09f67c189e3e/routers/api/v1/repo/issue.go#L444))
## Backports and Frontports ## Backports and Frontports
Occasionally backports of PRs are required. ### What is backported?
The backported PR title should be: We backport PRs given the following circumstances:
1. Feature freeze is active, but `<version>-rc0` has not been released yet. Here, we backport as much as possible. <!-- TODO: Is that our definition with the new backport bot? -->
2. `rc0` has been released. Here, we only backport bug- and security-fixes, and small enhancements. Large PRs such as refactors are not backported anymore. <!-- TODO: Is that our definition with the new backport bot? -->
3. We never backport new features.
4. We never backport breaking changes except when
1. The breaking change has no effect on the vast majority of users
2. The component triggering the breaking change is marked as experimental
### How to backport?
In the past, it was necessary to manually backport your PRs. \
Now, that's not a requirement anymore as our [backport bot](https://github.com/GiteaBot) tries to create backports automatically once the PR is merged when the PR
- does not have the label `backport/manual`
- has the label `backport/<version>`
The `backport/manual` label signifies either that you want to backport the change yourself, or that there were conflicts when backporting, thus you **must** do it yourself.
### Format of backport PRs
The title of backport PRs should be
``` ```
Title of backported PR (#ORIGINAL_PR_NUMBER) <original PR title> (#<original pr number>)
``` ```
The first two lines of the summary of the backporting PR should be: The first two lines of the summary of the backporting PR should be
``` ```
Backport #ORIGINAL_PR_NUMBER Backport #<original pr number>
``` ```
with the rest of the summary matching the original PR. Similarly for frontports with the rest of the summary and labels matching the original PR.
--- ### Frontports
A command to help create backports can be found in `contrib/backport` and can be installed (from inside the gitea repo root directory) using: Frontports behave exactly as described above for backports.
```bash
go install contrib/backport/backport.go
```
## Developer Certificate of Origin (DCO) ## Developer Certificate of Origin (DCO)
We consider the act of contributing to the code by submitting a Pull We consider the act of contributing to the code by submitting a Pull Request as the "Sign off" or agreement to the certifications and terms of the [DCO](DCO) and [MIT license](LICENSE). \
Request as the "Sign off" or agreement to the certifications and terms No further action is required. \
of the [DCO](DCO) and [MIT license](LICENSE). No further action is required. You can also decide to sign off your commits by adding the following line at the end of your commit messages:
Additionally you could add a line at the end of your commit message.
``` ```
Signed-off-by: Joe Smith <joe.smith@email.com> Signed-off-by: Joe Smith <joe.smith@email.com>
``` ```
If you set your `user.name` and `user.email` Git configs, you can add the If you set the `user.name` and `user.email` Git config options, you can add the line to the end of your commits automatically with `git commit -s`.
line to the end of your commit automatically with `git commit -s`.
We assume in good faith that the information you provide is legally binding. We assume in good faith that the information you provide is legally binding.
## Release Cycle ## Release Cycle
We adopted a release schedule to streamline the process of working We adopted a release schedule to streamline the process of working on, finishing, and issuing releases. \
on, finishing, and issuing releases. The overall goal is to make a The overall goal is to make a major release every three or four months, which breaks down into two or three months of general development followed by one month of testing and polishing known as the release freeze. \
minor release every three or four months, which breaks down into two or three months of All the feature pull requests should be
general development followed by one month of testing and polishing
known as the release freeze. All the feature pull requests should be
merged before feature freeze. And, during the frozen period, a corresponding merged before feature freeze. And, during the frozen period, a corresponding
release branch is open for fixes backported from main branch. Release candidates release branch is open for fixes backported from main branch. Release candidates
are made during this period for user testing to are made during this period for user testing to
obtain a final version that is maintained in this branch. obtain a final version that is maintained in this branch.
Major release cycles are seasonal. They always begin on the 25th and end on
the 24th (i.e., the 25th of December to March 24th).
During a development cycle, we may also publish any necessary minor releases During a development cycle, we may also publish any necessary minor releases
for the previous version. For example, if the latest, published release is for the previous version. For example, if the latest, published release is
v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are
still possible. still possible.
The previous release gets fixes for:
- Security issues
- Critical bugs
- Regressions
- Build issues
- Necessary enhancements (including necessary UI/UX fixes)
The backported fixes should avoid breaking downgrade between minor releases as much as possible.
## Maintainers ## Maintainers
To make sure every PR is checked, we have [team To make sure every PR is checked, we have [maintainers](MAINTAINERS). \
maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least Every PR **must** be reviewed by at least two maintainers (or owners) before it can get merged. \
two maintainers (or owners) before it can get merged. A maintainer For refactoring PRs after a week and documentation only PRs, the approval of only one maintainer is enough. \
should be a contributor of Gitea (or Gogs) and contributed at least A maintainer should be a contributor of Gitea and contributed at least
4 accepted PRs. A contributor should apply as a maintainer in the 4 accepted PRs. A contributor should apply as a maintainer in the
[Discord](https://discord.gg/NsatcWJ) #develop channel. The owners [Discord](https://discord.gg/Gitea) `#develop` channel. The team maintainers may invite the contributor. A maintainer
or the team maintainers may invite the contributor. A maintainer
should spend some time on code reviews. If a maintainer has no should spend some time on code reviews. If a maintainer has no
time to do that, they should apply to leave the maintainers team time to do that, they should apply to leave the maintainers team
and we will give them the honor of being a member of the [advisors and we will give them the honor of being a member of the [advisors
@ -340,69 +470,74 @@ if possible provide GPG signed commits.
https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/ https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
https://help.github.com/articles/signing-commits-with-gpg/ https://help.github.com/articles/signing-commits-with-gpg/
## Owners ## Technical Oversight Committee (TOC)
Since Gitea is a pure community organization without any company support, At the start of 2023, the `Owners` team was dissolved. Instead, the governance charter proposed a technical oversight committee (TOC) which expands the ownership team of the Gitea project from three elected positions to six positions. Three positions would be elected as it has been over the past years, and the other three would consist of appointed members from the Gitea company.
to keep the development healthy we will elect three owners every year. All https://blog.gitea.io/2023/02/gitea-quarterly-report-23q1/
contributors may vote to elect up to three candidates, one of which will
be the main owner, and the other two the assistant owners. When the new When the new community members have been elected, the old members will give up ownership to the newly elected members. For security reasons, TOC members or any account with write access (like a bot) must use 2FA.
owners have been elected, the old owners will give up ownership to the
newly elected owners. If an owner is unable to do so, the other owners
will assist in ceding ownership to the newly elected owners.
For security reasons, Owners or any account with write access (like a bot)
must use 2FA.
https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/ https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
After the election, the new owners should proactively agree ### Current TOC members
with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
[Discord](https://discord.gg/NsatcWJ) #general channel. Below are the
words to speak:
``` - 2023-01-01 ~ 2023-12-31 - https://blog.gitea.io/2023/02/gitea-quarterly-report-23q1/
I'm honored to having been elected an owner of Gitea, I agree with - Company
[CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea - [Jason Song](https://gitea.com/wolfogre) <i@wolfogre.com>
and lead the development of Gitea. - [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
``` - [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.io>
- Community
- [6543](https://gitea.com/6543) <6543@obermui.de>
- [Andrew Thornton](https://gitea.com/zeripath) <art27@cantab.net>
- [John Olheiser](https://gitea.com/jolheiser) <john.olheiser@gmail.com>
To honor the past owners, here's the history of the owners and the time ### Previous TOC/owners members
they served:
- 2022-01-01 ~ 2022-12-31 - https://github.com/go-gitea/gitea/issues/17872 Here's the history of the owners and the time they served:
- [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
- [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.io>
- [Andrew Thornton](https://gitea.com/zeripath) <art27@cantab.net>
- 2021-01-01 ~ 2021-12-31 - https://github.com/go-gitea/gitea/issues/13801 - [Lunny Xiao](https://gitea.com/lunny) - 2016, 2017, [2018](https://github.com/go-gitea/gitea/issues/3255), [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872)
- [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com> - [Kim Carlbäcker](https://github.com/bkcsoft) - 2016, 2017
- [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) <lauris@nix.lv> - [Thomas Boerger](https://gitea.com/tboerger) - 2016, 2017
- [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.io> - [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) - [2018](https://github.com/go-gitea/gitea/issues/3255), [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801)
- [Matti Ranta](https://gitea.com/techknowlogick) - [2019](https://github.com/go-gitea/gitea/issues/5572), [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872)
- [Andrew Thornton](https://gitea.com/zeripath) - [2020](https://github.com/go-gitea/gitea/issues/9230), [2021](https://github.com/go-gitea/gitea/issues/13801), [2022](https://github.com/go-gitea/gitea/issues/17872)
- 2020-01-01 ~ 2020-12-31 - https://github.com/go-gitea/gitea/issues/9230 ## Governance Compensation
- [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
- [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) <lauris@nix.lv>
- [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.io>
- 2019-01-01 ~ 2019-12-31 - https://github.com/go-gitea/gitea/issues/5572 Each member of the community elected TOC will be granted $500 each month as compensation for their work.
- [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
- [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
- [Matti Ranta](https://github.com/techknowlogick) <techknowlogick@gitea.io>
- 2018-01-01 ~ 2018-12-31 - https://github.com/go-gitea/gitea/issues/3255 Furthermore, any community release manager for a specific release or LTS will be compensated $500 for the delivery of said release.
- [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
- [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
- [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
- 2016-11-04 ~ 2017-12-31 These funds will come from community sources like the OpenCollective rather than directly from the company.
- [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com> Only non-company members are eligible for this compensation, and if a member of the community TOC takes the responsibility of release manager, they would only be compensated for their TOC duties.
- [Thomas Boerger](https://github.com/tboerger) <thomas@webhippie.de> Gitea Ltd employees are not eligible to receive any funds from the OpenCollective unless it is reimbursement for a purchase made for the Gitea project itself.
- [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
## TOC & Working groups
With Gitea covering many projects outside of the main repository, several groups will be created to help focus on specific areas instead of requiring maintainers to be a jack-of-all-trades. Maintainers are of course more than welcome to be part of multiple groups should they wish to contribute in multiple places.
The currently proposed groups are:
- **Core Group**: maintain the primary Gitea repository
- **Integration Group**: maintain the Gitea ecosystem's related tools, including go-sdk/tea/changelog/bots etc.
- **Documentation Group**: maintain related documents and repositories
- **Translation Group**: coordinate with translators and maintain translations
- **Security Group**: managed by TOC directly, members are decided by TOC, maintains security patches/responsible for security items
## Roadmap
Each year a roadmap will be discussed with the entire Gitea maintainers team, and feedback will be solicited from various stakeholders.
TOC members need to review the roadmap every year and work together on the direction of the project.
When a vote is required for a proposal or other change, the vote of community elected TOC members count slightly more than the vote of company elected TOC members. With this approach, we both avoid ties and ensure that changes align with the mission statement and community opinion.
You can visit our roadmap on the wiki.
## Versions ## Versions
Gitea has the `main` branch as a tip branch and has version branches Gitea has the `main` branch as a tip branch and has version branches
such as `release/v0.9`. `release/v0.9` is a release branch and we will such as `release/v1.19`. `release/v1.19` is a release branch and we will
tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept tag `v1.19.0` for binary download. If `v1.19.0` has bugs, we will accept
pull requests on the `release/v0.9` branch and publish a `v0.9.1` tag, pull requests on the `release/v1.19` branch and publish a `v1.19.1` tag,
after bringing the bug fix also to the main branch. after bringing the bug fix also to the main branch.
Since the `main` branch is a tip version, if you wish to use Gitea Since the `main` branch is a tip version, if you wish to use Gitea
@ -426,17 +561,3 @@ be reviewed by two maintainers and must pass the automatic tests.
- bump the version of https://dl.gitea.io/gitea/version.json - bump the version of https://dl.gitea.io/gitea/version.json
- merge the blog post PR - merge the blog post PR
- announce the release in discord `#announcements` - announce the release in discord `#announcements`
## Copyright
Code that you contribute should use the standard copyright header:
```
// Copyright <year> The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
```
Files in the repository contain copyright from the year they are added
to the year they are last changed. If the copyright author is changed,
just paste the header below the old one.